729 files changed, 428772 insertions, 0 deletions

diff --git a/lib/Makefile.am b/lib/Makefile.am
new file mode 100644
index 0000000..0b43ef9
--- /dev/null
+++ b/lib/Makefile.am
@@ -0,0 +1,279 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2000-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+ACLOCAL_AMFLAGS = -I ../m4 -I ../gl/m4
+
+EXTRA_DIST = priority_options.gperf common.mk inih/LICENSE.txt
+BUILT_SOURCES = pkix_asn1_tab.c gnutls_asn1_tab.c priority_options.h
+
+SUBDIRS = includes x509 auth ext algorithms extras accelerated
+
+if ENABLE_MINITASN1
+SUBDIRS += minitasn1
+endif
+
+localedir = $(datadir)/locale
+
+include $(top_srcdir)/lib/common.mk
+
+AM_CPPFLAGS = \
+	-DLOCALEDIR=\"$(localedir)\"		\
+	-I$(srcdir)/../gl			\
+	-I$(builddir)/../gl			\
+	-I$(builddir)/includes			\
+	-I$(builddir)/x509			\
+	-I$(srcdir)/includes			\
+	-I$(builddir)/includes			\
+	-I$(srcdir)/x509			\
+	$(LIBTASN1_CFLAGS)			\
+	$(P11_KIT_CFLAGS)			\
+	$(TSS2_CFLAGS)
+	$(LIBZSTD_CFLAGS)
+
+if !HAVE_LIBUNISTRING
+SUBDIRS += unistring
+AM_CPPFLAGS += -I$(srcdir)/unistring/ -I$(builddir)/unistring/
+endif
+
+if ENABLE_MINITASN1
+AM_CPPFLAGS += -I$(srcdir)/minitasn1
+endif
+
+# Pkg-config script.
+pkgconfigdir = $(libdir)/pkgconfig
+pkgconfig_DATA = gnutls.pc
+DISTCLEANFILES = $(pkgconfig_DATA)
+
+lib_LTLIBRARIES = libgnutls.la
+
+SRP_COBJECTS = srp.c
+
+PSK_COBJECTS = psk.c
+
+COBJECTS = range.c record.c compress.c debug.c cipher.c gthreads.h handshake-tls13.c \
+	mbuffers.c buffers.c handshake.c errors.c dh.c kx.c cipher-cbc.c \
+	priority.c hash_int.c cipher_int.c session.c db.c x509_b64.c	\
+	hello_ext.c auth.c sslv2_compat.c datum.c session_pack.c mpi.c \
+	pk.c cert-cred.c global.c constate.c anon_cred.c pkix_asn1_tab.c gnutls_asn1_tab.c	\
+	mem.c fingerprint.c tls-sig.c ecc.c alert.c privkey_raw.c atomic.h	\
+	system/certs.c system/threads.c system/fastopen.c system/sockets.c	\
+	str-iconv.c system.c profiles.c profiles.h inih/ini.c \
+	str.c str-unicode.c str-idna.c state.c cert-cred-x509.c file.c supplemental.c	\
+	random.c crypto-api.c crypto-api.h privkey.c pcert.c pubkey.c locks.c dtls.c \
+	system_override.c crypto-backend.c verify-tofu.c pin.c tpm.c fips.c	\
+	safe-memfuncs.c atfork.c atfork.h randomart.c name_val_array.h \
+	system-keys.h urls.c urls.h prf.c auto-verify.c dh-session.c \
+	cert-session.c handshake-checks.c dtls-sw.c dh-primes.c openpgp_compat.c \
+	crypto-selftests.c crypto-selftests-pk.c secrets.c extv.c extv.h \
+	hello_ext_lib.c hello_ext_lib.h ocsp-api.c stek.c cert-cred-rawpk.c \
+	iov.c iov.h system/ktls.c system/ktls.h
+
+if ENABLE_GOST
+COBJECTS += vko.c
+endif
+
+if ENABLE_TPM2
+COBJECTS += tpm2.c tpm2.h tpm2_esys.c
+endif
+
+if WINDOWS
+COBJECTS += system/keys-win.c
+else
+COBJECTS += system/keys-dummy.c
+endif
+
+COBJECTS += tls13/encrypted_extensions.c tls13/encrypted_extensions.h \
+	tls13/certificate_request.c tls13/certificate_request.h \
+	tls13/certificate_verify.c tls13/certificate_verify.h \
+	tls13-sig.c tls13-sig.h \
+	tls13/finished.c tls13/finished.h \
+	tls13/key_update.c tls13/key_update.h \
+	tls13/hello_retry.c tls13/hello_retry.h \
+	tls13/session_ticket.c tls13/session_ticket.h \
+	tls13/certificate.c tls13/certificate.h \
+	tls13/early_data.c tls13/early_data.h \
+	tls13/post_handshake.c \
+	tls13/psk_ext_parser.c tls13/psk_ext_parser.h \
+	tls13/anti_replay.c tls13/anti_replay.h
+
+if ENABLE_PKCS11
+COBJECTS += pkcs11.c pkcs11x.c pkcs11_privkey.c pkcs11_write.c pkcs11_secret.c \
+	pkcs11_int.c
+endif
+
+if ENABLE_NETTLE
+SUBDIRS += nettle
+endif
+
+HFILES = abstract_int.h debug.h compress.h cipher.h	 \
+	buffers.h errors.h gnutls_int.h dtls.h	 \
+	handshake.h num.h algorithms.h		 \
+	dh.h kx.h hash_int.h cipher_int.h	 \
+	db.h auth.h hello_ext.h	handshake-defs.h \
+	x509_b64.h sslv2_compat.h datum.h \
+	mpi.h pk.h record.h inih/ini.h		\
+	constate.h global.h tls-sig.h mem.h	\
+	session_pack.h str.h str_array.h		\
+	state.h x509.h crypto-backend.h			\
+	srp.h auth/srp_kx.h auth/srp_passwd.h	\
+	file.h supplemental.h crypto.h random.h system.h\
+	locks.h mbuffers.h ecc.h pin.h fips.h \
+	priority_options.h secrets.h stek.h cert-cred.h
+
+if ENABLE_PKCS11
+HFILES += pkcs11_int.h pkcs11x.h
+endif
+
+if ENABLE_GOST
+HFILES += vko.h
+endif
+
+libgnutls_la_SOURCES = $(HFILES) $(COBJECTS) $(SRP_COBJECTS)	\
+	$(PSK_COBJECTS) \
+	gnutls.asn pkix.asn libgnutls.map
+
+libgnutls_la_LDFLAGS = -no-undefined \
+	-version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) $(COMMON_LINK_FLAGS)
+
+libgnutls_la_LIBADD = ../gl/libgnu.la x509/libgnutls_x509.la \
+	ext/libgnutls_ext.la \
+	auth/libgnutls_auth.la algorithms/libgnutls_alg.la \
+	extras/libgnutls_extras.la
+thirdparty_libadd = $(LTLIBZ) $(LTLIBINTL) $(LIBSOCKET) $(LTLIBNSL) \
+	$(P11_KIT_LIBS) $(LIB_SELECT) $(GNUTLS_LIBS_PRIVATE)
+
+if HAVE_LIBBROTLI
+thirdparty_libadd += $(LIBBROTLIENC_LIBS) $(LIBBROTLIDEC_LIBS)
+endif
+
+if HAVE_LIBZSTD
+thirdparty_libadd += $(LIBZSTD_LIBS)
+endif
+
+if HAVE_LIBIDN2
+thirdparty_libadd += $(LIBIDN2_LIBS)
+endif
+
+if HAVE_LIBUNISTRING
+thirdparty_libadd += $(LIBUNISTRING)
+else
+libgnutls_la_LIBADD += unistring/libunistring.la
+endif
+
+if ENABLE_NETTLE
+libgnutls_la_LIBADD += accelerated/libaccelerated.la
+endif
+
+if !WINDOWS
+# p11-kit does not work without threading support:
+# https://github.com/p11-glue/p11-kit/pull/183
+if ENABLE_PKCS11
+thirdparty_libadd += $(LIBPMULTITHREAD)
+else
+thirdparty_libadd += $(LIBPTHREAD)
+endif
+endif
+
+if NEEDS_LIBRT
+thirdparty_libadd += $(LTLIBRT)
+endif
+
+if ENABLE_FIPS140
+thirdparty_libadd += $(FIPS140_LIBS) $(LTLIBDL)
+
+noinst_PROGRAMS = fipshmac
+fipshmac_SOURCES = fipshmac.c
+fipshmac_LDADD = libgnutls.la ../gl/libgnu.la
+
+hmac_files = .libs/.gnutls.hmac
+
+all-local: $(hmac_files)
+
+.libs/.gnutls.hmac: libgnutls.la fipshmac
+	$(AM_V_GEN) $(builddir)/fipshmac > $@-t && mv $@-t $@
+
+CLEANFILES = $(hmac_files)
+endif
+
+if NEED_LTLIBDL
+thirdparty_libadd += $(LTLIBDL)
+endif
+
+if HAVE_LD_VERSION_SCRIPT
+libgnutls_la_LDFLAGS += -Wl,--version-script=$(srcdir)/libgnutls.map
+else
+libgnutls_la_LDFLAGS += -export-symbols-regex '^(gnutls|_gnutls).*'
+endif
+
+if ENABLE_MINITASN1
+libgnutls_la_LIBADD += minitasn1/libminitasn1.la
+else
+thirdparty_libadd += $(LIBTASN1_LIBS)
+endif
+
+if ENABLE_NETTLE
+thirdparty_libadd += $(NETTLE_LIBS) $(HOGWEED_LIBS) $(GMP_LIBS)
+libgnutls_la_LIBADD += nettle/libcrypto.la
+endif
+
+if HAVE_LD_OUTPUT_DEF
+libgnutls_la_LDFLAGS += -Wl,--output-def,libgnutls-$(DLL_VERSION).def
+libgnutls-$(DLL_VERSION).def: libgnutls.la
+defexecdir = $(libdir)
+defexec_DATA = libgnutls-$(DLL_VERSION).def
+DISTCLEANFILES += $(defexec_DATA)
+endif
+
+if MACOSX
+libgnutls_la_LDFLAGS += -framework Security -framework CoreFoundation
+endif
+
+libgnutls_la_LIBADD += $(thirdparty_libadd)
+
+# C++ library
+
+if ENABLE_CXX
+libgnutlsxx_la_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_builddir)/includes -I$(srcdir)/includes
+
+AM_CXXFLAGS = \
+	-I$(srcdir)/includes	\
+	-I$(builddir)/includes
+
+lib_LTLIBRARIES += libgnutlsxx.la
+
+libgnutlsxx_la_SOURCES = gnutlsxx.cpp
+
+libgnutlsxx_la_LDFLAGS = -no-undefined \
+	-version-info $(CXX_LT_CURRENT):$(CXX_LT_REVISION):$(CXX_LT_AGE)
+
+libgnutlsxx_la_LIBADD = libgnutls.la
+
+endif
+
+pkix_asn1_tab.c: $(srcdir)/pkix.asn
+	$(AM_V_GEN)$(ASN1PARSER) $(srcdir)/pkix.asn pkix_asn1_tab.c
+
+gnutls_asn1_tab.c: $(srcdir)/gnutls.asn
+	$(AM_V_GEN)$(ASN1PARSER) $(srcdir)/gnutls.asn gnutls_asn1_tab.c
+
+priority_options.h: $(srcdir)/priority_options.gperf
+	$(V_GPERF)$(GPERF) --global-table -t $^ > $@-tmp \
+	&& sed 's/^const struct priority_options_st \*/static const struct priority_options_st \*/' <$@-tmp >$@ \
+	&& rm -f $@-tmp
diff --git a/lib/Makefile.in b/lib/Makefile.in
new file mode 100644
index 0000000..8effa37
--- /dev/null
+++ b/lib/Makefile.in
@@ -0,0 +1,3449 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2000-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@ENABLE_MINITASN1_TRUE@am__append_1 = minitasn1
+@HAVE_LIBUNISTRING_FALSE@am__append_2 = unistring
+@HAVE_LIBUNISTRING_FALSE@am__append_3 = -I$(srcdir)/unistring/ -I$(builddir)/unistring/
+@ENABLE_MINITASN1_TRUE@am__append_4 = -I$(srcdir)/minitasn1
+@ENABLE_GOST_TRUE@am__append_5 = vko.c
+@ENABLE_TPM2_TRUE@am__append_6 = tpm2.c tpm2.h tpm2_esys.c
+@WINDOWS_TRUE@am__append_7 = system/keys-win.c
+@WINDOWS_FALSE@am__append_8 = system/keys-dummy.c
+@ENABLE_PKCS11_TRUE@am__append_9 = pkcs11.c pkcs11x.c pkcs11_privkey.c pkcs11_write.c pkcs11_secret.c \
+@ENABLE_PKCS11_TRUE@	pkcs11_int.c
+
+@ENABLE_NETTLE_TRUE@am__append_10 = nettle
+@ENABLE_PKCS11_TRUE@am__append_11 = pkcs11_int.h pkcs11x.h
+@ENABLE_GOST_TRUE@am__append_12 = vko.h
+@HAVE_LIBBROTLI_TRUE@am__append_13 = $(LIBBROTLIENC_LIBS) $(LIBBROTLIDEC_LIBS)
+@HAVE_LIBZSTD_TRUE@am__append_14 = $(LIBZSTD_LIBS)
+@HAVE_LIBIDN2_TRUE@am__append_15 = $(LIBIDN2_LIBS)
+@HAVE_LIBUNISTRING_TRUE@am__append_16 = $(LIBUNISTRING)
+@HAVE_LIBUNISTRING_FALSE@am__append_17 = unistring/libunistring.la
+@ENABLE_NETTLE_TRUE@am__append_18 = accelerated/libaccelerated.la
+
+# p11-kit does not work without threading support:
+# https://github.com/p11-glue/p11-kit/pull/183
+@ENABLE_PKCS11_TRUE@@WINDOWS_FALSE@am__append_19 = $(LIBPMULTITHREAD)
+@ENABLE_PKCS11_FALSE@@WINDOWS_FALSE@am__append_20 = $(LIBPTHREAD)
+@NEEDS_LIBRT_TRUE@am__append_21 = $(LTLIBRT)
+@ENABLE_FIPS140_TRUE@am__append_22 = $(FIPS140_LIBS) $(LTLIBDL)
+@ENABLE_FIPS140_TRUE@noinst_PROGRAMS = fipshmac$(EXEEXT)
+@NEED_LTLIBDL_TRUE@am__append_23 = $(LTLIBDL)
+@HAVE_LD_VERSION_SCRIPT_TRUE@am__append_24 = -Wl,--version-script=$(srcdir)/libgnutls.map
+@HAVE_LD_VERSION_SCRIPT_FALSE@am__append_25 = -export-symbols-regex '^(gnutls|_gnutls).*'
+@ENABLE_MINITASN1_TRUE@am__append_26 = minitasn1/libminitasn1.la
+@ENABLE_MINITASN1_FALSE@am__append_27 = $(LIBTASN1_LIBS)
+@ENABLE_NETTLE_TRUE@am__append_28 = $(NETTLE_LIBS) $(HOGWEED_LIBS) $(GMP_LIBS)
+@ENABLE_NETTLE_TRUE@am__append_29 = nettle/libcrypto.la
+@HAVE_LD_OUTPUT_DEF_TRUE@am__append_30 = -Wl,--output-def,libgnutls-$(DLL_VERSION).def
+@HAVE_LD_OUTPUT_DEF_TRUE@am__append_31 = $(defexec_DATA)
+@MACOSX_TRUE@am__append_32 = -framework Security -framework CoreFoundation
+@ENABLE_CXX_TRUE@am__append_33 = libgnutlsxx.la
+subdir = lib
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES = gnutls.pc
+CONFIG_CLEAN_VPATH_FILES =
+PROGRAMS = $(noinst_PROGRAMS)
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+    $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+    *) f=$$p;; \
+  esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+  srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+  for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+  for p in $$list; do echo "$$p $$p"; done | \
+  sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+  $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+    if (++n[$$2] == $(am__install_max)) \
+      { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+    END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+  sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+  sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
+am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(defexecdir)" \
+	"$(DESTDIR)$(pkgconfigdir)"
+LTLIBRARIES = $(lib_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+@HAVE_LIBBROTLI_TRUE@am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1) \
+@HAVE_LIBBROTLI_TRUE@	$(am__DEPENDENCIES_1)
+@HAVE_LIBZSTD_TRUE@am__DEPENDENCIES_3 = $(am__DEPENDENCIES_1)
+@HAVE_LIBIDN2_TRUE@am__DEPENDENCIES_4 = $(am__DEPENDENCIES_1)
+@HAVE_LIBUNISTRING_TRUE@am__DEPENDENCIES_5 = $(am__DEPENDENCIES_1)
+@ENABLE_PKCS11_TRUE@@WINDOWS_FALSE@am__DEPENDENCIES_6 =  \
+@ENABLE_PKCS11_TRUE@@WINDOWS_FALSE@	$(am__DEPENDENCIES_1)
+@ENABLE_PKCS11_FALSE@@WINDOWS_FALSE@am__DEPENDENCIES_7 =  \
+@ENABLE_PKCS11_FALSE@@WINDOWS_FALSE@	$(am__DEPENDENCIES_1)
+@NEEDS_LIBRT_TRUE@am__DEPENDENCIES_8 = $(am__DEPENDENCIES_1)
+@ENABLE_FIPS140_TRUE@am__DEPENDENCIES_9 = $(am__DEPENDENCIES_1) \
+@ENABLE_FIPS140_TRUE@	$(am__DEPENDENCIES_1)
+@NEED_LTLIBDL_TRUE@am__DEPENDENCIES_10 = $(am__DEPENDENCIES_1)
+@ENABLE_MINITASN1_FALSE@am__DEPENDENCIES_11 = $(am__DEPENDENCIES_1)
+@ENABLE_NETTLE_TRUE@am__DEPENDENCIES_12 = $(am__DEPENDENCIES_1) \
+@ENABLE_NETTLE_TRUE@	$(am__DEPENDENCIES_1) \
+@ENABLE_NETTLE_TRUE@	$(am__DEPENDENCIES_1)
+am__DEPENDENCIES_13 = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
+	$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
+	$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
+	$(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \
+	$(am__DEPENDENCIES_4) $(am__DEPENDENCIES_5) \
+	$(am__DEPENDENCIES_6) $(am__DEPENDENCIES_7) \
+	$(am__DEPENDENCIES_8) $(am__DEPENDENCIES_9) \
+	$(am__DEPENDENCIES_10) $(am__DEPENDENCIES_11) \
+	$(am__DEPENDENCIES_12)
+libgnutls_la_DEPENDENCIES = ../gl/libgnu.la x509/libgnutls_x509.la \
+	ext/libgnutls_ext.la auth/libgnutls_auth.la \
+	algorithms/libgnutls_alg.la extras/libgnutls_extras.la \
+	$(am__append_17) $(am__append_18) $(am__append_26) \
+	$(am__append_29) $(am__DEPENDENCIES_13)
+am__libgnutls_la_SOURCES_DIST = abstract_int.h debug.h compress.h \
+	cipher.h buffers.h errors.h gnutls_int.h dtls.h handshake.h \
+	num.h algorithms.h dh.h kx.h hash_int.h cipher_int.h db.h \
+	auth.h hello_ext.h handshake-defs.h x509_b64.h sslv2_compat.h \
+	datum.h mpi.h pk.h record.h inih/ini.h constate.h global.h \
+	tls-sig.h mem.h session_pack.h str.h str_array.h state.h \
+	x509.h crypto-backend.h srp.h auth/srp_kx.h auth/srp_passwd.h \
+	file.h supplemental.h crypto.h random.h system.h locks.h \
+	mbuffers.h ecc.h pin.h fips.h priority_options.h secrets.h \
+	stek.h cert-cred.h pkcs11_int.h pkcs11x.h vko.h range.c \
+	record.c compress.c debug.c cipher.c gthreads.h \
+	handshake-tls13.c mbuffers.c buffers.c handshake.c errors.c \
+	dh.c kx.c cipher-cbc.c priority.c hash_int.c cipher_int.c \
+	session.c db.c x509_b64.c hello_ext.c auth.c sslv2_compat.c \
+	datum.c session_pack.c mpi.c pk.c cert-cred.c global.c \
+	constate.c anon_cred.c pkix_asn1_tab.c gnutls_asn1_tab.c mem.c \
+	fingerprint.c tls-sig.c ecc.c alert.c privkey_raw.c atomic.h \
+	system/certs.c system/threads.c system/fastopen.c \
+	system/sockets.c str-iconv.c system.c profiles.c profiles.h \
+	inih/ini.c str.c str-unicode.c str-idna.c state.c \
+	cert-cred-x509.c file.c supplemental.c random.c crypto-api.c \
+	crypto-api.h privkey.c pcert.c pubkey.c locks.c dtls.c \
+	system_override.c crypto-backend.c verify-tofu.c pin.c tpm.c \
+	fips.c safe-memfuncs.c atfork.c atfork.h randomart.c \
+	name_val_array.h system-keys.h urls.c urls.h prf.c \
+	auto-verify.c dh-session.c cert-session.c handshake-checks.c \
+	dtls-sw.c dh-primes.c openpgp_compat.c crypto-selftests.c \
+	crypto-selftests-pk.c secrets.c extv.c extv.h hello_ext_lib.c \
+	hello_ext_lib.h ocsp-api.c stek.c cert-cred-rawpk.c iov.c \
+	iov.h system/ktls.c system/ktls.h vko.c tpm2.c tpm2.h \
+	tpm2_esys.c system/keys-win.c system/keys-dummy.c \
+	tls13/encrypted_extensions.c tls13/encrypted_extensions.h \
+	tls13/certificate_request.c tls13/certificate_request.h \
+	tls13/certificate_verify.c tls13/certificate_verify.h \
+	tls13-sig.c tls13-sig.h tls13/finished.c tls13/finished.h \
+	tls13/key_update.c tls13/key_update.h tls13/hello_retry.c \
+	tls13/hello_retry.h tls13/session_ticket.c \
+	tls13/session_ticket.h tls13/certificate.c tls13/certificate.h \
+	tls13/early_data.c tls13/early_data.h tls13/post_handshake.c \
+	tls13/psk_ext_parser.c tls13/psk_ext_parser.h \
+	tls13/anti_replay.c tls13/anti_replay.h pkcs11.c pkcs11x.c \
+	pkcs11_privkey.c pkcs11_write.c pkcs11_secret.c pkcs11_int.c \
+	srp.c psk.c gnutls.asn pkix.asn libgnutls.map
+am__objects_1 =
+am__objects_2 = $(am__objects_1) $(am__objects_1)
+am__dirstamp = $(am__leading_dot)dirstamp
+@ENABLE_GOST_TRUE@am__objects_3 = vko.lo
+@ENABLE_TPM2_TRUE@am__objects_4 = tpm2.lo tpm2_esys.lo
+@WINDOWS_TRUE@am__objects_5 = system/keys-win.lo
+@WINDOWS_FALSE@am__objects_6 = system/keys-dummy.lo
+@ENABLE_PKCS11_TRUE@am__objects_7 = pkcs11.lo pkcs11x.lo \
+@ENABLE_PKCS11_TRUE@	pkcs11_privkey.lo pkcs11_write.lo \
+@ENABLE_PKCS11_TRUE@	pkcs11_secret.lo pkcs11_int.lo
+am__objects_8 = range.lo record.lo compress.lo debug.lo cipher.lo \
+	handshake-tls13.lo mbuffers.lo buffers.lo handshake.lo \
+	errors.lo dh.lo kx.lo cipher-cbc.lo priority.lo hash_int.lo \
+	cipher_int.lo session.lo db.lo x509_b64.lo hello_ext.lo \
+	auth.lo sslv2_compat.lo datum.lo session_pack.lo mpi.lo pk.lo \
+	cert-cred.lo global.lo constate.lo anon_cred.lo \
+	pkix_asn1_tab.lo gnutls_asn1_tab.lo mem.lo fingerprint.lo \
+	tls-sig.lo ecc.lo alert.lo privkey_raw.lo system/certs.lo \
+	system/threads.lo system/fastopen.lo system/sockets.lo \
+	str-iconv.lo system.lo profiles.lo inih/ini.lo str.lo \
+	str-unicode.lo str-idna.lo state.lo cert-cred-x509.lo file.lo \
+	supplemental.lo random.lo crypto-api.lo privkey.lo pcert.lo \
+	pubkey.lo locks.lo dtls.lo system_override.lo \
+	crypto-backend.lo verify-tofu.lo pin.lo tpm.lo fips.lo \
+	safe-memfuncs.lo atfork.lo randomart.lo urls.lo prf.lo \
+	auto-verify.lo dh-session.lo cert-session.lo \
+	handshake-checks.lo dtls-sw.lo dh-primes.lo openpgp_compat.lo \
+	crypto-selftests.lo crypto-selftests-pk.lo secrets.lo extv.lo \
+	hello_ext_lib.lo ocsp-api.lo stek.lo cert-cred-rawpk.lo iov.lo \
+	system/ktls.lo $(am__objects_3) $(am__objects_4) \
+	$(am__objects_5) $(am__objects_6) \
+	tls13/encrypted_extensions.lo tls13/certificate_request.lo \
+	tls13/certificate_verify.lo tls13-sig.lo tls13/finished.lo \
+	tls13/key_update.lo tls13/hello_retry.lo \
+	tls13/session_ticket.lo tls13/certificate.lo \
+	tls13/early_data.lo tls13/post_handshake.lo \
+	tls13/psk_ext_parser.lo tls13/anti_replay.lo $(am__objects_7)
+am__objects_9 = srp.lo
+am__objects_10 = psk.lo
+am_libgnutls_la_OBJECTS = $(am__objects_2) $(am__objects_8) \
+	$(am__objects_9) $(am__objects_10)
+libgnutls_la_OBJECTS = $(am_libgnutls_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+libgnutls_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(libgnutls_la_LDFLAGS) $(LDFLAGS) -o $@
+@ENABLE_CXX_TRUE@libgnutlsxx_la_DEPENDENCIES = libgnutls.la
+am__libgnutlsxx_la_SOURCES_DIST = gnutlsxx.cpp
+@ENABLE_CXX_TRUE@am_libgnutlsxx_la_OBJECTS =  \
+@ENABLE_CXX_TRUE@	libgnutlsxx_la-gnutlsxx.lo
+libgnutlsxx_la_OBJECTS = $(am_libgnutlsxx_la_OBJECTS)
+libgnutlsxx_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CXX \
+	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CXXLD) \
+	$(AM_CXXFLAGS) $(CXXFLAGS) $(libgnutlsxx_la_LDFLAGS) \
+	$(LDFLAGS) -o $@
+@ENABLE_CXX_TRUE@am_libgnutlsxx_la_rpath = -rpath $(libdir)
+am__fipshmac_SOURCES_DIST = fipshmac.c
+@ENABLE_FIPS140_TRUE@am_fipshmac_OBJECTS = fipshmac.$(OBJEXT)
+fipshmac_OBJECTS = $(am_fipshmac_OBJECTS)
+@ENABLE_FIPS140_TRUE@fipshmac_DEPENDENCIES = libgnutls.la \
+@ENABLE_FIPS140_TRUE@	../gl/libgnu.la
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/alert.Plo ./$(DEPDIR)/anon_cred.Plo \
+	./$(DEPDIR)/atfork.Plo ./$(DEPDIR)/auth.Plo \
+	./$(DEPDIR)/auto-verify.Plo ./$(DEPDIR)/buffers.Plo \
+	./$(DEPDIR)/cert-cred-rawpk.Plo ./$(DEPDIR)/cert-cred-x509.Plo \
+	./$(DEPDIR)/cert-cred.Plo ./$(DEPDIR)/cert-session.Plo \
+	./$(DEPDIR)/cipher-cbc.Plo ./$(DEPDIR)/cipher.Plo \
+	./$(DEPDIR)/cipher_int.Plo ./$(DEPDIR)/compress.Plo \
+	./$(DEPDIR)/constate.Plo ./$(DEPDIR)/crypto-api.Plo \
+	./$(DEPDIR)/crypto-backend.Plo \
+	./$(DEPDIR)/crypto-selftests-pk.Plo \
+	./$(DEPDIR)/crypto-selftests.Plo ./$(DEPDIR)/datum.Plo \
+	./$(DEPDIR)/db.Plo ./$(DEPDIR)/debug.Plo \
+	./$(DEPDIR)/dh-primes.Plo ./$(DEPDIR)/dh-session.Plo \
+	./$(DEPDIR)/dh.Plo ./$(DEPDIR)/dtls-sw.Plo \
+	./$(DEPDIR)/dtls.Plo ./$(DEPDIR)/ecc.Plo \
+	./$(DEPDIR)/errors.Plo ./$(DEPDIR)/extv.Plo \
+	./$(DEPDIR)/file.Plo ./$(DEPDIR)/fingerprint.Plo \
+	./$(DEPDIR)/fips.Plo ./$(DEPDIR)/fipshmac.Po \
+	./$(DEPDIR)/global.Plo ./$(DEPDIR)/gnutls_asn1_tab.Plo \
+	./$(DEPDIR)/handshake-checks.Plo \
+	./$(DEPDIR)/handshake-tls13.Plo ./$(DEPDIR)/handshake.Plo \
+	./$(DEPDIR)/hash_int.Plo ./$(DEPDIR)/hello_ext.Plo \
+	./$(DEPDIR)/hello_ext_lib.Plo ./$(DEPDIR)/iov.Plo \
+	./$(DEPDIR)/kx.Plo ./$(DEPDIR)/libgnutlsxx_la-gnutlsxx.Plo \
+	./$(DEPDIR)/locks.Plo ./$(DEPDIR)/mbuffers.Plo \
+	./$(DEPDIR)/mem.Plo ./$(DEPDIR)/mpi.Plo \
+	./$(DEPDIR)/ocsp-api.Plo ./$(DEPDIR)/openpgp_compat.Plo \
+	./$(DEPDIR)/pcert.Plo ./$(DEPDIR)/pin.Plo ./$(DEPDIR)/pk.Plo \
+	./$(DEPDIR)/pkcs11.Plo ./$(DEPDIR)/pkcs11_int.Plo \
+	./$(DEPDIR)/pkcs11_privkey.Plo ./$(DEPDIR)/pkcs11_secret.Plo \
+	./$(DEPDIR)/pkcs11_write.Plo ./$(DEPDIR)/pkcs11x.Plo \
+	./$(DEPDIR)/pkix_asn1_tab.Plo ./$(DEPDIR)/prf.Plo \
+	./$(DEPDIR)/priority.Plo ./$(DEPDIR)/privkey.Plo \
+	./$(DEPDIR)/privkey_raw.Plo ./$(DEPDIR)/profiles.Plo \
+	./$(DEPDIR)/psk.Plo ./$(DEPDIR)/pubkey.Plo \
+	./$(DEPDIR)/random.Plo ./$(DEPDIR)/randomart.Plo \
+	./$(DEPDIR)/range.Plo ./$(DEPDIR)/record.Plo \
+	./$(DEPDIR)/safe-memfuncs.Plo ./$(DEPDIR)/secrets.Plo \
+	./$(DEPDIR)/session.Plo ./$(DEPDIR)/session_pack.Plo \
+	./$(DEPDIR)/srp.Plo ./$(DEPDIR)/sslv2_compat.Plo \
+	./$(DEPDIR)/state.Plo ./$(DEPDIR)/stek.Plo \
+	./$(DEPDIR)/str-iconv.Plo ./$(DEPDIR)/str-idna.Plo \
+	./$(DEPDIR)/str-unicode.Plo ./$(DEPDIR)/str.Plo \
+	./$(DEPDIR)/supplemental.Plo ./$(DEPDIR)/system.Plo \
+	./$(DEPDIR)/system_override.Plo ./$(DEPDIR)/tls-sig.Plo \
+	./$(DEPDIR)/tls13-sig.Plo ./$(DEPDIR)/tpm.Plo \
+	./$(DEPDIR)/tpm2.Plo ./$(DEPDIR)/tpm2_esys.Plo \
+	./$(DEPDIR)/urls.Plo ./$(DEPDIR)/verify-tofu.Plo \
+	./$(DEPDIR)/vko.Plo ./$(DEPDIR)/x509_b64.Plo \
+	inih/$(DEPDIR)/ini.Plo system/$(DEPDIR)/certs.Plo \
+	system/$(DEPDIR)/fastopen.Plo system/$(DEPDIR)/keys-dummy.Plo \
+	system/$(DEPDIR)/keys-win.Plo system/$(DEPDIR)/ktls.Plo \
+	system/$(DEPDIR)/sockets.Plo system/$(DEPDIR)/threads.Plo \
+	tls13/$(DEPDIR)/anti_replay.Plo \
+	tls13/$(DEPDIR)/certificate.Plo \
+	tls13/$(DEPDIR)/certificate_request.Plo \
+	tls13/$(DEPDIR)/certificate_verify.Plo \
+	tls13/$(DEPDIR)/early_data.Plo \
+	tls13/$(DEPDIR)/encrypted_extensions.Plo \
+	tls13/$(DEPDIR)/finished.Plo tls13/$(DEPDIR)/hello_retry.Plo \
+	tls13/$(DEPDIR)/key_update.Plo \
+	tls13/$(DEPDIR)/post_handshake.Plo \
+	tls13/$(DEPDIR)/psk_ext_parser.Plo \
+	tls13/$(DEPDIR)/session_ticket.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+CXXCOMPILE = $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+	$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS)
+LTCXXCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CXX $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CXX) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CXXFLAGS) $(CXXFLAGS)
+AM_V_CXX = $(am__v_CXX_@AM_V@)
+am__v_CXX_ = $(am__v_CXX_@AM_DEFAULT_V@)
+am__v_CXX_0 = @echo "  CXX     " $@;
+am__v_CXX_1 = 
+CXXLD = $(CXX)
+CXXLINK = $(LIBTOOL) $(AM_V_lt) --tag=CXX $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CXXLD) $(AM_CXXFLAGS) \
+	$(CXXFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CXXLD = $(am__v_CXXLD_@AM_V@)
+am__v_CXXLD_ = $(am__v_CXXLD_@AM_DEFAULT_V@)
+am__v_CXXLD_0 = @echo "  CXXLD   " $@;
+am__v_CXXLD_1 = 
+SOURCES = $(libgnutls_la_SOURCES) $(libgnutlsxx_la_SOURCES) \
+	$(fipshmac_SOURCES)
+DIST_SOURCES = $(am__libgnutls_la_SOURCES_DIST) \
+	$(am__libgnutlsxx_la_SOURCES_DIST) \
+	$(am__fipshmac_SOURCES_DIST)
+RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \
+	ctags-recursive dvi-recursive html-recursive info-recursive \
+	install-data-recursive install-dvi-recursive \
+	install-exec-recursive install-html-recursive \
+	install-info-recursive install-pdf-recursive \
+	install-ps-recursive install-recursive installcheck-recursive \
+	installdirs-recursive pdf-recursive ps-recursive \
+	tags-recursive uninstall-recursive
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+DATA = $(defexec_DATA) $(pkgconfig_DATA)
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive	\
+  distclean-recursive maintainer-clean-recursive
+am__recursive_targets = \
+  $(RECURSIVE_TARGETS) \
+  $(RECURSIVE_CLEAN_TARGETS) \
+  $(am__extra_recursive_targets)
+AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
+	distdir distdir-am
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+DIST_SUBDIRS = includes x509 auth ext algorithms extras accelerated \
+	minitasn1 unistring nettle
+am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/gnutls.pc.in \
+	$(top_srcdir)/build-aux/depcomp $(top_srcdir)/lib/common.mk \
+	README
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+am__relativize = \
+  dir0=`pwd`; \
+  sed_first='s,^\([^/]*\)/.*$$,\1,'; \
+  sed_rest='s,^[^/]*/*,,'; \
+  sed_last='s,^.*/\([^/]*\)$$,\1,'; \
+  sed_butlast='s,/*[^/]*$$,,'; \
+  while test -n "$$dir1"; do \
+    first=`echo "$$dir1" | sed -e "$$sed_first"`; \
+    if test "$$first" != "."; then \
+      if test "$$first" = ".."; then \
+        dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \
+        dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \
+      else \
+        first2=`echo "$$dir2" | sed -e "$$sed_first"`; \
+        if test "$$first2" = "$$first"; then \
+          dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \
+        else \
+          dir2="../$$dir2"; \
+        fi; \
+        dir0="$$dir0"/"$$first"; \
+      fi; \
+    fi; \
+    dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \
+  done; \
+  reldir="$$dir2"
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = @GPERF@
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = $(datadir)/locale
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+ACLOCAL_AMFLAGS = -I ../m4 -I ../gl/m4
+EXTRA_DIST = priority_options.gperf common.mk inih/LICENSE.txt
+BUILT_SOURCES = pkix_asn1_tab.c gnutls_asn1_tab.c priority_options.h
+SUBDIRS = includes x509 auth ext algorithms extras accelerated \
+	$(am__append_1) $(am__append_2) $(am__append_10)
+AM_CFLAGS = $(WERROR_CFLAGS) $(WSTACK_CFLAGS) $(WARN_CFLAGS) $(NETTLE_CFLAGS) \
+  $(LIBTASN1_CFLAGS) $(LIBIDN2_CFLAGS) $(P11_KIT_CFLAGS) $(LIBZSTD_CFLAGS) \
+  $(CODE_COVERAGE_CFLAGS)
+
+COMMON_LINK_FLAGS = $(CODE_COVERAGE_LDFLAGS)
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
+AM_CPPFLAGS = -DLOCALEDIR=\"$(localedir)\" -I$(srcdir)/../gl \
+	-I$(builddir)/../gl -I$(builddir)/includes -I$(builddir)/x509 \
+	-I$(srcdir)/includes -I$(builddir)/includes -I$(srcdir)/x509 \
+	$(LIBTASN1_CFLAGS) $(P11_KIT_CFLAGS) $(TSS2_CFLAGS) \
+	$(am__append_3) $(am__append_4)
+
+# Pkg-config script.
+pkgconfigdir = $(libdir)/pkgconfig
+pkgconfig_DATA = gnutls.pc
+DISTCLEANFILES = $(pkgconfig_DATA) $(am__append_31)
+lib_LTLIBRARIES = libgnutls.la $(am__append_33)
+SRP_COBJECTS = srp.c
+PSK_COBJECTS = psk.c
+COBJECTS = range.c record.c compress.c debug.c cipher.c gthreads.h \
+	handshake-tls13.c mbuffers.c buffers.c handshake.c errors.c \
+	dh.c kx.c cipher-cbc.c priority.c hash_int.c cipher_int.c \
+	session.c db.c x509_b64.c hello_ext.c auth.c sslv2_compat.c \
+	datum.c session_pack.c mpi.c pk.c cert-cred.c global.c \
+	constate.c anon_cred.c pkix_asn1_tab.c gnutls_asn1_tab.c mem.c \
+	fingerprint.c tls-sig.c ecc.c alert.c privkey_raw.c atomic.h \
+	system/certs.c system/threads.c system/fastopen.c \
+	system/sockets.c str-iconv.c system.c profiles.c profiles.h \
+	inih/ini.c str.c str-unicode.c str-idna.c state.c \
+	cert-cred-x509.c file.c supplemental.c random.c crypto-api.c \
+	crypto-api.h privkey.c pcert.c pubkey.c locks.c dtls.c \
+	system_override.c crypto-backend.c verify-tofu.c pin.c tpm.c \
+	fips.c safe-memfuncs.c atfork.c atfork.h randomart.c \
+	name_val_array.h system-keys.h urls.c urls.h prf.c \
+	auto-verify.c dh-session.c cert-session.c handshake-checks.c \
+	dtls-sw.c dh-primes.c openpgp_compat.c crypto-selftests.c \
+	crypto-selftests-pk.c secrets.c extv.c extv.h hello_ext_lib.c \
+	hello_ext_lib.h ocsp-api.c stek.c cert-cred-rawpk.c iov.c \
+	iov.h system/ktls.c system/ktls.h $(am__append_5) \
+	$(am__append_6) $(am__append_7) $(am__append_8) \
+	tls13/encrypted_extensions.c tls13/encrypted_extensions.h \
+	tls13/certificate_request.c tls13/certificate_request.h \
+	tls13/certificate_verify.c tls13/certificate_verify.h \
+	tls13-sig.c tls13-sig.h tls13/finished.c tls13/finished.h \
+	tls13/key_update.c tls13/key_update.h tls13/hello_retry.c \
+	tls13/hello_retry.h tls13/session_ticket.c \
+	tls13/session_ticket.h tls13/certificate.c tls13/certificate.h \
+	tls13/early_data.c tls13/early_data.h tls13/post_handshake.c \
+	tls13/psk_ext_parser.c tls13/psk_ext_parser.h \
+	tls13/anti_replay.c tls13/anti_replay.h $(am__append_9)
+HFILES = abstract_int.h debug.h compress.h cipher.h buffers.h errors.h \
+	gnutls_int.h dtls.h handshake.h num.h algorithms.h dh.h kx.h \
+	hash_int.h cipher_int.h db.h auth.h hello_ext.h \
+	handshake-defs.h x509_b64.h sslv2_compat.h datum.h mpi.h pk.h \
+	record.h inih/ini.h constate.h global.h tls-sig.h mem.h \
+	session_pack.h str.h str_array.h state.h x509.h \
+	crypto-backend.h srp.h auth/srp_kx.h auth/srp_passwd.h file.h \
+	supplemental.h crypto.h random.h system.h locks.h mbuffers.h \
+	ecc.h pin.h fips.h priority_options.h secrets.h stek.h \
+	cert-cred.h $(am__append_11) $(am__append_12)
+libgnutls_la_SOURCES = $(HFILES) $(COBJECTS) $(SRP_COBJECTS)	\
+	$(PSK_COBJECTS) \
+	gnutls.asn pkix.asn libgnutls.map
+
+libgnutls_la_LDFLAGS = -no-undefined -version-info \
+	$(LT_CURRENT):$(LT_REVISION):$(LT_AGE) $(COMMON_LINK_FLAGS) \
+	$(am__append_24) $(am__append_25) $(am__append_30) \
+	$(am__append_32)
+libgnutls_la_LIBADD = ../gl/libgnu.la x509/libgnutls_x509.la \
+	ext/libgnutls_ext.la auth/libgnutls_auth.la \
+	algorithms/libgnutls_alg.la extras/libgnutls_extras.la \
+	$(am__append_17) $(am__append_18) $(am__append_26) \
+	$(am__append_29) $(thirdparty_libadd)
+thirdparty_libadd = $(LTLIBZ) $(LTLIBINTL) $(LIBSOCKET) $(LTLIBNSL) \
+	$(P11_KIT_LIBS) $(LIB_SELECT) $(GNUTLS_LIBS_PRIVATE) \
+	$(am__append_13) $(am__append_14) $(am__append_15) \
+	$(am__append_16) $(am__append_19) $(am__append_20) \
+	$(am__append_21) $(am__append_22) $(am__append_23) \
+	$(am__append_27) $(am__append_28)
+@ENABLE_FIPS140_TRUE@fipshmac_SOURCES = fipshmac.c
+@ENABLE_FIPS140_TRUE@fipshmac_LDADD = libgnutls.la ../gl/libgnu.la
+@ENABLE_FIPS140_TRUE@hmac_files = .libs/.gnutls.hmac
+@ENABLE_FIPS140_TRUE@CLEANFILES = $(hmac_files)
+@HAVE_LD_OUTPUT_DEF_TRUE@defexecdir = $(libdir)
+@HAVE_LD_OUTPUT_DEF_TRUE@defexec_DATA = libgnutls-$(DLL_VERSION).def
+
+# C++ library
+@ENABLE_CXX_TRUE@libgnutlsxx_la_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_builddir)/includes -I$(srcdir)/includes
+@ENABLE_CXX_TRUE@AM_CXXFLAGS = \
+@ENABLE_CXX_TRUE@	-I$(srcdir)/includes	\
+@ENABLE_CXX_TRUE@	-I$(builddir)/includes
+
+@ENABLE_CXX_TRUE@libgnutlsxx_la_SOURCES = gnutlsxx.cpp
+@ENABLE_CXX_TRUE@libgnutlsxx_la_LDFLAGS = -no-undefined \
+@ENABLE_CXX_TRUE@	-version-info $(CXX_LT_CURRENT):$(CXX_LT_REVISION):$(CXX_LT_AGE)
+
+@ENABLE_CXX_TRUE@libgnutlsxx_la_LIBADD = libgnutls.la
+all: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) all-recursive
+
+.SUFFIXES:
+.SUFFIXES: .c .cpp .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/lib/common.mk $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign lib/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+$(top_srcdir)/lib/common.mk $(am__empty):
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+gnutls.pc: $(top_builddir)/config.status $(srcdir)/gnutls.pc.in
+	cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
+
+clean-noinstPROGRAMS:
+	@list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \
+	echo " rm -f" $$list; \
+	rm -f $$list || exit $$?; \
+	test -n "$(EXEEXT)" || exit 0; \
+	list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
+	echo " rm -f" $$list; \
+	rm -f $$list
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+	@$(NORMAL_INSTALL)
+	@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+	list2=; for p in $$list; do \
+	  if test -f $$p; then \
+	    list2="$$list2 $$p"; \
+	  else :; fi; \
+	done; \
+	test -z "$$list2" || { \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
+	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
+	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
+	}
+
+uninstall-libLTLIBRARIES:
+	@$(NORMAL_UNINSTALL)
+	@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+	for p in $$list; do \
+	  $(am__strip_dir) \
+	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \
+	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \
+	done
+
+clean-libLTLIBRARIES:
+	-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+	@list='$(lib_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+system/$(am__dirstamp):
+	@$(MKDIR_P) system
+	@: > system/$(am__dirstamp)
+system/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) system/$(DEPDIR)
+	@: > system/$(DEPDIR)/$(am__dirstamp)
+system/certs.lo: system/$(am__dirstamp) \
+	system/$(DEPDIR)/$(am__dirstamp)
+system/threads.lo: system/$(am__dirstamp) \
+	system/$(DEPDIR)/$(am__dirstamp)
+system/fastopen.lo: system/$(am__dirstamp) \
+	system/$(DEPDIR)/$(am__dirstamp)
+system/sockets.lo: system/$(am__dirstamp) \
+	system/$(DEPDIR)/$(am__dirstamp)
+inih/$(am__dirstamp):
+	@$(MKDIR_P) inih
+	@: > inih/$(am__dirstamp)
+inih/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) inih/$(DEPDIR)
+	@: > inih/$(DEPDIR)/$(am__dirstamp)
+inih/ini.lo: inih/$(am__dirstamp) inih/$(DEPDIR)/$(am__dirstamp)
+system/ktls.lo: system/$(am__dirstamp) \
+	system/$(DEPDIR)/$(am__dirstamp)
+system/keys-win.lo: system/$(am__dirstamp) \
+	system/$(DEPDIR)/$(am__dirstamp)
+system/keys-dummy.lo: system/$(am__dirstamp) \
+	system/$(DEPDIR)/$(am__dirstamp)
+tls13/$(am__dirstamp):
+	@$(MKDIR_P) tls13
+	@: > tls13/$(am__dirstamp)
+tls13/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) tls13/$(DEPDIR)
+	@: > tls13/$(DEPDIR)/$(am__dirstamp)
+tls13/encrypted_extensions.lo: tls13/$(am__dirstamp) \
+	tls13/$(DEPDIR)/$(am__dirstamp)
+tls13/certificate_request.lo: tls13/$(am__dirstamp) \
+	tls13/$(DEPDIR)/$(am__dirstamp)
+tls13/certificate_verify.lo: tls13/$(am__dirstamp) \
+	tls13/$(DEPDIR)/$(am__dirstamp)
+tls13/finished.lo: tls13/$(am__dirstamp) \
+	tls13/$(DEPDIR)/$(am__dirstamp)
+tls13/key_update.lo: tls13/$(am__dirstamp) \
+	tls13/$(DEPDIR)/$(am__dirstamp)
+tls13/hello_retry.lo: tls13/$(am__dirstamp) \
+	tls13/$(DEPDIR)/$(am__dirstamp)
+tls13/session_ticket.lo: tls13/$(am__dirstamp) \
+	tls13/$(DEPDIR)/$(am__dirstamp)
+tls13/certificate.lo: tls13/$(am__dirstamp) \
+	tls13/$(DEPDIR)/$(am__dirstamp)
+tls13/early_data.lo: tls13/$(am__dirstamp) \
+	tls13/$(DEPDIR)/$(am__dirstamp)
+tls13/post_handshake.lo: tls13/$(am__dirstamp) \
+	tls13/$(DEPDIR)/$(am__dirstamp)
+tls13/psk_ext_parser.lo: tls13/$(am__dirstamp) \
+	tls13/$(DEPDIR)/$(am__dirstamp)
+tls13/anti_replay.lo: tls13/$(am__dirstamp) \
+	tls13/$(DEPDIR)/$(am__dirstamp)
+
+libgnutls.la: $(libgnutls_la_OBJECTS) $(libgnutls_la_DEPENDENCIES) $(EXTRA_libgnutls_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(libgnutls_la_LINK) -rpath $(libdir) $(libgnutls_la_OBJECTS) $(libgnutls_la_LIBADD) $(LIBS)
+
+libgnutlsxx.la: $(libgnutlsxx_la_OBJECTS) $(libgnutlsxx_la_DEPENDENCIES) $(EXTRA_libgnutlsxx_la_DEPENDENCIES) 
+	$(AM_V_CXXLD)$(libgnutlsxx_la_LINK) $(am_libgnutlsxx_la_rpath) $(libgnutlsxx_la_OBJECTS) $(libgnutlsxx_la_LIBADD) $(LIBS)
+
+fipshmac$(EXEEXT): $(fipshmac_OBJECTS) $(fipshmac_DEPENDENCIES) $(EXTRA_fipshmac_DEPENDENCIES) 
+	@rm -f fipshmac$(EXEEXT)
+	$(AM_V_CCLD)$(LINK) $(fipshmac_OBJECTS) $(fipshmac_LDADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+	-rm -f inih/*.$(OBJEXT)
+	-rm -f inih/*.lo
+	-rm -f system/*.$(OBJEXT)
+	-rm -f system/*.lo
+	-rm -f tls13/*.$(OBJEXT)
+	-rm -f tls13/*.lo
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alert.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/anon_cred.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/atfork.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auth.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auto-verify.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/buffers.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cert-cred-rawpk.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cert-cred-x509.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cert-cred.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cert-session.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cipher-cbc.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cipher.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cipher_int.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/compress.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/constate.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto-api.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto-backend.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto-selftests-pk.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto-selftests.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/datum.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/db.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/debug.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dh-primes.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dh-session.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dh.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dtls-sw.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dtls.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ecc.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/errors.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/extv.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/file.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fingerprint.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fips.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fipshmac.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/global.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gnutls_asn1_tab.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/handshake-checks.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/handshake-tls13.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/handshake.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hash_int.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hello_ext.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hello_ext_lib.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/iov.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kx.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libgnutlsxx_la-gnutlsxx.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/locks.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mbuffers.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mem.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mpi.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ocsp-api.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openpgp_compat.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pcert.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pin.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pk.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs11.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs11_int.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs11_privkey.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs11_secret.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs11_write.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs11x.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkix_asn1_tab.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/prf.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/priority.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/privkey.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/privkey_raw.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/profiles.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/psk.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pubkey.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/random.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/randomart.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/range.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/record.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/safe-memfuncs.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secrets.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/session.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/session_pack.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srp.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sslv2_compat.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/state.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/stek.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/str-iconv.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/str-idna.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/str-unicode.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/str.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/supplemental.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/system.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/system_override.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls-sig.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls13-sig.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tpm.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tpm2.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tpm2_esys.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/urls.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/verify-tofu.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vko.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/x509_b64.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@inih/$(DEPDIR)/ini.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@system/$(DEPDIR)/certs.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@system/$(DEPDIR)/fastopen.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@system/$(DEPDIR)/keys-dummy.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@system/$(DEPDIR)/keys-win.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@system/$(DEPDIR)/ktls.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@system/$(DEPDIR)/sockets.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@system/$(DEPDIR)/threads.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@tls13/$(DEPDIR)/anti_replay.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@tls13/$(DEPDIR)/certificate.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@tls13/$(DEPDIR)/certificate_request.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@tls13/$(DEPDIR)/certificate_verify.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@tls13/$(DEPDIR)/early_data.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@tls13/$(DEPDIR)/encrypted_extensions.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@tls13/$(DEPDIR)/finished.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@tls13/$(DEPDIR)/hello_retry.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@tls13/$(DEPDIR)/key_update.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@tls13/$(DEPDIR)/post_handshake.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@tls13/$(DEPDIR)/psk_ext_parser.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@tls13/$(DEPDIR)/session_ticket.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+.cpp.o:
+@am__fastdepCXX_TRUE@	$(AM_V_CXX)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCXX_TRUE@	$(CXXCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCXX_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCXX_FALSE@	$(AM_V_CXX)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCXX_FALSE@	DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCXX_FALSE@	$(AM_V_CXX@am__nodep@)$(CXXCOMPILE) -c -o $@ $<
+
+.cpp.obj:
+@am__fastdepCXX_TRUE@	$(AM_V_CXX)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCXX_TRUE@	$(CXXCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCXX_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCXX_FALSE@	$(AM_V_CXX)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCXX_FALSE@	DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCXX_FALSE@	$(AM_V_CXX@am__nodep@)$(CXXCOMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.cpp.lo:
+@am__fastdepCXX_TRUE@	$(AM_V_CXX)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCXX_TRUE@	$(LTCXXCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCXX_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCXX_FALSE@	$(AM_V_CXX)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCXX_FALSE@	DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCXX_FALSE@	$(AM_V_CXX@am__nodep@)$(LTCXXCOMPILE) -c -o $@ $<
+
+libgnutlsxx_la-gnutlsxx.lo: gnutlsxx.cpp
+@am__fastdepCXX_TRUE@	$(AM_V_CXX)$(LIBTOOL) $(AM_V_lt) --tag=CXX $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libgnutlsxx_la_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -MT libgnutlsxx_la-gnutlsxx.lo -MD -MP -MF $(DEPDIR)/libgnutlsxx_la-gnutlsxx.Tpo -c -o libgnutlsxx_la-gnutlsxx.lo `test -f 'gnutlsxx.cpp' || echo '$(srcdir)/'`gnutlsxx.cpp
+@am__fastdepCXX_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libgnutlsxx_la-gnutlsxx.Tpo $(DEPDIR)/libgnutlsxx_la-gnutlsxx.Plo
+@AMDEP_TRUE@@am__fastdepCXX_FALSE@	$(AM_V_CXX)source='gnutlsxx.cpp' object='libgnutlsxx_la-gnutlsxx.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCXX_FALSE@	DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCXX_FALSE@	$(AM_V_CXX@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CXX $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libgnutlsxx_la_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -c -o libgnutlsxx_la-gnutlsxx.lo `test -f 'gnutlsxx.cpp' || echo '$(srcdir)/'`gnutlsxx.cpp
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+	-rm -rf inih/.libs inih/_libs
+	-rm -rf system/.libs system/_libs
+	-rm -rf tls13/.libs tls13/_libs
+install-defexecDATA: $(defexec_DATA)
+	@$(NORMAL_INSTALL)
+	@list='$(defexec_DATA)'; test -n "$(defexecdir)" || list=; \
+	if test -n "$$list"; then \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(defexecdir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(defexecdir)" || exit 1; \
+	fi; \
+	for p in $$list; do \
+	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+	  echo "$$d$$p"; \
+	done | $(am__base_list) | \
+	while read files; do \
+	  echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(defexecdir)'"; \
+	  $(INSTALL_DATA) $$files "$(DESTDIR)$(defexecdir)" || exit $$?; \
+	done
+
+uninstall-defexecDATA:
+	@$(NORMAL_UNINSTALL)
+	@list='$(defexec_DATA)'; test -n "$(defexecdir)" || list=; \
+	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+	dir='$(DESTDIR)$(defexecdir)'; $(am__uninstall_files_from_dir)
+install-pkgconfigDATA: $(pkgconfig_DATA)
+	@$(NORMAL_INSTALL)
+	@list='$(pkgconfig_DATA)'; test -n "$(pkgconfigdir)" || list=; \
+	if test -n "$$list"; then \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(pkgconfigdir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(pkgconfigdir)" || exit 1; \
+	fi; \
+	for p in $$list; do \
+	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+	  echo "$$d$$p"; \
+	done | $(am__base_list) | \
+	while read files; do \
+	  echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(pkgconfigdir)'"; \
+	  $(INSTALL_DATA) $$files "$(DESTDIR)$(pkgconfigdir)" || exit $$?; \
+	done
+
+uninstall-pkgconfigDATA:
+	@$(NORMAL_UNINSTALL)
+	@list='$(pkgconfig_DATA)'; test -n "$(pkgconfigdir)" || list=; \
+	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+	dir='$(DESTDIR)$(pkgconfigdir)'; $(am__uninstall_files_from_dir)
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run 'make' without going through this Makefile.
+# To change the values of 'make' variables: instead of editing Makefiles,
+# (1) if the variable is set in 'config.status', edit 'config.status'
+#     (which will cause the Makefiles to be regenerated when you run 'make');
+# (2) otherwise, pass the desired values on the 'make' command line.
+$(am__recursive_targets):
+	@fail=; \
+	if $(am__make_keepgoing); then \
+	  failcom='fail=yes'; \
+	else \
+	  failcom='exit 1'; \
+	fi; \
+	dot_seen=no; \
+	target=`echo $@ | sed s/-recursive//`; \
+	case "$@" in \
+	  distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+	  *) list='$(SUBDIRS)' ;; \
+	esac; \
+	for subdir in $$list; do \
+	  echo "Making $$target in $$subdir"; \
+	  if test "$$subdir" = "."; then \
+	    dot_seen=yes; \
+	    local_target="$$target-am"; \
+	  else \
+	    local_target="$$target"; \
+	  fi; \
+	  ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+	  || eval $$failcom; \
+	done; \
+	if test "$$dot_seen" = "no"; then \
+	  $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+	fi; test -z "$$fail"
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-recursive
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+	  include_option=--etags-include; \
+	  empty_fix=.; \
+	else \
+	  include_option=--include; \
+	  empty_fix=; \
+	fi; \
+	list='$(SUBDIRS)'; for subdir in $$list; do \
+	  if test "$$subdir" = .; then :; else \
+	    test ! -f $$subdir/TAGS || \
+	      set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \
+	  fi; \
+	done; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-recursive
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-recursive
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+	@list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+	  if test "$$subdir" = .; then :; else \
+	    $(am__make_dryrun) \
+	      || test -d "$(distdir)/$$subdir" \
+	      || $(MKDIR_P) "$(distdir)/$$subdir" \
+	      || exit 1; \
+	    dir1=$$subdir; dir2="$(distdir)/$$subdir"; \
+	    $(am__relativize); \
+	    new_distdir=$$reldir; \
+	    dir1=$$subdir; dir2="$(top_distdir)"; \
+	    $(am__relativize); \
+	    new_top_distdir=$$reldir; \
+	    echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \
+	    echo "     am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \
+	    ($(am__cd) $$subdir && \
+	      $(MAKE) $(AM_MAKEFLAGS) \
+	        top_distdir="$$new_top_distdir" \
+	        distdir="$$new_distdir" \
+		am__remove_distdir=: \
+		am__skip_length_check=: \
+		am__skip_mode_fix=: \
+	        distdir) \
+	      || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) check-recursive
+@ENABLE_FIPS140_FALSE@all-local:
+all-am: Makefile $(PROGRAMS) $(LTLIBRARIES) $(DATA) all-local
+installdirs: installdirs-recursive
+installdirs-am:
+	for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(defexecdir)" "$(DESTDIR)$(pkgconfigdir)"; do \
+	  test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+	done
+install: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) install-recursive
+install-exec: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+	-test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+	-rm -f inih/$(DEPDIR)/$(am__dirstamp)
+	-rm -f inih/$(am__dirstamp)
+	-rm -f system/$(DEPDIR)/$(am__dirstamp)
+	-rm -f system/$(am__dirstamp)
+	-rm -f tls13/$(DEPDIR)/$(am__dirstamp)
+	-rm -f tls13/$(am__dirstamp)
+	-test -z "$(DISTCLEANFILES)" || rm -f $(DISTCLEANFILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+	-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
+clean: clean-recursive
+
+clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
+	clean-noinstPROGRAMS mostlyclean-am
+
+distclean: distclean-recursive
+		-rm -f ./$(DEPDIR)/alert.Plo
+	-rm -f ./$(DEPDIR)/anon_cred.Plo
+	-rm -f ./$(DEPDIR)/atfork.Plo
+	-rm -f ./$(DEPDIR)/auth.Plo
+	-rm -f ./$(DEPDIR)/auto-verify.Plo
+	-rm -f ./$(DEPDIR)/buffers.Plo
+	-rm -f ./$(DEPDIR)/cert-cred-rawpk.Plo
+	-rm -f ./$(DEPDIR)/cert-cred-x509.Plo
+	-rm -f ./$(DEPDIR)/cert-cred.Plo
+	-rm -f ./$(DEPDIR)/cert-session.Plo
+	-rm -f ./$(DEPDIR)/cipher-cbc.Plo
+	-rm -f ./$(DEPDIR)/cipher.Plo
+	-rm -f ./$(DEPDIR)/cipher_int.Plo
+	-rm -f ./$(DEPDIR)/compress.Plo
+	-rm -f ./$(DEPDIR)/constate.Plo
+	-rm -f ./$(DEPDIR)/crypto-api.Plo
+	-rm -f ./$(DEPDIR)/crypto-backend.Plo
+	-rm -f ./$(DEPDIR)/crypto-selftests-pk.Plo
+	-rm -f ./$(DEPDIR)/crypto-selftests.Plo
+	-rm -f ./$(DEPDIR)/datum.Plo
+	-rm -f ./$(DEPDIR)/db.Plo
+	-rm -f ./$(DEPDIR)/debug.Plo
+	-rm -f ./$(DEPDIR)/dh-primes.Plo
+	-rm -f ./$(DEPDIR)/dh-session.Plo
+	-rm -f ./$(DEPDIR)/dh.Plo
+	-rm -f ./$(DEPDIR)/dtls-sw.Plo
+	-rm -f ./$(DEPDIR)/dtls.Plo
+	-rm -f ./$(DEPDIR)/ecc.Plo
+	-rm -f ./$(DEPDIR)/errors.Plo
+	-rm -f ./$(DEPDIR)/extv.Plo
+	-rm -f ./$(DEPDIR)/file.Plo
+	-rm -f ./$(DEPDIR)/fingerprint.Plo
+	-rm -f ./$(DEPDIR)/fips.Plo
+	-rm -f ./$(DEPDIR)/fipshmac.Po
+	-rm -f ./$(DEPDIR)/global.Plo
+	-rm -f ./$(DEPDIR)/gnutls_asn1_tab.Plo
+	-rm -f ./$(DEPDIR)/handshake-checks.Plo
+	-rm -f ./$(DEPDIR)/handshake-tls13.Plo
+	-rm -f ./$(DEPDIR)/handshake.Plo
+	-rm -f ./$(DEPDIR)/hash_int.Plo
+	-rm -f ./$(DEPDIR)/hello_ext.Plo
+	-rm -f ./$(DEPDIR)/hello_ext_lib.Plo
+	-rm -f ./$(DEPDIR)/iov.Plo
+	-rm -f ./$(DEPDIR)/kx.Plo
+	-rm -f ./$(DEPDIR)/libgnutlsxx_la-gnutlsxx.Plo
+	-rm -f ./$(DEPDIR)/locks.Plo
+	-rm -f ./$(DEPDIR)/mbuffers.Plo
+	-rm -f ./$(DEPDIR)/mem.Plo
+	-rm -f ./$(DEPDIR)/mpi.Plo
+	-rm -f ./$(DEPDIR)/ocsp-api.Plo
+	-rm -f ./$(DEPDIR)/openpgp_compat.Plo
+	-rm -f ./$(DEPDIR)/pcert.Plo
+	-rm -f ./$(DEPDIR)/pin.Plo
+	-rm -f ./$(DEPDIR)/pk.Plo
+	-rm -f ./$(DEPDIR)/pkcs11.Plo
+	-rm -f ./$(DEPDIR)/pkcs11_int.Plo
+	-rm -f ./$(DEPDIR)/pkcs11_privkey.Plo
+	-rm -f ./$(DEPDIR)/pkcs11_secret.Plo
+	-rm -f ./$(DEPDIR)/pkcs11_write.Plo
+	-rm -f ./$(DEPDIR)/pkcs11x.Plo
+	-rm -f ./$(DEPDIR)/pkix_asn1_tab.Plo
+	-rm -f ./$(DEPDIR)/prf.Plo
+	-rm -f ./$(DEPDIR)/priority.Plo
+	-rm -f ./$(DEPDIR)/privkey.Plo
+	-rm -f ./$(DEPDIR)/privkey_raw.Plo
+	-rm -f ./$(DEPDIR)/profiles.Plo
+	-rm -f ./$(DEPDIR)/psk.Plo
+	-rm -f ./$(DEPDIR)/pubkey.Plo
+	-rm -f ./$(DEPDIR)/random.Plo
+	-rm -f ./$(DEPDIR)/randomart.Plo
+	-rm -f ./$(DEPDIR)/range.Plo
+	-rm -f ./$(DEPDIR)/record.Plo
+	-rm -f ./$(DEPDIR)/safe-memfuncs.Plo
+	-rm -f ./$(DEPDIR)/secrets.Plo
+	-rm -f ./$(DEPDIR)/session.Plo
+	-rm -f ./$(DEPDIR)/session_pack.Plo
+	-rm -f ./$(DEPDIR)/srp.Plo
+	-rm -f ./$(DEPDIR)/sslv2_compat.Plo
+	-rm -f ./$(DEPDIR)/state.Plo
+	-rm -f ./$(DEPDIR)/stek.Plo
+	-rm -f ./$(DEPDIR)/str-iconv.Plo
+	-rm -f ./$(DEPDIR)/str-idna.Plo
+	-rm -f ./$(DEPDIR)/str-unicode.Plo
+	-rm -f ./$(DEPDIR)/str.Plo
+	-rm -f ./$(DEPDIR)/supplemental.Plo
+	-rm -f ./$(DEPDIR)/system.Plo
+	-rm -f ./$(DEPDIR)/system_override.Plo
+	-rm -f ./$(DEPDIR)/tls-sig.Plo
+	-rm -f ./$(DEPDIR)/tls13-sig.Plo
+	-rm -f ./$(DEPDIR)/tpm.Plo
+	-rm -f ./$(DEPDIR)/tpm2.Plo
+	-rm -f ./$(DEPDIR)/tpm2_esys.Plo
+	-rm -f ./$(DEPDIR)/urls.Plo
+	-rm -f ./$(DEPDIR)/verify-tofu.Plo
+	-rm -f ./$(DEPDIR)/vko.Plo
+	-rm -f ./$(DEPDIR)/x509_b64.Plo
+	-rm -f inih/$(DEPDIR)/ini.Plo
+	-rm -f system/$(DEPDIR)/certs.Plo
+	-rm -f system/$(DEPDIR)/fastopen.Plo
+	-rm -f system/$(DEPDIR)/keys-dummy.Plo
+	-rm -f system/$(DEPDIR)/keys-win.Plo
+	-rm -f system/$(DEPDIR)/ktls.Plo
+	-rm -f system/$(DEPDIR)/sockets.Plo
+	-rm -f system/$(DEPDIR)/threads.Plo
+	-rm -f tls13/$(DEPDIR)/anti_replay.Plo
+	-rm -f tls13/$(DEPDIR)/certificate.Plo
+	-rm -f tls13/$(DEPDIR)/certificate_request.Plo
+	-rm -f tls13/$(DEPDIR)/certificate_verify.Plo
+	-rm -f tls13/$(DEPDIR)/early_data.Plo
+	-rm -f tls13/$(DEPDIR)/encrypted_extensions.Plo
+	-rm -f tls13/$(DEPDIR)/finished.Plo
+	-rm -f tls13/$(DEPDIR)/hello_retry.Plo
+	-rm -f tls13/$(DEPDIR)/key_update.Plo
+	-rm -f tls13/$(DEPDIR)/post_handshake.Plo
+	-rm -f tls13/$(DEPDIR)/psk_ext_parser.Plo
+	-rm -f tls13/$(DEPDIR)/session_ticket.Plo
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+html-am:
+
+info: info-recursive
+
+info-am:
+
+install-data-am: install-pkgconfigDATA
+
+install-dvi: install-dvi-recursive
+
+install-dvi-am:
+
+install-exec-am: install-defexecDATA install-libLTLIBRARIES
+
+install-html: install-html-recursive
+
+install-html-am:
+
+install-info: install-info-recursive
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-recursive
+
+install-pdf-am:
+
+install-ps: install-ps-recursive
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+		-rm -f ./$(DEPDIR)/alert.Plo
+	-rm -f ./$(DEPDIR)/anon_cred.Plo
+	-rm -f ./$(DEPDIR)/atfork.Plo
+	-rm -f ./$(DEPDIR)/auth.Plo
+	-rm -f ./$(DEPDIR)/auto-verify.Plo
+	-rm -f ./$(DEPDIR)/buffers.Plo
+	-rm -f ./$(DEPDIR)/cert-cred-rawpk.Plo
+	-rm -f ./$(DEPDIR)/cert-cred-x509.Plo
+	-rm -f ./$(DEPDIR)/cert-cred.Plo
+	-rm -f ./$(DEPDIR)/cert-session.Plo
+	-rm -f ./$(DEPDIR)/cipher-cbc.Plo
+	-rm -f ./$(DEPDIR)/cipher.Plo
+	-rm -f ./$(DEPDIR)/cipher_int.Plo
+	-rm -f ./$(DEPDIR)/compress.Plo
+	-rm -f ./$(DEPDIR)/constate.Plo
+	-rm -f ./$(DEPDIR)/crypto-api.Plo
+	-rm -f ./$(DEPDIR)/crypto-backend.Plo
+	-rm -f ./$(DEPDIR)/crypto-selftests-pk.Plo
+	-rm -f ./$(DEPDIR)/crypto-selftests.Plo
+	-rm -f ./$(DEPDIR)/datum.Plo
+	-rm -f ./$(DEPDIR)/db.Plo
+	-rm -f ./$(DEPDIR)/debug.Plo
+	-rm -f ./$(DEPDIR)/dh-primes.Plo
+	-rm -f ./$(DEPDIR)/dh-session.Plo
+	-rm -f ./$(DEPDIR)/dh.Plo
+	-rm -f ./$(DEPDIR)/dtls-sw.Plo
+	-rm -f ./$(DEPDIR)/dtls.Plo
+	-rm -f ./$(DEPDIR)/ecc.Plo
+	-rm -f ./$(DEPDIR)/errors.Plo
+	-rm -f ./$(DEPDIR)/extv.Plo
+	-rm -f ./$(DEPDIR)/file.Plo
+	-rm -f ./$(DEPDIR)/fingerprint.Plo
+	-rm -f ./$(DEPDIR)/fips.Plo
+	-rm -f ./$(DEPDIR)/fipshmac.Po
+	-rm -f ./$(DEPDIR)/global.Plo
+	-rm -f ./$(DEPDIR)/gnutls_asn1_tab.Plo
+	-rm -f ./$(DEPDIR)/handshake-checks.Plo
+	-rm -f ./$(DEPDIR)/handshake-tls13.Plo
+	-rm -f ./$(DEPDIR)/handshake.Plo
+	-rm -f ./$(DEPDIR)/hash_int.Plo
+	-rm -f ./$(DEPDIR)/hello_ext.Plo
+	-rm -f ./$(DEPDIR)/hello_ext_lib.Plo
+	-rm -f ./$(DEPDIR)/iov.Plo
+	-rm -f ./$(DEPDIR)/kx.Plo
+	-rm -f ./$(DEPDIR)/libgnutlsxx_la-gnutlsxx.Plo
+	-rm -f ./$(DEPDIR)/locks.Plo
+	-rm -f ./$(DEPDIR)/mbuffers.Plo
+	-rm -f ./$(DEPDIR)/mem.Plo
+	-rm -f ./$(DEPDIR)/mpi.Plo
+	-rm -f ./$(DEPDIR)/ocsp-api.Plo
+	-rm -f ./$(DEPDIR)/openpgp_compat.Plo
+	-rm -f ./$(DEPDIR)/pcert.Plo
+	-rm -f ./$(DEPDIR)/pin.Plo
+	-rm -f ./$(DEPDIR)/pk.Plo
+	-rm -f ./$(DEPDIR)/pkcs11.Plo
+	-rm -f ./$(DEPDIR)/pkcs11_int.Plo
+	-rm -f ./$(DEPDIR)/pkcs11_privkey.Plo
+	-rm -f ./$(DEPDIR)/pkcs11_secret.Plo
+	-rm -f ./$(DEPDIR)/pkcs11_write.Plo
+	-rm -f ./$(DEPDIR)/pkcs11x.Plo
+	-rm -f ./$(DEPDIR)/pkix_asn1_tab.Plo
+	-rm -f ./$(DEPDIR)/prf.Plo
+	-rm -f ./$(DEPDIR)/priority.Plo
+	-rm -f ./$(DEPDIR)/privkey.Plo
+	-rm -f ./$(DEPDIR)/privkey_raw.Plo
+	-rm -f ./$(DEPDIR)/profiles.Plo
+	-rm -f ./$(DEPDIR)/psk.Plo
+	-rm -f ./$(DEPDIR)/pubkey.Plo
+	-rm -f ./$(DEPDIR)/random.Plo
+	-rm -f ./$(DEPDIR)/randomart.Plo
+	-rm -f ./$(DEPDIR)/range.Plo
+	-rm -f ./$(DEPDIR)/record.Plo
+	-rm -f ./$(DEPDIR)/safe-memfuncs.Plo
+	-rm -f ./$(DEPDIR)/secrets.Plo
+	-rm -f ./$(DEPDIR)/session.Plo
+	-rm -f ./$(DEPDIR)/session_pack.Plo
+	-rm -f ./$(DEPDIR)/srp.Plo
+	-rm -f ./$(DEPDIR)/sslv2_compat.Plo
+	-rm -f ./$(DEPDIR)/state.Plo
+	-rm -f ./$(DEPDIR)/stek.Plo
+	-rm -f ./$(DEPDIR)/str-iconv.Plo
+	-rm -f ./$(DEPDIR)/str-idna.Plo
+	-rm -f ./$(DEPDIR)/str-unicode.Plo
+	-rm -f ./$(DEPDIR)/str.Plo
+	-rm -f ./$(DEPDIR)/supplemental.Plo
+	-rm -f ./$(DEPDIR)/system.Plo
+	-rm -f ./$(DEPDIR)/system_override.Plo
+	-rm -f ./$(DEPDIR)/tls-sig.Plo
+	-rm -f ./$(DEPDIR)/tls13-sig.Plo
+	-rm -f ./$(DEPDIR)/tpm.Plo
+	-rm -f ./$(DEPDIR)/tpm2.Plo
+	-rm -f ./$(DEPDIR)/tpm2_esys.Plo
+	-rm -f ./$(DEPDIR)/urls.Plo
+	-rm -f ./$(DEPDIR)/verify-tofu.Plo
+	-rm -f ./$(DEPDIR)/vko.Plo
+	-rm -f ./$(DEPDIR)/x509_b64.Plo
+	-rm -f inih/$(DEPDIR)/ini.Plo
+	-rm -f system/$(DEPDIR)/certs.Plo
+	-rm -f system/$(DEPDIR)/fastopen.Plo
+	-rm -f system/$(DEPDIR)/keys-dummy.Plo
+	-rm -f system/$(DEPDIR)/keys-win.Plo
+	-rm -f system/$(DEPDIR)/ktls.Plo
+	-rm -f system/$(DEPDIR)/sockets.Plo
+	-rm -f system/$(DEPDIR)/threads.Plo
+	-rm -f tls13/$(DEPDIR)/anti_replay.Plo
+	-rm -f tls13/$(DEPDIR)/certificate.Plo
+	-rm -f tls13/$(DEPDIR)/certificate_request.Plo
+	-rm -f tls13/$(DEPDIR)/certificate_verify.Plo
+	-rm -f tls13/$(DEPDIR)/early_data.Plo
+	-rm -f tls13/$(DEPDIR)/encrypted_extensions.Plo
+	-rm -f tls13/$(DEPDIR)/finished.Plo
+	-rm -f tls13/$(DEPDIR)/hello_retry.Plo
+	-rm -f tls13/$(DEPDIR)/key_update.Plo
+	-rm -f tls13/$(DEPDIR)/post_handshake.Plo
+	-rm -f tls13/$(DEPDIR)/psk_ext_parser.Plo
+	-rm -f tls13/$(DEPDIR)/session_ticket.Plo
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am: uninstall-defexecDATA uninstall-libLTLIBRARIES \
+	uninstall-pkgconfigDATA
+
+.MAKE: $(am__recursive_targets) all check install install-am \
+	install-exec install-strip
+
+.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am all-local \
+	am--depfiles check check-am clean clean-generic \
+	clean-libLTLIBRARIES clean-libtool clean-noinstPROGRAMS \
+	cscopelist-am ctags ctags-am distclean distclean-compile \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-defexecDATA install-dvi \
+	install-dvi-am install-exec install-exec-am install-html \
+	install-html-am install-info install-info-am \
+	install-libLTLIBRARIES install-man install-pdf install-pdf-am \
+	install-pkgconfigDATA install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs installdirs-am \
+	maintainer-clean maintainer-clean-generic mostlyclean \
+	mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+	pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
+	uninstall-defexecDATA uninstall-libLTLIBRARIES \
+	uninstall-pkgconfigDATA
+
+.PRECIOUS: Makefile
+
+	$(LIBZSTD_CFLAGS)
+
+@ENABLE_FIPS140_TRUE@all-local: $(hmac_files)
+
+@ENABLE_FIPS140_TRUE@.libs/.gnutls.hmac: libgnutls.la fipshmac
+@ENABLE_FIPS140_TRUE@	$(AM_V_GEN) $(builddir)/fipshmac > $@-t && mv $@-t $@
+@HAVE_LD_OUTPUT_DEF_TRUE@libgnutls-$(DLL_VERSION).def: libgnutls.la
+
+pkix_asn1_tab.c: $(srcdir)/pkix.asn
+	$(AM_V_GEN)$(ASN1PARSER) $(srcdir)/pkix.asn pkix_asn1_tab.c
+
+gnutls_asn1_tab.c: $(srcdir)/gnutls.asn
+	$(AM_V_GEN)$(ASN1PARSER) $(srcdir)/gnutls.asn gnutls_asn1_tab.c
+
+priority_options.h: $(srcdir)/priority_options.gperf
+	$(V_GPERF)$(GPERF) --global-table -t $^ > $@-tmp \
+	&& sed 's/^const struct priority_options_st \*/static const struct priority_options_st \*/' <$@-tmp >$@ \
+	&& rm -f $@-tmp
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/lib/README b/lib/README
new file mode 100644
index 0000000..bd05f4d
--- /dev/null
+++ b/lib/README
@@ -0,0 +1,13 @@
+ext/         -> Implementation of TLS extensions
+auth/        -> Implementation of TLS authentication methods (DHE, SRP etc.)
+accelerated/ -> Implementation of cipher acceleration
+
+Certificate support:
+x509/        -> Implementation of GnuTLS X.509 certificate support (and more)
+openpgp/     -> Implementation of GnuTLS openpgp support
+opencdk/     -> Implementation of low level openpgp packet parsing
+minitasn1    -> ASN.1 structure parsing library
+
+Crypto backends:
+nettle/ ->   -> The nettle crypto back-end
+gcrypt/ ->   -> The libgcrypt crypto back-end
diff --git a/lib/abstract_int.h b/lib/abstract_int.h
new file mode 100644
index 0000000..cc839cc
--- /dev/null
+++ b/lib/abstract_int.h
@@ -0,0 +1,129 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_ABSTRACT_INT_H
+#define GNUTLS_LIB_ABSTRACT_INT_H
+
+#include <gnutls/abstract.h>
+
+typedef int (*gnutls_privkey_pk_params_func) (gnutls_privkey_t key,
+					      void *userdata,
+					      gnutls_pk_params_st *params);
+
+struct gnutls_privkey_st {
+	gnutls_privkey_type_t type;
+	gnutls_pk_algorithm_t pk_algorithm;
+
+	union {
+		gnutls_x509_privkey_t x509;
+#ifdef ENABLE_PKCS11
+		gnutls_pkcs11_privkey_t pkcs11;
+#endif
+		struct {
+			gnutls_privkey_sign_func sign_func; /* raw like TLS 1.x */
+			gnutls_privkey_sign_data_func sign_data_func;
+			gnutls_privkey_sign_hash_func sign_hash_func;
+			gnutls_privkey_decrypt_func decrypt_func;
+			gnutls_privkey_decrypt_func2 decrypt_func2;
+			gnutls_privkey_deinit_func deinit_func;
+			gnutls_privkey_info_func info_func;
+			gnutls_privkey_pk_params_func pk_params_func;
+			void *userdata;
+			unsigned bits;
+		} ext;
+	} key;
+
+	unsigned int flags;
+	struct pin_info_st pin;
+};
+
+struct gnutls_pubkey_st {
+	unsigned int bits;	/* an indication of the security parameter */
+
+	/* the size of params depends on the public
+	 * key algorithm
+	 * RSA: [0] is modulus
+	 *      [1] is public exponent
+	 * DSA: [0] is p
+	 *      [1] is q
+	 *      [2] is g
+	 *      [3] is public key
+	 */
+	gnutls_pk_params_st params;
+
+	unsigned int key_usage;	/* bits from GNUTLS_KEY_* */
+
+	struct pin_info_st pin;
+};
+
+int _gnutls_privkey_get_public_mpis(gnutls_privkey_t key,
+				    gnutls_pk_params_st *);
+
+int _gnutls_privkey_get_spki_params(gnutls_privkey_t key,
+				    gnutls_x509_spki_st * params);
+int _gnutls_privkey_update_spki_params(gnutls_privkey_t key,
+				     gnutls_pk_algorithm_t pk,
+				     gnutls_digest_algorithm_t dig,
+				     unsigned flags,
+				     gnutls_x509_spki_st *params);
+
+unsigned _gnutls_privkey_compatible_with_sig(gnutls_privkey_t key, gnutls_sign_algorithm_t sig);
+
+void _gnutls_privkey_cleanup(gnutls_privkey_t key);
+
+int privkey_sign_and_hash_data(gnutls_privkey_t signer,
+			       const gnutls_sign_entry_st *se,
+			       const gnutls_datum_t * data,
+			       gnutls_datum_t * signature,
+			       gnutls_x509_spki_st *params);
+int
+privkey_sign_raw_data(gnutls_privkey_t key,
+		      const gnutls_sign_entry_st *se,
+		      const gnutls_datum_t * data,
+		      gnutls_datum_t * signature,
+		      gnutls_x509_spki_st * params);
+
+unsigned pubkey_to_bits(const gnutls_pk_params_st * params);
+int _gnutls_pubkey_compatible_with_sig(gnutls_session_t,
+				       gnutls_pubkey_t pubkey,
+				       const version_entry_st * ver,
+				       gnutls_sign_algorithm_t sign);
+int
+_gnutls_pubkey_get_mpis(gnutls_pubkey_t key, gnutls_pk_params_st * params);
+
+int pubkey_verify_data(const gnutls_sign_entry_st *se,
+		       const mac_entry_st *me,
+		       const gnutls_datum_t * data,
+		       const gnutls_datum_t * signature,
+		       gnutls_pk_params_st * params,
+		       gnutls_x509_spki_st * sign_params,
+		       unsigned vflags);
+
+
+
+const mac_entry_st *_gnutls_dsa_q_to_hash(const gnutls_pk_params_st *
+					  params, unsigned int *hash_len);
+
+int
+_gnutls_privkey_get_mpis(gnutls_privkey_t key, gnutls_pk_params_st * params);
+
+#endif /* GNUTLS_LIB_ABSTRACT_INT_H */
diff --git a/lib/accelerated/Makefile.am b/lib/accelerated/Makefile.am
new file mode 100644
index 0000000..a7f8e5a
--- /dev/null
+++ b/lib/accelerated/Makefile.am
@@ -0,0 +1,67 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2011-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GNUTLS.
+#
+# The GNUTLS library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GNUTLS library is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+include $(top_srcdir)/lib/common.mk
+
+SUBDIRS = 
+AM_CPPFLAGS = \
+	-I$(srcdir)/../../gl		\
+	-I$(builddir)/../../gl		\
+	-I$(srcdir)/../includes		\
+	-I$(builddir)/../../gl		\
+	-I$(builddir)/../includes	\
+	-I$(srcdir)/..
+
+if ENABLE_MINITASN1
+AM_CPPFLAGS += -I$(srcdir)/../minitasn1
+endif
+
+noinst_LTLIBRARIES = libaccelerated.la
+
+EXTRA_DIST = accelerated.h cryptodev.h afalg.h
+libaccelerated_la_SOURCES = accelerated.c cryptodev.c cryptodev-gcm.c afalg.c
+libaccelerated_la_LIBADD =
+
+if ENABLE_NETTLE
+if ASM_X86
+SUBDIRS += x86
+AM_CFLAGS += -DASM_X86
+libaccelerated_la_LIBADD += x86/libx86.la
+endif
+
+if ASM_AARCH64
+SUBDIRS += aarch64
+AM_CFLAGS += -DASM_AARCH64
+libaccelerated_la_LIBADD += aarch64/libaarch64.la
+endif
+endif
+
+if ASM_X86_32
+AM_CFLAGS += -DASM_X86_32
+endif
+
+if ASM_X86_64
+AM_CFLAGS += -DASM_X86_64
+endif
+
+if ENABLE_AFALG
+AM_CPPFLAGS += $(LIBKCAPI_CFLAGS)
+libaccelerated_la_LIBADD += $(LIBKCAPI_LIBS)
+endif
diff --git a/lib/accelerated/Makefile.in b/lib/accelerated/Makefile.in
new file mode 100644
index 0000000..03b6ad8
--- /dev/null
+++ b/lib/accelerated/Makefile.in
@@ -0,0 +1,2534 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2011-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GNUTLS.
+#
+# The GNUTLS library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GNUTLS library is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@ENABLE_MINITASN1_TRUE@am__append_1 = -I$(srcdir)/../minitasn1
+@ASM_X86_TRUE@@ENABLE_NETTLE_TRUE@am__append_2 = x86
+@ASM_X86_TRUE@@ENABLE_NETTLE_TRUE@am__append_3 = -DASM_X86
+@ASM_X86_TRUE@@ENABLE_NETTLE_TRUE@am__append_4 = x86/libx86.la
+@ASM_AARCH64_TRUE@@ENABLE_NETTLE_TRUE@am__append_5 = aarch64
+@ASM_AARCH64_TRUE@@ENABLE_NETTLE_TRUE@am__append_6 = -DASM_AARCH64
+@ASM_AARCH64_TRUE@@ENABLE_NETTLE_TRUE@am__append_7 = aarch64/libaarch64.la
+@ASM_X86_32_TRUE@am__append_8 = -DASM_X86_32
+@ASM_X86_64_TRUE@am__append_9 = -DASM_X86_64
+@ENABLE_AFALG_TRUE@am__append_10 = $(LIBKCAPI_CFLAGS)
+@ENABLE_AFALG_TRUE@am__append_11 = $(LIBKCAPI_LIBS)
+subdir = lib/accelerated
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+LTLIBRARIES = $(noinst_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+@ENABLE_AFALG_TRUE@am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1)
+libaccelerated_la_DEPENDENCIES = $(am__append_4) $(am__append_7) \
+	$(am__DEPENDENCIES_2)
+am_libaccelerated_la_OBJECTS = accelerated.lo cryptodev.lo \
+	cryptodev-gcm.lo afalg.lo
+libaccelerated_la_OBJECTS = $(am_libaccelerated_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/accelerated.Plo \
+	./$(DEPDIR)/afalg.Plo ./$(DEPDIR)/cryptodev-gcm.Plo \
+	./$(DEPDIR)/cryptodev.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+SOURCES = $(libaccelerated_la_SOURCES)
+DIST_SOURCES = $(libaccelerated_la_SOURCES)
+RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \
+	ctags-recursive dvi-recursive html-recursive info-recursive \
+	install-data-recursive install-dvi-recursive \
+	install-exec-recursive install-html-recursive \
+	install-info-recursive install-pdf-recursive \
+	install-ps-recursive install-recursive installcheck-recursive \
+	installdirs-recursive pdf-recursive ps-recursive \
+	tags-recursive uninstall-recursive
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive	\
+  distclean-recursive maintainer-clean-recursive
+am__recursive_targets = \
+  $(RECURSIVE_TARGETS) \
+  $(RECURSIVE_CLEAN_TARGETS) \
+  $(am__extra_recursive_targets)
+AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
+	distdir distdir-am
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+DIST_SUBDIRS = x86 aarch64
+am__DIST_COMMON = $(srcdir)/Makefile.in \
+	$(top_srcdir)/build-aux/depcomp $(top_srcdir)/lib/common.mk
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+am__relativize = \
+  dir0=`pwd`; \
+  sed_first='s,^\([^/]*\)/.*$$,\1,'; \
+  sed_rest='s,^[^/]*/*,,'; \
+  sed_last='s,^.*/\([^/]*\)$$,\1,'; \
+  sed_butlast='s,/*[^/]*$$,,'; \
+  while test -n "$$dir1"; do \
+    first=`echo "$$dir1" | sed -e "$$sed_first"`; \
+    if test "$$first" != "."; then \
+      if test "$$first" = ".."; then \
+        dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \
+        dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \
+      else \
+        first2=`echo "$$dir2" | sed -e "$$sed_first"`; \
+        if test "$$first2" = "$$first"; then \
+          dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \
+        else \
+          dir2="../$$dir2"; \
+        fi; \
+        dir0="$$dir0"/"$$first"; \
+      fi; \
+    fi; \
+    dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \
+  done; \
+  reldir="$$dir2"
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = @GPERF@
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+AM_CFLAGS = $(WERROR_CFLAGS) $(WSTACK_CFLAGS) $(WARN_CFLAGS) \
+	$(NETTLE_CFLAGS) $(LIBTASN1_CFLAGS) $(LIBIDN2_CFLAGS) \
+	$(P11_KIT_CFLAGS) $(LIBZSTD_CFLAGS) $(CODE_COVERAGE_CFLAGS) \
+	$(am__append_3) $(am__append_6) $(am__append_8) \
+	$(am__append_9)
+COMMON_LINK_FLAGS = $(CODE_COVERAGE_LDFLAGS)
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
+SUBDIRS = $(am__append_2) $(am__append_5)
+AM_CPPFLAGS = -I$(srcdir)/../../gl -I$(builddir)/../../gl \
+	-I$(srcdir)/../includes -I$(builddir)/../../gl \
+	-I$(builddir)/../includes -I$(srcdir)/.. $(am__append_1) \
+	$(am__append_10)
+noinst_LTLIBRARIES = libaccelerated.la
+EXTRA_DIST = accelerated.h cryptodev.h afalg.h
+libaccelerated_la_SOURCES = accelerated.c cryptodev.c cryptodev-gcm.c afalg.c
+libaccelerated_la_LIBADD = $(am__append_4) $(am__append_7) \
+	$(am__append_11)
+all: all-recursive
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/lib/common.mk $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/accelerated/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign lib/accelerated/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+$(top_srcdir)/lib/common.mk $(am__empty):
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+	-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+	@list='$(noinst_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+
+libaccelerated.la: $(libaccelerated_la_OBJECTS) $(libaccelerated_la_DEPENDENCIES) $(EXTRA_libaccelerated_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(LINK)  $(libaccelerated_la_OBJECTS) $(libaccelerated_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/accelerated.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/afalg.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cryptodev-gcm.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cryptodev.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run 'make' without going through this Makefile.
+# To change the values of 'make' variables: instead of editing Makefiles,
+# (1) if the variable is set in 'config.status', edit 'config.status'
+#     (which will cause the Makefiles to be regenerated when you run 'make');
+# (2) otherwise, pass the desired values on the 'make' command line.
+$(am__recursive_targets):
+	@fail=; \
+	if $(am__make_keepgoing); then \
+	  failcom='fail=yes'; \
+	else \
+	  failcom='exit 1'; \
+	fi; \
+	dot_seen=no; \
+	target=`echo $@ | sed s/-recursive//`; \
+	case "$@" in \
+	  distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+	  *) list='$(SUBDIRS)' ;; \
+	esac; \
+	for subdir in $$list; do \
+	  echo "Making $$target in $$subdir"; \
+	  if test "$$subdir" = "."; then \
+	    dot_seen=yes; \
+	    local_target="$$target-am"; \
+	  else \
+	    local_target="$$target"; \
+	  fi; \
+	  ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+	  || eval $$failcom; \
+	done; \
+	if test "$$dot_seen" = "no"; then \
+	  $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+	fi; test -z "$$fail"
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-recursive
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+	  include_option=--etags-include; \
+	  empty_fix=.; \
+	else \
+	  include_option=--include; \
+	  empty_fix=; \
+	fi; \
+	list='$(SUBDIRS)'; for subdir in $$list; do \
+	  if test "$$subdir" = .; then :; else \
+	    test ! -f $$subdir/TAGS || \
+	      set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \
+	  fi; \
+	done; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-recursive
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-recursive
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+	@list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+	  if test "$$subdir" = .; then :; else \
+	    $(am__make_dryrun) \
+	      || test -d "$(distdir)/$$subdir" \
+	      || $(MKDIR_P) "$(distdir)/$$subdir" \
+	      || exit 1; \
+	    dir1=$$subdir; dir2="$(distdir)/$$subdir"; \
+	    $(am__relativize); \
+	    new_distdir=$$reldir; \
+	    dir1=$$subdir; dir2="$(top_distdir)"; \
+	    $(am__relativize); \
+	    new_top_distdir=$$reldir; \
+	    echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \
+	    echo "     am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \
+	    ($(am__cd) $$subdir && \
+	      $(MAKE) $(AM_MAKEFLAGS) \
+	        top_distdir="$$new_top_distdir" \
+	        distdir="$$new_distdir" \
+		am__remove_distdir=: \
+		am__skip_length_check=: \
+		am__skip_mode_fix=: \
+	        distdir) \
+	      || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-recursive
+all-am: Makefile $(LTLIBRARIES)
+installdirs: installdirs-recursive
+installdirs-am:
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-recursive
+
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	mostlyclean-am
+
+distclean: distclean-recursive
+		-rm -f ./$(DEPDIR)/accelerated.Plo
+	-rm -f ./$(DEPDIR)/afalg.Plo
+	-rm -f ./$(DEPDIR)/cryptodev-gcm.Plo
+	-rm -f ./$(DEPDIR)/cryptodev.Plo
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+html-am:
+
+info: info-recursive
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-recursive
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-recursive
+
+install-html-am:
+
+install-info: install-info-recursive
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-recursive
+
+install-pdf-am:
+
+install-ps: install-ps-recursive
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+		-rm -f ./$(DEPDIR)/accelerated.Plo
+	-rm -f ./$(DEPDIR)/afalg.Plo
+	-rm -f ./$(DEPDIR)/cryptodev-gcm.Plo
+	-rm -f ./$(DEPDIR)/cryptodev.Plo
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: $(am__recursive_targets) install-am install-strip
+
+.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \
+	am--depfiles check check-am clean clean-generic clean-libtool \
+	clean-noinstLTLIBRARIES cscopelist-am ctags ctags-am distclean \
+	distclean-compile distclean-generic distclean-libtool \
+	distclean-tags distdir dvi dvi-am html html-am info info-am \
+	install install-am install-data install-data-am install-dvi \
+	install-dvi-am install-exec install-exec-am install-html \
+	install-html-am install-info install-info-am install-man \
+	install-pdf install-pdf-am install-ps install-ps-am \
+	install-strip installcheck installcheck-am installdirs \
+	installdirs-am maintainer-clean maintainer-clean-generic \
+	mostlyclean mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
+	uninstall-am
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/lib/accelerated/aarch64/Makefile.am b/lib/accelerated/aarch64/Makefile.am
new file mode 100644
index 0000000..aa2cc30
--- /dev/null
+++ b/lib/accelerated/aarch64/Makefile.am
@@ -0,0 +1,52 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2011-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GNUTLS.
+#
+# The GNUTLS library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GNUTLS library is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+AM_LIBTOOLFLAGS=--tag=CC
+
+include $(top_srcdir)/lib/common.mk
+
+AM_CPPFLAGS = -I$(srcdir)/../../../gl		\
+	-I$(builddir)/../../../gl		\
+	-I$(srcdir)/../../includes	\
+	-I$(builddir)/../../includes	\
+	-I$(srcdir)/../../ \
+	-I$(srcdir)/../
+
+if ENABLE_MINITASN1
+AM_CPPFLAGS += -I$(srcdir)/../../minitasn1
+endif
+
+#ensure that we have all aarch64 instruction sets enabled for the assembler
+AM_CCASFLAGS = $(AARCH64_CCASFLAGS)
+
+EXTRA_DIST = README
+
+noinst_LTLIBRARIES = libaarch64.la
+
+libaarch64_la_SOURCES = aarch64-common.c aarch64-common.h sha-aarch64.h sha-aarch64.c \
+	hmac-sha-aarch64.c aes-cbc-aarch64.c aes-gcm-aarch64.c aes-aarch64.h aes-ccm-aarch64.c
+
+if MACOSX
+libaarch64_la_SOURCES += macosx/sha1-armv8.s macosx/sha512-armv8.s macosx/sha256-armv8.s \
+	macosx/aes-aarch64.s macosx/ghash-aarch64.s
+else
+libaarch64_la_SOURCES += elf/sha1-armv8.s elf/sha512-armv8.s elf/sha256-armv8.s \
+	elf/aes-aarch64.s elf/ghash-aarch64.s
+endif
diff --git a/lib/accelerated/aarch64/Makefile.in b/lib/accelerated/aarch64/Makefile.in
new file mode 100644
index 0000000..a987c23
--- /dev/null
+++ b/lib/accelerated/aarch64/Makefile.in
@@ -0,0 +1,2492 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2011-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GNUTLS.
+#
+# The GNUTLS library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GNUTLS library is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@ENABLE_MINITASN1_TRUE@am__append_1 = -I$(srcdir)/../../minitasn1
+@MACOSX_TRUE@am__append_2 = macosx/sha1-armv8.s macosx/sha512-armv8.s macosx/sha256-armv8.s \
+@MACOSX_TRUE@	macosx/aes-aarch64.s macosx/ghash-aarch64.s
+
+@MACOSX_FALSE@am__append_3 = elf/sha1-armv8.s elf/sha512-armv8.s elf/sha256-armv8.s \
+@MACOSX_FALSE@	elf/aes-aarch64.s elf/ghash-aarch64.s
+
+subdir = lib/accelerated/aarch64
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+LTLIBRARIES = $(noinst_LTLIBRARIES)
+libaarch64_la_LIBADD =
+am__libaarch64_la_SOURCES_DIST = aarch64-common.c aarch64-common.h \
+	sha-aarch64.h sha-aarch64.c hmac-sha-aarch64.c \
+	aes-cbc-aarch64.c aes-gcm-aarch64.c aes-aarch64.h \
+	aes-ccm-aarch64.c macosx/sha1-armv8.s macosx/sha512-armv8.s \
+	macosx/sha256-armv8.s macosx/aes-aarch64.s \
+	macosx/ghash-aarch64.s elf/sha1-armv8.s elf/sha512-armv8.s \
+	elf/sha256-armv8.s elf/aes-aarch64.s elf/ghash-aarch64.s
+am__dirstamp = $(am__leading_dot)dirstamp
+@MACOSX_TRUE@am__objects_1 = macosx/sha1-armv8.lo \
+@MACOSX_TRUE@	macosx/sha512-armv8.lo macosx/sha256-armv8.lo \
+@MACOSX_TRUE@	macosx/aes-aarch64.lo macosx/ghash-aarch64.lo
+@MACOSX_FALSE@am__objects_2 = elf/sha1-armv8.lo elf/sha512-armv8.lo \
+@MACOSX_FALSE@	elf/sha256-armv8.lo elf/aes-aarch64.lo \
+@MACOSX_FALSE@	elf/ghash-aarch64.lo
+am_libaarch64_la_OBJECTS = aarch64-common.lo sha-aarch64.lo \
+	hmac-sha-aarch64.lo aes-cbc-aarch64.lo aes-gcm-aarch64.lo \
+	aes-ccm-aarch64.lo $(am__objects_1) $(am__objects_2)
+libaarch64_la_OBJECTS = $(am_libaarch64_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/aarch64-common.Plo \
+	./$(DEPDIR)/aes-cbc-aarch64.Plo \
+	./$(DEPDIR)/aes-ccm-aarch64.Plo \
+	./$(DEPDIR)/aes-gcm-aarch64.Plo \
+	./$(DEPDIR)/hmac-sha-aarch64.Plo ./$(DEPDIR)/sha-aarch64.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+CCASCOMPILE = $(CCAS) $(AM_CCASFLAGS) $(CCASFLAGS)
+LTCCASCOMPILE = $(LIBTOOL) $(AM_V_lt) $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CCAS) $(AM_CCASFLAGS) \
+	$(CCASFLAGS)
+AM_V_CCAS = $(am__v_CCAS_@AM_V@)
+am__v_CCAS_ = $(am__v_CCAS_@AM_DEFAULT_V@)
+am__v_CCAS_0 = @echo "  CCAS    " $@;
+am__v_CCAS_1 = 
+SOURCES = $(libaarch64_la_SOURCES)
+DIST_SOURCES = $(am__libaarch64_la_SOURCES_DIST)
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in \
+	$(top_srcdir)/build-aux/depcomp $(top_srcdir)/lib/common.mk \
+	README
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = @GPERF@
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+AM_LIBTOOLFLAGS = --tag=CC
+AM_CFLAGS = $(WERROR_CFLAGS) $(WSTACK_CFLAGS) $(WARN_CFLAGS) $(NETTLE_CFLAGS) \
+  $(LIBTASN1_CFLAGS) $(LIBIDN2_CFLAGS) $(P11_KIT_CFLAGS) $(LIBZSTD_CFLAGS) \
+  $(CODE_COVERAGE_CFLAGS)
+
+COMMON_LINK_FLAGS = $(CODE_COVERAGE_LDFLAGS)
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
+AM_CPPFLAGS = -I$(srcdir)/../../../gl -I$(builddir)/../../../gl \
+	-I$(srcdir)/../../includes -I$(builddir)/../../includes \
+	-I$(srcdir)/../../ -I$(srcdir)/../ $(am__append_1)
+
+#ensure that we have all aarch64 instruction sets enabled for the assembler
+AM_CCASFLAGS = $(AARCH64_CCASFLAGS)
+EXTRA_DIST = README
+noinst_LTLIBRARIES = libaarch64.la
+libaarch64_la_SOURCES = aarch64-common.c aarch64-common.h \
+	sha-aarch64.h sha-aarch64.c hmac-sha-aarch64.c \
+	aes-cbc-aarch64.c aes-gcm-aarch64.c aes-aarch64.h \
+	aes-ccm-aarch64.c $(am__append_2) $(am__append_3)
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj .s
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/lib/common.mk $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/accelerated/aarch64/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign lib/accelerated/aarch64/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+$(top_srcdir)/lib/common.mk $(am__empty):
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+	-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+	@list='$(noinst_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+macosx/$(am__dirstamp):
+	@$(MKDIR_P) macosx
+	@: > macosx/$(am__dirstamp)
+macosx/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) macosx/$(DEPDIR)
+	@: > macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/sha1-armv8.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/sha512-armv8.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/sha256-armv8.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/aes-aarch64.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/ghash-aarch64.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+elf/$(am__dirstamp):
+	@$(MKDIR_P) elf
+	@: > elf/$(am__dirstamp)
+elf/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) elf/$(DEPDIR)
+	@: > elf/$(DEPDIR)/$(am__dirstamp)
+elf/sha1-armv8.lo: elf/$(am__dirstamp) elf/$(DEPDIR)/$(am__dirstamp)
+elf/sha512-armv8.lo: elf/$(am__dirstamp) elf/$(DEPDIR)/$(am__dirstamp)
+elf/sha256-armv8.lo: elf/$(am__dirstamp) elf/$(DEPDIR)/$(am__dirstamp)
+elf/aes-aarch64.lo: elf/$(am__dirstamp) elf/$(DEPDIR)/$(am__dirstamp)
+elf/ghash-aarch64.lo: elf/$(am__dirstamp) \
+	elf/$(DEPDIR)/$(am__dirstamp)
+
+libaarch64.la: $(libaarch64_la_OBJECTS) $(libaarch64_la_DEPENDENCIES) $(EXTRA_libaarch64_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(LINK)  $(libaarch64_la_OBJECTS) $(libaarch64_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+	-rm -f elf/*.$(OBJEXT)
+	-rm -f elf/*.lo
+	-rm -f macosx/*.$(OBJEXT)
+	-rm -f macosx/*.lo
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aarch64-common.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes-cbc-aarch64.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes-ccm-aarch64.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes-gcm-aarch64.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hmac-sha-aarch64.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha-aarch64.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+.s.o:
+	$(AM_V_CCAS)$(CCASCOMPILE) -c -o $@ $<
+
+.s.obj:
+	$(AM_V_CCAS)$(CCASCOMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.s.lo:
+	$(AM_V_CCAS)$(LTCCASCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+	-rm -rf elf/.libs elf/_libs
+	-rm -rf macosx/.libs macosx/_libs
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+	-rm -f elf/$(DEPDIR)/$(am__dirstamp)
+	-rm -f elf/$(am__dirstamp)
+	-rm -f macosx/$(DEPDIR)/$(am__dirstamp)
+	-rm -f macosx/$(am__dirstamp)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	mostlyclean-am
+
+distclean: distclean-am
+		-rm -f ./$(DEPDIR)/aarch64-common.Plo
+	-rm -f ./$(DEPDIR)/aes-cbc-aarch64.Plo
+	-rm -f ./$(DEPDIR)/aes-ccm-aarch64.Plo
+	-rm -f ./$(DEPDIR)/aes-gcm-aarch64.Plo
+	-rm -f ./$(DEPDIR)/hmac-sha-aarch64.Plo
+	-rm -f ./$(DEPDIR)/sha-aarch64.Plo
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+		-rm -f ./$(DEPDIR)/aarch64-common.Plo
+	-rm -f ./$(DEPDIR)/aes-cbc-aarch64.Plo
+	-rm -f ./$(DEPDIR)/aes-ccm-aarch64.Plo
+	-rm -f ./$(DEPDIR)/aes-gcm-aarch64.Plo
+	-rm -f ./$(DEPDIR)/hmac-sha-aarch64.Plo
+	-rm -f ./$(DEPDIR)/sha-aarch64.Plo
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+	clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	cscopelist-am ctags ctags-am distclean distclean-compile \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man install-pdf \
+	install-pdf-am install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-am uninstall uninstall-am
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/lib/accelerated/aarch64/README b/lib/accelerated/aarch64/README
new file mode 100644
index 0000000..3a84404
--- /dev/null
+++ b/lib/accelerated/aarch64/README
@@ -0,0 +1,4 @@
+The aarch64 implementations by Andy Polyakov are not part of the
+GnuTLS library, but are used with GnuTLS. Their license is included in
+../x86/license.txt.
+
diff --git a/lib/accelerated/aarch64/aarch64-common.c b/lib/accelerated/aarch64/aarch64-common.c
new file mode 100644
index 0000000..cadb436
--- /dev/null
+++ b/lib/accelerated/aarch64/aarch64-common.c
@@ -0,0 +1,291 @@
+/*
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-CBC cipher
+ * using intel's AES instruction set. 
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include "errors.h"
+#ifdef HAVE_LIBNETTLE
+# include <nettle/aes.h>		/* for key generation in 192 and 256 bits */
+# include "sha-aarch64.h"
+# include "aes-aarch64.h"
+#endif
+#include "aarch64-common.h"
+
+#ifdef HAVE_GETAUXVAL
+# include <sys/auxv.h>
+# ifdef AT_HWCAP
+#  define USE_AUXVAL
+# endif
+#elif defined(__OpenBSD__)
+# include <sys/sysctl.h>
+# include <machine/cpu.h>
+# include <machine/armreg.h>
+#endif
+
+#if defined(__GNUC__)
+__attribute__((visibility("hidden")))
+#elif defined(__SUNPRO_C)
+__hidden
+#endif
+unsigned int _gnutls_arm_cpuid_s = 0;
+
+
+/* Our internal bit-string for cpu capabilities. Should be set
+ * in GNUTLS_CPUID_OVERRIDE */
+#define EMPTY_SET 1
+
+static void capabilities_to_cpuid(unsigned capabilities)
+{
+	_gnutls_arm_cpuid_s = 0;
+
+	if (capabilities & EMPTY_SET)
+		return;
+
+	_gnutls_arm_cpuid_s |= capabilities;
+}
+
+/* Correspond to asm/hwcap.h for aarch64 */
+#ifdef USE_AUXVAL
+#define HWCAP_ASIMD  (1 << 1)
+#define HWCAP_AES    (1 << 3)
+#define HWCAP_PMULL  (1 << 4)
+#define HWCAP_SHA1   (1 << 5)
+#define HWCAP_SHA2   (1 << 6)
+#define HWCAP_SHA3   (1 << 17)
+#define HWCAP_SHA512 (1 << 21)
+#endif
+
+static void discover_caps(unsigned int *caps)
+{
+#ifdef USE_AUXVAL
+	unsigned long c;
+
+	c = getauxval(AT_HWCAP);
+	if (c & HWCAP_ASIMD)
+		*caps |= ARMV7_NEON;
+	if (c & HWCAP_AES)
+		*caps |= ARMV8_AES;
+	if (c & HWCAP_PMULL)
+		*caps |= ARMV8_PMULL;
+	if (c & HWCAP_SHA1)
+		*caps |= ARMV8_SHA1;
+	if (c & HWCAP_SHA2)
+		*caps |= ARMV8_SHA256;
+	if (c & HWCAP_SHA512)
+		*caps |= ARMV8_SHA512;
+#elif defined(__OpenBSD__) && defined(CPU_ID_AA64ISAR0)
+	const int isar0_mib[] = { CTL_MACHDEP, CPU_ID_AA64ISAR0 };
+	uint64_t isar0;
+	size_t len = sizeof(isar0);
+
+	*caps |= ARMV7_NEON;
+	if (sysctl(isar0_mib, 2, &isar0, &len, NULL, 0) < 0)
+		return;
+	if (ID_AA64ISAR0_AES(isar0) >= ID_AA64ISAR0_AES_BASE)
+		*caps |= ARMV8_AES;
+	if (ID_AA64ISAR0_AES(isar0) >= ID_AA64ISAR0_AES_PMULL)
+		*caps |= ARMV8_PMULL;
+	if (ID_AA64ISAR0_SHA1(isar0) >= ID_AA64ISAR0_SHA1_BASE)
+		*caps |= ARMV8_SHA1;
+	if (ID_AA64ISAR0_SHA2(isar0) >= ID_AA64ISAR0_SHA2_BASE)
+		*caps |= ARMV8_SHA256;
+	if (ID_AA64ISAR0_SHA2(isar0) >= ID_AA64ISAR0_SHA2_512)
+		*caps |= ARMV8_SHA512;
+#endif
+}
+
+static
+void _register_aarch64_crypto(unsigned capabilities)
+{
+	int ret;
+
+	if (capabilities == 0) {
+		discover_caps(&_gnutls_arm_cpuid_s);
+	} else {
+		capabilities_to_cpuid(capabilities);
+	}
+
+	if (_gnutls_arm_cpuid_s & ARMV8_SHA1) {
+		_gnutls_debug_log("Aarch64 SHA1 was detected\n");
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
+							 80,
+							 &_gnutls_sha_aarch64, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_mac_register
+		    (GNUTLS_MAC_SHA1, 80, &_gnutls_hmac_sha_aarch64, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+	}
+
+	if (_gnutls_arm_cpuid_s & ARMV8_SHA256) {
+		_gnutls_debug_log("Aarch64 SHA2 was detected\n");
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA224,
+							 80,
+							 &_gnutls_sha_aarch64, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_mac_register
+		    (GNUTLS_MAC_SHA224, 80, &_gnutls_hmac_sha_aarch64, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
+							 80,
+							 &_gnutls_sha_aarch64, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_mac_register
+		    (GNUTLS_MAC_SHA256, 80, &_gnutls_hmac_sha_aarch64, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA384,
+							 80,
+							 &_gnutls_sha_aarch64, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_mac_register
+		    (GNUTLS_MAC_SHA384, 80, &_gnutls_hmac_sha_aarch64, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA512,
+							 80,
+							 &_gnutls_sha_aarch64, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_mac_register
+		    (GNUTLS_MAC_SHA512, 80, &_gnutls_hmac_sha_aarch64, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+	}
+
+	if (_gnutls_arm_cpuid_s & ARMV8_AES) {
+		_gnutls_debug_log("Aarch64 AES was detected\n");
+
+		if (_gnutls_arm_cpuid_s & ARMV8_PMULL) {
+			_gnutls_debug_log("Aarch64 PMULL was detected\n");
+
+			ret =
+			    gnutls_crypto_single_cipher_register
+			    (GNUTLS_CIPHER_AES_128_GCM, 90,
+			     &_gnutls_aes_gcm_aarch64, 0);
+			if (ret < 0) {
+					gnutls_assert();
+				}
+
+			ret =
+			    gnutls_crypto_single_cipher_register
+			    (GNUTLS_CIPHER_AES_192_GCM, 90,
+			     &_gnutls_aes_gcm_aarch64, 0);
+			if (ret < 0) {
+					gnutls_assert();
+				}
+
+			ret =
+			    gnutls_crypto_single_cipher_register
+			    (GNUTLS_CIPHER_AES_256_GCM, 90,
+			     &_gnutls_aes_gcm_aarch64, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_CBC, 90, &_gnutls_aes_cbc_aarch64, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_CBC, 90, &_gnutls_aes_cbc_aarch64, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_CCM, 90, &_gnutls_aes_ccm_aarch64, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_CCM, 90, &_gnutls_aes_ccm_aarch64, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+	}
+
+	return;
+}
+
+
+void register_aarch64_crypto(void)
+{
+	unsigned capabilities = 0;
+	char *p;
+	p = secure_getenv("GNUTLS_CPUID_OVERRIDE");
+	if (p) {
+		capabilities = strtol(p, NULL, 0);
+	}
+
+	_register_aarch64_crypto(capabilities);
+}
+
diff --git a/lib/accelerated/aarch64/aarch64-common.h b/lib/accelerated/aarch64/aarch64-common.h
new file mode 100644
index 0000000..039b8fb
--- /dev/null
+++ b/lib/accelerated/aarch64/aarch64-common.h
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ *
+ */
+
+#ifndef GNUTLS_LIB_ACCELERATED_AARCH64_AARCH64_COMMON_H
+# define GNUTLS_LIB_ACCELERATED_AARCH64_AARCH64_COMMON_H
+
+#if !__ASSEMBLER__
+#define NN_HASH(name, update_func, digest_func, NAME) {	\
+ #name,						\
+ sizeof(struct name##_ctx),			\
+ NAME##_DIGEST_SIZE,				\
+ NAME##_DATA_SIZE,				\
+ (nettle_hash_init_func *) name##_init,		\
+ (nettle_hash_update_func *) update_func,	\
+ (nettle_hash_digest_func *) digest_func	\
+} 
+
+void register_aarch64_crypto(void);
+#endif
+
+#define ARMV7_NEON      (1<<0)
+#define ARMV7_TICK      (1<<1)
+#define ARMV8_AES       (1<<2)
+#define ARMV8_SHA1      (1<<3)
+#define ARMV8_SHA256    (1<<4)
+#define ARMV8_PMULL     (1<<5)
+#define ARMV8_SHA512    (1<<6)
+
+#endif /* GNUTLS_LIB_ACCELERATED_AARCH64_AARCH64_COMMON_H */
diff --git a/lib/accelerated/aarch64/aes-aarch64.h b/lib/accelerated/aarch64/aes-aarch64.h
new file mode 100644
index 0000000..0e64f4e
--- /dev/null
+++ b/lib/accelerated/aarch64/aes-aarch64.h
@@ -0,0 +1,49 @@
+#ifndef GNUTLS_LIB_ACCELERATED_AARCH64_AES_AARCH64_H
+#define GNUTLS_LIB_ACCELERATED_AARCH64_AES_AARCH64_H
+
+#include "gnutls_int.h"
+
+#define ALIGN16(x) \
+        ((void *)(((ptrdiff_t)(x)+(ptrdiff_t)0x0f)&~((ptrdiff_t)0x0f)))
+
+#define AES_KEY_ALIGN_SIZE 4
+#define AES_MAXNR 14
+typedef struct {
+	/* We add few more integers to allow alignment 
+	 * on a 16-byte boundary.
+	 */
+	uint32_t rd_key[4 * (AES_MAXNR + 1) + AES_KEY_ALIGN_SIZE];
+	uint32_t rounds;
+} AES_KEY;
+
+#define CHECK_AES_KEYSIZE(s) \
+	if (s != 16 && s != 24 && s != 32) \
+		return GNUTLS_E_INVALID_REQUEST
+
+#include <intprops.h>
+#define AES_GCM_ENCRYPT_MAX_BYTES ((1ULL << 36) - 32)
+static inline int
+record_aes_gcm_encrypt_size(size_t *counter, size_t size) {
+	size_t sum;
+
+	if (!INT_ADD_OK(*counter, size, &sum) ||
+	    sum > AES_GCM_ENCRYPT_MAX_BYTES) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+	*counter = sum;
+
+	return 0;
+}
+
+int aes_v8_set_encrypt_key(const unsigned char *userKey, int bits, AES_KEY *key);  
+int aes_v8_set_decrypt_key(const unsigned char *userKey, int bits, AES_KEY *key);
+void aes_v8_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                       size_t length, const AES_KEY *key, unsigned char *ivec, int enc);
+void aes_v8_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key);
+void aes_v8_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key);
+
+extern const gnutls_crypto_cipher_st _gnutls_aes_gcm_aarch64;
+extern const gnutls_crypto_cipher_st _gnutls_aes_cbc_aarch64;
+extern const gnutls_crypto_cipher_st _gnutls_aes_ccm_aarch64;
+
+#endif /* GNUTLS_LIB_ACCELERATED_AARCH64_AES_AARCH64_H */
diff --git a/lib/accelerated/aarch64/aes-cbc-aarch64.c b/lib/accelerated/aarch64/aes-cbc-aarch64.c
new file mode 100644
index 0000000..299a080
--- /dev/null
+++ b/lib/accelerated/aarch64/aes-cbc-aarch64.c
@@ -0,0 +1,147 @@
+/*
+ * Copyright (C) 2011-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-CBC cipher
+ * using aarch64 instruction set. 
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aes-aarch64.h>
+#include <aarch64-common.h>
+
+struct aes_ctx {
+	AES_KEY expanded_key;
+	uint8_t iv[16];
+	int enc;
+};
+
+static int
+aes_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
+{
+	/* we use key size to distinguish */
+	if (algorithm != GNUTLS_CIPHER_AES_128_CBC
+	    && algorithm != GNUTLS_CIPHER_AES_192_CBC
+	    && algorithm != GNUTLS_CIPHER_AES_256_CBC)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	*_ctx = gnutls_calloc(1, sizeof(struct aes_ctx));
+	if (*_ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	((struct aes_ctx *) (*_ctx))->enc = enc;
+
+	return 0;
+}
+
+static int
+aes_aarch64_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+	struct aes_ctx *ctx = _ctx;
+	int ret;
+
+	CHECK_AES_KEYSIZE(keysize);
+
+	if (ctx->enc)
+		ret =
+		    aes_v8_set_encrypt_key(userkey, keysize * 8,
+					  ALIGN16(&ctx->expanded_key));
+	else
+		ret =
+		    aes_v8_set_decrypt_key(userkey, keysize * 8,
+					  ALIGN16(&ctx->expanded_key));
+
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
+
+	return 0;
+}
+
+static int
+aes_aarch64_encrypt(void *_ctx, const void *src, size_t src_size,
+	    void *dst, size_t dst_size)
+{
+	struct aes_ctx *ctx = _ctx;
+
+	if (unlikely(src_size % 16 != 0))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	aes_v8_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),
+			  ctx->iv, 1);
+	return 0;
+}
+
+static int
+aes_aarch64_decrypt(void *_ctx, const void *src, size_t src_size,
+	    void *dst, size_t dst_size)
+{
+	struct aes_ctx *ctx = _ctx;
+
+	if (unlikely(src_size % 16 != 0))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	aes_v8_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),
+			  ctx->iv, 0);
+
+	return 0;
+}
+
+static int aes_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct aes_ctx *ctx = _ctx;
+
+	if (iv_size != 16)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memcpy(ctx->iv, iv, 16);
+	return 0;
+}
+
+static void aes_deinit(void *_ctx)
+{
+	struct aes_ctx *ctx = _ctx;
+
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+const gnutls_crypto_cipher_st _gnutls_aes_cbc_aarch64 = {
+	.init = aes_cipher_init,
+	.setkey = aes_aarch64_cipher_setkey,
+	.setiv = aes_setiv,
+	.encrypt = aes_aarch64_encrypt,
+	.decrypt = aes_aarch64_decrypt,
+	.deinit = aes_deinit,
+};
+
diff --git a/lib/accelerated/aarch64/aes-ccm-aarch64.c b/lib/accelerated/aarch64/aes-ccm-aarch64.c
new file mode 100644
index 0000000..a2ba259
--- /dev/null
+++ b/lib/accelerated/aarch64/aes-ccm-aarch64.c
@@ -0,0 +1,161 @@
+/*
+ * Copyright (C) 2014-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-CCM cipher
+ * on aarch64.
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+
+#ifdef HAVE_LIBNETTLE
+
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aarch64-common.h>
+#include <byteswap.h>
+#include <nettle/ccm.h>
+#include <aes-aarch64.h>
+
+typedef struct ccm_aarch64_aes_ctx {
+	AES_KEY key;
+} ccm_aarch64_aes_ctx;
+
+/* CCM mode 
+ */
+static void aarch64_aes_encrypt(const void *_ctx,
+			    size_t length, uint8_t * dst,
+			    const uint8_t * src)
+{
+	AES_KEY *ctx = (void*)_ctx;
+	unsigned i;
+
+	for (i=0;i<length;i+=16) {
+		aes_v8_encrypt(src, dst, ctx);
+		src+=16;
+		dst+=16;
+	}
+}
+
+static int
+aes_ccm_cipher_init(gnutls_cipher_algorithm_t algorithm, void **ctx,
+		    int enc)
+{
+	/* we use key size to distinguish */
+	if (algorithm != GNUTLS_CIPHER_AES_128_CCM &&
+	    algorithm != GNUTLS_CIPHER_AES_256_CCM &&
+	    algorithm != GNUTLS_CIPHER_AES_128_CCM_8 &&
+	    algorithm != GNUTLS_CIPHER_AES_256_CCM_8)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	*ctx = gnutls_calloc(1, sizeof(ccm_aarch64_aes_ctx));
+	if (*ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+static int
+aes_ccm_cipher_setkey(void *_ctx, const void *key, size_t length)
+{
+	struct ccm_aarch64_aes_ctx *ctx = _ctx;
+
+	CHECK_AES_KEYSIZE(length);
+
+	aes_v8_set_encrypt_key(key, length*8, &ctx->key);
+
+	return 0;
+}
+
+static int
+aes_ccm_aead_encrypt(void *_ctx,
+			const void *nonce, size_t nonce_size,
+			const void *auth, size_t auth_size,
+			size_t tag_size,
+			const void *plain, size_t plain_size,
+			void *encr, size_t encr_size)
+{
+	struct ccm_aarch64_aes_ctx *ctx = _ctx;
+	/* proper AEAD cipher */
+
+	if (unlikely(encr_size < plain_size + tag_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ccm_encrypt_message(&ctx->key, aarch64_aes_encrypt,
+			    nonce_size, nonce,
+			    auth_size, auth,
+			    tag_size,
+			    plain_size+tag_size, encr,
+			    plain);
+	return 0;
+}
+
+static int
+aes_ccm_aead_decrypt(void *_ctx,
+			const void *nonce, size_t nonce_size,
+			const void *auth, size_t auth_size,
+			size_t tag_size,
+			const void *encr, size_t encr_size,
+			void *plain, size_t plain_size)
+{
+	struct ccm_aarch64_aes_ctx *ctx = _ctx;
+	int ret;
+
+	if (unlikely(encr_size < tag_size))
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+	if (unlikely(plain_size < encr_size - tag_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ret = ccm_decrypt_message(&ctx->key, aarch64_aes_encrypt,
+				  nonce_size, nonce,
+				  auth_size, auth,
+				  tag_size,
+				  encr_size-tag_size, plain,
+				  encr);
+	if (unlikely(ret == 0))
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+	return 0;
+}
+
+
+static void aes_ccm_deinit(void *_ctx)
+{
+	struct ccm_aarch64_aes_ctx *ctx = _ctx;
+
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+const gnutls_crypto_cipher_st _gnutls_aes_ccm_aarch64 = {
+	.init = aes_ccm_cipher_init,
+	.setkey = aes_ccm_cipher_setkey,
+	.aead_encrypt = aes_ccm_aead_encrypt,
+	.aead_decrypt = aes_ccm_aead_decrypt,
+	.deinit = aes_ccm_deinit,
+};
+
+#endif
diff --git a/lib/accelerated/aarch64/aes-gcm-aarch64.c b/lib/accelerated/aarch64/aes-gcm-aarch64.c
new file mode 100644
index 0000000..be1e69c
--- /dev/null
+++ b/lib/accelerated/aarch64/aes-gcm-aarch64.c
@@ -0,0 +1,359 @@
+/*
+ * Copyright (C) 2011-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-GCM cipher
+ * using the AES and neon instruction sets.
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aes-aarch64.h>
+#include <aarch64-common.h>
+#include <nettle/memxor.h>
+#include <nettle/macros.h>
+#include <byteswap.h>
+
+#define GCM_BLOCK_SIZE 16
+#define INC32(block) INCREMENT(4, block + GCM_BLOCK_SIZE - 4)
+
+/* GCM mode */
+
+typedef struct {
+	uint64_t hi, lo;
+} u128;
+
+/* This is the gcm128 structure used in openssl. It
+ * is compatible with the included assembly code.
+ */
+struct gcm128_context {
+	union {
+		uint64_t u[2];
+		uint32_t d[4];
+		uint8_t c[16];
+	} Yi, EKi, EK0, len, Xi, H;
+	u128 Htable[16];
+};
+
+struct aes_gcm_ctx {
+	AES_KEY expanded_key;
+	struct gcm128_context gcm;
+	unsigned finished;
+	unsigned auth_finished;
+	size_t rekey_counter;
+};
+
+void gcm_init_v8(u128 Htable[16], const uint64_t Xi[2]);
+void gcm_ghash_v8(uint64_t Xi[2], const u128 Htable[16],
+		     const uint8_t * inp, size_t len);
+void gcm_gmult_v8(uint64_t Xi[2], const u128 Htable[16]);
+
+static void aes_gcm_deinit(void *_ctx)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+static int
+aes_gcm_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx,
+		    int enc)
+{
+	/* we use key size to distinguish */
+	if (algorithm != GNUTLS_CIPHER_AES_128_GCM &&
+	    algorithm != GNUTLS_CIPHER_AES_192_GCM &&
+	    algorithm != GNUTLS_CIPHER_AES_256_GCM)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	*_ctx = gnutls_calloc(1, sizeof(struct aes_gcm_ctx));
+	if (*_ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+static int
+aes_gcm_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+	int ret;
+
+	CHECK_AES_KEYSIZE(keysize);
+
+	ret =
+	    aes_v8_set_encrypt_key(userkey, keysize * 8,
+				  ALIGN16(&ctx->expanded_key));
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
+
+	aes_v8_encrypt(ctx->gcm.H.c, ctx->gcm.H.c, ALIGN16(&ctx->expanded_key));
+
+	ctx->gcm.H.u[0] = bswap_64(ctx->gcm.H.u[0]);
+	ctx->gcm.H.u[1] = bswap_64(ctx->gcm.H.u[1]);
+
+	gcm_init_v8(ctx->gcm.Htable, ctx->gcm.H.u);
+	ctx->rekey_counter = 0;
+
+	return 0;
+}
+
+static int aes_gcm_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+
+	if (iv_size != GCM_BLOCK_SIZE - 4)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memset(ctx->gcm.Xi.c, 0, sizeof(ctx->gcm.Xi.c));
+	memset(ctx->gcm.len.c, 0, sizeof(ctx->gcm.len.c));
+
+	memcpy(ctx->gcm.Yi.c, iv, GCM_BLOCK_SIZE - 4);
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 4] = 0;
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 3] = 0;
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 2] = 0;
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 1] = 1;
+
+	aes_v8_encrypt(ctx->gcm.Yi.c, ctx->gcm.EK0.c,
+			ALIGN16(&ctx->expanded_key));
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 1] = 2;
+	ctx->finished = 0;
+	ctx->auth_finished = 0;
+	ctx->rekey_counter = 0;
+	return 0;
+}
+
+static void
+gcm_ghash(struct aes_gcm_ctx *ctx, const uint8_t * src, size_t src_size)
+{
+	size_t rest = src_size % GCM_BLOCK_SIZE;
+	size_t aligned_size = src_size - rest;
+
+	if (aligned_size > 0)
+		gcm_ghash_v8(ctx->gcm.Xi.u, ctx->gcm.Htable, src,
+				aligned_size);
+
+	if (rest > 0) {
+		memxor(ctx->gcm.Xi.c, src + aligned_size, rest);
+		gcm_gmult_v8(ctx->gcm.Xi.u, ctx->gcm.Htable);
+	}
+}
+
+static void
+ctr32_encrypt_blocks_inplace(const unsigned char *in, unsigned char *out,
+			     size_t blocks, const AES_KEY *key,
+			     const unsigned char ivec[16])
+{
+	unsigned i;
+	uint8_t ctr[16];
+	uint8_t tmp[16];
+
+	memcpy(ctr, ivec, 16);
+
+	for (i=0;i<blocks;i++) {
+		aes_v8_encrypt(ctr, tmp, key);
+		memxor3(out, tmp, in, 16);
+
+		out += 16;
+		in += 16;
+		INC32(ctr);
+	}
+}
+
+static void
+ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
+		     size_t blocks, const AES_KEY *key,
+		     const unsigned char ivec[16])
+{
+	unsigned i;
+	uint8_t ctr[16];
+
+	if (in == out)
+		return ctr32_encrypt_blocks_inplace(in, out, blocks, key, ivec);
+
+	memcpy(ctr, ivec, 16);
+
+	for (i=0;i<blocks;i++) {
+		aes_v8_encrypt(ctr, out, key);
+		memxor(out, in, 16);
+
+		out += 16;
+		in += 16;
+		INC32(ctr);
+	}
+}
+
+static inline void
+ctr_encrypt_last(struct aes_gcm_ctx *ctx, const uint8_t * src,
+		 uint8_t * dst, size_t pos, size_t length)
+{
+	uint8_t tmp[GCM_BLOCK_SIZE];
+	uint8_t out[GCM_BLOCK_SIZE];
+
+	memcpy(tmp, &src[pos], length);
+	ctr32_encrypt_blocks(tmp, out, 1,
+			     ALIGN16(&ctx->expanded_key),
+			     ctx->gcm.Yi.c);
+
+	memcpy(&dst[pos], out, length);
+
+}
+
+static int
+aes_gcm_encrypt(void *_ctx, const void *src, size_t src_size,
+		void *dst, size_t length)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+	int blocks = src_size / GCM_BLOCK_SIZE;
+	int exp_blocks = blocks * GCM_BLOCK_SIZE;
+	int rest = src_size - (exp_blocks);
+	uint32_t counter;
+	int ret;
+
+	if (unlikely(ctx->finished))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (unlikely(length < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ret = record_aes_gcm_encrypt_size(&ctx->rekey_counter, src_size);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	if (blocks > 0) {
+		ctr32_encrypt_blocks(src, dst,
+				     blocks,
+				     ALIGN16(&ctx->expanded_key),
+				     ctx->gcm.Yi.c);
+
+		counter = _gnutls_read_uint32(ctx->gcm.Yi.c + 12);
+		counter += blocks;
+		_gnutls_write_uint32(counter, ctx->gcm.Yi.c + 12);
+	}
+
+	if (rest > 0) {	/* last incomplete block */
+		ctr_encrypt_last(ctx, src, dst, exp_blocks, rest);
+		ctx->finished = 1;
+	}
+
+	gcm_ghash(ctx, dst, src_size);
+	ctx->gcm.len.u[1] += src_size;
+
+	return 0;
+}
+
+static int
+aes_gcm_decrypt(void *_ctx, const void *src, size_t src_size,
+		void *dst, size_t dst_size)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+	int blocks = src_size / GCM_BLOCK_SIZE;
+	int exp_blocks = blocks * GCM_BLOCK_SIZE;
+	int rest = src_size - (exp_blocks);
+	uint32_t counter;
+
+	if (unlikely(ctx->finished))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	gcm_ghash(ctx, src, src_size);
+	ctx->gcm.len.u[1] += src_size;
+
+	if (blocks > 0) {
+		ctr32_encrypt_blocks(src, dst,
+				     blocks,
+				     ALIGN16(&ctx->expanded_key),
+				     ctx->gcm.Yi.c);
+
+		counter = _gnutls_read_uint32(ctx->gcm.Yi.c + 12);
+		counter += blocks;
+		_gnutls_write_uint32(counter, ctx->gcm.Yi.c + 12);
+	}
+
+	if (rest > 0) { /* last incomplete block */
+		ctr_encrypt_last(ctx, src, dst, exp_blocks, rest);
+		ctx->finished = 1;
+	}
+
+	return 0;
+}
+
+static int aes_gcm_auth(void *_ctx, const void *src, size_t src_size)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+
+	if (unlikely(ctx->auth_finished))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	gcm_ghash(ctx, src, src_size);
+	ctx->gcm.len.u[0] += src_size;
+
+	if (src_size % GCM_BLOCK_SIZE != 0)
+		ctx->auth_finished = 1;
+
+	return 0;
+}
+
+
+static void aes_gcm_tag(void *_ctx, void *tag, size_t tagsize)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+	uint8_t buffer[GCM_BLOCK_SIZE];
+	uint64_t alen, clen;
+
+	alen = ctx->gcm.len.u[0] * 8;
+	clen = ctx->gcm.len.u[1] * 8;
+
+	_gnutls_write_uint64(alen, buffer);
+	_gnutls_write_uint64(clen, &buffer[8]);
+
+	gcm_ghash_v8(ctx->gcm.Xi.u, ctx->gcm.Htable, buffer,
+			GCM_BLOCK_SIZE);
+
+	ctx->gcm.Xi.u[0] ^= ctx->gcm.EK0.u[0];
+	ctx->gcm.Xi.u[1] ^= ctx->gcm.EK0.u[1];
+
+	memcpy(tag, ctx->gcm.Xi.c, MIN(GCM_BLOCK_SIZE, tagsize));
+}
+
+#include "../x86/aes-gcm-aead.h"
+
+const gnutls_crypto_cipher_st _gnutls_aes_gcm_aarch64 = {
+	.init = aes_gcm_cipher_init,
+	.setkey = aes_gcm_cipher_setkey,
+	.setiv = aes_gcm_setiv,
+	.aead_encrypt = aes_gcm_aead_encrypt,
+	.aead_decrypt = aes_gcm_aead_decrypt,
+	.encrypt = aes_gcm_encrypt,
+	.decrypt = aes_gcm_decrypt,
+	.deinit = aes_gcm_deinit,
+	.tag = aes_gcm_tag,
+	.auth = aes_gcm_auth,
+};
diff --git a/lib/accelerated/aarch64/elf/aes-aarch64.s b/lib/accelerated/aarch64/elf/aes-aarch64.s
new file mode 100644
index 0000000..b9b4b4b
--- /dev/null
+++ b/lib/accelerated/aarch64/elf/aes-aarch64.s
@@ -0,0 +1,801 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+# 1 "lib/accelerated/aarch64/elf/aes-aarch64.s.tmp.S"
+# 1 "<built-in>"
+# 1 "<command-line>"
+# 1 "lib/accelerated/aarch64/elf/aes-aarch64.s.tmp.S"
+# 1 "lib/accelerated/aarch64/aarch64-common.h" 1
+# 2 "lib/accelerated/aarch64/elf/aes-aarch64.s.tmp.S" 2
+
+
+.text
+.arch armv8-a+crypto
+.align 5
+.Lrcon:
+.long 0x01,0x01,0x01,0x01
+.long 0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d
+.long 0x1b,0x1b,0x1b,0x1b
+
+.globl aes_v8_set_encrypt_key
+.type aes_v8_set_encrypt_key,%function
+.align 5
+aes_v8_set_encrypt_key:
+.Lenc_key:
+ stp x29,x30,[sp,#-16]!
+ add x29,sp,#0
+ mov x3,#-1
+ cmp x0,#0
+ b.eq .Lenc_key_abort
+ cmp x2,#0
+ b.eq .Lenc_key_abort
+ mov x3,#-2
+ cmp w1,#128
+ b.lt .Lenc_key_abort
+ cmp w1,#256
+ b.gt .Lenc_key_abort
+ tst w1,#0x3f
+ b.ne .Lenc_key_abort
+
+ adr x3,.Lrcon
+ cmp w1,#192
+
+ eor v0.16b,v0.16b,v0.16b
+ ld1 {v3.16b},[x0],#16
+ mov w1,#8
+ ld1 {v1.4s,v2.4s},[x3],#32
+
+ b.lt .Loop128
+ b.eq .L192
+ b .L256
+
+.align 4
+.Loop128:
+ tbl v6.16b,{v3.16b},v2.16b
+ ext v5.16b,v0.16b,v3.16b,#12
+ st1 {v3.4s},[x2],#16
+ aese v6.16b,v0.16b
+ subs w1,w1,#1
+
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v6.16b,v6.16b,v1.16b
+ eor v3.16b,v3.16b,v5.16b
+ shl v1.16b,v1.16b,#1
+ eor v3.16b,v3.16b,v6.16b
+ b.ne .Loop128
+
+ ld1 {v1.4s},[x3]
+
+ tbl v6.16b,{v3.16b},v2.16b
+ ext v5.16b,v0.16b,v3.16b,#12
+ st1 {v3.4s},[x2],#16
+ aese v6.16b,v0.16b
+
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v6.16b,v6.16b,v1.16b
+ eor v3.16b,v3.16b,v5.16b
+ shl v1.16b,v1.16b,#1
+ eor v3.16b,v3.16b,v6.16b
+
+ tbl v6.16b,{v3.16b},v2.16b
+ ext v5.16b,v0.16b,v3.16b,#12
+ st1 {v3.4s},[x2],#16
+ aese v6.16b,v0.16b
+
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v6.16b,v6.16b,v1.16b
+ eor v3.16b,v3.16b,v5.16b
+ eor v3.16b,v3.16b,v6.16b
+ st1 {v3.4s},[x2]
+ add x2,x2,#0x50
+
+ mov w12,#10
+ b .Ldone
+
+.align 4
+.L192:
+ ld1 {v4.8b},[x0],#8
+ movi v6.16b,#8
+ st1 {v3.4s},[x2],#16
+ sub v2.16b,v2.16b,v6.16b
+
+.Loop192:
+ tbl v6.16b,{v4.16b},v2.16b
+ ext v5.16b,v0.16b,v3.16b,#12
+
+
+
+
+ st1 {v4.8b},[x2],#8
+
+ aese v6.16b,v0.16b
+ subs w1,w1,#1
+
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v3.16b,v3.16b,v5.16b
+
+ dup v5.4s,v3.s[3]
+ eor v5.16b,v5.16b,v4.16b
+ eor v6.16b,v6.16b,v1.16b
+ ext v4.16b,v0.16b,v4.16b,#12
+ shl v1.16b,v1.16b,#1
+ eor v4.16b,v4.16b,v5.16b
+ eor v3.16b,v3.16b,v6.16b
+ eor v4.16b,v4.16b,v6.16b
+ st1 {v3.4s},[x2],#16
+ b.ne .Loop192
+
+ mov w12,#12
+ add x2,x2,#0x20
+ b .Ldone
+
+.align 4
+.L256:
+ ld1 {v4.16b},[x0]
+ mov w1,#7
+ mov w12,#14
+ st1 {v3.4s},[x2],#16
+
+.Loop256:
+ tbl v6.16b,{v4.16b},v2.16b
+ ext v5.16b,v0.16b,v3.16b,#12
+ st1 {v4.4s},[x2],#16
+ aese v6.16b,v0.16b
+ subs w1,w1,#1
+
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v6.16b,v6.16b,v1.16b
+ eor v3.16b,v3.16b,v5.16b
+ shl v1.16b,v1.16b,#1
+ eor v3.16b,v3.16b,v6.16b
+ st1 {v3.4s},[x2],#16
+ b.eq .Ldone
+
+ dup v6.4s,v3.s[3]
+ ext v5.16b,v0.16b,v4.16b,#12
+ aese v6.16b,v0.16b
+
+ eor v4.16b,v4.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v4.16b,v4.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v4.16b,v4.16b,v5.16b
+
+ eor v4.16b,v4.16b,v6.16b
+ b .Loop256
+
+.Ldone:
+ str w12,[x2]
+ mov x3,#0
+
+.Lenc_key_abort:
+ mov x0,x3
+ ldr x29,[sp],#16
+ ret
+.size aes_v8_set_encrypt_key,.-aes_v8_set_encrypt_key
+
+.globl aes_v8_set_decrypt_key
+.type aes_v8_set_decrypt_key,%function
+.align 5
+aes_v8_set_decrypt_key:
+.inst 0xd503233f
+ stp x29,x30,[sp,#-16]!
+ add x29,sp,#0
+ bl .Lenc_key
+
+ cmp x0,#0
+ b.ne .Ldec_key_abort
+
+ sub x2,x2,#240
+ mov x4,#-16
+ add x0,x2,x12,lsl#4
+
+ ld1 {v0.4s},[x2]
+ ld1 {v1.4s},[x0]
+ st1 {v0.4s},[x0],x4
+ st1 {v1.4s},[x2],#16
+
+.Loop_imc:
+ ld1 {v0.4s},[x2]
+ ld1 {v1.4s},[x0]
+ aesimc v0.16b,v0.16b
+ aesimc v1.16b,v1.16b
+ st1 {v0.4s},[x0],x4
+ st1 {v1.4s},[x2],#16
+ cmp x0,x2
+ b.hi .Loop_imc
+
+ ld1 {v0.4s},[x2]
+ aesimc v0.16b,v0.16b
+ st1 {v0.4s},[x0]
+
+ eor x0,x0,x0
+.Ldec_key_abort:
+ ldp x29,x30,[sp],#16
+.inst 0xd50323bf
+ ret
+.size aes_v8_set_decrypt_key,.-aes_v8_set_decrypt_key
+.globl aes_v8_encrypt
+.type aes_v8_encrypt,%function
+.align 5
+aes_v8_encrypt:
+ ldr w3,[x2,#240]
+ ld1 {v0.4s},[x2],#16
+ ld1 {v2.16b},[x0]
+ sub w3,w3,#2
+ ld1 {v1.4s},[x2],#16
+
+.Loop_enc:
+ aese v2.16b,v0.16b
+ aesmc v2.16b,v2.16b
+ ld1 {v0.4s},[x2],#16
+ subs w3,w3,#2
+ aese v2.16b,v1.16b
+ aesmc v2.16b,v2.16b
+ ld1 {v1.4s},[x2],#16
+ b.gt .Loop_enc
+
+ aese v2.16b,v0.16b
+ aesmc v2.16b,v2.16b
+ ld1 {v0.4s},[x2]
+ aese v2.16b,v1.16b
+ eor v2.16b,v2.16b,v0.16b
+
+ st1 {v2.16b},[x1]
+ ret
+.size aes_v8_encrypt,.-aes_v8_encrypt
+.globl aes_v8_decrypt
+.type aes_v8_decrypt,%function
+.align 5
+aes_v8_decrypt:
+ ldr w3,[x2,#240]
+ ld1 {v0.4s},[x2],#16
+ ld1 {v2.16b},[x0]
+ sub w3,w3,#2
+ ld1 {v1.4s},[x2],#16
+
+.Loop_dec:
+ aesd v2.16b,v0.16b
+ aesimc v2.16b,v2.16b
+ ld1 {v0.4s},[x2],#16
+ subs w3,w3,#2
+ aesd v2.16b,v1.16b
+ aesimc v2.16b,v2.16b
+ ld1 {v1.4s},[x2],#16
+ b.gt .Loop_dec
+
+ aesd v2.16b,v0.16b
+ aesimc v2.16b,v2.16b
+ ld1 {v0.4s},[x2]
+ aesd v2.16b,v1.16b
+ eor v2.16b,v2.16b,v0.16b
+
+ st1 {v2.16b},[x1]
+ ret
+.size aes_v8_decrypt,.-aes_v8_decrypt
+.globl aes_v8_cbc_encrypt
+.type aes_v8_cbc_encrypt,%function
+.align 5
+aes_v8_cbc_encrypt:
+ stp x29,x30,[sp,#-16]!
+ add x29,sp,#0
+ subs x2,x2,#16
+ mov x8,#16
+ b.lo .Lcbc_abort
+ csel x8,xzr,x8,eq
+
+ cmp w5,#0
+ ldr w5,[x3,#240]
+ and x2,x2,#-16
+ ld1 {v6.16b},[x4]
+ ld1 {v0.16b},[x0],x8
+
+ ld1 {v16.4s,v17.4s},[x3]
+ sub w5,w5,#6
+ add x7,x3,x5,lsl#4
+ sub w5,w5,#2
+ ld1 {v18.4s,v19.4s},[x7],#32
+ ld1 {v20.4s,v21.4s},[x7],#32
+ ld1 {v22.4s,v23.4s},[x7],#32
+ ld1 {v7.4s},[x7]
+
+ add x7,x3,#32
+ mov w6,w5
+ b.eq .Lcbc_dec
+
+ cmp w5,#2
+ eor v0.16b,v0.16b,v6.16b
+ eor v5.16b,v16.16b,v7.16b
+ b.eq .Lcbc_enc128
+
+ ld1 {v2.4s,v3.4s},[x7]
+ add x7,x3,#16
+ add x6,x3,#16*4
+ add x12,x3,#16*5
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ add x14,x3,#16*6
+ add x3,x3,#16*7
+ b .Lenter_cbc_enc
+
+.align 4
+.Loop_cbc_enc:
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ st1 {v6.16b},[x1],#16
+.Lenter_cbc_enc:
+ aese v0.16b,v17.16b
+ aesmc v0.16b,v0.16b
+ aese v0.16b,v2.16b
+ aesmc v0.16b,v0.16b
+ ld1 {v16.4s},[x6]
+ cmp w5,#4
+ aese v0.16b,v3.16b
+ aesmc v0.16b,v0.16b
+ ld1 {v17.4s},[x12]
+ b.eq .Lcbc_enc192
+
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ ld1 {v16.4s},[x14]
+ aese v0.16b,v17.16b
+ aesmc v0.16b,v0.16b
+ ld1 {v17.4s},[x3]
+ nop
+
+.Lcbc_enc192:
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ subs x2,x2,#16
+ aese v0.16b,v17.16b
+ aesmc v0.16b,v0.16b
+ csel x8,xzr,x8,eq
+ aese v0.16b,v18.16b
+ aesmc v0.16b,v0.16b
+ aese v0.16b,v19.16b
+ aesmc v0.16b,v0.16b
+ ld1 {v16.16b},[x0],x8
+ aese v0.16b,v20.16b
+ aesmc v0.16b,v0.16b
+ eor v16.16b,v16.16b,v5.16b
+ aese v0.16b,v21.16b
+ aesmc v0.16b,v0.16b
+ ld1 {v17.4s},[x7]
+ aese v0.16b,v22.16b
+ aesmc v0.16b,v0.16b
+ aese v0.16b,v23.16b
+ eor v6.16b,v0.16b,v7.16b
+ b.hs .Loop_cbc_enc
+
+ st1 {v6.16b},[x1],#16
+ b .Lcbc_done
+
+.align 5
+.Lcbc_enc128:
+ ld1 {v2.4s,v3.4s},[x7]
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ b .Lenter_cbc_enc128
+.Loop_cbc_enc128:
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ st1 {v6.16b},[x1],#16
+.Lenter_cbc_enc128:
+ aese v0.16b,v17.16b
+ aesmc v0.16b,v0.16b
+ subs x2,x2,#16
+ aese v0.16b,v2.16b
+ aesmc v0.16b,v0.16b
+ csel x8,xzr,x8,eq
+ aese v0.16b,v3.16b
+ aesmc v0.16b,v0.16b
+ aese v0.16b,v18.16b
+ aesmc v0.16b,v0.16b
+ aese v0.16b,v19.16b
+ aesmc v0.16b,v0.16b
+ ld1 {v16.16b},[x0],x8
+ aese v0.16b,v20.16b
+ aesmc v0.16b,v0.16b
+ aese v0.16b,v21.16b
+ aesmc v0.16b,v0.16b
+ aese v0.16b,v22.16b
+ aesmc v0.16b,v0.16b
+ eor v16.16b,v16.16b,v5.16b
+ aese v0.16b,v23.16b
+ eor v6.16b,v0.16b,v7.16b
+ b.hs .Loop_cbc_enc128
+
+ st1 {v6.16b},[x1],#16
+ b .Lcbc_done
+.align 5
+.Lcbc_dec:
+ ld1 {v18.16b},[x0],#16
+ subs x2,x2,#32
+ add w6,w5,#2
+ orr v3.16b,v0.16b,v0.16b
+ orr v1.16b,v0.16b,v0.16b
+ orr v19.16b,v18.16b,v18.16b
+ b.lo .Lcbc_dec_tail
+
+ orr v1.16b,v18.16b,v18.16b
+ ld1 {v18.16b},[x0],#16
+ orr v2.16b,v0.16b,v0.16b
+ orr v3.16b,v1.16b,v1.16b
+ orr v19.16b,v18.16b,v18.16b
+
+.Loop3x_cbc_dec:
+ aesd v0.16b,v16.16b
+ aesimc v0.16b,v0.16b
+ aesd v1.16b,v16.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v16.16b
+ aesimc v18.16b,v18.16b
+ ld1 {v16.4s},[x7],#16
+ subs w6,w6,#2
+ aesd v0.16b,v17.16b
+ aesimc v0.16b,v0.16b
+ aesd v1.16b,v17.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v17.16b
+ aesimc v18.16b,v18.16b
+ ld1 {v17.4s},[x7],#16
+ b.gt .Loop3x_cbc_dec
+
+ aesd v0.16b,v16.16b
+ aesimc v0.16b,v0.16b
+ aesd v1.16b,v16.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v16.16b
+ aesimc v18.16b,v18.16b
+ eor v4.16b,v6.16b,v7.16b
+ subs x2,x2,#0x30
+ eor v5.16b,v2.16b,v7.16b
+ csel x6,x2,x6,lo
+ aesd v0.16b,v17.16b
+ aesimc v0.16b,v0.16b
+ aesd v1.16b,v17.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v17.16b
+ aesimc v18.16b,v18.16b
+ eor v17.16b,v3.16b,v7.16b
+ add x0,x0,x6
+
+
+ orr v6.16b,v19.16b,v19.16b
+ mov x7,x3
+ aesd v0.16b,v20.16b
+ aesimc v0.16b,v0.16b
+ aesd v1.16b,v20.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v20.16b
+ aesimc v18.16b,v18.16b
+ ld1 {v2.16b},[x0],#16
+ aesd v0.16b,v21.16b
+ aesimc v0.16b,v0.16b
+ aesd v1.16b,v21.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v21.16b
+ aesimc v18.16b,v18.16b
+ ld1 {v3.16b},[x0],#16
+ aesd v0.16b,v22.16b
+ aesimc v0.16b,v0.16b
+ aesd v1.16b,v22.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v22.16b
+ aesimc v18.16b,v18.16b
+ ld1 {v19.16b},[x0],#16
+ aesd v0.16b,v23.16b
+ aesd v1.16b,v23.16b
+ aesd v18.16b,v23.16b
+ ld1 {v16.4s},[x7],#16
+ add w6,w5,#2
+ eor v4.16b,v4.16b,v0.16b
+ eor v5.16b,v5.16b,v1.16b
+ eor v18.16b,v18.16b,v17.16b
+ ld1 {v17.4s},[x7],#16
+ st1 {v4.16b},[x1],#16
+ orr v0.16b,v2.16b,v2.16b
+ st1 {v5.16b},[x1],#16
+ orr v1.16b,v3.16b,v3.16b
+ st1 {v18.16b},[x1],#16
+ orr v18.16b,v19.16b,v19.16b
+ b.hs .Loop3x_cbc_dec
+
+ cmn x2,#0x30
+ b.eq .Lcbc_done
+ nop
+
+.Lcbc_dec_tail:
+ aesd v1.16b,v16.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v16.16b
+ aesimc v18.16b,v18.16b
+ ld1 {v16.4s},[x7],#16
+ subs w6,w6,#2
+ aesd v1.16b,v17.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v17.16b
+ aesimc v18.16b,v18.16b
+ ld1 {v17.4s},[x7],#16
+ b.gt .Lcbc_dec_tail
+
+ aesd v1.16b,v16.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v16.16b
+ aesimc v18.16b,v18.16b
+ aesd v1.16b,v17.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v17.16b
+ aesimc v18.16b,v18.16b
+ aesd v1.16b,v20.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v20.16b
+ aesimc v18.16b,v18.16b
+ cmn x2,#0x20
+ aesd v1.16b,v21.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v21.16b
+ aesimc v18.16b,v18.16b
+ eor v5.16b,v6.16b,v7.16b
+ aesd v1.16b,v22.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v22.16b
+ aesimc v18.16b,v18.16b
+ eor v17.16b,v3.16b,v7.16b
+ aesd v1.16b,v23.16b
+ aesd v18.16b,v23.16b
+ b.eq .Lcbc_dec_one
+ eor v5.16b,v5.16b,v1.16b
+ eor v17.16b,v17.16b,v18.16b
+ orr v6.16b,v19.16b,v19.16b
+ st1 {v5.16b},[x1],#16
+ st1 {v17.16b},[x1],#16
+ b .Lcbc_done
+
+.Lcbc_dec_one:
+ eor v5.16b,v5.16b,v18.16b
+ orr v6.16b,v19.16b,v19.16b
+ st1 {v5.16b},[x1],#16
+
+.Lcbc_done:
+ st1 {v6.16b},[x4]
+.Lcbc_abort:
+ ldr x29,[sp],#16
+ ret
+.size aes_v8_cbc_encrypt,.-aes_v8_cbc_encrypt
+.globl aes_v8_ctr32_encrypt_blocks
+.type aes_v8_ctr32_encrypt_blocks,%function
+.align 5
+aes_v8_ctr32_encrypt_blocks:
+ stp x29,x30,[sp,#-16]!
+ add x29,sp,#0
+ ldr w5,[x3,#240]
+
+ ldr w8, [x4, #12]
+
+
+
+ ld1 {v0.4s},[x4]
+
+ ld1 {v16.4s,v17.4s},[x3]
+ sub w5,w5,#4
+ mov x12,#16
+ cmp x2,#2
+ add x7,x3,x5,lsl#4
+ sub w5,w5,#2
+ ld1 {v20.4s,v21.4s},[x7],#32
+ ld1 {v22.4s,v23.4s},[x7],#32
+ ld1 {v7.4s},[x7]
+ add x7,x3,#32
+ mov w6,w5
+ csel x12,xzr,x12,lo
+
+ rev w8, w8
+
+ orr v1.16b,v0.16b,v0.16b
+ add w10, w8, #1
+ orr v18.16b,v0.16b,v0.16b
+ add w8, w8, #2
+ orr v6.16b,v0.16b,v0.16b
+ rev w10, w10
+ mov v1.s[3],w10
+ b.ls .Lctr32_tail
+ rev w12, w8
+ sub x2,x2,#3
+ mov v18.s[3],w12
+ b .Loop3x_ctr32
+
+.align 4
+.Loop3x_ctr32:
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v16.16b
+ aesmc v1.16b,v1.16b
+ aese v18.16b,v16.16b
+ aesmc v18.16b,v18.16b
+ ld1 {v16.4s},[x7],#16
+ subs w6,w6,#2
+ aese v0.16b,v17.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v17.16b
+ aesmc v1.16b,v1.16b
+ aese v18.16b,v17.16b
+ aesmc v18.16b,v18.16b
+ ld1 {v17.4s},[x7],#16
+ b.gt .Loop3x_ctr32
+
+ aese v0.16b,v16.16b
+ aesmc v4.16b,v0.16b
+ aese v1.16b,v16.16b
+ aesmc v5.16b,v1.16b
+ ld1 {v2.16b},[x0],#16
+ orr v0.16b,v6.16b,v6.16b
+ aese v18.16b,v16.16b
+ aesmc v18.16b,v18.16b
+ ld1 {v3.16b},[x0],#16
+ orr v1.16b,v6.16b,v6.16b
+ aese v4.16b,v17.16b
+ aesmc v4.16b,v4.16b
+ aese v5.16b,v17.16b
+ aesmc v5.16b,v5.16b
+ ld1 {v19.16b},[x0],#16
+ mov x7,x3
+ aese v18.16b,v17.16b
+ aesmc v17.16b,v18.16b
+ orr v18.16b,v6.16b,v6.16b
+ add w9,w8,#1
+ aese v4.16b,v20.16b
+ aesmc v4.16b,v4.16b
+ aese v5.16b,v20.16b
+ aesmc v5.16b,v5.16b
+ eor v2.16b,v2.16b,v7.16b
+ add w10,w8,#2
+ aese v17.16b,v20.16b
+ aesmc v17.16b,v17.16b
+ eor v3.16b,v3.16b,v7.16b
+ add w8,w8,#3
+ aese v4.16b,v21.16b
+ aesmc v4.16b,v4.16b
+ aese v5.16b,v21.16b
+ aesmc v5.16b,v5.16b
+ eor v19.16b,v19.16b,v7.16b
+ rev w9,w9
+ aese v17.16b,v21.16b
+ aesmc v17.16b,v17.16b
+ mov v0.s[3], w9
+ rev w10,w10
+ aese v4.16b,v22.16b
+ aesmc v4.16b,v4.16b
+ aese v5.16b,v22.16b
+ aesmc v5.16b,v5.16b
+ mov v1.s[3], w10
+ rev w12,w8
+ aese v17.16b,v22.16b
+ aesmc v17.16b,v17.16b
+ mov v18.s[3], w12
+ subs x2,x2,#3
+ aese v4.16b,v23.16b
+ aese v5.16b,v23.16b
+ aese v17.16b,v23.16b
+
+ eor v2.16b,v2.16b,v4.16b
+ ld1 {v16.4s},[x7],#16
+ st1 {v2.16b},[x1],#16
+ eor v3.16b,v3.16b,v5.16b
+ mov w6,w5
+ st1 {v3.16b},[x1],#16
+ eor v19.16b,v19.16b,v17.16b
+ ld1 {v17.4s},[x7],#16
+ st1 {v19.16b},[x1],#16
+ b.hs .Loop3x_ctr32
+
+ adds x2,x2,#3
+ b.eq .Lctr32_done
+ cmp x2,#1
+ mov x12,#16
+ csel x12,xzr,x12,eq
+
+.Lctr32_tail:
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v16.16b
+ aesmc v1.16b,v1.16b
+ ld1 {v16.4s},[x7],#16
+ subs w6,w6,#2
+ aese v0.16b,v17.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v17.16b
+ aesmc v1.16b,v1.16b
+ ld1 {v17.4s},[x7],#16
+ b.gt .Lctr32_tail
+
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v16.16b
+ aesmc v1.16b,v1.16b
+ aese v0.16b,v17.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v17.16b
+ aesmc v1.16b,v1.16b
+ ld1 {v2.16b},[x0],x12
+ aese v0.16b,v20.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v20.16b
+ aesmc v1.16b,v1.16b
+ ld1 {v3.16b},[x0]
+ aese v0.16b,v21.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v21.16b
+ aesmc v1.16b,v1.16b
+ eor v2.16b,v2.16b,v7.16b
+ aese v0.16b,v22.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v22.16b
+ aesmc v1.16b,v1.16b
+ eor v3.16b,v3.16b,v7.16b
+ aese v0.16b,v23.16b
+ aese v1.16b,v23.16b
+
+ cmp x2,#1
+ eor v2.16b,v2.16b,v0.16b
+ eor v3.16b,v3.16b,v1.16b
+ st1 {v2.16b},[x1],#16
+ b.eq .Lctr32_done
+ st1 {v3.16b},[x1]
+
+.Lctr32_done:
+ ldr x29,[sp],#16
+ ret
+.size aes_v8_ctr32_encrypt_blocks,.-aes_v8_ctr32_encrypt_blocks
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/aarch64/elf/ghash-aarch64.s b/lib/accelerated/aarch64/elf/ghash-aarch64.s
new file mode 100644
index 0000000..c301399
--- /dev/null
+++ b/lib/accelerated/aarch64/elf/ghash-aarch64.s
@@ -0,0 +1,589 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+# 1 "lib/accelerated/aarch64/elf/ghash-aarch64.s.tmp.S"
+# 1 "<built-in>"
+# 1 "<command-line>"
+# 1 "lib/accelerated/aarch64/elf/ghash-aarch64.s.tmp.S"
+# 1 "lib/accelerated/aarch64/aarch64-common.h" 1
+# 2 "lib/accelerated/aarch64/elf/ghash-aarch64.s.tmp.S" 2
+
+
+.text
+.arch armv8-a+crypto
+.globl gcm_init_v8
+.type gcm_init_v8,%function
+.align 4
+gcm_init_v8:
+ ld1 {v17.2d},[x1]
+ movi v19.16b,#0xe1
+ shl v19.2d,v19.2d,#57
+ ext v3.16b,v17.16b,v17.16b,#8
+ ushr v18.2d,v19.2d,#63
+ dup v17.4s,v17.s[1]
+ ext v16.16b,v18.16b,v19.16b,#8
+ ushr v18.2d,v3.2d,#63
+ sshr v17.4s,v17.4s,#31
+ and v18.16b,v18.16b,v16.16b
+ shl v3.2d,v3.2d,#1
+ ext v18.16b,v18.16b,v18.16b,#8
+ and v16.16b,v16.16b,v17.16b
+ orr v3.16b,v3.16b,v18.16b
+ eor v20.16b,v3.16b,v16.16b
+ st1 {v20.2d},[x0],#16
+
+
+ ext v16.16b,v20.16b,v20.16b,#8
+ pmull v0.1q,v20.1d,v20.1d
+ eor v16.16b,v16.16b,v20.16b
+ pmull2 v2.1q,v20.2d,v20.2d
+ pmull v1.1q,v16.1d,v16.1d
+
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ eor v1.16b,v1.16b,v18.16b
+ pmull v18.1q,v0.1d,v19.1d
+
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ eor v0.16b,v1.16b,v18.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ eor v22.16b,v0.16b,v18.16b
+
+ ext v17.16b,v22.16b,v22.16b,#8
+ eor v17.16b,v17.16b,v22.16b
+ ext v21.16b,v16.16b,v17.16b,#8
+ st1 {v21.2d,v22.2d},[x0],#32
+
+ pmull v0.1q,v20.1d, v22.1d
+ pmull v5.1q,v22.1d,v22.1d
+ pmull2 v2.1q,v20.2d, v22.2d
+ pmull2 v7.1q,v22.2d,v22.2d
+ pmull v1.1q,v16.1d,v17.1d
+ pmull v6.1q,v17.1d,v17.1d
+
+ ext v16.16b,v0.16b,v2.16b,#8
+ ext v17.16b,v5.16b,v7.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v16.16b
+ eor v4.16b,v5.16b,v7.16b
+ eor v6.16b,v6.16b,v17.16b
+ eor v1.16b,v1.16b,v18.16b
+ pmull v18.1q,v0.1d,v19.1d
+ eor v6.16b,v6.16b,v4.16b
+ pmull v4.1q,v5.1d,v19.1d
+
+ ins v2.d[0],v1.d[1]
+ ins v7.d[0],v6.d[1]
+ ins v1.d[1],v0.d[0]
+ ins v6.d[1],v5.d[0]
+ eor v0.16b,v1.16b,v18.16b
+ eor v5.16b,v6.16b,v4.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ ext v4.16b,v5.16b,v5.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ pmull v5.1q,v5.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ eor v4.16b,v4.16b,v7.16b
+ eor v20.16b, v0.16b,v18.16b
+ eor v22.16b,v5.16b,v4.16b
+
+ ext v16.16b,v20.16b, v20.16b,#8
+ ext v17.16b,v22.16b,v22.16b,#8
+ eor v16.16b,v16.16b,v20.16b
+ eor v17.16b,v17.16b,v22.16b
+ ext v21.16b,v16.16b,v17.16b,#8
+ st1 {v20.2d,v21.2d,v22.2d},[x0]
+ ret
+.size gcm_init_v8,.-gcm_init_v8
+.globl gcm_gmult_v8
+.type gcm_gmult_v8,%function
+.align 4
+gcm_gmult_v8:
+ ld1 {v17.2d},[x0]
+ movi v19.16b,#0xe1
+ ld1 {v20.2d,v21.2d},[x1]
+ shl v19.2d,v19.2d,#57
+
+ rev64 v17.16b,v17.16b
+
+ ext v3.16b,v17.16b,v17.16b,#8
+
+ pmull v0.1q,v20.1d,v3.1d
+ eor v17.16b,v17.16b,v3.16b
+ pmull2 v2.1q,v20.2d,v3.2d
+ pmull v1.1q,v21.1d,v17.1d
+
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ eor v1.16b,v1.16b,v18.16b
+ pmull v18.1q,v0.1d,v19.1d
+
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ eor v0.16b,v1.16b,v18.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ eor v0.16b,v0.16b,v18.16b
+
+
+ rev64 v0.16b,v0.16b
+
+ ext v0.16b,v0.16b,v0.16b,#8
+ st1 {v0.2d},[x0]
+
+ ret
+.size gcm_gmult_v8,.-gcm_gmult_v8
+.globl gcm_ghash_v8
+.type gcm_ghash_v8,%function
+.align 4
+gcm_ghash_v8:
+ cmp x3,#64
+ b.hs .Lgcm_ghash_v8_4x
+ ld1 {v0.2d},[x0]
+
+
+
+
+
+ subs x3,x3,#32
+ mov x12,#16
+# 159 "lib/accelerated/aarch64/elf/ghash-aarch64.s.tmp.S"
+ ld1 {v20.2d,v21.2d},[x1],#32
+ movi v19.16b,#0xe1
+ ld1 {v22.2d},[x1]
+ csel x12,xzr,x12,eq
+ ext v0.16b,v0.16b,v0.16b,#8
+ ld1 {v16.2d},[x2],#16
+ shl v19.2d,v19.2d,#57
+
+ rev64 v16.16b,v16.16b
+ rev64 v0.16b,v0.16b
+
+ ext v3.16b,v16.16b,v16.16b,#8
+ b.lo .Lodd_tail_v8
+ ld1 {v17.2d},[x2],x12
+
+ rev64 v17.16b,v17.16b
+
+ ext v7.16b,v17.16b,v17.16b,#8
+ eor v3.16b,v3.16b,v0.16b
+ pmull v4.1q,v20.1d,v7.1d
+ eor v17.16b,v17.16b,v7.16b
+ pmull2 v6.1q,v20.2d,v7.2d
+ b .Loop_mod2x_v8
+
+.align 4
+.Loop_mod2x_v8:
+ ext v18.16b,v3.16b,v3.16b,#8
+ subs x3,x3,#32
+ pmull v0.1q,v22.1d,v3.1d
+ csel x12,xzr,x12,lo
+
+ pmull v5.1q,v21.1d,v17.1d
+ eor v18.16b,v18.16b,v3.16b
+ pmull2 v2.1q,v22.2d,v3.2d
+ eor v0.16b,v0.16b,v4.16b
+ pmull2 v1.1q,v21.2d,v18.2d
+ ld1 {v16.2d},[x2],x12
+
+ eor v2.16b,v2.16b,v6.16b
+ csel x12,xzr,x12,eq
+ eor v1.16b,v1.16b,v5.16b
+
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ ld1 {v17.2d},[x2],x12
+
+ rev64 v16.16b,v16.16b
+
+ eor v1.16b,v1.16b,v18.16b
+ pmull v18.1q,v0.1d,v19.1d
+
+
+ rev64 v17.16b,v17.16b
+
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ ext v7.16b,v17.16b,v17.16b,#8
+ ext v3.16b,v16.16b,v16.16b,#8
+ eor v0.16b,v1.16b,v18.16b
+ pmull v4.1q,v20.1d,v7.1d
+ eor v3.16b,v3.16b,v2.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v3.16b,v3.16b,v18.16b
+ eor v17.16b,v17.16b,v7.16b
+ eor v3.16b,v3.16b,v0.16b
+ pmull2 v6.1q,v20.2d,v7.2d
+ b.hs .Loop_mod2x_v8
+
+ eor v2.16b,v2.16b,v18.16b
+ ext v3.16b,v16.16b,v16.16b,#8
+ adds x3,x3,#32
+ eor v0.16b,v0.16b,v2.16b
+ b.eq .Ldone_v8
+.Lodd_tail_v8:
+ ext v18.16b,v0.16b,v0.16b,#8
+ eor v3.16b,v3.16b,v0.16b
+ eor v17.16b,v16.16b,v18.16b
+
+ pmull v0.1q,v20.1d,v3.1d
+ eor v17.16b,v17.16b,v3.16b
+ pmull2 v2.1q,v20.2d,v3.2d
+ pmull v1.1q,v21.1d,v17.1d
+
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ eor v1.16b,v1.16b,v18.16b
+ pmull v18.1q,v0.1d,v19.1d
+
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ eor v0.16b,v1.16b,v18.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ eor v0.16b,v0.16b,v18.16b
+
+.Ldone_v8:
+
+ rev64 v0.16b,v0.16b
+
+ ext v0.16b,v0.16b,v0.16b,#8
+ st1 {v0.2d},[x0]
+
+ ret
+.size gcm_ghash_v8,.-gcm_ghash_v8
+.type gcm_ghash_v8_4x,%function
+.align 4
+gcm_ghash_v8_4x:
+.Lgcm_ghash_v8_4x:
+ ld1 {v0.2d},[x0]
+ ld1 {v20.2d,v21.2d,v22.2d},[x1],#48
+ movi v19.16b,#0xe1
+ ld1 {v26.2d,v27.2d,v28.2d},[x1]
+ shl v19.2d,v19.2d,#57
+
+ ld1 {v4.2d,v5.2d,v6.2d,v7.2d},[x2],#64
+
+ rev64 v0.16b,v0.16b
+ rev64 v5.16b,v5.16b
+ rev64 v6.16b,v6.16b
+ rev64 v7.16b,v7.16b
+ rev64 v4.16b,v4.16b
+
+ ext v25.16b,v7.16b,v7.16b,#8
+ ext v24.16b,v6.16b,v6.16b,#8
+ ext v23.16b,v5.16b,v5.16b,#8
+
+ pmull v29.1q,v20.1d,v25.1d
+ eor v7.16b,v7.16b,v25.16b
+ pmull2 v31.1q,v20.2d,v25.2d
+ pmull v30.1q,v21.1d,v7.1d
+
+ pmull v16.1q,v22.1d,v24.1d
+ eor v6.16b,v6.16b,v24.16b
+ pmull2 v24.1q,v22.2d,v24.2d
+ pmull2 v6.1q,v21.2d,v6.2d
+
+ eor v29.16b,v29.16b,v16.16b
+ eor v31.16b,v31.16b,v24.16b
+ eor v30.16b,v30.16b,v6.16b
+
+ pmull v7.1q,v26.1d,v23.1d
+ eor v5.16b,v5.16b,v23.16b
+ pmull2 v23.1q,v26.2d,v23.2d
+ pmull v5.1q,v27.1d,v5.1d
+
+ eor v29.16b,v29.16b,v7.16b
+ eor v31.16b,v31.16b,v23.16b
+ eor v30.16b,v30.16b,v5.16b
+
+ subs x3,x3,#128
+ b.lo .Ltail4x
+
+ b .Loop4x
+
+.align 4
+.Loop4x:
+ eor v16.16b,v4.16b,v0.16b
+ ld1 {v4.2d,v5.2d,v6.2d,v7.2d},[x2],#64
+ ext v3.16b,v16.16b,v16.16b,#8
+
+ rev64 v5.16b,v5.16b
+ rev64 v6.16b,v6.16b
+ rev64 v7.16b,v7.16b
+ rev64 v4.16b,v4.16b
+
+
+ pmull v0.1q,v28.1d,v3.1d
+ eor v16.16b,v16.16b,v3.16b
+ pmull2 v2.1q,v28.2d,v3.2d
+ ext v25.16b,v7.16b,v7.16b,#8
+ pmull2 v1.1q,v27.2d,v16.2d
+
+ eor v0.16b,v0.16b,v29.16b
+ eor v2.16b,v2.16b,v31.16b
+ ext v24.16b,v6.16b,v6.16b,#8
+ eor v1.16b,v1.16b,v30.16b
+ ext v23.16b,v5.16b,v5.16b,#8
+
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ pmull v29.1q,v20.1d,v25.1d
+ eor v7.16b,v7.16b,v25.16b
+ eor v1.16b,v1.16b,v17.16b
+ pmull2 v31.1q,v20.2d,v25.2d
+ eor v1.16b,v1.16b,v18.16b
+ pmull v30.1q,v21.1d,v7.1d
+
+ pmull v18.1q,v0.1d,v19.1d
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ pmull v16.1q,v22.1d,v24.1d
+ eor v6.16b,v6.16b,v24.16b
+ pmull2 v24.1q,v22.2d,v24.2d
+ eor v0.16b,v1.16b,v18.16b
+ pmull2 v6.1q,v21.2d,v6.2d
+
+ eor v29.16b,v29.16b,v16.16b
+ eor v31.16b,v31.16b,v24.16b
+ eor v30.16b,v30.16b,v6.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ pmull v7.1q,v26.1d,v23.1d
+ eor v5.16b,v5.16b,v23.16b
+ eor v18.16b,v18.16b,v2.16b
+ pmull2 v23.1q,v26.2d,v23.2d
+ pmull v5.1q,v27.1d,v5.1d
+
+ eor v0.16b,v0.16b,v18.16b
+ eor v29.16b,v29.16b,v7.16b
+ eor v31.16b,v31.16b,v23.16b
+ ext v0.16b,v0.16b,v0.16b,#8
+ eor v30.16b,v30.16b,v5.16b
+
+ subs x3,x3,#64
+ b.hs .Loop4x
+
+.Ltail4x:
+ eor v16.16b,v4.16b,v0.16b
+ ext v3.16b,v16.16b,v16.16b,#8
+
+ pmull v0.1q,v28.1d,v3.1d
+ eor v16.16b,v16.16b,v3.16b
+ pmull2 v2.1q,v28.2d,v3.2d
+ pmull2 v1.1q,v27.2d,v16.2d
+
+ eor v0.16b,v0.16b,v29.16b
+ eor v2.16b,v2.16b,v31.16b
+ eor v1.16b,v1.16b,v30.16b
+
+ adds x3,x3,#64
+ b.eq .Ldone4x
+
+ cmp x3,#32
+ b.lo .Lone
+ b.eq .Ltwo
+.Lthree:
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ ld1 {v4.2d,v5.2d,v6.2d},[x2]
+ eor v1.16b,v1.16b,v18.16b
+
+ rev64 v5.16b,v5.16b
+ rev64 v6.16b,v6.16b
+ rev64 v4.16b,v4.16b
+
+
+ pmull v18.1q,v0.1d,v19.1d
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ ext v24.16b,v6.16b,v6.16b,#8
+ ext v23.16b,v5.16b,v5.16b,#8
+ eor v0.16b,v1.16b,v18.16b
+
+ pmull v29.1q,v20.1d,v24.1d
+ eor v6.16b,v6.16b,v24.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ pmull2 v31.1q,v20.2d,v24.2d
+ pmull v30.1q,v21.1d,v6.1d
+ eor v0.16b,v0.16b,v18.16b
+ pmull v7.1q,v22.1d,v23.1d
+ eor v5.16b,v5.16b,v23.16b
+ ext v0.16b,v0.16b,v0.16b,#8
+
+ pmull2 v23.1q,v22.2d,v23.2d
+ eor v16.16b,v4.16b,v0.16b
+ pmull2 v5.1q,v21.2d,v5.2d
+ ext v3.16b,v16.16b,v16.16b,#8
+
+ eor v29.16b,v29.16b,v7.16b
+ eor v31.16b,v31.16b,v23.16b
+ eor v30.16b,v30.16b,v5.16b
+
+ pmull v0.1q,v26.1d,v3.1d
+ eor v16.16b,v16.16b,v3.16b
+ pmull2 v2.1q,v26.2d,v3.2d
+ pmull v1.1q,v27.1d,v16.1d
+
+ eor v0.16b,v0.16b,v29.16b
+ eor v2.16b,v2.16b,v31.16b
+ eor v1.16b,v1.16b,v30.16b
+ b .Ldone4x
+
+.align 4
+.Ltwo:
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ ld1 {v4.2d,v5.2d},[x2]
+ eor v1.16b,v1.16b,v18.16b
+
+ rev64 v5.16b,v5.16b
+ rev64 v4.16b,v4.16b
+
+
+ pmull v18.1q,v0.1d,v19.1d
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ ext v23.16b,v5.16b,v5.16b,#8
+ eor v0.16b,v1.16b,v18.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ eor v0.16b,v0.16b,v18.16b
+ ext v0.16b,v0.16b,v0.16b,#8
+
+ pmull v29.1q,v20.1d,v23.1d
+ eor v5.16b,v5.16b,v23.16b
+
+ eor v16.16b,v4.16b,v0.16b
+ ext v3.16b,v16.16b,v16.16b,#8
+
+ pmull2 v31.1q,v20.2d,v23.2d
+ pmull v30.1q,v21.1d,v5.1d
+
+ pmull v0.1q,v22.1d,v3.1d
+ eor v16.16b,v16.16b,v3.16b
+ pmull2 v2.1q,v22.2d,v3.2d
+ pmull2 v1.1q,v21.2d,v16.2d
+
+ eor v0.16b,v0.16b,v29.16b
+ eor v2.16b,v2.16b,v31.16b
+ eor v1.16b,v1.16b,v30.16b
+ b .Ldone4x
+
+.align 4
+.Lone:
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ ld1 {v4.2d},[x2]
+ eor v1.16b,v1.16b,v18.16b
+
+ rev64 v4.16b,v4.16b
+
+
+ pmull v18.1q,v0.1d,v19.1d
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ eor v0.16b,v1.16b,v18.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ eor v0.16b,v0.16b,v18.16b
+ ext v0.16b,v0.16b,v0.16b,#8
+
+ eor v16.16b,v4.16b,v0.16b
+ ext v3.16b,v16.16b,v16.16b,#8
+
+ pmull v0.1q,v20.1d,v3.1d
+ eor v16.16b,v16.16b,v3.16b
+ pmull2 v2.1q,v20.2d,v3.2d
+ pmull v1.1q,v21.1d,v16.1d
+
+.Ldone4x:
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ eor v1.16b,v1.16b,v18.16b
+
+ pmull v18.1q,v0.1d,v19.1d
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ eor v0.16b,v1.16b,v18.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ eor v0.16b,v0.16b,v18.16b
+ ext v0.16b,v0.16b,v0.16b,#8
+
+
+ rev64 v0.16b,v0.16b
+
+ st1 {v0.2d},[x0]
+
+ ret
+.size gcm_ghash_v8_4x,.-gcm_ghash_v8_4x
+.byte 71,72,65,83,72,32,102,111,114,32,65,82,77,118,56,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.align 2
+.align 2
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/aarch64/elf/sha1-armv8.s b/lib/accelerated/aarch64/elf/sha1-armv8.s
new file mode 100644
index 0000000..0de5de0
--- /dev/null
+++ b/lib/accelerated/aarch64/elf/sha1-armv8.s
@@ -0,0 +1,1266 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+# 1 "lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S"
+# 1 "<built-in>"
+# 1 "<command-line>"
+# 1 "lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S"
+# 1 "lib/accelerated/aarch64/aarch64-common.h" 1
+# 2 "lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S" 2
+
+.text
+
+
+.hidden _gnutls_arm_cpuid_s
+.globl sha1_block_data_order
+.type sha1_block_data_order,%function
+.align 6
+sha1_block_data_order:
+
+
+
+ ldr x16,.L_gnutls_arm_cpuid_s
+
+ adr x17,.L_gnutls_arm_cpuid_s
+ add x16,x16,x17
+ ldr w16,[x16]
+ tst w16,#(1<<3)
+ b.ne .Lv8_entry
+
+ stp x29,x30,[sp,#-96]!
+ add x29,sp,#0
+ stp x19,x20,[sp,#16]
+ stp x21,x22,[sp,#32]
+ stp x23,x24,[sp,#48]
+ stp x25,x26,[sp,#64]
+ stp x27,x28,[sp,#80]
+
+ ldp w20,w21,[x0]
+ ldp w22,w23,[x0,#8]
+ ldr w24,[x0,#16]
+
+.Loop:
+ ldr x3,[x1],#64
+ movz w28,#0x7999
+ sub x2,x2,#1
+ movk w28,#0x5a82,lsl#16
+
+
+
+ rev32 x3,x3
+
+ add w24,w24,w28
+ add w24,w24,w3
+ lsr x4,x3,#32
+ ldr x5,[x1,#-56]
+ bic w25,w23,w21
+ and w26,w22,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ orr w25,w25,w26
+ add w24,w24,w27
+ ror w21,w21,#2
+ add w23,w23,w4
+ add w24,w24,w25
+
+
+
+ rev32 x5,x5
+
+ bic w25,w22,w20
+ and w26,w21,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ orr w25,w25,w26
+ add w23,w23,w27
+ ror w20,w20,#2
+ add w22,w22,w5
+ add w23,w23,w25
+ lsr x6,x5,#32
+ ldr x7,[x1,#-48]
+ bic w25,w21,w24
+ and w26,w20,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ orr w25,w25,w26
+ add w22,w22,w27
+ ror w24,w24,#2
+ add w21,w21,w6
+ add w22,w22,w25
+
+
+
+ rev32 x7,x7
+
+ bic w25,w20,w23
+ and w26,w24,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ orr w25,w25,w26
+ add w21,w21,w27
+ ror w23,w23,#2
+ add w20,w20,w7
+ add w21,w21,w25
+ lsr x8,x7,#32
+ ldr x9,[x1,#-40]
+ bic w25,w24,w22
+ and w26,w23,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ orr w25,w25,w26
+ add w20,w20,w27
+ ror w22,w22,#2
+ add w24,w24,w8
+ add w20,w20,w25
+
+
+
+ rev32 x9,x9
+
+ bic w25,w23,w21
+ and w26,w22,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ orr w25,w25,w26
+ add w24,w24,w27
+ ror w21,w21,#2
+ add w23,w23,w9
+ add w24,w24,w25
+ lsr x10,x9,#32
+ ldr x11,[x1,#-32]
+ bic w25,w22,w20
+ and w26,w21,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ orr w25,w25,w26
+ add w23,w23,w27
+ ror w20,w20,#2
+ add w22,w22,w10
+ add w23,w23,w25
+
+
+
+ rev32 x11,x11
+
+ bic w25,w21,w24
+ and w26,w20,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ orr w25,w25,w26
+ add w22,w22,w27
+ ror w24,w24,#2
+ add w21,w21,w11
+ add w22,w22,w25
+ lsr x12,x11,#32
+ ldr x13,[x1,#-24]
+ bic w25,w20,w23
+ and w26,w24,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ orr w25,w25,w26
+ add w21,w21,w27
+ ror w23,w23,#2
+ add w20,w20,w12
+ add w21,w21,w25
+
+
+
+ rev32 x13,x13
+
+ bic w25,w24,w22
+ and w26,w23,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ orr w25,w25,w26
+ add w20,w20,w27
+ ror w22,w22,#2
+ add w24,w24,w13
+ add w20,w20,w25
+ lsr x14,x13,#32
+ ldr x15,[x1,#-16]
+ bic w25,w23,w21
+ and w26,w22,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ orr w25,w25,w26
+ add w24,w24,w27
+ ror w21,w21,#2
+ add w23,w23,w14
+ add w24,w24,w25
+
+
+
+ rev32 x15,x15
+
+ bic w25,w22,w20
+ and w26,w21,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ orr w25,w25,w26
+ add w23,w23,w27
+ ror w20,w20,#2
+ add w22,w22,w15
+ add w23,w23,w25
+ lsr x16,x15,#32
+ ldr x17,[x1,#-8]
+ bic w25,w21,w24
+ and w26,w20,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ orr w25,w25,w26
+ add w22,w22,w27
+ ror w24,w24,#2
+ add w21,w21,w16
+ add w22,w22,w25
+
+
+
+ rev32 x17,x17
+
+ bic w25,w20,w23
+ and w26,w24,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ orr w25,w25,w26
+ add w21,w21,w27
+ ror w23,w23,#2
+ add w20,w20,w17
+ add w21,w21,w25
+ lsr x19,x17,#32
+ eor w3,w3,w5
+ bic w25,w24,w22
+ and w26,w23,w22
+ ror w27,w21,#27
+ eor w3,w3,w11
+ add w24,w24,w28
+ orr w25,w25,w26
+ add w20,w20,w27
+ eor w3,w3,w16
+ ror w22,w22,#2
+ add w24,w24,w19
+ add w20,w20,w25
+ ror w3,w3,#31
+ eor w4,w4,w6
+ bic w25,w23,w21
+ and w26,w22,w21
+ ror w27,w20,#27
+ eor w4,w4,w12
+ add w23,w23,w28
+ orr w25,w25,w26
+ add w24,w24,w27
+ eor w4,w4,w17
+ ror w21,w21,#2
+ add w23,w23,w3
+ add w24,w24,w25
+ ror w4,w4,#31
+ eor w5,w5,w7
+ bic w25,w22,w20
+ and w26,w21,w20
+ ror w27,w24,#27
+ eor w5,w5,w13
+ add w22,w22,w28
+ orr w25,w25,w26
+ add w23,w23,w27
+ eor w5,w5,w19
+ ror w20,w20,#2
+ add w22,w22,w4
+ add w23,w23,w25
+ ror w5,w5,#31
+ eor w6,w6,w8
+ bic w25,w21,w24
+ and w26,w20,w24
+ ror w27,w23,#27
+ eor w6,w6,w14
+ add w21,w21,w28
+ orr w25,w25,w26
+ add w22,w22,w27
+ eor w6,w6,w3
+ ror w24,w24,#2
+ add w21,w21,w5
+ add w22,w22,w25
+ ror w6,w6,#31
+ eor w7,w7,w9
+ bic w25,w20,w23
+ and w26,w24,w23
+ ror w27,w22,#27
+ eor w7,w7,w15
+ add w20,w20,w28
+ orr w25,w25,w26
+ add w21,w21,w27
+ eor w7,w7,w4
+ ror w23,w23,#2
+ add w20,w20,w6
+ add w21,w21,w25
+ ror w7,w7,#31
+ movz w28,#0xeba1
+ movk w28,#0x6ed9,lsl#16
+ eor w8,w8,w10
+ bic w25,w24,w22
+ and w26,w23,w22
+ ror w27,w21,#27
+ eor w8,w8,w16
+ add w24,w24,w28
+ orr w25,w25,w26
+ add w20,w20,w27
+ eor w8,w8,w5
+ ror w22,w22,#2
+ add w24,w24,w7
+ add w20,w20,w25
+ ror w8,w8,#31
+ eor w9,w9,w11
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w9,w9,w17
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w9,w9,w6
+ add w23,w23,w8
+ add w24,w24,w25
+ ror w9,w9,#31
+ eor w10,w10,w12
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w10,w10,w19
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w10,w10,w7
+ add w22,w22,w9
+ add w23,w23,w25
+ ror w10,w10,#31
+ eor w11,w11,w13
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w11,w11,w3
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w11,w11,w8
+ add w21,w21,w10
+ add w22,w22,w25
+ ror w11,w11,#31
+ eor w12,w12,w14
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w12,w12,w4
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ eor w12,w12,w9
+ add w20,w20,w11
+ add w21,w21,w25
+ ror w12,w12,#31
+ eor w13,w13,w15
+ eor w25,w24,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ eor w13,w13,w5
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ eor w13,w13,w10
+ add w24,w24,w12
+ add w20,w20,w25
+ ror w13,w13,#31
+ eor w14,w14,w16
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w14,w14,w6
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w14,w14,w11
+ add w23,w23,w13
+ add w24,w24,w25
+ ror w14,w14,#31
+ eor w15,w15,w17
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w15,w15,w7
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w15,w15,w12
+ add w22,w22,w14
+ add w23,w23,w25
+ ror w15,w15,#31
+ eor w16,w16,w19
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w16,w16,w8
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w16,w16,w13
+ add w21,w21,w15
+ add w22,w22,w25
+ ror w16,w16,#31
+ eor w17,w17,w3
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w17,w17,w9
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ eor w17,w17,w14
+ add w20,w20,w16
+ add w21,w21,w25
+ ror w17,w17,#31
+ eor w19,w19,w4
+ eor w25,w24,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ eor w19,w19,w10
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ eor w19,w19,w15
+ add w24,w24,w17
+ add w20,w20,w25
+ ror w19,w19,#31
+ eor w3,w3,w5
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w3,w3,w11
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w3,w3,w16
+ add w23,w23,w19
+ add w24,w24,w25
+ ror w3,w3,#31
+ eor w4,w4,w6
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w4,w4,w12
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w4,w4,w17
+ add w22,w22,w3
+ add w23,w23,w25
+ ror w4,w4,#31
+ eor w5,w5,w7
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w5,w5,w13
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w5,w5,w19
+ add w21,w21,w4
+ add w22,w22,w25
+ ror w5,w5,#31
+ eor w6,w6,w8
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w6,w6,w14
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ eor w6,w6,w3
+ add w20,w20,w5
+ add w21,w21,w25
+ ror w6,w6,#31
+ eor w7,w7,w9
+ eor w25,w24,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ eor w7,w7,w15
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ eor w7,w7,w4
+ add w24,w24,w6
+ add w20,w20,w25
+ ror w7,w7,#31
+ eor w8,w8,w10
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w8,w8,w16
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w8,w8,w5
+ add w23,w23,w7
+ add w24,w24,w25
+ ror w8,w8,#31
+ eor w9,w9,w11
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w9,w9,w17
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w9,w9,w6
+ add w22,w22,w8
+ add w23,w23,w25
+ ror w9,w9,#31
+ eor w10,w10,w12
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w10,w10,w19
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w10,w10,w7
+ add w21,w21,w9
+ add w22,w22,w25
+ ror w10,w10,#31
+ eor w11,w11,w13
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w11,w11,w3
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ eor w11,w11,w8
+ add w20,w20,w10
+ add w21,w21,w25
+ ror w11,w11,#31
+ movz w28,#0xbcdc
+ movk w28,#0x8f1b,lsl#16
+ eor w12,w12,w14
+ eor w25,w24,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ eor w12,w12,w4
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ eor w12,w12,w9
+ add w24,w24,w11
+ add w20,w20,w25
+ ror w12,w12,#31
+ orr w25,w21,w22
+ and w26,w21,w22
+ eor w13,w13,w15
+ ror w27,w20,#27
+ and w25,w25,w23
+ add w23,w23,w28
+ eor w13,w13,w5
+ add w24,w24,w27
+ orr w25,w25,w26
+ ror w21,w21,#2
+ eor w13,w13,w10
+ add w23,w23,w12
+ add w24,w24,w25
+ ror w13,w13,#31
+ orr w25,w20,w21
+ and w26,w20,w21
+ eor w14,w14,w16
+ ror w27,w24,#27
+ and w25,w25,w22
+ add w22,w22,w28
+ eor w14,w14,w6
+ add w23,w23,w27
+ orr w25,w25,w26
+ ror w20,w20,#2
+ eor w14,w14,w11
+ add w22,w22,w13
+ add w23,w23,w25
+ ror w14,w14,#31
+ orr w25,w24,w20
+ and w26,w24,w20
+ eor w15,w15,w17
+ ror w27,w23,#27
+ and w25,w25,w21
+ add w21,w21,w28
+ eor w15,w15,w7
+ add w22,w22,w27
+ orr w25,w25,w26
+ ror w24,w24,#2
+ eor w15,w15,w12
+ add w21,w21,w14
+ add w22,w22,w25
+ ror w15,w15,#31
+ orr w25,w23,w24
+ and w26,w23,w24
+ eor w16,w16,w19
+ ror w27,w22,#27
+ and w25,w25,w20
+ add w20,w20,w28
+ eor w16,w16,w8
+ add w21,w21,w27
+ orr w25,w25,w26
+ ror w23,w23,#2
+ eor w16,w16,w13
+ add w20,w20,w15
+ add w21,w21,w25
+ ror w16,w16,#31
+ orr w25,w22,w23
+ and w26,w22,w23
+ eor w17,w17,w3
+ ror w27,w21,#27
+ and w25,w25,w24
+ add w24,w24,w28
+ eor w17,w17,w9
+ add w20,w20,w27
+ orr w25,w25,w26
+ ror w22,w22,#2
+ eor w17,w17,w14
+ add w24,w24,w16
+ add w20,w20,w25
+ ror w17,w17,#31
+ orr w25,w21,w22
+ and w26,w21,w22
+ eor w19,w19,w4
+ ror w27,w20,#27
+ and w25,w25,w23
+ add w23,w23,w28
+ eor w19,w19,w10
+ add w24,w24,w27
+ orr w25,w25,w26
+ ror w21,w21,#2
+ eor w19,w19,w15
+ add w23,w23,w17
+ add w24,w24,w25
+ ror w19,w19,#31
+ orr w25,w20,w21
+ and w26,w20,w21
+ eor w3,w3,w5
+ ror w27,w24,#27
+ and w25,w25,w22
+ add w22,w22,w28
+ eor w3,w3,w11
+ add w23,w23,w27
+ orr w25,w25,w26
+ ror w20,w20,#2
+ eor w3,w3,w16
+ add w22,w22,w19
+ add w23,w23,w25
+ ror w3,w3,#31
+ orr w25,w24,w20
+ and w26,w24,w20
+ eor w4,w4,w6
+ ror w27,w23,#27
+ and w25,w25,w21
+ add w21,w21,w28
+ eor w4,w4,w12
+ add w22,w22,w27
+ orr w25,w25,w26
+ ror w24,w24,#2
+ eor w4,w4,w17
+ add w21,w21,w3
+ add w22,w22,w25
+ ror w4,w4,#31
+ orr w25,w23,w24
+ and w26,w23,w24
+ eor w5,w5,w7
+ ror w27,w22,#27
+ and w25,w25,w20
+ add w20,w20,w28
+ eor w5,w5,w13
+ add w21,w21,w27
+ orr w25,w25,w26
+ ror w23,w23,#2
+ eor w5,w5,w19
+ add w20,w20,w4
+ add w21,w21,w25
+ ror w5,w5,#31
+ orr w25,w22,w23
+ and w26,w22,w23
+ eor w6,w6,w8
+ ror w27,w21,#27
+ and w25,w25,w24
+ add w24,w24,w28
+ eor w6,w6,w14
+ add w20,w20,w27
+ orr w25,w25,w26
+ ror w22,w22,#2
+ eor w6,w6,w3
+ add w24,w24,w5
+ add w20,w20,w25
+ ror w6,w6,#31
+ orr w25,w21,w22
+ and w26,w21,w22
+ eor w7,w7,w9
+ ror w27,w20,#27
+ and w25,w25,w23
+ add w23,w23,w28
+ eor w7,w7,w15
+ add w24,w24,w27
+ orr w25,w25,w26
+ ror w21,w21,#2
+ eor w7,w7,w4
+ add w23,w23,w6
+ add w24,w24,w25
+ ror w7,w7,#31
+ orr w25,w20,w21
+ and w26,w20,w21
+ eor w8,w8,w10
+ ror w27,w24,#27
+ and w25,w25,w22
+ add w22,w22,w28
+ eor w8,w8,w16
+ add w23,w23,w27
+ orr w25,w25,w26
+ ror w20,w20,#2
+ eor w8,w8,w5
+ add w22,w22,w7
+ add w23,w23,w25
+ ror w8,w8,#31
+ orr w25,w24,w20
+ and w26,w24,w20
+ eor w9,w9,w11
+ ror w27,w23,#27
+ and w25,w25,w21
+ add w21,w21,w28
+ eor w9,w9,w17
+ add w22,w22,w27
+ orr w25,w25,w26
+ ror w24,w24,#2
+ eor w9,w9,w6
+ add w21,w21,w8
+ add w22,w22,w25
+ ror w9,w9,#31
+ orr w25,w23,w24
+ and w26,w23,w24
+ eor w10,w10,w12
+ ror w27,w22,#27
+ and w25,w25,w20
+ add w20,w20,w28
+ eor w10,w10,w19
+ add w21,w21,w27
+ orr w25,w25,w26
+ ror w23,w23,#2
+ eor w10,w10,w7
+ add w20,w20,w9
+ add w21,w21,w25
+ ror w10,w10,#31
+ orr w25,w22,w23
+ and w26,w22,w23
+ eor w11,w11,w13
+ ror w27,w21,#27
+ and w25,w25,w24
+ add w24,w24,w28
+ eor w11,w11,w3
+ add w20,w20,w27
+ orr w25,w25,w26
+ ror w22,w22,#2
+ eor w11,w11,w8
+ add w24,w24,w10
+ add w20,w20,w25
+ ror w11,w11,#31
+ orr w25,w21,w22
+ and w26,w21,w22
+ eor w12,w12,w14
+ ror w27,w20,#27
+ and w25,w25,w23
+ add w23,w23,w28
+ eor w12,w12,w4
+ add w24,w24,w27
+ orr w25,w25,w26
+ ror w21,w21,#2
+ eor w12,w12,w9
+ add w23,w23,w11
+ add w24,w24,w25
+ ror w12,w12,#31
+ orr w25,w20,w21
+ and w26,w20,w21
+ eor w13,w13,w15
+ ror w27,w24,#27
+ and w25,w25,w22
+ add w22,w22,w28
+ eor w13,w13,w5
+ add w23,w23,w27
+ orr w25,w25,w26
+ ror w20,w20,#2
+ eor w13,w13,w10
+ add w22,w22,w12
+ add w23,w23,w25
+ ror w13,w13,#31
+ orr w25,w24,w20
+ and w26,w24,w20
+ eor w14,w14,w16
+ ror w27,w23,#27
+ and w25,w25,w21
+ add w21,w21,w28
+ eor w14,w14,w6
+ add w22,w22,w27
+ orr w25,w25,w26
+ ror w24,w24,#2
+ eor w14,w14,w11
+ add w21,w21,w13
+ add w22,w22,w25
+ ror w14,w14,#31
+ orr w25,w23,w24
+ and w26,w23,w24
+ eor w15,w15,w17
+ ror w27,w22,#27
+ and w25,w25,w20
+ add w20,w20,w28
+ eor w15,w15,w7
+ add w21,w21,w27
+ orr w25,w25,w26
+ ror w23,w23,#2
+ eor w15,w15,w12
+ add w20,w20,w14
+ add w21,w21,w25
+ ror w15,w15,#31
+ movz w28,#0xc1d6
+ movk w28,#0xca62,lsl#16
+ orr w25,w22,w23
+ and w26,w22,w23
+ eor w16,w16,w19
+ ror w27,w21,#27
+ and w25,w25,w24
+ add w24,w24,w28
+ eor w16,w16,w8
+ add w20,w20,w27
+ orr w25,w25,w26
+ ror w22,w22,#2
+ eor w16,w16,w13
+ add w24,w24,w15
+ add w20,w20,w25
+ ror w16,w16,#31
+ eor w17,w17,w3
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w17,w17,w9
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w17,w17,w14
+ add w23,w23,w16
+ add w24,w24,w25
+ ror w17,w17,#31
+ eor w19,w19,w4
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w19,w19,w10
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w19,w19,w15
+ add w22,w22,w17
+ add w23,w23,w25
+ ror w19,w19,#31
+ eor w3,w3,w5
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w3,w3,w11
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w3,w3,w16
+ add w21,w21,w19
+ add w22,w22,w25
+ ror w3,w3,#31
+ eor w4,w4,w6
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w4,w4,w12
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ eor w4,w4,w17
+ add w20,w20,w3
+ add w21,w21,w25
+ ror w4,w4,#31
+ eor w5,w5,w7
+ eor w25,w24,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ eor w5,w5,w13
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ eor w5,w5,w19
+ add w24,w24,w4
+ add w20,w20,w25
+ ror w5,w5,#31
+ eor w6,w6,w8
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w6,w6,w14
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w6,w6,w3
+ add w23,w23,w5
+ add w24,w24,w25
+ ror w6,w6,#31
+ eor w7,w7,w9
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w7,w7,w15
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w7,w7,w4
+ add w22,w22,w6
+ add w23,w23,w25
+ ror w7,w7,#31
+ eor w8,w8,w10
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w8,w8,w16
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w8,w8,w5
+ add w21,w21,w7
+ add w22,w22,w25
+ ror w8,w8,#31
+ eor w9,w9,w11
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w9,w9,w17
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ eor w9,w9,w6
+ add w20,w20,w8
+ add w21,w21,w25
+ ror w9,w9,#31
+ eor w10,w10,w12
+ eor w25,w24,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ eor w10,w10,w19
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ eor w10,w10,w7
+ add w24,w24,w9
+ add w20,w20,w25
+ ror w10,w10,#31
+ eor w11,w11,w13
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w11,w11,w3
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w11,w11,w8
+ add w23,w23,w10
+ add w24,w24,w25
+ ror w11,w11,#31
+ eor w12,w12,w14
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w12,w12,w4
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w12,w12,w9
+ add w22,w22,w11
+ add w23,w23,w25
+ ror w12,w12,#31
+ eor w13,w13,w15
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w13,w13,w5
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w13,w13,w10
+ add w21,w21,w12
+ add w22,w22,w25
+ ror w13,w13,#31
+ eor w14,w14,w16
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w14,w14,w6
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ eor w14,w14,w11
+ add w20,w20,w13
+ add w21,w21,w25
+ ror w14,w14,#31
+ eor w15,w15,w17
+ eor w25,w24,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ eor w15,w15,w7
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ eor w15,w15,w12
+ add w24,w24,w14
+ add w20,w20,w25
+ ror w15,w15,#31
+ eor w16,w16,w19
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w16,w16,w8
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w16,w16,w13
+ add w23,w23,w15
+ add w24,w24,w25
+ ror w16,w16,#31
+ eor w17,w17,w3
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w17,w17,w9
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w17,w17,w14
+ add w22,w22,w16
+ add w23,w23,w25
+ ror w17,w17,#31
+ eor w19,w19,w4
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w19,w19,w10
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w19,w19,w15
+ add w21,w21,w17
+ add w22,w22,w25
+ ror w19,w19,#31
+ ldp w4,w5,[x0]
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ add w20,w20,w19
+ add w21,w21,w25
+ ldp w6,w7,[x0,#8]
+ eor w25,w24,w22
+ ror w27,w21,#27
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ ldr w8,[x0,#16]
+ add w20,w20,w25
+ add w21,w21,w5
+ add w22,w22,w6
+ add w20,w20,w4
+ add w23,w23,w7
+ add w24,w24,w8
+ stp w20,w21,[x0]
+ stp w22,w23,[x0,#8]
+ str w24,[x0,#16]
+ cbnz x2,.Loop
+
+ ldp x19,x20,[sp,#16]
+ ldp x21,x22,[sp,#32]
+ ldp x23,x24,[sp,#48]
+ ldp x25,x26,[sp,#64]
+ ldp x27,x28,[sp,#80]
+ ldr x29,[sp],#96
+ ret
+.size sha1_block_data_order,.-sha1_block_data_order
+.type sha1_block_armv8,%function
+.align 6
+sha1_block_armv8:
+.Lv8_entry:
+ stp x29,x30,[sp,#-16]!
+ add x29,sp,#0
+
+ adr x4,.Lconst
+ eor v1.16b,v1.16b,v1.16b
+ ld1 {v0.4s},[x0],#16
+ ld1 {v1.s}[0],[x0]
+ sub x0,x0,#16
+ ld1 {v16.4s,v17.4s,v18.4s,v19.4s},[x4]
+
+.Loop_hw:
+ ld1 {v4.16b,v5.16b,v6.16b,v7.16b},[x1],#64
+ sub x2,x2,#1
+ rev32 v4.16b,v4.16b
+ rev32 v5.16b,v5.16b
+
+ add v20.4s,v16.4s,v4.4s
+ rev32 v6.16b,v6.16b
+ orr v22.16b,v0.16b,v0.16b
+
+ add v21.4s,v16.4s,v5.4s
+ rev32 v7.16b,v7.16b
+.inst 0x5e280803
+.inst 0x5e140020
+ add v20.4s,v16.4s,v6.4s
+.inst 0x5e0630a4
+.inst 0x5e280802
+.inst 0x5e150060
+ add v21.4s,v16.4s,v7.4s
+.inst 0x5e2818e4
+.inst 0x5e0730c5
+.inst 0x5e280803
+.inst 0x5e140040
+ add v20.4s,v16.4s,v4.4s
+.inst 0x5e281885
+.inst 0x5e0430e6
+.inst 0x5e280802
+.inst 0x5e150060
+ add v21.4s,v17.4s,v5.4s
+.inst 0x5e2818a6
+.inst 0x5e053087
+.inst 0x5e280803
+.inst 0x5e140040
+ add v20.4s,v17.4s,v6.4s
+.inst 0x5e2818c7
+.inst 0x5e0630a4
+.inst 0x5e280802
+.inst 0x5e151060
+ add v21.4s,v17.4s,v7.4s
+.inst 0x5e2818e4
+.inst 0x5e0730c5
+.inst 0x5e280803
+.inst 0x5e141040
+ add v20.4s,v17.4s,v4.4s
+.inst 0x5e281885
+.inst 0x5e0430e6
+.inst 0x5e280802
+.inst 0x5e151060
+ add v21.4s,v17.4s,v5.4s
+.inst 0x5e2818a6
+.inst 0x5e053087
+.inst 0x5e280803
+.inst 0x5e141040
+ add v20.4s,v18.4s,v6.4s
+.inst 0x5e2818c7
+.inst 0x5e0630a4
+.inst 0x5e280802
+.inst 0x5e151060
+ add v21.4s,v18.4s,v7.4s
+.inst 0x5e2818e4
+.inst 0x5e0730c5
+.inst 0x5e280803
+.inst 0x5e142040
+ add v20.4s,v18.4s,v4.4s
+.inst 0x5e281885
+.inst 0x5e0430e6
+.inst 0x5e280802
+.inst 0x5e152060
+ add v21.4s,v18.4s,v5.4s
+.inst 0x5e2818a6
+.inst 0x5e053087
+.inst 0x5e280803
+.inst 0x5e142040
+ add v20.4s,v18.4s,v6.4s
+.inst 0x5e2818c7
+.inst 0x5e0630a4
+.inst 0x5e280802
+.inst 0x5e152060
+ add v21.4s,v19.4s,v7.4s
+.inst 0x5e2818e4
+.inst 0x5e0730c5
+.inst 0x5e280803
+.inst 0x5e142040
+ add v20.4s,v19.4s,v4.4s
+.inst 0x5e281885
+.inst 0x5e0430e6
+.inst 0x5e280802
+.inst 0x5e151060
+ add v21.4s,v19.4s,v5.4s
+.inst 0x5e2818a6
+.inst 0x5e053087
+.inst 0x5e280803
+.inst 0x5e141040
+ add v20.4s,v19.4s,v6.4s
+.inst 0x5e2818c7
+.inst 0x5e280802
+.inst 0x5e151060
+ add v21.4s,v19.4s,v7.4s
+
+.inst 0x5e280803
+.inst 0x5e141040
+
+.inst 0x5e280802
+.inst 0x5e151060
+
+ add v1.4s,v1.4s,v2.4s
+ add v0.4s,v0.4s,v22.4s
+
+ cbnz x2,.Loop_hw
+
+ st1 {v0.4s},[x0],#16
+ st1 {v1.s}[0],[x0]
+
+ ldr x29,[sp],#16
+ ret
+.size sha1_block_armv8,.-sha1_block_armv8
+.align 6
+.Lconst:
+.long 0x5a827999,0x5a827999,0x5a827999,0x5a827999
+.long 0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1
+.long 0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc
+.long 0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6
+.L_gnutls_arm_cpuid_s:
+
+
+
+.quad _gnutls_arm_cpuid_s-.
+
+.byte 83,72,65,49,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,65,82,77,118,56,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.align 2
+.align 2
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/aarch64/elf/sha256-armv8.s b/lib/accelerated/aarch64/elf/sha256-armv8.s
new file mode 100644
index 0000000..2d13b5e
--- /dev/null
+++ b/lib/accelerated/aarch64/elf/sha256-armv8.s
@@ -0,0 +1,2054 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+# 1 "lib/accelerated/aarch64/elf/sha256-armv8.s.tmp.S"
+# 1 "<built-in>"
+# 1 "<command-line>"
+# 1 "lib/accelerated/aarch64/elf/sha256-armv8.s.tmp.S"
+# 56 "lib/accelerated/aarch64/elf/sha256-armv8.s.tmp.S"
+# 1 "lib/accelerated/aarch64/aarch64-common.h" 1
+# 57 "lib/accelerated/aarch64/elf/sha256-armv8.s.tmp.S" 2
+
+
+.text
+
+
+.hidden _gnutls_arm_cpuid_s
+.globl sha256_block_data_order
+.type sha256_block_data_order,%function
+.align 6
+sha256_block_data_order:
+
+
+
+
+ ldr x16,.L_gnutls_arm_cpuid_s
+
+ adr x17,.L_gnutls_arm_cpuid_s
+ add x16,x16,x17
+ ldr w16,[x16]
+ tst w16,#(1<<4)
+ b.ne .Lv8_entry
+ tst w16,#(1<<0)
+ b.ne .Lneon_entry
+
+.inst 0xd503233f
+ stp x29,x30,[sp,#-128]!
+ add x29,sp,#0
+
+ stp x19,x20,[sp,#16]
+ stp x21,x22,[sp,#32]
+ stp x23,x24,[sp,#48]
+ stp x25,x26,[sp,#64]
+ stp x27,x28,[sp,#80]
+ sub sp,sp,#4*4
+
+ ldp w20,w21,[x0]
+ ldp w22,w23,[x0,#2*4]
+ ldp w24,w25,[x0,#4*4]
+ add x2,x1,x2,lsl#6
+ ldp w26,w27,[x0,#6*4]
+ adr x30,.LK256
+ stp x0,x2,[x29,#96]
+
+.Loop:
+ ldp w3,w4,[x1],#2*4
+ ldr w19,[x30],#4
+ eor w28,w21,w22
+ str x1,[x29,#112]
+
+ rev w3,w3
+
+ ror w16,w24,#6
+ add w27,w27,w19
+ eor w6,w24,w24,ror#14
+ and w17,w25,w24
+ bic w19,w26,w24
+ add w27,w27,w3
+ orr w17,w17,w19
+ eor w19,w20,w21
+ eor w16,w16,w6,ror#11
+ ror w6,w20,#2
+ add w27,w27,w17
+ eor w17,w20,w20,ror#9
+ add w27,w27,w16
+ and w28,w28,w19
+ add w23,w23,w27
+ eor w28,w28,w21
+ eor w17,w6,w17,ror#13
+ add w27,w27,w28
+ ldr w28,[x30],#4
+
+
+ rev w4,w4
+
+ ldp w5,w6,[x1],#2*4
+ add w27,w27,w17
+ ror w16,w23,#6
+ add w26,w26,w28
+ eor w7,w23,w23,ror#14
+ and w17,w24,w23
+ bic w28,w25,w23
+ add w26,w26,w4
+ orr w17,w17,w28
+ eor w28,w27,w20
+ eor w16,w16,w7,ror#11
+ ror w7,w27,#2
+ add w26,w26,w17
+ eor w17,w27,w27,ror#9
+ add w26,w26,w16
+ and w19,w19,w28
+ add w22,w22,w26
+ eor w19,w19,w20
+ eor w17,w7,w17,ror#13
+ add w26,w26,w19
+ ldr w19,[x30],#4
+
+
+ rev w5,w5
+
+ add w26,w26,w17
+ ror w16,w22,#6
+ add w25,w25,w19
+ eor w8,w22,w22,ror#14
+ and w17,w23,w22
+ bic w19,w24,w22
+ add w25,w25,w5
+ orr w17,w17,w19
+ eor w19,w26,w27
+ eor w16,w16,w8,ror#11
+ ror w8,w26,#2
+ add w25,w25,w17
+ eor w17,w26,w26,ror#9
+ add w25,w25,w16
+ and w28,w28,w19
+ add w21,w21,w25
+ eor w28,w28,w27
+ eor w17,w8,w17,ror#13
+ add w25,w25,w28
+ ldr w28,[x30],#4
+
+
+ rev w6,w6
+
+ ldp w7,w8,[x1],#2*4
+ add w25,w25,w17
+ ror w16,w21,#6
+ add w24,w24,w28
+ eor w9,w21,w21,ror#14
+ and w17,w22,w21
+ bic w28,w23,w21
+ add w24,w24,w6
+ orr w17,w17,w28
+ eor w28,w25,w26
+ eor w16,w16,w9,ror#11
+ ror w9,w25,#2
+ add w24,w24,w17
+ eor w17,w25,w25,ror#9
+ add w24,w24,w16
+ and w19,w19,w28
+ add w20,w20,w24
+ eor w19,w19,w26
+ eor w17,w9,w17,ror#13
+ add w24,w24,w19
+ ldr w19,[x30],#4
+
+
+ rev w7,w7
+
+ add w24,w24,w17
+ ror w16,w20,#6
+ add w23,w23,w19
+ eor w10,w20,w20,ror#14
+ and w17,w21,w20
+ bic w19,w22,w20
+ add w23,w23,w7
+ orr w17,w17,w19
+ eor w19,w24,w25
+ eor w16,w16,w10,ror#11
+ ror w10,w24,#2
+ add w23,w23,w17
+ eor w17,w24,w24,ror#9
+ add w23,w23,w16
+ and w28,w28,w19
+ add w27,w27,w23
+ eor w28,w28,w25
+ eor w17,w10,w17,ror#13
+ add w23,w23,w28
+ ldr w28,[x30],#4
+
+
+ rev w8,w8
+
+ ldp w9,w10,[x1],#2*4
+ add w23,w23,w17
+ ror w16,w27,#6
+ add w22,w22,w28
+ eor w11,w27,w27,ror#14
+ and w17,w20,w27
+ bic w28,w21,w27
+ add w22,w22,w8
+ orr w17,w17,w28
+ eor w28,w23,w24
+ eor w16,w16,w11,ror#11
+ ror w11,w23,#2
+ add w22,w22,w17
+ eor w17,w23,w23,ror#9
+ add w22,w22,w16
+ and w19,w19,w28
+ add w26,w26,w22
+ eor w19,w19,w24
+ eor w17,w11,w17,ror#13
+ add w22,w22,w19
+ ldr w19,[x30],#4
+
+
+ rev w9,w9
+
+ add w22,w22,w17
+ ror w16,w26,#6
+ add w21,w21,w19
+ eor w12,w26,w26,ror#14
+ and w17,w27,w26
+ bic w19,w20,w26
+ add w21,w21,w9
+ orr w17,w17,w19
+ eor w19,w22,w23
+ eor w16,w16,w12,ror#11
+ ror w12,w22,#2
+ add w21,w21,w17
+ eor w17,w22,w22,ror#9
+ add w21,w21,w16
+ and w28,w28,w19
+ add w25,w25,w21
+ eor w28,w28,w23
+ eor w17,w12,w17,ror#13
+ add w21,w21,w28
+ ldr w28,[x30],#4
+
+
+ rev w10,w10
+
+ ldp w11,w12,[x1],#2*4
+ add w21,w21,w17
+ ror w16,w25,#6
+ add w20,w20,w28
+ eor w13,w25,w25,ror#14
+ and w17,w26,w25
+ bic w28,w27,w25
+ add w20,w20,w10
+ orr w17,w17,w28
+ eor w28,w21,w22
+ eor w16,w16,w13,ror#11
+ ror w13,w21,#2
+ add w20,w20,w17
+ eor w17,w21,w21,ror#9
+ add w20,w20,w16
+ and w19,w19,w28
+ add w24,w24,w20
+ eor w19,w19,w22
+ eor w17,w13,w17,ror#13
+ add w20,w20,w19
+ ldr w19,[x30],#4
+
+
+ rev w11,w11
+
+ add w20,w20,w17
+ ror w16,w24,#6
+ add w27,w27,w19
+ eor w14,w24,w24,ror#14
+ and w17,w25,w24
+ bic w19,w26,w24
+ add w27,w27,w11
+ orr w17,w17,w19
+ eor w19,w20,w21
+ eor w16,w16,w14,ror#11
+ ror w14,w20,#2
+ add w27,w27,w17
+ eor w17,w20,w20,ror#9
+ add w27,w27,w16
+ and w28,w28,w19
+ add w23,w23,w27
+ eor w28,w28,w21
+ eor w17,w14,w17,ror#13
+ add w27,w27,w28
+ ldr w28,[x30],#4
+
+
+ rev w12,w12
+
+ ldp w13,w14,[x1],#2*4
+ add w27,w27,w17
+ ror w16,w23,#6
+ add w26,w26,w28
+ eor w15,w23,w23,ror#14
+ and w17,w24,w23
+ bic w28,w25,w23
+ add w26,w26,w12
+ orr w17,w17,w28
+ eor w28,w27,w20
+ eor w16,w16,w15,ror#11
+ ror w15,w27,#2
+ add w26,w26,w17
+ eor w17,w27,w27,ror#9
+ add w26,w26,w16
+ and w19,w19,w28
+ add w22,w22,w26
+ eor w19,w19,w20
+ eor w17,w15,w17,ror#13
+ add w26,w26,w19
+ ldr w19,[x30],#4
+
+
+ rev w13,w13
+
+ add w26,w26,w17
+ ror w16,w22,#6
+ add w25,w25,w19
+ eor w0,w22,w22,ror#14
+ and w17,w23,w22
+ bic w19,w24,w22
+ add w25,w25,w13
+ orr w17,w17,w19
+ eor w19,w26,w27
+ eor w16,w16,w0,ror#11
+ ror w0,w26,#2
+ add w25,w25,w17
+ eor w17,w26,w26,ror#9
+ add w25,w25,w16
+ and w28,w28,w19
+ add w21,w21,w25
+ eor w28,w28,w27
+ eor w17,w0,w17,ror#13
+ add w25,w25,w28
+ ldr w28,[x30],#4
+
+
+ rev w14,w14
+
+ ldp w15,w0,[x1],#2*4
+ add w25,w25,w17
+ str w6,[sp,#12]
+ ror w16,w21,#6
+ add w24,w24,w28
+ eor w6,w21,w21,ror#14
+ and w17,w22,w21
+ bic w28,w23,w21
+ add w24,w24,w14
+ orr w17,w17,w28
+ eor w28,w25,w26
+ eor w16,w16,w6,ror#11
+ ror w6,w25,#2
+ add w24,w24,w17
+ eor w17,w25,w25,ror#9
+ add w24,w24,w16
+ and w19,w19,w28
+ add w20,w20,w24
+ eor w19,w19,w26
+ eor w17,w6,w17,ror#13
+ add w24,w24,w19
+ ldr w19,[x30],#4
+
+
+ rev w15,w15
+
+ add w24,w24,w17
+ str w7,[sp,#0]
+ ror w16,w20,#6
+ add w23,w23,w19
+ eor w7,w20,w20,ror#14
+ and w17,w21,w20
+ bic w19,w22,w20
+ add w23,w23,w15
+ orr w17,w17,w19
+ eor w19,w24,w25
+ eor w16,w16,w7,ror#11
+ ror w7,w24,#2
+ add w23,w23,w17
+ eor w17,w24,w24,ror#9
+ add w23,w23,w16
+ and w28,w28,w19
+ add w27,w27,w23
+ eor w28,w28,w25
+ eor w17,w7,w17,ror#13
+ add w23,w23,w28
+ ldr w28,[x30],#4
+
+
+ rev w0,w0
+
+ ldp w1,w2,[x1]
+ add w23,w23,w17
+ str w8,[sp,#4]
+ ror w16,w27,#6
+ add w22,w22,w28
+ eor w8,w27,w27,ror#14
+ and w17,w20,w27
+ bic w28,w21,w27
+ add w22,w22,w0
+ orr w17,w17,w28
+ eor w28,w23,w24
+ eor w16,w16,w8,ror#11
+ ror w8,w23,#2
+ add w22,w22,w17
+ eor w17,w23,w23,ror#9
+ add w22,w22,w16
+ and w19,w19,w28
+ add w26,w26,w22
+ eor w19,w19,w24
+ eor w17,w8,w17,ror#13
+ add w22,w22,w19
+ ldr w19,[x30],#4
+
+
+ rev w1,w1
+
+ ldr w6,[sp,#12]
+ add w22,w22,w17
+ str w9,[sp,#8]
+ ror w16,w26,#6
+ add w21,w21,w19
+ eor w9,w26,w26,ror#14
+ and w17,w27,w26
+ bic w19,w20,w26
+ add w21,w21,w1
+ orr w17,w17,w19
+ eor w19,w22,w23
+ eor w16,w16,w9,ror#11
+ ror w9,w22,#2
+ add w21,w21,w17
+ eor w17,w22,w22,ror#9
+ add w21,w21,w16
+ and w28,w28,w19
+ add w25,w25,w21
+ eor w28,w28,w23
+ eor w17,w9,w17,ror#13
+ add w21,w21,w28
+ ldr w28,[x30],#4
+
+
+ rev w2,w2
+
+ ldr w7,[sp,#0]
+ add w21,w21,w17
+ str w10,[sp,#12]
+ ror w16,w25,#6
+ add w20,w20,w28
+ ror w9,w4,#7
+ and w17,w26,w25
+ ror w8,w1,#17
+ bic w28,w27,w25
+ ror w10,w21,#2
+ add w20,w20,w2
+ eor w16,w16,w25,ror#11
+ eor w9,w9,w4,ror#18
+ orr w17,w17,w28
+ eor w28,w21,w22
+ eor w16,w16,w25,ror#25
+ eor w10,w10,w21,ror#13
+ add w20,w20,w17
+ and w19,w19,w28
+ eor w8,w8,w1,ror#19
+ eor w9,w9,w4,lsr#3
+ add w20,w20,w16
+ eor w19,w19,w22
+ eor w17,w10,w21,ror#22
+ eor w8,w8,w1,lsr#10
+ add w3,w3,w12
+ add w24,w24,w20
+ add w20,w20,w19
+ ldr w19,[x30],#4
+ add w3,w3,w9
+ add w20,w20,w17
+ add w3,w3,w8
+.Loop_16_xx:
+ ldr w8,[sp,#4]
+ str w11,[sp,#0]
+ ror w16,w24,#6
+ add w27,w27,w19
+ ror w10,w5,#7
+ and w17,w25,w24
+ ror w9,w2,#17
+ bic w19,w26,w24
+ ror w11,w20,#2
+ add w27,w27,w3
+ eor w16,w16,w24,ror#11
+ eor w10,w10,w5,ror#18
+ orr w17,w17,w19
+ eor w19,w20,w21
+ eor w16,w16,w24,ror#25
+ eor w11,w11,w20,ror#13
+ add w27,w27,w17
+ and w28,w28,w19
+ eor w9,w9,w2,ror#19
+ eor w10,w10,w5,lsr#3
+ add w27,w27,w16
+ eor w28,w28,w21
+ eor w17,w11,w20,ror#22
+ eor w9,w9,w2,lsr#10
+ add w4,w4,w13
+ add w23,w23,w27
+ add w27,w27,w28
+ ldr w28,[x30],#4
+ add w4,w4,w10
+ add w27,w27,w17
+ add w4,w4,w9
+ ldr w9,[sp,#8]
+ str w12,[sp,#4]
+ ror w16,w23,#6
+ add w26,w26,w28
+ ror w11,w6,#7
+ and w17,w24,w23
+ ror w10,w3,#17
+ bic w28,w25,w23
+ ror w12,w27,#2
+ add w26,w26,w4
+ eor w16,w16,w23,ror#11
+ eor w11,w11,w6,ror#18
+ orr w17,w17,w28
+ eor w28,w27,w20
+ eor w16,w16,w23,ror#25
+ eor w12,w12,w27,ror#13
+ add w26,w26,w17
+ and w19,w19,w28
+ eor w10,w10,w3,ror#19
+ eor w11,w11,w6,lsr#3
+ add w26,w26,w16
+ eor w19,w19,w20
+ eor w17,w12,w27,ror#22
+ eor w10,w10,w3,lsr#10
+ add w5,w5,w14
+ add w22,w22,w26
+ add w26,w26,w19
+ ldr w19,[x30],#4
+ add w5,w5,w11
+ add w26,w26,w17
+ add w5,w5,w10
+ ldr w10,[sp,#12]
+ str w13,[sp,#8]
+ ror w16,w22,#6
+ add w25,w25,w19
+ ror w12,w7,#7
+ and w17,w23,w22
+ ror w11,w4,#17
+ bic w19,w24,w22
+ ror w13,w26,#2
+ add w25,w25,w5
+ eor w16,w16,w22,ror#11
+ eor w12,w12,w7,ror#18
+ orr w17,w17,w19
+ eor w19,w26,w27
+ eor w16,w16,w22,ror#25
+ eor w13,w13,w26,ror#13
+ add w25,w25,w17
+ and w28,w28,w19
+ eor w11,w11,w4,ror#19
+ eor w12,w12,w7,lsr#3
+ add w25,w25,w16
+ eor w28,w28,w27
+ eor w17,w13,w26,ror#22
+ eor w11,w11,w4,lsr#10
+ add w6,w6,w15
+ add w21,w21,w25
+ add w25,w25,w28
+ ldr w28,[x30],#4
+ add w6,w6,w12
+ add w25,w25,w17
+ add w6,w6,w11
+ ldr w11,[sp,#0]
+ str w14,[sp,#12]
+ ror w16,w21,#6
+ add w24,w24,w28
+ ror w13,w8,#7
+ and w17,w22,w21
+ ror w12,w5,#17
+ bic w28,w23,w21
+ ror w14,w25,#2
+ add w24,w24,w6
+ eor w16,w16,w21,ror#11
+ eor w13,w13,w8,ror#18
+ orr w17,w17,w28
+ eor w28,w25,w26
+ eor w16,w16,w21,ror#25
+ eor w14,w14,w25,ror#13
+ add w24,w24,w17
+ and w19,w19,w28
+ eor w12,w12,w5,ror#19
+ eor w13,w13,w8,lsr#3
+ add w24,w24,w16
+ eor w19,w19,w26
+ eor w17,w14,w25,ror#22
+ eor w12,w12,w5,lsr#10
+ add w7,w7,w0
+ add w20,w20,w24
+ add w24,w24,w19
+ ldr w19,[x30],#4
+ add w7,w7,w13
+ add w24,w24,w17
+ add w7,w7,w12
+ ldr w12,[sp,#4]
+ str w15,[sp,#0]
+ ror w16,w20,#6
+ add w23,w23,w19
+ ror w14,w9,#7
+ and w17,w21,w20
+ ror w13,w6,#17
+ bic w19,w22,w20
+ ror w15,w24,#2
+ add w23,w23,w7
+ eor w16,w16,w20,ror#11
+ eor w14,w14,w9,ror#18
+ orr w17,w17,w19
+ eor w19,w24,w25
+ eor w16,w16,w20,ror#25
+ eor w15,w15,w24,ror#13
+ add w23,w23,w17
+ and w28,w28,w19
+ eor w13,w13,w6,ror#19
+ eor w14,w14,w9,lsr#3
+ add w23,w23,w16
+ eor w28,w28,w25
+ eor w17,w15,w24,ror#22
+ eor w13,w13,w6,lsr#10
+ add w8,w8,w1
+ add w27,w27,w23
+ add w23,w23,w28
+ ldr w28,[x30],#4
+ add w8,w8,w14
+ add w23,w23,w17
+ add w8,w8,w13
+ ldr w13,[sp,#8]
+ str w0,[sp,#4]
+ ror w16,w27,#6
+ add w22,w22,w28
+ ror w15,w10,#7
+ and w17,w20,w27
+ ror w14,w7,#17
+ bic w28,w21,w27
+ ror w0,w23,#2
+ add w22,w22,w8
+ eor w16,w16,w27,ror#11
+ eor w15,w15,w10,ror#18
+ orr w17,w17,w28
+ eor w28,w23,w24
+ eor w16,w16,w27,ror#25
+ eor w0,w0,w23,ror#13
+ add w22,w22,w17
+ and w19,w19,w28
+ eor w14,w14,w7,ror#19
+ eor w15,w15,w10,lsr#3
+ add w22,w22,w16
+ eor w19,w19,w24
+ eor w17,w0,w23,ror#22
+ eor w14,w14,w7,lsr#10
+ add w9,w9,w2
+ add w26,w26,w22
+ add w22,w22,w19
+ ldr w19,[x30],#4
+ add w9,w9,w15
+ add w22,w22,w17
+ add w9,w9,w14
+ ldr w14,[sp,#12]
+ str w1,[sp,#8]
+ ror w16,w26,#6
+ add w21,w21,w19
+ ror w0,w11,#7
+ and w17,w27,w26
+ ror w15,w8,#17
+ bic w19,w20,w26
+ ror w1,w22,#2
+ add w21,w21,w9
+ eor w16,w16,w26,ror#11
+ eor w0,w0,w11,ror#18
+ orr w17,w17,w19
+ eor w19,w22,w23
+ eor w16,w16,w26,ror#25
+ eor w1,w1,w22,ror#13
+ add w21,w21,w17
+ and w28,w28,w19
+ eor w15,w15,w8,ror#19
+ eor w0,w0,w11,lsr#3
+ add w21,w21,w16
+ eor w28,w28,w23
+ eor w17,w1,w22,ror#22
+ eor w15,w15,w8,lsr#10
+ add w10,w10,w3
+ add w25,w25,w21
+ add w21,w21,w28
+ ldr w28,[x30],#4
+ add w10,w10,w0
+ add w21,w21,w17
+ add w10,w10,w15
+ ldr w15,[sp,#0]
+ str w2,[sp,#12]
+ ror w16,w25,#6
+ add w20,w20,w28
+ ror w1,w12,#7
+ and w17,w26,w25
+ ror w0,w9,#17
+ bic w28,w27,w25
+ ror w2,w21,#2
+ add w20,w20,w10
+ eor w16,w16,w25,ror#11
+ eor w1,w1,w12,ror#18
+ orr w17,w17,w28
+ eor w28,w21,w22
+ eor w16,w16,w25,ror#25
+ eor w2,w2,w21,ror#13
+ add w20,w20,w17
+ and w19,w19,w28
+ eor w0,w0,w9,ror#19
+ eor w1,w1,w12,lsr#3
+ add w20,w20,w16
+ eor w19,w19,w22
+ eor w17,w2,w21,ror#22
+ eor w0,w0,w9,lsr#10
+ add w11,w11,w4
+ add w24,w24,w20
+ add w20,w20,w19
+ ldr w19,[x30],#4
+ add w11,w11,w1
+ add w20,w20,w17
+ add w11,w11,w0
+ ldr w0,[sp,#4]
+ str w3,[sp,#0]
+ ror w16,w24,#6
+ add w27,w27,w19
+ ror w2,w13,#7
+ and w17,w25,w24
+ ror w1,w10,#17
+ bic w19,w26,w24
+ ror w3,w20,#2
+ add w27,w27,w11
+ eor w16,w16,w24,ror#11
+ eor w2,w2,w13,ror#18
+ orr w17,w17,w19
+ eor w19,w20,w21
+ eor w16,w16,w24,ror#25
+ eor w3,w3,w20,ror#13
+ add w27,w27,w17
+ and w28,w28,w19
+ eor w1,w1,w10,ror#19
+ eor w2,w2,w13,lsr#3
+ add w27,w27,w16
+ eor w28,w28,w21
+ eor w17,w3,w20,ror#22
+ eor w1,w1,w10,lsr#10
+ add w12,w12,w5
+ add w23,w23,w27
+ add w27,w27,w28
+ ldr w28,[x30],#4
+ add w12,w12,w2
+ add w27,w27,w17
+ add w12,w12,w1
+ ldr w1,[sp,#8]
+ str w4,[sp,#4]
+ ror w16,w23,#6
+ add w26,w26,w28
+ ror w3,w14,#7
+ and w17,w24,w23
+ ror w2,w11,#17
+ bic w28,w25,w23
+ ror w4,w27,#2
+ add w26,w26,w12
+ eor w16,w16,w23,ror#11
+ eor w3,w3,w14,ror#18
+ orr w17,w17,w28
+ eor w28,w27,w20
+ eor w16,w16,w23,ror#25
+ eor w4,w4,w27,ror#13
+ add w26,w26,w17
+ and w19,w19,w28
+ eor w2,w2,w11,ror#19
+ eor w3,w3,w14,lsr#3
+ add w26,w26,w16
+ eor w19,w19,w20
+ eor w17,w4,w27,ror#22
+ eor w2,w2,w11,lsr#10
+ add w13,w13,w6
+ add w22,w22,w26
+ add w26,w26,w19
+ ldr w19,[x30],#4
+ add w13,w13,w3
+ add w26,w26,w17
+ add w13,w13,w2
+ ldr w2,[sp,#12]
+ str w5,[sp,#8]
+ ror w16,w22,#6
+ add w25,w25,w19
+ ror w4,w15,#7
+ and w17,w23,w22
+ ror w3,w12,#17
+ bic w19,w24,w22
+ ror w5,w26,#2
+ add w25,w25,w13
+ eor w16,w16,w22,ror#11
+ eor w4,w4,w15,ror#18
+ orr w17,w17,w19
+ eor w19,w26,w27
+ eor w16,w16,w22,ror#25
+ eor w5,w5,w26,ror#13
+ add w25,w25,w17
+ and w28,w28,w19
+ eor w3,w3,w12,ror#19
+ eor w4,w4,w15,lsr#3
+ add w25,w25,w16
+ eor w28,w28,w27
+ eor w17,w5,w26,ror#22
+ eor w3,w3,w12,lsr#10
+ add w14,w14,w7
+ add w21,w21,w25
+ add w25,w25,w28
+ ldr w28,[x30],#4
+ add w14,w14,w4
+ add w25,w25,w17
+ add w14,w14,w3
+ ldr w3,[sp,#0]
+ str w6,[sp,#12]
+ ror w16,w21,#6
+ add w24,w24,w28
+ ror w5,w0,#7
+ and w17,w22,w21
+ ror w4,w13,#17
+ bic w28,w23,w21
+ ror w6,w25,#2
+ add w24,w24,w14
+ eor w16,w16,w21,ror#11
+ eor w5,w5,w0,ror#18
+ orr w17,w17,w28
+ eor w28,w25,w26
+ eor w16,w16,w21,ror#25
+ eor w6,w6,w25,ror#13
+ add w24,w24,w17
+ and w19,w19,w28
+ eor w4,w4,w13,ror#19
+ eor w5,w5,w0,lsr#3
+ add w24,w24,w16
+ eor w19,w19,w26
+ eor w17,w6,w25,ror#22
+ eor w4,w4,w13,lsr#10
+ add w15,w15,w8
+ add w20,w20,w24
+ add w24,w24,w19
+ ldr w19,[x30],#4
+ add w15,w15,w5
+ add w24,w24,w17
+ add w15,w15,w4
+ ldr w4,[sp,#4]
+ str w7,[sp,#0]
+ ror w16,w20,#6
+ add w23,w23,w19
+ ror w6,w1,#7
+ and w17,w21,w20
+ ror w5,w14,#17
+ bic w19,w22,w20
+ ror w7,w24,#2
+ add w23,w23,w15
+ eor w16,w16,w20,ror#11
+ eor w6,w6,w1,ror#18
+ orr w17,w17,w19
+ eor w19,w24,w25
+ eor w16,w16,w20,ror#25
+ eor w7,w7,w24,ror#13
+ add w23,w23,w17
+ and w28,w28,w19
+ eor w5,w5,w14,ror#19
+ eor w6,w6,w1,lsr#3
+ add w23,w23,w16
+ eor w28,w28,w25
+ eor w17,w7,w24,ror#22
+ eor w5,w5,w14,lsr#10
+ add w0,w0,w9
+ add w27,w27,w23
+ add w23,w23,w28
+ ldr w28,[x30],#4
+ add w0,w0,w6
+ add w23,w23,w17
+ add w0,w0,w5
+ ldr w5,[sp,#8]
+ str w8,[sp,#4]
+ ror w16,w27,#6
+ add w22,w22,w28
+ ror w7,w2,#7
+ and w17,w20,w27
+ ror w6,w15,#17
+ bic w28,w21,w27
+ ror w8,w23,#2
+ add w22,w22,w0
+ eor w16,w16,w27,ror#11
+ eor w7,w7,w2,ror#18
+ orr w17,w17,w28
+ eor w28,w23,w24
+ eor w16,w16,w27,ror#25
+ eor w8,w8,w23,ror#13
+ add w22,w22,w17
+ and w19,w19,w28
+ eor w6,w6,w15,ror#19
+ eor w7,w7,w2,lsr#3
+ add w22,w22,w16
+ eor w19,w19,w24
+ eor w17,w8,w23,ror#22
+ eor w6,w6,w15,lsr#10
+ add w1,w1,w10
+ add w26,w26,w22
+ add w22,w22,w19
+ ldr w19,[x30],#4
+ add w1,w1,w7
+ add w22,w22,w17
+ add w1,w1,w6
+ ldr w6,[sp,#12]
+ str w9,[sp,#8]
+ ror w16,w26,#6
+ add w21,w21,w19
+ ror w8,w3,#7
+ and w17,w27,w26
+ ror w7,w0,#17
+ bic w19,w20,w26
+ ror w9,w22,#2
+ add w21,w21,w1
+ eor w16,w16,w26,ror#11
+ eor w8,w8,w3,ror#18
+ orr w17,w17,w19
+ eor w19,w22,w23
+ eor w16,w16,w26,ror#25
+ eor w9,w9,w22,ror#13
+ add w21,w21,w17
+ and w28,w28,w19
+ eor w7,w7,w0,ror#19
+ eor w8,w8,w3,lsr#3
+ add w21,w21,w16
+ eor w28,w28,w23
+ eor w17,w9,w22,ror#22
+ eor w7,w7,w0,lsr#10
+ add w2,w2,w11
+ add w25,w25,w21
+ add w21,w21,w28
+ ldr w28,[x30],#4
+ add w2,w2,w8
+ add w21,w21,w17
+ add w2,w2,w7
+ ldr w7,[sp,#0]
+ str w10,[sp,#12]
+ ror w16,w25,#6
+ add w20,w20,w28
+ ror w9,w4,#7
+ and w17,w26,w25
+ ror w8,w1,#17
+ bic w28,w27,w25
+ ror w10,w21,#2
+ add w20,w20,w2
+ eor w16,w16,w25,ror#11
+ eor w9,w9,w4,ror#18
+ orr w17,w17,w28
+ eor w28,w21,w22
+ eor w16,w16,w25,ror#25
+ eor w10,w10,w21,ror#13
+ add w20,w20,w17
+ and w19,w19,w28
+ eor w8,w8,w1,ror#19
+ eor w9,w9,w4,lsr#3
+ add w20,w20,w16
+ eor w19,w19,w22
+ eor w17,w10,w21,ror#22
+ eor w8,w8,w1,lsr#10
+ add w3,w3,w12
+ add w24,w24,w20
+ add w20,w20,w19
+ ldr w19,[x30],#4
+ add w3,w3,w9
+ add w20,w20,w17
+ add w3,w3,w8
+ cbnz w19,.Loop_16_xx
+
+ ldp x0,x2,[x29,#96]
+ ldr x1,[x29,#112]
+ sub x30,x30,#260
+
+ ldp w3,w4,[x0]
+ ldp w5,w6,[x0,#2*4]
+ add x1,x1,#14*4
+ ldp w7,w8,[x0,#4*4]
+ add w20,w20,w3
+ ldp w9,w10,[x0,#6*4]
+ add w21,w21,w4
+ add w22,w22,w5
+ add w23,w23,w6
+ stp w20,w21,[x0]
+ add w24,w24,w7
+ add w25,w25,w8
+ stp w22,w23,[x0,#2*4]
+ add w26,w26,w9
+ add w27,w27,w10
+ cmp x1,x2
+ stp w24,w25,[x0,#4*4]
+ stp w26,w27,[x0,#6*4]
+ b.ne .Loop
+
+ ldp x19,x20,[x29,#16]
+ add sp,sp,#4*4
+ ldp x21,x22,[x29,#32]
+ ldp x23,x24,[x29,#48]
+ ldp x25,x26,[x29,#64]
+ ldp x27,x28,[x29,#80]
+ ldp x29,x30,[sp],#128
+.inst 0xd50323bf
+ ret
+.size sha256_block_data_order,.-sha256_block_data_order
+
+.align 6
+.type .LK256,%object
+.LK256:
+.long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+.long 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+.long 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+.long 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+.long 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+.long 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+.long 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+.long 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+.long 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+.long 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+.long 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+.long 0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+.long 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+.long 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+.long 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+.long 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+.long 0
+.size .LK256,.-.LK256
+
+.align 3
+.L_gnutls_arm_cpuid_s:
+
+
+
+.quad _gnutls_arm_cpuid_s-.
+
+
+.byte 83,72,65,50,53,54,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,65,82,77,118,56,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.align 2
+.align 2
+
+.type sha256_block_armv8,%function
+.align 6
+sha256_block_armv8:
+.Lv8_entry:
+ stp x29,x30,[sp,#-16]!
+ add x29,sp,#0
+
+ ld1 {v0.4s,v1.4s},[x0]
+ adr x3,.LK256
+
+.Loop_hw:
+ ld1 {v4.16b,v5.16b,v6.16b,v7.16b},[x1],#64
+ sub x2,x2,#1
+ ld1 {v16.4s},[x3],#16
+ rev32 v4.16b,v4.16b
+ rev32 v5.16b,v5.16b
+ rev32 v6.16b,v6.16b
+ rev32 v7.16b,v7.16b
+ orr v18.16b,v0.16b,v0.16b
+ orr v19.16b,v1.16b,v1.16b
+ ld1 {v17.4s},[x3],#16
+ add v16.4s,v16.4s,v4.4s
+.inst 0x5e2828a4
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e104020
+.inst 0x5e105041
+.inst 0x5e0760c4
+ ld1 {v16.4s},[x3],#16
+ add v17.4s,v17.4s,v5.4s
+.inst 0x5e2828c5
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e114020
+.inst 0x5e115041
+.inst 0x5e0460e5
+ ld1 {v17.4s},[x3],#16
+ add v16.4s,v16.4s,v6.4s
+.inst 0x5e2828e6
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e104020
+.inst 0x5e105041
+.inst 0x5e056086
+ ld1 {v16.4s},[x3],#16
+ add v17.4s,v17.4s,v7.4s
+.inst 0x5e282887
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e114020
+.inst 0x5e115041
+.inst 0x5e0660a7
+ ld1 {v17.4s},[x3],#16
+ add v16.4s,v16.4s,v4.4s
+.inst 0x5e2828a4
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e104020
+.inst 0x5e105041
+.inst 0x5e0760c4
+ ld1 {v16.4s},[x3],#16
+ add v17.4s,v17.4s,v5.4s
+.inst 0x5e2828c5
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e114020
+.inst 0x5e115041
+.inst 0x5e0460e5
+ ld1 {v17.4s},[x3],#16
+ add v16.4s,v16.4s,v6.4s
+.inst 0x5e2828e6
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e104020
+.inst 0x5e105041
+.inst 0x5e056086
+ ld1 {v16.4s},[x3],#16
+ add v17.4s,v17.4s,v7.4s
+.inst 0x5e282887
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e114020
+.inst 0x5e115041
+.inst 0x5e0660a7
+ ld1 {v17.4s},[x3],#16
+ add v16.4s,v16.4s,v4.4s
+.inst 0x5e2828a4
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e104020
+.inst 0x5e105041
+.inst 0x5e0760c4
+ ld1 {v16.4s},[x3],#16
+ add v17.4s,v17.4s,v5.4s
+.inst 0x5e2828c5
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e114020
+.inst 0x5e115041
+.inst 0x5e0460e5
+ ld1 {v17.4s},[x3],#16
+ add v16.4s,v16.4s,v6.4s
+.inst 0x5e2828e6
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e104020
+.inst 0x5e105041
+.inst 0x5e056086
+ ld1 {v16.4s},[x3],#16
+ add v17.4s,v17.4s,v7.4s
+.inst 0x5e282887
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e114020
+.inst 0x5e115041
+.inst 0x5e0660a7
+ ld1 {v17.4s},[x3],#16
+ add v16.4s,v16.4s,v4.4s
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e104020
+.inst 0x5e105041
+
+ ld1 {v16.4s},[x3],#16
+ add v17.4s,v17.4s,v5.4s
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e114020
+.inst 0x5e115041
+
+ ld1 {v17.4s},[x3]
+ add v16.4s,v16.4s,v6.4s
+ sub x3,x3,#64*4-16
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e104020
+.inst 0x5e105041
+
+ add v17.4s,v17.4s,v7.4s
+ orr v2.16b,v0.16b,v0.16b
+.inst 0x5e114020
+.inst 0x5e115041
+
+ add v0.4s,v0.4s,v18.4s
+ add v1.4s,v1.4s,v19.4s
+
+ cbnz x2,.Loop_hw
+
+ st1 {v0.4s,v1.4s},[x0]
+
+ ldr x29,[sp],#16
+ ret
+.size sha256_block_armv8,.-sha256_block_armv8
+
+
+
+
+.type sha256_block_neon,%function
+.align 4
+sha256_block_neon:
+.Lneon_entry:
+ stp x29, x30, [sp, #-16]!
+ mov x29, sp
+ sub sp,sp,#16*4
+
+ adr x16,.LK256
+ add x2,x1,x2,lsl#6
+
+ ld1 {v0.16b},[x1], #16
+ ld1 {v1.16b},[x1], #16
+ ld1 {v2.16b},[x1], #16
+ ld1 {v3.16b},[x1], #16
+ ld1 {v4.4s},[x16], #16
+ ld1 {v5.4s},[x16], #16
+ ld1 {v6.4s},[x16], #16
+ ld1 {v7.4s},[x16], #16
+ rev32 v0.16b,v0.16b
+ rev32 v1.16b,v1.16b
+ rev32 v2.16b,v2.16b
+ rev32 v3.16b,v3.16b
+ mov x17,sp
+ add v4.4s,v4.4s,v0.4s
+ add v5.4s,v5.4s,v1.4s
+ add v6.4s,v6.4s,v2.4s
+ st1 {v4.4s,v5.4s},[x17], #32
+ add v7.4s,v7.4s,v3.4s
+ st1 {v6.4s,v7.4s},[x17]
+ sub x17,x17,#32
+
+ ldp w3,w4,[x0]
+ ldp w5,w6,[x0,#8]
+ ldp w7,w8,[x0,#16]
+ ldp w9,w10,[x0,#24]
+ ldr w12,[sp,#0]
+ mov w13,wzr
+ eor w14,w4,w5
+ mov w15,wzr
+ b .L_00_48
+
+.align 4
+.L_00_48:
+ ext v4.16b,v0.16b,v1.16b,#4
+ add w10,w10,w12
+ add w3,w3,w15
+ and w12,w8,w7
+ bic w15,w9,w7
+ ext v7.16b,v2.16b,v3.16b,#4
+ eor w11,w7,w7,ror#5
+ add w3,w3,w13
+ mov d19,v3.d[1]
+ orr w12,w12,w15
+ eor w11,w11,w7,ror#19
+ ushr v6.4s,v4.4s,#7
+ eor w15,w3,w3,ror#11
+ ushr v5.4s,v4.4s,#3
+ add w10,w10,w12
+ add v0.4s,v0.4s,v7.4s
+ ror w11,w11,#6
+ sli v6.4s,v4.4s,#25
+ eor w13,w3,w4
+ eor w15,w15,w3,ror#20
+ ushr v7.4s,v4.4s,#18
+ add w10,w10,w11
+ ldr w12,[sp,#4]
+ and w14,w14,w13
+ eor v5.16b,v5.16b,v6.16b
+ ror w15,w15,#2
+ add w6,w6,w10
+ sli v7.4s,v4.4s,#14
+ eor w14,w14,w4
+ ushr v16.4s,v19.4s,#17
+ add w9,w9,w12
+ add w10,w10,w15
+ and w12,w7,w6
+ eor v5.16b,v5.16b,v7.16b
+ bic w15,w8,w6
+ eor w11,w6,w6,ror#5
+ sli v16.4s,v19.4s,#15
+ add w10,w10,w14
+ orr w12,w12,w15
+ ushr v17.4s,v19.4s,#10
+ eor w11,w11,w6,ror#19
+ eor w15,w10,w10,ror#11
+ ushr v7.4s,v19.4s,#19
+ add w9,w9,w12
+ ror w11,w11,#6
+ add v0.4s,v0.4s,v5.4s
+ eor w14,w10,w3
+ eor w15,w15,w10,ror#20
+ sli v7.4s,v19.4s,#13
+ add w9,w9,w11
+ ldr w12,[sp,#8]
+ and w13,w13,w14
+ eor v17.16b,v17.16b,v16.16b
+ ror w15,w15,#2
+ add w5,w5,w9
+ eor w13,w13,w3
+ eor v17.16b,v17.16b,v7.16b
+ add w8,w8,w12
+ add w9,w9,w15
+ and w12,w6,w5
+ add v0.4s,v0.4s,v17.4s
+ bic w15,w7,w5
+ eor w11,w5,w5,ror#5
+ add w9,w9,w13
+ ushr v18.4s,v0.4s,#17
+ orr w12,w12,w15
+ ushr v19.4s,v0.4s,#10
+ eor w11,w11,w5,ror#19
+ eor w15,w9,w9,ror#11
+ sli v18.4s,v0.4s,#15
+ add w8,w8,w12
+ ushr v17.4s,v0.4s,#19
+ ror w11,w11,#6
+ eor w13,w9,w10
+ eor v19.16b,v19.16b,v18.16b
+ eor w15,w15,w9,ror#20
+ add w8,w8,w11
+ sli v17.4s,v0.4s,#13
+ ldr w12,[sp,#12]
+ and w14,w14,w13
+ ror w15,w15,#2
+ ld1 {v4.4s},[x16], #16
+ add w4,w4,w8
+ eor v19.16b,v19.16b,v17.16b
+ eor w14,w14,w10
+ eor v17.16b,v17.16b,v17.16b
+ add w7,w7,w12
+ add w8,w8,w15
+ and w12,w5,w4
+ mov v17.d[1],v19.d[0]
+ bic w15,w6,w4
+ eor w11,w4,w4,ror#5
+ add w8,w8,w14
+ add v0.4s,v0.4s,v17.4s
+ orr w12,w12,w15
+ eor w11,w11,w4,ror#19
+ eor w15,w8,w8,ror#11
+ add v4.4s,v4.4s,v0.4s
+ add w7,w7,w12
+ ror w11,w11,#6
+ eor w14,w8,w9
+ eor w15,w15,w8,ror#20
+ add w7,w7,w11
+ ldr w12,[sp,#16]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w3,w3,w7
+ eor w13,w13,w9
+ st1 {v4.4s},[x17], #16
+ ext v4.16b,v1.16b,v2.16b,#4
+ add w6,w6,w12
+ add w7,w7,w15
+ and w12,w4,w3
+ bic w15,w5,w3
+ ext v7.16b,v3.16b,v0.16b,#4
+ eor w11,w3,w3,ror#5
+ add w7,w7,w13
+ mov d19,v0.d[1]
+ orr w12,w12,w15
+ eor w11,w11,w3,ror#19
+ ushr v6.4s,v4.4s,#7
+ eor w15,w7,w7,ror#11
+ ushr v5.4s,v4.4s,#3
+ add w6,w6,w12
+ add v1.4s,v1.4s,v7.4s
+ ror w11,w11,#6
+ sli v6.4s,v4.4s,#25
+ eor w13,w7,w8
+ eor w15,w15,w7,ror#20
+ ushr v7.4s,v4.4s,#18
+ add w6,w6,w11
+ ldr w12,[sp,#20]
+ and w14,w14,w13
+ eor v5.16b,v5.16b,v6.16b
+ ror w15,w15,#2
+ add w10,w10,w6
+ sli v7.4s,v4.4s,#14
+ eor w14,w14,w8
+ ushr v16.4s,v19.4s,#17
+ add w5,w5,w12
+ add w6,w6,w15
+ and w12,w3,w10
+ eor v5.16b,v5.16b,v7.16b
+ bic w15,w4,w10
+ eor w11,w10,w10,ror#5
+ sli v16.4s,v19.4s,#15
+ add w6,w6,w14
+ orr w12,w12,w15
+ ushr v17.4s,v19.4s,#10
+ eor w11,w11,w10,ror#19
+ eor w15,w6,w6,ror#11
+ ushr v7.4s,v19.4s,#19
+ add w5,w5,w12
+ ror w11,w11,#6
+ add v1.4s,v1.4s,v5.4s
+ eor w14,w6,w7
+ eor w15,w15,w6,ror#20
+ sli v7.4s,v19.4s,#13
+ add w5,w5,w11
+ ldr w12,[sp,#24]
+ and w13,w13,w14
+ eor v17.16b,v17.16b,v16.16b
+ ror w15,w15,#2
+ add w9,w9,w5
+ eor w13,w13,w7
+ eor v17.16b,v17.16b,v7.16b
+ add w4,w4,w12
+ add w5,w5,w15
+ and w12,w10,w9
+ add v1.4s,v1.4s,v17.4s
+ bic w15,w3,w9
+ eor w11,w9,w9,ror#5
+ add w5,w5,w13
+ ushr v18.4s,v1.4s,#17
+ orr w12,w12,w15
+ ushr v19.4s,v1.4s,#10
+ eor w11,w11,w9,ror#19
+ eor w15,w5,w5,ror#11
+ sli v18.4s,v1.4s,#15
+ add w4,w4,w12
+ ushr v17.4s,v1.4s,#19
+ ror w11,w11,#6
+ eor w13,w5,w6
+ eor v19.16b,v19.16b,v18.16b
+ eor w15,w15,w5,ror#20
+ add w4,w4,w11
+ sli v17.4s,v1.4s,#13
+ ldr w12,[sp,#28]
+ and w14,w14,w13
+ ror w15,w15,#2
+ ld1 {v4.4s},[x16], #16
+ add w8,w8,w4
+ eor v19.16b,v19.16b,v17.16b
+ eor w14,w14,w6
+ eor v17.16b,v17.16b,v17.16b
+ add w3,w3,w12
+ add w4,w4,w15
+ and w12,w9,w8
+ mov v17.d[1],v19.d[0]
+ bic w15,w10,w8
+ eor w11,w8,w8,ror#5
+ add w4,w4,w14
+ add v1.4s,v1.4s,v17.4s
+ orr w12,w12,w15
+ eor w11,w11,w8,ror#19
+ eor w15,w4,w4,ror#11
+ add v4.4s,v4.4s,v1.4s
+ add w3,w3,w12
+ ror w11,w11,#6
+ eor w14,w4,w5
+ eor w15,w15,w4,ror#20
+ add w3,w3,w11
+ ldr w12,[sp,#32]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w7,w7,w3
+ eor w13,w13,w5
+ st1 {v4.4s},[x17], #16
+ ext v4.16b,v2.16b,v3.16b,#4
+ add w10,w10,w12
+ add w3,w3,w15
+ and w12,w8,w7
+ bic w15,w9,w7
+ ext v7.16b,v0.16b,v1.16b,#4
+ eor w11,w7,w7,ror#5
+ add w3,w3,w13
+ mov d19,v1.d[1]
+ orr w12,w12,w15
+ eor w11,w11,w7,ror#19
+ ushr v6.4s,v4.4s,#7
+ eor w15,w3,w3,ror#11
+ ushr v5.4s,v4.4s,#3
+ add w10,w10,w12
+ add v2.4s,v2.4s,v7.4s
+ ror w11,w11,#6
+ sli v6.4s,v4.4s,#25
+ eor w13,w3,w4
+ eor w15,w15,w3,ror#20
+ ushr v7.4s,v4.4s,#18
+ add w10,w10,w11
+ ldr w12,[sp,#36]
+ and w14,w14,w13
+ eor v5.16b,v5.16b,v6.16b
+ ror w15,w15,#2
+ add w6,w6,w10
+ sli v7.4s,v4.4s,#14
+ eor w14,w14,w4
+ ushr v16.4s,v19.4s,#17
+ add w9,w9,w12
+ add w10,w10,w15
+ and w12,w7,w6
+ eor v5.16b,v5.16b,v7.16b
+ bic w15,w8,w6
+ eor w11,w6,w6,ror#5
+ sli v16.4s,v19.4s,#15
+ add w10,w10,w14
+ orr w12,w12,w15
+ ushr v17.4s,v19.4s,#10
+ eor w11,w11,w6,ror#19
+ eor w15,w10,w10,ror#11
+ ushr v7.4s,v19.4s,#19
+ add w9,w9,w12
+ ror w11,w11,#6
+ add v2.4s,v2.4s,v5.4s
+ eor w14,w10,w3
+ eor w15,w15,w10,ror#20
+ sli v7.4s,v19.4s,#13
+ add w9,w9,w11
+ ldr w12,[sp,#40]
+ and w13,w13,w14
+ eor v17.16b,v17.16b,v16.16b
+ ror w15,w15,#2
+ add w5,w5,w9
+ eor w13,w13,w3
+ eor v17.16b,v17.16b,v7.16b
+ add w8,w8,w12
+ add w9,w9,w15
+ and w12,w6,w5
+ add v2.4s,v2.4s,v17.4s
+ bic w15,w7,w5
+ eor w11,w5,w5,ror#5
+ add w9,w9,w13
+ ushr v18.4s,v2.4s,#17
+ orr w12,w12,w15
+ ushr v19.4s,v2.4s,#10
+ eor w11,w11,w5,ror#19
+ eor w15,w9,w9,ror#11
+ sli v18.4s,v2.4s,#15
+ add w8,w8,w12
+ ushr v17.4s,v2.4s,#19
+ ror w11,w11,#6
+ eor w13,w9,w10
+ eor v19.16b,v19.16b,v18.16b
+ eor w15,w15,w9,ror#20
+ add w8,w8,w11
+ sli v17.4s,v2.4s,#13
+ ldr w12,[sp,#44]
+ and w14,w14,w13
+ ror w15,w15,#2
+ ld1 {v4.4s},[x16], #16
+ add w4,w4,w8
+ eor v19.16b,v19.16b,v17.16b
+ eor w14,w14,w10
+ eor v17.16b,v17.16b,v17.16b
+ add w7,w7,w12
+ add w8,w8,w15
+ and w12,w5,w4
+ mov v17.d[1],v19.d[0]
+ bic w15,w6,w4
+ eor w11,w4,w4,ror#5
+ add w8,w8,w14
+ add v2.4s,v2.4s,v17.4s
+ orr w12,w12,w15
+ eor w11,w11,w4,ror#19
+ eor w15,w8,w8,ror#11
+ add v4.4s,v4.4s,v2.4s
+ add w7,w7,w12
+ ror w11,w11,#6
+ eor w14,w8,w9
+ eor w15,w15,w8,ror#20
+ add w7,w7,w11
+ ldr w12,[sp,#48]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w3,w3,w7
+ eor w13,w13,w9
+ st1 {v4.4s},[x17], #16
+ ext v4.16b,v3.16b,v0.16b,#4
+ add w6,w6,w12
+ add w7,w7,w15
+ and w12,w4,w3
+ bic w15,w5,w3
+ ext v7.16b,v1.16b,v2.16b,#4
+ eor w11,w3,w3,ror#5
+ add w7,w7,w13
+ mov d19,v2.d[1]
+ orr w12,w12,w15
+ eor w11,w11,w3,ror#19
+ ushr v6.4s,v4.4s,#7
+ eor w15,w7,w7,ror#11
+ ushr v5.4s,v4.4s,#3
+ add w6,w6,w12
+ add v3.4s,v3.4s,v7.4s
+ ror w11,w11,#6
+ sli v6.4s,v4.4s,#25
+ eor w13,w7,w8
+ eor w15,w15,w7,ror#20
+ ushr v7.4s,v4.4s,#18
+ add w6,w6,w11
+ ldr w12,[sp,#52]
+ and w14,w14,w13
+ eor v5.16b,v5.16b,v6.16b
+ ror w15,w15,#2
+ add w10,w10,w6
+ sli v7.4s,v4.4s,#14
+ eor w14,w14,w8
+ ushr v16.4s,v19.4s,#17
+ add w5,w5,w12
+ add w6,w6,w15
+ and w12,w3,w10
+ eor v5.16b,v5.16b,v7.16b
+ bic w15,w4,w10
+ eor w11,w10,w10,ror#5
+ sli v16.4s,v19.4s,#15
+ add w6,w6,w14
+ orr w12,w12,w15
+ ushr v17.4s,v19.4s,#10
+ eor w11,w11,w10,ror#19
+ eor w15,w6,w6,ror#11
+ ushr v7.4s,v19.4s,#19
+ add w5,w5,w12
+ ror w11,w11,#6
+ add v3.4s,v3.4s,v5.4s
+ eor w14,w6,w7
+ eor w15,w15,w6,ror#20
+ sli v7.4s,v19.4s,#13
+ add w5,w5,w11
+ ldr w12,[sp,#56]
+ and w13,w13,w14
+ eor v17.16b,v17.16b,v16.16b
+ ror w15,w15,#2
+ add w9,w9,w5
+ eor w13,w13,w7
+ eor v17.16b,v17.16b,v7.16b
+ add w4,w4,w12
+ add w5,w5,w15
+ and w12,w10,w9
+ add v3.4s,v3.4s,v17.4s
+ bic w15,w3,w9
+ eor w11,w9,w9,ror#5
+ add w5,w5,w13
+ ushr v18.4s,v3.4s,#17
+ orr w12,w12,w15
+ ushr v19.4s,v3.4s,#10
+ eor w11,w11,w9,ror#19
+ eor w15,w5,w5,ror#11
+ sli v18.4s,v3.4s,#15
+ add w4,w4,w12
+ ushr v17.4s,v3.4s,#19
+ ror w11,w11,#6
+ eor w13,w5,w6
+ eor v19.16b,v19.16b,v18.16b
+ eor w15,w15,w5,ror#20
+ add w4,w4,w11
+ sli v17.4s,v3.4s,#13
+ ldr w12,[sp,#60]
+ and w14,w14,w13
+ ror w15,w15,#2
+ ld1 {v4.4s},[x16], #16
+ add w8,w8,w4
+ eor v19.16b,v19.16b,v17.16b
+ eor w14,w14,w6
+ eor v17.16b,v17.16b,v17.16b
+ add w3,w3,w12
+ add w4,w4,w15
+ and w12,w9,w8
+ mov v17.d[1],v19.d[0]
+ bic w15,w10,w8
+ eor w11,w8,w8,ror#5
+ add w4,w4,w14
+ add v3.4s,v3.4s,v17.4s
+ orr w12,w12,w15
+ eor w11,w11,w8,ror#19
+ eor w15,w4,w4,ror#11
+ add v4.4s,v4.4s,v3.4s
+ add w3,w3,w12
+ ror w11,w11,#6
+ eor w14,w4,w5
+ eor w15,w15,w4,ror#20
+ add w3,w3,w11
+ ldr w12,[x16]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w7,w7,w3
+ eor w13,w13,w5
+ st1 {v4.4s},[x17], #16
+ cmp w12,#0
+ ldr w12,[sp,#0]
+ sub x17,x17,#64
+ bne .L_00_48
+
+ sub x16,x16,#256
+ cmp x1,x2
+ mov x17, #64
+ csel x17, x17, xzr, eq
+ sub x1,x1,x17
+ mov x17,sp
+ add w10,w10,w12
+ add w3,w3,w15
+ and w12,w8,w7
+ ld1 {v0.16b},[x1],#16
+ bic w15,w9,w7
+ eor w11,w7,w7,ror#5
+ ld1 {v4.4s},[x16],#16
+ add w3,w3,w13
+ orr w12,w12,w15
+ eor w11,w11,w7,ror#19
+ eor w15,w3,w3,ror#11
+ rev32 v0.16b,v0.16b
+ add w10,w10,w12
+ ror w11,w11,#6
+ eor w13,w3,w4
+ eor w15,w15,w3,ror#20
+ add v4.4s,v4.4s,v0.4s
+ add w10,w10,w11
+ ldr w12,[sp,#4]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w6,w6,w10
+ eor w14,w14,w4
+ add w9,w9,w12
+ add w10,w10,w15
+ and w12,w7,w6
+ bic w15,w8,w6
+ eor w11,w6,w6,ror#5
+ add w10,w10,w14
+ orr w12,w12,w15
+ eor w11,w11,w6,ror#19
+ eor w15,w10,w10,ror#11
+ add w9,w9,w12
+ ror w11,w11,#6
+ eor w14,w10,w3
+ eor w15,w15,w10,ror#20
+ add w9,w9,w11
+ ldr w12,[sp,#8]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w5,w5,w9
+ eor w13,w13,w3
+ add w8,w8,w12
+ add w9,w9,w15
+ and w12,w6,w5
+ bic w15,w7,w5
+ eor w11,w5,w5,ror#5
+ add w9,w9,w13
+ orr w12,w12,w15
+ eor w11,w11,w5,ror#19
+ eor w15,w9,w9,ror#11
+ add w8,w8,w12
+ ror w11,w11,#6
+ eor w13,w9,w10
+ eor w15,w15,w9,ror#20
+ add w8,w8,w11
+ ldr w12,[sp,#12]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w4,w4,w8
+ eor w14,w14,w10
+ add w7,w7,w12
+ add w8,w8,w15
+ and w12,w5,w4
+ bic w15,w6,w4
+ eor w11,w4,w4,ror#5
+ add w8,w8,w14
+ orr w12,w12,w15
+ eor w11,w11,w4,ror#19
+ eor w15,w8,w8,ror#11
+ add w7,w7,w12
+ ror w11,w11,#6
+ eor w14,w8,w9
+ eor w15,w15,w8,ror#20
+ add w7,w7,w11
+ ldr w12,[sp,#16]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w3,w3,w7
+ eor w13,w13,w9
+ st1 {v4.4s},[x17], #16
+ add w6,w6,w12
+ add w7,w7,w15
+ and w12,w4,w3
+ ld1 {v1.16b},[x1],#16
+ bic w15,w5,w3
+ eor w11,w3,w3,ror#5
+ ld1 {v4.4s},[x16],#16
+ add w7,w7,w13
+ orr w12,w12,w15
+ eor w11,w11,w3,ror#19
+ eor w15,w7,w7,ror#11
+ rev32 v1.16b,v1.16b
+ add w6,w6,w12
+ ror w11,w11,#6
+ eor w13,w7,w8
+ eor w15,w15,w7,ror#20
+ add v4.4s,v4.4s,v1.4s
+ add w6,w6,w11
+ ldr w12,[sp,#20]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w10,w10,w6
+ eor w14,w14,w8
+ add w5,w5,w12
+ add w6,w6,w15
+ and w12,w3,w10
+ bic w15,w4,w10
+ eor w11,w10,w10,ror#5
+ add w6,w6,w14
+ orr w12,w12,w15
+ eor w11,w11,w10,ror#19
+ eor w15,w6,w6,ror#11
+ add w5,w5,w12
+ ror w11,w11,#6
+ eor w14,w6,w7
+ eor w15,w15,w6,ror#20
+ add w5,w5,w11
+ ldr w12,[sp,#24]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w9,w9,w5
+ eor w13,w13,w7
+ add w4,w4,w12
+ add w5,w5,w15
+ and w12,w10,w9
+ bic w15,w3,w9
+ eor w11,w9,w9,ror#5
+ add w5,w5,w13
+ orr w12,w12,w15
+ eor w11,w11,w9,ror#19
+ eor w15,w5,w5,ror#11
+ add w4,w4,w12
+ ror w11,w11,#6
+ eor w13,w5,w6
+ eor w15,w15,w5,ror#20
+ add w4,w4,w11
+ ldr w12,[sp,#28]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w8,w8,w4
+ eor w14,w14,w6
+ add w3,w3,w12
+ add w4,w4,w15
+ and w12,w9,w8
+ bic w15,w10,w8
+ eor w11,w8,w8,ror#5
+ add w4,w4,w14
+ orr w12,w12,w15
+ eor w11,w11,w8,ror#19
+ eor w15,w4,w4,ror#11
+ add w3,w3,w12
+ ror w11,w11,#6
+ eor w14,w4,w5
+ eor w15,w15,w4,ror#20
+ add w3,w3,w11
+ ldr w12,[sp,#32]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w7,w7,w3
+ eor w13,w13,w5
+ st1 {v4.4s},[x17], #16
+ add w10,w10,w12
+ add w3,w3,w15
+ and w12,w8,w7
+ ld1 {v2.16b},[x1],#16
+ bic w15,w9,w7
+ eor w11,w7,w7,ror#5
+ ld1 {v4.4s},[x16],#16
+ add w3,w3,w13
+ orr w12,w12,w15
+ eor w11,w11,w7,ror#19
+ eor w15,w3,w3,ror#11
+ rev32 v2.16b,v2.16b
+ add w10,w10,w12
+ ror w11,w11,#6
+ eor w13,w3,w4
+ eor w15,w15,w3,ror#20
+ add v4.4s,v4.4s,v2.4s
+ add w10,w10,w11
+ ldr w12,[sp,#36]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w6,w6,w10
+ eor w14,w14,w4
+ add w9,w9,w12
+ add w10,w10,w15
+ and w12,w7,w6
+ bic w15,w8,w6
+ eor w11,w6,w6,ror#5
+ add w10,w10,w14
+ orr w12,w12,w15
+ eor w11,w11,w6,ror#19
+ eor w15,w10,w10,ror#11
+ add w9,w9,w12
+ ror w11,w11,#6
+ eor w14,w10,w3
+ eor w15,w15,w10,ror#20
+ add w9,w9,w11
+ ldr w12,[sp,#40]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w5,w5,w9
+ eor w13,w13,w3
+ add w8,w8,w12
+ add w9,w9,w15
+ and w12,w6,w5
+ bic w15,w7,w5
+ eor w11,w5,w5,ror#5
+ add w9,w9,w13
+ orr w12,w12,w15
+ eor w11,w11,w5,ror#19
+ eor w15,w9,w9,ror#11
+ add w8,w8,w12
+ ror w11,w11,#6
+ eor w13,w9,w10
+ eor w15,w15,w9,ror#20
+ add w8,w8,w11
+ ldr w12,[sp,#44]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w4,w4,w8
+ eor w14,w14,w10
+ add w7,w7,w12
+ add w8,w8,w15
+ and w12,w5,w4
+ bic w15,w6,w4
+ eor w11,w4,w4,ror#5
+ add w8,w8,w14
+ orr w12,w12,w15
+ eor w11,w11,w4,ror#19
+ eor w15,w8,w8,ror#11
+ add w7,w7,w12
+ ror w11,w11,#6
+ eor w14,w8,w9
+ eor w15,w15,w8,ror#20
+ add w7,w7,w11
+ ldr w12,[sp,#48]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w3,w3,w7
+ eor w13,w13,w9
+ st1 {v4.4s},[x17], #16
+ add w6,w6,w12
+ add w7,w7,w15
+ and w12,w4,w3
+ ld1 {v3.16b},[x1],#16
+ bic w15,w5,w3
+ eor w11,w3,w3,ror#5
+ ld1 {v4.4s},[x16],#16
+ add w7,w7,w13
+ orr w12,w12,w15
+ eor w11,w11,w3,ror#19
+ eor w15,w7,w7,ror#11
+ rev32 v3.16b,v3.16b
+ add w6,w6,w12
+ ror w11,w11,#6
+ eor w13,w7,w8
+ eor w15,w15,w7,ror#20
+ add v4.4s,v4.4s,v3.4s
+ add w6,w6,w11
+ ldr w12,[sp,#52]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w10,w10,w6
+ eor w14,w14,w8
+ add w5,w5,w12
+ add w6,w6,w15
+ and w12,w3,w10
+ bic w15,w4,w10
+ eor w11,w10,w10,ror#5
+ add w6,w6,w14
+ orr w12,w12,w15
+ eor w11,w11,w10,ror#19
+ eor w15,w6,w6,ror#11
+ add w5,w5,w12
+ ror w11,w11,#6
+ eor w14,w6,w7
+ eor w15,w15,w6,ror#20
+ add w5,w5,w11
+ ldr w12,[sp,#56]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w9,w9,w5
+ eor w13,w13,w7
+ add w4,w4,w12
+ add w5,w5,w15
+ and w12,w10,w9
+ bic w15,w3,w9
+ eor w11,w9,w9,ror#5
+ add w5,w5,w13
+ orr w12,w12,w15
+ eor w11,w11,w9,ror#19
+ eor w15,w5,w5,ror#11
+ add w4,w4,w12
+ ror w11,w11,#6
+ eor w13,w5,w6
+ eor w15,w15,w5,ror#20
+ add w4,w4,w11
+ ldr w12,[sp,#60]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w8,w8,w4
+ eor w14,w14,w6
+ add w3,w3,w12
+ add w4,w4,w15
+ and w12,w9,w8
+ bic w15,w10,w8
+ eor w11,w8,w8,ror#5
+ add w4,w4,w14
+ orr w12,w12,w15
+ eor w11,w11,w8,ror#19
+ eor w15,w4,w4,ror#11
+ add w3,w3,w12
+ ror w11,w11,#6
+ eor w14,w4,w5
+ eor w15,w15,w4,ror#20
+ add w3,w3,w11
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w7,w7,w3
+ eor w13,w13,w5
+ st1 {v4.4s},[x17], #16
+ add w3,w3,w15
+ ldp w11,w12,[x0,#0]
+ add w3,w3,w13
+ ldp w13,w14,[x0,#8]
+ add w3,w3,w11
+ add w4,w4,w12
+ ldp w11,w12,[x0,#16]
+ add w5,w5,w13
+ add w6,w6,w14
+ ldp w13,w14,[x0,#24]
+ add w7,w7,w11
+ add w8,w8,w12
+ ldr w12,[sp,#0]
+ stp w3,w4,[x0,#0]
+ add w9,w9,w13
+ mov w13,wzr
+ stp w5,w6,[x0,#8]
+ add w10,w10,w14
+ stp w7,w8,[x0,#16]
+ eor w14,w4,w5
+ stp w9,w10,[x0,#24]
+ mov w15,wzr
+ mov x17,sp
+ b.ne .L_00_48
+
+ ldr x29,[x29]
+ add sp,sp,#16*4+16
+ ret
+.size sha256_block_neon,.-sha256_block_neon
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/aarch64/elf/sha512-armv8.s b/lib/accelerated/aarch64/elf/sha512-armv8.s
new file mode 100644
index 0000000..13384fc
--- /dev/null
+++ b/lib/accelerated/aarch64/elf/sha512-armv8.s
@@ -0,0 +1,1608 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+# 1 "lib/accelerated/aarch64/elf/sha512-armv8.s.tmp.S"
+# 1 "<built-in>"
+# 1 "<command-line>"
+# 1 "lib/accelerated/aarch64/elf/sha512-armv8.s.tmp.S"
+# 56 "lib/accelerated/aarch64/elf/sha512-armv8.s.tmp.S"
+# 1 "lib/accelerated/aarch64/aarch64-common.h" 1
+# 57 "lib/accelerated/aarch64/elf/sha512-armv8.s.tmp.S" 2
+
+
+.text
+
+
+.hidden _gnutls_arm_cpuid_s
+.globl sha512_block_data_order
+.type sha512_block_data_order,%function
+.align 6
+sha512_block_data_order:
+
+
+
+
+ ldr x16,.L_gnutls_arm_cpuid_s
+
+ adr x17,.L_gnutls_arm_cpuid_s
+ add x16,x16,x17
+ ldr w16,[x16]
+ tst w16,#(1<<6)
+ b.ne .Lv8_entry
+
+.inst 0xd503233f
+ stp x29,x30,[sp,#-128]!
+ add x29,sp,#0
+
+ stp x19,x20,[sp,#16]
+ stp x21,x22,[sp,#32]
+ stp x23,x24,[sp,#48]
+ stp x25,x26,[sp,#64]
+ stp x27,x28,[sp,#80]
+ sub sp,sp,#4*8
+
+ ldp x20,x21,[x0]
+ ldp x22,x23,[x0,#2*8]
+ ldp x24,x25,[x0,#4*8]
+ add x2,x1,x2,lsl#7
+ ldp x26,x27,[x0,#6*8]
+ adr x30,.LK512
+ stp x0,x2,[x29,#96]
+
+.Loop:
+ ldp x3,x4,[x1],#2*8
+ ldr x19,[x30],#8
+ eor x28,x21,x22
+ str x1,[x29,#112]
+
+ rev x3,x3
+
+ ror x16,x24,#14
+ add x27,x27,x19
+ eor x6,x24,x24,ror#23
+ and x17,x25,x24
+ bic x19,x26,x24
+ add x27,x27,x3
+ orr x17,x17,x19
+ eor x19,x20,x21
+ eor x16,x16,x6,ror#18
+ ror x6,x20,#28
+ add x27,x27,x17
+ eor x17,x20,x20,ror#5
+ add x27,x27,x16
+ and x28,x28,x19
+ add x23,x23,x27
+ eor x28,x28,x21
+ eor x17,x6,x17,ror#34
+ add x27,x27,x28
+ ldr x28,[x30],#8
+
+
+ rev x4,x4
+
+ ldp x5,x6,[x1],#2*8
+ add x27,x27,x17
+ ror x16,x23,#14
+ add x26,x26,x28
+ eor x7,x23,x23,ror#23
+ and x17,x24,x23
+ bic x28,x25,x23
+ add x26,x26,x4
+ orr x17,x17,x28
+ eor x28,x27,x20
+ eor x16,x16,x7,ror#18
+ ror x7,x27,#28
+ add x26,x26,x17
+ eor x17,x27,x27,ror#5
+ add x26,x26,x16
+ and x19,x19,x28
+ add x22,x22,x26
+ eor x19,x19,x20
+ eor x17,x7,x17,ror#34
+ add x26,x26,x19
+ ldr x19,[x30],#8
+
+
+ rev x5,x5
+
+ add x26,x26,x17
+ ror x16,x22,#14
+ add x25,x25,x19
+ eor x8,x22,x22,ror#23
+ and x17,x23,x22
+ bic x19,x24,x22
+ add x25,x25,x5
+ orr x17,x17,x19
+ eor x19,x26,x27
+ eor x16,x16,x8,ror#18
+ ror x8,x26,#28
+ add x25,x25,x17
+ eor x17,x26,x26,ror#5
+ add x25,x25,x16
+ and x28,x28,x19
+ add x21,x21,x25
+ eor x28,x28,x27
+ eor x17,x8,x17,ror#34
+ add x25,x25,x28
+ ldr x28,[x30],#8
+
+
+ rev x6,x6
+
+ ldp x7,x8,[x1],#2*8
+ add x25,x25,x17
+ ror x16,x21,#14
+ add x24,x24,x28
+ eor x9,x21,x21,ror#23
+ and x17,x22,x21
+ bic x28,x23,x21
+ add x24,x24,x6
+ orr x17,x17,x28
+ eor x28,x25,x26
+ eor x16,x16,x9,ror#18
+ ror x9,x25,#28
+ add x24,x24,x17
+ eor x17,x25,x25,ror#5
+ add x24,x24,x16
+ and x19,x19,x28
+ add x20,x20,x24
+ eor x19,x19,x26
+ eor x17,x9,x17,ror#34
+ add x24,x24,x19
+ ldr x19,[x30],#8
+
+
+ rev x7,x7
+
+ add x24,x24,x17
+ ror x16,x20,#14
+ add x23,x23,x19
+ eor x10,x20,x20,ror#23
+ and x17,x21,x20
+ bic x19,x22,x20
+ add x23,x23,x7
+ orr x17,x17,x19
+ eor x19,x24,x25
+ eor x16,x16,x10,ror#18
+ ror x10,x24,#28
+ add x23,x23,x17
+ eor x17,x24,x24,ror#5
+ add x23,x23,x16
+ and x28,x28,x19
+ add x27,x27,x23
+ eor x28,x28,x25
+ eor x17,x10,x17,ror#34
+ add x23,x23,x28
+ ldr x28,[x30],#8
+
+
+ rev x8,x8
+
+ ldp x9,x10,[x1],#2*8
+ add x23,x23,x17
+ ror x16,x27,#14
+ add x22,x22,x28
+ eor x11,x27,x27,ror#23
+ and x17,x20,x27
+ bic x28,x21,x27
+ add x22,x22,x8
+ orr x17,x17,x28
+ eor x28,x23,x24
+ eor x16,x16,x11,ror#18
+ ror x11,x23,#28
+ add x22,x22,x17
+ eor x17,x23,x23,ror#5
+ add x22,x22,x16
+ and x19,x19,x28
+ add x26,x26,x22
+ eor x19,x19,x24
+ eor x17,x11,x17,ror#34
+ add x22,x22,x19
+ ldr x19,[x30],#8
+
+
+ rev x9,x9
+
+ add x22,x22,x17
+ ror x16,x26,#14
+ add x21,x21,x19
+ eor x12,x26,x26,ror#23
+ and x17,x27,x26
+ bic x19,x20,x26
+ add x21,x21,x9
+ orr x17,x17,x19
+ eor x19,x22,x23
+ eor x16,x16,x12,ror#18
+ ror x12,x22,#28
+ add x21,x21,x17
+ eor x17,x22,x22,ror#5
+ add x21,x21,x16
+ and x28,x28,x19
+ add x25,x25,x21
+ eor x28,x28,x23
+ eor x17,x12,x17,ror#34
+ add x21,x21,x28
+ ldr x28,[x30],#8
+
+
+ rev x10,x10
+
+ ldp x11,x12,[x1],#2*8
+ add x21,x21,x17
+ ror x16,x25,#14
+ add x20,x20,x28
+ eor x13,x25,x25,ror#23
+ and x17,x26,x25
+ bic x28,x27,x25
+ add x20,x20,x10
+ orr x17,x17,x28
+ eor x28,x21,x22
+ eor x16,x16,x13,ror#18
+ ror x13,x21,#28
+ add x20,x20,x17
+ eor x17,x21,x21,ror#5
+ add x20,x20,x16
+ and x19,x19,x28
+ add x24,x24,x20
+ eor x19,x19,x22
+ eor x17,x13,x17,ror#34
+ add x20,x20,x19
+ ldr x19,[x30],#8
+
+
+ rev x11,x11
+
+ add x20,x20,x17
+ ror x16,x24,#14
+ add x27,x27,x19
+ eor x14,x24,x24,ror#23
+ and x17,x25,x24
+ bic x19,x26,x24
+ add x27,x27,x11
+ orr x17,x17,x19
+ eor x19,x20,x21
+ eor x16,x16,x14,ror#18
+ ror x14,x20,#28
+ add x27,x27,x17
+ eor x17,x20,x20,ror#5
+ add x27,x27,x16
+ and x28,x28,x19
+ add x23,x23,x27
+ eor x28,x28,x21
+ eor x17,x14,x17,ror#34
+ add x27,x27,x28
+ ldr x28,[x30],#8
+
+
+ rev x12,x12
+
+ ldp x13,x14,[x1],#2*8
+ add x27,x27,x17
+ ror x16,x23,#14
+ add x26,x26,x28
+ eor x15,x23,x23,ror#23
+ and x17,x24,x23
+ bic x28,x25,x23
+ add x26,x26,x12
+ orr x17,x17,x28
+ eor x28,x27,x20
+ eor x16,x16,x15,ror#18
+ ror x15,x27,#28
+ add x26,x26,x17
+ eor x17,x27,x27,ror#5
+ add x26,x26,x16
+ and x19,x19,x28
+ add x22,x22,x26
+ eor x19,x19,x20
+ eor x17,x15,x17,ror#34
+ add x26,x26,x19
+ ldr x19,[x30],#8
+
+
+ rev x13,x13
+
+ add x26,x26,x17
+ ror x16,x22,#14
+ add x25,x25,x19
+ eor x0,x22,x22,ror#23
+ and x17,x23,x22
+ bic x19,x24,x22
+ add x25,x25,x13
+ orr x17,x17,x19
+ eor x19,x26,x27
+ eor x16,x16,x0,ror#18
+ ror x0,x26,#28
+ add x25,x25,x17
+ eor x17,x26,x26,ror#5
+ add x25,x25,x16
+ and x28,x28,x19
+ add x21,x21,x25
+ eor x28,x28,x27
+ eor x17,x0,x17,ror#34
+ add x25,x25,x28
+ ldr x28,[x30],#8
+
+
+ rev x14,x14
+
+ ldp x15,x0,[x1],#2*8
+ add x25,x25,x17
+ str x6,[sp,#24]
+ ror x16,x21,#14
+ add x24,x24,x28
+ eor x6,x21,x21,ror#23
+ and x17,x22,x21
+ bic x28,x23,x21
+ add x24,x24,x14
+ orr x17,x17,x28
+ eor x28,x25,x26
+ eor x16,x16,x6,ror#18
+ ror x6,x25,#28
+ add x24,x24,x17
+ eor x17,x25,x25,ror#5
+ add x24,x24,x16
+ and x19,x19,x28
+ add x20,x20,x24
+ eor x19,x19,x26
+ eor x17,x6,x17,ror#34
+ add x24,x24,x19
+ ldr x19,[x30],#8
+
+
+ rev x15,x15
+
+ add x24,x24,x17
+ str x7,[sp,#0]
+ ror x16,x20,#14
+ add x23,x23,x19
+ eor x7,x20,x20,ror#23
+ and x17,x21,x20
+ bic x19,x22,x20
+ add x23,x23,x15
+ orr x17,x17,x19
+ eor x19,x24,x25
+ eor x16,x16,x7,ror#18
+ ror x7,x24,#28
+ add x23,x23,x17
+ eor x17,x24,x24,ror#5
+ add x23,x23,x16
+ and x28,x28,x19
+ add x27,x27,x23
+ eor x28,x28,x25
+ eor x17,x7,x17,ror#34
+ add x23,x23,x28
+ ldr x28,[x30],#8
+
+
+ rev x0,x0
+
+ ldp x1,x2,[x1]
+ add x23,x23,x17
+ str x8,[sp,#8]
+ ror x16,x27,#14
+ add x22,x22,x28
+ eor x8,x27,x27,ror#23
+ and x17,x20,x27
+ bic x28,x21,x27
+ add x22,x22,x0
+ orr x17,x17,x28
+ eor x28,x23,x24
+ eor x16,x16,x8,ror#18
+ ror x8,x23,#28
+ add x22,x22,x17
+ eor x17,x23,x23,ror#5
+ add x22,x22,x16
+ and x19,x19,x28
+ add x26,x26,x22
+ eor x19,x19,x24
+ eor x17,x8,x17,ror#34
+ add x22,x22,x19
+ ldr x19,[x30],#8
+
+
+ rev x1,x1
+
+ ldr x6,[sp,#24]
+ add x22,x22,x17
+ str x9,[sp,#16]
+ ror x16,x26,#14
+ add x21,x21,x19
+ eor x9,x26,x26,ror#23
+ and x17,x27,x26
+ bic x19,x20,x26
+ add x21,x21,x1
+ orr x17,x17,x19
+ eor x19,x22,x23
+ eor x16,x16,x9,ror#18
+ ror x9,x22,#28
+ add x21,x21,x17
+ eor x17,x22,x22,ror#5
+ add x21,x21,x16
+ and x28,x28,x19
+ add x25,x25,x21
+ eor x28,x28,x23
+ eor x17,x9,x17,ror#34
+ add x21,x21,x28
+ ldr x28,[x30],#8
+
+
+ rev x2,x2
+
+ ldr x7,[sp,#0]
+ add x21,x21,x17
+ str x10,[sp,#24]
+ ror x16,x25,#14
+ add x20,x20,x28
+ ror x9,x4,#1
+ and x17,x26,x25
+ ror x8,x1,#19
+ bic x28,x27,x25
+ ror x10,x21,#28
+ add x20,x20,x2
+ eor x16,x16,x25,ror#18
+ eor x9,x9,x4,ror#8
+ orr x17,x17,x28
+ eor x28,x21,x22
+ eor x16,x16,x25,ror#41
+ eor x10,x10,x21,ror#34
+ add x20,x20,x17
+ and x19,x19,x28
+ eor x8,x8,x1,ror#61
+ eor x9,x9,x4,lsr#7
+ add x20,x20,x16
+ eor x19,x19,x22
+ eor x17,x10,x21,ror#39
+ eor x8,x8,x1,lsr#6
+ add x3,x3,x12
+ add x24,x24,x20
+ add x20,x20,x19
+ ldr x19,[x30],#8
+ add x3,x3,x9
+ add x20,x20,x17
+ add x3,x3,x8
+.Loop_16_xx:
+ ldr x8,[sp,#8]
+ str x11,[sp,#0]
+ ror x16,x24,#14
+ add x27,x27,x19
+ ror x10,x5,#1
+ and x17,x25,x24
+ ror x9,x2,#19
+ bic x19,x26,x24
+ ror x11,x20,#28
+ add x27,x27,x3
+ eor x16,x16,x24,ror#18
+ eor x10,x10,x5,ror#8
+ orr x17,x17,x19
+ eor x19,x20,x21
+ eor x16,x16,x24,ror#41
+ eor x11,x11,x20,ror#34
+ add x27,x27,x17
+ and x28,x28,x19
+ eor x9,x9,x2,ror#61
+ eor x10,x10,x5,lsr#7
+ add x27,x27,x16
+ eor x28,x28,x21
+ eor x17,x11,x20,ror#39
+ eor x9,x9,x2,lsr#6
+ add x4,x4,x13
+ add x23,x23,x27
+ add x27,x27,x28
+ ldr x28,[x30],#8
+ add x4,x4,x10
+ add x27,x27,x17
+ add x4,x4,x9
+ ldr x9,[sp,#16]
+ str x12,[sp,#8]
+ ror x16,x23,#14
+ add x26,x26,x28
+ ror x11,x6,#1
+ and x17,x24,x23
+ ror x10,x3,#19
+ bic x28,x25,x23
+ ror x12,x27,#28
+ add x26,x26,x4
+ eor x16,x16,x23,ror#18
+ eor x11,x11,x6,ror#8
+ orr x17,x17,x28
+ eor x28,x27,x20
+ eor x16,x16,x23,ror#41
+ eor x12,x12,x27,ror#34
+ add x26,x26,x17
+ and x19,x19,x28
+ eor x10,x10,x3,ror#61
+ eor x11,x11,x6,lsr#7
+ add x26,x26,x16
+ eor x19,x19,x20
+ eor x17,x12,x27,ror#39
+ eor x10,x10,x3,lsr#6
+ add x5,x5,x14
+ add x22,x22,x26
+ add x26,x26,x19
+ ldr x19,[x30],#8
+ add x5,x5,x11
+ add x26,x26,x17
+ add x5,x5,x10
+ ldr x10,[sp,#24]
+ str x13,[sp,#16]
+ ror x16,x22,#14
+ add x25,x25,x19
+ ror x12,x7,#1
+ and x17,x23,x22
+ ror x11,x4,#19
+ bic x19,x24,x22
+ ror x13,x26,#28
+ add x25,x25,x5
+ eor x16,x16,x22,ror#18
+ eor x12,x12,x7,ror#8
+ orr x17,x17,x19
+ eor x19,x26,x27
+ eor x16,x16,x22,ror#41
+ eor x13,x13,x26,ror#34
+ add x25,x25,x17
+ and x28,x28,x19
+ eor x11,x11,x4,ror#61
+ eor x12,x12,x7,lsr#7
+ add x25,x25,x16
+ eor x28,x28,x27
+ eor x17,x13,x26,ror#39
+ eor x11,x11,x4,lsr#6
+ add x6,x6,x15
+ add x21,x21,x25
+ add x25,x25,x28
+ ldr x28,[x30],#8
+ add x6,x6,x12
+ add x25,x25,x17
+ add x6,x6,x11
+ ldr x11,[sp,#0]
+ str x14,[sp,#24]
+ ror x16,x21,#14
+ add x24,x24,x28
+ ror x13,x8,#1
+ and x17,x22,x21
+ ror x12,x5,#19
+ bic x28,x23,x21
+ ror x14,x25,#28
+ add x24,x24,x6
+ eor x16,x16,x21,ror#18
+ eor x13,x13,x8,ror#8
+ orr x17,x17,x28
+ eor x28,x25,x26
+ eor x16,x16,x21,ror#41
+ eor x14,x14,x25,ror#34
+ add x24,x24,x17
+ and x19,x19,x28
+ eor x12,x12,x5,ror#61
+ eor x13,x13,x8,lsr#7
+ add x24,x24,x16
+ eor x19,x19,x26
+ eor x17,x14,x25,ror#39
+ eor x12,x12,x5,lsr#6
+ add x7,x7,x0
+ add x20,x20,x24
+ add x24,x24,x19
+ ldr x19,[x30],#8
+ add x7,x7,x13
+ add x24,x24,x17
+ add x7,x7,x12
+ ldr x12,[sp,#8]
+ str x15,[sp,#0]
+ ror x16,x20,#14
+ add x23,x23,x19
+ ror x14,x9,#1
+ and x17,x21,x20
+ ror x13,x6,#19
+ bic x19,x22,x20
+ ror x15,x24,#28
+ add x23,x23,x7
+ eor x16,x16,x20,ror#18
+ eor x14,x14,x9,ror#8
+ orr x17,x17,x19
+ eor x19,x24,x25
+ eor x16,x16,x20,ror#41
+ eor x15,x15,x24,ror#34
+ add x23,x23,x17
+ and x28,x28,x19
+ eor x13,x13,x6,ror#61
+ eor x14,x14,x9,lsr#7
+ add x23,x23,x16
+ eor x28,x28,x25
+ eor x17,x15,x24,ror#39
+ eor x13,x13,x6,lsr#6
+ add x8,x8,x1
+ add x27,x27,x23
+ add x23,x23,x28
+ ldr x28,[x30],#8
+ add x8,x8,x14
+ add x23,x23,x17
+ add x8,x8,x13
+ ldr x13,[sp,#16]
+ str x0,[sp,#8]
+ ror x16,x27,#14
+ add x22,x22,x28
+ ror x15,x10,#1
+ and x17,x20,x27
+ ror x14,x7,#19
+ bic x28,x21,x27
+ ror x0,x23,#28
+ add x22,x22,x8
+ eor x16,x16,x27,ror#18
+ eor x15,x15,x10,ror#8
+ orr x17,x17,x28
+ eor x28,x23,x24
+ eor x16,x16,x27,ror#41
+ eor x0,x0,x23,ror#34
+ add x22,x22,x17
+ and x19,x19,x28
+ eor x14,x14,x7,ror#61
+ eor x15,x15,x10,lsr#7
+ add x22,x22,x16
+ eor x19,x19,x24
+ eor x17,x0,x23,ror#39
+ eor x14,x14,x7,lsr#6
+ add x9,x9,x2
+ add x26,x26,x22
+ add x22,x22,x19
+ ldr x19,[x30],#8
+ add x9,x9,x15
+ add x22,x22,x17
+ add x9,x9,x14
+ ldr x14,[sp,#24]
+ str x1,[sp,#16]
+ ror x16,x26,#14
+ add x21,x21,x19
+ ror x0,x11,#1
+ and x17,x27,x26
+ ror x15,x8,#19
+ bic x19,x20,x26
+ ror x1,x22,#28
+ add x21,x21,x9
+ eor x16,x16,x26,ror#18
+ eor x0,x0,x11,ror#8
+ orr x17,x17,x19
+ eor x19,x22,x23
+ eor x16,x16,x26,ror#41
+ eor x1,x1,x22,ror#34
+ add x21,x21,x17
+ and x28,x28,x19
+ eor x15,x15,x8,ror#61
+ eor x0,x0,x11,lsr#7
+ add x21,x21,x16
+ eor x28,x28,x23
+ eor x17,x1,x22,ror#39
+ eor x15,x15,x8,lsr#6
+ add x10,x10,x3
+ add x25,x25,x21
+ add x21,x21,x28
+ ldr x28,[x30],#8
+ add x10,x10,x0
+ add x21,x21,x17
+ add x10,x10,x15
+ ldr x15,[sp,#0]
+ str x2,[sp,#24]
+ ror x16,x25,#14
+ add x20,x20,x28
+ ror x1,x12,#1
+ and x17,x26,x25
+ ror x0,x9,#19
+ bic x28,x27,x25
+ ror x2,x21,#28
+ add x20,x20,x10
+ eor x16,x16,x25,ror#18
+ eor x1,x1,x12,ror#8
+ orr x17,x17,x28
+ eor x28,x21,x22
+ eor x16,x16,x25,ror#41
+ eor x2,x2,x21,ror#34
+ add x20,x20,x17
+ and x19,x19,x28
+ eor x0,x0,x9,ror#61
+ eor x1,x1,x12,lsr#7
+ add x20,x20,x16
+ eor x19,x19,x22
+ eor x17,x2,x21,ror#39
+ eor x0,x0,x9,lsr#6
+ add x11,x11,x4
+ add x24,x24,x20
+ add x20,x20,x19
+ ldr x19,[x30],#8
+ add x11,x11,x1
+ add x20,x20,x17
+ add x11,x11,x0
+ ldr x0,[sp,#8]
+ str x3,[sp,#0]
+ ror x16,x24,#14
+ add x27,x27,x19
+ ror x2,x13,#1
+ and x17,x25,x24
+ ror x1,x10,#19
+ bic x19,x26,x24
+ ror x3,x20,#28
+ add x27,x27,x11
+ eor x16,x16,x24,ror#18
+ eor x2,x2,x13,ror#8
+ orr x17,x17,x19
+ eor x19,x20,x21
+ eor x16,x16,x24,ror#41
+ eor x3,x3,x20,ror#34
+ add x27,x27,x17
+ and x28,x28,x19
+ eor x1,x1,x10,ror#61
+ eor x2,x2,x13,lsr#7
+ add x27,x27,x16
+ eor x28,x28,x21
+ eor x17,x3,x20,ror#39
+ eor x1,x1,x10,lsr#6
+ add x12,x12,x5
+ add x23,x23,x27
+ add x27,x27,x28
+ ldr x28,[x30],#8
+ add x12,x12,x2
+ add x27,x27,x17
+ add x12,x12,x1
+ ldr x1,[sp,#16]
+ str x4,[sp,#8]
+ ror x16,x23,#14
+ add x26,x26,x28
+ ror x3,x14,#1
+ and x17,x24,x23
+ ror x2,x11,#19
+ bic x28,x25,x23
+ ror x4,x27,#28
+ add x26,x26,x12
+ eor x16,x16,x23,ror#18
+ eor x3,x3,x14,ror#8
+ orr x17,x17,x28
+ eor x28,x27,x20
+ eor x16,x16,x23,ror#41
+ eor x4,x4,x27,ror#34
+ add x26,x26,x17
+ and x19,x19,x28
+ eor x2,x2,x11,ror#61
+ eor x3,x3,x14,lsr#7
+ add x26,x26,x16
+ eor x19,x19,x20
+ eor x17,x4,x27,ror#39
+ eor x2,x2,x11,lsr#6
+ add x13,x13,x6
+ add x22,x22,x26
+ add x26,x26,x19
+ ldr x19,[x30],#8
+ add x13,x13,x3
+ add x26,x26,x17
+ add x13,x13,x2
+ ldr x2,[sp,#24]
+ str x5,[sp,#16]
+ ror x16,x22,#14
+ add x25,x25,x19
+ ror x4,x15,#1
+ and x17,x23,x22
+ ror x3,x12,#19
+ bic x19,x24,x22
+ ror x5,x26,#28
+ add x25,x25,x13
+ eor x16,x16,x22,ror#18
+ eor x4,x4,x15,ror#8
+ orr x17,x17,x19
+ eor x19,x26,x27
+ eor x16,x16,x22,ror#41
+ eor x5,x5,x26,ror#34
+ add x25,x25,x17
+ and x28,x28,x19
+ eor x3,x3,x12,ror#61
+ eor x4,x4,x15,lsr#7
+ add x25,x25,x16
+ eor x28,x28,x27
+ eor x17,x5,x26,ror#39
+ eor x3,x3,x12,lsr#6
+ add x14,x14,x7
+ add x21,x21,x25
+ add x25,x25,x28
+ ldr x28,[x30],#8
+ add x14,x14,x4
+ add x25,x25,x17
+ add x14,x14,x3
+ ldr x3,[sp,#0]
+ str x6,[sp,#24]
+ ror x16,x21,#14
+ add x24,x24,x28
+ ror x5,x0,#1
+ and x17,x22,x21
+ ror x4,x13,#19
+ bic x28,x23,x21
+ ror x6,x25,#28
+ add x24,x24,x14
+ eor x16,x16,x21,ror#18
+ eor x5,x5,x0,ror#8
+ orr x17,x17,x28
+ eor x28,x25,x26
+ eor x16,x16,x21,ror#41
+ eor x6,x6,x25,ror#34
+ add x24,x24,x17
+ and x19,x19,x28
+ eor x4,x4,x13,ror#61
+ eor x5,x5,x0,lsr#7
+ add x24,x24,x16
+ eor x19,x19,x26
+ eor x17,x6,x25,ror#39
+ eor x4,x4,x13,lsr#6
+ add x15,x15,x8
+ add x20,x20,x24
+ add x24,x24,x19
+ ldr x19,[x30],#8
+ add x15,x15,x5
+ add x24,x24,x17
+ add x15,x15,x4
+ ldr x4,[sp,#8]
+ str x7,[sp,#0]
+ ror x16,x20,#14
+ add x23,x23,x19
+ ror x6,x1,#1
+ and x17,x21,x20
+ ror x5,x14,#19
+ bic x19,x22,x20
+ ror x7,x24,#28
+ add x23,x23,x15
+ eor x16,x16,x20,ror#18
+ eor x6,x6,x1,ror#8
+ orr x17,x17,x19
+ eor x19,x24,x25
+ eor x16,x16,x20,ror#41
+ eor x7,x7,x24,ror#34
+ add x23,x23,x17
+ and x28,x28,x19
+ eor x5,x5,x14,ror#61
+ eor x6,x6,x1,lsr#7
+ add x23,x23,x16
+ eor x28,x28,x25
+ eor x17,x7,x24,ror#39
+ eor x5,x5,x14,lsr#6
+ add x0,x0,x9
+ add x27,x27,x23
+ add x23,x23,x28
+ ldr x28,[x30],#8
+ add x0,x0,x6
+ add x23,x23,x17
+ add x0,x0,x5
+ ldr x5,[sp,#16]
+ str x8,[sp,#8]
+ ror x16,x27,#14
+ add x22,x22,x28
+ ror x7,x2,#1
+ and x17,x20,x27
+ ror x6,x15,#19
+ bic x28,x21,x27
+ ror x8,x23,#28
+ add x22,x22,x0
+ eor x16,x16,x27,ror#18
+ eor x7,x7,x2,ror#8
+ orr x17,x17,x28
+ eor x28,x23,x24
+ eor x16,x16,x27,ror#41
+ eor x8,x8,x23,ror#34
+ add x22,x22,x17
+ and x19,x19,x28
+ eor x6,x6,x15,ror#61
+ eor x7,x7,x2,lsr#7
+ add x22,x22,x16
+ eor x19,x19,x24
+ eor x17,x8,x23,ror#39
+ eor x6,x6,x15,lsr#6
+ add x1,x1,x10
+ add x26,x26,x22
+ add x22,x22,x19
+ ldr x19,[x30],#8
+ add x1,x1,x7
+ add x22,x22,x17
+ add x1,x1,x6
+ ldr x6,[sp,#24]
+ str x9,[sp,#16]
+ ror x16,x26,#14
+ add x21,x21,x19
+ ror x8,x3,#1
+ and x17,x27,x26
+ ror x7,x0,#19
+ bic x19,x20,x26
+ ror x9,x22,#28
+ add x21,x21,x1
+ eor x16,x16,x26,ror#18
+ eor x8,x8,x3,ror#8
+ orr x17,x17,x19
+ eor x19,x22,x23
+ eor x16,x16,x26,ror#41
+ eor x9,x9,x22,ror#34
+ add x21,x21,x17
+ and x28,x28,x19
+ eor x7,x7,x0,ror#61
+ eor x8,x8,x3,lsr#7
+ add x21,x21,x16
+ eor x28,x28,x23
+ eor x17,x9,x22,ror#39
+ eor x7,x7,x0,lsr#6
+ add x2,x2,x11
+ add x25,x25,x21
+ add x21,x21,x28
+ ldr x28,[x30],#8
+ add x2,x2,x8
+ add x21,x21,x17
+ add x2,x2,x7
+ ldr x7,[sp,#0]
+ str x10,[sp,#24]
+ ror x16,x25,#14
+ add x20,x20,x28
+ ror x9,x4,#1
+ and x17,x26,x25
+ ror x8,x1,#19
+ bic x28,x27,x25
+ ror x10,x21,#28
+ add x20,x20,x2
+ eor x16,x16,x25,ror#18
+ eor x9,x9,x4,ror#8
+ orr x17,x17,x28
+ eor x28,x21,x22
+ eor x16,x16,x25,ror#41
+ eor x10,x10,x21,ror#34
+ add x20,x20,x17
+ and x19,x19,x28
+ eor x8,x8,x1,ror#61
+ eor x9,x9,x4,lsr#7
+ add x20,x20,x16
+ eor x19,x19,x22
+ eor x17,x10,x21,ror#39
+ eor x8,x8,x1,lsr#6
+ add x3,x3,x12
+ add x24,x24,x20
+ add x20,x20,x19
+ ldr x19,[x30],#8
+ add x3,x3,x9
+ add x20,x20,x17
+ add x3,x3,x8
+ cbnz x19,.Loop_16_xx
+
+ ldp x0,x2,[x29,#96]
+ ldr x1,[x29,#112]
+ sub x30,x30,#648
+
+ ldp x3,x4,[x0]
+ ldp x5,x6,[x0,#2*8]
+ add x1,x1,#14*8
+ ldp x7,x8,[x0,#4*8]
+ add x20,x20,x3
+ ldp x9,x10,[x0,#6*8]
+ add x21,x21,x4
+ add x22,x22,x5
+ add x23,x23,x6
+ stp x20,x21,[x0]
+ add x24,x24,x7
+ add x25,x25,x8
+ stp x22,x23,[x0,#2*8]
+ add x26,x26,x9
+ add x27,x27,x10
+ cmp x1,x2
+ stp x24,x25,[x0,#4*8]
+ stp x26,x27,[x0,#6*8]
+ b.ne .Loop
+
+ ldp x19,x20,[x29,#16]
+ add sp,sp,#4*8
+ ldp x21,x22,[x29,#32]
+ ldp x23,x24,[x29,#48]
+ ldp x25,x26,[x29,#64]
+ ldp x27,x28,[x29,#80]
+ ldp x29,x30,[sp],#128
+.inst 0xd50323bf
+ ret
+.size sha512_block_data_order,.-sha512_block_data_order
+
+.align 6
+.type .LK512,%object
+.LK512:
+.quad 0x428a2f98d728ae22,0x7137449123ef65cd
+.quad 0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+.quad 0x3956c25bf348b538,0x59f111f1b605d019
+.quad 0x923f82a4af194f9b,0xab1c5ed5da6d8118
+.quad 0xd807aa98a3030242,0x12835b0145706fbe
+.quad 0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+.quad 0x72be5d74f27b896f,0x80deb1fe3b1696b1
+.quad 0x9bdc06a725c71235,0xc19bf174cf692694
+.quad 0xe49b69c19ef14ad2,0xefbe4786384f25e3
+.quad 0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+.quad 0x2de92c6f592b0275,0x4a7484aa6ea6e483
+.quad 0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+.quad 0x983e5152ee66dfab,0xa831c66d2db43210
+.quad 0xb00327c898fb213f,0xbf597fc7beef0ee4
+.quad 0xc6e00bf33da88fc2,0xd5a79147930aa725
+.quad 0x06ca6351e003826f,0x142929670a0e6e70
+.quad 0x27b70a8546d22ffc,0x2e1b21385c26c926
+.quad 0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+.quad 0x650a73548baf63de,0x766a0abb3c77b2a8
+.quad 0x81c2c92e47edaee6,0x92722c851482353b
+.quad 0xa2bfe8a14cf10364,0xa81a664bbc423001
+.quad 0xc24b8b70d0f89791,0xc76c51a30654be30
+.quad 0xd192e819d6ef5218,0xd69906245565a910
+.quad 0xf40e35855771202a,0x106aa07032bbd1b8
+.quad 0x19a4c116b8d2d0c8,0x1e376c085141ab53
+.quad 0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+.quad 0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+.quad 0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+.quad 0x748f82ee5defb2fc,0x78a5636f43172f60
+.quad 0x84c87814a1f0ab72,0x8cc702081a6439ec
+.quad 0x90befffa23631e28,0xa4506cebde82bde9
+.quad 0xbef9a3f7b2c67915,0xc67178f2e372532b
+.quad 0xca273eceea26619c,0xd186b8c721c0c207
+.quad 0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+.quad 0x06f067aa72176fba,0x0a637dc5a2c898a6
+.quad 0x113f9804bef90dae,0x1b710b35131c471b
+.quad 0x28db77f523047d84,0x32caab7b40c72493
+.quad 0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+.quad 0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+.quad 0x5fcb6fab3ad6faec,0x6c44198c4a475817
+.quad 0
+.size .LK512,.-.LK512
+
+.align 3
+.L_gnutls_arm_cpuid_s:
+
+
+
+.quad _gnutls_arm_cpuid_s-.
+
+
+.byte 83,72,65,53,49,50,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,65,82,77,118,56,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.align 2
+.align 2
+
+.type sha512_block_armv8,%function
+.align 6
+sha512_block_armv8:
+.Lv8_entry:
+ stp x29,x30,[sp,#-16]!
+ add x29,sp,#0
+
+ ld1 {v16.16b,v17.16b,v18.16b,v19.16b},[x1],#64
+ ld1 {v20.16b,v21.16b,v22.16b,v23.16b},[x1],#64
+
+ ld1 {v0.2d,v1.2d,v2.2d,v3.2d},[x0]
+ adr x3,.LK512
+
+ rev64 v16.16b,v16.16b
+ rev64 v17.16b,v17.16b
+ rev64 v18.16b,v18.16b
+ rev64 v19.16b,v19.16b
+ rev64 v20.16b,v20.16b
+ rev64 v21.16b,v21.16b
+ rev64 v22.16b,v22.16b
+ rev64 v23.16b,v23.16b
+ b .Loop_hw
+
+.align 4
+.Loop_hw:
+ ld1 {v24.2d},[x3],#16
+ subs x2,x2,#1
+ sub x4,x1,#128
+ orr v26.16b,v0.16b,v0.16b
+ orr v27.16b,v1.16b,v1.16b
+ orr v28.16b,v2.16b,v2.16b
+ orr v29.16b,v3.16b,v3.16b
+ csel x1,x1,x4,ne
+ add v24.2d,v24.2d,v16.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v24.2d
+.inst 0xcec08230
+ ext v7.16b,v20.16b,v21.16b,#8
+.inst 0xce6680a3
+.inst 0xce678af0
+ add v4.2d,v1.2d,v3.2d
+.inst 0xce608423
+ add v25.2d,v25.2d,v17.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v25.2d
+.inst 0xcec08251
+ ext v7.16b,v21.16b,v22.16b,#8
+.inst 0xce6680a2
+.inst 0xce678a11
+ add v1.2d,v0.2d,v2.2d
+.inst 0xce638402
+ add v24.2d,v24.2d,v18.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v24.2d
+.inst 0xcec08272
+ ext v7.16b,v22.16b,v23.16b,#8
+.inst 0xce6680a4
+.inst 0xce678a32
+ add v0.2d,v3.2d,v4.2d
+.inst 0xce628464
+ add v25.2d,v25.2d,v19.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v25.2d
+.inst 0xcec08293
+ ext v7.16b,v23.16b,v16.16b,#8
+.inst 0xce6680a1
+.inst 0xce678a53
+ add v3.2d,v2.2d,v1.2d
+.inst 0xce648441
+ add v24.2d,v24.2d,v20.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v24.2d
+.inst 0xcec082b4
+ ext v7.16b,v16.16b,v17.16b,#8
+.inst 0xce6680a0
+.inst 0xce678a74
+ add v2.2d,v4.2d,v0.2d
+.inst 0xce618480
+ add v25.2d,v25.2d,v21.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v25.2d
+.inst 0xcec082d5
+ ext v7.16b,v17.16b,v18.16b,#8
+.inst 0xce6680a3
+.inst 0xce678a95
+ add v4.2d,v1.2d,v3.2d
+.inst 0xce608423
+ add v24.2d,v24.2d,v22.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v24.2d
+.inst 0xcec082f6
+ ext v7.16b,v18.16b,v19.16b,#8
+.inst 0xce6680a2
+.inst 0xce678ab6
+ add v1.2d,v0.2d,v2.2d
+.inst 0xce638402
+ add v25.2d,v25.2d,v23.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v25.2d
+.inst 0xcec08217
+ ext v7.16b,v19.16b,v20.16b,#8
+.inst 0xce6680a4
+.inst 0xce678ad7
+ add v0.2d,v3.2d,v4.2d
+.inst 0xce628464
+ add v24.2d,v24.2d,v16.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v24.2d
+.inst 0xcec08230
+ ext v7.16b,v20.16b,v21.16b,#8
+.inst 0xce6680a1
+.inst 0xce678af0
+ add v3.2d,v2.2d,v1.2d
+.inst 0xce648441
+ add v25.2d,v25.2d,v17.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v25.2d
+.inst 0xcec08251
+ ext v7.16b,v21.16b,v22.16b,#8
+.inst 0xce6680a0
+.inst 0xce678a11
+ add v2.2d,v4.2d,v0.2d
+.inst 0xce618480
+ add v24.2d,v24.2d,v18.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v24.2d
+.inst 0xcec08272
+ ext v7.16b,v22.16b,v23.16b,#8
+.inst 0xce6680a3
+.inst 0xce678a32
+ add v4.2d,v1.2d,v3.2d
+.inst 0xce608423
+ add v25.2d,v25.2d,v19.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v25.2d
+.inst 0xcec08293
+ ext v7.16b,v23.16b,v16.16b,#8
+.inst 0xce6680a2
+.inst 0xce678a53
+ add v1.2d,v0.2d,v2.2d
+.inst 0xce638402
+ add v24.2d,v24.2d,v20.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v24.2d
+.inst 0xcec082b4
+ ext v7.16b,v16.16b,v17.16b,#8
+.inst 0xce6680a4
+.inst 0xce678a74
+ add v0.2d,v3.2d,v4.2d
+.inst 0xce628464
+ add v25.2d,v25.2d,v21.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v25.2d
+.inst 0xcec082d5
+ ext v7.16b,v17.16b,v18.16b,#8
+.inst 0xce6680a1
+.inst 0xce678a95
+ add v3.2d,v2.2d,v1.2d
+.inst 0xce648441
+ add v24.2d,v24.2d,v22.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v24.2d
+.inst 0xcec082f6
+ ext v7.16b,v18.16b,v19.16b,#8
+.inst 0xce6680a0
+.inst 0xce678ab6
+ add v2.2d,v4.2d,v0.2d
+.inst 0xce618480
+ add v25.2d,v25.2d,v23.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v25.2d
+.inst 0xcec08217
+ ext v7.16b,v19.16b,v20.16b,#8
+.inst 0xce6680a3
+.inst 0xce678ad7
+ add v4.2d,v1.2d,v3.2d
+.inst 0xce608423
+ add v24.2d,v24.2d,v16.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v24.2d
+.inst 0xcec08230
+ ext v7.16b,v20.16b,v21.16b,#8
+.inst 0xce6680a2
+.inst 0xce678af0
+ add v1.2d,v0.2d,v2.2d
+.inst 0xce638402
+ add v25.2d,v25.2d,v17.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v25.2d
+.inst 0xcec08251
+ ext v7.16b,v21.16b,v22.16b,#8
+.inst 0xce6680a4
+.inst 0xce678a11
+ add v0.2d,v3.2d,v4.2d
+.inst 0xce628464
+ add v24.2d,v24.2d,v18.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v24.2d
+.inst 0xcec08272
+ ext v7.16b,v22.16b,v23.16b,#8
+.inst 0xce6680a1
+.inst 0xce678a32
+ add v3.2d,v2.2d,v1.2d
+.inst 0xce648441
+ add v25.2d,v25.2d,v19.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v25.2d
+.inst 0xcec08293
+ ext v7.16b,v23.16b,v16.16b,#8
+.inst 0xce6680a0
+.inst 0xce678a53
+ add v2.2d,v4.2d,v0.2d
+.inst 0xce618480
+ add v24.2d,v24.2d,v20.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v24.2d
+.inst 0xcec082b4
+ ext v7.16b,v16.16b,v17.16b,#8
+.inst 0xce6680a3
+.inst 0xce678a74
+ add v4.2d,v1.2d,v3.2d
+.inst 0xce608423
+ add v25.2d,v25.2d,v21.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v25.2d
+.inst 0xcec082d5
+ ext v7.16b,v17.16b,v18.16b,#8
+.inst 0xce6680a2
+.inst 0xce678a95
+ add v1.2d,v0.2d,v2.2d
+.inst 0xce638402
+ add v24.2d,v24.2d,v22.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v24.2d
+.inst 0xcec082f6
+ ext v7.16b,v18.16b,v19.16b,#8
+.inst 0xce6680a4
+.inst 0xce678ab6
+ add v0.2d,v3.2d,v4.2d
+.inst 0xce628464
+ add v25.2d,v25.2d,v23.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v25.2d
+.inst 0xcec08217
+ ext v7.16b,v19.16b,v20.16b,#8
+.inst 0xce6680a1
+.inst 0xce678ad7
+ add v3.2d,v2.2d,v1.2d
+.inst 0xce648441
+ add v24.2d,v24.2d,v16.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v24.2d
+.inst 0xcec08230
+ ext v7.16b,v20.16b,v21.16b,#8
+.inst 0xce6680a0
+.inst 0xce678af0
+ add v2.2d,v4.2d,v0.2d
+.inst 0xce618480
+ add v25.2d,v25.2d,v17.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v25.2d
+.inst 0xcec08251
+ ext v7.16b,v21.16b,v22.16b,#8
+.inst 0xce6680a3
+.inst 0xce678a11
+ add v4.2d,v1.2d,v3.2d
+.inst 0xce608423
+ add v24.2d,v24.2d,v18.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v24.2d
+.inst 0xcec08272
+ ext v7.16b,v22.16b,v23.16b,#8
+.inst 0xce6680a2
+.inst 0xce678a32
+ add v1.2d,v0.2d,v2.2d
+.inst 0xce638402
+ add v25.2d,v25.2d,v19.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v25.2d
+.inst 0xcec08293
+ ext v7.16b,v23.16b,v16.16b,#8
+.inst 0xce6680a4
+.inst 0xce678a53
+ add v0.2d,v3.2d,v4.2d
+.inst 0xce628464
+ add v24.2d,v24.2d,v20.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v24.2d
+.inst 0xcec082b4
+ ext v7.16b,v16.16b,v17.16b,#8
+.inst 0xce6680a1
+.inst 0xce678a74
+ add v3.2d,v2.2d,v1.2d
+.inst 0xce648441
+ add v25.2d,v25.2d,v21.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v25.2d
+.inst 0xcec082d5
+ ext v7.16b,v17.16b,v18.16b,#8
+.inst 0xce6680a0
+.inst 0xce678a95
+ add v2.2d,v4.2d,v0.2d
+.inst 0xce618480
+ add v24.2d,v24.2d,v22.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v24.2d
+.inst 0xcec082f6
+ ext v7.16b,v18.16b,v19.16b,#8
+.inst 0xce6680a3
+.inst 0xce678ab6
+ add v4.2d,v1.2d,v3.2d
+.inst 0xce608423
+ add v25.2d,v25.2d,v23.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v25.2d
+.inst 0xcec08217
+ ext v7.16b,v19.16b,v20.16b,#8
+.inst 0xce6680a2
+.inst 0xce678ad7
+ add v1.2d,v0.2d,v2.2d
+.inst 0xce638402
+ ld1 {v25.2d},[x3],#16
+ add v24.2d,v24.2d,v16.2d
+ ld1 {v16.16b},[x1],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v24.2d
+.inst 0xce6680a4
+ rev64 v16.16b,v16.16b
+ add v0.2d,v3.2d,v4.2d
+.inst 0xce628464
+ ld1 {v24.2d},[x3],#16
+ add v25.2d,v25.2d,v17.2d
+ ld1 {v17.16b},[x1],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v25.2d
+.inst 0xce6680a1
+ rev64 v17.16b,v17.16b
+ add v3.2d,v2.2d,v1.2d
+.inst 0xce648441
+ ld1 {v25.2d},[x3],#16
+ add v24.2d,v24.2d,v18.2d
+ ld1 {v18.16b},[x1],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v24.2d
+.inst 0xce6680a0
+ rev64 v18.16b,v18.16b
+ add v2.2d,v4.2d,v0.2d
+.inst 0xce618480
+ ld1 {v24.2d},[x3],#16
+ add v25.2d,v25.2d,v19.2d
+ ld1 {v19.16b},[x1],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v25.2d
+.inst 0xce6680a3
+ rev64 v19.16b,v19.16b
+ add v4.2d,v1.2d,v3.2d
+.inst 0xce608423
+ ld1 {v25.2d},[x3],#16
+ add v24.2d,v24.2d,v20.2d
+ ld1 {v20.16b},[x1],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v24.2d
+.inst 0xce6680a2
+ rev64 v20.16b,v20.16b
+ add v1.2d,v0.2d,v2.2d
+.inst 0xce638402
+ ld1 {v24.2d},[x3],#16
+ add v25.2d,v25.2d,v21.2d
+ ld1 {v21.16b},[x1],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v25.2d
+.inst 0xce6680a4
+ rev64 v21.16b,v21.16b
+ add v0.2d,v3.2d,v4.2d
+.inst 0xce628464
+ ld1 {v25.2d},[x3],#16
+ add v24.2d,v24.2d,v22.2d
+ ld1 {v22.16b},[x1],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v24.2d
+.inst 0xce6680a1
+ rev64 v22.16b,v22.16b
+ add v3.2d,v2.2d,v1.2d
+.inst 0xce648441
+ sub x3,x3,#80*8
+ add v25.2d,v25.2d,v23.2d
+ ld1 {v23.16b},[x1],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v25.2d
+.inst 0xce6680a0
+ rev64 v23.16b,v23.16b
+ add v2.2d,v4.2d,v0.2d
+.inst 0xce618480
+ add v0.2d,v0.2d,v26.2d
+ add v1.2d,v1.2d,v27.2d
+ add v2.2d,v2.2d,v28.2d
+ add v3.2d,v3.2d,v29.2d
+
+ cbnz x2,.Loop_hw
+
+ st1 {v0.2d,v1.2d,v2.2d,v3.2d},[x0]
+
+ ldr x29,[sp],#16
+ ret
+.size sha512_block_armv8,.-sha512_block_armv8
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/aarch64/hmac-sha-aarch64.c b/lib/accelerated/aarch64/hmac-sha-aarch64.c
new file mode 100644
index 0000000..4748a54
--- /dev/null
+++ b/lib/accelerated/aarch64/hmac-sha-aarch64.c
@@ -0,0 +1,318 @@
+/*
+ * Copyright (C) 2008-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file provides the backend hash/mac implementation for
+ * aarch64 hardware.
+ */
+
+#include "gnutls_int.h"
+#include <hash_int.h>
+#include "errors.h"
+#include <nettle/sha.h>
+#include <nettle/hmac.h>
+#include <nettle/macros.h>
+#include <sha-aarch64.h>
+#include <algorithms.h>
+
+#ifdef HAVE_LIBNETTLE
+
+typedef void (*update_func) (void *, size_t, const uint8_t *);
+typedef void (*digest_func) (void *, size_t, uint8_t *);
+typedef void (*set_key_func) (void *, size_t, const uint8_t *);
+
+struct aarch64_hmac_ctx {
+	union {
+		struct hmac_sha1_ctx sha1;
+		struct hmac_sha224_ctx sha224;
+		struct hmac_sha256_ctx sha256;
+		struct hmac_sha384_ctx sha384;
+		struct hmac_sha512_ctx sha512;
+	} ctx;
+
+	void *ctx_ptr;
+	gnutls_mac_algorithm_t algo;
+	size_t length;
+	update_func update;
+	digest_func digest;
+	set_key_func setkey;
+};
+
+static void
+aarch64_hmac_sha1_set_key(struct hmac_sha1_ctx *ctx,
+			  size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &aarch64_sha1, key_length, key);
+}
+
+static void
+aarch64_hmac_sha1_update(struct hmac_sha1_ctx *ctx,
+			 size_t length, const uint8_t * data)
+{
+	aarch64_sha1_update(&ctx->state, length, data);
+}
+
+static void
+aarch64_hmac_sha1_digest(struct hmac_sha1_ctx *ctx,
+			 size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &aarch64_sha1, length, digest);
+}
+
+static void
+aarch64_hmac_sha256_set_key(struct hmac_sha256_ctx *ctx,
+			    size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &aarch64_sha256, key_length, key);
+}
+
+static void
+aarch64_hmac_sha256_update(struct hmac_sha256_ctx *ctx,
+			   size_t length, const uint8_t * data)
+{
+	aarch64_sha256_update(&ctx->state, length, data);
+}
+
+static void
+aarch64_hmac_sha256_digest(struct hmac_sha256_ctx *ctx,
+			   size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &aarch64_sha256, length, digest);
+}
+
+static void
+aarch64_hmac_sha224_set_key(struct hmac_sha224_ctx *ctx,
+			    size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &aarch64_sha224, key_length, key);
+}
+
+static void
+aarch64_hmac_sha224_digest(struct hmac_sha224_ctx *ctx,
+			   size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &aarch64_sha224, length, digest);
+}
+
+static void
+aarch64_hmac_sha384_set_key(struct hmac_sha384_ctx *ctx,
+			    size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &aarch64_sha384, key_length, key);
+}
+
+static void
+aarch64_hmac_sha384_digest(struct hmac_sha384_ctx *ctx,
+			   size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &aarch64_sha384, length, digest);
+}
+
+static void
+aarch64_hmac_sha512_set_key(struct hmac_sha512_ctx *ctx,
+			    size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &aarch64_sha512, key_length, key);
+}
+
+static void
+aarch64_hmac_sha512_update(struct hmac_sha512_ctx *ctx,
+			   size_t length, const uint8_t * data)
+{
+	aarch64_sha512_update(&ctx->state, length, data);
+}
+
+static void
+aarch64_hmac_sha512_digest(struct hmac_sha512_ctx *ctx,
+			   size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &aarch64_sha512, length, digest);
+}
+
+static int
+_hmac_ctx_init(gnutls_mac_algorithm_t algo, struct aarch64_hmac_ctx *ctx)
+{
+	switch (algo) {
+	case GNUTLS_MAC_SHA1:
+		ctx->update = (update_func) aarch64_hmac_sha1_update;
+		ctx->digest = (digest_func) aarch64_hmac_sha1_digest;
+		ctx->setkey = (set_key_func) aarch64_hmac_sha1_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha1;
+		ctx->length = SHA1_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA224:
+		ctx->update = (update_func) aarch64_hmac_sha256_update;
+		ctx->digest = (digest_func) aarch64_hmac_sha224_digest;
+		ctx->setkey = (set_key_func) aarch64_hmac_sha224_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha224;
+		ctx->length = SHA224_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA256:
+		ctx->update = (update_func) aarch64_hmac_sha256_update;
+		ctx->digest = (digest_func) aarch64_hmac_sha256_digest;
+		ctx->setkey = (set_key_func) aarch64_hmac_sha256_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha256;
+		ctx->length = SHA256_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA384:
+		ctx->update = (update_func) aarch64_hmac_sha512_update;
+		ctx->digest = (digest_func) aarch64_hmac_sha384_digest;
+		ctx->setkey = (set_key_func) aarch64_hmac_sha384_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha384;
+		ctx->length = SHA384_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA512:
+		ctx->update = (update_func) aarch64_hmac_sha512_update;
+		ctx->digest = (digest_func) aarch64_hmac_sha512_digest;
+		ctx->setkey = (set_key_func) aarch64_hmac_sha512_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha512;
+		ctx->length = SHA512_DIGEST_SIZE;
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return 0;
+}
+
+
+static int wrap_aarch64_hmac_init(gnutls_mac_algorithm_t algo, void **_ctx)
+{
+	struct aarch64_hmac_ctx *ctx;
+	int ret;
+
+	ctx = gnutls_calloc(1, sizeof(struct aarch64_hmac_ctx));
+	if (ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ctx->algo = algo;
+
+	ret = _hmac_ctx_init(algo, ctx);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	*_ctx = ctx;
+
+	return 0;
+}
+
+static void *
+wrap_aarch64_hmac_copy(const void *_ctx)
+{
+	struct aarch64_hmac_ctx *new_ctx;
+	const struct aarch64_hmac_ctx *ctx=_ctx;
+	ptrdiff_t off = (uint8_t *)ctx->ctx_ptr - (uint8_t *)(&ctx->ctx);
+
+	new_ctx = gnutls_malloc(sizeof(struct aarch64_hmac_ctx));
+	if (new_ctx == NULL) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	memcpy(new_ctx, ctx, sizeof(*new_ctx));
+	new_ctx->ctx_ptr = (uint8_t *)&new_ctx->ctx + off;
+
+	return new_ctx;
+}
+
+
+static int
+wrap_aarch64_hmac_setkey(void *_ctx, const void *key, size_t keylen)
+{
+	struct aarch64_hmac_ctx *ctx = _ctx;
+
+	ctx->setkey(ctx->ctx_ptr, keylen, key);
+
+	return GNUTLS_E_SUCCESS;
+}
+
+static int
+wrap_aarch64_hmac_update(void *_ctx, const void *text, size_t textsize)
+{
+	struct aarch64_hmac_ctx *ctx = _ctx;
+
+	ctx->update(ctx->ctx_ptr, textsize, text);
+
+	return GNUTLS_E_SUCCESS;
+}
+
+static int
+wrap_aarch64_hmac_output(void *src_ctx, void *digest, size_t digestsize)
+{
+	struct aarch64_hmac_ctx *ctx;
+	ctx = src_ctx;
+
+	if (digestsize < ctx->length) {
+		gnutls_assert();
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	ctx->digest(ctx->ctx_ptr, digestsize, digest);
+
+	return 0;
+}
+
+static void wrap_aarch64_hmac_deinit(void *hd)
+{
+	struct aarch64_hmac_ctx *ctx = hd;
+
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+static int wrap_aarch64_hmac_fast(gnutls_mac_algorithm_t algo,
+				const void *nonce, size_t nonce_size,
+				const void *key, size_t key_size,
+				const void *text, size_t text_size,
+				void *digest)
+{
+	struct aarch64_hmac_ctx ctx;
+	int ret;
+
+	ret = _hmac_ctx_init(algo, &ctx);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ctx.setkey(&ctx, key_size, key);
+	ctx.update(&ctx, text_size, text);
+	ctx.digest(&ctx, ctx.length, digest);
+
+	zeroize_temp_key(&ctx, sizeof(ctx));
+
+	return 0;
+}
+
+const gnutls_crypto_mac_st _gnutls_hmac_sha_aarch64 = {
+	.init = wrap_aarch64_hmac_init,
+	.setkey = wrap_aarch64_hmac_setkey,
+	.setnonce = NULL,
+	.hash = wrap_aarch64_hmac_update,
+	.output = wrap_aarch64_hmac_output,
+	.copy = wrap_aarch64_hmac_copy,
+	.deinit = wrap_aarch64_hmac_deinit,
+	.fast = wrap_aarch64_hmac_fast,
+};
+
+#endif				/* HAVE_LIBNETTLE */
diff --git a/lib/accelerated/aarch64/macosx/aes-aarch64.s b/lib/accelerated/aarch64/macosx/aes-aarch64.s
new file mode 100644
index 0000000..4b55f88
--- /dev/null
+++ b/lib/accelerated/aarch64/macosx/aes-aarch64.s
@@ -0,0 +1,799 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+# 1 "lib/accelerated/aarch64/macosx/aes-aarch64.s.tmp.S"
+# 1 "<built-in>"
+# 1 "<command-line>"
+# 1 "lib/accelerated/aarch64/macosx/aes-aarch64.s.tmp.S"
+# 1 "lib/accelerated/aarch64/aarch64-common.h" 1
+# 2 "lib/accelerated/aarch64/macosx/aes-aarch64.s.tmp.S" 2
+
+
+.text
+
+.align 5
+Lrcon:
+.long 0x01,0x01,0x01,0x01
+.long 0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d
+.long 0x1b,0x1b,0x1b,0x1b
+
+.globl _aes_v8_set_encrypt_key
+
+.align 5
+_aes_v8_set_encrypt_key:
+Lenc_key:
+ stp x29,x30,[sp,#-16]!
+ add x29,sp,#0
+ mov x3,#-1
+ cmp x0,#0
+ b.eq Lenc_key_abort
+ cmp x2,#0
+ b.eq Lenc_key_abort
+ mov x3,#-2
+ cmp w1,#128
+ b.lt Lenc_key_abort
+ cmp w1,#256
+ b.gt Lenc_key_abort
+ tst w1,#0x3f
+ b.ne Lenc_key_abort
+
+ adr x3,Lrcon
+ cmp w1,#192
+
+ eor v0.16b,v0.16b,v0.16b
+ ld1 {v3.16b},[x0],#16
+ mov w1,#8
+ ld1 {v1.4s,v2.4s},[x3],#32
+
+ b.lt Loop128
+ b.eq L192
+ b L256
+
+.align 4
+Loop128:
+ tbl v6.16b,{v3.16b},v2.16b
+ ext v5.16b,v0.16b,v3.16b,#12
+ st1 {v3.4s},[x2],#16
+ aese v6.16b,v0.16b
+ subs w1,w1,#1
+
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v6.16b,v6.16b,v1.16b
+ eor v3.16b,v3.16b,v5.16b
+ shl v1.16b,v1.16b,#1
+ eor v3.16b,v3.16b,v6.16b
+ b.ne Loop128
+
+ ld1 {v1.4s},[x3]
+
+ tbl v6.16b,{v3.16b},v2.16b
+ ext v5.16b,v0.16b,v3.16b,#12
+ st1 {v3.4s},[x2],#16
+ aese v6.16b,v0.16b
+
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v6.16b,v6.16b,v1.16b
+ eor v3.16b,v3.16b,v5.16b
+ shl v1.16b,v1.16b,#1
+ eor v3.16b,v3.16b,v6.16b
+
+ tbl v6.16b,{v3.16b},v2.16b
+ ext v5.16b,v0.16b,v3.16b,#12
+ st1 {v3.4s},[x2],#16
+ aese v6.16b,v0.16b
+
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v6.16b,v6.16b,v1.16b
+ eor v3.16b,v3.16b,v5.16b
+ eor v3.16b,v3.16b,v6.16b
+ st1 {v3.4s},[x2]
+ add x2,x2,#0x50
+
+ mov w12,#10
+ b Ldone
+
+.align 4
+L192:
+ ld1 {v4.8b},[x0],#8
+ movi v6.16b,#8
+ st1 {v3.4s},[x2],#16
+ sub v2.16b,v2.16b,v6.16b
+
+Loop192:
+ tbl v6.16b,{v4.16b},v2.16b
+ ext v5.16b,v0.16b,v3.16b,#12
+
+
+
+
+ st1 {v4.8b},[x2],#8
+
+ aese v6.16b,v0.16b
+ subs w1,w1,#1
+
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v3.16b,v3.16b,v5.16b
+
+ dup v5.4s,v3.s[3]
+ eor v5.16b,v5.16b,v4.16b
+ eor v6.16b,v6.16b,v1.16b
+ ext v4.16b,v0.16b,v4.16b,#12
+ shl v1.16b,v1.16b,#1
+ eor v4.16b,v4.16b,v5.16b
+ eor v3.16b,v3.16b,v6.16b
+ eor v4.16b,v4.16b,v6.16b
+ st1 {v3.4s},[x2],#16
+ b.ne Loop192
+
+ mov w12,#12
+ add x2,x2,#0x20
+ b Ldone
+
+.align 4
+L256:
+ ld1 {v4.16b},[x0]
+ mov w1,#7
+ mov w12,#14
+ st1 {v3.4s},[x2],#16
+
+Loop256:
+ tbl v6.16b,{v4.16b},v2.16b
+ ext v5.16b,v0.16b,v3.16b,#12
+ st1 {v4.4s},[x2],#16
+ aese v6.16b,v0.16b
+ subs w1,w1,#1
+
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v3.16b,v3.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v6.16b,v6.16b,v1.16b
+ eor v3.16b,v3.16b,v5.16b
+ shl v1.16b,v1.16b,#1
+ eor v3.16b,v3.16b,v6.16b
+ st1 {v3.4s},[x2],#16
+ b.eq Ldone
+
+ dup v6.4s,v3.s[3]
+ ext v5.16b,v0.16b,v4.16b,#12
+ aese v6.16b,v0.16b
+
+ eor v4.16b,v4.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v4.16b,v4.16b,v5.16b
+ ext v5.16b,v0.16b,v5.16b,#12
+ eor v4.16b,v4.16b,v5.16b
+
+ eor v4.16b,v4.16b,v6.16b
+ b Loop256
+
+Ldone:
+ str w12,[x2]
+ mov x3,#0
+
+Lenc_key_abort:
+ mov x0,x3
+ ldr x29,[sp],#16
+ ret
+
+
+.globl _aes_v8_set_decrypt_key
+
+.align 5
+_aes_v8_set_decrypt_key:
+.long 0xd503233f
+ stp x29,x30,[sp,#-16]!
+ add x29,sp,#0
+ bl Lenc_key
+
+ cmp x0,#0
+ b.ne Ldec_key_abort
+
+ sub x2,x2,#240
+ mov x4,#-16
+ add x0,x2,x12,lsl#4
+
+ ld1 {v0.4s},[x2]
+ ld1 {v1.4s},[x0]
+ st1 {v0.4s},[x0],x4
+ st1 {v1.4s},[x2],#16
+
+Loop_imc:
+ ld1 {v0.4s},[x2]
+ ld1 {v1.4s},[x0]
+ aesimc v0.16b,v0.16b
+ aesimc v1.16b,v1.16b
+ st1 {v0.4s},[x0],x4
+ st1 {v1.4s},[x2],#16
+ cmp x0,x2
+ b.hi Loop_imc
+
+ ld1 {v0.4s},[x2]
+ aesimc v0.16b,v0.16b
+ st1 {v0.4s},[x0]
+
+ eor x0,x0,x0
+Ldec_key_abort:
+ ldp x29,x30,[sp],#16
+.long 0xd50323bf
+ ret
+
+.globl _aes_v8_encrypt
+
+.align 5
+_aes_v8_encrypt:
+ ldr w3,[x2,#240]
+ ld1 {v0.4s},[x2],#16
+ ld1 {v2.16b},[x0]
+ sub w3,w3,#2
+ ld1 {v1.4s},[x2],#16
+
+Loop_enc:
+ aese v2.16b,v0.16b
+ aesmc v2.16b,v2.16b
+ ld1 {v0.4s},[x2],#16
+ subs w3,w3,#2
+ aese v2.16b,v1.16b
+ aesmc v2.16b,v2.16b
+ ld1 {v1.4s},[x2],#16
+ b.gt Loop_enc
+
+ aese v2.16b,v0.16b
+ aesmc v2.16b,v2.16b
+ ld1 {v0.4s},[x2]
+ aese v2.16b,v1.16b
+ eor v2.16b,v2.16b,v0.16b
+
+ st1 {v2.16b},[x1]
+ ret
+
+.globl _aes_v8_decrypt
+
+.align 5
+_aes_v8_decrypt:
+ ldr w3,[x2,#240]
+ ld1 {v0.4s},[x2],#16
+ ld1 {v2.16b},[x0]
+ sub w3,w3,#2
+ ld1 {v1.4s},[x2],#16
+
+Loop_dec:
+ aesd v2.16b,v0.16b
+ aesimc v2.16b,v2.16b
+ ld1 {v0.4s},[x2],#16
+ subs w3,w3,#2
+ aesd v2.16b,v1.16b
+ aesimc v2.16b,v2.16b
+ ld1 {v1.4s},[x2],#16
+ b.gt Loop_dec
+
+ aesd v2.16b,v0.16b
+ aesimc v2.16b,v2.16b
+ ld1 {v0.4s},[x2]
+ aesd v2.16b,v1.16b
+ eor v2.16b,v2.16b,v0.16b
+
+ st1 {v2.16b},[x1]
+ ret
+
+.globl _aes_v8_cbc_encrypt
+
+.align 5
+_aes_v8_cbc_encrypt:
+ stp x29,x30,[sp,#-16]!
+ add x29,sp,#0
+ subs x2,x2,#16
+ mov x8,#16
+ b.lo Lcbc_abort
+ csel x8,xzr,x8,eq
+
+ cmp w5,#0
+ ldr w5,[x3,#240]
+ and x2,x2,#-16
+ ld1 {v6.16b},[x4]
+ ld1 {v0.16b},[x0],x8
+
+ ld1 {v16.4s,v17.4s},[x3]
+ sub w5,w5,#6
+ add x7,x3,x5,lsl#4
+ sub w5,w5,#2
+ ld1 {v18.4s,v19.4s},[x7],#32
+ ld1 {v20.4s,v21.4s},[x7],#32
+ ld1 {v22.4s,v23.4s},[x7],#32
+ ld1 {v7.4s},[x7]
+
+ add x7,x3,#32
+ mov w6,w5
+ b.eq Lcbc_dec
+
+ cmp w5,#2
+ eor v0.16b,v0.16b,v6.16b
+ eor v5.16b,v16.16b,v7.16b
+ b.eq Lcbc_enc128
+
+ ld1 {v2.4s,v3.4s},[x7]
+ add x7,x3,#16
+ add x6,x3,#16*4
+ add x12,x3,#16*5
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ add x14,x3,#16*6
+ add x3,x3,#16*7
+ b Lenter_cbc_enc
+
+.align 4
+Loop_cbc_enc:
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ st1 {v6.16b},[x1],#16
+Lenter_cbc_enc:
+ aese v0.16b,v17.16b
+ aesmc v0.16b,v0.16b
+ aese v0.16b,v2.16b
+ aesmc v0.16b,v0.16b
+ ld1 {v16.4s},[x6]
+ cmp w5,#4
+ aese v0.16b,v3.16b
+ aesmc v0.16b,v0.16b
+ ld1 {v17.4s},[x12]
+ b.eq Lcbc_enc192
+
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ ld1 {v16.4s},[x14]
+ aese v0.16b,v17.16b
+ aesmc v0.16b,v0.16b
+ ld1 {v17.4s},[x3]
+ nop
+
+Lcbc_enc192:
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ subs x2,x2,#16
+ aese v0.16b,v17.16b
+ aesmc v0.16b,v0.16b
+ csel x8,xzr,x8,eq
+ aese v0.16b,v18.16b
+ aesmc v0.16b,v0.16b
+ aese v0.16b,v19.16b
+ aesmc v0.16b,v0.16b
+ ld1 {v16.16b},[x0],x8
+ aese v0.16b,v20.16b
+ aesmc v0.16b,v0.16b
+ eor v16.16b,v16.16b,v5.16b
+ aese v0.16b,v21.16b
+ aesmc v0.16b,v0.16b
+ ld1 {v17.4s},[x7]
+ aese v0.16b,v22.16b
+ aesmc v0.16b,v0.16b
+ aese v0.16b,v23.16b
+ eor v6.16b,v0.16b,v7.16b
+ b.hs Loop_cbc_enc
+
+ st1 {v6.16b},[x1],#16
+ b Lcbc_done
+
+.align 5
+Lcbc_enc128:
+ ld1 {v2.4s,v3.4s},[x7]
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ b Lenter_cbc_enc128
+Loop_cbc_enc128:
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ st1 {v6.16b},[x1],#16
+Lenter_cbc_enc128:
+ aese v0.16b,v17.16b
+ aesmc v0.16b,v0.16b
+ subs x2,x2,#16
+ aese v0.16b,v2.16b
+ aesmc v0.16b,v0.16b
+ csel x8,xzr,x8,eq
+ aese v0.16b,v3.16b
+ aesmc v0.16b,v0.16b
+ aese v0.16b,v18.16b
+ aesmc v0.16b,v0.16b
+ aese v0.16b,v19.16b
+ aesmc v0.16b,v0.16b
+ ld1 {v16.16b},[x0],x8
+ aese v0.16b,v20.16b
+ aesmc v0.16b,v0.16b
+ aese v0.16b,v21.16b
+ aesmc v0.16b,v0.16b
+ aese v0.16b,v22.16b
+ aesmc v0.16b,v0.16b
+ eor v16.16b,v16.16b,v5.16b
+ aese v0.16b,v23.16b
+ eor v6.16b,v0.16b,v7.16b
+ b.hs Loop_cbc_enc128
+
+ st1 {v6.16b},[x1],#16
+ b Lcbc_done
+.align 5
+Lcbc_dec:
+ ld1 {v18.16b},[x0],#16
+ subs x2,x2,#32
+ add w6,w5,#2
+ orr v3.16b,v0.16b,v0.16b
+ orr v1.16b,v0.16b,v0.16b
+ orr v19.16b,v18.16b,v18.16b
+ b.lo Lcbc_dec_tail
+
+ orr v1.16b,v18.16b,v18.16b
+ ld1 {v18.16b},[x0],#16
+ orr v2.16b,v0.16b,v0.16b
+ orr v3.16b,v1.16b,v1.16b
+ orr v19.16b,v18.16b,v18.16b
+
+Loop3x_cbc_dec:
+ aesd v0.16b,v16.16b
+ aesimc v0.16b,v0.16b
+ aesd v1.16b,v16.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v16.16b
+ aesimc v18.16b,v18.16b
+ ld1 {v16.4s},[x7],#16
+ subs w6,w6,#2
+ aesd v0.16b,v17.16b
+ aesimc v0.16b,v0.16b
+ aesd v1.16b,v17.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v17.16b
+ aesimc v18.16b,v18.16b
+ ld1 {v17.4s},[x7],#16
+ b.gt Loop3x_cbc_dec
+
+ aesd v0.16b,v16.16b
+ aesimc v0.16b,v0.16b
+ aesd v1.16b,v16.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v16.16b
+ aesimc v18.16b,v18.16b
+ eor v4.16b,v6.16b,v7.16b
+ subs x2,x2,#0x30
+ eor v5.16b,v2.16b,v7.16b
+ csel x6,x2,x6,lo
+ aesd v0.16b,v17.16b
+ aesimc v0.16b,v0.16b
+ aesd v1.16b,v17.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v17.16b
+ aesimc v18.16b,v18.16b
+ eor v17.16b,v3.16b,v7.16b
+ add x0,x0,x6
+
+
+ orr v6.16b,v19.16b,v19.16b
+ mov x7,x3
+ aesd v0.16b,v20.16b
+ aesimc v0.16b,v0.16b
+ aesd v1.16b,v20.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v20.16b
+ aesimc v18.16b,v18.16b
+ ld1 {v2.16b},[x0],#16
+ aesd v0.16b,v21.16b
+ aesimc v0.16b,v0.16b
+ aesd v1.16b,v21.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v21.16b
+ aesimc v18.16b,v18.16b
+ ld1 {v3.16b},[x0],#16
+ aesd v0.16b,v22.16b
+ aesimc v0.16b,v0.16b
+ aesd v1.16b,v22.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v22.16b
+ aesimc v18.16b,v18.16b
+ ld1 {v19.16b},[x0],#16
+ aesd v0.16b,v23.16b
+ aesd v1.16b,v23.16b
+ aesd v18.16b,v23.16b
+ ld1 {v16.4s},[x7],#16
+ add w6,w5,#2
+ eor v4.16b,v4.16b,v0.16b
+ eor v5.16b,v5.16b,v1.16b
+ eor v18.16b,v18.16b,v17.16b
+ ld1 {v17.4s},[x7],#16
+ st1 {v4.16b},[x1],#16
+ orr v0.16b,v2.16b,v2.16b
+ st1 {v5.16b},[x1],#16
+ orr v1.16b,v3.16b,v3.16b
+ st1 {v18.16b},[x1],#16
+ orr v18.16b,v19.16b,v19.16b
+ b.hs Loop3x_cbc_dec
+
+ cmn x2,#0x30
+ b.eq Lcbc_done
+ nop
+
+Lcbc_dec_tail:
+ aesd v1.16b,v16.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v16.16b
+ aesimc v18.16b,v18.16b
+ ld1 {v16.4s},[x7],#16
+ subs w6,w6,#2
+ aesd v1.16b,v17.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v17.16b
+ aesimc v18.16b,v18.16b
+ ld1 {v17.4s},[x7],#16
+ b.gt Lcbc_dec_tail
+
+ aesd v1.16b,v16.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v16.16b
+ aesimc v18.16b,v18.16b
+ aesd v1.16b,v17.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v17.16b
+ aesimc v18.16b,v18.16b
+ aesd v1.16b,v20.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v20.16b
+ aesimc v18.16b,v18.16b
+ cmn x2,#0x20
+ aesd v1.16b,v21.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v21.16b
+ aesimc v18.16b,v18.16b
+ eor v5.16b,v6.16b,v7.16b
+ aesd v1.16b,v22.16b
+ aesimc v1.16b,v1.16b
+ aesd v18.16b,v22.16b
+ aesimc v18.16b,v18.16b
+ eor v17.16b,v3.16b,v7.16b
+ aesd v1.16b,v23.16b
+ aesd v18.16b,v23.16b
+ b.eq Lcbc_dec_one
+ eor v5.16b,v5.16b,v1.16b
+ eor v17.16b,v17.16b,v18.16b
+ orr v6.16b,v19.16b,v19.16b
+ st1 {v5.16b},[x1],#16
+ st1 {v17.16b},[x1],#16
+ b Lcbc_done
+
+Lcbc_dec_one:
+ eor v5.16b,v5.16b,v18.16b
+ orr v6.16b,v19.16b,v19.16b
+ st1 {v5.16b},[x1],#16
+
+Lcbc_done:
+ st1 {v6.16b},[x4]
+Lcbc_abort:
+ ldr x29,[sp],#16
+ ret
+
+.globl _aes_v8_ctr32_encrypt_blocks
+
+.align 5
+_aes_v8_ctr32_encrypt_blocks:
+ stp x29,x30,[sp,#-16]!
+ add x29,sp,#0
+ ldr w5,[x3,#240]
+
+ ldr w8, [x4, #12]
+
+
+
+ ld1 {v0.4s},[x4]
+
+ ld1 {v16.4s,v17.4s},[x3]
+ sub w5,w5,#4
+ mov x12,#16
+ cmp x2,#2
+ add x7,x3,x5,lsl#4
+ sub w5,w5,#2
+ ld1 {v20.4s,v21.4s},[x7],#32
+ ld1 {v22.4s,v23.4s},[x7],#32
+ ld1 {v7.4s},[x7]
+ add x7,x3,#32
+ mov w6,w5
+ csel x12,xzr,x12,lo
+
+ rev w8, w8
+
+ orr v1.16b,v0.16b,v0.16b
+ add w10, w8, #1
+ orr v18.16b,v0.16b,v0.16b
+ add w8, w8, #2
+ orr v6.16b,v0.16b,v0.16b
+ rev w10, w10
+ mov v1.s[3],w10
+ b.ls Lctr32_tail
+ rev w12, w8
+ sub x2,x2,#3
+ mov v18.s[3],w12
+ b Loop3x_ctr32
+
+.align 4
+Loop3x_ctr32:
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v16.16b
+ aesmc v1.16b,v1.16b
+ aese v18.16b,v16.16b
+ aesmc v18.16b,v18.16b
+ ld1 {v16.4s},[x7],#16
+ subs w6,w6,#2
+ aese v0.16b,v17.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v17.16b
+ aesmc v1.16b,v1.16b
+ aese v18.16b,v17.16b
+ aesmc v18.16b,v18.16b
+ ld1 {v17.4s},[x7],#16
+ b.gt Loop3x_ctr32
+
+ aese v0.16b,v16.16b
+ aesmc v4.16b,v0.16b
+ aese v1.16b,v16.16b
+ aesmc v5.16b,v1.16b
+ ld1 {v2.16b},[x0],#16
+ orr v0.16b,v6.16b,v6.16b
+ aese v18.16b,v16.16b
+ aesmc v18.16b,v18.16b
+ ld1 {v3.16b},[x0],#16
+ orr v1.16b,v6.16b,v6.16b
+ aese v4.16b,v17.16b
+ aesmc v4.16b,v4.16b
+ aese v5.16b,v17.16b
+ aesmc v5.16b,v5.16b
+ ld1 {v19.16b},[x0],#16
+ mov x7,x3
+ aese v18.16b,v17.16b
+ aesmc v17.16b,v18.16b
+ orr v18.16b,v6.16b,v6.16b
+ add w9,w8,#1
+ aese v4.16b,v20.16b
+ aesmc v4.16b,v4.16b
+ aese v5.16b,v20.16b
+ aesmc v5.16b,v5.16b
+ eor v2.16b,v2.16b,v7.16b
+ add w10,w8,#2
+ aese v17.16b,v20.16b
+ aesmc v17.16b,v17.16b
+ eor v3.16b,v3.16b,v7.16b
+ add w8,w8,#3
+ aese v4.16b,v21.16b
+ aesmc v4.16b,v4.16b
+ aese v5.16b,v21.16b
+ aesmc v5.16b,v5.16b
+ eor v19.16b,v19.16b,v7.16b
+ rev w9,w9
+ aese v17.16b,v21.16b
+ aesmc v17.16b,v17.16b
+ mov v0.s[3], w9
+ rev w10,w10
+ aese v4.16b,v22.16b
+ aesmc v4.16b,v4.16b
+ aese v5.16b,v22.16b
+ aesmc v5.16b,v5.16b
+ mov v1.s[3], w10
+ rev w12,w8
+ aese v17.16b,v22.16b
+ aesmc v17.16b,v17.16b
+ mov v18.s[3], w12
+ subs x2,x2,#3
+ aese v4.16b,v23.16b
+ aese v5.16b,v23.16b
+ aese v17.16b,v23.16b
+
+ eor v2.16b,v2.16b,v4.16b
+ ld1 {v16.4s},[x7],#16
+ st1 {v2.16b},[x1],#16
+ eor v3.16b,v3.16b,v5.16b
+ mov w6,w5
+ st1 {v3.16b},[x1],#16
+ eor v19.16b,v19.16b,v17.16b
+ ld1 {v17.4s},[x7],#16
+ st1 {v19.16b},[x1],#16
+ b.hs Loop3x_ctr32
+
+ adds x2,x2,#3
+ b.eq Lctr32_done
+ cmp x2,#1
+ mov x12,#16
+ csel x12,xzr,x12,eq
+
+Lctr32_tail:
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v16.16b
+ aesmc v1.16b,v1.16b
+ ld1 {v16.4s},[x7],#16
+ subs w6,w6,#2
+ aese v0.16b,v17.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v17.16b
+ aesmc v1.16b,v1.16b
+ ld1 {v17.4s},[x7],#16
+ b.gt Lctr32_tail
+
+ aese v0.16b,v16.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v16.16b
+ aesmc v1.16b,v1.16b
+ aese v0.16b,v17.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v17.16b
+ aesmc v1.16b,v1.16b
+ ld1 {v2.16b},[x0],x12
+ aese v0.16b,v20.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v20.16b
+ aesmc v1.16b,v1.16b
+ ld1 {v3.16b},[x0]
+ aese v0.16b,v21.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v21.16b
+ aesmc v1.16b,v1.16b
+ eor v2.16b,v2.16b,v7.16b
+ aese v0.16b,v22.16b
+ aesmc v0.16b,v0.16b
+ aese v1.16b,v22.16b
+ aesmc v1.16b,v1.16b
+ eor v3.16b,v3.16b,v7.16b
+ aese v0.16b,v23.16b
+ aese v1.16b,v23.16b
+
+ cmp x2,#1
+ eor v2.16b,v2.16b,v0.16b
+ eor v3.16b,v3.16b,v1.16b
+ st1 {v2.16b},[x1],#16
+ b.eq Lctr32_done
+ st1 {v3.16b},[x1]
+
+Lctr32_done:
+ ldr x29,[sp],#16
+ ret
diff --git a/lib/accelerated/aarch64/macosx/ghash-aarch64.s b/lib/accelerated/aarch64/macosx/ghash-aarch64.s
new file mode 100644
index 0000000..bf33773
--- /dev/null
+++ b/lib/accelerated/aarch64/macosx/ghash-aarch64.s
@@ -0,0 +1,588 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+# 1 "lib/accelerated/aarch64/macosx/ghash-aarch64.s.tmp.S"
+# 1 "<built-in>"
+# 1 "<command-line>"
+# 1 "lib/accelerated/aarch64/macosx/ghash-aarch64.s.tmp.S"
+# 1 "lib/accelerated/aarch64/aarch64-common.h" 1
+# 2 "lib/accelerated/aarch64/macosx/ghash-aarch64.s.tmp.S" 2
+
+
+.text
+
+.globl _gcm_init_v8
+
+.align 4
+_gcm_init_v8:
+ ld1 {v17.2d},[x1]
+ movi v19.16b,#0xe1
+ shl v19.2d,v19.2d,#57
+ ext v3.16b,v17.16b,v17.16b,#8
+ ushr v18.2d,v19.2d,#63
+ dup v17.4s,v17.s[1]
+ ext v16.16b,v18.16b,v19.16b,#8
+ ushr v18.2d,v3.2d,#63
+ sshr v17.4s,v17.4s,#31
+ and v18.16b,v18.16b,v16.16b
+ shl v3.2d,v3.2d,#1
+ ext v18.16b,v18.16b,v18.16b,#8
+ and v16.16b,v16.16b,v17.16b
+ orr v3.16b,v3.16b,v18.16b
+ eor v20.16b,v3.16b,v16.16b
+ st1 {v20.2d},[x0],#16
+
+
+ ext v16.16b,v20.16b,v20.16b,#8
+ pmull v0.1q,v20.1d,v20.1d
+ eor v16.16b,v16.16b,v20.16b
+ pmull2 v2.1q,v20.2d,v20.2d
+ pmull v1.1q,v16.1d,v16.1d
+
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ eor v1.16b,v1.16b,v18.16b
+ pmull v18.1q,v0.1d,v19.1d
+
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ eor v0.16b,v1.16b,v18.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ eor v22.16b,v0.16b,v18.16b
+
+ ext v17.16b,v22.16b,v22.16b,#8
+ eor v17.16b,v17.16b,v22.16b
+ ext v21.16b,v16.16b,v17.16b,#8
+ st1 {v21.2d,v22.2d},[x0],#32
+
+ pmull v0.1q,v20.1d, v22.1d
+ pmull v5.1q,v22.1d,v22.1d
+ pmull2 v2.1q,v20.2d, v22.2d
+ pmull2 v7.1q,v22.2d,v22.2d
+ pmull v1.1q,v16.1d,v17.1d
+ pmull v6.1q,v17.1d,v17.1d
+
+ ext v16.16b,v0.16b,v2.16b,#8
+ ext v17.16b,v5.16b,v7.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v16.16b
+ eor v4.16b,v5.16b,v7.16b
+ eor v6.16b,v6.16b,v17.16b
+ eor v1.16b,v1.16b,v18.16b
+ pmull v18.1q,v0.1d,v19.1d
+ eor v6.16b,v6.16b,v4.16b
+ pmull v4.1q,v5.1d,v19.1d
+
+ ins v2.d[0],v1.d[1]
+ ins v7.d[0],v6.d[1]
+ ins v1.d[1],v0.d[0]
+ ins v6.d[1],v5.d[0]
+ eor v0.16b,v1.16b,v18.16b
+ eor v5.16b,v6.16b,v4.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ ext v4.16b,v5.16b,v5.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ pmull v5.1q,v5.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ eor v4.16b,v4.16b,v7.16b
+ eor v20.16b, v0.16b,v18.16b
+ eor v22.16b,v5.16b,v4.16b
+
+ ext v16.16b,v20.16b, v20.16b,#8
+ ext v17.16b,v22.16b,v22.16b,#8
+ eor v16.16b,v16.16b,v20.16b
+ eor v17.16b,v17.16b,v22.16b
+ ext v21.16b,v16.16b,v17.16b,#8
+ st1 {v20.2d,v21.2d,v22.2d},[x0]
+ ret
+
+.globl _gcm_gmult_v8
+
+.align 4
+_gcm_gmult_v8:
+ ld1 {v17.2d},[x0]
+ movi v19.16b,#0xe1
+ ld1 {v20.2d,v21.2d},[x1]
+ shl v19.2d,v19.2d,#57
+
+ rev64 v17.16b,v17.16b
+
+ ext v3.16b,v17.16b,v17.16b,#8
+
+ pmull v0.1q,v20.1d,v3.1d
+ eor v17.16b,v17.16b,v3.16b
+ pmull2 v2.1q,v20.2d,v3.2d
+ pmull v1.1q,v21.1d,v17.1d
+
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ eor v1.16b,v1.16b,v18.16b
+ pmull v18.1q,v0.1d,v19.1d
+
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ eor v0.16b,v1.16b,v18.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ eor v0.16b,v0.16b,v18.16b
+
+
+ rev64 v0.16b,v0.16b
+
+ ext v0.16b,v0.16b,v0.16b,#8
+ st1 {v0.2d},[x0]
+
+ ret
+
+.globl _gcm_ghash_v8
+
+.align 4
+_gcm_ghash_v8:
+ cmp x3,#64
+ b.hs Lgcm_ghash_v8_4x
+ ld1 {v0.2d},[x0]
+
+
+
+
+
+ subs x3,x3,#32
+ mov x12,#16
+# 159 "lib/accelerated/aarch64/macosx/ghash-aarch64.s.tmp.S"
+ ld1 {v20.2d,v21.2d},[x1],#32
+ movi v19.16b,#0xe1
+ ld1 {v22.2d},[x1]
+ csel x12,xzr,x12,eq
+ ext v0.16b,v0.16b,v0.16b,#8
+ ld1 {v16.2d},[x2],#16
+ shl v19.2d,v19.2d,#57
+
+ rev64 v16.16b,v16.16b
+ rev64 v0.16b,v0.16b
+
+ ext v3.16b,v16.16b,v16.16b,#8
+ b.lo Lodd_tail_v8
+ ld1 {v17.2d},[x2],x12
+
+ rev64 v17.16b,v17.16b
+
+ ext v7.16b,v17.16b,v17.16b,#8
+ eor v3.16b,v3.16b,v0.16b
+ pmull v4.1q,v20.1d,v7.1d
+ eor v17.16b,v17.16b,v7.16b
+ pmull2 v6.1q,v20.2d,v7.2d
+ b Loop_mod2x_v8
+
+.align 4
+Loop_mod2x_v8:
+ ext v18.16b,v3.16b,v3.16b,#8
+ subs x3,x3,#32
+ pmull v0.1q,v22.1d,v3.1d
+ csel x12,xzr,x12,lo
+
+ pmull v5.1q,v21.1d,v17.1d
+ eor v18.16b,v18.16b,v3.16b
+ pmull2 v2.1q,v22.2d,v3.2d
+ eor v0.16b,v0.16b,v4.16b
+ pmull2 v1.1q,v21.2d,v18.2d
+ ld1 {v16.2d},[x2],x12
+
+ eor v2.16b,v2.16b,v6.16b
+ csel x12,xzr,x12,eq
+ eor v1.16b,v1.16b,v5.16b
+
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ ld1 {v17.2d},[x2],x12
+
+ rev64 v16.16b,v16.16b
+
+ eor v1.16b,v1.16b,v18.16b
+ pmull v18.1q,v0.1d,v19.1d
+
+
+ rev64 v17.16b,v17.16b
+
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ ext v7.16b,v17.16b,v17.16b,#8
+ ext v3.16b,v16.16b,v16.16b,#8
+ eor v0.16b,v1.16b,v18.16b
+ pmull v4.1q,v20.1d,v7.1d
+ eor v3.16b,v3.16b,v2.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v3.16b,v3.16b,v18.16b
+ eor v17.16b,v17.16b,v7.16b
+ eor v3.16b,v3.16b,v0.16b
+ pmull2 v6.1q,v20.2d,v7.2d
+ b.hs Loop_mod2x_v8
+
+ eor v2.16b,v2.16b,v18.16b
+ ext v3.16b,v16.16b,v16.16b,#8
+ adds x3,x3,#32
+ eor v0.16b,v0.16b,v2.16b
+ b.eq Ldone_v8
+Lodd_tail_v8:
+ ext v18.16b,v0.16b,v0.16b,#8
+ eor v3.16b,v3.16b,v0.16b
+ eor v17.16b,v16.16b,v18.16b
+
+ pmull v0.1q,v20.1d,v3.1d
+ eor v17.16b,v17.16b,v3.16b
+ pmull2 v2.1q,v20.2d,v3.2d
+ pmull v1.1q,v21.1d,v17.1d
+
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ eor v1.16b,v1.16b,v18.16b
+ pmull v18.1q,v0.1d,v19.1d
+
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ eor v0.16b,v1.16b,v18.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ eor v0.16b,v0.16b,v18.16b
+
+Ldone_v8:
+
+ rev64 v0.16b,v0.16b
+
+ ext v0.16b,v0.16b,v0.16b,#8
+ st1 {v0.2d},[x0]
+
+ ret
+
+
+.align 4
+gcm_ghash_v8_4x:
+Lgcm_ghash_v8_4x:
+ ld1 {v0.2d},[x0]
+ ld1 {v20.2d,v21.2d,v22.2d},[x1],#48
+ movi v19.16b,#0xe1
+ ld1 {v26.2d,v27.2d,v28.2d},[x1]
+ shl v19.2d,v19.2d,#57
+
+ ld1 {v4.2d,v5.2d,v6.2d,v7.2d},[x2],#64
+
+ rev64 v0.16b,v0.16b
+ rev64 v5.16b,v5.16b
+ rev64 v6.16b,v6.16b
+ rev64 v7.16b,v7.16b
+ rev64 v4.16b,v4.16b
+
+ ext v25.16b,v7.16b,v7.16b,#8
+ ext v24.16b,v6.16b,v6.16b,#8
+ ext v23.16b,v5.16b,v5.16b,#8
+
+ pmull v29.1q,v20.1d,v25.1d
+ eor v7.16b,v7.16b,v25.16b
+ pmull2 v31.1q,v20.2d,v25.2d
+ pmull v30.1q,v21.1d,v7.1d
+
+ pmull v16.1q,v22.1d,v24.1d
+ eor v6.16b,v6.16b,v24.16b
+ pmull2 v24.1q,v22.2d,v24.2d
+ pmull2 v6.1q,v21.2d,v6.2d
+
+ eor v29.16b,v29.16b,v16.16b
+ eor v31.16b,v31.16b,v24.16b
+ eor v30.16b,v30.16b,v6.16b
+
+ pmull v7.1q,v26.1d,v23.1d
+ eor v5.16b,v5.16b,v23.16b
+ pmull2 v23.1q,v26.2d,v23.2d
+ pmull v5.1q,v27.1d,v5.1d
+
+ eor v29.16b,v29.16b,v7.16b
+ eor v31.16b,v31.16b,v23.16b
+ eor v30.16b,v30.16b,v5.16b
+
+ subs x3,x3,#128
+ b.lo Ltail4x
+
+ b Loop4x
+
+.align 4
+Loop4x:
+ eor v16.16b,v4.16b,v0.16b
+ ld1 {v4.2d,v5.2d,v6.2d,v7.2d},[x2],#64
+ ext v3.16b,v16.16b,v16.16b,#8
+
+ rev64 v5.16b,v5.16b
+ rev64 v6.16b,v6.16b
+ rev64 v7.16b,v7.16b
+ rev64 v4.16b,v4.16b
+
+
+ pmull v0.1q,v28.1d,v3.1d
+ eor v16.16b,v16.16b,v3.16b
+ pmull2 v2.1q,v28.2d,v3.2d
+ ext v25.16b,v7.16b,v7.16b,#8
+ pmull2 v1.1q,v27.2d,v16.2d
+
+ eor v0.16b,v0.16b,v29.16b
+ eor v2.16b,v2.16b,v31.16b
+ ext v24.16b,v6.16b,v6.16b,#8
+ eor v1.16b,v1.16b,v30.16b
+ ext v23.16b,v5.16b,v5.16b,#8
+
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ pmull v29.1q,v20.1d,v25.1d
+ eor v7.16b,v7.16b,v25.16b
+ eor v1.16b,v1.16b,v17.16b
+ pmull2 v31.1q,v20.2d,v25.2d
+ eor v1.16b,v1.16b,v18.16b
+ pmull v30.1q,v21.1d,v7.1d
+
+ pmull v18.1q,v0.1d,v19.1d
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ pmull v16.1q,v22.1d,v24.1d
+ eor v6.16b,v6.16b,v24.16b
+ pmull2 v24.1q,v22.2d,v24.2d
+ eor v0.16b,v1.16b,v18.16b
+ pmull2 v6.1q,v21.2d,v6.2d
+
+ eor v29.16b,v29.16b,v16.16b
+ eor v31.16b,v31.16b,v24.16b
+ eor v30.16b,v30.16b,v6.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ pmull v7.1q,v26.1d,v23.1d
+ eor v5.16b,v5.16b,v23.16b
+ eor v18.16b,v18.16b,v2.16b
+ pmull2 v23.1q,v26.2d,v23.2d
+ pmull v5.1q,v27.1d,v5.1d
+
+ eor v0.16b,v0.16b,v18.16b
+ eor v29.16b,v29.16b,v7.16b
+ eor v31.16b,v31.16b,v23.16b
+ ext v0.16b,v0.16b,v0.16b,#8
+ eor v30.16b,v30.16b,v5.16b
+
+ subs x3,x3,#64
+ b.hs Loop4x
+
+Ltail4x:
+ eor v16.16b,v4.16b,v0.16b
+ ext v3.16b,v16.16b,v16.16b,#8
+
+ pmull v0.1q,v28.1d,v3.1d
+ eor v16.16b,v16.16b,v3.16b
+ pmull2 v2.1q,v28.2d,v3.2d
+ pmull2 v1.1q,v27.2d,v16.2d
+
+ eor v0.16b,v0.16b,v29.16b
+ eor v2.16b,v2.16b,v31.16b
+ eor v1.16b,v1.16b,v30.16b
+
+ adds x3,x3,#64
+ b.eq Ldone4x
+
+ cmp x3,#32
+ b.lo Lone
+ b.eq Ltwo
+Lthree:
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ ld1 {v4.2d,v5.2d,v6.2d},[x2]
+ eor v1.16b,v1.16b,v18.16b
+
+ rev64 v5.16b,v5.16b
+ rev64 v6.16b,v6.16b
+ rev64 v4.16b,v4.16b
+
+
+ pmull v18.1q,v0.1d,v19.1d
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ ext v24.16b,v6.16b,v6.16b,#8
+ ext v23.16b,v5.16b,v5.16b,#8
+ eor v0.16b,v1.16b,v18.16b
+
+ pmull v29.1q,v20.1d,v24.1d
+ eor v6.16b,v6.16b,v24.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ pmull2 v31.1q,v20.2d,v24.2d
+ pmull v30.1q,v21.1d,v6.1d
+ eor v0.16b,v0.16b,v18.16b
+ pmull v7.1q,v22.1d,v23.1d
+ eor v5.16b,v5.16b,v23.16b
+ ext v0.16b,v0.16b,v0.16b,#8
+
+ pmull2 v23.1q,v22.2d,v23.2d
+ eor v16.16b,v4.16b,v0.16b
+ pmull2 v5.1q,v21.2d,v5.2d
+ ext v3.16b,v16.16b,v16.16b,#8
+
+ eor v29.16b,v29.16b,v7.16b
+ eor v31.16b,v31.16b,v23.16b
+ eor v30.16b,v30.16b,v5.16b
+
+ pmull v0.1q,v26.1d,v3.1d
+ eor v16.16b,v16.16b,v3.16b
+ pmull2 v2.1q,v26.2d,v3.2d
+ pmull v1.1q,v27.1d,v16.1d
+
+ eor v0.16b,v0.16b,v29.16b
+ eor v2.16b,v2.16b,v31.16b
+ eor v1.16b,v1.16b,v30.16b
+ b Ldone4x
+
+.align 4
+Ltwo:
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ ld1 {v4.2d,v5.2d},[x2]
+ eor v1.16b,v1.16b,v18.16b
+
+ rev64 v5.16b,v5.16b
+ rev64 v4.16b,v4.16b
+
+
+ pmull v18.1q,v0.1d,v19.1d
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ ext v23.16b,v5.16b,v5.16b,#8
+ eor v0.16b,v1.16b,v18.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ eor v0.16b,v0.16b,v18.16b
+ ext v0.16b,v0.16b,v0.16b,#8
+
+ pmull v29.1q,v20.1d,v23.1d
+ eor v5.16b,v5.16b,v23.16b
+
+ eor v16.16b,v4.16b,v0.16b
+ ext v3.16b,v16.16b,v16.16b,#8
+
+ pmull2 v31.1q,v20.2d,v23.2d
+ pmull v30.1q,v21.1d,v5.1d
+
+ pmull v0.1q,v22.1d,v3.1d
+ eor v16.16b,v16.16b,v3.16b
+ pmull2 v2.1q,v22.2d,v3.2d
+ pmull2 v1.1q,v21.2d,v16.2d
+
+ eor v0.16b,v0.16b,v29.16b
+ eor v2.16b,v2.16b,v31.16b
+ eor v1.16b,v1.16b,v30.16b
+ b Ldone4x
+
+.align 4
+Lone:
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ ld1 {v4.2d},[x2]
+ eor v1.16b,v1.16b,v18.16b
+
+ rev64 v4.16b,v4.16b
+
+
+ pmull v18.1q,v0.1d,v19.1d
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ eor v0.16b,v1.16b,v18.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ eor v0.16b,v0.16b,v18.16b
+ ext v0.16b,v0.16b,v0.16b,#8
+
+ eor v16.16b,v4.16b,v0.16b
+ ext v3.16b,v16.16b,v16.16b,#8
+
+ pmull v0.1q,v20.1d,v3.1d
+ eor v16.16b,v16.16b,v3.16b
+ pmull2 v2.1q,v20.2d,v3.2d
+ pmull v1.1q,v21.1d,v16.1d
+
+Ldone4x:
+ ext v17.16b,v0.16b,v2.16b,#8
+ eor v18.16b,v0.16b,v2.16b
+ eor v1.16b,v1.16b,v17.16b
+ eor v1.16b,v1.16b,v18.16b
+
+ pmull v18.1q,v0.1d,v19.1d
+ ins v2.d[0],v1.d[1]
+ ins v1.d[1],v0.d[0]
+ eor v0.16b,v1.16b,v18.16b
+
+ ext v18.16b,v0.16b,v0.16b,#8
+ pmull v0.1q,v0.1d,v19.1d
+ eor v18.16b,v18.16b,v2.16b
+ eor v0.16b,v0.16b,v18.16b
+ ext v0.16b,v0.16b,v0.16b,#8
+
+
+ rev64 v0.16b,v0.16b
+
+ st1 {v0.2d},[x0]
+
+ ret
+
+.byte 71,72,65,83,72,32,102,111,114,32,65,82,77,118,56,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.align 2
+.align 2
diff --git a/lib/accelerated/aarch64/macosx/sha1-armv8.s b/lib/accelerated/aarch64/macosx/sha1-armv8.s
new file mode 100644
index 0000000..9b2bdf2
--- /dev/null
+++ b/lib/accelerated/aarch64/macosx/sha1-armv8.s
@@ -0,0 +1,1265 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+# 1 "lib/accelerated/aarch64/macosx/sha1-armv8.s.tmp.S"
+# 1 "<built-in>"
+# 1 "<command-line>"
+# 1 "lib/accelerated/aarch64/macosx/sha1-armv8.s.tmp.S"
+# 1 "lib/accelerated/aarch64/aarch64-common.h" 1
+# 2 "lib/accelerated/aarch64/macosx/sha1-armv8.s.tmp.S" 2
+
+.text
+
+
+.private_extern __gnutls_arm_cpuid_s
+.globl _sha1_block_data_order
+
+.align 6
+_sha1_block_data_order:
+
+
+
+ ldr x16,L_gnutls_arm_cpuid_s
+
+ adr x17,L_gnutls_arm_cpuid_s
+ add x16,x16,x17
+ ldr w16,[x16]
+ tst w16,#(1<<3)
+ b.ne Lv8_entry
+
+ stp x29,x30,[sp,#-96]!
+ add x29,sp,#0
+ stp x19,x20,[sp,#16]
+ stp x21,x22,[sp,#32]
+ stp x23,x24,[sp,#48]
+ stp x25,x26,[sp,#64]
+ stp x27,x28,[sp,#80]
+
+ ldp w20,w21,[x0]
+ ldp w22,w23,[x0,#8]
+ ldr w24,[x0,#16]
+
+Loop:
+ ldr x3,[x1],#64
+ movz w28,#0x7999
+ sub x2,x2,#1
+ movk w28,#0x5a82,lsl#16
+
+
+
+ rev32 x3,x3
+
+ add w24,w24,w28
+ add w24,w24,w3
+ lsr x4,x3,#32
+ ldr x5,[x1,#-56]
+ bic w25,w23,w21
+ and w26,w22,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ orr w25,w25,w26
+ add w24,w24,w27
+ ror w21,w21,#2
+ add w23,w23,w4
+ add w24,w24,w25
+
+
+
+ rev32 x5,x5
+
+ bic w25,w22,w20
+ and w26,w21,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ orr w25,w25,w26
+ add w23,w23,w27
+ ror w20,w20,#2
+ add w22,w22,w5
+ add w23,w23,w25
+ lsr x6,x5,#32
+ ldr x7,[x1,#-48]
+ bic w25,w21,w24
+ and w26,w20,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ orr w25,w25,w26
+ add w22,w22,w27
+ ror w24,w24,#2
+ add w21,w21,w6
+ add w22,w22,w25
+
+
+
+ rev32 x7,x7
+
+ bic w25,w20,w23
+ and w26,w24,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ orr w25,w25,w26
+ add w21,w21,w27
+ ror w23,w23,#2
+ add w20,w20,w7
+ add w21,w21,w25
+ lsr x8,x7,#32
+ ldr x9,[x1,#-40]
+ bic w25,w24,w22
+ and w26,w23,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ orr w25,w25,w26
+ add w20,w20,w27
+ ror w22,w22,#2
+ add w24,w24,w8
+ add w20,w20,w25
+
+
+
+ rev32 x9,x9
+
+ bic w25,w23,w21
+ and w26,w22,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ orr w25,w25,w26
+ add w24,w24,w27
+ ror w21,w21,#2
+ add w23,w23,w9
+ add w24,w24,w25
+ lsr x10,x9,#32
+ ldr x11,[x1,#-32]
+ bic w25,w22,w20
+ and w26,w21,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ orr w25,w25,w26
+ add w23,w23,w27
+ ror w20,w20,#2
+ add w22,w22,w10
+ add w23,w23,w25
+
+
+
+ rev32 x11,x11
+
+ bic w25,w21,w24
+ and w26,w20,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ orr w25,w25,w26
+ add w22,w22,w27
+ ror w24,w24,#2
+ add w21,w21,w11
+ add w22,w22,w25
+ lsr x12,x11,#32
+ ldr x13,[x1,#-24]
+ bic w25,w20,w23
+ and w26,w24,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ orr w25,w25,w26
+ add w21,w21,w27
+ ror w23,w23,#2
+ add w20,w20,w12
+ add w21,w21,w25
+
+
+
+ rev32 x13,x13
+
+ bic w25,w24,w22
+ and w26,w23,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ orr w25,w25,w26
+ add w20,w20,w27
+ ror w22,w22,#2
+ add w24,w24,w13
+ add w20,w20,w25
+ lsr x14,x13,#32
+ ldr x15,[x1,#-16]
+ bic w25,w23,w21
+ and w26,w22,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ orr w25,w25,w26
+ add w24,w24,w27
+ ror w21,w21,#2
+ add w23,w23,w14
+ add w24,w24,w25
+
+
+
+ rev32 x15,x15
+
+ bic w25,w22,w20
+ and w26,w21,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ orr w25,w25,w26
+ add w23,w23,w27
+ ror w20,w20,#2
+ add w22,w22,w15
+ add w23,w23,w25
+ lsr x16,x15,#32
+ ldr x17,[x1,#-8]
+ bic w25,w21,w24
+ and w26,w20,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ orr w25,w25,w26
+ add w22,w22,w27
+ ror w24,w24,#2
+ add w21,w21,w16
+ add w22,w22,w25
+
+
+
+ rev32 x17,x17
+
+ bic w25,w20,w23
+ and w26,w24,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ orr w25,w25,w26
+ add w21,w21,w27
+ ror w23,w23,#2
+ add w20,w20,w17
+ add w21,w21,w25
+ lsr x19,x17,#32
+ eor w3,w3,w5
+ bic w25,w24,w22
+ and w26,w23,w22
+ ror w27,w21,#27
+ eor w3,w3,w11
+ add w24,w24,w28
+ orr w25,w25,w26
+ add w20,w20,w27
+ eor w3,w3,w16
+ ror w22,w22,#2
+ add w24,w24,w19
+ add w20,w20,w25
+ ror w3,w3,#31
+ eor w4,w4,w6
+ bic w25,w23,w21
+ and w26,w22,w21
+ ror w27,w20,#27
+ eor w4,w4,w12
+ add w23,w23,w28
+ orr w25,w25,w26
+ add w24,w24,w27
+ eor w4,w4,w17
+ ror w21,w21,#2
+ add w23,w23,w3
+ add w24,w24,w25
+ ror w4,w4,#31
+ eor w5,w5,w7
+ bic w25,w22,w20
+ and w26,w21,w20
+ ror w27,w24,#27
+ eor w5,w5,w13
+ add w22,w22,w28
+ orr w25,w25,w26
+ add w23,w23,w27
+ eor w5,w5,w19
+ ror w20,w20,#2
+ add w22,w22,w4
+ add w23,w23,w25
+ ror w5,w5,#31
+ eor w6,w6,w8
+ bic w25,w21,w24
+ and w26,w20,w24
+ ror w27,w23,#27
+ eor w6,w6,w14
+ add w21,w21,w28
+ orr w25,w25,w26
+ add w22,w22,w27
+ eor w6,w6,w3
+ ror w24,w24,#2
+ add w21,w21,w5
+ add w22,w22,w25
+ ror w6,w6,#31
+ eor w7,w7,w9
+ bic w25,w20,w23
+ and w26,w24,w23
+ ror w27,w22,#27
+ eor w7,w7,w15
+ add w20,w20,w28
+ orr w25,w25,w26
+ add w21,w21,w27
+ eor w7,w7,w4
+ ror w23,w23,#2
+ add w20,w20,w6
+ add w21,w21,w25
+ ror w7,w7,#31
+ movz w28,#0xeba1
+ movk w28,#0x6ed9,lsl#16
+ eor w8,w8,w10
+ bic w25,w24,w22
+ and w26,w23,w22
+ ror w27,w21,#27
+ eor w8,w8,w16
+ add w24,w24,w28
+ orr w25,w25,w26
+ add w20,w20,w27
+ eor w8,w8,w5
+ ror w22,w22,#2
+ add w24,w24,w7
+ add w20,w20,w25
+ ror w8,w8,#31
+ eor w9,w9,w11
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w9,w9,w17
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w9,w9,w6
+ add w23,w23,w8
+ add w24,w24,w25
+ ror w9,w9,#31
+ eor w10,w10,w12
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w10,w10,w19
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w10,w10,w7
+ add w22,w22,w9
+ add w23,w23,w25
+ ror w10,w10,#31
+ eor w11,w11,w13
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w11,w11,w3
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w11,w11,w8
+ add w21,w21,w10
+ add w22,w22,w25
+ ror w11,w11,#31
+ eor w12,w12,w14
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w12,w12,w4
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ eor w12,w12,w9
+ add w20,w20,w11
+ add w21,w21,w25
+ ror w12,w12,#31
+ eor w13,w13,w15
+ eor w25,w24,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ eor w13,w13,w5
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ eor w13,w13,w10
+ add w24,w24,w12
+ add w20,w20,w25
+ ror w13,w13,#31
+ eor w14,w14,w16
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w14,w14,w6
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w14,w14,w11
+ add w23,w23,w13
+ add w24,w24,w25
+ ror w14,w14,#31
+ eor w15,w15,w17
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w15,w15,w7
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w15,w15,w12
+ add w22,w22,w14
+ add w23,w23,w25
+ ror w15,w15,#31
+ eor w16,w16,w19
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w16,w16,w8
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w16,w16,w13
+ add w21,w21,w15
+ add w22,w22,w25
+ ror w16,w16,#31
+ eor w17,w17,w3
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w17,w17,w9
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ eor w17,w17,w14
+ add w20,w20,w16
+ add w21,w21,w25
+ ror w17,w17,#31
+ eor w19,w19,w4
+ eor w25,w24,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ eor w19,w19,w10
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ eor w19,w19,w15
+ add w24,w24,w17
+ add w20,w20,w25
+ ror w19,w19,#31
+ eor w3,w3,w5
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w3,w3,w11
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w3,w3,w16
+ add w23,w23,w19
+ add w24,w24,w25
+ ror w3,w3,#31
+ eor w4,w4,w6
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w4,w4,w12
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w4,w4,w17
+ add w22,w22,w3
+ add w23,w23,w25
+ ror w4,w4,#31
+ eor w5,w5,w7
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w5,w5,w13
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w5,w5,w19
+ add w21,w21,w4
+ add w22,w22,w25
+ ror w5,w5,#31
+ eor w6,w6,w8
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w6,w6,w14
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ eor w6,w6,w3
+ add w20,w20,w5
+ add w21,w21,w25
+ ror w6,w6,#31
+ eor w7,w7,w9
+ eor w25,w24,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ eor w7,w7,w15
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ eor w7,w7,w4
+ add w24,w24,w6
+ add w20,w20,w25
+ ror w7,w7,#31
+ eor w8,w8,w10
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w8,w8,w16
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w8,w8,w5
+ add w23,w23,w7
+ add w24,w24,w25
+ ror w8,w8,#31
+ eor w9,w9,w11
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w9,w9,w17
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w9,w9,w6
+ add w22,w22,w8
+ add w23,w23,w25
+ ror w9,w9,#31
+ eor w10,w10,w12
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w10,w10,w19
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w10,w10,w7
+ add w21,w21,w9
+ add w22,w22,w25
+ ror w10,w10,#31
+ eor w11,w11,w13
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w11,w11,w3
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ eor w11,w11,w8
+ add w20,w20,w10
+ add w21,w21,w25
+ ror w11,w11,#31
+ movz w28,#0xbcdc
+ movk w28,#0x8f1b,lsl#16
+ eor w12,w12,w14
+ eor w25,w24,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ eor w12,w12,w4
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ eor w12,w12,w9
+ add w24,w24,w11
+ add w20,w20,w25
+ ror w12,w12,#31
+ orr w25,w21,w22
+ and w26,w21,w22
+ eor w13,w13,w15
+ ror w27,w20,#27
+ and w25,w25,w23
+ add w23,w23,w28
+ eor w13,w13,w5
+ add w24,w24,w27
+ orr w25,w25,w26
+ ror w21,w21,#2
+ eor w13,w13,w10
+ add w23,w23,w12
+ add w24,w24,w25
+ ror w13,w13,#31
+ orr w25,w20,w21
+ and w26,w20,w21
+ eor w14,w14,w16
+ ror w27,w24,#27
+ and w25,w25,w22
+ add w22,w22,w28
+ eor w14,w14,w6
+ add w23,w23,w27
+ orr w25,w25,w26
+ ror w20,w20,#2
+ eor w14,w14,w11
+ add w22,w22,w13
+ add w23,w23,w25
+ ror w14,w14,#31
+ orr w25,w24,w20
+ and w26,w24,w20
+ eor w15,w15,w17
+ ror w27,w23,#27
+ and w25,w25,w21
+ add w21,w21,w28
+ eor w15,w15,w7
+ add w22,w22,w27
+ orr w25,w25,w26
+ ror w24,w24,#2
+ eor w15,w15,w12
+ add w21,w21,w14
+ add w22,w22,w25
+ ror w15,w15,#31
+ orr w25,w23,w24
+ and w26,w23,w24
+ eor w16,w16,w19
+ ror w27,w22,#27
+ and w25,w25,w20
+ add w20,w20,w28
+ eor w16,w16,w8
+ add w21,w21,w27
+ orr w25,w25,w26
+ ror w23,w23,#2
+ eor w16,w16,w13
+ add w20,w20,w15
+ add w21,w21,w25
+ ror w16,w16,#31
+ orr w25,w22,w23
+ and w26,w22,w23
+ eor w17,w17,w3
+ ror w27,w21,#27
+ and w25,w25,w24
+ add w24,w24,w28
+ eor w17,w17,w9
+ add w20,w20,w27
+ orr w25,w25,w26
+ ror w22,w22,#2
+ eor w17,w17,w14
+ add w24,w24,w16
+ add w20,w20,w25
+ ror w17,w17,#31
+ orr w25,w21,w22
+ and w26,w21,w22
+ eor w19,w19,w4
+ ror w27,w20,#27
+ and w25,w25,w23
+ add w23,w23,w28
+ eor w19,w19,w10
+ add w24,w24,w27
+ orr w25,w25,w26
+ ror w21,w21,#2
+ eor w19,w19,w15
+ add w23,w23,w17
+ add w24,w24,w25
+ ror w19,w19,#31
+ orr w25,w20,w21
+ and w26,w20,w21
+ eor w3,w3,w5
+ ror w27,w24,#27
+ and w25,w25,w22
+ add w22,w22,w28
+ eor w3,w3,w11
+ add w23,w23,w27
+ orr w25,w25,w26
+ ror w20,w20,#2
+ eor w3,w3,w16
+ add w22,w22,w19
+ add w23,w23,w25
+ ror w3,w3,#31
+ orr w25,w24,w20
+ and w26,w24,w20
+ eor w4,w4,w6
+ ror w27,w23,#27
+ and w25,w25,w21
+ add w21,w21,w28
+ eor w4,w4,w12
+ add w22,w22,w27
+ orr w25,w25,w26
+ ror w24,w24,#2
+ eor w4,w4,w17
+ add w21,w21,w3
+ add w22,w22,w25
+ ror w4,w4,#31
+ orr w25,w23,w24
+ and w26,w23,w24
+ eor w5,w5,w7
+ ror w27,w22,#27
+ and w25,w25,w20
+ add w20,w20,w28
+ eor w5,w5,w13
+ add w21,w21,w27
+ orr w25,w25,w26
+ ror w23,w23,#2
+ eor w5,w5,w19
+ add w20,w20,w4
+ add w21,w21,w25
+ ror w5,w5,#31
+ orr w25,w22,w23
+ and w26,w22,w23
+ eor w6,w6,w8
+ ror w27,w21,#27
+ and w25,w25,w24
+ add w24,w24,w28
+ eor w6,w6,w14
+ add w20,w20,w27
+ orr w25,w25,w26
+ ror w22,w22,#2
+ eor w6,w6,w3
+ add w24,w24,w5
+ add w20,w20,w25
+ ror w6,w6,#31
+ orr w25,w21,w22
+ and w26,w21,w22
+ eor w7,w7,w9
+ ror w27,w20,#27
+ and w25,w25,w23
+ add w23,w23,w28
+ eor w7,w7,w15
+ add w24,w24,w27
+ orr w25,w25,w26
+ ror w21,w21,#2
+ eor w7,w7,w4
+ add w23,w23,w6
+ add w24,w24,w25
+ ror w7,w7,#31
+ orr w25,w20,w21
+ and w26,w20,w21
+ eor w8,w8,w10
+ ror w27,w24,#27
+ and w25,w25,w22
+ add w22,w22,w28
+ eor w8,w8,w16
+ add w23,w23,w27
+ orr w25,w25,w26
+ ror w20,w20,#2
+ eor w8,w8,w5
+ add w22,w22,w7
+ add w23,w23,w25
+ ror w8,w8,#31
+ orr w25,w24,w20
+ and w26,w24,w20
+ eor w9,w9,w11
+ ror w27,w23,#27
+ and w25,w25,w21
+ add w21,w21,w28
+ eor w9,w9,w17
+ add w22,w22,w27
+ orr w25,w25,w26
+ ror w24,w24,#2
+ eor w9,w9,w6
+ add w21,w21,w8
+ add w22,w22,w25
+ ror w9,w9,#31
+ orr w25,w23,w24
+ and w26,w23,w24
+ eor w10,w10,w12
+ ror w27,w22,#27
+ and w25,w25,w20
+ add w20,w20,w28
+ eor w10,w10,w19
+ add w21,w21,w27
+ orr w25,w25,w26
+ ror w23,w23,#2
+ eor w10,w10,w7
+ add w20,w20,w9
+ add w21,w21,w25
+ ror w10,w10,#31
+ orr w25,w22,w23
+ and w26,w22,w23
+ eor w11,w11,w13
+ ror w27,w21,#27
+ and w25,w25,w24
+ add w24,w24,w28
+ eor w11,w11,w3
+ add w20,w20,w27
+ orr w25,w25,w26
+ ror w22,w22,#2
+ eor w11,w11,w8
+ add w24,w24,w10
+ add w20,w20,w25
+ ror w11,w11,#31
+ orr w25,w21,w22
+ and w26,w21,w22
+ eor w12,w12,w14
+ ror w27,w20,#27
+ and w25,w25,w23
+ add w23,w23,w28
+ eor w12,w12,w4
+ add w24,w24,w27
+ orr w25,w25,w26
+ ror w21,w21,#2
+ eor w12,w12,w9
+ add w23,w23,w11
+ add w24,w24,w25
+ ror w12,w12,#31
+ orr w25,w20,w21
+ and w26,w20,w21
+ eor w13,w13,w15
+ ror w27,w24,#27
+ and w25,w25,w22
+ add w22,w22,w28
+ eor w13,w13,w5
+ add w23,w23,w27
+ orr w25,w25,w26
+ ror w20,w20,#2
+ eor w13,w13,w10
+ add w22,w22,w12
+ add w23,w23,w25
+ ror w13,w13,#31
+ orr w25,w24,w20
+ and w26,w24,w20
+ eor w14,w14,w16
+ ror w27,w23,#27
+ and w25,w25,w21
+ add w21,w21,w28
+ eor w14,w14,w6
+ add w22,w22,w27
+ orr w25,w25,w26
+ ror w24,w24,#2
+ eor w14,w14,w11
+ add w21,w21,w13
+ add w22,w22,w25
+ ror w14,w14,#31
+ orr w25,w23,w24
+ and w26,w23,w24
+ eor w15,w15,w17
+ ror w27,w22,#27
+ and w25,w25,w20
+ add w20,w20,w28
+ eor w15,w15,w7
+ add w21,w21,w27
+ orr w25,w25,w26
+ ror w23,w23,#2
+ eor w15,w15,w12
+ add w20,w20,w14
+ add w21,w21,w25
+ ror w15,w15,#31
+ movz w28,#0xc1d6
+ movk w28,#0xca62,lsl#16
+ orr w25,w22,w23
+ and w26,w22,w23
+ eor w16,w16,w19
+ ror w27,w21,#27
+ and w25,w25,w24
+ add w24,w24,w28
+ eor w16,w16,w8
+ add w20,w20,w27
+ orr w25,w25,w26
+ ror w22,w22,#2
+ eor w16,w16,w13
+ add w24,w24,w15
+ add w20,w20,w25
+ ror w16,w16,#31
+ eor w17,w17,w3
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w17,w17,w9
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w17,w17,w14
+ add w23,w23,w16
+ add w24,w24,w25
+ ror w17,w17,#31
+ eor w19,w19,w4
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w19,w19,w10
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w19,w19,w15
+ add w22,w22,w17
+ add w23,w23,w25
+ ror w19,w19,#31
+ eor w3,w3,w5
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w3,w3,w11
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w3,w3,w16
+ add w21,w21,w19
+ add w22,w22,w25
+ ror w3,w3,#31
+ eor w4,w4,w6
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w4,w4,w12
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ eor w4,w4,w17
+ add w20,w20,w3
+ add w21,w21,w25
+ ror w4,w4,#31
+ eor w5,w5,w7
+ eor w25,w24,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ eor w5,w5,w13
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ eor w5,w5,w19
+ add w24,w24,w4
+ add w20,w20,w25
+ ror w5,w5,#31
+ eor w6,w6,w8
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w6,w6,w14
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w6,w6,w3
+ add w23,w23,w5
+ add w24,w24,w25
+ ror w6,w6,#31
+ eor w7,w7,w9
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w7,w7,w15
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w7,w7,w4
+ add w22,w22,w6
+ add w23,w23,w25
+ ror w7,w7,#31
+ eor w8,w8,w10
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w8,w8,w16
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w8,w8,w5
+ add w21,w21,w7
+ add w22,w22,w25
+ ror w8,w8,#31
+ eor w9,w9,w11
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w9,w9,w17
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ eor w9,w9,w6
+ add w20,w20,w8
+ add w21,w21,w25
+ ror w9,w9,#31
+ eor w10,w10,w12
+ eor w25,w24,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ eor w10,w10,w19
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ eor w10,w10,w7
+ add w24,w24,w9
+ add w20,w20,w25
+ ror w10,w10,#31
+ eor w11,w11,w13
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w11,w11,w3
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w11,w11,w8
+ add w23,w23,w10
+ add w24,w24,w25
+ ror w11,w11,#31
+ eor w12,w12,w14
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w12,w12,w4
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w12,w12,w9
+ add w22,w22,w11
+ add w23,w23,w25
+ ror w12,w12,#31
+ eor w13,w13,w15
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w13,w13,w5
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w13,w13,w10
+ add w21,w21,w12
+ add w22,w22,w25
+ ror w13,w13,#31
+ eor w14,w14,w16
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w14,w14,w6
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ eor w14,w14,w11
+ add w20,w20,w13
+ add w21,w21,w25
+ ror w14,w14,#31
+ eor w15,w15,w17
+ eor w25,w24,w22
+ ror w27,w21,#27
+ add w24,w24,w28
+ eor w15,w15,w7
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ eor w15,w15,w12
+ add w24,w24,w14
+ add w20,w20,w25
+ ror w15,w15,#31
+ eor w16,w16,w19
+ eor w25,w23,w21
+ ror w27,w20,#27
+ add w23,w23,w28
+ eor w16,w16,w8
+ eor w25,w25,w22
+ add w24,w24,w27
+ ror w21,w21,#2
+ eor w16,w16,w13
+ add w23,w23,w15
+ add w24,w24,w25
+ ror w16,w16,#31
+ eor w17,w17,w3
+ eor w25,w22,w20
+ ror w27,w24,#27
+ add w22,w22,w28
+ eor w17,w17,w9
+ eor w25,w25,w21
+ add w23,w23,w27
+ ror w20,w20,#2
+ eor w17,w17,w14
+ add w22,w22,w16
+ add w23,w23,w25
+ ror w17,w17,#31
+ eor w19,w19,w4
+ eor w25,w21,w24
+ ror w27,w23,#27
+ add w21,w21,w28
+ eor w19,w19,w10
+ eor w25,w25,w20
+ add w22,w22,w27
+ ror w24,w24,#2
+ eor w19,w19,w15
+ add w21,w21,w17
+ add w22,w22,w25
+ ror w19,w19,#31
+ ldp w4,w5,[x0]
+ eor w25,w20,w23
+ ror w27,w22,#27
+ add w20,w20,w28
+ eor w25,w25,w24
+ add w21,w21,w27
+ ror w23,w23,#2
+ add w20,w20,w19
+ add w21,w21,w25
+ ldp w6,w7,[x0,#8]
+ eor w25,w24,w22
+ ror w27,w21,#27
+ eor w25,w25,w23
+ add w20,w20,w27
+ ror w22,w22,#2
+ ldr w8,[x0,#16]
+ add w20,w20,w25
+ add w21,w21,w5
+ add w22,w22,w6
+ add w20,w20,w4
+ add w23,w23,w7
+ add w24,w24,w8
+ stp w20,w21,[x0]
+ stp w22,w23,[x0,#8]
+ str w24,[x0,#16]
+ cbnz x2,Loop
+
+ ldp x19,x20,[sp,#16]
+ ldp x21,x22,[sp,#32]
+ ldp x23,x24,[sp,#48]
+ ldp x25,x26,[sp,#64]
+ ldp x27,x28,[sp,#80]
+ ldr x29,[sp],#96
+ ret
+
+
+.align 6
+sha1_block_armv8:
+Lv8_entry:
+ stp x29,x30,[sp,#-16]!
+ add x29,sp,#0
+
+ adr x4,Lconst
+ eor v1.16b,v1.16b,v1.16b
+ ld1 {v0.4s},[x0],#16
+ ld1 {v1.s}[0],[x0]
+ sub x0,x0,#16
+ ld1 {v16.4s,v17.4s,v18.4s,v19.4s},[x4]
+
+Loop_hw:
+ ld1 {v4.16b,v5.16b,v6.16b,v7.16b},[x1],#64
+ sub x2,x2,#1
+ rev32 v4.16b,v4.16b
+ rev32 v5.16b,v5.16b
+
+ add v20.4s,v16.4s,v4.4s
+ rev32 v6.16b,v6.16b
+ orr v22.16b,v0.16b,v0.16b
+
+ add v21.4s,v16.4s,v5.4s
+ rev32 v7.16b,v7.16b
+.long 0x5e280803
+.long 0x5e140020
+ add v20.4s,v16.4s,v6.4s
+.long 0x5e0630a4
+.long 0x5e280802
+.long 0x5e150060
+ add v21.4s,v16.4s,v7.4s
+.long 0x5e2818e4
+.long 0x5e0730c5
+.long 0x5e280803
+.long 0x5e140040
+ add v20.4s,v16.4s,v4.4s
+.long 0x5e281885
+.long 0x5e0430e6
+.long 0x5e280802
+.long 0x5e150060
+ add v21.4s,v17.4s,v5.4s
+.long 0x5e2818a6
+.long 0x5e053087
+.long 0x5e280803
+.long 0x5e140040
+ add v20.4s,v17.4s,v6.4s
+.long 0x5e2818c7
+.long 0x5e0630a4
+.long 0x5e280802
+.long 0x5e151060
+ add v21.4s,v17.4s,v7.4s
+.long 0x5e2818e4
+.long 0x5e0730c5
+.long 0x5e280803
+.long 0x5e141040
+ add v20.4s,v17.4s,v4.4s
+.long 0x5e281885
+.long 0x5e0430e6
+.long 0x5e280802
+.long 0x5e151060
+ add v21.4s,v17.4s,v5.4s
+.long 0x5e2818a6
+.long 0x5e053087
+.long 0x5e280803
+.long 0x5e141040
+ add v20.4s,v18.4s,v6.4s
+.long 0x5e2818c7
+.long 0x5e0630a4
+.long 0x5e280802
+.long 0x5e151060
+ add v21.4s,v18.4s,v7.4s
+.long 0x5e2818e4
+.long 0x5e0730c5
+.long 0x5e280803
+.long 0x5e142040
+ add v20.4s,v18.4s,v4.4s
+.long 0x5e281885
+.long 0x5e0430e6
+.long 0x5e280802
+.long 0x5e152060
+ add v21.4s,v18.4s,v5.4s
+.long 0x5e2818a6
+.long 0x5e053087
+.long 0x5e280803
+.long 0x5e142040
+ add v20.4s,v18.4s,v6.4s
+.long 0x5e2818c7
+.long 0x5e0630a4
+.long 0x5e280802
+.long 0x5e152060
+ add v21.4s,v19.4s,v7.4s
+.long 0x5e2818e4
+.long 0x5e0730c5
+.long 0x5e280803
+.long 0x5e142040
+ add v20.4s,v19.4s,v4.4s
+.long 0x5e281885
+.long 0x5e0430e6
+.long 0x5e280802
+.long 0x5e151060
+ add v21.4s,v19.4s,v5.4s
+.long 0x5e2818a6
+.long 0x5e053087
+.long 0x5e280803
+.long 0x5e141040
+ add v20.4s,v19.4s,v6.4s
+.long 0x5e2818c7
+.long 0x5e280802
+.long 0x5e151060
+ add v21.4s,v19.4s,v7.4s
+
+.long 0x5e280803
+.long 0x5e141040
+
+.long 0x5e280802
+.long 0x5e151060
+
+ add v1.4s,v1.4s,v2.4s
+ add v0.4s,v0.4s,v22.4s
+
+ cbnz x2,Loop_hw
+
+ st1 {v0.4s},[x0],#16
+ st1 {v1.s}[0],[x0]
+
+ ldr x29,[sp],#16
+ ret
+
+.align 6
+Lconst:
+.long 0x5a827999,0x5a827999,0x5a827999,0x5a827999
+.long 0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1
+.long 0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc
+.long 0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6
+L_gnutls_arm_cpuid_s:
+
+
+
+.quad __gnutls_arm_cpuid_s-.
+
+.byte 83,72,65,49,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,65,82,77,118,56,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.align 2
+.align 2
diff --git a/lib/accelerated/aarch64/macosx/sha256-armv8.s b/lib/accelerated/aarch64/macosx/sha256-armv8.s
new file mode 100644
index 0000000..3ee6bef
--- /dev/null
+++ b/lib/accelerated/aarch64/macosx/sha256-armv8.s
@@ -0,0 +1,2052 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+# 1 "lib/accelerated/aarch64/macosx/sha256-armv8.s.tmp.S"
+# 1 "<built-in>"
+# 1 "<command-line>"
+# 1 "lib/accelerated/aarch64/macosx/sha256-armv8.s.tmp.S"
+# 56 "lib/accelerated/aarch64/macosx/sha256-armv8.s.tmp.S"
+# 1 "lib/accelerated/aarch64/aarch64-common.h" 1
+# 57 "lib/accelerated/aarch64/macosx/sha256-armv8.s.tmp.S" 2
+
+
+.text
+
+
+.private_extern __gnutls_arm_cpuid_s
+.globl _sha256_block_data_order
+
+.align 6
+_sha256_block_data_order:
+
+
+
+
+ ldr x16,L_gnutls_arm_cpuid_s
+
+ adr x17,L_gnutls_arm_cpuid_s
+ add x16,x16,x17
+ ldr w16,[x16]
+ tst w16,#(1<<4)
+ b.ne Lv8_entry
+ tst w16,#(1<<0)
+ b.ne Lneon_entry
+
+.long 0xd503233f
+ stp x29,x30,[sp,#-128]!
+ add x29,sp,#0
+
+ stp x19,x20,[sp,#16]
+ stp x21,x22,[sp,#32]
+ stp x23,x24,[sp,#48]
+ stp x25,x26,[sp,#64]
+ stp x27,x28,[sp,#80]
+ sub sp,sp,#4*4
+
+ ldp w20,w21,[x0]
+ ldp w22,w23,[x0,#2*4]
+ ldp w24,w25,[x0,#4*4]
+ add x2,x1,x2,lsl#6
+ ldp w26,w27,[x0,#6*4]
+ adr x30,LK256
+ stp x0,x2,[x29,#96]
+
+Loop:
+ ldp w3,w4,[x1],#2*4
+ ldr w19,[x30],#4
+ eor w28,w21,w22
+ str x1,[x29,#112]
+
+ rev w3,w3
+
+ ror w16,w24,#6
+ add w27,w27,w19
+ eor w6,w24,w24,ror#14
+ and w17,w25,w24
+ bic w19,w26,w24
+ add w27,w27,w3
+ orr w17,w17,w19
+ eor w19,w20,w21
+ eor w16,w16,w6,ror#11
+ ror w6,w20,#2
+ add w27,w27,w17
+ eor w17,w20,w20,ror#9
+ add w27,w27,w16
+ and w28,w28,w19
+ add w23,w23,w27
+ eor w28,w28,w21
+ eor w17,w6,w17,ror#13
+ add w27,w27,w28
+ ldr w28,[x30],#4
+
+
+ rev w4,w4
+
+ ldp w5,w6,[x1],#2*4
+ add w27,w27,w17
+ ror w16,w23,#6
+ add w26,w26,w28
+ eor w7,w23,w23,ror#14
+ and w17,w24,w23
+ bic w28,w25,w23
+ add w26,w26,w4
+ orr w17,w17,w28
+ eor w28,w27,w20
+ eor w16,w16,w7,ror#11
+ ror w7,w27,#2
+ add w26,w26,w17
+ eor w17,w27,w27,ror#9
+ add w26,w26,w16
+ and w19,w19,w28
+ add w22,w22,w26
+ eor w19,w19,w20
+ eor w17,w7,w17,ror#13
+ add w26,w26,w19
+ ldr w19,[x30],#4
+
+
+ rev w5,w5
+
+ add w26,w26,w17
+ ror w16,w22,#6
+ add w25,w25,w19
+ eor w8,w22,w22,ror#14
+ and w17,w23,w22
+ bic w19,w24,w22
+ add w25,w25,w5
+ orr w17,w17,w19
+ eor w19,w26,w27
+ eor w16,w16,w8,ror#11
+ ror w8,w26,#2
+ add w25,w25,w17
+ eor w17,w26,w26,ror#9
+ add w25,w25,w16
+ and w28,w28,w19
+ add w21,w21,w25
+ eor w28,w28,w27
+ eor w17,w8,w17,ror#13
+ add w25,w25,w28
+ ldr w28,[x30],#4
+
+
+ rev w6,w6
+
+ ldp w7,w8,[x1],#2*4
+ add w25,w25,w17
+ ror w16,w21,#6
+ add w24,w24,w28
+ eor w9,w21,w21,ror#14
+ and w17,w22,w21
+ bic w28,w23,w21
+ add w24,w24,w6
+ orr w17,w17,w28
+ eor w28,w25,w26
+ eor w16,w16,w9,ror#11
+ ror w9,w25,#2
+ add w24,w24,w17
+ eor w17,w25,w25,ror#9
+ add w24,w24,w16
+ and w19,w19,w28
+ add w20,w20,w24
+ eor w19,w19,w26
+ eor w17,w9,w17,ror#13
+ add w24,w24,w19
+ ldr w19,[x30],#4
+
+
+ rev w7,w7
+
+ add w24,w24,w17
+ ror w16,w20,#6
+ add w23,w23,w19
+ eor w10,w20,w20,ror#14
+ and w17,w21,w20
+ bic w19,w22,w20
+ add w23,w23,w7
+ orr w17,w17,w19
+ eor w19,w24,w25
+ eor w16,w16,w10,ror#11
+ ror w10,w24,#2
+ add w23,w23,w17
+ eor w17,w24,w24,ror#9
+ add w23,w23,w16
+ and w28,w28,w19
+ add w27,w27,w23
+ eor w28,w28,w25
+ eor w17,w10,w17,ror#13
+ add w23,w23,w28
+ ldr w28,[x30],#4
+
+
+ rev w8,w8
+
+ ldp w9,w10,[x1],#2*4
+ add w23,w23,w17
+ ror w16,w27,#6
+ add w22,w22,w28
+ eor w11,w27,w27,ror#14
+ and w17,w20,w27
+ bic w28,w21,w27
+ add w22,w22,w8
+ orr w17,w17,w28
+ eor w28,w23,w24
+ eor w16,w16,w11,ror#11
+ ror w11,w23,#2
+ add w22,w22,w17
+ eor w17,w23,w23,ror#9
+ add w22,w22,w16
+ and w19,w19,w28
+ add w26,w26,w22
+ eor w19,w19,w24
+ eor w17,w11,w17,ror#13
+ add w22,w22,w19
+ ldr w19,[x30],#4
+
+
+ rev w9,w9
+
+ add w22,w22,w17
+ ror w16,w26,#6
+ add w21,w21,w19
+ eor w12,w26,w26,ror#14
+ and w17,w27,w26
+ bic w19,w20,w26
+ add w21,w21,w9
+ orr w17,w17,w19
+ eor w19,w22,w23
+ eor w16,w16,w12,ror#11
+ ror w12,w22,#2
+ add w21,w21,w17
+ eor w17,w22,w22,ror#9
+ add w21,w21,w16
+ and w28,w28,w19
+ add w25,w25,w21
+ eor w28,w28,w23
+ eor w17,w12,w17,ror#13
+ add w21,w21,w28
+ ldr w28,[x30],#4
+
+
+ rev w10,w10
+
+ ldp w11,w12,[x1],#2*4
+ add w21,w21,w17
+ ror w16,w25,#6
+ add w20,w20,w28
+ eor w13,w25,w25,ror#14
+ and w17,w26,w25
+ bic w28,w27,w25
+ add w20,w20,w10
+ orr w17,w17,w28
+ eor w28,w21,w22
+ eor w16,w16,w13,ror#11
+ ror w13,w21,#2
+ add w20,w20,w17
+ eor w17,w21,w21,ror#9
+ add w20,w20,w16
+ and w19,w19,w28
+ add w24,w24,w20
+ eor w19,w19,w22
+ eor w17,w13,w17,ror#13
+ add w20,w20,w19
+ ldr w19,[x30],#4
+
+
+ rev w11,w11
+
+ add w20,w20,w17
+ ror w16,w24,#6
+ add w27,w27,w19
+ eor w14,w24,w24,ror#14
+ and w17,w25,w24
+ bic w19,w26,w24
+ add w27,w27,w11
+ orr w17,w17,w19
+ eor w19,w20,w21
+ eor w16,w16,w14,ror#11
+ ror w14,w20,#2
+ add w27,w27,w17
+ eor w17,w20,w20,ror#9
+ add w27,w27,w16
+ and w28,w28,w19
+ add w23,w23,w27
+ eor w28,w28,w21
+ eor w17,w14,w17,ror#13
+ add w27,w27,w28
+ ldr w28,[x30],#4
+
+
+ rev w12,w12
+
+ ldp w13,w14,[x1],#2*4
+ add w27,w27,w17
+ ror w16,w23,#6
+ add w26,w26,w28
+ eor w15,w23,w23,ror#14
+ and w17,w24,w23
+ bic w28,w25,w23
+ add w26,w26,w12
+ orr w17,w17,w28
+ eor w28,w27,w20
+ eor w16,w16,w15,ror#11
+ ror w15,w27,#2
+ add w26,w26,w17
+ eor w17,w27,w27,ror#9
+ add w26,w26,w16
+ and w19,w19,w28
+ add w22,w22,w26
+ eor w19,w19,w20
+ eor w17,w15,w17,ror#13
+ add w26,w26,w19
+ ldr w19,[x30],#4
+
+
+ rev w13,w13
+
+ add w26,w26,w17
+ ror w16,w22,#6
+ add w25,w25,w19
+ eor w0,w22,w22,ror#14
+ and w17,w23,w22
+ bic w19,w24,w22
+ add w25,w25,w13
+ orr w17,w17,w19
+ eor w19,w26,w27
+ eor w16,w16,w0,ror#11
+ ror w0,w26,#2
+ add w25,w25,w17
+ eor w17,w26,w26,ror#9
+ add w25,w25,w16
+ and w28,w28,w19
+ add w21,w21,w25
+ eor w28,w28,w27
+ eor w17,w0,w17,ror#13
+ add w25,w25,w28
+ ldr w28,[x30],#4
+
+
+ rev w14,w14
+
+ ldp w15,w0,[x1],#2*4
+ add w25,w25,w17
+ str w6,[sp,#12]
+ ror w16,w21,#6
+ add w24,w24,w28
+ eor w6,w21,w21,ror#14
+ and w17,w22,w21
+ bic w28,w23,w21
+ add w24,w24,w14
+ orr w17,w17,w28
+ eor w28,w25,w26
+ eor w16,w16,w6,ror#11
+ ror w6,w25,#2
+ add w24,w24,w17
+ eor w17,w25,w25,ror#9
+ add w24,w24,w16
+ and w19,w19,w28
+ add w20,w20,w24
+ eor w19,w19,w26
+ eor w17,w6,w17,ror#13
+ add w24,w24,w19
+ ldr w19,[x30],#4
+
+
+ rev w15,w15
+
+ add w24,w24,w17
+ str w7,[sp,#0]
+ ror w16,w20,#6
+ add w23,w23,w19
+ eor w7,w20,w20,ror#14
+ and w17,w21,w20
+ bic w19,w22,w20
+ add w23,w23,w15
+ orr w17,w17,w19
+ eor w19,w24,w25
+ eor w16,w16,w7,ror#11
+ ror w7,w24,#2
+ add w23,w23,w17
+ eor w17,w24,w24,ror#9
+ add w23,w23,w16
+ and w28,w28,w19
+ add w27,w27,w23
+ eor w28,w28,w25
+ eor w17,w7,w17,ror#13
+ add w23,w23,w28
+ ldr w28,[x30],#4
+
+
+ rev w0,w0
+
+ ldp w1,w2,[x1]
+ add w23,w23,w17
+ str w8,[sp,#4]
+ ror w16,w27,#6
+ add w22,w22,w28
+ eor w8,w27,w27,ror#14
+ and w17,w20,w27
+ bic w28,w21,w27
+ add w22,w22,w0
+ orr w17,w17,w28
+ eor w28,w23,w24
+ eor w16,w16,w8,ror#11
+ ror w8,w23,#2
+ add w22,w22,w17
+ eor w17,w23,w23,ror#9
+ add w22,w22,w16
+ and w19,w19,w28
+ add w26,w26,w22
+ eor w19,w19,w24
+ eor w17,w8,w17,ror#13
+ add w22,w22,w19
+ ldr w19,[x30],#4
+
+
+ rev w1,w1
+
+ ldr w6,[sp,#12]
+ add w22,w22,w17
+ str w9,[sp,#8]
+ ror w16,w26,#6
+ add w21,w21,w19
+ eor w9,w26,w26,ror#14
+ and w17,w27,w26
+ bic w19,w20,w26
+ add w21,w21,w1
+ orr w17,w17,w19
+ eor w19,w22,w23
+ eor w16,w16,w9,ror#11
+ ror w9,w22,#2
+ add w21,w21,w17
+ eor w17,w22,w22,ror#9
+ add w21,w21,w16
+ and w28,w28,w19
+ add w25,w25,w21
+ eor w28,w28,w23
+ eor w17,w9,w17,ror#13
+ add w21,w21,w28
+ ldr w28,[x30],#4
+
+
+ rev w2,w2
+
+ ldr w7,[sp,#0]
+ add w21,w21,w17
+ str w10,[sp,#12]
+ ror w16,w25,#6
+ add w20,w20,w28
+ ror w9,w4,#7
+ and w17,w26,w25
+ ror w8,w1,#17
+ bic w28,w27,w25
+ ror w10,w21,#2
+ add w20,w20,w2
+ eor w16,w16,w25,ror#11
+ eor w9,w9,w4,ror#18
+ orr w17,w17,w28
+ eor w28,w21,w22
+ eor w16,w16,w25,ror#25
+ eor w10,w10,w21,ror#13
+ add w20,w20,w17
+ and w19,w19,w28
+ eor w8,w8,w1,ror#19
+ eor w9,w9,w4,lsr#3
+ add w20,w20,w16
+ eor w19,w19,w22
+ eor w17,w10,w21,ror#22
+ eor w8,w8,w1,lsr#10
+ add w3,w3,w12
+ add w24,w24,w20
+ add w20,w20,w19
+ ldr w19,[x30],#4
+ add w3,w3,w9
+ add w20,w20,w17
+ add w3,w3,w8
+Loop_16_xx:
+ ldr w8,[sp,#4]
+ str w11,[sp,#0]
+ ror w16,w24,#6
+ add w27,w27,w19
+ ror w10,w5,#7
+ and w17,w25,w24
+ ror w9,w2,#17
+ bic w19,w26,w24
+ ror w11,w20,#2
+ add w27,w27,w3
+ eor w16,w16,w24,ror#11
+ eor w10,w10,w5,ror#18
+ orr w17,w17,w19
+ eor w19,w20,w21
+ eor w16,w16,w24,ror#25
+ eor w11,w11,w20,ror#13
+ add w27,w27,w17
+ and w28,w28,w19
+ eor w9,w9,w2,ror#19
+ eor w10,w10,w5,lsr#3
+ add w27,w27,w16
+ eor w28,w28,w21
+ eor w17,w11,w20,ror#22
+ eor w9,w9,w2,lsr#10
+ add w4,w4,w13
+ add w23,w23,w27
+ add w27,w27,w28
+ ldr w28,[x30],#4
+ add w4,w4,w10
+ add w27,w27,w17
+ add w4,w4,w9
+ ldr w9,[sp,#8]
+ str w12,[sp,#4]
+ ror w16,w23,#6
+ add w26,w26,w28
+ ror w11,w6,#7
+ and w17,w24,w23
+ ror w10,w3,#17
+ bic w28,w25,w23
+ ror w12,w27,#2
+ add w26,w26,w4
+ eor w16,w16,w23,ror#11
+ eor w11,w11,w6,ror#18
+ orr w17,w17,w28
+ eor w28,w27,w20
+ eor w16,w16,w23,ror#25
+ eor w12,w12,w27,ror#13
+ add w26,w26,w17
+ and w19,w19,w28
+ eor w10,w10,w3,ror#19
+ eor w11,w11,w6,lsr#3
+ add w26,w26,w16
+ eor w19,w19,w20
+ eor w17,w12,w27,ror#22
+ eor w10,w10,w3,lsr#10
+ add w5,w5,w14
+ add w22,w22,w26
+ add w26,w26,w19
+ ldr w19,[x30],#4
+ add w5,w5,w11
+ add w26,w26,w17
+ add w5,w5,w10
+ ldr w10,[sp,#12]
+ str w13,[sp,#8]
+ ror w16,w22,#6
+ add w25,w25,w19
+ ror w12,w7,#7
+ and w17,w23,w22
+ ror w11,w4,#17
+ bic w19,w24,w22
+ ror w13,w26,#2
+ add w25,w25,w5
+ eor w16,w16,w22,ror#11
+ eor w12,w12,w7,ror#18
+ orr w17,w17,w19
+ eor w19,w26,w27
+ eor w16,w16,w22,ror#25
+ eor w13,w13,w26,ror#13
+ add w25,w25,w17
+ and w28,w28,w19
+ eor w11,w11,w4,ror#19
+ eor w12,w12,w7,lsr#3
+ add w25,w25,w16
+ eor w28,w28,w27
+ eor w17,w13,w26,ror#22
+ eor w11,w11,w4,lsr#10
+ add w6,w6,w15
+ add w21,w21,w25
+ add w25,w25,w28
+ ldr w28,[x30],#4
+ add w6,w6,w12
+ add w25,w25,w17
+ add w6,w6,w11
+ ldr w11,[sp,#0]
+ str w14,[sp,#12]
+ ror w16,w21,#6
+ add w24,w24,w28
+ ror w13,w8,#7
+ and w17,w22,w21
+ ror w12,w5,#17
+ bic w28,w23,w21
+ ror w14,w25,#2
+ add w24,w24,w6
+ eor w16,w16,w21,ror#11
+ eor w13,w13,w8,ror#18
+ orr w17,w17,w28
+ eor w28,w25,w26
+ eor w16,w16,w21,ror#25
+ eor w14,w14,w25,ror#13
+ add w24,w24,w17
+ and w19,w19,w28
+ eor w12,w12,w5,ror#19
+ eor w13,w13,w8,lsr#3
+ add w24,w24,w16
+ eor w19,w19,w26
+ eor w17,w14,w25,ror#22
+ eor w12,w12,w5,lsr#10
+ add w7,w7,w0
+ add w20,w20,w24
+ add w24,w24,w19
+ ldr w19,[x30],#4
+ add w7,w7,w13
+ add w24,w24,w17
+ add w7,w7,w12
+ ldr w12,[sp,#4]
+ str w15,[sp,#0]
+ ror w16,w20,#6
+ add w23,w23,w19
+ ror w14,w9,#7
+ and w17,w21,w20
+ ror w13,w6,#17
+ bic w19,w22,w20
+ ror w15,w24,#2
+ add w23,w23,w7
+ eor w16,w16,w20,ror#11
+ eor w14,w14,w9,ror#18
+ orr w17,w17,w19
+ eor w19,w24,w25
+ eor w16,w16,w20,ror#25
+ eor w15,w15,w24,ror#13
+ add w23,w23,w17
+ and w28,w28,w19
+ eor w13,w13,w6,ror#19
+ eor w14,w14,w9,lsr#3
+ add w23,w23,w16
+ eor w28,w28,w25
+ eor w17,w15,w24,ror#22
+ eor w13,w13,w6,lsr#10
+ add w8,w8,w1
+ add w27,w27,w23
+ add w23,w23,w28
+ ldr w28,[x30],#4
+ add w8,w8,w14
+ add w23,w23,w17
+ add w8,w8,w13
+ ldr w13,[sp,#8]
+ str w0,[sp,#4]
+ ror w16,w27,#6
+ add w22,w22,w28
+ ror w15,w10,#7
+ and w17,w20,w27
+ ror w14,w7,#17
+ bic w28,w21,w27
+ ror w0,w23,#2
+ add w22,w22,w8
+ eor w16,w16,w27,ror#11
+ eor w15,w15,w10,ror#18
+ orr w17,w17,w28
+ eor w28,w23,w24
+ eor w16,w16,w27,ror#25
+ eor w0,w0,w23,ror#13
+ add w22,w22,w17
+ and w19,w19,w28
+ eor w14,w14,w7,ror#19
+ eor w15,w15,w10,lsr#3
+ add w22,w22,w16
+ eor w19,w19,w24
+ eor w17,w0,w23,ror#22
+ eor w14,w14,w7,lsr#10
+ add w9,w9,w2
+ add w26,w26,w22
+ add w22,w22,w19
+ ldr w19,[x30],#4
+ add w9,w9,w15
+ add w22,w22,w17
+ add w9,w9,w14
+ ldr w14,[sp,#12]
+ str w1,[sp,#8]
+ ror w16,w26,#6
+ add w21,w21,w19
+ ror w0,w11,#7
+ and w17,w27,w26
+ ror w15,w8,#17
+ bic w19,w20,w26
+ ror w1,w22,#2
+ add w21,w21,w9
+ eor w16,w16,w26,ror#11
+ eor w0,w0,w11,ror#18
+ orr w17,w17,w19
+ eor w19,w22,w23
+ eor w16,w16,w26,ror#25
+ eor w1,w1,w22,ror#13
+ add w21,w21,w17
+ and w28,w28,w19
+ eor w15,w15,w8,ror#19
+ eor w0,w0,w11,lsr#3
+ add w21,w21,w16
+ eor w28,w28,w23
+ eor w17,w1,w22,ror#22
+ eor w15,w15,w8,lsr#10
+ add w10,w10,w3
+ add w25,w25,w21
+ add w21,w21,w28
+ ldr w28,[x30],#4
+ add w10,w10,w0
+ add w21,w21,w17
+ add w10,w10,w15
+ ldr w15,[sp,#0]
+ str w2,[sp,#12]
+ ror w16,w25,#6
+ add w20,w20,w28
+ ror w1,w12,#7
+ and w17,w26,w25
+ ror w0,w9,#17
+ bic w28,w27,w25
+ ror w2,w21,#2
+ add w20,w20,w10
+ eor w16,w16,w25,ror#11
+ eor w1,w1,w12,ror#18
+ orr w17,w17,w28
+ eor w28,w21,w22
+ eor w16,w16,w25,ror#25
+ eor w2,w2,w21,ror#13
+ add w20,w20,w17
+ and w19,w19,w28
+ eor w0,w0,w9,ror#19
+ eor w1,w1,w12,lsr#3
+ add w20,w20,w16
+ eor w19,w19,w22
+ eor w17,w2,w21,ror#22
+ eor w0,w0,w9,lsr#10
+ add w11,w11,w4
+ add w24,w24,w20
+ add w20,w20,w19
+ ldr w19,[x30],#4
+ add w11,w11,w1
+ add w20,w20,w17
+ add w11,w11,w0
+ ldr w0,[sp,#4]
+ str w3,[sp,#0]
+ ror w16,w24,#6
+ add w27,w27,w19
+ ror w2,w13,#7
+ and w17,w25,w24
+ ror w1,w10,#17
+ bic w19,w26,w24
+ ror w3,w20,#2
+ add w27,w27,w11
+ eor w16,w16,w24,ror#11
+ eor w2,w2,w13,ror#18
+ orr w17,w17,w19
+ eor w19,w20,w21
+ eor w16,w16,w24,ror#25
+ eor w3,w3,w20,ror#13
+ add w27,w27,w17
+ and w28,w28,w19
+ eor w1,w1,w10,ror#19
+ eor w2,w2,w13,lsr#3
+ add w27,w27,w16
+ eor w28,w28,w21
+ eor w17,w3,w20,ror#22
+ eor w1,w1,w10,lsr#10
+ add w12,w12,w5
+ add w23,w23,w27
+ add w27,w27,w28
+ ldr w28,[x30],#4
+ add w12,w12,w2
+ add w27,w27,w17
+ add w12,w12,w1
+ ldr w1,[sp,#8]
+ str w4,[sp,#4]
+ ror w16,w23,#6
+ add w26,w26,w28
+ ror w3,w14,#7
+ and w17,w24,w23
+ ror w2,w11,#17
+ bic w28,w25,w23
+ ror w4,w27,#2
+ add w26,w26,w12
+ eor w16,w16,w23,ror#11
+ eor w3,w3,w14,ror#18
+ orr w17,w17,w28
+ eor w28,w27,w20
+ eor w16,w16,w23,ror#25
+ eor w4,w4,w27,ror#13
+ add w26,w26,w17
+ and w19,w19,w28
+ eor w2,w2,w11,ror#19
+ eor w3,w3,w14,lsr#3
+ add w26,w26,w16
+ eor w19,w19,w20
+ eor w17,w4,w27,ror#22
+ eor w2,w2,w11,lsr#10
+ add w13,w13,w6
+ add w22,w22,w26
+ add w26,w26,w19
+ ldr w19,[x30],#4
+ add w13,w13,w3
+ add w26,w26,w17
+ add w13,w13,w2
+ ldr w2,[sp,#12]
+ str w5,[sp,#8]
+ ror w16,w22,#6
+ add w25,w25,w19
+ ror w4,w15,#7
+ and w17,w23,w22
+ ror w3,w12,#17
+ bic w19,w24,w22
+ ror w5,w26,#2
+ add w25,w25,w13
+ eor w16,w16,w22,ror#11
+ eor w4,w4,w15,ror#18
+ orr w17,w17,w19
+ eor w19,w26,w27
+ eor w16,w16,w22,ror#25
+ eor w5,w5,w26,ror#13
+ add w25,w25,w17
+ and w28,w28,w19
+ eor w3,w3,w12,ror#19
+ eor w4,w4,w15,lsr#3
+ add w25,w25,w16
+ eor w28,w28,w27
+ eor w17,w5,w26,ror#22
+ eor w3,w3,w12,lsr#10
+ add w14,w14,w7
+ add w21,w21,w25
+ add w25,w25,w28
+ ldr w28,[x30],#4
+ add w14,w14,w4
+ add w25,w25,w17
+ add w14,w14,w3
+ ldr w3,[sp,#0]
+ str w6,[sp,#12]
+ ror w16,w21,#6
+ add w24,w24,w28
+ ror w5,w0,#7
+ and w17,w22,w21
+ ror w4,w13,#17
+ bic w28,w23,w21
+ ror w6,w25,#2
+ add w24,w24,w14
+ eor w16,w16,w21,ror#11
+ eor w5,w5,w0,ror#18
+ orr w17,w17,w28
+ eor w28,w25,w26
+ eor w16,w16,w21,ror#25
+ eor w6,w6,w25,ror#13
+ add w24,w24,w17
+ and w19,w19,w28
+ eor w4,w4,w13,ror#19
+ eor w5,w5,w0,lsr#3
+ add w24,w24,w16
+ eor w19,w19,w26
+ eor w17,w6,w25,ror#22
+ eor w4,w4,w13,lsr#10
+ add w15,w15,w8
+ add w20,w20,w24
+ add w24,w24,w19
+ ldr w19,[x30],#4
+ add w15,w15,w5
+ add w24,w24,w17
+ add w15,w15,w4
+ ldr w4,[sp,#4]
+ str w7,[sp,#0]
+ ror w16,w20,#6
+ add w23,w23,w19
+ ror w6,w1,#7
+ and w17,w21,w20
+ ror w5,w14,#17
+ bic w19,w22,w20
+ ror w7,w24,#2
+ add w23,w23,w15
+ eor w16,w16,w20,ror#11
+ eor w6,w6,w1,ror#18
+ orr w17,w17,w19
+ eor w19,w24,w25
+ eor w16,w16,w20,ror#25
+ eor w7,w7,w24,ror#13
+ add w23,w23,w17
+ and w28,w28,w19
+ eor w5,w5,w14,ror#19
+ eor w6,w6,w1,lsr#3
+ add w23,w23,w16
+ eor w28,w28,w25
+ eor w17,w7,w24,ror#22
+ eor w5,w5,w14,lsr#10
+ add w0,w0,w9
+ add w27,w27,w23
+ add w23,w23,w28
+ ldr w28,[x30],#4
+ add w0,w0,w6
+ add w23,w23,w17
+ add w0,w0,w5
+ ldr w5,[sp,#8]
+ str w8,[sp,#4]
+ ror w16,w27,#6
+ add w22,w22,w28
+ ror w7,w2,#7
+ and w17,w20,w27
+ ror w6,w15,#17
+ bic w28,w21,w27
+ ror w8,w23,#2
+ add w22,w22,w0
+ eor w16,w16,w27,ror#11
+ eor w7,w7,w2,ror#18
+ orr w17,w17,w28
+ eor w28,w23,w24
+ eor w16,w16,w27,ror#25
+ eor w8,w8,w23,ror#13
+ add w22,w22,w17
+ and w19,w19,w28
+ eor w6,w6,w15,ror#19
+ eor w7,w7,w2,lsr#3
+ add w22,w22,w16
+ eor w19,w19,w24
+ eor w17,w8,w23,ror#22
+ eor w6,w6,w15,lsr#10
+ add w1,w1,w10
+ add w26,w26,w22
+ add w22,w22,w19
+ ldr w19,[x30],#4
+ add w1,w1,w7
+ add w22,w22,w17
+ add w1,w1,w6
+ ldr w6,[sp,#12]
+ str w9,[sp,#8]
+ ror w16,w26,#6
+ add w21,w21,w19
+ ror w8,w3,#7
+ and w17,w27,w26
+ ror w7,w0,#17
+ bic w19,w20,w26
+ ror w9,w22,#2
+ add w21,w21,w1
+ eor w16,w16,w26,ror#11
+ eor w8,w8,w3,ror#18
+ orr w17,w17,w19
+ eor w19,w22,w23
+ eor w16,w16,w26,ror#25
+ eor w9,w9,w22,ror#13
+ add w21,w21,w17
+ and w28,w28,w19
+ eor w7,w7,w0,ror#19
+ eor w8,w8,w3,lsr#3
+ add w21,w21,w16
+ eor w28,w28,w23
+ eor w17,w9,w22,ror#22
+ eor w7,w7,w0,lsr#10
+ add w2,w2,w11
+ add w25,w25,w21
+ add w21,w21,w28
+ ldr w28,[x30],#4
+ add w2,w2,w8
+ add w21,w21,w17
+ add w2,w2,w7
+ ldr w7,[sp,#0]
+ str w10,[sp,#12]
+ ror w16,w25,#6
+ add w20,w20,w28
+ ror w9,w4,#7
+ and w17,w26,w25
+ ror w8,w1,#17
+ bic w28,w27,w25
+ ror w10,w21,#2
+ add w20,w20,w2
+ eor w16,w16,w25,ror#11
+ eor w9,w9,w4,ror#18
+ orr w17,w17,w28
+ eor w28,w21,w22
+ eor w16,w16,w25,ror#25
+ eor w10,w10,w21,ror#13
+ add w20,w20,w17
+ and w19,w19,w28
+ eor w8,w8,w1,ror#19
+ eor w9,w9,w4,lsr#3
+ add w20,w20,w16
+ eor w19,w19,w22
+ eor w17,w10,w21,ror#22
+ eor w8,w8,w1,lsr#10
+ add w3,w3,w12
+ add w24,w24,w20
+ add w20,w20,w19
+ ldr w19,[x30],#4
+ add w3,w3,w9
+ add w20,w20,w17
+ add w3,w3,w8
+ cbnz w19,Loop_16_xx
+
+ ldp x0,x2,[x29,#96]
+ ldr x1,[x29,#112]
+ sub x30,x30,#260
+
+ ldp w3,w4,[x0]
+ ldp w5,w6,[x0,#2*4]
+ add x1,x1,#14*4
+ ldp w7,w8,[x0,#4*4]
+ add w20,w20,w3
+ ldp w9,w10,[x0,#6*4]
+ add w21,w21,w4
+ add w22,w22,w5
+ add w23,w23,w6
+ stp w20,w21,[x0]
+ add w24,w24,w7
+ add w25,w25,w8
+ stp w22,w23,[x0,#2*4]
+ add w26,w26,w9
+ add w27,w27,w10
+ cmp x1,x2
+ stp w24,w25,[x0,#4*4]
+ stp w26,w27,[x0,#6*4]
+ b.ne Loop
+
+ ldp x19,x20,[x29,#16]
+ add sp,sp,#4*4
+ ldp x21,x22,[x29,#32]
+ ldp x23,x24,[x29,#48]
+ ldp x25,x26,[x29,#64]
+ ldp x27,x28,[x29,#80]
+ ldp x29,x30,[sp],#128
+.long 0xd50323bf
+ ret
+
+
+.align 6
+
+LK256:
+.long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+.long 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+.long 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+.long 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+.long 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+.long 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+.long 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+.long 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+.long 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+.long 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+.long 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+.long 0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+.long 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+.long 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+.long 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+.long 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+.long 0
+
+
+.align 3
+L_gnutls_arm_cpuid_s:
+
+
+
+.quad __gnutls_arm_cpuid_s-.
+
+
+.byte 83,72,65,50,53,54,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,65,82,77,118,56,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.align 2
+.align 2
+
+
+.align 6
+sha256_block_armv8:
+Lv8_entry:
+ stp x29,x30,[sp,#-16]!
+ add x29,sp,#0
+
+ ld1 {v0.4s,v1.4s},[x0]
+ adr x3,LK256
+
+Loop_hw:
+ ld1 {v4.16b,v5.16b,v6.16b,v7.16b},[x1],#64
+ sub x2,x2,#1
+ ld1 {v16.4s},[x3],#16
+ rev32 v4.16b,v4.16b
+ rev32 v5.16b,v5.16b
+ rev32 v6.16b,v6.16b
+ rev32 v7.16b,v7.16b
+ orr v18.16b,v0.16b,v0.16b
+ orr v19.16b,v1.16b,v1.16b
+ ld1 {v17.4s},[x3],#16
+ add v16.4s,v16.4s,v4.4s
+.long 0x5e2828a4
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e104020
+.long 0x5e105041
+.long 0x5e0760c4
+ ld1 {v16.4s},[x3],#16
+ add v17.4s,v17.4s,v5.4s
+.long 0x5e2828c5
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e114020
+.long 0x5e115041
+.long 0x5e0460e5
+ ld1 {v17.4s},[x3],#16
+ add v16.4s,v16.4s,v6.4s
+.long 0x5e2828e6
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e104020
+.long 0x5e105041
+.long 0x5e056086
+ ld1 {v16.4s},[x3],#16
+ add v17.4s,v17.4s,v7.4s
+.long 0x5e282887
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e114020
+.long 0x5e115041
+.long 0x5e0660a7
+ ld1 {v17.4s},[x3],#16
+ add v16.4s,v16.4s,v4.4s
+.long 0x5e2828a4
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e104020
+.long 0x5e105041
+.long 0x5e0760c4
+ ld1 {v16.4s},[x3],#16
+ add v17.4s,v17.4s,v5.4s
+.long 0x5e2828c5
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e114020
+.long 0x5e115041
+.long 0x5e0460e5
+ ld1 {v17.4s},[x3],#16
+ add v16.4s,v16.4s,v6.4s
+.long 0x5e2828e6
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e104020
+.long 0x5e105041
+.long 0x5e056086
+ ld1 {v16.4s},[x3],#16
+ add v17.4s,v17.4s,v7.4s
+.long 0x5e282887
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e114020
+.long 0x5e115041
+.long 0x5e0660a7
+ ld1 {v17.4s},[x3],#16
+ add v16.4s,v16.4s,v4.4s
+.long 0x5e2828a4
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e104020
+.long 0x5e105041
+.long 0x5e0760c4
+ ld1 {v16.4s},[x3],#16
+ add v17.4s,v17.4s,v5.4s
+.long 0x5e2828c5
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e114020
+.long 0x5e115041
+.long 0x5e0460e5
+ ld1 {v17.4s},[x3],#16
+ add v16.4s,v16.4s,v6.4s
+.long 0x5e2828e6
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e104020
+.long 0x5e105041
+.long 0x5e056086
+ ld1 {v16.4s},[x3],#16
+ add v17.4s,v17.4s,v7.4s
+.long 0x5e282887
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e114020
+.long 0x5e115041
+.long 0x5e0660a7
+ ld1 {v17.4s},[x3],#16
+ add v16.4s,v16.4s,v4.4s
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e104020
+.long 0x5e105041
+
+ ld1 {v16.4s},[x3],#16
+ add v17.4s,v17.4s,v5.4s
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e114020
+.long 0x5e115041
+
+ ld1 {v17.4s},[x3]
+ add v16.4s,v16.4s,v6.4s
+ sub x3,x3,#64*4-16
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e104020
+.long 0x5e105041
+
+ add v17.4s,v17.4s,v7.4s
+ orr v2.16b,v0.16b,v0.16b
+.long 0x5e114020
+.long 0x5e115041
+
+ add v0.4s,v0.4s,v18.4s
+ add v1.4s,v1.4s,v19.4s
+
+ cbnz x2,Loop_hw
+
+ st1 {v0.4s,v1.4s},[x0]
+
+ ldr x29,[sp],#16
+ ret
+
+
+
+
+
+
+.align 4
+_sha256_block_neon:
+Lneon_entry:
+ stp x29, x30, [sp, #-16]!
+ mov x29, sp
+ sub sp,sp,#16*4
+
+ adr x16,LK256
+ add x2,x1,x2,lsl#6
+
+ ld1 {v0.16b},[x1], #16
+ ld1 {v1.16b},[x1], #16
+ ld1 {v2.16b},[x1], #16
+ ld1 {v3.16b},[x1], #16
+ ld1 {v4.4s},[x16], #16
+ ld1 {v5.4s},[x16], #16
+ ld1 {v6.4s},[x16], #16
+ ld1 {v7.4s},[x16], #16
+ rev32 v0.16b,v0.16b
+ rev32 v1.16b,v1.16b
+ rev32 v2.16b,v2.16b
+ rev32 v3.16b,v3.16b
+ mov x17,sp
+ add v4.4s,v4.4s,v0.4s
+ add v5.4s,v5.4s,v1.4s
+ add v6.4s,v6.4s,v2.4s
+ st1 {v4.4s,v5.4s},[x17], #32
+ add v7.4s,v7.4s,v3.4s
+ st1 {v6.4s,v7.4s},[x17]
+ sub x17,x17,#32
+
+ ldp w3,w4,[x0]
+ ldp w5,w6,[x0,#8]
+ ldp w7,w8,[x0,#16]
+ ldp w9,w10,[x0,#24]
+ ldr w12,[sp,#0]
+ mov w13,wzr
+ eor w14,w4,w5
+ mov w15,wzr
+ b L_00_48
+
+.align 4
+L_00_48:
+ ext v4.16b,v0.16b,v1.16b,#4
+ add w10,w10,w12
+ add w3,w3,w15
+ and w12,w8,w7
+ bic w15,w9,w7
+ ext v7.16b,v2.16b,v3.16b,#4
+ eor w11,w7,w7,ror#5
+ add w3,w3,w13
+ mov d19,v3.d[1]
+ orr w12,w12,w15
+ eor w11,w11,w7,ror#19
+ ushr v6.4s,v4.4s,#7
+ eor w15,w3,w3,ror#11
+ ushr v5.4s,v4.4s,#3
+ add w10,w10,w12
+ add v0.4s,v0.4s,v7.4s
+ ror w11,w11,#6
+ sli v6.4s,v4.4s,#25
+ eor w13,w3,w4
+ eor w15,w15,w3,ror#20
+ ushr v7.4s,v4.4s,#18
+ add w10,w10,w11
+ ldr w12,[sp,#4]
+ and w14,w14,w13
+ eor v5.16b,v5.16b,v6.16b
+ ror w15,w15,#2
+ add w6,w6,w10
+ sli v7.4s,v4.4s,#14
+ eor w14,w14,w4
+ ushr v16.4s,v19.4s,#17
+ add w9,w9,w12
+ add w10,w10,w15
+ and w12,w7,w6
+ eor v5.16b,v5.16b,v7.16b
+ bic w15,w8,w6
+ eor w11,w6,w6,ror#5
+ sli v16.4s,v19.4s,#15
+ add w10,w10,w14
+ orr w12,w12,w15
+ ushr v17.4s,v19.4s,#10
+ eor w11,w11,w6,ror#19
+ eor w15,w10,w10,ror#11
+ ushr v7.4s,v19.4s,#19
+ add w9,w9,w12
+ ror w11,w11,#6
+ add v0.4s,v0.4s,v5.4s
+ eor w14,w10,w3
+ eor w15,w15,w10,ror#20
+ sli v7.4s,v19.4s,#13
+ add w9,w9,w11
+ ldr w12,[sp,#8]
+ and w13,w13,w14
+ eor v17.16b,v17.16b,v16.16b
+ ror w15,w15,#2
+ add w5,w5,w9
+ eor w13,w13,w3
+ eor v17.16b,v17.16b,v7.16b
+ add w8,w8,w12
+ add w9,w9,w15
+ and w12,w6,w5
+ add v0.4s,v0.4s,v17.4s
+ bic w15,w7,w5
+ eor w11,w5,w5,ror#5
+ add w9,w9,w13
+ ushr v18.4s,v0.4s,#17
+ orr w12,w12,w15
+ ushr v19.4s,v0.4s,#10
+ eor w11,w11,w5,ror#19
+ eor w15,w9,w9,ror#11
+ sli v18.4s,v0.4s,#15
+ add w8,w8,w12
+ ushr v17.4s,v0.4s,#19
+ ror w11,w11,#6
+ eor w13,w9,w10
+ eor v19.16b,v19.16b,v18.16b
+ eor w15,w15,w9,ror#20
+ add w8,w8,w11
+ sli v17.4s,v0.4s,#13
+ ldr w12,[sp,#12]
+ and w14,w14,w13
+ ror w15,w15,#2
+ ld1 {v4.4s},[x16], #16
+ add w4,w4,w8
+ eor v19.16b,v19.16b,v17.16b
+ eor w14,w14,w10
+ eor v17.16b,v17.16b,v17.16b
+ add w7,w7,w12
+ add w8,w8,w15
+ and w12,w5,w4
+ mov v17.d[1],v19.d[0]
+ bic w15,w6,w4
+ eor w11,w4,w4,ror#5
+ add w8,w8,w14
+ add v0.4s,v0.4s,v17.4s
+ orr w12,w12,w15
+ eor w11,w11,w4,ror#19
+ eor w15,w8,w8,ror#11
+ add v4.4s,v4.4s,v0.4s
+ add w7,w7,w12
+ ror w11,w11,#6
+ eor w14,w8,w9
+ eor w15,w15,w8,ror#20
+ add w7,w7,w11
+ ldr w12,[sp,#16]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w3,w3,w7
+ eor w13,w13,w9
+ st1 {v4.4s},[x17], #16
+ ext v4.16b,v1.16b,v2.16b,#4
+ add w6,w6,w12
+ add w7,w7,w15
+ and w12,w4,w3
+ bic w15,w5,w3
+ ext v7.16b,v3.16b,v0.16b,#4
+ eor w11,w3,w3,ror#5
+ add w7,w7,w13
+ mov d19,v0.d[1]
+ orr w12,w12,w15
+ eor w11,w11,w3,ror#19
+ ushr v6.4s,v4.4s,#7
+ eor w15,w7,w7,ror#11
+ ushr v5.4s,v4.4s,#3
+ add w6,w6,w12
+ add v1.4s,v1.4s,v7.4s
+ ror w11,w11,#6
+ sli v6.4s,v4.4s,#25
+ eor w13,w7,w8
+ eor w15,w15,w7,ror#20
+ ushr v7.4s,v4.4s,#18
+ add w6,w6,w11
+ ldr w12,[sp,#20]
+ and w14,w14,w13
+ eor v5.16b,v5.16b,v6.16b
+ ror w15,w15,#2
+ add w10,w10,w6
+ sli v7.4s,v4.4s,#14
+ eor w14,w14,w8
+ ushr v16.4s,v19.4s,#17
+ add w5,w5,w12
+ add w6,w6,w15
+ and w12,w3,w10
+ eor v5.16b,v5.16b,v7.16b
+ bic w15,w4,w10
+ eor w11,w10,w10,ror#5
+ sli v16.4s,v19.4s,#15
+ add w6,w6,w14
+ orr w12,w12,w15
+ ushr v17.4s,v19.4s,#10
+ eor w11,w11,w10,ror#19
+ eor w15,w6,w6,ror#11
+ ushr v7.4s,v19.4s,#19
+ add w5,w5,w12
+ ror w11,w11,#6
+ add v1.4s,v1.4s,v5.4s
+ eor w14,w6,w7
+ eor w15,w15,w6,ror#20
+ sli v7.4s,v19.4s,#13
+ add w5,w5,w11
+ ldr w12,[sp,#24]
+ and w13,w13,w14
+ eor v17.16b,v17.16b,v16.16b
+ ror w15,w15,#2
+ add w9,w9,w5
+ eor w13,w13,w7
+ eor v17.16b,v17.16b,v7.16b
+ add w4,w4,w12
+ add w5,w5,w15
+ and w12,w10,w9
+ add v1.4s,v1.4s,v17.4s
+ bic w15,w3,w9
+ eor w11,w9,w9,ror#5
+ add w5,w5,w13
+ ushr v18.4s,v1.4s,#17
+ orr w12,w12,w15
+ ushr v19.4s,v1.4s,#10
+ eor w11,w11,w9,ror#19
+ eor w15,w5,w5,ror#11
+ sli v18.4s,v1.4s,#15
+ add w4,w4,w12
+ ushr v17.4s,v1.4s,#19
+ ror w11,w11,#6
+ eor w13,w5,w6
+ eor v19.16b,v19.16b,v18.16b
+ eor w15,w15,w5,ror#20
+ add w4,w4,w11
+ sli v17.4s,v1.4s,#13
+ ldr w12,[sp,#28]
+ and w14,w14,w13
+ ror w15,w15,#2
+ ld1 {v4.4s},[x16], #16
+ add w8,w8,w4
+ eor v19.16b,v19.16b,v17.16b
+ eor w14,w14,w6
+ eor v17.16b,v17.16b,v17.16b
+ add w3,w3,w12
+ add w4,w4,w15
+ and w12,w9,w8
+ mov v17.d[1],v19.d[0]
+ bic w15,w10,w8
+ eor w11,w8,w8,ror#5
+ add w4,w4,w14
+ add v1.4s,v1.4s,v17.4s
+ orr w12,w12,w15
+ eor w11,w11,w8,ror#19
+ eor w15,w4,w4,ror#11
+ add v4.4s,v4.4s,v1.4s
+ add w3,w3,w12
+ ror w11,w11,#6
+ eor w14,w4,w5
+ eor w15,w15,w4,ror#20
+ add w3,w3,w11
+ ldr w12,[sp,#32]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w7,w7,w3
+ eor w13,w13,w5
+ st1 {v4.4s},[x17], #16
+ ext v4.16b,v2.16b,v3.16b,#4
+ add w10,w10,w12
+ add w3,w3,w15
+ and w12,w8,w7
+ bic w15,w9,w7
+ ext v7.16b,v0.16b,v1.16b,#4
+ eor w11,w7,w7,ror#5
+ add w3,w3,w13
+ mov d19,v1.d[1]
+ orr w12,w12,w15
+ eor w11,w11,w7,ror#19
+ ushr v6.4s,v4.4s,#7
+ eor w15,w3,w3,ror#11
+ ushr v5.4s,v4.4s,#3
+ add w10,w10,w12
+ add v2.4s,v2.4s,v7.4s
+ ror w11,w11,#6
+ sli v6.4s,v4.4s,#25
+ eor w13,w3,w4
+ eor w15,w15,w3,ror#20
+ ushr v7.4s,v4.4s,#18
+ add w10,w10,w11
+ ldr w12,[sp,#36]
+ and w14,w14,w13
+ eor v5.16b,v5.16b,v6.16b
+ ror w15,w15,#2
+ add w6,w6,w10
+ sli v7.4s,v4.4s,#14
+ eor w14,w14,w4
+ ushr v16.4s,v19.4s,#17
+ add w9,w9,w12
+ add w10,w10,w15
+ and w12,w7,w6
+ eor v5.16b,v5.16b,v7.16b
+ bic w15,w8,w6
+ eor w11,w6,w6,ror#5
+ sli v16.4s,v19.4s,#15
+ add w10,w10,w14
+ orr w12,w12,w15
+ ushr v17.4s,v19.4s,#10
+ eor w11,w11,w6,ror#19
+ eor w15,w10,w10,ror#11
+ ushr v7.4s,v19.4s,#19
+ add w9,w9,w12
+ ror w11,w11,#6
+ add v2.4s,v2.4s,v5.4s
+ eor w14,w10,w3
+ eor w15,w15,w10,ror#20
+ sli v7.4s,v19.4s,#13
+ add w9,w9,w11
+ ldr w12,[sp,#40]
+ and w13,w13,w14
+ eor v17.16b,v17.16b,v16.16b
+ ror w15,w15,#2
+ add w5,w5,w9
+ eor w13,w13,w3
+ eor v17.16b,v17.16b,v7.16b
+ add w8,w8,w12
+ add w9,w9,w15
+ and w12,w6,w5
+ add v2.4s,v2.4s,v17.4s
+ bic w15,w7,w5
+ eor w11,w5,w5,ror#5
+ add w9,w9,w13
+ ushr v18.4s,v2.4s,#17
+ orr w12,w12,w15
+ ushr v19.4s,v2.4s,#10
+ eor w11,w11,w5,ror#19
+ eor w15,w9,w9,ror#11
+ sli v18.4s,v2.4s,#15
+ add w8,w8,w12
+ ushr v17.4s,v2.4s,#19
+ ror w11,w11,#6
+ eor w13,w9,w10
+ eor v19.16b,v19.16b,v18.16b
+ eor w15,w15,w9,ror#20
+ add w8,w8,w11
+ sli v17.4s,v2.4s,#13
+ ldr w12,[sp,#44]
+ and w14,w14,w13
+ ror w15,w15,#2
+ ld1 {v4.4s},[x16], #16
+ add w4,w4,w8
+ eor v19.16b,v19.16b,v17.16b
+ eor w14,w14,w10
+ eor v17.16b,v17.16b,v17.16b
+ add w7,w7,w12
+ add w8,w8,w15
+ and w12,w5,w4
+ mov v17.d[1],v19.d[0]
+ bic w15,w6,w4
+ eor w11,w4,w4,ror#5
+ add w8,w8,w14
+ add v2.4s,v2.4s,v17.4s
+ orr w12,w12,w15
+ eor w11,w11,w4,ror#19
+ eor w15,w8,w8,ror#11
+ add v4.4s,v4.4s,v2.4s
+ add w7,w7,w12
+ ror w11,w11,#6
+ eor w14,w8,w9
+ eor w15,w15,w8,ror#20
+ add w7,w7,w11
+ ldr w12,[sp,#48]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w3,w3,w7
+ eor w13,w13,w9
+ st1 {v4.4s},[x17], #16
+ ext v4.16b,v3.16b,v0.16b,#4
+ add w6,w6,w12
+ add w7,w7,w15
+ and w12,w4,w3
+ bic w15,w5,w3
+ ext v7.16b,v1.16b,v2.16b,#4
+ eor w11,w3,w3,ror#5
+ add w7,w7,w13
+ mov d19,v2.d[1]
+ orr w12,w12,w15
+ eor w11,w11,w3,ror#19
+ ushr v6.4s,v4.4s,#7
+ eor w15,w7,w7,ror#11
+ ushr v5.4s,v4.4s,#3
+ add w6,w6,w12
+ add v3.4s,v3.4s,v7.4s
+ ror w11,w11,#6
+ sli v6.4s,v4.4s,#25
+ eor w13,w7,w8
+ eor w15,w15,w7,ror#20
+ ushr v7.4s,v4.4s,#18
+ add w6,w6,w11
+ ldr w12,[sp,#52]
+ and w14,w14,w13
+ eor v5.16b,v5.16b,v6.16b
+ ror w15,w15,#2
+ add w10,w10,w6
+ sli v7.4s,v4.4s,#14
+ eor w14,w14,w8
+ ushr v16.4s,v19.4s,#17
+ add w5,w5,w12
+ add w6,w6,w15
+ and w12,w3,w10
+ eor v5.16b,v5.16b,v7.16b
+ bic w15,w4,w10
+ eor w11,w10,w10,ror#5
+ sli v16.4s,v19.4s,#15
+ add w6,w6,w14
+ orr w12,w12,w15
+ ushr v17.4s,v19.4s,#10
+ eor w11,w11,w10,ror#19
+ eor w15,w6,w6,ror#11
+ ushr v7.4s,v19.4s,#19
+ add w5,w5,w12
+ ror w11,w11,#6
+ add v3.4s,v3.4s,v5.4s
+ eor w14,w6,w7
+ eor w15,w15,w6,ror#20
+ sli v7.4s,v19.4s,#13
+ add w5,w5,w11
+ ldr w12,[sp,#56]
+ and w13,w13,w14
+ eor v17.16b,v17.16b,v16.16b
+ ror w15,w15,#2
+ add w9,w9,w5
+ eor w13,w13,w7
+ eor v17.16b,v17.16b,v7.16b
+ add w4,w4,w12
+ add w5,w5,w15
+ and w12,w10,w9
+ add v3.4s,v3.4s,v17.4s
+ bic w15,w3,w9
+ eor w11,w9,w9,ror#5
+ add w5,w5,w13
+ ushr v18.4s,v3.4s,#17
+ orr w12,w12,w15
+ ushr v19.4s,v3.4s,#10
+ eor w11,w11,w9,ror#19
+ eor w15,w5,w5,ror#11
+ sli v18.4s,v3.4s,#15
+ add w4,w4,w12
+ ushr v17.4s,v3.4s,#19
+ ror w11,w11,#6
+ eor w13,w5,w6
+ eor v19.16b,v19.16b,v18.16b
+ eor w15,w15,w5,ror#20
+ add w4,w4,w11
+ sli v17.4s,v3.4s,#13
+ ldr w12,[sp,#60]
+ and w14,w14,w13
+ ror w15,w15,#2
+ ld1 {v4.4s},[x16], #16
+ add w8,w8,w4
+ eor v19.16b,v19.16b,v17.16b
+ eor w14,w14,w6
+ eor v17.16b,v17.16b,v17.16b
+ add w3,w3,w12
+ add w4,w4,w15
+ and w12,w9,w8
+ mov v17.d[1],v19.d[0]
+ bic w15,w10,w8
+ eor w11,w8,w8,ror#5
+ add w4,w4,w14
+ add v3.4s,v3.4s,v17.4s
+ orr w12,w12,w15
+ eor w11,w11,w8,ror#19
+ eor w15,w4,w4,ror#11
+ add v4.4s,v4.4s,v3.4s
+ add w3,w3,w12
+ ror w11,w11,#6
+ eor w14,w4,w5
+ eor w15,w15,w4,ror#20
+ add w3,w3,w11
+ ldr w12,[x16]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w7,w7,w3
+ eor w13,w13,w5
+ st1 {v4.4s},[x17], #16
+ cmp w12,#0
+ ldr w12,[sp,#0]
+ sub x17,x17,#64
+ bne L_00_48
+
+ sub x16,x16,#256
+ cmp x1,x2
+ mov x17, #64
+ csel x17, x17, xzr, eq
+ sub x1,x1,x17
+ mov x17,sp
+ add w10,w10,w12
+ add w3,w3,w15
+ and w12,w8,w7
+ ld1 {v0.16b},[x1],#16
+ bic w15,w9,w7
+ eor w11,w7,w7,ror#5
+ ld1 {v4.4s},[x16],#16
+ add w3,w3,w13
+ orr w12,w12,w15
+ eor w11,w11,w7,ror#19
+ eor w15,w3,w3,ror#11
+ rev32 v0.16b,v0.16b
+ add w10,w10,w12
+ ror w11,w11,#6
+ eor w13,w3,w4
+ eor w15,w15,w3,ror#20
+ add v4.4s,v4.4s,v0.4s
+ add w10,w10,w11
+ ldr w12,[sp,#4]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w6,w6,w10
+ eor w14,w14,w4
+ add w9,w9,w12
+ add w10,w10,w15
+ and w12,w7,w6
+ bic w15,w8,w6
+ eor w11,w6,w6,ror#5
+ add w10,w10,w14
+ orr w12,w12,w15
+ eor w11,w11,w6,ror#19
+ eor w15,w10,w10,ror#11
+ add w9,w9,w12
+ ror w11,w11,#6
+ eor w14,w10,w3
+ eor w15,w15,w10,ror#20
+ add w9,w9,w11
+ ldr w12,[sp,#8]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w5,w5,w9
+ eor w13,w13,w3
+ add w8,w8,w12
+ add w9,w9,w15
+ and w12,w6,w5
+ bic w15,w7,w5
+ eor w11,w5,w5,ror#5
+ add w9,w9,w13
+ orr w12,w12,w15
+ eor w11,w11,w5,ror#19
+ eor w15,w9,w9,ror#11
+ add w8,w8,w12
+ ror w11,w11,#6
+ eor w13,w9,w10
+ eor w15,w15,w9,ror#20
+ add w8,w8,w11
+ ldr w12,[sp,#12]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w4,w4,w8
+ eor w14,w14,w10
+ add w7,w7,w12
+ add w8,w8,w15
+ and w12,w5,w4
+ bic w15,w6,w4
+ eor w11,w4,w4,ror#5
+ add w8,w8,w14
+ orr w12,w12,w15
+ eor w11,w11,w4,ror#19
+ eor w15,w8,w8,ror#11
+ add w7,w7,w12
+ ror w11,w11,#6
+ eor w14,w8,w9
+ eor w15,w15,w8,ror#20
+ add w7,w7,w11
+ ldr w12,[sp,#16]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w3,w3,w7
+ eor w13,w13,w9
+ st1 {v4.4s},[x17], #16
+ add w6,w6,w12
+ add w7,w7,w15
+ and w12,w4,w3
+ ld1 {v1.16b},[x1],#16
+ bic w15,w5,w3
+ eor w11,w3,w3,ror#5
+ ld1 {v4.4s},[x16],#16
+ add w7,w7,w13
+ orr w12,w12,w15
+ eor w11,w11,w3,ror#19
+ eor w15,w7,w7,ror#11
+ rev32 v1.16b,v1.16b
+ add w6,w6,w12
+ ror w11,w11,#6
+ eor w13,w7,w8
+ eor w15,w15,w7,ror#20
+ add v4.4s,v4.4s,v1.4s
+ add w6,w6,w11
+ ldr w12,[sp,#20]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w10,w10,w6
+ eor w14,w14,w8
+ add w5,w5,w12
+ add w6,w6,w15
+ and w12,w3,w10
+ bic w15,w4,w10
+ eor w11,w10,w10,ror#5
+ add w6,w6,w14
+ orr w12,w12,w15
+ eor w11,w11,w10,ror#19
+ eor w15,w6,w6,ror#11
+ add w5,w5,w12
+ ror w11,w11,#6
+ eor w14,w6,w7
+ eor w15,w15,w6,ror#20
+ add w5,w5,w11
+ ldr w12,[sp,#24]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w9,w9,w5
+ eor w13,w13,w7
+ add w4,w4,w12
+ add w5,w5,w15
+ and w12,w10,w9
+ bic w15,w3,w9
+ eor w11,w9,w9,ror#5
+ add w5,w5,w13
+ orr w12,w12,w15
+ eor w11,w11,w9,ror#19
+ eor w15,w5,w5,ror#11
+ add w4,w4,w12
+ ror w11,w11,#6
+ eor w13,w5,w6
+ eor w15,w15,w5,ror#20
+ add w4,w4,w11
+ ldr w12,[sp,#28]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w8,w8,w4
+ eor w14,w14,w6
+ add w3,w3,w12
+ add w4,w4,w15
+ and w12,w9,w8
+ bic w15,w10,w8
+ eor w11,w8,w8,ror#5
+ add w4,w4,w14
+ orr w12,w12,w15
+ eor w11,w11,w8,ror#19
+ eor w15,w4,w4,ror#11
+ add w3,w3,w12
+ ror w11,w11,#6
+ eor w14,w4,w5
+ eor w15,w15,w4,ror#20
+ add w3,w3,w11
+ ldr w12,[sp,#32]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w7,w7,w3
+ eor w13,w13,w5
+ st1 {v4.4s},[x17], #16
+ add w10,w10,w12
+ add w3,w3,w15
+ and w12,w8,w7
+ ld1 {v2.16b},[x1],#16
+ bic w15,w9,w7
+ eor w11,w7,w7,ror#5
+ ld1 {v4.4s},[x16],#16
+ add w3,w3,w13
+ orr w12,w12,w15
+ eor w11,w11,w7,ror#19
+ eor w15,w3,w3,ror#11
+ rev32 v2.16b,v2.16b
+ add w10,w10,w12
+ ror w11,w11,#6
+ eor w13,w3,w4
+ eor w15,w15,w3,ror#20
+ add v4.4s,v4.4s,v2.4s
+ add w10,w10,w11
+ ldr w12,[sp,#36]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w6,w6,w10
+ eor w14,w14,w4
+ add w9,w9,w12
+ add w10,w10,w15
+ and w12,w7,w6
+ bic w15,w8,w6
+ eor w11,w6,w6,ror#5
+ add w10,w10,w14
+ orr w12,w12,w15
+ eor w11,w11,w6,ror#19
+ eor w15,w10,w10,ror#11
+ add w9,w9,w12
+ ror w11,w11,#6
+ eor w14,w10,w3
+ eor w15,w15,w10,ror#20
+ add w9,w9,w11
+ ldr w12,[sp,#40]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w5,w5,w9
+ eor w13,w13,w3
+ add w8,w8,w12
+ add w9,w9,w15
+ and w12,w6,w5
+ bic w15,w7,w5
+ eor w11,w5,w5,ror#5
+ add w9,w9,w13
+ orr w12,w12,w15
+ eor w11,w11,w5,ror#19
+ eor w15,w9,w9,ror#11
+ add w8,w8,w12
+ ror w11,w11,#6
+ eor w13,w9,w10
+ eor w15,w15,w9,ror#20
+ add w8,w8,w11
+ ldr w12,[sp,#44]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w4,w4,w8
+ eor w14,w14,w10
+ add w7,w7,w12
+ add w8,w8,w15
+ and w12,w5,w4
+ bic w15,w6,w4
+ eor w11,w4,w4,ror#5
+ add w8,w8,w14
+ orr w12,w12,w15
+ eor w11,w11,w4,ror#19
+ eor w15,w8,w8,ror#11
+ add w7,w7,w12
+ ror w11,w11,#6
+ eor w14,w8,w9
+ eor w15,w15,w8,ror#20
+ add w7,w7,w11
+ ldr w12,[sp,#48]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w3,w3,w7
+ eor w13,w13,w9
+ st1 {v4.4s},[x17], #16
+ add w6,w6,w12
+ add w7,w7,w15
+ and w12,w4,w3
+ ld1 {v3.16b},[x1],#16
+ bic w15,w5,w3
+ eor w11,w3,w3,ror#5
+ ld1 {v4.4s},[x16],#16
+ add w7,w7,w13
+ orr w12,w12,w15
+ eor w11,w11,w3,ror#19
+ eor w15,w7,w7,ror#11
+ rev32 v3.16b,v3.16b
+ add w6,w6,w12
+ ror w11,w11,#6
+ eor w13,w7,w8
+ eor w15,w15,w7,ror#20
+ add v4.4s,v4.4s,v3.4s
+ add w6,w6,w11
+ ldr w12,[sp,#52]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w10,w10,w6
+ eor w14,w14,w8
+ add w5,w5,w12
+ add w6,w6,w15
+ and w12,w3,w10
+ bic w15,w4,w10
+ eor w11,w10,w10,ror#5
+ add w6,w6,w14
+ orr w12,w12,w15
+ eor w11,w11,w10,ror#19
+ eor w15,w6,w6,ror#11
+ add w5,w5,w12
+ ror w11,w11,#6
+ eor w14,w6,w7
+ eor w15,w15,w6,ror#20
+ add w5,w5,w11
+ ldr w12,[sp,#56]
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w9,w9,w5
+ eor w13,w13,w7
+ add w4,w4,w12
+ add w5,w5,w15
+ and w12,w10,w9
+ bic w15,w3,w9
+ eor w11,w9,w9,ror#5
+ add w5,w5,w13
+ orr w12,w12,w15
+ eor w11,w11,w9,ror#19
+ eor w15,w5,w5,ror#11
+ add w4,w4,w12
+ ror w11,w11,#6
+ eor w13,w5,w6
+ eor w15,w15,w5,ror#20
+ add w4,w4,w11
+ ldr w12,[sp,#60]
+ and w14,w14,w13
+ ror w15,w15,#2
+ add w8,w8,w4
+ eor w14,w14,w6
+ add w3,w3,w12
+ add w4,w4,w15
+ and w12,w9,w8
+ bic w15,w10,w8
+ eor w11,w8,w8,ror#5
+ add w4,w4,w14
+ orr w12,w12,w15
+ eor w11,w11,w8,ror#19
+ eor w15,w4,w4,ror#11
+ add w3,w3,w12
+ ror w11,w11,#6
+ eor w14,w4,w5
+ eor w15,w15,w4,ror#20
+ add w3,w3,w11
+ and w13,w13,w14
+ ror w15,w15,#2
+ add w7,w7,w3
+ eor w13,w13,w5
+ st1 {v4.4s},[x17], #16
+ add w3,w3,w15
+ ldp w11,w12,[x0,#0]
+ add w3,w3,w13
+ ldp w13,w14,[x0,#8]
+ add w3,w3,w11
+ add w4,w4,w12
+ ldp w11,w12,[x0,#16]
+ add w5,w5,w13
+ add w6,w6,w14
+ ldp w13,w14,[x0,#24]
+ add w7,w7,w11
+ add w8,w8,w12
+ ldr w12,[sp,#0]
+ stp w3,w4,[x0,#0]
+ add w9,w9,w13
+ mov w13,wzr
+ stp w5,w6,[x0,#8]
+ add w10,w10,w14
+ stp w7,w8,[x0,#16]
+ eor w14,w4,w5
+ stp w9,w10,[x0,#24]
+ mov w15,wzr
+ mov x17,sp
+ b.ne L_00_48
+
+ ldr x29,[x29]
+ add sp,sp,#16*4+16
+ ret
diff --git a/lib/accelerated/aarch64/macosx/sha512-armv8.s b/lib/accelerated/aarch64/macosx/sha512-armv8.s
new file mode 100644
index 0000000..8c3abda
--- /dev/null
+++ b/lib/accelerated/aarch64/macosx/sha512-armv8.s
@@ -0,0 +1,1606 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+# 1 "lib/accelerated/aarch64/macosx/sha512-armv8.s.tmp.S"
+# 1 "<built-in>"
+# 1 "<command-line>"
+# 1 "lib/accelerated/aarch64/macosx/sha512-armv8.s.tmp.S"
+# 56 "lib/accelerated/aarch64/macosx/sha512-armv8.s.tmp.S"
+# 1 "lib/accelerated/aarch64/aarch64-common.h" 1
+# 57 "lib/accelerated/aarch64/macosx/sha512-armv8.s.tmp.S" 2
+
+
+.text
+
+
+.private_extern __gnutls_arm_cpuid_s
+.globl _sha512_block_data_order
+
+.align 6
+_sha512_block_data_order:
+
+
+
+
+ ldr x16,L_gnutls_arm_cpuid_s
+
+ adr x17,L_gnutls_arm_cpuid_s
+ add x16,x16,x17
+ ldr w16,[x16]
+ tst w16,#(1<<6)
+ b.ne Lv8_entry
+
+.long 0xd503233f
+ stp x29,x30,[sp,#-128]!
+ add x29,sp,#0
+
+ stp x19,x20,[sp,#16]
+ stp x21,x22,[sp,#32]
+ stp x23,x24,[sp,#48]
+ stp x25,x26,[sp,#64]
+ stp x27,x28,[sp,#80]
+ sub sp,sp,#4*8
+
+ ldp x20,x21,[x0]
+ ldp x22,x23,[x0,#2*8]
+ ldp x24,x25,[x0,#4*8]
+ add x2,x1,x2,lsl#7
+ ldp x26,x27,[x0,#6*8]
+ adr x30,LK512
+ stp x0,x2,[x29,#96]
+
+Loop:
+ ldp x3,x4,[x1],#2*8
+ ldr x19,[x30],#8
+ eor x28,x21,x22
+ str x1,[x29,#112]
+
+ rev x3,x3
+
+ ror x16,x24,#14
+ add x27,x27,x19
+ eor x6,x24,x24,ror#23
+ and x17,x25,x24
+ bic x19,x26,x24
+ add x27,x27,x3
+ orr x17,x17,x19
+ eor x19,x20,x21
+ eor x16,x16,x6,ror#18
+ ror x6,x20,#28
+ add x27,x27,x17
+ eor x17,x20,x20,ror#5
+ add x27,x27,x16
+ and x28,x28,x19
+ add x23,x23,x27
+ eor x28,x28,x21
+ eor x17,x6,x17,ror#34
+ add x27,x27,x28
+ ldr x28,[x30],#8
+
+
+ rev x4,x4
+
+ ldp x5,x6,[x1],#2*8
+ add x27,x27,x17
+ ror x16,x23,#14
+ add x26,x26,x28
+ eor x7,x23,x23,ror#23
+ and x17,x24,x23
+ bic x28,x25,x23
+ add x26,x26,x4
+ orr x17,x17,x28
+ eor x28,x27,x20
+ eor x16,x16,x7,ror#18
+ ror x7,x27,#28
+ add x26,x26,x17
+ eor x17,x27,x27,ror#5
+ add x26,x26,x16
+ and x19,x19,x28
+ add x22,x22,x26
+ eor x19,x19,x20
+ eor x17,x7,x17,ror#34
+ add x26,x26,x19
+ ldr x19,[x30],#8
+
+
+ rev x5,x5
+
+ add x26,x26,x17
+ ror x16,x22,#14
+ add x25,x25,x19
+ eor x8,x22,x22,ror#23
+ and x17,x23,x22
+ bic x19,x24,x22
+ add x25,x25,x5
+ orr x17,x17,x19
+ eor x19,x26,x27
+ eor x16,x16,x8,ror#18
+ ror x8,x26,#28
+ add x25,x25,x17
+ eor x17,x26,x26,ror#5
+ add x25,x25,x16
+ and x28,x28,x19
+ add x21,x21,x25
+ eor x28,x28,x27
+ eor x17,x8,x17,ror#34
+ add x25,x25,x28
+ ldr x28,[x30],#8
+
+
+ rev x6,x6
+
+ ldp x7,x8,[x1],#2*8
+ add x25,x25,x17
+ ror x16,x21,#14
+ add x24,x24,x28
+ eor x9,x21,x21,ror#23
+ and x17,x22,x21
+ bic x28,x23,x21
+ add x24,x24,x6
+ orr x17,x17,x28
+ eor x28,x25,x26
+ eor x16,x16,x9,ror#18
+ ror x9,x25,#28
+ add x24,x24,x17
+ eor x17,x25,x25,ror#5
+ add x24,x24,x16
+ and x19,x19,x28
+ add x20,x20,x24
+ eor x19,x19,x26
+ eor x17,x9,x17,ror#34
+ add x24,x24,x19
+ ldr x19,[x30],#8
+
+
+ rev x7,x7
+
+ add x24,x24,x17
+ ror x16,x20,#14
+ add x23,x23,x19
+ eor x10,x20,x20,ror#23
+ and x17,x21,x20
+ bic x19,x22,x20
+ add x23,x23,x7
+ orr x17,x17,x19
+ eor x19,x24,x25
+ eor x16,x16,x10,ror#18
+ ror x10,x24,#28
+ add x23,x23,x17
+ eor x17,x24,x24,ror#5
+ add x23,x23,x16
+ and x28,x28,x19
+ add x27,x27,x23
+ eor x28,x28,x25
+ eor x17,x10,x17,ror#34
+ add x23,x23,x28
+ ldr x28,[x30],#8
+
+
+ rev x8,x8
+
+ ldp x9,x10,[x1],#2*8
+ add x23,x23,x17
+ ror x16,x27,#14
+ add x22,x22,x28
+ eor x11,x27,x27,ror#23
+ and x17,x20,x27
+ bic x28,x21,x27
+ add x22,x22,x8
+ orr x17,x17,x28
+ eor x28,x23,x24
+ eor x16,x16,x11,ror#18
+ ror x11,x23,#28
+ add x22,x22,x17
+ eor x17,x23,x23,ror#5
+ add x22,x22,x16
+ and x19,x19,x28
+ add x26,x26,x22
+ eor x19,x19,x24
+ eor x17,x11,x17,ror#34
+ add x22,x22,x19
+ ldr x19,[x30],#8
+
+
+ rev x9,x9
+
+ add x22,x22,x17
+ ror x16,x26,#14
+ add x21,x21,x19
+ eor x12,x26,x26,ror#23
+ and x17,x27,x26
+ bic x19,x20,x26
+ add x21,x21,x9
+ orr x17,x17,x19
+ eor x19,x22,x23
+ eor x16,x16,x12,ror#18
+ ror x12,x22,#28
+ add x21,x21,x17
+ eor x17,x22,x22,ror#5
+ add x21,x21,x16
+ and x28,x28,x19
+ add x25,x25,x21
+ eor x28,x28,x23
+ eor x17,x12,x17,ror#34
+ add x21,x21,x28
+ ldr x28,[x30],#8
+
+
+ rev x10,x10
+
+ ldp x11,x12,[x1],#2*8
+ add x21,x21,x17
+ ror x16,x25,#14
+ add x20,x20,x28
+ eor x13,x25,x25,ror#23
+ and x17,x26,x25
+ bic x28,x27,x25
+ add x20,x20,x10
+ orr x17,x17,x28
+ eor x28,x21,x22
+ eor x16,x16,x13,ror#18
+ ror x13,x21,#28
+ add x20,x20,x17
+ eor x17,x21,x21,ror#5
+ add x20,x20,x16
+ and x19,x19,x28
+ add x24,x24,x20
+ eor x19,x19,x22
+ eor x17,x13,x17,ror#34
+ add x20,x20,x19
+ ldr x19,[x30],#8
+
+
+ rev x11,x11
+
+ add x20,x20,x17
+ ror x16,x24,#14
+ add x27,x27,x19
+ eor x14,x24,x24,ror#23
+ and x17,x25,x24
+ bic x19,x26,x24
+ add x27,x27,x11
+ orr x17,x17,x19
+ eor x19,x20,x21
+ eor x16,x16,x14,ror#18
+ ror x14,x20,#28
+ add x27,x27,x17
+ eor x17,x20,x20,ror#5
+ add x27,x27,x16
+ and x28,x28,x19
+ add x23,x23,x27
+ eor x28,x28,x21
+ eor x17,x14,x17,ror#34
+ add x27,x27,x28
+ ldr x28,[x30],#8
+
+
+ rev x12,x12
+
+ ldp x13,x14,[x1],#2*8
+ add x27,x27,x17
+ ror x16,x23,#14
+ add x26,x26,x28
+ eor x15,x23,x23,ror#23
+ and x17,x24,x23
+ bic x28,x25,x23
+ add x26,x26,x12
+ orr x17,x17,x28
+ eor x28,x27,x20
+ eor x16,x16,x15,ror#18
+ ror x15,x27,#28
+ add x26,x26,x17
+ eor x17,x27,x27,ror#5
+ add x26,x26,x16
+ and x19,x19,x28
+ add x22,x22,x26
+ eor x19,x19,x20
+ eor x17,x15,x17,ror#34
+ add x26,x26,x19
+ ldr x19,[x30],#8
+
+
+ rev x13,x13
+
+ add x26,x26,x17
+ ror x16,x22,#14
+ add x25,x25,x19
+ eor x0,x22,x22,ror#23
+ and x17,x23,x22
+ bic x19,x24,x22
+ add x25,x25,x13
+ orr x17,x17,x19
+ eor x19,x26,x27
+ eor x16,x16,x0,ror#18
+ ror x0,x26,#28
+ add x25,x25,x17
+ eor x17,x26,x26,ror#5
+ add x25,x25,x16
+ and x28,x28,x19
+ add x21,x21,x25
+ eor x28,x28,x27
+ eor x17,x0,x17,ror#34
+ add x25,x25,x28
+ ldr x28,[x30],#8
+
+
+ rev x14,x14
+
+ ldp x15,x0,[x1],#2*8
+ add x25,x25,x17
+ str x6,[sp,#24]
+ ror x16,x21,#14
+ add x24,x24,x28
+ eor x6,x21,x21,ror#23
+ and x17,x22,x21
+ bic x28,x23,x21
+ add x24,x24,x14
+ orr x17,x17,x28
+ eor x28,x25,x26
+ eor x16,x16,x6,ror#18
+ ror x6,x25,#28
+ add x24,x24,x17
+ eor x17,x25,x25,ror#5
+ add x24,x24,x16
+ and x19,x19,x28
+ add x20,x20,x24
+ eor x19,x19,x26
+ eor x17,x6,x17,ror#34
+ add x24,x24,x19
+ ldr x19,[x30],#8
+
+
+ rev x15,x15
+
+ add x24,x24,x17
+ str x7,[sp,#0]
+ ror x16,x20,#14
+ add x23,x23,x19
+ eor x7,x20,x20,ror#23
+ and x17,x21,x20
+ bic x19,x22,x20
+ add x23,x23,x15
+ orr x17,x17,x19
+ eor x19,x24,x25
+ eor x16,x16,x7,ror#18
+ ror x7,x24,#28
+ add x23,x23,x17
+ eor x17,x24,x24,ror#5
+ add x23,x23,x16
+ and x28,x28,x19
+ add x27,x27,x23
+ eor x28,x28,x25
+ eor x17,x7,x17,ror#34
+ add x23,x23,x28
+ ldr x28,[x30],#8
+
+
+ rev x0,x0
+
+ ldp x1,x2,[x1]
+ add x23,x23,x17
+ str x8,[sp,#8]
+ ror x16,x27,#14
+ add x22,x22,x28
+ eor x8,x27,x27,ror#23
+ and x17,x20,x27
+ bic x28,x21,x27
+ add x22,x22,x0
+ orr x17,x17,x28
+ eor x28,x23,x24
+ eor x16,x16,x8,ror#18
+ ror x8,x23,#28
+ add x22,x22,x17
+ eor x17,x23,x23,ror#5
+ add x22,x22,x16
+ and x19,x19,x28
+ add x26,x26,x22
+ eor x19,x19,x24
+ eor x17,x8,x17,ror#34
+ add x22,x22,x19
+ ldr x19,[x30],#8
+
+
+ rev x1,x1
+
+ ldr x6,[sp,#24]
+ add x22,x22,x17
+ str x9,[sp,#16]
+ ror x16,x26,#14
+ add x21,x21,x19
+ eor x9,x26,x26,ror#23
+ and x17,x27,x26
+ bic x19,x20,x26
+ add x21,x21,x1
+ orr x17,x17,x19
+ eor x19,x22,x23
+ eor x16,x16,x9,ror#18
+ ror x9,x22,#28
+ add x21,x21,x17
+ eor x17,x22,x22,ror#5
+ add x21,x21,x16
+ and x28,x28,x19
+ add x25,x25,x21
+ eor x28,x28,x23
+ eor x17,x9,x17,ror#34
+ add x21,x21,x28
+ ldr x28,[x30],#8
+
+
+ rev x2,x2
+
+ ldr x7,[sp,#0]
+ add x21,x21,x17
+ str x10,[sp,#24]
+ ror x16,x25,#14
+ add x20,x20,x28
+ ror x9,x4,#1
+ and x17,x26,x25
+ ror x8,x1,#19
+ bic x28,x27,x25
+ ror x10,x21,#28
+ add x20,x20,x2
+ eor x16,x16,x25,ror#18
+ eor x9,x9,x4,ror#8
+ orr x17,x17,x28
+ eor x28,x21,x22
+ eor x16,x16,x25,ror#41
+ eor x10,x10,x21,ror#34
+ add x20,x20,x17
+ and x19,x19,x28
+ eor x8,x8,x1,ror#61
+ eor x9,x9,x4,lsr#7
+ add x20,x20,x16
+ eor x19,x19,x22
+ eor x17,x10,x21,ror#39
+ eor x8,x8,x1,lsr#6
+ add x3,x3,x12
+ add x24,x24,x20
+ add x20,x20,x19
+ ldr x19,[x30],#8
+ add x3,x3,x9
+ add x20,x20,x17
+ add x3,x3,x8
+Loop_16_xx:
+ ldr x8,[sp,#8]
+ str x11,[sp,#0]
+ ror x16,x24,#14
+ add x27,x27,x19
+ ror x10,x5,#1
+ and x17,x25,x24
+ ror x9,x2,#19
+ bic x19,x26,x24
+ ror x11,x20,#28
+ add x27,x27,x3
+ eor x16,x16,x24,ror#18
+ eor x10,x10,x5,ror#8
+ orr x17,x17,x19
+ eor x19,x20,x21
+ eor x16,x16,x24,ror#41
+ eor x11,x11,x20,ror#34
+ add x27,x27,x17
+ and x28,x28,x19
+ eor x9,x9,x2,ror#61
+ eor x10,x10,x5,lsr#7
+ add x27,x27,x16
+ eor x28,x28,x21
+ eor x17,x11,x20,ror#39
+ eor x9,x9,x2,lsr#6
+ add x4,x4,x13
+ add x23,x23,x27
+ add x27,x27,x28
+ ldr x28,[x30],#8
+ add x4,x4,x10
+ add x27,x27,x17
+ add x4,x4,x9
+ ldr x9,[sp,#16]
+ str x12,[sp,#8]
+ ror x16,x23,#14
+ add x26,x26,x28
+ ror x11,x6,#1
+ and x17,x24,x23
+ ror x10,x3,#19
+ bic x28,x25,x23
+ ror x12,x27,#28
+ add x26,x26,x4
+ eor x16,x16,x23,ror#18
+ eor x11,x11,x6,ror#8
+ orr x17,x17,x28
+ eor x28,x27,x20
+ eor x16,x16,x23,ror#41
+ eor x12,x12,x27,ror#34
+ add x26,x26,x17
+ and x19,x19,x28
+ eor x10,x10,x3,ror#61
+ eor x11,x11,x6,lsr#7
+ add x26,x26,x16
+ eor x19,x19,x20
+ eor x17,x12,x27,ror#39
+ eor x10,x10,x3,lsr#6
+ add x5,x5,x14
+ add x22,x22,x26
+ add x26,x26,x19
+ ldr x19,[x30],#8
+ add x5,x5,x11
+ add x26,x26,x17
+ add x5,x5,x10
+ ldr x10,[sp,#24]
+ str x13,[sp,#16]
+ ror x16,x22,#14
+ add x25,x25,x19
+ ror x12,x7,#1
+ and x17,x23,x22
+ ror x11,x4,#19
+ bic x19,x24,x22
+ ror x13,x26,#28
+ add x25,x25,x5
+ eor x16,x16,x22,ror#18
+ eor x12,x12,x7,ror#8
+ orr x17,x17,x19
+ eor x19,x26,x27
+ eor x16,x16,x22,ror#41
+ eor x13,x13,x26,ror#34
+ add x25,x25,x17
+ and x28,x28,x19
+ eor x11,x11,x4,ror#61
+ eor x12,x12,x7,lsr#7
+ add x25,x25,x16
+ eor x28,x28,x27
+ eor x17,x13,x26,ror#39
+ eor x11,x11,x4,lsr#6
+ add x6,x6,x15
+ add x21,x21,x25
+ add x25,x25,x28
+ ldr x28,[x30],#8
+ add x6,x6,x12
+ add x25,x25,x17
+ add x6,x6,x11
+ ldr x11,[sp,#0]
+ str x14,[sp,#24]
+ ror x16,x21,#14
+ add x24,x24,x28
+ ror x13,x8,#1
+ and x17,x22,x21
+ ror x12,x5,#19
+ bic x28,x23,x21
+ ror x14,x25,#28
+ add x24,x24,x6
+ eor x16,x16,x21,ror#18
+ eor x13,x13,x8,ror#8
+ orr x17,x17,x28
+ eor x28,x25,x26
+ eor x16,x16,x21,ror#41
+ eor x14,x14,x25,ror#34
+ add x24,x24,x17
+ and x19,x19,x28
+ eor x12,x12,x5,ror#61
+ eor x13,x13,x8,lsr#7
+ add x24,x24,x16
+ eor x19,x19,x26
+ eor x17,x14,x25,ror#39
+ eor x12,x12,x5,lsr#6
+ add x7,x7,x0
+ add x20,x20,x24
+ add x24,x24,x19
+ ldr x19,[x30],#8
+ add x7,x7,x13
+ add x24,x24,x17
+ add x7,x7,x12
+ ldr x12,[sp,#8]
+ str x15,[sp,#0]
+ ror x16,x20,#14
+ add x23,x23,x19
+ ror x14,x9,#1
+ and x17,x21,x20
+ ror x13,x6,#19
+ bic x19,x22,x20
+ ror x15,x24,#28
+ add x23,x23,x7
+ eor x16,x16,x20,ror#18
+ eor x14,x14,x9,ror#8
+ orr x17,x17,x19
+ eor x19,x24,x25
+ eor x16,x16,x20,ror#41
+ eor x15,x15,x24,ror#34
+ add x23,x23,x17
+ and x28,x28,x19
+ eor x13,x13,x6,ror#61
+ eor x14,x14,x9,lsr#7
+ add x23,x23,x16
+ eor x28,x28,x25
+ eor x17,x15,x24,ror#39
+ eor x13,x13,x6,lsr#6
+ add x8,x8,x1
+ add x27,x27,x23
+ add x23,x23,x28
+ ldr x28,[x30],#8
+ add x8,x8,x14
+ add x23,x23,x17
+ add x8,x8,x13
+ ldr x13,[sp,#16]
+ str x0,[sp,#8]
+ ror x16,x27,#14
+ add x22,x22,x28
+ ror x15,x10,#1
+ and x17,x20,x27
+ ror x14,x7,#19
+ bic x28,x21,x27
+ ror x0,x23,#28
+ add x22,x22,x8
+ eor x16,x16,x27,ror#18
+ eor x15,x15,x10,ror#8
+ orr x17,x17,x28
+ eor x28,x23,x24
+ eor x16,x16,x27,ror#41
+ eor x0,x0,x23,ror#34
+ add x22,x22,x17
+ and x19,x19,x28
+ eor x14,x14,x7,ror#61
+ eor x15,x15,x10,lsr#7
+ add x22,x22,x16
+ eor x19,x19,x24
+ eor x17,x0,x23,ror#39
+ eor x14,x14,x7,lsr#6
+ add x9,x9,x2
+ add x26,x26,x22
+ add x22,x22,x19
+ ldr x19,[x30],#8
+ add x9,x9,x15
+ add x22,x22,x17
+ add x9,x9,x14
+ ldr x14,[sp,#24]
+ str x1,[sp,#16]
+ ror x16,x26,#14
+ add x21,x21,x19
+ ror x0,x11,#1
+ and x17,x27,x26
+ ror x15,x8,#19
+ bic x19,x20,x26
+ ror x1,x22,#28
+ add x21,x21,x9
+ eor x16,x16,x26,ror#18
+ eor x0,x0,x11,ror#8
+ orr x17,x17,x19
+ eor x19,x22,x23
+ eor x16,x16,x26,ror#41
+ eor x1,x1,x22,ror#34
+ add x21,x21,x17
+ and x28,x28,x19
+ eor x15,x15,x8,ror#61
+ eor x0,x0,x11,lsr#7
+ add x21,x21,x16
+ eor x28,x28,x23
+ eor x17,x1,x22,ror#39
+ eor x15,x15,x8,lsr#6
+ add x10,x10,x3
+ add x25,x25,x21
+ add x21,x21,x28
+ ldr x28,[x30],#8
+ add x10,x10,x0
+ add x21,x21,x17
+ add x10,x10,x15
+ ldr x15,[sp,#0]
+ str x2,[sp,#24]
+ ror x16,x25,#14
+ add x20,x20,x28
+ ror x1,x12,#1
+ and x17,x26,x25
+ ror x0,x9,#19
+ bic x28,x27,x25
+ ror x2,x21,#28
+ add x20,x20,x10
+ eor x16,x16,x25,ror#18
+ eor x1,x1,x12,ror#8
+ orr x17,x17,x28
+ eor x28,x21,x22
+ eor x16,x16,x25,ror#41
+ eor x2,x2,x21,ror#34
+ add x20,x20,x17
+ and x19,x19,x28
+ eor x0,x0,x9,ror#61
+ eor x1,x1,x12,lsr#7
+ add x20,x20,x16
+ eor x19,x19,x22
+ eor x17,x2,x21,ror#39
+ eor x0,x0,x9,lsr#6
+ add x11,x11,x4
+ add x24,x24,x20
+ add x20,x20,x19
+ ldr x19,[x30],#8
+ add x11,x11,x1
+ add x20,x20,x17
+ add x11,x11,x0
+ ldr x0,[sp,#8]
+ str x3,[sp,#0]
+ ror x16,x24,#14
+ add x27,x27,x19
+ ror x2,x13,#1
+ and x17,x25,x24
+ ror x1,x10,#19
+ bic x19,x26,x24
+ ror x3,x20,#28
+ add x27,x27,x11
+ eor x16,x16,x24,ror#18
+ eor x2,x2,x13,ror#8
+ orr x17,x17,x19
+ eor x19,x20,x21
+ eor x16,x16,x24,ror#41
+ eor x3,x3,x20,ror#34
+ add x27,x27,x17
+ and x28,x28,x19
+ eor x1,x1,x10,ror#61
+ eor x2,x2,x13,lsr#7
+ add x27,x27,x16
+ eor x28,x28,x21
+ eor x17,x3,x20,ror#39
+ eor x1,x1,x10,lsr#6
+ add x12,x12,x5
+ add x23,x23,x27
+ add x27,x27,x28
+ ldr x28,[x30],#8
+ add x12,x12,x2
+ add x27,x27,x17
+ add x12,x12,x1
+ ldr x1,[sp,#16]
+ str x4,[sp,#8]
+ ror x16,x23,#14
+ add x26,x26,x28
+ ror x3,x14,#1
+ and x17,x24,x23
+ ror x2,x11,#19
+ bic x28,x25,x23
+ ror x4,x27,#28
+ add x26,x26,x12
+ eor x16,x16,x23,ror#18
+ eor x3,x3,x14,ror#8
+ orr x17,x17,x28
+ eor x28,x27,x20
+ eor x16,x16,x23,ror#41
+ eor x4,x4,x27,ror#34
+ add x26,x26,x17
+ and x19,x19,x28
+ eor x2,x2,x11,ror#61
+ eor x3,x3,x14,lsr#7
+ add x26,x26,x16
+ eor x19,x19,x20
+ eor x17,x4,x27,ror#39
+ eor x2,x2,x11,lsr#6
+ add x13,x13,x6
+ add x22,x22,x26
+ add x26,x26,x19
+ ldr x19,[x30],#8
+ add x13,x13,x3
+ add x26,x26,x17
+ add x13,x13,x2
+ ldr x2,[sp,#24]
+ str x5,[sp,#16]
+ ror x16,x22,#14
+ add x25,x25,x19
+ ror x4,x15,#1
+ and x17,x23,x22
+ ror x3,x12,#19
+ bic x19,x24,x22
+ ror x5,x26,#28
+ add x25,x25,x13
+ eor x16,x16,x22,ror#18
+ eor x4,x4,x15,ror#8
+ orr x17,x17,x19
+ eor x19,x26,x27
+ eor x16,x16,x22,ror#41
+ eor x5,x5,x26,ror#34
+ add x25,x25,x17
+ and x28,x28,x19
+ eor x3,x3,x12,ror#61
+ eor x4,x4,x15,lsr#7
+ add x25,x25,x16
+ eor x28,x28,x27
+ eor x17,x5,x26,ror#39
+ eor x3,x3,x12,lsr#6
+ add x14,x14,x7
+ add x21,x21,x25
+ add x25,x25,x28
+ ldr x28,[x30],#8
+ add x14,x14,x4
+ add x25,x25,x17
+ add x14,x14,x3
+ ldr x3,[sp,#0]
+ str x6,[sp,#24]
+ ror x16,x21,#14
+ add x24,x24,x28
+ ror x5,x0,#1
+ and x17,x22,x21
+ ror x4,x13,#19
+ bic x28,x23,x21
+ ror x6,x25,#28
+ add x24,x24,x14
+ eor x16,x16,x21,ror#18
+ eor x5,x5,x0,ror#8
+ orr x17,x17,x28
+ eor x28,x25,x26
+ eor x16,x16,x21,ror#41
+ eor x6,x6,x25,ror#34
+ add x24,x24,x17
+ and x19,x19,x28
+ eor x4,x4,x13,ror#61
+ eor x5,x5,x0,lsr#7
+ add x24,x24,x16
+ eor x19,x19,x26
+ eor x17,x6,x25,ror#39
+ eor x4,x4,x13,lsr#6
+ add x15,x15,x8
+ add x20,x20,x24
+ add x24,x24,x19
+ ldr x19,[x30],#8
+ add x15,x15,x5
+ add x24,x24,x17
+ add x15,x15,x4
+ ldr x4,[sp,#8]
+ str x7,[sp,#0]
+ ror x16,x20,#14
+ add x23,x23,x19
+ ror x6,x1,#1
+ and x17,x21,x20
+ ror x5,x14,#19
+ bic x19,x22,x20
+ ror x7,x24,#28
+ add x23,x23,x15
+ eor x16,x16,x20,ror#18
+ eor x6,x6,x1,ror#8
+ orr x17,x17,x19
+ eor x19,x24,x25
+ eor x16,x16,x20,ror#41
+ eor x7,x7,x24,ror#34
+ add x23,x23,x17
+ and x28,x28,x19
+ eor x5,x5,x14,ror#61
+ eor x6,x6,x1,lsr#7
+ add x23,x23,x16
+ eor x28,x28,x25
+ eor x17,x7,x24,ror#39
+ eor x5,x5,x14,lsr#6
+ add x0,x0,x9
+ add x27,x27,x23
+ add x23,x23,x28
+ ldr x28,[x30],#8
+ add x0,x0,x6
+ add x23,x23,x17
+ add x0,x0,x5
+ ldr x5,[sp,#16]
+ str x8,[sp,#8]
+ ror x16,x27,#14
+ add x22,x22,x28
+ ror x7,x2,#1
+ and x17,x20,x27
+ ror x6,x15,#19
+ bic x28,x21,x27
+ ror x8,x23,#28
+ add x22,x22,x0
+ eor x16,x16,x27,ror#18
+ eor x7,x7,x2,ror#8
+ orr x17,x17,x28
+ eor x28,x23,x24
+ eor x16,x16,x27,ror#41
+ eor x8,x8,x23,ror#34
+ add x22,x22,x17
+ and x19,x19,x28
+ eor x6,x6,x15,ror#61
+ eor x7,x7,x2,lsr#7
+ add x22,x22,x16
+ eor x19,x19,x24
+ eor x17,x8,x23,ror#39
+ eor x6,x6,x15,lsr#6
+ add x1,x1,x10
+ add x26,x26,x22
+ add x22,x22,x19
+ ldr x19,[x30],#8
+ add x1,x1,x7
+ add x22,x22,x17
+ add x1,x1,x6
+ ldr x6,[sp,#24]
+ str x9,[sp,#16]
+ ror x16,x26,#14
+ add x21,x21,x19
+ ror x8,x3,#1
+ and x17,x27,x26
+ ror x7,x0,#19
+ bic x19,x20,x26
+ ror x9,x22,#28
+ add x21,x21,x1
+ eor x16,x16,x26,ror#18
+ eor x8,x8,x3,ror#8
+ orr x17,x17,x19
+ eor x19,x22,x23
+ eor x16,x16,x26,ror#41
+ eor x9,x9,x22,ror#34
+ add x21,x21,x17
+ and x28,x28,x19
+ eor x7,x7,x0,ror#61
+ eor x8,x8,x3,lsr#7
+ add x21,x21,x16
+ eor x28,x28,x23
+ eor x17,x9,x22,ror#39
+ eor x7,x7,x0,lsr#6
+ add x2,x2,x11
+ add x25,x25,x21
+ add x21,x21,x28
+ ldr x28,[x30],#8
+ add x2,x2,x8
+ add x21,x21,x17
+ add x2,x2,x7
+ ldr x7,[sp,#0]
+ str x10,[sp,#24]
+ ror x16,x25,#14
+ add x20,x20,x28
+ ror x9,x4,#1
+ and x17,x26,x25
+ ror x8,x1,#19
+ bic x28,x27,x25
+ ror x10,x21,#28
+ add x20,x20,x2
+ eor x16,x16,x25,ror#18
+ eor x9,x9,x4,ror#8
+ orr x17,x17,x28
+ eor x28,x21,x22
+ eor x16,x16,x25,ror#41
+ eor x10,x10,x21,ror#34
+ add x20,x20,x17
+ and x19,x19,x28
+ eor x8,x8,x1,ror#61
+ eor x9,x9,x4,lsr#7
+ add x20,x20,x16
+ eor x19,x19,x22
+ eor x17,x10,x21,ror#39
+ eor x8,x8,x1,lsr#6
+ add x3,x3,x12
+ add x24,x24,x20
+ add x20,x20,x19
+ ldr x19,[x30],#8
+ add x3,x3,x9
+ add x20,x20,x17
+ add x3,x3,x8
+ cbnz x19,Loop_16_xx
+
+ ldp x0,x2,[x29,#96]
+ ldr x1,[x29,#112]
+ sub x30,x30,#648
+
+ ldp x3,x4,[x0]
+ ldp x5,x6,[x0,#2*8]
+ add x1,x1,#14*8
+ ldp x7,x8,[x0,#4*8]
+ add x20,x20,x3
+ ldp x9,x10,[x0,#6*8]
+ add x21,x21,x4
+ add x22,x22,x5
+ add x23,x23,x6
+ stp x20,x21,[x0]
+ add x24,x24,x7
+ add x25,x25,x8
+ stp x22,x23,[x0,#2*8]
+ add x26,x26,x9
+ add x27,x27,x10
+ cmp x1,x2
+ stp x24,x25,[x0,#4*8]
+ stp x26,x27,[x0,#6*8]
+ b.ne Loop
+
+ ldp x19,x20,[x29,#16]
+ add sp,sp,#4*8
+ ldp x21,x22,[x29,#32]
+ ldp x23,x24,[x29,#48]
+ ldp x25,x26,[x29,#64]
+ ldp x27,x28,[x29,#80]
+ ldp x29,x30,[sp],#128
+.long 0xd50323bf
+ ret
+
+
+.align 6
+
+LK512:
+.quad 0x428a2f98d728ae22,0x7137449123ef65cd
+.quad 0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+.quad 0x3956c25bf348b538,0x59f111f1b605d019
+.quad 0x923f82a4af194f9b,0xab1c5ed5da6d8118
+.quad 0xd807aa98a3030242,0x12835b0145706fbe
+.quad 0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+.quad 0x72be5d74f27b896f,0x80deb1fe3b1696b1
+.quad 0x9bdc06a725c71235,0xc19bf174cf692694
+.quad 0xe49b69c19ef14ad2,0xefbe4786384f25e3
+.quad 0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+.quad 0x2de92c6f592b0275,0x4a7484aa6ea6e483
+.quad 0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+.quad 0x983e5152ee66dfab,0xa831c66d2db43210
+.quad 0xb00327c898fb213f,0xbf597fc7beef0ee4
+.quad 0xc6e00bf33da88fc2,0xd5a79147930aa725
+.quad 0x06ca6351e003826f,0x142929670a0e6e70
+.quad 0x27b70a8546d22ffc,0x2e1b21385c26c926
+.quad 0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+.quad 0x650a73548baf63de,0x766a0abb3c77b2a8
+.quad 0x81c2c92e47edaee6,0x92722c851482353b
+.quad 0xa2bfe8a14cf10364,0xa81a664bbc423001
+.quad 0xc24b8b70d0f89791,0xc76c51a30654be30
+.quad 0xd192e819d6ef5218,0xd69906245565a910
+.quad 0xf40e35855771202a,0x106aa07032bbd1b8
+.quad 0x19a4c116b8d2d0c8,0x1e376c085141ab53
+.quad 0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+.quad 0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+.quad 0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+.quad 0x748f82ee5defb2fc,0x78a5636f43172f60
+.quad 0x84c87814a1f0ab72,0x8cc702081a6439ec
+.quad 0x90befffa23631e28,0xa4506cebde82bde9
+.quad 0xbef9a3f7b2c67915,0xc67178f2e372532b
+.quad 0xca273eceea26619c,0xd186b8c721c0c207
+.quad 0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+.quad 0x06f067aa72176fba,0x0a637dc5a2c898a6
+.quad 0x113f9804bef90dae,0x1b710b35131c471b
+.quad 0x28db77f523047d84,0x32caab7b40c72493
+.quad 0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+.quad 0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+.quad 0x5fcb6fab3ad6faec,0x6c44198c4a475817
+.quad 0
+
+
+.align 3
+L_gnutls_arm_cpuid_s:
+
+
+
+.quad __gnutls_arm_cpuid_s-.
+
+
+.byte 83,72,65,53,49,50,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,65,82,77,118,56,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.align 2
+.align 2
+
+
+.align 6
+sha512_block_armv8:
+Lv8_entry:
+ stp x29,x30,[sp,#-16]!
+ add x29,sp,#0
+
+ ld1 {v16.16b,v17.16b,v18.16b,v19.16b},[x1],#64
+ ld1 {v20.16b,v21.16b,v22.16b,v23.16b},[x1],#64
+
+ ld1 {v0.2d,v1.2d,v2.2d,v3.2d},[x0]
+ adr x3,LK512
+
+ rev64 v16.16b,v16.16b
+ rev64 v17.16b,v17.16b
+ rev64 v18.16b,v18.16b
+ rev64 v19.16b,v19.16b
+ rev64 v20.16b,v20.16b
+ rev64 v21.16b,v21.16b
+ rev64 v22.16b,v22.16b
+ rev64 v23.16b,v23.16b
+ b Loop_hw
+
+.align 4
+Loop_hw:
+ ld1 {v24.2d},[x3],#16
+ subs x2,x2,#1
+ sub x4,x1,#128
+ orr v26.16b,v0.16b,v0.16b
+ orr v27.16b,v1.16b,v1.16b
+ orr v28.16b,v2.16b,v2.16b
+ orr v29.16b,v3.16b,v3.16b
+ csel x1,x1,x4,ne
+ add v24.2d,v24.2d,v16.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v24.2d
+.long 0xcec08230
+ ext v7.16b,v20.16b,v21.16b,#8
+.long 0xce6680a3
+.long 0xce678af0
+ add v4.2d,v1.2d,v3.2d
+.long 0xce608423
+ add v25.2d,v25.2d,v17.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v25.2d
+.long 0xcec08251
+ ext v7.16b,v21.16b,v22.16b,#8
+.long 0xce6680a2
+.long 0xce678a11
+ add v1.2d,v0.2d,v2.2d
+.long 0xce638402
+ add v24.2d,v24.2d,v18.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v24.2d
+.long 0xcec08272
+ ext v7.16b,v22.16b,v23.16b,#8
+.long 0xce6680a4
+.long 0xce678a32
+ add v0.2d,v3.2d,v4.2d
+.long 0xce628464
+ add v25.2d,v25.2d,v19.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v25.2d
+.long 0xcec08293
+ ext v7.16b,v23.16b,v16.16b,#8
+.long 0xce6680a1
+.long 0xce678a53
+ add v3.2d,v2.2d,v1.2d
+.long 0xce648441
+ add v24.2d,v24.2d,v20.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v24.2d
+.long 0xcec082b4
+ ext v7.16b,v16.16b,v17.16b,#8
+.long 0xce6680a0
+.long 0xce678a74
+ add v2.2d,v4.2d,v0.2d
+.long 0xce618480
+ add v25.2d,v25.2d,v21.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v25.2d
+.long 0xcec082d5
+ ext v7.16b,v17.16b,v18.16b,#8
+.long 0xce6680a3
+.long 0xce678a95
+ add v4.2d,v1.2d,v3.2d
+.long 0xce608423
+ add v24.2d,v24.2d,v22.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v24.2d
+.long 0xcec082f6
+ ext v7.16b,v18.16b,v19.16b,#8
+.long 0xce6680a2
+.long 0xce678ab6
+ add v1.2d,v0.2d,v2.2d
+.long 0xce638402
+ add v25.2d,v25.2d,v23.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v25.2d
+.long 0xcec08217
+ ext v7.16b,v19.16b,v20.16b,#8
+.long 0xce6680a4
+.long 0xce678ad7
+ add v0.2d,v3.2d,v4.2d
+.long 0xce628464
+ add v24.2d,v24.2d,v16.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v24.2d
+.long 0xcec08230
+ ext v7.16b,v20.16b,v21.16b,#8
+.long 0xce6680a1
+.long 0xce678af0
+ add v3.2d,v2.2d,v1.2d
+.long 0xce648441
+ add v25.2d,v25.2d,v17.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v25.2d
+.long 0xcec08251
+ ext v7.16b,v21.16b,v22.16b,#8
+.long 0xce6680a0
+.long 0xce678a11
+ add v2.2d,v4.2d,v0.2d
+.long 0xce618480
+ add v24.2d,v24.2d,v18.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v24.2d
+.long 0xcec08272
+ ext v7.16b,v22.16b,v23.16b,#8
+.long 0xce6680a3
+.long 0xce678a32
+ add v4.2d,v1.2d,v3.2d
+.long 0xce608423
+ add v25.2d,v25.2d,v19.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v25.2d
+.long 0xcec08293
+ ext v7.16b,v23.16b,v16.16b,#8
+.long 0xce6680a2
+.long 0xce678a53
+ add v1.2d,v0.2d,v2.2d
+.long 0xce638402
+ add v24.2d,v24.2d,v20.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v24.2d
+.long 0xcec082b4
+ ext v7.16b,v16.16b,v17.16b,#8
+.long 0xce6680a4
+.long 0xce678a74
+ add v0.2d,v3.2d,v4.2d
+.long 0xce628464
+ add v25.2d,v25.2d,v21.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v25.2d
+.long 0xcec082d5
+ ext v7.16b,v17.16b,v18.16b,#8
+.long 0xce6680a1
+.long 0xce678a95
+ add v3.2d,v2.2d,v1.2d
+.long 0xce648441
+ add v24.2d,v24.2d,v22.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v24.2d
+.long 0xcec082f6
+ ext v7.16b,v18.16b,v19.16b,#8
+.long 0xce6680a0
+.long 0xce678ab6
+ add v2.2d,v4.2d,v0.2d
+.long 0xce618480
+ add v25.2d,v25.2d,v23.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v25.2d
+.long 0xcec08217
+ ext v7.16b,v19.16b,v20.16b,#8
+.long 0xce6680a3
+.long 0xce678ad7
+ add v4.2d,v1.2d,v3.2d
+.long 0xce608423
+ add v24.2d,v24.2d,v16.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v24.2d
+.long 0xcec08230
+ ext v7.16b,v20.16b,v21.16b,#8
+.long 0xce6680a2
+.long 0xce678af0
+ add v1.2d,v0.2d,v2.2d
+.long 0xce638402
+ add v25.2d,v25.2d,v17.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v25.2d
+.long 0xcec08251
+ ext v7.16b,v21.16b,v22.16b,#8
+.long 0xce6680a4
+.long 0xce678a11
+ add v0.2d,v3.2d,v4.2d
+.long 0xce628464
+ add v24.2d,v24.2d,v18.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v24.2d
+.long 0xcec08272
+ ext v7.16b,v22.16b,v23.16b,#8
+.long 0xce6680a1
+.long 0xce678a32
+ add v3.2d,v2.2d,v1.2d
+.long 0xce648441
+ add v25.2d,v25.2d,v19.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v25.2d
+.long 0xcec08293
+ ext v7.16b,v23.16b,v16.16b,#8
+.long 0xce6680a0
+.long 0xce678a53
+ add v2.2d,v4.2d,v0.2d
+.long 0xce618480
+ add v24.2d,v24.2d,v20.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v24.2d
+.long 0xcec082b4
+ ext v7.16b,v16.16b,v17.16b,#8
+.long 0xce6680a3
+.long 0xce678a74
+ add v4.2d,v1.2d,v3.2d
+.long 0xce608423
+ add v25.2d,v25.2d,v21.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v25.2d
+.long 0xcec082d5
+ ext v7.16b,v17.16b,v18.16b,#8
+.long 0xce6680a2
+.long 0xce678a95
+ add v1.2d,v0.2d,v2.2d
+.long 0xce638402
+ add v24.2d,v24.2d,v22.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v24.2d
+.long 0xcec082f6
+ ext v7.16b,v18.16b,v19.16b,#8
+.long 0xce6680a4
+.long 0xce678ab6
+ add v0.2d,v3.2d,v4.2d
+.long 0xce628464
+ add v25.2d,v25.2d,v23.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v25.2d
+.long 0xcec08217
+ ext v7.16b,v19.16b,v20.16b,#8
+.long 0xce6680a1
+.long 0xce678ad7
+ add v3.2d,v2.2d,v1.2d
+.long 0xce648441
+ add v24.2d,v24.2d,v16.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v24.2d
+.long 0xcec08230
+ ext v7.16b,v20.16b,v21.16b,#8
+.long 0xce6680a0
+.long 0xce678af0
+ add v2.2d,v4.2d,v0.2d
+.long 0xce618480
+ add v25.2d,v25.2d,v17.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v25.2d
+.long 0xcec08251
+ ext v7.16b,v21.16b,v22.16b,#8
+.long 0xce6680a3
+.long 0xce678a11
+ add v4.2d,v1.2d,v3.2d
+.long 0xce608423
+ add v24.2d,v24.2d,v18.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v24.2d
+.long 0xcec08272
+ ext v7.16b,v22.16b,v23.16b,#8
+.long 0xce6680a2
+.long 0xce678a32
+ add v1.2d,v0.2d,v2.2d
+.long 0xce638402
+ add v25.2d,v25.2d,v19.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v25.2d
+.long 0xcec08293
+ ext v7.16b,v23.16b,v16.16b,#8
+.long 0xce6680a4
+.long 0xce678a53
+ add v0.2d,v3.2d,v4.2d
+.long 0xce628464
+ add v24.2d,v24.2d,v20.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v24.2d
+.long 0xcec082b4
+ ext v7.16b,v16.16b,v17.16b,#8
+.long 0xce6680a1
+.long 0xce678a74
+ add v3.2d,v2.2d,v1.2d
+.long 0xce648441
+ add v25.2d,v25.2d,v21.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v25.2d
+.long 0xcec082d5
+ ext v7.16b,v17.16b,v18.16b,#8
+.long 0xce6680a0
+.long 0xce678a95
+ add v2.2d,v4.2d,v0.2d
+.long 0xce618480
+ add v24.2d,v24.2d,v22.2d
+ ld1 {v25.2d},[x3],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v24.2d
+.long 0xcec082f6
+ ext v7.16b,v18.16b,v19.16b,#8
+.long 0xce6680a3
+.long 0xce678ab6
+ add v4.2d,v1.2d,v3.2d
+.long 0xce608423
+ add v25.2d,v25.2d,v23.2d
+ ld1 {v24.2d},[x3],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v25.2d
+.long 0xcec08217
+ ext v7.16b,v19.16b,v20.16b,#8
+.long 0xce6680a2
+.long 0xce678ad7
+ add v1.2d,v0.2d,v2.2d
+.long 0xce638402
+ ld1 {v25.2d},[x3],#16
+ add v24.2d,v24.2d,v16.2d
+ ld1 {v16.16b},[x1],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v24.2d
+.long 0xce6680a4
+ rev64 v16.16b,v16.16b
+ add v0.2d,v3.2d,v4.2d
+.long 0xce628464
+ ld1 {v24.2d},[x3],#16
+ add v25.2d,v25.2d,v17.2d
+ ld1 {v17.16b},[x1],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v25.2d
+.long 0xce6680a1
+ rev64 v17.16b,v17.16b
+ add v3.2d,v2.2d,v1.2d
+.long 0xce648441
+ ld1 {v25.2d},[x3],#16
+ add v24.2d,v24.2d,v18.2d
+ ld1 {v18.16b},[x1],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v24.2d
+.long 0xce6680a0
+ rev64 v18.16b,v18.16b
+ add v2.2d,v4.2d,v0.2d
+.long 0xce618480
+ ld1 {v24.2d},[x3],#16
+ add v25.2d,v25.2d,v19.2d
+ ld1 {v19.16b},[x1],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v2.16b,v3.16b,#8
+ ext v6.16b,v1.16b,v2.16b,#8
+ add v3.2d,v3.2d,v25.2d
+.long 0xce6680a3
+ rev64 v19.16b,v19.16b
+ add v4.2d,v1.2d,v3.2d
+.long 0xce608423
+ ld1 {v25.2d},[x3],#16
+ add v24.2d,v24.2d,v20.2d
+ ld1 {v20.16b},[x1],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v4.16b,v2.16b,#8
+ ext v6.16b,v0.16b,v4.16b,#8
+ add v2.2d,v2.2d,v24.2d
+.long 0xce6680a2
+ rev64 v20.16b,v20.16b
+ add v1.2d,v0.2d,v2.2d
+.long 0xce638402
+ ld1 {v24.2d},[x3],#16
+ add v25.2d,v25.2d,v21.2d
+ ld1 {v21.16b},[x1],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v1.16b,v4.16b,#8
+ ext v6.16b,v3.16b,v1.16b,#8
+ add v4.2d,v4.2d,v25.2d
+.long 0xce6680a4
+ rev64 v21.16b,v21.16b
+ add v0.2d,v3.2d,v4.2d
+.long 0xce628464
+ ld1 {v25.2d},[x3],#16
+ add v24.2d,v24.2d,v22.2d
+ ld1 {v22.16b},[x1],#16
+ ext v24.16b,v24.16b,v24.16b,#8
+ ext v5.16b,v0.16b,v1.16b,#8
+ ext v6.16b,v2.16b,v0.16b,#8
+ add v1.2d,v1.2d,v24.2d
+.long 0xce6680a1
+ rev64 v22.16b,v22.16b
+ add v3.2d,v2.2d,v1.2d
+.long 0xce648441
+ sub x3,x3,#80*8
+ add v25.2d,v25.2d,v23.2d
+ ld1 {v23.16b},[x1],#16
+ ext v25.16b,v25.16b,v25.16b,#8
+ ext v5.16b,v3.16b,v0.16b,#8
+ ext v6.16b,v4.16b,v3.16b,#8
+ add v0.2d,v0.2d,v25.2d
+.long 0xce6680a0
+ rev64 v23.16b,v23.16b
+ add v2.2d,v4.2d,v0.2d
+.long 0xce618480
+ add v0.2d,v0.2d,v26.2d
+ add v1.2d,v1.2d,v27.2d
+ add v2.2d,v2.2d,v28.2d
+ add v3.2d,v3.2d,v29.2d
+
+ cbnz x2,Loop_hw
+
+ st1 {v0.2d,v1.2d,v2.2d,v3.2d},[x0]
+
+ ldr x29,[sp],#16
+ ret
diff --git a/lib/accelerated/aarch64/sha-aarch64.c b/lib/accelerated/aarch64/sha-aarch64.c
new file mode 100644
index 0000000..903c510
--- /dev/null
+++ b/lib/accelerated/aarch64/sha-aarch64.c
@@ -0,0 +1,377 @@
+/*
+ * Copyright (C) 2011-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <nettle/sha.h>
+#include <nettle/macros.h>
+#include <nettle/nettle-meta.h>
+#include <sha-aarch64.h>
+#include <aarch64-common.h>
+
+void sha1_block_data_order(void *c, const void *p, size_t len);
+void sha256_block_data_order(void *c, const void *p, size_t len);
+void sha512_block_data_order(void *c, const void *p, size_t len);
+
+typedef void (*update_func) (void *, size_t, const uint8_t *);
+typedef void (*digest_func) (void *, size_t, uint8_t *);
+typedef void (*set_key_func) (void *, size_t, const uint8_t *);
+typedef void (*init_func) (void *);
+
+struct aarch64_hash_ctx {
+	union {
+		struct sha1_ctx sha1;
+		struct sha224_ctx sha224;
+		struct sha256_ctx sha256;
+		struct sha384_ctx sha384;
+		struct sha512_ctx sha512;
+	} ctx;
+	void *ctx_ptr;
+	gnutls_digest_algorithm_t algo;
+	size_t length;
+	update_func update;
+	digest_func digest;
+	init_func init;
+};
+
+static int
+wrap_aarch64_hash_update(void *_ctx, const void *text, size_t textsize)
+{
+	struct aarch64_hash_ctx *ctx = _ctx;
+
+	ctx->update(ctx->ctx_ptr, textsize, text);
+
+	return GNUTLS_E_SUCCESS;
+}
+
+static void wrap_aarch64_hash_deinit(void *hd)
+{
+	gnutls_free(hd);
+}
+
+void aarch64_sha1_update(struct sha1_ctx *ctx, size_t length,
+		     const uint8_t * data)
+{
+	struct {
+		uint32_t h0, h1, h2, h3, h4;
+		uint32_t Nl, Nh;
+		uint32_t data[16];
+		unsigned int num;
+	} octx;
+	size_t res;
+	unsigned t2, i;
+
+	if ((res = ctx->index)) {
+		res = SHA1_DATA_SIZE - res;
+		if (length < res)
+			res = length;
+		sha1_update(ctx, res, data);
+		data += res;
+		length -= res;
+	}
+
+	octx.h0 = ctx->state[0];
+	octx.h1 = ctx->state[1];
+	octx.h2 = ctx->state[2];
+	octx.h3 = ctx->state[3];
+	octx.h4 = ctx->state[4];
+
+	memcpy(octx.data, ctx->block, SHA1_DATA_SIZE);
+	octx.num = ctx->index;
+
+	res = length % SHA1_DATA_SIZE;
+	length -= res;
+
+	if (length > 0) {
+
+		t2 = length / SHA1_DATA_SIZE;
+
+		sha1_block_data_order(&octx, data, t2);
+
+		for (i=0;i<t2;i++)
+			ctx->count++;
+		data += length;
+	}
+
+	ctx->state[0] = octx.h0;
+	ctx->state[1] = octx.h1;
+	ctx->state[2] = octx.h2;
+	ctx->state[3] = octx.h3;
+	ctx->state[4] = octx.h4;
+
+	memcpy(ctx->block, octx.data, octx.num);
+	ctx->index = octx.num;
+
+	if (res > 0) {
+		sha1_update(ctx, res, data);
+	}
+
+}
+
+void aarch64_sha256_update(struct sha256_ctx *ctx, size_t length,
+		     const uint8_t * data)
+{
+	struct {
+		uint32_t h[8];
+		uint32_t Nl, Nh;
+		uint32_t data[16];
+		unsigned int num;
+		unsigned md_len;
+	} octx;
+	size_t res;
+	unsigned t2, i;
+
+	if ((res = ctx->index)) {
+		res = SHA256_DATA_SIZE - res;
+		if (length < res)
+			res = length;
+		sha256_update(ctx, res, data);
+		data += res;
+		length -= res;
+	}
+
+	memcpy(octx.h, ctx->state, sizeof(octx.h));
+	memcpy(octx.data, ctx->block, SHA256_DATA_SIZE);
+	octx.num = ctx->index;
+
+	res = length % SHA256_DATA_SIZE;
+	length -= res;
+
+	if (length > 0) {
+		t2 = length / SHA1_DATA_SIZE;
+		sha256_block_data_order(&octx, data, t2);
+		
+		for (i=0;i<t2;i++)
+			ctx->count++;
+		data += length;
+	}
+
+	memcpy(ctx->state, octx.h, sizeof(octx.h));
+
+	memcpy(ctx->block, octx.data, octx.num);
+	ctx->index = octx.num;
+
+	if (res > 0) {
+		sha256_update(ctx, res, data);
+	}
+}
+
+void aarch64_sha512_update(struct sha512_ctx *ctx, size_t length,
+		     const uint8_t * data)
+{
+	struct {
+		uint64_t h[8];
+		uint64_t Nl, Nh;
+		union {
+			uint64_t d[16];
+			uint8_t p[16*8];
+		} u;
+		unsigned int num;
+		unsigned md_len;
+	} octx;
+	size_t res;
+	unsigned t2, i;
+
+	if ((res = ctx->index)) {
+		res = SHA512_DATA_SIZE - res;
+		if (length < res)
+			res = length;
+		sha512_update(ctx, res, data);
+		data += res;
+		length -= res;
+	}
+
+	memcpy(octx.h, ctx->state, sizeof(octx.h));
+	memcpy(octx.u.p, ctx->block, SHA512_DATA_SIZE);
+	octx.num = ctx->index;
+
+	res = length % SHA512_DATA_SIZE;
+	length -= res;
+
+	if (length > 0) {
+		t2 = length / SHA512_DATA_SIZE;
+		sha512_block_data_order(&octx, data, t2);
+		
+		for (i=0;i<t2;i++)
+			MD_INCR(ctx);
+		data += length;
+	}
+
+	memcpy(ctx->state, octx.h, sizeof(octx.h));
+
+	memcpy(ctx->block, octx.u.p, octx.num);
+	ctx->index = octx.num;
+
+	if (res > 0) {
+		sha512_update(ctx, res, data);
+	}
+}
+
+static int _ctx_init(gnutls_digest_algorithm_t algo,
+		     struct aarch64_hash_ctx *ctx)
+{
+	switch (algo) {
+	case GNUTLS_DIG_SHA1:
+		sha1_init(&ctx->ctx.sha1);
+		ctx->update = (update_func) aarch64_sha1_update;
+		ctx->digest = (digest_func) sha1_digest;
+		ctx->init = (init_func) sha1_init;
+		ctx->ctx_ptr = &ctx->ctx.sha1;
+		ctx->length = SHA1_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA224:
+		sha224_init(&ctx->ctx.sha224);
+		ctx->update = (update_func) aarch64_sha256_update;
+		ctx->digest = (digest_func) sha224_digest;
+		ctx->init = (init_func) sha224_init;
+		ctx->ctx_ptr = &ctx->ctx.sha224;
+		ctx->length = SHA224_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA256:
+		sha256_init(&ctx->ctx.sha256);
+		ctx->update = (update_func) aarch64_sha256_update;
+		ctx->digest = (digest_func) sha256_digest;
+		ctx->init = (init_func) sha256_init;
+		ctx->ctx_ptr = &ctx->ctx.sha256;
+		ctx->length = SHA256_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA384:
+		sha384_init(&ctx->ctx.sha384);
+		ctx->update = (update_func) aarch64_sha512_update;
+		ctx->digest = (digest_func) sha384_digest;
+		ctx->init = (init_func) sha384_init;
+		ctx->ctx_ptr = &ctx->ctx.sha384;
+		ctx->length = SHA384_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA512:
+		sha512_init(&ctx->ctx.sha512);
+		ctx->update = (update_func) aarch64_sha512_update;
+		ctx->digest = (digest_func) sha512_digest;
+		ctx->init = (init_func) sha512_init;
+		ctx->ctx_ptr = &ctx->ctx.sha512;
+		ctx->length = SHA512_DIGEST_SIZE;
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return 0;
+}
+
+
+static int wrap_aarch64_hash_init(gnutls_digest_algorithm_t algo, void **_ctx)
+{
+	struct aarch64_hash_ctx *ctx;
+	int ret;
+
+	ctx = gnutls_malloc(sizeof(struct aarch64_hash_ctx));
+	if (ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ctx->algo = algo;
+
+	if ((ret = _ctx_init(algo, ctx)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	*_ctx = ctx;
+
+	return 0;
+}
+
+static void *
+wrap_aarch64_hash_copy(const void *_ctx)
+{
+	struct aarch64_hash_ctx *new_ctx;
+	const struct aarch64_hash_ctx *ctx=_ctx;
+	ptrdiff_t off = (uint8_t *)ctx->ctx_ptr - (uint8_t *)(&ctx->ctx);
+
+	new_ctx = gnutls_malloc(sizeof(struct aarch64_hash_ctx));
+	if (new_ctx == NULL) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	memcpy(new_ctx, ctx, sizeof(*new_ctx));
+	new_ctx->ctx_ptr = (uint8_t *)&new_ctx->ctx + off;
+
+	return new_ctx;
+}
+
+static int
+wrap_aarch64_hash_output(void *src_ctx, void *digest, size_t digestsize)
+{
+	struct aarch64_hash_ctx *ctx;
+	ctx = src_ctx;
+
+	if (digestsize < ctx->length)
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ctx->digest(ctx->ctx_ptr, digestsize, digest);
+
+	return 0;
+}
+
+static int wrap_aarch64_hash_fast(gnutls_digest_algorithm_t algo,
+				 const void *text, size_t text_size,
+				 void *digest)
+{
+	struct aarch64_hash_ctx ctx;
+	int ret;
+
+	ret = _ctx_init(algo, &ctx);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ctx.update(&ctx, text_size, text);
+	ctx.digest(&ctx, ctx.length, digest);
+
+	return 0;
+}
+
+const struct nettle_hash aarch64_sha1 =
+NN_HASH(sha1, aarch64_sha1_update, sha1_digest, SHA1);
+const struct nettle_hash aarch64_sha224 =
+NN_HASH(sha224, aarch64_sha256_update, sha224_digest, SHA224);
+const struct nettle_hash aarch64_sha256 =
+NN_HASH(sha256, aarch64_sha256_update, sha256_digest, SHA256);
+
+const struct nettle_hash aarch64_sha384 =
+NN_HASH(sha384, aarch64_sha512_update, sha384_digest, SHA384);
+const struct nettle_hash aarch64_sha512 =
+NN_HASH(sha512, aarch64_sha512_update, sha512_digest, SHA512);
+
+const gnutls_crypto_digest_st _gnutls_sha_aarch64 = {
+	.init = wrap_aarch64_hash_init,
+	.hash = wrap_aarch64_hash_update,
+	.output = wrap_aarch64_hash_output,
+	.copy = wrap_aarch64_hash_copy,
+	.deinit = wrap_aarch64_hash_deinit,
+	.fast = wrap_aarch64_hash_fast,
+};
diff --git a/lib/accelerated/aarch64/sha-aarch64.h b/lib/accelerated/aarch64/sha-aarch64.h
new file mode 100644
index 0000000..e5282b8
--- /dev/null
+++ b/lib/accelerated/aarch64/sha-aarch64.h
@@ -0,0 +1,19 @@
+#ifndef GNUTLS_LIB_ACCELERATED_AARCH64_SHA_AARCH64_H
+#define GNUTLS_LIB_ACCELERATED_AARCH64_SHA_AARCH64_H
+
+#include <nettle/sha.h>
+
+extern const struct nettle_hash aarch64_sha1;
+extern const struct nettle_hash aarch64_sha224;
+extern const struct nettle_hash aarch64_sha256;
+extern const struct nettle_hash aarch64_sha384;
+extern const struct nettle_hash aarch64_sha512;
+
+extern const gnutls_crypto_digest_st _gnutls_sha_aarch64;
+extern const gnutls_crypto_mac_st _gnutls_hmac_sha_aarch64;
+
+void aarch64_sha1_update(struct sha1_ctx *ctx, size_t length, const uint8_t * data);
+void aarch64_sha256_update(struct sha256_ctx *ctx, size_t length, const uint8_t * data);
+void aarch64_sha512_update(struct sha512_ctx *ctx, size_t length, const uint8_t * data);
+
+#endif /* GNUTLS_LIB_ACCELERATED_AARCH64_SHA_AARCH64_H */
diff --git a/lib/accelerated/accelerated.c b/lib/accelerated/accelerated.c
new file mode 100644
index 0000000..8fb0b11
--- /dev/null
+++ b/lib/accelerated/accelerated.c
@@ -0,0 +1,43 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ *
+ */
+
+#include <config.h>
+#include <accelerated.h>
+#if defined(ASM_X86)
+# include <x86/aes-x86.h>
+# include <x86/x86-common.h>
+#elif defined(ASM_AARCH64)
+# include <aarch64/aarch64-common.h>
+#endif
+
+void _gnutls_register_accel_crypto(void)
+{
+#if defined(ASM_X86)
+	register_x86_crypto();
+#endif
+
+#if defined(ASM_AARCH64)
+	register_aarch64_crypto();
+#endif
+
+	return;
+}
diff --git a/lib/accelerated/accelerated.h b/lib/accelerated/accelerated.h
new file mode 100644
index 0000000..5e9e92a
--- /dev/null
+++ b/lib/accelerated/accelerated.h
@@ -0,0 +1,6 @@
+#ifndef GNUTLS_LIB_ACCELERATED_ACCELERATED_H
+# define GNUTLS_LIB_ACCELERATED_ACCELERATED_H
+
+void _gnutls_register_accel_crypto(void);
+
+#endif /* GNUTLS_LIB_ACCELERATED_ACCELERATED_H */
diff --git a/lib/accelerated/afalg.c b/lib/accelerated/afalg.c
new file mode 100644
index 0000000..0249251
--- /dev/null
+++ b/lib/accelerated/afalg.c
@@ -0,0 +1,872 @@
+/*
+ * Copyright (C) 2017 Stephan Mueller <smueller@chronox.de>
+ *
+ * Author: Stephan Mueller
+ *
+ * This code is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "config.h"
+
+#include <accelerated/afalg.h>
+
+#ifdef ENABLE_AFALG
+
+#include "errors.h"
+#include "gnutls_int.h"
+
+#include <gnutls/crypto.h>
+#include <kcapi.h>
+#include <limits.h>
+#include "malloca.h"
+
+/************************ Symmetric cipher algorithms ************************/
+
+struct kcapi_ctx {
+	struct kcapi_handle *handle;
+	int enc;
+	uint8_t iv[MAX_CIPHER_IV_SIZE];
+};
+
+
+static const char *gnutls_cipher_map[] = {
+	[GNUTLS_CIPHER_AES_128_CBC] = "cbc(aes)",
+	[GNUTLS_CIPHER_AES_192_CBC] = "cbc(aes)",
+	[GNUTLS_CIPHER_AES_256_CBC] = "cbc(aes)",
+	[GNUTLS_CIPHER_3DES_CBC] = "cbc(des3_ede)",
+	[GNUTLS_CIPHER_CAMELLIA_128_CBC] = "cbc(camellia)",
+	[GNUTLS_CIPHER_CAMELLIA_192_CBC] = "cbc(camellia)",
+	[GNUTLS_CIPHER_CAMELLIA_256_CBC] = "cbc(camellia)",
+	[GNUTLS_CIPHER_SALSA20_256] = "salsa20",
+	[GNUTLS_CIPHER_AES_128_XTS] = "xts(aes)",
+	[GNUTLS_CIPHER_AES_256_XTS] = "xts(aes)",
+};
+
+static int
+afalg_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
+{
+	struct kcapi_handle *handle;
+	struct kcapi_ctx *ctx;
+
+	if (kcapi_cipher_init(&handle, gnutls_cipher_map[algorithm], 0) < 0) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	if (unlikely(kcapi_cipher_ivsize(handle) > MAX_CIPHER_IV_SIZE)) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	ctx = gnutls_malloc(sizeof(struct kcapi_ctx));
+	if (ctx == NULL) {
+		gnutls_assert();
+		kcapi_cipher_destroy(handle);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ctx->handle = handle;
+	ctx->enc = enc;
+	*_ctx = ctx;
+	return 0;
+}
+
+static int afalg_cipher_setkey(void *_ctx, const void *key, size_t keysize)
+{
+	struct kcapi_ctx *ctx = _ctx;
+
+	if (kcapi_cipher_setkey(ctx->handle, key, keysize) < 0) {
+		gnutls_assert();
+		return GNUTLS_E_ENCRYPTION_FAILED;
+	}
+
+	return 0;
+}
+
+static int afalg_cipher_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct kcapi_ctx *ctx = _ctx;
+
+	if (iv_size > kcapi_cipher_ivsize(ctx->handle))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memcpy(ctx->iv, iv, iv_size);
+	if (ctx->enc) {
+		if (kcapi_cipher_stream_init_enc(ctx->handle, ctx->iv, NULL, 0) < 0) {
+			gnutls_assert();
+			return GNUTLS_E_ENCRYPTION_FAILED;
+		}
+	} else {
+		if (kcapi_cipher_stream_init_dec(ctx->handle, ctx->iv, NULL, 0) < 0) {
+			gnutls_assert();
+			return GNUTLS_E_ENCRYPTION_FAILED;
+		}
+	}
+
+	return 0;
+}
+
+static int afalg_cipher_encrypt(void *_ctx, const void *src, size_t src_size,
+				void *dst, size_t dst_size)
+{
+	struct kcapi_ctx *ctx = _ctx;
+	struct iovec iov;
+
+	iov.iov_base = (void *)src;
+	iov.iov_len = src_size;
+
+	if (unlikely(src_size % kcapi_cipher_blocksize(ctx->handle))) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (kcapi_cipher_stream_update(ctx->handle, &iov, 1) < 0) {
+		return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
+	}
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	iov.iov_base = (void *)dst;
+	iov.iov_len = src_size;
+
+	if (kcapi_cipher_stream_op(ctx->handle, &iov, 1) < 0) {
+		gnutls_assert();
+		return GNUTLS_E_ENCRYPTION_FAILED;
+	}
+
+	return 0;
+}
+
+static int afalg_cipher_decrypt(void *_ctx, const void *src, size_t src_size,
+				void *dst, size_t dst_size)
+{
+	struct kcapi_ctx *ctx = _ctx;
+	struct iovec iov;
+
+	iov.iov_base = (void *)src;
+	iov.iov_len = src_size;
+
+	if (unlikely(src_size % kcapi_cipher_blocksize(ctx->handle))) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (kcapi_cipher_stream_update(ctx->handle, &iov, 1) < 0) {
+		return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
+	}
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	iov.iov_base = (void *)dst;
+	iov.iov_len = src_size;
+
+	if (kcapi_cipher_stream_op(ctx->handle, &iov, 1) < 0) {
+		gnutls_assert();
+		return GNUTLS_E_ENCRYPTION_FAILED;
+	}
+
+	return 0;
+}
+
+static void afalg_cipher_deinit(void *_ctx)
+{
+	struct kcapi_ctx *ctx = _ctx;
+
+	kcapi_cipher_destroy(ctx->handle);
+	gnutls_free(ctx);
+}
+
+static const gnutls_crypto_cipher_st afalg_cipher_struct = {
+	.init = afalg_cipher_init,
+	.setkey = afalg_cipher_setkey,
+	.setiv = afalg_cipher_setiv,
+	.encrypt = afalg_cipher_encrypt,
+	.decrypt = afalg_cipher_decrypt,
+	.deinit = afalg_cipher_deinit,
+};
+
+static int afalg_cipher_register(void)
+{
+	unsigned int i;
+	int ret = 0;
+
+	for (i = 0;
+	     i < sizeof(gnutls_cipher_map) / sizeof(gnutls_cipher_map[0]);
+	     i++) {
+		struct kcapi_handle *handle;
+
+		if (gnutls_cipher_map[i] == 0)
+			continue;
+
+		/* Check whether cipher is available. */
+		if (kcapi_cipher_init(&handle, gnutls_cipher_map[i], 0))
+			continue;
+
+		kcapi_cipher_destroy(handle);
+
+		_gnutls_debug_log("afalg: registering: %s\n",
+				  gnutls_cipher_get_name(i));
+		ret = gnutls_crypto_single_cipher_register(i, 90,
+							   &afalg_cipher_struct,
+							   0);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	return ret;
+}
+
+/************************ Symmetric cipher algorithms ************************/
+
+struct kcapi_aead_ctx {
+	struct kcapi_handle *handle;
+	int taglen_set;
+	int ccm;
+};
+
+static const char *gnutls_aead_map[] = {
+	[GNUTLS_CIPHER_CAMELLIA_128_GCM] = "gcm(camellia)",
+	[GNUTLS_CIPHER_CAMELLIA_256_GCM] = "gcm(camellia)",
+	[GNUTLS_CIPHER_AES_128_CCM] = "ccm(aes)",
+	[GNUTLS_CIPHER_AES_256_CCM] = "ccm(aes)",
+	[GNUTLS_CIPHER_AES_128_GCM] = "gcm(aes)",
+	[GNUTLS_CIPHER_AES_256_GCM] = "gcm(aes)",
+};
+
+static void afalg_aead_deinit(void *_ctx)
+{
+	struct kcapi_aead_ctx *ctx = _ctx;
+
+	kcapi_aead_destroy(ctx->handle);
+	gnutls_free(ctx);
+}
+
+static int
+afalg_aead_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
+{
+	struct kcapi_handle *handle;
+	struct kcapi_aead_ctx *ctx;
+
+	if (kcapi_aead_init(&handle, gnutls_aead_map[algorithm], 0) < 0) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ctx = gnutls_malloc(sizeof(struct kcapi_aead_ctx));
+	if (ctx == NULL) {
+		gnutls_assert();
+		kcapi_aead_destroy(handle);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	switch(algorithm) {
+		case GNUTLS_CIPHER_AES_128_CCM:
+		case GNUTLS_CIPHER_AES_256_CCM:
+			ctx->ccm = 1;
+			break;
+		default:
+			ctx->ccm = 0;
+	}
+	ctx->handle = handle;
+	*_ctx = ctx;
+
+	return 0;
+}
+
+static int afalg_aead_setkey(void *_ctx, const void *key, size_t keysize)
+{
+	struct kcapi_aead_ctx *ctx = _ctx;
+
+	if (kcapi_aead_setkey(ctx->handle, key, keysize) < 0) {
+		gnutls_assert();
+		return GNUTLS_E_ENCRYPTION_FAILED;
+	}
+
+	return 0;
+}
+
+static int afalg_aead_decrypt(void *_ctx,
+			      const void *nonce, size_t nonce_size,
+			      const void *auth, size_t auth_size,
+			      size_t tag_size,
+			      const void *encr, size_t encr_size,
+			      void *plain, size_t plain_size)
+{
+	int ret = 0;
+	struct kcapi_aead_ctx *ctx = _ctx;
+	struct iovec iov[2];
+	uint8_t *authtmp = malloca(auth_size);
+	if (authtmp == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+	if (encr_size < tag_size) {
+		gnutls_assert();
+		ret = GNUTLS_E_DECRYPTION_FAILED;
+		goto end;
+	}
+
+	if (unlikely(plain_size < encr_size - tag_size)) {
+		gnutls_assert();
+		ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
+		goto end;
+	}
+
+	/* Init stream once. */
+	if (!ctx->taglen_set) {
+		ctx->taglen_set = 1;
+		if (kcapi_aead_settaglen(ctx->handle, tag_size) < 0) {
+			gnutls_assert();
+			ret = GNUTLS_E_DECRYPTION_FAILED;
+			goto end;
+		}
+	}
+
+	kcapi_aead_setassoclen(ctx->handle, auth_size);
+
+	/* CCM nonce to IV conversion */
+	if (ctx->ccm) {
+		uint8_t *ccm_iv = NULL;
+		uint32_t ccm_iv_len;
+
+		if (kcapi_aead_ccm_nonce_to_iv(nonce, nonce_size, &ccm_iv,
+						   &ccm_iv_len)) {
+			gnutls_assert();
+			ret = GNUTLS_E_DECRYPTION_FAILED;
+			goto end;
+		}
+		if (kcapi_aead_stream_init_dec(ctx->handle, ccm_iv, NULL, 0)
+			< 0) {
+			free(ccm_iv);
+			gnutls_assert();
+			ret = GNUTLS_E_DECRYPTION_FAILED;
+			goto end;
+		}
+		free(ccm_iv);
+	} else {
+		if (kcapi_aead_stream_init_dec(ctx->handle, nonce, NULL, 0)
+			< 0) {
+			gnutls_assert();
+			ret = GNUTLS_E_DECRYPTION_FAILED;
+			goto end;
+		}
+	}
+
+	/*
+	 * Set AAD: IOVECs do not support const, this buffer is guaranteed to be
+	 * read-only
+	 */
+	iov[0].iov_base = (void*)auth;
+	iov[0].iov_len = auth_size;
+
+	/*
+	 * Set CT: IOVECs do not support const, this buffer is guaranteed to be
+	 * read-only
+	 */
+	iov[1].iov_base = (void *)encr;
+	iov[1].iov_len = encr_size;
+
+	if (kcapi_aead_stream_update_last(ctx->handle, iov, 2) < 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_DECRYPTION_FAILED;
+		goto end;
+	}
+
+	iov[0].iov_base = authtmp;
+	iov[0].iov_len = auth_size;
+
+	/* Set PT buffer to be filled by kernel */
+	uint32_t outbuflen = kcapi_aead_outbuflen_dec(ctx->handle,
+						encr_size - tag_size,
+						auth_size, tag_size)-auth_size;
+	iov[1].iov_base = (void *)plain;
+	iov[1].iov_len = (plain_size > outbuflen) ? outbuflen : plain_size;
+
+	if (kcapi_aead_stream_op(ctx->handle, iov, 2) < 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_DECRYPTION_FAILED;
+		goto end;
+	}
+
+end:
+	freea(authtmp);
+	return ret;
+}
+static int afalg_aead_encrypt(void *_ctx, const void *nonce, size_t nonce_size,
+			      const void *auth, size_t auth_size,
+			      size_t tag_size,
+			      const void *plain, size_t plain_size,
+			      void *encr, size_t encr_size)
+{
+	int ret = 0;
+	struct kcapi_aead_ctx *ctx = _ctx;
+	struct iovec iov[3];
+	uint32_t iovlen = 2;
+	uint8_t *authtmp = malloca(auth_size);
+	if (authtmp == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	if (unlikely(encr_size - tag_size < plain_size)) {
+		ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
+		gnutls_assert();
+		goto end;
+	}
+
+	if (nonce_size > kcapi_aead_ivsize(ctx->handle)) {
+		ret = GNUTLS_E_INVALID_REQUEST;
+		gnutls_assert();
+		goto end;
+	}
+
+	/* Init taglen once. */
+	if (!ctx->taglen_set) {
+		ctx->taglen_set = 1;
+
+		if (kcapi_aead_settaglen(ctx->handle, tag_size) < 0) {
+			gnutls_assert();
+			ret = GNUTLS_E_ENCRYPTION_FAILED;
+			goto end;
+		}
+	}
+
+	kcapi_aead_setassoclen(ctx->handle, auth_size);
+
+	/* CCM nonce to IV conversion */
+	if (ctx->ccm) {
+		uint8_t *ccm_iv = NULL;
+		uint32_t ccm_iv_len;
+
+		if (kcapi_aead_ccm_nonce_to_iv(nonce, nonce_size, &ccm_iv,
+						   &ccm_iv_len)) {
+			gnutls_assert();
+			ret = GNUTLS_E_ENCRYPTION_FAILED;
+			goto end;
+		}
+		if (kcapi_aead_stream_init_enc(ctx->handle, ccm_iv, NULL, 0)
+			< 0) {
+			free(ccm_iv);
+			gnutls_assert();
+			ret = GNUTLS_E_ENCRYPTION_FAILED;
+			goto end;
+		}
+		free(ccm_iv);
+	} else {
+		if (kcapi_aead_stream_init_enc(ctx->handle, nonce, NULL, 0)
+			< 0) {
+			gnutls_assert();
+			ret = GNUTLS_E_ENCRYPTION_FAILED;
+			goto end;
+		}
+	}
+
+	/*
+	 * Set AAD: IOVECs do not support const, this buffer is guaranteed to be
+	 * read-only
+	 */
+	iov[0].iov_base = (void*)auth;
+	iov[0].iov_len = auth_size;
+
+	/*
+	 * Set PT: IOVECs do not support const, this buffer is guaranteed to be
+	 * read-only
+	 */
+	iov[1].iov_base = (void *)plain;
+	iov[1].iov_len = plain_size;
+
+	/*
+	 * Older kernels require tag as input. This buffer data is unused
+	 * which implies the encr buffer can serve as tmp space.
+	 */
+	uint32_t inbuflen = kcapi_aead_inbuflen_enc(ctx->handle, plain_size,
+						    auth_size, tag_size);
+	if ((auth_size + plain_size) < inbuflen) {
+		iov[2].iov_base = encr;
+		iov[2].iov_len = tag_size;
+		iovlen = 3;
+	}
+
+	if (kcapi_aead_stream_update_last(ctx->handle, iov, iovlen) < 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_ENCRYPTION_FAILED;
+		goto end;
+	}
+
+	iov[0].iov_base = authtmp;
+	iov[0].iov_len = auth_size;
+
+	/* Set CT buffer to be filled by kernel */
+	uint32_t outbuflen = kcapi_aead_outbuflen_enc(ctx->handle,
+						      plain_size, auth_size,
+						      tag_size) - auth_size;
+
+	iov[1].iov_base = encr;
+	iov[1].iov_len = (encr_size > outbuflen) ? outbuflen : encr_size;
+
+	if (kcapi_aead_stream_op(ctx->handle, iov, 2) < 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_ENCRYPTION_FAILED;
+		goto end;
+	}
+
+end:
+	freea(authtmp);
+	return ret;
+}
+
+static const gnutls_crypto_cipher_st afalg_aead_struct = {
+	.init = afalg_aead_init,
+	.setkey = afalg_aead_setkey,
+	.aead_encrypt = afalg_aead_encrypt,
+	.aead_decrypt = afalg_aead_decrypt,
+	.deinit = afalg_aead_deinit,
+};
+
+static int afalg_aead_register(void)
+{
+	unsigned int i;
+	int ret = 0;
+
+	for (i = 0;
+	     i < sizeof(gnutls_aead_map) / sizeof(gnutls_aead_map[0]);
+	     i++) {
+		struct kcapi_handle *handle;
+
+		if (gnutls_aead_map[i] == 0)
+			continue;
+
+		/* Check whether cipher is available. */
+		if (kcapi_aead_init(&handle, gnutls_aead_map[i], 0))
+			continue;
+
+		kcapi_aead_destroy(handle);
+
+		_gnutls_debug_log("afalg: registering: %s\n",
+				  gnutls_cipher_get_name(i));
+		ret = gnutls_crypto_single_cipher_register(i, 90,
+							   &afalg_aead_struct,
+							   0);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	return ret;
+}
+
+/********************** Keyed message digest algorithms **********************/
+
+static const char *gnutls_mac_map[] = {
+	[GNUTLS_MAC_SHA1] = "hmac(sha1)",
+	[GNUTLS_MAC_SHA256] = "hmac(sha256)",
+	[GNUTLS_MAC_SHA384] = "hmac(sha384)",
+	[GNUTLS_MAC_SHA512] = "hmac(sha512)",
+};
+
+static int afalg_mac_init(gnutls_mac_algorithm_t algorithm, void **ctx)
+{
+	struct kcapi_handle *handle;
+
+	if (kcapi_md_init(&handle, gnutls_mac_map[algorithm], 0) < 0) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	*ctx = handle;
+
+	return 0;
+}
+
+static int afalg_mac_setkey(void *ctx, const void *key, size_t keysize)
+{
+	struct kcapi_handle *handle = ctx;
+
+	if (kcapi_md_setkey(handle, key, keysize) < 0) {
+		gnutls_assert();
+		return GNUTLS_E_ENCRYPTION_FAILED;
+	}
+
+	return 0;
+}
+
+static int afalg_mac_hash(void *ctx, const void *_text, size_t textsize)
+{
+	struct kcapi_handle *handle = ctx;
+	const uint8_t *text = _text;
+	size_t offset;
+
+	for (offset = 0; offset < textsize - textsize % INT_MAX; offset += INT_MAX) {
+		if (kcapi_md_update(handle, text + offset, INT_MAX) < 0) {
+			return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
+		}
+	}
+
+	if (offset < textsize) {
+		if (kcapi_md_update(handle, text + offset, textsize - offset) < 0) {
+			return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
+		}
+	}
+
+	return 0;
+}
+
+static int afalg_mac_output(void *ctx, void *digest, size_t digestsize)
+{
+	struct kcapi_handle *handle = ctx;
+
+	if (kcapi_md_final(handle, digest, digestsize) < 0) {
+		gnutls_assert();
+		return GNUTLS_E_ENCRYPTION_FAILED;
+	}
+
+	return 0;
+
+}
+
+static void afalg_mac_deinit(void *ctx)
+{
+	struct kcapi_handle *handle = ctx;
+
+	kcapi_md_destroy(handle);
+}
+
+static int afalg_mac_fast(gnutls_mac_algorithm_t algorithm, const void *nonce,
+			  size_t nonce_size, const void *key, size_t keysize,
+			  const void *text, size_t textsize, void *digest)
+{
+	struct kcapi_handle *handle;
+	int ret = GNUTLS_E_ENCRYPTION_FAILED;
+
+	if (kcapi_md_init(&handle, gnutls_mac_map[algorithm], 0) < 0) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	if (kcapi_md_setkey(handle, key, keysize) < 0) {
+		gnutls_assert();
+		goto out;
+	}
+
+	if (textsize <= INT_MAX) {
+		if (kcapi_md_digest(handle, text, textsize, digest,
+				    kcapi_md_digestsize(handle)) < 0) {
+			gnutls_assert();
+			goto out;
+		}
+	} else {
+		ret = afalg_mac_hash(handle, text, textsize);
+		if (ret < 0) {
+			goto out;
+		}
+		if (kcapi_md_final(handle, digest,
+				   kcapi_md_digestsize(handle)) < 0) {
+			gnutls_assert();
+			return GNUTLS_E_ENCRYPTION_FAILED;
+		}
+	}
+
+	ret = 0;
+
+out:
+	kcapi_md_destroy(handle);
+
+	return ret;
+}
+
+static const gnutls_crypto_mac_st afalg_mac_struct = {
+	.init = afalg_mac_init,
+	.setkey = afalg_mac_setkey,
+	.setnonce = NULL,
+	.hash = afalg_mac_hash,
+	.output = afalg_mac_output,
+	.deinit = afalg_mac_deinit,
+	.fast = afalg_mac_fast,
+};
+
+static int afalg_mac_register(void)
+{
+	unsigned int i;
+	int ret = 0;
+
+	for (i = 0;
+	     i < sizeof(gnutls_mac_map) / sizeof(gnutls_mac_map[0]);
+	     i++) {
+		struct kcapi_handle *handle;
+
+		if (gnutls_mac_map[i] == 0)
+			continue;
+
+		/* Check whether cipher is available. */
+		if (kcapi_md_init(&handle, gnutls_mac_map[i], 0))
+			continue;
+
+		kcapi_md_destroy(handle);
+
+		_gnutls_debug_log("afalg: registering: %s\n",
+				  gnutls_mac_get_name(i));
+		ret = gnutls_crypto_single_mac_register(i, 90,
+							&afalg_mac_struct, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	return ret;
+}
+
+
+/***************************** Digest algorithms *****************************/
+
+static const char *gnutls_digest_map[] = {
+	[GNUTLS_DIG_SHA1] = "sha1",
+	[GNUTLS_DIG_SHA256] = "sha256",
+	[GNUTLS_DIG_SHA384] = "sha384",
+	[GNUTLS_DIG_SHA512] = "sha512",
+};
+
+static int afalg_digest_init(gnutls_digest_algorithm_t algorithm, void **ctx)
+{
+	struct kcapi_handle *handle;
+
+	if (kcapi_md_init(&handle, gnutls_digest_map[algorithm], 0) < 0) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	*ctx = handle;
+
+	return 0;
+}
+
+static int afalg_digest_fast(gnutls_digest_algorithm_t algorithm,
+			     const void *text, size_t textsize, void *digest)
+{
+	struct kcapi_handle *handle;
+	int ret = GNUTLS_E_ENCRYPTION_FAILED;
+
+	if (kcapi_md_init(&handle, gnutls_digest_map[algorithm], 0) < 0) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	if (textsize <= INT_MAX) {
+		if (kcapi_md_digest(handle, text, textsize, digest,
+				    kcapi_md_digestsize(handle)) < 0) {
+			gnutls_assert();
+			goto out;
+		}
+	} else {
+		ret = afalg_mac_hash(handle, text, textsize);
+		if (ret < 0) {
+			goto out;
+		}
+
+		if (kcapi_md_final(handle, digest,
+				   kcapi_md_digestsize(handle)) < 0) {
+			gnutls_assert();
+			return GNUTLS_E_ENCRYPTION_FAILED;
+		}
+	}
+
+	ret = 0;
+
+out:
+	kcapi_md_destroy(handle);
+
+	return ret;
+}
+
+static const gnutls_crypto_digest_st afalg_digest_struct = {
+	.init = afalg_digest_init,
+	.hash = afalg_mac_hash,
+	.output = afalg_mac_output,
+	.deinit = afalg_mac_deinit,
+	.fast = afalg_digest_fast
+};
+
+static int afalg_digest_register(void)
+{
+	unsigned int i;
+	int ret = 0;
+
+	for (i = 0;
+	     i < sizeof(gnutls_digest_map) / sizeof(gnutls_digest_map[0]);
+	     i++) {
+		struct kcapi_handle *handle;
+
+		if (gnutls_digest_map[i] == 0)
+			continue;
+
+		/* Check whether cipher is available. */
+		if (kcapi_md_init(&handle, gnutls_digest_map[i], 0))
+			continue;
+
+		kcapi_md_destroy(handle);
+
+		_gnutls_debug_log("afalg: registering: %s\n",
+				  gnutls_digest_get_name(i));
+		ret = gnutls_crypto_single_digest_register(i, 90,
+							   &afalg_digest_struct,
+							   0);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	return ret;
+}
+
+int _gnutls_afalg_init(void)
+{
+	int ret;
+
+	ret = afalg_cipher_register();
+	if (ret)
+		return ret;
+
+	ret = afalg_aead_register();
+	if (ret)
+		return ret;
+
+	ret = afalg_mac_register();
+	if (ret)
+		return ret;
+
+	return afalg_digest_register();
+}
+
+void _gnutls_afalg_deinit(void)
+{
+	return;
+}
+
+#else /* ENABLE_AFALG */
+
+int _gnutls_afalg_init(void)
+{
+	return 0;
+}
+
+void _gnutls_afalg_deinit(void)
+{
+	return;
+}
+
+#endif /* ENABLE_AFALG */
diff --git a/lib/accelerated/afalg.h b/lib/accelerated/afalg.h
new file mode 100644
index 0000000..51de67e
--- /dev/null
+++ b/lib/accelerated/afalg.h
@@ -0,0 +1,2 @@
+int _gnutls_afalg_init(void);
+void _gnutls_afalg_deinit(void);
diff --git a/lib/accelerated/cryptodev-gcm.c b/lib/accelerated/cryptodev-gcm.c
new file mode 100644
index 0000000..f729406
--- /dev/null
+++ b/lib/accelerated/cryptodev-gcm.c
@@ -0,0 +1,297 @@
+/*
+ * Copyright (C) 2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <accelerated/cryptodev.h>
+
+#ifdef ENABLE_CRYPTODEV
+
+#include <fcntl.h>
+#include <sys/ioctl.h>
+#include <crypto/cryptodev.h>
+
+#ifndef CRYPTO_CIPHER_MAX_KEY_LEN
+#define CRYPTO_CIPHER_MAX_KEY_LEN 64
+#endif
+
+#ifndef EALG_MAX_BLOCK_LEN
+#define EALG_MAX_BLOCK_LEN 16
+#endif
+
+
+#ifdef CIOCAUTHCRYPT
+
+#define GCM_BLOCK_SIZE 16
+
+struct cryptodev_gcm_ctx {
+	struct session_op sess;
+	struct crypt_auth_op cryp;
+	uint8_t iv[GCM_BLOCK_SIZE];
+	uint8_t tag[GCM_BLOCK_SIZE];
+
+	void *auth_data;
+	unsigned int auth_data_size;
+
+	int op;			/* whether encryption op has been executed */
+
+	int cfd;
+};
+
+static void aes_gcm_deinit(void *_ctx)
+{
+	struct cryptodev_gcm_ctx *ctx = _ctx;
+
+	ioctl(ctx->cfd, CIOCFSESSION, &ctx->sess.ses);
+	gnutls_free(ctx);
+}
+
+static const int cipher_map[] = {
+	[GNUTLS_CIPHER_AES_128_GCM] = CRYPTO_AES_GCM,
+	[GNUTLS_CIPHER_AES_192_GCM] = CRYPTO_AES_GCM,
+	[GNUTLS_CIPHER_AES_256_GCM] = CRYPTO_AES_GCM,
+};
+
+static int
+aes_gcm_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx,
+		    int enc)
+{
+	struct cryptodev_gcm_ctx *ctx;
+
+	*_ctx = gnutls_calloc(1, sizeof(struct cryptodev_gcm_ctx));
+	if (*_ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+
+	ctx = *_ctx;
+
+	ctx->cfd = _gnutls_cryptodev_fd;
+	ctx->sess.cipher = cipher_map[algorithm];
+	ctx->cryp.iv = ctx->iv;
+
+	return 0;
+}
+
+static int
+aes_gcm_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+	struct cryptodev_gcm_ctx *ctx = _ctx;
+
+	CHECK_AES_KEYSIZE(keysize);
+
+	ctx->sess.keylen = keysize;
+	ctx->sess.key = (void *) userkey;
+
+	if (ioctl(ctx->cfd, CIOCGSESSION, &ctx->sess)) {
+		gnutls_assert();
+		return GNUTLS_E_CRYPTODEV_IOCTL_ERROR;
+	}
+	ctx->cryp.ses = ctx->sess.ses;
+
+	return 0;
+}
+
+static int aes_gcm_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct cryptodev_gcm_ctx *ctx = _ctx;
+
+	if (iv_size != GCM_BLOCK_SIZE - 4)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	memcpy(ctx->iv, iv, GCM_BLOCK_SIZE - 4);
+
+	ctx->cryp.iv = (void *) ctx->iv;
+
+	return 0;
+}
+
+static int
+aes_gcm_encrypt(void *_ctx, const void *src, size_t src_size,
+		void *dst, size_t dst_size)
+{
+	struct cryptodev_gcm_ctx *ctx = _ctx;
+
+	/* the GCM in kernel will place the tag after the
+	 * encrypted data.
+	 */
+	if (unlikely(dst_size - GCM_BLOCK_SIZE < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ctx->cryp.len = src_size;
+	ctx->cryp.src = (void *) src;
+	ctx->cryp.dst = dst;
+	ctx->cryp.op = COP_ENCRYPT;
+
+	ctx->cryp.auth_len = ctx->auth_data_size;
+	ctx->cryp.auth_src = ctx->auth_data;
+
+	if (ioctl(ctx->cfd, CIOCAUTHCRYPT, &ctx->cryp)) {
+		gnutls_assert();
+		return GNUTLS_E_CRYPTODEV_IOCTL_ERROR;
+	}
+
+	ctx->cryp.auth_len = 0;
+	ctx->op = 1;
+	memcpy(ctx->tag, &((uint8_t *) dst)[src_size], GCM_BLOCK_SIZE);
+	return 0;
+}
+
+static int
+aes_gcm_decrypt(void *_ctx, const void *src, size_t src_size,
+		void *dst, size_t dst_size)
+{
+	struct cryptodev_gcm_ctx *ctx = _ctx;
+
+	/* the GCM in kernel will place the tag after the
+	 * encrypted data.
+	 */
+	ctx->cryp.len = src_size + GCM_BLOCK_SIZE;
+	ctx->cryp.src = (void *) src;
+	ctx->cryp.dst = dst;
+	ctx->cryp.op = COP_DECRYPT;
+
+	ctx->cryp.auth_len = ctx->auth_data_size;
+	ctx->cryp.auth_src = ctx->auth_data;
+
+	if (unlikely(dst_size < src_size - GCM_BLOCK_SIZE))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	if (ioctl(ctx->cfd, CIOCAUTHCRYPT, &ctx->cryp)) {
+		gnutls_assert();
+		return GNUTLS_E_CRYPTODEV_IOCTL_ERROR;
+	}
+
+	ctx->cryp.auth_len = 0;
+	ctx->op = 1;
+	memcpy(ctx->tag, &((uint8_t *) dst)[src_size], GCM_BLOCK_SIZE);
+	return 0;
+}
+
+static int aes_gcm_auth(void *_ctx, const void *src, size_t src_size)
+{
+	struct cryptodev_gcm_ctx *ctx = _ctx;
+
+	ctx->op = 0;
+	ctx->auth_data = (void *) src;
+	ctx->auth_data_size = src_size;
+
+	return 0;
+}
+
+static void aes_gcm_tag(void *_ctx, void *tag, size_t tagsize)
+{
+	struct cryptodev_gcm_ctx *ctx = _ctx;
+
+	if (ctx->op == 0) {
+		ctx->cryp.len = 0;
+		ctx->cryp.src = NULL;
+		ctx->cryp.dst = ctx->tag;
+		ctx->cryp.op = COP_ENCRYPT;
+
+		ctx->cryp.auth_len = ctx->auth_data_size;
+		ctx->cryp.auth_src = ctx->auth_data;
+
+		if (ioctl(ctx->cfd, CIOCAUTHCRYPT, &ctx->cryp)) {
+			gnutls_assert();
+			return;
+		}
+	}
+
+	memcpy(tag, ctx->tag, tagsize);
+	ctx->op = 0;
+}
+
+#include "x86/aes-gcm-aead.h"
+
+static const gnutls_crypto_cipher_st cipher_struct = {
+	.init = aes_gcm_cipher_init,
+	.setkey = aes_gcm_cipher_setkey,
+	.setiv = aes_gcm_setiv,
+	.aead_encrypt = aes_gcm_aead_encrypt,
+	.aead_decrypt = aes_gcm_aead_decrypt,
+	.encrypt = aes_gcm_encrypt,
+	.decrypt = aes_gcm_decrypt,
+	.deinit = aes_gcm_deinit,
+	.tag = aes_gcm_tag,
+	.auth = aes_gcm_auth,
+};
+
+int _cryptodev_register_gcm_crypto(int cfd)
+{
+	struct session_op sess;
+	uint8_t fake_key[CRYPTO_CIPHER_MAX_KEY_LEN];
+	unsigned int i;
+	int ret;
+#ifdef CIOCGSESSINFO
+	struct session_info_op siop;
+
+	memset(&siop, 0, sizeof(siop));
+#endif
+
+	memset(&sess, 0, sizeof(sess));
+
+	for (i = 0; i < sizeof(cipher_map) / sizeof(cipher_map[0]); i++) {
+		if (cipher_map[i] == 0)
+			continue;
+
+		/* test if a cipher is support it and if yes register it */
+		sess.cipher = cipher_map[i];
+		sess.keylen = gnutls_cipher_get_key_size(i);
+		sess.key = fake_key;
+
+		if (ioctl(cfd, CIOCGSESSION, &sess)) {
+			continue;
+		}
+#ifdef CIOCGSESSINFO
+		siop.ses = sess.ses;	/* do not register ciphers that are not hw accelerated */
+		if (ioctl(cfd, CIOCGSESSINFO, &siop) == 0) {
+			if (!(siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY)) {
+				ioctl(cfd, CIOCFSESSION, &sess.ses);
+				continue;
+			}
+		}
+#endif
+
+		ioctl(cfd, CIOCFSESSION, &sess.ses);
+
+		_gnutls_debug_log("/dev/crypto: registering: %s\n",
+				  gnutls_cipher_get_name(i));
+		ret =
+		    gnutls_crypto_single_cipher_register(i, 90,
+							 &cipher_struct, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+	}
+
+	return 0;
+}
+
+#endif				/* CIOCAUTHCRYPT */
+
+#endif				/* ENABLE_CRYPTODEV */
diff --git a/lib/accelerated/cryptodev.c b/lib/accelerated/cryptodev.c
new file mode 100644
index 0000000..dca3aa8
--- /dev/null
+++ b/lib/accelerated/cryptodev.c
@@ -0,0 +1,517 @@
+/*
+ * Copyright (C) 2009-2010, 2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <accelerated/cryptodev.h>
+
+#ifdef ENABLE_CRYPTODEV
+
+#include <assert.h>
+#include <fcntl.h>
+#include <sys/ioctl.h>
+#include <crypto/cryptodev.h>
+
+#ifndef CRYPTO_CIPHER_MAX_KEY_LEN
+#define CRYPTO_CIPHER_MAX_KEY_LEN 64
+#endif
+
+#ifndef EALG_MAX_BLOCK_LEN
+#define EALG_MAX_BLOCK_LEN 16
+#endif
+
+int _gnutls_cryptodev_fd = -1;
+
+static int register_mac_digest(int cfd);
+
+struct cryptodev_ctx {
+	struct session_op sess;
+	struct crypt_op cryp;
+	uint8_t iv[EALG_MAX_BLOCK_LEN];
+
+	int cfd;
+};
+
+static const int gnutls_cipher_map[] = {
+	[GNUTLS_CIPHER_AES_128_CBC] = CRYPTO_AES_CBC,
+	[GNUTLS_CIPHER_AES_192_CBC] = CRYPTO_AES_CBC,
+	[GNUTLS_CIPHER_AES_256_CBC] = CRYPTO_AES_CBC,
+	[GNUTLS_CIPHER_3DES_CBC] = CRYPTO_3DES_CBC,
+	[GNUTLS_CIPHER_CAMELLIA_128_CBC] = CRYPTO_CAMELLIA_CBC,
+	[GNUTLS_CIPHER_CAMELLIA_192_CBC] = CRYPTO_CAMELLIA_CBC,
+	[GNUTLS_CIPHER_CAMELLIA_256_CBC] = CRYPTO_CAMELLIA_CBC,
+	[GNUTLS_CIPHER_DES_CBC] = CRYPTO_DES_CBC,
+};
+
+static int
+cryptodev_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx,
+		      int enc)
+{
+	struct cryptodev_ctx *ctx;
+	int cipher = gnutls_cipher_map[algorithm];
+
+	*_ctx = gnutls_calloc(1, sizeof(struct cryptodev_ctx));
+	if (*_ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ctx = *_ctx;
+
+	ctx->cfd = _gnutls_cryptodev_fd;
+	ctx->sess.cipher = cipher;
+	ctx->cryp.iv = ctx->iv;
+
+	return 0;
+}
+
+static int
+cryptodev_cipher_setkey(void *_ctx, const void *key, size_t keysize)
+{
+	struct cryptodev_ctx *ctx = _ctx;
+
+	CHECK_AES_KEYSIZE(keysize);
+
+	ctx->sess.keylen = keysize;
+	ctx->sess.key = (void *) key;
+
+	if (ioctl(ctx->cfd, CIOCGSESSION, &ctx->sess)) {
+		gnutls_assert();
+		return GNUTLS_E_CRYPTODEV_IOCTL_ERROR;
+	}
+	ctx->cryp.ses = ctx->sess.ses;
+
+	return 0;
+}
+
+static int cryptodev_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct cryptodev_ctx *ctx = _ctx;
+
+	if (iv_size > EALG_MAX_BLOCK_LEN)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memcpy(ctx->iv, iv, iv_size);
+
+	return 0;
+}
+
+static int
+cryptodev_encrypt(void *_ctx, const void *src, size_t src_size,
+		  void *dst, size_t dst_size)
+{
+	struct cryptodev_ctx *ctx = _ctx;
+	ctx->cryp.len = src_size;
+	ctx->cryp.src = (void *) src;
+	ctx->cryp.dst = dst;
+	ctx->cryp.op = COP_ENCRYPT;
+	ctx->cryp.flags = COP_FLAG_WRITE_IV;
+
+	if (unlikely(dst_size < src_size)) {
+		gnutls_assert();
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	if (ioctl(ctx->cfd, CIOCCRYPT, &ctx->cryp)) {
+		gnutls_assert();
+		return GNUTLS_E_CRYPTODEV_IOCTL_ERROR;
+	}
+
+	return 0;
+}
+
+static int
+cryptodev_decrypt(void *_ctx, const void *src, size_t src_size,
+		  void *dst, size_t dst_size)
+{
+	struct cryptodev_ctx *ctx = _ctx;
+
+	ctx->cryp.len = src_size;
+	ctx->cryp.src = (void *) src;
+	ctx->cryp.dst = dst;
+	ctx->cryp.op = COP_DECRYPT;
+	ctx->cryp.flags = COP_FLAG_WRITE_IV;
+
+	if (unlikely(dst_size < src_size)) {
+		gnutls_assert();
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	if (ioctl(ctx->cfd, CIOCCRYPT, &ctx->cryp)) {
+		gnutls_assert();
+		return GNUTLS_E_CRYPTODEV_IOCTL_ERROR;
+	}
+
+	return 0;
+}
+
+static void cryptodev_deinit(void *_ctx)
+{
+	struct cryptodev_ctx *ctx = _ctx;
+
+	ioctl(ctx->cfd, CIOCFSESSION, &ctx->sess.ses);
+	gnutls_free(ctx);
+}
+
+static const gnutls_crypto_cipher_st cipher_struct = {
+	.init = cryptodev_cipher_init,
+	.setkey = cryptodev_cipher_setkey,
+	.setiv = cryptodev_setiv,
+	.encrypt = cryptodev_encrypt,
+	.decrypt = cryptodev_decrypt,
+	.deinit = cryptodev_deinit,
+};
+
+static int register_crypto(int cfd)
+{
+	struct session_op sess;
+	uint8_t fake_key[CRYPTO_CIPHER_MAX_KEY_LEN];
+	unsigned int i;
+	int ret;
+#ifdef CIOCGSESSINFO
+	struct session_info_op siop;
+#endif
+
+	memset(&sess, 0, sizeof(sess));
+
+	for (i = 0;
+	     i < sizeof(gnutls_cipher_map) / sizeof(gnutls_cipher_map[0]);
+	     i++) {
+		if (gnutls_cipher_map[i] == 0)
+			continue;
+
+		/* test if a cipher is supported and if yes register it */
+		sess.cipher = gnutls_cipher_map[i];
+		sess.keylen = gnutls_cipher_get_key_size(i);
+		sess.key = fake_key;
+
+		if (ioctl(cfd, CIOCGSESSION, &sess)) {
+			continue;
+		}
+#ifdef CIOCGSESSINFO
+		memset(&siop, 0, sizeof(siop));
+
+		siop.ses = sess.ses;	/* do not register ciphers that are not hw accelerated */
+		if (ioctl(cfd, CIOCGSESSINFO, &siop) == 0) {
+			if (!(siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY)) {
+				ioctl(cfd, CIOCFSESSION, &sess.ses);
+				continue;
+			}
+		}
+#endif
+
+		ioctl(cfd, CIOCFSESSION, &sess.ses);
+
+		_gnutls_debug_log("/dev/crypto: registering: %s\n",
+				  gnutls_cipher_get_name(i));
+		ret =
+		    gnutls_crypto_single_cipher_register(i, 90,
+							 &cipher_struct, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+	}
+
+#ifdef CIOCAUTHCRYPT
+	return _cryptodev_register_gcm_crypto(cfd);
+#else
+	return 0;
+#endif
+}
+
+int _gnutls_cryptodev_init(void)
+{
+	int ret;
+
+	/* Open the crypto device */
+	_gnutls_cryptodev_fd = open("/dev/crypto", O_RDWR, 0);
+	if (_gnutls_cryptodev_fd < 0) {
+		gnutls_assert();
+		return GNUTLS_E_CRYPTODEV_DEVICE_ERROR;
+	}
+#ifndef CRIOGET_NOT_NEEDED
+	{
+		int cfd = -1;
+		/* Clone file descriptor */
+		if (ioctl(_gnutls_cryptodev_fd, CRIOGET, &cfd)) {
+			gnutls_assert();
+			return GNUTLS_E_CRYPTODEV_IOCTL_ERROR;
+		}
+
+		/* Set close-on-exec (not really needed here) */
+		if (fcntl(cfd, F_SETFD, 1) == -1) {
+			gnutls_assert();
+			return GNUTLS_E_CRYPTODEV_IOCTL_ERROR;
+		}
+
+		close(_gnutls_cryptodev_fd);
+		_gnutls_cryptodev_fd = cfd;
+	}
+#endif
+
+	ret = register_crypto(_gnutls_cryptodev_fd);
+	if (ret < 0)
+		gnutls_assert();
+
+	if (ret >= 0) {
+		ret = register_mac_digest(_gnutls_cryptodev_fd);
+		if (ret < 0)
+			gnutls_assert();
+	}
+
+	if (ret < 0) {
+		gnutls_assert();
+		close(_gnutls_cryptodev_fd);
+	}
+
+	return ret;
+}
+
+void _gnutls_cryptodev_deinit(void)
+{
+	if (_gnutls_cryptodev_fd != -1)
+		close(_gnutls_cryptodev_fd);
+}
+
+/* MAC and digest stuff */
+
+/* if we are using linux /dev/crypto
+ */
+#if defined(COP_FLAG_UPDATE) && defined(COP_FLAG_RESET)
+
+static const int gnutls_mac_map[] = {
+	[GNUTLS_MAC_MD5] = CRYPTO_MD5_HMAC,
+	[GNUTLS_MAC_SHA1] = CRYPTO_SHA1_HMAC,
+	[GNUTLS_MAC_SHA256] = CRYPTO_SHA2_256_HMAC,
+	[GNUTLS_MAC_SHA384] = CRYPTO_SHA2_384_HMAC,
+	[GNUTLS_MAC_SHA512] = CRYPTO_SHA2_512_HMAC,
+};
+
+static int
+cryptodev_mac_fast(gnutls_mac_algorithm_t algo,
+		   const void *nonce, size_t nonce_size,
+		   const void *key, size_t key_size, const void *text,
+		   size_t text_size, void *digest)
+{
+	struct cryptodev_ctx ctx;
+	int ret;
+
+	assert(nonce_size == 0);
+
+	memset(&ctx, 0, sizeof(ctx));
+	ctx.cfd = _gnutls_cryptodev_fd;
+	ctx.sess.mac = gnutls_mac_map[algo];
+
+	ctx.sess.mackeylen = key_size;
+	ctx.sess.mackey = (void *) key;
+
+	if (ioctl(ctx.cfd, CIOCGSESSION, &ctx.sess))
+		return gnutls_assert_val(GNUTLS_E_CRYPTODEV_IOCTL_ERROR);
+
+	ctx.cryp.ses = ctx.sess.ses;
+
+	ctx.cryp.len = text_size;
+	ctx.cryp.src = (void *) text;
+	ctx.cryp.dst = NULL;
+	ctx.cryp.op = COP_ENCRYPT;
+	ctx.cryp.mac = digest;
+
+	ret = ioctl(ctx.cfd, CIOCCRYPT, &ctx.cryp);
+
+	ioctl(_gnutls_cryptodev_fd, CIOCFSESSION, &ctx.sess.ses);
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_CRYPTODEV_IOCTL_ERROR);
+
+	return 0;
+}
+
+#define cryptodev_mac_deinit cryptodev_deinit
+
+static const gnutls_crypto_mac_st mac_struct = {
+	.init = NULL,
+	.setkey = NULL,
+	.setnonce = NULL,
+	.hash = NULL,
+	.output = NULL,
+	.deinit = NULL,
+	.fast = cryptodev_mac_fast
+};
+
+/* Digest algorithms */
+
+static const int gnutls_digest_map[] = {
+	[GNUTLS_DIG_MD5] = CRYPTO_MD5,
+	[GNUTLS_DIG_SHA1] = CRYPTO_SHA1,
+	[GNUTLS_DIG_SHA256] = CRYPTO_SHA2_256,
+	[GNUTLS_DIG_SHA384] = CRYPTO_SHA2_384,
+	[GNUTLS_DIG_SHA512] = CRYPTO_SHA2_512,
+};
+
+static int
+cryptodev_digest_fast(gnutls_digest_algorithm_t algo,
+		      const void *text, size_t text_size, void *digest)
+{
+	struct cryptodev_ctx ctx;
+	int ret;
+
+	memset(&ctx, 0, sizeof(ctx));
+	ctx.cfd = _gnutls_cryptodev_fd;
+	ctx.sess.mac = gnutls_digest_map[algo];
+
+	if (ioctl(ctx.cfd, CIOCGSESSION, &ctx.sess))
+		return gnutls_assert_val(GNUTLS_E_CRYPTODEV_IOCTL_ERROR);
+
+	ctx.cryp.ses = ctx.sess.ses;
+
+	ctx.cryp.len = text_size;
+	ctx.cryp.src = (void *) text;
+	ctx.cryp.dst = NULL;
+	ctx.cryp.op = COP_ENCRYPT;
+	ctx.cryp.mac = digest;
+
+	ret = ioctl(ctx.cfd, CIOCCRYPT, &ctx.cryp);
+
+	ioctl(_gnutls_cryptodev_fd, CIOCFSESSION, &ctx.sess.ses);
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_CRYPTODEV_IOCTL_ERROR);
+
+	return 0;
+}
+
+static const gnutls_crypto_digest_st digest_struct = {
+	.init = NULL,
+	.hash = NULL,
+	.output = NULL,
+	.deinit = NULL,
+	.fast = cryptodev_digest_fast
+};
+
+static int register_mac_digest(int cfd)
+{
+	struct session_op sess;
+	uint8_t fake_key[CRYPTO_CIPHER_MAX_KEY_LEN];
+	unsigned int i;
+	int ret;
+#ifdef CIOCGSESSINFO
+	struct session_info_op siop;
+#endif
+
+	memset(&sess, 0, sizeof(sess));
+	for (i = 0; i < sizeof(gnutls_mac_map) / sizeof(gnutls_mac_map[0]);
+	     i++) {
+		if (gnutls_mac_map[i] == 0)
+			continue;
+
+		sess.mac = gnutls_mac_map[i];
+		sess.mackeylen = 8;
+		sess.mackey = fake_key;
+
+		if (ioctl(cfd, CIOCGSESSION, &sess)) {
+			continue;
+		}
+#ifdef CIOCGSESSINFO
+		memset(&siop, 0, sizeof(siop));
+
+		siop.ses = sess.ses;	/* do not register ciphers that are not hw accelerated */
+		if (ioctl(cfd, CIOCGSESSINFO, &siop) == 0) {
+			if (!(siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY)) {
+				ioctl(cfd, CIOCFSESSION, &sess.ses);
+				continue;
+			}
+		}
+#endif
+		_gnutls_debug_log("/dev/crypto: registering: HMAC-%s\n",
+				  gnutls_mac_get_name(i));
+
+		ioctl(cfd, CIOCFSESSION, &sess.ses);
+
+		ret =
+		    gnutls_crypto_single_mac_register(i, 90, &mac_struct, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	memset(&sess, 0, sizeof(sess));
+	for (i = 0;
+	     i < sizeof(gnutls_digest_map) / sizeof(gnutls_digest_map[0]);
+	     i++) {
+		if (gnutls_digest_map[i] == 0)
+			continue;
+
+		sess.mac = gnutls_digest_map[i];
+
+		if (ioctl(cfd, CIOCGSESSION, &sess)) {
+			continue;
+		}
+#ifdef CIOCGSESSINFO
+		memset(&siop, 0, sizeof(siop));
+
+		siop.ses = sess.ses;
+		if (ioctl(cfd, CIOCGSESSINFO, &siop) == 0) {
+			if (!(siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY)) {
+				ioctl(cfd, CIOCFSESSION, &sess.ses);
+				continue;
+			}
+		}
+#endif
+
+		ioctl(cfd, CIOCFSESSION, &sess.ses);
+
+		_gnutls_debug_log("/dev/crypto: registering: %s\n",
+				  gnutls_mac_get_name(i));
+		ret =
+		    gnutls_crypto_single_digest_register(i, 90,
+							 &digest_struct, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	return 0;
+}
+
+#else
+static int register_mac_digest(int cfd)
+{
+	return 0;
+}
+
+#endif				/* defined(COP_FLAG_UPDATE) */
+
+#else				/* ENABLE_CRYPTODEV */
+int _gnutls_cryptodev_init(void)
+{
+	return 0;
+}
+
+void _gnutls_cryptodev_deinit(void)
+{
+	return;
+}
+#endif				/* ENABLE_CRYPTODEV */
diff --git a/lib/accelerated/cryptodev.h b/lib/accelerated/cryptodev.h
new file mode 100644
index 0000000..4824def
--- /dev/null
+++ b/lib/accelerated/cryptodev.h
@@ -0,0 +1,14 @@
+#ifndef GNUTLS_LIB_ACCELERATED_CRYPTODEV_H
+# define GNUTLS_LIB_ACCELERATED_CRYPTODEV_H
+
+extern int _gnutls_cryptodev_fd;
+
+#define CHECK_AES_KEYSIZE(s) \
+	if (s != 16 && s != 24 && s != 32) \
+		return GNUTLS_E_INVALID_REQUEST
+
+void _gnutls_cryptodev_deinit(void);
+int _gnutls_cryptodev_init(void);
+int _cryptodev_register_gcm_crypto(int cfd);
+
+#endif /* GNUTLS_LIB_ACCELERATED_CRYPTODEV_H */
diff --git a/lib/accelerated/x86/Makefile.am b/lib/accelerated/x86/Makefile.am
new file mode 100644
index 0000000..58698af
--- /dev/null
+++ b/lib/accelerated/x86/Makefile.am
@@ -0,0 +1,100 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2011-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GNUTLS.
+#
+# The GNUTLS library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GNUTLS library is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+AM_LIBTOOLFLAGS=--tag=CC
+
+include $(top_srcdir)/lib/common.mk
+
+AM_CPPFLAGS = -I$(srcdir)/../../../gl		\
+	-I$(builddir)/../../../gl		\
+	-I$(srcdir)/../../includes	\
+	-I$(builddir)/../../includes	\
+	-I$(srcdir)/../../ \
+	-I$(srcdir)/../
+
+if ENABLE_MINITASN1
+AM_CPPFLAGS += -I$(srcdir)/../../minitasn1
+endif
+
+EXTRA_DIST = README license.txt files.mk
+
+noinst_LTLIBRARIES = libx86.la
+
+libx86_la_SOURCES = x86-common.c aes-x86.h x86-common.h sha-x86-ssse3.c sha-x86.h hmac-x86-ssse3.c \
+	aes-gcm-x86-ssse3.c aes-gcm-x86-aesni.c aes-cbc-x86-ssse3.c aes-cbc-x86-aesni.c aes-gcm-aead.h \
+	aes-ccm-x86-aesni.c aes-xts-x86-aesni.c
+
+if ENABLE_PADLOCK
+libx86_la_SOURCES += sha-padlock.c hmac-padlock.c aes-padlock.c aes-gcm-padlock.c \
+	aes-padlock.h sha-padlock.h
+endif
+
+include files.mk
+
+if ASM_X86_64
+AM_CFLAGS += -DASM_X86_64 -DASM_X86
+libx86_la_SOURCES += aes-gcm-x86-pclmul.c aes-gcm-x86-pclmul-avx.c
+
+if WINDOWS
+libx86_la_SOURCES += $(X86_64_FILES_COFF)
+if ENABLE_PADLOCK
+libx86_la_SOURCES += $(X86_64_PADLOCK_FILES_COFF)
+endif
+endif
+
+if MACOSX
+libx86_la_SOURCES += $(X86_64_FILES_MACOSX)
+if ENABLE_PADLOCK
+libx86_la_SOURCES += $(X86_64_PADLOCK_FILES_MACOSX)
+endif
+endif
+
+if ELF
+libx86_la_SOURCES += $(X86_64_FILES_ELF)
+if ENABLE_PADLOCK
+libx86_la_SOURCES += $(X86_64_PADLOCK_FILES_ELF)
+endif
+endif
+
+else #ASM_X86_64
+AM_CFLAGS += -DASM_X86_32 -DASM_X86
+
+if WINDOWS
+libx86_la_SOURCES += $(X86_FILES_COFF)
+if ENABLE_PADLOCK
+libx86_la_SOURCES += $(X86_PADLOCK_FILES_COFF)
+endif
+endif
+
+if MACOSX
+libx86_la_SOURCES += $(X86_FILES_MACOSX)
+if ENABLE_PADLOCK
+libx86_la_SOURCES += $(X86_PADLOCK_FILES_MACOSX)
+endif
+endif
+
+if ELF
+libx86_la_SOURCES += $(X86_FILES_ELF)
+if ENABLE_PADLOCK
+libx86_la_SOURCES += $(X86_PADLOCK_FILES_ELF)
+endif
+endif
+
+endif #ASM_X86_64
diff --git a/lib/accelerated/x86/Makefile.in b/lib/accelerated/x86/Makefile.in
new file mode 100644
index 0000000..b1b0014
--- /dev/null
+++ b/lib/accelerated/x86/Makefile.in
@@ -0,0 +1,2687 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2011-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GNUTLS.
+#
+# The GNUTLS library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GNUTLS library is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@ENABLE_MINITASN1_TRUE@am__append_1 = -I$(srcdir)/../../minitasn1
+@ENABLE_PADLOCK_TRUE@am__append_2 = sha-padlock.c hmac-padlock.c aes-padlock.c aes-gcm-padlock.c \
+@ENABLE_PADLOCK_TRUE@	aes-padlock.h sha-padlock.h
+
+@ASM_X86_64_TRUE@am__append_3 = -DASM_X86_64 -DASM_X86
+@ASM_X86_64_TRUE@am__append_4 = aes-gcm-x86-pclmul.c aes-gcm-x86-pclmul-avx.c
+@ASM_X86_64_TRUE@@WINDOWS_TRUE@am__append_5 = $(X86_64_FILES_COFF)
+@ASM_X86_64_TRUE@@ENABLE_PADLOCK_TRUE@@WINDOWS_TRUE@am__append_6 = $(X86_64_PADLOCK_FILES_COFF)
+@ASM_X86_64_TRUE@@MACOSX_TRUE@am__append_7 = $(X86_64_FILES_MACOSX)
+@ASM_X86_64_TRUE@@ENABLE_PADLOCK_TRUE@@MACOSX_TRUE@am__append_8 = $(X86_64_PADLOCK_FILES_MACOSX)
+@ASM_X86_64_TRUE@@ELF_TRUE@am__append_9 = $(X86_64_FILES_ELF)
+@ASM_X86_64_TRUE@@ELF_TRUE@@ENABLE_PADLOCK_TRUE@am__append_10 = $(X86_64_PADLOCK_FILES_ELF)
+@ASM_X86_64_FALSE@am__append_11 = -DASM_X86_32 -DASM_X86
+@ASM_X86_64_FALSE@@WINDOWS_TRUE@am__append_12 = $(X86_FILES_COFF)
+@ASM_X86_64_FALSE@@ENABLE_PADLOCK_TRUE@@WINDOWS_TRUE@am__append_13 = $(X86_PADLOCK_FILES_COFF)
+@ASM_X86_64_FALSE@@MACOSX_TRUE@am__append_14 = $(X86_FILES_MACOSX)
+@ASM_X86_64_FALSE@@ENABLE_PADLOCK_TRUE@@MACOSX_TRUE@am__append_15 = $(X86_PADLOCK_FILES_MACOSX)
+@ASM_X86_64_FALSE@@ELF_TRUE@am__append_16 = $(X86_FILES_ELF)
+@ASM_X86_64_FALSE@@ELF_TRUE@@ENABLE_PADLOCK_TRUE@am__append_17 = $(X86_PADLOCK_FILES_ELF)
+subdir = lib/accelerated/x86
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+LTLIBRARIES = $(noinst_LTLIBRARIES)
+libx86_la_LIBADD =
+am__libx86_la_SOURCES_DIST = x86-common.c aes-x86.h x86-common.h \
+	sha-x86-ssse3.c sha-x86.h hmac-x86-ssse3.c aes-gcm-x86-ssse3.c \
+	aes-gcm-x86-aesni.c aes-cbc-x86-ssse3.c aes-cbc-x86-aesni.c \
+	aes-gcm-aead.h aes-ccm-x86-aesni.c aes-xts-x86-aesni.c \
+	sha-padlock.c hmac-padlock.c aes-padlock.c aes-gcm-padlock.c \
+	aes-padlock.h sha-padlock.h aes-gcm-x86-pclmul.c \
+	aes-gcm-x86-pclmul-avx.c coff/aesni-x86_64.s \
+	coff/ghash-x86_64.s coff/sha1-ssse3-x86_64.s \
+	coff/sha512-ssse3-x86_64.s coff/aes-ssse3-x86_64.s \
+	coff/aesni-gcm-x86_64.s coff/sha256-ssse3-x86_64.s \
+	coff/e_padlock-x86_64.s macosx/aesni-x86_64.s \
+	macosx/ghash-x86_64.s macosx/sha1-ssse3-x86_64.s \
+	macosx/sha512-ssse3-x86_64.s macosx/aes-ssse3-x86_64.s \
+	macosx/aesni-gcm-x86_64.s macosx/sha256-ssse3-x86_64.s \
+	macosx/e_padlock-x86_64.s elf/aesni-x86_64.s \
+	elf/ghash-x86_64.s elf/sha1-ssse3-x86_64.s \
+	elf/sha512-ssse3-x86_64.s elf/aes-ssse3-x86_64.s \
+	elf/aesni-gcm-x86_64.s elf/sha256-ssse3-x86_64.s \
+	elf/e_padlock-x86_64.s coff/aesni-x86.s coff/sha1-ssse3-x86.s \
+	coff/sha256-ssse3-x86.s coff/sha512-ssse3-x86.s \
+	coff/aes-ssse3-x86.s coff/e_padlock-x86.s macosx/aesni-x86.s \
+	macosx/sha1-ssse3-x86.s macosx/sha256-ssse3-x86.s \
+	macosx/sha512-ssse3-x86.s macosx/aes-ssse3-x86.s \
+	macosx/e_padlock-x86.s elf/aesni-x86.s elf/sha1-ssse3-x86.s \
+	elf/sha256-ssse3-x86.s elf/sha512-ssse3-x86.s \
+	elf/aes-ssse3-x86.s elf/e_padlock-x86.s
+@ENABLE_PADLOCK_TRUE@am__objects_1 = sha-padlock.lo hmac-padlock.lo \
+@ENABLE_PADLOCK_TRUE@	aes-padlock.lo aes-gcm-padlock.lo
+@ASM_X86_64_TRUE@am__objects_2 = aes-gcm-x86-pclmul.lo \
+@ASM_X86_64_TRUE@	aes-gcm-x86-pclmul-avx.lo
+am__dirstamp = $(am__leading_dot)dirstamp
+am__objects_3 = coff/aesni-x86_64.lo coff/ghash-x86_64.lo \
+	coff/sha1-ssse3-x86_64.lo coff/sha512-ssse3-x86_64.lo \
+	coff/aes-ssse3-x86_64.lo coff/aesni-gcm-x86_64.lo \
+	coff/sha256-ssse3-x86_64.lo
+@ASM_X86_64_TRUE@@WINDOWS_TRUE@am__objects_4 = $(am__objects_3)
+am__objects_5 = coff/e_padlock-x86_64.lo
+@ASM_X86_64_TRUE@@ENABLE_PADLOCK_TRUE@@WINDOWS_TRUE@am__objects_6 = $(am__objects_5)
+am__objects_7 = macosx/aesni-x86_64.lo macosx/ghash-x86_64.lo \
+	macosx/sha1-ssse3-x86_64.lo macosx/sha512-ssse3-x86_64.lo \
+	macosx/aes-ssse3-x86_64.lo macosx/aesni-gcm-x86_64.lo \
+	macosx/sha256-ssse3-x86_64.lo
+@ASM_X86_64_TRUE@@MACOSX_TRUE@am__objects_8 = $(am__objects_7)
+am__objects_9 = macosx/e_padlock-x86_64.lo
+@ASM_X86_64_TRUE@@ENABLE_PADLOCK_TRUE@@MACOSX_TRUE@am__objects_10 = $(am__objects_9)
+am__objects_11 = elf/aesni-x86_64.lo elf/ghash-x86_64.lo \
+	elf/sha1-ssse3-x86_64.lo elf/sha512-ssse3-x86_64.lo \
+	elf/aes-ssse3-x86_64.lo elf/aesni-gcm-x86_64.lo \
+	elf/sha256-ssse3-x86_64.lo
+@ASM_X86_64_TRUE@@ELF_TRUE@am__objects_12 = $(am__objects_11)
+am__objects_13 = elf/e_padlock-x86_64.lo
+@ASM_X86_64_TRUE@@ELF_TRUE@@ENABLE_PADLOCK_TRUE@am__objects_14 = $(am__objects_13)
+am__objects_15 = coff/aesni-x86.lo coff/sha1-ssse3-x86.lo \
+	coff/sha256-ssse3-x86.lo coff/sha512-ssse3-x86.lo \
+	coff/aes-ssse3-x86.lo
+@ASM_X86_64_FALSE@@WINDOWS_TRUE@am__objects_16 = $(am__objects_15)
+am__objects_17 = coff/e_padlock-x86.lo
+@ASM_X86_64_FALSE@@ENABLE_PADLOCK_TRUE@@WINDOWS_TRUE@am__objects_18 = $(am__objects_17)
+am__objects_19 = macosx/aesni-x86.lo macosx/sha1-ssse3-x86.lo \
+	macosx/sha256-ssse3-x86.lo macosx/sha512-ssse3-x86.lo \
+	macosx/aes-ssse3-x86.lo
+@ASM_X86_64_FALSE@@MACOSX_TRUE@am__objects_20 = $(am__objects_19)
+am__objects_21 = macosx/e_padlock-x86.lo
+@ASM_X86_64_FALSE@@ENABLE_PADLOCK_TRUE@@MACOSX_TRUE@am__objects_22 = $(am__objects_21)
+am__objects_23 = elf/aesni-x86.lo elf/sha1-ssse3-x86.lo \
+	elf/sha256-ssse3-x86.lo elf/sha512-ssse3-x86.lo \
+	elf/aes-ssse3-x86.lo
+@ASM_X86_64_FALSE@@ELF_TRUE@am__objects_24 = $(am__objects_23)
+am__objects_25 = elf/e_padlock-x86.lo
+@ASM_X86_64_FALSE@@ELF_TRUE@@ENABLE_PADLOCK_TRUE@am__objects_26 = $(am__objects_25)
+am_libx86_la_OBJECTS = x86-common.lo sha-x86-ssse3.lo \
+	hmac-x86-ssse3.lo aes-gcm-x86-ssse3.lo aes-gcm-x86-aesni.lo \
+	aes-cbc-x86-ssse3.lo aes-cbc-x86-aesni.lo aes-ccm-x86-aesni.lo \
+	aes-xts-x86-aesni.lo $(am__objects_1) $(am__objects_2) \
+	$(am__objects_4) $(am__objects_6) $(am__objects_8) \
+	$(am__objects_10) $(am__objects_12) $(am__objects_14) \
+	$(am__objects_16) $(am__objects_18) $(am__objects_20) \
+	$(am__objects_22) $(am__objects_24) $(am__objects_26)
+libx86_la_OBJECTS = $(am_libx86_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/aes-cbc-x86-aesni.Plo \
+	./$(DEPDIR)/aes-cbc-x86-ssse3.Plo \
+	./$(DEPDIR)/aes-ccm-x86-aesni.Plo \
+	./$(DEPDIR)/aes-gcm-padlock.Plo \
+	./$(DEPDIR)/aes-gcm-x86-aesni.Plo \
+	./$(DEPDIR)/aes-gcm-x86-pclmul-avx.Plo \
+	./$(DEPDIR)/aes-gcm-x86-pclmul.Plo \
+	./$(DEPDIR)/aes-gcm-x86-ssse3.Plo ./$(DEPDIR)/aes-padlock.Plo \
+	./$(DEPDIR)/aes-xts-x86-aesni.Plo ./$(DEPDIR)/hmac-padlock.Plo \
+	./$(DEPDIR)/hmac-x86-ssse3.Plo ./$(DEPDIR)/sha-padlock.Plo \
+	./$(DEPDIR)/sha-x86-ssse3.Plo ./$(DEPDIR)/x86-common.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+CCASCOMPILE = $(CCAS) $(AM_CCASFLAGS) $(CCASFLAGS)
+LTCCASCOMPILE = $(LIBTOOL) $(AM_V_lt) $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CCAS) $(AM_CCASFLAGS) \
+	$(CCASFLAGS)
+AM_V_CCAS = $(am__v_CCAS_@AM_V@)
+am__v_CCAS_ = $(am__v_CCAS_@AM_DEFAULT_V@)
+am__v_CCAS_0 = @echo "  CCAS    " $@;
+am__v_CCAS_1 = 
+SOURCES = $(libx86_la_SOURCES)
+DIST_SOURCES = $(am__libx86_la_SOURCES_DIST)
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/files.mk \
+	$(top_srcdir)/build-aux/depcomp $(top_srcdir)/lib/common.mk \
+	README
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = @GPERF@
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+AM_LIBTOOLFLAGS = --tag=CC
+AM_CFLAGS = $(WERROR_CFLAGS) $(WSTACK_CFLAGS) $(WARN_CFLAGS) \
+	$(NETTLE_CFLAGS) $(LIBTASN1_CFLAGS) $(LIBIDN2_CFLAGS) \
+	$(P11_KIT_CFLAGS) $(LIBZSTD_CFLAGS) $(CODE_COVERAGE_CFLAGS) \
+	$(am__append_3) $(am__append_11)
+COMMON_LINK_FLAGS = $(CODE_COVERAGE_LDFLAGS)
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
+AM_CPPFLAGS = -I$(srcdir)/../../../gl -I$(builddir)/../../../gl \
+	-I$(srcdir)/../../includes -I$(builddir)/../../includes \
+	-I$(srcdir)/../../ -I$(srcdir)/../ $(am__append_1)
+EXTRA_DIST = README license.txt files.mk
+noinst_LTLIBRARIES = libx86.la
+libx86_la_SOURCES = x86-common.c aes-x86.h x86-common.h \
+	sha-x86-ssse3.c sha-x86.h hmac-x86-ssse3.c aes-gcm-x86-ssse3.c \
+	aes-gcm-x86-aesni.c aes-cbc-x86-ssse3.c aes-cbc-x86-aesni.c \
+	aes-gcm-aead.h aes-ccm-x86-aesni.c aes-xts-x86-aesni.c \
+	$(am__append_2) $(am__append_4) $(am__append_5) \
+	$(am__append_6) $(am__append_7) $(am__append_8) \
+	$(am__append_9) $(am__append_10) $(am__append_12) \
+	$(am__append_13) $(am__append_14) $(am__append_15) \
+	$(am__append_16) $(am__append_17)
+X86_FILES_ELF = elf/aesni-x86.s elf/sha1-ssse3-x86.s elf/sha256-ssse3-x86.s elf/sha512-ssse3-x86.s elf/aes-ssse3-x86.s
+X86_FILES_COFF = coff/aesni-x86.s coff/sha1-ssse3-x86.s coff/sha256-ssse3-x86.s coff/sha512-ssse3-x86.s coff/aes-ssse3-x86.s
+X86_FILES_MACOSX = macosx/aesni-x86.s macosx/sha1-ssse3-x86.s macosx/sha256-ssse3-x86.s macosx/sha512-ssse3-x86.s macosx/aes-ssse3-x86.s
+X86_64_FILES_ELF = elf/aesni-x86_64.s elf/ghash-x86_64.s elf/sha1-ssse3-x86_64.s elf/sha512-ssse3-x86_64.s elf/aes-ssse3-x86_64.s elf/aesni-gcm-x86_64.s elf/sha256-ssse3-x86_64.s
+X86_64_FILES_COFF = coff/aesni-x86_64.s coff/ghash-x86_64.s coff/sha1-ssse3-x86_64.s coff/sha512-ssse3-x86_64.s coff/aes-ssse3-x86_64.s coff/aesni-gcm-x86_64.s coff/sha256-ssse3-x86_64.s
+X86_64_FILES_MACOSX = macosx/aesni-x86_64.s macosx/ghash-x86_64.s macosx/sha1-ssse3-x86_64.s macosx/sha512-ssse3-x86_64.s macosx/aes-ssse3-x86_64.s macosx/aesni-gcm-x86_64.s macosx/sha256-ssse3-x86_64.s
+X86_PADLOCK_FILES_ELF = elf/e_padlock-x86.s
+X86_PADLOCK_FILES_COFF = coff/e_padlock-x86.s
+X86_PADLOCK_FILES_MACOSX = macosx/e_padlock-x86.s
+X86_64_PADLOCK_FILES_ELF = elf/e_padlock-x86_64.s
+X86_64_PADLOCK_FILES_COFF = coff/e_padlock-x86_64.s
+X86_64_PADLOCK_FILES_MACOSX = macosx/e_padlock-x86_64.s
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj .s
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/lib/common.mk $(srcdir)/files.mk $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/accelerated/x86/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign lib/accelerated/x86/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+$(top_srcdir)/lib/common.mk $(srcdir)/files.mk $(am__empty):
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+	-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+	@list='$(noinst_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+coff/$(am__dirstamp):
+	@$(MKDIR_P) coff
+	@: > coff/$(am__dirstamp)
+coff/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) coff/$(DEPDIR)
+	@: > coff/$(DEPDIR)/$(am__dirstamp)
+coff/aesni-x86_64.lo: coff/$(am__dirstamp) \
+	coff/$(DEPDIR)/$(am__dirstamp)
+coff/ghash-x86_64.lo: coff/$(am__dirstamp) \
+	coff/$(DEPDIR)/$(am__dirstamp)
+coff/sha1-ssse3-x86_64.lo: coff/$(am__dirstamp) \
+	coff/$(DEPDIR)/$(am__dirstamp)
+coff/sha512-ssse3-x86_64.lo: coff/$(am__dirstamp) \
+	coff/$(DEPDIR)/$(am__dirstamp)
+coff/aes-ssse3-x86_64.lo: coff/$(am__dirstamp) \
+	coff/$(DEPDIR)/$(am__dirstamp)
+coff/aesni-gcm-x86_64.lo: coff/$(am__dirstamp) \
+	coff/$(DEPDIR)/$(am__dirstamp)
+coff/sha256-ssse3-x86_64.lo: coff/$(am__dirstamp) \
+	coff/$(DEPDIR)/$(am__dirstamp)
+coff/e_padlock-x86_64.lo: coff/$(am__dirstamp) \
+	coff/$(DEPDIR)/$(am__dirstamp)
+macosx/$(am__dirstamp):
+	@$(MKDIR_P) macosx
+	@: > macosx/$(am__dirstamp)
+macosx/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) macosx/$(DEPDIR)
+	@: > macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/aesni-x86_64.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/ghash-x86_64.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/sha1-ssse3-x86_64.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/sha512-ssse3-x86_64.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/aes-ssse3-x86_64.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/aesni-gcm-x86_64.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/sha256-ssse3-x86_64.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/e_padlock-x86_64.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+elf/$(am__dirstamp):
+	@$(MKDIR_P) elf
+	@: > elf/$(am__dirstamp)
+elf/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) elf/$(DEPDIR)
+	@: > elf/$(DEPDIR)/$(am__dirstamp)
+elf/aesni-x86_64.lo: elf/$(am__dirstamp) elf/$(DEPDIR)/$(am__dirstamp)
+elf/ghash-x86_64.lo: elf/$(am__dirstamp) elf/$(DEPDIR)/$(am__dirstamp)
+elf/sha1-ssse3-x86_64.lo: elf/$(am__dirstamp) \
+	elf/$(DEPDIR)/$(am__dirstamp)
+elf/sha512-ssse3-x86_64.lo: elf/$(am__dirstamp) \
+	elf/$(DEPDIR)/$(am__dirstamp)
+elf/aes-ssse3-x86_64.lo: elf/$(am__dirstamp) \
+	elf/$(DEPDIR)/$(am__dirstamp)
+elf/aesni-gcm-x86_64.lo: elf/$(am__dirstamp) \
+	elf/$(DEPDIR)/$(am__dirstamp)
+elf/sha256-ssse3-x86_64.lo: elf/$(am__dirstamp) \
+	elf/$(DEPDIR)/$(am__dirstamp)
+elf/e_padlock-x86_64.lo: elf/$(am__dirstamp) \
+	elf/$(DEPDIR)/$(am__dirstamp)
+coff/aesni-x86.lo: coff/$(am__dirstamp) coff/$(DEPDIR)/$(am__dirstamp)
+coff/sha1-ssse3-x86.lo: coff/$(am__dirstamp) \
+	coff/$(DEPDIR)/$(am__dirstamp)
+coff/sha256-ssse3-x86.lo: coff/$(am__dirstamp) \
+	coff/$(DEPDIR)/$(am__dirstamp)
+coff/sha512-ssse3-x86.lo: coff/$(am__dirstamp) \
+	coff/$(DEPDIR)/$(am__dirstamp)
+coff/aes-ssse3-x86.lo: coff/$(am__dirstamp) \
+	coff/$(DEPDIR)/$(am__dirstamp)
+coff/e_padlock-x86.lo: coff/$(am__dirstamp) \
+	coff/$(DEPDIR)/$(am__dirstamp)
+macosx/aesni-x86.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/sha1-ssse3-x86.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/sha256-ssse3-x86.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/sha512-ssse3-x86.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/aes-ssse3-x86.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+macosx/e_padlock-x86.lo: macosx/$(am__dirstamp) \
+	macosx/$(DEPDIR)/$(am__dirstamp)
+elf/aesni-x86.lo: elf/$(am__dirstamp) elf/$(DEPDIR)/$(am__dirstamp)
+elf/sha1-ssse3-x86.lo: elf/$(am__dirstamp) \
+	elf/$(DEPDIR)/$(am__dirstamp)
+elf/sha256-ssse3-x86.lo: elf/$(am__dirstamp) \
+	elf/$(DEPDIR)/$(am__dirstamp)
+elf/sha512-ssse3-x86.lo: elf/$(am__dirstamp) \
+	elf/$(DEPDIR)/$(am__dirstamp)
+elf/aes-ssse3-x86.lo: elf/$(am__dirstamp) \
+	elf/$(DEPDIR)/$(am__dirstamp)
+elf/e_padlock-x86.lo: elf/$(am__dirstamp) \
+	elf/$(DEPDIR)/$(am__dirstamp)
+
+libx86.la: $(libx86_la_OBJECTS) $(libx86_la_DEPENDENCIES) $(EXTRA_libx86_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(LINK)  $(libx86_la_OBJECTS) $(libx86_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+	-rm -f coff/*.$(OBJEXT)
+	-rm -f coff/*.lo
+	-rm -f elf/*.$(OBJEXT)
+	-rm -f elf/*.lo
+	-rm -f macosx/*.$(OBJEXT)
+	-rm -f macosx/*.lo
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes-cbc-x86-aesni.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes-cbc-x86-ssse3.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes-ccm-x86-aesni.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes-gcm-padlock.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes-gcm-x86-aesni.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes-gcm-x86-pclmul-avx.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes-gcm-x86-pclmul.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes-gcm-x86-ssse3.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes-padlock.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes-xts-x86-aesni.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hmac-padlock.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hmac-x86-ssse3.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha-padlock.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha-x86-ssse3.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/x86-common.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+.s.o:
+	$(AM_V_CCAS)$(CCASCOMPILE) -c -o $@ $<
+
+.s.obj:
+	$(AM_V_CCAS)$(CCASCOMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.s.lo:
+	$(AM_V_CCAS)$(LTCCASCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+	-rm -rf coff/.libs coff/_libs
+	-rm -rf elf/.libs elf/_libs
+	-rm -rf macosx/.libs macosx/_libs
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+	-rm -f coff/$(DEPDIR)/$(am__dirstamp)
+	-rm -f coff/$(am__dirstamp)
+	-rm -f elf/$(DEPDIR)/$(am__dirstamp)
+	-rm -f elf/$(am__dirstamp)
+	-rm -f macosx/$(DEPDIR)/$(am__dirstamp)
+	-rm -f macosx/$(am__dirstamp)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	mostlyclean-am
+
+distclean: distclean-am
+		-rm -f ./$(DEPDIR)/aes-cbc-x86-aesni.Plo
+	-rm -f ./$(DEPDIR)/aes-cbc-x86-ssse3.Plo
+	-rm -f ./$(DEPDIR)/aes-ccm-x86-aesni.Plo
+	-rm -f ./$(DEPDIR)/aes-gcm-padlock.Plo
+	-rm -f ./$(DEPDIR)/aes-gcm-x86-aesni.Plo
+	-rm -f ./$(DEPDIR)/aes-gcm-x86-pclmul-avx.Plo
+	-rm -f ./$(DEPDIR)/aes-gcm-x86-pclmul.Plo
+	-rm -f ./$(DEPDIR)/aes-gcm-x86-ssse3.Plo
+	-rm -f ./$(DEPDIR)/aes-padlock.Plo
+	-rm -f ./$(DEPDIR)/aes-xts-x86-aesni.Plo
+	-rm -f ./$(DEPDIR)/hmac-padlock.Plo
+	-rm -f ./$(DEPDIR)/hmac-x86-ssse3.Plo
+	-rm -f ./$(DEPDIR)/sha-padlock.Plo
+	-rm -f ./$(DEPDIR)/sha-x86-ssse3.Plo
+	-rm -f ./$(DEPDIR)/x86-common.Plo
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+		-rm -f ./$(DEPDIR)/aes-cbc-x86-aesni.Plo
+	-rm -f ./$(DEPDIR)/aes-cbc-x86-ssse3.Plo
+	-rm -f ./$(DEPDIR)/aes-ccm-x86-aesni.Plo
+	-rm -f ./$(DEPDIR)/aes-gcm-padlock.Plo
+	-rm -f ./$(DEPDIR)/aes-gcm-x86-aesni.Plo
+	-rm -f ./$(DEPDIR)/aes-gcm-x86-pclmul-avx.Plo
+	-rm -f ./$(DEPDIR)/aes-gcm-x86-pclmul.Plo
+	-rm -f ./$(DEPDIR)/aes-gcm-x86-ssse3.Plo
+	-rm -f ./$(DEPDIR)/aes-padlock.Plo
+	-rm -f ./$(DEPDIR)/aes-xts-x86-aesni.Plo
+	-rm -f ./$(DEPDIR)/hmac-padlock.Plo
+	-rm -f ./$(DEPDIR)/hmac-x86-ssse3.Plo
+	-rm -f ./$(DEPDIR)/sha-padlock.Plo
+	-rm -f ./$(DEPDIR)/sha-x86-ssse3.Plo
+	-rm -f ./$(DEPDIR)/x86-common.Plo
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+	clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	cscopelist-am ctags ctags-am distclean distclean-compile \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man install-pdf \
+	install-pdf-am install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-am uninstall uninstall-am
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/lib/accelerated/x86/README b/lib/accelerated/x86/README
new file mode 100644
index 0000000..7e35c47
--- /dev/null
+++ b/lib/accelerated/x86/README
@@ -0,0 +1,4 @@
+The AES-NI and Padlock implementations by Andy Polyakov are not part of the
+GnuTLS library, but are used with GnuTLS. Their license is included in
+license.txt.
+
diff --git a/lib/accelerated/x86/aes-cbc-x86-aesni.c b/lib/accelerated/x86/aes-cbc-x86-aesni.c
new file mode 100644
index 0000000..fa9858d
--- /dev/null
+++ b/lib/accelerated/x86/aes-cbc-x86-aesni.c
@@ -0,0 +1,148 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-CBC cipher
+ * using intel's AES instruction set. 
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aes-x86.h>
+#include <sha-x86.h>
+#include <x86-common.h>
+
+struct aes_ctx {
+	AES_KEY expanded_key;
+	uint8_t iv[16];
+	int enc;
+};
+
+static int
+aes_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
+{
+	/* we use key size to distinguish */
+	if (algorithm != GNUTLS_CIPHER_AES_128_CBC
+	    && algorithm != GNUTLS_CIPHER_AES_192_CBC
+	    && algorithm != GNUTLS_CIPHER_AES_256_CBC)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	*_ctx = gnutls_calloc(1, sizeof(struct aes_ctx));
+	if (*_ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	((struct aes_ctx *) (*_ctx))->enc = enc;
+
+	return 0;
+}
+
+static int
+aes_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+	struct aes_ctx *ctx = _ctx;
+	int ret;
+
+	CHECK_AES_KEYSIZE(keysize);
+
+	if (ctx->enc)
+		ret =
+		    aesni_set_encrypt_key(userkey, keysize * 8,
+					  ALIGN16(&ctx->expanded_key));
+	else
+		ret =
+		    aesni_set_decrypt_key(userkey, keysize * 8,
+					  ALIGN16(&ctx->expanded_key));
+
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
+
+	return 0;
+}
+
+static int aes_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct aes_ctx *ctx = _ctx;
+
+	if (iv_size != 16)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memcpy(ctx->iv, iv, 16);
+	return 0;
+}
+
+static int
+aes_encrypt(void *_ctx, const void *src, size_t src_size,
+	    void *dst, size_t dst_size)
+{
+	struct aes_ctx *ctx = _ctx;
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	if (unlikely(src_size % 16 != 0))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	aesni_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),
+			  ctx->iv, 1);
+	return 0;
+}
+
+static int
+aes_decrypt(void *_ctx, const void *src, size_t src_size,
+	    void *dst, size_t dst_size)
+{
+	struct aes_ctx *ctx = _ctx;
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	if (unlikely(src_size % 16 != 0))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	aesni_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),
+			  ctx->iv, 0);
+
+	return 0;
+}
+
+static void aes_deinit(void *_ctx)
+{
+	struct aes_ctx *ctx = _ctx;
+	
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+const gnutls_crypto_cipher_st _gnutls_aesni_x86 = {
+	.init = aes_cipher_init,
+	.setkey = aes_cipher_setkey,
+	.setiv = aes_setiv,
+	.encrypt = aes_encrypt,
+	.decrypt = aes_decrypt,
+	.deinit = aes_deinit,
+};
+
diff --git a/lib/accelerated/x86/aes-cbc-x86-ssse3.c b/lib/accelerated/x86/aes-cbc-x86-ssse3.c
new file mode 100644
index 0000000..7999fc1
--- /dev/null
+++ b/lib/accelerated/x86/aes-cbc-x86-ssse3.c
@@ -0,0 +1,149 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-CBC cipher
+ * using intel's AES instruction set. 
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aes-x86.h>
+#include <sha-x86.h>
+#include <x86-common.h>
+
+struct aes_ctx {
+	AES_KEY expanded_key;
+	uint8_t iv[16];
+	int enc;
+};
+
+static int
+aes_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
+{
+	/* we use key size to distinguish */
+	if (algorithm != GNUTLS_CIPHER_AES_128_CBC
+	    && algorithm != GNUTLS_CIPHER_AES_192_CBC
+	    && algorithm != GNUTLS_CIPHER_AES_256_CBC)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	*_ctx = gnutls_calloc(1, sizeof(struct aes_ctx));
+	if (*_ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	((struct aes_ctx *) (*_ctx))->enc = enc;
+
+	return 0;
+}
+
+static int
+aes_ssse3_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+	struct aes_ctx *ctx = _ctx;
+	int ret;
+
+	CHECK_AES_KEYSIZE(keysize);
+
+	if (ctx->enc)
+		ret =
+		    vpaes_set_encrypt_key(userkey, keysize * 8,
+					  ALIGN16(&ctx->expanded_key));
+	else
+		ret =
+		    vpaes_set_decrypt_key(userkey, keysize * 8,
+					  ALIGN16(&ctx->expanded_key));
+
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
+
+	return 0;
+}
+
+static int
+aes_ssse3_encrypt(void *_ctx, const void *src, size_t src_size,
+	    void *dst, size_t dst_size)
+{
+	struct aes_ctx *ctx = _ctx;
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	if (unlikely(src_size % 16 != 0))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	vpaes_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),
+			  ctx->iv, 1);
+	return 0;
+}
+
+static int
+aes_ssse3_decrypt(void *_ctx, const void *src, size_t src_size,
+	    void *dst, size_t dst_size)
+{
+	struct aes_ctx *ctx = _ctx;
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	if (unlikely(src_size % 16 != 0))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	vpaes_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),
+			  ctx->iv, 0);
+
+	return 0;
+}
+
+static int aes_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct aes_ctx *ctx = _ctx;
+
+	if (iv_size != 16)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memcpy(ctx->iv, iv, 16);
+	return 0;
+}
+
+static void aes_deinit(void *_ctx)
+{
+	struct aes_ctx *ctx = _ctx;
+	
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+
+const gnutls_crypto_cipher_st _gnutls_aes_ssse3 = {
+	.init = aes_cipher_init,
+	.setkey = aes_ssse3_cipher_setkey,
+	.setiv = aes_setiv,
+	.encrypt = aes_ssse3_encrypt,
+	.decrypt = aes_ssse3_decrypt,
+	.deinit = aes_deinit,
+};
+
diff --git a/lib/accelerated/x86/aes-ccm-x86-aesni.c b/lib/accelerated/x86/aes-ccm-x86-aesni.c
new file mode 100644
index 0000000..701c0f9
--- /dev/null
+++ b/lib/accelerated/x86/aes-ccm-x86-aesni.c
@@ -0,0 +1,153 @@
+/*
+ * Copyright (C) 2014-2015 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-CCM cipher
+ * using AESNI (without PCLMUL)
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+
+#ifdef HAVE_LIBNETTLE
+
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aes-x86.h>
+#include <x86-common.h>
+#include <byteswap.h>
+#include <nettle/ccm.h>
+#include <aes-x86.h>
+
+typedef struct ccm_x86_aes_ctx {
+	AES_KEY key;
+} ccm_x86_aes_ctx;
+
+/* CCM mode 
+ */
+static void x86_aes_encrypt(const void *_ctx,
+			    size_t length, uint8_t * dst,
+			    const uint8_t * src)
+{
+	AES_KEY *ctx = (void*)_ctx;
+	aesni_ecb_encrypt(src, dst, length, ctx, 1);
+}
+
+static int
+aes_ccm_cipher_init(gnutls_cipher_algorithm_t algorithm, void **ctx,
+		    int enc)
+{
+	/* we use key size to distinguish */
+	if (algorithm != GNUTLS_CIPHER_AES_128_CCM &&
+	    algorithm != GNUTLS_CIPHER_AES_256_CCM &&
+	    algorithm != GNUTLS_CIPHER_AES_128_CCM_8 &&
+	    algorithm != GNUTLS_CIPHER_AES_256_CCM_8)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	*ctx = gnutls_calloc(1, sizeof(ccm_x86_aes_ctx));
+	if (*ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+static int
+aes_ccm_cipher_setkey(void *_ctx, const void *key, size_t length)
+{
+	struct ccm_x86_aes_ctx *ctx = _ctx;
+	aesni_set_encrypt_key(key, length*8, &ctx->key);
+
+	return 0;
+}
+
+static int
+aes_ccm_aead_encrypt(void *_ctx,
+			const void *nonce, size_t nonce_size,
+			const void *auth, size_t auth_size,
+			size_t tag_size,
+			const void *plain, size_t plain_size,
+		   	void *encr, size_t encr_size)
+{
+	struct ccm_x86_aes_ctx *ctx = _ctx;
+	/* proper AEAD cipher */
+
+	if (unlikely(encr_size < plain_size + tag_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ccm_encrypt_message(&ctx->key, x86_aes_encrypt,
+			    nonce_size, nonce,
+			    auth_size, auth,
+			    tag_size,
+			    plain_size+tag_size, encr,
+			    plain);
+	return 0;
+}
+
+static int
+aes_ccm_aead_decrypt(void *_ctx,
+			const void *nonce, size_t nonce_size,
+			const void *auth, size_t auth_size,
+			size_t tag_size,
+		   	const void *encr, size_t encr_size,
+			void *plain, size_t plain_size)
+{
+	struct ccm_x86_aes_ctx *ctx = _ctx;
+	int ret;
+
+	if (unlikely(encr_size < tag_size))
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+	if (unlikely(plain_size < encr_size - tag_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ret = ccm_decrypt_message(&ctx->key, x86_aes_encrypt,
+				  nonce_size, nonce,
+				  auth_size, auth,
+				  tag_size,
+				  encr_size-tag_size, plain,
+				  encr);
+	if (unlikely(ret == 0))
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+	return 0;
+}
+
+
+static void aes_ccm_deinit(void *_ctx)
+{
+	struct ccm_x86_aes_ctx *ctx = _ctx;
+
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+const gnutls_crypto_cipher_st _gnutls_aes_ccm_x86_aesni = {
+	.init = aes_ccm_cipher_init,
+	.setkey = aes_ccm_cipher_setkey,
+	.aead_encrypt = aes_ccm_aead_encrypt,
+	.aead_decrypt = aes_ccm_aead_decrypt,
+	.deinit = aes_ccm_deinit,
+};
+
+#endif
diff --git a/lib/accelerated/x86/aes-gcm-aead.h b/lib/accelerated/x86/aes-gcm-aead.h
new file mode 100644
index 0000000..a16563e
--- /dev/null
+++ b/lib/accelerated/x86/aes-gcm-aead.h
@@ -0,0 +1,55 @@
+#ifndef GNUTLS_LIB_ACCELERATED_X86_AES_GCM_AEAD_H
+# define GNUTLS_LIB_ACCELERATED_X86_AES_GCM_AEAD_H
+
+static int
+aes_gcm_aead_encrypt(void *ctx,
+			const void *nonce, size_t nonce_size,
+			const void *auth, size_t auth_size,
+			size_t tag_size,
+			const void *plain, size_t plain_size,
+		   	void *encr, size_t encr_size)
+{
+	/* proper AEAD cipher */
+	if (unlikely(encr_size - tag_size < plain_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	aes_gcm_setiv(ctx, nonce, nonce_size);
+	aes_gcm_auth(ctx, auth, auth_size);
+
+	aes_gcm_encrypt(ctx, plain, plain_size, encr, encr_size);
+
+	aes_gcm_tag(ctx, ((uint8_t*)encr) + plain_size, tag_size);
+	return 0;
+}
+
+static int
+aes_gcm_aead_decrypt(void *ctx,
+			const void *nonce, size_t nonce_size,
+			const void *auth, size_t auth_size,
+			size_t tag_size,
+		   	const void *encr, size_t encr_size,
+			void *plain, size_t plain_size)
+{
+	uint8_t tag[MAX_HASH_SIZE];
+
+	if (unlikely(encr_size < tag_size))
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+	if (unlikely(plain_size < encr_size - tag_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	aes_gcm_setiv(ctx, nonce, nonce_size);
+	aes_gcm_auth(ctx, auth, auth_size);
+
+	encr_size -= tag_size;
+	aes_gcm_decrypt(ctx, encr, encr_size, plain, plain_size);
+
+	aes_gcm_tag(ctx, tag, tag_size);
+
+	if (gnutls_memcmp(((uint8_t*)encr)+encr_size, tag, tag_size) != 0)
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+	return 0;
+}
+
+#endif /* GNUTLS_LIB_ACCELERATED_X86_AES_GCM_AEAD_H */
diff --git a/lib/accelerated/x86/aes-gcm-padlock.c b/lib/accelerated/x86/aes-gcm-padlock.c
new file mode 100644
index 0000000..739883a
--- /dev/null
+++ b/lib/accelerated/x86/aes-gcm-padlock.c
@@ -0,0 +1,203 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-GCM cipher
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+
+#ifdef HAVE_LIBNETTLE
+
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aes-x86.h>
+#include <x86-common.h>
+#include <byteswap.h>
+#include <nettle/gcm.h>
+#include <aes-padlock.h>
+
+#define GCM_BLOCK_SIZE 16
+
+/* GCM mode 
+ * Actually padlock doesn't include GCM mode. We just use
+ * the ECB part of padlock and nettle for everything else.
+ */
+struct gcm_padlock_aes_ctx {
+	struct GCM_CTX(struct padlock_ctx) inner;
+	size_t rekey_counter;
+};
+
+static void padlock_aes_encrypt(const void *_ctx,
+				size_t length, uint8_t * dst,
+				const uint8_t * src)
+{
+	struct padlock_ctx *ctx = (void*)_ctx;
+	struct padlock_cipher_data *pce;
+
+	pce = ALIGN16(&ctx->expanded_key);
+
+	if (length > 0)
+		padlock_ecb_encrypt(dst, src, pce, length);
+}
+
+static void padlock_aes128_set_encrypt_key(struct padlock_ctx *_ctx,
+					const uint8_t * key)
+{
+	struct padlock_ctx *ctx = _ctx;
+	ctx->enc = 1;
+
+	padlock_aes_cipher_setkey(_ctx, key, 16);
+}
+
+static void padlock_aes256_set_encrypt_key(struct padlock_ctx *_ctx,
+					const uint8_t * key)
+{
+	struct padlock_ctx *ctx = _ctx;
+	ctx->enc = 1;
+
+	padlock_aes_cipher_setkey(_ctx, key, 32);
+}
+
+static void aes_gcm_deinit(void *_ctx)
+{
+	struct gcm_padlock_aes_ctx *ctx = _ctx;
+
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+static int
+aes_gcm_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx,
+		    int enc)
+{
+	/* we use key size to distinguish */
+	if (algorithm != GNUTLS_CIPHER_AES_128_GCM &&
+	    algorithm != GNUTLS_CIPHER_AES_256_GCM)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	*_ctx = gnutls_calloc(1, sizeof(struct gcm_padlock_aes_ctx));
+	if (*_ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+static int
+aes_gcm_cipher_setkey(void *_ctx, const void *key, size_t keysize)
+{
+	struct gcm_padlock_aes_ctx *ctx = _ctx;
+
+	if (keysize == 16) {
+		GCM_SET_KEY(&ctx->inner, padlock_aes128_set_encrypt_key, padlock_aes_encrypt,
+			    key);
+	} else if (keysize == 32) {
+		GCM_SET_KEY(&ctx->inner, padlock_aes256_set_encrypt_key, padlock_aes_encrypt,
+			    key);
+	} else
+		return GNUTLS_E_INVALID_REQUEST;
+
+	ctx->rekey_counter = 0;
+	return 0;
+}
+
+static int aes_gcm_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct gcm_padlock_aes_ctx *ctx = _ctx;
+
+	if (iv_size != GCM_BLOCK_SIZE - 4)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	GCM_SET_IV(&ctx->inner, iv_size, iv);
+
+	ctx->rekey_counter = 0;
+	return 0;
+}
+
+static int
+aes_gcm_encrypt(void *_ctx, const void *src, size_t src_size,
+		void *dst, size_t length)
+{
+	struct gcm_padlock_aes_ctx *ctx = _ctx;
+	int ret;
+
+	if (unlikely(length < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ret = record_aes_gcm_encrypt_size(&ctx->rekey_counter, src_size);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	GCM_ENCRYPT(&ctx->inner, padlock_aes_encrypt, src_size, dst, src);
+
+	return 0;
+}
+
+static int
+aes_gcm_decrypt(void *_ctx, const void *src, size_t src_size,
+		void *dst, size_t dst_size)
+{
+	struct gcm_padlock_aes_ctx *ctx = _ctx;
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	GCM_DECRYPT(&ctx->inner, padlock_aes_encrypt, src_size, dst, src);
+	return 0;
+}
+
+static int aes_gcm_auth(void *_ctx, const void *src, size_t src_size)
+{
+	struct gcm_padlock_aes_ctx *ctx = _ctx;
+
+	GCM_UPDATE(&ctx->inner, src_size, src);
+
+	return 0;
+}
+
+static void aes_gcm_tag(void *_ctx, void *tag, size_t tagsize)
+{
+	struct gcm_padlock_aes_ctx *ctx = _ctx;
+
+	GCM_DIGEST(&ctx->inner, padlock_aes_encrypt, tagsize, tag);
+}
+
+#include "aes-gcm-aead.h"
+
+const gnutls_crypto_cipher_st _gnutls_aes_gcm_padlock = {
+	.init = aes_gcm_cipher_init,
+	.setkey = aes_gcm_cipher_setkey,
+	.setiv = aes_gcm_setiv,
+	.encrypt = aes_gcm_encrypt,
+	.decrypt = aes_gcm_decrypt,
+	.aead_encrypt = aes_gcm_aead_encrypt,
+	.aead_decrypt = aes_gcm_aead_decrypt,
+	.deinit = aes_gcm_deinit,
+	.tag = aes_gcm_tag,
+	.auth = aes_gcm_auth,
+};
+
+#endif
diff --git a/lib/accelerated/x86/aes-gcm-x86-aesni.c b/lib/accelerated/x86/aes-gcm-x86-aesni.c
new file mode 100644
index 0000000..3be63dd
--- /dev/null
+++ b/lib/accelerated/x86/aes-gcm-x86-aesni.c
@@ -0,0 +1,206 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-GCM cipher
+ * using AESNI (without PCLMUL)
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+
+#ifdef HAVE_LIBNETTLE
+
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aes-x86.h>
+#include <x86-common.h>
+#include <byteswap.h>
+#include <nettle/gcm.h>
+
+/* GCM mode 
+ * It is used when the CPU doesn't include the PCLMUL instructions.
+ */
+struct gcm_x86_aes_ctx {
+	struct GCM_CTX(AES_KEY) inner;
+	size_t rekey_counter;
+};
+
+static void x86_aes_encrypt(const void *_ctx,
+				size_t length, uint8_t * dst,
+				const uint8_t * src)
+{
+	AES_KEY *ctx = (void*)_ctx;
+
+	aesni_ecb_encrypt(src, dst, length, ctx, 1);
+}
+
+static void x86_aes128_set_encrypt_key(void *_ctx,
+					const uint8_t * key)
+{
+	AES_KEY *ctx = _ctx;
+
+	aesni_set_encrypt_key(key, 16*8, ctx);
+}
+
+static void x86_aes192_set_encrypt_key(void *_ctx,
+					const uint8_t * key)
+{
+	AES_KEY *ctx = _ctx;
+
+	aesni_set_encrypt_key(key, 24*8, ctx);
+}
+
+static void x86_aes256_set_encrypt_key(void *_ctx,
+					const uint8_t * key)
+{
+	AES_KEY *ctx = _ctx;
+
+	aesni_set_encrypt_key(key, 32*8, ctx);
+}
+
+static int
+aes_gcm_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx,
+		    int enc)
+{
+	/* we use key size to distinguish */
+	if (algorithm != GNUTLS_CIPHER_AES_128_GCM &&
+	    algorithm != GNUTLS_CIPHER_AES_192_GCM &&
+	    algorithm != GNUTLS_CIPHER_AES_256_GCM)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	*_ctx = gnutls_calloc(1, sizeof(struct gcm_x86_aes_ctx));
+	if (*_ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+static int
+aes_gcm_cipher_setkey(void *_ctx, const void *key, size_t length)
+{
+	struct gcm_x86_aes_ctx *ctx = _ctx;
+
+	if (length == 16) {
+		GCM_SET_KEY(&ctx->inner, x86_aes128_set_encrypt_key, x86_aes_encrypt,
+			    key);
+	} else if (length == 24) {
+		GCM_SET_KEY(&ctx->inner, x86_aes192_set_encrypt_key, x86_aes_encrypt,
+			    key);
+	} else if (length == 32) {
+		GCM_SET_KEY(&ctx->inner, x86_aes256_set_encrypt_key, x86_aes_encrypt,
+			    key);
+	} else
+		return GNUTLS_E_INVALID_REQUEST;
+
+	ctx->rekey_counter = 0;
+	return 0;
+}
+
+static int aes_gcm_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct gcm_x86_aes_ctx *ctx = _ctx;
+
+	if (iv_size != GCM_BLOCK_SIZE - 4)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	GCM_SET_IV(&ctx->inner, iv_size, iv);
+
+	ctx->rekey_counter = 0;
+	return 0;
+}
+
+static int
+aes_gcm_encrypt(void *_ctx, const void *src, size_t src_size,
+		void *dst, size_t length)
+{
+	struct gcm_x86_aes_ctx *ctx = _ctx;
+	int ret;
+
+	if (unlikely(length < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ret = record_aes_gcm_encrypt_size(&ctx->rekey_counter, src_size);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	GCM_ENCRYPT(&ctx->inner, x86_aes_encrypt, src_size, dst, src);
+
+	return 0;
+}
+
+static int
+aes_gcm_decrypt(void *_ctx, const void *src, size_t src_size,
+		void *dst, size_t dst_size)
+{
+	struct gcm_x86_aes_ctx *ctx = _ctx;
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	GCM_DECRYPT(&ctx->inner, x86_aes_encrypt, src_size, dst, src);
+	return 0;
+}
+
+static int aes_gcm_auth(void *_ctx, const void *src, size_t src_size)
+{
+	struct gcm_x86_aes_ctx *ctx = _ctx;
+
+	GCM_UPDATE(&ctx->inner, src_size, src);
+
+	return 0;
+}
+
+static void aes_gcm_tag(void *_ctx, void *tag, size_t tagsize)
+{
+	struct gcm_x86_aes_ctx *ctx = _ctx;
+
+	GCM_DIGEST(&ctx->inner, x86_aes_encrypt, tagsize, tag);
+}
+
+static void aes_gcm_deinit(void *_ctx)
+{
+	struct gcm_x86_aes_ctx *ctx = _ctx;
+
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+#include "aes-gcm-aead.h"
+
+const gnutls_crypto_cipher_st _gnutls_aes_gcm_x86_aesni = {
+	.init = aes_gcm_cipher_init,
+	.setkey = aes_gcm_cipher_setkey,
+	.setiv = aes_gcm_setiv,
+	.aead_encrypt = aes_gcm_aead_encrypt,
+	.aead_decrypt = aes_gcm_aead_decrypt,
+	.encrypt = aes_gcm_encrypt,
+	.decrypt = aes_gcm_decrypt,
+	.deinit = aes_gcm_deinit,
+	.tag = aes_gcm_tag,
+	.auth = aes_gcm_auth,
+};
+
+#endif
diff --git a/lib/accelerated/x86/aes-gcm-x86-pclmul-avx.c b/lib/accelerated/x86/aes-gcm-x86-pclmul-avx.c
new file mode 100644
index 0000000..fbefe43
--- /dev/null
+++ b/lib/accelerated/x86/aes-gcm-x86-pclmul-avx.c
@@ -0,0 +1,391 @@
+/*
+ * Copyright (C) 2011-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-GCM cipher
+ * using intel's AES instruction set.
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aes-x86.h>
+#include <x86-common.h>
+#include <nettle/memxor.h>
+#include <byteswap.h>
+
+#define GCM_BLOCK_SIZE 16
+
+/* GCM mode with PCLMUL and AVX optimization */
+
+typedef struct {
+	uint64_t hi, lo;
+} u128;
+
+/* This is the gcm128 structure used in openssl. It
+ * is compatible with the included assembly code.
+ */
+struct gcm128_context {
+	union {
+		uint64_t u[2];
+		uint32_t d[4];
+		uint8_t c[16];
+		size_t t[16 / sizeof(size_t)];
+	} Yi, EKi, EK0, len, Xi, H;
+	u128 Htable[16];
+};
+
+struct aes_gcm_ctx {
+	AES_KEY expanded_key;
+	struct gcm128_context gcm;
+	unsigned finished;
+	unsigned auth_finished;
+	size_t rekey_counter;
+};
+
+void gcm_init_avx(u128 Htable[16], const uint64_t Xi[2]);
+void gcm_ghash_avx(uint64_t Xi[2], const u128 Htable[16], const uint8_t *in, size_t len);
+void gcm_gmult_avx(uint64_t Xi[2], const u128 Htable[16]);
+
+static void aes_gcm_deinit(void *_ctx)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+static int
+aes_gcm_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx,
+		    int enc)
+{
+	/* we use key size to distinguish */
+	if (algorithm != GNUTLS_CIPHER_AES_128_GCM &&
+	    algorithm != GNUTLS_CIPHER_AES_192_GCM &&
+	    algorithm != GNUTLS_CIPHER_AES_256_GCM)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	*_ctx = gnutls_calloc(1, sizeof(struct aes_gcm_ctx));
+	if (*_ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+static int
+aes_gcm_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+	int ret;
+
+	CHECK_AES_KEYSIZE(keysize);
+
+	ret =
+	    aesni_set_encrypt_key(userkey, keysize * 8,
+				  ALIGN16(&ctx->expanded_key));
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
+
+	aesni_ecb_encrypt(ctx->gcm.H.c, ctx->gcm.H.c,
+			  GCM_BLOCK_SIZE, ALIGN16(&ctx->expanded_key), 1);
+
+	ctx->gcm.H.u[0] = bswap_64(ctx->gcm.H.u[0]);
+	ctx->gcm.H.u[1] = bswap_64(ctx->gcm.H.u[1]);
+
+	gcm_init_avx(ctx->gcm.Htable, ctx->gcm.H.u);
+
+	ctx->rekey_counter = 0;
+	return 0;
+}
+
+static int aes_gcm_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+
+	if (iv_size != GCM_BLOCK_SIZE - 4)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memset(ctx->gcm.Xi.c, 0, sizeof(ctx->gcm.Xi.c));
+	memset(ctx->gcm.len.c, 0, sizeof(ctx->gcm.len.c));
+
+	memcpy(ctx->gcm.Yi.c, iv, GCM_BLOCK_SIZE - 4);
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 4] = 0;
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 3] = 0;
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 2] = 0;
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 1] = 1;
+
+	aesni_ecb_encrypt(ctx->gcm.Yi.c, ctx->gcm.EK0.c,
+			  GCM_BLOCK_SIZE, ALIGN16(&ctx->expanded_key), 1);
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 1] = 2;
+	ctx->finished = 0;
+	ctx->auth_finished = 0;
+	ctx->rekey_counter = 0;
+	return 0;
+}
+
+static void
+gcm_ghash(struct aes_gcm_ctx *ctx, const uint8_t * src, size_t src_size)
+{
+	size_t rest = src_size % GCM_BLOCK_SIZE;
+	size_t aligned_size = src_size - rest;
+
+	if (aligned_size > 0)
+		gcm_ghash_avx(ctx->gcm.Xi.u, ctx->gcm.Htable, src,
+				aligned_size);
+
+	if (rest > 0) {
+		memxor(ctx->gcm.Xi.c, src + aligned_size, rest);
+		gcm_gmult_avx(ctx->gcm.Xi.u, ctx->gcm.Htable);
+	}
+}
+
+static inline void
+ctr_encrypt_last(struct aes_gcm_ctx *ctx, const uint8_t * src,
+		 uint8_t * dst, size_t pos, size_t length)
+{
+	uint8_t tmp[GCM_BLOCK_SIZE];
+	uint8_t out[GCM_BLOCK_SIZE];
+
+	memcpy(tmp, &src[pos], length);
+	aesni_ctr32_encrypt_blocks(tmp, out, 1,
+				   ALIGN16(&ctx->expanded_key),
+				   ctx->gcm.Yi.c);
+
+	memcpy(&dst[pos], out, length);
+
+}
+
+static int
+aes_gcm_encrypt(void *_ctx, const void *src, size_t src_size,
+		void *dst, size_t length)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+	int blocks = src_size / GCM_BLOCK_SIZE;
+	int exp_blocks = blocks * GCM_BLOCK_SIZE;
+	int rest = src_size - (exp_blocks);
+	uint32_t counter;
+	int ret;
+
+	if (unlikely(ctx->finished))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (unlikely(length < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ret = record_aes_gcm_encrypt_size(&ctx->rekey_counter, src_size);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	if (blocks > 0) {
+		aesni_ctr32_encrypt_blocks(src, dst,
+					   blocks,
+					   ALIGN16(&ctx->expanded_key),
+					   ctx->gcm.Yi.c);
+
+		counter = _gnutls_read_uint32(ctx->gcm.Yi.c + 12);
+		counter += blocks;
+		_gnutls_write_uint32(counter, ctx->gcm.Yi.c + 12);
+	}
+
+	if (rest > 0) {	/* last incomplete block */
+		ctr_encrypt_last(ctx, src, dst, exp_blocks, rest);
+		ctx->finished = 1;
+	}
+
+	gcm_ghash(ctx, dst, src_size);
+	ctx->gcm.len.u[1] += src_size;
+
+	return 0;
+}
+
+static int
+aes_gcm_decrypt(void *_ctx, const void *src, size_t src_size,
+		void *dst, size_t dst_size)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+	int blocks = src_size / GCM_BLOCK_SIZE;
+	int exp_blocks = blocks * GCM_BLOCK_SIZE;
+	int rest = src_size - (exp_blocks);
+	uint32_t counter;
+
+	if (unlikely(ctx->finished))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	gcm_ghash(ctx, src, src_size);
+	ctx->gcm.len.u[1] += src_size;
+
+	if (blocks > 0) {
+		aesni_ctr32_encrypt_blocks(src, dst,
+					   blocks,
+					   ALIGN16(&ctx->expanded_key),
+					   ctx->gcm.Yi.c);
+
+		counter = _gnutls_read_uint32(ctx->gcm.Yi.c + 12);
+		counter += blocks;
+		_gnutls_write_uint32(counter, ctx->gcm.Yi.c + 12);
+	}
+
+	if (rest > 0) {	/* last incomplete block */
+		ctr_encrypt_last(ctx, src, dst, exp_blocks, rest);
+		ctx->finished = 1;
+	}
+
+	return 0;
+}
+
+static int aes_gcm_auth(void *_ctx, const void *src, size_t src_size)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+
+	if (unlikely(ctx->auth_finished))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	gcm_ghash(ctx, src, src_size);
+	ctx->gcm.len.u[0] += src_size;
+
+	if (src_size % GCM_BLOCK_SIZE != 0)
+		ctx->auth_finished = 1;
+
+	return 0;
+}
+
+
+static void aes_gcm_tag(void *_ctx, void *tag, size_t tagsize)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+	uint8_t buffer[GCM_BLOCK_SIZE];
+	uint64_t alen, clen;
+
+	alen = ctx->gcm.len.u[0] * 8;
+	clen = ctx->gcm.len.u[1] * 8;
+
+	_gnutls_write_uint64(alen, buffer);
+	_gnutls_write_uint64(clen, &buffer[8]);
+
+	gcm_ghash_avx(ctx->gcm.Xi.u, ctx->gcm.Htable, buffer,
+			GCM_BLOCK_SIZE);
+
+	ctx->gcm.Xi.u[0] ^= ctx->gcm.EK0.u[0];
+	ctx->gcm.Xi.u[1] ^= ctx->gcm.EK0.u[1];
+
+	memcpy(tag, ctx->gcm.Xi.c, MIN(GCM_BLOCK_SIZE, tagsize));
+}
+
+#ifdef ASM_X86_64
+/* requires AVX */
+static int
+aesni_gcm_aead_encrypt(void *_ctx,
+			const void *nonce, size_t nonce_size,
+			const void *auth, size_t auth_size,
+			size_t tag_size,
+			const void *plain, size_t plain_size,
+		   	void *encr, size_t encr_size)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+	size_t s = 0;
+
+	if (encr_size < plain_size + tag_size)
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	aes_gcm_setiv(ctx, nonce, nonce_size);
+	aes_gcm_auth(ctx, auth, auth_size);
+
+	if (plain_size >= 96) {
+		s = aesni_gcm_encrypt(plain, encr, plain_size, ALIGN16(&ctx->expanded_key),
+			ctx->gcm.Yi.c, ctx->gcm.Xi.u);
+		ctx->gcm.len.u[1] += s;
+	}
+
+	if ((plain_size-s) > 0)
+		aes_gcm_encrypt(ctx, ((uint8_t*)plain)+s, plain_size-s, ((uint8_t*)encr)+s, encr_size-s);
+
+	aes_gcm_tag(ctx, ((uint8_t*)encr) + plain_size, tag_size);
+
+	return 0;
+}
+
+static int
+aesni_gcm_aead_decrypt(void *_ctx,
+			const void *nonce, size_t nonce_size,
+			const void *auth, size_t auth_size,
+			size_t tag_size,
+		   	const void *encr, size_t encr_size,
+			void *plain, size_t plain_size)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+	uint8_t tag[MAX_HASH_SIZE];
+	size_t s = 0;
+
+	if (unlikely(encr_size < tag_size))
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+	if (unlikely(plain_size < encr_size - tag_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	aes_gcm_setiv(ctx, nonce, nonce_size);
+	aes_gcm_auth(ctx, auth, auth_size);
+
+	encr_size -= tag_size;
+
+	if (encr_size >= 96) {
+		s = aesni_gcm_decrypt(encr, plain, encr_size, ALIGN16(&ctx->expanded_key),
+			ctx->gcm.Yi.c, ctx->gcm.Xi.u);
+		ctx->gcm.len.u[1] += s;
+	}
+
+	if ((encr_size-s) > 0) {
+		aes_gcm_decrypt(ctx, ((uint8_t*)encr)+s, encr_size-s, ((uint8_t*)plain)+s, plain_size-s);
+	}
+
+	aes_gcm_tag(ctx, tag, tag_size);
+
+	if (gnutls_memcmp(((uint8_t*)encr)+encr_size, tag, tag_size) != 0)
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+	return 0;
+}
+#else
+# define aesni_gcm_aead_decrypt aes_gcm_aead_decrypt
+# define aesni_gcm_aead_encrypt aes_gcm_aead_encrypt
+# include "aes-gcm-aead.h"
+#endif
+
+const gnutls_crypto_cipher_st _gnutls_aes_gcm_pclmul_avx = {
+	.init = aes_gcm_cipher_init,
+	.setkey = aes_gcm_cipher_setkey,
+	.setiv = aes_gcm_setiv,
+	.aead_encrypt = aesni_gcm_aead_encrypt,
+	.aead_decrypt = aesni_gcm_aead_decrypt,
+	.encrypt = aes_gcm_encrypt,
+	.decrypt = aes_gcm_decrypt,
+	.deinit = aes_gcm_deinit,
+	.tag = aes_gcm_tag,
+	.auth = aes_gcm_auth,
+};
diff --git a/lib/accelerated/x86/aes-gcm-x86-pclmul.c b/lib/accelerated/x86/aes-gcm-x86-pclmul.c
new file mode 100644
index 0000000..5385acb
--- /dev/null
+++ b/lib/accelerated/x86/aes-gcm-x86-pclmul.c
@@ -0,0 +1,314 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-GCM cipher
+ * using intel's AES instruction set.
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aes-x86.h>
+#include <x86-common.h>
+#include <nettle/memxor.h>
+#include <byteswap.h>
+
+#define GCM_BLOCK_SIZE 16
+
+/* GCM mode */
+
+typedef struct {
+	uint64_t hi, lo;
+} u128;
+
+/* This is the gcm128 structure used in openssl. It
+ * is compatible with the included assembly code.
+ */
+struct gcm128_context {
+	union {
+		uint64_t u[2];
+		uint32_t d[4];
+		uint8_t c[16];
+	} Yi, EKi, EK0, len, Xi, H;
+	u128 Htable[16];
+};
+
+struct aes_gcm_ctx {
+	AES_KEY expanded_key;
+	struct gcm128_context gcm;
+	unsigned finished;
+	unsigned auth_finished;
+	size_t rekey_counter;
+};
+
+void gcm_init_clmul(u128 Htable[16], const uint64_t Xi[2]);
+void gcm_ghash_clmul(uint64_t Xi[2], const u128 Htable[16],
+		     const uint8_t * inp, size_t len);
+void gcm_gmult_clmul(uint64_t Xi[2], const u128 Htable[16]);
+
+static void aes_gcm_deinit(void *_ctx)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+static int
+aes_gcm_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx,
+		    int enc)
+{
+	/* we use key size to distinguish */
+	if (algorithm != GNUTLS_CIPHER_AES_128_GCM &&
+	    algorithm != GNUTLS_CIPHER_AES_192_GCM &&
+	    algorithm != GNUTLS_CIPHER_AES_256_GCM)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	*_ctx = gnutls_calloc(1, sizeof(struct aes_gcm_ctx));
+	if (*_ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+static int
+aes_gcm_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+	int ret;
+
+	CHECK_AES_KEYSIZE(keysize);
+
+	ret =
+	    aesni_set_encrypt_key(userkey, keysize * 8,
+				  ALIGN16(&ctx->expanded_key));
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
+
+	aesni_ecb_encrypt(ctx->gcm.H.c, ctx->gcm.H.c,
+			  GCM_BLOCK_SIZE, ALIGN16(&ctx->expanded_key), 1);
+
+	ctx->gcm.H.u[0] = bswap_64(ctx->gcm.H.u[0]);
+	ctx->gcm.H.u[1] = bswap_64(ctx->gcm.H.u[1]);
+
+	gcm_init_clmul(ctx->gcm.Htable, ctx->gcm.H.u);
+
+	ctx->rekey_counter = 0;
+	return 0;
+}
+
+static int aes_gcm_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+
+	if (iv_size != GCM_BLOCK_SIZE - 4)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memset(ctx->gcm.Xi.c, 0, sizeof(ctx->gcm.Xi.c));
+	memset(ctx->gcm.len.c, 0, sizeof(ctx->gcm.len.c));
+
+	memcpy(ctx->gcm.Yi.c, iv, GCM_BLOCK_SIZE - 4);
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 4] = 0;
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 3] = 0;
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 2] = 0;
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 1] = 1;
+
+	aesni_ecb_encrypt(ctx->gcm.Yi.c, ctx->gcm.EK0.c,
+			  GCM_BLOCK_SIZE, ALIGN16(&ctx->expanded_key), 1);
+	ctx->gcm.Yi.c[GCM_BLOCK_SIZE - 1] = 2;
+	ctx->finished = 0;
+	ctx->auth_finished = 0;
+	ctx->rekey_counter = 0;
+	return 0;
+}
+
+static void
+gcm_ghash(struct aes_gcm_ctx *ctx, const uint8_t * src, size_t src_size)
+{
+	size_t rest = src_size % GCM_BLOCK_SIZE;
+	size_t aligned_size = src_size - rest;
+
+	if (aligned_size > 0)
+		gcm_ghash_clmul(ctx->gcm.Xi.u, ctx->gcm.Htable, src,
+				aligned_size);
+
+	if (rest > 0) {
+		memxor(ctx->gcm.Xi.c, src + aligned_size, rest);
+		gcm_gmult_clmul(ctx->gcm.Xi.u, ctx->gcm.Htable);
+	}
+}
+
+static inline void
+ctr_encrypt_last(struct aes_gcm_ctx *ctx, const uint8_t * src,
+		 uint8_t * dst, size_t pos, size_t length)
+{
+	uint8_t tmp[GCM_BLOCK_SIZE];
+	uint8_t out[GCM_BLOCK_SIZE];
+
+	memcpy(tmp, &src[pos], length);
+	aesni_ctr32_encrypt_blocks(tmp, out, 1,
+				   ALIGN16(&ctx->expanded_key),
+				   ctx->gcm.Yi.c);
+
+	memcpy(&dst[pos], out, length);
+
+}
+
+static int
+aes_gcm_encrypt(void *_ctx, const void *src, size_t src_size,
+		void *dst, size_t length)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+	int blocks = src_size / GCM_BLOCK_SIZE;
+	int exp_blocks = blocks * GCM_BLOCK_SIZE;
+	int rest = src_size - (exp_blocks);
+	uint32_t counter;
+	int ret;
+
+	if (unlikely(ctx->finished))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (unlikely(length < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ret = record_aes_gcm_encrypt_size(&ctx->rekey_counter, src_size);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	if (blocks > 0) {
+		aesni_ctr32_encrypt_blocks(src, dst,
+					   blocks,
+					   ALIGN16(&ctx->expanded_key),
+					   ctx->gcm.Yi.c);
+
+		counter = _gnutls_read_uint32(ctx->gcm.Yi.c + 12);
+		counter += blocks;
+		_gnutls_write_uint32(counter, ctx->gcm.Yi.c + 12);
+	}
+
+	if (rest > 0) {	/* last incomplete block */
+		ctr_encrypt_last(ctx, src, dst, exp_blocks, rest);
+		ctx->finished = 1;
+	}
+
+	gcm_ghash(ctx, dst, src_size);
+	ctx->gcm.len.u[1] += src_size;
+
+	return 0;
+}
+
+static int
+aes_gcm_decrypt(void *_ctx, const void *src, size_t src_size,
+		void *dst, size_t dst_size)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+	int blocks = src_size / GCM_BLOCK_SIZE;
+	int exp_blocks = blocks * GCM_BLOCK_SIZE;
+	int rest = src_size - (exp_blocks);
+	uint32_t counter;
+
+	if (unlikely(ctx->finished))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	gcm_ghash(ctx, src, src_size);
+	ctx->gcm.len.u[1] += src_size;
+
+	if (blocks > 0) {
+		aesni_ctr32_encrypt_blocks(src, dst,
+					   blocks,
+					   ALIGN16(&ctx->expanded_key),
+					   ctx->gcm.Yi.c);
+
+		counter = _gnutls_read_uint32(ctx->gcm.Yi.c + 12);
+		counter += blocks;
+		_gnutls_write_uint32(counter, ctx->gcm.Yi.c + 12);
+	}
+
+	if (rest > 0) {	/* last incomplete block */
+		ctr_encrypt_last(ctx, src, dst, exp_blocks, rest);
+		ctx->finished = 1;
+	}
+
+	return 0;
+}
+
+static int aes_gcm_auth(void *_ctx, const void *src, size_t src_size)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+
+	if (unlikely(ctx->auth_finished))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	gcm_ghash(ctx, src, src_size);
+	ctx->gcm.len.u[0] += src_size;
+
+	if (src_size % GCM_BLOCK_SIZE != 0)
+		ctx->auth_finished = 1;
+
+	return 0;
+}
+
+
+static void aes_gcm_tag(void *_ctx, void *tag, size_t tagsize)
+{
+	struct aes_gcm_ctx *ctx = _ctx;
+	uint8_t buffer[GCM_BLOCK_SIZE];
+	uint64_t alen, clen;
+
+	alen = ctx->gcm.len.u[0] * 8;
+	clen = ctx->gcm.len.u[1] * 8;
+
+	_gnutls_write_uint64(alen, buffer);
+	_gnutls_write_uint64(clen, &buffer[8]);
+
+	gcm_ghash_clmul(ctx->gcm.Xi.u, ctx->gcm.Htable, buffer,
+			GCM_BLOCK_SIZE);
+
+	ctx->gcm.Xi.u[0] ^= ctx->gcm.EK0.u[0];
+	ctx->gcm.Xi.u[1] ^= ctx->gcm.EK0.u[1];
+
+	memcpy(tag, ctx->gcm.Xi.c, MIN(GCM_BLOCK_SIZE, tagsize));
+}
+
+#include "aes-gcm-aead.h"
+
+const gnutls_crypto_cipher_st _gnutls_aes_gcm_pclmul = {
+	.init = aes_gcm_cipher_init,
+	.setkey = aes_gcm_cipher_setkey,
+	.setiv = aes_gcm_setiv,
+	.aead_encrypt = aes_gcm_aead_encrypt,
+	.aead_decrypt = aes_gcm_aead_decrypt,
+	.encrypt = aes_gcm_encrypt,
+	.decrypt = aes_gcm_decrypt,
+	.deinit = aes_gcm_deinit,
+	.tag = aes_gcm_tag,
+	.auth = aes_gcm_auth,
+};
diff --git a/lib/accelerated/x86/aes-gcm-x86-ssse3.c b/lib/accelerated/x86/aes-gcm-x86-ssse3.c
new file mode 100644
index 0000000..f074cb1
--- /dev/null
+++ b/lib/accelerated/x86/aes-gcm-x86-ssse3.c
@@ -0,0 +1,215 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-GCM cipher
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+
+#ifdef HAVE_LIBNETTLE
+
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aes-x86.h>
+#include <x86-common.h>
+#include <byteswap.h>
+#include <nettle/gcm.h>
+#include <assert.h>
+
+/* GCM mode 
+ * It is used when the CPU doesn't include the PCLMUL instructions.
+ */
+struct gcm_x86_aes_ctx {
+	struct GCM_CTX(AES_KEY) inner;
+	size_t rekey_counter;
+};
+
+static void x86_aes_encrypt(const void *_ctx,
+				size_t length, uint8_t * dst,
+				const uint8_t * src)
+{
+	AES_KEY *ctx = (void*)_ctx;
+	unsigned i;
+	unsigned blocks = (length+15) / 16;
+
+	assert(blocks*16 == length);
+
+	for (i=0;i<blocks;i++) {
+		vpaes_encrypt(src, dst, ctx);
+		dst += 16;
+		src += 16;
+	}
+}
+
+static void x86_aes_128_set_encrypt_key(void *_ctx,
+				    const uint8_t * key)
+{
+	AES_KEY *ctx = _ctx;
+
+	vpaes_set_encrypt_key(key, 16*8, ctx);
+}
+
+static void x86_aes_192_set_encrypt_key(void *_ctx,
+				    const uint8_t * key)
+{
+	AES_KEY *ctx = _ctx;
+
+	vpaes_set_encrypt_key(key, 24*8, ctx);
+}
+
+static void x86_aes_256_set_encrypt_key(void *_ctx,
+				    const uint8_t * key)
+{
+	AES_KEY *ctx = _ctx;
+
+	vpaes_set_encrypt_key(key, 32*8, ctx);
+}
+
+static int
+aes_gcm_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx,
+		    int enc)
+{
+	/* we use key size to distinguish */
+	if (algorithm != GNUTLS_CIPHER_AES_128_GCM &&
+	    algorithm != GNUTLS_CIPHER_AES_192_GCM &&
+	    algorithm != GNUTLS_CIPHER_AES_256_GCM)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	*_ctx = gnutls_calloc(1, sizeof(struct gcm_x86_aes_ctx));
+	if (*_ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+static int
+aes_gcm_cipher_setkey(void *_ctx, const void *key, size_t keysize)
+{
+	struct gcm_x86_aes_ctx *ctx = _ctx;
+
+	if (keysize == 16) {
+		GCM_SET_KEY(&ctx->inner, x86_aes_128_set_encrypt_key, x86_aes_encrypt,
+			    key);
+	} else if (keysize == 24) {
+		GCM_SET_KEY(&ctx->inner, x86_aes_192_set_encrypt_key, x86_aes_encrypt,
+			    key);
+	} else if (keysize == 32) {
+		GCM_SET_KEY(&ctx->inner, x86_aes_256_set_encrypt_key, x86_aes_encrypt,
+			    key);
+	} else
+		return GNUTLS_E_INVALID_REQUEST;
+
+	ctx->rekey_counter = 0;
+	return 0;
+}
+
+static int aes_gcm_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct gcm_x86_aes_ctx *ctx = _ctx;
+
+	if (iv_size != GCM_BLOCK_SIZE - 4)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	GCM_SET_IV(&ctx->inner, iv_size, iv);
+
+	ctx->rekey_counter = 0;
+	return 0;
+}
+
+static int
+aes_gcm_encrypt(void *_ctx, const void *src, size_t src_size,
+		void *dst, size_t length)
+{
+	struct gcm_x86_aes_ctx *ctx = _ctx;
+	int ret;
+
+	if (unlikely(length < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ret = record_aes_gcm_encrypt_size(&ctx->rekey_counter, src_size);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	GCM_ENCRYPT(&ctx->inner, x86_aes_encrypt, src_size, dst, src);
+
+	return 0;
+}
+
+static int
+aes_gcm_decrypt(void *_ctx, const void *src, size_t src_size,
+		void *dst, size_t dst_size)
+{
+	struct gcm_x86_aes_ctx *ctx = _ctx;
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	GCM_DECRYPT(&ctx->inner, x86_aes_encrypt, src_size, dst, src);
+	return 0;
+}
+
+static int aes_gcm_auth(void *_ctx, const void *src, size_t src_size)
+{
+	struct gcm_x86_aes_ctx *ctx = _ctx;
+
+	GCM_UPDATE(&ctx->inner, src_size, src);
+
+	return 0;
+}
+
+static void aes_gcm_tag(void *_ctx, void *tag, size_t tagsize)
+{
+	struct gcm_x86_aes_ctx *ctx = _ctx;
+
+	GCM_DIGEST(&ctx->inner, x86_aes_encrypt, tagsize, tag);
+}
+
+static void aes_gcm_deinit(void *_ctx)
+{
+	struct gcm_x86_aes_ctx *ctx = _ctx;
+
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+#include "aes-gcm-aead.h"
+
+const gnutls_crypto_cipher_st _gnutls_aes_gcm_x86_ssse3 = {
+	.init = aes_gcm_cipher_init,
+	.setkey = aes_gcm_cipher_setkey,
+	.setiv = aes_gcm_setiv,
+	.aead_encrypt = aes_gcm_aead_encrypt,
+	.aead_decrypt = aes_gcm_aead_decrypt,
+	.encrypt = aes_gcm_encrypt,
+	.decrypt = aes_gcm_decrypt,
+	.deinit = aes_gcm_deinit,
+	.tag = aes_gcm_tag,
+	.auth = aes_gcm_auth,
+};
+
+#endif
diff --git a/lib/accelerated/x86/aes-padlock.c b/lib/accelerated/x86/aes-padlock.c
new file mode 100644
index 0000000..4fa6389
--- /dev/null
+++ b/lib/accelerated/x86/aes-padlock.c
@@ -0,0 +1,184 @@
+/*
+ * Copyright (C) 2011-2018 Free Software Foundation, Inc.
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-CBC cipher
+ * using VIA Padlock instruction set. 
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aes-x86.h>
+#include <x86-common.h>
+#include <nettle/aes.h>		/* for key generation in 192 and 256 bits */
+#include <sha-padlock.h>
+#include <aes-padlock.h>
+
+static int
+aes_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
+{
+	/* we use key size to distinguish */
+	if (algorithm != GNUTLS_CIPHER_AES_128_CBC
+	    && algorithm != GNUTLS_CIPHER_AES_256_CBC
+		&& algorithm != GNUTLS_CIPHER_AES_192_CBC)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	*_ctx = gnutls_calloc(1, sizeof(struct padlock_ctx));
+	if (*_ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	((struct padlock_ctx *) (*_ctx))->enc = enc;
+	return 0;
+}
+
+int
+padlock_aes_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+	struct padlock_ctx *ctx = _ctx;
+	struct padlock_cipher_data *pce;
+	struct aes192_ctx nc192;
+	struct aes256_ctx nc256;
+
+	memset(_ctx, 0, sizeof(struct padlock_cipher_data));
+
+	pce = ALIGN16(&ctx->expanded_key);
+
+	pce->cword.b.encdec = (ctx->enc == 0);
+
+	switch (keysize) {
+	case 16:
+		pce->cword.b.ksize = 0;
+		pce->cword.b.rounds = 10;
+		memcpy(pce->ks.rd_key, userkey, 16);
+		pce->cword.b.keygen = 0;
+		break;
+	case 24:
+		pce->cword.b.ksize = 1;
+		pce->cword.b.rounds = 12;
+		if (ctx->enc)
+				aes192_set_encrypt_key(&nc192, userkey);
+		else
+			aes192_set_decrypt_key(&nc192, userkey);
+		memcpy(pce->ks.rd_key, nc192.keys, sizeof(nc192.keys));
+		pce->ks.rounds = _AES192_ROUNDS;
+		pce->cword.b.keygen = 1;
+		break;
+	case 32:
+		pce->cword.b.ksize = 2;
+		pce->cword.b.rounds = 14;
+
+		/* expand key using nettle */
+		if (ctx->enc)
+			aes256_set_encrypt_key(&nc256, userkey);
+		else
+			aes256_set_decrypt_key(&nc256, userkey);
+
+		memcpy(pce->ks.rd_key, nc256.keys, sizeof(nc256.keys));
+		pce->ks.rounds = _AES256_ROUNDS;
+
+		pce->cword.b.keygen = 1;
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	padlock_reload_key();
+
+	return 0;
+}
+
+static int aes_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct padlock_ctx *ctx = _ctx;
+	struct padlock_cipher_data *pce;
+
+	pce = ALIGN16(&ctx->expanded_key);
+
+	if (iv_size != 16)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memcpy(pce->iv, iv, 16);
+
+	return 0;
+}
+
+static int
+padlock_aes_cbc_encrypt(void *_ctx, const void *src, size_t src_size,
+			void *dst, size_t dst_size)
+{
+	struct padlock_ctx *ctx = _ctx;
+	struct padlock_cipher_data *pce;
+	int ret = 1;
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	pce = ALIGN16(&ctx->expanded_key);
+
+	if (src_size > 0)
+		ret = padlock_cbc_encrypt(dst, src, pce, src_size);
+
+	return ret ? 0 : GNUTLS_E_ENCRYPTION_FAILED;
+}
+
+
+static int
+padlock_aes_cbc_decrypt(void *_ctx, const void *src, size_t src_size,
+			void *dst, size_t dst_size)
+{
+	struct padlock_ctx *ctx = _ctx;
+	struct padlock_cipher_data *pcd;
+	int ret = 1;
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	pcd = ALIGN16(&ctx->expanded_key);
+
+	if (src_size > 0)
+		padlock_cbc_encrypt(dst, src, pcd, src_size);
+
+	return ret ? 0 : GNUTLS_E_ENCRYPTION_FAILED;
+}
+
+static void aes_deinit(void *_ctx)
+{
+	struct padlock_ctx *ctx = _ctx;
+	
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+const gnutls_crypto_cipher_st _gnutls_aes_padlock = {
+	.init = aes_cipher_init,
+	.setkey = padlock_aes_cipher_setkey,
+	.setiv = aes_setiv,
+	.encrypt = padlock_aes_cbc_encrypt,
+	.decrypt = padlock_aes_cbc_decrypt,
+	.deinit = aes_deinit,
+};
+
diff --git a/lib/accelerated/x86/aes-padlock.h b/lib/accelerated/x86/aes-padlock.h
new file mode 100644
index 0000000..378a90e
--- /dev/null
+++ b/lib/accelerated/x86/aes-padlock.h
@@ -0,0 +1,46 @@
+#ifndef GNUTLS_LIB_ACCELERATED_X86_AES_PADLOCK_H
+#define GNUTLS_LIB_ACCELERATED_X86_AES_PADLOCK_H
+
+#include "gnutls_int.h"
+#include <aes-x86.h>
+
+struct padlock_cipher_data {
+	unsigned char iv[16];	/* Initialization vector */
+	union {
+		unsigned int pad[4];
+		struct {
+			unsigned rounds:4;
+			unsigned dgst:1;	/* n/a in C3 */
+			unsigned align:1;	/* n/a in C3 */
+			unsigned ciphr:1;	/* n/a in C3 */
+			unsigned int keygen:1;
+			unsigned interm:1;
+			unsigned int encdec:1;
+			unsigned ksize:2;
+		} b;
+	} cword;		/* Control word */
+	AES_KEY ks;		/* Encryption key */
+};
+
+struct padlock_ctx {
+	struct padlock_cipher_data expanded_key;
+	int enc;
+};
+
+extern const gnutls_crypto_cipher_st _gnutls_aes_padlock;
+extern const gnutls_crypto_cipher_st _gnutls_aes_gcm_padlock;
+
+extern const gnutls_crypto_mac_st _gnutls_hmac_sha_padlock_oneshot;
+extern const gnutls_crypto_digest_st _gnutls_sha_padlock_oneshot;
+
+int padlock_aes_cipher_setkey(void *_ctx, const void *userkey,
+			      size_t keysize);
+
+/* asm */
+unsigned int padlock_capability(void);
+void padlock_reload_key(void);
+int padlock_ecb_encrypt(void *out, const void *inp,
+			struct padlock_cipher_data *ctx, size_t len);
+int padlock_cbc_encrypt(void *out, const void *inp,
+			struct padlock_cipher_data *ctx, size_t len);
+#endif /* GNUTLS_LIB_ACCELERATED_X86_AES_PADLOCK_H */
diff --git a/lib/accelerated/x86/aes-x86.h b/lib/accelerated/x86/aes-x86.h
new file mode 100644
index 0000000..349d3d5
--- /dev/null
+++ b/lib/accelerated/x86/aes-x86.h
@@ -0,0 +1,89 @@
+#ifndef GNUTLS_LIB_ACCELERATED_X86_AES_X86_H
+#define GNUTLS_LIB_ACCELERATED_X86_AES_X86_H
+
+#include "gnutls_int.h"
+
+void register_x86_crypto(void);
+
+#define ALIGN16(x) \
+        ((void *)(((ptrdiff_t)(x)+(ptrdiff_t)0x0f)&~((ptrdiff_t)0x0f)))
+
+#define AES_KEY_ALIGN_SIZE 4
+#define AES_MAXNR 14
+typedef struct {
+	/* We add few more integers to allow alignment 
+	 * on a 16-byte boundary.
+	 */
+	uint32_t rd_key[4 * (AES_MAXNR + 1) + AES_KEY_ALIGN_SIZE];
+	uint32_t rounds;
+} AES_KEY;
+
+#define CHECK_AES_KEYSIZE(s) \
+	if (s != 16 && s != 24 && s != 32) \
+		return GNUTLS_E_INVALID_REQUEST
+
+#include <intprops.h>
+#define AES_GCM_ENCRYPT_MAX_BYTES ((1ULL << 36) - 32)
+static inline int
+record_aes_gcm_encrypt_size(size_t *counter, size_t size) {
+	size_t sum;
+
+	if (!INT_ADD_OK(*counter, size, &sum) ||
+	    sum > AES_GCM_ENCRYPT_MAX_BYTES) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+	*counter = sum;
+
+	return 0;
+}
+
+void aesni_ecb_encrypt(const unsigned char *in, unsigned char *out,
+		       size_t len, const AES_KEY * key, int enc);
+
+void aesni_cbc_encrypt(const unsigned char *in, unsigned char *out,
+		       size_t len, const AES_KEY * key,
+		       unsigned char *ivec, const int enc);
+int aesni_set_decrypt_key(const unsigned char *userKey, const int bits,
+			  AES_KEY * key);
+int aesni_set_encrypt_key(const unsigned char *userKey, const int bits,
+			  AES_KEY * key);
+
+void aesni_ctr32_encrypt_blocks(const unsigned char *in,
+				unsigned char *out,
+				size_t blocks,
+				const void *key,
+				const unsigned char *ivec);
+
+size_t aesni_gcm_encrypt(const void *inp, void *out, size_t len,
+	const AES_KEY *key, const unsigned char iv[16], uint64_t* Xi);
+
+size_t aesni_gcm_decrypt(const void *inp, void *out, size_t len,
+	const AES_KEY *key, const unsigned char iv[16], uint64_t* Xi);
+
+void aesni_xts_encrypt(const unsigned char *in, unsigned char *out,
+		       size_t len, const AES_KEY * key, const AES_KEY * key2,
+		       const unsigned char iv[16]);
+
+void aesni_xts_decrypt(const unsigned char *in, unsigned char *out,
+		       size_t len, const AES_KEY * key, const AES_KEY * key2,
+		       const unsigned char iv[16]);
+
+int vpaes_set_encrypt_key(const unsigned char *userKey, int bits, AES_KEY *key);  
+int vpaes_set_decrypt_key(const unsigned char *userKey, int bits, AES_KEY *key);
+void vpaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                       size_t length, const AES_KEY *key, unsigned char *ivec, int enc);
+void vpaes_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key);
+void vpaes_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key);
+
+extern const gnutls_crypto_cipher_st _gnutls_aes_gcm_pclmul;
+extern const gnutls_crypto_cipher_st _gnutls_aes_gcm_pclmul_avx;
+extern const gnutls_crypto_cipher_st _gnutls_aes_gcm_x86_aesni;
+extern const gnutls_crypto_cipher_st _gnutls_aes_ccm_x86_aesni;
+extern const gnutls_crypto_cipher_st _gnutls_aes_xts_x86_aesni;
+extern const gnutls_crypto_cipher_st _gnutls_aes_gcm_x86_ssse3;
+
+extern const gnutls_crypto_cipher_st _gnutls_aes_ssse3;
+
+extern const gnutls_crypto_cipher_st _gnutls_aesni_x86;
+
+#endif /* GNUTLS_LIB_ACCELERATED_X86_AES_X86_H */
diff --git a/lib/accelerated/x86/aes-xts-x86-aesni.c b/lib/accelerated/x86/aes-xts-x86-aesni.c
new file mode 100644
index 0000000..0588d0b
--- /dev/null
+++ b/lib/accelerated/x86/aes-xts-x86-aesni.c
@@ -0,0 +1,166 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2020 Red Hat, Inc.
+ *
+ * Authors: Nikos Mavrogiannopoulos, Anderson Toshiyuki Sasaki
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code wraps the CRYPTOGAMS implementation of the AES-XTS cipher
+ * using Intel's AES instruction set.
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include "fips.h"
+#include <gnutls/crypto.h>
+#include <aes-x86.h>
+#include <x86-common.h>
+
+struct x86_aes_xts_ctx {
+	AES_KEY block_key;
+	AES_KEY tweak_key;
+	uint8_t iv[16];
+	int enc;
+};
+
+static int
+x86_aes_xts_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx,
+					int enc)
+{
+	if (algorithm != GNUTLS_CIPHER_AES_128_XTS &&
+		algorithm != GNUTLS_CIPHER_AES_256_XTS)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	*_ctx = gnutls_calloc(1, sizeof(struct x86_aes_xts_ctx));
+	if (*_ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	((struct x86_aes_xts_ctx *) (*_ctx))->enc = enc;
+
+	return 0;
+}
+
+static int
+x86_aes_xts_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+	struct x86_aes_xts_ctx *ctx = _ctx;
+	int ret;
+	size_t keybits;
+	const uint8_t *key = userkey;
+
+	if ((keysize != 32) && (keysize != 64))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	/* Check key block according to FIPS-140-2 IG A.9 */
+	if (_gnutls_fips_mode_enabled()){
+		if (gnutls_memcmp(key, key + (keysize / 2), keysize / 2) == 0) {
+			_gnutls_switch_lib_state(LIB_STATE_ERROR);
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		}
+	}
+
+	/* Size in bits of each half for block and tweak (=keysize * 8 / 2) */
+	keybits = keysize * 4;
+
+	if (ctx->enc)
+		ret =
+		    aesni_set_encrypt_key(key, keybits,
+					  ALIGN16(&ctx->block_key));
+	else
+		ret =
+		    aesni_set_decrypt_key(key, keybits,
+					  ALIGN16(&ctx->block_key));
+
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
+
+	ret =
+	    aesni_set_encrypt_key(key + (keysize / 2), keybits,
+					  ALIGN16(&ctx->tweak_key));
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
+
+	return 0;
+}
+
+static int x86_aes_xts_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct x86_aes_xts_ctx *ctx = _ctx;
+
+	if (iv_size != 16)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memcpy(ctx->iv, iv, 16);
+	return 0;
+}
+
+static int
+x86_aes_xts_encrypt(void *_ctx, const void *src, size_t src_size,
+	    void *dst, size_t dst_size)
+{
+	struct x86_aes_xts_ctx *ctx = _ctx;
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	if (src_size < 16)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	aesni_xts_encrypt(src, dst, src_size, ALIGN16(&ctx->block_key),
+			  ALIGN16(&ctx->tweak_key), ctx->iv);
+	return 0;
+}
+
+static int
+x86_aes_xts_decrypt(void *_ctx, const void *src, size_t src_size,
+	    void *dst, size_t dst_size)
+{
+	struct x86_aes_xts_ctx *ctx = _ctx;
+
+	if (unlikely(dst_size < src_size))
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	if (src_size < 16)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	aesni_xts_decrypt(src, dst, src_size, ALIGN16(&ctx->block_key),
+			  ALIGN16(&ctx->tweak_key), ctx->iv);
+	return 0;
+}
+
+static void x86_aes_xts_deinit(void *_ctx)
+{
+	struct x86_aes_xts_ctx *ctx = _ctx;
+
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+const gnutls_crypto_cipher_st _gnutls_aes_xts_x86_aesni = {
+	.init = x86_aes_xts_cipher_init,
+	.setkey = x86_aes_xts_cipher_setkey,
+	.setiv = x86_aes_xts_setiv,
+	.encrypt = x86_aes_xts_encrypt,
+	.decrypt = x86_aes_xts_decrypt,
+	.deinit = x86_aes_xts_deinit,
+};
+
diff --git a/lib/accelerated/x86/coff/aes-ssse3-x86.s b/lib/accelerated/x86/coff/aes-ssse3-x86.s
new file mode 100644
index 0000000..c58ea23
--- /dev/null
+++ b/lib/accelerated/x86/coff/aes-ssse3-x86.s
@@ -0,0 +1,660 @@
+######################################################################
+## Constant-time SSSE3 AES core implementation.
+## version 0.1
+##
+## By Mike Hamburg (Stanford University), 2009
+## Public domain.
+##
+## For details see http://shiftleft.org/papers/vector_aes/ and
+## http://crypto.stanford.edu/vpaes/.
+#
+# *** This file is auto-generated ***
+#
+.text
+.align	64
+.L_vpaes_consts:
+.long	218628480,235210255,168496130,67568393
+.long	252381056,17041926,33884169,51187212
+.long	252645135,252645135,252645135,252645135
+.long	1512730624,3266504856,1377990664,3401244816
+.long	830229760,1275146365,2969422977,3447763452
+.long	3411033600,2979783055,338359620,2782886510
+.long	4209124096,907596821,221174255,1006095553
+.long	191964160,3799684038,3164090317,1589111125
+.long	182528256,1777043520,2877432650,3265356744
+.long	1874708224,3503451415,3305285752,363511674
+.long	1606117888,3487855781,1093350906,2384367825
+.long	197121,67569157,134941193,202313229
+.long	67569157,134941193,202313229,197121
+.long	134941193,202313229,197121,67569157
+.long	202313229,197121,67569157,134941193
+.long	33619971,100992007,168364043,235736079
+.long	235736079,33619971,100992007,168364043
+.long	168364043,235736079,33619971,100992007
+.long	100992007,168364043,235736079,33619971
+.long	50462976,117835012,185207048,252579084
+.long	252314880,51251460,117574920,184942860
+.long	184682752,252054788,50987272,118359308
+.long	118099200,185467140,251790600,50727180
+.long	2946363062,528716217,1300004225,1881839624
+.long	1532713819,1532713819,1532713819,1532713819
+.long	3602276352,4288629033,3737020424,4153884961
+.long	1354558464,32357713,2958822624,3775749553
+.long	1201988352,132424512,1572796698,503232858
+.long	2213177600,1597421020,4103937655,675398315
+.long	2749646592,4273543773,1511898873,121693092
+.long	3040248576,1103263732,2871565598,1608280554
+.long	2236667136,2588920351,482954393,64377734
+.long	3069987328,291237287,2117370568,3650299247
+.long	533321216,3573750986,2572112006,1401264716
+.long	1339849704,2721158661,548607111,3445553514
+.long	2128193280,3054596040,2183486460,1257083700
+.long	655635200,1165381986,3923443150,2344132524
+.long	190078720,256924420,290342170,357187870
+.long	1610966272,2263057382,4103205268,309794674
+.long	2592527872,2233205587,1335446729,3402964816
+.long	3973531904,3225098121,3002836325,1918774430
+.long	3870401024,2102906079,2284471353,4117666579
+.long	617007872,1021508343,366931923,691083277
+.long	2528395776,3491914898,2968704004,1613121270
+.long	3445188352,3247741094,844474987,4093578302
+.long	651481088,1190302358,1689581232,574775300
+.long	4289380608,206939853,2555985458,2489840491
+.long	2130264064,327674451,3566485037,3349835193
+.long	2470714624,316102159,3636825756,3393945945
+.byte	86,101,99,116,111,114,32,80,101,114,109,117,116,97,116,105
+.byte	111,110,32,65,69,83,32,102,111,114,32,120,56,54,47,83
+.byte	83,83,69,51,44,32,77,105,107,101,32,72,97,109,98,117
+.byte	114,103,32,40,83,116,97,110,102,111,114,100,32,85,110,105
+.byte	118,101,114,115,105,116,121,41,0
+.align	64
+.def	__vpaes_preheat;	.scl	3;	.type	32;	.endef
+.align	16
+__vpaes_preheat:
+	addl	(%esp),%ebp
+	movdqa	-48(%ebp),%xmm7
+	movdqa	-16(%ebp),%xmm6
+	ret
+.def	__vpaes_encrypt_core;	.scl	3;	.type	32;	.endef
+.align	16
+__vpaes_encrypt_core:
+	movl	$16,%ecx
+	movl	240(%edx),%eax
+	movdqa	%xmm6,%xmm1
+	movdqa	(%ebp),%xmm2
+	pandn	%xmm0,%xmm1
+	pand	%xmm6,%xmm0
+	movdqu	(%edx),%xmm5
+.byte	102,15,56,0,208
+	movdqa	16(%ebp),%xmm0
+	pxor	%xmm5,%xmm2
+	psrld	$4,%xmm1
+	addl	$16,%edx
+.byte	102,15,56,0,193
+	leal	192(%ebp),%ebx
+	pxor	%xmm2,%xmm0
+	jmp	.L000enc_entry
+.align	16
+.L001enc_loop:
+	movdqa	32(%ebp),%xmm4
+	movdqa	48(%ebp),%xmm0
+.byte	102,15,56,0,226
+.byte	102,15,56,0,195
+	pxor	%xmm5,%xmm4
+	movdqa	64(%ebp),%xmm5
+	pxor	%xmm4,%xmm0
+	movdqa	-64(%ebx,%ecx,1),%xmm1
+.byte	102,15,56,0,234
+	movdqa	80(%ebp),%xmm2
+	movdqa	(%ebx,%ecx,1),%xmm4
+.byte	102,15,56,0,211
+	movdqa	%xmm0,%xmm3
+	pxor	%xmm5,%xmm2
+.byte	102,15,56,0,193
+	addl	$16,%edx
+	pxor	%xmm2,%xmm0
+.byte	102,15,56,0,220
+	addl	$16,%ecx
+	pxor	%xmm0,%xmm3
+.byte	102,15,56,0,193
+	andl	$48,%ecx
+	subl	$1,%eax
+	pxor	%xmm3,%xmm0
+.L000enc_entry:
+	movdqa	%xmm6,%xmm1
+	movdqa	-32(%ebp),%xmm5
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm6,%xmm0
+.byte	102,15,56,0,232
+	movdqa	%xmm7,%xmm3
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,217
+	movdqa	%xmm7,%xmm4
+	pxor	%xmm5,%xmm3
+.byte	102,15,56,0,224
+	movdqa	%xmm7,%xmm2
+	pxor	%xmm5,%xmm4
+.byte	102,15,56,0,211
+	movdqa	%xmm7,%xmm3
+	pxor	%xmm0,%xmm2
+.byte	102,15,56,0,220
+	movdqu	(%edx),%xmm5
+	pxor	%xmm1,%xmm3
+	jnz	.L001enc_loop
+	movdqa	96(%ebp),%xmm4
+	movdqa	112(%ebp),%xmm0
+.byte	102,15,56,0,226
+	pxor	%xmm5,%xmm4
+.byte	102,15,56,0,195
+	movdqa	64(%ebx,%ecx,1),%xmm1
+	pxor	%xmm4,%xmm0
+.byte	102,15,56,0,193
+	ret
+.def	__vpaes_decrypt_core;	.scl	3;	.type	32;	.endef
+.align	16
+__vpaes_decrypt_core:
+	leal	608(%ebp),%ebx
+	movl	240(%edx),%eax
+	movdqa	%xmm6,%xmm1
+	movdqa	-64(%ebx),%xmm2
+	pandn	%xmm0,%xmm1
+	movl	%eax,%ecx
+	psrld	$4,%xmm1
+	movdqu	(%edx),%xmm5
+	shll	$4,%ecx
+	pand	%xmm6,%xmm0
+.byte	102,15,56,0,208
+	movdqa	-48(%ebx),%xmm0
+	xorl	$48,%ecx
+.byte	102,15,56,0,193
+	andl	$48,%ecx
+	pxor	%xmm5,%xmm2
+	movdqa	176(%ebp),%xmm5
+	pxor	%xmm2,%xmm0
+	addl	$16,%edx
+	leal	-352(%ebx,%ecx,1),%ecx
+	jmp	.L002dec_entry
+.align	16
+.L003dec_loop:
+	movdqa	-32(%ebx),%xmm4
+	movdqa	-16(%ebx),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	(%ebx),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	16(%ebx),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	32(%ebx),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	48(%ebx),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	64(%ebx),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	80(%ebx),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	addl	$16,%edx
+.byte	102,15,58,15,237,12
+	pxor	%xmm1,%xmm0
+	subl	$1,%eax
+.L002dec_entry:
+	movdqa	%xmm6,%xmm1
+	movdqa	-32(%ebp),%xmm2
+	pandn	%xmm0,%xmm1
+	pand	%xmm6,%xmm0
+	psrld	$4,%xmm1
+.byte	102,15,56,0,208
+	movdqa	%xmm7,%xmm3
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,217
+	movdqa	%xmm7,%xmm4
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,224
+	pxor	%xmm2,%xmm4
+	movdqa	%xmm7,%xmm2
+.byte	102,15,56,0,211
+	movdqa	%xmm7,%xmm3
+	pxor	%xmm0,%xmm2
+.byte	102,15,56,0,220
+	movdqu	(%edx),%xmm0
+	pxor	%xmm1,%xmm3
+	jnz	.L003dec_loop
+	movdqa	96(%ebx),%xmm4
+.byte	102,15,56,0,226
+	pxor	%xmm0,%xmm4
+	movdqa	112(%ebx),%xmm0
+	movdqa	(%ecx),%xmm2
+.byte	102,15,56,0,195
+	pxor	%xmm4,%xmm0
+.byte	102,15,56,0,194
+	ret
+.def	__vpaes_schedule_core;	.scl	3;	.type	32;	.endef
+.align	16
+__vpaes_schedule_core:
+	addl	(%esp),%ebp
+	movdqu	(%esi),%xmm0
+	movdqa	320(%ebp),%xmm2
+	movdqa	%xmm0,%xmm3
+	leal	(%ebp),%ebx
+	movdqa	%xmm2,4(%esp)
+	call	__vpaes_schedule_transform
+	movdqa	%xmm0,%xmm7
+	testl	%edi,%edi
+	jnz	.L004schedule_am_decrypting
+	movdqu	%xmm0,(%edx)
+	jmp	.L005schedule_go
+.L004schedule_am_decrypting:
+	movdqa	256(%ebp,%ecx,1),%xmm1
+.byte	102,15,56,0,217
+	movdqu	%xmm3,(%edx)
+	xorl	$48,%ecx
+.L005schedule_go:
+	cmpl	$192,%eax
+	ja	.L006schedule_256
+	je	.L007schedule_192
+.L008schedule_128:
+	movl	$10,%eax
+.L009loop_schedule_128:
+	call	__vpaes_schedule_round
+	decl	%eax
+	jz	.L010schedule_mangle_last
+	call	__vpaes_schedule_mangle
+	jmp	.L009loop_schedule_128
+.align	16
+.L007schedule_192:
+	movdqu	8(%esi),%xmm0
+	call	__vpaes_schedule_transform
+	movdqa	%xmm0,%xmm6
+	pxor	%xmm4,%xmm4
+	movhlps	%xmm4,%xmm6
+	movl	$4,%eax
+.L011loop_schedule_192:
+	call	__vpaes_schedule_round
+.byte	102,15,58,15,198,8
+	call	__vpaes_schedule_mangle
+	call	__vpaes_schedule_192_smear
+	call	__vpaes_schedule_mangle
+	call	__vpaes_schedule_round
+	decl	%eax
+	jz	.L010schedule_mangle_last
+	call	__vpaes_schedule_mangle
+	call	__vpaes_schedule_192_smear
+	jmp	.L011loop_schedule_192
+.align	16
+.L006schedule_256:
+	movdqu	16(%esi),%xmm0
+	call	__vpaes_schedule_transform
+	movl	$7,%eax
+.L012loop_schedule_256:
+	call	__vpaes_schedule_mangle
+	movdqa	%xmm0,%xmm6
+	call	__vpaes_schedule_round
+	decl	%eax
+	jz	.L010schedule_mangle_last
+	call	__vpaes_schedule_mangle
+	pshufd	$255,%xmm0,%xmm0
+	movdqa	%xmm7,20(%esp)
+	movdqa	%xmm6,%xmm7
+	call	.L_vpaes_schedule_low_round
+	movdqa	20(%esp),%xmm7
+	jmp	.L012loop_schedule_256
+.align	16
+.L010schedule_mangle_last:
+	leal	384(%ebp),%ebx
+	testl	%edi,%edi
+	jnz	.L013schedule_mangle_last_dec
+	movdqa	256(%ebp,%ecx,1),%xmm1
+.byte	102,15,56,0,193
+	leal	352(%ebp),%ebx
+	addl	$32,%edx
+.L013schedule_mangle_last_dec:
+	addl	$-16,%edx
+	pxor	336(%ebp),%xmm0
+	call	__vpaes_schedule_transform
+	movdqu	%xmm0,(%edx)
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	ret
+.def	__vpaes_schedule_192_smear;	.scl	3;	.type	32;	.endef
+.align	16
+__vpaes_schedule_192_smear:
+	pshufd	$128,%xmm6,%xmm1
+	pshufd	$254,%xmm7,%xmm0
+	pxor	%xmm1,%xmm6
+	pxor	%xmm1,%xmm1
+	pxor	%xmm0,%xmm6
+	movdqa	%xmm6,%xmm0
+	movhlps	%xmm1,%xmm6
+	ret
+.def	__vpaes_schedule_round;	.scl	3;	.type	32;	.endef
+.align	16
+__vpaes_schedule_round:
+	movdqa	8(%esp),%xmm2
+	pxor	%xmm1,%xmm1
+.byte	102,15,58,15,202,15
+.byte	102,15,58,15,210,15
+	pxor	%xmm1,%xmm7
+	pshufd	$255,%xmm0,%xmm0
+.byte	102,15,58,15,192,1
+	movdqa	%xmm2,8(%esp)
+.L_vpaes_schedule_low_round:
+	movdqa	%xmm7,%xmm1
+	pslldq	$4,%xmm7
+	pxor	%xmm1,%xmm7
+	movdqa	%xmm7,%xmm1
+	pslldq	$8,%xmm7
+	pxor	%xmm1,%xmm7
+	pxor	336(%ebp),%xmm7
+	movdqa	-16(%ebp),%xmm4
+	movdqa	-48(%ebp),%xmm5
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm4,%xmm0
+	movdqa	-32(%ebp),%xmm2
+.byte	102,15,56,0,208
+	pxor	%xmm1,%xmm0
+	movdqa	%xmm5,%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm5,%xmm4
+.byte	102,15,56,0,224
+	pxor	%xmm2,%xmm4
+	movdqa	%xmm5,%xmm2
+.byte	102,15,56,0,211
+	pxor	%xmm0,%xmm2
+	movdqa	%xmm5,%xmm3
+.byte	102,15,56,0,220
+	pxor	%xmm1,%xmm3
+	movdqa	32(%ebp),%xmm4
+.byte	102,15,56,0,226
+	movdqa	48(%ebp),%xmm0
+.byte	102,15,56,0,195
+	pxor	%xmm4,%xmm0
+	pxor	%xmm7,%xmm0
+	movdqa	%xmm0,%xmm7
+	ret
+.def	__vpaes_schedule_transform;	.scl	3;	.type	32;	.endef
+.align	16
+__vpaes_schedule_transform:
+	movdqa	-16(%ebp),%xmm2
+	movdqa	%xmm2,%xmm1
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm2,%xmm0
+	movdqa	(%ebx),%xmm2
+.byte	102,15,56,0,208
+	movdqa	16(%ebx),%xmm0
+.byte	102,15,56,0,193
+	pxor	%xmm2,%xmm0
+	ret
+.def	__vpaes_schedule_mangle;	.scl	3;	.type	32;	.endef
+.align	16
+__vpaes_schedule_mangle:
+	movdqa	%xmm0,%xmm4
+	movdqa	128(%ebp),%xmm5
+	testl	%edi,%edi
+	jnz	.L014schedule_mangle_dec
+	addl	$16,%edx
+	pxor	336(%ebp),%xmm4
+.byte	102,15,56,0,229
+	movdqa	%xmm4,%xmm3
+.byte	102,15,56,0,229
+	pxor	%xmm4,%xmm3
+.byte	102,15,56,0,229
+	pxor	%xmm4,%xmm3
+	jmp	.L015schedule_mangle_both
+.align	16
+.L014schedule_mangle_dec:
+	movdqa	-16(%ebp),%xmm2
+	leal	416(%ebp),%esi
+	movdqa	%xmm2,%xmm1
+	pandn	%xmm4,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm2,%xmm4
+	movdqa	(%esi),%xmm2
+.byte	102,15,56,0,212
+	movdqa	16(%esi),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+	movdqa	32(%esi),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	48(%esi),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+	movdqa	64(%esi),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	80(%esi),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+	movdqa	96(%esi),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	112(%esi),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+	addl	$-16,%edx
+.L015schedule_mangle_both:
+	movdqa	256(%ebp,%ecx,1),%xmm1
+.byte	102,15,56,0,217
+	addl	$-16,%ecx
+	andl	$48,%ecx
+	movdqu	%xmm3,(%edx)
+	ret
+.globl	_vpaes_set_encrypt_key
+.def	_vpaes_set_encrypt_key;	.scl	2;	.type	32;	.endef
+.align	16
+_vpaes_set_encrypt_key:
+.L_vpaes_set_encrypt_key_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	leal	-56(%esp),%ebx
+	movl	24(%esp),%eax
+	andl	$-16,%ebx
+	movl	28(%esp),%edx
+	xchgl	%esp,%ebx
+	movl	%ebx,48(%esp)
+	movl	%eax,%ebx
+	shrl	$5,%ebx
+	addl	$5,%ebx
+	movl	%ebx,240(%edx)
+	movl	$48,%ecx
+	movl	$0,%edi
+	leal	.L_vpaes_consts+0x30-.L016pic_point,%ebp
+	call	__vpaes_schedule_core
+.L016pic_point:
+	movl	48(%esp),%esp
+	xorl	%eax,%eax
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_vpaes_set_decrypt_key
+.def	_vpaes_set_decrypt_key;	.scl	2;	.type	32;	.endef
+.align	16
+_vpaes_set_decrypt_key:
+.L_vpaes_set_decrypt_key_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	leal	-56(%esp),%ebx
+	movl	24(%esp),%eax
+	andl	$-16,%ebx
+	movl	28(%esp),%edx
+	xchgl	%esp,%ebx
+	movl	%ebx,48(%esp)
+	movl	%eax,%ebx
+	shrl	$5,%ebx
+	addl	$5,%ebx
+	movl	%ebx,240(%edx)
+	shll	$4,%ebx
+	leal	16(%edx,%ebx,1),%edx
+	movl	$1,%edi
+	movl	%eax,%ecx
+	shrl	$1,%ecx
+	andl	$32,%ecx
+	xorl	$32,%ecx
+	leal	.L_vpaes_consts+0x30-.L017pic_point,%ebp
+	call	__vpaes_schedule_core
+.L017pic_point:
+	movl	48(%esp),%esp
+	xorl	%eax,%eax
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_vpaes_encrypt
+.def	_vpaes_encrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_vpaes_encrypt:
+.L_vpaes_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	leal	.L_vpaes_consts+0x30-.L018pic_point,%ebp
+	call	__vpaes_preheat
+.L018pic_point:
+	movl	20(%esp),%esi
+	leal	-56(%esp),%ebx
+	movl	24(%esp),%edi
+	andl	$-16,%ebx
+	movl	28(%esp),%edx
+	xchgl	%esp,%ebx
+	movl	%ebx,48(%esp)
+	movdqu	(%esi),%xmm0
+	call	__vpaes_encrypt_core
+	movdqu	%xmm0,(%edi)
+	movl	48(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_vpaes_decrypt
+.def	_vpaes_decrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_vpaes_decrypt:
+.L_vpaes_decrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	leal	.L_vpaes_consts+0x30-.L019pic_point,%ebp
+	call	__vpaes_preheat
+.L019pic_point:
+	movl	20(%esp),%esi
+	leal	-56(%esp),%ebx
+	movl	24(%esp),%edi
+	andl	$-16,%ebx
+	movl	28(%esp),%edx
+	xchgl	%esp,%ebx
+	movl	%ebx,48(%esp)
+	movdqu	(%esi),%xmm0
+	call	__vpaes_decrypt_core
+	movdqu	%xmm0,(%edi)
+	movl	48(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_vpaes_cbc_encrypt
+.def	_vpaes_cbc_encrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_vpaes_cbc_encrypt:
+.L_vpaes_cbc_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	subl	$16,%eax
+	jc	.L020cbc_abort
+	leal	-56(%esp),%ebx
+	movl	36(%esp),%ebp
+	andl	$-16,%ebx
+	movl	40(%esp),%ecx
+	xchgl	%esp,%ebx
+	movdqu	(%ebp),%xmm1
+	subl	%esi,%edi
+	movl	%ebx,48(%esp)
+	movl	%edi,(%esp)
+	movl	%edx,4(%esp)
+	movl	%ebp,8(%esp)
+	movl	%eax,%edi
+	leal	.L_vpaes_consts+0x30-.L021pic_point,%ebp
+	call	__vpaes_preheat
+.L021pic_point:
+	cmpl	$0,%ecx
+	je	.L022cbc_dec_loop
+	jmp	.L023cbc_enc_loop
+.align	16
+.L023cbc_enc_loop:
+	movdqu	(%esi),%xmm0
+	pxor	%xmm1,%xmm0
+	call	__vpaes_encrypt_core
+	movl	(%esp),%ebx
+	movl	4(%esp),%edx
+	movdqa	%xmm0,%xmm1
+	movdqu	%xmm0,(%ebx,%esi,1)
+	leal	16(%esi),%esi
+	subl	$16,%edi
+	jnc	.L023cbc_enc_loop
+	jmp	.L024cbc_done
+.align	16
+.L022cbc_dec_loop:
+	movdqu	(%esi),%xmm0
+	movdqa	%xmm1,16(%esp)
+	movdqa	%xmm0,32(%esp)
+	call	__vpaes_decrypt_core
+	movl	(%esp),%ebx
+	movl	4(%esp),%edx
+	pxor	16(%esp),%xmm0
+	movdqa	32(%esp),%xmm1
+	movdqu	%xmm0,(%ebx,%esi,1)
+	leal	16(%esi),%esi
+	subl	$16,%edi
+	jnc	.L022cbc_dec_loop
+.L024cbc_done:
+	movl	8(%esp),%ebx
+	movl	48(%esp),%esp
+	movdqu	%xmm1,(%ebx)
+.L020cbc_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+
diff --git a/lib/accelerated/x86/coff/aes-ssse3-x86_64.s b/lib/accelerated/x86/coff/aes-ssse3-x86_64.s
new file mode 100644
index 0000000..150c992
--- /dev/null
+++ b/lib/accelerated/x86/coff/aes-ssse3-x86_64.s
@@ -0,0 +1,1162 @@
+######################################################################
+## Constant-time SSSE3 AES core implementation.
+## version 0.1
+##
+## By Mike Hamburg (Stanford University), 2009
+## Public domain.
+##
+## For details see http://shiftleft.org/papers/vector_aes/ and
+## http://crypto.stanford.edu/vpaes/.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.def	_vpaes_encrypt_core;	.scl 3;	.type 32;	.endef
+.p2align	4
+_vpaes_encrypt_core:
+
+	movq	%rdx,%r9
+	movq	$16,%r11
+	movl	240(%rdx),%eax
+	movdqa	%xmm9,%xmm1
+	movdqa	.Lk_ipt(%rip),%xmm2
+	pandn	%xmm0,%xmm1
+	movdqu	(%r9),%xmm5
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+.byte	102,15,56,0,208
+	movdqa	.Lk_ipt+16(%rip),%xmm0
+.byte	102,15,56,0,193
+	pxor	%xmm5,%xmm2
+	addq	$16,%r9
+	pxor	%xmm2,%xmm0
+	leaq	.Lk_mc_backward(%rip),%r10
+	jmp	.Lenc_entry
+
+.p2align	4
+.Lenc_loop:
+
+	movdqa	%xmm13,%xmm4
+	movdqa	%xmm12,%xmm0
+.byte	102,15,56,0,226
+.byte	102,15,56,0,195
+	pxor	%xmm5,%xmm4
+	movdqa	%xmm15,%xmm5
+	pxor	%xmm4,%xmm0
+	movdqa	-64(%r11,%r10,1),%xmm1
+.byte	102,15,56,0,234
+	movdqa	(%r11,%r10,1),%xmm4
+	movdqa	%xmm14,%xmm2
+.byte	102,15,56,0,211
+	movdqa	%xmm0,%xmm3
+	pxor	%xmm5,%xmm2
+.byte	102,15,56,0,193
+	addq	$16,%r9
+	pxor	%xmm2,%xmm0
+.byte	102,15,56,0,220
+	addq	$16,%r11
+	pxor	%xmm0,%xmm3
+.byte	102,15,56,0,193
+	andq	$0x30,%r11
+	subq	$1,%rax
+	pxor	%xmm3,%xmm0
+
+.Lenc_entry:
+
+	movdqa	%xmm9,%xmm1
+	movdqa	%xmm11,%xmm5
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+.byte	102,15,56,0,232
+	movdqa	%xmm10,%xmm3
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,217
+	movdqa	%xmm10,%xmm4
+	pxor	%xmm5,%xmm3
+.byte	102,15,56,0,224
+	movdqa	%xmm10,%xmm2
+	pxor	%xmm5,%xmm4
+.byte	102,15,56,0,211
+	movdqa	%xmm10,%xmm3
+	pxor	%xmm0,%xmm2
+.byte	102,15,56,0,220
+	movdqu	(%r9),%xmm5
+	pxor	%xmm1,%xmm3
+	jnz	.Lenc_loop
+
+
+	movdqa	-96(%r10),%xmm4
+	movdqa	-80(%r10),%xmm0
+.byte	102,15,56,0,226
+	pxor	%xmm5,%xmm4
+.byte	102,15,56,0,195
+	movdqa	64(%r11,%r10,1),%xmm1
+	pxor	%xmm4,%xmm0
+.byte	102,15,56,0,193
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+.def	_vpaes_decrypt_core;	.scl 3;	.type 32;	.endef
+.p2align	4
+_vpaes_decrypt_core:
+
+	movq	%rdx,%r9
+	movl	240(%rdx),%eax
+	movdqa	%xmm9,%xmm1
+	movdqa	.Lk_dipt(%rip),%xmm2
+	pandn	%xmm0,%xmm1
+	movq	%rax,%r11
+	psrld	$4,%xmm1
+	movdqu	(%r9),%xmm5
+	shlq	$4,%r11
+	pand	%xmm9,%xmm0
+.byte	102,15,56,0,208
+	movdqa	.Lk_dipt+16(%rip),%xmm0
+	xorq	$0x30,%r11
+	leaq	.Lk_dsbd(%rip),%r10
+.byte	102,15,56,0,193
+	andq	$0x30,%r11
+	pxor	%xmm5,%xmm2
+	movdqa	.Lk_mc_forward+48(%rip),%xmm5
+	pxor	%xmm2,%xmm0
+	addq	$16,%r9
+	addq	%r10,%r11
+	jmp	.Ldec_entry
+
+.p2align	4
+.Ldec_loop:
+
+
+
+	movdqa	-32(%r10),%xmm4
+	movdqa	-16(%r10),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	0(%r10),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	16(%r10),%xmm1
+
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	32(%r10),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	48(%r10),%xmm1
+
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	64(%r10),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	80(%r10),%xmm1
+
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	addq	$16,%r9
+.byte	102,15,58,15,237,12
+	pxor	%xmm1,%xmm0
+	subq	$1,%rax
+
+.Ldec_entry:
+
+	movdqa	%xmm9,%xmm1
+	pandn	%xmm0,%xmm1
+	movdqa	%xmm11,%xmm2
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+.byte	102,15,56,0,208
+	movdqa	%xmm10,%xmm3
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,217
+	movdqa	%xmm10,%xmm4
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,224
+	pxor	%xmm2,%xmm4
+	movdqa	%xmm10,%xmm2
+.byte	102,15,56,0,211
+	movdqa	%xmm10,%xmm3
+	pxor	%xmm0,%xmm2
+.byte	102,15,56,0,220
+	movdqu	(%r9),%xmm0
+	pxor	%xmm1,%xmm3
+	jnz	.Ldec_loop
+
+
+	movdqa	96(%r10),%xmm4
+.byte	102,15,56,0,226
+	pxor	%xmm0,%xmm4
+	movdqa	112(%r10),%xmm0
+	movdqa	-352(%r11),%xmm2
+.byte	102,15,56,0,195
+	pxor	%xmm4,%xmm0
+.byte	102,15,56,0,194
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+.def	_vpaes_schedule_core;	.scl 3;	.type 32;	.endef
+.p2align	4
+_vpaes_schedule_core:
+
+
+
+
+
+
+	call	_vpaes_preheat
+	movdqa	.Lk_rcon(%rip),%xmm8
+	movdqu	(%rdi),%xmm0
+
+
+	movdqa	%xmm0,%xmm3
+	leaq	.Lk_ipt(%rip),%r11
+	call	_vpaes_schedule_transform
+	movdqa	%xmm0,%xmm7
+
+	leaq	.Lk_sr(%rip),%r10
+	testq	%rcx,%rcx
+	jnz	.Lschedule_am_decrypting
+
+
+	movdqu	%xmm0,(%rdx)
+	jmp	.Lschedule_go
+
+.Lschedule_am_decrypting:
+
+	movdqa	(%r8,%r10,1),%xmm1
+.byte	102,15,56,0,217
+	movdqu	%xmm3,(%rdx)
+	xorq	$0x30,%r8
+
+.Lschedule_go:
+	cmpl	$192,%esi
+	ja	.Lschedule_256
+	je	.Lschedule_192
+
+
+
+
+
+
+
+
+
+
+.Lschedule_128:
+	movl	$10,%esi
+
+.Loop_schedule_128:
+	call	_vpaes_schedule_round
+	decq	%rsi
+	jz	.Lschedule_mangle_last
+	call	_vpaes_schedule_mangle
+	jmp	.Loop_schedule_128
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.p2align	4
+.Lschedule_192:
+	movdqu	8(%rdi),%xmm0
+	call	_vpaes_schedule_transform
+	movdqa	%xmm0,%xmm6
+	pxor	%xmm4,%xmm4
+	movhlps	%xmm4,%xmm6
+	movl	$4,%esi
+
+.Loop_schedule_192:
+	call	_vpaes_schedule_round
+.byte	102,15,58,15,198,8
+	call	_vpaes_schedule_mangle
+	call	_vpaes_schedule_192_smear
+	call	_vpaes_schedule_mangle
+	call	_vpaes_schedule_round
+	decq	%rsi
+	jz	.Lschedule_mangle_last
+	call	_vpaes_schedule_mangle
+	call	_vpaes_schedule_192_smear
+	jmp	.Loop_schedule_192
+
+
+
+
+
+
+
+
+
+
+
+.p2align	4
+.Lschedule_256:
+	movdqu	16(%rdi),%xmm0
+	call	_vpaes_schedule_transform
+	movl	$7,%esi
+
+.Loop_schedule_256:
+	call	_vpaes_schedule_mangle
+	movdqa	%xmm0,%xmm6
+
+
+	call	_vpaes_schedule_round
+	decq	%rsi
+	jz	.Lschedule_mangle_last
+	call	_vpaes_schedule_mangle
+
+
+	pshufd	$0xFF,%xmm0,%xmm0
+	movdqa	%xmm7,%xmm5
+	movdqa	%xmm6,%xmm7
+	call	_vpaes_schedule_low_round
+	movdqa	%xmm5,%xmm7
+
+	jmp	.Loop_schedule_256
+
+
+
+
+
+
+
+
+
+
+
+
+.p2align	4
+.Lschedule_mangle_last:
+
+	leaq	.Lk_deskew(%rip),%r11
+	testq	%rcx,%rcx
+	jnz	.Lschedule_mangle_last_dec
+
+
+	movdqa	(%r8,%r10,1),%xmm1
+.byte	102,15,56,0,193
+	leaq	.Lk_opt(%rip),%r11
+	addq	$32,%rdx
+
+.Lschedule_mangle_last_dec:
+	addq	$-16,%rdx
+	pxor	.Lk_s63(%rip),%xmm0
+	call	_vpaes_schedule_transform
+	movdqu	%xmm0,(%rdx)
+
+
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.def	_vpaes_schedule_192_smear;	.scl 3;	.type 32;	.endef
+.p2align	4
+_vpaes_schedule_192_smear:
+
+	pshufd	$0x80,%xmm6,%xmm1
+	pshufd	$0xFE,%xmm7,%xmm0
+	pxor	%xmm1,%xmm6
+	pxor	%xmm1,%xmm1
+	pxor	%xmm0,%xmm6
+	movdqa	%xmm6,%xmm0
+	movhlps	%xmm1,%xmm6
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.def	_vpaes_schedule_round;	.scl 3;	.type 32;	.endef
+.p2align	4
+_vpaes_schedule_round:
+
+
+	pxor	%xmm1,%xmm1
+.byte	102,65,15,58,15,200,15
+.byte	102,69,15,58,15,192,15
+	pxor	%xmm1,%xmm7
+
+
+	pshufd	$0xFF,%xmm0,%xmm0
+.byte	102,15,58,15,192,1
+
+
+
+
+_vpaes_schedule_low_round:
+
+	movdqa	%xmm7,%xmm1
+	pslldq	$4,%xmm7
+	pxor	%xmm1,%xmm7
+	movdqa	%xmm7,%xmm1
+	pslldq	$8,%xmm7
+	pxor	%xmm1,%xmm7
+	pxor	.Lk_s63(%rip),%xmm7
+
+
+	movdqa	%xmm9,%xmm1
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+	movdqa	%xmm11,%xmm2
+.byte	102,15,56,0,208
+	pxor	%xmm1,%xmm0
+	movdqa	%xmm10,%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm10,%xmm4
+.byte	102,15,56,0,224
+	pxor	%xmm2,%xmm4
+	movdqa	%xmm10,%xmm2
+.byte	102,15,56,0,211
+	pxor	%xmm0,%xmm2
+	movdqa	%xmm10,%xmm3
+.byte	102,15,56,0,220
+	pxor	%xmm1,%xmm3
+	movdqa	%xmm13,%xmm4
+.byte	102,15,56,0,226
+	movdqa	%xmm12,%xmm0
+.byte	102,15,56,0,195
+	pxor	%xmm4,%xmm0
+
+
+	pxor	%xmm7,%xmm0
+	movdqa	%xmm0,%xmm7
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+
+
+
+
+.def	_vpaes_schedule_transform;	.scl 3;	.type 32;	.endef
+.p2align	4
+_vpaes_schedule_transform:
+
+	movdqa	%xmm9,%xmm1
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+	movdqa	(%r11),%xmm2
+.byte	102,15,56,0,208
+	movdqa	16(%r11),%xmm0
+.byte	102,15,56,0,193
+	pxor	%xmm2,%xmm0
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.def	_vpaes_schedule_mangle;	.scl 3;	.type 32;	.endef
+.p2align	4
+_vpaes_schedule_mangle:
+
+	movdqa	%xmm0,%xmm4
+	movdqa	.Lk_mc_forward(%rip),%xmm5
+	testq	%rcx,%rcx
+	jnz	.Lschedule_mangle_dec
+
+
+	addq	$16,%rdx
+	pxor	.Lk_s63(%rip),%xmm4
+.byte	102,15,56,0,229
+	movdqa	%xmm4,%xmm3
+.byte	102,15,56,0,229
+	pxor	%xmm4,%xmm3
+.byte	102,15,56,0,229
+	pxor	%xmm4,%xmm3
+
+	jmp	.Lschedule_mangle_both
+.p2align	4
+.Lschedule_mangle_dec:
+
+	leaq	.Lk_dksd(%rip),%r11
+	movdqa	%xmm9,%xmm1
+	pandn	%xmm4,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm4
+
+	movdqa	0(%r11),%xmm2
+.byte	102,15,56,0,212
+	movdqa	16(%r11),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+
+	movdqa	32(%r11),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	48(%r11),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+
+	movdqa	64(%r11),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	80(%r11),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+
+	movdqa	96(%r11),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	112(%r11),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+
+	addq	$-16,%rdx
+
+.Lschedule_mangle_both:
+	movdqa	(%r8,%r10,1),%xmm1
+.byte	102,15,56,0,217
+	addq	$-16,%r8
+	andq	$0x30,%r8
+	movdqu	%xmm3,(%rdx)
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+.globl	vpaes_set_encrypt_key
+.def	vpaes_set_encrypt_key;	.scl 2;	.type 32;	.endef
+.p2align	4
+vpaes_set_encrypt_key:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_vpaes_set_encrypt_key:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+
+	leaq	-184(%rsp),%rsp
+	movaps	%xmm6,16(%rsp)
+	movaps	%xmm7,32(%rsp)
+	movaps	%xmm8,48(%rsp)
+	movaps	%xmm9,64(%rsp)
+	movaps	%xmm10,80(%rsp)
+	movaps	%xmm11,96(%rsp)
+	movaps	%xmm12,112(%rsp)
+	movaps	%xmm13,128(%rsp)
+	movaps	%xmm14,144(%rsp)
+	movaps	%xmm15,160(%rsp)
+.Lenc_key_body:
+	movl	%esi,%eax
+	shrl	$5,%eax
+	addl	$5,%eax
+	movl	%eax,240(%rdx)
+
+	movl	$0,%ecx
+	movl	$0x30,%r8d
+	call	_vpaes_schedule_core
+	movaps	16(%rsp),%xmm6
+	movaps	32(%rsp),%xmm7
+	movaps	48(%rsp),%xmm8
+	movaps	64(%rsp),%xmm9
+	movaps	80(%rsp),%xmm10
+	movaps	96(%rsp),%xmm11
+	movaps	112(%rsp),%xmm12
+	movaps	128(%rsp),%xmm13
+	movaps	144(%rsp),%xmm14
+	movaps	160(%rsp),%xmm15
+	leaq	184(%rsp),%rsp
+.Lenc_key_epilogue:
+	xorl	%eax,%eax
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_vpaes_set_encrypt_key:
+
+.globl	vpaes_set_decrypt_key
+.def	vpaes_set_decrypt_key;	.scl 2;	.type 32;	.endef
+.p2align	4
+vpaes_set_decrypt_key:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_vpaes_set_decrypt_key:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+
+	leaq	-184(%rsp),%rsp
+	movaps	%xmm6,16(%rsp)
+	movaps	%xmm7,32(%rsp)
+	movaps	%xmm8,48(%rsp)
+	movaps	%xmm9,64(%rsp)
+	movaps	%xmm10,80(%rsp)
+	movaps	%xmm11,96(%rsp)
+	movaps	%xmm12,112(%rsp)
+	movaps	%xmm13,128(%rsp)
+	movaps	%xmm14,144(%rsp)
+	movaps	%xmm15,160(%rsp)
+.Ldec_key_body:
+	movl	%esi,%eax
+	shrl	$5,%eax
+	addl	$5,%eax
+	movl	%eax,240(%rdx)
+	shll	$4,%eax
+	leaq	16(%rdx,%rax,1),%rdx
+
+	movl	$1,%ecx
+	movl	%esi,%r8d
+	shrl	$1,%r8d
+	andl	$32,%r8d
+	xorl	$32,%r8d
+	call	_vpaes_schedule_core
+	movaps	16(%rsp),%xmm6
+	movaps	32(%rsp),%xmm7
+	movaps	48(%rsp),%xmm8
+	movaps	64(%rsp),%xmm9
+	movaps	80(%rsp),%xmm10
+	movaps	96(%rsp),%xmm11
+	movaps	112(%rsp),%xmm12
+	movaps	128(%rsp),%xmm13
+	movaps	144(%rsp),%xmm14
+	movaps	160(%rsp),%xmm15
+	leaq	184(%rsp),%rsp
+.Ldec_key_epilogue:
+	xorl	%eax,%eax
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_vpaes_set_decrypt_key:
+
+.globl	vpaes_encrypt
+.def	vpaes_encrypt;	.scl 2;	.type 32;	.endef
+.p2align	4
+vpaes_encrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_vpaes_encrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+
+	leaq	-184(%rsp),%rsp
+	movaps	%xmm6,16(%rsp)
+	movaps	%xmm7,32(%rsp)
+	movaps	%xmm8,48(%rsp)
+	movaps	%xmm9,64(%rsp)
+	movaps	%xmm10,80(%rsp)
+	movaps	%xmm11,96(%rsp)
+	movaps	%xmm12,112(%rsp)
+	movaps	%xmm13,128(%rsp)
+	movaps	%xmm14,144(%rsp)
+	movaps	%xmm15,160(%rsp)
+.Lenc_body:
+	movdqu	(%rdi),%xmm0
+	call	_vpaes_preheat
+	call	_vpaes_encrypt_core
+	movdqu	%xmm0,(%rsi)
+	movaps	16(%rsp),%xmm6
+	movaps	32(%rsp),%xmm7
+	movaps	48(%rsp),%xmm8
+	movaps	64(%rsp),%xmm9
+	movaps	80(%rsp),%xmm10
+	movaps	96(%rsp),%xmm11
+	movaps	112(%rsp),%xmm12
+	movaps	128(%rsp),%xmm13
+	movaps	144(%rsp),%xmm14
+	movaps	160(%rsp),%xmm15
+	leaq	184(%rsp),%rsp
+.Lenc_epilogue:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_vpaes_encrypt:
+
+.globl	vpaes_decrypt
+.def	vpaes_decrypt;	.scl 2;	.type 32;	.endef
+.p2align	4
+vpaes_decrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_vpaes_decrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+
+	leaq	-184(%rsp),%rsp
+	movaps	%xmm6,16(%rsp)
+	movaps	%xmm7,32(%rsp)
+	movaps	%xmm8,48(%rsp)
+	movaps	%xmm9,64(%rsp)
+	movaps	%xmm10,80(%rsp)
+	movaps	%xmm11,96(%rsp)
+	movaps	%xmm12,112(%rsp)
+	movaps	%xmm13,128(%rsp)
+	movaps	%xmm14,144(%rsp)
+	movaps	%xmm15,160(%rsp)
+.Ldec_body:
+	movdqu	(%rdi),%xmm0
+	call	_vpaes_preheat
+	call	_vpaes_decrypt_core
+	movdqu	%xmm0,(%rsi)
+	movaps	16(%rsp),%xmm6
+	movaps	32(%rsp),%xmm7
+	movaps	48(%rsp),%xmm8
+	movaps	64(%rsp),%xmm9
+	movaps	80(%rsp),%xmm10
+	movaps	96(%rsp),%xmm11
+	movaps	112(%rsp),%xmm12
+	movaps	128(%rsp),%xmm13
+	movaps	144(%rsp),%xmm14
+	movaps	160(%rsp),%xmm15
+	leaq	184(%rsp),%rsp
+.Ldec_epilogue:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_vpaes_decrypt:
+.globl	vpaes_cbc_encrypt
+.def	vpaes_cbc_encrypt;	.scl 2;	.type 32;	.endef
+.p2align	4
+vpaes_cbc_encrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_vpaes_cbc_encrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+	movq	40(%rsp),%r8
+	movq	48(%rsp),%r9
+
+
+	xchgq	%rcx,%rdx
+	subq	$16,%rcx
+	jc	.Lcbc_abort
+	leaq	-184(%rsp),%rsp
+	movaps	%xmm6,16(%rsp)
+	movaps	%xmm7,32(%rsp)
+	movaps	%xmm8,48(%rsp)
+	movaps	%xmm9,64(%rsp)
+	movaps	%xmm10,80(%rsp)
+	movaps	%xmm11,96(%rsp)
+	movaps	%xmm12,112(%rsp)
+	movaps	%xmm13,128(%rsp)
+	movaps	%xmm14,144(%rsp)
+	movaps	%xmm15,160(%rsp)
+.Lcbc_body:
+	movdqu	(%r8),%xmm6
+	subq	%rdi,%rsi
+	call	_vpaes_preheat
+	cmpl	$0,%r9d
+	je	.Lcbc_dec_loop
+	jmp	.Lcbc_enc_loop
+.p2align	4
+.Lcbc_enc_loop:
+	movdqu	(%rdi),%xmm0
+	pxor	%xmm6,%xmm0
+	call	_vpaes_encrypt_core
+	movdqa	%xmm0,%xmm6
+	movdqu	%xmm0,(%rsi,%rdi,1)
+	leaq	16(%rdi),%rdi
+	subq	$16,%rcx
+	jnc	.Lcbc_enc_loop
+	jmp	.Lcbc_done
+.p2align	4
+.Lcbc_dec_loop:
+	movdqu	(%rdi),%xmm0
+	movdqa	%xmm0,%xmm7
+	call	_vpaes_decrypt_core
+	pxor	%xmm6,%xmm0
+	movdqa	%xmm7,%xmm6
+	movdqu	%xmm0,(%rsi,%rdi,1)
+	leaq	16(%rdi),%rdi
+	subq	$16,%rcx
+	jnc	.Lcbc_dec_loop
+.Lcbc_done:
+	movdqu	%xmm6,(%r8)
+	movaps	16(%rsp),%xmm6
+	movaps	32(%rsp),%xmm7
+	movaps	48(%rsp),%xmm8
+	movaps	64(%rsp),%xmm9
+	movaps	80(%rsp),%xmm10
+	movaps	96(%rsp),%xmm11
+	movaps	112(%rsp),%xmm12
+	movaps	128(%rsp),%xmm13
+	movaps	144(%rsp),%xmm14
+	movaps	160(%rsp),%xmm15
+	leaq	184(%rsp),%rsp
+.Lcbc_epilogue:
+.Lcbc_abort:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_vpaes_cbc_encrypt:
+
+
+
+
+
+
+.def	_vpaes_preheat;	.scl 3;	.type 32;	.endef
+.p2align	4
+_vpaes_preheat:
+
+	leaq	.Lk_s0F(%rip),%r10
+	movdqa	-32(%r10),%xmm10
+	movdqa	-16(%r10),%xmm11
+	movdqa	0(%r10),%xmm9
+	movdqa	48(%r10),%xmm13
+	movdqa	64(%r10),%xmm12
+	movdqa	80(%r10),%xmm15
+	movdqa	96(%r10),%xmm14
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+.p2align	6
+_vpaes_consts:
+.Lk_inv:
+.quad	0x0E05060F0D080180, 0x040703090A0B0C02
+.quad	0x01040A060F0B0780, 0x030D0E0C02050809
+
+.Lk_s0F:
+.quad	0x0F0F0F0F0F0F0F0F, 0x0F0F0F0F0F0F0F0F
+
+.Lk_ipt:
+.quad	0xC2B2E8985A2A7000, 0xCABAE09052227808
+.quad	0x4C01307D317C4D00, 0xCD80B1FCB0FDCC81
+
+.Lk_sb1:
+.quad	0xB19BE18FCB503E00, 0xA5DF7A6E142AF544
+.quad	0x3618D415FAE22300, 0x3BF7CCC10D2ED9EF
+.Lk_sb2:
+.quad	0xE27A93C60B712400, 0x5EB7E955BC982FCD
+.quad	0x69EB88400AE12900, 0xC2A163C8AB82234A
+.Lk_sbo:
+.quad	0xD0D26D176FBDC700, 0x15AABF7AC502A878
+.quad	0xCFE474A55FBB6A00, 0x8E1E90D1412B35FA
+
+.Lk_mc_forward:
+.quad	0x0407060500030201, 0x0C0F0E0D080B0A09
+.quad	0x080B0A0904070605, 0x000302010C0F0E0D
+.quad	0x0C0F0E0D080B0A09, 0x0407060500030201
+.quad	0x000302010C0F0E0D, 0x080B0A0904070605
+
+.Lk_mc_backward:
+.quad	0x0605040702010003, 0x0E0D0C0F0A09080B
+.quad	0x020100030E0D0C0F, 0x0A09080B06050407
+.quad	0x0E0D0C0F0A09080B, 0x0605040702010003
+.quad	0x0A09080B06050407, 0x020100030E0D0C0F
+
+.Lk_sr:
+.quad	0x0706050403020100, 0x0F0E0D0C0B0A0908
+.quad	0x030E09040F0A0500, 0x0B06010C07020D08
+.quad	0x0F060D040B020900, 0x070E050C030A0108
+.quad	0x0B0E0104070A0D00, 0x0306090C0F020508
+
+.Lk_rcon:
+.quad	0x1F8391B9AF9DEEB6, 0x702A98084D7C7D81
+
+.Lk_s63:
+.quad	0x5B5B5B5B5B5B5B5B, 0x5B5B5B5B5B5B5B5B
+
+.Lk_opt:
+.quad	0xFF9F4929D6B66000, 0xF7974121DEBE6808
+.quad	0x01EDBD5150BCEC00, 0xE10D5DB1B05C0CE0
+
+.Lk_deskew:
+.quad	0x07E4A34047A4E300, 0x1DFEB95A5DBEF91A
+.quad	0x5F36B5DC83EA6900, 0x2841C2ABF49D1E77
+
+
+
+
+
+.Lk_dksd:
+.quad	0xFEB91A5DA3E44700, 0x0740E3A45A1DBEF9
+.quad	0x41C277F4B5368300, 0x5FDC69EAAB289D1E
+.Lk_dksb:
+.quad	0x9A4FCA1F8550D500, 0x03D653861CC94C99
+.quad	0x115BEDA7B6FC4A00, 0xD993256F7E3482C8
+.Lk_dkse:
+.quad	0xD5031CCA1FC9D600, 0x53859A4C994F5086
+.quad	0xA23196054FDC7BE8, 0xCD5EF96A20B31487
+.Lk_dks9:
+.quad	0xB6116FC87ED9A700, 0x4AED933482255BFC
+.quad	0x4576516227143300, 0x8BB89FACE9DAFDCE
+
+
+
+
+
+.Lk_dipt:
+.quad	0x0F505B040B545F00, 0x154A411E114E451A
+.quad	0x86E383E660056500, 0x12771772F491F194
+
+.Lk_dsb9:
+.quad	0x851C03539A86D600, 0xCAD51F504F994CC9
+.quad	0xC03B1789ECD74900, 0x725E2C9EB2FBA565
+.Lk_dsbd:
+.quad	0x7D57CCDFE6B1A200, 0xF56E9B13882A4439
+.quad	0x3CE2FAF724C6CB00, 0x2931180D15DEEFD3
+.Lk_dsbb:
+.quad	0xD022649296B44200, 0x602646F6B0F2D404
+.quad	0xC19498A6CD596700, 0xF3FF0C3E3255AA6B
+.Lk_dsbe:
+.quad	0x46F2929626D4D000, 0x2242600464B4F6B0
+.quad	0x0C55A6CDFFAAC100, 0x9467F36B98593E32
+.Lk_dsbo:
+.quad	0x1387EA537EF94000, 0xC7AA6DB9D4943E2D
+.quad	0x12D7560F93441D00, 0xCA4B8159D8C58E9C
+.byte	86,101,99,116,111,114,32,80,101,114,109,117,116,97,116,105,111,110,32,65,69,83,32,102,111,114,32,120,56,54,95,54,52,47,83,83,83,69,51,44,32,77,105,107,101,32,72,97,109,98,117,114,103,32,40,83,116,97,110,102,111,114,100,32,85,110,105,118,101,114,115,105,116,121,41,0
+.p2align	6
+
+
+.def	se_handler;	.scl 3;	.type 32;	.endef
+.p2align	4
+se_handler:
+	pushq	%rsi
+	pushq	%rdi
+	pushq	%rbx
+	pushq	%rbp
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	pushfq
+	subq	$64,%rsp
+
+	movq	120(%r8),%rax
+	movq	248(%r8),%rbx
+
+	movq	8(%r9),%rsi
+	movq	56(%r9),%r11
+
+	movl	0(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jb	.Lin_prologue
+
+	movq	152(%r8),%rax
+
+	movl	4(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jae	.Lin_prologue
+
+	leaq	16(%rax),%rsi
+	leaq	512(%r8),%rdi
+	movl	$20,%ecx
+.long	0xa548f3fc
+	leaq	184(%rax),%rax
+
+.Lin_prologue:
+	movq	8(%rax),%rdi
+	movq	16(%rax),%rsi
+	movq	%rax,152(%r8)
+	movq	%rsi,168(%r8)
+	movq	%rdi,176(%r8)
+
+	movq	40(%r9),%rdi
+	movq	%r8,%rsi
+	movl	$154,%ecx
+.long	0xa548f3fc
+
+	movq	%r9,%rsi
+	xorq	%rcx,%rcx
+	movq	8(%rsi),%rdx
+	movq	0(%rsi),%r8
+	movq	16(%rsi),%r9
+	movq	40(%rsi),%r10
+	leaq	56(%rsi),%r11
+	leaq	24(%rsi),%r12
+	movq	%r10,32(%rsp)
+	movq	%r11,40(%rsp)
+	movq	%r12,48(%rsp)
+	movq	%rcx,56(%rsp)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	movl	$1,%eax
+	addq	$64,%rsp
+	popfq
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbp
+	popq	%rbx
+	popq	%rdi
+	popq	%rsi
+	.byte	0xf3,0xc3
+
+
+.section	.pdata
+.p2align	2
+.rva	.LSEH_begin_vpaes_set_encrypt_key
+.rva	.LSEH_end_vpaes_set_encrypt_key
+.rva	.LSEH_info_vpaes_set_encrypt_key
+
+.rva	.LSEH_begin_vpaes_set_decrypt_key
+.rva	.LSEH_end_vpaes_set_decrypt_key
+.rva	.LSEH_info_vpaes_set_decrypt_key
+
+.rva	.LSEH_begin_vpaes_encrypt
+.rva	.LSEH_end_vpaes_encrypt
+.rva	.LSEH_info_vpaes_encrypt
+
+.rva	.LSEH_begin_vpaes_decrypt
+.rva	.LSEH_end_vpaes_decrypt
+.rva	.LSEH_info_vpaes_decrypt
+
+.rva	.LSEH_begin_vpaes_cbc_encrypt
+.rva	.LSEH_end_vpaes_cbc_encrypt
+.rva	.LSEH_info_vpaes_cbc_encrypt
+
+.section	.xdata
+.p2align	3
+.LSEH_info_vpaes_set_encrypt_key:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Lenc_key_body,.Lenc_key_epilogue
+.LSEH_info_vpaes_set_decrypt_key:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Ldec_key_body,.Ldec_key_epilogue
+.LSEH_info_vpaes_encrypt:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Lenc_body,.Lenc_epilogue
+.LSEH_info_vpaes_decrypt:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Ldec_body,.Ldec_epilogue
+.LSEH_info_vpaes_cbc_encrypt:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Lcbc_body,.Lcbc_epilogue
+
diff --git a/lib/accelerated/x86/coff/aesni-gcm-x86_64.s b/lib/accelerated/x86/coff/aesni-gcm-x86_64.s
new file mode 100644
index 0000000..ab4e37c
--- /dev/null
+++ b/lib/accelerated/x86/coff/aesni-gcm-x86_64.s
@@ -0,0 +1,1011 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+.def	_aesni_ctr32_ghash_6x;	.scl 3;	.type 32;	.endef
+.p2align	5
+_aesni_ctr32_ghash_6x:
+
+	vmovdqu	32(%r11),%xmm2
+	subq	$6,%rdx
+	vpxor	%xmm4,%xmm4,%xmm4
+	vmovdqu	0-128(%rcx),%xmm15
+	vpaddb	%xmm2,%xmm1,%xmm10
+	vpaddb	%xmm2,%xmm10,%xmm11
+	vpaddb	%xmm2,%xmm11,%xmm12
+	vpaddb	%xmm2,%xmm12,%xmm13
+	vpaddb	%xmm2,%xmm13,%xmm14
+	vpxor	%xmm15,%xmm1,%xmm9
+	vmovdqu	%xmm4,16+8(%rsp)
+	jmp	.Loop6x
+
+.p2align	5
+.Loop6x:
+	addl	$100663296,%ebx
+	jc	.Lhandle_ctr32
+	vmovdqu	0-32(%r9),%xmm3
+	vpaddb	%xmm2,%xmm14,%xmm1
+	vpxor	%xmm15,%xmm10,%xmm10
+	vpxor	%xmm15,%xmm11,%xmm11
+
+.Lresume_ctr32:
+	vmovdqu	%xmm1,(%r8)
+	vpclmulqdq	$0x10,%xmm3,%xmm7,%xmm5
+	vpxor	%xmm15,%xmm12,%xmm12
+	vmovups	16-128(%rcx),%xmm2
+	vpclmulqdq	$0x01,%xmm3,%xmm7,%xmm6
+	xorq	%r12,%r12
+	cmpq	%r14,%r15
+
+	vaesenc	%xmm2,%xmm9,%xmm9
+	vmovdqu	48+8(%rsp),%xmm0
+	vpxor	%xmm15,%xmm13,%xmm13
+	vpclmulqdq	$0x00,%xmm3,%xmm7,%xmm1
+	vaesenc	%xmm2,%xmm10,%xmm10
+	vpxor	%xmm15,%xmm14,%xmm14
+	setnc	%r12b
+	vpclmulqdq	$0x11,%xmm3,%xmm7,%xmm7
+	vaesenc	%xmm2,%xmm11,%xmm11
+	vmovdqu	16-32(%r9),%xmm3
+	negq	%r12
+	vaesenc	%xmm2,%xmm12,%xmm12
+	vpxor	%xmm5,%xmm6,%xmm6
+	vpclmulqdq	$0x00,%xmm3,%xmm0,%xmm5
+	vpxor	%xmm4,%xmm8,%xmm8
+	vaesenc	%xmm2,%xmm13,%xmm13
+	vpxor	%xmm5,%xmm1,%xmm4
+	andq	$0x60,%r12
+	vmovups	32-128(%rcx),%xmm15
+	vpclmulqdq	$0x10,%xmm3,%xmm0,%xmm1
+	vaesenc	%xmm2,%xmm14,%xmm14
+
+	vpclmulqdq	$0x01,%xmm3,%xmm0,%xmm2
+	leaq	(%r14,%r12,1),%r14
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	16+8(%rsp),%xmm8,%xmm8
+	vpclmulqdq	$0x11,%xmm3,%xmm0,%xmm3
+	vmovdqu	64+8(%rsp),%xmm0
+	vaesenc	%xmm15,%xmm10,%xmm10
+	movbeq	88(%r14),%r13
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	80(%r14),%r12
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r13,32+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	movq	%r12,40+8(%rsp)
+	vmovdqu	48-32(%r9),%xmm5
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vmovups	48-128(%rcx),%xmm15
+	vpxor	%xmm1,%xmm6,%xmm6
+	vpclmulqdq	$0x00,%xmm5,%xmm0,%xmm1
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm5,%xmm0,%xmm2
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vpxor	%xmm3,%xmm7,%xmm7
+	vpclmulqdq	$0x01,%xmm5,%xmm0,%xmm3
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vpclmulqdq	$0x11,%xmm5,%xmm0,%xmm5
+	vmovdqu	80+8(%rsp),%xmm0
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vpxor	%xmm1,%xmm4,%xmm4
+	vmovdqu	64-32(%r9),%xmm1
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vmovups	64-128(%rcx),%xmm15
+	vpxor	%xmm2,%xmm6,%xmm6
+	vpclmulqdq	$0x00,%xmm1,%xmm0,%xmm2
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm3,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm1,%xmm0,%xmm3
+	vaesenc	%xmm15,%xmm10,%xmm10
+	movbeq	72(%r14),%r13
+	vpxor	%xmm5,%xmm7,%xmm7
+	vpclmulqdq	$0x01,%xmm1,%xmm0,%xmm5
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	64(%r14),%r12
+	vpclmulqdq	$0x11,%xmm1,%xmm0,%xmm1
+	vmovdqu	96+8(%rsp),%xmm0
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r13,48+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	movq	%r12,56+8(%rsp)
+	vpxor	%xmm2,%xmm4,%xmm4
+	vmovdqu	96-32(%r9),%xmm2
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vmovups	80-128(%rcx),%xmm15
+	vpxor	%xmm3,%xmm6,%xmm6
+	vpclmulqdq	$0x00,%xmm2,%xmm0,%xmm3
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm5,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm2,%xmm0,%xmm5
+	vaesenc	%xmm15,%xmm10,%xmm10
+	movbeq	56(%r14),%r13
+	vpxor	%xmm1,%xmm7,%xmm7
+	vpclmulqdq	$0x01,%xmm2,%xmm0,%xmm1
+	vpxor	112+8(%rsp),%xmm8,%xmm8
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	48(%r14),%r12
+	vpclmulqdq	$0x11,%xmm2,%xmm0,%xmm2
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r13,64+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	movq	%r12,72+8(%rsp)
+	vpxor	%xmm3,%xmm4,%xmm4
+	vmovdqu	112-32(%r9),%xmm3
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vmovups	96-128(%rcx),%xmm15
+	vpxor	%xmm5,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm3,%xmm8,%xmm5
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm1,%xmm6,%xmm6
+	vpclmulqdq	$0x01,%xmm3,%xmm8,%xmm1
+	vaesenc	%xmm15,%xmm10,%xmm10
+	movbeq	40(%r14),%r13
+	vpxor	%xmm2,%xmm7,%xmm7
+	vpclmulqdq	$0x00,%xmm3,%xmm8,%xmm2
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	32(%r14),%r12
+	vpclmulqdq	$0x11,%xmm3,%xmm8,%xmm8
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r13,80+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	movq	%r12,88+8(%rsp)
+	vpxor	%xmm5,%xmm6,%xmm6
+	vaesenc	%xmm15,%xmm14,%xmm14
+	vpxor	%xmm1,%xmm6,%xmm6
+
+	vmovups	112-128(%rcx),%xmm15
+	vpslldq	$8,%xmm6,%xmm5
+	vpxor	%xmm2,%xmm4,%xmm4
+	vmovdqu	16(%r11),%xmm3
+
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm8,%xmm7,%xmm7
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vpxor	%xmm5,%xmm4,%xmm4
+	movbeq	24(%r14),%r13
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	16(%r14),%r12
+	vpalignr	$8,%xmm4,%xmm4,%xmm0
+	vpclmulqdq	$0x10,%xmm3,%xmm4,%xmm4
+	movq	%r13,96+8(%rsp)
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r12,104+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vmovups	128-128(%rcx),%xmm1
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vaesenc	%xmm1,%xmm9,%xmm9
+	vmovups	144-128(%rcx),%xmm15
+	vaesenc	%xmm1,%xmm10,%xmm10
+	vpsrldq	$8,%xmm6,%xmm6
+	vaesenc	%xmm1,%xmm11,%xmm11
+	vpxor	%xmm6,%xmm7,%xmm7
+	vaesenc	%xmm1,%xmm12,%xmm12
+	vpxor	%xmm0,%xmm4,%xmm4
+	movbeq	8(%r14),%r13
+	vaesenc	%xmm1,%xmm13,%xmm13
+	movbeq	0(%r14),%r12
+	vaesenc	%xmm1,%xmm14,%xmm14
+	vmovups	160-128(%rcx),%xmm1
+	cmpl	$11,%ebp
+	jb	.Lenc_tail
+
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vaesenc	%xmm1,%xmm9,%xmm9
+	vaesenc	%xmm1,%xmm10,%xmm10
+	vaesenc	%xmm1,%xmm11,%xmm11
+	vaesenc	%xmm1,%xmm12,%xmm12
+	vaesenc	%xmm1,%xmm13,%xmm13
+	vmovups	176-128(%rcx),%xmm15
+	vaesenc	%xmm1,%xmm14,%xmm14
+	vmovups	192-128(%rcx),%xmm1
+	je	.Lenc_tail
+
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vaesenc	%xmm1,%xmm9,%xmm9
+	vaesenc	%xmm1,%xmm10,%xmm10
+	vaesenc	%xmm1,%xmm11,%xmm11
+	vaesenc	%xmm1,%xmm12,%xmm12
+	vaesenc	%xmm1,%xmm13,%xmm13
+	vmovups	208-128(%rcx),%xmm15
+	vaesenc	%xmm1,%xmm14,%xmm14
+	vmovups	224-128(%rcx),%xmm1
+	jmp	.Lenc_tail
+
+.p2align	5
+.Lhandle_ctr32:
+	vmovdqu	(%r11),%xmm0
+	vpshufb	%xmm0,%xmm1,%xmm6
+	vmovdqu	48(%r11),%xmm5
+	vpaddd	64(%r11),%xmm6,%xmm10
+	vpaddd	%xmm5,%xmm6,%xmm11
+	vmovdqu	0-32(%r9),%xmm3
+	vpaddd	%xmm5,%xmm10,%xmm12
+	vpshufb	%xmm0,%xmm10,%xmm10
+	vpaddd	%xmm5,%xmm11,%xmm13
+	vpshufb	%xmm0,%xmm11,%xmm11
+	vpxor	%xmm15,%xmm10,%xmm10
+	vpaddd	%xmm5,%xmm12,%xmm14
+	vpshufb	%xmm0,%xmm12,%xmm12
+	vpxor	%xmm15,%xmm11,%xmm11
+	vpaddd	%xmm5,%xmm13,%xmm1
+	vpshufb	%xmm0,%xmm13,%xmm13
+	vpshufb	%xmm0,%xmm14,%xmm14
+	vpshufb	%xmm0,%xmm1,%xmm1
+	jmp	.Lresume_ctr32
+
+.p2align	5
+.Lenc_tail:
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vmovdqu	%xmm7,16+8(%rsp)
+	vpalignr	$8,%xmm4,%xmm4,%xmm8
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vpclmulqdq	$0x10,%xmm3,%xmm4,%xmm4
+	vpxor	0(%rdi),%xmm1,%xmm2
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vpxor	16(%rdi),%xmm1,%xmm0
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vpxor	32(%rdi),%xmm1,%xmm5
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vpxor	48(%rdi),%xmm1,%xmm6
+	vaesenc	%xmm15,%xmm14,%xmm14
+	vpxor	64(%rdi),%xmm1,%xmm7
+	vpxor	80(%rdi),%xmm1,%xmm3
+	vmovdqu	(%r8),%xmm1
+
+	vaesenclast	%xmm2,%xmm9,%xmm9
+	vmovdqu	32(%r11),%xmm2
+	vaesenclast	%xmm0,%xmm10,%xmm10
+	vpaddb	%xmm2,%xmm1,%xmm0
+	movq	%r13,112+8(%rsp)
+	leaq	96(%rdi),%rdi
+	vaesenclast	%xmm5,%xmm11,%xmm11
+	vpaddb	%xmm2,%xmm0,%xmm5
+	movq	%r12,120+8(%rsp)
+	leaq	96(%rsi),%rsi
+	vmovdqu	0-128(%rcx),%xmm15
+	vaesenclast	%xmm6,%xmm12,%xmm12
+	vpaddb	%xmm2,%xmm5,%xmm6
+	vaesenclast	%xmm7,%xmm13,%xmm13
+	vpaddb	%xmm2,%xmm6,%xmm7
+	vaesenclast	%xmm3,%xmm14,%xmm14
+	vpaddb	%xmm2,%xmm7,%xmm3
+
+	addq	$0x60,%r10
+	subq	$0x6,%rdx
+	jc	.L6x_done
+
+	vmovups	%xmm9,-96(%rsi)
+	vpxor	%xmm15,%xmm1,%xmm9
+	vmovups	%xmm10,-80(%rsi)
+	vmovdqa	%xmm0,%xmm10
+	vmovups	%xmm11,-64(%rsi)
+	vmovdqa	%xmm5,%xmm11
+	vmovups	%xmm12,-48(%rsi)
+	vmovdqa	%xmm6,%xmm12
+	vmovups	%xmm13,-32(%rsi)
+	vmovdqa	%xmm7,%xmm13
+	vmovups	%xmm14,-16(%rsi)
+	vmovdqa	%xmm3,%xmm14
+	vmovdqu	32+8(%rsp),%xmm7
+	jmp	.Loop6x
+
+.L6x_done:
+	vpxor	16+8(%rsp),%xmm8,%xmm8
+	vpxor	%xmm4,%xmm8,%xmm8
+
+	.byte	0xf3,0xc3
+
+
+.globl	aesni_gcm_decrypt
+.def	aesni_gcm_decrypt;	.scl 2;	.type 32;	.endef
+.p2align	5
+aesni_gcm_decrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_aesni_gcm_decrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+	movq	40(%rsp),%r8
+	movq	48(%rsp),%r9
+
+
+	xorq	%r10,%r10
+	cmpq	$0x60,%rdx
+	jb	.Lgcm_dec_abort
+
+	leaq	(%rsp),%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	leaq	-168(%rsp),%rsp
+	movaps	%xmm6,-216(%rax)
+	movaps	%xmm7,-200(%rax)
+	movaps	%xmm8,-184(%rax)
+	movaps	%xmm9,-168(%rax)
+	movaps	%xmm10,-152(%rax)
+	movaps	%xmm11,-136(%rax)
+	movaps	%xmm12,-120(%rax)
+	movaps	%xmm13,-104(%rax)
+	movaps	%xmm14,-88(%rax)
+	movaps	%xmm15,-72(%rax)
+.Lgcm_dec_body:
+	vzeroupper
+
+	vmovdqu	(%r8),%xmm1
+	addq	$-128,%rsp
+	movl	12(%r8),%ebx
+	leaq	.Lbswap_mask(%rip),%r11
+	leaq	-128(%rcx),%r14
+	movq	$0xf80,%r15
+	vmovdqu	(%r9),%xmm8
+	andq	$-128,%rsp
+	vmovdqu	(%r11),%xmm0
+	leaq	128(%rcx),%rcx
+	leaq	32+32(%r9),%r9
+	movl	240-128(%rcx),%ebp
+	vpshufb	%xmm0,%xmm8,%xmm8
+
+	andq	%r15,%r14
+	andq	%rsp,%r15
+	subq	%r14,%r15
+	jc	.Ldec_no_key_aliasing
+	cmpq	$768,%r15
+	jnc	.Ldec_no_key_aliasing
+	subq	%r15,%rsp
+.Ldec_no_key_aliasing:
+
+	vmovdqu	80(%rdi),%xmm7
+	leaq	(%rdi),%r14
+	vmovdqu	64(%rdi),%xmm4
+	leaq	-192(%rdi,%rdx,1),%r15
+	vmovdqu	48(%rdi),%xmm5
+	shrq	$4,%rdx
+	xorq	%r10,%r10
+	vmovdqu	32(%rdi),%xmm6
+	vpshufb	%xmm0,%xmm7,%xmm7
+	vmovdqu	16(%rdi),%xmm2
+	vpshufb	%xmm0,%xmm4,%xmm4
+	vmovdqu	(%rdi),%xmm3
+	vpshufb	%xmm0,%xmm5,%xmm5
+	vmovdqu	%xmm4,48(%rsp)
+	vpshufb	%xmm0,%xmm6,%xmm6
+	vmovdqu	%xmm5,64(%rsp)
+	vpshufb	%xmm0,%xmm2,%xmm2
+	vmovdqu	%xmm6,80(%rsp)
+	vpshufb	%xmm0,%xmm3,%xmm3
+	vmovdqu	%xmm2,96(%rsp)
+	vmovdqu	%xmm3,112(%rsp)
+
+	call	_aesni_ctr32_ghash_6x
+
+	vmovups	%xmm9,-96(%rsi)
+	vmovups	%xmm10,-80(%rsi)
+	vmovups	%xmm11,-64(%rsi)
+	vmovups	%xmm12,-48(%rsi)
+	vmovups	%xmm13,-32(%rsi)
+	vmovups	%xmm14,-16(%rsi)
+
+	vpshufb	(%r11),%xmm8,%xmm8
+	vmovdqu	%xmm8,-64(%r9)
+
+	vzeroupper
+	movaps	-216(%rax),%xmm6
+	movaps	-200(%rax),%xmm7
+	movaps	-184(%rax),%xmm8
+	movaps	-168(%rax),%xmm9
+	movaps	-152(%rax),%xmm10
+	movaps	-136(%rax),%xmm11
+	movaps	-120(%rax),%xmm12
+	movaps	-104(%rax),%xmm13
+	movaps	-88(%rax),%xmm14
+	movaps	-72(%rax),%xmm15
+	movq	-48(%rax),%r15
+
+	movq	-40(%rax),%r14
+
+	movq	-32(%rax),%r13
+
+	movq	-24(%rax),%r12
+
+	movq	-16(%rax),%rbp
+
+	movq	-8(%rax),%rbx
+
+	leaq	(%rax),%rsp
+
+.Lgcm_dec_abort:
+	movq	%r10,%rax
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_aesni_gcm_decrypt:
+.def	_aesni_ctr32_6x;	.scl 3;	.type 32;	.endef
+.p2align	5
+_aesni_ctr32_6x:
+
+	vmovdqu	0-128(%rcx),%xmm4
+	vmovdqu	32(%r11),%xmm2
+	leaq	-1(%rbp),%r13
+	vmovups	16-128(%rcx),%xmm15
+	leaq	32-128(%rcx),%r12
+	vpxor	%xmm4,%xmm1,%xmm9
+	addl	$100663296,%ebx
+	jc	.Lhandle_ctr32_2
+	vpaddb	%xmm2,%xmm1,%xmm10
+	vpaddb	%xmm2,%xmm10,%xmm11
+	vpxor	%xmm4,%xmm10,%xmm10
+	vpaddb	%xmm2,%xmm11,%xmm12
+	vpxor	%xmm4,%xmm11,%xmm11
+	vpaddb	%xmm2,%xmm12,%xmm13
+	vpxor	%xmm4,%xmm12,%xmm12
+	vpaddb	%xmm2,%xmm13,%xmm14
+	vpxor	%xmm4,%xmm13,%xmm13
+	vpaddb	%xmm2,%xmm14,%xmm1
+	vpxor	%xmm4,%xmm14,%xmm14
+	jmp	.Loop_ctr32
+
+.p2align	4
+.Loop_ctr32:
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vaesenc	%xmm15,%xmm14,%xmm14
+	vmovups	(%r12),%xmm15
+	leaq	16(%r12),%r12
+	decl	%r13d
+	jnz	.Loop_ctr32
+
+	vmovdqu	(%r12),%xmm3
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	0(%rdi),%xmm3,%xmm4
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vpxor	16(%rdi),%xmm3,%xmm5
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vpxor	32(%rdi),%xmm3,%xmm6
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vpxor	48(%rdi),%xmm3,%xmm8
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vpxor	64(%rdi),%xmm3,%xmm2
+	vaesenc	%xmm15,%xmm14,%xmm14
+	vpxor	80(%rdi),%xmm3,%xmm3
+	leaq	96(%rdi),%rdi
+
+	vaesenclast	%xmm4,%xmm9,%xmm9
+	vaesenclast	%xmm5,%xmm10,%xmm10
+	vaesenclast	%xmm6,%xmm11,%xmm11
+	vaesenclast	%xmm8,%xmm12,%xmm12
+	vaesenclast	%xmm2,%xmm13,%xmm13
+	vaesenclast	%xmm3,%xmm14,%xmm14
+	vmovups	%xmm9,0(%rsi)
+	vmovups	%xmm10,16(%rsi)
+	vmovups	%xmm11,32(%rsi)
+	vmovups	%xmm12,48(%rsi)
+	vmovups	%xmm13,64(%rsi)
+	vmovups	%xmm14,80(%rsi)
+	leaq	96(%rsi),%rsi
+
+	.byte	0xf3,0xc3
+.p2align	5
+.Lhandle_ctr32_2:
+	vpshufb	%xmm0,%xmm1,%xmm6
+	vmovdqu	48(%r11),%xmm5
+	vpaddd	64(%r11),%xmm6,%xmm10
+	vpaddd	%xmm5,%xmm6,%xmm11
+	vpaddd	%xmm5,%xmm10,%xmm12
+	vpshufb	%xmm0,%xmm10,%xmm10
+	vpaddd	%xmm5,%xmm11,%xmm13
+	vpshufb	%xmm0,%xmm11,%xmm11
+	vpxor	%xmm4,%xmm10,%xmm10
+	vpaddd	%xmm5,%xmm12,%xmm14
+	vpshufb	%xmm0,%xmm12,%xmm12
+	vpxor	%xmm4,%xmm11,%xmm11
+	vpaddd	%xmm5,%xmm13,%xmm1
+	vpshufb	%xmm0,%xmm13,%xmm13
+	vpxor	%xmm4,%xmm12,%xmm12
+	vpshufb	%xmm0,%xmm14,%xmm14
+	vpxor	%xmm4,%xmm13,%xmm13
+	vpshufb	%xmm0,%xmm1,%xmm1
+	vpxor	%xmm4,%xmm14,%xmm14
+	jmp	.Loop_ctr32
+
+
+
+.globl	aesni_gcm_encrypt
+.def	aesni_gcm_encrypt;	.scl 2;	.type 32;	.endef
+.p2align	5
+aesni_gcm_encrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_aesni_gcm_encrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+	movq	40(%rsp),%r8
+	movq	48(%rsp),%r9
+
+
+	xorq	%r10,%r10
+	cmpq	$288,%rdx
+	jb	.Lgcm_enc_abort
+
+	leaq	(%rsp),%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	leaq	-168(%rsp),%rsp
+	movaps	%xmm6,-216(%rax)
+	movaps	%xmm7,-200(%rax)
+	movaps	%xmm8,-184(%rax)
+	movaps	%xmm9,-168(%rax)
+	movaps	%xmm10,-152(%rax)
+	movaps	%xmm11,-136(%rax)
+	movaps	%xmm12,-120(%rax)
+	movaps	%xmm13,-104(%rax)
+	movaps	%xmm14,-88(%rax)
+	movaps	%xmm15,-72(%rax)
+.Lgcm_enc_body:
+	vzeroupper
+
+	vmovdqu	(%r8),%xmm1
+	addq	$-128,%rsp
+	movl	12(%r8),%ebx
+	leaq	.Lbswap_mask(%rip),%r11
+	leaq	-128(%rcx),%r14
+	movq	$0xf80,%r15
+	leaq	128(%rcx),%rcx
+	vmovdqu	(%r11),%xmm0
+	andq	$-128,%rsp
+	movl	240-128(%rcx),%ebp
+
+	andq	%r15,%r14
+	andq	%rsp,%r15
+	subq	%r14,%r15
+	jc	.Lenc_no_key_aliasing
+	cmpq	$768,%r15
+	jnc	.Lenc_no_key_aliasing
+	subq	%r15,%rsp
+.Lenc_no_key_aliasing:
+
+	leaq	(%rsi),%r14
+	leaq	-192(%rsi,%rdx,1),%r15
+	shrq	$4,%rdx
+
+	call	_aesni_ctr32_6x
+	vpshufb	%xmm0,%xmm9,%xmm8
+	vpshufb	%xmm0,%xmm10,%xmm2
+	vmovdqu	%xmm8,112(%rsp)
+	vpshufb	%xmm0,%xmm11,%xmm4
+	vmovdqu	%xmm2,96(%rsp)
+	vpshufb	%xmm0,%xmm12,%xmm5
+	vmovdqu	%xmm4,80(%rsp)
+	vpshufb	%xmm0,%xmm13,%xmm6
+	vmovdqu	%xmm5,64(%rsp)
+	vpshufb	%xmm0,%xmm14,%xmm7
+	vmovdqu	%xmm6,48(%rsp)
+
+	call	_aesni_ctr32_6x
+
+	vmovdqu	(%r9),%xmm8
+	leaq	32+32(%r9),%r9
+	subq	$12,%rdx
+	movq	$192,%r10
+	vpshufb	%xmm0,%xmm8,%xmm8
+
+	call	_aesni_ctr32_ghash_6x
+	vmovdqu	32(%rsp),%xmm7
+	vmovdqu	(%r11),%xmm0
+	vmovdqu	0-32(%r9),%xmm3
+	vpunpckhqdq	%xmm7,%xmm7,%xmm1
+	vmovdqu	32-32(%r9),%xmm15
+	vmovups	%xmm9,-96(%rsi)
+	vpshufb	%xmm0,%xmm9,%xmm9
+	vpxor	%xmm7,%xmm1,%xmm1
+	vmovups	%xmm10,-80(%rsi)
+	vpshufb	%xmm0,%xmm10,%xmm10
+	vmovups	%xmm11,-64(%rsi)
+	vpshufb	%xmm0,%xmm11,%xmm11
+	vmovups	%xmm12,-48(%rsi)
+	vpshufb	%xmm0,%xmm12,%xmm12
+	vmovups	%xmm13,-32(%rsi)
+	vpshufb	%xmm0,%xmm13,%xmm13
+	vmovups	%xmm14,-16(%rsi)
+	vpshufb	%xmm0,%xmm14,%xmm14
+	vmovdqu	%xmm9,16(%rsp)
+	vmovdqu	48(%rsp),%xmm6
+	vmovdqu	16-32(%r9),%xmm0
+	vpunpckhqdq	%xmm6,%xmm6,%xmm2
+	vpclmulqdq	$0x00,%xmm3,%xmm7,%xmm5
+	vpxor	%xmm6,%xmm2,%xmm2
+	vpclmulqdq	$0x11,%xmm3,%xmm7,%xmm7
+	vpclmulqdq	$0x00,%xmm15,%xmm1,%xmm1
+
+	vmovdqu	64(%rsp),%xmm9
+	vpclmulqdq	$0x00,%xmm0,%xmm6,%xmm4
+	vmovdqu	48-32(%r9),%xmm3
+	vpxor	%xmm5,%xmm4,%xmm4
+	vpunpckhqdq	%xmm9,%xmm9,%xmm5
+	vpclmulqdq	$0x11,%xmm0,%xmm6,%xmm6
+	vpxor	%xmm9,%xmm5,%xmm5
+	vpxor	%xmm7,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm15,%xmm2,%xmm2
+	vmovdqu	80-32(%r9),%xmm15
+	vpxor	%xmm1,%xmm2,%xmm2
+
+	vmovdqu	80(%rsp),%xmm1
+	vpclmulqdq	$0x00,%xmm3,%xmm9,%xmm7
+	vmovdqu	64-32(%r9),%xmm0
+	vpxor	%xmm4,%xmm7,%xmm7
+	vpunpckhqdq	%xmm1,%xmm1,%xmm4
+	vpclmulqdq	$0x11,%xmm3,%xmm9,%xmm9
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpxor	%xmm6,%xmm9,%xmm9
+	vpclmulqdq	$0x00,%xmm15,%xmm5,%xmm5
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vmovdqu	96(%rsp),%xmm2
+	vpclmulqdq	$0x00,%xmm0,%xmm1,%xmm6
+	vmovdqu	96-32(%r9),%xmm3
+	vpxor	%xmm7,%xmm6,%xmm6
+	vpunpckhqdq	%xmm2,%xmm2,%xmm7
+	vpclmulqdq	$0x11,%xmm0,%xmm1,%xmm1
+	vpxor	%xmm2,%xmm7,%xmm7
+	vpxor	%xmm9,%xmm1,%xmm1
+	vpclmulqdq	$0x10,%xmm15,%xmm4,%xmm4
+	vmovdqu	128-32(%r9),%xmm15
+	vpxor	%xmm5,%xmm4,%xmm4
+
+	vpxor	112(%rsp),%xmm8,%xmm8
+	vpclmulqdq	$0x00,%xmm3,%xmm2,%xmm5
+	vmovdqu	112-32(%r9),%xmm0
+	vpunpckhqdq	%xmm8,%xmm8,%xmm9
+	vpxor	%xmm6,%xmm5,%xmm5
+	vpclmulqdq	$0x11,%xmm3,%xmm2,%xmm2
+	vpxor	%xmm8,%xmm9,%xmm9
+	vpxor	%xmm1,%xmm2,%xmm2
+	vpclmulqdq	$0x00,%xmm15,%xmm7,%xmm7
+	vpxor	%xmm4,%xmm7,%xmm4
+
+	vpclmulqdq	$0x00,%xmm0,%xmm8,%xmm6
+	vmovdqu	0-32(%r9),%xmm3
+	vpunpckhqdq	%xmm14,%xmm14,%xmm1
+	vpclmulqdq	$0x11,%xmm0,%xmm8,%xmm8
+	vpxor	%xmm14,%xmm1,%xmm1
+	vpxor	%xmm5,%xmm6,%xmm5
+	vpclmulqdq	$0x10,%xmm15,%xmm9,%xmm9
+	vmovdqu	32-32(%r9),%xmm15
+	vpxor	%xmm2,%xmm8,%xmm7
+	vpxor	%xmm4,%xmm9,%xmm6
+
+	vmovdqu	16-32(%r9),%xmm0
+	vpxor	%xmm5,%xmm7,%xmm9
+	vpclmulqdq	$0x00,%xmm3,%xmm14,%xmm4
+	vpxor	%xmm9,%xmm6,%xmm6
+	vpunpckhqdq	%xmm13,%xmm13,%xmm2
+	vpclmulqdq	$0x11,%xmm3,%xmm14,%xmm14
+	vpxor	%xmm13,%xmm2,%xmm2
+	vpslldq	$8,%xmm6,%xmm9
+	vpclmulqdq	$0x00,%xmm15,%xmm1,%xmm1
+	vpxor	%xmm9,%xmm5,%xmm8
+	vpsrldq	$8,%xmm6,%xmm6
+	vpxor	%xmm6,%xmm7,%xmm7
+
+	vpclmulqdq	$0x00,%xmm0,%xmm13,%xmm5
+	vmovdqu	48-32(%r9),%xmm3
+	vpxor	%xmm4,%xmm5,%xmm5
+	vpunpckhqdq	%xmm12,%xmm12,%xmm9
+	vpclmulqdq	$0x11,%xmm0,%xmm13,%xmm13
+	vpxor	%xmm12,%xmm9,%xmm9
+	vpxor	%xmm14,%xmm13,%xmm13
+	vpalignr	$8,%xmm8,%xmm8,%xmm14
+	vpclmulqdq	$0x10,%xmm15,%xmm2,%xmm2
+	vmovdqu	80-32(%r9),%xmm15
+	vpxor	%xmm1,%xmm2,%xmm2
+
+	vpclmulqdq	$0x00,%xmm3,%xmm12,%xmm4
+	vmovdqu	64-32(%r9),%xmm0
+	vpxor	%xmm5,%xmm4,%xmm4
+	vpunpckhqdq	%xmm11,%xmm11,%xmm1
+	vpclmulqdq	$0x11,%xmm3,%xmm12,%xmm12
+	vpxor	%xmm11,%xmm1,%xmm1
+	vpxor	%xmm13,%xmm12,%xmm12
+	vxorps	16(%rsp),%xmm7,%xmm7
+	vpclmulqdq	$0x00,%xmm15,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm9,%xmm9
+
+	vpclmulqdq	$0x10,16(%r11),%xmm8,%xmm8
+	vxorps	%xmm14,%xmm8,%xmm8
+
+	vpclmulqdq	$0x00,%xmm0,%xmm11,%xmm5
+	vmovdqu	96-32(%r9),%xmm3
+	vpxor	%xmm4,%xmm5,%xmm5
+	vpunpckhqdq	%xmm10,%xmm10,%xmm2
+	vpclmulqdq	$0x11,%xmm0,%xmm11,%xmm11
+	vpxor	%xmm10,%xmm2,%xmm2
+	vpalignr	$8,%xmm8,%xmm8,%xmm14
+	vpxor	%xmm12,%xmm11,%xmm11
+	vpclmulqdq	$0x10,%xmm15,%xmm1,%xmm1
+	vmovdqu	128-32(%r9),%xmm15
+	vpxor	%xmm9,%xmm1,%xmm1
+
+	vxorps	%xmm7,%xmm14,%xmm14
+	vpclmulqdq	$0x10,16(%r11),%xmm8,%xmm8
+	vxorps	%xmm14,%xmm8,%xmm8
+
+	vpclmulqdq	$0x00,%xmm3,%xmm10,%xmm4
+	vmovdqu	112-32(%r9),%xmm0
+	vpxor	%xmm5,%xmm4,%xmm4
+	vpunpckhqdq	%xmm8,%xmm8,%xmm9
+	vpclmulqdq	$0x11,%xmm3,%xmm10,%xmm10
+	vpxor	%xmm8,%xmm9,%xmm9
+	vpxor	%xmm11,%xmm10,%xmm10
+	vpclmulqdq	$0x00,%xmm15,%xmm2,%xmm2
+	vpxor	%xmm1,%xmm2,%xmm2
+
+	vpclmulqdq	$0x00,%xmm0,%xmm8,%xmm5
+	vpclmulqdq	$0x11,%xmm0,%xmm8,%xmm7
+	vpxor	%xmm4,%xmm5,%xmm5
+	vpclmulqdq	$0x10,%xmm15,%xmm9,%xmm6
+	vpxor	%xmm10,%xmm7,%xmm7
+	vpxor	%xmm2,%xmm6,%xmm6
+
+	vpxor	%xmm5,%xmm7,%xmm4
+	vpxor	%xmm4,%xmm6,%xmm6
+	vpslldq	$8,%xmm6,%xmm1
+	vmovdqu	16(%r11),%xmm3
+	vpsrldq	$8,%xmm6,%xmm6
+	vpxor	%xmm1,%xmm5,%xmm8
+	vpxor	%xmm6,%xmm7,%xmm7
+
+	vpalignr	$8,%xmm8,%xmm8,%xmm2
+	vpclmulqdq	$0x10,%xmm3,%xmm8,%xmm8
+	vpxor	%xmm2,%xmm8,%xmm8
+
+	vpalignr	$8,%xmm8,%xmm8,%xmm2
+	vpclmulqdq	$0x10,%xmm3,%xmm8,%xmm8
+	vpxor	%xmm7,%xmm2,%xmm2
+	vpxor	%xmm2,%xmm8,%xmm8
+	vpshufb	(%r11),%xmm8,%xmm8
+	vmovdqu	%xmm8,-64(%r9)
+
+	vzeroupper
+	movaps	-216(%rax),%xmm6
+	movaps	-200(%rax),%xmm7
+	movaps	-184(%rax),%xmm8
+	movaps	-168(%rax),%xmm9
+	movaps	-152(%rax),%xmm10
+	movaps	-136(%rax),%xmm11
+	movaps	-120(%rax),%xmm12
+	movaps	-104(%rax),%xmm13
+	movaps	-88(%rax),%xmm14
+	movaps	-72(%rax),%xmm15
+	movq	-48(%rax),%r15
+
+	movq	-40(%rax),%r14
+
+	movq	-32(%rax),%r13
+
+	movq	-24(%rax),%r12
+
+	movq	-16(%rax),%rbp
+
+	movq	-8(%rax),%rbx
+
+	leaq	(%rax),%rsp
+
+.Lgcm_enc_abort:
+	movq	%r10,%rax
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_aesni_gcm_encrypt:
+.p2align	6
+.Lbswap_mask:
+.byte	15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+.Lpoly:
+.byte	0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xc2
+.Lone_msb:
+.byte	0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1
+.Ltwo_lsb:
+.byte	2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
+.Lone_lsb:
+.byte	1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
+.byte	65,69,83,45,78,73,32,71,67,77,32,109,111,100,117,108,101,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.p2align	6
+
+.def	gcm_se_handler;	.scl 3;	.type 32;	.endef
+.p2align	4
+gcm_se_handler:
+	pushq	%rsi
+	pushq	%rdi
+	pushq	%rbx
+	pushq	%rbp
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	pushfq
+	subq	$64,%rsp
+
+	movq	120(%r8),%rax
+	movq	248(%r8),%rbx
+
+	movq	8(%r9),%rsi
+	movq	56(%r9),%r11
+
+	movl	0(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jb	.Lcommon_seh_tail
+
+	movq	152(%r8),%rax
+
+	movl	4(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jae	.Lcommon_seh_tail
+
+	movq	120(%r8),%rax
+
+	movq	-48(%rax),%r15
+	movq	-40(%rax),%r14
+	movq	-32(%rax),%r13
+	movq	-24(%rax),%r12
+	movq	-16(%rax),%rbp
+	movq	-8(%rax),%rbx
+	movq	%r15,240(%r8)
+	movq	%r14,232(%r8)
+	movq	%r13,224(%r8)
+	movq	%r12,216(%r8)
+	movq	%rbp,160(%r8)
+	movq	%rbx,144(%r8)
+
+	leaq	-216(%rax),%rsi
+	leaq	512(%r8),%rdi
+	movl	$20,%ecx
+.long	0xa548f3fc
+
+.Lcommon_seh_tail:
+	movq	8(%rax),%rdi
+	movq	16(%rax),%rsi
+	movq	%rax,152(%r8)
+	movq	%rsi,168(%r8)
+	movq	%rdi,176(%r8)
+
+	movq	40(%r9),%rdi
+	movq	%r8,%rsi
+	movl	$154,%ecx
+.long	0xa548f3fc
+
+	movq	%r9,%rsi
+	xorq	%rcx,%rcx
+	movq	8(%rsi),%rdx
+	movq	0(%rsi),%r8
+	movq	16(%rsi),%r9
+	movq	40(%rsi),%r10
+	leaq	56(%rsi),%r11
+	leaq	24(%rsi),%r12
+	movq	%r10,32(%rsp)
+	movq	%r11,40(%rsp)
+	movq	%r12,48(%rsp)
+	movq	%rcx,56(%rsp)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	movl	$1,%eax
+	addq	$64,%rsp
+	popfq
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbp
+	popq	%rbx
+	popq	%rdi
+	popq	%rsi
+	.byte	0xf3,0xc3
+
+
+.section	.pdata
+.p2align	2
+.rva	.LSEH_begin_aesni_gcm_decrypt
+.rva	.LSEH_end_aesni_gcm_decrypt
+.rva	.LSEH_gcm_dec_info
+
+.rva	.LSEH_begin_aesni_gcm_encrypt
+.rva	.LSEH_end_aesni_gcm_encrypt
+.rva	.LSEH_gcm_enc_info
+.section	.xdata
+.p2align	3
+.LSEH_gcm_dec_info:
+.byte	9,0,0,0
+.rva	gcm_se_handler
+.rva	.Lgcm_dec_body,.Lgcm_dec_abort
+.LSEH_gcm_enc_info:
+.byte	9,0,0,0
+.rva	gcm_se_handler
+.rva	.Lgcm_enc_body,.Lgcm_enc_abort
+
diff --git a/lib/accelerated/x86/coff/aesni-x86.s b/lib/accelerated/x86/coff/aesni-x86.s
new file mode 100644
index 0000000..92e5431
--- /dev/null
+++ b/lib/accelerated/x86/coff/aesni-x86.s
@@ -0,0 +1,3255 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text
+.globl	_aesni_encrypt
+.def	_aesni_encrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_aesni_encrypt:
+.L_aesni_encrypt_begin:
+	movl	4(%esp),%eax
+	movl	12(%esp),%edx
+	movups	(%eax),%xmm2
+	movl	240(%edx),%ecx
+	movl	8(%esp),%eax
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L000enc1_loop_1:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L000enc1_loop_1
+.byte	102,15,56,221,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%eax)
+	pxor	%xmm2,%xmm2
+	ret
+.globl	_aesni_decrypt
+.def	_aesni_decrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_aesni_decrypt:
+.L_aesni_decrypt_begin:
+	movl	4(%esp),%eax
+	movl	12(%esp),%edx
+	movups	(%eax),%xmm2
+	movl	240(%edx),%ecx
+	movl	8(%esp),%eax
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L001dec1_loop_2:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L001dec1_loop_2
+.byte	102,15,56,223,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%eax)
+	pxor	%xmm2,%xmm2
+	ret
+.def	__aesni_encrypt2;	.scl	3;	.type	32;	.endef
+.align	16
+__aesni_encrypt2:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+	addl	$16,%ecx
+.L002enc2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L002enc2_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	ret
+.def	__aesni_decrypt2;	.scl	3;	.type	32;	.endef
+.align	16
+__aesni_decrypt2:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+	addl	$16,%ecx
+.L003dec2_loop:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L003dec2_loop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+	ret
+.def	__aesni_encrypt3;	.scl	3;	.type	32;	.endef
+.align	16
+__aesni_encrypt3:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+	addl	$16,%ecx
+.L004enc3_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L004enc3_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+	ret
+.def	__aesni_decrypt3;	.scl	3;	.type	32;	.endef
+.align	16
+__aesni_decrypt3:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+	addl	$16,%ecx
+.L005dec3_loop:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L005dec3_loop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+	ret
+.def	__aesni_encrypt4;	.scl	3;	.type	32;	.endef
+.align	16
+__aesni_encrypt4:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	shll	$4,%ecx
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+.byte	15,31,64,0
+	addl	$16,%ecx
+.L006enc4_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L006enc4_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+	ret
+.def	__aesni_decrypt4;	.scl	3;	.type	32;	.endef
+.align	16
+__aesni_decrypt4:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	shll	$4,%ecx
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+.byte	15,31,64,0
+	addl	$16,%ecx
+.L007dec4_loop:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L007dec4_loop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+	ret
+.def	__aesni_encrypt6;	.scl	3;	.type	32;	.endef
+.align	16
+__aesni_encrypt6:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+.byte	102,15,56,220,209
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+.byte	102,15,56,220,217
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+.byte	102,15,56,220,225
+	pxor	%xmm0,%xmm7
+	movups	(%edx,%ecx,1),%xmm0
+	addl	$16,%ecx
+	jmp	.L008_aesni_encrypt6_inner
+.align	16
+.L009enc6_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.L008_aesni_encrypt6_inner:
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.L_aesni_encrypt6_enter:
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L009enc6_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+.byte	102,15,56,221,240
+.byte	102,15,56,221,248
+	ret
+.def	__aesni_decrypt6;	.scl	3;	.type	32;	.endef
+.align	16
+__aesni_decrypt6:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+.byte	102,15,56,222,209
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+.byte	102,15,56,222,217
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+.byte	102,15,56,222,225
+	pxor	%xmm0,%xmm7
+	movups	(%edx,%ecx,1),%xmm0
+	addl	$16,%ecx
+	jmp	.L010_aesni_decrypt6_inner
+.align	16
+.L011dec6_loop:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.L010_aesni_decrypt6_inner:
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.L_aesni_decrypt6_enter:
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L011dec6_loop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+.byte	102,15,56,223,240
+.byte	102,15,56,223,248
+	ret
+.globl	_aesni_ecb_encrypt
+.def	_aesni_ecb_encrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_aesni_ecb_encrypt:
+.L_aesni_ecb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebx
+	andl	$-16,%eax
+	jz	.L012ecb_ret
+	movl	240(%edx),%ecx
+	testl	%ebx,%ebx
+	jz	.L013ecb_decrypt
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+	cmpl	$96,%eax
+	jb	.L014ecb_enc_tail
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+	subl	$96,%eax
+	jmp	.L015ecb_enc_loop6_enter
+.align	16
+.L016ecb_enc_loop6:
+	movups	%xmm2,(%edi)
+	movdqu	(%esi),%xmm2
+	movups	%xmm3,16(%edi)
+	movdqu	16(%esi),%xmm3
+	movups	%xmm4,32(%edi)
+	movdqu	32(%esi),%xmm4
+	movups	%xmm5,48(%edi)
+	movdqu	48(%esi),%xmm5
+	movups	%xmm6,64(%edi)
+	movdqu	64(%esi),%xmm6
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+.L015ecb_enc_loop6_enter:
+	call	__aesni_encrypt6
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	subl	$96,%eax
+	jnc	.L016ecb_enc_loop6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	addl	$96,%eax
+	jz	.L012ecb_ret
+.L014ecb_enc_tail:
+	movups	(%esi),%xmm2
+	cmpl	$32,%eax
+	jb	.L017ecb_enc_one
+	movups	16(%esi),%xmm3
+	je	.L018ecb_enc_two
+	movups	32(%esi),%xmm4
+	cmpl	$64,%eax
+	jb	.L019ecb_enc_three
+	movups	48(%esi),%xmm5
+	je	.L020ecb_enc_four
+	movups	64(%esi),%xmm6
+	xorps	%xmm7,%xmm7
+	call	__aesni_encrypt6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L017ecb_enc_one:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L021enc1_loop_3:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L021enc1_loop_3
+.byte	102,15,56,221,209
+	movups	%xmm2,(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L018ecb_enc_two:
+	call	__aesni_encrypt2
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L019ecb_enc_three:
+	call	__aesni_encrypt3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L020ecb_enc_four:
+	call	__aesni_encrypt4
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L013ecb_decrypt:
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+	cmpl	$96,%eax
+	jb	.L022ecb_dec_tail
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+	subl	$96,%eax
+	jmp	.L023ecb_dec_loop6_enter
+.align	16
+.L024ecb_dec_loop6:
+	movups	%xmm2,(%edi)
+	movdqu	(%esi),%xmm2
+	movups	%xmm3,16(%edi)
+	movdqu	16(%esi),%xmm3
+	movups	%xmm4,32(%edi)
+	movdqu	32(%esi),%xmm4
+	movups	%xmm5,48(%edi)
+	movdqu	48(%esi),%xmm5
+	movups	%xmm6,64(%edi)
+	movdqu	64(%esi),%xmm6
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+.L023ecb_dec_loop6_enter:
+	call	__aesni_decrypt6
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	subl	$96,%eax
+	jnc	.L024ecb_dec_loop6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	addl	$96,%eax
+	jz	.L012ecb_ret
+.L022ecb_dec_tail:
+	movups	(%esi),%xmm2
+	cmpl	$32,%eax
+	jb	.L025ecb_dec_one
+	movups	16(%esi),%xmm3
+	je	.L026ecb_dec_two
+	movups	32(%esi),%xmm4
+	cmpl	$64,%eax
+	jb	.L027ecb_dec_three
+	movups	48(%esi),%xmm5
+	je	.L028ecb_dec_four
+	movups	64(%esi),%xmm6
+	xorps	%xmm7,%xmm7
+	call	__aesni_decrypt6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L025ecb_dec_one:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L029dec1_loop_4:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L029dec1_loop_4
+.byte	102,15,56,223,209
+	movups	%xmm2,(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L026ecb_dec_two:
+	call	__aesni_decrypt2
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L027ecb_dec_three:
+	call	__aesni_decrypt3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L028ecb_dec_four:
+	call	__aesni_decrypt4
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+.L012ecb_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_ccm64_encrypt_blocks
+.def	_aesni_ccm64_encrypt_blocks;	.scl	2;	.type	32;	.endef
+.align	16
+_aesni_ccm64_encrypt_blocks:
+.L_aesni_ccm64_encrypt_blocks_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebx
+	movl	40(%esp),%ecx
+	movl	%esp,%ebp
+	subl	$60,%esp
+	andl	$-16,%esp
+	movl	%ebp,48(%esp)
+	movdqu	(%ebx),%xmm7
+	movdqu	(%ecx),%xmm3
+	movl	240(%edx),%ecx
+	movl	$202182159,(%esp)
+	movl	$134810123,4(%esp)
+	movl	$67438087,8(%esp)
+	movl	$66051,12(%esp)
+	movl	$1,%ebx
+	xorl	%ebp,%ebp
+	movl	%ebx,16(%esp)
+	movl	%ebp,20(%esp)
+	movl	%ebp,24(%esp)
+	movl	%ebp,28(%esp)
+	shll	$4,%ecx
+	movl	$16,%ebx
+	leal	(%edx),%ebp
+	movdqa	(%esp),%xmm5
+	movdqa	%xmm7,%xmm2
+	leal	32(%edx,%ecx,1),%edx
+	subl	%ecx,%ebx
+.byte	102,15,56,0,253
+.L030ccm64_enc_outer:
+	movups	(%ebp),%xmm0
+	movl	%ebx,%ecx
+	movups	(%esi),%xmm6
+	xorps	%xmm0,%xmm2
+	movups	16(%ebp),%xmm1
+	xorps	%xmm6,%xmm0
+	xorps	%xmm0,%xmm3
+	movups	32(%ebp),%xmm0
+.L031ccm64_enc2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L031ccm64_enc2_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	paddq	16(%esp),%xmm7
+	decl	%eax
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	leal	16(%esi),%esi
+	xorps	%xmm2,%xmm6
+	movdqa	%xmm7,%xmm2
+	movups	%xmm6,(%edi)
+.byte	102,15,56,0,213
+	leal	16(%edi),%edi
+	jnz	.L030ccm64_enc_outer
+	movl	48(%esp),%esp
+	movl	40(%esp),%edi
+	movups	%xmm3,(%edi)
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_ccm64_decrypt_blocks
+.def	_aesni_ccm64_decrypt_blocks;	.scl	2;	.type	32;	.endef
+.align	16
+_aesni_ccm64_decrypt_blocks:
+.L_aesni_ccm64_decrypt_blocks_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebx
+	movl	40(%esp),%ecx
+	movl	%esp,%ebp
+	subl	$60,%esp
+	andl	$-16,%esp
+	movl	%ebp,48(%esp)
+	movdqu	(%ebx),%xmm7
+	movdqu	(%ecx),%xmm3
+	movl	240(%edx),%ecx
+	movl	$202182159,(%esp)
+	movl	$134810123,4(%esp)
+	movl	$67438087,8(%esp)
+	movl	$66051,12(%esp)
+	movl	$1,%ebx
+	xorl	%ebp,%ebp
+	movl	%ebx,16(%esp)
+	movl	%ebp,20(%esp)
+	movl	%ebp,24(%esp)
+	movl	%ebp,28(%esp)
+	movdqa	(%esp),%xmm5
+	movdqa	%xmm7,%xmm2
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+.byte	102,15,56,0,253
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L032enc1_loop_5:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L032enc1_loop_5
+.byte	102,15,56,221,209
+	shll	$4,%ebx
+	movl	$16,%ecx
+	movups	(%esi),%xmm6
+	paddq	16(%esp),%xmm7
+	leal	16(%esi),%esi
+	subl	%ebx,%ecx
+	leal	32(%ebp,%ebx,1),%edx
+	movl	%ecx,%ebx
+	jmp	.L033ccm64_dec_outer
+.align	16
+.L033ccm64_dec_outer:
+	xorps	%xmm2,%xmm6
+	movdqa	%xmm7,%xmm2
+	movups	%xmm6,(%edi)
+	leal	16(%edi),%edi
+.byte	102,15,56,0,213
+	subl	$1,%eax
+	jz	.L034ccm64_dec_break
+	movups	(%ebp),%xmm0
+	movl	%ebx,%ecx
+	movups	16(%ebp),%xmm1
+	xorps	%xmm0,%xmm6
+	xorps	%xmm0,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	32(%ebp),%xmm0
+.L035ccm64_dec2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L035ccm64_dec2_loop
+	movups	(%esi),%xmm6
+	paddq	16(%esp),%xmm7
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	leal	16(%esi),%esi
+	jmp	.L033ccm64_dec_outer
+.align	16
+.L034ccm64_dec_break:
+	movl	240(%ebp),%ecx
+	movl	%ebp,%edx
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm6
+	leal	32(%edx),%edx
+	xorps	%xmm6,%xmm3
+.L036enc1_loop_6:
+.byte	102,15,56,220,217
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L036enc1_loop_6
+.byte	102,15,56,221,217
+	movl	48(%esp),%esp
+	movl	40(%esp),%edi
+	movups	%xmm3,(%edi)
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_ctr32_encrypt_blocks
+.def	_aesni_ctr32_encrypt_blocks;	.scl	2;	.type	32;	.endef
+.align	16
+_aesni_ctr32_encrypt_blocks:
+.L_aesni_ctr32_encrypt_blocks_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebx
+	movl	%esp,%ebp
+	subl	$88,%esp
+	andl	$-16,%esp
+	movl	%ebp,80(%esp)
+	cmpl	$1,%eax
+	je	.L037ctr32_one_shortcut
+	movdqu	(%ebx),%xmm7
+	movl	$202182159,(%esp)
+	movl	$134810123,4(%esp)
+	movl	$67438087,8(%esp)
+	movl	$66051,12(%esp)
+	movl	$6,%ecx
+	xorl	%ebp,%ebp
+	movl	%ecx,16(%esp)
+	movl	%ecx,20(%esp)
+	movl	%ecx,24(%esp)
+	movl	%ebp,28(%esp)
+.byte	102,15,58,22,251,3
+.byte	102,15,58,34,253,3
+	movl	240(%edx),%ecx
+	bswap	%ebx
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movdqa	(%esp),%xmm2
+.byte	102,15,58,34,195,0
+	leal	3(%ebx),%ebp
+.byte	102,15,58,34,205,0
+	incl	%ebx
+.byte	102,15,58,34,195,1
+	incl	%ebp
+.byte	102,15,58,34,205,1
+	incl	%ebx
+.byte	102,15,58,34,195,2
+	incl	%ebp
+.byte	102,15,58,34,205,2
+	movdqa	%xmm0,48(%esp)
+.byte	102,15,56,0,194
+	movdqu	(%edx),%xmm6
+	movdqa	%xmm1,64(%esp)
+.byte	102,15,56,0,202
+	pshufd	$192,%xmm0,%xmm2
+	pshufd	$128,%xmm0,%xmm3
+	cmpl	$6,%eax
+	jb	.L038ctr32_tail
+	pxor	%xmm6,%xmm7
+	shll	$4,%ecx
+	movl	$16,%ebx
+	movdqa	%xmm7,32(%esp)
+	movl	%edx,%ebp
+	subl	%ecx,%ebx
+	leal	32(%edx,%ecx,1),%edx
+	subl	$6,%eax
+	jmp	.L039ctr32_loop6
+.align	16
+.L039ctr32_loop6:
+	pshufd	$64,%xmm0,%xmm4
+	movdqa	32(%esp),%xmm0
+	pshufd	$192,%xmm1,%xmm5
+	pxor	%xmm0,%xmm2
+	pshufd	$128,%xmm1,%xmm6
+	pxor	%xmm0,%xmm3
+	pshufd	$64,%xmm1,%xmm7
+	movups	16(%ebp),%xmm1
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+.byte	102,15,56,220,209
+	pxor	%xmm0,%xmm6
+	pxor	%xmm0,%xmm7
+.byte	102,15,56,220,217
+	movups	32(%ebp),%xmm0
+	movl	%ebx,%ecx
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	call	.L_aesni_encrypt6_enter
+	movups	(%esi),%xmm1
+	movups	16(%esi),%xmm0
+	xorps	%xmm1,%xmm2
+	movups	32(%esi),%xmm1
+	xorps	%xmm0,%xmm3
+	movups	%xmm2,(%edi)
+	movdqa	16(%esp),%xmm0
+	xorps	%xmm1,%xmm4
+	movdqa	64(%esp),%xmm1
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	paddd	%xmm0,%xmm1
+	paddd	48(%esp),%xmm0
+	movdqa	(%esp),%xmm2
+	movups	48(%esi),%xmm3
+	movups	64(%esi),%xmm4
+	xorps	%xmm3,%xmm5
+	movups	80(%esi),%xmm3
+	leal	96(%esi),%esi
+	movdqa	%xmm0,48(%esp)
+.byte	102,15,56,0,194
+	xorps	%xmm4,%xmm6
+	movups	%xmm5,48(%edi)
+	xorps	%xmm3,%xmm7
+	movdqa	%xmm1,64(%esp)
+.byte	102,15,56,0,202
+	movups	%xmm6,64(%edi)
+	pshufd	$192,%xmm0,%xmm2
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	pshufd	$128,%xmm0,%xmm3
+	subl	$6,%eax
+	jnc	.L039ctr32_loop6
+	addl	$6,%eax
+	jz	.L040ctr32_ret
+	movdqu	(%ebp),%xmm7
+	movl	%ebp,%edx
+	pxor	32(%esp),%xmm7
+	movl	240(%ebp),%ecx
+.L038ctr32_tail:
+	por	%xmm7,%xmm2
+	cmpl	$2,%eax
+	jb	.L041ctr32_one
+	pshufd	$64,%xmm0,%xmm4
+	por	%xmm7,%xmm3
+	je	.L042ctr32_two
+	pshufd	$192,%xmm1,%xmm5
+	por	%xmm7,%xmm4
+	cmpl	$4,%eax
+	jb	.L043ctr32_three
+	pshufd	$128,%xmm1,%xmm6
+	por	%xmm7,%xmm5
+	je	.L044ctr32_four
+	por	%xmm7,%xmm6
+	call	__aesni_encrypt6
+	movups	(%esi),%xmm1
+	movups	16(%esi),%xmm0
+	xorps	%xmm1,%xmm2
+	movups	32(%esi),%xmm1
+	xorps	%xmm0,%xmm3
+	movups	48(%esi),%xmm0
+	xorps	%xmm1,%xmm4
+	movups	64(%esi),%xmm1
+	xorps	%xmm0,%xmm5
+	movups	%xmm2,(%edi)
+	xorps	%xmm1,%xmm6
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	jmp	.L040ctr32_ret
+.align	16
+.L037ctr32_one_shortcut:
+	movups	(%ebx),%xmm2
+	movl	240(%edx),%ecx
+.L041ctr32_one:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L045enc1_loop_7:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L045enc1_loop_7
+.byte	102,15,56,221,209
+	movups	(%esi),%xmm6
+	xorps	%xmm2,%xmm6
+	movups	%xmm6,(%edi)
+	jmp	.L040ctr32_ret
+.align	16
+.L042ctr32_two:
+	call	__aesni_encrypt2
+	movups	(%esi),%xmm5
+	movups	16(%esi),%xmm6
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	jmp	.L040ctr32_ret
+.align	16
+.L043ctr32_three:
+	call	__aesni_encrypt3
+	movups	(%esi),%xmm5
+	movups	16(%esi),%xmm6
+	xorps	%xmm5,%xmm2
+	movups	32(%esi),%xmm7
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	xorps	%xmm7,%xmm4
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	jmp	.L040ctr32_ret
+.align	16
+.L044ctr32_four:
+	call	__aesni_encrypt4
+	movups	(%esi),%xmm6
+	movups	16(%esi),%xmm7
+	movups	32(%esi),%xmm1
+	xorps	%xmm6,%xmm2
+	movups	48(%esi),%xmm0
+	xorps	%xmm7,%xmm3
+	movups	%xmm2,(%edi)
+	xorps	%xmm1,%xmm4
+	movups	%xmm3,16(%edi)
+	xorps	%xmm0,%xmm5
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+.L040ctr32_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm0,32(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm0,48(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm0,64(%esp)
+	pxor	%xmm7,%xmm7
+	movl	80(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_xts_encrypt
+.def	_aesni_xts_encrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_aesni_xts_encrypt:
+.L_aesni_xts_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	36(%esp),%edx
+	movl	40(%esp),%esi
+	movl	240(%edx),%ecx
+	movups	(%esi),%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L046enc1_loop_8:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L046enc1_loop_8
+.byte	102,15,56,221,209
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	%esp,%ebp
+	subl	$120,%esp
+	movl	240(%edx),%ecx
+	andl	$-16,%esp
+	movl	$135,96(%esp)
+	movl	$0,100(%esp)
+	movl	$1,104(%esp)
+	movl	$0,108(%esp)
+	movl	%eax,112(%esp)
+	movl	%ebp,116(%esp)
+	movdqa	%xmm2,%xmm1
+	pxor	%xmm0,%xmm0
+	movdqa	96(%esp),%xmm3
+	pcmpgtd	%xmm1,%xmm0
+	andl	$-16,%eax
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+	subl	$96,%eax
+	jc	.L047xts_enc_short
+	shll	$4,%ecx
+	movl	$16,%ebx
+	subl	%ecx,%ebx
+	leal	32(%edx,%ecx,1),%edx
+	jmp	.L048xts_enc_loop6
+.align	16
+.L048xts_enc_loop6:
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,16(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,32(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,48(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm7
+	movdqa	%xmm1,64(%esp)
+	paddq	%xmm1,%xmm1
+	movups	(%ebp),%xmm0
+	pand	%xmm3,%xmm7
+	movups	(%esi),%xmm2
+	pxor	%xmm1,%xmm7
+	movl	%ebx,%ecx
+	movdqu	16(%esi),%xmm3
+	xorps	%xmm0,%xmm2
+	movdqu	32(%esi),%xmm4
+	pxor	%xmm0,%xmm3
+	movdqu	48(%esi),%xmm5
+	pxor	%xmm0,%xmm4
+	movdqu	64(%esi),%xmm6
+	pxor	%xmm0,%xmm5
+	movdqu	80(%esi),%xmm1
+	pxor	%xmm0,%xmm6
+	leal	96(%esi),%esi
+	pxor	(%esp),%xmm2
+	movdqa	%xmm7,80(%esp)
+	pxor	%xmm1,%xmm7
+	movups	16(%ebp),%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+.byte	102,15,56,220,209
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+.byte	102,15,56,220,217
+	pxor	%xmm0,%xmm7
+	movups	32(%ebp),%xmm0
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	call	.L_aesni_encrypt6_enter
+	movdqa	80(%esp),%xmm1
+	pxor	%xmm0,%xmm0
+	xorps	(%esp),%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	xorps	16(%esp),%xmm3
+	movups	%xmm2,(%edi)
+	xorps	32(%esp),%xmm4
+	movups	%xmm3,16(%edi)
+	xorps	48(%esp),%xmm5
+	movups	%xmm4,32(%edi)
+	xorps	64(%esp),%xmm6
+	movups	%xmm5,48(%edi)
+	xorps	%xmm1,%xmm7
+	movups	%xmm6,64(%edi)
+	pshufd	$19,%xmm0,%xmm2
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	movdqa	96(%esp),%xmm3
+	pxor	%xmm0,%xmm0
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	subl	$96,%eax
+	jnc	.L048xts_enc_loop6
+	movl	240(%ebp),%ecx
+	movl	%ebp,%edx
+	movl	%ecx,%ebx
+.L047xts_enc_short:
+	addl	$96,%eax
+	jz	.L049xts_enc_done6x
+	movdqa	%xmm1,%xmm5
+	cmpl	$32,%eax
+	jb	.L050xts_enc_one
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	je	.L051xts_enc_two
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,%xmm6
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	cmpl	$64,%eax
+	jb	.L052xts_enc_three
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,%xmm7
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	movdqa	%xmm5,(%esp)
+	movdqa	%xmm6,16(%esp)
+	je	.L053xts_enc_four
+	movdqa	%xmm7,32(%esp)
+	pshufd	$19,%xmm0,%xmm7
+	movdqa	%xmm1,48(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm7
+	pxor	%xmm1,%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	pxor	(%esp),%xmm2
+	movdqu	48(%esi),%xmm5
+	pxor	16(%esp),%xmm3
+	movdqu	64(%esi),%xmm6
+	pxor	32(%esp),%xmm4
+	leal	80(%esi),%esi
+	pxor	48(%esp),%xmm5
+	movdqa	%xmm7,64(%esp)
+	pxor	%xmm7,%xmm6
+	call	__aesni_encrypt6
+	movaps	64(%esp),%xmm1
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	32(%esp),%xmm4
+	movups	%xmm2,(%edi)
+	xorps	48(%esp),%xmm5
+	movups	%xmm3,16(%edi)
+	xorps	%xmm1,%xmm6
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	leal	80(%edi),%edi
+	jmp	.L054xts_enc_done
+.align	16
+.L050xts_enc_one:
+	movups	(%esi),%xmm2
+	leal	16(%esi),%esi
+	xorps	%xmm5,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L055enc1_loop_9:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L055enc1_loop_9
+.byte	102,15,56,221,209
+	xorps	%xmm5,%xmm2
+	movups	%xmm2,(%edi)
+	leal	16(%edi),%edi
+	movdqa	%xmm5,%xmm1
+	jmp	.L054xts_enc_done
+.align	16
+.L051xts_enc_two:
+	movaps	%xmm1,%xmm6
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	leal	32(%esi),%esi
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	call	__aesni_encrypt2
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	leal	32(%edi),%edi
+	movdqa	%xmm6,%xmm1
+	jmp	.L054xts_enc_done
+.align	16
+.L052xts_enc_three:
+	movaps	%xmm1,%xmm7
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	movups	32(%esi),%xmm4
+	leal	48(%esi),%esi
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	call	__aesni_encrypt3
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	leal	48(%edi),%edi
+	movdqa	%xmm7,%xmm1
+	jmp	.L054xts_enc_done
+.align	16
+.L053xts_enc_four:
+	movaps	%xmm1,%xmm6
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	movups	32(%esi),%xmm4
+	xorps	(%esp),%xmm2
+	movups	48(%esi),%xmm5
+	leal	64(%esi),%esi
+	xorps	16(%esp),%xmm3
+	xorps	%xmm7,%xmm4
+	xorps	%xmm6,%xmm5
+	call	__aesni_encrypt4
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi)
+	xorps	%xmm6,%xmm5
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	leal	64(%edi),%edi
+	movdqa	%xmm6,%xmm1
+	jmp	.L054xts_enc_done
+.align	16
+.L049xts_enc_done6x:
+	movl	112(%esp),%eax
+	andl	$15,%eax
+	jz	.L056xts_enc_ret
+	movdqa	%xmm1,%xmm5
+	movl	%eax,112(%esp)
+	jmp	.L057xts_enc_steal
+.align	16
+.L054xts_enc_done:
+	movl	112(%esp),%eax
+	pxor	%xmm0,%xmm0
+	andl	$15,%eax
+	jz	.L056xts_enc_ret
+	pcmpgtd	%xmm1,%xmm0
+	movl	%eax,112(%esp)
+	pshufd	$19,%xmm0,%xmm5
+	paddq	%xmm1,%xmm1
+	pand	96(%esp),%xmm5
+	pxor	%xmm1,%xmm5
+.L057xts_enc_steal:
+	movzbl	(%esi),%ecx
+	movzbl	-16(%edi),%edx
+	leal	1(%esi),%esi
+	movb	%cl,-16(%edi)
+	movb	%dl,(%edi)
+	leal	1(%edi),%edi
+	subl	$1,%eax
+	jnz	.L057xts_enc_steal
+	subl	112(%esp),%edi
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	movups	-16(%edi),%xmm2
+	xorps	%xmm5,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L058enc1_loop_10:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L058enc1_loop_10
+.byte	102,15,56,221,209
+	xorps	%xmm5,%xmm2
+	movups	%xmm2,-16(%edi)
+.L056xts_enc_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	movdqa	%xmm0,(%esp)
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm0,16(%esp)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm0,32(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm0,48(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm0,64(%esp)
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm0,80(%esp)
+	movl	116(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_xts_decrypt
+.def	_aesni_xts_decrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_aesni_xts_decrypt:
+.L_aesni_xts_decrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	36(%esp),%edx
+	movl	40(%esp),%esi
+	movl	240(%edx),%ecx
+	movups	(%esi),%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L059enc1_loop_11:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L059enc1_loop_11
+.byte	102,15,56,221,209
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	%esp,%ebp
+	subl	$120,%esp
+	andl	$-16,%esp
+	xorl	%ebx,%ebx
+	testl	$15,%eax
+	setnz	%bl
+	shll	$4,%ebx
+	subl	%ebx,%eax
+	movl	$135,96(%esp)
+	movl	$0,100(%esp)
+	movl	$1,104(%esp)
+	movl	$0,108(%esp)
+	movl	%eax,112(%esp)
+	movl	%ebp,116(%esp)
+	movl	240(%edx),%ecx
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+	movdqa	%xmm2,%xmm1
+	pxor	%xmm0,%xmm0
+	movdqa	96(%esp),%xmm3
+	pcmpgtd	%xmm1,%xmm0
+	andl	$-16,%eax
+	subl	$96,%eax
+	jc	.L060xts_dec_short
+	shll	$4,%ecx
+	movl	$16,%ebx
+	subl	%ecx,%ebx
+	leal	32(%edx,%ecx,1),%edx
+	jmp	.L061xts_dec_loop6
+.align	16
+.L061xts_dec_loop6:
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,16(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,32(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,48(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm7
+	movdqa	%xmm1,64(%esp)
+	paddq	%xmm1,%xmm1
+	movups	(%ebp),%xmm0
+	pand	%xmm3,%xmm7
+	movups	(%esi),%xmm2
+	pxor	%xmm1,%xmm7
+	movl	%ebx,%ecx
+	movdqu	16(%esi),%xmm3
+	xorps	%xmm0,%xmm2
+	movdqu	32(%esi),%xmm4
+	pxor	%xmm0,%xmm3
+	movdqu	48(%esi),%xmm5
+	pxor	%xmm0,%xmm4
+	movdqu	64(%esi),%xmm6
+	pxor	%xmm0,%xmm5
+	movdqu	80(%esi),%xmm1
+	pxor	%xmm0,%xmm6
+	leal	96(%esi),%esi
+	pxor	(%esp),%xmm2
+	movdqa	%xmm7,80(%esp)
+	pxor	%xmm1,%xmm7
+	movups	16(%ebp),%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+.byte	102,15,56,222,209
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+.byte	102,15,56,222,217
+	pxor	%xmm0,%xmm7
+	movups	32(%ebp),%xmm0
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	call	.L_aesni_decrypt6_enter
+	movdqa	80(%esp),%xmm1
+	pxor	%xmm0,%xmm0
+	xorps	(%esp),%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	xorps	16(%esp),%xmm3
+	movups	%xmm2,(%edi)
+	xorps	32(%esp),%xmm4
+	movups	%xmm3,16(%edi)
+	xorps	48(%esp),%xmm5
+	movups	%xmm4,32(%edi)
+	xorps	64(%esp),%xmm6
+	movups	%xmm5,48(%edi)
+	xorps	%xmm1,%xmm7
+	movups	%xmm6,64(%edi)
+	pshufd	$19,%xmm0,%xmm2
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	movdqa	96(%esp),%xmm3
+	pxor	%xmm0,%xmm0
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	subl	$96,%eax
+	jnc	.L061xts_dec_loop6
+	movl	240(%ebp),%ecx
+	movl	%ebp,%edx
+	movl	%ecx,%ebx
+.L060xts_dec_short:
+	addl	$96,%eax
+	jz	.L062xts_dec_done6x
+	movdqa	%xmm1,%xmm5
+	cmpl	$32,%eax
+	jb	.L063xts_dec_one
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	je	.L064xts_dec_two
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,%xmm6
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	cmpl	$64,%eax
+	jb	.L065xts_dec_three
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,%xmm7
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	movdqa	%xmm5,(%esp)
+	movdqa	%xmm6,16(%esp)
+	je	.L066xts_dec_four
+	movdqa	%xmm7,32(%esp)
+	pshufd	$19,%xmm0,%xmm7
+	movdqa	%xmm1,48(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm7
+	pxor	%xmm1,%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	pxor	(%esp),%xmm2
+	movdqu	48(%esi),%xmm5
+	pxor	16(%esp),%xmm3
+	movdqu	64(%esi),%xmm6
+	pxor	32(%esp),%xmm4
+	leal	80(%esi),%esi
+	pxor	48(%esp),%xmm5
+	movdqa	%xmm7,64(%esp)
+	pxor	%xmm7,%xmm6
+	call	__aesni_decrypt6
+	movaps	64(%esp),%xmm1
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	32(%esp),%xmm4
+	movups	%xmm2,(%edi)
+	xorps	48(%esp),%xmm5
+	movups	%xmm3,16(%edi)
+	xorps	%xmm1,%xmm6
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	leal	80(%edi),%edi
+	jmp	.L067xts_dec_done
+.align	16
+.L063xts_dec_one:
+	movups	(%esi),%xmm2
+	leal	16(%esi),%esi
+	xorps	%xmm5,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L068dec1_loop_12:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L068dec1_loop_12
+.byte	102,15,56,223,209
+	xorps	%xmm5,%xmm2
+	movups	%xmm2,(%edi)
+	leal	16(%edi),%edi
+	movdqa	%xmm5,%xmm1
+	jmp	.L067xts_dec_done
+.align	16
+.L064xts_dec_two:
+	movaps	%xmm1,%xmm6
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	leal	32(%esi),%esi
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	call	__aesni_decrypt2
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	leal	32(%edi),%edi
+	movdqa	%xmm6,%xmm1
+	jmp	.L067xts_dec_done
+.align	16
+.L065xts_dec_three:
+	movaps	%xmm1,%xmm7
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	movups	32(%esi),%xmm4
+	leal	48(%esi),%esi
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	call	__aesni_decrypt3
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	leal	48(%edi),%edi
+	movdqa	%xmm7,%xmm1
+	jmp	.L067xts_dec_done
+.align	16
+.L066xts_dec_four:
+	movaps	%xmm1,%xmm6
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	movups	32(%esi),%xmm4
+	xorps	(%esp),%xmm2
+	movups	48(%esi),%xmm5
+	leal	64(%esi),%esi
+	xorps	16(%esp),%xmm3
+	xorps	%xmm7,%xmm4
+	xorps	%xmm6,%xmm5
+	call	__aesni_decrypt4
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi)
+	xorps	%xmm6,%xmm5
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	leal	64(%edi),%edi
+	movdqa	%xmm6,%xmm1
+	jmp	.L067xts_dec_done
+.align	16
+.L062xts_dec_done6x:
+	movl	112(%esp),%eax
+	andl	$15,%eax
+	jz	.L069xts_dec_ret
+	movl	%eax,112(%esp)
+	jmp	.L070xts_dec_only_one_more
+.align	16
+.L067xts_dec_done:
+	movl	112(%esp),%eax
+	pxor	%xmm0,%xmm0
+	andl	$15,%eax
+	jz	.L069xts_dec_ret
+	pcmpgtd	%xmm1,%xmm0
+	movl	%eax,112(%esp)
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	96(%esp),%xmm3
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+.L070xts_dec_only_one_more:
+	pshufd	$19,%xmm0,%xmm5
+	movdqa	%xmm1,%xmm6
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm5
+	pxor	%xmm1,%xmm5
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	movups	(%esi),%xmm2
+	xorps	%xmm5,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L071dec1_loop_13:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L071dec1_loop_13
+.byte	102,15,56,223,209
+	xorps	%xmm5,%xmm2
+	movups	%xmm2,(%edi)
+.L072xts_dec_steal:
+	movzbl	16(%esi),%ecx
+	movzbl	(%edi),%edx
+	leal	1(%esi),%esi
+	movb	%cl,(%edi)
+	movb	%dl,16(%edi)
+	leal	1(%edi),%edi
+	subl	$1,%eax
+	jnz	.L072xts_dec_steal
+	subl	112(%esp),%edi
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	movups	(%edi),%xmm2
+	xorps	%xmm6,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L073dec1_loop_14:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L073dec1_loop_14
+.byte	102,15,56,223,209
+	xorps	%xmm6,%xmm2
+	movups	%xmm2,(%edi)
+.L069xts_dec_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	movdqa	%xmm0,(%esp)
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm0,16(%esp)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm0,32(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm0,48(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm0,64(%esp)
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm0,80(%esp)
+	movl	116(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_ocb_encrypt
+.def	_aesni_ocb_encrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_aesni_ocb_encrypt:
+.L_aesni_ocb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	40(%esp),%ecx
+	movl	48(%esp),%ebx
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movdqu	(%ecx),%xmm0
+	movl	36(%esp),%ebp
+	movdqu	(%ebx),%xmm1
+	movl	44(%esp),%ebx
+	movl	%esp,%ecx
+	subl	$132,%esp
+	andl	$-16,%esp
+	subl	%esi,%edi
+	shll	$4,%eax
+	leal	-96(%esi,%eax,1),%eax
+	movl	%edi,120(%esp)
+	movl	%eax,124(%esp)
+	movl	%ecx,128(%esp)
+	movl	240(%edx),%ecx
+	testl	$1,%ebp
+	jnz	.L074odd
+	bsfl	%ebp,%eax
+	addl	$1,%ebp
+	shll	$4,%eax
+	movdqu	(%ebx,%eax,1),%xmm7
+	movl	%edx,%eax
+	movdqu	(%esi),%xmm2
+	leal	16(%esi),%esi
+	pxor	%xmm0,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm7,%xmm2
+	movdqa	%xmm1,%xmm6
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L075enc1_loop_15:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L075enc1_loop_15
+.byte	102,15,56,221,209
+	xorps	%xmm7,%xmm2
+	movdqa	%xmm7,%xmm0
+	movdqa	%xmm6,%xmm1
+	movups	%xmm2,-16(%edi,%esi,1)
+	movl	240(%eax),%ecx
+	movl	%eax,%edx
+	movl	124(%esp),%eax
+.L074odd:
+	shll	$4,%ecx
+	movl	$16,%edi
+	subl	%ecx,%edi
+	movl	%edx,112(%esp)
+	leal	32(%edx,%ecx,1),%edx
+	movl	%edi,116(%esp)
+	cmpl	%eax,%esi
+	ja	.L076short
+	jmp	.L077grandloop
+.align	32
+.L077grandloop:
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	leal	5(%ebp),%edi
+	addl	$6,%ebp
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	bsfl	%edi,%edi
+	shll	$4,%ecx
+	shll	$4,%eax
+	shll	$4,%edi
+	movdqu	(%ebx),%xmm2
+	movdqu	(%ebx,%ecx,1),%xmm3
+	movl	116(%esp),%ecx
+	movdqa	%xmm2,%xmm4
+	movdqu	(%ebx,%eax,1),%xmm5
+	movdqa	%xmm2,%xmm6
+	movdqu	(%ebx,%edi,1),%xmm7
+	pxor	%xmm0,%xmm2
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm3,16(%esp)
+	pxor	%xmm4,%xmm5
+	movdqa	%xmm4,32(%esp)
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm5,48(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm6,64(%esp)
+	movdqa	%xmm7,80(%esp)
+	movups	-48(%edx,%ecx,1),%xmm0
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+	pxor	%xmm2,%xmm1
+	pxor	%xmm0,%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	%xmm0,%xmm3
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	pxor	%xmm5,%xmm1
+	pxor	%xmm0,%xmm5
+	pxor	%xmm6,%xmm1
+	pxor	%xmm0,%xmm6
+	pxor	%xmm7,%xmm1
+	pxor	%xmm0,%xmm7
+	movdqa	%xmm1,96(%esp)
+	movups	-32(%edx,%ecx,1),%xmm1
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	pxor	80(%esp),%xmm7
+	movups	-16(%edx,%ecx,1),%xmm0
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movl	120(%esp),%edi
+	movl	124(%esp),%eax
+	call	.L_aesni_encrypt6_enter
+	movdqa	80(%esp),%xmm0
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	pxor	%xmm0,%xmm7
+	movdqa	96(%esp),%xmm1
+	movdqu	%xmm2,-96(%edi,%esi,1)
+	movdqu	%xmm3,-80(%edi,%esi,1)
+	movdqu	%xmm4,-64(%edi,%esi,1)
+	movdqu	%xmm5,-48(%edi,%esi,1)
+	movdqu	%xmm6,-32(%edi,%esi,1)
+	movdqu	%xmm7,-16(%edi,%esi,1)
+	cmpl	%eax,%esi
+	jb	.L077grandloop
+.L076short:
+	addl	$96,%eax
+	subl	%esi,%eax
+	jz	.L078done
+	cmpl	$32,%eax
+	jb	.L079one
+	je	.L080two
+	cmpl	$64,%eax
+	jb	.L081three
+	je	.L082four
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	shll	$4,%ecx
+	shll	$4,%eax
+	movdqu	(%ebx),%xmm2
+	movdqu	(%ebx,%ecx,1),%xmm3
+	movl	116(%esp),%ecx
+	movdqa	%xmm2,%xmm4
+	movdqu	(%ebx,%eax,1),%xmm5
+	movdqa	%xmm2,%xmm6
+	pxor	%xmm0,%xmm2
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm3,16(%esp)
+	pxor	%xmm4,%xmm5
+	movdqa	%xmm4,32(%esp)
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm5,48(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm6,64(%esp)
+	movups	-48(%edx,%ecx,1),%xmm0
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	pxor	%xmm7,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm0,%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	%xmm0,%xmm3
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	pxor	%xmm5,%xmm1
+	pxor	%xmm0,%xmm5
+	pxor	%xmm6,%xmm1
+	pxor	%xmm0,%xmm6
+	movdqa	%xmm1,96(%esp)
+	movups	-32(%edx,%ecx,1),%xmm1
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	movups	-16(%edx,%ecx,1),%xmm0
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movl	120(%esp),%edi
+	call	.L_aesni_encrypt6_enter
+	movdqa	64(%esp),%xmm0
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	%xmm0,%xmm6
+	movdqa	96(%esp),%xmm1
+	movdqu	%xmm2,(%edi,%esi,1)
+	movdqu	%xmm3,16(%edi,%esi,1)
+	movdqu	%xmm4,32(%edi,%esi,1)
+	movdqu	%xmm5,48(%edi,%esi,1)
+	movdqu	%xmm6,64(%edi,%esi,1)
+	jmp	.L078done
+.align	16
+.L079one:
+	movdqu	(%ebx),%xmm7
+	movl	112(%esp),%edx
+	movdqu	(%esi),%xmm2
+	movl	240(%edx),%ecx
+	pxor	%xmm0,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm7,%xmm2
+	movdqa	%xmm1,%xmm6
+	movl	120(%esp),%edi
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L083enc1_loop_16:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L083enc1_loop_16
+.byte	102,15,56,221,209
+	xorps	%xmm7,%xmm2
+	movdqa	%xmm7,%xmm0
+	movdqa	%xmm6,%xmm1
+	movups	%xmm2,(%edi,%esi,1)
+	jmp	.L078done
+.align	16
+.L080two:
+	leal	1(%ebp),%ecx
+	movl	112(%esp),%edx
+	bsfl	%ecx,%ecx
+	shll	$4,%ecx
+	movdqu	(%ebx),%xmm6
+	movdqu	(%ebx,%ecx,1),%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movl	240(%edx),%ecx
+	pxor	%xmm0,%xmm6
+	pxor	%xmm6,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm6,%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	%xmm7,%xmm3
+	movdqa	%xmm1,%xmm5
+	movl	120(%esp),%edi
+	call	__aesni_encrypt2
+	xorps	%xmm6,%xmm2
+	xorps	%xmm7,%xmm3
+	movdqa	%xmm7,%xmm0
+	movdqa	%xmm5,%xmm1
+	movups	%xmm2,(%edi,%esi,1)
+	movups	%xmm3,16(%edi,%esi,1)
+	jmp	.L078done
+.align	16
+.L081three:
+	leal	1(%ebp),%ecx
+	movl	112(%esp),%edx
+	bsfl	%ecx,%ecx
+	shll	$4,%ecx
+	movdqu	(%ebx),%xmm5
+	movdqu	(%ebx,%ecx,1),%xmm6
+	movdqa	%xmm5,%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movl	240(%edx),%ecx
+	pxor	%xmm0,%xmm5
+	pxor	%xmm5,%xmm6
+	pxor	%xmm6,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm5,%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	%xmm6,%xmm3
+	pxor	%xmm4,%xmm1
+	pxor	%xmm7,%xmm4
+	movdqa	%xmm1,96(%esp)
+	movl	120(%esp),%edi
+	call	__aesni_encrypt3
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	movdqa	%xmm7,%xmm0
+	movdqa	96(%esp),%xmm1
+	movups	%xmm2,(%edi,%esi,1)
+	movups	%xmm3,16(%edi,%esi,1)
+	movups	%xmm4,32(%edi,%esi,1)
+	jmp	.L078done
+.align	16
+.L082four:
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	movl	112(%esp),%edx
+	shll	$4,%ecx
+	shll	$4,%eax
+	movdqu	(%ebx),%xmm4
+	movdqu	(%ebx,%ecx,1),%xmm5
+	movdqa	%xmm4,%xmm6
+	movdqu	(%ebx,%eax,1),%xmm7
+	pxor	%xmm0,%xmm4
+	movdqu	(%esi),%xmm2
+	pxor	%xmm4,%xmm5
+	movdqu	16(%esi),%xmm3
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm4,(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm5,16(%esp)
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movl	240(%edx),%ecx
+	pxor	%xmm2,%xmm1
+	pxor	(%esp),%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	%xmm4,%xmm1
+	pxor	%xmm6,%xmm4
+	pxor	%xmm5,%xmm1
+	pxor	%xmm7,%xmm5
+	movdqa	%xmm1,96(%esp)
+	movl	120(%esp),%edi
+	call	__aesni_encrypt4
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	%xmm6,%xmm4
+	movups	%xmm2,(%edi,%esi,1)
+	xorps	%xmm7,%xmm5
+	movups	%xmm3,16(%edi,%esi,1)
+	movdqa	%xmm7,%xmm0
+	movups	%xmm4,32(%edi,%esi,1)
+	movdqa	96(%esp),%xmm1
+	movups	%xmm5,48(%edi,%esi,1)
+.L078done:
+	movl	128(%esp),%edx
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm2,16(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm2,32(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm2,48(%esp)
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm2,64(%esp)
+	movdqa	%xmm2,80(%esp)
+	movdqa	%xmm2,96(%esp)
+	leal	(%edx),%esp
+	movl	40(%esp),%ecx
+	movl	48(%esp),%ebx
+	movdqu	%xmm0,(%ecx)
+	pxor	%xmm0,%xmm0
+	movdqu	%xmm1,(%ebx)
+	pxor	%xmm1,%xmm1
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_ocb_decrypt
+.def	_aesni_ocb_decrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_aesni_ocb_decrypt:
+.L_aesni_ocb_decrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	40(%esp),%ecx
+	movl	48(%esp),%ebx
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movdqu	(%ecx),%xmm0
+	movl	36(%esp),%ebp
+	movdqu	(%ebx),%xmm1
+	movl	44(%esp),%ebx
+	movl	%esp,%ecx
+	subl	$132,%esp
+	andl	$-16,%esp
+	subl	%esi,%edi
+	shll	$4,%eax
+	leal	-96(%esi,%eax,1),%eax
+	movl	%edi,120(%esp)
+	movl	%eax,124(%esp)
+	movl	%ecx,128(%esp)
+	movl	240(%edx),%ecx
+	testl	$1,%ebp
+	jnz	.L084odd
+	bsfl	%ebp,%eax
+	addl	$1,%ebp
+	shll	$4,%eax
+	movdqu	(%ebx,%eax,1),%xmm7
+	movl	%edx,%eax
+	movdqu	(%esi),%xmm2
+	leal	16(%esi),%esi
+	pxor	%xmm0,%xmm7
+	pxor	%xmm7,%xmm2
+	movdqa	%xmm1,%xmm6
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L085dec1_loop_17:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L085dec1_loop_17
+.byte	102,15,56,223,209
+	xorps	%xmm7,%xmm2
+	movaps	%xmm6,%xmm1
+	movdqa	%xmm7,%xmm0
+	xorps	%xmm2,%xmm1
+	movups	%xmm2,-16(%edi,%esi,1)
+	movl	240(%eax),%ecx
+	movl	%eax,%edx
+	movl	124(%esp),%eax
+.L084odd:
+	shll	$4,%ecx
+	movl	$16,%edi
+	subl	%ecx,%edi
+	movl	%edx,112(%esp)
+	leal	32(%edx,%ecx,1),%edx
+	movl	%edi,116(%esp)
+	cmpl	%eax,%esi
+	ja	.L086short
+	jmp	.L087grandloop
+.align	32
+.L087grandloop:
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	leal	5(%ebp),%edi
+	addl	$6,%ebp
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	bsfl	%edi,%edi
+	shll	$4,%ecx
+	shll	$4,%eax
+	shll	$4,%edi
+	movdqu	(%ebx),%xmm2
+	movdqu	(%ebx,%ecx,1),%xmm3
+	movl	116(%esp),%ecx
+	movdqa	%xmm2,%xmm4
+	movdqu	(%ebx,%eax,1),%xmm5
+	movdqa	%xmm2,%xmm6
+	movdqu	(%ebx,%edi,1),%xmm7
+	pxor	%xmm0,%xmm2
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm3,16(%esp)
+	pxor	%xmm4,%xmm5
+	movdqa	%xmm4,32(%esp)
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm5,48(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm6,64(%esp)
+	movdqa	%xmm7,80(%esp)
+	movups	-48(%edx,%ecx,1),%xmm0
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+	movdqa	%xmm1,96(%esp)
+	pxor	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	pxor	%xmm0,%xmm7
+	movups	-32(%edx,%ecx,1),%xmm1
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	pxor	80(%esp),%xmm7
+	movups	-16(%edx,%ecx,1),%xmm0
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movl	120(%esp),%edi
+	movl	124(%esp),%eax
+	call	.L_aesni_decrypt6_enter
+	movdqa	80(%esp),%xmm0
+	pxor	(%esp),%xmm2
+	movdqa	96(%esp),%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	pxor	%xmm0,%xmm7
+	pxor	%xmm2,%xmm1
+	movdqu	%xmm2,-96(%edi,%esi,1)
+	pxor	%xmm3,%xmm1
+	movdqu	%xmm3,-80(%edi,%esi,1)
+	pxor	%xmm4,%xmm1
+	movdqu	%xmm4,-64(%edi,%esi,1)
+	pxor	%xmm5,%xmm1
+	movdqu	%xmm5,-48(%edi,%esi,1)
+	pxor	%xmm6,%xmm1
+	movdqu	%xmm6,-32(%edi,%esi,1)
+	pxor	%xmm7,%xmm1
+	movdqu	%xmm7,-16(%edi,%esi,1)
+	cmpl	%eax,%esi
+	jb	.L087grandloop
+.L086short:
+	addl	$96,%eax
+	subl	%esi,%eax
+	jz	.L088done
+	cmpl	$32,%eax
+	jb	.L089one
+	je	.L090two
+	cmpl	$64,%eax
+	jb	.L091three
+	je	.L092four
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	shll	$4,%ecx
+	shll	$4,%eax
+	movdqu	(%ebx),%xmm2
+	movdqu	(%ebx,%ecx,1),%xmm3
+	movl	116(%esp),%ecx
+	movdqa	%xmm2,%xmm4
+	movdqu	(%ebx,%eax,1),%xmm5
+	movdqa	%xmm2,%xmm6
+	pxor	%xmm0,%xmm2
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm3,16(%esp)
+	pxor	%xmm4,%xmm5
+	movdqa	%xmm4,32(%esp)
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm5,48(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm6,64(%esp)
+	movups	-48(%edx,%ecx,1),%xmm0
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm1,96(%esp)
+	pxor	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	movups	-32(%edx,%ecx,1),%xmm1
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	movups	-16(%edx,%ecx,1),%xmm0
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movl	120(%esp),%edi
+	call	.L_aesni_decrypt6_enter
+	movdqa	64(%esp),%xmm0
+	pxor	(%esp),%xmm2
+	movdqa	96(%esp),%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	%xmm0,%xmm6
+	pxor	%xmm2,%xmm1
+	movdqu	%xmm2,(%edi,%esi,1)
+	pxor	%xmm3,%xmm1
+	movdqu	%xmm3,16(%edi,%esi,1)
+	pxor	%xmm4,%xmm1
+	movdqu	%xmm4,32(%edi,%esi,1)
+	pxor	%xmm5,%xmm1
+	movdqu	%xmm5,48(%edi,%esi,1)
+	pxor	%xmm6,%xmm1
+	movdqu	%xmm6,64(%edi,%esi,1)
+	jmp	.L088done
+.align	16
+.L089one:
+	movdqu	(%ebx),%xmm7
+	movl	112(%esp),%edx
+	movdqu	(%esi),%xmm2
+	movl	240(%edx),%ecx
+	pxor	%xmm0,%xmm7
+	pxor	%xmm7,%xmm2
+	movdqa	%xmm1,%xmm6
+	movl	120(%esp),%edi
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L093dec1_loop_18:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L093dec1_loop_18
+.byte	102,15,56,223,209
+	xorps	%xmm7,%xmm2
+	movaps	%xmm6,%xmm1
+	movdqa	%xmm7,%xmm0
+	xorps	%xmm2,%xmm1
+	movups	%xmm2,(%edi,%esi,1)
+	jmp	.L088done
+.align	16
+.L090two:
+	leal	1(%ebp),%ecx
+	movl	112(%esp),%edx
+	bsfl	%ecx,%ecx
+	shll	$4,%ecx
+	movdqu	(%ebx),%xmm6
+	movdqu	(%ebx,%ecx,1),%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movl	240(%edx),%ecx
+	movdqa	%xmm1,%xmm5
+	pxor	%xmm0,%xmm6
+	pxor	%xmm6,%xmm7
+	pxor	%xmm6,%xmm2
+	pxor	%xmm7,%xmm3
+	movl	120(%esp),%edi
+	call	__aesni_decrypt2
+	xorps	%xmm6,%xmm2
+	xorps	%xmm7,%xmm3
+	movdqa	%xmm7,%xmm0
+	xorps	%xmm2,%xmm5
+	movups	%xmm2,(%edi,%esi,1)
+	xorps	%xmm3,%xmm5
+	movups	%xmm3,16(%edi,%esi,1)
+	movaps	%xmm5,%xmm1
+	jmp	.L088done
+.align	16
+.L091three:
+	leal	1(%ebp),%ecx
+	movl	112(%esp),%edx
+	bsfl	%ecx,%ecx
+	shll	$4,%ecx
+	movdqu	(%ebx),%xmm5
+	movdqu	(%ebx,%ecx,1),%xmm6
+	movdqa	%xmm5,%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movl	240(%edx),%ecx
+	movdqa	%xmm1,96(%esp)
+	pxor	%xmm0,%xmm5
+	pxor	%xmm5,%xmm6
+	pxor	%xmm6,%xmm7
+	pxor	%xmm5,%xmm2
+	pxor	%xmm6,%xmm3
+	pxor	%xmm7,%xmm4
+	movl	120(%esp),%edi
+	call	__aesni_decrypt3
+	movdqa	96(%esp),%xmm1
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi,%esi,1)
+	pxor	%xmm2,%xmm1
+	movdqa	%xmm7,%xmm0
+	movups	%xmm3,16(%edi,%esi,1)
+	pxor	%xmm3,%xmm1
+	movups	%xmm4,32(%edi,%esi,1)
+	pxor	%xmm4,%xmm1
+	jmp	.L088done
+.align	16
+.L092four:
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	movl	112(%esp),%edx
+	shll	$4,%ecx
+	shll	$4,%eax
+	movdqu	(%ebx),%xmm4
+	movdqu	(%ebx,%ecx,1),%xmm5
+	movdqa	%xmm4,%xmm6
+	movdqu	(%ebx,%eax,1),%xmm7
+	pxor	%xmm0,%xmm4
+	movdqu	(%esi),%xmm2
+	pxor	%xmm4,%xmm5
+	movdqu	16(%esi),%xmm3
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm4,(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm5,16(%esp)
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movl	240(%edx),%ecx
+	movdqa	%xmm1,96(%esp)
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	%xmm6,%xmm4
+	pxor	%xmm7,%xmm5
+	movl	120(%esp),%edi
+	call	__aesni_decrypt4
+	movdqa	96(%esp),%xmm1
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	%xmm6,%xmm4
+	movups	%xmm2,(%edi,%esi,1)
+	pxor	%xmm2,%xmm1
+	xorps	%xmm7,%xmm5
+	movups	%xmm3,16(%edi,%esi,1)
+	pxor	%xmm3,%xmm1
+	movdqa	%xmm7,%xmm0
+	movups	%xmm4,32(%edi,%esi,1)
+	pxor	%xmm4,%xmm1
+	movups	%xmm5,48(%edi,%esi,1)
+	pxor	%xmm5,%xmm1
+.L088done:
+	movl	128(%esp),%edx
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm2,16(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm2,32(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm2,48(%esp)
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm2,64(%esp)
+	movdqa	%xmm2,80(%esp)
+	movdqa	%xmm2,96(%esp)
+	leal	(%edx),%esp
+	movl	40(%esp),%ecx
+	movl	48(%esp),%ebx
+	movdqu	%xmm0,(%ecx)
+	pxor	%xmm0,%xmm0
+	movdqu	%xmm1,(%ebx)
+	pxor	%xmm1,%xmm1
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_cbc_encrypt
+.def	_aesni_cbc_encrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_aesni_cbc_encrypt:
+.L_aesni_cbc_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	%esp,%ebx
+	movl	24(%esp),%edi
+	subl	$24,%ebx
+	movl	28(%esp),%eax
+	andl	$-16,%ebx
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebp
+	testl	%eax,%eax
+	jz	.L094cbc_abort
+	cmpl	$0,40(%esp)
+	xchgl	%esp,%ebx
+	movups	(%ebp),%xmm7
+	movl	240(%edx),%ecx
+	movl	%edx,%ebp
+	movl	%ebx,16(%esp)
+	movl	%ecx,%ebx
+	je	.L095cbc_decrypt
+	movaps	%xmm7,%xmm2
+	cmpl	$16,%eax
+	jb	.L096cbc_enc_tail
+	subl	$16,%eax
+	jmp	.L097cbc_enc_loop
+.align	16
+.L097cbc_enc_loop:
+	movups	(%esi),%xmm7
+	leal	16(%esi),%esi
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm7
+	leal	32(%edx),%edx
+	xorps	%xmm7,%xmm2
+.L098enc1_loop_19:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L098enc1_loop_19
+.byte	102,15,56,221,209
+	movl	%ebx,%ecx
+	movl	%ebp,%edx
+	movups	%xmm2,(%edi)
+	leal	16(%edi),%edi
+	subl	$16,%eax
+	jnc	.L097cbc_enc_loop
+	addl	$16,%eax
+	jnz	.L096cbc_enc_tail
+	movaps	%xmm2,%xmm7
+	pxor	%xmm2,%xmm2
+	jmp	.L099cbc_ret
+.L096cbc_enc_tail:
+	movl	%eax,%ecx
+.long	2767451785
+	movl	$16,%ecx
+	subl	%eax,%ecx
+	xorl	%eax,%eax
+.long	2868115081
+	leal	-16(%edi),%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+	movl	%ebp,%edx
+	jmp	.L097cbc_enc_loop
+.align	16
+.L095cbc_decrypt:
+	cmpl	$80,%eax
+	jbe	.L100cbc_dec_tail
+	movaps	%xmm7,(%esp)
+	subl	$80,%eax
+	jmp	.L101cbc_dec_loop6_enter
+.align	16
+.L102cbc_dec_loop6:
+	movaps	%xmm0,(%esp)
+	movups	%xmm7,(%edi)
+	leal	16(%edi),%edi
+.L101cbc_dec_loop6_enter:
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	call	__aesni_decrypt6
+	movups	(%esi),%xmm1
+	movups	16(%esi),%xmm0
+	xorps	(%esp),%xmm2
+	xorps	%xmm1,%xmm3
+	movups	32(%esi),%xmm1
+	xorps	%xmm0,%xmm4
+	movups	48(%esi),%xmm0
+	xorps	%xmm1,%xmm5
+	movups	64(%esi),%xmm1
+	xorps	%xmm0,%xmm6
+	movups	80(%esi),%xmm0
+	xorps	%xmm1,%xmm7
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	leal	96(%esi),%esi
+	movups	%xmm4,32(%edi)
+	movl	%ebx,%ecx
+	movups	%xmm5,48(%edi)
+	movl	%ebp,%edx
+	movups	%xmm6,64(%edi)
+	leal	80(%edi),%edi
+	subl	$96,%eax
+	ja	.L102cbc_dec_loop6
+	movaps	%xmm7,%xmm2
+	movaps	%xmm0,%xmm7
+	addl	$80,%eax
+	jle	.L103cbc_dec_clear_tail_collected
+	movups	%xmm2,(%edi)
+	leal	16(%edi),%edi
+.L100cbc_dec_tail:
+	movups	(%esi),%xmm2
+	movaps	%xmm2,%xmm6
+	cmpl	$16,%eax
+	jbe	.L104cbc_dec_one
+	movups	16(%esi),%xmm3
+	movaps	%xmm3,%xmm5
+	cmpl	$32,%eax
+	jbe	.L105cbc_dec_two
+	movups	32(%esi),%xmm4
+	cmpl	$48,%eax
+	jbe	.L106cbc_dec_three
+	movups	48(%esi),%xmm5
+	cmpl	$64,%eax
+	jbe	.L107cbc_dec_four
+	movups	64(%esi),%xmm6
+	movaps	%xmm7,(%esp)
+	movups	(%esi),%xmm2
+	xorps	%xmm7,%xmm7
+	call	__aesni_decrypt6
+	movups	(%esi),%xmm1
+	movups	16(%esi),%xmm0
+	xorps	(%esp),%xmm2
+	xorps	%xmm1,%xmm3
+	movups	32(%esi),%xmm1
+	xorps	%xmm0,%xmm4
+	movups	48(%esi),%xmm0
+	xorps	%xmm1,%xmm5
+	movups	64(%esi),%xmm7
+	xorps	%xmm0,%xmm6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%edi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%edi)
+	pxor	%xmm5,%xmm5
+	leal	64(%edi),%edi
+	movaps	%xmm6,%xmm2
+	pxor	%xmm6,%xmm6
+	subl	$80,%eax
+	jmp	.L108cbc_dec_tail_collected
+.align	16
+.L104cbc_dec_one:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L109dec1_loop_20:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L109dec1_loop_20
+.byte	102,15,56,223,209
+	xorps	%xmm7,%xmm2
+	movaps	%xmm6,%xmm7
+	subl	$16,%eax
+	jmp	.L108cbc_dec_tail_collected
+.align	16
+.L105cbc_dec_two:
+	call	__aesni_decrypt2
+	xorps	%xmm7,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	movaps	%xmm3,%xmm2
+	pxor	%xmm3,%xmm3
+	leal	16(%edi),%edi
+	movaps	%xmm5,%xmm7
+	subl	$32,%eax
+	jmp	.L108cbc_dec_tail_collected
+.align	16
+.L106cbc_dec_three:
+	call	__aesni_decrypt3
+	xorps	%xmm7,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm5,%xmm4
+	movups	%xmm2,(%edi)
+	movaps	%xmm4,%xmm2
+	pxor	%xmm4,%xmm4
+	movups	%xmm3,16(%edi)
+	pxor	%xmm3,%xmm3
+	leal	32(%edi),%edi
+	movups	32(%esi),%xmm7
+	subl	$48,%eax
+	jmp	.L108cbc_dec_tail_collected
+.align	16
+.L107cbc_dec_four:
+	call	__aesni_decrypt4
+	movups	16(%esi),%xmm1
+	movups	32(%esi),%xmm0
+	xorps	%xmm7,%xmm2
+	movups	48(%esi),%xmm7
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	xorps	%xmm1,%xmm4
+	movups	%xmm3,16(%edi)
+	pxor	%xmm3,%xmm3
+	xorps	%xmm0,%xmm5
+	movups	%xmm4,32(%edi)
+	pxor	%xmm4,%xmm4
+	leal	48(%edi),%edi
+	movaps	%xmm5,%xmm2
+	pxor	%xmm5,%xmm5
+	subl	$64,%eax
+	jmp	.L108cbc_dec_tail_collected
+.align	16
+.L103cbc_dec_clear_tail_collected:
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+.L108cbc_dec_tail_collected:
+	andl	$15,%eax
+	jnz	.L110cbc_dec_tail_partial
+	movups	%xmm2,(%edi)
+	pxor	%xmm0,%xmm0
+	jmp	.L099cbc_ret
+.align	16
+.L110cbc_dec_tail_partial:
+	movaps	%xmm2,(%esp)
+	pxor	%xmm0,%xmm0
+	movl	$16,%ecx
+	movl	%esp,%esi
+	subl	%eax,%ecx
+.long	2767451785
+	movdqa	%xmm2,(%esp)
+.L099cbc_ret:
+	movl	16(%esp),%esp
+	movl	36(%esp),%ebp
+	pxor	%xmm2,%xmm2
+	pxor	%xmm1,%xmm1
+	movups	%xmm7,(%ebp)
+	pxor	%xmm7,%xmm7
+.L094cbc_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.def	__aesni_set_encrypt_key;	.scl	3;	.type	32;	.endef
+.align	16
+__aesni_set_encrypt_key:
+	pushl	%ebp
+	pushl	%ebx
+	testl	%eax,%eax
+	jz	.L111bad_pointer
+	testl	%edx,%edx
+	jz	.L111bad_pointer
+	call	.L112pic
+.L112pic:
+	popl	%ebx
+	leal	.Lkey_const-.L112pic(%ebx),%ebx
+	leal	_GNUTLS_x86_cpuid_s,%ebp
+	movups	(%eax),%xmm0
+	xorps	%xmm4,%xmm4
+	movl	4(%ebp),%ebp
+	leal	16(%edx),%edx
+	andl	$268437504,%ebp
+	cmpl	$256,%ecx
+	je	.L11314rounds
+	cmpl	$192,%ecx
+	je	.L11412rounds
+	cmpl	$128,%ecx
+	jne	.L115bad_keybits
+.align	16
+.L11610rounds:
+	cmpl	$268435456,%ebp
+	je	.L11710rounds_alt
+	movl	$9,%ecx
+	movups	%xmm0,-16(%edx)
+.byte	102,15,58,223,200,1
+	call	.L118key_128_cold
+.byte	102,15,58,223,200,2
+	call	.L119key_128
+.byte	102,15,58,223,200,4
+	call	.L119key_128
+.byte	102,15,58,223,200,8
+	call	.L119key_128
+.byte	102,15,58,223,200,16
+	call	.L119key_128
+.byte	102,15,58,223,200,32
+	call	.L119key_128
+.byte	102,15,58,223,200,64
+	call	.L119key_128
+.byte	102,15,58,223,200,128
+	call	.L119key_128
+.byte	102,15,58,223,200,27
+	call	.L119key_128
+.byte	102,15,58,223,200,54
+	call	.L119key_128
+	movups	%xmm0,(%edx)
+	movl	%ecx,80(%edx)
+	jmp	.L120good_key
+.align	16
+.L119key_128:
+	movups	%xmm0,(%edx)
+	leal	16(%edx),%edx
+.L118key_128_cold:
+	shufps	$16,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$255,%xmm1,%xmm1
+	xorps	%xmm1,%xmm0
+	ret
+.align	16
+.L11710rounds_alt:
+	movdqa	(%ebx),%xmm5
+	movl	$8,%ecx
+	movdqa	32(%ebx),%xmm4
+	movdqa	%xmm0,%xmm2
+	movdqu	%xmm0,-16(%edx)
+.L121loop_key128:
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	pslld	$1,%xmm4
+	leal	16(%edx),%edx
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,-16(%edx)
+	movdqa	%xmm0,%xmm2
+	decl	%ecx
+	jnz	.L121loop_key128
+	movdqa	48(%ebx),%xmm4
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	pslld	$1,%xmm4
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,(%edx)
+	movdqa	%xmm0,%xmm2
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,16(%edx)
+	movl	$9,%ecx
+	movl	%ecx,96(%edx)
+	jmp	.L120good_key
+.align	16
+.L11412rounds:
+	movq	16(%eax),%xmm2
+	cmpl	$268435456,%ebp
+	je	.L12212rounds_alt
+	movl	$11,%ecx
+	movups	%xmm0,-16(%edx)
+.byte	102,15,58,223,202,1
+	call	.L123key_192a_cold
+.byte	102,15,58,223,202,2
+	call	.L124key_192b
+.byte	102,15,58,223,202,4
+	call	.L125key_192a
+.byte	102,15,58,223,202,8
+	call	.L124key_192b
+.byte	102,15,58,223,202,16
+	call	.L125key_192a
+.byte	102,15,58,223,202,32
+	call	.L124key_192b
+.byte	102,15,58,223,202,64
+	call	.L125key_192a
+.byte	102,15,58,223,202,128
+	call	.L124key_192b
+	movups	%xmm0,(%edx)
+	movl	%ecx,48(%edx)
+	jmp	.L120good_key
+.align	16
+.L125key_192a:
+	movups	%xmm0,(%edx)
+	leal	16(%edx),%edx
+.align	16
+.L123key_192a_cold:
+	movaps	%xmm2,%xmm5
+.L126key_192b_warm:
+	shufps	$16,%xmm0,%xmm4
+	movdqa	%xmm2,%xmm3
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	pslldq	$4,%xmm3
+	xorps	%xmm4,%xmm0
+	pshufd	$85,%xmm1,%xmm1
+	pxor	%xmm3,%xmm2
+	pxor	%xmm1,%xmm0
+	pshufd	$255,%xmm0,%xmm3
+	pxor	%xmm3,%xmm2
+	ret
+.align	16
+.L124key_192b:
+	movaps	%xmm0,%xmm3
+	shufps	$68,%xmm0,%xmm5
+	movups	%xmm5,(%edx)
+	shufps	$78,%xmm2,%xmm3
+	movups	%xmm3,16(%edx)
+	leal	32(%edx),%edx
+	jmp	.L126key_192b_warm
+.align	16
+.L12212rounds_alt:
+	movdqa	16(%ebx),%xmm5
+	movdqa	32(%ebx),%xmm4
+	movl	$8,%ecx
+	movdqu	%xmm0,-16(%edx)
+.L127loop_key192:
+	movq	%xmm2,(%edx)
+	movdqa	%xmm2,%xmm1
+.byte	102,15,56,0,213
+.byte	102,15,56,221,212
+	pslld	$1,%xmm4
+	leal	24(%edx),%edx
+	movdqa	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm3,%xmm0
+	pshufd	$255,%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pxor	%xmm2,%xmm0
+	pxor	%xmm3,%xmm2
+	movdqu	%xmm0,-16(%edx)
+	decl	%ecx
+	jnz	.L127loop_key192
+	movl	$11,%ecx
+	movl	%ecx,32(%edx)
+	jmp	.L120good_key
+.align	16
+.L11314rounds:
+	movups	16(%eax),%xmm2
+	leal	16(%edx),%edx
+	cmpl	$268435456,%ebp
+	je	.L12814rounds_alt
+	movl	$13,%ecx
+	movups	%xmm0,-32(%edx)
+	movups	%xmm2,-16(%edx)
+.byte	102,15,58,223,202,1
+	call	.L129key_256a_cold
+.byte	102,15,58,223,200,1
+	call	.L130key_256b
+.byte	102,15,58,223,202,2
+	call	.L131key_256a
+.byte	102,15,58,223,200,2
+	call	.L130key_256b
+.byte	102,15,58,223,202,4
+	call	.L131key_256a
+.byte	102,15,58,223,200,4
+	call	.L130key_256b
+.byte	102,15,58,223,202,8
+	call	.L131key_256a
+.byte	102,15,58,223,200,8
+	call	.L130key_256b
+.byte	102,15,58,223,202,16
+	call	.L131key_256a
+.byte	102,15,58,223,200,16
+	call	.L130key_256b
+.byte	102,15,58,223,202,32
+	call	.L131key_256a
+.byte	102,15,58,223,200,32
+	call	.L130key_256b
+.byte	102,15,58,223,202,64
+	call	.L131key_256a
+	movups	%xmm0,(%edx)
+	movl	%ecx,16(%edx)
+	xorl	%eax,%eax
+	jmp	.L120good_key
+.align	16
+.L131key_256a:
+	movups	%xmm2,(%edx)
+	leal	16(%edx),%edx
+.L129key_256a_cold:
+	shufps	$16,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$255,%xmm1,%xmm1
+	xorps	%xmm1,%xmm0
+	ret
+.align	16
+.L130key_256b:
+	movups	%xmm0,(%edx)
+	leal	16(%edx),%edx
+	shufps	$16,%xmm2,%xmm4
+	xorps	%xmm4,%xmm2
+	shufps	$140,%xmm2,%xmm4
+	xorps	%xmm4,%xmm2
+	shufps	$170,%xmm1,%xmm1
+	xorps	%xmm1,%xmm2
+	ret
+.align	16
+.L12814rounds_alt:
+	movdqa	(%ebx),%xmm5
+	movdqa	32(%ebx),%xmm4
+	movl	$7,%ecx
+	movdqu	%xmm0,-32(%edx)
+	movdqa	%xmm2,%xmm1
+	movdqu	%xmm2,-16(%edx)
+.L132loop_key256:
+.byte	102,15,56,0,213
+.byte	102,15,56,221,212
+	movdqa	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm3,%xmm0
+	pslld	$1,%xmm4
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,(%edx)
+	decl	%ecx
+	jz	.L133done_key256
+	pshufd	$255,%xmm0,%xmm2
+	pxor	%xmm3,%xmm3
+.byte	102,15,56,221,211
+	movdqa	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm3,%xmm1
+	pxor	%xmm1,%xmm2
+	movdqu	%xmm2,16(%edx)
+	leal	32(%edx),%edx
+	movdqa	%xmm2,%xmm1
+	jmp	.L132loop_key256
+.L133done_key256:
+	movl	$13,%ecx
+	movl	%ecx,16(%edx)
+.L120good_key:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	xorl	%eax,%eax
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	4
+.L111bad_pointer:
+	movl	$-1,%eax
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	4
+.L115bad_keybits:
+	pxor	%xmm0,%xmm0
+	movl	$-2,%eax
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_set_encrypt_key
+.def	_aesni_set_encrypt_key;	.scl	2;	.type	32;	.endef
+.align	16
+_aesni_set_encrypt_key:
+.L_aesni_set_encrypt_key_begin:
+	movl	4(%esp),%eax
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	call	__aesni_set_encrypt_key
+	ret
+.globl	_aesni_set_decrypt_key
+.def	_aesni_set_decrypt_key;	.scl	2;	.type	32;	.endef
+.align	16
+_aesni_set_decrypt_key:
+.L_aesni_set_decrypt_key_begin:
+	movl	4(%esp),%eax
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	call	__aesni_set_encrypt_key
+	movl	12(%esp),%edx
+	shll	$4,%ecx
+	testl	%eax,%eax
+	jnz	.L134dec_key_ret
+	leal	16(%edx,%ecx,1),%eax
+	movups	(%edx),%xmm0
+	movups	(%eax),%xmm1
+	movups	%xmm0,(%eax)
+	movups	%xmm1,(%edx)
+	leal	16(%edx),%edx
+	leal	-16(%eax),%eax
+.L135dec_key_inverse:
+	movups	(%edx),%xmm0
+	movups	(%eax),%xmm1
+.byte	102,15,56,219,192
+.byte	102,15,56,219,201
+	leal	16(%edx),%edx
+	leal	-16(%eax),%eax
+	movups	%xmm0,16(%eax)
+	movups	%xmm1,-16(%edx)
+	cmpl	%edx,%eax
+	ja	.L135dec_key_inverse
+	movups	(%edx),%xmm0
+.byte	102,15,56,219,192
+	movups	%xmm0,(%edx)
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	xorl	%eax,%eax
+.L134dec_key_ret:
+	ret
+.align	64
+.Lkey_const:
+.long	202313229,202313229,202313229,202313229
+.long	67569157,67569157,67569157,67569157
+.long	1,1,1,1
+.long	27,27,27,27
+.byte	65,69,83,32,102,111,114,32,73,110,116,101,108,32,65,69
+.byte	83,45,78,73,44,32,67,82,89,80,84,79,71,65,77,83
+.byte	32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115
+.byte	115,108,46,111,114,103,62,0
+.comm	_GNUTLS_x86_cpuid_s,16
+
diff --git a/lib/accelerated/x86/coff/aesni-x86_64.s b/lib/accelerated/x86/coff/aesni-x86_64.s
new file mode 100644
index 0000000..0094f59
--- /dev/null
+++ b/lib/accelerated/x86/coff/aesni-x86_64.s
@@ -0,0 +1,5116 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+.globl	aesni_encrypt
+.def	aesni_encrypt;	.scl 2;	.type 32;	.endef
+.p2align	4
+aesni_encrypt:
+
+	movups	(%rcx),%xmm2
+	movl	240(%r8),%eax
+	movups	(%r8),%xmm0
+	movups	16(%r8),%xmm1
+	leaq	32(%r8),%r8
+	xorps	%xmm0,%xmm2
+.Loop_enc1_1:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%r8),%xmm1
+	leaq	16(%r8),%r8
+	jnz	.Loop_enc1_1
+.byte	102,15,56,221,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%rdx)
+	pxor	%xmm2,%xmm2
+	.byte	0xf3,0xc3
+
+
+
+.globl	aesni_decrypt
+.def	aesni_decrypt;	.scl 2;	.type 32;	.endef
+.p2align	4
+aesni_decrypt:
+
+	movups	(%rcx),%xmm2
+	movl	240(%r8),%eax
+	movups	(%r8),%xmm0
+	movups	16(%r8),%xmm1
+	leaq	32(%r8),%r8
+	xorps	%xmm0,%xmm2
+.Loop_dec1_2:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%r8),%xmm1
+	leaq	16(%r8),%r8
+	jnz	.Loop_dec1_2
+.byte	102,15,56,223,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%rdx)
+	pxor	%xmm2,%xmm2
+	.byte	0xf3,0xc3
+
+
+.def	_aesni_encrypt2;	.scl 3;	.type 32;	.endef
+.p2align	4
+_aesni_encrypt2:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+	addq	$16,%rax
+
+.Lenc_loop2:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Lenc_loop2
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	.byte	0xf3,0xc3
+
+
+.def	_aesni_decrypt2;	.scl 3;	.type 32;	.endef
+.p2align	4
+_aesni_decrypt2:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+	addq	$16,%rax
+
+.Ldec_loop2:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Ldec_loop2
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+	.byte	0xf3,0xc3
+
+
+.def	_aesni_encrypt3;	.scl 3;	.type 32;	.endef
+.p2align	4
+_aesni_encrypt3:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	xorps	%xmm0,%xmm4
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+	addq	$16,%rax
+
+.Lenc_loop3:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Lenc_loop3
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+	.byte	0xf3,0xc3
+
+
+.def	_aesni_decrypt3;	.scl 3;	.type 32;	.endef
+.p2align	4
+_aesni_decrypt3:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	xorps	%xmm0,%xmm4
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+	addq	$16,%rax
+
+.Ldec_loop3:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Ldec_loop3
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+	.byte	0xf3,0xc3
+
+
+.def	_aesni_encrypt4;	.scl 3;	.type 32;	.endef
+.p2align	4
+_aesni_encrypt4:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	xorps	%xmm0,%xmm4
+	xorps	%xmm0,%xmm5
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	0x0f,0x1f,0x00
+	addq	$16,%rax
+
+.Lenc_loop4:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Lenc_loop4
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+	.byte	0xf3,0xc3
+
+
+.def	_aesni_decrypt4;	.scl 3;	.type 32;	.endef
+.p2align	4
+_aesni_decrypt4:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	xorps	%xmm0,%xmm4
+	xorps	%xmm0,%xmm5
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	0x0f,0x1f,0x00
+	addq	$16,%rax
+
+.Ldec_loop4:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Ldec_loop4
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+	.byte	0xf3,0xc3
+
+
+.def	_aesni_encrypt6;	.scl 3;	.type 32;	.endef
+.p2align	4
+_aesni_encrypt6:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+.byte	102,15,56,220,209
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,220,217
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+.byte	102,15,56,220,225
+	pxor	%xmm0,%xmm7
+	movups	(%rcx,%rax,1),%xmm0
+	addq	$16,%rax
+	jmp	.Lenc_loop6_enter
+.p2align	4
+.Lenc_loop6:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.Lenc_loop6_enter:
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Lenc_loop6
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+.byte	102,15,56,221,240
+.byte	102,15,56,221,248
+	.byte	0xf3,0xc3
+
+
+.def	_aesni_decrypt6;	.scl 3;	.type 32;	.endef
+.p2align	4
+_aesni_decrypt6:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+.byte	102,15,56,222,209
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,222,217
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+.byte	102,15,56,222,225
+	pxor	%xmm0,%xmm7
+	movups	(%rcx,%rax,1),%xmm0
+	addq	$16,%rax
+	jmp	.Ldec_loop6_enter
+.p2align	4
+.Ldec_loop6:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.Ldec_loop6_enter:
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Ldec_loop6
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+.byte	102,15,56,223,240
+.byte	102,15,56,223,248
+	.byte	0xf3,0xc3
+
+
+.def	_aesni_encrypt8;	.scl 3;	.type 32;	.endef
+.p2align	4
+_aesni_encrypt8:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,220,209
+	pxor	%xmm0,%xmm7
+	pxor	%xmm0,%xmm8
+.byte	102,15,56,220,217
+	pxor	%xmm0,%xmm9
+	movups	(%rcx,%rax,1),%xmm0
+	addq	$16,%rax
+	jmp	.Lenc_loop8_inner
+.p2align	4
+.Lenc_loop8:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.Lenc_loop8_inner:
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+.Lenc_loop8_enter:
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Lenc_loop8
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+.byte	102,15,56,221,240
+.byte	102,15,56,221,248
+.byte	102,68,15,56,221,192
+.byte	102,68,15,56,221,200
+	.byte	0xf3,0xc3
+
+
+.def	_aesni_decrypt8;	.scl 3;	.type 32;	.endef
+.p2align	4
+_aesni_decrypt8:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,222,209
+	pxor	%xmm0,%xmm7
+	pxor	%xmm0,%xmm8
+.byte	102,15,56,222,217
+	pxor	%xmm0,%xmm9
+	movups	(%rcx,%rax,1),%xmm0
+	addq	$16,%rax
+	jmp	.Ldec_loop8_inner
+.p2align	4
+.Ldec_loop8:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.Ldec_loop8_inner:
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+.Ldec_loop8_enter:
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Ldec_loop8
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+.byte	102,15,56,223,240
+.byte	102,15,56,223,248
+.byte	102,68,15,56,223,192
+.byte	102,68,15,56,223,200
+	.byte	0xf3,0xc3
+
+
+.globl	aesni_ecb_encrypt
+.def	aesni_ecb_encrypt;	.scl 2;	.type 32;	.endef
+.p2align	4
+aesni_ecb_encrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_aesni_ecb_encrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+	movq	40(%rsp),%r8
+
+
+	leaq	-88(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,16(%rsp)
+	movaps	%xmm8,32(%rsp)
+	movaps	%xmm9,48(%rsp)
+.Lecb_enc_body:
+	andq	$-16,%rdx
+	jz	.Lecb_ret
+
+	movl	240(%rcx),%eax
+	movups	(%rcx),%xmm0
+	movq	%rcx,%r11
+	movl	%eax,%r10d
+	testl	%r8d,%r8d
+	jz	.Lecb_decrypt
+
+	cmpq	$0x80,%rdx
+	jb	.Lecb_enc_tail
+
+	movdqu	(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	movdqu	48(%rdi),%xmm5
+	movdqu	64(%rdi),%xmm6
+	movdqu	80(%rdi),%xmm7
+	movdqu	96(%rdi),%xmm8
+	movdqu	112(%rdi),%xmm9
+	leaq	128(%rdi),%rdi
+	subq	$0x80,%rdx
+	jmp	.Lecb_enc_loop8_enter
+.p2align	4
+.Lecb_enc_loop8:
+	movups	%xmm2,(%rsi)
+	movq	%r11,%rcx
+	movdqu	(%rdi),%xmm2
+	movl	%r10d,%eax
+	movups	%xmm3,16(%rsi)
+	movdqu	16(%rdi),%xmm3
+	movups	%xmm4,32(%rsi)
+	movdqu	32(%rdi),%xmm4
+	movups	%xmm5,48(%rsi)
+	movdqu	48(%rdi),%xmm5
+	movups	%xmm6,64(%rsi)
+	movdqu	64(%rdi),%xmm6
+	movups	%xmm7,80(%rsi)
+	movdqu	80(%rdi),%xmm7
+	movups	%xmm8,96(%rsi)
+	movdqu	96(%rdi),%xmm8
+	movups	%xmm9,112(%rsi)
+	leaq	128(%rsi),%rsi
+	movdqu	112(%rdi),%xmm9
+	leaq	128(%rdi),%rdi
+.Lecb_enc_loop8_enter:
+
+	call	_aesni_encrypt8
+
+	subq	$0x80,%rdx
+	jnc	.Lecb_enc_loop8
+
+	movups	%xmm2,(%rsi)
+	movq	%r11,%rcx
+	movups	%xmm3,16(%rsi)
+	movl	%r10d,%eax
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	movups	%xmm7,80(%rsi)
+	movups	%xmm8,96(%rsi)
+	movups	%xmm9,112(%rsi)
+	leaq	128(%rsi),%rsi
+	addq	$0x80,%rdx
+	jz	.Lecb_ret
+
+.Lecb_enc_tail:
+	movups	(%rdi),%xmm2
+	cmpq	$0x20,%rdx
+	jb	.Lecb_enc_one
+	movups	16(%rdi),%xmm3
+	je	.Lecb_enc_two
+	movups	32(%rdi),%xmm4
+	cmpq	$0x40,%rdx
+	jb	.Lecb_enc_three
+	movups	48(%rdi),%xmm5
+	je	.Lecb_enc_four
+	movups	64(%rdi),%xmm6
+	cmpq	$0x60,%rdx
+	jb	.Lecb_enc_five
+	movups	80(%rdi),%xmm7
+	je	.Lecb_enc_six
+	movdqu	96(%rdi),%xmm8
+	xorps	%xmm9,%xmm9
+	call	_aesni_encrypt8
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	movups	%xmm7,80(%rsi)
+	movups	%xmm8,96(%rsi)
+	jmp	.Lecb_ret
+.p2align	4
+.Lecb_enc_one:
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_enc1_3:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_enc1_3
+.byte	102,15,56,221,209
+	movups	%xmm2,(%rsi)
+	jmp	.Lecb_ret
+.p2align	4
+.Lecb_enc_two:
+	call	_aesni_encrypt2
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	jmp	.Lecb_ret
+.p2align	4
+.Lecb_enc_three:
+	call	_aesni_encrypt3
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	jmp	.Lecb_ret
+.p2align	4
+.Lecb_enc_four:
+	call	_aesni_encrypt4
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	jmp	.Lecb_ret
+.p2align	4
+.Lecb_enc_five:
+	xorps	%xmm7,%xmm7
+	call	_aesni_encrypt6
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	jmp	.Lecb_ret
+.p2align	4
+.Lecb_enc_six:
+	call	_aesni_encrypt6
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	movups	%xmm7,80(%rsi)
+	jmp	.Lecb_ret
+
+.p2align	4
+.Lecb_decrypt:
+	cmpq	$0x80,%rdx
+	jb	.Lecb_dec_tail
+
+	movdqu	(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	movdqu	48(%rdi),%xmm5
+	movdqu	64(%rdi),%xmm6
+	movdqu	80(%rdi),%xmm7
+	movdqu	96(%rdi),%xmm8
+	movdqu	112(%rdi),%xmm9
+	leaq	128(%rdi),%rdi
+	subq	$0x80,%rdx
+	jmp	.Lecb_dec_loop8_enter
+.p2align	4
+.Lecb_dec_loop8:
+	movups	%xmm2,(%rsi)
+	movq	%r11,%rcx
+	movdqu	(%rdi),%xmm2
+	movl	%r10d,%eax
+	movups	%xmm3,16(%rsi)
+	movdqu	16(%rdi),%xmm3
+	movups	%xmm4,32(%rsi)
+	movdqu	32(%rdi),%xmm4
+	movups	%xmm5,48(%rsi)
+	movdqu	48(%rdi),%xmm5
+	movups	%xmm6,64(%rsi)
+	movdqu	64(%rdi),%xmm6
+	movups	%xmm7,80(%rsi)
+	movdqu	80(%rdi),%xmm7
+	movups	%xmm8,96(%rsi)
+	movdqu	96(%rdi),%xmm8
+	movups	%xmm9,112(%rsi)
+	leaq	128(%rsi),%rsi
+	movdqu	112(%rdi),%xmm9
+	leaq	128(%rdi),%rdi
+.Lecb_dec_loop8_enter:
+
+	call	_aesni_decrypt8
+
+	movups	(%r11),%xmm0
+	subq	$0x80,%rdx
+	jnc	.Lecb_dec_loop8
+
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movq	%r11,%rcx
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movl	%r10d,%eax
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	movups	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm7
+	movups	%xmm8,96(%rsi)
+	pxor	%xmm8,%xmm8
+	movups	%xmm9,112(%rsi)
+	pxor	%xmm9,%xmm9
+	leaq	128(%rsi),%rsi
+	addq	$0x80,%rdx
+	jz	.Lecb_ret
+
+.Lecb_dec_tail:
+	movups	(%rdi),%xmm2
+	cmpq	$0x20,%rdx
+	jb	.Lecb_dec_one
+	movups	16(%rdi),%xmm3
+	je	.Lecb_dec_two
+	movups	32(%rdi),%xmm4
+	cmpq	$0x40,%rdx
+	jb	.Lecb_dec_three
+	movups	48(%rdi),%xmm5
+	je	.Lecb_dec_four
+	movups	64(%rdi),%xmm6
+	cmpq	$0x60,%rdx
+	jb	.Lecb_dec_five
+	movups	80(%rdi),%xmm7
+	je	.Lecb_dec_six
+	movups	96(%rdi),%xmm8
+	movups	(%rcx),%xmm0
+	xorps	%xmm9,%xmm9
+	call	_aesni_decrypt8
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	movups	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm7
+	movups	%xmm8,96(%rsi)
+	pxor	%xmm8,%xmm8
+	pxor	%xmm9,%xmm9
+	jmp	.Lecb_ret
+.p2align	4
+.Lecb_dec_one:
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_dec1_4:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_dec1_4
+.byte	102,15,56,223,209
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	jmp	.Lecb_ret
+.p2align	4
+.Lecb_dec_two:
+	call	_aesni_decrypt2
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	jmp	.Lecb_ret
+.p2align	4
+.Lecb_dec_three:
+	call	_aesni_decrypt3
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	jmp	.Lecb_ret
+.p2align	4
+.Lecb_dec_four:
+	call	_aesni_decrypt4
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	jmp	.Lecb_ret
+.p2align	4
+.Lecb_dec_five:
+	xorps	%xmm7,%xmm7
+	call	_aesni_decrypt6
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	jmp	.Lecb_ret
+.p2align	4
+.Lecb_dec_six:
+	call	_aesni_decrypt6
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	movups	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm7
+
+.Lecb_ret:
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movaps	(%rsp),%xmm6
+	movaps	%xmm0,(%rsp)
+	movaps	16(%rsp),%xmm7
+	movaps	%xmm0,16(%rsp)
+	movaps	32(%rsp),%xmm8
+	movaps	%xmm0,32(%rsp)
+	movaps	48(%rsp),%xmm9
+	movaps	%xmm0,48(%rsp)
+	leaq	88(%rsp),%rsp
+.Lecb_enc_ret:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_aesni_ecb_encrypt:
+.globl	aesni_ccm64_encrypt_blocks
+.def	aesni_ccm64_encrypt_blocks;	.scl 2;	.type 32;	.endef
+.p2align	4
+aesni_ccm64_encrypt_blocks:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_aesni_ccm64_encrypt_blocks:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+	movq	40(%rsp),%r8
+	movq	48(%rsp),%r9
+
+
+	leaq	-88(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,16(%rsp)
+	movaps	%xmm8,32(%rsp)
+	movaps	%xmm9,48(%rsp)
+.Lccm64_enc_body:
+	movl	240(%rcx),%eax
+	movdqu	(%r8),%xmm6
+	movdqa	.Lincrement64(%rip),%xmm9
+	movdqa	.Lbswap_mask(%rip),%xmm7
+
+	shll	$4,%eax
+	movl	$16,%r10d
+	leaq	0(%rcx),%r11
+	movdqu	(%r9),%xmm3
+	movdqa	%xmm6,%xmm2
+	leaq	32(%rcx,%rax,1),%rcx
+.byte	102,15,56,0,247
+	subq	%rax,%r10
+	jmp	.Lccm64_enc_outer
+.p2align	4
+.Lccm64_enc_outer:
+	movups	(%r11),%xmm0
+	movq	%r10,%rax
+	movups	(%rdi),%xmm8
+
+	xorps	%xmm0,%xmm2
+	movups	16(%r11),%xmm1
+	xorps	%xmm8,%xmm0
+	xorps	%xmm0,%xmm3
+	movups	32(%r11),%xmm0
+
+.Lccm64_enc2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Lccm64_enc2_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	paddq	%xmm9,%xmm6
+	decq	%rdx
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+
+	leaq	16(%rdi),%rdi
+	xorps	%xmm2,%xmm8
+	movdqa	%xmm6,%xmm2
+	movups	%xmm8,(%rsi)
+.byte	102,15,56,0,215
+	leaq	16(%rsi),%rsi
+	jnz	.Lccm64_enc_outer
+
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,(%r9)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm8,%xmm8
+	pxor	%xmm6,%xmm6
+	movaps	(%rsp),%xmm6
+	movaps	%xmm0,(%rsp)
+	movaps	16(%rsp),%xmm7
+	movaps	%xmm0,16(%rsp)
+	movaps	32(%rsp),%xmm8
+	movaps	%xmm0,32(%rsp)
+	movaps	48(%rsp),%xmm9
+	movaps	%xmm0,48(%rsp)
+	leaq	88(%rsp),%rsp
+.Lccm64_enc_ret:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_aesni_ccm64_encrypt_blocks:
+.globl	aesni_ccm64_decrypt_blocks
+.def	aesni_ccm64_decrypt_blocks;	.scl 2;	.type 32;	.endef
+.p2align	4
+aesni_ccm64_decrypt_blocks:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_aesni_ccm64_decrypt_blocks:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+	movq	40(%rsp),%r8
+	movq	48(%rsp),%r9
+
+
+	leaq	-88(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,16(%rsp)
+	movaps	%xmm8,32(%rsp)
+	movaps	%xmm9,48(%rsp)
+.Lccm64_dec_body:
+	movl	240(%rcx),%eax
+	movups	(%r8),%xmm6
+	movdqu	(%r9),%xmm3
+	movdqa	.Lincrement64(%rip),%xmm9
+	movdqa	.Lbswap_mask(%rip),%xmm7
+
+	movaps	%xmm6,%xmm2
+	movl	%eax,%r10d
+	movq	%rcx,%r11
+.byte	102,15,56,0,247
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_enc1_5:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_enc1_5
+.byte	102,15,56,221,209
+	shll	$4,%r10d
+	movl	$16,%eax
+	movups	(%rdi),%xmm8
+	paddq	%xmm9,%xmm6
+	leaq	16(%rdi),%rdi
+	subq	%r10,%rax
+	leaq	32(%r11,%r10,1),%rcx
+	movq	%rax,%r10
+	jmp	.Lccm64_dec_outer
+.p2align	4
+.Lccm64_dec_outer:
+	xorps	%xmm2,%xmm8
+	movdqa	%xmm6,%xmm2
+	movups	%xmm8,(%rsi)
+	leaq	16(%rsi),%rsi
+.byte	102,15,56,0,215
+
+	subq	$1,%rdx
+	jz	.Lccm64_dec_break
+
+	movups	(%r11),%xmm0
+	movq	%r10,%rax
+	movups	16(%r11),%xmm1
+	xorps	%xmm0,%xmm8
+	xorps	%xmm0,%xmm2
+	xorps	%xmm8,%xmm3
+	movups	32(%r11),%xmm0
+	jmp	.Lccm64_dec2_loop
+.p2align	4
+.Lccm64_dec2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Lccm64_dec2_loop
+	movups	(%rdi),%xmm8
+	paddq	%xmm9,%xmm6
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	leaq	16(%rdi),%rdi
+	jmp	.Lccm64_dec_outer
+
+.p2align	4
+.Lccm64_dec_break:
+
+	movl	240(%r11),%eax
+	movups	(%r11),%xmm0
+	movups	16(%r11),%xmm1
+	xorps	%xmm0,%xmm8
+	leaq	32(%r11),%r11
+	xorps	%xmm8,%xmm3
+.Loop_enc1_6:
+.byte	102,15,56,220,217
+	decl	%eax
+	movups	(%r11),%xmm1
+	leaq	16(%r11),%r11
+	jnz	.Loop_enc1_6
+.byte	102,15,56,221,217
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,(%r9)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm8,%xmm8
+	pxor	%xmm6,%xmm6
+	movaps	(%rsp),%xmm6
+	movaps	%xmm0,(%rsp)
+	movaps	16(%rsp),%xmm7
+	movaps	%xmm0,16(%rsp)
+	movaps	32(%rsp),%xmm8
+	movaps	%xmm0,32(%rsp)
+	movaps	48(%rsp),%xmm9
+	movaps	%xmm0,48(%rsp)
+	leaq	88(%rsp),%rsp
+.Lccm64_dec_ret:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_aesni_ccm64_decrypt_blocks:
+.globl	aesni_ctr32_encrypt_blocks
+.def	aesni_ctr32_encrypt_blocks;	.scl 2;	.type 32;	.endef
+.p2align	4
+aesni_ctr32_encrypt_blocks:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_aesni_ctr32_encrypt_blocks:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+	movq	40(%rsp),%r8
+
+
+	cmpq	$1,%rdx
+	jne	.Lctr32_bulk
+
+
+
+	movups	(%r8),%xmm2
+	movups	(%rdi),%xmm3
+	movl	240(%rcx),%edx
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_enc1_7:
+.byte	102,15,56,220,209
+	decl	%edx
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_enc1_7
+.byte	102,15,56,221,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	xorps	%xmm3,%xmm2
+	pxor	%xmm3,%xmm3
+	movups	%xmm2,(%rsi)
+	xorps	%xmm2,%xmm2
+	jmp	.Lctr32_epilogue
+
+.p2align	4
+.Lctr32_bulk:
+	leaq	(%rsp),%r11
+
+	pushq	%rbp
+
+	subq	$288,%rsp
+	andq	$-16,%rsp
+	movaps	%xmm6,-168(%r11)
+	movaps	%xmm7,-152(%r11)
+	movaps	%xmm8,-136(%r11)
+	movaps	%xmm9,-120(%r11)
+	movaps	%xmm10,-104(%r11)
+	movaps	%xmm11,-88(%r11)
+	movaps	%xmm12,-72(%r11)
+	movaps	%xmm13,-56(%r11)
+	movaps	%xmm14,-40(%r11)
+	movaps	%xmm15,-24(%r11)
+.Lctr32_body:
+
+
+
+
+	movdqu	(%r8),%xmm2
+	movdqu	(%rcx),%xmm0
+	movl	12(%r8),%r8d
+	pxor	%xmm0,%xmm2
+	movl	12(%rcx),%ebp
+	movdqa	%xmm2,0(%rsp)
+	bswapl	%r8d
+	movdqa	%xmm2,%xmm3
+	movdqa	%xmm2,%xmm4
+	movdqa	%xmm2,%xmm5
+	movdqa	%xmm2,64(%rsp)
+	movdqa	%xmm2,80(%rsp)
+	movdqa	%xmm2,96(%rsp)
+	movq	%rdx,%r10
+	movdqa	%xmm2,112(%rsp)
+
+	leaq	1(%r8),%rax
+	leaq	2(%r8),%rdx
+	bswapl	%eax
+	bswapl	%edx
+	xorl	%ebp,%eax
+	xorl	%ebp,%edx
+.byte	102,15,58,34,216,3
+	leaq	3(%r8),%rax
+	movdqa	%xmm3,16(%rsp)
+.byte	102,15,58,34,226,3
+	bswapl	%eax
+	movq	%r10,%rdx
+	leaq	4(%r8),%r10
+	movdqa	%xmm4,32(%rsp)
+	xorl	%ebp,%eax
+	bswapl	%r10d
+.byte	102,15,58,34,232,3
+	xorl	%ebp,%r10d
+	movdqa	%xmm5,48(%rsp)
+	leaq	5(%r8),%r9
+	movl	%r10d,64+12(%rsp)
+	bswapl	%r9d
+	leaq	6(%r8),%r10
+	movl	240(%rcx),%eax
+	xorl	%ebp,%r9d
+	bswapl	%r10d
+	movl	%r9d,80+12(%rsp)
+	xorl	%ebp,%r10d
+	leaq	7(%r8),%r9
+	movl	%r10d,96+12(%rsp)
+	bswapl	%r9d
+	movl	GNUTLS_x86_cpuid_s+4(%rip),%r10d
+	xorl	%ebp,%r9d
+	andl	$71303168,%r10d
+	movl	%r9d,112+12(%rsp)
+
+	movups	16(%rcx),%xmm1
+
+	movdqa	64(%rsp),%xmm6
+	movdqa	80(%rsp),%xmm7
+
+	cmpq	$8,%rdx
+	jb	.Lctr32_tail
+
+	subq	$6,%rdx
+	cmpl	$4194304,%r10d
+	je	.Lctr32_6x
+
+	leaq	128(%rcx),%rcx
+	subq	$2,%rdx
+	jmp	.Lctr32_loop8
+
+.p2align	4
+.Lctr32_6x:
+	shll	$4,%eax
+	movl	$48,%r10d
+	bswapl	%ebp
+	leaq	32(%rcx,%rax,1),%rcx
+	subq	%rax,%r10
+	jmp	.Lctr32_loop6
+
+.p2align	4
+.Lctr32_loop6:
+	addl	$6,%r8d
+	movups	-48(%rcx,%r10,1),%xmm0
+.byte	102,15,56,220,209
+	movl	%r8d,%eax
+	xorl	%ebp,%eax
+.byte	102,15,56,220,217
+.byte	0x0f,0x38,0xf1,0x44,0x24,12
+	leal	1(%r8),%eax
+.byte	102,15,56,220,225
+	xorl	%ebp,%eax
+.byte	0x0f,0x38,0xf1,0x44,0x24,28
+.byte	102,15,56,220,233
+	leal	2(%r8),%eax
+	xorl	%ebp,%eax
+.byte	102,15,56,220,241
+.byte	0x0f,0x38,0xf1,0x44,0x24,44
+	leal	3(%r8),%eax
+.byte	102,15,56,220,249
+	movups	-32(%rcx,%r10,1),%xmm1
+	xorl	%ebp,%eax
+
+.byte	102,15,56,220,208
+.byte	0x0f,0x38,0xf1,0x44,0x24,60
+	leal	4(%r8),%eax
+.byte	102,15,56,220,216
+	xorl	%ebp,%eax
+.byte	0x0f,0x38,0xf1,0x44,0x24,76
+.byte	102,15,56,220,224
+	leal	5(%r8),%eax
+	xorl	%ebp,%eax
+.byte	102,15,56,220,232
+.byte	0x0f,0x38,0xf1,0x44,0x24,92
+	movq	%r10,%rax
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-16(%rcx,%r10,1),%xmm0
+
+	call	.Lenc_loop6
+
+	movdqu	(%rdi),%xmm8
+	movdqu	16(%rdi),%xmm9
+	movdqu	32(%rdi),%xmm10
+	movdqu	48(%rdi),%xmm11
+	movdqu	64(%rdi),%xmm12
+	movdqu	80(%rdi),%xmm13
+	leaq	96(%rdi),%rdi
+	movups	-64(%rcx,%r10,1),%xmm1
+	pxor	%xmm2,%xmm8
+	movaps	0(%rsp),%xmm2
+	pxor	%xmm3,%xmm9
+	movaps	16(%rsp),%xmm3
+	pxor	%xmm4,%xmm10
+	movaps	32(%rsp),%xmm4
+	pxor	%xmm5,%xmm11
+	movaps	48(%rsp),%xmm5
+	pxor	%xmm6,%xmm12
+	movaps	64(%rsp),%xmm6
+	pxor	%xmm7,%xmm13
+	movaps	80(%rsp),%xmm7
+	movdqu	%xmm8,(%rsi)
+	movdqu	%xmm9,16(%rsi)
+	movdqu	%xmm10,32(%rsi)
+	movdqu	%xmm11,48(%rsi)
+	movdqu	%xmm12,64(%rsi)
+	movdqu	%xmm13,80(%rsi)
+	leaq	96(%rsi),%rsi
+
+	subq	$6,%rdx
+	jnc	.Lctr32_loop6
+
+	addq	$6,%rdx
+	jz	.Lctr32_done
+
+	leal	-48(%r10),%eax
+	leaq	-80(%rcx,%r10,1),%rcx
+	negl	%eax
+	shrl	$4,%eax
+	jmp	.Lctr32_tail
+
+.p2align	5
+.Lctr32_loop8:
+	addl	$8,%r8d
+	movdqa	96(%rsp),%xmm8
+.byte	102,15,56,220,209
+	movl	%r8d,%r9d
+	movdqa	112(%rsp),%xmm9
+.byte	102,15,56,220,217
+	bswapl	%r9d
+	movups	32-128(%rcx),%xmm0
+.byte	102,15,56,220,225
+	xorl	%ebp,%r9d
+	nop
+.byte	102,15,56,220,233
+	movl	%r9d,0+12(%rsp)
+	leaq	1(%r8),%r9
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	48-128(%rcx),%xmm1
+	bswapl	%r9d
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movl	%r9d,16+12(%rsp)
+	leaq	2(%r8),%r9
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	64-128(%rcx),%xmm0
+	bswapl	%r9d
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movl	%r9d,32+12(%rsp)
+	leaq	3(%r8),%r9
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	80-128(%rcx),%xmm1
+	bswapl	%r9d
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movl	%r9d,48+12(%rsp)
+	leaq	4(%r8),%r9
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	96-128(%rcx),%xmm0
+	bswapl	%r9d
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movl	%r9d,64+12(%rsp)
+	leaq	5(%r8),%r9
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	112-128(%rcx),%xmm1
+	bswapl	%r9d
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movl	%r9d,80+12(%rsp)
+	leaq	6(%r8),%r9
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	128-128(%rcx),%xmm0
+	bswapl	%r9d
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movl	%r9d,96+12(%rsp)
+	leaq	7(%r8),%r9
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	144-128(%rcx),%xmm1
+	bswapl	%r9d
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+	xorl	%ebp,%r9d
+	movdqu	0(%rdi),%xmm10
+.byte	102,15,56,220,232
+	movl	%r9d,112+12(%rsp)
+	cmpl	$11,%eax
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	160-128(%rcx),%xmm0
+
+	jb	.Lctr32_enc_done
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	176-128(%rcx),%xmm1
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	192-128(%rcx),%xmm0
+	je	.Lctr32_enc_done
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	208-128(%rcx),%xmm1
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	224-128(%rcx),%xmm0
+	jmp	.Lctr32_enc_done
+
+.p2align	4
+.Lctr32_enc_done:
+	movdqu	16(%rdi),%xmm11
+	pxor	%xmm0,%xmm10
+	movdqu	32(%rdi),%xmm12
+	pxor	%xmm0,%xmm11
+	movdqu	48(%rdi),%xmm13
+	pxor	%xmm0,%xmm12
+	movdqu	64(%rdi),%xmm14
+	pxor	%xmm0,%xmm13
+	movdqu	80(%rdi),%xmm15
+	pxor	%xmm0,%xmm14
+	pxor	%xmm0,%xmm15
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movdqu	96(%rdi),%xmm1
+	leaq	128(%rdi),%rdi
+
+.byte	102,65,15,56,221,210
+	pxor	%xmm0,%xmm1
+	movdqu	112-128(%rdi),%xmm10
+.byte	102,65,15,56,221,219
+	pxor	%xmm0,%xmm10
+	movdqa	0(%rsp),%xmm11
+.byte	102,65,15,56,221,228
+.byte	102,65,15,56,221,237
+	movdqa	16(%rsp),%xmm12
+	movdqa	32(%rsp),%xmm13
+.byte	102,65,15,56,221,246
+.byte	102,65,15,56,221,255
+	movdqa	48(%rsp),%xmm14
+	movdqa	64(%rsp),%xmm15
+.byte	102,68,15,56,221,193
+	movdqa	80(%rsp),%xmm0
+	movups	16-128(%rcx),%xmm1
+.byte	102,69,15,56,221,202
+
+	movups	%xmm2,(%rsi)
+	movdqa	%xmm11,%xmm2
+	movups	%xmm3,16(%rsi)
+	movdqa	%xmm12,%xmm3
+	movups	%xmm4,32(%rsi)
+	movdqa	%xmm13,%xmm4
+	movups	%xmm5,48(%rsi)
+	movdqa	%xmm14,%xmm5
+	movups	%xmm6,64(%rsi)
+	movdqa	%xmm15,%xmm6
+	movups	%xmm7,80(%rsi)
+	movdqa	%xmm0,%xmm7
+	movups	%xmm8,96(%rsi)
+	movups	%xmm9,112(%rsi)
+	leaq	128(%rsi),%rsi
+
+	subq	$8,%rdx
+	jnc	.Lctr32_loop8
+
+	addq	$8,%rdx
+	jz	.Lctr32_done
+	leaq	-128(%rcx),%rcx
+
+.Lctr32_tail:
+
+
+	leaq	16(%rcx),%rcx
+	cmpq	$4,%rdx
+	jb	.Lctr32_loop3
+	je	.Lctr32_loop4
+
+
+	shll	$4,%eax
+	movdqa	96(%rsp),%xmm8
+	pxor	%xmm9,%xmm9
+
+	movups	16(%rcx),%xmm0
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	leaq	32-16(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,220,225
+	addq	$16,%rax
+	movups	(%rdi),%xmm10
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+	movups	16(%rdi),%xmm11
+	movups	32(%rdi),%xmm12
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+
+	call	.Lenc_loop8_enter
+
+	movdqu	48(%rdi),%xmm13
+	pxor	%xmm10,%xmm2
+	movdqu	64(%rdi),%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm10,%xmm6
+	movdqu	%xmm5,48(%rsi)
+	movdqu	%xmm6,64(%rsi)
+	cmpq	$6,%rdx
+	jb	.Lctr32_done
+
+	movups	80(%rdi),%xmm11
+	xorps	%xmm11,%xmm7
+	movups	%xmm7,80(%rsi)
+	je	.Lctr32_done
+
+	movups	96(%rdi),%xmm12
+	xorps	%xmm12,%xmm8
+	movups	%xmm8,96(%rsi)
+	jmp	.Lctr32_done
+
+.p2align	5
+.Lctr32_loop4:
+.byte	102,15,56,220,209
+	leaq	16(%rcx),%rcx
+	decl	%eax
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	(%rcx),%xmm1
+	jnz	.Lctr32_loop4
+.byte	102,15,56,221,209
+.byte	102,15,56,221,217
+	movups	(%rdi),%xmm10
+	movups	16(%rdi),%xmm11
+.byte	102,15,56,221,225
+.byte	102,15,56,221,233
+	movups	32(%rdi),%xmm12
+	movups	48(%rdi),%xmm13
+
+	xorps	%xmm10,%xmm2
+	movups	%xmm2,(%rsi)
+	xorps	%xmm11,%xmm3
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm5,48(%rsi)
+	jmp	.Lctr32_done
+
+.p2align	5
+.Lctr32_loop3:
+.byte	102,15,56,220,209
+	leaq	16(%rcx),%rcx
+	decl	%eax
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+	movups	(%rcx),%xmm1
+	jnz	.Lctr32_loop3
+.byte	102,15,56,221,209
+.byte	102,15,56,221,217
+.byte	102,15,56,221,225
+
+	movups	(%rdi),%xmm10
+	xorps	%xmm10,%xmm2
+	movups	%xmm2,(%rsi)
+	cmpq	$2,%rdx
+	jb	.Lctr32_done
+
+	movups	16(%rdi),%xmm11
+	xorps	%xmm11,%xmm3
+	movups	%xmm3,16(%rsi)
+	je	.Lctr32_done
+
+	movups	32(%rdi),%xmm12
+	xorps	%xmm12,%xmm4
+	movups	%xmm4,32(%rsi)
+
+.Lctr32_done:
+	xorps	%xmm0,%xmm0
+	xorl	%ebp,%ebp
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	movaps	-168(%r11),%xmm6
+	movaps	%xmm0,-168(%r11)
+	movaps	-152(%r11),%xmm7
+	movaps	%xmm0,-152(%r11)
+	movaps	-136(%r11),%xmm8
+	movaps	%xmm0,-136(%r11)
+	movaps	-120(%r11),%xmm9
+	movaps	%xmm0,-120(%r11)
+	movaps	-104(%r11),%xmm10
+	movaps	%xmm0,-104(%r11)
+	movaps	-88(%r11),%xmm11
+	movaps	%xmm0,-88(%r11)
+	movaps	-72(%r11),%xmm12
+	movaps	%xmm0,-72(%r11)
+	movaps	-56(%r11),%xmm13
+	movaps	%xmm0,-56(%r11)
+	movaps	-40(%r11),%xmm14
+	movaps	%xmm0,-40(%r11)
+	movaps	-24(%r11),%xmm15
+	movaps	%xmm0,-24(%r11)
+	movaps	%xmm0,0(%rsp)
+	movaps	%xmm0,16(%rsp)
+	movaps	%xmm0,32(%rsp)
+	movaps	%xmm0,48(%rsp)
+	movaps	%xmm0,64(%rsp)
+	movaps	%xmm0,80(%rsp)
+	movaps	%xmm0,96(%rsp)
+	movaps	%xmm0,112(%rsp)
+	movq	-8(%r11),%rbp
+
+	leaq	(%r11),%rsp
+
+.Lctr32_epilogue:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_aesni_ctr32_encrypt_blocks:
+.globl	aesni_xts_encrypt
+.def	aesni_xts_encrypt;	.scl 2;	.type 32;	.endef
+.p2align	4
+aesni_xts_encrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_aesni_xts_encrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+	movq	40(%rsp),%r8
+	movq	48(%rsp),%r9
+
+
+	leaq	(%rsp),%r11
+
+	pushq	%rbp
+
+	subq	$272,%rsp
+	andq	$-16,%rsp
+	movaps	%xmm6,-168(%r11)
+	movaps	%xmm7,-152(%r11)
+	movaps	%xmm8,-136(%r11)
+	movaps	%xmm9,-120(%r11)
+	movaps	%xmm10,-104(%r11)
+	movaps	%xmm11,-88(%r11)
+	movaps	%xmm12,-72(%r11)
+	movaps	%xmm13,-56(%r11)
+	movaps	%xmm14,-40(%r11)
+	movaps	%xmm15,-24(%r11)
+.Lxts_enc_body:
+	movups	(%r9),%xmm2
+	movl	240(%r8),%eax
+	movl	240(%rcx),%r10d
+	movups	(%r8),%xmm0
+	movups	16(%r8),%xmm1
+	leaq	32(%r8),%r8
+	xorps	%xmm0,%xmm2
+.Loop_enc1_8:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%r8),%xmm1
+	leaq	16(%r8),%r8
+	jnz	.Loop_enc1_8
+.byte	102,15,56,221,209
+	movups	(%rcx),%xmm0
+	movq	%rcx,%rbp
+	movl	%r10d,%eax
+	shll	$4,%r10d
+	movq	%rdx,%r9
+	andq	$-16,%rdx
+
+	movups	16(%rcx,%r10,1),%xmm1
+
+	movdqa	.Lxts_magic(%rip),%xmm8
+	movdqa	%xmm2,%xmm15
+	pshufd	$0x5f,%xmm2,%xmm9
+	pxor	%xmm0,%xmm1
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm10
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm10
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm11
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm11
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm12
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm12
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm13
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm13
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm15,%xmm14
+	psrad	$31,%xmm9
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm9
+	pxor	%xmm0,%xmm14
+	pxor	%xmm9,%xmm15
+	movaps	%xmm1,96(%rsp)
+
+	subq	$96,%rdx
+	jc	.Lxts_enc_short
+
+	movl	$16+96,%eax
+	leaq	32(%rbp,%r10,1),%rcx
+	subq	%r10,%rax
+	movups	16(%rbp),%xmm1
+	movq	%rax,%r10
+	leaq	.Lxts_magic(%rip),%r8
+	jmp	.Lxts_enc_grandloop
+
+.p2align	5
+.Lxts_enc_grandloop:
+	movdqu	0(%rdi),%xmm2
+	movdqa	%xmm0,%xmm8
+	movdqu	16(%rdi),%xmm3
+	pxor	%xmm10,%xmm2
+	movdqu	32(%rdi),%xmm4
+	pxor	%xmm11,%xmm3
+.byte	102,15,56,220,209
+	movdqu	48(%rdi),%xmm5
+	pxor	%xmm12,%xmm4
+.byte	102,15,56,220,217
+	movdqu	64(%rdi),%xmm6
+	pxor	%xmm13,%xmm5
+.byte	102,15,56,220,225
+	movdqu	80(%rdi),%xmm7
+	pxor	%xmm15,%xmm8
+	movdqa	96(%rsp),%xmm9
+	pxor	%xmm14,%xmm6
+.byte	102,15,56,220,233
+	movups	32(%rbp),%xmm0
+	leaq	96(%rdi),%rdi
+	pxor	%xmm8,%xmm7
+
+	pxor	%xmm9,%xmm10
+.byte	102,15,56,220,241
+	pxor	%xmm9,%xmm11
+	movdqa	%xmm10,0(%rsp)
+.byte	102,15,56,220,249
+	movups	48(%rbp),%xmm1
+	pxor	%xmm9,%xmm12
+
+.byte	102,15,56,220,208
+	pxor	%xmm9,%xmm13
+	movdqa	%xmm11,16(%rsp)
+.byte	102,15,56,220,216
+	pxor	%xmm9,%xmm14
+	movdqa	%xmm12,32(%rsp)
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	pxor	%xmm9,%xmm8
+	movdqa	%xmm14,64(%rsp)
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	64(%rbp),%xmm0
+	movdqa	%xmm8,80(%rsp)
+	pshufd	$0x5f,%xmm15,%xmm9
+	jmp	.Lxts_enc_loop6
+.p2align	5
+.Lxts_enc_loop6:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	-64(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-80(%rcx,%rax,1),%xmm0
+	jnz	.Lxts_enc_loop6
+
+	movdqa	(%r8),%xmm8
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,220,209
+	paddq	%xmm15,%xmm15
+	psrad	$31,%xmm14
+.byte	102,15,56,220,217
+	pand	%xmm8,%xmm14
+	movups	(%rbp),%xmm10
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+	pxor	%xmm14,%xmm15
+	movaps	%xmm10,%xmm11
+.byte	102,15,56,220,249
+	movups	-64(%rcx),%xmm1
+
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,220,208
+	paddd	%xmm9,%xmm9
+	pxor	%xmm15,%xmm10
+.byte	102,15,56,220,216
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	pand	%xmm8,%xmm14
+	movaps	%xmm11,%xmm12
+.byte	102,15,56,220,240
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,220,248
+	movups	-48(%rcx),%xmm0
+
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,220,209
+	pxor	%xmm15,%xmm11
+	psrad	$31,%xmm14
+.byte	102,15,56,220,217
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movdqa	%xmm13,48(%rsp)
+	pxor	%xmm14,%xmm15
+.byte	102,15,56,220,241
+	movaps	%xmm12,%xmm13
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,220,249
+	movups	-32(%rcx),%xmm1
+
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,220,208
+	pxor	%xmm15,%xmm12
+	psrad	$31,%xmm14
+.byte	102,15,56,220,216
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+	pxor	%xmm14,%xmm15
+	movaps	%xmm13,%xmm14
+.byte	102,15,56,220,248
+
+	movdqa	%xmm9,%xmm0
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,220,209
+	pxor	%xmm15,%xmm13
+	psrad	$31,%xmm0
+.byte	102,15,56,220,217
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm0
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	pxor	%xmm0,%xmm15
+	movups	(%rbp),%xmm0
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	16(%rbp),%xmm1
+
+	pxor	%xmm15,%xmm14
+.byte	102,15,56,221,84,36,0
+	psrad	$31,%xmm9
+	paddq	%xmm15,%xmm15
+.byte	102,15,56,221,92,36,16
+.byte	102,15,56,221,100,36,32
+	pand	%xmm8,%xmm9
+	movq	%r10,%rax
+.byte	102,15,56,221,108,36,48
+.byte	102,15,56,221,116,36,64
+.byte	102,15,56,221,124,36,80
+	pxor	%xmm9,%xmm15
+
+	leaq	96(%rsi),%rsi
+	movups	%xmm2,-96(%rsi)
+	movups	%xmm3,-80(%rsi)
+	movups	%xmm4,-64(%rsi)
+	movups	%xmm5,-48(%rsi)
+	movups	%xmm6,-32(%rsi)
+	movups	%xmm7,-16(%rsi)
+	subq	$96,%rdx
+	jnc	.Lxts_enc_grandloop
+
+	movl	$16+96,%eax
+	subl	%r10d,%eax
+	movq	%rbp,%rcx
+	shrl	$4,%eax
+
+.Lxts_enc_short:
+
+	movl	%eax,%r10d
+	pxor	%xmm0,%xmm10
+	addq	$96,%rdx
+	jz	.Lxts_enc_done
+
+	pxor	%xmm0,%xmm11
+	cmpq	$0x20,%rdx
+	jb	.Lxts_enc_one
+	pxor	%xmm0,%xmm12
+	je	.Lxts_enc_two
+
+	pxor	%xmm0,%xmm13
+	cmpq	$0x40,%rdx
+	jb	.Lxts_enc_three
+	pxor	%xmm0,%xmm14
+	je	.Lxts_enc_four
+
+	movdqu	(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	pxor	%xmm10,%xmm2
+	movdqu	48(%rdi),%xmm5
+	pxor	%xmm11,%xmm3
+	movdqu	64(%rdi),%xmm6
+	leaq	80(%rdi),%rdi
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm5
+	pxor	%xmm14,%xmm6
+	pxor	%xmm7,%xmm7
+
+	call	_aesni_encrypt6
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm15,%xmm10
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	movdqu	%xmm2,(%rsi)
+	xorps	%xmm13,%xmm5
+	movdqu	%xmm3,16(%rsi)
+	xorps	%xmm14,%xmm6
+	movdqu	%xmm4,32(%rsi)
+	movdqu	%xmm5,48(%rsi)
+	movdqu	%xmm6,64(%rsi)
+	leaq	80(%rsi),%rsi
+	jmp	.Lxts_enc_done
+
+.p2align	4
+.Lxts_enc_one:
+	movups	(%rdi),%xmm2
+	leaq	16(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_enc1_9:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_enc1_9
+.byte	102,15,56,221,209
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm11,%xmm10
+	movups	%xmm2,(%rsi)
+	leaq	16(%rsi),%rsi
+	jmp	.Lxts_enc_done
+
+.p2align	4
+.Lxts_enc_two:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	leaq	32(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+
+	call	_aesni_encrypt2
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm12,%xmm10
+	xorps	%xmm11,%xmm3
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	leaq	32(%rsi),%rsi
+	jmp	.Lxts_enc_done
+
+.p2align	4
+.Lxts_enc_three:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	movups	32(%rdi),%xmm4
+	leaq	48(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+
+	call	_aesni_encrypt3
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm13,%xmm10
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	leaq	48(%rsi),%rsi
+	jmp	.Lxts_enc_done
+
+.p2align	4
+.Lxts_enc_four:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	movups	32(%rdi),%xmm4
+	xorps	%xmm10,%xmm2
+	movups	48(%rdi),%xmm5
+	leaq	64(%rdi),%rdi
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	xorps	%xmm13,%xmm5
+
+	call	_aesni_encrypt4
+
+	pxor	%xmm10,%xmm2
+	movdqa	%xmm14,%xmm10
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm3,16(%rsi)
+	movdqu	%xmm4,32(%rsi)
+	movdqu	%xmm5,48(%rsi)
+	leaq	64(%rsi),%rsi
+	jmp	.Lxts_enc_done
+
+.p2align	4
+.Lxts_enc_done:
+	andq	$15,%r9
+	jz	.Lxts_enc_ret
+	movq	%r9,%rdx
+
+.Lxts_enc_steal:
+	movzbl	(%rdi),%eax
+	movzbl	-16(%rsi),%ecx
+	leaq	1(%rdi),%rdi
+	movb	%al,-16(%rsi)
+	movb	%cl,0(%rsi)
+	leaq	1(%rsi),%rsi
+	subq	$1,%rdx
+	jnz	.Lxts_enc_steal
+
+	subq	%r9,%rsi
+	movq	%rbp,%rcx
+	movl	%r10d,%eax
+
+	movups	-16(%rsi),%xmm2
+	xorps	%xmm10,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_enc1_10:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_enc1_10
+.byte	102,15,56,221,209
+	xorps	%xmm10,%xmm2
+	movups	%xmm2,-16(%rsi)
+
+.Lxts_enc_ret:
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	movaps	-168(%r11),%xmm6
+	movaps	%xmm0,-168(%r11)
+	movaps	-152(%r11),%xmm7
+	movaps	%xmm0,-152(%r11)
+	movaps	-136(%r11),%xmm8
+	movaps	%xmm0,-136(%r11)
+	movaps	-120(%r11),%xmm9
+	movaps	%xmm0,-120(%r11)
+	movaps	-104(%r11),%xmm10
+	movaps	%xmm0,-104(%r11)
+	movaps	-88(%r11),%xmm11
+	movaps	%xmm0,-88(%r11)
+	movaps	-72(%r11),%xmm12
+	movaps	%xmm0,-72(%r11)
+	movaps	-56(%r11),%xmm13
+	movaps	%xmm0,-56(%r11)
+	movaps	-40(%r11),%xmm14
+	movaps	%xmm0,-40(%r11)
+	movaps	-24(%r11),%xmm15
+	movaps	%xmm0,-24(%r11)
+	movaps	%xmm0,0(%rsp)
+	movaps	%xmm0,16(%rsp)
+	movaps	%xmm0,32(%rsp)
+	movaps	%xmm0,48(%rsp)
+	movaps	%xmm0,64(%rsp)
+	movaps	%xmm0,80(%rsp)
+	movaps	%xmm0,96(%rsp)
+	movq	-8(%r11),%rbp
+
+	leaq	(%r11),%rsp
+
+.Lxts_enc_epilogue:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_aesni_xts_encrypt:
+.globl	aesni_xts_decrypt
+.def	aesni_xts_decrypt;	.scl 2;	.type 32;	.endef
+.p2align	4
+aesni_xts_decrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_aesni_xts_decrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+	movq	40(%rsp),%r8
+	movq	48(%rsp),%r9
+
+
+	leaq	(%rsp),%r11
+
+	pushq	%rbp
+
+	subq	$272,%rsp
+	andq	$-16,%rsp
+	movaps	%xmm6,-168(%r11)
+	movaps	%xmm7,-152(%r11)
+	movaps	%xmm8,-136(%r11)
+	movaps	%xmm9,-120(%r11)
+	movaps	%xmm10,-104(%r11)
+	movaps	%xmm11,-88(%r11)
+	movaps	%xmm12,-72(%r11)
+	movaps	%xmm13,-56(%r11)
+	movaps	%xmm14,-40(%r11)
+	movaps	%xmm15,-24(%r11)
+.Lxts_dec_body:
+	movups	(%r9),%xmm2
+	movl	240(%r8),%eax
+	movl	240(%rcx),%r10d
+	movups	(%r8),%xmm0
+	movups	16(%r8),%xmm1
+	leaq	32(%r8),%r8
+	xorps	%xmm0,%xmm2
+.Loop_enc1_11:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%r8),%xmm1
+	leaq	16(%r8),%r8
+	jnz	.Loop_enc1_11
+.byte	102,15,56,221,209
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	setnz	%al
+	shlq	$4,%rax
+	subq	%rax,%rdx
+
+	movups	(%rcx),%xmm0
+	movq	%rcx,%rbp
+	movl	%r10d,%eax
+	shll	$4,%r10d
+	movq	%rdx,%r9
+	andq	$-16,%rdx
+
+	movups	16(%rcx,%r10,1),%xmm1
+
+	movdqa	.Lxts_magic(%rip),%xmm8
+	movdqa	%xmm2,%xmm15
+	pshufd	$0x5f,%xmm2,%xmm9
+	pxor	%xmm0,%xmm1
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm10
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm10
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm11
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm11
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm12
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm12
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm13
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm13
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm15,%xmm14
+	psrad	$31,%xmm9
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm9
+	pxor	%xmm0,%xmm14
+	pxor	%xmm9,%xmm15
+	movaps	%xmm1,96(%rsp)
+
+	subq	$96,%rdx
+	jc	.Lxts_dec_short
+
+	movl	$16+96,%eax
+	leaq	32(%rbp,%r10,1),%rcx
+	subq	%r10,%rax
+	movups	16(%rbp),%xmm1
+	movq	%rax,%r10
+	leaq	.Lxts_magic(%rip),%r8
+	jmp	.Lxts_dec_grandloop
+
+.p2align	5
+.Lxts_dec_grandloop:
+	movdqu	0(%rdi),%xmm2
+	movdqa	%xmm0,%xmm8
+	movdqu	16(%rdi),%xmm3
+	pxor	%xmm10,%xmm2
+	movdqu	32(%rdi),%xmm4
+	pxor	%xmm11,%xmm3
+.byte	102,15,56,222,209
+	movdqu	48(%rdi),%xmm5
+	pxor	%xmm12,%xmm4
+.byte	102,15,56,222,217
+	movdqu	64(%rdi),%xmm6
+	pxor	%xmm13,%xmm5
+.byte	102,15,56,222,225
+	movdqu	80(%rdi),%xmm7
+	pxor	%xmm15,%xmm8
+	movdqa	96(%rsp),%xmm9
+	pxor	%xmm14,%xmm6
+.byte	102,15,56,222,233
+	movups	32(%rbp),%xmm0
+	leaq	96(%rdi),%rdi
+	pxor	%xmm8,%xmm7
+
+	pxor	%xmm9,%xmm10
+.byte	102,15,56,222,241
+	pxor	%xmm9,%xmm11
+	movdqa	%xmm10,0(%rsp)
+.byte	102,15,56,222,249
+	movups	48(%rbp),%xmm1
+	pxor	%xmm9,%xmm12
+
+.byte	102,15,56,222,208
+	pxor	%xmm9,%xmm13
+	movdqa	%xmm11,16(%rsp)
+.byte	102,15,56,222,216
+	pxor	%xmm9,%xmm14
+	movdqa	%xmm12,32(%rsp)
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	pxor	%xmm9,%xmm8
+	movdqa	%xmm14,64(%rsp)
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	64(%rbp),%xmm0
+	movdqa	%xmm8,80(%rsp)
+	pshufd	$0x5f,%xmm15,%xmm9
+	jmp	.Lxts_dec_loop6
+.p2align	5
+.Lxts_dec_loop6:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	-64(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	-80(%rcx,%rax,1),%xmm0
+	jnz	.Lxts_dec_loop6
+
+	movdqa	(%r8),%xmm8
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,222,209
+	paddq	%xmm15,%xmm15
+	psrad	$31,%xmm14
+.byte	102,15,56,222,217
+	pand	%xmm8,%xmm14
+	movups	(%rbp),%xmm10
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+	pxor	%xmm14,%xmm15
+	movaps	%xmm10,%xmm11
+.byte	102,15,56,222,249
+	movups	-64(%rcx),%xmm1
+
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,222,208
+	paddd	%xmm9,%xmm9
+	pxor	%xmm15,%xmm10
+.byte	102,15,56,222,216
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	pand	%xmm8,%xmm14
+	movaps	%xmm11,%xmm12
+.byte	102,15,56,222,240
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,222,248
+	movups	-48(%rcx),%xmm0
+
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,222,209
+	pxor	%xmm15,%xmm11
+	psrad	$31,%xmm14
+.byte	102,15,56,222,217
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movdqa	%xmm13,48(%rsp)
+	pxor	%xmm14,%xmm15
+.byte	102,15,56,222,241
+	movaps	%xmm12,%xmm13
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,222,249
+	movups	-32(%rcx),%xmm1
+
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,222,208
+	pxor	%xmm15,%xmm12
+	psrad	$31,%xmm14
+.byte	102,15,56,222,216
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+	pxor	%xmm14,%xmm15
+	movaps	%xmm13,%xmm14
+.byte	102,15,56,222,248
+
+	movdqa	%xmm9,%xmm0
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,222,209
+	pxor	%xmm15,%xmm13
+	psrad	$31,%xmm0
+.byte	102,15,56,222,217
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm0
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	pxor	%xmm0,%xmm15
+	movups	(%rbp),%xmm0
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	16(%rbp),%xmm1
+
+	pxor	%xmm15,%xmm14
+.byte	102,15,56,223,84,36,0
+	psrad	$31,%xmm9
+	paddq	%xmm15,%xmm15
+.byte	102,15,56,223,92,36,16
+.byte	102,15,56,223,100,36,32
+	pand	%xmm8,%xmm9
+	movq	%r10,%rax
+.byte	102,15,56,223,108,36,48
+.byte	102,15,56,223,116,36,64
+.byte	102,15,56,223,124,36,80
+	pxor	%xmm9,%xmm15
+
+	leaq	96(%rsi),%rsi
+	movups	%xmm2,-96(%rsi)
+	movups	%xmm3,-80(%rsi)
+	movups	%xmm4,-64(%rsi)
+	movups	%xmm5,-48(%rsi)
+	movups	%xmm6,-32(%rsi)
+	movups	%xmm7,-16(%rsi)
+	subq	$96,%rdx
+	jnc	.Lxts_dec_grandloop
+
+	movl	$16+96,%eax
+	subl	%r10d,%eax
+	movq	%rbp,%rcx
+	shrl	$4,%eax
+
+.Lxts_dec_short:
+
+	movl	%eax,%r10d
+	pxor	%xmm0,%xmm10
+	pxor	%xmm0,%xmm11
+	addq	$96,%rdx
+	jz	.Lxts_dec_done
+
+	pxor	%xmm0,%xmm12
+	cmpq	$0x20,%rdx
+	jb	.Lxts_dec_one
+	pxor	%xmm0,%xmm13
+	je	.Lxts_dec_two
+
+	pxor	%xmm0,%xmm14
+	cmpq	$0x40,%rdx
+	jb	.Lxts_dec_three
+	je	.Lxts_dec_four
+
+	movdqu	(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	pxor	%xmm10,%xmm2
+	movdqu	48(%rdi),%xmm5
+	pxor	%xmm11,%xmm3
+	movdqu	64(%rdi),%xmm6
+	leaq	80(%rdi),%rdi
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm5
+	pxor	%xmm14,%xmm6
+
+	call	_aesni_decrypt6
+
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	movdqu	%xmm2,(%rsi)
+	xorps	%xmm13,%xmm5
+	movdqu	%xmm3,16(%rsi)
+	xorps	%xmm14,%xmm6
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm14,%xmm14
+	movdqu	%xmm5,48(%rsi)
+	pcmpgtd	%xmm15,%xmm14
+	movdqu	%xmm6,64(%rsi)
+	leaq	80(%rsi),%rsi
+	pshufd	$0x13,%xmm14,%xmm11
+	andq	$15,%r9
+	jz	.Lxts_dec_ret
+
+	movdqa	%xmm15,%xmm10
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm11
+	pxor	%xmm15,%xmm11
+	jmp	.Lxts_dec_done2
+
+.p2align	4
+.Lxts_dec_one:
+	movups	(%rdi),%xmm2
+	leaq	16(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_dec1_12:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_dec1_12
+.byte	102,15,56,223,209
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm11,%xmm10
+	movups	%xmm2,(%rsi)
+	movdqa	%xmm12,%xmm11
+	leaq	16(%rsi),%rsi
+	jmp	.Lxts_dec_done
+
+.p2align	4
+.Lxts_dec_two:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	leaq	32(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+
+	call	_aesni_decrypt2
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm12,%xmm10
+	xorps	%xmm11,%xmm3
+	movdqa	%xmm13,%xmm11
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	leaq	32(%rsi),%rsi
+	jmp	.Lxts_dec_done
+
+.p2align	4
+.Lxts_dec_three:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	movups	32(%rdi),%xmm4
+	leaq	48(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+
+	call	_aesni_decrypt3
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm13,%xmm10
+	xorps	%xmm11,%xmm3
+	movdqa	%xmm14,%xmm11
+	xorps	%xmm12,%xmm4
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	leaq	48(%rsi),%rsi
+	jmp	.Lxts_dec_done
+
+.p2align	4
+.Lxts_dec_four:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	movups	32(%rdi),%xmm4
+	xorps	%xmm10,%xmm2
+	movups	48(%rdi),%xmm5
+	leaq	64(%rdi),%rdi
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	xorps	%xmm13,%xmm5
+
+	call	_aesni_decrypt4
+
+	pxor	%xmm10,%xmm2
+	movdqa	%xmm14,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqa	%xmm15,%xmm11
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm3,16(%rsi)
+	movdqu	%xmm4,32(%rsi)
+	movdqu	%xmm5,48(%rsi)
+	leaq	64(%rsi),%rsi
+	jmp	.Lxts_dec_done
+
+.p2align	4
+.Lxts_dec_done:
+	andq	$15,%r9
+	jz	.Lxts_dec_ret
+.Lxts_dec_done2:
+	movq	%r9,%rdx
+	movq	%rbp,%rcx
+	movl	%r10d,%eax
+
+	movups	(%rdi),%xmm2
+	xorps	%xmm11,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_dec1_13:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_dec1_13
+.byte	102,15,56,223,209
+	xorps	%xmm11,%xmm2
+	movups	%xmm2,(%rsi)
+
+.Lxts_dec_steal:
+	movzbl	16(%rdi),%eax
+	movzbl	(%rsi),%ecx
+	leaq	1(%rdi),%rdi
+	movb	%al,(%rsi)
+	movb	%cl,16(%rsi)
+	leaq	1(%rsi),%rsi
+	subq	$1,%rdx
+	jnz	.Lxts_dec_steal
+
+	subq	%r9,%rsi
+	movq	%rbp,%rcx
+	movl	%r10d,%eax
+
+	movups	(%rsi),%xmm2
+	xorps	%xmm10,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_dec1_14:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_dec1_14
+.byte	102,15,56,223,209
+	xorps	%xmm10,%xmm2
+	movups	%xmm2,(%rsi)
+
+.Lxts_dec_ret:
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	movaps	-168(%r11),%xmm6
+	movaps	%xmm0,-168(%r11)
+	movaps	-152(%r11),%xmm7
+	movaps	%xmm0,-152(%r11)
+	movaps	-136(%r11),%xmm8
+	movaps	%xmm0,-136(%r11)
+	movaps	-120(%r11),%xmm9
+	movaps	%xmm0,-120(%r11)
+	movaps	-104(%r11),%xmm10
+	movaps	%xmm0,-104(%r11)
+	movaps	-88(%r11),%xmm11
+	movaps	%xmm0,-88(%r11)
+	movaps	-72(%r11),%xmm12
+	movaps	%xmm0,-72(%r11)
+	movaps	-56(%r11),%xmm13
+	movaps	%xmm0,-56(%r11)
+	movaps	-40(%r11),%xmm14
+	movaps	%xmm0,-40(%r11)
+	movaps	-24(%r11),%xmm15
+	movaps	%xmm0,-24(%r11)
+	movaps	%xmm0,0(%rsp)
+	movaps	%xmm0,16(%rsp)
+	movaps	%xmm0,32(%rsp)
+	movaps	%xmm0,48(%rsp)
+	movaps	%xmm0,64(%rsp)
+	movaps	%xmm0,80(%rsp)
+	movaps	%xmm0,96(%rsp)
+	movq	-8(%r11),%rbp
+
+	leaq	(%r11),%rsp
+
+.Lxts_dec_epilogue:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_aesni_xts_decrypt:
+.globl	aesni_ocb_encrypt
+.def	aesni_ocb_encrypt;	.scl 2;	.type 32;	.endef
+.p2align	5
+aesni_ocb_encrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_aesni_ocb_encrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+	movq	40(%rsp),%r8
+	movq	48(%rsp),%r9
+
+
+	leaq	(%rsp),%rax
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	leaq	-160(%rsp),%rsp
+	movaps	%xmm6,0(%rsp)
+	movaps	%xmm7,16(%rsp)
+	movaps	%xmm8,32(%rsp)
+	movaps	%xmm9,48(%rsp)
+	movaps	%xmm10,64(%rsp)
+	movaps	%xmm11,80(%rsp)
+	movaps	%xmm12,96(%rsp)
+	movaps	%xmm13,112(%rsp)
+	movaps	%xmm14,128(%rsp)
+	movaps	%xmm15,144(%rsp)
+.Locb_enc_body:
+	movq	56(%rax),%rbx
+	movq	56+8(%rax),%rbp
+
+	movl	240(%rcx),%r10d
+	movq	%rcx,%r11
+	shll	$4,%r10d
+	movups	(%rcx),%xmm9
+	movups	16(%rcx,%r10,1),%xmm1
+
+	movdqu	(%r9),%xmm15
+	pxor	%xmm1,%xmm9
+	pxor	%xmm1,%xmm15
+
+	movl	$16+32,%eax
+	leaq	32(%r11,%r10,1),%rcx
+	movups	16(%r11),%xmm1
+	subq	%r10,%rax
+	movq	%rax,%r10
+
+	movdqu	(%rbx),%xmm10
+	movdqu	(%rbp),%xmm8
+
+	testq	$1,%r8
+	jnz	.Locb_enc_odd
+
+	bsfq	%r8,%r12
+	addq	$1,%r8
+	shlq	$4,%r12
+	movdqu	(%rbx,%r12,1),%xmm7
+	movdqu	(%rdi),%xmm2
+	leaq	16(%rdi),%rdi
+
+	call	__ocb_encrypt1
+
+	movdqa	%xmm7,%xmm15
+	movups	%xmm2,(%rsi)
+	leaq	16(%rsi),%rsi
+	subq	$1,%rdx
+	jz	.Locb_enc_done
+
+.Locb_enc_odd:
+	leaq	1(%r8),%r12
+	leaq	3(%r8),%r13
+	leaq	5(%r8),%r14
+	leaq	6(%r8),%r8
+	bsfq	%r12,%r12
+	bsfq	%r13,%r13
+	bsfq	%r14,%r14
+	shlq	$4,%r12
+	shlq	$4,%r13
+	shlq	$4,%r14
+
+	subq	$6,%rdx
+	jc	.Locb_enc_short
+	jmp	.Locb_enc_grandloop
+
+.p2align	5
+.Locb_enc_grandloop:
+	movdqu	0(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	movdqu	48(%rdi),%xmm5
+	movdqu	64(%rdi),%xmm6
+	movdqu	80(%rdi),%xmm7
+	leaq	96(%rdi),%rdi
+
+	call	__ocb_encrypt6
+
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	movups	%xmm7,80(%rsi)
+	leaq	96(%rsi),%rsi
+	subq	$6,%rdx
+	jnc	.Locb_enc_grandloop
+
+.Locb_enc_short:
+	addq	$6,%rdx
+	jz	.Locb_enc_done
+
+	movdqu	0(%rdi),%xmm2
+	cmpq	$2,%rdx
+	jb	.Locb_enc_one
+	movdqu	16(%rdi),%xmm3
+	je	.Locb_enc_two
+
+	movdqu	32(%rdi),%xmm4
+	cmpq	$4,%rdx
+	jb	.Locb_enc_three
+	movdqu	48(%rdi),%xmm5
+	je	.Locb_enc_four
+
+	movdqu	64(%rdi),%xmm6
+	pxor	%xmm7,%xmm7
+
+	call	__ocb_encrypt6
+
+	movdqa	%xmm14,%xmm15
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+
+	jmp	.Locb_enc_done
+
+.p2align	4
+.Locb_enc_one:
+	movdqa	%xmm10,%xmm7
+
+	call	__ocb_encrypt1
+
+	movdqa	%xmm7,%xmm15
+	movups	%xmm2,0(%rsi)
+	jmp	.Locb_enc_done
+
+.p2align	4
+.Locb_enc_two:
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+
+	call	__ocb_encrypt4
+
+	movdqa	%xmm11,%xmm15
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+
+	jmp	.Locb_enc_done
+
+.p2align	4
+.Locb_enc_three:
+	pxor	%xmm5,%xmm5
+
+	call	__ocb_encrypt4
+
+	movdqa	%xmm12,%xmm15
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+
+	jmp	.Locb_enc_done
+
+.p2align	4
+.Locb_enc_four:
+	call	__ocb_encrypt4
+
+	movdqa	%xmm13,%xmm15
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+
+.Locb_enc_done:
+	pxor	%xmm0,%xmm15
+	movdqu	%xmm8,(%rbp)
+	movdqu	%xmm15,(%r9)
+
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	movaps	0(%rsp),%xmm6
+	movaps	%xmm0,0(%rsp)
+	movaps	16(%rsp),%xmm7
+	movaps	%xmm0,16(%rsp)
+	movaps	32(%rsp),%xmm8
+	movaps	%xmm0,32(%rsp)
+	movaps	48(%rsp),%xmm9
+	movaps	%xmm0,48(%rsp)
+	movaps	64(%rsp),%xmm10
+	movaps	%xmm0,64(%rsp)
+	movaps	80(%rsp),%xmm11
+	movaps	%xmm0,80(%rsp)
+	movaps	96(%rsp),%xmm12
+	movaps	%xmm0,96(%rsp)
+	movaps	112(%rsp),%xmm13
+	movaps	%xmm0,112(%rsp)
+	movaps	128(%rsp),%xmm14
+	movaps	%xmm0,128(%rsp)
+	movaps	144(%rsp),%xmm15
+	movaps	%xmm0,144(%rsp)
+	leaq	160+40(%rsp),%rax
+.Locb_enc_pop:
+	movq	-40(%rax),%r14
+
+	movq	-32(%rax),%r13
+
+	movq	-24(%rax),%r12
+
+	movq	-16(%rax),%rbp
+
+	movq	-8(%rax),%rbx
+
+	leaq	(%rax),%rsp
+
+.Locb_enc_epilogue:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_aesni_ocb_encrypt:
+
+.def	__ocb_encrypt6;	.scl 3;	.type 32;	.endef
+.p2align	5
+__ocb_encrypt6:
+
+	pxor	%xmm9,%xmm15
+	movdqu	(%rbx,%r12,1),%xmm11
+	movdqa	%xmm10,%xmm12
+	movdqu	(%rbx,%r13,1),%xmm13
+	movdqa	%xmm10,%xmm14
+	pxor	%xmm15,%xmm10
+	movdqu	(%rbx,%r14,1),%xmm15
+	pxor	%xmm10,%xmm11
+	pxor	%xmm2,%xmm8
+	pxor	%xmm10,%xmm2
+	pxor	%xmm11,%xmm12
+	pxor	%xmm3,%xmm8
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm13
+	pxor	%xmm4,%xmm8
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm14
+	pxor	%xmm5,%xmm8
+	pxor	%xmm13,%xmm5
+	pxor	%xmm14,%xmm15
+	pxor	%xmm6,%xmm8
+	pxor	%xmm14,%xmm6
+	pxor	%xmm7,%xmm8
+	pxor	%xmm15,%xmm7
+	movups	32(%r11),%xmm0
+
+	leaq	1(%r8),%r12
+	leaq	3(%r8),%r13
+	leaq	5(%r8),%r14
+	addq	$6,%r8
+	pxor	%xmm9,%xmm10
+	bsfq	%r12,%r12
+	bsfq	%r13,%r13
+	bsfq	%r14,%r14
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	pxor	%xmm9,%xmm11
+	pxor	%xmm9,%xmm12
+.byte	102,15,56,220,241
+	pxor	%xmm9,%xmm13
+	pxor	%xmm9,%xmm14
+.byte	102,15,56,220,249
+	movups	48(%r11),%xmm1
+	pxor	%xmm9,%xmm15
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	64(%r11),%xmm0
+	shlq	$4,%r12
+	shlq	$4,%r13
+	jmp	.Locb_enc_loop6
+
+.p2align	5
+.Locb_enc_loop6:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Locb_enc_loop6
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	16(%r11),%xmm1
+	shlq	$4,%r14
+
+.byte	102,65,15,56,221,210
+	movdqu	(%rbx),%xmm10
+	movq	%r10,%rax
+.byte	102,65,15,56,221,219
+.byte	102,65,15,56,221,228
+.byte	102,65,15,56,221,237
+.byte	102,65,15,56,221,246
+.byte	102,65,15,56,221,255
+	.byte	0xf3,0xc3
+
+
+
+.def	__ocb_encrypt4;	.scl 3;	.type 32;	.endef
+.p2align	5
+__ocb_encrypt4:
+
+	pxor	%xmm9,%xmm15
+	movdqu	(%rbx,%r12,1),%xmm11
+	movdqa	%xmm10,%xmm12
+	movdqu	(%rbx,%r13,1),%xmm13
+	pxor	%xmm15,%xmm10
+	pxor	%xmm10,%xmm11
+	pxor	%xmm2,%xmm8
+	pxor	%xmm10,%xmm2
+	pxor	%xmm11,%xmm12
+	pxor	%xmm3,%xmm8
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm13
+	pxor	%xmm4,%xmm8
+	pxor	%xmm12,%xmm4
+	pxor	%xmm5,%xmm8
+	pxor	%xmm13,%xmm5
+	movups	32(%r11),%xmm0
+
+	pxor	%xmm9,%xmm10
+	pxor	%xmm9,%xmm11
+	pxor	%xmm9,%xmm12
+	pxor	%xmm9,%xmm13
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	48(%r11),%xmm1
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movups	64(%r11),%xmm0
+	jmp	.Locb_enc_loop4
+
+.p2align	5
+.Locb_enc_loop4:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Locb_enc_loop4
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	16(%r11),%xmm1
+	movq	%r10,%rax
+
+.byte	102,65,15,56,221,210
+.byte	102,65,15,56,221,219
+.byte	102,65,15,56,221,228
+.byte	102,65,15,56,221,237
+	.byte	0xf3,0xc3
+
+
+
+.def	__ocb_encrypt1;	.scl 3;	.type 32;	.endef
+.p2align	5
+__ocb_encrypt1:
+
+	pxor	%xmm15,%xmm7
+	pxor	%xmm9,%xmm7
+	pxor	%xmm2,%xmm8
+	pxor	%xmm7,%xmm2
+	movups	32(%r11),%xmm0
+
+.byte	102,15,56,220,209
+	movups	48(%r11),%xmm1
+	pxor	%xmm9,%xmm7
+
+.byte	102,15,56,220,208
+	movups	64(%r11),%xmm0
+	jmp	.Locb_enc_loop1
+
+.p2align	5
+.Locb_enc_loop1:
+.byte	102,15,56,220,209
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,220,208
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Locb_enc_loop1
+
+.byte	102,15,56,220,209
+	movups	16(%r11),%xmm1
+	movq	%r10,%rax
+
+.byte	102,15,56,221,215
+	.byte	0xf3,0xc3
+
+
+
+.globl	aesni_ocb_decrypt
+.def	aesni_ocb_decrypt;	.scl 2;	.type 32;	.endef
+.p2align	5
+aesni_ocb_decrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_aesni_ocb_decrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+	movq	40(%rsp),%r8
+	movq	48(%rsp),%r9
+
+
+	leaq	(%rsp),%rax
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	leaq	-160(%rsp),%rsp
+	movaps	%xmm6,0(%rsp)
+	movaps	%xmm7,16(%rsp)
+	movaps	%xmm8,32(%rsp)
+	movaps	%xmm9,48(%rsp)
+	movaps	%xmm10,64(%rsp)
+	movaps	%xmm11,80(%rsp)
+	movaps	%xmm12,96(%rsp)
+	movaps	%xmm13,112(%rsp)
+	movaps	%xmm14,128(%rsp)
+	movaps	%xmm15,144(%rsp)
+.Locb_dec_body:
+	movq	56(%rax),%rbx
+	movq	56+8(%rax),%rbp
+
+	movl	240(%rcx),%r10d
+	movq	%rcx,%r11
+	shll	$4,%r10d
+	movups	(%rcx),%xmm9
+	movups	16(%rcx,%r10,1),%xmm1
+
+	movdqu	(%r9),%xmm15
+	pxor	%xmm1,%xmm9
+	pxor	%xmm1,%xmm15
+
+	movl	$16+32,%eax
+	leaq	32(%r11,%r10,1),%rcx
+	movups	16(%r11),%xmm1
+	subq	%r10,%rax
+	movq	%rax,%r10
+
+	movdqu	(%rbx),%xmm10
+	movdqu	(%rbp),%xmm8
+
+	testq	$1,%r8
+	jnz	.Locb_dec_odd
+
+	bsfq	%r8,%r12
+	addq	$1,%r8
+	shlq	$4,%r12
+	movdqu	(%rbx,%r12,1),%xmm7
+	movdqu	(%rdi),%xmm2
+	leaq	16(%rdi),%rdi
+
+	call	__ocb_decrypt1
+
+	movdqa	%xmm7,%xmm15
+	movups	%xmm2,(%rsi)
+	xorps	%xmm2,%xmm8
+	leaq	16(%rsi),%rsi
+	subq	$1,%rdx
+	jz	.Locb_dec_done
+
+.Locb_dec_odd:
+	leaq	1(%r8),%r12
+	leaq	3(%r8),%r13
+	leaq	5(%r8),%r14
+	leaq	6(%r8),%r8
+	bsfq	%r12,%r12
+	bsfq	%r13,%r13
+	bsfq	%r14,%r14
+	shlq	$4,%r12
+	shlq	$4,%r13
+	shlq	$4,%r14
+
+	subq	$6,%rdx
+	jc	.Locb_dec_short
+	jmp	.Locb_dec_grandloop
+
+.p2align	5
+.Locb_dec_grandloop:
+	movdqu	0(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	movdqu	48(%rdi),%xmm5
+	movdqu	64(%rdi),%xmm6
+	movdqu	80(%rdi),%xmm7
+	leaq	96(%rdi),%rdi
+
+	call	__ocb_decrypt6
+
+	movups	%xmm2,0(%rsi)
+	pxor	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm8
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm8
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm8
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm8
+	movups	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm8
+	leaq	96(%rsi),%rsi
+	subq	$6,%rdx
+	jnc	.Locb_dec_grandloop
+
+.Locb_dec_short:
+	addq	$6,%rdx
+	jz	.Locb_dec_done
+
+	movdqu	0(%rdi),%xmm2
+	cmpq	$2,%rdx
+	jb	.Locb_dec_one
+	movdqu	16(%rdi),%xmm3
+	je	.Locb_dec_two
+
+	movdqu	32(%rdi),%xmm4
+	cmpq	$4,%rdx
+	jb	.Locb_dec_three
+	movdqu	48(%rdi),%xmm5
+	je	.Locb_dec_four
+
+	movdqu	64(%rdi),%xmm6
+	pxor	%xmm7,%xmm7
+
+	call	__ocb_decrypt6
+
+	movdqa	%xmm14,%xmm15
+	movups	%xmm2,0(%rsi)
+	pxor	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm8
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm8
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm8
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm8
+
+	jmp	.Locb_dec_done
+
+.p2align	4
+.Locb_dec_one:
+	movdqa	%xmm10,%xmm7
+
+	call	__ocb_decrypt1
+
+	movdqa	%xmm7,%xmm15
+	movups	%xmm2,0(%rsi)
+	xorps	%xmm2,%xmm8
+	jmp	.Locb_dec_done
+
+.p2align	4
+.Locb_dec_two:
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+
+	call	__ocb_decrypt4
+
+	movdqa	%xmm11,%xmm15
+	movups	%xmm2,0(%rsi)
+	xorps	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	xorps	%xmm3,%xmm8
+
+	jmp	.Locb_dec_done
+
+.p2align	4
+.Locb_dec_three:
+	pxor	%xmm5,%xmm5
+
+	call	__ocb_decrypt4
+
+	movdqa	%xmm12,%xmm15
+	movups	%xmm2,0(%rsi)
+	xorps	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	xorps	%xmm3,%xmm8
+	movups	%xmm4,32(%rsi)
+	xorps	%xmm4,%xmm8
+
+	jmp	.Locb_dec_done
+
+.p2align	4
+.Locb_dec_four:
+	call	__ocb_decrypt4
+
+	movdqa	%xmm13,%xmm15
+	movups	%xmm2,0(%rsi)
+	pxor	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm8
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm8
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm8
+
+.Locb_dec_done:
+	pxor	%xmm0,%xmm15
+	movdqu	%xmm8,(%rbp)
+	movdqu	%xmm15,(%r9)
+
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	movaps	0(%rsp),%xmm6
+	movaps	%xmm0,0(%rsp)
+	movaps	16(%rsp),%xmm7
+	movaps	%xmm0,16(%rsp)
+	movaps	32(%rsp),%xmm8
+	movaps	%xmm0,32(%rsp)
+	movaps	48(%rsp),%xmm9
+	movaps	%xmm0,48(%rsp)
+	movaps	64(%rsp),%xmm10
+	movaps	%xmm0,64(%rsp)
+	movaps	80(%rsp),%xmm11
+	movaps	%xmm0,80(%rsp)
+	movaps	96(%rsp),%xmm12
+	movaps	%xmm0,96(%rsp)
+	movaps	112(%rsp),%xmm13
+	movaps	%xmm0,112(%rsp)
+	movaps	128(%rsp),%xmm14
+	movaps	%xmm0,128(%rsp)
+	movaps	144(%rsp),%xmm15
+	movaps	%xmm0,144(%rsp)
+	leaq	160+40(%rsp),%rax
+.Locb_dec_pop:
+	movq	-40(%rax),%r14
+
+	movq	-32(%rax),%r13
+
+	movq	-24(%rax),%r12
+
+	movq	-16(%rax),%rbp
+
+	movq	-8(%rax),%rbx
+
+	leaq	(%rax),%rsp
+
+.Locb_dec_epilogue:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_aesni_ocb_decrypt:
+
+.def	__ocb_decrypt6;	.scl 3;	.type 32;	.endef
+.p2align	5
+__ocb_decrypt6:
+
+	pxor	%xmm9,%xmm15
+	movdqu	(%rbx,%r12,1),%xmm11
+	movdqa	%xmm10,%xmm12
+	movdqu	(%rbx,%r13,1),%xmm13
+	movdqa	%xmm10,%xmm14
+	pxor	%xmm15,%xmm10
+	movdqu	(%rbx,%r14,1),%xmm15
+	pxor	%xmm10,%xmm11
+	pxor	%xmm10,%xmm2
+	pxor	%xmm11,%xmm12
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm13
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm14
+	pxor	%xmm13,%xmm5
+	pxor	%xmm14,%xmm15
+	pxor	%xmm14,%xmm6
+	pxor	%xmm15,%xmm7
+	movups	32(%r11),%xmm0
+
+	leaq	1(%r8),%r12
+	leaq	3(%r8),%r13
+	leaq	5(%r8),%r14
+	addq	$6,%r8
+	pxor	%xmm9,%xmm10
+	bsfq	%r12,%r12
+	bsfq	%r13,%r13
+	bsfq	%r14,%r14
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	pxor	%xmm9,%xmm11
+	pxor	%xmm9,%xmm12
+.byte	102,15,56,222,241
+	pxor	%xmm9,%xmm13
+	pxor	%xmm9,%xmm14
+.byte	102,15,56,222,249
+	movups	48(%r11),%xmm1
+	pxor	%xmm9,%xmm15
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	64(%r11),%xmm0
+	shlq	$4,%r12
+	shlq	$4,%r13
+	jmp	.Locb_dec_loop6
+
+.p2align	5
+.Locb_dec_loop6:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Locb_dec_loop6
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	16(%r11),%xmm1
+	shlq	$4,%r14
+
+.byte	102,65,15,56,223,210
+	movdqu	(%rbx),%xmm10
+	movq	%r10,%rax
+.byte	102,65,15,56,223,219
+.byte	102,65,15,56,223,228
+.byte	102,65,15,56,223,237
+.byte	102,65,15,56,223,246
+.byte	102,65,15,56,223,255
+	.byte	0xf3,0xc3
+
+
+
+.def	__ocb_decrypt4;	.scl 3;	.type 32;	.endef
+.p2align	5
+__ocb_decrypt4:
+
+	pxor	%xmm9,%xmm15
+	movdqu	(%rbx,%r12,1),%xmm11
+	movdqa	%xmm10,%xmm12
+	movdqu	(%rbx,%r13,1),%xmm13
+	pxor	%xmm15,%xmm10
+	pxor	%xmm10,%xmm11
+	pxor	%xmm10,%xmm2
+	pxor	%xmm11,%xmm12
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm13
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm5
+	movups	32(%r11),%xmm0
+
+	pxor	%xmm9,%xmm10
+	pxor	%xmm9,%xmm11
+	pxor	%xmm9,%xmm12
+	pxor	%xmm9,%xmm13
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	48(%r11),%xmm1
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	movups	64(%r11),%xmm0
+	jmp	.Locb_dec_loop4
+
+.p2align	5
+.Locb_dec_loop4:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Locb_dec_loop4
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	16(%r11),%xmm1
+	movq	%r10,%rax
+
+.byte	102,65,15,56,223,210
+.byte	102,65,15,56,223,219
+.byte	102,65,15,56,223,228
+.byte	102,65,15,56,223,237
+	.byte	0xf3,0xc3
+
+
+
+.def	__ocb_decrypt1;	.scl 3;	.type 32;	.endef
+.p2align	5
+__ocb_decrypt1:
+
+	pxor	%xmm15,%xmm7
+	pxor	%xmm9,%xmm7
+	pxor	%xmm7,%xmm2
+	movups	32(%r11),%xmm0
+
+.byte	102,15,56,222,209
+	movups	48(%r11),%xmm1
+	pxor	%xmm9,%xmm7
+
+.byte	102,15,56,222,208
+	movups	64(%r11),%xmm0
+	jmp	.Locb_dec_loop1
+
+.p2align	5
+.Locb_dec_loop1:
+.byte	102,15,56,222,209
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,222,208
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Locb_dec_loop1
+
+.byte	102,15,56,222,209
+	movups	16(%r11),%xmm1
+	movq	%r10,%rax
+
+.byte	102,15,56,223,215
+	.byte	0xf3,0xc3
+
+
+.globl	aesni_cbc_encrypt
+.def	aesni_cbc_encrypt;	.scl 2;	.type 32;	.endef
+.p2align	4
+aesni_cbc_encrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_aesni_cbc_encrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+	movq	40(%rsp),%r8
+	movq	48(%rsp),%r9
+
+
+	testq	%rdx,%rdx
+	jz	.Lcbc_ret
+
+	movl	240(%rcx),%r10d
+	movq	%rcx,%r11
+	testl	%r9d,%r9d
+	jz	.Lcbc_decrypt
+
+	movups	(%r8),%xmm2
+	movl	%r10d,%eax
+	cmpq	$16,%rdx
+	jb	.Lcbc_enc_tail
+	subq	$16,%rdx
+	jmp	.Lcbc_enc_loop
+.p2align	4
+.Lcbc_enc_loop:
+	movups	(%rdi),%xmm3
+	leaq	16(%rdi),%rdi
+
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm3
+	leaq	32(%rcx),%rcx
+	xorps	%xmm3,%xmm2
+.Loop_enc1_15:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_enc1_15
+.byte	102,15,56,221,209
+	movl	%r10d,%eax
+	movq	%r11,%rcx
+	movups	%xmm2,0(%rsi)
+	leaq	16(%rsi),%rsi
+	subq	$16,%rdx
+	jnc	.Lcbc_enc_loop
+	addq	$16,%rdx
+	jnz	.Lcbc_enc_tail
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%r8)
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	jmp	.Lcbc_ret
+
+.Lcbc_enc_tail:
+	movq	%rdx,%rcx
+	xchgq	%rdi,%rsi
+.long	0x9066A4F3
+	movl	$16,%ecx
+	subq	%rdx,%rcx
+	xorl	%eax,%eax
+.long	0x9066AAF3
+	leaq	-16(%rdi),%rdi
+	movl	%r10d,%eax
+	movq	%rdi,%rsi
+	movq	%r11,%rcx
+	xorq	%rdx,%rdx
+	jmp	.Lcbc_enc_loop
+
+.p2align	4
+.Lcbc_decrypt:
+	cmpq	$16,%rdx
+	jne	.Lcbc_decrypt_bulk
+
+
+
+	movdqu	(%rdi),%xmm2
+	movdqu	(%r8),%xmm3
+	movdqa	%xmm2,%xmm4
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_dec1_16:
+.byte	102,15,56,222,209
+	decl	%r10d
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_dec1_16
+.byte	102,15,56,223,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movdqu	%xmm4,(%r8)
+	xorps	%xmm3,%xmm2
+	pxor	%xmm3,%xmm3
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	jmp	.Lcbc_ret
+.p2align	4
+.Lcbc_decrypt_bulk:
+	leaq	(%rsp),%r11
+
+	pushq	%rbp
+
+	subq	$176,%rsp
+	andq	$-16,%rsp
+	movaps	%xmm6,16(%rsp)
+	movaps	%xmm7,32(%rsp)
+	movaps	%xmm8,48(%rsp)
+	movaps	%xmm9,64(%rsp)
+	movaps	%xmm10,80(%rsp)
+	movaps	%xmm11,96(%rsp)
+	movaps	%xmm12,112(%rsp)
+	movaps	%xmm13,128(%rsp)
+	movaps	%xmm14,144(%rsp)
+	movaps	%xmm15,160(%rsp)
+.Lcbc_decrypt_body:
+	movq	%rcx,%rbp
+	movups	(%r8),%xmm10
+	movl	%r10d,%eax
+	cmpq	$0x50,%rdx
+	jbe	.Lcbc_dec_tail
+
+	movups	(%rcx),%xmm0
+	movdqu	0(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqa	%xmm2,%xmm11
+	movdqu	32(%rdi),%xmm4
+	movdqa	%xmm3,%xmm12
+	movdqu	48(%rdi),%xmm5
+	movdqa	%xmm4,%xmm13
+	movdqu	64(%rdi),%xmm6
+	movdqa	%xmm5,%xmm14
+	movdqu	80(%rdi),%xmm7
+	movdqa	%xmm6,%xmm15
+	movl	GNUTLS_x86_cpuid_s+4(%rip),%r9d
+	cmpq	$0x70,%rdx
+	jbe	.Lcbc_dec_six_or_seven
+
+	andl	$71303168,%r9d
+	subq	$0x50,%rdx
+	cmpl	$4194304,%r9d
+	je	.Lcbc_dec_loop6_enter
+	subq	$0x20,%rdx
+	leaq	112(%rcx),%rcx
+	jmp	.Lcbc_dec_loop8_enter
+.p2align	4
+.Lcbc_dec_loop8:
+	movups	%xmm9,(%rsi)
+	leaq	16(%rsi),%rsi
+.Lcbc_dec_loop8_enter:
+	movdqu	96(%rdi),%xmm8
+	pxor	%xmm0,%xmm2
+	movdqu	112(%rdi),%xmm9
+	pxor	%xmm0,%xmm3
+	movups	16-112(%rcx),%xmm1
+	pxor	%xmm0,%xmm4
+	movq	$-1,%rbp
+	cmpq	$0x70,%rdx
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	pxor	%xmm0,%xmm7
+	pxor	%xmm0,%xmm8
+
+.byte	102,15,56,222,209
+	pxor	%xmm0,%xmm9
+	movups	32-112(%rcx),%xmm0
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+	adcq	$0,%rbp
+	andq	$128,%rbp
+.byte	102,68,15,56,222,201
+	addq	%rdi,%rbp
+	movups	48-112(%rcx),%xmm1
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	64-112(%rcx),%xmm0
+	nop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	80-112(%rcx),%xmm1
+	nop
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	96-112(%rcx),%xmm0
+	nop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	112-112(%rcx),%xmm1
+	nop
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	128-112(%rcx),%xmm0
+	nop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	144-112(%rcx),%xmm1
+	cmpl	$11,%eax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	160-112(%rcx),%xmm0
+	jb	.Lcbc_dec_done
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	176-112(%rcx),%xmm1
+	nop
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	192-112(%rcx),%xmm0
+	je	.Lcbc_dec_done
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	208-112(%rcx),%xmm1
+	nop
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	224-112(%rcx),%xmm0
+	jmp	.Lcbc_dec_done
+.p2align	4
+.Lcbc_dec_done:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+	pxor	%xmm0,%xmm10
+	pxor	%xmm0,%xmm11
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	pxor	%xmm0,%xmm12
+	pxor	%xmm0,%xmm13
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	pxor	%xmm0,%xmm14
+	pxor	%xmm0,%xmm15
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movdqu	80(%rdi),%xmm1
+
+.byte	102,65,15,56,223,210
+	movdqu	96(%rdi),%xmm10
+	pxor	%xmm0,%xmm1
+.byte	102,65,15,56,223,219
+	pxor	%xmm0,%xmm10
+	movdqu	112(%rdi),%xmm0
+.byte	102,65,15,56,223,228
+	leaq	128(%rdi),%rdi
+	movdqu	0(%rbp),%xmm11
+.byte	102,65,15,56,223,237
+.byte	102,65,15,56,223,246
+	movdqu	16(%rbp),%xmm12
+	movdqu	32(%rbp),%xmm13
+.byte	102,65,15,56,223,255
+.byte	102,68,15,56,223,193
+	movdqu	48(%rbp),%xmm14
+	movdqu	64(%rbp),%xmm15
+.byte	102,69,15,56,223,202
+	movdqa	%xmm0,%xmm10
+	movdqu	80(%rbp),%xmm1
+	movups	-112(%rcx),%xmm0
+
+	movups	%xmm2,(%rsi)
+	movdqa	%xmm11,%xmm2
+	movups	%xmm3,16(%rsi)
+	movdqa	%xmm12,%xmm3
+	movups	%xmm4,32(%rsi)
+	movdqa	%xmm13,%xmm4
+	movups	%xmm5,48(%rsi)
+	movdqa	%xmm14,%xmm5
+	movups	%xmm6,64(%rsi)
+	movdqa	%xmm15,%xmm6
+	movups	%xmm7,80(%rsi)
+	movdqa	%xmm1,%xmm7
+	movups	%xmm8,96(%rsi)
+	leaq	112(%rsi),%rsi
+
+	subq	$0x80,%rdx
+	ja	.Lcbc_dec_loop8
+
+	movaps	%xmm9,%xmm2
+	leaq	-112(%rcx),%rcx
+	addq	$0x70,%rdx
+	jle	.Lcbc_dec_clear_tail_collected
+	movups	%xmm9,(%rsi)
+	leaq	16(%rsi),%rsi
+	cmpq	$0x50,%rdx
+	jbe	.Lcbc_dec_tail
+
+	movaps	%xmm11,%xmm2
+.Lcbc_dec_six_or_seven:
+	cmpq	$0x60,%rdx
+	ja	.Lcbc_dec_seven
+
+	movaps	%xmm7,%xmm8
+	call	_aesni_decrypt6
+	pxor	%xmm10,%xmm2
+	movaps	%xmm8,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	pxor	%xmm14,%xmm6
+	movdqu	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	pxor	%xmm15,%xmm7
+	movdqu	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	leaq	80(%rsi),%rsi
+	movdqa	%xmm7,%xmm2
+	pxor	%xmm7,%xmm7
+	jmp	.Lcbc_dec_tail_collected
+
+.p2align	4
+.Lcbc_dec_seven:
+	movups	96(%rdi),%xmm8
+	xorps	%xmm9,%xmm9
+	call	_aesni_decrypt8
+	movups	80(%rdi),%xmm9
+	pxor	%xmm10,%xmm2
+	movups	96(%rdi),%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	pxor	%xmm14,%xmm6
+	movdqu	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	pxor	%xmm15,%xmm7
+	movdqu	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	pxor	%xmm9,%xmm8
+	movdqu	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm7
+	leaq	96(%rsi),%rsi
+	movdqa	%xmm8,%xmm2
+	pxor	%xmm8,%xmm8
+	pxor	%xmm9,%xmm9
+	jmp	.Lcbc_dec_tail_collected
+
+.p2align	4
+.Lcbc_dec_loop6:
+	movups	%xmm7,(%rsi)
+	leaq	16(%rsi),%rsi
+	movdqu	0(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqa	%xmm2,%xmm11
+	movdqu	32(%rdi),%xmm4
+	movdqa	%xmm3,%xmm12
+	movdqu	48(%rdi),%xmm5
+	movdqa	%xmm4,%xmm13
+	movdqu	64(%rdi),%xmm6
+	movdqa	%xmm5,%xmm14
+	movdqu	80(%rdi),%xmm7
+	movdqa	%xmm6,%xmm15
+.Lcbc_dec_loop6_enter:
+	leaq	96(%rdi),%rdi
+	movdqa	%xmm7,%xmm8
+
+	call	_aesni_decrypt6
+
+	pxor	%xmm10,%xmm2
+	movdqa	%xmm8,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm14,%xmm6
+	movq	%rbp,%rcx
+	movdqu	%xmm5,48(%rsi)
+	pxor	%xmm15,%xmm7
+	movl	%r10d,%eax
+	movdqu	%xmm6,64(%rsi)
+	leaq	80(%rsi),%rsi
+	subq	$0x60,%rdx
+	ja	.Lcbc_dec_loop6
+
+	movdqa	%xmm7,%xmm2
+	addq	$0x50,%rdx
+	jle	.Lcbc_dec_clear_tail_collected
+	movups	%xmm7,(%rsi)
+	leaq	16(%rsi),%rsi
+
+.Lcbc_dec_tail:
+	movups	(%rdi),%xmm2
+	subq	$0x10,%rdx
+	jbe	.Lcbc_dec_one
+
+	movups	16(%rdi),%xmm3
+	movaps	%xmm2,%xmm11
+	subq	$0x10,%rdx
+	jbe	.Lcbc_dec_two
+
+	movups	32(%rdi),%xmm4
+	movaps	%xmm3,%xmm12
+	subq	$0x10,%rdx
+	jbe	.Lcbc_dec_three
+
+	movups	48(%rdi),%xmm5
+	movaps	%xmm4,%xmm13
+	subq	$0x10,%rdx
+	jbe	.Lcbc_dec_four
+
+	movups	64(%rdi),%xmm6
+	movaps	%xmm5,%xmm14
+	movaps	%xmm6,%xmm15
+	xorps	%xmm7,%xmm7
+	call	_aesni_decrypt6
+	pxor	%xmm10,%xmm2
+	movaps	%xmm15,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	pxor	%xmm14,%xmm6
+	movdqu	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	leaq	64(%rsi),%rsi
+	movdqa	%xmm6,%xmm2
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	subq	$0x10,%rdx
+	jmp	.Lcbc_dec_tail_collected
+
+.p2align	4
+.Lcbc_dec_one:
+	movaps	%xmm2,%xmm11
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_dec1_17:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_dec1_17
+.byte	102,15,56,223,209
+	xorps	%xmm10,%xmm2
+	movaps	%xmm11,%xmm10
+	jmp	.Lcbc_dec_tail_collected
+.p2align	4
+.Lcbc_dec_two:
+	movaps	%xmm3,%xmm12
+	call	_aesni_decrypt2
+	pxor	%xmm10,%xmm2
+	movaps	%xmm12,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	movdqa	%xmm3,%xmm2
+	pxor	%xmm3,%xmm3
+	leaq	16(%rsi),%rsi
+	jmp	.Lcbc_dec_tail_collected
+.p2align	4
+.Lcbc_dec_three:
+	movaps	%xmm4,%xmm13
+	call	_aesni_decrypt3
+	pxor	%xmm10,%xmm2
+	movaps	%xmm13,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm4,%xmm2
+	pxor	%xmm4,%xmm4
+	leaq	32(%rsi),%rsi
+	jmp	.Lcbc_dec_tail_collected
+.p2align	4
+.Lcbc_dec_four:
+	movaps	%xmm5,%xmm14
+	call	_aesni_decrypt4
+	pxor	%xmm10,%xmm2
+	movaps	%xmm14,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm5,%xmm2
+	pxor	%xmm5,%xmm5
+	leaq	48(%rsi),%rsi
+	jmp	.Lcbc_dec_tail_collected
+
+.p2align	4
+.Lcbc_dec_clear_tail_collected:
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+.Lcbc_dec_tail_collected:
+	movups	%xmm10,(%r8)
+	andq	$15,%rdx
+	jnz	.Lcbc_dec_tail_partial
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	jmp	.Lcbc_dec_ret
+.p2align	4
+.Lcbc_dec_tail_partial:
+	movaps	%xmm2,(%rsp)
+	pxor	%xmm2,%xmm2
+	movq	$16,%rcx
+	movq	%rsi,%rdi
+	subq	%rdx,%rcx
+	leaq	(%rsp),%rsi
+.long	0x9066A4F3
+	movdqa	%xmm2,(%rsp)
+
+.Lcbc_dec_ret:
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movaps	16(%rsp),%xmm6
+	movaps	%xmm0,16(%rsp)
+	movaps	32(%rsp),%xmm7
+	movaps	%xmm0,32(%rsp)
+	movaps	48(%rsp),%xmm8
+	movaps	%xmm0,48(%rsp)
+	movaps	64(%rsp),%xmm9
+	movaps	%xmm0,64(%rsp)
+	movaps	80(%rsp),%xmm10
+	movaps	%xmm0,80(%rsp)
+	movaps	96(%rsp),%xmm11
+	movaps	%xmm0,96(%rsp)
+	movaps	112(%rsp),%xmm12
+	movaps	%xmm0,112(%rsp)
+	movaps	128(%rsp),%xmm13
+	movaps	%xmm0,128(%rsp)
+	movaps	144(%rsp),%xmm14
+	movaps	%xmm0,144(%rsp)
+	movaps	160(%rsp),%xmm15
+	movaps	%xmm0,160(%rsp)
+	movq	-8(%r11),%rbp
+
+	leaq	(%r11),%rsp
+
+.Lcbc_ret:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_aesni_cbc_encrypt:
+.globl	aesni_set_decrypt_key
+.def	aesni_set_decrypt_key;	.scl 2;	.type 32;	.endef
+.p2align	4
+aesni_set_decrypt_key:
+
+.byte	0x48,0x83,0xEC,0x08
+
+	call	__aesni_set_encrypt_key
+	shll	$4,%edx
+	testl	%eax,%eax
+	jnz	.Ldec_key_ret
+	leaq	16(%r8,%rdx,1),%rcx
+
+	movups	(%r8),%xmm0
+	movups	(%rcx),%xmm1
+	movups	%xmm0,(%rcx)
+	movups	%xmm1,(%r8)
+	leaq	16(%r8),%r8
+	leaq	-16(%rcx),%rcx
+
+.Ldec_key_inverse:
+	movups	(%r8),%xmm0
+	movups	(%rcx),%xmm1
+.byte	102,15,56,219,192
+.byte	102,15,56,219,201
+	leaq	16(%r8),%r8
+	leaq	-16(%rcx),%rcx
+	movups	%xmm0,16(%rcx)
+	movups	%xmm1,-16(%r8)
+	cmpq	%r8,%rcx
+	ja	.Ldec_key_inverse
+
+	movups	(%r8),%xmm0
+.byte	102,15,56,219,192
+	pxor	%xmm1,%xmm1
+	movups	%xmm0,(%rcx)
+	pxor	%xmm0,%xmm0
+.Ldec_key_ret:
+	addq	$8,%rsp
+
+	.byte	0xf3,0xc3
+
+.LSEH_end_set_decrypt_key:
+
+.globl	aesni_set_encrypt_key
+.def	aesni_set_encrypt_key;	.scl 2;	.type 32;	.endef
+.p2align	4
+aesni_set_encrypt_key:
+__aesni_set_encrypt_key:
+
+.byte	0x48,0x83,0xEC,0x08
+
+	movq	$-1,%rax
+	testq	%rcx,%rcx
+	jz	.Lenc_key_ret
+	testq	%r8,%r8
+	jz	.Lenc_key_ret
+
+	movl	$268437504,%r10d
+	movups	(%rcx),%xmm0
+	xorps	%xmm4,%xmm4
+	andl	GNUTLS_x86_cpuid_s+4(%rip),%r10d
+	leaq	16(%r8),%rax
+	cmpl	$256,%edx
+	je	.L14rounds
+	cmpl	$192,%edx
+	je	.L12rounds
+	cmpl	$128,%edx
+	jne	.Lbad_keybits
+
+.L10rounds:
+	movl	$9,%edx
+	cmpl	$268435456,%r10d
+	je	.L10rounds_alt
+
+	movups	%xmm0,(%r8)
+.byte	102,15,58,223,200,1
+	call	.Lkey_expansion_128_cold
+.byte	102,15,58,223,200,2
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,4
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,8
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,16
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,32
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,64
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,128
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,27
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,54
+	call	.Lkey_expansion_128
+	movups	%xmm0,(%rax)
+	movl	%edx,80(%rax)
+	xorl	%eax,%eax
+	jmp	.Lenc_key_ret
+
+.p2align	4
+.L10rounds_alt:
+	movdqa	.Lkey_rotate(%rip),%xmm5
+	movl	$8,%r10d
+	movdqa	.Lkey_rcon1(%rip),%xmm4
+	movdqa	%xmm0,%xmm2
+	movdqu	%xmm0,(%r8)
+	jmp	.Loop_key128
+
+.p2align	4
+.Loop_key128:
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	pslld	$1,%xmm4
+	leaq	16(%rax),%rax
+
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,-16(%rax)
+	movdqa	%xmm0,%xmm2
+
+	decl	%r10d
+	jnz	.Loop_key128
+
+	movdqa	.Lkey_rcon1b(%rip),%xmm4
+
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	pslld	$1,%xmm4
+
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,(%rax)
+
+	movdqa	%xmm0,%xmm2
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,16(%rax)
+
+	movl	%edx,96(%rax)
+	xorl	%eax,%eax
+	jmp	.Lenc_key_ret
+
+.p2align	4
+.L12rounds:
+	movq	16(%rcx),%xmm2
+	movl	$11,%edx
+	cmpl	$268435456,%r10d
+	je	.L12rounds_alt
+
+	movups	%xmm0,(%r8)
+.byte	102,15,58,223,202,1
+	call	.Lkey_expansion_192a_cold
+.byte	102,15,58,223,202,2
+	call	.Lkey_expansion_192b
+.byte	102,15,58,223,202,4
+	call	.Lkey_expansion_192a
+.byte	102,15,58,223,202,8
+	call	.Lkey_expansion_192b
+.byte	102,15,58,223,202,16
+	call	.Lkey_expansion_192a
+.byte	102,15,58,223,202,32
+	call	.Lkey_expansion_192b
+.byte	102,15,58,223,202,64
+	call	.Lkey_expansion_192a
+.byte	102,15,58,223,202,128
+	call	.Lkey_expansion_192b
+	movups	%xmm0,(%rax)
+	movl	%edx,48(%rax)
+	xorq	%rax,%rax
+	jmp	.Lenc_key_ret
+
+.p2align	4
+.L12rounds_alt:
+	movdqa	.Lkey_rotate192(%rip),%xmm5
+	movdqa	.Lkey_rcon1(%rip),%xmm4
+	movl	$8,%r10d
+	movdqu	%xmm0,(%r8)
+	jmp	.Loop_key192
+
+.p2align	4
+.Loop_key192:
+	movq	%xmm2,0(%rax)
+	movdqa	%xmm2,%xmm1
+.byte	102,15,56,0,213
+.byte	102,15,56,221,212
+	pslld	$1,%xmm4
+	leaq	24(%rax),%rax
+
+	movdqa	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm3,%xmm0
+
+	pshufd	$0xff,%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+
+	pxor	%xmm2,%xmm0
+	pxor	%xmm3,%xmm2
+	movdqu	%xmm0,-16(%rax)
+
+	decl	%r10d
+	jnz	.Loop_key192
+
+	movl	%edx,32(%rax)
+	xorl	%eax,%eax
+	jmp	.Lenc_key_ret
+
+.p2align	4
+.L14rounds:
+	movups	16(%rcx),%xmm2
+	movl	$13,%edx
+	leaq	16(%rax),%rax
+	cmpl	$268435456,%r10d
+	je	.L14rounds_alt
+
+	movups	%xmm0,(%r8)
+	movups	%xmm2,16(%r8)
+.byte	102,15,58,223,202,1
+	call	.Lkey_expansion_256a_cold
+.byte	102,15,58,223,200,1
+	call	.Lkey_expansion_256b
+.byte	102,15,58,223,202,2
+	call	.Lkey_expansion_256a
+.byte	102,15,58,223,200,2
+	call	.Lkey_expansion_256b
+.byte	102,15,58,223,202,4
+	call	.Lkey_expansion_256a
+.byte	102,15,58,223,200,4
+	call	.Lkey_expansion_256b
+.byte	102,15,58,223,202,8
+	call	.Lkey_expansion_256a
+.byte	102,15,58,223,200,8
+	call	.Lkey_expansion_256b
+.byte	102,15,58,223,202,16
+	call	.Lkey_expansion_256a
+.byte	102,15,58,223,200,16
+	call	.Lkey_expansion_256b
+.byte	102,15,58,223,202,32
+	call	.Lkey_expansion_256a
+.byte	102,15,58,223,200,32
+	call	.Lkey_expansion_256b
+.byte	102,15,58,223,202,64
+	call	.Lkey_expansion_256a
+	movups	%xmm0,(%rax)
+	movl	%edx,16(%rax)
+	xorq	%rax,%rax
+	jmp	.Lenc_key_ret
+
+.p2align	4
+.L14rounds_alt:
+	movdqa	.Lkey_rotate(%rip),%xmm5
+	movdqa	.Lkey_rcon1(%rip),%xmm4
+	movl	$7,%r10d
+	movdqu	%xmm0,0(%r8)
+	movdqa	%xmm2,%xmm1
+	movdqu	%xmm2,16(%r8)
+	jmp	.Loop_key256
+
+.p2align	4
+.Loop_key256:
+.byte	102,15,56,0,213
+.byte	102,15,56,221,212
+
+	movdqa	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm3,%xmm0
+	pslld	$1,%xmm4
+
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,(%rax)
+
+	decl	%r10d
+	jz	.Ldone_key256
+
+	pshufd	$0xff,%xmm0,%xmm2
+	pxor	%xmm3,%xmm3
+.byte	102,15,56,221,211
+
+	movdqa	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm3,%xmm1
+
+	pxor	%xmm1,%xmm2
+	movdqu	%xmm2,16(%rax)
+	leaq	32(%rax),%rax
+	movdqa	%xmm2,%xmm1
+
+	jmp	.Loop_key256
+
+.Ldone_key256:
+	movl	%edx,16(%rax)
+	xorl	%eax,%eax
+	jmp	.Lenc_key_ret
+
+.p2align	4
+.Lbad_keybits:
+	movq	$-2,%rax
+.Lenc_key_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	addq	$8,%rsp
+
+	.byte	0xf3,0xc3
+.LSEH_end_set_encrypt_key:
+
+.p2align	4
+.Lkey_expansion_128:
+	movups	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+.Lkey_expansion_128_cold:
+	shufps	$16,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$255,%xmm1,%xmm1
+	xorps	%xmm1,%xmm0
+	.byte	0xf3,0xc3
+
+.p2align	4
+.Lkey_expansion_192a:
+	movups	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+.Lkey_expansion_192a_cold:
+	movaps	%xmm2,%xmm5
+.Lkey_expansion_192b_warm:
+	shufps	$16,%xmm0,%xmm4
+	movdqa	%xmm2,%xmm3
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	pslldq	$4,%xmm3
+	xorps	%xmm4,%xmm0
+	pshufd	$85,%xmm1,%xmm1
+	pxor	%xmm3,%xmm2
+	pxor	%xmm1,%xmm0
+	pshufd	$255,%xmm0,%xmm3
+	pxor	%xmm3,%xmm2
+	.byte	0xf3,0xc3
+
+.p2align	4
+.Lkey_expansion_192b:
+	movaps	%xmm0,%xmm3
+	shufps	$68,%xmm0,%xmm5
+	movups	%xmm5,(%rax)
+	shufps	$78,%xmm2,%xmm3
+	movups	%xmm3,16(%rax)
+	leaq	32(%rax),%rax
+	jmp	.Lkey_expansion_192b_warm
+
+.p2align	4
+.Lkey_expansion_256a:
+	movups	%xmm2,(%rax)
+	leaq	16(%rax),%rax
+.Lkey_expansion_256a_cold:
+	shufps	$16,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$255,%xmm1,%xmm1
+	xorps	%xmm1,%xmm0
+	.byte	0xf3,0xc3
+
+.p2align	4
+.Lkey_expansion_256b:
+	movups	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+
+	shufps	$16,%xmm2,%xmm4
+	xorps	%xmm4,%xmm2
+	shufps	$140,%xmm2,%xmm4
+	xorps	%xmm4,%xmm2
+	shufps	$170,%xmm1,%xmm1
+	xorps	%xmm1,%xmm2
+	.byte	0xf3,0xc3
+
+
+
+.p2align	6
+.Lbswap_mask:
+.byte	15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+.Lincrement32:
+.long	6,6,6,0
+.Lincrement64:
+.long	1,0,0,0
+.Lxts_magic:
+.long	0x87,0,1,0
+.Lincrement1:
+.byte	0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1
+.Lkey_rotate:
+.long	0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d
+.Lkey_rotate192:
+.long	0x04070605,0x04070605,0x04070605,0x04070605
+.Lkey_rcon1:
+.long	1,1,1,1
+.Lkey_rcon1b:
+.long	0x1b,0x1b,0x1b,0x1b
+
+.byte	65,69,83,32,102,111,114,32,73,110,116,101,108,32,65,69,83,45,78,73,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.p2align	6
+
+.def	ecb_ccm64_se_handler;	.scl 3;	.type 32;	.endef
+.p2align	4
+ecb_ccm64_se_handler:
+	pushq	%rsi
+	pushq	%rdi
+	pushq	%rbx
+	pushq	%rbp
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	pushfq
+	subq	$64,%rsp
+
+	movq	120(%r8),%rax
+	movq	248(%r8),%rbx
+
+	movq	8(%r9),%rsi
+	movq	56(%r9),%r11
+
+	movl	0(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jb	.Lcommon_seh_tail
+
+	movq	152(%r8),%rax
+
+	movl	4(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jae	.Lcommon_seh_tail
+
+	leaq	0(%rax),%rsi
+	leaq	512(%r8),%rdi
+	movl	$8,%ecx
+.long	0xa548f3fc
+	leaq	88(%rax),%rax
+
+	jmp	.Lcommon_seh_tail
+
+
+.def	ctr_xts_se_handler;	.scl 3;	.type 32;	.endef
+.p2align	4
+ctr_xts_se_handler:
+	pushq	%rsi
+	pushq	%rdi
+	pushq	%rbx
+	pushq	%rbp
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	pushfq
+	subq	$64,%rsp
+
+	movq	120(%r8),%rax
+	movq	248(%r8),%rbx
+
+	movq	8(%r9),%rsi
+	movq	56(%r9),%r11
+
+	movl	0(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jb	.Lcommon_seh_tail
+
+	movq	152(%r8),%rax
+
+	movl	4(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jae	.Lcommon_seh_tail
+
+	movq	208(%r8),%rax
+
+	leaq	-168(%rax),%rsi
+	leaq	512(%r8),%rdi
+	movl	$20,%ecx
+.long	0xa548f3fc
+
+	movq	-8(%rax),%rbp
+	movq	%rbp,160(%r8)
+	jmp	.Lcommon_seh_tail
+
+
+.def	ocb_se_handler;	.scl 3;	.type 32;	.endef
+.p2align	4
+ocb_se_handler:
+	pushq	%rsi
+	pushq	%rdi
+	pushq	%rbx
+	pushq	%rbp
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	pushfq
+	subq	$64,%rsp
+
+	movq	120(%r8),%rax
+	movq	248(%r8),%rbx
+
+	movq	8(%r9),%rsi
+	movq	56(%r9),%r11
+
+	movl	0(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jb	.Lcommon_seh_tail
+
+	movl	4(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jae	.Lcommon_seh_tail
+
+	movl	8(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jae	.Locb_no_xmm
+
+	movq	152(%r8),%rax
+
+	leaq	(%rax),%rsi
+	leaq	512(%r8),%rdi
+	movl	$20,%ecx
+.long	0xa548f3fc
+	leaq	160+40(%rax),%rax
+
+.Locb_no_xmm:
+	movq	-8(%rax),%rbx
+	movq	-16(%rax),%rbp
+	movq	-24(%rax),%r12
+	movq	-32(%rax),%r13
+	movq	-40(%rax),%r14
+
+	movq	%rbx,144(%r8)
+	movq	%rbp,160(%r8)
+	movq	%r12,216(%r8)
+	movq	%r13,224(%r8)
+	movq	%r14,232(%r8)
+
+	jmp	.Lcommon_seh_tail
+
+.def	cbc_se_handler;	.scl 3;	.type 32;	.endef
+.p2align	4
+cbc_se_handler:
+	pushq	%rsi
+	pushq	%rdi
+	pushq	%rbx
+	pushq	%rbp
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	pushfq
+	subq	$64,%rsp
+
+	movq	152(%r8),%rax
+	movq	248(%r8),%rbx
+
+	leaq	.Lcbc_decrypt_bulk(%rip),%r10
+	cmpq	%r10,%rbx
+	jb	.Lcommon_seh_tail
+
+	movq	120(%r8),%rax
+
+	leaq	.Lcbc_decrypt_body(%rip),%r10
+	cmpq	%r10,%rbx
+	jb	.Lcommon_seh_tail
+
+	movq	152(%r8),%rax
+
+	leaq	.Lcbc_ret(%rip),%r10
+	cmpq	%r10,%rbx
+	jae	.Lcommon_seh_tail
+
+	leaq	16(%rax),%rsi
+	leaq	512(%r8),%rdi
+	movl	$20,%ecx
+.long	0xa548f3fc
+
+	movq	208(%r8),%rax
+
+	movq	-8(%rax),%rbp
+	movq	%rbp,160(%r8)
+
+.Lcommon_seh_tail:
+	movq	8(%rax),%rdi
+	movq	16(%rax),%rsi
+	movq	%rax,152(%r8)
+	movq	%rsi,168(%r8)
+	movq	%rdi,176(%r8)
+
+	movq	40(%r9),%rdi
+	movq	%r8,%rsi
+	movl	$154,%ecx
+.long	0xa548f3fc
+
+	movq	%r9,%rsi
+	xorq	%rcx,%rcx
+	movq	8(%rsi),%rdx
+	movq	0(%rsi),%r8
+	movq	16(%rsi),%r9
+	movq	40(%rsi),%r10
+	leaq	56(%rsi),%r11
+	leaq	24(%rsi),%r12
+	movq	%r10,32(%rsp)
+	movq	%r11,40(%rsp)
+	movq	%r12,48(%rsp)
+	movq	%rcx,56(%rsp)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	movl	$1,%eax
+	addq	$64,%rsp
+	popfq
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbp
+	popq	%rbx
+	popq	%rdi
+	popq	%rsi
+	.byte	0xf3,0xc3
+
+
+.section	.pdata
+.p2align	2
+.rva	.LSEH_begin_aesni_ecb_encrypt
+.rva	.LSEH_end_aesni_ecb_encrypt
+.rva	.LSEH_info_ecb
+
+.rva	.LSEH_begin_aesni_ccm64_encrypt_blocks
+.rva	.LSEH_end_aesni_ccm64_encrypt_blocks
+.rva	.LSEH_info_ccm64_enc
+
+.rva	.LSEH_begin_aesni_ccm64_decrypt_blocks
+.rva	.LSEH_end_aesni_ccm64_decrypt_blocks
+.rva	.LSEH_info_ccm64_dec
+
+.rva	.LSEH_begin_aesni_ctr32_encrypt_blocks
+.rva	.LSEH_end_aesni_ctr32_encrypt_blocks
+.rva	.LSEH_info_ctr32
+
+.rva	.LSEH_begin_aesni_xts_encrypt
+.rva	.LSEH_end_aesni_xts_encrypt
+.rva	.LSEH_info_xts_enc
+
+.rva	.LSEH_begin_aesni_xts_decrypt
+.rva	.LSEH_end_aesni_xts_decrypt
+.rva	.LSEH_info_xts_dec
+
+.rva	.LSEH_begin_aesni_ocb_encrypt
+.rva	.LSEH_end_aesni_ocb_encrypt
+.rva	.LSEH_info_ocb_enc
+
+.rva	.LSEH_begin_aesni_ocb_decrypt
+.rva	.LSEH_end_aesni_ocb_decrypt
+.rva	.LSEH_info_ocb_dec
+.rva	.LSEH_begin_aesni_cbc_encrypt
+.rva	.LSEH_end_aesni_cbc_encrypt
+.rva	.LSEH_info_cbc
+
+.rva	aesni_set_decrypt_key
+.rva	.LSEH_end_set_decrypt_key
+.rva	.LSEH_info_key
+
+.rva	aesni_set_encrypt_key
+.rva	.LSEH_end_set_encrypt_key
+.rva	.LSEH_info_key
+.section	.xdata
+.p2align	3
+.LSEH_info_ecb:
+.byte	9,0,0,0
+.rva	ecb_ccm64_se_handler
+.rva	.Lecb_enc_body,.Lecb_enc_ret
+.LSEH_info_ccm64_enc:
+.byte	9,0,0,0
+.rva	ecb_ccm64_se_handler
+.rva	.Lccm64_enc_body,.Lccm64_enc_ret
+.LSEH_info_ccm64_dec:
+.byte	9,0,0,0
+.rva	ecb_ccm64_se_handler
+.rva	.Lccm64_dec_body,.Lccm64_dec_ret
+.LSEH_info_ctr32:
+.byte	9,0,0,0
+.rva	ctr_xts_se_handler
+.rva	.Lctr32_body,.Lctr32_epilogue
+.LSEH_info_xts_enc:
+.byte	9,0,0,0
+.rva	ctr_xts_se_handler
+.rva	.Lxts_enc_body,.Lxts_enc_epilogue
+.LSEH_info_xts_dec:
+.byte	9,0,0,0
+.rva	ctr_xts_se_handler
+.rva	.Lxts_dec_body,.Lxts_dec_epilogue
+.LSEH_info_ocb_enc:
+.byte	9,0,0,0
+.rva	ocb_se_handler
+.rva	.Locb_enc_body,.Locb_enc_epilogue
+.rva	.Locb_enc_pop
+.long	0
+.LSEH_info_ocb_dec:
+.byte	9,0,0,0
+.rva	ocb_se_handler
+.rva	.Locb_dec_body,.Locb_dec_epilogue
+.rva	.Locb_dec_pop
+.long	0
+.LSEH_info_cbc:
+.byte	9,0,0,0
+.rva	cbc_se_handler
+.LSEH_info_key:
+.byte	0x01,0x04,0x01,0x00
+.byte	0x04,0x02,0x00,0x00
+
diff --git a/lib/accelerated/x86/coff/e_padlock-x86.s b/lib/accelerated/x86/coff/e_padlock-x86.s
new file mode 100644
index 0000000..41f87b1
--- /dev/null
+++ b/lib/accelerated/x86/coff/e_padlock-x86.s
@@ -0,0 +1,1062 @@
+# Copyright (c) 2011-2013, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.file	"devel/perlasm/e_padlock-x86.s"
+.text
+.globl	_padlock_capability
+.def	_padlock_capability;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_capability:
+.L_padlock_capability_begin:
+	pushl	%ebx
+	pushfl
+	popl	%eax
+	movl	%eax,%ecx
+	xorl	$2097152,%eax
+	pushl	%eax
+	popfl
+	pushfl
+	popl	%eax
+	xorl	%eax,%ecx
+	xorl	%eax,%eax
+	btl	$21,%ecx
+	jnc	.L000noluck
+	.byte	0x0f,0xa2
+	xorl	%eax,%eax
+	cmpl	$0x746e6543,%ebx
+	jne	.L000noluck
+	cmpl	$0x48727561,%edx
+	jne	.L000noluck
+	cmpl	$0x736c7561,%ecx
+	jne	.L000noluck
+	movl	$3221225472,%eax
+	.byte	0x0f,0xa2
+	movl	%eax,%edx
+	xorl	%eax,%eax
+	cmpl	$3221225473,%edx
+	jb	.L000noluck
+	movl	$1,%eax
+	.byte	0x0f,0xa2
+	orl	$15,%eax
+	xorl	%ebx,%ebx
+	andl	$4095,%eax
+	cmpl	$1791,%eax
+	sete	%bl
+	movl	$3221225473,%eax
+	pushl	%ebx
+	.byte	0x0f,0xa2
+	popl	%ebx
+	movl	%edx,%eax
+	shll	$4,%ebx
+	andl	$4294967279,%eax
+	orl	%ebx,%eax
+.L000noluck:
+	popl	%ebx
+	ret
+.globl	_padlock_key_bswap
+.def	_padlock_key_bswap;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_key_bswap:
+.L_padlock_key_bswap_begin:
+	movl	4(%esp),%edx
+	movl	240(%edx),%ecx
+.L001bswap_loop:
+	movl	(%edx),%eax
+	bswap	%eax
+	movl	%eax,(%edx)
+	leal	4(%edx),%edx
+	subl	$1,%ecx
+	jnz	.L001bswap_loop
+	ret
+.globl	_padlock_verify_context
+.def	_padlock_verify_context;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_verify_context:
+.L_padlock_verify_context_begin:
+	movl	4(%esp),%edx
+	leal	.Lpadlock_saved_context,%eax
+	pushfl
+	call	__padlock_verify_ctx
+.L002verify_pic_point:
+	leal	4(%esp),%esp
+	ret
+.def	__padlock_verify_ctx;	.scl	3;	.type	32;	.endef
+.align	16
+__padlock_verify_ctx:
+	btl	$30,4(%esp)
+	jnc	.L003verified
+	cmpl	(%eax),%edx
+	je	.L003verified
+	pushfl
+	popfl
+.L003verified:
+	movl	%edx,(%eax)
+	ret
+.globl	_padlock_reload_key
+.def	_padlock_reload_key;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_reload_key:
+.L_padlock_reload_key_begin:
+	pushfl
+	popfl
+	ret
+.globl	_padlock_aes_block
+.def	_padlock_aes_block;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_aes_block:
+.L_padlock_aes_block_begin:
+	pushl	%edi
+	pushl	%esi
+	pushl	%ebx
+	movl	16(%esp),%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edx
+	movl	$1,%ecx
+	leal	32(%edx),%ebx
+	leal	16(%edx),%edx
+.byte	243,15,167,200
+	popl	%ebx
+	popl	%esi
+	popl	%edi
+	ret
+.globl	_padlock_ecb_encrypt
+.def	_padlock_ecb_encrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_ecb_encrypt:
+.L_padlock_ecb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	.L004ecb_abort
+	testl	$15,%ecx
+	jnz	.L004ecb_abort
+	leal	.Lpadlock_saved_context,%eax
+	pushfl
+	cld
+	call	__padlock_verify_ctx
+.L005ecb_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%edx)
+	jnz	.L006ecb_aligned
+	testl	$15,%edi
+	setz	%al
+	testl	$15,%esi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.L006ecb_aligned
+	negl	%eax
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	cmpl	%ebx,%ecx
+	ja	.L007ecb_loop
+	movl	%esi,%eax
+	cmpl	%esp,%ebp
+	cmovel	%edi,%eax
+	addl	%ecx,%eax
+	negl	%eax
+	andl	$4095,%eax
+	cmpl	$128,%eax
+	movl	$-128,%eax
+	cmovael	%ebx,%eax
+	andl	%eax,%ebx
+	jz	.L008ecb_unaligned_tail
+	jmp	.L007ecb_loop
+.align	16
+.L007ecb_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	testl	$15,%edi
+	cmovnzl	%esp,%edi
+	testl	$15,%esi
+	jz	.L009ecb_inp_aligned
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+.L009ecb_inp_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,200
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	testl	$15,%edi
+	jz	.L010ecb_out_aligned
+	movl	%ebx,%ecx
+	leal	(%esp),%esi
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+.L010ecb_out_aligned:
+	movl	4(%ebp),%esi
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jz	.L011ecb_break
+	cmpl	%ebx,%ecx
+	jae	.L007ecb_loop
+.L008ecb_unaligned_tail:
+	xorl	%eax,%eax
+	cmpl	%ebp,%esp
+	cmovel	%ecx,%eax
+	subl	%eax,%esp
+	movl	%edi,%eax
+	movl	%ecx,%ebx
+	shrl	$2,%ecx
+	leal	(%esp),%edi
+.byte	243,165
+	movl	%esp,%esi
+	movl	%eax,%edi
+	movl	%ebx,%ecx
+	jmp	.L007ecb_loop
+.align	16
+.L011ecb_break:
+	cmpl	%ebp,%esp
+	je	.L012ecb_done
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+.L013ecb_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	.L013ecb_bzero
+.L012ecb_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	jmp	.L014ecb_exit
+.align	16
+.L006ecb_aligned:
+	leal	(%esi,%ecx,1),%ebp
+	negl	%ebp
+	andl	$4095,%ebp
+	xorl	%eax,%eax
+	cmpl	$128,%ebp
+	movl	$127,%ebp
+	cmovael	%eax,%ebp
+	andl	%ecx,%ebp
+	subl	%ebp,%ecx
+	jz	.L015ecb_aligned_tail
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,200
+	testl	%ebp,%ebp
+	jz	.L014ecb_exit
+.L015ecb_aligned_tail:
+	movl	%ebp,%ecx
+	leal	-24(%esp),%ebp
+	movl	%ebp,%esp
+	movl	%ebp,%eax
+	subl	%ecx,%esp
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	movl	%edi,%eax
+	movl	%ecx,%ebx
+	shrl	$2,%ecx
+	leal	(%esp),%edi
+.byte	243,165
+	movl	%esp,%esi
+	movl	%eax,%edi
+	movl	%ebx,%ecx
+	jmp	.L007ecb_loop
+.L014ecb_exit:
+	movl	$1,%eax
+	leal	4(%esp),%esp
+.L004ecb_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_padlock_cbc_encrypt
+.def	_padlock_cbc_encrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_cbc_encrypt:
+.L_padlock_cbc_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	.L016cbc_abort
+	testl	$15,%ecx
+	jnz	.L016cbc_abort
+	leal	.Lpadlock_saved_context,%eax
+	pushfl
+	cld
+	call	__padlock_verify_ctx
+.L017cbc_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%edx)
+	jnz	.L018cbc_aligned
+	testl	$15,%edi
+	setz	%al
+	testl	$15,%esi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.L018cbc_aligned
+	negl	%eax
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	cmpl	%ebx,%ecx
+	ja	.L019cbc_loop
+	movl	%esi,%eax
+	cmpl	%esp,%ebp
+	cmovel	%edi,%eax
+	addl	%ecx,%eax
+	negl	%eax
+	andl	$4095,%eax
+	cmpl	$64,%eax
+	movl	$-64,%eax
+	cmovael	%ebx,%eax
+	andl	%eax,%ebx
+	jz	.L020cbc_unaligned_tail
+	jmp	.L019cbc_loop
+.align	16
+.L019cbc_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	testl	$15,%edi
+	cmovnzl	%esp,%edi
+	testl	$15,%esi
+	jz	.L021cbc_inp_aligned
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+.L021cbc_inp_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,208
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	testl	$15,%edi
+	jz	.L022cbc_out_aligned
+	movl	%ebx,%ecx
+	leal	(%esp),%esi
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+.L022cbc_out_aligned:
+	movl	4(%ebp),%esi
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jz	.L023cbc_break
+	cmpl	%ebx,%ecx
+	jae	.L019cbc_loop
+.L020cbc_unaligned_tail:
+	xorl	%eax,%eax
+	cmpl	%ebp,%esp
+	cmovel	%ecx,%eax
+	subl	%eax,%esp
+	movl	%edi,%eax
+	movl	%ecx,%ebx
+	shrl	$2,%ecx
+	leal	(%esp),%edi
+.byte	243,165
+	movl	%esp,%esi
+	movl	%eax,%edi
+	movl	%ebx,%ecx
+	jmp	.L019cbc_loop
+.align	16
+.L023cbc_break:
+	cmpl	%ebp,%esp
+	je	.L024cbc_done
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+.L025cbc_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	.L025cbc_bzero
+.L024cbc_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	jmp	.L026cbc_exit
+.align	16
+.L018cbc_aligned:
+	leal	(%esi,%ecx,1),%ebp
+	negl	%ebp
+	andl	$4095,%ebp
+	xorl	%eax,%eax
+	cmpl	$64,%ebp
+	movl	$63,%ebp
+	cmovael	%eax,%ebp
+	andl	%ecx,%ebp
+	subl	%ebp,%ecx
+	jz	.L027cbc_aligned_tail
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,208
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+	testl	%ebp,%ebp
+	jz	.L026cbc_exit
+.L027cbc_aligned_tail:
+	movl	%ebp,%ecx
+	leal	-24(%esp),%ebp
+	movl	%ebp,%esp
+	movl	%ebp,%eax
+	subl	%ecx,%esp
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	movl	%edi,%eax
+	movl	%ecx,%ebx
+	shrl	$2,%ecx
+	leal	(%esp),%edi
+.byte	243,165
+	movl	%esp,%esi
+	movl	%eax,%edi
+	movl	%ebx,%ecx
+	jmp	.L019cbc_loop
+.L026cbc_exit:
+	movl	$1,%eax
+	leal	4(%esp),%esp
+.L016cbc_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_padlock_cfb_encrypt
+.def	_padlock_cfb_encrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_cfb_encrypt:
+.L_padlock_cfb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	.L028cfb_abort
+	testl	$15,%ecx
+	jnz	.L028cfb_abort
+	leal	.Lpadlock_saved_context,%eax
+	pushfl
+	cld
+	call	__padlock_verify_ctx
+.L029cfb_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%edx)
+	jnz	.L030cfb_aligned
+	testl	$15,%edi
+	setz	%al
+	testl	$15,%esi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.L030cfb_aligned
+	negl	%eax
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	jmp	.L031cfb_loop
+.align	16
+.L031cfb_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	testl	$15,%edi
+	cmovnzl	%esp,%edi
+	testl	$15,%esi
+	jz	.L032cfb_inp_aligned
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+.L032cfb_inp_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,224
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	testl	$15,%edi
+	jz	.L033cfb_out_aligned
+	movl	%ebx,%ecx
+	leal	(%esp),%esi
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+.L033cfb_out_aligned:
+	movl	4(%ebp),%esi
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jnz	.L031cfb_loop
+	cmpl	%ebp,%esp
+	je	.L034cfb_done
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+.L035cfb_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	.L035cfb_bzero
+.L034cfb_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	jmp	.L036cfb_exit
+.align	16
+.L030cfb_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,224
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+.L036cfb_exit:
+	movl	$1,%eax
+	leal	4(%esp),%esp
+.L028cfb_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_padlock_ofb_encrypt
+.def	_padlock_ofb_encrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_ofb_encrypt:
+.L_padlock_ofb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	.L037ofb_abort
+	testl	$15,%ecx
+	jnz	.L037ofb_abort
+	leal	.Lpadlock_saved_context,%eax
+	pushfl
+	cld
+	call	__padlock_verify_ctx
+.L038ofb_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%edx)
+	jnz	.L039ofb_aligned
+	testl	$15,%edi
+	setz	%al
+	testl	$15,%esi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.L039ofb_aligned
+	negl	%eax
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	jmp	.L040ofb_loop
+.align	16
+.L040ofb_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	testl	$15,%edi
+	cmovnzl	%esp,%edi
+	testl	$15,%esi
+	jz	.L041ofb_inp_aligned
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+.L041ofb_inp_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,232
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	testl	$15,%edi
+	jz	.L042ofb_out_aligned
+	movl	%ebx,%ecx
+	leal	(%esp),%esi
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+.L042ofb_out_aligned:
+	movl	4(%ebp),%esi
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jnz	.L040ofb_loop
+	cmpl	%ebp,%esp
+	je	.L043ofb_done
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+.L044ofb_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	.L044ofb_bzero
+.L043ofb_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	jmp	.L045ofb_exit
+.align	16
+.L039ofb_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,232
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+.L045ofb_exit:
+	movl	$1,%eax
+	leal	4(%esp),%esp
+.L037ofb_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_padlock_ctr32_encrypt
+.def	_padlock_ctr32_encrypt;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_ctr32_encrypt:
+.L_padlock_ctr32_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	.L046ctr32_abort
+	testl	$15,%ecx
+	jnz	.L046ctr32_abort
+	leal	.Lpadlock_saved_context,%eax
+	pushfl
+	cld
+	call	__padlock_verify_ctx
+.L047ctr32_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	movq	-16(%edx),%mm0
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	jmp	.L048ctr32_loop
+.align	16
+.L048ctr32_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	movl	-4(%edx),%ecx
+	xorl	%edi,%edi
+	movl	-8(%edx),%eax
+.L049ctr32_prepare:
+	movl	%ecx,12(%esp,%edi,1)
+	bswap	%ecx
+	movq	%mm0,(%esp,%edi,1)
+	incl	%ecx
+	movl	%eax,8(%esp,%edi,1)
+	bswap	%ecx
+	leal	16(%edi),%edi
+	cmpl	%ebx,%edi
+	jb	.L049ctr32_prepare
+	movl	%ecx,-4(%edx)
+	leal	(%esp),%esi
+	leal	(%esp),%edi
+	movl	%ebx,%ecx
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,200
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	movl	4(%ebp),%esi
+	xorl	%ecx,%ecx
+.L050ctr32_xor:
+	movups	(%esi,%ecx,1),%xmm1
+	leal	16(%ecx),%ecx
+	pxor	-16(%esp,%ecx,1),%xmm1
+	movups	%xmm1,-16(%edi,%ecx,1)
+	cmpl	%ebx,%ecx
+	jb	.L050ctr32_xor
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jnz	.L048ctr32_loop
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+.L051ctr32_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	.L051ctr32_bzero
+.L052ctr32_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	movl	$1,%eax
+	leal	4(%esp),%esp
+	emms
+.L046ctr32_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_padlock_xstore
+.def	_padlock_xstore;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_xstore:
+.L_padlock_xstore_begin:
+	pushl	%edi
+	movl	8(%esp),%edi
+	movl	12(%esp),%edx
+.byte	15,167,192
+	popl	%edi
+	ret
+.def	__win32_segv_handler;	.scl	3;	.type	32;	.endef
+.align	16
+__win32_segv_handler:
+	movl	$1,%eax
+	movl	4(%esp),%edx
+	movl	12(%esp),%ecx
+	cmpl	$3221225477,(%edx)
+	jne	.L053ret
+	addl	$4,184(%ecx)
+	movl	$0,%eax
+.L053ret:
+	ret
+.globl	_padlock_sha1_oneshot
+.def	_padlock_sha1_oneshot;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_sha1_oneshot:
+.L_padlock_sha1_oneshot_begin:
+	pushl	%edi
+	pushl	%esi
+	xorl	%eax,%eax
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	20(%esp),%ecx
+	pushl	__win32_segv_handler
+.byte	100,255,48
+.byte	100,137,32
+	movl	%esp,%edx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movl	16(%edi),%eax
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movl	%eax,16(%esp)
+	xorl	%eax,%eax
+.byte	243,15,166,200
+	movaps	(%esp),%xmm0
+	movl	16(%esp),%eax
+	movl	%edx,%esp
+.byte	100,143,5,0,0,0,0
+	leal	4(%esp),%esp
+	movl	16(%esp),%edi
+	movups	%xmm0,(%edi)
+	movl	%eax,16(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.globl	_padlock_sha1_blocks
+.def	_padlock_sha1_blocks;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_sha1_blocks:
+.L_padlock_sha1_blocks_begin:
+	pushl	%edi
+	pushl	%esi
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	%esp,%edx
+	movl	20(%esp),%ecx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movl	16(%edi),%eax
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movl	%eax,16(%esp)
+	movl	$-1,%eax
+.byte	243,15,166,200
+	movaps	(%esp),%xmm0
+	movl	16(%esp),%eax
+	movl	%edx,%esp
+	movl	12(%esp),%edi
+	movups	%xmm0,(%edi)
+	movl	%eax,16(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.globl	_padlock_sha256_oneshot
+.def	_padlock_sha256_oneshot;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_sha256_oneshot:
+.L_padlock_sha256_oneshot_begin:
+	pushl	%edi
+	pushl	%esi
+	xorl	%eax,%eax
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	20(%esp),%ecx
+	pushl	__win32_segv_handler
+.byte	100,255,48
+.byte	100,137,32
+	movl	%esp,%edx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movups	16(%edi),%xmm1
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movaps	%xmm1,16(%esp)
+	xorl	%eax,%eax
+.byte	243,15,166,208
+	movaps	(%esp),%xmm0
+	movaps	16(%esp),%xmm1
+	movl	%edx,%esp
+.byte	100,143,5,0,0,0,0
+	leal	4(%esp),%esp
+	movl	16(%esp),%edi
+	movups	%xmm0,(%edi)
+	movups	%xmm1,16(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.globl	_padlock_sha256_blocks
+.def	_padlock_sha256_blocks;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_sha256_blocks:
+.L_padlock_sha256_blocks_begin:
+	pushl	%edi
+	pushl	%esi
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	20(%esp),%ecx
+	movl	%esp,%edx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movups	16(%edi),%xmm1
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movaps	%xmm1,16(%esp)
+	movl	$-1,%eax
+.byte	243,15,166,208
+	movaps	(%esp),%xmm0
+	movaps	16(%esp),%xmm1
+	movl	%edx,%esp
+	movl	12(%esp),%edi
+	movups	%xmm0,(%edi)
+	movups	%xmm1,16(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.globl	_padlock_sha512_blocks
+.def	_padlock_sha512_blocks;	.scl	2;	.type	32;	.endef
+.align	16
+_padlock_sha512_blocks:
+.L_padlock_sha512_blocks_begin:
+	pushl	%edi
+	pushl	%esi
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	20(%esp),%ecx
+	movl	%esp,%edx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movups	16(%edi),%xmm1
+	movups	32(%edi),%xmm2
+	movups	48(%edi),%xmm3
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movaps	%xmm1,16(%esp)
+	movaps	%xmm2,32(%esp)
+	movaps	%xmm3,48(%esp)
+.byte	243,15,166,224
+	movaps	(%esp),%xmm0
+	movaps	16(%esp),%xmm1
+	movaps	32(%esp),%xmm2
+	movaps	48(%esp),%xmm3
+	movl	%edx,%esp
+	movl	12(%esp),%edi
+	movups	%xmm0,(%edi)
+	movups	%xmm1,16(%edi)
+	movups	%xmm2,32(%edi)
+	movups	%xmm3,48(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.byte	86,73,65,32,80,97,100,108,111,99,107,32,120,56,54,32
+.byte	109,111,100,117,108,101,44,32,67,82,89,80,84,79,71,65
+.byte	77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101
+.byte	110,115,115,108,46,111,114,103,62,0
+.align	16
+.data
+.align	4
+.Lpadlock_saved_context:
+.long	0
+
diff --git a/lib/accelerated/x86/coff/e_padlock-x86_64.s b/lib/accelerated/x86/coff/e_padlock-x86_64.s
new file mode 100644
index 0000000..7edee19
--- /dev/null
+++ b/lib/accelerated/x86/coff/e_padlock-x86_64.s
@@ -0,0 +1,1190 @@
+# Copyright (c) 2011-2013, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+.globl	padlock_capability
+.def	padlock_capability;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_capability:
+	movq	%rbx,%r8
+	xorl	%eax,%eax
+	cpuid
+	xorl	%eax,%eax
+	cmpl	$1953391939,%ebx
+	jne	.Lnoluck
+	cmpl	$1215460705,%edx
+	jne	.Lnoluck
+	cmpl	$1936487777,%ecx
+	jne	.Lnoluck
+	movl	$3221225472,%eax
+	cpuid
+	movl	%eax,%edx
+	xorl	%eax,%eax
+	cmpl	$3221225473,%edx
+	jb	.Lnoluck
+	movl	$3221225473,%eax
+	cpuid
+	movl	%edx,%eax
+	andl	$4294967279,%eax
+	orl	$16,%eax
+.Lnoluck:
+	movq	%r8,%rbx
+	.byte	0xf3,0xc3
+
+
+.globl	padlock_key_bswap
+.def	padlock_key_bswap;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_key_bswap:
+	movl	240(%rcx),%edx
+.Lbswap_loop:
+	movl	(%rcx),%eax
+	bswapl	%eax
+	movl	%eax,(%rcx)
+	leaq	4(%rcx),%rcx
+	subl	$1,%edx
+	jnz	.Lbswap_loop
+	.byte	0xf3,0xc3
+
+
+.globl	padlock_verify_context
+.def	padlock_verify_context;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_verify_context:
+	movq	%rcx,%rdx
+	pushf
+	leaq	.Lpadlock_saved_context(%rip),%rax
+	call	_padlock_verify_ctx
+	leaq	8(%rsp),%rsp
+	.byte	0xf3,0xc3
+
+
+.def	_padlock_verify_ctx;	.scl 3;	.type 32;	.endef
+.p2align	4
+_padlock_verify_ctx:
+	movq	8(%rsp),%r8
+	btq	$30,%r8
+	jnc	.Lverified
+	cmpq	(%rax),%rdx
+	je	.Lverified
+	pushf
+	popf
+.Lverified:
+	movq	%rdx,(%rax)
+	.byte	0xf3,0xc3
+
+
+.globl	padlock_reload_key
+.def	padlock_reload_key;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_reload_key:
+	pushf
+	popf
+	.byte	0xf3,0xc3
+
+
+.globl	padlock_aes_block
+.def	padlock_aes_block;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_aes_block:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_padlock_aes_block:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+	movq	%rbx,%r8
+	movq	$1,%rcx
+	leaq	32(%rdx),%rbx
+	leaq	16(%rdx),%rdx
+.byte	0xf3,0x0f,0xa7,0xc8	
+	movq	%r8,%rbx
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+.LSEH_end_padlock_aes_block:
+
+.globl	padlock_xstore
+.def	padlock_xstore;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_xstore:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_padlock_xstore:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+
+	movl	%esi,%edx
+.byte	0x0f,0xa7,0xc0		
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+.LSEH_end_padlock_xstore:
+
+.globl	padlock_sha1_oneshot
+.def	padlock_sha1_oneshot;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_sha1_oneshot:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_padlock_sha1_oneshot:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movl	16(%rdi),%eax
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movl	%eax,16(%rsp)
+	xorq	%rax,%rax
+.byte	0xf3,0x0f,0xa6,0xc8	
+	movaps	(%rsp),%xmm0
+	movl	16(%rsp),%eax
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movl	%eax,16(%rdx)
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+.LSEH_end_padlock_sha1_oneshot:
+
+.globl	padlock_sha1_blocks
+.def	padlock_sha1_blocks;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_sha1_blocks:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_padlock_sha1_blocks:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movl	16(%rdi),%eax
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movl	%eax,16(%rsp)
+	movq	$-1,%rax
+.byte	0xf3,0x0f,0xa6,0xc8	
+	movaps	(%rsp),%xmm0
+	movl	16(%rsp),%eax
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movl	%eax,16(%rdx)
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+.LSEH_end_padlock_sha1_blocks:
+
+.globl	padlock_sha256_oneshot
+.def	padlock_sha256_oneshot;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_sha256_oneshot:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_padlock_sha256_oneshot:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movups	16(%rdi),%xmm1
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movaps	%xmm1,16(%rsp)
+	xorq	%rax,%rax
+.byte	0xf3,0x0f,0xa6,0xd0	
+	movaps	(%rsp),%xmm0
+	movaps	16(%rsp),%xmm1
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movups	%xmm1,16(%rdx)
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+.LSEH_end_padlock_sha256_oneshot:
+
+.globl	padlock_sha256_blocks
+.def	padlock_sha256_blocks;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_sha256_blocks:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_padlock_sha256_blocks:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movups	16(%rdi),%xmm1
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movaps	%xmm1,16(%rsp)
+	movq	$-1,%rax
+.byte	0xf3,0x0f,0xa6,0xd0	
+	movaps	(%rsp),%xmm0
+	movaps	16(%rsp),%xmm1
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movups	%xmm1,16(%rdx)
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+.LSEH_end_padlock_sha256_blocks:
+
+.globl	padlock_sha512_blocks
+.def	padlock_sha512_blocks;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_sha512_blocks:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_padlock_sha512_blocks:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movups	16(%rdi),%xmm1
+	movups	32(%rdi),%xmm2
+	movups	48(%rdi),%xmm3
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movaps	%xmm1,16(%rsp)
+	movaps	%xmm2,32(%rsp)
+	movaps	%xmm3,48(%rsp)
+.byte	0xf3,0x0f,0xa6,0xe0	
+	movaps	(%rsp),%xmm0
+	movaps	16(%rsp),%xmm1
+	movaps	32(%rsp),%xmm2
+	movaps	48(%rsp),%xmm3
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movups	%xmm1,16(%rdx)
+	movups	%xmm2,32(%rdx)
+	movups	%xmm3,48(%rdx)
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+.LSEH_end_padlock_sha512_blocks:
+.globl	padlock_ecb_encrypt
+.def	padlock_ecb_encrypt;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_ecb_encrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_padlock_ecb_encrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	.Lecb_abort
+	testq	$15,%rcx
+	jnz	.Lecb_abort
+	leaq	.Lpadlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	.Lecb_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.Lecb_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+	cmpq	%rbx,%rcx
+	ja	.Lecb_loop
+	movq	%rsi,%rax
+	cmpq	%rsp,%rbp
+	cmoveq	%rdi,%rax
+	addq	%rcx,%rax
+	negq	%rax
+	andq	$4095,%rax
+	cmpq	$128,%rax
+	movq	$-128,%rax
+	cmovaeq	%rbx,%rax
+	andq	%rax,%rbx
+	jz	.Lecb_unaligned_tail
+	jmp	.Lecb_loop
+.p2align	4
+.Lecb_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	.Lecb_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+.Lecb_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,200	
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	.Lecb_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+.Lecb_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jz	.Lecb_break
+	cmpq	%rbx,%rcx
+	jae	.Lecb_loop
+.Lecb_unaligned_tail:
+	xorl	%eax,%eax
+	cmpq	%rsp,%rbp
+	cmoveq	%rcx,%rax
+	movq	%rdi,%r8
+	movq	%rcx,%rbx
+	subq	%rax,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	movq	%rsp,%rsi
+	movq	%r8,%rdi
+	movq	%rbx,%rcx
+	jmp	.Lecb_loop
+.p2align	4
+.Lecb_break:
+	cmpq	%rbp,%rsp
+	je	.Lecb_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+.Lecb_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	.Lecb_bzero
+
+.Lecb_done:
+	leaq	(%rbp),%rsp
+	jmp	.Lecb_exit
+
+.p2align	4
+.Lecb_aligned:
+	leaq	(%rsi,%rcx,1),%rbp
+	negq	%rbp
+	andq	$4095,%rbp
+	xorl	%eax,%eax
+	cmpq	$128,%rbp
+	movq	$128-1,%rbp
+	cmovaeq	%rax,%rbp
+	andq	%rcx,%rbp
+	subq	%rbp,%rcx
+	jz	.Lecb_aligned_tail
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,200	
+	testq	%rbp,%rbp
+	jz	.Lecb_exit
+
+.Lecb_aligned_tail:
+	movq	%rdi,%r8
+	movq	%rbp,%rbx
+	movq	%rbp,%rcx
+	leaq	(%rsp),%rbp
+	subq	%rcx,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	leaq	(%r8),%rdi
+	leaq	(%rsp),%rsi
+	movq	%rbx,%rcx
+	jmp	.Lecb_loop
+.Lecb_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+.Lecb_abort:
+	popq	%rbx
+	popq	%rbp
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+.LSEH_end_padlock_ecb_encrypt:
+.globl	padlock_cbc_encrypt
+.def	padlock_cbc_encrypt;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_cbc_encrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_padlock_cbc_encrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	.Lcbc_abort
+	testq	$15,%rcx
+	jnz	.Lcbc_abort
+	leaq	.Lpadlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	.Lcbc_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.Lcbc_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+	cmpq	%rbx,%rcx
+	ja	.Lcbc_loop
+	movq	%rsi,%rax
+	cmpq	%rsp,%rbp
+	cmoveq	%rdi,%rax
+	addq	%rcx,%rax
+	negq	%rax
+	andq	$4095,%rax
+	cmpq	$64,%rax
+	movq	$-64,%rax
+	cmovaeq	%rbx,%rax
+	andq	%rax,%rbx
+	jz	.Lcbc_unaligned_tail
+	jmp	.Lcbc_loop
+.p2align	4
+.Lcbc_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	.Lcbc_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+.Lcbc_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,208	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	.Lcbc_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+.Lcbc_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jz	.Lcbc_break
+	cmpq	%rbx,%rcx
+	jae	.Lcbc_loop
+.Lcbc_unaligned_tail:
+	xorl	%eax,%eax
+	cmpq	%rsp,%rbp
+	cmoveq	%rcx,%rax
+	movq	%rdi,%r8
+	movq	%rcx,%rbx
+	subq	%rax,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	movq	%rsp,%rsi
+	movq	%r8,%rdi
+	movq	%rbx,%rcx
+	jmp	.Lcbc_loop
+.p2align	4
+.Lcbc_break:
+	cmpq	%rbp,%rsp
+	je	.Lcbc_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+.Lcbc_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	.Lcbc_bzero
+
+.Lcbc_done:
+	leaq	(%rbp),%rsp
+	jmp	.Lcbc_exit
+
+.p2align	4
+.Lcbc_aligned:
+	leaq	(%rsi,%rcx,1),%rbp
+	negq	%rbp
+	andq	$4095,%rbp
+	xorl	%eax,%eax
+	cmpq	$64,%rbp
+	movq	$64-1,%rbp
+	cmovaeq	%rax,%rbp
+	andq	%rcx,%rbp
+	subq	%rbp,%rcx
+	jz	.Lcbc_aligned_tail
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,208	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+	testq	%rbp,%rbp
+	jz	.Lcbc_exit
+
+.Lcbc_aligned_tail:
+	movq	%rdi,%r8
+	movq	%rbp,%rbx
+	movq	%rbp,%rcx
+	leaq	(%rsp),%rbp
+	subq	%rcx,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	leaq	(%r8),%rdi
+	leaq	(%rsp),%rsi
+	movq	%rbx,%rcx
+	jmp	.Lcbc_loop
+.Lcbc_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+.Lcbc_abort:
+	popq	%rbx
+	popq	%rbp
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+.LSEH_end_padlock_cbc_encrypt:
+.globl	padlock_cfb_encrypt
+.def	padlock_cfb_encrypt;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_cfb_encrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_padlock_cfb_encrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	.Lcfb_abort
+	testq	$15,%rcx
+	jnz	.Lcfb_abort
+	leaq	.Lpadlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	.Lcfb_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.Lcfb_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+	jmp	.Lcfb_loop
+.p2align	4
+.Lcfb_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	.Lcfb_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+.Lcfb_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,224	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	.Lcfb_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+.Lcfb_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jnz	.Lcfb_loop
+	cmpq	%rbp,%rsp
+	je	.Lcfb_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+.Lcfb_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	.Lcfb_bzero
+
+.Lcfb_done:
+	leaq	(%rbp),%rsp
+	jmp	.Lcfb_exit
+
+.p2align	4
+.Lcfb_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,224	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+.Lcfb_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+.Lcfb_abort:
+	popq	%rbx
+	popq	%rbp
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+.LSEH_end_padlock_cfb_encrypt:
+.globl	padlock_ofb_encrypt
+.def	padlock_ofb_encrypt;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_ofb_encrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_padlock_ofb_encrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	.Lofb_abort
+	testq	$15,%rcx
+	jnz	.Lofb_abort
+	leaq	.Lpadlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	.Lofb_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.Lofb_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+	jmp	.Lofb_loop
+.p2align	4
+.Lofb_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	.Lofb_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+.Lofb_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,232	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	.Lofb_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+.Lofb_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jnz	.Lofb_loop
+	cmpq	%rbp,%rsp
+	je	.Lofb_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+.Lofb_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	.Lofb_bzero
+
+.Lofb_done:
+	leaq	(%rbp),%rsp
+	jmp	.Lofb_exit
+
+.p2align	4
+.Lofb_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,232	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+.Lofb_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+.Lofb_abort:
+	popq	%rbx
+	popq	%rbp
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+.LSEH_end_padlock_ofb_encrypt:
+.globl	padlock_ctr32_encrypt
+.def	padlock_ctr32_encrypt;	.scl 2;	.type 32;	.endef
+.p2align	4
+padlock_ctr32_encrypt:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_padlock_ctr32_encrypt:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	.Lctr32_abort
+	testq	$15,%rcx
+	jnz	.Lctr32_abort
+	leaq	.Lpadlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	.Lctr32_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.Lctr32_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+.Lctr32_reenter:
+	movl	-4(%rdx),%eax
+	bswapl	%eax
+	negl	%eax
+	andl	$31,%eax
+	movq	$512,%rbx
+	shll	$4,%eax
+	cmovzq	%rbx,%rax
+	cmpq	%rax,%rcx
+	cmovaq	%rax,%rbx
+	cmovbeq	%rcx,%rbx
+	cmpq	%rbx,%rcx
+	ja	.Lctr32_loop
+	movq	%rsi,%rax
+	cmpq	%rsp,%rbp
+	cmoveq	%rdi,%rax
+	addq	%rcx,%rax
+	negq	%rax
+	andq	$4095,%rax
+	cmpq	$32,%rax
+	movq	$-32,%rax
+	cmovaeq	%rbx,%rax
+	andq	%rax,%rbx
+	jz	.Lctr32_unaligned_tail
+	jmp	.Lctr32_loop
+.p2align	4
+.Lctr32_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	.Lctr32_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+.Lctr32_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,216	
+	movl	-4(%rdx),%eax
+	testl	$4294901760,%eax
+	jnz	.Lctr32_no_carry
+	bswapl	%eax
+	addl	$65536,%eax
+	bswapl	%eax
+	movl	%eax,-4(%rdx)
+.Lctr32_no_carry:
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	.Lctr32_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+.Lctr32_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jz	.Lctr32_break
+	cmpq	%rbx,%rcx
+	jae	.Lctr32_loop
+	movq	%rcx,%rbx
+	movq	%rsi,%rax
+	cmpq	%rsp,%rbp
+	cmoveq	%rdi,%rax
+	addq	%rcx,%rax
+	negq	%rax
+	andq	$4095,%rax
+	cmpq	$32,%rax
+	movq	$-32,%rax
+	cmovaeq	%rbx,%rax
+	andq	%rax,%rbx
+	jnz	.Lctr32_loop
+.Lctr32_unaligned_tail:
+	xorl	%eax,%eax
+	cmpq	%rsp,%rbp
+	cmoveq	%rcx,%rax
+	movq	%rdi,%r8
+	movq	%rcx,%rbx
+	subq	%rax,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	movq	%rsp,%rsi
+	movq	%r8,%rdi
+	movq	%rbx,%rcx
+	jmp	.Lctr32_loop
+.p2align	4
+.Lctr32_break:
+	cmpq	%rbp,%rsp
+	je	.Lctr32_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+.Lctr32_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	.Lctr32_bzero
+
+.Lctr32_done:
+	leaq	(%rbp),%rsp
+	jmp	.Lctr32_exit
+
+.p2align	4
+.Lctr32_aligned:
+	movl	-4(%rdx),%eax
+	bswapl	%eax
+	negl	%eax
+	andl	$65535,%eax
+	movq	$1048576,%rbx
+	shll	$4,%eax
+	cmovzq	%rbx,%rax
+	cmpq	%rax,%rcx
+	cmovaq	%rax,%rbx
+	cmovbeq	%rcx,%rbx
+	jbe	.Lctr32_aligned_skip
+
+.Lctr32_aligned_loop:
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,216	
+
+	movl	-4(%rdx),%eax
+	bswapl	%eax
+	addl	$65536,%eax
+	bswapl	%eax
+	movl	%eax,-4(%rdx)
+
+	movq	%r10,%rcx
+	subq	%r11,%rcx
+	movq	$1048576,%rbx
+	jz	.Lctr32_exit
+	cmpq	%rbx,%rcx
+	jae	.Lctr32_aligned_loop
+
+.Lctr32_aligned_skip:
+	leaq	(%rsi,%rcx,1),%rbp
+	negq	%rbp
+	andq	$4095,%rbp
+	xorl	%eax,%eax
+	cmpq	$32,%rbp
+	movq	$32-1,%rbp
+	cmovaeq	%rax,%rbp
+	andq	%rcx,%rbp
+	subq	%rbp,%rcx
+	jz	.Lctr32_aligned_tail
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,216	
+	testq	%rbp,%rbp
+	jz	.Lctr32_exit
+
+.Lctr32_aligned_tail:
+	movq	%rdi,%r8
+	movq	%rbp,%rbx
+	movq	%rbp,%rcx
+	leaq	(%rsp),%rbp
+	subq	%rcx,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	leaq	(%r8),%rdi
+	leaq	(%rsp),%rsi
+	movq	%rbx,%rcx
+	jmp	.Lctr32_loop
+.Lctr32_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+.Lctr32_abort:
+	popq	%rbx
+	popq	%rbp
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+.LSEH_end_padlock_ctr32_encrypt:
+.byte	86,73,65,32,80,97,100,108,111,99,107,32,120,56,54,95,54,52,32,109,111,100,117,108,101,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.p2align	4
+.data	
+.p2align	3
+.Lpadlock_saved_context:
+.quad	0
+
diff --git a/lib/accelerated/x86/coff/ghash-x86_64.s b/lib/accelerated/x86/coff/ghash-x86_64.s
new file mode 100644
index 0000000..82634df
--- /dev/null
+++ b/lib/accelerated/x86/coff/ghash-x86_64.s
@@ -0,0 +1,2100 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+.globl	gcm_gmult_4bit
+.def	gcm_gmult_4bit;	.scl 2;	.type 32;	.endef
+.p2align	4
+gcm_gmult_4bit:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_gcm_gmult_4bit:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	subq	$280,%rsp
+
+.Lgmult_prologue:
+
+	movzbq	15(%rdi),%r8
+	leaq	.Lrem_4bit(%rip),%r11
+	xorq	%rax,%rax
+	xorq	%rbx,%rbx
+	movb	%r8b,%al
+	movb	%r8b,%bl
+	shlb	$4,%al
+	movq	$14,%rcx
+	movq	8(%rsi,%rax,1),%r8
+	movq	(%rsi,%rax,1),%r9
+	andb	$0xf0,%bl
+	movq	%r8,%rdx
+	jmp	.Loop1
+
+.p2align	4
+.Loop1:
+	shrq	$4,%r8
+	andq	$0xf,%rdx
+	movq	%r9,%r10
+	movb	(%rdi,%rcx,1),%al
+	shrq	$4,%r9
+	xorq	8(%rsi,%rbx,1),%r8
+	shlq	$60,%r10
+	xorq	(%rsi,%rbx,1),%r9
+	movb	%al,%bl
+	xorq	(%r11,%rdx,8),%r9
+	movq	%r8,%rdx
+	shlb	$4,%al
+	xorq	%r10,%r8
+	decq	%rcx
+	js	.Lbreak1
+
+	shrq	$4,%r8
+	andq	$0xf,%rdx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	xorq	8(%rsi,%rax,1),%r8
+	shlq	$60,%r10
+	xorq	(%rsi,%rax,1),%r9
+	andb	$0xf0,%bl
+	xorq	(%r11,%rdx,8),%r9
+	movq	%r8,%rdx
+	xorq	%r10,%r8
+	jmp	.Loop1
+
+.p2align	4
+.Lbreak1:
+	shrq	$4,%r8
+	andq	$0xf,%rdx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	xorq	8(%rsi,%rax,1),%r8
+	shlq	$60,%r10
+	xorq	(%rsi,%rax,1),%r9
+	andb	$0xf0,%bl
+	xorq	(%r11,%rdx,8),%r9
+	movq	%r8,%rdx
+	xorq	%r10,%r8
+
+	shrq	$4,%r8
+	andq	$0xf,%rdx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	xorq	8(%rsi,%rbx,1),%r8
+	shlq	$60,%r10
+	xorq	(%rsi,%rbx,1),%r9
+	xorq	%r10,%r8
+	xorq	(%r11,%rdx,8),%r9
+
+	bswapq	%r8
+	bswapq	%r9
+	movq	%r8,8(%rdi)
+	movq	%r9,(%rdi)
+
+	leaq	280+48(%rsp),%rsi
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+.Lgmult_epilogue:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_gcm_gmult_4bit:
+.globl	gcm_ghash_4bit
+.def	gcm_ghash_4bit;	.scl 2;	.type 32;	.endef
+.p2align	4
+gcm_ghash_4bit:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_gcm_ghash_4bit:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+	movq	%r9,%rcx
+
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	subq	$280,%rsp
+
+.Lghash_prologue:
+	movq	%rdx,%r14
+	movq	%rcx,%r15
+	subq	$-128,%rsi
+	leaq	16+128(%rsp),%rbp
+	xorl	%edx,%edx
+	movq	0+0-128(%rsi),%r8
+	movq	0+8-128(%rsi),%rax
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	16+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	16+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,0(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,0(%rbp)
+	movq	32+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,0-128(%rbp)
+	movq	32+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,1(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,8(%rbp)
+	movq	48+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,8-128(%rbp)
+	movq	48+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,2(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,16(%rbp)
+	movq	64+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,16-128(%rbp)
+	movq	64+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,3(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,24(%rbp)
+	movq	80+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,24-128(%rbp)
+	movq	80+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,4(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,32(%rbp)
+	movq	96+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,32-128(%rbp)
+	movq	96+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,5(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,40(%rbp)
+	movq	112+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,40-128(%rbp)
+	movq	112+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,6(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,48(%rbp)
+	movq	128+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,48-128(%rbp)
+	movq	128+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,7(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,56(%rbp)
+	movq	144+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,56-128(%rbp)
+	movq	144+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,8(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,64(%rbp)
+	movq	160+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,64-128(%rbp)
+	movq	160+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,9(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,72(%rbp)
+	movq	176+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,72-128(%rbp)
+	movq	176+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,10(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,80(%rbp)
+	movq	192+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,80-128(%rbp)
+	movq	192+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,11(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,88(%rbp)
+	movq	208+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,88-128(%rbp)
+	movq	208+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,12(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,96(%rbp)
+	movq	224+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,96-128(%rbp)
+	movq	224+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,13(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,104(%rbp)
+	movq	240+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,104-128(%rbp)
+	movq	240+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,14(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,112(%rbp)
+	shlb	$4,%dl
+	movq	%rax,112-128(%rbp)
+	shlq	$60,%r10
+	movb	%dl,15(%rsp)
+	orq	%r10,%rbx
+	movq	%r9,120(%rbp)
+	movq	%rbx,120-128(%rbp)
+	addq	$-128,%rsi
+	movq	8(%rdi),%r8
+	movq	0(%rdi),%r9
+	addq	%r14,%r15
+	leaq	.Lrem_8bit(%rip),%r11
+	jmp	.Louter_loop
+.p2align	4
+.Louter_loop:
+	xorq	(%r14),%r9
+	movq	8(%r14),%rdx
+	leaq	16(%r14),%r14
+	xorq	%r8,%rdx
+	movq	%r9,(%rdi)
+	movq	%rdx,8(%rdi)
+	shrq	$32,%rdx
+	xorq	%rax,%rax
+	roll	$8,%edx
+	movb	%dl,%al
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	shrl	$4,%ebx
+	roll	$8,%edx
+	movq	8(%rsi,%rax,1),%r8
+	movq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	movl	8(%rdi),%edx
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	movl	4(%rdi),%edx
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	movl	0(%rdi),%edx
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	andl	$240,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	movl	-4(%rdi),%edx
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	movzwq	(%r11,%r12,2),%r12
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	shlq	$48,%r12
+	xorq	%r10,%r8
+	xorq	%r12,%r9
+	movzbq	%r8b,%r13
+	shrq	$4,%r8
+	movq	%r9,%r10
+	shlb	$4,%r13b
+	shrq	$4,%r9
+	xorq	8(%rsi,%rcx,1),%r8
+	movzwq	(%r11,%r13,2),%r13
+	shlq	$60,%r10
+	xorq	(%rsi,%rcx,1),%r9
+	xorq	%r10,%r8
+	shlq	$48,%r13
+	bswapq	%r8
+	xorq	%r13,%r9
+	bswapq	%r9
+	cmpq	%r15,%r14
+	jb	.Louter_loop
+	movq	%r8,8(%rdi)
+	movq	%r9,(%rdi)
+
+	leaq	280+48(%rsp),%rsi
+
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	0(%rsi),%rsp
+
+.Lghash_epilogue:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_gcm_ghash_4bit:
+.globl	gcm_init_clmul
+.def	gcm_init_clmul;	.scl 2;	.type 32;	.endef
+.p2align	4
+gcm_init_clmul:
+
+.L_init_clmul:
+.LSEH_begin_gcm_init_clmul:
+
+.byte	0x48,0x83,0xec,0x18
+.byte	0x0f,0x29,0x34,0x24
+	movdqu	(%rdx),%xmm2
+	pshufd	$78,%xmm2,%xmm2
+
+
+	pshufd	$255,%xmm2,%xmm4
+	movdqa	%xmm2,%xmm3
+	psllq	$1,%xmm2
+	pxor	%xmm5,%xmm5
+	psrlq	$63,%xmm3
+	pcmpgtd	%xmm4,%xmm5
+	pslldq	$8,%xmm3
+	por	%xmm3,%xmm2
+
+
+	pand	.L0x1c2_polynomial(%rip),%xmm5
+	pxor	%xmm5,%xmm2
+
+
+	pshufd	$78,%xmm2,%xmm6
+	movdqa	%xmm2,%xmm0
+	pxor	%xmm2,%xmm6
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,222,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	pshufd	$78,%xmm2,%xmm3
+	pshufd	$78,%xmm0,%xmm4
+	pxor	%xmm2,%xmm3
+	movdqu	%xmm2,0(%rcx)
+	pxor	%xmm0,%xmm4
+	movdqu	%xmm0,16(%rcx)
+.byte	102,15,58,15,227,8
+	movdqu	%xmm4,32(%rcx)
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,222,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	movdqa	%xmm0,%xmm5
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,222,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	pshufd	$78,%xmm5,%xmm3
+	pshufd	$78,%xmm0,%xmm4
+	pxor	%xmm5,%xmm3
+	movdqu	%xmm5,48(%rcx)
+	pxor	%xmm0,%xmm4
+	movdqu	%xmm0,64(%rcx)
+.byte	102,15,58,15,227,8
+	movdqu	%xmm4,80(%rcx)
+	movaps	(%rsp),%xmm6
+	leaq	24(%rsp),%rsp
+.LSEH_end_gcm_init_clmul:
+	.byte	0xf3,0xc3
+
+
+.globl	gcm_gmult_clmul
+.def	gcm_gmult_clmul;	.scl 2;	.type 32;	.endef
+.p2align	4
+gcm_gmult_clmul:
+
+.L_gmult_clmul:
+	movdqu	(%rcx),%xmm0
+	movdqa	.Lbswap_mask(%rip),%xmm5
+	movdqu	(%rdx),%xmm2
+	movdqu	32(%rdx),%xmm4
+.byte	102,15,56,0,197
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,220,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,197
+	movdqu	%xmm0,(%rcx)
+	.byte	0xf3,0xc3
+
+
+.globl	gcm_ghash_clmul
+.def	gcm_ghash_clmul;	.scl 2;	.type 32;	.endef
+.p2align	5
+gcm_ghash_clmul:
+
+.L_ghash_clmul:
+	leaq	-136(%rsp),%rax
+.LSEH_begin_gcm_ghash_clmul:
+
+.byte	0x48,0x8d,0x60,0xe0
+.byte	0x0f,0x29,0x70,0xe0
+.byte	0x0f,0x29,0x78,0xf0
+.byte	0x44,0x0f,0x29,0x00
+.byte	0x44,0x0f,0x29,0x48,0x10
+.byte	0x44,0x0f,0x29,0x50,0x20
+.byte	0x44,0x0f,0x29,0x58,0x30
+.byte	0x44,0x0f,0x29,0x60,0x40
+.byte	0x44,0x0f,0x29,0x68,0x50
+.byte	0x44,0x0f,0x29,0x70,0x60
+.byte	0x44,0x0f,0x29,0x78,0x70
+	movdqa	.Lbswap_mask(%rip),%xmm10
+
+	movdqu	(%rcx),%xmm0
+	movdqu	(%rdx),%xmm2
+	movdqu	32(%rdx),%xmm7
+.byte	102,65,15,56,0,194
+
+	subq	$0x10,%r9
+	jz	.Lodd_tail
+
+	movdqu	16(%rdx),%xmm6
+	movl	GNUTLS_x86_cpuid_s+4(%rip),%eax
+	cmpq	$0x30,%r9
+	jb	.Lskip4x
+
+	andl	$71303168,%eax
+	cmpl	$4194304,%eax
+	je	.Lskip4x
+
+	subq	$0x30,%r9
+	movq	$0xA040608020C0E000,%rax
+	movdqu	48(%rdx),%xmm14
+	movdqu	64(%rdx),%xmm15
+
+
+
+
+	movdqu	48(%r8),%xmm3
+	movdqu	32(%r8),%xmm11
+.byte	102,65,15,56,0,218
+.byte	102,69,15,56,0,218
+	movdqa	%xmm3,%xmm5
+	pshufd	$78,%xmm3,%xmm4
+	pxor	%xmm3,%xmm4
+.byte	102,15,58,68,218,0
+.byte	102,15,58,68,234,17
+.byte	102,15,58,68,231,0
+
+	movdqa	%xmm11,%xmm13
+	pshufd	$78,%xmm11,%xmm12
+	pxor	%xmm11,%xmm12
+.byte	102,68,15,58,68,222,0
+.byte	102,68,15,58,68,238,17
+.byte	102,68,15,58,68,231,16
+	xorps	%xmm11,%xmm3
+	xorps	%xmm13,%xmm5
+	movups	80(%rdx),%xmm7
+	xorps	%xmm12,%xmm4
+
+	movdqu	16(%r8),%xmm11
+	movdqu	0(%r8),%xmm8
+.byte	102,69,15,56,0,218
+.byte	102,69,15,56,0,194
+	movdqa	%xmm11,%xmm13
+	pshufd	$78,%xmm11,%xmm12
+	pxor	%xmm8,%xmm0
+	pxor	%xmm11,%xmm12
+.byte	102,69,15,58,68,222,0
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm8
+	pxor	%xmm0,%xmm8
+.byte	102,69,15,58,68,238,17
+.byte	102,68,15,58,68,231,0
+	xorps	%xmm11,%xmm3
+	xorps	%xmm13,%xmm5
+
+	leaq	64(%r8),%r8
+	subq	$0x40,%r9
+	jc	.Ltail4x
+
+	jmp	.Lmod4_loop
+.p2align	5
+.Lmod4_loop:
+.byte	102,65,15,58,68,199,0
+	xorps	%xmm12,%xmm4
+	movdqu	48(%r8),%xmm11
+.byte	102,69,15,56,0,218
+.byte	102,65,15,58,68,207,17
+	xorps	%xmm3,%xmm0
+	movdqu	32(%r8),%xmm3
+	movdqa	%xmm11,%xmm13
+.byte	102,68,15,58,68,199,16
+	pshufd	$78,%xmm11,%xmm12
+	xorps	%xmm5,%xmm1
+	pxor	%xmm11,%xmm12
+.byte	102,65,15,56,0,218
+	movups	32(%rdx),%xmm7
+	xorps	%xmm4,%xmm8
+.byte	102,68,15,58,68,218,0
+	pshufd	$78,%xmm3,%xmm4
+
+	pxor	%xmm0,%xmm8
+	movdqa	%xmm3,%xmm5
+	pxor	%xmm1,%xmm8
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm8,%xmm9
+.byte	102,68,15,58,68,234,17
+	pslldq	$8,%xmm8
+	psrldq	$8,%xmm9
+	pxor	%xmm8,%xmm0
+	movdqa	.L7_mask(%rip),%xmm8
+	pxor	%xmm9,%xmm1
+.byte	102,76,15,110,200
+
+	pand	%xmm0,%xmm8
+.byte	102,69,15,56,0,200
+	pxor	%xmm0,%xmm9
+.byte	102,68,15,58,68,231,0
+	psllq	$57,%xmm9
+	movdqa	%xmm9,%xmm8
+	pslldq	$8,%xmm9
+.byte	102,15,58,68,222,0
+	psrldq	$8,%xmm8
+	pxor	%xmm9,%xmm0
+	pxor	%xmm8,%xmm1
+	movdqu	0(%r8),%xmm8
+
+	movdqa	%xmm0,%xmm9
+	psrlq	$1,%xmm0
+.byte	102,15,58,68,238,17
+	xorps	%xmm11,%xmm3
+	movdqu	16(%r8),%xmm11
+.byte	102,69,15,56,0,218
+.byte	102,15,58,68,231,16
+	xorps	%xmm13,%xmm5
+	movups	80(%rdx),%xmm7
+.byte	102,69,15,56,0,194
+	pxor	%xmm9,%xmm1
+	pxor	%xmm0,%xmm9
+	psrlq	$5,%xmm0
+
+	movdqa	%xmm11,%xmm13
+	pxor	%xmm12,%xmm4
+	pshufd	$78,%xmm11,%xmm12
+	pxor	%xmm9,%xmm0
+	pxor	%xmm8,%xmm1
+	pxor	%xmm11,%xmm12
+.byte	102,69,15,58,68,222,0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	movdqa	%xmm0,%xmm1
+.byte	102,69,15,58,68,238,17
+	xorps	%xmm11,%xmm3
+	pshufd	$78,%xmm0,%xmm8
+	pxor	%xmm0,%xmm8
+
+.byte	102,68,15,58,68,231,0
+	xorps	%xmm13,%xmm5
+
+	leaq	64(%r8),%r8
+	subq	$0x40,%r9
+	jnc	.Lmod4_loop
+
+.Ltail4x:
+.byte	102,65,15,58,68,199,0
+.byte	102,65,15,58,68,207,17
+.byte	102,68,15,58,68,199,16
+	xorps	%xmm12,%xmm4
+	xorps	%xmm3,%xmm0
+	xorps	%xmm5,%xmm1
+	pxor	%xmm0,%xmm1
+	pxor	%xmm4,%xmm8
+
+	pxor	%xmm1,%xmm8
+	pxor	%xmm0,%xmm1
+
+	movdqa	%xmm8,%xmm9
+	psrldq	$8,%xmm8
+	pslldq	$8,%xmm9
+	pxor	%xmm8,%xmm1
+	pxor	%xmm9,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	addq	$0x40,%r9
+	jz	.Ldone
+	movdqu	32(%rdx),%xmm7
+	subq	$0x10,%r9
+	jz	.Lodd_tail
+.Lskip4x:
+
+
+
+
+
+	movdqu	(%r8),%xmm8
+	movdqu	16(%r8),%xmm3
+.byte	102,69,15,56,0,194
+.byte	102,65,15,56,0,218
+	pxor	%xmm8,%xmm0
+
+	movdqa	%xmm3,%xmm5
+	pshufd	$78,%xmm3,%xmm4
+	pxor	%xmm3,%xmm4
+.byte	102,15,58,68,218,0
+.byte	102,15,58,68,234,17
+.byte	102,15,58,68,231,0
+
+	leaq	32(%r8),%r8
+	nop
+	subq	$0x20,%r9
+	jbe	.Leven_tail
+	nop
+	jmp	.Lmod_loop
+
+.p2align	5
+.Lmod_loop:
+	movdqa	%xmm0,%xmm1
+	movdqa	%xmm4,%xmm8
+	pshufd	$78,%xmm0,%xmm4
+	pxor	%xmm0,%xmm4
+
+.byte	102,15,58,68,198,0
+.byte	102,15,58,68,206,17
+.byte	102,15,58,68,231,16
+
+	pxor	%xmm3,%xmm0
+	pxor	%xmm5,%xmm1
+	movdqu	(%r8),%xmm9
+	pxor	%xmm0,%xmm8
+.byte	102,69,15,56,0,202
+	movdqu	16(%r8),%xmm3
+
+	pxor	%xmm1,%xmm8
+	pxor	%xmm9,%xmm1
+	pxor	%xmm8,%xmm4
+.byte	102,65,15,56,0,218
+	movdqa	%xmm4,%xmm8
+	psrldq	$8,%xmm8
+	pslldq	$8,%xmm4
+	pxor	%xmm8,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm3,%xmm5
+
+	movdqa	%xmm0,%xmm9
+	movdqa	%xmm0,%xmm8
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm8
+.byte	102,15,58,68,218,0
+	psllq	$1,%xmm0
+	pxor	%xmm8,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm8
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm8
+	pxor	%xmm9,%xmm0
+	pshufd	$78,%xmm5,%xmm4
+	pxor	%xmm8,%xmm1
+	pxor	%xmm5,%xmm4
+
+	movdqa	%xmm0,%xmm9
+	psrlq	$1,%xmm0
+.byte	102,15,58,68,234,17
+	pxor	%xmm9,%xmm1
+	pxor	%xmm0,%xmm9
+	psrlq	$5,%xmm0
+	pxor	%xmm9,%xmm0
+	leaq	32(%r8),%r8
+	psrlq	$1,%xmm0
+.byte	102,15,58,68,231,0
+	pxor	%xmm1,%xmm0
+
+	subq	$0x20,%r9
+	ja	.Lmod_loop
+
+.Leven_tail:
+	movdqa	%xmm0,%xmm1
+	movdqa	%xmm4,%xmm8
+	pshufd	$78,%xmm0,%xmm4
+	pxor	%xmm0,%xmm4
+
+.byte	102,15,58,68,198,0
+.byte	102,15,58,68,206,17
+.byte	102,15,58,68,231,16
+
+	pxor	%xmm3,%xmm0
+	pxor	%xmm5,%xmm1
+	pxor	%xmm0,%xmm8
+	pxor	%xmm1,%xmm8
+	pxor	%xmm8,%xmm4
+	movdqa	%xmm4,%xmm8
+	psrldq	$8,%xmm8
+	pslldq	$8,%xmm4
+	pxor	%xmm8,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	testq	%r9,%r9
+	jnz	.Ldone
+
+.Lodd_tail:
+	movdqu	(%r8),%xmm8
+.byte	102,69,15,56,0,194
+	pxor	%xmm8,%xmm0
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,223,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+.Ldone:
+.byte	102,65,15,56,0,194
+	movdqu	%xmm0,(%rcx)
+	movaps	(%rsp),%xmm6
+	movaps	16(%rsp),%xmm7
+	movaps	32(%rsp),%xmm8
+	movaps	48(%rsp),%xmm9
+	movaps	64(%rsp),%xmm10
+	movaps	80(%rsp),%xmm11
+	movaps	96(%rsp),%xmm12
+	movaps	112(%rsp),%xmm13
+	movaps	128(%rsp),%xmm14
+	movaps	144(%rsp),%xmm15
+	leaq	168(%rsp),%rsp
+.LSEH_end_gcm_ghash_clmul:
+	.byte	0xf3,0xc3
+
+
+.globl	gcm_init_avx
+.def	gcm_init_avx;	.scl 2;	.type 32;	.endef
+.p2align	5
+gcm_init_avx:
+
+.LSEH_begin_gcm_init_avx:
+
+.byte	0x48,0x83,0xec,0x18
+.byte	0x0f,0x29,0x34,0x24
+	vzeroupper
+
+	vmovdqu	(%rdx),%xmm2
+	vpshufd	$78,%xmm2,%xmm2
+
+
+	vpshufd	$255,%xmm2,%xmm4
+	vpsrlq	$63,%xmm2,%xmm3
+	vpsllq	$1,%xmm2,%xmm2
+	vpxor	%xmm5,%xmm5,%xmm5
+	vpcmpgtd	%xmm4,%xmm5,%xmm5
+	vpslldq	$8,%xmm3,%xmm3
+	vpor	%xmm3,%xmm2,%xmm2
+
+
+	vpand	.L0x1c2_polynomial(%rip),%xmm5,%xmm5
+	vpxor	%xmm5,%xmm2,%xmm2
+
+	vpunpckhqdq	%xmm2,%xmm2,%xmm6
+	vmovdqa	%xmm2,%xmm0
+	vpxor	%xmm2,%xmm6,%xmm6
+	movq	$4,%r10
+	jmp	.Linit_start_avx
+.p2align	5
+.Linit_loop_avx:
+	vpalignr	$8,%xmm3,%xmm4,%xmm5
+	vmovdqu	%xmm5,-16(%rcx)
+	vpunpckhqdq	%xmm0,%xmm0,%xmm3
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm2,%xmm0,%xmm1
+	vpclmulqdq	$0x00,%xmm2,%xmm0,%xmm0
+	vpclmulqdq	$0x00,%xmm6,%xmm3,%xmm3
+	vpxor	%xmm0,%xmm1,%xmm4
+	vpxor	%xmm4,%xmm3,%xmm3
+
+	vpslldq	$8,%xmm3,%xmm4
+	vpsrldq	$8,%xmm3,%xmm3
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpxor	%xmm3,%xmm1,%xmm1
+	vpsllq	$57,%xmm0,%xmm3
+	vpsllq	$62,%xmm0,%xmm4
+	vpxor	%xmm3,%xmm4,%xmm4
+	vpsllq	$63,%xmm0,%xmm3
+	vpxor	%xmm3,%xmm4,%xmm4
+	vpslldq	$8,%xmm4,%xmm3
+	vpsrldq	$8,%xmm4,%xmm4
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpxor	%xmm4,%xmm1,%xmm1
+
+	vpsrlq	$1,%xmm0,%xmm4
+	vpxor	%xmm0,%xmm1,%xmm1
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpsrlq	$5,%xmm4,%xmm4
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpsrlq	$1,%xmm0,%xmm0
+	vpxor	%xmm1,%xmm0,%xmm0
+.Linit_start_avx:
+	vmovdqa	%xmm0,%xmm5
+	vpunpckhqdq	%xmm0,%xmm0,%xmm3
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm2,%xmm0,%xmm1
+	vpclmulqdq	$0x00,%xmm2,%xmm0,%xmm0
+	vpclmulqdq	$0x00,%xmm6,%xmm3,%xmm3
+	vpxor	%xmm0,%xmm1,%xmm4
+	vpxor	%xmm4,%xmm3,%xmm3
+
+	vpslldq	$8,%xmm3,%xmm4
+	vpsrldq	$8,%xmm3,%xmm3
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpxor	%xmm3,%xmm1,%xmm1
+	vpsllq	$57,%xmm0,%xmm3
+	vpsllq	$62,%xmm0,%xmm4
+	vpxor	%xmm3,%xmm4,%xmm4
+	vpsllq	$63,%xmm0,%xmm3
+	vpxor	%xmm3,%xmm4,%xmm4
+	vpslldq	$8,%xmm4,%xmm3
+	vpsrldq	$8,%xmm4,%xmm4
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpxor	%xmm4,%xmm1,%xmm1
+
+	vpsrlq	$1,%xmm0,%xmm4
+	vpxor	%xmm0,%xmm1,%xmm1
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpsrlq	$5,%xmm4,%xmm4
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpsrlq	$1,%xmm0,%xmm0
+	vpxor	%xmm1,%xmm0,%xmm0
+	vpshufd	$78,%xmm5,%xmm3
+	vpshufd	$78,%xmm0,%xmm4
+	vpxor	%xmm5,%xmm3,%xmm3
+	vmovdqu	%xmm5,0(%rcx)
+	vpxor	%xmm0,%xmm4,%xmm4
+	vmovdqu	%xmm0,16(%rcx)
+	leaq	48(%rcx),%rcx
+	subq	$1,%r10
+	jnz	.Linit_loop_avx
+
+	vpalignr	$8,%xmm4,%xmm3,%xmm5
+	vmovdqu	%xmm5,-16(%rcx)
+
+	vzeroupper
+	movaps	(%rsp),%xmm6
+	leaq	24(%rsp),%rsp
+.LSEH_end_gcm_init_avx:
+	.byte	0xf3,0xc3
+
+
+.globl	gcm_gmult_avx
+.def	gcm_gmult_avx;	.scl 2;	.type 32;	.endef
+.p2align	5
+gcm_gmult_avx:
+
+	jmp	.L_gmult_clmul
+
+
+.globl	gcm_ghash_avx
+.def	gcm_ghash_avx;	.scl 2;	.type 32;	.endef
+.p2align	5
+gcm_ghash_avx:
+
+	leaq	-136(%rsp),%rax
+.LSEH_begin_gcm_ghash_avx:
+
+.byte	0x48,0x8d,0x60,0xe0
+.byte	0x0f,0x29,0x70,0xe0
+.byte	0x0f,0x29,0x78,0xf0
+.byte	0x44,0x0f,0x29,0x00
+.byte	0x44,0x0f,0x29,0x48,0x10
+.byte	0x44,0x0f,0x29,0x50,0x20
+.byte	0x44,0x0f,0x29,0x58,0x30
+.byte	0x44,0x0f,0x29,0x60,0x40
+.byte	0x44,0x0f,0x29,0x68,0x50
+.byte	0x44,0x0f,0x29,0x70,0x60
+.byte	0x44,0x0f,0x29,0x78,0x70
+	vzeroupper
+
+	vmovdqu	(%rcx),%xmm10
+	leaq	.L0x1c2_polynomial(%rip),%r10
+	leaq	64(%rdx),%rdx
+	vmovdqu	.Lbswap_mask(%rip),%xmm13
+	vpshufb	%xmm13,%xmm10,%xmm10
+	cmpq	$0x80,%r9
+	jb	.Lshort_avx
+	subq	$0x80,%r9
+
+	vmovdqu	112(%r8),%xmm14
+	vmovdqu	0-64(%rdx),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vmovdqu	32-64(%rdx),%xmm7
+
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vmovdqu	96(%r8),%xmm15
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm14,%xmm9,%xmm9
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	16-64(%rdx),%xmm6
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vmovdqu	80(%r8),%xmm14
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm15,%xmm8,%xmm8
+
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	48-64(%rdx),%xmm6
+	vpxor	%xmm14,%xmm9,%xmm9
+	vmovdqu	64(%r8),%xmm15
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	80-64(%rdx),%xmm7
+
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	64-64(%rdx),%xmm6
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm15,%xmm8,%xmm8
+
+	vmovdqu	48(%r8),%xmm14
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpxor	%xmm4,%xmm1,%xmm1
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	96-64(%rdx),%xmm6
+	vpxor	%xmm5,%xmm2,%xmm2
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	128-64(%rdx),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+
+	vmovdqu	32(%r8),%xmm15
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	112-64(%rdx),%xmm6
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm15,%xmm8,%xmm8
+
+	vmovdqu	16(%r8),%xmm14
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpxor	%xmm4,%xmm1,%xmm1
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	144-64(%rdx),%xmm6
+	vpxor	%xmm5,%xmm2,%xmm2
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	176-64(%rdx),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+
+	vmovdqu	(%r8),%xmm15
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	160-64(%rdx),%xmm6
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x10,%xmm7,%xmm9,%xmm2
+
+	leaq	128(%r8),%r8
+	cmpq	$0x80,%r9
+	jb	.Ltail_avx
+
+	vpxor	%xmm10,%xmm15,%xmm15
+	subq	$0x80,%r9
+	jmp	.Loop8x_avx
+
+.p2align	5
+.Loop8x_avx:
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vmovdqu	112(%r8),%xmm14
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpxor	%xmm15,%xmm8,%xmm8
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm10
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm11
+	vmovdqu	0-64(%rdx),%xmm6
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm12
+	vmovdqu	32-64(%rdx),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+
+	vmovdqu	96(%r8),%xmm15
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm3,%xmm10,%xmm10
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vxorps	%xmm4,%xmm11,%xmm11
+	vmovdqu	16-64(%rdx),%xmm6
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm5,%xmm12,%xmm12
+	vxorps	%xmm15,%xmm8,%xmm8
+
+	vmovdqu	80(%r8),%xmm14
+	vpxor	%xmm10,%xmm12,%xmm12
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpxor	%xmm11,%xmm12,%xmm12
+	vpslldq	$8,%xmm12,%xmm9
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vpsrldq	$8,%xmm12,%xmm12
+	vpxor	%xmm9,%xmm10,%xmm10
+	vmovdqu	48-64(%rdx),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vxorps	%xmm12,%xmm11,%xmm11
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	80-64(%rdx),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vmovdqu	64(%r8),%xmm15
+	vpalignr	$8,%xmm10,%xmm10,%xmm12
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	64-64(%rdx),%xmm6
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm4,%xmm1,%xmm1
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vxorps	%xmm15,%xmm8,%xmm8
+	vpxor	%xmm5,%xmm2,%xmm2
+
+	vmovdqu	48(%r8),%xmm14
+	vpclmulqdq	$0x10,(%r10),%xmm10,%xmm10
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	96-64(%rdx),%xmm6
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	128-64(%rdx),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vmovdqu	32(%r8),%xmm15
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	112-64(%rdx),%xmm6
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm4,%xmm1,%xmm1
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm15,%xmm8,%xmm8
+	vpxor	%xmm5,%xmm2,%xmm2
+	vxorps	%xmm12,%xmm10,%xmm10
+
+	vmovdqu	16(%r8),%xmm14
+	vpalignr	$8,%xmm10,%xmm10,%xmm12
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	144-64(%rdx),%xmm6
+	vpclmulqdq	$0x10,(%r10),%xmm10,%xmm10
+	vxorps	%xmm11,%xmm12,%xmm12
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	176-64(%rdx),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vmovdqu	(%r8),%xmm15
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	160-64(%rdx),%xmm6
+	vpxor	%xmm12,%xmm15,%xmm15
+	vpclmulqdq	$0x10,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm10,%xmm15,%xmm15
+
+	leaq	128(%r8),%r8
+	subq	$0x80,%r9
+	jnc	.Loop8x_avx
+
+	addq	$0x80,%r9
+	jmp	.Ltail_no_xor_avx
+
+.p2align	5
+.Lshort_avx:
+	vmovdqu	-16(%r8,%r9,1),%xmm14
+	leaq	(%r8,%r9,1),%r8
+	vmovdqu	0-64(%rdx),%xmm6
+	vmovdqu	32-64(%rdx),%xmm7
+	vpshufb	%xmm13,%xmm14,%xmm15
+
+	vmovdqa	%xmm0,%xmm3
+	vmovdqa	%xmm1,%xmm4
+	vmovdqa	%xmm2,%xmm5
+	subq	$0x10,%r9
+	jz	.Ltail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-32(%r8),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	16-64(%rdx),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vpsrldq	$8,%xmm7,%xmm7
+	subq	$0x10,%r9
+	jz	.Ltail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-48(%r8),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	48-64(%rdx),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vmovdqu	80-64(%rdx),%xmm7
+	subq	$0x10,%r9
+	jz	.Ltail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-64(%r8),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	64-64(%rdx),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vpsrldq	$8,%xmm7,%xmm7
+	subq	$0x10,%r9
+	jz	.Ltail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-80(%r8),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	96-64(%rdx),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vmovdqu	128-64(%rdx),%xmm7
+	subq	$0x10,%r9
+	jz	.Ltail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-96(%r8),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	112-64(%rdx),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vpsrldq	$8,%xmm7,%xmm7
+	subq	$0x10,%r9
+	jz	.Ltail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-112(%r8),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	144-64(%rdx),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vmovq	184-64(%rdx),%xmm7
+	subq	$0x10,%r9
+	jmp	.Ltail_avx
+
+.p2align	5
+.Ltail_avx:
+	vpxor	%xmm10,%xmm15,%xmm15
+.Ltail_no_xor_avx:
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+
+	vmovdqu	(%r10),%xmm12
+
+	vpxor	%xmm0,%xmm3,%xmm10
+	vpxor	%xmm1,%xmm4,%xmm11
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vpxor	%xmm10,%xmm5,%xmm5
+	vpxor	%xmm11,%xmm5,%xmm5
+	vpslldq	$8,%xmm5,%xmm9
+	vpsrldq	$8,%xmm5,%xmm5
+	vpxor	%xmm9,%xmm10,%xmm10
+	vpxor	%xmm5,%xmm11,%xmm11
+
+	vpclmulqdq	$0x10,%xmm12,%xmm10,%xmm9
+	vpalignr	$8,%xmm10,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm10,%xmm10
+
+	vpclmulqdq	$0x10,%xmm12,%xmm10,%xmm9
+	vpalignr	$8,%xmm10,%xmm10,%xmm10
+	vpxor	%xmm11,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm10,%xmm10
+
+	cmpq	$0,%r9
+	jne	.Lshort_avx
+
+	vpshufb	%xmm13,%xmm10,%xmm10
+	vmovdqu	%xmm10,(%rcx)
+	vzeroupper
+	movaps	(%rsp),%xmm6
+	movaps	16(%rsp),%xmm7
+	movaps	32(%rsp),%xmm8
+	movaps	48(%rsp),%xmm9
+	movaps	64(%rsp),%xmm10
+	movaps	80(%rsp),%xmm11
+	movaps	96(%rsp),%xmm12
+	movaps	112(%rsp),%xmm13
+	movaps	128(%rsp),%xmm14
+	movaps	144(%rsp),%xmm15
+	leaq	168(%rsp),%rsp
+.LSEH_end_gcm_ghash_avx:
+	.byte	0xf3,0xc3
+
+
+.p2align	6
+.Lbswap_mask:
+.byte	15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+.L0x1c2_polynomial:
+.byte	1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xc2
+.L7_mask:
+.long	7,0,7,0
+.L7_mask_poly:
+.long	7,0,450,0
+.p2align	6
+
+.Lrem_4bit:
+.long	0,0,0,471859200,0,943718400,0,610271232
+.long	0,1887436800,0,1822425088,0,1220542464,0,1423966208
+.long	0,3774873600,0,4246732800,0,3644850176,0,3311403008
+.long	0,2441084928,0,2376073216,0,2847932416,0,3051356160
+
+.Lrem_8bit:
+.value	0x0000,0x01C2,0x0384,0x0246,0x0708,0x06CA,0x048C,0x054E
+.value	0x0E10,0x0FD2,0x0D94,0x0C56,0x0918,0x08DA,0x0A9C,0x0B5E
+.value	0x1C20,0x1DE2,0x1FA4,0x1E66,0x1B28,0x1AEA,0x18AC,0x196E
+.value	0x1230,0x13F2,0x11B4,0x1076,0x1538,0x14FA,0x16BC,0x177E
+.value	0x3840,0x3982,0x3BC4,0x3A06,0x3F48,0x3E8A,0x3CCC,0x3D0E
+.value	0x3650,0x3792,0x35D4,0x3416,0x3158,0x309A,0x32DC,0x331E
+.value	0x2460,0x25A2,0x27E4,0x2626,0x2368,0x22AA,0x20EC,0x212E
+.value	0x2A70,0x2BB2,0x29F4,0x2836,0x2D78,0x2CBA,0x2EFC,0x2F3E
+.value	0x7080,0x7142,0x7304,0x72C6,0x7788,0x764A,0x740C,0x75CE
+.value	0x7E90,0x7F52,0x7D14,0x7CD6,0x7998,0x785A,0x7A1C,0x7BDE
+.value	0x6CA0,0x6D62,0x6F24,0x6EE6,0x6BA8,0x6A6A,0x682C,0x69EE
+.value	0x62B0,0x6372,0x6134,0x60F6,0x65B8,0x647A,0x663C,0x67FE
+.value	0x48C0,0x4902,0x4B44,0x4A86,0x4FC8,0x4E0A,0x4C4C,0x4D8E
+.value	0x46D0,0x4712,0x4554,0x4496,0x41D8,0x401A,0x425C,0x439E
+.value	0x54E0,0x5522,0x5764,0x56A6,0x53E8,0x522A,0x506C,0x51AE
+.value	0x5AF0,0x5B32,0x5974,0x58B6,0x5DF8,0x5C3A,0x5E7C,0x5FBE
+.value	0xE100,0xE0C2,0xE284,0xE346,0xE608,0xE7CA,0xE58C,0xE44E
+.value	0xEF10,0xEED2,0xEC94,0xED56,0xE818,0xE9DA,0xEB9C,0xEA5E
+.value	0xFD20,0xFCE2,0xFEA4,0xFF66,0xFA28,0xFBEA,0xF9AC,0xF86E
+.value	0xF330,0xF2F2,0xF0B4,0xF176,0xF438,0xF5FA,0xF7BC,0xF67E
+.value	0xD940,0xD882,0xDAC4,0xDB06,0xDE48,0xDF8A,0xDDCC,0xDC0E
+.value	0xD750,0xD692,0xD4D4,0xD516,0xD058,0xD19A,0xD3DC,0xD21E
+.value	0xC560,0xC4A2,0xC6E4,0xC726,0xC268,0xC3AA,0xC1EC,0xC02E
+.value	0xCB70,0xCAB2,0xC8F4,0xC936,0xCC78,0xCDBA,0xCFFC,0xCE3E
+.value	0x9180,0x9042,0x9204,0x93C6,0x9688,0x974A,0x950C,0x94CE
+.value	0x9F90,0x9E52,0x9C14,0x9DD6,0x9898,0x995A,0x9B1C,0x9ADE
+.value	0x8DA0,0x8C62,0x8E24,0x8FE6,0x8AA8,0x8B6A,0x892C,0x88EE
+.value	0x83B0,0x8272,0x8034,0x81F6,0x84B8,0x857A,0x873C,0x86FE
+.value	0xA9C0,0xA802,0xAA44,0xAB86,0xAEC8,0xAF0A,0xAD4C,0xAC8E
+.value	0xA7D0,0xA612,0xA454,0xA596,0xA0D8,0xA11A,0xA35C,0xA29E
+.value	0xB5E0,0xB422,0xB664,0xB7A6,0xB2E8,0xB32A,0xB16C,0xB0AE
+.value	0xBBF0,0xBA32,0xB874,0xB9B6,0xBCF8,0xBD3A,0xBF7C,0xBEBE
+
+.byte	71,72,65,83,72,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.p2align	6
+
+.def	se_handler;	.scl 3;	.type 32;	.endef
+.p2align	4
+se_handler:
+	pushq	%rsi
+	pushq	%rdi
+	pushq	%rbx
+	pushq	%rbp
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	pushfq
+	subq	$64,%rsp
+
+	movq	120(%r8),%rax
+	movq	248(%r8),%rbx
+
+	movq	8(%r9),%rsi
+	movq	56(%r9),%r11
+
+	movl	0(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jb	.Lin_prologue
+
+	movq	152(%r8),%rax
+
+	movl	4(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jae	.Lin_prologue
+
+	leaq	48+280(%rax),%rax
+
+	movq	-8(%rax),%rbx
+	movq	-16(%rax),%rbp
+	movq	-24(%rax),%r12
+	movq	-32(%rax),%r13
+	movq	-40(%rax),%r14
+	movq	-48(%rax),%r15
+	movq	%rbx,144(%r8)
+	movq	%rbp,160(%r8)
+	movq	%r12,216(%r8)
+	movq	%r13,224(%r8)
+	movq	%r14,232(%r8)
+	movq	%r15,240(%r8)
+
+.Lin_prologue:
+	movq	8(%rax),%rdi
+	movq	16(%rax),%rsi
+	movq	%rax,152(%r8)
+	movq	%rsi,168(%r8)
+	movq	%rdi,176(%r8)
+
+	movq	40(%r9),%rdi
+	movq	%r8,%rsi
+	movl	$154,%ecx
+.long	0xa548f3fc
+
+	movq	%r9,%rsi
+	xorq	%rcx,%rcx
+	movq	8(%rsi),%rdx
+	movq	0(%rsi),%r8
+	movq	16(%rsi),%r9
+	movq	40(%rsi),%r10
+	leaq	56(%rsi),%r11
+	leaq	24(%rsi),%r12
+	movq	%r10,32(%rsp)
+	movq	%r11,40(%rsp)
+	movq	%r12,48(%rsp)
+	movq	%rcx,56(%rsp)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	movl	$1,%eax
+	addq	$64,%rsp
+	popfq
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbp
+	popq	%rbx
+	popq	%rdi
+	popq	%rsi
+	.byte	0xf3,0xc3
+
+
+.section	.pdata
+.p2align	2
+.rva	.LSEH_begin_gcm_gmult_4bit
+.rva	.LSEH_end_gcm_gmult_4bit
+.rva	.LSEH_info_gcm_gmult_4bit
+
+.rva	.LSEH_begin_gcm_ghash_4bit
+.rva	.LSEH_end_gcm_ghash_4bit
+.rva	.LSEH_info_gcm_ghash_4bit
+
+.rva	.LSEH_begin_gcm_init_clmul
+.rva	.LSEH_end_gcm_init_clmul
+.rva	.LSEH_info_gcm_init_clmul
+
+.rva	.LSEH_begin_gcm_ghash_clmul
+.rva	.LSEH_end_gcm_ghash_clmul
+.rva	.LSEH_info_gcm_ghash_clmul
+.rva	.LSEH_begin_gcm_init_avx
+.rva	.LSEH_end_gcm_init_avx
+.rva	.LSEH_info_gcm_init_clmul
+
+.rva	.LSEH_begin_gcm_ghash_avx
+.rva	.LSEH_end_gcm_ghash_avx
+.rva	.LSEH_info_gcm_ghash_clmul
+.section	.xdata
+.p2align	3
+.LSEH_info_gcm_gmult_4bit:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Lgmult_prologue,.Lgmult_epilogue
+.LSEH_info_gcm_ghash_4bit:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Lghash_prologue,.Lghash_epilogue
+.LSEH_info_gcm_init_clmul:
+.byte	0x01,0x08,0x03,0x00
+.byte	0x08,0x68,0x00,0x00
+.byte	0x04,0x22,0x00,0x00
+.LSEH_info_gcm_ghash_clmul:
+.byte	0x01,0x33,0x16,0x00
+.byte	0x33,0xf8,0x09,0x00
+.byte	0x2e,0xe8,0x08,0x00
+.byte	0x29,0xd8,0x07,0x00
+.byte	0x24,0xc8,0x06,0x00
+.byte	0x1f,0xb8,0x05,0x00
+.byte	0x1a,0xa8,0x04,0x00
+.byte	0x15,0x98,0x03,0x00
+.byte	0x10,0x88,0x02,0x00
+.byte	0x0c,0x78,0x01,0x00
+.byte	0x08,0x68,0x00,0x00
+.byte	0x04,0x01,0x15,0x00
+
diff --git a/lib/accelerated/x86/coff/sha1-ssse3-x86.s b/lib/accelerated/x86/coff/sha1-ssse3-x86.s
new file mode 100644
index 0000000..30f9ded
--- /dev/null
+++ b/lib/accelerated/x86/coff/sha1-ssse3-x86.s
@@ -0,0 +1,1418 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text
+.globl	_sha1_block_data_order
+.def	_sha1_block_data_order;	.scl	2;	.type	32;	.endef
+.align	16
+_sha1_block_data_order:
+.L_sha1_block_data_order_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%ebp
+	movl	24(%esp),%esi
+	movl	28(%esp),%eax
+	subl	$76,%esp
+	shll	$6,%eax
+	addl	%esi,%eax
+	movl	%eax,104(%esp)
+	movl	16(%ebp),%edi
+	jmp	.L000loop
+.align	16
+.L000loop:
+	movl	(%esi),%eax
+	movl	4(%esi),%ebx
+	movl	8(%esi),%ecx
+	movl	12(%esi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	movl	%ecx,8(%esp)
+	movl	%edx,12(%esp)
+	movl	16(%esi),%eax
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	movl	%eax,16(%esp)
+	movl	%ebx,20(%esp)
+	movl	%ecx,24(%esp)
+	movl	%edx,28(%esp)
+	movl	32(%esi),%eax
+	movl	36(%esi),%ebx
+	movl	40(%esi),%ecx
+	movl	44(%esi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	movl	%eax,32(%esp)
+	movl	%ebx,36(%esp)
+	movl	%ecx,40(%esp)
+	movl	%edx,44(%esp)
+	movl	48(%esi),%eax
+	movl	52(%esi),%ebx
+	movl	56(%esi),%ecx
+	movl	60(%esi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	movl	%eax,48(%esp)
+	movl	%ebx,52(%esp)
+	movl	%ecx,56(%esp)
+	movl	%edx,60(%esp)
+	movl	%esi,100(%esp)
+	movl	(%ebp),%eax
+	movl	4(%ebp),%ebx
+	movl	8(%ebp),%ecx
+	movl	12(%ebp),%edx
+	# 00_15 0 
+	movl	%ecx,%esi
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	xorl	%edx,%esi
+	addl	%edi,%ebp
+	movl	(%esp),%edi
+	andl	%ebx,%esi
+	rorl	$2,%ebx
+	xorl	%edx,%esi
+	leal	1518500249(%ebp,%edi,1),%ebp
+	addl	%esi,%ebp
+	# 00_15 1 
+	movl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	xorl	%ecx,%edi
+	addl	%edx,%ebp
+	movl	4(%esp),%edx
+	andl	%eax,%edi
+	rorl	$2,%eax
+	xorl	%ecx,%edi
+	leal	1518500249(%ebp,%edx,1),%ebp
+	addl	%edi,%ebp
+	# 00_15 2 
+	movl	%eax,%edx
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	xorl	%ebx,%edx
+	addl	%ecx,%ebp
+	movl	8(%esp),%ecx
+	andl	%esi,%edx
+	rorl	$2,%esi
+	xorl	%ebx,%edx
+	leal	1518500249(%ebp,%ecx,1),%ebp
+	addl	%edx,%ebp
+	# 00_15 3 
+	movl	%esi,%ecx
+	movl	%ebp,%edx
+	roll	$5,%ebp
+	xorl	%eax,%ecx
+	addl	%ebx,%ebp
+	movl	12(%esp),%ebx
+	andl	%edi,%ecx
+	rorl	$2,%edi
+	xorl	%eax,%ecx
+	leal	1518500249(%ebp,%ebx,1),%ebp
+	addl	%ecx,%ebp
+	# 00_15 4 
+	movl	%edi,%ebx
+	movl	%ebp,%ecx
+	roll	$5,%ebp
+	xorl	%esi,%ebx
+	addl	%eax,%ebp
+	movl	16(%esp),%eax
+	andl	%edx,%ebx
+	rorl	$2,%edx
+	xorl	%esi,%ebx
+	leal	1518500249(%ebp,%eax,1),%ebp
+	addl	%ebx,%ebp
+	# 00_15 5 
+	movl	%edx,%eax
+	movl	%ebp,%ebx
+	roll	$5,%ebp
+	xorl	%edi,%eax
+	addl	%esi,%ebp
+	movl	20(%esp),%esi
+	andl	%ecx,%eax
+	rorl	$2,%ecx
+	xorl	%edi,%eax
+	leal	1518500249(%ebp,%esi,1),%ebp
+	addl	%eax,%ebp
+	# 00_15 6 
+	movl	%ecx,%esi
+	movl	%ebp,%eax
+	roll	$5,%ebp
+	xorl	%edx,%esi
+	addl	%edi,%ebp
+	movl	24(%esp),%edi
+	andl	%ebx,%esi
+	rorl	$2,%ebx
+	xorl	%edx,%esi
+	leal	1518500249(%ebp,%edi,1),%ebp
+	addl	%esi,%ebp
+	# 00_15 7 
+	movl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	xorl	%ecx,%edi
+	addl	%edx,%ebp
+	movl	28(%esp),%edx
+	andl	%eax,%edi
+	rorl	$2,%eax
+	xorl	%ecx,%edi
+	leal	1518500249(%ebp,%edx,1),%ebp
+	addl	%edi,%ebp
+	# 00_15 8 
+	movl	%eax,%edx
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	xorl	%ebx,%edx
+	addl	%ecx,%ebp
+	movl	32(%esp),%ecx
+	andl	%esi,%edx
+	rorl	$2,%esi
+	xorl	%ebx,%edx
+	leal	1518500249(%ebp,%ecx,1),%ebp
+	addl	%edx,%ebp
+	# 00_15 9 
+	movl	%esi,%ecx
+	movl	%ebp,%edx
+	roll	$5,%ebp
+	xorl	%eax,%ecx
+	addl	%ebx,%ebp
+	movl	36(%esp),%ebx
+	andl	%edi,%ecx
+	rorl	$2,%edi
+	xorl	%eax,%ecx
+	leal	1518500249(%ebp,%ebx,1),%ebp
+	addl	%ecx,%ebp
+	# 00_15 10 
+	movl	%edi,%ebx
+	movl	%ebp,%ecx
+	roll	$5,%ebp
+	xorl	%esi,%ebx
+	addl	%eax,%ebp
+	movl	40(%esp),%eax
+	andl	%edx,%ebx
+	rorl	$2,%edx
+	xorl	%esi,%ebx
+	leal	1518500249(%ebp,%eax,1),%ebp
+	addl	%ebx,%ebp
+	# 00_15 11 
+	movl	%edx,%eax
+	movl	%ebp,%ebx
+	roll	$5,%ebp
+	xorl	%edi,%eax
+	addl	%esi,%ebp
+	movl	44(%esp),%esi
+	andl	%ecx,%eax
+	rorl	$2,%ecx
+	xorl	%edi,%eax
+	leal	1518500249(%ebp,%esi,1),%ebp
+	addl	%eax,%ebp
+	# 00_15 12 
+	movl	%ecx,%esi
+	movl	%ebp,%eax
+	roll	$5,%ebp
+	xorl	%edx,%esi
+	addl	%edi,%ebp
+	movl	48(%esp),%edi
+	andl	%ebx,%esi
+	rorl	$2,%ebx
+	xorl	%edx,%esi
+	leal	1518500249(%ebp,%edi,1),%ebp
+	addl	%esi,%ebp
+	# 00_15 13 
+	movl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	xorl	%ecx,%edi
+	addl	%edx,%ebp
+	movl	52(%esp),%edx
+	andl	%eax,%edi
+	rorl	$2,%eax
+	xorl	%ecx,%edi
+	leal	1518500249(%ebp,%edx,1),%ebp
+	addl	%edi,%ebp
+	# 00_15 14 
+	movl	%eax,%edx
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	xorl	%ebx,%edx
+	addl	%ecx,%ebp
+	movl	56(%esp),%ecx
+	andl	%esi,%edx
+	rorl	$2,%esi
+	xorl	%ebx,%edx
+	leal	1518500249(%ebp,%ecx,1),%ebp
+	addl	%edx,%ebp
+	# 00_15 15 
+	movl	%esi,%ecx
+	movl	%ebp,%edx
+	roll	$5,%ebp
+	xorl	%eax,%ecx
+	addl	%ebx,%ebp
+	movl	60(%esp),%ebx
+	andl	%edi,%ecx
+	rorl	$2,%edi
+	xorl	%eax,%ecx
+	leal	1518500249(%ebp,%ebx,1),%ebp
+	movl	(%esp),%ebx
+	addl	%ebp,%ecx
+	# 16_19 16 
+	movl	%edi,%ebp
+	xorl	8(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	32(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	52(%esp),%ebx
+	roll	$1,%ebx
+	xorl	%esi,%ebp
+	addl	%ebp,%eax
+	movl	%ecx,%ebp
+	rorl	$2,%edx
+	movl	%ebx,(%esp)
+	roll	$5,%ebp
+	leal	1518500249(%ebx,%eax,1),%ebx
+	movl	4(%esp),%eax
+	addl	%ebp,%ebx
+	# 16_19 17 
+	movl	%edx,%ebp
+	xorl	12(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	36(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	56(%esp),%eax
+	roll	$1,%eax
+	xorl	%edi,%ebp
+	addl	%ebp,%esi
+	movl	%ebx,%ebp
+	rorl	$2,%ecx
+	movl	%eax,4(%esp)
+	roll	$5,%ebp
+	leal	1518500249(%eax,%esi,1),%eax
+	movl	8(%esp),%esi
+	addl	%ebp,%eax
+	# 16_19 18 
+	movl	%ecx,%ebp
+	xorl	16(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	40(%esp),%esi
+	andl	%ebx,%ebp
+	xorl	60(%esp),%esi
+	roll	$1,%esi
+	xorl	%edx,%ebp
+	addl	%ebp,%edi
+	movl	%eax,%ebp
+	rorl	$2,%ebx
+	movl	%esi,8(%esp)
+	roll	$5,%ebp
+	leal	1518500249(%esi,%edi,1),%esi
+	movl	12(%esp),%edi
+	addl	%ebp,%esi
+	# 16_19 19 
+	movl	%ebx,%ebp
+	xorl	20(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	44(%esp),%edi
+	andl	%eax,%ebp
+	xorl	(%esp),%edi
+	roll	$1,%edi
+	xorl	%ecx,%ebp
+	addl	%ebp,%edx
+	movl	%esi,%ebp
+	rorl	$2,%eax
+	movl	%edi,12(%esp)
+	roll	$5,%ebp
+	leal	1518500249(%edi,%edx,1),%edi
+	movl	16(%esp),%edx
+	addl	%ebp,%edi
+	# 20_39 20 
+	movl	%esi,%ebp
+	xorl	24(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	48(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	4(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,16(%esp)
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	20(%esp),%ecx
+	addl	%ebp,%edx
+	# 20_39 21 
+	movl	%edi,%ebp
+	xorl	28(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	52(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	8(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,20(%esp)
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	24(%esp),%ebx
+	addl	%ebp,%ecx
+	# 20_39 22 
+	movl	%edx,%ebp
+	xorl	32(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	56(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	12(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,24(%esp)
+	leal	1859775393(%ebx,%eax,1),%ebx
+	movl	28(%esp),%eax
+	addl	%ebp,%ebx
+	# 20_39 23 
+	movl	%ecx,%ebp
+	xorl	36(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	60(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	16(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,28(%esp)
+	leal	1859775393(%eax,%esi,1),%eax
+	movl	32(%esp),%esi
+	addl	%ebp,%eax
+	# 20_39 24 
+	movl	%ebx,%ebp
+	xorl	40(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	20(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,32(%esp)
+	leal	1859775393(%esi,%edi,1),%esi
+	movl	36(%esp),%edi
+	addl	%ebp,%esi
+	# 20_39 25 
+	movl	%eax,%ebp
+	xorl	44(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	4(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	24(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,36(%esp)
+	leal	1859775393(%edi,%edx,1),%edi
+	movl	40(%esp),%edx
+	addl	%ebp,%edi
+	# 20_39 26 
+	movl	%esi,%ebp
+	xorl	48(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	8(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	28(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,40(%esp)
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	44(%esp),%ecx
+	addl	%ebp,%edx
+	# 20_39 27 
+	movl	%edi,%ebp
+	xorl	52(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	12(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	32(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,44(%esp)
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	48(%esp),%ebx
+	addl	%ebp,%ecx
+	# 20_39 28 
+	movl	%edx,%ebp
+	xorl	56(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	16(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	36(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,48(%esp)
+	leal	1859775393(%ebx,%eax,1),%ebx
+	movl	52(%esp),%eax
+	addl	%ebp,%ebx
+	# 20_39 29 
+	movl	%ecx,%ebp
+	xorl	60(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	20(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	40(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,52(%esp)
+	leal	1859775393(%eax,%esi,1),%eax
+	movl	56(%esp),%esi
+	addl	%ebp,%eax
+	# 20_39 30 
+	movl	%ebx,%ebp
+	xorl	(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	24(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	44(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,56(%esp)
+	leal	1859775393(%esi,%edi,1),%esi
+	movl	60(%esp),%edi
+	addl	%ebp,%esi
+	# 20_39 31 
+	movl	%eax,%ebp
+	xorl	4(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	28(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	48(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,60(%esp)
+	leal	1859775393(%edi,%edx,1),%edi
+	movl	(%esp),%edx
+	addl	%ebp,%edi
+	# 20_39 32 
+	movl	%esi,%ebp
+	xorl	8(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	32(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	52(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,(%esp)
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	4(%esp),%ecx
+	addl	%ebp,%edx
+	# 20_39 33 
+	movl	%edi,%ebp
+	xorl	12(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	36(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	56(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,4(%esp)
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	8(%esp),%ebx
+	addl	%ebp,%ecx
+	# 20_39 34 
+	movl	%edx,%ebp
+	xorl	16(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	40(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	60(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,8(%esp)
+	leal	1859775393(%ebx,%eax,1),%ebx
+	movl	12(%esp),%eax
+	addl	%ebp,%ebx
+	# 20_39 35 
+	movl	%ecx,%ebp
+	xorl	20(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	44(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,12(%esp)
+	leal	1859775393(%eax,%esi,1),%eax
+	movl	16(%esp),%esi
+	addl	%ebp,%eax
+	# 20_39 36 
+	movl	%ebx,%ebp
+	xorl	24(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	48(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	4(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,16(%esp)
+	leal	1859775393(%esi,%edi,1),%esi
+	movl	20(%esp),%edi
+	addl	%ebp,%esi
+	# 20_39 37 
+	movl	%eax,%ebp
+	xorl	28(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	52(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	8(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,20(%esp)
+	leal	1859775393(%edi,%edx,1),%edi
+	movl	24(%esp),%edx
+	addl	%ebp,%edi
+	# 20_39 38 
+	movl	%esi,%ebp
+	xorl	32(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	56(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	12(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,24(%esp)
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	28(%esp),%ecx
+	addl	%ebp,%edx
+	# 20_39 39 
+	movl	%edi,%ebp
+	xorl	36(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	60(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	16(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,28(%esp)
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	32(%esp),%ebx
+	addl	%ebp,%ecx
+	# 40_59 40 
+	movl	%edi,%ebp
+	xorl	40(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	20(%esp),%ebx
+	roll	$1,%ebx
+	addl	%eax,%ebp
+	rorl	$2,%edx
+	movl	%ecx,%eax
+	roll	$5,%eax
+	movl	%ebx,32(%esp)
+	leal	2400959708(%ebx,%ebp,1),%ebx
+	movl	%edi,%ebp
+	addl	%eax,%ebx
+	andl	%esi,%ebp
+	movl	36(%esp),%eax
+	addl	%ebp,%ebx
+	# 40_59 41 
+	movl	%edx,%ebp
+	xorl	44(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	4(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	24(%esp),%eax
+	roll	$1,%eax
+	addl	%esi,%ebp
+	rorl	$2,%ecx
+	movl	%ebx,%esi
+	roll	$5,%esi
+	movl	%eax,36(%esp)
+	leal	2400959708(%eax,%ebp,1),%eax
+	movl	%edx,%ebp
+	addl	%esi,%eax
+	andl	%edi,%ebp
+	movl	40(%esp),%esi
+	addl	%ebp,%eax
+	# 40_59 42 
+	movl	%ecx,%ebp
+	xorl	48(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	8(%esp),%esi
+	andl	%ebx,%ebp
+	xorl	28(%esp),%esi
+	roll	$1,%esi
+	addl	%edi,%ebp
+	rorl	$2,%ebx
+	movl	%eax,%edi
+	roll	$5,%edi
+	movl	%esi,40(%esp)
+	leal	2400959708(%esi,%ebp,1),%esi
+	movl	%ecx,%ebp
+	addl	%edi,%esi
+	andl	%edx,%ebp
+	movl	44(%esp),%edi
+	addl	%ebp,%esi
+	# 40_59 43 
+	movl	%ebx,%ebp
+	xorl	52(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	12(%esp),%edi
+	andl	%eax,%ebp
+	xorl	32(%esp),%edi
+	roll	$1,%edi
+	addl	%edx,%ebp
+	rorl	$2,%eax
+	movl	%esi,%edx
+	roll	$5,%edx
+	movl	%edi,44(%esp)
+	leal	2400959708(%edi,%ebp,1),%edi
+	movl	%ebx,%ebp
+	addl	%edx,%edi
+	andl	%ecx,%ebp
+	movl	48(%esp),%edx
+	addl	%ebp,%edi
+	# 40_59 44 
+	movl	%eax,%ebp
+	xorl	56(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	16(%esp),%edx
+	andl	%esi,%ebp
+	xorl	36(%esp),%edx
+	roll	$1,%edx
+	addl	%ecx,%ebp
+	rorl	$2,%esi
+	movl	%edi,%ecx
+	roll	$5,%ecx
+	movl	%edx,48(%esp)
+	leal	2400959708(%edx,%ebp,1),%edx
+	movl	%eax,%ebp
+	addl	%ecx,%edx
+	andl	%ebx,%ebp
+	movl	52(%esp),%ecx
+	addl	%ebp,%edx
+	# 40_59 45 
+	movl	%esi,%ebp
+	xorl	60(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	20(%esp),%ecx
+	andl	%edi,%ebp
+	xorl	40(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebx,%ebp
+	rorl	$2,%edi
+	movl	%edx,%ebx
+	roll	$5,%ebx
+	movl	%ecx,52(%esp)
+	leal	2400959708(%ecx,%ebp,1),%ecx
+	movl	%esi,%ebp
+	addl	%ebx,%ecx
+	andl	%eax,%ebp
+	movl	56(%esp),%ebx
+	addl	%ebp,%ecx
+	# 40_59 46 
+	movl	%edi,%ebp
+	xorl	(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	24(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	44(%esp),%ebx
+	roll	$1,%ebx
+	addl	%eax,%ebp
+	rorl	$2,%edx
+	movl	%ecx,%eax
+	roll	$5,%eax
+	movl	%ebx,56(%esp)
+	leal	2400959708(%ebx,%ebp,1),%ebx
+	movl	%edi,%ebp
+	addl	%eax,%ebx
+	andl	%esi,%ebp
+	movl	60(%esp),%eax
+	addl	%ebp,%ebx
+	# 40_59 47 
+	movl	%edx,%ebp
+	xorl	4(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	28(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	48(%esp),%eax
+	roll	$1,%eax
+	addl	%esi,%ebp
+	rorl	$2,%ecx
+	movl	%ebx,%esi
+	roll	$5,%esi
+	movl	%eax,60(%esp)
+	leal	2400959708(%eax,%ebp,1),%eax
+	movl	%edx,%ebp
+	addl	%esi,%eax
+	andl	%edi,%ebp
+	movl	(%esp),%esi
+	addl	%ebp,%eax
+	# 40_59 48 
+	movl	%ecx,%ebp
+	xorl	8(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	32(%esp),%esi
+	andl	%ebx,%ebp
+	xorl	52(%esp),%esi
+	roll	$1,%esi
+	addl	%edi,%ebp
+	rorl	$2,%ebx
+	movl	%eax,%edi
+	roll	$5,%edi
+	movl	%esi,(%esp)
+	leal	2400959708(%esi,%ebp,1),%esi
+	movl	%ecx,%ebp
+	addl	%edi,%esi
+	andl	%edx,%ebp
+	movl	4(%esp),%edi
+	addl	%ebp,%esi
+	# 40_59 49 
+	movl	%ebx,%ebp
+	xorl	12(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	36(%esp),%edi
+	andl	%eax,%ebp
+	xorl	56(%esp),%edi
+	roll	$1,%edi
+	addl	%edx,%ebp
+	rorl	$2,%eax
+	movl	%esi,%edx
+	roll	$5,%edx
+	movl	%edi,4(%esp)
+	leal	2400959708(%edi,%ebp,1),%edi
+	movl	%ebx,%ebp
+	addl	%edx,%edi
+	andl	%ecx,%ebp
+	movl	8(%esp),%edx
+	addl	%ebp,%edi
+	# 40_59 50 
+	movl	%eax,%ebp
+	xorl	16(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	40(%esp),%edx
+	andl	%esi,%ebp
+	xorl	60(%esp),%edx
+	roll	$1,%edx
+	addl	%ecx,%ebp
+	rorl	$2,%esi
+	movl	%edi,%ecx
+	roll	$5,%ecx
+	movl	%edx,8(%esp)
+	leal	2400959708(%edx,%ebp,1),%edx
+	movl	%eax,%ebp
+	addl	%ecx,%edx
+	andl	%ebx,%ebp
+	movl	12(%esp),%ecx
+	addl	%ebp,%edx
+	# 40_59 51 
+	movl	%esi,%ebp
+	xorl	20(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	44(%esp),%ecx
+	andl	%edi,%ebp
+	xorl	(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebx,%ebp
+	rorl	$2,%edi
+	movl	%edx,%ebx
+	roll	$5,%ebx
+	movl	%ecx,12(%esp)
+	leal	2400959708(%ecx,%ebp,1),%ecx
+	movl	%esi,%ebp
+	addl	%ebx,%ecx
+	andl	%eax,%ebp
+	movl	16(%esp),%ebx
+	addl	%ebp,%ecx
+	# 40_59 52 
+	movl	%edi,%ebp
+	xorl	24(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	48(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	4(%esp),%ebx
+	roll	$1,%ebx
+	addl	%eax,%ebp
+	rorl	$2,%edx
+	movl	%ecx,%eax
+	roll	$5,%eax
+	movl	%ebx,16(%esp)
+	leal	2400959708(%ebx,%ebp,1),%ebx
+	movl	%edi,%ebp
+	addl	%eax,%ebx
+	andl	%esi,%ebp
+	movl	20(%esp),%eax
+	addl	%ebp,%ebx
+	# 40_59 53 
+	movl	%edx,%ebp
+	xorl	28(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	52(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	8(%esp),%eax
+	roll	$1,%eax
+	addl	%esi,%ebp
+	rorl	$2,%ecx
+	movl	%ebx,%esi
+	roll	$5,%esi
+	movl	%eax,20(%esp)
+	leal	2400959708(%eax,%ebp,1),%eax
+	movl	%edx,%ebp
+	addl	%esi,%eax
+	andl	%edi,%ebp
+	movl	24(%esp),%esi
+	addl	%ebp,%eax
+	# 40_59 54 
+	movl	%ecx,%ebp
+	xorl	32(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	56(%esp),%esi
+	andl	%ebx,%ebp
+	xorl	12(%esp),%esi
+	roll	$1,%esi
+	addl	%edi,%ebp
+	rorl	$2,%ebx
+	movl	%eax,%edi
+	roll	$5,%edi
+	movl	%esi,24(%esp)
+	leal	2400959708(%esi,%ebp,1),%esi
+	movl	%ecx,%ebp
+	addl	%edi,%esi
+	andl	%edx,%ebp
+	movl	28(%esp),%edi
+	addl	%ebp,%esi
+	# 40_59 55 
+	movl	%ebx,%ebp
+	xorl	36(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	60(%esp),%edi
+	andl	%eax,%ebp
+	xorl	16(%esp),%edi
+	roll	$1,%edi
+	addl	%edx,%ebp
+	rorl	$2,%eax
+	movl	%esi,%edx
+	roll	$5,%edx
+	movl	%edi,28(%esp)
+	leal	2400959708(%edi,%ebp,1),%edi
+	movl	%ebx,%ebp
+	addl	%edx,%edi
+	andl	%ecx,%ebp
+	movl	32(%esp),%edx
+	addl	%ebp,%edi
+	# 40_59 56 
+	movl	%eax,%ebp
+	xorl	40(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	(%esp),%edx
+	andl	%esi,%ebp
+	xorl	20(%esp),%edx
+	roll	$1,%edx
+	addl	%ecx,%ebp
+	rorl	$2,%esi
+	movl	%edi,%ecx
+	roll	$5,%ecx
+	movl	%edx,32(%esp)
+	leal	2400959708(%edx,%ebp,1),%edx
+	movl	%eax,%ebp
+	addl	%ecx,%edx
+	andl	%ebx,%ebp
+	movl	36(%esp),%ecx
+	addl	%ebp,%edx
+	# 40_59 57 
+	movl	%esi,%ebp
+	xorl	44(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	4(%esp),%ecx
+	andl	%edi,%ebp
+	xorl	24(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebx,%ebp
+	rorl	$2,%edi
+	movl	%edx,%ebx
+	roll	$5,%ebx
+	movl	%ecx,36(%esp)
+	leal	2400959708(%ecx,%ebp,1),%ecx
+	movl	%esi,%ebp
+	addl	%ebx,%ecx
+	andl	%eax,%ebp
+	movl	40(%esp),%ebx
+	addl	%ebp,%ecx
+	# 40_59 58 
+	movl	%edi,%ebp
+	xorl	48(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	8(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	28(%esp),%ebx
+	roll	$1,%ebx
+	addl	%eax,%ebp
+	rorl	$2,%edx
+	movl	%ecx,%eax
+	roll	$5,%eax
+	movl	%ebx,40(%esp)
+	leal	2400959708(%ebx,%ebp,1),%ebx
+	movl	%edi,%ebp
+	addl	%eax,%ebx
+	andl	%esi,%ebp
+	movl	44(%esp),%eax
+	addl	%ebp,%ebx
+	# 40_59 59 
+	movl	%edx,%ebp
+	xorl	52(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	12(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	32(%esp),%eax
+	roll	$1,%eax
+	addl	%esi,%ebp
+	rorl	$2,%ecx
+	movl	%ebx,%esi
+	roll	$5,%esi
+	movl	%eax,44(%esp)
+	leal	2400959708(%eax,%ebp,1),%eax
+	movl	%edx,%ebp
+	addl	%esi,%eax
+	andl	%edi,%ebp
+	movl	48(%esp),%esi
+	addl	%ebp,%eax
+	# 20_39 60 
+	movl	%ebx,%ebp
+	xorl	56(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	16(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	36(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,48(%esp)
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	52(%esp),%edi
+	addl	%ebp,%esi
+	# 20_39 61 
+	movl	%eax,%ebp
+	xorl	60(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	20(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	40(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,52(%esp)
+	leal	3395469782(%edi,%edx,1),%edi
+	movl	56(%esp),%edx
+	addl	%ebp,%edi
+	# 20_39 62 
+	movl	%esi,%ebp
+	xorl	(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	24(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	44(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,56(%esp)
+	leal	3395469782(%edx,%ecx,1),%edx
+	movl	60(%esp),%ecx
+	addl	%ebp,%edx
+	# 20_39 63 
+	movl	%edi,%ebp
+	xorl	4(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	28(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	48(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,60(%esp)
+	leal	3395469782(%ecx,%ebx,1),%ecx
+	movl	(%esp),%ebx
+	addl	%ebp,%ecx
+	# 20_39 64 
+	movl	%edx,%ebp
+	xorl	8(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	32(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	52(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,(%esp)
+	leal	3395469782(%ebx,%eax,1),%ebx
+	movl	4(%esp),%eax
+	addl	%ebp,%ebx
+	# 20_39 65 
+	movl	%ecx,%ebp
+	xorl	12(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	36(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	56(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,4(%esp)
+	leal	3395469782(%eax,%esi,1),%eax
+	movl	8(%esp),%esi
+	addl	%ebp,%eax
+	# 20_39 66 
+	movl	%ebx,%ebp
+	xorl	16(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	40(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	60(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,8(%esp)
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	12(%esp),%edi
+	addl	%ebp,%esi
+	# 20_39 67 
+	movl	%eax,%ebp
+	xorl	20(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	44(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,12(%esp)
+	leal	3395469782(%edi,%edx,1),%edi
+	movl	16(%esp),%edx
+	addl	%ebp,%edi
+	# 20_39 68 
+	movl	%esi,%ebp
+	xorl	24(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	48(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	4(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,16(%esp)
+	leal	3395469782(%edx,%ecx,1),%edx
+	movl	20(%esp),%ecx
+	addl	%ebp,%edx
+	# 20_39 69 
+	movl	%edi,%ebp
+	xorl	28(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	52(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	8(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,20(%esp)
+	leal	3395469782(%ecx,%ebx,1),%ecx
+	movl	24(%esp),%ebx
+	addl	%ebp,%ecx
+	# 20_39 70 
+	movl	%edx,%ebp
+	xorl	32(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	56(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	12(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,24(%esp)
+	leal	3395469782(%ebx,%eax,1),%ebx
+	movl	28(%esp),%eax
+	addl	%ebp,%ebx
+	# 20_39 71 
+	movl	%ecx,%ebp
+	xorl	36(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	60(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	16(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,28(%esp)
+	leal	3395469782(%eax,%esi,1),%eax
+	movl	32(%esp),%esi
+	addl	%ebp,%eax
+	# 20_39 72 
+	movl	%ebx,%ebp
+	xorl	40(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	20(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,32(%esp)
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	36(%esp),%edi
+	addl	%ebp,%esi
+	# 20_39 73 
+	movl	%eax,%ebp
+	xorl	44(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	4(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	24(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,36(%esp)
+	leal	3395469782(%edi,%edx,1),%edi
+	movl	40(%esp),%edx
+	addl	%ebp,%edi
+	# 20_39 74 
+	movl	%esi,%ebp
+	xorl	48(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	8(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	28(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,40(%esp)
+	leal	3395469782(%edx,%ecx,1),%edx
+	movl	44(%esp),%ecx
+	addl	%ebp,%edx
+	# 20_39 75 
+	movl	%edi,%ebp
+	xorl	52(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	12(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	32(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,44(%esp)
+	leal	3395469782(%ecx,%ebx,1),%ecx
+	movl	48(%esp),%ebx
+	addl	%ebp,%ecx
+	# 20_39 76 
+	movl	%edx,%ebp
+	xorl	56(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	16(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	36(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,48(%esp)
+	leal	3395469782(%ebx,%eax,1),%ebx
+	movl	52(%esp),%eax
+	addl	%ebp,%ebx
+	# 20_39 77 
+	movl	%ecx,%ebp
+	xorl	60(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	20(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	40(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	leal	3395469782(%eax,%esi,1),%eax
+	movl	56(%esp),%esi
+	addl	%ebp,%eax
+	# 20_39 78 
+	movl	%ebx,%ebp
+	xorl	(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	24(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	44(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	60(%esp),%edi
+	addl	%ebp,%esi
+	# 20_39 79 
+	movl	%eax,%ebp
+	xorl	4(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	28(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	48(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	leal	3395469782(%edi,%edx,1),%edi
+	addl	%ebp,%edi
+	movl	96(%esp),%ebp
+	movl	100(%esp),%edx
+	addl	(%ebp),%edi
+	addl	4(%ebp),%esi
+	addl	8(%ebp),%eax
+	addl	12(%ebp),%ebx
+	addl	16(%ebp),%ecx
+	movl	%edi,(%ebp)
+	addl	$64,%edx
+	movl	%esi,4(%ebp)
+	cmpl	104(%esp),%edx
+	movl	%eax,8(%ebp)
+	movl	%ecx,%edi
+	movl	%ebx,12(%ebp)
+	movl	%edx,%esi
+	movl	%ecx,16(%ebp)
+	jb	.L000loop
+	addl	$76,%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.byte	83,72,65,49,32,98,108,111,99,107,32,116,114,97,110,115
+.byte	102,111,114,109,32,102,111,114,32,120,56,54,44,32,67,82
+.byte	89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112
+.byte	114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+
diff --git a/lib/accelerated/x86/coff/sha1-ssse3-x86_64.s b/lib/accelerated/x86/coff/sha1-ssse3-x86_64.s
new file mode 100644
index 0000000..eb7924d
--- /dev/null
+++ b/lib/accelerated/x86/coff/sha1-ssse3-x86_64.s
@@ -0,0 +1,5792 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+.globl	sha1_block_data_order
+.def	sha1_block_data_order;	.scl 2;	.type 32;	.endef
+.p2align	4
+sha1_block_data_order:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_sha1_block_data_order:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+
+	movl	GNUTLS_x86_cpuid_s+0(%rip),%r9d
+	movl	GNUTLS_x86_cpuid_s+4(%rip),%r8d
+	movl	GNUTLS_x86_cpuid_s+8(%rip),%r10d
+	testl	$512,%r8d
+	jz	.Lialu
+	testl	$536870912,%r10d
+	jnz	_shaext_shortcut
+	andl	$296,%r10d
+	cmpl	$296,%r10d
+	je	_avx2_shortcut
+	andl	$268435456,%r8d
+	andl	$1073741824,%r9d
+	orl	%r9d,%r8d
+	cmpl	$1342177280,%r8d
+	je	_avx_shortcut
+	jmp	_ssse3_shortcut
+
+.p2align	4
+.Lialu:
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	movq	%rdi,%r8
+	subq	$72,%rsp
+	movq	%rsi,%r9
+	andq	$-64,%rsp
+	movq	%rdx,%r10
+	movq	%rax,64(%rsp)
+
+.Lprologue:
+
+	movl	0(%r8),%esi
+	movl	4(%r8),%edi
+	movl	8(%r8),%r11d
+	movl	12(%r8),%r12d
+	movl	16(%r8),%r13d
+	jmp	.Lloop
+
+.p2align	4
+.Lloop:
+	movl	0(%r9),%edx
+	bswapl	%edx
+	movl	4(%r9),%ebp
+	movl	%r12d,%eax
+	movl	%edx,0(%rsp)
+	movl	%esi,%ecx
+	bswapl	%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	andl	%edi,%eax
+	leal	1518500249(%rdx,%r13,1),%r13d
+	addl	%ecx,%r13d
+	xorl	%r12d,%eax
+	roll	$30,%edi
+	addl	%eax,%r13d
+	movl	8(%r9),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,4(%rsp)
+	movl	%r13d,%ecx
+	bswapl	%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	andl	%esi,%eax
+	leal	1518500249(%rbp,%r12,1),%r12d
+	addl	%ecx,%r12d
+	xorl	%r11d,%eax
+	roll	$30,%esi
+	addl	%eax,%r12d
+	movl	12(%r9),%edx
+	movl	%edi,%eax
+	movl	%r14d,8(%rsp)
+	movl	%r12d,%ecx
+	bswapl	%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	andl	%r13d,%eax
+	leal	1518500249(%r14,%r11,1),%r11d
+	addl	%ecx,%r11d
+	xorl	%edi,%eax
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	movl	16(%r9),%ebp
+	movl	%esi,%eax
+	movl	%edx,12(%rsp)
+	movl	%r11d,%ecx
+	bswapl	%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	andl	%r12d,%eax
+	leal	1518500249(%rdx,%rdi,1),%edi
+	addl	%ecx,%edi
+	xorl	%esi,%eax
+	roll	$30,%r12d
+	addl	%eax,%edi
+	movl	20(%r9),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,16(%rsp)
+	movl	%edi,%ecx
+	bswapl	%r14d
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	andl	%r11d,%eax
+	leal	1518500249(%rbp,%rsi,1),%esi
+	addl	%ecx,%esi
+	xorl	%r13d,%eax
+	roll	$30,%r11d
+	addl	%eax,%esi
+	movl	24(%r9),%edx
+	movl	%r12d,%eax
+	movl	%r14d,20(%rsp)
+	movl	%esi,%ecx
+	bswapl	%edx
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	andl	%edi,%eax
+	leal	1518500249(%r14,%r13,1),%r13d
+	addl	%ecx,%r13d
+	xorl	%r12d,%eax
+	roll	$30,%edi
+	addl	%eax,%r13d
+	movl	28(%r9),%ebp
+	movl	%r11d,%eax
+	movl	%edx,24(%rsp)
+	movl	%r13d,%ecx
+	bswapl	%ebp
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	andl	%esi,%eax
+	leal	1518500249(%rdx,%r12,1),%r12d
+	addl	%ecx,%r12d
+	xorl	%r11d,%eax
+	roll	$30,%esi
+	addl	%eax,%r12d
+	movl	32(%r9),%r14d
+	movl	%edi,%eax
+	movl	%ebp,28(%rsp)
+	movl	%r12d,%ecx
+	bswapl	%r14d
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	andl	%r13d,%eax
+	leal	1518500249(%rbp,%r11,1),%r11d
+	addl	%ecx,%r11d
+	xorl	%edi,%eax
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	movl	36(%r9),%edx
+	movl	%esi,%eax
+	movl	%r14d,32(%rsp)
+	movl	%r11d,%ecx
+	bswapl	%edx
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	andl	%r12d,%eax
+	leal	1518500249(%r14,%rdi,1),%edi
+	addl	%ecx,%edi
+	xorl	%esi,%eax
+	roll	$30,%r12d
+	addl	%eax,%edi
+	movl	40(%r9),%ebp
+	movl	%r13d,%eax
+	movl	%edx,36(%rsp)
+	movl	%edi,%ecx
+	bswapl	%ebp
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	andl	%r11d,%eax
+	leal	1518500249(%rdx,%rsi,1),%esi
+	addl	%ecx,%esi
+	xorl	%r13d,%eax
+	roll	$30,%r11d
+	addl	%eax,%esi
+	movl	44(%r9),%r14d
+	movl	%r12d,%eax
+	movl	%ebp,40(%rsp)
+	movl	%esi,%ecx
+	bswapl	%r14d
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	andl	%edi,%eax
+	leal	1518500249(%rbp,%r13,1),%r13d
+	addl	%ecx,%r13d
+	xorl	%r12d,%eax
+	roll	$30,%edi
+	addl	%eax,%r13d
+	movl	48(%r9),%edx
+	movl	%r11d,%eax
+	movl	%r14d,44(%rsp)
+	movl	%r13d,%ecx
+	bswapl	%edx
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	andl	%esi,%eax
+	leal	1518500249(%r14,%r12,1),%r12d
+	addl	%ecx,%r12d
+	xorl	%r11d,%eax
+	roll	$30,%esi
+	addl	%eax,%r12d
+	movl	52(%r9),%ebp
+	movl	%edi,%eax
+	movl	%edx,48(%rsp)
+	movl	%r12d,%ecx
+	bswapl	%ebp
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	andl	%r13d,%eax
+	leal	1518500249(%rdx,%r11,1),%r11d
+	addl	%ecx,%r11d
+	xorl	%edi,%eax
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	movl	56(%r9),%r14d
+	movl	%esi,%eax
+	movl	%ebp,52(%rsp)
+	movl	%r11d,%ecx
+	bswapl	%r14d
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	andl	%r12d,%eax
+	leal	1518500249(%rbp,%rdi,1),%edi
+	addl	%ecx,%edi
+	xorl	%esi,%eax
+	roll	$30,%r12d
+	addl	%eax,%edi
+	movl	60(%r9),%edx
+	movl	%r13d,%eax
+	movl	%r14d,56(%rsp)
+	movl	%edi,%ecx
+	bswapl	%edx
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	andl	%r11d,%eax
+	leal	1518500249(%r14,%rsi,1),%esi
+	addl	%ecx,%esi
+	xorl	%r13d,%eax
+	roll	$30,%r11d
+	addl	%eax,%esi
+	xorl	0(%rsp),%ebp
+	movl	%r12d,%eax
+	movl	%edx,60(%rsp)
+	movl	%esi,%ecx
+	xorl	8(%rsp),%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	32(%rsp),%ebp
+	andl	%edi,%eax
+	leal	1518500249(%rdx,%r13,1),%r13d
+	roll	$30,%edi
+	xorl	%r12d,%eax
+	addl	%ecx,%r13d
+	roll	$1,%ebp
+	addl	%eax,%r13d
+	xorl	4(%rsp),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,0(%rsp)
+	movl	%r13d,%ecx
+	xorl	12(%rsp),%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	36(%rsp),%r14d
+	andl	%esi,%eax
+	leal	1518500249(%rbp,%r12,1),%r12d
+	roll	$30,%esi
+	xorl	%r11d,%eax
+	addl	%ecx,%r12d
+	roll	$1,%r14d
+	addl	%eax,%r12d
+	xorl	8(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,4(%rsp)
+	movl	%r12d,%ecx
+	xorl	16(%rsp),%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	40(%rsp),%edx
+	andl	%r13d,%eax
+	leal	1518500249(%r14,%r11,1),%r11d
+	roll	$30,%r13d
+	xorl	%edi,%eax
+	addl	%ecx,%r11d
+	roll	$1,%edx
+	addl	%eax,%r11d
+	xorl	12(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,8(%rsp)
+	movl	%r11d,%ecx
+	xorl	20(%rsp),%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	44(%rsp),%ebp
+	andl	%r12d,%eax
+	leal	1518500249(%rdx,%rdi,1),%edi
+	roll	$30,%r12d
+	xorl	%esi,%eax
+	addl	%ecx,%edi
+	roll	$1,%ebp
+	addl	%eax,%edi
+	xorl	16(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,12(%rsp)
+	movl	%edi,%ecx
+	xorl	24(%rsp),%r14d
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	48(%rsp),%r14d
+	andl	%r11d,%eax
+	leal	1518500249(%rbp,%rsi,1),%esi
+	roll	$30,%r11d
+	xorl	%r13d,%eax
+	addl	%ecx,%esi
+	roll	$1,%r14d
+	addl	%eax,%esi
+	xorl	20(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,16(%rsp)
+	movl	%esi,%ecx
+	xorl	28(%rsp),%edx
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	52(%rsp),%edx
+	leal	1859775393(%r14,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%edx
+	xorl	24(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,20(%rsp)
+	movl	%r13d,%ecx
+	xorl	32(%rsp),%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	56(%rsp),%ebp
+	leal	1859775393(%rdx,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%ebp
+	xorl	28(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,24(%rsp)
+	movl	%r12d,%ecx
+	xorl	36(%rsp),%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	60(%rsp),%r14d
+	leal	1859775393(%rbp,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%r14d
+	xorl	32(%rsp),%edx
+	movl	%r12d,%eax
+	movl	%r14d,28(%rsp)
+	movl	%r11d,%ecx
+	xorl	40(%rsp),%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	0(%rsp),%edx
+	leal	1859775393(%r14,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%edx
+	xorl	36(%rsp),%ebp
+	movl	%r11d,%eax
+	movl	%edx,32(%rsp)
+	movl	%edi,%ecx
+	xorl	44(%rsp),%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	4(%rsp),%ebp
+	leal	1859775393(%rdx,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%ebp
+	xorl	40(%rsp),%r14d
+	movl	%edi,%eax
+	movl	%ebp,36(%rsp)
+	movl	%esi,%ecx
+	xorl	48(%rsp),%r14d
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	8(%rsp),%r14d
+	leal	1859775393(%rbp,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%r14d
+	xorl	44(%rsp),%edx
+	movl	%esi,%eax
+	movl	%r14d,40(%rsp)
+	movl	%r13d,%ecx
+	xorl	52(%rsp),%edx
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	12(%rsp),%edx
+	leal	1859775393(%r14,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%edx
+	xorl	48(%rsp),%ebp
+	movl	%r13d,%eax
+	movl	%edx,44(%rsp)
+	movl	%r12d,%ecx
+	xorl	56(%rsp),%ebp
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	16(%rsp),%ebp
+	leal	1859775393(%rdx,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%ebp
+	xorl	52(%rsp),%r14d
+	movl	%r12d,%eax
+	movl	%ebp,48(%rsp)
+	movl	%r11d,%ecx
+	xorl	60(%rsp),%r14d
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	20(%rsp),%r14d
+	leal	1859775393(%rbp,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%r14d
+	xorl	56(%rsp),%edx
+	movl	%r11d,%eax
+	movl	%r14d,52(%rsp)
+	movl	%edi,%ecx
+	xorl	0(%rsp),%edx
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	24(%rsp),%edx
+	leal	1859775393(%r14,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%edx
+	xorl	60(%rsp),%ebp
+	movl	%edi,%eax
+	movl	%edx,56(%rsp)
+	movl	%esi,%ecx
+	xorl	4(%rsp),%ebp
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	28(%rsp),%ebp
+	leal	1859775393(%rdx,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%ebp
+	xorl	0(%rsp),%r14d
+	movl	%esi,%eax
+	movl	%ebp,60(%rsp)
+	movl	%r13d,%ecx
+	xorl	8(%rsp),%r14d
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	32(%rsp),%r14d
+	leal	1859775393(%rbp,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%r14d
+	xorl	4(%rsp),%edx
+	movl	%r13d,%eax
+	movl	%r14d,0(%rsp)
+	movl	%r12d,%ecx
+	xorl	12(%rsp),%edx
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	36(%rsp),%edx
+	leal	1859775393(%r14,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%edx
+	xorl	8(%rsp),%ebp
+	movl	%r12d,%eax
+	movl	%edx,4(%rsp)
+	movl	%r11d,%ecx
+	xorl	16(%rsp),%ebp
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	40(%rsp),%ebp
+	leal	1859775393(%rdx,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%ebp
+	xorl	12(%rsp),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,8(%rsp)
+	movl	%edi,%ecx
+	xorl	20(%rsp),%r14d
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	44(%rsp),%r14d
+	leal	1859775393(%rbp,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%r14d
+	xorl	16(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,12(%rsp)
+	movl	%esi,%ecx
+	xorl	24(%rsp),%edx
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	48(%rsp),%edx
+	leal	1859775393(%r14,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%edx
+	xorl	20(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,16(%rsp)
+	movl	%r13d,%ecx
+	xorl	28(%rsp),%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	52(%rsp),%ebp
+	leal	1859775393(%rdx,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%ebp
+	xorl	24(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,20(%rsp)
+	movl	%r12d,%ecx
+	xorl	32(%rsp),%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	56(%rsp),%r14d
+	leal	1859775393(%rbp,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%r14d
+	xorl	28(%rsp),%edx
+	movl	%r12d,%eax
+	movl	%r14d,24(%rsp)
+	movl	%r11d,%ecx
+	xorl	36(%rsp),%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	60(%rsp),%edx
+	leal	1859775393(%r14,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%edx
+	xorl	32(%rsp),%ebp
+	movl	%r11d,%eax
+	movl	%edx,28(%rsp)
+	movl	%edi,%ecx
+	xorl	40(%rsp),%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	0(%rsp),%ebp
+	leal	1859775393(%rdx,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%ebp
+	xorl	36(%rsp),%r14d
+	movl	%r12d,%eax
+	movl	%ebp,32(%rsp)
+	movl	%r12d,%ebx
+	xorl	44(%rsp),%r14d
+	andl	%r11d,%eax
+	movl	%esi,%ecx
+	xorl	4(%rsp),%r14d
+	leal	-1894007588(%rbp,%r13,1),%r13d
+	xorl	%r11d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r13d
+	roll	$1,%r14d
+	andl	%edi,%ebx
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%ebx,%r13d
+	xorl	40(%rsp),%edx
+	movl	%r11d,%eax
+	movl	%r14d,36(%rsp)
+	movl	%r11d,%ebx
+	xorl	48(%rsp),%edx
+	andl	%edi,%eax
+	movl	%r13d,%ecx
+	xorl	8(%rsp),%edx
+	leal	-1894007588(%r14,%r12,1),%r12d
+	xorl	%edi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r12d
+	roll	$1,%edx
+	andl	%esi,%ebx
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%ebx,%r12d
+	xorl	44(%rsp),%ebp
+	movl	%edi,%eax
+	movl	%edx,40(%rsp)
+	movl	%edi,%ebx
+	xorl	52(%rsp),%ebp
+	andl	%esi,%eax
+	movl	%r12d,%ecx
+	xorl	12(%rsp),%ebp
+	leal	-1894007588(%rdx,%r11,1),%r11d
+	xorl	%esi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r11d
+	roll	$1,%ebp
+	andl	%r13d,%ebx
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%ebx,%r11d
+	xorl	48(%rsp),%r14d
+	movl	%esi,%eax
+	movl	%ebp,44(%rsp)
+	movl	%esi,%ebx
+	xorl	56(%rsp),%r14d
+	andl	%r13d,%eax
+	movl	%r11d,%ecx
+	xorl	16(%rsp),%r14d
+	leal	-1894007588(%rbp,%rdi,1),%edi
+	xorl	%r13d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%edi
+	roll	$1,%r14d
+	andl	%r12d,%ebx
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%ebx,%edi
+	xorl	52(%rsp),%edx
+	movl	%r13d,%eax
+	movl	%r14d,48(%rsp)
+	movl	%r13d,%ebx
+	xorl	60(%rsp),%edx
+	andl	%r12d,%eax
+	movl	%edi,%ecx
+	xorl	20(%rsp),%edx
+	leal	-1894007588(%r14,%rsi,1),%esi
+	xorl	%r12d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%esi
+	roll	$1,%edx
+	andl	%r11d,%ebx
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%ebx,%esi
+	xorl	56(%rsp),%ebp
+	movl	%r12d,%eax
+	movl	%edx,52(%rsp)
+	movl	%r12d,%ebx
+	xorl	0(%rsp),%ebp
+	andl	%r11d,%eax
+	movl	%esi,%ecx
+	xorl	24(%rsp),%ebp
+	leal	-1894007588(%rdx,%r13,1),%r13d
+	xorl	%r11d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r13d
+	roll	$1,%ebp
+	andl	%edi,%ebx
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%ebx,%r13d
+	xorl	60(%rsp),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,56(%rsp)
+	movl	%r11d,%ebx
+	xorl	4(%rsp),%r14d
+	andl	%edi,%eax
+	movl	%r13d,%ecx
+	xorl	28(%rsp),%r14d
+	leal	-1894007588(%rbp,%r12,1),%r12d
+	xorl	%edi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r12d
+	roll	$1,%r14d
+	andl	%esi,%ebx
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%ebx,%r12d
+	xorl	0(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,60(%rsp)
+	movl	%edi,%ebx
+	xorl	8(%rsp),%edx
+	andl	%esi,%eax
+	movl	%r12d,%ecx
+	xorl	32(%rsp),%edx
+	leal	-1894007588(%r14,%r11,1),%r11d
+	xorl	%esi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r11d
+	roll	$1,%edx
+	andl	%r13d,%ebx
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%ebx,%r11d
+	xorl	4(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,0(%rsp)
+	movl	%esi,%ebx
+	xorl	12(%rsp),%ebp
+	andl	%r13d,%eax
+	movl	%r11d,%ecx
+	xorl	36(%rsp),%ebp
+	leal	-1894007588(%rdx,%rdi,1),%edi
+	xorl	%r13d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%edi
+	roll	$1,%ebp
+	andl	%r12d,%ebx
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%ebx,%edi
+	xorl	8(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,4(%rsp)
+	movl	%r13d,%ebx
+	xorl	16(%rsp),%r14d
+	andl	%r12d,%eax
+	movl	%edi,%ecx
+	xorl	40(%rsp),%r14d
+	leal	-1894007588(%rbp,%rsi,1),%esi
+	xorl	%r12d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%esi
+	roll	$1,%r14d
+	andl	%r11d,%ebx
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%ebx,%esi
+	xorl	12(%rsp),%edx
+	movl	%r12d,%eax
+	movl	%r14d,8(%rsp)
+	movl	%r12d,%ebx
+	xorl	20(%rsp),%edx
+	andl	%r11d,%eax
+	movl	%esi,%ecx
+	xorl	44(%rsp),%edx
+	leal	-1894007588(%r14,%r13,1),%r13d
+	xorl	%r11d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r13d
+	roll	$1,%edx
+	andl	%edi,%ebx
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%ebx,%r13d
+	xorl	16(%rsp),%ebp
+	movl	%r11d,%eax
+	movl	%edx,12(%rsp)
+	movl	%r11d,%ebx
+	xorl	24(%rsp),%ebp
+	andl	%edi,%eax
+	movl	%r13d,%ecx
+	xorl	48(%rsp),%ebp
+	leal	-1894007588(%rdx,%r12,1),%r12d
+	xorl	%edi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r12d
+	roll	$1,%ebp
+	andl	%esi,%ebx
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%ebx,%r12d
+	xorl	20(%rsp),%r14d
+	movl	%edi,%eax
+	movl	%ebp,16(%rsp)
+	movl	%edi,%ebx
+	xorl	28(%rsp),%r14d
+	andl	%esi,%eax
+	movl	%r12d,%ecx
+	xorl	52(%rsp),%r14d
+	leal	-1894007588(%rbp,%r11,1),%r11d
+	xorl	%esi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r11d
+	roll	$1,%r14d
+	andl	%r13d,%ebx
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%ebx,%r11d
+	xorl	24(%rsp),%edx
+	movl	%esi,%eax
+	movl	%r14d,20(%rsp)
+	movl	%esi,%ebx
+	xorl	32(%rsp),%edx
+	andl	%r13d,%eax
+	movl	%r11d,%ecx
+	xorl	56(%rsp),%edx
+	leal	-1894007588(%r14,%rdi,1),%edi
+	xorl	%r13d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%edi
+	roll	$1,%edx
+	andl	%r12d,%ebx
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%ebx,%edi
+	xorl	28(%rsp),%ebp
+	movl	%r13d,%eax
+	movl	%edx,24(%rsp)
+	movl	%r13d,%ebx
+	xorl	36(%rsp),%ebp
+	andl	%r12d,%eax
+	movl	%edi,%ecx
+	xorl	60(%rsp),%ebp
+	leal	-1894007588(%rdx,%rsi,1),%esi
+	xorl	%r12d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%esi
+	roll	$1,%ebp
+	andl	%r11d,%ebx
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%ebx,%esi
+	xorl	32(%rsp),%r14d
+	movl	%r12d,%eax
+	movl	%ebp,28(%rsp)
+	movl	%r12d,%ebx
+	xorl	40(%rsp),%r14d
+	andl	%r11d,%eax
+	movl	%esi,%ecx
+	xorl	0(%rsp),%r14d
+	leal	-1894007588(%rbp,%r13,1),%r13d
+	xorl	%r11d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r13d
+	roll	$1,%r14d
+	andl	%edi,%ebx
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%ebx,%r13d
+	xorl	36(%rsp),%edx
+	movl	%r11d,%eax
+	movl	%r14d,32(%rsp)
+	movl	%r11d,%ebx
+	xorl	44(%rsp),%edx
+	andl	%edi,%eax
+	movl	%r13d,%ecx
+	xorl	4(%rsp),%edx
+	leal	-1894007588(%r14,%r12,1),%r12d
+	xorl	%edi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r12d
+	roll	$1,%edx
+	andl	%esi,%ebx
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%ebx,%r12d
+	xorl	40(%rsp),%ebp
+	movl	%edi,%eax
+	movl	%edx,36(%rsp)
+	movl	%edi,%ebx
+	xorl	48(%rsp),%ebp
+	andl	%esi,%eax
+	movl	%r12d,%ecx
+	xorl	8(%rsp),%ebp
+	leal	-1894007588(%rdx,%r11,1),%r11d
+	xorl	%esi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r11d
+	roll	$1,%ebp
+	andl	%r13d,%ebx
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%ebx,%r11d
+	xorl	44(%rsp),%r14d
+	movl	%esi,%eax
+	movl	%ebp,40(%rsp)
+	movl	%esi,%ebx
+	xorl	52(%rsp),%r14d
+	andl	%r13d,%eax
+	movl	%r11d,%ecx
+	xorl	12(%rsp),%r14d
+	leal	-1894007588(%rbp,%rdi,1),%edi
+	xorl	%r13d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%edi
+	roll	$1,%r14d
+	andl	%r12d,%ebx
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%ebx,%edi
+	xorl	48(%rsp),%edx
+	movl	%r13d,%eax
+	movl	%r14d,44(%rsp)
+	movl	%r13d,%ebx
+	xorl	56(%rsp),%edx
+	andl	%r12d,%eax
+	movl	%edi,%ecx
+	xorl	16(%rsp),%edx
+	leal	-1894007588(%r14,%rsi,1),%esi
+	xorl	%r12d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%esi
+	roll	$1,%edx
+	andl	%r11d,%ebx
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%ebx,%esi
+	xorl	52(%rsp),%ebp
+	movl	%edi,%eax
+	movl	%edx,48(%rsp)
+	movl	%esi,%ecx
+	xorl	60(%rsp),%ebp
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	20(%rsp),%ebp
+	leal	-899497514(%rdx,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%ebp
+	xorl	56(%rsp),%r14d
+	movl	%esi,%eax
+	movl	%ebp,52(%rsp)
+	movl	%r13d,%ecx
+	xorl	0(%rsp),%r14d
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	24(%rsp),%r14d
+	leal	-899497514(%rbp,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%r14d
+	xorl	60(%rsp),%edx
+	movl	%r13d,%eax
+	movl	%r14d,56(%rsp)
+	movl	%r12d,%ecx
+	xorl	4(%rsp),%edx
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	28(%rsp),%edx
+	leal	-899497514(%r14,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%edx
+	xorl	0(%rsp),%ebp
+	movl	%r12d,%eax
+	movl	%edx,60(%rsp)
+	movl	%r11d,%ecx
+	xorl	8(%rsp),%ebp
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	32(%rsp),%ebp
+	leal	-899497514(%rdx,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%ebp
+	xorl	4(%rsp),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,0(%rsp)
+	movl	%edi,%ecx
+	xorl	12(%rsp),%r14d
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	36(%rsp),%r14d
+	leal	-899497514(%rbp,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%r14d
+	xorl	8(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,4(%rsp)
+	movl	%esi,%ecx
+	xorl	16(%rsp),%edx
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	40(%rsp),%edx
+	leal	-899497514(%r14,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%edx
+	xorl	12(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,8(%rsp)
+	movl	%r13d,%ecx
+	xorl	20(%rsp),%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	44(%rsp),%ebp
+	leal	-899497514(%rdx,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%ebp
+	xorl	16(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,12(%rsp)
+	movl	%r12d,%ecx
+	xorl	24(%rsp),%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	48(%rsp),%r14d
+	leal	-899497514(%rbp,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%r14d
+	xorl	20(%rsp),%edx
+	movl	%r12d,%eax
+	movl	%r14d,16(%rsp)
+	movl	%r11d,%ecx
+	xorl	28(%rsp),%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	52(%rsp),%edx
+	leal	-899497514(%r14,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%edx
+	xorl	24(%rsp),%ebp
+	movl	%r11d,%eax
+	movl	%edx,20(%rsp)
+	movl	%edi,%ecx
+	xorl	32(%rsp),%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	56(%rsp),%ebp
+	leal	-899497514(%rdx,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%ebp
+	xorl	28(%rsp),%r14d
+	movl	%edi,%eax
+	movl	%ebp,24(%rsp)
+	movl	%esi,%ecx
+	xorl	36(%rsp),%r14d
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	60(%rsp),%r14d
+	leal	-899497514(%rbp,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%r14d
+	xorl	32(%rsp),%edx
+	movl	%esi,%eax
+	movl	%r14d,28(%rsp)
+	movl	%r13d,%ecx
+	xorl	40(%rsp),%edx
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	0(%rsp),%edx
+	leal	-899497514(%r14,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%edx
+	xorl	36(%rsp),%ebp
+	movl	%r13d,%eax
+
+	movl	%r12d,%ecx
+	xorl	44(%rsp),%ebp
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	4(%rsp),%ebp
+	leal	-899497514(%rdx,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%ebp
+	xorl	40(%rsp),%r14d
+	movl	%r12d,%eax
+
+	movl	%r11d,%ecx
+	xorl	48(%rsp),%r14d
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	8(%rsp),%r14d
+	leal	-899497514(%rbp,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%r14d
+	xorl	44(%rsp),%edx
+	movl	%r11d,%eax
+
+	movl	%edi,%ecx
+	xorl	52(%rsp),%edx
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	12(%rsp),%edx
+	leal	-899497514(%r14,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%edx
+	xorl	48(%rsp),%ebp
+	movl	%edi,%eax
+
+	movl	%esi,%ecx
+	xorl	56(%rsp),%ebp
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	16(%rsp),%ebp
+	leal	-899497514(%rdx,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%ebp
+	xorl	52(%rsp),%r14d
+	movl	%esi,%eax
+
+	movl	%r13d,%ecx
+	xorl	60(%rsp),%r14d
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	20(%rsp),%r14d
+	leal	-899497514(%rbp,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%r14d
+	xorl	56(%rsp),%edx
+	movl	%r13d,%eax
+
+	movl	%r12d,%ecx
+	xorl	0(%rsp),%edx
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	24(%rsp),%edx
+	leal	-899497514(%r14,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%edx
+	xorl	60(%rsp),%ebp
+	movl	%r12d,%eax
+
+	movl	%r11d,%ecx
+	xorl	4(%rsp),%ebp
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	28(%rsp),%ebp
+	leal	-899497514(%rdx,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%ebp
+	movl	%r11d,%eax
+	movl	%edi,%ecx
+	xorl	%r13d,%eax
+	leal	-899497514(%rbp,%rsi,1),%esi
+	roll	$5,%ecx
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	addl	0(%r8),%esi
+	addl	4(%r8),%edi
+	addl	8(%r8),%r11d
+	addl	12(%r8),%r12d
+	addl	16(%r8),%r13d
+	movl	%esi,0(%r8)
+	movl	%edi,4(%r8)
+	movl	%r11d,8(%r8)
+	movl	%r12d,12(%r8)
+	movl	%r13d,16(%r8)
+
+	subq	$1,%r10
+	leaq	64(%r9),%r9
+	jnz	.Lloop
+
+	movq	64(%rsp),%rsi
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+.Lepilogue:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_sha1_block_data_order:
+.def	sha1_block_data_order_shaext;	.scl 3;	.type 32;	.endef
+.p2align	5
+sha1_block_data_order_shaext:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_sha1_block_data_order_shaext:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+_shaext_shortcut:
+
+	leaq	-72(%rsp),%rsp
+	movaps	%xmm6,-8-64(%rax)
+	movaps	%xmm7,-8-48(%rax)
+	movaps	%xmm8,-8-32(%rax)
+	movaps	%xmm9,-8-16(%rax)
+.Lprologue_shaext:
+	movdqu	(%rdi),%xmm0
+	movd	16(%rdi),%xmm1
+	movdqa	K_XX_XX+160(%rip),%xmm3
+
+	movdqu	(%rsi),%xmm4
+	pshufd	$27,%xmm0,%xmm0
+	movdqu	16(%rsi),%xmm5
+	pshufd	$27,%xmm1,%xmm1
+	movdqu	32(%rsi),%xmm6
+.byte	102,15,56,0,227
+	movdqu	48(%rsi),%xmm7
+.byte	102,15,56,0,235
+.byte	102,15,56,0,243
+	movdqa	%xmm1,%xmm9
+.byte	102,15,56,0,251
+	jmp	.Loop_shaext
+
+.p2align	4
+.Loop_shaext:
+	decq	%rdx
+	leaq	64(%rsi),%r8
+	paddd	%xmm4,%xmm1
+	cmovneq	%r8,%rsi
+	movdqa	%xmm0,%xmm8
+.byte	15,56,201,229
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,0
+.byte	15,56,200,213
+	pxor	%xmm6,%xmm4
+.byte	15,56,201,238
+.byte	15,56,202,231
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,0
+.byte	15,56,200,206
+	pxor	%xmm7,%xmm5
+.byte	15,56,202,236
+.byte	15,56,201,247
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,0
+.byte	15,56,200,215
+	pxor	%xmm4,%xmm6
+.byte	15,56,201,252
+.byte	15,56,202,245
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,0
+.byte	15,56,200,204
+	pxor	%xmm5,%xmm7
+.byte	15,56,202,254
+.byte	15,56,201,229
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,0
+.byte	15,56,200,213
+	pxor	%xmm6,%xmm4
+.byte	15,56,201,238
+.byte	15,56,202,231
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,1
+.byte	15,56,200,206
+	pxor	%xmm7,%xmm5
+.byte	15,56,202,236
+.byte	15,56,201,247
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,1
+.byte	15,56,200,215
+	pxor	%xmm4,%xmm6
+.byte	15,56,201,252
+.byte	15,56,202,245
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,1
+.byte	15,56,200,204
+	pxor	%xmm5,%xmm7
+.byte	15,56,202,254
+.byte	15,56,201,229
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,1
+.byte	15,56,200,213
+	pxor	%xmm6,%xmm4
+.byte	15,56,201,238
+.byte	15,56,202,231
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,1
+.byte	15,56,200,206
+	pxor	%xmm7,%xmm5
+.byte	15,56,202,236
+.byte	15,56,201,247
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,2
+.byte	15,56,200,215
+	pxor	%xmm4,%xmm6
+.byte	15,56,201,252
+.byte	15,56,202,245
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,2
+.byte	15,56,200,204
+	pxor	%xmm5,%xmm7
+.byte	15,56,202,254
+.byte	15,56,201,229
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,2
+.byte	15,56,200,213
+	pxor	%xmm6,%xmm4
+.byte	15,56,201,238
+.byte	15,56,202,231
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,2
+.byte	15,56,200,206
+	pxor	%xmm7,%xmm5
+.byte	15,56,202,236
+.byte	15,56,201,247
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,2
+.byte	15,56,200,215
+	pxor	%xmm4,%xmm6
+.byte	15,56,201,252
+.byte	15,56,202,245
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,3
+.byte	15,56,200,204
+	pxor	%xmm5,%xmm7
+.byte	15,56,202,254
+	movdqu	(%rsi),%xmm4
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,3
+.byte	15,56,200,213
+	movdqu	16(%rsi),%xmm5
+.byte	102,15,56,0,227
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,3
+.byte	15,56,200,206
+	movdqu	32(%rsi),%xmm6
+.byte	102,15,56,0,235
+
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,3
+.byte	15,56,200,215
+	movdqu	48(%rsi),%xmm7
+.byte	102,15,56,0,243
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,3
+.byte	65,15,56,200,201
+.byte	102,15,56,0,251
+
+	paddd	%xmm8,%xmm0
+	movdqa	%xmm1,%xmm9
+
+	jnz	.Loop_shaext
+
+	pshufd	$27,%xmm0,%xmm0
+	pshufd	$27,%xmm1,%xmm1
+	movdqu	%xmm0,(%rdi)
+	movd	%xmm1,16(%rdi)
+	movaps	-8-64(%rax),%xmm6
+	movaps	-8-48(%rax),%xmm7
+	movaps	-8-32(%rax),%xmm8
+	movaps	-8-16(%rax),%xmm9
+	movq	%rax,%rsp
+.Lepilogue_shaext:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_sha1_block_data_order_shaext:
+.def	sha1_block_data_order_ssse3;	.scl 3;	.type 32;	.endef
+.p2align	4
+sha1_block_data_order_ssse3:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_sha1_block_data_order_ssse3:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+_ssse3_shortcut:
+
+	movq	%rsp,%r11
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	leaq	-160(%rsp),%rsp
+	movaps	%xmm6,-40-96(%r11)
+	movaps	%xmm7,-40-80(%r11)
+	movaps	%xmm8,-40-64(%r11)
+	movaps	%xmm9,-40-48(%r11)
+	movaps	%xmm10,-40-32(%r11)
+	movaps	%xmm11,-40-16(%r11)
+.Lprologue_ssse3:
+	andq	$-64,%rsp
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rdx,%r10
+
+	shlq	$6,%r10
+	addq	%r9,%r10
+	leaq	K_XX_XX+64(%rip),%r14
+
+	movl	0(%r8),%eax
+	movl	4(%r8),%ebx
+	movl	8(%r8),%ecx
+	movl	12(%r8),%edx
+	movl	%ebx,%esi
+	movl	16(%r8),%ebp
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	andl	%edi,%esi
+
+	movdqa	64(%r14),%xmm6
+	movdqa	-64(%r14),%xmm9
+	movdqu	0(%r9),%xmm0
+	movdqu	16(%r9),%xmm1
+	movdqu	32(%r9),%xmm2
+	movdqu	48(%r9),%xmm3
+.byte	102,15,56,0,198
+.byte	102,15,56,0,206
+.byte	102,15,56,0,214
+	addq	$64,%r9
+	paddd	%xmm9,%xmm0
+.byte	102,15,56,0,222
+	paddd	%xmm9,%xmm1
+	paddd	%xmm9,%xmm2
+	movdqa	%xmm0,0(%rsp)
+	psubd	%xmm9,%xmm0
+	movdqa	%xmm1,16(%rsp)
+	psubd	%xmm9,%xmm1
+	movdqa	%xmm2,32(%rsp)
+	psubd	%xmm9,%xmm2
+	jmp	.Loop_ssse3
+.p2align	4
+.Loop_ssse3:
+	rorl	$2,%ebx
+	pshufd	$238,%xmm0,%xmm4
+	xorl	%edx,%esi
+	movdqa	%xmm3,%xmm8
+	paddd	%xmm3,%xmm9
+	movl	%eax,%edi
+	addl	0(%rsp),%ebp
+	punpcklqdq	%xmm1,%xmm4
+	xorl	%ecx,%ebx
+	roll	$5,%eax
+	addl	%esi,%ebp
+	psrldq	$4,%xmm8
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	pxor	%xmm0,%xmm4
+	addl	%eax,%ebp
+	rorl	$7,%eax
+	pxor	%xmm2,%xmm8
+	xorl	%ecx,%edi
+	movl	%ebp,%esi
+	addl	4(%rsp),%edx
+	pxor	%xmm8,%xmm4
+	xorl	%ebx,%eax
+	roll	$5,%ebp
+	movdqa	%xmm9,48(%rsp)
+	addl	%edi,%edx
+	andl	%eax,%esi
+	movdqa	%xmm4,%xmm10
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	rorl	$7,%ebp
+	movdqa	%xmm4,%xmm8
+	xorl	%ebx,%esi
+	pslldq	$12,%xmm10
+	paddd	%xmm4,%xmm4
+	movl	%edx,%edi
+	addl	8(%rsp),%ecx
+	psrld	$31,%xmm8
+	xorl	%eax,%ebp
+	roll	$5,%edx
+	addl	%esi,%ecx
+	movdqa	%xmm10,%xmm9
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	psrld	$30,%xmm10
+	addl	%edx,%ecx
+	rorl	$7,%edx
+	por	%xmm8,%xmm4
+	xorl	%eax,%edi
+	movl	%ecx,%esi
+	addl	12(%rsp),%ebx
+	pslld	$2,%xmm9
+	pxor	%xmm10,%xmm4
+	xorl	%ebp,%edx
+	movdqa	-64(%r14),%xmm10
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	andl	%edx,%esi
+	pxor	%xmm9,%xmm4
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	rorl	$7,%ecx
+	pshufd	$238,%xmm1,%xmm5
+	xorl	%ebp,%esi
+	movdqa	%xmm4,%xmm9
+	paddd	%xmm4,%xmm10
+	movl	%ebx,%edi
+	addl	16(%rsp),%eax
+	punpcklqdq	%xmm2,%xmm5
+	xorl	%edx,%ecx
+	roll	$5,%ebx
+	addl	%esi,%eax
+	psrldq	$4,%xmm9
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	pxor	%xmm1,%xmm5
+	addl	%ebx,%eax
+	rorl	$7,%ebx
+	pxor	%xmm3,%xmm9
+	xorl	%edx,%edi
+	movl	%eax,%esi
+	addl	20(%rsp),%ebp
+	pxor	%xmm9,%xmm5
+	xorl	%ecx,%ebx
+	roll	$5,%eax
+	movdqa	%xmm10,0(%rsp)
+	addl	%edi,%ebp
+	andl	%ebx,%esi
+	movdqa	%xmm5,%xmm8
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	rorl	$7,%eax
+	movdqa	%xmm5,%xmm9
+	xorl	%ecx,%esi
+	pslldq	$12,%xmm8
+	paddd	%xmm5,%xmm5
+	movl	%ebp,%edi
+	addl	24(%rsp),%edx
+	psrld	$31,%xmm9
+	xorl	%ebx,%eax
+	roll	$5,%ebp
+	addl	%esi,%edx
+	movdqa	%xmm8,%xmm10
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	psrld	$30,%xmm8
+	addl	%ebp,%edx
+	rorl	$7,%ebp
+	por	%xmm9,%xmm5
+	xorl	%ebx,%edi
+	movl	%edx,%esi
+	addl	28(%rsp),%ecx
+	pslld	$2,%xmm10
+	pxor	%xmm8,%xmm5
+	xorl	%eax,%ebp
+	movdqa	-32(%r14),%xmm8
+	roll	$5,%edx
+	addl	%edi,%ecx
+	andl	%ebp,%esi
+	pxor	%xmm10,%xmm5
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	rorl	$7,%edx
+	pshufd	$238,%xmm2,%xmm6
+	xorl	%eax,%esi
+	movdqa	%xmm5,%xmm10
+	paddd	%xmm5,%xmm8
+	movl	%ecx,%edi
+	addl	32(%rsp),%ebx
+	punpcklqdq	%xmm3,%xmm6
+	xorl	%ebp,%edx
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	psrldq	$4,%xmm10
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	pxor	%xmm2,%xmm6
+	addl	%ecx,%ebx
+	rorl	$7,%ecx
+	pxor	%xmm4,%xmm10
+	xorl	%ebp,%edi
+	movl	%ebx,%esi
+	addl	36(%rsp),%eax
+	pxor	%xmm10,%xmm6
+	xorl	%edx,%ecx
+	roll	$5,%ebx
+	movdqa	%xmm8,16(%rsp)
+	addl	%edi,%eax
+	andl	%ecx,%esi
+	movdqa	%xmm6,%xmm9
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	rorl	$7,%ebx
+	movdqa	%xmm6,%xmm10
+	xorl	%edx,%esi
+	pslldq	$12,%xmm9
+	paddd	%xmm6,%xmm6
+	movl	%eax,%edi
+	addl	40(%rsp),%ebp
+	psrld	$31,%xmm10
+	xorl	%ecx,%ebx
+	roll	$5,%eax
+	addl	%esi,%ebp
+	movdqa	%xmm9,%xmm8
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	psrld	$30,%xmm9
+	addl	%eax,%ebp
+	rorl	$7,%eax
+	por	%xmm10,%xmm6
+	xorl	%ecx,%edi
+	movl	%ebp,%esi
+	addl	44(%rsp),%edx
+	pslld	$2,%xmm8
+	pxor	%xmm9,%xmm6
+	xorl	%ebx,%eax
+	movdqa	-32(%r14),%xmm9
+	roll	$5,%ebp
+	addl	%edi,%edx
+	andl	%eax,%esi
+	pxor	%xmm8,%xmm6
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	rorl	$7,%ebp
+	pshufd	$238,%xmm3,%xmm7
+	xorl	%ebx,%esi
+	movdqa	%xmm6,%xmm8
+	paddd	%xmm6,%xmm9
+	movl	%edx,%edi
+	addl	48(%rsp),%ecx
+	punpcklqdq	%xmm4,%xmm7
+	xorl	%eax,%ebp
+	roll	$5,%edx
+	addl	%esi,%ecx
+	psrldq	$4,%xmm8
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	pxor	%xmm3,%xmm7
+	addl	%edx,%ecx
+	rorl	$7,%edx
+	pxor	%xmm5,%xmm8
+	xorl	%eax,%edi
+	movl	%ecx,%esi
+	addl	52(%rsp),%ebx
+	pxor	%xmm8,%xmm7
+	xorl	%ebp,%edx
+	roll	$5,%ecx
+	movdqa	%xmm9,32(%rsp)
+	addl	%edi,%ebx
+	andl	%edx,%esi
+	movdqa	%xmm7,%xmm10
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	rorl	$7,%ecx
+	movdqa	%xmm7,%xmm8
+	xorl	%ebp,%esi
+	pslldq	$12,%xmm10
+	paddd	%xmm7,%xmm7
+	movl	%ebx,%edi
+	addl	56(%rsp),%eax
+	psrld	$31,%xmm8
+	xorl	%edx,%ecx
+	roll	$5,%ebx
+	addl	%esi,%eax
+	movdqa	%xmm10,%xmm9
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	psrld	$30,%xmm10
+	addl	%ebx,%eax
+	rorl	$7,%ebx
+	por	%xmm8,%xmm7
+	xorl	%edx,%edi
+	movl	%eax,%esi
+	addl	60(%rsp),%ebp
+	pslld	$2,%xmm9
+	pxor	%xmm10,%xmm7
+	xorl	%ecx,%ebx
+	movdqa	-32(%r14),%xmm10
+	roll	$5,%eax
+	addl	%edi,%ebp
+	andl	%ebx,%esi
+	pxor	%xmm9,%xmm7
+	pshufd	$238,%xmm6,%xmm9
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	rorl	$7,%eax
+	pxor	%xmm4,%xmm0
+	xorl	%ecx,%esi
+	movl	%ebp,%edi
+	addl	0(%rsp),%edx
+	punpcklqdq	%xmm7,%xmm9
+	xorl	%ebx,%eax
+	roll	$5,%ebp
+	pxor	%xmm1,%xmm0
+	addl	%esi,%edx
+	andl	%eax,%edi
+	movdqa	%xmm10,%xmm8
+	xorl	%ebx,%eax
+	paddd	%xmm7,%xmm10
+	addl	%ebp,%edx
+	pxor	%xmm9,%xmm0
+	rorl	$7,%ebp
+	xorl	%ebx,%edi
+	movl	%edx,%esi
+	addl	4(%rsp),%ecx
+	movdqa	%xmm0,%xmm9
+	xorl	%eax,%ebp
+	roll	$5,%edx
+	movdqa	%xmm10,48(%rsp)
+	addl	%edi,%ecx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	pslld	$2,%xmm0
+	addl	%edx,%ecx
+	rorl	$7,%edx
+	psrld	$30,%xmm9
+	xorl	%eax,%esi
+	movl	%ecx,%edi
+	addl	8(%rsp),%ebx
+	por	%xmm9,%xmm0
+	xorl	%ebp,%edx
+	roll	$5,%ecx
+	pshufd	$238,%xmm7,%xmm10
+	addl	%esi,%ebx
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	12(%rsp),%eax
+	xorl	%ebp,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	pxor	%xmm5,%xmm1
+	addl	16(%rsp),%ebp
+	xorl	%ecx,%esi
+	punpcklqdq	%xmm0,%xmm10
+	movl	%eax,%edi
+	roll	$5,%eax
+	pxor	%xmm2,%xmm1
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	movdqa	%xmm8,%xmm9
+	rorl	$7,%ebx
+	paddd	%xmm0,%xmm8
+	addl	%eax,%ebp
+	pxor	%xmm10,%xmm1
+	addl	20(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	movdqa	%xmm1,%xmm10
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	movdqa	%xmm8,0(%rsp)
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	24(%rsp),%ecx
+	pslld	$2,%xmm1
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	psrld	$30,%xmm10
+	roll	$5,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	rorl	$7,%ebp
+	por	%xmm10,%xmm1
+	addl	%edx,%ecx
+	addl	28(%rsp),%ebx
+	pshufd	$238,%xmm0,%xmm8
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	pxor	%xmm6,%xmm2
+	addl	32(%rsp),%eax
+	xorl	%edx,%esi
+	punpcklqdq	%xmm1,%xmm8
+	movl	%ebx,%edi
+	roll	$5,%ebx
+	pxor	%xmm3,%xmm2
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	movdqa	0(%r14),%xmm10
+	rorl	$7,%ecx
+	paddd	%xmm1,%xmm9
+	addl	%ebx,%eax
+	pxor	%xmm8,%xmm2
+	addl	36(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	movdqa	%xmm2,%xmm8
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	movdqa	%xmm9,16(%rsp)
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	40(%rsp),%edx
+	pslld	$2,%xmm2
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	psrld	$30,%xmm8
+	roll	$5,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	rorl	$7,%eax
+	por	%xmm8,%xmm2
+	addl	%ebp,%edx
+	addl	44(%rsp),%ecx
+	pshufd	$238,%xmm1,%xmm9
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	pxor	%xmm7,%xmm3
+	addl	48(%rsp),%ebx
+	xorl	%ebp,%esi
+	punpcklqdq	%xmm2,%xmm9
+	movl	%ecx,%edi
+	roll	$5,%ecx
+	pxor	%xmm4,%xmm3
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	movdqa	%xmm10,%xmm8
+	rorl	$7,%edx
+	paddd	%xmm2,%xmm10
+	addl	%ecx,%ebx
+	pxor	%xmm9,%xmm3
+	addl	52(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	movdqa	%xmm3,%xmm9
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	movdqa	%xmm10,32(%rsp)
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	56(%rsp),%ebp
+	pslld	$2,%xmm3
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	psrld	$30,%xmm9
+	roll	$5,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	rorl	$7,%ebx
+	por	%xmm9,%xmm3
+	addl	%eax,%ebp
+	addl	60(%rsp),%edx
+	pshufd	$238,%xmm2,%xmm10
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	pxor	%xmm0,%xmm4
+	addl	0(%rsp),%ecx
+	xorl	%eax,%esi
+	punpcklqdq	%xmm3,%xmm10
+	movl	%edx,%edi
+	roll	$5,%edx
+	pxor	%xmm5,%xmm4
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	movdqa	%xmm8,%xmm9
+	rorl	$7,%ebp
+	paddd	%xmm3,%xmm8
+	addl	%edx,%ecx
+	pxor	%xmm10,%xmm4
+	addl	4(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	roll	$5,%ecx
+	movdqa	%xmm4,%xmm10
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	movdqa	%xmm8,48(%rsp)
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	8(%rsp),%eax
+	pslld	$2,%xmm4
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	psrld	$30,%xmm10
+	roll	$5,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	rorl	$7,%ecx
+	por	%xmm10,%xmm4
+	addl	%ebx,%eax
+	addl	12(%rsp),%ebp
+	pshufd	$238,%xmm3,%xmm8
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	pxor	%xmm1,%xmm5
+	addl	16(%rsp),%edx
+	xorl	%ebx,%esi
+	punpcklqdq	%xmm4,%xmm8
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	pxor	%xmm6,%xmm5
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	movdqa	%xmm9,%xmm10
+	rorl	$7,%eax
+	paddd	%xmm4,%xmm9
+	addl	%ebp,%edx
+	pxor	%xmm8,%xmm5
+	addl	20(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	roll	$5,%edx
+	movdqa	%xmm5,%xmm8
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	movdqa	%xmm9,0(%rsp)
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	addl	24(%rsp),%ebx
+	pslld	$2,%xmm5
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	psrld	$30,%xmm8
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	por	%xmm8,%xmm5
+	addl	%ecx,%ebx
+	addl	28(%rsp),%eax
+	pshufd	$238,%xmm4,%xmm9
+	rorl	$7,%ecx
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%ecx,%esi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	pxor	%xmm2,%xmm6
+	addl	32(%rsp),%ebp
+	andl	%ecx,%esi
+	xorl	%edx,%ecx
+	rorl	$7,%ebx
+	punpcklqdq	%xmm5,%xmm9
+	movl	%eax,%edi
+	xorl	%ecx,%esi
+	pxor	%xmm7,%xmm6
+	roll	$5,%eax
+	addl	%esi,%ebp
+	movdqa	%xmm10,%xmm8
+	xorl	%ebx,%edi
+	paddd	%xmm5,%xmm10
+	xorl	%ecx,%ebx
+	pxor	%xmm9,%xmm6
+	addl	%eax,%ebp
+	addl	36(%rsp),%edx
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	rorl	$7,%eax
+	movdqa	%xmm6,%xmm9
+	movl	%ebp,%esi
+	xorl	%ebx,%edi
+	movdqa	%xmm10,16(%rsp)
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%eax,%esi
+	pslld	$2,%xmm6
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	psrld	$30,%xmm9
+	addl	40(%rsp),%ecx
+	andl	%eax,%esi
+	xorl	%ebx,%eax
+	por	%xmm9,%xmm6
+	rorl	$7,%ebp
+	movl	%edx,%edi
+	xorl	%eax,%esi
+	roll	$5,%edx
+	pshufd	$238,%xmm5,%xmm10
+	addl	%esi,%ecx
+	xorl	%ebp,%edi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	addl	44(%rsp),%ebx
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	rorl	$7,%edx
+	movl	%ecx,%esi
+	xorl	%ebp,%edi
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%edx,%esi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	pxor	%xmm3,%xmm7
+	addl	48(%rsp),%eax
+	andl	%edx,%esi
+	xorl	%ebp,%edx
+	rorl	$7,%ecx
+	punpcklqdq	%xmm6,%xmm10
+	movl	%ebx,%edi
+	xorl	%edx,%esi
+	pxor	%xmm0,%xmm7
+	roll	$5,%ebx
+	addl	%esi,%eax
+	movdqa	32(%r14),%xmm9
+	xorl	%ecx,%edi
+	paddd	%xmm6,%xmm8
+	xorl	%edx,%ecx
+	pxor	%xmm10,%xmm7
+	addl	%ebx,%eax
+	addl	52(%rsp),%ebp
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	rorl	$7,%ebx
+	movdqa	%xmm7,%xmm10
+	movl	%eax,%esi
+	xorl	%ecx,%edi
+	movdqa	%xmm8,32(%rsp)
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ebx,%esi
+	pslld	$2,%xmm7
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	psrld	$30,%xmm10
+	addl	56(%rsp),%edx
+	andl	%ebx,%esi
+	xorl	%ecx,%ebx
+	por	%xmm10,%xmm7
+	rorl	$7,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%esi
+	roll	$5,%ebp
+	pshufd	$238,%xmm6,%xmm8
+	addl	%esi,%edx
+	xorl	%eax,%edi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	addl	60(%rsp),%ecx
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	rorl	$7,%ebp
+	movl	%edx,%esi
+	xorl	%eax,%edi
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	pxor	%xmm4,%xmm0
+	addl	0(%rsp),%ebx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	rorl	$7,%edx
+	punpcklqdq	%xmm7,%xmm8
+	movl	%ecx,%edi
+	xorl	%ebp,%esi
+	pxor	%xmm1,%xmm0
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	movdqa	%xmm9,%xmm10
+	xorl	%edx,%edi
+	paddd	%xmm7,%xmm9
+	xorl	%ebp,%edx
+	pxor	%xmm8,%xmm0
+	addl	%ecx,%ebx
+	addl	4(%rsp),%eax
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	rorl	$7,%ecx
+	movdqa	%xmm0,%xmm8
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	movdqa	%xmm9,48(%rsp)
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%ecx,%esi
+	pslld	$2,%xmm0
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	psrld	$30,%xmm8
+	addl	8(%rsp),%ebp
+	andl	%ecx,%esi
+	xorl	%edx,%ecx
+	por	%xmm8,%xmm0
+	rorl	$7,%ebx
+	movl	%eax,%edi
+	xorl	%ecx,%esi
+	roll	$5,%eax
+	pshufd	$238,%xmm7,%xmm9
+	addl	%esi,%ebp
+	xorl	%ebx,%edi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	addl	12(%rsp),%edx
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	rorl	$7,%eax
+	movl	%ebp,%esi
+	xorl	%ebx,%edi
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%eax,%esi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	pxor	%xmm5,%xmm1
+	addl	16(%rsp),%ecx
+	andl	%eax,%esi
+	xorl	%ebx,%eax
+	rorl	$7,%ebp
+	punpcklqdq	%xmm0,%xmm9
+	movl	%edx,%edi
+	xorl	%eax,%esi
+	pxor	%xmm2,%xmm1
+	roll	$5,%edx
+	addl	%esi,%ecx
+	movdqa	%xmm10,%xmm8
+	xorl	%ebp,%edi
+	paddd	%xmm0,%xmm10
+	xorl	%eax,%ebp
+	pxor	%xmm9,%xmm1
+	addl	%edx,%ecx
+	addl	20(%rsp),%ebx
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	rorl	$7,%edx
+	movdqa	%xmm1,%xmm9
+	movl	%ecx,%esi
+	xorl	%ebp,%edi
+	movdqa	%xmm10,0(%rsp)
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%edx,%esi
+	pslld	$2,%xmm1
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	psrld	$30,%xmm9
+	addl	24(%rsp),%eax
+	andl	%edx,%esi
+	xorl	%ebp,%edx
+	por	%xmm9,%xmm1
+	rorl	$7,%ecx
+	movl	%ebx,%edi
+	xorl	%edx,%esi
+	roll	$5,%ebx
+	pshufd	$238,%xmm0,%xmm10
+	addl	%esi,%eax
+	xorl	%ecx,%edi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	addl	28(%rsp),%ebp
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	rorl	$7,%ebx
+	movl	%eax,%esi
+	xorl	%ecx,%edi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ebx,%esi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	pxor	%xmm6,%xmm2
+	addl	32(%rsp),%edx
+	andl	%ebx,%esi
+	xorl	%ecx,%ebx
+	rorl	$7,%eax
+	punpcklqdq	%xmm1,%xmm10
+	movl	%ebp,%edi
+	xorl	%ebx,%esi
+	pxor	%xmm3,%xmm2
+	roll	$5,%ebp
+	addl	%esi,%edx
+	movdqa	%xmm8,%xmm9
+	xorl	%eax,%edi
+	paddd	%xmm1,%xmm8
+	xorl	%ebx,%eax
+	pxor	%xmm10,%xmm2
+	addl	%ebp,%edx
+	addl	36(%rsp),%ecx
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	rorl	$7,%ebp
+	movdqa	%xmm2,%xmm10
+	movl	%edx,%esi
+	xorl	%eax,%edi
+	movdqa	%xmm8,16(%rsp)
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%ebp,%esi
+	pslld	$2,%xmm2
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	psrld	$30,%xmm10
+	addl	40(%rsp),%ebx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	por	%xmm10,%xmm2
+	rorl	$7,%edx
+	movl	%ecx,%edi
+	xorl	%ebp,%esi
+	roll	$5,%ecx
+	pshufd	$238,%xmm1,%xmm8
+	addl	%esi,%ebx
+	xorl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	44(%rsp),%eax
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	rorl	$7,%ecx
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	addl	%ebx,%eax
+	pxor	%xmm7,%xmm3
+	addl	48(%rsp),%ebp
+	xorl	%ecx,%esi
+	punpcklqdq	%xmm2,%xmm8
+	movl	%eax,%edi
+	roll	$5,%eax
+	pxor	%xmm4,%xmm3
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	movdqa	%xmm9,%xmm10
+	rorl	$7,%ebx
+	paddd	%xmm2,%xmm9
+	addl	%eax,%ebp
+	pxor	%xmm8,%xmm3
+	addl	52(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	movdqa	%xmm3,%xmm8
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	movdqa	%xmm9,32(%rsp)
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	56(%rsp),%ecx
+	pslld	$2,%xmm3
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	psrld	$30,%xmm8
+	roll	$5,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	rorl	$7,%ebp
+	por	%xmm8,%xmm3
+	addl	%edx,%ecx
+	addl	60(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	0(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	roll	$5,%ebx
+	paddd	%xmm3,%xmm10
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	movdqa	%xmm10,48(%rsp)
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	4(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	8(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	12(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	cmpq	%r10,%r9
+	je	.Ldone_ssse3
+	movdqa	64(%r14),%xmm6
+	movdqa	-64(%r14),%xmm9
+	movdqu	0(%r9),%xmm0
+	movdqu	16(%r9),%xmm1
+	movdqu	32(%r9),%xmm2
+	movdqu	48(%r9),%xmm3
+.byte	102,15,56,0,198
+	addq	$64,%r9
+	addl	16(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+.byte	102,15,56,0,206
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	paddd	%xmm9,%xmm0
+	addl	%ecx,%ebx
+	addl	20(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	movdqa	%xmm0,0(%rsp)
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	rorl	$7,%ecx
+	psubd	%xmm9,%xmm0
+	addl	%ebx,%eax
+	addl	24(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	roll	$5,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	28(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	32(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+.byte	102,15,56,0,214
+	roll	$5,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	rorl	$7,%ebp
+	paddd	%xmm9,%xmm1
+	addl	%edx,%ecx
+	addl	36(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	movdqa	%xmm1,16(%rsp)
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	rorl	$7,%edx
+	psubd	%xmm9,%xmm1
+	addl	%ecx,%ebx
+	addl	40(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	roll	$5,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	44(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	48(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+.byte	102,15,56,0,222
+	roll	$5,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	rorl	$7,%eax
+	paddd	%xmm9,%xmm2
+	addl	%ebp,%edx
+	addl	52(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	movdqa	%xmm2,32(%rsp)
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	rorl	$7,%ebp
+	psubd	%xmm9,%xmm2
+	addl	%edx,%ecx
+	addl	56(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	60(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	0(%r8),%eax
+	addl	4(%r8),%esi
+	addl	8(%r8),%ecx
+	addl	12(%r8),%edx
+	movl	%eax,0(%r8)
+	addl	16(%r8),%ebp
+	movl	%esi,4(%r8)
+	movl	%esi,%ebx
+	movl	%ecx,8(%r8)
+	movl	%ecx,%edi
+	movl	%edx,12(%r8)
+	xorl	%edx,%edi
+	movl	%ebp,16(%r8)
+	andl	%edi,%esi
+	jmp	.Loop_ssse3
+
+.p2align	4
+.Ldone_ssse3:
+	addl	16(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	20(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	24(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	roll	$5,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	28(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	32(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	roll	$5,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	addl	36(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	40(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	roll	$5,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	44(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	48(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	52(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	addl	56(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	60(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	0(%r8),%eax
+	addl	4(%r8),%esi
+	addl	8(%r8),%ecx
+	movl	%eax,0(%r8)
+	addl	12(%r8),%edx
+	movl	%esi,4(%r8)
+	addl	16(%r8),%ebp
+	movl	%ecx,8(%r8)
+	movl	%edx,12(%r8)
+	movl	%ebp,16(%r8)
+	movaps	-40-96(%r11),%xmm6
+	movaps	-40-80(%r11),%xmm7
+	movaps	-40-64(%r11),%xmm8
+	movaps	-40-48(%r11),%xmm9
+	movaps	-40-32(%r11),%xmm10
+	movaps	-40-16(%r11),%xmm11
+	movq	-40(%r11),%r14
+
+	movq	-32(%r11),%r13
+
+	movq	-24(%r11),%r12
+
+	movq	-16(%r11),%rbp
+
+	movq	-8(%r11),%rbx
+
+	leaq	(%r11),%rsp
+
+.Lepilogue_ssse3:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_sha1_block_data_order_ssse3:
+.def	sha1_block_data_order_avx;	.scl 3;	.type 32;	.endef
+.p2align	4
+sha1_block_data_order_avx:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_sha1_block_data_order_avx:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+_avx_shortcut:
+
+	movq	%rsp,%r11
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	leaq	-160(%rsp),%rsp
+	vzeroupper
+	vmovaps	%xmm6,-40-96(%r11)
+	vmovaps	%xmm7,-40-80(%r11)
+	vmovaps	%xmm8,-40-64(%r11)
+	vmovaps	%xmm9,-40-48(%r11)
+	vmovaps	%xmm10,-40-32(%r11)
+	vmovaps	%xmm11,-40-16(%r11)
+.Lprologue_avx:
+	andq	$-64,%rsp
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rdx,%r10
+
+	shlq	$6,%r10
+	addq	%r9,%r10
+	leaq	K_XX_XX+64(%rip),%r14
+
+	movl	0(%r8),%eax
+	movl	4(%r8),%ebx
+	movl	8(%r8),%ecx
+	movl	12(%r8),%edx
+	movl	%ebx,%esi
+	movl	16(%r8),%ebp
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	andl	%edi,%esi
+
+	vmovdqa	64(%r14),%xmm6
+	vmovdqa	-64(%r14),%xmm11
+	vmovdqu	0(%r9),%xmm0
+	vmovdqu	16(%r9),%xmm1
+	vmovdqu	32(%r9),%xmm2
+	vmovdqu	48(%r9),%xmm3
+	vpshufb	%xmm6,%xmm0,%xmm0
+	addq	$64,%r9
+	vpshufb	%xmm6,%xmm1,%xmm1
+	vpshufb	%xmm6,%xmm2,%xmm2
+	vpshufb	%xmm6,%xmm3,%xmm3
+	vpaddd	%xmm11,%xmm0,%xmm4
+	vpaddd	%xmm11,%xmm1,%xmm5
+	vpaddd	%xmm11,%xmm2,%xmm6
+	vmovdqa	%xmm4,0(%rsp)
+	vmovdqa	%xmm5,16(%rsp)
+	vmovdqa	%xmm6,32(%rsp)
+	jmp	.Loop_avx
+.p2align	4
+.Loop_avx:
+	shrdl	$2,%ebx,%ebx
+	xorl	%edx,%esi
+	vpalignr	$8,%xmm0,%xmm1,%xmm4
+	movl	%eax,%edi
+	addl	0(%rsp),%ebp
+	vpaddd	%xmm3,%xmm11,%xmm9
+	xorl	%ecx,%ebx
+	shldl	$5,%eax,%eax
+	vpsrldq	$4,%xmm3,%xmm8
+	addl	%esi,%ebp
+	andl	%ebx,%edi
+	vpxor	%xmm0,%xmm4,%xmm4
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	vpxor	%xmm2,%xmm8,%xmm8
+	shrdl	$7,%eax,%eax
+	xorl	%ecx,%edi
+	movl	%ebp,%esi
+	addl	4(%rsp),%edx
+	vpxor	%xmm8,%xmm4,%xmm4
+	xorl	%ebx,%eax
+	shldl	$5,%ebp,%ebp
+	vmovdqa	%xmm9,48(%rsp)
+	addl	%edi,%edx
+	andl	%eax,%esi
+	vpsrld	$31,%xmm4,%xmm8
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	shrdl	$7,%ebp,%ebp
+	xorl	%ebx,%esi
+	vpslldq	$12,%xmm4,%xmm10
+	vpaddd	%xmm4,%xmm4,%xmm4
+	movl	%edx,%edi
+	addl	8(%rsp),%ecx
+	xorl	%eax,%ebp
+	shldl	$5,%edx,%edx
+	vpsrld	$30,%xmm10,%xmm9
+	vpor	%xmm8,%xmm4,%xmm4
+	addl	%esi,%ecx
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	vpslld	$2,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm4,%xmm4
+	shrdl	$7,%edx,%edx
+	xorl	%eax,%edi
+	movl	%ecx,%esi
+	addl	12(%rsp),%ebx
+	vpxor	%xmm10,%xmm4,%xmm4
+	xorl	%ebp,%edx
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	andl	%edx,%esi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	shrdl	$7,%ecx,%ecx
+	xorl	%ebp,%esi
+	vpalignr	$8,%xmm1,%xmm2,%xmm5
+	movl	%ebx,%edi
+	addl	16(%rsp),%eax
+	vpaddd	%xmm4,%xmm11,%xmm9
+	xorl	%edx,%ecx
+	shldl	$5,%ebx,%ebx
+	vpsrldq	$4,%xmm4,%xmm8
+	addl	%esi,%eax
+	andl	%ecx,%edi
+	vpxor	%xmm1,%xmm5,%xmm5
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	vpxor	%xmm3,%xmm8,%xmm8
+	shrdl	$7,%ebx,%ebx
+	xorl	%edx,%edi
+	movl	%eax,%esi
+	addl	20(%rsp),%ebp
+	vpxor	%xmm8,%xmm5,%xmm5
+	xorl	%ecx,%ebx
+	shldl	$5,%eax,%eax
+	vmovdqa	%xmm9,0(%rsp)
+	addl	%edi,%ebp
+	andl	%ebx,%esi
+	vpsrld	$31,%xmm5,%xmm8
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	shrdl	$7,%eax,%eax
+	xorl	%ecx,%esi
+	vpslldq	$12,%xmm5,%xmm10
+	vpaddd	%xmm5,%xmm5,%xmm5
+	movl	%ebp,%edi
+	addl	24(%rsp),%edx
+	xorl	%ebx,%eax
+	shldl	$5,%ebp,%ebp
+	vpsrld	$30,%xmm10,%xmm9
+	vpor	%xmm8,%xmm5,%xmm5
+	addl	%esi,%edx
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	vpslld	$2,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm5,%xmm5
+	shrdl	$7,%ebp,%ebp
+	xorl	%ebx,%edi
+	movl	%edx,%esi
+	addl	28(%rsp),%ecx
+	vpxor	%xmm10,%xmm5,%xmm5
+	xorl	%eax,%ebp
+	shldl	$5,%edx,%edx
+	vmovdqa	-32(%r14),%xmm11
+	addl	%edi,%ecx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	shrdl	$7,%edx,%edx
+	xorl	%eax,%esi
+	vpalignr	$8,%xmm2,%xmm3,%xmm6
+	movl	%ecx,%edi
+	addl	32(%rsp),%ebx
+	vpaddd	%xmm5,%xmm11,%xmm9
+	xorl	%ebp,%edx
+	shldl	$5,%ecx,%ecx
+	vpsrldq	$4,%xmm5,%xmm8
+	addl	%esi,%ebx
+	andl	%edx,%edi
+	vpxor	%xmm2,%xmm6,%xmm6
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	vpxor	%xmm4,%xmm8,%xmm8
+	shrdl	$7,%ecx,%ecx
+	xorl	%ebp,%edi
+	movl	%ebx,%esi
+	addl	36(%rsp),%eax
+	vpxor	%xmm8,%xmm6,%xmm6
+	xorl	%edx,%ecx
+	shldl	$5,%ebx,%ebx
+	vmovdqa	%xmm9,16(%rsp)
+	addl	%edi,%eax
+	andl	%ecx,%esi
+	vpsrld	$31,%xmm6,%xmm8
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	shrdl	$7,%ebx,%ebx
+	xorl	%edx,%esi
+	vpslldq	$12,%xmm6,%xmm10
+	vpaddd	%xmm6,%xmm6,%xmm6
+	movl	%eax,%edi
+	addl	40(%rsp),%ebp
+	xorl	%ecx,%ebx
+	shldl	$5,%eax,%eax
+	vpsrld	$30,%xmm10,%xmm9
+	vpor	%xmm8,%xmm6,%xmm6
+	addl	%esi,%ebp
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	vpslld	$2,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm6,%xmm6
+	shrdl	$7,%eax,%eax
+	xorl	%ecx,%edi
+	movl	%ebp,%esi
+	addl	44(%rsp),%edx
+	vpxor	%xmm10,%xmm6,%xmm6
+	xorl	%ebx,%eax
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	andl	%eax,%esi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	shrdl	$7,%ebp,%ebp
+	xorl	%ebx,%esi
+	vpalignr	$8,%xmm3,%xmm4,%xmm7
+	movl	%edx,%edi
+	addl	48(%rsp),%ecx
+	vpaddd	%xmm6,%xmm11,%xmm9
+	xorl	%eax,%ebp
+	shldl	$5,%edx,%edx
+	vpsrldq	$4,%xmm6,%xmm8
+	addl	%esi,%ecx
+	andl	%ebp,%edi
+	vpxor	%xmm3,%xmm7,%xmm7
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	vpxor	%xmm5,%xmm8,%xmm8
+	shrdl	$7,%edx,%edx
+	xorl	%eax,%edi
+	movl	%ecx,%esi
+	addl	52(%rsp),%ebx
+	vpxor	%xmm8,%xmm7,%xmm7
+	xorl	%ebp,%edx
+	shldl	$5,%ecx,%ecx
+	vmovdqa	%xmm9,32(%rsp)
+	addl	%edi,%ebx
+	andl	%edx,%esi
+	vpsrld	$31,%xmm7,%xmm8
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	shrdl	$7,%ecx,%ecx
+	xorl	%ebp,%esi
+	vpslldq	$12,%xmm7,%xmm10
+	vpaddd	%xmm7,%xmm7,%xmm7
+	movl	%ebx,%edi
+	addl	56(%rsp),%eax
+	xorl	%edx,%ecx
+	shldl	$5,%ebx,%ebx
+	vpsrld	$30,%xmm10,%xmm9
+	vpor	%xmm8,%xmm7,%xmm7
+	addl	%esi,%eax
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	vpslld	$2,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm7,%xmm7
+	shrdl	$7,%ebx,%ebx
+	xorl	%edx,%edi
+	movl	%eax,%esi
+	addl	60(%rsp),%ebp
+	vpxor	%xmm10,%xmm7,%xmm7
+	xorl	%ecx,%ebx
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	andl	%ebx,%esi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	vpalignr	$8,%xmm6,%xmm7,%xmm8
+	vpxor	%xmm4,%xmm0,%xmm0
+	shrdl	$7,%eax,%eax
+	xorl	%ecx,%esi
+	movl	%ebp,%edi
+	addl	0(%rsp),%edx
+	vpxor	%xmm1,%xmm0,%xmm0
+	xorl	%ebx,%eax
+	shldl	$5,%ebp,%ebp
+	vpaddd	%xmm7,%xmm11,%xmm9
+	addl	%esi,%edx
+	andl	%eax,%edi
+	vpxor	%xmm8,%xmm0,%xmm0
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	shrdl	$7,%ebp,%ebp
+	xorl	%ebx,%edi
+	vpsrld	$30,%xmm0,%xmm8
+	vmovdqa	%xmm9,48(%rsp)
+	movl	%edx,%esi
+	addl	4(%rsp),%ecx
+	xorl	%eax,%ebp
+	shldl	$5,%edx,%edx
+	vpslld	$2,%xmm0,%xmm0
+	addl	%edi,%ecx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	shrdl	$7,%edx,%edx
+	xorl	%eax,%esi
+	movl	%ecx,%edi
+	addl	8(%rsp),%ebx
+	vpor	%xmm8,%xmm0,%xmm0
+	xorl	%ebp,%edx
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	12(%rsp),%eax
+	xorl	%ebp,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vpalignr	$8,%xmm7,%xmm0,%xmm8
+	vpxor	%xmm5,%xmm1,%xmm1
+	addl	16(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	vpxor	%xmm2,%xmm1,%xmm1
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	vpaddd	%xmm0,%xmm11,%xmm9
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpxor	%xmm8,%xmm1,%xmm1
+	addl	20(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	vpsrld	$30,%xmm1,%xmm8
+	vmovdqa	%xmm9,0(%rsp)
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpslld	$2,%xmm1,%xmm1
+	addl	24(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpor	%xmm8,%xmm1,%xmm1
+	addl	28(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vpalignr	$8,%xmm0,%xmm1,%xmm8
+	vpxor	%xmm6,%xmm2,%xmm2
+	addl	32(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	vpxor	%xmm3,%xmm2,%xmm2
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	vpaddd	%xmm1,%xmm11,%xmm9
+	vmovdqa	0(%r14),%xmm11
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vpxor	%xmm8,%xmm2,%xmm2
+	addl	36(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	vpsrld	$30,%xmm2,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpslld	$2,%xmm2,%xmm2
+	addl	40(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpor	%xmm8,%xmm2,%xmm2
+	addl	44(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpalignr	$8,%xmm1,%xmm2,%xmm8
+	vpxor	%xmm7,%xmm3,%xmm3
+	addl	48(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	vpxor	%xmm4,%xmm3,%xmm3
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	vpaddd	%xmm2,%xmm11,%xmm9
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vpxor	%xmm8,%xmm3,%xmm3
+	addl	52(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	vpsrld	$30,%xmm3,%xmm8
+	vmovdqa	%xmm9,32(%rsp)
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vpslld	$2,%xmm3,%xmm3
+	addl	56(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpor	%xmm8,%xmm3,%xmm3
+	addl	60(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpalignr	$8,%xmm2,%xmm3,%xmm8
+	vpxor	%xmm0,%xmm4,%xmm4
+	addl	0(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	vpxor	%xmm5,%xmm4,%xmm4
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	vpaddd	%xmm3,%xmm11,%xmm9
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpxor	%xmm8,%xmm4,%xmm4
+	addl	4(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	vpsrld	$30,%xmm4,%xmm8
+	vmovdqa	%xmm9,48(%rsp)
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vpslld	$2,%xmm4,%xmm4
+	addl	8(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vpor	%xmm8,%xmm4,%xmm4
+	addl	12(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpalignr	$8,%xmm3,%xmm4,%xmm8
+	vpxor	%xmm1,%xmm5,%xmm5
+	addl	16(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	vpxor	%xmm6,%xmm5,%xmm5
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	vpaddd	%xmm4,%xmm11,%xmm9
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpxor	%xmm8,%xmm5,%xmm5
+	addl	20(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	vpsrld	$30,%xmm5,%xmm8
+	vmovdqa	%xmm9,0(%rsp)
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpslld	$2,%xmm5,%xmm5
+	addl	24(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vpor	%xmm8,%xmm5,%xmm5
+	addl	28(%rsp),%eax
+	shrdl	$7,%ecx,%ecx
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%ecx,%esi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	vpalignr	$8,%xmm4,%xmm5,%xmm8
+	vpxor	%xmm2,%xmm6,%xmm6
+	addl	32(%rsp),%ebp
+	andl	%ecx,%esi
+	xorl	%edx,%ecx
+	shrdl	$7,%ebx,%ebx
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%eax,%edi
+	xorl	%ecx,%esi
+	vpaddd	%xmm5,%xmm11,%xmm9
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	vpxor	%xmm8,%xmm6,%xmm6
+	xorl	%ebx,%edi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	addl	36(%rsp),%edx
+	vpsrld	$30,%xmm6,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	shrdl	$7,%eax,%eax
+	movl	%ebp,%esi
+	vpslld	$2,%xmm6,%xmm6
+	xorl	%ebx,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%eax,%esi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	addl	40(%rsp),%ecx
+	andl	%eax,%esi
+	vpor	%xmm8,%xmm6,%xmm6
+	xorl	%ebx,%eax
+	shrdl	$7,%ebp,%ebp
+	movl	%edx,%edi
+	xorl	%eax,%esi
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	xorl	%ebp,%edi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	addl	44(%rsp),%ebx
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	shrdl	$7,%edx,%edx
+	movl	%ecx,%esi
+	xorl	%ebp,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%edx,%esi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	vpalignr	$8,%xmm5,%xmm6,%xmm8
+	vpxor	%xmm3,%xmm7,%xmm7
+	addl	48(%rsp),%eax
+	andl	%edx,%esi
+	xorl	%ebp,%edx
+	shrdl	$7,%ecx,%ecx
+	vpxor	%xmm0,%xmm7,%xmm7
+	movl	%ebx,%edi
+	xorl	%edx,%esi
+	vpaddd	%xmm6,%xmm11,%xmm9
+	vmovdqa	32(%r14),%xmm11
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	vpxor	%xmm8,%xmm7,%xmm7
+	xorl	%ecx,%edi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	addl	52(%rsp),%ebp
+	vpsrld	$30,%xmm7,%xmm8
+	vmovdqa	%xmm9,32(%rsp)
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	shrdl	$7,%ebx,%ebx
+	movl	%eax,%esi
+	vpslld	$2,%xmm7,%xmm7
+	xorl	%ecx,%edi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ebx,%esi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	addl	56(%rsp),%edx
+	andl	%ebx,%esi
+	vpor	%xmm8,%xmm7,%xmm7
+	xorl	%ecx,%ebx
+	shrdl	$7,%eax,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%esi
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	xorl	%eax,%edi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	addl	60(%rsp),%ecx
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	shrdl	$7,%ebp,%ebp
+	movl	%edx,%esi
+	xorl	%eax,%edi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	vpalignr	$8,%xmm6,%xmm7,%xmm8
+	vpxor	%xmm4,%xmm0,%xmm0
+	addl	0(%rsp),%ebx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	shrdl	$7,%edx,%edx
+	vpxor	%xmm1,%xmm0,%xmm0
+	movl	%ecx,%edi
+	xorl	%ebp,%esi
+	vpaddd	%xmm7,%xmm11,%xmm9
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	vpxor	%xmm8,%xmm0,%xmm0
+	xorl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	4(%rsp),%eax
+	vpsrld	$30,%xmm0,%xmm8
+	vmovdqa	%xmm9,48(%rsp)
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	shrdl	$7,%ecx,%ecx
+	movl	%ebx,%esi
+	vpslld	$2,%xmm0,%xmm0
+	xorl	%edx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%ecx,%esi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	addl	8(%rsp),%ebp
+	andl	%ecx,%esi
+	vpor	%xmm8,%xmm0,%xmm0
+	xorl	%edx,%ecx
+	shrdl	$7,%ebx,%ebx
+	movl	%eax,%edi
+	xorl	%ecx,%esi
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	xorl	%ebx,%edi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	addl	12(%rsp),%edx
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	shrdl	$7,%eax,%eax
+	movl	%ebp,%esi
+	xorl	%ebx,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%eax,%esi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	vpalignr	$8,%xmm7,%xmm0,%xmm8
+	vpxor	%xmm5,%xmm1,%xmm1
+	addl	16(%rsp),%ecx
+	andl	%eax,%esi
+	xorl	%ebx,%eax
+	shrdl	$7,%ebp,%ebp
+	vpxor	%xmm2,%xmm1,%xmm1
+	movl	%edx,%edi
+	xorl	%eax,%esi
+	vpaddd	%xmm0,%xmm11,%xmm9
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	vpxor	%xmm8,%xmm1,%xmm1
+	xorl	%ebp,%edi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	addl	20(%rsp),%ebx
+	vpsrld	$30,%xmm1,%xmm8
+	vmovdqa	%xmm9,0(%rsp)
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	shrdl	$7,%edx,%edx
+	movl	%ecx,%esi
+	vpslld	$2,%xmm1,%xmm1
+	xorl	%ebp,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%edx,%esi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	24(%rsp),%eax
+	andl	%edx,%esi
+	vpor	%xmm8,%xmm1,%xmm1
+	xorl	%ebp,%edx
+	shrdl	$7,%ecx,%ecx
+	movl	%ebx,%edi
+	xorl	%edx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	xorl	%ecx,%edi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	addl	28(%rsp),%ebp
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	shrdl	$7,%ebx,%ebx
+	movl	%eax,%esi
+	xorl	%ecx,%edi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ebx,%esi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	vpalignr	$8,%xmm0,%xmm1,%xmm8
+	vpxor	%xmm6,%xmm2,%xmm2
+	addl	32(%rsp),%edx
+	andl	%ebx,%esi
+	xorl	%ecx,%ebx
+	shrdl	$7,%eax,%eax
+	vpxor	%xmm3,%xmm2,%xmm2
+	movl	%ebp,%edi
+	xorl	%ebx,%esi
+	vpaddd	%xmm1,%xmm11,%xmm9
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	vpxor	%xmm8,%xmm2,%xmm2
+	xorl	%eax,%edi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	addl	36(%rsp),%ecx
+	vpsrld	$30,%xmm2,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	shrdl	$7,%ebp,%ebp
+	movl	%edx,%esi
+	vpslld	$2,%xmm2,%xmm2
+	xorl	%eax,%edi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	addl	40(%rsp),%ebx
+	andl	%ebp,%esi
+	vpor	%xmm8,%xmm2,%xmm2
+	xorl	%eax,%ebp
+	shrdl	$7,%edx,%edx
+	movl	%ecx,%edi
+	xorl	%ebp,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	44(%rsp),%eax
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	shrdl	$7,%ecx,%ecx
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	addl	%ebx,%eax
+	vpalignr	$8,%xmm1,%xmm2,%xmm8
+	vpxor	%xmm7,%xmm3,%xmm3
+	addl	48(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	vpxor	%xmm4,%xmm3,%xmm3
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	vpaddd	%xmm2,%xmm11,%xmm9
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpxor	%xmm8,%xmm3,%xmm3
+	addl	52(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	vpsrld	$30,%xmm3,%xmm8
+	vmovdqa	%xmm9,32(%rsp)
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpslld	$2,%xmm3,%xmm3
+	addl	56(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpor	%xmm8,%xmm3,%xmm3
+	addl	60(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	0(%rsp),%eax
+	vpaddd	%xmm3,%xmm11,%xmm9
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	vmovdqa	%xmm9,48(%rsp)
+	xorl	%edx,%edi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	4(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	8(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	addl	12(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	cmpq	%r10,%r9
+	je	.Ldone_avx
+	vmovdqa	64(%r14),%xmm6
+	vmovdqa	-64(%r14),%xmm11
+	vmovdqu	0(%r9),%xmm0
+	vmovdqu	16(%r9),%xmm1
+	vmovdqu	32(%r9),%xmm2
+	vmovdqu	48(%r9),%xmm3
+	vpshufb	%xmm6,%xmm0,%xmm0
+	addq	$64,%r9
+	addl	16(%rsp),%ebx
+	xorl	%ebp,%esi
+	vpshufb	%xmm6,%xmm1,%xmm1
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	vpaddd	%xmm11,%xmm0,%xmm4
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vmovdqa	%xmm4,0(%rsp)
+	addl	20(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	24(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	28(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	addl	32(%rsp),%ecx
+	xorl	%eax,%esi
+	vpshufb	%xmm6,%xmm2,%xmm2
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	vpaddd	%xmm11,%xmm1,%xmm5
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vmovdqa	%xmm5,16(%rsp)
+	addl	36(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	40(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	44(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	48(%rsp),%edx
+	xorl	%ebx,%esi
+	vpshufb	%xmm6,%xmm3,%xmm3
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	vpaddd	%xmm11,%xmm2,%xmm6
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vmovdqa	%xmm6,32(%rsp)
+	addl	52(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	addl	56(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	60(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	0(%r8),%eax
+	addl	4(%r8),%esi
+	addl	8(%r8),%ecx
+	addl	12(%r8),%edx
+	movl	%eax,0(%r8)
+	addl	16(%r8),%ebp
+	movl	%esi,4(%r8)
+	movl	%esi,%ebx
+	movl	%ecx,8(%r8)
+	movl	%ecx,%edi
+	movl	%edx,12(%r8)
+	xorl	%edx,%edi
+	movl	%ebp,16(%r8)
+	andl	%edi,%esi
+	jmp	.Loop_avx
+
+.p2align	4
+.Ldone_avx:
+	addl	16(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	20(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	24(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	28(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	addl	32(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	addl	36(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	40(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	44(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	48(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	addl	52(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	addl	56(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	60(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vzeroupper
+
+	addl	0(%r8),%eax
+	addl	4(%r8),%esi
+	addl	8(%r8),%ecx
+	movl	%eax,0(%r8)
+	addl	12(%r8),%edx
+	movl	%esi,4(%r8)
+	addl	16(%r8),%ebp
+	movl	%ecx,8(%r8)
+	movl	%edx,12(%r8)
+	movl	%ebp,16(%r8)
+	movaps	-40-96(%r11),%xmm6
+	movaps	-40-80(%r11),%xmm7
+	movaps	-40-64(%r11),%xmm8
+	movaps	-40-48(%r11),%xmm9
+	movaps	-40-32(%r11),%xmm10
+	movaps	-40-16(%r11),%xmm11
+	movq	-40(%r11),%r14
+
+	movq	-32(%r11),%r13
+
+	movq	-24(%r11),%r12
+
+	movq	-16(%r11),%rbp
+
+	movq	-8(%r11),%rbx
+
+	leaq	(%r11),%rsp
+
+.Lepilogue_avx:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_sha1_block_data_order_avx:
+.def	sha1_block_data_order_avx2;	.scl 3;	.type 32;	.endef
+.p2align	4
+sha1_block_data_order_avx2:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_sha1_block_data_order_avx2:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+_avx2_shortcut:
+
+	movq	%rsp,%r11
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	vzeroupper
+	leaq	-96(%rsp),%rsp
+	vmovaps	%xmm6,-40-96(%r11)
+	vmovaps	%xmm7,-40-80(%r11)
+	vmovaps	%xmm8,-40-64(%r11)
+	vmovaps	%xmm9,-40-48(%r11)
+	vmovaps	%xmm10,-40-32(%r11)
+	vmovaps	%xmm11,-40-16(%r11)
+.Lprologue_avx2:
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rdx,%r10
+
+	leaq	-640(%rsp),%rsp
+	shlq	$6,%r10
+	leaq	64(%r9),%r13
+	andq	$-128,%rsp
+	addq	%r9,%r10
+	leaq	K_XX_XX+64(%rip),%r14
+
+	movl	0(%r8),%eax
+	cmpq	%r10,%r13
+	cmovaeq	%r9,%r13
+	movl	4(%r8),%ebp
+	movl	8(%r8),%ecx
+	movl	12(%r8),%edx
+	movl	16(%r8),%esi
+	vmovdqu	64(%r14),%ymm6
+
+	vmovdqu	(%r9),%xmm0
+	vmovdqu	16(%r9),%xmm1
+	vmovdqu	32(%r9),%xmm2
+	vmovdqu	48(%r9),%xmm3
+	leaq	64(%r9),%r9
+	vinserti128	$1,(%r13),%ymm0,%ymm0
+	vinserti128	$1,16(%r13),%ymm1,%ymm1
+	vpshufb	%ymm6,%ymm0,%ymm0
+	vinserti128	$1,32(%r13),%ymm2,%ymm2
+	vpshufb	%ymm6,%ymm1,%ymm1
+	vinserti128	$1,48(%r13),%ymm3,%ymm3
+	vpshufb	%ymm6,%ymm2,%ymm2
+	vmovdqu	-64(%r14),%ymm11
+	vpshufb	%ymm6,%ymm3,%ymm3
+
+	vpaddd	%ymm11,%ymm0,%ymm4
+	vpaddd	%ymm11,%ymm1,%ymm5
+	vmovdqu	%ymm4,0(%rsp)
+	vpaddd	%ymm11,%ymm2,%ymm6
+	vmovdqu	%ymm5,32(%rsp)
+	vpaddd	%ymm11,%ymm3,%ymm7
+	vmovdqu	%ymm6,64(%rsp)
+	vmovdqu	%ymm7,96(%rsp)
+	vpalignr	$8,%ymm0,%ymm1,%ymm4
+	vpsrldq	$4,%ymm3,%ymm8
+	vpxor	%ymm0,%ymm4,%ymm4
+	vpxor	%ymm2,%ymm8,%ymm8
+	vpxor	%ymm8,%ymm4,%ymm4
+	vpsrld	$31,%ymm4,%ymm8
+	vpslldq	$12,%ymm4,%ymm10
+	vpaddd	%ymm4,%ymm4,%ymm4
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm4,%ymm4
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm4,%ymm4
+	vpxor	%ymm10,%ymm4,%ymm4
+	vpaddd	%ymm11,%ymm4,%ymm9
+	vmovdqu	%ymm9,128(%rsp)
+	vpalignr	$8,%ymm1,%ymm2,%ymm5
+	vpsrldq	$4,%ymm4,%ymm8
+	vpxor	%ymm1,%ymm5,%ymm5
+	vpxor	%ymm3,%ymm8,%ymm8
+	vpxor	%ymm8,%ymm5,%ymm5
+	vpsrld	$31,%ymm5,%ymm8
+	vmovdqu	-32(%r14),%ymm11
+	vpslldq	$12,%ymm5,%ymm10
+	vpaddd	%ymm5,%ymm5,%ymm5
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm5,%ymm5
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm5,%ymm5
+	vpxor	%ymm10,%ymm5,%ymm5
+	vpaddd	%ymm11,%ymm5,%ymm9
+	vmovdqu	%ymm9,160(%rsp)
+	vpalignr	$8,%ymm2,%ymm3,%ymm6
+	vpsrldq	$4,%ymm5,%ymm8
+	vpxor	%ymm2,%ymm6,%ymm6
+	vpxor	%ymm4,%ymm8,%ymm8
+	vpxor	%ymm8,%ymm6,%ymm6
+	vpsrld	$31,%ymm6,%ymm8
+	vpslldq	$12,%ymm6,%ymm10
+	vpaddd	%ymm6,%ymm6,%ymm6
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm6,%ymm6
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm6,%ymm6
+	vpxor	%ymm10,%ymm6,%ymm6
+	vpaddd	%ymm11,%ymm6,%ymm9
+	vmovdqu	%ymm9,192(%rsp)
+	vpalignr	$8,%ymm3,%ymm4,%ymm7
+	vpsrldq	$4,%ymm6,%ymm8
+	vpxor	%ymm3,%ymm7,%ymm7
+	vpxor	%ymm5,%ymm8,%ymm8
+	vpxor	%ymm8,%ymm7,%ymm7
+	vpsrld	$31,%ymm7,%ymm8
+	vpslldq	$12,%ymm7,%ymm10
+	vpaddd	%ymm7,%ymm7,%ymm7
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm7,%ymm7
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm7,%ymm7
+	vpxor	%ymm10,%ymm7,%ymm7
+	vpaddd	%ymm11,%ymm7,%ymm9
+	vmovdqu	%ymm9,224(%rsp)
+	leaq	128(%rsp),%r13
+	jmp	.Loop_avx2
+.p2align	5
+.Loop_avx2:
+	rorxl	$2,%ebp,%ebx
+	andnl	%edx,%ebp,%edi
+	andl	%ecx,%ebp
+	xorl	%edi,%ebp
+	jmp	.Lalign32_1
+.p2align	5
+.Lalign32_1:
+	vpalignr	$8,%ymm6,%ymm7,%ymm8
+	vpxor	%ymm4,%ymm0,%ymm0
+	addl	-128(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	vpxor	%ymm1,%ymm0,%ymm0
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	vpxor	%ymm8,%ymm0,%ymm0
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	vpsrld	$30,%ymm0,%ymm8
+	vpslld	$2,%ymm0,%ymm0
+	addl	-124(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	vpor	%ymm8,%ymm0,%ymm0
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-120(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	vpaddd	%ymm11,%ymm0,%ymm9
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	vmovdqu	%ymm9,256(%rsp)
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-116(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	addl	-96(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	vpalignr	$8,%ymm7,%ymm0,%ymm8
+	vpxor	%ymm5,%ymm1,%ymm1
+	addl	-92(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	vpxor	%ymm2,%ymm1,%ymm1
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	vpxor	%ymm8,%ymm1,%ymm1
+	andl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	vpsrld	$30,%ymm1,%ymm8
+	vpslld	$2,%ymm1,%ymm1
+	addl	-88(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	vpor	%ymm8,%ymm1,%ymm1
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-84(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	vpaddd	%ymm11,%ymm1,%ymm9
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	vmovdqu	%ymm9,288(%rsp)
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-64(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-60(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	vpalignr	$8,%ymm0,%ymm1,%ymm8
+	vpxor	%ymm6,%ymm2,%ymm2
+	addl	-56(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	vpxor	%ymm3,%ymm2,%ymm2
+	vmovdqu	0(%r14),%ymm11
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	vpxor	%ymm8,%ymm2,%ymm2
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	vpsrld	$30,%ymm2,%ymm8
+	vpslld	$2,%ymm2,%ymm2
+	addl	-52(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	vpor	%ymm8,%ymm2,%ymm2
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	-32(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	vpaddd	%ymm11,%ymm2,%ymm9
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	vmovdqu	%ymm9,320(%rsp)
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-28(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-24(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	vpalignr	$8,%ymm1,%ymm2,%ymm8
+	vpxor	%ymm7,%ymm3,%ymm3
+	addl	-20(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	vpxor	%ymm4,%ymm3,%ymm3
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	vpxor	%ymm8,%ymm3,%ymm3
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	vpsrld	$30,%ymm3,%ymm8
+	vpslld	$2,%ymm3,%ymm3
+	addl	0(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	vpor	%ymm8,%ymm3,%ymm3
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	addl	4(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	vpaddd	%ymm11,%ymm3,%ymm9
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	vmovdqu	%ymm9,352(%rsp)
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	8(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	12(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	vpalignr	$8,%ymm2,%ymm3,%ymm8
+	vpxor	%ymm0,%ymm4,%ymm4
+	addl	32(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	vpxor	%ymm8,%ymm4,%ymm4
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	36(%r13),%ebx
+	vpsrld	$30,%ymm4,%ymm8
+	vpslld	$2,%ymm4,%ymm4
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	vpor	%ymm8,%ymm4,%ymm4
+	addl	40(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	vpaddd	%ymm11,%ymm4,%ymm9
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	44(%r13),%eax
+	vmovdqu	%ymm9,384(%rsp)
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	64(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	vpalignr	$8,%ymm3,%ymm4,%ymm8
+	vpxor	%ymm1,%ymm5,%ymm5
+	addl	68(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	vpxor	%ymm6,%ymm5,%ymm5
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	vpxor	%ymm8,%ymm5,%ymm5
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	72(%r13),%ecx
+	vpsrld	$30,%ymm5,%ymm8
+	vpslld	$2,%ymm5,%ymm5
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	vpor	%ymm8,%ymm5,%ymm5
+	addl	76(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	vpaddd	%ymm11,%ymm5,%ymm9
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	96(%r13),%ebp
+	vmovdqu	%ymm9,416(%rsp)
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	100(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	vpalignr	$8,%ymm4,%ymm5,%ymm8
+	vpxor	%ymm2,%ymm6,%ymm6
+	addl	104(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	vpxor	%ymm7,%ymm6,%ymm6
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	vpxor	%ymm8,%ymm6,%ymm6
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	108(%r13),%edx
+	leaq	256(%r13),%r13
+	vpsrld	$30,%ymm6,%ymm8
+	vpslld	$2,%ymm6,%ymm6
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	vpor	%ymm8,%ymm6,%ymm6
+	addl	-128(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	vpaddd	%ymm11,%ymm6,%ymm9
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-124(%r13),%ebx
+	vmovdqu	%ymm9,448(%rsp)
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-120(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	vpalignr	$8,%ymm5,%ymm6,%ymm8
+	vpxor	%ymm3,%ymm7,%ymm7
+	addl	-116(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	vpxor	%ymm0,%ymm7,%ymm7
+	vmovdqu	32(%r14),%ymm11
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	vpxor	%ymm8,%ymm7,%ymm7
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-96(%r13),%esi
+	vpsrld	$30,%ymm7,%ymm8
+	vpslld	$2,%ymm7,%ymm7
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	vpor	%ymm8,%ymm7,%ymm7
+	addl	-92(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	vpaddd	%ymm11,%ymm7,%ymm9
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-88(%r13),%ecx
+	vmovdqu	%ymm9,480(%rsp)
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-84(%r13),%ebx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	jmp	.Lalign32_2
+.p2align	5
+.Lalign32_2:
+	vpalignr	$8,%ymm6,%ymm7,%ymm8
+	vpxor	%ymm4,%ymm0,%ymm0
+	addl	-64(%r13),%ebp
+	xorl	%esi,%ecx
+	vpxor	%ymm1,%ymm0,%ymm0
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	vpxor	%ymm8,%ymm0,%ymm0
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	vpsrld	$30,%ymm0,%ymm8
+	vpslld	$2,%ymm0,%ymm0
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	-60(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	vpor	%ymm8,%ymm0,%ymm0
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	vpaddd	%ymm11,%ymm0,%ymm9
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	-56(%r13),%esi
+	xorl	%ecx,%ebp
+	vmovdqu	%ymm9,512(%rsp)
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	addl	-52(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	addl	-32(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	vpalignr	$8,%ymm7,%ymm0,%ymm8
+	vpxor	%ymm5,%ymm1,%ymm1
+	addl	-28(%r13),%ebx
+	xorl	%eax,%edx
+	vpxor	%ymm2,%ymm1,%ymm1
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	vpxor	%ymm8,%ymm1,%ymm1
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	vpsrld	$30,%ymm1,%ymm8
+	vpslld	$2,%ymm1,%ymm1
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	-24(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	vpor	%ymm8,%ymm1,%ymm1
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	vpaddd	%ymm11,%ymm1,%ymm9
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	-20(%r13),%eax
+	xorl	%edx,%ebx
+	vmovdqu	%ymm9,544(%rsp)
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	0(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	addl	4(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	vpalignr	$8,%ymm0,%ymm1,%ymm8
+	vpxor	%ymm6,%ymm2,%ymm2
+	addl	8(%r13),%ecx
+	xorl	%ebp,%esi
+	vpxor	%ymm3,%ymm2,%ymm2
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	vpxor	%ymm8,%ymm2,%ymm2
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	vpsrld	$30,%ymm2,%ymm8
+	vpslld	$2,%ymm2,%ymm2
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	addl	12(%r13),%ebx
+	xorl	%eax,%edx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	vpor	%ymm8,%ymm2,%ymm2
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	vpaddd	%ymm11,%ymm2,%ymm9
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	32(%r13),%ebp
+	xorl	%esi,%ecx
+	vmovdqu	%ymm9,576(%rsp)
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	36(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	40(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	vpalignr	$8,%ymm1,%ymm2,%ymm8
+	vpxor	%ymm7,%ymm3,%ymm3
+	addl	44(%r13),%edx
+	xorl	%ebx,%eax
+	vpxor	%ymm4,%ymm3,%ymm3
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	vpxor	%ymm8,%ymm3,%ymm3
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	vpsrld	$30,%ymm3,%ymm8
+	vpslld	$2,%ymm3,%ymm3
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	addl	64(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	vpor	%ymm8,%ymm3,%ymm3
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	vpaddd	%ymm11,%ymm3,%ymm9
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	addl	68(%r13),%ebx
+	xorl	%eax,%edx
+	vmovdqu	%ymm9,608(%rsp)
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	72(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	76(%r13),%eax
+	xorl	%edx,%ebx
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	96(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	100(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	104(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	108(%r13),%ebx
+	leaq	256(%r13),%r13
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-128(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	-124(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-120(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-116(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-96(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-92(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-88(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	-84(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-64(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-60(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-56(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-52(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-32(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	-28(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-24(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-20(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	addl	%r12d,%edx
+	leaq	128(%r9),%r13
+	leaq	128(%r9),%rdi
+	cmpq	%r10,%r13
+	cmovaeq	%r9,%r13
+
+
+	addl	0(%r8),%edx
+	addl	4(%r8),%esi
+	addl	8(%r8),%ebp
+	movl	%edx,0(%r8)
+	addl	12(%r8),%ebx
+	movl	%esi,4(%r8)
+	movl	%edx,%eax
+	addl	16(%r8),%ecx
+	movl	%ebp,%r12d
+	movl	%ebp,8(%r8)
+	movl	%ebx,%edx
+
+	movl	%ebx,12(%r8)
+	movl	%esi,%ebp
+	movl	%ecx,16(%r8)
+
+	movl	%ecx,%esi
+	movl	%r12d,%ecx
+
+
+	cmpq	%r10,%r9
+	je	.Ldone_avx2
+	vmovdqu	64(%r14),%ymm6
+	cmpq	%r10,%rdi
+	ja	.Last_avx2
+
+	vmovdqu	-64(%rdi),%xmm0
+	vmovdqu	-48(%rdi),%xmm1
+	vmovdqu	-32(%rdi),%xmm2
+	vmovdqu	-16(%rdi),%xmm3
+	vinserti128	$1,0(%r13),%ymm0,%ymm0
+	vinserti128	$1,16(%r13),%ymm1,%ymm1
+	vinserti128	$1,32(%r13),%ymm2,%ymm2
+	vinserti128	$1,48(%r13),%ymm3,%ymm3
+	jmp	.Last_avx2
+
+.p2align	5
+.Last_avx2:
+	leaq	128+16(%rsp),%r13
+	rorxl	$2,%ebp,%ebx
+	andnl	%edx,%ebp,%edi
+	andl	%ecx,%ebp
+	xorl	%edi,%ebp
+	subq	$-128,%r9
+	addl	-128(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-124(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-120(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-116(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	addl	-96(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	addl	-92(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	-88(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-84(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-64(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-60(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	addl	-56(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	addl	-52(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	-32(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-28(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-24(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-20(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	addl	0(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	addl	4(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	8(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	12(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	32(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	36(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	40(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	44(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	64(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	vmovdqu	-64(%r14),%ymm11
+	vpshufb	%ymm6,%ymm0,%ymm0
+	addl	68(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	72(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	76(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	96(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	100(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	vpshufb	%ymm6,%ymm1,%ymm1
+	vpaddd	%ymm11,%ymm0,%ymm8
+	addl	104(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	108(%r13),%edx
+	leaq	256(%r13),%r13
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-128(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-124(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-120(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	vmovdqu	%ymm8,0(%rsp)
+	vpshufb	%ymm6,%ymm2,%ymm2
+	vpaddd	%ymm11,%ymm1,%ymm9
+	addl	-116(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-96(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-92(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-88(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-84(%r13),%ebx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	vmovdqu	%ymm9,32(%rsp)
+	vpshufb	%ymm6,%ymm3,%ymm3
+	vpaddd	%ymm11,%ymm2,%ymm6
+	addl	-64(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	-60(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	-56(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	addl	-52(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	addl	-32(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	jmp	.Lalign32_3
+.p2align	5
+.Lalign32_3:
+	vmovdqu	%ymm6,64(%rsp)
+	vpaddd	%ymm11,%ymm3,%ymm7
+	addl	-28(%r13),%ebx
+	xorl	%eax,%edx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	-24(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	-20(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	0(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	addl	4(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	vmovdqu	%ymm7,96(%rsp)
+	addl	8(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	addl	12(%r13),%ebx
+	xorl	%eax,%edx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	32(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	36(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	40(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	vpalignr	$8,%ymm0,%ymm1,%ymm4
+	addl	44(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	vpsrldq	$4,%ymm3,%ymm8
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	vpxor	%ymm0,%ymm4,%ymm4
+	vpxor	%ymm2,%ymm8,%ymm8
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	vpxor	%ymm8,%ymm4,%ymm4
+	andl	%edi,%esi
+	addl	64(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	vpsrld	$31,%ymm4,%ymm8
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	vpslldq	$12,%ymm4,%ymm10
+	vpaddd	%ymm4,%ymm4,%ymm4
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm4,%ymm4
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm4,%ymm4
+	addl	68(%r13),%ebx
+	xorl	%eax,%edx
+	vpxor	%ymm10,%ymm4,%ymm4
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	vpaddd	%ymm11,%ymm4,%ymm9
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	vmovdqu	%ymm9,128(%rsp)
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	72(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	76(%r13),%eax
+	xorl	%edx,%ebx
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	vpalignr	$8,%ymm1,%ymm2,%ymm5
+	addl	96(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	vpsrldq	$4,%ymm4,%ymm8
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	vpxor	%ymm1,%ymm5,%ymm5
+	vpxor	%ymm3,%ymm8,%ymm8
+	addl	100(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	vpxor	%ymm8,%ymm5,%ymm5
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	vpsrld	$31,%ymm5,%ymm8
+	vmovdqu	-32(%r14),%ymm11
+	xorl	%ebx,%esi
+	addl	104(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	vpslldq	$12,%ymm5,%ymm10
+	vpaddd	%ymm5,%ymm5,%ymm5
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm5,%ymm5
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm5,%ymm5
+	xorl	%ebp,%edx
+	addl	108(%r13),%ebx
+	leaq	256(%r13),%r13
+	vpxor	%ymm10,%ymm5,%ymm5
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	vpaddd	%ymm11,%ymm5,%ymm9
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	vmovdqu	%ymm9,160(%rsp)
+	addl	-128(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	vpalignr	$8,%ymm2,%ymm3,%ymm6
+	addl	-124(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	vpsrldq	$4,%ymm5,%ymm8
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	vpxor	%ymm2,%ymm6,%ymm6
+	vpxor	%ymm4,%ymm8,%ymm8
+	addl	-120(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	vpxor	%ymm8,%ymm6,%ymm6
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	vpsrld	$31,%ymm6,%ymm8
+	xorl	%ecx,%eax
+	addl	-116(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	vpslldq	$12,%ymm6,%ymm10
+	vpaddd	%ymm6,%ymm6,%ymm6
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm6,%ymm6
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm6,%ymm6
+	xorl	%ebx,%esi
+	addl	-96(%r13),%ecx
+	vpxor	%ymm10,%ymm6,%ymm6
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	vpaddd	%ymm11,%ymm6,%ymm9
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	vmovdqu	%ymm9,192(%rsp)
+	addl	-92(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	vpalignr	$8,%ymm3,%ymm4,%ymm7
+	addl	-88(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	vpsrldq	$4,%ymm6,%ymm8
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	vpxor	%ymm3,%ymm7,%ymm7
+	vpxor	%ymm5,%ymm8,%ymm8
+	addl	-84(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	vpxor	%ymm8,%ymm7,%ymm7
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	vpsrld	$31,%ymm7,%ymm8
+	xorl	%edx,%ebp
+	addl	-64(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	vpslldq	$12,%ymm7,%ymm10
+	vpaddd	%ymm7,%ymm7,%ymm7
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm7,%ymm7
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm7,%ymm7
+	xorl	%ecx,%eax
+	addl	-60(%r13),%edx
+	vpxor	%ymm10,%ymm7,%ymm7
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	vpaddd	%ymm11,%ymm7,%ymm9
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	vmovdqu	%ymm9,224(%rsp)
+	addl	-56(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-52(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-32(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	-28(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-24(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-20(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	addl	%r12d,%edx
+	leaq	128(%rsp),%r13
+
+
+	addl	0(%r8),%edx
+	addl	4(%r8),%esi
+	addl	8(%r8),%ebp
+	movl	%edx,0(%r8)
+	addl	12(%r8),%ebx
+	movl	%esi,4(%r8)
+	movl	%edx,%eax
+	addl	16(%r8),%ecx
+	movl	%ebp,%r12d
+	movl	%ebp,8(%r8)
+	movl	%ebx,%edx
+
+	movl	%ebx,12(%r8)
+	movl	%esi,%ebp
+	movl	%ecx,16(%r8)
+
+	movl	%ecx,%esi
+	movl	%r12d,%ecx
+
+
+	cmpq	%r10,%r9
+	jbe	.Loop_avx2
+
+.Ldone_avx2:
+	vzeroupper
+	movaps	-40-96(%r11),%xmm6
+	movaps	-40-80(%r11),%xmm7
+	movaps	-40-64(%r11),%xmm8
+	movaps	-40-48(%r11),%xmm9
+	movaps	-40-32(%r11),%xmm10
+	movaps	-40-16(%r11),%xmm11
+	movq	-40(%r11),%r14
+
+	movq	-32(%r11),%r13
+
+	movq	-24(%r11),%r12
+
+	movq	-16(%r11),%rbp
+
+	movq	-8(%r11),%rbx
+
+	leaq	(%r11),%rsp
+
+.Lepilogue_avx2:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_sha1_block_data_order_avx2:
+.p2align	6
+K_XX_XX:
+.long	0x5a827999,0x5a827999,0x5a827999,0x5a827999
+.long	0x5a827999,0x5a827999,0x5a827999,0x5a827999
+.long	0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1
+.long	0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1
+.long	0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc
+.long	0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc
+.long	0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6
+.long	0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+.byte	0xf,0xe,0xd,0xc,0xb,0xa,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0
+.byte	83,72,65,49,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.p2align	6
+
+.def	se_handler;	.scl 3;	.type 32;	.endef
+.p2align	4
+se_handler:
+	pushq	%rsi
+	pushq	%rdi
+	pushq	%rbx
+	pushq	%rbp
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	pushfq
+	subq	$64,%rsp
+
+	movq	120(%r8),%rax
+	movq	248(%r8),%rbx
+
+	leaq	.Lprologue(%rip),%r10
+	cmpq	%r10,%rbx
+	jb	.Lcommon_seh_tail
+
+	movq	152(%r8),%rax
+
+	leaq	.Lepilogue(%rip),%r10
+	cmpq	%r10,%rbx
+	jae	.Lcommon_seh_tail
+
+	movq	64(%rax),%rax
+
+	movq	-8(%rax),%rbx
+	movq	-16(%rax),%rbp
+	movq	-24(%rax),%r12
+	movq	-32(%rax),%r13
+	movq	-40(%rax),%r14
+	movq	%rbx,144(%r8)
+	movq	%rbp,160(%r8)
+	movq	%r12,216(%r8)
+	movq	%r13,224(%r8)
+	movq	%r14,232(%r8)
+
+	jmp	.Lcommon_seh_tail
+
+.def	shaext_handler;	.scl 3;	.type 32;	.endef
+.p2align	4
+shaext_handler:
+	pushq	%rsi
+	pushq	%rdi
+	pushq	%rbx
+	pushq	%rbp
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	pushfq
+	subq	$64,%rsp
+
+	movq	120(%r8),%rax
+	movq	248(%r8),%rbx
+
+	leaq	.Lprologue_shaext(%rip),%r10
+	cmpq	%r10,%rbx
+	jb	.Lcommon_seh_tail
+
+	leaq	.Lepilogue_shaext(%rip),%r10
+	cmpq	%r10,%rbx
+	jae	.Lcommon_seh_tail
+
+	leaq	-8-64(%rax),%rsi
+	leaq	512(%r8),%rdi
+	movl	$8,%ecx
+.long	0xa548f3fc
+
+	jmp	.Lcommon_seh_tail
+
+.def	ssse3_handler;	.scl 3;	.type 32;	.endef
+.p2align	4
+ssse3_handler:
+	pushq	%rsi
+	pushq	%rdi
+	pushq	%rbx
+	pushq	%rbp
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	pushfq
+	subq	$64,%rsp
+
+	movq	120(%r8),%rax
+	movq	248(%r8),%rbx
+
+	movq	8(%r9),%rsi
+	movq	56(%r9),%r11
+
+	movl	0(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jb	.Lcommon_seh_tail
+
+	movq	208(%r8),%rax
+
+	movl	4(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jae	.Lcommon_seh_tail
+
+	leaq	-40-96(%rax),%rsi
+	leaq	512(%r8),%rdi
+	movl	$12,%ecx
+.long	0xa548f3fc
+
+	movq	-8(%rax),%rbx
+	movq	-16(%rax),%rbp
+	movq	-24(%rax),%r12
+	movq	-32(%rax),%r13
+	movq	-40(%rax),%r14
+	movq	%rbx,144(%r8)
+	movq	%rbp,160(%r8)
+	movq	%r12,216(%r8)
+	movq	%r13,224(%r8)
+	movq	%r14,232(%r8)
+
+.Lcommon_seh_tail:
+	movq	8(%rax),%rdi
+	movq	16(%rax),%rsi
+	movq	%rax,152(%r8)
+	movq	%rsi,168(%r8)
+	movq	%rdi,176(%r8)
+
+	movq	40(%r9),%rdi
+	movq	%r8,%rsi
+	movl	$154,%ecx
+.long	0xa548f3fc
+
+	movq	%r9,%rsi
+	xorq	%rcx,%rcx
+	movq	8(%rsi),%rdx
+	movq	0(%rsi),%r8
+	movq	16(%rsi),%r9
+	movq	40(%rsi),%r10
+	leaq	56(%rsi),%r11
+	leaq	24(%rsi),%r12
+	movq	%r10,32(%rsp)
+	movq	%r11,40(%rsp)
+	movq	%r12,48(%rsp)
+	movq	%rcx,56(%rsp)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	movl	$1,%eax
+	addq	$64,%rsp
+	popfq
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbp
+	popq	%rbx
+	popq	%rdi
+	popq	%rsi
+	.byte	0xf3,0xc3
+
+
+.section	.pdata
+.p2align	2
+.rva	.LSEH_begin_sha1_block_data_order
+.rva	.LSEH_end_sha1_block_data_order
+.rva	.LSEH_info_sha1_block_data_order
+.rva	.LSEH_begin_sha1_block_data_order_shaext
+.rva	.LSEH_end_sha1_block_data_order_shaext
+.rva	.LSEH_info_sha1_block_data_order_shaext
+.rva	.LSEH_begin_sha1_block_data_order_ssse3
+.rva	.LSEH_end_sha1_block_data_order_ssse3
+.rva	.LSEH_info_sha1_block_data_order_ssse3
+.rva	.LSEH_begin_sha1_block_data_order_avx
+.rva	.LSEH_end_sha1_block_data_order_avx
+.rva	.LSEH_info_sha1_block_data_order_avx
+.rva	.LSEH_begin_sha1_block_data_order_avx2
+.rva	.LSEH_end_sha1_block_data_order_avx2
+.rva	.LSEH_info_sha1_block_data_order_avx2
+.section	.xdata
+.p2align	3
+.LSEH_info_sha1_block_data_order:
+.byte	9,0,0,0
+.rva	se_handler
+.LSEH_info_sha1_block_data_order_shaext:
+.byte	9,0,0,0
+.rva	shaext_handler
+.LSEH_info_sha1_block_data_order_ssse3:
+.byte	9,0,0,0
+.rva	ssse3_handler
+.rva	.Lprologue_ssse3,.Lepilogue_ssse3
+.LSEH_info_sha1_block_data_order_avx:
+.byte	9,0,0,0
+.rva	ssse3_handler
+.rva	.Lprologue_avx,.Lepilogue_avx
+.LSEH_info_sha1_block_data_order_avx2:
+.byte	9,0,0,0
+.rva	ssse3_handler
+.rva	.Lprologue_avx2,.Lepilogue_avx2
+
diff --git a/lib/accelerated/x86/coff/sha256-ssse3-x86.s b/lib/accelerated/x86/coff/sha256-ssse3-x86.s
new file mode 100644
index 0000000..05cd61d
--- /dev/null
+++ b/lib/accelerated/x86/coff/sha256-ssse3-x86.s
@@ -0,0 +1,3385 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text
+.globl	_sha256_block_data_order
+.def	_sha256_block_data_order;	.scl	2;	.type	32;	.endef
+.align	16
+_sha256_block_data_order:
+.L_sha256_block_data_order_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	%esp,%ebx
+	call	.L000pic_point
+.L000pic_point:
+	popl	%ebp
+	leal	.L001K256-.L000pic_point(%ebp),%ebp
+	subl	$16,%esp
+	andl	$-64,%esp
+	shll	$6,%eax
+	addl	%edi,%eax
+	movl	%esi,(%esp)
+	movl	%edi,4(%esp)
+	movl	%eax,8(%esp)
+	movl	%ebx,12(%esp)
+	jmp	.L002loop
+.align	16
+.L002loop:
+	movl	(%edi),%eax
+	movl	4(%edi),%ebx
+	movl	8(%edi),%ecx
+	bswap	%eax
+	movl	12(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	16(%edi),%eax
+	movl	20(%edi),%ebx
+	movl	24(%edi),%ecx
+	bswap	%eax
+	movl	28(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	32(%edi),%eax
+	movl	36(%edi),%ebx
+	movl	40(%edi),%ecx
+	bswap	%eax
+	movl	44(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	48(%edi),%eax
+	movl	52(%edi),%ebx
+	movl	56(%edi),%ecx
+	bswap	%eax
+	movl	60(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	addl	$64,%edi
+	leal	-36(%esp),%esp
+	movl	%edi,104(%esp)
+	movl	(%esi),%eax
+	movl	4(%esi),%ebx
+	movl	8(%esi),%ecx
+	movl	12(%esi),%edi
+	movl	%ebx,8(%esp)
+	xorl	%ecx,%ebx
+	movl	%ecx,12(%esp)
+	movl	%edi,16(%esp)
+	movl	%ebx,(%esp)
+	movl	16(%esi),%edx
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%edi
+	movl	%ebx,24(%esp)
+	movl	%ecx,28(%esp)
+	movl	%edi,32(%esp)
+.align	16
+.L00300_15:
+	movl	%edx,%ecx
+	movl	24(%esp),%esi
+	rorl	$14,%ecx
+	movl	28(%esp),%edi
+	xorl	%edx,%ecx
+	xorl	%edi,%esi
+	movl	96(%esp),%ebx
+	rorl	$5,%ecx
+	andl	%edx,%esi
+	movl	%edx,20(%esp)
+	xorl	%ecx,%edx
+	addl	32(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%esi,%ebx
+	rorl	$9,%ecx
+	addl	%edx,%ebx
+	movl	8(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,4(%esp)
+	leal	-4(%esp),%esp
+	rorl	$11,%ecx
+	movl	(%ebp),%esi
+	xorl	%eax,%ecx
+	movl	20(%esp),%edx
+	xorl	%edi,%eax
+	rorl	$2,%ecx
+	addl	%esi,%ebx
+	movl	%eax,(%esp)
+	addl	%ebx,%edx
+	andl	4(%esp),%eax
+	addl	%ecx,%ebx
+	xorl	%edi,%eax
+	addl	$4,%ebp
+	addl	%ebx,%eax
+	cmpl	$3248222580,%esi
+	jne	.L00300_15
+	movl	156(%esp),%ecx
+	jmp	.L00416_63
+.align	16
+.L00416_63:
+	movl	%ecx,%ebx
+	movl	104(%esp),%esi
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	160(%esp),%ebx
+	shrl	$10,%edi
+	addl	124(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	24(%esp),%esi
+	rorl	$14,%ecx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%edx,%ecx
+	xorl	%edi,%esi
+	movl	%ebx,96(%esp)
+	rorl	$5,%ecx
+	andl	%edx,%esi
+	movl	%edx,20(%esp)
+	xorl	%ecx,%edx
+	addl	32(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%esi,%ebx
+	rorl	$9,%ecx
+	addl	%edx,%ebx
+	movl	8(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,4(%esp)
+	leal	-4(%esp),%esp
+	rorl	$11,%ecx
+	movl	(%ebp),%esi
+	xorl	%eax,%ecx
+	movl	20(%esp),%edx
+	xorl	%edi,%eax
+	rorl	$2,%ecx
+	addl	%esi,%ebx
+	movl	%eax,(%esp)
+	addl	%ebx,%edx
+	andl	4(%esp),%eax
+	addl	%ecx,%ebx
+	xorl	%edi,%eax
+	movl	156(%esp),%ecx
+	addl	$4,%ebp
+	addl	%ebx,%eax
+	cmpl	$3329325298,%esi
+	jne	.L00416_63
+	movl	356(%esp),%esi
+	movl	8(%esp),%ebx
+	movl	16(%esp),%ecx
+	addl	(%esi),%eax
+	addl	4(%esi),%ebx
+	addl	8(%esi),%edi
+	addl	12(%esi),%ecx
+	movl	%eax,(%esi)
+	movl	%ebx,4(%esi)
+	movl	%edi,8(%esi)
+	movl	%ecx,12(%esi)
+	movl	24(%esp),%eax
+	movl	28(%esp),%ebx
+	movl	32(%esp),%ecx
+	movl	360(%esp),%edi
+	addl	16(%esi),%edx
+	addl	20(%esi),%eax
+	addl	24(%esi),%ebx
+	addl	28(%esi),%ecx
+	movl	%edx,16(%esi)
+	movl	%eax,20(%esi)
+	movl	%ebx,24(%esi)
+	movl	%ecx,28(%esi)
+	leal	356(%esp),%esp
+	subl	$256,%ebp
+	cmpl	8(%esp),%edi
+	jb	.L002loop
+	movl	12(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	32
+.L005loop_shrd:
+	movl	(%edi),%eax
+	movl	4(%edi),%ebx
+	movl	8(%edi),%ecx
+	bswap	%eax
+	movl	12(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	16(%edi),%eax
+	movl	20(%edi),%ebx
+	movl	24(%edi),%ecx
+	bswap	%eax
+	movl	28(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	32(%edi),%eax
+	movl	36(%edi),%ebx
+	movl	40(%edi),%ecx
+	bswap	%eax
+	movl	44(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	48(%edi),%eax
+	movl	52(%edi),%ebx
+	movl	56(%edi),%ecx
+	bswap	%eax
+	movl	60(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	addl	$64,%edi
+	leal	-36(%esp),%esp
+	movl	%edi,104(%esp)
+	movl	(%esi),%eax
+	movl	4(%esi),%ebx
+	movl	8(%esi),%ecx
+	movl	12(%esi),%edi
+	movl	%ebx,8(%esp)
+	xorl	%ecx,%ebx
+	movl	%ecx,12(%esp)
+	movl	%edi,16(%esp)
+	movl	%ebx,(%esp)
+	movl	16(%esi),%edx
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%edi
+	movl	%ebx,24(%esp)
+	movl	%ecx,28(%esp)
+	movl	%edi,32(%esp)
+.align	16
+.L00600_15_shrd:
+	movl	%edx,%ecx
+	movl	24(%esp),%esi
+	shrdl	$14,%ecx,%ecx
+	movl	28(%esp),%edi
+	xorl	%edx,%ecx
+	xorl	%edi,%esi
+	movl	96(%esp),%ebx
+	shrdl	$5,%ecx,%ecx
+	andl	%edx,%esi
+	movl	%edx,20(%esp)
+	xorl	%ecx,%edx
+	addl	32(%esp),%ebx
+	xorl	%edi,%esi
+	shrdl	$6,%edx,%edx
+	movl	%eax,%ecx
+	addl	%esi,%ebx
+	shrdl	$9,%ecx,%ecx
+	addl	%edx,%ebx
+	movl	8(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,4(%esp)
+	leal	-4(%esp),%esp
+	shrdl	$11,%ecx,%ecx
+	movl	(%ebp),%esi
+	xorl	%eax,%ecx
+	movl	20(%esp),%edx
+	xorl	%edi,%eax
+	shrdl	$2,%ecx,%ecx
+	addl	%esi,%ebx
+	movl	%eax,(%esp)
+	addl	%ebx,%edx
+	andl	4(%esp),%eax
+	addl	%ecx,%ebx
+	xorl	%edi,%eax
+	addl	$4,%ebp
+	addl	%ebx,%eax
+	cmpl	$3248222580,%esi
+	jne	.L00600_15_shrd
+	movl	156(%esp),%ecx
+	jmp	.L00716_63_shrd
+.align	16
+.L00716_63_shrd:
+	movl	%ecx,%ebx
+	movl	104(%esp),%esi
+	shrdl	$11,%ecx,%ecx
+	movl	%esi,%edi
+	shrdl	$2,%esi,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	shrdl	$7,%ecx,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	shrdl	$17,%esi,%esi
+	addl	160(%esp),%ebx
+	shrl	$10,%edi
+	addl	124(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	24(%esp),%esi
+	shrdl	$14,%ecx,%ecx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%edx,%ecx
+	xorl	%edi,%esi
+	movl	%ebx,96(%esp)
+	shrdl	$5,%ecx,%ecx
+	andl	%edx,%esi
+	movl	%edx,20(%esp)
+	xorl	%ecx,%edx
+	addl	32(%esp),%ebx
+	xorl	%edi,%esi
+	shrdl	$6,%edx,%edx
+	movl	%eax,%ecx
+	addl	%esi,%ebx
+	shrdl	$9,%ecx,%ecx
+	addl	%edx,%ebx
+	movl	8(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,4(%esp)
+	leal	-4(%esp),%esp
+	shrdl	$11,%ecx,%ecx
+	movl	(%ebp),%esi
+	xorl	%eax,%ecx
+	movl	20(%esp),%edx
+	xorl	%edi,%eax
+	shrdl	$2,%ecx,%ecx
+	addl	%esi,%ebx
+	movl	%eax,(%esp)
+	addl	%ebx,%edx
+	andl	4(%esp),%eax
+	addl	%ecx,%ebx
+	xorl	%edi,%eax
+	movl	156(%esp),%ecx
+	addl	$4,%ebp
+	addl	%ebx,%eax
+	cmpl	$3329325298,%esi
+	jne	.L00716_63_shrd
+	movl	356(%esp),%esi
+	movl	8(%esp),%ebx
+	movl	16(%esp),%ecx
+	addl	(%esi),%eax
+	addl	4(%esi),%ebx
+	addl	8(%esi),%edi
+	addl	12(%esi),%ecx
+	movl	%eax,(%esi)
+	movl	%ebx,4(%esi)
+	movl	%edi,8(%esi)
+	movl	%ecx,12(%esi)
+	movl	24(%esp),%eax
+	movl	28(%esp),%ebx
+	movl	32(%esp),%ecx
+	movl	360(%esp),%edi
+	addl	16(%esi),%edx
+	addl	20(%esi),%eax
+	addl	24(%esi),%ebx
+	addl	28(%esi),%ecx
+	movl	%edx,16(%esi)
+	movl	%eax,20(%esi)
+	movl	%ebx,24(%esi)
+	movl	%ecx,28(%esi)
+	leal	356(%esp),%esp
+	subl	$256,%ebp
+	cmpl	8(%esp),%edi
+	jb	.L005loop_shrd
+	movl	12(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	64
+.L001K256:
+.long	1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298
+.long	66051,67438087,134810123,202182159
+.byte	83,72,65,50,53,54,32,98,108,111,99,107,32,116,114,97
+.byte	110,115,102,111,114,109,32,102,111,114,32,120,56,54,44,32
+.byte	67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97
+.byte	112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103
+.byte	62,0
+.align	16
+.L008unrolled:
+	leal	-96(%esp),%esp
+	movl	(%esi),%eax
+	movl	4(%esi),%ebp
+	movl	8(%esi),%ecx
+	movl	12(%esi),%ebx
+	movl	%ebp,4(%esp)
+	xorl	%ecx,%ebp
+	movl	%ecx,8(%esp)
+	movl	%ebx,12(%esp)
+	movl	16(%esi),%edx
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%esi
+	movl	%ebx,20(%esp)
+	movl	%ecx,24(%esp)
+	movl	%esi,28(%esp)
+	jmp	.L009grand_loop
+.align	16
+.L009grand_loop:
+	movl	(%edi),%ebx
+	movl	4(%edi),%ecx
+	bswap	%ebx
+	movl	8(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,32(%esp)
+	bswap	%esi
+	movl	%ecx,36(%esp)
+	movl	%esi,40(%esp)
+	movl	12(%edi),%ebx
+	movl	16(%edi),%ecx
+	bswap	%ebx
+	movl	20(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,44(%esp)
+	bswap	%esi
+	movl	%ecx,48(%esp)
+	movl	%esi,52(%esp)
+	movl	24(%edi),%ebx
+	movl	28(%edi),%ecx
+	bswap	%ebx
+	movl	32(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,56(%esp)
+	bswap	%esi
+	movl	%ecx,60(%esp)
+	movl	%esi,64(%esp)
+	movl	36(%edi),%ebx
+	movl	40(%edi),%ecx
+	bswap	%ebx
+	movl	44(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,68(%esp)
+	bswap	%esi
+	movl	%ecx,72(%esp)
+	movl	%esi,76(%esp)
+	movl	48(%edi),%ebx
+	movl	52(%edi),%ecx
+	bswap	%ebx
+	movl	56(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,80(%esp)
+	bswap	%esi
+	movl	%ecx,84(%esp)
+	movl	%esi,88(%esp)
+	movl	60(%edi),%ebx
+	addl	$64,%edi
+	bswap	%ebx
+	movl	%edi,100(%esp)
+	movl	%ebx,92(%esp)
+	movl	%edx,%ecx
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	32(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1116352408(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	36(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1899447441(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	40(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3049323471(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	44(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3921009573(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	48(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	961987163(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	52(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1508970993(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	56(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2453635748(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	60(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2870763221(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	64(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3624381080(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	68(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	310598401(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	72(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	607225278(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	76(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1426881987(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	80(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1925078388(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	84(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2162078206(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	88(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2614888103(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	92(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3248222580(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	36(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	88(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	32(%esp),%ebx
+	shrl	$10,%edi
+	addl	68(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,32(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3835390401(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	40(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	92(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	36(%esp),%ebx
+	shrl	$10,%edi
+	addl	72(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,36(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	4022224774(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	44(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	32(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	40(%esp),%ebx
+	shrl	$10,%edi
+	addl	76(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,40(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	264347078(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	48(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	36(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	44(%esp),%ebx
+	shrl	$10,%edi
+	addl	80(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,44(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	604807628(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	52(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	40(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	48(%esp),%ebx
+	shrl	$10,%edi
+	addl	84(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,48(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	770255983(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	56(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	44(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	52(%esp),%ebx
+	shrl	$10,%edi
+	addl	88(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,52(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1249150122(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	60(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	48(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	56(%esp),%ebx
+	shrl	$10,%edi
+	addl	92(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,56(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1555081692(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	64(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	52(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	60(%esp),%ebx
+	shrl	$10,%edi
+	addl	32(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,60(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1996064986(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	68(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	56(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	64(%esp),%ebx
+	shrl	$10,%edi
+	addl	36(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,64(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2554220882(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	72(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	60(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	68(%esp),%ebx
+	shrl	$10,%edi
+	addl	40(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,68(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2821834349(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	76(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	64(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	72(%esp),%ebx
+	shrl	$10,%edi
+	addl	44(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,72(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2952996808(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	80(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	68(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	76(%esp),%ebx
+	shrl	$10,%edi
+	addl	48(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,76(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3210313671(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	84(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	72(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	80(%esp),%ebx
+	shrl	$10,%edi
+	addl	52(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,80(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3336571891(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	88(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	76(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	84(%esp),%ebx
+	shrl	$10,%edi
+	addl	56(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,84(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3584528711(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	92(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	80(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	88(%esp),%ebx
+	shrl	$10,%edi
+	addl	60(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,88(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	113926993(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	32(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	84(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	92(%esp),%ebx
+	shrl	$10,%edi
+	addl	64(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,92(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	338241895(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	36(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	88(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	32(%esp),%ebx
+	shrl	$10,%edi
+	addl	68(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,32(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	666307205(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	40(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	92(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	36(%esp),%ebx
+	shrl	$10,%edi
+	addl	72(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,36(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	773529912(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	44(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	32(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	40(%esp),%ebx
+	shrl	$10,%edi
+	addl	76(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,40(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1294757372(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	48(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	36(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	44(%esp),%ebx
+	shrl	$10,%edi
+	addl	80(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,44(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1396182291(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	52(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	40(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	48(%esp),%ebx
+	shrl	$10,%edi
+	addl	84(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,48(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1695183700(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	56(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	44(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	52(%esp),%ebx
+	shrl	$10,%edi
+	addl	88(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,52(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1986661051(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	60(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	48(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	56(%esp),%ebx
+	shrl	$10,%edi
+	addl	92(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,56(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2177026350(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	64(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	52(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	60(%esp),%ebx
+	shrl	$10,%edi
+	addl	32(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,60(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2456956037(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	68(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	56(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	64(%esp),%ebx
+	shrl	$10,%edi
+	addl	36(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,64(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2730485921(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	72(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	60(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	68(%esp),%ebx
+	shrl	$10,%edi
+	addl	40(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,68(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2820302411(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	76(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	64(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	72(%esp),%ebx
+	shrl	$10,%edi
+	addl	44(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,72(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3259730800(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	80(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	68(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	76(%esp),%ebx
+	shrl	$10,%edi
+	addl	48(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,76(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3345764771(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	84(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	72(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	80(%esp),%ebx
+	shrl	$10,%edi
+	addl	52(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,80(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3516065817(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	88(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	76(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	84(%esp),%ebx
+	shrl	$10,%edi
+	addl	56(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,84(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3600352804(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	92(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	80(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	88(%esp),%ebx
+	shrl	$10,%edi
+	addl	60(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,88(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	4094571909(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	32(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	84(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	92(%esp),%ebx
+	shrl	$10,%edi
+	addl	64(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,92(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	275423344(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	36(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	88(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	32(%esp),%ebx
+	shrl	$10,%edi
+	addl	68(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,32(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	430227734(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	40(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	92(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	36(%esp),%ebx
+	shrl	$10,%edi
+	addl	72(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,36(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	506948616(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	44(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	32(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	40(%esp),%ebx
+	shrl	$10,%edi
+	addl	76(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,40(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	659060556(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	48(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	36(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	44(%esp),%ebx
+	shrl	$10,%edi
+	addl	80(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,44(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	883997877(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	52(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	40(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	48(%esp),%ebx
+	shrl	$10,%edi
+	addl	84(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,48(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	958139571(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	56(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	44(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	52(%esp),%ebx
+	shrl	$10,%edi
+	addl	88(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,52(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1322822218(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	60(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	48(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	56(%esp),%ebx
+	shrl	$10,%edi
+	addl	92(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,56(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1537002063(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	64(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	52(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	60(%esp),%ebx
+	shrl	$10,%edi
+	addl	32(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,60(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1747873779(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	68(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	56(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	64(%esp),%ebx
+	shrl	$10,%edi
+	addl	36(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,64(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1955562222(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	72(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	60(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	68(%esp),%ebx
+	shrl	$10,%edi
+	addl	40(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,68(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2024104815(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	76(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	64(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	72(%esp),%ebx
+	shrl	$10,%edi
+	addl	44(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,72(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2227730452(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	80(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	68(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	76(%esp),%ebx
+	shrl	$10,%edi
+	addl	48(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,76(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2361852424(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	84(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	72(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	80(%esp),%ebx
+	shrl	$10,%edi
+	addl	52(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,80(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2428436474(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	88(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	76(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	84(%esp),%ebx
+	shrl	$10,%edi
+	addl	56(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,84(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2756734187(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	92(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	80(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	88(%esp),%ebx
+	shrl	$10,%edi
+	addl	60(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3204031479(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	32(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	84(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	92(%esp),%ebx
+	shrl	$10,%edi
+	addl	64(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3329325298(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	96(%esp),%esi
+	xorl	%edi,%ebp
+	movl	12(%esp),%ecx
+	addl	(%esi),%eax
+	addl	4(%esi),%ebp
+	addl	8(%esi),%edi
+	addl	12(%esi),%ecx
+	movl	%eax,(%esi)
+	movl	%ebp,4(%esi)
+	movl	%edi,8(%esi)
+	movl	%ecx,12(%esi)
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	movl	%edi,8(%esp)
+	movl	%ecx,12(%esp)
+	movl	20(%esp),%edi
+	movl	24(%esp),%ebx
+	movl	28(%esp),%ecx
+	addl	16(%esi),%edx
+	addl	20(%esi),%edi
+	addl	24(%esi),%ebx
+	addl	28(%esi),%ecx
+	movl	%edx,16(%esi)
+	movl	%edi,20(%esi)
+	movl	%ebx,24(%esi)
+	movl	%ecx,28(%esi)
+	movl	%edi,20(%esp)
+	movl	100(%esp),%edi
+	movl	%ebx,24(%esp)
+	movl	%ecx,28(%esp)
+	cmpl	104(%esp),%edi
+	jb	.L009grand_loop
+	movl	108(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+
diff --git a/lib/accelerated/x86/coff/sha256-ssse3-x86_64.s b/lib/accelerated/x86/coff/sha256-ssse3-x86_64.s
new file mode 100644
index 0000000..389cac9
--- /dev/null
+++ b/lib/accelerated/x86/coff/sha256-ssse3-x86_64.s
@@ -0,0 +1,5737 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+.globl	sha256_block_data_order
+.def	sha256_block_data_order;	.scl 2;	.type 32;	.endef
+.p2align	4
+sha256_block_data_order:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_sha256_block_data_order:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+
+	leaq	GNUTLS_x86_cpuid_s(%rip),%r11
+	movl	0(%r11),%r9d
+	movl	4(%r11),%r10d
+	movl	8(%r11),%r11d
+	testl	$536870912,%r11d
+	jnz	_shaext_shortcut
+	andl	$296,%r11d
+	cmpl	$296,%r11d
+	je	.Lavx2_shortcut
+	andl	$1073741824,%r9d
+	andl	$268435968,%r10d
+	orl	%r9d,%r10d
+	cmpl	$1342177792,%r10d
+	je	.Lavx_shortcut
+	testl	$512,%r10d
+	jnz	.Lssse3_shortcut
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	shlq	$4,%rdx
+	subq	$64+32,%rsp
+	leaq	(%rsi,%rdx,4),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,64+0(%rsp)
+	movq	%rsi,64+8(%rsp)
+	movq	%rdx,64+16(%rsp)
+	movq	%rax,88(%rsp)
+
+.Lprologue:
+
+	movl	0(%rdi),%eax
+	movl	4(%rdi),%ebx
+	movl	8(%rdi),%ecx
+	movl	12(%rdi),%edx
+	movl	16(%rdi),%r8d
+	movl	20(%rdi),%r9d
+	movl	24(%rdi),%r10d
+	movl	28(%rdi),%r11d
+	jmp	.Lloop
+
+.p2align	4
+.Lloop:
+	movl	%ebx,%edi
+	leaq	K256(%rip),%rbp
+	xorl	%ecx,%edi
+	movl	0(%rsi),%r12d
+	movl	%r8d,%r13d
+	movl	%eax,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r9d,%r15d
+
+	xorl	%r8d,%r13d
+	rorl	$9,%r14d
+	xorl	%r10d,%r15d
+
+	movl	%r12d,0(%rsp)
+	xorl	%eax,%r14d
+	andl	%r8d,%r15d
+
+	rorl	$5,%r13d
+	addl	%r11d,%r12d
+	xorl	%r10d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r8d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%eax,%r15d
+	addl	(%rbp),%r12d
+	xorl	%eax,%r14d
+
+	xorl	%ebx,%r15d
+	rorl	$6,%r13d
+	movl	%ebx,%r11d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r11d
+	addl	%r12d,%edx
+	addl	%r12d,%r11d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r11d
+	movl	4(%rsi),%r12d
+	movl	%edx,%r13d
+	movl	%r11d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r8d,%edi
+
+	xorl	%edx,%r13d
+	rorl	$9,%r14d
+	xorl	%r9d,%edi
+
+	movl	%r12d,4(%rsp)
+	xorl	%r11d,%r14d
+	andl	%edx,%edi
+
+	rorl	$5,%r13d
+	addl	%r10d,%r12d
+	xorl	%r9d,%edi
+
+	rorl	$11,%r14d
+	xorl	%edx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r11d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r11d,%r14d
+
+	xorl	%eax,%edi
+	rorl	$6,%r13d
+	movl	%eax,%r10d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r10d
+	addl	%r12d,%ecx
+	addl	%r12d,%r10d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r10d
+	movl	8(%rsi),%r12d
+	movl	%ecx,%r13d
+	movl	%r10d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%edx,%r15d
+
+	xorl	%ecx,%r13d
+	rorl	$9,%r14d
+	xorl	%r8d,%r15d
+
+	movl	%r12d,8(%rsp)
+	xorl	%r10d,%r14d
+	andl	%ecx,%r15d
+
+	rorl	$5,%r13d
+	addl	%r9d,%r12d
+	xorl	%r8d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%ecx,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r10d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r10d,%r14d
+
+	xorl	%r11d,%r15d
+	rorl	$6,%r13d
+	movl	%r11d,%r9d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r9d
+	addl	%r12d,%ebx
+	addl	%r12d,%r9d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r9d
+	movl	12(%rsi),%r12d
+	movl	%ebx,%r13d
+	movl	%r9d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%ecx,%edi
+
+	xorl	%ebx,%r13d
+	rorl	$9,%r14d
+	xorl	%edx,%edi
+
+	movl	%r12d,12(%rsp)
+	xorl	%r9d,%r14d
+	andl	%ebx,%edi
+
+	rorl	$5,%r13d
+	addl	%r8d,%r12d
+	xorl	%edx,%edi
+
+	rorl	$11,%r14d
+	xorl	%ebx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r9d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r9d,%r14d
+
+	xorl	%r10d,%edi
+	rorl	$6,%r13d
+	movl	%r10d,%r8d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r8d
+	addl	%r12d,%eax
+	addl	%r12d,%r8d
+
+	leaq	20(%rbp),%rbp
+	addl	%r14d,%r8d
+	movl	16(%rsi),%r12d
+	movl	%eax,%r13d
+	movl	%r8d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%ebx,%r15d
+
+	xorl	%eax,%r13d
+	rorl	$9,%r14d
+	xorl	%ecx,%r15d
+
+	movl	%r12d,16(%rsp)
+	xorl	%r8d,%r14d
+	andl	%eax,%r15d
+
+	rorl	$5,%r13d
+	addl	%edx,%r12d
+	xorl	%ecx,%r15d
+
+	rorl	$11,%r14d
+	xorl	%eax,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r8d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r8d,%r14d
+
+	xorl	%r9d,%r15d
+	rorl	$6,%r13d
+	movl	%r9d,%edx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%edx
+	addl	%r12d,%r11d
+	addl	%r12d,%edx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%edx
+	movl	20(%rsi),%r12d
+	movl	%r11d,%r13d
+	movl	%edx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%eax,%edi
+
+	xorl	%r11d,%r13d
+	rorl	$9,%r14d
+	xorl	%ebx,%edi
+
+	movl	%r12d,20(%rsp)
+	xorl	%edx,%r14d
+	andl	%r11d,%edi
+
+	rorl	$5,%r13d
+	addl	%ecx,%r12d
+	xorl	%ebx,%edi
+
+	rorl	$11,%r14d
+	xorl	%r11d,%r13d
+	addl	%edi,%r12d
+
+	movl	%edx,%edi
+	addl	(%rbp),%r12d
+	xorl	%edx,%r14d
+
+	xorl	%r8d,%edi
+	rorl	$6,%r13d
+	movl	%r8d,%ecx
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%ecx
+	addl	%r12d,%r10d
+	addl	%r12d,%ecx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%ecx
+	movl	24(%rsi),%r12d
+	movl	%r10d,%r13d
+	movl	%ecx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r11d,%r15d
+
+	xorl	%r10d,%r13d
+	rorl	$9,%r14d
+	xorl	%eax,%r15d
+
+	movl	%r12d,24(%rsp)
+	xorl	%ecx,%r14d
+	andl	%r10d,%r15d
+
+	rorl	$5,%r13d
+	addl	%ebx,%r12d
+	xorl	%eax,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r10d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%ecx,%r15d
+	addl	(%rbp),%r12d
+	xorl	%ecx,%r14d
+
+	xorl	%edx,%r15d
+	rorl	$6,%r13d
+	movl	%edx,%ebx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%ebx
+	addl	%r12d,%r9d
+	addl	%r12d,%ebx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%ebx
+	movl	28(%rsi),%r12d
+	movl	%r9d,%r13d
+	movl	%ebx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r10d,%edi
+
+	xorl	%r9d,%r13d
+	rorl	$9,%r14d
+	xorl	%r11d,%edi
+
+	movl	%r12d,28(%rsp)
+	xorl	%ebx,%r14d
+	andl	%r9d,%edi
+
+	rorl	$5,%r13d
+	addl	%eax,%r12d
+	xorl	%r11d,%edi
+
+	rorl	$11,%r14d
+	xorl	%r9d,%r13d
+	addl	%edi,%r12d
+
+	movl	%ebx,%edi
+	addl	(%rbp),%r12d
+	xorl	%ebx,%r14d
+
+	xorl	%ecx,%edi
+	rorl	$6,%r13d
+	movl	%ecx,%eax
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%eax
+	addl	%r12d,%r8d
+	addl	%r12d,%eax
+
+	leaq	20(%rbp),%rbp
+	addl	%r14d,%eax
+	movl	32(%rsi),%r12d
+	movl	%r8d,%r13d
+	movl	%eax,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r9d,%r15d
+
+	xorl	%r8d,%r13d
+	rorl	$9,%r14d
+	xorl	%r10d,%r15d
+
+	movl	%r12d,32(%rsp)
+	xorl	%eax,%r14d
+	andl	%r8d,%r15d
+
+	rorl	$5,%r13d
+	addl	%r11d,%r12d
+	xorl	%r10d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r8d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%eax,%r15d
+	addl	(%rbp),%r12d
+	xorl	%eax,%r14d
+
+	xorl	%ebx,%r15d
+	rorl	$6,%r13d
+	movl	%ebx,%r11d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r11d
+	addl	%r12d,%edx
+	addl	%r12d,%r11d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r11d
+	movl	36(%rsi),%r12d
+	movl	%edx,%r13d
+	movl	%r11d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r8d,%edi
+
+	xorl	%edx,%r13d
+	rorl	$9,%r14d
+	xorl	%r9d,%edi
+
+	movl	%r12d,36(%rsp)
+	xorl	%r11d,%r14d
+	andl	%edx,%edi
+
+	rorl	$5,%r13d
+	addl	%r10d,%r12d
+	xorl	%r9d,%edi
+
+	rorl	$11,%r14d
+	xorl	%edx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r11d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r11d,%r14d
+
+	xorl	%eax,%edi
+	rorl	$6,%r13d
+	movl	%eax,%r10d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r10d
+	addl	%r12d,%ecx
+	addl	%r12d,%r10d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r10d
+	movl	40(%rsi),%r12d
+	movl	%ecx,%r13d
+	movl	%r10d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%edx,%r15d
+
+	xorl	%ecx,%r13d
+	rorl	$9,%r14d
+	xorl	%r8d,%r15d
+
+	movl	%r12d,40(%rsp)
+	xorl	%r10d,%r14d
+	andl	%ecx,%r15d
+
+	rorl	$5,%r13d
+	addl	%r9d,%r12d
+	xorl	%r8d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%ecx,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r10d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r10d,%r14d
+
+	xorl	%r11d,%r15d
+	rorl	$6,%r13d
+	movl	%r11d,%r9d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r9d
+	addl	%r12d,%ebx
+	addl	%r12d,%r9d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r9d
+	movl	44(%rsi),%r12d
+	movl	%ebx,%r13d
+	movl	%r9d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%ecx,%edi
+
+	xorl	%ebx,%r13d
+	rorl	$9,%r14d
+	xorl	%edx,%edi
+
+	movl	%r12d,44(%rsp)
+	xorl	%r9d,%r14d
+	andl	%ebx,%edi
+
+	rorl	$5,%r13d
+	addl	%r8d,%r12d
+	xorl	%edx,%edi
+
+	rorl	$11,%r14d
+	xorl	%ebx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r9d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r9d,%r14d
+
+	xorl	%r10d,%edi
+	rorl	$6,%r13d
+	movl	%r10d,%r8d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r8d
+	addl	%r12d,%eax
+	addl	%r12d,%r8d
+
+	leaq	20(%rbp),%rbp
+	addl	%r14d,%r8d
+	movl	48(%rsi),%r12d
+	movl	%eax,%r13d
+	movl	%r8d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%ebx,%r15d
+
+	xorl	%eax,%r13d
+	rorl	$9,%r14d
+	xorl	%ecx,%r15d
+
+	movl	%r12d,48(%rsp)
+	xorl	%r8d,%r14d
+	andl	%eax,%r15d
+
+	rorl	$5,%r13d
+	addl	%edx,%r12d
+	xorl	%ecx,%r15d
+
+	rorl	$11,%r14d
+	xorl	%eax,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r8d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r8d,%r14d
+
+	xorl	%r9d,%r15d
+	rorl	$6,%r13d
+	movl	%r9d,%edx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%edx
+	addl	%r12d,%r11d
+	addl	%r12d,%edx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%edx
+	movl	52(%rsi),%r12d
+	movl	%r11d,%r13d
+	movl	%edx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%eax,%edi
+
+	xorl	%r11d,%r13d
+	rorl	$9,%r14d
+	xorl	%ebx,%edi
+
+	movl	%r12d,52(%rsp)
+	xorl	%edx,%r14d
+	andl	%r11d,%edi
+
+	rorl	$5,%r13d
+	addl	%ecx,%r12d
+	xorl	%ebx,%edi
+
+	rorl	$11,%r14d
+	xorl	%r11d,%r13d
+	addl	%edi,%r12d
+
+	movl	%edx,%edi
+	addl	(%rbp),%r12d
+	xorl	%edx,%r14d
+
+	xorl	%r8d,%edi
+	rorl	$6,%r13d
+	movl	%r8d,%ecx
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%ecx
+	addl	%r12d,%r10d
+	addl	%r12d,%ecx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%ecx
+	movl	56(%rsi),%r12d
+	movl	%r10d,%r13d
+	movl	%ecx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r11d,%r15d
+
+	xorl	%r10d,%r13d
+	rorl	$9,%r14d
+	xorl	%eax,%r15d
+
+	movl	%r12d,56(%rsp)
+	xorl	%ecx,%r14d
+	andl	%r10d,%r15d
+
+	rorl	$5,%r13d
+	addl	%ebx,%r12d
+	xorl	%eax,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r10d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%ecx,%r15d
+	addl	(%rbp),%r12d
+	xorl	%ecx,%r14d
+
+	xorl	%edx,%r15d
+	rorl	$6,%r13d
+	movl	%edx,%ebx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%ebx
+	addl	%r12d,%r9d
+	addl	%r12d,%ebx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%ebx
+	movl	60(%rsi),%r12d
+	movl	%r9d,%r13d
+	movl	%ebx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r10d,%edi
+
+	xorl	%r9d,%r13d
+	rorl	$9,%r14d
+	xorl	%r11d,%edi
+
+	movl	%r12d,60(%rsp)
+	xorl	%ebx,%r14d
+	andl	%r9d,%edi
+
+	rorl	$5,%r13d
+	addl	%eax,%r12d
+	xorl	%r11d,%edi
+
+	rorl	$11,%r14d
+	xorl	%r9d,%r13d
+	addl	%edi,%r12d
+
+	movl	%ebx,%edi
+	addl	(%rbp),%r12d
+	xorl	%ebx,%r14d
+
+	xorl	%ecx,%edi
+	rorl	$6,%r13d
+	movl	%ecx,%eax
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%eax
+	addl	%r12d,%r8d
+	addl	%r12d,%eax
+
+	leaq	20(%rbp),%rbp
+	jmp	.Lrounds_16_xx
+.p2align	4
+.Lrounds_16_xx:
+	movl	4(%rsp),%r13d
+	movl	56(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%eax
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	36(%rsp),%r12d
+
+	addl	0(%rsp),%r12d
+	movl	%r8d,%r13d
+	addl	%r15d,%r12d
+	movl	%eax,%r14d
+	rorl	$14,%r13d
+	movl	%r9d,%r15d
+
+	xorl	%r8d,%r13d
+	rorl	$9,%r14d
+	xorl	%r10d,%r15d
+
+	movl	%r12d,0(%rsp)
+	xorl	%eax,%r14d
+	andl	%r8d,%r15d
+
+	rorl	$5,%r13d
+	addl	%r11d,%r12d
+	xorl	%r10d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r8d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%eax,%r15d
+	addl	(%rbp),%r12d
+	xorl	%eax,%r14d
+
+	xorl	%ebx,%r15d
+	rorl	$6,%r13d
+	movl	%ebx,%r11d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r11d
+	addl	%r12d,%edx
+	addl	%r12d,%r11d
+
+	leaq	4(%rbp),%rbp
+	movl	8(%rsp),%r13d
+	movl	60(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r11d
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	40(%rsp),%r12d
+
+	addl	4(%rsp),%r12d
+	movl	%edx,%r13d
+	addl	%edi,%r12d
+	movl	%r11d,%r14d
+	rorl	$14,%r13d
+	movl	%r8d,%edi
+
+	xorl	%edx,%r13d
+	rorl	$9,%r14d
+	xorl	%r9d,%edi
+
+	movl	%r12d,4(%rsp)
+	xorl	%r11d,%r14d
+	andl	%edx,%edi
+
+	rorl	$5,%r13d
+	addl	%r10d,%r12d
+	xorl	%r9d,%edi
+
+	rorl	$11,%r14d
+	xorl	%edx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r11d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r11d,%r14d
+
+	xorl	%eax,%edi
+	rorl	$6,%r13d
+	movl	%eax,%r10d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r10d
+	addl	%r12d,%ecx
+	addl	%r12d,%r10d
+
+	leaq	4(%rbp),%rbp
+	movl	12(%rsp),%r13d
+	movl	0(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r10d
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	44(%rsp),%r12d
+
+	addl	8(%rsp),%r12d
+	movl	%ecx,%r13d
+	addl	%r15d,%r12d
+	movl	%r10d,%r14d
+	rorl	$14,%r13d
+	movl	%edx,%r15d
+
+	xorl	%ecx,%r13d
+	rorl	$9,%r14d
+	xorl	%r8d,%r15d
+
+	movl	%r12d,8(%rsp)
+	xorl	%r10d,%r14d
+	andl	%ecx,%r15d
+
+	rorl	$5,%r13d
+	addl	%r9d,%r12d
+	xorl	%r8d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%ecx,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r10d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r10d,%r14d
+
+	xorl	%r11d,%r15d
+	rorl	$6,%r13d
+	movl	%r11d,%r9d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r9d
+	addl	%r12d,%ebx
+	addl	%r12d,%r9d
+
+	leaq	4(%rbp),%rbp
+	movl	16(%rsp),%r13d
+	movl	4(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r9d
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	48(%rsp),%r12d
+
+	addl	12(%rsp),%r12d
+	movl	%ebx,%r13d
+	addl	%edi,%r12d
+	movl	%r9d,%r14d
+	rorl	$14,%r13d
+	movl	%ecx,%edi
+
+	xorl	%ebx,%r13d
+	rorl	$9,%r14d
+	xorl	%edx,%edi
+
+	movl	%r12d,12(%rsp)
+	xorl	%r9d,%r14d
+	andl	%ebx,%edi
+
+	rorl	$5,%r13d
+	addl	%r8d,%r12d
+	xorl	%edx,%edi
+
+	rorl	$11,%r14d
+	xorl	%ebx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r9d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r9d,%r14d
+
+	xorl	%r10d,%edi
+	rorl	$6,%r13d
+	movl	%r10d,%r8d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r8d
+	addl	%r12d,%eax
+	addl	%r12d,%r8d
+
+	leaq	20(%rbp),%rbp
+	movl	20(%rsp),%r13d
+	movl	8(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r8d
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	52(%rsp),%r12d
+
+	addl	16(%rsp),%r12d
+	movl	%eax,%r13d
+	addl	%r15d,%r12d
+	movl	%r8d,%r14d
+	rorl	$14,%r13d
+	movl	%ebx,%r15d
+
+	xorl	%eax,%r13d
+	rorl	$9,%r14d
+	xorl	%ecx,%r15d
+
+	movl	%r12d,16(%rsp)
+	xorl	%r8d,%r14d
+	andl	%eax,%r15d
+
+	rorl	$5,%r13d
+	addl	%edx,%r12d
+	xorl	%ecx,%r15d
+
+	rorl	$11,%r14d
+	xorl	%eax,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r8d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r8d,%r14d
+
+	xorl	%r9d,%r15d
+	rorl	$6,%r13d
+	movl	%r9d,%edx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%edx
+	addl	%r12d,%r11d
+	addl	%r12d,%edx
+
+	leaq	4(%rbp),%rbp
+	movl	24(%rsp),%r13d
+	movl	12(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%edx
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	56(%rsp),%r12d
+
+	addl	20(%rsp),%r12d
+	movl	%r11d,%r13d
+	addl	%edi,%r12d
+	movl	%edx,%r14d
+	rorl	$14,%r13d
+	movl	%eax,%edi
+
+	xorl	%r11d,%r13d
+	rorl	$9,%r14d
+	xorl	%ebx,%edi
+
+	movl	%r12d,20(%rsp)
+	xorl	%edx,%r14d
+	andl	%r11d,%edi
+
+	rorl	$5,%r13d
+	addl	%ecx,%r12d
+	xorl	%ebx,%edi
+
+	rorl	$11,%r14d
+	xorl	%r11d,%r13d
+	addl	%edi,%r12d
+
+	movl	%edx,%edi
+	addl	(%rbp),%r12d
+	xorl	%edx,%r14d
+
+	xorl	%r8d,%edi
+	rorl	$6,%r13d
+	movl	%r8d,%ecx
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%ecx
+	addl	%r12d,%r10d
+	addl	%r12d,%ecx
+
+	leaq	4(%rbp),%rbp
+	movl	28(%rsp),%r13d
+	movl	16(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%ecx
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	60(%rsp),%r12d
+
+	addl	24(%rsp),%r12d
+	movl	%r10d,%r13d
+	addl	%r15d,%r12d
+	movl	%ecx,%r14d
+	rorl	$14,%r13d
+	movl	%r11d,%r15d
+
+	xorl	%r10d,%r13d
+	rorl	$9,%r14d
+	xorl	%eax,%r15d
+
+	movl	%r12d,24(%rsp)
+	xorl	%ecx,%r14d
+	andl	%r10d,%r15d
+
+	rorl	$5,%r13d
+	addl	%ebx,%r12d
+	xorl	%eax,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r10d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%ecx,%r15d
+	addl	(%rbp),%r12d
+	xorl	%ecx,%r14d
+
+	xorl	%edx,%r15d
+	rorl	$6,%r13d
+	movl	%edx,%ebx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%ebx
+	addl	%r12d,%r9d
+	addl	%r12d,%ebx
+
+	leaq	4(%rbp),%rbp
+	movl	32(%rsp),%r13d
+	movl	20(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%ebx
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	0(%rsp),%r12d
+
+	addl	28(%rsp),%r12d
+	movl	%r9d,%r13d
+	addl	%edi,%r12d
+	movl	%ebx,%r14d
+	rorl	$14,%r13d
+	movl	%r10d,%edi
+
+	xorl	%r9d,%r13d
+	rorl	$9,%r14d
+	xorl	%r11d,%edi
+
+	movl	%r12d,28(%rsp)
+	xorl	%ebx,%r14d
+	andl	%r9d,%edi
+
+	rorl	$5,%r13d
+	addl	%eax,%r12d
+	xorl	%r11d,%edi
+
+	rorl	$11,%r14d
+	xorl	%r9d,%r13d
+	addl	%edi,%r12d
+
+	movl	%ebx,%edi
+	addl	(%rbp),%r12d
+	xorl	%ebx,%r14d
+
+	xorl	%ecx,%edi
+	rorl	$6,%r13d
+	movl	%ecx,%eax
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%eax
+	addl	%r12d,%r8d
+	addl	%r12d,%eax
+
+	leaq	20(%rbp),%rbp
+	movl	36(%rsp),%r13d
+	movl	24(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%eax
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	4(%rsp),%r12d
+
+	addl	32(%rsp),%r12d
+	movl	%r8d,%r13d
+	addl	%r15d,%r12d
+	movl	%eax,%r14d
+	rorl	$14,%r13d
+	movl	%r9d,%r15d
+
+	xorl	%r8d,%r13d
+	rorl	$9,%r14d
+	xorl	%r10d,%r15d
+
+	movl	%r12d,32(%rsp)
+	xorl	%eax,%r14d
+	andl	%r8d,%r15d
+
+	rorl	$5,%r13d
+	addl	%r11d,%r12d
+	xorl	%r10d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r8d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%eax,%r15d
+	addl	(%rbp),%r12d
+	xorl	%eax,%r14d
+
+	xorl	%ebx,%r15d
+	rorl	$6,%r13d
+	movl	%ebx,%r11d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r11d
+	addl	%r12d,%edx
+	addl	%r12d,%r11d
+
+	leaq	4(%rbp),%rbp
+	movl	40(%rsp),%r13d
+	movl	28(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r11d
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	8(%rsp),%r12d
+
+	addl	36(%rsp),%r12d
+	movl	%edx,%r13d
+	addl	%edi,%r12d
+	movl	%r11d,%r14d
+	rorl	$14,%r13d
+	movl	%r8d,%edi
+
+	xorl	%edx,%r13d
+	rorl	$9,%r14d
+	xorl	%r9d,%edi
+
+	movl	%r12d,36(%rsp)
+	xorl	%r11d,%r14d
+	andl	%edx,%edi
+
+	rorl	$5,%r13d
+	addl	%r10d,%r12d
+	xorl	%r9d,%edi
+
+	rorl	$11,%r14d
+	xorl	%edx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r11d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r11d,%r14d
+
+	xorl	%eax,%edi
+	rorl	$6,%r13d
+	movl	%eax,%r10d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r10d
+	addl	%r12d,%ecx
+	addl	%r12d,%r10d
+
+	leaq	4(%rbp),%rbp
+	movl	44(%rsp),%r13d
+	movl	32(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r10d
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	12(%rsp),%r12d
+
+	addl	40(%rsp),%r12d
+	movl	%ecx,%r13d
+	addl	%r15d,%r12d
+	movl	%r10d,%r14d
+	rorl	$14,%r13d
+	movl	%edx,%r15d
+
+	xorl	%ecx,%r13d
+	rorl	$9,%r14d
+	xorl	%r8d,%r15d
+
+	movl	%r12d,40(%rsp)
+	xorl	%r10d,%r14d
+	andl	%ecx,%r15d
+
+	rorl	$5,%r13d
+	addl	%r9d,%r12d
+	xorl	%r8d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%ecx,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r10d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r10d,%r14d
+
+	xorl	%r11d,%r15d
+	rorl	$6,%r13d
+	movl	%r11d,%r9d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r9d
+	addl	%r12d,%ebx
+	addl	%r12d,%r9d
+
+	leaq	4(%rbp),%rbp
+	movl	48(%rsp),%r13d
+	movl	36(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r9d
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	16(%rsp),%r12d
+
+	addl	44(%rsp),%r12d
+	movl	%ebx,%r13d
+	addl	%edi,%r12d
+	movl	%r9d,%r14d
+	rorl	$14,%r13d
+	movl	%ecx,%edi
+
+	xorl	%ebx,%r13d
+	rorl	$9,%r14d
+	xorl	%edx,%edi
+
+	movl	%r12d,44(%rsp)
+	xorl	%r9d,%r14d
+	andl	%ebx,%edi
+
+	rorl	$5,%r13d
+	addl	%r8d,%r12d
+	xorl	%edx,%edi
+
+	rorl	$11,%r14d
+	xorl	%ebx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r9d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r9d,%r14d
+
+	xorl	%r10d,%edi
+	rorl	$6,%r13d
+	movl	%r10d,%r8d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r8d
+	addl	%r12d,%eax
+	addl	%r12d,%r8d
+
+	leaq	20(%rbp),%rbp
+	movl	52(%rsp),%r13d
+	movl	40(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r8d
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	20(%rsp),%r12d
+
+	addl	48(%rsp),%r12d
+	movl	%eax,%r13d
+	addl	%r15d,%r12d
+	movl	%r8d,%r14d
+	rorl	$14,%r13d
+	movl	%ebx,%r15d
+
+	xorl	%eax,%r13d
+	rorl	$9,%r14d
+	xorl	%ecx,%r15d
+
+	movl	%r12d,48(%rsp)
+	xorl	%r8d,%r14d
+	andl	%eax,%r15d
+
+	rorl	$5,%r13d
+	addl	%edx,%r12d
+	xorl	%ecx,%r15d
+
+	rorl	$11,%r14d
+	xorl	%eax,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r8d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r8d,%r14d
+
+	xorl	%r9d,%r15d
+	rorl	$6,%r13d
+	movl	%r9d,%edx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%edx
+	addl	%r12d,%r11d
+	addl	%r12d,%edx
+
+	leaq	4(%rbp),%rbp
+	movl	56(%rsp),%r13d
+	movl	44(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%edx
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	24(%rsp),%r12d
+
+	addl	52(%rsp),%r12d
+	movl	%r11d,%r13d
+	addl	%edi,%r12d
+	movl	%edx,%r14d
+	rorl	$14,%r13d
+	movl	%eax,%edi
+
+	xorl	%r11d,%r13d
+	rorl	$9,%r14d
+	xorl	%ebx,%edi
+
+	movl	%r12d,52(%rsp)
+	xorl	%edx,%r14d
+	andl	%r11d,%edi
+
+	rorl	$5,%r13d
+	addl	%ecx,%r12d
+	xorl	%ebx,%edi
+
+	rorl	$11,%r14d
+	xorl	%r11d,%r13d
+	addl	%edi,%r12d
+
+	movl	%edx,%edi
+	addl	(%rbp),%r12d
+	xorl	%edx,%r14d
+
+	xorl	%r8d,%edi
+	rorl	$6,%r13d
+	movl	%r8d,%ecx
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%ecx
+	addl	%r12d,%r10d
+	addl	%r12d,%ecx
+
+	leaq	4(%rbp),%rbp
+	movl	60(%rsp),%r13d
+	movl	48(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%ecx
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	28(%rsp),%r12d
+
+	addl	56(%rsp),%r12d
+	movl	%r10d,%r13d
+	addl	%r15d,%r12d
+	movl	%ecx,%r14d
+	rorl	$14,%r13d
+	movl	%r11d,%r15d
+
+	xorl	%r10d,%r13d
+	rorl	$9,%r14d
+	xorl	%eax,%r15d
+
+	movl	%r12d,56(%rsp)
+	xorl	%ecx,%r14d
+	andl	%r10d,%r15d
+
+	rorl	$5,%r13d
+	addl	%ebx,%r12d
+	xorl	%eax,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r10d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%ecx,%r15d
+	addl	(%rbp),%r12d
+	xorl	%ecx,%r14d
+
+	xorl	%edx,%r15d
+	rorl	$6,%r13d
+	movl	%edx,%ebx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%ebx
+	addl	%r12d,%r9d
+	addl	%r12d,%ebx
+
+	leaq	4(%rbp),%rbp
+	movl	0(%rsp),%r13d
+	movl	52(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%ebx
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	32(%rsp),%r12d
+
+	addl	60(%rsp),%r12d
+	movl	%r9d,%r13d
+	addl	%edi,%r12d
+	movl	%ebx,%r14d
+	rorl	$14,%r13d
+	movl	%r10d,%edi
+
+	xorl	%r9d,%r13d
+	rorl	$9,%r14d
+	xorl	%r11d,%edi
+
+	movl	%r12d,60(%rsp)
+	xorl	%ebx,%r14d
+	andl	%r9d,%edi
+
+	rorl	$5,%r13d
+	addl	%eax,%r12d
+	xorl	%r11d,%edi
+
+	rorl	$11,%r14d
+	xorl	%r9d,%r13d
+	addl	%edi,%r12d
+
+	movl	%ebx,%edi
+	addl	(%rbp),%r12d
+	xorl	%ebx,%r14d
+
+	xorl	%ecx,%edi
+	rorl	$6,%r13d
+	movl	%ecx,%eax
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%eax
+	addl	%r12d,%r8d
+	addl	%r12d,%eax
+
+	leaq	20(%rbp),%rbp
+	cmpb	$0,3(%rbp)
+	jnz	.Lrounds_16_xx
+
+	movq	64+0(%rsp),%rdi
+	addl	%r14d,%eax
+	leaq	64(%rsi),%rsi
+
+	addl	0(%rdi),%eax
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	addl	24(%rdi),%r10d
+	addl	28(%rdi),%r11d
+
+	cmpq	64+16(%rsp),%rsi
+
+	movl	%eax,0(%rdi)
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+	jb	.Lloop
+
+	movq	88(%rsp),%rsi
+
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+.Lepilogue:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_sha256_block_data_order:
+.p2align	6
+
+K256:
+.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+.long	0x03020100,0x0b0a0908,0xffffffff,0xffffffff
+.long	0x03020100,0x0b0a0908,0xffffffff,0xffffffff
+.long	0xffffffff,0xffffffff,0x03020100,0x0b0a0908
+.long	0xffffffff,0xffffffff,0x03020100,0x0b0a0908
+.byte	83,72,65,50,53,54,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.def	sha256_block_data_order_shaext;	.scl 3;	.type 32;	.endef
+.p2align	6
+sha256_block_data_order_shaext:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_sha256_block_data_order_shaext:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+_shaext_shortcut:
+
+	leaq	-88(%rsp),%rsp
+	movaps	%xmm6,-8-80(%rax)
+	movaps	%xmm7,-8-64(%rax)
+	movaps	%xmm8,-8-48(%rax)
+	movaps	%xmm9,-8-32(%rax)
+	movaps	%xmm10,-8-16(%rax)
+.Lprologue_shaext:
+	leaq	K256+128(%rip),%rcx
+	movdqu	(%rdi),%xmm1
+	movdqu	16(%rdi),%xmm2
+	movdqa	512-128(%rcx),%xmm7
+
+	pshufd	$0x1b,%xmm1,%xmm0
+	pshufd	$0xb1,%xmm1,%xmm1
+	pshufd	$0x1b,%xmm2,%xmm2
+	movdqa	%xmm7,%xmm8
+.byte	102,15,58,15,202,8
+	punpcklqdq	%xmm0,%xmm2
+	jmp	.Loop_shaext
+
+.p2align	4
+.Loop_shaext:
+	movdqu	(%rsi),%xmm3
+	movdqu	16(%rsi),%xmm4
+	movdqu	32(%rsi),%xmm5
+.byte	102,15,56,0,223
+	movdqu	48(%rsi),%xmm6
+
+	movdqa	0-128(%rcx),%xmm0
+	paddd	%xmm3,%xmm0
+.byte	102,15,56,0,231
+	movdqa	%xmm2,%xmm10
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	nop
+	movdqa	%xmm1,%xmm9
+.byte	15,56,203,202
+
+	movdqa	32-128(%rcx),%xmm0
+	paddd	%xmm4,%xmm0
+.byte	102,15,56,0,239
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	leaq	64(%rsi),%rsi
+.byte	15,56,204,220
+.byte	15,56,203,202
+
+	movdqa	64-128(%rcx),%xmm0
+	paddd	%xmm5,%xmm0
+.byte	102,15,56,0,247
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm6,%xmm7
+.byte	102,15,58,15,253,4
+	nop
+	paddd	%xmm7,%xmm3
+.byte	15,56,204,229
+.byte	15,56,203,202
+
+	movdqa	96-128(%rcx),%xmm0
+	paddd	%xmm6,%xmm0
+.byte	15,56,205,222
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm3,%xmm7
+.byte	102,15,58,15,254,4
+	nop
+	paddd	%xmm7,%xmm4
+.byte	15,56,204,238
+.byte	15,56,203,202
+	movdqa	128-128(%rcx),%xmm0
+	paddd	%xmm3,%xmm0
+.byte	15,56,205,227
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm4,%xmm7
+.byte	102,15,58,15,251,4
+	nop
+	paddd	%xmm7,%xmm5
+.byte	15,56,204,243
+.byte	15,56,203,202
+	movdqa	160-128(%rcx),%xmm0
+	paddd	%xmm4,%xmm0
+.byte	15,56,205,236
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm5,%xmm7
+.byte	102,15,58,15,252,4
+	nop
+	paddd	%xmm7,%xmm6
+.byte	15,56,204,220
+.byte	15,56,203,202
+	movdqa	192-128(%rcx),%xmm0
+	paddd	%xmm5,%xmm0
+.byte	15,56,205,245
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm6,%xmm7
+.byte	102,15,58,15,253,4
+	nop
+	paddd	%xmm7,%xmm3
+.byte	15,56,204,229
+.byte	15,56,203,202
+	movdqa	224-128(%rcx),%xmm0
+	paddd	%xmm6,%xmm0
+.byte	15,56,205,222
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm3,%xmm7
+.byte	102,15,58,15,254,4
+	nop
+	paddd	%xmm7,%xmm4
+.byte	15,56,204,238
+.byte	15,56,203,202
+	movdqa	256-128(%rcx),%xmm0
+	paddd	%xmm3,%xmm0
+.byte	15,56,205,227
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm4,%xmm7
+.byte	102,15,58,15,251,4
+	nop
+	paddd	%xmm7,%xmm5
+.byte	15,56,204,243
+.byte	15,56,203,202
+	movdqa	288-128(%rcx),%xmm0
+	paddd	%xmm4,%xmm0
+.byte	15,56,205,236
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm5,%xmm7
+.byte	102,15,58,15,252,4
+	nop
+	paddd	%xmm7,%xmm6
+.byte	15,56,204,220
+.byte	15,56,203,202
+	movdqa	320-128(%rcx),%xmm0
+	paddd	%xmm5,%xmm0
+.byte	15,56,205,245
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm6,%xmm7
+.byte	102,15,58,15,253,4
+	nop
+	paddd	%xmm7,%xmm3
+.byte	15,56,204,229
+.byte	15,56,203,202
+	movdqa	352-128(%rcx),%xmm0
+	paddd	%xmm6,%xmm0
+.byte	15,56,205,222
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm3,%xmm7
+.byte	102,15,58,15,254,4
+	nop
+	paddd	%xmm7,%xmm4
+.byte	15,56,204,238
+.byte	15,56,203,202
+	movdqa	384-128(%rcx),%xmm0
+	paddd	%xmm3,%xmm0
+.byte	15,56,205,227
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm4,%xmm7
+.byte	102,15,58,15,251,4
+	nop
+	paddd	%xmm7,%xmm5
+.byte	15,56,204,243
+.byte	15,56,203,202
+	movdqa	416-128(%rcx),%xmm0
+	paddd	%xmm4,%xmm0
+.byte	15,56,205,236
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm5,%xmm7
+.byte	102,15,58,15,252,4
+.byte	15,56,203,202
+	paddd	%xmm7,%xmm6
+
+	movdqa	448-128(%rcx),%xmm0
+	paddd	%xmm5,%xmm0
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+.byte	15,56,205,245
+	movdqa	%xmm8,%xmm7
+.byte	15,56,203,202
+
+	movdqa	480-128(%rcx),%xmm0
+	paddd	%xmm6,%xmm0
+	nop
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	decq	%rdx
+	nop
+.byte	15,56,203,202
+
+	paddd	%xmm10,%xmm2
+	paddd	%xmm9,%xmm1
+	jnz	.Loop_shaext
+
+	pshufd	$0xb1,%xmm2,%xmm2
+	pshufd	$0x1b,%xmm1,%xmm7
+	pshufd	$0xb1,%xmm1,%xmm1
+	punpckhqdq	%xmm2,%xmm1
+.byte	102,15,58,15,215,8
+
+	movdqu	%xmm1,(%rdi)
+	movdqu	%xmm2,16(%rdi)
+	movaps	-8-80(%rax),%xmm6
+	movaps	-8-64(%rax),%xmm7
+	movaps	-8-48(%rax),%xmm8
+	movaps	-8-32(%rax),%xmm9
+	movaps	-8-16(%rax),%xmm10
+	movq	%rax,%rsp
+.Lepilogue_shaext:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_sha256_block_data_order_shaext:
+.def	sha256_block_data_order_ssse3;	.scl 3;	.type 32;	.endef
+.p2align	6
+sha256_block_data_order_ssse3:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_sha256_block_data_order_ssse3:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+
+.Lssse3_shortcut:
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	shlq	$4,%rdx
+	subq	$160,%rsp
+	leaq	(%rsi,%rdx,4),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,64+0(%rsp)
+	movq	%rsi,64+8(%rsp)
+	movq	%rdx,64+16(%rsp)
+	movq	%rax,88(%rsp)
+
+	movaps	%xmm6,64+32(%rsp)
+	movaps	%xmm7,64+48(%rsp)
+	movaps	%xmm8,64+64(%rsp)
+	movaps	%xmm9,64+80(%rsp)
+.Lprologue_ssse3:
+
+	movl	0(%rdi),%eax
+	movl	4(%rdi),%ebx
+	movl	8(%rdi),%ecx
+	movl	12(%rdi),%edx
+	movl	16(%rdi),%r8d
+	movl	20(%rdi),%r9d
+	movl	24(%rdi),%r10d
+	movl	28(%rdi),%r11d
+
+
+	jmp	.Lloop_ssse3
+.p2align	4
+.Lloop_ssse3:
+	movdqa	K256+512(%rip),%xmm7
+	movdqu	0(%rsi),%xmm0
+	movdqu	16(%rsi),%xmm1
+	movdqu	32(%rsi),%xmm2
+.byte	102,15,56,0,199
+	movdqu	48(%rsi),%xmm3
+	leaq	K256(%rip),%rbp
+.byte	102,15,56,0,207
+	movdqa	0(%rbp),%xmm4
+	movdqa	32(%rbp),%xmm5
+.byte	102,15,56,0,215
+	paddd	%xmm0,%xmm4
+	movdqa	64(%rbp),%xmm6
+.byte	102,15,56,0,223
+	movdqa	96(%rbp),%xmm7
+	paddd	%xmm1,%xmm5
+	paddd	%xmm2,%xmm6
+	paddd	%xmm3,%xmm7
+	movdqa	%xmm4,0(%rsp)
+	movl	%eax,%r14d
+	movdqa	%xmm5,16(%rsp)
+	movl	%ebx,%edi
+	movdqa	%xmm6,32(%rsp)
+	xorl	%ecx,%edi
+	movdqa	%xmm7,48(%rsp)
+	movl	%r8d,%r13d
+	jmp	.Lssse3_00_47
+
+.p2align	4
+.Lssse3_00_47:
+	subq	$-128,%rbp
+	rorl	$14,%r13d
+	movdqa	%xmm1,%xmm4
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	movdqa	%xmm3,%xmm7
+	rorl	$9,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	rorl	$5,%r13d
+	xorl	%eax,%r14d
+.byte	102,15,58,15,224,4
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+.byte	102,15,58,15,250,4
+	addl	0(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm4,%xmm5
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	movdqa	%xmm4,%xmm6
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	psrld	$3,%xmm4
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	paddd	%xmm7,%xmm0
+	rorl	$2,%r14d
+	addl	%r11d,%edx
+	psrld	$7,%xmm6
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	pshufd	$250,%xmm3,%xmm7
+	addl	%r11d,%r14d
+	rorl	$14,%r13d
+	pslld	$14,%xmm5
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	pxor	%xmm6,%xmm4
+	rorl	$9,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	rorl	$5,%r13d
+	psrld	$11,%xmm6
+	xorl	%r11d,%r14d
+	pxor	%xmm5,%xmm4
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	pslld	$11,%xmm5
+	addl	4(%rsp),%r10d
+	movl	%r11d,%edi
+	pxor	%xmm6,%xmm4
+	xorl	%r9d,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm7,%xmm6
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	pxor	%xmm5,%xmm4
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	psrld	$10,%xmm7
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	paddd	%xmm4,%xmm0
+	rorl	$2,%r14d
+	addl	%r10d,%ecx
+	psrlq	$17,%xmm6
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	pxor	%xmm6,%xmm7
+	rorl	$14,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	rorl	$9,%r14d
+	psrlq	$2,%xmm6
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$5,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	pshufd	$128,%xmm7,%xmm7
+	xorl	%ecx,%r13d
+	addl	8(%rsp),%r9d
+	movl	%r10d,%r15d
+	psrldq	$8,%xmm7
+	xorl	%r8d,%r12d
+	rorl	$11,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	rorl	$6,%r13d
+	paddd	%xmm7,%xmm0
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	pshufd	$80,%xmm0,%xmm7
+	xorl	%r11d,%edi
+	rorl	$2,%r14d
+	addl	%r9d,%ebx
+	movdqa	%xmm7,%xmm6
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	psrld	$10,%xmm7
+	addl	%r9d,%r14d
+	rorl	$14,%r13d
+	psrlq	$17,%xmm6
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$9,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	rorl	$5,%r13d
+	xorl	%r9d,%r14d
+	psrlq	$2,%xmm6
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	12(%rsp),%r8d
+	pxor	%xmm6,%xmm7
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	rorl	$11,%r14d
+	pshufd	$8,%xmm7,%xmm7
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	movdqa	0(%rbp),%xmm6
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	pslldq	$8,%xmm7
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	paddd	%xmm7,%xmm0
+	rorl	$2,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	paddd	%xmm0,%xmm6
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	movdqa	%xmm6,0(%rsp)
+	rorl	$14,%r13d
+	movdqa	%xmm2,%xmm4
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	movdqa	%xmm0,%xmm7
+	rorl	$9,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	rorl	$5,%r13d
+	xorl	%r8d,%r14d
+.byte	102,15,58,15,225,4
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+.byte	102,15,58,15,251,4
+	addl	16(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm4,%xmm5
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	movdqa	%xmm4,%xmm6
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	psrld	$3,%xmm4
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	paddd	%xmm7,%xmm1
+	rorl	$2,%r14d
+	addl	%edx,%r11d
+	psrld	$7,%xmm6
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	pshufd	$250,%xmm0,%xmm7
+	addl	%edx,%r14d
+	rorl	$14,%r13d
+	pslld	$14,%xmm5
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	pxor	%xmm6,%xmm4
+	rorl	$9,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	rorl	$5,%r13d
+	psrld	$11,%xmm6
+	xorl	%edx,%r14d
+	pxor	%xmm5,%xmm4
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	pslld	$11,%xmm5
+	addl	20(%rsp),%ecx
+	movl	%edx,%edi
+	pxor	%xmm6,%xmm4
+	xorl	%ebx,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm7,%xmm6
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	pxor	%xmm5,%xmm4
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	psrld	$10,%xmm7
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	paddd	%xmm4,%xmm1
+	rorl	$2,%r14d
+	addl	%ecx,%r10d
+	psrlq	$17,%xmm6
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	pxor	%xmm6,%xmm7
+	rorl	$14,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	rorl	$9,%r14d
+	psrlq	$2,%xmm6
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$5,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	pshufd	$128,%xmm7,%xmm7
+	xorl	%r10d,%r13d
+	addl	24(%rsp),%ebx
+	movl	%ecx,%r15d
+	psrldq	$8,%xmm7
+	xorl	%eax,%r12d
+	rorl	$11,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	rorl	$6,%r13d
+	paddd	%xmm7,%xmm1
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	pshufd	$80,%xmm1,%xmm7
+	xorl	%edx,%edi
+	rorl	$2,%r14d
+	addl	%ebx,%r9d
+	movdqa	%xmm7,%xmm6
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	psrld	$10,%xmm7
+	addl	%ebx,%r14d
+	rorl	$14,%r13d
+	psrlq	$17,%xmm6
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$9,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	rorl	$5,%r13d
+	xorl	%ebx,%r14d
+	psrlq	$2,%xmm6
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	28(%rsp),%eax
+	pxor	%xmm6,%xmm7
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	rorl	$11,%r14d
+	pshufd	$8,%xmm7,%xmm7
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	movdqa	32(%rbp),%xmm6
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	pslldq	$8,%xmm7
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	paddd	%xmm7,%xmm1
+	rorl	$2,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	paddd	%xmm1,%xmm6
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	movdqa	%xmm6,16(%rsp)
+	rorl	$14,%r13d
+	movdqa	%xmm3,%xmm4
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	movdqa	%xmm1,%xmm7
+	rorl	$9,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	rorl	$5,%r13d
+	xorl	%eax,%r14d
+.byte	102,15,58,15,226,4
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+.byte	102,15,58,15,248,4
+	addl	32(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm4,%xmm5
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	movdqa	%xmm4,%xmm6
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	psrld	$3,%xmm4
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	paddd	%xmm7,%xmm2
+	rorl	$2,%r14d
+	addl	%r11d,%edx
+	psrld	$7,%xmm6
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	pshufd	$250,%xmm1,%xmm7
+	addl	%r11d,%r14d
+	rorl	$14,%r13d
+	pslld	$14,%xmm5
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	pxor	%xmm6,%xmm4
+	rorl	$9,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	rorl	$5,%r13d
+	psrld	$11,%xmm6
+	xorl	%r11d,%r14d
+	pxor	%xmm5,%xmm4
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	pslld	$11,%xmm5
+	addl	36(%rsp),%r10d
+	movl	%r11d,%edi
+	pxor	%xmm6,%xmm4
+	xorl	%r9d,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm7,%xmm6
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	pxor	%xmm5,%xmm4
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	psrld	$10,%xmm7
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	paddd	%xmm4,%xmm2
+	rorl	$2,%r14d
+	addl	%r10d,%ecx
+	psrlq	$17,%xmm6
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	pxor	%xmm6,%xmm7
+	rorl	$14,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	rorl	$9,%r14d
+	psrlq	$2,%xmm6
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$5,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	pshufd	$128,%xmm7,%xmm7
+	xorl	%ecx,%r13d
+	addl	40(%rsp),%r9d
+	movl	%r10d,%r15d
+	psrldq	$8,%xmm7
+	xorl	%r8d,%r12d
+	rorl	$11,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	rorl	$6,%r13d
+	paddd	%xmm7,%xmm2
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	pshufd	$80,%xmm2,%xmm7
+	xorl	%r11d,%edi
+	rorl	$2,%r14d
+	addl	%r9d,%ebx
+	movdqa	%xmm7,%xmm6
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	psrld	$10,%xmm7
+	addl	%r9d,%r14d
+	rorl	$14,%r13d
+	psrlq	$17,%xmm6
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$9,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	rorl	$5,%r13d
+	xorl	%r9d,%r14d
+	psrlq	$2,%xmm6
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	44(%rsp),%r8d
+	pxor	%xmm6,%xmm7
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	rorl	$11,%r14d
+	pshufd	$8,%xmm7,%xmm7
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	movdqa	64(%rbp),%xmm6
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	pslldq	$8,%xmm7
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	paddd	%xmm7,%xmm2
+	rorl	$2,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	paddd	%xmm2,%xmm6
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	movdqa	%xmm6,32(%rsp)
+	rorl	$14,%r13d
+	movdqa	%xmm0,%xmm4
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	movdqa	%xmm2,%xmm7
+	rorl	$9,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	rorl	$5,%r13d
+	xorl	%r8d,%r14d
+.byte	102,15,58,15,227,4
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+.byte	102,15,58,15,249,4
+	addl	48(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm4,%xmm5
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	movdqa	%xmm4,%xmm6
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	psrld	$3,%xmm4
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	paddd	%xmm7,%xmm3
+	rorl	$2,%r14d
+	addl	%edx,%r11d
+	psrld	$7,%xmm6
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	pshufd	$250,%xmm2,%xmm7
+	addl	%edx,%r14d
+	rorl	$14,%r13d
+	pslld	$14,%xmm5
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	pxor	%xmm6,%xmm4
+	rorl	$9,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	rorl	$5,%r13d
+	psrld	$11,%xmm6
+	xorl	%edx,%r14d
+	pxor	%xmm5,%xmm4
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	pslld	$11,%xmm5
+	addl	52(%rsp),%ecx
+	movl	%edx,%edi
+	pxor	%xmm6,%xmm4
+	xorl	%ebx,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm7,%xmm6
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	pxor	%xmm5,%xmm4
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	psrld	$10,%xmm7
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	paddd	%xmm4,%xmm3
+	rorl	$2,%r14d
+	addl	%ecx,%r10d
+	psrlq	$17,%xmm6
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	pxor	%xmm6,%xmm7
+	rorl	$14,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	rorl	$9,%r14d
+	psrlq	$2,%xmm6
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$5,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	pshufd	$128,%xmm7,%xmm7
+	xorl	%r10d,%r13d
+	addl	56(%rsp),%ebx
+	movl	%ecx,%r15d
+	psrldq	$8,%xmm7
+	xorl	%eax,%r12d
+	rorl	$11,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	rorl	$6,%r13d
+	paddd	%xmm7,%xmm3
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	pshufd	$80,%xmm3,%xmm7
+	xorl	%edx,%edi
+	rorl	$2,%r14d
+	addl	%ebx,%r9d
+	movdqa	%xmm7,%xmm6
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	psrld	$10,%xmm7
+	addl	%ebx,%r14d
+	rorl	$14,%r13d
+	psrlq	$17,%xmm6
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$9,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	rorl	$5,%r13d
+	xorl	%ebx,%r14d
+	psrlq	$2,%xmm6
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	60(%rsp),%eax
+	pxor	%xmm6,%xmm7
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	rorl	$11,%r14d
+	pshufd	$8,%xmm7,%xmm7
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	movdqa	96(%rbp),%xmm6
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	pslldq	$8,%xmm7
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	paddd	%xmm7,%xmm3
+	rorl	$2,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	paddd	%xmm3,%xmm6
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	movdqa	%xmm6,48(%rsp)
+	cmpb	$0,131(%rbp)
+	jne	.Lssse3_00_47
+	rorl	$14,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	rorl	$9,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	rorl	$5,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+	addl	0(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	rorl	$11,%r14d
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	rorl	$2,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	rorl	$9,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	rorl	$5,%r13d
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	addl	4(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	rorl	$11,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	rorl	$2,%r14d
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	rorl	$9,%r14d
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	rorl	$5,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	8(%rsp),%r9d
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	rorl	$11,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	xorl	%r11d,%edi
+	rorl	$2,%r14d
+	addl	%r9d,%ebx
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	rorl	$9,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	rorl	$5,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	12(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	rorl	$11,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	rorl	$2,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	rorl	$9,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	rorl	$5,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+	addl	16(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	rorl	$11,%r14d
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	rorl	$2,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	rorl	$9,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	rorl	$5,%r13d
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	addl	20(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	rorl	$11,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	rorl	$2,%r14d
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	rorl	$9,%r14d
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	rorl	$5,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	24(%rsp),%ebx
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	rorl	$11,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	xorl	%edx,%edi
+	rorl	$2,%r14d
+	addl	%ebx,%r9d
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	rorl	$9,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	rorl	$5,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	28(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	rorl	$11,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	rorl	$2,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	rorl	$9,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	rorl	$5,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+	addl	32(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	rorl	$11,%r14d
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	rorl	$2,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	rorl	$9,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	rorl	$5,%r13d
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	addl	36(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	rorl	$11,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	rorl	$2,%r14d
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	rorl	$9,%r14d
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	rorl	$5,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	40(%rsp),%r9d
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	rorl	$11,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	xorl	%r11d,%edi
+	rorl	$2,%r14d
+	addl	%r9d,%ebx
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	rorl	$9,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	rorl	$5,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	44(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	rorl	$11,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	rorl	$2,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	rorl	$9,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	rorl	$5,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+	addl	48(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	rorl	$11,%r14d
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	rorl	$2,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	rorl	$9,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	rorl	$5,%r13d
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	addl	52(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	rorl	$11,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	rorl	$2,%r14d
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	rorl	$9,%r14d
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	rorl	$5,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	56(%rsp),%ebx
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	rorl	$11,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	xorl	%edx,%edi
+	rorl	$2,%r14d
+	addl	%ebx,%r9d
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	rorl	$9,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	rorl	$5,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	60(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	rorl	$11,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	rorl	$2,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	movq	64+0(%rsp),%rdi
+	movl	%r14d,%eax
+
+	addl	0(%rdi),%eax
+	leaq	64(%rsi),%rsi
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	addl	24(%rdi),%r10d
+	addl	28(%rdi),%r11d
+
+	cmpq	64+16(%rsp),%rsi
+
+	movl	%eax,0(%rdi)
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+	jb	.Lloop_ssse3
+
+	movq	88(%rsp),%rsi
+
+	movaps	64+32(%rsp),%xmm6
+	movaps	64+48(%rsp),%xmm7
+	movaps	64+64(%rsp),%xmm8
+	movaps	64+80(%rsp),%xmm9
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+.Lepilogue_ssse3:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_sha256_block_data_order_ssse3:
+.def	sha256_block_data_order_avx;	.scl 3;	.type 32;	.endef
+.p2align	6
+sha256_block_data_order_avx:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_sha256_block_data_order_avx:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+
+.Lavx_shortcut:
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	shlq	$4,%rdx
+	subq	$160,%rsp
+	leaq	(%rsi,%rdx,4),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,64+0(%rsp)
+	movq	%rsi,64+8(%rsp)
+	movq	%rdx,64+16(%rsp)
+	movq	%rax,88(%rsp)
+
+	movaps	%xmm6,64+32(%rsp)
+	movaps	%xmm7,64+48(%rsp)
+	movaps	%xmm8,64+64(%rsp)
+	movaps	%xmm9,64+80(%rsp)
+.Lprologue_avx:
+
+	vzeroupper
+	movl	0(%rdi),%eax
+	movl	4(%rdi),%ebx
+	movl	8(%rdi),%ecx
+	movl	12(%rdi),%edx
+	movl	16(%rdi),%r8d
+	movl	20(%rdi),%r9d
+	movl	24(%rdi),%r10d
+	movl	28(%rdi),%r11d
+	vmovdqa	K256+512+32(%rip),%xmm8
+	vmovdqa	K256+512+64(%rip),%xmm9
+	jmp	.Lloop_avx
+.p2align	4
+.Lloop_avx:
+	vmovdqa	K256+512(%rip),%xmm7
+	vmovdqu	0(%rsi),%xmm0
+	vmovdqu	16(%rsi),%xmm1
+	vmovdqu	32(%rsi),%xmm2
+	vmovdqu	48(%rsi),%xmm3
+	vpshufb	%xmm7,%xmm0,%xmm0
+	leaq	K256(%rip),%rbp
+	vpshufb	%xmm7,%xmm1,%xmm1
+	vpshufb	%xmm7,%xmm2,%xmm2
+	vpaddd	0(%rbp),%xmm0,%xmm4
+	vpshufb	%xmm7,%xmm3,%xmm3
+	vpaddd	32(%rbp),%xmm1,%xmm5
+	vpaddd	64(%rbp),%xmm2,%xmm6
+	vpaddd	96(%rbp),%xmm3,%xmm7
+	vmovdqa	%xmm4,0(%rsp)
+	movl	%eax,%r14d
+	vmovdqa	%xmm5,16(%rsp)
+	movl	%ebx,%edi
+	vmovdqa	%xmm6,32(%rsp)
+	xorl	%ecx,%edi
+	vmovdqa	%xmm7,48(%rsp)
+	movl	%r8d,%r13d
+	jmp	.Lavx_00_47
+
+.p2align	4
+.Lavx_00_47:
+	subq	$-128,%rbp
+	vpalignr	$4,%xmm0,%xmm1,%xmm4
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	vpalignr	$4,%xmm2,%xmm3,%xmm7
+	shrdl	$9,%r14d,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	vpsrld	$7,%xmm4,%xmm6
+	shrdl	$5,%r13d,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	vpaddd	%xmm7,%xmm0,%xmm0
+	xorl	%r8d,%r13d
+	addl	0(%rsp),%r11d
+	movl	%eax,%r15d
+	vpsrld	$3,%xmm4,%xmm7
+	xorl	%r10d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ebx,%r15d
+	vpslld	$14,%xmm4,%xmm5
+	addl	%r12d,%r11d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	vpxor	%xmm6,%xmm7,%xmm4
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	vpshufd	$250,%xmm3,%xmm7
+	shrdl	$2,%r14d,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	vpsrld	$11,%xmm6,%xmm6
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	shrdl	$14,%r13d,%r13d
+	vpxor	%xmm5,%xmm4,%xmm4
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	shrdl	$9,%r14d,%r14d
+	vpslld	$11,%xmm5,%xmm5
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	shrdl	$5,%r13d,%r13d
+	vpxor	%xmm6,%xmm4,%xmm4
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	vpsrld	$10,%xmm7,%xmm6
+	addl	4(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	vpxor	%xmm5,%xmm4,%xmm4
+	shrdl	$11,%r14d,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	vpsrlq	$17,%xmm7,%xmm7
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	vpaddd	%xmm4,%xmm0,%xmm0
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	shrdl	$2,%r14d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%r10d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r10d
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%edx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ecx,%r13d
+	vpshufb	%xmm8,%xmm6,%xmm6
+	xorl	%r8d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r10d,%r14d
+	vpaddd	%xmm6,%xmm0,%xmm0
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	8(%rsp),%r9d
+	vpshufd	$80,%xmm0,%xmm7
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	shrdl	$11,%r14d,%r14d
+	vpsrld	$10,%xmm7,%xmm6
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	shrdl	$6,%r13d,%r13d
+	vpsrlq	$17,%xmm7,%xmm7
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	vpxor	%xmm7,%xmm6,%xmm6
+	xorl	%r11d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r9d,%ebx
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	vpshufb	%xmm9,%xmm6,%xmm6
+	shrdl	$9,%r14d,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	vpaddd	%xmm6,%xmm0,%xmm0
+	shrdl	$5,%r13d,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	vpaddd	0(%rbp),%xmm0,%xmm6
+	xorl	%ebx,%r13d
+	addl	12(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	vmovdqa	%xmm6,0(%rsp)
+	vpalignr	$4,%xmm1,%xmm2,%xmm4
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	vpalignr	$4,%xmm3,%xmm0,%xmm7
+	shrdl	$9,%r14d,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	vpsrld	$7,%xmm4,%xmm6
+	shrdl	$5,%r13d,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	vpaddd	%xmm7,%xmm1,%xmm1
+	xorl	%eax,%r13d
+	addl	16(%rsp),%edx
+	movl	%r8d,%r15d
+	vpsrld	$3,%xmm4,%xmm7
+	xorl	%ecx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r9d,%r15d
+	vpslld	$14,%xmm4,%xmm5
+	addl	%r12d,%edx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	vpxor	%xmm6,%xmm7,%xmm4
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	vpshufd	$250,%xmm0,%xmm7
+	shrdl	$2,%r14d,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	vpsrld	$11,%xmm6,%xmm6
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	shrdl	$14,%r13d,%r13d
+	vpxor	%xmm5,%xmm4,%xmm4
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	shrdl	$9,%r14d,%r14d
+	vpslld	$11,%xmm5,%xmm5
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	shrdl	$5,%r13d,%r13d
+	vpxor	%xmm6,%xmm4,%xmm4
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	vpsrld	$10,%xmm7,%xmm6
+	addl	20(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	vpxor	%xmm5,%xmm4,%xmm4
+	shrdl	$11,%r14d,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	vpsrlq	$17,%xmm7,%xmm7
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	vpaddd	%xmm4,%xmm1,%xmm1
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	shrdl	$2,%r14d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%ecx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ecx
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%r11d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r10d,%r13d
+	vpshufb	%xmm8,%xmm6,%xmm6
+	xorl	%eax,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ecx,%r14d
+	vpaddd	%xmm6,%xmm1,%xmm1
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	24(%rsp),%ebx
+	vpshufd	$80,%xmm1,%xmm7
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	shrdl	$11,%r14d,%r14d
+	vpsrld	$10,%xmm7,%xmm6
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	shrdl	$6,%r13d,%r13d
+	vpsrlq	$17,%xmm7,%xmm7
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	vpxor	%xmm7,%xmm6,%xmm6
+	xorl	%edx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%ebx,%r9d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	vpshufb	%xmm9,%xmm6,%xmm6
+	shrdl	$9,%r14d,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	vpaddd	%xmm6,%xmm1,%xmm1
+	shrdl	$5,%r13d,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	vpaddd	32(%rbp),%xmm1,%xmm6
+	xorl	%r9d,%r13d
+	addl	28(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	vmovdqa	%xmm6,16(%rsp)
+	vpalignr	$4,%xmm2,%xmm3,%xmm4
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	vpalignr	$4,%xmm0,%xmm1,%xmm7
+	shrdl	$9,%r14d,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	vpsrld	$7,%xmm4,%xmm6
+	shrdl	$5,%r13d,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	vpaddd	%xmm7,%xmm2,%xmm2
+	xorl	%r8d,%r13d
+	addl	32(%rsp),%r11d
+	movl	%eax,%r15d
+	vpsrld	$3,%xmm4,%xmm7
+	xorl	%r10d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ebx,%r15d
+	vpslld	$14,%xmm4,%xmm5
+	addl	%r12d,%r11d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	vpxor	%xmm6,%xmm7,%xmm4
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	vpshufd	$250,%xmm1,%xmm7
+	shrdl	$2,%r14d,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	vpsrld	$11,%xmm6,%xmm6
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	shrdl	$14,%r13d,%r13d
+	vpxor	%xmm5,%xmm4,%xmm4
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	shrdl	$9,%r14d,%r14d
+	vpslld	$11,%xmm5,%xmm5
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	shrdl	$5,%r13d,%r13d
+	vpxor	%xmm6,%xmm4,%xmm4
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	vpsrld	$10,%xmm7,%xmm6
+	addl	36(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	vpxor	%xmm5,%xmm4,%xmm4
+	shrdl	$11,%r14d,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	vpsrlq	$17,%xmm7,%xmm7
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	vpaddd	%xmm4,%xmm2,%xmm2
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	shrdl	$2,%r14d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%r10d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r10d
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%edx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ecx,%r13d
+	vpshufb	%xmm8,%xmm6,%xmm6
+	xorl	%r8d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r10d,%r14d
+	vpaddd	%xmm6,%xmm2,%xmm2
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	40(%rsp),%r9d
+	vpshufd	$80,%xmm2,%xmm7
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	shrdl	$11,%r14d,%r14d
+	vpsrld	$10,%xmm7,%xmm6
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	shrdl	$6,%r13d,%r13d
+	vpsrlq	$17,%xmm7,%xmm7
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	vpxor	%xmm7,%xmm6,%xmm6
+	xorl	%r11d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r9d,%ebx
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	vpshufb	%xmm9,%xmm6,%xmm6
+	shrdl	$9,%r14d,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	vpaddd	%xmm6,%xmm2,%xmm2
+	shrdl	$5,%r13d,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	vpaddd	64(%rbp),%xmm2,%xmm6
+	xorl	%ebx,%r13d
+	addl	44(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	vmovdqa	%xmm6,32(%rsp)
+	vpalignr	$4,%xmm3,%xmm0,%xmm4
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	vpalignr	$4,%xmm1,%xmm2,%xmm7
+	shrdl	$9,%r14d,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	vpsrld	$7,%xmm4,%xmm6
+	shrdl	$5,%r13d,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	vpaddd	%xmm7,%xmm3,%xmm3
+	xorl	%eax,%r13d
+	addl	48(%rsp),%edx
+	movl	%r8d,%r15d
+	vpsrld	$3,%xmm4,%xmm7
+	xorl	%ecx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r9d,%r15d
+	vpslld	$14,%xmm4,%xmm5
+	addl	%r12d,%edx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	vpxor	%xmm6,%xmm7,%xmm4
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	vpshufd	$250,%xmm2,%xmm7
+	shrdl	$2,%r14d,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	vpsrld	$11,%xmm6,%xmm6
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	shrdl	$14,%r13d,%r13d
+	vpxor	%xmm5,%xmm4,%xmm4
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	shrdl	$9,%r14d,%r14d
+	vpslld	$11,%xmm5,%xmm5
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	shrdl	$5,%r13d,%r13d
+	vpxor	%xmm6,%xmm4,%xmm4
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	vpsrld	$10,%xmm7,%xmm6
+	addl	52(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	vpxor	%xmm5,%xmm4,%xmm4
+	shrdl	$11,%r14d,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	vpsrlq	$17,%xmm7,%xmm7
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	vpaddd	%xmm4,%xmm3,%xmm3
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	shrdl	$2,%r14d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%ecx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ecx
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%r11d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r10d,%r13d
+	vpshufb	%xmm8,%xmm6,%xmm6
+	xorl	%eax,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ecx,%r14d
+	vpaddd	%xmm6,%xmm3,%xmm3
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	56(%rsp),%ebx
+	vpshufd	$80,%xmm3,%xmm7
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	shrdl	$11,%r14d,%r14d
+	vpsrld	$10,%xmm7,%xmm6
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	shrdl	$6,%r13d,%r13d
+	vpsrlq	$17,%xmm7,%xmm7
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	vpxor	%xmm7,%xmm6,%xmm6
+	xorl	%edx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%ebx,%r9d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	vpshufb	%xmm9,%xmm6,%xmm6
+	shrdl	$9,%r14d,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	vpaddd	%xmm6,%xmm3,%xmm3
+	shrdl	$5,%r13d,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	vpaddd	96(%rbp),%xmm3,%xmm6
+	xorl	%r9d,%r13d
+	addl	60(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	vmovdqa	%xmm6,48(%rsp)
+	cmpb	$0,131(%rbp)
+	jne	.Lavx_00_47
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+	addl	0(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	addl	4(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	8(%rsp),%r9d
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	xorl	%r11d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r9d,%ebx
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	12(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+	addl	16(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	addl	20(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	24(%rsp),%ebx
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	xorl	%edx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%ebx,%r9d
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	28(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+	addl	32(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	addl	36(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	40(%rsp),%r9d
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	xorl	%r11d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r9d,%ebx
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	44(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+	addl	48(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	addl	52(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	56(%rsp),%ebx
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	xorl	%edx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%ebx,%r9d
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	60(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	movq	64+0(%rsp),%rdi
+	movl	%r14d,%eax
+
+	addl	0(%rdi),%eax
+	leaq	64(%rsi),%rsi
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	addl	24(%rdi),%r10d
+	addl	28(%rdi),%r11d
+
+	cmpq	64+16(%rsp),%rsi
+
+	movl	%eax,0(%rdi)
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+	jb	.Lloop_avx
+
+	movq	88(%rsp),%rsi
+
+	vzeroupper
+	movaps	64+32(%rsp),%xmm6
+	movaps	64+48(%rsp),%xmm7
+	movaps	64+64(%rsp),%xmm8
+	movaps	64+80(%rsp),%xmm9
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+.Lepilogue_avx:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_sha256_block_data_order_avx:
+.def	sha256_block_data_order_avx2;	.scl 3;	.type 32;	.endef
+.p2align	6
+sha256_block_data_order_avx2:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_sha256_block_data_order_avx2:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+
+.Lavx2_shortcut:
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	subq	$608,%rsp
+	shlq	$4,%rdx
+	andq	$-1024,%rsp
+	leaq	(%rsi,%rdx,4),%rdx
+	addq	$448,%rsp
+	movq	%rdi,64+0(%rsp)
+	movq	%rsi,64+8(%rsp)
+	movq	%rdx,64+16(%rsp)
+	movq	%rax,88(%rsp)
+
+	movaps	%xmm6,64+32(%rsp)
+	movaps	%xmm7,64+48(%rsp)
+	movaps	%xmm8,64+64(%rsp)
+	movaps	%xmm9,64+80(%rsp)
+.Lprologue_avx2:
+
+	vzeroupper
+	subq	$-64,%rsi
+	movl	0(%rdi),%eax
+	movq	%rsi,%r12
+	movl	4(%rdi),%ebx
+	cmpq	%rdx,%rsi
+	movl	8(%rdi),%ecx
+	cmoveq	%rsp,%r12
+	movl	12(%rdi),%edx
+	movl	16(%rdi),%r8d
+	movl	20(%rdi),%r9d
+	movl	24(%rdi),%r10d
+	movl	28(%rdi),%r11d
+	vmovdqa	K256+512+32(%rip),%ymm8
+	vmovdqa	K256+512+64(%rip),%ymm9
+	jmp	.Loop_avx2
+.p2align	4
+.Loop_avx2:
+	vmovdqa	K256+512(%rip),%ymm7
+	vmovdqu	-64+0(%rsi),%xmm0
+	vmovdqu	-64+16(%rsi),%xmm1
+	vmovdqu	-64+32(%rsi),%xmm2
+	vmovdqu	-64+48(%rsi),%xmm3
+
+	vinserti128	$1,(%r12),%ymm0,%ymm0
+	vinserti128	$1,16(%r12),%ymm1,%ymm1
+	vpshufb	%ymm7,%ymm0,%ymm0
+	vinserti128	$1,32(%r12),%ymm2,%ymm2
+	vpshufb	%ymm7,%ymm1,%ymm1
+	vinserti128	$1,48(%r12),%ymm3,%ymm3
+
+	leaq	K256(%rip),%rbp
+	vpshufb	%ymm7,%ymm2,%ymm2
+	vpaddd	0(%rbp),%ymm0,%ymm4
+	vpshufb	%ymm7,%ymm3,%ymm3
+	vpaddd	32(%rbp),%ymm1,%ymm5
+	vpaddd	64(%rbp),%ymm2,%ymm6
+	vpaddd	96(%rbp),%ymm3,%ymm7
+	vmovdqa	%ymm4,0(%rsp)
+	xorl	%r14d,%r14d
+	vmovdqa	%ymm5,32(%rsp)
+	leaq	-64(%rsp),%rsp
+	movl	%ebx,%edi
+	vmovdqa	%ymm6,0(%rsp)
+	xorl	%ecx,%edi
+	vmovdqa	%ymm7,32(%rsp)
+	movl	%r9d,%r12d
+	subq	$-32*4,%rbp
+	jmp	.Lavx2_00_47
+
+.p2align	4
+.Lavx2_00_47:
+	leaq	-64(%rsp),%rsp
+	vpalignr	$4,%ymm0,%ymm1,%ymm4
+	addl	0+128(%rsp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	vpalignr	$4,%ymm2,%ymm3,%ymm7
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	vpsrld	$7,%ymm4,%ymm6
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	vpaddd	%ymm7,%ymm0,%ymm0
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	vpsrld	$3,%ymm4,%ymm7
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	vpslld	$14,%ymm4,%ymm5
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	vpxor	%ymm6,%ymm7,%ymm4
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	vpshufd	$250,%ymm3,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	vpsrld	$11,%ymm6,%ymm6
+	addl	4+128(%rsp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	vpslld	$11,%ymm5,%ymm5
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	vpxor	%ymm6,%ymm4,%ymm4
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	vpsrld	$10,%ymm7,%ymm6
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	vpsrlq	$17,%ymm7,%ymm7
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	vpaddd	%ymm4,%ymm0,%ymm0
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	8+128(%rsp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	vpshufb	%ymm8,%ymm6,%ymm6
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	vpaddd	%ymm6,%ymm0,%ymm0
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	vpshufd	$80,%ymm0,%ymm7
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	vpsrld	$10,%ymm7,%ymm6
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	vpsrlq	$17,%ymm7,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	12+128(%rsp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	vpshufb	%ymm9,%ymm6,%ymm6
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	vpaddd	%ymm6,%ymm0,%ymm0
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	vpaddd	0(%rbp),%ymm0,%ymm6
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	vmovdqa	%ymm6,0(%rsp)
+	vpalignr	$4,%ymm1,%ymm2,%ymm4
+	addl	32+128(%rsp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	vpalignr	$4,%ymm3,%ymm0,%ymm7
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	vpsrld	$7,%ymm4,%ymm6
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	vpaddd	%ymm7,%ymm1,%ymm1
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	vpsrld	$3,%ymm4,%ymm7
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	vpslld	$14,%ymm4,%ymm5
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	vpxor	%ymm6,%ymm7,%ymm4
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	vpshufd	$250,%ymm0,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	vpsrld	$11,%ymm6,%ymm6
+	addl	36+128(%rsp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	vpslld	$11,%ymm5,%ymm5
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	vpxor	%ymm6,%ymm4,%ymm4
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	vpsrld	$10,%ymm7,%ymm6
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	vpsrlq	$17,%ymm7,%ymm7
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	vpaddd	%ymm4,%ymm1,%ymm1
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	40+128(%rsp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	vpshufb	%ymm8,%ymm6,%ymm6
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	vpaddd	%ymm6,%ymm1,%ymm1
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	vpshufd	$80,%ymm1,%ymm7
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	vpsrld	$10,%ymm7,%ymm6
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	vpsrlq	$17,%ymm7,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	44+128(%rsp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	vpshufb	%ymm9,%ymm6,%ymm6
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	vpaddd	%ymm6,%ymm1,%ymm1
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	vpaddd	32(%rbp),%ymm1,%ymm6
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	vmovdqa	%ymm6,32(%rsp)
+	leaq	-64(%rsp),%rsp
+	vpalignr	$4,%ymm2,%ymm3,%ymm4
+	addl	0+128(%rsp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	vpalignr	$4,%ymm0,%ymm1,%ymm7
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	vpsrld	$7,%ymm4,%ymm6
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	vpaddd	%ymm7,%ymm2,%ymm2
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	vpsrld	$3,%ymm4,%ymm7
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	vpslld	$14,%ymm4,%ymm5
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	vpxor	%ymm6,%ymm7,%ymm4
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	vpshufd	$250,%ymm1,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	vpsrld	$11,%ymm6,%ymm6
+	addl	4+128(%rsp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	vpslld	$11,%ymm5,%ymm5
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	vpxor	%ymm6,%ymm4,%ymm4
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	vpsrld	$10,%ymm7,%ymm6
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	vpsrlq	$17,%ymm7,%ymm7
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	vpaddd	%ymm4,%ymm2,%ymm2
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	8+128(%rsp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	vpshufb	%ymm8,%ymm6,%ymm6
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	vpaddd	%ymm6,%ymm2,%ymm2
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	vpshufd	$80,%ymm2,%ymm7
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	vpsrld	$10,%ymm7,%ymm6
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	vpsrlq	$17,%ymm7,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	12+128(%rsp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	vpshufb	%ymm9,%ymm6,%ymm6
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	vpaddd	%ymm6,%ymm2,%ymm2
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	vpaddd	64(%rbp),%ymm2,%ymm6
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	vmovdqa	%ymm6,0(%rsp)
+	vpalignr	$4,%ymm3,%ymm0,%ymm4
+	addl	32+128(%rsp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	vpalignr	$4,%ymm1,%ymm2,%ymm7
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	vpsrld	$7,%ymm4,%ymm6
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	vpaddd	%ymm7,%ymm3,%ymm3
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	vpsrld	$3,%ymm4,%ymm7
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	vpslld	$14,%ymm4,%ymm5
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	vpxor	%ymm6,%ymm7,%ymm4
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	vpshufd	$250,%ymm2,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	vpsrld	$11,%ymm6,%ymm6
+	addl	36+128(%rsp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	vpslld	$11,%ymm5,%ymm5
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	vpxor	%ymm6,%ymm4,%ymm4
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	vpsrld	$10,%ymm7,%ymm6
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	vpsrlq	$17,%ymm7,%ymm7
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	vpaddd	%ymm4,%ymm3,%ymm3
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	40+128(%rsp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	vpshufb	%ymm8,%ymm6,%ymm6
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	vpaddd	%ymm6,%ymm3,%ymm3
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	vpshufd	$80,%ymm3,%ymm7
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	vpsrld	$10,%ymm7,%ymm6
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	vpsrlq	$17,%ymm7,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	44+128(%rsp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	vpshufb	%ymm9,%ymm6,%ymm6
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	vpaddd	%ymm6,%ymm3,%ymm3
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	vpaddd	96(%rbp),%ymm3,%ymm6
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	vmovdqa	%ymm6,32(%rsp)
+	leaq	128(%rbp),%rbp
+	cmpb	$0,3(%rbp)
+	jne	.Lavx2_00_47
+	addl	0+64(%rsp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	addl	4+64(%rsp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	addl	8+64(%rsp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	addl	12+64(%rsp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	addl	32+64(%rsp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	addl	36+64(%rsp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	addl	40+64(%rsp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	addl	44+64(%rsp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	addl	0(%rsp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	addl	4(%rsp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	addl	8(%rsp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	addl	12(%rsp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	addl	32(%rsp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	addl	36(%rsp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	addl	40(%rsp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	addl	44(%rsp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	movq	512(%rsp),%rdi
+	addl	%r14d,%eax
+
+	leaq	448(%rsp),%rbp
+
+	addl	0(%rdi),%eax
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	addl	24(%rdi),%r10d
+	addl	28(%rdi),%r11d
+
+	movl	%eax,0(%rdi)
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+
+	cmpq	80(%rbp),%rsi
+	je	.Ldone_avx2
+
+	xorl	%r14d,%r14d
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	movl	%r9d,%r12d
+	jmp	.Lower_avx2
+.p2align	4
+.Lower_avx2:
+	addl	0+16(%rbp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	addl	4+16(%rbp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	addl	8+16(%rbp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	addl	12+16(%rbp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	addl	32+16(%rbp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	addl	36+16(%rbp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	addl	40+16(%rbp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	addl	44+16(%rbp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	leaq	-64(%rbp),%rbp
+	cmpq	%rsp,%rbp
+	jae	.Lower_avx2
+
+	movq	512(%rsp),%rdi
+	addl	%r14d,%eax
+
+	leaq	448(%rsp),%rsp
+
+
+
+	addl	0(%rdi),%eax
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	leaq	128(%rsi),%rsi
+	addl	24(%rdi),%r10d
+	movq	%rsi,%r12
+	addl	28(%rdi),%r11d
+	cmpq	64+16(%rsp),%rsi
+
+	movl	%eax,0(%rdi)
+	cmoveq	%rsp,%r12
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+
+	jbe	.Loop_avx2
+	leaq	(%rsp),%rbp
+
+
+
+
+.Ldone_avx2:
+	movq	88(%rbp),%rsi
+
+	vzeroupper
+	movaps	64+32(%rbp),%xmm6
+	movaps	64+48(%rbp),%xmm7
+	movaps	64+64(%rbp),%xmm8
+	movaps	64+80(%rbp),%xmm9
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+.Lepilogue_avx2:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_sha256_block_data_order_avx2:
+
+.def	se_handler;	.scl 3;	.type 32;	.endef
+.p2align	4
+se_handler:
+	pushq	%rsi
+	pushq	%rdi
+	pushq	%rbx
+	pushq	%rbp
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	pushfq
+	subq	$64,%rsp
+
+	movq	120(%r8),%rax
+	movq	248(%r8),%rbx
+
+	movq	8(%r9),%rsi
+	movq	56(%r9),%r11
+
+	movl	0(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jb	.Lin_prologue
+
+	movq	152(%r8),%rax
+
+	movl	4(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jae	.Lin_prologue
+	leaq	.Lavx2_shortcut(%rip),%r10
+	cmpq	%r10,%rbx
+	jb	.Lnot_in_avx2
+
+	andq	$-1024,%rax
+	addq	$448,%rax
+.Lnot_in_avx2:
+	movq	%rax,%rsi
+	movq	64+24(%rax),%rax
+
+	movq	-8(%rax),%rbx
+	movq	-16(%rax),%rbp
+	movq	-24(%rax),%r12
+	movq	-32(%rax),%r13
+	movq	-40(%rax),%r14
+	movq	-48(%rax),%r15
+	movq	%rbx,144(%r8)
+	movq	%rbp,160(%r8)
+	movq	%r12,216(%r8)
+	movq	%r13,224(%r8)
+	movq	%r14,232(%r8)
+	movq	%r15,240(%r8)
+
+	leaq	.Lepilogue(%rip),%r10
+	cmpq	%r10,%rbx
+	jb	.Lin_prologue
+
+	leaq	64+32(%rsi),%rsi
+	leaq	512(%r8),%rdi
+	movl	$8,%ecx
+.long	0xa548f3fc
+
+.Lin_prologue:
+	movq	8(%rax),%rdi
+	movq	16(%rax),%rsi
+	movq	%rax,152(%r8)
+	movq	%rsi,168(%r8)
+	movq	%rdi,176(%r8)
+
+	movq	40(%r9),%rdi
+	movq	%r8,%rsi
+	movl	$154,%ecx
+.long	0xa548f3fc
+
+	movq	%r9,%rsi
+	xorq	%rcx,%rcx
+	movq	8(%rsi),%rdx
+	movq	0(%rsi),%r8
+	movq	16(%rsi),%r9
+	movq	40(%rsi),%r10
+	leaq	56(%rsi),%r11
+	leaq	24(%rsi),%r12
+	movq	%r10,32(%rsp)
+	movq	%r11,40(%rsp)
+	movq	%r12,48(%rsp)
+	movq	%rcx,56(%rsp)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	movl	$1,%eax
+	addq	$64,%rsp
+	popfq
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbp
+	popq	%rbx
+	popq	%rdi
+	popq	%rsi
+	.byte	0xf3,0xc3
+
+.def	shaext_handler;	.scl 3;	.type 32;	.endef
+.p2align	4
+shaext_handler:
+	pushq	%rsi
+	pushq	%rdi
+	pushq	%rbx
+	pushq	%rbp
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	pushfq
+	subq	$64,%rsp
+
+	movq	120(%r8),%rax
+	movq	248(%r8),%rbx
+
+	leaq	.Lprologue_shaext(%rip),%r10
+	cmpq	%r10,%rbx
+	jb	.Lin_prologue
+
+	leaq	.Lepilogue_shaext(%rip),%r10
+	cmpq	%r10,%rbx
+	jae	.Lin_prologue
+
+	leaq	-8-80(%rax),%rsi
+	leaq	512(%r8),%rdi
+	movl	$10,%ecx
+.long	0xa548f3fc
+
+	jmp	.Lin_prologue
+
+.section	.pdata
+.p2align	2
+.rva	.LSEH_begin_sha256_block_data_order
+.rva	.LSEH_end_sha256_block_data_order
+.rva	.LSEH_info_sha256_block_data_order
+.rva	.LSEH_begin_sha256_block_data_order_shaext
+.rva	.LSEH_end_sha256_block_data_order_shaext
+.rva	.LSEH_info_sha256_block_data_order_shaext
+.rva	.LSEH_begin_sha256_block_data_order_ssse3
+.rva	.LSEH_end_sha256_block_data_order_ssse3
+.rva	.LSEH_info_sha256_block_data_order_ssse3
+.rva	.LSEH_begin_sha256_block_data_order_avx
+.rva	.LSEH_end_sha256_block_data_order_avx
+.rva	.LSEH_info_sha256_block_data_order_avx
+.rva	.LSEH_begin_sha256_block_data_order_avx2
+.rva	.LSEH_end_sha256_block_data_order_avx2
+.rva	.LSEH_info_sha256_block_data_order_avx2
+.section	.xdata
+.p2align	3
+.LSEH_info_sha256_block_data_order:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Lprologue,.Lepilogue
+.LSEH_info_sha256_block_data_order_shaext:
+.byte	9,0,0,0
+.rva	shaext_handler
+.LSEH_info_sha256_block_data_order_ssse3:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Lprologue_ssse3,.Lepilogue_ssse3
+.LSEH_info_sha256_block_data_order_avx:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Lprologue_avx,.Lepilogue_avx
+.LSEH_info_sha256_block_data_order_avx2:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Lprologue_avx2,.Lepilogue_avx2
+
diff --git a/lib/accelerated/x86/coff/sha512-ssse3-x86.s b/lib/accelerated/x86/coff/sha512-ssse3-x86.s
new file mode 100644
index 0000000..72a7f73
--- /dev/null
+++ b/lib/accelerated/x86/coff/sha512-ssse3-x86.s
@@ -0,0 +1,603 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text
+.globl	_sha512_block_data_order
+.def	_sha512_block_data_order;	.scl	2;	.type	32;	.endef
+.align	16
+_sha512_block_data_order:
+.L_sha512_block_data_order_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	%esp,%ebx
+	call	.L000pic_point
+.L000pic_point:
+	popl	%ebp
+	leal	.L001K512-.L000pic_point(%ebp),%ebp
+	subl	$16,%esp
+	andl	$-64,%esp
+	shll	$7,%eax
+	addl	%edi,%eax
+	movl	%esi,(%esp)
+	movl	%edi,4(%esp)
+	movl	%eax,8(%esp)
+	movl	%ebx,12(%esp)
+.align	16
+.L002loop_x86:
+	movl	(%edi),%eax
+	movl	4(%edi),%ebx
+	movl	8(%edi),%ecx
+	movl	12(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	16(%edi),%eax
+	movl	20(%edi),%ebx
+	movl	24(%edi),%ecx
+	movl	28(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	32(%edi),%eax
+	movl	36(%edi),%ebx
+	movl	40(%edi),%ecx
+	movl	44(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	48(%edi),%eax
+	movl	52(%edi),%ebx
+	movl	56(%edi),%ecx
+	movl	60(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	64(%edi),%eax
+	movl	68(%edi),%ebx
+	movl	72(%edi),%ecx
+	movl	76(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	80(%edi),%eax
+	movl	84(%edi),%ebx
+	movl	88(%edi),%ecx
+	movl	92(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	96(%edi),%eax
+	movl	100(%edi),%ebx
+	movl	104(%edi),%ecx
+	movl	108(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	112(%edi),%eax
+	movl	116(%edi),%ebx
+	movl	120(%edi),%ecx
+	movl	124(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	addl	$128,%edi
+	subl	$72,%esp
+	movl	%edi,204(%esp)
+	leal	8(%esp),%edi
+	movl	$16,%ecx
+.long	2784229001
+.align	16
+.L00300_15_x86:
+	movl	40(%esp),%ecx
+	movl	44(%esp),%edx
+	movl	%ecx,%esi
+	shrl	$9,%ecx
+	movl	%edx,%edi
+	shrl	$9,%edx
+	movl	%ecx,%ebx
+	shll	$14,%esi
+	movl	%edx,%eax
+	shll	$14,%edi
+	xorl	%esi,%ebx
+	shrl	$5,%ecx
+	xorl	%edi,%eax
+	shrl	$5,%edx
+	xorl	%ecx,%eax
+	shll	$4,%esi
+	xorl	%edx,%ebx
+	shll	$4,%edi
+	xorl	%esi,%ebx
+	shrl	$4,%ecx
+	xorl	%edi,%eax
+	shrl	$4,%edx
+	xorl	%ecx,%eax
+	shll	$5,%esi
+	xorl	%edx,%ebx
+	shll	$5,%edi
+	xorl	%esi,%eax
+	xorl	%edi,%ebx
+	movl	48(%esp),%ecx
+	movl	52(%esp),%edx
+	movl	56(%esp),%esi
+	movl	60(%esp),%edi
+	addl	64(%esp),%eax
+	adcl	68(%esp),%ebx
+	xorl	%esi,%ecx
+	xorl	%edi,%edx
+	andl	40(%esp),%ecx
+	andl	44(%esp),%edx
+	addl	192(%esp),%eax
+	adcl	196(%esp),%ebx
+	xorl	%esi,%ecx
+	xorl	%edi,%edx
+	movl	(%ebp),%esi
+	movl	4(%ebp),%edi
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	32(%esp),%ecx
+	movl	36(%esp),%edx
+	addl	%esi,%eax
+	adcl	%edi,%ebx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	movl	%eax,32(%esp)
+	movl	%ebx,36(%esp)
+	movl	%ecx,%esi
+	shrl	$2,%ecx
+	movl	%edx,%edi
+	shrl	$2,%edx
+	movl	%ecx,%ebx
+	shll	$4,%esi
+	movl	%edx,%eax
+	shll	$4,%edi
+	xorl	%esi,%ebx
+	shrl	$5,%ecx
+	xorl	%edi,%eax
+	shrl	$5,%edx
+	xorl	%ecx,%ebx
+	shll	$21,%esi
+	xorl	%edx,%eax
+	shll	$21,%edi
+	xorl	%esi,%eax
+	shrl	$21,%ecx
+	xorl	%edi,%ebx
+	shrl	$21,%edx
+	xorl	%ecx,%eax
+	shll	$5,%esi
+	xorl	%edx,%ebx
+	shll	$5,%edi
+	xorl	%esi,%eax
+	xorl	%edi,%ebx
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	movl	16(%esp),%esi
+	movl	20(%esp),%edi
+	addl	(%esp),%eax
+	adcl	4(%esp),%ebx
+	orl	%esi,%ecx
+	orl	%edi,%edx
+	andl	24(%esp),%ecx
+	andl	28(%esp),%edx
+	andl	8(%esp),%esi
+	andl	12(%esp),%edi
+	orl	%esi,%ecx
+	orl	%edi,%edx
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	movb	(%ebp),%dl
+	subl	$8,%esp
+	leal	8(%ebp),%ebp
+	cmpb	$148,%dl
+	jne	.L00300_15_x86
+.align	16
+.L00416_79_x86:
+	movl	312(%esp),%ecx
+	movl	316(%esp),%edx
+	movl	%ecx,%esi
+	shrl	$1,%ecx
+	movl	%edx,%edi
+	shrl	$1,%edx
+	movl	%ecx,%eax
+	shll	$24,%esi
+	movl	%edx,%ebx
+	shll	$24,%edi
+	xorl	%esi,%ebx
+	shrl	$6,%ecx
+	xorl	%edi,%eax
+	shrl	$6,%edx
+	xorl	%ecx,%eax
+	shll	$7,%esi
+	xorl	%edx,%ebx
+	shll	$1,%edi
+	xorl	%esi,%ebx
+	shrl	$1,%ecx
+	xorl	%edi,%eax
+	shrl	$1,%edx
+	xorl	%ecx,%eax
+	shll	$6,%edi
+	xorl	%edx,%ebx
+	xorl	%edi,%eax
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	movl	208(%esp),%ecx
+	movl	212(%esp),%edx
+	movl	%ecx,%esi
+	shrl	$6,%ecx
+	movl	%edx,%edi
+	shrl	$6,%edx
+	movl	%ecx,%eax
+	shll	$3,%esi
+	movl	%edx,%ebx
+	shll	$3,%edi
+	xorl	%esi,%eax
+	shrl	$13,%ecx
+	xorl	%edi,%ebx
+	shrl	$13,%edx
+	xorl	%ecx,%eax
+	shll	$10,%esi
+	xorl	%edx,%ebx
+	shll	$10,%edi
+	xorl	%esi,%ebx
+	shrl	$10,%ecx
+	xorl	%edi,%eax
+	shrl	$10,%edx
+	xorl	%ecx,%ebx
+	shll	$13,%edi
+	xorl	%edx,%eax
+	xorl	%edi,%eax
+	movl	320(%esp),%ecx
+	movl	324(%esp),%edx
+	addl	(%esp),%eax
+	adcl	4(%esp),%ebx
+	movl	248(%esp),%esi
+	movl	252(%esp),%edi
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	addl	%esi,%eax
+	adcl	%edi,%ebx
+	movl	%eax,192(%esp)
+	movl	%ebx,196(%esp)
+	movl	40(%esp),%ecx
+	movl	44(%esp),%edx
+	movl	%ecx,%esi
+	shrl	$9,%ecx
+	movl	%edx,%edi
+	shrl	$9,%edx
+	movl	%ecx,%ebx
+	shll	$14,%esi
+	movl	%edx,%eax
+	shll	$14,%edi
+	xorl	%esi,%ebx
+	shrl	$5,%ecx
+	xorl	%edi,%eax
+	shrl	$5,%edx
+	xorl	%ecx,%eax
+	shll	$4,%esi
+	xorl	%edx,%ebx
+	shll	$4,%edi
+	xorl	%esi,%ebx
+	shrl	$4,%ecx
+	xorl	%edi,%eax
+	shrl	$4,%edx
+	xorl	%ecx,%eax
+	shll	$5,%esi
+	xorl	%edx,%ebx
+	shll	$5,%edi
+	xorl	%esi,%eax
+	xorl	%edi,%ebx
+	movl	48(%esp),%ecx
+	movl	52(%esp),%edx
+	movl	56(%esp),%esi
+	movl	60(%esp),%edi
+	addl	64(%esp),%eax
+	adcl	68(%esp),%ebx
+	xorl	%esi,%ecx
+	xorl	%edi,%edx
+	andl	40(%esp),%ecx
+	andl	44(%esp),%edx
+	addl	192(%esp),%eax
+	adcl	196(%esp),%ebx
+	xorl	%esi,%ecx
+	xorl	%edi,%edx
+	movl	(%ebp),%esi
+	movl	4(%ebp),%edi
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	32(%esp),%ecx
+	movl	36(%esp),%edx
+	addl	%esi,%eax
+	adcl	%edi,%ebx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	movl	%eax,32(%esp)
+	movl	%ebx,36(%esp)
+	movl	%ecx,%esi
+	shrl	$2,%ecx
+	movl	%edx,%edi
+	shrl	$2,%edx
+	movl	%ecx,%ebx
+	shll	$4,%esi
+	movl	%edx,%eax
+	shll	$4,%edi
+	xorl	%esi,%ebx
+	shrl	$5,%ecx
+	xorl	%edi,%eax
+	shrl	$5,%edx
+	xorl	%ecx,%ebx
+	shll	$21,%esi
+	xorl	%edx,%eax
+	shll	$21,%edi
+	xorl	%esi,%eax
+	shrl	$21,%ecx
+	xorl	%edi,%ebx
+	shrl	$21,%edx
+	xorl	%ecx,%eax
+	shll	$5,%esi
+	xorl	%edx,%ebx
+	shll	$5,%edi
+	xorl	%esi,%eax
+	xorl	%edi,%ebx
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	movl	16(%esp),%esi
+	movl	20(%esp),%edi
+	addl	(%esp),%eax
+	adcl	4(%esp),%ebx
+	orl	%esi,%ecx
+	orl	%edi,%edx
+	andl	24(%esp),%ecx
+	andl	28(%esp),%edx
+	andl	8(%esp),%esi
+	andl	12(%esp),%edi
+	orl	%esi,%ecx
+	orl	%edi,%edx
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	movb	(%ebp),%dl
+	subl	$8,%esp
+	leal	8(%ebp),%ebp
+	cmpb	$23,%dl
+	jne	.L00416_79_x86
+	movl	840(%esp),%esi
+	movl	844(%esp),%edi
+	movl	(%esi),%eax
+	movl	4(%esi),%ebx
+	movl	8(%esi),%ecx
+	movl	12(%esi),%edx
+	addl	8(%esp),%eax
+	adcl	12(%esp),%ebx
+	movl	%eax,(%esi)
+	movl	%ebx,4(%esi)
+	addl	16(%esp),%ecx
+	adcl	20(%esp),%edx
+	movl	%ecx,8(%esi)
+	movl	%edx,12(%esi)
+	movl	16(%esi),%eax
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%edx
+	addl	24(%esp),%eax
+	adcl	28(%esp),%ebx
+	movl	%eax,16(%esi)
+	movl	%ebx,20(%esi)
+	addl	32(%esp),%ecx
+	adcl	36(%esp),%edx
+	movl	%ecx,24(%esi)
+	movl	%edx,28(%esi)
+	movl	32(%esi),%eax
+	movl	36(%esi),%ebx
+	movl	40(%esi),%ecx
+	movl	44(%esi),%edx
+	addl	40(%esp),%eax
+	adcl	44(%esp),%ebx
+	movl	%eax,32(%esi)
+	movl	%ebx,36(%esi)
+	addl	48(%esp),%ecx
+	adcl	52(%esp),%edx
+	movl	%ecx,40(%esi)
+	movl	%edx,44(%esi)
+	movl	48(%esi),%eax
+	movl	52(%esi),%ebx
+	movl	56(%esi),%ecx
+	movl	60(%esi),%edx
+	addl	56(%esp),%eax
+	adcl	60(%esp),%ebx
+	movl	%eax,48(%esi)
+	movl	%ebx,52(%esi)
+	addl	64(%esp),%ecx
+	adcl	68(%esp),%edx
+	movl	%ecx,56(%esi)
+	movl	%edx,60(%esi)
+	addl	$840,%esp
+	subl	$640,%ebp
+	cmpl	8(%esp),%edi
+	jb	.L002loop_x86
+	movl	12(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	64
+.L001K512:
+.long	3609767458,1116352408
+.long	602891725,1899447441
+.long	3964484399,3049323471
+.long	2173295548,3921009573
+.long	4081628472,961987163
+.long	3053834265,1508970993
+.long	2937671579,2453635748
+.long	3664609560,2870763221
+.long	2734883394,3624381080
+.long	1164996542,310598401
+.long	1323610764,607225278
+.long	3590304994,1426881987
+.long	4068182383,1925078388
+.long	991336113,2162078206
+.long	633803317,2614888103
+.long	3479774868,3248222580
+.long	2666613458,3835390401
+.long	944711139,4022224774
+.long	2341262773,264347078
+.long	2007800933,604807628
+.long	1495990901,770255983
+.long	1856431235,1249150122
+.long	3175218132,1555081692
+.long	2198950837,1996064986
+.long	3999719339,2554220882
+.long	766784016,2821834349
+.long	2566594879,2952996808
+.long	3203337956,3210313671
+.long	1034457026,3336571891
+.long	2466948901,3584528711
+.long	3758326383,113926993
+.long	168717936,338241895
+.long	1188179964,666307205
+.long	1546045734,773529912
+.long	1522805485,1294757372
+.long	2643833823,1396182291
+.long	2343527390,1695183700
+.long	1014477480,1986661051
+.long	1206759142,2177026350
+.long	344077627,2456956037
+.long	1290863460,2730485921
+.long	3158454273,2820302411
+.long	3505952657,3259730800
+.long	106217008,3345764771
+.long	3606008344,3516065817
+.long	1432725776,3600352804
+.long	1467031594,4094571909
+.long	851169720,275423344
+.long	3100823752,430227734
+.long	1363258195,506948616
+.long	3750685593,659060556
+.long	3785050280,883997877
+.long	3318307427,958139571
+.long	3812723403,1322822218
+.long	2003034995,1537002063
+.long	3602036899,1747873779
+.long	1575990012,1955562222
+.long	1125592928,2024104815
+.long	2716904306,2227730452
+.long	442776044,2361852424
+.long	593698344,2428436474
+.long	3733110249,2756734187
+.long	2999351573,3204031479
+.long	3815920427,3329325298
+.long	3928383900,3391569614
+.long	566280711,3515267271
+.long	3454069534,3940187606
+.long	4000239992,4118630271
+.long	1914138554,116418474
+.long	2731055270,174292421
+.long	3203993006,289380356
+.long	320620315,460393269
+.long	587496836,685471733
+.long	1086792851,852142971
+.long	365543100,1017036298
+.long	2618297676,1126000580
+.long	3409855158,1288033470
+.long	4234509866,1501505948
+.long	987167468,1607167915
+.long	1246189591,1816402316
+.long	67438087,66051
+.long	202182159,134810123
+.byte	83,72,65,53,49,50,32,98,108,111,99,107,32,116,114,97
+.byte	110,115,102,111,114,109,32,102,111,114,32,120,56,54,44,32
+.byte	67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97
+.byte	112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103
+.byte	62,0
+
diff --git a/lib/accelerated/x86/coff/sha512-ssse3-x86_64.s b/lib/accelerated/x86/coff/sha512-ssse3-x86_64.s
new file mode 100644
index 0000000..8065de2
--- /dev/null
+++ b/lib/accelerated/x86/coff/sha512-ssse3-x86_64.s
@@ -0,0 +1,5692 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+.globl	sha512_block_data_order
+.def	sha512_block_data_order;	.scl 2;	.type 32;	.endef
+.p2align	4
+sha512_block_data_order:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_sha512_block_data_order:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+
+	leaq	GNUTLS_x86_cpuid_s(%rip),%r11
+	movl	0(%r11),%r9d
+	movl	4(%r11),%r10d
+	movl	8(%r11),%r11d
+	testl	$2048,%r10d
+	jnz	.Lxop_shortcut
+	andl	$296,%r11d
+	cmpl	$296,%r11d
+	je	.Lavx2_shortcut
+	andl	$1073741824,%r9d
+	andl	$268435968,%r10d
+	orl	%r9d,%r10d
+	cmpl	$1342177792,%r10d
+	je	.Lavx_shortcut
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	shlq	$4,%rdx
+	subq	$128+32,%rsp
+	leaq	(%rsi,%rdx,8),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,128+0(%rsp)
+	movq	%rsi,128+8(%rsp)
+	movq	%rdx,128+16(%rsp)
+	movq	%rax,152(%rsp)
+
+.Lprologue:
+
+	movq	0(%rdi),%rax
+	movq	8(%rdi),%rbx
+	movq	16(%rdi),%rcx
+	movq	24(%rdi),%rdx
+	movq	32(%rdi),%r8
+	movq	40(%rdi),%r9
+	movq	48(%rdi),%r10
+	movq	56(%rdi),%r11
+	jmp	.Lloop
+
+.p2align	4
+.Lloop:
+	movq	%rbx,%rdi
+	leaq	K512(%rip),%rbp
+	xorq	%rcx,%rdi
+	movq	0(%rsi),%r12
+	movq	%r8,%r13
+	movq	%rax,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r9,%r15
+
+	xorq	%r8,%r13
+	rorq	$5,%r14
+	xorq	%r10,%r15
+
+	movq	%r12,0(%rsp)
+	xorq	%rax,%r14
+	andq	%r8,%r15
+
+	rorq	$4,%r13
+	addq	%r11,%r12
+	xorq	%r10,%r15
+
+	rorq	$6,%r14
+	xorq	%r8,%r13
+	addq	%r15,%r12
+
+	movq	%rax,%r15
+	addq	(%rbp),%r12
+	xorq	%rax,%r14
+
+	xorq	%rbx,%r15
+	rorq	$14,%r13
+	movq	%rbx,%r11
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r11
+	addq	%r12,%rdx
+	addq	%r12,%r11
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%r11
+	movq	8(%rsi),%r12
+	movq	%rdx,%r13
+	movq	%r11,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r8,%rdi
+
+	xorq	%rdx,%r13
+	rorq	$5,%r14
+	xorq	%r9,%rdi
+
+	movq	%r12,8(%rsp)
+	xorq	%r11,%r14
+	andq	%rdx,%rdi
+
+	rorq	$4,%r13
+	addq	%r10,%r12
+	xorq	%r9,%rdi
+
+	rorq	$6,%r14
+	xorq	%rdx,%r13
+	addq	%rdi,%r12
+
+	movq	%r11,%rdi
+	addq	(%rbp),%r12
+	xorq	%r11,%r14
+
+	xorq	%rax,%rdi
+	rorq	$14,%r13
+	movq	%rax,%r10
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r10
+	addq	%r12,%rcx
+	addq	%r12,%r10
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%r10
+	movq	16(%rsi),%r12
+	movq	%rcx,%r13
+	movq	%r10,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rdx,%r15
+
+	xorq	%rcx,%r13
+	rorq	$5,%r14
+	xorq	%r8,%r15
+
+	movq	%r12,16(%rsp)
+	xorq	%r10,%r14
+	andq	%rcx,%r15
+
+	rorq	$4,%r13
+	addq	%r9,%r12
+	xorq	%r8,%r15
+
+	rorq	$6,%r14
+	xorq	%rcx,%r13
+	addq	%r15,%r12
+
+	movq	%r10,%r15
+	addq	(%rbp),%r12
+	xorq	%r10,%r14
+
+	xorq	%r11,%r15
+	rorq	$14,%r13
+	movq	%r11,%r9
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r9
+	addq	%r12,%rbx
+	addq	%r12,%r9
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%r9
+	movq	24(%rsi),%r12
+	movq	%rbx,%r13
+	movq	%r9,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rcx,%rdi
+
+	xorq	%rbx,%r13
+	rorq	$5,%r14
+	xorq	%rdx,%rdi
+
+	movq	%r12,24(%rsp)
+	xorq	%r9,%r14
+	andq	%rbx,%rdi
+
+	rorq	$4,%r13
+	addq	%r8,%r12
+	xorq	%rdx,%rdi
+
+	rorq	$6,%r14
+	xorq	%rbx,%r13
+	addq	%rdi,%r12
+
+	movq	%r9,%rdi
+	addq	(%rbp),%r12
+	xorq	%r9,%r14
+
+	xorq	%r10,%rdi
+	rorq	$14,%r13
+	movq	%r10,%r8
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r8
+	addq	%r12,%rax
+	addq	%r12,%r8
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%r8
+	movq	32(%rsi),%r12
+	movq	%rax,%r13
+	movq	%r8,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rbx,%r15
+
+	xorq	%rax,%r13
+	rorq	$5,%r14
+	xorq	%rcx,%r15
+
+	movq	%r12,32(%rsp)
+	xorq	%r8,%r14
+	andq	%rax,%r15
+
+	rorq	$4,%r13
+	addq	%rdx,%r12
+	xorq	%rcx,%r15
+
+	rorq	$6,%r14
+	xorq	%rax,%r13
+	addq	%r15,%r12
+
+	movq	%r8,%r15
+	addq	(%rbp),%r12
+	xorq	%r8,%r14
+
+	xorq	%r9,%r15
+	rorq	$14,%r13
+	movq	%r9,%rdx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rdx
+	addq	%r12,%r11
+	addq	%r12,%rdx
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%rdx
+	movq	40(%rsi),%r12
+	movq	%r11,%r13
+	movq	%rdx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rax,%rdi
+
+	xorq	%r11,%r13
+	rorq	$5,%r14
+	xorq	%rbx,%rdi
+
+	movq	%r12,40(%rsp)
+	xorq	%rdx,%r14
+	andq	%r11,%rdi
+
+	rorq	$4,%r13
+	addq	%rcx,%r12
+	xorq	%rbx,%rdi
+
+	rorq	$6,%r14
+	xorq	%r11,%r13
+	addq	%rdi,%r12
+
+	movq	%rdx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rdx,%r14
+
+	xorq	%r8,%rdi
+	rorq	$14,%r13
+	movq	%r8,%rcx
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rcx
+	addq	%r12,%r10
+	addq	%r12,%rcx
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%rcx
+	movq	48(%rsi),%r12
+	movq	%r10,%r13
+	movq	%rcx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r11,%r15
+
+	xorq	%r10,%r13
+	rorq	$5,%r14
+	xorq	%rax,%r15
+
+	movq	%r12,48(%rsp)
+	xorq	%rcx,%r14
+	andq	%r10,%r15
+
+	rorq	$4,%r13
+	addq	%rbx,%r12
+	xorq	%rax,%r15
+
+	rorq	$6,%r14
+	xorq	%r10,%r13
+	addq	%r15,%r12
+
+	movq	%rcx,%r15
+	addq	(%rbp),%r12
+	xorq	%rcx,%r14
+
+	xorq	%rdx,%r15
+	rorq	$14,%r13
+	movq	%rdx,%rbx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rbx
+	addq	%r12,%r9
+	addq	%r12,%rbx
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%rbx
+	movq	56(%rsi),%r12
+	movq	%r9,%r13
+	movq	%rbx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r10,%rdi
+
+	xorq	%r9,%r13
+	rorq	$5,%r14
+	xorq	%r11,%rdi
+
+	movq	%r12,56(%rsp)
+	xorq	%rbx,%r14
+	andq	%r9,%rdi
+
+	rorq	$4,%r13
+	addq	%rax,%r12
+	xorq	%r11,%rdi
+
+	rorq	$6,%r14
+	xorq	%r9,%r13
+	addq	%rdi,%r12
+
+	movq	%rbx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rbx,%r14
+
+	xorq	%rcx,%rdi
+	rorq	$14,%r13
+	movq	%rcx,%rax
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rax
+	addq	%r12,%r8
+	addq	%r12,%rax
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%rax
+	movq	64(%rsi),%r12
+	movq	%r8,%r13
+	movq	%rax,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r9,%r15
+
+	xorq	%r8,%r13
+	rorq	$5,%r14
+	xorq	%r10,%r15
+
+	movq	%r12,64(%rsp)
+	xorq	%rax,%r14
+	andq	%r8,%r15
+
+	rorq	$4,%r13
+	addq	%r11,%r12
+	xorq	%r10,%r15
+
+	rorq	$6,%r14
+	xorq	%r8,%r13
+	addq	%r15,%r12
+
+	movq	%rax,%r15
+	addq	(%rbp),%r12
+	xorq	%rax,%r14
+
+	xorq	%rbx,%r15
+	rorq	$14,%r13
+	movq	%rbx,%r11
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r11
+	addq	%r12,%rdx
+	addq	%r12,%r11
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%r11
+	movq	72(%rsi),%r12
+	movq	%rdx,%r13
+	movq	%r11,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r8,%rdi
+
+	xorq	%rdx,%r13
+	rorq	$5,%r14
+	xorq	%r9,%rdi
+
+	movq	%r12,72(%rsp)
+	xorq	%r11,%r14
+	andq	%rdx,%rdi
+
+	rorq	$4,%r13
+	addq	%r10,%r12
+	xorq	%r9,%rdi
+
+	rorq	$6,%r14
+	xorq	%rdx,%r13
+	addq	%rdi,%r12
+
+	movq	%r11,%rdi
+	addq	(%rbp),%r12
+	xorq	%r11,%r14
+
+	xorq	%rax,%rdi
+	rorq	$14,%r13
+	movq	%rax,%r10
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r10
+	addq	%r12,%rcx
+	addq	%r12,%r10
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%r10
+	movq	80(%rsi),%r12
+	movq	%rcx,%r13
+	movq	%r10,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rdx,%r15
+
+	xorq	%rcx,%r13
+	rorq	$5,%r14
+	xorq	%r8,%r15
+
+	movq	%r12,80(%rsp)
+	xorq	%r10,%r14
+	andq	%rcx,%r15
+
+	rorq	$4,%r13
+	addq	%r9,%r12
+	xorq	%r8,%r15
+
+	rorq	$6,%r14
+	xorq	%rcx,%r13
+	addq	%r15,%r12
+
+	movq	%r10,%r15
+	addq	(%rbp),%r12
+	xorq	%r10,%r14
+
+	xorq	%r11,%r15
+	rorq	$14,%r13
+	movq	%r11,%r9
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r9
+	addq	%r12,%rbx
+	addq	%r12,%r9
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%r9
+	movq	88(%rsi),%r12
+	movq	%rbx,%r13
+	movq	%r9,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rcx,%rdi
+
+	xorq	%rbx,%r13
+	rorq	$5,%r14
+	xorq	%rdx,%rdi
+
+	movq	%r12,88(%rsp)
+	xorq	%r9,%r14
+	andq	%rbx,%rdi
+
+	rorq	$4,%r13
+	addq	%r8,%r12
+	xorq	%rdx,%rdi
+
+	rorq	$6,%r14
+	xorq	%rbx,%r13
+	addq	%rdi,%r12
+
+	movq	%r9,%rdi
+	addq	(%rbp),%r12
+	xorq	%r9,%r14
+
+	xorq	%r10,%rdi
+	rorq	$14,%r13
+	movq	%r10,%r8
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r8
+	addq	%r12,%rax
+	addq	%r12,%r8
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%r8
+	movq	96(%rsi),%r12
+	movq	%rax,%r13
+	movq	%r8,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rbx,%r15
+
+	xorq	%rax,%r13
+	rorq	$5,%r14
+	xorq	%rcx,%r15
+
+	movq	%r12,96(%rsp)
+	xorq	%r8,%r14
+	andq	%rax,%r15
+
+	rorq	$4,%r13
+	addq	%rdx,%r12
+	xorq	%rcx,%r15
+
+	rorq	$6,%r14
+	xorq	%rax,%r13
+	addq	%r15,%r12
+
+	movq	%r8,%r15
+	addq	(%rbp),%r12
+	xorq	%r8,%r14
+
+	xorq	%r9,%r15
+	rorq	$14,%r13
+	movq	%r9,%rdx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rdx
+	addq	%r12,%r11
+	addq	%r12,%rdx
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%rdx
+	movq	104(%rsi),%r12
+	movq	%r11,%r13
+	movq	%rdx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rax,%rdi
+
+	xorq	%r11,%r13
+	rorq	$5,%r14
+	xorq	%rbx,%rdi
+
+	movq	%r12,104(%rsp)
+	xorq	%rdx,%r14
+	andq	%r11,%rdi
+
+	rorq	$4,%r13
+	addq	%rcx,%r12
+	xorq	%rbx,%rdi
+
+	rorq	$6,%r14
+	xorq	%r11,%r13
+	addq	%rdi,%r12
+
+	movq	%rdx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rdx,%r14
+
+	xorq	%r8,%rdi
+	rorq	$14,%r13
+	movq	%r8,%rcx
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rcx
+	addq	%r12,%r10
+	addq	%r12,%rcx
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%rcx
+	movq	112(%rsi),%r12
+	movq	%r10,%r13
+	movq	%rcx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r11,%r15
+
+	xorq	%r10,%r13
+	rorq	$5,%r14
+	xorq	%rax,%r15
+
+	movq	%r12,112(%rsp)
+	xorq	%rcx,%r14
+	andq	%r10,%r15
+
+	rorq	$4,%r13
+	addq	%rbx,%r12
+	xorq	%rax,%r15
+
+	rorq	$6,%r14
+	xorq	%r10,%r13
+	addq	%r15,%r12
+
+	movq	%rcx,%r15
+	addq	(%rbp),%r12
+	xorq	%rcx,%r14
+
+	xorq	%rdx,%r15
+	rorq	$14,%r13
+	movq	%rdx,%rbx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rbx
+	addq	%r12,%r9
+	addq	%r12,%rbx
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%rbx
+	movq	120(%rsi),%r12
+	movq	%r9,%r13
+	movq	%rbx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r10,%rdi
+
+	xorq	%r9,%r13
+	rorq	$5,%r14
+	xorq	%r11,%rdi
+
+	movq	%r12,120(%rsp)
+	xorq	%rbx,%r14
+	andq	%r9,%rdi
+
+	rorq	$4,%r13
+	addq	%rax,%r12
+	xorq	%r11,%rdi
+
+	rorq	$6,%r14
+	xorq	%r9,%r13
+	addq	%rdi,%r12
+
+	movq	%rbx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rbx,%r14
+
+	xorq	%rcx,%rdi
+	rorq	$14,%r13
+	movq	%rcx,%rax
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rax
+	addq	%r12,%r8
+	addq	%r12,%rax
+
+	leaq	24(%rbp),%rbp
+	jmp	.Lrounds_16_xx
+.p2align	4
+.Lrounds_16_xx:
+	movq	8(%rsp),%r13
+	movq	112(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rax
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	72(%rsp),%r12
+
+	addq	0(%rsp),%r12
+	movq	%r8,%r13
+	addq	%r15,%r12
+	movq	%rax,%r14
+	rorq	$23,%r13
+	movq	%r9,%r15
+
+	xorq	%r8,%r13
+	rorq	$5,%r14
+	xorq	%r10,%r15
+
+	movq	%r12,0(%rsp)
+	xorq	%rax,%r14
+	andq	%r8,%r15
+
+	rorq	$4,%r13
+	addq	%r11,%r12
+	xorq	%r10,%r15
+
+	rorq	$6,%r14
+	xorq	%r8,%r13
+	addq	%r15,%r12
+
+	movq	%rax,%r15
+	addq	(%rbp),%r12
+	xorq	%rax,%r14
+
+	xorq	%rbx,%r15
+	rorq	$14,%r13
+	movq	%rbx,%r11
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r11
+	addq	%r12,%rdx
+	addq	%r12,%r11
+
+	leaq	8(%rbp),%rbp
+	movq	16(%rsp),%r13
+	movq	120(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r11
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	80(%rsp),%r12
+
+	addq	8(%rsp),%r12
+	movq	%rdx,%r13
+	addq	%rdi,%r12
+	movq	%r11,%r14
+	rorq	$23,%r13
+	movq	%r8,%rdi
+
+	xorq	%rdx,%r13
+	rorq	$5,%r14
+	xorq	%r9,%rdi
+
+	movq	%r12,8(%rsp)
+	xorq	%r11,%r14
+	andq	%rdx,%rdi
+
+	rorq	$4,%r13
+	addq	%r10,%r12
+	xorq	%r9,%rdi
+
+	rorq	$6,%r14
+	xorq	%rdx,%r13
+	addq	%rdi,%r12
+
+	movq	%r11,%rdi
+	addq	(%rbp),%r12
+	xorq	%r11,%r14
+
+	xorq	%rax,%rdi
+	rorq	$14,%r13
+	movq	%rax,%r10
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r10
+	addq	%r12,%rcx
+	addq	%r12,%r10
+
+	leaq	24(%rbp),%rbp
+	movq	24(%rsp),%r13
+	movq	0(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r10
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	88(%rsp),%r12
+
+	addq	16(%rsp),%r12
+	movq	%rcx,%r13
+	addq	%r15,%r12
+	movq	%r10,%r14
+	rorq	$23,%r13
+	movq	%rdx,%r15
+
+	xorq	%rcx,%r13
+	rorq	$5,%r14
+	xorq	%r8,%r15
+
+	movq	%r12,16(%rsp)
+	xorq	%r10,%r14
+	andq	%rcx,%r15
+
+	rorq	$4,%r13
+	addq	%r9,%r12
+	xorq	%r8,%r15
+
+	rorq	$6,%r14
+	xorq	%rcx,%r13
+	addq	%r15,%r12
+
+	movq	%r10,%r15
+	addq	(%rbp),%r12
+	xorq	%r10,%r14
+
+	xorq	%r11,%r15
+	rorq	$14,%r13
+	movq	%r11,%r9
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r9
+	addq	%r12,%rbx
+	addq	%r12,%r9
+
+	leaq	8(%rbp),%rbp
+	movq	32(%rsp),%r13
+	movq	8(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r9
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	96(%rsp),%r12
+
+	addq	24(%rsp),%r12
+	movq	%rbx,%r13
+	addq	%rdi,%r12
+	movq	%r9,%r14
+	rorq	$23,%r13
+	movq	%rcx,%rdi
+
+	xorq	%rbx,%r13
+	rorq	$5,%r14
+	xorq	%rdx,%rdi
+
+	movq	%r12,24(%rsp)
+	xorq	%r9,%r14
+	andq	%rbx,%rdi
+
+	rorq	$4,%r13
+	addq	%r8,%r12
+	xorq	%rdx,%rdi
+
+	rorq	$6,%r14
+	xorq	%rbx,%r13
+	addq	%rdi,%r12
+
+	movq	%r9,%rdi
+	addq	(%rbp),%r12
+	xorq	%r9,%r14
+
+	xorq	%r10,%rdi
+	rorq	$14,%r13
+	movq	%r10,%r8
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r8
+	addq	%r12,%rax
+	addq	%r12,%r8
+
+	leaq	24(%rbp),%rbp
+	movq	40(%rsp),%r13
+	movq	16(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r8
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	104(%rsp),%r12
+
+	addq	32(%rsp),%r12
+	movq	%rax,%r13
+	addq	%r15,%r12
+	movq	%r8,%r14
+	rorq	$23,%r13
+	movq	%rbx,%r15
+
+	xorq	%rax,%r13
+	rorq	$5,%r14
+	xorq	%rcx,%r15
+
+	movq	%r12,32(%rsp)
+	xorq	%r8,%r14
+	andq	%rax,%r15
+
+	rorq	$4,%r13
+	addq	%rdx,%r12
+	xorq	%rcx,%r15
+
+	rorq	$6,%r14
+	xorq	%rax,%r13
+	addq	%r15,%r12
+
+	movq	%r8,%r15
+	addq	(%rbp),%r12
+	xorq	%r8,%r14
+
+	xorq	%r9,%r15
+	rorq	$14,%r13
+	movq	%r9,%rdx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rdx
+	addq	%r12,%r11
+	addq	%r12,%rdx
+
+	leaq	8(%rbp),%rbp
+	movq	48(%rsp),%r13
+	movq	24(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rdx
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	112(%rsp),%r12
+
+	addq	40(%rsp),%r12
+	movq	%r11,%r13
+	addq	%rdi,%r12
+	movq	%rdx,%r14
+	rorq	$23,%r13
+	movq	%rax,%rdi
+
+	xorq	%r11,%r13
+	rorq	$5,%r14
+	xorq	%rbx,%rdi
+
+	movq	%r12,40(%rsp)
+	xorq	%rdx,%r14
+	andq	%r11,%rdi
+
+	rorq	$4,%r13
+	addq	%rcx,%r12
+	xorq	%rbx,%rdi
+
+	rorq	$6,%r14
+	xorq	%r11,%r13
+	addq	%rdi,%r12
+
+	movq	%rdx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rdx,%r14
+
+	xorq	%r8,%rdi
+	rorq	$14,%r13
+	movq	%r8,%rcx
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rcx
+	addq	%r12,%r10
+	addq	%r12,%rcx
+
+	leaq	24(%rbp),%rbp
+	movq	56(%rsp),%r13
+	movq	32(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rcx
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	120(%rsp),%r12
+
+	addq	48(%rsp),%r12
+	movq	%r10,%r13
+	addq	%r15,%r12
+	movq	%rcx,%r14
+	rorq	$23,%r13
+	movq	%r11,%r15
+
+	xorq	%r10,%r13
+	rorq	$5,%r14
+	xorq	%rax,%r15
+
+	movq	%r12,48(%rsp)
+	xorq	%rcx,%r14
+	andq	%r10,%r15
+
+	rorq	$4,%r13
+	addq	%rbx,%r12
+	xorq	%rax,%r15
+
+	rorq	$6,%r14
+	xorq	%r10,%r13
+	addq	%r15,%r12
+
+	movq	%rcx,%r15
+	addq	(%rbp),%r12
+	xorq	%rcx,%r14
+
+	xorq	%rdx,%r15
+	rorq	$14,%r13
+	movq	%rdx,%rbx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rbx
+	addq	%r12,%r9
+	addq	%r12,%rbx
+
+	leaq	8(%rbp),%rbp
+	movq	64(%rsp),%r13
+	movq	40(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rbx
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	0(%rsp),%r12
+
+	addq	56(%rsp),%r12
+	movq	%r9,%r13
+	addq	%rdi,%r12
+	movq	%rbx,%r14
+	rorq	$23,%r13
+	movq	%r10,%rdi
+
+	xorq	%r9,%r13
+	rorq	$5,%r14
+	xorq	%r11,%rdi
+
+	movq	%r12,56(%rsp)
+	xorq	%rbx,%r14
+	andq	%r9,%rdi
+
+	rorq	$4,%r13
+	addq	%rax,%r12
+	xorq	%r11,%rdi
+
+	rorq	$6,%r14
+	xorq	%r9,%r13
+	addq	%rdi,%r12
+
+	movq	%rbx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rbx,%r14
+
+	xorq	%rcx,%rdi
+	rorq	$14,%r13
+	movq	%rcx,%rax
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rax
+	addq	%r12,%r8
+	addq	%r12,%rax
+
+	leaq	24(%rbp),%rbp
+	movq	72(%rsp),%r13
+	movq	48(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rax
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	8(%rsp),%r12
+
+	addq	64(%rsp),%r12
+	movq	%r8,%r13
+	addq	%r15,%r12
+	movq	%rax,%r14
+	rorq	$23,%r13
+	movq	%r9,%r15
+
+	xorq	%r8,%r13
+	rorq	$5,%r14
+	xorq	%r10,%r15
+
+	movq	%r12,64(%rsp)
+	xorq	%rax,%r14
+	andq	%r8,%r15
+
+	rorq	$4,%r13
+	addq	%r11,%r12
+	xorq	%r10,%r15
+
+	rorq	$6,%r14
+	xorq	%r8,%r13
+	addq	%r15,%r12
+
+	movq	%rax,%r15
+	addq	(%rbp),%r12
+	xorq	%rax,%r14
+
+	xorq	%rbx,%r15
+	rorq	$14,%r13
+	movq	%rbx,%r11
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r11
+	addq	%r12,%rdx
+	addq	%r12,%r11
+
+	leaq	8(%rbp),%rbp
+	movq	80(%rsp),%r13
+	movq	56(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r11
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	16(%rsp),%r12
+
+	addq	72(%rsp),%r12
+	movq	%rdx,%r13
+	addq	%rdi,%r12
+	movq	%r11,%r14
+	rorq	$23,%r13
+	movq	%r8,%rdi
+
+	xorq	%rdx,%r13
+	rorq	$5,%r14
+	xorq	%r9,%rdi
+
+	movq	%r12,72(%rsp)
+	xorq	%r11,%r14
+	andq	%rdx,%rdi
+
+	rorq	$4,%r13
+	addq	%r10,%r12
+	xorq	%r9,%rdi
+
+	rorq	$6,%r14
+	xorq	%rdx,%r13
+	addq	%rdi,%r12
+
+	movq	%r11,%rdi
+	addq	(%rbp),%r12
+	xorq	%r11,%r14
+
+	xorq	%rax,%rdi
+	rorq	$14,%r13
+	movq	%rax,%r10
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r10
+	addq	%r12,%rcx
+	addq	%r12,%r10
+
+	leaq	24(%rbp),%rbp
+	movq	88(%rsp),%r13
+	movq	64(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r10
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	24(%rsp),%r12
+
+	addq	80(%rsp),%r12
+	movq	%rcx,%r13
+	addq	%r15,%r12
+	movq	%r10,%r14
+	rorq	$23,%r13
+	movq	%rdx,%r15
+
+	xorq	%rcx,%r13
+	rorq	$5,%r14
+	xorq	%r8,%r15
+
+	movq	%r12,80(%rsp)
+	xorq	%r10,%r14
+	andq	%rcx,%r15
+
+	rorq	$4,%r13
+	addq	%r9,%r12
+	xorq	%r8,%r15
+
+	rorq	$6,%r14
+	xorq	%rcx,%r13
+	addq	%r15,%r12
+
+	movq	%r10,%r15
+	addq	(%rbp),%r12
+	xorq	%r10,%r14
+
+	xorq	%r11,%r15
+	rorq	$14,%r13
+	movq	%r11,%r9
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r9
+	addq	%r12,%rbx
+	addq	%r12,%r9
+
+	leaq	8(%rbp),%rbp
+	movq	96(%rsp),%r13
+	movq	72(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r9
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	32(%rsp),%r12
+
+	addq	88(%rsp),%r12
+	movq	%rbx,%r13
+	addq	%rdi,%r12
+	movq	%r9,%r14
+	rorq	$23,%r13
+	movq	%rcx,%rdi
+
+	xorq	%rbx,%r13
+	rorq	$5,%r14
+	xorq	%rdx,%rdi
+
+	movq	%r12,88(%rsp)
+	xorq	%r9,%r14
+	andq	%rbx,%rdi
+
+	rorq	$4,%r13
+	addq	%r8,%r12
+	xorq	%rdx,%rdi
+
+	rorq	$6,%r14
+	xorq	%rbx,%r13
+	addq	%rdi,%r12
+
+	movq	%r9,%rdi
+	addq	(%rbp),%r12
+	xorq	%r9,%r14
+
+	xorq	%r10,%rdi
+	rorq	$14,%r13
+	movq	%r10,%r8
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r8
+	addq	%r12,%rax
+	addq	%r12,%r8
+
+	leaq	24(%rbp),%rbp
+	movq	104(%rsp),%r13
+	movq	80(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r8
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	40(%rsp),%r12
+
+	addq	96(%rsp),%r12
+	movq	%rax,%r13
+	addq	%r15,%r12
+	movq	%r8,%r14
+	rorq	$23,%r13
+	movq	%rbx,%r15
+
+	xorq	%rax,%r13
+	rorq	$5,%r14
+	xorq	%rcx,%r15
+
+	movq	%r12,96(%rsp)
+	xorq	%r8,%r14
+	andq	%rax,%r15
+
+	rorq	$4,%r13
+	addq	%rdx,%r12
+	xorq	%rcx,%r15
+
+	rorq	$6,%r14
+	xorq	%rax,%r13
+	addq	%r15,%r12
+
+	movq	%r8,%r15
+	addq	(%rbp),%r12
+	xorq	%r8,%r14
+
+	xorq	%r9,%r15
+	rorq	$14,%r13
+	movq	%r9,%rdx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rdx
+	addq	%r12,%r11
+	addq	%r12,%rdx
+
+	leaq	8(%rbp),%rbp
+	movq	112(%rsp),%r13
+	movq	88(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rdx
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	48(%rsp),%r12
+
+	addq	104(%rsp),%r12
+	movq	%r11,%r13
+	addq	%rdi,%r12
+	movq	%rdx,%r14
+	rorq	$23,%r13
+	movq	%rax,%rdi
+
+	xorq	%r11,%r13
+	rorq	$5,%r14
+	xorq	%rbx,%rdi
+
+	movq	%r12,104(%rsp)
+	xorq	%rdx,%r14
+	andq	%r11,%rdi
+
+	rorq	$4,%r13
+	addq	%rcx,%r12
+	xorq	%rbx,%rdi
+
+	rorq	$6,%r14
+	xorq	%r11,%r13
+	addq	%rdi,%r12
+
+	movq	%rdx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rdx,%r14
+
+	xorq	%r8,%rdi
+	rorq	$14,%r13
+	movq	%r8,%rcx
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rcx
+	addq	%r12,%r10
+	addq	%r12,%rcx
+
+	leaq	24(%rbp),%rbp
+	movq	120(%rsp),%r13
+	movq	96(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rcx
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	56(%rsp),%r12
+
+	addq	112(%rsp),%r12
+	movq	%r10,%r13
+	addq	%r15,%r12
+	movq	%rcx,%r14
+	rorq	$23,%r13
+	movq	%r11,%r15
+
+	xorq	%r10,%r13
+	rorq	$5,%r14
+	xorq	%rax,%r15
+
+	movq	%r12,112(%rsp)
+	xorq	%rcx,%r14
+	andq	%r10,%r15
+
+	rorq	$4,%r13
+	addq	%rbx,%r12
+	xorq	%rax,%r15
+
+	rorq	$6,%r14
+	xorq	%r10,%r13
+	addq	%r15,%r12
+
+	movq	%rcx,%r15
+	addq	(%rbp),%r12
+	xorq	%rcx,%r14
+
+	xorq	%rdx,%r15
+	rorq	$14,%r13
+	movq	%rdx,%rbx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rbx
+	addq	%r12,%r9
+	addq	%r12,%rbx
+
+	leaq	8(%rbp),%rbp
+	movq	0(%rsp),%r13
+	movq	104(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rbx
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	64(%rsp),%r12
+
+	addq	120(%rsp),%r12
+	movq	%r9,%r13
+	addq	%rdi,%r12
+	movq	%rbx,%r14
+	rorq	$23,%r13
+	movq	%r10,%rdi
+
+	xorq	%r9,%r13
+	rorq	$5,%r14
+	xorq	%r11,%rdi
+
+	movq	%r12,120(%rsp)
+	xorq	%rbx,%r14
+	andq	%r9,%rdi
+
+	rorq	$4,%r13
+	addq	%rax,%r12
+	xorq	%r11,%rdi
+
+	rorq	$6,%r14
+	xorq	%r9,%r13
+	addq	%rdi,%r12
+
+	movq	%rbx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rbx,%r14
+
+	xorq	%rcx,%rdi
+	rorq	$14,%r13
+	movq	%rcx,%rax
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rax
+	addq	%r12,%r8
+	addq	%r12,%rax
+
+	leaq	24(%rbp),%rbp
+	cmpb	$0,7(%rbp)
+	jnz	.Lrounds_16_xx
+
+	movq	128+0(%rsp),%rdi
+	addq	%r14,%rax
+	leaq	128(%rsi),%rsi
+
+	addq	0(%rdi),%rax
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	addq	48(%rdi),%r10
+	addq	56(%rdi),%r11
+
+	cmpq	128+16(%rsp),%rsi
+
+	movq	%rax,0(%rdi)
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+	jb	.Lloop
+
+	movq	152(%rsp),%rsi
+
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+.Lepilogue:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_sha512_block_data_order:
+.p2align	6
+
+K512:
+.quad	0x428a2f98d728ae22,0x7137449123ef65cd
+.quad	0x428a2f98d728ae22,0x7137449123ef65cd
+.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+.quad	0x3956c25bf348b538,0x59f111f1b605d019
+.quad	0x3956c25bf348b538,0x59f111f1b605d019
+.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+.quad	0xd807aa98a3030242,0x12835b0145706fbe
+.quad	0xd807aa98a3030242,0x12835b0145706fbe
+.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+.quad	0x9bdc06a725c71235,0xc19bf174cf692694
+.quad	0x9bdc06a725c71235,0xc19bf174cf692694
+.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+.quad	0x983e5152ee66dfab,0xa831c66d2db43210
+.quad	0x983e5152ee66dfab,0xa831c66d2db43210
+.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
+.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
+.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
+.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
+.quad	0x06ca6351e003826f,0x142929670a0e6e70
+.quad	0x06ca6351e003826f,0x142929670a0e6e70
+.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
+.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
+.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
+.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
+.quad	0x81c2c92e47edaee6,0x92722c851482353b
+.quad	0x81c2c92e47edaee6,0x92722c851482353b
+.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
+.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
+.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
+.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
+.quad	0xd192e819d6ef5218,0xd69906245565a910
+.quad	0xd192e819d6ef5218,0xd69906245565a910
+.quad	0xf40e35855771202a,0x106aa07032bbd1b8
+.quad	0xf40e35855771202a,0x106aa07032bbd1b8
+.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
+.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
+.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
+.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
+.quad	0x90befffa23631e28,0xa4506cebde82bde9
+.quad	0x90befffa23631e28,0xa4506cebde82bde9
+.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
+.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
+.quad	0xca273eceea26619c,0xd186b8c721c0c207
+.quad	0xca273eceea26619c,0xd186b8c721c0c207
+.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
+.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
+.quad	0x113f9804bef90dae,0x1b710b35131c471b
+.quad	0x113f9804bef90dae,0x1b710b35131c471b
+.quad	0x28db77f523047d84,0x32caab7b40c72493
+.quad	0x28db77f523047d84,0x32caab7b40c72493
+.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+
+.quad	0x0001020304050607,0x08090a0b0c0d0e0f
+.quad	0x0001020304050607,0x08090a0b0c0d0e0f
+.byte	83,72,65,53,49,50,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.def	sha512_block_data_order_xop;	.scl 3;	.type 32;	.endef
+.p2align	6
+sha512_block_data_order_xop:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_sha512_block_data_order_xop:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+
+.Lxop_shortcut:
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	shlq	$4,%rdx
+	subq	$256,%rsp
+	leaq	(%rsi,%rdx,8),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,128+0(%rsp)
+	movq	%rsi,128+8(%rsp)
+	movq	%rdx,128+16(%rsp)
+	movq	%rax,152(%rsp)
+
+	movaps	%xmm6,128+32(%rsp)
+	movaps	%xmm7,128+48(%rsp)
+	movaps	%xmm8,128+64(%rsp)
+	movaps	%xmm9,128+80(%rsp)
+	movaps	%xmm10,128+96(%rsp)
+	movaps	%xmm11,128+112(%rsp)
+.Lprologue_xop:
+
+	vzeroupper
+	movq	0(%rdi),%rax
+	movq	8(%rdi),%rbx
+	movq	16(%rdi),%rcx
+	movq	24(%rdi),%rdx
+	movq	32(%rdi),%r8
+	movq	40(%rdi),%r9
+	movq	48(%rdi),%r10
+	movq	56(%rdi),%r11
+	jmp	.Lloop_xop
+.p2align	4
+.Lloop_xop:
+	vmovdqa	K512+1280(%rip),%xmm11
+	vmovdqu	0(%rsi),%xmm0
+	leaq	K512+128(%rip),%rbp
+	vmovdqu	16(%rsi),%xmm1
+	vmovdqu	32(%rsi),%xmm2
+	vpshufb	%xmm11,%xmm0,%xmm0
+	vmovdqu	48(%rsi),%xmm3
+	vpshufb	%xmm11,%xmm1,%xmm1
+	vmovdqu	64(%rsi),%xmm4
+	vpshufb	%xmm11,%xmm2,%xmm2
+	vmovdqu	80(%rsi),%xmm5
+	vpshufb	%xmm11,%xmm3,%xmm3
+	vmovdqu	96(%rsi),%xmm6
+	vpshufb	%xmm11,%xmm4,%xmm4
+	vmovdqu	112(%rsi),%xmm7
+	vpshufb	%xmm11,%xmm5,%xmm5
+	vpaddq	-128(%rbp),%xmm0,%xmm8
+	vpshufb	%xmm11,%xmm6,%xmm6
+	vpaddq	-96(%rbp),%xmm1,%xmm9
+	vpshufb	%xmm11,%xmm7,%xmm7
+	vpaddq	-64(%rbp),%xmm2,%xmm10
+	vpaddq	-32(%rbp),%xmm3,%xmm11
+	vmovdqa	%xmm8,0(%rsp)
+	vpaddq	0(%rbp),%xmm4,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	vpaddq	32(%rbp),%xmm5,%xmm9
+	vmovdqa	%xmm10,32(%rsp)
+	vpaddq	64(%rbp),%xmm6,%xmm10
+	vmovdqa	%xmm11,48(%rsp)
+	vpaddq	96(%rbp),%xmm7,%xmm11
+	vmovdqa	%xmm8,64(%rsp)
+	movq	%rax,%r14
+	vmovdqa	%xmm9,80(%rsp)
+	movq	%rbx,%rdi
+	vmovdqa	%xmm10,96(%rsp)
+	xorq	%rcx,%rdi
+	vmovdqa	%xmm11,112(%rsp)
+	movq	%r8,%r13
+	jmp	.Lxop_00_47
+
+.p2align	4
+.Lxop_00_47:
+	addq	$256,%rbp
+	vpalignr	$8,%xmm0,%xmm1,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%rax
+	vpalignr	$8,%xmm4,%xmm5,%xmm11
+	movq	%r9,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%rax,%r14
+	vpaddq	%xmm11,%xmm0,%xmm0
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	0(%rsp),%r11
+	movq	%rax,%r15
+.byte	143,72,120,195,209,7
+	xorq	%r10,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,223,3
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rbx,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm7,%xmm10
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	vpaddq	%xmm8,%xmm0,%xmm0
+	movq	%rdx,%r13
+	addq	%r11,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%r11
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%r8,%r12
+	rorq	$5,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	vpaddq	%xmm11,%xmm0,%xmm0
+	addq	8(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	rorq	$6,%r14
+	vpaddq	-128(%rbp),%xmm0,%xmm10
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	rorq	$28,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	vmovdqa	%xmm10,0(%rsp)
+	vpalignr	$8,%xmm1,%xmm2,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%r10
+	vpalignr	$8,%xmm5,%xmm6,%xmm11
+	movq	%rdx,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%r10,%r14
+	vpaddq	%xmm11,%xmm1,%xmm1
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	16(%rsp),%r9
+	movq	%r10,%r15
+.byte	143,72,120,195,209,7
+	xorq	%r8,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,216,3
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r11,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm0,%xmm10
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	vpaddq	%xmm8,%xmm1,%xmm1
+	movq	%rbx,%r13
+	addq	%r9,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%r9
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%rcx,%r12
+	rorq	$5,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	vpaddq	%xmm11,%xmm1,%xmm1
+	addq	24(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	rorq	$6,%r14
+	vpaddq	-96(%rbp),%xmm1,%xmm10
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	rorq	$28,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	vmovdqa	%xmm10,16(%rsp)
+	vpalignr	$8,%xmm2,%xmm3,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%r8
+	vpalignr	$8,%xmm6,%xmm7,%xmm11
+	movq	%rbx,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%r8,%r14
+	vpaddq	%xmm11,%xmm2,%xmm2
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	32(%rsp),%rdx
+	movq	%r8,%r15
+.byte	143,72,120,195,209,7
+	xorq	%rcx,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,217,3
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r9,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm1,%xmm10
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	vpaddq	%xmm8,%xmm2,%xmm2
+	movq	%r11,%r13
+	addq	%rdx,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%rdx
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%rax,%r12
+	rorq	$5,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	vpaddq	%xmm11,%xmm2,%xmm2
+	addq	40(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	rorq	$6,%r14
+	vpaddq	-64(%rbp),%xmm2,%xmm10
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	rorq	$28,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	vmovdqa	%xmm10,32(%rsp)
+	vpalignr	$8,%xmm3,%xmm4,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%rcx
+	vpalignr	$8,%xmm7,%xmm0,%xmm11
+	movq	%r11,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%rcx,%r14
+	vpaddq	%xmm11,%xmm3,%xmm3
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	48(%rsp),%rbx
+	movq	%rcx,%r15
+.byte	143,72,120,195,209,7
+	xorq	%rax,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,218,3
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rdx,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm2,%xmm10
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	vpaddq	%xmm8,%xmm3,%xmm3
+	movq	%r9,%r13
+	addq	%rbx,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%rbx
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%r10,%r12
+	rorq	$5,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	vpaddq	%xmm11,%xmm3,%xmm3
+	addq	56(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	rorq	$6,%r14
+	vpaddq	-32(%rbp),%xmm3,%xmm10
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	rorq	$28,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	vmovdqa	%xmm10,48(%rsp)
+	vpalignr	$8,%xmm4,%xmm5,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%rax
+	vpalignr	$8,%xmm0,%xmm1,%xmm11
+	movq	%r9,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%rax,%r14
+	vpaddq	%xmm11,%xmm4,%xmm4
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	64(%rsp),%r11
+	movq	%rax,%r15
+.byte	143,72,120,195,209,7
+	xorq	%r10,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,219,3
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rbx,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm3,%xmm10
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	vpaddq	%xmm8,%xmm4,%xmm4
+	movq	%rdx,%r13
+	addq	%r11,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%r11
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%r8,%r12
+	rorq	$5,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	vpaddq	%xmm11,%xmm4,%xmm4
+	addq	72(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	rorq	$6,%r14
+	vpaddq	0(%rbp),%xmm4,%xmm10
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	rorq	$28,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	vmovdqa	%xmm10,64(%rsp)
+	vpalignr	$8,%xmm5,%xmm6,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%r10
+	vpalignr	$8,%xmm1,%xmm2,%xmm11
+	movq	%rdx,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%r10,%r14
+	vpaddq	%xmm11,%xmm5,%xmm5
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	80(%rsp),%r9
+	movq	%r10,%r15
+.byte	143,72,120,195,209,7
+	xorq	%r8,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,220,3
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r11,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm4,%xmm10
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	vpaddq	%xmm8,%xmm5,%xmm5
+	movq	%rbx,%r13
+	addq	%r9,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%r9
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%rcx,%r12
+	rorq	$5,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	vpaddq	%xmm11,%xmm5,%xmm5
+	addq	88(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	rorq	$6,%r14
+	vpaddq	32(%rbp),%xmm5,%xmm10
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	rorq	$28,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	vmovdqa	%xmm10,80(%rsp)
+	vpalignr	$8,%xmm6,%xmm7,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%r8
+	vpalignr	$8,%xmm2,%xmm3,%xmm11
+	movq	%rbx,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%r8,%r14
+	vpaddq	%xmm11,%xmm6,%xmm6
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	96(%rsp),%rdx
+	movq	%r8,%r15
+.byte	143,72,120,195,209,7
+	xorq	%rcx,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,221,3
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r9,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm5,%xmm10
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	vpaddq	%xmm8,%xmm6,%xmm6
+	movq	%r11,%r13
+	addq	%rdx,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%rdx
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%rax,%r12
+	rorq	$5,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	vpaddq	%xmm11,%xmm6,%xmm6
+	addq	104(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	rorq	$6,%r14
+	vpaddq	64(%rbp),%xmm6,%xmm10
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	rorq	$28,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	vmovdqa	%xmm10,96(%rsp)
+	vpalignr	$8,%xmm7,%xmm0,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%rcx
+	vpalignr	$8,%xmm3,%xmm4,%xmm11
+	movq	%r11,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%rcx,%r14
+	vpaddq	%xmm11,%xmm7,%xmm7
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	112(%rsp),%rbx
+	movq	%rcx,%r15
+.byte	143,72,120,195,209,7
+	xorq	%rax,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,222,3
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rdx,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm6,%xmm10
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	vpaddq	%xmm8,%xmm7,%xmm7
+	movq	%r9,%r13
+	addq	%rbx,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%rbx
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%r10,%r12
+	rorq	$5,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	vpaddq	%xmm11,%xmm7,%xmm7
+	addq	120(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	rorq	$6,%r14
+	vpaddq	96(%rbp),%xmm7,%xmm10
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	rorq	$28,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	vmovdqa	%xmm10,112(%rsp)
+	cmpb	$0,135(%rbp)
+	jne	.Lxop_00_47
+	rorq	$23,%r13
+	movq	%r14,%rax
+	movq	%r9,%r12
+	rorq	$5,%r14
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	rorq	$4,%r13
+	xorq	%rax,%r14
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	0(%rsp),%r11
+	movq	%rax,%r15
+	xorq	%r10,%r12
+	rorq	$6,%r14
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	xorq	%rbx,%rdi
+	rorq	$28,%r14
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	rorq	$23,%r13
+	movq	%r14,%r11
+	movq	%r8,%r12
+	rorq	$5,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	rorq	$4,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	addq	8(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	rorq	$6,%r14
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	rorq	$28,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	rorq	$23,%r13
+	movq	%r14,%r10
+	movq	%rdx,%r12
+	rorq	$5,%r14
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	rorq	$4,%r13
+	xorq	%r10,%r14
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	16(%rsp),%r9
+	movq	%r10,%r15
+	xorq	%r8,%r12
+	rorq	$6,%r14
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	xorq	%r11,%rdi
+	rorq	$28,%r14
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	rorq	$23,%r13
+	movq	%r14,%r9
+	movq	%rcx,%r12
+	rorq	$5,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	rorq	$4,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	addq	24(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	rorq	$6,%r14
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	rorq	$28,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	rorq	$23,%r13
+	movq	%r14,%r8
+	movq	%rbx,%r12
+	rorq	$5,%r14
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	rorq	$4,%r13
+	xorq	%r8,%r14
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	32(%rsp),%rdx
+	movq	%r8,%r15
+	xorq	%rcx,%r12
+	rorq	$6,%r14
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	xorq	%r9,%rdi
+	rorq	$28,%r14
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rdx
+	movq	%rax,%r12
+	rorq	$5,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	rorq	$4,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	addq	40(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	rorq	$6,%r14
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	rorq	$28,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rcx
+	movq	%r11,%r12
+	rorq	$5,%r14
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	rorq	$4,%r13
+	xorq	%rcx,%r14
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	48(%rsp),%rbx
+	movq	%rcx,%r15
+	xorq	%rax,%r12
+	rorq	$6,%r14
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	xorq	%rdx,%rdi
+	rorq	$28,%r14
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rbx
+	movq	%r10,%r12
+	rorq	$5,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	rorq	$4,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	addq	56(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	rorq	$6,%r14
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	rorq	$28,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	rorq	$23,%r13
+	movq	%r14,%rax
+	movq	%r9,%r12
+	rorq	$5,%r14
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	rorq	$4,%r13
+	xorq	%rax,%r14
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	64(%rsp),%r11
+	movq	%rax,%r15
+	xorq	%r10,%r12
+	rorq	$6,%r14
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	xorq	%rbx,%rdi
+	rorq	$28,%r14
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	rorq	$23,%r13
+	movq	%r14,%r11
+	movq	%r8,%r12
+	rorq	$5,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	rorq	$4,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	addq	72(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	rorq	$6,%r14
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	rorq	$28,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	rorq	$23,%r13
+	movq	%r14,%r10
+	movq	%rdx,%r12
+	rorq	$5,%r14
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	rorq	$4,%r13
+	xorq	%r10,%r14
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	80(%rsp),%r9
+	movq	%r10,%r15
+	xorq	%r8,%r12
+	rorq	$6,%r14
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	xorq	%r11,%rdi
+	rorq	$28,%r14
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	rorq	$23,%r13
+	movq	%r14,%r9
+	movq	%rcx,%r12
+	rorq	$5,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	rorq	$4,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	addq	88(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	rorq	$6,%r14
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	rorq	$28,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	rorq	$23,%r13
+	movq	%r14,%r8
+	movq	%rbx,%r12
+	rorq	$5,%r14
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	rorq	$4,%r13
+	xorq	%r8,%r14
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	96(%rsp),%rdx
+	movq	%r8,%r15
+	xorq	%rcx,%r12
+	rorq	$6,%r14
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	xorq	%r9,%rdi
+	rorq	$28,%r14
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rdx
+	movq	%rax,%r12
+	rorq	$5,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	rorq	$4,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	addq	104(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	rorq	$6,%r14
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	rorq	$28,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rcx
+	movq	%r11,%r12
+	rorq	$5,%r14
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	rorq	$4,%r13
+	xorq	%rcx,%r14
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	112(%rsp),%rbx
+	movq	%rcx,%r15
+	xorq	%rax,%r12
+	rorq	$6,%r14
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	xorq	%rdx,%rdi
+	rorq	$28,%r14
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rbx
+	movq	%r10,%r12
+	rorq	$5,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	rorq	$4,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	addq	120(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	rorq	$6,%r14
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	rorq	$28,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	movq	128+0(%rsp),%rdi
+	movq	%r14,%rax
+
+	addq	0(%rdi),%rax
+	leaq	128(%rsi),%rsi
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	addq	48(%rdi),%r10
+	addq	56(%rdi),%r11
+
+	cmpq	128+16(%rsp),%rsi
+
+	movq	%rax,0(%rdi)
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+	jb	.Lloop_xop
+
+	movq	152(%rsp),%rsi
+
+	vzeroupper
+	movaps	128+32(%rsp),%xmm6
+	movaps	128+48(%rsp),%xmm7
+	movaps	128+64(%rsp),%xmm8
+	movaps	128+80(%rsp),%xmm9
+	movaps	128+96(%rsp),%xmm10
+	movaps	128+112(%rsp),%xmm11
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+.Lepilogue_xop:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_sha512_block_data_order_xop:
+.def	sha512_block_data_order_avx;	.scl 3;	.type 32;	.endef
+.p2align	6
+sha512_block_data_order_avx:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_sha512_block_data_order_avx:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+
+.Lavx_shortcut:
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	shlq	$4,%rdx
+	subq	$256,%rsp
+	leaq	(%rsi,%rdx,8),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,128+0(%rsp)
+	movq	%rsi,128+8(%rsp)
+	movq	%rdx,128+16(%rsp)
+	movq	%rax,152(%rsp)
+
+	movaps	%xmm6,128+32(%rsp)
+	movaps	%xmm7,128+48(%rsp)
+	movaps	%xmm8,128+64(%rsp)
+	movaps	%xmm9,128+80(%rsp)
+	movaps	%xmm10,128+96(%rsp)
+	movaps	%xmm11,128+112(%rsp)
+.Lprologue_avx:
+
+	vzeroupper
+	movq	0(%rdi),%rax
+	movq	8(%rdi),%rbx
+	movq	16(%rdi),%rcx
+	movq	24(%rdi),%rdx
+	movq	32(%rdi),%r8
+	movq	40(%rdi),%r9
+	movq	48(%rdi),%r10
+	movq	56(%rdi),%r11
+	jmp	.Lloop_avx
+.p2align	4
+.Lloop_avx:
+	vmovdqa	K512+1280(%rip),%xmm11
+	vmovdqu	0(%rsi),%xmm0
+	leaq	K512+128(%rip),%rbp
+	vmovdqu	16(%rsi),%xmm1
+	vmovdqu	32(%rsi),%xmm2
+	vpshufb	%xmm11,%xmm0,%xmm0
+	vmovdqu	48(%rsi),%xmm3
+	vpshufb	%xmm11,%xmm1,%xmm1
+	vmovdqu	64(%rsi),%xmm4
+	vpshufb	%xmm11,%xmm2,%xmm2
+	vmovdqu	80(%rsi),%xmm5
+	vpshufb	%xmm11,%xmm3,%xmm3
+	vmovdqu	96(%rsi),%xmm6
+	vpshufb	%xmm11,%xmm4,%xmm4
+	vmovdqu	112(%rsi),%xmm7
+	vpshufb	%xmm11,%xmm5,%xmm5
+	vpaddq	-128(%rbp),%xmm0,%xmm8
+	vpshufb	%xmm11,%xmm6,%xmm6
+	vpaddq	-96(%rbp),%xmm1,%xmm9
+	vpshufb	%xmm11,%xmm7,%xmm7
+	vpaddq	-64(%rbp),%xmm2,%xmm10
+	vpaddq	-32(%rbp),%xmm3,%xmm11
+	vmovdqa	%xmm8,0(%rsp)
+	vpaddq	0(%rbp),%xmm4,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	vpaddq	32(%rbp),%xmm5,%xmm9
+	vmovdqa	%xmm10,32(%rsp)
+	vpaddq	64(%rbp),%xmm6,%xmm10
+	vmovdqa	%xmm11,48(%rsp)
+	vpaddq	96(%rbp),%xmm7,%xmm11
+	vmovdqa	%xmm8,64(%rsp)
+	movq	%rax,%r14
+	vmovdqa	%xmm9,80(%rsp)
+	movq	%rbx,%rdi
+	vmovdqa	%xmm10,96(%rsp)
+	xorq	%rcx,%rdi
+	vmovdqa	%xmm11,112(%rsp)
+	movq	%r8,%r13
+	jmp	.Lavx_00_47
+
+.p2align	4
+.Lavx_00_47:
+	addq	$256,%rbp
+	vpalignr	$8,%xmm0,%xmm1,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rax
+	vpalignr	$8,%xmm4,%xmm5,%xmm11
+	movq	%r9,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	vpaddq	%xmm11,%xmm0,%xmm0
+	shrdq	$4,%r13,%r13
+	xorq	%rax,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	0(%rsp),%r11
+	movq	%rax,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%r10,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rbx,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm7,%xmm11
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	vpsllq	$3,%xmm7,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r11
+	vpaddq	%xmm8,%xmm0,%xmm0
+	movq	%r8,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm7,%xmm9
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%r11,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	8(%rsp),%r10
+	movq	%r11,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%r9,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm0,%xmm0
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	vpaddq	-128(%rbp),%xmm0,%xmm10
+	xorq	%rax,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	vmovdqa	%xmm10,0(%rsp)
+	vpalignr	$8,%xmm1,%xmm2,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r10
+	vpalignr	$8,%xmm5,%xmm6,%xmm11
+	movq	%rdx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	vpaddq	%xmm11,%xmm1,%xmm1
+	shrdq	$4,%r13,%r13
+	xorq	%r10,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	16(%rsp),%r9
+	movq	%r10,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%r8,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r11,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm0,%xmm11
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	vpsllq	$3,%xmm0,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r9
+	vpaddq	%xmm8,%xmm1,%xmm1
+	movq	%rcx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm0,%xmm9
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%r9,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	24(%rsp),%r8
+	movq	%r9,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%rdx,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm1,%xmm1
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	vpaddq	-96(%rbp),%xmm1,%xmm10
+	xorq	%r10,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	vmovdqa	%xmm10,16(%rsp)
+	vpalignr	$8,%xmm2,%xmm3,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r8
+	vpalignr	$8,%xmm6,%xmm7,%xmm11
+	movq	%rbx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	vpaddq	%xmm11,%xmm2,%xmm2
+	shrdq	$4,%r13,%r13
+	xorq	%r8,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	32(%rsp),%rdx
+	movq	%r8,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%rcx,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r9,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm1,%xmm11
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	vpsllq	$3,%xmm1,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rdx
+	vpaddq	%xmm8,%xmm2,%xmm2
+	movq	%rax,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm1,%xmm9
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%rdx,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	40(%rsp),%rcx
+	movq	%rdx,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%rbx,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm2,%xmm2
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	vpaddq	-64(%rbp),%xmm2,%xmm10
+	xorq	%r8,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	vmovdqa	%xmm10,32(%rsp)
+	vpalignr	$8,%xmm3,%xmm4,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rcx
+	vpalignr	$8,%xmm7,%xmm0,%xmm11
+	movq	%r11,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	vpaddq	%xmm11,%xmm3,%xmm3
+	shrdq	$4,%r13,%r13
+	xorq	%rcx,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	48(%rsp),%rbx
+	movq	%rcx,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%rax,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rdx,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm2,%xmm11
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	vpsllq	$3,%xmm2,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rbx
+	vpaddq	%xmm8,%xmm3,%xmm3
+	movq	%r10,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm2,%xmm9
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%rbx,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	56(%rsp),%rax
+	movq	%rbx,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%r11,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm3,%xmm3
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	vpaddq	-32(%rbp),%xmm3,%xmm10
+	xorq	%rcx,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	vmovdqa	%xmm10,48(%rsp)
+	vpalignr	$8,%xmm4,%xmm5,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rax
+	vpalignr	$8,%xmm0,%xmm1,%xmm11
+	movq	%r9,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	vpaddq	%xmm11,%xmm4,%xmm4
+	shrdq	$4,%r13,%r13
+	xorq	%rax,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	64(%rsp),%r11
+	movq	%rax,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%r10,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rbx,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm3,%xmm11
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	vpsllq	$3,%xmm3,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r11
+	vpaddq	%xmm8,%xmm4,%xmm4
+	movq	%r8,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm3,%xmm9
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%r11,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	72(%rsp),%r10
+	movq	%r11,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%r9,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm4,%xmm4
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	vpaddq	0(%rbp),%xmm4,%xmm10
+	xorq	%rax,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	vmovdqa	%xmm10,64(%rsp)
+	vpalignr	$8,%xmm5,%xmm6,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r10
+	vpalignr	$8,%xmm1,%xmm2,%xmm11
+	movq	%rdx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	vpaddq	%xmm11,%xmm5,%xmm5
+	shrdq	$4,%r13,%r13
+	xorq	%r10,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	80(%rsp),%r9
+	movq	%r10,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%r8,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r11,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm4,%xmm11
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	vpsllq	$3,%xmm4,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r9
+	vpaddq	%xmm8,%xmm5,%xmm5
+	movq	%rcx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm4,%xmm9
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%r9,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	88(%rsp),%r8
+	movq	%r9,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%rdx,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm5,%xmm5
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	vpaddq	32(%rbp),%xmm5,%xmm10
+	xorq	%r10,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	vmovdqa	%xmm10,80(%rsp)
+	vpalignr	$8,%xmm6,%xmm7,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r8
+	vpalignr	$8,%xmm2,%xmm3,%xmm11
+	movq	%rbx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	vpaddq	%xmm11,%xmm6,%xmm6
+	shrdq	$4,%r13,%r13
+	xorq	%r8,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	96(%rsp),%rdx
+	movq	%r8,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%rcx,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r9,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm5,%xmm11
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	vpsllq	$3,%xmm5,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rdx
+	vpaddq	%xmm8,%xmm6,%xmm6
+	movq	%rax,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm5,%xmm9
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%rdx,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	104(%rsp),%rcx
+	movq	%rdx,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%rbx,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm6,%xmm6
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	vpaddq	64(%rbp),%xmm6,%xmm10
+	xorq	%r8,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	vmovdqa	%xmm10,96(%rsp)
+	vpalignr	$8,%xmm7,%xmm0,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rcx
+	vpalignr	$8,%xmm3,%xmm4,%xmm11
+	movq	%r11,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	vpaddq	%xmm11,%xmm7,%xmm7
+	shrdq	$4,%r13,%r13
+	xorq	%rcx,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	112(%rsp),%rbx
+	movq	%rcx,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%rax,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rdx,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm6,%xmm11
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	vpsllq	$3,%xmm6,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rbx
+	vpaddq	%xmm8,%xmm7,%xmm7
+	movq	%r10,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm6,%xmm9
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%rbx,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	120(%rsp),%rax
+	movq	%rbx,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%r11,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm7,%xmm7
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	vpaddq	96(%rbp),%xmm7,%xmm10
+	xorq	%rcx,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	vmovdqa	%xmm10,112(%rsp)
+	cmpb	$0,135(%rbp)
+	jne	.Lavx_00_47
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rax
+	movq	%r9,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rax,%r14
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	0(%rsp),%r11
+	movq	%rax,%r15
+	xorq	%r10,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	xorq	%rbx,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r11
+	movq	%r8,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	addq	8(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r10
+	movq	%rdx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r10,%r14
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	16(%rsp),%r9
+	movq	%r10,%r15
+	xorq	%r8,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	xorq	%r11,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r9
+	movq	%rcx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	addq	24(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r8
+	movq	%rbx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r8,%r14
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	32(%rsp),%rdx
+	movq	%r8,%r15
+	xorq	%rcx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	xorq	%r9,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rdx
+	movq	%rax,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	addq	40(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rcx
+	movq	%r11,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rcx,%r14
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	48(%rsp),%rbx
+	movq	%rcx,%r15
+	xorq	%rax,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	xorq	%rdx,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rbx
+	movq	%r10,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	addq	56(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rax
+	movq	%r9,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rax,%r14
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	64(%rsp),%r11
+	movq	%rax,%r15
+	xorq	%r10,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	xorq	%rbx,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r11
+	movq	%r8,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	addq	72(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r10
+	movq	%rdx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r10,%r14
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	80(%rsp),%r9
+	movq	%r10,%r15
+	xorq	%r8,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	xorq	%r11,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r9
+	movq	%rcx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	addq	88(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r8
+	movq	%rbx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r8,%r14
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	96(%rsp),%rdx
+	movq	%r8,%r15
+	xorq	%rcx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	xorq	%r9,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rdx
+	movq	%rax,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	addq	104(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rcx
+	movq	%r11,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rcx,%r14
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	112(%rsp),%rbx
+	movq	%rcx,%r15
+	xorq	%rax,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	xorq	%rdx,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rbx
+	movq	%r10,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	addq	120(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	movq	128+0(%rsp),%rdi
+	movq	%r14,%rax
+
+	addq	0(%rdi),%rax
+	leaq	128(%rsi),%rsi
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	addq	48(%rdi),%r10
+	addq	56(%rdi),%r11
+
+	cmpq	128+16(%rsp),%rsi
+
+	movq	%rax,0(%rdi)
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+	jb	.Lloop_avx
+
+	movq	152(%rsp),%rsi
+
+	vzeroupper
+	movaps	128+32(%rsp),%xmm6
+	movaps	128+48(%rsp),%xmm7
+	movaps	128+64(%rsp),%xmm8
+	movaps	128+80(%rsp),%xmm9
+	movaps	128+96(%rsp),%xmm10
+	movaps	128+112(%rsp),%xmm11
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+.Lepilogue_avx:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_sha512_block_data_order_avx:
+.def	sha512_block_data_order_avx2;	.scl 3;	.type 32;	.endef
+.p2align	6
+sha512_block_data_order_avx2:
+	movq	%rdi,8(%rsp)
+	movq	%rsi,16(%rsp)
+	movq	%rsp,%rax
+.LSEH_begin_sha512_block_data_order_avx2:
+	movq	%rcx,%rdi
+	movq	%rdx,%rsi
+	movq	%r8,%rdx
+
+
+.Lavx2_shortcut:
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	subq	$1408,%rsp
+	shlq	$4,%rdx
+	andq	$-2048,%rsp
+	leaq	(%rsi,%rdx,8),%rdx
+	addq	$1152,%rsp
+	movq	%rdi,128+0(%rsp)
+	movq	%rsi,128+8(%rsp)
+	movq	%rdx,128+16(%rsp)
+	movq	%rax,152(%rsp)
+
+	movaps	%xmm6,128+32(%rsp)
+	movaps	%xmm7,128+48(%rsp)
+	movaps	%xmm8,128+64(%rsp)
+	movaps	%xmm9,128+80(%rsp)
+	movaps	%xmm10,128+96(%rsp)
+	movaps	%xmm11,128+112(%rsp)
+.Lprologue_avx2:
+
+	vzeroupper
+	subq	$-128,%rsi
+	movq	0(%rdi),%rax
+	movq	%rsi,%r12
+	movq	8(%rdi),%rbx
+	cmpq	%rdx,%rsi
+	movq	16(%rdi),%rcx
+	cmoveq	%rsp,%r12
+	movq	24(%rdi),%rdx
+	movq	32(%rdi),%r8
+	movq	40(%rdi),%r9
+	movq	48(%rdi),%r10
+	movq	56(%rdi),%r11
+	jmp	.Loop_avx2
+.p2align	4
+.Loop_avx2:
+	vmovdqu	-128(%rsi),%xmm0
+	vmovdqu	-128+16(%rsi),%xmm1
+	vmovdqu	-128+32(%rsi),%xmm2
+	leaq	K512+128(%rip),%rbp
+	vmovdqu	-128+48(%rsi),%xmm3
+	vmovdqu	-128+64(%rsi),%xmm4
+	vmovdqu	-128+80(%rsi),%xmm5
+	vmovdqu	-128+96(%rsi),%xmm6
+	vmovdqu	-128+112(%rsi),%xmm7
+
+	vmovdqa	1152(%rbp),%ymm10
+	vinserti128	$1,(%r12),%ymm0,%ymm0
+	vinserti128	$1,16(%r12),%ymm1,%ymm1
+	vpshufb	%ymm10,%ymm0,%ymm0
+	vinserti128	$1,32(%r12),%ymm2,%ymm2
+	vpshufb	%ymm10,%ymm1,%ymm1
+	vinserti128	$1,48(%r12),%ymm3,%ymm3
+	vpshufb	%ymm10,%ymm2,%ymm2
+	vinserti128	$1,64(%r12),%ymm4,%ymm4
+	vpshufb	%ymm10,%ymm3,%ymm3
+	vinserti128	$1,80(%r12),%ymm5,%ymm5
+	vpshufb	%ymm10,%ymm4,%ymm4
+	vinserti128	$1,96(%r12),%ymm6,%ymm6
+	vpshufb	%ymm10,%ymm5,%ymm5
+	vinserti128	$1,112(%r12),%ymm7,%ymm7
+
+	vpaddq	-128(%rbp),%ymm0,%ymm8
+	vpshufb	%ymm10,%ymm6,%ymm6
+	vpaddq	-96(%rbp),%ymm1,%ymm9
+	vpshufb	%ymm10,%ymm7,%ymm7
+	vpaddq	-64(%rbp),%ymm2,%ymm10
+	vpaddq	-32(%rbp),%ymm3,%ymm11
+	vmovdqa	%ymm8,0(%rsp)
+	vpaddq	0(%rbp),%ymm4,%ymm8
+	vmovdqa	%ymm9,32(%rsp)
+	vpaddq	32(%rbp),%ymm5,%ymm9
+	vmovdqa	%ymm10,64(%rsp)
+	vpaddq	64(%rbp),%ymm6,%ymm10
+	vmovdqa	%ymm11,96(%rsp)
+	leaq	-128(%rsp),%rsp
+	vpaddq	96(%rbp),%ymm7,%ymm11
+	vmovdqa	%ymm8,0(%rsp)
+	xorq	%r14,%r14
+	vmovdqa	%ymm9,32(%rsp)
+	movq	%rbx,%rdi
+	vmovdqa	%ymm10,64(%rsp)
+	xorq	%rcx,%rdi
+	vmovdqa	%ymm11,96(%rsp)
+	movq	%r9,%r12
+	addq	$32*8,%rbp
+	jmp	.Lavx2_00_47
+
+.p2align	4
+.Lavx2_00_47:
+	leaq	-128(%rsp),%rsp
+	vpalignr	$8,%ymm0,%ymm1,%ymm8
+	addq	0+256(%rsp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	vpalignr	$8,%ymm4,%ymm5,%ymm11
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	vpaddq	%ymm11,%ymm0,%ymm0
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	vpsrlq	$6,%ymm7,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	vpsllq	$3,%ymm7,%ymm10
+	vpaddq	%ymm8,%ymm0,%ymm0
+	addq	8+256(%rsp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	vpsrlq	$19,%ymm7,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	vpaddq	%ymm11,%ymm0,%ymm0
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	vpaddq	-128(%rbp),%ymm0,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	vmovdqa	%ymm10,0(%rsp)
+	vpalignr	$8,%ymm1,%ymm2,%ymm8
+	addq	32+256(%rsp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	vpalignr	$8,%ymm5,%ymm6,%ymm11
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	vpaddq	%ymm11,%ymm1,%ymm1
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	vpsrlq	$6,%ymm0,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	vpsllq	$3,%ymm0,%ymm10
+	vpaddq	%ymm8,%ymm1,%ymm1
+	addq	40+256(%rsp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	vpsrlq	$19,%ymm0,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	vpaddq	%ymm11,%ymm1,%ymm1
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	vpaddq	-96(%rbp),%ymm1,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	vmovdqa	%ymm10,32(%rsp)
+	vpalignr	$8,%ymm2,%ymm3,%ymm8
+	addq	64+256(%rsp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	vpalignr	$8,%ymm6,%ymm7,%ymm11
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	vpaddq	%ymm11,%ymm2,%ymm2
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	vpsrlq	$6,%ymm1,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	vpsllq	$3,%ymm1,%ymm10
+	vpaddq	%ymm8,%ymm2,%ymm2
+	addq	72+256(%rsp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	vpsrlq	$19,%ymm1,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	vpaddq	%ymm11,%ymm2,%ymm2
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	vpaddq	-64(%rbp),%ymm2,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	vmovdqa	%ymm10,64(%rsp)
+	vpalignr	$8,%ymm3,%ymm4,%ymm8
+	addq	96+256(%rsp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	vpalignr	$8,%ymm7,%ymm0,%ymm11
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	vpaddq	%ymm11,%ymm3,%ymm3
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	vpsrlq	$6,%ymm2,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	vpsllq	$3,%ymm2,%ymm10
+	vpaddq	%ymm8,%ymm3,%ymm3
+	addq	104+256(%rsp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	vpsrlq	$19,%ymm2,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	vpaddq	%ymm11,%ymm3,%ymm3
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	vpaddq	-32(%rbp),%ymm3,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	vmovdqa	%ymm10,96(%rsp)
+	leaq	-128(%rsp),%rsp
+	vpalignr	$8,%ymm4,%ymm5,%ymm8
+	addq	0+256(%rsp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	vpalignr	$8,%ymm0,%ymm1,%ymm11
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	vpaddq	%ymm11,%ymm4,%ymm4
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	vpsrlq	$6,%ymm3,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	vpsllq	$3,%ymm3,%ymm10
+	vpaddq	%ymm8,%ymm4,%ymm4
+	addq	8+256(%rsp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	vpsrlq	$19,%ymm3,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	vpaddq	%ymm11,%ymm4,%ymm4
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	vpaddq	0(%rbp),%ymm4,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	vmovdqa	%ymm10,0(%rsp)
+	vpalignr	$8,%ymm5,%ymm6,%ymm8
+	addq	32+256(%rsp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	vpalignr	$8,%ymm1,%ymm2,%ymm11
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	vpaddq	%ymm11,%ymm5,%ymm5
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	vpsrlq	$6,%ymm4,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	vpsllq	$3,%ymm4,%ymm10
+	vpaddq	%ymm8,%ymm5,%ymm5
+	addq	40+256(%rsp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	vpsrlq	$19,%ymm4,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	vpaddq	%ymm11,%ymm5,%ymm5
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	vpaddq	32(%rbp),%ymm5,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	vmovdqa	%ymm10,32(%rsp)
+	vpalignr	$8,%ymm6,%ymm7,%ymm8
+	addq	64+256(%rsp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	vpalignr	$8,%ymm2,%ymm3,%ymm11
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	vpaddq	%ymm11,%ymm6,%ymm6
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	vpsrlq	$6,%ymm5,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	vpsllq	$3,%ymm5,%ymm10
+	vpaddq	%ymm8,%ymm6,%ymm6
+	addq	72+256(%rsp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	vpsrlq	$19,%ymm5,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	vpaddq	%ymm11,%ymm6,%ymm6
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	vpaddq	64(%rbp),%ymm6,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	vmovdqa	%ymm10,64(%rsp)
+	vpalignr	$8,%ymm7,%ymm0,%ymm8
+	addq	96+256(%rsp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	vpalignr	$8,%ymm3,%ymm4,%ymm11
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	vpaddq	%ymm11,%ymm7,%ymm7
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	vpsrlq	$6,%ymm6,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	vpsllq	$3,%ymm6,%ymm10
+	vpaddq	%ymm8,%ymm7,%ymm7
+	addq	104+256(%rsp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	vpsrlq	$19,%ymm6,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	vpaddq	%ymm11,%ymm7,%ymm7
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	vpaddq	96(%rbp),%ymm7,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	vmovdqa	%ymm10,96(%rsp)
+	leaq	256(%rbp),%rbp
+	cmpb	$0,-121(%rbp)
+	jne	.Lavx2_00_47
+	addq	0+128(%rsp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	addq	8+128(%rsp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	addq	32+128(%rsp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	addq	40+128(%rsp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	addq	64+128(%rsp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	addq	72+128(%rsp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	addq	96+128(%rsp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	addq	104+128(%rsp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	addq	0(%rsp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	addq	8(%rsp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	addq	32(%rsp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	addq	40(%rsp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	addq	64(%rsp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	addq	72(%rsp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	addq	96(%rsp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	addq	104(%rsp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	movq	1280(%rsp),%rdi
+	addq	%r14,%rax
+
+	leaq	1152(%rsp),%rbp
+
+	addq	0(%rdi),%rax
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	addq	48(%rdi),%r10
+	addq	56(%rdi),%r11
+
+	movq	%rax,0(%rdi)
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+
+	cmpq	144(%rbp),%rsi
+	je	.Ldone_avx2
+
+	xorq	%r14,%r14
+	movq	%rbx,%rdi
+	xorq	%rcx,%rdi
+	movq	%r9,%r12
+	jmp	.Lower_avx2
+.p2align	4
+.Lower_avx2:
+	addq	0+16(%rbp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	addq	8+16(%rbp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	addq	32+16(%rbp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	addq	40+16(%rbp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	addq	64+16(%rbp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	addq	72+16(%rbp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	addq	96+16(%rbp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	addq	104+16(%rbp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	leaq	-128(%rbp),%rbp
+	cmpq	%rsp,%rbp
+	jae	.Lower_avx2
+
+	movq	1280(%rsp),%rdi
+	addq	%r14,%rax
+
+	leaq	1152(%rsp),%rsp
+
+
+
+	addq	0(%rdi),%rax
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	leaq	256(%rsi),%rsi
+	addq	48(%rdi),%r10
+	movq	%rsi,%r12
+	addq	56(%rdi),%r11
+	cmpq	128+16(%rsp),%rsi
+
+	movq	%rax,0(%rdi)
+	cmoveq	%rsp,%r12
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+
+	jbe	.Loop_avx2
+	leaq	(%rsp),%rbp
+
+
+
+
+.Ldone_avx2:
+	movq	152(%rbp),%rsi
+
+	vzeroupper
+	movaps	128+32(%rbp),%xmm6
+	movaps	128+48(%rbp),%xmm7
+	movaps	128+64(%rbp),%xmm8
+	movaps	128+80(%rbp),%xmm9
+	movaps	128+96(%rbp),%xmm10
+	movaps	128+112(%rbp),%xmm11
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+.Lepilogue_avx2:
+	movq	8(%rsp),%rdi
+	movq	16(%rsp),%rsi
+	.byte	0xf3,0xc3
+
+.LSEH_end_sha512_block_data_order_avx2:
+
+.def	se_handler;	.scl 3;	.type 32;	.endef
+.p2align	4
+se_handler:
+	pushq	%rsi
+	pushq	%rdi
+	pushq	%rbx
+	pushq	%rbp
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	pushfq
+	subq	$64,%rsp
+
+	movq	120(%r8),%rax
+	movq	248(%r8),%rbx
+
+	movq	8(%r9),%rsi
+	movq	56(%r9),%r11
+
+	movl	0(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jb	.Lin_prologue
+
+	movq	152(%r8),%rax
+
+	movl	4(%r11),%r10d
+	leaq	(%rsi,%r10,1),%r10
+	cmpq	%r10,%rbx
+	jae	.Lin_prologue
+	leaq	.Lavx2_shortcut(%rip),%r10
+	cmpq	%r10,%rbx
+	jb	.Lnot_in_avx2
+
+	andq	$-2048,%rax
+	addq	$1152,%rax
+.Lnot_in_avx2:
+	movq	%rax,%rsi
+	movq	128+24(%rax),%rax
+
+	movq	-8(%rax),%rbx
+	movq	-16(%rax),%rbp
+	movq	-24(%rax),%r12
+	movq	-32(%rax),%r13
+	movq	-40(%rax),%r14
+	movq	-48(%rax),%r15
+	movq	%rbx,144(%r8)
+	movq	%rbp,160(%r8)
+	movq	%r12,216(%r8)
+	movq	%r13,224(%r8)
+	movq	%r14,232(%r8)
+	movq	%r15,240(%r8)
+
+	leaq	.Lepilogue(%rip),%r10
+	cmpq	%r10,%rbx
+	jb	.Lin_prologue
+
+	leaq	128+32(%rsi),%rsi
+	leaq	512(%r8),%rdi
+	movl	$12,%ecx
+.long	0xa548f3fc
+
+.Lin_prologue:
+	movq	8(%rax),%rdi
+	movq	16(%rax),%rsi
+	movq	%rax,152(%r8)
+	movq	%rsi,168(%r8)
+	movq	%rdi,176(%r8)
+
+	movq	40(%r9),%rdi
+	movq	%r8,%rsi
+	movl	$154,%ecx
+.long	0xa548f3fc
+
+	movq	%r9,%rsi
+	xorq	%rcx,%rcx
+	movq	8(%rsi),%rdx
+	movq	0(%rsi),%r8
+	movq	16(%rsi),%r9
+	movq	40(%rsi),%r10
+	leaq	56(%rsi),%r11
+	leaq	24(%rsi),%r12
+	movq	%r10,32(%rsp)
+	movq	%r11,40(%rsp)
+	movq	%r12,48(%rsp)
+	movq	%rcx,56(%rsp)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	movl	$1,%eax
+	addq	$64,%rsp
+	popfq
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbp
+	popq	%rbx
+	popq	%rdi
+	popq	%rsi
+	.byte	0xf3,0xc3
+
+.section	.pdata
+.p2align	2
+.rva	.LSEH_begin_sha512_block_data_order
+.rva	.LSEH_end_sha512_block_data_order
+.rva	.LSEH_info_sha512_block_data_order
+.rva	.LSEH_begin_sha512_block_data_order_xop
+.rva	.LSEH_end_sha512_block_data_order_xop
+.rva	.LSEH_info_sha512_block_data_order_xop
+.rva	.LSEH_begin_sha512_block_data_order_avx
+.rva	.LSEH_end_sha512_block_data_order_avx
+.rva	.LSEH_info_sha512_block_data_order_avx
+.rva	.LSEH_begin_sha512_block_data_order_avx2
+.rva	.LSEH_end_sha512_block_data_order_avx2
+.rva	.LSEH_info_sha512_block_data_order_avx2
+.section	.xdata
+.p2align	3
+.LSEH_info_sha512_block_data_order:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Lprologue,.Lepilogue
+.LSEH_info_sha512_block_data_order_xop:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Lprologue_xop,.Lepilogue_xop
+.LSEH_info_sha512_block_data_order_avx:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Lprologue_avx,.Lepilogue_avx
+.LSEH_info_sha512_block_data_order_avx2:
+.byte	9,0,0,0
+.rva	se_handler
+.rva	.Lprologue_avx2,.Lepilogue_avx2
+
diff --git a/lib/accelerated/x86/elf/aes-ssse3-x86.s b/lib/accelerated/x86/elf/aes-ssse3-x86.s
new file mode 100644
index 0000000..265e28a
--- /dev/null
+++ b/lib/accelerated/x86/elf/aes-ssse3-x86.s
@@ -0,0 +1,674 @@
+######################################################################
+## Constant-time SSSE3 AES core implementation.
+## version 0.1
+##
+## By Mike Hamburg (Stanford University), 2009
+## Public domain.
+##
+## For details see http://shiftleft.org/papers/vector_aes/ and
+## http://crypto.stanford.edu/vpaes/.
+#
+# *** This file is auto-generated ***
+#
+.text
+.align	64
+.L_vpaes_consts:
+.long	218628480,235210255,168496130,67568393
+.long	252381056,17041926,33884169,51187212
+.long	252645135,252645135,252645135,252645135
+.long	1512730624,3266504856,1377990664,3401244816
+.long	830229760,1275146365,2969422977,3447763452
+.long	3411033600,2979783055,338359620,2782886510
+.long	4209124096,907596821,221174255,1006095553
+.long	191964160,3799684038,3164090317,1589111125
+.long	182528256,1777043520,2877432650,3265356744
+.long	1874708224,3503451415,3305285752,363511674
+.long	1606117888,3487855781,1093350906,2384367825
+.long	197121,67569157,134941193,202313229
+.long	67569157,134941193,202313229,197121
+.long	134941193,202313229,197121,67569157
+.long	202313229,197121,67569157,134941193
+.long	33619971,100992007,168364043,235736079
+.long	235736079,33619971,100992007,168364043
+.long	168364043,235736079,33619971,100992007
+.long	100992007,168364043,235736079,33619971
+.long	50462976,117835012,185207048,252579084
+.long	252314880,51251460,117574920,184942860
+.long	184682752,252054788,50987272,118359308
+.long	118099200,185467140,251790600,50727180
+.long	2946363062,528716217,1300004225,1881839624
+.long	1532713819,1532713819,1532713819,1532713819
+.long	3602276352,4288629033,3737020424,4153884961
+.long	1354558464,32357713,2958822624,3775749553
+.long	1201988352,132424512,1572796698,503232858
+.long	2213177600,1597421020,4103937655,675398315
+.long	2749646592,4273543773,1511898873,121693092
+.long	3040248576,1103263732,2871565598,1608280554
+.long	2236667136,2588920351,482954393,64377734
+.long	3069987328,291237287,2117370568,3650299247
+.long	533321216,3573750986,2572112006,1401264716
+.long	1339849704,2721158661,548607111,3445553514
+.long	2128193280,3054596040,2183486460,1257083700
+.long	655635200,1165381986,3923443150,2344132524
+.long	190078720,256924420,290342170,357187870
+.long	1610966272,2263057382,4103205268,309794674
+.long	2592527872,2233205587,1335446729,3402964816
+.long	3973531904,3225098121,3002836325,1918774430
+.long	3870401024,2102906079,2284471353,4117666579
+.long	617007872,1021508343,366931923,691083277
+.long	2528395776,3491914898,2968704004,1613121270
+.long	3445188352,3247741094,844474987,4093578302
+.long	651481088,1190302358,1689581232,574775300
+.long	4289380608,206939853,2555985458,2489840491
+.long	2130264064,327674451,3566485037,3349835193
+.long	2470714624,316102159,3636825756,3393945945
+.byte	86,101,99,116,111,114,32,80,101,114,109,117,116,97,116,105
+.byte	111,110,32,65,69,83,32,102,111,114,32,120,56,54,47,83
+.byte	83,83,69,51,44,32,77,105,107,101,32,72,97,109,98,117
+.byte	114,103,32,40,83,116,97,110,102,111,114,100,32,85,110,105
+.byte	118,101,114,115,105,116,121,41,0
+.align	64
+.type	_vpaes_preheat,@function
+.align	16
+_vpaes_preheat:
+	addl	(%esp),%ebp
+	movdqa	-48(%ebp),%xmm7
+	movdqa	-16(%ebp),%xmm6
+	ret
+.size	_vpaes_preheat,.-_vpaes_preheat
+.type	_vpaes_encrypt_core,@function
+.align	16
+_vpaes_encrypt_core:
+	movl	$16,%ecx
+	movl	240(%edx),%eax
+	movdqa	%xmm6,%xmm1
+	movdqa	(%ebp),%xmm2
+	pandn	%xmm0,%xmm1
+	pand	%xmm6,%xmm0
+	movdqu	(%edx),%xmm5
+.byte	102,15,56,0,208
+	movdqa	16(%ebp),%xmm0
+	pxor	%xmm5,%xmm2
+	psrld	$4,%xmm1
+	addl	$16,%edx
+.byte	102,15,56,0,193
+	leal	192(%ebp),%ebx
+	pxor	%xmm2,%xmm0
+	jmp	.L000enc_entry
+.align	16
+.L001enc_loop:
+	movdqa	32(%ebp),%xmm4
+	movdqa	48(%ebp),%xmm0
+.byte	102,15,56,0,226
+.byte	102,15,56,0,195
+	pxor	%xmm5,%xmm4
+	movdqa	64(%ebp),%xmm5
+	pxor	%xmm4,%xmm0
+	movdqa	-64(%ebx,%ecx,1),%xmm1
+.byte	102,15,56,0,234
+	movdqa	80(%ebp),%xmm2
+	movdqa	(%ebx,%ecx,1),%xmm4
+.byte	102,15,56,0,211
+	movdqa	%xmm0,%xmm3
+	pxor	%xmm5,%xmm2
+.byte	102,15,56,0,193
+	addl	$16,%edx
+	pxor	%xmm2,%xmm0
+.byte	102,15,56,0,220
+	addl	$16,%ecx
+	pxor	%xmm0,%xmm3
+.byte	102,15,56,0,193
+	andl	$48,%ecx
+	subl	$1,%eax
+	pxor	%xmm3,%xmm0
+.L000enc_entry:
+	movdqa	%xmm6,%xmm1
+	movdqa	-32(%ebp),%xmm5
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm6,%xmm0
+.byte	102,15,56,0,232
+	movdqa	%xmm7,%xmm3
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,217
+	movdqa	%xmm7,%xmm4
+	pxor	%xmm5,%xmm3
+.byte	102,15,56,0,224
+	movdqa	%xmm7,%xmm2
+	pxor	%xmm5,%xmm4
+.byte	102,15,56,0,211
+	movdqa	%xmm7,%xmm3
+	pxor	%xmm0,%xmm2
+.byte	102,15,56,0,220
+	movdqu	(%edx),%xmm5
+	pxor	%xmm1,%xmm3
+	jnz	.L001enc_loop
+	movdqa	96(%ebp),%xmm4
+	movdqa	112(%ebp),%xmm0
+.byte	102,15,56,0,226
+	pxor	%xmm5,%xmm4
+.byte	102,15,56,0,195
+	movdqa	64(%ebx,%ecx,1),%xmm1
+	pxor	%xmm4,%xmm0
+.byte	102,15,56,0,193
+	ret
+.size	_vpaes_encrypt_core,.-_vpaes_encrypt_core
+.type	_vpaes_decrypt_core,@function
+.align	16
+_vpaes_decrypt_core:
+	leal	608(%ebp),%ebx
+	movl	240(%edx),%eax
+	movdqa	%xmm6,%xmm1
+	movdqa	-64(%ebx),%xmm2
+	pandn	%xmm0,%xmm1
+	movl	%eax,%ecx
+	psrld	$4,%xmm1
+	movdqu	(%edx),%xmm5
+	shll	$4,%ecx
+	pand	%xmm6,%xmm0
+.byte	102,15,56,0,208
+	movdqa	-48(%ebx),%xmm0
+	xorl	$48,%ecx
+.byte	102,15,56,0,193
+	andl	$48,%ecx
+	pxor	%xmm5,%xmm2
+	movdqa	176(%ebp),%xmm5
+	pxor	%xmm2,%xmm0
+	addl	$16,%edx
+	leal	-352(%ebx,%ecx,1),%ecx
+	jmp	.L002dec_entry
+.align	16
+.L003dec_loop:
+	movdqa	-32(%ebx),%xmm4
+	movdqa	-16(%ebx),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	(%ebx),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	16(%ebx),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	32(%ebx),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	48(%ebx),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	64(%ebx),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	80(%ebx),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	addl	$16,%edx
+.byte	102,15,58,15,237,12
+	pxor	%xmm1,%xmm0
+	subl	$1,%eax
+.L002dec_entry:
+	movdqa	%xmm6,%xmm1
+	movdqa	-32(%ebp),%xmm2
+	pandn	%xmm0,%xmm1
+	pand	%xmm6,%xmm0
+	psrld	$4,%xmm1
+.byte	102,15,56,0,208
+	movdqa	%xmm7,%xmm3
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,217
+	movdqa	%xmm7,%xmm4
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,224
+	pxor	%xmm2,%xmm4
+	movdqa	%xmm7,%xmm2
+.byte	102,15,56,0,211
+	movdqa	%xmm7,%xmm3
+	pxor	%xmm0,%xmm2
+.byte	102,15,56,0,220
+	movdqu	(%edx),%xmm0
+	pxor	%xmm1,%xmm3
+	jnz	.L003dec_loop
+	movdqa	96(%ebx),%xmm4
+.byte	102,15,56,0,226
+	pxor	%xmm0,%xmm4
+	movdqa	112(%ebx),%xmm0
+	movdqa	(%ecx),%xmm2
+.byte	102,15,56,0,195
+	pxor	%xmm4,%xmm0
+.byte	102,15,56,0,194
+	ret
+.size	_vpaes_decrypt_core,.-_vpaes_decrypt_core
+.type	_vpaes_schedule_core,@function
+.align	16
+_vpaes_schedule_core:
+	addl	(%esp),%ebp
+	movdqu	(%esi),%xmm0
+	movdqa	320(%ebp),%xmm2
+	movdqa	%xmm0,%xmm3
+	leal	(%ebp),%ebx
+	movdqa	%xmm2,4(%esp)
+	call	_vpaes_schedule_transform
+	movdqa	%xmm0,%xmm7
+	testl	%edi,%edi
+	jnz	.L004schedule_am_decrypting
+	movdqu	%xmm0,(%edx)
+	jmp	.L005schedule_go
+.L004schedule_am_decrypting:
+	movdqa	256(%ebp,%ecx,1),%xmm1
+.byte	102,15,56,0,217
+	movdqu	%xmm3,(%edx)
+	xorl	$48,%ecx
+.L005schedule_go:
+	cmpl	$192,%eax
+	ja	.L006schedule_256
+	je	.L007schedule_192
+.L008schedule_128:
+	movl	$10,%eax
+.L009loop_schedule_128:
+	call	_vpaes_schedule_round
+	decl	%eax
+	jz	.L010schedule_mangle_last
+	call	_vpaes_schedule_mangle
+	jmp	.L009loop_schedule_128
+.align	16
+.L007schedule_192:
+	movdqu	8(%esi),%xmm0
+	call	_vpaes_schedule_transform
+	movdqa	%xmm0,%xmm6
+	pxor	%xmm4,%xmm4
+	movhlps	%xmm4,%xmm6
+	movl	$4,%eax
+.L011loop_schedule_192:
+	call	_vpaes_schedule_round
+.byte	102,15,58,15,198,8
+	call	_vpaes_schedule_mangle
+	call	_vpaes_schedule_192_smear
+	call	_vpaes_schedule_mangle
+	call	_vpaes_schedule_round
+	decl	%eax
+	jz	.L010schedule_mangle_last
+	call	_vpaes_schedule_mangle
+	call	_vpaes_schedule_192_smear
+	jmp	.L011loop_schedule_192
+.align	16
+.L006schedule_256:
+	movdqu	16(%esi),%xmm0
+	call	_vpaes_schedule_transform
+	movl	$7,%eax
+.L012loop_schedule_256:
+	call	_vpaes_schedule_mangle
+	movdqa	%xmm0,%xmm6
+	call	_vpaes_schedule_round
+	decl	%eax
+	jz	.L010schedule_mangle_last
+	call	_vpaes_schedule_mangle
+	pshufd	$255,%xmm0,%xmm0
+	movdqa	%xmm7,20(%esp)
+	movdqa	%xmm6,%xmm7
+	call	.L_vpaes_schedule_low_round
+	movdqa	20(%esp),%xmm7
+	jmp	.L012loop_schedule_256
+.align	16
+.L010schedule_mangle_last:
+	leal	384(%ebp),%ebx
+	testl	%edi,%edi
+	jnz	.L013schedule_mangle_last_dec
+	movdqa	256(%ebp,%ecx,1),%xmm1
+.byte	102,15,56,0,193
+	leal	352(%ebp),%ebx
+	addl	$32,%edx
+.L013schedule_mangle_last_dec:
+	addl	$-16,%edx
+	pxor	336(%ebp),%xmm0
+	call	_vpaes_schedule_transform
+	movdqu	%xmm0,(%edx)
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	ret
+.size	_vpaes_schedule_core,.-_vpaes_schedule_core
+.type	_vpaes_schedule_192_smear,@function
+.align	16
+_vpaes_schedule_192_smear:
+	pshufd	$128,%xmm6,%xmm1
+	pshufd	$254,%xmm7,%xmm0
+	pxor	%xmm1,%xmm6
+	pxor	%xmm1,%xmm1
+	pxor	%xmm0,%xmm6
+	movdqa	%xmm6,%xmm0
+	movhlps	%xmm1,%xmm6
+	ret
+.size	_vpaes_schedule_192_smear,.-_vpaes_schedule_192_smear
+.type	_vpaes_schedule_round,@function
+.align	16
+_vpaes_schedule_round:
+	movdqa	8(%esp),%xmm2
+	pxor	%xmm1,%xmm1
+.byte	102,15,58,15,202,15
+.byte	102,15,58,15,210,15
+	pxor	%xmm1,%xmm7
+	pshufd	$255,%xmm0,%xmm0
+.byte	102,15,58,15,192,1
+	movdqa	%xmm2,8(%esp)
+.L_vpaes_schedule_low_round:
+	movdqa	%xmm7,%xmm1
+	pslldq	$4,%xmm7
+	pxor	%xmm1,%xmm7
+	movdqa	%xmm7,%xmm1
+	pslldq	$8,%xmm7
+	pxor	%xmm1,%xmm7
+	pxor	336(%ebp),%xmm7
+	movdqa	-16(%ebp),%xmm4
+	movdqa	-48(%ebp),%xmm5
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm4,%xmm0
+	movdqa	-32(%ebp),%xmm2
+.byte	102,15,56,0,208
+	pxor	%xmm1,%xmm0
+	movdqa	%xmm5,%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm5,%xmm4
+.byte	102,15,56,0,224
+	pxor	%xmm2,%xmm4
+	movdqa	%xmm5,%xmm2
+.byte	102,15,56,0,211
+	pxor	%xmm0,%xmm2
+	movdqa	%xmm5,%xmm3
+.byte	102,15,56,0,220
+	pxor	%xmm1,%xmm3
+	movdqa	32(%ebp),%xmm4
+.byte	102,15,56,0,226
+	movdqa	48(%ebp),%xmm0
+.byte	102,15,56,0,195
+	pxor	%xmm4,%xmm0
+	pxor	%xmm7,%xmm0
+	movdqa	%xmm0,%xmm7
+	ret
+.size	_vpaes_schedule_round,.-_vpaes_schedule_round
+.type	_vpaes_schedule_transform,@function
+.align	16
+_vpaes_schedule_transform:
+	movdqa	-16(%ebp),%xmm2
+	movdqa	%xmm2,%xmm1
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm2,%xmm0
+	movdqa	(%ebx),%xmm2
+.byte	102,15,56,0,208
+	movdqa	16(%ebx),%xmm0
+.byte	102,15,56,0,193
+	pxor	%xmm2,%xmm0
+	ret
+.size	_vpaes_schedule_transform,.-_vpaes_schedule_transform
+.type	_vpaes_schedule_mangle,@function
+.align	16
+_vpaes_schedule_mangle:
+	movdqa	%xmm0,%xmm4
+	movdqa	128(%ebp),%xmm5
+	testl	%edi,%edi
+	jnz	.L014schedule_mangle_dec
+	addl	$16,%edx
+	pxor	336(%ebp),%xmm4
+.byte	102,15,56,0,229
+	movdqa	%xmm4,%xmm3
+.byte	102,15,56,0,229
+	pxor	%xmm4,%xmm3
+.byte	102,15,56,0,229
+	pxor	%xmm4,%xmm3
+	jmp	.L015schedule_mangle_both
+.align	16
+.L014schedule_mangle_dec:
+	movdqa	-16(%ebp),%xmm2
+	leal	416(%ebp),%esi
+	movdqa	%xmm2,%xmm1
+	pandn	%xmm4,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm2,%xmm4
+	movdqa	(%esi),%xmm2
+.byte	102,15,56,0,212
+	movdqa	16(%esi),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+	movdqa	32(%esi),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	48(%esi),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+	movdqa	64(%esi),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	80(%esi),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+	movdqa	96(%esi),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	112(%esi),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+	addl	$-16,%edx
+.L015schedule_mangle_both:
+	movdqa	256(%ebp,%ecx,1),%xmm1
+.byte	102,15,56,0,217
+	addl	$-16,%ecx
+	andl	$48,%ecx
+	movdqu	%xmm3,(%edx)
+	ret
+.size	_vpaes_schedule_mangle,.-_vpaes_schedule_mangle
+.globl	vpaes_set_encrypt_key
+.type	vpaes_set_encrypt_key,@function
+.align	16
+vpaes_set_encrypt_key:
+.L_vpaes_set_encrypt_key_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	leal	-56(%esp),%ebx
+	movl	24(%esp),%eax
+	andl	$-16,%ebx
+	movl	28(%esp),%edx
+	xchgl	%esp,%ebx
+	movl	%ebx,48(%esp)
+	movl	%eax,%ebx
+	shrl	$5,%ebx
+	addl	$5,%ebx
+	movl	%ebx,240(%edx)
+	movl	$48,%ecx
+	movl	$0,%edi
+	leal	.L_vpaes_consts+0x30-.L016pic_point,%ebp
+	call	_vpaes_schedule_core
+.L016pic_point:
+	movl	48(%esp),%esp
+	xorl	%eax,%eax
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	vpaes_set_encrypt_key,.-.L_vpaes_set_encrypt_key_begin
+.globl	vpaes_set_decrypt_key
+.type	vpaes_set_decrypt_key,@function
+.align	16
+vpaes_set_decrypt_key:
+.L_vpaes_set_decrypt_key_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	leal	-56(%esp),%ebx
+	movl	24(%esp),%eax
+	andl	$-16,%ebx
+	movl	28(%esp),%edx
+	xchgl	%esp,%ebx
+	movl	%ebx,48(%esp)
+	movl	%eax,%ebx
+	shrl	$5,%ebx
+	addl	$5,%ebx
+	movl	%ebx,240(%edx)
+	shll	$4,%ebx
+	leal	16(%edx,%ebx,1),%edx
+	movl	$1,%edi
+	movl	%eax,%ecx
+	shrl	$1,%ecx
+	andl	$32,%ecx
+	xorl	$32,%ecx
+	leal	.L_vpaes_consts+0x30-.L017pic_point,%ebp
+	call	_vpaes_schedule_core
+.L017pic_point:
+	movl	48(%esp),%esp
+	xorl	%eax,%eax
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	vpaes_set_decrypt_key,.-.L_vpaes_set_decrypt_key_begin
+.globl	vpaes_encrypt
+.type	vpaes_encrypt,@function
+.align	16
+vpaes_encrypt:
+.L_vpaes_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	leal	.L_vpaes_consts+0x30-.L018pic_point,%ebp
+	call	_vpaes_preheat
+.L018pic_point:
+	movl	20(%esp),%esi
+	leal	-56(%esp),%ebx
+	movl	24(%esp),%edi
+	andl	$-16,%ebx
+	movl	28(%esp),%edx
+	xchgl	%esp,%ebx
+	movl	%ebx,48(%esp)
+	movdqu	(%esi),%xmm0
+	call	_vpaes_encrypt_core
+	movdqu	%xmm0,(%edi)
+	movl	48(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	vpaes_encrypt,.-.L_vpaes_encrypt_begin
+.globl	vpaes_decrypt
+.type	vpaes_decrypt,@function
+.align	16
+vpaes_decrypt:
+.L_vpaes_decrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	leal	.L_vpaes_consts+0x30-.L019pic_point,%ebp
+	call	_vpaes_preheat
+.L019pic_point:
+	movl	20(%esp),%esi
+	leal	-56(%esp),%ebx
+	movl	24(%esp),%edi
+	andl	$-16,%ebx
+	movl	28(%esp),%edx
+	xchgl	%esp,%ebx
+	movl	%ebx,48(%esp)
+	movdqu	(%esi),%xmm0
+	call	_vpaes_decrypt_core
+	movdqu	%xmm0,(%edi)
+	movl	48(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	vpaes_decrypt,.-.L_vpaes_decrypt_begin
+.globl	vpaes_cbc_encrypt
+.type	vpaes_cbc_encrypt,@function
+.align	16
+vpaes_cbc_encrypt:
+.L_vpaes_cbc_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	subl	$16,%eax
+	jc	.L020cbc_abort
+	leal	-56(%esp),%ebx
+	movl	36(%esp),%ebp
+	andl	$-16,%ebx
+	movl	40(%esp),%ecx
+	xchgl	%esp,%ebx
+	movdqu	(%ebp),%xmm1
+	subl	%esi,%edi
+	movl	%ebx,48(%esp)
+	movl	%edi,(%esp)
+	movl	%edx,4(%esp)
+	movl	%ebp,8(%esp)
+	movl	%eax,%edi
+	leal	.L_vpaes_consts+0x30-.L021pic_point,%ebp
+	call	_vpaes_preheat
+.L021pic_point:
+	cmpl	$0,%ecx
+	je	.L022cbc_dec_loop
+	jmp	.L023cbc_enc_loop
+.align	16
+.L023cbc_enc_loop:
+	movdqu	(%esi),%xmm0
+	pxor	%xmm1,%xmm0
+	call	_vpaes_encrypt_core
+	movl	(%esp),%ebx
+	movl	4(%esp),%edx
+	movdqa	%xmm0,%xmm1
+	movdqu	%xmm0,(%ebx,%esi,1)
+	leal	16(%esi),%esi
+	subl	$16,%edi
+	jnc	.L023cbc_enc_loop
+	jmp	.L024cbc_done
+.align	16
+.L022cbc_dec_loop:
+	movdqu	(%esi),%xmm0
+	movdqa	%xmm1,16(%esp)
+	movdqa	%xmm0,32(%esp)
+	call	_vpaes_decrypt_core
+	movl	(%esp),%ebx
+	movl	4(%esp),%edx
+	pxor	16(%esp),%xmm0
+	movdqa	32(%esp),%xmm1
+	movdqu	%xmm0,(%ebx,%esi,1)
+	leal	16(%esi),%esi
+	subl	$16,%edi
+	jnc	.L022cbc_dec_loop
+.L024cbc_done:
+	movl	8(%esp),%ebx
+	movl	48(%esp),%esp
+	movdqu	%xmm1,(%ebx)
+.L020cbc_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	vpaes_cbc_encrypt,.-.L_vpaes_cbc_encrypt_begin
+
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/x86/elf/aes-ssse3-x86_64.s b/lib/accelerated/x86/elf/aes-ssse3-x86_64.s
new file mode 100644
index 0000000..ea1216b
--- /dev/null
+++ b/lib/accelerated/x86/elf/aes-ssse3-x86_64.s
@@ -0,0 +1,867 @@
+######################################################################
+## Constant-time SSSE3 AES core implementation.
+## version 0.1
+##
+## By Mike Hamburg (Stanford University), 2009
+## Public domain.
+##
+## For details see http://shiftleft.org/papers/vector_aes/ and
+## http://crypto.stanford.edu/vpaes/.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.type	_vpaes_encrypt_core,@function
+.align	16
+_vpaes_encrypt_core:
+.cfi_startproc	
+	movq	%rdx,%r9
+	movq	$16,%r11
+	movl	240(%rdx),%eax
+	movdqa	%xmm9,%xmm1
+	movdqa	.Lk_ipt(%rip),%xmm2
+	pandn	%xmm0,%xmm1
+	movdqu	(%r9),%xmm5
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+.byte	102,15,56,0,208
+	movdqa	.Lk_ipt+16(%rip),%xmm0
+.byte	102,15,56,0,193
+	pxor	%xmm5,%xmm2
+	addq	$16,%r9
+	pxor	%xmm2,%xmm0
+	leaq	.Lk_mc_backward(%rip),%r10
+	jmp	.Lenc_entry
+
+.align	16
+.Lenc_loop:
+
+	movdqa	%xmm13,%xmm4
+	movdqa	%xmm12,%xmm0
+.byte	102,15,56,0,226
+.byte	102,15,56,0,195
+	pxor	%xmm5,%xmm4
+	movdqa	%xmm15,%xmm5
+	pxor	%xmm4,%xmm0
+	movdqa	-64(%r11,%r10,1),%xmm1
+.byte	102,15,56,0,234
+	movdqa	(%r11,%r10,1),%xmm4
+	movdqa	%xmm14,%xmm2
+.byte	102,15,56,0,211
+	movdqa	%xmm0,%xmm3
+	pxor	%xmm5,%xmm2
+.byte	102,15,56,0,193
+	addq	$16,%r9
+	pxor	%xmm2,%xmm0
+.byte	102,15,56,0,220
+	addq	$16,%r11
+	pxor	%xmm0,%xmm3
+.byte	102,15,56,0,193
+	andq	$0x30,%r11
+	subq	$1,%rax
+	pxor	%xmm3,%xmm0
+
+.Lenc_entry:
+
+	movdqa	%xmm9,%xmm1
+	movdqa	%xmm11,%xmm5
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+.byte	102,15,56,0,232
+	movdqa	%xmm10,%xmm3
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,217
+	movdqa	%xmm10,%xmm4
+	pxor	%xmm5,%xmm3
+.byte	102,15,56,0,224
+	movdqa	%xmm10,%xmm2
+	pxor	%xmm5,%xmm4
+.byte	102,15,56,0,211
+	movdqa	%xmm10,%xmm3
+	pxor	%xmm0,%xmm2
+.byte	102,15,56,0,220
+	movdqu	(%r9),%xmm5
+	pxor	%xmm1,%xmm3
+	jnz	.Lenc_loop
+
+
+	movdqa	-96(%r10),%xmm4
+	movdqa	-80(%r10),%xmm0
+.byte	102,15,56,0,226
+	pxor	%xmm5,%xmm4
+.byte	102,15,56,0,195
+	movdqa	64(%r11,%r10,1),%xmm1
+	pxor	%xmm4,%xmm0
+.byte	102,15,56,0,193
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_vpaes_encrypt_core,.-_vpaes_encrypt_core
+
+
+
+
+
+
+.type	_vpaes_decrypt_core,@function
+.align	16
+_vpaes_decrypt_core:
+.cfi_startproc	
+	movq	%rdx,%r9
+	movl	240(%rdx),%eax
+	movdqa	%xmm9,%xmm1
+	movdqa	.Lk_dipt(%rip),%xmm2
+	pandn	%xmm0,%xmm1
+	movq	%rax,%r11
+	psrld	$4,%xmm1
+	movdqu	(%r9),%xmm5
+	shlq	$4,%r11
+	pand	%xmm9,%xmm0
+.byte	102,15,56,0,208
+	movdqa	.Lk_dipt+16(%rip),%xmm0
+	xorq	$0x30,%r11
+	leaq	.Lk_dsbd(%rip),%r10
+.byte	102,15,56,0,193
+	andq	$0x30,%r11
+	pxor	%xmm5,%xmm2
+	movdqa	.Lk_mc_forward+48(%rip),%xmm5
+	pxor	%xmm2,%xmm0
+	addq	$16,%r9
+	addq	%r10,%r11
+	jmp	.Ldec_entry
+
+.align	16
+.Ldec_loop:
+
+
+
+	movdqa	-32(%r10),%xmm4
+	movdqa	-16(%r10),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	0(%r10),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	16(%r10),%xmm1
+
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	32(%r10),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	48(%r10),%xmm1
+
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	64(%r10),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	80(%r10),%xmm1
+
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	addq	$16,%r9
+.byte	102,15,58,15,237,12
+	pxor	%xmm1,%xmm0
+	subq	$1,%rax
+
+.Ldec_entry:
+
+	movdqa	%xmm9,%xmm1
+	pandn	%xmm0,%xmm1
+	movdqa	%xmm11,%xmm2
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+.byte	102,15,56,0,208
+	movdqa	%xmm10,%xmm3
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,217
+	movdqa	%xmm10,%xmm4
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,224
+	pxor	%xmm2,%xmm4
+	movdqa	%xmm10,%xmm2
+.byte	102,15,56,0,211
+	movdqa	%xmm10,%xmm3
+	pxor	%xmm0,%xmm2
+.byte	102,15,56,0,220
+	movdqu	(%r9),%xmm0
+	pxor	%xmm1,%xmm3
+	jnz	.Ldec_loop
+
+
+	movdqa	96(%r10),%xmm4
+.byte	102,15,56,0,226
+	pxor	%xmm0,%xmm4
+	movdqa	112(%r10),%xmm0
+	movdqa	-352(%r11),%xmm2
+.byte	102,15,56,0,195
+	pxor	%xmm4,%xmm0
+.byte	102,15,56,0,194
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_vpaes_decrypt_core,.-_vpaes_decrypt_core
+
+
+
+
+
+
+.type	_vpaes_schedule_core,@function
+.align	16
+_vpaes_schedule_core:
+.cfi_startproc	
+
+
+
+
+
+	call	_vpaes_preheat
+	movdqa	.Lk_rcon(%rip),%xmm8
+	movdqu	(%rdi),%xmm0
+
+
+	movdqa	%xmm0,%xmm3
+	leaq	.Lk_ipt(%rip),%r11
+	call	_vpaes_schedule_transform
+	movdqa	%xmm0,%xmm7
+
+	leaq	.Lk_sr(%rip),%r10
+	testq	%rcx,%rcx
+	jnz	.Lschedule_am_decrypting
+
+
+	movdqu	%xmm0,(%rdx)
+	jmp	.Lschedule_go
+
+.Lschedule_am_decrypting:
+
+	movdqa	(%r8,%r10,1),%xmm1
+.byte	102,15,56,0,217
+	movdqu	%xmm3,(%rdx)
+	xorq	$0x30,%r8
+
+.Lschedule_go:
+	cmpl	$192,%esi
+	ja	.Lschedule_256
+	je	.Lschedule_192
+
+
+
+
+
+
+
+
+
+
+.Lschedule_128:
+	movl	$10,%esi
+
+.Loop_schedule_128:
+	call	_vpaes_schedule_round
+	decq	%rsi
+	jz	.Lschedule_mangle_last
+	call	_vpaes_schedule_mangle
+	jmp	.Loop_schedule_128
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.align	16
+.Lschedule_192:
+	movdqu	8(%rdi),%xmm0
+	call	_vpaes_schedule_transform
+	movdqa	%xmm0,%xmm6
+	pxor	%xmm4,%xmm4
+	movhlps	%xmm4,%xmm6
+	movl	$4,%esi
+
+.Loop_schedule_192:
+	call	_vpaes_schedule_round
+.byte	102,15,58,15,198,8
+	call	_vpaes_schedule_mangle
+	call	_vpaes_schedule_192_smear
+	call	_vpaes_schedule_mangle
+	call	_vpaes_schedule_round
+	decq	%rsi
+	jz	.Lschedule_mangle_last
+	call	_vpaes_schedule_mangle
+	call	_vpaes_schedule_192_smear
+	jmp	.Loop_schedule_192
+
+
+
+
+
+
+
+
+
+
+
+.align	16
+.Lschedule_256:
+	movdqu	16(%rdi),%xmm0
+	call	_vpaes_schedule_transform
+	movl	$7,%esi
+
+.Loop_schedule_256:
+	call	_vpaes_schedule_mangle
+	movdqa	%xmm0,%xmm6
+
+
+	call	_vpaes_schedule_round
+	decq	%rsi
+	jz	.Lschedule_mangle_last
+	call	_vpaes_schedule_mangle
+
+
+	pshufd	$0xFF,%xmm0,%xmm0
+	movdqa	%xmm7,%xmm5
+	movdqa	%xmm6,%xmm7
+	call	_vpaes_schedule_low_round
+	movdqa	%xmm5,%xmm7
+
+	jmp	.Loop_schedule_256
+
+
+
+
+
+
+
+
+
+
+
+
+.align	16
+.Lschedule_mangle_last:
+
+	leaq	.Lk_deskew(%rip),%r11
+	testq	%rcx,%rcx
+	jnz	.Lschedule_mangle_last_dec
+
+
+	movdqa	(%r8,%r10,1),%xmm1
+.byte	102,15,56,0,193
+	leaq	.Lk_opt(%rip),%r11
+	addq	$32,%rdx
+
+.Lschedule_mangle_last_dec:
+	addq	$-16,%rdx
+	pxor	.Lk_s63(%rip),%xmm0
+	call	_vpaes_schedule_transform
+	movdqu	%xmm0,(%rdx)
+
+
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_vpaes_schedule_core,.-_vpaes_schedule_core
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.type	_vpaes_schedule_192_smear,@function
+.align	16
+_vpaes_schedule_192_smear:
+.cfi_startproc	
+	pshufd	$0x80,%xmm6,%xmm1
+	pshufd	$0xFE,%xmm7,%xmm0
+	pxor	%xmm1,%xmm6
+	pxor	%xmm1,%xmm1
+	pxor	%xmm0,%xmm6
+	movdqa	%xmm6,%xmm0
+	movhlps	%xmm1,%xmm6
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_vpaes_schedule_192_smear,.-_vpaes_schedule_192_smear
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.type	_vpaes_schedule_round,@function
+.align	16
+_vpaes_schedule_round:
+.cfi_startproc	
+
+	pxor	%xmm1,%xmm1
+.byte	102,65,15,58,15,200,15
+.byte	102,69,15,58,15,192,15
+	pxor	%xmm1,%xmm7
+
+
+	pshufd	$0xFF,%xmm0,%xmm0
+.byte	102,15,58,15,192,1
+
+
+
+
+_vpaes_schedule_low_round:
+
+	movdqa	%xmm7,%xmm1
+	pslldq	$4,%xmm7
+	pxor	%xmm1,%xmm7
+	movdqa	%xmm7,%xmm1
+	pslldq	$8,%xmm7
+	pxor	%xmm1,%xmm7
+	pxor	.Lk_s63(%rip),%xmm7
+
+
+	movdqa	%xmm9,%xmm1
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+	movdqa	%xmm11,%xmm2
+.byte	102,15,56,0,208
+	pxor	%xmm1,%xmm0
+	movdqa	%xmm10,%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm10,%xmm4
+.byte	102,15,56,0,224
+	pxor	%xmm2,%xmm4
+	movdqa	%xmm10,%xmm2
+.byte	102,15,56,0,211
+	pxor	%xmm0,%xmm2
+	movdqa	%xmm10,%xmm3
+.byte	102,15,56,0,220
+	pxor	%xmm1,%xmm3
+	movdqa	%xmm13,%xmm4
+.byte	102,15,56,0,226
+	movdqa	%xmm12,%xmm0
+.byte	102,15,56,0,195
+	pxor	%xmm4,%xmm0
+
+
+	pxor	%xmm7,%xmm0
+	movdqa	%xmm0,%xmm7
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_vpaes_schedule_round,.-_vpaes_schedule_round
+
+
+
+
+
+
+
+
+
+
+.type	_vpaes_schedule_transform,@function
+.align	16
+_vpaes_schedule_transform:
+.cfi_startproc	
+	movdqa	%xmm9,%xmm1
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+	movdqa	(%r11),%xmm2
+.byte	102,15,56,0,208
+	movdqa	16(%r11),%xmm0
+.byte	102,15,56,0,193
+	pxor	%xmm2,%xmm0
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_vpaes_schedule_transform,.-_vpaes_schedule_transform
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.type	_vpaes_schedule_mangle,@function
+.align	16
+_vpaes_schedule_mangle:
+.cfi_startproc	
+	movdqa	%xmm0,%xmm4
+	movdqa	.Lk_mc_forward(%rip),%xmm5
+	testq	%rcx,%rcx
+	jnz	.Lschedule_mangle_dec
+
+
+	addq	$16,%rdx
+	pxor	.Lk_s63(%rip),%xmm4
+.byte	102,15,56,0,229
+	movdqa	%xmm4,%xmm3
+.byte	102,15,56,0,229
+	pxor	%xmm4,%xmm3
+.byte	102,15,56,0,229
+	pxor	%xmm4,%xmm3
+
+	jmp	.Lschedule_mangle_both
+.align	16
+.Lschedule_mangle_dec:
+
+	leaq	.Lk_dksd(%rip),%r11
+	movdqa	%xmm9,%xmm1
+	pandn	%xmm4,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm4
+
+	movdqa	0(%r11),%xmm2
+.byte	102,15,56,0,212
+	movdqa	16(%r11),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+
+	movdqa	32(%r11),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	48(%r11),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+
+	movdqa	64(%r11),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	80(%r11),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+
+	movdqa	96(%r11),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	112(%r11),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+
+	addq	$-16,%rdx
+
+.Lschedule_mangle_both:
+	movdqa	(%r8,%r10,1),%xmm1
+.byte	102,15,56,0,217
+	addq	$-16,%r8
+	andq	$0x30,%r8
+	movdqu	%xmm3,(%rdx)
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_vpaes_schedule_mangle,.-_vpaes_schedule_mangle
+
+
+
+
+.globl	vpaes_set_encrypt_key
+.type	vpaes_set_encrypt_key,@function
+.align	16
+vpaes_set_encrypt_key:
+.cfi_startproc	
+	movl	%esi,%eax
+	shrl	$5,%eax
+	addl	$5,%eax
+	movl	%eax,240(%rdx)
+
+	movl	$0,%ecx
+	movl	$0x30,%r8d
+	call	_vpaes_schedule_core
+	xorl	%eax,%eax
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	vpaes_set_encrypt_key,.-vpaes_set_encrypt_key
+
+.globl	vpaes_set_decrypt_key
+.type	vpaes_set_decrypt_key,@function
+.align	16
+vpaes_set_decrypt_key:
+.cfi_startproc	
+	movl	%esi,%eax
+	shrl	$5,%eax
+	addl	$5,%eax
+	movl	%eax,240(%rdx)
+	shll	$4,%eax
+	leaq	16(%rdx,%rax,1),%rdx
+
+	movl	$1,%ecx
+	movl	%esi,%r8d
+	shrl	$1,%r8d
+	andl	$32,%r8d
+	xorl	$32,%r8d
+	call	_vpaes_schedule_core
+	xorl	%eax,%eax
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	vpaes_set_decrypt_key,.-vpaes_set_decrypt_key
+
+.globl	vpaes_encrypt
+.type	vpaes_encrypt,@function
+.align	16
+vpaes_encrypt:
+.cfi_startproc	
+	movdqu	(%rdi),%xmm0
+	call	_vpaes_preheat
+	call	_vpaes_encrypt_core
+	movdqu	%xmm0,(%rsi)
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	vpaes_encrypt,.-vpaes_encrypt
+
+.globl	vpaes_decrypt
+.type	vpaes_decrypt,@function
+.align	16
+vpaes_decrypt:
+.cfi_startproc	
+	movdqu	(%rdi),%xmm0
+	call	_vpaes_preheat
+	call	_vpaes_decrypt_core
+	movdqu	%xmm0,(%rsi)
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	vpaes_decrypt,.-vpaes_decrypt
+.globl	vpaes_cbc_encrypt
+.type	vpaes_cbc_encrypt,@function
+.align	16
+vpaes_cbc_encrypt:
+.cfi_startproc	
+	xchgq	%rcx,%rdx
+	subq	$16,%rcx
+	jc	.Lcbc_abort
+	movdqu	(%r8),%xmm6
+	subq	%rdi,%rsi
+	call	_vpaes_preheat
+	cmpl	$0,%r9d
+	je	.Lcbc_dec_loop
+	jmp	.Lcbc_enc_loop
+.align	16
+.Lcbc_enc_loop:
+	movdqu	(%rdi),%xmm0
+	pxor	%xmm6,%xmm0
+	call	_vpaes_encrypt_core
+	movdqa	%xmm0,%xmm6
+	movdqu	%xmm0,(%rsi,%rdi,1)
+	leaq	16(%rdi),%rdi
+	subq	$16,%rcx
+	jnc	.Lcbc_enc_loop
+	jmp	.Lcbc_done
+.align	16
+.Lcbc_dec_loop:
+	movdqu	(%rdi),%xmm0
+	movdqa	%xmm0,%xmm7
+	call	_vpaes_decrypt_core
+	pxor	%xmm6,%xmm0
+	movdqa	%xmm7,%xmm6
+	movdqu	%xmm0,(%rsi,%rdi,1)
+	leaq	16(%rdi),%rdi
+	subq	$16,%rcx
+	jnc	.Lcbc_dec_loop
+.Lcbc_done:
+	movdqu	%xmm6,(%r8)
+.Lcbc_abort:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	vpaes_cbc_encrypt,.-vpaes_cbc_encrypt
+
+
+
+
+
+
+.type	_vpaes_preheat,@function
+.align	16
+_vpaes_preheat:
+.cfi_startproc	
+	leaq	.Lk_s0F(%rip),%r10
+	movdqa	-32(%r10),%xmm10
+	movdqa	-16(%r10),%xmm11
+	movdqa	0(%r10),%xmm9
+	movdqa	48(%r10),%xmm13
+	movdqa	64(%r10),%xmm12
+	movdqa	80(%r10),%xmm15
+	movdqa	96(%r10),%xmm14
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_vpaes_preheat,.-_vpaes_preheat
+
+
+
+
+
+.type	_vpaes_consts,@object
+.align	64
+_vpaes_consts:
+.Lk_inv:
+.quad	0x0E05060F0D080180, 0x040703090A0B0C02
+.quad	0x01040A060F0B0780, 0x030D0E0C02050809
+
+.Lk_s0F:
+.quad	0x0F0F0F0F0F0F0F0F, 0x0F0F0F0F0F0F0F0F
+
+.Lk_ipt:
+.quad	0xC2B2E8985A2A7000, 0xCABAE09052227808
+.quad	0x4C01307D317C4D00, 0xCD80B1FCB0FDCC81
+
+.Lk_sb1:
+.quad	0xB19BE18FCB503E00, 0xA5DF7A6E142AF544
+.quad	0x3618D415FAE22300, 0x3BF7CCC10D2ED9EF
+.Lk_sb2:
+.quad	0xE27A93C60B712400, 0x5EB7E955BC982FCD
+.quad	0x69EB88400AE12900, 0xC2A163C8AB82234A
+.Lk_sbo:
+.quad	0xD0D26D176FBDC700, 0x15AABF7AC502A878
+.quad	0xCFE474A55FBB6A00, 0x8E1E90D1412B35FA
+
+.Lk_mc_forward:
+.quad	0x0407060500030201, 0x0C0F0E0D080B0A09
+.quad	0x080B0A0904070605, 0x000302010C0F0E0D
+.quad	0x0C0F0E0D080B0A09, 0x0407060500030201
+.quad	0x000302010C0F0E0D, 0x080B0A0904070605
+
+.Lk_mc_backward:
+.quad	0x0605040702010003, 0x0E0D0C0F0A09080B
+.quad	0x020100030E0D0C0F, 0x0A09080B06050407
+.quad	0x0E0D0C0F0A09080B, 0x0605040702010003
+.quad	0x0A09080B06050407, 0x020100030E0D0C0F
+
+.Lk_sr:
+.quad	0x0706050403020100, 0x0F0E0D0C0B0A0908
+.quad	0x030E09040F0A0500, 0x0B06010C07020D08
+.quad	0x0F060D040B020900, 0x070E050C030A0108
+.quad	0x0B0E0104070A0D00, 0x0306090C0F020508
+
+.Lk_rcon:
+.quad	0x1F8391B9AF9DEEB6, 0x702A98084D7C7D81
+
+.Lk_s63:
+.quad	0x5B5B5B5B5B5B5B5B, 0x5B5B5B5B5B5B5B5B
+
+.Lk_opt:
+.quad	0xFF9F4929D6B66000, 0xF7974121DEBE6808
+.quad	0x01EDBD5150BCEC00, 0xE10D5DB1B05C0CE0
+
+.Lk_deskew:
+.quad	0x07E4A34047A4E300, 0x1DFEB95A5DBEF91A
+.quad	0x5F36B5DC83EA6900, 0x2841C2ABF49D1E77
+
+
+
+
+
+.Lk_dksd:
+.quad	0xFEB91A5DA3E44700, 0x0740E3A45A1DBEF9
+.quad	0x41C277F4B5368300, 0x5FDC69EAAB289D1E
+.Lk_dksb:
+.quad	0x9A4FCA1F8550D500, 0x03D653861CC94C99
+.quad	0x115BEDA7B6FC4A00, 0xD993256F7E3482C8
+.Lk_dkse:
+.quad	0xD5031CCA1FC9D600, 0x53859A4C994F5086
+.quad	0xA23196054FDC7BE8, 0xCD5EF96A20B31487
+.Lk_dks9:
+.quad	0xB6116FC87ED9A700, 0x4AED933482255BFC
+.quad	0x4576516227143300, 0x8BB89FACE9DAFDCE
+
+
+
+
+
+.Lk_dipt:
+.quad	0x0F505B040B545F00, 0x154A411E114E451A
+.quad	0x86E383E660056500, 0x12771772F491F194
+
+.Lk_dsb9:
+.quad	0x851C03539A86D600, 0xCAD51F504F994CC9
+.quad	0xC03B1789ECD74900, 0x725E2C9EB2FBA565
+.Lk_dsbd:
+.quad	0x7D57CCDFE6B1A200, 0xF56E9B13882A4439
+.quad	0x3CE2FAF724C6CB00, 0x2931180D15DEEFD3
+.Lk_dsbb:
+.quad	0xD022649296B44200, 0x602646F6B0F2D404
+.quad	0xC19498A6CD596700, 0xF3FF0C3E3255AA6B
+.Lk_dsbe:
+.quad	0x46F2929626D4D000, 0x2242600464B4F6B0
+.quad	0x0C55A6CDFFAAC100, 0x9467F36B98593E32
+.Lk_dsbo:
+.quad	0x1387EA537EF94000, 0xC7AA6DB9D4943E2D
+.quad	0x12D7560F93441D00, 0xCA4B8159D8C58E9C
+.byte	86,101,99,116,111,114,32,80,101,114,109,117,116,97,116,105,111,110,32,65,69,83,32,102,111,114,32,120,56,54,95,54,52,47,83,83,83,69,51,44,32,77,105,107,101,32,72,97,109,98,117,114,103,32,40,83,116,97,110,102,111,114,100,32,85,110,105,118,101,114,115,105,116,121,41,0
+.align	64
+.size	_vpaes_consts,.-_vpaes_consts
+
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/x86/elf/aesni-gcm-x86_64.s b/lib/accelerated/x86/elf/aesni-gcm-x86_64.s
new file mode 100644
index 0000000..461dd02
--- /dev/null
+++ b/lib/accelerated/x86/elf/aesni-gcm-x86_64.s
@@ -0,0 +1,830 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+.type	_aesni_ctr32_ghash_6x,@function
+.align	32
+_aesni_ctr32_ghash_6x:
+.cfi_startproc	
+	vmovdqu	32(%r11),%xmm2
+	subq	$6,%rdx
+	vpxor	%xmm4,%xmm4,%xmm4
+	vmovdqu	0-128(%rcx),%xmm15
+	vpaddb	%xmm2,%xmm1,%xmm10
+	vpaddb	%xmm2,%xmm10,%xmm11
+	vpaddb	%xmm2,%xmm11,%xmm12
+	vpaddb	%xmm2,%xmm12,%xmm13
+	vpaddb	%xmm2,%xmm13,%xmm14
+	vpxor	%xmm15,%xmm1,%xmm9
+	vmovdqu	%xmm4,16+8(%rsp)
+	jmp	.Loop6x
+
+.align	32
+.Loop6x:
+	addl	$100663296,%ebx
+	jc	.Lhandle_ctr32
+	vmovdqu	0-32(%r9),%xmm3
+	vpaddb	%xmm2,%xmm14,%xmm1
+	vpxor	%xmm15,%xmm10,%xmm10
+	vpxor	%xmm15,%xmm11,%xmm11
+
+.Lresume_ctr32:
+	vmovdqu	%xmm1,(%r8)
+	vpclmulqdq	$0x10,%xmm3,%xmm7,%xmm5
+	vpxor	%xmm15,%xmm12,%xmm12
+	vmovups	16-128(%rcx),%xmm2
+	vpclmulqdq	$0x01,%xmm3,%xmm7,%xmm6
+	xorq	%r12,%r12
+	cmpq	%r14,%r15
+
+	vaesenc	%xmm2,%xmm9,%xmm9
+	vmovdqu	48+8(%rsp),%xmm0
+	vpxor	%xmm15,%xmm13,%xmm13
+	vpclmulqdq	$0x00,%xmm3,%xmm7,%xmm1
+	vaesenc	%xmm2,%xmm10,%xmm10
+	vpxor	%xmm15,%xmm14,%xmm14
+	setnc	%r12b
+	vpclmulqdq	$0x11,%xmm3,%xmm7,%xmm7
+	vaesenc	%xmm2,%xmm11,%xmm11
+	vmovdqu	16-32(%r9),%xmm3
+	negq	%r12
+	vaesenc	%xmm2,%xmm12,%xmm12
+	vpxor	%xmm5,%xmm6,%xmm6
+	vpclmulqdq	$0x00,%xmm3,%xmm0,%xmm5
+	vpxor	%xmm4,%xmm8,%xmm8
+	vaesenc	%xmm2,%xmm13,%xmm13
+	vpxor	%xmm5,%xmm1,%xmm4
+	andq	$0x60,%r12
+	vmovups	32-128(%rcx),%xmm15
+	vpclmulqdq	$0x10,%xmm3,%xmm0,%xmm1
+	vaesenc	%xmm2,%xmm14,%xmm14
+
+	vpclmulqdq	$0x01,%xmm3,%xmm0,%xmm2
+	leaq	(%r14,%r12,1),%r14
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	16+8(%rsp),%xmm8,%xmm8
+	vpclmulqdq	$0x11,%xmm3,%xmm0,%xmm3
+	vmovdqu	64+8(%rsp),%xmm0
+	vaesenc	%xmm15,%xmm10,%xmm10
+	movbeq	88(%r14),%r13
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	80(%r14),%r12
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r13,32+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	movq	%r12,40+8(%rsp)
+	vmovdqu	48-32(%r9),%xmm5
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vmovups	48-128(%rcx),%xmm15
+	vpxor	%xmm1,%xmm6,%xmm6
+	vpclmulqdq	$0x00,%xmm5,%xmm0,%xmm1
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm5,%xmm0,%xmm2
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vpxor	%xmm3,%xmm7,%xmm7
+	vpclmulqdq	$0x01,%xmm5,%xmm0,%xmm3
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vpclmulqdq	$0x11,%xmm5,%xmm0,%xmm5
+	vmovdqu	80+8(%rsp),%xmm0
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vpxor	%xmm1,%xmm4,%xmm4
+	vmovdqu	64-32(%r9),%xmm1
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vmovups	64-128(%rcx),%xmm15
+	vpxor	%xmm2,%xmm6,%xmm6
+	vpclmulqdq	$0x00,%xmm1,%xmm0,%xmm2
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm3,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm1,%xmm0,%xmm3
+	vaesenc	%xmm15,%xmm10,%xmm10
+	movbeq	72(%r14),%r13
+	vpxor	%xmm5,%xmm7,%xmm7
+	vpclmulqdq	$0x01,%xmm1,%xmm0,%xmm5
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	64(%r14),%r12
+	vpclmulqdq	$0x11,%xmm1,%xmm0,%xmm1
+	vmovdqu	96+8(%rsp),%xmm0
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r13,48+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	movq	%r12,56+8(%rsp)
+	vpxor	%xmm2,%xmm4,%xmm4
+	vmovdqu	96-32(%r9),%xmm2
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vmovups	80-128(%rcx),%xmm15
+	vpxor	%xmm3,%xmm6,%xmm6
+	vpclmulqdq	$0x00,%xmm2,%xmm0,%xmm3
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm5,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm2,%xmm0,%xmm5
+	vaesenc	%xmm15,%xmm10,%xmm10
+	movbeq	56(%r14),%r13
+	vpxor	%xmm1,%xmm7,%xmm7
+	vpclmulqdq	$0x01,%xmm2,%xmm0,%xmm1
+	vpxor	112+8(%rsp),%xmm8,%xmm8
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	48(%r14),%r12
+	vpclmulqdq	$0x11,%xmm2,%xmm0,%xmm2
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r13,64+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	movq	%r12,72+8(%rsp)
+	vpxor	%xmm3,%xmm4,%xmm4
+	vmovdqu	112-32(%r9),%xmm3
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vmovups	96-128(%rcx),%xmm15
+	vpxor	%xmm5,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm3,%xmm8,%xmm5
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm1,%xmm6,%xmm6
+	vpclmulqdq	$0x01,%xmm3,%xmm8,%xmm1
+	vaesenc	%xmm15,%xmm10,%xmm10
+	movbeq	40(%r14),%r13
+	vpxor	%xmm2,%xmm7,%xmm7
+	vpclmulqdq	$0x00,%xmm3,%xmm8,%xmm2
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	32(%r14),%r12
+	vpclmulqdq	$0x11,%xmm3,%xmm8,%xmm8
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r13,80+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	movq	%r12,88+8(%rsp)
+	vpxor	%xmm5,%xmm6,%xmm6
+	vaesenc	%xmm15,%xmm14,%xmm14
+	vpxor	%xmm1,%xmm6,%xmm6
+
+	vmovups	112-128(%rcx),%xmm15
+	vpslldq	$8,%xmm6,%xmm5
+	vpxor	%xmm2,%xmm4,%xmm4
+	vmovdqu	16(%r11),%xmm3
+
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm8,%xmm7,%xmm7
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vpxor	%xmm5,%xmm4,%xmm4
+	movbeq	24(%r14),%r13
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	16(%r14),%r12
+	vpalignr	$8,%xmm4,%xmm4,%xmm0
+	vpclmulqdq	$0x10,%xmm3,%xmm4,%xmm4
+	movq	%r13,96+8(%rsp)
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r12,104+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vmovups	128-128(%rcx),%xmm1
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vaesenc	%xmm1,%xmm9,%xmm9
+	vmovups	144-128(%rcx),%xmm15
+	vaesenc	%xmm1,%xmm10,%xmm10
+	vpsrldq	$8,%xmm6,%xmm6
+	vaesenc	%xmm1,%xmm11,%xmm11
+	vpxor	%xmm6,%xmm7,%xmm7
+	vaesenc	%xmm1,%xmm12,%xmm12
+	vpxor	%xmm0,%xmm4,%xmm4
+	movbeq	8(%r14),%r13
+	vaesenc	%xmm1,%xmm13,%xmm13
+	movbeq	0(%r14),%r12
+	vaesenc	%xmm1,%xmm14,%xmm14
+	vmovups	160-128(%rcx),%xmm1
+	cmpl	$11,%ebp
+	jb	.Lenc_tail
+
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vaesenc	%xmm1,%xmm9,%xmm9
+	vaesenc	%xmm1,%xmm10,%xmm10
+	vaesenc	%xmm1,%xmm11,%xmm11
+	vaesenc	%xmm1,%xmm12,%xmm12
+	vaesenc	%xmm1,%xmm13,%xmm13
+	vmovups	176-128(%rcx),%xmm15
+	vaesenc	%xmm1,%xmm14,%xmm14
+	vmovups	192-128(%rcx),%xmm1
+	je	.Lenc_tail
+
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vaesenc	%xmm1,%xmm9,%xmm9
+	vaesenc	%xmm1,%xmm10,%xmm10
+	vaesenc	%xmm1,%xmm11,%xmm11
+	vaesenc	%xmm1,%xmm12,%xmm12
+	vaesenc	%xmm1,%xmm13,%xmm13
+	vmovups	208-128(%rcx),%xmm15
+	vaesenc	%xmm1,%xmm14,%xmm14
+	vmovups	224-128(%rcx),%xmm1
+	jmp	.Lenc_tail
+
+.align	32
+.Lhandle_ctr32:
+	vmovdqu	(%r11),%xmm0
+	vpshufb	%xmm0,%xmm1,%xmm6
+	vmovdqu	48(%r11),%xmm5
+	vpaddd	64(%r11),%xmm6,%xmm10
+	vpaddd	%xmm5,%xmm6,%xmm11
+	vmovdqu	0-32(%r9),%xmm3
+	vpaddd	%xmm5,%xmm10,%xmm12
+	vpshufb	%xmm0,%xmm10,%xmm10
+	vpaddd	%xmm5,%xmm11,%xmm13
+	vpshufb	%xmm0,%xmm11,%xmm11
+	vpxor	%xmm15,%xmm10,%xmm10
+	vpaddd	%xmm5,%xmm12,%xmm14
+	vpshufb	%xmm0,%xmm12,%xmm12
+	vpxor	%xmm15,%xmm11,%xmm11
+	vpaddd	%xmm5,%xmm13,%xmm1
+	vpshufb	%xmm0,%xmm13,%xmm13
+	vpshufb	%xmm0,%xmm14,%xmm14
+	vpshufb	%xmm0,%xmm1,%xmm1
+	jmp	.Lresume_ctr32
+
+.align	32
+.Lenc_tail:
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vmovdqu	%xmm7,16+8(%rsp)
+	vpalignr	$8,%xmm4,%xmm4,%xmm8
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vpclmulqdq	$0x10,%xmm3,%xmm4,%xmm4
+	vpxor	0(%rdi),%xmm1,%xmm2
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vpxor	16(%rdi),%xmm1,%xmm0
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vpxor	32(%rdi),%xmm1,%xmm5
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vpxor	48(%rdi),%xmm1,%xmm6
+	vaesenc	%xmm15,%xmm14,%xmm14
+	vpxor	64(%rdi),%xmm1,%xmm7
+	vpxor	80(%rdi),%xmm1,%xmm3
+	vmovdqu	(%r8),%xmm1
+
+	vaesenclast	%xmm2,%xmm9,%xmm9
+	vmovdqu	32(%r11),%xmm2
+	vaesenclast	%xmm0,%xmm10,%xmm10
+	vpaddb	%xmm2,%xmm1,%xmm0
+	movq	%r13,112+8(%rsp)
+	leaq	96(%rdi),%rdi
+	vaesenclast	%xmm5,%xmm11,%xmm11
+	vpaddb	%xmm2,%xmm0,%xmm5
+	movq	%r12,120+8(%rsp)
+	leaq	96(%rsi),%rsi
+	vmovdqu	0-128(%rcx),%xmm15
+	vaesenclast	%xmm6,%xmm12,%xmm12
+	vpaddb	%xmm2,%xmm5,%xmm6
+	vaesenclast	%xmm7,%xmm13,%xmm13
+	vpaddb	%xmm2,%xmm6,%xmm7
+	vaesenclast	%xmm3,%xmm14,%xmm14
+	vpaddb	%xmm2,%xmm7,%xmm3
+
+	addq	$0x60,%r10
+	subq	$0x6,%rdx
+	jc	.L6x_done
+
+	vmovups	%xmm9,-96(%rsi)
+	vpxor	%xmm15,%xmm1,%xmm9
+	vmovups	%xmm10,-80(%rsi)
+	vmovdqa	%xmm0,%xmm10
+	vmovups	%xmm11,-64(%rsi)
+	vmovdqa	%xmm5,%xmm11
+	vmovups	%xmm12,-48(%rsi)
+	vmovdqa	%xmm6,%xmm12
+	vmovups	%xmm13,-32(%rsi)
+	vmovdqa	%xmm7,%xmm13
+	vmovups	%xmm14,-16(%rsi)
+	vmovdqa	%xmm3,%xmm14
+	vmovdqu	32+8(%rsp),%xmm7
+	jmp	.Loop6x
+
+.L6x_done:
+	vpxor	16+8(%rsp),%xmm8,%xmm8
+	vpxor	%xmm4,%xmm8,%xmm8
+
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_aesni_ctr32_ghash_6x,.-_aesni_ctr32_ghash_6x
+.globl	aesni_gcm_decrypt
+.type	aesni_gcm_decrypt,@function
+.align	32
+aesni_gcm_decrypt:
+.cfi_startproc	
+	xorq	%r10,%r10
+	cmpq	$0x60,%rdx
+	jb	.Lgcm_dec_abort
+
+	leaq	(%rsp),%rax
+.cfi_def_cfa_register	%rax
+	pushq	%rbx
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_offset	%r14,-48
+	pushq	%r15
+.cfi_offset	%r15,-56
+	vzeroupper
+
+	vmovdqu	(%r8),%xmm1
+	addq	$-128,%rsp
+	movl	12(%r8),%ebx
+	leaq	.Lbswap_mask(%rip),%r11
+	leaq	-128(%rcx),%r14
+	movq	$0xf80,%r15
+	vmovdqu	(%r9),%xmm8
+	andq	$-128,%rsp
+	vmovdqu	(%r11),%xmm0
+	leaq	128(%rcx),%rcx
+	leaq	32+32(%r9),%r9
+	movl	240-128(%rcx),%ebp
+	vpshufb	%xmm0,%xmm8,%xmm8
+
+	andq	%r15,%r14
+	andq	%rsp,%r15
+	subq	%r14,%r15
+	jc	.Ldec_no_key_aliasing
+	cmpq	$768,%r15
+	jnc	.Ldec_no_key_aliasing
+	subq	%r15,%rsp
+.Ldec_no_key_aliasing:
+
+	vmovdqu	80(%rdi),%xmm7
+	leaq	(%rdi),%r14
+	vmovdqu	64(%rdi),%xmm4
+	leaq	-192(%rdi,%rdx,1),%r15
+	vmovdqu	48(%rdi),%xmm5
+	shrq	$4,%rdx
+	xorq	%r10,%r10
+	vmovdqu	32(%rdi),%xmm6
+	vpshufb	%xmm0,%xmm7,%xmm7
+	vmovdqu	16(%rdi),%xmm2
+	vpshufb	%xmm0,%xmm4,%xmm4
+	vmovdqu	(%rdi),%xmm3
+	vpshufb	%xmm0,%xmm5,%xmm5
+	vmovdqu	%xmm4,48(%rsp)
+	vpshufb	%xmm0,%xmm6,%xmm6
+	vmovdqu	%xmm5,64(%rsp)
+	vpshufb	%xmm0,%xmm2,%xmm2
+	vmovdqu	%xmm6,80(%rsp)
+	vpshufb	%xmm0,%xmm3,%xmm3
+	vmovdqu	%xmm2,96(%rsp)
+	vmovdqu	%xmm3,112(%rsp)
+
+	call	_aesni_ctr32_ghash_6x
+
+	vmovups	%xmm9,-96(%rsi)
+	vmovups	%xmm10,-80(%rsi)
+	vmovups	%xmm11,-64(%rsi)
+	vmovups	%xmm12,-48(%rsi)
+	vmovups	%xmm13,-32(%rsi)
+	vmovups	%xmm14,-16(%rsi)
+
+	vpshufb	(%r11),%xmm8,%xmm8
+	vmovdqu	%xmm8,-64(%r9)
+
+	vzeroupper
+	movq	-48(%rax),%r15
+.cfi_restore	%r15
+	movq	-40(%rax),%r14
+.cfi_restore	%r14
+	movq	-32(%rax),%r13
+.cfi_restore	%r13
+	movq	-24(%rax),%r12
+.cfi_restore	%r12
+	movq	-16(%rax),%rbp
+.cfi_restore	%rbp
+	movq	-8(%rax),%rbx
+.cfi_restore	%rbx
+	leaq	(%rax),%rsp
+.cfi_def_cfa_register	%rsp
+.Lgcm_dec_abort:
+	movq	%r10,%rax
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	aesni_gcm_decrypt,.-aesni_gcm_decrypt
+.type	_aesni_ctr32_6x,@function
+.align	32
+_aesni_ctr32_6x:
+.cfi_startproc	
+	vmovdqu	0-128(%rcx),%xmm4
+	vmovdqu	32(%r11),%xmm2
+	leaq	-1(%rbp),%r13
+	vmovups	16-128(%rcx),%xmm15
+	leaq	32-128(%rcx),%r12
+	vpxor	%xmm4,%xmm1,%xmm9
+	addl	$100663296,%ebx
+	jc	.Lhandle_ctr32_2
+	vpaddb	%xmm2,%xmm1,%xmm10
+	vpaddb	%xmm2,%xmm10,%xmm11
+	vpxor	%xmm4,%xmm10,%xmm10
+	vpaddb	%xmm2,%xmm11,%xmm12
+	vpxor	%xmm4,%xmm11,%xmm11
+	vpaddb	%xmm2,%xmm12,%xmm13
+	vpxor	%xmm4,%xmm12,%xmm12
+	vpaddb	%xmm2,%xmm13,%xmm14
+	vpxor	%xmm4,%xmm13,%xmm13
+	vpaddb	%xmm2,%xmm14,%xmm1
+	vpxor	%xmm4,%xmm14,%xmm14
+	jmp	.Loop_ctr32
+
+.align	16
+.Loop_ctr32:
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vaesenc	%xmm15,%xmm14,%xmm14
+	vmovups	(%r12),%xmm15
+	leaq	16(%r12),%r12
+	decl	%r13d
+	jnz	.Loop_ctr32
+
+	vmovdqu	(%r12),%xmm3
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	0(%rdi),%xmm3,%xmm4
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vpxor	16(%rdi),%xmm3,%xmm5
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vpxor	32(%rdi),%xmm3,%xmm6
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vpxor	48(%rdi),%xmm3,%xmm8
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vpxor	64(%rdi),%xmm3,%xmm2
+	vaesenc	%xmm15,%xmm14,%xmm14
+	vpxor	80(%rdi),%xmm3,%xmm3
+	leaq	96(%rdi),%rdi
+
+	vaesenclast	%xmm4,%xmm9,%xmm9
+	vaesenclast	%xmm5,%xmm10,%xmm10
+	vaesenclast	%xmm6,%xmm11,%xmm11
+	vaesenclast	%xmm8,%xmm12,%xmm12
+	vaesenclast	%xmm2,%xmm13,%xmm13
+	vaesenclast	%xmm3,%xmm14,%xmm14
+	vmovups	%xmm9,0(%rsi)
+	vmovups	%xmm10,16(%rsi)
+	vmovups	%xmm11,32(%rsi)
+	vmovups	%xmm12,48(%rsi)
+	vmovups	%xmm13,64(%rsi)
+	vmovups	%xmm14,80(%rsi)
+	leaq	96(%rsi),%rsi
+
+	.byte	0xf3,0xc3
+.align	32
+.Lhandle_ctr32_2:
+	vpshufb	%xmm0,%xmm1,%xmm6
+	vmovdqu	48(%r11),%xmm5
+	vpaddd	64(%r11),%xmm6,%xmm10
+	vpaddd	%xmm5,%xmm6,%xmm11
+	vpaddd	%xmm5,%xmm10,%xmm12
+	vpshufb	%xmm0,%xmm10,%xmm10
+	vpaddd	%xmm5,%xmm11,%xmm13
+	vpshufb	%xmm0,%xmm11,%xmm11
+	vpxor	%xmm4,%xmm10,%xmm10
+	vpaddd	%xmm5,%xmm12,%xmm14
+	vpshufb	%xmm0,%xmm12,%xmm12
+	vpxor	%xmm4,%xmm11,%xmm11
+	vpaddd	%xmm5,%xmm13,%xmm1
+	vpshufb	%xmm0,%xmm13,%xmm13
+	vpxor	%xmm4,%xmm12,%xmm12
+	vpshufb	%xmm0,%xmm14,%xmm14
+	vpxor	%xmm4,%xmm13,%xmm13
+	vpshufb	%xmm0,%xmm1,%xmm1
+	vpxor	%xmm4,%xmm14,%xmm14
+	jmp	.Loop_ctr32
+.cfi_endproc	
+.size	_aesni_ctr32_6x,.-_aesni_ctr32_6x
+
+.globl	aesni_gcm_encrypt
+.type	aesni_gcm_encrypt,@function
+.align	32
+aesni_gcm_encrypt:
+.cfi_startproc	
+	xorq	%r10,%r10
+	cmpq	$288,%rdx
+	jb	.Lgcm_enc_abort
+
+	leaq	(%rsp),%rax
+.cfi_def_cfa_register	%rax
+	pushq	%rbx
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_offset	%r14,-48
+	pushq	%r15
+.cfi_offset	%r15,-56
+	vzeroupper
+
+	vmovdqu	(%r8),%xmm1
+	addq	$-128,%rsp
+	movl	12(%r8),%ebx
+	leaq	.Lbswap_mask(%rip),%r11
+	leaq	-128(%rcx),%r14
+	movq	$0xf80,%r15
+	leaq	128(%rcx),%rcx
+	vmovdqu	(%r11),%xmm0
+	andq	$-128,%rsp
+	movl	240-128(%rcx),%ebp
+
+	andq	%r15,%r14
+	andq	%rsp,%r15
+	subq	%r14,%r15
+	jc	.Lenc_no_key_aliasing
+	cmpq	$768,%r15
+	jnc	.Lenc_no_key_aliasing
+	subq	%r15,%rsp
+.Lenc_no_key_aliasing:
+
+	leaq	(%rsi),%r14
+	leaq	-192(%rsi,%rdx,1),%r15
+	shrq	$4,%rdx
+
+	call	_aesni_ctr32_6x
+	vpshufb	%xmm0,%xmm9,%xmm8
+	vpshufb	%xmm0,%xmm10,%xmm2
+	vmovdqu	%xmm8,112(%rsp)
+	vpshufb	%xmm0,%xmm11,%xmm4
+	vmovdqu	%xmm2,96(%rsp)
+	vpshufb	%xmm0,%xmm12,%xmm5
+	vmovdqu	%xmm4,80(%rsp)
+	vpshufb	%xmm0,%xmm13,%xmm6
+	vmovdqu	%xmm5,64(%rsp)
+	vpshufb	%xmm0,%xmm14,%xmm7
+	vmovdqu	%xmm6,48(%rsp)
+
+	call	_aesni_ctr32_6x
+
+	vmovdqu	(%r9),%xmm8
+	leaq	32+32(%r9),%r9
+	subq	$12,%rdx
+	movq	$192,%r10
+	vpshufb	%xmm0,%xmm8,%xmm8
+
+	call	_aesni_ctr32_ghash_6x
+	vmovdqu	32(%rsp),%xmm7
+	vmovdqu	(%r11),%xmm0
+	vmovdqu	0-32(%r9),%xmm3
+	vpunpckhqdq	%xmm7,%xmm7,%xmm1
+	vmovdqu	32-32(%r9),%xmm15
+	vmovups	%xmm9,-96(%rsi)
+	vpshufb	%xmm0,%xmm9,%xmm9
+	vpxor	%xmm7,%xmm1,%xmm1
+	vmovups	%xmm10,-80(%rsi)
+	vpshufb	%xmm0,%xmm10,%xmm10
+	vmovups	%xmm11,-64(%rsi)
+	vpshufb	%xmm0,%xmm11,%xmm11
+	vmovups	%xmm12,-48(%rsi)
+	vpshufb	%xmm0,%xmm12,%xmm12
+	vmovups	%xmm13,-32(%rsi)
+	vpshufb	%xmm0,%xmm13,%xmm13
+	vmovups	%xmm14,-16(%rsi)
+	vpshufb	%xmm0,%xmm14,%xmm14
+	vmovdqu	%xmm9,16(%rsp)
+	vmovdqu	48(%rsp),%xmm6
+	vmovdqu	16-32(%r9),%xmm0
+	vpunpckhqdq	%xmm6,%xmm6,%xmm2
+	vpclmulqdq	$0x00,%xmm3,%xmm7,%xmm5
+	vpxor	%xmm6,%xmm2,%xmm2
+	vpclmulqdq	$0x11,%xmm3,%xmm7,%xmm7
+	vpclmulqdq	$0x00,%xmm15,%xmm1,%xmm1
+
+	vmovdqu	64(%rsp),%xmm9
+	vpclmulqdq	$0x00,%xmm0,%xmm6,%xmm4
+	vmovdqu	48-32(%r9),%xmm3
+	vpxor	%xmm5,%xmm4,%xmm4
+	vpunpckhqdq	%xmm9,%xmm9,%xmm5
+	vpclmulqdq	$0x11,%xmm0,%xmm6,%xmm6
+	vpxor	%xmm9,%xmm5,%xmm5
+	vpxor	%xmm7,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm15,%xmm2,%xmm2
+	vmovdqu	80-32(%r9),%xmm15
+	vpxor	%xmm1,%xmm2,%xmm2
+
+	vmovdqu	80(%rsp),%xmm1
+	vpclmulqdq	$0x00,%xmm3,%xmm9,%xmm7
+	vmovdqu	64-32(%r9),%xmm0
+	vpxor	%xmm4,%xmm7,%xmm7
+	vpunpckhqdq	%xmm1,%xmm1,%xmm4
+	vpclmulqdq	$0x11,%xmm3,%xmm9,%xmm9
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpxor	%xmm6,%xmm9,%xmm9
+	vpclmulqdq	$0x00,%xmm15,%xmm5,%xmm5
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vmovdqu	96(%rsp),%xmm2
+	vpclmulqdq	$0x00,%xmm0,%xmm1,%xmm6
+	vmovdqu	96-32(%r9),%xmm3
+	vpxor	%xmm7,%xmm6,%xmm6
+	vpunpckhqdq	%xmm2,%xmm2,%xmm7
+	vpclmulqdq	$0x11,%xmm0,%xmm1,%xmm1
+	vpxor	%xmm2,%xmm7,%xmm7
+	vpxor	%xmm9,%xmm1,%xmm1
+	vpclmulqdq	$0x10,%xmm15,%xmm4,%xmm4
+	vmovdqu	128-32(%r9),%xmm15
+	vpxor	%xmm5,%xmm4,%xmm4
+
+	vpxor	112(%rsp),%xmm8,%xmm8
+	vpclmulqdq	$0x00,%xmm3,%xmm2,%xmm5
+	vmovdqu	112-32(%r9),%xmm0
+	vpunpckhqdq	%xmm8,%xmm8,%xmm9
+	vpxor	%xmm6,%xmm5,%xmm5
+	vpclmulqdq	$0x11,%xmm3,%xmm2,%xmm2
+	vpxor	%xmm8,%xmm9,%xmm9
+	vpxor	%xmm1,%xmm2,%xmm2
+	vpclmulqdq	$0x00,%xmm15,%xmm7,%xmm7
+	vpxor	%xmm4,%xmm7,%xmm4
+
+	vpclmulqdq	$0x00,%xmm0,%xmm8,%xmm6
+	vmovdqu	0-32(%r9),%xmm3
+	vpunpckhqdq	%xmm14,%xmm14,%xmm1
+	vpclmulqdq	$0x11,%xmm0,%xmm8,%xmm8
+	vpxor	%xmm14,%xmm1,%xmm1
+	vpxor	%xmm5,%xmm6,%xmm5
+	vpclmulqdq	$0x10,%xmm15,%xmm9,%xmm9
+	vmovdqu	32-32(%r9),%xmm15
+	vpxor	%xmm2,%xmm8,%xmm7
+	vpxor	%xmm4,%xmm9,%xmm6
+
+	vmovdqu	16-32(%r9),%xmm0
+	vpxor	%xmm5,%xmm7,%xmm9
+	vpclmulqdq	$0x00,%xmm3,%xmm14,%xmm4
+	vpxor	%xmm9,%xmm6,%xmm6
+	vpunpckhqdq	%xmm13,%xmm13,%xmm2
+	vpclmulqdq	$0x11,%xmm3,%xmm14,%xmm14
+	vpxor	%xmm13,%xmm2,%xmm2
+	vpslldq	$8,%xmm6,%xmm9
+	vpclmulqdq	$0x00,%xmm15,%xmm1,%xmm1
+	vpxor	%xmm9,%xmm5,%xmm8
+	vpsrldq	$8,%xmm6,%xmm6
+	vpxor	%xmm6,%xmm7,%xmm7
+
+	vpclmulqdq	$0x00,%xmm0,%xmm13,%xmm5
+	vmovdqu	48-32(%r9),%xmm3
+	vpxor	%xmm4,%xmm5,%xmm5
+	vpunpckhqdq	%xmm12,%xmm12,%xmm9
+	vpclmulqdq	$0x11,%xmm0,%xmm13,%xmm13
+	vpxor	%xmm12,%xmm9,%xmm9
+	vpxor	%xmm14,%xmm13,%xmm13
+	vpalignr	$8,%xmm8,%xmm8,%xmm14
+	vpclmulqdq	$0x10,%xmm15,%xmm2,%xmm2
+	vmovdqu	80-32(%r9),%xmm15
+	vpxor	%xmm1,%xmm2,%xmm2
+
+	vpclmulqdq	$0x00,%xmm3,%xmm12,%xmm4
+	vmovdqu	64-32(%r9),%xmm0
+	vpxor	%xmm5,%xmm4,%xmm4
+	vpunpckhqdq	%xmm11,%xmm11,%xmm1
+	vpclmulqdq	$0x11,%xmm3,%xmm12,%xmm12
+	vpxor	%xmm11,%xmm1,%xmm1
+	vpxor	%xmm13,%xmm12,%xmm12
+	vxorps	16(%rsp),%xmm7,%xmm7
+	vpclmulqdq	$0x00,%xmm15,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm9,%xmm9
+
+	vpclmulqdq	$0x10,16(%r11),%xmm8,%xmm8
+	vxorps	%xmm14,%xmm8,%xmm8
+
+	vpclmulqdq	$0x00,%xmm0,%xmm11,%xmm5
+	vmovdqu	96-32(%r9),%xmm3
+	vpxor	%xmm4,%xmm5,%xmm5
+	vpunpckhqdq	%xmm10,%xmm10,%xmm2
+	vpclmulqdq	$0x11,%xmm0,%xmm11,%xmm11
+	vpxor	%xmm10,%xmm2,%xmm2
+	vpalignr	$8,%xmm8,%xmm8,%xmm14
+	vpxor	%xmm12,%xmm11,%xmm11
+	vpclmulqdq	$0x10,%xmm15,%xmm1,%xmm1
+	vmovdqu	128-32(%r9),%xmm15
+	vpxor	%xmm9,%xmm1,%xmm1
+
+	vxorps	%xmm7,%xmm14,%xmm14
+	vpclmulqdq	$0x10,16(%r11),%xmm8,%xmm8
+	vxorps	%xmm14,%xmm8,%xmm8
+
+	vpclmulqdq	$0x00,%xmm3,%xmm10,%xmm4
+	vmovdqu	112-32(%r9),%xmm0
+	vpxor	%xmm5,%xmm4,%xmm4
+	vpunpckhqdq	%xmm8,%xmm8,%xmm9
+	vpclmulqdq	$0x11,%xmm3,%xmm10,%xmm10
+	vpxor	%xmm8,%xmm9,%xmm9
+	vpxor	%xmm11,%xmm10,%xmm10
+	vpclmulqdq	$0x00,%xmm15,%xmm2,%xmm2
+	vpxor	%xmm1,%xmm2,%xmm2
+
+	vpclmulqdq	$0x00,%xmm0,%xmm8,%xmm5
+	vpclmulqdq	$0x11,%xmm0,%xmm8,%xmm7
+	vpxor	%xmm4,%xmm5,%xmm5
+	vpclmulqdq	$0x10,%xmm15,%xmm9,%xmm6
+	vpxor	%xmm10,%xmm7,%xmm7
+	vpxor	%xmm2,%xmm6,%xmm6
+
+	vpxor	%xmm5,%xmm7,%xmm4
+	vpxor	%xmm4,%xmm6,%xmm6
+	vpslldq	$8,%xmm6,%xmm1
+	vmovdqu	16(%r11),%xmm3
+	vpsrldq	$8,%xmm6,%xmm6
+	vpxor	%xmm1,%xmm5,%xmm8
+	vpxor	%xmm6,%xmm7,%xmm7
+
+	vpalignr	$8,%xmm8,%xmm8,%xmm2
+	vpclmulqdq	$0x10,%xmm3,%xmm8,%xmm8
+	vpxor	%xmm2,%xmm8,%xmm8
+
+	vpalignr	$8,%xmm8,%xmm8,%xmm2
+	vpclmulqdq	$0x10,%xmm3,%xmm8,%xmm8
+	vpxor	%xmm7,%xmm2,%xmm2
+	vpxor	%xmm2,%xmm8,%xmm8
+	vpshufb	(%r11),%xmm8,%xmm8
+	vmovdqu	%xmm8,-64(%r9)
+
+	vzeroupper
+	movq	-48(%rax),%r15
+.cfi_restore	%r15
+	movq	-40(%rax),%r14
+.cfi_restore	%r14
+	movq	-32(%rax),%r13
+.cfi_restore	%r13
+	movq	-24(%rax),%r12
+.cfi_restore	%r12
+	movq	-16(%rax),%rbp
+.cfi_restore	%rbp
+	movq	-8(%rax),%rbx
+.cfi_restore	%rbx
+	leaq	(%rax),%rsp
+.cfi_def_cfa_register	%rsp
+.Lgcm_enc_abort:
+	movq	%r10,%rax
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	aesni_gcm_encrypt,.-aesni_gcm_encrypt
+.align	64
+.Lbswap_mask:
+.byte	15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+.Lpoly:
+.byte	0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xc2
+.Lone_msb:
+.byte	0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1
+.Ltwo_lsb:
+.byte	2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
+.Lone_lsb:
+.byte	1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
+.byte	65,69,83,45,78,73,32,71,67,77,32,109,111,100,117,108,101,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.align	64
+
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/x86/elf/aesni-x86.s b/lib/accelerated/x86/elf/aesni-x86.s
new file mode 100644
index 0000000..0c13b39
--- /dev/null
+++ b/lib/accelerated/x86/elf/aesni-x86.s
@@ -0,0 +1,3278 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text
+.globl	aesni_encrypt
+.type	aesni_encrypt,@function
+.align	16
+aesni_encrypt:
+.L_aesni_encrypt_begin:
+	movl	4(%esp),%eax
+	movl	12(%esp),%edx
+	movups	(%eax),%xmm2
+	movl	240(%edx),%ecx
+	movl	8(%esp),%eax
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L000enc1_loop_1:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L000enc1_loop_1
+.byte	102,15,56,221,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%eax)
+	pxor	%xmm2,%xmm2
+	ret
+.size	aesni_encrypt,.-.L_aesni_encrypt_begin
+.globl	aesni_decrypt
+.type	aesni_decrypt,@function
+.align	16
+aesni_decrypt:
+.L_aesni_decrypt_begin:
+	movl	4(%esp),%eax
+	movl	12(%esp),%edx
+	movups	(%eax),%xmm2
+	movl	240(%edx),%ecx
+	movl	8(%esp),%eax
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L001dec1_loop_2:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L001dec1_loop_2
+.byte	102,15,56,223,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%eax)
+	pxor	%xmm2,%xmm2
+	ret
+.size	aesni_decrypt,.-.L_aesni_decrypt_begin
+.type	_aesni_encrypt2,@function
+.align	16
+_aesni_encrypt2:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+	addl	$16,%ecx
+.L002enc2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L002enc2_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	ret
+.size	_aesni_encrypt2,.-_aesni_encrypt2
+.type	_aesni_decrypt2,@function
+.align	16
+_aesni_decrypt2:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+	addl	$16,%ecx
+.L003dec2_loop:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L003dec2_loop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+	ret
+.size	_aesni_decrypt2,.-_aesni_decrypt2
+.type	_aesni_encrypt3,@function
+.align	16
+_aesni_encrypt3:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+	addl	$16,%ecx
+.L004enc3_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L004enc3_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+	ret
+.size	_aesni_encrypt3,.-_aesni_encrypt3
+.type	_aesni_decrypt3,@function
+.align	16
+_aesni_decrypt3:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+	addl	$16,%ecx
+.L005dec3_loop:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L005dec3_loop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+	ret
+.size	_aesni_decrypt3,.-_aesni_decrypt3
+.type	_aesni_encrypt4,@function
+.align	16
+_aesni_encrypt4:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	shll	$4,%ecx
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+.byte	15,31,64,0
+	addl	$16,%ecx
+.L006enc4_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L006enc4_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+	ret
+.size	_aesni_encrypt4,.-_aesni_encrypt4
+.type	_aesni_decrypt4,@function
+.align	16
+_aesni_decrypt4:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	shll	$4,%ecx
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+.byte	15,31,64,0
+	addl	$16,%ecx
+.L007dec4_loop:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L007dec4_loop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+	ret
+.size	_aesni_decrypt4,.-_aesni_decrypt4
+.type	_aesni_encrypt6,@function
+.align	16
+_aesni_encrypt6:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+.byte	102,15,56,220,209
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+.byte	102,15,56,220,217
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+.byte	102,15,56,220,225
+	pxor	%xmm0,%xmm7
+	movups	(%edx,%ecx,1),%xmm0
+	addl	$16,%ecx
+	jmp	.L008_aesni_encrypt6_inner
+.align	16
+.L009enc6_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.L008_aesni_encrypt6_inner:
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.L_aesni_encrypt6_enter:
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L009enc6_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+.byte	102,15,56,221,240
+.byte	102,15,56,221,248
+	ret
+.size	_aesni_encrypt6,.-_aesni_encrypt6
+.type	_aesni_decrypt6,@function
+.align	16
+_aesni_decrypt6:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+.byte	102,15,56,222,209
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+.byte	102,15,56,222,217
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+.byte	102,15,56,222,225
+	pxor	%xmm0,%xmm7
+	movups	(%edx,%ecx,1),%xmm0
+	addl	$16,%ecx
+	jmp	.L010_aesni_decrypt6_inner
+.align	16
+.L011dec6_loop:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.L010_aesni_decrypt6_inner:
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.L_aesni_decrypt6_enter:
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L011dec6_loop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+.byte	102,15,56,223,240
+.byte	102,15,56,223,248
+	ret
+.size	_aesni_decrypt6,.-_aesni_decrypt6
+.globl	aesni_ecb_encrypt
+.type	aesni_ecb_encrypt,@function
+.align	16
+aesni_ecb_encrypt:
+.L_aesni_ecb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebx
+	andl	$-16,%eax
+	jz	.L012ecb_ret
+	movl	240(%edx),%ecx
+	testl	%ebx,%ebx
+	jz	.L013ecb_decrypt
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+	cmpl	$96,%eax
+	jb	.L014ecb_enc_tail
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+	subl	$96,%eax
+	jmp	.L015ecb_enc_loop6_enter
+.align	16
+.L016ecb_enc_loop6:
+	movups	%xmm2,(%edi)
+	movdqu	(%esi),%xmm2
+	movups	%xmm3,16(%edi)
+	movdqu	16(%esi),%xmm3
+	movups	%xmm4,32(%edi)
+	movdqu	32(%esi),%xmm4
+	movups	%xmm5,48(%edi)
+	movdqu	48(%esi),%xmm5
+	movups	%xmm6,64(%edi)
+	movdqu	64(%esi),%xmm6
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+.L015ecb_enc_loop6_enter:
+	call	_aesni_encrypt6
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	subl	$96,%eax
+	jnc	.L016ecb_enc_loop6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	addl	$96,%eax
+	jz	.L012ecb_ret
+.L014ecb_enc_tail:
+	movups	(%esi),%xmm2
+	cmpl	$32,%eax
+	jb	.L017ecb_enc_one
+	movups	16(%esi),%xmm3
+	je	.L018ecb_enc_two
+	movups	32(%esi),%xmm4
+	cmpl	$64,%eax
+	jb	.L019ecb_enc_three
+	movups	48(%esi),%xmm5
+	je	.L020ecb_enc_four
+	movups	64(%esi),%xmm6
+	xorps	%xmm7,%xmm7
+	call	_aesni_encrypt6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L017ecb_enc_one:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L021enc1_loop_3:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L021enc1_loop_3
+.byte	102,15,56,221,209
+	movups	%xmm2,(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L018ecb_enc_two:
+	call	_aesni_encrypt2
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L019ecb_enc_three:
+	call	_aesni_encrypt3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L020ecb_enc_four:
+	call	_aesni_encrypt4
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L013ecb_decrypt:
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+	cmpl	$96,%eax
+	jb	.L022ecb_dec_tail
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+	subl	$96,%eax
+	jmp	.L023ecb_dec_loop6_enter
+.align	16
+.L024ecb_dec_loop6:
+	movups	%xmm2,(%edi)
+	movdqu	(%esi),%xmm2
+	movups	%xmm3,16(%edi)
+	movdqu	16(%esi),%xmm3
+	movups	%xmm4,32(%edi)
+	movdqu	32(%esi),%xmm4
+	movups	%xmm5,48(%edi)
+	movdqu	48(%esi),%xmm5
+	movups	%xmm6,64(%edi)
+	movdqu	64(%esi),%xmm6
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+.L023ecb_dec_loop6_enter:
+	call	_aesni_decrypt6
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	subl	$96,%eax
+	jnc	.L024ecb_dec_loop6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	addl	$96,%eax
+	jz	.L012ecb_ret
+.L022ecb_dec_tail:
+	movups	(%esi),%xmm2
+	cmpl	$32,%eax
+	jb	.L025ecb_dec_one
+	movups	16(%esi),%xmm3
+	je	.L026ecb_dec_two
+	movups	32(%esi),%xmm4
+	cmpl	$64,%eax
+	jb	.L027ecb_dec_three
+	movups	48(%esi),%xmm5
+	je	.L028ecb_dec_four
+	movups	64(%esi),%xmm6
+	xorps	%xmm7,%xmm7
+	call	_aesni_decrypt6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L025ecb_dec_one:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L029dec1_loop_4:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L029dec1_loop_4
+.byte	102,15,56,223,209
+	movups	%xmm2,(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L026ecb_dec_two:
+	call	_aesni_decrypt2
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L027ecb_dec_three:
+	call	_aesni_decrypt3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	jmp	.L012ecb_ret
+.align	16
+.L028ecb_dec_four:
+	call	_aesni_decrypt4
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+.L012ecb_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	aesni_ecb_encrypt,.-.L_aesni_ecb_encrypt_begin
+.globl	aesni_ccm64_encrypt_blocks
+.type	aesni_ccm64_encrypt_blocks,@function
+.align	16
+aesni_ccm64_encrypt_blocks:
+.L_aesni_ccm64_encrypt_blocks_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebx
+	movl	40(%esp),%ecx
+	movl	%esp,%ebp
+	subl	$60,%esp
+	andl	$-16,%esp
+	movl	%ebp,48(%esp)
+	movdqu	(%ebx),%xmm7
+	movdqu	(%ecx),%xmm3
+	movl	240(%edx),%ecx
+	movl	$202182159,(%esp)
+	movl	$134810123,4(%esp)
+	movl	$67438087,8(%esp)
+	movl	$66051,12(%esp)
+	movl	$1,%ebx
+	xorl	%ebp,%ebp
+	movl	%ebx,16(%esp)
+	movl	%ebp,20(%esp)
+	movl	%ebp,24(%esp)
+	movl	%ebp,28(%esp)
+	shll	$4,%ecx
+	movl	$16,%ebx
+	leal	(%edx),%ebp
+	movdqa	(%esp),%xmm5
+	movdqa	%xmm7,%xmm2
+	leal	32(%edx,%ecx,1),%edx
+	subl	%ecx,%ebx
+.byte	102,15,56,0,253
+.L030ccm64_enc_outer:
+	movups	(%ebp),%xmm0
+	movl	%ebx,%ecx
+	movups	(%esi),%xmm6
+	xorps	%xmm0,%xmm2
+	movups	16(%ebp),%xmm1
+	xorps	%xmm6,%xmm0
+	xorps	%xmm0,%xmm3
+	movups	32(%ebp),%xmm0
+.L031ccm64_enc2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L031ccm64_enc2_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	paddq	16(%esp),%xmm7
+	decl	%eax
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	leal	16(%esi),%esi
+	xorps	%xmm2,%xmm6
+	movdqa	%xmm7,%xmm2
+	movups	%xmm6,(%edi)
+.byte	102,15,56,0,213
+	leal	16(%edi),%edi
+	jnz	.L030ccm64_enc_outer
+	movl	48(%esp),%esp
+	movl	40(%esp),%edi
+	movups	%xmm3,(%edi)
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	aesni_ccm64_encrypt_blocks,.-.L_aesni_ccm64_encrypt_blocks_begin
+.globl	aesni_ccm64_decrypt_blocks
+.type	aesni_ccm64_decrypt_blocks,@function
+.align	16
+aesni_ccm64_decrypt_blocks:
+.L_aesni_ccm64_decrypt_blocks_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebx
+	movl	40(%esp),%ecx
+	movl	%esp,%ebp
+	subl	$60,%esp
+	andl	$-16,%esp
+	movl	%ebp,48(%esp)
+	movdqu	(%ebx),%xmm7
+	movdqu	(%ecx),%xmm3
+	movl	240(%edx),%ecx
+	movl	$202182159,(%esp)
+	movl	$134810123,4(%esp)
+	movl	$67438087,8(%esp)
+	movl	$66051,12(%esp)
+	movl	$1,%ebx
+	xorl	%ebp,%ebp
+	movl	%ebx,16(%esp)
+	movl	%ebp,20(%esp)
+	movl	%ebp,24(%esp)
+	movl	%ebp,28(%esp)
+	movdqa	(%esp),%xmm5
+	movdqa	%xmm7,%xmm2
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+.byte	102,15,56,0,253
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L032enc1_loop_5:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L032enc1_loop_5
+.byte	102,15,56,221,209
+	shll	$4,%ebx
+	movl	$16,%ecx
+	movups	(%esi),%xmm6
+	paddq	16(%esp),%xmm7
+	leal	16(%esi),%esi
+	subl	%ebx,%ecx
+	leal	32(%ebp,%ebx,1),%edx
+	movl	%ecx,%ebx
+	jmp	.L033ccm64_dec_outer
+.align	16
+.L033ccm64_dec_outer:
+	xorps	%xmm2,%xmm6
+	movdqa	%xmm7,%xmm2
+	movups	%xmm6,(%edi)
+	leal	16(%edi),%edi
+.byte	102,15,56,0,213
+	subl	$1,%eax
+	jz	.L034ccm64_dec_break
+	movups	(%ebp),%xmm0
+	movl	%ebx,%ecx
+	movups	16(%ebp),%xmm1
+	xorps	%xmm0,%xmm6
+	xorps	%xmm0,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	32(%ebp),%xmm0
+.L035ccm64_dec2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	.L035ccm64_dec2_loop
+	movups	(%esi),%xmm6
+	paddq	16(%esp),%xmm7
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	leal	16(%esi),%esi
+	jmp	.L033ccm64_dec_outer
+.align	16
+.L034ccm64_dec_break:
+	movl	240(%ebp),%ecx
+	movl	%ebp,%edx
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm6
+	leal	32(%edx),%edx
+	xorps	%xmm6,%xmm3
+.L036enc1_loop_6:
+.byte	102,15,56,220,217
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L036enc1_loop_6
+.byte	102,15,56,221,217
+	movl	48(%esp),%esp
+	movl	40(%esp),%edi
+	movups	%xmm3,(%edi)
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	aesni_ccm64_decrypt_blocks,.-.L_aesni_ccm64_decrypt_blocks_begin
+.globl	aesni_ctr32_encrypt_blocks
+.type	aesni_ctr32_encrypt_blocks,@function
+.align	16
+aesni_ctr32_encrypt_blocks:
+.L_aesni_ctr32_encrypt_blocks_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebx
+	movl	%esp,%ebp
+	subl	$88,%esp
+	andl	$-16,%esp
+	movl	%ebp,80(%esp)
+	cmpl	$1,%eax
+	je	.L037ctr32_one_shortcut
+	movdqu	(%ebx),%xmm7
+	movl	$202182159,(%esp)
+	movl	$134810123,4(%esp)
+	movl	$67438087,8(%esp)
+	movl	$66051,12(%esp)
+	movl	$6,%ecx
+	xorl	%ebp,%ebp
+	movl	%ecx,16(%esp)
+	movl	%ecx,20(%esp)
+	movl	%ecx,24(%esp)
+	movl	%ebp,28(%esp)
+.byte	102,15,58,22,251,3
+.byte	102,15,58,34,253,3
+	movl	240(%edx),%ecx
+	bswap	%ebx
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movdqa	(%esp),%xmm2
+.byte	102,15,58,34,195,0
+	leal	3(%ebx),%ebp
+.byte	102,15,58,34,205,0
+	incl	%ebx
+.byte	102,15,58,34,195,1
+	incl	%ebp
+.byte	102,15,58,34,205,1
+	incl	%ebx
+.byte	102,15,58,34,195,2
+	incl	%ebp
+.byte	102,15,58,34,205,2
+	movdqa	%xmm0,48(%esp)
+.byte	102,15,56,0,194
+	movdqu	(%edx),%xmm6
+	movdqa	%xmm1,64(%esp)
+.byte	102,15,56,0,202
+	pshufd	$192,%xmm0,%xmm2
+	pshufd	$128,%xmm0,%xmm3
+	cmpl	$6,%eax
+	jb	.L038ctr32_tail
+	pxor	%xmm6,%xmm7
+	shll	$4,%ecx
+	movl	$16,%ebx
+	movdqa	%xmm7,32(%esp)
+	movl	%edx,%ebp
+	subl	%ecx,%ebx
+	leal	32(%edx,%ecx,1),%edx
+	subl	$6,%eax
+	jmp	.L039ctr32_loop6
+.align	16
+.L039ctr32_loop6:
+	pshufd	$64,%xmm0,%xmm4
+	movdqa	32(%esp),%xmm0
+	pshufd	$192,%xmm1,%xmm5
+	pxor	%xmm0,%xmm2
+	pshufd	$128,%xmm1,%xmm6
+	pxor	%xmm0,%xmm3
+	pshufd	$64,%xmm1,%xmm7
+	movups	16(%ebp),%xmm1
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+.byte	102,15,56,220,209
+	pxor	%xmm0,%xmm6
+	pxor	%xmm0,%xmm7
+.byte	102,15,56,220,217
+	movups	32(%ebp),%xmm0
+	movl	%ebx,%ecx
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	call	.L_aesni_encrypt6_enter
+	movups	(%esi),%xmm1
+	movups	16(%esi),%xmm0
+	xorps	%xmm1,%xmm2
+	movups	32(%esi),%xmm1
+	xorps	%xmm0,%xmm3
+	movups	%xmm2,(%edi)
+	movdqa	16(%esp),%xmm0
+	xorps	%xmm1,%xmm4
+	movdqa	64(%esp),%xmm1
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	paddd	%xmm0,%xmm1
+	paddd	48(%esp),%xmm0
+	movdqa	(%esp),%xmm2
+	movups	48(%esi),%xmm3
+	movups	64(%esi),%xmm4
+	xorps	%xmm3,%xmm5
+	movups	80(%esi),%xmm3
+	leal	96(%esi),%esi
+	movdqa	%xmm0,48(%esp)
+.byte	102,15,56,0,194
+	xorps	%xmm4,%xmm6
+	movups	%xmm5,48(%edi)
+	xorps	%xmm3,%xmm7
+	movdqa	%xmm1,64(%esp)
+.byte	102,15,56,0,202
+	movups	%xmm6,64(%edi)
+	pshufd	$192,%xmm0,%xmm2
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	pshufd	$128,%xmm0,%xmm3
+	subl	$6,%eax
+	jnc	.L039ctr32_loop6
+	addl	$6,%eax
+	jz	.L040ctr32_ret
+	movdqu	(%ebp),%xmm7
+	movl	%ebp,%edx
+	pxor	32(%esp),%xmm7
+	movl	240(%ebp),%ecx
+.L038ctr32_tail:
+	por	%xmm7,%xmm2
+	cmpl	$2,%eax
+	jb	.L041ctr32_one
+	pshufd	$64,%xmm0,%xmm4
+	por	%xmm7,%xmm3
+	je	.L042ctr32_two
+	pshufd	$192,%xmm1,%xmm5
+	por	%xmm7,%xmm4
+	cmpl	$4,%eax
+	jb	.L043ctr32_three
+	pshufd	$128,%xmm1,%xmm6
+	por	%xmm7,%xmm5
+	je	.L044ctr32_four
+	por	%xmm7,%xmm6
+	call	_aesni_encrypt6
+	movups	(%esi),%xmm1
+	movups	16(%esi),%xmm0
+	xorps	%xmm1,%xmm2
+	movups	32(%esi),%xmm1
+	xorps	%xmm0,%xmm3
+	movups	48(%esi),%xmm0
+	xorps	%xmm1,%xmm4
+	movups	64(%esi),%xmm1
+	xorps	%xmm0,%xmm5
+	movups	%xmm2,(%edi)
+	xorps	%xmm1,%xmm6
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	jmp	.L040ctr32_ret
+.align	16
+.L037ctr32_one_shortcut:
+	movups	(%ebx),%xmm2
+	movl	240(%edx),%ecx
+.L041ctr32_one:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L045enc1_loop_7:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L045enc1_loop_7
+.byte	102,15,56,221,209
+	movups	(%esi),%xmm6
+	xorps	%xmm2,%xmm6
+	movups	%xmm6,(%edi)
+	jmp	.L040ctr32_ret
+.align	16
+.L042ctr32_two:
+	call	_aesni_encrypt2
+	movups	(%esi),%xmm5
+	movups	16(%esi),%xmm6
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	jmp	.L040ctr32_ret
+.align	16
+.L043ctr32_three:
+	call	_aesni_encrypt3
+	movups	(%esi),%xmm5
+	movups	16(%esi),%xmm6
+	xorps	%xmm5,%xmm2
+	movups	32(%esi),%xmm7
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	xorps	%xmm7,%xmm4
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	jmp	.L040ctr32_ret
+.align	16
+.L044ctr32_four:
+	call	_aesni_encrypt4
+	movups	(%esi),%xmm6
+	movups	16(%esi),%xmm7
+	movups	32(%esi),%xmm1
+	xorps	%xmm6,%xmm2
+	movups	48(%esi),%xmm0
+	xorps	%xmm7,%xmm3
+	movups	%xmm2,(%edi)
+	xorps	%xmm1,%xmm4
+	movups	%xmm3,16(%edi)
+	xorps	%xmm0,%xmm5
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+.L040ctr32_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm0,32(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm0,48(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm0,64(%esp)
+	pxor	%xmm7,%xmm7
+	movl	80(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	aesni_ctr32_encrypt_blocks,.-.L_aesni_ctr32_encrypt_blocks_begin
+.globl	aesni_xts_encrypt
+.type	aesni_xts_encrypt,@function
+.align	16
+aesni_xts_encrypt:
+.L_aesni_xts_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	36(%esp),%edx
+	movl	40(%esp),%esi
+	movl	240(%edx),%ecx
+	movups	(%esi),%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L046enc1_loop_8:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L046enc1_loop_8
+.byte	102,15,56,221,209
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	%esp,%ebp
+	subl	$120,%esp
+	movl	240(%edx),%ecx
+	andl	$-16,%esp
+	movl	$135,96(%esp)
+	movl	$0,100(%esp)
+	movl	$1,104(%esp)
+	movl	$0,108(%esp)
+	movl	%eax,112(%esp)
+	movl	%ebp,116(%esp)
+	movdqa	%xmm2,%xmm1
+	pxor	%xmm0,%xmm0
+	movdqa	96(%esp),%xmm3
+	pcmpgtd	%xmm1,%xmm0
+	andl	$-16,%eax
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+	subl	$96,%eax
+	jc	.L047xts_enc_short
+	shll	$4,%ecx
+	movl	$16,%ebx
+	subl	%ecx,%ebx
+	leal	32(%edx,%ecx,1),%edx
+	jmp	.L048xts_enc_loop6
+.align	16
+.L048xts_enc_loop6:
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,16(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,32(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,48(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm7
+	movdqa	%xmm1,64(%esp)
+	paddq	%xmm1,%xmm1
+	movups	(%ebp),%xmm0
+	pand	%xmm3,%xmm7
+	movups	(%esi),%xmm2
+	pxor	%xmm1,%xmm7
+	movl	%ebx,%ecx
+	movdqu	16(%esi),%xmm3
+	xorps	%xmm0,%xmm2
+	movdqu	32(%esi),%xmm4
+	pxor	%xmm0,%xmm3
+	movdqu	48(%esi),%xmm5
+	pxor	%xmm0,%xmm4
+	movdqu	64(%esi),%xmm6
+	pxor	%xmm0,%xmm5
+	movdqu	80(%esi),%xmm1
+	pxor	%xmm0,%xmm6
+	leal	96(%esi),%esi
+	pxor	(%esp),%xmm2
+	movdqa	%xmm7,80(%esp)
+	pxor	%xmm1,%xmm7
+	movups	16(%ebp),%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+.byte	102,15,56,220,209
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+.byte	102,15,56,220,217
+	pxor	%xmm0,%xmm7
+	movups	32(%ebp),%xmm0
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	call	.L_aesni_encrypt6_enter
+	movdqa	80(%esp),%xmm1
+	pxor	%xmm0,%xmm0
+	xorps	(%esp),%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	xorps	16(%esp),%xmm3
+	movups	%xmm2,(%edi)
+	xorps	32(%esp),%xmm4
+	movups	%xmm3,16(%edi)
+	xorps	48(%esp),%xmm5
+	movups	%xmm4,32(%edi)
+	xorps	64(%esp),%xmm6
+	movups	%xmm5,48(%edi)
+	xorps	%xmm1,%xmm7
+	movups	%xmm6,64(%edi)
+	pshufd	$19,%xmm0,%xmm2
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	movdqa	96(%esp),%xmm3
+	pxor	%xmm0,%xmm0
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	subl	$96,%eax
+	jnc	.L048xts_enc_loop6
+	movl	240(%ebp),%ecx
+	movl	%ebp,%edx
+	movl	%ecx,%ebx
+.L047xts_enc_short:
+	addl	$96,%eax
+	jz	.L049xts_enc_done6x
+	movdqa	%xmm1,%xmm5
+	cmpl	$32,%eax
+	jb	.L050xts_enc_one
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	je	.L051xts_enc_two
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,%xmm6
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	cmpl	$64,%eax
+	jb	.L052xts_enc_three
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,%xmm7
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	movdqa	%xmm5,(%esp)
+	movdqa	%xmm6,16(%esp)
+	je	.L053xts_enc_four
+	movdqa	%xmm7,32(%esp)
+	pshufd	$19,%xmm0,%xmm7
+	movdqa	%xmm1,48(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm7
+	pxor	%xmm1,%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	pxor	(%esp),%xmm2
+	movdqu	48(%esi),%xmm5
+	pxor	16(%esp),%xmm3
+	movdqu	64(%esi),%xmm6
+	pxor	32(%esp),%xmm4
+	leal	80(%esi),%esi
+	pxor	48(%esp),%xmm5
+	movdqa	%xmm7,64(%esp)
+	pxor	%xmm7,%xmm6
+	call	_aesni_encrypt6
+	movaps	64(%esp),%xmm1
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	32(%esp),%xmm4
+	movups	%xmm2,(%edi)
+	xorps	48(%esp),%xmm5
+	movups	%xmm3,16(%edi)
+	xorps	%xmm1,%xmm6
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	leal	80(%edi),%edi
+	jmp	.L054xts_enc_done
+.align	16
+.L050xts_enc_one:
+	movups	(%esi),%xmm2
+	leal	16(%esi),%esi
+	xorps	%xmm5,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L055enc1_loop_9:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L055enc1_loop_9
+.byte	102,15,56,221,209
+	xorps	%xmm5,%xmm2
+	movups	%xmm2,(%edi)
+	leal	16(%edi),%edi
+	movdqa	%xmm5,%xmm1
+	jmp	.L054xts_enc_done
+.align	16
+.L051xts_enc_two:
+	movaps	%xmm1,%xmm6
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	leal	32(%esi),%esi
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	call	_aesni_encrypt2
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	leal	32(%edi),%edi
+	movdqa	%xmm6,%xmm1
+	jmp	.L054xts_enc_done
+.align	16
+.L052xts_enc_three:
+	movaps	%xmm1,%xmm7
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	movups	32(%esi),%xmm4
+	leal	48(%esi),%esi
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	call	_aesni_encrypt3
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	leal	48(%edi),%edi
+	movdqa	%xmm7,%xmm1
+	jmp	.L054xts_enc_done
+.align	16
+.L053xts_enc_four:
+	movaps	%xmm1,%xmm6
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	movups	32(%esi),%xmm4
+	xorps	(%esp),%xmm2
+	movups	48(%esi),%xmm5
+	leal	64(%esi),%esi
+	xorps	16(%esp),%xmm3
+	xorps	%xmm7,%xmm4
+	xorps	%xmm6,%xmm5
+	call	_aesni_encrypt4
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi)
+	xorps	%xmm6,%xmm5
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	leal	64(%edi),%edi
+	movdqa	%xmm6,%xmm1
+	jmp	.L054xts_enc_done
+.align	16
+.L049xts_enc_done6x:
+	movl	112(%esp),%eax
+	andl	$15,%eax
+	jz	.L056xts_enc_ret
+	movdqa	%xmm1,%xmm5
+	movl	%eax,112(%esp)
+	jmp	.L057xts_enc_steal
+.align	16
+.L054xts_enc_done:
+	movl	112(%esp),%eax
+	pxor	%xmm0,%xmm0
+	andl	$15,%eax
+	jz	.L056xts_enc_ret
+	pcmpgtd	%xmm1,%xmm0
+	movl	%eax,112(%esp)
+	pshufd	$19,%xmm0,%xmm5
+	paddq	%xmm1,%xmm1
+	pand	96(%esp),%xmm5
+	pxor	%xmm1,%xmm5
+.L057xts_enc_steal:
+	movzbl	(%esi),%ecx
+	movzbl	-16(%edi),%edx
+	leal	1(%esi),%esi
+	movb	%cl,-16(%edi)
+	movb	%dl,(%edi)
+	leal	1(%edi),%edi
+	subl	$1,%eax
+	jnz	.L057xts_enc_steal
+	subl	112(%esp),%edi
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	movups	-16(%edi),%xmm2
+	xorps	%xmm5,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L058enc1_loop_10:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L058enc1_loop_10
+.byte	102,15,56,221,209
+	xorps	%xmm5,%xmm2
+	movups	%xmm2,-16(%edi)
+.L056xts_enc_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	movdqa	%xmm0,(%esp)
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm0,16(%esp)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm0,32(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm0,48(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm0,64(%esp)
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm0,80(%esp)
+	movl	116(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	aesni_xts_encrypt,.-.L_aesni_xts_encrypt_begin
+.globl	aesni_xts_decrypt
+.type	aesni_xts_decrypt,@function
+.align	16
+aesni_xts_decrypt:
+.L_aesni_xts_decrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	36(%esp),%edx
+	movl	40(%esp),%esi
+	movl	240(%edx),%ecx
+	movups	(%esi),%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L059enc1_loop_11:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L059enc1_loop_11
+.byte	102,15,56,221,209
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	%esp,%ebp
+	subl	$120,%esp
+	andl	$-16,%esp
+	xorl	%ebx,%ebx
+	testl	$15,%eax
+	setnz	%bl
+	shll	$4,%ebx
+	subl	%ebx,%eax
+	movl	$135,96(%esp)
+	movl	$0,100(%esp)
+	movl	$1,104(%esp)
+	movl	$0,108(%esp)
+	movl	%eax,112(%esp)
+	movl	%ebp,116(%esp)
+	movl	240(%edx),%ecx
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+	movdqa	%xmm2,%xmm1
+	pxor	%xmm0,%xmm0
+	movdqa	96(%esp),%xmm3
+	pcmpgtd	%xmm1,%xmm0
+	andl	$-16,%eax
+	subl	$96,%eax
+	jc	.L060xts_dec_short
+	shll	$4,%ecx
+	movl	$16,%ebx
+	subl	%ecx,%ebx
+	leal	32(%edx,%ecx,1),%edx
+	jmp	.L061xts_dec_loop6
+.align	16
+.L061xts_dec_loop6:
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,16(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,32(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,48(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm7
+	movdqa	%xmm1,64(%esp)
+	paddq	%xmm1,%xmm1
+	movups	(%ebp),%xmm0
+	pand	%xmm3,%xmm7
+	movups	(%esi),%xmm2
+	pxor	%xmm1,%xmm7
+	movl	%ebx,%ecx
+	movdqu	16(%esi),%xmm3
+	xorps	%xmm0,%xmm2
+	movdqu	32(%esi),%xmm4
+	pxor	%xmm0,%xmm3
+	movdqu	48(%esi),%xmm5
+	pxor	%xmm0,%xmm4
+	movdqu	64(%esi),%xmm6
+	pxor	%xmm0,%xmm5
+	movdqu	80(%esi),%xmm1
+	pxor	%xmm0,%xmm6
+	leal	96(%esi),%esi
+	pxor	(%esp),%xmm2
+	movdqa	%xmm7,80(%esp)
+	pxor	%xmm1,%xmm7
+	movups	16(%ebp),%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+.byte	102,15,56,222,209
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+.byte	102,15,56,222,217
+	pxor	%xmm0,%xmm7
+	movups	32(%ebp),%xmm0
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	call	.L_aesni_decrypt6_enter
+	movdqa	80(%esp),%xmm1
+	pxor	%xmm0,%xmm0
+	xorps	(%esp),%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	xorps	16(%esp),%xmm3
+	movups	%xmm2,(%edi)
+	xorps	32(%esp),%xmm4
+	movups	%xmm3,16(%edi)
+	xorps	48(%esp),%xmm5
+	movups	%xmm4,32(%edi)
+	xorps	64(%esp),%xmm6
+	movups	%xmm5,48(%edi)
+	xorps	%xmm1,%xmm7
+	movups	%xmm6,64(%edi)
+	pshufd	$19,%xmm0,%xmm2
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	movdqa	96(%esp),%xmm3
+	pxor	%xmm0,%xmm0
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	subl	$96,%eax
+	jnc	.L061xts_dec_loop6
+	movl	240(%ebp),%ecx
+	movl	%ebp,%edx
+	movl	%ecx,%ebx
+.L060xts_dec_short:
+	addl	$96,%eax
+	jz	.L062xts_dec_done6x
+	movdqa	%xmm1,%xmm5
+	cmpl	$32,%eax
+	jb	.L063xts_dec_one
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	je	.L064xts_dec_two
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,%xmm6
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	cmpl	$64,%eax
+	jb	.L065xts_dec_three
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,%xmm7
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	movdqa	%xmm5,(%esp)
+	movdqa	%xmm6,16(%esp)
+	je	.L066xts_dec_four
+	movdqa	%xmm7,32(%esp)
+	pshufd	$19,%xmm0,%xmm7
+	movdqa	%xmm1,48(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm7
+	pxor	%xmm1,%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	pxor	(%esp),%xmm2
+	movdqu	48(%esi),%xmm5
+	pxor	16(%esp),%xmm3
+	movdqu	64(%esi),%xmm6
+	pxor	32(%esp),%xmm4
+	leal	80(%esi),%esi
+	pxor	48(%esp),%xmm5
+	movdqa	%xmm7,64(%esp)
+	pxor	%xmm7,%xmm6
+	call	_aesni_decrypt6
+	movaps	64(%esp),%xmm1
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	32(%esp),%xmm4
+	movups	%xmm2,(%edi)
+	xorps	48(%esp),%xmm5
+	movups	%xmm3,16(%edi)
+	xorps	%xmm1,%xmm6
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	leal	80(%edi),%edi
+	jmp	.L067xts_dec_done
+.align	16
+.L063xts_dec_one:
+	movups	(%esi),%xmm2
+	leal	16(%esi),%esi
+	xorps	%xmm5,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L068dec1_loop_12:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L068dec1_loop_12
+.byte	102,15,56,223,209
+	xorps	%xmm5,%xmm2
+	movups	%xmm2,(%edi)
+	leal	16(%edi),%edi
+	movdqa	%xmm5,%xmm1
+	jmp	.L067xts_dec_done
+.align	16
+.L064xts_dec_two:
+	movaps	%xmm1,%xmm6
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	leal	32(%esi),%esi
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	call	_aesni_decrypt2
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	leal	32(%edi),%edi
+	movdqa	%xmm6,%xmm1
+	jmp	.L067xts_dec_done
+.align	16
+.L065xts_dec_three:
+	movaps	%xmm1,%xmm7
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	movups	32(%esi),%xmm4
+	leal	48(%esi),%esi
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	call	_aesni_decrypt3
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	leal	48(%edi),%edi
+	movdqa	%xmm7,%xmm1
+	jmp	.L067xts_dec_done
+.align	16
+.L066xts_dec_four:
+	movaps	%xmm1,%xmm6
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	movups	32(%esi),%xmm4
+	xorps	(%esp),%xmm2
+	movups	48(%esi),%xmm5
+	leal	64(%esi),%esi
+	xorps	16(%esp),%xmm3
+	xorps	%xmm7,%xmm4
+	xorps	%xmm6,%xmm5
+	call	_aesni_decrypt4
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi)
+	xorps	%xmm6,%xmm5
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	leal	64(%edi),%edi
+	movdqa	%xmm6,%xmm1
+	jmp	.L067xts_dec_done
+.align	16
+.L062xts_dec_done6x:
+	movl	112(%esp),%eax
+	andl	$15,%eax
+	jz	.L069xts_dec_ret
+	movl	%eax,112(%esp)
+	jmp	.L070xts_dec_only_one_more
+.align	16
+.L067xts_dec_done:
+	movl	112(%esp),%eax
+	pxor	%xmm0,%xmm0
+	andl	$15,%eax
+	jz	.L069xts_dec_ret
+	pcmpgtd	%xmm1,%xmm0
+	movl	%eax,112(%esp)
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	96(%esp),%xmm3
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+.L070xts_dec_only_one_more:
+	pshufd	$19,%xmm0,%xmm5
+	movdqa	%xmm1,%xmm6
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm5
+	pxor	%xmm1,%xmm5
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	movups	(%esi),%xmm2
+	xorps	%xmm5,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L071dec1_loop_13:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L071dec1_loop_13
+.byte	102,15,56,223,209
+	xorps	%xmm5,%xmm2
+	movups	%xmm2,(%edi)
+.L072xts_dec_steal:
+	movzbl	16(%esi),%ecx
+	movzbl	(%edi),%edx
+	leal	1(%esi),%esi
+	movb	%cl,(%edi)
+	movb	%dl,16(%edi)
+	leal	1(%edi),%edi
+	subl	$1,%eax
+	jnz	.L072xts_dec_steal
+	subl	112(%esp),%edi
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	movups	(%edi),%xmm2
+	xorps	%xmm6,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L073dec1_loop_14:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L073dec1_loop_14
+.byte	102,15,56,223,209
+	xorps	%xmm6,%xmm2
+	movups	%xmm2,(%edi)
+.L069xts_dec_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	movdqa	%xmm0,(%esp)
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm0,16(%esp)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm0,32(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm0,48(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm0,64(%esp)
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm0,80(%esp)
+	movl	116(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	aesni_xts_decrypt,.-.L_aesni_xts_decrypt_begin
+.globl	aesni_ocb_encrypt
+.type	aesni_ocb_encrypt,@function
+.align	16
+aesni_ocb_encrypt:
+.L_aesni_ocb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	40(%esp),%ecx
+	movl	48(%esp),%ebx
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movdqu	(%ecx),%xmm0
+	movl	36(%esp),%ebp
+	movdqu	(%ebx),%xmm1
+	movl	44(%esp),%ebx
+	movl	%esp,%ecx
+	subl	$132,%esp
+	andl	$-16,%esp
+	subl	%esi,%edi
+	shll	$4,%eax
+	leal	-96(%esi,%eax,1),%eax
+	movl	%edi,120(%esp)
+	movl	%eax,124(%esp)
+	movl	%ecx,128(%esp)
+	movl	240(%edx),%ecx
+	testl	$1,%ebp
+	jnz	.L074odd
+	bsfl	%ebp,%eax
+	addl	$1,%ebp
+	shll	$4,%eax
+	movdqu	(%ebx,%eax,1),%xmm7
+	movl	%edx,%eax
+	movdqu	(%esi),%xmm2
+	leal	16(%esi),%esi
+	pxor	%xmm0,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm7,%xmm2
+	movdqa	%xmm1,%xmm6
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L075enc1_loop_15:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L075enc1_loop_15
+.byte	102,15,56,221,209
+	xorps	%xmm7,%xmm2
+	movdqa	%xmm7,%xmm0
+	movdqa	%xmm6,%xmm1
+	movups	%xmm2,-16(%edi,%esi,1)
+	movl	240(%eax),%ecx
+	movl	%eax,%edx
+	movl	124(%esp),%eax
+.L074odd:
+	shll	$4,%ecx
+	movl	$16,%edi
+	subl	%ecx,%edi
+	movl	%edx,112(%esp)
+	leal	32(%edx,%ecx,1),%edx
+	movl	%edi,116(%esp)
+	cmpl	%eax,%esi
+	ja	.L076short
+	jmp	.L077grandloop
+.align	32
+.L077grandloop:
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	leal	5(%ebp),%edi
+	addl	$6,%ebp
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	bsfl	%edi,%edi
+	shll	$4,%ecx
+	shll	$4,%eax
+	shll	$4,%edi
+	movdqu	(%ebx),%xmm2
+	movdqu	(%ebx,%ecx,1),%xmm3
+	movl	116(%esp),%ecx
+	movdqa	%xmm2,%xmm4
+	movdqu	(%ebx,%eax,1),%xmm5
+	movdqa	%xmm2,%xmm6
+	movdqu	(%ebx,%edi,1),%xmm7
+	pxor	%xmm0,%xmm2
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm3,16(%esp)
+	pxor	%xmm4,%xmm5
+	movdqa	%xmm4,32(%esp)
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm5,48(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm6,64(%esp)
+	movdqa	%xmm7,80(%esp)
+	movups	-48(%edx,%ecx,1),%xmm0
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+	pxor	%xmm2,%xmm1
+	pxor	%xmm0,%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	%xmm0,%xmm3
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	pxor	%xmm5,%xmm1
+	pxor	%xmm0,%xmm5
+	pxor	%xmm6,%xmm1
+	pxor	%xmm0,%xmm6
+	pxor	%xmm7,%xmm1
+	pxor	%xmm0,%xmm7
+	movdqa	%xmm1,96(%esp)
+	movups	-32(%edx,%ecx,1),%xmm1
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	pxor	80(%esp),%xmm7
+	movups	-16(%edx,%ecx,1),%xmm0
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movl	120(%esp),%edi
+	movl	124(%esp),%eax
+	call	.L_aesni_encrypt6_enter
+	movdqa	80(%esp),%xmm0
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	pxor	%xmm0,%xmm7
+	movdqa	96(%esp),%xmm1
+	movdqu	%xmm2,-96(%edi,%esi,1)
+	movdqu	%xmm3,-80(%edi,%esi,1)
+	movdqu	%xmm4,-64(%edi,%esi,1)
+	movdqu	%xmm5,-48(%edi,%esi,1)
+	movdqu	%xmm6,-32(%edi,%esi,1)
+	movdqu	%xmm7,-16(%edi,%esi,1)
+	cmpl	%eax,%esi
+	jb	.L077grandloop
+.L076short:
+	addl	$96,%eax
+	subl	%esi,%eax
+	jz	.L078done
+	cmpl	$32,%eax
+	jb	.L079one
+	je	.L080two
+	cmpl	$64,%eax
+	jb	.L081three
+	je	.L082four
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	shll	$4,%ecx
+	shll	$4,%eax
+	movdqu	(%ebx),%xmm2
+	movdqu	(%ebx,%ecx,1),%xmm3
+	movl	116(%esp),%ecx
+	movdqa	%xmm2,%xmm4
+	movdqu	(%ebx,%eax,1),%xmm5
+	movdqa	%xmm2,%xmm6
+	pxor	%xmm0,%xmm2
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm3,16(%esp)
+	pxor	%xmm4,%xmm5
+	movdqa	%xmm4,32(%esp)
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm5,48(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm6,64(%esp)
+	movups	-48(%edx,%ecx,1),%xmm0
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	pxor	%xmm7,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm0,%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	%xmm0,%xmm3
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	pxor	%xmm5,%xmm1
+	pxor	%xmm0,%xmm5
+	pxor	%xmm6,%xmm1
+	pxor	%xmm0,%xmm6
+	movdqa	%xmm1,96(%esp)
+	movups	-32(%edx,%ecx,1),%xmm1
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	movups	-16(%edx,%ecx,1),%xmm0
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movl	120(%esp),%edi
+	call	.L_aesni_encrypt6_enter
+	movdqa	64(%esp),%xmm0
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	%xmm0,%xmm6
+	movdqa	96(%esp),%xmm1
+	movdqu	%xmm2,(%edi,%esi,1)
+	movdqu	%xmm3,16(%edi,%esi,1)
+	movdqu	%xmm4,32(%edi,%esi,1)
+	movdqu	%xmm5,48(%edi,%esi,1)
+	movdqu	%xmm6,64(%edi,%esi,1)
+	jmp	.L078done
+.align	16
+.L079one:
+	movdqu	(%ebx),%xmm7
+	movl	112(%esp),%edx
+	movdqu	(%esi),%xmm2
+	movl	240(%edx),%ecx
+	pxor	%xmm0,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm7,%xmm2
+	movdqa	%xmm1,%xmm6
+	movl	120(%esp),%edi
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L083enc1_loop_16:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L083enc1_loop_16
+.byte	102,15,56,221,209
+	xorps	%xmm7,%xmm2
+	movdqa	%xmm7,%xmm0
+	movdqa	%xmm6,%xmm1
+	movups	%xmm2,(%edi,%esi,1)
+	jmp	.L078done
+.align	16
+.L080two:
+	leal	1(%ebp),%ecx
+	movl	112(%esp),%edx
+	bsfl	%ecx,%ecx
+	shll	$4,%ecx
+	movdqu	(%ebx),%xmm6
+	movdqu	(%ebx,%ecx,1),%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movl	240(%edx),%ecx
+	pxor	%xmm0,%xmm6
+	pxor	%xmm6,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm6,%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	%xmm7,%xmm3
+	movdqa	%xmm1,%xmm5
+	movl	120(%esp),%edi
+	call	_aesni_encrypt2
+	xorps	%xmm6,%xmm2
+	xorps	%xmm7,%xmm3
+	movdqa	%xmm7,%xmm0
+	movdqa	%xmm5,%xmm1
+	movups	%xmm2,(%edi,%esi,1)
+	movups	%xmm3,16(%edi,%esi,1)
+	jmp	.L078done
+.align	16
+.L081three:
+	leal	1(%ebp),%ecx
+	movl	112(%esp),%edx
+	bsfl	%ecx,%ecx
+	shll	$4,%ecx
+	movdqu	(%ebx),%xmm5
+	movdqu	(%ebx,%ecx,1),%xmm6
+	movdqa	%xmm5,%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movl	240(%edx),%ecx
+	pxor	%xmm0,%xmm5
+	pxor	%xmm5,%xmm6
+	pxor	%xmm6,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm5,%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	%xmm6,%xmm3
+	pxor	%xmm4,%xmm1
+	pxor	%xmm7,%xmm4
+	movdqa	%xmm1,96(%esp)
+	movl	120(%esp),%edi
+	call	_aesni_encrypt3
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	movdqa	%xmm7,%xmm0
+	movdqa	96(%esp),%xmm1
+	movups	%xmm2,(%edi,%esi,1)
+	movups	%xmm3,16(%edi,%esi,1)
+	movups	%xmm4,32(%edi,%esi,1)
+	jmp	.L078done
+.align	16
+.L082four:
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	movl	112(%esp),%edx
+	shll	$4,%ecx
+	shll	$4,%eax
+	movdqu	(%ebx),%xmm4
+	movdqu	(%ebx,%ecx,1),%xmm5
+	movdqa	%xmm4,%xmm6
+	movdqu	(%ebx,%eax,1),%xmm7
+	pxor	%xmm0,%xmm4
+	movdqu	(%esi),%xmm2
+	pxor	%xmm4,%xmm5
+	movdqu	16(%esi),%xmm3
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm4,(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm5,16(%esp)
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movl	240(%edx),%ecx
+	pxor	%xmm2,%xmm1
+	pxor	(%esp),%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	%xmm4,%xmm1
+	pxor	%xmm6,%xmm4
+	pxor	%xmm5,%xmm1
+	pxor	%xmm7,%xmm5
+	movdqa	%xmm1,96(%esp)
+	movl	120(%esp),%edi
+	call	_aesni_encrypt4
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	%xmm6,%xmm4
+	movups	%xmm2,(%edi,%esi,1)
+	xorps	%xmm7,%xmm5
+	movups	%xmm3,16(%edi,%esi,1)
+	movdqa	%xmm7,%xmm0
+	movups	%xmm4,32(%edi,%esi,1)
+	movdqa	96(%esp),%xmm1
+	movups	%xmm5,48(%edi,%esi,1)
+.L078done:
+	movl	128(%esp),%edx
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm2,16(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm2,32(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm2,48(%esp)
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm2,64(%esp)
+	movdqa	%xmm2,80(%esp)
+	movdqa	%xmm2,96(%esp)
+	leal	(%edx),%esp
+	movl	40(%esp),%ecx
+	movl	48(%esp),%ebx
+	movdqu	%xmm0,(%ecx)
+	pxor	%xmm0,%xmm0
+	movdqu	%xmm1,(%ebx)
+	pxor	%xmm1,%xmm1
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	aesni_ocb_encrypt,.-.L_aesni_ocb_encrypt_begin
+.globl	aesni_ocb_decrypt
+.type	aesni_ocb_decrypt,@function
+.align	16
+aesni_ocb_decrypt:
+.L_aesni_ocb_decrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	40(%esp),%ecx
+	movl	48(%esp),%ebx
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movdqu	(%ecx),%xmm0
+	movl	36(%esp),%ebp
+	movdqu	(%ebx),%xmm1
+	movl	44(%esp),%ebx
+	movl	%esp,%ecx
+	subl	$132,%esp
+	andl	$-16,%esp
+	subl	%esi,%edi
+	shll	$4,%eax
+	leal	-96(%esi,%eax,1),%eax
+	movl	%edi,120(%esp)
+	movl	%eax,124(%esp)
+	movl	%ecx,128(%esp)
+	movl	240(%edx),%ecx
+	testl	$1,%ebp
+	jnz	.L084odd
+	bsfl	%ebp,%eax
+	addl	$1,%ebp
+	shll	$4,%eax
+	movdqu	(%ebx,%eax,1),%xmm7
+	movl	%edx,%eax
+	movdqu	(%esi),%xmm2
+	leal	16(%esi),%esi
+	pxor	%xmm0,%xmm7
+	pxor	%xmm7,%xmm2
+	movdqa	%xmm1,%xmm6
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L085dec1_loop_17:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L085dec1_loop_17
+.byte	102,15,56,223,209
+	xorps	%xmm7,%xmm2
+	movaps	%xmm6,%xmm1
+	movdqa	%xmm7,%xmm0
+	xorps	%xmm2,%xmm1
+	movups	%xmm2,-16(%edi,%esi,1)
+	movl	240(%eax),%ecx
+	movl	%eax,%edx
+	movl	124(%esp),%eax
+.L084odd:
+	shll	$4,%ecx
+	movl	$16,%edi
+	subl	%ecx,%edi
+	movl	%edx,112(%esp)
+	leal	32(%edx,%ecx,1),%edx
+	movl	%edi,116(%esp)
+	cmpl	%eax,%esi
+	ja	.L086short
+	jmp	.L087grandloop
+.align	32
+.L087grandloop:
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	leal	5(%ebp),%edi
+	addl	$6,%ebp
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	bsfl	%edi,%edi
+	shll	$4,%ecx
+	shll	$4,%eax
+	shll	$4,%edi
+	movdqu	(%ebx),%xmm2
+	movdqu	(%ebx,%ecx,1),%xmm3
+	movl	116(%esp),%ecx
+	movdqa	%xmm2,%xmm4
+	movdqu	(%ebx,%eax,1),%xmm5
+	movdqa	%xmm2,%xmm6
+	movdqu	(%ebx,%edi,1),%xmm7
+	pxor	%xmm0,%xmm2
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm3,16(%esp)
+	pxor	%xmm4,%xmm5
+	movdqa	%xmm4,32(%esp)
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm5,48(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm6,64(%esp)
+	movdqa	%xmm7,80(%esp)
+	movups	-48(%edx,%ecx,1),%xmm0
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+	movdqa	%xmm1,96(%esp)
+	pxor	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	pxor	%xmm0,%xmm7
+	movups	-32(%edx,%ecx,1),%xmm1
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	pxor	80(%esp),%xmm7
+	movups	-16(%edx,%ecx,1),%xmm0
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movl	120(%esp),%edi
+	movl	124(%esp),%eax
+	call	.L_aesni_decrypt6_enter
+	movdqa	80(%esp),%xmm0
+	pxor	(%esp),%xmm2
+	movdqa	96(%esp),%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	pxor	%xmm0,%xmm7
+	pxor	%xmm2,%xmm1
+	movdqu	%xmm2,-96(%edi,%esi,1)
+	pxor	%xmm3,%xmm1
+	movdqu	%xmm3,-80(%edi,%esi,1)
+	pxor	%xmm4,%xmm1
+	movdqu	%xmm4,-64(%edi,%esi,1)
+	pxor	%xmm5,%xmm1
+	movdqu	%xmm5,-48(%edi,%esi,1)
+	pxor	%xmm6,%xmm1
+	movdqu	%xmm6,-32(%edi,%esi,1)
+	pxor	%xmm7,%xmm1
+	movdqu	%xmm7,-16(%edi,%esi,1)
+	cmpl	%eax,%esi
+	jb	.L087grandloop
+.L086short:
+	addl	$96,%eax
+	subl	%esi,%eax
+	jz	.L088done
+	cmpl	$32,%eax
+	jb	.L089one
+	je	.L090two
+	cmpl	$64,%eax
+	jb	.L091three
+	je	.L092four
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	shll	$4,%ecx
+	shll	$4,%eax
+	movdqu	(%ebx),%xmm2
+	movdqu	(%ebx,%ecx,1),%xmm3
+	movl	116(%esp),%ecx
+	movdqa	%xmm2,%xmm4
+	movdqu	(%ebx,%eax,1),%xmm5
+	movdqa	%xmm2,%xmm6
+	pxor	%xmm0,%xmm2
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm3,16(%esp)
+	pxor	%xmm4,%xmm5
+	movdqa	%xmm4,32(%esp)
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm5,48(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm6,64(%esp)
+	movups	-48(%edx,%ecx,1),%xmm0
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm1,96(%esp)
+	pxor	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	movups	-32(%edx,%ecx,1),%xmm1
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	movups	-16(%edx,%ecx,1),%xmm0
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movl	120(%esp),%edi
+	call	.L_aesni_decrypt6_enter
+	movdqa	64(%esp),%xmm0
+	pxor	(%esp),%xmm2
+	movdqa	96(%esp),%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	%xmm0,%xmm6
+	pxor	%xmm2,%xmm1
+	movdqu	%xmm2,(%edi,%esi,1)
+	pxor	%xmm3,%xmm1
+	movdqu	%xmm3,16(%edi,%esi,1)
+	pxor	%xmm4,%xmm1
+	movdqu	%xmm4,32(%edi,%esi,1)
+	pxor	%xmm5,%xmm1
+	movdqu	%xmm5,48(%edi,%esi,1)
+	pxor	%xmm6,%xmm1
+	movdqu	%xmm6,64(%edi,%esi,1)
+	jmp	.L088done
+.align	16
+.L089one:
+	movdqu	(%ebx),%xmm7
+	movl	112(%esp),%edx
+	movdqu	(%esi),%xmm2
+	movl	240(%edx),%ecx
+	pxor	%xmm0,%xmm7
+	pxor	%xmm7,%xmm2
+	movdqa	%xmm1,%xmm6
+	movl	120(%esp),%edi
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L093dec1_loop_18:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L093dec1_loop_18
+.byte	102,15,56,223,209
+	xorps	%xmm7,%xmm2
+	movaps	%xmm6,%xmm1
+	movdqa	%xmm7,%xmm0
+	xorps	%xmm2,%xmm1
+	movups	%xmm2,(%edi,%esi,1)
+	jmp	.L088done
+.align	16
+.L090two:
+	leal	1(%ebp),%ecx
+	movl	112(%esp),%edx
+	bsfl	%ecx,%ecx
+	shll	$4,%ecx
+	movdqu	(%ebx),%xmm6
+	movdqu	(%ebx,%ecx,1),%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movl	240(%edx),%ecx
+	movdqa	%xmm1,%xmm5
+	pxor	%xmm0,%xmm6
+	pxor	%xmm6,%xmm7
+	pxor	%xmm6,%xmm2
+	pxor	%xmm7,%xmm3
+	movl	120(%esp),%edi
+	call	_aesni_decrypt2
+	xorps	%xmm6,%xmm2
+	xorps	%xmm7,%xmm3
+	movdqa	%xmm7,%xmm0
+	xorps	%xmm2,%xmm5
+	movups	%xmm2,(%edi,%esi,1)
+	xorps	%xmm3,%xmm5
+	movups	%xmm3,16(%edi,%esi,1)
+	movaps	%xmm5,%xmm1
+	jmp	.L088done
+.align	16
+.L091three:
+	leal	1(%ebp),%ecx
+	movl	112(%esp),%edx
+	bsfl	%ecx,%ecx
+	shll	$4,%ecx
+	movdqu	(%ebx),%xmm5
+	movdqu	(%ebx,%ecx,1),%xmm6
+	movdqa	%xmm5,%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movl	240(%edx),%ecx
+	movdqa	%xmm1,96(%esp)
+	pxor	%xmm0,%xmm5
+	pxor	%xmm5,%xmm6
+	pxor	%xmm6,%xmm7
+	pxor	%xmm5,%xmm2
+	pxor	%xmm6,%xmm3
+	pxor	%xmm7,%xmm4
+	movl	120(%esp),%edi
+	call	_aesni_decrypt3
+	movdqa	96(%esp),%xmm1
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi,%esi,1)
+	pxor	%xmm2,%xmm1
+	movdqa	%xmm7,%xmm0
+	movups	%xmm3,16(%edi,%esi,1)
+	pxor	%xmm3,%xmm1
+	movups	%xmm4,32(%edi,%esi,1)
+	pxor	%xmm4,%xmm1
+	jmp	.L088done
+.align	16
+.L092four:
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	movl	112(%esp),%edx
+	shll	$4,%ecx
+	shll	$4,%eax
+	movdqu	(%ebx),%xmm4
+	movdqu	(%ebx,%ecx,1),%xmm5
+	movdqa	%xmm4,%xmm6
+	movdqu	(%ebx,%eax,1),%xmm7
+	pxor	%xmm0,%xmm4
+	movdqu	(%esi),%xmm2
+	pxor	%xmm4,%xmm5
+	movdqu	16(%esi),%xmm3
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm4,(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm5,16(%esp)
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movl	240(%edx),%ecx
+	movdqa	%xmm1,96(%esp)
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	%xmm6,%xmm4
+	pxor	%xmm7,%xmm5
+	movl	120(%esp),%edi
+	call	_aesni_decrypt4
+	movdqa	96(%esp),%xmm1
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	%xmm6,%xmm4
+	movups	%xmm2,(%edi,%esi,1)
+	pxor	%xmm2,%xmm1
+	xorps	%xmm7,%xmm5
+	movups	%xmm3,16(%edi,%esi,1)
+	pxor	%xmm3,%xmm1
+	movdqa	%xmm7,%xmm0
+	movups	%xmm4,32(%edi,%esi,1)
+	pxor	%xmm4,%xmm1
+	movups	%xmm5,48(%edi,%esi,1)
+	pxor	%xmm5,%xmm1
+.L088done:
+	movl	128(%esp),%edx
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm2,16(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm2,32(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm2,48(%esp)
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm2,64(%esp)
+	movdqa	%xmm2,80(%esp)
+	movdqa	%xmm2,96(%esp)
+	leal	(%edx),%esp
+	movl	40(%esp),%ecx
+	movl	48(%esp),%ebx
+	movdqu	%xmm0,(%ecx)
+	pxor	%xmm0,%xmm0
+	movdqu	%xmm1,(%ebx)
+	pxor	%xmm1,%xmm1
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	aesni_ocb_decrypt,.-.L_aesni_ocb_decrypt_begin
+.globl	aesni_cbc_encrypt
+.type	aesni_cbc_encrypt,@function
+.align	16
+aesni_cbc_encrypt:
+.L_aesni_cbc_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	%esp,%ebx
+	movl	24(%esp),%edi
+	subl	$24,%ebx
+	movl	28(%esp),%eax
+	andl	$-16,%ebx
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebp
+	testl	%eax,%eax
+	jz	.L094cbc_abort
+	cmpl	$0,40(%esp)
+	xchgl	%esp,%ebx
+	movups	(%ebp),%xmm7
+	movl	240(%edx),%ecx
+	movl	%edx,%ebp
+	movl	%ebx,16(%esp)
+	movl	%ecx,%ebx
+	je	.L095cbc_decrypt
+	movaps	%xmm7,%xmm2
+	cmpl	$16,%eax
+	jb	.L096cbc_enc_tail
+	subl	$16,%eax
+	jmp	.L097cbc_enc_loop
+.align	16
+.L097cbc_enc_loop:
+	movups	(%esi),%xmm7
+	leal	16(%esi),%esi
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm7
+	leal	32(%edx),%edx
+	xorps	%xmm7,%xmm2
+.L098enc1_loop_19:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L098enc1_loop_19
+.byte	102,15,56,221,209
+	movl	%ebx,%ecx
+	movl	%ebp,%edx
+	movups	%xmm2,(%edi)
+	leal	16(%edi),%edi
+	subl	$16,%eax
+	jnc	.L097cbc_enc_loop
+	addl	$16,%eax
+	jnz	.L096cbc_enc_tail
+	movaps	%xmm2,%xmm7
+	pxor	%xmm2,%xmm2
+	jmp	.L099cbc_ret
+.L096cbc_enc_tail:
+	movl	%eax,%ecx
+.long	2767451785
+	movl	$16,%ecx
+	subl	%eax,%ecx
+	xorl	%eax,%eax
+.long	2868115081
+	leal	-16(%edi),%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+	movl	%ebp,%edx
+	jmp	.L097cbc_enc_loop
+.align	16
+.L095cbc_decrypt:
+	cmpl	$80,%eax
+	jbe	.L100cbc_dec_tail
+	movaps	%xmm7,(%esp)
+	subl	$80,%eax
+	jmp	.L101cbc_dec_loop6_enter
+.align	16
+.L102cbc_dec_loop6:
+	movaps	%xmm0,(%esp)
+	movups	%xmm7,(%edi)
+	leal	16(%edi),%edi
+.L101cbc_dec_loop6_enter:
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	call	_aesni_decrypt6
+	movups	(%esi),%xmm1
+	movups	16(%esi),%xmm0
+	xorps	(%esp),%xmm2
+	xorps	%xmm1,%xmm3
+	movups	32(%esi),%xmm1
+	xorps	%xmm0,%xmm4
+	movups	48(%esi),%xmm0
+	xorps	%xmm1,%xmm5
+	movups	64(%esi),%xmm1
+	xorps	%xmm0,%xmm6
+	movups	80(%esi),%xmm0
+	xorps	%xmm1,%xmm7
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	leal	96(%esi),%esi
+	movups	%xmm4,32(%edi)
+	movl	%ebx,%ecx
+	movups	%xmm5,48(%edi)
+	movl	%ebp,%edx
+	movups	%xmm6,64(%edi)
+	leal	80(%edi),%edi
+	subl	$96,%eax
+	ja	.L102cbc_dec_loop6
+	movaps	%xmm7,%xmm2
+	movaps	%xmm0,%xmm7
+	addl	$80,%eax
+	jle	.L103cbc_dec_clear_tail_collected
+	movups	%xmm2,(%edi)
+	leal	16(%edi),%edi
+.L100cbc_dec_tail:
+	movups	(%esi),%xmm2
+	movaps	%xmm2,%xmm6
+	cmpl	$16,%eax
+	jbe	.L104cbc_dec_one
+	movups	16(%esi),%xmm3
+	movaps	%xmm3,%xmm5
+	cmpl	$32,%eax
+	jbe	.L105cbc_dec_two
+	movups	32(%esi),%xmm4
+	cmpl	$48,%eax
+	jbe	.L106cbc_dec_three
+	movups	48(%esi),%xmm5
+	cmpl	$64,%eax
+	jbe	.L107cbc_dec_four
+	movups	64(%esi),%xmm6
+	movaps	%xmm7,(%esp)
+	movups	(%esi),%xmm2
+	xorps	%xmm7,%xmm7
+	call	_aesni_decrypt6
+	movups	(%esi),%xmm1
+	movups	16(%esi),%xmm0
+	xorps	(%esp),%xmm2
+	xorps	%xmm1,%xmm3
+	movups	32(%esi),%xmm1
+	xorps	%xmm0,%xmm4
+	movups	48(%esi),%xmm0
+	xorps	%xmm1,%xmm5
+	movups	64(%esi),%xmm7
+	xorps	%xmm0,%xmm6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%edi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%edi)
+	pxor	%xmm5,%xmm5
+	leal	64(%edi),%edi
+	movaps	%xmm6,%xmm2
+	pxor	%xmm6,%xmm6
+	subl	$80,%eax
+	jmp	.L108cbc_dec_tail_collected
+.align	16
+.L104cbc_dec_one:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+.L109dec1_loop_20:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	.L109dec1_loop_20
+.byte	102,15,56,223,209
+	xorps	%xmm7,%xmm2
+	movaps	%xmm6,%xmm7
+	subl	$16,%eax
+	jmp	.L108cbc_dec_tail_collected
+.align	16
+.L105cbc_dec_two:
+	call	_aesni_decrypt2
+	xorps	%xmm7,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	movaps	%xmm3,%xmm2
+	pxor	%xmm3,%xmm3
+	leal	16(%edi),%edi
+	movaps	%xmm5,%xmm7
+	subl	$32,%eax
+	jmp	.L108cbc_dec_tail_collected
+.align	16
+.L106cbc_dec_three:
+	call	_aesni_decrypt3
+	xorps	%xmm7,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm5,%xmm4
+	movups	%xmm2,(%edi)
+	movaps	%xmm4,%xmm2
+	pxor	%xmm4,%xmm4
+	movups	%xmm3,16(%edi)
+	pxor	%xmm3,%xmm3
+	leal	32(%edi),%edi
+	movups	32(%esi),%xmm7
+	subl	$48,%eax
+	jmp	.L108cbc_dec_tail_collected
+.align	16
+.L107cbc_dec_four:
+	call	_aesni_decrypt4
+	movups	16(%esi),%xmm1
+	movups	32(%esi),%xmm0
+	xorps	%xmm7,%xmm2
+	movups	48(%esi),%xmm7
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	xorps	%xmm1,%xmm4
+	movups	%xmm3,16(%edi)
+	pxor	%xmm3,%xmm3
+	xorps	%xmm0,%xmm5
+	movups	%xmm4,32(%edi)
+	pxor	%xmm4,%xmm4
+	leal	48(%edi),%edi
+	movaps	%xmm5,%xmm2
+	pxor	%xmm5,%xmm5
+	subl	$64,%eax
+	jmp	.L108cbc_dec_tail_collected
+.align	16
+.L103cbc_dec_clear_tail_collected:
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+.L108cbc_dec_tail_collected:
+	andl	$15,%eax
+	jnz	.L110cbc_dec_tail_partial
+	movups	%xmm2,(%edi)
+	pxor	%xmm0,%xmm0
+	jmp	.L099cbc_ret
+.align	16
+.L110cbc_dec_tail_partial:
+	movaps	%xmm2,(%esp)
+	pxor	%xmm0,%xmm0
+	movl	$16,%ecx
+	movl	%esp,%esi
+	subl	%eax,%ecx
+.long	2767451785
+	movdqa	%xmm2,(%esp)
+.L099cbc_ret:
+	movl	16(%esp),%esp
+	movl	36(%esp),%ebp
+	pxor	%xmm2,%xmm2
+	pxor	%xmm1,%xmm1
+	movups	%xmm7,(%ebp)
+	pxor	%xmm7,%xmm7
+.L094cbc_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	aesni_cbc_encrypt,.-.L_aesni_cbc_encrypt_begin
+.type	_aesni_set_encrypt_key,@function
+.align	16
+_aesni_set_encrypt_key:
+	pushl	%ebp
+	pushl	%ebx
+	testl	%eax,%eax
+	jz	.L111bad_pointer
+	testl	%edx,%edx
+	jz	.L111bad_pointer
+	call	.L112pic
+.L112pic:
+	popl	%ebx
+	leal	.Lkey_const-.L112pic(%ebx),%ebx
+	leal	GNUTLS_x86_cpuid_s-.Lkey_const(%ebx),%ebp
+	movups	(%eax),%xmm0
+	xorps	%xmm4,%xmm4
+	movl	4(%ebp),%ebp
+	leal	16(%edx),%edx
+	andl	$268437504,%ebp
+	cmpl	$256,%ecx
+	je	.L11314rounds
+	cmpl	$192,%ecx
+	je	.L11412rounds
+	cmpl	$128,%ecx
+	jne	.L115bad_keybits
+.align	16
+.L11610rounds:
+	cmpl	$268435456,%ebp
+	je	.L11710rounds_alt
+	movl	$9,%ecx
+	movups	%xmm0,-16(%edx)
+.byte	102,15,58,223,200,1
+	call	.L118key_128_cold
+.byte	102,15,58,223,200,2
+	call	.L119key_128
+.byte	102,15,58,223,200,4
+	call	.L119key_128
+.byte	102,15,58,223,200,8
+	call	.L119key_128
+.byte	102,15,58,223,200,16
+	call	.L119key_128
+.byte	102,15,58,223,200,32
+	call	.L119key_128
+.byte	102,15,58,223,200,64
+	call	.L119key_128
+.byte	102,15,58,223,200,128
+	call	.L119key_128
+.byte	102,15,58,223,200,27
+	call	.L119key_128
+.byte	102,15,58,223,200,54
+	call	.L119key_128
+	movups	%xmm0,(%edx)
+	movl	%ecx,80(%edx)
+	jmp	.L120good_key
+.align	16
+.L119key_128:
+	movups	%xmm0,(%edx)
+	leal	16(%edx),%edx
+.L118key_128_cold:
+	shufps	$16,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$255,%xmm1,%xmm1
+	xorps	%xmm1,%xmm0
+	ret
+.align	16
+.L11710rounds_alt:
+	movdqa	(%ebx),%xmm5
+	movl	$8,%ecx
+	movdqa	32(%ebx),%xmm4
+	movdqa	%xmm0,%xmm2
+	movdqu	%xmm0,-16(%edx)
+.L121loop_key128:
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	pslld	$1,%xmm4
+	leal	16(%edx),%edx
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,-16(%edx)
+	movdqa	%xmm0,%xmm2
+	decl	%ecx
+	jnz	.L121loop_key128
+	movdqa	48(%ebx),%xmm4
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	pslld	$1,%xmm4
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,(%edx)
+	movdqa	%xmm0,%xmm2
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,16(%edx)
+	movl	$9,%ecx
+	movl	%ecx,96(%edx)
+	jmp	.L120good_key
+.align	16
+.L11412rounds:
+	movq	16(%eax),%xmm2
+	cmpl	$268435456,%ebp
+	je	.L12212rounds_alt
+	movl	$11,%ecx
+	movups	%xmm0,-16(%edx)
+.byte	102,15,58,223,202,1
+	call	.L123key_192a_cold
+.byte	102,15,58,223,202,2
+	call	.L124key_192b
+.byte	102,15,58,223,202,4
+	call	.L125key_192a
+.byte	102,15,58,223,202,8
+	call	.L124key_192b
+.byte	102,15,58,223,202,16
+	call	.L125key_192a
+.byte	102,15,58,223,202,32
+	call	.L124key_192b
+.byte	102,15,58,223,202,64
+	call	.L125key_192a
+.byte	102,15,58,223,202,128
+	call	.L124key_192b
+	movups	%xmm0,(%edx)
+	movl	%ecx,48(%edx)
+	jmp	.L120good_key
+.align	16
+.L125key_192a:
+	movups	%xmm0,(%edx)
+	leal	16(%edx),%edx
+.align	16
+.L123key_192a_cold:
+	movaps	%xmm2,%xmm5
+.L126key_192b_warm:
+	shufps	$16,%xmm0,%xmm4
+	movdqa	%xmm2,%xmm3
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	pslldq	$4,%xmm3
+	xorps	%xmm4,%xmm0
+	pshufd	$85,%xmm1,%xmm1
+	pxor	%xmm3,%xmm2
+	pxor	%xmm1,%xmm0
+	pshufd	$255,%xmm0,%xmm3
+	pxor	%xmm3,%xmm2
+	ret
+.align	16
+.L124key_192b:
+	movaps	%xmm0,%xmm3
+	shufps	$68,%xmm0,%xmm5
+	movups	%xmm5,(%edx)
+	shufps	$78,%xmm2,%xmm3
+	movups	%xmm3,16(%edx)
+	leal	32(%edx),%edx
+	jmp	.L126key_192b_warm
+.align	16
+.L12212rounds_alt:
+	movdqa	16(%ebx),%xmm5
+	movdqa	32(%ebx),%xmm4
+	movl	$8,%ecx
+	movdqu	%xmm0,-16(%edx)
+.L127loop_key192:
+	movq	%xmm2,(%edx)
+	movdqa	%xmm2,%xmm1
+.byte	102,15,56,0,213
+.byte	102,15,56,221,212
+	pslld	$1,%xmm4
+	leal	24(%edx),%edx
+	movdqa	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm3,%xmm0
+	pshufd	$255,%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pxor	%xmm2,%xmm0
+	pxor	%xmm3,%xmm2
+	movdqu	%xmm0,-16(%edx)
+	decl	%ecx
+	jnz	.L127loop_key192
+	movl	$11,%ecx
+	movl	%ecx,32(%edx)
+	jmp	.L120good_key
+.align	16
+.L11314rounds:
+	movups	16(%eax),%xmm2
+	leal	16(%edx),%edx
+	cmpl	$268435456,%ebp
+	je	.L12814rounds_alt
+	movl	$13,%ecx
+	movups	%xmm0,-32(%edx)
+	movups	%xmm2,-16(%edx)
+.byte	102,15,58,223,202,1
+	call	.L129key_256a_cold
+.byte	102,15,58,223,200,1
+	call	.L130key_256b
+.byte	102,15,58,223,202,2
+	call	.L131key_256a
+.byte	102,15,58,223,200,2
+	call	.L130key_256b
+.byte	102,15,58,223,202,4
+	call	.L131key_256a
+.byte	102,15,58,223,200,4
+	call	.L130key_256b
+.byte	102,15,58,223,202,8
+	call	.L131key_256a
+.byte	102,15,58,223,200,8
+	call	.L130key_256b
+.byte	102,15,58,223,202,16
+	call	.L131key_256a
+.byte	102,15,58,223,200,16
+	call	.L130key_256b
+.byte	102,15,58,223,202,32
+	call	.L131key_256a
+.byte	102,15,58,223,200,32
+	call	.L130key_256b
+.byte	102,15,58,223,202,64
+	call	.L131key_256a
+	movups	%xmm0,(%edx)
+	movl	%ecx,16(%edx)
+	xorl	%eax,%eax
+	jmp	.L120good_key
+.align	16
+.L131key_256a:
+	movups	%xmm2,(%edx)
+	leal	16(%edx),%edx
+.L129key_256a_cold:
+	shufps	$16,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$255,%xmm1,%xmm1
+	xorps	%xmm1,%xmm0
+	ret
+.align	16
+.L130key_256b:
+	movups	%xmm0,(%edx)
+	leal	16(%edx),%edx
+	shufps	$16,%xmm2,%xmm4
+	xorps	%xmm4,%xmm2
+	shufps	$140,%xmm2,%xmm4
+	xorps	%xmm4,%xmm2
+	shufps	$170,%xmm1,%xmm1
+	xorps	%xmm1,%xmm2
+	ret
+.align	16
+.L12814rounds_alt:
+	movdqa	(%ebx),%xmm5
+	movdqa	32(%ebx),%xmm4
+	movl	$7,%ecx
+	movdqu	%xmm0,-32(%edx)
+	movdqa	%xmm2,%xmm1
+	movdqu	%xmm2,-16(%edx)
+.L132loop_key256:
+.byte	102,15,56,0,213
+.byte	102,15,56,221,212
+	movdqa	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm3,%xmm0
+	pslld	$1,%xmm4
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,(%edx)
+	decl	%ecx
+	jz	.L133done_key256
+	pshufd	$255,%xmm0,%xmm2
+	pxor	%xmm3,%xmm3
+.byte	102,15,56,221,211
+	movdqa	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm3,%xmm1
+	pxor	%xmm1,%xmm2
+	movdqu	%xmm2,16(%edx)
+	leal	32(%edx),%edx
+	movdqa	%xmm2,%xmm1
+	jmp	.L132loop_key256
+.L133done_key256:
+	movl	$13,%ecx
+	movl	%ecx,16(%edx)
+.L120good_key:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	xorl	%eax,%eax
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	4
+.L111bad_pointer:
+	movl	$-1,%eax
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	4
+.L115bad_keybits:
+	pxor	%xmm0,%xmm0
+	movl	$-2,%eax
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	_aesni_set_encrypt_key,.-_aesni_set_encrypt_key
+.globl	aesni_set_encrypt_key
+.type	aesni_set_encrypt_key,@function
+.align	16
+aesni_set_encrypt_key:
+.L_aesni_set_encrypt_key_begin:
+	movl	4(%esp),%eax
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	call	_aesni_set_encrypt_key
+	ret
+.size	aesni_set_encrypt_key,.-.L_aesni_set_encrypt_key_begin
+.globl	aesni_set_decrypt_key
+.type	aesni_set_decrypt_key,@function
+.align	16
+aesni_set_decrypt_key:
+.L_aesni_set_decrypt_key_begin:
+	movl	4(%esp),%eax
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	call	_aesni_set_encrypt_key
+	movl	12(%esp),%edx
+	shll	$4,%ecx
+	testl	%eax,%eax
+	jnz	.L134dec_key_ret
+	leal	16(%edx,%ecx,1),%eax
+	movups	(%edx),%xmm0
+	movups	(%eax),%xmm1
+	movups	%xmm0,(%eax)
+	movups	%xmm1,(%edx)
+	leal	16(%edx),%edx
+	leal	-16(%eax),%eax
+.L135dec_key_inverse:
+	movups	(%edx),%xmm0
+	movups	(%eax),%xmm1
+.byte	102,15,56,219,192
+.byte	102,15,56,219,201
+	leal	16(%edx),%edx
+	leal	-16(%eax),%eax
+	movups	%xmm0,16(%eax)
+	movups	%xmm1,-16(%edx)
+	cmpl	%edx,%eax
+	ja	.L135dec_key_inverse
+	movups	(%edx),%xmm0
+.byte	102,15,56,219,192
+	movups	%xmm0,(%edx)
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	xorl	%eax,%eax
+.L134dec_key_ret:
+	ret
+.size	aesni_set_decrypt_key,.-.L_aesni_set_decrypt_key_begin
+.align	64
+.Lkey_const:
+.long	202313229,202313229,202313229,202313229
+.long	67569157,67569157,67569157,67569157
+.long	1,1,1,1
+.long	27,27,27,27
+.byte	65,69,83,32,102,111,114,32,73,110,116,101,108,32,65,69
+.byte	83,45,78,73,44,32,67,82,89,80,84,79,71,65,77,83
+.byte	32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115
+.byte	115,108,46,111,114,103,62,0
+.comm	GNUTLS_x86_cpuid_s,16,4
+
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/x86/elf/aesni-x86_64.s b/lib/accelerated/x86/elf/aesni-x86_64.s
new file mode 100644
index 0000000..b844198
--- /dev/null
+++ b/lib/accelerated/x86/elf/aesni-x86_64.s
@@ -0,0 +1,4515 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+.globl	aesni_encrypt
+.type	aesni_encrypt,@function
+.align	16
+aesni_encrypt:
+.cfi_startproc	
+	movups	(%rdi),%xmm2
+	movl	240(%rdx),%eax
+	movups	(%rdx),%xmm0
+	movups	16(%rdx),%xmm1
+	leaq	32(%rdx),%rdx
+	xorps	%xmm0,%xmm2
+.Loop_enc1_1:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rdx),%xmm1
+	leaq	16(%rdx),%rdx
+	jnz	.Loop_enc1_1
+.byte	102,15,56,221,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	aesni_encrypt,.-aesni_encrypt
+
+.globl	aesni_decrypt
+.type	aesni_decrypt,@function
+.align	16
+aesni_decrypt:
+.cfi_startproc	
+	movups	(%rdi),%xmm2
+	movl	240(%rdx),%eax
+	movups	(%rdx),%xmm0
+	movups	16(%rdx),%xmm1
+	leaq	32(%rdx),%rdx
+	xorps	%xmm0,%xmm2
+.Loop_dec1_2:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rdx),%xmm1
+	leaq	16(%rdx),%rdx
+	jnz	.Loop_dec1_2
+.byte	102,15,56,223,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	aesni_decrypt, .-aesni_decrypt
+.type	_aesni_encrypt2,@function
+.align	16
+_aesni_encrypt2:
+.cfi_startproc	
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+	addq	$16,%rax
+
+.Lenc_loop2:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Lenc_loop2
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_aesni_encrypt2,.-_aesni_encrypt2
+.type	_aesni_decrypt2,@function
+.align	16
+_aesni_decrypt2:
+.cfi_startproc	
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+	addq	$16,%rax
+
+.Ldec_loop2:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Ldec_loop2
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_aesni_decrypt2,.-_aesni_decrypt2
+.type	_aesni_encrypt3,@function
+.align	16
+_aesni_encrypt3:
+.cfi_startproc	
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	xorps	%xmm0,%xmm4
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+	addq	$16,%rax
+
+.Lenc_loop3:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Lenc_loop3
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_aesni_encrypt3,.-_aesni_encrypt3
+.type	_aesni_decrypt3,@function
+.align	16
+_aesni_decrypt3:
+.cfi_startproc	
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	xorps	%xmm0,%xmm4
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+	addq	$16,%rax
+
+.Ldec_loop3:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Ldec_loop3
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_aesni_decrypt3,.-_aesni_decrypt3
+.type	_aesni_encrypt4,@function
+.align	16
+_aesni_encrypt4:
+.cfi_startproc	
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	xorps	%xmm0,%xmm4
+	xorps	%xmm0,%xmm5
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	0x0f,0x1f,0x00
+	addq	$16,%rax
+
+.Lenc_loop4:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Lenc_loop4
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_aesni_encrypt4,.-_aesni_encrypt4
+.type	_aesni_decrypt4,@function
+.align	16
+_aesni_decrypt4:
+.cfi_startproc	
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	xorps	%xmm0,%xmm4
+	xorps	%xmm0,%xmm5
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	0x0f,0x1f,0x00
+	addq	$16,%rax
+
+.Ldec_loop4:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Ldec_loop4
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_aesni_decrypt4,.-_aesni_decrypt4
+.type	_aesni_encrypt6,@function
+.align	16
+_aesni_encrypt6:
+.cfi_startproc	
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+.byte	102,15,56,220,209
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,220,217
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+.byte	102,15,56,220,225
+	pxor	%xmm0,%xmm7
+	movups	(%rcx,%rax,1),%xmm0
+	addq	$16,%rax
+	jmp	.Lenc_loop6_enter
+.align	16
+.Lenc_loop6:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.Lenc_loop6_enter:
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Lenc_loop6
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+.byte	102,15,56,221,240
+.byte	102,15,56,221,248
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_aesni_encrypt6,.-_aesni_encrypt6
+.type	_aesni_decrypt6,@function
+.align	16
+_aesni_decrypt6:
+.cfi_startproc	
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+.byte	102,15,56,222,209
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,222,217
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+.byte	102,15,56,222,225
+	pxor	%xmm0,%xmm7
+	movups	(%rcx,%rax,1),%xmm0
+	addq	$16,%rax
+	jmp	.Ldec_loop6_enter
+.align	16
+.Ldec_loop6:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.Ldec_loop6_enter:
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Ldec_loop6
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+.byte	102,15,56,223,240
+.byte	102,15,56,223,248
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_aesni_decrypt6,.-_aesni_decrypt6
+.type	_aesni_encrypt8,@function
+.align	16
+_aesni_encrypt8:
+.cfi_startproc	
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,220,209
+	pxor	%xmm0,%xmm7
+	pxor	%xmm0,%xmm8
+.byte	102,15,56,220,217
+	pxor	%xmm0,%xmm9
+	movups	(%rcx,%rax,1),%xmm0
+	addq	$16,%rax
+	jmp	.Lenc_loop8_inner
+.align	16
+.Lenc_loop8:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.Lenc_loop8_inner:
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+.Lenc_loop8_enter:
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Lenc_loop8
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+.byte	102,15,56,221,240
+.byte	102,15,56,221,248
+.byte	102,68,15,56,221,192
+.byte	102,68,15,56,221,200
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_aesni_encrypt8,.-_aesni_encrypt8
+.type	_aesni_decrypt8,@function
+.align	16
+_aesni_decrypt8:
+.cfi_startproc	
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,222,209
+	pxor	%xmm0,%xmm7
+	pxor	%xmm0,%xmm8
+.byte	102,15,56,222,217
+	pxor	%xmm0,%xmm9
+	movups	(%rcx,%rax,1),%xmm0
+	addq	$16,%rax
+	jmp	.Ldec_loop8_inner
+.align	16
+.Ldec_loop8:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.Ldec_loop8_inner:
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+.Ldec_loop8_enter:
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Ldec_loop8
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+.byte	102,15,56,223,240
+.byte	102,15,56,223,248
+.byte	102,68,15,56,223,192
+.byte	102,68,15,56,223,200
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	_aesni_decrypt8,.-_aesni_decrypt8
+.globl	aesni_ecb_encrypt
+.type	aesni_ecb_encrypt,@function
+.align	16
+aesni_ecb_encrypt:
+.cfi_startproc	
+	andq	$-16,%rdx
+	jz	.Lecb_ret
+
+	movl	240(%rcx),%eax
+	movups	(%rcx),%xmm0
+	movq	%rcx,%r11
+	movl	%eax,%r10d
+	testl	%r8d,%r8d
+	jz	.Lecb_decrypt
+
+	cmpq	$0x80,%rdx
+	jb	.Lecb_enc_tail
+
+	movdqu	(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	movdqu	48(%rdi),%xmm5
+	movdqu	64(%rdi),%xmm6
+	movdqu	80(%rdi),%xmm7
+	movdqu	96(%rdi),%xmm8
+	movdqu	112(%rdi),%xmm9
+	leaq	128(%rdi),%rdi
+	subq	$0x80,%rdx
+	jmp	.Lecb_enc_loop8_enter
+.align	16
+.Lecb_enc_loop8:
+	movups	%xmm2,(%rsi)
+	movq	%r11,%rcx
+	movdqu	(%rdi),%xmm2
+	movl	%r10d,%eax
+	movups	%xmm3,16(%rsi)
+	movdqu	16(%rdi),%xmm3
+	movups	%xmm4,32(%rsi)
+	movdqu	32(%rdi),%xmm4
+	movups	%xmm5,48(%rsi)
+	movdqu	48(%rdi),%xmm5
+	movups	%xmm6,64(%rsi)
+	movdqu	64(%rdi),%xmm6
+	movups	%xmm7,80(%rsi)
+	movdqu	80(%rdi),%xmm7
+	movups	%xmm8,96(%rsi)
+	movdqu	96(%rdi),%xmm8
+	movups	%xmm9,112(%rsi)
+	leaq	128(%rsi),%rsi
+	movdqu	112(%rdi),%xmm9
+	leaq	128(%rdi),%rdi
+.Lecb_enc_loop8_enter:
+
+	call	_aesni_encrypt8
+
+	subq	$0x80,%rdx
+	jnc	.Lecb_enc_loop8
+
+	movups	%xmm2,(%rsi)
+	movq	%r11,%rcx
+	movups	%xmm3,16(%rsi)
+	movl	%r10d,%eax
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	movups	%xmm7,80(%rsi)
+	movups	%xmm8,96(%rsi)
+	movups	%xmm9,112(%rsi)
+	leaq	128(%rsi),%rsi
+	addq	$0x80,%rdx
+	jz	.Lecb_ret
+
+.Lecb_enc_tail:
+	movups	(%rdi),%xmm2
+	cmpq	$0x20,%rdx
+	jb	.Lecb_enc_one
+	movups	16(%rdi),%xmm3
+	je	.Lecb_enc_two
+	movups	32(%rdi),%xmm4
+	cmpq	$0x40,%rdx
+	jb	.Lecb_enc_three
+	movups	48(%rdi),%xmm5
+	je	.Lecb_enc_four
+	movups	64(%rdi),%xmm6
+	cmpq	$0x60,%rdx
+	jb	.Lecb_enc_five
+	movups	80(%rdi),%xmm7
+	je	.Lecb_enc_six
+	movdqu	96(%rdi),%xmm8
+	xorps	%xmm9,%xmm9
+	call	_aesni_encrypt8
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	movups	%xmm7,80(%rsi)
+	movups	%xmm8,96(%rsi)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_one:
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_enc1_3:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_enc1_3
+.byte	102,15,56,221,209
+	movups	%xmm2,(%rsi)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_two:
+	call	_aesni_encrypt2
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_three:
+	call	_aesni_encrypt3
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_four:
+	call	_aesni_encrypt4
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_five:
+	xorps	%xmm7,%xmm7
+	call	_aesni_encrypt6
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_six:
+	call	_aesni_encrypt6
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	movups	%xmm7,80(%rsi)
+	jmp	.Lecb_ret
+
+.align	16
+.Lecb_decrypt:
+	cmpq	$0x80,%rdx
+	jb	.Lecb_dec_tail
+
+	movdqu	(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	movdqu	48(%rdi),%xmm5
+	movdqu	64(%rdi),%xmm6
+	movdqu	80(%rdi),%xmm7
+	movdqu	96(%rdi),%xmm8
+	movdqu	112(%rdi),%xmm9
+	leaq	128(%rdi),%rdi
+	subq	$0x80,%rdx
+	jmp	.Lecb_dec_loop8_enter
+.align	16
+.Lecb_dec_loop8:
+	movups	%xmm2,(%rsi)
+	movq	%r11,%rcx
+	movdqu	(%rdi),%xmm2
+	movl	%r10d,%eax
+	movups	%xmm3,16(%rsi)
+	movdqu	16(%rdi),%xmm3
+	movups	%xmm4,32(%rsi)
+	movdqu	32(%rdi),%xmm4
+	movups	%xmm5,48(%rsi)
+	movdqu	48(%rdi),%xmm5
+	movups	%xmm6,64(%rsi)
+	movdqu	64(%rdi),%xmm6
+	movups	%xmm7,80(%rsi)
+	movdqu	80(%rdi),%xmm7
+	movups	%xmm8,96(%rsi)
+	movdqu	96(%rdi),%xmm8
+	movups	%xmm9,112(%rsi)
+	leaq	128(%rsi),%rsi
+	movdqu	112(%rdi),%xmm9
+	leaq	128(%rdi),%rdi
+.Lecb_dec_loop8_enter:
+
+	call	_aesni_decrypt8
+
+	movups	(%r11),%xmm0
+	subq	$0x80,%rdx
+	jnc	.Lecb_dec_loop8
+
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movq	%r11,%rcx
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movl	%r10d,%eax
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	movups	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm7
+	movups	%xmm8,96(%rsi)
+	pxor	%xmm8,%xmm8
+	movups	%xmm9,112(%rsi)
+	pxor	%xmm9,%xmm9
+	leaq	128(%rsi),%rsi
+	addq	$0x80,%rdx
+	jz	.Lecb_ret
+
+.Lecb_dec_tail:
+	movups	(%rdi),%xmm2
+	cmpq	$0x20,%rdx
+	jb	.Lecb_dec_one
+	movups	16(%rdi),%xmm3
+	je	.Lecb_dec_two
+	movups	32(%rdi),%xmm4
+	cmpq	$0x40,%rdx
+	jb	.Lecb_dec_three
+	movups	48(%rdi),%xmm5
+	je	.Lecb_dec_four
+	movups	64(%rdi),%xmm6
+	cmpq	$0x60,%rdx
+	jb	.Lecb_dec_five
+	movups	80(%rdi),%xmm7
+	je	.Lecb_dec_six
+	movups	96(%rdi),%xmm8
+	movups	(%rcx),%xmm0
+	xorps	%xmm9,%xmm9
+	call	_aesni_decrypt8
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	movups	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm7
+	movups	%xmm8,96(%rsi)
+	pxor	%xmm8,%xmm8
+	pxor	%xmm9,%xmm9
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_one:
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_dec1_4:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_dec1_4
+.byte	102,15,56,223,209
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_two:
+	call	_aesni_decrypt2
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_three:
+	call	_aesni_decrypt3
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_four:
+	call	_aesni_decrypt4
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_five:
+	xorps	%xmm7,%xmm7
+	call	_aesni_decrypt6
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_six:
+	call	_aesni_decrypt6
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	movups	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm7
+
+.Lecb_ret:
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	aesni_ecb_encrypt,.-aesni_ecb_encrypt
+.globl	aesni_ccm64_encrypt_blocks
+.type	aesni_ccm64_encrypt_blocks,@function
+.align	16
+aesni_ccm64_encrypt_blocks:
+.cfi_startproc	
+	movl	240(%rcx),%eax
+	movdqu	(%r8),%xmm6
+	movdqa	.Lincrement64(%rip),%xmm9
+	movdqa	.Lbswap_mask(%rip),%xmm7
+
+	shll	$4,%eax
+	movl	$16,%r10d
+	leaq	0(%rcx),%r11
+	movdqu	(%r9),%xmm3
+	movdqa	%xmm6,%xmm2
+	leaq	32(%rcx,%rax,1),%rcx
+.byte	102,15,56,0,247
+	subq	%rax,%r10
+	jmp	.Lccm64_enc_outer
+.align	16
+.Lccm64_enc_outer:
+	movups	(%r11),%xmm0
+	movq	%r10,%rax
+	movups	(%rdi),%xmm8
+
+	xorps	%xmm0,%xmm2
+	movups	16(%r11),%xmm1
+	xorps	%xmm8,%xmm0
+	xorps	%xmm0,%xmm3
+	movups	32(%r11),%xmm0
+
+.Lccm64_enc2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Lccm64_enc2_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	paddq	%xmm9,%xmm6
+	decq	%rdx
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+
+	leaq	16(%rdi),%rdi
+	xorps	%xmm2,%xmm8
+	movdqa	%xmm6,%xmm2
+	movups	%xmm8,(%rsi)
+.byte	102,15,56,0,215
+	leaq	16(%rsi),%rsi
+	jnz	.Lccm64_enc_outer
+
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,(%r9)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm8,%xmm8
+	pxor	%xmm6,%xmm6
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	aesni_ccm64_encrypt_blocks,.-aesni_ccm64_encrypt_blocks
+.globl	aesni_ccm64_decrypt_blocks
+.type	aesni_ccm64_decrypt_blocks,@function
+.align	16
+aesni_ccm64_decrypt_blocks:
+.cfi_startproc	
+	movl	240(%rcx),%eax
+	movups	(%r8),%xmm6
+	movdqu	(%r9),%xmm3
+	movdqa	.Lincrement64(%rip),%xmm9
+	movdqa	.Lbswap_mask(%rip),%xmm7
+
+	movaps	%xmm6,%xmm2
+	movl	%eax,%r10d
+	movq	%rcx,%r11
+.byte	102,15,56,0,247
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_enc1_5:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_enc1_5
+.byte	102,15,56,221,209
+	shll	$4,%r10d
+	movl	$16,%eax
+	movups	(%rdi),%xmm8
+	paddq	%xmm9,%xmm6
+	leaq	16(%rdi),%rdi
+	subq	%r10,%rax
+	leaq	32(%r11,%r10,1),%rcx
+	movq	%rax,%r10
+	jmp	.Lccm64_dec_outer
+.align	16
+.Lccm64_dec_outer:
+	xorps	%xmm2,%xmm8
+	movdqa	%xmm6,%xmm2
+	movups	%xmm8,(%rsi)
+	leaq	16(%rsi),%rsi
+.byte	102,15,56,0,215
+
+	subq	$1,%rdx
+	jz	.Lccm64_dec_break
+
+	movups	(%r11),%xmm0
+	movq	%r10,%rax
+	movups	16(%r11),%xmm1
+	xorps	%xmm0,%xmm8
+	xorps	%xmm0,%xmm2
+	xorps	%xmm8,%xmm3
+	movups	32(%r11),%xmm0
+	jmp	.Lccm64_dec2_loop
+.align	16
+.Lccm64_dec2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Lccm64_dec2_loop
+	movups	(%rdi),%xmm8
+	paddq	%xmm9,%xmm6
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	leaq	16(%rdi),%rdi
+	jmp	.Lccm64_dec_outer
+
+.align	16
+.Lccm64_dec_break:
+
+	movl	240(%r11),%eax
+	movups	(%r11),%xmm0
+	movups	16(%r11),%xmm1
+	xorps	%xmm0,%xmm8
+	leaq	32(%r11),%r11
+	xorps	%xmm8,%xmm3
+.Loop_enc1_6:
+.byte	102,15,56,220,217
+	decl	%eax
+	movups	(%r11),%xmm1
+	leaq	16(%r11),%r11
+	jnz	.Loop_enc1_6
+.byte	102,15,56,221,217
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,(%r9)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm8,%xmm8
+	pxor	%xmm6,%xmm6
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	aesni_ccm64_decrypt_blocks,.-aesni_ccm64_decrypt_blocks
+.globl	aesni_ctr32_encrypt_blocks
+.type	aesni_ctr32_encrypt_blocks,@function
+.align	16
+aesni_ctr32_encrypt_blocks:
+.cfi_startproc	
+	cmpq	$1,%rdx
+	jne	.Lctr32_bulk
+
+
+
+	movups	(%r8),%xmm2
+	movups	(%rdi),%xmm3
+	movl	240(%rcx),%edx
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_enc1_7:
+.byte	102,15,56,220,209
+	decl	%edx
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_enc1_7
+.byte	102,15,56,221,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	xorps	%xmm3,%xmm2
+	pxor	%xmm3,%xmm3
+	movups	%xmm2,(%rsi)
+	xorps	%xmm2,%xmm2
+	jmp	.Lctr32_epilogue
+
+.align	16
+.Lctr32_bulk:
+	leaq	(%rsp),%r11
+.cfi_def_cfa_register	%r11
+	pushq	%rbp
+.cfi_offset	%rbp,-16
+	subq	$128,%rsp
+	andq	$-16,%rsp
+
+
+
+
+	movdqu	(%r8),%xmm2
+	movdqu	(%rcx),%xmm0
+	movl	12(%r8),%r8d
+	pxor	%xmm0,%xmm2
+	movl	12(%rcx),%ebp
+	movdqa	%xmm2,0(%rsp)
+	bswapl	%r8d
+	movdqa	%xmm2,%xmm3
+	movdqa	%xmm2,%xmm4
+	movdqa	%xmm2,%xmm5
+	movdqa	%xmm2,64(%rsp)
+	movdqa	%xmm2,80(%rsp)
+	movdqa	%xmm2,96(%rsp)
+	movq	%rdx,%r10
+	movdqa	%xmm2,112(%rsp)
+
+	leaq	1(%r8),%rax
+	leaq	2(%r8),%rdx
+	bswapl	%eax
+	bswapl	%edx
+	xorl	%ebp,%eax
+	xorl	%ebp,%edx
+.byte	102,15,58,34,216,3
+	leaq	3(%r8),%rax
+	movdqa	%xmm3,16(%rsp)
+.byte	102,15,58,34,226,3
+	bswapl	%eax
+	movq	%r10,%rdx
+	leaq	4(%r8),%r10
+	movdqa	%xmm4,32(%rsp)
+	xorl	%ebp,%eax
+	bswapl	%r10d
+.byte	102,15,58,34,232,3
+	xorl	%ebp,%r10d
+	movdqa	%xmm5,48(%rsp)
+	leaq	5(%r8),%r9
+	movl	%r10d,64+12(%rsp)
+	bswapl	%r9d
+	leaq	6(%r8),%r10
+	movl	240(%rcx),%eax
+	xorl	%ebp,%r9d
+	bswapl	%r10d
+	movl	%r9d,80+12(%rsp)
+	xorl	%ebp,%r10d
+	leaq	7(%r8),%r9
+	movl	%r10d,96+12(%rsp)
+	bswapl	%r9d
+	movl	GNUTLS_x86_cpuid_s+4(%rip),%r10d
+	xorl	%ebp,%r9d
+	andl	$71303168,%r10d
+	movl	%r9d,112+12(%rsp)
+
+	movups	16(%rcx),%xmm1
+
+	movdqa	64(%rsp),%xmm6
+	movdqa	80(%rsp),%xmm7
+
+	cmpq	$8,%rdx
+	jb	.Lctr32_tail
+
+	subq	$6,%rdx
+	cmpl	$4194304,%r10d
+	je	.Lctr32_6x
+
+	leaq	128(%rcx),%rcx
+	subq	$2,%rdx
+	jmp	.Lctr32_loop8
+
+.align	16
+.Lctr32_6x:
+	shll	$4,%eax
+	movl	$48,%r10d
+	bswapl	%ebp
+	leaq	32(%rcx,%rax,1),%rcx
+	subq	%rax,%r10
+	jmp	.Lctr32_loop6
+
+.align	16
+.Lctr32_loop6:
+	addl	$6,%r8d
+	movups	-48(%rcx,%r10,1),%xmm0
+.byte	102,15,56,220,209
+	movl	%r8d,%eax
+	xorl	%ebp,%eax
+.byte	102,15,56,220,217
+.byte	0x0f,0x38,0xf1,0x44,0x24,12
+	leal	1(%r8),%eax
+.byte	102,15,56,220,225
+	xorl	%ebp,%eax
+.byte	0x0f,0x38,0xf1,0x44,0x24,28
+.byte	102,15,56,220,233
+	leal	2(%r8),%eax
+	xorl	%ebp,%eax
+.byte	102,15,56,220,241
+.byte	0x0f,0x38,0xf1,0x44,0x24,44
+	leal	3(%r8),%eax
+.byte	102,15,56,220,249
+	movups	-32(%rcx,%r10,1),%xmm1
+	xorl	%ebp,%eax
+
+.byte	102,15,56,220,208
+.byte	0x0f,0x38,0xf1,0x44,0x24,60
+	leal	4(%r8),%eax
+.byte	102,15,56,220,216
+	xorl	%ebp,%eax
+.byte	0x0f,0x38,0xf1,0x44,0x24,76
+.byte	102,15,56,220,224
+	leal	5(%r8),%eax
+	xorl	%ebp,%eax
+.byte	102,15,56,220,232
+.byte	0x0f,0x38,0xf1,0x44,0x24,92
+	movq	%r10,%rax
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-16(%rcx,%r10,1),%xmm0
+
+	call	.Lenc_loop6
+
+	movdqu	(%rdi),%xmm8
+	movdqu	16(%rdi),%xmm9
+	movdqu	32(%rdi),%xmm10
+	movdqu	48(%rdi),%xmm11
+	movdqu	64(%rdi),%xmm12
+	movdqu	80(%rdi),%xmm13
+	leaq	96(%rdi),%rdi
+	movups	-64(%rcx,%r10,1),%xmm1
+	pxor	%xmm2,%xmm8
+	movaps	0(%rsp),%xmm2
+	pxor	%xmm3,%xmm9
+	movaps	16(%rsp),%xmm3
+	pxor	%xmm4,%xmm10
+	movaps	32(%rsp),%xmm4
+	pxor	%xmm5,%xmm11
+	movaps	48(%rsp),%xmm5
+	pxor	%xmm6,%xmm12
+	movaps	64(%rsp),%xmm6
+	pxor	%xmm7,%xmm13
+	movaps	80(%rsp),%xmm7
+	movdqu	%xmm8,(%rsi)
+	movdqu	%xmm9,16(%rsi)
+	movdqu	%xmm10,32(%rsi)
+	movdqu	%xmm11,48(%rsi)
+	movdqu	%xmm12,64(%rsi)
+	movdqu	%xmm13,80(%rsi)
+	leaq	96(%rsi),%rsi
+
+	subq	$6,%rdx
+	jnc	.Lctr32_loop6
+
+	addq	$6,%rdx
+	jz	.Lctr32_done
+
+	leal	-48(%r10),%eax
+	leaq	-80(%rcx,%r10,1),%rcx
+	negl	%eax
+	shrl	$4,%eax
+	jmp	.Lctr32_tail
+
+.align	32
+.Lctr32_loop8:
+	addl	$8,%r8d
+	movdqa	96(%rsp),%xmm8
+.byte	102,15,56,220,209
+	movl	%r8d,%r9d
+	movdqa	112(%rsp),%xmm9
+.byte	102,15,56,220,217
+	bswapl	%r9d
+	movups	32-128(%rcx),%xmm0
+.byte	102,15,56,220,225
+	xorl	%ebp,%r9d
+	nop
+.byte	102,15,56,220,233
+	movl	%r9d,0+12(%rsp)
+	leaq	1(%r8),%r9
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	48-128(%rcx),%xmm1
+	bswapl	%r9d
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movl	%r9d,16+12(%rsp)
+	leaq	2(%r8),%r9
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	64-128(%rcx),%xmm0
+	bswapl	%r9d
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movl	%r9d,32+12(%rsp)
+	leaq	3(%r8),%r9
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	80-128(%rcx),%xmm1
+	bswapl	%r9d
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movl	%r9d,48+12(%rsp)
+	leaq	4(%r8),%r9
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	96-128(%rcx),%xmm0
+	bswapl	%r9d
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movl	%r9d,64+12(%rsp)
+	leaq	5(%r8),%r9
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	112-128(%rcx),%xmm1
+	bswapl	%r9d
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movl	%r9d,80+12(%rsp)
+	leaq	6(%r8),%r9
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	128-128(%rcx),%xmm0
+	bswapl	%r9d
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movl	%r9d,96+12(%rsp)
+	leaq	7(%r8),%r9
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	144-128(%rcx),%xmm1
+	bswapl	%r9d
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+	xorl	%ebp,%r9d
+	movdqu	0(%rdi),%xmm10
+.byte	102,15,56,220,232
+	movl	%r9d,112+12(%rsp)
+	cmpl	$11,%eax
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	160-128(%rcx),%xmm0
+
+	jb	.Lctr32_enc_done
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	176-128(%rcx),%xmm1
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	192-128(%rcx),%xmm0
+	je	.Lctr32_enc_done
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	208-128(%rcx),%xmm1
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	224-128(%rcx),%xmm0
+	jmp	.Lctr32_enc_done
+
+.align	16
+.Lctr32_enc_done:
+	movdqu	16(%rdi),%xmm11
+	pxor	%xmm0,%xmm10
+	movdqu	32(%rdi),%xmm12
+	pxor	%xmm0,%xmm11
+	movdqu	48(%rdi),%xmm13
+	pxor	%xmm0,%xmm12
+	movdqu	64(%rdi),%xmm14
+	pxor	%xmm0,%xmm13
+	movdqu	80(%rdi),%xmm15
+	pxor	%xmm0,%xmm14
+	pxor	%xmm0,%xmm15
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movdqu	96(%rdi),%xmm1
+	leaq	128(%rdi),%rdi
+
+.byte	102,65,15,56,221,210
+	pxor	%xmm0,%xmm1
+	movdqu	112-128(%rdi),%xmm10
+.byte	102,65,15,56,221,219
+	pxor	%xmm0,%xmm10
+	movdqa	0(%rsp),%xmm11
+.byte	102,65,15,56,221,228
+.byte	102,65,15,56,221,237
+	movdqa	16(%rsp),%xmm12
+	movdqa	32(%rsp),%xmm13
+.byte	102,65,15,56,221,246
+.byte	102,65,15,56,221,255
+	movdqa	48(%rsp),%xmm14
+	movdqa	64(%rsp),%xmm15
+.byte	102,68,15,56,221,193
+	movdqa	80(%rsp),%xmm0
+	movups	16-128(%rcx),%xmm1
+.byte	102,69,15,56,221,202
+
+	movups	%xmm2,(%rsi)
+	movdqa	%xmm11,%xmm2
+	movups	%xmm3,16(%rsi)
+	movdqa	%xmm12,%xmm3
+	movups	%xmm4,32(%rsi)
+	movdqa	%xmm13,%xmm4
+	movups	%xmm5,48(%rsi)
+	movdqa	%xmm14,%xmm5
+	movups	%xmm6,64(%rsi)
+	movdqa	%xmm15,%xmm6
+	movups	%xmm7,80(%rsi)
+	movdqa	%xmm0,%xmm7
+	movups	%xmm8,96(%rsi)
+	movups	%xmm9,112(%rsi)
+	leaq	128(%rsi),%rsi
+
+	subq	$8,%rdx
+	jnc	.Lctr32_loop8
+
+	addq	$8,%rdx
+	jz	.Lctr32_done
+	leaq	-128(%rcx),%rcx
+
+.Lctr32_tail:
+
+
+	leaq	16(%rcx),%rcx
+	cmpq	$4,%rdx
+	jb	.Lctr32_loop3
+	je	.Lctr32_loop4
+
+
+	shll	$4,%eax
+	movdqa	96(%rsp),%xmm8
+	pxor	%xmm9,%xmm9
+
+	movups	16(%rcx),%xmm0
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	leaq	32-16(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,220,225
+	addq	$16,%rax
+	movups	(%rdi),%xmm10
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+	movups	16(%rdi),%xmm11
+	movups	32(%rdi),%xmm12
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+
+	call	.Lenc_loop8_enter
+
+	movdqu	48(%rdi),%xmm13
+	pxor	%xmm10,%xmm2
+	movdqu	64(%rdi),%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm10,%xmm6
+	movdqu	%xmm5,48(%rsi)
+	movdqu	%xmm6,64(%rsi)
+	cmpq	$6,%rdx
+	jb	.Lctr32_done
+
+	movups	80(%rdi),%xmm11
+	xorps	%xmm11,%xmm7
+	movups	%xmm7,80(%rsi)
+	je	.Lctr32_done
+
+	movups	96(%rdi),%xmm12
+	xorps	%xmm12,%xmm8
+	movups	%xmm8,96(%rsi)
+	jmp	.Lctr32_done
+
+.align	32
+.Lctr32_loop4:
+.byte	102,15,56,220,209
+	leaq	16(%rcx),%rcx
+	decl	%eax
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	(%rcx),%xmm1
+	jnz	.Lctr32_loop4
+.byte	102,15,56,221,209
+.byte	102,15,56,221,217
+	movups	(%rdi),%xmm10
+	movups	16(%rdi),%xmm11
+.byte	102,15,56,221,225
+.byte	102,15,56,221,233
+	movups	32(%rdi),%xmm12
+	movups	48(%rdi),%xmm13
+
+	xorps	%xmm10,%xmm2
+	movups	%xmm2,(%rsi)
+	xorps	%xmm11,%xmm3
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm5,48(%rsi)
+	jmp	.Lctr32_done
+
+.align	32
+.Lctr32_loop3:
+.byte	102,15,56,220,209
+	leaq	16(%rcx),%rcx
+	decl	%eax
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+	movups	(%rcx),%xmm1
+	jnz	.Lctr32_loop3
+.byte	102,15,56,221,209
+.byte	102,15,56,221,217
+.byte	102,15,56,221,225
+
+	movups	(%rdi),%xmm10
+	xorps	%xmm10,%xmm2
+	movups	%xmm2,(%rsi)
+	cmpq	$2,%rdx
+	jb	.Lctr32_done
+
+	movups	16(%rdi),%xmm11
+	xorps	%xmm11,%xmm3
+	movups	%xmm3,16(%rsi)
+	je	.Lctr32_done
+
+	movups	32(%rdi),%xmm12
+	xorps	%xmm12,%xmm4
+	movups	%xmm4,32(%rsi)
+
+.Lctr32_done:
+	xorps	%xmm0,%xmm0
+	xorl	%ebp,%ebp
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	movaps	%xmm0,0(%rsp)
+	pxor	%xmm8,%xmm8
+	movaps	%xmm0,16(%rsp)
+	pxor	%xmm9,%xmm9
+	movaps	%xmm0,32(%rsp)
+	pxor	%xmm10,%xmm10
+	movaps	%xmm0,48(%rsp)
+	pxor	%xmm11,%xmm11
+	movaps	%xmm0,64(%rsp)
+	pxor	%xmm12,%xmm12
+	movaps	%xmm0,80(%rsp)
+	pxor	%xmm13,%xmm13
+	movaps	%xmm0,96(%rsp)
+	pxor	%xmm14,%xmm14
+	movaps	%xmm0,112(%rsp)
+	pxor	%xmm15,%xmm15
+	movq	-8(%r11),%rbp
+.cfi_restore	%rbp
+	leaq	(%r11),%rsp
+.cfi_def_cfa_register	%rsp
+.Lctr32_epilogue:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	aesni_ctr32_encrypt_blocks,.-aesni_ctr32_encrypt_blocks
+.globl	aesni_xts_encrypt
+.type	aesni_xts_encrypt,@function
+.align	16
+aesni_xts_encrypt:
+.cfi_startproc	
+	leaq	(%rsp),%r11
+.cfi_def_cfa_register	%r11
+	pushq	%rbp
+.cfi_offset	%rbp,-16
+	subq	$112,%rsp
+	andq	$-16,%rsp
+	movups	(%r9),%xmm2
+	movl	240(%r8),%eax
+	movl	240(%rcx),%r10d
+	movups	(%r8),%xmm0
+	movups	16(%r8),%xmm1
+	leaq	32(%r8),%r8
+	xorps	%xmm0,%xmm2
+.Loop_enc1_8:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%r8),%xmm1
+	leaq	16(%r8),%r8
+	jnz	.Loop_enc1_8
+.byte	102,15,56,221,209
+	movups	(%rcx),%xmm0
+	movq	%rcx,%rbp
+	movl	%r10d,%eax
+	shll	$4,%r10d
+	movq	%rdx,%r9
+	andq	$-16,%rdx
+
+	movups	16(%rcx,%r10,1),%xmm1
+
+	movdqa	.Lxts_magic(%rip),%xmm8
+	movdqa	%xmm2,%xmm15
+	pshufd	$0x5f,%xmm2,%xmm9
+	pxor	%xmm0,%xmm1
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm10
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm10
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm11
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm11
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm12
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm12
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm13
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm13
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm15,%xmm14
+	psrad	$31,%xmm9
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm9
+	pxor	%xmm0,%xmm14
+	pxor	%xmm9,%xmm15
+	movaps	%xmm1,96(%rsp)
+
+	subq	$96,%rdx
+	jc	.Lxts_enc_short
+
+	movl	$16+96,%eax
+	leaq	32(%rbp,%r10,1),%rcx
+	subq	%r10,%rax
+	movups	16(%rbp),%xmm1
+	movq	%rax,%r10
+	leaq	.Lxts_magic(%rip),%r8
+	jmp	.Lxts_enc_grandloop
+
+.align	32
+.Lxts_enc_grandloop:
+	movdqu	0(%rdi),%xmm2
+	movdqa	%xmm0,%xmm8
+	movdqu	16(%rdi),%xmm3
+	pxor	%xmm10,%xmm2
+	movdqu	32(%rdi),%xmm4
+	pxor	%xmm11,%xmm3
+.byte	102,15,56,220,209
+	movdqu	48(%rdi),%xmm5
+	pxor	%xmm12,%xmm4
+.byte	102,15,56,220,217
+	movdqu	64(%rdi),%xmm6
+	pxor	%xmm13,%xmm5
+.byte	102,15,56,220,225
+	movdqu	80(%rdi),%xmm7
+	pxor	%xmm15,%xmm8
+	movdqa	96(%rsp),%xmm9
+	pxor	%xmm14,%xmm6
+.byte	102,15,56,220,233
+	movups	32(%rbp),%xmm0
+	leaq	96(%rdi),%rdi
+	pxor	%xmm8,%xmm7
+
+	pxor	%xmm9,%xmm10
+.byte	102,15,56,220,241
+	pxor	%xmm9,%xmm11
+	movdqa	%xmm10,0(%rsp)
+.byte	102,15,56,220,249
+	movups	48(%rbp),%xmm1
+	pxor	%xmm9,%xmm12
+
+.byte	102,15,56,220,208
+	pxor	%xmm9,%xmm13
+	movdqa	%xmm11,16(%rsp)
+.byte	102,15,56,220,216
+	pxor	%xmm9,%xmm14
+	movdqa	%xmm12,32(%rsp)
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	pxor	%xmm9,%xmm8
+	movdqa	%xmm14,64(%rsp)
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	64(%rbp),%xmm0
+	movdqa	%xmm8,80(%rsp)
+	pshufd	$0x5f,%xmm15,%xmm9
+	jmp	.Lxts_enc_loop6
+.align	32
+.Lxts_enc_loop6:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	-64(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-80(%rcx,%rax,1),%xmm0
+	jnz	.Lxts_enc_loop6
+
+	movdqa	(%r8),%xmm8
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,220,209
+	paddq	%xmm15,%xmm15
+	psrad	$31,%xmm14
+.byte	102,15,56,220,217
+	pand	%xmm8,%xmm14
+	movups	(%rbp),%xmm10
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+	pxor	%xmm14,%xmm15
+	movaps	%xmm10,%xmm11
+.byte	102,15,56,220,249
+	movups	-64(%rcx),%xmm1
+
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,220,208
+	paddd	%xmm9,%xmm9
+	pxor	%xmm15,%xmm10
+.byte	102,15,56,220,216
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	pand	%xmm8,%xmm14
+	movaps	%xmm11,%xmm12
+.byte	102,15,56,220,240
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,220,248
+	movups	-48(%rcx),%xmm0
+
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,220,209
+	pxor	%xmm15,%xmm11
+	psrad	$31,%xmm14
+.byte	102,15,56,220,217
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movdqa	%xmm13,48(%rsp)
+	pxor	%xmm14,%xmm15
+.byte	102,15,56,220,241
+	movaps	%xmm12,%xmm13
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,220,249
+	movups	-32(%rcx),%xmm1
+
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,220,208
+	pxor	%xmm15,%xmm12
+	psrad	$31,%xmm14
+.byte	102,15,56,220,216
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+	pxor	%xmm14,%xmm15
+	movaps	%xmm13,%xmm14
+.byte	102,15,56,220,248
+
+	movdqa	%xmm9,%xmm0
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,220,209
+	pxor	%xmm15,%xmm13
+	psrad	$31,%xmm0
+.byte	102,15,56,220,217
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm0
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	pxor	%xmm0,%xmm15
+	movups	(%rbp),%xmm0
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	16(%rbp),%xmm1
+
+	pxor	%xmm15,%xmm14
+.byte	102,15,56,221,84,36,0
+	psrad	$31,%xmm9
+	paddq	%xmm15,%xmm15
+.byte	102,15,56,221,92,36,16
+.byte	102,15,56,221,100,36,32
+	pand	%xmm8,%xmm9
+	movq	%r10,%rax
+.byte	102,15,56,221,108,36,48
+.byte	102,15,56,221,116,36,64
+.byte	102,15,56,221,124,36,80
+	pxor	%xmm9,%xmm15
+
+	leaq	96(%rsi),%rsi
+	movups	%xmm2,-96(%rsi)
+	movups	%xmm3,-80(%rsi)
+	movups	%xmm4,-64(%rsi)
+	movups	%xmm5,-48(%rsi)
+	movups	%xmm6,-32(%rsi)
+	movups	%xmm7,-16(%rsi)
+	subq	$96,%rdx
+	jnc	.Lxts_enc_grandloop
+
+	movl	$16+96,%eax
+	subl	%r10d,%eax
+	movq	%rbp,%rcx
+	shrl	$4,%eax
+
+.Lxts_enc_short:
+
+	movl	%eax,%r10d
+	pxor	%xmm0,%xmm10
+	addq	$96,%rdx
+	jz	.Lxts_enc_done
+
+	pxor	%xmm0,%xmm11
+	cmpq	$0x20,%rdx
+	jb	.Lxts_enc_one
+	pxor	%xmm0,%xmm12
+	je	.Lxts_enc_two
+
+	pxor	%xmm0,%xmm13
+	cmpq	$0x40,%rdx
+	jb	.Lxts_enc_three
+	pxor	%xmm0,%xmm14
+	je	.Lxts_enc_four
+
+	movdqu	(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	pxor	%xmm10,%xmm2
+	movdqu	48(%rdi),%xmm5
+	pxor	%xmm11,%xmm3
+	movdqu	64(%rdi),%xmm6
+	leaq	80(%rdi),%rdi
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm5
+	pxor	%xmm14,%xmm6
+	pxor	%xmm7,%xmm7
+
+	call	_aesni_encrypt6
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm15,%xmm10
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	movdqu	%xmm2,(%rsi)
+	xorps	%xmm13,%xmm5
+	movdqu	%xmm3,16(%rsi)
+	xorps	%xmm14,%xmm6
+	movdqu	%xmm4,32(%rsi)
+	movdqu	%xmm5,48(%rsi)
+	movdqu	%xmm6,64(%rsi)
+	leaq	80(%rsi),%rsi
+	jmp	.Lxts_enc_done
+
+.align	16
+.Lxts_enc_one:
+	movups	(%rdi),%xmm2
+	leaq	16(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_enc1_9:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_enc1_9
+.byte	102,15,56,221,209
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm11,%xmm10
+	movups	%xmm2,(%rsi)
+	leaq	16(%rsi),%rsi
+	jmp	.Lxts_enc_done
+
+.align	16
+.Lxts_enc_two:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	leaq	32(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+
+	call	_aesni_encrypt2
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm12,%xmm10
+	xorps	%xmm11,%xmm3
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	leaq	32(%rsi),%rsi
+	jmp	.Lxts_enc_done
+
+.align	16
+.Lxts_enc_three:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	movups	32(%rdi),%xmm4
+	leaq	48(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+
+	call	_aesni_encrypt3
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm13,%xmm10
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	leaq	48(%rsi),%rsi
+	jmp	.Lxts_enc_done
+
+.align	16
+.Lxts_enc_four:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	movups	32(%rdi),%xmm4
+	xorps	%xmm10,%xmm2
+	movups	48(%rdi),%xmm5
+	leaq	64(%rdi),%rdi
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	xorps	%xmm13,%xmm5
+
+	call	_aesni_encrypt4
+
+	pxor	%xmm10,%xmm2
+	movdqa	%xmm14,%xmm10
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm3,16(%rsi)
+	movdqu	%xmm4,32(%rsi)
+	movdqu	%xmm5,48(%rsi)
+	leaq	64(%rsi),%rsi
+	jmp	.Lxts_enc_done
+
+.align	16
+.Lxts_enc_done:
+	andq	$15,%r9
+	jz	.Lxts_enc_ret
+	movq	%r9,%rdx
+
+.Lxts_enc_steal:
+	movzbl	(%rdi),%eax
+	movzbl	-16(%rsi),%ecx
+	leaq	1(%rdi),%rdi
+	movb	%al,-16(%rsi)
+	movb	%cl,0(%rsi)
+	leaq	1(%rsi),%rsi
+	subq	$1,%rdx
+	jnz	.Lxts_enc_steal
+
+	subq	%r9,%rsi
+	movq	%rbp,%rcx
+	movl	%r10d,%eax
+
+	movups	-16(%rsi),%xmm2
+	xorps	%xmm10,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_enc1_10:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_enc1_10
+.byte	102,15,56,221,209
+	xorps	%xmm10,%xmm2
+	movups	%xmm2,-16(%rsi)
+
+.Lxts_enc_ret:
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	movaps	%xmm0,0(%rsp)
+	pxor	%xmm8,%xmm8
+	movaps	%xmm0,16(%rsp)
+	pxor	%xmm9,%xmm9
+	movaps	%xmm0,32(%rsp)
+	pxor	%xmm10,%xmm10
+	movaps	%xmm0,48(%rsp)
+	pxor	%xmm11,%xmm11
+	movaps	%xmm0,64(%rsp)
+	pxor	%xmm12,%xmm12
+	movaps	%xmm0,80(%rsp)
+	pxor	%xmm13,%xmm13
+	movaps	%xmm0,96(%rsp)
+	pxor	%xmm14,%xmm14
+	pxor	%xmm15,%xmm15
+	movq	-8(%r11),%rbp
+.cfi_restore	%rbp
+	leaq	(%r11),%rsp
+.cfi_def_cfa_register	%rsp
+.Lxts_enc_epilogue:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	aesni_xts_encrypt,.-aesni_xts_encrypt
+.globl	aesni_xts_decrypt
+.type	aesni_xts_decrypt,@function
+.align	16
+aesni_xts_decrypt:
+.cfi_startproc	
+	leaq	(%rsp),%r11
+.cfi_def_cfa_register	%r11
+	pushq	%rbp
+.cfi_offset	%rbp,-16
+	subq	$112,%rsp
+	andq	$-16,%rsp
+	movups	(%r9),%xmm2
+	movl	240(%r8),%eax
+	movl	240(%rcx),%r10d
+	movups	(%r8),%xmm0
+	movups	16(%r8),%xmm1
+	leaq	32(%r8),%r8
+	xorps	%xmm0,%xmm2
+.Loop_enc1_11:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%r8),%xmm1
+	leaq	16(%r8),%r8
+	jnz	.Loop_enc1_11
+.byte	102,15,56,221,209
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	setnz	%al
+	shlq	$4,%rax
+	subq	%rax,%rdx
+
+	movups	(%rcx),%xmm0
+	movq	%rcx,%rbp
+	movl	%r10d,%eax
+	shll	$4,%r10d
+	movq	%rdx,%r9
+	andq	$-16,%rdx
+
+	movups	16(%rcx,%r10,1),%xmm1
+
+	movdqa	.Lxts_magic(%rip),%xmm8
+	movdqa	%xmm2,%xmm15
+	pshufd	$0x5f,%xmm2,%xmm9
+	pxor	%xmm0,%xmm1
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm10
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm10
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm11
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm11
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm12
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm12
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm13
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm13
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm15,%xmm14
+	psrad	$31,%xmm9
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm9
+	pxor	%xmm0,%xmm14
+	pxor	%xmm9,%xmm15
+	movaps	%xmm1,96(%rsp)
+
+	subq	$96,%rdx
+	jc	.Lxts_dec_short
+
+	movl	$16+96,%eax
+	leaq	32(%rbp,%r10,1),%rcx
+	subq	%r10,%rax
+	movups	16(%rbp),%xmm1
+	movq	%rax,%r10
+	leaq	.Lxts_magic(%rip),%r8
+	jmp	.Lxts_dec_grandloop
+
+.align	32
+.Lxts_dec_grandloop:
+	movdqu	0(%rdi),%xmm2
+	movdqa	%xmm0,%xmm8
+	movdqu	16(%rdi),%xmm3
+	pxor	%xmm10,%xmm2
+	movdqu	32(%rdi),%xmm4
+	pxor	%xmm11,%xmm3
+.byte	102,15,56,222,209
+	movdqu	48(%rdi),%xmm5
+	pxor	%xmm12,%xmm4
+.byte	102,15,56,222,217
+	movdqu	64(%rdi),%xmm6
+	pxor	%xmm13,%xmm5
+.byte	102,15,56,222,225
+	movdqu	80(%rdi),%xmm7
+	pxor	%xmm15,%xmm8
+	movdqa	96(%rsp),%xmm9
+	pxor	%xmm14,%xmm6
+.byte	102,15,56,222,233
+	movups	32(%rbp),%xmm0
+	leaq	96(%rdi),%rdi
+	pxor	%xmm8,%xmm7
+
+	pxor	%xmm9,%xmm10
+.byte	102,15,56,222,241
+	pxor	%xmm9,%xmm11
+	movdqa	%xmm10,0(%rsp)
+.byte	102,15,56,222,249
+	movups	48(%rbp),%xmm1
+	pxor	%xmm9,%xmm12
+
+.byte	102,15,56,222,208
+	pxor	%xmm9,%xmm13
+	movdqa	%xmm11,16(%rsp)
+.byte	102,15,56,222,216
+	pxor	%xmm9,%xmm14
+	movdqa	%xmm12,32(%rsp)
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	pxor	%xmm9,%xmm8
+	movdqa	%xmm14,64(%rsp)
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	64(%rbp),%xmm0
+	movdqa	%xmm8,80(%rsp)
+	pshufd	$0x5f,%xmm15,%xmm9
+	jmp	.Lxts_dec_loop6
+.align	32
+.Lxts_dec_loop6:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	-64(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	-80(%rcx,%rax,1),%xmm0
+	jnz	.Lxts_dec_loop6
+
+	movdqa	(%r8),%xmm8
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,222,209
+	paddq	%xmm15,%xmm15
+	psrad	$31,%xmm14
+.byte	102,15,56,222,217
+	pand	%xmm8,%xmm14
+	movups	(%rbp),%xmm10
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+	pxor	%xmm14,%xmm15
+	movaps	%xmm10,%xmm11
+.byte	102,15,56,222,249
+	movups	-64(%rcx),%xmm1
+
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,222,208
+	paddd	%xmm9,%xmm9
+	pxor	%xmm15,%xmm10
+.byte	102,15,56,222,216
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	pand	%xmm8,%xmm14
+	movaps	%xmm11,%xmm12
+.byte	102,15,56,222,240
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,222,248
+	movups	-48(%rcx),%xmm0
+
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,222,209
+	pxor	%xmm15,%xmm11
+	psrad	$31,%xmm14
+.byte	102,15,56,222,217
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movdqa	%xmm13,48(%rsp)
+	pxor	%xmm14,%xmm15
+.byte	102,15,56,222,241
+	movaps	%xmm12,%xmm13
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,222,249
+	movups	-32(%rcx),%xmm1
+
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,222,208
+	pxor	%xmm15,%xmm12
+	psrad	$31,%xmm14
+.byte	102,15,56,222,216
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+	pxor	%xmm14,%xmm15
+	movaps	%xmm13,%xmm14
+.byte	102,15,56,222,248
+
+	movdqa	%xmm9,%xmm0
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,222,209
+	pxor	%xmm15,%xmm13
+	psrad	$31,%xmm0
+.byte	102,15,56,222,217
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm0
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	pxor	%xmm0,%xmm15
+	movups	(%rbp),%xmm0
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	16(%rbp),%xmm1
+
+	pxor	%xmm15,%xmm14
+.byte	102,15,56,223,84,36,0
+	psrad	$31,%xmm9
+	paddq	%xmm15,%xmm15
+.byte	102,15,56,223,92,36,16
+.byte	102,15,56,223,100,36,32
+	pand	%xmm8,%xmm9
+	movq	%r10,%rax
+.byte	102,15,56,223,108,36,48
+.byte	102,15,56,223,116,36,64
+.byte	102,15,56,223,124,36,80
+	pxor	%xmm9,%xmm15
+
+	leaq	96(%rsi),%rsi
+	movups	%xmm2,-96(%rsi)
+	movups	%xmm3,-80(%rsi)
+	movups	%xmm4,-64(%rsi)
+	movups	%xmm5,-48(%rsi)
+	movups	%xmm6,-32(%rsi)
+	movups	%xmm7,-16(%rsi)
+	subq	$96,%rdx
+	jnc	.Lxts_dec_grandloop
+
+	movl	$16+96,%eax
+	subl	%r10d,%eax
+	movq	%rbp,%rcx
+	shrl	$4,%eax
+
+.Lxts_dec_short:
+
+	movl	%eax,%r10d
+	pxor	%xmm0,%xmm10
+	pxor	%xmm0,%xmm11
+	addq	$96,%rdx
+	jz	.Lxts_dec_done
+
+	pxor	%xmm0,%xmm12
+	cmpq	$0x20,%rdx
+	jb	.Lxts_dec_one
+	pxor	%xmm0,%xmm13
+	je	.Lxts_dec_two
+
+	pxor	%xmm0,%xmm14
+	cmpq	$0x40,%rdx
+	jb	.Lxts_dec_three
+	je	.Lxts_dec_four
+
+	movdqu	(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	pxor	%xmm10,%xmm2
+	movdqu	48(%rdi),%xmm5
+	pxor	%xmm11,%xmm3
+	movdqu	64(%rdi),%xmm6
+	leaq	80(%rdi),%rdi
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm5
+	pxor	%xmm14,%xmm6
+
+	call	_aesni_decrypt6
+
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	movdqu	%xmm2,(%rsi)
+	xorps	%xmm13,%xmm5
+	movdqu	%xmm3,16(%rsi)
+	xorps	%xmm14,%xmm6
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm14,%xmm14
+	movdqu	%xmm5,48(%rsi)
+	pcmpgtd	%xmm15,%xmm14
+	movdqu	%xmm6,64(%rsi)
+	leaq	80(%rsi),%rsi
+	pshufd	$0x13,%xmm14,%xmm11
+	andq	$15,%r9
+	jz	.Lxts_dec_ret
+
+	movdqa	%xmm15,%xmm10
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm11
+	pxor	%xmm15,%xmm11
+	jmp	.Lxts_dec_done2
+
+.align	16
+.Lxts_dec_one:
+	movups	(%rdi),%xmm2
+	leaq	16(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_dec1_12:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_dec1_12
+.byte	102,15,56,223,209
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm11,%xmm10
+	movups	%xmm2,(%rsi)
+	movdqa	%xmm12,%xmm11
+	leaq	16(%rsi),%rsi
+	jmp	.Lxts_dec_done
+
+.align	16
+.Lxts_dec_two:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	leaq	32(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+
+	call	_aesni_decrypt2
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm12,%xmm10
+	xorps	%xmm11,%xmm3
+	movdqa	%xmm13,%xmm11
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	leaq	32(%rsi),%rsi
+	jmp	.Lxts_dec_done
+
+.align	16
+.Lxts_dec_three:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	movups	32(%rdi),%xmm4
+	leaq	48(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+
+	call	_aesni_decrypt3
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm13,%xmm10
+	xorps	%xmm11,%xmm3
+	movdqa	%xmm14,%xmm11
+	xorps	%xmm12,%xmm4
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	leaq	48(%rsi),%rsi
+	jmp	.Lxts_dec_done
+
+.align	16
+.Lxts_dec_four:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	movups	32(%rdi),%xmm4
+	xorps	%xmm10,%xmm2
+	movups	48(%rdi),%xmm5
+	leaq	64(%rdi),%rdi
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	xorps	%xmm13,%xmm5
+
+	call	_aesni_decrypt4
+
+	pxor	%xmm10,%xmm2
+	movdqa	%xmm14,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqa	%xmm15,%xmm11
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm3,16(%rsi)
+	movdqu	%xmm4,32(%rsi)
+	movdqu	%xmm5,48(%rsi)
+	leaq	64(%rsi),%rsi
+	jmp	.Lxts_dec_done
+
+.align	16
+.Lxts_dec_done:
+	andq	$15,%r9
+	jz	.Lxts_dec_ret
+.Lxts_dec_done2:
+	movq	%r9,%rdx
+	movq	%rbp,%rcx
+	movl	%r10d,%eax
+
+	movups	(%rdi),%xmm2
+	xorps	%xmm11,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_dec1_13:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_dec1_13
+.byte	102,15,56,223,209
+	xorps	%xmm11,%xmm2
+	movups	%xmm2,(%rsi)
+
+.Lxts_dec_steal:
+	movzbl	16(%rdi),%eax
+	movzbl	(%rsi),%ecx
+	leaq	1(%rdi),%rdi
+	movb	%al,(%rsi)
+	movb	%cl,16(%rsi)
+	leaq	1(%rsi),%rsi
+	subq	$1,%rdx
+	jnz	.Lxts_dec_steal
+
+	subq	%r9,%rsi
+	movq	%rbp,%rcx
+	movl	%r10d,%eax
+
+	movups	(%rsi),%xmm2
+	xorps	%xmm10,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_dec1_14:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_dec1_14
+.byte	102,15,56,223,209
+	xorps	%xmm10,%xmm2
+	movups	%xmm2,(%rsi)
+
+.Lxts_dec_ret:
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	movaps	%xmm0,0(%rsp)
+	pxor	%xmm8,%xmm8
+	movaps	%xmm0,16(%rsp)
+	pxor	%xmm9,%xmm9
+	movaps	%xmm0,32(%rsp)
+	pxor	%xmm10,%xmm10
+	movaps	%xmm0,48(%rsp)
+	pxor	%xmm11,%xmm11
+	movaps	%xmm0,64(%rsp)
+	pxor	%xmm12,%xmm12
+	movaps	%xmm0,80(%rsp)
+	pxor	%xmm13,%xmm13
+	movaps	%xmm0,96(%rsp)
+	pxor	%xmm14,%xmm14
+	pxor	%xmm15,%xmm15
+	movq	-8(%r11),%rbp
+.cfi_restore	%rbp
+	leaq	(%r11),%rsp
+.cfi_def_cfa_register	%rsp
+.Lxts_dec_epilogue:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	aesni_xts_decrypt,.-aesni_xts_decrypt
+.globl	aesni_ocb_encrypt
+.type	aesni_ocb_encrypt,@function
+.align	32
+aesni_ocb_encrypt:
+.cfi_startproc	
+	leaq	(%rsp),%rax
+	pushq	%rbx
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%r14,-48
+	movq	8(%rax),%rbx
+	movq	8+8(%rax),%rbp
+
+	movl	240(%rcx),%r10d
+	movq	%rcx,%r11
+	shll	$4,%r10d
+	movups	(%rcx),%xmm9
+	movups	16(%rcx,%r10,1),%xmm1
+
+	movdqu	(%r9),%xmm15
+	pxor	%xmm1,%xmm9
+	pxor	%xmm1,%xmm15
+
+	movl	$16+32,%eax
+	leaq	32(%r11,%r10,1),%rcx
+	movups	16(%r11),%xmm1
+	subq	%r10,%rax
+	movq	%rax,%r10
+
+	movdqu	(%rbx),%xmm10
+	movdqu	(%rbp),%xmm8
+
+	testq	$1,%r8
+	jnz	.Locb_enc_odd
+
+	bsfq	%r8,%r12
+	addq	$1,%r8
+	shlq	$4,%r12
+	movdqu	(%rbx,%r12,1),%xmm7
+	movdqu	(%rdi),%xmm2
+	leaq	16(%rdi),%rdi
+
+	call	__ocb_encrypt1
+
+	movdqa	%xmm7,%xmm15
+	movups	%xmm2,(%rsi)
+	leaq	16(%rsi),%rsi
+	subq	$1,%rdx
+	jz	.Locb_enc_done
+
+.Locb_enc_odd:
+	leaq	1(%r8),%r12
+	leaq	3(%r8),%r13
+	leaq	5(%r8),%r14
+	leaq	6(%r8),%r8
+	bsfq	%r12,%r12
+	bsfq	%r13,%r13
+	bsfq	%r14,%r14
+	shlq	$4,%r12
+	shlq	$4,%r13
+	shlq	$4,%r14
+
+	subq	$6,%rdx
+	jc	.Locb_enc_short
+	jmp	.Locb_enc_grandloop
+
+.align	32
+.Locb_enc_grandloop:
+	movdqu	0(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	movdqu	48(%rdi),%xmm5
+	movdqu	64(%rdi),%xmm6
+	movdqu	80(%rdi),%xmm7
+	leaq	96(%rdi),%rdi
+
+	call	__ocb_encrypt6
+
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	movups	%xmm7,80(%rsi)
+	leaq	96(%rsi),%rsi
+	subq	$6,%rdx
+	jnc	.Locb_enc_grandloop
+
+.Locb_enc_short:
+	addq	$6,%rdx
+	jz	.Locb_enc_done
+
+	movdqu	0(%rdi),%xmm2
+	cmpq	$2,%rdx
+	jb	.Locb_enc_one
+	movdqu	16(%rdi),%xmm3
+	je	.Locb_enc_two
+
+	movdqu	32(%rdi),%xmm4
+	cmpq	$4,%rdx
+	jb	.Locb_enc_three
+	movdqu	48(%rdi),%xmm5
+	je	.Locb_enc_four
+
+	movdqu	64(%rdi),%xmm6
+	pxor	%xmm7,%xmm7
+
+	call	__ocb_encrypt6
+
+	movdqa	%xmm14,%xmm15
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+
+	jmp	.Locb_enc_done
+
+.align	16
+.Locb_enc_one:
+	movdqa	%xmm10,%xmm7
+
+	call	__ocb_encrypt1
+
+	movdqa	%xmm7,%xmm15
+	movups	%xmm2,0(%rsi)
+	jmp	.Locb_enc_done
+
+.align	16
+.Locb_enc_two:
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+
+	call	__ocb_encrypt4
+
+	movdqa	%xmm11,%xmm15
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+
+	jmp	.Locb_enc_done
+
+.align	16
+.Locb_enc_three:
+	pxor	%xmm5,%xmm5
+
+	call	__ocb_encrypt4
+
+	movdqa	%xmm12,%xmm15
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+
+	jmp	.Locb_enc_done
+
+.align	16
+.Locb_enc_four:
+	call	__ocb_encrypt4
+
+	movdqa	%xmm13,%xmm15
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+
+.Locb_enc_done:
+	pxor	%xmm0,%xmm15
+	movdqu	%xmm8,(%rbp)
+	movdqu	%xmm15,(%r9)
+
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	pxor	%xmm8,%xmm8
+	pxor	%xmm9,%xmm9
+	pxor	%xmm10,%xmm10
+	pxor	%xmm11,%xmm11
+	pxor	%xmm12,%xmm12
+	pxor	%xmm13,%xmm13
+	pxor	%xmm14,%xmm14
+	pxor	%xmm15,%xmm15
+	leaq	40(%rsp),%rax
+.cfi_def_cfa	%rax,8
+	movq	-40(%rax),%r14
+.cfi_restore	%r14
+	movq	-32(%rax),%r13
+.cfi_restore	%r13
+	movq	-24(%rax),%r12
+.cfi_restore	%r12
+	movq	-16(%rax),%rbp
+.cfi_restore	%rbp
+	movq	-8(%rax),%rbx
+.cfi_restore	%rbx
+	leaq	(%rax),%rsp
+.cfi_def_cfa_register	%rsp
+.Locb_enc_epilogue:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	aesni_ocb_encrypt,.-aesni_ocb_encrypt
+
+.type	__ocb_encrypt6,@function
+.align	32
+__ocb_encrypt6:
+.cfi_startproc	
+	pxor	%xmm9,%xmm15
+	movdqu	(%rbx,%r12,1),%xmm11
+	movdqa	%xmm10,%xmm12
+	movdqu	(%rbx,%r13,1),%xmm13
+	movdqa	%xmm10,%xmm14
+	pxor	%xmm15,%xmm10
+	movdqu	(%rbx,%r14,1),%xmm15
+	pxor	%xmm10,%xmm11
+	pxor	%xmm2,%xmm8
+	pxor	%xmm10,%xmm2
+	pxor	%xmm11,%xmm12
+	pxor	%xmm3,%xmm8
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm13
+	pxor	%xmm4,%xmm8
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm14
+	pxor	%xmm5,%xmm8
+	pxor	%xmm13,%xmm5
+	pxor	%xmm14,%xmm15
+	pxor	%xmm6,%xmm8
+	pxor	%xmm14,%xmm6
+	pxor	%xmm7,%xmm8
+	pxor	%xmm15,%xmm7
+	movups	32(%r11),%xmm0
+
+	leaq	1(%r8),%r12
+	leaq	3(%r8),%r13
+	leaq	5(%r8),%r14
+	addq	$6,%r8
+	pxor	%xmm9,%xmm10
+	bsfq	%r12,%r12
+	bsfq	%r13,%r13
+	bsfq	%r14,%r14
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	pxor	%xmm9,%xmm11
+	pxor	%xmm9,%xmm12
+.byte	102,15,56,220,241
+	pxor	%xmm9,%xmm13
+	pxor	%xmm9,%xmm14
+.byte	102,15,56,220,249
+	movups	48(%r11),%xmm1
+	pxor	%xmm9,%xmm15
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	64(%r11),%xmm0
+	shlq	$4,%r12
+	shlq	$4,%r13
+	jmp	.Locb_enc_loop6
+
+.align	32
+.Locb_enc_loop6:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Locb_enc_loop6
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	16(%r11),%xmm1
+	shlq	$4,%r14
+
+.byte	102,65,15,56,221,210
+	movdqu	(%rbx),%xmm10
+	movq	%r10,%rax
+.byte	102,65,15,56,221,219
+.byte	102,65,15,56,221,228
+.byte	102,65,15,56,221,237
+.byte	102,65,15,56,221,246
+.byte	102,65,15,56,221,255
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	__ocb_encrypt6,.-__ocb_encrypt6
+
+.type	__ocb_encrypt4,@function
+.align	32
+__ocb_encrypt4:
+.cfi_startproc	
+	pxor	%xmm9,%xmm15
+	movdqu	(%rbx,%r12,1),%xmm11
+	movdqa	%xmm10,%xmm12
+	movdqu	(%rbx,%r13,1),%xmm13
+	pxor	%xmm15,%xmm10
+	pxor	%xmm10,%xmm11
+	pxor	%xmm2,%xmm8
+	pxor	%xmm10,%xmm2
+	pxor	%xmm11,%xmm12
+	pxor	%xmm3,%xmm8
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm13
+	pxor	%xmm4,%xmm8
+	pxor	%xmm12,%xmm4
+	pxor	%xmm5,%xmm8
+	pxor	%xmm13,%xmm5
+	movups	32(%r11),%xmm0
+
+	pxor	%xmm9,%xmm10
+	pxor	%xmm9,%xmm11
+	pxor	%xmm9,%xmm12
+	pxor	%xmm9,%xmm13
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	48(%r11),%xmm1
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movups	64(%r11),%xmm0
+	jmp	.Locb_enc_loop4
+
+.align	32
+.Locb_enc_loop4:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Locb_enc_loop4
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	16(%r11),%xmm1
+	movq	%r10,%rax
+
+.byte	102,65,15,56,221,210
+.byte	102,65,15,56,221,219
+.byte	102,65,15,56,221,228
+.byte	102,65,15,56,221,237
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	__ocb_encrypt4,.-__ocb_encrypt4
+
+.type	__ocb_encrypt1,@function
+.align	32
+__ocb_encrypt1:
+.cfi_startproc	
+	pxor	%xmm15,%xmm7
+	pxor	%xmm9,%xmm7
+	pxor	%xmm2,%xmm8
+	pxor	%xmm7,%xmm2
+	movups	32(%r11),%xmm0
+
+.byte	102,15,56,220,209
+	movups	48(%r11),%xmm1
+	pxor	%xmm9,%xmm7
+
+.byte	102,15,56,220,208
+	movups	64(%r11),%xmm0
+	jmp	.Locb_enc_loop1
+
+.align	32
+.Locb_enc_loop1:
+.byte	102,15,56,220,209
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,220,208
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Locb_enc_loop1
+
+.byte	102,15,56,220,209
+	movups	16(%r11),%xmm1
+	movq	%r10,%rax
+
+.byte	102,15,56,221,215
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	__ocb_encrypt1,.-__ocb_encrypt1
+
+.globl	aesni_ocb_decrypt
+.type	aesni_ocb_decrypt,@function
+.align	32
+aesni_ocb_decrypt:
+.cfi_startproc	
+	leaq	(%rsp),%rax
+	pushq	%rbx
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%r14,-48
+	movq	8(%rax),%rbx
+	movq	8+8(%rax),%rbp
+
+	movl	240(%rcx),%r10d
+	movq	%rcx,%r11
+	shll	$4,%r10d
+	movups	(%rcx),%xmm9
+	movups	16(%rcx,%r10,1),%xmm1
+
+	movdqu	(%r9),%xmm15
+	pxor	%xmm1,%xmm9
+	pxor	%xmm1,%xmm15
+
+	movl	$16+32,%eax
+	leaq	32(%r11,%r10,1),%rcx
+	movups	16(%r11),%xmm1
+	subq	%r10,%rax
+	movq	%rax,%r10
+
+	movdqu	(%rbx),%xmm10
+	movdqu	(%rbp),%xmm8
+
+	testq	$1,%r8
+	jnz	.Locb_dec_odd
+
+	bsfq	%r8,%r12
+	addq	$1,%r8
+	shlq	$4,%r12
+	movdqu	(%rbx,%r12,1),%xmm7
+	movdqu	(%rdi),%xmm2
+	leaq	16(%rdi),%rdi
+
+	call	__ocb_decrypt1
+
+	movdqa	%xmm7,%xmm15
+	movups	%xmm2,(%rsi)
+	xorps	%xmm2,%xmm8
+	leaq	16(%rsi),%rsi
+	subq	$1,%rdx
+	jz	.Locb_dec_done
+
+.Locb_dec_odd:
+	leaq	1(%r8),%r12
+	leaq	3(%r8),%r13
+	leaq	5(%r8),%r14
+	leaq	6(%r8),%r8
+	bsfq	%r12,%r12
+	bsfq	%r13,%r13
+	bsfq	%r14,%r14
+	shlq	$4,%r12
+	shlq	$4,%r13
+	shlq	$4,%r14
+
+	subq	$6,%rdx
+	jc	.Locb_dec_short
+	jmp	.Locb_dec_grandloop
+
+.align	32
+.Locb_dec_grandloop:
+	movdqu	0(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	movdqu	48(%rdi),%xmm5
+	movdqu	64(%rdi),%xmm6
+	movdqu	80(%rdi),%xmm7
+	leaq	96(%rdi),%rdi
+
+	call	__ocb_decrypt6
+
+	movups	%xmm2,0(%rsi)
+	pxor	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm8
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm8
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm8
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm8
+	movups	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm8
+	leaq	96(%rsi),%rsi
+	subq	$6,%rdx
+	jnc	.Locb_dec_grandloop
+
+.Locb_dec_short:
+	addq	$6,%rdx
+	jz	.Locb_dec_done
+
+	movdqu	0(%rdi),%xmm2
+	cmpq	$2,%rdx
+	jb	.Locb_dec_one
+	movdqu	16(%rdi),%xmm3
+	je	.Locb_dec_two
+
+	movdqu	32(%rdi),%xmm4
+	cmpq	$4,%rdx
+	jb	.Locb_dec_three
+	movdqu	48(%rdi),%xmm5
+	je	.Locb_dec_four
+
+	movdqu	64(%rdi),%xmm6
+	pxor	%xmm7,%xmm7
+
+	call	__ocb_decrypt6
+
+	movdqa	%xmm14,%xmm15
+	movups	%xmm2,0(%rsi)
+	pxor	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm8
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm8
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm8
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm8
+
+	jmp	.Locb_dec_done
+
+.align	16
+.Locb_dec_one:
+	movdqa	%xmm10,%xmm7
+
+	call	__ocb_decrypt1
+
+	movdqa	%xmm7,%xmm15
+	movups	%xmm2,0(%rsi)
+	xorps	%xmm2,%xmm8
+	jmp	.Locb_dec_done
+
+.align	16
+.Locb_dec_two:
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+
+	call	__ocb_decrypt4
+
+	movdqa	%xmm11,%xmm15
+	movups	%xmm2,0(%rsi)
+	xorps	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	xorps	%xmm3,%xmm8
+
+	jmp	.Locb_dec_done
+
+.align	16
+.Locb_dec_three:
+	pxor	%xmm5,%xmm5
+
+	call	__ocb_decrypt4
+
+	movdqa	%xmm12,%xmm15
+	movups	%xmm2,0(%rsi)
+	xorps	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	xorps	%xmm3,%xmm8
+	movups	%xmm4,32(%rsi)
+	xorps	%xmm4,%xmm8
+
+	jmp	.Locb_dec_done
+
+.align	16
+.Locb_dec_four:
+	call	__ocb_decrypt4
+
+	movdqa	%xmm13,%xmm15
+	movups	%xmm2,0(%rsi)
+	pxor	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm8
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm8
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm8
+
+.Locb_dec_done:
+	pxor	%xmm0,%xmm15
+	movdqu	%xmm8,(%rbp)
+	movdqu	%xmm15,(%r9)
+
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	pxor	%xmm8,%xmm8
+	pxor	%xmm9,%xmm9
+	pxor	%xmm10,%xmm10
+	pxor	%xmm11,%xmm11
+	pxor	%xmm12,%xmm12
+	pxor	%xmm13,%xmm13
+	pxor	%xmm14,%xmm14
+	pxor	%xmm15,%xmm15
+	leaq	40(%rsp),%rax
+.cfi_def_cfa	%rax,8
+	movq	-40(%rax),%r14
+.cfi_restore	%r14
+	movq	-32(%rax),%r13
+.cfi_restore	%r13
+	movq	-24(%rax),%r12
+.cfi_restore	%r12
+	movq	-16(%rax),%rbp
+.cfi_restore	%rbp
+	movq	-8(%rax),%rbx
+.cfi_restore	%rbx
+	leaq	(%rax),%rsp
+.cfi_def_cfa_register	%rsp
+.Locb_dec_epilogue:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	aesni_ocb_decrypt,.-aesni_ocb_decrypt
+
+.type	__ocb_decrypt6,@function
+.align	32
+__ocb_decrypt6:
+.cfi_startproc	
+	pxor	%xmm9,%xmm15
+	movdqu	(%rbx,%r12,1),%xmm11
+	movdqa	%xmm10,%xmm12
+	movdqu	(%rbx,%r13,1),%xmm13
+	movdqa	%xmm10,%xmm14
+	pxor	%xmm15,%xmm10
+	movdqu	(%rbx,%r14,1),%xmm15
+	pxor	%xmm10,%xmm11
+	pxor	%xmm10,%xmm2
+	pxor	%xmm11,%xmm12
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm13
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm14
+	pxor	%xmm13,%xmm5
+	pxor	%xmm14,%xmm15
+	pxor	%xmm14,%xmm6
+	pxor	%xmm15,%xmm7
+	movups	32(%r11),%xmm0
+
+	leaq	1(%r8),%r12
+	leaq	3(%r8),%r13
+	leaq	5(%r8),%r14
+	addq	$6,%r8
+	pxor	%xmm9,%xmm10
+	bsfq	%r12,%r12
+	bsfq	%r13,%r13
+	bsfq	%r14,%r14
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	pxor	%xmm9,%xmm11
+	pxor	%xmm9,%xmm12
+.byte	102,15,56,222,241
+	pxor	%xmm9,%xmm13
+	pxor	%xmm9,%xmm14
+.byte	102,15,56,222,249
+	movups	48(%r11),%xmm1
+	pxor	%xmm9,%xmm15
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	64(%r11),%xmm0
+	shlq	$4,%r12
+	shlq	$4,%r13
+	jmp	.Locb_dec_loop6
+
+.align	32
+.Locb_dec_loop6:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Locb_dec_loop6
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	16(%r11),%xmm1
+	shlq	$4,%r14
+
+.byte	102,65,15,56,223,210
+	movdqu	(%rbx),%xmm10
+	movq	%r10,%rax
+.byte	102,65,15,56,223,219
+.byte	102,65,15,56,223,228
+.byte	102,65,15,56,223,237
+.byte	102,65,15,56,223,246
+.byte	102,65,15,56,223,255
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	__ocb_decrypt6,.-__ocb_decrypt6
+
+.type	__ocb_decrypt4,@function
+.align	32
+__ocb_decrypt4:
+.cfi_startproc	
+	pxor	%xmm9,%xmm15
+	movdqu	(%rbx,%r12,1),%xmm11
+	movdqa	%xmm10,%xmm12
+	movdqu	(%rbx,%r13,1),%xmm13
+	pxor	%xmm15,%xmm10
+	pxor	%xmm10,%xmm11
+	pxor	%xmm10,%xmm2
+	pxor	%xmm11,%xmm12
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm13
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm5
+	movups	32(%r11),%xmm0
+
+	pxor	%xmm9,%xmm10
+	pxor	%xmm9,%xmm11
+	pxor	%xmm9,%xmm12
+	pxor	%xmm9,%xmm13
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	48(%r11),%xmm1
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	movups	64(%r11),%xmm0
+	jmp	.Locb_dec_loop4
+
+.align	32
+.Locb_dec_loop4:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Locb_dec_loop4
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	16(%r11),%xmm1
+	movq	%r10,%rax
+
+.byte	102,65,15,56,223,210
+.byte	102,65,15,56,223,219
+.byte	102,65,15,56,223,228
+.byte	102,65,15,56,223,237
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	__ocb_decrypt4,.-__ocb_decrypt4
+
+.type	__ocb_decrypt1,@function
+.align	32
+__ocb_decrypt1:
+.cfi_startproc	
+	pxor	%xmm15,%xmm7
+	pxor	%xmm9,%xmm7
+	pxor	%xmm7,%xmm2
+	movups	32(%r11),%xmm0
+
+.byte	102,15,56,222,209
+	movups	48(%r11),%xmm1
+	pxor	%xmm9,%xmm7
+
+.byte	102,15,56,222,208
+	movups	64(%r11),%xmm0
+	jmp	.Locb_dec_loop1
+
+.align	32
+.Locb_dec_loop1:
+.byte	102,15,56,222,209
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,222,208
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	.Locb_dec_loop1
+
+.byte	102,15,56,222,209
+	movups	16(%r11),%xmm1
+	movq	%r10,%rax
+
+.byte	102,15,56,223,215
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	__ocb_decrypt1,.-__ocb_decrypt1
+.globl	aesni_cbc_encrypt
+.type	aesni_cbc_encrypt,@function
+.align	16
+aesni_cbc_encrypt:
+.cfi_startproc	
+	testq	%rdx,%rdx
+	jz	.Lcbc_ret
+
+	movl	240(%rcx),%r10d
+	movq	%rcx,%r11
+	testl	%r9d,%r9d
+	jz	.Lcbc_decrypt
+
+	movups	(%r8),%xmm2
+	movl	%r10d,%eax
+	cmpq	$16,%rdx
+	jb	.Lcbc_enc_tail
+	subq	$16,%rdx
+	jmp	.Lcbc_enc_loop
+.align	16
+.Lcbc_enc_loop:
+	movups	(%rdi),%xmm3
+	leaq	16(%rdi),%rdi
+
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm3
+	leaq	32(%rcx),%rcx
+	xorps	%xmm3,%xmm2
+.Loop_enc1_15:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_enc1_15
+.byte	102,15,56,221,209
+	movl	%r10d,%eax
+	movq	%r11,%rcx
+	movups	%xmm2,0(%rsi)
+	leaq	16(%rsi),%rsi
+	subq	$16,%rdx
+	jnc	.Lcbc_enc_loop
+	addq	$16,%rdx
+	jnz	.Lcbc_enc_tail
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%r8)
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	jmp	.Lcbc_ret
+
+.Lcbc_enc_tail:
+	movq	%rdx,%rcx
+	xchgq	%rdi,%rsi
+.long	0x9066A4F3
+	movl	$16,%ecx
+	subq	%rdx,%rcx
+	xorl	%eax,%eax
+.long	0x9066AAF3
+	leaq	-16(%rdi),%rdi
+	movl	%r10d,%eax
+	movq	%rdi,%rsi
+	movq	%r11,%rcx
+	xorq	%rdx,%rdx
+	jmp	.Lcbc_enc_loop
+
+.align	16
+.Lcbc_decrypt:
+	cmpq	$16,%rdx
+	jne	.Lcbc_decrypt_bulk
+
+
+
+	movdqu	(%rdi),%xmm2
+	movdqu	(%r8),%xmm3
+	movdqa	%xmm2,%xmm4
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_dec1_16:
+.byte	102,15,56,222,209
+	decl	%r10d
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_dec1_16
+.byte	102,15,56,223,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movdqu	%xmm4,(%r8)
+	xorps	%xmm3,%xmm2
+	pxor	%xmm3,%xmm3
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	jmp	.Lcbc_ret
+.align	16
+.Lcbc_decrypt_bulk:
+	leaq	(%rsp),%r11
+.cfi_def_cfa_register	%r11
+	pushq	%rbp
+.cfi_offset	%rbp,-16
+	subq	$16,%rsp
+	andq	$-16,%rsp
+	movq	%rcx,%rbp
+	movups	(%r8),%xmm10
+	movl	%r10d,%eax
+	cmpq	$0x50,%rdx
+	jbe	.Lcbc_dec_tail
+
+	movups	(%rcx),%xmm0
+	movdqu	0(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqa	%xmm2,%xmm11
+	movdqu	32(%rdi),%xmm4
+	movdqa	%xmm3,%xmm12
+	movdqu	48(%rdi),%xmm5
+	movdqa	%xmm4,%xmm13
+	movdqu	64(%rdi),%xmm6
+	movdqa	%xmm5,%xmm14
+	movdqu	80(%rdi),%xmm7
+	movdqa	%xmm6,%xmm15
+	movl	GNUTLS_x86_cpuid_s+4(%rip),%r9d
+	cmpq	$0x70,%rdx
+	jbe	.Lcbc_dec_six_or_seven
+
+	andl	$71303168,%r9d
+	subq	$0x50,%rdx
+	cmpl	$4194304,%r9d
+	je	.Lcbc_dec_loop6_enter
+	subq	$0x20,%rdx
+	leaq	112(%rcx),%rcx
+	jmp	.Lcbc_dec_loop8_enter
+.align	16
+.Lcbc_dec_loop8:
+	movups	%xmm9,(%rsi)
+	leaq	16(%rsi),%rsi
+.Lcbc_dec_loop8_enter:
+	movdqu	96(%rdi),%xmm8
+	pxor	%xmm0,%xmm2
+	movdqu	112(%rdi),%xmm9
+	pxor	%xmm0,%xmm3
+	movups	16-112(%rcx),%xmm1
+	pxor	%xmm0,%xmm4
+	movq	$-1,%rbp
+	cmpq	$0x70,%rdx
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	pxor	%xmm0,%xmm7
+	pxor	%xmm0,%xmm8
+
+.byte	102,15,56,222,209
+	pxor	%xmm0,%xmm9
+	movups	32-112(%rcx),%xmm0
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+	adcq	$0,%rbp
+	andq	$128,%rbp
+.byte	102,68,15,56,222,201
+	addq	%rdi,%rbp
+	movups	48-112(%rcx),%xmm1
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	64-112(%rcx),%xmm0
+	nop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	80-112(%rcx),%xmm1
+	nop
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	96-112(%rcx),%xmm0
+	nop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	112-112(%rcx),%xmm1
+	nop
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	128-112(%rcx),%xmm0
+	nop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	144-112(%rcx),%xmm1
+	cmpl	$11,%eax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	160-112(%rcx),%xmm0
+	jb	.Lcbc_dec_done
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	176-112(%rcx),%xmm1
+	nop
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	192-112(%rcx),%xmm0
+	je	.Lcbc_dec_done
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	208-112(%rcx),%xmm1
+	nop
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	224-112(%rcx),%xmm0
+	jmp	.Lcbc_dec_done
+.align	16
+.Lcbc_dec_done:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+	pxor	%xmm0,%xmm10
+	pxor	%xmm0,%xmm11
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	pxor	%xmm0,%xmm12
+	pxor	%xmm0,%xmm13
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	pxor	%xmm0,%xmm14
+	pxor	%xmm0,%xmm15
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movdqu	80(%rdi),%xmm1
+
+.byte	102,65,15,56,223,210
+	movdqu	96(%rdi),%xmm10
+	pxor	%xmm0,%xmm1
+.byte	102,65,15,56,223,219
+	pxor	%xmm0,%xmm10
+	movdqu	112(%rdi),%xmm0
+.byte	102,65,15,56,223,228
+	leaq	128(%rdi),%rdi
+	movdqu	0(%rbp),%xmm11
+.byte	102,65,15,56,223,237
+.byte	102,65,15,56,223,246
+	movdqu	16(%rbp),%xmm12
+	movdqu	32(%rbp),%xmm13
+.byte	102,65,15,56,223,255
+.byte	102,68,15,56,223,193
+	movdqu	48(%rbp),%xmm14
+	movdqu	64(%rbp),%xmm15
+.byte	102,69,15,56,223,202
+	movdqa	%xmm0,%xmm10
+	movdqu	80(%rbp),%xmm1
+	movups	-112(%rcx),%xmm0
+
+	movups	%xmm2,(%rsi)
+	movdqa	%xmm11,%xmm2
+	movups	%xmm3,16(%rsi)
+	movdqa	%xmm12,%xmm3
+	movups	%xmm4,32(%rsi)
+	movdqa	%xmm13,%xmm4
+	movups	%xmm5,48(%rsi)
+	movdqa	%xmm14,%xmm5
+	movups	%xmm6,64(%rsi)
+	movdqa	%xmm15,%xmm6
+	movups	%xmm7,80(%rsi)
+	movdqa	%xmm1,%xmm7
+	movups	%xmm8,96(%rsi)
+	leaq	112(%rsi),%rsi
+
+	subq	$0x80,%rdx
+	ja	.Lcbc_dec_loop8
+
+	movaps	%xmm9,%xmm2
+	leaq	-112(%rcx),%rcx
+	addq	$0x70,%rdx
+	jle	.Lcbc_dec_clear_tail_collected
+	movups	%xmm9,(%rsi)
+	leaq	16(%rsi),%rsi
+	cmpq	$0x50,%rdx
+	jbe	.Lcbc_dec_tail
+
+	movaps	%xmm11,%xmm2
+.Lcbc_dec_six_or_seven:
+	cmpq	$0x60,%rdx
+	ja	.Lcbc_dec_seven
+
+	movaps	%xmm7,%xmm8
+	call	_aesni_decrypt6
+	pxor	%xmm10,%xmm2
+	movaps	%xmm8,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	pxor	%xmm14,%xmm6
+	movdqu	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	pxor	%xmm15,%xmm7
+	movdqu	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	leaq	80(%rsi),%rsi
+	movdqa	%xmm7,%xmm2
+	pxor	%xmm7,%xmm7
+	jmp	.Lcbc_dec_tail_collected
+
+.align	16
+.Lcbc_dec_seven:
+	movups	96(%rdi),%xmm8
+	xorps	%xmm9,%xmm9
+	call	_aesni_decrypt8
+	movups	80(%rdi),%xmm9
+	pxor	%xmm10,%xmm2
+	movups	96(%rdi),%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	pxor	%xmm14,%xmm6
+	movdqu	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	pxor	%xmm15,%xmm7
+	movdqu	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	pxor	%xmm9,%xmm8
+	movdqu	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm7
+	leaq	96(%rsi),%rsi
+	movdqa	%xmm8,%xmm2
+	pxor	%xmm8,%xmm8
+	pxor	%xmm9,%xmm9
+	jmp	.Lcbc_dec_tail_collected
+
+.align	16
+.Lcbc_dec_loop6:
+	movups	%xmm7,(%rsi)
+	leaq	16(%rsi),%rsi
+	movdqu	0(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqa	%xmm2,%xmm11
+	movdqu	32(%rdi),%xmm4
+	movdqa	%xmm3,%xmm12
+	movdqu	48(%rdi),%xmm5
+	movdqa	%xmm4,%xmm13
+	movdqu	64(%rdi),%xmm6
+	movdqa	%xmm5,%xmm14
+	movdqu	80(%rdi),%xmm7
+	movdqa	%xmm6,%xmm15
+.Lcbc_dec_loop6_enter:
+	leaq	96(%rdi),%rdi
+	movdqa	%xmm7,%xmm8
+
+	call	_aesni_decrypt6
+
+	pxor	%xmm10,%xmm2
+	movdqa	%xmm8,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm14,%xmm6
+	movq	%rbp,%rcx
+	movdqu	%xmm5,48(%rsi)
+	pxor	%xmm15,%xmm7
+	movl	%r10d,%eax
+	movdqu	%xmm6,64(%rsi)
+	leaq	80(%rsi),%rsi
+	subq	$0x60,%rdx
+	ja	.Lcbc_dec_loop6
+
+	movdqa	%xmm7,%xmm2
+	addq	$0x50,%rdx
+	jle	.Lcbc_dec_clear_tail_collected
+	movups	%xmm7,(%rsi)
+	leaq	16(%rsi),%rsi
+
+.Lcbc_dec_tail:
+	movups	(%rdi),%xmm2
+	subq	$0x10,%rdx
+	jbe	.Lcbc_dec_one
+
+	movups	16(%rdi),%xmm3
+	movaps	%xmm2,%xmm11
+	subq	$0x10,%rdx
+	jbe	.Lcbc_dec_two
+
+	movups	32(%rdi),%xmm4
+	movaps	%xmm3,%xmm12
+	subq	$0x10,%rdx
+	jbe	.Lcbc_dec_three
+
+	movups	48(%rdi),%xmm5
+	movaps	%xmm4,%xmm13
+	subq	$0x10,%rdx
+	jbe	.Lcbc_dec_four
+
+	movups	64(%rdi),%xmm6
+	movaps	%xmm5,%xmm14
+	movaps	%xmm6,%xmm15
+	xorps	%xmm7,%xmm7
+	call	_aesni_decrypt6
+	pxor	%xmm10,%xmm2
+	movaps	%xmm15,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	pxor	%xmm14,%xmm6
+	movdqu	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	leaq	64(%rsi),%rsi
+	movdqa	%xmm6,%xmm2
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	subq	$0x10,%rdx
+	jmp	.Lcbc_dec_tail_collected
+
+.align	16
+.Lcbc_dec_one:
+	movaps	%xmm2,%xmm11
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+.Loop_dec1_17:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	.Loop_dec1_17
+.byte	102,15,56,223,209
+	xorps	%xmm10,%xmm2
+	movaps	%xmm11,%xmm10
+	jmp	.Lcbc_dec_tail_collected
+.align	16
+.Lcbc_dec_two:
+	movaps	%xmm3,%xmm12
+	call	_aesni_decrypt2
+	pxor	%xmm10,%xmm2
+	movaps	%xmm12,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	movdqa	%xmm3,%xmm2
+	pxor	%xmm3,%xmm3
+	leaq	16(%rsi),%rsi
+	jmp	.Lcbc_dec_tail_collected
+.align	16
+.Lcbc_dec_three:
+	movaps	%xmm4,%xmm13
+	call	_aesni_decrypt3
+	pxor	%xmm10,%xmm2
+	movaps	%xmm13,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm4,%xmm2
+	pxor	%xmm4,%xmm4
+	leaq	32(%rsi),%rsi
+	jmp	.Lcbc_dec_tail_collected
+.align	16
+.Lcbc_dec_four:
+	movaps	%xmm5,%xmm14
+	call	_aesni_decrypt4
+	pxor	%xmm10,%xmm2
+	movaps	%xmm14,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm5,%xmm2
+	pxor	%xmm5,%xmm5
+	leaq	48(%rsi),%rsi
+	jmp	.Lcbc_dec_tail_collected
+
+.align	16
+.Lcbc_dec_clear_tail_collected:
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	pxor	%xmm8,%xmm8
+	pxor	%xmm9,%xmm9
+.Lcbc_dec_tail_collected:
+	movups	%xmm10,(%r8)
+	andq	$15,%rdx
+	jnz	.Lcbc_dec_tail_partial
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	jmp	.Lcbc_dec_ret
+.align	16
+.Lcbc_dec_tail_partial:
+	movaps	%xmm2,(%rsp)
+	pxor	%xmm2,%xmm2
+	movq	$16,%rcx
+	movq	%rsi,%rdi
+	subq	%rdx,%rcx
+	leaq	(%rsp),%rsi
+.long	0x9066A4F3
+	movdqa	%xmm2,(%rsp)
+
+.Lcbc_dec_ret:
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movq	-8(%r11),%rbp
+.cfi_restore	%rbp
+	leaq	(%r11),%rsp
+.cfi_def_cfa_register	%rsp
+.Lcbc_ret:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	aesni_cbc_encrypt,.-aesni_cbc_encrypt
+.globl	aesni_set_decrypt_key
+.type	aesni_set_decrypt_key,@function
+.align	16
+aesni_set_decrypt_key:
+.cfi_startproc	
+.byte	0x48,0x83,0xEC,0x08
+.cfi_adjust_cfa_offset	8
+	call	__aesni_set_encrypt_key
+	shll	$4,%esi
+	testl	%eax,%eax
+	jnz	.Ldec_key_ret
+	leaq	16(%rdx,%rsi,1),%rdi
+
+	movups	(%rdx),%xmm0
+	movups	(%rdi),%xmm1
+	movups	%xmm0,(%rdi)
+	movups	%xmm1,(%rdx)
+	leaq	16(%rdx),%rdx
+	leaq	-16(%rdi),%rdi
+
+.Ldec_key_inverse:
+	movups	(%rdx),%xmm0
+	movups	(%rdi),%xmm1
+.byte	102,15,56,219,192
+.byte	102,15,56,219,201
+	leaq	16(%rdx),%rdx
+	leaq	-16(%rdi),%rdi
+	movups	%xmm0,16(%rdi)
+	movups	%xmm1,-16(%rdx)
+	cmpq	%rdx,%rdi
+	ja	.Ldec_key_inverse
+
+	movups	(%rdx),%xmm0
+.byte	102,15,56,219,192
+	pxor	%xmm1,%xmm1
+	movups	%xmm0,(%rdi)
+	pxor	%xmm0,%xmm0
+.Ldec_key_ret:
+	addq	$8,%rsp
+.cfi_adjust_cfa_offset	-8
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.LSEH_end_set_decrypt_key:
+.size	aesni_set_decrypt_key,.-aesni_set_decrypt_key
+.globl	aesni_set_encrypt_key
+.type	aesni_set_encrypt_key,@function
+.align	16
+aesni_set_encrypt_key:
+__aesni_set_encrypt_key:
+.cfi_startproc	
+.byte	0x48,0x83,0xEC,0x08
+.cfi_adjust_cfa_offset	8
+	movq	$-1,%rax
+	testq	%rdi,%rdi
+	jz	.Lenc_key_ret
+	testq	%rdx,%rdx
+	jz	.Lenc_key_ret
+
+	movl	$268437504,%r10d
+	movups	(%rdi),%xmm0
+	xorps	%xmm4,%xmm4
+	andl	GNUTLS_x86_cpuid_s+4(%rip),%r10d
+	leaq	16(%rdx),%rax
+	cmpl	$256,%esi
+	je	.L14rounds
+	cmpl	$192,%esi
+	je	.L12rounds
+	cmpl	$128,%esi
+	jne	.Lbad_keybits
+
+.L10rounds:
+	movl	$9,%esi
+	cmpl	$268435456,%r10d
+	je	.L10rounds_alt
+
+	movups	%xmm0,(%rdx)
+.byte	102,15,58,223,200,1
+	call	.Lkey_expansion_128_cold
+.byte	102,15,58,223,200,2
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,4
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,8
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,16
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,32
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,64
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,128
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,27
+	call	.Lkey_expansion_128
+.byte	102,15,58,223,200,54
+	call	.Lkey_expansion_128
+	movups	%xmm0,(%rax)
+	movl	%esi,80(%rax)
+	xorl	%eax,%eax
+	jmp	.Lenc_key_ret
+
+.align	16
+.L10rounds_alt:
+	movdqa	.Lkey_rotate(%rip),%xmm5
+	movl	$8,%r10d
+	movdqa	.Lkey_rcon1(%rip),%xmm4
+	movdqa	%xmm0,%xmm2
+	movdqu	%xmm0,(%rdx)
+	jmp	.Loop_key128
+
+.align	16
+.Loop_key128:
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	pslld	$1,%xmm4
+	leaq	16(%rax),%rax
+
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,-16(%rax)
+	movdqa	%xmm0,%xmm2
+
+	decl	%r10d
+	jnz	.Loop_key128
+
+	movdqa	.Lkey_rcon1b(%rip),%xmm4
+
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	pslld	$1,%xmm4
+
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,(%rax)
+
+	movdqa	%xmm0,%xmm2
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,16(%rax)
+
+	movl	%esi,96(%rax)
+	xorl	%eax,%eax
+	jmp	.Lenc_key_ret
+
+.align	16
+.L12rounds:
+	movq	16(%rdi),%xmm2
+	movl	$11,%esi
+	cmpl	$268435456,%r10d
+	je	.L12rounds_alt
+
+	movups	%xmm0,(%rdx)
+.byte	102,15,58,223,202,1
+	call	.Lkey_expansion_192a_cold
+.byte	102,15,58,223,202,2
+	call	.Lkey_expansion_192b
+.byte	102,15,58,223,202,4
+	call	.Lkey_expansion_192a
+.byte	102,15,58,223,202,8
+	call	.Lkey_expansion_192b
+.byte	102,15,58,223,202,16
+	call	.Lkey_expansion_192a
+.byte	102,15,58,223,202,32
+	call	.Lkey_expansion_192b
+.byte	102,15,58,223,202,64
+	call	.Lkey_expansion_192a
+.byte	102,15,58,223,202,128
+	call	.Lkey_expansion_192b
+	movups	%xmm0,(%rax)
+	movl	%esi,48(%rax)
+	xorq	%rax,%rax
+	jmp	.Lenc_key_ret
+
+.align	16
+.L12rounds_alt:
+	movdqa	.Lkey_rotate192(%rip),%xmm5
+	movdqa	.Lkey_rcon1(%rip),%xmm4
+	movl	$8,%r10d
+	movdqu	%xmm0,(%rdx)
+	jmp	.Loop_key192
+
+.align	16
+.Loop_key192:
+	movq	%xmm2,0(%rax)
+	movdqa	%xmm2,%xmm1
+.byte	102,15,56,0,213
+.byte	102,15,56,221,212
+	pslld	$1,%xmm4
+	leaq	24(%rax),%rax
+
+	movdqa	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm3,%xmm0
+
+	pshufd	$0xff,%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+
+	pxor	%xmm2,%xmm0
+	pxor	%xmm3,%xmm2
+	movdqu	%xmm0,-16(%rax)
+
+	decl	%r10d
+	jnz	.Loop_key192
+
+	movl	%esi,32(%rax)
+	xorl	%eax,%eax
+	jmp	.Lenc_key_ret
+
+.align	16
+.L14rounds:
+	movups	16(%rdi),%xmm2
+	movl	$13,%esi
+	leaq	16(%rax),%rax
+	cmpl	$268435456,%r10d
+	je	.L14rounds_alt
+
+	movups	%xmm0,(%rdx)
+	movups	%xmm2,16(%rdx)
+.byte	102,15,58,223,202,1
+	call	.Lkey_expansion_256a_cold
+.byte	102,15,58,223,200,1
+	call	.Lkey_expansion_256b
+.byte	102,15,58,223,202,2
+	call	.Lkey_expansion_256a
+.byte	102,15,58,223,200,2
+	call	.Lkey_expansion_256b
+.byte	102,15,58,223,202,4
+	call	.Lkey_expansion_256a
+.byte	102,15,58,223,200,4
+	call	.Lkey_expansion_256b
+.byte	102,15,58,223,202,8
+	call	.Lkey_expansion_256a
+.byte	102,15,58,223,200,8
+	call	.Lkey_expansion_256b
+.byte	102,15,58,223,202,16
+	call	.Lkey_expansion_256a
+.byte	102,15,58,223,200,16
+	call	.Lkey_expansion_256b
+.byte	102,15,58,223,202,32
+	call	.Lkey_expansion_256a
+.byte	102,15,58,223,200,32
+	call	.Lkey_expansion_256b
+.byte	102,15,58,223,202,64
+	call	.Lkey_expansion_256a
+	movups	%xmm0,(%rax)
+	movl	%esi,16(%rax)
+	xorq	%rax,%rax
+	jmp	.Lenc_key_ret
+
+.align	16
+.L14rounds_alt:
+	movdqa	.Lkey_rotate(%rip),%xmm5
+	movdqa	.Lkey_rcon1(%rip),%xmm4
+	movl	$7,%r10d
+	movdqu	%xmm0,0(%rdx)
+	movdqa	%xmm2,%xmm1
+	movdqu	%xmm2,16(%rdx)
+	jmp	.Loop_key256
+
+.align	16
+.Loop_key256:
+.byte	102,15,56,0,213
+.byte	102,15,56,221,212
+
+	movdqa	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm3,%xmm0
+	pslld	$1,%xmm4
+
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,(%rax)
+
+	decl	%r10d
+	jz	.Ldone_key256
+
+	pshufd	$0xff,%xmm0,%xmm2
+	pxor	%xmm3,%xmm3
+.byte	102,15,56,221,211
+
+	movdqa	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm3,%xmm1
+
+	pxor	%xmm1,%xmm2
+	movdqu	%xmm2,16(%rax)
+	leaq	32(%rax),%rax
+	movdqa	%xmm2,%xmm1
+
+	jmp	.Loop_key256
+
+.Ldone_key256:
+	movl	%esi,16(%rax)
+	xorl	%eax,%eax
+	jmp	.Lenc_key_ret
+
+.align	16
+.Lbad_keybits:
+	movq	$-2,%rax
+.Lenc_key_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	addq	$8,%rsp
+.cfi_adjust_cfa_offset	-8
+	.byte	0xf3,0xc3
+.LSEH_end_set_encrypt_key:
+
+.align	16
+.Lkey_expansion_128:
+	movups	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+.Lkey_expansion_128_cold:
+	shufps	$16,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$255,%xmm1,%xmm1
+	xorps	%xmm1,%xmm0
+	.byte	0xf3,0xc3
+
+.align	16
+.Lkey_expansion_192a:
+	movups	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+.Lkey_expansion_192a_cold:
+	movaps	%xmm2,%xmm5
+.Lkey_expansion_192b_warm:
+	shufps	$16,%xmm0,%xmm4
+	movdqa	%xmm2,%xmm3
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	pslldq	$4,%xmm3
+	xorps	%xmm4,%xmm0
+	pshufd	$85,%xmm1,%xmm1
+	pxor	%xmm3,%xmm2
+	pxor	%xmm1,%xmm0
+	pshufd	$255,%xmm0,%xmm3
+	pxor	%xmm3,%xmm2
+	.byte	0xf3,0xc3
+
+.align	16
+.Lkey_expansion_192b:
+	movaps	%xmm0,%xmm3
+	shufps	$68,%xmm0,%xmm5
+	movups	%xmm5,(%rax)
+	shufps	$78,%xmm2,%xmm3
+	movups	%xmm3,16(%rax)
+	leaq	32(%rax),%rax
+	jmp	.Lkey_expansion_192b_warm
+
+.align	16
+.Lkey_expansion_256a:
+	movups	%xmm2,(%rax)
+	leaq	16(%rax),%rax
+.Lkey_expansion_256a_cold:
+	shufps	$16,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$255,%xmm1,%xmm1
+	xorps	%xmm1,%xmm0
+	.byte	0xf3,0xc3
+
+.align	16
+.Lkey_expansion_256b:
+	movups	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+
+	shufps	$16,%xmm2,%xmm4
+	xorps	%xmm4,%xmm2
+	shufps	$140,%xmm2,%xmm4
+	xorps	%xmm4,%xmm2
+	shufps	$170,%xmm1,%xmm1
+	xorps	%xmm1,%xmm2
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	aesni_set_encrypt_key,.-aesni_set_encrypt_key
+.size	__aesni_set_encrypt_key,.-__aesni_set_encrypt_key
+.align	64
+.Lbswap_mask:
+.byte	15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+.Lincrement32:
+.long	6,6,6,0
+.Lincrement64:
+.long	1,0,0,0
+.Lxts_magic:
+.long	0x87,0,1,0
+.Lincrement1:
+.byte	0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1
+.Lkey_rotate:
+.long	0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d
+.Lkey_rotate192:
+.long	0x04070605,0x04070605,0x04070605,0x04070605
+.Lkey_rcon1:
+.long	1,1,1,1
+.Lkey_rcon1b:
+.long	0x1b,0x1b,0x1b,0x1b
+
+.byte	65,69,83,32,102,111,114,32,73,110,116,101,108,32,65,69,83,45,78,73,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.align	64
+
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/x86/elf/e_padlock-x86.s b/lib/accelerated/x86/elf/e_padlock-x86.s
new file mode 100644
index 0000000..ed8681e
--- /dev/null
+++ b/lib/accelerated/x86/elf/e_padlock-x86.s
@@ -0,0 +1,1075 @@
+# Copyright (c) 2011-2013, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.file	"devel/perlasm/e_padlock-x86.s"
+.text
+.globl	padlock_capability
+.type	padlock_capability,@function
+.align	16
+padlock_capability:
+.L_padlock_capability_begin:
+	pushl	%ebx
+	pushfl
+	popl	%eax
+	movl	%eax,%ecx
+	xorl	$2097152,%eax
+	pushl	%eax
+	popfl
+	pushfl
+	popl	%eax
+	xorl	%eax,%ecx
+	xorl	%eax,%eax
+	btl	$21,%ecx
+	jnc	.L000noluck
+	.byte	0x0f,0xa2
+	xorl	%eax,%eax
+	cmpl	$0x746e6543,%ebx
+	jne	.L000noluck
+	cmpl	$0x48727561,%edx
+	jne	.L000noluck
+	cmpl	$0x736c7561,%ecx
+	jne	.L000noluck
+	movl	$3221225472,%eax
+	.byte	0x0f,0xa2
+	movl	%eax,%edx
+	xorl	%eax,%eax
+	cmpl	$3221225473,%edx
+	jb	.L000noluck
+	movl	$1,%eax
+	.byte	0x0f,0xa2
+	orl	$15,%eax
+	xorl	%ebx,%ebx
+	andl	$4095,%eax
+	cmpl	$1791,%eax
+	sete	%bl
+	movl	$3221225473,%eax
+	pushl	%ebx
+	.byte	0x0f,0xa2
+	popl	%ebx
+	movl	%edx,%eax
+	shll	$4,%ebx
+	andl	$4294967279,%eax
+	orl	%ebx,%eax
+.L000noluck:
+	popl	%ebx
+	ret
+.size	padlock_capability,.-.L_padlock_capability_begin
+.globl	padlock_key_bswap
+.type	padlock_key_bswap,@function
+.align	16
+padlock_key_bswap:
+.L_padlock_key_bswap_begin:
+	movl	4(%esp),%edx
+	movl	240(%edx),%ecx
+.L001bswap_loop:
+	movl	(%edx),%eax
+	bswap	%eax
+	movl	%eax,(%edx)
+	leal	4(%edx),%edx
+	subl	$1,%ecx
+	jnz	.L001bswap_loop
+	ret
+.size	padlock_key_bswap,.-.L_padlock_key_bswap_begin
+.globl	padlock_verify_context
+.type	padlock_verify_context,@function
+.align	16
+padlock_verify_context:
+.L_padlock_verify_context_begin:
+	movl	4(%esp),%edx
+	leal	.Lpadlock_saved_context-.L002verify_pic_point,%eax
+	pushfl
+	call	_padlock_verify_ctx
+.L002verify_pic_point:
+	leal	4(%esp),%esp
+	ret
+.size	padlock_verify_context,.-.L_padlock_verify_context_begin
+.type	_padlock_verify_ctx,@function
+.align	16
+_padlock_verify_ctx:
+	addl	(%esp),%eax
+	btl	$30,4(%esp)
+	jnc	.L003verified
+	cmpl	(%eax),%edx
+	je	.L003verified
+	pushfl
+	popfl
+.L003verified:
+	movl	%edx,(%eax)
+	ret
+.size	_padlock_verify_ctx,.-_padlock_verify_ctx
+.globl	padlock_reload_key
+.type	padlock_reload_key,@function
+.align	16
+padlock_reload_key:
+.L_padlock_reload_key_begin:
+	pushfl
+	popfl
+	ret
+.size	padlock_reload_key,.-.L_padlock_reload_key_begin
+.globl	padlock_aes_block
+.type	padlock_aes_block,@function
+.align	16
+padlock_aes_block:
+.L_padlock_aes_block_begin:
+	pushl	%edi
+	pushl	%esi
+	pushl	%ebx
+	movl	16(%esp),%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edx
+	movl	$1,%ecx
+	leal	32(%edx),%ebx
+	leal	16(%edx),%edx
+.byte	243,15,167,200
+	popl	%ebx
+	popl	%esi
+	popl	%edi
+	ret
+.size	padlock_aes_block,.-.L_padlock_aes_block_begin
+.globl	padlock_ecb_encrypt
+.type	padlock_ecb_encrypt,@function
+.align	16
+padlock_ecb_encrypt:
+.L_padlock_ecb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	.L004ecb_abort
+	testl	$15,%ecx
+	jnz	.L004ecb_abort
+	leal	.Lpadlock_saved_context-.L005ecb_pic_point,%eax
+	pushfl
+	cld
+	call	_padlock_verify_ctx
+.L005ecb_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%edx)
+	jnz	.L006ecb_aligned
+	testl	$15,%edi
+	setz	%al
+	testl	$15,%esi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.L006ecb_aligned
+	negl	%eax
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	cmpl	%ebx,%ecx
+	ja	.L007ecb_loop
+	movl	%esi,%eax
+	cmpl	%esp,%ebp
+	cmovel	%edi,%eax
+	addl	%ecx,%eax
+	negl	%eax
+	andl	$4095,%eax
+	cmpl	$128,%eax
+	movl	$-128,%eax
+	cmovael	%ebx,%eax
+	andl	%eax,%ebx
+	jz	.L008ecb_unaligned_tail
+	jmp	.L007ecb_loop
+.align	16
+.L007ecb_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	testl	$15,%edi
+	cmovnzl	%esp,%edi
+	testl	$15,%esi
+	jz	.L009ecb_inp_aligned
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+.L009ecb_inp_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,200
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	testl	$15,%edi
+	jz	.L010ecb_out_aligned
+	movl	%ebx,%ecx
+	leal	(%esp),%esi
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+.L010ecb_out_aligned:
+	movl	4(%ebp),%esi
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jz	.L011ecb_break
+	cmpl	%ebx,%ecx
+	jae	.L007ecb_loop
+.L008ecb_unaligned_tail:
+	xorl	%eax,%eax
+	cmpl	%ebp,%esp
+	cmovel	%ecx,%eax
+	subl	%eax,%esp
+	movl	%edi,%eax
+	movl	%ecx,%ebx
+	shrl	$2,%ecx
+	leal	(%esp),%edi
+.byte	243,165
+	movl	%esp,%esi
+	movl	%eax,%edi
+	movl	%ebx,%ecx
+	jmp	.L007ecb_loop
+.align	16
+.L011ecb_break:
+	cmpl	%ebp,%esp
+	je	.L012ecb_done
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+.L013ecb_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	.L013ecb_bzero
+.L012ecb_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	jmp	.L014ecb_exit
+.align	16
+.L006ecb_aligned:
+	leal	(%esi,%ecx,1),%ebp
+	negl	%ebp
+	andl	$4095,%ebp
+	xorl	%eax,%eax
+	cmpl	$128,%ebp
+	movl	$127,%ebp
+	cmovael	%eax,%ebp
+	andl	%ecx,%ebp
+	subl	%ebp,%ecx
+	jz	.L015ecb_aligned_tail
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,200
+	testl	%ebp,%ebp
+	jz	.L014ecb_exit
+.L015ecb_aligned_tail:
+	movl	%ebp,%ecx
+	leal	-24(%esp),%ebp
+	movl	%ebp,%esp
+	movl	%ebp,%eax
+	subl	%ecx,%esp
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	movl	%edi,%eax
+	movl	%ecx,%ebx
+	shrl	$2,%ecx
+	leal	(%esp),%edi
+.byte	243,165
+	movl	%esp,%esi
+	movl	%eax,%edi
+	movl	%ebx,%ecx
+	jmp	.L007ecb_loop
+.L014ecb_exit:
+	movl	$1,%eax
+	leal	4(%esp),%esp
+.L004ecb_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	padlock_ecb_encrypt,.-.L_padlock_ecb_encrypt_begin
+.globl	padlock_cbc_encrypt
+.type	padlock_cbc_encrypt,@function
+.align	16
+padlock_cbc_encrypt:
+.L_padlock_cbc_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	.L016cbc_abort
+	testl	$15,%ecx
+	jnz	.L016cbc_abort
+	leal	.Lpadlock_saved_context-.L017cbc_pic_point,%eax
+	pushfl
+	cld
+	call	_padlock_verify_ctx
+.L017cbc_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%edx)
+	jnz	.L018cbc_aligned
+	testl	$15,%edi
+	setz	%al
+	testl	$15,%esi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.L018cbc_aligned
+	negl	%eax
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	cmpl	%ebx,%ecx
+	ja	.L019cbc_loop
+	movl	%esi,%eax
+	cmpl	%esp,%ebp
+	cmovel	%edi,%eax
+	addl	%ecx,%eax
+	negl	%eax
+	andl	$4095,%eax
+	cmpl	$64,%eax
+	movl	$-64,%eax
+	cmovael	%ebx,%eax
+	andl	%eax,%ebx
+	jz	.L020cbc_unaligned_tail
+	jmp	.L019cbc_loop
+.align	16
+.L019cbc_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	testl	$15,%edi
+	cmovnzl	%esp,%edi
+	testl	$15,%esi
+	jz	.L021cbc_inp_aligned
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+.L021cbc_inp_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,208
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	testl	$15,%edi
+	jz	.L022cbc_out_aligned
+	movl	%ebx,%ecx
+	leal	(%esp),%esi
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+.L022cbc_out_aligned:
+	movl	4(%ebp),%esi
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jz	.L023cbc_break
+	cmpl	%ebx,%ecx
+	jae	.L019cbc_loop
+.L020cbc_unaligned_tail:
+	xorl	%eax,%eax
+	cmpl	%ebp,%esp
+	cmovel	%ecx,%eax
+	subl	%eax,%esp
+	movl	%edi,%eax
+	movl	%ecx,%ebx
+	shrl	$2,%ecx
+	leal	(%esp),%edi
+.byte	243,165
+	movl	%esp,%esi
+	movl	%eax,%edi
+	movl	%ebx,%ecx
+	jmp	.L019cbc_loop
+.align	16
+.L023cbc_break:
+	cmpl	%ebp,%esp
+	je	.L024cbc_done
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+.L025cbc_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	.L025cbc_bzero
+.L024cbc_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	jmp	.L026cbc_exit
+.align	16
+.L018cbc_aligned:
+	leal	(%esi,%ecx,1),%ebp
+	negl	%ebp
+	andl	$4095,%ebp
+	xorl	%eax,%eax
+	cmpl	$64,%ebp
+	movl	$63,%ebp
+	cmovael	%eax,%ebp
+	andl	%ecx,%ebp
+	subl	%ebp,%ecx
+	jz	.L027cbc_aligned_tail
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,208
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+	testl	%ebp,%ebp
+	jz	.L026cbc_exit
+.L027cbc_aligned_tail:
+	movl	%ebp,%ecx
+	leal	-24(%esp),%ebp
+	movl	%ebp,%esp
+	movl	%ebp,%eax
+	subl	%ecx,%esp
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	movl	%edi,%eax
+	movl	%ecx,%ebx
+	shrl	$2,%ecx
+	leal	(%esp),%edi
+.byte	243,165
+	movl	%esp,%esi
+	movl	%eax,%edi
+	movl	%ebx,%ecx
+	jmp	.L019cbc_loop
+.L026cbc_exit:
+	movl	$1,%eax
+	leal	4(%esp),%esp
+.L016cbc_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	padlock_cbc_encrypt,.-.L_padlock_cbc_encrypt_begin
+.globl	padlock_cfb_encrypt
+.type	padlock_cfb_encrypt,@function
+.align	16
+padlock_cfb_encrypt:
+.L_padlock_cfb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	.L028cfb_abort
+	testl	$15,%ecx
+	jnz	.L028cfb_abort
+	leal	.Lpadlock_saved_context-.L029cfb_pic_point,%eax
+	pushfl
+	cld
+	call	_padlock_verify_ctx
+.L029cfb_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%edx)
+	jnz	.L030cfb_aligned
+	testl	$15,%edi
+	setz	%al
+	testl	$15,%esi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.L030cfb_aligned
+	negl	%eax
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	jmp	.L031cfb_loop
+.align	16
+.L031cfb_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	testl	$15,%edi
+	cmovnzl	%esp,%edi
+	testl	$15,%esi
+	jz	.L032cfb_inp_aligned
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+.L032cfb_inp_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,224
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	testl	$15,%edi
+	jz	.L033cfb_out_aligned
+	movl	%ebx,%ecx
+	leal	(%esp),%esi
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+.L033cfb_out_aligned:
+	movl	4(%ebp),%esi
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jnz	.L031cfb_loop
+	cmpl	%ebp,%esp
+	je	.L034cfb_done
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+.L035cfb_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	.L035cfb_bzero
+.L034cfb_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	jmp	.L036cfb_exit
+.align	16
+.L030cfb_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,224
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+.L036cfb_exit:
+	movl	$1,%eax
+	leal	4(%esp),%esp
+.L028cfb_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	padlock_cfb_encrypt,.-.L_padlock_cfb_encrypt_begin
+.globl	padlock_ofb_encrypt
+.type	padlock_ofb_encrypt,@function
+.align	16
+padlock_ofb_encrypt:
+.L_padlock_ofb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	.L037ofb_abort
+	testl	$15,%ecx
+	jnz	.L037ofb_abort
+	leal	.Lpadlock_saved_context-.L038ofb_pic_point,%eax
+	pushfl
+	cld
+	call	_padlock_verify_ctx
+.L038ofb_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%edx)
+	jnz	.L039ofb_aligned
+	testl	$15,%edi
+	setz	%al
+	testl	$15,%esi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.L039ofb_aligned
+	negl	%eax
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	jmp	.L040ofb_loop
+.align	16
+.L040ofb_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	testl	$15,%edi
+	cmovnzl	%esp,%edi
+	testl	$15,%esi
+	jz	.L041ofb_inp_aligned
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+.L041ofb_inp_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,232
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	testl	$15,%edi
+	jz	.L042ofb_out_aligned
+	movl	%ebx,%ecx
+	leal	(%esp),%esi
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+.L042ofb_out_aligned:
+	movl	4(%ebp),%esi
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jnz	.L040ofb_loop
+	cmpl	%ebp,%esp
+	je	.L043ofb_done
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+.L044ofb_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	.L044ofb_bzero
+.L043ofb_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	jmp	.L045ofb_exit
+.align	16
+.L039ofb_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,232
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+.L045ofb_exit:
+	movl	$1,%eax
+	leal	4(%esp),%esp
+.L037ofb_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	padlock_ofb_encrypt,.-.L_padlock_ofb_encrypt_begin
+.globl	padlock_ctr32_encrypt
+.type	padlock_ctr32_encrypt,@function
+.align	16
+padlock_ctr32_encrypt:
+.L_padlock_ctr32_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	.L046ctr32_abort
+	testl	$15,%ecx
+	jnz	.L046ctr32_abort
+	leal	.Lpadlock_saved_context-.L047ctr32_pic_point,%eax
+	pushfl
+	cld
+	call	_padlock_verify_ctx
+.L047ctr32_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	movq	-16(%edx),%mm0
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	jmp	.L048ctr32_loop
+.align	16
+.L048ctr32_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	movl	-4(%edx),%ecx
+	xorl	%edi,%edi
+	movl	-8(%edx),%eax
+.L049ctr32_prepare:
+	movl	%ecx,12(%esp,%edi,1)
+	bswap	%ecx
+	movq	%mm0,(%esp,%edi,1)
+	incl	%ecx
+	movl	%eax,8(%esp,%edi,1)
+	bswap	%ecx
+	leal	16(%edi),%edi
+	cmpl	%ebx,%edi
+	jb	.L049ctr32_prepare
+	movl	%ecx,-4(%edx)
+	leal	(%esp),%esi
+	leal	(%esp),%edi
+	movl	%ebx,%ecx
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,200
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	movl	4(%ebp),%esi
+	xorl	%ecx,%ecx
+.L050ctr32_xor:
+	movups	(%esi,%ecx,1),%xmm1
+	leal	16(%ecx),%ecx
+	pxor	-16(%esp,%ecx,1),%xmm1
+	movups	%xmm1,-16(%edi,%ecx,1)
+	cmpl	%ebx,%ecx
+	jb	.L050ctr32_xor
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jnz	.L048ctr32_loop
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+.L051ctr32_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	.L051ctr32_bzero
+.L052ctr32_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	movl	$1,%eax
+	leal	4(%esp),%esp
+	emms
+.L046ctr32_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	padlock_ctr32_encrypt,.-.L_padlock_ctr32_encrypt_begin
+.globl	padlock_xstore
+.type	padlock_xstore,@function
+.align	16
+padlock_xstore:
+.L_padlock_xstore_begin:
+	pushl	%edi
+	movl	8(%esp),%edi
+	movl	12(%esp),%edx
+.byte	15,167,192
+	popl	%edi
+	ret
+.size	padlock_xstore,.-.L_padlock_xstore_begin
+.type	_win32_segv_handler,@function
+.align	16
+_win32_segv_handler:
+	movl	$1,%eax
+	movl	4(%esp),%edx
+	movl	12(%esp),%ecx
+	cmpl	$3221225477,(%edx)
+	jne	.L053ret
+	addl	$4,184(%ecx)
+	movl	$0,%eax
+.L053ret:
+	ret
+.size	_win32_segv_handler,.-_win32_segv_handler
+.globl	padlock_sha1_oneshot
+.type	padlock_sha1_oneshot,@function
+.align	16
+padlock_sha1_oneshot:
+.L_padlock_sha1_oneshot_begin:
+	pushl	%edi
+	pushl	%esi
+	xorl	%eax,%eax
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	20(%esp),%ecx
+	movl	%esp,%edx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movl	16(%edi),%eax
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movl	%eax,16(%esp)
+	xorl	%eax,%eax
+.byte	243,15,166,200
+	movaps	(%esp),%xmm0
+	movl	16(%esp),%eax
+	movl	%edx,%esp
+	movl	12(%esp),%edi
+	movups	%xmm0,(%edi)
+	movl	%eax,16(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.size	padlock_sha1_oneshot,.-.L_padlock_sha1_oneshot_begin
+.globl	padlock_sha1_blocks
+.type	padlock_sha1_blocks,@function
+.align	16
+padlock_sha1_blocks:
+.L_padlock_sha1_blocks_begin:
+	pushl	%edi
+	pushl	%esi
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	%esp,%edx
+	movl	20(%esp),%ecx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movl	16(%edi),%eax
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movl	%eax,16(%esp)
+	movl	$-1,%eax
+.byte	243,15,166,200
+	movaps	(%esp),%xmm0
+	movl	16(%esp),%eax
+	movl	%edx,%esp
+	movl	12(%esp),%edi
+	movups	%xmm0,(%edi)
+	movl	%eax,16(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.size	padlock_sha1_blocks,.-.L_padlock_sha1_blocks_begin
+.globl	padlock_sha256_oneshot
+.type	padlock_sha256_oneshot,@function
+.align	16
+padlock_sha256_oneshot:
+.L_padlock_sha256_oneshot_begin:
+	pushl	%edi
+	pushl	%esi
+	xorl	%eax,%eax
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	20(%esp),%ecx
+	movl	%esp,%edx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movups	16(%edi),%xmm1
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movaps	%xmm1,16(%esp)
+	xorl	%eax,%eax
+.byte	243,15,166,208
+	movaps	(%esp),%xmm0
+	movaps	16(%esp),%xmm1
+	movl	%edx,%esp
+	movl	12(%esp),%edi
+	movups	%xmm0,(%edi)
+	movups	%xmm1,16(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.size	padlock_sha256_oneshot,.-.L_padlock_sha256_oneshot_begin
+.globl	padlock_sha256_blocks
+.type	padlock_sha256_blocks,@function
+.align	16
+padlock_sha256_blocks:
+.L_padlock_sha256_blocks_begin:
+	pushl	%edi
+	pushl	%esi
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	20(%esp),%ecx
+	movl	%esp,%edx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movups	16(%edi),%xmm1
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movaps	%xmm1,16(%esp)
+	movl	$-1,%eax
+.byte	243,15,166,208
+	movaps	(%esp),%xmm0
+	movaps	16(%esp),%xmm1
+	movl	%edx,%esp
+	movl	12(%esp),%edi
+	movups	%xmm0,(%edi)
+	movups	%xmm1,16(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.size	padlock_sha256_blocks,.-.L_padlock_sha256_blocks_begin
+.globl	padlock_sha512_blocks
+.type	padlock_sha512_blocks,@function
+.align	16
+padlock_sha512_blocks:
+.L_padlock_sha512_blocks_begin:
+	pushl	%edi
+	pushl	%esi
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	20(%esp),%ecx
+	movl	%esp,%edx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movups	16(%edi),%xmm1
+	movups	32(%edi),%xmm2
+	movups	48(%edi),%xmm3
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movaps	%xmm1,16(%esp)
+	movaps	%xmm2,32(%esp)
+	movaps	%xmm3,48(%esp)
+.byte	243,15,166,224
+	movaps	(%esp),%xmm0
+	movaps	16(%esp),%xmm1
+	movaps	32(%esp),%xmm2
+	movaps	48(%esp),%xmm3
+	movl	%edx,%esp
+	movl	12(%esp),%edi
+	movups	%xmm0,(%edi)
+	movups	%xmm1,16(%edi)
+	movups	%xmm2,32(%edi)
+	movups	%xmm3,48(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.size	padlock_sha512_blocks,.-.L_padlock_sha512_blocks_begin
+.byte	86,73,65,32,80,97,100,108,111,99,107,32,120,56,54,32
+.byte	109,111,100,117,108,101,44,32,67,82,89,80,84,79,71,65
+.byte	77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101
+.byte	110,115,115,108,46,111,114,103,62,0
+.align	16
+.data
+.align	4
+.Lpadlock_saved_context:
+.long	0
+
+
+.section .note.GNU-stack,"",%progbits
+
+
diff --git a/lib/accelerated/x86/elf/e_padlock-x86_64.s b/lib/accelerated/x86/elf/e_padlock-x86_64.s
new file mode 100644
index 0000000..c161f0a
--- /dev/null
+++ b/lib/accelerated/x86/elf/e_padlock-x86_64.s
@@ -0,0 +1,1070 @@
+# Copyright (c) 2011-2013, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+.globl	padlock_capability
+.type	padlock_capability,@function
+.align	16
+padlock_capability:
+	movq	%rbx,%r8
+	xorl	%eax,%eax
+	cpuid
+	xorl	%eax,%eax
+	cmpl	$1953391939,%ebx
+	jne	.Lnoluck
+	cmpl	$1215460705,%edx
+	jne	.Lnoluck
+	cmpl	$1936487777,%ecx
+	jne	.Lnoluck
+	movl	$3221225472,%eax
+	cpuid
+	movl	%eax,%edx
+	xorl	%eax,%eax
+	cmpl	$3221225473,%edx
+	jb	.Lnoluck
+	movl	$3221225473,%eax
+	cpuid
+	movl	%edx,%eax
+	andl	$4294967279,%eax
+	orl	$16,%eax
+.Lnoluck:
+	movq	%r8,%rbx
+	.byte	0xf3,0xc3
+.size	padlock_capability,.-padlock_capability
+
+.globl	padlock_key_bswap
+.type	padlock_key_bswap,@function
+.align	16
+padlock_key_bswap:
+	movl	240(%rdi),%edx
+.Lbswap_loop:
+	movl	(%rdi),%eax
+	bswapl	%eax
+	movl	%eax,(%rdi)
+	leaq	4(%rdi),%rdi
+	subl	$1,%edx
+	jnz	.Lbswap_loop
+	.byte	0xf3,0xc3
+.size	padlock_key_bswap,.-padlock_key_bswap
+
+.globl	padlock_verify_context
+.type	padlock_verify_context,@function
+.align	16
+padlock_verify_context:
+	movq	%rdi,%rdx
+	pushf
+	leaq	.Lpadlock_saved_context(%rip),%rax
+	call	_padlock_verify_ctx
+	leaq	8(%rsp),%rsp
+	.byte	0xf3,0xc3
+.size	padlock_verify_context,.-padlock_verify_context
+
+.type	_padlock_verify_ctx,@function
+.align	16
+_padlock_verify_ctx:
+	movq	8(%rsp),%r8
+	btq	$30,%r8
+	jnc	.Lverified
+	cmpq	(%rax),%rdx
+	je	.Lverified
+	pushf
+	popf
+.Lverified:
+	movq	%rdx,(%rax)
+	.byte	0xf3,0xc3
+.size	_padlock_verify_ctx,.-_padlock_verify_ctx
+
+.globl	padlock_reload_key
+.type	padlock_reload_key,@function
+.align	16
+padlock_reload_key:
+	pushf
+	popf
+	.byte	0xf3,0xc3
+.size	padlock_reload_key,.-padlock_reload_key
+
+.globl	padlock_aes_block
+.type	padlock_aes_block,@function
+.align	16
+padlock_aes_block:
+	movq	%rbx,%r8
+	movq	$1,%rcx
+	leaq	32(%rdx),%rbx
+	leaq	16(%rdx),%rdx
+.byte	0xf3,0x0f,0xa7,0xc8	
+	movq	%r8,%rbx
+	.byte	0xf3,0xc3
+.size	padlock_aes_block,.-padlock_aes_block
+
+.globl	padlock_xstore
+.type	padlock_xstore,@function
+.align	16
+padlock_xstore:
+	movl	%esi,%edx
+.byte	0x0f,0xa7,0xc0		
+	.byte	0xf3,0xc3
+.size	padlock_xstore,.-padlock_xstore
+
+.globl	padlock_sha1_oneshot
+.type	padlock_sha1_oneshot,@function
+.align	16
+padlock_sha1_oneshot:
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movl	16(%rdi),%eax
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movl	%eax,16(%rsp)
+	xorq	%rax,%rax
+.byte	0xf3,0x0f,0xa6,0xc8	
+	movaps	(%rsp),%xmm0
+	movl	16(%rsp),%eax
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movl	%eax,16(%rdx)
+	.byte	0xf3,0xc3
+.size	padlock_sha1_oneshot,.-padlock_sha1_oneshot
+
+.globl	padlock_sha1_blocks
+.type	padlock_sha1_blocks,@function
+.align	16
+padlock_sha1_blocks:
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movl	16(%rdi),%eax
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movl	%eax,16(%rsp)
+	movq	$-1,%rax
+.byte	0xf3,0x0f,0xa6,0xc8	
+	movaps	(%rsp),%xmm0
+	movl	16(%rsp),%eax
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movl	%eax,16(%rdx)
+	.byte	0xf3,0xc3
+.size	padlock_sha1_blocks,.-padlock_sha1_blocks
+
+.globl	padlock_sha256_oneshot
+.type	padlock_sha256_oneshot,@function
+.align	16
+padlock_sha256_oneshot:
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movups	16(%rdi),%xmm1
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movaps	%xmm1,16(%rsp)
+	xorq	%rax,%rax
+.byte	0xf3,0x0f,0xa6,0xd0	
+	movaps	(%rsp),%xmm0
+	movaps	16(%rsp),%xmm1
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movups	%xmm1,16(%rdx)
+	.byte	0xf3,0xc3
+.size	padlock_sha256_oneshot,.-padlock_sha256_oneshot
+
+.globl	padlock_sha256_blocks
+.type	padlock_sha256_blocks,@function
+.align	16
+padlock_sha256_blocks:
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movups	16(%rdi),%xmm1
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movaps	%xmm1,16(%rsp)
+	movq	$-1,%rax
+.byte	0xf3,0x0f,0xa6,0xd0	
+	movaps	(%rsp),%xmm0
+	movaps	16(%rsp),%xmm1
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movups	%xmm1,16(%rdx)
+	.byte	0xf3,0xc3
+.size	padlock_sha256_blocks,.-padlock_sha256_blocks
+
+.globl	padlock_sha512_blocks
+.type	padlock_sha512_blocks,@function
+.align	16
+padlock_sha512_blocks:
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movups	16(%rdi),%xmm1
+	movups	32(%rdi),%xmm2
+	movups	48(%rdi),%xmm3
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movaps	%xmm1,16(%rsp)
+	movaps	%xmm2,32(%rsp)
+	movaps	%xmm3,48(%rsp)
+.byte	0xf3,0x0f,0xa6,0xe0	
+	movaps	(%rsp),%xmm0
+	movaps	16(%rsp),%xmm1
+	movaps	32(%rsp),%xmm2
+	movaps	48(%rsp),%xmm3
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movups	%xmm1,16(%rdx)
+	movups	%xmm2,32(%rdx)
+	movups	%xmm3,48(%rdx)
+	.byte	0xf3,0xc3
+.size	padlock_sha512_blocks,.-padlock_sha512_blocks
+.globl	padlock_ecb_encrypt
+.type	padlock_ecb_encrypt,@function
+.align	16
+padlock_ecb_encrypt:
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	.Lecb_abort
+	testq	$15,%rcx
+	jnz	.Lecb_abort
+	leaq	.Lpadlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	.Lecb_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.Lecb_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+	cmpq	%rbx,%rcx
+	ja	.Lecb_loop
+	movq	%rsi,%rax
+	cmpq	%rsp,%rbp
+	cmoveq	%rdi,%rax
+	addq	%rcx,%rax
+	negq	%rax
+	andq	$4095,%rax
+	cmpq	$128,%rax
+	movq	$-128,%rax
+	cmovaeq	%rbx,%rax
+	andq	%rax,%rbx
+	jz	.Lecb_unaligned_tail
+	jmp	.Lecb_loop
+.align	16
+.Lecb_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	.Lecb_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+.Lecb_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,200	
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	.Lecb_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+.Lecb_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jz	.Lecb_break
+	cmpq	%rbx,%rcx
+	jae	.Lecb_loop
+.Lecb_unaligned_tail:
+	xorl	%eax,%eax
+	cmpq	%rsp,%rbp
+	cmoveq	%rcx,%rax
+	movq	%rdi,%r8
+	movq	%rcx,%rbx
+	subq	%rax,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	movq	%rsp,%rsi
+	movq	%r8,%rdi
+	movq	%rbx,%rcx
+	jmp	.Lecb_loop
+.align	16
+.Lecb_break:
+	cmpq	%rbp,%rsp
+	je	.Lecb_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+.Lecb_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	.Lecb_bzero
+
+.Lecb_done:
+	leaq	(%rbp),%rsp
+	jmp	.Lecb_exit
+
+.align	16
+.Lecb_aligned:
+	leaq	(%rsi,%rcx,1),%rbp
+	negq	%rbp
+	andq	$4095,%rbp
+	xorl	%eax,%eax
+	cmpq	$128,%rbp
+	movq	$128-1,%rbp
+	cmovaeq	%rax,%rbp
+	andq	%rcx,%rbp
+	subq	%rbp,%rcx
+	jz	.Lecb_aligned_tail
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,200	
+	testq	%rbp,%rbp
+	jz	.Lecb_exit
+
+.Lecb_aligned_tail:
+	movq	%rdi,%r8
+	movq	%rbp,%rbx
+	movq	%rbp,%rcx
+	leaq	(%rsp),%rbp
+	subq	%rcx,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	leaq	(%r8),%rdi
+	leaq	(%rsp),%rsi
+	movq	%rbx,%rcx
+	jmp	.Lecb_loop
+.Lecb_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+.Lecb_abort:
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+.size	padlock_ecb_encrypt,.-padlock_ecb_encrypt
+.globl	padlock_cbc_encrypt
+.type	padlock_cbc_encrypt,@function
+.align	16
+padlock_cbc_encrypt:
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	.Lcbc_abort
+	testq	$15,%rcx
+	jnz	.Lcbc_abort
+	leaq	.Lpadlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	.Lcbc_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.Lcbc_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+	cmpq	%rbx,%rcx
+	ja	.Lcbc_loop
+	movq	%rsi,%rax
+	cmpq	%rsp,%rbp
+	cmoveq	%rdi,%rax
+	addq	%rcx,%rax
+	negq	%rax
+	andq	$4095,%rax
+	cmpq	$64,%rax
+	movq	$-64,%rax
+	cmovaeq	%rbx,%rax
+	andq	%rax,%rbx
+	jz	.Lcbc_unaligned_tail
+	jmp	.Lcbc_loop
+.align	16
+.Lcbc_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	.Lcbc_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+.Lcbc_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,208	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	.Lcbc_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+.Lcbc_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jz	.Lcbc_break
+	cmpq	%rbx,%rcx
+	jae	.Lcbc_loop
+.Lcbc_unaligned_tail:
+	xorl	%eax,%eax
+	cmpq	%rsp,%rbp
+	cmoveq	%rcx,%rax
+	movq	%rdi,%r8
+	movq	%rcx,%rbx
+	subq	%rax,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	movq	%rsp,%rsi
+	movq	%r8,%rdi
+	movq	%rbx,%rcx
+	jmp	.Lcbc_loop
+.align	16
+.Lcbc_break:
+	cmpq	%rbp,%rsp
+	je	.Lcbc_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+.Lcbc_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	.Lcbc_bzero
+
+.Lcbc_done:
+	leaq	(%rbp),%rsp
+	jmp	.Lcbc_exit
+
+.align	16
+.Lcbc_aligned:
+	leaq	(%rsi,%rcx,1),%rbp
+	negq	%rbp
+	andq	$4095,%rbp
+	xorl	%eax,%eax
+	cmpq	$64,%rbp
+	movq	$64-1,%rbp
+	cmovaeq	%rax,%rbp
+	andq	%rcx,%rbp
+	subq	%rbp,%rcx
+	jz	.Lcbc_aligned_tail
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,208	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+	testq	%rbp,%rbp
+	jz	.Lcbc_exit
+
+.Lcbc_aligned_tail:
+	movq	%rdi,%r8
+	movq	%rbp,%rbx
+	movq	%rbp,%rcx
+	leaq	(%rsp),%rbp
+	subq	%rcx,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	leaq	(%r8),%rdi
+	leaq	(%rsp),%rsi
+	movq	%rbx,%rcx
+	jmp	.Lcbc_loop
+.Lcbc_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+.Lcbc_abort:
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+.size	padlock_cbc_encrypt,.-padlock_cbc_encrypt
+.globl	padlock_cfb_encrypt
+.type	padlock_cfb_encrypt,@function
+.align	16
+padlock_cfb_encrypt:
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	.Lcfb_abort
+	testq	$15,%rcx
+	jnz	.Lcfb_abort
+	leaq	.Lpadlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	.Lcfb_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.Lcfb_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+	jmp	.Lcfb_loop
+.align	16
+.Lcfb_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	.Lcfb_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+.Lcfb_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,224	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	.Lcfb_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+.Lcfb_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jnz	.Lcfb_loop
+	cmpq	%rbp,%rsp
+	je	.Lcfb_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+.Lcfb_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	.Lcfb_bzero
+
+.Lcfb_done:
+	leaq	(%rbp),%rsp
+	jmp	.Lcfb_exit
+
+.align	16
+.Lcfb_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,224	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+.Lcfb_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+.Lcfb_abort:
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+.size	padlock_cfb_encrypt,.-padlock_cfb_encrypt
+.globl	padlock_ofb_encrypt
+.type	padlock_ofb_encrypt,@function
+.align	16
+padlock_ofb_encrypt:
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	.Lofb_abort
+	testq	$15,%rcx
+	jnz	.Lofb_abort
+	leaq	.Lpadlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	.Lofb_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.Lofb_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+	jmp	.Lofb_loop
+.align	16
+.Lofb_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	.Lofb_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+.Lofb_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,232	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	.Lofb_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+.Lofb_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jnz	.Lofb_loop
+	cmpq	%rbp,%rsp
+	je	.Lofb_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+.Lofb_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	.Lofb_bzero
+
+.Lofb_done:
+	leaq	(%rbp),%rsp
+	jmp	.Lofb_exit
+
+.align	16
+.Lofb_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,232	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+.Lofb_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+.Lofb_abort:
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+.size	padlock_ofb_encrypt,.-padlock_ofb_encrypt
+.globl	padlock_ctr32_encrypt
+.type	padlock_ctr32_encrypt,@function
+.align	16
+padlock_ctr32_encrypt:
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	.Lctr32_abort
+	testq	$15,%rcx
+	jnz	.Lctr32_abort
+	leaq	.Lpadlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	.Lctr32_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	.Lctr32_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+.Lctr32_reenter:
+	movl	-4(%rdx),%eax
+	bswapl	%eax
+	negl	%eax
+	andl	$31,%eax
+	movq	$512,%rbx
+	shll	$4,%eax
+	cmovzq	%rbx,%rax
+	cmpq	%rax,%rcx
+	cmovaq	%rax,%rbx
+	cmovbeq	%rcx,%rbx
+	cmpq	%rbx,%rcx
+	ja	.Lctr32_loop
+	movq	%rsi,%rax
+	cmpq	%rsp,%rbp
+	cmoveq	%rdi,%rax
+	addq	%rcx,%rax
+	negq	%rax
+	andq	$4095,%rax
+	cmpq	$32,%rax
+	movq	$-32,%rax
+	cmovaeq	%rbx,%rax
+	andq	%rax,%rbx
+	jz	.Lctr32_unaligned_tail
+	jmp	.Lctr32_loop
+.align	16
+.Lctr32_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	.Lctr32_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+.Lctr32_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,216	
+	movl	-4(%rdx),%eax
+	testl	$4294901760,%eax
+	jnz	.Lctr32_no_carry
+	bswapl	%eax
+	addl	$65536,%eax
+	bswapl	%eax
+	movl	%eax,-4(%rdx)
+.Lctr32_no_carry:
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	.Lctr32_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+.Lctr32_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jz	.Lctr32_break
+	cmpq	%rbx,%rcx
+	jae	.Lctr32_loop
+	movq	%rcx,%rbx
+	movq	%rsi,%rax
+	cmpq	%rsp,%rbp
+	cmoveq	%rdi,%rax
+	addq	%rcx,%rax
+	negq	%rax
+	andq	$4095,%rax
+	cmpq	$32,%rax
+	movq	$-32,%rax
+	cmovaeq	%rbx,%rax
+	andq	%rax,%rbx
+	jnz	.Lctr32_loop
+.Lctr32_unaligned_tail:
+	xorl	%eax,%eax
+	cmpq	%rsp,%rbp
+	cmoveq	%rcx,%rax
+	movq	%rdi,%r8
+	movq	%rcx,%rbx
+	subq	%rax,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	movq	%rsp,%rsi
+	movq	%r8,%rdi
+	movq	%rbx,%rcx
+	jmp	.Lctr32_loop
+.align	16
+.Lctr32_break:
+	cmpq	%rbp,%rsp
+	je	.Lctr32_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+.Lctr32_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	.Lctr32_bzero
+
+.Lctr32_done:
+	leaq	(%rbp),%rsp
+	jmp	.Lctr32_exit
+
+.align	16
+.Lctr32_aligned:
+	movl	-4(%rdx),%eax
+	bswapl	%eax
+	negl	%eax
+	andl	$65535,%eax
+	movq	$1048576,%rbx
+	shll	$4,%eax
+	cmovzq	%rbx,%rax
+	cmpq	%rax,%rcx
+	cmovaq	%rax,%rbx
+	cmovbeq	%rcx,%rbx
+	jbe	.Lctr32_aligned_skip
+
+.Lctr32_aligned_loop:
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,216	
+
+	movl	-4(%rdx),%eax
+	bswapl	%eax
+	addl	$65536,%eax
+	bswapl	%eax
+	movl	%eax,-4(%rdx)
+
+	movq	%r10,%rcx
+	subq	%r11,%rcx
+	movq	$1048576,%rbx
+	jz	.Lctr32_exit
+	cmpq	%rbx,%rcx
+	jae	.Lctr32_aligned_loop
+
+.Lctr32_aligned_skip:
+	leaq	(%rsi,%rcx,1),%rbp
+	negq	%rbp
+	andq	$4095,%rbp
+	xorl	%eax,%eax
+	cmpq	$32,%rbp
+	movq	$32-1,%rbp
+	cmovaeq	%rax,%rbp
+	andq	%rcx,%rbp
+	subq	%rbp,%rcx
+	jz	.Lctr32_aligned_tail
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,216	
+	testq	%rbp,%rbp
+	jz	.Lctr32_exit
+
+.Lctr32_aligned_tail:
+	movq	%rdi,%r8
+	movq	%rbp,%rbx
+	movq	%rbp,%rcx
+	leaq	(%rsp),%rbp
+	subq	%rcx,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	leaq	(%r8),%rdi
+	leaq	(%rsp),%rsi
+	movq	%rbx,%rcx
+	jmp	.Lctr32_loop
+.Lctr32_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+.Lctr32_abort:
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+.size	padlock_ctr32_encrypt,.-padlock_ctr32_encrypt
+.byte	86,73,65,32,80,97,100,108,111,99,107,32,120,56,54,95,54,52,32,109,111,100,117,108,101,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.align	16
+.data	
+.align	8
+.Lpadlock_saved_context:
+.quad	0
+
+
+.section .note.GNU-stack,"",%progbits
+
+
diff --git a/lib/accelerated/x86/elf/ghash-x86_64.s b/lib/accelerated/x86/elf/ghash-x86_64.s
new file mode 100644
index 0000000..856ff17
--- /dev/null
+++ b/lib/accelerated/x86/elf/ghash-x86_64.s
@@ -0,0 +1,1888 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+.globl	gcm_gmult_4bit
+.type	gcm_gmult_4bit,@function
+.align	16
+gcm_gmult_4bit:
+.cfi_startproc	
+	pushq	%rbx
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%r14,-48
+	pushq	%r15
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%r15,-56
+	subq	$280,%rsp
+.cfi_adjust_cfa_offset	280
+.Lgmult_prologue:
+
+	movzbq	15(%rdi),%r8
+	leaq	.Lrem_4bit(%rip),%r11
+	xorq	%rax,%rax
+	xorq	%rbx,%rbx
+	movb	%r8b,%al
+	movb	%r8b,%bl
+	shlb	$4,%al
+	movq	$14,%rcx
+	movq	8(%rsi,%rax,1),%r8
+	movq	(%rsi,%rax,1),%r9
+	andb	$0xf0,%bl
+	movq	%r8,%rdx
+	jmp	.Loop1
+
+.align	16
+.Loop1:
+	shrq	$4,%r8
+	andq	$0xf,%rdx
+	movq	%r9,%r10
+	movb	(%rdi,%rcx,1),%al
+	shrq	$4,%r9
+	xorq	8(%rsi,%rbx,1),%r8
+	shlq	$60,%r10
+	xorq	(%rsi,%rbx,1),%r9
+	movb	%al,%bl
+	xorq	(%r11,%rdx,8),%r9
+	movq	%r8,%rdx
+	shlb	$4,%al
+	xorq	%r10,%r8
+	decq	%rcx
+	js	.Lbreak1
+
+	shrq	$4,%r8
+	andq	$0xf,%rdx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	xorq	8(%rsi,%rax,1),%r8
+	shlq	$60,%r10
+	xorq	(%rsi,%rax,1),%r9
+	andb	$0xf0,%bl
+	xorq	(%r11,%rdx,8),%r9
+	movq	%r8,%rdx
+	xorq	%r10,%r8
+	jmp	.Loop1
+
+.align	16
+.Lbreak1:
+	shrq	$4,%r8
+	andq	$0xf,%rdx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	xorq	8(%rsi,%rax,1),%r8
+	shlq	$60,%r10
+	xorq	(%rsi,%rax,1),%r9
+	andb	$0xf0,%bl
+	xorq	(%r11,%rdx,8),%r9
+	movq	%r8,%rdx
+	xorq	%r10,%r8
+
+	shrq	$4,%r8
+	andq	$0xf,%rdx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	xorq	8(%rsi,%rbx,1),%r8
+	shlq	$60,%r10
+	xorq	(%rsi,%rbx,1),%r9
+	xorq	%r10,%r8
+	xorq	(%r11,%rdx,8),%r9
+
+	bswapq	%r8
+	bswapq	%r9
+	movq	%r8,8(%rdi)
+	movq	%r9,(%rdi)
+
+	leaq	280+48(%rsp),%rsi
+.cfi_def_cfa	%rsi,8
+	movq	-8(%rsi),%rbx
+.cfi_restore	%rbx
+	leaq	(%rsi),%rsp
+.cfi_def_cfa_register	%rsp
+.Lgmult_epilogue:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	gcm_gmult_4bit,.-gcm_gmult_4bit
+.globl	gcm_ghash_4bit
+.type	gcm_ghash_4bit,@function
+.align	16
+gcm_ghash_4bit:
+.cfi_startproc	
+	pushq	%rbx
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%r14,-48
+	pushq	%r15
+.cfi_adjust_cfa_offset	8
+.cfi_offset	%r15,-56
+	subq	$280,%rsp
+.cfi_adjust_cfa_offset	280
+.Lghash_prologue:
+	movq	%rdx,%r14
+	movq	%rcx,%r15
+	subq	$-128,%rsi
+	leaq	16+128(%rsp),%rbp
+	xorl	%edx,%edx
+	movq	0+0-128(%rsi),%r8
+	movq	0+8-128(%rsi),%rax
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	16+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	16+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,0(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,0(%rbp)
+	movq	32+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,0-128(%rbp)
+	movq	32+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,1(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,8(%rbp)
+	movq	48+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,8-128(%rbp)
+	movq	48+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,2(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,16(%rbp)
+	movq	64+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,16-128(%rbp)
+	movq	64+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,3(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,24(%rbp)
+	movq	80+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,24-128(%rbp)
+	movq	80+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,4(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,32(%rbp)
+	movq	96+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,32-128(%rbp)
+	movq	96+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,5(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,40(%rbp)
+	movq	112+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,40-128(%rbp)
+	movq	112+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,6(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,48(%rbp)
+	movq	128+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,48-128(%rbp)
+	movq	128+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,7(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,56(%rbp)
+	movq	144+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,56-128(%rbp)
+	movq	144+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,8(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,64(%rbp)
+	movq	160+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,64-128(%rbp)
+	movq	160+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,9(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,72(%rbp)
+	movq	176+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,72-128(%rbp)
+	movq	176+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,10(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,80(%rbp)
+	movq	192+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,80-128(%rbp)
+	movq	192+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,11(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,88(%rbp)
+	movq	208+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,88-128(%rbp)
+	movq	208+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,12(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,96(%rbp)
+	movq	224+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,96-128(%rbp)
+	movq	224+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,13(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,104(%rbp)
+	movq	240+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,104-128(%rbp)
+	movq	240+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,14(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,112(%rbp)
+	shlb	$4,%dl
+	movq	%rax,112-128(%rbp)
+	shlq	$60,%r10
+	movb	%dl,15(%rsp)
+	orq	%r10,%rbx
+	movq	%r9,120(%rbp)
+	movq	%rbx,120-128(%rbp)
+	addq	$-128,%rsi
+	movq	8(%rdi),%r8
+	movq	0(%rdi),%r9
+	addq	%r14,%r15
+	leaq	.Lrem_8bit(%rip),%r11
+	jmp	.Louter_loop
+.align	16
+.Louter_loop:
+	xorq	(%r14),%r9
+	movq	8(%r14),%rdx
+	leaq	16(%r14),%r14
+	xorq	%r8,%rdx
+	movq	%r9,(%rdi)
+	movq	%rdx,8(%rdi)
+	shrq	$32,%rdx
+	xorq	%rax,%rax
+	roll	$8,%edx
+	movb	%dl,%al
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	shrl	$4,%ebx
+	roll	$8,%edx
+	movq	8(%rsi,%rax,1),%r8
+	movq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	movl	8(%rdi),%edx
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	movl	4(%rdi),%edx
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	movl	0(%rdi),%edx
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	andl	$240,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	movl	-4(%rdi),%edx
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	movzwq	(%r11,%r12,2),%r12
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	shlq	$48,%r12
+	xorq	%r10,%r8
+	xorq	%r12,%r9
+	movzbq	%r8b,%r13
+	shrq	$4,%r8
+	movq	%r9,%r10
+	shlb	$4,%r13b
+	shrq	$4,%r9
+	xorq	8(%rsi,%rcx,1),%r8
+	movzwq	(%r11,%r13,2),%r13
+	shlq	$60,%r10
+	xorq	(%rsi,%rcx,1),%r9
+	xorq	%r10,%r8
+	shlq	$48,%r13
+	bswapq	%r8
+	xorq	%r13,%r9
+	bswapq	%r9
+	cmpq	%r15,%r14
+	jb	.Louter_loop
+	movq	%r8,8(%rdi)
+	movq	%r9,(%rdi)
+
+	leaq	280+48(%rsp),%rsi
+.cfi_def_cfa	%rsi,8
+	movq	-48(%rsi),%r15
+.cfi_restore	%r15
+	movq	-40(%rsi),%r14
+.cfi_restore	%r14
+	movq	-32(%rsi),%r13
+.cfi_restore	%r13
+	movq	-24(%rsi),%r12
+.cfi_restore	%r12
+	movq	-16(%rsi),%rbp
+.cfi_restore	%rbp
+	movq	-8(%rsi),%rbx
+.cfi_restore	%rbx
+	leaq	0(%rsi),%rsp
+.cfi_def_cfa_register	%rsp
+.Lghash_epilogue:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	gcm_ghash_4bit,.-gcm_ghash_4bit
+.globl	gcm_init_clmul
+.type	gcm_init_clmul,@function
+.align	16
+gcm_init_clmul:
+.cfi_startproc	
+.L_init_clmul:
+	movdqu	(%rsi),%xmm2
+	pshufd	$78,%xmm2,%xmm2
+
+
+	pshufd	$255,%xmm2,%xmm4
+	movdqa	%xmm2,%xmm3
+	psllq	$1,%xmm2
+	pxor	%xmm5,%xmm5
+	psrlq	$63,%xmm3
+	pcmpgtd	%xmm4,%xmm5
+	pslldq	$8,%xmm3
+	por	%xmm3,%xmm2
+
+
+	pand	.L0x1c2_polynomial(%rip),%xmm5
+	pxor	%xmm5,%xmm2
+
+
+	pshufd	$78,%xmm2,%xmm6
+	movdqa	%xmm2,%xmm0
+	pxor	%xmm2,%xmm6
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,222,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	pshufd	$78,%xmm2,%xmm3
+	pshufd	$78,%xmm0,%xmm4
+	pxor	%xmm2,%xmm3
+	movdqu	%xmm2,0(%rdi)
+	pxor	%xmm0,%xmm4
+	movdqu	%xmm0,16(%rdi)
+.byte	102,15,58,15,227,8
+	movdqu	%xmm4,32(%rdi)
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,222,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	movdqa	%xmm0,%xmm5
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,222,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	pshufd	$78,%xmm5,%xmm3
+	pshufd	$78,%xmm0,%xmm4
+	pxor	%xmm5,%xmm3
+	movdqu	%xmm5,48(%rdi)
+	pxor	%xmm0,%xmm4
+	movdqu	%xmm0,64(%rdi)
+.byte	102,15,58,15,227,8
+	movdqu	%xmm4,80(%rdi)
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	gcm_init_clmul,.-gcm_init_clmul
+.globl	gcm_gmult_clmul
+.type	gcm_gmult_clmul,@function
+.align	16
+gcm_gmult_clmul:
+.cfi_startproc	
+.L_gmult_clmul:
+	movdqu	(%rdi),%xmm0
+	movdqa	.Lbswap_mask(%rip),%xmm5
+	movdqu	(%rsi),%xmm2
+	movdqu	32(%rsi),%xmm4
+.byte	102,15,56,0,197
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,220,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,197
+	movdqu	%xmm0,(%rdi)
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	gcm_gmult_clmul,.-gcm_gmult_clmul
+.globl	gcm_ghash_clmul
+.type	gcm_ghash_clmul,@function
+.align	32
+gcm_ghash_clmul:
+.cfi_startproc	
+.L_ghash_clmul:
+	movdqa	.Lbswap_mask(%rip),%xmm10
+
+	movdqu	(%rdi),%xmm0
+	movdqu	(%rsi),%xmm2
+	movdqu	32(%rsi),%xmm7
+.byte	102,65,15,56,0,194
+
+	subq	$0x10,%rcx
+	jz	.Lodd_tail
+
+	movdqu	16(%rsi),%xmm6
+	movl	GNUTLS_x86_cpuid_s+4(%rip),%eax
+	cmpq	$0x30,%rcx
+	jb	.Lskip4x
+
+	andl	$71303168,%eax
+	cmpl	$4194304,%eax
+	je	.Lskip4x
+
+	subq	$0x30,%rcx
+	movq	$0xA040608020C0E000,%rax
+	movdqu	48(%rsi),%xmm14
+	movdqu	64(%rsi),%xmm15
+
+
+
+
+	movdqu	48(%rdx),%xmm3
+	movdqu	32(%rdx),%xmm11
+.byte	102,65,15,56,0,218
+.byte	102,69,15,56,0,218
+	movdqa	%xmm3,%xmm5
+	pshufd	$78,%xmm3,%xmm4
+	pxor	%xmm3,%xmm4
+.byte	102,15,58,68,218,0
+.byte	102,15,58,68,234,17
+.byte	102,15,58,68,231,0
+
+	movdqa	%xmm11,%xmm13
+	pshufd	$78,%xmm11,%xmm12
+	pxor	%xmm11,%xmm12
+.byte	102,68,15,58,68,222,0
+.byte	102,68,15,58,68,238,17
+.byte	102,68,15,58,68,231,16
+	xorps	%xmm11,%xmm3
+	xorps	%xmm13,%xmm5
+	movups	80(%rsi),%xmm7
+	xorps	%xmm12,%xmm4
+
+	movdqu	16(%rdx),%xmm11
+	movdqu	0(%rdx),%xmm8
+.byte	102,69,15,56,0,218
+.byte	102,69,15,56,0,194
+	movdqa	%xmm11,%xmm13
+	pshufd	$78,%xmm11,%xmm12
+	pxor	%xmm8,%xmm0
+	pxor	%xmm11,%xmm12
+.byte	102,69,15,58,68,222,0
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm8
+	pxor	%xmm0,%xmm8
+.byte	102,69,15,58,68,238,17
+.byte	102,68,15,58,68,231,0
+	xorps	%xmm11,%xmm3
+	xorps	%xmm13,%xmm5
+
+	leaq	64(%rdx),%rdx
+	subq	$0x40,%rcx
+	jc	.Ltail4x
+
+	jmp	.Lmod4_loop
+.align	32
+.Lmod4_loop:
+.byte	102,65,15,58,68,199,0
+	xorps	%xmm12,%xmm4
+	movdqu	48(%rdx),%xmm11
+.byte	102,69,15,56,0,218
+.byte	102,65,15,58,68,207,17
+	xorps	%xmm3,%xmm0
+	movdqu	32(%rdx),%xmm3
+	movdqa	%xmm11,%xmm13
+.byte	102,68,15,58,68,199,16
+	pshufd	$78,%xmm11,%xmm12
+	xorps	%xmm5,%xmm1
+	pxor	%xmm11,%xmm12
+.byte	102,65,15,56,0,218
+	movups	32(%rsi),%xmm7
+	xorps	%xmm4,%xmm8
+.byte	102,68,15,58,68,218,0
+	pshufd	$78,%xmm3,%xmm4
+
+	pxor	%xmm0,%xmm8
+	movdqa	%xmm3,%xmm5
+	pxor	%xmm1,%xmm8
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm8,%xmm9
+.byte	102,68,15,58,68,234,17
+	pslldq	$8,%xmm8
+	psrldq	$8,%xmm9
+	pxor	%xmm8,%xmm0
+	movdqa	.L7_mask(%rip),%xmm8
+	pxor	%xmm9,%xmm1
+.byte	102,76,15,110,200
+
+	pand	%xmm0,%xmm8
+.byte	102,69,15,56,0,200
+	pxor	%xmm0,%xmm9
+.byte	102,68,15,58,68,231,0
+	psllq	$57,%xmm9
+	movdqa	%xmm9,%xmm8
+	pslldq	$8,%xmm9
+.byte	102,15,58,68,222,0
+	psrldq	$8,%xmm8
+	pxor	%xmm9,%xmm0
+	pxor	%xmm8,%xmm1
+	movdqu	0(%rdx),%xmm8
+
+	movdqa	%xmm0,%xmm9
+	psrlq	$1,%xmm0
+.byte	102,15,58,68,238,17
+	xorps	%xmm11,%xmm3
+	movdqu	16(%rdx),%xmm11
+.byte	102,69,15,56,0,218
+.byte	102,15,58,68,231,16
+	xorps	%xmm13,%xmm5
+	movups	80(%rsi),%xmm7
+.byte	102,69,15,56,0,194
+	pxor	%xmm9,%xmm1
+	pxor	%xmm0,%xmm9
+	psrlq	$5,%xmm0
+
+	movdqa	%xmm11,%xmm13
+	pxor	%xmm12,%xmm4
+	pshufd	$78,%xmm11,%xmm12
+	pxor	%xmm9,%xmm0
+	pxor	%xmm8,%xmm1
+	pxor	%xmm11,%xmm12
+.byte	102,69,15,58,68,222,0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	movdqa	%xmm0,%xmm1
+.byte	102,69,15,58,68,238,17
+	xorps	%xmm11,%xmm3
+	pshufd	$78,%xmm0,%xmm8
+	pxor	%xmm0,%xmm8
+
+.byte	102,68,15,58,68,231,0
+	xorps	%xmm13,%xmm5
+
+	leaq	64(%rdx),%rdx
+	subq	$0x40,%rcx
+	jnc	.Lmod4_loop
+
+.Ltail4x:
+.byte	102,65,15,58,68,199,0
+.byte	102,65,15,58,68,207,17
+.byte	102,68,15,58,68,199,16
+	xorps	%xmm12,%xmm4
+	xorps	%xmm3,%xmm0
+	xorps	%xmm5,%xmm1
+	pxor	%xmm0,%xmm1
+	pxor	%xmm4,%xmm8
+
+	pxor	%xmm1,%xmm8
+	pxor	%xmm0,%xmm1
+
+	movdqa	%xmm8,%xmm9
+	psrldq	$8,%xmm8
+	pslldq	$8,%xmm9
+	pxor	%xmm8,%xmm1
+	pxor	%xmm9,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	addq	$0x40,%rcx
+	jz	.Ldone
+	movdqu	32(%rsi),%xmm7
+	subq	$0x10,%rcx
+	jz	.Lodd_tail
+.Lskip4x:
+
+
+
+
+
+	movdqu	(%rdx),%xmm8
+	movdqu	16(%rdx),%xmm3
+.byte	102,69,15,56,0,194
+.byte	102,65,15,56,0,218
+	pxor	%xmm8,%xmm0
+
+	movdqa	%xmm3,%xmm5
+	pshufd	$78,%xmm3,%xmm4
+	pxor	%xmm3,%xmm4
+.byte	102,15,58,68,218,0
+.byte	102,15,58,68,234,17
+.byte	102,15,58,68,231,0
+
+	leaq	32(%rdx),%rdx
+	nop
+	subq	$0x20,%rcx
+	jbe	.Leven_tail
+	nop
+	jmp	.Lmod_loop
+
+.align	32
+.Lmod_loop:
+	movdqa	%xmm0,%xmm1
+	movdqa	%xmm4,%xmm8
+	pshufd	$78,%xmm0,%xmm4
+	pxor	%xmm0,%xmm4
+
+.byte	102,15,58,68,198,0
+.byte	102,15,58,68,206,17
+.byte	102,15,58,68,231,16
+
+	pxor	%xmm3,%xmm0
+	pxor	%xmm5,%xmm1
+	movdqu	(%rdx),%xmm9
+	pxor	%xmm0,%xmm8
+.byte	102,69,15,56,0,202
+	movdqu	16(%rdx),%xmm3
+
+	pxor	%xmm1,%xmm8
+	pxor	%xmm9,%xmm1
+	pxor	%xmm8,%xmm4
+.byte	102,65,15,56,0,218
+	movdqa	%xmm4,%xmm8
+	psrldq	$8,%xmm8
+	pslldq	$8,%xmm4
+	pxor	%xmm8,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm3,%xmm5
+
+	movdqa	%xmm0,%xmm9
+	movdqa	%xmm0,%xmm8
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm8
+.byte	102,15,58,68,218,0
+	psllq	$1,%xmm0
+	pxor	%xmm8,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm8
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm8
+	pxor	%xmm9,%xmm0
+	pshufd	$78,%xmm5,%xmm4
+	pxor	%xmm8,%xmm1
+	pxor	%xmm5,%xmm4
+
+	movdqa	%xmm0,%xmm9
+	psrlq	$1,%xmm0
+.byte	102,15,58,68,234,17
+	pxor	%xmm9,%xmm1
+	pxor	%xmm0,%xmm9
+	psrlq	$5,%xmm0
+	pxor	%xmm9,%xmm0
+	leaq	32(%rdx),%rdx
+	psrlq	$1,%xmm0
+.byte	102,15,58,68,231,0
+	pxor	%xmm1,%xmm0
+
+	subq	$0x20,%rcx
+	ja	.Lmod_loop
+
+.Leven_tail:
+	movdqa	%xmm0,%xmm1
+	movdqa	%xmm4,%xmm8
+	pshufd	$78,%xmm0,%xmm4
+	pxor	%xmm0,%xmm4
+
+.byte	102,15,58,68,198,0
+.byte	102,15,58,68,206,17
+.byte	102,15,58,68,231,16
+
+	pxor	%xmm3,%xmm0
+	pxor	%xmm5,%xmm1
+	pxor	%xmm0,%xmm8
+	pxor	%xmm1,%xmm8
+	pxor	%xmm8,%xmm4
+	movdqa	%xmm4,%xmm8
+	psrldq	$8,%xmm8
+	pslldq	$8,%xmm4
+	pxor	%xmm8,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	testq	%rcx,%rcx
+	jnz	.Ldone
+
+.Lodd_tail:
+	movdqu	(%rdx),%xmm8
+.byte	102,69,15,56,0,194
+	pxor	%xmm8,%xmm0
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,223,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+.Ldone:
+.byte	102,65,15,56,0,194
+	movdqu	%xmm0,(%rdi)
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	gcm_ghash_clmul,.-gcm_ghash_clmul
+.globl	gcm_init_avx
+.type	gcm_init_avx,@function
+.align	32
+gcm_init_avx:
+.cfi_startproc	
+	vzeroupper
+
+	vmovdqu	(%rsi),%xmm2
+	vpshufd	$78,%xmm2,%xmm2
+
+
+	vpshufd	$255,%xmm2,%xmm4
+	vpsrlq	$63,%xmm2,%xmm3
+	vpsllq	$1,%xmm2,%xmm2
+	vpxor	%xmm5,%xmm5,%xmm5
+	vpcmpgtd	%xmm4,%xmm5,%xmm5
+	vpslldq	$8,%xmm3,%xmm3
+	vpor	%xmm3,%xmm2,%xmm2
+
+
+	vpand	.L0x1c2_polynomial(%rip),%xmm5,%xmm5
+	vpxor	%xmm5,%xmm2,%xmm2
+
+	vpunpckhqdq	%xmm2,%xmm2,%xmm6
+	vmovdqa	%xmm2,%xmm0
+	vpxor	%xmm2,%xmm6,%xmm6
+	movq	$4,%r10
+	jmp	.Linit_start_avx
+.align	32
+.Linit_loop_avx:
+	vpalignr	$8,%xmm3,%xmm4,%xmm5
+	vmovdqu	%xmm5,-16(%rdi)
+	vpunpckhqdq	%xmm0,%xmm0,%xmm3
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm2,%xmm0,%xmm1
+	vpclmulqdq	$0x00,%xmm2,%xmm0,%xmm0
+	vpclmulqdq	$0x00,%xmm6,%xmm3,%xmm3
+	vpxor	%xmm0,%xmm1,%xmm4
+	vpxor	%xmm4,%xmm3,%xmm3
+
+	vpslldq	$8,%xmm3,%xmm4
+	vpsrldq	$8,%xmm3,%xmm3
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpxor	%xmm3,%xmm1,%xmm1
+	vpsllq	$57,%xmm0,%xmm3
+	vpsllq	$62,%xmm0,%xmm4
+	vpxor	%xmm3,%xmm4,%xmm4
+	vpsllq	$63,%xmm0,%xmm3
+	vpxor	%xmm3,%xmm4,%xmm4
+	vpslldq	$8,%xmm4,%xmm3
+	vpsrldq	$8,%xmm4,%xmm4
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpxor	%xmm4,%xmm1,%xmm1
+
+	vpsrlq	$1,%xmm0,%xmm4
+	vpxor	%xmm0,%xmm1,%xmm1
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpsrlq	$5,%xmm4,%xmm4
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpsrlq	$1,%xmm0,%xmm0
+	vpxor	%xmm1,%xmm0,%xmm0
+.Linit_start_avx:
+	vmovdqa	%xmm0,%xmm5
+	vpunpckhqdq	%xmm0,%xmm0,%xmm3
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm2,%xmm0,%xmm1
+	vpclmulqdq	$0x00,%xmm2,%xmm0,%xmm0
+	vpclmulqdq	$0x00,%xmm6,%xmm3,%xmm3
+	vpxor	%xmm0,%xmm1,%xmm4
+	vpxor	%xmm4,%xmm3,%xmm3
+
+	vpslldq	$8,%xmm3,%xmm4
+	vpsrldq	$8,%xmm3,%xmm3
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpxor	%xmm3,%xmm1,%xmm1
+	vpsllq	$57,%xmm0,%xmm3
+	vpsllq	$62,%xmm0,%xmm4
+	vpxor	%xmm3,%xmm4,%xmm4
+	vpsllq	$63,%xmm0,%xmm3
+	vpxor	%xmm3,%xmm4,%xmm4
+	vpslldq	$8,%xmm4,%xmm3
+	vpsrldq	$8,%xmm4,%xmm4
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpxor	%xmm4,%xmm1,%xmm1
+
+	vpsrlq	$1,%xmm0,%xmm4
+	vpxor	%xmm0,%xmm1,%xmm1
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpsrlq	$5,%xmm4,%xmm4
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpsrlq	$1,%xmm0,%xmm0
+	vpxor	%xmm1,%xmm0,%xmm0
+	vpshufd	$78,%xmm5,%xmm3
+	vpshufd	$78,%xmm0,%xmm4
+	vpxor	%xmm5,%xmm3,%xmm3
+	vmovdqu	%xmm5,0(%rdi)
+	vpxor	%xmm0,%xmm4,%xmm4
+	vmovdqu	%xmm0,16(%rdi)
+	leaq	48(%rdi),%rdi
+	subq	$1,%r10
+	jnz	.Linit_loop_avx
+
+	vpalignr	$8,%xmm4,%xmm3,%xmm5
+	vmovdqu	%xmm5,-16(%rdi)
+
+	vzeroupper
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	gcm_init_avx,.-gcm_init_avx
+.globl	gcm_gmult_avx
+.type	gcm_gmult_avx,@function
+.align	32
+gcm_gmult_avx:
+.cfi_startproc	
+	jmp	.L_gmult_clmul
+.cfi_endproc	
+.size	gcm_gmult_avx,.-gcm_gmult_avx
+.globl	gcm_ghash_avx
+.type	gcm_ghash_avx,@function
+.align	32
+gcm_ghash_avx:
+.cfi_startproc	
+	vzeroupper
+
+	vmovdqu	(%rdi),%xmm10
+	leaq	.L0x1c2_polynomial(%rip),%r10
+	leaq	64(%rsi),%rsi
+	vmovdqu	.Lbswap_mask(%rip),%xmm13
+	vpshufb	%xmm13,%xmm10,%xmm10
+	cmpq	$0x80,%rcx
+	jb	.Lshort_avx
+	subq	$0x80,%rcx
+
+	vmovdqu	112(%rdx),%xmm14
+	vmovdqu	0-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vmovdqu	32-64(%rsi),%xmm7
+
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vmovdqu	96(%rdx),%xmm15
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm14,%xmm9,%xmm9
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	16-64(%rsi),%xmm6
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vmovdqu	80(%rdx),%xmm14
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm15,%xmm8,%xmm8
+
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	48-64(%rsi),%xmm6
+	vpxor	%xmm14,%xmm9,%xmm9
+	vmovdqu	64(%rdx),%xmm15
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	80-64(%rsi),%xmm7
+
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	64-64(%rsi),%xmm6
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm15,%xmm8,%xmm8
+
+	vmovdqu	48(%rdx),%xmm14
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpxor	%xmm4,%xmm1,%xmm1
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	96-64(%rsi),%xmm6
+	vpxor	%xmm5,%xmm2,%xmm2
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	128-64(%rsi),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+
+	vmovdqu	32(%rdx),%xmm15
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	112-64(%rsi),%xmm6
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm15,%xmm8,%xmm8
+
+	vmovdqu	16(%rdx),%xmm14
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpxor	%xmm4,%xmm1,%xmm1
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	144-64(%rsi),%xmm6
+	vpxor	%xmm5,%xmm2,%xmm2
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	176-64(%rsi),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+
+	vmovdqu	(%rdx),%xmm15
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	160-64(%rsi),%xmm6
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x10,%xmm7,%xmm9,%xmm2
+
+	leaq	128(%rdx),%rdx
+	cmpq	$0x80,%rcx
+	jb	.Ltail_avx
+
+	vpxor	%xmm10,%xmm15,%xmm15
+	subq	$0x80,%rcx
+	jmp	.Loop8x_avx
+
+.align	32
+.Loop8x_avx:
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vmovdqu	112(%rdx),%xmm14
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpxor	%xmm15,%xmm8,%xmm8
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm10
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm11
+	vmovdqu	0-64(%rsi),%xmm6
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm12
+	vmovdqu	32-64(%rsi),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+
+	vmovdqu	96(%rdx),%xmm15
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm3,%xmm10,%xmm10
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vxorps	%xmm4,%xmm11,%xmm11
+	vmovdqu	16-64(%rsi),%xmm6
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm5,%xmm12,%xmm12
+	vxorps	%xmm15,%xmm8,%xmm8
+
+	vmovdqu	80(%rdx),%xmm14
+	vpxor	%xmm10,%xmm12,%xmm12
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpxor	%xmm11,%xmm12,%xmm12
+	vpslldq	$8,%xmm12,%xmm9
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vpsrldq	$8,%xmm12,%xmm12
+	vpxor	%xmm9,%xmm10,%xmm10
+	vmovdqu	48-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vxorps	%xmm12,%xmm11,%xmm11
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	80-64(%rsi),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vmovdqu	64(%rdx),%xmm15
+	vpalignr	$8,%xmm10,%xmm10,%xmm12
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	64-64(%rsi),%xmm6
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm4,%xmm1,%xmm1
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vxorps	%xmm15,%xmm8,%xmm8
+	vpxor	%xmm5,%xmm2,%xmm2
+
+	vmovdqu	48(%rdx),%xmm14
+	vpclmulqdq	$0x10,(%r10),%xmm10,%xmm10
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	96-64(%rsi),%xmm6
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	128-64(%rsi),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vmovdqu	32(%rdx),%xmm15
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	112-64(%rsi),%xmm6
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm4,%xmm1,%xmm1
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm15,%xmm8,%xmm8
+	vpxor	%xmm5,%xmm2,%xmm2
+	vxorps	%xmm12,%xmm10,%xmm10
+
+	vmovdqu	16(%rdx),%xmm14
+	vpalignr	$8,%xmm10,%xmm10,%xmm12
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	144-64(%rsi),%xmm6
+	vpclmulqdq	$0x10,(%r10),%xmm10,%xmm10
+	vxorps	%xmm11,%xmm12,%xmm12
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	176-64(%rsi),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vmovdqu	(%rdx),%xmm15
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	160-64(%rsi),%xmm6
+	vpxor	%xmm12,%xmm15,%xmm15
+	vpclmulqdq	$0x10,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm10,%xmm15,%xmm15
+
+	leaq	128(%rdx),%rdx
+	subq	$0x80,%rcx
+	jnc	.Loop8x_avx
+
+	addq	$0x80,%rcx
+	jmp	.Ltail_no_xor_avx
+
+.align	32
+.Lshort_avx:
+	vmovdqu	-16(%rdx,%rcx,1),%xmm14
+	leaq	(%rdx,%rcx,1),%rdx
+	vmovdqu	0-64(%rsi),%xmm6
+	vmovdqu	32-64(%rsi),%xmm7
+	vpshufb	%xmm13,%xmm14,%xmm15
+
+	vmovdqa	%xmm0,%xmm3
+	vmovdqa	%xmm1,%xmm4
+	vmovdqa	%xmm2,%xmm5
+	subq	$0x10,%rcx
+	jz	.Ltail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-32(%rdx),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	16-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vpsrldq	$8,%xmm7,%xmm7
+	subq	$0x10,%rcx
+	jz	.Ltail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-48(%rdx),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	48-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vmovdqu	80-64(%rsi),%xmm7
+	subq	$0x10,%rcx
+	jz	.Ltail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-64(%rdx),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	64-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vpsrldq	$8,%xmm7,%xmm7
+	subq	$0x10,%rcx
+	jz	.Ltail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-80(%rdx),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	96-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vmovdqu	128-64(%rsi),%xmm7
+	subq	$0x10,%rcx
+	jz	.Ltail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-96(%rdx),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	112-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vpsrldq	$8,%xmm7,%xmm7
+	subq	$0x10,%rcx
+	jz	.Ltail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-112(%rdx),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	144-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vmovq	184-64(%rsi),%xmm7
+	subq	$0x10,%rcx
+	jmp	.Ltail_avx
+
+.align	32
+.Ltail_avx:
+	vpxor	%xmm10,%xmm15,%xmm15
+.Ltail_no_xor_avx:
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+
+	vmovdqu	(%r10),%xmm12
+
+	vpxor	%xmm0,%xmm3,%xmm10
+	vpxor	%xmm1,%xmm4,%xmm11
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vpxor	%xmm10,%xmm5,%xmm5
+	vpxor	%xmm11,%xmm5,%xmm5
+	vpslldq	$8,%xmm5,%xmm9
+	vpsrldq	$8,%xmm5,%xmm5
+	vpxor	%xmm9,%xmm10,%xmm10
+	vpxor	%xmm5,%xmm11,%xmm11
+
+	vpclmulqdq	$0x10,%xmm12,%xmm10,%xmm9
+	vpalignr	$8,%xmm10,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm10,%xmm10
+
+	vpclmulqdq	$0x10,%xmm12,%xmm10,%xmm9
+	vpalignr	$8,%xmm10,%xmm10,%xmm10
+	vpxor	%xmm11,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm10,%xmm10
+
+	cmpq	$0,%rcx
+	jne	.Lshort_avx
+
+	vpshufb	%xmm13,%xmm10,%xmm10
+	vmovdqu	%xmm10,(%rdi)
+	vzeroupper
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	gcm_ghash_avx,.-gcm_ghash_avx
+.align	64
+.Lbswap_mask:
+.byte	15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+.L0x1c2_polynomial:
+.byte	1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xc2
+.L7_mask:
+.long	7,0,7,0
+.L7_mask_poly:
+.long	7,0,450,0
+.align	64
+.type	.Lrem_4bit,@object
+.Lrem_4bit:
+.long	0,0,0,471859200,0,943718400,0,610271232
+.long	0,1887436800,0,1822425088,0,1220542464,0,1423966208
+.long	0,3774873600,0,4246732800,0,3644850176,0,3311403008
+.long	0,2441084928,0,2376073216,0,2847932416,0,3051356160
+.type	.Lrem_8bit,@object
+.Lrem_8bit:
+.value	0x0000,0x01C2,0x0384,0x0246,0x0708,0x06CA,0x048C,0x054E
+.value	0x0E10,0x0FD2,0x0D94,0x0C56,0x0918,0x08DA,0x0A9C,0x0B5E
+.value	0x1C20,0x1DE2,0x1FA4,0x1E66,0x1B28,0x1AEA,0x18AC,0x196E
+.value	0x1230,0x13F2,0x11B4,0x1076,0x1538,0x14FA,0x16BC,0x177E
+.value	0x3840,0x3982,0x3BC4,0x3A06,0x3F48,0x3E8A,0x3CCC,0x3D0E
+.value	0x3650,0x3792,0x35D4,0x3416,0x3158,0x309A,0x32DC,0x331E
+.value	0x2460,0x25A2,0x27E4,0x2626,0x2368,0x22AA,0x20EC,0x212E
+.value	0x2A70,0x2BB2,0x29F4,0x2836,0x2D78,0x2CBA,0x2EFC,0x2F3E
+.value	0x7080,0x7142,0x7304,0x72C6,0x7788,0x764A,0x740C,0x75CE
+.value	0x7E90,0x7F52,0x7D14,0x7CD6,0x7998,0x785A,0x7A1C,0x7BDE
+.value	0x6CA0,0x6D62,0x6F24,0x6EE6,0x6BA8,0x6A6A,0x682C,0x69EE
+.value	0x62B0,0x6372,0x6134,0x60F6,0x65B8,0x647A,0x663C,0x67FE
+.value	0x48C0,0x4902,0x4B44,0x4A86,0x4FC8,0x4E0A,0x4C4C,0x4D8E
+.value	0x46D0,0x4712,0x4554,0x4496,0x41D8,0x401A,0x425C,0x439E
+.value	0x54E0,0x5522,0x5764,0x56A6,0x53E8,0x522A,0x506C,0x51AE
+.value	0x5AF0,0x5B32,0x5974,0x58B6,0x5DF8,0x5C3A,0x5E7C,0x5FBE
+.value	0xE100,0xE0C2,0xE284,0xE346,0xE608,0xE7CA,0xE58C,0xE44E
+.value	0xEF10,0xEED2,0xEC94,0xED56,0xE818,0xE9DA,0xEB9C,0xEA5E
+.value	0xFD20,0xFCE2,0xFEA4,0xFF66,0xFA28,0xFBEA,0xF9AC,0xF86E
+.value	0xF330,0xF2F2,0xF0B4,0xF176,0xF438,0xF5FA,0xF7BC,0xF67E
+.value	0xD940,0xD882,0xDAC4,0xDB06,0xDE48,0xDF8A,0xDDCC,0xDC0E
+.value	0xD750,0xD692,0xD4D4,0xD516,0xD058,0xD19A,0xD3DC,0xD21E
+.value	0xC560,0xC4A2,0xC6E4,0xC726,0xC268,0xC3AA,0xC1EC,0xC02E
+.value	0xCB70,0xCAB2,0xC8F4,0xC936,0xCC78,0xCDBA,0xCFFC,0xCE3E
+.value	0x9180,0x9042,0x9204,0x93C6,0x9688,0x974A,0x950C,0x94CE
+.value	0x9F90,0x9E52,0x9C14,0x9DD6,0x9898,0x995A,0x9B1C,0x9ADE
+.value	0x8DA0,0x8C62,0x8E24,0x8FE6,0x8AA8,0x8B6A,0x892C,0x88EE
+.value	0x83B0,0x8272,0x8034,0x81F6,0x84B8,0x857A,0x873C,0x86FE
+.value	0xA9C0,0xA802,0xAA44,0xAB86,0xAEC8,0xAF0A,0xAD4C,0xAC8E
+.value	0xA7D0,0xA612,0xA454,0xA596,0xA0D8,0xA11A,0xA35C,0xA29E
+.value	0xB5E0,0xB422,0xB664,0xB7A6,0xB2E8,0xB32A,0xB16C,0xB0AE
+.value	0xBBF0,0xBA32,0xB874,0xB9B6,0xBCF8,0xBD3A,0xBF7C,0xBEBE
+
+.byte	71,72,65,83,72,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.align	64
+
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/x86/elf/sha1-ssse3-x86.s b/lib/accelerated/x86/elf/sha1-ssse3-x86.s
new file mode 100644
index 0000000..8bfbcb6
--- /dev/null
+++ b/lib/accelerated/x86/elf/sha1-ssse3-x86.s
@@ -0,0 +1,1420 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text
+.globl	sha1_block_data_order
+.type	sha1_block_data_order,@function
+.align	16
+sha1_block_data_order:
+.L_sha1_block_data_order_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%ebp
+	movl	24(%esp),%esi
+	movl	28(%esp),%eax
+	subl	$76,%esp
+	shll	$6,%eax
+	addl	%esi,%eax
+	movl	%eax,104(%esp)
+	movl	16(%ebp),%edi
+	jmp	.L000loop
+.align	16
+.L000loop:
+	movl	(%esi),%eax
+	movl	4(%esi),%ebx
+	movl	8(%esi),%ecx
+	movl	12(%esi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	movl	%ecx,8(%esp)
+	movl	%edx,12(%esp)
+	movl	16(%esi),%eax
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	movl	%eax,16(%esp)
+	movl	%ebx,20(%esp)
+	movl	%ecx,24(%esp)
+	movl	%edx,28(%esp)
+	movl	32(%esi),%eax
+	movl	36(%esi),%ebx
+	movl	40(%esi),%ecx
+	movl	44(%esi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	movl	%eax,32(%esp)
+	movl	%ebx,36(%esp)
+	movl	%ecx,40(%esp)
+	movl	%edx,44(%esp)
+	movl	48(%esi),%eax
+	movl	52(%esi),%ebx
+	movl	56(%esi),%ecx
+	movl	60(%esi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	movl	%eax,48(%esp)
+	movl	%ebx,52(%esp)
+	movl	%ecx,56(%esp)
+	movl	%edx,60(%esp)
+	movl	%esi,100(%esp)
+	movl	(%ebp),%eax
+	movl	4(%ebp),%ebx
+	movl	8(%ebp),%ecx
+	movl	12(%ebp),%edx
+
+	movl	%ecx,%esi
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	xorl	%edx,%esi
+	addl	%edi,%ebp
+	movl	(%esp),%edi
+	andl	%ebx,%esi
+	rorl	$2,%ebx
+	xorl	%edx,%esi
+	leal	1518500249(%ebp,%edi,1),%ebp
+	addl	%esi,%ebp
+
+	movl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	xorl	%ecx,%edi
+	addl	%edx,%ebp
+	movl	4(%esp),%edx
+	andl	%eax,%edi
+	rorl	$2,%eax
+	xorl	%ecx,%edi
+	leal	1518500249(%ebp,%edx,1),%ebp
+	addl	%edi,%ebp
+
+	movl	%eax,%edx
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	xorl	%ebx,%edx
+	addl	%ecx,%ebp
+	movl	8(%esp),%ecx
+	andl	%esi,%edx
+	rorl	$2,%esi
+	xorl	%ebx,%edx
+	leal	1518500249(%ebp,%ecx,1),%ebp
+	addl	%edx,%ebp
+
+	movl	%esi,%ecx
+	movl	%ebp,%edx
+	roll	$5,%ebp
+	xorl	%eax,%ecx
+	addl	%ebx,%ebp
+	movl	12(%esp),%ebx
+	andl	%edi,%ecx
+	rorl	$2,%edi
+	xorl	%eax,%ecx
+	leal	1518500249(%ebp,%ebx,1),%ebp
+	addl	%ecx,%ebp
+
+	movl	%edi,%ebx
+	movl	%ebp,%ecx
+	roll	$5,%ebp
+	xorl	%esi,%ebx
+	addl	%eax,%ebp
+	movl	16(%esp),%eax
+	andl	%edx,%ebx
+	rorl	$2,%edx
+	xorl	%esi,%ebx
+	leal	1518500249(%ebp,%eax,1),%ebp
+	addl	%ebx,%ebp
+
+	movl	%edx,%eax
+	movl	%ebp,%ebx
+	roll	$5,%ebp
+	xorl	%edi,%eax
+	addl	%esi,%ebp
+	movl	20(%esp),%esi
+	andl	%ecx,%eax
+	rorl	$2,%ecx
+	xorl	%edi,%eax
+	leal	1518500249(%ebp,%esi,1),%ebp
+	addl	%eax,%ebp
+
+	movl	%ecx,%esi
+	movl	%ebp,%eax
+	roll	$5,%ebp
+	xorl	%edx,%esi
+	addl	%edi,%ebp
+	movl	24(%esp),%edi
+	andl	%ebx,%esi
+	rorl	$2,%ebx
+	xorl	%edx,%esi
+	leal	1518500249(%ebp,%edi,1),%ebp
+	addl	%esi,%ebp
+
+	movl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	xorl	%ecx,%edi
+	addl	%edx,%ebp
+	movl	28(%esp),%edx
+	andl	%eax,%edi
+	rorl	$2,%eax
+	xorl	%ecx,%edi
+	leal	1518500249(%ebp,%edx,1),%ebp
+	addl	%edi,%ebp
+
+	movl	%eax,%edx
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	xorl	%ebx,%edx
+	addl	%ecx,%ebp
+	movl	32(%esp),%ecx
+	andl	%esi,%edx
+	rorl	$2,%esi
+	xorl	%ebx,%edx
+	leal	1518500249(%ebp,%ecx,1),%ebp
+	addl	%edx,%ebp
+
+	movl	%esi,%ecx
+	movl	%ebp,%edx
+	roll	$5,%ebp
+	xorl	%eax,%ecx
+	addl	%ebx,%ebp
+	movl	36(%esp),%ebx
+	andl	%edi,%ecx
+	rorl	$2,%edi
+	xorl	%eax,%ecx
+	leal	1518500249(%ebp,%ebx,1),%ebp
+	addl	%ecx,%ebp
+
+	movl	%edi,%ebx
+	movl	%ebp,%ecx
+	roll	$5,%ebp
+	xorl	%esi,%ebx
+	addl	%eax,%ebp
+	movl	40(%esp),%eax
+	andl	%edx,%ebx
+	rorl	$2,%edx
+	xorl	%esi,%ebx
+	leal	1518500249(%ebp,%eax,1),%ebp
+	addl	%ebx,%ebp
+
+	movl	%edx,%eax
+	movl	%ebp,%ebx
+	roll	$5,%ebp
+	xorl	%edi,%eax
+	addl	%esi,%ebp
+	movl	44(%esp),%esi
+	andl	%ecx,%eax
+	rorl	$2,%ecx
+	xorl	%edi,%eax
+	leal	1518500249(%ebp,%esi,1),%ebp
+	addl	%eax,%ebp
+
+	movl	%ecx,%esi
+	movl	%ebp,%eax
+	roll	$5,%ebp
+	xorl	%edx,%esi
+	addl	%edi,%ebp
+	movl	48(%esp),%edi
+	andl	%ebx,%esi
+	rorl	$2,%ebx
+	xorl	%edx,%esi
+	leal	1518500249(%ebp,%edi,1),%ebp
+	addl	%esi,%ebp
+
+	movl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	xorl	%ecx,%edi
+	addl	%edx,%ebp
+	movl	52(%esp),%edx
+	andl	%eax,%edi
+	rorl	$2,%eax
+	xorl	%ecx,%edi
+	leal	1518500249(%ebp,%edx,1),%ebp
+	addl	%edi,%ebp
+
+	movl	%eax,%edx
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	xorl	%ebx,%edx
+	addl	%ecx,%ebp
+	movl	56(%esp),%ecx
+	andl	%esi,%edx
+	rorl	$2,%esi
+	xorl	%ebx,%edx
+	leal	1518500249(%ebp,%ecx,1),%ebp
+	addl	%edx,%ebp
+
+	movl	%esi,%ecx
+	movl	%ebp,%edx
+	roll	$5,%ebp
+	xorl	%eax,%ecx
+	addl	%ebx,%ebp
+	movl	60(%esp),%ebx
+	andl	%edi,%ecx
+	rorl	$2,%edi
+	xorl	%eax,%ecx
+	leal	1518500249(%ebp,%ebx,1),%ebp
+	movl	(%esp),%ebx
+	addl	%ebp,%ecx
+
+	movl	%edi,%ebp
+	xorl	8(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	32(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	52(%esp),%ebx
+	roll	$1,%ebx
+	xorl	%esi,%ebp
+	addl	%ebp,%eax
+	movl	%ecx,%ebp
+	rorl	$2,%edx
+	movl	%ebx,(%esp)
+	roll	$5,%ebp
+	leal	1518500249(%ebx,%eax,1),%ebx
+	movl	4(%esp),%eax
+	addl	%ebp,%ebx
+
+	movl	%edx,%ebp
+	xorl	12(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	36(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	56(%esp),%eax
+	roll	$1,%eax
+	xorl	%edi,%ebp
+	addl	%ebp,%esi
+	movl	%ebx,%ebp
+	rorl	$2,%ecx
+	movl	%eax,4(%esp)
+	roll	$5,%ebp
+	leal	1518500249(%eax,%esi,1),%eax
+	movl	8(%esp),%esi
+	addl	%ebp,%eax
+
+	movl	%ecx,%ebp
+	xorl	16(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	40(%esp),%esi
+	andl	%ebx,%ebp
+	xorl	60(%esp),%esi
+	roll	$1,%esi
+	xorl	%edx,%ebp
+	addl	%ebp,%edi
+	movl	%eax,%ebp
+	rorl	$2,%ebx
+	movl	%esi,8(%esp)
+	roll	$5,%ebp
+	leal	1518500249(%esi,%edi,1),%esi
+	movl	12(%esp),%edi
+	addl	%ebp,%esi
+
+	movl	%ebx,%ebp
+	xorl	20(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	44(%esp),%edi
+	andl	%eax,%ebp
+	xorl	(%esp),%edi
+	roll	$1,%edi
+	xorl	%ecx,%ebp
+	addl	%ebp,%edx
+	movl	%esi,%ebp
+	rorl	$2,%eax
+	movl	%edi,12(%esp)
+	roll	$5,%ebp
+	leal	1518500249(%edi,%edx,1),%edi
+	movl	16(%esp),%edx
+	addl	%ebp,%edi
+
+	movl	%esi,%ebp
+	xorl	24(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	48(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	4(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,16(%esp)
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	20(%esp),%ecx
+	addl	%ebp,%edx
+
+	movl	%edi,%ebp
+	xorl	28(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	52(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	8(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,20(%esp)
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	24(%esp),%ebx
+	addl	%ebp,%ecx
+
+	movl	%edx,%ebp
+	xorl	32(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	56(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	12(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,24(%esp)
+	leal	1859775393(%ebx,%eax,1),%ebx
+	movl	28(%esp),%eax
+	addl	%ebp,%ebx
+
+	movl	%ecx,%ebp
+	xorl	36(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	60(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	16(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,28(%esp)
+	leal	1859775393(%eax,%esi,1),%eax
+	movl	32(%esp),%esi
+	addl	%ebp,%eax
+
+	movl	%ebx,%ebp
+	xorl	40(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	20(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,32(%esp)
+	leal	1859775393(%esi,%edi,1),%esi
+	movl	36(%esp),%edi
+	addl	%ebp,%esi
+
+	movl	%eax,%ebp
+	xorl	44(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	4(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	24(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,36(%esp)
+	leal	1859775393(%edi,%edx,1),%edi
+	movl	40(%esp),%edx
+	addl	%ebp,%edi
+
+	movl	%esi,%ebp
+	xorl	48(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	8(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	28(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,40(%esp)
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	44(%esp),%ecx
+	addl	%ebp,%edx
+
+	movl	%edi,%ebp
+	xorl	52(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	12(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	32(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,44(%esp)
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	48(%esp),%ebx
+	addl	%ebp,%ecx
+
+	movl	%edx,%ebp
+	xorl	56(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	16(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	36(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,48(%esp)
+	leal	1859775393(%ebx,%eax,1),%ebx
+	movl	52(%esp),%eax
+	addl	%ebp,%ebx
+
+	movl	%ecx,%ebp
+	xorl	60(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	20(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	40(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,52(%esp)
+	leal	1859775393(%eax,%esi,1),%eax
+	movl	56(%esp),%esi
+	addl	%ebp,%eax
+
+	movl	%ebx,%ebp
+	xorl	(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	24(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	44(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,56(%esp)
+	leal	1859775393(%esi,%edi,1),%esi
+	movl	60(%esp),%edi
+	addl	%ebp,%esi
+
+	movl	%eax,%ebp
+	xorl	4(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	28(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	48(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,60(%esp)
+	leal	1859775393(%edi,%edx,1),%edi
+	movl	(%esp),%edx
+	addl	%ebp,%edi
+
+	movl	%esi,%ebp
+	xorl	8(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	32(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	52(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,(%esp)
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	4(%esp),%ecx
+	addl	%ebp,%edx
+
+	movl	%edi,%ebp
+	xorl	12(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	36(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	56(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,4(%esp)
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	8(%esp),%ebx
+	addl	%ebp,%ecx
+
+	movl	%edx,%ebp
+	xorl	16(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	40(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	60(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,8(%esp)
+	leal	1859775393(%ebx,%eax,1),%ebx
+	movl	12(%esp),%eax
+	addl	%ebp,%ebx
+
+	movl	%ecx,%ebp
+	xorl	20(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	44(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,12(%esp)
+	leal	1859775393(%eax,%esi,1),%eax
+	movl	16(%esp),%esi
+	addl	%ebp,%eax
+
+	movl	%ebx,%ebp
+	xorl	24(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	48(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	4(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,16(%esp)
+	leal	1859775393(%esi,%edi,1),%esi
+	movl	20(%esp),%edi
+	addl	%ebp,%esi
+
+	movl	%eax,%ebp
+	xorl	28(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	52(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	8(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,20(%esp)
+	leal	1859775393(%edi,%edx,1),%edi
+	movl	24(%esp),%edx
+	addl	%ebp,%edi
+
+	movl	%esi,%ebp
+	xorl	32(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	56(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	12(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,24(%esp)
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	28(%esp),%ecx
+	addl	%ebp,%edx
+
+	movl	%edi,%ebp
+	xorl	36(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	60(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	16(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,28(%esp)
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	32(%esp),%ebx
+	addl	%ebp,%ecx
+
+	movl	%edi,%ebp
+	xorl	40(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	20(%esp),%ebx
+	roll	$1,%ebx
+	addl	%eax,%ebp
+	rorl	$2,%edx
+	movl	%ecx,%eax
+	roll	$5,%eax
+	movl	%ebx,32(%esp)
+	leal	2400959708(%ebx,%ebp,1),%ebx
+	movl	%edi,%ebp
+	addl	%eax,%ebx
+	andl	%esi,%ebp
+	movl	36(%esp),%eax
+	addl	%ebp,%ebx
+
+	movl	%edx,%ebp
+	xorl	44(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	4(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	24(%esp),%eax
+	roll	$1,%eax
+	addl	%esi,%ebp
+	rorl	$2,%ecx
+	movl	%ebx,%esi
+	roll	$5,%esi
+	movl	%eax,36(%esp)
+	leal	2400959708(%eax,%ebp,1),%eax
+	movl	%edx,%ebp
+	addl	%esi,%eax
+	andl	%edi,%ebp
+	movl	40(%esp),%esi
+	addl	%ebp,%eax
+
+	movl	%ecx,%ebp
+	xorl	48(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	8(%esp),%esi
+	andl	%ebx,%ebp
+	xorl	28(%esp),%esi
+	roll	$1,%esi
+	addl	%edi,%ebp
+	rorl	$2,%ebx
+	movl	%eax,%edi
+	roll	$5,%edi
+	movl	%esi,40(%esp)
+	leal	2400959708(%esi,%ebp,1),%esi
+	movl	%ecx,%ebp
+	addl	%edi,%esi
+	andl	%edx,%ebp
+	movl	44(%esp),%edi
+	addl	%ebp,%esi
+
+	movl	%ebx,%ebp
+	xorl	52(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	12(%esp),%edi
+	andl	%eax,%ebp
+	xorl	32(%esp),%edi
+	roll	$1,%edi
+	addl	%edx,%ebp
+	rorl	$2,%eax
+	movl	%esi,%edx
+	roll	$5,%edx
+	movl	%edi,44(%esp)
+	leal	2400959708(%edi,%ebp,1),%edi
+	movl	%ebx,%ebp
+	addl	%edx,%edi
+	andl	%ecx,%ebp
+	movl	48(%esp),%edx
+	addl	%ebp,%edi
+
+	movl	%eax,%ebp
+	xorl	56(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	16(%esp),%edx
+	andl	%esi,%ebp
+	xorl	36(%esp),%edx
+	roll	$1,%edx
+	addl	%ecx,%ebp
+	rorl	$2,%esi
+	movl	%edi,%ecx
+	roll	$5,%ecx
+	movl	%edx,48(%esp)
+	leal	2400959708(%edx,%ebp,1),%edx
+	movl	%eax,%ebp
+	addl	%ecx,%edx
+	andl	%ebx,%ebp
+	movl	52(%esp),%ecx
+	addl	%ebp,%edx
+
+	movl	%esi,%ebp
+	xorl	60(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	20(%esp),%ecx
+	andl	%edi,%ebp
+	xorl	40(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebx,%ebp
+	rorl	$2,%edi
+	movl	%edx,%ebx
+	roll	$5,%ebx
+	movl	%ecx,52(%esp)
+	leal	2400959708(%ecx,%ebp,1),%ecx
+	movl	%esi,%ebp
+	addl	%ebx,%ecx
+	andl	%eax,%ebp
+	movl	56(%esp),%ebx
+	addl	%ebp,%ecx
+
+	movl	%edi,%ebp
+	xorl	(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	24(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	44(%esp),%ebx
+	roll	$1,%ebx
+	addl	%eax,%ebp
+	rorl	$2,%edx
+	movl	%ecx,%eax
+	roll	$5,%eax
+	movl	%ebx,56(%esp)
+	leal	2400959708(%ebx,%ebp,1),%ebx
+	movl	%edi,%ebp
+	addl	%eax,%ebx
+	andl	%esi,%ebp
+	movl	60(%esp),%eax
+	addl	%ebp,%ebx
+
+	movl	%edx,%ebp
+	xorl	4(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	28(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	48(%esp),%eax
+	roll	$1,%eax
+	addl	%esi,%ebp
+	rorl	$2,%ecx
+	movl	%ebx,%esi
+	roll	$5,%esi
+	movl	%eax,60(%esp)
+	leal	2400959708(%eax,%ebp,1),%eax
+	movl	%edx,%ebp
+	addl	%esi,%eax
+	andl	%edi,%ebp
+	movl	(%esp),%esi
+	addl	%ebp,%eax
+
+	movl	%ecx,%ebp
+	xorl	8(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	32(%esp),%esi
+	andl	%ebx,%ebp
+	xorl	52(%esp),%esi
+	roll	$1,%esi
+	addl	%edi,%ebp
+	rorl	$2,%ebx
+	movl	%eax,%edi
+	roll	$5,%edi
+	movl	%esi,(%esp)
+	leal	2400959708(%esi,%ebp,1),%esi
+	movl	%ecx,%ebp
+	addl	%edi,%esi
+	andl	%edx,%ebp
+	movl	4(%esp),%edi
+	addl	%ebp,%esi
+
+	movl	%ebx,%ebp
+	xorl	12(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	36(%esp),%edi
+	andl	%eax,%ebp
+	xorl	56(%esp),%edi
+	roll	$1,%edi
+	addl	%edx,%ebp
+	rorl	$2,%eax
+	movl	%esi,%edx
+	roll	$5,%edx
+	movl	%edi,4(%esp)
+	leal	2400959708(%edi,%ebp,1),%edi
+	movl	%ebx,%ebp
+	addl	%edx,%edi
+	andl	%ecx,%ebp
+	movl	8(%esp),%edx
+	addl	%ebp,%edi
+
+	movl	%eax,%ebp
+	xorl	16(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	40(%esp),%edx
+	andl	%esi,%ebp
+	xorl	60(%esp),%edx
+	roll	$1,%edx
+	addl	%ecx,%ebp
+	rorl	$2,%esi
+	movl	%edi,%ecx
+	roll	$5,%ecx
+	movl	%edx,8(%esp)
+	leal	2400959708(%edx,%ebp,1),%edx
+	movl	%eax,%ebp
+	addl	%ecx,%edx
+	andl	%ebx,%ebp
+	movl	12(%esp),%ecx
+	addl	%ebp,%edx
+
+	movl	%esi,%ebp
+	xorl	20(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	44(%esp),%ecx
+	andl	%edi,%ebp
+	xorl	(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebx,%ebp
+	rorl	$2,%edi
+	movl	%edx,%ebx
+	roll	$5,%ebx
+	movl	%ecx,12(%esp)
+	leal	2400959708(%ecx,%ebp,1),%ecx
+	movl	%esi,%ebp
+	addl	%ebx,%ecx
+	andl	%eax,%ebp
+	movl	16(%esp),%ebx
+	addl	%ebp,%ecx
+
+	movl	%edi,%ebp
+	xorl	24(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	48(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	4(%esp),%ebx
+	roll	$1,%ebx
+	addl	%eax,%ebp
+	rorl	$2,%edx
+	movl	%ecx,%eax
+	roll	$5,%eax
+	movl	%ebx,16(%esp)
+	leal	2400959708(%ebx,%ebp,1),%ebx
+	movl	%edi,%ebp
+	addl	%eax,%ebx
+	andl	%esi,%ebp
+	movl	20(%esp),%eax
+	addl	%ebp,%ebx
+
+	movl	%edx,%ebp
+	xorl	28(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	52(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	8(%esp),%eax
+	roll	$1,%eax
+	addl	%esi,%ebp
+	rorl	$2,%ecx
+	movl	%ebx,%esi
+	roll	$5,%esi
+	movl	%eax,20(%esp)
+	leal	2400959708(%eax,%ebp,1),%eax
+	movl	%edx,%ebp
+	addl	%esi,%eax
+	andl	%edi,%ebp
+	movl	24(%esp),%esi
+	addl	%ebp,%eax
+
+	movl	%ecx,%ebp
+	xorl	32(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	56(%esp),%esi
+	andl	%ebx,%ebp
+	xorl	12(%esp),%esi
+	roll	$1,%esi
+	addl	%edi,%ebp
+	rorl	$2,%ebx
+	movl	%eax,%edi
+	roll	$5,%edi
+	movl	%esi,24(%esp)
+	leal	2400959708(%esi,%ebp,1),%esi
+	movl	%ecx,%ebp
+	addl	%edi,%esi
+	andl	%edx,%ebp
+	movl	28(%esp),%edi
+	addl	%ebp,%esi
+
+	movl	%ebx,%ebp
+	xorl	36(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	60(%esp),%edi
+	andl	%eax,%ebp
+	xorl	16(%esp),%edi
+	roll	$1,%edi
+	addl	%edx,%ebp
+	rorl	$2,%eax
+	movl	%esi,%edx
+	roll	$5,%edx
+	movl	%edi,28(%esp)
+	leal	2400959708(%edi,%ebp,1),%edi
+	movl	%ebx,%ebp
+	addl	%edx,%edi
+	andl	%ecx,%ebp
+	movl	32(%esp),%edx
+	addl	%ebp,%edi
+
+	movl	%eax,%ebp
+	xorl	40(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	(%esp),%edx
+	andl	%esi,%ebp
+	xorl	20(%esp),%edx
+	roll	$1,%edx
+	addl	%ecx,%ebp
+	rorl	$2,%esi
+	movl	%edi,%ecx
+	roll	$5,%ecx
+	movl	%edx,32(%esp)
+	leal	2400959708(%edx,%ebp,1),%edx
+	movl	%eax,%ebp
+	addl	%ecx,%edx
+	andl	%ebx,%ebp
+	movl	36(%esp),%ecx
+	addl	%ebp,%edx
+
+	movl	%esi,%ebp
+	xorl	44(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	4(%esp),%ecx
+	andl	%edi,%ebp
+	xorl	24(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebx,%ebp
+	rorl	$2,%edi
+	movl	%edx,%ebx
+	roll	$5,%ebx
+	movl	%ecx,36(%esp)
+	leal	2400959708(%ecx,%ebp,1),%ecx
+	movl	%esi,%ebp
+	addl	%ebx,%ecx
+	andl	%eax,%ebp
+	movl	40(%esp),%ebx
+	addl	%ebp,%ecx
+
+	movl	%edi,%ebp
+	xorl	48(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	8(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	28(%esp),%ebx
+	roll	$1,%ebx
+	addl	%eax,%ebp
+	rorl	$2,%edx
+	movl	%ecx,%eax
+	roll	$5,%eax
+	movl	%ebx,40(%esp)
+	leal	2400959708(%ebx,%ebp,1),%ebx
+	movl	%edi,%ebp
+	addl	%eax,%ebx
+	andl	%esi,%ebp
+	movl	44(%esp),%eax
+	addl	%ebp,%ebx
+
+	movl	%edx,%ebp
+	xorl	52(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	12(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	32(%esp),%eax
+	roll	$1,%eax
+	addl	%esi,%ebp
+	rorl	$2,%ecx
+	movl	%ebx,%esi
+	roll	$5,%esi
+	movl	%eax,44(%esp)
+	leal	2400959708(%eax,%ebp,1),%eax
+	movl	%edx,%ebp
+	addl	%esi,%eax
+	andl	%edi,%ebp
+	movl	48(%esp),%esi
+	addl	%ebp,%eax
+
+	movl	%ebx,%ebp
+	xorl	56(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	16(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	36(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,48(%esp)
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	52(%esp),%edi
+	addl	%ebp,%esi
+
+	movl	%eax,%ebp
+	xorl	60(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	20(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	40(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,52(%esp)
+	leal	3395469782(%edi,%edx,1),%edi
+	movl	56(%esp),%edx
+	addl	%ebp,%edi
+
+	movl	%esi,%ebp
+	xorl	(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	24(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	44(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,56(%esp)
+	leal	3395469782(%edx,%ecx,1),%edx
+	movl	60(%esp),%ecx
+	addl	%ebp,%edx
+
+	movl	%edi,%ebp
+	xorl	4(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	28(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	48(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,60(%esp)
+	leal	3395469782(%ecx,%ebx,1),%ecx
+	movl	(%esp),%ebx
+	addl	%ebp,%ecx
+
+	movl	%edx,%ebp
+	xorl	8(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	32(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	52(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,(%esp)
+	leal	3395469782(%ebx,%eax,1),%ebx
+	movl	4(%esp),%eax
+	addl	%ebp,%ebx
+
+	movl	%ecx,%ebp
+	xorl	12(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	36(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	56(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,4(%esp)
+	leal	3395469782(%eax,%esi,1),%eax
+	movl	8(%esp),%esi
+	addl	%ebp,%eax
+
+	movl	%ebx,%ebp
+	xorl	16(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	40(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	60(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,8(%esp)
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	12(%esp),%edi
+	addl	%ebp,%esi
+
+	movl	%eax,%ebp
+	xorl	20(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	44(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,12(%esp)
+	leal	3395469782(%edi,%edx,1),%edi
+	movl	16(%esp),%edx
+	addl	%ebp,%edi
+
+	movl	%esi,%ebp
+	xorl	24(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	48(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	4(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,16(%esp)
+	leal	3395469782(%edx,%ecx,1),%edx
+	movl	20(%esp),%ecx
+	addl	%ebp,%edx
+
+	movl	%edi,%ebp
+	xorl	28(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	52(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	8(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,20(%esp)
+	leal	3395469782(%ecx,%ebx,1),%ecx
+	movl	24(%esp),%ebx
+	addl	%ebp,%ecx
+
+	movl	%edx,%ebp
+	xorl	32(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	56(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	12(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,24(%esp)
+	leal	3395469782(%ebx,%eax,1),%ebx
+	movl	28(%esp),%eax
+	addl	%ebp,%ebx
+
+	movl	%ecx,%ebp
+	xorl	36(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	60(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	16(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,28(%esp)
+	leal	3395469782(%eax,%esi,1),%eax
+	movl	32(%esp),%esi
+	addl	%ebp,%eax
+
+	movl	%ebx,%ebp
+	xorl	40(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	20(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,32(%esp)
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	36(%esp),%edi
+	addl	%ebp,%esi
+
+	movl	%eax,%ebp
+	xorl	44(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	4(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	24(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,36(%esp)
+	leal	3395469782(%edi,%edx,1),%edi
+	movl	40(%esp),%edx
+	addl	%ebp,%edi
+
+	movl	%esi,%ebp
+	xorl	48(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	8(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	28(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,40(%esp)
+	leal	3395469782(%edx,%ecx,1),%edx
+	movl	44(%esp),%ecx
+	addl	%ebp,%edx
+
+	movl	%edi,%ebp
+	xorl	52(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	12(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	32(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,44(%esp)
+	leal	3395469782(%ecx,%ebx,1),%ecx
+	movl	48(%esp),%ebx
+	addl	%ebp,%ecx
+
+	movl	%edx,%ebp
+	xorl	56(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	16(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	36(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,48(%esp)
+	leal	3395469782(%ebx,%eax,1),%ebx
+	movl	52(%esp),%eax
+	addl	%ebp,%ebx
+
+	movl	%ecx,%ebp
+	xorl	60(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	20(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	40(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	leal	3395469782(%eax,%esi,1),%eax
+	movl	56(%esp),%esi
+	addl	%ebp,%eax
+
+	movl	%ebx,%ebp
+	xorl	(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	24(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	44(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	60(%esp),%edi
+	addl	%ebp,%esi
+
+	movl	%eax,%ebp
+	xorl	4(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	28(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	48(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	leal	3395469782(%edi,%edx,1),%edi
+	addl	%ebp,%edi
+	movl	96(%esp),%ebp
+	movl	100(%esp),%edx
+	addl	(%ebp),%edi
+	addl	4(%ebp),%esi
+	addl	8(%ebp),%eax
+	addl	12(%ebp),%ebx
+	addl	16(%ebp),%ecx
+	movl	%edi,(%ebp)
+	addl	$64,%edx
+	movl	%esi,4(%ebp)
+	cmpl	104(%esp),%edx
+	movl	%eax,8(%ebp)
+	movl	%ecx,%edi
+	movl	%ebx,12(%ebp)
+	movl	%edx,%esi
+	movl	%ecx,16(%ebp)
+	jb	.L000loop
+	addl	$76,%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	sha1_block_data_order,.-.L_sha1_block_data_order_begin
+.byte	83,72,65,49,32,98,108,111,99,107,32,116,114,97,110,115
+.byte	102,111,114,109,32,102,111,114,32,120,56,54,44,32,67,82
+.byte	89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112
+.byte	114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/x86/elf/sha1-ssse3-x86_64.s b/lib/accelerated/x86/elf/sha1-ssse3-x86_64.s
new file mode 100644
index 0000000..d85d9ff
--- /dev/null
+++ b/lib/accelerated/x86/elf/sha1-ssse3-x86_64.s
@@ -0,0 +1,5491 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+.globl	sha1_block_data_order
+.type	sha1_block_data_order,@function
+.align	16
+sha1_block_data_order:
+.cfi_startproc	
+	movl	GNUTLS_x86_cpuid_s+0(%rip),%r9d
+	movl	GNUTLS_x86_cpuid_s+4(%rip),%r8d
+	movl	GNUTLS_x86_cpuid_s+8(%rip),%r10d
+	testl	$512,%r8d
+	jz	.Lialu
+	testl	$536870912,%r10d
+	jnz	_shaext_shortcut
+	andl	$296,%r10d
+	cmpl	$296,%r10d
+	je	_avx2_shortcut
+	andl	$268435456,%r8d
+	andl	$1073741824,%r9d
+	orl	%r9d,%r8d
+	cmpl	$1342177280,%r8d
+	je	_avx_shortcut
+	jmp	_ssse3_shortcut
+
+.align	16
+.Lialu:
+	movq	%rsp,%rax
+.cfi_def_cfa_register	%rax
+	pushq	%rbx
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_offset	%r14,-48
+	movq	%rdi,%r8
+	subq	$72,%rsp
+	movq	%rsi,%r9
+	andq	$-64,%rsp
+	movq	%rdx,%r10
+	movq	%rax,64(%rsp)
+.cfi_escape	0x0f,0x06,0x77,0xc0,0x00,0x06,0x23,0x08
+.Lprologue:
+
+	movl	0(%r8),%esi
+	movl	4(%r8),%edi
+	movl	8(%r8),%r11d
+	movl	12(%r8),%r12d
+	movl	16(%r8),%r13d
+	jmp	.Lloop
+
+.align	16
+.Lloop:
+	movl	0(%r9),%edx
+	bswapl	%edx
+	movl	4(%r9),%ebp
+	movl	%r12d,%eax
+	movl	%edx,0(%rsp)
+	movl	%esi,%ecx
+	bswapl	%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	andl	%edi,%eax
+	leal	1518500249(%rdx,%r13,1),%r13d
+	addl	%ecx,%r13d
+	xorl	%r12d,%eax
+	roll	$30,%edi
+	addl	%eax,%r13d
+	movl	8(%r9),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,4(%rsp)
+	movl	%r13d,%ecx
+	bswapl	%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	andl	%esi,%eax
+	leal	1518500249(%rbp,%r12,1),%r12d
+	addl	%ecx,%r12d
+	xorl	%r11d,%eax
+	roll	$30,%esi
+	addl	%eax,%r12d
+	movl	12(%r9),%edx
+	movl	%edi,%eax
+	movl	%r14d,8(%rsp)
+	movl	%r12d,%ecx
+	bswapl	%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	andl	%r13d,%eax
+	leal	1518500249(%r14,%r11,1),%r11d
+	addl	%ecx,%r11d
+	xorl	%edi,%eax
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	movl	16(%r9),%ebp
+	movl	%esi,%eax
+	movl	%edx,12(%rsp)
+	movl	%r11d,%ecx
+	bswapl	%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	andl	%r12d,%eax
+	leal	1518500249(%rdx,%rdi,1),%edi
+	addl	%ecx,%edi
+	xorl	%esi,%eax
+	roll	$30,%r12d
+	addl	%eax,%edi
+	movl	20(%r9),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,16(%rsp)
+	movl	%edi,%ecx
+	bswapl	%r14d
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	andl	%r11d,%eax
+	leal	1518500249(%rbp,%rsi,1),%esi
+	addl	%ecx,%esi
+	xorl	%r13d,%eax
+	roll	$30,%r11d
+	addl	%eax,%esi
+	movl	24(%r9),%edx
+	movl	%r12d,%eax
+	movl	%r14d,20(%rsp)
+	movl	%esi,%ecx
+	bswapl	%edx
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	andl	%edi,%eax
+	leal	1518500249(%r14,%r13,1),%r13d
+	addl	%ecx,%r13d
+	xorl	%r12d,%eax
+	roll	$30,%edi
+	addl	%eax,%r13d
+	movl	28(%r9),%ebp
+	movl	%r11d,%eax
+	movl	%edx,24(%rsp)
+	movl	%r13d,%ecx
+	bswapl	%ebp
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	andl	%esi,%eax
+	leal	1518500249(%rdx,%r12,1),%r12d
+	addl	%ecx,%r12d
+	xorl	%r11d,%eax
+	roll	$30,%esi
+	addl	%eax,%r12d
+	movl	32(%r9),%r14d
+	movl	%edi,%eax
+	movl	%ebp,28(%rsp)
+	movl	%r12d,%ecx
+	bswapl	%r14d
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	andl	%r13d,%eax
+	leal	1518500249(%rbp,%r11,1),%r11d
+	addl	%ecx,%r11d
+	xorl	%edi,%eax
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	movl	36(%r9),%edx
+	movl	%esi,%eax
+	movl	%r14d,32(%rsp)
+	movl	%r11d,%ecx
+	bswapl	%edx
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	andl	%r12d,%eax
+	leal	1518500249(%r14,%rdi,1),%edi
+	addl	%ecx,%edi
+	xorl	%esi,%eax
+	roll	$30,%r12d
+	addl	%eax,%edi
+	movl	40(%r9),%ebp
+	movl	%r13d,%eax
+	movl	%edx,36(%rsp)
+	movl	%edi,%ecx
+	bswapl	%ebp
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	andl	%r11d,%eax
+	leal	1518500249(%rdx,%rsi,1),%esi
+	addl	%ecx,%esi
+	xorl	%r13d,%eax
+	roll	$30,%r11d
+	addl	%eax,%esi
+	movl	44(%r9),%r14d
+	movl	%r12d,%eax
+	movl	%ebp,40(%rsp)
+	movl	%esi,%ecx
+	bswapl	%r14d
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	andl	%edi,%eax
+	leal	1518500249(%rbp,%r13,1),%r13d
+	addl	%ecx,%r13d
+	xorl	%r12d,%eax
+	roll	$30,%edi
+	addl	%eax,%r13d
+	movl	48(%r9),%edx
+	movl	%r11d,%eax
+	movl	%r14d,44(%rsp)
+	movl	%r13d,%ecx
+	bswapl	%edx
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	andl	%esi,%eax
+	leal	1518500249(%r14,%r12,1),%r12d
+	addl	%ecx,%r12d
+	xorl	%r11d,%eax
+	roll	$30,%esi
+	addl	%eax,%r12d
+	movl	52(%r9),%ebp
+	movl	%edi,%eax
+	movl	%edx,48(%rsp)
+	movl	%r12d,%ecx
+	bswapl	%ebp
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	andl	%r13d,%eax
+	leal	1518500249(%rdx,%r11,1),%r11d
+	addl	%ecx,%r11d
+	xorl	%edi,%eax
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	movl	56(%r9),%r14d
+	movl	%esi,%eax
+	movl	%ebp,52(%rsp)
+	movl	%r11d,%ecx
+	bswapl	%r14d
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	andl	%r12d,%eax
+	leal	1518500249(%rbp,%rdi,1),%edi
+	addl	%ecx,%edi
+	xorl	%esi,%eax
+	roll	$30,%r12d
+	addl	%eax,%edi
+	movl	60(%r9),%edx
+	movl	%r13d,%eax
+	movl	%r14d,56(%rsp)
+	movl	%edi,%ecx
+	bswapl	%edx
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	andl	%r11d,%eax
+	leal	1518500249(%r14,%rsi,1),%esi
+	addl	%ecx,%esi
+	xorl	%r13d,%eax
+	roll	$30,%r11d
+	addl	%eax,%esi
+	xorl	0(%rsp),%ebp
+	movl	%r12d,%eax
+	movl	%edx,60(%rsp)
+	movl	%esi,%ecx
+	xorl	8(%rsp),%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	32(%rsp),%ebp
+	andl	%edi,%eax
+	leal	1518500249(%rdx,%r13,1),%r13d
+	roll	$30,%edi
+	xorl	%r12d,%eax
+	addl	%ecx,%r13d
+	roll	$1,%ebp
+	addl	%eax,%r13d
+	xorl	4(%rsp),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,0(%rsp)
+	movl	%r13d,%ecx
+	xorl	12(%rsp),%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	36(%rsp),%r14d
+	andl	%esi,%eax
+	leal	1518500249(%rbp,%r12,1),%r12d
+	roll	$30,%esi
+	xorl	%r11d,%eax
+	addl	%ecx,%r12d
+	roll	$1,%r14d
+	addl	%eax,%r12d
+	xorl	8(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,4(%rsp)
+	movl	%r12d,%ecx
+	xorl	16(%rsp),%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	40(%rsp),%edx
+	andl	%r13d,%eax
+	leal	1518500249(%r14,%r11,1),%r11d
+	roll	$30,%r13d
+	xorl	%edi,%eax
+	addl	%ecx,%r11d
+	roll	$1,%edx
+	addl	%eax,%r11d
+	xorl	12(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,8(%rsp)
+	movl	%r11d,%ecx
+	xorl	20(%rsp),%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	44(%rsp),%ebp
+	andl	%r12d,%eax
+	leal	1518500249(%rdx,%rdi,1),%edi
+	roll	$30,%r12d
+	xorl	%esi,%eax
+	addl	%ecx,%edi
+	roll	$1,%ebp
+	addl	%eax,%edi
+	xorl	16(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,12(%rsp)
+	movl	%edi,%ecx
+	xorl	24(%rsp),%r14d
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	48(%rsp),%r14d
+	andl	%r11d,%eax
+	leal	1518500249(%rbp,%rsi,1),%esi
+	roll	$30,%r11d
+	xorl	%r13d,%eax
+	addl	%ecx,%esi
+	roll	$1,%r14d
+	addl	%eax,%esi
+	xorl	20(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,16(%rsp)
+	movl	%esi,%ecx
+	xorl	28(%rsp),%edx
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	52(%rsp),%edx
+	leal	1859775393(%r14,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%edx
+	xorl	24(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,20(%rsp)
+	movl	%r13d,%ecx
+	xorl	32(%rsp),%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	56(%rsp),%ebp
+	leal	1859775393(%rdx,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%ebp
+	xorl	28(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,24(%rsp)
+	movl	%r12d,%ecx
+	xorl	36(%rsp),%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	60(%rsp),%r14d
+	leal	1859775393(%rbp,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%r14d
+	xorl	32(%rsp),%edx
+	movl	%r12d,%eax
+	movl	%r14d,28(%rsp)
+	movl	%r11d,%ecx
+	xorl	40(%rsp),%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	0(%rsp),%edx
+	leal	1859775393(%r14,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%edx
+	xorl	36(%rsp),%ebp
+	movl	%r11d,%eax
+	movl	%edx,32(%rsp)
+	movl	%edi,%ecx
+	xorl	44(%rsp),%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	4(%rsp),%ebp
+	leal	1859775393(%rdx,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%ebp
+	xorl	40(%rsp),%r14d
+	movl	%edi,%eax
+	movl	%ebp,36(%rsp)
+	movl	%esi,%ecx
+	xorl	48(%rsp),%r14d
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	8(%rsp),%r14d
+	leal	1859775393(%rbp,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%r14d
+	xorl	44(%rsp),%edx
+	movl	%esi,%eax
+	movl	%r14d,40(%rsp)
+	movl	%r13d,%ecx
+	xorl	52(%rsp),%edx
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	12(%rsp),%edx
+	leal	1859775393(%r14,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%edx
+	xorl	48(%rsp),%ebp
+	movl	%r13d,%eax
+	movl	%edx,44(%rsp)
+	movl	%r12d,%ecx
+	xorl	56(%rsp),%ebp
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	16(%rsp),%ebp
+	leal	1859775393(%rdx,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%ebp
+	xorl	52(%rsp),%r14d
+	movl	%r12d,%eax
+	movl	%ebp,48(%rsp)
+	movl	%r11d,%ecx
+	xorl	60(%rsp),%r14d
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	20(%rsp),%r14d
+	leal	1859775393(%rbp,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%r14d
+	xorl	56(%rsp),%edx
+	movl	%r11d,%eax
+	movl	%r14d,52(%rsp)
+	movl	%edi,%ecx
+	xorl	0(%rsp),%edx
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	24(%rsp),%edx
+	leal	1859775393(%r14,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%edx
+	xorl	60(%rsp),%ebp
+	movl	%edi,%eax
+	movl	%edx,56(%rsp)
+	movl	%esi,%ecx
+	xorl	4(%rsp),%ebp
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	28(%rsp),%ebp
+	leal	1859775393(%rdx,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%ebp
+	xorl	0(%rsp),%r14d
+	movl	%esi,%eax
+	movl	%ebp,60(%rsp)
+	movl	%r13d,%ecx
+	xorl	8(%rsp),%r14d
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	32(%rsp),%r14d
+	leal	1859775393(%rbp,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%r14d
+	xorl	4(%rsp),%edx
+	movl	%r13d,%eax
+	movl	%r14d,0(%rsp)
+	movl	%r12d,%ecx
+	xorl	12(%rsp),%edx
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	36(%rsp),%edx
+	leal	1859775393(%r14,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%edx
+	xorl	8(%rsp),%ebp
+	movl	%r12d,%eax
+	movl	%edx,4(%rsp)
+	movl	%r11d,%ecx
+	xorl	16(%rsp),%ebp
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	40(%rsp),%ebp
+	leal	1859775393(%rdx,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%ebp
+	xorl	12(%rsp),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,8(%rsp)
+	movl	%edi,%ecx
+	xorl	20(%rsp),%r14d
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	44(%rsp),%r14d
+	leal	1859775393(%rbp,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%r14d
+	xorl	16(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,12(%rsp)
+	movl	%esi,%ecx
+	xorl	24(%rsp),%edx
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	48(%rsp),%edx
+	leal	1859775393(%r14,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%edx
+	xorl	20(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,16(%rsp)
+	movl	%r13d,%ecx
+	xorl	28(%rsp),%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	52(%rsp),%ebp
+	leal	1859775393(%rdx,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%ebp
+	xorl	24(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,20(%rsp)
+	movl	%r12d,%ecx
+	xorl	32(%rsp),%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	56(%rsp),%r14d
+	leal	1859775393(%rbp,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%r14d
+	xorl	28(%rsp),%edx
+	movl	%r12d,%eax
+	movl	%r14d,24(%rsp)
+	movl	%r11d,%ecx
+	xorl	36(%rsp),%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	60(%rsp),%edx
+	leal	1859775393(%r14,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%edx
+	xorl	32(%rsp),%ebp
+	movl	%r11d,%eax
+	movl	%edx,28(%rsp)
+	movl	%edi,%ecx
+	xorl	40(%rsp),%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	0(%rsp),%ebp
+	leal	1859775393(%rdx,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%ebp
+	xorl	36(%rsp),%r14d
+	movl	%r12d,%eax
+	movl	%ebp,32(%rsp)
+	movl	%r12d,%ebx
+	xorl	44(%rsp),%r14d
+	andl	%r11d,%eax
+	movl	%esi,%ecx
+	xorl	4(%rsp),%r14d
+	leal	-1894007588(%rbp,%r13,1),%r13d
+	xorl	%r11d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r13d
+	roll	$1,%r14d
+	andl	%edi,%ebx
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%ebx,%r13d
+	xorl	40(%rsp),%edx
+	movl	%r11d,%eax
+	movl	%r14d,36(%rsp)
+	movl	%r11d,%ebx
+	xorl	48(%rsp),%edx
+	andl	%edi,%eax
+	movl	%r13d,%ecx
+	xorl	8(%rsp),%edx
+	leal	-1894007588(%r14,%r12,1),%r12d
+	xorl	%edi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r12d
+	roll	$1,%edx
+	andl	%esi,%ebx
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%ebx,%r12d
+	xorl	44(%rsp),%ebp
+	movl	%edi,%eax
+	movl	%edx,40(%rsp)
+	movl	%edi,%ebx
+	xorl	52(%rsp),%ebp
+	andl	%esi,%eax
+	movl	%r12d,%ecx
+	xorl	12(%rsp),%ebp
+	leal	-1894007588(%rdx,%r11,1),%r11d
+	xorl	%esi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r11d
+	roll	$1,%ebp
+	andl	%r13d,%ebx
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%ebx,%r11d
+	xorl	48(%rsp),%r14d
+	movl	%esi,%eax
+	movl	%ebp,44(%rsp)
+	movl	%esi,%ebx
+	xorl	56(%rsp),%r14d
+	andl	%r13d,%eax
+	movl	%r11d,%ecx
+	xorl	16(%rsp),%r14d
+	leal	-1894007588(%rbp,%rdi,1),%edi
+	xorl	%r13d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%edi
+	roll	$1,%r14d
+	andl	%r12d,%ebx
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%ebx,%edi
+	xorl	52(%rsp),%edx
+	movl	%r13d,%eax
+	movl	%r14d,48(%rsp)
+	movl	%r13d,%ebx
+	xorl	60(%rsp),%edx
+	andl	%r12d,%eax
+	movl	%edi,%ecx
+	xorl	20(%rsp),%edx
+	leal	-1894007588(%r14,%rsi,1),%esi
+	xorl	%r12d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%esi
+	roll	$1,%edx
+	andl	%r11d,%ebx
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%ebx,%esi
+	xorl	56(%rsp),%ebp
+	movl	%r12d,%eax
+	movl	%edx,52(%rsp)
+	movl	%r12d,%ebx
+	xorl	0(%rsp),%ebp
+	andl	%r11d,%eax
+	movl	%esi,%ecx
+	xorl	24(%rsp),%ebp
+	leal	-1894007588(%rdx,%r13,1),%r13d
+	xorl	%r11d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r13d
+	roll	$1,%ebp
+	andl	%edi,%ebx
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%ebx,%r13d
+	xorl	60(%rsp),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,56(%rsp)
+	movl	%r11d,%ebx
+	xorl	4(%rsp),%r14d
+	andl	%edi,%eax
+	movl	%r13d,%ecx
+	xorl	28(%rsp),%r14d
+	leal	-1894007588(%rbp,%r12,1),%r12d
+	xorl	%edi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r12d
+	roll	$1,%r14d
+	andl	%esi,%ebx
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%ebx,%r12d
+	xorl	0(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,60(%rsp)
+	movl	%edi,%ebx
+	xorl	8(%rsp),%edx
+	andl	%esi,%eax
+	movl	%r12d,%ecx
+	xorl	32(%rsp),%edx
+	leal	-1894007588(%r14,%r11,1),%r11d
+	xorl	%esi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r11d
+	roll	$1,%edx
+	andl	%r13d,%ebx
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%ebx,%r11d
+	xorl	4(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,0(%rsp)
+	movl	%esi,%ebx
+	xorl	12(%rsp),%ebp
+	andl	%r13d,%eax
+	movl	%r11d,%ecx
+	xorl	36(%rsp),%ebp
+	leal	-1894007588(%rdx,%rdi,1),%edi
+	xorl	%r13d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%edi
+	roll	$1,%ebp
+	andl	%r12d,%ebx
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%ebx,%edi
+	xorl	8(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,4(%rsp)
+	movl	%r13d,%ebx
+	xorl	16(%rsp),%r14d
+	andl	%r12d,%eax
+	movl	%edi,%ecx
+	xorl	40(%rsp),%r14d
+	leal	-1894007588(%rbp,%rsi,1),%esi
+	xorl	%r12d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%esi
+	roll	$1,%r14d
+	andl	%r11d,%ebx
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%ebx,%esi
+	xorl	12(%rsp),%edx
+	movl	%r12d,%eax
+	movl	%r14d,8(%rsp)
+	movl	%r12d,%ebx
+	xorl	20(%rsp),%edx
+	andl	%r11d,%eax
+	movl	%esi,%ecx
+	xorl	44(%rsp),%edx
+	leal	-1894007588(%r14,%r13,1),%r13d
+	xorl	%r11d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r13d
+	roll	$1,%edx
+	andl	%edi,%ebx
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%ebx,%r13d
+	xorl	16(%rsp),%ebp
+	movl	%r11d,%eax
+	movl	%edx,12(%rsp)
+	movl	%r11d,%ebx
+	xorl	24(%rsp),%ebp
+	andl	%edi,%eax
+	movl	%r13d,%ecx
+	xorl	48(%rsp),%ebp
+	leal	-1894007588(%rdx,%r12,1),%r12d
+	xorl	%edi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r12d
+	roll	$1,%ebp
+	andl	%esi,%ebx
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%ebx,%r12d
+	xorl	20(%rsp),%r14d
+	movl	%edi,%eax
+	movl	%ebp,16(%rsp)
+	movl	%edi,%ebx
+	xorl	28(%rsp),%r14d
+	andl	%esi,%eax
+	movl	%r12d,%ecx
+	xorl	52(%rsp),%r14d
+	leal	-1894007588(%rbp,%r11,1),%r11d
+	xorl	%esi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r11d
+	roll	$1,%r14d
+	andl	%r13d,%ebx
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%ebx,%r11d
+	xorl	24(%rsp),%edx
+	movl	%esi,%eax
+	movl	%r14d,20(%rsp)
+	movl	%esi,%ebx
+	xorl	32(%rsp),%edx
+	andl	%r13d,%eax
+	movl	%r11d,%ecx
+	xorl	56(%rsp),%edx
+	leal	-1894007588(%r14,%rdi,1),%edi
+	xorl	%r13d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%edi
+	roll	$1,%edx
+	andl	%r12d,%ebx
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%ebx,%edi
+	xorl	28(%rsp),%ebp
+	movl	%r13d,%eax
+	movl	%edx,24(%rsp)
+	movl	%r13d,%ebx
+	xorl	36(%rsp),%ebp
+	andl	%r12d,%eax
+	movl	%edi,%ecx
+	xorl	60(%rsp),%ebp
+	leal	-1894007588(%rdx,%rsi,1),%esi
+	xorl	%r12d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%esi
+	roll	$1,%ebp
+	andl	%r11d,%ebx
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%ebx,%esi
+	xorl	32(%rsp),%r14d
+	movl	%r12d,%eax
+	movl	%ebp,28(%rsp)
+	movl	%r12d,%ebx
+	xorl	40(%rsp),%r14d
+	andl	%r11d,%eax
+	movl	%esi,%ecx
+	xorl	0(%rsp),%r14d
+	leal	-1894007588(%rbp,%r13,1),%r13d
+	xorl	%r11d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r13d
+	roll	$1,%r14d
+	andl	%edi,%ebx
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%ebx,%r13d
+	xorl	36(%rsp),%edx
+	movl	%r11d,%eax
+	movl	%r14d,32(%rsp)
+	movl	%r11d,%ebx
+	xorl	44(%rsp),%edx
+	andl	%edi,%eax
+	movl	%r13d,%ecx
+	xorl	4(%rsp),%edx
+	leal	-1894007588(%r14,%r12,1),%r12d
+	xorl	%edi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r12d
+	roll	$1,%edx
+	andl	%esi,%ebx
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%ebx,%r12d
+	xorl	40(%rsp),%ebp
+	movl	%edi,%eax
+	movl	%edx,36(%rsp)
+	movl	%edi,%ebx
+	xorl	48(%rsp),%ebp
+	andl	%esi,%eax
+	movl	%r12d,%ecx
+	xorl	8(%rsp),%ebp
+	leal	-1894007588(%rdx,%r11,1),%r11d
+	xorl	%esi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r11d
+	roll	$1,%ebp
+	andl	%r13d,%ebx
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%ebx,%r11d
+	xorl	44(%rsp),%r14d
+	movl	%esi,%eax
+	movl	%ebp,40(%rsp)
+	movl	%esi,%ebx
+	xorl	52(%rsp),%r14d
+	andl	%r13d,%eax
+	movl	%r11d,%ecx
+	xorl	12(%rsp),%r14d
+	leal	-1894007588(%rbp,%rdi,1),%edi
+	xorl	%r13d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%edi
+	roll	$1,%r14d
+	andl	%r12d,%ebx
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%ebx,%edi
+	xorl	48(%rsp),%edx
+	movl	%r13d,%eax
+	movl	%r14d,44(%rsp)
+	movl	%r13d,%ebx
+	xorl	56(%rsp),%edx
+	andl	%r12d,%eax
+	movl	%edi,%ecx
+	xorl	16(%rsp),%edx
+	leal	-1894007588(%r14,%rsi,1),%esi
+	xorl	%r12d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%esi
+	roll	$1,%edx
+	andl	%r11d,%ebx
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%ebx,%esi
+	xorl	52(%rsp),%ebp
+	movl	%edi,%eax
+	movl	%edx,48(%rsp)
+	movl	%esi,%ecx
+	xorl	60(%rsp),%ebp
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	20(%rsp),%ebp
+	leal	-899497514(%rdx,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%ebp
+	xorl	56(%rsp),%r14d
+	movl	%esi,%eax
+	movl	%ebp,52(%rsp)
+	movl	%r13d,%ecx
+	xorl	0(%rsp),%r14d
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	24(%rsp),%r14d
+	leal	-899497514(%rbp,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%r14d
+	xorl	60(%rsp),%edx
+	movl	%r13d,%eax
+	movl	%r14d,56(%rsp)
+	movl	%r12d,%ecx
+	xorl	4(%rsp),%edx
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	28(%rsp),%edx
+	leal	-899497514(%r14,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%edx
+	xorl	0(%rsp),%ebp
+	movl	%r12d,%eax
+	movl	%edx,60(%rsp)
+	movl	%r11d,%ecx
+	xorl	8(%rsp),%ebp
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	32(%rsp),%ebp
+	leal	-899497514(%rdx,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%ebp
+	xorl	4(%rsp),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,0(%rsp)
+	movl	%edi,%ecx
+	xorl	12(%rsp),%r14d
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	36(%rsp),%r14d
+	leal	-899497514(%rbp,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%r14d
+	xorl	8(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,4(%rsp)
+	movl	%esi,%ecx
+	xorl	16(%rsp),%edx
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	40(%rsp),%edx
+	leal	-899497514(%r14,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%edx
+	xorl	12(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,8(%rsp)
+	movl	%r13d,%ecx
+	xorl	20(%rsp),%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	44(%rsp),%ebp
+	leal	-899497514(%rdx,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%ebp
+	xorl	16(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,12(%rsp)
+	movl	%r12d,%ecx
+	xorl	24(%rsp),%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	48(%rsp),%r14d
+	leal	-899497514(%rbp,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%r14d
+	xorl	20(%rsp),%edx
+	movl	%r12d,%eax
+	movl	%r14d,16(%rsp)
+	movl	%r11d,%ecx
+	xorl	28(%rsp),%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	52(%rsp),%edx
+	leal	-899497514(%r14,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%edx
+	xorl	24(%rsp),%ebp
+	movl	%r11d,%eax
+	movl	%edx,20(%rsp)
+	movl	%edi,%ecx
+	xorl	32(%rsp),%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	56(%rsp),%ebp
+	leal	-899497514(%rdx,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%ebp
+	xorl	28(%rsp),%r14d
+	movl	%edi,%eax
+	movl	%ebp,24(%rsp)
+	movl	%esi,%ecx
+	xorl	36(%rsp),%r14d
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	60(%rsp),%r14d
+	leal	-899497514(%rbp,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%r14d
+	xorl	32(%rsp),%edx
+	movl	%esi,%eax
+	movl	%r14d,28(%rsp)
+	movl	%r13d,%ecx
+	xorl	40(%rsp),%edx
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	0(%rsp),%edx
+	leal	-899497514(%r14,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%edx
+	xorl	36(%rsp),%ebp
+	movl	%r13d,%eax
+
+	movl	%r12d,%ecx
+	xorl	44(%rsp),%ebp
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	4(%rsp),%ebp
+	leal	-899497514(%rdx,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%ebp
+	xorl	40(%rsp),%r14d
+	movl	%r12d,%eax
+
+	movl	%r11d,%ecx
+	xorl	48(%rsp),%r14d
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	8(%rsp),%r14d
+	leal	-899497514(%rbp,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%r14d
+	xorl	44(%rsp),%edx
+	movl	%r11d,%eax
+
+	movl	%edi,%ecx
+	xorl	52(%rsp),%edx
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	12(%rsp),%edx
+	leal	-899497514(%r14,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%edx
+	xorl	48(%rsp),%ebp
+	movl	%edi,%eax
+
+	movl	%esi,%ecx
+	xorl	56(%rsp),%ebp
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	16(%rsp),%ebp
+	leal	-899497514(%rdx,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%ebp
+	xorl	52(%rsp),%r14d
+	movl	%esi,%eax
+
+	movl	%r13d,%ecx
+	xorl	60(%rsp),%r14d
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	20(%rsp),%r14d
+	leal	-899497514(%rbp,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%r14d
+	xorl	56(%rsp),%edx
+	movl	%r13d,%eax
+
+	movl	%r12d,%ecx
+	xorl	0(%rsp),%edx
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	24(%rsp),%edx
+	leal	-899497514(%r14,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%edx
+	xorl	60(%rsp),%ebp
+	movl	%r12d,%eax
+
+	movl	%r11d,%ecx
+	xorl	4(%rsp),%ebp
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	28(%rsp),%ebp
+	leal	-899497514(%rdx,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%ebp
+	movl	%r11d,%eax
+	movl	%edi,%ecx
+	xorl	%r13d,%eax
+	leal	-899497514(%rbp,%rsi,1),%esi
+	roll	$5,%ecx
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	addl	0(%r8),%esi
+	addl	4(%r8),%edi
+	addl	8(%r8),%r11d
+	addl	12(%r8),%r12d
+	addl	16(%r8),%r13d
+	movl	%esi,0(%r8)
+	movl	%edi,4(%r8)
+	movl	%r11d,8(%r8)
+	movl	%r12d,12(%r8)
+	movl	%r13d,16(%r8)
+
+	subq	$1,%r10
+	leaq	64(%r9),%r9
+	jnz	.Lloop
+
+	movq	64(%rsp),%rsi
+.cfi_def_cfa	%rsi,8
+	movq	-40(%rsi),%r14
+.cfi_restore	%r14
+	movq	-32(%rsi),%r13
+.cfi_restore	%r13
+	movq	-24(%rsi),%r12
+.cfi_restore	%r12
+	movq	-16(%rsi),%rbp
+.cfi_restore	%rbp
+	movq	-8(%rsi),%rbx
+.cfi_restore	%rbx
+	leaq	(%rsi),%rsp
+.cfi_def_cfa_register	%rsp
+.Lepilogue:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	sha1_block_data_order,.-sha1_block_data_order
+.type	sha1_block_data_order_shaext,@function
+.align	32
+sha1_block_data_order_shaext:
+_shaext_shortcut:
+.cfi_startproc	
+	movdqu	(%rdi),%xmm0
+	movd	16(%rdi),%xmm1
+	movdqa	K_XX_XX+160(%rip),%xmm3
+
+	movdqu	(%rsi),%xmm4
+	pshufd	$27,%xmm0,%xmm0
+	movdqu	16(%rsi),%xmm5
+	pshufd	$27,%xmm1,%xmm1
+	movdqu	32(%rsi),%xmm6
+.byte	102,15,56,0,227
+	movdqu	48(%rsi),%xmm7
+.byte	102,15,56,0,235
+.byte	102,15,56,0,243
+	movdqa	%xmm1,%xmm9
+.byte	102,15,56,0,251
+	jmp	.Loop_shaext
+
+.align	16
+.Loop_shaext:
+	decq	%rdx
+	leaq	64(%rsi),%r8
+	paddd	%xmm4,%xmm1
+	cmovneq	%r8,%rsi
+	movdqa	%xmm0,%xmm8
+.byte	15,56,201,229
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,0
+.byte	15,56,200,213
+	pxor	%xmm6,%xmm4
+.byte	15,56,201,238
+.byte	15,56,202,231
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,0
+.byte	15,56,200,206
+	pxor	%xmm7,%xmm5
+.byte	15,56,202,236
+.byte	15,56,201,247
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,0
+.byte	15,56,200,215
+	pxor	%xmm4,%xmm6
+.byte	15,56,201,252
+.byte	15,56,202,245
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,0
+.byte	15,56,200,204
+	pxor	%xmm5,%xmm7
+.byte	15,56,202,254
+.byte	15,56,201,229
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,0
+.byte	15,56,200,213
+	pxor	%xmm6,%xmm4
+.byte	15,56,201,238
+.byte	15,56,202,231
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,1
+.byte	15,56,200,206
+	pxor	%xmm7,%xmm5
+.byte	15,56,202,236
+.byte	15,56,201,247
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,1
+.byte	15,56,200,215
+	pxor	%xmm4,%xmm6
+.byte	15,56,201,252
+.byte	15,56,202,245
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,1
+.byte	15,56,200,204
+	pxor	%xmm5,%xmm7
+.byte	15,56,202,254
+.byte	15,56,201,229
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,1
+.byte	15,56,200,213
+	pxor	%xmm6,%xmm4
+.byte	15,56,201,238
+.byte	15,56,202,231
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,1
+.byte	15,56,200,206
+	pxor	%xmm7,%xmm5
+.byte	15,56,202,236
+.byte	15,56,201,247
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,2
+.byte	15,56,200,215
+	pxor	%xmm4,%xmm6
+.byte	15,56,201,252
+.byte	15,56,202,245
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,2
+.byte	15,56,200,204
+	pxor	%xmm5,%xmm7
+.byte	15,56,202,254
+.byte	15,56,201,229
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,2
+.byte	15,56,200,213
+	pxor	%xmm6,%xmm4
+.byte	15,56,201,238
+.byte	15,56,202,231
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,2
+.byte	15,56,200,206
+	pxor	%xmm7,%xmm5
+.byte	15,56,202,236
+.byte	15,56,201,247
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,2
+.byte	15,56,200,215
+	pxor	%xmm4,%xmm6
+.byte	15,56,201,252
+.byte	15,56,202,245
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,3
+.byte	15,56,200,204
+	pxor	%xmm5,%xmm7
+.byte	15,56,202,254
+	movdqu	(%rsi),%xmm4
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,3
+.byte	15,56,200,213
+	movdqu	16(%rsi),%xmm5
+.byte	102,15,56,0,227
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,3
+.byte	15,56,200,206
+	movdqu	32(%rsi),%xmm6
+.byte	102,15,56,0,235
+
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,3
+.byte	15,56,200,215
+	movdqu	48(%rsi),%xmm7
+.byte	102,15,56,0,243
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,3
+.byte	65,15,56,200,201
+.byte	102,15,56,0,251
+
+	paddd	%xmm8,%xmm0
+	movdqa	%xmm1,%xmm9
+
+	jnz	.Loop_shaext
+
+	pshufd	$27,%xmm0,%xmm0
+	pshufd	$27,%xmm1,%xmm1
+	movdqu	%xmm0,(%rdi)
+	movd	%xmm1,16(%rdi)
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	sha1_block_data_order_shaext,.-sha1_block_data_order_shaext
+.type	sha1_block_data_order_ssse3,@function
+.align	16
+sha1_block_data_order_ssse3:
+_ssse3_shortcut:
+.cfi_startproc	
+	movq	%rsp,%r11
+.cfi_def_cfa_register	%r11
+	pushq	%rbx
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_offset	%r14,-48
+	leaq	-64(%rsp),%rsp
+	andq	$-64,%rsp
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rdx,%r10
+
+	shlq	$6,%r10
+	addq	%r9,%r10
+	leaq	K_XX_XX+64(%rip),%r14
+
+	movl	0(%r8),%eax
+	movl	4(%r8),%ebx
+	movl	8(%r8),%ecx
+	movl	12(%r8),%edx
+	movl	%ebx,%esi
+	movl	16(%r8),%ebp
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	andl	%edi,%esi
+
+	movdqa	64(%r14),%xmm6
+	movdqa	-64(%r14),%xmm9
+	movdqu	0(%r9),%xmm0
+	movdqu	16(%r9),%xmm1
+	movdqu	32(%r9),%xmm2
+	movdqu	48(%r9),%xmm3
+.byte	102,15,56,0,198
+.byte	102,15,56,0,206
+.byte	102,15,56,0,214
+	addq	$64,%r9
+	paddd	%xmm9,%xmm0
+.byte	102,15,56,0,222
+	paddd	%xmm9,%xmm1
+	paddd	%xmm9,%xmm2
+	movdqa	%xmm0,0(%rsp)
+	psubd	%xmm9,%xmm0
+	movdqa	%xmm1,16(%rsp)
+	psubd	%xmm9,%xmm1
+	movdqa	%xmm2,32(%rsp)
+	psubd	%xmm9,%xmm2
+	jmp	.Loop_ssse3
+.align	16
+.Loop_ssse3:
+	rorl	$2,%ebx
+	pshufd	$238,%xmm0,%xmm4
+	xorl	%edx,%esi
+	movdqa	%xmm3,%xmm8
+	paddd	%xmm3,%xmm9
+	movl	%eax,%edi
+	addl	0(%rsp),%ebp
+	punpcklqdq	%xmm1,%xmm4
+	xorl	%ecx,%ebx
+	roll	$5,%eax
+	addl	%esi,%ebp
+	psrldq	$4,%xmm8
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	pxor	%xmm0,%xmm4
+	addl	%eax,%ebp
+	rorl	$7,%eax
+	pxor	%xmm2,%xmm8
+	xorl	%ecx,%edi
+	movl	%ebp,%esi
+	addl	4(%rsp),%edx
+	pxor	%xmm8,%xmm4
+	xorl	%ebx,%eax
+	roll	$5,%ebp
+	movdqa	%xmm9,48(%rsp)
+	addl	%edi,%edx
+	andl	%eax,%esi
+	movdqa	%xmm4,%xmm10
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	rorl	$7,%ebp
+	movdqa	%xmm4,%xmm8
+	xorl	%ebx,%esi
+	pslldq	$12,%xmm10
+	paddd	%xmm4,%xmm4
+	movl	%edx,%edi
+	addl	8(%rsp),%ecx
+	psrld	$31,%xmm8
+	xorl	%eax,%ebp
+	roll	$5,%edx
+	addl	%esi,%ecx
+	movdqa	%xmm10,%xmm9
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	psrld	$30,%xmm10
+	addl	%edx,%ecx
+	rorl	$7,%edx
+	por	%xmm8,%xmm4
+	xorl	%eax,%edi
+	movl	%ecx,%esi
+	addl	12(%rsp),%ebx
+	pslld	$2,%xmm9
+	pxor	%xmm10,%xmm4
+	xorl	%ebp,%edx
+	movdqa	-64(%r14),%xmm10
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	andl	%edx,%esi
+	pxor	%xmm9,%xmm4
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	rorl	$7,%ecx
+	pshufd	$238,%xmm1,%xmm5
+	xorl	%ebp,%esi
+	movdqa	%xmm4,%xmm9
+	paddd	%xmm4,%xmm10
+	movl	%ebx,%edi
+	addl	16(%rsp),%eax
+	punpcklqdq	%xmm2,%xmm5
+	xorl	%edx,%ecx
+	roll	$5,%ebx
+	addl	%esi,%eax
+	psrldq	$4,%xmm9
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	pxor	%xmm1,%xmm5
+	addl	%ebx,%eax
+	rorl	$7,%ebx
+	pxor	%xmm3,%xmm9
+	xorl	%edx,%edi
+	movl	%eax,%esi
+	addl	20(%rsp),%ebp
+	pxor	%xmm9,%xmm5
+	xorl	%ecx,%ebx
+	roll	$5,%eax
+	movdqa	%xmm10,0(%rsp)
+	addl	%edi,%ebp
+	andl	%ebx,%esi
+	movdqa	%xmm5,%xmm8
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	rorl	$7,%eax
+	movdqa	%xmm5,%xmm9
+	xorl	%ecx,%esi
+	pslldq	$12,%xmm8
+	paddd	%xmm5,%xmm5
+	movl	%ebp,%edi
+	addl	24(%rsp),%edx
+	psrld	$31,%xmm9
+	xorl	%ebx,%eax
+	roll	$5,%ebp
+	addl	%esi,%edx
+	movdqa	%xmm8,%xmm10
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	psrld	$30,%xmm8
+	addl	%ebp,%edx
+	rorl	$7,%ebp
+	por	%xmm9,%xmm5
+	xorl	%ebx,%edi
+	movl	%edx,%esi
+	addl	28(%rsp),%ecx
+	pslld	$2,%xmm10
+	pxor	%xmm8,%xmm5
+	xorl	%eax,%ebp
+	movdqa	-32(%r14),%xmm8
+	roll	$5,%edx
+	addl	%edi,%ecx
+	andl	%ebp,%esi
+	pxor	%xmm10,%xmm5
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	rorl	$7,%edx
+	pshufd	$238,%xmm2,%xmm6
+	xorl	%eax,%esi
+	movdqa	%xmm5,%xmm10
+	paddd	%xmm5,%xmm8
+	movl	%ecx,%edi
+	addl	32(%rsp),%ebx
+	punpcklqdq	%xmm3,%xmm6
+	xorl	%ebp,%edx
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	psrldq	$4,%xmm10
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	pxor	%xmm2,%xmm6
+	addl	%ecx,%ebx
+	rorl	$7,%ecx
+	pxor	%xmm4,%xmm10
+	xorl	%ebp,%edi
+	movl	%ebx,%esi
+	addl	36(%rsp),%eax
+	pxor	%xmm10,%xmm6
+	xorl	%edx,%ecx
+	roll	$5,%ebx
+	movdqa	%xmm8,16(%rsp)
+	addl	%edi,%eax
+	andl	%ecx,%esi
+	movdqa	%xmm6,%xmm9
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	rorl	$7,%ebx
+	movdqa	%xmm6,%xmm10
+	xorl	%edx,%esi
+	pslldq	$12,%xmm9
+	paddd	%xmm6,%xmm6
+	movl	%eax,%edi
+	addl	40(%rsp),%ebp
+	psrld	$31,%xmm10
+	xorl	%ecx,%ebx
+	roll	$5,%eax
+	addl	%esi,%ebp
+	movdqa	%xmm9,%xmm8
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	psrld	$30,%xmm9
+	addl	%eax,%ebp
+	rorl	$7,%eax
+	por	%xmm10,%xmm6
+	xorl	%ecx,%edi
+	movl	%ebp,%esi
+	addl	44(%rsp),%edx
+	pslld	$2,%xmm8
+	pxor	%xmm9,%xmm6
+	xorl	%ebx,%eax
+	movdqa	-32(%r14),%xmm9
+	roll	$5,%ebp
+	addl	%edi,%edx
+	andl	%eax,%esi
+	pxor	%xmm8,%xmm6
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	rorl	$7,%ebp
+	pshufd	$238,%xmm3,%xmm7
+	xorl	%ebx,%esi
+	movdqa	%xmm6,%xmm8
+	paddd	%xmm6,%xmm9
+	movl	%edx,%edi
+	addl	48(%rsp),%ecx
+	punpcklqdq	%xmm4,%xmm7
+	xorl	%eax,%ebp
+	roll	$5,%edx
+	addl	%esi,%ecx
+	psrldq	$4,%xmm8
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	pxor	%xmm3,%xmm7
+	addl	%edx,%ecx
+	rorl	$7,%edx
+	pxor	%xmm5,%xmm8
+	xorl	%eax,%edi
+	movl	%ecx,%esi
+	addl	52(%rsp),%ebx
+	pxor	%xmm8,%xmm7
+	xorl	%ebp,%edx
+	roll	$5,%ecx
+	movdqa	%xmm9,32(%rsp)
+	addl	%edi,%ebx
+	andl	%edx,%esi
+	movdqa	%xmm7,%xmm10
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	rorl	$7,%ecx
+	movdqa	%xmm7,%xmm8
+	xorl	%ebp,%esi
+	pslldq	$12,%xmm10
+	paddd	%xmm7,%xmm7
+	movl	%ebx,%edi
+	addl	56(%rsp),%eax
+	psrld	$31,%xmm8
+	xorl	%edx,%ecx
+	roll	$5,%ebx
+	addl	%esi,%eax
+	movdqa	%xmm10,%xmm9
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	psrld	$30,%xmm10
+	addl	%ebx,%eax
+	rorl	$7,%ebx
+	por	%xmm8,%xmm7
+	xorl	%edx,%edi
+	movl	%eax,%esi
+	addl	60(%rsp),%ebp
+	pslld	$2,%xmm9
+	pxor	%xmm10,%xmm7
+	xorl	%ecx,%ebx
+	movdqa	-32(%r14),%xmm10
+	roll	$5,%eax
+	addl	%edi,%ebp
+	andl	%ebx,%esi
+	pxor	%xmm9,%xmm7
+	pshufd	$238,%xmm6,%xmm9
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	rorl	$7,%eax
+	pxor	%xmm4,%xmm0
+	xorl	%ecx,%esi
+	movl	%ebp,%edi
+	addl	0(%rsp),%edx
+	punpcklqdq	%xmm7,%xmm9
+	xorl	%ebx,%eax
+	roll	$5,%ebp
+	pxor	%xmm1,%xmm0
+	addl	%esi,%edx
+	andl	%eax,%edi
+	movdqa	%xmm10,%xmm8
+	xorl	%ebx,%eax
+	paddd	%xmm7,%xmm10
+	addl	%ebp,%edx
+	pxor	%xmm9,%xmm0
+	rorl	$7,%ebp
+	xorl	%ebx,%edi
+	movl	%edx,%esi
+	addl	4(%rsp),%ecx
+	movdqa	%xmm0,%xmm9
+	xorl	%eax,%ebp
+	roll	$5,%edx
+	movdqa	%xmm10,48(%rsp)
+	addl	%edi,%ecx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	pslld	$2,%xmm0
+	addl	%edx,%ecx
+	rorl	$7,%edx
+	psrld	$30,%xmm9
+	xorl	%eax,%esi
+	movl	%ecx,%edi
+	addl	8(%rsp),%ebx
+	por	%xmm9,%xmm0
+	xorl	%ebp,%edx
+	roll	$5,%ecx
+	pshufd	$238,%xmm7,%xmm10
+	addl	%esi,%ebx
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	12(%rsp),%eax
+	xorl	%ebp,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	pxor	%xmm5,%xmm1
+	addl	16(%rsp),%ebp
+	xorl	%ecx,%esi
+	punpcklqdq	%xmm0,%xmm10
+	movl	%eax,%edi
+	roll	$5,%eax
+	pxor	%xmm2,%xmm1
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	movdqa	%xmm8,%xmm9
+	rorl	$7,%ebx
+	paddd	%xmm0,%xmm8
+	addl	%eax,%ebp
+	pxor	%xmm10,%xmm1
+	addl	20(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	movdqa	%xmm1,%xmm10
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	movdqa	%xmm8,0(%rsp)
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	24(%rsp),%ecx
+	pslld	$2,%xmm1
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	psrld	$30,%xmm10
+	roll	$5,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	rorl	$7,%ebp
+	por	%xmm10,%xmm1
+	addl	%edx,%ecx
+	addl	28(%rsp),%ebx
+	pshufd	$238,%xmm0,%xmm8
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	pxor	%xmm6,%xmm2
+	addl	32(%rsp),%eax
+	xorl	%edx,%esi
+	punpcklqdq	%xmm1,%xmm8
+	movl	%ebx,%edi
+	roll	$5,%ebx
+	pxor	%xmm3,%xmm2
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	movdqa	0(%r14),%xmm10
+	rorl	$7,%ecx
+	paddd	%xmm1,%xmm9
+	addl	%ebx,%eax
+	pxor	%xmm8,%xmm2
+	addl	36(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	movdqa	%xmm2,%xmm8
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	movdqa	%xmm9,16(%rsp)
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	40(%rsp),%edx
+	pslld	$2,%xmm2
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	psrld	$30,%xmm8
+	roll	$5,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	rorl	$7,%eax
+	por	%xmm8,%xmm2
+	addl	%ebp,%edx
+	addl	44(%rsp),%ecx
+	pshufd	$238,%xmm1,%xmm9
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	pxor	%xmm7,%xmm3
+	addl	48(%rsp),%ebx
+	xorl	%ebp,%esi
+	punpcklqdq	%xmm2,%xmm9
+	movl	%ecx,%edi
+	roll	$5,%ecx
+	pxor	%xmm4,%xmm3
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	movdqa	%xmm10,%xmm8
+	rorl	$7,%edx
+	paddd	%xmm2,%xmm10
+	addl	%ecx,%ebx
+	pxor	%xmm9,%xmm3
+	addl	52(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	movdqa	%xmm3,%xmm9
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	movdqa	%xmm10,32(%rsp)
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	56(%rsp),%ebp
+	pslld	$2,%xmm3
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	psrld	$30,%xmm9
+	roll	$5,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	rorl	$7,%ebx
+	por	%xmm9,%xmm3
+	addl	%eax,%ebp
+	addl	60(%rsp),%edx
+	pshufd	$238,%xmm2,%xmm10
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	pxor	%xmm0,%xmm4
+	addl	0(%rsp),%ecx
+	xorl	%eax,%esi
+	punpcklqdq	%xmm3,%xmm10
+	movl	%edx,%edi
+	roll	$5,%edx
+	pxor	%xmm5,%xmm4
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	movdqa	%xmm8,%xmm9
+	rorl	$7,%ebp
+	paddd	%xmm3,%xmm8
+	addl	%edx,%ecx
+	pxor	%xmm10,%xmm4
+	addl	4(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	roll	$5,%ecx
+	movdqa	%xmm4,%xmm10
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	movdqa	%xmm8,48(%rsp)
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	8(%rsp),%eax
+	pslld	$2,%xmm4
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	psrld	$30,%xmm10
+	roll	$5,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	rorl	$7,%ecx
+	por	%xmm10,%xmm4
+	addl	%ebx,%eax
+	addl	12(%rsp),%ebp
+	pshufd	$238,%xmm3,%xmm8
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	pxor	%xmm1,%xmm5
+	addl	16(%rsp),%edx
+	xorl	%ebx,%esi
+	punpcklqdq	%xmm4,%xmm8
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	pxor	%xmm6,%xmm5
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	movdqa	%xmm9,%xmm10
+	rorl	$7,%eax
+	paddd	%xmm4,%xmm9
+	addl	%ebp,%edx
+	pxor	%xmm8,%xmm5
+	addl	20(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	roll	$5,%edx
+	movdqa	%xmm5,%xmm8
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	movdqa	%xmm9,0(%rsp)
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	addl	24(%rsp),%ebx
+	pslld	$2,%xmm5
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	psrld	$30,%xmm8
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	por	%xmm8,%xmm5
+	addl	%ecx,%ebx
+	addl	28(%rsp),%eax
+	pshufd	$238,%xmm4,%xmm9
+	rorl	$7,%ecx
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%ecx,%esi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	pxor	%xmm2,%xmm6
+	addl	32(%rsp),%ebp
+	andl	%ecx,%esi
+	xorl	%edx,%ecx
+	rorl	$7,%ebx
+	punpcklqdq	%xmm5,%xmm9
+	movl	%eax,%edi
+	xorl	%ecx,%esi
+	pxor	%xmm7,%xmm6
+	roll	$5,%eax
+	addl	%esi,%ebp
+	movdqa	%xmm10,%xmm8
+	xorl	%ebx,%edi
+	paddd	%xmm5,%xmm10
+	xorl	%ecx,%ebx
+	pxor	%xmm9,%xmm6
+	addl	%eax,%ebp
+	addl	36(%rsp),%edx
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	rorl	$7,%eax
+	movdqa	%xmm6,%xmm9
+	movl	%ebp,%esi
+	xorl	%ebx,%edi
+	movdqa	%xmm10,16(%rsp)
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%eax,%esi
+	pslld	$2,%xmm6
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	psrld	$30,%xmm9
+	addl	40(%rsp),%ecx
+	andl	%eax,%esi
+	xorl	%ebx,%eax
+	por	%xmm9,%xmm6
+	rorl	$7,%ebp
+	movl	%edx,%edi
+	xorl	%eax,%esi
+	roll	$5,%edx
+	pshufd	$238,%xmm5,%xmm10
+	addl	%esi,%ecx
+	xorl	%ebp,%edi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	addl	44(%rsp),%ebx
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	rorl	$7,%edx
+	movl	%ecx,%esi
+	xorl	%ebp,%edi
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%edx,%esi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	pxor	%xmm3,%xmm7
+	addl	48(%rsp),%eax
+	andl	%edx,%esi
+	xorl	%ebp,%edx
+	rorl	$7,%ecx
+	punpcklqdq	%xmm6,%xmm10
+	movl	%ebx,%edi
+	xorl	%edx,%esi
+	pxor	%xmm0,%xmm7
+	roll	$5,%ebx
+	addl	%esi,%eax
+	movdqa	32(%r14),%xmm9
+	xorl	%ecx,%edi
+	paddd	%xmm6,%xmm8
+	xorl	%edx,%ecx
+	pxor	%xmm10,%xmm7
+	addl	%ebx,%eax
+	addl	52(%rsp),%ebp
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	rorl	$7,%ebx
+	movdqa	%xmm7,%xmm10
+	movl	%eax,%esi
+	xorl	%ecx,%edi
+	movdqa	%xmm8,32(%rsp)
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ebx,%esi
+	pslld	$2,%xmm7
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	psrld	$30,%xmm10
+	addl	56(%rsp),%edx
+	andl	%ebx,%esi
+	xorl	%ecx,%ebx
+	por	%xmm10,%xmm7
+	rorl	$7,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%esi
+	roll	$5,%ebp
+	pshufd	$238,%xmm6,%xmm8
+	addl	%esi,%edx
+	xorl	%eax,%edi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	addl	60(%rsp),%ecx
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	rorl	$7,%ebp
+	movl	%edx,%esi
+	xorl	%eax,%edi
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	pxor	%xmm4,%xmm0
+	addl	0(%rsp),%ebx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	rorl	$7,%edx
+	punpcklqdq	%xmm7,%xmm8
+	movl	%ecx,%edi
+	xorl	%ebp,%esi
+	pxor	%xmm1,%xmm0
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	movdqa	%xmm9,%xmm10
+	xorl	%edx,%edi
+	paddd	%xmm7,%xmm9
+	xorl	%ebp,%edx
+	pxor	%xmm8,%xmm0
+	addl	%ecx,%ebx
+	addl	4(%rsp),%eax
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	rorl	$7,%ecx
+	movdqa	%xmm0,%xmm8
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	movdqa	%xmm9,48(%rsp)
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%ecx,%esi
+	pslld	$2,%xmm0
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	psrld	$30,%xmm8
+	addl	8(%rsp),%ebp
+	andl	%ecx,%esi
+	xorl	%edx,%ecx
+	por	%xmm8,%xmm0
+	rorl	$7,%ebx
+	movl	%eax,%edi
+	xorl	%ecx,%esi
+	roll	$5,%eax
+	pshufd	$238,%xmm7,%xmm9
+	addl	%esi,%ebp
+	xorl	%ebx,%edi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	addl	12(%rsp),%edx
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	rorl	$7,%eax
+	movl	%ebp,%esi
+	xorl	%ebx,%edi
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%eax,%esi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	pxor	%xmm5,%xmm1
+	addl	16(%rsp),%ecx
+	andl	%eax,%esi
+	xorl	%ebx,%eax
+	rorl	$7,%ebp
+	punpcklqdq	%xmm0,%xmm9
+	movl	%edx,%edi
+	xorl	%eax,%esi
+	pxor	%xmm2,%xmm1
+	roll	$5,%edx
+	addl	%esi,%ecx
+	movdqa	%xmm10,%xmm8
+	xorl	%ebp,%edi
+	paddd	%xmm0,%xmm10
+	xorl	%eax,%ebp
+	pxor	%xmm9,%xmm1
+	addl	%edx,%ecx
+	addl	20(%rsp),%ebx
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	rorl	$7,%edx
+	movdqa	%xmm1,%xmm9
+	movl	%ecx,%esi
+	xorl	%ebp,%edi
+	movdqa	%xmm10,0(%rsp)
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%edx,%esi
+	pslld	$2,%xmm1
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	psrld	$30,%xmm9
+	addl	24(%rsp),%eax
+	andl	%edx,%esi
+	xorl	%ebp,%edx
+	por	%xmm9,%xmm1
+	rorl	$7,%ecx
+	movl	%ebx,%edi
+	xorl	%edx,%esi
+	roll	$5,%ebx
+	pshufd	$238,%xmm0,%xmm10
+	addl	%esi,%eax
+	xorl	%ecx,%edi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	addl	28(%rsp),%ebp
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	rorl	$7,%ebx
+	movl	%eax,%esi
+	xorl	%ecx,%edi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ebx,%esi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	pxor	%xmm6,%xmm2
+	addl	32(%rsp),%edx
+	andl	%ebx,%esi
+	xorl	%ecx,%ebx
+	rorl	$7,%eax
+	punpcklqdq	%xmm1,%xmm10
+	movl	%ebp,%edi
+	xorl	%ebx,%esi
+	pxor	%xmm3,%xmm2
+	roll	$5,%ebp
+	addl	%esi,%edx
+	movdqa	%xmm8,%xmm9
+	xorl	%eax,%edi
+	paddd	%xmm1,%xmm8
+	xorl	%ebx,%eax
+	pxor	%xmm10,%xmm2
+	addl	%ebp,%edx
+	addl	36(%rsp),%ecx
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	rorl	$7,%ebp
+	movdqa	%xmm2,%xmm10
+	movl	%edx,%esi
+	xorl	%eax,%edi
+	movdqa	%xmm8,16(%rsp)
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%ebp,%esi
+	pslld	$2,%xmm2
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	psrld	$30,%xmm10
+	addl	40(%rsp),%ebx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	por	%xmm10,%xmm2
+	rorl	$7,%edx
+	movl	%ecx,%edi
+	xorl	%ebp,%esi
+	roll	$5,%ecx
+	pshufd	$238,%xmm1,%xmm8
+	addl	%esi,%ebx
+	xorl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	44(%rsp),%eax
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	rorl	$7,%ecx
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	addl	%ebx,%eax
+	pxor	%xmm7,%xmm3
+	addl	48(%rsp),%ebp
+	xorl	%ecx,%esi
+	punpcklqdq	%xmm2,%xmm8
+	movl	%eax,%edi
+	roll	$5,%eax
+	pxor	%xmm4,%xmm3
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	movdqa	%xmm9,%xmm10
+	rorl	$7,%ebx
+	paddd	%xmm2,%xmm9
+	addl	%eax,%ebp
+	pxor	%xmm8,%xmm3
+	addl	52(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	movdqa	%xmm3,%xmm8
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	movdqa	%xmm9,32(%rsp)
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	56(%rsp),%ecx
+	pslld	$2,%xmm3
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	psrld	$30,%xmm8
+	roll	$5,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	rorl	$7,%ebp
+	por	%xmm8,%xmm3
+	addl	%edx,%ecx
+	addl	60(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	0(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	roll	$5,%ebx
+	paddd	%xmm3,%xmm10
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	movdqa	%xmm10,48(%rsp)
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	4(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	8(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	12(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	cmpq	%r10,%r9
+	je	.Ldone_ssse3
+	movdqa	64(%r14),%xmm6
+	movdqa	-64(%r14),%xmm9
+	movdqu	0(%r9),%xmm0
+	movdqu	16(%r9),%xmm1
+	movdqu	32(%r9),%xmm2
+	movdqu	48(%r9),%xmm3
+.byte	102,15,56,0,198
+	addq	$64,%r9
+	addl	16(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+.byte	102,15,56,0,206
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	paddd	%xmm9,%xmm0
+	addl	%ecx,%ebx
+	addl	20(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	movdqa	%xmm0,0(%rsp)
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	rorl	$7,%ecx
+	psubd	%xmm9,%xmm0
+	addl	%ebx,%eax
+	addl	24(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	roll	$5,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	28(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	32(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+.byte	102,15,56,0,214
+	roll	$5,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	rorl	$7,%ebp
+	paddd	%xmm9,%xmm1
+	addl	%edx,%ecx
+	addl	36(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	movdqa	%xmm1,16(%rsp)
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	rorl	$7,%edx
+	psubd	%xmm9,%xmm1
+	addl	%ecx,%ebx
+	addl	40(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	roll	$5,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	44(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	48(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+.byte	102,15,56,0,222
+	roll	$5,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	rorl	$7,%eax
+	paddd	%xmm9,%xmm2
+	addl	%ebp,%edx
+	addl	52(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	movdqa	%xmm2,32(%rsp)
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	rorl	$7,%ebp
+	psubd	%xmm9,%xmm2
+	addl	%edx,%ecx
+	addl	56(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	60(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	0(%r8),%eax
+	addl	4(%r8),%esi
+	addl	8(%r8),%ecx
+	addl	12(%r8),%edx
+	movl	%eax,0(%r8)
+	addl	16(%r8),%ebp
+	movl	%esi,4(%r8)
+	movl	%esi,%ebx
+	movl	%ecx,8(%r8)
+	movl	%ecx,%edi
+	movl	%edx,12(%r8)
+	xorl	%edx,%edi
+	movl	%ebp,16(%r8)
+	andl	%edi,%esi
+	jmp	.Loop_ssse3
+
+.align	16
+.Ldone_ssse3:
+	addl	16(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	20(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	24(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	roll	$5,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	28(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	32(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	roll	$5,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	addl	36(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	40(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	roll	$5,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	44(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	48(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	52(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	addl	56(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	60(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	0(%r8),%eax
+	addl	4(%r8),%esi
+	addl	8(%r8),%ecx
+	movl	%eax,0(%r8)
+	addl	12(%r8),%edx
+	movl	%esi,4(%r8)
+	addl	16(%r8),%ebp
+	movl	%ecx,8(%r8)
+	movl	%edx,12(%r8)
+	movl	%ebp,16(%r8)
+	movq	-40(%r11),%r14
+.cfi_restore	%r14
+	movq	-32(%r11),%r13
+.cfi_restore	%r13
+	movq	-24(%r11),%r12
+.cfi_restore	%r12
+	movq	-16(%r11),%rbp
+.cfi_restore	%rbp
+	movq	-8(%r11),%rbx
+.cfi_restore	%rbx
+	leaq	(%r11),%rsp
+.cfi_def_cfa_register	%rsp
+.Lepilogue_ssse3:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	sha1_block_data_order_ssse3,.-sha1_block_data_order_ssse3
+.type	sha1_block_data_order_avx,@function
+.align	16
+sha1_block_data_order_avx:
+_avx_shortcut:
+.cfi_startproc	
+	movq	%rsp,%r11
+.cfi_def_cfa_register	%r11
+	pushq	%rbx
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_offset	%r14,-48
+	leaq	-64(%rsp),%rsp
+	vzeroupper
+	andq	$-64,%rsp
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rdx,%r10
+
+	shlq	$6,%r10
+	addq	%r9,%r10
+	leaq	K_XX_XX+64(%rip),%r14
+
+	movl	0(%r8),%eax
+	movl	4(%r8),%ebx
+	movl	8(%r8),%ecx
+	movl	12(%r8),%edx
+	movl	%ebx,%esi
+	movl	16(%r8),%ebp
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	andl	%edi,%esi
+
+	vmovdqa	64(%r14),%xmm6
+	vmovdqa	-64(%r14),%xmm11
+	vmovdqu	0(%r9),%xmm0
+	vmovdqu	16(%r9),%xmm1
+	vmovdqu	32(%r9),%xmm2
+	vmovdqu	48(%r9),%xmm3
+	vpshufb	%xmm6,%xmm0,%xmm0
+	addq	$64,%r9
+	vpshufb	%xmm6,%xmm1,%xmm1
+	vpshufb	%xmm6,%xmm2,%xmm2
+	vpshufb	%xmm6,%xmm3,%xmm3
+	vpaddd	%xmm11,%xmm0,%xmm4
+	vpaddd	%xmm11,%xmm1,%xmm5
+	vpaddd	%xmm11,%xmm2,%xmm6
+	vmovdqa	%xmm4,0(%rsp)
+	vmovdqa	%xmm5,16(%rsp)
+	vmovdqa	%xmm6,32(%rsp)
+	jmp	.Loop_avx
+.align	16
+.Loop_avx:
+	shrdl	$2,%ebx,%ebx
+	xorl	%edx,%esi
+	vpalignr	$8,%xmm0,%xmm1,%xmm4
+	movl	%eax,%edi
+	addl	0(%rsp),%ebp
+	vpaddd	%xmm3,%xmm11,%xmm9
+	xorl	%ecx,%ebx
+	shldl	$5,%eax,%eax
+	vpsrldq	$4,%xmm3,%xmm8
+	addl	%esi,%ebp
+	andl	%ebx,%edi
+	vpxor	%xmm0,%xmm4,%xmm4
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	vpxor	%xmm2,%xmm8,%xmm8
+	shrdl	$7,%eax,%eax
+	xorl	%ecx,%edi
+	movl	%ebp,%esi
+	addl	4(%rsp),%edx
+	vpxor	%xmm8,%xmm4,%xmm4
+	xorl	%ebx,%eax
+	shldl	$5,%ebp,%ebp
+	vmovdqa	%xmm9,48(%rsp)
+	addl	%edi,%edx
+	andl	%eax,%esi
+	vpsrld	$31,%xmm4,%xmm8
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	shrdl	$7,%ebp,%ebp
+	xorl	%ebx,%esi
+	vpslldq	$12,%xmm4,%xmm10
+	vpaddd	%xmm4,%xmm4,%xmm4
+	movl	%edx,%edi
+	addl	8(%rsp),%ecx
+	xorl	%eax,%ebp
+	shldl	$5,%edx,%edx
+	vpsrld	$30,%xmm10,%xmm9
+	vpor	%xmm8,%xmm4,%xmm4
+	addl	%esi,%ecx
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	vpslld	$2,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm4,%xmm4
+	shrdl	$7,%edx,%edx
+	xorl	%eax,%edi
+	movl	%ecx,%esi
+	addl	12(%rsp),%ebx
+	vpxor	%xmm10,%xmm4,%xmm4
+	xorl	%ebp,%edx
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	andl	%edx,%esi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	shrdl	$7,%ecx,%ecx
+	xorl	%ebp,%esi
+	vpalignr	$8,%xmm1,%xmm2,%xmm5
+	movl	%ebx,%edi
+	addl	16(%rsp),%eax
+	vpaddd	%xmm4,%xmm11,%xmm9
+	xorl	%edx,%ecx
+	shldl	$5,%ebx,%ebx
+	vpsrldq	$4,%xmm4,%xmm8
+	addl	%esi,%eax
+	andl	%ecx,%edi
+	vpxor	%xmm1,%xmm5,%xmm5
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	vpxor	%xmm3,%xmm8,%xmm8
+	shrdl	$7,%ebx,%ebx
+	xorl	%edx,%edi
+	movl	%eax,%esi
+	addl	20(%rsp),%ebp
+	vpxor	%xmm8,%xmm5,%xmm5
+	xorl	%ecx,%ebx
+	shldl	$5,%eax,%eax
+	vmovdqa	%xmm9,0(%rsp)
+	addl	%edi,%ebp
+	andl	%ebx,%esi
+	vpsrld	$31,%xmm5,%xmm8
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	shrdl	$7,%eax,%eax
+	xorl	%ecx,%esi
+	vpslldq	$12,%xmm5,%xmm10
+	vpaddd	%xmm5,%xmm5,%xmm5
+	movl	%ebp,%edi
+	addl	24(%rsp),%edx
+	xorl	%ebx,%eax
+	shldl	$5,%ebp,%ebp
+	vpsrld	$30,%xmm10,%xmm9
+	vpor	%xmm8,%xmm5,%xmm5
+	addl	%esi,%edx
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	vpslld	$2,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm5,%xmm5
+	shrdl	$7,%ebp,%ebp
+	xorl	%ebx,%edi
+	movl	%edx,%esi
+	addl	28(%rsp),%ecx
+	vpxor	%xmm10,%xmm5,%xmm5
+	xorl	%eax,%ebp
+	shldl	$5,%edx,%edx
+	vmovdqa	-32(%r14),%xmm11
+	addl	%edi,%ecx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	shrdl	$7,%edx,%edx
+	xorl	%eax,%esi
+	vpalignr	$8,%xmm2,%xmm3,%xmm6
+	movl	%ecx,%edi
+	addl	32(%rsp),%ebx
+	vpaddd	%xmm5,%xmm11,%xmm9
+	xorl	%ebp,%edx
+	shldl	$5,%ecx,%ecx
+	vpsrldq	$4,%xmm5,%xmm8
+	addl	%esi,%ebx
+	andl	%edx,%edi
+	vpxor	%xmm2,%xmm6,%xmm6
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	vpxor	%xmm4,%xmm8,%xmm8
+	shrdl	$7,%ecx,%ecx
+	xorl	%ebp,%edi
+	movl	%ebx,%esi
+	addl	36(%rsp),%eax
+	vpxor	%xmm8,%xmm6,%xmm6
+	xorl	%edx,%ecx
+	shldl	$5,%ebx,%ebx
+	vmovdqa	%xmm9,16(%rsp)
+	addl	%edi,%eax
+	andl	%ecx,%esi
+	vpsrld	$31,%xmm6,%xmm8
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	shrdl	$7,%ebx,%ebx
+	xorl	%edx,%esi
+	vpslldq	$12,%xmm6,%xmm10
+	vpaddd	%xmm6,%xmm6,%xmm6
+	movl	%eax,%edi
+	addl	40(%rsp),%ebp
+	xorl	%ecx,%ebx
+	shldl	$5,%eax,%eax
+	vpsrld	$30,%xmm10,%xmm9
+	vpor	%xmm8,%xmm6,%xmm6
+	addl	%esi,%ebp
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	vpslld	$2,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm6,%xmm6
+	shrdl	$7,%eax,%eax
+	xorl	%ecx,%edi
+	movl	%ebp,%esi
+	addl	44(%rsp),%edx
+	vpxor	%xmm10,%xmm6,%xmm6
+	xorl	%ebx,%eax
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	andl	%eax,%esi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	shrdl	$7,%ebp,%ebp
+	xorl	%ebx,%esi
+	vpalignr	$8,%xmm3,%xmm4,%xmm7
+	movl	%edx,%edi
+	addl	48(%rsp),%ecx
+	vpaddd	%xmm6,%xmm11,%xmm9
+	xorl	%eax,%ebp
+	shldl	$5,%edx,%edx
+	vpsrldq	$4,%xmm6,%xmm8
+	addl	%esi,%ecx
+	andl	%ebp,%edi
+	vpxor	%xmm3,%xmm7,%xmm7
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	vpxor	%xmm5,%xmm8,%xmm8
+	shrdl	$7,%edx,%edx
+	xorl	%eax,%edi
+	movl	%ecx,%esi
+	addl	52(%rsp),%ebx
+	vpxor	%xmm8,%xmm7,%xmm7
+	xorl	%ebp,%edx
+	shldl	$5,%ecx,%ecx
+	vmovdqa	%xmm9,32(%rsp)
+	addl	%edi,%ebx
+	andl	%edx,%esi
+	vpsrld	$31,%xmm7,%xmm8
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	shrdl	$7,%ecx,%ecx
+	xorl	%ebp,%esi
+	vpslldq	$12,%xmm7,%xmm10
+	vpaddd	%xmm7,%xmm7,%xmm7
+	movl	%ebx,%edi
+	addl	56(%rsp),%eax
+	xorl	%edx,%ecx
+	shldl	$5,%ebx,%ebx
+	vpsrld	$30,%xmm10,%xmm9
+	vpor	%xmm8,%xmm7,%xmm7
+	addl	%esi,%eax
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	vpslld	$2,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm7,%xmm7
+	shrdl	$7,%ebx,%ebx
+	xorl	%edx,%edi
+	movl	%eax,%esi
+	addl	60(%rsp),%ebp
+	vpxor	%xmm10,%xmm7,%xmm7
+	xorl	%ecx,%ebx
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	andl	%ebx,%esi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	vpalignr	$8,%xmm6,%xmm7,%xmm8
+	vpxor	%xmm4,%xmm0,%xmm0
+	shrdl	$7,%eax,%eax
+	xorl	%ecx,%esi
+	movl	%ebp,%edi
+	addl	0(%rsp),%edx
+	vpxor	%xmm1,%xmm0,%xmm0
+	xorl	%ebx,%eax
+	shldl	$5,%ebp,%ebp
+	vpaddd	%xmm7,%xmm11,%xmm9
+	addl	%esi,%edx
+	andl	%eax,%edi
+	vpxor	%xmm8,%xmm0,%xmm0
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	shrdl	$7,%ebp,%ebp
+	xorl	%ebx,%edi
+	vpsrld	$30,%xmm0,%xmm8
+	vmovdqa	%xmm9,48(%rsp)
+	movl	%edx,%esi
+	addl	4(%rsp),%ecx
+	xorl	%eax,%ebp
+	shldl	$5,%edx,%edx
+	vpslld	$2,%xmm0,%xmm0
+	addl	%edi,%ecx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	shrdl	$7,%edx,%edx
+	xorl	%eax,%esi
+	movl	%ecx,%edi
+	addl	8(%rsp),%ebx
+	vpor	%xmm8,%xmm0,%xmm0
+	xorl	%ebp,%edx
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	12(%rsp),%eax
+	xorl	%ebp,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vpalignr	$8,%xmm7,%xmm0,%xmm8
+	vpxor	%xmm5,%xmm1,%xmm1
+	addl	16(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	vpxor	%xmm2,%xmm1,%xmm1
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	vpaddd	%xmm0,%xmm11,%xmm9
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpxor	%xmm8,%xmm1,%xmm1
+	addl	20(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	vpsrld	$30,%xmm1,%xmm8
+	vmovdqa	%xmm9,0(%rsp)
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpslld	$2,%xmm1,%xmm1
+	addl	24(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpor	%xmm8,%xmm1,%xmm1
+	addl	28(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vpalignr	$8,%xmm0,%xmm1,%xmm8
+	vpxor	%xmm6,%xmm2,%xmm2
+	addl	32(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	vpxor	%xmm3,%xmm2,%xmm2
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	vpaddd	%xmm1,%xmm11,%xmm9
+	vmovdqa	0(%r14),%xmm11
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vpxor	%xmm8,%xmm2,%xmm2
+	addl	36(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	vpsrld	$30,%xmm2,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpslld	$2,%xmm2,%xmm2
+	addl	40(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpor	%xmm8,%xmm2,%xmm2
+	addl	44(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpalignr	$8,%xmm1,%xmm2,%xmm8
+	vpxor	%xmm7,%xmm3,%xmm3
+	addl	48(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	vpxor	%xmm4,%xmm3,%xmm3
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	vpaddd	%xmm2,%xmm11,%xmm9
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vpxor	%xmm8,%xmm3,%xmm3
+	addl	52(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	vpsrld	$30,%xmm3,%xmm8
+	vmovdqa	%xmm9,32(%rsp)
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vpslld	$2,%xmm3,%xmm3
+	addl	56(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpor	%xmm8,%xmm3,%xmm3
+	addl	60(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpalignr	$8,%xmm2,%xmm3,%xmm8
+	vpxor	%xmm0,%xmm4,%xmm4
+	addl	0(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	vpxor	%xmm5,%xmm4,%xmm4
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	vpaddd	%xmm3,%xmm11,%xmm9
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpxor	%xmm8,%xmm4,%xmm4
+	addl	4(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	vpsrld	$30,%xmm4,%xmm8
+	vmovdqa	%xmm9,48(%rsp)
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vpslld	$2,%xmm4,%xmm4
+	addl	8(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vpor	%xmm8,%xmm4,%xmm4
+	addl	12(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpalignr	$8,%xmm3,%xmm4,%xmm8
+	vpxor	%xmm1,%xmm5,%xmm5
+	addl	16(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	vpxor	%xmm6,%xmm5,%xmm5
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	vpaddd	%xmm4,%xmm11,%xmm9
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpxor	%xmm8,%xmm5,%xmm5
+	addl	20(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	vpsrld	$30,%xmm5,%xmm8
+	vmovdqa	%xmm9,0(%rsp)
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpslld	$2,%xmm5,%xmm5
+	addl	24(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vpor	%xmm8,%xmm5,%xmm5
+	addl	28(%rsp),%eax
+	shrdl	$7,%ecx,%ecx
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%ecx,%esi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	vpalignr	$8,%xmm4,%xmm5,%xmm8
+	vpxor	%xmm2,%xmm6,%xmm6
+	addl	32(%rsp),%ebp
+	andl	%ecx,%esi
+	xorl	%edx,%ecx
+	shrdl	$7,%ebx,%ebx
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%eax,%edi
+	xorl	%ecx,%esi
+	vpaddd	%xmm5,%xmm11,%xmm9
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	vpxor	%xmm8,%xmm6,%xmm6
+	xorl	%ebx,%edi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	addl	36(%rsp),%edx
+	vpsrld	$30,%xmm6,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	shrdl	$7,%eax,%eax
+	movl	%ebp,%esi
+	vpslld	$2,%xmm6,%xmm6
+	xorl	%ebx,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%eax,%esi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	addl	40(%rsp),%ecx
+	andl	%eax,%esi
+	vpor	%xmm8,%xmm6,%xmm6
+	xorl	%ebx,%eax
+	shrdl	$7,%ebp,%ebp
+	movl	%edx,%edi
+	xorl	%eax,%esi
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	xorl	%ebp,%edi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	addl	44(%rsp),%ebx
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	shrdl	$7,%edx,%edx
+	movl	%ecx,%esi
+	xorl	%ebp,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%edx,%esi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	vpalignr	$8,%xmm5,%xmm6,%xmm8
+	vpxor	%xmm3,%xmm7,%xmm7
+	addl	48(%rsp),%eax
+	andl	%edx,%esi
+	xorl	%ebp,%edx
+	shrdl	$7,%ecx,%ecx
+	vpxor	%xmm0,%xmm7,%xmm7
+	movl	%ebx,%edi
+	xorl	%edx,%esi
+	vpaddd	%xmm6,%xmm11,%xmm9
+	vmovdqa	32(%r14),%xmm11
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	vpxor	%xmm8,%xmm7,%xmm7
+	xorl	%ecx,%edi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	addl	52(%rsp),%ebp
+	vpsrld	$30,%xmm7,%xmm8
+	vmovdqa	%xmm9,32(%rsp)
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	shrdl	$7,%ebx,%ebx
+	movl	%eax,%esi
+	vpslld	$2,%xmm7,%xmm7
+	xorl	%ecx,%edi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ebx,%esi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	addl	56(%rsp),%edx
+	andl	%ebx,%esi
+	vpor	%xmm8,%xmm7,%xmm7
+	xorl	%ecx,%ebx
+	shrdl	$7,%eax,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%esi
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	xorl	%eax,%edi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	addl	60(%rsp),%ecx
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	shrdl	$7,%ebp,%ebp
+	movl	%edx,%esi
+	xorl	%eax,%edi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	vpalignr	$8,%xmm6,%xmm7,%xmm8
+	vpxor	%xmm4,%xmm0,%xmm0
+	addl	0(%rsp),%ebx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	shrdl	$7,%edx,%edx
+	vpxor	%xmm1,%xmm0,%xmm0
+	movl	%ecx,%edi
+	xorl	%ebp,%esi
+	vpaddd	%xmm7,%xmm11,%xmm9
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	vpxor	%xmm8,%xmm0,%xmm0
+	xorl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	4(%rsp),%eax
+	vpsrld	$30,%xmm0,%xmm8
+	vmovdqa	%xmm9,48(%rsp)
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	shrdl	$7,%ecx,%ecx
+	movl	%ebx,%esi
+	vpslld	$2,%xmm0,%xmm0
+	xorl	%edx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%ecx,%esi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	addl	8(%rsp),%ebp
+	andl	%ecx,%esi
+	vpor	%xmm8,%xmm0,%xmm0
+	xorl	%edx,%ecx
+	shrdl	$7,%ebx,%ebx
+	movl	%eax,%edi
+	xorl	%ecx,%esi
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	xorl	%ebx,%edi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	addl	12(%rsp),%edx
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	shrdl	$7,%eax,%eax
+	movl	%ebp,%esi
+	xorl	%ebx,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%eax,%esi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	vpalignr	$8,%xmm7,%xmm0,%xmm8
+	vpxor	%xmm5,%xmm1,%xmm1
+	addl	16(%rsp),%ecx
+	andl	%eax,%esi
+	xorl	%ebx,%eax
+	shrdl	$7,%ebp,%ebp
+	vpxor	%xmm2,%xmm1,%xmm1
+	movl	%edx,%edi
+	xorl	%eax,%esi
+	vpaddd	%xmm0,%xmm11,%xmm9
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	vpxor	%xmm8,%xmm1,%xmm1
+	xorl	%ebp,%edi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	addl	20(%rsp),%ebx
+	vpsrld	$30,%xmm1,%xmm8
+	vmovdqa	%xmm9,0(%rsp)
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	shrdl	$7,%edx,%edx
+	movl	%ecx,%esi
+	vpslld	$2,%xmm1,%xmm1
+	xorl	%ebp,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%edx,%esi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	24(%rsp),%eax
+	andl	%edx,%esi
+	vpor	%xmm8,%xmm1,%xmm1
+	xorl	%ebp,%edx
+	shrdl	$7,%ecx,%ecx
+	movl	%ebx,%edi
+	xorl	%edx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	xorl	%ecx,%edi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	addl	28(%rsp),%ebp
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	shrdl	$7,%ebx,%ebx
+	movl	%eax,%esi
+	xorl	%ecx,%edi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ebx,%esi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	vpalignr	$8,%xmm0,%xmm1,%xmm8
+	vpxor	%xmm6,%xmm2,%xmm2
+	addl	32(%rsp),%edx
+	andl	%ebx,%esi
+	xorl	%ecx,%ebx
+	shrdl	$7,%eax,%eax
+	vpxor	%xmm3,%xmm2,%xmm2
+	movl	%ebp,%edi
+	xorl	%ebx,%esi
+	vpaddd	%xmm1,%xmm11,%xmm9
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	vpxor	%xmm8,%xmm2,%xmm2
+	xorl	%eax,%edi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	addl	36(%rsp),%ecx
+	vpsrld	$30,%xmm2,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	shrdl	$7,%ebp,%ebp
+	movl	%edx,%esi
+	vpslld	$2,%xmm2,%xmm2
+	xorl	%eax,%edi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	addl	40(%rsp),%ebx
+	andl	%ebp,%esi
+	vpor	%xmm8,%xmm2,%xmm2
+	xorl	%eax,%ebp
+	shrdl	$7,%edx,%edx
+	movl	%ecx,%edi
+	xorl	%ebp,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	44(%rsp),%eax
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	shrdl	$7,%ecx,%ecx
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	addl	%ebx,%eax
+	vpalignr	$8,%xmm1,%xmm2,%xmm8
+	vpxor	%xmm7,%xmm3,%xmm3
+	addl	48(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	vpxor	%xmm4,%xmm3,%xmm3
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	vpaddd	%xmm2,%xmm11,%xmm9
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpxor	%xmm8,%xmm3,%xmm3
+	addl	52(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	vpsrld	$30,%xmm3,%xmm8
+	vmovdqa	%xmm9,32(%rsp)
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpslld	$2,%xmm3,%xmm3
+	addl	56(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpor	%xmm8,%xmm3,%xmm3
+	addl	60(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	0(%rsp),%eax
+	vpaddd	%xmm3,%xmm11,%xmm9
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	vmovdqa	%xmm9,48(%rsp)
+	xorl	%edx,%edi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	4(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	8(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	addl	12(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	cmpq	%r10,%r9
+	je	.Ldone_avx
+	vmovdqa	64(%r14),%xmm6
+	vmovdqa	-64(%r14),%xmm11
+	vmovdqu	0(%r9),%xmm0
+	vmovdqu	16(%r9),%xmm1
+	vmovdqu	32(%r9),%xmm2
+	vmovdqu	48(%r9),%xmm3
+	vpshufb	%xmm6,%xmm0,%xmm0
+	addq	$64,%r9
+	addl	16(%rsp),%ebx
+	xorl	%ebp,%esi
+	vpshufb	%xmm6,%xmm1,%xmm1
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	vpaddd	%xmm11,%xmm0,%xmm4
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vmovdqa	%xmm4,0(%rsp)
+	addl	20(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	24(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	28(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	addl	32(%rsp),%ecx
+	xorl	%eax,%esi
+	vpshufb	%xmm6,%xmm2,%xmm2
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	vpaddd	%xmm11,%xmm1,%xmm5
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vmovdqa	%xmm5,16(%rsp)
+	addl	36(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	40(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	44(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	48(%rsp),%edx
+	xorl	%ebx,%esi
+	vpshufb	%xmm6,%xmm3,%xmm3
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	vpaddd	%xmm11,%xmm2,%xmm6
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vmovdqa	%xmm6,32(%rsp)
+	addl	52(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	addl	56(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	60(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	0(%r8),%eax
+	addl	4(%r8),%esi
+	addl	8(%r8),%ecx
+	addl	12(%r8),%edx
+	movl	%eax,0(%r8)
+	addl	16(%r8),%ebp
+	movl	%esi,4(%r8)
+	movl	%esi,%ebx
+	movl	%ecx,8(%r8)
+	movl	%ecx,%edi
+	movl	%edx,12(%r8)
+	xorl	%edx,%edi
+	movl	%ebp,16(%r8)
+	andl	%edi,%esi
+	jmp	.Loop_avx
+
+.align	16
+.Ldone_avx:
+	addl	16(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	20(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	24(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	28(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	addl	32(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	addl	36(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	40(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	44(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	48(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	addl	52(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	addl	56(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	60(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vzeroupper
+
+	addl	0(%r8),%eax
+	addl	4(%r8),%esi
+	addl	8(%r8),%ecx
+	movl	%eax,0(%r8)
+	addl	12(%r8),%edx
+	movl	%esi,4(%r8)
+	addl	16(%r8),%ebp
+	movl	%ecx,8(%r8)
+	movl	%edx,12(%r8)
+	movl	%ebp,16(%r8)
+	movq	-40(%r11),%r14
+.cfi_restore	%r14
+	movq	-32(%r11),%r13
+.cfi_restore	%r13
+	movq	-24(%r11),%r12
+.cfi_restore	%r12
+	movq	-16(%r11),%rbp
+.cfi_restore	%rbp
+	movq	-8(%r11),%rbx
+.cfi_restore	%rbx
+	leaq	(%r11),%rsp
+.cfi_def_cfa_register	%rsp
+.Lepilogue_avx:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	sha1_block_data_order_avx,.-sha1_block_data_order_avx
+.type	sha1_block_data_order_avx2,@function
+.align	16
+sha1_block_data_order_avx2:
+_avx2_shortcut:
+.cfi_startproc	
+	movq	%rsp,%r11
+.cfi_def_cfa_register	%r11
+	pushq	%rbx
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_offset	%r14,-48
+	vzeroupper
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rdx,%r10
+
+	leaq	-640(%rsp),%rsp
+	shlq	$6,%r10
+	leaq	64(%r9),%r13
+	andq	$-128,%rsp
+	addq	%r9,%r10
+	leaq	K_XX_XX+64(%rip),%r14
+
+	movl	0(%r8),%eax
+	cmpq	%r10,%r13
+	cmovaeq	%r9,%r13
+	movl	4(%r8),%ebp
+	movl	8(%r8),%ecx
+	movl	12(%r8),%edx
+	movl	16(%r8),%esi
+	vmovdqu	64(%r14),%ymm6
+
+	vmovdqu	(%r9),%xmm0
+	vmovdqu	16(%r9),%xmm1
+	vmovdqu	32(%r9),%xmm2
+	vmovdqu	48(%r9),%xmm3
+	leaq	64(%r9),%r9
+	vinserti128	$1,(%r13),%ymm0,%ymm0
+	vinserti128	$1,16(%r13),%ymm1,%ymm1
+	vpshufb	%ymm6,%ymm0,%ymm0
+	vinserti128	$1,32(%r13),%ymm2,%ymm2
+	vpshufb	%ymm6,%ymm1,%ymm1
+	vinserti128	$1,48(%r13),%ymm3,%ymm3
+	vpshufb	%ymm6,%ymm2,%ymm2
+	vmovdqu	-64(%r14),%ymm11
+	vpshufb	%ymm6,%ymm3,%ymm3
+
+	vpaddd	%ymm11,%ymm0,%ymm4
+	vpaddd	%ymm11,%ymm1,%ymm5
+	vmovdqu	%ymm4,0(%rsp)
+	vpaddd	%ymm11,%ymm2,%ymm6
+	vmovdqu	%ymm5,32(%rsp)
+	vpaddd	%ymm11,%ymm3,%ymm7
+	vmovdqu	%ymm6,64(%rsp)
+	vmovdqu	%ymm7,96(%rsp)
+	vpalignr	$8,%ymm0,%ymm1,%ymm4
+	vpsrldq	$4,%ymm3,%ymm8
+	vpxor	%ymm0,%ymm4,%ymm4
+	vpxor	%ymm2,%ymm8,%ymm8
+	vpxor	%ymm8,%ymm4,%ymm4
+	vpsrld	$31,%ymm4,%ymm8
+	vpslldq	$12,%ymm4,%ymm10
+	vpaddd	%ymm4,%ymm4,%ymm4
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm4,%ymm4
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm4,%ymm4
+	vpxor	%ymm10,%ymm4,%ymm4
+	vpaddd	%ymm11,%ymm4,%ymm9
+	vmovdqu	%ymm9,128(%rsp)
+	vpalignr	$8,%ymm1,%ymm2,%ymm5
+	vpsrldq	$4,%ymm4,%ymm8
+	vpxor	%ymm1,%ymm5,%ymm5
+	vpxor	%ymm3,%ymm8,%ymm8
+	vpxor	%ymm8,%ymm5,%ymm5
+	vpsrld	$31,%ymm5,%ymm8
+	vmovdqu	-32(%r14),%ymm11
+	vpslldq	$12,%ymm5,%ymm10
+	vpaddd	%ymm5,%ymm5,%ymm5
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm5,%ymm5
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm5,%ymm5
+	vpxor	%ymm10,%ymm5,%ymm5
+	vpaddd	%ymm11,%ymm5,%ymm9
+	vmovdqu	%ymm9,160(%rsp)
+	vpalignr	$8,%ymm2,%ymm3,%ymm6
+	vpsrldq	$4,%ymm5,%ymm8
+	vpxor	%ymm2,%ymm6,%ymm6
+	vpxor	%ymm4,%ymm8,%ymm8
+	vpxor	%ymm8,%ymm6,%ymm6
+	vpsrld	$31,%ymm6,%ymm8
+	vpslldq	$12,%ymm6,%ymm10
+	vpaddd	%ymm6,%ymm6,%ymm6
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm6,%ymm6
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm6,%ymm6
+	vpxor	%ymm10,%ymm6,%ymm6
+	vpaddd	%ymm11,%ymm6,%ymm9
+	vmovdqu	%ymm9,192(%rsp)
+	vpalignr	$8,%ymm3,%ymm4,%ymm7
+	vpsrldq	$4,%ymm6,%ymm8
+	vpxor	%ymm3,%ymm7,%ymm7
+	vpxor	%ymm5,%ymm8,%ymm8
+	vpxor	%ymm8,%ymm7,%ymm7
+	vpsrld	$31,%ymm7,%ymm8
+	vpslldq	$12,%ymm7,%ymm10
+	vpaddd	%ymm7,%ymm7,%ymm7
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm7,%ymm7
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm7,%ymm7
+	vpxor	%ymm10,%ymm7,%ymm7
+	vpaddd	%ymm11,%ymm7,%ymm9
+	vmovdqu	%ymm9,224(%rsp)
+	leaq	128(%rsp),%r13
+	jmp	.Loop_avx2
+.align	32
+.Loop_avx2:
+	rorxl	$2,%ebp,%ebx
+	andnl	%edx,%ebp,%edi
+	andl	%ecx,%ebp
+	xorl	%edi,%ebp
+	jmp	.Lalign32_1
+.align	32
+.Lalign32_1:
+	vpalignr	$8,%ymm6,%ymm7,%ymm8
+	vpxor	%ymm4,%ymm0,%ymm0
+	addl	-128(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	vpxor	%ymm1,%ymm0,%ymm0
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	vpxor	%ymm8,%ymm0,%ymm0
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	vpsrld	$30,%ymm0,%ymm8
+	vpslld	$2,%ymm0,%ymm0
+	addl	-124(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	vpor	%ymm8,%ymm0,%ymm0
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-120(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	vpaddd	%ymm11,%ymm0,%ymm9
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	vmovdqu	%ymm9,256(%rsp)
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-116(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	addl	-96(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	vpalignr	$8,%ymm7,%ymm0,%ymm8
+	vpxor	%ymm5,%ymm1,%ymm1
+	addl	-92(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	vpxor	%ymm2,%ymm1,%ymm1
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	vpxor	%ymm8,%ymm1,%ymm1
+	andl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	vpsrld	$30,%ymm1,%ymm8
+	vpslld	$2,%ymm1,%ymm1
+	addl	-88(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	vpor	%ymm8,%ymm1,%ymm1
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-84(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	vpaddd	%ymm11,%ymm1,%ymm9
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	vmovdqu	%ymm9,288(%rsp)
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-64(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-60(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	vpalignr	$8,%ymm0,%ymm1,%ymm8
+	vpxor	%ymm6,%ymm2,%ymm2
+	addl	-56(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	vpxor	%ymm3,%ymm2,%ymm2
+	vmovdqu	0(%r14),%ymm11
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	vpxor	%ymm8,%ymm2,%ymm2
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	vpsrld	$30,%ymm2,%ymm8
+	vpslld	$2,%ymm2,%ymm2
+	addl	-52(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	vpor	%ymm8,%ymm2,%ymm2
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	-32(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	vpaddd	%ymm11,%ymm2,%ymm9
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	vmovdqu	%ymm9,320(%rsp)
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-28(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-24(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	vpalignr	$8,%ymm1,%ymm2,%ymm8
+	vpxor	%ymm7,%ymm3,%ymm3
+	addl	-20(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	vpxor	%ymm4,%ymm3,%ymm3
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	vpxor	%ymm8,%ymm3,%ymm3
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	vpsrld	$30,%ymm3,%ymm8
+	vpslld	$2,%ymm3,%ymm3
+	addl	0(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	vpor	%ymm8,%ymm3,%ymm3
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	addl	4(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	vpaddd	%ymm11,%ymm3,%ymm9
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	vmovdqu	%ymm9,352(%rsp)
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	8(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	12(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	vpalignr	$8,%ymm2,%ymm3,%ymm8
+	vpxor	%ymm0,%ymm4,%ymm4
+	addl	32(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	vpxor	%ymm8,%ymm4,%ymm4
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	36(%r13),%ebx
+	vpsrld	$30,%ymm4,%ymm8
+	vpslld	$2,%ymm4,%ymm4
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	vpor	%ymm8,%ymm4,%ymm4
+	addl	40(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	vpaddd	%ymm11,%ymm4,%ymm9
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	44(%r13),%eax
+	vmovdqu	%ymm9,384(%rsp)
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	64(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	vpalignr	$8,%ymm3,%ymm4,%ymm8
+	vpxor	%ymm1,%ymm5,%ymm5
+	addl	68(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	vpxor	%ymm6,%ymm5,%ymm5
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	vpxor	%ymm8,%ymm5,%ymm5
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	72(%r13),%ecx
+	vpsrld	$30,%ymm5,%ymm8
+	vpslld	$2,%ymm5,%ymm5
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	vpor	%ymm8,%ymm5,%ymm5
+	addl	76(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	vpaddd	%ymm11,%ymm5,%ymm9
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	96(%r13),%ebp
+	vmovdqu	%ymm9,416(%rsp)
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	100(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	vpalignr	$8,%ymm4,%ymm5,%ymm8
+	vpxor	%ymm2,%ymm6,%ymm6
+	addl	104(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	vpxor	%ymm7,%ymm6,%ymm6
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	vpxor	%ymm8,%ymm6,%ymm6
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	108(%r13),%edx
+	leaq	256(%r13),%r13
+	vpsrld	$30,%ymm6,%ymm8
+	vpslld	$2,%ymm6,%ymm6
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	vpor	%ymm8,%ymm6,%ymm6
+	addl	-128(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	vpaddd	%ymm11,%ymm6,%ymm9
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-124(%r13),%ebx
+	vmovdqu	%ymm9,448(%rsp)
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-120(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	vpalignr	$8,%ymm5,%ymm6,%ymm8
+	vpxor	%ymm3,%ymm7,%ymm7
+	addl	-116(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	vpxor	%ymm0,%ymm7,%ymm7
+	vmovdqu	32(%r14),%ymm11
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	vpxor	%ymm8,%ymm7,%ymm7
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-96(%r13),%esi
+	vpsrld	$30,%ymm7,%ymm8
+	vpslld	$2,%ymm7,%ymm7
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	vpor	%ymm8,%ymm7,%ymm7
+	addl	-92(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	vpaddd	%ymm11,%ymm7,%ymm9
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-88(%r13),%ecx
+	vmovdqu	%ymm9,480(%rsp)
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-84(%r13),%ebx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	jmp	.Lalign32_2
+.align	32
+.Lalign32_2:
+	vpalignr	$8,%ymm6,%ymm7,%ymm8
+	vpxor	%ymm4,%ymm0,%ymm0
+	addl	-64(%r13),%ebp
+	xorl	%esi,%ecx
+	vpxor	%ymm1,%ymm0,%ymm0
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	vpxor	%ymm8,%ymm0,%ymm0
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	vpsrld	$30,%ymm0,%ymm8
+	vpslld	$2,%ymm0,%ymm0
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	-60(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	vpor	%ymm8,%ymm0,%ymm0
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	vpaddd	%ymm11,%ymm0,%ymm9
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	-56(%r13),%esi
+	xorl	%ecx,%ebp
+	vmovdqu	%ymm9,512(%rsp)
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	addl	-52(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	addl	-32(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	vpalignr	$8,%ymm7,%ymm0,%ymm8
+	vpxor	%ymm5,%ymm1,%ymm1
+	addl	-28(%r13),%ebx
+	xorl	%eax,%edx
+	vpxor	%ymm2,%ymm1,%ymm1
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	vpxor	%ymm8,%ymm1,%ymm1
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	vpsrld	$30,%ymm1,%ymm8
+	vpslld	$2,%ymm1,%ymm1
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	-24(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	vpor	%ymm8,%ymm1,%ymm1
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	vpaddd	%ymm11,%ymm1,%ymm9
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	-20(%r13),%eax
+	xorl	%edx,%ebx
+	vmovdqu	%ymm9,544(%rsp)
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	0(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	addl	4(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	vpalignr	$8,%ymm0,%ymm1,%ymm8
+	vpxor	%ymm6,%ymm2,%ymm2
+	addl	8(%r13),%ecx
+	xorl	%ebp,%esi
+	vpxor	%ymm3,%ymm2,%ymm2
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	vpxor	%ymm8,%ymm2,%ymm2
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	vpsrld	$30,%ymm2,%ymm8
+	vpslld	$2,%ymm2,%ymm2
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	addl	12(%r13),%ebx
+	xorl	%eax,%edx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	vpor	%ymm8,%ymm2,%ymm2
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	vpaddd	%ymm11,%ymm2,%ymm9
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	32(%r13),%ebp
+	xorl	%esi,%ecx
+	vmovdqu	%ymm9,576(%rsp)
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	36(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	40(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	vpalignr	$8,%ymm1,%ymm2,%ymm8
+	vpxor	%ymm7,%ymm3,%ymm3
+	addl	44(%r13),%edx
+	xorl	%ebx,%eax
+	vpxor	%ymm4,%ymm3,%ymm3
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	vpxor	%ymm8,%ymm3,%ymm3
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	vpsrld	$30,%ymm3,%ymm8
+	vpslld	$2,%ymm3,%ymm3
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	addl	64(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	vpor	%ymm8,%ymm3,%ymm3
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	vpaddd	%ymm11,%ymm3,%ymm9
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	addl	68(%r13),%ebx
+	xorl	%eax,%edx
+	vmovdqu	%ymm9,608(%rsp)
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	72(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	76(%r13),%eax
+	xorl	%edx,%ebx
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	96(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	100(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	104(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	108(%r13),%ebx
+	leaq	256(%r13),%r13
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-128(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	-124(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-120(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-116(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-96(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-92(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-88(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	-84(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-64(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-60(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-56(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-52(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-32(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	-28(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-24(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-20(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	addl	%r12d,%edx
+	leaq	128(%r9),%r13
+	leaq	128(%r9),%rdi
+	cmpq	%r10,%r13
+	cmovaeq	%r9,%r13
+
+
+	addl	0(%r8),%edx
+	addl	4(%r8),%esi
+	addl	8(%r8),%ebp
+	movl	%edx,0(%r8)
+	addl	12(%r8),%ebx
+	movl	%esi,4(%r8)
+	movl	%edx,%eax
+	addl	16(%r8),%ecx
+	movl	%ebp,%r12d
+	movl	%ebp,8(%r8)
+	movl	%ebx,%edx
+
+	movl	%ebx,12(%r8)
+	movl	%esi,%ebp
+	movl	%ecx,16(%r8)
+
+	movl	%ecx,%esi
+	movl	%r12d,%ecx
+
+
+	cmpq	%r10,%r9
+	je	.Ldone_avx2
+	vmovdqu	64(%r14),%ymm6
+	cmpq	%r10,%rdi
+	ja	.Last_avx2
+
+	vmovdqu	-64(%rdi),%xmm0
+	vmovdqu	-48(%rdi),%xmm1
+	vmovdqu	-32(%rdi),%xmm2
+	vmovdqu	-16(%rdi),%xmm3
+	vinserti128	$1,0(%r13),%ymm0,%ymm0
+	vinserti128	$1,16(%r13),%ymm1,%ymm1
+	vinserti128	$1,32(%r13),%ymm2,%ymm2
+	vinserti128	$1,48(%r13),%ymm3,%ymm3
+	jmp	.Last_avx2
+
+.align	32
+.Last_avx2:
+	leaq	128+16(%rsp),%r13
+	rorxl	$2,%ebp,%ebx
+	andnl	%edx,%ebp,%edi
+	andl	%ecx,%ebp
+	xorl	%edi,%ebp
+	subq	$-128,%r9
+	addl	-128(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-124(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-120(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-116(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	addl	-96(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	addl	-92(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	-88(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-84(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-64(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-60(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	addl	-56(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	addl	-52(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	-32(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-28(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-24(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-20(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	addl	0(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	addl	4(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	8(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	12(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	32(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	36(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	40(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	44(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	64(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	vmovdqu	-64(%r14),%ymm11
+	vpshufb	%ymm6,%ymm0,%ymm0
+	addl	68(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	72(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	76(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	96(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	100(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	vpshufb	%ymm6,%ymm1,%ymm1
+	vpaddd	%ymm11,%ymm0,%ymm8
+	addl	104(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	108(%r13),%edx
+	leaq	256(%r13),%r13
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-128(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-124(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-120(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	vmovdqu	%ymm8,0(%rsp)
+	vpshufb	%ymm6,%ymm2,%ymm2
+	vpaddd	%ymm11,%ymm1,%ymm9
+	addl	-116(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-96(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-92(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-88(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-84(%r13),%ebx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	vmovdqu	%ymm9,32(%rsp)
+	vpshufb	%ymm6,%ymm3,%ymm3
+	vpaddd	%ymm11,%ymm2,%ymm6
+	addl	-64(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	-60(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	-56(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	addl	-52(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	addl	-32(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	jmp	.Lalign32_3
+.align	32
+.Lalign32_3:
+	vmovdqu	%ymm6,64(%rsp)
+	vpaddd	%ymm11,%ymm3,%ymm7
+	addl	-28(%r13),%ebx
+	xorl	%eax,%edx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	-24(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	-20(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	0(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	addl	4(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	vmovdqu	%ymm7,96(%rsp)
+	addl	8(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	addl	12(%r13),%ebx
+	xorl	%eax,%edx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	32(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	36(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	40(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	vpalignr	$8,%ymm0,%ymm1,%ymm4
+	addl	44(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	vpsrldq	$4,%ymm3,%ymm8
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	vpxor	%ymm0,%ymm4,%ymm4
+	vpxor	%ymm2,%ymm8,%ymm8
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	vpxor	%ymm8,%ymm4,%ymm4
+	andl	%edi,%esi
+	addl	64(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	vpsrld	$31,%ymm4,%ymm8
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	vpslldq	$12,%ymm4,%ymm10
+	vpaddd	%ymm4,%ymm4,%ymm4
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm4,%ymm4
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm4,%ymm4
+	addl	68(%r13),%ebx
+	xorl	%eax,%edx
+	vpxor	%ymm10,%ymm4,%ymm4
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	vpaddd	%ymm11,%ymm4,%ymm9
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	vmovdqu	%ymm9,128(%rsp)
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	72(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	76(%r13),%eax
+	xorl	%edx,%ebx
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	vpalignr	$8,%ymm1,%ymm2,%ymm5
+	addl	96(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	vpsrldq	$4,%ymm4,%ymm8
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	vpxor	%ymm1,%ymm5,%ymm5
+	vpxor	%ymm3,%ymm8,%ymm8
+	addl	100(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	vpxor	%ymm8,%ymm5,%ymm5
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	vpsrld	$31,%ymm5,%ymm8
+	vmovdqu	-32(%r14),%ymm11
+	xorl	%ebx,%esi
+	addl	104(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	vpslldq	$12,%ymm5,%ymm10
+	vpaddd	%ymm5,%ymm5,%ymm5
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm5,%ymm5
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm5,%ymm5
+	xorl	%ebp,%edx
+	addl	108(%r13),%ebx
+	leaq	256(%r13),%r13
+	vpxor	%ymm10,%ymm5,%ymm5
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	vpaddd	%ymm11,%ymm5,%ymm9
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	vmovdqu	%ymm9,160(%rsp)
+	addl	-128(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	vpalignr	$8,%ymm2,%ymm3,%ymm6
+	addl	-124(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	vpsrldq	$4,%ymm5,%ymm8
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	vpxor	%ymm2,%ymm6,%ymm6
+	vpxor	%ymm4,%ymm8,%ymm8
+	addl	-120(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	vpxor	%ymm8,%ymm6,%ymm6
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	vpsrld	$31,%ymm6,%ymm8
+	xorl	%ecx,%eax
+	addl	-116(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	vpslldq	$12,%ymm6,%ymm10
+	vpaddd	%ymm6,%ymm6,%ymm6
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm6,%ymm6
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm6,%ymm6
+	xorl	%ebx,%esi
+	addl	-96(%r13),%ecx
+	vpxor	%ymm10,%ymm6,%ymm6
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	vpaddd	%ymm11,%ymm6,%ymm9
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	vmovdqu	%ymm9,192(%rsp)
+	addl	-92(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	vpalignr	$8,%ymm3,%ymm4,%ymm7
+	addl	-88(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	vpsrldq	$4,%ymm6,%ymm8
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	vpxor	%ymm3,%ymm7,%ymm7
+	vpxor	%ymm5,%ymm8,%ymm8
+	addl	-84(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	vpxor	%ymm8,%ymm7,%ymm7
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	vpsrld	$31,%ymm7,%ymm8
+	xorl	%edx,%ebp
+	addl	-64(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	vpslldq	$12,%ymm7,%ymm10
+	vpaddd	%ymm7,%ymm7,%ymm7
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm7,%ymm7
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm7,%ymm7
+	xorl	%ecx,%eax
+	addl	-60(%r13),%edx
+	vpxor	%ymm10,%ymm7,%ymm7
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	vpaddd	%ymm11,%ymm7,%ymm9
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	vmovdqu	%ymm9,224(%rsp)
+	addl	-56(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-52(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-32(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	-28(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-24(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-20(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	addl	%r12d,%edx
+	leaq	128(%rsp),%r13
+
+
+	addl	0(%r8),%edx
+	addl	4(%r8),%esi
+	addl	8(%r8),%ebp
+	movl	%edx,0(%r8)
+	addl	12(%r8),%ebx
+	movl	%esi,4(%r8)
+	movl	%edx,%eax
+	addl	16(%r8),%ecx
+	movl	%ebp,%r12d
+	movl	%ebp,8(%r8)
+	movl	%ebx,%edx
+
+	movl	%ebx,12(%r8)
+	movl	%esi,%ebp
+	movl	%ecx,16(%r8)
+
+	movl	%ecx,%esi
+	movl	%r12d,%ecx
+
+
+	cmpq	%r10,%r9
+	jbe	.Loop_avx2
+
+.Ldone_avx2:
+	vzeroupper
+	movq	-40(%r11),%r14
+.cfi_restore	%r14
+	movq	-32(%r11),%r13
+.cfi_restore	%r13
+	movq	-24(%r11),%r12
+.cfi_restore	%r12
+	movq	-16(%r11),%rbp
+.cfi_restore	%rbp
+	movq	-8(%r11),%rbx
+.cfi_restore	%rbx
+	leaq	(%r11),%rsp
+.cfi_def_cfa_register	%rsp
+.Lepilogue_avx2:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	sha1_block_data_order_avx2,.-sha1_block_data_order_avx2
+.align	64
+K_XX_XX:
+.long	0x5a827999,0x5a827999,0x5a827999,0x5a827999
+.long	0x5a827999,0x5a827999,0x5a827999,0x5a827999
+.long	0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1
+.long	0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1
+.long	0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc
+.long	0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc
+.long	0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6
+.long	0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+.byte	0xf,0xe,0xd,0xc,0xb,0xa,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0
+.byte	83,72,65,49,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.align	64
+
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/x86/elf/sha256-ssse3-x86.s b/lib/accelerated/x86/elf/sha256-ssse3-x86.s
new file mode 100644
index 0000000..8d9aaa4
--- /dev/null
+++ b/lib/accelerated/x86/elf/sha256-ssse3-x86.s
@@ -0,0 +1,3387 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text
+.globl	sha256_block_data_order
+.type	sha256_block_data_order,@function
+.align	16
+sha256_block_data_order:
+.L_sha256_block_data_order_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	%esp,%ebx
+	call	.L000pic_point
+.L000pic_point:
+	popl	%ebp
+	leal	.L001K256-.L000pic_point(%ebp),%ebp
+	subl	$16,%esp
+	andl	$-64,%esp
+	shll	$6,%eax
+	addl	%edi,%eax
+	movl	%esi,(%esp)
+	movl	%edi,4(%esp)
+	movl	%eax,8(%esp)
+	movl	%ebx,12(%esp)
+	jmp	.L002loop
+.align	16
+.L002loop:
+	movl	(%edi),%eax
+	movl	4(%edi),%ebx
+	movl	8(%edi),%ecx
+	bswap	%eax
+	movl	12(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	16(%edi),%eax
+	movl	20(%edi),%ebx
+	movl	24(%edi),%ecx
+	bswap	%eax
+	movl	28(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	32(%edi),%eax
+	movl	36(%edi),%ebx
+	movl	40(%edi),%ecx
+	bswap	%eax
+	movl	44(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	48(%edi),%eax
+	movl	52(%edi),%ebx
+	movl	56(%edi),%ecx
+	bswap	%eax
+	movl	60(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	addl	$64,%edi
+	leal	-36(%esp),%esp
+	movl	%edi,104(%esp)
+	movl	(%esi),%eax
+	movl	4(%esi),%ebx
+	movl	8(%esi),%ecx
+	movl	12(%esi),%edi
+	movl	%ebx,8(%esp)
+	xorl	%ecx,%ebx
+	movl	%ecx,12(%esp)
+	movl	%edi,16(%esp)
+	movl	%ebx,(%esp)
+	movl	16(%esi),%edx
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%edi
+	movl	%ebx,24(%esp)
+	movl	%ecx,28(%esp)
+	movl	%edi,32(%esp)
+.align	16
+.L00300_15:
+	movl	%edx,%ecx
+	movl	24(%esp),%esi
+	rorl	$14,%ecx
+	movl	28(%esp),%edi
+	xorl	%edx,%ecx
+	xorl	%edi,%esi
+	movl	96(%esp),%ebx
+	rorl	$5,%ecx
+	andl	%edx,%esi
+	movl	%edx,20(%esp)
+	xorl	%ecx,%edx
+	addl	32(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%esi,%ebx
+	rorl	$9,%ecx
+	addl	%edx,%ebx
+	movl	8(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,4(%esp)
+	leal	-4(%esp),%esp
+	rorl	$11,%ecx
+	movl	(%ebp),%esi
+	xorl	%eax,%ecx
+	movl	20(%esp),%edx
+	xorl	%edi,%eax
+	rorl	$2,%ecx
+	addl	%esi,%ebx
+	movl	%eax,(%esp)
+	addl	%ebx,%edx
+	andl	4(%esp),%eax
+	addl	%ecx,%ebx
+	xorl	%edi,%eax
+	addl	$4,%ebp
+	addl	%ebx,%eax
+	cmpl	$3248222580,%esi
+	jne	.L00300_15
+	movl	156(%esp),%ecx
+	jmp	.L00416_63
+.align	16
+.L00416_63:
+	movl	%ecx,%ebx
+	movl	104(%esp),%esi
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	160(%esp),%ebx
+	shrl	$10,%edi
+	addl	124(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	24(%esp),%esi
+	rorl	$14,%ecx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%edx,%ecx
+	xorl	%edi,%esi
+	movl	%ebx,96(%esp)
+	rorl	$5,%ecx
+	andl	%edx,%esi
+	movl	%edx,20(%esp)
+	xorl	%ecx,%edx
+	addl	32(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%esi,%ebx
+	rorl	$9,%ecx
+	addl	%edx,%ebx
+	movl	8(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,4(%esp)
+	leal	-4(%esp),%esp
+	rorl	$11,%ecx
+	movl	(%ebp),%esi
+	xorl	%eax,%ecx
+	movl	20(%esp),%edx
+	xorl	%edi,%eax
+	rorl	$2,%ecx
+	addl	%esi,%ebx
+	movl	%eax,(%esp)
+	addl	%ebx,%edx
+	andl	4(%esp),%eax
+	addl	%ecx,%ebx
+	xorl	%edi,%eax
+	movl	156(%esp),%ecx
+	addl	$4,%ebp
+	addl	%ebx,%eax
+	cmpl	$3329325298,%esi
+	jne	.L00416_63
+	movl	356(%esp),%esi
+	movl	8(%esp),%ebx
+	movl	16(%esp),%ecx
+	addl	(%esi),%eax
+	addl	4(%esi),%ebx
+	addl	8(%esi),%edi
+	addl	12(%esi),%ecx
+	movl	%eax,(%esi)
+	movl	%ebx,4(%esi)
+	movl	%edi,8(%esi)
+	movl	%ecx,12(%esi)
+	movl	24(%esp),%eax
+	movl	28(%esp),%ebx
+	movl	32(%esp),%ecx
+	movl	360(%esp),%edi
+	addl	16(%esi),%edx
+	addl	20(%esi),%eax
+	addl	24(%esi),%ebx
+	addl	28(%esi),%ecx
+	movl	%edx,16(%esi)
+	movl	%eax,20(%esi)
+	movl	%ebx,24(%esi)
+	movl	%ecx,28(%esi)
+	leal	356(%esp),%esp
+	subl	$256,%ebp
+	cmpl	8(%esp),%edi
+	jb	.L002loop
+	movl	12(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	32
+.L005loop_shrd:
+	movl	(%edi),%eax
+	movl	4(%edi),%ebx
+	movl	8(%edi),%ecx
+	bswap	%eax
+	movl	12(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	16(%edi),%eax
+	movl	20(%edi),%ebx
+	movl	24(%edi),%ecx
+	bswap	%eax
+	movl	28(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	32(%edi),%eax
+	movl	36(%edi),%ebx
+	movl	40(%edi),%ecx
+	bswap	%eax
+	movl	44(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	48(%edi),%eax
+	movl	52(%edi),%ebx
+	movl	56(%edi),%ecx
+	bswap	%eax
+	movl	60(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	addl	$64,%edi
+	leal	-36(%esp),%esp
+	movl	%edi,104(%esp)
+	movl	(%esi),%eax
+	movl	4(%esi),%ebx
+	movl	8(%esi),%ecx
+	movl	12(%esi),%edi
+	movl	%ebx,8(%esp)
+	xorl	%ecx,%ebx
+	movl	%ecx,12(%esp)
+	movl	%edi,16(%esp)
+	movl	%ebx,(%esp)
+	movl	16(%esi),%edx
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%edi
+	movl	%ebx,24(%esp)
+	movl	%ecx,28(%esp)
+	movl	%edi,32(%esp)
+.align	16
+.L00600_15_shrd:
+	movl	%edx,%ecx
+	movl	24(%esp),%esi
+	shrdl	$14,%ecx,%ecx
+	movl	28(%esp),%edi
+	xorl	%edx,%ecx
+	xorl	%edi,%esi
+	movl	96(%esp),%ebx
+	shrdl	$5,%ecx,%ecx
+	andl	%edx,%esi
+	movl	%edx,20(%esp)
+	xorl	%ecx,%edx
+	addl	32(%esp),%ebx
+	xorl	%edi,%esi
+	shrdl	$6,%edx,%edx
+	movl	%eax,%ecx
+	addl	%esi,%ebx
+	shrdl	$9,%ecx,%ecx
+	addl	%edx,%ebx
+	movl	8(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,4(%esp)
+	leal	-4(%esp),%esp
+	shrdl	$11,%ecx,%ecx
+	movl	(%ebp),%esi
+	xorl	%eax,%ecx
+	movl	20(%esp),%edx
+	xorl	%edi,%eax
+	shrdl	$2,%ecx,%ecx
+	addl	%esi,%ebx
+	movl	%eax,(%esp)
+	addl	%ebx,%edx
+	andl	4(%esp),%eax
+	addl	%ecx,%ebx
+	xorl	%edi,%eax
+	addl	$4,%ebp
+	addl	%ebx,%eax
+	cmpl	$3248222580,%esi
+	jne	.L00600_15_shrd
+	movl	156(%esp),%ecx
+	jmp	.L00716_63_shrd
+.align	16
+.L00716_63_shrd:
+	movl	%ecx,%ebx
+	movl	104(%esp),%esi
+	shrdl	$11,%ecx,%ecx
+	movl	%esi,%edi
+	shrdl	$2,%esi,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	shrdl	$7,%ecx,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	shrdl	$17,%esi,%esi
+	addl	160(%esp),%ebx
+	shrl	$10,%edi
+	addl	124(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	24(%esp),%esi
+	shrdl	$14,%ecx,%ecx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%edx,%ecx
+	xorl	%edi,%esi
+	movl	%ebx,96(%esp)
+	shrdl	$5,%ecx,%ecx
+	andl	%edx,%esi
+	movl	%edx,20(%esp)
+	xorl	%ecx,%edx
+	addl	32(%esp),%ebx
+	xorl	%edi,%esi
+	shrdl	$6,%edx,%edx
+	movl	%eax,%ecx
+	addl	%esi,%ebx
+	shrdl	$9,%ecx,%ecx
+	addl	%edx,%ebx
+	movl	8(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,4(%esp)
+	leal	-4(%esp),%esp
+	shrdl	$11,%ecx,%ecx
+	movl	(%ebp),%esi
+	xorl	%eax,%ecx
+	movl	20(%esp),%edx
+	xorl	%edi,%eax
+	shrdl	$2,%ecx,%ecx
+	addl	%esi,%ebx
+	movl	%eax,(%esp)
+	addl	%ebx,%edx
+	andl	4(%esp),%eax
+	addl	%ecx,%ebx
+	xorl	%edi,%eax
+	movl	156(%esp),%ecx
+	addl	$4,%ebp
+	addl	%ebx,%eax
+	cmpl	$3329325298,%esi
+	jne	.L00716_63_shrd
+	movl	356(%esp),%esi
+	movl	8(%esp),%ebx
+	movl	16(%esp),%ecx
+	addl	(%esi),%eax
+	addl	4(%esi),%ebx
+	addl	8(%esi),%edi
+	addl	12(%esi),%ecx
+	movl	%eax,(%esi)
+	movl	%ebx,4(%esi)
+	movl	%edi,8(%esi)
+	movl	%ecx,12(%esi)
+	movl	24(%esp),%eax
+	movl	28(%esp),%ebx
+	movl	32(%esp),%ecx
+	movl	360(%esp),%edi
+	addl	16(%esi),%edx
+	addl	20(%esi),%eax
+	addl	24(%esi),%ebx
+	addl	28(%esi),%ecx
+	movl	%edx,16(%esi)
+	movl	%eax,20(%esi)
+	movl	%ebx,24(%esi)
+	movl	%ecx,28(%esi)
+	leal	356(%esp),%esp
+	subl	$256,%ebp
+	cmpl	8(%esp),%edi
+	jb	.L005loop_shrd
+	movl	12(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	64
+.L001K256:
+.long	1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298
+.long	66051,67438087,134810123,202182159
+.byte	83,72,65,50,53,54,32,98,108,111,99,107,32,116,114,97
+.byte	110,115,102,111,114,109,32,102,111,114,32,120,56,54,44,32
+.byte	67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97
+.byte	112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103
+.byte	62,0
+.align	16
+.L008unrolled:
+	leal	-96(%esp),%esp
+	movl	(%esi),%eax
+	movl	4(%esi),%ebp
+	movl	8(%esi),%ecx
+	movl	12(%esi),%ebx
+	movl	%ebp,4(%esp)
+	xorl	%ecx,%ebp
+	movl	%ecx,8(%esp)
+	movl	%ebx,12(%esp)
+	movl	16(%esi),%edx
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%esi
+	movl	%ebx,20(%esp)
+	movl	%ecx,24(%esp)
+	movl	%esi,28(%esp)
+	jmp	.L009grand_loop
+.align	16
+.L009grand_loop:
+	movl	(%edi),%ebx
+	movl	4(%edi),%ecx
+	bswap	%ebx
+	movl	8(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,32(%esp)
+	bswap	%esi
+	movl	%ecx,36(%esp)
+	movl	%esi,40(%esp)
+	movl	12(%edi),%ebx
+	movl	16(%edi),%ecx
+	bswap	%ebx
+	movl	20(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,44(%esp)
+	bswap	%esi
+	movl	%ecx,48(%esp)
+	movl	%esi,52(%esp)
+	movl	24(%edi),%ebx
+	movl	28(%edi),%ecx
+	bswap	%ebx
+	movl	32(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,56(%esp)
+	bswap	%esi
+	movl	%ecx,60(%esp)
+	movl	%esi,64(%esp)
+	movl	36(%edi),%ebx
+	movl	40(%edi),%ecx
+	bswap	%ebx
+	movl	44(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,68(%esp)
+	bswap	%esi
+	movl	%ecx,72(%esp)
+	movl	%esi,76(%esp)
+	movl	48(%edi),%ebx
+	movl	52(%edi),%ecx
+	bswap	%ebx
+	movl	56(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,80(%esp)
+	bswap	%esi
+	movl	%ecx,84(%esp)
+	movl	%esi,88(%esp)
+	movl	60(%edi),%ebx
+	addl	$64,%edi
+	bswap	%ebx
+	movl	%edi,100(%esp)
+	movl	%ebx,92(%esp)
+	movl	%edx,%ecx
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	32(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1116352408(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	36(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1899447441(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	40(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3049323471(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	44(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3921009573(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	48(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	961987163(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	52(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1508970993(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	56(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2453635748(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	60(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2870763221(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	64(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3624381080(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	68(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	310598401(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	72(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	607225278(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	76(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1426881987(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	80(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1925078388(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	84(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2162078206(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	88(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2614888103(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	92(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3248222580(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	36(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	88(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	32(%esp),%ebx
+	shrl	$10,%edi
+	addl	68(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,32(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3835390401(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	40(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	92(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	36(%esp),%ebx
+	shrl	$10,%edi
+	addl	72(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,36(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	4022224774(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	44(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	32(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	40(%esp),%ebx
+	shrl	$10,%edi
+	addl	76(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,40(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	264347078(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	48(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	36(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	44(%esp),%ebx
+	shrl	$10,%edi
+	addl	80(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,44(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	604807628(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	52(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	40(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	48(%esp),%ebx
+	shrl	$10,%edi
+	addl	84(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,48(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	770255983(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	56(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	44(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	52(%esp),%ebx
+	shrl	$10,%edi
+	addl	88(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,52(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1249150122(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	60(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	48(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	56(%esp),%ebx
+	shrl	$10,%edi
+	addl	92(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,56(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1555081692(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	64(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	52(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	60(%esp),%ebx
+	shrl	$10,%edi
+	addl	32(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,60(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1996064986(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	68(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	56(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	64(%esp),%ebx
+	shrl	$10,%edi
+	addl	36(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,64(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2554220882(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	72(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	60(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	68(%esp),%ebx
+	shrl	$10,%edi
+	addl	40(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,68(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2821834349(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	76(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	64(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	72(%esp),%ebx
+	shrl	$10,%edi
+	addl	44(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,72(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2952996808(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	80(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	68(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	76(%esp),%ebx
+	shrl	$10,%edi
+	addl	48(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,76(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3210313671(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	84(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	72(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	80(%esp),%ebx
+	shrl	$10,%edi
+	addl	52(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,80(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3336571891(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	88(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	76(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	84(%esp),%ebx
+	shrl	$10,%edi
+	addl	56(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,84(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3584528711(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	92(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	80(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	88(%esp),%ebx
+	shrl	$10,%edi
+	addl	60(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,88(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	113926993(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	32(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	84(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	92(%esp),%ebx
+	shrl	$10,%edi
+	addl	64(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,92(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	338241895(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	36(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	88(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	32(%esp),%ebx
+	shrl	$10,%edi
+	addl	68(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,32(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	666307205(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	40(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	92(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	36(%esp),%ebx
+	shrl	$10,%edi
+	addl	72(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,36(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	773529912(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	44(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	32(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	40(%esp),%ebx
+	shrl	$10,%edi
+	addl	76(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,40(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1294757372(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	48(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	36(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	44(%esp),%ebx
+	shrl	$10,%edi
+	addl	80(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,44(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1396182291(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	52(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	40(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	48(%esp),%ebx
+	shrl	$10,%edi
+	addl	84(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,48(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1695183700(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	56(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	44(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	52(%esp),%ebx
+	shrl	$10,%edi
+	addl	88(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,52(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1986661051(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	60(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	48(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	56(%esp),%ebx
+	shrl	$10,%edi
+	addl	92(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,56(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2177026350(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	64(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	52(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	60(%esp),%ebx
+	shrl	$10,%edi
+	addl	32(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,60(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2456956037(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	68(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	56(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	64(%esp),%ebx
+	shrl	$10,%edi
+	addl	36(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,64(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2730485921(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	72(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	60(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	68(%esp),%ebx
+	shrl	$10,%edi
+	addl	40(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,68(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2820302411(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	76(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	64(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	72(%esp),%ebx
+	shrl	$10,%edi
+	addl	44(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,72(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3259730800(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	80(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	68(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	76(%esp),%ebx
+	shrl	$10,%edi
+	addl	48(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,76(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3345764771(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	84(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	72(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	80(%esp),%ebx
+	shrl	$10,%edi
+	addl	52(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,80(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3516065817(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	88(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	76(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	84(%esp),%ebx
+	shrl	$10,%edi
+	addl	56(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,84(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3600352804(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	92(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	80(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	88(%esp),%ebx
+	shrl	$10,%edi
+	addl	60(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,88(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	4094571909(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	32(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	84(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	92(%esp),%ebx
+	shrl	$10,%edi
+	addl	64(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,92(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	275423344(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	36(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	88(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	32(%esp),%ebx
+	shrl	$10,%edi
+	addl	68(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,32(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	430227734(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	40(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	92(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	36(%esp),%ebx
+	shrl	$10,%edi
+	addl	72(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,36(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	506948616(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	44(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	32(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	40(%esp),%ebx
+	shrl	$10,%edi
+	addl	76(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,40(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	659060556(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	48(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	36(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	44(%esp),%ebx
+	shrl	$10,%edi
+	addl	80(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,44(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	883997877(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	52(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	40(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	48(%esp),%ebx
+	shrl	$10,%edi
+	addl	84(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,48(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	958139571(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	56(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	44(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	52(%esp),%ebx
+	shrl	$10,%edi
+	addl	88(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,52(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1322822218(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	60(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	48(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	56(%esp),%ebx
+	shrl	$10,%edi
+	addl	92(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,56(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1537002063(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	64(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	52(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	60(%esp),%ebx
+	shrl	$10,%edi
+	addl	32(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,60(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1747873779(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	68(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	56(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	64(%esp),%ebx
+	shrl	$10,%edi
+	addl	36(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,64(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1955562222(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	72(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	60(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	68(%esp),%ebx
+	shrl	$10,%edi
+	addl	40(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,68(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2024104815(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	76(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	64(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	72(%esp),%ebx
+	shrl	$10,%edi
+	addl	44(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,72(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2227730452(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	80(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	68(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	76(%esp),%ebx
+	shrl	$10,%edi
+	addl	48(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,76(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2361852424(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	84(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	72(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	80(%esp),%ebx
+	shrl	$10,%edi
+	addl	52(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,80(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2428436474(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	88(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	76(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	84(%esp),%ebx
+	shrl	$10,%edi
+	addl	56(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,84(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2756734187(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	92(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	80(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	88(%esp),%ebx
+	shrl	$10,%edi
+	addl	60(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3204031479(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	32(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	84(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	92(%esp),%ebx
+	shrl	$10,%edi
+	addl	64(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3329325298(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	96(%esp),%esi
+	xorl	%edi,%ebp
+	movl	12(%esp),%ecx
+	addl	(%esi),%eax
+	addl	4(%esi),%ebp
+	addl	8(%esi),%edi
+	addl	12(%esi),%ecx
+	movl	%eax,(%esi)
+	movl	%ebp,4(%esi)
+	movl	%edi,8(%esi)
+	movl	%ecx,12(%esi)
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	movl	%edi,8(%esp)
+	movl	%ecx,12(%esp)
+	movl	20(%esp),%edi
+	movl	24(%esp),%ebx
+	movl	28(%esp),%ecx
+	addl	16(%esi),%edx
+	addl	20(%esi),%edi
+	addl	24(%esi),%ebx
+	addl	28(%esi),%ecx
+	movl	%edx,16(%esi)
+	movl	%edi,20(%esi)
+	movl	%ebx,24(%esi)
+	movl	%ecx,28(%esi)
+	movl	%edi,20(%esp)
+	movl	100(%esp),%edi
+	movl	%ebx,24(%esp)
+	movl	%ecx,28(%esp)
+	cmpl	104(%esp),%edi
+	jb	.L009grand_loop
+	movl	108(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.size	sha256_block_data_order,.-.L_sha256_block_data_order_begin
+
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/x86/elf/sha256-ssse3-x86_64.s b/lib/accelerated/x86/elf/sha256-ssse3-x86_64.s
new file mode 100644
index 0000000..874062e
--- /dev/null
+++ b/lib/accelerated/x86/elf/sha256-ssse3-x86_64.s
@@ -0,0 +1,5497 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+.globl	sha256_block_data_order
+.type	sha256_block_data_order,@function
+.align	16
+sha256_block_data_order:
+.cfi_startproc	
+	leaq	GNUTLS_x86_cpuid_s(%rip),%r11
+	movl	0(%r11),%r9d
+	movl	4(%r11),%r10d
+	movl	8(%r11),%r11d
+	testl	$536870912,%r11d
+	jnz	_shaext_shortcut
+	andl	$296,%r11d
+	cmpl	$296,%r11d
+	je	.Lavx2_shortcut
+	andl	$1073741824,%r9d
+	andl	$268435968,%r10d
+	orl	%r9d,%r10d
+	cmpl	$1342177792,%r10d
+	je	.Lavx_shortcut
+	testl	$512,%r10d
+	jnz	.Lssse3_shortcut
+	movq	%rsp,%rax
+.cfi_def_cfa_register	%rax
+	pushq	%rbx
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_offset	%r14,-48
+	pushq	%r15
+.cfi_offset	%r15,-56
+	shlq	$4,%rdx
+	subq	$64+32,%rsp
+	leaq	(%rsi,%rdx,4),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,64+0(%rsp)
+	movq	%rsi,64+8(%rsp)
+	movq	%rdx,64+16(%rsp)
+	movq	%rax,88(%rsp)
+.cfi_escape	0x0f,0x06,0x77,0xd8,0x00,0x06,0x23,0x08
+.Lprologue:
+
+	movl	0(%rdi),%eax
+	movl	4(%rdi),%ebx
+	movl	8(%rdi),%ecx
+	movl	12(%rdi),%edx
+	movl	16(%rdi),%r8d
+	movl	20(%rdi),%r9d
+	movl	24(%rdi),%r10d
+	movl	28(%rdi),%r11d
+	jmp	.Lloop
+
+.align	16
+.Lloop:
+	movl	%ebx,%edi
+	leaq	K256(%rip),%rbp
+	xorl	%ecx,%edi
+	movl	0(%rsi),%r12d
+	movl	%r8d,%r13d
+	movl	%eax,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r9d,%r15d
+
+	xorl	%r8d,%r13d
+	rorl	$9,%r14d
+	xorl	%r10d,%r15d
+
+	movl	%r12d,0(%rsp)
+	xorl	%eax,%r14d
+	andl	%r8d,%r15d
+
+	rorl	$5,%r13d
+	addl	%r11d,%r12d
+	xorl	%r10d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r8d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%eax,%r15d
+	addl	(%rbp),%r12d
+	xorl	%eax,%r14d
+
+	xorl	%ebx,%r15d
+	rorl	$6,%r13d
+	movl	%ebx,%r11d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r11d
+	addl	%r12d,%edx
+	addl	%r12d,%r11d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r11d
+	movl	4(%rsi),%r12d
+	movl	%edx,%r13d
+	movl	%r11d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r8d,%edi
+
+	xorl	%edx,%r13d
+	rorl	$9,%r14d
+	xorl	%r9d,%edi
+
+	movl	%r12d,4(%rsp)
+	xorl	%r11d,%r14d
+	andl	%edx,%edi
+
+	rorl	$5,%r13d
+	addl	%r10d,%r12d
+	xorl	%r9d,%edi
+
+	rorl	$11,%r14d
+	xorl	%edx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r11d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r11d,%r14d
+
+	xorl	%eax,%edi
+	rorl	$6,%r13d
+	movl	%eax,%r10d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r10d
+	addl	%r12d,%ecx
+	addl	%r12d,%r10d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r10d
+	movl	8(%rsi),%r12d
+	movl	%ecx,%r13d
+	movl	%r10d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%edx,%r15d
+
+	xorl	%ecx,%r13d
+	rorl	$9,%r14d
+	xorl	%r8d,%r15d
+
+	movl	%r12d,8(%rsp)
+	xorl	%r10d,%r14d
+	andl	%ecx,%r15d
+
+	rorl	$5,%r13d
+	addl	%r9d,%r12d
+	xorl	%r8d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%ecx,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r10d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r10d,%r14d
+
+	xorl	%r11d,%r15d
+	rorl	$6,%r13d
+	movl	%r11d,%r9d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r9d
+	addl	%r12d,%ebx
+	addl	%r12d,%r9d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r9d
+	movl	12(%rsi),%r12d
+	movl	%ebx,%r13d
+	movl	%r9d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%ecx,%edi
+
+	xorl	%ebx,%r13d
+	rorl	$9,%r14d
+	xorl	%edx,%edi
+
+	movl	%r12d,12(%rsp)
+	xorl	%r9d,%r14d
+	andl	%ebx,%edi
+
+	rorl	$5,%r13d
+	addl	%r8d,%r12d
+	xorl	%edx,%edi
+
+	rorl	$11,%r14d
+	xorl	%ebx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r9d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r9d,%r14d
+
+	xorl	%r10d,%edi
+	rorl	$6,%r13d
+	movl	%r10d,%r8d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r8d
+	addl	%r12d,%eax
+	addl	%r12d,%r8d
+
+	leaq	20(%rbp),%rbp
+	addl	%r14d,%r8d
+	movl	16(%rsi),%r12d
+	movl	%eax,%r13d
+	movl	%r8d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%ebx,%r15d
+
+	xorl	%eax,%r13d
+	rorl	$9,%r14d
+	xorl	%ecx,%r15d
+
+	movl	%r12d,16(%rsp)
+	xorl	%r8d,%r14d
+	andl	%eax,%r15d
+
+	rorl	$5,%r13d
+	addl	%edx,%r12d
+	xorl	%ecx,%r15d
+
+	rorl	$11,%r14d
+	xorl	%eax,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r8d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r8d,%r14d
+
+	xorl	%r9d,%r15d
+	rorl	$6,%r13d
+	movl	%r9d,%edx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%edx
+	addl	%r12d,%r11d
+	addl	%r12d,%edx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%edx
+	movl	20(%rsi),%r12d
+	movl	%r11d,%r13d
+	movl	%edx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%eax,%edi
+
+	xorl	%r11d,%r13d
+	rorl	$9,%r14d
+	xorl	%ebx,%edi
+
+	movl	%r12d,20(%rsp)
+	xorl	%edx,%r14d
+	andl	%r11d,%edi
+
+	rorl	$5,%r13d
+	addl	%ecx,%r12d
+	xorl	%ebx,%edi
+
+	rorl	$11,%r14d
+	xorl	%r11d,%r13d
+	addl	%edi,%r12d
+
+	movl	%edx,%edi
+	addl	(%rbp),%r12d
+	xorl	%edx,%r14d
+
+	xorl	%r8d,%edi
+	rorl	$6,%r13d
+	movl	%r8d,%ecx
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%ecx
+	addl	%r12d,%r10d
+	addl	%r12d,%ecx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%ecx
+	movl	24(%rsi),%r12d
+	movl	%r10d,%r13d
+	movl	%ecx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r11d,%r15d
+
+	xorl	%r10d,%r13d
+	rorl	$9,%r14d
+	xorl	%eax,%r15d
+
+	movl	%r12d,24(%rsp)
+	xorl	%ecx,%r14d
+	andl	%r10d,%r15d
+
+	rorl	$5,%r13d
+	addl	%ebx,%r12d
+	xorl	%eax,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r10d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%ecx,%r15d
+	addl	(%rbp),%r12d
+	xorl	%ecx,%r14d
+
+	xorl	%edx,%r15d
+	rorl	$6,%r13d
+	movl	%edx,%ebx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%ebx
+	addl	%r12d,%r9d
+	addl	%r12d,%ebx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%ebx
+	movl	28(%rsi),%r12d
+	movl	%r9d,%r13d
+	movl	%ebx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r10d,%edi
+
+	xorl	%r9d,%r13d
+	rorl	$9,%r14d
+	xorl	%r11d,%edi
+
+	movl	%r12d,28(%rsp)
+	xorl	%ebx,%r14d
+	andl	%r9d,%edi
+
+	rorl	$5,%r13d
+	addl	%eax,%r12d
+	xorl	%r11d,%edi
+
+	rorl	$11,%r14d
+	xorl	%r9d,%r13d
+	addl	%edi,%r12d
+
+	movl	%ebx,%edi
+	addl	(%rbp),%r12d
+	xorl	%ebx,%r14d
+
+	xorl	%ecx,%edi
+	rorl	$6,%r13d
+	movl	%ecx,%eax
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%eax
+	addl	%r12d,%r8d
+	addl	%r12d,%eax
+
+	leaq	20(%rbp),%rbp
+	addl	%r14d,%eax
+	movl	32(%rsi),%r12d
+	movl	%r8d,%r13d
+	movl	%eax,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r9d,%r15d
+
+	xorl	%r8d,%r13d
+	rorl	$9,%r14d
+	xorl	%r10d,%r15d
+
+	movl	%r12d,32(%rsp)
+	xorl	%eax,%r14d
+	andl	%r8d,%r15d
+
+	rorl	$5,%r13d
+	addl	%r11d,%r12d
+	xorl	%r10d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r8d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%eax,%r15d
+	addl	(%rbp),%r12d
+	xorl	%eax,%r14d
+
+	xorl	%ebx,%r15d
+	rorl	$6,%r13d
+	movl	%ebx,%r11d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r11d
+	addl	%r12d,%edx
+	addl	%r12d,%r11d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r11d
+	movl	36(%rsi),%r12d
+	movl	%edx,%r13d
+	movl	%r11d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r8d,%edi
+
+	xorl	%edx,%r13d
+	rorl	$9,%r14d
+	xorl	%r9d,%edi
+
+	movl	%r12d,36(%rsp)
+	xorl	%r11d,%r14d
+	andl	%edx,%edi
+
+	rorl	$5,%r13d
+	addl	%r10d,%r12d
+	xorl	%r9d,%edi
+
+	rorl	$11,%r14d
+	xorl	%edx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r11d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r11d,%r14d
+
+	xorl	%eax,%edi
+	rorl	$6,%r13d
+	movl	%eax,%r10d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r10d
+	addl	%r12d,%ecx
+	addl	%r12d,%r10d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r10d
+	movl	40(%rsi),%r12d
+	movl	%ecx,%r13d
+	movl	%r10d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%edx,%r15d
+
+	xorl	%ecx,%r13d
+	rorl	$9,%r14d
+	xorl	%r8d,%r15d
+
+	movl	%r12d,40(%rsp)
+	xorl	%r10d,%r14d
+	andl	%ecx,%r15d
+
+	rorl	$5,%r13d
+	addl	%r9d,%r12d
+	xorl	%r8d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%ecx,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r10d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r10d,%r14d
+
+	xorl	%r11d,%r15d
+	rorl	$6,%r13d
+	movl	%r11d,%r9d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r9d
+	addl	%r12d,%ebx
+	addl	%r12d,%r9d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r9d
+	movl	44(%rsi),%r12d
+	movl	%ebx,%r13d
+	movl	%r9d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%ecx,%edi
+
+	xorl	%ebx,%r13d
+	rorl	$9,%r14d
+	xorl	%edx,%edi
+
+	movl	%r12d,44(%rsp)
+	xorl	%r9d,%r14d
+	andl	%ebx,%edi
+
+	rorl	$5,%r13d
+	addl	%r8d,%r12d
+	xorl	%edx,%edi
+
+	rorl	$11,%r14d
+	xorl	%ebx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r9d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r9d,%r14d
+
+	xorl	%r10d,%edi
+	rorl	$6,%r13d
+	movl	%r10d,%r8d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r8d
+	addl	%r12d,%eax
+	addl	%r12d,%r8d
+
+	leaq	20(%rbp),%rbp
+	addl	%r14d,%r8d
+	movl	48(%rsi),%r12d
+	movl	%eax,%r13d
+	movl	%r8d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%ebx,%r15d
+
+	xorl	%eax,%r13d
+	rorl	$9,%r14d
+	xorl	%ecx,%r15d
+
+	movl	%r12d,48(%rsp)
+	xorl	%r8d,%r14d
+	andl	%eax,%r15d
+
+	rorl	$5,%r13d
+	addl	%edx,%r12d
+	xorl	%ecx,%r15d
+
+	rorl	$11,%r14d
+	xorl	%eax,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r8d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r8d,%r14d
+
+	xorl	%r9d,%r15d
+	rorl	$6,%r13d
+	movl	%r9d,%edx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%edx
+	addl	%r12d,%r11d
+	addl	%r12d,%edx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%edx
+	movl	52(%rsi),%r12d
+	movl	%r11d,%r13d
+	movl	%edx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%eax,%edi
+
+	xorl	%r11d,%r13d
+	rorl	$9,%r14d
+	xorl	%ebx,%edi
+
+	movl	%r12d,52(%rsp)
+	xorl	%edx,%r14d
+	andl	%r11d,%edi
+
+	rorl	$5,%r13d
+	addl	%ecx,%r12d
+	xorl	%ebx,%edi
+
+	rorl	$11,%r14d
+	xorl	%r11d,%r13d
+	addl	%edi,%r12d
+
+	movl	%edx,%edi
+	addl	(%rbp),%r12d
+	xorl	%edx,%r14d
+
+	xorl	%r8d,%edi
+	rorl	$6,%r13d
+	movl	%r8d,%ecx
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%ecx
+	addl	%r12d,%r10d
+	addl	%r12d,%ecx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%ecx
+	movl	56(%rsi),%r12d
+	movl	%r10d,%r13d
+	movl	%ecx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r11d,%r15d
+
+	xorl	%r10d,%r13d
+	rorl	$9,%r14d
+	xorl	%eax,%r15d
+
+	movl	%r12d,56(%rsp)
+	xorl	%ecx,%r14d
+	andl	%r10d,%r15d
+
+	rorl	$5,%r13d
+	addl	%ebx,%r12d
+	xorl	%eax,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r10d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%ecx,%r15d
+	addl	(%rbp),%r12d
+	xorl	%ecx,%r14d
+
+	xorl	%edx,%r15d
+	rorl	$6,%r13d
+	movl	%edx,%ebx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%ebx
+	addl	%r12d,%r9d
+	addl	%r12d,%ebx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%ebx
+	movl	60(%rsi),%r12d
+	movl	%r9d,%r13d
+	movl	%ebx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r10d,%edi
+
+	xorl	%r9d,%r13d
+	rorl	$9,%r14d
+	xorl	%r11d,%edi
+
+	movl	%r12d,60(%rsp)
+	xorl	%ebx,%r14d
+	andl	%r9d,%edi
+
+	rorl	$5,%r13d
+	addl	%eax,%r12d
+	xorl	%r11d,%edi
+
+	rorl	$11,%r14d
+	xorl	%r9d,%r13d
+	addl	%edi,%r12d
+
+	movl	%ebx,%edi
+	addl	(%rbp),%r12d
+	xorl	%ebx,%r14d
+
+	xorl	%ecx,%edi
+	rorl	$6,%r13d
+	movl	%ecx,%eax
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%eax
+	addl	%r12d,%r8d
+	addl	%r12d,%eax
+
+	leaq	20(%rbp),%rbp
+	jmp	.Lrounds_16_xx
+.align	16
+.Lrounds_16_xx:
+	movl	4(%rsp),%r13d
+	movl	56(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%eax
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	36(%rsp),%r12d
+
+	addl	0(%rsp),%r12d
+	movl	%r8d,%r13d
+	addl	%r15d,%r12d
+	movl	%eax,%r14d
+	rorl	$14,%r13d
+	movl	%r9d,%r15d
+
+	xorl	%r8d,%r13d
+	rorl	$9,%r14d
+	xorl	%r10d,%r15d
+
+	movl	%r12d,0(%rsp)
+	xorl	%eax,%r14d
+	andl	%r8d,%r15d
+
+	rorl	$5,%r13d
+	addl	%r11d,%r12d
+	xorl	%r10d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r8d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%eax,%r15d
+	addl	(%rbp),%r12d
+	xorl	%eax,%r14d
+
+	xorl	%ebx,%r15d
+	rorl	$6,%r13d
+	movl	%ebx,%r11d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r11d
+	addl	%r12d,%edx
+	addl	%r12d,%r11d
+
+	leaq	4(%rbp),%rbp
+	movl	8(%rsp),%r13d
+	movl	60(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r11d
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	40(%rsp),%r12d
+
+	addl	4(%rsp),%r12d
+	movl	%edx,%r13d
+	addl	%edi,%r12d
+	movl	%r11d,%r14d
+	rorl	$14,%r13d
+	movl	%r8d,%edi
+
+	xorl	%edx,%r13d
+	rorl	$9,%r14d
+	xorl	%r9d,%edi
+
+	movl	%r12d,4(%rsp)
+	xorl	%r11d,%r14d
+	andl	%edx,%edi
+
+	rorl	$5,%r13d
+	addl	%r10d,%r12d
+	xorl	%r9d,%edi
+
+	rorl	$11,%r14d
+	xorl	%edx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r11d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r11d,%r14d
+
+	xorl	%eax,%edi
+	rorl	$6,%r13d
+	movl	%eax,%r10d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r10d
+	addl	%r12d,%ecx
+	addl	%r12d,%r10d
+
+	leaq	4(%rbp),%rbp
+	movl	12(%rsp),%r13d
+	movl	0(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r10d
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	44(%rsp),%r12d
+
+	addl	8(%rsp),%r12d
+	movl	%ecx,%r13d
+	addl	%r15d,%r12d
+	movl	%r10d,%r14d
+	rorl	$14,%r13d
+	movl	%edx,%r15d
+
+	xorl	%ecx,%r13d
+	rorl	$9,%r14d
+	xorl	%r8d,%r15d
+
+	movl	%r12d,8(%rsp)
+	xorl	%r10d,%r14d
+	andl	%ecx,%r15d
+
+	rorl	$5,%r13d
+	addl	%r9d,%r12d
+	xorl	%r8d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%ecx,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r10d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r10d,%r14d
+
+	xorl	%r11d,%r15d
+	rorl	$6,%r13d
+	movl	%r11d,%r9d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r9d
+	addl	%r12d,%ebx
+	addl	%r12d,%r9d
+
+	leaq	4(%rbp),%rbp
+	movl	16(%rsp),%r13d
+	movl	4(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r9d
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	48(%rsp),%r12d
+
+	addl	12(%rsp),%r12d
+	movl	%ebx,%r13d
+	addl	%edi,%r12d
+	movl	%r9d,%r14d
+	rorl	$14,%r13d
+	movl	%ecx,%edi
+
+	xorl	%ebx,%r13d
+	rorl	$9,%r14d
+	xorl	%edx,%edi
+
+	movl	%r12d,12(%rsp)
+	xorl	%r9d,%r14d
+	andl	%ebx,%edi
+
+	rorl	$5,%r13d
+	addl	%r8d,%r12d
+	xorl	%edx,%edi
+
+	rorl	$11,%r14d
+	xorl	%ebx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r9d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r9d,%r14d
+
+	xorl	%r10d,%edi
+	rorl	$6,%r13d
+	movl	%r10d,%r8d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r8d
+	addl	%r12d,%eax
+	addl	%r12d,%r8d
+
+	leaq	20(%rbp),%rbp
+	movl	20(%rsp),%r13d
+	movl	8(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r8d
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	52(%rsp),%r12d
+
+	addl	16(%rsp),%r12d
+	movl	%eax,%r13d
+	addl	%r15d,%r12d
+	movl	%r8d,%r14d
+	rorl	$14,%r13d
+	movl	%ebx,%r15d
+
+	xorl	%eax,%r13d
+	rorl	$9,%r14d
+	xorl	%ecx,%r15d
+
+	movl	%r12d,16(%rsp)
+	xorl	%r8d,%r14d
+	andl	%eax,%r15d
+
+	rorl	$5,%r13d
+	addl	%edx,%r12d
+	xorl	%ecx,%r15d
+
+	rorl	$11,%r14d
+	xorl	%eax,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r8d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r8d,%r14d
+
+	xorl	%r9d,%r15d
+	rorl	$6,%r13d
+	movl	%r9d,%edx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%edx
+	addl	%r12d,%r11d
+	addl	%r12d,%edx
+
+	leaq	4(%rbp),%rbp
+	movl	24(%rsp),%r13d
+	movl	12(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%edx
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	56(%rsp),%r12d
+
+	addl	20(%rsp),%r12d
+	movl	%r11d,%r13d
+	addl	%edi,%r12d
+	movl	%edx,%r14d
+	rorl	$14,%r13d
+	movl	%eax,%edi
+
+	xorl	%r11d,%r13d
+	rorl	$9,%r14d
+	xorl	%ebx,%edi
+
+	movl	%r12d,20(%rsp)
+	xorl	%edx,%r14d
+	andl	%r11d,%edi
+
+	rorl	$5,%r13d
+	addl	%ecx,%r12d
+	xorl	%ebx,%edi
+
+	rorl	$11,%r14d
+	xorl	%r11d,%r13d
+	addl	%edi,%r12d
+
+	movl	%edx,%edi
+	addl	(%rbp),%r12d
+	xorl	%edx,%r14d
+
+	xorl	%r8d,%edi
+	rorl	$6,%r13d
+	movl	%r8d,%ecx
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%ecx
+	addl	%r12d,%r10d
+	addl	%r12d,%ecx
+
+	leaq	4(%rbp),%rbp
+	movl	28(%rsp),%r13d
+	movl	16(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%ecx
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	60(%rsp),%r12d
+
+	addl	24(%rsp),%r12d
+	movl	%r10d,%r13d
+	addl	%r15d,%r12d
+	movl	%ecx,%r14d
+	rorl	$14,%r13d
+	movl	%r11d,%r15d
+
+	xorl	%r10d,%r13d
+	rorl	$9,%r14d
+	xorl	%eax,%r15d
+
+	movl	%r12d,24(%rsp)
+	xorl	%ecx,%r14d
+	andl	%r10d,%r15d
+
+	rorl	$5,%r13d
+	addl	%ebx,%r12d
+	xorl	%eax,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r10d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%ecx,%r15d
+	addl	(%rbp),%r12d
+	xorl	%ecx,%r14d
+
+	xorl	%edx,%r15d
+	rorl	$6,%r13d
+	movl	%edx,%ebx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%ebx
+	addl	%r12d,%r9d
+	addl	%r12d,%ebx
+
+	leaq	4(%rbp),%rbp
+	movl	32(%rsp),%r13d
+	movl	20(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%ebx
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	0(%rsp),%r12d
+
+	addl	28(%rsp),%r12d
+	movl	%r9d,%r13d
+	addl	%edi,%r12d
+	movl	%ebx,%r14d
+	rorl	$14,%r13d
+	movl	%r10d,%edi
+
+	xorl	%r9d,%r13d
+	rorl	$9,%r14d
+	xorl	%r11d,%edi
+
+	movl	%r12d,28(%rsp)
+	xorl	%ebx,%r14d
+	andl	%r9d,%edi
+
+	rorl	$5,%r13d
+	addl	%eax,%r12d
+	xorl	%r11d,%edi
+
+	rorl	$11,%r14d
+	xorl	%r9d,%r13d
+	addl	%edi,%r12d
+
+	movl	%ebx,%edi
+	addl	(%rbp),%r12d
+	xorl	%ebx,%r14d
+
+	xorl	%ecx,%edi
+	rorl	$6,%r13d
+	movl	%ecx,%eax
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%eax
+	addl	%r12d,%r8d
+	addl	%r12d,%eax
+
+	leaq	20(%rbp),%rbp
+	movl	36(%rsp),%r13d
+	movl	24(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%eax
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	4(%rsp),%r12d
+
+	addl	32(%rsp),%r12d
+	movl	%r8d,%r13d
+	addl	%r15d,%r12d
+	movl	%eax,%r14d
+	rorl	$14,%r13d
+	movl	%r9d,%r15d
+
+	xorl	%r8d,%r13d
+	rorl	$9,%r14d
+	xorl	%r10d,%r15d
+
+	movl	%r12d,32(%rsp)
+	xorl	%eax,%r14d
+	andl	%r8d,%r15d
+
+	rorl	$5,%r13d
+	addl	%r11d,%r12d
+	xorl	%r10d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r8d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%eax,%r15d
+	addl	(%rbp),%r12d
+	xorl	%eax,%r14d
+
+	xorl	%ebx,%r15d
+	rorl	$6,%r13d
+	movl	%ebx,%r11d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r11d
+	addl	%r12d,%edx
+	addl	%r12d,%r11d
+
+	leaq	4(%rbp),%rbp
+	movl	40(%rsp),%r13d
+	movl	28(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r11d
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	8(%rsp),%r12d
+
+	addl	36(%rsp),%r12d
+	movl	%edx,%r13d
+	addl	%edi,%r12d
+	movl	%r11d,%r14d
+	rorl	$14,%r13d
+	movl	%r8d,%edi
+
+	xorl	%edx,%r13d
+	rorl	$9,%r14d
+	xorl	%r9d,%edi
+
+	movl	%r12d,36(%rsp)
+	xorl	%r11d,%r14d
+	andl	%edx,%edi
+
+	rorl	$5,%r13d
+	addl	%r10d,%r12d
+	xorl	%r9d,%edi
+
+	rorl	$11,%r14d
+	xorl	%edx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r11d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r11d,%r14d
+
+	xorl	%eax,%edi
+	rorl	$6,%r13d
+	movl	%eax,%r10d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r10d
+	addl	%r12d,%ecx
+	addl	%r12d,%r10d
+
+	leaq	4(%rbp),%rbp
+	movl	44(%rsp),%r13d
+	movl	32(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r10d
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	12(%rsp),%r12d
+
+	addl	40(%rsp),%r12d
+	movl	%ecx,%r13d
+	addl	%r15d,%r12d
+	movl	%r10d,%r14d
+	rorl	$14,%r13d
+	movl	%edx,%r15d
+
+	xorl	%ecx,%r13d
+	rorl	$9,%r14d
+	xorl	%r8d,%r15d
+
+	movl	%r12d,40(%rsp)
+	xorl	%r10d,%r14d
+	andl	%ecx,%r15d
+
+	rorl	$5,%r13d
+	addl	%r9d,%r12d
+	xorl	%r8d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%ecx,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r10d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r10d,%r14d
+
+	xorl	%r11d,%r15d
+	rorl	$6,%r13d
+	movl	%r11d,%r9d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r9d
+	addl	%r12d,%ebx
+	addl	%r12d,%r9d
+
+	leaq	4(%rbp),%rbp
+	movl	48(%rsp),%r13d
+	movl	36(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r9d
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	16(%rsp),%r12d
+
+	addl	44(%rsp),%r12d
+	movl	%ebx,%r13d
+	addl	%edi,%r12d
+	movl	%r9d,%r14d
+	rorl	$14,%r13d
+	movl	%ecx,%edi
+
+	xorl	%ebx,%r13d
+	rorl	$9,%r14d
+	xorl	%edx,%edi
+
+	movl	%r12d,44(%rsp)
+	xorl	%r9d,%r14d
+	andl	%ebx,%edi
+
+	rorl	$5,%r13d
+	addl	%r8d,%r12d
+	xorl	%edx,%edi
+
+	rorl	$11,%r14d
+	xorl	%ebx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r9d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r9d,%r14d
+
+	xorl	%r10d,%edi
+	rorl	$6,%r13d
+	movl	%r10d,%r8d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r8d
+	addl	%r12d,%eax
+	addl	%r12d,%r8d
+
+	leaq	20(%rbp),%rbp
+	movl	52(%rsp),%r13d
+	movl	40(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r8d
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	20(%rsp),%r12d
+
+	addl	48(%rsp),%r12d
+	movl	%eax,%r13d
+	addl	%r15d,%r12d
+	movl	%r8d,%r14d
+	rorl	$14,%r13d
+	movl	%ebx,%r15d
+
+	xorl	%eax,%r13d
+	rorl	$9,%r14d
+	xorl	%ecx,%r15d
+
+	movl	%r12d,48(%rsp)
+	xorl	%r8d,%r14d
+	andl	%eax,%r15d
+
+	rorl	$5,%r13d
+	addl	%edx,%r12d
+	xorl	%ecx,%r15d
+
+	rorl	$11,%r14d
+	xorl	%eax,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r8d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r8d,%r14d
+
+	xorl	%r9d,%r15d
+	rorl	$6,%r13d
+	movl	%r9d,%edx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%edx
+	addl	%r12d,%r11d
+	addl	%r12d,%edx
+
+	leaq	4(%rbp),%rbp
+	movl	56(%rsp),%r13d
+	movl	44(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%edx
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	24(%rsp),%r12d
+
+	addl	52(%rsp),%r12d
+	movl	%r11d,%r13d
+	addl	%edi,%r12d
+	movl	%edx,%r14d
+	rorl	$14,%r13d
+	movl	%eax,%edi
+
+	xorl	%r11d,%r13d
+	rorl	$9,%r14d
+	xorl	%ebx,%edi
+
+	movl	%r12d,52(%rsp)
+	xorl	%edx,%r14d
+	andl	%r11d,%edi
+
+	rorl	$5,%r13d
+	addl	%ecx,%r12d
+	xorl	%ebx,%edi
+
+	rorl	$11,%r14d
+	xorl	%r11d,%r13d
+	addl	%edi,%r12d
+
+	movl	%edx,%edi
+	addl	(%rbp),%r12d
+	xorl	%edx,%r14d
+
+	xorl	%r8d,%edi
+	rorl	$6,%r13d
+	movl	%r8d,%ecx
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%ecx
+	addl	%r12d,%r10d
+	addl	%r12d,%ecx
+
+	leaq	4(%rbp),%rbp
+	movl	60(%rsp),%r13d
+	movl	48(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%ecx
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	28(%rsp),%r12d
+
+	addl	56(%rsp),%r12d
+	movl	%r10d,%r13d
+	addl	%r15d,%r12d
+	movl	%ecx,%r14d
+	rorl	$14,%r13d
+	movl	%r11d,%r15d
+
+	xorl	%r10d,%r13d
+	rorl	$9,%r14d
+	xorl	%eax,%r15d
+
+	movl	%r12d,56(%rsp)
+	xorl	%ecx,%r14d
+	andl	%r10d,%r15d
+
+	rorl	$5,%r13d
+	addl	%ebx,%r12d
+	xorl	%eax,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r10d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%ecx,%r15d
+	addl	(%rbp),%r12d
+	xorl	%ecx,%r14d
+
+	xorl	%edx,%r15d
+	rorl	$6,%r13d
+	movl	%edx,%ebx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%ebx
+	addl	%r12d,%r9d
+	addl	%r12d,%ebx
+
+	leaq	4(%rbp),%rbp
+	movl	0(%rsp),%r13d
+	movl	52(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%ebx
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	32(%rsp),%r12d
+
+	addl	60(%rsp),%r12d
+	movl	%r9d,%r13d
+	addl	%edi,%r12d
+	movl	%ebx,%r14d
+	rorl	$14,%r13d
+	movl	%r10d,%edi
+
+	xorl	%r9d,%r13d
+	rorl	$9,%r14d
+	xorl	%r11d,%edi
+
+	movl	%r12d,60(%rsp)
+	xorl	%ebx,%r14d
+	andl	%r9d,%edi
+
+	rorl	$5,%r13d
+	addl	%eax,%r12d
+	xorl	%r11d,%edi
+
+	rorl	$11,%r14d
+	xorl	%r9d,%r13d
+	addl	%edi,%r12d
+
+	movl	%ebx,%edi
+	addl	(%rbp),%r12d
+	xorl	%ebx,%r14d
+
+	xorl	%ecx,%edi
+	rorl	$6,%r13d
+	movl	%ecx,%eax
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%eax
+	addl	%r12d,%r8d
+	addl	%r12d,%eax
+
+	leaq	20(%rbp),%rbp
+	cmpb	$0,3(%rbp)
+	jnz	.Lrounds_16_xx
+
+	movq	64+0(%rsp),%rdi
+	addl	%r14d,%eax
+	leaq	64(%rsi),%rsi
+
+	addl	0(%rdi),%eax
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	addl	24(%rdi),%r10d
+	addl	28(%rdi),%r11d
+
+	cmpq	64+16(%rsp),%rsi
+
+	movl	%eax,0(%rdi)
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+	jb	.Lloop
+
+	movq	88(%rsp),%rsi
+.cfi_def_cfa	%rsi,8
+	movq	-48(%rsi),%r15
+.cfi_restore	%r15
+	movq	-40(%rsi),%r14
+.cfi_restore	%r14
+	movq	-32(%rsi),%r13
+.cfi_restore	%r13
+	movq	-24(%rsi),%r12
+.cfi_restore	%r12
+	movq	-16(%rsi),%rbp
+.cfi_restore	%rbp
+	movq	-8(%rsi),%rbx
+.cfi_restore	%rbx
+	leaq	(%rsi),%rsp
+.cfi_def_cfa_register	%rsp
+.Lepilogue:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	sha256_block_data_order,.-sha256_block_data_order
+.align	64
+.type	K256,@object
+K256:
+.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+.long	0x03020100,0x0b0a0908,0xffffffff,0xffffffff
+.long	0x03020100,0x0b0a0908,0xffffffff,0xffffffff
+.long	0xffffffff,0xffffffff,0x03020100,0x0b0a0908
+.long	0xffffffff,0xffffffff,0x03020100,0x0b0a0908
+.byte	83,72,65,50,53,54,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.type	sha256_block_data_order_shaext,@function
+.align	64
+sha256_block_data_order_shaext:
+_shaext_shortcut:
+.cfi_startproc	
+	leaq	K256+128(%rip),%rcx
+	movdqu	(%rdi),%xmm1
+	movdqu	16(%rdi),%xmm2
+	movdqa	512-128(%rcx),%xmm7
+
+	pshufd	$0x1b,%xmm1,%xmm0
+	pshufd	$0xb1,%xmm1,%xmm1
+	pshufd	$0x1b,%xmm2,%xmm2
+	movdqa	%xmm7,%xmm8
+.byte	102,15,58,15,202,8
+	punpcklqdq	%xmm0,%xmm2
+	jmp	.Loop_shaext
+
+.align	16
+.Loop_shaext:
+	movdqu	(%rsi),%xmm3
+	movdqu	16(%rsi),%xmm4
+	movdqu	32(%rsi),%xmm5
+.byte	102,15,56,0,223
+	movdqu	48(%rsi),%xmm6
+
+	movdqa	0-128(%rcx),%xmm0
+	paddd	%xmm3,%xmm0
+.byte	102,15,56,0,231
+	movdqa	%xmm2,%xmm10
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	nop
+	movdqa	%xmm1,%xmm9
+.byte	15,56,203,202
+
+	movdqa	32-128(%rcx),%xmm0
+	paddd	%xmm4,%xmm0
+.byte	102,15,56,0,239
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	leaq	64(%rsi),%rsi
+.byte	15,56,204,220
+.byte	15,56,203,202
+
+	movdqa	64-128(%rcx),%xmm0
+	paddd	%xmm5,%xmm0
+.byte	102,15,56,0,247
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm6,%xmm7
+.byte	102,15,58,15,253,4
+	nop
+	paddd	%xmm7,%xmm3
+.byte	15,56,204,229
+.byte	15,56,203,202
+
+	movdqa	96-128(%rcx),%xmm0
+	paddd	%xmm6,%xmm0
+.byte	15,56,205,222
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm3,%xmm7
+.byte	102,15,58,15,254,4
+	nop
+	paddd	%xmm7,%xmm4
+.byte	15,56,204,238
+.byte	15,56,203,202
+	movdqa	128-128(%rcx),%xmm0
+	paddd	%xmm3,%xmm0
+.byte	15,56,205,227
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm4,%xmm7
+.byte	102,15,58,15,251,4
+	nop
+	paddd	%xmm7,%xmm5
+.byte	15,56,204,243
+.byte	15,56,203,202
+	movdqa	160-128(%rcx),%xmm0
+	paddd	%xmm4,%xmm0
+.byte	15,56,205,236
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm5,%xmm7
+.byte	102,15,58,15,252,4
+	nop
+	paddd	%xmm7,%xmm6
+.byte	15,56,204,220
+.byte	15,56,203,202
+	movdqa	192-128(%rcx),%xmm0
+	paddd	%xmm5,%xmm0
+.byte	15,56,205,245
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm6,%xmm7
+.byte	102,15,58,15,253,4
+	nop
+	paddd	%xmm7,%xmm3
+.byte	15,56,204,229
+.byte	15,56,203,202
+	movdqa	224-128(%rcx),%xmm0
+	paddd	%xmm6,%xmm0
+.byte	15,56,205,222
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm3,%xmm7
+.byte	102,15,58,15,254,4
+	nop
+	paddd	%xmm7,%xmm4
+.byte	15,56,204,238
+.byte	15,56,203,202
+	movdqa	256-128(%rcx),%xmm0
+	paddd	%xmm3,%xmm0
+.byte	15,56,205,227
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm4,%xmm7
+.byte	102,15,58,15,251,4
+	nop
+	paddd	%xmm7,%xmm5
+.byte	15,56,204,243
+.byte	15,56,203,202
+	movdqa	288-128(%rcx),%xmm0
+	paddd	%xmm4,%xmm0
+.byte	15,56,205,236
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm5,%xmm7
+.byte	102,15,58,15,252,4
+	nop
+	paddd	%xmm7,%xmm6
+.byte	15,56,204,220
+.byte	15,56,203,202
+	movdqa	320-128(%rcx),%xmm0
+	paddd	%xmm5,%xmm0
+.byte	15,56,205,245
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm6,%xmm7
+.byte	102,15,58,15,253,4
+	nop
+	paddd	%xmm7,%xmm3
+.byte	15,56,204,229
+.byte	15,56,203,202
+	movdqa	352-128(%rcx),%xmm0
+	paddd	%xmm6,%xmm0
+.byte	15,56,205,222
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm3,%xmm7
+.byte	102,15,58,15,254,4
+	nop
+	paddd	%xmm7,%xmm4
+.byte	15,56,204,238
+.byte	15,56,203,202
+	movdqa	384-128(%rcx),%xmm0
+	paddd	%xmm3,%xmm0
+.byte	15,56,205,227
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm4,%xmm7
+.byte	102,15,58,15,251,4
+	nop
+	paddd	%xmm7,%xmm5
+.byte	15,56,204,243
+.byte	15,56,203,202
+	movdqa	416-128(%rcx),%xmm0
+	paddd	%xmm4,%xmm0
+.byte	15,56,205,236
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm5,%xmm7
+.byte	102,15,58,15,252,4
+.byte	15,56,203,202
+	paddd	%xmm7,%xmm6
+
+	movdqa	448-128(%rcx),%xmm0
+	paddd	%xmm5,%xmm0
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+.byte	15,56,205,245
+	movdqa	%xmm8,%xmm7
+.byte	15,56,203,202
+
+	movdqa	480-128(%rcx),%xmm0
+	paddd	%xmm6,%xmm0
+	nop
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	decq	%rdx
+	nop
+.byte	15,56,203,202
+
+	paddd	%xmm10,%xmm2
+	paddd	%xmm9,%xmm1
+	jnz	.Loop_shaext
+
+	pshufd	$0xb1,%xmm2,%xmm2
+	pshufd	$0x1b,%xmm1,%xmm7
+	pshufd	$0xb1,%xmm1,%xmm1
+	punpckhqdq	%xmm2,%xmm1
+.byte	102,15,58,15,215,8
+
+	movdqu	%xmm1,(%rdi)
+	movdqu	%xmm2,16(%rdi)
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	sha256_block_data_order_shaext,.-sha256_block_data_order_shaext
+.type	sha256_block_data_order_ssse3,@function
+.align	64
+sha256_block_data_order_ssse3:
+.cfi_startproc	
+.Lssse3_shortcut:
+	movq	%rsp,%rax
+.cfi_def_cfa_register	%rax
+	pushq	%rbx
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_offset	%r14,-48
+	pushq	%r15
+.cfi_offset	%r15,-56
+	shlq	$4,%rdx
+	subq	$96,%rsp
+	leaq	(%rsi,%rdx,4),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,64+0(%rsp)
+	movq	%rsi,64+8(%rsp)
+	movq	%rdx,64+16(%rsp)
+	movq	%rax,88(%rsp)
+.cfi_escape	0x0f,0x06,0x77,0xd8,0x00,0x06,0x23,0x08
+.Lprologue_ssse3:
+
+	movl	0(%rdi),%eax
+	movl	4(%rdi),%ebx
+	movl	8(%rdi),%ecx
+	movl	12(%rdi),%edx
+	movl	16(%rdi),%r8d
+	movl	20(%rdi),%r9d
+	movl	24(%rdi),%r10d
+	movl	28(%rdi),%r11d
+
+
+	jmp	.Lloop_ssse3
+.align	16
+.Lloop_ssse3:
+	movdqa	K256+512(%rip),%xmm7
+	movdqu	0(%rsi),%xmm0
+	movdqu	16(%rsi),%xmm1
+	movdqu	32(%rsi),%xmm2
+.byte	102,15,56,0,199
+	movdqu	48(%rsi),%xmm3
+	leaq	K256(%rip),%rbp
+.byte	102,15,56,0,207
+	movdqa	0(%rbp),%xmm4
+	movdqa	32(%rbp),%xmm5
+.byte	102,15,56,0,215
+	paddd	%xmm0,%xmm4
+	movdqa	64(%rbp),%xmm6
+.byte	102,15,56,0,223
+	movdqa	96(%rbp),%xmm7
+	paddd	%xmm1,%xmm5
+	paddd	%xmm2,%xmm6
+	paddd	%xmm3,%xmm7
+	movdqa	%xmm4,0(%rsp)
+	movl	%eax,%r14d
+	movdqa	%xmm5,16(%rsp)
+	movl	%ebx,%edi
+	movdqa	%xmm6,32(%rsp)
+	xorl	%ecx,%edi
+	movdqa	%xmm7,48(%rsp)
+	movl	%r8d,%r13d
+	jmp	.Lssse3_00_47
+
+.align	16
+.Lssse3_00_47:
+	subq	$-128,%rbp
+	rorl	$14,%r13d
+	movdqa	%xmm1,%xmm4
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	movdqa	%xmm3,%xmm7
+	rorl	$9,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	rorl	$5,%r13d
+	xorl	%eax,%r14d
+.byte	102,15,58,15,224,4
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+.byte	102,15,58,15,250,4
+	addl	0(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm4,%xmm5
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	movdqa	%xmm4,%xmm6
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	psrld	$3,%xmm4
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	paddd	%xmm7,%xmm0
+	rorl	$2,%r14d
+	addl	%r11d,%edx
+	psrld	$7,%xmm6
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	pshufd	$250,%xmm3,%xmm7
+	addl	%r11d,%r14d
+	rorl	$14,%r13d
+	pslld	$14,%xmm5
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	pxor	%xmm6,%xmm4
+	rorl	$9,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	rorl	$5,%r13d
+	psrld	$11,%xmm6
+	xorl	%r11d,%r14d
+	pxor	%xmm5,%xmm4
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	pslld	$11,%xmm5
+	addl	4(%rsp),%r10d
+	movl	%r11d,%edi
+	pxor	%xmm6,%xmm4
+	xorl	%r9d,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm7,%xmm6
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	pxor	%xmm5,%xmm4
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	psrld	$10,%xmm7
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	paddd	%xmm4,%xmm0
+	rorl	$2,%r14d
+	addl	%r10d,%ecx
+	psrlq	$17,%xmm6
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	pxor	%xmm6,%xmm7
+	rorl	$14,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	rorl	$9,%r14d
+	psrlq	$2,%xmm6
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$5,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	pshufd	$128,%xmm7,%xmm7
+	xorl	%ecx,%r13d
+	addl	8(%rsp),%r9d
+	movl	%r10d,%r15d
+	psrldq	$8,%xmm7
+	xorl	%r8d,%r12d
+	rorl	$11,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	rorl	$6,%r13d
+	paddd	%xmm7,%xmm0
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	pshufd	$80,%xmm0,%xmm7
+	xorl	%r11d,%edi
+	rorl	$2,%r14d
+	addl	%r9d,%ebx
+	movdqa	%xmm7,%xmm6
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	psrld	$10,%xmm7
+	addl	%r9d,%r14d
+	rorl	$14,%r13d
+	psrlq	$17,%xmm6
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$9,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	rorl	$5,%r13d
+	xorl	%r9d,%r14d
+	psrlq	$2,%xmm6
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	12(%rsp),%r8d
+	pxor	%xmm6,%xmm7
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	rorl	$11,%r14d
+	pshufd	$8,%xmm7,%xmm7
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	movdqa	0(%rbp),%xmm6
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	pslldq	$8,%xmm7
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	paddd	%xmm7,%xmm0
+	rorl	$2,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	paddd	%xmm0,%xmm6
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	movdqa	%xmm6,0(%rsp)
+	rorl	$14,%r13d
+	movdqa	%xmm2,%xmm4
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	movdqa	%xmm0,%xmm7
+	rorl	$9,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	rorl	$5,%r13d
+	xorl	%r8d,%r14d
+.byte	102,15,58,15,225,4
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+.byte	102,15,58,15,251,4
+	addl	16(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm4,%xmm5
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	movdqa	%xmm4,%xmm6
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	psrld	$3,%xmm4
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	paddd	%xmm7,%xmm1
+	rorl	$2,%r14d
+	addl	%edx,%r11d
+	psrld	$7,%xmm6
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	pshufd	$250,%xmm0,%xmm7
+	addl	%edx,%r14d
+	rorl	$14,%r13d
+	pslld	$14,%xmm5
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	pxor	%xmm6,%xmm4
+	rorl	$9,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	rorl	$5,%r13d
+	psrld	$11,%xmm6
+	xorl	%edx,%r14d
+	pxor	%xmm5,%xmm4
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	pslld	$11,%xmm5
+	addl	20(%rsp),%ecx
+	movl	%edx,%edi
+	pxor	%xmm6,%xmm4
+	xorl	%ebx,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm7,%xmm6
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	pxor	%xmm5,%xmm4
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	psrld	$10,%xmm7
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	paddd	%xmm4,%xmm1
+	rorl	$2,%r14d
+	addl	%ecx,%r10d
+	psrlq	$17,%xmm6
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	pxor	%xmm6,%xmm7
+	rorl	$14,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	rorl	$9,%r14d
+	psrlq	$2,%xmm6
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$5,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	pshufd	$128,%xmm7,%xmm7
+	xorl	%r10d,%r13d
+	addl	24(%rsp),%ebx
+	movl	%ecx,%r15d
+	psrldq	$8,%xmm7
+	xorl	%eax,%r12d
+	rorl	$11,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	rorl	$6,%r13d
+	paddd	%xmm7,%xmm1
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	pshufd	$80,%xmm1,%xmm7
+	xorl	%edx,%edi
+	rorl	$2,%r14d
+	addl	%ebx,%r9d
+	movdqa	%xmm7,%xmm6
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	psrld	$10,%xmm7
+	addl	%ebx,%r14d
+	rorl	$14,%r13d
+	psrlq	$17,%xmm6
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$9,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	rorl	$5,%r13d
+	xorl	%ebx,%r14d
+	psrlq	$2,%xmm6
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	28(%rsp),%eax
+	pxor	%xmm6,%xmm7
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	rorl	$11,%r14d
+	pshufd	$8,%xmm7,%xmm7
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	movdqa	32(%rbp),%xmm6
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	pslldq	$8,%xmm7
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	paddd	%xmm7,%xmm1
+	rorl	$2,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	paddd	%xmm1,%xmm6
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	movdqa	%xmm6,16(%rsp)
+	rorl	$14,%r13d
+	movdqa	%xmm3,%xmm4
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	movdqa	%xmm1,%xmm7
+	rorl	$9,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	rorl	$5,%r13d
+	xorl	%eax,%r14d
+.byte	102,15,58,15,226,4
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+.byte	102,15,58,15,248,4
+	addl	32(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm4,%xmm5
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	movdqa	%xmm4,%xmm6
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	psrld	$3,%xmm4
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	paddd	%xmm7,%xmm2
+	rorl	$2,%r14d
+	addl	%r11d,%edx
+	psrld	$7,%xmm6
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	pshufd	$250,%xmm1,%xmm7
+	addl	%r11d,%r14d
+	rorl	$14,%r13d
+	pslld	$14,%xmm5
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	pxor	%xmm6,%xmm4
+	rorl	$9,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	rorl	$5,%r13d
+	psrld	$11,%xmm6
+	xorl	%r11d,%r14d
+	pxor	%xmm5,%xmm4
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	pslld	$11,%xmm5
+	addl	36(%rsp),%r10d
+	movl	%r11d,%edi
+	pxor	%xmm6,%xmm4
+	xorl	%r9d,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm7,%xmm6
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	pxor	%xmm5,%xmm4
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	psrld	$10,%xmm7
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	paddd	%xmm4,%xmm2
+	rorl	$2,%r14d
+	addl	%r10d,%ecx
+	psrlq	$17,%xmm6
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	pxor	%xmm6,%xmm7
+	rorl	$14,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	rorl	$9,%r14d
+	psrlq	$2,%xmm6
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$5,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	pshufd	$128,%xmm7,%xmm7
+	xorl	%ecx,%r13d
+	addl	40(%rsp),%r9d
+	movl	%r10d,%r15d
+	psrldq	$8,%xmm7
+	xorl	%r8d,%r12d
+	rorl	$11,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	rorl	$6,%r13d
+	paddd	%xmm7,%xmm2
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	pshufd	$80,%xmm2,%xmm7
+	xorl	%r11d,%edi
+	rorl	$2,%r14d
+	addl	%r9d,%ebx
+	movdqa	%xmm7,%xmm6
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	psrld	$10,%xmm7
+	addl	%r9d,%r14d
+	rorl	$14,%r13d
+	psrlq	$17,%xmm6
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$9,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	rorl	$5,%r13d
+	xorl	%r9d,%r14d
+	psrlq	$2,%xmm6
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	44(%rsp),%r8d
+	pxor	%xmm6,%xmm7
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	rorl	$11,%r14d
+	pshufd	$8,%xmm7,%xmm7
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	movdqa	64(%rbp),%xmm6
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	pslldq	$8,%xmm7
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	paddd	%xmm7,%xmm2
+	rorl	$2,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	paddd	%xmm2,%xmm6
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	movdqa	%xmm6,32(%rsp)
+	rorl	$14,%r13d
+	movdqa	%xmm0,%xmm4
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	movdqa	%xmm2,%xmm7
+	rorl	$9,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	rorl	$5,%r13d
+	xorl	%r8d,%r14d
+.byte	102,15,58,15,227,4
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+.byte	102,15,58,15,249,4
+	addl	48(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm4,%xmm5
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	movdqa	%xmm4,%xmm6
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	psrld	$3,%xmm4
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	paddd	%xmm7,%xmm3
+	rorl	$2,%r14d
+	addl	%edx,%r11d
+	psrld	$7,%xmm6
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	pshufd	$250,%xmm2,%xmm7
+	addl	%edx,%r14d
+	rorl	$14,%r13d
+	pslld	$14,%xmm5
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	pxor	%xmm6,%xmm4
+	rorl	$9,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	rorl	$5,%r13d
+	psrld	$11,%xmm6
+	xorl	%edx,%r14d
+	pxor	%xmm5,%xmm4
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	pslld	$11,%xmm5
+	addl	52(%rsp),%ecx
+	movl	%edx,%edi
+	pxor	%xmm6,%xmm4
+	xorl	%ebx,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm7,%xmm6
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	pxor	%xmm5,%xmm4
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	psrld	$10,%xmm7
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	paddd	%xmm4,%xmm3
+	rorl	$2,%r14d
+	addl	%ecx,%r10d
+	psrlq	$17,%xmm6
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	pxor	%xmm6,%xmm7
+	rorl	$14,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	rorl	$9,%r14d
+	psrlq	$2,%xmm6
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$5,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	pshufd	$128,%xmm7,%xmm7
+	xorl	%r10d,%r13d
+	addl	56(%rsp),%ebx
+	movl	%ecx,%r15d
+	psrldq	$8,%xmm7
+	xorl	%eax,%r12d
+	rorl	$11,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	rorl	$6,%r13d
+	paddd	%xmm7,%xmm3
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	pshufd	$80,%xmm3,%xmm7
+	xorl	%edx,%edi
+	rorl	$2,%r14d
+	addl	%ebx,%r9d
+	movdqa	%xmm7,%xmm6
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	psrld	$10,%xmm7
+	addl	%ebx,%r14d
+	rorl	$14,%r13d
+	psrlq	$17,%xmm6
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$9,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	rorl	$5,%r13d
+	xorl	%ebx,%r14d
+	psrlq	$2,%xmm6
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	60(%rsp),%eax
+	pxor	%xmm6,%xmm7
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	rorl	$11,%r14d
+	pshufd	$8,%xmm7,%xmm7
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	movdqa	96(%rbp),%xmm6
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	pslldq	$8,%xmm7
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	paddd	%xmm7,%xmm3
+	rorl	$2,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	paddd	%xmm3,%xmm6
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	movdqa	%xmm6,48(%rsp)
+	cmpb	$0,131(%rbp)
+	jne	.Lssse3_00_47
+	rorl	$14,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	rorl	$9,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	rorl	$5,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+	addl	0(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	rorl	$11,%r14d
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	rorl	$2,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	rorl	$9,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	rorl	$5,%r13d
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	addl	4(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	rorl	$11,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	rorl	$2,%r14d
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	rorl	$9,%r14d
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	rorl	$5,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	8(%rsp),%r9d
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	rorl	$11,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	xorl	%r11d,%edi
+	rorl	$2,%r14d
+	addl	%r9d,%ebx
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	rorl	$9,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	rorl	$5,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	12(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	rorl	$11,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	rorl	$2,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	rorl	$9,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	rorl	$5,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+	addl	16(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	rorl	$11,%r14d
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	rorl	$2,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	rorl	$9,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	rorl	$5,%r13d
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	addl	20(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	rorl	$11,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	rorl	$2,%r14d
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	rorl	$9,%r14d
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	rorl	$5,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	24(%rsp),%ebx
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	rorl	$11,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	xorl	%edx,%edi
+	rorl	$2,%r14d
+	addl	%ebx,%r9d
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	rorl	$9,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	rorl	$5,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	28(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	rorl	$11,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	rorl	$2,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	rorl	$9,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	rorl	$5,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+	addl	32(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	rorl	$11,%r14d
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	rorl	$2,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	rorl	$9,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	rorl	$5,%r13d
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	addl	36(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	rorl	$11,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	rorl	$2,%r14d
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	rorl	$9,%r14d
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	rorl	$5,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	40(%rsp),%r9d
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	rorl	$11,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	xorl	%r11d,%edi
+	rorl	$2,%r14d
+	addl	%r9d,%ebx
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	rorl	$9,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	rorl	$5,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	44(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	rorl	$11,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	rorl	$2,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	rorl	$9,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	rorl	$5,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+	addl	48(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	rorl	$11,%r14d
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	rorl	$2,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	rorl	$9,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	rorl	$5,%r13d
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	addl	52(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	rorl	$11,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	rorl	$2,%r14d
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	rorl	$9,%r14d
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	rorl	$5,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	56(%rsp),%ebx
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	rorl	$11,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	xorl	%edx,%edi
+	rorl	$2,%r14d
+	addl	%ebx,%r9d
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	rorl	$9,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	rorl	$5,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	60(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	rorl	$11,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	rorl	$2,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	movq	64+0(%rsp),%rdi
+	movl	%r14d,%eax
+
+	addl	0(%rdi),%eax
+	leaq	64(%rsi),%rsi
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	addl	24(%rdi),%r10d
+	addl	28(%rdi),%r11d
+
+	cmpq	64+16(%rsp),%rsi
+
+	movl	%eax,0(%rdi)
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+	jb	.Lloop_ssse3
+
+	movq	88(%rsp),%rsi
+.cfi_def_cfa	%rsi,8
+	movq	-48(%rsi),%r15
+.cfi_restore	%r15
+	movq	-40(%rsi),%r14
+.cfi_restore	%r14
+	movq	-32(%rsi),%r13
+.cfi_restore	%r13
+	movq	-24(%rsi),%r12
+.cfi_restore	%r12
+	movq	-16(%rsi),%rbp
+.cfi_restore	%rbp
+	movq	-8(%rsi),%rbx
+.cfi_restore	%rbx
+	leaq	(%rsi),%rsp
+.cfi_def_cfa_register	%rsp
+.Lepilogue_ssse3:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	sha256_block_data_order_ssse3,.-sha256_block_data_order_ssse3
+.type	sha256_block_data_order_avx,@function
+.align	64
+sha256_block_data_order_avx:
+.cfi_startproc	
+.Lavx_shortcut:
+	movq	%rsp,%rax
+.cfi_def_cfa_register	%rax
+	pushq	%rbx
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_offset	%r14,-48
+	pushq	%r15
+.cfi_offset	%r15,-56
+	shlq	$4,%rdx
+	subq	$96,%rsp
+	leaq	(%rsi,%rdx,4),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,64+0(%rsp)
+	movq	%rsi,64+8(%rsp)
+	movq	%rdx,64+16(%rsp)
+	movq	%rax,88(%rsp)
+.cfi_escape	0x0f,0x06,0x77,0xd8,0x00,0x06,0x23,0x08
+.Lprologue_avx:
+
+	vzeroupper
+	movl	0(%rdi),%eax
+	movl	4(%rdi),%ebx
+	movl	8(%rdi),%ecx
+	movl	12(%rdi),%edx
+	movl	16(%rdi),%r8d
+	movl	20(%rdi),%r9d
+	movl	24(%rdi),%r10d
+	movl	28(%rdi),%r11d
+	vmovdqa	K256+512+32(%rip),%xmm8
+	vmovdqa	K256+512+64(%rip),%xmm9
+	jmp	.Lloop_avx
+.align	16
+.Lloop_avx:
+	vmovdqa	K256+512(%rip),%xmm7
+	vmovdqu	0(%rsi),%xmm0
+	vmovdqu	16(%rsi),%xmm1
+	vmovdqu	32(%rsi),%xmm2
+	vmovdqu	48(%rsi),%xmm3
+	vpshufb	%xmm7,%xmm0,%xmm0
+	leaq	K256(%rip),%rbp
+	vpshufb	%xmm7,%xmm1,%xmm1
+	vpshufb	%xmm7,%xmm2,%xmm2
+	vpaddd	0(%rbp),%xmm0,%xmm4
+	vpshufb	%xmm7,%xmm3,%xmm3
+	vpaddd	32(%rbp),%xmm1,%xmm5
+	vpaddd	64(%rbp),%xmm2,%xmm6
+	vpaddd	96(%rbp),%xmm3,%xmm7
+	vmovdqa	%xmm4,0(%rsp)
+	movl	%eax,%r14d
+	vmovdqa	%xmm5,16(%rsp)
+	movl	%ebx,%edi
+	vmovdqa	%xmm6,32(%rsp)
+	xorl	%ecx,%edi
+	vmovdqa	%xmm7,48(%rsp)
+	movl	%r8d,%r13d
+	jmp	.Lavx_00_47
+
+.align	16
+.Lavx_00_47:
+	subq	$-128,%rbp
+	vpalignr	$4,%xmm0,%xmm1,%xmm4
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	vpalignr	$4,%xmm2,%xmm3,%xmm7
+	shrdl	$9,%r14d,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	vpsrld	$7,%xmm4,%xmm6
+	shrdl	$5,%r13d,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	vpaddd	%xmm7,%xmm0,%xmm0
+	xorl	%r8d,%r13d
+	addl	0(%rsp),%r11d
+	movl	%eax,%r15d
+	vpsrld	$3,%xmm4,%xmm7
+	xorl	%r10d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ebx,%r15d
+	vpslld	$14,%xmm4,%xmm5
+	addl	%r12d,%r11d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	vpxor	%xmm6,%xmm7,%xmm4
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	vpshufd	$250,%xmm3,%xmm7
+	shrdl	$2,%r14d,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	vpsrld	$11,%xmm6,%xmm6
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	shrdl	$14,%r13d,%r13d
+	vpxor	%xmm5,%xmm4,%xmm4
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	shrdl	$9,%r14d,%r14d
+	vpslld	$11,%xmm5,%xmm5
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	shrdl	$5,%r13d,%r13d
+	vpxor	%xmm6,%xmm4,%xmm4
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	vpsrld	$10,%xmm7,%xmm6
+	addl	4(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	vpxor	%xmm5,%xmm4,%xmm4
+	shrdl	$11,%r14d,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	vpsrlq	$17,%xmm7,%xmm7
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	vpaddd	%xmm4,%xmm0,%xmm0
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	shrdl	$2,%r14d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%r10d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r10d
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%edx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ecx,%r13d
+	vpshufb	%xmm8,%xmm6,%xmm6
+	xorl	%r8d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r10d,%r14d
+	vpaddd	%xmm6,%xmm0,%xmm0
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	8(%rsp),%r9d
+	vpshufd	$80,%xmm0,%xmm7
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	shrdl	$11,%r14d,%r14d
+	vpsrld	$10,%xmm7,%xmm6
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	shrdl	$6,%r13d,%r13d
+	vpsrlq	$17,%xmm7,%xmm7
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	vpxor	%xmm7,%xmm6,%xmm6
+	xorl	%r11d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r9d,%ebx
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	vpshufb	%xmm9,%xmm6,%xmm6
+	shrdl	$9,%r14d,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	vpaddd	%xmm6,%xmm0,%xmm0
+	shrdl	$5,%r13d,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	vpaddd	0(%rbp),%xmm0,%xmm6
+	xorl	%ebx,%r13d
+	addl	12(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	vmovdqa	%xmm6,0(%rsp)
+	vpalignr	$4,%xmm1,%xmm2,%xmm4
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	vpalignr	$4,%xmm3,%xmm0,%xmm7
+	shrdl	$9,%r14d,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	vpsrld	$7,%xmm4,%xmm6
+	shrdl	$5,%r13d,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	vpaddd	%xmm7,%xmm1,%xmm1
+	xorl	%eax,%r13d
+	addl	16(%rsp),%edx
+	movl	%r8d,%r15d
+	vpsrld	$3,%xmm4,%xmm7
+	xorl	%ecx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r9d,%r15d
+	vpslld	$14,%xmm4,%xmm5
+	addl	%r12d,%edx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	vpxor	%xmm6,%xmm7,%xmm4
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	vpshufd	$250,%xmm0,%xmm7
+	shrdl	$2,%r14d,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	vpsrld	$11,%xmm6,%xmm6
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	shrdl	$14,%r13d,%r13d
+	vpxor	%xmm5,%xmm4,%xmm4
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	shrdl	$9,%r14d,%r14d
+	vpslld	$11,%xmm5,%xmm5
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	shrdl	$5,%r13d,%r13d
+	vpxor	%xmm6,%xmm4,%xmm4
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	vpsrld	$10,%xmm7,%xmm6
+	addl	20(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	vpxor	%xmm5,%xmm4,%xmm4
+	shrdl	$11,%r14d,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	vpsrlq	$17,%xmm7,%xmm7
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	vpaddd	%xmm4,%xmm1,%xmm1
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	shrdl	$2,%r14d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%ecx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ecx
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%r11d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r10d,%r13d
+	vpshufb	%xmm8,%xmm6,%xmm6
+	xorl	%eax,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ecx,%r14d
+	vpaddd	%xmm6,%xmm1,%xmm1
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	24(%rsp),%ebx
+	vpshufd	$80,%xmm1,%xmm7
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	shrdl	$11,%r14d,%r14d
+	vpsrld	$10,%xmm7,%xmm6
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	shrdl	$6,%r13d,%r13d
+	vpsrlq	$17,%xmm7,%xmm7
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	vpxor	%xmm7,%xmm6,%xmm6
+	xorl	%edx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%ebx,%r9d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	vpshufb	%xmm9,%xmm6,%xmm6
+	shrdl	$9,%r14d,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	vpaddd	%xmm6,%xmm1,%xmm1
+	shrdl	$5,%r13d,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	vpaddd	32(%rbp),%xmm1,%xmm6
+	xorl	%r9d,%r13d
+	addl	28(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	vmovdqa	%xmm6,16(%rsp)
+	vpalignr	$4,%xmm2,%xmm3,%xmm4
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	vpalignr	$4,%xmm0,%xmm1,%xmm7
+	shrdl	$9,%r14d,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	vpsrld	$7,%xmm4,%xmm6
+	shrdl	$5,%r13d,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	vpaddd	%xmm7,%xmm2,%xmm2
+	xorl	%r8d,%r13d
+	addl	32(%rsp),%r11d
+	movl	%eax,%r15d
+	vpsrld	$3,%xmm4,%xmm7
+	xorl	%r10d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ebx,%r15d
+	vpslld	$14,%xmm4,%xmm5
+	addl	%r12d,%r11d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	vpxor	%xmm6,%xmm7,%xmm4
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	vpshufd	$250,%xmm1,%xmm7
+	shrdl	$2,%r14d,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	vpsrld	$11,%xmm6,%xmm6
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	shrdl	$14,%r13d,%r13d
+	vpxor	%xmm5,%xmm4,%xmm4
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	shrdl	$9,%r14d,%r14d
+	vpslld	$11,%xmm5,%xmm5
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	shrdl	$5,%r13d,%r13d
+	vpxor	%xmm6,%xmm4,%xmm4
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	vpsrld	$10,%xmm7,%xmm6
+	addl	36(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	vpxor	%xmm5,%xmm4,%xmm4
+	shrdl	$11,%r14d,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	vpsrlq	$17,%xmm7,%xmm7
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	vpaddd	%xmm4,%xmm2,%xmm2
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	shrdl	$2,%r14d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%r10d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r10d
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%edx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ecx,%r13d
+	vpshufb	%xmm8,%xmm6,%xmm6
+	xorl	%r8d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r10d,%r14d
+	vpaddd	%xmm6,%xmm2,%xmm2
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	40(%rsp),%r9d
+	vpshufd	$80,%xmm2,%xmm7
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	shrdl	$11,%r14d,%r14d
+	vpsrld	$10,%xmm7,%xmm6
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	shrdl	$6,%r13d,%r13d
+	vpsrlq	$17,%xmm7,%xmm7
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	vpxor	%xmm7,%xmm6,%xmm6
+	xorl	%r11d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r9d,%ebx
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	vpshufb	%xmm9,%xmm6,%xmm6
+	shrdl	$9,%r14d,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	vpaddd	%xmm6,%xmm2,%xmm2
+	shrdl	$5,%r13d,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	vpaddd	64(%rbp),%xmm2,%xmm6
+	xorl	%ebx,%r13d
+	addl	44(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	vmovdqa	%xmm6,32(%rsp)
+	vpalignr	$4,%xmm3,%xmm0,%xmm4
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	vpalignr	$4,%xmm1,%xmm2,%xmm7
+	shrdl	$9,%r14d,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	vpsrld	$7,%xmm4,%xmm6
+	shrdl	$5,%r13d,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	vpaddd	%xmm7,%xmm3,%xmm3
+	xorl	%eax,%r13d
+	addl	48(%rsp),%edx
+	movl	%r8d,%r15d
+	vpsrld	$3,%xmm4,%xmm7
+	xorl	%ecx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r9d,%r15d
+	vpslld	$14,%xmm4,%xmm5
+	addl	%r12d,%edx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	vpxor	%xmm6,%xmm7,%xmm4
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	vpshufd	$250,%xmm2,%xmm7
+	shrdl	$2,%r14d,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	vpsrld	$11,%xmm6,%xmm6
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	shrdl	$14,%r13d,%r13d
+	vpxor	%xmm5,%xmm4,%xmm4
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	shrdl	$9,%r14d,%r14d
+	vpslld	$11,%xmm5,%xmm5
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	shrdl	$5,%r13d,%r13d
+	vpxor	%xmm6,%xmm4,%xmm4
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	vpsrld	$10,%xmm7,%xmm6
+	addl	52(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	vpxor	%xmm5,%xmm4,%xmm4
+	shrdl	$11,%r14d,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	vpsrlq	$17,%xmm7,%xmm7
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	vpaddd	%xmm4,%xmm3,%xmm3
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	shrdl	$2,%r14d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%ecx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ecx
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%r11d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r10d,%r13d
+	vpshufb	%xmm8,%xmm6,%xmm6
+	xorl	%eax,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ecx,%r14d
+	vpaddd	%xmm6,%xmm3,%xmm3
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	56(%rsp),%ebx
+	vpshufd	$80,%xmm3,%xmm7
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	shrdl	$11,%r14d,%r14d
+	vpsrld	$10,%xmm7,%xmm6
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	shrdl	$6,%r13d,%r13d
+	vpsrlq	$17,%xmm7,%xmm7
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	vpxor	%xmm7,%xmm6,%xmm6
+	xorl	%edx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%ebx,%r9d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	vpshufb	%xmm9,%xmm6,%xmm6
+	shrdl	$9,%r14d,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	vpaddd	%xmm6,%xmm3,%xmm3
+	shrdl	$5,%r13d,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	vpaddd	96(%rbp),%xmm3,%xmm6
+	xorl	%r9d,%r13d
+	addl	60(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	vmovdqa	%xmm6,48(%rsp)
+	cmpb	$0,131(%rbp)
+	jne	.Lavx_00_47
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+	addl	0(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	addl	4(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	8(%rsp),%r9d
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	xorl	%r11d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r9d,%ebx
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	12(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+	addl	16(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	addl	20(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	24(%rsp),%ebx
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	xorl	%edx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%ebx,%r9d
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	28(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+	addl	32(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	addl	36(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	40(%rsp),%r9d
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	xorl	%r11d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r9d,%ebx
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	44(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+	addl	48(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	addl	52(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	56(%rsp),%ebx
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	xorl	%edx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%ebx,%r9d
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	60(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	movq	64+0(%rsp),%rdi
+	movl	%r14d,%eax
+
+	addl	0(%rdi),%eax
+	leaq	64(%rsi),%rsi
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	addl	24(%rdi),%r10d
+	addl	28(%rdi),%r11d
+
+	cmpq	64+16(%rsp),%rsi
+
+	movl	%eax,0(%rdi)
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+	jb	.Lloop_avx
+
+	movq	88(%rsp),%rsi
+.cfi_def_cfa	%rsi,8
+	vzeroupper
+	movq	-48(%rsi),%r15
+.cfi_restore	%r15
+	movq	-40(%rsi),%r14
+.cfi_restore	%r14
+	movq	-32(%rsi),%r13
+.cfi_restore	%r13
+	movq	-24(%rsi),%r12
+.cfi_restore	%r12
+	movq	-16(%rsi),%rbp
+.cfi_restore	%rbp
+	movq	-8(%rsi),%rbx
+.cfi_restore	%rbx
+	leaq	(%rsi),%rsp
+.cfi_def_cfa_register	%rsp
+.Lepilogue_avx:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	sha256_block_data_order_avx,.-sha256_block_data_order_avx
+.type	sha256_block_data_order_avx2,@function
+.align	64
+sha256_block_data_order_avx2:
+.cfi_startproc	
+.Lavx2_shortcut:
+	movq	%rsp,%rax
+.cfi_def_cfa_register	%rax
+	pushq	%rbx
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_offset	%r14,-48
+	pushq	%r15
+.cfi_offset	%r15,-56
+	subq	$544,%rsp
+	shlq	$4,%rdx
+	andq	$-1024,%rsp
+	leaq	(%rsi,%rdx,4),%rdx
+	addq	$448,%rsp
+	movq	%rdi,64+0(%rsp)
+	movq	%rsi,64+8(%rsp)
+	movq	%rdx,64+16(%rsp)
+	movq	%rax,88(%rsp)
+.cfi_escape	0x0f,0x06,0x77,0xd8,0x00,0x06,0x23,0x08
+.Lprologue_avx2:
+
+	vzeroupper
+	subq	$-64,%rsi
+	movl	0(%rdi),%eax
+	movq	%rsi,%r12
+	movl	4(%rdi),%ebx
+	cmpq	%rdx,%rsi
+	movl	8(%rdi),%ecx
+	cmoveq	%rsp,%r12
+	movl	12(%rdi),%edx
+	movl	16(%rdi),%r8d
+	movl	20(%rdi),%r9d
+	movl	24(%rdi),%r10d
+	movl	28(%rdi),%r11d
+	vmovdqa	K256+512+32(%rip),%ymm8
+	vmovdqa	K256+512+64(%rip),%ymm9
+	jmp	.Loop_avx2
+.align	16
+.Loop_avx2:
+	vmovdqa	K256+512(%rip),%ymm7
+	vmovdqu	-64+0(%rsi),%xmm0
+	vmovdqu	-64+16(%rsi),%xmm1
+	vmovdqu	-64+32(%rsi),%xmm2
+	vmovdqu	-64+48(%rsi),%xmm3
+
+	vinserti128	$1,(%r12),%ymm0,%ymm0
+	vinserti128	$1,16(%r12),%ymm1,%ymm1
+	vpshufb	%ymm7,%ymm0,%ymm0
+	vinserti128	$1,32(%r12),%ymm2,%ymm2
+	vpshufb	%ymm7,%ymm1,%ymm1
+	vinserti128	$1,48(%r12),%ymm3,%ymm3
+
+	leaq	K256(%rip),%rbp
+	vpshufb	%ymm7,%ymm2,%ymm2
+	vpaddd	0(%rbp),%ymm0,%ymm4
+	vpshufb	%ymm7,%ymm3,%ymm3
+	vpaddd	32(%rbp),%ymm1,%ymm5
+	vpaddd	64(%rbp),%ymm2,%ymm6
+	vpaddd	96(%rbp),%ymm3,%ymm7
+	vmovdqa	%ymm4,0(%rsp)
+	xorl	%r14d,%r14d
+	vmovdqa	%ymm5,32(%rsp)
+
+	movq	88(%rsp),%rdi
+.cfi_def_cfa	%rdi,8
+	leaq	-64(%rsp),%rsp
+
+
+
+	movq	%rdi,-8(%rsp)
+.cfi_escape	0x0f,0x05,0x77,0x78,0x06,0x23,0x08
+	movl	%ebx,%edi
+	vmovdqa	%ymm6,0(%rsp)
+	xorl	%ecx,%edi
+	vmovdqa	%ymm7,32(%rsp)
+	movl	%r9d,%r12d
+	subq	$-32*4,%rbp
+	jmp	.Lavx2_00_47
+
+.align	16
+.Lavx2_00_47:
+	leaq	-64(%rsp),%rsp
+.cfi_escape	0x0f,0x05,0x77,0x38,0x06,0x23,0x08
+
+	pushq	64-8(%rsp)
+.cfi_escape	0x0f,0x05,0x77,0x00,0x06,0x23,0x08
+	leaq	8(%rsp),%rsp
+.cfi_escape	0x0f,0x05,0x77,0x78,0x06,0x23,0x08
+	vpalignr	$4,%ymm0,%ymm1,%ymm4
+	addl	0+128(%rsp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	vpalignr	$4,%ymm2,%ymm3,%ymm7
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	vpsrld	$7,%ymm4,%ymm6
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	vpaddd	%ymm7,%ymm0,%ymm0
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	vpsrld	$3,%ymm4,%ymm7
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	vpslld	$14,%ymm4,%ymm5
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	vpxor	%ymm6,%ymm7,%ymm4
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	vpshufd	$250,%ymm3,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	vpsrld	$11,%ymm6,%ymm6
+	addl	4+128(%rsp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	vpslld	$11,%ymm5,%ymm5
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	vpxor	%ymm6,%ymm4,%ymm4
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	vpsrld	$10,%ymm7,%ymm6
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	vpsrlq	$17,%ymm7,%ymm7
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	vpaddd	%ymm4,%ymm0,%ymm0
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	8+128(%rsp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	vpshufb	%ymm8,%ymm6,%ymm6
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	vpaddd	%ymm6,%ymm0,%ymm0
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	vpshufd	$80,%ymm0,%ymm7
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	vpsrld	$10,%ymm7,%ymm6
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	vpsrlq	$17,%ymm7,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	12+128(%rsp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	vpshufb	%ymm9,%ymm6,%ymm6
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	vpaddd	%ymm6,%ymm0,%ymm0
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	vpaddd	0(%rbp),%ymm0,%ymm6
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	vmovdqa	%ymm6,0(%rsp)
+	vpalignr	$4,%ymm1,%ymm2,%ymm4
+	addl	32+128(%rsp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	vpalignr	$4,%ymm3,%ymm0,%ymm7
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	vpsrld	$7,%ymm4,%ymm6
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	vpaddd	%ymm7,%ymm1,%ymm1
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	vpsrld	$3,%ymm4,%ymm7
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	vpslld	$14,%ymm4,%ymm5
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	vpxor	%ymm6,%ymm7,%ymm4
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	vpshufd	$250,%ymm0,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	vpsrld	$11,%ymm6,%ymm6
+	addl	36+128(%rsp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	vpslld	$11,%ymm5,%ymm5
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	vpxor	%ymm6,%ymm4,%ymm4
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	vpsrld	$10,%ymm7,%ymm6
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	vpsrlq	$17,%ymm7,%ymm7
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	vpaddd	%ymm4,%ymm1,%ymm1
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	40+128(%rsp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	vpshufb	%ymm8,%ymm6,%ymm6
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	vpaddd	%ymm6,%ymm1,%ymm1
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	vpshufd	$80,%ymm1,%ymm7
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	vpsrld	$10,%ymm7,%ymm6
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	vpsrlq	$17,%ymm7,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	44+128(%rsp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	vpshufb	%ymm9,%ymm6,%ymm6
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	vpaddd	%ymm6,%ymm1,%ymm1
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	vpaddd	32(%rbp),%ymm1,%ymm6
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	vmovdqa	%ymm6,32(%rsp)
+	leaq	-64(%rsp),%rsp
+.cfi_escape	0x0f,0x05,0x77,0x38,0x06,0x23,0x08
+
+	pushq	64-8(%rsp)
+.cfi_escape	0x0f,0x05,0x77,0x00,0x06,0x23,0x08
+	leaq	8(%rsp),%rsp
+.cfi_escape	0x0f,0x05,0x77,0x78,0x06,0x23,0x08
+	vpalignr	$4,%ymm2,%ymm3,%ymm4
+	addl	0+128(%rsp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	vpalignr	$4,%ymm0,%ymm1,%ymm7
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	vpsrld	$7,%ymm4,%ymm6
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	vpaddd	%ymm7,%ymm2,%ymm2
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	vpsrld	$3,%ymm4,%ymm7
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	vpslld	$14,%ymm4,%ymm5
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	vpxor	%ymm6,%ymm7,%ymm4
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	vpshufd	$250,%ymm1,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	vpsrld	$11,%ymm6,%ymm6
+	addl	4+128(%rsp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	vpslld	$11,%ymm5,%ymm5
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	vpxor	%ymm6,%ymm4,%ymm4
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	vpsrld	$10,%ymm7,%ymm6
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	vpsrlq	$17,%ymm7,%ymm7
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	vpaddd	%ymm4,%ymm2,%ymm2
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	8+128(%rsp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	vpshufb	%ymm8,%ymm6,%ymm6
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	vpaddd	%ymm6,%ymm2,%ymm2
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	vpshufd	$80,%ymm2,%ymm7
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	vpsrld	$10,%ymm7,%ymm6
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	vpsrlq	$17,%ymm7,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	12+128(%rsp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	vpshufb	%ymm9,%ymm6,%ymm6
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	vpaddd	%ymm6,%ymm2,%ymm2
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	vpaddd	64(%rbp),%ymm2,%ymm6
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	vmovdqa	%ymm6,0(%rsp)
+	vpalignr	$4,%ymm3,%ymm0,%ymm4
+	addl	32+128(%rsp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	vpalignr	$4,%ymm1,%ymm2,%ymm7
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	vpsrld	$7,%ymm4,%ymm6
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	vpaddd	%ymm7,%ymm3,%ymm3
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	vpsrld	$3,%ymm4,%ymm7
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	vpslld	$14,%ymm4,%ymm5
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	vpxor	%ymm6,%ymm7,%ymm4
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	vpshufd	$250,%ymm2,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	vpsrld	$11,%ymm6,%ymm6
+	addl	36+128(%rsp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	vpslld	$11,%ymm5,%ymm5
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	vpxor	%ymm6,%ymm4,%ymm4
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	vpsrld	$10,%ymm7,%ymm6
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	vpsrlq	$17,%ymm7,%ymm7
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	vpaddd	%ymm4,%ymm3,%ymm3
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	40+128(%rsp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	vpshufb	%ymm8,%ymm6,%ymm6
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	vpaddd	%ymm6,%ymm3,%ymm3
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	vpshufd	$80,%ymm3,%ymm7
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	vpsrld	$10,%ymm7,%ymm6
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	vpsrlq	$17,%ymm7,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	44+128(%rsp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	vpshufb	%ymm9,%ymm6,%ymm6
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	vpaddd	%ymm6,%ymm3,%ymm3
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	vpaddd	96(%rbp),%ymm3,%ymm6
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	vmovdqa	%ymm6,32(%rsp)
+	leaq	128(%rbp),%rbp
+	cmpb	$0,3(%rbp)
+	jne	.Lavx2_00_47
+	addl	0+64(%rsp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	addl	4+64(%rsp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	addl	8+64(%rsp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	addl	12+64(%rsp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	addl	32+64(%rsp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	addl	36+64(%rsp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	addl	40+64(%rsp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	addl	44+64(%rsp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	addl	0(%rsp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	addl	4(%rsp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	addl	8(%rsp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	addl	12(%rsp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	addl	32(%rsp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	addl	36(%rsp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	addl	40(%rsp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	addl	44(%rsp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	movq	512(%rsp),%rdi
+	addl	%r14d,%eax
+
+	leaq	448(%rsp),%rbp
+
+	addl	0(%rdi),%eax
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	addl	24(%rdi),%r10d
+	addl	28(%rdi),%r11d
+
+	movl	%eax,0(%rdi)
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+
+	cmpq	80(%rbp),%rsi
+	je	.Ldone_avx2
+
+	xorl	%r14d,%r14d
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	movl	%r9d,%r12d
+	jmp	.Lower_avx2
+.align	16
+.Lower_avx2:
+	addl	0+16(%rbp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	addl	4+16(%rbp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	addl	8+16(%rbp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	addl	12+16(%rbp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	addl	32+16(%rbp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	addl	36+16(%rbp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	addl	40+16(%rbp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	addl	44+16(%rbp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	leaq	-64(%rbp),%rbp
+	cmpq	%rsp,%rbp
+	jae	.Lower_avx2
+
+	movq	512(%rsp),%rdi
+	addl	%r14d,%eax
+
+	leaq	448(%rsp),%rsp
+
+.cfi_escape	0x0f,0x06,0x77,0xd8,0x00,0x06,0x23,0x08
+
+	addl	0(%rdi),%eax
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	leaq	128(%rsi),%rsi
+	addl	24(%rdi),%r10d
+	movq	%rsi,%r12
+	addl	28(%rdi),%r11d
+	cmpq	64+16(%rsp),%rsi
+
+	movl	%eax,0(%rdi)
+	cmoveq	%rsp,%r12
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+
+	jbe	.Loop_avx2
+	leaq	(%rsp),%rbp
+
+
+.cfi_escape	0x0f,0x06,0x76,0xd8,0x00,0x06,0x23,0x08
+
+.Ldone_avx2:
+	movq	88(%rbp),%rsi
+.cfi_def_cfa	%rsi,8
+	vzeroupper
+	movq	-48(%rsi),%r15
+.cfi_restore	%r15
+	movq	-40(%rsi),%r14
+.cfi_restore	%r14
+	movq	-32(%rsi),%r13
+.cfi_restore	%r13
+	movq	-24(%rsi),%r12
+.cfi_restore	%r12
+	movq	-16(%rsi),%rbp
+.cfi_restore	%rbp
+	movq	-8(%rsi),%rbx
+.cfi_restore	%rbx
+	leaq	(%rsi),%rsp
+.cfi_def_cfa_register	%rsp
+.Lepilogue_avx2:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	sha256_block_data_order_avx2,.-sha256_block_data_order_avx2
+
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/x86/elf/sha512-ssse3-x86.s b/lib/accelerated/x86/elf/sha512-ssse3-x86.s
new file mode 100644
index 0000000..481c777
--- /dev/null
+++ b/lib/accelerated/x86/elf/sha512-ssse3-x86.s
@@ -0,0 +1,605 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text
+.globl	sha512_block_data_order
+.type	sha512_block_data_order,@function
+.align	16
+sha512_block_data_order:
+.L_sha512_block_data_order_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	%esp,%ebx
+	call	.L000pic_point
+.L000pic_point:
+	popl	%ebp
+	leal	.L001K512-.L000pic_point(%ebp),%ebp
+	subl	$16,%esp
+	andl	$-64,%esp
+	shll	$7,%eax
+	addl	%edi,%eax
+	movl	%esi,(%esp)
+	movl	%edi,4(%esp)
+	movl	%eax,8(%esp)
+	movl	%ebx,12(%esp)
+.align	16
+.L002loop_x86:
+	movl	(%edi),%eax
+	movl	4(%edi),%ebx
+	movl	8(%edi),%ecx
+	movl	12(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	16(%edi),%eax
+	movl	20(%edi),%ebx
+	movl	24(%edi),%ecx
+	movl	28(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	32(%edi),%eax
+	movl	36(%edi),%ebx
+	movl	40(%edi),%ecx
+	movl	44(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	48(%edi),%eax
+	movl	52(%edi),%ebx
+	movl	56(%edi),%ecx
+	movl	60(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	64(%edi),%eax
+	movl	68(%edi),%ebx
+	movl	72(%edi),%ecx
+	movl	76(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	80(%edi),%eax
+	movl	84(%edi),%ebx
+	movl	88(%edi),%ecx
+	movl	92(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	96(%edi),%eax
+	movl	100(%edi),%ebx
+	movl	104(%edi),%ecx
+	movl	108(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	112(%edi),%eax
+	movl	116(%edi),%ebx
+	movl	120(%edi),%ecx
+	movl	124(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	addl	$128,%edi
+	subl	$72,%esp
+	movl	%edi,204(%esp)
+	leal	8(%esp),%edi
+	movl	$16,%ecx
+.long	2784229001
+.align	16
+.L00300_15_x86:
+	movl	40(%esp),%ecx
+	movl	44(%esp),%edx
+	movl	%ecx,%esi
+	shrl	$9,%ecx
+	movl	%edx,%edi
+	shrl	$9,%edx
+	movl	%ecx,%ebx
+	shll	$14,%esi
+	movl	%edx,%eax
+	shll	$14,%edi
+	xorl	%esi,%ebx
+	shrl	$5,%ecx
+	xorl	%edi,%eax
+	shrl	$5,%edx
+	xorl	%ecx,%eax
+	shll	$4,%esi
+	xorl	%edx,%ebx
+	shll	$4,%edi
+	xorl	%esi,%ebx
+	shrl	$4,%ecx
+	xorl	%edi,%eax
+	shrl	$4,%edx
+	xorl	%ecx,%eax
+	shll	$5,%esi
+	xorl	%edx,%ebx
+	shll	$5,%edi
+	xorl	%esi,%eax
+	xorl	%edi,%ebx
+	movl	48(%esp),%ecx
+	movl	52(%esp),%edx
+	movl	56(%esp),%esi
+	movl	60(%esp),%edi
+	addl	64(%esp),%eax
+	adcl	68(%esp),%ebx
+	xorl	%esi,%ecx
+	xorl	%edi,%edx
+	andl	40(%esp),%ecx
+	andl	44(%esp),%edx
+	addl	192(%esp),%eax
+	adcl	196(%esp),%ebx
+	xorl	%esi,%ecx
+	xorl	%edi,%edx
+	movl	(%ebp),%esi
+	movl	4(%ebp),%edi
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	32(%esp),%ecx
+	movl	36(%esp),%edx
+	addl	%esi,%eax
+	adcl	%edi,%ebx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	movl	%eax,32(%esp)
+	movl	%ebx,36(%esp)
+	movl	%ecx,%esi
+	shrl	$2,%ecx
+	movl	%edx,%edi
+	shrl	$2,%edx
+	movl	%ecx,%ebx
+	shll	$4,%esi
+	movl	%edx,%eax
+	shll	$4,%edi
+	xorl	%esi,%ebx
+	shrl	$5,%ecx
+	xorl	%edi,%eax
+	shrl	$5,%edx
+	xorl	%ecx,%ebx
+	shll	$21,%esi
+	xorl	%edx,%eax
+	shll	$21,%edi
+	xorl	%esi,%eax
+	shrl	$21,%ecx
+	xorl	%edi,%ebx
+	shrl	$21,%edx
+	xorl	%ecx,%eax
+	shll	$5,%esi
+	xorl	%edx,%ebx
+	shll	$5,%edi
+	xorl	%esi,%eax
+	xorl	%edi,%ebx
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	movl	16(%esp),%esi
+	movl	20(%esp),%edi
+	addl	(%esp),%eax
+	adcl	4(%esp),%ebx
+	orl	%esi,%ecx
+	orl	%edi,%edx
+	andl	24(%esp),%ecx
+	andl	28(%esp),%edx
+	andl	8(%esp),%esi
+	andl	12(%esp),%edi
+	orl	%esi,%ecx
+	orl	%edi,%edx
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	movb	(%ebp),%dl
+	subl	$8,%esp
+	leal	8(%ebp),%ebp
+	cmpb	$148,%dl
+	jne	.L00300_15_x86
+.align	16
+.L00416_79_x86:
+	movl	312(%esp),%ecx
+	movl	316(%esp),%edx
+	movl	%ecx,%esi
+	shrl	$1,%ecx
+	movl	%edx,%edi
+	shrl	$1,%edx
+	movl	%ecx,%eax
+	shll	$24,%esi
+	movl	%edx,%ebx
+	shll	$24,%edi
+	xorl	%esi,%ebx
+	shrl	$6,%ecx
+	xorl	%edi,%eax
+	shrl	$6,%edx
+	xorl	%ecx,%eax
+	shll	$7,%esi
+	xorl	%edx,%ebx
+	shll	$1,%edi
+	xorl	%esi,%ebx
+	shrl	$1,%ecx
+	xorl	%edi,%eax
+	shrl	$1,%edx
+	xorl	%ecx,%eax
+	shll	$6,%edi
+	xorl	%edx,%ebx
+	xorl	%edi,%eax
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	movl	208(%esp),%ecx
+	movl	212(%esp),%edx
+	movl	%ecx,%esi
+	shrl	$6,%ecx
+	movl	%edx,%edi
+	shrl	$6,%edx
+	movl	%ecx,%eax
+	shll	$3,%esi
+	movl	%edx,%ebx
+	shll	$3,%edi
+	xorl	%esi,%eax
+	shrl	$13,%ecx
+	xorl	%edi,%ebx
+	shrl	$13,%edx
+	xorl	%ecx,%eax
+	shll	$10,%esi
+	xorl	%edx,%ebx
+	shll	$10,%edi
+	xorl	%esi,%ebx
+	shrl	$10,%ecx
+	xorl	%edi,%eax
+	shrl	$10,%edx
+	xorl	%ecx,%ebx
+	shll	$13,%edi
+	xorl	%edx,%eax
+	xorl	%edi,%eax
+	movl	320(%esp),%ecx
+	movl	324(%esp),%edx
+	addl	(%esp),%eax
+	adcl	4(%esp),%ebx
+	movl	248(%esp),%esi
+	movl	252(%esp),%edi
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	addl	%esi,%eax
+	adcl	%edi,%ebx
+	movl	%eax,192(%esp)
+	movl	%ebx,196(%esp)
+	movl	40(%esp),%ecx
+	movl	44(%esp),%edx
+	movl	%ecx,%esi
+	shrl	$9,%ecx
+	movl	%edx,%edi
+	shrl	$9,%edx
+	movl	%ecx,%ebx
+	shll	$14,%esi
+	movl	%edx,%eax
+	shll	$14,%edi
+	xorl	%esi,%ebx
+	shrl	$5,%ecx
+	xorl	%edi,%eax
+	shrl	$5,%edx
+	xorl	%ecx,%eax
+	shll	$4,%esi
+	xorl	%edx,%ebx
+	shll	$4,%edi
+	xorl	%esi,%ebx
+	shrl	$4,%ecx
+	xorl	%edi,%eax
+	shrl	$4,%edx
+	xorl	%ecx,%eax
+	shll	$5,%esi
+	xorl	%edx,%ebx
+	shll	$5,%edi
+	xorl	%esi,%eax
+	xorl	%edi,%ebx
+	movl	48(%esp),%ecx
+	movl	52(%esp),%edx
+	movl	56(%esp),%esi
+	movl	60(%esp),%edi
+	addl	64(%esp),%eax
+	adcl	68(%esp),%ebx
+	xorl	%esi,%ecx
+	xorl	%edi,%edx
+	andl	40(%esp),%ecx
+	andl	44(%esp),%edx
+	addl	192(%esp),%eax
+	adcl	196(%esp),%ebx
+	xorl	%esi,%ecx
+	xorl	%edi,%edx
+	movl	(%ebp),%esi
+	movl	4(%ebp),%edi
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	32(%esp),%ecx
+	movl	36(%esp),%edx
+	addl	%esi,%eax
+	adcl	%edi,%ebx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	movl	%eax,32(%esp)
+	movl	%ebx,36(%esp)
+	movl	%ecx,%esi
+	shrl	$2,%ecx
+	movl	%edx,%edi
+	shrl	$2,%edx
+	movl	%ecx,%ebx
+	shll	$4,%esi
+	movl	%edx,%eax
+	shll	$4,%edi
+	xorl	%esi,%ebx
+	shrl	$5,%ecx
+	xorl	%edi,%eax
+	shrl	$5,%edx
+	xorl	%ecx,%ebx
+	shll	$21,%esi
+	xorl	%edx,%eax
+	shll	$21,%edi
+	xorl	%esi,%eax
+	shrl	$21,%ecx
+	xorl	%edi,%ebx
+	shrl	$21,%edx
+	xorl	%ecx,%eax
+	shll	$5,%esi
+	xorl	%edx,%ebx
+	shll	$5,%edi
+	xorl	%esi,%eax
+	xorl	%edi,%ebx
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	movl	16(%esp),%esi
+	movl	20(%esp),%edi
+	addl	(%esp),%eax
+	adcl	4(%esp),%ebx
+	orl	%esi,%ecx
+	orl	%edi,%edx
+	andl	24(%esp),%ecx
+	andl	28(%esp),%edx
+	andl	8(%esp),%esi
+	andl	12(%esp),%edi
+	orl	%esi,%ecx
+	orl	%edi,%edx
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	movb	(%ebp),%dl
+	subl	$8,%esp
+	leal	8(%ebp),%ebp
+	cmpb	$23,%dl
+	jne	.L00416_79_x86
+	movl	840(%esp),%esi
+	movl	844(%esp),%edi
+	movl	(%esi),%eax
+	movl	4(%esi),%ebx
+	movl	8(%esi),%ecx
+	movl	12(%esi),%edx
+	addl	8(%esp),%eax
+	adcl	12(%esp),%ebx
+	movl	%eax,(%esi)
+	movl	%ebx,4(%esi)
+	addl	16(%esp),%ecx
+	adcl	20(%esp),%edx
+	movl	%ecx,8(%esi)
+	movl	%edx,12(%esi)
+	movl	16(%esi),%eax
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%edx
+	addl	24(%esp),%eax
+	adcl	28(%esp),%ebx
+	movl	%eax,16(%esi)
+	movl	%ebx,20(%esi)
+	addl	32(%esp),%ecx
+	adcl	36(%esp),%edx
+	movl	%ecx,24(%esi)
+	movl	%edx,28(%esi)
+	movl	32(%esi),%eax
+	movl	36(%esi),%ebx
+	movl	40(%esi),%ecx
+	movl	44(%esi),%edx
+	addl	40(%esp),%eax
+	adcl	44(%esp),%ebx
+	movl	%eax,32(%esi)
+	movl	%ebx,36(%esi)
+	addl	48(%esp),%ecx
+	adcl	52(%esp),%edx
+	movl	%ecx,40(%esi)
+	movl	%edx,44(%esi)
+	movl	48(%esi),%eax
+	movl	52(%esi),%ebx
+	movl	56(%esi),%ecx
+	movl	60(%esi),%edx
+	addl	56(%esp),%eax
+	adcl	60(%esp),%ebx
+	movl	%eax,48(%esi)
+	movl	%ebx,52(%esi)
+	addl	64(%esp),%ecx
+	adcl	68(%esp),%edx
+	movl	%ecx,56(%esi)
+	movl	%edx,60(%esi)
+	addl	$840,%esp
+	subl	$640,%ebp
+	cmpl	8(%esp),%edi
+	jb	.L002loop_x86
+	movl	12(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	64
+.L001K512:
+.long	3609767458,1116352408
+.long	602891725,1899447441
+.long	3964484399,3049323471
+.long	2173295548,3921009573
+.long	4081628472,961987163
+.long	3053834265,1508970993
+.long	2937671579,2453635748
+.long	3664609560,2870763221
+.long	2734883394,3624381080
+.long	1164996542,310598401
+.long	1323610764,607225278
+.long	3590304994,1426881987
+.long	4068182383,1925078388
+.long	991336113,2162078206
+.long	633803317,2614888103
+.long	3479774868,3248222580
+.long	2666613458,3835390401
+.long	944711139,4022224774
+.long	2341262773,264347078
+.long	2007800933,604807628
+.long	1495990901,770255983
+.long	1856431235,1249150122
+.long	3175218132,1555081692
+.long	2198950837,1996064986
+.long	3999719339,2554220882
+.long	766784016,2821834349
+.long	2566594879,2952996808
+.long	3203337956,3210313671
+.long	1034457026,3336571891
+.long	2466948901,3584528711
+.long	3758326383,113926993
+.long	168717936,338241895
+.long	1188179964,666307205
+.long	1546045734,773529912
+.long	1522805485,1294757372
+.long	2643833823,1396182291
+.long	2343527390,1695183700
+.long	1014477480,1986661051
+.long	1206759142,2177026350
+.long	344077627,2456956037
+.long	1290863460,2730485921
+.long	3158454273,2820302411
+.long	3505952657,3259730800
+.long	106217008,3345764771
+.long	3606008344,3516065817
+.long	1432725776,3600352804
+.long	1467031594,4094571909
+.long	851169720,275423344
+.long	3100823752,430227734
+.long	1363258195,506948616
+.long	3750685593,659060556
+.long	3785050280,883997877
+.long	3318307427,958139571
+.long	3812723403,1322822218
+.long	2003034995,1537002063
+.long	3602036899,1747873779
+.long	1575990012,1955562222
+.long	1125592928,2024104815
+.long	2716904306,2227730452
+.long	442776044,2361852424
+.long	593698344,2428436474
+.long	3733110249,2756734187
+.long	2999351573,3204031479
+.long	3815920427,3329325298
+.long	3928383900,3391569614
+.long	566280711,3515267271
+.long	3454069534,3940187606
+.long	4000239992,4118630271
+.long	1914138554,116418474
+.long	2731055270,174292421
+.long	3203993006,289380356
+.long	320620315,460393269
+.long	587496836,685471733
+.long	1086792851,852142971
+.long	365543100,1017036298
+.long	2618297676,1126000580
+.long	3409855158,1288033470
+.long	4234509866,1501505948
+.long	987167468,1607167915
+.long	1246189591,1816402316
+.long	67438087,66051
+.long	202182159,134810123
+.size	sha512_block_data_order,.-.L_sha512_block_data_order_begin
+.byte	83,72,65,53,49,50,32,98,108,111,99,107,32,116,114,97
+.byte	110,115,102,111,114,109,32,102,111,114,32,120,56,54,44,32
+.byte	67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97
+.byte	112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103
+.byte	62,0
+
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/x86/elf/sha512-ssse3-x86_64.s b/lib/accelerated/x86/elf/sha512-ssse3-x86_64.s
new file mode 100644
index 0000000..039b1d7
--- /dev/null
+++ b/lib/accelerated/x86/elf/sha512-ssse3-x86_64.s
@@ -0,0 +1,5502 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+.globl	sha512_block_data_order
+.type	sha512_block_data_order,@function
+.align	16
+sha512_block_data_order:
+.cfi_startproc	
+	leaq	GNUTLS_x86_cpuid_s(%rip),%r11
+	movl	0(%r11),%r9d
+	movl	4(%r11),%r10d
+	movl	8(%r11),%r11d
+	testl	$2048,%r10d
+	jnz	.Lxop_shortcut
+	andl	$296,%r11d
+	cmpl	$296,%r11d
+	je	.Lavx2_shortcut
+	andl	$1073741824,%r9d
+	andl	$268435968,%r10d
+	orl	%r9d,%r10d
+	cmpl	$1342177792,%r10d
+	je	.Lavx_shortcut
+	movq	%rsp,%rax
+.cfi_def_cfa_register	%rax
+	pushq	%rbx
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_offset	%r14,-48
+	pushq	%r15
+.cfi_offset	%r15,-56
+	shlq	$4,%rdx
+	subq	$128+32,%rsp
+	leaq	(%rsi,%rdx,8),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,128+0(%rsp)
+	movq	%rsi,128+8(%rsp)
+	movq	%rdx,128+16(%rsp)
+	movq	%rax,152(%rsp)
+.cfi_escape	0x0f,0x06,0x77,0x98,0x01,0x06,0x23,0x08
+.Lprologue:
+
+	movq	0(%rdi),%rax
+	movq	8(%rdi),%rbx
+	movq	16(%rdi),%rcx
+	movq	24(%rdi),%rdx
+	movq	32(%rdi),%r8
+	movq	40(%rdi),%r9
+	movq	48(%rdi),%r10
+	movq	56(%rdi),%r11
+	jmp	.Lloop
+
+.align	16
+.Lloop:
+	movq	%rbx,%rdi
+	leaq	K512(%rip),%rbp
+	xorq	%rcx,%rdi
+	movq	0(%rsi),%r12
+	movq	%r8,%r13
+	movq	%rax,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r9,%r15
+
+	xorq	%r8,%r13
+	rorq	$5,%r14
+	xorq	%r10,%r15
+
+	movq	%r12,0(%rsp)
+	xorq	%rax,%r14
+	andq	%r8,%r15
+
+	rorq	$4,%r13
+	addq	%r11,%r12
+	xorq	%r10,%r15
+
+	rorq	$6,%r14
+	xorq	%r8,%r13
+	addq	%r15,%r12
+
+	movq	%rax,%r15
+	addq	(%rbp),%r12
+	xorq	%rax,%r14
+
+	xorq	%rbx,%r15
+	rorq	$14,%r13
+	movq	%rbx,%r11
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r11
+	addq	%r12,%rdx
+	addq	%r12,%r11
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%r11
+	movq	8(%rsi),%r12
+	movq	%rdx,%r13
+	movq	%r11,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r8,%rdi
+
+	xorq	%rdx,%r13
+	rorq	$5,%r14
+	xorq	%r9,%rdi
+
+	movq	%r12,8(%rsp)
+	xorq	%r11,%r14
+	andq	%rdx,%rdi
+
+	rorq	$4,%r13
+	addq	%r10,%r12
+	xorq	%r9,%rdi
+
+	rorq	$6,%r14
+	xorq	%rdx,%r13
+	addq	%rdi,%r12
+
+	movq	%r11,%rdi
+	addq	(%rbp),%r12
+	xorq	%r11,%r14
+
+	xorq	%rax,%rdi
+	rorq	$14,%r13
+	movq	%rax,%r10
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r10
+	addq	%r12,%rcx
+	addq	%r12,%r10
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%r10
+	movq	16(%rsi),%r12
+	movq	%rcx,%r13
+	movq	%r10,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rdx,%r15
+
+	xorq	%rcx,%r13
+	rorq	$5,%r14
+	xorq	%r8,%r15
+
+	movq	%r12,16(%rsp)
+	xorq	%r10,%r14
+	andq	%rcx,%r15
+
+	rorq	$4,%r13
+	addq	%r9,%r12
+	xorq	%r8,%r15
+
+	rorq	$6,%r14
+	xorq	%rcx,%r13
+	addq	%r15,%r12
+
+	movq	%r10,%r15
+	addq	(%rbp),%r12
+	xorq	%r10,%r14
+
+	xorq	%r11,%r15
+	rorq	$14,%r13
+	movq	%r11,%r9
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r9
+	addq	%r12,%rbx
+	addq	%r12,%r9
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%r9
+	movq	24(%rsi),%r12
+	movq	%rbx,%r13
+	movq	%r9,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rcx,%rdi
+
+	xorq	%rbx,%r13
+	rorq	$5,%r14
+	xorq	%rdx,%rdi
+
+	movq	%r12,24(%rsp)
+	xorq	%r9,%r14
+	andq	%rbx,%rdi
+
+	rorq	$4,%r13
+	addq	%r8,%r12
+	xorq	%rdx,%rdi
+
+	rorq	$6,%r14
+	xorq	%rbx,%r13
+	addq	%rdi,%r12
+
+	movq	%r9,%rdi
+	addq	(%rbp),%r12
+	xorq	%r9,%r14
+
+	xorq	%r10,%rdi
+	rorq	$14,%r13
+	movq	%r10,%r8
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r8
+	addq	%r12,%rax
+	addq	%r12,%r8
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%r8
+	movq	32(%rsi),%r12
+	movq	%rax,%r13
+	movq	%r8,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rbx,%r15
+
+	xorq	%rax,%r13
+	rorq	$5,%r14
+	xorq	%rcx,%r15
+
+	movq	%r12,32(%rsp)
+	xorq	%r8,%r14
+	andq	%rax,%r15
+
+	rorq	$4,%r13
+	addq	%rdx,%r12
+	xorq	%rcx,%r15
+
+	rorq	$6,%r14
+	xorq	%rax,%r13
+	addq	%r15,%r12
+
+	movq	%r8,%r15
+	addq	(%rbp),%r12
+	xorq	%r8,%r14
+
+	xorq	%r9,%r15
+	rorq	$14,%r13
+	movq	%r9,%rdx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rdx
+	addq	%r12,%r11
+	addq	%r12,%rdx
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%rdx
+	movq	40(%rsi),%r12
+	movq	%r11,%r13
+	movq	%rdx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rax,%rdi
+
+	xorq	%r11,%r13
+	rorq	$5,%r14
+	xorq	%rbx,%rdi
+
+	movq	%r12,40(%rsp)
+	xorq	%rdx,%r14
+	andq	%r11,%rdi
+
+	rorq	$4,%r13
+	addq	%rcx,%r12
+	xorq	%rbx,%rdi
+
+	rorq	$6,%r14
+	xorq	%r11,%r13
+	addq	%rdi,%r12
+
+	movq	%rdx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rdx,%r14
+
+	xorq	%r8,%rdi
+	rorq	$14,%r13
+	movq	%r8,%rcx
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rcx
+	addq	%r12,%r10
+	addq	%r12,%rcx
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%rcx
+	movq	48(%rsi),%r12
+	movq	%r10,%r13
+	movq	%rcx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r11,%r15
+
+	xorq	%r10,%r13
+	rorq	$5,%r14
+	xorq	%rax,%r15
+
+	movq	%r12,48(%rsp)
+	xorq	%rcx,%r14
+	andq	%r10,%r15
+
+	rorq	$4,%r13
+	addq	%rbx,%r12
+	xorq	%rax,%r15
+
+	rorq	$6,%r14
+	xorq	%r10,%r13
+	addq	%r15,%r12
+
+	movq	%rcx,%r15
+	addq	(%rbp),%r12
+	xorq	%rcx,%r14
+
+	xorq	%rdx,%r15
+	rorq	$14,%r13
+	movq	%rdx,%rbx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rbx
+	addq	%r12,%r9
+	addq	%r12,%rbx
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%rbx
+	movq	56(%rsi),%r12
+	movq	%r9,%r13
+	movq	%rbx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r10,%rdi
+
+	xorq	%r9,%r13
+	rorq	$5,%r14
+	xorq	%r11,%rdi
+
+	movq	%r12,56(%rsp)
+	xorq	%rbx,%r14
+	andq	%r9,%rdi
+
+	rorq	$4,%r13
+	addq	%rax,%r12
+	xorq	%r11,%rdi
+
+	rorq	$6,%r14
+	xorq	%r9,%r13
+	addq	%rdi,%r12
+
+	movq	%rbx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rbx,%r14
+
+	xorq	%rcx,%rdi
+	rorq	$14,%r13
+	movq	%rcx,%rax
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rax
+	addq	%r12,%r8
+	addq	%r12,%rax
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%rax
+	movq	64(%rsi),%r12
+	movq	%r8,%r13
+	movq	%rax,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r9,%r15
+
+	xorq	%r8,%r13
+	rorq	$5,%r14
+	xorq	%r10,%r15
+
+	movq	%r12,64(%rsp)
+	xorq	%rax,%r14
+	andq	%r8,%r15
+
+	rorq	$4,%r13
+	addq	%r11,%r12
+	xorq	%r10,%r15
+
+	rorq	$6,%r14
+	xorq	%r8,%r13
+	addq	%r15,%r12
+
+	movq	%rax,%r15
+	addq	(%rbp),%r12
+	xorq	%rax,%r14
+
+	xorq	%rbx,%r15
+	rorq	$14,%r13
+	movq	%rbx,%r11
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r11
+	addq	%r12,%rdx
+	addq	%r12,%r11
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%r11
+	movq	72(%rsi),%r12
+	movq	%rdx,%r13
+	movq	%r11,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r8,%rdi
+
+	xorq	%rdx,%r13
+	rorq	$5,%r14
+	xorq	%r9,%rdi
+
+	movq	%r12,72(%rsp)
+	xorq	%r11,%r14
+	andq	%rdx,%rdi
+
+	rorq	$4,%r13
+	addq	%r10,%r12
+	xorq	%r9,%rdi
+
+	rorq	$6,%r14
+	xorq	%rdx,%r13
+	addq	%rdi,%r12
+
+	movq	%r11,%rdi
+	addq	(%rbp),%r12
+	xorq	%r11,%r14
+
+	xorq	%rax,%rdi
+	rorq	$14,%r13
+	movq	%rax,%r10
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r10
+	addq	%r12,%rcx
+	addq	%r12,%r10
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%r10
+	movq	80(%rsi),%r12
+	movq	%rcx,%r13
+	movq	%r10,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rdx,%r15
+
+	xorq	%rcx,%r13
+	rorq	$5,%r14
+	xorq	%r8,%r15
+
+	movq	%r12,80(%rsp)
+	xorq	%r10,%r14
+	andq	%rcx,%r15
+
+	rorq	$4,%r13
+	addq	%r9,%r12
+	xorq	%r8,%r15
+
+	rorq	$6,%r14
+	xorq	%rcx,%r13
+	addq	%r15,%r12
+
+	movq	%r10,%r15
+	addq	(%rbp),%r12
+	xorq	%r10,%r14
+
+	xorq	%r11,%r15
+	rorq	$14,%r13
+	movq	%r11,%r9
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r9
+	addq	%r12,%rbx
+	addq	%r12,%r9
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%r9
+	movq	88(%rsi),%r12
+	movq	%rbx,%r13
+	movq	%r9,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rcx,%rdi
+
+	xorq	%rbx,%r13
+	rorq	$5,%r14
+	xorq	%rdx,%rdi
+
+	movq	%r12,88(%rsp)
+	xorq	%r9,%r14
+	andq	%rbx,%rdi
+
+	rorq	$4,%r13
+	addq	%r8,%r12
+	xorq	%rdx,%rdi
+
+	rorq	$6,%r14
+	xorq	%rbx,%r13
+	addq	%rdi,%r12
+
+	movq	%r9,%rdi
+	addq	(%rbp),%r12
+	xorq	%r9,%r14
+
+	xorq	%r10,%rdi
+	rorq	$14,%r13
+	movq	%r10,%r8
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r8
+	addq	%r12,%rax
+	addq	%r12,%r8
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%r8
+	movq	96(%rsi),%r12
+	movq	%rax,%r13
+	movq	%r8,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rbx,%r15
+
+	xorq	%rax,%r13
+	rorq	$5,%r14
+	xorq	%rcx,%r15
+
+	movq	%r12,96(%rsp)
+	xorq	%r8,%r14
+	andq	%rax,%r15
+
+	rorq	$4,%r13
+	addq	%rdx,%r12
+	xorq	%rcx,%r15
+
+	rorq	$6,%r14
+	xorq	%rax,%r13
+	addq	%r15,%r12
+
+	movq	%r8,%r15
+	addq	(%rbp),%r12
+	xorq	%r8,%r14
+
+	xorq	%r9,%r15
+	rorq	$14,%r13
+	movq	%r9,%rdx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rdx
+	addq	%r12,%r11
+	addq	%r12,%rdx
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%rdx
+	movq	104(%rsi),%r12
+	movq	%r11,%r13
+	movq	%rdx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rax,%rdi
+
+	xorq	%r11,%r13
+	rorq	$5,%r14
+	xorq	%rbx,%rdi
+
+	movq	%r12,104(%rsp)
+	xorq	%rdx,%r14
+	andq	%r11,%rdi
+
+	rorq	$4,%r13
+	addq	%rcx,%r12
+	xorq	%rbx,%rdi
+
+	rorq	$6,%r14
+	xorq	%r11,%r13
+	addq	%rdi,%r12
+
+	movq	%rdx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rdx,%r14
+
+	xorq	%r8,%rdi
+	rorq	$14,%r13
+	movq	%r8,%rcx
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rcx
+	addq	%r12,%r10
+	addq	%r12,%rcx
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%rcx
+	movq	112(%rsi),%r12
+	movq	%r10,%r13
+	movq	%rcx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r11,%r15
+
+	xorq	%r10,%r13
+	rorq	$5,%r14
+	xorq	%rax,%r15
+
+	movq	%r12,112(%rsp)
+	xorq	%rcx,%r14
+	andq	%r10,%r15
+
+	rorq	$4,%r13
+	addq	%rbx,%r12
+	xorq	%rax,%r15
+
+	rorq	$6,%r14
+	xorq	%r10,%r13
+	addq	%r15,%r12
+
+	movq	%rcx,%r15
+	addq	(%rbp),%r12
+	xorq	%rcx,%r14
+
+	xorq	%rdx,%r15
+	rorq	$14,%r13
+	movq	%rdx,%rbx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rbx
+	addq	%r12,%r9
+	addq	%r12,%rbx
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%rbx
+	movq	120(%rsi),%r12
+	movq	%r9,%r13
+	movq	%rbx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r10,%rdi
+
+	xorq	%r9,%r13
+	rorq	$5,%r14
+	xorq	%r11,%rdi
+
+	movq	%r12,120(%rsp)
+	xorq	%rbx,%r14
+	andq	%r9,%rdi
+
+	rorq	$4,%r13
+	addq	%rax,%r12
+	xorq	%r11,%rdi
+
+	rorq	$6,%r14
+	xorq	%r9,%r13
+	addq	%rdi,%r12
+
+	movq	%rbx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rbx,%r14
+
+	xorq	%rcx,%rdi
+	rorq	$14,%r13
+	movq	%rcx,%rax
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rax
+	addq	%r12,%r8
+	addq	%r12,%rax
+
+	leaq	24(%rbp),%rbp
+	jmp	.Lrounds_16_xx
+.align	16
+.Lrounds_16_xx:
+	movq	8(%rsp),%r13
+	movq	112(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rax
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	72(%rsp),%r12
+
+	addq	0(%rsp),%r12
+	movq	%r8,%r13
+	addq	%r15,%r12
+	movq	%rax,%r14
+	rorq	$23,%r13
+	movq	%r9,%r15
+
+	xorq	%r8,%r13
+	rorq	$5,%r14
+	xorq	%r10,%r15
+
+	movq	%r12,0(%rsp)
+	xorq	%rax,%r14
+	andq	%r8,%r15
+
+	rorq	$4,%r13
+	addq	%r11,%r12
+	xorq	%r10,%r15
+
+	rorq	$6,%r14
+	xorq	%r8,%r13
+	addq	%r15,%r12
+
+	movq	%rax,%r15
+	addq	(%rbp),%r12
+	xorq	%rax,%r14
+
+	xorq	%rbx,%r15
+	rorq	$14,%r13
+	movq	%rbx,%r11
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r11
+	addq	%r12,%rdx
+	addq	%r12,%r11
+
+	leaq	8(%rbp),%rbp
+	movq	16(%rsp),%r13
+	movq	120(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r11
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	80(%rsp),%r12
+
+	addq	8(%rsp),%r12
+	movq	%rdx,%r13
+	addq	%rdi,%r12
+	movq	%r11,%r14
+	rorq	$23,%r13
+	movq	%r8,%rdi
+
+	xorq	%rdx,%r13
+	rorq	$5,%r14
+	xorq	%r9,%rdi
+
+	movq	%r12,8(%rsp)
+	xorq	%r11,%r14
+	andq	%rdx,%rdi
+
+	rorq	$4,%r13
+	addq	%r10,%r12
+	xorq	%r9,%rdi
+
+	rorq	$6,%r14
+	xorq	%rdx,%r13
+	addq	%rdi,%r12
+
+	movq	%r11,%rdi
+	addq	(%rbp),%r12
+	xorq	%r11,%r14
+
+	xorq	%rax,%rdi
+	rorq	$14,%r13
+	movq	%rax,%r10
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r10
+	addq	%r12,%rcx
+	addq	%r12,%r10
+
+	leaq	24(%rbp),%rbp
+	movq	24(%rsp),%r13
+	movq	0(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r10
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	88(%rsp),%r12
+
+	addq	16(%rsp),%r12
+	movq	%rcx,%r13
+	addq	%r15,%r12
+	movq	%r10,%r14
+	rorq	$23,%r13
+	movq	%rdx,%r15
+
+	xorq	%rcx,%r13
+	rorq	$5,%r14
+	xorq	%r8,%r15
+
+	movq	%r12,16(%rsp)
+	xorq	%r10,%r14
+	andq	%rcx,%r15
+
+	rorq	$4,%r13
+	addq	%r9,%r12
+	xorq	%r8,%r15
+
+	rorq	$6,%r14
+	xorq	%rcx,%r13
+	addq	%r15,%r12
+
+	movq	%r10,%r15
+	addq	(%rbp),%r12
+	xorq	%r10,%r14
+
+	xorq	%r11,%r15
+	rorq	$14,%r13
+	movq	%r11,%r9
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r9
+	addq	%r12,%rbx
+	addq	%r12,%r9
+
+	leaq	8(%rbp),%rbp
+	movq	32(%rsp),%r13
+	movq	8(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r9
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	96(%rsp),%r12
+
+	addq	24(%rsp),%r12
+	movq	%rbx,%r13
+	addq	%rdi,%r12
+	movq	%r9,%r14
+	rorq	$23,%r13
+	movq	%rcx,%rdi
+
+	xorq	%rbx,%r13
+	rorq	$5,%r14
+	xorq	%rdx,%rdi
+
+	movq	%r12,24(%rsp)
+	xorq	%r9,%r14
+	andq	%rbx,%rdi
+
+	rorq	$4,%r13
+	addq	%r8,%r12
+	xorq	%rdx,%rdi
+
+	rorq	$6,%r14
+	xorq	%rbx,%r13
+	addq	%rdi,%r12
+
+	movq	%r9,%rdi
+	addq	(%rbp),%r12
+	xorq	%r9,%r14
+
+	xorq	%r10,%rdi
+	rorq	$14,%r13
+	movq	%r10,%r8
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r8
+	addq	%r12,%rax
+	addq	%r12,%r8
+
+	leaq	24(%rbp),%rbp
+	movq	40(%rsp),%r13
+	movq	16(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r8
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	104(%rsp),%r12
+
+	addq	32(%rsp),%r12
+	movq	%rax,%r13
+	addq	%r15,%r12
+	movq	%r8,%r14
+	rorq	$23,%r13
+	movq	%rbx,%r15
+
+	xorq	%rax,%r13
+	rorq	$5,%r14
+	xorq	%rcx,%r15
+
+	movq	%r12,32(%rsp)
+	xorq	%r8,%r14
+	andq	%rax,%r15
+
+	rorq	$4,%r13
+	addq	%rdx,%r12
+	xorq	%rcx,%r15
+
+	rorq	$6,%r14
+	xorq	%rax,%r13
+	addq	%r15,%r12
+
+	movq	%r8,%r15
+	addq	(%rbp),%r12
+	xorq	%r8,%r14
+
+	xorq	%r9,%r15
+	rorq	$14,%r13
+	movq	%r9,%rdx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rdx
+	addq	%r12,%r11
+	addq	%r12,%rdx
+
+	leaq	8(%rbp),%rbp
+	movq	48(%rsp),%r13
+	movq	24(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rdx
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	112(%rsp),%r12
+
+	addq	40(%rsp),%r12
+	movq	%r11,%r13
+	addq	%rdi,%r12
+	movq	%rdx,%r14
+	rorq	$23,%r13
+	movq	%rax,%rdi
+
+	xorq	%r11,%r13
+	rorq	$5,%r14
+	xorq	%rbx,%rdi
+
+	movq	%r12,40(%rsp)
+	xorq	%rdx,%r14
+	andq	%r11,%rdi
+
+	rorq	$4,%r13
+	addq	%rcx,%r12
+	xorq	%rbx,%rdi
+
+	rorq	$6,%r14
+	xorq	%r11,%r13
+	addq	%rdi,%r12
+
+	movq	%rdx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rdx,%r14
+
+	xorq	%r8,%rdi
+	rorq	$14,%r13
+	movq	%r8,%rcx
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rcx
+	addq	%r12,%r10
+	addq	%r12,%rcx
+
+	leaq	24(%rbp),%rbp
+	movq	56(%rsp),%r13
+	movq	32(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rcx
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	120(%rsp),%r12
+
+	addq	48(%rsp),%r12
+	movq	%r10,%r13
+	addq	%r15,%r12
+	movq	%rcx,%r14
+	rorq	$23,%r13
+	movq	%r11,%r15
+
+	xorq	%r10,%r13
+	rorq	$5,%r14
+	xorq	%rax,%r15
+
+	movq	%r12,48(%rsp)
+	xorq	%rcx,%r14
+	andq	%r10,%r15
+
+	rorq	$4,%r13
+	addq	%rbx,%r12
+	xorq	%rax,%r15
+
+	rorq	$6,%r14
+	xorq	%r10,%r13
+	addq	%r15,%r12
+
+	movq	%rcx,%r15
+	addq	(%rbp),%r12
+	xorq	%rcx,%r14
+
+	xorq	%rdx,%r15
+	rorq	$14,%r13
+	movq	%rdx,%rbx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rbx
+	addq	%r12,%r9
+	addq	%r12,%rbx
+
+	leaq	8(%rbp),%rbp
+	movq	64(%rsp),%r13
+	movq	40(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rbx
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	0(%rsp),%r12
+
+	addq	56(%rsp),%r12
+	movq	%r9,%r13
+	addq	%rdi,%r12
+	movq	%rbx,%r14
+	rorq	$23,%r13
+	movq	%r10,%rdi
+
+	xorq	%r9,%r13
+	rorq	$5,%r14
+	xorq	%r11,%rdi
+
+	movq	%r12,56(%rsp)
+	xorq	%rbx,%r14
+	andq	%r9,%rdi
+
+	rorq	$4,%r13
+	addq	%rax,%r12
+	xorq	%r11,%rdi
+
+	rorq	$6,%r14
+	xorq	%r9,%r13
+	addq	%rdi,%r12
+
+	movq	%rbx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rbx,%r14
+
+	xorq	%rcx,%rdi
+	rorq	$14,%r13
+	movq	%rcx,%rax
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rax
+	addq	%r12,%r8
+	addq	%r12,%rax
+
+	leaq	24(%rbp),%rbp
+	movq	72(%rsp),%r13
+	movq	48(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rax
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	8(%rsp),%r12
+
+	addq	64(%rsp),%r12
+	movq	%r8,%r13
+	addq	%r15,%r12
+	movq	%rax,%r14
+	rorq	$23,%r13
+	movq	%r9,%r15
+
+	xorq	%r8,%r13
+	rorq	$5,%r14
+	xorq	%r10,%r15
+
+	movq	%r12,64(%rsp)
+	xorq	%rax,%r14
+	andq	%r8,%r15
+
+	rorq	$4,%r13
+	addq	%r11,%r12
+	xorq	%r10,%r15
+
+	rorq	$6,%r14
+	xorq	%r8,%r13
+	addq	%r15,%r12
+
+	movq	%rax,%r15
+	addq	(%rbp),%r12
+	xorq	%rax,%r14
+
+	xorq	%rbx,%r15
+	rorq	$14,%r13
+	movq	%rbx,%r11
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r11
+	addq	%r12,%rdx
+	addq	%r12,%r11
+
+	leaq	8(%rbp),%rbp
+	movq	80(%rsp),%r13
+	movq	56(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r11
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	16(%rsp),%r12
+
+	addq	72(%rsp),%r12
+	movq	%rdx,%r13
+	addq	%rdi,%r12
+	movq	%r11,%r14
+	rorq	$23,%r13
+	movq	%r8,%rdi
+
+	xorq	%rdx,%r13
+	rorq	$5,%r14
+	xorq	%r9,%rdi
+
+	movq	%r12,72(%rsp)
+	xorq	%r11,%r14
+	andq	%rdx,%rdi
+
+	rorq	$4,%r13
+	addq	%r10,%r12
+	xorq	%r9,%rdi
+
+	rorq	$6,%r14
+	xorq	%rdx,%r13
+	addq	%rdi,%r12
+
+	movq	%r11,%rdi
+	addq	(%rbp),%r12
+	xorq	%r11,%r14
+
+	xorq	%rax,%rdi
+	rorq	$14,%r13
+	movq	%rax,%r10
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r10
+	addq	%r12,%rcx
+	addq	%r12,%r10
+
+	leaq	24(%rbp),%rbp
+	movq	88(%rsp),%r13
+	movq	64(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r10
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	24(%rsp),%r12
+
+	addq	80(%rsp),%r12
+	movq	%rcx,%r13
+	addq	%r15,%r12
+	movq	%r10,%r14
+	rorq	$23,%r13
+	movq	%rdx,%r15
+
+	xorq	%rcx,%r13
+	rorq	$5,%r14
+	xorq	%r8,%r15
+
+	movq	%r12,80(%rsp)
+	xorq	%r10,%r14
+	andq	%rcx,%r15
+
+	rorq	$4,%r13
+	addq	%r9,%r12
+	xorq	%r8,%r15
+
+	rorq	$6,%r14
+	xorq	%rcx,%r13
+	addq	%r15,%r12
+
+	movq	%r10,%r15
+	addq	(%rbp),%r12
+	xorq	%r10,%r14
+
+	xorq	%r11,%r15
+	rorq	$14,%r13
+	movq	%r11,%r9
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r9
+	addq	%r12,%rbx
+	addq	%r12,%r9
+
+	leaq	8(%rbp),%rbp
+	movq	96(%rsp),%r13
+	movq	72(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r9
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	32(%rsp),%r12
+
+	addq	88(%rsp),%r12
+	movq	%rbx,%r13
+	addq	%rdi,%r12
+	movq	%r9,%r14
+	rorq	$23,%r13
+	movq	%rcx,%rdi
+
+	xorq	%rbx,%r13
+	rorq	$5,%r14
+	xorq	%rdx,%rdi
+
+	movq	%r12,88(%rsp)
+	xorq	%r9,%r14
+	andq	%rbx,%rdi
+
+	rorq	$4,%r13
+	addq	%r8,%r12
+	xorq	%rdx,%rdi
+
+	rorq	$6,%r14
+	xorq	%rbx,%r13
+	addq	%rdi,%r12
+
+	movq	%r9,%rdi
+	addq	(%rbp),%r12
+	xorq	%r9,%r14
+
+	xorq	%r10,%rdi
+	rorq	$14,%r13
+	movq	%r10,%r8
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r8
+	addq	%r12,%rax
+	addq	%r12,%r8
+
+	leaq	24(%rbp),%rbp
+	movq	104(%rsp),%r13
+	movq	80(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r8
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	40(%rsp),%r12
+
+	addq	96(%rsp),%r12
+	movq	%rax,%r13
+	addq	%r15,%r12
+	movq	%r8,%r14
+	rorq	$23,%r13
+	movq	%rbx,%r15
+
+	xorq	%rax,%r13
+	rorq	$5,%r14
+	xorq	%rcx,%r15
+
+	movq	%r12,96(%rsp)
+	xorq	%r8,%r14
+	andq	%rax,%r15
+
+	rorq	$4,%r13
+	addq	%rdx,%r12
+	xorq	%rcx,%r15
+
+	rorq	$6,%r14
+	xorq	%rax,%r13
+	addq	%r15,%r12
+
+	movq	%r8,%r15
+	addq	(%rbp),%r12
+	xorq	%r8,%r14
+
+	xorq	%r9,%r15
+	rorq	$14,%r13
+	movq	%r9,%rdx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rdx
+	addq	%r12,%r11
+	addq	%r12,%rdx
+
+	leaq	8(%rbp),%rbp
+	movq	112(%rsp),%r13
+	movq	88(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rdx
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	48(%rsp),%r12
+
+	addq	104(%rsp),%r12
+	movq	%r11,%r13
+	addq	%rdi,%r12
+	movq	%rdx,%r14
+	rorq	$23,%r13
+	movq	%rax,%rdi
+
+	xorq	%r11,%r13
+	rorq	$5,%r14
+	xorq	%rbx,%rdi
+
+	movq	%r12,104(%rsp)
+	xorq	%rdx,%r14
+	andq	%r11,%rdi
+
+	rorq	$4,%r13
+	addq	%rcx,%r12
+	xorq	%rbx,%rdi
+
+	rorq	$6,%r14
+	xorq	%r11,%r13
+	addq	%rdi,%r12
+
+	movq	%rdx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rdx,%r14
+
+	xorq	%r8,%rdi
+	rorq	$14,%r13
+	movq	%r8,%rcx
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rcx
+	addq	%r12,%r10
+	addq	%r12,%rcx
+
+	leaq	24(%rbp),%rbp
+	movq	120(%rsp),%r13
+	movq	96(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rcx
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	56(%rsp),%r12
+
+	addq	112(%rsp),%r12
+	movq	%r10,%r13
+	addq	%r15,%r12
+	movq	%rcx,%r14
+	rorq	$23,%r13
+	movq	%r11,%r15
+
+	xorq	%r10,%r13
+	rorq	$5,%r14
+	xorq	%rax,%r15
+
+	movq	%r12,112(%rsp)
+	xorq	%rcx,%r14
+	andq	%r10,%r15
+
+	rorq	$4,%r13
+	addq	%rbx,%r12
+	xorq	%rax,%r15
+
+	rorq	$6,%r14
+	xorq	%r10,%r13
+	addq	%r15,%r12
+
+	movq	%rcx,%r15
+	addq	(%rbp),%r12
+	xorq	%rcx,%r14
+
+	xorq	%rdx,%r15
+	rorq	$14,%r13
+	movq	%rdx,%rbx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rbx
+	addq	%r12,%r9
+	addq	%r12,%rbx
+
+	leaq	8(%rbp),%rbp
+	movq	0(%rsp),%r13
+	movq	104(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rbx
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	64(%rsp),%r12
+
+	addq	120(%rsp),%r12
+	movq	%r9,%r13
+	addq	%rdi,%r12
+	movq	%rbx,%r14
+	rorq	$23,%r13
+	movq	%r10,%rdi
+
+	xorq	%r9,%r13
+	rorq	$5,%r14
+	xorq	%r11,%rdi
+
+	movq	%r12,120(%rsp)
+	xorq	%rbx,%r14
+	andq	%r9,%rdi
+
+	rorq	$4,%r13
+	addq	%rax,%r12
+	xorq	%r11,%rdi
+
+	rorq	$6,%r14
+	xorq	%r9,%r13
+	addq	%rdi,%r12
+
+	movq	%rbx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rbx,%r14
+
+	xorq	%rcx,%rdi
+	rorq	$14,%r13
+	movq	%rcx,%rax
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rax
+	addq	%r12,%r8
+	addq	%r12,%rax
+
+	leaq	24(%rbp),%rbp
+	cmpb	$0,7(%rbp)
+	jnz	.Lrounds_16_xx
+
+	movq	128+0(%rsp),%rdi
+	addq	%r14,%rax
+	leaq	128(%rsi),%rsi
+
+	addq	0(%rdi),%rax
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	addq	48(%rdi),%r10
+	addq	56(%rdi),%r11
+
+	cmpq	128+16(%rsp),%rsi
+
+	movq	%rax,0(%rdi)
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+	jb	.Lloop
+
+	movq	152(%rsp),%rsi
+.cfi_def_cfa	%rsi,8
+	movq	-48(%rsi),%r15
+.cfi_restore	%r15
+	movq	-40(%rsi),%r14
+.cfi_restore	%r14
+	movq	-32(%rsi),%r13
+.cfi_restore	%r13
+	movq	-24(%rsi),%r12
+.cfi_restore	%r12
+	movq	-16(%rsi),%rbp
+.cfi_restore	%rbp
+	movq	-8(%rsi),%rbx
+.cfi_restore	%rbx
+	leaq	(%rsi),%rsp
+.cfi_def_cfa_register	%rsp
+.Lepilogue:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	sha512_block_data_order,.-sha512_block_data_order
+.align	64
+.type	K512,@object
+K512:
+.quad	0x428a2f98d728ae22,0x7137449123ef65cd
+.quad	0x428a2f98d728ae22,0x7137449123ef65cd
+.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+.quad	0x3956c25bf348b538,0x59f111f1b605d019
+.quad	0x3956c25bf348b538,0x59f111f1b605d019
+.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+.quad	0xd807aa98a3030242,0x12835b0145706fbe
+.quad	0xd807aa98a3030242,0x12835b0145706fbe
+.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+.quad	0x9bdc06a725c71235,0xc19bf174cf692694
+.quad	0x9bdc06a725c71235,0xc19bf174cf692694
+.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+.quad	0x983e5152ee66dfab,0xa831c66d2db43210
+.quad	0x983e5152ee66dfab,0xa831c66d2db43210
+.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
+.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
+.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
+.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
+.quad	0x06ca6351e003826f,0x142929670a0e6e70
+.quad	0x06ca6351e003826f,0x142929670a0e6e70
+.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
+.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
+.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
+.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
+.quad	0x81c2c92e47edaee6,0x92722c851482353b
+.quad	0x81c2c92e47edaee6,0x92722c851482353b
+.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
+.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
+.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
+.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
+.quad	0xd192e819d6ef5218,0xd69906245565a910
+.quad	0xd192e819d6ef5218,0xd69906245565a910
+.quad	0xf40e35855771202a,0x106aa07032bbd1b8
+.quad	0xf40e35855771202a,0x106aa07032bbd1b8
+.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
+.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
+.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
+.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
+.quad	0x90befffa23631e28,0xa4506cebde82bde9
+.quad	0x90befffa23631e28,0xa4506cebde82bde9
+.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
+.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
+.quad	0xca273eceea26619c,0xd186b8c721c0c207
+.quad	0xca273eceea26619c,0xd186b8c721c0c207
+.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
+.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
+.quad	0x113f9804bef90dae,0x1b710b35131c471b
+.quad	0x113f9804bef90dae,0x1b710b35131c471b
+.quad	0x28db77f523047d84,0x32caab7b40c72493
+.quad	0x28db77f523047d84,0x32caab7b40c72493
+.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+
+.quad	0x0001020304050607,0x08090a0b0c0d0e0f
+.quad	0x0001020304050607,0x08090a0b0c0d0e0f
+.byte	83,72,65,53,49,50,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.type	sha512_block_data_order_xop,@function
+.align	64
+sha512_block_data_order_xop:
+.cfi_startproc	
+.Lxop_shortcut:
+	movq	%rsp,%rax
+.cfi_def_cfa_register	%rax
+	pushq	%rbx
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_offset	%r14,-48
+	pushq	%r15
+.cfi_offset	%r15,-56
+	shlq	$4,%rdx
+	subq	$160,%rsp
+	leaq	(%rsi,%rdx,8),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,128+0(%rsp)
+	movq	%rsi,128+8(%rsp)
+	movq	%rdx,128+16(%rsp)
+	movq	%rax,152(%rsp)
+.cfi_escape	0x0f,0x06,0x77,0x98,0x01,0x06,0x23,0x08
+.Lprologue_xop:
+
+	vzeroupper
+	movq	0(%rdi),%rax
+	movq	8(%rdi),%rbx
+	movq	16(%rdi),%rcx
+	movq	24(%rdi),%rdx
+	movq	32(%rdi),%r8
+	movq	40(%rdi),%r9
+	movq	48(%rdi),%r10
+	movq	56(%rdi),%r11
+	jmp	.Lloop_xop
+.align	16
+.Lloop_xop:
+	vmovdqa	K512+1280(%rip),%xmm11
+	vmovdqu	0(%rsi),%xmm0
+	leaq	K512+128(%rip),%rbp
+	vmovdqu	16(%rsi),%xmm1
+	vmovdqu	32(%rsi),%xmm2
+	vpshufb	%xmm11,%xmm0,%xmm0
+	vmovdqu	48(%rsi),%xmm3
+	vpshufb	%xmm11,%xmm1,%xmm1
+	vmovdqu	64(%rsi),%xmm4
+	vpshufb	%xmm11,%xmm2,%xmm2
+	vmovdqu	80(%rsi),%xmm5
+	vpshufb	%xmm11,%xmm3,%xmm3
+	vmovdqu	96(%rsi),%xmm6
+	vpshufb	%xmm11,%xmm4,%xmm4
+	vmovdqu	112(%rsi),%xmm7
+	vpshufb	%xmm11,%xmm5,%xmm5
+	vpaddq	-128(%rbp),%xmm0,%xmm8
+	vpshufb	%xmm11,%xmm6,%xmm6
+	vpaddq	-96(%rbp),%xmm1,%xmm9
+	vpshufb	%xmm11,%xmm7,%xmm7
+	vpaddq	-64(%rbp),%xmm2,%xmm10
+	vpaddq	-32(%rbp),%xmm3,%xmm11
+	vmovdqa	%xmm8,0(%rsp)
+	vpaddq	0(%rbp),%xmm4,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	vpaddq	32(%rbp),%xmm5,%xmm9
+	vmovdqa	%xmm10,32(%rsp)
+	vpaddq	64(%rbp),%xmm6,%xmm10
+	vmovdqa	%xmm11,48(%rsp)
+	vpaddq	96(%rbp),%xmm7,%xmm11
+	vmovdqa	%xmm8,64(%rsp)
+	movq	%rax,%r14
+	vmovdqa	%xmm9,80(%rsp)
+	movq	%rbx,%rdi
+	vmovdqa	%xmm10,96(%rsp)
+	xorq	%rcx,%rdi
+	vmovdqa	%xmm11,112(%rsp)
+	movq	%r8,%r13
+	jmp	.Lxop_00_47
+
+.align	16
+.Lxop_00_47:
+	addq	$256,%rbp
+	vpalignr	$8,%xmm0,%xmm1,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%rax
+	vpalignr	$8,%xmm4,%xmm5,%xmm11
+	movq	%r9,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%rax,%r14
+	vpaddq	%xmm11,%xmm0,%xmm0
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	0(%rsp),%r11
+	movq	%rax,%r15
+.byte	143,72,120,195,209,7
+	xorq	%r10,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,223,3
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rbx,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm7,%xmm10
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	vpaddq	%xmm8,%xmm0,%xmm0
+	movq	%rdx,%r13
+	addq	%r11,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%r11
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%r8,%r12
+	rorq	$5,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	vpaddq	%xmm11,%xmm0,%xmm0
+	addq	8(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	rorq	$6,%r14
+	vpaddq	-128(%rbp),%xmm0,%xmm10
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	rorq	$28,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	vmovdqa	%xmm10,0(%rsp)
+	vpalignr	$8,%xmm1,%xmm2,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%r10
+	vpalignr	$8,%xmm5,%xmm6,%xmm11
+	movq	%rdx,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%r10,%r14
+	vpaddq	%xmm11,%xmm1,%xmm1
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	16(%rsp),%r9
+	movq	%r10,%r15
+.byte	143,72,120,195,209,7
+	xorq	%r8,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,216,3
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r11,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm0,%xmm10
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	vpaddq	%xmm8,%xmm1,%xmm1
+	movq	%rbx,%r13
+	addq	%r9,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%r9
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%rcx,%r12
+	rorq	$5,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	vpaddq	%xmm11,%xmm1,%xmm1
+	addq	24(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	rorq	$6,%r14
+	vpaddq	-96(%rbp),%xmm1,%xmm10
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	rorq	$28,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	vmovdqa	%xmm10,16(%rsp)
+	vpalignr	$8,%xmm2,%xmm3,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%r8
+	vpalignr	$8,%xmm6,%xmm7,%xmm11
+	movq	%rbx,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%r8,%r14
+	vpaddq	%xmm11,%xmm2,%xmm2
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	32(%rsp),%rdx
+	movq	%r8,%r15
+.byte	143,72,120,195,209,7
+	xorq	%rcx,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,217,3
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r9,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm1,%xmm10
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	vpaddq	%xmm8,%xmm2,%xmm2
+	movq	%r11,%r13
+	addq	%rdx,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%rdx
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%rax,%r12
+	rorq	$5,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	vpaddq	%xmm11,%xmm2,%xmm2
+	addq	40(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	rorq	$6,%r14
+	vpaddq	-64(%rbp),%xmm2,%xmm10
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	rorq	$28,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	vmovdqa	%xmm10,32(%rsp)
+	vpalignr	$8,%xmm3,%xmm4,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%rcx
+	vpalignr	$8,%xmm7,%xmm0,%xmm11
+	movq	%r11,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%rcx,%r14
+	vpaddq	%xmm11,%xmm3,%xmm3
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	48(%rsp),%rbx
+	movq	%rcx,%r15
+.byte	143,72,120,195,209,7
+	xorq	%rax,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,218,3
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rdx,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm2,%xmm10
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	vpaddq	%xmm8,%xmm3,%xmm3
+	movq	%r9,%r13
+	addq	%rbx,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%rbx
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%r10,%r12
+	rorq	$5,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	vpaddq	%xmm11,%xmm3,%xmm3
+	addq	56(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	rorq	$6,%r14
+	vpaddq	-32(%rbp),%xmm3,%xmm10
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	rorq	$28,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	vmovdqa	%xmm10,48(%rsp)
+	vpalignr	$8,%xmm4,%xmm5,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%rax
+	vpalignr	$8,%xmm0,%xmm1,%xmm11
+	movq	%r9,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%rax,%r14
+	vpaddq	%xmm11,%xmm4,%xmm4
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	64(%rsp),%r11
+	movq	%rax,%r15
+.byte	143,72,120,195,209,7
+	xorq	%r10,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,219,3
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rbx,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm3,%xmm10
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	vpaddq	%xmm8,%xmm4,%xmm4
+	movq	%rdx,%r13
+	addq	%r11,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%r11
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%r8,%r12
+	rorq	$5,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	vpaddq	%xmm11,%xmm4,%xmm4
+	addq	72(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	rorq	$6,%r14
+	vpaddq	0(%rbp),%xmm4,%xmm10
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	rorq	$28,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	vmovdqa	%xmm10,64(%rsp)
+	vpalignr	$8,%xmm5,%xmm6,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%r10
+	vpalignr	$8,%xmm1,%xmm2,%xmm11
+	movq	%rdx,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%r10,%r14
+	vpaddq	%xmm11,%xmm5,%xmm5
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	80(%rsp),%r9
+	movq	%r10,%r15
+.byte	143,72,120,195,209,7
+	xorq	%r8,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,220,3
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r11,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm4,%xmm10
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	vpaddq	%xmm8,%xmm5,%xmm5
+	movq	%rbx,%r13
+	addq	%r9,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%r9
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%rcx,%r12
+	rorq	$5,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	vpaddq	%xmm11,%xmm5,%xmm5
+	addq	88(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	rorq	$6,%r14
+	vpaddq	32(%rbp),%xmm5,%xmm10
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	rorq	$28,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	vmovdqa	%xmm10,80(%rsp)
+	vpalignr	$8,%xmm6,%xmm7,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%r8
+	vpalignr	$8,%xmm2,%xmm3,%xmm11
+	movq	%rbx,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%r8,%r14
+	vpaddq	%xmm11,%xmm6,%xmm6
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	96(%rsp),%rdx
+	movq	%r8,%r15
+.byte	143,72,120,195,209,7
+	xorq	%rcx,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,221,3
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r9,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm5,%xmm10
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	vpaddq	%xmm8,%xmm6,%xmm6
+	movq	%r11,%r13
+	addq	%rdx,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%rdx
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%rax,%r12
+	rorq	$5,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	vpaddq	%xmm11,%xmm6,%xmm6
+	addq	104(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	rorq	$6,%r14
+	vpaddq	64(%rbp),%xmm6,%xmm10
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	rorq	$28,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	vmovdqa	%xmm10,96(%rsp)
+	vpalignr	$8,%xmm7,%xmm0,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%rcx
+	vpalignr	$8,%xmm3,%xmm4,%xmm11
+	movq	%r11,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%rcx,%r14
+	vpaddq	%xmm11,%xmm7,%xmm7
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	112(%rsp),%rbx
+	movq	%rcx,%r15
+.byte	143,72,120,195,209,7
+	xorq	%rax,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,222,3
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rdx,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm6,%xmm10
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	vpaddq	%xmm8,%xmm7,%xmm7
+	movq	%r9,%r13
+	addq	%rbx,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%rbx
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%r10,%r12
+	rorq	$5,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	vpaddq	%xmm11,%xmm7,%xmm7
+	addq	120(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	rorq	$6,%r14
+	vpaddq	96(%rbp),%xmm7,%xmm10
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	rorq	$28,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	vmovdqa	%xmm10,112(%rsp)
+	cmpb	$0,135(%rbp)
+	jne	.Lxop_00_47
+	rorq	$23,%r13
+	movq	%r14,%rax
+	movq	%r9,%r12
+	rorq	$5,%r14
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	rorq	$4,%r13
+	xorq	%rax,%r14
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	0(%rsp),%r11
+	movq	%rax,%r15
+	xorq	%r10,%r12
+	rorq	$6,%r14
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	xorq	%rbx,%rdi
+	rorq	$28,%r14
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	rorq	$23,%r13
+	movq	%r14,%r11
+	movq	%r8,%r12
+	rorq	$5,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	rorq	$4,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	addq	8(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	rorq	$6,%r14
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	rorq	$28,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	rorq	$23,%r13
+	movq	%r14,%r10
+	movq	%rdx,%r12
+	rorq	$5,%r14
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	rorq	$4,%r13
+	xorq	%r10,%r14
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	16(%rsp),%r9
+	movq	%r10,%r15
+	xorq	%r8,%r12
+	rorq	$6,%r14
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	xorq	%r11,%rdi
+	rorq	$28,%r14
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	rorq	$23,%r13
+	movq	%r14,%r9
+	movq	%rcx,%r12
+	rorq	$5,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	rorq	$4,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	addq	24(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	rorq	$6,%r14
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	rorq	$28,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	rorq	$23,%r13
+	movq	%r14,%r8
+	movq	%rbx,%r12
+	rorq	$5,%r14
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	rorq	$4,%r13
+	xorq	%r8,%r14
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	32(%rsp),%rdx
+	movq	%r8,%r15
+	xorq	%rcx,%r12
+	rorq	$6,%r14
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	xorq	%r9,%rdi
+	rorq	$28,%r14
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rdx
+	movq	%rax,%r12
+	rorq	$5,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	rorq	$4,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	addq	40(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	rorq	$6,%r14
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	rorq	$28,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rcx
+	movq	%r11,%r12
+	rorq	$5,%r14
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	rorq	$4,%r13
+	xorq	%rcx,%r14
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	48(%rsp),%rbx
+	movq	%rcx,%r15
+	xorq	%rax,%r12
+	rorq	$6,%r14
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	xorq	%rdx,%rdi
+	rorq	$28,%r14
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rbx
+	movq	%r10,%r12
+	rorq	$5,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	rorq	$4,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	addq	56(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	rorq	$6,%r14
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	rorq	$28,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	rorq	$23,%r13
+	movq	%r14,%rax
+	movq	%r9,%r12
+	rorq	$5,%r14
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	rorq	$4,%r13
+	xorq	%rax,%r14
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	64(%rsp),%r11
+	movq	%rax,%r15
+	xorq	%r10,%r12
+	rorq	$6,%r14
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	xorq	%rbx,%rdi
+	rorq	$28,%r14
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	rorq	$23,%r13
+	movq	%r14,%r11
+	movq	%r8,%r12
+	rorq	$5,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	rorq	$4,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	addq	72(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	rorq	$6,%r14
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	rorq	$28,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	rorq	$23,%r13
+	movq	%r14,%r10
+	movq	%rdx,%r12
+	rorq	$5,%r14
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	rorq	$4,%r13
+	xorq	%r10,%r14
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	80(%rsp),%r9
+	movq	%r10,%r15
+	xorq	%r8,%r12
+	rorq	$6,%r14
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	xorq	%r11,%rdi
+	rorq	$28,%r14
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	rorq	$23,%r13
+	movq	%r14,%r9
+	movq	%rcx,%r12
+	rorq	$5,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	rorq	$4,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	addq	88(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	rorq	$6,%r14
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	rorq	$28,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	rorq	$23,%r13
+	movq	%r14,%r8
+	movq	%rbx,%r12
+	rorq	$5,%r14
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	rorq	$4,%r13
+	xorq	%r8,%r14
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	96(%rsp),%rdx
+	movq	%r8,%r15
+	xorq	%rcx,%r12
+	rorq	$6,%r14
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	xorq	%r9,%rdi
+	rorq	$28,%r14
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rdx
+	movq	%rax,%r12
+	rorq	$5,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	rorq	$4,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	addq	104(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	rorq	$6,%r14
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	rorq	$28,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rcx
+	movq	%r11,%r12
+	rorq	$5,%r14
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	rorq	$4,%r13
+	xorq	%rcx,%r14
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	112(%rsp),%rbx
+	movq	%rcx,%r15
+	xorq	%rax,%r12
+	rorq	$6,%r14
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	xorq	%rdx,%rdi
+	rorq	$28,%r14
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rbx
+	movq	%r10,%r12
+	rorq	$5,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	rorq	$4,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	addq	120(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	rorq	$6,%r14
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	rorq	$28,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	movq	128+0(%rsp),%rdi
+	movq	%r14,%rax
+
+	addq	0(%rdi),%rax
+	leaq	128(%rsi),%rsi
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	addq	48(%rdi),%r10
+	addq	56(%rdi),%r11
+
+	cmpq	128+16(%rsp),%rsi
+
+	movq	%rax,0(%rdi)
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+	jb	.Lloop_xop
+
+	movq	152(%rsp),%rsi
+.cfi_def_cfa	%rsi,8
+	vzeroupper
+	movq	-48(%rsi),%r15
+.cfi_restore	%r15
+	movq	-40(%rsi),%r14
+.cfi_restore	%r14
+	movq	-32(%rsi),%r13
+.cfi_restore	%r13
+	movq	-24(%rsi),%r12
+.cfi_restore	%r12
+	movq	-16(%rsi),%rbp
+.cfi_restore	%rbp
+	movq	-8(%rsi),%rbx
+.cfi_restore	%rbx
+	leaq	(%rsi),%rsp
+.cfi_def_cfa_register	%rsp
+.Lepilogue_xop:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	sha512_block_data_order_xop,.-sha512_block_data_order_xop
+.type	sha512_block_data_order_avx,@function
+.align	64
+sha512_block_data_order_avx:
+.cfi_startproc	
+.Lavx_shortcut:
+	movq	%rsp,%rax
+.cfi_def_cfa_register	%rax
+	pushq	%rbx
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_offset	%r14,-48
+	pushq	%r15
+.cfi_offset	%r15,-56
+	shlq	$4,%rdx
+	subq	$160,%rsp
+	leaq	(%rsi,%rdx,8),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,128+0(%rsp)
+	movq	%rsi,128+8(%rsp)
+	movq	%rdx,128+16(%rsp)
+	movq	%rax,152(%rsp)
+.cfi_escape	0x0f,0x06,0x77,0x98,0x01,0x06,0x23,0x08
+.Lprologue_avx:
+
+	vzeroupper
+	movq	0(%rdi),%rax
+	movq	8(%rdi),%rbx
+	movq	16(%rdi),%rcx
+	movq	24(%rdi),%rdx
+	movq	32(%rdi),%r8
+	movq	40(%rdi),%r9
+	movq	48(%rdi),%r10
+	movq	56(%rdi),%r11
+	jmp	.Lloop_avx
+.align	16
+.Lloop_avx:
+	vmovdqa	K512+1280(%rip),%xmm11
+	vmovdqu	0(%rsi),%xmm0
+	leaq	K512+128(%rip),%rbp
+	vmovdqu	16(%rsi),%xmm1
+	vmovdqu	32(%rsi),%xmm2
+	vpshufb	%xmm11,%xmm0,%xmm0
+	vmovdqu	48(%rsi),%xmm3
+	vpshufb	%xmm11,%xmm1,%xmm1
+	vmovdqu	64(%rsi),%xmm4
+	vpshufb	%xmm11,%xmm2,%xmm2
+	vmovdqu	80(%rsi),%xmm5
+	vpshufb	%xmm11,%xmm3,%xmm3
+	vmovdqu	96(%rsi),%xmm6
+	vpshufb	%xmm11,%xmm4,%xmm4
+	vmovdqu	112(%rsi),%xmm7
+	vpshufb	%xmm11,%xmm5,%xmm5
+	vpaddq	-128(%rbp),%xmm0,%xmm8
+	vpshufb	%xmm11,%xmm6,%xmm6
+	vpaddq	-96(%rbp),%xmm1,%xmm9
+	vpshufb	%xmm11,%xmm7,%xmm7
+	vpaddq	-64(%rbp),%xmm2,%xmm10
+	vpaddq	-32(%rbp),%xmm3,%xmm11
+	vmovdqa	%xmm8,0(%rsp)
+	vpaddq	0(%rbp),%xmm4,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	vpaddq	32(%rbp),%xmm5,%xmm9
+	vmovdqa	%xmm10,32(%rsp)
+	vpaddq	64(%rbp),%xmm6,%xmm10
+	vmovdqa	%xmm11,48(%rsp)
+	vpaddq	96(%rbp),%xmm7,%xmm11
+	vmovdqa	%xmm8,64(%rsp)
+	movq	%rax,%r14
+	vmovdqa	%xmm9,80(%rsp)
+	movq	%rbx,%rdi
+	vmovdqa	%xmm10,96(%rsp)
+	xorq	%rcx,%rdi
+	vmovdqa	%xmm11,112(%rsp)
+	movq	%r8,%r13
+	jmp	.Lavx_00_47
+
+.align	16
+.Lavx_00_47:
+	addq	$256,%rbp
+	vpalignr	$8,%xmm0,%xmm1,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rax
+	vpalignr	$8,%xmm4,%xmm5,%xmm11
+	movq	%r9,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	vpaddq	%xmm11,%xmm0,%xmm0
+	shrdq	$4,%r13,%r13
+	xorq	%rax,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	0(%rsp),%r11
+	movq	%rax,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%r10,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rbx,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm7,%xmm11
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	vpsllq	$3,%xmm7,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r11
+	vpaddq	%xmm8,%xmm0,%xmm0
+	movq	%r8,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm7,%xmm9
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%r11,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	8(%rsp),%r10
+	movq	%r11,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%r9,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm0,%xmm0
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	vpaddq	-128(%rbp),%xmm0,%xmm10
+	xorq	%rax,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	vmovdqa	%xmm10,0(%rsp)
+	vpalignr	$8,%xmm1,%xmm2,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r10
+	vpalignr	$8,%xmm5,%xmm6,%xmm11
+	movq	%rdx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	vpaddq	%xmm11,%xmm1,%xmm1
+	shrdq	$4,%r13,%r13
+	xorq	%r10,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	16(%rsp),%r9
+	movq	%r10,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%r8,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r11,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm0,%xmm11
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	vpsllq	$3,%xmm0,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r9
+	vpaddq	%xmm8,%xmm1,%xmm1
+	movq	%rcx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm0,%xmm9
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%r9,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	24(%rsp),%r8
+	movq	%r9,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%rdx,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm1,%xmm1
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	vpaddq	-96(%rbp),%xmm1,%xmm10
+	xorq	%r10,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	vmovdqa	%xmm10,16(%rsp)
+	vpalignr	$8,%xmm2,%xmm3,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r8
+	vpalignr	$8,%xmm6,%xmm7,%xmm11
+	movq	%rbx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	vpaddq	%xmm11,%xmm2,%xmm2
+	shrdq	$4,%r13,%r13
+	xorq	%r8,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	32(%rsp),%rdx
+	movq	%r8,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%rcx,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r9,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm1,%xmm11
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	vpsllq	$3,%xmm1,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rdx
+	vpaddq	%xmm8,%xmm2,%xmm2
+	movq	%rax,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm1,%xmm9
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%rdx,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	40(%rsp),%rcx
+	movq	%rdx,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%rbx,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm2,%xmm2
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	vpaddq	-64(%rbp),%xmm2,%xmm10
+	xorq	%r8,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	vmovdqa	%xmm10,32(%rsp)
+	vpalignr	$8,%xmm3,%xmm4,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rcx
+	vpalignr	$8,%xmm7,%xmm0,%xmm11
+	movq	%r11,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	vpaddq	%xmm11,%xmm3,%xmm3
+	shrdq	$4,%r13,%r13
+	xorq	%rcx,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	48(%rsp),%rbx
+	movq	%rcx,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%rax,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rdx,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm2,%xmm11
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	vpsllq	$3,%xmm2,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rbx
+	vpaddq	%xmm8,%xmm3,%xmm3
+	movq	%r10,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm2,%xmm9
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%rbx,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	56(%rsp),%rax
+	movq	%rbx,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%r11,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm3,%xmm3
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	vpaddq	-32(%rbp),%xmm3,%xmm10
+	xorq	%rcx,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	vmovdqa	%xmm10,48(%rsp)
+	vpalignr	$8,%xmm4,%xmm5,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rax
+	vpalignr	$8,%xmm0,%xmm1,%xmm11
+	movq	%r9,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	vpaddq	%xmm11,%xmm4,%xmm4
+	shrdq	$4,%r13,%r13
+	xorq	%rax,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	64(%rsp),%r11
+	movq	%rax,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%r10,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rbx,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm3,%xmm11
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	vpsllq	$3,%xmm3,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r11
+	vpaddq	%xmm8,%xmm4,%xmm4
+	movq	%r8,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm3,%xmm9
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%r11,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	72(%rsp),%r10
+	movq	%r11,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%r9,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm4,%xmm4
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	vpaddq	0(%rbp),%xmm4,%xmm10
+	xorq	%rax,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	vmovdqa	%xmm10,64(%rsp)
+	vpalignr	$8,%xmm5,%xmm6,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r10
+	vpalignr	$8,%xmm1,%xmm2,%xmm11
+	movq	%rdx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	vpaddq	%xmm11,%xmm5,%xmm5
+	shrdq	$4,%r13,%r13
+	xorq	%r10,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	80(%rsp),%r9
+	movq	%r10,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%r8,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r11,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm4,%xmm11
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	vpsllq	$3,%xmm4,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r9
+	vpaddq	%xmm8,%xmm5,%xmm5
+	movq	%rcx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm4,%xmm9
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%r9,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	88(%rsp),%r8
+	movq	%r9,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%rdx,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm5,%xmm5
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	vpaddq	32(%rbp),%xmm5,%xmm10
+	xorq	%r10,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	vmovdqa	%xmm10,80(%rsp)
+	vpalignr	$8,%xmm6,%xmm7,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r8
+	vpalignr	$8,%xmm2,%xmm3,%xmm11
+	movq	%rbx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	vpaddq	%xmm11,%xmm6,%xmm6
+	shrdq	$4,%r13,%r13
+	xorq	%r8,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	96(%rsp),%rdx
+	movq	%r8,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%rcx,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r9,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm5,%xmm11
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	vpsllq	$3,%xmm5,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rdx
+	vpaddq	%xmm8,%xmm6,%xmm6
+	movq	%rax,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm5,%xmm9
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%rdx,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	104(%rsp),%rcx
+	movq	%rdx,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%rbx,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm6,%xmm6
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	vpaddq	64(%rbp),%xmm6,%xmm10
+	xorq	%r8,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	vmovdqa	%xmm10,96(%rsp)
+	vpalignr	$8,%xmm7,%xmm0,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rcx
+	vpalignr	$8,%xmm3,%xmm4,%xmm11
+	movq	%r11,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	vpaddq	%xmm11,%xmm7,%xmm7
+	shrdq	$4,%r13,%r13
+	xorq	%rcx,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	112(%rsp),%rbx
+	movq	%rcx,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%rax,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rdx,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm6,%xmm11
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	vpsllq	$3,%xmm6,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rbx
+	vpaddq	%xmm8,%xmm7,%xmm7
+	movq	%r10,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm6,%xmm9
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%rbx,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	120(%rsp),%rax
+	movq	%rbx,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%r11,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm7,%xmm7
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	vpaddq	96(%rbp),%xmm7,%xmm10
+	xorq	%rcx,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	vmovdqa	%xmm10,112(%rsp)
+	cmpb	$0,135(%rbp)
+	jne	.Lavx_00_47
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rax
+	movq	%r9,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rax,%r14
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	0(%rsp),%r11
+	movq	%rax,%r15
+	xorq	%r10,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	xorq	%rbx,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r11
+	movq	%r8,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	addq	8(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r10
+	movq	%rdx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r10,%r14
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	16(%rsp),%r9
+	movq	%r10,%r15
+	xorq	%r8,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	xorq	%r11,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r9
+	movq	%rcx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	addq	24(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r8
+	movq	%rbx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r8,%r14
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	32(%rsp),%rdx
+	movq	%r8,%r15
+	xorq	%rcx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	xorq	%r9,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rdx
+	movq	%rax,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	addq	40(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rcx
+	movq	%r11,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rcx,%r14
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	48(%rsp),%rbx
+	movq	%rcx,%r15
+	xorq	%rax,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	xorq	%rdx,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rbx
+	movq	%r10,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	addq	56(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rax
+	movq	%r9,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rax,%r14
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	64(%rsp),%r11
+	movq	%rax,%r15
+	xorq	%r10,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	xorq	%rbx,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r11
+	movq	%r8,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	addq	72(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r10
+	movq	%rdx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r10,%r14
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	80(%rsp),%r9
+	movq	%r10,%r15
+	xorq	%r8,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	xorq	%r11,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r9
+	movq	%rcx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	addq	88(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r8
+	movq	%rbx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r8,%r14
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	96(%rsp),%rdx
+	movq	%r8,%r15
+	xorq	%rcx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	xorq	%r9,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rdx
+	movq	%rax,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	addq	104(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rcx
+	movq	%r11,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rcx,%r14
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	112(%rsp),%rbx
+	movq	%rcx,%r15
+	xorq	%rax,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	xorq	%rdx,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rbx
+	movq	%r10,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	addq	120(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	movq	128+0(%rsp),%rdi
+	movq	%r14,%rax
+
+	addq	0(%rdi),%rax
+	leaq	128(%rsi),%rsi
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	addq	48(%rdi),%r10
+	addq	56(%rdi),%r11
+
+	cmpq	128+16(%rsp),%rsi
+
+	movq	%rax,0(%rdi)
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+	jb	.Lloop_avx
+
+	movq	152(%rsp),%rsi
+.cfi_def_cfa	%rsi,8
+	vzeroupper
+	movq	-48(%rsi),%r15
+.cfi_restore	%r15
+	movq	-40(%rsi),%r14
+.cfi_restore	%r14
+	movq	-32(%rsi),%r13
+.cfi_restore	%r13
+	movq	-24(%rsi),%r12
+.cfi_restore	%r12
+	movq	-16(%rsi),%rbp
+.cfi_restore	%rbp
+	movq	-8(%rsi),%rbx
+.cfi_restore	%rbx
+	leaq	(%rsi),%rsp
+.cfi_def_cfa_register	%rsp
+.Lepilogue_avx:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	sha512_block_data_order_avx,.-sha512_block_data_order_avx
+.type	sha512_block_data_order_avx2,@function
+.align	64
+sha512_block_data_order_avx2:
+.cfi_startproc	
+.Lavx2_shortcut:
+	movq	%rsp,%rax
+.cfi_def_cfa_register	%rax
+	pushq	%rbx
+.cfi_offset	%rbx,-16
+	pushq	%rbp
+.cfi_offset	%rbp,-24
+	pushq	%r12
+.cfi_offset	%r12,-32
+	pushq	%r13
+.cfi_offset	%r13,-40
+	pushq	%r14
+.cfi_offset	%r14,-48
+	pushq	%r15
+.cfi_offset	%r15,-56
+	subq	$1312,%rsp
+	shlq	$4,%rdx
+	andq	$-2048,%rsp
+	leaq	(%rsi,%rdx,8),%rdx
+	addq	$1152,%rsp
+	movq	%rdi,128+0(%rsp)
+	movq	%rsi,128+8(%rsp)
+	movq	%rdx,128+16(%rsp)
+	movq	%rax,152(%rsp)
+.cfi_escape	0x0f,0x06,0x77,0x98,0x01,0x06,0x23,0x08
+.Lprologue_avx2:
+
+	vzeroupper
+	subq	$-128,%rsi
+	movq	0(%rdi),%rax
+	movq	%rsi,%r12
+	movq	8(%rdi),%rbx
+	cmpq	%rdx,%rsi
+	movq	16(%rdi),%rcx
+	cmoveq	%rsp,%r12
+	movq	24(%rdi),%rdx
+	movq	32(%rdi),%r8
+	movq	40(%rdi),%r9
+	movq	48(%rdi),%r10
+	movq	56(%rdi),%r11
+	jmp	.Loop_avx2
+.align	16
+.Loop_avx2:
+	vmovdqu	-128(%rsi),%xmm0
+	vmovdqu	-128+16(%rsi),%xmm1
+	vmovdqu	-128+32(%rsi),%xmm2
+	leaq	K512+128(%rip),%rbp
+	vmovdqu	-128+48(%rsi),%xmm3
+	vmovdqu	-128+64(%rsi),%xmm4
+	vmovdqu	-128+80(%rsi),%xmm5
+	vmovdqu	-128+96(%rsi),%xmm6
+	vmovdqu	-128+112(%rsi),%xmm7
+
+	vmovdqa	1152(%rbp),%ymm10
+	vinserti128	$1,(%r12),%ymm0,%ymm0
+	vinserti128	$1,16(%r12),%ymm1,%ymm1
+	vpshufb	%ymm10,%ymm0,%ymm0
+	vinserti128	$1,32(%r12),%ymm2,%ymm2
+	vpshufb	%ymm10,%ymm1,%ymm1
+	vinserti128	$1,48(%r12),%ymm3,%ymm3
+	vpshufb	%ymm10,%ymm2,%ymm2
+	vinserti128	$1,64(%r12),%ymm4,%ymm4
+	vpshufb	%ymm10,%ymm3,%ymm3
+	vinserti128	$1,80(%r12),%ymm5,%ymm5
+	vpshufb	%ymm10,%ymm4,%ymm4
+	vinserti128	$1,96(%r12),%ymm6,%ymm6
+	vpshufb	%ymm10,%ymm5,%ymm5
+	vinserti128	$1,112(%r12),%ymm7,%ymm7
+
+	vpaddq	-128(%rbp),%ymm0,%ymm8
+	vpshufb	%ymm10,%ymm6,%ymm6
+	vpaddq	-96(%rbp),%ymm1,%ymm9
+	vpshufb	%ymm10,%ymm7,%ymm7
+	vpaddq	-64(%rbp),%ymm2,%ymm10
+	vpaddq	-32(%rbp),%ymm3,%ymm11
+	vmovdqa	%ymm8,0(%rsp)
+	vpaddq	0(%rbp),%ymm4,%ymm8
+	vmovdqa	%ymm9,32(%rsp)
+	vpaddq	32(%rbp),%ymm5,%ymm9
+	vmovdqa	%ymm10,64(%rsp)
+	vpaddq	64(%rbp),%ymm6,%ymm10
+	vmovdqa	%ymm11,96(%rsp)
+
+	movq	152(%rsp),%rdi
+.cfi_def_cfa	%rdi,8
+	leaq	-128(%rsp),%rsp
+
+
+
+	movq	%rdi,-8(%rsp)
+.cfi_escape	0x0f,0x05,0x77,0x78,0x06,0x23,0x08
+	vpaddq	96(%rbp),%ymm7,%ymm11
+	vmovdqa	%ymm8,0(%rsp)
+	xorq	%r14,%r14
+	vmovdqa	%ymm9,32(%rsp)
+	movq	%rbx,%rdi
+	vmovdqa	%ymm10,64(%rsp)
+	xorq	%rcx,%rdi
+	vmovdqa	%ymm11,96(%rsp)
+	movq	%r9,%r12
+	addq	$32*8,%rbp
+	jmp	.Lavx2_00_47
+
+.align	16
+.Lavx2_00_47:
+	leaq	-128(%rsp),%rsp
+.cfi_escape	0x0f,0x06,0x77,0xf8,0x00,0x06,0x23,0x08
+
+	pushq	128-8(%rsp)
+.cfi_escape	0x0f,0x05,0x77,0x00,0x06,0x23,0x08
+	leaq	8(%rsp),%rsp
+.cfi_escape	0x0f,0x05,0x77,0x78,0x06,0x23,0x08
+	vpalignr	$8,%ymm0,%ymm1,%ymm8
+	addq	0+256(%rsp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	vpalignr	$8,%ymm4,%ymm5,%ymm11
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	vpaddq	%ymm11,%ymm0,%ymm0
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	vpsrlq	$6,%ymm7,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	vpsllq	$3,%ymm7,%ymm10
+	vpaddq	%ymm8,%ymm0,%ymm0
+	addq	8+256(%rsp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	vpsrlq	$19,%ymm7,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	vpaddq	%ymm11,%ymm0,%ymm0
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	vpaddq	-128(%rbp),%ymm0,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	vmovdqa	%ymm10,0(%rsp)
+	vpalignr	$8,%ymm1,%ymm2,%ymm8
+	addq	32+256(%rsp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	vpalignr	$8,%ymm5,%ymm6,%ymm11
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	vpaddq	%ymm11,%ymm1,%ymm1
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	vpsrlq	$6,%ymm0,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	vpsllq	$3,%ymm0,%ymm10
+	vpaddq	%ymm8,%ymm1,%ymm1
+	addq	40+256(%rsp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	vpsrlq	$19,%ymm0,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	vpaddq	%ymm11,%ymm1,%ymm1
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	vpaddq	-96(%rbp),%ymm1,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	vmovdqa	%ymm10,32(%rsp)
+	vpalignr	$8,%ymm2,%ymm3,%ymm8
+	addq	64+256(%rsp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	vpalignr	$8,%ymm6,%ymm7,%ymm11
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	vpaddq	%ymm11,%ymm2,%ymm2
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	vpsrlq	$6,%ymm1,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	vpsllq	$3,%ymm1,%ymm10
+	vpaddq	%ymm8,%ymm2,%ymm2
+	addq	72+256(%rsp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	vpsrlq	$19,%ymm1,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	vpaddq	%ymm11,%ymm2,%ymm2
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	vpaddq	-64(%rbp),%ymm2,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	vmovdqa	%ymm10,64(%rsp)
+	vpalignr	$8,%ymm3,%ymm4,%ymm8
+	addq	96+256(%rsp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	vpalignr	$8,%ymm7,%ymm0,%ymm11
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	vpaddq	%ymm11,%ymm3,%ymm3
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	vpsrlq	$6,%ymm2,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	vpsllq	$3,%ymm2,%ymm10
+	vpaddq	%ymm8,%ymm3,%ymm3
+	addq	104+256(%rsp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	vpsrlq	$19,%ymm2,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	vpaddq	%ymm11,%ymm3,%ymm3
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	vpaddq	-32(%rbp),%ymm3,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	vmovdqa	%ymm10,96(%rsp)
+	leaq	-128(%rsp),%rsp
+.cfi_escape	0x0f,0x06,0x77,0xf8,0x00,0x06,0x23,0x08
+
+	pushq	128-8(%rsp)
+.cfi_escape	0x0f,0x05,0x77,0x00,0x06,0x23,0x08
+	leaq	8(%rsp),%rsp
+.cfi_escape	0x0f,0x05,0x77,0x78,0x06,0x23,0x08
+	vpalignr	$8,%ymm4,%ymm5,%ymm8
+	addq	0+256(%rsp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	vpalignr	$8,%ymm0,%ymm1,%ymm11
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	vpaddq	%ymm11,%ymm4,%ymm4
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	vpsrlq	$6,%ymm3,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	vpsllq	$3,%ymm3,%ymm10
+	vpaddq	%ymm8,%ymm4,%ymm4
+	addq	8+256(%rsp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	vpsrlq	$19,%ymm3,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	vpaddq	%ymm11,%ymm4,%ymm4
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	vpaddq	0(%rbp),%ymm4,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	vmovdqa	%ymm10,0(%rsp)
+	vpalignr	$8,%ymm5,%ymm6,%ymm8
+	addq	32+256(%rsp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	vpalignr	$8,%ymm1,%ymm2,%ymm11
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	vpaddq	%ymm11,%ymm5,%ymm5
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	vpsrlq	$6,%ymm4,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	vpsllq	$3,%ymm4,%ymm10
+	vpaddq	%ymm8,%ymm5,%ymm5
+	addq	40+256(%rsp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	vpsrlq	$19,%ymm4,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	vpaddq	%ymm11,%ymm5,%ymm5
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	vpaddq	32(%rbp),%ymm5,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	vmovdqa	%ymm10,32(%rsp)
+	vpalignr	$8,%ymm6,%ymm7,%ymm8
+	addq	64+256(%rsp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	vpalignr	$8,%ymm2,%ymm3,%ymm11
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	vpaddq	%ymm11,%ymm6,%ymm6
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	vpsrlq	$6,%ymm5,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	vpsllq	$3,%ymm5,%ymm10
+	vpaddq	%ymm8,%ymm6,%ymm6
+	addq	72+256(%rsp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	vpsrlq	$19,%ymm5,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	vpaddq	%ymm11,%ymm6,%ymm6
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	vpaddq	64(%rbp),%ymm6,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	vmovdqa	%ymm10,64(%rsp)
+	vpalignr	$8,%ymm7,%ymm0,%ymm8
+	addq	96+256(%rsp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	vpalignr	$8,%ymm3,%ymm4,%ymm11
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	vpaddq	%ymm11,%ymm7,%ymm7
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	vpsrlq	$6,%ymm6,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	vpsllq	$3,%ymm6,%ymm10
+	vpaddq	%ymm8,%ymm7,%ymm7
+	addq	104+256(%rsp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	vpsrlq	$19,%ymm6,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	vpaddq	%ymm11,%ymm7,%ymm7
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	vpaddq	96(%rbp),%ymm7,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	vmovdqa	%ymm10,96(%rsp)
+	leaq	256(%rbp),%rbp
+	cmpb	$0,-121(%rbp)
+	jne	.Lavx2_00_47
+	addq	0+128(%rsp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	addq	8+128(%rsp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	addq	32+128(%rsp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	addq	40+128(%rsp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	addq	64+128(%rsp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	addq	72+128(%rsp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	addq	96+128(%rsp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	addq	104+128(%rsp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	addq	0(%rsp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	addq	8(%rsp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	addq	32(%rsp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	addq	40(%rsp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	addq	64(%rsp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	addq	72(%rsp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	addq	96(%rsp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	addq	104(%rsp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	movq	1280(%rsp),%rdi
+	addq	%r14,%rax
+
+	leaq	1152(%rsp),%rbp
+
+	addq	0(%rdi),%rax
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	addq	48(%rdi),%r10
+	addq	56(%rdi),%r11
+
+	movq	%rax,0(%rdi)
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+
+	cmpq	144(%rbp),%rsi
+	je	.Ldone_avx2
+
+	xorq	%r14,%r14
+	movq	%rbx,%rdi
+	xorq	%rcx,%rdi
+	movq	%r9,%r12
+	jmp	.Lower_avx2
+.align	16
+.Lower_avx2:
+	addq	0+16(%rbp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	addq	8+16(%rbp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	addq	32+16(%rbp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	addq	40+16(%rbp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	addq	64+16(%rbp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	addq	72+16(%rbp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	addq	96+16(%rbp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	addq	104+16(%rbp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	leaq	-128(%rbp),%rbp
+	cmpq	%rsp,%rbp
+	jae	.Lower_avx2
+
+	movq	1280(%rsp),%rdi
+	addq	%r14,%rax
+
+	leaq	1152(%rsp),%rsp
+
+.cfi_escape	0x0f,0x06,0x77,0x98,0x01,0x06,0x23,0x08
+
+	addq	0(%rdi),%rax
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	leaq	256(%rsi),%rsi
+	addq	48(%rdi),%r10
+	movq	%rsi,%r12
+	addq	56(%rdi),%r11
+	cmpq	128+16(%rsp),%rsi
+
+	movq	%rax,0(%rdi)
+	cmoveq	%rsp,%r12
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+
+	jbe	.Loop_avx2
+	leaq	(%rsp),%rbp
+
+
+.cfi_escape	0x0f,0x06,0x76,0x98,0x01,0x06,0x23,0x08
+
+.Ldone_avx2:
+	movq	152(%rbp),%rsi
+.cfi_def_cfa	%rsi,8
+	vzeroupper
+	movq	-48(%rsi),%r15
+.cfi_restore	%r15
+	movq	-40(%rsi),%r14
+.cfi_restore	%r14
+	movq	-32(%rsi),%r13
+.cfi_restore	%r13
+	movq	-24(%rsi),%r12
+.cfi_restore	%r12
+	movq	-16(%rsi),%rbp
+.cfi_restore	%rbp
+	movq	-8(%rsi),%rbx
+.cfi_restore	%rbx
+	leaq	(%rsi),%rsp
+.cfi_def_cfa_register	%rsp
+.Lepilogue_avx2:
+	.byte	0xf3,0xc3
+.cfi_endproc	
+.size	sha512_block_data_order_avx2,.-sha512_block_data_order_avx2
+
+.section .note.GNU-stack,"",%progbits
diff --git a/lib/accelerated/x86/files.mk b/lib/accelerated/x86/files.mk
new file mode 100644
index 0000000..ac1f2b0
--- /dev/null
+++ b/lib/accelerated/x86/files.mk
@@ -0,0 +1,12 @@
+X86_FILES_ELF=elf/aesni-x86.s elf/sha1-ssse3-x86.s elf/sha256-ssse3-x86.s elf/sha512-ssse3-x86.s elf/aes-ssse3-x86.s
+X86_FILES_COFF=coff/aesni-x86.s coff/sha1-ssse3-x86.s coff/sha256-ssse3-x86.s coff/sha512-ssse3-x86.s coff/aes-ssse3-x86.s
+X86_FILES_MACOSX=macosx/aesni-x86.s macosx/sha1-ssse3-x86.s macosx/sha256-ssse3-x86.s macosx/sha512-ssse3-x86.s macosx/aes-ssse3-x86.s
+X86_64_FILES_ELF=elf/aesni-x86_64.s elf/ghash-x86_64.s elf/sha1-ssse3-x86_64.s elf/sha512-ssse3-x86_64.s elf/aes-ssse3-x86_64.s elf/aesni-gcm-x86_64.s elf/sha256-ssse3-x86_64.s
+X86_64_FILES_COFF=coff/aesni-x86_64.s coff/ghash-x86_64.s coff/sha1-ssse3-x86_64.s coff/sha512-ssse3-x86_64.s coff/aes-ssse3-x86_64.s coff/aesni-gcm-x86_64.s coff/sha256-ssse3-x86_64.s
+X86_64_FILES_MACOSX=macosx/aesni-x86_64.s macosx/ghash-x86_64.s macosx/sha1-ssse3-x86_64.s macosx/sha512-ssse3-x86_64.s macosx/aes-ssse3-x86_64.s macosx/aesni-gcm-x86_64.s macosx/sha256-ssse3-x86_64.s
+X86_PADLOCK_FILES_ELF=elf/e_padlock-x86.s
+X86_PADLOCK_FILES_COFF=coff/e_padlock-x86.s
+X86_PADLOCK_FILES_MACOSX=macosx/e_padlock-x86.s
+X86_64_PADLOCK_FILES_ELF=elf/e_padlock-x86_64.s
+X86_64_PADLOCK_FILES_COFF=coff/e_padlock-x86_64.s
+X86_64_PADLOCK_FILES_MACOSX=macosx/e_padlock-x86_64.s
diff --git a/lib/accelerated/x86/hmac-padlock.c b/lib/accelerated/x86/hmac-padlock.c
new file mode 100644
index 0000000..9cb373f
--- /dev/null
+++ b/lib/accelerated/x86/hmac-padlock.c
@@ -0,0 +1,376 @@
+/*
+ * Copyright (C) 2008, 2010-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file provides the backend hash/mac implementation for
+ * VIA Padlock hardware acceleration.
+ */
+
+#include "gnutls_int.h"
+#include <hash_int.h>
+#include "errors.h"
+#include <nettle/sha.h>
+#include <nettle/hmac.h>
+#include <nettle/macros.h>
+#include <nettle/memxor.h>
+#include <aes-padlock.h>
+#include <sha-padlock.h>
+#include <algorithms.h>
+
+#ifdef HAVE_LIBNETTLE
+
+#define IPAD 0x36
+#define OPAD 0x5c
+#define MAX_SHA_DIGEST_SIZE (512/8)
+
+typedef void (*update_func) (void *, size_t, const uint8_t *);
+typedef void (*digest_func) (void *, size_t, uint8_t *);
+typedef void (*set_key_func) (void *, size_t, const uint8_t *);
+
+struct padlock_hmac_ctx {
+	union {
+		struct hmac_sha224_ctx sha224;
+		struct hmac_sha256_ctx sha256;
+		struct hmac_sha384_ctx sha384;
+		struct hmac_sha512_ctx sha512;
+		struct hmac_sha1_ctx sha1;
+	} ctx;
+
+	void *ctx_ptr;
+	gnutls_mac_algorithm_t algo;
+	size_t length;
+	update_func update;
+	digest_func digest;
+	set_key_func setkey;
+};
+
+static void
+padlock_hmac_sha1_set_key(struct hmac_sha1_ctx *ctx,
+			  size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &padlock_sha1, key_length, key);
+}
+
+static void
+padlock_hmac_sha1_update(struct hmac_sha1_ctx *ctx,
+			 size_t length, const uint8_t * data)
+{
+	padlock_sha1_update(&ctx->state, length, data);
+}
+
+static void
+padlock_hmac_sha1_digest(struct hmac_sha1_ctx *ctx,
+			 size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &padlock_sha1, length, digest);
+}
+
+static void
+padlock_hmac_sha256_set_key(struct hmac_sha256_ctx *ctx,
+			    size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &padlock_sha256, key_length, key);
+}
+
+static void
+padlock_hmac_sha256_update(struct hmac_sha256_ctx *ctx,
+			   size_t length, const uint8_t * data)
+{
+	padlock_sha256_update(&ctx->state, length, data);
+}
+
+static void
+padlock_hmac_sha256_digest(struct hmac_sha256_ctx *ctx,
+			   size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &padlock_sha256, length, digest);
+}
+
+static void
+padlock_hmac_sha224_set_key(struct hmac_sha224_ctx *ctx,
+			    size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &padlock_sha224, key_length, key);
+}
+
+static void
+padlock_hmac_sha224_digest(struct hmac_sha224_ctx *ctx,
+			   size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &padlock_sha224, length, digest);
+}
+
+static void
+padlock_hmac_sha384_set_key(struct hmac_sha384_ctx *ctx,
+			    size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &padlock_sha384, key_length, key);
+}
+
+static void
+padlock_hmac_sha384_digest(struct hmac_sha384_ctx *ctx,
+			   size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &padlock_sha384, length, digest);
+}
+
+static void
+padlock_hmac_sha512_set_key(struct hmac_sha512_ctx *ctx,
+			    size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &padlock_sha512, key_length, key);
+}
+
+static void
+padlock_hmac_sha512_update(struct hmac_sha512_ctx *ctx,
+			   size_t length, const uint8_t * data)
+{
+	padlock_sha512_update(&ctx->state, length, data);
+}
+
+static void
+padlock_hmac_sha512_digest(struct hmac_sha512_ctx *ctx,
+			   size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &padlock_sha512, length, digest);
+}
+
+static int
+_hmac_ctx_init(gnutls_mac_algorithm_t algo, struct padlock_hmac_ctx *ctx)
+{
+	switch (algo) {
+	case GNUTLS_MAC_SHA1:
+		ctx->update = (update_func) padlock_hmac_sha1_update;
+		ctx->digest = (digest_func) padlock_hmac_sha1_digest;
+		ctx->setkey = (set_key_func) padlock_hmac_sha1_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha1;
+		ctx->length = SHA1_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA224:
+		ctx->update = (update_func) padlock_hmac_sha256_update;
+		ctx->digest = (digest_func) padlock_hmac_sha224_digest;
+		ctx->setkey = (set_key_func) padlock_hmac_sha224_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha224;
+		ctx->length = SHA224_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA256:
+		ctx->update = (update_func) padlock_hmac_sha256_update;
+		ctx->digest = (digest_func) padlock_hmac_sha256_digest;
+		ctx->setkey = (set_key_func) padlock_hmac_sha256_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha256;
+		ctx->length = SHA256_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA384:
+		ctx->update = (update_func) padlock_hmac_sha512_update;
+		ctx->digest = (digest_func) padlock_hmac_sha384_digest;
+		ctx->setkey = (set_key_func) padlock_hmac_sha384_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha384;
+		ctx->length = SHA384_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA512:
+		ctx->update = (update_func) padlock_hmac_sha512_update;
+		ctx->digest = (digest_func) padlock_hmac_sha512_digest;
+		ctx->setkey = (set_key_func) padlock_hmac_sha512_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha512;
+		ctx->length = SHA512_DIGEST_SIZE;
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return 0;
+}
+
+
+static int wrap_padlock_hmac_init(gnutls_mac_algorithm_t algo, void **_ctx)
+{
+	struct padlock_hmac_ctx *ctx;
+	int ret;
+
+	ctx = gnutls_calloc(1, sizeof(struct padlock_hmac_ctx));
+	if (ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ctx->algo = algo;
+
+	ret = _hmac_ctx_init(algo, ctx);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	*_ctx = ctx;
+
+	return 0;
+}
+
+static void *
+wrap_padlock_hmac_copy(const void *_ctx)
+{
+	struct padlock_hmac_ctx *new_ctx;
+	const struct padlock_hmac_ctx *ctx=_ctx;
+	ptrdiff_t off = (uint8_t *)ctx->ctx_ptr - (uint8_t *)(&ctx->ctx);
+
+	new_ctx = gnutls_malloc(sizeof(struct padlock_hmac_ctx));
+	if (new_ctx == NULL) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	memcpy(new_ctx, ctx, sizeof(*new_ctx));
+	new_ctx->ctx_ptr = (uint8_t *)&new_ctx->ctx + off;
+
+	return new_ctx;
+}
+
+static int
+wrap_padlock_hmac_setkey(void *_ctx, const void *key, size_t keylen)
+{
+	struct padlock_hmac_ctx *ctx = _ctx;
+
+	ctx->setkey(ctx->ctx_ptr, keylen, key);
+
+	return GNUTLS_E_SUCCESS;
+}
+
+static int
+wrap_padlock_hmac_update(void *_ctx, const void *text, size_t textsize)
+{
+	struct padlock_hmac_ctx *ctx = _ctx;
+
+	ctx->update(ctx->ctx_ptr, textsize, text);
+
+	return GNUTLS_E_SUCCESS;
+}
+
+static int
+wrap_padlock_hmac_output(void *src_ctx, void *digest, size_t digestsize)
+{
+	struct padlock_hmac_ctx *ctx;
+	ctx = src_ctx;
+
+	if (digestsize < ctx->length) {
+		gnutls_assert();
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	ctx->digest(ctx->ctx_ptr, digestsize, digest);
+
+	return 0;
+}
+
+static void wrap_padlock_hmac_deinit(void *hd)
+{
+	struct padlock_hmac_ctx *ctx = hd;
+
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+static int
+wrap_padlock_hmac_fast(gnutls_mac_algorithm_t algo,
+		       const void *nonce, size_t nonce_size,
+		       const void *key, size_t key_size, const void *text,
+		       size_t text_size, void *digest)
+{
+	if (algo == GNUTLS_MAC_SHA1 || algo == GNUTLS_MAC_SHA256) {
+		unsigned char *pad;
+		unsigned char pad2[SHA1_DATA_SIZE + MAX_SHA_DIGEST_SIZE];
+		unsigned char hkey[MAX_SHA_DIGEST_SIZE];
+		unsigned int digest_size =
+		    _gnutls_mac_get_algo_len(mac_to_entry(algo));
+
+		if (key_size > SHA1_DATA_SIZE) {
+			wrap_padlock_hash_fast((gnutls_digest_algorithm_t)
+					       algo, key, key_size, hkey);
+			key = hkey;
+			key_size = digest_size;
+		}
+
+		pad = gnutls_malloc(text_size + SHA1_DATA_SIZE);
+		if (pad == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		memset(pad, IPAD, SHA1_DATA_SIZE);
+		memxor(pad, key, key_size);
+
+		memcpy(&pad[SHA1_DATA_SIZE], text, text_size);
+
+		wrap_padlock_hash_fast((gnutls_digest_algorithm_t) algo,
+				       pad, text_size + SHA1_DATA_SIZE,
+				       &pad2[SHA1_DATA_SIZE]);
+
+		zeroize_temp_key(pad, text_size + SHA1_DATA_SIZE);
+		gnutls_free(pad);
+
+		memset(pad2, OPAD, SHA1_DATA_SIZE);
+		memxor(pad2, key, key_size);
+
+		wrap_padlock_hash_fast((gnutls_digest_algorithm_t) algo,
+				       pad2, digest_size + SHA1_DATA_SIZE,
+				       digest);
+
+		zeroize_temp_key(pad2, sizeof(pad2));
+		zeroize_temp_key(hkey, sizeof(hkey));
+	} else {
+		struct padlock_hmac_ctx ctx;
+		int ret;
+
+		ret = _hmac_ctx_init(algo, &ctx);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		ctx.algo = algo;
+
+		wrap_padlock_hmac_setkey(&ctx, key, key_size);
+
+		wrap_padlock_hmac_update(&ctx, text, text_size);
+
+		wrap_padlock_hmac_output(&ctx, digest, ctx.length);
+
+		zeroize_temp_key(&ctx, sizeof(ctx));
+	}
+
+	return 0;
+}
+
+const gnutls_crypto_mac_st _gnutls_hmac_sha_padlock_oneshot = {
+	.init = NULL,
+	.setkey = NULL,
+	.setnonce = NULL,
+	.hash = NULL,
+	.output = NULL,
+	.deinit = NULL,
+	.fast = wrap_padlock_hmac_fast
+};
+
+const gnutls_crypto_mac_st _gnutls_hmac_sha_padlock = {
+	.init = wrap_padlock_hmac_init,
+	.setkey = wrap_padlock_hmac_setkey,
+	.setnonce = NULL,
+	.hash = wrap_padlock_hmac_update,
+	.output = wrap_padlock_hmac_output,
+	.copy = wrap_padlock_hmac_copy,
+	.deinit = wrap_padlock_hmac_deinit,
+	.fast = wrap_padlock_hmac_fast,
+};
+
+#endif				/* HAVE_LIBNETTLE */
diff --git a/lib/accelerated/x86/hmac-x86-ssse3.c b/lib/accelerated/x86/hmac-x86-ssse3.c
new file mode 100644
index 0000000..8a60100
--- /dev/null
+++ b/lib/accelerated/x86/hmac-x86-ssse3.c
@@ -0,0 +1,317 @@
+/*
+ * Copyright (C) 2008, 2010-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file provides the backend hash/mac implementation for
+ * VIA Padlock hardware acceleration.
+ */
+
+#include "gnutls_int.h"
+#include <hash_int.h>
+#include "errors.h"
+#include <nettle/sha.h>
+#include <nettle/hmac.h>
+#include <nettle/macros.h>
+#include <aes-x86.h>
+#include <sha-x86.h>
+#include <algorithms.h>
+
+#ifdef HAVE_LIBNETTLE
+
+typedef void (*update_func) (void *, size_t, const uint8_t *);
+typedef void (*digest_func) (void *, size_t, uint8_t *);
+typedef void (*set_key_func) (void *, size_t, const uint8_t *);
+
+struct x86_hmac_ctx {
+	union {
+		struct hmac_sha1_ctx sha1;
+		struct hmac_sha224_ctx sha224;
+		struct hmac_sha256_ctx sha256;
+		struct hmac_sha384_ctx sha384;
+		struct hmac_sha512_ctx sha512;
+	} ctx;
+
+	void *ctx_ptr;
+	gnutls_mac_algorithm_t algo;
+	size_t length;
+	update_func update;
+	digest_func digest;
+	set_key_func setkey;
+};
+
+static void
+x86_hmac_sha1_set_key(struct hmac_sha1_ctx *ctx,
+			  size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &x86_sha1, key_length, key);
+}
+
+static void
+x86_hmac_sha1_update(struct hmac_sha1_ctx *ctx,
+			 size_t length, const uint8_t * data)
+{
+	x86_sha1_update(&ctx->state, length, data);
+}
+
+static void
+x86_hmac_sha1_digest(struct hmac_sha1_ctx *ctx,
+			 size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &x86_sha1, length, digest);
+}
+
+static void
+x86_hmac_sha256_set_key(struct hmac_sha256_ctx *ctx,
+			    size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &x86_sha256, key_length, key);
+}
+
+static void
+x86_hmac_sha256_update(struct hmac_sha256_ctx *ctx,
+			   size_t length, const uint8_t * data)
+{
+	x86_sha256_update(&ctx->state, length, data);
+}
+
+static void
+x86_hmac_sha256_digest(struct hmac_sha256_ctx *ctx,
+			   size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &x86_sha256, length, digest);
+}
+
+static void
+x86_hmac_sha224_set_key(struct hmac_sha224_ctx *ctx,
+			    size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &x86_sha224, key_length, key);
+}
+
+static void
+x86_hmac_sha224_digest(struct hmac_sha224_ctx *ctx,
+			   size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &x86_sha224, length, digest);
+}
+
+static void
+x86_hmac_sha384_set_key(struct hmac_sha384_ctx *ctx,
+			    size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &x86_sha384, key_length, key);
+}
+
+static void
+x86_hmac_sha384_digest(struct hmac_sha384_ctx *ctx,
+			   size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &x86_sha384, length, digest);
+}
+
+static void
+x86_hmac_sha512_set_key(struct hmac_sha512_ctx *ctx,
+			    size_t key_length, const uint8_t * key)
+{
+	HMAC_SET_KEY(ctx, &x86_sha512, key_length, key);
+}
+
+static void
+x86_hmac_sha512_update(struct hmac_sha512_ctx *ctx,
+			   size_t length, const uint8_t * data)
+{
+	x86_sha512_update(&ctx->state, length, data);
+}
+
+static void
+x86_hmac_sha512_digest(struct hmac_sha512_ctx *ctx,
+			   size_t length, uint8_t * digest)
+{
+	HMAC_DIGEST(ctx, &x86_sha512, length, digest);
+}
+
+static int
+_hmac_ctx_init(gnutls_mac_algorithm_t algo, struct x86_hmac_ctx *ctx)
+{
+	switch (algo) {
+	case GNUTLS_MAC_SHA1:
+		ctx->update = (update_func) x86_hmac_sha1_update;
+		ctx->digest = (digest_func) x86_hmac_sha1_digest;
+		ctx->setkey = (set_key_func) x86_hmac_sha1_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha1;
+		ctx->length = SHA1_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA224:
+		ctx->update = (update_func) x86_hmac_sha256_update;
+		ctx->digest = (digest_func) x86_hmac_sha224_digest;
+		ctx->setkey = (set_key_func) x86_hmac_sha224_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha224;
+		ctx->length = SHA224_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA256:
+		ctx->update = (update_func) x86_hmac_sha256_update;
+		ctx->digest = (digest_func) x86_hmac_sha256_digest;
+		ctx->setkey = (set_key_func) x86_hmac_sha256_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha256;
+		ctx->length = SHA256_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA384:
+		ctx->update = (update_func) x86_hmac_sha512_update;
+		ctx->digest = (digest_func) x86_hmac_sha384_digest;
+		ctx->setkey = (set_key_func) x86_hmac_sha384_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha384;
+		ctx->length = SHA384_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA512:
+		ctx->update = (update_func) x86_hmac_sha512_update;
+		ctx->digest = (digest_func) x86_hmac_sha512_digest;
+		ctx->setkey = (set_key_func) x86_hmac_sha512_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha512;
+		ctx->length = SHA512_DIGEST_SIZE;
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return 0;
+}
+
+
+static int wrap_x86_hmac_init(gnutls_mac_algorithm_t algo, void **_ctx)
+{
+	struct x86_hmac_ctx *ctx;
+	int ret;
+
+	ctx = gnutls_calloc(1, sizeof(struct x86_hmac_ctx));
+	if (ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ctx->algo = algo;
+
+	ret = _hmac_ctx_init(algo, ctx);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	*_ctx = ctx;
+
+	return 0;
+}
+
+static void *
+wrap_x86_hmac_copy(const void *_ctx)
+{
+	struct x86_hmac_ctx *new_ctx;
+	const struct x86_hmac_ctx *ctx=_ctx;
+	ptrdiff_t off = (uint8_t *)ctx->ctx_ptr - (uint8_t *)(&ctx->ctx);
+
+	new_ctx = gnutls_malloc(sizeof(struct x86_hmac_ctx));
+	if (new_ctx == NULL) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	memcpy(new_ctx, ctx, sizeof(*new_ctx));
+	new_ctx->ctx_ptr = (uint8_t *)&new_ctx->ctx + off;
+
+	return new_ctx;
+}
+
+static int
+wrap_x86_hmac_setkey(void *_ctx, const void *key, size_t keylen)
+{
+	struct x86_hmac_ctx *ctx = _ctx;
+
+	ctx->setkey(ctx->ctx_ptr, keylen, key);
+
+	return GNUTLS_E_SUCCESS;
+}
+
+static int
+wrap_x86_hmac_update(void *_ctx, const void *text, size_t textsize)
+{
+	struct x86_hmac_ctx *ctx = _ctx;
+
+	ctx->update(ctx->ctx_ptr, textsize, text);
+
+	return GNUTLS_E_SUCCESS;
+}
+
+static int
+wrap_x86_hmac_output(void *src_ctx, void *digest, size_t digestsize)
+{
+	struct x86_hmac_ctx *ctx;
+	ctx = src_ctx;
+
+	if (digestsize < ctx->length) {
+		gnutls_assert();
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	ctx->digest(ctx->ctx_ptr, digestsize, digest);
+
+	return 0;
+}
+
+static void wrap_x86_hmac_deinit(void *hd)
+{
+	struct x86_hmac_ctx *ctx = hd;
+
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+static int wrap_x86_hmac_fast(gnutls_mac_algorithm_t algo,
+				const void *nonce, size_t nonce_size,
+				const void *key, size_t key_size,
+				const void *text, size_t text_size,
+				void *digest)
+{
+	struct x86_hmac_ctx ctx;
+	int ret;
+
+	ret = _hmac_ctx_init(algo, &ctx);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ctx.setkey(&ctx, key_size, key);
+	ctx.update(&ctx, text_size, text);
+	ctx.digest(&ctx, ctx.length, digest);
+	
+	zeroize_temp_key(&ctx, sizeof(ctx));
+
+	return 0;
+}
+
+const gnutls_crypto_mac_st _gnutls_hmac_sha_x86_ssse3 = {
+	.init = wrap_x86_hmac_init,
+	.setkey = wrap_x86_hmac_setkey,
+	.setnonce = NULL,
+	.hash = wrap_x86_hmac_update,
+	.output = wrap_x86_hmac_output,
+	.copy = wrap_x86_hmac_copy,
+	.deinit = wrap_x86_hmac_deinit,
+	.fast = wrap_x86_hmac_fast,
+};
+
+#endif				/* HAVE_LIBNETTLE */
diff --git a/lib/accelerated/x86/license.txt b/lib/accelerated/x86/license.txt
new file mode 100755
index 0000000..7f7caab
--- /dev/null
+++ b/lib/accelerated/x86/license.txt
@@ -0,0 +1,54 @@
+====================================================================
+Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+project. The module is, however, dual licensed under OpenSSL and
+CRYPTOGAMS licenses depending on where you obtain it. For further
+details see https://www.openssl.org/~appro/cryptogams/.
+====================================================================
+
+Copyright (c) 2006-2012, CRYPTOGAMS by <appro@openssl.org>
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+      *	Redistributions of source code must retain copyright notices,
+	this list of conditions and the following disclaimer.
+
+      *	Redistributions in binary form must reproduce the above
+	copyright notice, this list of conditions and the following
+	disclaimer in the documentation and/or other materials
+	provided with the distribution.
+
+      *	Neither the name of the CRYPTOGAMS nor the names of its
+	copyright holder and contributors may be used to endorse or
+	promote products derived from this software without specific
+	prior written permission.
+
+ALTERNATIVELY, provided that this notice is retained in full, this
+product may be distributed under the terms of the GNU General Public
+License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+those given above.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+######################################################################
+## Constant-time SSSE3 AES core implementation.
+## version 0.1
+##
+## By Mike Hamburg (Stanford University), 2009
+## Public domain.
+##
+## For details see https://shiftleft.org/papers/vector_aes/ and
+## https://crypto.stanford.edu/vpaes/.
diff --git a/lib/accelerated/x86/macosx/aes-ssse3-x86.s b/lib/accelerated/x86/macosx/aes-ssse3-x86.s
new file mode 100644
index 0000000..4be8992
--- /dev/null
+++ b/lib/accelerated/x86/macosx/aes-ssse3-x86.s
@@ -0,0 +1,647 @@
+######################################################################
+## Constant-time SSSE3 AES core implementation.
+## version 0.1
+##
+## By Mike Hamburg (Stanford University), 2009
+## Public domain.
+##
+## For details see http://shiftleft.org/papers/vector_aes/ and
+## http://crypto.stanford.edu/vpaes/.
+#
+# *** This file is auto-generated ***
+#
+.text
+.align	6,0x90
+L_vpaes_consts:
+.long	218628480,235210255,168496130,67568393
+.long	252381056,17041926,33884169,51187212
+.long	252645135,252645135,252645135,252645135
+.long	1512730624,3266504856,1377990664,3401244816
+.long	830229760,1275146365,2969422977,3447763452
+.long	3411033600,2979783055,338359620,2782886510
+.long	4209124096,907596821,221174255,1006095553
+.long	191964160,3799684038,3164090317,1589111125
+.long	182528256,1777043520,2877432650,3265356744
+.long	1874708224,3503451415,3305285752,363511674
+.long	1606117888,3487855781,1093350906,2384367825
+.long	197121,67569157,134941193,202313229
+.long	67569157,134941193,202313229,197121
+.long	134941193,202313229,197121,67569157
+.long	202313229,197121,67569157,134941193
+.long	33619971,100992007,168364043,235736079
+.long	235736079,33619971,100992007,168364043
+.long	168364043,235736079,33619971,100992007
+.long	100992007,168364043,235736079,33619971
+.long	50462976,117835012,185207048,252579084
+.long	252314880,51251460,117574920,184942860
+.long	184682752,252054788,50987272,118359308
+.long	118099200,185467140,251790600,50727180
+.long	2946363062,528716217,1300004225,1881839624
+.long	1532713819,1532713819,1532713819,1532713819
+.long	3602276352,4288629033,3737020424,4153884961
+.long	1354558464,32357713,2958822624,3775749553
+.long	1201988352,132424512,1572796698,503232858
+.long	2213177600,1597421020,4103937655,675398315
+.long	2749646592,4273543773,1511898873,121693092
+.long	3040248576,1103263732,2871565598,1608280554
+.long	2236667136,2588920351,482954393,64377734
+.long	3069987328,291237287,2117370568,3650299247
+.long	533321216,3573750986,2572112006,1401264716
+.long	1339849704,2721158661,548607111,3445553514
+.long	2128193280,3054596040,2183486460,1257083700
+.long	655635200,1165381986,3923443150,2344132524
+.long	190078720,256924420,290342170,357187870
+.long	1610966272,2263057382,4103205268,309794674
+.long	2592527872,2233205587,1335446729,3402964816
+.long	3973531904,3225098121,3002836325,1918774430
+.long	3870401024,2102906079,2284471353,4117666579
+.long	617007872,1021508343,366931923,691083277
+.long	2528395776,3491914898,2968704004,1613121270
+.long	3445188352,3247741094,844474987,4093578302
+.long	651481088,1190302358,1689581232,574775300
+.long	4289380608,206939853,2555985458,2489840491
+.long	2130264064,327674451,3566485037,3349835193
+.long	2470714624,316102159,3636825756,3393945945
+.byte	86,101,99,116,111,114,32,80,101,114,109,117,116,97,116,105
+.byte	111,110,32,65,69,83,32,102,111,114,32,120,56,54,47,83
+.byte	83,83,69,51,44,32,77,105,107,101,32,72,97,109,98,117
+.byte	114,103,32,40,83,116,97,110,102,111,114,100,32,85,110,105
+.byte	118,101,114,115,105,116,121,41,0
+.align	6,0x90
+.align	4
+__vpaes_preheat:
+	addl	(%esp),%ebp
+	movdqa	-48(%ebp),%xmm7
+	movdqa	-16(%ebp),%xmm6
+	ret
+.align	4
+__vpaes_encrypt_core:
+	movl	$16,%ecx
+	movl	240(%edx),%eax
+	movdqa	%xmm6,%xmm1
+	movdqa	(%ebp),%xmm2
+	pandn	%xmm0,%xmm1
+	pand	%xmm6,%xmm0
+	movdqu	(%edx),%xmm5
+.byte	102,15,56,0,208
+	movdqa	16(%ebp),%xmm0
+	pxor	%xmm5,%xmm2
+	psrld	$4,%xmm1
+	addl	$16,%edx
+.byte	102,15,56,0,193
+	leal	192(%ebp),%ebx
+	pxor	%xmm2,%xmm0
+	jmp	L000enc_entry
+.align	4,0x90
+L001enc_loop:
+	movdqa	32(%ebp),%xmm4
+	movdqa	48(%ebp),%xmm0
+.byte	102,15,56,0,226
+.byte	102,15,56,0,195
+	pxor	%xmm5,%xmm4
+	movdqa	64(%ebp),%xmm5
+	pxor	%xmm4,%xmm0
+	movdqa	-64(%ebx,%ecx,1),%xmm1
+.byte	102,15,56,0,234
+	movdqa	80(%ebp),%xmm2
+	movdqa	(%ebx,%ecx,1),%xmm4
+.byte	102,15,56,0,211
+	movdqa	%xmm0,%xmm3
+	pxor	%xmm5,%xmm2
+.byte	102,15,56,0,193
+	addl	$16,%edx
+	pxor	%xmm2,%xmm0
+.byte	102,15,56,0,220
+	addl	$16,%ecx
+	pxor	%xmm0,%xmm3
+.byte	102,15,56,0,193
+	andl	$48,%ecx
+	subl	$1,%eax
+	pxor	%xmm3,%xmm0
+L000enc_entry:
+	movdqa	%xmm6,%xmm1
+	movdqa	-32(%ebp),%xmm5
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm6,%xmm0
+.byte	102,15,56,0,232
+	movdqa	%xmm7,%xmm3
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,217
+	movdqa	%xmm7,%xmm4
+	pxor	%xmm5,%xmm3
+.byte	102,15,56,0,224
+	movdqa	%xmm7,%xmm2
+	pxor	%xmm5,%xmm4
+.byte	102,15,56,0,211
+	movdqa	%xmm7,%xmm3
+	pxor	%xmm0,%xmm2
+.byte	102,15,56,0,220
+	movdqu	(%edx),%xmm5
+	pxor	%xmm1,%xmm3
+	jnz	L001enc_loop
+	movdqa	96(%ebp),%xmm4
+	movdqa	112(%ebp),%xmm0
+.byte	102,15,56,0,226
+	pxor	%xmm5,%xmm4
+.byte	102,15,56,0,195
+	movdqa	64(%ebx,%ecx,1),%xmm1
+	pxor	%xmm4,%xmm0
+.byte	102,15,56,0,193
+	ret
+.align	4
+__vpaes_decrypt_core:
+	leal	608(%ebp),%ebx
+	movl	240(%edx),%eax
+	movdqa	%xmm6,%xmm1
+	movdqa	-64(%ebx),%xmm2
+	pandn	%xmm0,%xmm1
+	movl	%eax,%ecx
+	psrld	$4,%xmm1
+	movdqu	(%edx),%xmm5
+	shll	$4,%ecx
+	pand	%xmm6,%xmm0
+.byte	102,15,56,0,208
+	movdqa	-48(%ebx),%xmm0
+	xorl	$48,%ecx
+.byte	102,15,56,0,193
+	andl	$48,%ecx
+	pxor	%xmm5,%xmm2
+	movdqa	176(%ebp),%xmm5
+	pxor	%xmm2,%xmm0
+	addl	$16,%edx
+	leal	-352(%ebx,%ecx,1),%ecx
+	jmp	L002dec_entry
+.align	4,0x90
+L003dec_loop:
+	movdqa	-32(%ebx),%xmm4
+	movdqa	-16(%ebx),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	(%ebx),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	16(%ebx),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	32(%ebx),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	48(%ebx),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	64(%ebx),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	80(%ebx),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	addl	$16,%edx
+.byte	102,15,58,15,237,12
+	pxor	%xmm1,%xmm0
+	subl	$1,%eax
+L002dec_entry:
+	movdqa	%xmm6,%xmm1
+	movdqa	-32(%ebp),%xmm2
+	pandn	%xmm0,%xmm1
+	pand	%xmm6,%xmm0
+	psrld	$4,%xmm1
+.byte	102,15,56,0,208
+	movdqa	%xmm7,%xmm3
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,217
+	movdqa	%xmm7,%xmm4
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,224
+	pxor	%xmm2,%xmm4
+	movdqa	%xmm7,%xmm2
+.byte	102,15,56,0,211
+	movdqa	%xmm7,%xmm3
+	pxor	%xmm0,%xmm2
+.byte	102,15,56,0,220
+	movdqu	(%edx),%xmm0
+	pxor	%xmm1,%xmm3
+	jnz	L003dec_loop
+	movdqa	96(%ebx),%xmm4
+.byte	102,15,56,0,226
+	pxor	%xmm0,%xmm4
+	movdqa	112(%ebx),%xmm0
+	movdqa	(%ecx),%xmm2
+.byte	102,15,56,0,195
+	pxor	%xmm4,%xmm0
+.byte	102,15,56,0,194
+	ret
+.align	4
+__vpaes_schedule_core:
+	addl	(%esp),%ebp
+	movdqu	(%esi),%xmm0
+	movdqa	320(%ebp),%xmm2
+	movdqa	%xmm0,%xmm3
+	leal	(%ebp),%ebx
+	movdqa	%xmm2,4(%esp)
+	call	__vpaes_schedule_transform
+	movdqa	%xmm0,%xmm7
+	testl	%edi,%edi
+	jnz	L004schedule_am_decrypting
+	movdqu	%xmm0,(%edx)
+	jmp	L005schedule_go
+L004schedule_am_decrypting:
+	movdqa	256(%ebp,%ecx,1),%xmm1
+.byte	102,15,56,0,217
+	movdqu	%xmm3,(%edx)
+	xorl	$48,%ecx
+L005schedule_go:
+	cmpl	$192,%eax
+	ja	L006schedule_256
+	je	L007schedule_192
+L008schedule_128:
+	movl	$10,%eax
+L009loop_schedule_128:
+	call	__vpaes_schedule_round
+	decl	%eax
+	jz	L010schedule_mangle_last
+	call	__vpaes_schedule_mangle
+	jmp	L009loop_schedule_128
+.align	4,0x90
+L007schedule_192:
+	movdqu	8(%esi),%xmm0
+	call	__vpaes_schedule_transform
+	movdqa	%xmm0,%xmm6
+	pxor	%xmm4,%xmm4
+	movhlps	%xmm4,%xmm6
+	movl	$4,%eax
+L011loop_schedule_192:
+	call	__vpaes_schedule_round
+.byte	102,15,58,15,198,8
+	call	__vpaes_schedule_mangle
+	call	__vpaes_schedule_192_smear
+	call	__vpaes_schedule_mangle
+	call	__vpaes_schedule_round
+	decl	%eax
+	jz	L010schedule_mangle_last
+	call	__vpaes_schedule_mangle
+	call	__vpaes_schedule_192_smear
+	jmp	L011loop_schedule_192
+.align	4,0x90
+L006schedule_256:
+	movdqu	16(%esi),%xmm0
+	call	__vpaes_schedule_transform
+	movl	$7,%eax
+L012loop_schedule_256:
+	call	__vpaes_schedule_mangle
+	movdqa	%xmm0,%xmm6
+	call	__vpaes_schedule_round
+	decl	%eax
+	jz	L010schedule_mangle_last
+	call	__vpaes_schedule_mangle
+	pshufd	$255,%xmm0,%xmm0
+	movdqa	%xmm7,20(%esp)
+	movdqa	%xmm6,%xmm7
+	call	L_vpaes_schedule_low_round
+	movdqa	20(%esp),%xmm7
+	jmp	L012loop_schedule_256
+.align	4,0x90
+L010schedule_mangle_last:
+	leal	384(%ebp),%ebx
+	testl	%edi,%edi
+	jnz	L013schedule_mangle_last_dec
+	movdqa	256(%ebp,%ecx,1),%xmm1
+.byte	102,15,56,0,193
+	leal	352(%ebp),%ebx
+	addl	$32,%edx
+L013schedule_mangle_last_dec:
+	addl	$-16,%edx
+	pxor	336(%ebp),%xmm0
+	call	__vpaes_schedule_transform
+	movdqu	%xmm0,(%edx)
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	ret
+.align	4
+__vpaes_schedule_192_smear:
+	pshufd	$128,%xmm6,%xmm1
+	pshufd	$254,%xmm7,%xmm0
+	pxor	%xmm1,%xmm6
+	pxor	%xmm1,%xmm1
+	pxor	%xmm0,%xmm6
+	movdqa	%xmm6,%xmm0
+	movhlps	%xmm1,%xmm6
+	ret
+.align	4
+__vpaes_schedule_round:
+	movdqa	8(%esp),%xmm2
+	pxor	%xmm1,%xmm1
+.byte	102,15,58,15,202,15
+.byte	102,15,58,15,210,15
+	pxor	%xmm1,%xmm7
+	pshufd	$255,%xmm0,%xmm0
+.byte	102,15,58,15,192,1
+	movdqa	%xmm2,8(%esp)
+L_vpaes_schedule_low_round:
+	movdqa	%xmm7,%xmm1
+	pslldq	$4,%xmm7
+	pxor	%xmm1,%xmm7
+	movdqa	%xmm7,%xmm1
+	pslldq	$8,%xmm7
+	pxor	%xmm1,%xmm7
+	pxor	336(%ebp),%xmm7
+	movdqa	-16(%ebp),%xmm4
+	movdqa	-48(%ebp),%xmm5
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm4,%xmm0
+	movdqa	-32(%ebp),%xmm2
+.byte	102,15,56,0,208
+	pxor	%xmm1,%xmm0
+	movdqa	%xmm5,%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm5,%xmm4
+.byte	102,15,56,0,224
+	pxor	%xmm2,%xmm4
+	movdqa	%xmm5,%xmm2
+.byte	102,15,56,0,211
+	pxor	%xmm0,%xmm2
+	movdqa	%xmm5,%xmm3
+.byte	102,15,56,0,220
+	pxor	%xmm1,%xmm3
+	movdqa	32(%ebp),%xmm4
+.byte	102,15,56,0,226
+	movdqa	48(%ebp),%xmm0
+.byte	102,15,56,0,195
+	pxor	%xmm4,%xmm0
+	pxor	%xmm7,%xmm0
+	movdqa	%xmm0,%xmm7
+	ret
+.align	4
+__vpaes_schedule_transform:
+	movdqa	-16(%ebp),%xmm2
+	movdqa	%xmm2,%xmm1
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm2,%xmm0
+	movdqa	(%ebx),%xmm2
+.byte	102,15,56,0,208
+	movdqa	16(%ebx),%xmm0
+.byte	102,15,56,0,193
+	pxor	%xmm2,%xmm0
+	ret
+.align	4
+__vpaes_schedule_mangle:
+	movdqa	%xmm0,%xmm4
+	movdqa	128(%ebp),%xmm5
+	testl	%edi,%edi
+	jnz	L014schedule_mangle_dec
+	addl	$16,%edx
+	pxor	336(%ebp),%xmm4
+.byte	102,15,56,0,229
+	movdqa	%xmm4,%xmm3
+.byte	102,15,56,0,229
+	pxor	%xmm4,%xmm3
+.byte	102,15,56,0,229
+	pxor	%xmm4,%xmm3
+	jmp	L015schedule_mangle_both
+.align	4,0x90
+L014schedule_mangle_dec:
+	movdqa	-16(%ebp),%xmm2
+	leal	416(%ebp),%esi
+	movdqa	%xmm2,%xmm1
+	pandn	%xmm4,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm2,%xmm4
+	movdqa	(%esi),%xmm2
+.byte	102,15,56,0,212
+	movdqa	16(%esi),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+	movdqa	32(%esi),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	48(%esi),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+	movdqa	64(%esi),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	80(%esi),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+	movdqa	96(%esi),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	112(%esi),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+	addl	$-16,%edx
+L015schedule_mangle_both:
+	movdqa	256(%ebp,%ecx,1),%xmm1
+.byte	102,15,56,0,217
+	addl	$-16,%ecx
+	andl	$48,%ecx
+	movdqu	%xmm3,(%edx)
+	ret
+.globl	_vpaes_set_encrypt_key
+.align	4
+_vpaes_set_encrypt_key:
+L_vpaes_set_encrypt_key_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	leal	-56(%esp),%ebx
+	movl	24(%esp),%eax
+	andl	$-16,%ebx
+	movl	28(%esp),%edx
+	xchgl	%esp,%ebx
+	movl	%ebx,48(%esp)
+	movl	%eax,%ebx
+	shrl	$5,%ebx
+	addl	$5,%ebx
+	movl	%ebx,240(%edx)
+	movl	$48,%ecx
+	movl	$0,%edi
+	leal	L_vpaes_consts+0x30-L016pic_point,%ebp
+	call	__vpaes_schedule_core
+L016pic_point:
+	movl	48(%esp),%esp
+	xorl	%eax,%eax
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_vpaes_set_decrypt_key
+.align	4
+_vpaes_set_decrypt_key:
+L_vpaes_set_decrypt_key_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	leal	-56(%esp),%ebx
+	movl	24(%esp),%eax
+	andl	$-16,%ebx
+	movl	28(%esp),%edx
+	xchgl	%esp,%ebx
+	movl	%ebx,48(%esp)
+	movl	%eax,%ebx
+	shrl	$5,%ebx
+	addl	$5,%ebx
+	movl	%ebx,240(%edx)
+	shll	$4,%ebx
+	leal	16(%edx,%ebx,1),%edx
+	movl	$1,%edi
+	movl	%eax,%ecx
+	shrl	$1,%ecx
+	andl	$32,%ecx
+	xorl	$32,%ecx
+	leal	L_vpaes_consts+0x30-L017pic_point,%ebp
+	call	__vpaes_schedule_core
+L017pic_point:
+	movl	48(%esp),%esp
+	xorl	%eax,%eax
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_vpaes_encrypt
+.align	4
+_vpaes_encrypt:
+L_vpaes_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	leal	L_vpaes_consts+0x30-L018pic_point,%ebp
+	call	__vpaes_preheat
+L018pic_point:
+	movl	20(%esp),%esi
+	leal	-56(%esp),%ebx
+	movl	24(%esp),%edi
+	andl	$-16,%ebx
+	movl	28(%esp),%edx
+	xchgl	%esp,%ebx
+	movl	%ebx,48(%esp)
+	movdqu	(%esi),%xmm0
+	call	__vpaes_encrypt_core
+	movdqu	%xmm0,(%edi)
+	movl	48(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_vpaes_decrypt
+.align	4
+_vpaes_decrypt:
+L_vpaes_decrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	leal	L_vpaes_consts+0x30-L019pic_point,%ebp
+	call	__vpaes_preheat
+L019pic_point:
+	movl	20(%esp),%esi
+	leal	-56(%esp),%ebx
+	movl	24(%esp),%edi
+	andl	$-16,%ebx
+	movl	28(%esp),%edx
+	xchgl	%esp,%ebx
+	movl	%ebx,48(%esp)
+	movdqu	(%esi),%xmm0
+	call	__vpaes_decrypt_core
+	movdqu	%xmm0,(%edi)
+	movl	48(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_vpaes_cbc_encrypt
+.align	4
+_vpaes_cbc_encrypt:
+L_vpaes_cbc_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	subl	$16,%eax
+	jc	L020cbc_abort
+	leal	-56(%esp),%ebx
+	movl	36(%esp),%ebp
+	andl	$-16,%ebx
+	movl	40(%esp),%ecx
+	xchgl	%esp,%ebx
+	movdqu	(%ebp),%xmm1
+	subl	%esi,%edi
+	movl	%ebx,48(%esp)
+	movl	%edi,(%esp)
+	movl	%edx,4(%esp)
+	movl	%ebp,8(%esp)
+	movl	%eax,%edi
+	leal	L_vpaes_consts+0x30-L021pic_point,%ebp
+	call	__vpaes_preheat
+L021pic_point:
+	cmpl	$0,%ecx
+	je	L022cbc_dec_loop
+	jmp	L023cbc_enc_loop
+.align	4,0x90
+L023cbc_enc_loop:
+	movdqu	(%esi),%xmm0
+	pxor	%xmm1,%xmm0
+	call	__vpaes_encrypt_core
+	movl	(%esp),%ebx
+	movl	4(%esp),%edx
+	movdqa	%xmm0,%xmm1
+	movdqu	%xmm0,(%ebx,%esi,1)
+	leal	16(%esi),%esi
+	subl	$16,%edi
+	jnc	L023cbc_enc_loop
+	jmp	L024cbc_done
+.align	4,0x90
+L022cbc_dec_loop:
+	movdqu	(%esi),%xmm0
+	movdqa	%xmm1,16(%esp)
+	movdqa	%xmm0,32(%esp)
+	call	__vpaes_decrypt_core
+	movl	(%esp),%ebx
+	movl	4(%esp),%edx
+	pxor	16(%esp),%xmm0
+	movdqa	32(%esp),%xmm1
+	movdqu	%xmm0,(%ebx,%esi,1)
+	leal	16(%esi),%esi
+	subl	$16,%edi
+	jnc	L022cbc_dec_loop
+L024cbc_done:
+	movl	8(%esp),%ebx
+	movl	48(%esp),%esp
+	movdqu	%xmm1,(%ebx)
+L020cbc_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+
diff --git a/lib/accelerated/x86/macosx/aes-ssse3-x86_64.s b/lib/accelerated/x86/macosx/aes-ssse3-x86_64.s
new file mode 100644
index 0000000..3d5c652
--- /dev/null
+++ b/lib/accelerated/x86/macosx/aes-ssse3-x86_64.s
@@ -0,0 +1,866 @@
+######################################################################
+## Constant-time SSSE3 AES core implementation.
+## version 0.1
+##
+## By Mike Hamburg (Stanford University), 2009
+## Public domain.
+##
+## For details see http://shiftleft.org/papers/vector_aes/ and
+## http://crypto.stanford.edu/vpaes/.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.p2align	4
+_vpaes_encrypt_core:
+
+	movq	%rdx,%r9
+	movq	$16,%r11
+	movl	240(%rdx),%eax
+	movdqa	%xmm9,%xmm1
+	movdqa	L$k_ipt(%rip),%xmm2
+	pandn	%xmm0,%xmm1
+	movdqu	(%r9),%xmm5
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+.byte	102,15,56,0,208
+	movdqa	L$k_ipt+16(%rip),%xmm0
+.byte	102,15,56,0,193
+	pxor	%xmm5,%xmm2
+	addq	$16,%r9
+	pxor	%xmm2,%xmm0
+	leaq	L$k_mc_backward(%rip),%r10
+	jmp	L$enc_entry
+
+.p2align	4
+L$enc_loop:
+
+	movdqa	%xmm13,%xmm4
+	movdqa	%xmm12,%xmm0
+.byte	102,15,56,0,226
+.byte	102,15,56,0,195
+	pxor	%xmm5,%xmm4
+	movdqa	%xmm15,%xmm5
+	pxor	%xmm4,%xmm0
+	movdqa	-64(%r11,%r10,1),%xmm1
+.byte	102,15,56,0,234
+	movdqa	(%r11,%r10,1),%xmm4
+	movdqa	%xmm14,%xmm2
+.byte	102,15,56,0,211
+	movdqa	%xmm0,%xmm3
+	pxor	%xmm5,%xmm2
+.byte	102,15,56,0,193
+	addq	$16,%r9
+	pxor	%xmm2,%xmm0
+.byte	102,15,56,0,220
+	addq	$16,%r11
+	pxor	%xmm0,%xmm3
+.byte	102,15,56,0,193
+	andq	$0x30,%r11
+	subq	$1,%rax
+	pxor	%xmm3,%xmm0
+
+L$enc_entry:
+
+	movdqa	%xmm9,%xmm1
+	movdqa	%xmm11,%xmm5
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+.byte	102,15,56,0,232
+	movdqa	%xmm10,%xmm3
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,217
+	movdqa	%xmm10,%xmm4
+	pxor	%xmm5,%xmm3
+.byte	102,15,56,0,224
+	movdqa	%xmm10,%xmm2
+	pxor	%xmm5,%xmm4
+.byte	102,15,56,0,211
+	movdqa	%xmm10,%xmm3
+	pxor	%xmm0,%xmm2
+.byte	102,15,56,0,220
+	movdqu	(%r9),%xmm5
+	pxor	%xmm1,%xmm3
+	jnz	L$enc_loop
+
+
+	movdqa	-96(%r10),%xmm4
+	movdqa	-80(%r10),%xmm0
+.byte	102,15,56,0,226
+	pxor	%xmm5,%xmm4
+.byte	102,15,56,0,195
+	movdqa	64(%r11,%r10,1),%xmm1
+	pxor	%xmm4,%xmm0
+.byte	102,15,56,0,193
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+
+.p2align	4
+_vpaes_decrypt_core:
+
+	movq	%rdx,%r9
+	movl	240(%rdx),%eax
+	movdqa	%xmm9,%xmm1
+	movdqa	L$k_dipt(%rip),%xmm2
+	pandn	%xmm0,%xmm1
+	movq	%rax,%r11
+	psrld	$4,%xmm1
+	movdqu	(%r9),%xmm5
+	shlq	$4,%r11
+	pand	%xmm9,%xmm0
+.byte	102,15,56,0,208
+	movdqa	L$k_dipt+16(%rip),%xmm0
+	xorq	$0x30,%r11
+	leaq	L$k_dsbd(%rip),%r10
+.byte	102,15,56,0,193
+	andq	$0x30,%r11
+	pxor	%xmm5,%xmm2
+	movdqa	L$k_mc_forward+48(%rip),%xmm5
+	pxor	%xmm2,%xmm0
+	addq	$16,%r9
+	addq	%r10,%r11
+	jmp	L$dec_entry
+
+.p2align	4
+L$dec_loop:
+
+
+
+	movdqa	-32(%r10),%xmm4
+	movdqa	-16(%r10),%xmm1
+.byte	102,15,56,0,226
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	0(%r10),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	16(%r10),%xmm1
+
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	32(%r10),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	48(%r10),%xmm1
+
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	movdqa	64(%r10),%xmm4
+	pxor	%xmm1,%xmm0
+	movdqa	80(%r10),%xmm1
+
+.byte	102,15,56,0,226
+.byte	102,15,56,0,197
+.byte	102,15,56,0,203
+	pxor	%xmm4,%xmm0
+	addq	$16,%r9
+.byte	102,15,58,15,237,12
+	pxor	%xmm1,%xmm0
+	subq	$1,%rax
+
+L$dec_entry:
+
+	movdqa	%xmm9,%xmm1
+	pandn	%xmm0,%xmm1
+	movdqa	%xmm11,%xmm2
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+.byte	102,15,56,0,208
+	movdqa	%xmm10,%xmm3
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,217
+	movdqa	%xmm10,%xmm4
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,224
+	pxor	%xmm2,%xmm4
+	movdqa	%xmm10,%xmm2
+.byte	102,15,56,0,211
+	movdqa	%xmm10,%xmm3
+	pxor	%xmm0,%xmm2
+.byte	102,15,56,0,220
+	movdqu	(%r9),%xmm0
+	pxor	%xmm1,%xmm3
+	jnz	L$dec_loop
+
+
+	movdqa	96(%r10),%xmm4
+.byte	102,15,56,0,226
+	pxor	%xmm0,%xmm4
+	movdqa	112(%r10),%xmm0
+	movdqa	-352(%r11),%xmm2
+.byte	102,15,56,0,195
+	pxor	%xmm4,%xmm0
+.byte	102,15,56,0,194
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+
+.p2align	4
+_vpaes_schedule_core:
+
+
+
+
+
+
+	call	_vpaes_preheat
+	movdqa	L$k_rcon(%rip),%xmm8
+	movdqu	(%rdi),%xmm0
+
+
+	movdqa	%xmm0,%xmm3
+	leaq	L$k_ipt(%rip),%r11
+	call	_vpaes_schedule_transform
+	movdqa	%xmm0,%xmm7
+
+	leaq	L$k_sr(%rip),%r10
+	testq	%rcx,%rcx
+	jnz	L$schedule_am_decrypting
+
+
+	movdqu	%xmm0,(%rdx)
+	jmp	L$schedule_go
+
+L$schedule_am_decrypting:
+
+	movdqa	(%r8,%r10,1),%xmm1
+.byte	102,15,56,0,217
+	movdqu	%xmm3,(%rdx)
+	xorq	$0x30,%r8
+
+L$schedule_go:
+	cmpl	$192,%esi
+	ja	L$schedule_256
+	je	L$schedule_192
+
+
+
+
+
+
+
+
+
+
+L$schedule_128:
+	movl	$10,%esi
+
+L$oop_schedule_128:
+	call	_vpaes_schedule_round
+	decq	%rsi
+	jz	L$schedule_mangle_last
+	call	_vpaes_schedule_mangle
+	jmp	L$oop_schedule_128
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.p2align	4
+L$schedule_192:
+	movdqu	8(%rdi),%xmm0
+	call	_vpaes_schedule_transform
+	movdqa	%xmm0,%xmm6
+	pxor	%xmm4,%xmm4
+	movhlps	%xmm4,%xmm6
+	movl	$4,%esi
+
+L$oop_schedule_192:
+	call	_vpaes_schedule_round
+.byte	102,15,58,15,198,8
+	call	_vpaes_schedule_mangle
+	call	_vpaes_schedule_192_smear
+	call	_vpaes_schedule_mangle
+	call	_vpaes_schedule_round
+	decq	%rsi
+	jz	L$schedule_mangle_last
+	call	_vpaes_schedule_mangle
+	call	_vpaes_schedule_192_smear
+	jmp	L$oop_schedule_192
+
+
+
+
+
+
+
+
+
+
+
+.p2align	4
+L$schedule_256:
+	movdqu	16(%rdi),%xmm0
+	call	_vpaes_schedule_transform
+	movl	$7,%esi
+
+L$oop_schedule_256:
+	call	_vpaes_schedule_mangle
+	movdqa	%xmm0,%xmm6
+
+
+	call	_vpaes_schedule_round
+	decq	%rsi
+	jz	L$schedule_mangle_last
+	call	_vpaes_schedule_mangle
+
+
+	pshufd	$0xFF,%xmm0,%xmm0
+	movdqa	%xmm7,%xmm5
+	movdqa	%xmm6,%xmm7
+	call	_vpaes_schedule_low_round
+	movdqa	%xmm5,%xmm7
+
+	jmp	L$oop_schedule_256
+
+
+
+
+
+
+
+
+
+
+
+
+.p2align	4
+L$schedule_mangle_last:
+
+	leaq	L$k_deskew(%rip),%r11
+	testq	%rcx,%rcx
+	jnz	L$schedule_mangle_last_dec
+
+
+	movdqa	(%r8,%r10,1),%xmm1
+.byte	102,15,56,0,193
+	leaq	L$k_opt(%rip),%r11
+	addq	$32,%rdx
+
+L$schedule_mangle_last_dec:
+	addq	$-16,%rdx
+	pxor	L$k_s63(%rip),%xmm0
+	call	_vpaes_schedule_transform
+	movdqu	%xmm0,(%rdx)
+
+
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.p2align	4
+_vpaes_schedule_192_smear:
+
+	pshufd	$0x80,%xmm6,%xmm1
+	pshufd	$0xFE,%xmm7,%xmm0
+	pxor	%xmm1,%xmm6
+	pxor	%xmm1,%xmm1
+	pxor	%xmm0,%xmm6
+	movdqa	%xmm6,%xmm0
+	movhlps	%xmm1,%xmm6
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.p2align	4
+_vpaes_schedule_round:
+
+
+	pxor	%xmm1,%xmm1
+.byte	102,65,15,58,15,200,15
+.byte	102,69,15,58,15,192,15
+	pxor	%xmm1,%xmm7
+
+
+	pshufd	$0xFF,%xmm0,%xmm0
+.byte	102,15,58,15,192,1
+
+
+
+
+_vpaes_schedule_low_round:
+
+	movdqa	%xmm7,%xmm1
+	pslldq	$4,%xmm7
+	pxor	%xmm1,%xmm7
+	movdqa	%xmm7,%xmm1
+	pslldq	$8,%xmm7
+	pxor	%xmm1,%xmm7
+	pxor	L$k_s63(%rip),%xmm7
+
+
+	movdqa	%xmm9,%xmm1
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+	movdqa	%xmm11,%xmm2
+.byte	102,15,56,0,208
+	pxor	%xmm1,%xmm0
+	movdqa	%xmm10,%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm10,%xmm4
+.byte	102,15,56,0,224
+	pxor	%xmm2,%xmm4
+	movdqa	%xmm10,%xmm2
+.byte	102,15,56,0,211
+	pxor	%xmm0,%xmm2
+	movdqa	%xmm10,%xmm3
+.byte	102,15,56,0,220
+	pxor	%xmm1,%xmm3
+	movdqa	%xmm13,%xmm4
+.byte	102,15,56,0,226
+	movdqa	%xmm12,%xmm0
+.byte	102,15,56,0,195
+	pxor	%xmm4,%xmm0
+
+
+	pxor	%xmm7,%xmm0
+	movdqa	%xmm0,%xmm7
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+
+
+
+
+
+.p2align	4
+_vpaes_schedule_transform:
+
+	movdqa	%xmm9,%xmm1
+	pandn	%xmm0,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm0
+	movdqa	(%r11),%xmm2
+.byte	102,15,56,0,208
+	movdqa	16(%r11),%xmm0
+.byte	102,15,56,0,193
+	pxor	%xmm2,%xmm0
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+.p2align	4
+_vpaes_schedule_mangle:
+
+	movdqa	%xmm0,%xmm4
+	movdqa	L$k_mc_forward(%rip),%xmm5
+	testq	%rcx,%rcx
+	jnz	L$schedule_mangle_dec
+
+
+	addq	$16,%rdx
+	pxor	L$k_s63(%rip),%xmm4
+.byte	102,15,56,0,229
+	movdqa	%xmm4,%xmm3
+.byte	102,15,56,0,229
+	pxor	%xmm4,%xmm3
+.byte	102,15,56,0,229
+	pxor	%xmm4,%xmm3
+
+	jmp	L$schedule_mangle_both
+.p2align	4
+L$schedule_mangle_dec:
+
+	leaq	L$k_dksd(%rip),%r11
+	movdqa	%xmm9,%xmm1
+	pandn	%xmm4,%xmm1
+	psrld	$4,%xmm1
+	pand	%xmm9,%xmm4
+
+	movdqa	0(%r11),%xmm2
+.byte	102,15,56,0,212
+	movdqa	16(%r11),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+
+	movdqa	32(%r11),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	48(%r11),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+
+	movdqa	64(%r11),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	80(%r11),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+.byte	102,15,56,0,221
+
+	movdqa	96(%r11),%xmm2
+.byte	102,15,56,0,212
+	pxor	%xmm3,%xmm2
+	movdqa	112(%r11),%xmm3
+.byte	102,15,56,0,217
+	pxor	%xmm2,%xmm3
+
+	addq	$-16,%rdx
+
+L$schedule_mangle_both:
+	movdqa	(%r8,%r10,1),%xmm1
+.byte	102,15,56,0,217
+	addq	$-16,%r8
+	andq	$0x30,%r8
+	movdqu	%xmm3,(%rdx)
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+.globl	_vpaes_set_encrypt_key
+
+.p2align	4
+_vpaes_set_encrypt_key:
+
+	movl	%esi,%eax
+	shrl	$5,%eax
+	addl	$5,%eax
+	movl	%eax,240(%rdx)
+
+	movl	$0,%ecx
+	movl	$0x30,%r8d
+	call	_vpaes_schedule_core
+	xorl	%eax,%eax
+	.byte	0xf3,0xc3
+
+
+
+.globl	_vpaes_set_decrypt_key
+
+.p2align	4
+_vpaes_set_decrypt_key:
+
+	movl	%esi,%eax
+	shrl	$5,%eax
+	addl	$5,%eax
+	movl	%eax,240(%rdx)
+	shll	$4,%eax
+	leaq	16(%rdx,%rax,1),%rdx
+
+	movl	$1,%ecx
+	movl	%esi,%r8d
+	shrl	$1,%r8d
+	andl	$32,%r8d
+	xorl	$32,%r8d
+	call	_vpaes_schedule_core
+	xorl	%eax,%eax
+	.byte	0xf3,0xc3
+
+
+
+.globl	_vpaes_encrypt
+
+.p2align	4
+_vpaes_encrypt:
+
+	movdqu	(%rdi),%xmm0
+	call	_vpaes_preheat
+	call	_vpaes_encrypt_core
+	movdqu	%xmm0,(%rsi)
+	.byte	0xf3,0xc3
+
+
+
+.globl	_vpaes_decrypt
+
+.p2align	4
+_vpaes_decrypt:
+
+	movdqu	(%rdi),%xmm0
+	call	_vpaes_preheat
+	call	_vpaes_decrypt_core
+	movdqu	%xmm0,(%rsi)
+	.byte	0xf3,0xc3
+
+
+.globl	_vpaes_cbc_encrypt
+
+.p2align	4
+_vpaes_cbc_encrypt:
+
+	xchgq	%rcx,%rdx
+	subq	$16,%rcx
+	jc	L$cbc_abort
+	movdqu	(%r8),%xmm6
+	subq	%rdi,%rsi
+	call	_vpaes_preheat
+	cmpl	$0,%r9d
+	je	L$cbc_dec_loop
+	jmp	L$cbc_enc_loop
+.p2align	4
+L$cbc_enc_loop:
+	movdqu	(%rdi),%xmm0
+	pxor	%xmm6,%xmm0
+	call	_vpaes_encrypt_core
+	movdqa	%xmm0,%xmm6
+	movdqu	%xmm0,(%rsi,%rdi,1)
+	leaq	16(%rdi),%rdi
+	subq	$16,%rcx
+	jnc	L$cbc_enc_loop
+	jmp	L$cbc_done
+.p2align	4
+L$cbc_dec_loop:
+	movdqu	(%rdi),%xmm0
+	movdqa	%xmm0,%xmm7
+	call	_vpaes_decrypt_core
+	pxor	%xmm6,%xmm0
+	movdqa	%xmm7,%xmm6
+	movdqu	%xmm0,(%rsi,%rdi,1)
+	leaq	16(%rdi),%rdi
+	subq	$16,%rcx
+	jnc	L$cbc_dec_loop
+L$cbc_done:
+	movdqu	%xmm6,(%r8)
+L$cbc_abort:
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+
+.p2align	4
+_vpaes_preheat:
+
+	leaq	L$k_s0F(%rip),%r10
+	movdqa	-32(%r10),%xmm10
+	movdqa	-16(%r10),%xmm11
+	movdqa	0(%r10),%xmm9
+	movdqa	48(%r10),%xmm13
+	movdqa	64(%r10),%xmm12
+	movdqa	80(%r10),%xmm15
+	movdqa	96(%r10),%xmm14
+	.byte	0xf3,0xc3
+
+
+
+
+
+
+
+
+.p2align	6
+_vpaes_consts:
+L$k_inv:
+.quad	0x0E05060F0D080180, 0x040703090A0B0C02
+.quad	0x01040A060F0B0780, 0x030D0E0C02050809
+
+L$k_s0F:
+.quad	0x0F0F0F0F0F0F0F0F, 0x0F0F0F0F0F0F0F0F
+
+L$k_ipt:
+.quad	0xC2B2E8985A2A7000, 0xCABAE09052227808
+.quad	0x4C01307D317C4D00, 0xCD80B1FCB0FDCC81
+
+L$k_sb1:
+.quad	0xB19BE18FCB503E00, 0xA5DF7A6E142AF544
+.quad	0x3618D415FAE22300, 0x3BF7CCC10D2ED9EF
+L$k_sb2:
+.quad	0xE27A93C60B712400, 0x5EB7E955BC982FCD
+.quad	0x69EB88400AE12900, 0xC2A163C8AB82234A
+L$k_sbo:
+.quad	0xD0D26D176FBDC700, 0x15AABF7AC502A878
+.quad	0xCFE474A55FBB6A00, 0x8E1E90D1412B35FA
+
+L$k_mc_forward:
+.quad	0x0407060500030201, 0x0C0F0E0D080B0A09
+.quad	0x080B0A0904070605, 0x000302010C0F0E0D
+.quad	0x0C0F0E0D080B0A09, 0x0407060500030201
+.quad	0x000302010C0F0E0D, 0x080B0A0904070605
+
+L$k_mc_backward:
+.quad	0x0605040702010003, 0x0E0D0C0F0A09080B
+.quad	0x020100030E0D0C0F, 0x0A09080B06050407
+.quad	0x0E0D0C0F0A09080B, 0x0605040702010003
+.quad	0x0A09080B06050407, 0x020100030E0D0C0F
+
+L$k_sr:
+.quad	0x0706050403020100, 0x0F0E0D0C0B0A0908
+.quad	0x030E09040F0A0500, 0x0B06010C07020D08
+.quad	0x0F060D040B020900, 0x070E050C030A0108
+.quad	0x0B0E0104070A0D00, 0x0306090C0F020508
+
+L$k_rcon:
+.quad	0x1F8391B9AF9DEEB6, 0x702A98084D7C7D81
+
+L$k_s63:
+.quad	0x5B5B5B5B5B5B5B5B, 0x5B5B5B5B5B5B5B5B
+
+L$k_opt:
+.quad	0xFF9F4929D6B66000, 0xF7974121DEBE6808
+.quad	0x01EDBD5150BCEC00, 0xE10D5DB1B05C0CE0
+
+L$k_deskew:
+.quad	0x07E4A34047A4E300, 0x1DFEB95A5DBEF91A
+.quad	0x5F36B5DC83EA6900, 0x2841C2ABF49D1E77
+
+
+
+
+
+L$k_dksd:
+.quad	0xFEB91A5DA3E44700, 0x0740E3A45A1DBEF9
+.quad	0x41C277F4B5368300, 0x5FDC69EAAB289D1E
+L$k_dksb:
+.quad	0x9A4FCA1F8550D500, 0x03D653861CC94C99
+.quad	0x115BEDA7B6FC4A00, 0xD993256F7E3482C8
+L$k_dkse:
+.quad	0xD5031CCA1FC9D600, 0x53859A4C994F5086
+.quad	0xA23196054FDC7BE8, 0xCD5EF96A20B31487
+L$k_dks9:
+.quad	0xB6116FC87ED9A700, 0x4AED933482255BFC
+.quad	0x4576516227143300, 0x8BB89FACE9DAFDCE
+
+
+
+
+
+L$k_dipt:
+.quad	0x0F505B040B545F00, 0x154A411E114E451A
+.quad	0x86E383E660056500, 0x12771772F491F194
+
+L$k_dsb9:
+.quad	0x851C03539A86D600, 0xCAD51F504F994CC9
+.quad	0xC03B1789ECD74900, 0x725E2C9EB2FBA565
+L$k_dsbd:
+.quad	0x7D57CCDFE6B1A200, 0xF56E9B13882A4439
+.quad	0x3CE2FAF724C6CB00, 0x2931180D15DEEFD3
+L$k_dsbb:
+.quad	0xD022649296B44200, 0x602646F6B0F2D404
+.quad	0xC19498A6CD596700, 0xF3FF0C3E3255AA6B
+L$k_dsbe:
+.quad	0x46F2929626D4D000, 0x2242600464B4F6B0
+.quad	0x0C55A6CDFFAAC100, 0x9467F36B98593E32
+L$k_dsbo:
+.quad	0x1387EA537EF94000, 0xC7AA6DB9D4943E2D
+.quad	0x12D7560F93441D00, 0xCA4B8159D8C58E9C
+.byte	86,101,99,116,111,114,32,80,101,114,109,117,116,97,116,105,111,110,32,65,69,83,32,102,111,114,32,120,56,54,95,54,52,47,83,83,83,69,51,44,32,77,105,107,101,32,72,97,109,98,117,114,103,32,40,83,116,97,110,102,111,114,100,32,85,110,105,118,101,114,115,105,116,121,41,0
+.p2align	6
+
+
diff --git a/lib/accelerated/x86/macosx/aesni-gcm-x86_64.s b/lib/accelerated/x86/macosx/aesni-gcm-x86_64.s
new file mode 100644
index 0000000..1d323b1
--- /dev/null
+++ b/lib/accelerated/x86/macosx/aesni-gcm-x86_64.s
@@ -0,0 +1,829 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+.p2align	5
+_aesni_ctr32_ghash_6x:
+
+	vmovdqu	32(%r11),%xmm2
+	subq	$6,%rdx
+	vpxor	%xmm4,%xmm4,%xmm4
+	vmovdqu	0-128(%rcx),%xmm15
+	vpaddb	%xmm2,%xmm1,%xmm10
+	vpaddb	%xmm2,%xmm10,%xmm11
+	vpaddb	%xmm2,%xmm11,%xmm12
+	vpaddb	%xmm2,%xmm12,%xmm13
+	vpaddb	%xmm2,%xmm13,%xmm14
+	vpxor	%xmm15,%xmm1,%xmm9
+	vmovdqu	%xmm4,16+8(%rsp)
+	jmp	L$oop6x
+
+.p2align	5
+L$oop6x:
+	addl	$100663296,%ebx
+	jc	L$handle_ctr32
+	vmovdqu	0-32(%r9),%xmm3
+	vpaddb	%xmm2,%xmm14,%xmm1
+	vpxor	%xmm15,%xmm10,%xmm10
+	vpxor	%xmm15,%xmm11,%xmm11
+
+L$resume_ctr32:
+	vmovdqu	%xmm1,(%r8)
+	vpclmulqdq	$0x10,%xmm3,%xmm7,%xmm5
+	vpxor	%xmm15,%xmm12,%xmm12
+	vmovups	16-128(%rcx),%xmm2
+	vpclmulqdq	$0x01,%xmm3,%xmm7,%xmm6
+	xorq	%r12,%r12
+	cmpq	%r14,%r15
+
+	vaesenc	%xmm2,%xmm9,%xmm9
+	vmovdqu	48+8(%rsp),%xmm0
+	vpxor	%xmm15,%xmm13,%xmm13
+	vpclmulqdq	$0x00,%xmm3,%xmm7,%xmm1
+	vaesenc	%xmm2,%xmm10,%xmm10
+	vpxor	%xmm15,%xmm14,%xmm14
+	setnc	%r12b
+	vpclmulqdq	$0x11,%xmm3,%xmm7,%xmm7
+	vaesenc	%xmm2,%xmm11,%xmm11
+	vmovdqu	16-32(%r9),%xmm3
+	negq	%r12
+	vaesenc	%xmm2,%xmm12,%xmm12
+	vpxor	%xmm5,%xmm6,%xmm6
+	vpclmulqdq	$0x00,%xmm3,%xmm0,%xmm5
+	vpxor	%xmm4,%xmm8,%xmm8
+	vaesenc	%xmm2,%xmm13,%xmm13
+	vpxor	%xmm5,%xmm1,%xmm4
+	andq	$0x60,%r12
+	vmovups	32-128(%rcx),%xmm15
+	vpclmulqdq	$0x10,%xmm3,%xmm0,%xmm1
+	vaesenc	%xmm2,%xmm14,%xmm14
+
+	vpclmulqdq	$0x01,%xmm3,%xmm0,%xmm2
+	leaq	(%r14,%r12,1),%r14
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	16+8(%rsp),%xmm8,%xmm8
+	vpclmulqdq	$0x11,%xmm3,%xmm0,%xmm3
+	vmovdqu	64+8(%rsp),%xmm0
+	vaesenc	%xmm15,%xmm10,%xmm10
+	movbeq	88(%r14),%r13
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	80(%r14),%r12
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r13,32+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	movq	%r12,40+8(%rsp)
+	vmovdqu	48-32(%r9),%xmm5
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vmovups	48-128(%rcx),%xmm15
+	vpxor	%xmm1,%xmm6,%xmm6
+	vpclmulqdq	$0x00,%xmm5,%xmm0,%xmm1
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm5,%xmm0,%xmm2
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vpxor	%xmm3,%xmm7,%xmm7
+	vpclmulqdq	$0x01,%xmm5,%xmm0,%xmm3
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vpclmulqdq	$0x11,%xmm5,%xmm0,%xmm5
+	vmovdqu	80+8(%rsp),%xmm0
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vpxor	%xmm1,%xmm4,%xmm4
+	vmovdqu	64-32(%r9),%xmm1
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vmovups	64-128(%rcx),%xmm15
+	vpxor	%xmm2,%xmm6,%xmm6
+	vpclmulqdq	$0x00,%xmm1,%xmm0,%xmm2
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm3,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm1,%xmm0,%xmm3
+	vaesenc	%xmm15,%xmm10,%xmm10
+	movbeq	72(%r14),%r13
+	vpxor	%xmm5,%xmm7,%xmm7
+	vpclmulqdq	$0x01,%xmm1,%xmm0,%xmm5
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	64(%r14),%r12
+	vpclmulqdq	$0x11,%xmm1,%xmm0,%xmm1
+	vmovdqu	96+8(%rsp),%xmm0
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r13,48+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	movq	%r12,56+8(%rsp)
+	vpxor	%xmm2,%xmm4,%xmm4
+	vmovdqu	96-32(%r9),%xmm2
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vmovups	80-128(%rcx),%xmm15
+	vpxor	%xmm3,%xmm6,%xmm6
+	vpclmulqdq	$0x00,%xmm2,%xmm0,%xmm3
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm5,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm2,%xmm0,%xmm5
+	vaesenc	%xmm15,%xmm10,%xmm10
+	movbeq	56(%r14),%r13
+	vpxor	%xmm1,%xmm7,%xmm7
+	vpclmulqdq	$0x01,%xmm2,%xmm0,%xmm1
+	vpxor	112+8(%rsp),%xmm8,%xmm8
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	48(%r14),%r12
+	vpclmulqdq	$0x11,%xmm2,%xmm0,%xmm2
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r13,64+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	movq	%r12,72+8(%rsp)
+	vpxor	%xmm3,%xmm4,%xmm4
+	vmovdqu	112-32(%r9),%xmm3
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vmovups	96-128(%rcx),%xmm15
+	vpxor	%xmm5,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm3,%xmm8,%xmm5
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm1,%xmm6,%xmm6
+	vpclmulqdq	$0x01,%xmm3,%xmm8,%xmm1
+	vaesenc	%xmm15,%xmm10,%xmm10
+	movbeq	40(%r14),%r13
+	vpxor	%xmm2,%xmm7,%xmm7
+	vpclmulqdq	$0x00,%xmm3,%xmm8,%xmm2
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	32(%r14),%r12
+	vpclmulqdq	$0x11,%xmm3,%xmm8,%xmm8
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r13,80+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	movq	%r12,88+8(%rsp)
+	vpxor	%xmm5,%xmm6,%xmm6
+	vaesenc	%xmm15,%xmm14,%xmm14
+	vpxor	%xmm1,%xmm6,%xmm6
+
+	vmovups	112-128(%rcx),%xmm15
+	vpslldq	$8,%xmm6,%xmm5
+	vpxor	%xmm2,%xmm4,%xmm4
+	vmovdqu	16(%r11),%xmm3
+
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	%xmm8,%xmm7,%xmm7
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vpxor	%xmm5,%xmm4,%xmm4
+	movbeq	24(%r14),%r13
+	vaesenc	%xmm15,%xmm11,%xmm11
+	movbeq	16(%r14),%r12
+	vpalignr	$8,%xmm4,%xmm4,%xmm0
+	vpclmulqdq	$0x10,%xmm3,%xmm4,%xmm4
+	movq	%r13,96+8(%rsp)
+	vaesenc	%xmm15,%xmm12,%xmm12
+	movq	%r12,104+8(%rsp)
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vmovups	128-128(%rcx),%xmm1
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vaesenc	%xmm1,%xmm9,%xmm9
+	vmovups	144-128(%rcx),%xmm15
+	vaesenc	%xmm1,%xmm10,%xmm10
+	vpsrldq	$8,%xmm6,%xmm6
+	vaesenc	%xmm1,%xmm11,%xmm11
+	vpxor	%xmm6,%xmm7,%xmm7
+	vaesenc	%xmm1,%xmm12,%xmm12
+	vpxor	%xmm0,%xmm4,%xmm4
+	movbeq	8(%r14),%r13
+	vaesenc	%xmm1,%xmm13,%xmm13
+	movbeq	0(%r14),%r12
+	vaesenc	%xmm1,%xmm14,%xmm14
+	vmovups	160-128(%rcx),%xmm1
+	cmpl	$11,%ebp
+	jb	L$enc_tail
+
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vaesenc	%xmm1,%xmm9,%xmm9
+	vaesenc	%xmm1,%xmm10,%xmm10
+	vaesenc	%xmm1,%xmm11,%xmm11
+	vaesenc	%xmm1,%xmm12,%xmm12
+	vaesenc	%xmm1,%xmm13,%xmm13
+	vmovups	176-128(%rcx),%xmm15
+	vaesenc	%xmm1,%xmm14,%xmm14
+	vmovups	192-128(%rcx),%xmm1
+	je	L$enc_tail
+
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vaesenc	%xmm15,%xmm14,%xmm14
+
+	vaesenc	%xmm1,%xmm9,%xmm9
+	vaesenc	%xmm1,%xmm10,%xmm10
+	vaesenc	%xmm1,%xmm11,%xmm11
+	vaesenc	%xmm1,%xmm12,%xmm12
+	vaesenc	%xmm1,%xmm13,%xmm13
+	vmovups	208-128(%rcx),%xmm15
+	vaesenc	%xmm1,%xmm14,%xmm14
+	vmovups	224-128(%rcx),%xmm1
+	jmp	L$enc_tail
+
+.p2align	5
+L$handle_ctr32:
+	vmovdqu	(%r11),%xmm0
+	vpshufb	%xmm0,%xmm1,%xmm6
+	vmovdqu	48(%r11),%xmm5
+	vpaddd	64(%r11),%xmm6,%xmm10
+	vpaddd	%xmm5,%xmm6,%xmm11
+	vmovdqu	0-32(%r9),%xmm3
+	vpaddd	%xmm5,%xmm10,%xmm12
+	vpshufb	%xmm0,%xmm10,%xmm10
+	vpaddd	%xmm5,%xmm11,%xmm13
+	vpshufb	%xmm0,%xmm11,%xmm11
+	vpxor	%xmm15,%xmm10,%xmm10
+	vpaddd	%xmm5,%xmm12,%xmm14
+	vpshufb	%xmm0,%xmm12,%xmm12
+	vpxor	%xmm15,%xmm11,%xmm11
+	vpaddd	%xmm5,%xmm13,%xmm1
+	vpshufb	%xmm0,%xmm13,%xmm13
+	vpshufb	%xmm0,%xmm14,%xmm14
+	vpshufb	%xmm0,%xmm1,%xmm1
+	jmp	L$resume_ctr32
+
+.p2align	5
+L$enc_tail:
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vmovdqu	%xmm7,16+8(%rsp)
+	vpalignr	$8,%xmm4,%xmm4,%xmm8
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vpclmulqdq	$0x10,%xmm3,%xmm4,%xmm4
+	vpxor	0(%rdi),%xmm1,%xmm2
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vpxor	16(%rdi),%xmm1,%xmm0
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vpxor	32(%rdi),%xmm1,%xmm5
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vpxor	48(%rdi),%xmm1,%xmm6
+	vaesenc	%xmm15,%xmm14,%xmm14
+	vpxor	64(%rdi),%xmm1,%xmm7
+	vpxor	80(%rdi),%xmm1,%xmm3
+	vmovdqu	(%r8),%xmm1
+
+	vaesenclast	%xmm2,%xmm9,%xmm9
+	vmovdqu	32(%r11),%xmm2
+	vaesenclast	%xmm0,%xmm10,%xmm10
+	vpaddb	%xmm2,%xmm1,%xmm0
+	movq	%r13,112+8(%rsp)
+	leaq	96(%rdi),%rdi
+	vaesenclast	%xmm5,%xmm11,%xmm11
+	vpaddb	%xmm2,%xmm0,%xmm5
+	movq	%r12,120+8(%rsp)
+	leaq	96(%rsi),%rsi
+	vmovdqu	0-128(%rcx),%xmm15
+	vaesenclast	%xmm6,%xmm12,%xmm12
+	vpaddb	%xmm2,%xmm5,%xmm6
+	vaesenclast	%xmm7,%xmm13,%xmm13
+	vpaddb	%xmm2,%xmm6,%xmm7
+	vaesenclast	%xmm3,%xmm14,%xmm14
+	vpaddb	%xmm2,%xmm7,%xmm3
+
+	addq	$0x60,%r10
+	subq	$0x6,%rdx
+	jc	L$6x_done
+
+	vmovups	%xmm9,-96(%rsi)
+	vpxor	%xmm15,%xmm1,%xmm9
+	vmovups	%xmm10,-80(%rsi)
+	vmovdqa	%xmm0,%xmm10
+	vmovups	%xmm11,-64(%rsi)
+	vmovdqa	%xmm5,%xmm11
+	vmovups	%xmm12,-48(%rsi)
+	vmovdqa	%xmm6,%xmm12
+	vmovups	%xmm13,-32(%rsi)
+	vmovdqa	%xmm7,%xmm13
+	vmovups	%xmm14,-16(%rsi)
+	vmovdqa	%xmm3,%xmm14
+	vmovdqu	32+8(%rsp),%xmm7
+	jmp	L$oop6x
+
+L$6x_done:
+	vpxor	16+8(%rsp),%xmm8,%xmm8
+	vpxor	%xmm4,%xmm8,%xmm8
+
+	.byte	0xf3,0xc3
+
+
+.globl	_aesni_gcm_decrypt
+
+.p2align	5
+_aesni_gcm_decrypt:
+
+	xorq	%r10,%r10
+	cmpq	$0x60,%rdx
+	jb	L$gcm_dec_abort
+
+	leaq	(%rsp),%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	vzeroupper
+
+	vmovdqu	(%r8),%xmm1
+	addq	$-128,%rsp
+	movl	12(%r8),%ebx
+	leaq	L$bswap_mask(%rip),%r11
+	leaq	-128(%rcx),%r14
+	movq	$0xf80,%r15
+	vmovdqu	(%r9),%xmm8
+	andq	$-128,%rsp
+	vmovdqu	(%r11),%xmm0
+	leaq	128(%rcx),%rcx
+	leaq	32+32(%r9),%r9
+	movl	240-128(%rcx),%ebp
+	vpshufb	%xmm0,%xmm8,%xmm8
+
+	andq	%r15,%r14
+	andq	%rsp,%r15
+	subq	%r14,%r15
+	jc	L$dec_no_key_aliasing
+	cmpq	$768,%r15
+	jnc	L$dec_no_key_aliasing
+	subq	%r15,%rsp
+L$dec_no_key_aliasing:
+
+	vmovdqu	80(%rdi),%xmm7
+	leaq	(%rdi),%r14
+	vmovdqu	64(%rdi),%xmm4
+	leaq	-192(%rdi,%rdx,1),%r15
+	vmovdqu	48(%rdi),%xmm5
+	shrq	$4,%rdx
+	xorq	%r10,%r10
+	vmovdqu	32(%rdi),%xmm6
+	vpshufb	%xmm0,%xmm7,%xmm7
+	vmovdqu	16(%rdi),%xmm2
+	vpshufb	%xmm0,%xmm4,%xmm4
+	vmovdqu	(%rdi),%xmm3
+	vpshufb	%xmm0,%xmm5,%xmm5
+	vmovdqu	%xmm4,48(%rsp)
+	vpshufb	%xmm0,%xmm6,%xmm6
+	vmovdqu	%xmm5,64(%rsp)
+	vpshufb	%xmm0,%xmm2,%xmm2
+	vmovdqu	%xmm6,80(%rsp)
+	vpshufb	%xmm0,%xmm3,%xmm3
+	vmovdqu	%xmm2,96(%rsp)
+	vmovdqu	%xmm3,112(%rsp)
+
+	call	_aesni_ctr32_ghash_6x
+
+	vmovups	%xmm9,-96(%rsi)
+	vmovups	%xmm10,-80(%rsi)
+	vmovups	%xmm11,-64(%rsi)
+	vmovups	%xmm12,-48(%rsi)
+	vmovups	%xmm13,-32(%rsi)
+	vmovups	%xmm14,-16(%rsi)
+
+	vpshufb	(%r11),%xmm8,%xmm8
+	vmovdqu	%xmm8,-64(%r9)
+
+	vzeroupper
+	movq	-48(%rax),%r15
+
+	movq	-40(%rax),%r14
+
+	movq	-32(%rax),%r13
+
+	movq	-24(%rax),%r12
+
+	movq	-16(%rax),%rbp
+
+	movq	-8(%rax),%rbx
+
+	leaq	(%rax),%rsp
+
+L$gcm_dec_abort:
+	movq	%r10,%rax
+	.byte	0xf3,0xc3
+
+
+
+.p2align	5
+_aesni_ctr32_6x:
+
+	vmovdqu	0-128(%rcx),%xmm4
+	vmovdqu	32(%r11),%xmm2
+	leaq	-1(%rbp),%r13
+	vmovups	16-128(%rcx),%xmm15
+	leaq	32-128(%rcx),%r12
+	vpxor	%xmm4,%xmm1,%xmm9
+	addl	$100663296,%ebx
+	jc	L$handle_ctr32_2
+	vpaddb	%xmm2,%xmm1,%xmm10
+	vpaddb	%xmm2,%xmm10,%xmm11
+	vpxor	%xmm4,%xmm10,%xmm10
+	vpaddb	%xmm2,%xmm11,%xmm12
+	vpxor	%xmm4,%xmm11,%xmm11
+	vpaddb	%xmm2,%xmm12,%xmm13
+	vpxor	%xmm4,%xmm12,%xmm12
+	vpaddb	%xmm2,%xmm13,%xmm14
+	vpxor	%xmm4,%xmm13,%xmm13
+	vpaddb	%xmm2,%xmm14,%xmm1
+	vpxor	%xmm4,%xmm14,%xmm14
+	jmp	L$oop_ctr32
+
+.p2align	4
+L$oop_ctr32:
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vaesenc	%xmm15,%xmm14,%xmm14
+	vmovups	(%r12),%xmm15
+	leaq	16(%r12),%r12
+	decl	%r13d
+	jnz	L$oop_ctr32
+
+	vmovdqu	(%r12),%xmm3
+	vaesenc	%xmm15,%xmm9,%xmm9
+	vpxor	0(%rdi),%xmm3,%xmm4
+	vaesenc	%xmm15,%xmm10,%xmm10
+	vpxor	16(%rdi),%xmm3,%xmm5
+	vaesenc	%xmm15,%xmm11,%xmm11
+	vpxor	32(%rdi),%xmm3,%xmm6
+	vaesenc	%xmm15,%xmm12,%xmm12
+	vpxor	48(%rdi),%xmm3,%xmm8
+	vaesenc	%xmm15,%xmm13,%xmm13
+	vpxor	64(%rdi),%xmm3,%xmm2
+	vaesenc	%xmm15,%xmm14,%xmm14
+	vpxor	80(%rdi),%xmm3,%xmm3
+	leaq	96(%rdi),%rdi
+
+	vaesenclast	%xmm4,%xmm9,%xmm9
+	vaesenclast	%xmm5,%xmm10,%xmm10
+	vaesenclast	%xmm6,%xmm11,%xmm11
+	vaesenclast	%xmm8,%xmm12,%xmm12
+	vaesenclast	%xmm2,%xmm13,%xmm13
+	vaesenclast	%xmm3,%xmm14,%xmm14
+	vmovups	%xmm9,0(%rsi)
+	vmovups	%xmm10,16(%rsi)
+	vmovups	%xmm11,32(%rsi)
+	vmovups	%xmm12,48(%rsi)
+	vmovups	%xmm13,64(%rsi)
+	vmovups	%xmm14,80(%rsi)
+	leaq	96(%rsi),%rsi
+
+	.byte	0xf3,0xc3
+.p2align	5
+L$handle_ctr32_2:
+	vpshufb	%xmm0,%xmm1,%xmm6
+	vmovdqu	48(%r11),%xmm5
+	vpaddd	64(%r11),%xmm6,%xmm10
+	vpaddd	%xmm5,%xmm6,%xmm11
+	vpaddd	%xmm5,%xmm10,%xmm12
+	vpshufb	%xmm0,%xmm10,%xmm10
+	vpaddd	%xmm5,%xmm11,%xmm13
+	vpshufb	%xmm0,%xmm11,%xmm11
+	vpxor	%xmm4,%xmm10,%xmm10
+	vpaddd	%xmm5,%xmm12,%xmm14
+	vpshufb	%xmm0,%xmm12,%xmm12
+	vpxor	%xmm4,%xmm11,%xmm11
+	vpaddd	%xmm5,%xmm13,%xmm1
+	vpshufb	%xmm0,%xmm13,%xmm13
+	vpxor	%xmm4,%xmm12,%xmm12
+	vpshufb	%xmm0,%xmm14,%xmm14
+	vpxor	%xmm4,%xmm13,%xmm13
+	vpshufb	%xmm0,%xmm1,%xmm1
+	vpxor	%xmm4,%xmm14,%xmm14
+	jmp	L$oop_ctr32
+
+
+
+.globl	_aesni_gcm_encrypt
+
+.p2align	5
+_aesni_gcm_encrypt:
+
+	xorq	%r10,%r10
+	cmpq	$288,%rdx
+	jb	L$gcm_enc_abort
+
+	leaq	(%rsp),%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	vzeroupper
+
+	vmovdqu	(%r8),%xmm1
+	addq	$-128,%rsp
+	movl	12(%r8),%ebx
+	leaq	L$bswap_mask(%rip),%r11
+	leaq	-128(%rcx),%r14
+	movq	$0xf80,%r15
+	leaq	128(%rcx),%rcx
+	vmovdqu	(%r11),%xmm0
+	andq	$-128,%rsp
+	movl	240-128(%rcx),%ebp
+
+	andq	%r15,%r14
+	andq	%rsp,%r15
+	subq	%r14,%r15
+	jc	L$enc_no_key_aliasing
+	cmpq	$768,%r15
+	jnc	L$enc_no_key_aliasing
+	subq	%r15,%rsp
+L$enc_no_key_aliasing:
+
+	leaq	(%rsi),%r14
+	leaq	-192(%rsi,%rdx,1),%r15
+	shrq	$4,%rdx
+
+	call	_aesni_ctr32_6x
+	vpshufb	%xmm0,%xmm9,%xmm8
+	vpshufb	%xmm0,%xmm10,%xmm2
+	vmovdqu	%xmm8,112(%rsp)
+	vpshufb	%xmm0,%xmm11,%xmm4
+	vmovdqu	%xmm2,96(%rsp)
+	vpshufb	%xmm0,%xmm12,%xmm5
+	vmovdqu	%xmm4,80(%rsp)
+	vpshufb	%xmm0,%xmm13,%xmm6
+	vmovdqu	%xmm5,64(%rsp)
+	vpshufb	%xmm0,%xmm14,%xmm7
+	vmovdqu	%xmm6,48(%rsp)
+
+	call	_aesni_ctr32_6x
+
+	vmovdqu	(%r9),%xmm8
+	leaq	32+32(%r9),%r9
+	subq	$12,%rdx
+	movq	$192,%r10
+	vpshufb	%xmm0,%xmm8,%xmm8
+
+	call	_aesni_ctr32_ghash_6x
+	vmovdqu	32(%rsp),%xmm7
+	vmovdqu	(%r11),%xmm0
+	vmovdqu	0-32(%r9),%xmm3
+	vpunpckhqdq	%xmm7,%xmm7,%xmm1
+	vmovdqu	32-32(%r9),%xmm15
+	vmovups	%xmm9,-96(%rsi)
+	vpshufb	%xmm0,%xmm9,%xmm9
+	vpxor	%xmm7,%xmm1,%xmm1
+	vmovups	%xmm10,-80(%rsi)
+	vpshufb	%xmm0,%xmm10,%xmm10
+	vmovups	%xmm11,-64(%rsi)
+	vpshufb	%xmm0,%xmm11,%xmm11
+	vmovups	%xmm12,-48(%rsi)
+	vpshufb	%xmm0,%xmm12,%xmm12
+	vmovups	%xmm13,-32(%rsi)
+	vpshufb	%xmm0,%xmm13,%xmm13
+	vmovups	%xmm14,-16(%rsi)
+	vpshufb	%xmm0,%xmm14,%xmm14
+	vmovdqu	%xmm9,16(%rsp)
+	vmovdqu	48(%rsp),%xmm6
+	vmovdqu	16-32(%r9),%xmm0
+	vpunpckhqdq	%xmm6,%xmm6,%xmm2
+	vpclmulqdq	$0x00,%xmm3,%xmm7,%xmm5
+	vpxor	%xmm6,%xmm2,%xmm2
+	vpclmulqdq	$0x11,%xmm3,%xmm7,%xmm7
+	vpclmulqdq	$0x00,%xmm15,%xmm1,%xmm1
+
+	vmovdqu	64(%rsp),%xmm9
+	vpclmulqdq	$0x00,%xmm0,%xmm6,%xmm4
+	vmovdqu	48-32(%r9),%xmm3
+	vpxor	%xmm5,%xmm4,%xmm4
+	vpunpckhqdq	%xmm9,%xmm9,%xmm5
+	vpclmulqdq	$0x11,%xmm0,%xmm6,%xmm6
+	vpxor	%xmm9,%xmm5,%xmm5
+	vpxor	%xmm7,%xmm6,%xmm6
+	vpclmulqdq	$0x10,%xmm15,%xmm2,%xmm2
+	vmovdqu	80-32(%r9),%xmm15
+	vpxor	%xmm1,%xmm2,%xmm2
+
+	vmovdqu	80(%rsp),%xmm1
+	vpclmulqdq	$0x00,%xmm3,%xmm9,%xmm7
+	vmovdqu	64-32(%r9),%xmm0
+	vpxor	%xmm4,%xmm7,%xmm7
+	vpunpckhqdq	%xmm1,%xmm1,%xmm4
+	vpclmulqdq	$0x11,%xmm3,%xmm9,%xmm9
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpxor	%xmm6,%xmm9,%xmm9
+	vpclmulqdq	$0x00,%xmm15,%xmm5,%xmm5
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vmovdqu	96(%rsp),%xmm2
+	vpclmulqdq	$0x00,%xmm0,%xmm1,%xmm6
+	vmovdqu	96-32(%r9),%xmm3
+	vpxor	%xmm7,%xmm6,%xmm6
+	vpunpckhqdq	%xmm2,%xmm2,%xmm7
+	vpclmulqdq	$0x11,%xmm0,%xmm1,%xmm1
+	vpxor	%xmm2,%xmm7,%xmm7
+	vpxor	%xmm9,%xmm1,%xmm1
+	vpclmulqdq	$0x10,%xmm15,%xmm4,%xmm4
+	vmovdqu	128-32(%r9),%xmm15
+	vpxor	%xmm5,%xmm4,%xmm4
+
+	vpxor	112(%rsp),%xmm8,%xmm8
+	vpclmulqdq	$0x00,%xmm3,%xmm2,%xmm5
+	vmovdqu	112-32(%r9),%xmm0
+	vpunpckhqdq	%xmm8,%xmm8,%xmm9
+	vpxor	%xmm6,%xmm5,%xmm5
+	vpclmulqdq	$0x11,%xmm3,%xmm2,%xmm2
+	vpxor	%xmm8,%xmm9,%xmm9
+	vpxor	%xmm1,%xmm2,%xmm2
+	vpclmulqdq	$0x00,%xmm15,%xmm7,%xmm7
+	vpxor	%xmm4,%xmm7,%xmm4
+
+	vpclmulqdq	$0x00,%xmm0,%xmm8,%xmm6
+	vmovdqu	0-32(%r9),%xmm3
+	vpunpckhqdq	%xmm14,%xmm14,%xmm1
+	vpclmulqdq	$0x11,%xmm0,%xmm8,%xmm8
+	vpxor	%xmm14,%xmm1,%xmm1
+	vpxor	%xmm5,%xmm6,%xmm5
+	vpclmulqdq	$0x10,%xmm15,%xmm9,%xmm9
+	vmovdqu	32-32(%r9),%xmm15
+	vpxor	%xmm2,%xmm8,%xmm7
+	vpxor	%xmm4,%xmm9,%xmm6
+
+	vmovdqu	16-32(%r9),%xmm0
+	vpxor	%xmm5,%xmm7,%xmm9
+	vpclmulqdq	$0x00,%xmm3,%xmm14,%xmm4
+	vpxor	%xmm9,%xmm6,%xmm6
+	vpunpckhqdq	%xmm13,%xmm13,%xmm2
+	vpclmulqdq	$0x11,%xmm3,%xmm14,%xmm14
+	vpxor	%xmm13,%xmm2,%xmm2
+	vpslldq	$8,%xmm6,%xmm9
+	vpclmulqdq	$0x00,%xmm15,%xmm1,%xmm1
+	vpxor	%xmm9,%xmm5,%xmm8
+	vpsrldq	$8,%xmm6,%xmm6
+	vpxor	%xmm6,%xmm7,%xmm7
+
+	vpclmulqdq	$0x00,%xmm0,%xmm13,%xmm5
+	vmovdqu	48-32(%r9),%xmm3
+	vpxor	%xmm4,%xmm5,%xmm5
+	vpunpckhqdq	%xmm12,%xmm12,%xmm9
+	vpclmulqdq	$0x11,%xmm0,%xmm13,%xmm13
+	vpxor	%xmm12,%xmm9,%xmm9
+	vpxor	%xmm14,%xmm13,%xmm13
+	vpalignr	$8,%xmm8,%xmm8,%xmm14
+	vpclmulqdq	$0x10,%xmm15,%xmm2,%xmm2
+	vmovdqu	80-32(%r9),%xmm15
+	vpxor	%xmm1,%xmm2,%xmm2
+
+	vpclmulqdq	$0x00,%xmm3,%xmm12,%xmm4
+	vmovdqu	64-32(%r9),%xmm0
+	vpxor	%xmm5,%xmm4,%xmm4
+	vpunpckhqdq	%xmm11,%xmm11,%xmm1
+	vpclmulqdq	$0x11,%xmm3,%xmm12,%xmm12
+	vpxor	%xmm11,%xmm1,%xmm1
+	vpxor	%xmm13,%xmm12,%xmm12
+	vxorps	16(%rsp),%xmm7,%xmm7
+	vpclmulqdq	$0x00,%xmm15,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm9,%xmm9
+
+	vpclmulqdq	$0x10,16(%r11),%xmm8,%xmm8
+	vxorps	%xmm14,%xmm8,%xmm8
+
+	vpclmulqdq	$0x00,%xmm0,%xmm11,%xmm5
+	vmovdqu	96-32(%r9),%xmm3
+	vpxor	%xmm4,%xmm5,%xmm5
+	vpunpckhqdq	%xmm10,%xmm10,%xmm2
+	vpclmulqdq	$0x11,%xmm0,%xmm11,%xmm11
+	vpxor	%xmm10,%xmm2,%xmm2
+	vpalignr	$8,%xmm8,%xmm8,%xmm14
+	vpxor	%xmm12,%xmm11,%xmm11
+	vpclmulqdq	$0x10,%xmm15,%xmm1,%xmm1
+	vmovdqu	128-32(%r9),%xmm15
+	vpxor	%xmm9,%xmm1,%xmm1
+
+	vxorps	%xmm7,%xmm14,%xmm14
+	vpclmulqdq	$0x10,16(%r11),%xmm8,%xmm8
+	vxorps	%xmm14,%xmm8,%xmm8
+
+	vpclmulqdq	$0x00,%xmm3,%xmm10,%xmm4
+	vmovdqu	112-32(%r9),%xmm0
+	vpxor	%xmm5,%xmm4,%xmm4
+	vpunpckhqdq	%xmm8,%xmm8,%xmm9
+	vpclmulqdq	$0x11,%xmm3,%xmm10,%xmm10
+	vpxor	%xmm8,%xmm9,%xmm9
+	vpxor	%xmm11,%xmm10,%xmm10
+	vpclmulqdq	$0x00,%xmm15,%xmm2,%xmm2
+	vpxor	%xmm1,%xmm2,%xmm2
+
+	vpclmulqdq	$0x00,%xmm0,%xmm8,%xmm5
+	vpclmulqdq	$0x11,%xmm0,%xmm8,%xmm7
+	vpxor	%xmm4,%xmm5,%xmm5
+	vpclmulqdq	$0x10,%xmm15,%xmm9,%xmm6
+	vpxor	%xmm10,%xmm7,%xmm7
+	vpxor	%xmm2,%xmm6,%xmm6
+
+	vpxor	%xmm5,%xmm7,%xmm4
+	vpxor	%xmm4,%xmm6,%xmm6
+	vpslldq	$8,%xmm6,%xmm1
+	vmovdqu	16(%r11),%xmm3
+	vpsrldq	$8,%xmm6,%xmm6
+	vpxor	%xmm1,%xmm5,%xmm8
+	vpxor	%xmm6,%xmm7,%xmm7
+
+	vpalignr	$8,%xmm8,%xmm8,%xmm2
+	vpclmulqdq	$0x10,%xmm3,%xmm8,%xmm8
+	vpxor	%xmm2,%xmm8,%xmm8
+
+	vpalignr	$8,%xmm8,%xmm8,%xmm2
+	vpclmulqdq	$0x10,%xmm3,%xmm8,%xmm8
+	vpxor	%xmm7,%xmm2,%xmm2
+	vpxor	%xmm2,%xmm8,%xmm8
+	vpshufb	(%r11),%xmm8,%xmm8
+	vmovdqu	%xmm8,-64(%r9)
+
+	vzeroupper
+	movq	-48(%rax),%r15
+
+	movq	-40(%rax),%r14
+
+	movq	-32(%rax),%r13
+
+	movq	-24(%rax),%r12
+
+	movq	-16(%rax),%rbp
+
+	movq	-8(%rax),%rbx
+
+	leaq	(%rax),%rsp
+
+L$gcm_enc_abort:
+	movq	%r10,%rax
+	.byte	0xf3,0xc3
+
+
+.p2align	6
+L$bswap_mask:
+.byte	15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+L$poly:
+.byte	0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xc2
+L$one_msb:
+.byte	0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1
+L$two_lsb:
+.byte	2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
+L$one_lsb:
+.byte	1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
+.byte	65,69,83,45,78,73,32,71,67,77,32,109,111,100,117,108,101,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.p2align	6
+
diff --git a/lib/accelerated/x86/macosx/aesni-x86.s b/lib/accelerated/x86/macosx/aesni-x86.s
new file mode 100644
index 0000000..774d1f4
--- /dev/null
+++ b/lib/accelerated/x86/macosx/aesni-x86.s
@@ -0,0 +1,3237 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text
+.globl	_aesni_encrypt
+.align	4
+_aesni_encrypt:
+L_aesni_encrypt_begin:
+	movl	4(%esp),%eax
+	movl	12(%esp),%edx
+	movups	(%eax),%xmm2
+	movl	240(%edx),%ecx
+	movl	8(%esp),%eax
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L000enc1_loop_1:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L000enc1_loop_1
+.byte	102,15,56,221,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%eax)
+	pxor	%xmm2,%xmm2
+	ret
+.globl	_aesni_decrypt
+.align	4
+_aesni_decrypt:
+L_aesni_decrypt_begin:
+	movl	4(%esp),%eax
+	movl	12(%esp),%edx
+	movups	(%eax),%xmm2
+	movl	240(%edx),%ecx
+	movl	8(%esp),%eax
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L001dec1_loop_2:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L001dec1_loop_2
+.byte	102,15,56,223,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%eax)
+	pxor	%xmm2,%xmm2
+	ret
+.align	4
+__aesni_encrypt2:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+	addl	$16,%ecx
+L002enc2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	L002enc2_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	ret
+.align	4
+__aesni_decrypt2:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+	addl	$16,%ecx
+L003dec2_loop:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	L003dec2_loop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+	ret
+.align	4
+__aesni_encrypt3:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+	addl	$16,%ecx
+L004enc3_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	L004enc3_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+	ret
+.align	4
+__aesni_decrypt3:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+	addl	$16,%ecx
+L005dec3_loop:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	L005dec3_loop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+	ret
+.align	4
+__aesni_encrypt4:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	shll	$4,%ecx
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+.byte	15,31,64,0
+	addl	$16,%ecx
+L006enc4_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	L006enc4_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+	ret
+.align	4
+__aesni_decrypt4:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	shll	$4,%ecx
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	movups	32(%edx),%xmm0
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+.byte	15,31,64,0
+	addl	$16,%ecx
+L007dec4_loop:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	L007dec4_loop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+	ret
+.align	4
+__aesni_encrypt6:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+.byte	102,15,56,220,209
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+.byte	102,15,56,220,217
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+.byte	102,15,56,220,225
+	pxor	%xmm0,%xmm7
+	movups	(%edx,%ecx,1),%xmm0
+	addl	$16,%ecx
+	jmp	L008_aesni_encrypt6_inner
+.align	4,0x90
+L009enc6_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+L008_aesni_encrypt6_inner:
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+L_aesni_encrypt6_enter:
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	L009enc6_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+.byte	102,15,56,221,240
+.byte	102,15,56,221,248
+	ret
+.align	4
+__aesni_decrypt6:
+	movups	(%edx),%xmm0
+	shll	$4,%ecx
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+.byte	102,15,56,222,209
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+.byte	102,15,56,222,217
+	leal	32(%edx,%ecx,1),%edx
+	negl	%ecx
+.byte	102,15,56,222,225
+	pxor	%xmm0,%xmm7
+	movups	(%edx,%ecx,1),%xmm0
+	addl	$16,%ecx
+	jmp	L010_aesni_decrypt6_inner
+.align	4,0x90
+L011dec6_loop:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+L010_aesni_decrypt6_inner:
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+L_aesni_decrypt6_enter:
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	L011dec6_loop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+.byte	102,15,56,223,240
+.byte	102,15,56,223,248
+	ret
+.globl	_aesni_ecb_encrypt
+.align	4
+_aesni_ecb_encrypt:
+L_aesni_ecb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebx
+	andl	$-16,%eax
+	jz	L012ecb_ret
+	movl	240(%edx),%ecx
+	testl	%ebx,%ebx
+	jz	L013ecb_decrypt
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+	cmpl	$96,%eax
+	jb	L014ecb_enc_tail
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+	subl	$96,%eax
+	jmp	L015ecb_enc_loop6_enter
+.align	4,0x90
+L016ecb_enc_loop6:
+	movups	%xmm2,(%edi)
+	movdqu	(%esi),%xmm2
+	movups	%xmm3,16(%edi)
+	movdqu	16(%esi),%xmm3
+	movups	%xmm4,32(%edi)
+	movdqu	32(%esi),%xmm4
+	movups	%xmm5,48(%edi)
+	movdqu	48(%esi),%xmm5
+	movups	%xmm6,64(%edi)
+	movdqu	64(%esi),%xmm6
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+L015ecb_enc_loop6_enter:
+	call	__aesni_encrypt6
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	subl	$96,%eax
+	jnc	L016ecb_enc_loop6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	addl	$96,%eax
+	jz	L012ecb_ret
+L014ecb_enc_tail:
+	movups	(%esi),%xmm2
+	cmpl	$32,%eax
+	jb	L017ecb_enc_one
+	movups	16(%esi),%xmm3
+	je	L018ecb_enc_two
+	movups	32(%esi),%xmm4
+	cmpl	$64,%eax
+	jb	L019ecb_enc_three
+	movups	48(%esi),%xmm5
+	je	L020ecb_enc_four
+	movups	64(%esi),%xmm6
+	xorps	%xmm7,%xmm7
+	call	__aesni_encrypt6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	jmp	L012ecb_ret
+.align	4,0x90
+L017ecb_enc_one:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L021enc1_loop_3:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L021enc1_loop_3
+.byte	102,15,56,221,209
+	movups	%xmm2,(%edi)
+	jmp	L012ecb_ret
+.align	4,0x90
+L018ecb_enc_two:
+	call	__aesni_encrypt2
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	jmp	L012ecb_ret
+.align	4,0x90
+L019ecb_enc_three:
+	call	__aesni_encrypt3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	jmp	L012ecb_ret
+.align	4,0x90
+L020ecb_enc_four:
+	call	__aesni_encrypt4
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	jmp	L012ecb_ret
+.align	4,0x90
+L013ecb_decrypt:
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+	cmpl	$96,%eax
+	jb	L022ecb_dec_tail
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+	subl	$96,%eax
+	jmp	L023ecb_dec_loop6_enter
+.align	4,0x90
+L024ecb_dec_loop6:
+	movups	%xmm2,(%edi)
+	movdqu	(%esi),%xmm2
+	movups	%xmm3,16(%edi)
+	movdqu	16(%esi),%xmm3
+	movups	%xmm4,32(%edi)
+	movdqu	32(%esi),%xmm4
+	movups	%xmm5,48(%edi)
+	movdqu	48(%esi),%xmm5
+	movups	%xmm6,64(%edi)
+	movdqu	64(%esi),%xmm6
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+L023ecb_dec_loop6_enter:
+	call	__aesni_decrypt6
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	subl	$96,%eax
+	jnc	L024ecb_dec_loop6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	addl	$96,%eax
+	jz	L012ecb_ret
+L022ecb_dec_tail:
+	movups	(%esi),%xmm2
+	cmpl	$32,%eax
+	jb	L025ecb_dec_one
+	movups	16(%esi),%xmm3
+	je	L026ecb_dec_two
+	movups	32(%esi),%xmm4
+	cmpl	$64,%eax
+	jb	L027ecb_dec_three
+	movups	48(%esi),%xmm5
+	je	L028ecb_dec_four
+	movups	64(%esi),%xmm6
+	xorps	%xmm7,%xmm7
+	call	__aesni_decrypt6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	jmp	L012ecb_ret
+.align	4,0x90
+L025ecb_dec_one:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L029dec1_loop_4:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L029dec1_loop_4
+.byte	102,15,56,223,209
+	movups	%xmm2,(%edi)
+	jmp	L012ecb_ret
+.align	4,0x90
+L026ecb_dec_two:
+	call	__aesni_decrypt2
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	jmp	L012ecb_ret
+.align	4,0x90
+L027ecb_dec_three:
+	call	__aesni_decrypt3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	jmp	L012ecb_ret
+.align	4,0x90
+L028ecb_dec_four:
+	call	__aesni_decrypt4
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+L012ecb_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_ccm64_encrypt_blocks
+.align	4
+_aesni_ccm64_encrypt_blocks:
+L_aesni_ccm64_encrypt_blocks_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebx
+	movl	40(%esp),%ecx
+	movl	%esp,%ebp
+	subl	$60,%esp
+	andl	$-16,%esp
+	movl	%ebp,48(%esp)
+	movdqu	(%ebx),%xmm7
+	movdqu	(%ecx),%xmm3
+	movl	240(%edx),%ecx
+	movl	$202182159,(%esp)
+	movl	$134810123,4(%esp)
+	movl	$67438087,8(%esp)
+	movl	$66051,12(%esp)
+	movl	$1,%ebx
+	xorl	%ebp,%ebp
+	movl	%ebx,16(%esp)
+	movl	%ebp,20(%esp)
+	movl	%ebp,24(%esp)
+	movl	%ebp,28(%esp)
+	shll	$4,%ecx
+	movl	$16,%ebx
+	leal	(%edx),%ebp
+	movdqa	(%esp),%xmm5
+	movdqa	%xmm7,%xmm2
+	leal	32(%edx,%ecx,1),%edx
+	subl	%ecx,%ebx
+.byte	102,15,56,0,253
+L030ccm64_enc_outer:
+	movups	(%ebp),%xmm0
+	movl	%ebx,%ecx
+	movups	(%esi),%xmm6
+	xorps	%xmm0,%xmm2
+	movups	16(%ebp),%xmm1
+	xorps	%xmm6,%xmm0
+	xorps	%xmm0,%xmm3
+	movups	32(%ebp),%xmm0
+L031ccm64_enc2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	L031ccm64_enc2_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	paddq	16(%esp),%xmm7
+	decl	%eax
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	leal	16(%esi),%esi
+	xorps	%xmm2,%xmm6
+	movdqa	%xmm7,%xmm2
+	movups	%xmm6,(%edi)
+.byte	102,15,56,0,213
+	leal	16(%edi),%edi
+	jnz	L030ccm64_enc_outer
+	movl	48(%esp),%esp
+	movl	40(%esp),%edi
+	movups	%xmm3,(%edi)
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_ccm64_decrypt_blocks
+.align	4
+_aesni_ccm64_decrypt_blocks:
+L_aesni_ccm64_decrypt_blocks_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebx
+	movl	40(%esp),%ecx
+	movl	%esp,%ebp
+	subl	$60,%esp
+	andl	$-16,%esp
+	movl	%ebp,48(%esp)
+	movdqu	(%ebx),%xmm7
+	movdqu	(%ecx),%xmm3
+	movl	240(%edx),%ecx
+	movl	$202182159,(%esp)
+	movl	$134810123,4(%esp)
+	movl	$67438087,8(%esp)
+	movl	$66051,12(%esp)
+	movl	$1,%ebx
+	xorl	%ebp,%ebp
+	movl	%ebx,16(%esp)
+	movl	%ebp,20(%esp)
+	movl	%ebp,24(%esp)
+	movl	%ebp,28(%esp)
+	movdqa	(%esp),%xmm5
+	movdqa	%xmm7,%xmm2
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+.byte	102,15,56,0,253
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L032enc1_loop_5:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L032enc1_loop_5
+.byte	102,15,56,221,209
+	shll	$4,%ebx
+	movl	$16,%ecx
+	movups	(%esi),%xmm6
+	paddq	16(%esp),%xmm7
+	leal	16(%esi),%esi
+	subl	%ebx,%ecx
+	leal	32(%ebp,%ebx,1),%edx
+	movl	%ecx,%ebx
+	jmp	L033ccm64_dec_outer
+.align	4,0x90
+L033ccm64_dec_outer:
+	xorps	%xmm2,%xmm6
+	movdqa	%xmm7,%xmm2
+	movups	%xmm6,(%edi)
+	leal	16(%edi),%edi
+.byte	102,15,56,0,213
+	subl	$1,%eax
+	jz	L034ccm64_dec_break
+	movups	(%ebp),%xmm0
+	movl	%ebx,%ecx
+	movups	16(%ebp),%xmm1
+	xorps	%xmm0,%xmm6
+	xorps	%xmm0,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	32(%ebp),%xmm0
+L035ccm64_dec2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%edx,%ecx,1),%xmm1
+	addl	$32,%ecx
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%edx,%ecx,1),%xmm0
+	jnz	L035ccm64_dec2_loop
+	movups	(%esi),%xmm6
+	paddq	16(%esp),%xmm7
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	leal	16(%esi),%esi
+	jmp	L033ccm64_dec_outer
+.align	4,0x90
+L034ccm64_dec_break:
+	movl	240(%ebp),%ecx
+	movl	%ebp,%edx
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm6
+	leal	32(%edx),%edx
+	xorps	%xmm6,%xmm3
+L036enc1_loop_6:
+.byte	102,15,56,220,217
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L036enc1_loop_6
+.byte	102,15,56,221,217
+	movl	48(%esp),%esp
+	movl	40(%esp),%edi
+	movups	%xmm3,(%edi)
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_ctr32_encrypt_blocks
+.align	4
+_aesni_ctr32_encrypt_blocks:
+L_aesni_ctr32_encrypt_blocks_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebx
+	movl	%esp,%ebp
+	subl	$88,%esp
+	andl	$-16,%esp
+	movl	%ebp,80(%esp)
+	cmpl	$1,%eax
+	je	L037ctr32_one_shortcut
+	movdqu	(%ebx),%xmm7
+	movl	$202182159,(%esp)
+	movl	$134810123,4(%esp)
+	movl	$67438087,8(%esp)
+	movl	$66051,12(%esp)
+	movl	$6,%ecx
+	xorl	%ebp,%ebp
+	movl	%ecx,16(%esp)
+	movl	%ecx,20(%esp)
+	movl	%ecx,24(%esp)
+	movl	%ebp,28(%esp)
+.byte	102,15,58,22,251,3
+.byte	102,15,58,34,253,3
+	movl	240(%edx),%ecx
+	bswap	%ebx
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movdqa	(%esp),%xmm2
+.byte	102,15,58,34,195,0
+	leal	3(%ebx),%ebp
+.byte	102,15,58,34,205,0
+	incl	%ebx
+.byte	102,15,58,34,195,1
+	incl	%ebp
+.byte	102,15,58,34,205,1
+	incl	%ebx
+.byte	102,15,58,34,195,2
+	incl	%ebp
+.byte	102,15,58,34,205,2
+	movdqa	%xmm0,48(%esp)
+.byte	102,15,56,0,194
+	movdqu	(%edx),%xmm6
+	movdqa	%xmm1,64(%esp)
+.byte	102,15,56,0,202
+	pshufd	$192,%xmm0,%xmm2
+	pshufd	$128,%xmm0,%xmm3
+	cmpl	$6,%eax
+	jb	L038ctr32_tail
+	pxor	%xmm6,%xmm7
+	shll	$4,%ecx
+	movl	$16,%ebx
+	movdqa	%xmm7,32(%esp)
+	movl	%edx,%ebp
+	subl	%ecx,%ebx
+	leal	32(%edx,%ecx,1),%edx
+	subl	$6,%eax
+	jmp	L039ctr32_loop6
+.align	4,0x90
+L039ctr32_loop6:
+	pshufd	$64,%xmm0,%xmm4
+	movdqa	32(%esp),%xmm0
+	pshufd	$192,%xmm1,%xmm5
+	pxor	%xmm0,%xmm2
+	pshufd	$128,%xmm1,%xmm6
+	pxor	%xmm0,%xmm3
+	pshufd	$64,%xmm1,%xmm7
+	movups	16(%ebp),%xmm1
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+.byte	102,15,56,220,209
+	pxor	%xmm0,%xmm6
+	pxor	%xmm0,%xmm7
+.byte	102,15,56,220,217
+	movups	32(%ebp),%xmm0
+	movl	%ebx,%ecx
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	call	L_aesni_encrypt6_enter
+	movups	(%esi),%xmm1
+	movups	16(%esi),%xmm0
+	xorps	%xmm1,%xmm2
+	movups	32(%esi),%xmm1
+	xorps	%xmm0,%xmm3
+	movups	%xmm2,(%edi)
+	movdqa	16(%esp),%xmm0
+	xorps	%xmm1,%xmm4
+	movdqa	64(%esp),%xmm1
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	paddd	%xmm0,%xmm1
+	paddd	48(%esp),%xmm0
+	movdqa	(%esp),%xmm2
+	movups	48(%esi),%xmm3
+	movups	64(%esi),%xmm4
+	xorps	%xmm3,%xmm5
+	movups	80(%esi),%xmm3
+	leal	96(%esi),%esi
+	movdqa	%xmm0,48(%esp)
+.byte	102,15,56,0,194
+	xorps	%xmm4,%xmm6
+	movups	%xmm5,48(%edi)
+	xorps	%xmm3,%xmm7
+	movdqa	%xmm1,64(%esp)
+.byte	102,15,56,0,202
+	movups	%xmm6,64(%edi)
+	pshufd	$192,%xmm0,%xmm2
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	pshufd	$128,%xmm0,%xmm3
+	subl	$6,%eax
+	jnc	L039ctr32_loop6
+	addl	$6,%eax
+	jz	L040ctr32_ret
+	movdqu	(%ebp),%xmm7
+	movl	%ebp,%edx
+	pxor	32(%esp),%xmm7
+	movl	240(%ebp),%ecx
+L038ctr32_tail:
+	por	%xmm7,%xmm2
+	cmpl	$2,%eax
+	jb	L041ctr32_one
+	pshufd	$64,%xmm0,%xmm4
+	por	%xmm7,%xmm3
+	je	L042ctr32_two
+	pshufd	$192,%xmm1,%xmm5
+	por	%xmm7,%xmm4
+	cmpl	$4,%eax
+	jb	L043ctr32_three
+	pshufd	$128,%xmm1,%xmm6
+	por	%xmm7,%xmm5
+	je	L044ctr32_four
+	por	%xmm7,%xmm6
+	call	__aesni_encrypt6
+	movups	(%esi),%xmm1
+	movups	16(%esi),%xmm0
+	xorps	%xmm1,%xmm2
+	movups	32(%esi),%xmm1
+	xorps	%xmm0,%xmm3
+	movups	48(%esi),%xmm0
+	xorps	%xmm1,%xmm4
+	movups	64(%esi),%xmm1
+	xorps	%xmm0,%xmm5
+	movups	%xmm2,(%edi)
+	xorps	%xmm1,%xmm6
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	jmp	L040ctr32_ret
+.align	4,0x90
+L037ctr32_one_shortcut:
+	movups	(%ebx),%xmm2
+	movl	240(%edx),%ecx
+L041ctr32_one:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L045enc1_loop_7:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L045enc1_loop_7
+.byte	102,15,56,221,209
+	movups	(%esi),%xmm6
+	xorps	%xmm2,%xmm6
+	movups	%xmm6,(%edi)
+	jmp	L040ctr32_ret
+.align	4,0x90
+L042ctr32_two:
+	call	__aesni_encrypt2
+	movups	(%esi),%xmm5
+	movups	16(%esi),%xmm6
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	jmp	L040ctr32_ret
+.align	4,0x90
+L043ctr32_three:
+	call	__aesni_encrypt3
+	movups	(%esi),%xmm5
+	movups	16(%esi),%xmm6
+	xorps	%xmm5,%xmm2
+	movups	32(%esi),%xmm7
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	xorps	%xmm7,%xmm4
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	jmp	L040ctr32_ret
+.align	4,0x90
+L044ctr32_four:
+	call	__aesni_encrypt4
+	movups	(%esi),%xmm6
+	movups	16(%esi),%xmm7
+	movups	32(%esi),%xmm1
+	xorps	%xmm6,%xmm2
+	movups	48(%esi),%xmm0
+	xorps	%xmm7,%xmm3
+	movups	%xmm2,(%edi)
+	xorps	%xmm1,%xmm4
+	movups	%xmm3,16(%edi)
+	xorps	%xmm0,%xmm5
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+L040ctr32_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm0,32(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm0,48(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm0,64(%esp)
+	pxor	%xmm7,%xmm7
+	movl	80(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_xts_encrypt
+.align	4
+_aesni_xts_encrypt:
+L_aesni_xts_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	36(%esp),%edx
+	movl	40(%esp),%esi
+	movl	240(%edx),%ecx
+	movups	(%esi),%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L046enc1_loop_8:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L046enc1_loop_8
+.byte	102,15,56,221,209
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	%esp,%ebp
+	subl	$120,%esp
+	movl	240(%edx),%ecx
+	andl	$-16,%esp
+	movl	$135,96(%esp)
+	movl	$0,100(%esp)
+	movl	$1,104(%esp)
+	movl	$0,108(%esp)
+	movl	%eax,112(%esp)
+	movl	%ebp,116(%esp)
+	movdqa	%xmm2,%xmm1
+	pxor	%xmm0,%xmm0
+	movdqa	96(%esp),%xmm3
+	pcmpgtd	%xmm1,%xmm0
+	andl	$-16,%eax
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+	subl	$96,%eax
+	jc	L047xts_enc_short
+	shll	$4,%ecx
+	movl	$16,%ebx
+	subl	%ecx,%ebx
+	leal	32(%edx,%ecx,1),%edx
+	jmp	L048xts_enc_loop6
+.align	4,0x90
+L048xts_enc_loop6:
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,16(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,32(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,48(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm7
+	movdqa	%xmm1,64(%esp)
+	paddq	%xmm1,%xmm1
+	movups	(%ebp),%xmm0
+	pand	%xmm3,%xmm7
+	movups	(%esi),%xmm2
+	pxor	%xmm1,%xmm7
+	movl	%ebx,%ecx
+	movdqu	16(%esi),%xmm3
+	xorps	%xmm0,%xmm2
+	movdqu	32(%esi),%xmm4
+	pxor	%xmm0,%xmm3
+	movdqu	48(%esi),%xmm5
+	pxor	%xmm0,%xmm4
+	movdqu	64(%esi),%xmm6
+	pxor	%xmm0,%xmm5
+	movdqu	80(%esi),%xmm1
+	pxor	%xmm0,%xmm6
+	leal	96(%esi),%esi
+	pxor	(%esp),%xmm2
+	movdqa	%xmm7,80(%esp)
+	pxor	%xmm1,%xmm7
+	movups	16(%ebp),%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+.byte	102,15,56,220,209
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+.byte	102,15,56,220,217
+	pxor	%xmm0,%xmm7
+	movups	32(%ebp),%xmm0
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	call	L_aesni_encrypt6_enter
+	movdqa	80(%esp),%xmm1
+	pxor	%xmm0,%xmm0
+	xorps	(%esp),%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	xorps	16(%esp),%xmm3
+	movups	%xmm2,(%edi)
+	xorps	32(%esp),%xmm4
+	movups	%xmm3,16(%edi)
+	xorps	48(%esp),%xmm5
+	movups	%xmm4,32(%edi)
+	xorps	64(%esp),%xmm6
+	movups	%xmm5,48(%edi)
+	xorps	%xmm1,%xmm7
+	movups	%xmm6,64(%edi)
+	pshufd	$19,%xmm0,%xmm2
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	movdqa	96(%esp),%xmm3
+	pxor	%xmm0,%xmm0
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	subl	$96,%eax
+	jnc	L048xts_enc_loop6
+	movl	240(%ebp),%ecx
+	movl	%ebp,%edx
+	movl	%ecx,%ebx
+L047xts_enc_short:
+	addl	$96,%eax
+	jz	L049xts_enc_done6x
+	movdqa	%xmm1,%xmm5
+	cmpl	$32,%eax
+	jb	L050xts_enc_one
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	je	L051xts_enc_two
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,%xmm6
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	cmpl	$64,%eax
+	jb	L052xts_enc_three
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,%xmm7
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	movdqa	%xmm5,(%esp)
+	movdqa	%xmm6,16(%esp)
+	je	L053xts_enc_four
+	movdqa	%xmm7,32(%esp)
+	pshufd	$19,%xmm0,%xmm7
+	movdqa	%xmm1,48(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm7
+	pxor	%xmm1,%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	pxor	(%esp),%xmm2
+	movdqu	48(%esi),%xmm5
+	pxor	16(%esp),%xmm3
+	movdqu	64(%esi),%xmm6
+	pxor	32(%esp),%xmm4
+	leal	80(%esi),%esi
+	pxor	48(%esp),%xmm5
+	movdqa	%xmm7,64(%esp)
+	pxor	%xmm7,%xmm6
+	call	__aesni_encrypt6
+	movaps	64(%esp),%xmm1
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	32(%esp),%xmm4
+	movups	%xmm2,(%edi)
+	xorps	48(%esp),%xmm5
+	movups	%xmm3,16(%edi)
+	xorps	%xmm1,%xmm6
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	leal	80(%edi),%edi
+	jmp	L054xts_enc_done
+.align	4,0x90
+L050xts_enc_one:
+	movups	(%esi),%xmm2
+	leal	16(%esi),%esi
+	xorps	%xmm5,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L055enc1_loop_9:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L055enc1_loop_9
+.byte	102,15,56,221,209
+	xorps	%xmm5,%xmm2
+	movups	%xmm2,(%edi)
+	leal	16(%edi),%edi
+	movdqa	%xmm5,%xmm1
+	jmp	L054xts_enc_done
+.align	4,0x90
+L051xts_enc_two:
+	movaps	%xmm1,%xmm6
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	leal	32(%esi),%esi
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	call	__aesni_encrypt2
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	leal	32(%edi),%edi
+	movdqa	%xmm6,%xmm1
+	jmp	L054xts_enc_done
+.align	4,0x90
+L052xts_enc_three:
+	movaps	%xmm1,%xmm7
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	movups	32(%esi),%xmm4
+	leal	48(%esi),%esi
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	call	__aesni_encrypt3
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	leal	48(%edi),%edi
+	movdqa	%xmm7,%xmm1
+	jmp	L054xts_enc_done
+.align	4,0x90
+L053xts_enc_four:
+	movaps	%xmm1,%xmm6
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	movups	32(%esi),%xmm4
+	xorps	(%esp),%xmm2
+	movups	48(%esi),%xmm5
+	leal	64(%esi),%esi
+	xorps	16(%esp),%xmm3
+	xorps	%xmm7,%xmm4
+	xorps	%xmm6,%xmm5
+	call	__aesni_encrypt4
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi)
+	xorps	%xmm6,%xmm5
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	leal	64(%edi),%edi
+	movdqa	%xmm6,%xmm1
+	jmp	L054xts_enc_done
+.align	4,0x90
+L049xts_enc_done6x:
+	movl	112(%esp),%eax
+	andl	$15,%eax
+	jz	L056xts_enc_ret
+	movdqa	%xmm1,%xmm5
+	movl	%eax,112(%esp)
+	jmp	L057xts_enc_steal
+.align	4,0x90
+L054xts_enc_done:
+	movl	112(%esp),%eax
+	pxor	%xmm0,%xmm0
+	andl	$15,%eax
+	jz	L056xts_enc_ret
+	pcmpgtd	%xmm1,%xmm0
+	movl	%eax,112(%esp)
+	pshufd	$19,%xmm0,%xmm5
+	paddq	%xmm1,%xmm1
+	pand	96(%esp),%xmm5
+	pxor	%xmm1,%xmm5
+L057xts_enc_steal:
+	movzbl	(%esi),%ecx
+	movzbl	-16(%edi),%edx
+	leal	1(%esi),%esi
+	movb	%cl,-16(%edi)
+	movb	%dl,(%edi)
+	leal	1(%edi),%edi
+	subl	$1,%eax
+	jnz	L057xts_enc_steal
+	subl	112(%esp),%edi
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	movups	-16(%edi),%xmm2
+	xorps	%xmm5,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L058enc1_loop_10:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L058enc1_loop_10
+.byte	102,15,56,221,209
+	xorps	%xmm5,%xmm2
+	movups	%xmm2,-16(%edi)
+L056xts_enc_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	movdqa	%xmm0,(%esp)
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm0,16(%esp)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm0,32(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm0,48(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm0,64(%esp)
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm0,80(%esp)
+	movl	116(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_xts_decrypt
+.align	4
+_aesni_xts_decrypt:
+L_aesni_xts_decrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	36(%esp),%edx
+	movl	40(%esp),%esi
+	movl	240(%edx),%ecx
+	movups	(%esi),%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L059enc1_loop_11:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L059enc1_loop_11
+.byte	102,15,56,221,209
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movl	%esp,%ebp
+	subl	$120,%esp
+	andl	$-16,%esp
+	xorl	%ebx,%ebx
+	testl	$15,%eax
+	setnz	%bl
+	shll	$4,%ebx
+	subl	%ebx,%eax
+	movl	$135,96(%esp)
+	movl	$0,100(%esp)
+	movl	$1,104(%esp)
+	movl	$0,108(%esp)
+	movl	%eax,112(%esp)
+	movl	%ebp,116(%esp)
+	movl	240(%edx),%ecx
+	movl	%edx,%ebp
+	movl	%ecx,%ebx
+	movdqa	%xmm2,%xmm1
+	pxor	%xmm0,%xmm0
+	movdqa	96(%esp),%xmm3
+	pcmpgtd	%xmm1,%xmm0
+	andl	$-16,%eax
+	subl	$96,%eax
+	jc	L060xts_dec_short
+	shll	$4,%ecx
+	movl	$16,%ebx
+	subl	%ecx,%ebx
+	leal	32(%edx,%ecx,1),%edx
+	jmp	L061xts_dec_loop6
+.align	4,0x90
+L061xts_dec_loop6:
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,16(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,32(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,48(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	pshufd	$19,%xmm0,%xmm7
+	movdqa	%xmm1,64(%esp)
+	paddq	%xmm1,%xmm1
+	movups	(%ebp),%xmm0
+	pand	%xmm3,%xmm7
+	movups	(%esi),%xmm2
+	pxor	%xmm1,%xmm7
+	movl	%ebx,%ecx
+	movdqu	16(%esi),%xmm3
+	xorps	%xmm0,%xmm2
+	movdqu	32(%esi),%xmm4
+	pxor	%xmm0,%xmm3
+	movdqu	48(%esi),%xmm5
+	pxor	%xmm0,%xmm4
+	movdqu	64(%esi),%xmm6
+	pxor	%xmm0,%xmm5
+	movdqu	80(%esi),%xmm1
+	pxor	%xmm0,%xmm6
+	leal	96(%esi),%esi
+	pxor	(%esp),%xmm2
+	movdqa	%xmm7,80(%esp)
+	pxor	%xmm1,%xmm7
+	movups	16(%ebp),%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+.byte	102,15,56,222,209
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+.byte	102,15,56,222,217
+	pxor	%xmm0,%xmm7
+	movups	32(%ebp),%xmm0
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	call	L_aesni_decrypt6_enter
+	movdqa	80(%esp),%xmm1
+	pxor	%xmm0,%xmm0
+	xorps	(%esp),%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	xorps	16(%esp),%xmm3
+	movups	%xmm2,(%edi)
+	xorps	32(%esp),%xmm4
+	movups	%xmm3,16(%edi)
+	xorps	48(%esp),%xmm5
+	movups	%xmm4,32(%edi)
+	xorps	64(%esp),%xmm6
+	movups	%xmm5,48(%edi)
+	xorps	%xmm1,%xmm7
+	movups	%xmm6,64(%edi)
+	pshufd	$19,%xmm0,%xmm2
+	movups	%xmm7,80(%edi)
+	leal	96(%edi),%edi
+	movdqa	96(%esp),%xmm3
+	pxor	%xmm0,%xmm0
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	subl	$96,%eax
+	jnc	L061xts_dec_loop6
+	movl	240(%ebp),%ecx
+	movl	%ebp,%edx
+	movl	%ecx,%ebx
+L060xts_dec_short:
+	addl	$96,%eax
+	jz	L062xts_dec_done6x
+	movdqa	%xmm1,%xmm5
+	cmpl	$32,%eax
+	jb	L063xts_dec_one
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	je	L064xts_dec_two
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,%xmm6
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	cmpl	$64,%eax
+	jb	L065xts_dec_three
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	%xmm1,%xmm7
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+	movdqa	%xmm5,(%esp)
+	movdqa	%xmm6,16(%esp)
+	je	L066xts_dec_four
+	movdqa	%xmm7,32(%esp)
+	pshufd	$19,%xmm0,%xmm7
+	movdqa	%xmm1,48(%esp)
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm7
+	pxor	%xmm1,%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	pxor	(%esp),%xmm2
+	movdqu	48(%esi),%xmm5
+	pxor	16(%esp),%xmm3
+	movdqu	64(%esi),%xmm6
+	pxor	32(%esp),%xmm4
+	leal	80(%esi),%esi
+	pxor	48(%esp),%xmm5
+	movdqa	%xmm7,64(%esp)
+	pxor	%xmm7,%xmm6
+	call	__aesni_decrypt6
+	movaps	64(%esp),%xmm1
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	32(%esp),%xmm4
+	movups	%xmm2,(%edi)
+	xorps	48(%esp),%xmm5
+	movups	%xmm3,16(%edi)
+	xorps	%xmm1,%xmm6
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	movups	%xmm6,64(%edi)
+	leal	80(%edi),%edi
+	jmp	L067xts_dec_done
+.align	4,0x90
+L063xts_dec_one:
+	movups	(%esi),%xmm2
+	leal	16(%esi),%esi
+	xorps	%xmm5,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L068dec1_loop_12:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L068dec1_loop_12
+.byte	102,15,56,223,209
+	xorps	%xmm5,%xmm2
+	movups	%xmm2,(%edi)
+	leal	16(%edi),%edi
+	movdqa	%xmm5,%xmm1
+	jmp	L067xts_dec_done
+.align	4,0x90
+L064xts_dec_two:
+	movaps	%xmm1,%xmm6
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	leal	32(%esi),%esi
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	call	__aesni_decrypt2
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	leal	32(%edi),%edi
+	movdqa	%xmm6,%xmm1
+	jmp	L067xts_dec_done
+.align	4,0x90
+L065xts_dec_three:
+	movaps	%xmm1,%xmm7
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	movups	32(%esi),%xmm4
+	leal	48(%esi),%esi
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	call	__aesni_decrypt3
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	leal	48(%edi),%edi
+	movdqa	%xmm7,%xmm1
+	jmp	L067xts_dec_done
+.align	4,0x90
+L066xts_dec_four:
+	movaps	%xmm1,%xmm6
+	movups	(%esi),%xmm2
+	movups	16(%esi),%xmm3
+	movups	32(%esi),%xmm4
+	xorps	(%esp),%xmm2
+	movups	48(%esi),%xmm5
+	leal	64(%esi),%esi
+	xorps	16(%esp),%xmm3
+	xorps	%xmm7,%xmm4
+	xorps	%xmm6,%xmm5
+	call	__aesni_decrypt4
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi)
+	xorps	%xmm6,%xmm5
+	movups	%xmm3,16(%edi)
+	movups	%xmm4,32(%edi)
+	movups	%xmm5,48(%edi)
+	leal	64(%edi),%edi
+	movdqa	%xmm6,%xmm1
+	jmp	L067xts_dec_done
+.align	4,0x90
+L062xts_dec_done6x:
+	movl	112(%esp),%eax
+	andl	$15,%eax
+	jz	L069xts_dec_ret
+	movl	%eax,112(%esp)
+	jmp	L070xts_dec_only_one_more
+.align	4,0x90
+L067xts_dec_done:
+	movl	112(%esp),%eax
+	pxor	%xmm0,%xmm0
+	andl	$15,%eax
+	jz	L069xts_dec_ret
+	pcmpgtd	%xmm1,%xmm0
+	movl	%eax,112(%esp)
+	pshufd	$19,%xmm0,%xmm2
+	pxor	%xmm0,%xmm0
+	movdqa	96(%esp),%xmm3
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm2
+	pcmpgtd	%xmm1,%xmm0
+	pxor	%xmm2,%xmm1
+L070xts_dec_only_one_more:
+	pshufd	$19,%xmm0,%xmm5
+	movdqa	%xmm1,%xmm6
+	paddq	%xmm1,%xmm1
+	pand	%xmm3,%xmm5
+	pxor	%xmm1,%xmm5
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	movups	(%esi),%xmm2
+	xorps	%xmm5,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L071dec1_loop_13:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L071dec1_loop_13
+.byte	102,15,56,223,209
+	xorps	%xmm5,%xmm2
+	movups	%xmm2,(%edi)
+L072xts_dec_steal:
+	movzbl	16(%esi),%ecx
+	movzbl	(%edi),%edx
+	leal	1(%esi),%esi
+	movb	%cl,(%edi)
+	movb	%dl,16(%edi)
+	leal	1(%edi),%edi
+	subl	$1,%eax
+	jnz	L072xts_dec_steal
+	subl	112(%esp),%edi
+	movl	%ebp,%edx
+	movl	%ebx,%ecx
+	movups	(%edi),%xmm2
+	xorps	%xmm6,%xmm2
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L073dec1_loop_14:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L073dec1_loop_14
+.byte	102,15,56,223,209
+	xorps	%xmm6,%xmm2
+	movups	%xmm2,(%edi)
+L069xts_dec_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	movdqa	%xmm0,(%esp)
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm0,16(%esp)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm0,32(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm0,48(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm0,64(%esp)
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm0,80(%esp)
+	movl	116(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_ocb_encrypt
+.align	4
+_aesni_ocb_encrypt:
+L_aesni_ocb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	40(%esp),%ecx
+	movl	48(%esp),%ebx
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movdqu	(%ecx),%xmm0
+	movl	36(%esp),%ebp
+	movdqu	(%ebx),%xmm1
+	movl	44(%esp),%ebx
+	movl	%esp,%ecx
+	subl	$132,%esp
+	andl	$-16,%esp
+	subl	%esi,%edi
+	shll	$4,%eax
+	leal	-96(%esi,%eax,1),%eax
+	movl	%edi,120(%esp)
+	movl	%eax,124(%esp)
+	movl	%ecx,128(%esp)
+	movl	240(%edx),%ecx
+	testl	$1,%ebp
+	jnz	L074odd
+	bsfl	%ebp,%eax
+	addl	$1,%ebp
+	shll	$4,%eax
+	movdqu	(%ebx,%eax,1),%xmm7
+	movl	%edx,%eax
+	movdqu	(%esi),%xmm2
+	leal	16(%esi),%esi
+	pxor	%xmm0,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm7,%xmm2
+	movdqa	%xmm1,%xmm6
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L075enc1_loop_15:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L075enc1_loop_15
+.byte	102,15,56,221,209
+	xorps	%xmm7,%xmm2
+	movdqa	%xmm7,%xmm0
+	movdqa	%xmm6,%xmm1
+	movups	%xmm2,-16(%edi,%esi,1)
+	movl	240(%eax),%ecx
+	movl	%eax,%edx
+	movl	124(%esp),%eax
+L074odd:
+	shll	$4,%ecx
+	movl	$16,%edi
+	subl	%ecx,%edi
+	movl	%edx,112(%esp)
+	leal	32(%edx,%ecx,1),%edx
+	movl	%edi,116(%esp)
+	cmpl	%eax,%esi
+	ja	L076short
+	jmp	L077grandloop
+.align	5,0x90
+L077grandloop:
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	leal	5(%ebp),%edi
+	addl	$6,%ebp
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	bsfl	%edi,%edi
+	shll	$4,%ecx
+	shll	$4,%eax
+	shll	$4,%edi
+	movdqu	(%ebx),%xmm2
+	movdqu	(%ebx,%ecx,1),%xmm3
+	movl	116(%esp),%ecx
+	movdqa	%xmm2,%xmm4
+	movdqu	(%ebx,%eax,1),%xmm5
+	movdqa	%xmm2,%xmm6
+	movdqu	(%ebx,%edi,1),%xmm7
+	pxor	%xmm0,%xmm2
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm3,16(%esp)
+	pxor	%xmm4,%xmm5
+	movdqa	%xmm4,32(%esp)
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm5,48(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm6,64(%esp)
+	movdqa	%xmm7,80(%esp)
+	movups	-48(%edx,%ecx,1),%xmm0
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+	pxor	%xmm2,%xmm1
+	pxor	%xmm0,%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	%xmm0,%xmm3
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	pxor	%xmm5,%xmm1
+	pxor	%xmm0,%xmm5
+	pxor	%xmm6,%xmm1
+	pxor	%xmm0,%xmm6
+	pxor	%xmm7,%xmm1
+	pxor	%xmm0,%xmm7
+	movdqa	%xmm1,96(%esp)
+	movups	-32(%edx,%ecx,1),%xmm1
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	pxor	80(%esp),%xmm7
+	movups	-16(%edx,%ecx,1),%xmm0
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movl	120(%esp),%edi
+	movl	124(%esp),%eax
+	call	L_aesni_encrypt6_enter
+	movdqa	80(%esp),%xmm0
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	pxor	%xmm0,%xmm7
+	movdqa	96(%esp),%xmm1
+	movdqu	%xmm2,-96(%edi,%esi,1)
+	movdqu	%xmm3,-80(%edi,%esi,1)
+	movdqu	%xmm4,-64(%edi,%esi,1)
+	movdqu	%xmm5,-48(%edi,%esi,1)
+	movdqu	%xmm6,-32(%edi,%esi,1)
+	movdqu	%xmm7,-16(%edi,%esi,1)
+	cmpl	%eax,%esi
+	jb	L077grandloop
+L076short:
+	addl	$96,%eax
+	subl	%esi,%eax
+	jz	L078done
+	cmpl	$32,%eax
+	jb	L079one
+	je	L080two
+	cmpl	$64,%eax
+	jb	L081three
+	je	L082four
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	shll	$4,%ecx
+	shll	$4,%eax
+	movdqu	(%ebx),%xmm2
+	movdqu	(%ebx,%ecx,1),%xmm3
+	movl	116(%esp),%ecx
+	movdqa	%xmm2,%xmm4
+	movdqu	(%ebx,%eax,1),%xmm5
+	movdqa	%xmm2,%xmm6
+	pxor	%xmm0,%xmm2
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm3,16(%esp)
+	pxor	%xmm4,%xmm5
+	movdqa	%xmm4,32(%esp)
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm5,48(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm6,64(%esp)
+	movups	-48(%edx,%ecx,1),%xmm0
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	pxor	%xmm7,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm0,%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	%xmm0,%xmm3
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	pxor	%xmm5,%xmm1
+	pxor	%xmm0,%xmm5
+	pxor	%xmm6,%xmm1
+	pxor	%xmm0,%xmm6
+	movdqa	%xmm1,96(%esp)
+	movups	-32(%edx,%ecx,1),%xmm1
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	movups	-16(%edx,%ecx,1),%xmm0
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movl	120(%esp),%edi
+	call	L_aesni_encrypt6_enter
+	movdqa	64(%esp),%xmm0
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	%xmm0,%xmm6
+	movdqa	96(%esp),%xmm1
+	movdqu	%xmm2,(%edi,%esi,1)
+	movdqu	%xmm3,16(%edi,%esi,1)
+	movdqu	%xmm4,32(%edi,%esi,1)
+	movdqu	%xmm5,48(%edi,%esi,1)
+	movdqu	%xmm6,64(%edi,%esi,1)
+	jmp	L078done
+.align	4,0x90
+L079one:
+	movdqu	(%ebx),%xmm7
+	movl	112(%esp),%edx
+	movdqu	(%esi),%xmm2
+	movl	240(%edx),%ecx
+	pxor	%xmm0,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm7,%xmm2
+	movdqa	%xmm1,%xmm6
+	movl	120(%esp),%edi
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L083enc1_loop_16:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L083enc1_loop_16
+.byte	102,15,56,221,209
+	xorps	%xmm7,%xmm2
+	movdqa	%xmm7,%xmm0
+	movdqa	%xmm6,%xmm1
+	movups	%xmm2,(%edi,%esi,1)
+	jmp	L078done
+.align	4,0x90
+L080two:
+	leal	1(%ebp),%ecx
+	movl	112(%esp),%edx
+	bsfl	%ecx,%ecx
+	shll	$4,%ecx
+	movdqu	(%ebx),%xmm6
+	movdqu	(%ebx,%ecx,1),%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movl	240(%edx),%ecx
+	pxor	%xmm0,%xmm6
+	pxor	%xmm6,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm6,%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	%xmm7,%xmm3
+	movdqa	%xmm1,%xmm5
+	movl	120(%esp),%edi
+	call	__aesni_encrypt2
+	xorps	%xmm6,%xmm2
+	xorps	%xmm7,%xmm3
+	movdqa	%xmm7,%xmm0
+	movdqa	%xmm5,%xmm1
+	movups	%xmm2,(%edi,%esi,1)
+	movups	%xmm3,16(%edi,%esi,1)
+	jmp	L078done
+.align	4,0x90
+L081three:
+	leal	1(%ebp),%ecx
+	movl	112(%esp),%edx
+	bsfl	%ecx,%ecx
+	shll	$4,%ecx
+	movdqu	(%ebx),%xmm5
+	movdqu	(%ebx,%ecx,1),%xmm6
+	movdqa	%xmm5,%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movl	240(%edx),%ecx
+	pxor	%xmm0,%xmm5
+	pxor	%xmm5,%xmm6
+	pxor	%xmm6,%xmm7
+	pxor	%xmm2,%xmm1
+	pxor	%xmm5,%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	%xmm6,%xmm3
+	pxor	%xmm4,%xmm1
+	pxor	%xmm7,%xmm4
+	movdqa	%xmm1,96(%esp)
+	movl	120(%esp),%edi
+	call	__aesni_encrypt3
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	movdqa	%xmm7,%xmm0
+	movdqa	96(%esp),%xmm1
+	movups	%xmm2,(%edi,%esi,1)
+	movups	%xmm3,16(%edi,%esi,1)
+	movups	%xmm4,32(%edi,%esi,1)
+	jmp	L078done
+.align	4,0x90
+L082four:
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	movl	112(%esp),%edx
+	shll	$4,%ecx
+	shll	$4,%eax
+	movdqu	(%ebx),%xmm4
+	movdqu	(%ebx,%ecx,1),%xmm5
+	movdqa	%xmm4,%xmm6
+	movdqu	(%ebx,%eax,1),%xmm7
+	pxor	%xmm0,%xmm4
+	movdqu	(%esi),%xmm2
+	pxor	%xmm4,%xmm5
+	movdqu	16(%esi),%xmm3
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm4,(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm5,16(%esp)
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movl	240(%edx),%ecx
+	pxor	%xmm2,%xmm1
+	pxor	(%esp),%xmm2
+	pxor	%xmm3,%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	%xmm4,%xmm1
+	pxor	%xmm6,%xmm4
+	pxor	%xmm5,%xmm1
+	pxor	%xmm7,%xmm5
+	movdqa	%xmm1,96(%esp)
+	movl	120(%esp),%edi
+	call	__aesni_encrypt4
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	%xmm6,%xmm4
+	movups	%xmm2,(%edi,%esi,1)
+	xorps	%xmm7,%xmm5
+	movups	%xmm3,16(%edi,%esi,1)
+	movdqa	%xmm7,%xmm0
+	movups	%xmm4,32(%edi,%esi,1)
+	movdqa	96(%esp),%xmm1
+	movups	%xmm5,48(%edi,%esi,1)
+L078done:
+	movl	128(%esp),%edx
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm2,16(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm2,32(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm2,48(%esp)
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm2,64(%esp)
+	movdqa	%xmm2,80(%esp)
+	movdqa	%xmm2,96(%esp)
+	leal	(%edx),%esp
+	movl	40(%esp),%ecx
+	movl	48(%esp),%ebx
+	movdqu	%xmm0,(%ecx)
+	pxor	%xmm0,%xmm0
+	movdqu	%xmm1,(%ebx)
+	pxor	%xmm1,%xmm1
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_ocb_decrypt
+.align	4
+_aesni_ocb_decrypt:
+L_aesni_ocb_decrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	40(%esp),%ecx
+	movl	48(%esp),%ebx
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	32(%esp),%edx
+	movdqu	(%ecx),%xmm0
+	movl	36(%esp),%ebp
+	movdqu	(%ebx),%xmm1
+	movl	44(%esp),%ebx
+	movl	%esp,%ecx
+	subl	$132,%esp
+	andl	$-16,%esp
+	subl	%esi,%edi
+	shll	$4,%eax
+	leal	-96(%esi,%eax,1),%eax
+	movl	%edi,120(%esp)
+	movl	%eax,124(%esp)
+	movl	%ecx,128(%esp)
+	movl	240(%edx),%ecx
+	testl	$1,%ebp
+	jnz	L084odd
+	bsfl	%ebp,%eax
+	addl	$1,%ebp
+	shll	$4,%eax
+	movdqu	(%ebx,%eax,1),%xmm7
+	movl	%edx,%eax
+	movdqu	(%esi),%xmm2
+	leal	16(%esi),%esi
+	pxor	%xmm0,%xmm7
+	pxor	%xmm7,%xmm2
+	movdqa	%xmm1,%xmm6
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L085dec1_loop_17:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L085dec1_loop_17
+.byte	102,15,56,223,209
+	xorps	%xmm7,%xmm2
+	movaps	%xmm6,%xmm1
+	movdqa	%xmm7,%xmm0
+	xorps	%xmm2,%xmm1
+	movups	%xmm2,-16(%edi,%esi,1)
+	movl	240(%eax),%ecx
+	movl	%eax,%edx
+	movl	124(%esp),%eax
+L084odd:
+	shll	$4,%ecx
+	movl	$16,%edi
+	subl	%ecx,%edi
+	movl	%edx,112(%esp)
+	leal	32(%edx,%ecx,1),%edx
+	movl	%edi,116(%esp)
+	cmpl	%eax,%esi
+	ja	L086short
+	jmp	L087grandloop
+.align	5,0x90
+L087grandloop:
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	leal	5(%ebp),%edi
+	addl	$6,%ebp
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	bsfl	%edi,%edi
+	shll	$4,%ecx
+	shll	$4,%eax
+	shll	$4,%edi
+	movdqu	(%ebx),%xmm2
+	movdqu	(%ebx,%ecx,1),%xmm3
+	movl	116(%esp),%ecx
+	movdqa	%xmm2,%xmm4
+	movdqu	(%ebx,%eax,1),%xmm5
+	movdqa	%xmm2,%xmm6
+	movdqu	(%ebx,%edi,1),%xmm7
+	pxor	%xmm0,%xmm2
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm3,16(%esp)
+	pxor	%xmm4,%xmm5
+	movdqa	%xmm4,32(%esp)
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm5,48(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm6,64(%esp)
+	movdqa	%xmm7,80(%esp)
+	movups	-48(%edx,%ecx,1),%xmm0
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	leal	96(%esi),%esi
+	movdqa	%xmm1,96(%esp)
+	pxor	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	pxor	%xmm0,%xmm7
+	movups	-32(%edx,%ecx,1),%xmm1
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	pxor	80(%esp),%xmm7
+	movups	-16(%edx,%ecx,1),%xmm0
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movl	120(%esp),%edi
+	movl	124(%esp),%eax
+	call	L_aesni_decrypt6_enter
+	movdqa	80(%esp),%xmm0
+	pxor	(%esp),%xmm2
+	movdqa	96(%esp),%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	pxor	%xmm0,%xmm7
+	pxor	%xmm2,%xmm1
+	movdqu	%xmm2,-96(%edi,%esi,1)
+	pxor	%xmm3,%xmm1
+	movdqu	%xmm3,-80(%edi,%esi,1)
+	pxor	%xmm4,%xmm1
+	movdqu	%xmm4,-64(%edi,%esi,1)
+	pxor	%xmm5,%xmm1
+	movdqu	%xmm5,-48(%edi,%esi,1)
+	pxor	%xmm6,%xmm1
+	movdqu	%xmm6,-32(%edi,%esi,1)
+	pxor	%xmm7,%xmm1
+	movdqu	%xmm7,-16(%edi,%esi,1)
+	cmpl	%eax,%esi
+	jb	L087grandloop
+L086short:
+	addl	$96,%eax
+	subl	%esi,%eax
+	jz	L088done
+	cmpl	$32,%eax
+	jb	L089one
+	je	L090two
+	cmpl	$64,%eax
+	jb	L091three
+	je	L092four
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	shll	$4,%ecx
+	shll	$4,%eax
+	movdqu	(%ebx),%xmm2
+	movdqu	(%ebx,%ecx,1),%xmm3
+	movl	116(%esp),%ecx
+	movdqa	%xmm2,%xmm4
+	movdqu	(%ebx,%eax,1),%xmm5
+	movdqa	%xmm2,%xmm6
+	pxor	%xmm0,%xmm2
+	pxor	%xmm2,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm3,16(%esp)
+	pxor	%xmm4,%xmm5
+	movdqa	%xmm4,32(%esp)
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm5,48(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm6,64(%esp)
+	movups	-48(%edx,%ecx,1),%xmm0
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm1,96(%esp)
+	pxor	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	movups	-32(%edx,%ecx,1),%xmm1
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	64(%esp),%xmm6
+	movups	-16(%edx,%ecx,1),%xmm0
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movl	120(%esp),%edi
+	call	L_aesni_decrypt6_enter
+	movdqa	64(%esp),%xmm0
+	pxor	(%esp),%xmm2
+	movdqa	96(%esp),%xmm1
+	pxor	16(%esp),%xmm3
+	pxor	32(%esp),%xmm4
+	pxor	48(%esp),%xmm5
+	pxor	%xmm0,%xmm6
+	pxor	%xmm2,%xmm1
+	movdqu	%xmm2,(%edi,%esi,1)
+	pxor	%xmm3,%xmm1
+	movdqu	%xmm3,16(%edi,%esi,1)
+	pxor	%xmm4,%xmm1
+	movdqu	%xmm4,32(%edi,%esi,1)
+	pxor	%xmm5,%xmm1
+	movdqu	%xmm5,48(%edi,%esi,1)
+	pxor	%xmm6,%xmm1
+	movdqu	%xmm6,64(%edi,%esi,1)
+	jmp	L088done
+.align	4,0x90
+L089one:
+	movdqu	(%ebx),%xmm7
+	movl	112(%esp),%edx
+	movdqu	(%esi),%xmm2
+	movl	240(%edx),%ecx
+	pxor	%xmm0,%xmm7
+	pxor	%xmm7,%xmm2
+	movdqa	%xmm1,%xmm6
+	movl	120(%esp),%edi
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L093dec1_loop_18:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L093dec1_loop_18
+.byte	102,15,56,223,209
+	xorps	%xmm7,%xmm2
+	movaps	%xmm6,%xmm1
+	movdqa	%xmm7,%xmm0
+	xorps	%xmm2,%xmm1
+	movups	%xmm2,(%edi,%esi,1)
+	jmp	L088done
+.align	4,0x90
+L090two:
+	leal	1(%ebp),%ecx
+	movl	112(%esp),%edx
+	bsfl	%ecx,%ecx
+	shll	$4,%ecx
+	movdqu	(%ebx),%xmm6
+	movdqu	(%ebx,%ecx,1),%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movl	240(%edx),%ecx
+	movdqa	%xmm1,%xmm5
+	pxor	%xmm0,%xmm6
+	pxor	%xmm6,%xmm7
+	pxor	%xmm6,%xmm2
+	pxor	%xmm7,%xmm3
+	movl	120(%esp),%edi
+	call	__aesni_decrypt2
+	xorps	%xmm6,%xmm2
+	xorps	%xmm7,%xmm3
+	movdqa	%xmm7,%xmm0
+	xorps	%xmm2,%xmm5
+	movups	%xmm2,(%edi,%esi,1)
+	xorps	%xmm3,%xmm5
+	movups	%xmm3,16(%edi,%esi,1)
+	movaps	%xmm5,%xmm1
+	jmp	L088done
+.align	4,0x90
+L091three:
+	leal	1(%ebp),%ecx
+	movl	112(%esp),%edx
+	bsfl	%ecx,%ecx
+	shll	$4,%ecx
+	movdqu	(%ebx),%xmm5
+	movdqu	(%ebx,%ecx,1),%xmm6
+	movdqa	%xmm5,%xmm7
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movl	240(%edx),%ecx
+	movdqa	%xmm1,96(%esp)
+	pxor	%xmm0,%xmm5
+	pxor	%xmm5,%xmm6
+	pxor	%xmm6,%xmm7
+	pxor	%xmm5,%xmm2
+	pxor	%xmm6,%xmm3
+	pxor	%xmm7,%xmm4
+	movl	120(%esp),%edi
+	call	__aesni_decrypt3
+	movdqa	96(%esp),%xmm1
+	xorps	%xmm5,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm7,%xmm4
+	movups	%xmm2,(%edi,%esi,1)
+	pxor	%xmm2,%xmm1
+	movdqa	%xmm7,%xmm0
+	movups	%xmm3,16(%edi,%esi,1)
+	pxor	%xmm3,%xmm1
+	movups	%xmm4,32(%edi,%esi,1)
+	pxor	%xmm4,%xmm1
+	jmp	L088done
+.align	4,0x90
+L092four:
+	leal	1(%ebp),%ecx
+	leal	3(%ebp),%eax
+	bsfl	%ecx,%ecx
+	bsfl	%eax,%eax
+	movl	112(%esp),%edx
+	shll	$4,%ecx
+	shll	$4,%eax
+	movdqu	(%ebx),%xmm4
+	movdqu	(%ebx,%ecx,1),%xmm5
+	movdqa	%xmm4,%xmm6
+	movdqu	(%ebx,%eax,1),%xmm7
+	pxor	%xmm0,%xmm4
+	movdqu	(%esi),%xmm2
+	pxor	%xmm4,%xmm5
+	movdqu	16(%esi),%xmm3
+	pxor	%xmm5,%xmm6
+	movdqa	%xmm4,(%esp)
+	pxor	%xmm6,%xmm7
+	movdqa	%xmm5,16(%esp)
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movl	240(%edx),%ecx
+	movdqa	%xmm1,96(%esp)
+	pxor	(%esp),%xmm2
+	pxor	16(%esp),%xmm3
+	pxor	%xmm6,%xmm4
+	pxor	%xmm7,%xmm5
+	movl	120(%esp),%edi
+	call	__aesni_decrypt4
+	movdqa	96(%esp),%xmm1
+	xorps	(%esp),%xmm2
+	xorps	16(%esp),%xmm3
+	xorps	%xmm6,%xmm4
+	movups	%xmm2,(%edi,%esi,1)
+	pxor	%xmm2,%xmm1
+	xorps	%xmm7,%xmm5
+	movups	%xmm3,16(%edi,%esi,1)
+	pxor	%xmm3,%xmm1
+	movdqa	%xmm7,%xmm0
+	movups	%xmm4,32(%edi,%esi,1)
+	pxor	%xmm4,%xmm1
+	movups	%xmm5,48(%edi,%esi,1)
+	pxor	%xmm5,%xmm1
+L088done:
+	movl	128(%esp),%edx
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm2,(%esp)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm2,16(%esp)
+	pxor	%xmm5,%xmm5
+	movdqa	%xmm2,32(%esp)
+	pxor	%xmm6,%xmm6
+	movdqa	%xmm2,48(%esp)
+	pxor	%xmm7,%xmm7
+	movdqa	%xmm2,64(%esp)
+	movdqa	%xmm2,80(%esp)
+	movdqa	%xmm2,96(%esp)
+	leal	(%edx),%esp
+	movl	40(%esp),%ecx
+	movl	48(%esp),%ebx
+	movdqu	%xmm0,(%ecx)
+	pxor	%xmm0,%xmm0
+	movdqu	%xmm1,(%ebx)
+	pxor	%xmm1,%xmm1
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_cbc_encrypt
+.align	4
+_aesni_cbc_encrypt:
+L_aesni_cbc_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	%esp,%ebx
+	movl	24(%esp),%edi
+	subl	$24,%ebx
+	movl	28(%esp),%eax
+	andl	$-16,%ebx
+	movl	32(%esp),%edx
+	movl	36(%esp),%ebp
+	testl	%eax,%eax
+	jz	L094cbc_abort
+	cmpl	$0,40(%esp)
+	xchgl	%esp,%ebx
+	movups	(%ebp),%xmm7
+	movl	240(%edx),%ecx
+	movl	%edx,%ebp
+	movl	%ebx,16(%esp)
+	movl	%ecx,%ebx
+	je	L095cbc_decrypt
+	movaps	%xmm7,%xmm2
+	cmpl	$16,%eax
+	jb	L096cbc_enc_tail
+	subl	$16,%eax
+	jmp	L097cbc_enc_loop
+.align	4,0x90
+L097cbc_enc_loop:
+	movups	(%esi),%xmm7
+	leal	16(%esi),%esi
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	xorps	%xmm0,%xmm7
+	leal	32(%edx),%edx
+	xorps	%xmm7,%xmm2
+L098enc1_loop_19:
+.byte	102,15,56,220,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L098enc1_loop_19
+.byte	102,15,56,221,209
+	movl	%ebx,%ecx
+	movl	%ebp,%edx
+	movups	%xmm2,(%edi)
+	leal	16(%edi),%edi
+	subl	$16,%eax
+	jnc	L097cbc_enc_loop
+	addl	$16,%eax
+	jnz	L096cbc_enc_tail
+	movaps	%xmm2,%xmm7
+	pxor	%xmm2,%xmm2
+	jmp	L099cbc_ret
+L096cbc_enc_tail:
+	movl	%eax,%ecx
+.long	2767451785
+	movl	$16,%ecx
+	subl	%eax,%ecx
+	xorl	%eax,%eax
+.long	2868115081
+	leal	-16(%edi),%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+	movl	%ebp,%edx
+	jmp	L097cbc_enc_loop
+.align	4,0x90
+L095cbc_decrypt:
+	cmpl	$80,%eax
+	jbe	L100cbc_dec_tail
+	movaps	%xmm7,(%esp)
+	subl	$80,%eax
+	jmp	L101cbc_dec_loop6_enter
+.align	4,0x90
+L102cbc_dec_loop6:
+	movaps	%xmm0,(%esp)
+	movups	%xmm7,(%edi)
+	leal	16(%edi),%edi
+L101cbc_dec_loop6_enter:
+	movdqu	(%esi),%xmm2
+	movdqu	16(%esi),%xmm3
+	movdqu	32(%esi),%xmm4
+	movdqu	48(%esi),%xmm5
+	movdqu	64(%esi),%xmm6
+	movdqu	80(%esi),%xmm7
+	call	__aesni_decrypt6
+	movups	(%esi),%xmm1
+	movups	16(%esi),%xmm0
+	xorps	(%esp),%xmm2
+	xorps	%xmm1,%xmm3
+	movups	32(%esi),%xmm1
+	xorps	%xmm0,%xmm4
+	movups	48(%esi),%xmm0
+	xorps	%xmm1,%xmm5
+	movups	64(%esi),%xmm1
+	xorps	%xmm0,%xmm6
+	movups	80(%esi),%xmm0
+	xorps	%xmm1,%xmm7
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	leal	96(%esi),%esi
+	movups	%xmm4,32(%edi)
+	movl	%ebx,%ecx
+	movups	%xmm5,48(%edi)
+	movl	%ebp,%edx
+	movups	%xmm6,64(%edi)
+	leal	80(%edi),%edi
+	subl	$96,%eax
+	ja	L102cbc_dec_loop6
+	movaps	%xmm7,%xmm2
+	movaps	%xmm0,%xmm7
+	addl	$80,%eax
+	jle	L103cbc_dec_clear_tail_collected
+	movups	%xmm2,(%edi)
+	leal	16(%edi),%edi
+L100cbc_dec_tail:
+	movups	(%esi),%xmm2
+	movaps	%xmm2,%xmm6
+	cmpl	$16,%eax
+	jbe	L104cbc_dec_one
+	movups	16(%esi),%xmm3
+	movaps	%xmm3,%xmm5
+	cmpl	$32,%eax
+	jbe	L105cbc_dec_two
+	movups	32(%esi),%xmm4
+	cmpl	$48,%eax
+	jbe	L106cbc_dec_three
+	movups	48(%esi),%xmm5
+	cmpl	$64,%eax
+	jbe	L107cbc_dec_four
+	movups	64(%esi),%xmm6
+	movaps	%xmm7,(%esp)
+	movups	(%esi),%xmm2
+	xorps	%xmm7,%xmm7
+	call	__aesni_decrypt6
+	movups	(%esi),%xmm1
+	movups	16(%esi),%xmm0
+	xorps	(%esp),%xmm2
+	xorps	%xmm1,%xmm3
+	movups	32(%esi),%xmm1
+	xorps	%xmm0,%xmm4
+	movups	48(%esi),%xmm0
+	xorps	%xmm1,%xmm5
+	movups	64(%esi),%xmm7
+	xorps	%xmm0,%xmm6
+	movups	%xmm2,(%edi)
+	movups	%xmm3,16(%edi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%edi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%edi)
+	pxor	%xmm5,%xmm5
+	leal	64(%edi),%edi
+	movaps	%xmm6,%xmm2
+	pxor	%xmm6,%xmm6
+	subl	$80,%eax
+	jmp	L108cbc_dec_tail_collected
+.align	4,0x90
+L104cbc_dec_one:
+	movups	(%edx),%xmm0
+	movups	16(%edx),%xmm1
+	leal	32(%edx),%edx
+	xorps	%xmm0,%xmm2
+L109dec1_loop_20:
+.byte	102,15,56,222,209
+	decl	%ecx
+	movups	(%edx),%xmm1
+	leal	16(%edx),%edx
+	jnz	L109dec1_loop_20
+.byte	102,15,56,223,209
+	xorps	%xmm7,%xmm2
+	movaps	%xmm6,%xmm7
+	subl	$16,%eax
+	jmp	L108cbc_dec_tail_collected
+.align	4,0x90
+L105cbc_dec_two:
+	call	__aesni_decrypt2
+	xorps	%xmm7,%xmm2
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	movaps	%xmm3,%xmm2
+	pxor	%xmm3,%xmm3
+	leal	16(%edi),%edi
+	movaps	%xmm5,%xmm7
+	subl	$32,%eax
+	jmp	L108cbc_dec_tail_collected
+.align	4,0x90
+L106cbc_dec_three:
+	call	__aesni_decrypt3
+	xorps	%xmm7,%xmm2
+	xorps	%xmm6,%xmm3
+	xorps	%xmm5,%xmm4
+	movups	%xmm2,(%edi)
+	movaps	%xmm4,%xmm2
+	pxor	%xmm4,%xmm4
+	movups	%xmm3,16(%edi)
+	pxor	%xmm3,%xmm3
+	leal	32(%edi),%edi
+	movups	32(%esi),%xmm7
+	subl	$48,%eax
+	jmp	L108cbc_dec_tail_collected
+.align	4,0x90
+L107cbc_dec_four:
+	call	__aesni_decrypt4
+	movups	16(%esi),%xmm1
+	movups	32(%esi),%xmm0
+	xorps	%xmm7,%xmm2
+	movups	48(%esi),%xmm7
+	xorps	%xmm6,%xmm3
+	movups	%xmm2,(%edi)
+	xorps	%xmm1,%xmm4
+	movups	%xmm3,16(%edi)
+	pxor	%xmm3,%xmm3
+	xorps	%xmm0,%xmm5
+	movups	%xmm4,32(%edi)
+	pxor	%xmm4,%xmm4
+	leal	48(%edi),%edi
+	movaps	%xmm5,%xmm2
+	pxor	%xmm5,%xmm5
+	subl	$64,%eax
+	jmp	L108cbc_dec_tail_collected
+.align	4,0x90
+L103cbc_dec_clear_tail_collected:
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+L108cbc_dec_tail_collected:
+	andl	$15,%eax
+	jnz	L110cbc_dec_tail_partial
+	movups	%xmm2,(%edi)
+	pxor	%xmm0,%xmm0
+	jmp	L099cbc_ret
+.align	4,0x90
+L110cbc_dec_tail_partial:
+	movaps	%xmm2,(%esp)
+	pxor	%xmm0,%xmm0
+	movl	$16,%ecx
+	movl	%esp,%esi
+	subl	%eax,%ecx
+.long	2767451785
+	movdqa	%xmm2,(%esp)
+L099cbc_ret:
+	movl	16(%esp),%esp
+	movl	36(%esp),%ebp
+	pxor	%xmm2,%xmm2
+	pxor	%xmm1,%xmm1
+	movups	%xmm7,(%ebp)
+	pxor	%xmm7,%xmm7
+L094cbc_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	4
+__aesni_set_encrypt_key:
+	pushl	%ebp
+	pushl	%ebx
+	testl	%eax,%eax
+	jz	L111bad_pointer
+	testl	%edx,%edx
+	jz	L111bad_pointer
+	call	L112pic
+L112pic:
+	popl	%ebx
+	leal	Lkey_const-L112pic(%ebx),%ebx
+	movl	L_GNUTLS_x86_cpuid_s$non_lazy_ptr-Lkey_const(%ebx),%ebp
+	movups	(%eax),%xmm0
+	xorps	%xmm4,%xmm4
+	movl	4(%ebp),%ebp
+	leal	16(%edx),%edx
+	andl	$268437504,%ebp
+	cmpl	$256,%ecx
+	je	L11314rounds
+	cmpl	$192,%ecx
+	je	L11412rounds
+	cmpl	$128,%ecx
+	jne	L115bad_keybits
+.align	4,0x90
+L11610rounds:
+	cmpl	$268435456,%ebp
+	je	L11710rounds_alt
+	movl	$9,%ecx
+	movups	%xmm0,-16(%edx)
+.byte	102,15,58,223,200,1
+	call	L118key_128_cold
+.byte	102,15,58,223,200,2
+	call	L119key_128
+.byte	102,15,58,223,200,4
+	call	L119key_128
+.byte	102,15,58,223,200,8
+	call	L119key_128
+.byte	102,15,58,223,200,16
+	call	L119key_128
+.byte	102,15,58,223,200,32
+	call	L119key_128
+.byte	102,15,58,223,200,64
+	call	L119key_128
+.byte	102,15,58,223,200,128
+	call	L119key_128
+.byte	102,15,58,223,200,27
+	call	L119key_128
+.byte	102,15,58,223,200,54
+	call	L119key_128
+	movups	%xmm0,(%edx)
+	movl	%ecx,80(%edx)
+	jmp	L120good_key
+.align	4,0x90
+L119key_128:
+	movups	%xmm0,(%edx)
+	leal	16(%edx),%edx
+L118key_128_cold:
+	shufps	$16,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$255,%xmm1,%xmm1
+	xorps	%xmm1,%xmm0
+	ret
+.align	4,0x90
+L11710rounds_alt:
+	movdqa	(%ebx),%xmm5
+	movl	$8,%ecx
+	movdqa	32(%ebx),%xmm4
+	movdqa	%xmm0,%xmm2
+	movdqu	%xmm0,-16(%edx)
+L121loop_key128:
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	pslld	$1,%xmm4
+	leal	16(%edx),%edx
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,-16(%edx)
+	movdqa	%xmm0,%xmm2
+	decl	%ecx
+	jnz	L121loop_key128
+	movdqa	48(%ebx),%xmm4
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	pslld	$1,%xmm4
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,(%edx)
+	movdqa	%xmm0,%xmm2
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,16(%edx)
+	movl	$9,%ecx
+	movl	%ecx,96(%edx)
+	jmp	L120good_key
+.align	4,0x90
+L11412rounds:
+	movq	16(%eax),%xmm2
+	cmpl	$268435456,%ebp
+	je	L12212rounds_alt
+	movl	$11,%ecx
+	movups	%xmm0,-16(%edx)
+.byte	102,15,58,223,202,1
+	call	L123key_192a_cold
+.byte	102,15,58,223,202,2
+	call	L124key_192b
+.byte	102,15,58,223,202,4
+	call	L125key_192a
+.byte	102,15,58,223,202,8
+	call	L124key_192b
+.byte	102,15,58,223,202,16
+	call	L125key_192a
+.byte	102,15,58,223,202,32
+	call	L124key_192b
+.byte	102,15,58,223,202,64
+	call	L125key_192a
+.byte	102,15,58,223,202,128
+	call	L124key_192b
+	movups	%xmm0,(%edx)
+	movl	%ecx,48(%edx)
+	jmp	L120good_key
+.align	4,0x90
+L125key_192a:
+	movups	%xmm0,(%edx)
+	leal	16(%edx),%edx
+.align	4,0x90
+L123key_192a_cold:
+	movaps	%xmm2,%xmm5
+L126key_192b_warm:
+	shufps	$16,%xmm0,%xmm4
+	movdqa	%xmm2,%xmm3
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	pslldq	$4,%xmm3
+	xorps	%xmm4,%xmm0
+	pshufd	$85,%xmm1,%xmm1
+	pxor	%xmm3,%xmm2
+	pxor	%xmm1,%xmm0
+	pshufd	$255,%xmm0,%xmm3
+	pxor	%xmm3,%xmm2
+	ret
+.align	4,0x90
+L124key_192b:
+	movaps	%xmm0,%xmm3
+	shufps	$68,%xmm0,%xmm5
+	movups	%xmm5,(%edx)
+	shufps	$78,%xmm2,%xmm3
+	movups	%xmm3,16(%edx)
+	leal	32(%edx),%edx
+	jmp	L126key_192b_warm
+.align	4,0x90
+L12212rounds_alt:
+	movdqa	16(%ebx),%xmm5
+	movdqa	32(%ebx),%xmm4
+	movl	$8,%ecx
+	movdqu	%xmm0,-16(%edx)
+L127loop_key192:
+	movq	%xmm2,(%edx)
+	movdqa	%xmm2,%xmm1
+.byte	102,15,56,0,213
+.byte	102,15,56,221,212
+	pslld	$1,%xmm4
+	leal	24(%edx),%edx
+	movdqa	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm3,%xmm0
+	pshufd	$255,%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pxor	%xmm2,%xmm0
+	pxor	%xmm3,%xmm2
+	movdqu	%xmm0,-16(%edx)
+	decl	%ecx
+	jnz	L127loop_key192
+	movl	$11,%ecx
+	movl	%ecx,32(%edx)
+	jmp	L120good_key
+.align	4,0x90
+L11314rounds:
+	movups	16(%eax),%xmm2
+	leal	16(%edx),%edx
+	cmpl	$268435456,%ebp
+	je	L12814rounds_alt
+	movl	$13,%ecx
+	movups	%xmm0,-32(%edx)
+	movups	%xmm2,-16(%edx)
+.byte	102,15,58,223,202,1
+	call	L129key_256a_cold
+.byte	102,15,58,223,200,1
+	call	L130key_256b
+.byte	102,15,58,223,202,2
+	call	L131key_256a
+.byte	102,15,58,223,200,2
+	call	L130key_256b
+.byte	102,15,58,223,202,4
+	call	L131key_256a
+.byte	102,15,58,223,200,4
+	call	L130key_256b
+.byte	102,15,58,223,202,8
+	call	L131key_256a
+.byte	102,15,58,223,200,8
+	call	L130key_256b
+.byte	102,15,58,223,202,16
+	call	L131key_256a
+.byte	102,15,58,223,200,16
+	call	L130key_256b
+.byte	102,15,58,223,202,32
+	call	L131key_256a
+.byte	102,15,58,223,200,32
+	call	L130key_256b
+.byte	102,15,58,223,202,64
+	call	L131key_256a
+	movups	%xmm0,(%edx)
+	movl	%ecx,16(%edx)
+	xorl	%eax,%eax
+	jmp	L120good_key
+.align	4,0x90
+L131key_256a:
+	movups	%xmm2,(%edx)
+	leal	16(%edx),%edx
+L129key_256a_cold:
+	shufps	$16,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$255,%xmm1,%xmm1
+	xorps	%xmm1,%xmm0
+	ret
+.align	4,0x90
+L130key_256b:
+	movups	%xmm0,(%edx)
+	leal	16(%edx),%edx
+	shufps	$16,%xmm2,%xmm4
+	xorps	%xmm4,%xmm2
+	shufps	$140,%xmm2,%xmm4
+	xorps	%xmm4,%xmm2
+	shufps	$170,%xmm1,%xmm1
+	xorps	%xmm1,%xmm2
+	ret
+.align	4,0x90
+L12814rounds_alt:
+	movdqa	(%ebx),%xmm5
+	movdqa	32(%ebx),%xmm4
+	movl	$7,%ecx
+	movdqu	%xmm0,-32(%edx)
+	movdqa	%xmm2,%xmm1
+	movdqu	%xmm2,-16(%edx)
+L132loop_key256:
+.byte	102,15,56,0,213
+.byte	102,15,56,221,212
+	movdqa	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm3,%xmm0
+	pslld	$1,%xmm4
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,(%edx)
+	decl	%ecx
+	jz	L133done_key256
+	pshufd	$255,%xmm0,%xmm2
+	pxor	%xmm3,%xmm3
+.byte	102,15,56,221,211
+	movdqa	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm3,%xmm1
+	pxor	%xmm1,%xmm2
+	movdqu	%xmm2,16(%edx)
+	leal	32(%edx),%edx
+	movdqa	%xmm2,%xmm1
+	jmp	L132loop_key256
+L133done_key256:
+	movl	$13,%ecx
+	movl	%ecx,16(%edx)
+L120good_key:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	xorl	%eax,%eax
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	2,0x90
+L111bad_pointer:
+	movl	$-1,%eax
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	2,0x90
+L115bad_keybits:
+	pxor	%xmm0,%xmm0
+	movl	$-2,%eax
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_aesni_set_encrypt_key
+.align	4
+_aesni_set_encrypt_key:
+L_aesni_set_encrypt_key_begin:
+	movl	4(%esp),%eax
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	call	__aesni_set_encrypt_key
+	ret
+.globl	_aesni_set_decrypt_key
+.align	4
+_aesni_set_decrypt_key:
+L_aesni_set_decrypt_key_begin:
+	movl	4(%esp),%eax
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	call	__aesni_set_encrypt_key
+	movl	12(%esp),%edx
+	shll	$4,%ecx
+	testl	%eax,%eax
+	jnz	L134dec_key_ret
+	leal	16(%edx,%ecx,1),%eax
+	movups	(%edx),%xmm0
+	movups	(%eax),%xmm1
+	movups	%xmm0,(%eax)
+	movups	%xmm1,(%edx)
+	leal	16(%edx),%edx
+	leal	-16(%eax),%eax
+L135dec_key_inverse:
+	movups	(%edx),%xmm0
+	movups	(%eax),%xmm1
+.byte	102,15,56,219,192
+.byte	102,15,56,219,201
+	leal	16(%edx),%edx
+	leal	-16(%eax),%eax
+	movups	%xmm0,16(%eax)
+	movups	%xmm1,-16(%edx)
+	cmpl	%edx,%eax
+	ja	L135dec_key_inverse
+	movups	(%edx),%xmm0
+.byte	102,15,56,219,192
+	movups	%xmm0,(%edx)
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	xorl	%eax,%eax
+L134dec_key_ret:
+	ret
+.align	6,0x90
+Lkey_const:
+.long	202313229,202313229,202313229,202313229
+.long	67569157,67569157,67569157,67569157
+.long	1,1,1,1
+.long	27,27,27,27
+.byte	65,69,83,32,102,111,114,32,73,110,116,101,108,32,65,69
+.byte	83,45,78,73,44,32,67,82,89,80,84,79,71,65,77,83
+.byte	32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115
+.byte	115,108,46,111,114,103,62,0
+.section __IMPORT,__pointers,non_lazy_symbol_pointers
+L_GNUTLS_x86_cpuid_s$non_lazy_ptr:
+.indirect_symbol	_GNUTLS_x86_cpuid_s
+.long	0
+.comm	_GNUTLS_x86_cpuid_s,16,2
+
diff --git a/lib/accelerated/x86/macosx/aesni-x86_64.s b/lib/accelerated/x86/macosx/aesni-x86_64.s
new file mode 100644
index 0000000..afb7aea
--- /dev/null
+++ b/lib/accelerated/x86/macosx/aesni-x86_64.s
@@ -0,0 +1,4504 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+.globl	_aesni_encrypt
+
+.p2align	4
+_aesni_encrypt:
+
+	movups	(%rdi),%xmm2
+	movl	240(%rdx),%eax
+	movups	(%rdx),%xmm0
+	movups	16(%rdx),%xmm1
+	leaq	32(%rdx),%rdx
+	xorps	%xmm0,%xmm2
+L$oop_enc1_1:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rdx),%xmm1
+	leaq	16(%rdx),%rdx
+	jnz	L$oop_enc1_1
+.byte	102,15,56,221,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	.byte	0xf3,0xc3
+
+
+
+.globl	_aesni_decrypt
+
+.p2align	4
+_aesni_decrypt:
+
+	movups	(%rdi),%xmm2
+	movl	240(%rdx),%eax
+	movups	(%rdx),%xmm0
+	movups	16(%rdx),%xmm1
+	leaq	32(%rdx),%rdx
+	xorps	%xmm0,%xmm2
+L$oop_dec1_2:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rdx),%xmm1
+	leaq	16(%rdx),%rdx
+	jnz	L$oop_dec1_2
+.byte	102,15,56,223,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	.byte	0xf3,0xc3
+
+
+
+.p2align	4
+_aesni_encrypt2:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+	addq	$16,%rax
+
+L$enc_loop2:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$enc_loop2
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	.byte	0xf3,0xc3
+
+
+
+.p2align	4
+_aesni_decrypt2:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+	addq	$16,%rax
+
+L$dec_loop2:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$dec_loop2
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+	.byte	0xf3,0xc3
+
+
+
+.p2align	4
+_aesni_encrypt3:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	xorps	%xmm0,%xmm4
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+	addq	$16,%rax
+
+L$enc_loop3:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$enc_loop3
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+	.byte	0xf3,0xc3
+
+
+
+.p2align	4
+_aesni_decrypt3:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	xorps	%xmm0,%xmm4
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+	addq	$16,%rax
+
+L$dec_loop3:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$dec_loop3
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+	.byte	0xf3,0xc3
+
+
+
+.p2align	4
+_aesni_encrypt4:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	xorps	%xmm0,%xmm4
+	xorps	%xmm0,%xmm5
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	0x0f,0x1f,0x00
+	addq	$16,%rax
+
+L$enc_loop4:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$enc_loop4
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+	.byte	0xf3,0xc3
+
+
+
+.p2align	4
+_aesni_decrypt4:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	xorps	%xmm0,%xmm4
+	xorps	%xmm0,%xmm5
+	movups	32(%rcx),%xmm0
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	0x0f,0x1f,0x00
+	addq	$16,%rax
+
+L$dec_loop4:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$dec_loop4
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+	.byte	0xf3,0xc3
+
+
+
+.p2align	4
+_aesni_encrypt6:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+.byte	102,15,56,220,209
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,220,217
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+.byte	102,15,56,220,225
+	pxor	%xmm0,%xmm7
+	movups	(%rcx,%rax,1),%xmm0
+	addq	$16,%rax
+	jmp	L$enc_loop6_enter
+.p2align	4
+L$enc_loop6:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+L$enc_loop6_enter:
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$enc_loop6
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+.byte	102,15,56,221,240
+.byte	102,15,56,221,248
+	.byte	0xf3,0xc3
+
+
+
+.p2align	4
+_aesni_decrypt6:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	pxor	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+.byte	102,15,56,222,209
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,222,217
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+.byte	102,15,56,222,225
+	pxor	%xmm0,%xmm7
+	movups	(%rcx,%rax,1),%xmm0
+	addq	$16,%rax
+	jmp	L$dec_loop6_enter
+.p2align	4
+L$dec_loop6:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+L$dec_loop6_enter:
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$dec_loop6
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+.byte	102,15,56,223,240
+.byte	102,15,56,223,248
+	.byte	0xf3,0xc3
+
+
+
+.p2align	4
+_aesni_encrypt8:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,220,209
+	pxor	%xmm0,%xmm7
+	pxor	%xmm0,%xmm8
+.byte	102,15,56,220,217
+	pxor	%xmm0,%xmm9
+	movups	(%rcx,%rax,1),%xmm0
+	addq	$16,%rax
+	jmp	L$enc_loop8_inner
+.p2align	4
+L$enc_loop8:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+L$enc_loop8_inner:
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+L$enc_loop8_enter:
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$enc_loop8
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+.byte	102,15,56,221,224
+.byte	102,15,56,221,232
+.byte	102,15,56,221,240
+.byte	102,15,56,221,248
+.byte	102,68,15,56,221,192
+.byte	102,68,15,56,221,200
+	.byte	0xf3,0xc3
+
+
+
+.p2align	4
+_aesni_decrypt8:
+
+	movups	(%rcx),%xmm0
+	shll	$4,%eax
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm2
+	xorps	%xmm0,%xmm3
+	pxor	%xmm0,%xmm4
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	leaq	32(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,222,209
+	pxor	%xmm0,%xmm7
+	pxor	%xmm0,%xmm8
+.byte	102,15,56,222,217
+	pxor	%xmm0,%xmm9
+	movups	(%rcx,%rax,1),%xmm0
+	addq	$16,%rax
+	jmp	L$dec_loop8_inner
+.p2align	4
+L$dec_loop8:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+L$dec_loop8_inner:
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+L$dec_loop8_enter:
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$dec_loop8
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+.byte	102,15,56,223,208
+.byte	102,15,56,223,216
+.byte	102,15,56,223,224
+.byte	102,15,56,223,232
+.byte	102,15,56,223,240
+.byte	102,15,56,223,248
+.byte	102,68,15,56,223,192
+.byte	102,68,15,56,223,200
+	.byte	0xf3,0xc3
+
+
+.globl	_aesni_ecb_encrypt
+
+.p2align	4
+_aesni_ecb_encrypt:
+
+	andq	$-16,%rdx
+	jz	L$ecb_ret
+
+	movl	240(%rcx),%eax
+	movups	(%rcx),%xmm0
+	movq	%rcx,%r11
+	movl	%eax,%r10d
+	testl	%r8d,%r8d
+	jz	L$ecb_decrypt
+
+	cmpq	$0x80,%rdx
+	jb	L$ecb_enc_tail
+
+	movdqu	(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	movdqu	48(%rdi),%xmm5
+	movdqu	64(%rdi),%xmm6
+	movdqu	80(%rdi),%xmm7
+	movdqu	96(%rdi),%xmm8
+	movdqu	112(%rdi),%xmm9
+	leaq	128(%rdi),%rdi
+	subq	$0x80,%rdx
+	jmp	L$ecb_enc_loop8_enter
+.p2align	4
+L$ecb_enc_loop8:
+	movups	%xmm2,(%rsi)
+	movq	%r11,%rcx
+	movdqu	(%rdi),%xmm2
+	movl	%r10d,%eax
+	movups	%xmm3,16(%rsi)
+	movdqu	16(%rdi),%xmm3
+	movups	%xmm4,32(%rsi)
+	movdqu	32(%rdi),%xmm4
+	movups	%xmm5,48(%rsi)
+	movdqu	48(%rdi),%xmm5
+	movups	%xmm6,64(%rsi)
+	movdqu	64(%rdi),%xmm6
+	movups	%xmm7,80(%rsi)
+	movdqu	80(%rdi),%xmm7
+	movups	%xmm8,96(%rsi)
+	movdqu	96(%rdi),%xmm8
+	movups	%xmm9,112(%rsi)
+	leaq	128(%rsi),%rsi
+	movdqu	112(%rdi),%xmm9
+	leaq	128(%rdi),%rdi
+L$ecb_enc_loop8_enter:
+
+	call	_aesni_encrypt8
+
+	subq	$0x80,%rdx
+	jnc	L$ecb_enc_loop8
+
+	movups	%xmm2,(%rsi)
+	movq	%r11,%rcx
+	movups	%xmm3,16(%rsi)
+	movl	%r10d,%eax
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	movups	%xmm7,80(%rsi)
+	movups	%xmm8,96(%rsi)
+	movups	%xmm9,112(%rsi)
+	leaq	128(%rsi),%rsi
+	addq	$0x80,%rdx
+	jz	L$ecb_ret
+
+L$ecb_enc_tail:
+	movups	(%rdi),%xmm2
+	cmpq	$0x20,%rdx
+	jb	L$ecb_enc_one
+	movups	16(%rdi),%xmm3
+	je	L$ecb_enc_two
+	movups	32(%rdi),%xmm4
+	cmpq	$0x40,%rdx
+	jb	L$ecb_enc_three
+	movups	48(%rdi),%xmm5
+	je	L$ecb_enc_four
+	movups	64(%rdi),%xmm6
+	cmpq	$0x60,%rdx
+	jb	L$ecb_enc_five
+	movups	80(%rdi),%xmm7
+	je	L$ecb_enc_six
+	movdqu	96(%rdi),%xmm8
+	xorps	%xmm9,%xmm9
+	call	_aesni_encrypt8
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	movups	%xmm7,80(%rsi)
+	movups	%xmm8,96(%rsi)
+	jmp	L$ecb_ret
+.p2align	4
+L$ecb_enc_one:
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+L$oop_enc1_3:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	L$oop_enc1_3
+.byte	102,15,56,221,209
+	movups	%xmm2,(%rsi)
+	jmp	L$ecb_ret
+.p2align	4
+L$ecb_enc_two:
+	call	_aesni_encrypt2
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	jmp	L$ecb_ret
+.p2align	4
+L$ecb_enc_three:
+	call	_aesni_encrypt3
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	jmp	L$ecb_ret
+.p2align	4
+L$ecb_enc_four:
+	call	_aesni_encrypt4
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	jmp	L$ecb_ret
+.p2align	4
+L$ecb_enc_five:
+	xorps	%xmm7,%xmm7
+	call	_aesni_encrypt6
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	jmp	L$ecb_ret
+.p2align	4
+L$ecb_enc_six:
+	call	_aesni_encrypt6
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	movups	%xmm7,80(%rsi)
+	jmp	L$ecb_ret
+
+.p2align	4
+L$ecb_decrypt:
+	cmpq	$0x80,%rdx
+	jb	L$ecb_dec_tail
+
+	movdqu	(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	movdqu	48(%rdi),%xmm5
+	movdqu	64(%rdi),%xmm6
+	movdqu	80(%rdi),%xmm7
+	movdqu	96(%rdi),%xmm8
+	movdqu	112(%rdi),%xmm9
+	leaq	128(%rdi),%rdi
+	subq	$0x80,%rdx
+	jmp	L$ecb_dec_loop8_enter
+.p2align	4
+L$ecb_dec_loop8:
+	movups	%xmm2,(%rsi)
+	movq	%r11,%rcx
+	movdqu	(%rdi),%xmm2
+	movl	%r10d,%eax
+	movups	%xmm3,16(%rsi)
+	movdqu	16(%rdi),%xmm3
+	movups	%xmm4,32(%rsi)
+	movdqu	32(%rdi),%xmm4
+	movups	%xmm5,48(%rsi)
+	movdqu	48(%rdi),%xmm5
+	movups	%xmm6,64(%rsi)
+	movdqu	64(%rdi),%xmm6
+	movups	%xmm7,80(%rsi)
+	movdqu	80(%rdi),%xmm7
+	movups	%xmm8,96(%rsi)
+	movdqu	96(%rdi),%xmm8
+	movups	%xmm9,112(%rsi)
+	leaq	128(%rsi),%rsi
+	movdqu	112(%rdi),%xmm9
+	leaq	128(%rdi),%rdi
+L$ecb_dec_loop8_enter:
+
+	call	_aesni_decrypt8
+
+	movups	(%r11),%xmm0
+	subq	$0x80,%rdx
+	jnc	L$ecb_dec_loop8
+
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movq	%r11,%rcx
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movl	%r10d,%eax
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	movups	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm7
+	movups	%xmm8,96(%rsi)
+	pxor	%xmm8,%xmm8
+	movups	%xmm9,112(%rsi)
+	pxor	%xmm9,%xmm9
+	leaq	128(%rsi),%rsi
+	addq	$0x80,%rdx
+	jz	L$ecb_ret
+
+L$ecb_dec_tail:
+	movups	(%rdi),%xmm2
+	cmpq	$0x20,%rdx
+	jb	L$ecb_dec_one
+	movups	16(%rdi),%xmm3
+	je	L$ecb_dec_two
+	movups	32(%rdi),%xmm4
+	cmpq	$0x40,%rdx
+	jb	L$ecb_dec_three
+	movups	48(%rdi),%xmm5
+	je	L$ecb_dec_four
+	movups	64(%rdi),%xmm6
+	cmpq	$0x60,%rdx
+	jb	L$ecb_dec_five
+	movups	80(%rdi),%xmm7
+	je	L$ecb_dec_six
+	movups	96(%rdi),%xmm8
+	movups	(%rcx),%xmm0
+	xorps	%xmm9,%xmm9
+	call	_aesni_decrypt8
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	movups	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm7
+	movups	%xmm8,96(%rsi)
+	pxor	%xmm8,%xmm8
+	pxor	%xmm9,%xmm9
+	jmp	L$ecb_ret
+.p2align	4
+L$ecb_dec_one:
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+L$oop_dec1_4:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	L$oop_dec1_4
+.byte	102,15,56,223,209
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	jmp	L$ecb_ret
+.p2align	4
+L$ecb_dec_two:
+	call	_aesni_decrypt2
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	jmp	L$ecb_ret
+.p2align	4
+L$ecb_dec_three:
+	call	_aesni_decrypt3
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	jmp	L$ecb_ret
+.p2align	4
+L$ecb_dec_four:
+	call	_aesni_decrypt4
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	jmp	L$ecb_ret
+.p2align	4
+L$ecb_dec_five:
+	xorps	%xmm7,%xmm7
+	call	_aesni_decrypt6
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	jmp	L$ecb_ret
+.p2align	4
+L$ecb_dec_six:
+	call	_aesni_decrypt6
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	movups	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm7
+
+L$ecb_ret:
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	.byte	0xf3,0xc3
+
+
+.globl	_aesni_ccm64_encrypt_blocks
+
+.p2align	4
+_aesni_ccm64_encrypt_blocks:
+
+	movl	240(%rcx),%eax
+	movdqu	(%r8),%xmm6
+	movdqa	L$increment64(%rip),%xmm9
+	movdqa	L$bswap_mask(%rip),%xmm7
+
+	shll	$4,%eax
+	movl	$16,%r10d
+	leaq	0(%rcx),%r11
+	movdqu	(%r9),%xmm3
+	movdqa	%xmm6,%xmm2
+	leaq	32(%rcx,%rax,1),%rcx
+.byte	102,15,56,0,247
+	subq	%rax,%r10
+	jmp	L$ccm64_enc_outer
+.p2align	4
+L$ccm64_enc_outer:
+	movups	(%r11),%xmm0
+	movq	%r10,%rax
+	movups	(%rdi),%xmm8
+
+	xorps	%xmm0,%xmm2
+	movups	16(%r11),%xmm1
+	xorps	%xmm8,%xmm0
+	xorps	%xmm0,%xmm3
+	movups	32(%r11),%xmm0
+
+L$ccm64_enc2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$ccm64_enc2_loop
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	paddq	%xmm9,%xmm6
+	decq	%rdx
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+
+	leaq	16(%rdi),%rdi
+	xorps	%xmm2,%xmm8
+	movdqa	%xmm6,%xmm2
+	movups	%xmm8,(%rsi)
+.byte	102,15,56,0,215
+	leaq	16(%rsi),%rsi
+	jnz	L$ccm64_enc_outer
+
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,(%r9)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm8,%xmm8
+	pxor	%xmm6,%xmm6
+	.byte	0xf3,0xc3
+
+
+.globl	_aesni_ccm64_decrypt_blocks
+
+.p2align	4
+_aesni_ccm64_decrypt_blocks:
+
+	movl	240(%rcx),%eax
+	movups	(%r8),%xmm6
+	movdqu	(%r9),%xmm3
+	movdqa	L$increment64(%rip),%xmm9
+	movdqa	L$bswap_mask(%rip),%xmm7
+
+	movaps	%xmm6,%xmm2
+	movl	%eax,%r10d
+	movq	%rcx,%r11
+.byte	102,15,56,0,247
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+L$oop_enc1_5:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	L$oop_enc1_5
+.byte	102,15,56,221,209
+	shll	$4,%r10d
+	movl	$16,%eax
+	movups	(%rdi),%xmm8
+	paddq	%xmm9,%xmm6
+	leaq	16(%rdi),%rdi
+	subq	%r10,%rax
+	leaq	32(%r11,%r10,1),%rcx
+	movq	%rax,%r10
+	jmp	L$ccm64_dec_outer
+.p2align	4
+L$ccm64_dec_outer:
+	xorps	%xmm2,%xmm8
+	movdqa	%xmm6,%xmm2
+	movups	%xmm8,(%rsi)
+	leaq	16(%rsi),%rsi
+.byte	102,15,56,0,215
+
+	subq	$1,%rdx
+	jz	L$ccm64_dec_break
+
+	movups	(%r11),%xmm0
+	movq	%r10,%rax
+	movups	16(%r11),%xmm1
+	xorps	%xmm0,%xmm8
+	xorps	%xmm0,%xmm2
+	xorps	%xmm8,%xmm3
+	movups	32(%r11),%xmm0
+	jmp	L$ccm64_dec2_loop
+.p2align	4
+L$ccm64_dec2_loop:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$ccm64_dec2_loop
+	movups	(%rdi),%xmm8
+	paddq	%xmm9,%xmm6
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,221,208
+.byte	102,15,56,221,216
+	leaq	16(%rdi),%rdi
+	jmp	L$ccm64_dec_outer
+
+.p2align	4
+L$ccm64_dec_break:
+
+	movl	240(%r11),%eax
+	movups	(%r11),%xmm0
+	movups	16(%r11),%xmm1
+	xorps	%xmm0,%xmm8
+	leaq	32(%r11),%r11
+	xorps	%xmm8,%xmm3
+L$oop_enc1_6:
+.byte	102,15,56,220,217
+	decl	%eax
+	movups	(%r11),%xmm1
+	leaq	16(%r11),%r11
+	jnz	L$oop_enc1_6
+.byte	102,15,56,221,217
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	movups	%xmm3,(%r9)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm8,%xmm8
+	pxor	%xmm6,%xmm6
+	.byte	0xf3,0xc3
+
+
+.globl	_aesni_ctr32_encrypt_blocks
+
+.p2align	4
+_aesni_ctr32_encrypt_blocks:
+
+	cmpq	$1,%rdx
+	jne	L$ctr32_bulk
+
+
+
+	movups	(%r8),%xmm2
+	movups	(%rdi),%xmm3
+	movl	240(%rcx),%edx
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+L$oop_enc1_7:
+.byte	102,15,56,220,209
+	decl	%edx
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	L$oop_enc1_7
+.byte	102,15,56,221,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	xorps	%xmm3,%xmm2
+	pxor	%xmm3,%xmm3
+	movups	%xmm2,(%rsi)
+	xorps	%xmm2,%xmm2
+	jmp	L$ctr32_epilogue
+
+.p2align	4
+L$ctr32_bulk:
+	leaq	(%rsp),%r11
+
+	pushq	%rbp
+
+	subq	$128,%rsp
+	andq	$-16,%rsp
+
+
+
+
+	movdqu	(%r8),%xmm2
+	movdqu	(%rcx),%xmm0
+	movl	12(%r8),%r8d
+	pxor	%xmm0,%xmm2
+	movl	12(%rcx),%ebp
+	movdqa	%xmm2,0(%rsp)
+	bswapl	%r8d
+	movdqa	%xmm2,%xmm3
+	movdqa	%xmm2,%xmm4
+	movdqa	%xmm2,%xmm5
+	movdqa	%xmm2,64(%rsp)
+	movdqa	%xmm2,80(%rsp)
+	movdqa	%xmm2,96(%rsp)
+	movq	%rdx,%r10
+	movdqa	%xmm2,112(%rsp)
+
+	leaq	1(%r8),%rax
+	leaq	2(%r8),%rdx
+	bswapl	%eax
+	bswapl	%edx
+	xorl	%ebp,%eax
+	xorl	%ebp,%edx
+.byte	102,15,58,34,216,3
+	leaq	3(%r8),%rax
+	movdqa	%xmm3,16(%rsp)
+.byte	102,15,58,34,226,3
+	bswapl	%eax
+	movq	%r10,%rdx
+	leaq	4(%r8),%r10
+	movdqa	%xmm4,32(%rsp)
+	xorl	%ebp,%eax
+	bswapl	%r10d
+.byte	102,15,58,34,232,3
+	xorl	%ebp,%r10d
+	movdqa	%xmm5,48(%rsp)
+	leaq	5(%r8),%r9
+	movl	%r10d,64+12(%rsp)
+	bswapl	%r9d
+	leaq	6(%r8),%r10
+	movl	240(%rcx),%eax
+	xorl	%ebp,%r9d
+	bswapl	%r10d
+	movl	%r9d,80+12(%rsp)
+	xorl	%ebp,%r10d
+	leaq	7(%r8),%r9
+	movl	%r10d,96+12(%rsp)
+	bswapl	%r9d
+	movl	_GNUTLS_x86_cpuid_s+4(%rip),%r10d
+	xorl	%ebp,%r9d
+	andl	$71303168,%r10d
+	movl	%r9d,112+12(%rsp)
+
+	movups	16(%rcx),%xmm1
+
+	movdqa	64(%rsp),%xmm6
+	movdqa	80(%rsp),%xmm7
+
+	cmpq	$8,%rdx
+	jb	L$ctr32_tail
+
+	subq	$6,%rdx
+	cmpl	$4194304,%r10d
+	je	L$ctr32_6x
+
+	leaq	128(%rcx),%rcx
+	subq	$2,%rdx
+	jmp	L$ctr32_loop8
+
+.p2align	4
+L$ctr32_6x:
+	shll	$4,%eax
+	movl	$48,%r10d
+	bswapl	%ebp
+	leaq	32(%rcx,%rax,1),%rcx
+	subq	%rax,%r10
+	jmp	L$ctr32_loop6
+
+.p2align	4
+L$ctr32_loop6:
+	addl	$6,%r8d
+	movups	-48(%rcx,%r10,1),%xmm0
+.byte	102,15,56,220,209
+	movl	%r8d,%eax
+	xorl	%ebp,%eax
+.byte	102,15,56,220,217
+.byte	0x0f,0x38,0xf1,0x44,0x24,12
+	leal	1(%r8),%eax
+.byte	102,15,56,220,225
+	xorl	%ebp,%eax
+.byte	0x0f,0x38,0xf1,0x44,0x24,28
+.byte	102,15,56,220,233
+	leal	2(%r8),%eax
+	xorl	%ebp,%eax
+.byte	102,15,56,220,241
+.byte	0x0f,0x38,0xf1,0x44,0x24,44
+	leal	3(%r8),%eax
+.byte	102,15,56,220,249
+	movups	-32(%rcx,%r10,1),%xmm1
+	xorl	%ebp,%eax
+
+.byte	102,15,56,220,208
+.byte	0x0f,0x38,0xf1,0x44,0x24,60
+	leal	4(%r8),%eax
+.byte	102,15,56,220,216
+	xorl	%ebp,%eax
+.byte	0x0f,0x38,0xf1,0x44,0x24,76
+.byte	102,15,56,220,224
+	leal	5(%r8),%eax
+	xorl	%ebp,%eax
+.byte	102,15,56,220,232
+.byte	0x0f,0x38,0xf1,0x44,0x24,92
+	movq	%r10,%rax
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-16(%rcx,%r10,1),%xmm0
+
+	call	L$enc_loop6
+
+	movdqu	(%rdi),%xmm8
+	movdqu	16(%rdi),%xmm9
+	movdqu	32(%rdi),%xmm10
+	movdqu	48(%rdi),%xmm11
+	movdqu	64(%rdi),%xmm12
+	movdqu	80(%rdi),%xmm13
+	leaq	96(%rdi),%rdi
+	movups	-64(%rcx,%r10,1),%xmm1
+	pxor	%xmm2,%xmm8
+	movaps	0(%rsp),%xmm2
+	pxor	%xmm3,%xmm9
+	movaps	16(%rsp),%xmm3
+	pxor	%xmm4,%xmm10
+	movaps	32(%rsp),%xmm4
+	pxor	%xmm5,%xmm11
+	movaps	48(%rsp),%xmm5
+	pxor	%xmm6,%xmm12
+	movaps	64(%rsp),%xmm6
+	pxor	%xmm7,%xmm13
+	movaps	80(%rsp),%xmm7
+	movdqu	%xmm8,(%rsi)
+	movdqu	%xmm9,16(%rsi)
+	movdqu	%xmm10,32(%rsi)
+	movdqu	%xmm11,48(%rsi)
+	movdqu	%xmm12,64(%rsi)
+	movdqu	%xmm13,80(%rsi)
+	leaq	96(%rsi),%rsi
+
+	subq	$6,%rdx
+	jnc	L$ctr32_loop6
+
+	addq	$6,%rdx
+	jz	L$ctr32_done
+
+	leal	-48(%r10),%eax
+	leaq	-80(%rcx,%r10,1),%rcx
+	negl	%eax
+	shrl	$4,%eax
+	jmp	L$ctr32_tail
+
+.p2align	5
+L$ctr32_loop8:
+	addl	$8,%r8d
+	movdqa	96(%rsp),%xmm8
+.byte	102,15,56,220,209
+	movl	%r8d,%r9d
+	movdqa	112(%rsp),%xmm9
+.byte	102,15,56,220,217
+	bswapl	%r9d
+	movups	32-128(%rcx),%xmm0
+.byte	102,15,56,220,225
+	xorl	%ebp,%r9d
+	nop
+.byte	102,15,56,220,233
+	movl	%r9d,0+12(%rsp)
+	leaq	1(%r8),%r9
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	48-128(%rcx),%xmm1
+	bswapl	%r9d
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movl	%r9d,16+12(%rsp)
+	leaq	2(%r8),%r9
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	64-128(%rcx),%xmm0
+	bswapl	%r9d
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movl	%r9d,32+12(%rsp)
+	leaq	3(%r8),%r9
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	80-128(%rcx),%xmm1
+	bswapl	%r9d
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movl	%r9d,48+12(%rsp)
+	leaq	4(%r8),%r9
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	96-128(%rcx),%xmm0
+	bswapl	%r9d
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movl	%r9d,64+12(%rsp)
+	leaq	5(%r8),%r9
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	112-128(%rcx),%xmm1
+	bswapl	%r9d
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movl	%r9d,80+12(%rsp)
+	leaq	6(%r8),%r9
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	128-128(%rcx),%xmm0
+	bswapl	%r9d
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	xorl	%ebp,%r9d
+.byte	0x66,0x90
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movl	%r9d,96+12(%rsp)
+	leaq	7(%r8),%r9
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	144-128(%rcx),%xmm1
+	bswapl	%r9d
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+	xorl	%ebp,%r9d
+	movdqu	0(%rdi),%xmm10
+.byte	102,15,56,220,232
+	movl	%r9d,112+12(%rsp)
+	cmpl	$11,%eax
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	160-128(%rcx),%xmm0
+
+	jb	L$ctr32_enc_done
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	176-128(%rcx),%xmm1
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	192-128(%rcx),%xmm0
+	je	L$ctr32_enc_done
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movups	208-128(%rcx),%xmm1
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+.byte	102,68,15,56,220,192
+.byte	102,68,15,56,220,200
+	movups	224-128(%rcx),%xmm0
+	jmp	L$ctr32_enc_done
+
+.p2align	4
+L$ctr32_enc_done:
+	movdqu	16(%rdi),%xmm11
+	pxor	%xmm0,%xmm10
+	movdqu	32(%rdi),%xmm12
+	pxor	%xmm0,%xmm11
+	movdqu	48(%rdi),%xmm13
+	pxor	%xmm0,%xmm12
+	movdqu	64(%rdi),%xmm14
+	pxor	%xmm0,%xmm13
+	movdqu	80(%rdi),%xmm15
+	pxor	%xmm0,%xmm14
+	pxor	%xmm0,%xmm15
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+.byte	102,68,15,56,220,201
+	movdqu	96(%rdi),%xmm1
+	leaq	128(%rdi),%rdi
+
+.byte	102,65,15,56,221,210
+	pxor	%xmm0,%xmm1
+	movdqu	112-128(%rdi),%xmm10
+.byte	102,65,15,56,221,219
+	pxor	%xmm0,%xmm10
+	movdqa	0(%rsp),%xmm11
+.byte	102,65,15,56,221,228
+.byte	102,65,15,56,221,237
+	movdqa	16(%rsp),%xmm12
+	movdqa	32(%rsp),%xmm13
+.byte	102,65,15,56,221,246
+.byte	102,65,15,56,221,255
+	movdqa	48(%rsp),%xmm14
+	movdqa	64(%rsp),%xmm15
+.byte	102,68,15,56,221,193
+	movdqa	80(%rsp),%xmm0
+	movups	16-128(%rcx),%xmm1
+.byte	102,69,15,56,221,202
+
+	movups	%xmm2,(%rsi)
+	movdqa	%xmm11,%xmm2
+	movups	%xmm3,16(%rsi)
+	movdqa	%xmm12,%xmm3
+	movups	%xmm4,32(%rsi)
+	movdqa	%xmm13,%xmm4
+	movups	%xmm5,48(%rsi)
+	movdqa	%xmm14,%xmm5
+	movups	%xmm6,64(%rsi)
+	movdqa	%xmm15,%xmm6
+	movups	%xmm7,80(%rsi)
+	movdqa	%xmm0,%xmm7
+	movups	%xmm8,96(%rsi)
+	movups	%xmm9,112(%rsi)
+	leaq	128(%rsi),%rsi
+
+	subq	$8,%rdx
+	jnc	L$ctr32_loop8
+
+	addq	$8,%rdx
+	jz	L$ctr32_done
+	leaq	-128(%rcx),%rcx
+
+L$ctr32_tail:
+
+
+	leaq	16(%rcx),%rcx
+	cmpq	$4,%rdx
+	jb	L$ctr32_loop3
+	je	L$ctr32_loop4
+
+
+	shll	$4,%eax
+	movdqa	96(%rsp),%xmm8
+	pxor	%xmm9,%xmm9
+
+	movups	16(%rcx),%xmm0
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+	leaq	32-16(%rcx,%rax,1),%rcx
+	negq	%rax
+.byte	102,15,56,220,225
+	addq	$16,%rax
+	movups	(%rdi),%xmm10
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+	movups	16(%rdi),%xmm11
+	movups	32(%rdi),%xmm12
+.byte	102,15,56,220,249
+.byte	102,68,15,56,220,193
+
+	call	L$enc_loop8_enter
+
+	movdqu	48(%rdi),%xmm13
+	pxor	%xmm10,%xmm2
+	movdqu	64(%rdi),%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm10,%xmm6
+	movdqu	%xmm5,48(%rsi)
+	movdqu	%xmm6,64(%rsi)
+	cmpq	$6,%rdx
+	jb	L$ctr32_done
+
+	movups	80(%rdi),%xmm11
+	xorps	%xmm11,%xmm7
+	movups	%xmm7,80(%rsi)
+	je	L$ctr32_done
+
+	movups	96(%rdi),%xmm12
+	xorps	%xmm12,%xmm8
+	movups	%xmm8,96(%rsi)
+	jmp	L$ctr32_done
+
+.p2align	5
+L$ctr32_loop4:
+.byte	102,15,56,220,209
+	leaq	16(%rcx),%rcx
+	decl	%eax
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	(%rcx),%xmm1
+	jnz	L$ctr32_loop4
+.byte	102,15,56,221,209
+.byte	102,15,56,221,217
+	movups	(%rdi),%xmm10
+	movups	16(%rdi),%xmm11
+.byte	102,15,56,221,225
+.byte	102,15,56,221,233
+	movups	32(%rdi),%xmm12
+	movups	48(%rdi),%xmm13
+
+	xorps	%xmm10,%xmm2
+	movups	%xmm2,(%rsi)
+	xorps	%xmm11,%xmm3
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm5,48(%rsi)
+	jmp	L$ctr32_done
+
+.p2align	5
+L$ctr32_loop3:
+.byte	102,15,56,220,209
+	leaq	16(%rcx),%rcx
+	decl	%eax
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+	movups	(%rcx),%xmm1
+	jnz	L$ctr32_loop3
+.byte	102,15,56,221,209
+.byte	102,15,56,221,217
+.byte	102,15,56,221,225
+
+	movups	(%rdi),%xmm10
+	xorps	%xmm10,%xmm2
+	movups	%xmm2,(%rsi)
+	cmpq	$2,%rdx
+	jb	L$ctr32_done
+
+	movups	16(%rdi),%xmm11
+	xorps	%xmm11,%xmm3
+	movups	%xmm3,16(%rsi)
+	je	L$ctr32_done
+
+	movups	32(%rdi),%xmm12
+	xorps	%xmm12,%xmm4
+	movups	%xmm4,32(%rsi)
+
+L$ctr32_done:
+	xorps	%xmm0,%xmm0
+	xorl	%ebp,%ebp
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	movaps	%xmm0,0(%rsp)
+	pxor	%xmm8,%xmm8
+	movaps	%xmm0,16(%rsp)
+	pxor	%xmm9,%xmm9
+	movaps	%xmm0,32(%rsp)
+	pxor	%xmm10,%xmm10
+	movaps	%xmm0,48(%rsp)
+	pxor	%xmm11,%xmm11
+	movaps	%xmm0,64(%rsp)
+	pxor	%xmm12,%xmm12
+	movaps	%xmm0,80(%rsp)
+	pxor	%xmm13,%xmm13
+	movaps	%xmm0,96(%rsp)
+	pxor	%xmm14,%xmm14
+	movaps	%xmm0,112(%rsp)
+	pxor	%xmm15,%xmm15
+	movq	-8(%r11),%rbp
+
+	leaq	(%r11),%rsp
+
+L$ctr32_epilogue:
+	.byte	0xf3,0xc3
+
+
+.globl	_aesni_xts_encrypt
+
+.p2align	4
+_aesni_xts_encrypt:
+
+	leaq	(%rsp),%r11
+
+	pushq	%rbp
+
+	subq	$112,%rsp
+	andq	$-16,%rsp
+	movups	(%r9),%xmm2
+	movl	240(%r8),%eax
+	movl	240(%rcx),%r10d
+	movups	(%r8),%xmm0
+	movups	16(%r8),%xmm1
+	leaq	32(%r8),%r8
+	xorps	%xmm0,%xmm2
+L$oop_enc1_8:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%r8),%xmm1
+	leaq	16(%r8),%r8
+	jnz	L$oop_enc1_8
+.byte	102,15,56,221,209
+	movups	(%rcx),%xmm0
+	movq	%rcx,%rbp
+	movl	%r10d,%eax
+	shll	$4,%r10d
+	movq	%rdx,%r9
+	andq	$-16,%rdx
+
+	movups	16(%rcx,%r10,1),%xmm1
+
+	movdqa	L$xts_magic(%rip),%xmm8
+	movdqa	%xmm2,%xmm15
+	pshufd	$0x5f,%xmm2,%xmm9
+	pxor	%xmm0,%xmm1
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm10
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm10
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm11
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm11
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm12
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm12
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm13
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm13
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm15,%xmm14
+	psrad	$31,%xmm9
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm9
+	pxor	%xmm0,%xmm14
+	pxor	%xmm9,%xmm15
+	movaps	%xmm1,96(%rsp)
+
+	subq	$96,%rdx
+	jc	L$xts_enc_short
+
+	movl	$16+96,%eax
+	leaq	32(%rbp,%r10,1),%rcx
+	subq	%r10,%rax
+	movups	16(%rbp),%xmm1
+	movq	%rax,%r10
+	leaq	L$xts_magic(%rip),%r8
+	jmp	L$xts_enc_grandloop
+
+.p2align	5
+L$xts_enc_grandloop:
+	movdqu	0(%rdi),%xmm2
+	movdqa	%xmm0,%xmm8
+	movdqu	16(%rdi),%xmm3
+	pxor	%xmm10,%xmm2
+	movdqu	32(%rdi),%xmm4
+	pxor	%xmm11,%xmm3
+.byte	102,15,56,220,209
+	movdqu	48(%rdi),%xmm5
+	pxor	%xmm12,%xmm4
+.byte	102,15,56,220,217
+	movdqu	64(%rdi),%xmm6
+	pxor	%xmm13,%xmm5
+.byte	102,15,56,220,225
+	movdqu	80(%rdi),%xmm7
+	pxor	%xmm15,%xmm8
+	movdqa	96(%rsp),%xmm9
+	pxor	%xmm14,%xmm6
+.byte	102,15,56,220,233
+	movups	32(%rbp),%xmm0
+	leaq	96(%rdi),%rdi
+	pxor	%xmm8,%xmm7
+
+	pxor	%xmm9,%xmm10
+.byte	102,15,56,220,241
+	pxor	%xmm9,%xmm11
+	movdqa	%xmm10,0(%rsp)
+.byte	102,15,56,220,249
+	movups	48(%rbp),%xmm1
+	pxor	%xmm9,%xmm12
+
+.byte	102,15,56,220,208
+	pxor	%xmm9,%xmm13
+	movdqa	%xmm11,16(%rsp)
+.byte	102,15,56,220,216
+	pxor	%xmm9,%xmm14
+	movdqa	%xmm12,32(%rsp)
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	pxor	%xmm9,%xmm8
+	movdqa	%xmm14,64(%rsp)
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	64(%rbp),%xmm0
+	movdqa	%xmm8,80(%rsp)
+	pshufd	$0x5f,%xmm15,%xmm9
+	jmp	L$xts_enc_loop6
+.p2align	5
+L$xts_enc_loop6:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	-64(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-80(%rcx,%rax,1),%xmm0
+	jnz	L$xts_enc_loop6
+
+	movdqa	(%r8),%xmm8
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,220,209
+	paddq	%xmm15,%xmm15
+	psrad	$31,%xmm14
+.byte	102,15,56,220,217
+	pand	%xmm8,%xmm14
+	movups	(%rbp),%xmm10
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+	pxor	%xmm14,%xmm15
+	movaps	%xmm10,%xmm11
+.byte	102,15,56,220,249
+	movups	-64(%rcx),%xmm1
+
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,220,208
+	paddd	%xmm9,%xmm9
+	pxor	%xmm15,%xmm10
+.byte	102,15,56,220,216
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	pand	%xmm8,%xmm14
+	movaps	%xmm11,%xmm12
+.byte	102,15,56,220,240
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,220,248
+	movups	-48(%rcx),%xmm0
+
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,220,209
+	pxor	%xmm15,%xmm11
+	psrad	$31,%xmm14
+.byte	102,15,56,220,217
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movdqa	%xmm13,48(%rsp)
+	pxor	%xmm14,%xmm15
+.byte	102,15,56,220,241
+	movaps	%xmm12,%xmm13
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,220,249
+	movups	-32(%rcx),%xmm1
+
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,220,208
+	pxor	%xmm15,%xmm12
+	psrad	$31,%xmm14
+.byte	102,15,56,220,216
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+	pxor	%xmm14,%xmm15
+	movaps	%xmm13,%xmm14
+.byte	102,15,56,220,248
+
+	movdqa	%xmm9,%xmm0
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,220,209
+	pxor	%xmm15,%xmm13
+	psrad	$31,%xmm0
+.byte	102,15,56,220,217
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm0
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	pxor	%xmm0,%xmm15
+	movups	(%rbp),%xmm0
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	16(%rbp),%xmm1
+
+	pxor	%xmm15,%xmm14
+.byte	102,15,56,221,84,36,0
+	psrad	$31,%xmm9
+	paddq	%xmm15,%xmm15
+.byte	102,15,56,221,92,36,16
+.byte	102,15,56,221,100,36,32
+	pand	%xmm8,%xmm9
+	movq	%r10,%rax
+.byte	102,15,56,221,108,36,48
+.byte	102,15,56,221,116,36,64
+.byte	102,15,56,221,124,36,80
+	pxor	%xmm9,%xmm15
+
+	leaq	96(%rsi),%rsi
+	movups	%xmm2,-96(%rsi)
+	movups	%xmm3,-80(%rsi)
+	movups	%xmm4,-64(%rsi)
+	movups	%xmm5,-48(%rsi)
+	movups	%xmm6,-32(%rsi)
+	movups	%xmm7,-16(%rsi)
+	subq	$96,%rdx
+	jnc	L$xts_enc_grandloop
+
+	movl	$16+96,%eax
+	subl	%r10d,%eax
+	movq	%rbp,%rcx
+	shrl	$4,%eax
+
+L$xts_enc_short:
+
+	movl	%eax,%r10d
+	pxor	%xmm0,%xmm10
+	addq	$96,%rdx
+	jz	L$xts_enc_done
+
+	pxor	%xmm0,%xmm11
+	cmpq	$0x20,%rdx
+	jb	L$xts_enc_one
+	pxor	%xmm0,%xmm12
+	je	L$xts_enc_two
+
+	pxor	%xmm0,%xmm13
+	cmpq	$0x40,%rdx
+	jb	L$xts_enc_three
+	pxor	%xmm0,%xmm14
+	je	L$xts_enc_four
+
+	movdqu	(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	pxor	%xmm10,%xmm2
+	movdqu	48(%rdi),%xmm5
+	pxor	%xmm11,%xmm3
+	movdqu	64(%rdi),%xmm6
+	leaq	80(%rdi),%rdi
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm5
+	pxor	%xmm14,%xmm6
+	pxor	%xmm7,%xmm7
+
+	call	_aesni_encrypt6
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm15,%xmm10
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	movdqu	%xmm2,(%rsi)
+	xorps	%xmm13,%xmm5
+	movdqu	%xmm3,16(%rsi)
+	xorps	%xmm14,%xmm6
+	movdqu	%xmm4,32(%rsi)
+	movdqu	%xmm5,48(%rsi)
+	movdqu	%xmm6,64(%rsi)
+	leaq	80(%rsi),%rsi
+	jmp	L$xts_enc_done
+
+.p2align	4
+L$xts_enc_one:
+	movups	(%rdi),%xmm2
+	leaq	16(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+L$oop_enc1_9:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	L$oop_enc1_9
+.byte	102,15,56,221,209
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm11,%xmm10
+	movups	%xmm2,(%rsi)
+	leaq	16(%rsi),%rsi
+	jmp	L$xts_enc_done
+
+.p2align	4
+L$xts_enc_two:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	leaq	32(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+
+	call	_aesni_encrypt2
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm12,%xmm10
+	xorps	%xmm11,%xmm3
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	leaq	32(%rsi),%rsi
+	jmp	L$xts_enc_done
+
+.p2align	4
+L$xts_enc_three:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	movups	32(%rdi),%xmm4
+	leaq	48(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+
+	call	_aesni_encrypt3
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm13,%xmm10
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	leaq	48(%rsi),%rsi
+	jmp	L$xts_enc_done
+
+.p2align	4
+L$xts_enc_four:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	movups	32(%rdi),%xmm4
+	xorps	%xmm10,%xmm2
+	movups	48(%rdi),%xmm5
+	leaq	64(%rdi),%rdi
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	xorps	%xmm13,%xmm5
+
+	call	_aesni_encrypt4
+
+	pxor	%xmm10,%xmm2
+	movdqa	%xmm14,%xmm10
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm3,16(%rsi)
+	movdqu	%xmm4,32(%rsi)
+	movdqu	%xmm5,48(%rsi)
+	leaq	64(%rsi),%rsi
+	jmp	L$xts_enc_done
+
+.p2align	4
+L$xts_enc_done:
+	andq	$15,%r9
+	jz	L$xts_enc_ret
+	movq	%r9,%rdx
+
+L$xts_enc_steal:
+	movzbl	(%rdi),%eax
+	movzbl	-16(%rsi),%ecx
+	leaq	1(%rdi),%rdi
+	movb	%al,-16(%rsi)
+	movb	%cl,0(%rsi)
+	leaq	1(%rsi),%rsi
+	subq	$1,%rdx
+	jnz	L$xts_enc_steal
+
+	subq	%r9,%rsi
+	movq	%rbp,%rcx
+	movl	%r10d,%eax
+
+	movups	-16(%rsi),%xmm2
+	xorps	%xmm10,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+L$oop_enc1_10:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	L$oop_enc1_10
+.byte	102,15,56,221,209
+	xorps	%xmm10,%xmm2
+	movups	%xmm2,-16(%rsi)
+
+L$xts_enc_ret:
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	movaps	%xmm0,0(%rsp)
+	pxor	%xmm8,%xmm8
+	movaps	%xmm0,16(%rsp)
+	pxor	%xmm9,%xmm9
+	movaps	%xmm0,32(%rsp)
+	pxor	%xmm10,%xmm10
+	movaps	%xmm0,48(%rsp)
+	pxor	%xmm11,%xmm11
+	movaps	%xmm0,64(%rsp)
+	pxor	%xmm12,%xmm12
+	movaps	%xmm0,80(%rsp)
+	pxor	%xmm13,%xmm13
+	movaps	%xmm0,96(%rsp)
+	pxor	%xmm14,%xmm14
+	pxor	%xmm15,%xmm15
+	movq	-8(%r11),%rbp
+
+	leaq	(%r11),%rsp
+
+L$xts_enc_epilogue:
+	.byte	0xf3,0xc3
+
+
+.globl	_aesni_xts_decrypt
+
+.p2align	4
+_aesni_xts_decrypt:
+
+	leaq	(%rsp),%r11
+
+	pushq	%rbp
+
+	subq	$112,%rsp
+	andq	$-16,%rsp
+	movups	(%r9),%xmm2
+	movl	240(%r8),%eax
+	movl	240(%rcx),%r10d
+	movups	(%r8),%xmm0
+	movups	16(%r8),%xmm1
+	leaq	32(%r8),%r8
+	xorps	%xmm0,%xmm2
+L$oop_enc1_11:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%r8),%xmm1
+	leaq	16(%r8),%r8
+	jnz	L$oop_enc1_11
+.byte	102,15,56,221,209
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	setnz	%al
+	shlq	$4,%rax
+	subq	%rax,%rdx
+
+	movups	(%rcx),%xmm0
+	movq	%rcx,%rbp
+	movl	%r10d,%eax
+	shll	$4,%r10d
+	movq	%rdx,%r9
+	andq	$-16,%rdx
+
+	movups	16(%rcx,%r10,1),%xmm1
+
+	movdqa	L$xts_magic(%rip),%xmm8
+	movdqa	%xmm2,%xmm15
+	pshufd	$0x5f,%xmm2,%xmm9
+	pxor	%xmm0,%xmm1
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm10
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm10
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm11
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm11
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm12
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm12
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+	movdqa	%xmm15,%xmm13
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+	pxor	%xmm0,%xmm13
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm15,%xmm14
+	psrad	$31,%xmm9
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm9
+	pxor	%xmm0,%xmm14
+	pxor	%xmm9,%xmm15
+	movaps	%xmm1,96(%rsp)
+
+	subq	$96,%rdx
+	jc	L$xts_dec_short
+
+	movl	$16+96,%eax
+	leaq	32(%rbp,%r10,1),%rcx
+	subq	%r10,%rax
+	movups	16(%rbp),%xmm1
+	movq	%rax,%r10
+	leaq	L$xts_magic(%rip),%r8
+	jmp	L$xts_dec_grandloop
+
+.p2align	5
+L$xts_dec_grandloop:
+	movdqu	0(%rdi),%xmm2
+	movdqa	%xmm0,%xmm8
+	movdqu	16(%rdi),%xmm3
+	pxor	%xmm10,%xmm2
+	movdqu	32(%rdi),%xmm4
+	pxor	%xmm11,%xmm3
+.byte	102,15,56,222,209
+	movdqu	48(%rdi),%xmm5
+	pxor	%xmm12,%xmm4
+.byte	102,15,56,222,217
+	movdqu	64(%rdi),%xmm6
+	pxor	%xmm13,%xmm5
+.byte	102,15,56,222,225
+	movdqu	80(%rdi),%xmm7
+	pxor	%xmm15,%xmm8
+	movdqa	96(%rsp),%xmm9
+	pxor	%xmm14,%xmm6
+.byte	102,15,56,222,233
+	movups	32(%rbp),%xmm0
+	leaq	96(%rdi),%rdi
+	pxor	%xmm8,%xmm7
+
+	pxor	%xmm9,%xmm10
+.byte	102,15,56,222,241
+	pxor	%xmm9,%xmm11
+	movdqa	%xmm10,0(%rsp)
+.byte	102,15,56,222,249
+	movups	48(%rbp),%xmm1
+	pxor	%xmm9,%xmm12
+
+.byte	102,15,56,222,208
+	pxor	%xmm9,%xmm13
+	movdqa	%xmm11,16(%rsp)
+.byte	102,15,56,222,216
+	pxor	%xmm9,%xmm14
+	movdqa	%xmm12,32(%rsp)
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	pxor	%xmm9,%xmm8
+	movdqa	%xmm14,64(%rsp)
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	64(%rbp),%xmm0
+	movdqa	%xmm8,80(%rsp)
+	pshufd	$0x5f,%xmm15,%xmm9
+	jmp	L$xts_dec_loop6
+.p2align	5
+L$xts_dec_loop6:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	-64(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	-80(%rcx,%rax,1),%xmm0
+	jnz	L$xts_dec_loop6
+
+	movdqa	(%r8),%xmm8
+	movdqa	%xmm9,%xmm14
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,222,209
+	paddq	%xmm15,%xmm15
+	psrad	$31,%xmm14
+.byte	102,15,56,222,217
+	pand	%xmm8,%xmm14
+	movups	(%rbp),%xmm10
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+	pxor	%xmm14,%xmm15
+	movaps	%xmm10,%xmm11
+.byte	102,15,56,222,249
+	movups	-64(%rcx),%xmm1
+
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,222,208
+	paddd	%xmm9,%xmm9
+	pxor	%xmm15,%xmm10
+.byte	102,15,56,222,216
+	psrad	$31,%xmm14
+	paddq	%xmm15,%xmm15
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	pand	%xmm8,%xmm14
+	movaps	%xmm11,%xmm12
+.byte	102,15,56,222,240
+	pxor	%xmm14,%xmm15
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,222,248
+	movups	-48(%rcx),%xmm0
+
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,222,209
+	pxor	%xmm15,%xmm11
+	psrad	$31,%xmm14
+.byte	102,15,56,222,217
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movdqa	%xmm13,48(%rsp)
+	pxor	%xmm14,%xmm15
+.byte	102,15,56,222,241
+	movaps	%xmm12,%xmm13
+	movdqa	%xmm9,%xmm14
+.byte	102,15,56,222,249
+	movups	-32(%rcx),%xmm1
+
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,222,208
+	pxor	%xmm15,%xmm12
+	psrad	$31,%xmm14
+.byte	102,15,56,222,216
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm14
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+	pxor	%xmm14,%xmm15
+	movaps	%xmm13,%xmm14
+.byte	102,15,56,222,248
+
+	movdqa	%xmm9,%xmm0
+	paddd	%xmm9,%xmm9
+.byte	102,15,56,222,209
+	pxor	%xmm15,%xmm13
+	psrad	$31,%xmm0
+.byte	102,15,56,222,217
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm0
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	pxor	%xmm0,%xmm15
+	movups	(%rbp),%xmm0
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	16(%rbp),%xmm1
+
+	pxor	%xmm15,%xmm14
+.byte	102,15,56,223,84,36,0
+	psrad	$31,%xmm9
+	paddq	%xmm15,%xmm15
+.byte	102,15,56,223,92,36,16
+.byte	102,15,56,223,100,36,32
+	pand	%xmm8,%xmm9
+	movq	%r10,%rax
+.byte	102,15,56,223,108,36,48
+.byte	102,15,56,223,116,36,64
+.byte	102,15,56,223,124,36,80
+	pxor	%xmm9,%xmm15
+
+	leaq	96(%rsi),%rsi
+	movups	%xmm2,-96(%rsi)
+	movups	%xmm3,-80(%rsi)
+	movups	%xmm4,-64(%rsi)
+	movups	%xmm5,-48(%rsi)
+	movups	%xmm6,-32(%rsi)
+	movups	%xmm7,-16(%rsi)
+	subq	$96,%rdx
+	jnc	L$xts_dec_grandloop
+
+	movl	$16+96,%eax
+	subl	%r10d,%eax
+	movq	%rbp,%rcx
+	shrl	$4,%eax
+
+L$xts_dec_short:
+
+	movl	%eax,%r10d
+	pxor	%xmm0,%xmm10
+	pxor	%xmm0,%xmm11
+	addq	$96,%rdx
+	jz	L$xts_dec_done
+
+	pxor	%xmm0,%xmm12
+	cmpq	$0x20,%rdx
+	jb	L$xts_dec_one
+	pxor	%xmm0,%xmm13
+	je	L$xts_dec_two
+
+	pxor	%xmm0,%xmm14
+	cmpq	$0x40,%rdx
+	jb	L$xts_dec_three
+	je	L$xts_dec_four
+
+	movdqu	(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	pxor	%xmm10,%xmm2
+	movdqu	48(%rdi),%xmm5
+	pxor	%xmm11,%xmm3
+	movdqu	64(%rdi),%xmm6
+	leaq	80(%rdi),%rdi
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm5
+	pxor	%xmm14,%xmm6
+
+	call	_aesni_decrypt6
+
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	movdqu	%xmm2,(%rsi)
+	xorps	%xmm13,%xmm5
+	movdqu	%xmm3,16(%rsi)
+	xorps	%xmm14,%xmm6
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm14,%xmm14
+	movdqu	%xmm5,48(%rsi)
+	pcmpgtd	%xmm15,%xmm14
+	movdqu	%xmm6,64(%rsi)
+	leaq	80(%rsi),%rsi
+	pshufd	$0x13,%xmm14,%xmm11
+	andq	$15,%r9
+	jz	L$xts_dec_ret
+
+	movdqa	%xmm15,%xmm10
+	paddq	%xmm15,%xmm15
+	pand	%xmm8,%xmm11
+	pxor	%xmm15,%xmm11
+	jmp	L$xts_dec_done2
+
+.p2align	4
+L$xts_dec_one:
+	movups	(%rdi),%xmm2
+	leaq	16(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+L$oop_dec1_12:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	L$oop_dec1_12
+.byte	102,15,56,223,209
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm11,%xmm10
+	movups	%xmm2,(%rsi)
+	movdqa	%xmm12,%xmm11
+	leaq	16(%rsi),%rsi
+	jmp	L$xts_dec_done
+
+.p2align	4
+L$xts_dec_two:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	leaq	32(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+
+	call	_aesni_decrypt2
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm12,%xmm10
+	xorps	%xmm11,%xmm3
+	movdqa	%xmm13,%xmm11
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	leaq	32(%rsi),%rsi
+	jmp	L$xts_dec_done
+
+.p2align	4
+L$xts_dec_three:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	movups	32(%rdi),%xmm4
+	leaq	48(%rdi),%rdi
+	xorps	%xmm10,%xmm2
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+
+	call	_aesni_decrypt3
+
+	xorps	%xmm10,%xmm2
+	movdqa	%xmm13,%xmm10
+	xorps	%xmm11,%xmm3
+	movdqa	%xmm14,%xmm11
+	xorps	%xmm12,%xmm4
+	movups	%xmm2,(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	leaq	48(%rsi),%rsi
+	jmp	L$xts_dec_done
+
+.p2align	4
+L$xts_dec_four:
+	movups	(%rdi),%xmm2
+	movups	16(%rdi),%xmm3
+	movups	32(%rdi),%xmm4
+	xorps	%xmm10,%xmm2
+	movups	48(%rdi),%xmm5
+	leaq	64(%rdi),%rdi
+	xorps	%xmm11,%xmm3
+	xorps	%xmm12,%xmm4
+	xorps	%xmm13,%xmm5
+
+	call	_aesni_decrypt4
+
+	pxor	%xmm10,%xmm2
+	movdqa	%xmm14,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqa	%xmm15,%xmm11
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm3,16(%rsi)
+	movdqu	%xmm4,32(%rsi)
+	movdqu	%xmm5,48(%rsi)
+	leaq	64(%rsi),%rsi
+	jmp	L$xts_dec_done
+
+.p2align	4
+L$xts_dec_done:
+	andq	$15,%r9
+	jz	L$xts_dec_ret
+L$xts_dec_done2:
+	movq	%r9,%rdx
+	movq	%rbp,%rcx
+	movl	%r10d,%eax
+
+	movups	(%rdi),%xmm2
+	xorps	%xmm11,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+L$oop_dec1_13:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	L$oop_dec1_13
+.byte	102,15,56,223,209
+	xorps	%xmm11,%xmm2
+	movups	%xmm2,(%rsi)
+
+L$xts_dec_steal:
+	movzbl	16(%rdi),%eax
+	movzbl	(%rsi),%ecx
+	leaq	1(%rdi),%rdi
+	movb	%al,(%rsi)
+	movb	%cl,16(%rsi)
+	leaq	1(%rsi),%rsi
+	subq	$1,%rdx
+	jnz	L$xts_dec_steal
+
+	subq	%r9,%rsi
+	movq	%rbp,%rcx
+	movl	%r10d,%eax
+
+	movups	(%rsi),%xmm2
+	xorps	%xmm10,%xmm2
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+L$oop_dec1_14:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	L$oop_dec1_14
+.byte	102,15,56,223,209
+	xorps	%xmm10,%xmm2
+	movups	%xmm2,(%rsi)
+
+L$xts_dec_ret:
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	movaps	%xmm0,0(%rsp)
+	pxor	%xmm8,%xmm8
+	movaps	%xmm0,16(%rsp)
+	pxor	%xmm9,%xmm9
+	movaps	%xmm0,32(%rsp)
+	pxor	%xmm10,%xmm10
+	movaps	%xmm0,48(%rsp)
+	pxor	%xmm11,%xmm11
+	movaps	%xmm0,64(%rsp)
+	pxor	%xmm12,%xmm12
+	movaps	%xmm0,80(%rsp)
+	pxor	%xmm13,%xmm13
+	movaps	%xmm0,96(%rsp)
+	pxor	%xmm14,%xmm14
+	pxor	%xmm15,%xmm15
+	movq	-8(%r11),%rbp
+
+	leaq	(%r11),%rsp
+
+L$xts_dec_epilogue:
+	.byte	0xf3,0xc3
+
+
+.globl	_aesni_ocb_encrypt
+
+.p2align	5
+_aesni_ocb_encrypt:
+
+	leaq	(%rsp),%rax
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	movq	8(%rax),%rbx
+	movq	8+8(%rax),%rbp
+
+	movl	240(%rcx),%r10d
+	movq	%rcx,%r11
+	shll	$4,%r10d
+	movups	(%rcx),%xmm9
+	movups	16(%rcx,%r10,1),%xmm1
+
+	movdqu	(%r9),%xmm15
+	pxor	%xmm1,%xmm9
+	pxor	%xmm1,%xmm15
+
+	movl	$16+32,%eax
+	leaq	32(%r11,%r10,1),%rcx
+	movups	16(%r11),%xmm1
+	subq	%r10,%rax
+	movq	%rax,%r10
+
+	movdqu	(%rbx),%xmm10
+	movdqu	(%rbp),%xmm8
+
+	testq	$1,%r8
+	jnz	L$ocb_enc_odd
+
+	bsfq	%r8,%r12
+	addq	$1,%r8
+	shlq	$4,%r12
+	movdqu	(%rbx,%r12,1),%xmm7
+	movdqu	(%rdi),%xmm2
+	leaq	16(%rdi),%rdi
+
+	call	__ocb_encrypt1
+
+	movdqa	%xmm7,%xmm15
+	movups	%xmm2,(%rsi)
+	leaq	16(%rsi),%rsi
+	subq	$1,%rdx
+	jz	L$ocb_enc_done
+
+L$ocb_enc_odd:
+	leaq	1(%r8),%r12
+	leaq	3(%r8),%r13
+	leaq	5(%r8),%r14
+	leaq	6(%r8),%r8
+	bsfq	%r12,%r12
+	bsfq	%r13,%r13
+	bsfq	%r14,%r14
+	shlq	$4,%r12
+	shlq	$4,%r13
+	shlq	$4,%r14
+
+	subq	$6,%rdx
+	jc	L$ocb_enc_short
+	jmp	L$ocb_enc_grandloop
+
+.p2align	5
+L$ocb_enc_grandloop:
+	movdqu	0(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	movdqu	48(%rdi),%xmm5
+	movdqu	64(%rdi),%xmm6
+	movdqu	80(%rdi),%xmm7
+	leaq	96(%rdi),%rdi
+
+	call	__ocb_encrypt6
+
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+	movups	%xmm7,80(%rsi)
+	leaq	96(%rsi),%rsi
+	subq	$6,%rdx
+	jnc	L$ocb_enc_grandloop
+
+L$ocb_enc_short:
+	addq	$6,%rdx
+	jz	L$ocb_enc_done
+
+	movdqu	0(%rdi),%xmm2
+	cmpq	$2,%rdx
+	jb	L$ocb_enc_one
+	movdqu	16(%rdi),%xmm3
+	je	L$ocb_enc_two
+
+	movdqu	32(%rdi),%xmm4
+	cmpq	$4,%rdx
+	jb	L$ocb_enc_three
+	movdqu	48(%rdi),%xmm5
+	je	L$ocb_enc_four
+
+	movdqu	64(%rdi),%xmm6
+	pxor	%xmm7,%xmm7
+
+	call	__ocb_encrypt6
+
+	movdqa	%xmm14,%xmm15
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+	movups	%xmm6,64(%rsi)
+
+	jmp	L$ocb_enc_done
+
+.p2align	4
+L$ocb_enc_one:
+	movdqa	%xmm10,%xmm7
+
+	call	__ocb_encrypt1
+
+	movdqa	%xmm7,%xmm15
+	movups	%xmm2,0(%rsi)
+	jmp	L$ocb_enc_done
+
+.p2align	4
+L$ocb_enc_two:
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+
+	call	__ocb_encrypt4
+
+	movdqa	%xmm11,%xmm15
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+
+	jmp	L$ocb_enc_done
+
+.p2align	4
+L$ocb_enc_three:
+	pxor	%xmm5,%xmm5
+
+	call	__ocb_encrypt4
+
+	movdqa	%xmm12,%xmm15
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+
+	jmp	L$ocb_enc_done
+
+.p2align	4
+L$ocb_enc_four:
+	call	__ocb_encrypt4
+
+	movdqa	%xmm13,%xmm15
+	movups	%xmm2,0(%rsi)
+	movups	%xmm3,16(%rsi)
+	movups	%xmm4,32(%rsi)
+	movups	%xmm5,48(%rsi)
+
+L$ocb_enc_done:
+	pxor	%xmm0,%xmm15
+	movdqu	%xmm8,(%rbp)
+	movdqu	%xmm15,(%r9)
+
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	pxor	%xmm8,%xmm8
+	pxor	%xmm9,%xmm9
+	pxor	%xmm10,%xmm10
+	pxor	%xmm11,%xmm11
+	pxor	%xmm12,%xmm12
+	pxor	%xmm13,%xmm13
+	pxor	%xmm14,%xmm14
+	pxor	%xmm15,%xmm15
+	leaq	40(%rsp),%rax
+
+	movq	-40(%rax),%r14
+
+	movq	-32(%rax),%r13
+
+	movq	-24(%rax),%r12
+
+	movq	-16(%rax),%rbp
+
+	movq	-8(%rax),%rbx
+
+	leaq	(%rax),%rsp
+
+L$ocb_enc_epilogue:
+	.byte	0xf3,0xc3
+
+
+
+
+.p2align	5
+__ocb_encrypt6:
+
+	pxor	%xmm9,%xmm15
+	movdqu	(%rbx,%r12,1),%xmm11
+	movdqa	%xmm10,%xmm12
+	movdqu	(%rbx,%r13,1),%xmm13
+	movdqa	%xmm10,%xmm14
+	pxor	%xmm15,%xmm10
+	movdqu	(%rbx,%r14,1),%xmm15
+	pxor	%xmm10,%xmm11
+	pxor	%xmm2,%xmm8
+	pxor	%xmm10,%xmm2
+	pxor	%xmm11,%xmm12
+	pxor	%xmm3,%xmm8
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm13
+	pxor	%xmm4,%xmm8
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm14
+	pxor	%xmm5,%xmm8
+	pxor	%xmm13,%xmm5
+	pxor	%xmm14,%xmm15
+	pxor	%xmm6,%xmm8
+	pxor	%xmm14,%xmm6
+	pxor	%xmm7,%xmm8
+	pxor	%xmm15,%xmm7
+	movups	32(%r11),%xmm0
+
+	leaq	1(%r8),%r12
+	leaq	3(%r8),%r13
+	leaq	5(%r8),%r14
+	addq	$6,%r8
+	pxor	%xmm9,%xmm10
+	bsfq	%r12,%r12
+	bsfq	%r13,%r13
+	bsfq	%r14,%r14
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	pxor	%xmm9,%xmm11
+	pxor	%xmm9,%xmm12
+.byte	102,15,56,220,241
+	pxor	%xmm9,%xmm13
+	pxor	%xmm9,%xmm14
+.byte	102,15,56,220,249
+	movups	48(%r11),%xmm1
+	pxor	%xmm9,%xmm15
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	64(%r11),%xmm0
+	shlq	$4,%r12
+	shlq	$4,%r13
+	jmp	L$ocb_enc_loop6
+
+.p2align	5
+L$ocb_enc_loop6:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+.byte	102,15,56,220,240
+.byte	102,15,56,220,248
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$ocb_enc_loop6
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+.byte	102,15,56,220,241
+.byte	102,15,56,220,249
+	movups	16(%r11),%xmm1
+	shlq	$4,%r14
+
+.byte	102,65,15,56,221,210
+	movdqu	(%rbx),%xmm10
+	movq	%r10,%rax
+.byte	102,65,15,56,221,219
+.byte	102,65,15,56,221,228
+.byte	102,65,15,56,221,237
+.byte	102,65,15,56,221,246
+.byte	102,65,15,56,221,255
+	.byte	0xf3,0xc3
+
+
+
+
+.p2align	5
+__ocb_encrypt4:
+
+	pxor	%xmm9,%xmm15
+	movdqu	(%rbx,%r12,1),%xmm11
+	movdqa	%xmm10,%xmm12
+	movdqu	(%rbx,%r13,1),%xmm13
+	pxor	%xmm15,%xmm10
+	pxor	%xmm10,%xmm11
+	pxor	%xmm2,%xmm8
+	pxor	%xmm10,%xmm2
+	pxor	%xmm11,%xmm12
+	pxor	%xmm3,%xmm8
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm13
+	pxor	%xmm4,%xmm8
+	pxor	%xmm12,%xmm4
+	pxor	%xmm5,%xmm8
+	pxor	%xmm13,%xmm5
+	movups	32(%r11),%xmm0
+
+	pxor	%xmm9,%xmm10
+	pxor	%xmm9,%xmm11
+	pxor	%xmm9,%xmm12
+	pxor	%xmm9,%xmm13
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	48(%r11),%xmm1
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movups	64(%r11),%xmm0
+	jmp	L$ocb_enc_loop4
+
+.p2align	5
+L$ocb_enc_loop4:
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,220,208
+.byte	102,15,56,220,216
+.byte	102,15,56,220,224
+.byte	102,15,56,220,232
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$ocb_enc_loop4
+
+.byte	102,15,56,220,209
+.byte	102,15,56,220,217
+.byte	102,15,56,220,225
+.byte	102,15,56,220,233
+	movups	16(%r11),%xmm1
+	movq	%r10,%rax
+
+.byte	102,65,15,56,221,210
+.byte	102,65,15,56,221,219
+.byte	102,65,15,56,221,228
+.byte	102,65,15,56,221,237
+	.byte	0xf3,0xc3
+
+
+
+
+.p2align	5
+__ocb_encrypt1:
+
+	pxor	%xmm15,%xmm7
+	pxor	%xmm9,%xmm7
+	pxor	%xmm2,%xmm8
+	pxor	%xmm7,%xmm2
+	movups	32(%r11),%xmm0
+
+.byte	102,15,56,220,209
+	movups	48(%r11),%xmm1
+	pxor	%xmm9,%xmm7
+
+.byte	102,15,56,220,208
+	movups	64(%r11),%xmm0
+	jmp	L$ocb_enc_loop1
+
+.p2align	5
+L$ocb_enc_loop1:
+.byte	102,15,56,220,209
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,220,208
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$ocb_enc_loop1
+
+.byte	102,15,56,220,209
+	movups	16(%r11),%xmm1
+	movq	%r10,%rax
+
+.byte	102,15,56,221,215
+	.byte	0xf3,0xc3
+
+
+
+.globl	_aesni_ocb_decrypt
+
+.p2align	5
+_aesni_ocb_decrypt:
+
+	leaq	(%rsp),%rax
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	movq	8(%rax),%rbx
+	movq	8+8(%rax),%rbp
+
+	movl	240(%rcx),%r10d
+	movq	%rcx,%r11
+	shll	$4,%r10d
+	movups	(%rcx),%xmm9
+	movups	16(%rcx,%r10,1),%xmm1
+
+	movdqu	(%r9),%xmm15
+	pxor	%xmm1,%xmm9
+	pxor	%xmm1,%xmm15
+
+	movl	$16+32,%eax
+	leaq	32(%r11,%r10,1),%rcx
+	movups	16(%r11),%xmm1
+	subq	%r10,%rax
+	movq	%rax,%r10
+
+	movdqu	(%rbx),%xmm10
+	movdqu	(%rbp),%xmm8
+
+	testq	$1,%r8
+	jnz	L$ocb_dec_odd
+
+	bsfq	%r8,%r12
+	addq	$1,%r8
+	shlq	$4,%r12
+	movdqu	(%rbx,%r12,1),%xmm7
+	movdqu	(%rdi),%xmm2
+	leaq	16(%rdi),%rdi
+
+	call	__ocb_decrypt1
+
+	movdqa	%xmm7,%xmm15
+	movups	%xmm2,(%rsi)
+	xorps	%xmm2,%xmm8
+	leaq	16(%rsi),%rsi
+	subq	$1,%rdx
+	jz	L$ocb_dec_done
+
+L$ocb_dec_odd:
+	leaq	1(%r8),%r12
+	leaq	3(%r8),%r13
+	leaq	5(%r8),%r14
+	leaq	6(%r8),%r8
+	bsfq	%r12,%r12
+	bsfq	%r13,%r13
+	bsfq	%r14,%r14
+	shlq	$4,%r12
+	shlq	$4,%r13
+	shlq	$4,%r14
+
+	subq	$6,%rdx
+	jc	L$ocb_dec_short
+	jmp	L$ocb_dec_grandloop
+
+.p2align	5
+L$ocb_dec_grandloop:
+	movdqu	0(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqu	32(%rdi),%xmm4
+	movdqu	48(%rdi),%xmm5
+	movdqu	64(%rdi),%xmm6
+	movdqu	80(%rdi),%xmm7
+	leaq	96(%rdi),%rdi
+
+	call	__ocb_decrypt6
+
+	movups	%xmm2,0(%rsi)
+	pxor	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm8
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm8
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm8
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm8
+	movups	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm8
+	leaq	96(%rsi),%rsi
+	subq	$6,%rdx
+	jnc	L$ocb_dec_grandloop
+
+L$ocb_dec_short:
+	addq	$6,%rdx
+	jz	L$ocb_dec_done
+
+	movdqu	0(%rdi),%xmm2
+	cmpq	$2,%rdx
+	jb	L$ocb_dec_one
+	movdqu	16(%rdi),%xmm3
+	je	L$ocb_dec_two
+
+	movdqu	32(%rdi),%xmm4
+	cmpq	$4,%rdx
+	jb	L$ocb_dec_three
+	movdqu	48(%rdi),%xmm5
+	je	L$ocb_dec_four
+
+	movdqu	64(%rdi),%xmm6
+	pxor	%xmm7,%xmm7
+
+	call	__ocb_decrypt6
+
+	movdqa	%xmm14,%xmm15
+	movups	%xmm2,0(%rsi)
+	pxor	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm8
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm8
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm8
+	movups	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm8
+
+	jmp	L$ocb_dec_done
+
+.p2align	4
+L$ocb_dec_one:
+	movdqa	%xmm10,%xmm7
+
+	call	__ocb_decrypt1
+
+	movdqa	%xmm7,%xmm15
+	movups	%xmm2,0(%rsi)
+	xorps	%xmm2,%xmm8
+	jmp	L$ocb_dec_done
+
+.p2align	4
+L$ocb_dec_two:
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+
+	call	__ocb_decrypt4
+
+	movdqa	%xmm11,%xmm15
+	movups	%xmm2,0(%rsi)
+	xorps	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	xorps	%xmm3,%xmm8
+
+	jmp	L$ocb_dec_done
+
+.p2align	4
+L$ocb_dec_three:
+	pxor	%xmm5,%xmm5
+
+	call	__ocb_decrypt4
+
+	movdqa	%xmm12,%xmm15
+	movups	%xmm2,0(%rsi)
+	xorps	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	xorps	%xmm3,%xmm8
+	movups	%xmm4,32(%rsi)
+	xorps	%xmm4,%xmm8
+
+	jmp	L$ocb_dec_done
+
+.p2align	4
+L$ocb_dec_four:
+	call	__ocb_decrypt4
+
+	movdqa	%xmm13,%xmm15
+	movups	%xmm2,0(%rsi)
+	pxor	%xmm2,%xmm8
+	movups	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm8
+	movups	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm8
+	movups	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm8
+
+L$ocb_dec_done:
+	pxor	%xmm0,%xmm15
+	movdqu	%xmm8,(%rbp)
+	movdqu	%xmm15,(%r9)
+
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	pxor	%xmm8,%xmm8
+	pxor	%xmm9,%xmm9
+	pxor	%xmm10,%xmm10
+	pxor	%xmm11,%xmm11
+	pxor	%xmm12,%xmm12
+	pxor	%xmm13,%xmm13
+	pxor	%xmm14,%xmm14
+	pxor	%xmm15,%xmm15
+	leaq	40(%rsp),%rax
+
+	movq	-40(%rax),%r14
+
+	movq	-32(%rax),%r13
+
+	movq	-24(%rax),%r12
+
+	movq	-16(%rax),%rbp
+
+	movq	-8(%rax),%rbx
+
+	leaq	(%rax),%rsp
+
+L$ocb_dec_epilogue:
+	.byte	0xf3,0xc3
+
+
+
+
+.p2align	5
+__ocb_decrypt6:
+
+	pxor	%xmm9,%xmm15
+	movdqu	(%rbx,%r12,1),%xmm11
+	movdqa	%xmm10,%xmm12
+	movdqu	(%rbx,%r13,1),%xmm13
+	movdqa	%xmm10,%xmm14
+	pxor	%xmm15,%xmm10
+	movdqu	(%rbx,%r14,1),%xmm15
+	pxor	%xmm10,%xmm11
+	pxor	%xmm10,%xmm2
+	pxor	%xmm11,%xmm12
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm13
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm14
+	pxor	%xmm13,%xmm5
+	pxor	%xmm14,%xmm15
+	pxor	%xmm14,%xmm6
+	pxor	%xmm15,%xmm7
+	movups	32(%r11),%xmm0
+
+	leaq	1(%r8),%r12
+	leaq	3(%r8),%r13
+	leaq	5(%r8),%r14
+	addq	$6,%r8
+	pxor	%xmm9,%xmm10
+	bsfq	%r12,%r12
+	bsfq	%r13,%r13
+	bsfq	%r14,%r14
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	pxor	%xmm9,%xmm11
+	pxor	%xmm9,%xmm12
+.byte	102,15,56,222,241
+	pxor	%xmm9,%xmm13
+	pxor	%xmm9,%xmm14
+.byte	102,15,56,222,249
+	movups	48(%r11),%xmm1
+	pxor	%xmm9,%xmm15
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	64(%r11),%xmm0
+	shlq	$4,%r12
+	shlq	$4,%r13
+	jmp	L$ocb_dec_loop6
+
+.p2align	5
+L$ocb_dec_loop6:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$ocb_dec_loop6
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	movups	16(%r11),%xmm1
+	shlq	$4,%r14
+
+.byte	102,65,15,56,223,210
+	movdqu	(%rbx),%xmm10
+	movq	%r10,%rax
+.byte	102,65,15,56,223,219
+.byte	102,65,15,56,223,228
+.byte	102,65,15,56,223,237
+.byte	102,65,15,56,223,246
+.byte	102,65,15,56,223,255
+	.byte	0xf3,0xc3
+
+
+
+
+.p2align	5
+__ocb_decrypt4:
+
+	pxor	%xmm9,%xmm15
+	movdqu	(%rbx,%r12,1),%xmm11
+	movdqa	%xmm10,%xmm12
+	movdqu	(%rbx,%r13,1),%xmm13
+	pxor	%xmm15,%xmm10
+	pxor	%xmm10,%xmm11
+	pxor	%xmm10,%xmm2
+	pxor	%xmm11,%xmm12
+	pxor	%xmm11,%xmm3
+	pxor	%xmm12,%xmm13
+	pxor	%xmm12,%xmm4
+	pxor	%xmm13,%xmm5
+	movups	32(%r11),%xmm0
+
+	pxor	%xmm9,%xmm10
+	pxor	%xmm9,%xmm11
+	pxor	%xmm9,%xmm12
+	pxor	%xmm9,%xmm13
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	48(%r11),%xmm1
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	movups	64(%r11),%xmm0
+	jmp	L$ocb_dec_loop4
+
+.p2align	5
+L$ocb_dec_loop4:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$ocb_dec_loop4
+
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	movups	16(%r11),%xmm1
+	movq	%r10,%rax
+
+.byte	102,65,15,56,223,210
+.byte	102,65,15,56,223,219
+.byte	102,65,15,56,223,228
+.byte	102,65,15,56,223,237
+	.byte	0xf3,0xc3
+
+
+
+
+.p2align	5
+__ocb_decrypt1:
+
+	pxor	%xmm15,%xmm7
+	pxor	%xmm9,%xmm7
+	pxor	%xmm7,%xmm2
+	movups	32(%r11),%xmm0
+
+.byte	102,15,56,222,209
+	movups	48(%r11),%xmm1
+	pxor	%xmm9,%xmm7
+
+.byte	102,15,56,222,208
+	movups	64(%r11),%xmm0
+	jmp	L$ocb_dec_loop1
+
+.p2align	5
+L$ocb_dec_loop1:
+.byte	102,15,56,222,209
+	movups	(%rcx,%rax,1),%xmm1
+	addq	$32,%rax
+
+.byte	102,15,56,222,208
+	movups	-16(%rcx,%rax,1),%xmm0
+	jnz	L$ocb_dec_loop1
+
+.byte	102,15,56,222,209
+	movups	16(%r11),%xmm1
+	movq	%r10,%rax
+
+.byte	102,15,56,223,215
+	.byte	0xf3,0xc3
+
+
+.globl	_aesni_cbc_encrypt
+
+.p2align	4
+_aesni_cbc_encrypt:
+
+	testq	%rdx,%rdx
+	jz	L$cbc_ret
+
+	movl	240(%rcx),%r10d
+	movq	%rcx,%r11
+	testl	%r9d,%r9d
+	jz	L$cbc_decrypt
+
+	movups	(%r8),%xmm2
+	movl	%r10d,%eax
+	cmpq	$16,%rdx
+	jb	L$cbc_enc_tail
+	subq	$16,%rdx
+	jmp	L$cbc_enc_loop
+.p2align	4
+L$cbc_enc_loop:
+	movups	(%rdi),%xmm3
+	leaq	16(%rdi),%rdi
+
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	xorps	%xmm0,%xmm3
+	leaq	32(%rcx),%rcx
+	xorps	%xmm3,%xmm2
+L$oop_enc1_15:
+.byte	102,15,56,220,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	L$oop_enc1_15
+.byte	102,15,56,221,209
+	movl	%r10d,%eax
+	movq	%r11,%rcx
+	movups	%xmm2,0(%rsi)
+	leaq	16(%rsi),%rsi
+	subq	$16,%rdx
+	jnc	L$cbc_enc_loop
+	addq	$16,%rdx
+	jnz	L$cbc_enc_tail
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movups	%xmm2,(%r8)
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	jmp	L$cbc_ret
+
+L$cbc_enc_tail:
+	movq	%rdx,%rcx
+	xchgq	%rdi,%rsi
+.long	0x9066A4F3
+	movl	$16,%ecx
+	subq	%rdx,%rcx
+	xorl	%eax,%eax
+.long	0x9066AAF3
+	leaq	-16(%rdi),%rdi
+	movl	%r10d,%eax
+	movq	%rdi,%rsi
+	movq	%r11,%rcx
+	xorq	%rdx,%rdx
+	jmp	L$cbc_enc_loop
+
+.p2align	4
+L$cbc_decrypt:
+	cmpq	$16,%rdx
+	jne	L$cbc_decrypt_bulk
+
+
+
+	movdqu	(%rdi),%xmm2
+	movdqu	(%r8),%xmm3
+	movdqa	%xmm2,%xmm4
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+L$oop_dec1_16:
+.byte	102,15,56,222,209
+	decl	%r10d
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	L$oop_dec1_16
+.byte	102,15,56,223,209
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movdqu	%xmm4,(%r8)
+	xorps	%xmm3,%xmm2
+	pxor	%xmm3,%xmm3
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	jmp	L$cbc_ret
+.p2align	4
+L$cbc_decrypt_bulk:
+	leaq	(%rsp),%r11
+
+	pushq	%rbp
+
+	subq	$16,%rsp
+	andq	$-16,%rsp
+	movq	%rcx,%rbp
+	movups	(%r8),%xmm10
+	movl	%r10d,%eax
+	cmpq	$0x50,%rdx
+	jbe	L$cbc_dec_tail
+
+	movups	(%rcx),%xmm0
+	movdqu	0(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqa	%xmm2,%xmm11
+	movdqu	32(%rdi),%xmm4
+	movdqa	%xmm3,%xmm12
+	movdqu	48(%rdi),%xmm5
+	movdqa	%xmm4,%xmm13
+	movdqu	64(%rdi),%xmm6
+	movdqa	%xmm5,%xmm14
+	movdqu	80(%rdi),%xmm7
+	movdqa	%xmm6,%xmm15
+	movl	_GNUTLS_x86_cpuid_s+4(%rip),%r9d
+	cmpq	$0x70,%rdx
+	jbe	L$cbc_dec_six_or_seven
+
+	andl	$71303168,%r9d
+	subq	$0x50,%rdx
+	cmpl	$4194304,%r9d
+	je	L$cbc_dec_loop6_enter
+	subq	$0x20,%rdx
+	leaq	112(%rcx),%rcx
+	jmp	L$cbc_dec_loop8_enter
+.p2align	4
+L$cbc_dec_loop8:
+	movups	%xmm9,(%rsi)
+	leaq	16(%rsi),%rsi
+L$cbc_dec_loop8_enter:
+	movdqu	96(%rdi),%xmm8
+	pxor	%xmm0,%xmm2
+	movdqu	112(%rdi),%xmm9
+	pxor	%xmm0,%xmm3
+	movups	16-112(%rcx),%xmm1
+	pxor	%xmm0,%xmm4
+	movq	$-1,%rbp
+	cmpq	$0x70,%rdx
+	pxor	%xmm0,%xmm5
+	pxor	%xmm0,%xmm6
+	pxor	%xmm0,%xmm7
+	pxor	%xmm0,%xmm8
+
+.byte	102,15,56,222,209
+	pxor	%xmm0,%xmm9
+	movups	32-112(%rcx),%xmm0
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+	adcq	$0,%rbp
+	andq	$128,%rbp
+.byte	102,68,15,56,222,201
+	addq	%rdi,%rbp
+	movups	48-112(%rcx),%xmm1
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	64-112(%rcx),%xmm0
+	nop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	80-112(%rcx),%xmm1
+	nop
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	96-112(%rcx),%xmm0
+	nop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	112-112(%rcx),%xmm1
+	nop
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	128-112(%rcx),%xmm0
+	nop
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	144-112(%rcx),%xmm1
+	cmpl	$11,%eax
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	160-112(%rcx),%xmm0
+	jb	L$cbc_dec_done
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	176-112(%rcx),%xmm1
+	nop
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	192-112(%rcx),%xmm0
+	je	L$cbc_dec_done
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movups	208-112(%rcx),%xmm1
+	nop
+.byte	102,15,56,222,208
+.byte	102,15,56,222,216
+.byte	102,15,56,222,224
+.byte	102,15,56,222,232
+.byte	102,15,56,222,240
+.byte	102,15,56,222,248
+.byte	102,68,15,56,222,192
+.byte	102,68,15,56,222,200
+	movups	224-112(%rcx),%xmm0
+	jmp	L$cbc_dec_done
+.p2align	4
+L$cbc_dec_done:
+.byte	102,15,56,222,209
+.byte	102,15,56,222,217
+	pxor	%xmm0,%xmm10
+	pxor	%xmm0,%xmm11
+.byte	102,15,56,222,225
+.byte	102,15,56,222,233
+	pxor	%xmm0,%xmm12
+	pxor	%xmm0,%xmm13
+.byte	102,15,56,222,241
+.byte	102,15,56,222,249
+	pxor	%xmm0,%xmm14
+	pxor	%xmm0,%xmm15
+.byte	102,68,15,56,222,193
+.byte	102,68,15,56,222,201
+	movdqu	80(%rdi),%xmm1
+
+.byte	102,65,15,56,223,210
+	movdqu	96(%rdi),%xmm10
+	pxor	%xmm0,%xmm1
+.byte	102,65,15,56,223,219
+	pxor	%xmm0,%xmm10
+	movdqu	112(%rdi),%xmm0
+.byte	102,65,15,56,223,228
+	leaq	128(%rdi),%rdi
+	movdqu	0(%rbp),%xmm11
+.byte	102,65,15,56,223,237
+.byte	102,65,15,56,223,246
+	movdqu	16(%rbp),%xmm12
+	movdqu	32(%rbp),%xmm13
+.byte	102,65,15,56,223,255
+.byte	102,68,15,56,223,193
+	movdqu	48(%rbp),%xmm14
+	movdqu	64(%rbp),%xmm15
+.byte	102,69,15,56,223,202
+	movdqa	%xmm0,%xmm10
+	movdqu	80(%rbp),%xmm1
+	movups	-112(%rcx),%xmm0
+
+	movups	%xmm2,(%rsi)
+	movdqa	%xmm11,%xmm2
+	movups	%xmm3,16(%rsi)
+	movdqa	%xmm12,%xmm3
+	movups	%xmm4,32(%rsi)
+	movdqa	%xmm13,%xmm4
+	movups	%xmm5,48(%rsi)
+	movdqa	%xmm14,%xmm5
+	movups	%xmm6,64(%rsi)
+	movdqa	%xmm15,%xmm6
+	movups	%xmm7,80(%rsi)
+	movdqa	%xmm1,%xmm7
+	movups	%xmm8,96(%rsi)
+	leaq	112(%rsi),%rsi
+
+	subq	$0x80,%rdx
+	ja	L$cbc_dec_loop8
+
+	movaps	%xmm9,%xmm2
+	leaq	-112(%rcx),%rcx
+	addq	$0x70,%rdx
+	jle	L$cbc_dec_clear_tail_collected
+	movups	%xmm9,(%rsi)
+	leaq	16(%rsi),%rsi
+	cmpq	$0x50,%rdx
+	jbe	L$cbc_dec_tail
+
+	movaps	%xmm11,%xmm2
+L$cbc_dec_six_or_seven:
+	cmpq	$0x60,%rdx
+	ja	L$cbc_dec_seven
+
+	movaps	%xmm7,%xmm8
+	call	_aesni_decrypt6
+	pxor	%xmm10,%xmm2
+	movaps	%xmm8,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	pxor	%xmm14,%xmm6
+	movdqu	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	pxor	%xmm15,%xmm7
+	movdqu	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	leaq	80(%rsi),%rsi
+	movdqa	%xmm7,%xmm2
+	pxor	%xmm7,%xmm7
+	jmp	L$cbc_dec_tail_collected
+
+.p2align	4
+L$cbc_dec_seven:
+	movups	96(%rdi),%xmm8
+	xorps	%xmm9,%xmm9
+	call	_aesni_decrypt8
+	movups	80(%rdi),%xmm9
+	pxor	%xmm10,%xmm2
+	movups	96(%rdi),%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	pxor	%xmm14,%xmm6
+	movdqu	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	pxor	%xmm15,%xmm7
+	movdqu	%xmm6,64(%rsi)
+	pxor	%xmm6,%xmm6
+	pxor	%xmm9,%xmm8
+	movdqu	%xmm7,80(%rsi)
+	pxor	%xmm7,%xmm7
+	leaq	96(%rsi),%rsi
+	movdqa	%xmm8,%xmm2
+	pxor	%xmm8,%xmm8
+	pxor	%xmm9,%xmm9
+	jmp	L$cbc_dec_tail_collected
+
+.p2align	4
+L$cbc_dec_loop6:
+	movups	%xmm7,(%rsi)
+	leaq	16(%rsi),%rsi
+	movdqu	0(%rdi),%xmm2
+	movdqu	16(%rdi),%xmm3
+	movdqa	%xmm2,%xmm11
+	movdqu	32(%rdi),%xmm4
+	movdqa	%xmm3,%xmm12
+	movdqu	48(%rdi),%xmm5
+	movdqa	%xmm4,%xmm13
+	movdqu	64(%rdi),%xmm6
+	movdqa	%xmm5,%xmm14
+	movdqu	80(%rdi),%xmm7
+	movdqa	%xmm6,%xmm15
+L$cbc_dec_loop6_enter:
+	leaq	96(%rdi),%rdi
+	movdqa	%xmm7,%xmm8
+
+	call	_aesni_decrypt6
+
+	pxor	%xmm10,%xmm2
+	movdqa	%xmm8,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm14,%xmm6
+	movq	%rbp,%rcx
+	movdqu	%xmm5,48(%rsi)
+	pxor	%xmm15,%xmm7
+	movl	%r10d,%eax
+	movdqu	%xmm6,64(%rsi)
+	leaq	80(%rsi),%rsi
+	subq	$0x60,%rdx
+	ja	L$cbc_dec_loop6
+
+	movdqa	%xmm7,%xmm2
+	addq	$0x50,%rdx
+	jle	L$cbc_dec_clear_tail_collected
+	movups	%xmm7,(%rsi)
+	leaq	16(%rsi),%rsi
+
+L$cbc_dec_tail:
+	movups	(%rdi),%xmm2
+	subq	$0x10,%rdx
+	jbe	L$cbc_dec_one
+
+	movups	16(%rdi),%xmm3
+	movaps	%xmm2,%xmm11
+	subq	$0x10,%rdx
+	jbe	L$cbc_dec_two
+
+	movups	32(%rdi),%xmm4
+	movaps	%xmm3,%xmm12
+	subq	$0x10,%rdx
+	jbe	L$cbc_dec_three
+
+	movups	48(%rdi),%xmm5
+	movaps	%xmm4,%xmm13
+	subq	$0x10,%rdx
+	jbe	L$cbc_dec_four
+
+	movups	64(%rdi),%xmm6
+	movaps	%xmm5,%xmm14
+	movaps	%xmm6,%xmm15
+	xorps	%xmm7,%xmm7
+	call	_aesni_decrypt6
+	pxor	%xmm10,%xmm2
+	movaps	%xmm15,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	pxor	%xmm14,%xmm6
+	movdqu	%xmm5,48(%rsi)
+	pxor	%xmm5,%xmm5
+	leaq	64(%rsi),%rsi
+	movdqa	%xmm6,%xmm2
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	subq	$0x10,%rdx
+	jmp	L$cbc_dec_tail_collected
+
+.p2align	4
+L$cbc_dec_one:
+	movaps	%xmm2,%xmm11
+	movups	(%rcx),%xmm0
+	movups	16(%rcx),%xmm1
+	leaq	32(%rcx),%rcx
+	xorps	%xmm0,%xmm2
+L$oop_dec1_17:
+.byte	102,15,56,222,209
+	decl	%eax
+	movups	(%rcx),%xmm1
+	leaq	16(%rcx),%rcx
+	jnz	L$oop_dec1_17
+.byte	102,15,56,223,209
+	xorps	%xmm10,%xmm2
+	movaps	%xmm11,%xmm10
+	jmp	L$cbc_dec_tail_collected
+.p2align	4
+L$cbc_dec_two:
+	movaps	%xmm3,%xmm12
+	call	_aesni_decrypt2
+	pxor	%xmm10,%xmm2
+	movaps	%xmm12,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	movdqa	%xmm3,%xmm2
+	pxor	%xmm3,%xmm3
+	leaq	16(%rsi),%rsi
+	jmp	L$cbc_dec_tail_collected
+.p2align	4
+L$cbc_dec_three:
+	movaps	%xmm4,%xmm13
+	call	_aesni_decrypt3
+	pxor	%xmm10,%xmm2
+	movaps	%xmm13,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	movdqa	%xmm4,%xmm2
+	pxor	%xmm4,%xmm4
+	leaq	32(%rsi),%rsi
+	jmp	L$cbc_dec_tail_collected
+.p2align	4
+L$cbc_dec_four:
+	movaps	%xmm5,%xmm14
+	call	_aesni_decrypt4
+	pxor	%xmm10,%xmm2
+	movaps	%xmm14,%xmm10
+	pxor	%xmm11,%xmm3
+	movdqu	%xmm2,(%rsi)
+	pxor	%xmm12,%xmm4
+	movdqu	%xmm3,16(%rsi)
+	pxor	%xmm3,%xmm3
+	pxor	%xmm13,%xmm5
+	movdqu	%xmm4,32(%rsi)
+	pxor	%xmm4,%xmm4
+	movdqa	%xmm5,%xmm2
+	pxor	%xmm5,%xmm5
+	leaq	48(%rsi),%rsi
+	jmp	L$cbc_dec_tail_collected
+
+.p2align	4
+L$cbc_dec_clear_tail_collected:
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	pxor	%xmm8,%xmm8
+	pxor	%xmm9,%xmm9
+L$cbc_dec_tail_collected:
+	movups	%xmm10,(%r8)
+	andq	$15,%rdx
+	jnz	L$cbc_dec_tail_partial
+	movups	%xmm2,(%rsi)
+	pxor	%xmm2,%xmm2
+	jmp	L$cbc_dec_ret
+.p2align	4
+L$cbc_dec_tail_partial:
+	movaps	%xmm2,(%rsp)
+	pxor	%xmm2,%xmm2
+	movq	$16,%rcx
+	movq	%rsi,%rdi
+	subq	%rdx,%rcx
+	leaq	(%rsp),%rsi
+.long	0x9066A4F3
+	movdqa	%xmm2,(%rsp)
+
+L$cbc_dec_ret:
+	xorps	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	movq	-8(%r11),%rbp
+
+	leaq	(%r11),%rsp
+
+L$cbc_ret:
+	.byte	0xf3,0xc3
+
+
+.globl	_aesni_set_decrypt_key
+
+.p2align	4
+_aesni_set_decrypt_key:
+
+.byte	0x48,0x83,0xEC,0x08
+
+	call	__aesni_set_encrypt_key
+	shll	$4,%esi
+	testl	%eax,%eax
+	jnz	L$dec_key_ret
+	leaq	16(%rdx,%rsi,1),%rdi
+
+	movups	(%rdx),%xmm0
+	movups	(%rdi),%xmm1
+	movups	%xmm0,(%rdi)
+	movups	%xmm1,(%rdx)
+	leaq	16(%rdx),%rdx
+	leaq	-16(%rdi),%rdi
+
+L$dec_key_inverse:
+	movups	(%rdx),%xmm0
+	movups	(%rdi),%xmm1
+.byte	102,15,56,219,192
+.byte	102,15,56,219,201
+	leaq	16(%rdx),%rdx
+	leaq	-16(%rdi),%rdi
+	movups	%xmm0,16(%rdi)
+	movups	%xmm1,-16(%rdx)
+	cmpq	%rdx,%rdi
+	ja	L$dec_key_inverse
+
+	movups	(%rdx),%xmm0
+.byte	102,15,56,219,192
+	pxor	%xmm1,%xmm1
+	movups	%xmm0,(%rdi)
+	pxor	%xmm0,%xmm0
+L$dec_key_ret:
+	addq	$8,%rsp
+
+	.byte	0xf3,0xc3
+
+L$SEH_end_set_decrypt_key:
+
+.globl	_aesni_set_encrypt_key
+
+.p2align	4
+_aesni_set_encrypt_key:
+__aesni_set_encrypt_key:
+
+.byte	0x48,0x83,0xEC,0x08
+
+	movq	$-1,%rax
+	testq	%rdi,%rdi
+	jz	L$enc_key_ret
+	testq	%rdx,%rdx
+	jz	L$enc_key_ret
+
+	movl	$268437504,%r10d
+	movups	(%rdi),%xmm0
+	xorps	%xmm4,%xmm4
+	andl	_GNUTLS_x86_cpuid_s+4(%rip),%r10d
+	leaq	16(%rdx),%rax
+	cmpl	$256,%esi
+	je	L$14rounds
+	cmpl	$192,%esi
+	je	L$12rounds
+	cmpl	$128,%esi
+	jne	L$bad_keybits
+
+L$10rounds:
+	movl	$9,%esi
+	cmpl	$268435456,%r10d
+	je	L$10rounds_alt
+
+	movups	%xmm0,(%rdx)
+.byte	102,15,58,223,200,1
+	call	L$key_expansion_128_cold
+.byte	102,15,58,223,200,2
+	call	L$key_expansion_128
+.byte	102,15,58,223,200,4
+	call	L$key_expansion_128
+.byte	102,15,58,223,200,8
+	call	L$key_expansion_128
+.byte	102,15,58,223,200,16
+	call	L$key_expansion_128
+.byte	102,15,58,223,200,32
+	call	L$key_expansion_128
+.byte	102,15,58,223,200,64
+	call	L$key_expansion_128
+.byte	102,15,58,223,200,128
+	call	L$key_expansion_128
+.byte	102,15,58,223,200,27
+	call	L$key_expansion_128
+.byte	102,15,58,223,200,54
+	call	L$key_expansion_128
+	movups	%xmm0,(%rax)
+	movl	%esi,80(%rax)
+	xorl	%eax,%eax
+	jmp	L$enc_key_ret
+
+.p2align	4
+L$10rounds_alt:
+	movdqa	L$key_rotate(%rip),%xmm5
+	movl	$8,%r10d
+	movdqa	L$key_rcon1(%rip),%xmm4
+	movdqa	%xmm0,%xmm2
+	movdqu	%xmm0,(%rdx)
+	jmp	L$oop_key128
+
+.p2align	4
+L$oop_key128:
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	pslld	$1,%xmm4
+	leaq	16(%rax),%rax
+
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,-16(%rax)
+	movdqa	%xmm0,%xmm2
+
+	decl	%r10d
+	jnz	L$oop_key128
+
+	movdqa	L$key_rcon1b(%rip),%xmm4
+
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+	pslld	$1,%xmm4
+
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,(%rax)
+
+	movdqa	%xmm0,%xmm2
+.byte	102,15,56,0,197
+.byte	102,15,56,221,196
+
+	movdqa	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm2,%xmm3
+	pslldq	$4,%xmm2
+	pxor	%xmm3,%xmm2
+
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,16(%rax)
+
+	movl	%esi,96(%rax)
+	xorl	%eax,%eax
+	jmp	L$enc_key_ret
+
+.p2align	4
+L$12rounds:
+	movq	16(%rdi),%xmm2
+	movl	$11,%esi
+	cmpl	$268435456,%r10d
+	je	L$12rounds_alt
+
+	movups	%xmm0,(%rdx)
+.byte	102,15,58,223,202,1
+	call	L$key_expansion_192a_cold
+.byte	102,15,58,223,202,2
+	call	L$key_expansion_192b
+.byte	102,15,58,223,202,4
+	call	L$key_expansion_192a
+.byte	102,15,58,223,202,8
+	call	L$key_expansion_192b
+.byte	102,15,58,223,202,16
+	call	L$key_expansion_192a
+.byte	102,15,58,223,202,32
+	call	L$key_expansion_192b
+.byte	102,15,58,223,202,64
+	call	L$key_expansion_192a
+.byte	102,15,58,223,202,128
+	call	L$key_expansion_192b
+	movups	%xmm0,(%rax)
+	movl	%esi,48(%rax)
+	xorq	%rax,%rax
+	jmp	L$enc_key_ret
+
+.p2align	4
+L$12rounds_alt:
+	movdqa	L$key_rotate192(%rip),%xmm5
+	movdqa	L$key_rcon1(%rip),%xmm4
+	movl	$8,%r10d
+	movdqu	%xmm0,(%rdx)
+	jmp	L$oop_key192
+
+.p2align	4
+L$oop_key192:
+	movq	%xmm2,0(%rax)
+	movdqa	%xmm2,%xmm1
+.byte	102,15,56,0,213
+.byte	102,15,56,221,212
+	pslld	$1,%xmm4
+	leaq	24(%rax),%rax
+
+	movdqa	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm3,%xmm0
+
+	pshufd	$0xff,%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+
+	pxor	%xmm2,%xmm0
+	pxor	%xmm3,%xmm2
+	movdqu	%xmm0,-16(%rax)
+
+	decl	%r10d
+	jnz	L$oop_key192
+
+	movl	%esi,32(%rax)
+	xorl	%eax,%eax
+	jmp	L$enc_key_ret
+
+.p2align	4
+L$14rounds:
+	movups	16(%rdi),%xmm2
+	movl	$13,%esi
+	leaq	16(%rax),%rax
+	cmpl	$268435456,%r10d
+	je	L$14rounds_alt
+
+	movups	%xmm0,(%rdx)
+	movups	%xmm2,16(%rdx)
+.byte	102,15,58,223,202,1
+	call	L$key_expansion_256a_cold
+.byte	102,15,58,223,200,1
+	call	L$key_expansion_256b
+.byte	102,15,58,223,202,2
+	call	L$key_expansion_256a
+.byte	102,15,58,223,200,2
+	call	L$key_expansion_256b
+.byte	102,15,58,223,202,4
+	call	L$key_expansion_256a
+.byte	102,15,58,223,200,4
+	call	L$key_expansion_256b
+.byte	102,15,58,223,202,8
+	call	L$key_expansion_256a
+.byte	102,15,58,223,200,8
+	call	L$key_expansion_256b
+.byte	102,15,58,223,202,16
+	call	L$key_expansion_256a
+.byte	102,15,58,223,200,16
+	call	L$key_expansion_256b
+.byte	102,15,58,223,202,32
+	call	L$key_expansion_256a
+.byte	102,15,58,223,200,32
+	call	L$key_expansion_256b
+.byte	102,15,58,223,202,64
+	call	L$key_expansion_256a
+	movups	%xmm0,(%rax)
+	movl	%esi,16(%rax)
+	xorq	%rax,%rax
+	jmp	L$enc_key_ret
+
+.p2align	4
+L$14rounds_alt:
+	movdqa	L$key_rotate(%rip),%xmm5
+	movdqa	L$key_rcon1(%rip),%xmm4
+	movl	$7,%r10d
+	movdqu	%xmm0,0(%rdx)
+	movdqa	%xmm2,%xmm1
+	movdqu	%xmm2,16(%rdx)
+	jmp	L$oop_key256
+
+.p2align	4
+L$oop_key256:
+.byte	102,15,56,0,213
+.byte	102,15,56,221,212
+
+	movdqa	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm0,%xmm3
+	pslldq	$4,%xmm0
+	pxor	%xmm3,%xmm0
+	pslld	$1,%xmm4
+
+	pxor	%xmm2,%xmm0
+	movdqu	%xmm0,(%rax)
+
+	decl	%r10d
+	jz	L$done_key256
+
+	pshufd	$0xff,%xmm0,%xmm2
+	pxor	%xmm3,%xmm3
+.byte	102,15,56,221,211
+
+	movdqa	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm1,%xmm3
+	pslldq	$4,%xmm1
+	pxor	%xmm3,%xmm1
+
+	pxor	%xmm1,%xmm2
+	movdqu	%xmm2,16(%rax)
+	leaq	32(%rax),%rax
+	movdqa	%xmm2,%xmm1
+
+	jmp	L$oop_key256
+
+L$done_key256:
+	movl	%esi,16(%rax)
+	xorl	%eax,%eax
+	jmp	L$enc_key_ret
+
+.p2align	4
+L$bad_keybits:
+	movq	$-2,%rax
+L$enc_key_ret:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	addq	$8,%rsp
+
+	.byte	0xf3,0xc3
+L$SEH_end_set_encrypt_key:
+
+.p2align	4
+L$key_expansion_128:
+	movups	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+L$key_expansion_128_cold:
+	shufps	$16,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$255,%xmm1,%xmm1
+	xorps	%xmm1,%xmm0
+	.byte	0xf3,0xc3
+
+.p2align	4
+L$key_expansion_192a:
+	movups	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+L$key_expansion_192a_cold:
+	movaps	%xmm2,%xmm5
+L$key_expansion_192b_warm:
+	shufps	$16,%xmm0,%xmm4
+	movdqa	%xmm2,%xmm3
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	pslldq	$4,%xmm3
+	xorps	%xmm4,%xmm0
+	pshufd	$85,%xmm1,%xmm1
+	pxor	%xmm3,%xmm2
+	pxor	%xmm1,%xmm0
+	pshufd	$255,%xmm0,%xmm3
+	pxor	%xmm3,%xmm2
+	.byte	0xf3,0xc3
+
+.p2align	4
+L$key_expansion_192b:
+	movaps	%xmm0,%xmm3
+	shufps	$68,%xmm0,%xmm5
+	movups	%xmm5,(%rax)
+	shufps	$78,%xmm2,%xmm3
+	movups	%xmm3,16(%rax)
+	leaq	32(%rax),%rax
+	jmp	L$key_expansion_192b_warm
+
+.p2align	4
+L$key_expansion_256a:
+	movups	%xmm2,(%rax)
+	leaq	16(%rax),%rax
+L$key_expansion_256a_cold:
+	shufps	$16,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$140,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	$255,%xmm1,%xmm1
+	xorps	%xmm1,%xmm0
+	.byte	0xf3,0xc3
+
+.p2align	4
+L$key_expansion_256b:
+	movups	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+
+	shufps	$16,%xmm2,%xmm4
+	xorps	%xmm4,%xmm2
+	shufps	$140,%xmm2,%xmm4
+	xorps	%xmm4,%xmm2
+	shufps	$170,%xmm1,%xmm1
+	xorps	%xmm1,%xmm2
+	.byte	0xf3,0xc3
+
+
+
+.p2align	6
+L$bswap_mask:
+.byte	15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+L$increment32:
+.long	6,6,6,0
+L$increment64:
+.long	1,0,0,0
+L$xts_magic:
+.long	0x87,0,1,0
+L$increment1:
+.byte	0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1
+L$key_rotate:
+.long	0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d
+L$key_rotate192:
+.long	0x04070605,0x04070605,0x04070605,0x04070605
+L$key_rcon1:
+.long	1,1,1,1
+L$key_rcon1b:
+.long	0x1b,0x1b,0x1b,0x1b
+
+.byte	65,69,83,32,102,111,114,32,73,110,116,101,108,32,65,69,83,45,78,73,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.p2align	6
+
diff --git a/lib/accelerated/x86/macosx/e_padlock-x86.s b/lib/accelerated/x86/macosx/e_padlock-x86.s
new file mode 100644
index 0000000..367962c
--- /dev/null
+++ b/lib/accelerated/x86/macosx/e_padlock-x86.s
@@ -0,0 +1,1035 @@
+# Copyright (c) 2011-2013, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.file	"devel/perlasm/e_padlock-x86.s"
+.text
+.globl	_padlock_capability
+.align	4
+_padlock_capability:
+L_padlock_capability_begin:
+	pushl	%ebx
+	pushfl
+	popl	%eax
+	movl	%eax,%ecx
+	xorl	$2097152,%eax
+	pushl	%eax
+	popfl
+	pushfl
+	popl	%eax
+	xorl	%eax,%ecx
+	xorl	%eax,%eax
+	btl	$21,%ecx
+	jnc	L000noluck
+	.byte	0x0f,0xa2
+	xorl	%eax,%eax
+	cmpl	$0x746e6543,%ebx
+	jne	L000noluck
+	cmpl	$0x48727561,%edx
+	jne	L000noluck
+	cmpl	$0x736c7561,%ecx
+	jne	L000noluck
+	movl	$3221225472,%eax
+	.byte	0x0f,0xa2
+	movl	%eax,%edx
+	xorl	%eax,%eax
+	cmpl	$3221225473,%edx
+	jb	L000noluck
+	movl	$1,%eax
+	.byte	0x0f,0xa2
+	orl	$15,%eax
+	xorl	%ebx,%ebx
+	andl	$4095,%eax
+	cmpl	$1791,%eax
+	sete	%bl
+	movl	$3221225473,%eax
+	pushl	%ebx
+	.byte	0x0f,0xa2
+	popl	%ebx
+	movl	%edx,%eax
+	shll	$4,%ebx
+	andl	$4294967279,%eax
+	orl	%ebx,%eax
+L000noluck:
+	popl	%ebx
+	ret
+.globl	_padlock_key_bswap
+.align	4
+_padlock_key_bswap:
+L_padlock_key_bswap_begin:
+	movl	4(%esp),%edx
+	movl	240(%edx),%ecx
+L001bswap_loop:
+	movl	(%edx),%eax
+	bswap	%eax
+	movl	%eax,(%edx)
+	leal	4(%edx),%edx
+	subl	$1,%ecx
+	jnz	L001bswap_loop
+	ret
+.globl	_padlock_verify_context
+.align	4
+_padlock_verify_context:
+L_padlock_verify_context_begin:
+	movl	4(%esp),%edx
+	leal	Lpadlock_saved_context-L002verify_pic_point,%eax
+	pushfl
+	call	__padlock_verify_ctx
+L002verify_pic_point:
+	leal	4(%esp),%esp
+	ret
+.align	4
+__padlock_verify_ctx:
+	addl	(%esp),%eax
+	btl	$30,4(%esp)
+	jnc	L003verified
+	cmpl	(%eax),%edx
+	je	L003verified
+	pushfl
+	popfl
+L003verified:
+	movl	%edx,(%eax)
+	ret
+.globl	_padlock_reload_key
+.align	4
+_padlock_reload_key:
+L_padlock_reload_key_begin:
+	pushfl
+	popfl
+	ret
+.globl	_padlock_aes_block
+.align	4
+_padlock_aes_block:
+L_padlock_aes_block_begin:
+	pushl	%edi
+	pushl	%esi
+	pushl	%ebx
+	movl	16(%esp),%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edx
+	movl	$1,%ecx
+	leal	32(%edx),%ebx
+	leal	16(%edx),%edx
+.byte	243,15,167,200
+	popl	%ebx
+	popl	%esi
+	popl	%edi
+	ret
+.globl	_padlock_ecb_encrypt
+.align	4
+_padlock_ecb_encrypt:
+L_padlock_ecb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	L004ecb_abort
+	testl	$15,%ecx
+	jnz	L004ecb_abort
+	leal	Lpadlock_saved_context-L005ecb_pic_point,%eax
+	pushfl
+	cld
+	call	__padlock_verify_ctx
+L005ecb_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%edx)
+	jnz	L006ecb_aligned
+	testl	$15,%edi
+	setz	%al
+	testl	$15,%esi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	L006ecb_aligned
+	negl	%eax
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	cmpl	%ebx,%ecx
+	ja	L007ecb_loop
+	movl	%esi,%eax
+	cmpl	%esp,%ebp
+	cmovel	%edi,%eax
+	addl	%ecx,%eax
+	negl	%eax
+	andl	$4095,%eax
+	cmpl	$128,%eax
+	movl	$-128,%eax
+	cmovael	%ebx,%eax
+	andl	%eax,%ebx
+	jz	L008ecb_unaligned_tail
+	jmp	L007ecb_loop
+.align	4,0x90
+L007ecb_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	testl	$15,%edi
+	cmovnzl	%esp,%edi
+	testl	$15,%esi
+	jz	L009ecb_inp_aligned
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+L009ecb_inp_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,200
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	testl	$15,%edi
+	jz	L010ecb_out_aligned
+	movl	%ebx,%ecx
+	leal	(%esp),%esi
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+L010ecb_out_aligned:
+	movl	4(%ebp),%esi
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jz	L011ecb_break
+	cmpl	%ebx,%ecx
+	jae	L007ecb_loop
+L008ecb_unaligned_tail:
+	xorl	%eax,%eax
+	cmpl	%ebp,%esp
+	cmovel	%ecx,%eax
+	subl	%eax,%esp
+	movl	%edi,%eax
+	movl	%ecx,%ebx
+	shrl	$2,%ecx
+	leal	(%esp),%edi
+.byte	243,165
+	movl	%esp,%esi
+	movl	%eax,%edi
+	movl	%ebx,%ecx
+	jmp	L007ecb_loop
+.align	4,0x90
+L011ecb_break:
+	cmpl	%ebp,%esp
+	je	L012ecb_done
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+L013ecb_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	L013ecb_bzero
+L012ecb_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	jmp	L014ecb_exit
+.align	4,0x90
+L006ecb_aligned:
+	leal	(%esi,%ecx,1),%ebp
+	negl	%ebp
+	andl	$4095,%ebp
+	xorl	%eax,%eax
+	cmpl	$128,%ebp
+	movl	$127,%ebp
+	cmovael	%eax,%ebp
+	andl	%ecx,%ebp
+	subl	%ebp,%ecx
+	jz	L015ecb_aligned_tail
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,200
+	testl	%ebp,%ebp
+	jz	L014ecb_exit
+L015ecb_aligned_tail:
+	movl	%ebp,%ecx
+	leal	-24(%esp),%ebp
+	movl	%ebp,%esp
+	movl	%ebp,%eax
+	subl	%ecx,%esp
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	movl	%edi,%eax
+	movl	%ecx,%ebx
+	shrl	$2,%ecx
+	leal	(%esp),%edi
+.byte	243,165
+	movl	%esp,%esi
+	movl	%eax,%edi
+	movl	%ebx,%ecx
+	jmp	L007ecb_loop
+L014ecb_exit:
+	movl	$1,%eax
+	leal	4(%esp),%esp
+L004ecb_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_padlock_cbc_encrypt
+.align	4
+_padlock_cbc_encrypt:
+L_padlock_cbc_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	L016cbc_abort
+	testl	$15,%ecx
+	jnz	L016cbc_abort
+	leal	Lpadlock_saved_context-L017cbc_pic_point,%eax
+	pushfl
+	cld
+	call	__padlock_verify_ctx
+L017cbc_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%edx)
+	jnz	L018cbc_aligned
+	testl	$15,%edi
+	setz	%al
+	testl	$15,%esi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	L018cbc_aligned
+	negl	%eax
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	cmpl	%ebx,%ecx
+	ja	L019cbc_loop
+	movl	%esi,%eax
+	cmpl	%esp,%ebp
+	cmovel	%edi,%eax
+	addl	%ecx,%eax
+	negl	%eax
+	andl	$4095,%eax
+	cmpl	$64,%eax
+	movl	$-64,%eax
+	cmovael	%ebx,%eax
+	andl	%eax,%ebx
+	jz	L020cbc_unaligned_tail
+	jmp	L019cbc_loop
+.align	4,0x90
+L019cbc_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	testl	$15,%edi
+	cmovnzl	%esp,%edi
+	testl	$15,%esi
+	jz	L021cbc_inp_aligned
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+L021cbc_inp_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,208
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	testl	$15,%edi
+	jz	L022cbc_out_aligned
+	movl	%ebx,%ecx
+	leal	(%esp),%esi
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+L022cbc_out_aligned:
+	movl	4(%ebp),%esi
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jz	L023cbc_break
+	cmpl	%ebx,%ecx
+	jae	L019cbc_loop
+L020cbc_unaligned_tail:
+	xorl	%eax,%eax
+	cmpl	%ebp,%esp
+	cmovel	%ecx,%eax
+	subl	%eax,%esp
+	movl	%edi,%eax
+	movl	%ecx,%ebx
+	shrl	$2,%ecx
+	leal	(%esp),%edi
+.byte	243,165
+	movl	%esp,%esi
+	movl	%eax,%edi
+	movl	%ebx,%ecx
+	jmp	L019cbc_loop
+.align	4,0x90
+L023cbc_break:
+	cmpl	%ebp,%esp
+	je	L024cbc_done
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+L025cbc_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	L025cbc_bzero
+L024cbc_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	jmp	L026cbc_exit
+.align	4,0x90
+L018cbc_aligned:
+	leal	(%esi,%ecx,1),%ebp
+	negl	%ebp
+	andl	$4095,%ebp
+	xorl	%eax,%eax
+	cmpl	$64,%ebp
+	movl	$63,%ebp
+	cmovael	%eax,%ebp
+	andl	%ecx,%ebp
+	subl	%ebp,%ecx
+	jz	L027cbc_aligned_tail
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,208
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+	testl	%ebp,%ebp
+	jz	L026cbc_exit
+L027cbc_aligned_tail:
+	movl	%ebp,%ecx
+	leal	-24(%esp),%ebp
+	movl	%ebp,%esp
+	movl	%ebp,%eax
+	subl	%ecx,%esp
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	movl	%edi,%eax
+	movl	%ecx,%ebx
+	shrl	$2,%ecx
+	leal	(%esp),%edi
+.byte	243,165
+	movl	%esp,%esi
+	movl	%eax,%edi
+	movl	%ebx,%ecx
+	jmp	L019cbc_loop
+L026cbc_exit:
+	movl	$1,%eax
+	leal	4(%esp),%esp
+L016cbc_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_padlock_cfb_encrypt
+.align	4
+_padlock_cfb_encrypt:
+L_padlock_cfb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	L028cfb_abort
+	testl	$15,%ecx
+	jnz	L028cfb_abort
+	leal	Lpadlock_saved_context-L029cfb_pic_point,%eax
+	pushfl
+	cld
+	call	__padlock_verify_ctx
+L029cfb_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%edx)
+	jnz	L030cfb_aligned
+	testl	$15,%edi
+	setz	%al
+	testl	$15,%esi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	L030cfb_aligned
+	negl	%eax
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	jmp	L031cfb_loop
+.align	4,0x90
+L031cfb_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	testl	$15,%edi
+	cmovnzl	%esp,%edi
+	testl	$15,%esi
+	jz	L032cfb_inp_aligned
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+L032cfb_inp_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,224
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	testl	$15,%edi
+	jz	L033cfb_out_aligned
+	movl	%ebx,%ecx
+	leal	(%esp),%esi
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+L033cfb_out_aligned:
+	movl	4(%ebp),%esi
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jnz	L031cfb_loop
+	cmpl	%ebp,%esp
+	je	L034cfb_done
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+L035cfb_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	L035cfb_bzero
+L034cfb_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	jmp	L036cfb_exit
+.align	4,0x90
+L030cfb_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,224
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+L036cfb_exit:
+	movl	$1,%eax
+	leal	4(%esp),%esp
+L028cfb_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_padlock_ofb_encrypt
+.align	4
+_padlock_ofb_encrypt:
+L_padlock_ofb_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	L037ofb_abort
+	testl	$15,%ecx
+	jnz	L037ofb_abort
+	leal	Lpadlock_saved_context-L038ofb_pic_point,%eax
+	pushfl
+	cld
+	call	__padlock_verify_ctx
+L038ofb_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%edx)
+	jnz	L039ofb_aligned
+	testl	$15,%edi
+	setz	%al
+	testl	$15,%esi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	L039ofb_aligned
+	negl	%eax
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	jmp	L040ofb_loop
+.align	4,0x90
+L040ofb_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	testl	$15,%edi
+	cmovnzl	%esp,%edi
+	testl	$15,%esi
+	jz	L041ofb_inp_aligned
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+	movl	%ebx,%ecx
+	movl	%edi,%esi
+L041ofb_inp_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,232
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	testl	$15,%edi
+	jz	L042ofb_out_aligned
+	movl	%ebx,%ecx
+	leal	(%esp),%esi
+	shrl	$2,%ecx
+.byte	243,165
+	subl	%ebx,%edi
+L042ofb_out_aligned:
+	movl	4(%ebp),%esi
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jnz	L040ofb_loop
+	cmpl	%ebp,%esp
+	je	L043ofb_done
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+L044ofb_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	L044ofb_bzero
+L043ofb_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	jmp	L045ofb_exit
+.align	4,0x90
+L039ofb_aligned:
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,232
+	movaps	(%eax),%xmm0
+	movaps	%xmm0,-16(%edx)
+L045ofb_exit:
+	movl	$1,%eax
+	leal	4(%esp),%esp
+L037ofb_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_padlock_ctr32_encrypt
+.align	4
+_padlock_ctr32_encrypt:
+L_padlock_ctr32_encrypt_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%edi
+	movl	24(%esp),%esi
+	movl	28(%esp),%edx
+	movl	32(%esp),%ecx
+	testl	$15,%edx
+	jnz	L046ctr32_abort
+	testl	$15,%ecx
+	jnz	L046ctr32_abort
+	leal	Lpadlock_saved_context-L047ctr32_pic_point,%eax
+	pushfl
+	cld
+	call	__padlock_verify_ctx
+L047ctr32_pic_point:
+	leal	16(%edx),%edx
+	xorl	%eax,%eax
+	movq	-16(%edx),%mm0
+	movl	$512,%ebx
+	notl	%eax
+	leal	-24(%esp),%ebp
+	cmpl	%ebx,%ecx
+	cmovcl	%ecx,%ebx
+	andl	%ebx,%eax
+	movl	%ecx,%ebx
+	negl	%eax
+	andl	$511,%ebx
+	leal	(%eax,%ebp,1),%esp
+	movl	$512,%eax
+	cmovzl	%eax,%ebx
+	movl	%ebp,%eax
+	andl	$-16,%ebp
+	andl	$-16,%esp
+	movl	%eax,16(%ebp)
+	jmp	L048ctr32_loop
+.align	4,0x90
+L048ctr32_loop:
+	movl	%edi,(%ebp)
+	movl	%esi,4(%ebp)
+	movl	%ecx,8(%ebp)
+	movl	%ebx,%ecx
+	movl	%ebx,12(%ebp)
+	movl	-4(%edx),%ecx
+	xorl	%edi,%edi
+	movl	-8(%edx),%eax
+L049ctr32_prepare:
+	movl	%ecx,12(%esp,%edi,1)
+	bswap	%ecx
+	movq	%mm0,(%esp,%edi,1)
+	incl	%ecx
+	movl	%eax,8(%esp,%edi,1)
+	bswap	%ecx
+	leal	16(%edi),%edi
+	cmpl	%ebx,%edi
+	jb	L049ctr32_prepare
+	movl	%ecx,-4(%edx)
+	leal	(%esp),%esi
+	leal	(%esp),%edi
+	movl	%ebx,%ecx
+	leal	-16(%edx),%eax
+	leal	16(%edx),%ebx
+	shrl	$4,%ecx
+.byte	243,15,167,200
+	movl	(%ebp),%edi
+	movl	12(%ebp),%ebx
+	movl	4(%ebp),%esi
+	xorl	%ecx,%ecx
+L050ctr32_xor:
+	movups	(%esi,%ecx,1),%xmm1
+	leal	16(%ecx),%ecx
+	pxor	-16(%esp,%ecx,1),%xmm1
+	movups	%xmm1,-16(%edi,%ecx,1)
+	cmpl	%ebx,%ecx
+	jb	L050ctr32_xor
+	movl	8(%ebp),%ecx
+	addl	%ebx,%edi
+	addl	%ebx,%esi
+	subl	%ebx,%ecx
+	movl	$512,%ebx
+	jnz	L048ctr32_loop
+	pxor	%xmm0,%xmm0
+	leal	(%esp),%eax
+L051ctr32_bzero:
+	movaps	%xmm0,(%eax)
+	leal	16(%eax),%eax
+	cmpl	%eax,%ebp
+	ja	L051ctr32_bzero
+L052ctr32_done:
+	movl	16(%ebp),%ebp
+	leal	24(%ebp),%esp
+	movl	$1,%eax
+	leal	4(%esp),%esp
+	emms
+L046ctr32_abort:
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.globl	_padlock_xstore
+.align	4
+_padlock_xstore:
+L_padlock_xstore_begin:
+	pushl	%edi
+	movl	8(%esp),%edi
+	movl	12(%esp),%edx
+.byte	15,167,192
+	popl	%edi
+	ret
+.align	4
+__win32_segv_handler:
+	movl	$1,%eax
+	movl	4(%esp),%edx
+	movl	12(%esp),%ecx
+	cmpl	$3221225477,(%edx)
+	jne	L053ret
+	addl	$4,184(%ecx)
+	movl	$0,%eax
+L053ret:
+	ret
+.globl	_padlock_sha1_oneshot
+.align	4
+_padlock_sha1_oneshot:
+L_padlock_sha1_oneshot_begin:
+	pushl	%edi
+	pushl	%esi
+	xorl	%eax,%eax
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	20(%esp),%ecx
+	movl	%esp,%edx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movl	16(%edi),%eax
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movl	%eax,16(%esp)
+	xorl	%eax,%eax
+.byte	243,15,166,200
+	movaps	(%esp),%xmm0
+	movl	16(%esp),%eax
+	movl	%edx,%esp
+	movl	12(%esp),%edi
+	movups	%xmm0,(%edi)
+	movl	%eax,16(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.globl	_padlock_sha1_blocks
+.align	4
+_padlock_sha1_blocks:
+L_padlock_sha1_blocks_begin:
+	pushl	%edi
+	pushl	%esi
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	%esp,%edx
+	movl	20(%esp),%ecx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movl	16(%edi),%eax
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movl	%eax,16(%esp)
+	movl	$-1,%eax
+.byte	243,15,166,200
+	movaps	(%esp),%xmm0
+	movl	16(%esp),%eax
+	movl	%edx,%esp
+	movl	12(%esp),%edi
+	movups	%xmm0,(%edi)
+	movl	%eax,16(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.globl	_padlock_sha256_oneshot
+.align	4
+_padlock_sha256_oneshot:
+L_padlock_sha256_oneshot_begin:
+	pushl	%edi
+	pushl	%esi
+	xorl	%eax,%eax
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	20(%esp),%ecx
+	movl	%esp,%edx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movups	16(%edi),%xmm1
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movaps	%xmm1,16(%esp)
+	xorl	%eax,%eax
+.byte	243,15,166,208
+	movaps	(%esp),%xmm0
+	movaps	16(%esp),%xmm1
+	movl	%edx,%esp
+	movl	12(%esp),%edi
+	movups	%xmm0,(%edi)
+	movups	%xmm1,16(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.globl	_padlock_sha256_blocks
+.align	4
+_padlock_sha256_blocks:
+L_padlock_sha256_blocks_begin:
+	pushl	%edi
+	pushl	%esi
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	20(%esp),%ecx
+	movl	%esp,%edx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movups	16(%edi),%xmm1
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movaps	%xmm1,16(%esp)
+	movl	$-1,%eax
+.byte	243,15,166,208
+	movaps	(%esp),%xmm0
+	movaps	16(%esp),%xmm1
+	movl	%edx,%esp
+	movl	12(%esp),%edi
+	movups	%xmm0,(%edi)
+	movups	%xmm1,16(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.globl	_padlock_sha512_blocks
+.align	4
+_padlock_sha512_blocks:
+L_padlock_sha512_blocks_begin:
+	pushl	%edi
+	pushl	%esi
+	movl	12(%esp),%edi
+	movl	16(%esp),%esi
+	movl	20(%esp),%ecx
+	movl	%esp,%edx
+	addl	$-128,%esp
+	movups	(%edi),%xmm0
+	andl	$-16,%esp
+	movups	16(%edi),%xmm1
+	movups	32(%edi),%xmm2
+	movups	48(%edi),%xmm3
+	movaps	%xmm0,(%esp)
+	movl	%esp,%edi
+	movaps	%xmm1,16(%esp)
+	movaps	%xmm2,32(%esp)
+	movaps	%xmm3,48(%esp)
+.byte	243,15,166,224
+	movaps	(%esp),%xmm0
+	movaps	16(%esp),%xmm1
+	movaps	32(%esp),%xmm2
+	movaps	48(%esp),%xmm3
+	movl	%edx,%esp
+	movl	12(%esp),%edi
+	movups	%xmm0,(%edi)
+	movups	%xmm1,16(%edi)
+	movups	%xmm2,32(%edi)
+	movups	%xmm3,48(%edi)
+	popl	%esi
+	popl	%edi
+	ret
+.byte	86,73,65,32,80,97,100,108,111,99,107,32,120,56,54,32
+.byte	109,111,100,117,108,101,44,32,67,82,89,80,84,79,71,65
+.byte	77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101
+.byte	110,115,115,108,46,111,114,103,62,0
+.align	4,0x90
+.data
+.align	2,0x90
+Lpadlock_saved_context:
+.long	0
+
diff --git a/lib/accelerated/x86/macosx/e_padlock-x86_64.s b/lib/accelerated/x86/macosx/e_padlock-x86_64.s
new file mode 100644
index 0000000..a73d7a6
--- /dev/null
+++ b/lib/accelerated/x86/macosx/e_padlock-x86_64.s
@@ -0,0 +1,1066 @@
+# Copyright (c) 2011-2013, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+.globl	_padlock_capability
+
+.p2align	4
+_padlock_capability:
+	movq	%rbx,%r8
+	xorl	%eax,%eax
+	cpuid
+	xorl	%eax,%eax
+	cmpl	$1953391939,%ebx
+	jne	L$noluck
+	cmpl	$1215460705,%edx
+	jne	L$noluck
+	cmpl	$1936487777,%ecx
+	jne	L$noluck
+	movl	$3221225472,%eax
+	cpuid
+	movl	%eax,%edx
+	xorl	%eax,%eax
+	cmpl	$3221225473,%edx
+	jb	L$noluck
+	movl	$3221225473,%eax
+	cpuid
+	movl	%edx,%eax
+	andl	$4294967279,%eax
+	orl	$16,%eax
+L$noluck:
+	movq	%r8,%rbx
+	.byte	0xf3,0xc3
+
+
+.globl	_padlock_key_bswap
+
+.p2align	4
+_padlock_key_bswap:
+	movl	240(%rdi),%edx
+L$bswap_loop:
+	movl	(%rdi),%eax
+	bswapl	%eax
+	movl	%eax,(%rdi)
+	leaq	4(%rdi),%rdi
+	subl	$1,%edx
+	jnz	L$bswap_loop
+	.byte	0xf3,0xc3
+
+
+.globl	_padlock_verify_context
+
+.p2align	4
+_padlock_verify_context:
+	movq	%rdi,%rdx
+	pushf
+	leaq	L$padlock_saved_context(%rip),%rax
+	call	_padlock_verify_ctx
+	leaq	8(%rsp),%rsp
+	.byte	0xf3,0xc3
+
+
+
+.p2align	4
+_padlock_verify_ctx:
+	movq	8(%rsp),%r8
+	btq	$30,%r8
+	jnc	L$verified
+	cmpq	(%rax),%rdx
+	je	L$verified
+	pushf
+	popf
+L$verified:
+	movq	%rdx,(%rax)
+	.byte	0xf3,0xc3
+
+
+.globl	_padlock_reload_key
+
+.p2align	4
+_padlock_reload_key:
+	pushf
+	popf
+	.byte	0xf3,0xc3
+
+
+.globl	_padlock_aes_block
+
+.p2align	4
+_padlock_aes_block:
+	movq	%rbx,%r8
+	movq	$1,%rcx
+	leaq	32(%rdx),%rbx
+	leaq	16(%rdx),%rdx
+.byte	0xf3,0x0f,0xa7,0xc8	
+	movq	%r8,%rbx
+	.byte	0xf3,0xc3
+
+
+.globl	_padlock_xstore
+
+.p2align	4
+_padlock_xstore:
+	movl	%esi,%edx
+.byte	0x0f,0xa7,0xc0		
+	.byte	0xf3,0xc3
+
+
+.globl	_padlock_sha1_oneshot
+
+.p2align	4
+_padlock_sha1_oneshot:
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movl	16(%rdi),%eax
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movl	%eax,16(%rsp)
+	xorq	%rax,%rax
+.byte	0xf3,0x0f,0xa6,0xc8	
+	movaps	(%rsp),%xmm0
+	movl	16(%rsp),%eax
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movl	%eax,16(%rdx)
+	.byte	0xf3,0xc3
+
+
+.globl	_padlock_sha1_blocks
+
+.p2align	4
+_padlock_sha1_blocks:
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movl	16(%rdi),%eax
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movl	%eax,16(%rsp)
+	movq	$-1,%rax
+.byte	0xf3,0x0f,0xa6,0xc8	
+	movaps	(%rsp),%xmm0
+	movl	16(%rsp),%eax
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movl	%eax,16(%rdx)
+	.byte	0xf3,0xc3
+
+
+.globl	_padlock_sha256_oneshot
+
+.p2align	4
+_padlock_sha256_oneshot:
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movups	16(%rdi),%xmm1
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movaps	%xmm1,16(%rsp)
+	xorq	%rax,%rax
+.byte	0xf3,0x0f,0xa6,0xd0	
+	movaps	(%rsp),%xmm0
+	movaps	16(%rsp),%xmm1
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movups	%xmm1,16(%rdx)
+	.byte	0xf3,0xc3
+
+
+.globl	_padlock_sha256_blocks
+
+.p2align	4
+_padlock_sha256_blocks:
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movups	16(%rdi),%xmm1
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movaps	%xmm1,16(%rsp)
+	movq	$-1,%rax
+.byte	0xf3,0x0f,0xa6,0xd0	
+	movaps	(%rsp),%xmm0
+	movaps	16(%rsp),%xmm1
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movups	%xmm1,16(%rdx)
+	.byte	0xf3,0xc3
+
+
+.globl	_padlock_sha512_blocks
+
+.p2align	4
+_padlock_sha512_blocks:
+	movq	%rdx,%rcx
+	movq	%rdi,%rdx
+	movups	(%rdi),%xmm0
+	subq	$128+8,%rsp
+	movups	16(%rdi),%xmm1
+	movups	32(%rdi),%xmm2
+	movups	48(%rdi),%xmm3
+	movaps	%xmm0,(%rsp)
+	movq	%rsp,%rdi
+	movaps	%xmm1,16(%rsp)
+	movaps	%xmm2,32(%rsp)
+	movaps	%xmm3,48(%rsp)
+.byte	0xf3,0x0f,0xa6,0xe0	
+	movaps	(%rsp),%xmm0
+	movaps	16(%rsp),%xmm1
+	movaps	32(%rsp),%xmm2
+	movaps	48(%rsp),%xmm3
+	addq	$128+8,%rsp
+	movups	%xmm0,(%rdx)
+	movups	%xmm1,16(%rdx)
+	movups	%xmm2,32(%rdx)
+	movups	%xmm3,48(%rdx)
+	.byte	0xf3,0xc3
+
+.globl	_padlock_ecb_encrypt
+
+.p2align	4
+_padlock_ecb_encrypt:
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	L$ecb_abort
+	testq	$15,%rcx
+	jnz	L$ecb_abort
+	leaq	L$padlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	L$ecb_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	L$ecb_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+	cmpq	%rbx,%rcx
+	ja	L$ecb_loop
+	movq	%rsi,%rax
+	cmpq	%rsp,%rbp
+	cmoveq	%rdi,%rax
+	addq	%rcx,%rax
+	negq	%rax
+	andq	$4095,%rax
+	cmpq	$128,%rax
+	movq	$-128,%rax
+	cmovaeq	%rbx,%rax
+	andq	%rax,%rbx
+	jz	L$ecb_unaligned_tail
+	jmp	L$ecb_loop
+.p2align	4
+L$ecb_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	L$ecb_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+L$ecb_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,200	
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	L$ecb_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+L$ecb_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jz	L$ecb_break
+	cmpq	%rbx,%rcx
+	jae	L$ecb_loop
+L$ecb_unaligned_tail:
+	xorl	%eax,%eax
+	cmpq	%rsp,%rbp
+	cmoveq	%rcx,%rax
+	movq	%rdi,%r8
+	movq	%rcx,%rbx
+	subq	%rax,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	movq	%rsp,%rsi
+	movq	%r8,%rdi
+	movq	%rbx,%rcx
+	jmp	L$ecb_loop
+.p2align	4
+L$ecb_break:
+	cmpq	%rbp,%rsp
+	je	L$ecb_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+L$ecb_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	L$ecb_bzero
+
+L$ecb_done:
+	leaq	(%rbp),%rsp
+	jmp	L$ecb_exit
+
+.p2align	4
+L$ecb_aligned:
+	leaq	(%rsi,%rcx,1),%rbp
+	negq	%rbp
+	andq	$4095,%rbp
+	xorl	%eax,%eax
+	cmpq	$128,%rbp
+	movq	$128-1,%rbp
+	cmovaeq	%rax,%rbp
+	andq	%rcx,%rbp
+	subq	%rbp,%rcx
+	jz	L$ecb_aligned_tail
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,200	
+	testq	%rbp,%rbp
+	jz	L$ecb_exit
+
+L$ecb_aligned_tail:
+	movq	%rdi,%r8
+	movq	%rbp,%rbx
+	movq	%rbp,%rcx
+	leaq	(%rsp),%rbp
+	subq	%rcx,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	leaq	(%r8),%rdi
+	leaq	(%rsp),%rsi
+	movq	%rbx,%rcx
+	jmp	L$ecb_loop
+L$ecb_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+L$ecb_abort:
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+
+.globl	_padlock_cbc_encrypt
+
+.p2align	4
+_padlock_cbc_encrypt:
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	L$cbc_abort
+	testq	$15,%rcx
+	jnz	L$cbc_abort
+	leaq	L$padlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	L$cbc_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	L$cbc_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+	cmpq	%rbx,%rcx
+	ja	L$cbc_loop
+	movq	%rsi,%rax
+	cmpq	%rsp,%rbp
+	cmoveq	%rdi,%rax
+	addq	%rcx,%rax
+	negq	%rax
+	andq	$4095,%rax
+	cmpq	$64,%rax
+	movq	$-64,%rax
+	cmovaeq	%rbx,%rax
+	andq	%rax,%rbx
+	jz	L$cbc_unaligned_tail
+	jmp	L$cbc_loop
+.p2align	4
+L$cbc_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	L$cbc_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+L$cbc_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,208	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	L$cbc_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+L$cbc_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jz	L$cbc_break
+	cmpq	%rbx,%rcx
+	jae	L$cbc_loop
+L$cbc_unaligned_tail:
+	xorl	%eax,%eax
+	cmpq	%rsp,%rbp
+	cmoveq	%rcx,%rax
+	movq	%rdi,%r8
+	movq	%rcx,%rbx
+	subq	%rax,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	movq	%rsp,%rsi
+	movq	%r8,%rdi
+	movq	%rbx,%rcx
+	jmp	L$cbc_loop
+.p2align	4
+L$cbc_break:
+	cmpq	%rbp,%rsp
+	je	L$cbc_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+L$cbc_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	L$cbc_bzero
+
+L$cbc_done:
+	leaq	(%rbp),%rsp
+	jmp	L$cbc_exit
+
+.p2align	4
+L$cbc_aligned:
+	leaq	(%rsi,%rcx,1),%rbp
+	negq	%rbp
+	andq	$4095,%rbp
+	xorl	%eax,%eax
+	cmpq	$64,%rbp
+	movq	$64-1,%rbp
+	cmovaeq	%rax,%rbp
+	andq	%rcx,%rbp
+	subq	%rbp,%rcx
+	jz	L$cbc_aligned_tail
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,208	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+	testq	%rbp,%rbp
+	jz	L$cbc_exit
+
+L$cbc_aligned_tail:
+	movq	%rdi,%r8
+	movq	%rbp,%rbx
+	movq	%rbp,%rcx
+	leaq	(%rsp),%rbp
+	subq	%rcx,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	leaq	(%r8),%rdi
+	leaq	(%rsp),%rsi
+	movq	%rbx,%rcx
+	jmp	L$cbc_loop
+L$cbc_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+L$cbc_abort:
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+
+.globl	_padlock_cfb_encrypt
+
+.p2align	4
+_padlock_cfb_encrypt:
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	L$cfb_abort
+	testq	$15,%rcx
+	jnz	L$cfb_abort
+	leaq	L$padlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	L$cfb_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	L$cfb_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+	jmp	L$cfb_loop
+.p2align	4
+L$cfb_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	L$cfb_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+L$cfb_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,224	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	L$cfb_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+L$cfb_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jnz	L$cfb_loop
+	cmpq	%rbp,%rsp
+	je	L$cfb_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+L$cfb_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	L$cfb_bzero
+
+L$cfb_done:
+	leaq	(%rbp),%rsp
+	jmp	L$cfb_exit
+
+.p2align	4
+L$cfb_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,224	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+L$cfb_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+L$cfb_abort:
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+
+.globl	_padlock_ofb_encrypt
+
+.p2align	4
+_padlock_ofb_encrypt:
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	L$ofb_abort
+	testq	$15,%rcx
+	jnz	L$ofb_abort
+	leaq	L$padlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	L$ofb_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	L$ofb_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+	jmp	L$ofb_loop
+.p2align	4
+L$ofb_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	L$ofb_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+L$ofb_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,232	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	L$ofb_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+L$ofb_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jnz	L$ofb_loop
+	cmpq	%rbp,%rsp
+	je	L$ofb_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+L$ofb_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	L$ofb_bzero
+
+L$ofb_done:
+	leaq	(%rbp),%rsp
+	jmp	L$ofb_exit
+
+.p2align	4
+L$ofb_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,232	
+	movdqa	(%rax),%xmm0
+	movdqa	%xmm0,-16(%rdx)
+L$ofb_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+L$ofb_abort:
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+
+.globl	_padlock_ctr32_encrypt
+
+.p2align	4
+_padlock_ctr32_encrypt:
+	pushq	%rbp
+	pushq	%rbx
+
+	xorl	%eax,%eax
+	testq	$15,%rdx
+	jnz	L$ctr32_abort
+	testq	$15,%rcx
+	jnz	L$ctr32_abort
+	leaq	L$padlock_saved_context(%rip),%rax
+	pushf
+	cld
+	call	_padlock_verify_ctx
+	leaq	16(%rdx),%rdx
+	xorl	%eax,%eax
+	xorl	%ebx,%ebx
+	testl	$32,(%rdx)
+	jnz	L$ctr32_aligned
+	testq	$15,%rdi
+	setz	%al
+	testq	$15,%rsi
+	setz	%bl
+	testl	%ebx,%eax
+	jnz	L$ctr32_aligned
+	negq	%rax
+	movq	$512,%rbx
+	notq	%rax
+	leaq	(%rsp),%rbp
+	cmpq	%rbx,%rcx
+	cmovcq	%rcx,%rbx
+	andq	%rbx,%rax
+	movq	%rcx,%rbx
+	negq	%rax
+	andq	$512-1,%rbx
+	leaq	(%rax,%rbp,1),%rsp
+	movq	$512,%rax
+	cmovzq	%rax,%rbx
+L$ctr32_reenter:
+	movl	-4(%rdx),%eax
+	bswapl	%eax
+	negl	%eax
+	andl	$31,%eax
+	movq	$512,%rbx
+	shll	$4,%eax
+	cmovzq	%rbx,%rax
+	cmpq	%rax,%rcx
+	cmovaq	%rax,%rbx
+	cmovbeq	%rcx,%rbx
+	cmpq	%rbx,%rcx
+	ja	L$ctr32_loop
+	movq	%rsi,%rax
+	cmpq	%rsp,%rbp
+	cmoveq	%rdi,%rax
+	addq	%rcx,%rax
+	negq	%rax
+	andq	$4095,%rax
+	cmpq	$32,%rax
+	movq	$-32,%rax
+	cmovaeq	%rbx,%rax
+	andq	%rax,%rbx
+	jz	L$ctr32_unaligned_tail
+	jmp	L$ctr32_loop
+.p2align	4
+L$ctr32_loop:
+	cmpq	%rcx,%rbx
+	cmovaq	%rcx,%rbx
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+	testq	$15,%rdi
+	cmovnzq	%rsp,%rdi
+	testq	$15,%rsi
+	jz	L$ctr32_inp_aligned
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+	movq	%rbx,%rcx
+	movq	%rdi,%rsi
+L$ctr32_inp_aligned:
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,216	
+	movl	-4(%rdx),%eax
+	testl	$4294901760,%eax
+	jnz	L$ctr32_no_carry
+	bswapl	%eax
+	addl	$65536,%eax
+	bswapl	%eax
+	movl	%eax,-4(%rdx)
+L$ctr32_no_carry:
+	movq	%r8,%rdi
+	movq	%r11,%rbx
+	testq	$15,%rdi
+	jz	L$ctr32_out_aligned
+	movq	%rbx,%rcx
+	leaq	(%rsp),%rsi
+	shrq	$3,%rcx
+.byte	0xf3,0x48,0xa5		
+	subq	%rbx,%rdi
+L$ctr32_out_aligned:
+	movq	%r9,%rsi
+	movq	%r10,%rcx
+	addq	%rbx,%rdi
+	addq	%rbx,%rsi
+	subq	%rbx,%rcx
+	movq	$512,%rbx
+	jz	L$ctr32_break
+	cmpq	%rbx,%rcx
+	jae	L$ctr32_loop
+	movq	%rcx,%rbx
+	movq	%rsi,%rax
+	cmpq	%rsp,%rbp
+	cmoveq	%rdi,%rax
+	addq	%rcx,%rax
+	negq	%rax
+	andq	$4095,%rax
+	cmpq	$32,%rax
+	movq	$-32,%rax
+	cmovaeq	%rbx,%rax
+	andq	%rax,%rbx
+	jnz	L$ctr32_loop
+L$ctr32_unaligned_tail:
+	xorl	%eax,%eax
+	cmpq	%rsp,%rbp
+	cmoveq	%rcx,%rax
+	movq	%rdi,%r8
+	movq	%rcx,%rbx
+	subq	%rax,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	movq	%rsp,%rsi
+	movq	%r8,%rdi
+	movq	%rbx,%rcx
+	jmp	L$ctr32_loop
+.p2align	4
+L$ctr32_break:
+	cmpq	%rbp,%rsp
+	je	L$ctr32_done
+
+	pxor	%xmm0,%xmm0
+	leaq	(%rsp),%rax
+L$ctr32_bzero:
+	movaps	%xmm0,(%rax)
+	leaq	16(%rax),%rax
+	cmpq	%rax,%rbp
+	ja	L$ctr32_bzero
+
+L$ctr32_done:
+	leaq	(%rbp),%rsp
+	jmp	L$ctr32_exit
+
+.p2align	4
+L$ctr32_aligned:
+	movl	-4(%rdx),%eax
+	bswapl	%eax
+	negl	%eax
+	andl	$65535,%eax
+	movq	$1048576,%rbx
+	shll	$4,%eax
+	cmovzq	%rbx,%rax
+	cmpq	%rax,%rcx
+	cmovaq	%rax,%rbx
+	cmovbeq	%rcx,%rbx
+	jbe	L$ctr32_aligned_skip
+
+L$ctr32_aligned_loop:
+	movq	%rcx,%r10
+	movq	%rbx,%rcx
+	movq	%rbx,%r11
+
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,216	
+
+	movl	-4(%rdx),%eax
+	bswapl	%eax
+	addl	$65536,%eax
+	bswapl	%eax
+	movl	%eax,-4(%rdx)
+
+	movq	%r10,%rcx
+	subq	%r11,%rcx
+	movq	$1048576,%rbx
+	jz	L$ctr32_exit
+	cmpq	%rbx,%rcx
+	jae	L$ctr32_aligned_loop
+
+L$ctr32_aligned_skip:
+	leaq	(%rsi,%rcx,1),%rbp
+	negq	%rbp
+	andq	$4095,%rbp
+	xorl	%eax,%eax
+	cmpq	$32,%rbp
+	movq	$32-1,%rbp
+	cmovaeq	%rax,%rbp
+	andq	%rcx,%rbp
+	subq	%rbp,%rcx
+	jz	L$ctr32_aligned_tail
+	leaq	-16(%rdx),%rax
+	leaq	16(%rdx),%rbx
+	shrq	$4,%rcx
+.byte	0xf3,0x0f,0xa7,216	
+	testq	%rbp,%rbp
+	jz	L$ctr32_exit
+
+L$ctr32_aligned_tail:
+	movq	%rdi,%r8
+	movq	%rbp,%rbx
+	movq	%rbp,%rcx
+	leaq	(%rsp),%rbp
+	subq	%rcx,%rsp
+	shrq	$3,%rcx
+	leaq	(%rsp),%rdi
+.byte	0xf3,0x48,0xa5		
+	leaq	(%r8),%rdi
+	leaq	(%rsp),%rsi
+	movq	%rbx,%rcx
+	jmp	L$ctr32_loop
+L$ctr32_exit:
+	movl	$1,%eax
+	leaq	8(%rsp),%rsp
+L$ctr32_abort:
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+
+.byte	86,73,65,32,80,97,100,108,111,99,107,32,120,56,54,95,54,52,32,109,111,100,117,108,101,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.p2align	4
+.data	
+.p2align	3
+L$padlock_saved_context:
+.quad	0
+
diff --git a/lib/accelerated/x86/macosx/ghash-x86_64.s b/lib/accelerated/x86/macosx/ghash-x86_64.s
new file mode 100644
index 0000000..a715212
--- /dev/null
+++ b/lib/accelerated/x86/macosx/ghash-x86_64.s
@@ -0,0 +1,1875 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+.globl	_gcm_gmult_4bit
+
+.p2align	4
+_gcm_gmult_4bit:
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	subq	$280,%rsp
+
+L$gmult_prologue:
+
+	movzbq	15(%rdi),%r8
+	leaq	L$rem_4bit(%rip),%r11
+	xorq	%rax,%rax
+	xorq	%rbx,%rbx
+	movb	%r8b,%al
+	movb	%r8b,%bl
+	shlb	$4,%al
+	movq	$14,%rcx
+	movq	8(%rsi,%rax,1),%r8
+	movq	(%rsi,%rax,1),%r9
+	andb	$0xf0,%bl
+	movq	%r8,%rdx
+	jmp	L$oop1
+
+.p2align	4
+L$oop1:
+	shrq	$4,%r8
+	andq	$0xf,%rdx
+	movq	%r9,%r10
+	movb	(%rdi,%rcx,1),%al
+	shrq	$4,%r9
+	xorq	8(%rsi,%rbx,1),%r8
+	shlq	$60,%r10
+	xorq	(%rsi,%rbx,1),%r9
+	movb	%al,%bl
+	xorq	(%r11,%rdx,8),%r9
+	movq	%r8,%rdx
+	shlb	$4,%al
+	xorq	%r10,%r8
+	decq	%rcx
+	js	L$break1
+
+	shrq	$4,%r8
+	andq	$0xf,%rdx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	xorq	8(%rsi,%rax,1),%r8
+	shlq	$60,%r10
+	xorq	(%rsi,%rax,1),%r9
+	andb	$0xf0,%bl
+	xorq	(%r11,%rdx,8),%r9
+	movq	%r8,%rdx
+	xorq	%r10,%r8
+	jmp	L$oop1
+
+.p2align	4
+L$break1:
+	shrq	$4,%r8
+	andq	$0xf,%rdx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	xorq	8(%rsi,%rax,1),%r8
+	shlq	$60,%r10
+	xorq	(%rsi,%rax,1),%r9
+	andb	$0xf0,%bl
+	xorq	(%r11,%rdx,8),%r9
+	movq	%r8,%rdx
+	xorq	%r10,%r8
+
+	shrq	$4,%r8
+	andq	$0xf,%rdx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	xorq	8(%rsi,%rbx,1),%r8
+	shlq	$60,%r10
+	xorq	(%rsi,%rbx,1),%r9
+	xorq	%r10,%r8
+	xorq	(%r11,%rdx,8),%r9
+
+	bswapq	%r8
+	bswapq	%r9
+	movq	%r8,8(%rdi)
+	movq	%r9,(%rdi)
+
+	leaq	280+48(%rsp),%rsi
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+L$gmult_epilogue:
+	.byte	0xf3,0xc3
+
+
+.globl	_gcm_ghash_4bit
+
+.p2align	4
+_gcm_ghash_4bit:
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	subq	$280,%rsp
+
+L$ghash_prologue:
+	movq	%rdx,%r14
+	movq	%rcx,%r15
+	subq	$-128,%rsi
+	leaq	16+128(%rsp),%rbp
+	xorl	%edx,%edx
+	movq	0+0-128(%rsi),%r8
+	movq	0+8-128(%rsi),%rax
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	16+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	16+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,0(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,0(%rbp)
+	movq	32+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,0-128(%rbp)
+	movq	32+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,1(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,8(%rbp)
+	movq	48+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,8-128(%rbp)
+	movq	48+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,2(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,16(%rbp)
+	movq	64+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,16-128(%rbp)
+	movq	64+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,3(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,24(%rbp)
+	movq	80+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,24-128(%rbp)
+	movq	80+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,4(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,32(%rbp)
+	movq	96+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,32-128(%rbp)
+	movq	96+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,5(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,40(%rbp)
+	movq	112+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,40-128(%rbp)
+	movq	112+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,6(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,48(%rbp)
+	movq	128+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,48-128(%rbp)
+	movq	128+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,7(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,56(%rbp)
+	movq	144+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,56-128(%rbp)
+	movq	144+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,8(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,64(%rbp)
+	movq	160+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,64-128(%rbp)
+	movq	160+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,9(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,72(%rbp)
+	movq	176+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,72-128(%rbp)
+	movq	176+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,10(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,80(%rbp)
+	movq	192+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,80-128(%rbp)
+	movq	192+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,11(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,88(%rbp)
+	movq	208+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,88-128(%rbp)
+	movq	208+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,12(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,96(%rbp)
+	movq	224+0-128(%rsi),%r8
+	shlb	$4,%dl
+	movq	%rax,96-128(%rbp)
+	movq	224+8-128(%rsi),%rax
+	shlq	$60,%r10
+	movb	%dl,13(%rsp)
+	orq	%r10,%rbx
+	movb	%al,%dl
+	shrq	$4,%rax
+	movq	%r8,%r10
+	shrq	$4,%r8
+	movq	%r9,104(%rbp)
+	movq	240+0-128(%rsi),%r9
+	shlb	$4,%dl
+	movq	%rbx,104-128(%rbp)
+	movq	240+8-128(%rsi),%rbx
+	shlq	$60,%r10
+	movb	%dl,14(%rsp)
+	orq	%r10,%rax
+	movb	%bl,%dl
+	shrq	$4,%rbx
+	movq	%r9,%r10
+	shrq	$4,%r9
+	movq	%r8,112(%rbp)
+	shlb	$4,%dl
+	movq	%rax,112-128(%rbp)
+	shlq	$60,%r10
+	movb	%dl,15(%rsp)
+	orq	%r10,%rbx
+	movq	%r9,120(%rbp)
+	movq	%rbx,120-128(%rbp)
+	addq	$-128,%rsi
+	movq	8(%rdi),%r8
+	movq	0(%rdi),%r9
+	addq	%r14,%r15
+	leaq	L$rem_8bit(%rip),%r11
+	jmp	L$outer_loop
+.p2align	4
+L$outer_loop:
+	xorq	(%r14),%r9
+	movq	8(%r14),%rdx
+	leaq	16(%r14),%r14
+	xorq	%r8,%rdx
+	movq	%r9,(%rdi)
+	movq	%rdx,8(%rdi)
+	shrq	$32,%rdx
+	xorq	%rax,%rax
+	roll	$8,%edx
+	movb	%dl,%al
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	shrl	$4,%ebx
+	roll	$8,%edx
+	movq	8(%rsi,%rax,1),%r8
+	movq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	movl	8(%rdi),%edx
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	movl	4(%rdi),%edx
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	movl	0(%rdi),%edx
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	shrl	$4,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r12,2),%r12
+	movzbl	%dl,%ebx
+	shlb	$4,%al
+	movzbq	(%rsp,%rcx,1),%r13
+	shrl	$4,%ebx
+	shlq	$48,%r12
+	xorq	%r8,%r13
+	movq	%r9,%r10
+	xorq	%r12,%r9
+	shrq	$8,%r8
+	movzbq	%r13b,%r13
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rcx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rcx,8),%r9
+	roll	$8,%edx
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	movb	%dl,%al
+	xorq	%r10,%r8
+	movzwq	(%r11,%r13,2),%r13
+	movzbl	%dl,%ecx
+	shlb	$4,%al
+	movzbq	(%rsp,%rbx,1),%r12
+	andl	$240,%ecx
+	shlq	$48,%r13
+	xorq	%r8,%r12
+	movq	%r9,%r10
+	xorq	%r13,%r9
+	shrq	$8,%r8
+	movzbq	%r12b,%r12
+	movl	-4(%rdi),%edx
+	shrq	$8,%r9
+	xorq	-128(%rbp,%rbx,8),%r8
+	shlq	$56,%r10
+	xorq	(%rbp,%rbx,8),%r9
+	movzwq	(%r11,%r12,2),%r12
+	xorq	8(%rsi,%rax,1),%r8
+	xorq	(%rsi,%rax,1),%r9
+	shlq	$48,%r12
+	xorq	%r10,%r8
+	xorq	%r12,%r9
+	movzbq	%r8b,%r13
+	shrq	$4,%r8
+	movq	%r9,%r10
+	shlb	$4,%r13b
+	shrq	$4,%r9
+	xorq	8(%rsi,%rcx,1),%r8
+	movzwq	(%r11,%r13,2),%r13
+	shlq	$60,%r10
+	xorq	(%rsi,%rcx,1),%r9
+	xorq	%r10,%r8
+	shlq	$48,%r13
+	bswapq	%r8
+	xorq	%r13,%r9
+	bswapq	%r9
+	cmpq	%r15,%r14
+	jb	L$outer_loop
+	movq	%r8,8(%rdi)
+	movq	%r9,(%rdi)
+
+	leaq	280+48(%rsp),%rsi
+
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	0(%rsi),%rsp
+
+L$ghash_epilogue:
+	.byte	0xf3,0xc3
+
+
+.globl	_gcm_init_clmul
+
+.p2align	4
+_gcm_init_clmul:
+
+L$_init_clmul:
+	movdqu	(%rsi),%xmm2
+	pshufd	$78,%xmm2,%xmm2
+
+
+	pshufd	$255,%xmm2,%xmm4
+	movdqa	%xmm2,%xmm3
+	psllq	$1,%xmm2
+	pxor	%xmm5,%xmm5
+	psrlq	$63,%xmm3
+	pcmpgtd	%xmm4,%xmm5
+	pslldq	$8,%xmm3
+	por	%xmm3,%xmm2
+
+
+	pand	L$0x1c2_polynomial(%rip),%xmm5
+	pxor	%xmm5,%xmm2
+
+
+	pshufd	$78,%xmm2,%xmm6
+	movdqa	%xmm2,%xmm0
+	pxor	%xmm2,%xmm6
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,222,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	pshufd	$78,%xmm2,%xmm3
+	pshufd	$78,%xmm0,%xmm4
+	pxor	%xmm2,%xmm3
+	movdqu	%xmm2,0(%rdi)
+	pxor	%xmm0,%xmm4
+	movdqu	%xmm0,16(%rdi)
+.byte	102,15,58,15,227,8
+	movdqu	%xmm4,32(%rdi)
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,222,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	movdqa	%xmm0,%xmm5
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,222,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	pshufd	$78,%xmm5,%xmm3
+	pshufd	$78,%xmm0,%xmm4
+	pxor	%xmm5,%xmm3
+	movdqu	%xmm5,48(%rdi)
+	pxor	%xmm0,%xmm4
+	movdqu	%xmm0,64(%rdi)
+.byte	102,15,58,15,227,8
+	movdqu	%xmm4,80(%rdi)
+	.byte	0xf3,0xc3
+
+
+.globl	_gcm_gmult_clmul
+
+.p2align	4
+_gcm_gmult_clmul:
+
+L$_gmult_clmul:
+	movdqu	(%rdi),%xmm0
+	movdqa	L$bswap_mask(%rip),%xmm5
+	movdqu	(%rsi),%xmm2
+	movdqu	32(%rsi),%xmm4
+.byte	102,15,56,0,197
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,220,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+.byte	102,15,56,0,197
+	movdqu	%xmm0,(%rdi)
+	.byte	0xf3,0xc3
+
+
+.globl	_gcm_ghash_clmul
+
+.p2align	5
+_gcm_ghash_clmul:
+
+L$_ghash_clmul:
+	movdqa	L$bswap_mask(%rip),%xmm10
+
+	movdqu	(%rdi),%xmm0
+	movdqu	(%rsi),%xmm2
+	movdqu	32(%rsi),%xmm7
+.byte	102,65,15,56,0,194
+
+	subq	$0x10,%rcx
+	jz	L$odd_tail
+
+	movdqu	16(%rsi),%xmm6
+	movl	_GNUTLS_x86_cpuid_s+4(%rip),%eax
+	cmpq	$0x30,%rcx
+	jb	L$skip4x
+
+	andl	$71303168,%eax
+	cmpl	$4194304,%eax
+	je	L$skip4x
+
+	subq	$0x30,%rcx
+	movq	$0xA040608020C0E000,%rax
+	movdqu	48(%rsi),%xmm14
+	movdqu	64(%rsi),%xmm15
+
+
+
+
+	movdqu	48(%rdx),%xmm3
+	movdqu	32(%rdx),%xmm11
+.byte	102,65,15,56,0,218
+.byte	102,69,15,56,0,218
+	movdqa	%xmm3,%xmm5
+	pshufd	$78,%xmm3,%xmm4
+	pxor	%xmm3,%xmm4
+.byte	102,15,58,68,218,0
+.byte	102,15,58,68,234,17
+.byte	102,15,58,68,231,0
+
+	movdqa	%xmm11,%xmm13
+	pshufd	$78,%xmm11,%xmm12
+	pxor	%xmm11,%xmm12
+.byte	102,68,15,58,68,222,0
+.byte	102,68,15,58,68,238,17
+.byte	102,68,15,58,68,231,16
+	xorps	%xmm11,%xmm3
+	xorps	%xmm13,%xmm5
+	movups	80(%rsi),%xmm7
+	xorps	%xmm12,%xmm4
+
+	movdqu	16(%rdx),%xmm11
+	movdqu	0(%rdx),%xmm8
+.byte	102,69,15,56,0,218
+.byte	102,69,15,56,0,194
+	movdqa	%xmm11,%xmm13
+	pshufd	$78,%xmm11,%xmm12
+	pxor	%xmm8,%xmm0
+	pxor	%xmm11,%xmm12
+.byte	102,69,15,58,68,222,0
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm8
+	pxor	%xmm0,%xmm8
+.byte	102,69,15,58,68,238,17
+.byte	102,68,15,58,68,231,0
+	xorps	%xmm11,%xmm3
+	xorps	%xmm13,%xmm5
+
+	leaq	64(%rdx),%rdx
+	subq	$0x40,%rcx
+	jc	L$tail4x
+
+	jmp	L$mod4_loop
+.p2align	5
+L$mod4_loop:
+.byte	102,65,15,58,68,199,0
+	xorps	%xmm12,%xmm4
+	movdqu	48(%rdx),%xmm11
+.byte	102,69,15,56,0,218
+.byte	102,65,15,58,68,207,17
+	xorps	%xmm3,%xmm0
+	movdqu	32(%rdx),%xmm3
+	movdqa	%xmm11,%xmm13
+.byte	102,68,15,58,68,199,16
+	pshufd	$78,%xmm11,%xmm12
+	xorps	%xmm5,%xmm1
+	pxor	%xmm11,%xmm12
+.byte	102,65,15,56,0,218
+	movups	32(%rsi),%xmm7
+	xorps	%xmm4,%xmm8
+.byte	102,68,15,58,68,218,0
+	pshufd	$78,%xmm3,%xmm4
+
+	pxor	%xmm0,%xmm8
+	movdqa	%xmm3,%xmm5
+	pxor	%xmm1,%xmm8
+	pxor	%xmm3,%xmm4
+	movdqa	%xmm8,%xmm9
+.byte	102,68,15,58,68,234,17
+	pslldq	$8,%xmm8
+	psrldq	$8,%xmm9
+	pxor	%xmm8,%xmm0
+	movdqa	L$7_mask(%rip),%xmm8
+	pxor	%xmm9,%xmm1
+.byte	102,76,15,110,200
+
+	pand	%xmm0,%xmm8
+.byte	102,69,15,56,0,200
+	pxor	%xmm0,%xmm9
+.byte	102,68,15,58,68,231,0
+	psllq	$57,%xmm9
+	movdqa	%xmm9,%xmm8
+	pslldq	$8,%xmm9
+.byte	102,15,58,68,222,0
+	psrldq	$8,%xmm8
+	pxor	%xmm9,%xmm0
+	pxor	%xmm8,%xmm1
+	movdqu	0(%rdx),%xmm8
+
+	movdqa	%xmm0,%xmm9
+	psrlq	$1,%xmm0
+.byte	102,15,58,68,238,17
+	xorps	%xmm11,%xmm3
+	movdqu	16(%rdx),%xmm11
+.byte	102,69,15,56,0,218
+.byte	102,15,58,68,231,16
+	xorps	%xmm13,%xmm5
+	movups	80(%rsi),%xmm7
+.byte	102,69,15,56,0,194
+	pxor	%xmm9,%xmm1
+	pxor	%xmm0,%xmm9
+	psrlq	$5,%xmm0
+
+	movdqa	%xmm11,%xmm13
+	pxor	%xmm12,%xmm4
+	pshufd	$78,%xmm11,%xmm12
+	pxor	%xmm9,%xmm0
+	pxor	%xmm8,%xmm1
+	pxor	%xmm11,%xmm12
+.byte	102,69,15,58,68,222,0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	movdqa	%xmm0,%xmm1
+.byte	102,69,15,58,68,238,17
+	xorps	%xmm11,%xmm3
+	pshufd	$78,%xmm0,%xmm8
+	pxor	%xmm0,%xmm8
+
+.byte	102,68,15,58,68,231,0
+	xorps	%xmm13,%xmm5
+
+	leaq	64(%rdx),%rdx
+	subq	$0x40,%rcx
+	jnc	L$mod4_loop
+
+L$tail4x:
+.byte	102,65,15,58,68,199,0
+.byte	102,65,15,58,68,207,17
+.byte	102,68,15,58,68,199,16
+	xorps	%xmm12,%xmm4
+	xorps	%xmm3,%xmm0
+	xorps	%xmm5,%xmm1
+	pxor	%xmm0,%xmm1
+	pxor	%xmm4,%xmm8
+
+	pxor	%xmm1,%xmm8
+	pxor	%xmm0,%xmm1
+
+	movdqa	%xmm8,%xmm9
+	psrldq	$8,%xmm8
+	pslldq	$8,%xmm9
+	pxor	%xmm8,%xmm1
+	pxor	%xmm9,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	addq	$0x40,%rcx
+	jz	L$done
+	movdqu	32(%rsi),%xmm7
+	subq	$0x10,%rcx
+	jz	L$odd_tail
+L$skip4x:
+
+
+
+
+
+	movdqu	(%rdx),%xmm8
+	movdqu	16(%rdx),%xmm3
+.byte	102,69,15,56,0,194
+.byte	102,65,15,56,0,218
+	pxor	%xmm8,%xmm0
+
+	movdqa	%xmm3,%xmm5
+	pshufd	$78,%xmm3,%xmm4
+	pxor	%xmm3,%xmm4
+.byte	102,15,58,68,218,0
+.byte	102,15,58,68,234,17
+.byte	102,15,58,68,231,0
+
+	leaq	32(%rdx),%rdx
+	nop
+	subq	$0x20,%rcx
+	jbe	L$even_tail
+	nop
+	jmp	L$mod_loop
+
+.p2align	5
+L$mod_loop:
+	movdqa	%xmm0,%xmm1
+	movdqa	%xmm4,%xmm8
+	pshufd	$78,%xmm0,%xmm4
+	pxor	%xmm0,%xmm4
+
+.byte	102,15,58,68,198,0
+.byte	102,15,58,68,206,17
+.byte	102,15,58,68,231,16
+
+	pxor	%xmm3,%xmm0
+	pxor	%xmm5,%xmm1
+	movdqu	(%rdx),%xmm9
+	pxor	%xmm0,%xmm8
+.byte	102,69,15,56,0,202
+	movdqu	16(%rdx),%xmm3
+
+	pxor	%xmm1,%xmm8
+	pxor	%xmm9,%xmm1
+	pxor	%xmm8,%xmm4
+.byte	102,65,15,56,0,218
+	movdqa	%xmm4,%xmm8
+	psrldq	$8,%xmm8
+	pslldq	$8,%xmm4
+	pxor	%xmm8,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm3,%xmm5
+
+	movdqa	%xmm0,%xmm9
+	movdqa	%xmm0,%xmm8
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm8
+.byte	102,15,58,68,218,0
+	psllq	$1,%xmm0
+	pxor	%xmm8,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm8
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm8
+	pxor	%xmm9,%xmm0
+	pshufd	$78,%xmm5,%xmm4
+	pxor	%xmm8,%xmm1
+	pxor	%xmm5,%xmm4
+
+	movdqa	%xmm0,%xmm9
+	psrlq	$1,%xmm0
+.byte	102,15,58,68,234,17
+	pxor	%xmm9,%xmm1
+	pxor	%xmm0,%xmm9
+	psrlq	$5,%xmm0
+	pxor	%xmm9,%xmm0
+	leaq	32(%rdx),%rdx
+	psrlq	$1,%xmm0
+.byte	102,15,58,68,231,0
+	pxor	%xmm1,%xmm0
+
+	subq	$0x20,%rcx
+	ja	L$mod_loop
+
+L$even_tail:
+	movdqa	%xmm0,%xmm1
+	movdqa	%xmm4,%xmm8
+	pshufd	$78,%xmm0,%xmm4
+	pxor	%xmm0,%xmm4
+
+.byte	102,15,58,68,198,0
+.byte	102,15,58,68,206,17
+.byte	102,15,58,68,231,16
+
+	pxor	%xmm3,%xmm0
+	pxor	%xmm5,%xmm1
+	pxor	%xmm0,%xmm8
+	pxor	%xmm1,%xmm8
+	pxor	%xmm8,%xmm4
+	movdqa	%xmm4,%xmm8
+	psrldq	$8,%xmm8
+	pslldq	$8,%xmm4
+	pxor	%xmm8,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+	testq	%rcx,%rcx
+	jnz	L$done
+
+L$odd_tail:
+	movdqu	(%rdx),%xmm8
+.byte	102,69,15,56,0,194
+	pxor	%xmm8,%xmm0
+	movdqa	%xmm0,%xmm1
+	pshufd	$78,%xmm0,%xmm3
+	pxor	%xmm0,%xmm3
+.byte	102,15,58,68,194,0
+.byte	102,15,58,68,202,17
+.byte	102,15,58,68,223,0
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+
+	movdqa	%xmm3,%xmm4
+	psrldq	$8,%xmm3
+	pslldq	$8,%xmm4
+	pxor	%xmm3,%xmm1
+	pxor	%xmm4,%xmm0
+
+	movdqa	%xmm0,%xmm4
+	movdqa	%xmm0,%xmm3
+	psllq	$5,%xmm0
+	pxor	%xmm0,%xmm3
+	psllq	$1,%xmm0
+	pxor	%xmm3,%xmm0
+	psllq	$57,%xmm0
+	movdqa	%xmm0,%xmm3
+	pslldq	$8,%xmm0
+	psrldq	$8,%xmm3
+	pxor	%xmm4,%xmm0
+	pxor	%xmm3,%xmm1
+
+
+	movdqa	%xmm0,%xmm4
+	psrlq	$1,%xmm0
+	pxor	%xmm4,%xmm1
+	pxor	%xmm0,%xmm4
+	psrlq	$5,%xmm0
+	pxor	%xmm4,%xmm0
+	psrlq	$1,%xmm0
+	pxor	%xmm1,%xmm0
+L$done:
+.byte	102,65,15,56,0,194
+	movdqu	%xmm0,(%rdi)
+	.byte	0xf3,0xc3
+
+
+.globl	_gcm_init_avx
+
+.p2align	5
+_gcm_init_avx:
+
+	vzeroupper
+
+	vmovdqu	(%rsi),%xmm2
+	vpshufd	$78,%xmm2,%xmm2
+
+
+	vpshufd	$255,%xmm2,%xmm4
+	vpsrlq	$63,%xmm2,%xmm3
+	vpsllq	$1,%xmm2,%xmm2
+	vpxor	%xmm5,%xmm5,%xmm5
+	vpcmpgtd	%xmm4,%xmm5,%xmm5
+	vpslldq	$8,%xmm3,%xmm3
+	vpor	%xmm3,%xmm2,%xmm2
+
+
+	vpand	L$0x1c2_polynomial(%rip),%xmm5,%xmm5
+	vpxor	%xmm5,%xmm2,%xmm2
+
+	vpunpckhqdq	%xmm2,%xmm2,%xmm6
+	vmovdqa	%xmm2,%xmm0
+	vpxor	%xmm2,%xmm6,%xmm6
+	movq	$4,%r10
+	jmp	L$init_start_avx
+.p2align	5
+L$init_loop_avx:
+	vpalignr	$8,%xmm3,%xmm4,%xmm5
+	vmovdqu	%xmm5,-16(%rdi)
+	vpunpckhqdq	%xmm0,%xmm0,%xmm3
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm2,%xmm0,%xmm1
+	vpclmulqdq	$0x00,%xmm2,%xmm0,%xmm0
+	vpclmulqdq	$0x00,%xmm6,%xmm3,%xmm3
+	vpxor	%xmm0,%xmm1,%xmm4
+	vpxor	%xmm4,%xmm3,%xmm3
+
+	vpslldq	$8,%xmm3,%xmm4
+	vpsrldq	$8,%xmm3,%xmm3
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpxor	%xmm3,%xmm1,%xmm1
+	vpsllq	$57,%xmm0,%xmm3
+	vpsllq	$62,%xmm0,%xmm4
+	vpxor	%xmm3,%xmm4,%xmm4
+	vpsllq	$63,%xmm0,%xmm3
+	vpxor	%xmm3,%xmm4,%xmm4
+	vpslldq	$8,%xmm4,%xmm3
+	vpsrldq	$8,%xmm4,%xmm4
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpxor	%xmm4,%xmm1,%xmm1
+
+	vpsrlq	$1,%xmm0,%xmm4
+	vpxor	%xmm0,%xmm1,%xmm1
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpsrlq	$5,%xmm4,%xmm4
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpsrlq	$1,%xmm0,%xmm0
+	vpxor	%xmm1,%xmm0,%xmm0
+L$init_start_avx:
+	vmovdqa	%xmm0,%xmm5
+	vpunpckhqdq	%xmm0,%xmm0,%xmm3
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm2,%xmm0,%xmm1
+	vpclmulqdq	$0x00,%xmm2,%xmm0,%xmm0
+	vpclmulqdq	$0x00,%xmm6,%xmm3,%xmm3
+	vpxor	%xmm0,%xmm1,%xmm4
+	vpxor	%xmm4,%xmm3,%xmm3
+
+	vpslldq	$8,%xmm3,%xmm4
+	vpsrldq	$8,%xmm3,%xmm3
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpxor	%xmm3,%xmm1,%xmm1
+	vpsllq	$57,%xmm0,%xmm3
+	vpsllq	$62,%xmm0,%xmm4
+	vpxor	%xmm3,%xmm4,%xmm4
+	vpsllq	$63,%xmm0,%xmm3
+	vpxor	%xmm3,%xmm4,%xmm4
+	vpslldq	$8,%xmm4,%xmm3
+	vpsrldq	$8,%xmm4,%xmm4
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpxor	%xmm4,%xmm1,%xmm1
+
+	vpsrlq	$1,%xmm0,%xmm4
+	vpxor	%xmm0,%xmm1,%xmm1
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpsrlq	$5,%xmm4,%xmm4
+	vpxor	%xmm4,%xmm0,%xmm0
+	vpsrlq	$1,%xmm0,%xmm0
+	vpxor	%xmm1,%xmm0,%xmm0
+	vpshufd	$78,%xmm5,%xmm3
+	vpshufd	$78,%xmm0,%xmm4
+	vpxor	%xmm5,%xmm3,%xmm3
+	vmovdqu	%xmm5,0(%rdi)
+	vpxor	%xmm0,%xmm4,%xmm4
+	vmovdqu	%xmm0,16(%rdi)
+	leaq	48(%rdi),%rdi
+	subq	$1,%r10
+	jnz	L$init_loop_avx
+
+	vpalignr	$8,%xmm4,%xmm3,%xmm5
+	vmovdqu	%xmm5,-16(%rdi)
+
+	vzeroupper
+	.byte	0xf3,0xc3
+
+
+.globl	_gcm_gmult_avx
+
+.p2align	5
+_gcm_gmult_avx:
+
+	jmp	L$_gmult_clmul
+
+
+.globl	_gcm_ghash_avx
+
+.p2align	5
+_gcm_ghash_avx:
+
+	vzeroupper
+
+	vmovdqu	(%rdi),%xmm10
+	leaq	L$0x1c2_polynomial(%rip),%r10
+	leaq	64(%rsi),%rsi
+	vmovdqu	L$bswap_mask(%rip),%xmm13
+	vpshufb	%xmm13,%xmm10,%xmm10
+	cmpq	$0x80,%rcx
+	jb	L$short_avx
+	subq	$0x80,%rcx
+
+	vmovdqu	112(%rdx),%xmm14
+	vmovdqu	0-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vmovdqu	32-64(%rsi),%xmm7
+
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vmovdqu	96(%rdx),%xmm15
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm14,%xmm9,%xmm9
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	16-64(%rsi),%xmm6
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vmovdqu	80(%rdx),%xmm14
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm15,%xmm8,%xmm8
+
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	48-64(%rsi),%xmm6
+	vpxor	%xmm14,%xmm9,%xmm9
+	vmovdqu	64(%rdx),%xmm15
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	80-64(%rsi),%xmm7
+
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	64-64(%rsi),%xmm6
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm15,%xmm8,%xmm8
+
+	vmovdqu	48(%rdx),%xmm14
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpxor	%xmm4,%xmm1,%xmm1
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	96-64(%rsi),%xmm6
+	vpxor	%xmm5,%xmm2,%xmm2
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	128-64(%rsi),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+
+	vmovdqu	32(%rdx),%xmm15
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	112-64(%rsi),%xmm6
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm15,%xmm8,%xmm8
+
+	vmovdqu	16(%rdx),%xmm14
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpxor	%xmm4,%xmm1,%xmm1
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	144-64(%rsi),%xmm6
+	vpxor	%xmm5,%xmm2,%xmm2
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	176-64(%rsi),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+
+	vmovdqu	(%rdx),%xmm15
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	160-64(%rsi),%xmm6
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x10,%xmm7,%xmm9,%xmm2
+
+	leaq	128(%rdx),%rdx
+	cmpq	$0x80,%rcx
+	jb	L$tail_avx
+
+	vpxor	%xmm10,%xmm15,%xmm15
+	subq	$0x80,%rcx
+	jmp	L$oop8x_avx
+
+.p2align	5
+L$oop8x_avx:
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vmovdqu	112(%rdx),%xmm14
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpxor	%xmm15,%xmm8,%xmm8
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm10
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm11
+	vmovdqu	0-64(%rsi),%xmm6
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm12
+	vmovdqu	32-64(%rsi),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+
+	vmovdqu	96(%rdx),%xmm15
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpxor	%xmm3,%xmm10,%xmm10
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vxorps	%xmm4,%xmm11,%xmm11
+	vmovdqu	16-64(%rsi),%xmm6
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm5,%xmm12,%xmm12
+	vxorps	%xmm15,%xmm8,%xmm8
+
+	vmovdqu	80(%rdx),%xmm14
+	vpxor	%xmm10,%xmm12,%xmm12
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpxor	%xmm11,%xmm12,%xmm12
+	vpslldq	$8,%xmm12,%xmm9
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vpsrldq	$8,%xmm12,%xmm12
+	vpxor	%xmm9,%xmm10,%xmm10
+	vmovdqu	48-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vxorps	%xmm12,%xmm11,%xmm11
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	80-64(%rsi),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vmovdqu	64(%rdx),%xmm15
+	vpalignr	$8,%xmm10,%xmm10,%xmm12
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	64-64(%rsi),%xmm6
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm4,%xmm1,%xmm1
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vxorps	%xmm15,%xmm8,%xmm8
+	vpxor	%xmm5,%xmm2,%xmm2
+
+	vmovdqu	48(%rdx),%xmm14
+	vpclmulqdq	$0x10,(%r10),%xmm10,%xmm10
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	96-64(%rsi),%xmm6
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	128-64(%rsi),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vmovdqu	32(%rdx),%xmm15
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpxor	%xmm3,%xmm0,%xmm0
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	112-64(%rsi),%xmm6
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm4,%xmm1,%xmm1
+	vpclmulqdq	$0x00,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm15,%xmm8,%xmm8
+	vpxor	%xmm5,%xmm2,%xmm2
+	vxorps	%xmm12,%xmm10,%xmm10
+
+	vmovdqu	16(%rdx),%xmm14
+	vpalignr	$8,%xmm10,%xmm10,%xmm12
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm3
+	vpshufb	%xmm13,%xmm14,%xmm14
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm4
+	vmovdqu	144-64(%rsi),%xmm6
+	vpclmulqdq	$0x10,(%r10),%xmm10,%xmm10
+	vxorps	%xmm11,%xmm12,%xmm12
+	vpunpckhqdq	%xmm14,%xmm14,%xmm9
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x10,%xmm7,%xmm8,%xmm5
+	vmovdqu	176-64(%rsi),%xmm7
+	vpxor	%xmm14,%xmm9,%xmm9
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vmovdqu	(%rdx),%xmm15
+	vpclmulqdq	$0x00,%xmm6,%xmm14,%xmm0
+	vpshufb	%xmm13,%xmm15,%xmm15
+	vpclmulqdq	$0x11,%xmm6,%xmm14,%xmm1
+	vmovdqu	160-64(%rsi),%xmm6
+	vpxor	%xmm12,%xmm15,%xmm15
+	vpclmulqdq	$0x10,%xmm7,%xmm9,%xmm2
+	vpxor	%xmm10,%xmm15,%xmm15
+
+	leaq	128(%rdx),%rdx
+	subq	$0x80,%rcx
+	jnc	L$oop8x_avx
+
+	addq	$0x80,%rcx
+	jmp	L$tail_no_xor_avx
+
+.p2align	5
+L$short_avx:
+	vmovdqu	-16(%rdx,%rcx,1),%xmm14
+	leaq	(%rdx,%rcx,1),%rdx
+	vmovdqu	0-64(%rsi),%xmm6
+	vmovdqu	32-64(%rsi),%xmm7
+	vpshufb	%xmm13,%xmm14,%xmm15
+
+	vmovdqa	%xmm0,%xmm3
+	vmovdqa	%xmm1,%xmm4
+	vmovdqa	%xmm2,%xmm5
+	subq	$0x10,%rcx
+	jz	L$tail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-32(%rdx),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	16-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vpsrldq	$8,%xmm7,%xmm7
+	subq	$0x10,%rcx
+	jz	L$tail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-48(%rdx),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	48-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vmovdqu	80-64(%rsi),%xmm7
+	subq	$0x10,%rcx
+	jz	L$tail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-64(%rdx),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	64-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vpsrldq	$8,%xmm7,%xmm7
+	subq	$0x10,%rcx
+	jz	L$tail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-80(%rdx),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	96-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vmovdqu	128-64(%rsi),%xmm7
+	subq	$0x10,%rcx
+	jz	L$tail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-96(%rdx),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	112-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vpsrldq	$8,%xmm7,%xmm7
+	subq	$0x10,%rcx
+	jz	L$tail_avx
+
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vmovdqu	-112(%rdx),%xmm14
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vmovdqu	144-64(%rsi),%xmm6
+	vpshufb	%xmm13,%xmm14,%xmm15
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+	vmovq	184-64(%rsi),%xmm7
+	subq	$0x10,%rcx
+	jmp	L$tail_avx
+
+.p2align	5
+L$tail_avx:
+	vpxor	%xmm10,%xmm15,%xmm15
+L$tail_no_xor_avx:
+	vpunpckhqdq	%xmm15,%xmm15,%xmm8
+	vpxor	%xmm0,%xmm3,%xmm3
+	vpclmulqdq	$0x00,%xmm6,%xmm15,%xmm0
+	vpxor	%xmm15,%xmm8,%xmm8
+	vpxor	%xmm1,%xmm4,%xmm4
+	vpclmulqdq	$0x11,%xmm6,%xmm15,%xmm1
+	vpxor	%xmm2,%xmm5,%xmm5
+	vpclmulqdq	$0x00,%xmm7,%xmm8,%xmm2
+
+	vmovdqu	(%r10),%xmm12
+
+	vpxor	%xmm0,%xmm3,%xmm10
+	vpxor	%xmm1,%xmm4,%xmm11
+	vpxor	%xmm2,%xmm5,%xmm5
+
+	vpxor	%xmm10,%xmm5,%xmm5
+	vpxor	%xmm11,%xmm5,%xmm5
+	vpslldq	$8,%xmm5,%xmm9
+	vpsrldq	$8,%xmm5,%xmm5
+	vpxor	%xmm9,%xmm10,%xmm10
+	vpxor	%xmm5,%xmm11,%xmm11
+
+	vpclmulqdq	$0x10,%xmm12,%xmm10,%xmm9
+	vpalignr	$8,%xmm10,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm10,%xmm10
+
+	vpclmulqdq	$0x10,%xmm12,%xmm10,%xmm9
+	vpalignr	$8,%xmm10,%xmm10,%xmm10
+	vpxor	%xmm11,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm10,%xmm10
+
+	cmpq	$0,%rcx
+	jne	L$short_avx
+
+	vpshufb	%xmm13,%xmm10,%xmm10
+	vmovdqu	%xmm10,(%rdi)
+	vzeroupper
+	.byte	0xf3,0xc3
+
+
+.p2align	6
+L$bswap_mask:
+.byte	15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+L$0x1c2_polynomial:
+.byte	1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xc2
+L$7_mask:
+.long	7,0,7,0
+L$7_mask_poly:
+.long	7,0,450,0
+.p2align	6
+
+L$rem_4bit:
+.long	0,0,0,471859200,0,943718400,0,610271232
+.long	0,1887436800,0,1822425088,0,1220542464,0,1423966208
+.long	0,3774873600,0,4246732800,0,3644850176,0,3311403008
+.long	0,2441084928,0,2376073216,0,2847932416,0,3051356160
+
+L$rem_8bit:
+.value	0x0000,0x01C2,0x0384,0x0246,0x0708,0x06CA,0x048C,0x054E
+.value	0x0E10,0x0FD2,0x0D94,0x0C56,0x0918,0x08DA,0x0A9C,0x0B5E
+.value	0x1C20,0x1DE2,0x1FA4,0x1E66,0x1B28,0x1AEA,0x18AC,0x196E
+.value	0x1230,0x13F2,0x11B4,0x1076,0x1538,0x14FA,0x16BC,0x177E
+.value	0x3840,0x3982,0x3BC4,0x3A06,0x3F48,0x3E8A,0x3CCC,0x3D0E
+.value	0x3650,0x3792,0x35D4,0x3416,0x3158,0x309A,0x32DC,0x331E
+.value	0x2460,0x25A2,0x27E4,0x2626,0x2368,0x22AA,0x20EC,0x212E
+.value	0x2A70,0x2BB2,0x29F4,0x2836,0x2D78,0x2CBA,0x2EFC,0x2F3E
+.value	0x7080,0x7142,0x7304,0x72C6,0x7788,0x764A,0x740C,0x75CE
+.value	0x7E90,0x7F52,0x7D14,0x7CD6,0x7998,0x785A,0x7A1C,0x7BDE
+.value	0x6CA0,0x6D62,0x6F24,0x6EE6,0x6BA8,0x6A6A,0x682C,0x69EE
+.value	0x62B0,0x6372,0x6134,0x60F6,0x65B8,0x647A,0x663C,0x67FE
+.value	0x48C0,0x4902,0x4B44,0x4A86,0x4FC8,0x4E0A,0x4C4C,0x4D8E
+.value	0x46D0,0x4712,0x4554,0x4496,0x41D8,0x401A,0x425C,0x439E
+.value	0x54E0,0x5522,0x5764,0x56A6,0x53E8,0x522A,0x506C,0x51AE
+.value	0x5AF0,0x5B32,0x5974,0x58B6,0x5DF8,0x5C3A,0x5E7C,0x5FBE
+.value	0xE100,0xE0C2,0xE284,0xE346,0xE608,0xE7CA,0xE58C,0xE44E
+.value	0xEF10,0xEED2,0xEC94,0xED56,0xE818,0xE9DA,0xEB9C,0xEA5E
+.value	0xFD20,0xFCE2,0xFEA4,0xFF66,0xFA28,0xFBEA,0xF9AC,0xF86E
+.value	0xF330,0xF2F2,0xF0B4,0xF176,0xF438,0xF5FA,0xF7BC,0xF67E
+.value	0xD940,0xD882,0xDAC4,0xDB06,0xDE48,0xDF8A,0xDDCC,0xDC0E
+.value	0xD750,0xD692,0xD4D4,0xD516,0xD058,0xD19A,0xD3DC,0xD21E
+.value	0xC560,0xC4A2,0xC6E4,0xC726,0xC268,0xC3AA,0xC1EC,0xC02E
+.value	0xCB70,0xCAB2,0xC8F4,0xC936,0xCC78,0xCDBA,0xCFFC,0xCE3E
+.value	0x9180,0x9042,0x9204,0x93C6,0x9688,0x974A,0x950C,0x94CE
+.value	0x9F90,0x9E52,0x9C14,0x9DD6,0x9898,0x995A,0x9B1C,0x9ADE
+.value	0x8DA0,0x8C62,0x8E24,0x8FE6,0x8AA8,0x8B6A,0x892C,0x88EE
+.value	0x83B0,0x8272,0x8034,0x81F6,0x84B8,0x857A,0x873C,0x86FE
+.value	0xA9C0,0xA802,0xAA44,0xAB86,0xAEC8,0xAF0A,0xAD4C,0xAC8E
+.value	0xA7D0,0xA612,0xA454,0xA596,0xA0D8,0xA11A,0xA35C,0xA29E
+.value	0xB5E0,0xB422,0xB664,0xB7A6,0xB2E8,0xB32A,0xB16C,0xB0AE
+.value	0xBBF0,0xBA32,0xB874,0xB9B6,0xBCF8,0xBD3A,0xBF7C,0xBEBE
+
+.byte	71,72,65,83,72,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.p2align	6
+
diff --git a/lib/accelerated/x86/macosx/sha1-ssse3-x86.s b/lib/accelerated/x86/macosx/sha1-ssse3-x86.s
new file mode 100644
index 0000000..985d4af
--- /dev/null
+++ b/lib/accelerated/x86/macosx/sha1-ssse3-x86.s
@@ -0,0 +1,1417 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text
+.globl	_sha1_block_data_order
+.align	4
+_sha1_block_data_order:
+L_sha1_block_data_order_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%ebp
+	movl	24(%esp),%esi
+	movl	28(%esp),%eax
+	subl	$76,%esp
+	shll	$6,%eax
+	addl	%esi,%eax
+	movl	%eax,104(%esp)
+	movl	16(%ebp),%edi
+	jmp	L000loop
+.align	4,0x90
+L000loop:
+	movl	(%esi),%eax
+	movl	4(%esi),%ebx
+	movl	8(%esi),%ecx
+	movl	12(%esi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	movl	%ecx,8(%esp)
+	movl	%edx,12(%esp)
+	movl	16(%esi),%eax
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	movl	%eax,16(%esp)
+	movl	%ebx,20(%esp)
+	movl	%ecx,24(%esp)
+	movl	%edx,28(%esp)
+	movl	32(%esi),%eax
+	movl	36(%esi),%ebx
+	movl	40(%esi),%ecx
+	movl	44(%esi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	movl	%eax,32(%esp)
+	movl	%ebx,36(%esp)
+	movl	%ecx,40(%esp)
+	movl	%edx,44(%esp)
+	movl	48(%esi),%eax
+	movl	52(%esi),%ebx
+	movl	56(%esi),%ecx
+	movl	60(%esi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	movl	%eax,48(%esp)
+	movl	%ebx,52(%esp)
+	movl	%ecx,56(%esp)
+	movl	%edx,60(%esp)
+	movl	%esi,100(%esp)
+	movl	(%ebp),%eax
+	movl	4(%ebp),%ebx
+	movl	8(%ebp),%ecx
+	movl	12(%ebp),%edx
+	# 00_15 0 
+	movl	%ecx,%esi
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	xorl	%edx,%esi
+	addl	%edi,%ebp
+	movl	(%esp),%edi
+	andl	%ebx,%esi
+	rorl	$2,%ebx
+	xorl	%edx,%esi
+	leal	1518500249(%ebp,%edi,1),%ebp
+	addl	%esi,%ebp
+	# 00_15 1 
+	movl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	xorl	%ecx,%edi
+	addl	%edx,%ebp
+	movl	4(%esp),%edx
+	andl	%eax,%edi
+	rorl	$2,%eax
+	xorl	%ecx,%edi
+	leal	1518500249(%ebp,%edx,1),%ebp
+	addl	%edi,%ebp
+	# 00_15 2 
+	movl	%eax,%edx
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	xorl	%ebx,%edx
+	addl	%ecx,%ebp
+	movl	8(%esp),%ecx
+	andl	%esi,%edx
+	rorl	$2,%esi
+	xorl	%ebx,%edx
+	leal	1518500249(%ebp,%ecx,1),%ebp
+	addl	%edx,%ebp
+	# 00_15 3 
+	movl	%esi,%ecx
+	movl	%ebp,%edx
+	roll	$5,%ebp
+	xorl	%eax,%ecx
+	addl	%ebx,%ebp
+	movl	12(%esp),%ebx
+	andl	%edi,%ecx
+	rorl	$2,%edi
+	xorl	%eax,%ecx
+	leal	1518500249(%ebp,%ebx,1),%ebp
+	addl	%ecx,%ebp
+	# 00_15 4 
+	movl	%edi,%ebx
+	movl	%ebp,%ecx
+	roll	$5,%ebp
+	xorl	%esi,%ebx
+	addl	%eax,%ebp
+	movl	16(%esp),%eax
+	andl	%edx,%ebx
+	rorl	$2,%edx
+	xorl	%esi,%ebx
+	leal	1518500249(%ebp,%eax,1),%ebp
+	addl	%ebx,%ebp
+	# 00_15 5 
+	movl	%edx,%eax
+	movl	%ebp,%ebx
+	roll	$5,%ebp
+	xorl	%edi,%eax
+	addl	%esi,%ebp
+	movl	20(%esp),%esi
+	andl	%ecx,%eax
+	rorl	$2,%ecx
+	xorl	%edi,%eax
+	leal	1518500249(%ebp,%esi,1),%ebp
+	addl	%eax,%ebp
+	# 00_15 6 
+	movl	%ecx,%esi
+	movl	%ebp,%eax
+	roll	$5,%ebp
+	xorl	%edx,%esi
+	addl	%edi,%ebp
+	movl	24(%esp),%edi
+	andl	%ebx,%esi
+	rorl	$2,%ebx
+	xorl	%edx,%esi
+	leal	1518500249(%ebp,%edi,1),%ebp
+	addl	%esi,%ebp
+	# 00_15 7 
+	movl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	xorl	%ecx,%edi
+	addl	%edx,%ebp
+	movl	28(%esp),%edx
+	andl	%eax,%edi
+	rorl	$2,%eax
+	xorl	%ecx,%edi
+	leal	1518500249(%ebp,%edx,1),%ebp
+	addl	%edi,%ebp
+	# 00_15 8 
+	movl	%eax,%edx
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	xorl	%ebx,%edx
+	addl	%ecx,%ebp
+	movl	32(%esp),%ecx
+	andl	%esi,%edx
+	rorl	$2,%esi
+	xorl	%ebx,%edx
+	leal	1518500249(%ebp,%ecx,1),%ebp
+	addl	%edx,%ebp
+	# 00_15 9 
+	movl	%esi,%ecx
+	movl	%ebp,%edx
+	roll	$5,%ebp
+	xorl	%eax,%ecx
+	addl	%ebx,%ebp
+	movl	36(%esp),%ebx
+	andl	%edi,%ecx
+	rorl	$2,%edi
+	xorl	%eax,%ecx
+	leal	1518500249(%ebp,%ebx,1),%ebp
+	addl	%ecx,%ebp
+	# 00_15 10 
+	movl	%edi,%ebx
+	movl	%ebp,%ecx
+	roll	$5,%ebp
+	xorl	%esi,%ebx
+	addl	%eax,%ebp
+	movl	40(%esp),%eax
+	andl	%edx,%ebx
+	rorl	$2,%edx
+	xorl	%esi,%ebx
+	leal	1518500249(%ebp,%eax,1),%ebp
+	addl	%ebx,%ebp
+	# 00_15 11 
+	movl	%edx,%eax
+	movl	%ebp,%ebx
+	roll	$5,%ebp
+	xorl	%edi,%eax
+	addl	%esi,%ebp
+	movl	44(%esp),%esi
+	andl	%ecx,%eax
+	rorl	$2,%ecx
+	xorl	%edi,%eax
+	leal	1518500249(%ebp,%esi,1),%ebp
+	addl	%eax,%ebp
+	# 00_15 12 
+	movl	%ecx,%esi
+	movl	%ebp,%eax
+	roll	$5,%ebp
+	xorl	%edx,%esi
+	addl	%edi,%ebp
+	movl	48(%esp),%edi
+	andl	%ebx,%esi
+	rorl	$2,%ebx
+	xorl	%edx,%esi
+	leal	1518500249(%ebp,%edi,1),%ebp
+	addl	%esi,%ebp
+	# 00_15 13 
+	movl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	xorl	%ecx,%edi
+	addl	%edx,%ebp
+	movl	52(%esp),%edx
+	andl	%eax,%edi
+	rorl	$2,%eax
+	xorl	%ecx,%edi
+	leal	1518500249(%ebp,%edx,1),%ebp
+	addl	%edi,%ebp
+	# 00_15 14 
+	movl	%eax,%edx
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	xorl	%ebx,%edx
+	addl	%ecx,%ebp
+	movl	56(%esp),%ecx
+	andl	%esi,%edx
+	rorl	$2,%esi
+	xorl	%ebx,%edx
+	leal	1518500249(%ebp,%ecx,1),%ebp
+	addl	%edx,%ebp
+	# 00_15 15 
+	movl	%esi,%ecx
+	movl	%ebp,%edx
+	roll	$5,%ebp
+	xorl	%eax,%ecx
+	addl	%ebx,%ebp
+	movl	60(%esp),%ebx
+	andl	%edi,%ecx
+	rorl	$2,%edi
+	xorl	%eax,%ecx
+	leal	1518500249(%ebp,%ebx,1),%ebp
+	movl	(%esp),%ebx
+	addl	%ebp,%ecx
+	# 16_19 16 
+	movl	%edi,%ebp
+	xorl	8(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	32(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	52(%esp),%ebx
+	roll	$1,%ebx
+	xorl	%esi,%ebp
+	addl	%ebp,%eax
+	movl	%ecx,%ebp
+	rorl	$2,%edx
+	movl	%ebx,(%esp)
+	roll	$5,%ebp
+	leal	1518500249(%ebx,%eax,1),%ebx
+	movl	4(%esp),%eax
+	addl	%ebp,%ebx
+	# 16_19 17 
+	movl	%edx,%ebp
+	xorl	12(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	36(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	56(%esp),%eax
+	roll	$1,%eax
+	xorl	%edi,%ebp
+	addl	%ebp,%esi
+	movl	%ebx,%ebp
+	rorl	$2,%ecx
+	movl	%eax,4(%esp)
+	roll	$5,%ebp
+	leal	1518500249(%eax,%esi,1),%eax
+	movl	8(%esp),%esi
+	addl	%ebp,%eax
+	# 16_19 18 
+	movl	%ecx,%ebp
+	xorl	16(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	40(%esp),%esi
+	andl	%ebx,%ebp
+	xorl	60(%esp),%esi
+	roll	$1,%esi
+	xorl	%edx,%ebp
+	addl	%ebp,%edi
+	movl	%eax,%ebp
+	rorl	$2,%ebx
+	movl	%esi,8(%esp)
+	roll	$5,%ebp
+	leal	1518500249(%esi,%edi,1),%esi
+	movl	12(%esp),%edi
+	addl	%ebp,%esi
+	# 16_19 19 
+	movl	%ebx,%ebp
+	xorl	20(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	44(%esp),%edi
+	andl	%eax,%ebp
+	xorl	(%esp),%edi
+	roll	$1,%edi
+	xorl	%ecx,%ebp
+	addl	%ebp,%edx
+	movl	%esi,%ebp
+	rorl	$2,%eax
+	movl	%edi,12(%esp)
+	roll	$5,%ebp
+	leal	1518500249(%edi,%edx,1),%edi
+	movl	16(%esp),%edx
+	addl	%ebp,%edi
+	# 20_39 20 
+	movl	%esi,%ebp
+	xorl	24(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	48(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	4(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,16(%esp)
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	20(%esp),%ecx
+	addl	%ebp,%edx
+	# 20_39 21 
+	movl	%edi,%ebp
+	xorl	28(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	52(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	8(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,20(%esp)
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	24(%esp),%ebx
+	addl	%ebp,%ecx
+	# 20_39 22 
+	movl	%edx,%ebp
+	xorl	32(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	56(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	12(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,24(%esp)
+	leal	1859775393(%ebx,%eax,1),%ebx
+	movl	28(%esp),%eax
+	addl	%ebp,%ebx
+	# 20_39 23 
+	movl	%ecx,%ebp
+	xorl	36(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	60(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	16(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,28(%esp)
+	leal	1859775393(%eax,%esi,1),%eax
+	movl	32(%esp),%esi
+	addl	%ebp,%eax
+	# 20_39 24 
+	movl	%ebx,%ebp
+	xorl	40(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	20(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,32(%esp)
+	leal	1859775393(%esi,%edi,1),%esi
+	movl	36(%esp),%edi
+	addl	%ebp,%esi
+	# 20_39 25 
+	movl	%eax,%ebp
+	xorl	44(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	4(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	24(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,36(%esp)
+	leal	1859775393(%edi,%edx,1),%edi
+	movl	40(%esp),%edx
+	addl	%ebp,%edi
+	# 20_39 26 
+	movl	%esi,%ebp
+	xorl	48(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	8(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	28(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,40(%esp)
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	44(%esp),%ecx
+	addl	%ebp,%edx
+	# 20_39 27 
+	movl	%edi,%ebp
+	xorl	52(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	12(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	32(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,44(%esp)
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	48(%esp),%ebx
+	addl	%ebp,%ecx
+	# 20_39 28 
+	movl	%edx,%ebp
+	xorl	56(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	16(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	36(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,48(%esp)
+	leal	1859775393(%ebx,%eax,1),%ebx
+	movl	52(%esp),%eax
+	addl	%ebp,%ebx
+	# 20_39 29 
+	movl	%ecx,%ebp
+	xorl	60(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	20(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	40(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,52(%esp)
+	leal	1859775393(%eax,%esi,1),%eax
+	movl	56(%esp),%esi
+	addl	%ebp,%eax
+	# 20_39 30 
+	movl	%ebx,%ebp
+	xorl	(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	24(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	44(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,56(%esp)
+	leal	1859775393(%esi,%edi,1),%esi
+	movl	60(%esp),%edi
+	addl	%ebp,%esi
+	# 20_39 31 
+	movl	%eax,%ebp
+	xorl	4(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	28(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	48(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,60(%esp)
+	leal	1859775393(%edi,%edx,1),%edi
+	movl	(%esp),%edx
+	addl	%ebp,%edi
+	# 20_39 32 
+	movl	%esi,%ebp
+	xorl	8(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	32(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	52(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,(%esp)
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	4(%esp),%ecx
+	addl	%ebp,%edx
+	# 20_39 33 
+	movl	%edi,%ebp
+	xorl	12(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	36(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	56(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,4(%esp)
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	8(%esp),%ebx
+	addl	%ebp,%ecx
+	# 20_39 34 
+	movl	%edx,%ebp
+	xorl	16(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	40(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	60(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,8(%esp)
+	leal	1859775393(%ebx,%eax,1),%ebx
+	movl	12(%esp),%eax
+	addl	%ebp,%ebx
+	# 20_39 35 
+	movl	%ecx,%ebp
+	xorl	20(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	44(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,12(%esp)
+	leal	1859775393(%eax,%esi,1),%eax
+	movl	16(%esp),%esi
+	addl	%ebp,%eax
+	# 20_39 36 
+	movl	%ebx,%ebp
+	xorl	24(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	48(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	4(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,16(%esp)
+	leal	1859775393(%esi,%edi,1),%esi
+	movl	20(%esp),%edi
+	addl	%ebp,%esi
+	# 20_39 37 
+	movl	%eax,%ebp
+	xorl	28(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	52(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	8(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,20(%esp)
+	leal	1859775393(%edi,%edx,1),%edi
+	movl	24(%esp),%edx
+	addl	%ebp,%edi
+	# 20_39 38 
+	movl	%esi,%ebp
+	xorl	32(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	56(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	12(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,24(%esp)
+	leal	1859775393(%edx,%ecx,1),%edx
+	movl	28(%esp),%ecx
+	addl	%ebp,%edx
+	# 20_39 39 
+	movl	%edi,%ebp
+	xorl	36(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	60(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	16(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,28(%esp)
+	leal	1859775393(%ecx,%ebx,1),%ecx
+	movl	32(%esp),%ebx
+	addl	%ebp,%ecx
+	# 40_59 40 
+	movl	%edi,%ebp
+	xorl	40(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	20(%esp),%ebx
+	roll	$1,%ebx
+	addl	%eax,%ebp
+	rorl	$2,%edx
+	movl	%ecx,%eax
+	roll	$5,%eax
+	movl	%ebx,32(%esp)
+	leal	2400959708(%ebx,%ebp,1),%ebx
+	movl	%edi,%ebp
+	addl	%eax,%ebx
+	andl	%esi,%ebp
+	movl	36(%esp),%eax
+	addl	%ebp,%ebx
+	# 40_59 41 
+	movl	%edx,%ebp
+	xorl	44(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	4(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	24(%esp),%eax
+	roll	$1,%eax
+	addl	%esi,%ebp
+	rorl	$2,%ecx
+	movl	%ebx,%esi
+	roll	$5,%esi
+	movl	%eax,36(%esp)
+	leal	2400959708(%eax,%ebp,1),%eax
+	movl	%edx,%ebp
+	addl	%esi,%eax
+	andl	%edi,%ebp
+	movl	40(%esp),%esi
+	addl	%ebp,%eax
+	# 40_59 42 
+	movl	%ecx,%ebp
+	xorl	48(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	8(%esp),%esi
+	andl	%ebx,%ebp
+	xorl	28(%esp),%esi
+	roll	$1,%esi
+	addl	%edi,%ebp
+	rorl	$2,%ebx
+	movl	%eax,%edi
+	roll	$5,%edi
+	movl	%esi,40(%esp)
+	leal	2400959708(%esi,%ebp,1),%esi
+	movl	%ecx,%ebp
+	addl	%edi,%esi
+	andl	%edx,%ebp
+	movl	44(%esp),%edi
+	addl	%ebp,%esi
+	# 40_59 43 
+	movl	%ebx,%ebp
+	xorl	52(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	12(%esp),%edi
+	andl	%eax,%ebp
+	xorl	32(%esp),%edi
+	roll	$1,%edi
+	addl	%edx,%ebp
+	rorl	$2,%eax
+	movl	%esi,%edx
+	roll	$5,%edx
+	movl	%edi,44(%esp)
+	leal	2400959708(%edi,%ebp,1),%edi
+	movl	%ebx,%ebp
+	addl	%edx,%edi
+	andl	%ecx,%ebp
+	movl	48(%esp),%edx
+	addl	%ebp,%edi
+	# 40_59 44 
+	movl	%eax,%ebp
+	xorl	56(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	16(%esp),%edx
+	andl	%esi,%ebp
+	xorl	36(%esp),%edx
+	roll	$1,%edx
+	addl	%ecx,%ebp
+	rorl	$2,%esi
+	movl	%edi,%ecx
+	roll	$5,%ecx
+	movl	%edx,48(%esp)
+	leal	2400959708(%edx,%ebp,1),%edx
+	movl	%eax,%ebp
+	addl	%ecx,%edx
+	andl	%ebx,%ebp
+	movl	52(%esp),%ecx
+	addl	%ebp,%edx
+	# 40_59 45 
+	movl	%esi,%ebp
+	xorl	60(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	20(%esp),%ecx
+	andl	%edi,%ebp
+	xorl	40(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebx,%ebp
+	rorl	$2,%edi
+	movl	%edx,%ebx
+	roll	$5,%ebx
+	movl	%ecx,52(%esp)
+	leal	2400959708(%ecx,%ebp,1),%ecx
+	movl	%esi,%ebp
+	addl	%ebx,%ecx
+	andl	%eax,%ebp
+	movl	56(%esp),%ebx
+	addl	%ebp,%ecx
+	# 40_59 46 
+	movl	%edi,%ebp
+	xorl	(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	24(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	44(%esp),%ebx
+	roll	$1,%ebx
+	addl	%eax,%ebp
+	rorl	$2,%edx
+	movl	%ecx,%eax
+	roll	$5,%eax
+	movl	%ebx,56(%esp)
+	leal	2400959708(%ebx,%ebp,1),%ebx
+	movl	%edi,%ebp
+	addl	%eax,%ebx
+	andl	%esi,%ebp
+	movl	60(%esp),%eax
+	addl	%ebp,%ebx
+	# 40_59 47 
+	movl	%edx,%ebp
+	xorl	4(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	28(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	48(%esp),%eax
+	roll	$1,%eax
+	addl	%esi,%ebp
+	rorl	$2,%ecx
+	movl	%ebx,%esi
+	roll	$5,%esi
+	movl	%eax,60(%esp)
+	leal	2400959708(%eax,%ebp,1),%eax
+	movl	%edx,%ebp
+	addl	%esi,%eax
+	andl	%edi,%ebp
+	movl	(%esp),%esi
+	addl	%ebp,%eax
+	# 40_59 48 
+	movl	%ecx,%ebp
+	xorl	8(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	32(%esp),%esi
+	andl	%ebx,%ebp
+	xorl	52(%esp),%esi
+	roll	$1,%esi
+	addl	%edi,%ebp
+	rorl	$2,%ebx
+	movl	%eax,%edi
+	roll	$5,%edi
+	movl	%esi,(%esp)
+	leal	2400959708(%esi,%ebp,1),%esi
+	movl	%ecx,%ebp
+	addl	%edi,%esi
+	andl	%edx,%ebp
+	movl	4(%esp),%edi
+	addl	%ebp,%esi
+	# 40_59 49 
+	movl	%ebx,%ebp
+	xorl	12(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	36(%esp),%edi
+	andl	%eax,%ebp
+	xorl	56(%esp),%edi
+	roll	$1,%edi
+	addl	%edx,%ebp
+	rorl	$2,%eax
+	movl	%esi,%edx
+	roll	$5,%edx
+	movl	%edi,4(%esp)
+	leal	2400959708(%edi,%ebp,1),%edi
+	movl	%ebx,%ebp
+	addl	%edx,%edi
+	andl	%ecx,%ebp
+	movl	8(%esp),%edx
+	addl	%ebp,%edi
+	# 40_59 50 
+	movl	%eax,%ebp
+	xorl	16(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	40(%esp),%edx
+	andl	%esi,%ebp
+	xorl	60(%esp),%edx
+	roll	$1,%edx
+	addl	%ecx,%ebp
+	rorl	$2,%esi
+	movl	%edi,%ecx
+	roll	$5,%ecx
+	movl	%edx,8(%esp)
+	leal	2400959708(%edx,%ebp,1),%edx
+	movl	%eax,%ebp
+	addl	%ecx,%edx
+	andl	%ebx,%ebp
+	movl	12(%esp),%ecx
+	addl	%ebp,%edx
+	# 40_59 51 
+	movl	%esi,%ebp
+	xorl	20(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	44(%esp),%ecx
+	andl	%edi,%ebp
+	xorl	(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebx,%ebp
+	rorl	$2,%edi
+	movl	%edx,%ebx
+	roll	$5,%ebx
+	movl	%ecx,12(%esp)
+	leal	2400959708(%ecx,%ebp,1),%ecx
+	movl	%esi,%ebp
+	addl	%ebx,%ecx
+	andl	%eax,%ebp
+	movl	16(%esp),%ebx
+	addl	%ebp,%ecx
+	# 40_59 52 
+	movl	%edi,%ebp
+	xorl	24(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	48(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	4(%esp),%ebx
+	roll	$1,%ebx
+	addl	%eax,%ebp
+	rorl	$2,%edx
+	movl	%ecx,%eax
+	roll	$5,%eax
+	movl	%ebx,16(%esp)
+	leal	2400959708(%ebx,%ebp,1),%ebx
+	movl	%edi,%ebp
+	addl	%eax,%ebx
+	andl	%esi,%ebp
+	movl	20(%esp),%eax
+	addl	%ebp,%ebx
+	# 40_59 53 
+	movl	%edx,%ebp
+	xorl	28(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	52(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	8(%esp),%eax
+	roll	$1,%eax
+	addl	%esi,%ebp
+	rorl	$2,%ecx
+	movl	%ebx,%esi
+	roll	$5,%esi
+	movl	%eax,20(%esp)
+	leal	2400959708(%eax,%ebp,1),%eax
+	movl	%edx,%ebp
+	addl	%esi,%eax
+	andl	%edi,%ebp
+	movl	24(%esp),%esi
+	addl	%ebp,%eax
+	# 40_59 54 
+	movl	%ecx,%ebp
+	xorl	32(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	56(%esp),%esi
+	andl	%ebx,%ebp
+	xorl	12(%esp),%esi
+	roll	$1,%esi
+	addl	%edi,%ebp
+	rorl	$2,%ebx
+	movl	%eax,%edi
+	roll	$5,%edi
+	movl	%esi,24(%esp)
+	leal	2400959708(%esi,%ebp,1),%esi
+	movl	%ecx,%ebp
+	addl	%edi,%esi
+	andl	%edx,%ebp
+	movl	28(%esp),%edi
+	addl	%ebp,%esi
+	# 40_59 55 
+	movl	%ebx,%ebp
+	xorl	36(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	60(%esp),%edi
+	andl	%eax,%ebp
+	xorl	16(%esp),%edi
+	roll	$1,%edi
+	addl	%edx,%ebp
+	rorl	$2,%eax
+	movl	%esi,%edx
+	roll	$5,%edx
+	movl	%edi,28(%esp)
+	leal	2400959708(%edi,%ebp,1),%edi
+	movl	%ebx,%ebp
+	addl	%edx,%edi
+	andl	%ecx,%ebp
+	movl	32(%esp),%edx
+	addl	%ebp,%edi
+	# 40_59 56 
+	movl	%eax,%ebp
+	xorl	40(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	(%esp),%edx
+	andl	%esi,%ebp
+	xorl	20(%esp),%edx
+	roll	$1,%edx
+	addl	%ecx,%ebp
+	rorl	$2,%esi
+	movl	%edi,%ecx
+	roll	$5,%ecx
+	movl	%edx,32(%esp)
+	leal	2400959708(%edx,%ebp,1),%edx
+	movl	%eax,%ebp
+	addl	%ecx,%edx
+	andl	%ebx,%ebp
+	movl	36(%esp),%ecx
+	addl	%ebp,%edx
+	# 40_59 57 
+	movl	%esi,%ebp
+	xorl	44(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	4(%esp),%ecx
+	andl	%edi,%ebp
+	xorl	24(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebx,%ebp
+	rorl	$2,%edi
+	movl	%edx,%ebx
+	roll	$5,%ebx
+	movl	%ecx,36(%esp)
+	leal	2400959708(%ecx,%ebp,1),%ecx
+	movl	%esi,%ebp
+	addl	%ebx,%ecx
+	andl	%eax,%ebp
+	movl	40(%esp),%ebx
+	addl	%ebp,%ecx
+	# 40_59 58 
+	movl	%edi,%ebp
+	xorl	48(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	8(%esp),%ebx
+	andl	%edx,%ebp
+	xorl	28(%esp),%ebx
+	roll	$1,%ebx
+	addl	%eax,%ebp
+	rorl	$2,%edx
+	movl	%ecx,%eax
+	roll	$5,%eax
+	movl	%ebx,40(%esp)
+	leal	2400959708(%ebx,%ebp,1),%ebx
+	movl	%edi,%ebp
+	addl	%eax,%ebx
+	andl	%esi,%ebp
+	movl	44(%esp),%eax
+	addl	%ebp,%ebx
+	# 40_59 59 
+	movl	%edx,%ebp
+	xorl	52(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	12(%esp),%eax
+	andl	%ecx,%ebp
+	xorl	32(%esp),%eax
+	roll	$1,%eax
+	addl	%esi,%ebp
+	rorl	$2,%ecx
+	movl	%ebx,%esi
+	roll	$5,%esi
+	movl	%eax,44(%esp)
+	leal	2400959708(%eax,%ebp,1),%eax
+	movl	%edx,%ebp
+	addl	%esi,%eax
+	andl	%edi,%ebp
+	movl	48(%esp),%esi
+	addl	%ebp,%eax
+	# 20_39 60 
+	movl	%ebx,%ebp
+	xorl	56(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	16(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	36(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,48(%esp)
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	52(%esp),%edi
+	addl	%ebp,%esi
+	# 20_39 61 
+	movl	%eax,%ebp
+	xorl	60(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	20(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	40(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,52(%esp)
+	leal	3395469782(%edi,%edx,1),%edi
+	movl	56(%esp),%edx
+	addl	%ebp,%edi
+	# 20_39 62 
+	movl	%esi,%ebp
+	xorl	(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	24(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	44(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,56(%esp)
+	leal	3395469782(%edx,%ecx,1),%edx
+	movl	60(%esp),%ecx
+	addl	%ebp,%edx
+	# 20_39 63 
+	movl	%edi,%ebp
+	xorl	4(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	28(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	48(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,60(%esp)
+	leal	3395469782(%ecx,%ebx,1),%ecx
+	movl	(%esp),%ebx
+	addl	%ebp,%ecx
+	# 20_39 64 
+	movl	%edx,%ebp
+	xorl	8(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	32(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	52(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,(%esp)
+	leal	3395469782(%ebx,%eax,1),%ebx
+	movl	4(%esp),%eax
+	addl	%ebp,%ebx
+	# 20_39 65 
+	movl	%ecx,%ebp
+	xorl	12(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	36(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	56(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,4(%esp)
+	leal	3395469782(%eax,%esi,1),%eax
+	movl	8(%esp),%esi
+	addl	%ebp,%eax
+	# 20_39 66 
+	movl	%ebx,%ebp
+	xorl	16(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	40(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	60(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,8(%esp)
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	12(%esp),%edi
+	addl	%ebp,%esi
+	# 20_39 67 
+	movl	%eax,%ebp
+	xorl	20(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	44(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,12(%esp)
+	leal	3395469782(%edi,%edx,1),%edi
+	movl	16(%esp),%edx
+	addl	%ebp,%edi
+	# 20_39 68 
+	movl	%esi,%ebp
+	xorl	24(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	48(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	4(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,16(%esp)
+	leal	3395469782(%edx,%ecx,1),%edx
+	movl	20(%esp),%ecx
+	addl	%ebp,%edx
+	# 20_39 69 
+	movl	%edi,%ebp
+	xorl	28(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	52(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	8(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,20(%esp)
+	leal	3395469782(%ecx,%ebx,1),%ecx
+	movl	24(%esp),%ebx
+	addl	%ebp,%ecx
+	# 20_39 70 
+	movl	%edx,%ebp
+	xorl	32(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	56(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	12(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,24(%esp)
+	leal	3395469782(%ebx,%eax,1),%ebx
+	movl	28(%esp),%eax
+	addl	%ebp,%ebx
+	# 20_39 71 
+	movl	%ecx,%ebp
+	xorl	36(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	60(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	16(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	movl	%eax,28(%esp)
+	leal	3395469782(%eax,%esi,1),%eax
+	movl	32(%esp),%esi
+	addl	%ebp,%eax
+	# 20_39 72 
+	movl	%ebx,%ebp
+	xorl	40(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	20(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	movl	%esi,32(%esp)
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	36(%esp),%edi
+	addl	%ebp,%esi
+	# 20_39 73 
+	movl	%eax,%ebp
+	xorl	44(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	4(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	24(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	movl	%edi,36(%esp)
+	leal	3395469782(%edi,%edx,1),%edi
+	movl	40(%esp),%edx
+	addl	%ebp,%edi
+	# 20_39 74 
+	movl	%esi,%ebp
+	xorl	48(%esp),%edx
+	xorl	%eax,%ebp
+	xorl	8(%esp),%edx
+	xorl	%ebx,%ebp
+	xorl	28(%esp),%edx
+	roll	$1,%edx
+	addl	%ebp,%ecx
+	rorl	$2,%esi
+	movl	%edi,%ebp
+	roll	$5,%ebp
+	movl	%edx,40(%esp)
+	leal	3395469782(%edx,%ecx,1),%edx
+	movl	44(%esp),%ecx
+	addl	%ebp,%edx
+	# 20_39 75 
+	movl	%edi,%ebp
+	xorl	52(%esp),%ecx
+	xorl	%esi,%ebp
+	xorl	12(%esp),%ecx
+	xorl	%eax,%ebp
+	xorl	32(%esp),%ecx
+	roll	$1,%ecx
+	addl	%ebp,%ebx
+	rorl	$2,%edi
+	movl	%edx,%ebp
+	roll	$5,%ebp
+	movl	%ecx,44(%esp)
+	leal	3395469782(%ecx,%ebx,1),%ecx
+	movl	48(%esp),%ebx
+	addl	%ebp,%ecx
+	# 20_39 76 
+	movl	%edx,%ebp
+	xorl	56(%esp),%ebx
+	xorl	%edi,%ebp
+	xorl	16(%esp),%ebx
+	xorl	%esi,%ebp
+	xorl	36(%esp),%ebx
+	roll	$1,%ebx
+	addl	%ebp,%eax
+	rorl	$2,%edx
+	movl	%ecx,%ebp
+	roll	$5,%ebp
+	movl	%ebx,48(%esp)
+	leal	3395469782(%ebx,%eax,1),%ebx
+	movl	52(%esp),%eax
+	addl	%ebp,%ebx
+	# 20_39 77 
+	movl	%ecx,%ebp
+	xorl	60(%esp),%eax
+	xorl	%edx,%ebp
+	xorl	20(%esp),%eax
+	xorl	%edi,%ebp
+	xorl	40(%esp),%eax
+	roll	$1,%eax
+	addl	%ebp,%esi
+	rorl	$2,%ecx
+	movl	%ebx,%ebp
+	roll	$5,%ebp
+	leal	3395469782(%eax,%esi,1),%eax
+	movl	56(%esp),%esi
+	addl	%ebp,%eax
+	# 20_39 78 
+	movl	%ebx,%ebp
+	xorl	(%esp),%esi
+	xorl	%ecx,%ebp
+	xorl	24(%esp),%esi
+	xorl	%edx,%ebp
+	xorl	44(%esp),%esi
+	roll	$1,%esi
+	addl	%ebp,%edi
+	rorl	$2,%ebx
+	movl	%eax,%ebp
+	roll	$5,%ebp
+	leal	3395469782(%esi,%edi,1),%esi
+	movl	60(%esp),%edi
+	addl	%ebp,%esi
+	# 20_39 79 
+	movl	%eax,%ebp
+	xorl	4(%esp),%edi
+	xorl	%ebx,%ebp
+	xorl	28(%esp),%edi
+	xorl	%ecx,%ebp
+	xorl	48(%esp),%edi
+	roll	$1,%edi
+	addl	%ebp,%edx
+	rorl	$2,%eax
+	movl	%esi,%ebp
+	roll	$5,%ebp
+	leal	3395469782(%edi,%edx,1),%edi
+	addl	%ebp,%edi
+	movl	96(%esp),%ebp
+	movl	100(%esp),%edx
+	addl	(%ebp),%edi
+	addl	4(%ebp),%esi
+	addl	8(%ebp),%eax
+	addl	12(%ebp),%ebx
+	addl	16(%ebp),%ecx
+	movl	%edi,(%ebp)
+	addl	$64,%edx
+	movl	%esi,4(%ebp)
+	cmpl	104(%esp),%edx
+	movl	%eax,8(%ebp)
+	movl	%ecx,%edi
+	movl	%ebx,12(%ebp)
+	movl	%edx,%esi
+	movl	%ecx,16(%ebp)
+	jb	L000loop
+	addl	$76,%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.byte	83,72,65,49,32,98,108,111,99,107,32,116,114,97,110,115
+.byte	102,111,114,109,32,102,111,114,32,120,56,54,44,32,67,82
+.byte	89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112
+.byte	114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+
diff --git a/lib/accelerated/x86/macosx/sha1-ssse3-x86_64.s b/lib/accelerated/x86/macosx/sha1-ssse3-x86_64.s
new file mode 100644
index 0000000..f326c34
--- /dev/null
+++ b/lib/accelerated/x86/macosx/sha1-ssse3-x86_64.s
@@ -0,0 +1,5490 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+.globl	_sha1_block_data_order
+
+.p2align	4
+_sha1_block_data_order:
+
+	movl	_GNUTLS_x86_cpuid_s+0(%rip),%r9d
+	movl	_GNUTLS_x86_cpuid_s+4(%rip),%r8d
+	movl	_GNUTLS_x86_cpuid_s+8(%rip),%r10d
+	testl	$512,%r8d
+	jz	L$ialu
+	testl	$536870912,%r10d
+	jnz	_shaext_shortcut
+	andl	$296,%r10d
+	cmpl	$296,%r10d
+	je	_avx2_shortcut
+	andl	$268435456,%r8d
+	andl	$1073741824,%r9d
+	orl	%r9d,%r8d
+	cmpl	$1342177280,%r8d
+	je	_avx_shortcut
+	jmp	_ssse3_shortcut
+
+.p2align	4
+L$ialu:
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	movq	%rdi,%r8
+	subq	$72,%rsp
+	movq	%rsi,%r9
+	andq	$-64,%rsp
+	movq	%rdx,%r10
+	movq	%rax,64(%rsp)
+
+L$prologue:
+
+	movl	0(%r8),%esi
+	movl	4(%r8),%edi
+	movl	8(%r8),%r11d
+	movl	12(%r8),%r12d
+	movl	16(%r8),%r13d
+	jmp	L$loop
+
+.p2align	4
+L$loop:
+	movl	0(%r9),%edx
+	bswapl	%edx
+	movl	4(%r9),%ebp
+	movl	%r12d,%eax
+	movl	%edx,0(%rsp)
+	movl	%esi,%ecx
+	bswapl	%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	andl	%edi,%eax
+	leal	1518500249(%rdx,%r13,1),%r13d
+	addl	%ecx,%r13d
+	xorl	%r12d,%eax
+	roll	$30,%edi
+	addl	%eax,%r13d
+	movl	8(%r9),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,4(%rsp)
+	movl	%r13d,%ecx
+	bswapl	%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	andl	%esi,%eax
+	leal	1518500249(%rbp,%r12,1),%r12d
+	addl	%ecx,%r12d
+	xorl	%r11d,%eax
+	roll	$30,%esi
+	addl	%eax,%r12d
+	movl	12(%r9),%edx
+	movl	%edi,%eax
+	movl	%r14d,8(%rsp)
+	movl	%r12d,%ecx
+	bswapl	%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	andl	%r13d,%eax
+	leal	1518500249(%r14,%r11,1),%r11d
+	addl	%ecx,%r11d
+	xorl	%edi,%eax
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	movl	16(%r9),%ebp
+	movl	%esi,%eax
+	movl	%edx,12(%rsp)
+	movl	%r11d,%ecx
+	bswapl	%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	andl	%r12d,%eax
+	leal	1518500249(%rdx,%rdi,1),%edi
+	addl	%ecx,%edi
+	xorl	%esi,%eax
+	roll	$30,%r12d
+	addl	%eax,%edi
+	movl	20(%r9),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,16(%rsp)
+	movl	%edi,%ecx
+	bswapl	%r14d
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	andl	%r11d,%eax
+	leal	1518500249(%rbp,%rsi,1),%esi
+	addl	%ecx,%esi
+	xorl	%r13d,%eax
+	roll	$30,%r11d
+	addl	%eax,%esi
+	movl	24(%r9),%edx
+	movl	%r12d,%eax
+	movl	%r14d,20(%rsp)
+	movl	%esi,%ecx
+	bswapl	%edx
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	andl	%edi,%eax
+	leal	1518500249(%r14,%r13,1),%r13d
+	addl	%ecx,%r13d
+	xorl	%r12d,%eax
+	roll	$30,%edi
+	addl	%eax,%r13d
+	movl	28(%r9),%ebp
+	movl	%r11d,%eax
+	movl	%edx,24(%rsp)
+	movl	%r13d,%ecx
+	bswapl	%ebp
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	andl	%esi,%eax
+	leal	1518500249(%rdx,%r12,1),%r12d
+	addl	%ecx,%r12d
+	xorl	%r11d,%eax
+	roll	$30,%esi
+	addl	%eax,%r12d
+	movl	32(%r9),%r14d
+	movl	%edi,%eax
+	movl	%ebp,28(%rsp)
+	movl	%r12d,%ecx
+	bswapl	%r14d
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	andl	%r13d,%eax
+	leal	1518500249(%rbp,%r11,1),%r11d
+	addl	%ecx,%r11d
+	xorl	%edi,%eax
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	movl	36(%r9),%edx
+	movl	%esi,%eax
+	movl	%r14d,32(%rsp)
+	movl	%r11d,%ecx
+	bswapl	%edx
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	andl	%r12d,%eax
+	leal	1518500249(%r14,%rdi,1),%edi
+	addl	%ecx,%edi
+	xorl	%esi,%eax
+	roll	$30,%r12d
+	addl	%eax,%edi
+	movl	40(%r9),%ebp
+	movl	%r13d,%eax
+	movl	%edx,36(%rsp)
+	movl	%edi,%ecx
+	bswapl	%ebp
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	andl	%r11d,%eax
+	leal	1518500249(%rdx,%rsi,1),%esi
+	addl	%ecx,%esi
+	xorl	%r13d,%eax
+	roll	$30,%r11d
+	addl	%eax,%esi
+	movl	44(%r9),%r14d
+	movl	%r12d,%eax
+	movl	%ebp,40(%rsp)
+	movl	%esi,%ecx
+	bswapl	%r14d
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	andl	%edi,%eax
+	leal	1518500249(%rbp,%r13,1),%r13d
+	addl	%ecx,%r13d
+	xorl	%r12d,%eax
+	roll	$30,%edi
+	addl	%eax,%r13d
+	movl	48(%r9),%edx
+	movl	%r11d,%eax
+	movl	%r14d,44(%rsp)
+	movl	%r13d,%ecx
+	bswapl	%edx
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	andl	%esi,%eax
+	leal	1518500249(%r14,%r12,1),%r12d
+	addl	%ecx,%r12d
+	xorl	%r11d,%eax
+	roll	$30,%esi
+	addl	%eax,%r12d
+	movl	52(%r9),%ebp
+	movl	%edi,%eax
+	movl	%edx,48(%rsp)
+	movl	%r12d,%ecx
+	bswapl	%ebp
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	andl	%r13d,%eax
+	leal	1518500249(%rdx,%r11,1),%r11d
+	addl	%ecx,%r11d
+	xorl	%edi,%eax
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	movl	56(%r9),%r14d
+	movl	%esi,%eax
+	movl	%ebp,52(%rsp)
+	movl	%r11d,%ecx
+	bswapl	%r14d
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	andl	%r12d,%eax
+	leal	1518500249(%rbp,%rdi,1),%edi
+	addl	%ecx,%edi
+	xorl	%esi,%eax
+	roll	$30,%r12d
+	addl	%eax,%edi
+	movl	60(%r9),%edx
+	movl	%r13d,%eax
+	movl	%r14d,56(%rsp)
+	movl	%edi,%ecx
+	bswapl	%edx
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	andl	%r11d,%eax
+	leal	1518500249(%r14,%rsi,1),%esi
+	addl	%ecx,%esi
+	xorl	%r13d,%eax
+	roll	$30,%r11d
+	addl	%eax,%esi
+	xorl	0(%rsp),%ebp
+	movl	%r12d,%eax
+	movl	%edx,60(%rsp)
+	movl	%esi,%ecx
+	xorl	8(%rsp),%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	32(%rsp),%ebp
+	andl	%edi,%eax
+	leal	1518500249(%rdx,%r13,1),%r13d
+	roll	$30,%edi
+	xorl	%r12d,%eax
+	addl	%ecx,%r13d
+	roll	$1,%ebp
+	addl	%eax,%r13d
+	xorl	4(%rsp),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,0(%rsp)
+	movl	%r13d,%ecx
+	xorl	12(%rsp),%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	36(%rsp),%r14d
+	andl	%esi,%eax
+	leal	1518500249(%rbp,%r12,1),%r12d
+	roll	$30,%esi
+	xorl	%r11d,%eax
+	addl	%ecx,%r12d
+	roll	$1,%r14d
+	addl	%eax,%r12d
+	xorl	8(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,4(%rsp)
+	movl	%r12d,%ecx
+	xorl	16(%rsp),%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	40(%rsp),%edx
+	andl	%r13d,%eax
+	leal	1518500249(%r14,%r11,1),%r11d
+	roll	$30,%r13d
+	xorl	%edi,%eax
+	addl	%ecx,%r11d
+	roll	$1,%edx
+	addl	%eax,%r11d
+	xorl	12(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,8(%rsp)
+	movl	%r11d,%ecx
+	xorl	20(%rsp),%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	44(%rsp),%ebp
+	andl	%r12d,%eax
+	leal	1518500249(%rdx,%rdi,1),%edi
+	roll	$30,%r12d
+	xorl	%esi,%eax
+	addl	%ecx,%edi
+	roll	$1,%ebp
+	addl	%eax,%edi
+	xorl	16(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,12(%rsp)
+	movl	%edi,%ecx
+	xorl	24(%rsp),%r14d
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	48(%rsp),%r14d
+	andl	%r11d,%eax
+	leal	1518500249(%rbp,%rsi,1),%esi
+	roll	$30,%r11d
+	xorl	%r13d,%eax
+	addl	%ecx,%esi
+	roll	$1,%r14d
+	addl	%eax,%esi
+	xorl	20(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,16(%rsp)
+	movl	%esi,%ecx
+	xorl	28(%rsp),%edx
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	52(%rsp),%edx
+	leal	1859775393(%r14,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%edx
+	xorl	24(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,20(%rsp)
+	movl	%r13d,%ecx
+	xorl	32(%rsp),%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	56(%rsp),%ebp
+	leal	1859775393(%rdx,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%ebp
+	xorl	28(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,24(%rsp)
+	movl	%r12d,%ecx
+	xorl	36(%rsp),%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	60(%rsp),%r14d
+	leal	1859775393(%rbp,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%r14d
+	xorl	32(%rsp),%edx
+	movl	%r12d,%eax
+	movl	%r14d,28(%rsp)
+	movl	%r11d,%ecx
+	xorl	40(%rsp),%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	0(%rsp),%edx
+	leal	1859775393(%r14,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%edx
+	xorl	36(%rsp),%ebp
+	movl	%r11d,%eax
+	movl	%edx,32(%rsp)
+	movl	%edi,%ecx
+	xorl	44(%rsp),%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	4(%rsp),%ebp
+	leal	1859775393(%rdx,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%ebp
+	xorl	40(%rsp),%r14d
+	movl	%edi,%eax
+	movl	%ebp,36(%rsp)
+	movl	%esi,%ecx
+	xorl	48(%rsp),%r14d
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	8(%rsp),%r14d
+	leal	1859775393(%rbp,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%r14d
+	xorl	44(%rsp),%edx
+	movl	%esi,%eax
+	movl	%r14d,40(%rsp)
+	movl	%r13d,%ecx
+	xorl	52(%rsp),%edx
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	12(%rsp),%edx
+	leal	1859775393(%r14,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%edx
+	xorl	48(%rsp),%ebp
+	movl	%r13d,%eax
+	movl	%edx,44(%rsp)
+	movl	%r12d,%ecx
+	xorl	56(%rsp),%ebp
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	16(%rsp),%ebp
+	leal	1859775393(%rdx,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%ebp
+	xorl	52(%rsp),%r14d
+	movl	%r12d,%eax
+	movl	%ebp,48(%rsp)
+	movl	%r11d,%ecx
+	xorl	60(%rsp),%r14d
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	20(%rsp),%r14d
+	leal	1859775393(%rbp,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%r14d
+	xorl	56(%rsp),%edx
+	movl	%r11d,%eax
+	movl	%r14d,52(%rsp)
+	movl	%edi,%ecx
+	xorl	0(%rsp),%edx
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	24(%rsp),%edx
+	leal	1859775393(%r14,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%edx
+	xorl	60(%rsp),%ebp
+	movl	%edi,%eax
+	movl	%edx,56(%rsp)
+	movl	%esi,%ecx
+	xorl	4(%rsp),%ebp
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	28(%rsp),%ebp
+	leal	1859775393(%rdx,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%ebp
+	xorl	0(%rsp),%r14d
+	movl	%esi,%eax
+	movl	%ebp,60(%rsp)
+	movl	%r13d,%ecx
+	xorl	8(%rsp),%r14d
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	32(%rsp),%r14d
+	leal	1859775393(%rbp,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%r14d
+	xorl	4(%rsp),%edx
+	movl	%r13d,%eax
+	movl	%r14d,0(%rsp)
+	movl	%r12d,%ecx
+	xorl	12(%rsp),%edx
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	36(%rsp),%edx
+	leal	1859775393(%r14,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%edx
+	xorl	8(%rsp),%ebp
+	movl	%r12d,%eax
+	movl	%edx,4(%rsp)
+	movl	%r11d,%ecx
+	xorl	16(%rsp),%ebp
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	40(%rsp),%ebp
+	leal	1859775393(%rdx,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%ebp
+	xorl	12(%rsp),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,8(%rsp)
+	movl	%edi,%ecx
+	xorl	20(%rsp),%r14d
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	44(%rsp),%r14d
+	leal	1859775393(%rbp,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%r14d
+	xorl	16(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,12(%rsp)
+	movl	%esi,%ecx
+	xorl	24(%rsp),%edx
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	48(%rsp),%edx
+	leal	1859775393(%r14,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%edx
+	xorl	20(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,16(%rsp)
+	movl	%r13d,%ecx
+	xorl	28(%rsp),%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	52(%rsp),%ebp
+	leal	1859775393(%rdx,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%ebp
+	xorl	24(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,20(%rsp)
+	movl	%r12d,%ecx
+	xorl	32(%rsp),%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	56(%rsp),%r14d
+	leal	1859775393(%rbp,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%r14d
+	xorl	28(%rsp),%edx
+	movl	%r12d,%eax
+	movl	%r14d,24(%rsp)
+	movl	%r11d,%ecx
+	xorl	36(%rsp),%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	60(%rsp),%edx
+	leal	1859775393(%r14,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%edx
+	xorl	32(%rsp),%ebp
+	movl	%r11d,%eax
+	movl	%edx,28(%rsp)
+	movl	%edi,%ecx
+	xorl	40(%rsp),%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	0(%rsp),%ebp
+	leal	1859775393(%rdx,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%ebp
+	xorl	36(%rsp),%r14d
+	movl	%r12d,%eax
+	movl	%ebp,32(%rsp)
+	movl	%r12d,%ebx
+	xorl	44(%rsp),%r14d
+	andl	%r11d,%eax
+	movl	%esi,%ecx
+	xorl	4(%rsp),%r14d
+	leal	-1894007588(%rbp,%r13,1),%r13d
+	xorl	%r11d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r13d
+	roll	$1,%r14d
+	andl	%edi,%ebx
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%ebx,%r13d
+	xorl	40(%rsp),%edx
+	movl	%r11d,%eax
+	movl	%r14d,36(%rsp)
+	movl	%r11d,%ebx
+	xorl	48(%rsp),%edx
+	andl	%edi,%eax
+	movl	%r13d,%ecx
+	xorl	8(%rsp),%edx
+	leal	-1894007588(%r14,%r12,1),%r12d
+	xorl	%edi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r12d
+	roll	$1,%edx
+	andl	%esi,%ebx
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%ebx,%r12d
+	xorl	44(%rsp),%ebp
+	movl	%edi,%eax
+	movl	%edx,40(%rsp)
+	movl	%edi,%ebx
+	xorl	52(%rsp),%ebp
+	andl	%esi,%eax
+	movl	%r12d,%ecx
+	xorl	12(%rsp),%ebp
+	leal	-1894007588(%rdx,%r11,1),%r11d
+	xorl	%esi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r11d
+	roll	$1,%ebp
+	andl	%r13d,%ebx
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%ebx,%r11d
+	xorl	48(%rsp),%r14d
+	movl	%esi,%eax
+	movl	%ebp,44(%rsp)
+	movl	%esi,%ebx
+	xorl	56(%rsp),%r14d
+	andl	%r13d,%eax
+	movl	%r11d,%ecx
+	xorl	16(%rsp),%r14d
+	leal	-1894007588(%rbp,%rdi,1),%edi
+	xorl	%r13d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%edi
+	roll	$1,%r14d
+	andl	%r12d,%ebx
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%ebx,%edi
+	xorl	52(%rsp),%edx
+	movl	%r13d,%eax
+	movl	%r14d,48(%rsp)
+	movl	%r13d,%ebx
+	xorl	60(%rsp),%edx
+	andl	%r12d,%eax
+	movl	%edi,%ecx
+	xorl	20(%rsp),%edx
+	leal	-1894007588(%r14,%rsi,1),%esi
+	xorl	%r12d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%esi
+	roll	$1,%edx
+	andl	%r11d,%ebx
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%ebx,%esi
+	xorl	56(%rsp),%ebp
+	movl	%r12d,%eax
+	movl	%edx,52(%rsp)
+	movl	%r12d,%ebx
+	xorl	0(%rsp),%ebp
+	andl	%r11d,%eax
+	movl	%esi,%ecx
+	xorl	24(%rsp),%ebp
+	leal	-1894007588(%rdx,%r13,1),%r13d
+	xorl	%r11d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r13d
+	roll	$1,%ebp
+	andl	%edi,%ebx
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%ebx,%r13d
+	xorl	60(%rsp),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,56(%rsp)
+	movl	%r11d,%ebx
+	xorl	4(%rsp),%r14d
+	andl	%edi,%eax
+	movl	%r13d,%ecx
+	xorl	28(%rsp),%r14d
+	leal	-1894007588(%rbp,%r12,1),%r12d
+	xorl	%edi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r12d
+	roll	$1,%r14d
+	andl	%esi,%ebx
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%ebx,%r12d
+	xorl	0(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,60(%rsp)
+	movl	%edi,%ebx
+	xorl	8(%rsp),%edx
+	andl	%esi,%eax
+	movl	%r12d,%ecx
+	xorl	32(%rsp),%edx
+	leal	-1894007588(%r14,%r11,1),%r11d
+	xorl	%esi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r11d
+	roll	$1,%edx
+	andl	%r13d,%ebx
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%ebx,%r11d
+	xorl	4(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,0(%rsp)
+	movl	%esi,%ebx
+	xorl	12(%rsp),%ebp
+	andl	%r13d,%eax
+	movl	%r11d,%ecx
+	xorl	36(%rsp),%ebp
+	leal	-1894007588(%rdx,%rdi,1),%edi
+	xorl	%r13d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%edi
+	roll	$1,%ebp
+	andl	%r12d,%ebx
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%ebx,%edi
+	xorl	8(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,4(%rsp)
+	movl	%r13d,%ebx
+	xorl	16(%rsp),%r14d
+	andl	%r12d,%eax
+	movl	%edi,%ecx
+	xorl	40(%rsp),%r14d
+	leal	-1894007588(%rbp,%rsi,1),%esi
+	xorl	%r12d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%esi
+	roll	$1,%r14d
+	andl	%r11d,%ebx
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%ebx,%esi
+	xorl	12(%rsp),%edx
+	movl	%r12d,%eax
+	movl	%r14d,8(%rsp)
+	movl	%r12d,%ebx
+	xorl	20(%rsp),%edx
+	andl	%r11d,%eax
+	movl	%esi,%ecx
+	xorl	44(%rsp),%edx
+	leal	-1894007588(%r14,%r13,1),%r13d
+	xorl	%r11d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r13d
+	roll	$1,%edx
+	andl	%edi,%ebx
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%ebx,%r13d
+	xorl	16(%rsp),%ebp
+	movl	%r11d,%eax
+	movl	%edx,12(%rsp)
+	movl	%r11d,%ebx
+	xorl	24(%rsp),%ebp
+	andl	%edi,%eax
+	movl	%r13d,%ecx
+	xorl	48(%rsp),%ebp
+	leal	-1894007588(%rdx,%r12,1),%r12d
+	xorl	%edi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r12d
+	roll	$1,%ebp
+	andl	%esi,%ebx
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%ebx,%r12d
+	xorl	20(%rsp),%r14d
+	movl	%edi,%eax
+	movl	%ebp,16(%rsp)
+	movl	%edi,%ebx
+	xorl	28(%rsp),%r14d
+	andl	%esi,%eax
+	movl	%r12d,%ecx
+	xorl	52(%rsp),%r14d
+	leal	-1894007588(%rbp,%r11,1),%r11d
+	xorl	%esi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r11d
+	roll	$1,%r14d
+	andl	%r13d,%ebx
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%ebx,%r11d
+	xorl	24(%rsp),%edx
+	movl	%esi,%eax
+	movl	%r14d,20(%rsp)
+	movl	%esi,%ebx
+	xorl	32(%rsp),%edx
+	andl	%r13d,%eax
+	movl	%r11d,%ecx
+	xorl	56(%rsp),%edx
+	leal	-1894007588(%r14,%rdi,1),%edi
+	xorl	%r13d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%edi
+	roll	$1,%edx
+	andl	%r12d,%ebx
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%ebx,%edi
+	xorl	28(%rsp),%ebp
+	movl	%r13d,%eax
+	movl	%edx,24(%rsp)
+	movl	%r13d,%ebx
+	xorl	36(%rsp),%ebp
+	andl	%r12d,%eax
+	movl	%edi,%ecx
+	xorl	60(%rsp),%ebp
+	leal	-1894007588(%rdx,%rsi,1),%esi
+	xorl	%r12d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%esi
+	roll	$1,%ebp
+	andl	%r11d,%ebx
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%ebx,%esi
+	xorl	32(%rsp),%r14d
+	movl	%r12d,%eax
+	movl	%ebp,28(%rsp)
+	movl	%r12d,%ebx
+	xorl	40(%rsp),%r14d
+	andl	%r11d,%eax
+	movl	%esi,%ecx
+	xorl	0(%rsp),%r14d
+	leal	-1894007588(%rbp,%r13,1),%r13d
+	xorl	%r11d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r13d
+	roll	$1,%r14d
+	andl	%edi,%ebx
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%ebx,%r13d
+	xorl	36(%rsp),%edx
+	movl	%r11d,%eax
+	movl	%r14d,32(%rsp)
+	movl	%r11d,%ebx
+	xorl	44(%rsp),%edx
+	andl	%edi,%eax
+	movl	%r13d,%ecx
+	xorl	4(%rsp),%edx
+	leal	-1894007588(%r14,%r12,1),%r12d
+	xorl	%edi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r12d
+	roll	$1,%edx
+	andl	%esi,%ebx
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%ebx,%r12d
+	xorl	40(%rsp),%ebp
+	movl	%edi,%eax
+	movl	%edx,36(%rsp)
+	movl	%edi,%ebx
+	xorl	48(%rsp),%ebp
+	andl	%esi,%eax
+	movl	%r12d,%ecx
+	xorl	8(%rsp),%ebp
+	leal	-1894007588(%rdx,%r11,1),%r11d
+	xorl	%esi,%ebx
+	roll	$5,%ecx
+	addl	%eax,%r11d
+	roll	$1,%ebp
+	andl	%r13d,%ebx
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%ebx,%r11d
+	xorl	44(%rsp),%r14d
+	movl	%esi,%eax
+	movl	%ebp,40(%rsp)
+	movl	%esi,%ebx
+	xorl	52(%rsp),%r14d
+	andl	%r13d,%eax
+	movl	%r11d,%ecx
+	xorl	12(%rsp),%r14d
+	leal	-1894007588(%rbp,%rdi,1),%edi
+	xorl	%r13d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%edi
+	roll	$1,%r14d
+	andl	%r12d,%ebx
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%ebx,%edi
+	xorl	48(%rsp),%edx
+	movl	%r13d,%eax
+	movl	%r14d,44(%rsp)
+	movl	%r13d,%ebx
+	xorl	56(%rsp),%edx
+	andl	%r12d,%eax
+	movl	%edi,%ecx
+	xorl	16(%rsp),%edx
+	leal	-1894007588(%r14,%rsi,1),%esi
+	xorl	%r12d,%ebx
+	roll	$5,%ecx
+	addl	%eax,%esi
+	roll	$1,%edx
+	andl	%r11d,%ebx
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%ebx,%esi
+	xorl	52(%rsp),%ebp
+	movl	%edi,%eax
+	movl	%edx,48(%rsp)
+	movl	%esi,%ecx
+	xorl	60(%rsp),%ebp
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	20(%rsp),%ebp
+	leal	-899497514(%rdx,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%ebp
+	xorl	56(%rsp),%r14d
+	movl	%esi,%eax
+	movl	%ebp,52(%rsp)
+	movl	%r13d,%ecx
+	xorl	0(%rsp),%r14d
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	24(%rsp),%r14d
+	leal	-899497514(%rbp,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%r14d
+	xorl	60(%rsp),%edx
+	movl	%r13d,%eax
+	movl	%r14d,56(%rsp)
+	movl	%r12d,%ecx
+	xorl	4(%rsp),%edx
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	28(%rsp),%edx
+	leal	-899497514(%r14,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%edx
+	xorl	0(%rsp),%ebp
+	movl	%r12d,%eax
+	movl	%edx,60(%rsp)
+	movl	%r11d,%ecx
+	xorl	8(%rsp),%ebp
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	32(%rsp),%ebp
+	leal	-899497514(%rdx,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%ebp
+	xorl	4(%rsp),%r14d
+	movl	%r11d,%eax
+	movl	%ebp,0(%rsp)
+	movl	%edi,%ecx
+	xorl	12(%rsp),%r14d
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	36(%rsp),%r14d
+	leal	-899497514(%rbp,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%r14d
+	xorl	8(%rsp),%edx
+	movl	%edi,%eax
+	movl	%r14d,4(%rsp)
+	movl	%esi,%ecx
+	xorl	16(%rsp),%edx
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	40(%rsp),%edx
+	leal	-899497514(%r14,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%edx
+	xorl	12(%rsp),%ebp
+	movl	%esi,%eax
+	movl	%edx,8(%rsp)
+	movl	%r13d,%ecx
+	xorl	20(%rsp),%ebp
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	44(%rsp),%ebp
+	leal	-899497514(%rdx,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%ebp
+	xorl	16(%rsp),%r14d
+	movl	%r13d,%eax
+	movl	%ebp,12(%rsp)
+	movl	%r12d,%ecx
+	xorl	24(%rsp),%r14d
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	48(%rsp),%r14d
+	leal	-899497514(%rbp,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%r14d
+	xorl	20(%rsp),%edx
+	movl	%r12d,%eax
+	movl	%r14d,16(%rsp)
+	movl	%r11d,%ecx
+	xorl	28(%rsp),%edx
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	52(%rsp),%edx
+	leal	-899497514(%r14,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%edx
+	xorl	24(%rsp),%ebp
+	movl	%r11d,%eax
+	movl	%edx,20(%rsp)
+	movl	%edi,%ecx
+	xorl	32(%rsp),%ebp
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	56(%rsp),%ebp
+	leal	-899497514(%rdx,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%ebp
+	xorl	28(%rsp),%r14d
+	movl	%edi,%eax
+	movl	%ebp,24(%rsp)
+	movl	%esi,%ecx
+	xorl	36(%rsp),%r14d
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	60(%rsp),%r14d
+	leal	-899497514(%rbp,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%r14d
+	xorl	32(%rsp),%edx
+	movl	%esi,%eax
+	movl	%r14d,28(%rsp)
+	movl	%r13d,%ecx
+	xorl	40(%rsp),%edx
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	0(%rsp),%edx
+	leal	-899497514(%r14,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%edx
+	xorl	36(%rsp),%ebp
+	movl	%r13d,%eax
+
+	movl	%r12d,%ecx
+	xorl	44(%rsp),%ebp
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	4(%rsp),%ebp
+	leal	-899497514(%rdx,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%ebp
+	xorl	40(%rsp),%r14d
+	movl	%r12d,%eax
+
+	movl	%r11d,%ecx
+	xorl	48(%rsp),%r14d
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	8(%rsp),%r14d
+	leal	-899497514(%rbp,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%r14d
+	xorl	44(%rsp),%edx
+	movl	%r11d,%eax
+
+	movl	%edi,%ecx
+	xorl	52(%rsp),%edx
+	xorl	%r13d,%eax
+	roll	$5,%ecx
+	xorl	12(%rsp),%edx
+	leal	-899497514(%r14,%rsi,1),%esi
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	roll	$1,%edx
+	xorl	48(%rsp),%ebp
+	movl	%edi,%eax
+
+	movl	%esi,%ecx
+	xorl	56(%rsp),%ebp
+	xorl	%r12d,%eax
+	roll	$5,%ecx
+	xorl	16(%rsp),%ebp
+	leal	-899497514(%rdx,%r13,1),%r13d
+	xorl	%r11d,%eax
+	addl	%ecx,%r13d
+	roll	$30,%edi
+	addl	%eax,%r13d
+	roll	$1,%ebp
+	xorl	52(%rsp),%r14d
+	movl	%esi,%eax
+
+	movl	%r13d,%ecx
+	xorl	60(%rsp),%r14d
+	xorl	%r11d,%eax
+	roll	$5,%ecx
+	xorl	20(%rsp),%r14d
+	leal	-899497514(%rbp,%r12,1),%r12d
+	xorl	%edi,%eax
+	addl	%ecx,%r12d
+	roll	$30,%esi
+	addl	%eax,%r12d
+	roll	$1,%r14d
+	xorl	56(%rsp),%edx
+	movl	%r13d,%eax
+
+	movl	%r12d,%ecx
+	xorl	0(%rsp),%edx
+	xorl	%edi,%eax
+	roll	$5,%ecx
+	xorl	24(%rsp),%edx
+	leal	-899497514(%r14,%r11,1),%r11d
+	xorl	%esi,%eax
+	addl	%ecx,%r11d
+	roll	$30,%r13d
+	addl	%eax,%r11d
+	roll	$1,%edx
+	xorl	60(%rsp),%ebp
+	movl	%r12d,%eax
+
+	movl	%r11d,%ecx
+	xorl	4(%rsp),%ebp
+	xorl	%esi,%eax
+	roll	$5,%ecx
+	xorl	28(%rsp),%ebp
+	leal	-899497514(%rdx,%rdi,1),%edi
+	xorl	%r13d,%eax
+	addl	%ecx,%edi
+	roll	$30,%r12d
+	addl	%eax,%edi
+	roll	$1,%ebp
+	movl	%r11d,%eax
+	movl	%edi,%ecx
+	xorl	%r13d,%eax
+	leal	-899497514(%rbp,%rsi,1),%esi
+	roll	$5,%ecx
+	xorl	%r12d,%eax
+	addl	%ecx,%esi
+	roll	$30,%r11d
+	addl	%eax,%esi
+	addl	0(%r8),%esi
+	addl	4(%r8),%edi
+	addl	8(%r8),%r11d
+	addl	12(%r8),%r12d
+	addl	16(%r8),%r13d
+	movl	%esi,0(%r8)
+	movl	%edi,4(%r8)
+	movl	%r11d,8(%r8)
+	movl	%r12d,12(%r8)
+	movl	%r13d,16(%r8)
+
+	subq	$1,%r10
+	leaq	64(%r9),%r9
+	jnz	L$loop
+
+	movq	64(%rsp),%rsi
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+L$epilogue:
+	.byte	0xf3,0xc3
+
+
+
+.p2align	5
+sha1_block_data_order_shaext:
+_shaext_shortcut:
+
+	movdqu	(%rdi),%xmm0
+	movd	16(%rdi),%xmm1
+	movdqa	K_XX_XX+160(%rip),%xmm3
+
+	movdqu	(%rsi),%xmm4
+	pshufd	$27,%xmm0,%xmm0
+	movdqu	16(%rsi),%xmm5
+	pshufd	$27,%xmm1,%xmm1
+	movdqu	32(%rsi),%xmm6
+.byte	102,15,56,0,227
+	movdqu	48(%rsi),%xmm7
+.byte	102,15,56,0,235
+.byte	102,15,56,0,243
+	movdqa	%xmm1,%xmm9
+.byte	102,15,56,0,251
+	jmp	L$oop_shaext
+
+.p2align	4
+L$oop_shaext:
+	decq	%rdx
+	leaq	64(%rsi),%r8
+	paddd	%xmm4,%xmm1
+	cmovneq	%r8,%rsi
+	movdqa	%xmm0,%xmm8
+.byte	15,56,201,229
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,0
+.byte	15,56,200,213
+	pxor	%xmm6,%xmm4
+.byte	15,56,201,238
+.byte	15,56,202,231
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,0
+.byte	15,56,200,206
+	pxor	%xmm7,%xmm5
+.byte	15,56,202,236
+.byte	15,56,201,247
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,0
+.byte	15,56,200,215
+	pxor	%xmm4,%xmm6
+.byte	15,56,201,252
+.byte	15,56,202,245
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,0
+.byte	15,56,200,204
+	pxor	%xmm5,%xmm7
+.byte	15,56,202,254
+.byte	15,56,201,229
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,0
+.byte	15,56,200,213
+	pxor	%xmm6,%xmm4
+.byte	15,56,201,238
+.byte	15,56,202,231
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,1
+.byte	15,56,200,206
+	pxor	%xmm7,%xmm5
+.byte	15,56,202,236
+.byte	15,56,201,247
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,1
+.byte	15,56,200,215
+	pxor	%xmm4,%xmm6
+.byte	15,56,201,252
+.byte	15,56,202,245
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,1
+.byte	15,56,200,204
+	pxor	%xmm5,%xmm7
+.byte	15,56,202,254
+.byte	15,56,201,229
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,1
+.byte	15,56,200,213
+	pxor	%xmm6,%xmm4
+.byte	15,56,201,238
+.byte	15,56,202,231
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,1
+.byte	15,56,200,206
+	pxor	%xmm7,%xmm5
+.byte	15,56,202,236
+.byte	15,56,201,247
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,2
+.byte	15,56,200,215
+	pxor	%xmm4,%xmm6
+.byte	15,56,201,252
+.byte	15,56,202,245
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,2
+.byte	15,56,200,204
+	pxor	%xmm5,%xmm7
+.byte	15,56,202,254
+.byte	15,56,201,229
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,2
+.byte	15,56,200,213
+	pxor	%xmm6,%xmm4
+.byte	15,56,201,238
+.byte	15,56,202,231
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,2
+.byte	15,56,200,206
+	pxor	%xmm7,%xmm5
+.byte	15,56,202,236
+.byte	15,56,201,247
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,2
+.byte	15,56,200,215
+	pxor	%xmm4,%xmm6
+.byte	15,56,201,252
+.byte	15,56,202,245
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,3
+.byte	15,56,200,204
+	pxor	%xmm5,%xmm7
+.byte	15,56,202,254
+	movdqu	(%rsi),%xmm4
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,3
+.byte	15,56,200,213
+	movdqu	16(%rsi),%xmm5
+.byte	102,15,56,0,227
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,3
+.byte	15,56,200,206
+	movdqu	32(%rsi),%xmm6
+.byte	102,15,56,0,235
+
+	movdqa	%xmm0,%xmm2
+.byte	15,58,204,193,3
+.byte	15,56,200,215
+	movdqu	48(%rsi),%xmm7
+.byte	102,15,56,0,243
+
+	movdqa	%xmm0,%xmm1
+.byte	15,58,204,194,3
+.byte	65,15,56,200,201
+.byte	102,15,56,0,251
+
+	paddd	%xmm8,%xmm0
+	movdqa	%xmm1,%xmm9
+
+	jnz	L$oop_shaext
+
+	pshufd	$27,%xmm0,%xmm0
+	pshufd	$27,%xmm1,%xmm1
+	movdqu	%xmm0,(%rdi)
+	movd	%xmm1,16(%rdi)
+	.byte	0xf3,0xc3
+
+
+
+.p2align	4
+sha1_block_data_order_ssse3:
+_ssse3_shortcut:
+
+	movq	%rsp,%r11
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	leaq	-64(%rsp),%rsp
+	andq	$-64,%rsp
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rdx,%r10
+
+	shlq	$6,%r10
+	addq	%r9,%r10
+	leaq	K_XX_XX+64(%rip),%r14
+
+	movl	0(%r8),%eax
+	movl	4(%r8),%ebx
+	movl	8(%r8),%ecx
+	movl	12(%r8),%edx
+	movl	%ebx,%esi
+	movl	16(%r8),%ebp
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	andl	%edi,%esi
+
+	movdqa	64(%r14),%xmm6
+	movdqa	-64(%r14),%xmm9
+	movdqu	0(%r9),%xmm0
+	movdqu	16(%r9),%xmm1
+	movdqu	32(%r9),%xmm2
+	movdqu	48(%r9),%xmm3
+.byte	102,15,56,0,198
+.byte	102,15,56,0,206
+.byte	102,15,56,0,214
+	addq	$64,%r9
+	paddd	%xmm9,%xmm0
+.byte	102,15,56,0,222
+	paddd	%xmm9,%xmm1
+	paddd	%xmm9,%xmm2
+	movdqa	%xmm0,0(%rsp)
+	psubd	%xmm9,%xmm0
+	movdqa	%xmm1,16(%rsp)
+	psubd	%xmm9,%xmm1
+	movdqa	%xmm2,32(%rsp)
+	psubd	%xmm9,%xmm2
+	jmp	L$oop_ssse3
+.p2align	4
+L$oop_ssse3:
+	rorl	$2,%ebx
+	pshufd	$238,%xmm0,%xmm4
+	xorl	%edx,%esi
+	movdqa	%xmm3,%xmm8
+	paddd	%xmm3,%xmm9
+	movl	%eax,%edi
+	addl	0(%rsp),%ebp
+	punpcklqdq	%xmm1,%xmm4
+	xorl	%ecx,%ebx
+	roll	$5,%eax
+	addl	%esi,%ebp
+	psrldq	$4,%xmm8
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	pxor	%xmm0,%xmm4
+	addl	%eax,%ebp
+	rorl	$7,%eax
+	pxor	%xmm2,%xmm8
+	xorl	%ecx,%edi
+	movl	%ebp,%esi
+	addl	4(%rsp),%edx
+	pxor	%xmm8,%xmm4
+	xorl	%ebx,%eax
+	roll	$5,%ebp
+	movdqa	%xmm9,48(%rsp)
+	addl	%edi,%edx
+	andl	%eax,%esi
+	movdqa	%xmm4,%xmm10
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	rorl	$7,%ebp
+	movdqa	%xmm4,%xmm8
+	xorl	%ebx,%esi
+	pslldq	$12,%xmm10
+	paddd	%xmm4,%xmm4
+	movl	%edx,%edi
+	addl	8(%rsp),%ecx
+	psrld	$31,%xmm8
+	xorl	%eax,%ebp
+	roll	$5,%edx
+	addl	%esi,%ecx
+	movdqa	%xmm10,%xmm9
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	psrld	$30,%xmm10
+	addl	%edx,%ecx
+	rorl	$7,%edx
+	por	%xmm8,%xmm4
+	xorl	%eax,%edi
+	movl	%ecx,%esi
+	addl	12(%rsp),%ebx
+	pslld	$2,%xmm9
+	pxor	%xmm10,%xmm4
+	xorl	%ebp,%edx
+	movdqa	-64(%r14),%xmm10
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	andl	%edx,%esi
+	pxor	%xmm9,%xmm4
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	rorl	$7,%ecx
+	pshufd	$238,%xmm1,%xmm5
+	xorl	%ebp,%esi
+	movdqa	%xmm4,%xmm9
+	paddd	%xmm4,%xmm10
+	movl	%ebx,%edi
+	addl	16(%rsp),%eax
+	punpcklqdq	%xmm2,%xmm5
+	xorl	%edx,%ecx
+	roll	$5,%ebx
+	addl	%esi,%eax
+	psrldq	$4,%xmm9
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	pxor	%xmm1,%xmm5
+	addl	%ebx,%eax
+	rorl	$7,%ebx
+	pxor	%xmm3,%xmm9
+	xorl	%edx,%edi
+	movl	%eax,%esi
+	addl	20(%rsp),%ebp
+	pxor	%xmm9,%xmm5
+	xorl	%ecx,%ebx
+	roll	$5,%eax
+	movdqa	%xmm10,0(%rsp)
+	addl	%edi,%ebp
+	andl	%ebx,%esi
+	movdqa	%xmm5,%xmm8
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	rorl	$7,%eax
+	movdqa	%xmm5,%xmm9
+	xorl	%ecx,%esi
+	pslldq	$12,%xmm8
+	paddd	%xmm5,%xmm5
+	movl	%ebp,%edi
+	addl	24(%rsp),%edx
+	psrld	$31,%xmm9
+	xorl	%ebx,%eax
+	roll	$5,%ebp
+	addl	%esi,%edx
+	movdqa	%xmm8,%xmm10
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	psrld	$30,%xmm8
+	addl	%ebp,%edx
+	rorl	$7,%ebp
+	por	%xmm9,%xmm5
+	xorl	%ebx,%edi
+	movl	%edx,%esi
+	addl	28(%rsp),%ecx
+	pslld	$2,%xmm10
+	pxor	%xmm8,%xmm5
+	xorl	%eax,%ebp
+	movdqa	-32(%r14),%xmm8
+	roll	$5,%edx
+	addl	%edi,%ecx
+	andl	%ebp,%esi
+	pxor	%xmm10,%xmm5
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	rorl	$7,%edx
+	pshufd	$238,%xmm2,%xmm6
+	xorl	%eax,%esi
+	movdqa	%xmm5,%xmm10
+	paddd	%xmm5,%xmm8
+	movl	%ecx,%edi
+	addl	32(%rsp),%ebx
+	punpcklqdq	%xmm3,%xmm6
+	xorl	%ebp,%edx
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	psrldq	$4,%xmm10
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	pxor	%xmm2,%xmm6
+	addl	%ecx,%ebx
+	rorl	$7,%ecx
+	pxor	%xmm4,%xmm10
+	xorl	%ebp,%edi
+	movl	%ebx,%esi
+	addl	36(%rsp),%eax
+	pxor	%xmm10,%xmm6
+	xorl	%edx,%ecx
+	roll	$5,%ebx
+	movdqa	%xmm8,16(%rsp)
+	addl	%edi,%eax
+	andl	%ecx,%esi
+	movdqa	%xmm6,%xmm9
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	rorl	$7,%ebx
+	movdqa	%xmm6,%xmm10
+	xorl	%edx,%esi
+	pslldq	$12,%xmm9
+	paddd	%xmm6,%xmm6
+	movl	%eax,%edi
+	addl	40(%rsp),%ebp
+	psrld	$31,%xmm10
+	xorl	%ecx,%ebx
+	roll	$5,%eax
+	addl	%esi,%ebp
+	movdqa	%xmm9,%xmm8
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	psrld	$30,%xmm9
+	addl	%eax,%ebp
+	rorl	$7,%eax
+	por	%xmm10,%xmm6
+	xorl	%ecx,%edi
+	movl	%ebp,%esi
+	addl	44(%rsp),%edx
+	pslld	$2,%xmm8
+	pxor	%xmm9,%xmm6
+	xorl	%ebx,%eax
+	movdqa	-32(%r14),%xmm9
+	roll	$5,%ebp
+	addl	%edi,%edx
+	andl	%eax,%esi
+	pxor	%xmm8,%xmm6
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	rorl	$7,%ebp
+	pshufd	$238,%xmm3,%xmm7
+	xorl	%ebx,%esi
+	movdqa	%xmm6,%xmm8
+	paddd	%xmm6,%xmm9
+	movl	%edx,%edi
+	addl	48(%rsp),%ecx
+	punpcklqdq	%xmm4,%xmm7
+	xorl	%eax,%ebp
+	roll	$5,%edx
+	addl	%esi,%ecx
+	psrldq	$4,%xmm8
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	pxor	%xmm3,%xmm7
+	addl	%edx,%ecx
+	rorl	$7,%edx
+	pxor	%xmm5,%xmm8
+	xorl	%eax,%edi
+	movl	%ecx,%esi
+	addl	52(%rsp),%ebx
+	pxor	%xmm8,%xmm7
+	xorl	%ebp,%edx
+	roll	$5,%ecx
+	movdqa	%xmm9,32(%rsp)
+	addl	%edi,%ebx
+	andl	%edx,%esi
+	movdqa	%xmm7,%xmm10
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	rorl	$7,%ecx
+	movdqa	%xmm7,%xmm8
+	xorl	%ebp,%esi
+	pslldq	$12,%xmm10
+	paddd	%xmm7,%xmm7
+	movl	%ebx,%edi
+	addl	56(%rsp),%eax
+	psrld	$31,%xmm8
+	xorl	%edx,%ecx
+	roll	$5,%ebx
+	addl	%esi,%eax
+	movdqa	%xmm10,%xmm9
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	psrld	$30,%xmm10
+	addl	%ebx,%eax
+	rorl	$7,%ebx
+	por	%xmm8,%xmm7
+	xorl	%edx,%edi
+	movl	%eax,%esi
+	addl	60(%rsp),%ebp
+	pslld	$2,%xmm9
+	pxor	%xmm10,%xmm7
+	xorl	%ecx,%ebx
+	movdqa	-32(%r14),%xmm10
+	roll	$5,%eax
+	addl	%edi,%ebp
+	andl	%ebx,%esi
+	pxor	%xmm9,%xmm7
+	pshufd	$238,%xmm6,%xmm9
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	rorl	$7,%eax
+	pxor	%xmm4,%xmm0
+	xorl	%ecx,%esi
+	movl	%ebp,%edi
+	addl	0(%rsp),%edx
+	punpcklqdq	%xmm7,%xmm9
+	xorl	%ebx,%eax
+	roll	$5,%ebp
+	pxor	%xmm1,%xmm0
+	addl	%esi,%edx
+	andl	%eax,%edi
+	movdqa	%xmm10,%xmm8
+	xorl	%ebx,%eax
+	paddd	%xmm7,%xmm10
+	addl	%ebp,%edx
+	pxor	%xmm9,%xmm0
+	rorl	$7,%ebp
+	xorl	%ebx,%edi
+	movl	%edx,%esi
+	addl	4(%rsp),%ecx
+	movdqa	%xmm0,%xmm9
+	xorl	%eax,%ebp
+	roll	$5,%edx
+	movdqa	%xmm10,48(%rsp)
+	addl	%edi,%ecx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	pslld	$2,%xmm0
+	addl	%edx,%ecx
+	rorl	$7,%edx
+	psrld	$30,%xmm9
+	xorl	%eax,%esi
+	movl	%ecx,%edi
+	addl	8(%rsp),%ebx
+	por	%xmm9,%xmm0
+	xorl	%ebp,%edx
+	roll	$5,%ecx
+	pshufd	$238,%xmm7,%xmm10
+	addl	%esi,%ebx
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	12(%rsp),%eax
+	xorl	%ebp,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	pxor	%xmm5,%xmm1
+	addl	16(%rsp),%ebp
+	xorl	%ecx,%esi
+	punpcklqdq	%xmm0,%xmm10
+	movl	%eax,%edi
+	roll	$5,%eax
+	pxor	%xmm2,%xmm1
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	movdqa	%xmm8,%xmm9
+	rorl	$7,%ebx
+	paddd	%xmm0,%xmm8
+	addl	%eax,%ebp
+	pxor	%xmm10,%xmm1
+	addl	20(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	movdqa	%xmm1,%xmm10
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	movdqa	%xmm8,0(%rsp)
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	24(%rsp),%ecx
+	pslld	$2,%xmm1
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	psrld	$30,%xmm10
+	roll	$5,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	rorl	$7,%ebp
+	por	%xmm10,%xmm1
+	addl	%edx,%ecx
+	addl	28(%rsp),%ebx
+	pshufd	$238,%xmm0,%xmm8
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	pxor	%xmm6,%xmm2
+	addl	32(%rsp),%eax
+	xorl	%edx,%esi
+	punpcklqdq	%xmm1,%xmm8
+	movl	%ebx,%edi
+	roll	$5,%ebx
+	pxor	%xmm3,%xmm2
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	movdqa	0(%r14),%xmm10
+	rorl	$7,%ecx
+	paddd	%xmm1,%xmm9
+	addl	%ebx,%eax
+	pxor	%xmm8,%xmm2
+	addl	36(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	movdqa	%xmm2,%xmm8
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	movdqa	%xmm9,16(%rsp)
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	40(%rsp),%edx
+	pslld	$2,%xmm2
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	psrld	$30,%xmm8
+	roll	$5,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	rorl	$7,%eax
+	por	%xmm8,%xmm2
+	addl	%ebp,%edx
+	addl	44(%rsp),%ecx
+	pshufd	$238,%xmm1,%xmm9
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	pxor	%xmm7,%xmm3
+	addl	48(%rsp),%ebx
+	xorl	%ebp,%esi
+	punpcklqdq	%xmm2,%xmm9
+	movl	%ecx,%edi
+	roll	$5,%ecx
+	pxor	%xmm4,%xmm3
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	movdqa	%xmm10,%xmm8
+	rorl	$7,%edx
+	paddd	%xmm2,%xmm10
+	addl	%ecx,%ebx
+	pxor	%xmm9,%xmm3
+	addl	52(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	movdqa	%xmm3,%xmm9
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	movdqa	%xmm10,32(%rsp)
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	56(%rsp),%ebp
+	pslld	$2,%xmm3
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	psrld	$30,%xmm9
+	roll	$5,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	rorl	$7,%ebx
+	por	%xmm9,%xmm3
+	addl	%eax,%ebp
+	addl	60(%rsp),%edx
+	pshufd	$238,%xmm2,%xmm10
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	pxor	%xmm0,%xmm4
+	addl	0(%rsp),%ecx
+	xorl	%eax,%esi
+	punpcklqdq	%xmm3,%xmm10
+	movl	%edx,%edi
+	roll	$5,%edx
+	pxor	%xmm5,%xmm4
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	movdqa	%xmm8,%xmm9
+	rorl	$7,%ebp
+	paddd	%xmm3,%xmm8
+	addl	%edx,%ecx
+	pxor	%xmm10,%xmm4
+	addl	4(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	roll	$5,%ecx
+	movdqa	%xmm4,%xmm10
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	movdqa	%xmm8,48(%rsp)
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	8(%rsp),%eax
+	pslld	$2,%xmm4
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	psrld	$30,%xmm10
+	roll	$5,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	rorl	$7,%ecx
+	por	%xmm10,%xmm4
+	addl	%ebx,%eax
+	addl	12(%rsp),%ebp
+	pshufd	$238,%xmm3,%xmm8
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	pxor	%xmm1,%xmm5
+	addl	16(%rsp),%edx
+	xorl	%ebx,%esi
+	punpcklqdq	%xmm4,%xmm8
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	pxor	%xmm6,%xmm5
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	movdqa	%xmm9,%xmm10
+	rorl	$7,%eax
+	paddd	%xmm4,%xmm9
+	addl	%ebp,%edx
+	pxor	%xmm8,%xmm5
+	addl	20(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	roll	$5,%edx
+	movdqa	%xmm5,%xmm8
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	movdqa	%xmm9,0(%rsp)
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	addl	24(%rsp),%ebx
+	pslld	$2,%xmm5
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	psrld	$30,%xmm8
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	por	%xmm8,%xmm5
+	addl	%ecx,%ebx
+	addl	28(%rsp),%eax
+	pshufd	$238,%xmm4,%xmm9
+	rorl	$7,%ecx
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%ecx,%esi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	pxor	%xmm2,%xmm6
+	addl	32(%rsp),%ebp
+	andl	%ecx,%esi
+	xorl	%edx,%ecx
+	rorl	$7,%ebx
+	punpcklqdq	%xmm5,%xmm9
+	movl	%eax,%edi
+	xorl	%ecx,%esi
+	pxor	%xmm7,%xmm6
+	roll	$5,%eax
+	addl	%esi,%ebp
+	movdqa	%xmm10,%xmm8
+	xorl	%ebx,%edi
+	paddd	%xmm5,%xmm10
+	xorl	%ecx,%ebx
+	pxor	%xmm9,%xmm6
+	addl	%eax,%ebp
+	addl	36(%rsp),%edx
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	rorl	$7,%eax
+	movdqa	%xmm6,%xmm9
+	movl	%ebp,%esi
+	xorl	%ebx,%edi
+	movdqa	%xmm10,16(%rsp)
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%eax,%esi
+	pslld	$2,%xmm6
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	psrld	$30,%xmm9
+	addl	40(%rsp),%ecx
+	andl	%eax,%esi
+	xorl	%ebx,%eax
+	por	%xmm9,%xmm6
+	rorl	$7,%ebp
+	movl	%edx,%edi
+	xorl	%eax,%esi
+	roll	$5,%edx
+	pshufd	$238,%xmm5,%xmm10
+	addl	%esi,%ecx
+	xorl	%ebp,%edi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	addl	44(%rsp),%ebx
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	rorl	$7,%edx
+	movl	%ecx,%esi
+	xorl	%ebp,%edi
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%edx,%esi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	pxor	%xmm3,%xmm7
+	addl	48(%rsp),%eax
+	andl	%edx,%esi
+	xorl	%ebp,%edx
+	rorl	$7,%ecx
+	punpcklqdq	%xmm6,%xmm10
+	movl	%ebx,%edi
+	xorl	%edx,%esi
+	pxor	%xmm0,%xmm7
+	roll	$5,%ebx
+	addl	%esi,%eax
+	movdqa	32(%r14),%xmm9
+	xorl	%ecx,%edi
+	paddd	%xmm6,%xmm8
+	xorl	%edx,%ecx
+	pxor	%xmm10,%xmm7
+	addl	%ebx,%eax
+	addl	52(%rsp),%ebp
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	rorl	$7,%ebx
+	movdqa	%xmm7,%xmm10
+	movl	%eax,%esi
+	xorl	%ecx,%edi
+	movdqa	%xmm8,32(%rsp)
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ebx,%esi
+	pslld	$2,%xmm7
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	psrld	$30,%xmm10
+	addl	56(%rsp),%edx
+	andl	%ebx,%esi
+	xorl	%ecx,%ebx
+	por	%xmm10,%xmm7
+	rorl	$7,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%esi
+	roll	$5,%ebp
+	pshufd	$238,%xmm6,%xmm8
+	addl	%esi,%edx
+	xorl	%eax,%edi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	addl	60(%rsp),%ecx
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	rorl	$7,%ebp
+	movl	%edx,%esi
+	xorl	%eax,%edi
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	pxor	%xmm4,%xmm0
+	addl	0(%rsp),%ebx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	rorl	$7,%edx
+	punpcklqdq	%xmm7,%xmm8
+	movl	%ecx,%edi
+	xorl	%ebp,%esi
+	pxor	%xmm1,%xmm0
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	movdqa	%xmm9,%xmm10
+	xorl	%edx,%edi
+	paddd	%xmm7,%xmm9
+	xorl	%ebp,%edx
+	pxor	%xmm8,%xmm0
+	addl	%ecx,%ebx
+	addl	4(%rsp),%eax
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	rorl	$7,%ecx
+	movdqa	%xmm0,%xmm8
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	movdqa	%xmm9,48(%rsp)
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%ecx,%esi
+	pslld	$2,%xmm0
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	psrld	$30,%xmm8
+	addl	8(%rsp),%ebp
+	andl	%ecx,%esi
+	xorl	%edx,%ecx
+	por	%xmm8,%xmm0
+	rorl	$7,%ebx
+	movl	%eax,%edi
+	xorl	%ecx,%esi
+	roll	$5,%eax
+	pshufd	$238,%xmm7,%xmm9
+	addl	%esi,%ebp
+	xorl	%ebx,%edi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	addl	12(%rsp),%edx
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	rorl	$7,%eax
+	movl	%ebp,%esi
+	xorl	%ebx,%edi
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%eax,%esi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	pxor	%xmm5,%xmm1
+	addl	16(%rsp),%ecx
+	andl	%eax,%esi
+	xorl	%ebx,%eax
+	rorl	$7,%ebp
+	punpcklqdq	%xmm0,%xmm9
+	movl	%edx,%edi
+	xorl	%eax,%esi
+	pxor	%xmm2,%xmm1
+	roll	$5,%edx
+	addl	%esi,%ecx
+	movdqa	%xmm10,%xmm8
+	xorl	%ebp,%edi
+	paddd	%xmm0,%xmm10
+	xorl	%eax,%ebp
+	pxor	%xmm9,%xmm1
+	addl	%edx,%ecx
+	addl	20(%rsp),%ebx
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	rorl	$7,%edx
+	movdqa	%xmm1,%xmm9
+	movl	%ecx,%esi
+	xorl	%ebp,%edi
+	movdqa	%xmm10,0(%rsp)
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%edx,%esi
+	pslld	$2,%xmm1
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	psrld	$30,%xmm9
+	addl	24(%rsp),%eax
+	andl	%edx,%esi
+	xorl	%ebp,%edx
+	por	%xmm9,%xmm1
+	rorl	$7,%ecx
+	movl	%ebx,%edi
+	xorl	%edx,%esi
+	roll	$5,%ebx
+	pshufd	$238,%xmm0,%xmm10
+	addl	%esi,%eax
+	xorl	%ecx,%edi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	addl	28(%rsp),%ebp
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	rorl	$7,%ebx
+	movl	%eax,%esi
+	xorl	%ecx,%edi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ebx,%esi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	pxor	%xmm6,%xmm2
+	addl	32(%rsp),%edx
+	andl	%ebx,%esi
+	xorl	%ecx,%ebx
+	rorl	$7,%eax
+	punpcklqdq	%xmm1,%xmm10
+	movl	%ebp,%edi
+	xorl	%ebx,%esi
+	pxor	%xmm3,%xmm2
+	roll	$5,%ebp
+	addl	%esi,%edx
+	movdqa	%xmm8,%xmm9
+	xorl	%eax,%edi
+	paddd	%xmm1,%xmm8
+	xorl	%ebx,%eax
+	pxor	%xmm10,%xmm2
+	addl	%ebp,%edx
+	addl	36(%rsp),%ecx
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	rorl	$7,%ebp
+	movdqa	%xmm2,%xmm10
+	movl	%edx,%esi
+	xorl	%eax,%edi
+	movdqa	%xmm8,16(%rsp)
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%ebp,%esi
+	pslld	$2,%xmm2
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	psrld	$30,%xmm10
+	addl	40(%rsp),%ebx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	por	%xmm10,%xmm2
+	rorl	$7,%edx
+	movl	%ecx,%edi
+	xorl	%ebp,%esi
+	roll	$5,%ecx
+	pshufd	$238,%xmm1,%xmm8
+	addl	%esi,%ebx
+	xorl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	44(%rsp),%eax
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	rorl	$7,%ecx
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	addl	%ebx,%eax
+	pxor	%xmm7,%xmm3
+	addl	48(%rsp),%ebp
+	xorl	%ecx,%esi
+	punpcklqdq	%xmm2,%xmm8
+	movl	%eax,%edi
+	roll	$5,%eax
+	pxor	%xmm4,%xmm3
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	movdqa	%xmm9,%xmm10
+	rorl	$7,%ebx
+	paddd	%xmm2,%xmm9
+	addl	%eax,%ebp
+	pxor	%xmm8,%xmm3
+	addl	52(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	movdqa	%xmm3,%xmm8
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	movdqa	%xmm9,32(%rsp)
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	56(%rsp),%ecx
+	pslld	$2,%xmm3
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	psrld	$30,%xmm8
+	roll	$5,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	rorl	$7,%ebp
+	por	%xmm8,%xmm3
+	addl	%edx,%ecx
+	addl	60(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	0(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	roll	$5,%ebx
+	paddd	%xmm3,%xmm10
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	movdqa	%xmm10,48(%rsp)
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	4(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	8(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	12(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	cmpq	%r10,%r9
+	je	L$done_ssse3
+	movdqa	64(%r14),%xmm6
+	movdqa	-64(%r14),%xmm9
+	movdqu	0(%r9),%xmm0
+	movdqu	16(%r9),%xmm1
+	movdqu	32(%r9),%xmm2
+	movdqu	48(%r9),%xmm3
+.byte	102,15,56,0,198
+	addq	$64,%r9
+	addl	16(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+.byte	102,15,56,0,206
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	paddd	%xmm9,%xmm0
+	addl	%ecx,%ebx
+	addl	20(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	movdqa	%xmm0,0(%rsp)
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	rorl	$7,%ecx
+	psubd	%xmm9,%xmm0
+	addl	%ebx,%eax
+	addl	24(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	roll	$5,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	28(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	32(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+.byte	102,15,56,0,214
+	roll	$5,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	rorl	$7,%ebp
+	paddd	%xmm9,%xmm1
+	addl	%edx,%ecx
+	addl	36(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	movdqa	%xmm1,16(%rsp)
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	rorl	$7,%edx
+	psubd	%xmm9,%xmm1
+	addl	%ecx,%ebx
+	addl	40(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	roll	$5,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	44(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	48(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+.byte	102,15,56,0,222
+	roll	$5,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	rorl	$7,%eax
+	paddd	%xmm9,%xmm2
+	addl	%ebp,%edx
+	addl	52(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	movdqa	%xmm2,32(%rsp)
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	rorl	$7,%ebp
+	psubd	%xmm9,%xmm2
+	addl	%edx,%ecx
+	addl	56(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	60(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	0(%r8),%eax
+	addl	4(%r8),%esi
+	addl	8(%r8),%ecx
+	addl	12(%r8),%edx
+	movl	%eax,0(%r8)
+	addl	16(%r8),%ebp
+	movl	%esi,4(%r8)
+	movl	%esi,%ebx
+	movl	%ecx,8(%r8)
+	movl	%ecx,%edi
+	movl	%edx,12(%r8)
+	xorl	%edx,%edi
+	movl	%ebp,16(%r8)
+	andl	%edi,%esi
+	jmp	L$oop_ssse3
+
+.p2align	4
+L$done_ssse3:
+	addl	16(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	20(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	24(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	roll	$5,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	28(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	roll	$5,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	32(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	roll	$5,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	addl	36(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	roll	$5,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	40(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	roll	$5,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	44(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	roll	$5,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	rorl	$7,%ebx
+	addl	%eax,%ebp
+	addl	48(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	roll	$5,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	rorl	$7,%eax
+	addl	%ebp,%edx
+	addl	52(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	roll	$5,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	rorl	$7,%ebp
+	addl	%edx,%ecx
+	addl	56(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	roll	$5,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	rorl	$7,%edx
+	addl	%ecx,%ebx
+	addl	60(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	roll	$5,%ebx
+	addl	%edi,%eax
+	rorl	$7,%ecx
+	addl	%ebx,%eax
+	addl	0(%r8),%eax
+	addl	4(%r8),%esi
+	addl	8(%r8),%ecx
+	movl	%eax,0(%r8)
+	addl	12(%r8),%edx
+	movl	%esi,4(%r8)
+	addl	16(%r8),%ebp
+	movl	%ecx,8(%r8)
+	movl	%edx,12(%r8)
+	movl	%ebp,16(%r8)
+	movq	-40(%r11),%r14
+
+	movq	-32(%r11),%r13
+
+	movq	-24(%r11),%r12
+
+	movq	-16(%r11),%rbp
+
+	movq	-8(%r11),%rbx
+
+	leaq	(%r11),%rsp
+
+L$epilogue_ssse3:
+	.byte	0xf3,0xc3
+
+
+
+.p2align	4
+sha1_block_data_order_avx:
+_avx_shortcut:
+
+	movq	%rsp,%r11
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	leaq	-64(%rsp),%rsp
+	vzeroupper
+	andq	$-64,%rsp
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rdx,%r10
+
+	shlq	$6,%r10
+	addq	%r9,%r10
+	leaq	K_XX_XX+64(%rip),%r14
+
+	movl	0(%r8),%eax
+	movl	4(%r8),%ebx
+	movl	8(%r8),%ecx
+	movl	12(%r8),%edx
+	movl	%ebx,%esi
+	movl	16(%r8),%ebp
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	andl	%edi,%esi
+
+	vmovdqa	64(%r14),%xmm6
+	vmovdqa	-64(%r14),%xmm11
+	vmovdqu	0(%r9),%xmm0
+	vmovdqu	16(%r9),%xmm1
+	vmovdqu	32(%r9),%xmm2
+	vmovdqu	48(%r9),%xmm3
+	vpshufb	%xmm6,%xmm0,%xmm0
+	addq	$64,%r9
+	vpshufb	%xmm6,%xmm1,%xmm1
+	vpshufb	%xmm6,%xmm2,%xmm2
+	vpshufb	%xmm6,%xmm3,%xmm3
+	vpaddd	%xmm11,%xmm0,%xmm4
+	vpaddd	%xmm11,%xmm1,%xmm5
+	vpaddd	%xmm11,%xmm2,%xmm6
+	vmovdqa	%xmm4,0(%rsp)
+	vmovdqa	%xmm5,16(%rsp)
+	vmovdqa	%xmm6,32(%rsp)
+	jmp	L$oop_avx
+.p2align	4
+L$oop_avx:
+	shrdl	$2,%ebx,%ebx
+	xorl	%edx,%esi
+	vpalignr	$8,%xmm0,%xmm1,%xmm4
+	movl	%eax,%edi
+	addl	0(%rsp),%ebp
+	vpaddd	%xmm3,%xmm11,%xmm9
+	xorl	%ecx,%ebx
+	shldl	$5,%eax,%eax
+	vpsrldq	$4,%xmm3,%xmm8
+	addl	%esi,%ebp
+	andl	%ebx,%edi
+	vpxor	%xmm0,%xmm4,%xmm4
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	vpxor	%xmm2,%xmm8,%xmm8
+	shrdl	$7,%eax,%eax
+	xorl	%ecx,%edi
+	movl	%ebp,%esi
+	addl	4(%rsp),%edx
+	vpxor	%xmm8,%xmm4,%xmm4
+	xorl	%ebx,%eax
+	shldl	$5,%ebp,%ebp
+	vmovdqa	%xmm9,48(%rsp)
+	addl	%edi,%edx
+	andl	%eax,%esi
+	vpsrld	$31,%xmm4,%xmm8
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	shrdl	$7,%ebp,%ebp
+	xorl	%ebx,%esi
+	vpslldq	$12,%xmm4,%xmm10
+	vpaddd	%xmm4,%xmm4,%xmm4
+	movl	%edx,%edi
+	addl	8(%rsp),%ecx
+	xorl	%eax,%ebp
+	shldl	$5,%edx,%edx
+	vpsrld	$30,%xmm10,%xmm9
+	vpor	%xmm8,%xmm4,%xmm4
+	addl	%esi,%ecx
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	vpslld	$2,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm4,%xmm4
+	shrdl	$7,%edx,%edx
+	xorl	%eax,%edi
+	movl	%ecx,%esi
+	addl	12(%rsp),%ebx
+	vpxor	%xmm10,%xmm4,%xmm4
+	xorl	%ebp,%edx
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	andl	%edx,%esi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	shrdl	$7,%ecx,%ecx
+	xorl	%ebp,%esi
+	vpalignr	$8,%xmm1,%xmm2,%xmm5
+	movl	%ebx,%edi
+	addl	16(%rsp),%eax
+	vpaddd	%xmm4,%xmm11,%xmm9
+	xorl	%edx,%ecx
+	shldl	$5,%ebx,%ebx
+	vpsrldq	$4,%xmm4,%xmm8
+	addl	%esi,%eax
+	andl	%ecx,%edi
+	vpxor	%xmm1,%xmm5,%xmm5
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	vpxor	%xmm3,%xmm8,%xmm8
+	shrdl	$7,%ebx,%ebx
+	xorl	%edx,%edi
+	movl	%eax,%esi
+	addl	20(%rsp),%ebp
+	vpxor	%xmm8,%xmm5,%xmm5
+	xorl	%ecx,%ebx
+	shldl	$5,%eax,%eax
+	vmovdqa	%xmm9,0(%rsp)
+	addl	%edi,%ebp
+	andl	%ebx,%esi
+	vpsrld	$31,%xmm5,%xmm8
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	shrdl	$7,%eax,%eax
+	xorl	%ecx,%esi
+	vpslldq	$12,%xmm5,%xmm10
+	vpaddd	%xmm5,%xmm5,%xmm5
+	movl	%ebp,%edi
+	addl	24(%rsp),%edx
+	xorl	%ebx,%eax
+	shldl	$5,%ebp,%ebp
+	vpsrld	$30,%xmm10,%xmm9
+	vpor	%xmm8,%xmm5,%xmm5
+	addl	%esi,%edx
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	vpslld	$2,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm5,%xmm5
+	shrdl	$7,%ebp,%ebp
+	xorl	%ebx,%edi
+	movl	%edx,%esi
+	addl	28(%rsp),%ecx
+	vpxor	%xmm10,%xmm5,%xmm5
+	xorl	%eax,%ebp
+	shldl	$5,%edx,%edx
+	vmovdqa	-32(%r14),%xmm11
+	addl	%edi,%ecx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	shrdl	$7,%edx,%edx
+	xorl	%eax,%esi
+	vpalignr	$8,%xmm2,%xmm3,%xmm6
+	movl	%ecx,%edi
+	addl	32(%rsp),%ebx
+	vpaddd	%xmm5,%xmm11,%xmm9
+	xorl	%ebp,%edx
+	shldl	$5,%ecx,%ecx
+	vpsrldq	$4,%xmm5,%xmm8
+	addl	%esi,%ebx
+	andl	%edx,%edi
+	vpxor	%xmm2,%xmm6,%xmm6
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	vpxor	%xmm4,%xmm8,%xmm8
+	shrdl	$7,%ecx,%ecx
+	xorl	%ebp,%edi
+	movl	%ebx,%esi
+	addl	36(%rsp),%eax
+	vpxor	%xmm8,%xmm6,%xmm6
+	xorl	%edx,%ecx
+	shldl	$5,%ebx,%ebx
+	vmovdqa	%xmm9,16(%rsp)
+	addl	%edi,%eax
+	andl	%ecx,%esi
+	vpsrld	$31,%xmm6,%xmm8
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	shrdl	$7,%ebx,%ebx
+	xorl	%edx,%esi
+	vpslldq	$12,%xmm6,%xmm10
+	vpaddd	%xmm6,%xmm6,%xmm6
+	movl	%eax,%edi
+	addl	40(%rsp),%ebp
+	xorl	%ecx,%ebx
+	shldl	$5,%eax,%eax
+	vpsrld	$30,%xmm10,%xmm9
+	vpor	%xmm8,%xmm6,%xmm6
+	addl	%esi,%ebp
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	vpslld	$2,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm6,%xmm6
+	shrdl	$7,%eax,%eax
+	xorl	%ecx,%edi
+	movl	%ebp,%esi
+	addl	44(%rsp),%edx
+	vpxor	%xmm10,%xmm6,%xmm6
+	xorl	%ebx,%eax
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	andl	%eax,%esi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	shrdl	$7,%ebp,%ebp
+	xorl	%ebx,%esi
+	vpalignr	$8,%xmm3,%xmm4,%xmm7
+	movl	%edx,%edi
+	addl	48(%rsp),%ecx
+	vpaddd	%xmm6,%xmm11,%xmm9
+	xorl	%eax,%ebp
+	shldl	$5,%edx,%edx
+	vpsrldq	$4,%xmm6,%xmm8
+	addl	%esi,%ecx
+	andl	%ebp,%edi
+	vpxor	%xmm3,%xmm7,%xmm7
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	vpxor	%xmm5,%xmm8,%xmm8
+	shrdl	$7,%edx,%edx
+	xorl	%eax,%edi
+	movl	%ecx,%esi
+	addl	52(%rsp),%ebx
+	vpxor	%xmm8,%xmm7,%xmm7
+	xorl	%ebp,%edx
+	shldl	$5,%ecx,%ecx
+	vmovdqa	%xmm9,32(%rsp)
+	addl	%edi,%ebx
+	andl	%edx,%esi
+	vpsrld	$31,%xmm7,%xmm8
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	shrdl	$7,%ecx,%ecx
+	xorl	%ebp,%esi
+	vpslldq	$12,%xmm7,%xmm10
+	vpaddd	%xmm7,%xmm7,%xmm7
+	movl	%ebx,%edi
+	addl	56(%rsp),%eax
+	xorl	%edx,%ecx
+	shldl	$5,%ebx,%ebx
+	vpsrld	$30,%xmm10,%xmm9
+	vpor	%xmm8,%xmm7,%xmm7
+	addl	%esi,%eax
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	vpslld	$2,%xmm10,%xmm10
+	vpxor	%xmm9,%xmm7,%xmm7
+	shrdl	$7,%ebx,%ebx
+	xorl	%edx,%edi
+	movl	%eax,%esi
+	addl	60(%rsp),%ebp
+	vpxor	%xmm10,%xmm7,%xmm7
+	xorl	%ecx,%ebx
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	andl	%ebx,%esi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	vpalignr	$8,%xmm6,%xmm7,%xmm8
+	vpxor	%xmm4,%xmm0,%xmm0
+	shrdl	$7,%eax,%eax
+	xorl	%ecx,%esi
+	movl	%ebp,%edi
+	addl	0(%rsp),%edx
+	vpxor	%xmm1,%xmm0,%xmm0
+	xorl	%ebx,%eax
+	shldl	$5,%ebp,%ebp
+	vpaddd	%xmm7,%xmm11,%xmm9
+	addl	%esi,%edx
+	andl	%eax,%edi
+	vpxor	%xmm8,%xmm0,%xmm0
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	shrdl	$7,%ebp,%ebp
+	xorl	%ebx,%edi
+	vpsrld	$30,%xmm0,%xmm8
+	vmovdqa	%xmm9,48(%rsp)
+	movl	%edx,%esi
+	addl	4(%rsp),%ecx
+	xorl	%eax,%ebp
+	shldl	$5,%edx,%edx
+	vpslld	$2,%xmm0,%xmm0
+	addl	%edi,%ecx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	shrdl	$7,%edx,%edx
+	xorl	%eax,%esi
+	movl	%ecx,%edi
+	addl	8(%rsp),%ebx
+	vpor	%xmm8,%xmm0,%xmm0
+	xorl	%ebp,%edx
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	12(%rsp),%eax
+	xorl	%ebp,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vpalignr	$8,%xmm7,%xmm0,%xmm8
+	vpxor	%xmm5,%xmm1,%xmm1
+	addl	16(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	vpxor	%xmm2,%xmm1,%xmm1
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	vpaddd	%xmm0,%xmm11,%xmm9
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpxor	%xmm8,%xmm1,%xmm1
+	addl	20(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	vpsrld	$30,%xmm1,%xmm8
+	vmovdqa	%xmm9,0(%rsp)
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpslld	$2,%xmm1,%xmm1
+	addl	24(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpor	%xmm8,%xmm1,%xmm1
+	addl	28(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vpalignr	$8,%xmm0,%xmm1,%xmm8
+	vpxor	%xmm6,%xmm2,%xmm2
+	addl	32(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	vpxor	%xmm3,%xmm2,%xmm2
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	vpaddd	%xmm1,%xmm11,%xmm9
+	vmovdqa	0(%r14),%xmm11
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vpxor	%xmm8,%xmm2,%xmm2
+	addl	36(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	vpsrld	$30,%xmm2,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpslld	$2,%xmm2,%xmm2
+	addl	40(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpor	%xmm8,%xmm2,%xmm2
+	addl	44(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpalignr	$8,%xmm1,%xmm2,%xmm8
+	vpxor	%xmm7,%xmm3,%xmm3
+	addl	48(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	vpxor	%xmm4,%xmm3,%xmm3
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	vpaddd	%xmm2,%xmm11,%xmm9
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vpxor	%xmm8,%xmm3,%xmm3
+	addl	52(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	vpsrld	$30,%xmm3,%xmm8
+	vmovdqa	%xmm9,32(%rsp)
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vpslld	$2,%xmm3,%xmm3
+	addl	56(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpor	%xmm8,%xmm3,%xmm3
+	addl	60(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpalignr	$8,%xmm2,%xmm3,%xmm8
+	vpxor	%xmm0,%xmm4,%xmm4
+	addl	0(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	vpxor	%xmm5,%xmm4,%xmm4
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	vpaddd	%xmm3,%xmm11,%xmm9
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpxor	%xmm8,%xmm4,%xmm4
+	addl	4(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	vpsrld	$30,%xmm4,%xmm8
+	vmovdqa	%xmm9,48(%rsp)
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vpslld	$2,%xmm4,%xmm4
+	addl	8(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vpor	%xmm8,%xmm4,%xmm4
+	addl	12(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpalignr	$8,%xmm3,%xmm4,%xmm8
+	vpxor	%xmm1,%xmm5,%xmm5
+	addl	16(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	vpxor	%xmm6,%xmm5,%xmm5
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	vpaddd	%xmm4,%xmm11,%xmm9
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpxor	%xmm8,%xmm5,%xmm5
+	addl	20(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	vpsrld	$30,%xmm5,%xmm8
+	vmovdqa	%xmm9,0(%rsp)
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpslld	$2,%xmm5,%xmm5
+	addl	24(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vpor	%xmm8,%xmm5,%xmm5
+	addl	28(%rsp),%eax
+	shrdl	$7,%ecx,%ecx
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%ecx,%esi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	vpalignr	$8,%xmm4,%xmm5,%xmm8
+	vpxor	%xmm2,%xmm6,%xmm6
+	addl	32(%rsp),%ebp
+	andl	%ecx,%esi
+	xorl	%edx,%ecx
+	shrdl	$7,%ebx,%ebx
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%eax,%edi
+	xorl	%ecx,%esi
+	vpaddd	%xmm5,%xmm11,%xmm9
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	vpxor	%xmm8,%xmm6,%xmm6
+	xorl	%ebx,%edi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	addl	36(%rsp),%edx
+	vpsrld	$30,%xmm6,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	shrdl	$7,%eax,%eax
+	movl	%ebp,%esi
+	vpslld	$2,%xmm6,%xmm6
+	xorl	%ebx,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%eax,%esi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	addl	40(%rsp),%ecx
+	andl	%eax,%esi
+	vpor	%xmm8,%xmm6,%xmm6
+	xorl	%ebx,%eax
+	shrdl	$7,%ebp,%ebp
+	movl	%edx,%edi
+	xorl	%eax,%esi
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	xorl	%ebp,%edi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	addl	44(%rsp),%ebx
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	shrdl	$7,%edx,%edx
+	movl	%ecx,%esi
+	xorl	%ebp,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%edx,%esi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	vpalignr	$8,%xmm5,%xmm6,%xmm8
+	vpxor	%xmm3,%xmm7,%xmm7
+	addl	48(%rsp),%eax
+	andl	%edx,%esi
+	xorl	%ebp,%edx
+	shrdl	$7,%ecx,%ecx
+	vpxor	%xmm0,%xmm7,%xmm7
+	movl	%ebx,%edi
+	xorl	%edx,%esi
+	vpaddd	%xmm6,%xmm11,%xmm9
+	vmovdqa	32(%r14),%xmm11
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	vpxor	%xmm8,%xmm7,%xmm7
+	xorl	%ecx,%edi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	addl	52(%rsp),%ebp
+	vpsrld	$30,%xmm7,%xmm8
+	vmovdqa	%xmm9,32(%rsp)
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	shrdl	$7,%ebx,%ebx
+	movl	%eax,%esi
+	vpslld	$2,%xmm7,%xmm7
+	xorl	%ecx,%edi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ebx,%esi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	addl	56(%rsp),%edx
+	andl	%ebx,%esi
+	vpor	%xmm8,%xmm7,%xmm7
+	xorl	%ecx,%ebx
+	shrdl	$7,%eax,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%esi
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	xorl	%eax,%edi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	addl	60(%rsp),%ecx
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	shrdl	$7,%ebp,%ebp
+	movl	%edx,%esi
+	xorl	%eax,%edi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	vpalignr	$8,%xmm6,%xmm7,%xmm8
+	vpxor	%xmm4,%xmm0,%xmm0
+	addl	0(%rsp),%ebx
+	andl	%ebp,%esi
+	xorl	%eax,%ebp
+	shrdl	$7,%edx,%edx
+	vpxor	%xmm1,%xmm0,%xmm0
+	movl	%ecx,%edi
+	xorl	%ebp,%esi
+	vpaddd	%xmm7,%xmm11,%xmm9
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	vpxor	%xmm8,%xmm0,%xmm0
+	xorl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	4(%rsp),%eax
+	vpsrld	$30,%xmm0,%xmm8
+	vmovdqa	%xmm9,48(%rsp)
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	shrdl	$7,%ecx,%ecx
+	movl	%ebx,%esi
+	vpslld	$2,%xmm0,%xmm0
+	xorl	%edx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%ecx,%esi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	addl	8(%rsp),%ebp
+	andl	%ecx,%esi
+	vpor	%xmm8,%xmm0,%xmm0
+	xorl	%edx,%ecx
+	shrdl	$7,%ebx,%ebx
+	movl	%eax,%edi
+	xorl	%ecx,%esi
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	xorl	%ebx,%edi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	addl	12(%rsp),%edx
+	andl	%ebx,%edi
+	xorl	%ecx,%ebx
+	shrdl	$7,%eax,%eax
+	movl	%ebp,%esi
+	xorl	%ebx,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%eax,%esi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	vpalignr	$8,%xmm7,%xmm0,%xmm8
+	vpxor	%xmm5,%xmm1,%xmm1
+	addl	16(%rsp),%ecx
+	andl	%eax,%esi
+	xorl	%ebx,%eax
+	shrdl	$7,%ebp,%ebp
+	vpxor	%xmm2,%xmm1,%xmm1
+	movl	%edx,%edi
+	xorl	%eax,%esi
+	vpaddd	%xmm0,%xmm11,%xmm9
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	vpxor	%xmm8,%xmm1,%xmm1
+	xorl	%ebp,%edi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	addl	20(%rsp),%ebx
+	vpsrld	$30,%xmm1,%xmm8
+	vmovdqa	%xmm9,0(%rsp)
+	andl	%ebp,%edi
+	xorl	%eax,%ebp
+	shrdl	$7,%edx,%edx
+	movl	%ecx,%esi
+	vpslld	$2,%xmm1,%xmm1
+	xorl	%ebp,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%edx,%esi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	24(%rsp),%eax
+	andl	%edx,%esi
+	vpor	%xmm8,%xmm1,%xmm1
+	xorl	%ebp,%edx
+	shrdl	$7,%ecx,%ecx
+	movl	%ebx,%edi
+	xorl	%edx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	xorl	%ecx,%edi
+	xorl	%edx,%ecx
+	addl	%ebx,%eax
+	addl	28(%rsp),%ebp
+	andl	%ecx,%edi
+	xorl	%edx,%ecx
+	shrdl	$7,%ebx,%ebx
+	movl	%eax,%esi
+	xorl	%ecx,%edi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ebx,%esi
+	xorl	%ecx,%ebx
+	addl	%eax,%ebp
+	vpalignr	$8,%xmm0,%xmm1,%xmm8
+	vpxor	%xmm6,%xmm2,%xmm2
+	addl	32(%rsp),%edx
+	andl	%ebx,%esi
+	xorl	%ecx,%ebx
+	shrdl	$7,%eax,%eax
+	vpxor	%xmm3,%xmm2,%xmm2
+	movl	%ebp,%edi
+	xorl	%ebx,%esi
+	vpaddd	%xmm1,%xmm11,%xmm9
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	vpxor	%xmm8,%xmm2,%xmm2
+	xorl	%eax,%edi
+	xorl	%ebx,%eax
+	addl	%ebp,%edx
+	addl	36(%rsp),%ecx
+	vpsrld	$30,%xmm2,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	andl	%eax,%edi
+	xorl	%ebx,%eax
+	shrdl	$7,%ebp,%ebp
+	movl	%edx,%esi
+	vpslld	$2,%xmm2,%xmm2
+	xorl	%eax,%edi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%ebp,%esi
+	xorl	%eax,%ebp
+	addl	%edx,%ecx
+	addl	40(%rsp),%ebx
+	andl	%ebp,%esi
+	vpor	%xmm8,%xmm2,%xmm2
+	xorl	%eax,%ebp
+	shrdl	$7,%edx,%edx
+	movl	%ecx,%edi
+	xorl	%ebp,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%edx,%edi
+	xorl	%ebp,%edx
+	addl	%ecx,%ebx
+	addl	44(%rsp),%eax
+	andl	%edx,%edi
+	xorl	%ebp,%edx
+	shrdl	$7,%ecx,%ecx
+	movl	%ebx,%esi
+	xorl	%edx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	addl	%ebx,%eax
+	vpalignr	$8,%xmm1,%xmm2,%xmm8
+	vpxor	%xmm7,%xmm3,%xmm3
+	addl	48(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	vpxor	%xmm4,%xmm3,%xmm3
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	vpaddd	%xmm2,%xmm11,%xmm9
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	vpxor	%xmm8,%xmm3,%xmm3
+	addl	52(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	vpsrld	$30,%xmm3,%xmm8
+	vmovdqa	%xmm9,32(%rsp)
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vpslld	$2,%xmm3,%xmm3
+	addl	56(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vpor	%xmm8,%xmm3,%xmm3
+	addl	60(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	0(%rsp),%eax
+	vpaddd	%xmm3,%xmm11,%xmm9
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	vmovdqa	%xmm9,48(%rsp)
+	xorl	%edx,%edi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	4(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	8(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	addl	12(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	cmpq	%r10,%r9
+	je	L$done_avx
+	vmovdqa	64(%r14),%xmm6
+	vmovdqa	-64(%r14),%xmm11
+	vmovdqu	0(%r9),%xmm0
+	vmovdqu	16(%r9),%xmm1
+	vmovdqu	32(%r9),%xmm2
+	vmovdqu	48(%r9),%xmm3
+	vpshufb	%xmm6,%xmm0,%xmm0
+	addq	$64,%r9
+	addl	16(%rsp),%ebx
+	xorl	%ebp,%esi
+	vpshufb	%xmm6,%xmm1,%xmm1
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	vpaddd	%xmm11,%xmm0,%xmm4
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	vmovdqa	%xmm4,0(%rsp)
+	addl	20(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	24(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	28(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	addl	32(%rsp),%ecx
+	xorl	%eax,%esi
+	vpshufb	%xmm6,%xmm2,%xmm2
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	vpaddd	%xmm11,%xmm1,%xmm5
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	vmovdqa	%xmm5,16(%rsp)
+	addl	36(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	40(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	44(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	48(%rsp),%edx
+	xorl	%ebx,%esi
+	vpshufb	%xmm6,%xmm3,%xmm3
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	vpaddd	%xmm11,%xmm2,%xmm6
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	vmovdqa	%xmm6,32(%rsp)
+	addl	52(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	addl	56(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	60(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	0(%r8),%eax
+	addl	4(%r8),%esi
+	addl	8(%r8),%ecx
+	addl	12(%r8),%edx
+	movl	%eax,0(%r8)
+	addl	16(%r8),%ebp
+	movl	%esi,4(%r8)
+	movl	%esi,%ebx
+	movl	%ecx,8(%r8)
+	movl	%ecx,%edi
+	movl	%edx,12(%r8)
+	xorl	%edx,%edi
+	movl	%ebp,16(%r8)
+	andl	%edi,%esi
+	jmp	L$oop_avx
+
+.p2align	4
+L$done_avx:
+	addl	16(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	20(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	xorl	%edx,%esi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	24(%rsp),%ebp
+	xorl	%ecx,%esi
+	movl	%eax,%edi
+	shldl	$5,%eax,%eax
+	addl	%esi,%ebp
+	xorl	%ecx,%edi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	28(%rsp),%edx
+	xorl	%ebx,%edi
+	movl	%ebp,%esi
+	shldl	$5,%ebp,%ebp
+	addl	%edi,%edx
+	xorl	%ebx,%esi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	addl	32(%rsp),%ecx
+	xorl	%eax,%esi
+	movl	%edx,%edi
+	shldl	$5,%edx,%edx
+	addl	%esi,%ecx
+	xorl	%eax,%edi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	addl	36(%rsp),%ebx
+	xorl	%ebp,%edi
+	movl	%ecx,%esi
+	shldl	$5,%ecx,%ecx
+	addl	%edi,%ebx
+	xorl	%ebp,%esi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	40(%rsp),%eax
+	xorl	%edx,%esi
+	movl	%ebx,%edi
+	shldl	$5,%ebx,%ebx
+	addl	%esi,%eax
+	xorl	%edx,%edi
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	addl	44(%rsp),%ebp
+	xorl	%ecx,%edi
+	movl	%eax,%esi
+	shldl	$5,%eax,%eax
+	addl	%edi,%ebp
+	xorl	%ecx,%esi
+	shrdl	$7,%ebx,%ebx
+	addl	%eax,%ebp
+	addl	48(%rsp),%edx
+	xorl	%ebx,%esi
+	movl	%ebp,%edi
+	shldl	$5,%ebp,%ebp
+	addl	%esi,%edx
+	xorl	%ebx,%edi
+	shrdl	$7,%eax,%eax
+	addl	%ebp,%edx
+	addl	52(%rsp),%ecx
+	xorl	%eax,%edi
+	movl	%edx,%esi
+	shldl	$5,%edx,%edx
+	addl	%edi,%ecx
+	xorl	%eax,%esi
+	shrdl	$7,%ebp,%ebp
+	addl	%edx,%ecx
+	addl	56(%rsp),%ebx
+	xorl	%ebp,%esi
+	movl	%ecx,%edi
+	shldl	$5,%ecx,%ecx
+	addl	%esi,%ebx
+	xorl	%ebp,%edi
+	shrdl	$7,%edx,%edx
+	addl	%ecx,%ebx
+	addl	60(%rsp),%eax
+	xorl	%edx,%edi
+	movl	%ebx,%esi
+	shldl	$5,%ebx,%ebx
+	addl	%edi,%eax
+	shrdl	$7,%ecx,%ecx
+	addl	%ebx,%eax
+	vzeroupper
+
+	addl	0(%r8),%eax
+	addl	4(%r8),%esi
+	addl	8(%r8),%ecx
+	movl	%eax,0(%r8)
+	addl	12(%r8),%edx
+	movl	%esi,4(%r8)
+	addl	16(%r8),%ebp
+	movl	%ecx,8(%r8)
+	movl	%edx,12(%r8)
+	movl	%ebp,16(%r8)
+	movq	-40(%r11),%r14
+
+	movq	-32(%r11),%r13
+
+	movq	-24(%r11),%r12
+
+	movq	-16(%r11),%rbp
+
+	movq	-8(%r11),%rbx
+
+	leaq	(%r11),%rsp
+
+L$epilogue_avx:
+	.byte	0xf3,0xc3
+
+
+
+.p2align	4
+sha1_block_data_order_avx2:
+_avx2_shortcut:
+
+	movq	%rsp,%r11
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	vzeroupper
+	movq	%rdi,%r8
+	movq	%rsi,%r9
+	movq	%rdx,%r10
+
+	leaq	-640(%rsp),%rsp
+	shlq	$6,%r10
+	leaq	64(%r9),%r13
+	andq	$-128,%rsp
+	addq	%r9,%r10
+	leaq	K_XX_XX+64(%rip),%r14
+
+	movl	0(%r8),%eax
+	cmpq	%r10,%r13
+	cmovaeq	%r9,%r13
+	movl	4(%r8),%ebp
+	movl	8(%r8),%ecx
+	movl	12(%r8),%edx
+	movl	16(%r8),%esi
+	vmovdqu	64(%r14),%ymm6
+
+	vmovdqu	(%r9),%xmm0
+	vmovdqu	16(%r9),%xmm1
+	vmovdqu	32(%r9),%xmm2
+	vmovdqu	48(%r9),%xmm3
+	leaq	64(%r9),%r9
+	vinserti128	$1,(%r13),%ymm0,%ymm0
+	vinserti128	$1,16(%r13),%ymm1,%ymm1
+	vpshufb	%ymm6,%ymm0,%ymm0
+	vinserti128	$1,32(%r13),%ymm2,%ymm2
+	vpshufb	%ymm6,%ymm1,%ymm1
+	vinserti128	$1,48(%r13),%ymm3,%ymm3
+	vpshufb	%ymm6,%ymm2,%ymm2
+	vmovdqu	-64(%r14),%ymm11
+	vpshufb	%ymm6,%ymm3,%ymm3
+
+	vpaddd	%ymm11,%ymm0,%ymm4
+	vpaddd	%ymm11,%ymm1,%ymm5
+	vmovdqu	%ymm4,0(%rsp)
+	vpaddd	%ymm11,%ymm2,%ymm6
+	vmovdqu	%ymm5,32(%rsp)
+	vpaddd	%ymm11,%ymm3,%ymm7
+	vmovdqu	%ymm6,64(%rsp)
+	vmovdqu	%ymm7,96(%rsp)
+	vpalignr	$8,%ymm0,%ymm1,%ymm4
+	vpsrldq	$4,%ymm3,%ymm8
+	vpxor	%ymm0,%ymm4,%ymm4
+	vpxor	%ymm2,%ymm8,%ymm8
+	vpxor	%ymm8,%ymm4,%ymm4
+	vpsrld	$31,%ymm4,%ymm8
+	vpslldq	$12,%ymm4,%ymm10
+	vpaddd	%ymm4,%ymm4,%ymm4
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm4,%ymm4
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm4,%ymm4
+	vpxor	%ymm10,%ymm4,%ymm4
+	vpaddd	%ymm11,%ymm4,%ymm9
+	vmovdqu	%ymm9,128(%rsp)
+	vpalignr	$8,%ymm1,%ymm2,%ymm5
+	vpsrldq	$4,%ymm4,%ymm8
+	vpxor	%ymm1,%ymm5,%ymm5
+	vpxor	%ymm3,%ymm8,%ymm8
+	vpxor	%ymm8,%ymm5,%ymm5
+	vpsrld	$31,%ymm5,%ymm8
+	vmovdqu	-32(%r14),%ymm11
+	vpslldq	$12,%ymm5,%ymm10
+	vpaddd	%ymm5,%ymm5,%ymm5
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm5,%ymm5
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm5,%ymm5
+	vpxor	%ymm10,%ymm5,%ymm5
+	vpaddd	%ymm11,%ymm5,%ymm9
+	vmovdqu	%ymm9,160(%rsp)
+	vpalignr	$8,%ymm2,%ymm3,%ymm6
+	vpsrldq	$4,%ymm5,%ymm8
+	vpxor	%ymm2,%ymm6,%ymm6
+	vpxor	%ymm4,%ymm8,%ymm8
+	vpxor	%ymm8,%ymm6,%ymm6
+	vpsrld	$31,%ymm6,%ymm8
+	vpslldq	$12,%ymm6,%ymm10
+	vpaddd	%ymm6,%ymm6,%ymm6
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm6,%ymm6
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm6,%ymm6
+	vpxor	%ymm10,%ymm6,%ymm6
+	vpaddd	%ymm11,%ymm6,%ymm9
+	vmovdqu	%ymm9,192(%rsp)
+	vpalignr	$8,%ymm3,%ymm4,%ymm7
+	vpsrldq	$4,%ymm6,%ymm8
+	vpxor	%ymm3,%ymm7,%ymm7
+	vpxor	%ymm5,%ymm8,%ymm8
+	vpxor	%ymm8,%ymm7,%ymm7
+	vpsrld	$31,%ymm7,%ymm8
+	vpslldq	$12,%ymm7,%ymm10
+	vpaddd	%ymm7,%ymm7,%ymm7
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm7,%ymm7
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm7,%ymm7
+	vpxor	%ymm10,%ymm7,%ymm7
+	vpaddd	%ymm11,%ymm7,%ymm9
+	vmovdqu	%ymm9,224(%rsp)
+	leaq	128(%rsp),%r13
+	jmp	L$oop_avx2
+.p2align	5
+L$oop_avx2:
+	rorxl	$2,%ebp,%ebx
+	andnl	%edx,%ebp,%edi
+	andl	%ecx,%ebp
+	xorl	%edi,%ebp
+	jmp	L$align32_1
+.p2align	5
+L$align32_1:
+	vpalignr	$8,%ymm6,%ymm7,%ymm8
+	vpxor	%ymm4,%ymm0,%ymm0
+	addl	-128(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	vpxor	%ymm1,%ymm0,%ymm0
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	vpxor	%ymm8,%ymm0,%ymm0
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	vpsrld	$30,%ymm0,%ymm8
+	vpslld	$2,%ymm0,%ymm0
+	addl	-124(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	vpor	%ymm8,%ymm0,%ymm0
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-120(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	vpaddd	%ymm11,%ymm0,%ymm9
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	vmovdqu	%ymm9,256(%rsp)
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-116(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	addl	-96(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	vpalignr	$8,%ymm7,%ymm0,%ymm8
+	vpxor	%ymm5,%ymm1,%ymm1
+	addl	-92(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	vpxor	%ymm2,%ymm1,%ymm1
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	vpxor	%ymm8,%ymm1,%ymm1
+	andl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	vpsrld	$30,%ymm1,%ymm8
+	vpslld	$2,%ymm1,%ymm1
+	addl	-88(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	vpor	%ymm8,%ymm1,%ymm1
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-84(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	vpaddd	%ymm11,%ymm1,%ymm9
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	vmovdqu	%ymm9,288(%rsp)
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-64(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-60(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	vpalignr	$8,%ymm0,%ymm1,%ymm8
+	vpxor	%ymm6,%ymm2,%ymm2
+	addl	-56(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	vpxor	%ymm3,%ymm2,%ymm2
+	vmovdqu	0(%r14),%ymm11
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	vpxor	%ymm8,%ymm2,%ymm2
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	vpsrld	$30,%ymm2,%ymm8
+	vpslld	$2,%ymm2,%ymm2
+	addl	-52(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	vpor	%ymm8,%ymm2,%ymm2
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	-32(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	vpaddd	%ymm11,%ymm2,%ymm9
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	vmovdqu	%ymm9,320(%rsp)
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-28(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-24(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	vpalignr	$8,%ymm1,%ymm2,%ymm8
+	vpxor	%ymm7,%ymm3,%ymm3
+	addl	-20(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	vpxor	%ymm4,%ymm3,%ymm3
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	vpxor	%ymm8,%ymm3,%ymm3
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	vpsrld	$30,%ymm3,%ymm8
+	vpslld	$2,%ymm3,%ymm3
+	addl	0(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	vpor	%ymm8,%ymm3,%ymm3
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	addl	4(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	vpaddd	%ymm11,%ymm3,%ymm9
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	vmovdqu	%ymm9,352(%rsp)
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	8(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	12(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	vpalignr	$8,%ymm2,%ymm3,%ymm8
+	vpxor	%ymm0,%ymm4,%ymm4
+	addl	32(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	vpxor	%ymm8,%ymm4,%ymm4
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	36(%r13),%ebx
+	vpsrld	$30,%ymm4,%ymm8
+	vpslld	$2,%ymm4,%ymm4
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	vpor	%ymm8,%ymm4,%ymm4
+	addl	40(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	vpaddd	%ymm11,%ymm4,%ymm9
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	44(%r13),%eax
+	vmovdqu	%ymm9,384(%rsp)
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	64(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	vpalignr	$8,%ymm3,%ymm4,%ymm8
+	vpxor	%ymm1,%ymm5,%ymm5
+	addl	68(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	vpxor	%ymm6,%ymm5,%ymm5
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	vpxor	%ymm8,%ymm5,%ymm5
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	72(%r13),%ecx
+	vpsrld	$30,%ymm5,%ymm8
+	vpslld	$2,%ymm5,%ymm5
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	vpor	%ymm8,%ymm5,%ymm5
+	addl	76(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	vpaddd	%ymm11,%ymm5,%ymm9
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	96(%r13),%ebp
+	vmovdqu	%ymm9,416(%rsp)
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	100(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	vpalignr	$8,%ymm4,%ymm5,%ymm8
+	vpxor	%ymm2,%ymm6,%ymm6
+	addl	104(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	vpxor	%ymm7,%ymm6,%ymm6
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	vpxor	%ymm8,%ymm6,%ymm6
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	108(%r13),%edx
+	leaq	256(%r13),%r13
+	vpsrld	$30,%ymm6,%ymm8
+	vpslld	$2,%ymm6,%ymm6
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	vpor	%ymm8,%ymm6,%ymm6
+	addl	-128(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	vpaddd	%ymm11,%ymm6,%ymm9
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-124(%r13),%ebx
+	vmovdqu	%ymm9,448(%rsp)
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-120(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	vpalignr	$8,%ymm5,%ymm6,%ymm8
+	vpxor	%ymm3,%ymm7,%ymm7
+	addl	-116(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	vpxor	%ymm0,%ymm7,%ymm7
+	vmovdqu	32(%r14),%ymm11
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	vpxor	%ymm8,%ymm7,%ymm7
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-96(%r13),%esi
+	vpsrld	$30,%ymm7,%ymm8
+	vpslld	$2,%ymm7,%ymm7
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	vpor	%ymm8,%ymm7,%ymm7
+	addl	-92(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	vpaddd	%ymm11,%ymm7,%ymm9
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-88(%r13),%ecx
+	vmovdqu	%ymm9,480(%rsp)
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-84(%r13),%ebx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	jmp	L$align32_2
+.p2align	5
+L$align32_2:
+	vpalignr	$8,%ymm6,%ymm7,%ymm8
+	vpxor	%ymm4,%ymm0,%ymm0
+	addl	-64(%r13),%ebp
+	xorl	%esi,%ecx
+	vpxor	%ymm1,%ymm0,%ymm0
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	vpxor	%ymm8,%ymm0,%ymm0
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	vpsrld	$30,%ymm0,%ymm8
+	vpslld	$2,%ymm0,%ymm0
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	-60(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	vpor	%ymm8,%ymm0,%ymm0
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	vpaddd	%ymm11,%ymm0,%ymm9
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	-56(%r13),%esi
+	xorl	%ecx,%ebp
+	vmovdqu	%ymm9,512(%rsp)
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	addl	-52(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	addl	-32(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	vpalignr	$8,%ymm7,%ymm0,%ymm8
+	vpxor	%ymm5,%ymm1,%ymm1
+	addl	-28(%r13),%ebx
+	xorl	%eax,%edx
+	vpxor	%ymm2,%ymm1,%ymm1
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	vpxor	%ymm8,%ymm1,%ymm1
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	vpsrld	$30,%ymm1,%ymm8
+	vpslld	$2,%ymm1,%ymm1
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	-24(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	vpor	%ymm8,%ymm1,%ymm1
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	vpaddd	%ymm11,%ymm1,%ymm9
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	-20(%r13),%eax
+	xorl	%edx,%ebx
+	vmovdqu	%ymm9,544(%rsp)
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	0(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	addl	4(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	vpalignr	$8,%ymm0,%ymm1,%ymm8
+	vpxor	%ymm6,%ymm2,%ymm2
+	addl	8(%r13),%ecx
+	xorl	%ebp,%esi
+	vpxor	%ymm3,%ymm2,%ymm2
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	vpxor	%ymm8,%ymm2,%ymm2
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	vpsrld	$30,%ymm2,%ymm8
+	vpslld	$2,%ymm2,%ymm2
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	addl	12(%r13),%ebx
+	xorl	%eax,%edx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	vpor	%ymm8,%ymm2,%ymm2
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	vpaddd	%ymm11,%ymm2,%ymm9
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	32(%r13),%ebp
+	xorl	%esi,%ecx
+	vmovdqu	%ymm9,576(%rsp)
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	36(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	40(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	vpalignr	$8,%ymm1,%ymm2,%ymm8
+	vpxor	%ymm7,%ymm3,%ymm3
+	addl	44(%r13),%edx
+	xorl	%ebx,%eax
+	vpxor	%ymm4,%ymm3,%ymm3
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	vpxor	%ymm8,%ymm3,%ymm3
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	vpsrld	$30,%ymm3,%ymm8
+	vpslld	$2,%ymm3,%ymm3
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	addl	64(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	vpor	%ymm8,%ymm3,%ymm3
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	vpaddd	%ymm11,%ymm3,%ymm9
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	addl	68(%r13),%ebx
+	xorl	%eax,%edx
+	vmovdqu	%ymm9,608(%rsp)
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	72(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	76(%r13),%eax
+	xorl	%edx,%ebx
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	96(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	100(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	104(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	108(%r13),%ebx
+	leaq	256(%r13),%r13
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-128(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	-124(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-120(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-116(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-96(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-92(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-88(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	-84(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-64(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-60(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-56(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-52(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-32(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	-28(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-24(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-20(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	addl	%r12d,%edx
+	leaq	128(%r9),%r13
+	leaq	128(%r9),%rdi
+	cmpq	%r10,%r13
+	cmovaeq	%r9,%r13
+
+
+	addl	0(%r8),%edx
+	addl	4(%r8),%esi
+	addl	8(%r8),%ebp
+	movl	%edx,0(%r8)
+	addl	12(%r8),%ebx
+	movl	%esi,4(%r8)
+	movl	%edx,%eax
+	addl	16(%r8),%ecx
+	movl	%ebp,%r12d
+	movl	%ebp,8(%r8)
+	movl	%ebx,%edx
+
+	movl	%ebx,12(%r8)
+	movl	%esi,%ebp
+	movl	%ecx,16(%r8)
+
+	movl	%ecx,%esi
+	movl	%r12d,%ecx
+
+
+	cmpq	%r10,%r9
+	je	L$done_avx2
+	vmovdqu	64(%r14),%ymm6
+	cmpq	%r10,%rdi
+	ja	L$ast_avx2
+
+	vmovdqu	-64(%rdi),%xmm0
+	vmovdqu	-48(%rdi),%xmm1
+	vmovdqu	-32(%rdi),%xmm2
+	vmovdqu	-16(%rdi),%xmm3
+	vinserti128	$1,0(%r13),%ymm0,%ymm0
+	vinserti128	$1,16(%r13),%ymm1,%ymm1
+	vinserti128	$1,32(%r13),%ymm2,%ymm2
+	vinserti128	$1,48(%r13),%ymm3,%ymm3
+	jmp	L$ast_avx2
+
+.p2align	5
+L$ast_avx2:
+	leaq	128+16(%rsp),%r13
+	rorxl	$2,%ebp,%ebx
+	andnl	%edx,%ebp,%edi
+	andl	%ecx,%ebp
+	xorl	%edi,%ebp
+	subq	$-128,%r9
+	addl	-128(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-124(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-120(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-116(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	addl	-96(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	addl	-92(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	-88(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-84(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-64(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-60(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	addl	-56(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	addl	-52(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	-32(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	-28(%r13),%edx
+	andnl	%ebx,%esi,%edi
+	addl	%eax,%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	andl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%edi,%esi
+	addl	-24(%r13),%ecx
+	andnl	%ebp,%edx,%edi
+	addl	%esi,%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	andl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%edi,%edx
+	addl	-20(%r13),%ebx
+	andnl	%eax,%ecx,%edi
+	addl	%edx,%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	andl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%edi,%ecx
+	addl	0(%r13),%ebp
+	andnl	%esi,%ebx,%edi
+	addl	%ecx,%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	andl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%edi,%ebx
+	addl	4(%r13),%eax
+	andnl	%edx,%ebp,%edi
+	addl	%ebx,%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	andl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edi,%ebp
+	addl	8(%r13),%esi
+	andnl	%ecx,%eax,%edi
+	addl	%ebp,%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	andl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%edi,%eax
+	addl	12(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	32(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	36(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	40(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	44(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	64(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	vmovdqu	-64(%r14),%ymm11
+	vpshufb	%ymm6,%ymm0,%ymm0
+	addl	68(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	72(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	76(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	96(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	100(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	vpshufb	%ymm6,%ymm1,%ymm1
+	vpaddd	%ymm11,%ymm0,%ymm8
+	addl	104(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	108(%r13),%edx
+	leaq	256(%r13),%r13
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-128(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-124(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-120(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	vmovdqu	%ymm8,0(%rsp)
+	vpshufb	%ymm6,%ymm2,%ymm2
+	vpaddd	%ymm11,%ymm1,%ymm9
+	addl	-116(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-96(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-92(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	addl	-88(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-84(%r13),%ebx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	vmovdqu	%ymm9,32(%rsp)
+	vpshufb	%ymm6,%ymm3,%ymm3
+	vpaddd	%ymm11,%ymm2,%ymm6
+	addl	-64(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	-60(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	-56(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	addl	-52(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	addl	-32(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	jmp	L$align32_3
+.p2align	5
+L$align32_3:
+	vmovdqu	%ymm6,64(%rsp)
+	vpaddd	%ymm11,%ymm3,%ymm7
+	addl	-28(%r13),%ebx
+	xorl	%eax,%edx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	-24(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	-20(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	0(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	addl	4(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	andl	%edi,%esi
+	vmovdqu	%ymm7,96(%rsp)
+	addl	8(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	addl	12(%r13),%ebx
+	xorl	%eax,%edx
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	32(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	36(%r13),%eax
+	xorl	%edx,%ebx
+	movl	%ecx,%edi
+	xorl	%edx,%edi
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	andl	%edi,%ebp
+	addl	40(%r13),%esi
+	xorl	%ecx,%ebp
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	andl	%edi,%eax
+	vpalignr	$8,%ymm0,%ymm1,%ymm4
+	addl	44(%r13),%edx
+	xorl	%ebx,%eax
+	movl	%ebp,%edi
+	xorl	%ebx,%edi
+	vpsrldq	$4,%ymm3,%ymm8
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	vpxor	%ymm0,%ymm4,%ymm4
+	vpxor	%ymm2,%ymm8,%ymm8
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	vpxor	%ymm8,%ymm4,%ymm4
+	andl	%edi,%esi
+	addl	64(%r13),%ecx
+	xorl	%ebp,%esi
+	movl	%eax,%edi
+	vpsrld	$31,%ymm4,%ymm8
+	xorl	%ebp,%edi
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	vpslldq	$12,%ymm4,%ymm10
+	vpaddd	%ymm4,%ymm4,%ymm4
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm4,%ymm4
+	addl	%r12d,%ecx
+	andl	%edi,%edx
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm4,%ymm4
+	addl	68(%r13),%ebx
+	xorl	%eax,%edx
+	vpxor	%ymm10,%ymm4,%ymm4
+	movl	%esi,%edi
+	xorl	%eax,%edi
+	leal	(%rbx,%rdx,1),%ebx
+	vpaddd	%ymm11,%ymm4,%ymm9
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	vmovdqu	%ymm9,128(%rsp)
+	addl	%r12d,%ebx
+	andl	%edi,%ecx
+	addl	72(%r13),%ebp
+	xorl	%esi,%ecx
+	movl	%edx,%edi
+	xorl	%esi,%edi
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	andl	%edi,%ebx
+	addl	76(%r13),%eax
+	xorl	%edx,%ebx
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	vpalignr	$8,%ymm1,%ymm2,%ymm5
+	addl	96(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	vpsrldq	$4,%ymm4,%ymm8
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	vpxor	%ymm1,%ymm5,%ymm5
+	vpxor	%ymm3,%ymm8,%ymm8
+	addl	100(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	vpxor	%ymm8,%ymm5,%ymm5
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	vpsrld	$31,%ymm5,%ymm8
+	vmovdqu	-32(%r14),%ymm11
+	xorl	%ebx,%esi
+	addl	104(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	vpslldq	$12,%ymm5,%ymm10
+	vpaddd	%ymm5,%ymm5,%ymm5
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm5,%ymm5
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm5,%ymm5
+	xorl	%ebp,%edx
+	addl	108(%r13),%ebx
+	leaq	256(%r13),%r13
+	vpxor	%ymm10,%ymm5,%ymm5
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	vpaddd	%ymm11,%ymm5,%ymm9
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	vmovdqu	%ymm9,160(%rsp)
+	addl	-128(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	vpalignr	$8,%ymm2,%ymm3,%ymm6
+	addl	-124(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	vpsrldq	$4,%ymm5,%ymm8
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	vpxor	%ymm2,%ymm6,%ymm6
+	vpxor	%ymm4,%ymm8,%ymm8
+	addl	-120(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	vpxor	%ymm8,%ymm6,%ymm6
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	vpsrld	$31,%ymm6,%ymm8
+	xorl	%ecx,%eax
+	addl	-116(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	vpslldq	$12,%ymm6,%ymm10
+	vpaddd	%ymm6,%ymm6,%ymm6
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm6,%ymm6
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm6,%ymm6
+	xorl	%ebx,%esi
+	addl	-96(%r13),%ecx
+	vpxor	%ymm10,%ymm6,%ymm6
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	vpaddd	%ymm11,%ymm6,%ymm9
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	vmovdqu	%ymm9,192(%rsp)
+	addl	-92(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	vpalignr	$8,%ymm3,%ymm4,%ymm7
+	addl	-88(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	vpsrldq	$4,%ymm6,%ymm8
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	vpxor	%ymm3,%ymm7,%ymm7
+	vpxor	%ymm5,%ymm8,%ymm8
+	addl	-84(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	vpxor	%ymm8,%ymm7,%ymm7
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	vpsrld	$31,%ymm7,%ymm8
+	xorl	%edx,%ebp
+	addl	-64(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	vpslldq	$12,%ymm7,%ymm10
+	vpaddd	%ymm7,%ymm7,%ymm7
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	vpsrld	$30,%ymm10,%ymm9
+	vpor	%ymm8,%ymm7,%ymm7
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	vpslld	$2,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm7,%ymm7
+	xorl	%ecx,%eax
+	addl	-60(%r13),%edx
+	vpxor	%ymm10,%ymm7,%ymm7
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	rorxl	$2,%esi,%eax
+	vpaddd	%ymm11,%ymm7,%ymm9
+	xorl	%ebp,%esi
+	addl	%r12d,%edx
+	xorl	%ebx,%esi
+	vmovdqu	%ymm9,224(%rsp)
+	addl	-56(%r13),%ecx
+	leal	(%rcx,%rsi,1),%ecx
+	rorxl	$27,%edx,%r12d
+	rorxl	$2,%edx,%esi
+	xorl	%eax,%edx
+	addl	%r12d,%ecx
+	xorl	%ebp,%edx
+	addl	-52(%r13),%ebx
+	leal	(%rbx,%rdx,1),%ebx
+	rorxl	$27,%ecx,%r12d
+	rorxl	$2,%ecx,%edx
+	xorl	%esi,%ecx
+	addl	%r12d,%ebx
+	xorl	%eax,%ecx
+	addl	-32(%r13),%ebp
+	leal	(%rcx,%rbp,1),%ebp
+	rorxl	$27,%ebx,%r12d
+	rorxl	$2,%ebx,%ecx
+	xorl	%edx,%ebx
+	addl	%r12d,%ebp
+	xorl	%esi,%ebx
+	addl	-28(%r13),%eax
+	leal	(%rax,%rbx,1),%eax
+	rorxl	$27,%ebp,%r12d
+	rorxl	$2,%ebp,%ebx
+	xorl	%ecx,%ebp
+	addl	%r12d,%eax
+	xorl	%edx,%ebp
+	addl	-24(%r13),%esi
+	leal	(%rsi,%rbp,1),%esi
+	rorxl	$27,%eax,%r12d
+	rorxl	$2,%eax,%ebp
+	xorl	%ebx,%eax
+	addl	%r12d,%esi
+	xorl	%ecx,%eax
+	addl	-20(%r13),%edx
+	leal	(%rdx,%rax,1),%edx
+	rorxl	$27,%esi,%r12d
+	addl	%r12d,%edx
+	leaq	128(%rsp),%r13
+
+
+	addl	0(%r8),%edx
+	addl	4(%r8),%esi
+	addl	8(%r8),%ebp
+	movl	%edx,0(%r8)
+	addl	12(%r8),%ebx
+	movl	%esi,4(%r8)
+	movl	%edx,%eax
+	addl	16(%r8),%ecx
+	movl	%ebp,%r12d
+	movl	%ebp,8(%r8)
+	movl	%ebx,%edx
+
+	movl	%ebx,12(%r8)
+	movl	%esi,%ebp
+	movl	%ecx,16(%r8)
+
+	movl	%ecx,%esi
+	movl	%r12d,%ecx
+
+
+	cmpq	%r10,%r9
+	jbe	L$oop_avx2
+
+L$done_avx2:
+	vzeroupper
+	movq	-40(%r11),%r14
+
+	movq	-32(%r11),%r13
+
+	movq	-24(%r11),%r12
+
+	movq	-16(%r11),%rbp
+
+	movq	-8(%r11),%rbx
+
+	leaq	(%r11),%rsp
+
+L$epilogue_avx2:
+	.byte	0xf3,0xc3
+
+
+.p2align	6
+K_XX_XX:
+.long	0x5a827999,0x5a827999,0x5a827999,0x5a827999
+.long	0x5a827999,0x5a827999,0x5a827999,0x5a827999
+.long	0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1
+.long	0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1
+.long	0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc
+.long	0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc
+.long	0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6
+.long	0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+.byte	0xf,0xe,0xd,0xc,0xb,0xa,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0
+.byte	83,72,65,49,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+.p2align	6
+
diff --git a/lib/accelerated/x86/macosx/sha256-ssse3-x86.s b/lib/accelerated/x86/macosx/sha256-ssse3-x86.s
new file mode 100644
index 0000000..8d25710
--- /dev/null
+++ b/lib/accelerated/x86/macosx/sha256-ssse3-x86.s
@@ -0,0 +1,3384 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text
+.globl	_sha256_block_data_order
+.align	4
+_sha256_block_data_order:
+L_sha256_block_data_order_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	%esp,%ebx
+	call	L000pic_point
+L000pic_point:
+	popl	%ebp
+	leal	L001K256-L000pic_point(%ebp),%ebp
+	subl	$16,%esp
+	andl	$-64,%esp
+	shll	$6,%eax
+	addl	%edi,%eax
+	movl	%esi,(%esp)
+	movl	%edi,4(%esp)
+	movl	%eax,8(%esp)
+	movl	%ebx,12(%esp)
+	jmp	L002loop
+.align	4,0x90
+L002loop:
+	movl	(%edi),%eax
+	movl	4(%edi),%ebx
+	movl	8(%edi),%ecx
+	bswap	%eax
+	movl	12(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	16(%edi),%eax
+	movl	20(%edi),%ebx
+	movl	24(%edi),%ecx
+	bswap	%eax
+	movl	28(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	32(%edi),%eax
+	movl	36(%edi),%ebx
+	movl	40(%edi),%ecx
+	bswap	%eax
+	movl	44(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	48(%edi),%eax
+	movl	52(%edi),%ebx
+	movl	56(%edi),%ecx
+	bswap	%eax
+	movl	60(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	addl	$64,%edi
+	leal	-36(%esp),%esp
+	movl	%edi,104(%esp)
+	movl	(%esi),%eax
+	movl	4(%esi),%ebx
+	movl	8(%esi),%ecx
+	movl	12(%esi),%edi
+	movl	%ebx,8(%esp)
+	xorl	%ecx,%ebx
+	movl	%ecx,12(%esp)
+	movl	%edi,16(%esp)
+	movl	%ebx,(%esp)
+	movl	16(%esi),%edx
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%edi
+	movl	%ebx,24(%esp)
+	movl	%ecx,28(%esp)
+	movl	%edi,32(%esp)
+.align	4,0x90
+L00300_15:
+	movl	%edx,%ecx
+	movl	24(%esp),%esi
+	rorl	$14,%ecx
+	movl	28(%esp),%edi
+	xorl	%edx,%ecx
+	xorl	%edi,%esi
+	movl	96(%esp),%ebx
+	rorl	$5,%ecx
+	andl	%edx,%esi
+	movl	%edx,20(%esp)
+	xorl	%ecx,%edx
+	addl	32(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%esi,%ebx
+	rorl	$9,%ecx
+	addl	%edx,%ebx
+	movl	8(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,4(%esp)
+	leal	-4(%esp),%esp
+	rorl	$11,%ecx
+	movl	(%ebp),%esi
+	xorl	%eax,%ecx
+	movl	20(%esp),%edx
+	xorl	%edi,%eax
+	rorl	$2,%ecx
+	addl	%esi,%ebx
+	movl	%eax,(%esp)
+	addl	%ebx,%edx
+	andl	4(%esp),%eax
+	addl	%ecx,%ebx
+	xorl	%edi,%eax
+	addl	$4,%ebp
+	addl	%ebx,%eax
+	cmpl	$3248222580,%esi
+	jne	L00300_15
+	movl	156(%esp),%ecx
+	jmp	L00416_63
+.align	4,0x90
+L00416_63:
+	movl	%ecx,%ebx
+	movl	104(%esp),%esi
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	160(%esp),%ebx
+	shrl	$10,%edi
+	addl	124(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	24(%esp),%esi
+	rorl	$14,%ecx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%edx,%ecx
+	xorl	%edi,%esi
+	movl	%ebx,96(%esp)
+	rorl	$5,%ecx
+	andl	%edx,%esi
+	movl	%edx,20(%esp)
+	xorl	%ecx,%edx
+	addl	32(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%esi,%ebx
+	rorl	$9,%ecx
+	addl	%edx,%ebx
+	movl	8(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,4(%esp)
+	leal	-4(%esp),%esp
+	rorl	$11,%ecx
+	movl	(%ebp),%esi
+	xorl	%eax,%ecx
+	movl	20(%esp),%edx
+	xorl	%edi,%eax
+	rorl	$2,%ecx
+	addl	%esi,%ebx
+	movl	%eax,(%esp)
+	addl	%ebx,%edx
+	andl	4(%esp),%eax
+	addl	%ecx,%ebx
+	xorl	%edi,%eax
+	movl	156(%esp),%ecx
+	addl	$4,%ebp
+	addl	%ebx,%eax
+	cmpl	$3329325298,%esi
+	jne	L00416_63
+	movl	356(%esp),%esi
+	movl	8(%esp),%ebx
+	movl	16(%esp),%ecx
+	addl	(%esi),%eax
+	addl	4(%esi),%ebx
+	addl	8(%esi),%edi
+	addl	12(%esi),%ecx
+	movl	%eax,(%esi)
+	movl	%ebx,4(%esi)
+	movl	%edi,8(%esi)
+	movl	%ecx,12(%esi)
+	movl	24(%esp),%eax
+	movl	28(%esp),%ebx
+	movl	32(%esp),%ecx
+	movl	360(%esp),%edi
+	addl	16(%esi),%edx
+	addl	20(%esi),%eax
+	addl	24(%esi),%ebx
+	addl	28(%esi),%ecx
+	movl	%edx,16(%esi)
+	movl	%eax,20(%esi)
+	movl	%ebx,24(%esi)
+	movl	%ecx,28(%esi)
+	leal	356(%esp),%esp
+	subl	$256,%ebp
+	cmpl	8(%esp),%edi
+	jb	L002loop
+	movl	12(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	5,0x90
+L005loop_shrd:
+	movl	(%edi),%eax
+	movl	4(%edi),%ebx
+	movl	8(%edi),%ecx
+	bswap	%eax
+	movl	12(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	16(%edi),%eax
+	movl	20(%edi),%ebx
+	movl	24(%edi),%ecx
+	bswap	%eax
+	movl	28(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	32(%edi),%eax
+	movl	36(%edi),%ebx
+	movl	40(%edi),%ecx
+	bswap	%eax
+	movl	44(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	movl	48(%edi),%eax
+	movl	52(%edi),%ebx
+	movl	56(%edi),%ecx
+	bswap	%eax
+	movl	60(%edi),%edx
+	bswap	%ebx
+	pushl	%eax
+	bswap	%ecx
+	pushl	%ebx
+	bswap	%edx
+	pushl	%ecx
+	pushl	%edx
+	addl	$64,%edi
+	leal	-36(%esp),%esp
+	movl	%edi,104(%esp)
+	movl	(%esi),%eax
+	movl	4(%esi),%ebx
+	movl	8(%esi),%ecx
+	movl	12(%esi),%edi
+	movl	%ebx,8(%esp)
+	xorl	%ecx,%ebx
+	movl	%ecx,12(%esp)
+	movl	%edi,16(%esp)
+	movl	%ebx,(%esp)
+	movl	16(%esi),%edx
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%edi
+	movl	%ebx,24(%esp)
+	movl	%ecx,28(%esp)
+	movl	%edi,32(%esp)
+.align	4,0x90
+L00600_15_shrd:
+	movl	%edx,%ecx
+	movl	24(%esp),%esi
+	shrdl	$14,%ecx,%ecx
+	movl	28(%esp),%edi
+	xorl	%edx,%ecx
+	xorl	%edi,%esi
+	movl	96(%esp),%ebx
+	shrdl	$5,%ecx,%ecx
+	andl	%edx,%esi
+	movl	%edx,20(%esp)
+	xorl	%ecx,%edx
+	addl	32(%esp),%ebx
+	xorl	%edi,%esi
+	shrdl	$6,%edx,%edx
+	movl	%eax,%ecx
+	addl	%esi,%ebx
+	shrdl	$9,%ecx,%ecx
+	addl	%edx,%ebx
+	movl	8(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,4(%esp)
+	leal	-4(%esp),%esp
+	shrdl	$11,%ecx,%ecx
+	movl	(%ebp),%esi
+	xorl	%eax,%ecx
+	movl	20(%esp),%edx
+	xorl	%edi,%eax
+	shrdl	$2,%ecx,%ecx
+	addl	%esi,%ebx
+	movl	%eax,(%esp)
+	addl	%ebx,%edx
+	andl	4(%esp),%eax
+	addl	%ecx,%ebx
+	xorl	%edi,%eax
+	addl	$4,%ebp
+	addl	%ebx,%eax
+	cmpl	$3248222580,%esi
+	jne	L00600_15_shrd
+	movl	156(%esp),%ecx
+	jmp	L00716_63_shrd
+.align	4,0x90
+L00716_63_shrd:
+	movl	%ecx,%ebx
+	movl	104(%esp),%esi
+	shrdl	$11,%ecx,%ecx
+	movl	%esi,%edi
+	shrdl	$2,%esi,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	shrdl	$7,%ecx,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	shrdl	$17,%esi,%esi
+	addl	160(%esp),%ebx
+	shrl	$10,%edi
+	addl	124(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	24(%esp),%esi
+	shrdl	$14,%ecx,%ecx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%edx,%ecx
+	xorl	%edi,%esi
+	movl	%ebx,96(%esp)
+	shrdl	$5,%ecx,%ecx
+	andl	%edx,%esi
+	movl	%edx,20(%esp)
+	xorl	%ecx,%edx
+	addl	32(%esp),%ebx
+	xorl	%edi,%esi
+	shrdl	$6,%edx,%edx
+	movl	%eax,%ecx
+	addl	%esi,%ebx
+	shrdl	$9,%ecx,%ecx
+	addl	%edx,%ebx
+	movl	8(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,4(%esp)
+	leal	-4(%esp),%esp
+	shrdl	$11,%ecx,%ecx
+	movl	(%ebp),%esi
+	xorl	%eax,%ecx
+	movl	20(%esp),%edx
+	xorl	%edi,%eax
+	shrdl	$2,%ecx,%ecx
+	addl	%esi,%ebx
+	movl	%eax,(%esp)
+	addl	%ebx,%edx
+	andl	4(%esp),%eax
+	addl	%ecx,%ebx
+	xorl	%edi,%eax
+	movl	156(%esp),%ecx
+	addl	$4,%ebp
+	addl	%ebx,%eax
+	cmpl	$3329325298,%esi
+	jne	L00716_63_shrd
+	movl	356(%esp),%esi
+	movl	8(%esp),%ebx
+	movl	16(%esp),%ecx
+	addl	(%esi),%eax
+	addl	4(%esi),%ebx
+	addl	8(%esi),%edi
+	addl	12(%esi),%ecx
+	movl	%eax,(%esi)
+	movl	%ebx,4(%esi)
+	movl	%edi,8(%esi)
+	movl	%ecx,12(%esi)
+	movl	24(%esp),%eax
+	movl	28(%esp),%ebx
+	movl	32(%esp),%ecx
+	movl	360(%esp),%edi
+	addl	16(%esi),%edx
+	addl	20(%esi),%eax
+	addl	24(%esi),%ebx
+	addl	28(%esi),%ecx
+	movl	%edx,16(%esi)
+	movl	%eax,20(%esi)
+	movl	%ebx,24(%esi)
+	movl	%ecx,28(%esi)
+	leal	356(%esp),%esp
+	subl	$256,%ebp
+	cmpl	8(%esp),%edi
+	jb	L005loop_shrd
+	movl	12(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	6,0x90
+L001K256:
+.long	1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298
+.long	66051,67438087,134810123,202182159
+.byte	83,72,65,50,53,54,32,98,108,111,99,107,32,116,114,97
+.byte	110,115,102,111,114,109,32,102,111,114,32,120,56,54,44,32
+.byte	67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97
+.byte	112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103
+.byte	62,0
+.align	4,0x90
+L008unrolled:
+	leal	-96(%esp),%esp
+	movl	(%esi),%eax
+	movl	4(%esi),%ebp
+	movl	8(%esi),%ecx
+	movl	12(%esi),%ebx
+	movl	%ebp,4(%esp)
+	xorl	%ecx,%ebp
+	movl	%ecx,8(%esp)
+	movl	%ebx,12(%esp)
+	movl	16(%esi),%edx
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%esi
+	movl	%ebx,20(%esp)
+	movl	%ecx,24(%esp)
+	movl	%esi,28(%esp)
+	jmp	L009grand_loop
+.align	4,0x90
+L009grand_loop:
+	movl	(%edi),%ebx
+	movl	4(%edi),%ecx
+	bswap	%ebx
+	movl	8(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,32(%esp)
+	bswap	%esi
+	movl	%ecx,36(%esp)
+	movl	%esi,40(%esp)
+	movl	12(%edi),%ebx
+	movl	16(%edi),%ecx
+	bswap	%ebx
+	movl	20(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,44(%esp)
+	bswap	%esi
+	movl	%ecx,48(%esp)
+	movl	%esi,52(%esp)
+	movl	24(%edi),%ebx
+	movl	28(%edi),%ecx
+	bswap	%ebx
+	movl	32(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,56(%esp)
+	bswap	%esi
+	movl	%ecx,60(%esp)
+	movl	%esi,64(%esp)
+	movl	36(%edi),%ebx
+	movl	40(%edi),%ecx
+	bswap	%ebx
+	movl	44(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,68(%esp)
+	bswap	%esi
+	movl	%ecx,72(%esp)
+	movl	%esi,76(%esp)
+	movl	48(%edi),%ebx
+	movl	52(%edi),%ecx
+	bswap	%ebx
+	movl	56(%edi),%esi
+	bswap	%ecx
+	movl	%ebx,80(%esp)
+	bswap	%esi
+	movl	%ecx,84(%esp)
+	movl	%esi,88(%esp)
+	movl	60(%edi),%ebx
+	addl	$64,%edi
+	bswap	%ebx
+	movl	%edi,100(%esp)
+	movl	%ebx,92(%esp)
+	movl	%edx,%ecx
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	32(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1116352408(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	36(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1899447441(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	40(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3049323471(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	44(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3921009573(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	48(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	961987163(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	52(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1508970993(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	56(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2453635748(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	60(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2870763221(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	64(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3624381080(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	68(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	310598401(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	72(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	607225278(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	76(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1426881987(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	80(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1925078388(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	84(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2162078206(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	%edx,%ecx
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	88(%esp),%ebx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2614888103(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	%edx,%esi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	92(%esp),%ebx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3248222580(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	36(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	88(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	32(%esp),%ebx
+	shrl	$10,%edi
+	addl	68(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,32(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3835390401(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	40(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	92(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	36(%esp),%ebx
+	shrl	$10,%edi
+	addl	72(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,36(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	4022224774(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	44(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	32(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	40(%esp),%ebx
+	shrl	$10,%edi
+	addl	76(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,40(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	264347078(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	48(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	36(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	44(%esp),%ebx
+	shrl	$10,%edi
+	addl	80(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,44(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	604807628(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	52(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	40(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	48(%esp),%ebx
+	shrl	$10,%edi
+	addl	84(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,48(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	770255983(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	56(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	44(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	52(%esp),%ebx
+	shrl	$10,%edi
+	addl	88(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,52(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1249150122(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	60(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	48(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	56(%esp),%ebx
+	shrl	$10,%edi
+	addl	92(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,56(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1555081692(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	64(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	52(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	60(%esp),%ebx
+	shrl	$10,%edi
+	addl	32(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,60(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1996064986(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	68(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	56(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	64(%esp),%ebx
+	shrl	$10,%edi
+	addl	36(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,64(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2554220882(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	72(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	60(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	68(%esp),%ebx
+	shrl	$10,%edi
+	addl	40(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,68(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2821834349(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	76(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	64(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	72(%esp),%ebx
+	shrl	$10,%edi
+	addl	44(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,72(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2952996808(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	80(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	68(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	76(%esp),%ebx
+	shrl	$10,%edi
+	addl	48(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,76(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3210313671(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	84(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	72(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	80(%esp),%ebx
+	shrl	$10,%edi
+	addl	52(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,80(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3336571891(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	88(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	76(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	84(%esp),%ebx
+	shrl	$10,%edi
+	addl	56(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,84(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3584528711(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	92(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	80(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	88(%esp),%ebx
+	shrl	$10,%edi
+	addl	60(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,88(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	113926993(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	32(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	84(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	92(%esp),%ebx
+	shrl	$10,%edi
+	addl	64(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,92(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	338241895(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	36(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	88(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	32(%esp),%ebx
+	shrl	$10,%edi
+	addl	68(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,32(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	666307205(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	40(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	92(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	36(%esp),%ebx
+	shrl	$10,%edi
+	addl	72(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,36(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	773529912(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	44(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	32(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	40(%esp),%ebx
+	shrl	$10,%edi
+	addl	76(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,40(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1294757372(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	48(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	36(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	44(%esp),%ebx
+	shrl	$10,%edi
+	addl	80(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,44(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1396182291(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	52(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	40(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	48(%esp),%ebx
+	shrl	$10,%edi
+	addl	84(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,48(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1695183700(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	56(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	44(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	52(%esp),%ebx
+	shrl	$10,%edi
+	addl	88(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,52(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1986661051(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	60(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	48(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	56(%esp),%ebx
+	shrl	$10,%edi
+	addl	92(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,56(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2177026350(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	64(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	52(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	60(%esp),%ebx
+	shrl	$10,%edi
+	addl	32(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,60(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2456956037(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	68(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	56(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	64(%esp),%ebx
+	shrl	$10,%edi
+	addl	36(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,64(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2730485921(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	72(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	60(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	68(%esp),%ebx
+	shrl	$10,%edi
+	addl	40(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,68(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2820302411(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	76(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	64(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	72(%esp),%ebx
+	shrl	$10,%edi
+	addl	44(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,72(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3259730800(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	80(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	68(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	76(%esp),%ebx
+	shrl	$10,%edi
+	addl	48(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,76(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3345764771(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	84(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	72(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	80(%esp),%ebx
+	shrl	$10,%edi
+	addl	52(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,80(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3516065817(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	88(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	76(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	84(%esp),%ebx
+	shrl	$10,%edi
+	addl	56(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,84(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3600352804(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	92(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	80(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	88(%esp),%ebx
+	shrl	$10,%edi
+	addl	60(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,88(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	4094571909(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	32(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	84(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	92(%esp),%ebx
+	shrl	$10,%edi
+	addl	64(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,92(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	275423344(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	36(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	88(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	32(%esp),%ebx
+	shrl	$10,%edi
+	addl	68(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,32(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	430227734(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	40(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	92(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	36(%esp),%ebx
+	shrl	$10,%edi
+	addl	72(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,36(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	506948616(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	44(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	32(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	40(%esp),%ebx
+	shrl	$10,%edi
+	addl	76(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,40(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	659060556(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	48(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	36(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	44(%esp),%ebx
+	shrl	$10,%edi
+	addl	80(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,44(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	883997877(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	52(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	40(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	48(%esp),%ebx
+	shrl	$10,%edi
+	addl	84(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,48(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	958139571(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	56(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	44(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	52(%esp),%ebx
+	shrl	$10,%edi
+	addl	88(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,52(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1322822218(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	60(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	48(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	56(%esp),%ebx
+	shrl	$10,%edi
+	addl	92(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,56(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1537002063(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	64(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	52(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	60(%esp),%ebx
+	shrl	$10,%edi
+	addl	32(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,60(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	1747873779(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	68(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	56(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	64(%esp),%ebx
+	shrl	$10,%edi
+	addl	36(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	20(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	24(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,64(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,16(%esp)
+	xorl	%ecx,%edx
+	addl	28(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	4(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	1955562222(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	72(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	12(%esp),%edx
+	addl	%ecx,%ebp
+	movl	60(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	68(%esp),%ebx
+	shrl	$10,%edi
+	addl	40(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	16(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	20(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,68(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,12(%esp)
+	xorl	%esi,%edx
+	addl	24(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,28(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2024104815(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	76(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	8(%esp),%edx
+	addl	%esi,%eax
+	movl	64(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	72(%esp),%ebx
+	shrl	$10,%edi
+	addl	44(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	12(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	16(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,72(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,8(%esp)
+	xorl	%ecx,%edx
+	addl	20(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	28(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,24(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2227730452(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	80(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	4(%esp),%edx
+	addl	%ecx,%ebp
+	movl	68(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	76(%esp),%ebx
+	shrl	$10,%edi
+	addl	48(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	8(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	12(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,76(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,4(%esp)
+	xorl	%esi,%edx
+	addl	16(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	24(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,20(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2361852424(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	84(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	(%esp),%edx
+	addl	%esi,%eax
+	movl	72(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	80(%esp),%ebx
+	shrl	$10,%edi
+	addl	52(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	4(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	8(%esp),%edi
+	xorl	%ecx,%edx
+	movl	%ebx,80(%esp)
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,(%esp)
+	xorl	%ecx,%edx
+	addl	12(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	20(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,16(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	2428436474(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	88(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	28(%esp),%edx
+	addl	%ecx,%ebp
+	movl	76(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	84(%esp),%ebx
+	shrl	$10,%edi
+	addl	56(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	4(%esp),%edi
+	xorl	%esi,%edx
+	movl	%ebx,84(%esp)
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,28(%esp)
+	xorl	%esi,%edx
+	addl	8(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	16(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,12(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	2756734187(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	movl	92(%esp),%ecx
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	24(%esp),%edx
+	addl	%esi,%eax
+	movl	80(%esp),%esi
+	movl	%ecx,%ebx
+	rorl	$11,%ecx
+	movl	%esi,%edi
+	rorl	$2,%esi
+	xorl	%ebx,%ecx
+	shrl	$3,%ebx
+	rorl	$7,%ecx
+	xorl	%edi,%esi
+	xorl	%ecx,%ebx
+	rorl	$17,%esi
+	addl	88(%esp),%ebx
+	shrl	$10,%edi
+	addl	60(%esp),%ebx
+	movl	%edx,%ecx
+	xorl	%esi,%edi
+	movl	28(%esp),%esi
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	(%esp),%edi
+	xorl	%ecx,%edx
+	xorl	%edi,%esi
+	rorl	$5,%edx
+	andl	%ecx,%esi
+	movl	%ecx,24(%esp)
+	xorl	%ecx,%edx
+	addl	4(%esp),%ebx
+	xorl	%esi,%edi
+	rorl	$6,%edx
+	movl	%eax,%ecx
+	addl	%edi,%ebx
+	rorl	$9,%ecx
+	movl	%eax,%esi
+	movl	12(%esp),%edi
+	xorl	%eax,%ecx
+	movl	%eax,8(%esp)
+	xorl	%edi,%eax
+	rorl	$11,%ecx
+	andl	%eax,%ebp
+	leal	3204031479(%ebx,%edx,1),%edx
+	xorl	%esi,%ecx
+	xorl	%edi,%ebp
+	movl	32(%esp),%esi
+	rorl	$2,%ecx
+	addl	%edx,%ebp
+	addl	20(%esp),%edx
+	addl	%ecx,%ebp
+	movl	84(%esp),%ecx
+	movl	%esi,%ebx
+	rorl	$11,%esi
+	movl	%ecx,%edi
+	rorl	$2,%ecx
+	xorl	%ebx,%esi
+	shrl	$3,%ebx
+	rorl	$7,%esi
+	xorl	%edi,%ecx
+	xorl	%esi,%ebx
+	rorl	$17,%ecx
+	addl	92(%esp),%ebx
+	shrl	$10,%edi
+	addl	64(%esp),%ebx
+	movl	%edx,%esi
+	xorl	%ecx,%edi
+	movl	24(%esp),%ecx
+	rorl	$14,%edx
+	addl	%edi,%ebx
+	movl	28(%esp),%edi
+	xorl	%esi,%edx
+	xorl	%edi,%ecx
+	rorl	$5,%edx
+	andl	%esi,%ecx
+	movl	%esi,20(%esp)
+	xorl	%esi,%edx
+	addl	(%esp),%ebx
+	xorl	%ecx,%edi
+	rorl	$6,%edx
+	movl	%ebp,%esi
+	addl	%edi,%ebx
+	rorl	$9,%esi
+	movl	%ebp,%ecx
+	movl	8(%esp),%edi
+	xorl	%ebp,%esi
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	rorl	$11,%esi
+	andl	%ebp,%eax
+	leal	3329325298(%ebx,%edx,1),%edx
+	xorl	%ecx,%esi
+	xorl	%edi,%eax
+	rorl	$2,%esi
+	addl	%edx,%eax
+	addl	16(%esp),%edx
+	addl	%esi,%eax
+	movl	96(%esp),%esi
+	xorl	%edi,%ebp
+	movl	12(%esp),%ecx
+	addl	(%esi),%eax
+	addl	4(%esi),%ebp
+	addl	8(%esi),%edi
+	addl	12(%esi),%ecx
+	movl	%eax,(%esi)
+	movl	%ebp,4(%esi)
+	movl	%edi,8(%esi)
+	movl	%ecx,12(%esi)
+	movl	%ebp,4(%esp)
+	xorl	%edi,%ebp
+	movl	%edi,8(%esp)
+	movl	%ecx,12(%esp)
+	movl	20(%esp),%edi
+	movl	24(%esp),%ebx
+	movl	28(%esp),%ecx
+	addl	16(%esi),%edx
+	addl	20(%esi),%edi
+	addl	24(%esi),%ebx
+	addl	28(%esi),%ecx
+	movl	%edx,16(%esi)
+	movl	%edi,20(%esi)
+	movl	%ebx,24(%esi)
+	movl	%ecx,28(%esi)
+	movl	%edi,20(%esp)
+	movl	100(%esp),%edi
+	movl	%ebx,24(%esp)
+	movl	%ecx,28(%esp)
+	cmpl	104(%esp),%edi
+	jb	L009grand_loop
+	movl	108(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+
diff --git a/lib/accelerated/x86/macosx/sha256-ssse3-x86_64.s b/lib/accelerated/x86/macosx/sha256-ssse3-x86_64.s
new file mode 100644
index 0000000..1312ef4
--- /dev/null
+++ b/lib/accelerated/x86/macosx/sha256-ssse3-x86_64.s
@@ -0,0 +1,5496 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+.globl	_sha256_block_data_order
+
+.p2align	4
+_sha256_block_data_order:
+
+	leaq	_GNUTLS_x86_cpuid_s(%rip),%r11
+	movl	0(%r11),%r9d
+	movl	4(%r11),%r10d
+	movl	8(%r11),%r11d
+	testl	$536870912,%r11d
+	jnz	_shaext_shortcut
+	andl	$296,%r11d
+	cmpl	$296,%r11d
+	je	L$avx2_shortcut
+	andl	$1073741824,%r9d
+	andl	$268435968,%r10d
+	orl	%r9d,%r10d
+	cmpl	$1342177792,%r10d
+	je	L$avx_shortcut
+	testl	$512,%r10d
+	jnz	L$ssse3_shortcut
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	shlq	$4,%rdx
+	subq	$64+32,%rsp
+	leaq	(%rsi,%rdx,4),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,64+0(%rsp)
+	movq	%rsi,64+8(%rsp)
+	movq	%rdx,64+16(%rsp)
+	movq	%rax,88(%rsp)
+
+L$prologue:
+
+	movl	0(%rdi),%eax
+	movl	4(%rdi),%ebx
+	movl	8(%rdi),%ecx
+	movl	12(%rdi),%edx
+	movl	16(%rdi),%r8d
+	movl	20(%rdi),%r9d
+	movl	24(%rdi),%r10d
+	movl	28(%rdi),%r11d
+	jmp	L$loop
+
+.p2align	4
+L$loop:
+	movl	%ebx,%edi
+	leaq	K256(%rip),%rbp
+	xorl	%ecx,%edi
+	movl	0(%rsi),%r12d
+	movl	%r8d,%r13d
+	movl	%eax,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r9d,%r15d
+
+	xorl	%r8d,%r13d
+	rorl	$9,%r14d
+	xorl	%r10d,%r15d
+
+	movl	%r12d,0(%rsp)
+	xorl	%eax,%r14d
+	andl	%r8d,%r15d
+
+	rorl	$5,%r13d
+	addl	%r11d,%r12d
+	xorl	%r10d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r8d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%eax,%r15d
+	addl	(%rbp),%r12d
+	xorl	%eax,%r14d
+
+	xorl	%ebx,%r15d
+	rorl	$6,%r13d
+	movl	%ebx,%r11d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r11d
+	addl	%r12d,%edx
+	addl	%r12d,%r11d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r11d
+	movl	4(%rsi),%r12d
+	movl	%edx,%r13d
+	movl	%r11d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r8d,%edi
+
+	xorl	%edx,%r13d
+	rorl	$9,%r14d
+	xorl	%r9d,%edi
+
+	movl	%r12d,4(%rsp)
+	xorl	%r11d,%r14d
+	andl	%edx,%edi
+
+	rorl	$5,%r13d
+	addl	%r10d,%r12d
+	xorl	%r9d,%edi
+
+	rorl	$11,%r14d
+	xorl	%edx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r11d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r11d,%r14d
+
+	xorl	%eax,%edi
+	rorl	$6,%r13d
+	movl	%eax,%r10d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r10d
+	addl	%r12d,%ecx
+	addl	%r12d,%r10d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r10d
+	movl	8(%rsi),%r12d
+	movl	%ecx,%r13d
+	movl	%r10d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%edx,%r15d
+
+	xorl	%ecx,%r13d
+	rorl	$9,%r14d
+	xorl	%r8d,%r15d
+
+	movl	%r12d,8(%rsp)
+	xorl	%r10d,%r14d
+	andl	%ecx,%r15d
+
+	rorl	$5,%r13d
+	addl	%r9d,%r12d
+	xorl	%r8d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%ecx,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r10d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r10d,%r14d
+
+	xorl	%r11d,%r15d
+	rorl	$6,%r13d
+	movl	%r11d,%r9d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r9d
+	addl	%r12d,%ebx
+	addl	%r12d,%r9d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r9d
+	movl	12(%rsi),%r12d
+	movl	%ebx,%r13d
+	movl	%r9d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%ecx,%edi
+
+	xorl	%ebx,%r13d
+	rorl	$9,%r14d
+	xorl	%edx,%edi
+
+	movl	%r12d,12(%rsp)
+	xorl	%r9d,%r14d
+	andl	%ebx,%edi
+
+	rorl	$5,%r13d
+	addl	%r8d,%r12d
+	xorl	%edx,%edi
+
+	rorl	$11,%r14d
+	xorl	%ebx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r9d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r9d,%r14d
+
+	xorl	%r10d,%edi
+	rorl	$6,%r13d
+	movl	%r10d,%r8d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r8d
+	addl	%r12d,%eax
+	addl	%r12d,%r8d
+
+	leaq	20(%rbp),%rbp
+	addl	%r14d,%r8d
+	movl	16(%rsi),%r12d
+	movl	%eax,%r13d
+	movl	%r8d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%ebx,%r15d
+
+	xorl	%eax,%r13d
+	rorl	$9,%r14d
+	xorl	%ecx,%r15d
+
+	movl	%r12d,16(%rsp)
+	xorl	%r8d,%r14d
+	andl	%eax,%r15d
+
+	rorl	$5,%r13d
+	addl	%edx,%r12d
+	xorl	%ecx,%r15d
+
+	rorl	$11,%r14d
+	xorl	%eax,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r8d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r8d,%r14d
+
+	xorl	%r9d,%r15d
+	rorl	$6,%r13d
+	movl	%r9d,%edx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%edx
+	addl	%r12d,%r11d
+	addl	%r12d,%edx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%edx
+	movl	20(%rsi),%r12d
+	movl	%r11d,%r13d
+	movl	%edx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%eax,%edi
+
+	xorl	%r11d,%r13d
+	rorl	$9,%r14d
+	xorl	%ebx,%edi
+
+	movl	%r12d,20(%rsp)
+	xorl	%edx,%r14d
+	andl	%r11d,%edi
+
+	rorl	$5,%r13d
+	addl	%ecx,%r12d
+	xorl	%ebx,%edi
+
+	rorl	$11,%r14d
+	xorl	%r11d,%r13d
+	addl	%edi,%r12d
+
+	movl	%edx,%edi
+	addl	(%rbp),%r12d
+	xorl	%edx,%r14d
+
+	xorl	%r8d,%edi
+	rorl	$6,%r13d
+	movl	%r8d,%ecx
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%ecx
+	addl	%r12d,%r10d
+	addl	%r12d,%ecx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%ecx
+	movl	24(%rsi),%r12d
+	movl	%r10d,%r13d
+	movl	%ecx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r11d,%r15d
+
+	xorl	%r10d,%r13d
+	rorl	$9,%r14d
+	xorl	%eax,%r15d
+
+	movl	%r12d,24(%rsp)
+	xorl	%ecx,%r14d
+	andl	%r10d,%r15d
+
+	rorl	$5,%r13d
+	addl	%ebx,%r12d
+	xorl	%eax,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r10d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%ecx,%r15d
+	addl	(%rbp),%r12d
+	xorl	%ecx,%r14d
+
+	xorl	%edx,%r15d
+	rorl	$6,%r13d
+	movl	%edx,%ebx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%ebx
+	addl	%r12d,%r9d
+	addl	%r12d,%ebx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%ebx
+	movl	28(%rsi),%r12d
+	movl	%r9d,%r13d
+	movl	%ebx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r10d,%edi
+
+	xorl	%r9d,%r13d
+	rorl	$9,%r14d
+	xorl	%r11d,%edi
+
+	movl	%r12d,28(%rsp)
+	xorl	%ebx,%r14d
+	andl	%r9d,%edi
+
+	rorl	$5,%r13d
+	addl	%eax,%r12d
+	xorl	%r11d,%edi
+
+	rorl	$11,%r14d
+	xorl	%r9d,%r13d
+	addl	%edi,%r12d
+
+	movl	%ebx,%edi
+	addl	(%rbp),%r12d
+	xorl	%ebx,%r14d
+
+	xorl	%ecx,%edi
+	rorl	$6,%r13d
+	movl	%ecx,%eax
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%eax
+	addl	%r12d,%r8d
+	addl	%r12d,%eax
+
+	leaq	20(%rbp),%rbp
+	addl	%r14d,%eax
+	movl	32(%rsi),%r12d
+	movl	%r8d,%r13d
+	movl	%eax,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r9d,%r15d
+
+	xorl	%r8d,%r13d
+	rorl	$9,%r14d
+	xorl	%r10d,%r15d
+
+	movl	%r12d,32(%rsp)
+	xorl	%eax,%r14d
+	andl	%r8d,%r15d
+
+	rorl	$5,%r13d
+	addl	%r11d,%r12d
+	xorl	%r10d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r8d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%eax,%r15d
+	addl	(%rbp),%r12d
+	xorl	%eax,%r14d
+
+	xorl	%ebx,%r15d
+	rorl	$6,%r13d
+	movl	%ebx,%r11d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r11d
+	addl	%r12d,%edx
+	addl	%r12d,%r11d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r11d
+	movl	36(%rsi),%r12d
+	movl	%edx,%r13d
+	movl	%r11d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r8d,%edi
+
+	xorl	%edx,%r13d
+	rorl	$9,%r14d
+	xorl	%r9d,%edi
+
+	movl	%r12d,36(%rsp)
+	xorl	%r11d,%r14d
+	andl	%edx,%edi
+
+	rorl	$5,%r13d
+	addl	%r10d,%r12d
+	xorl	%r9d,%edi
+
+	rorl	$11,%r14d
+	xorl	%edx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r11d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r11d,%r14d
+
+	xorl	%eax,%edi
+	rorl	$6,%r13d
+	movl	%eax,%r10d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r10d
+	addl	%r12d,%ecx
+	addl	%r12d,%r10d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r10d
+	movl	40(%rsi),%r12d
+	movl	%ecx,%r13d
+	movl	%r10d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%edx,%r15d
+
+	xorl	%ecx,%r13d
+	rorl	$9,%r14d
+	xorl	%r8d,%r15d
+
+	movl	%r12d,40(%rsp)
+	xorl	%r10d,%r14d
+	andl	%ecx,%r15d
+
+	rorl	$5,%r13d
+	addl	%r9d,%r12d
+	xorl	%r8d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%ecx,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r10d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r10d,%r14d
+
+	xorl	%r11d,%r15d
+	rorl	$6,%r13d
+	movl	%r11d,%r9d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r9d
+	addl	%r12d,%ebx
+	addl	%r12d,%r9d
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%r9d
+	movl	44(%rsi),%r12d
+	movl	%ebx,%r13d
+	movl	%r9d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%ecx,%edi
+
+	xorl	%ebx,%r13d
+	rorl	$9,%r14d
+	xorl	%edx,%edi
+
+	movl	%r12d,44(%rsp)
+	xorl	%r9d,%r14d
+	andl	%ebx,%edi
+
+	rorl	$5,%r13d
+	addl	%r8d,%r12d
+	xorl	%edx,%edi
+
+	rorl	$11,%r14d
+	xorl	%ebx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r9d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r9d,%r14d
+
+	xorl	%r10d,%edi
+	rorl	$6,%r13d
+	movl	%r10d,%r8d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r8d
+	addl	%r12d,%eax
+	addl	%r12d,%r8d
+
+	leaq	20(%rbp),%rbp
+	addl	%r14d,%r8d
+	movl	48(%rsi),%r12d
+	movl	%eax,%r13d
+	movl	%r8d,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%ebx,%r15d
+
+	xorl	%eax,%r13d
+	rorl	$9,%r14d
+	xorl	%ecx,%r15d
+
+	movl	%r12d,48(%rsp)
+	xorl	%r8d,%r14d
+	andl	%eax,%r15d
+
+	rorl	$5,%r13d
+	addl	%edx,%r12d
+	xorl	%ecx,%r15d
+
+	rorl	$11,%r14d
+	xorl	%eax,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r8d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r8d,%r14d
+
+	xorl	%r9d,%r15d
+	rorl	$6,%r13d
+	movl	%r9d,%edx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%edx
+	addl	%r12d,%r11d
+	addl	%r12d,%edx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%edx
+	movl	52(%rsi),%r12d
+	movl	%r11d,%r13d
+	movl	%edx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%eax,%edi
+
+	xorl	%r11d,%r13d
+	rorl	$9,%r14d
+	xorl	%ebx,%edi
+
+	movl	%r12d,52(%rsp)
+	xorl	%edx,%r14d
+	andl	%r11d,%edi
+
+	rorl	$5,%r13d
+	addl	%ecx,%r12d
+	xorl	%ebx,%edi
+
+	rorl	$11,%r14d
+	xorl	%r11d,%r13d
+	addl	%edi,%r12d
+
+	movl	%edx,%edi
+	addl	(%rbp),%r12d
+	xorl	%edx,%r14d
+
+	xorl	%r8d,%edi
+	rorl	$6,%r13d
+	movl	%r8d,%ecx
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%ecx
+	addl	%r12d,%r10d
+	addl	%r12d,%ecx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%ecx
+	movl	56(%rsi),%r12d
+	movl	%r10d,%r13d
+	movl	%ecx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r11d,%r15d
+
+	xorl	%r10d,%r13d
+	rorl	$9,%r14d
+	xorl	%eax,%r15d
+
+	movl	%r12d,56(%rsp)
+	xorl	%ecx,%r14d
+	andl	%r10d,%r15d
+
+	rorl	$5,%r13d
+	addl	%ebx,%r12d
+	xorl	%eax,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r10d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%ecx,%r15d
+	addl	(%rbp),%r12d
+	xorl	%ecx,%r14d
+
+	xorl	%edx,%r15d
+	rorl	$6,%r13d
+	movl	%edx,%ebx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%ebx
+	addl	%r12d,%r9d
+	addl	%r12d,%ebx
+
+	leaq	4(%rbp),%rbp
+	addl	%r14d,%ebx
+	movl	60(%rsi),%r12d
+	movl	%r9d,%r13d
+	movl	%ebx,%r14d
+	bswapl	%r12d
+	rorl	$14,%r13d
+	movl	%r10d,%edi
+
+	xorl	%r9d,%r13d
+	rorl	$9,%r14d
+	xorl	%r11d,%edi
+
+	movl	%r12d,60(%rsp)
+	xorl	%ebx,%r14d
+	andl	%r9d,%edi
+
+	rorl	$5,%r13d
+	addl	%eax,%r12d
+	xorl	%r11d,%edi
+
+	rorl	$11,%r14d
+	xorl	%r9d,%r13d
+	addl	%edi,%r12d
+
+	movl	%ebx,%edi
+	addl	(%rbp),%r12d
+	xorl	%ebx,%r14d
+
+	xorl	%ecx,%edi
+	rorl	$6,%r13d
+	movl	%ecx,%eax
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%eax
+	addl	%r12d,%r8d
+	addl	%r12d,%eax
+
+	leaq	20(%rbp),%rbp
+	jmp	L$rounds_16_xx
+.p2align	4
+L$rounds_16_xx:
+	movl	4(%rsp),%r13d
+	movl	56(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%eax
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	36(%rsp),%r12d
+
+	addl	0(%rsp),%r12d
+	movl	%r8d,%r13d
+	addl	%r15d,%r12d
+	movl	%eax,%r14d
+	rorl	$14,%r13d
+	movl	%r9d,%r15d
+
+	xorl	%r8d,%r13d
+	rorl	$9,%r14d
+	xorl	%r10d,%r15d
+
+	movl	%r12d,0(%rsp)
+	xorl	%eax,%r14d
+	andl	%r8d,%r15d
+
+	rorl	$5,%r13d
+	addl	%r11d,%r12d
+	xorl	%r10d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r8d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%eax,%r15d
+	addl	(%rbp),%r12d
+	xorl	%eax,%r14d
+
+	xorl	%ebx,%r15d
+	rorl	$6,%r13d
+	movl	%ebx,%r11d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r11d
+	addl	%r12d,%edx
+	addl	%r12d,%r11d
+
+	leaq	4(%rbp),%rbp
+	movl	8(%rsp),%r13d
+	movl	60(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r11d
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	40(%rsp),%r12d
+
+	addl	4(%rsp),%r12d
+	movl	%edx,%r13d
+	addl	%edi,%r12d
+	movl	%r11d,%r14d
+	rorl	$14,%r13d
+	movl	%r8d,%edi
+
+	xorl	%edx,%r13d
+	rorl	$9,%r14d
+	xorl	%r9d,%edi
+
+	movl	%r12d,4(%rsp)
+	xorl	%r11d,%r14d
+	andl	%edx,%edi
+
+	rorl	$5,%r13d
+	addl	%r10d,%r12d
+	xorl	%r9d,%edi
+
+	rorl	$11,%r14d
+	xorl	%edx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r11d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r11d,%r14d
+
+	xorl	%eax,%edi
+	rorl	$6,%r13d
+	movl	%eax,%r10d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r10d
+	addl	%r12d,%ecx
+	addl	%r12d,%r10d
+
+	leaq	4(%rbp),%rbp
+	movl	12(%rsp),%r13d
+	movl	0(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r10d
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	44(%rsp),%r12d
+
+	addl	8(%rsp),%r12d
+	movl	%ecx,%r13d
+	addl	%r15d,%r12d
+	movl	%r10d,%r14d
+	rorl	$14,%r13d
+	movl	%edx,%r15d
+
+	xorl	%ecx,%r13d
+	rorl	$9,%r14d
+	xorl	%r8d,%r15d
+
+	movl	%r12d,8(%rsp)
+	xorl	%r10d,%r14d
+	andl	%ecx,%r15d
+
+	rorl	$5,%r13d
+	addl	%r9d,%r12d
+	xorl	%r8d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%ecx,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r10d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r10d,%r14d
+
+	xorl	%r11d,%r15d
+	rorl	$6,%r13d
+	movl	%r11d,%r9d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r9d
+	addl	%r12d,%ebx
+	addl	%r12d,%r9d
+
+	leaq	4(%rbp),%rbp
+	movl	16(%rsp),%r13d
+	movl	4(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r9d
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	48(%rsp),%r12d
+
+	addl	12(%rsp),%r12d
+	movl	%ebx,%r13d
+	addl	%edi,%r12d
+	movl	%r9d,%r14d
+	rorl	$14,%r13d
+	movl	%ecx,%edi
+
+	xorl	%ebx,%r13d
+	rorl	$9,%r14d
+	xorl	%edx,%edi
+
+	movl	%r12d,12(%rsp)
+	xorl	%r9d,%r14d
+	andl	%ebx,%edi
+
+	rorl	$5,%r13d
+	addl	%r8d,%r12d
+	xorl	%edx,%edi
+
+	rorl	$11,%r14d
+	xorl	%ebx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r9d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r9d,%r14d
+
+	xorl	%r10d,%edi
+	rorl	$6,%r13d
+	movl	%r10d,%r8d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r8d
+	addl	%r12d,%eax
+	addl	%r12d,%r8d
+
+	leaq	20(%rbp),%rbp
+	movl	20(%rsp),%r13d
+	movl	8(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r8d
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	52(%rsp),%r12d
+
+	addl	16(%rsp),%r12d
+	movl	%eax,%r13d
+	addl	%r15d,%r12d
+	movl	%r8d,%r14d
+	rorl	$14,%r13d
+	movl	%ebx,%r15d
+
+	xorl	%eax,%r13d
+	rorl	$9,%r14d
+	xorl	%ecx,%r15d
+
+	movl	%r12d,16(%rsp)
+	xorl	%r8d,%r14d
+	andl	%eax,%r15d
+
+	rorl	$5,%r13d
+	addl	%edx,%r12d
+	xorl	%ecx,%r15d
+
+	rorl	$11,%r14d
+	xorl	%eax,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r8d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r8d,%r14d
+
+	xorl	%r9d,%r15d
+	rorl	$6,%r13d
+	movl	%r9d,%edx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%edx
+	addl	%r12d,%r11d
+	addl	%r12d,%edx
+
+	leaq	4(%rbp),%rbp
+	movl	24(%rsp),%r13d
+	movl	12(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%edx
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	56(%rsp),%r12d
+
+	addl	20(%rsp),%r12d
+	movl	%r11d,%r13d
+	addl	%edi,%r12d
+	movl	%edx,%r14d
+	rorl	$14,%r13d
+	movl	%eax,%edi
+
+	xorl	%r11d,%r13d
+	rorl	$9,%r14d
+	xorl	%ebx,%edi
+
+	movl	%r12d,20(%rsp)
+	xorl	%edx,%r14d
+	andl	%r11d,%edi
+
+	rorl	$5,%r13d
+	addl	%ecx,%r12d
+	xorl	%ebx,%edi
+
+	rorl	$11,%r14d
+	xorl	%r11d,%r13d
+	addl	%edi,%r12d
+
+	movl	%edx,%edi
+	addl	(%rbp),%r12d
+	xorl	%edx,%r14d
+
+	xorl	%r8d,%edi
+	rorl	$6,%r13d
+	movl	%r8d,%ecx
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%ecx
+	addl	%r12d,%r10d
+	addl	%r12d,%ecx
+
+	leaq	4(%rbp),%rbp
+	movl	28(%rsp),%r13d
+	movl	16(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%ecx
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	60(%rsp),%r12d
+
+	addl	24(%rsp),%r12d
+	movl	%r10d,%r13d
+	addl	%r15d,%r12d
+	movl	%ecx,%r14d
+	rorl	$14,%r13d
+	movl	%r11d,%r15d
+
+	xorl	%r10d,%r13d
+	rorl	$9,%r14d
+	xorl	%eax,%r15d
+
+	movl	%r12d,24(%rsp)
+	xorl	%ecx,%r14d
+	andl	%r10d,%r15d
+
+	rorl	$5,%r13d
+	addl	%ebx,%r12d
+	xorl	%eax,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r10d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%ecx,%r15d
+	addl	(%rbp),%r12d
+	xorl	%ecx,%r14d
+
+	xorl	%edx,%r15d
+	rorl	$6,%r13d
+	movl	%edx,%ebx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%ebx
+	addl	%r12d,%r9d
+	addl	%r12d,%ebx
+
+	leaq	4(%rbp),%rbp
+	movl	32(%rsp),%r13d
+	movl	20(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%ebx
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	0(%rsp),%r12d
+
+	addl	28(%rsp),%r12d
+	movl	%r9d,%r13d
+	addl	%edi,%r12d
+	movl	%ebx,%r14d
+	rorl	$14,%r13d
+	movl	%r10d,%edi
+
+	xorl	%r9d,%r13d
+	rorl	$9,%r14d
+	xorl	%r11d,%edi
+
+	movl	%r12d,28(%rsp)
+	xorl	%ebx,%r14d
+	andl	%r9d,%edi
+
+	rorl	$5,%r13d
+	addl	%eax,%r12d
+	xorl	%r11d,%edi
+
+	rorl	$11,%r14d
+	xorl	%r9d,%r13d
+	addl	%edi,%r12d
+
+	movl	%ebx,%edi
+	addl	(%rbp),%r12d
+	xorl	%ebx,%r14d
+
+	xorl	%ecx,%edi
+	rorl	$6,%r13d
+	movl	%ecx,%eax
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%eax
+	addl	%r12d,%r8d
+	addl	%r12d,%eax
+
+	leaq	20(%rbp),%rbp
+	movl	36(%rsp),%r13d
+	movl	24(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%eax
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	4(%rsp),%r12d
+
+	addl	32(%rsp),%r12d
+	movl	%r8d,%r13d
+	addl	%r15d,%r12d
+	movl	%eax,%r14d
+	rorl	$14,%r13d
+	movl	%r9d,%r15d
+
+	xorl	%r8d,%r13d
+	rorl	$9,%r14d
+	xorl	%r10d,%r15d
+
+	movl	%r12d,32(%rsp)
+	xorl	%eax,%r14d
+	andl	%r8d,%r15d
+
+	rorl	$5,%r13d
+	addl	%r11d,%r12d
+	xorl	%r10d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r8d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%eax,%r15d
+	addl	(%rbp),%r12d
+	xorl	%eax,%r14d
+
+	xorl	%ebx,%r15d
+	rorl	$6,%r13d
+	movl	%ebx,%r11d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r11d
+	addl	%r12d,%edx
+	addl	%r12d,%r11d
+
+	leaq	4(%rbp),%rbp
+	movl	40(%rsp),%r13d
+	movl	28(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r11d
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	8(%rsp),%r12d
+
+	addl	36(%rsp),%r12d
+	movl	%edx,%r13d
+	addl	%edi,%r12d
+	movl	%r11d,%r14d
+	rorl	$14,%r13d
+	movl	%r8d,%edi
+
+	xorl	%edx,%r13d
+	rorl	$9,%r14d
+	xorl	%r9d,%edi
+
+	movl	%r12d,36(%rsp)
+	xorl	%r11d,%r14d
+	andl	%edx,%edi
+
+	rorl	$5,%r13d
+	addl	%r10d,%r12d
+	xorl	%r9d,%edi
+
+	rorl	$11,%r14d
+	xorl	%edx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r11d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r11d,%r14d
+
+	xorl	%eax,%edi
+	rorl	$6,%r13d
+	movl	%eax,%r10d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r10d
+	addl	%r12d,%ecx
+	addl	%r12d,%r10d
+
+	leaq	4(%rbp),%rbp
+	movl	44(%rsp),%r13d
+	movl	32(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r10d
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	12(%rsp),%r12d
+
+	addl	40(%rsp),%r12d
+	movl	%ecx,%r13d
+	addl	%r15d,%r12d
+	movl	%r10d,%r14d
+	rorl	$14,%r13d
+	movl	%edx,%r15d
+
+	xorl	%ecx,%r13d
+	rorl	$9,%r14d
+	xorl	%r8d,%r15d
+
+	movl	%r12d,40(%rsp)
+	xorl	%r10d,%r14d
+	andl	%ecx,%r15d
+
+	rorl	$5,%r13d
+	addl	%r9d,%r12d
+	xorl	%r8d,%r15d
+
+	rorl	$11,%r14d
+	xorl	%ecx,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r10d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r10d,%r14d
+
+	xorl	%r11d,%r15d
+	rorl	$6,%r13d
+	movl	%r11d,%r9d
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%r9d
+	addl	%r12d,%ebx
+	addl	%r12d,%r9d
+
+	leaq	4(%rbp),%rbp
+	movl	48(%rsp),%r13d
+	movl	36(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r9d
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	16(%rsp),%r12d
+
+	addl	44(%rsp),%r12d
+	movl	%ebx,%r13d
+	addl	%edi,%r12d
+	movl	%r9d,%r14d
+	rorl	$14,%r13d
+	movl	%ecx,%edi
+
+	xorl	%ebx,%r13d
+	rorl	$9,%r14d
+	xorl	%edx,%edi
+
+	movl	%r12d,44(%rsp)
+	xorl	%r9d,%r14d
+	andl	%ebx,%edi
+
+	rorl	$5,%r13d
+	addl	%r8d,%r12d
+	xorl	%edx,%edi
+
+	rorl	$11,%r14d
+	xorl	%ebx,%r13d
+	addl	%edi,%r12d
+
+	movl	%r9d,%edi
+	addl	(%rbp),%r12d
+	xorl	%r9d,%r14d
+
+	xorl	%r10d,%edi
+	rorl	$6,%r13d
+	movl	%r10d,%r8d
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%r8d
+	addl	%r12d,%eax
+	addl	%r12d,%r8d
+
+	leaq	20(%rbp),%rbp
+	movl	52(%rsp),%r13d
+	movl	40(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%r8d
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	20(%rsp),%r12d
+
+	addl	48(%rsp),%r12d
+	movl	%eax,%r13d
+	addl	%r15d,%r12d
+	movl	%r8d,%r14d
+	rorl	$14,%r13d
+	movl	%ebx,%r15d
+
+	xorl	%eax,%r13d
+	rorl	$9,%r14d
+	xorl	%ecx,%r15d
+
+	movl	%r12d,48(%rsp)
+	xorl	%r8d,%r14d
+	andl	%eax,%r15d
+
+	rorl	$5,%r13d
+	addl	%edx,%r12d
+	xorl	%ecx,%r15d
+
+	rorl	$11,%r14d
+	xorl	%eax,%r13d
+	addl	%r15d,%r12d
+
+	movl	%r8d,%r15d
+	addl	(%rbp),%r12d
+	xorl	%r8d,%r14d
+
+	xorl	%r9d,%r15d
+	rorl	$6,%r13d
+	movl	%r9d,%edx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%edx
+	addl	%r12d,%r11d
+	addl	%r12d,%edx
+
+	leaq	4(%rbp),%rbp
+	movl	56(%rsp),%r13d
+	movl	44(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%edx
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	24(%rsp),%r12d
+
+	addl	52(%rsp),%r12d
+	movl	%r11d,%r13d
+	addl	%edi,%r12d
+	movl	%edx,%r14d
+	rorl	$14,%r13d
+	movl	%eax,%edi
+
+	xorl	%r11d,%r13d
+	rorl	$9,%r14d
+	xorl	%ebx,%edi
+
+	movl	%r12d,52(%rsp)
+	xorl	%edx,%r14d
+	andl	%r11d,%edi
+
+	rorl	$5,%r13d
+	addl	%ecx,%r12d
+	xorl	%ebx,%edi
+
+	rorl	$11,%r14d
+	xorl	%r11d,%r13d
+	addl	%edi,%r12d
+
+	movl	%edx,%edi
+	addl	(%rbp),%r12d
+	xorl	%edx,%r14d
+
+	xorl	%r8d,%edi
+	rorl	$6,%r13d
+	movl	%r8d,%ecx
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%ecx
+	addl	%r12d,%r10d
+	addl	%r12d,%ecx
+
+	leaq	4(%rbp),%rbp
+	movl	60(%rsp),%r13d
+	movl	48(%rsp),%r15d
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%ecx
+	movl	%r15d,%r14d
+	rorl	$2,%r15d
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%r15d
+	shrl	$10,%r14d
+
+	rorl	$17,%r15d
+	xorl	%r13d,%r12d
+	xorl	%r14d,%r15d
+	addl	28(%rsp),%r12d
+
+	addl	56(%rsp),%r12d
+	movl	%r10d,%r13d
+	addl	%r15d,%r12d
+	movl	%ecx,%r14d
+	rorl	$14,%r13d
+	movl	%r11d,%r15d
+
+	xorl	%r10d,%r13d
+	rorl	$9,%r14d
+	xorl	%eax,%r15d
+
+	movl	%r12d,56(%rsp)
+	xorl	%ecx,%r14d
+	andl	%r10d,%r15d
+
+	rorl	$5,%r13d
+	addl	%ebx,%r12d
+	xorl	%eax,%r15d
+
+	rorl	$11,%r14d
+	xorl	%r10d,%r13d
+	addl	%r15d,%r12d
+
+	movl	%ecx,%r15d
+	addl	(%rbp),%r12d
+	xorl	%ecx,%r14d
+
+	xorl	%edx,%r15d
+	rorl	$6,%r13d
+	movl	%edx,%ebx
+
+	andl	%r15d,%edi
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%edi,%ebx
+	addl	%r12d,%r9d
+	addl	%r12d,%ebx
+
+	leaq	4(%rbp),%rbp
+	movl	0(%rsp),%r13d
+	movl	52(%rsp),%edi
+
+	movl	%r13d,%r12d
+	rorl	$11,%r13d
+	addl	%r14d,%ebx
+	movl	%edi,%r14d
+	rorl	$2,%edi
+
+	xorl	%r12d,%r13d
+	shrl	$3,%r12d
+	rorl	$7,%r13d
+	xorl	%r14d,%edi
+	shrl	$10,%r14d
+
+	rorl	$17,%edi
+	xorl	%r13d,%r12d
+	xorl	%r14d,%edi
+	addl	32(%rsp),%r12d
+
+	addl	60(%rsp),%r12d
+	movl	%r9d,%r13d
+	addl	%edi,%r12d
+	movl	%ebx,%r14d
+	rorl	$14,%r13d
+	movl	%r10d,%edi
+
+	xorl	%r9d,%r13d
+	rorl	$9,%r14d
+	xorl	%r11d,%edi
+
+	movl	%r12d,60(%rsp)
+	xorl	%ebx,%r14d
+	andl	%r9d,%edi
+
+	rorl	$5,%r13d
+	addl	%eax,%r12d
+	xorl	%r11d,%edi
+
+	rorl	$11,%r14d
+	xorl	%r9d,%r13d
+	addl	%edi,%r12d
+
+	movl	%ebx,%edi
+	addl	(%rbp),%r12d
+	xorl	%ebx,%r14d
+
+	xorl	%ecx,%edi
+	rorl	$6,%r13d
+	movl	%ecx,%eax
+
+	andl	%edi,%r15d
+	rorl	$2,%r14d
+	addl	%r13d,%r12d
+
+	xorl	%r15d,%eax
+	addl	%r12d,%r8d
+	addl	%r12d,%eax
+
+	leaq	20(%rbp),%rbp
+	cmpb	$0,3(%rbp)
+	jnz	L$rounds_16_xx
+
+	movq	64+0(%rsp),%rdi
+	addl	%r14d,%eax
+	leaq	64(%rsi),%rsi
+
+	addl	0(%rdi),%eax
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	addl	24(%rdi),%r10d
+	addl	28(%rdi),%r11d
+
+	cmpq	64+16(%rsp),%rsi
+
+	movl	%eax,0(%rdi)
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+	jb	L$loop
+
+	movq	88(%rsp),%rsi
+
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+L$epilogue:
+	.byte	0xf3,0xc3
+
+
+.p2align	6
+
+K256:
+.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+.long	0x03020100,0x0b0a0908,0xffffffff,0xffffffff
+.long	0x03020100,0x0b0a0908,0xffffffff,0xffffffff
+.long	0xffffffff,0xffffffff,0x03020100,0x0b0a0908
+.long	0xffffffff,0xffffffff,0x03020100,0x0b0a0908
+.byte	83,72,65,50,53,54,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+
+.p2align	6
+sha256_block_data_order_shaext:
+_shaext_shortcut:
+
+	leaq	K256+128(%rip),%rcx
+	movdqu	(%rdi),%xmm1
+	movdqu	16(%rdi),%xmm2
+	movdqa	512-128(%rcx),%xmm7
+
+	pshufd	$0x1b,%xmm1,%xmm0
+	pshufd	$0xb1,%xmm1,%xmm1
+	pshufd	$0x1b,%xmm2,%xmm2
+	movdqa	%xmm7,%xmm8
+.byte	102,15,58,15,202,8
+	punpcklqdq	%xmm0,%xmm2
+	jmp	L$oop_shaext
+
+.p2align	4
+L$oop_shaext:
+	movdqu	(%rsi),%xmm3
+	movdqu	16(%rsi),%xmm4
+	movdqu	32(%rsi),%xmm5
+.byte	102,15,56,0,223
+	movdqu	48(%rsi),%xmm6
+
+	movdqa	0-128(%rcx),%xmm0
+	paddd	%xmm3,%xmm0
+.byte	102,15,56,0,231
+	movdqa	%xmm2,%xmm10
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	nop
+	movdqa	%xmm1,%xmm9
+.byte	15,56,203,202
+
+	movdqa	32-128(%rcx),%xmm0
+	paddd	%xmm4,%xmm0
+.byte	102,15,56,0,239
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	leaq	64(%rsi),%rsi
+.byte	15,56,204,220
+.byte	15,56,203,202
+
+	movdqa	64-128(%rcx),%xmm0
+	paddd	%xmm5,%xmm0
+.byte	102,15,56,0,247
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm6,%xmm7
+.byte	102,15,58,15,253,4
+	nop
+	paddd	%xmm7,%xmm3
+.byte	15,56,204,229
+.byte	15,56,203,202
+
+	movdqa	96-128(%rcx),%xmm0
+	paddd	%xmm6,%xmm0
+.byte	15,56,205,222
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm3,%xmm7
+.byte	102,15,58,15,254,4
+	nop
+	paddd	%xmm7,%xmm4
+.byte	15,56,204,238
+.byte	15,56,203,202
+	movdqa	128-128(%rcx),%xmm0
+	paddd	%xmm3,%xmm0
+.byte	15,56,205,227
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm4,%xmm7
+.byte	102,15,58,15,251,4
+	nop
+	paddd	%xmm7,%xmm5
+.byte	15,56,204,243
+.byte	15,56,203,202
+	movdqa	160-128(%rcx),%xmm0
+	paddd	%xmm4,%xmm0
+.byte	15,56,205,236
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm5,%xmm7
+.byte	102,15,58,15,252,4
+	nop
+	paddd	%xmm7,%xmm6
+.byte	15,56,204,220
+.byte	15,56,203,202
+	movdqa	192-128(%rcx),%xmm0
+	paddd	%xmm5,%xmm0
+.byte	15,56,205,245
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm6,%xmm7
+.byte	102,15,58,15,253,4
+	nop
+	paddd	%xmm7,%xmm3
+.byte	15,56,204,229
+.byte	15,56,203,202
+	movdqa	224-128(%rcx),%xmm0
+	paddd	%xmm6,%xmm0
+.byte	15,56,205,222
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm3,%xmm7
+.byte	102,15,58,15,254,4
+	nop
+	paddd	%xmm7,%xmm4
+.byte	15,56,204,238
+.byte	15,56,203,202
+	movdqa	256-128(%rcx),%xmm0
+	paddd	%xmm3,%xmm0
+.byte	15,56,205,227
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm4,%xmm7
+.byte	102,15,58,15,251,4
+	nop
+	paddd	%xmm7,%xmm5
+.byte	15,56,204,243
+.byte	15,56,203,202
+	movdqa	288-128(%rcx),%xmm0
+	paddd	%xmm4,%xmm0
+.byte	15,56,205,236
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm5,%xmm7
+.byte	102,15,58,15,252,4
+	nop
+	paddd	%xmm7,%xmm6
+.byte	15,56,204,220
+.byte	15,56,203,202
+	movdqa	320-128(%rcx),%xmm0
+	paddd	%xmm5,%xmm0
+.byte	15,56,205,245
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm6,%xmm7
+.byte	102,15,58,15,253,4
+	nop
+	paddd	%xmm7,%xmm3
+.byte	15,56,204,229
+.byte	15,56,203,202
+	movdqa	352-128(%rcx),%xmm0
+	paddd	%xmm6,%xmm0
+.byte	15,56,205,222
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm3,%xmm7
+.byte	102,15,58,15,254,4
+	nop
+	paddd	%xmm7,%xmm4
+.byte	15,56,204,238
+.byte	15,56,203,202
+	movdqa	384-128(%rcx),%xmm0
+	paddd	%xmm3,%xmm0
+.byte	15,56,205,227
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm4,%xmm7
+.byte	102,15,58,15,251,4
+	nop
+	paddd	%xmm7,%xmm5
+.byte	15,56,204,243
+.byte	15,56,203,202
+	movdqa	416-128(%rcx),%xmm0
+	paddd	%xmm4,%xmm0
+.byte	15,56,205,236
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	movdqa	%xmm5,%xmm7
+.byte	102,15,58,15,252,4
+.byte	15,56,203,202
+	paddd	%xmm7,%xmm6
+
+	movdqa	448-128(%rcx),%xmm0
+	paddd	%xmm5,%xmm0
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+.byte	15,56,205,245
+	movdqa	%xmm8,%xmm7
+.byte	15,56,203,202
+
+	movdqa	480-128(%rcx),%xmm0
+	paddd	%xmm6,%xmm0
+	nop
+.byte	15,56,203,209
+	pshufd	$0x0e,%xmm0,%xmm0
+	decq	%rdx
+	nop
+.byte	15,56,203,202
+
+	paddd	%xmm10,%xmm2
+	paddd	%xmm9,%xmm1
+	jnz	L$oop_shaext
+
+	pshufd	$0xb1,%xmm2,%xmm2
+	pshufd	$0x1b,%xmm1,%xmm7
+	pshufd	$0xb1,%xmm1,%xmm1
+	punpckhqdq	%xmm2,%xmm1
+.byte	102,15,58,15,215,8
+
+	movdqu	%xmm1,(%rdi)
+	movdqu	%xmm2,16(%rdi)
+	.byte	0xf3,0xc3
+
+
+
+.p2align	6
+sha256_block_data_order_ssse3:
+
+L$ssse3_shortcut:
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	shlq	$4,%rdx
+	subq	$96,%rsp
+	leaq	(%rsi,%rdx,4),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,64+0(%rsp)
+	movq	%rsi,64+8(%rsp)
+	movq	%rdx,64+16(%rsp)
+	movq	%rax,88(%rsp)
+
+L$prologue_ssse3:
+
+	movl	0(%rdi),%eax
+	movl	4(%rdi),%ebx
+	movl	8(%rdi),%ecx
+	movl	12(%rdi),%edx
+	movl	16(%rdi),%r8d
+	movl	20(%rdi),%r9d
+	movl	24(%rdi),%r10d
+	movl	28(%rdi),%r11d
+
+
+	jmp	L$loop_ssse3
+.p2align	4
+L$loop_ssse3:
+	movdqa	K256+512(%rip),%xmm7
+	movdqu	0(%rsi),%xmm0
+	movdqu	16(%rsi),%xmm1
+	movdqu	32(%rsi),%xmm2
+.byte	102,15,56,0,199
+	movdqu	48(%rsi),%xmm3
+	leaq	K256(%rip),%rbp
+.byte	102,15,56,0,207
+	movdqa	0(%rbp),%xmm4
+	movdqa	32(%rbp),%xmm5
+.byte	102,15,56,0,215
+	paddd	%xmm0,%xmm4
+	movdqa	64(%rbp),%xmm6
+.byte	102,15,56,0,223
+	movdqa	96(%rbp),%xmm7
+	paddd	%xmm1,%xmm5
+	paddd	%xmm2,%xmm6
+	paddd	%xmm3,%xmm7
+	movdqa	%xmm4,0(%rsp)
+	movl	%eax,%r14d
+	movdqa	%xmm5,16(%rsp)
+	movl	%ebx,%edi
+	movdqa	%xmm6,32(%rsp)
+	xorl	%ecx,%edi
+	movdqa	%xmm7,48(%rsp)
+	movl	%r8d,%r13d
+	jmp	L$ssse3_00_47
+
+.p2align	4
+L$ssse3_00_47:
+	subq	$-128,%rbp
+	rorl	$14,%r13d
+	movdqa	%xmm1,%xmm4
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	movdqa	%xmm3,%xmm7
+	rorl	$9,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	rorl	$5,%r13d
+	xorl	%eax,%r14d
+.byte	102,15,58,15,224,4
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+.byte	102,15,58,15,250,4
+	addl	0(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm4,%xmm5
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	movdqa	%xmm4,%xmm6
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	psrld	$3,%xmm4
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	paddd	%xmm7,%xmm0
+	rorl	$2,%r14d
+	addl	%r11d,%edx
+	psrld	$7,%xmm6
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	pshufd	$250,%xmm3,%xmm7
+	addl	%r11d,%r14d
+	rorl	$14,%r13d
+	pslld	$14,%xmm5
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	pxor	%xmm6,%xmm4
+	rorl	$9,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	rorl	$5,%r13d
+	psrld	$11,%xmm6
+	xorl	%r11d,%r14d
+	pxor	%xmm5,%xmm4
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	pslld	$11,%xmm5
+	addl	4(%rsp),%r10d
+	movl	%r11d,%edi
+	pxor	%xmm6,%xmm4
+	xorl	%r9d,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm7,%xmm6
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	pxor	%xmm5,%xmm4
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	psrld	$10,%xmm7
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	paddd	%xmm4,%xmm0
+	rorl	$2,%r14d
+	addl	%r10d,%ecx
+	psrlq	$17,%xmm6
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	pxor	%xmm6,%xmm7
+	rorl	$14,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	rorl	$9,%r14d
+	psrlq	$2,%xmm6
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$5,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	pshufd	$128,%xmm7,%xmm7
+	xorl	%ecx,%r13d
+	addl	8(%rsp),%r9d
+	movl	%r10d,%r15d
+	psrldq	$8,%xmm7
+	xorl	%r8d,%r12d
+	rorl	$11,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	rorl	$6,%r13d
+	paddd	%xmm7,%xmm0
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	pshufd	$80,%xmm0,%xmm7
+	xorl	%r11d,%edi
+	rorl	$2,%r14d
+	addl	%r9d,%ebx
+	movdqa	%xmm7,%xmm6
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	psrld	$10,%xmm7
+	addl	%r9d,%r14d
+	rorl	$14,%r13d
+	psrlq	$17,%xmm6
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$9,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	rorl	$5,%r13d
+	xorl	%r9d,%r14d
+	psrlq	$2,%xmm6
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	12(%rsp),%r8d
+	pxor	%xmm6,%xmm7
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	rorl	$11,%r14d
+	pshufd	$8,%xmm7,%xmm7
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	movdqa	0(%rbp),%xmm6
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	pslldq	$8,%xmm7
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	paddd	%xmm7,%xmm0
+	rorl	$2,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	paddd	%xmm0,%xmm6
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	movdqa	%xmm6,0(%rsp)
+	rorl	$14,%r13d
+	movdqa	%xmm2,%xmm4
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	movdqa	%xmm0,%xmm7
+	rorl	$9,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	rorl	$5,%r13d
+	xorl	%r8d,%r14d
+.byte	102,15,58,15,225,4
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+.byte	102,15,58,15,251,4
+	addl	16(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm4,%xmm5
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	movdqa	%xmm4,%xmm6
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	psrld	$3,%xmm4
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	paddd	%xmm7,%xmm1
+	rorl	$2,%r14d
+	addl	%edx,%r11d
+	psrld	$7,%xmm6
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	pshufd	$250,%xmm0,%xmm7
+	addl	%edx,%r14d
+	rorl	$14,%r13d
+	pslld	$14,%xmm5
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	pxor	%xmm6,%xmm4
+	rorl	$9,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	rorl	$5,%r13d
+	psrld	$11,%xmm6
+	xorl	%edx,%r14d
+	pxor	%xmm5,%xmm4
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	pslld	$11,%xmm5
+	addl	20(%rsp),%ecx
+	movl	%edx,%edi
+	pxor	%xmm6,%xmm4
+	xorl	%ebx,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm7,%xmm6
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	pxor	%xmm5,%xmm4
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	psrld	$10,%xmm7
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	paddd	%xmm4,%xmm1
+	rorl	$2,%r14d
+	addl	%ecx,%r10d
+	psrlq	$17,%xmm6
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	pxor	%xmm6,%xmm7
+	rorl	$14,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	rorl	$9,%r14d
+	psrlq	$2,%xmm6
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$5,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	pshufd	$128,%xmm7,%xmm7
+	xorl	%r10d,%r13d
+	addl	24(%rsp),%ebx
+	movl	%ecx,%r15d
+	psrldq	$8,%xmm7
+	xorl	%eax,%r12d
+	rorl	$11,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	rorl	$6,%r13d
+	paddd	%xmm7,%xmm1
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	pshufd	$80,%xmm1,%xmm7
+	xorl	%edx,%edi
+	rorl	$2,%r14d
+	addl	%ebx,%r9d
+	movdqa	%xmm7,%xmm6
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	psrld	$10,%xmm7
+	addl	%ebx,%r14d
+	rorl	$14,%r13d
+	psrlq	$17,%xmm6
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$9,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	rorl	$5,%r13d
+	xorl	%ebx,%r14d
+	psrlq	$2,%xmm6
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	28(%rsp),%eax
+	pxor	%xmm6,%xmm7
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	rorl	$11,%r14d
+	pshufd	$8,%xmm7,%xmm7
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	movdqa	32(%rbp),%xmm6
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	pslldq	$8,%xmm7
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	paddd	%xmm7,%xmm1
+	rorl	$2,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	paddd	%xmm1,%xmm6
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	movdqa	%xmm6,16(%rsp)
+	rorl	$14,%r13d
+	movdqa	%xmm3,%xmm4
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	movdqa	%xmm1,%xmm7
+	rorl	$9,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	rorl	$5,%r13d
+	xorl	%eax,%r14d
+.byte	102,15,58,15,226,4
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+.byte	102,15,58,15,248,4
+	addl	32(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm4,%xmm5
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	movdqa	%xmm4,%xmm6
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	psrld	$3,%xmm4
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	paddd	%xmm7,%xmm2
+	rorl	$2,%r14d
+	addl	%r11d,%edx
+	psrld	$7,%xmm6
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	pshufd	$250,%xmm1,%xmm7
+	addl	%r11d,%r14d
+	rorl	$14,%r13d
+	pslld	$14,%xmm5
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	pxor	%xmm6,%xmm4
+	rorl	$9,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	rorl	$5,%r13d
+	psrld	$11,%xmm6
+	xorl	%r11d,%r14d
+	pxor	%xmm5,%xmm4
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	pslld	$11,%xmm5
+	addl	36(%rsp),%r10d
+	movl	%r11d,%edi
+	pxor	%xmm6,%xmm4
+	xorl	%r9d,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm7,%xmm6
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	pxor	%xmm5,%xmm4
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	psrld	$10,%xmm7
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	paddd	%xmm4,%xmm2
+	rorl	$2,%r14d
+	addl	%r10d,%ecx
+	psrlq	$17,%xmm6
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	pxor	%xmm6,%xmm7
+	rorl	$14,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	rorl	$9,%r14d
+	psrlq	$2,%xmm6
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$5,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	pshufd	$128,%xmm7,%xmm7
+	xorl	%ecx,%r13d
+	addl	40(%rsp),%r9d
+	movl	%r10d,%r15d
+	psrldq	$8,%xmm7
+	xorl	%r8d,%r12d
+	rorl	$11,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	rorl	$6,%r13d
+	paddd	%xmm7,%xmm2
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	pshufd	$80,%xmm2,%xmm7
+	xorl	%r11d,%edi
+	rorl	$2,%r14d
+	addl	%r9d,%ebx
+	movdqa	%xmm7,%xmm6
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	psrld	$10,%xmm7
+	addl	%r9d,%r14d
+	rorl	$14,%r13d
+	psrlq	$17,%xmm6
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$9,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	rorl	$5,%r13d
+	xorl	%r9d,%r14d
+	psrlq	$2,%xmm6
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	44(%rsp),%r8d
+	pxor	%xmm6,%xmm7
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	rorl	$11,%r14d
+	pshufd	$8,%xmm7,%xmm7
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	movdqa	64(%rbp),%xmm6
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	pslldq	$8,%xmm7
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	paddd	%xmm7,%xmm2
+	rorl	$2,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	paddd	%xmm2,%xmm6
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	movdqa	%xmm6,32(%rsp)
+	rorl	$14,%r13d
+	movdqa	%xmm0,%xmm4
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	movdqa	%xmm2,%xmm7
+	rorl	$9,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	rorl	$5,%r13d
+	xorl	%r8d,%r14d
+.byte	102,15,58,15,227,4
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+.byte	102,15,58,15,249,4
+	addl	48(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm4,%xmm5
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	movdqa	%xmm4,%xmm6
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	psrld	$3,%xmm4
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	paddd	%xmm7,%xmm3
+	rorl	$2,%r14d
+	addl	%edx,%r11d
+	psrld	$7,%xmm6
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	pshufd	$250,%xmm2,%xmm7
+	addl	%edx,%r14d
+	rorl	$14,%r13d
+	pslld	$14,%xmm5
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	pxor	%xmm6,%xmm4
+	rorl	$9,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	rorl	$5,%r13d
+	psrld	$11,%xmm6
+	xorl	%edx,%r14d
+	pxor	%xmm5,%xmm4
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	pslld	$11,%xmm5
+	addl	52(%rsp),%ecx
+	movl	%edx,%edi
+	pxor	%xmm6,%xmm4
+	xorl	%ebx,%r12d
+	rorl	$11,%r14d
+	movdqa	%xmm7,%xmm6
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	pxor	%xmm5,%xmm4
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	psrld	$10,%xmm7
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	paddd	%xmm4,%xmm3
+	rorl	$2,%r14d
+	addl	%ecx,%r10d
+	psrlq	$17,%xmm6
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	pxor	%xmm6,%xmm7
+	rorl	$14,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	rorl	$9,%r14d
+	psrlq	$2,%xmm6
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$5,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	pshufd	$128,%xmm7,%xmm7
+	xorl	%r10d,%r13d
+	addl	56(%rsp),%ebx
+	movl	%ecx,%r15d
+	psrldq	$8,%xmm7
+	xorl	%eax,%r12d
+	rorl	$11,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	rorl	$6,%r13d
+	paddd	%xmm7,%xmm3
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	pshufd	$80,%xmm3,%xmm7
+	xorl	%edx,%edi
+	rorl	$2,%r14d
+	addl	%ebx,%r9d
+	movdqa	%xmm7,%xmm6
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	psrld	$10,%xmm7
+	addl	%ebx,%r14d
+	rorl	$14,%r13d
+	psrlq	$17,%xmm6
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	pxor	%xmm6,%xmm7
+	rorl	$9,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	rorl	$5,%r13d
+	xorl	%ebx,%r14d
+	psrlq	$2,%xmm6
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	60(%rsp),%eax
+	pxor	%xmm6,%xmm7
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	rorl	$11,%r14d
+	pshufd	$8,%xmm7,%xmm7
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	movdqa	96(%rbp),%xmm6
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	pslldq	$8,%xmm7
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	paddd	%xmm7,%xmm3
+	rorl	$2,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	paddd	%xmm3,%xmm6
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	movdqa	%xmm6,48(%rsp)
+	cmpb	$0,131(%rbp)
+	jne	L$ssse3_00_47
+	rorl	$14,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	rorl	$9,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	rorl	$5,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+	addl	0(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	rorl	$11,%r14d
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	rorl	$2,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	rorl	$9,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	rorl	$5,%r13d
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	addl	4(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	rorl	$11,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	rorl	$2,%r14d
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	rorl	$9,%r14d
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	rorl	$5,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	8(%rsp),%r9d
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	rorl	$11,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	xorl	%r11d,%edi
+	rorl	$2,%r14d
+	addl	%r9d,%ebx
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	rorl	$9,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	rorl	$5,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	12(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	rorl	$11,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	rorl	$2,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	rorl	$9,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	rorl	$5,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+	addl	16(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	rorl	$11,%r14d
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	rorl	$2,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	rorl	$9,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	rorl	$5,%r13d
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	addl	20(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	rorl	$11,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	rorl	$2,%r14d
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	rorl	$9,%r14d
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	rorl	$5,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	24(%rsp),%ebx
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	rorl	$11,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	xorl	%edx,%edi
+	rorl	$2,%r14d
+	addl	%ebx,%r9d
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	rorl	$9,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	rorl	$5,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	28(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	rorl	$11,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	rorl	$2,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	rorl	$9,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	rorl	$5,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+	addl	32(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	rorl	$11,%r14d
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	rorl	$2,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	rorl	$9,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	rorl	$5,%r13d
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	addl	36(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	rorl	$11,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	rorl	$2,%r14d
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	rorl	$9,%r14d
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	rorl	$5,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	40(%rsp),%r9d
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	rorl	$11,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	xorl	%r11d,%edi
+	rorl	$2,%r14d
+	addl	%r9d,%ebx
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	rorl	$9,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	rorl	$5,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	44(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	rorl	$11,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	rorl	$2,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	rorl	$9,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	rorl	$5,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+	addl	48(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	rorl	$11,%r14d
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	rorl	$2,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	rorl	$9,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	rorl	$5,%r13d
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	addl	52(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	rorl	$11,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	rorl	$2,%r14d
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	rorl	$9,%r14d
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	rorl	$5,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	56(%rsp),%ebx
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	rorl	$11,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	rorl	$6,%r13d
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	xorl	%edx,%edi
+	rorl	$2,%r14d
+	addl	%ebx,%r9d
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	rorl	$14,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	rorl	$9,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	rorl	$5,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	60(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	rorl	$11,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	rorl	$6,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	rorl	$2,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	movq	64+0(%rsp),%rdi
+	movl	%r14d,%eax
+
+	addl	0(%rdi),%eax
+	leaq	64(%rsi),%rsi
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	addl	24(%rdi),%r10d
+	addl	28(%rdi),%r11d
+
+	cmpq	64+16(%rsp),%rsi
+
+	movl	%eax,0(%rdi)
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+	jb	L$loop_ssse3
+
+	movq	88(%rsp),%rsi
+
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+L$epilogue_ssse3:
+	.byte	0xf3,0xc3
+
+
+
+.p2align	6
+sha256_block_data_order_avx:
+
+L$avx_shortcut:
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	shlq	$4,%rdx
+	subq	$96,%rsp
+	leaq	(%rsi,%rdx,4),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,64+0(%rsp)
+	movq	%rsi,64+8(%rsp)
+	movq	%rdx,64+16(%rsp)
+	movq	%rax,88(%rsp)
+
+L$prologue_avx:
+
+	vzeroupper
+	movl	0(%rdi),%eax
+	movl	4(%rdi),%ebx
+	movl	8(%rdi),%ecx
+	movl	12(%rdi),%edx
+	movl	16(%rdi),%r8d
+	movl	20(%rdi),%r9d
+	movl	24(%rdi),%r10d
+	movl	28(%rdi),%r11d
+	vmovdqa	K256+512+32(%rip),%xmm8
+	vmovdqa	K256+512+64(%rip),%xmm9
+	jmp	L$loop_avx
+.p2align	4
+L$loop_avx:
+	vmovdqa	K256+512(%rip),%xmm7
+	vmovdqu	0(%rsi),%xmm0
+	vmovdqu	16(%rsi),%xmm1
+	vmovdqu	32(%rsi),%xmm2
+	vmovdqu	48(%rsi),%xmm3
+	vpshufb	%xmm7,%xmm0,%xmm0
+	leaq	K256(%rip),%rbp
+	vpshufb	%xmm7,%xmm1,%xmm1
+	vpshufb	%xmm7,%xmm2,%xmm2
+	vpaddd	0(%rbp),%xmm0,%xmm4
+	vpshufb	%xmm7,%xmm3,%xmm3
+	vpaddd	32(%rbp),%xmm1,%xmm5
+	vpaddd	64(%rbp),%xmm2,%xmm6
+	vpaddd	96(%rbp),%xmm3,%xmm7
+	vmovdqa	%xmm4,0(%rsp)
+	movl	%eax,%r14d
+	vmovdqa	%xmm5,16(%rsp)
+	movl	%ebx,%edi
+	vmovdqa	%xmm6,32(%rsp)
+	xorl	%ecx,%edi
+	vmovdqa	%xmm7,48(%rsp)
+	movl	%r8d,%r13d
+	jmp	L$avx_00_47
+
+.p2align	4
+L$avx_00_47:
+	subq	$-128,%rbp
+	vpalignr	$4,%xmm0,%xmm1,%xmm4
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	vpalignr	$4,%xmm2,%xmm3,%xmm7
+	shrdl	$9,%r14d,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	vpsrld	$7,%xmm4,%xmm6
+	shrdl	$5,%r13d,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	vpaddd	%xmm7,%xmm0,%xmm0
+	xorl	%r8d,%r13d
+	addl	0(%rsp),%r11d
+	movl	%eax,%r15d
+	vpsrld	$3,%xmm4,%xmm7
+	xorl	%r10d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ebx,%r15d
+	vpslld	$14,%xmm4,%xmm5
+	addl	%r12d,%r11d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	vpxor	%xmm6,%xmm7,%xmm4
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	vpshufd	$250,%xmm3,%xmm7
+	shrdl	$2,%r14d,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	vpsrld	$11,%xmm6,%xmm6
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	shrdl	$14,%r13d,%r13d
+	vpxor	%xmm5,%xmm4,%xmm4
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	shrdl	$9,%r14d,%r14d
+	vpslld	$11,%xmm5,%xmm5
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	shrdl	$5,%r13d,%r13d
+	vpxor	%xmm6,%xmm4,%xmm4
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	vpsrld	$10,%xmm7,%xmm6
+	addl	4(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	vpxor	%xmm5,%xmm4,%xmm4
+	shrdl	$11,%r14d,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	vpsrlq	$17,%xmm7,%xmm7
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	vpaddd	%xmm4,%xmm0,%xmm0
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	shrdl	$2,%r14d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%r10d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r10d
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%edx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ecx,%r13d
+	vpshufb	%xmm8,%xmm6,%xmm6
+	xorl	%r8d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r10d,%r14d
+	vpaddd	%xmm6,%xmm0,%xmm0
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	8(%rsp),%r9d
+	vpshufd	$80,%xmm0,%xmm7
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	shrdl	$11,%r14d,%r14d
+	vpsrld	$10,%xmm7,%xmm6
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	shrdl	$6,%r13d,%r13d
+	vpsrlq	$17,%xmm7,%xmm7
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	vpxor	%xmm7,%xmm6,%xmm6
+	xorl	%r11d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r9d,%ebx
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	vpshufb	%xmm9,%xmm6,%xmm6
+	shrdl	$9,%r14d,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	vpaddd	%xmm6,%xmm0,%xmm0
+	shrdl	$5,%r13d,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	vpaddd	0(%rbp),%xmm0,%xmm6
+	xorl	%ebx,%r13d
+	addl	12(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	vmovdqa	%xmm6,0(%rsp)
+	vpalignr	$4,%xmm1,%xmm2,%xmm4
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	vpalignr	$4,%xmm3,%xmm0,%xmm7
+	shrdl	$9,%r14d,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	vpsrld	$7,%xmm4,%xmm6
+	shrdl	$5,%r13d,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	vpaddd	%xmm7,%xmm1,%xmm1
+	xorl	%eax,%r13d
+	addl	16(%rsp),%edx
+	movl	%r8d,%r15d
+	vpsrld	$3,%xmm4,%xmm7
+	xorl	%ecx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r9d,%r15d
+	vpslld	$14,%xmm4,%xmm5
+	addl	%r12d,%edx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	vpxor	%xmm6,%xmm7,%xmm4
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	vpshufd	$250,%xmm0,%xmm7
+	shrdl	$2,%r14d,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	vpsrld	$11,%xmm6,%xmm6
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	shrdl	$14,%r13d,%r13d
+	vpxor	%xmm5,%xmm4,%xmm4
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	shrdl	$9,%r14d,%r14d
+	vpslld	$11,%xmm5,%xmm5
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	shrdl	$5,%r13d,%r13d
+	vpxor	%xmm6,%xmm4,%xmm4
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	vpsrld	$10,%xmm7,%xmm6
+	addl	20(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	vpxor	%xmm5,%xmm4,%xmm4
+	shrdl	$11,%r14d,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	vpsrlq	$17,%xmm7,%xmm7
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	vpaddd	%xmm4,%xmm1,%xmm1
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	shrdl	$2,%r14d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%ecx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ecx
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%r11d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r10d,%r13d
+	vpshufb	%xmm8,%xmm6,%xmm6
+	xorl	%eax,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ecx,%r14d
+	vpaddd	%xmm6,%xmm1,%xmm1
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	24(%rsp),%ebx
+	vpshufd	$80,%xmm1,%xmm7
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	shrdl	$11,%r14d,%r14d
+	vpsrld	$10,%xmm7,%xmm6
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	shrdl	$6,%r13d,%r13d
+	vpsrlq	$17,%xmm7,%xmm7
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	vpxor	%xmm7,%xmm6,%xmm6
+	xorl	%edx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%ebx,%r9d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	vpshufb	%xmm9,%xmm6,%xmm6
+	shrdl	$9,%r14d,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	vpaddd	%xmm6,%xmm1,%xmm1
+	shrdl	$5,%r13d,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	vpaddd	32(%rbp),%xmm1,%xmm6
+	xorl	%r9d,%r13d
+	addl	28(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	vmovdqa	%xmm6,16(%rsp)
+	vpalignr	$4,%xmm2,%xmm3,%xmm4
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	vpalignr	$4,%xmm0,%xmm1,%xmm7
+	shrdl	$9,%r14d,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	vpsrld	$7,%xmm4,%xmm6
+	shrdl	$5,%r13d,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	vpaddd	%xmm7,%xmm2,%xmm2
+	xorl	%r8d,%r13d
+	addl	32(%rsp),%r11d
+	movl	%eax,%r15d
+	vpsrld	$3,%xmm4,%xmm7
+	xorl	%r10d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ebx,%r15d
+	vpslld	$14,%xmm4,%xmm5
+	addl	%r12d,%r11d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	vpxor	%xmm6,%xmm7,%xmm4
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	vpshufd	$250,%xmm1,%xmm7
+	shrdl	$2,%r14d,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	vpsrld	$11,%xmm6,%xmm6
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	shrdl	$14,%r13d,%r13d
+	vpxor	%xmm5,%xmm4,%xmm4
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	shrdl	$9,%r14d,%r14d
+	vpslld	$11,%xmm5,%xmm5
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	shrdl	$5,%r13d,%r13d
+	vpxor	%xmm6,%xmm4,%xmm4
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	vpsrld	$10,%xmm7,%xmm6
+	addl	36(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	vpxor	%xmm5,%xmm4,%xmm4
+	shrdl	$11,%r14d,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	vpsrlq	$17,%xmm7,%xmm7
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	vpaddd	%xmm4,%xmm2,%xmm2
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	shrdl	$2,%r14d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%r10d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r10d
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%edx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ecx,%r13d
+	vpshufb	%xmm8,%xmm6,%xmm6
+	xorl	%r8d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r10d,%r14d
+	vpaddd	%xmm6,%xmm2,%xmm2
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	40(%rsp),%r9d
+	vpshufd	$80,%xmm2,%xmm7
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	shrdl	$11,%r14d,%r14d
+	vpsrld	$10,%xmm7,%xmm6
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	shrdl	$6,%r13d,%r13d
+	vpsrlq	$17,%xmm7,%xmm7
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	vpxor	%xmm7,%xmm6,%xmm6
+	xorl	%r11d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r9d,%ebx
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	vpshufb	%xmm9,%xmm6,%xmm6
+	shrdl	$9,%r14d,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	vpaddd	%xmm6,%xmm2,%xmm2
+	shrdl	$5,%r13d,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	vpaddd	64(%rbp),%xmm2,%xmm6
+	xorl	%ebx,%r13d
+	addl	44(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	vmovdqa	%xmm6,32(%rsp)
+	vpalignr	$4,%xmm3,%xmm0,%xmm4
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	vpalignr	$4,%xmm1,%xmm2,%xmm7
+	shrdl	$9,%r14d,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	vpsrld	$7,%xmm4,%xmm6
+	shrdl	$5,%r13d,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	vpaddd	%xmm7,%xmm3,%xmm3
+	xorl	%eax,%r13d
+	addl	48(%rsp),%edx
+	movl	%r8d,%r15d
+	vpsrld	$3,%xmm4,%xmm7
+	xorl	%ecx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r9d,%r15d
+	vpslld	$14,%xmm4,%xmm5
+	addl	%r12d,%edx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	vpxor	%xmm6,%xmm7,%xmm4
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	vpshufd	$250,%xmm2,%xmm7
+	shrdl	$2,%r14d,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	vpsrld	$11,%xmm6,%xmm6
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	shrdl	$14,%r13d,%r13d
+	vpxor	%xmm5,%xmm4,%xmm4
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	shrdl	$9,%r14d,%r14d
+	vpslld	$11,%xmm5,%xmm5
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	shrdl	$5,%r13d,%r13d
+	vpxor	%xmm6,%xmm4,%xmm4
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	vpsrld	$10,%xmm7,%xmm6
+	addl	52(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	vpxor	%xmm5,%xmm4,%xmm4
+	shrdl	$11,%r14d,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	vpsrlq	$17,%xmm7,%xmm7
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	vpaddd	%xmm4,%xmm3,%xmm3
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	shrdl	$2,%r14d,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%ecx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ecx
+	vpxor	%xmm7,%xmm6,%xmm6
+	movl	%r11d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r10d,%r13d
+	vpshufb	%xmm8,%xmm6,%xmm6
+	xorl	%eax,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ecx,%r14d
+	vpaddd	%xmm6,%xmm3,%xmm3
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	56(%rsp),%ebx
+	vpshufd	$80,%xmm3,%xmm7
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	shrdl	$11,%r14d,%r14d
+	vpsrld	$10,%xmm7,%xmm6
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	shrdl	$6,%r13d,%r13d
+	vpsrlq	$17,%xmm7,%xmm7
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	vpxor	%xmm7,%xmm6,%xmm6
+	xorl	%edx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%ebx,%r9d
+	vpsrlq	$2,%xmm7,%xmm7
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	vpxor	%xmm7,%xmm6,%xmm6
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	vpshufb	%xmm9,%xmm6,%xmm6
+	shrdl	$9,%r14d,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	vpaddd	%xmm6,%xmm3,%xmm3
+	shrdl	$5,%r13d,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	vpaddd	96(%rbp),%xmm3,%xmm6
+	xorl	%r9d,%r13d
+	addl	60(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	vmovdqa	%xmm6,48(%rsp)
+	cmpb	$0,131(%rbp)
+	jne	L$avx_00_47
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+	addl	0(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	addl	4(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	8(%rsp),%r9d
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	xorl	%r11d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r9d,%ebx
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	12(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+	addl	16(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	addl	20(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	24(%rsp),%ebx
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	xorl	%edx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%ebx,%r9d
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	28(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%eax
+	movl	%r9d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r8d,%r13d
+	xorl	%r10d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%eax,%r14d
+	andl	%r8d,%r12d
+	xorl	%r8d,%r13d
+	addl	32(%rsp),%r11d
+	movl	%eax,%r15d
+	xorl	%r10d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ebx,%r15d
+	addl	%r12d,%r11d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%eax,%r14d
+	addl	%r13d,%r11d
+	xorl	%ebx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r11d,%edx
+	addl	%edi,%r11d
+	movl	%edx,%r13d
+	addl	%r11d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r11d
+	movl	%r8d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%edx,%r13d
+	xorl	%r9d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r11d,%r14d
+	andl	%edx,%r12d
+	xorl	%edx,%r13d
+	addl	36(%rsp),%r10d
+	movl	%r11d,%edi
+	xorl	%r9d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%eax,%edi
+	addl	%r12d,%r10d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r11d,%r14d
+	addl	%r13d,%r10d
+	xorl	%eax,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r10d,%ecx
+	addl	%r15d,%r10d
+	movl	%ecx,%r13d
+	addl	%r10d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r10d
+	movl	%edx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ecx,%r13d
+	xorl	%r8d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r10d,%r14d
+	andl	%ecx,%r12d
+	xorl	%ecx,%r13d
+	addl	40(%rsp),%r9d
+	movl	%r10d,%r15d
+	xorl	%r8d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r11d,%r15d
+	addl	%r12d,%r9d
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%r10d,%r14d
+	addl	%r13d,%r9d
+	xorl	%r11d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%r9d,%ebx
+	addl	%edi,%r9d
+	movl	%ebx,%r13d
+	addl	%r9d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r9d
+	movl	%ecx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%ebx,%r13d
+	xorl	%edx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r9d,%r14d
+	andl	%ebx,%r12d
+	xorl	%ebx,%r13d
+	addl	44(%rsp),%r8d
+	movl	%r9d,%edi
+	xorl	%edx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r10d,%edi
+	addl	%r12d,%r8d
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%r9d,%r14d
+	addl	%r13d,%r8d
+	xorl	%r10d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%r8d,%eax
+	addl	%r15d,%r8d
+	movl	%eax,%r13d
+	addl	%r8d,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%r8d
+	movl	%ebx,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%eax,%r13d
+	xorl	%ecx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%r8d,%r14d
+	andl	%eax,%r12d
+	xorl	%eax,%r13d
+	addl	48(%rsp),%edx
+	movl	%r8d,%r15d
+	xorl	%ecx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r9d,%r15d
+	addl	%r12d,%edx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%r8d,%r14d
+	addl	%r13d,%edx
+	xorl	%r9d,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%edx,%r11d
+	addl	%edi,%edx
+	movl	%r11d,%r13d
+	addl	%edx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%edx
+	movl	%eax,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r11d,%r13d
+	xorl	%ebx,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%edx,%r14d
+	andl	%r11d,%r12d
+	xorl	%r11d,%r13d
+	addl	52(%rsp),%ecx
+	movl	%edx,%edi
+	xorl	%ebx,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%r8d,%edi
+	addl	%r12d,%ecx
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%edx,%r14d
+	addl	%r13d,%ecx
+	xorl	%r8d,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%ecx,%r10d
+	addl	%r15d,%ecx
+	movl	%r10d,%r13d
+	addl	%ecx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ecx
+	movl	%r11d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r10d,%r13d
+	xorl	%eax,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ecx,%r14d
+	andl	%r10d,%r12d
+	xorl	%r10d,%r13d
+	addl	56(%rsp),%ebx
+	movl	%ecx,%r15d
+	xorl	%eax,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%edx,%r15d
+	addl	%r12d,%ebx
+	shrdl	$6,%r13d,%r13d
+	andl	%r15d,%edi
+	xorl	%ecx,%r14d
+	addl	%r13d,%ebx
+	xorl	%edx,%edi
+	shrdl	$2,%r14d,%r14d
+	addl	%ebx,%r9d
+	addl	%edi,%ebx
+	movl	%r9d,%r13d
+	addl	%ebx,%r14d
+	shrdl	$14,%r13d,%r13d
+	movl	%r14d,%ebx
+	movl	%r10d,%r12d
+	shrdl	$9,%r14d,%r14d
+	xorl	%r9d,%r13d
+	xorl	%r11d,%r12d
+	shrdl	$5,%r13d,%r13d
+	xorl	%ebx,%r14d
+	andl	%r9d,%r12d
+	xorl	%r9d,%r13d
+	addl	60(%rsp),%eax
+	movl	%ebx,%edi
+	xorl	%r11d,%r12d
+	shrdl	$11,%r14d,%r14d
+	xorl	%ecx,%edi
+	addl	%r12d,%eax
+	shrdl	$6,%r13d,%r13d
+	andl	%edi,%r15d
+	xorl	%ebx,%r14d
+	addl	%r13d,%eax
+	xorl	%ecx,%r15d
+	shrdl	$2,%r14d,%r14d
+	addl	%eax,%r8d
+	addl	%r15d,%eax
+	movl	%r8d,%r13d
+	addl	%eax,%r14d
+	movq	64+0(%rsp),%rdi
+	movl	%r14d,%eax
+
+	addl	0(%rdi),%eax
+	leaq	64(%rsi),%rsi
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	addl	24(%rdi),%r10d
+	addl	28(%rdi),%r11d
+
+	cmpq	64+16(%rsp),%rsi
+
+	movl	%eax,0(%rdi)
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+	jb	L$loop_avx
+
+	movq	88(%rsp),%rsi
+
+	vzeroupper
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+L$epilogue_avx:
+	.byte	0xf3,0xc3
+
+
+
+.p2align	6
+sha256_block_data_order_avx2:
+
+L$avx2_shortcut:
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	subq	$544,%rsp
+	shlq	$4,%rdx
+	andq	$-1024,%rsp
+	leaq	(%rsi,%rdx,4),%rdx
+	addq	$448,%rsp
+	movq	%rdi,64+0(%rsp)
+	movq	%rsi,64+8(%rsp)
+	movq	%rdx,64+16(%rsp)
+	movq	%rax,88(%rsp)
+
+L$prologue_avx2:
+
+	vzeroupper
+	subq	$-64,%rsi
+	movl	0(%rdi),%eax
+	movq	%rsi,%r12
+	movl	4(%rdi),%ebx
+	cmpq	%rdx,%rsi
+	movl	8(%rdi),%ecx
+	cmoveq	%rsp,%r12
+	movl	12(%rdi),%edx
+	movl	16(%rdi),%r8d
+	movl	20(%rdi),%r9d
+	movl	24(%rdi),%r10d
+	movl	28(%rdi),%r11d
+	vmovdqa	K256+512+32(%rip),%ymm8
+	vmovdqa	K256+512+64(%rip),%ymm9
+	jmp	L$oop_avx2
+.p2align	4
+L$oop_avx2:
+	vmovdqa	K256+512(%rip),%ymm7
+	vmovdqu	-64+0(%rsi),%xmm0
+	vmovdqu	-64+16(%rsi),%xmm1
+	vmovdqu	-64+32(%rsi),%xmm2
+	vmovdqu	-64+48(%rsi),%xmm3
+
+	vinserti128	$1,(%r12),%ymm0,%ymm0
+	vinserti128	$1,16(%r12),%ymm1,%ymm1
+	vpshufb	%ymm7,%ymm0,%ymm0
+	vinserti128	$1,32(%r12),%ymm2,%ymm2
+	vpshufb	%ymm7,%ymm1,%ymm1
+	vinserti128	$1,48(%r12),%ymm3,%ymm3
+
+	leaq	K256(%rip),%rbp
+	vpshufb	%ymm7,%ymm2,%ymm2
+	vpaddd	0(%rbp),%ymm0,%ymm4
+	vpshufb	%ymm7,%ymm3,%ymm3
+	vpaddd	32(%rbp),%ymm1,%ymm5
+	vpaddd	64(%rbp),%ymm2,%ymm6
+	vpaddd	96(%rbp),%ymm3,%ymm7
+	vmovdqa	%ymm4,0(%rsp)
+	xorl	%r14d,%r14d
+	vmovdqa	%ymm5,32(%rsp)
+
+	movq	88(%rsp),%rdi
+
+	leaq	-64(%rsp),%rsp
+
+
+
+	movq	%rdi,-8(%rsp)
+
+	movl	%ebx,%edi
+	vmovdqa	%ymm6,0(%rsp)
+	xorl	%ecx,%edi
+	vmovdqa	%ymm7,32(%rsp)
+	movl	%r9d,%r12d
+	subq	$-32*4,%rbp
+	jmp	L$avx2_00_47
+
+.p2align	4
+L$avx2_00_47:
+	leaq	-64(%rsp),%rsp
+
+
+	pushq	64-8(%rsp)
+
+	leaq	8(%rsp),%rsp
+
+	vpalignr	$4,%ymm0,%ymm1,%ymm4
+	addl	0+128(%rsp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	vpalignr	$4,%ymm2,%ymm3,%ymm7
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	vpsrld	$7,%ymm4,%ymm6
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	vpaddd	%ymm7,%ymm0,%ymm0
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	vpsrld	$3,%ymm4,%ymm7
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	vpslld	$14,%ymm4,%ymm5
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	vpxor	%ymm6,%ymm7,%ymm4
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	vpshufd	$250,%ymm3,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	vpsrld	$11,%ymm6,%ymm6
+	addl	4+128(%rsp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	vpslld	$11,%ymm5,%ymm5
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	vpxor	%ymm6,%ymm4,%ymm4
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	vpsrld	$10,%ymm7,%ymm6
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	vpsrlq	$17,%ymm7,%ymm7
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	vpaddd	%ymm4,%ymm0,%ymm0
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	8+128(%rsp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	vpshufb	%ymm8,%ymm6,%ymm6
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	vpaddd	%ymm6,%ymm0,%ymm0
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	vpshufd	$80,%ymm0,%ymm7
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	vpsrld	$10,%ymm7,%ymm6
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	vpsrlq	$17,%ymm7,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	12+128(%rsp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	vpshufb	%ymm9,%ymm6,%ymm6
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	vpaddd	%ymm6,%ymm0,%ymm0
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	vpaddd	0(%rbp),%ymm0,%ymm6
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	vmovdqa	%ymm6,0(%rsp)
+	vpalignr	$4,%ymm1,%ymm2,%ymm4
+	addl	32+128(%rsp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	vpalignr	$4,%ymm3,%ymm0,%ymm7
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	vpsrld	$7,%ymm4,%ymm6
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	vpaddd	%ymm7,%ymm1,%ymm1
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	vpsrld	$3,%ymm4,%ymm7
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	vpslld	$14,%ymm4,%ymm5
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	vpxor	%ymm6,%ymm7,%ymm4
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	vpshufd	$250,%ymm0,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	vpsrld	$11,%ymm6,%ymm6
+	addl	36+128(%rsp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	vpslld	$11,%ymm5,%ymm5
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	vpxor	%ymm6,%ymm4,%ymm4
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	vpsrld	$10,%ymm7,%ymm6
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	vpsrlq	$17,%ymm7,%ymm7
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	vpaddd	%ymm4,%ymm1,%ymm1
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	40+128(%rsp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	vpshufb	%ymm8,%ymm6,%ymm6
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	vpaddd	%ymm6,%ymm1,%ymm1
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	vpshufd	$80,%ymm1,%ymm7
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	vpsrld	$10,%ymm7,%ymm6
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	vpsrlq	$17,%ymm7,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	44+128(%rsp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	vpshufb	%ymm9,%ymm6,%ymm6
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	vpaddd	%ymm6,%ymm1,%ymm1
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	vpaddd	32(%rbp),%ymm1,%ymm6
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	vmovdqa	%ymm6,32(%rsp)
+	leaq	-64(%rsp),%rsp
+
+
+	pushq	64-8(%rsp)
+
+	leaq	8(%rsp),%rsp
+
+	vpalignr	$4,%ymm2,%ymm3,%ymm4
+	addl	0+128(%rsp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	vpalignr	$4,%ymm0,%ymm1,%ymm7
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	vpsrld	$7,%ymm4,%ymm6
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	vpaddd	%ymm7,%ymm2,%ymm2
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	vpsrld	$3,%ymm4,%ymm7
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	vpslld	$14,%ymm4,%ymm5
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	vpxor	%ymm6,%ymm7,%ymm4
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	vpshufd	$250,%ymm1,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	vpsrld	$11,%ymm6,%ymm6
+	addl	4+128(%rsp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	vpslld	$11,%ymm5,%ymm5
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	vpxor	%ymm6,%ymm4,%ymm4
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	vpsrld	$10,%ymm7,%ymm6
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	vpsrlq	$17,%ymm7,%ymm7
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	vpaddd	%ymm4,%ymm2,%ymm2
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	8+128(%rsp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	vpshufb	%ymm8,%ymm6,%ymm6
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	vpaddd	%ymm6,%ymm2,%ymm2
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	vpshufd	$80,%ymm2,%ymm7
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	vpsrld	$10,%ymm7,%ymm6
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	vpsrlq	$17,%ymm7,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	12+128(%rsp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	vpshufb	%ymm9,%ymm6,%ymm6
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	vpaddd	%ymm6,%ymm2,%ymm2
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	vpaddd	64(%rbp),%ymm2,%ymm6
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	vmovdqa	%ymm6,0(%rsp)
+	vpalignr	$4,%ymm3,%ymm0,%ymm4
+	addl	32+128(%rsp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	vpalignr	$4,%ymm1,%ymm2,%ymm7
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	vpsrld	$7,%ymm4,%ymm6
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	vpaddd	%ymm7,%ymm3,%ymm3
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	vpsrld	$3,%ymm4,%ymm7
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	vpslld	$14,%ymm4,%ymm5
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	vpxor	%ymm6,%ymm7,%ymm4
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	vpshufd	$250,%ymm2,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	vpsrld	$11,%ymm6,%ymm6
+	addl	36+128(%rsp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	vpslld	$11,%ymm5,%ymm5
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	vpxor	%ymm6,%ymm4,%ymm4
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	vpsrld	$10,%ymm7,%ymm6
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	vpxor	%ymm5,%ymm4,%ymm4
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	vpsrlq	$17,%ymm7,%ymm7
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	vpaddd	%ymm4,%ymm3,%ymm3
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	40+128(%rsp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	vpshufb	%ymm8,%ymm6,%ymm6
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	vpaddd	%ymm6,%ymm3,%ymm3
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	vpshufd	$80,%ymm3,%ymm7
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	vpsrld	$10,%ymm7,%ymm6
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	vpsrlq	$17,%ymm7,%ymm7
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	vpxor	%ymm7,%ymm6,%ymm6
+	addl	44+128(%rsp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	vpsrlq	$2,%ymm7,%ymm7
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	vpxor	%ymm7,%ymm6,%ymm6
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	vpshufb	%ymm9,%ymm6,%ymm6
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	vpaddd	%ymm6,%ymm3,%ymm3
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	vpaddd	96(%rbp),%ymm3,%ymm6
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	vmovdqa	%ymm6,32(%rsp)
+	leaq	128(%rbp),%rbp
+	cmpb	$0,3(%rbp)
+	jne	L$avx2_00_47
+	addl	0+64(%rsp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	addl	4+64(%rsp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	addl	8+64(%rsp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	addl	12+64(%rsp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	addl	32+64(%rsp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	addl	36+64(%rsp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	addl	40+64(%rsp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	addl	44+64(%rsp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	addl	0(%rsp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	addl	4(%rsp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	addl	8(%rsp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	addl	12(%rsp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	addl	32(%rsp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	addl	36(%rsp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	addl	40(%rsp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	addl	44(%rsp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	movq	512(%rsp),%rdi
+	addl	%r14d,%eax
+
+	leaq	448(%rsp),%rbp
+
+	addl	0(%rdi),%eax
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	addl	24(%rdi),%r10d
+	addl	28(%rdi),%r11d
+
+	movl	%eax,0(%rdi)
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+
+	cmpq	80(%rbp),%rsi
+	je	L$done_avx2
+
+	xorl	%r14d,%r14d
+	movl	%ebx,%edi
+	xorl	%ecx,%edi
+	movl	%r9d,%r12d
+	jmp	L$ower_avx2
+.p2align	4
+L$ower_avx2:
+	addl	0+16(%rbp),%r11d
+	andl	%r8d,%r12d
+	rorxl	$25,%r8d,%r13d
+	rorxl	$11,%r8d,%r15d
+	leal	(%rax,%r14,1),%eax
+	leal	(%r11,%r12,1),%r11d
+	andnl	%r10d,%r8d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r8d,%r14d
+	leal	(%r11,%r12,1),%r11d
+	xorl	%r14d,%r13d
+	movl	%eax,%r15d
+	rorxl	$22,%eax,%r12d
+	leal	(%r11,%r13,1),%r11d
+	xorl	%ebx,%r15d
+	rorxl	$13,%eax,%r14d
+	rorxl	$2,%eax,%r13d
+	leal	(%rdx,%r11,1),%edx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%ebx,%edi
+	xorl	%r13d,%r14d
+	leal	(%r11,%rdi,1),%r11d
+	movl	%r8d,%r12d
+	addl	4+16(%rbp),%r10d
+	andl	%edx,%r12d
+	rorxl	$25,%edx,%r13d
+	rorxl	$11,%edx,%edi
+	leal	(%r11,%r14,1),%r11d
+	leal	(%r10,%r12,1),%r10d
+	andnl	%r9d,%edx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%edx,%r14d
+	leal	(%r10,%r12,1),%r10d
+	xorl	%r14d,%r13d
+	movl	%r11d,%edi
+	rorxl	$22,%r11d,%r12d
+	leal	(%r10,%r13,1),%r10d
+	xorl	%eax,%edi
+	rorxl	$13,%r11d,%r14d
+	rorxl	$2,%r11d,%r13d
+	leal	(%rcx,%r10,1),%ecx
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%eax,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r10,%r15,1),%r10d
+	movl	%edx,%r12d
+	addl	8+16(%rbp),%r9d
+	andl	%ecx,%r12d
+	rorxl	$25,%ecx,%r13d
+	rorxl	$11,%ecx,%r15d
+	leal	(%r10,%r14,1),%r10d
+	leal	(%r9,%r12,1),%r9d
+	andnl	%r8d,%ecx,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%ecx,%r14d
+	leal	(%r9,%r12,1),%r9d
+	xorl	%r14d,%r13d
+	movl	%r10d,%r15d
+	rorxl	$22,%r10d,%r12d
+	leal	(%r9,%r13,1),%r9d
+	xorl	%r11d,%r15d
+	rorxl	$13,%r10d,%r14d
+	rorxl	$2,%r10d,%r13d
+	leal	(%rbx,%r9,1),%ebx
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r11d,%edi
+	xorl	%r13d,%r14d
+	leal	(%r9,%rdi,1),%r9d
+	movl	%ecx,%r12d
+	addl	12+16(%rbp),%r8d
+	andl	%ebx,%r12d
+	rorxl	$25,%ebx,%r13d
+	rorxl	$11,%ebx,%edi
+	leal	(%r9,%r14,1),%r9d
+	leal	(%r8,%r12,1),%r8d
+	andnl	%edx,%ebx,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%ebx,%r14d
+	leal	(%r8,%r12,1),%r8d
+	xorl	%r14d,%r13d
+	movl	%r9d,%edi
+	rorxl	$22,%r9d,%r12d
+	leal	(%r8,%r13,1),%r8d
+	xorl	%r10d,%edi
+	rorxl	$13,%r9d,%r14d
+	rorxl	$2,%r9d,%r13d
+	leal	(%rax,%r8,1),%eax
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r10d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%r8,%r15,1),%r8d
+	movl	%ebx,%r12d
+	addl	32+16(%rbp),%edx
+	andl	%eax,%r12d
+	rorxl	$25,%eax,%r13d
+	rorxl	$11,%eax,%r15d
+	leal	(%r8,%r14,1),%r8d
+	leal	(%rdx,%r12,1),%edx
+	andnl	%ecx,%eax,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%eax,%r14d
+	leal	(%rdx,%r12,1),%edx
+	xorl	%r14d,%r13d
+	movl	%r8d,%r15d
+	rorxl	$22,%r8d,%r12d
+	leal	(%rdx,%r13,1),%edx
+	xorl	%r9d,%r15d
+	rorxl	$13,%r8d,%r14d
+	rorxl	$2,%r8d,%r13d
+	leal	(%r11,%rdx,1),%r11d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%r9d,%edi
+	xorl	%r13d,%r14d
+	leal	(%rdx,%rdi,1),%edx
+	movl	%eax,%r12d
+	addl	36+16(%rbp),%ecx
+	andl	%r11d,%r12d
+	rorxl	$25,%r11d,%r13d
+	rorxl	$11,%r11d,%edi
+	leal	(%rdx,%r14,1),%edx
+	leal	(%rcx,%r12,1),%ecx
+	andnl	%ebx,%r11d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r11d,%r14d
+	leal	(%rcx,%r12,1),%ecx
+	xorl	%r14d,%r13d
+	movl	%edx,%edi
+	rorxl	$22,%edx,%r12d
+	leal	(%rcx,%r13,1),%ecx
+	xorl	%r8d,%edi
+	rorxl	$13,%edx,%r14d
+	rorxl	$2,%edx,%r13d
+	leal	(%r10,%rcx,1),%r10d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%r8d,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rcx,%r15,1),%ecx
+	movl	%r11d,%r12d
+	addl	40+16(%rbp),%ebx
+	andl	%r10d,%r12d
+	rorxl	$25,%r10d,%r13d
+	rorxl	$11,%r10d,%r15d
+	leal	(%rcx,%r14,1),%ecx
+	leal	(%rbx,%r12,1),%ebx
+	andnl	%eax,%r10d,%r12d
+	xorl	%r15d,%r13d
+	rorxl	$6,%r10d,%r14d
+	leal	(%rbx,%r12,1),%ebx
+	xorl	%r14d,%r13d
+	movl	%ecx,%r15d
+	rorxl	$22,%ecx,%r12d
+	leal	(%rbx,%r13,1),%ebx
+	xorl	%edx,%r15d
+	rorxl	$13,%ecx,%r14d
+	rorxl	$2,%ecx,%r13d
+	leal	(%r9,%rbx,1),%r9d
+	andl	%r15d,%edi
+	xorl	%r12d,%r14d
+	xorl	%edx,%edi
+	xorl	%r13d,%r14d
+	leal	(%rbx,%rdi,1),%ebx
+	movl	%r10d,%r12d
+	addl	44+16(%rbp),%eax
+	andl	%r9d,%r12d
+	rorxl	$25,%r9d,%r13d
+	rorxl	$11,%r9d,%edi
+	leal	(%rbx,%r14,1),%ebx
+	leal	(%rax,%r12,1),%eax
+	andnl	%r11d,%r9d,%r12d
+	xorl	%edi,%r13d
+	rorxl	$6,%r9d,%r14d
+	leal	(%rax,%r12,1),%eax
+	xorl	%r14d,%r13d
+	movl	%ebx,%edi
+	rorxl	$22,%ebx,%r12d
+	leal	(%rax,%r13,1),%eax
+	xorl	%ecx,%edi
+	rorxl	$13,%ebx,%r14d
+	rorxl	$2,%ebx,%r13d
+	leal	(%r8,%rax,1),%r8d
+	andl	%edi,%r15d
+	xorl	%r12d,%r14d
+	xorl	%ecx,%r15d
+	xorl	%r13d,%r14d
+	leal	(%rax,%r15,1),%eax
+	movl	%r9d,%r12d
+	leaq	-64(%rbp),%rbp
+	cmpq	%rsp,%rbp
+	jae	L$ower_avx2
+
+	movq	512(%rsp),%rdi
+	addl	%r14d,%eax
+
+	leaq	448(%rsp),%rsp
+
+
+
+	addl	0(%rdi),%eax
+	addl	4(%rdi),%ebx
+	addl	8(%rdi),%ecx
+	addl	12(%rdi),%edx
+	addl	16(%rdi),%r8d
+	addl	20(%rdi),%r9d
+	leaq	128(%rsi),%rsi
+	addl	24(%rdi),%r10d
+	movq	%rsi,%r12
+	addl	28(%rdi),%r11d
+	cmpq	64+16(%rsp),%rsi
+
+	movl	%eax,0(%rdi)
+	cmoveq	%rsp,%r12
+	movl	%ebx,4(%rdi)
+	movl	%ecx,8(%rdi)
+	movl	%edx,12(%rdi)
+	movl	%r8d,16(%rdi)
+	movl	%r9d,20(%rdi)
+	movl	%r10d,24(%rdi)
+	movl	%r11d,28(%rdi)
+
+	jbe	L$oop_avx2
+	leaq	(%rsp),%rbp
+
+
+
+
+L$done_avx2:
+	movq	88(%rbp),%rsi
+
+	vzeroupper
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+L$epilogue_avx2:
+	.byte	0xf3,0xc3
+
+
+
diff --git a/lib/accelerated/x86/macosx/sha512-ssse3-x86.s b/lib/accelerated/x86/macosx/sha512-ssse3-x86.s
new file mode 100644
index 0000000..4e60bb4
--- /dev/null
+++ b/lib/accelerated/x86/macosx/sha512-ssse3-x86.s
@@ -0,0 +1,602 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text
+.globl	_sha512_block_data_order
+.align	4
+_sha512_block_data_order:
+L_sha512_block_data_order_begin:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+	movl	20(%esp),%esi
+	movl	24(%esp),%edi
+	movl	28(%esp),%eax
+	movl	%esp,%ebx
+	call	L000pic_point
+L000pic_point:
+	popl	%ebp
+	leal	L001K512-L000pic_point(%ebp),%ebp
+	subl	$16,%esp
+	andl	$-64,%esp
+	shll	$7,%eax
+	addl	%edi,%eax
+	movl	%esi,(%esp)
+	movl	%edi,4(%esp)
+	movl	%eax,8(%esp)
+	movl	%ebx,12(%esp)
+.align	4,0x90
+L002loop_x86:
+	movl	(%edi),%eax
+	movl	4(%edi),%ebx
+	movl	8(%edi),%ecx
+	movl	12(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	16(%edi),%eax
+	movl	20(%edi),%ebx
+	movl	24(%edi),%ecx
+	movl	28(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	32(%edi),%eax
+	movl	36(%edi),%ebx
+	movl	40(%edi),%ecx
+	movl	44(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	48(%edi),%eax
+	movl	52(%edi),%ebx
+	movl	56(%edi),%ecx
+	movl	60(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	64(%edi),%eax
+	movl	68(%edi),%ebx
+	movl	72(%edi),%ecx
+	movl	76(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	80(%edi),%eax
+	movl	84(%edi),%ebx
+	movl	88(%edi),%ecx
+	movl	92(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	96(%edi),%eax
+	movl	100(%edi),%ebx
+	movl	104(%edi),%ecx
+	movl	108(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	movl	112(%edi),%eax
+	movl	116(%edi),%ebx
+	movl	120(%edi),%ecx
+	movl	124(%edi),%edx
+	bswap	%eax
+	bswap	%ebx
+	bswap	%ecx
+	bswap	%edx
+	pushl	%eax
+	pushl	%ebx
+	pushl	%ecx
+	pushl	%edx
+	addl	$128,%edi
+	subl	$72,%esp
+	movl	%edi,204(%esp)
+	leal	8(%esp),%edi
+	movl	$16,%ecx
+.long	2784229001
+.align	4,0x90
+L00300_15_x86:
+	movl	40(%esp),%ecx
+	movl	44(%esp),%edx
+	movl	%ecx,%esi
+	shrl	$9,%ecx
+	movl	%edx,%edi
+	shrl	$9,%edx
+	movl	%ecx,%ebx
+	shll	$14,%esi
+	movl	%edx,%eax
+	shll	$14,%edi
+	xorl	%esi,%ebx
+	shrl	$5,%ecx
+	xorl	%edi,%eax
+	shrl	$5,%edx
+	xorl	%ecx,%eax
+	shll	$4,%esi
+	xorl	%edx,%ebx
+	shll	$4,%edi
+	xorl	%esi,%ebx
+	shrl	$4,%ecx
+	xorl	%edi,%eax
+	shrl	$4,%edx
+	xorl	%ecx,%eax
+	shll	$5,%esi
+	xorl	%edx,%ebx
+	shll	$5,%edi
+	xorl	%esi,%eax
+	xorl	%edi,%ebx
+	movl	48(%esp),%ecx
+	movl	52(%esp),%edx
+	movl	56(%esp),%esi
+	movl	60(%esp),%edi
+	addl	64(%esp),%eax
+	adcl	68(%esp),%ebx
+	xorl	%esi,%ecx
+	xorl	%edi,%edx
+	andl	40(%esp),%ecx
+	andl	44(%esp),%edx
+	addl	192(%esp),%eax
+	adcl	196(%esp),%ebx
+	xorl	%esi,%ecx
+	xorl	%edi,%edx
+	movl	(%ebp),%esi
+	movl	4(%ebp),%edi
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	32(%esp),%ecx
+	movl	36(%esp),%edx
+	addl	%esi,%eax
+	adcl	%edi,%ebx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	movl	%eax,32(%esp)
+	movl	%ebx,36(%esp)
+	movl	%ecx,%esi
+	shrl	$2,%ecx
+	movl	%edx,%edi
+	shrl	$2,%edx
+	movl	%ecx,%ebx
+	shll	$4,%esi
+	movl	%edx,%eax
+	shll	$4,%edi
+	xorl	%esi,%ebx
+	shrl	$5,%ecx
+	xorl	%edi,%eax
+	shrl	$5,%edx
+	xorl	%ecx,%ebx
+	shll	$21,%esi
+	xorl	%edx,%eax
+	shll	$21,%edi
+	xorl	%esi,%eax
+	shrl	$21,%ecx
+	xorl	%edi,%ebx
+	shrl	$21,%edx
+	xorl	%ecx,%eax
+	shll	$5,%esi
+	xorl	%edx,%ebx
+	shll	$5,%edi
+	xorl	%esi,%eax
+	xorl	%edi,%ebx
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	movl	16(%esp),%esi
+	movl	20(%esp),%edi
+	addl	(%esp),%eax
+	adcl	4(%esp),%ebx
+	orl	%esi,%ecx
+	orl	%edi,%edx
+	andl	24(%esp),%ecx
+	andl	28(%esp),%edx
+	andl	8(%esp),%esi
+	andl	12(%esp),%edi
+	orl	%esi,%ecx
+	orl	%edi,%edx
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	movb	(%ebp),%dl
+	subl	$8,%esp
+	leal	8(%ebp),%ebp
+	cmpb	$148,%dl
+	jne	L00300_15_x86
+.align	4,0x90
+L00416_79_x86:
+	movl	312(%esp),%ecx
+	movl	316(%esp),%edx
+	movl	%ecx,%esi
+	shrl	$1,%ecx
+	movl	%edx,%edi
+	shrl	$1,%edx
+	movl	%ecx,%eax
+	shll	$24,%esi
+	movl	%edx,%ebx
+	shll	$24,%edi
+	xorl	%esi,%ebx
+	shrl	$6,%ecx
+	xorl	%edi,%eax
+	shrl	$6,%edx
+	xorl	%ecx,%eax
+	shll	$7,%esi
+	xorl	%edx,%ebx
+	shll	$1,%edi
+	xorl	%esi,%ebx
+	shrl	$1,%ecx
+	xorl	%edi,%eax
+	shrl	$1,%edx
+	xorl	%ecx,%eax
+	shll	$6,%edi
+	xorl	%edx,%ebx
+	xorl	%edi,%eax
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	movl	208(%esp),%ecx
+	movl	212(%esp),%edx
+	movl	%ecx,%esi
+	shrl	$6,%ecx
+	movl	%edx,%edi
+	shrl	$6,%edx
+	movl	%ecx,%eax
+	shll	$3,%esi
+	movl	%edx,%ebx
+	shll	$3,%edi
+	xorl	%esi,%eax
+	shrl	$13,%ecx
+	xorl	%edi,%ebx
+	shrl	$13,%edx
+	xorl	%ecx,%eax
+	shll	$10,%esi
+	xorl	%edx,%ebx
+	shll	$10,%edi
+	xorl	%esi,%ebx
+	shrl	$10,%ecx
+	xorl	%edi,%eax
+	shrl	$10,%edx
+	xorl	%ecx,%ebx
+	shll	$13,%edi
+	xorl	%edx,%eax
+	xorl	%edi,%eax
+	movl	320(%esp),%ecx
+	movl	324(%esp),%edx
+	addl	(%esp),%eax
+	adcl	4(%esp),%ebx
+	movl	248(%esp),%esi
+	movl	252(%esp),%edi
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	addl	%esi,%eax
+	adcl	%edi,%ebx
+	movl	%eax,192(%esp)
+	movl	%ebx,196(%esp)
+	movl	40(%esp),%ecx
+	movl	44(%esp),%edx
+	movl	%ecx,%esi
+	shrl	$9,%ecx
+	movl	%edx,%edi
+	shrl	$9,%edx
+	movl	%ecx,%ebx
+	shll	$14,%esi
+	movl	%edx,%eax
+	shll	$14,%edi
+	xorl	%esi,%ebx
+	shrl	$5,%ecx
+	xorl	%edi,%eax
+	shrl	$5,%edx
+	xorl	%ecx,%eax
+	shll	$4,%esi
+	xorl	%edx,%ebx
+	shll	$4,%edi
+	xorl	%esi,%ebx
+	shrl	$4,%ecx
+	xorl	%edi,%eax
+	shrl	$4,%edx
+	xorl	%ecx,%eax
+	shll	$5,%esi
+	xorl	%edx,%ebx
+	shll	$5,%edi
+	xorl	%esi,%eax
+	xorl	%edi,%ebx
+	movl	48(%esp),%ecx
+	movl	52(%esp),%edx
+	movl	56(%esp),%esi
+	movl	60(%esp),%edi
+	addl	64(%esp),%eax
+	adcl	68(%esp),%ebx
+	xorl	%esi,%ecx
+	xorl	%edi,%edx
+	andl	40(%esp),%ecx
+	andl	44(%esp),%edx
+	addl	192(%esp),%eax
+	adcl	196(%esp),%ebx
+	xorl	%esi,%ecx
+	xorl	%edi,%edx
+	movl	(%ebp),%esi
+	movl	4(%ebp),%edi
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	32(%esp),%ecx
+	movl	36(%esp),%edx
+	addl	%esi,%eax
+	adcl	%edi,%ebx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	movl	%eax,32(%esp)
+	movl	%ebx,36(%esp)
+	movl	%ecx,%esi
+	shrl	$2,%ecx
+	movl	%edx,%edi
+	shrl	$2,%edx
+	movl	%ecx,%ebx
+	shll	$4,%esi
+	movl	%edx,%eax
+	shll	$4,%edi
+	xorl	%esi,%ebx
+	shrl	$5,%ecx
+	xorl	%edi,%eax
+	shrl	$5,%edx
+	xorl	%ecx,%ebx
+	shll	$21,%esi
+	xorl	%edx,%eax
+	shll	$21,%edi
+	xorl	%esi,%eax
+	shrl	$21,%ecx
+	xorl	%edi,%ebx
+	shrl	$21,%edx
+	xorl	%ecx,%eax
+	shll	$5,%esi
+	xorl	%edx,%ebx
+	shll	$5,%edi
+	xorl	%esi,%eax
+	xorl	%edi,%ebx
+	movl	8(%esp),%ecx
+	movl	12(%esp),%edx
+	movl	16(%esp),%esi
+	movl	20(%esp),%edi
+	addl	(%esp),%eax
+	adcl	4(%esp),%ebx
+	orl	%esi,%ecx
+	orl	%edi,%edx
+	andl	24(%esp),%ecx
+	andl	28(%esp),%edx
+	andl	8(%esp),%esi
+	andl	12(%esp),%edi
+	orl	%esi,%ecx
+	orl	%edi,%edx
+	addl	%ecx,%eax
+	adcl	%edx,%ebx
+	movl	%eax,(%esp)
+	movl	%ebx,4(%esp)
+	movb	(%ebp),%dl
+	subl	$8,%esp
+	leal	8(%ebp),%ebp
+	cmpb	$23,%dl
+	jne	L00416_79_x86
+	movl	840(%esp),%esi
+	movl	844(%esp),%edi
+	movl	(%esi),%eax
+	movl	4(%esi),%ebx
+	movl	8(%esi),%ecx
+	movl	12(%esi),%edx
+	addl	8(%esp),%eax
+	adcl	12(%esp),%ebx
+	movl	%eax,(%esi)
+	movl	%ebx,4(%esi)
+	addl	16(%esp),%ecx
+	adcl	20(%esp),%edx
+	movl	%ecx,8(%esi)
+	movl	%edx,12(%esi)
+	movl	16(%esi),%eax
+	movl	20(%esi),%ebx
+	movl	24(%esi),%ecx
+	movl	28(%esi),%edx
+	addl	24(%esp),%eax
+	adcl	28(%esp),%ebx
+	movl	%eax,16(%esi)
+	movl	%ebx,20(%esi)
+	addl	32(%esp),%ecx
+	adcl	36(%esp),%edx
+	movl	%ecx,24(%esi)
+	movl	%edx,28(%esi)
+	movl	32(%esi),%eax
+	movl	36(%esi),%ebx
+	movl	40(%esi),%ecx
+	movl	44(%esi),%edx
+	addl	40(%esp),%eax
+	adcl	44(%esp),%ebx
+	movl	%eax,32(%esi)
+	movl	%ebx,36(%esi)
+	addl	48(%esp),%ecx
+	adcl	52(%esp),%edx
+	movl	%ecx,40(%esi)
+	movl	%edx,44(%esi)
+	movl	48(%esi),%eax
+	movl	52(%esi),%ebx
+	movl	56(%esi),%ecx
+	movl	60(%esi),%edx
+	addl	56(%esp),%eax
+	adcl	60(%esp),%ebx
+	movl	%eax,48(%esi)
+	movl	%ebx,52(%esi)
+	addl	64(%esp),%ecx
+	adcl	68(%esp),%edx
+	movl	%ecx,56(%esi)
+	movl	%edx,60(%esi)
+	addl	$840,%esp
+	subl	$640,%ebp
+	cmpl	8(%esp),%edi
+	jb	L002loop_x86
+	movl	12(%esp),%esp
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align	6,0x90
+L001K512:
+.long	3609767458,1116352408
+.long	602891725,1899447441
+.long	3964484399,3049323471
+.long	2173295548,3921009573
+.long	4081628472,961987163
+.long	3053834265,1508970993
+.long	2937671579,2453635748
+.long	3664609560,2870763221
+.long	2734883394,3624381080
+.long	1164996542,310598401
+.long	1323610764,607225278
+.long	3590304994,1426881987
+.long	4068182383,1925078388
+.long	991336113,2162078206
+.long	633803317,2614888103
+.long	3479774868,3248222580
+.long	2666613458,3835390401
+.long	944711139,4022224774
+.long	2341262773,264347078
+.long	2007800933,604807628
+.long	1495990901,770255983
+.long	1856431235,1249150122
+.long	3175218132,1555081692
+.long	2198950837,1996064986
+.long	3999719339,2554220882
+.long	766784016,2821834349
+.long	2566594879,2952996808
+.long	3203337956,3210313671
+.long	1034457026,3336571891
+.long	2466948901,3584528711
+.long	3758326383,113926993
+.long	168717936,338241895
+.long	1188179964,666307205
+.long	1546045734,773529912
+.long	1522805485,1294757372
+.long	2643833823,1396182291
+.long	2343527390,1695183700
+.long	1014477480,1986661051
+.long	1206759142,2177026350
+.long	344077627,2456956037
+.long	1290863460,2730485921
+.long	3158454273,2820302411
+.long	3505952657,3259730800
+.long	106217008,3345764771
+.long	3606008344,3516065817
+.long	1432725776,3600352804
+.long	1467031594,4094571909
+.long	851169720,275423344
+.long	3100823752,430227734
+.long	1363258195,506948616
+.long	3750685593,659060556
+.long	3785050280,883997877
+.long	3318307427,958139571
+.long	3812723403,1322822218
+.long	2003034995,1537002063
+.long	3602036899,1747873779
+.long	1575990012,1955562222
+.long	1125592928,2024104815
+.long	2716904306,2227730452
+.long	442776044,2361852424
+.long	593698344,2428436474
+.long	3733110249,2756734187
+.long	2999351573,3204031479
+.long	3815920427,3329325298
+.long	3928383900,3391569614
+.long	566280711,3515267271
+.long	3454069534,3940187606
+.long	4000239992,4118630271
+.long	1914138554,116418474
+.long	2731055270,174292421
+.long	3203993006,289380356
+.long	320620315,460393269
+.long	587496836,685471733
+.long	1086792851,852142971
+.long	365543100,1017036298
+.long	2618297676,1126000580
+.long	3409855158,1288033470
+.long	4234509866,1501505948
+.long	987167468,1607167915
+.long	1246189591,1816402316
+.long	67438087,66051
+.long	202182159,134810123
+.byte	83,72,65,53,49,50,32,98,108,111,99,107,32,116,114,97
+.byte	110,115,102,111,114,109,32,102,111,114,32,120,56,54,44,32
+.byte	67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97
+.byte	112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103
+.byte	62,0
+
diff --git a/lib/accelerated/x86/macosx/sha512-ssse3-x86_64.s b/lib/accelerated/x86/macosx/sha512-ssse3-x86_64.s
new file mode 100644
index 0000000..6e52aaa
--- /dev/null
+++ b/lib/accelerated/x86/macosx/sha512-ssse3-x86_64.s
@@ -0,0 +1,5501 @@
+# Copyright (c) 2011-2016, Andy Polyakov <appro@openssl.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 
+#     * Redistributions of source code must retain copyright notices,
+#      this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials
+#      provided with the distribution.
+#
+#     * Neither the name of the Andy Polyakov nor the names of its
+#      copyright holder and contributors may be used to endorse or
+#      promote products derived from this software without specific
+#      prior written permission.
+#
+# ALTERNATIVELY, provided that this notice is retained in full, this
+# product may be distributed under the terms of the GNU General Public
+# License (GPL), in which case the provisions of the GPL apply INSTEAD OF
+# those given above.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# *** This file is auto-generated ***
+#
+.text	
+
+
+.globl	_sha512_block_data_order
+
+.p2align	4
+_sha512_block_data_order:
+
+	leaq	_GNUTLS_x86_cpuid_s(%rip),%r11
+	movl	0(%r11),%r9d
+	movl	4(%r11),%r10d
+	movl	8(%r11),%r11d
+	testl	$2048,%r10d
+	jnz	L$xop_shortcut
+	andl	$296,%r11d
+	cmpl	$296,%r11d
+	je	L$avx2_shortcut
+	andl	$1073741824,%r9d
+	andl	$268435968,%r10d
+	orl	%r9d,%r10d
+	cmpl	$1342177792,%r10d
+	je	L$avx_shortcut
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	shlq	$4,%rdx
+	subq	$128+32,%rsp
+	leaq	(%rsi,%rdx,8),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,128+0(%rsp)
+	movq	%rsi,128+8(%rsp)
+	movq	%rdx,128+16(%rsp)
+	movq	%rax,152(%rsp)
+
+L$prologue:
+
+	movq	0(%rdi),%rax
+	movq	8(%rdi),%rbx
+	movq	16(%rdi),%rcx
+	movq	24(%rdi),%rdx
+	movq	32(%rdi),%r8
+	movq	40(%rdi),%r9
+	movq	48(%rdi),%r10
+	movq	56(%rdi),%r11
+	jmp	L$loop
+
+.p2align	4
+L$loop:
+	movq	%rbx,%rdi
+	leaq	K512(%rip),%rbp
+	xorq	%rcx,%rdi
+	movq	0(%rsi),%r12
+	movq	%r8,%r13
+	movq	%rax,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r9,%r15
+
+	xorq	%r8,%r13
+	rorq	$5,%r14
+	xorq	%r10,%r15
+
+	movq	%r12,0(%rsp)
+	xorq	%rax,%r14
+	andq	%r8,%r15
+
+	rorq	$4,%r13
+	addq	%r11,%r12
+	xorq	%r10,%r15
+
+	rorq	$6,%r14
+	xorq	%r8,%r13
+	addq	%r15,%r12
+
+	movq	%rax,%r15
+	addq	(%rbp),%r12
+	xorq	%rax,%r14
+
+	xorq	%rbx,%r15
+	rorq	$14,%r13
+	movq	%rbx,%r11
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r11
+	addq	%r12,%rdx
+	addq	%r12,%r11
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%r11
+	movq	8(%rsi),%r12
+	movq	%rdx,%r13
+	movq	%r11,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r8,%rdi
+
+	xorq	%rdx,%r13
+	rorq	$5,%r14
+	xorq	%r9,%rdi
+
+	movq	%r12,8(%rsp)
+	xorq	%r11,%r14
+	andq	%rdx,%rdi
+
+	rorq	$4,%r13
+	addq	%r10,%r12
+	xorq	%r9,%rdi
+
+	rorq	$6,%r14
+	xorq	%rdx,%r13
+	addq	%rdi,%r12
+
+	movq	%r11,%rdi
+	addq	(%rbp),%r12
+	xorq	%r11,%r14
+
+	xorq	%rax,%rdi
+	rorq	$14,%r13
+	movq	%rax,%r10
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r10
+	addq	%r12,%rcx
+	addq	%r12,%r10
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%r10
+	movq	16(%rsi),%r12
+	movq	%rcx,%r13
+	movq	%r10,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rdx,%r15
+
+	xorq	%rcx,%r13
+	rorq	$5,%r14
+	xorq	%r8,%r15
+
+	movq	%r12,16(%rsp)
+	xorq	%r10,%r14
+	andq	%rcx,%r15
+
+	rorq	$4,%r13
+	addq	%r9,%r12
+	xorq	%r8,%r15
+
+	rorq	$6,%r14
+	xorq	%rcx,%r13
+	addq	%r15,%r12
+
+	movq	%r10,%r15
+	addq	(%rbp),%r12
+	xorq	%r10,%r14
+
+	xorq	%r11,%r15
+	rorq	$14,%r13
+	movq	%r11,%r9
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r9
+	addq	%r12,%rbx
+	addq	%r12,%r9
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%r9
+	movq	24(%rsi),%r12
+	movq	%rbx,%r13
+	movq	%r9,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rcx,%rdi
+
+	xorq	%rbx,%r13
+	rorq	$5,%r14
+	xorq	%rdx,%rdi
+
+	movq	%r12,24(%rsp)
+	xorq	%r9,%r14
+	andq	%rbx,%rdi
+
+	rorq	$4,%r13
+	addq	%r8,%r12
+	xorq	%rdx,%rdi
+
+	rorq	$6,%r14
+	xorq	%rbx,%r13
+	addq	%rdi,%r12
+
+	movq	%r9,%rdi
+	addq	(%rbp),%r12
+	xorq	%r9,%r14
+
+	xorq	%r10,%rdi
+	rorq	$14,%r13
+	movq	%r10,%r8
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r8
+	addq	%r12,%rax
+	addq	%r12,%r8
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%r8
+	movq	32(%rsi),%r12
+	movq	%rax,%r13
+	movq	%r8,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rbx,%r15
+
+	xorq	%rax,%r13
+	rorq	$5,%r14
+	xorq	%rcx,%r15
+
+	movq	%r12,32(%rsp)
+	xorq	%r8,%r14
+	andq	%rax,%r15
+
+	rorq	$4,%r13
+	addq	%rdx,%r12
+	xorq	%rcx,%r15
+
+	rorq	$6,%r14
+	xorq	%rax,%r13
+	addq	%r15,%r12
+
+	movq	%r8,%r15
+	addq	(%rbp),%r12
+	xorq	%r8,%r14
+
+	xorq	%r9,%r15
+	rorq	$14,%r13
+	movq	%r9,%rdx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rdx
+	addq	%r12,%r11
+	addq	%r12,%rdx
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%rdx
+	movq	40(%rsi),%r12
+	movq	%r11,%r13
+	movq	%rdx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rax,%rdi
+
+	xorq	%r11,%r13
+	rorq	$5,%r14
+	xorq	%rbx,%rdi
+
+	movq	%r12,40(%rsp)
+	xorq	%rdx,%r14
+	andq	%r11,%rdi
+
+	rorq	$4,%r13
+	addq	%rcx,%r12
+	xorq	%rbx,%rdi
+
+	rorq	$6,%r14
+	xorq	%r11,%r13
+	addq	%rdi,%r12
+
+	movq	%rdx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rdx,%r14
+
+	xorq	%r8,%rdi
+	rorq	$14,%r13
+	movq	%r8,%rcx
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rcx
+	addq	%r12,%r10
+	addq	%r12,%rcx
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%rcx
+	movq	48(%rsi),%r12
+	movq	%r10,%r13
+	movq	%rcx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r11,%r15
+
+	xorq	%r10,%r13
+	rorq	$5,%r14
+	xorq	%rax,%r15
+
+	movq	%r12,48(%rsp)
+	xorq	%rcx,%r14
+	andq	%r10,%r15
+
+	rorq	$4,%r13
+	addq	%rbx,%r12
+	xorq	%rax,%r15
+
+	rorq	$6,%r14
+	xorq	%r10,%r13
+	addq	%r15,%r12
+
+	movq	%rcx,%r15
+	addq	(%rbp),%r12
+	xorq	%rcx,%r14
+
+	xorq	%rdx,%r15
+	rorq	$14,%r13
+	movq	%rdx,%rbx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rbx
+	addq	%r12,%r9
+	addq	%r12,%rbx
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%rbx
+	movq	56(%rsi),%r12
+	movq	%r9,%r13
+	movq	%rbx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r10,%rdi
+
+	xorq	%r9,%r13
+	rorq	$5,%r14
+	xorq	%r11,%rdi
+
+	movq	%r12,56(%rsp)
+	xorq	%rbx,%r14
+	andq	%r9,%rdi
+
+	rorq	$4,%r13
+	addq	%rax,%r12
+	xorq	%r11,%rdi
+
+	rorq	$6,%r14
+	xorq	%r9,%r13
+	addq	%rdi,%r12
+
+	movq	%rbx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rbx,%r14
+
+	xorq	%rcx,%rdi
+	rorq	$14,%r13
+	movq	%rcx,%rax
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rax
+	addq	%r12,%r8
+	addq	%r12,%rax
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%rax
+	movq	64(%rsi),%r12
+	movq	%r8,%r13
+	movq	%rax,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r9,%r15
+
+	xorq	%r8,%r13
+	rorq	$5,%r14
+	xorq	%r10,%r15
+
+	movq	%r12,64(%rsp)
+	xorq	%rax,%r14
+	andq	%r8,%r15
+
+	rorq	$4,%r13
+	addq	%r11,%r12
+	xorq	%r10,%r15
+
+	rorq	$6,%r14
+	xorq	%r8,%r13
+	addq	%r15,%r12
+
+	movq	%rax,%r15
+	addq	(%rbp),%r12
+	xorq	%rax,%r14
+
+	xorq	%rbx,%r15
+	rorq	$14,%r13
+	movq	%rbx,%r11
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r11
+	addq	%r12,%rdx
+	addq	%r12,%r11
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%r11
+	movq	72(%rsi),%r12
+	movq	%rdx,%r13
+	movq	%r11,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r8,%rdi
+
+	xorq	%rdx,%r13
+	rorq	$5,%r14
+	xorq	%r9,%rdi
+
+	movq	%r12,72(%rsp)
+	xorq	%r11,%r14
+	andq	%rdx,%rdi
+
+	rorq	$4,%r13
+	addq	%r10,%r12
+	xorq	%r9,%rdi
+
+	rorq	$6,%r14
+	xorq	%rdx,%r13
+	addq	%rdi,%r12
+
+	movq	%r11,%rdi
+	addq	(%rbp),%r12
+	xorq	%r11,%r14
+
+	xorq	%rax,%rdi
+	rorq	$14,%r13
+	movq	%rax,%r10
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r10
+	addq	%r12,%rcx
+	addq	%r12,%r10
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%r10
+	movq	80(%rsi),%r12
+	movq	%rcx,%r13
+	movq	%r10,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rdx,%r15
+
+	xorq	%rcx,%r13
+	rorq	$5,%r14
+	xorq	%r8,%r15
+
+	movq	%r12,80(%rsp)
+	xorq	%r10,%r14
+	andq	%rcx,%r15
+
+	rorq	$4,%r13
+	addq	%r9,%r12
+	xorq	%r8,%r15
+
+	rorq	$6,%r14
+	xorq	%rcx,%r13
+	addq	%r15,%r12
+
+	movq	%r10,%r15
+	addq	(%rbp),%r12
+	xorq	%r10,%r14
+
+	xorq	%r11,%r15
+	rorq	$14,%r13
+	movq	%r11,%r9
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r9
+	addq	%r12,%rbx
+	addq	%r12,%r9
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%r9
+	movq	88(%rsi),%r12
+	movq	%rbx,%r13
+	movq	%r9,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rcx,%rdi
+
+	xorq	%rbx,%r13
+	rorq	$5,%r14
+	xorq	%rdx,%rdi
+
+	movq	%r12,88(%rsp)
+	xorq	%r9,%r14
+	andq	%rbx,%rdi
+
+	rorq	$4,%r13
+	addq	%r8,%r12
+	xorq	%rdx,%rdi
+
+	rorq	$6,%r14
+	xorq	%rbx,%r13
+	addq	%rdi,%r12
+
+	movq	%r9,%rdi
+	addq	(%rbp),%r12
+	xorq	%r9,%r14
+
+	xorq	%r10,%rdi
+	rorq	$14,%r13
+	movq	%r10,%r8
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r8
+	addq	%r12,%rax
+	addq	%r12,%r8
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%r8
+	movq	96(%rsi),%r12
+	movq	%rax,%r13
+	movq	%r8,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rbx,%r15
+
+	xorq	%rax,%r13
+	rorq	$5,%r14
+	xorq	%rcx,%r15
+
+	movq	%r12,96(%rsp)
+	xorq	%r8,%r14
+	andq	%rax,%r15
+
+	rorq	$4,%r13
+	addq	%rdx,%r12
+	xorq	%rcx,%r15
+
+	rorq	$6,%r14
+	xorq	%rax,%r13
+	addq	%r15,%r12
+
+	movq	%r8,%r15
+	addq	(%rbp),%r12
+	xorq	%r8,%r14
+
+	xorq	%r9,%r15
+	rorq	$14,%r13
+	movq	%r9,%rdx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rdx
+	addq	%r12,%r11
+	addq	%r12,%rdx
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%rdx
+	movq	104(%rsi),%r12
+	movq	%r11,%r13
+	movq	%rdx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%rax,%rdi
+
+	xorq	%r11,%r13
+	rorq	$5,%r14
+	xorq	%rbx,%rdi
+
+	movq	%r12,104(%rsp)
+	xorq	%rdx,%r14
+	andq	%r11,%rdi
+
+	rorq	$4,%r13
+	addq	%rcx,%r12
+	xorq	%rbx,%rdi
+
+	rorq	$6,%r14
+	xorq	%r11,%r13
+	addq	%rdi,%r12
+
+	movq	%rdx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rdx,%r14
+
+	xorq	%r8,%rdi
+	rorq	$14,%r13
+	movq	%r8,%rcx
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rcx
+	addq	%r12,%r10
+	addq	%r12,%rcx
+
+	leaq	24(%rbp),%rbp
+	addq	%r14,%rcx
+	movq	112(%rsi),%r12
+	movq	%r10,%r13
+	movq	%rcx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r11,%r15
+
+	xorq	%r10,%r13
+	rorq	$5,%r14
+	xorq	%rax,%r15
+
+	movq	%r12,112(%rsp)
+	xorq	%rcx,%r14
+	andq	%r10,%r15
+
+	rorq	$4,%r13
+	addq	%rbx,%r12
+	xorq	%rax,%r15
+
+	rorq	$6,%r14
+	xorq	%r10,%r13
+	addq	%r15,%r12
+
+	movq	%rcx,%r15
+	addq	(%rbp),%r12
+	xorq	%rcx,%r14
+
+	xorq	%rdx,%r15
+	rorq	$14,%r13
+	movq	%rdx,%rbx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rbx
+	addq	%r12,%r9
+	addq	%r12,%rbx
+
+	leaq	8(%rbp),%rbp
+	addq	%r14,%rbx
+	movq	120(%rsi),%r12
+	movq	%r9,%r13
+	movq	%rbx,%r14
+	bswapq	%r12
+	rorq	$23,%r13
+	movq	%r10,%rdi
+
+	xorq	%r9,%r13
+	rorq	$5,%r14
+	xorq	%r11,%rdi
+
+	movq	%r12,120(%rsp)
+	xorq	%rbx,%r14
+	andq	%r9,%rdi
+
+	rorq	$4,%r13
+	addq	%rax,%r12
+	xorq	%r11,%rdi
+
+	rorq	$6,%r14
+	xorq	%r9,%r13
+	addq	%rdi,%r12
+
+	movq	%rbx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rbx,%r14
+
+	xorq	%rcx,%rdi
+	rorq	$14,%r13
+	movq	%rcx,%rax
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rax
+	addq	%r12,%r8
+	addq	%r12,%rax
+
+	leaq	24(%rbp),%rbp
+	jmp	L$rounds_16_xx
+.p2align	4
+L$rounds_16_xx:
+	movq	8(%rsp),%r13
+	movq	112(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rax
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	72(%rsp),%r12
+
+	addq	0(%rsp),%r12
+	movq	%r8,%r13
+	addq	%r15,%r12
+	movq	%rax,%r14
+	rorq	$23,%r13
+	movq	%r9,%r15
+
+	xorq	%r8,%r13
+	rorq	$5,%r14
+	xorq	%r10,%r15
+
+	movq	%r12,0(%rsp)
+	xorq	%rax,%r14
+	andq	%r8,%r15
+
+	rorq	$4,%r13
+	addq	%r11,%r12
+	xorq	%r10,%r15
+
+	rorq	$6,%r14
+	xorq	%r8,%r13
+	addq	%r15,%r12
+
+	movq	%rax,%r15
+	addq	(%rbp),%r12
+	xorq	%rax,%r14
+
+	xorq	%rbx,%r15
+	rorq	$14,%r13
+	movq	%rbx,%r11
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r11
+	addq	%r12,%rdx
+	addq	%r12,%r11
+
+	leaq	8(%rbp),%rbp
+	movq	16(%rsp),%r13
+	movq	120(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r11
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	80(%rsp),%r12
+
+	addq	8(%rsp),%r12
+	movq	%rdx,%r13
+	addq	%rdi,%r12
+	movq	%r11,%r14
+	rorq	$23,%r13
+	movq	%r8,%rdi
+
+	xorq	%rdx,%r13
+	rorq	$5,%r14
+	xorq	%r9,%rdi
+
+	movq	%r12,8(%rsp)
+	xorq	%r11,%r14
+	andq	%rdx,%rdi
+
+	rorq	$4,%r13
+	addq	%r10,%r12
+	xorq	%r9,%rdi
+
+	rorq	$6,%r14
+	xorq	%rdx,%r13
+	addq	%rdi,%r12
+
+	movq	%r11,%rdi
+	addq	(%rbp),%r12
+	xorq	%r11,%r14
+
+	xorq	%rax,%rdi
+	rorq	$14,%r13
+	movq	%rax,%r10
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r10
+	addq	%r12,%rcx
+	addq	%r12,%r10
+
+	leaq	24(%rbp),%rbp
+	movq	24(%rsp),%r13
+	movq	0(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r10
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	88(%rsp),%r12
+
+	addq	16(%rsp),%r12
+	movq	%rcx,%r13
+	addq	%r15,%r12
+	movq	%r10,%r14
+	rorq	$23,%r13
+	movq	%rdx,%r15
+
+	xorq	%rcx,%r13
+	rorq	$5,%r14
+	xorq	%r8,%r15
+
+	movq	%r12,16(%rsp)
+	xorq	%r10,%r14
+	andq	%rcx,%r15
+
+	rorq	$4,%r13
+	addq	%r9,%r12
+	xorq	%r8,%r15
+
+	rorq	$6,%r14
+	xorq	%rcx,%r13
+	addq	%r15,%r12
+
+	movq	%r10,%r15
+	addq	(%rbp),%r12
+	xorq	%r10,%r14
+
+	xorq	%r11,%r15
+	rorq	$14,%r13
+	movq	%r11,%r9
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r9
+	addq	%r12,%rbx
+	addq	%r12,%r9
+
+	leaq	8(%rbp),%rbp
+	movq	32(%rsp),%r13
+	movq	8(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r9
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	96(%rsp),%r12
+
+	addq	24(%rsp),%r12
+	movq	%rbx,%r13
+	addq	%rdi,%r12
+	movq	%r9,%r14
+	rorq	$23,%r13
+	movq	%rcx,%rdi
+
+	xorq	%rbx,%r13
+	rorq	$5,%r14
+	xorq	%rdx,%rdi
+
+	movq	%r12,24(%rsp)
+	xorq	%r9,%r14
+	andq	%rbx,%rdi
+
+	rorq	$4,%r13
+	addq	%r8,%r12
+	xorq	%rdx,%rdi
+
+	rorq	$6,%r14
+	xorq	%rbx,%r13
+	addq	%rdi,%r12
+
+	movq	%r9,%rdi
+	addq	(%rbp),%r12
+	xorq	%r9,%r14
+
+	xorq	%r10,%rdi
+	rorq	$14,%r13
+	movq	%r10,%r8
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r8
+	addq	%r12,%rax
+	addq	%r12,%r8
+
+	leaq	24(%rbp),%rbp
+	movq	40(%rsp),%r13
+	movq	16(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r8
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	104(%rsp),%r12
+
+	addq	32(%rsp),%r12
+	movq	%rax,%r13
+	addq	%r15,%r12
+	movq	%r8,%r14
+	rorq	$23,%r13
+	movq	%rbx,%r15
+
+	xorq	%rax,%r13
+	rorq	$5,%r14
+	xorq	%rcx,%r15
+
+	movq	%r12,32(%rsp)
+	xorq	%r8,%r14
+	andq	%rax,%r15
+
+	rorq	$4,%r13
+	addq	%rdx,%r12
+	xorq	%rcx,%r15
+
+	rorq	$6,%r14
+	xorq	%rax,%r13
+	addq	%r15,%r12
+
+	movq	%r8,%r15
+	addq	(%rbp),%r12
+	xorq	%r8,%r14
+
+	xorq	%r9,%r15
+	rorq	$14,%r13
+	movq	%r9,%rdx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rdx
+	addq	%r12,%r11
+	addq	%r12,%rdx
+
+	leaq	8(%rbp),%rbp
+	movq	48(%rsp),%r13
+	movq	24(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rdx
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	112(%rsp),%r12
+
+	addq	40(%rsp),%r12
+	movq	%r11,%r13
+	addq	%rdi,%r12
+	movq	%rdx,%r14
+	rorq	$23,%r13
+	movq	%rax,%rdi
+
+	xorq	%r11,%r13
+	rorq	$5,%r14
+	xorq	%rbx,%rdi
+
+	movq	%r12,40(%rsp)
+	xorq	%rdx,%r14
+	andq	%r11,%rdi
+
+	rorq	$4,%r13
+	addq	%rcx,%r12
+	xorq	%rbx,%rdi
+
+	rorq	$6,%r14
+	xorq	%r11,%r13
+	addq	%rdi,%r12
+
+	movq	%rdx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rdx,%r14
+
+	xorq	%r8,%rdi
+	rorq	$14,%r13
+	movq	%r8,%rcx
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rcx
+	addq	%r12,%r10
+	addq	%r12,%rcx
+
+	leaq	24(%rbp),%rbp
+	movq	56(%rsp),%r13
+	movq	32(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rcx
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	120(%rsp),%r12
+
+	addq	48(%rsp),%r12
+	movq	%r10,%r13
+	addq	%r15,%r12
+	movq	%rcx,%r14
+	rorq	$23,%r13
+	movq	%r11,%r15
+
+	xorq	%r10,%r13
+	rorq	$5,%r14
+	xorq	%rax,%r15
+
+	movq	%r12,48(%rsp)
+	xorq	%rcx,%r14
+	andq	%r10,%r15
+
+	rorq	$4,%r13
+	addq	%rbx,%r12
+	xorq	%rax,%r15
+
+	rorq	$6,%r14
+	xorq	%r10,%r13
+	addq	%r15,%r12
+
+	movq	%rcx,%r15
+	addq	(%rbp),%r12
+	xorq	%rcx,%r14
+
+	xorq	%rdx,%r15
+	rorq	$14,%r13
+	movq	%rdx,%rbx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rbx
+	addq	%r12,%r9
+	addq	%r12,%rbx
+
+	leaq	8(%rbp),%rbp
+	movq	64(%rsp),%r13
+	movq	40(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rbx
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	0(%rsp),%r12
+
+	addq	56(%rsp),%r12
+	movq	%r9,%r13
+	addq	%rdi,%r12
+	movq	%rbx,%r14
+	rorq	$23,%r13
+	movq	%r10,%rdi
+
+	xorq	%r9,%r13
+	rorq	$5,%r14
+	xorq	%r11,%rdi
+
+	movq	%r12,56(%rsp)
+	xorq	%rbx,%r14
+	andq	%r9,%rdi
+
+	rorq	$4,%r13
+	addq	%rax,%r12
+	xorq	%r11,%rdi
+
+	rorq	$6,%r14
+	xorq	%r9,%r13
+	addq	%rdi,%r12
+
+	movq	%rbx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rbx,%r14
+
+	xorq	%rcx,%rdi
+	rorq	$14,%r13
+	movq	%rcx,%rax
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rax
+	addq	%r12,%r8
+	addq	%r12,%rax
+
+	leaq	24(%rbp),%rbp
+	movq	72(%rsp),%r13
+	movq	48(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rax
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	8(%rsp),%r12
+
+	addq	64(%rsp),%r12
+	movq	%r8,%r13
+	addq	%r15,%r12
+	movq	%rax,%r14
+	rorq	$23,%r13
+	movq	%r9,%r15
+
+	xorq	%r8,%r13
+	rorq	$5,%r14
+	xorq	%r10,%r15
+
+	movq	%r12,64(%rsp)
+	xorq	%rax,%r14
+	andq	%r8,%r15
+
+	rorq	$4,%r13
+	addq	%r11,%r12
+	xorq	%r10,%r15
+
+	rorq	$6,%r14
+	xorq	%r8,%r13
+	addq	%r15,%r12
+
+	movq	%rax,%r15
+	addq	(%rbp),%r12
+	xorq	%rax,%r14
+
+	xorq	%rbx,%r15
+	rorq	$14,%r13
+	movq	%rbx,%r11
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r11
+	addq	%r12,%rdx
+	addq	%r12,%r11
+
+	leaq	8(%rbp),%rbp
+	movq	80(%rsp),%r13
+	movq	56(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r11
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	16(%rsp),%r12
+
+	addq	72(%rsp),%r12
+	movq	%rdx,%r13
+	addq	%rdi,%r12
+	movq	%r11,%r14
+	rorq	$23,%r13
+	movq	%r8,%rdi
+
+	xorq	%rdx,%r13
+	rorq	$5,%r14
+	xorq	%r9,%rdi
+
+	movq	%r12,72(%rsp)
+	xorq	%r11,%r14
+	andq	%rdx,%rdi
+
+	rorq	$4,%r13
+	addq	%r10,%r12
+	xorq	%r9,%rdi
+
+	rorq	$6,%r14
+	xorq	%rdx,%r13
+	addq	%rdi,%r12
+
+	movq	%r11,%rdi
+	addq	(%rbp),%r12
+	xorq	%r11,%r14
+
+	xorq	%rax,%rdi
+	rorq	$14,%r13
+	movq	%rax,%r10
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r10
+	addq	%r12,%rcx
+	addq	%r12,%r10
+
+	leaq	24(%rbp),%rbp
+	movq	88(%rsp),%r13
+	movq	64(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r10
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	24(%rsp),%r12
+
+	addq	80(%rsp),%r12
+	movq	%rcx,%r13
+	addq	%r15,%r12
+	movq	%r10,%r14
+	rorq	$23,%r13
+	movq	%rdx,%r15
+
+	xorq	%rcx,%r13
+	rorq	$5,%r14
+	xorq	%r8,%r15
+
+	movq	%r12,80(%rsp)
+	xorq	%r10,%r14
+	andq	%rcx,%r15
+
+	rorq	$4,%r13
+	addq	%r9,%r12
+	xorq	%r8,%r15
+
+	rorq	$6,%r14
+	xorq	%rcx,%r13
+	addq	%r15,%r12
+
+	movq	%r10,%r15
+	addq	(%rbp),%r12
+	xorq	%r10,%r14
+
+	xorq	%r11,%r15
+	rorq	$14,%r13
+	movq	%r11,%r9
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%r9
+	addq	%r12,%rbx
+	addq	%r12,%r9
+
+	leaq	8(%rbp),%rbp
+	movq	96(%rsp),%r13
+	movq	72(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r9
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	32(%rsp),%r12
+
+	addq	88(%rsp),%r12
+	movq	%rbx,%r13
+	addq	%rdi,%r12
+	movq	%r9,%r14
+	rorq	$23,%r13
+	movq	%rcx,%rdi
+
+	xorq	%rbx,%r13
+	rorq	$5,%r14
+	xorq	%rdx,%rdi
+
+	movq	%r12,88(%rsp)
+	xorq	%r9,%r14
+	andq	%rbx,%rdi
+
+	rorq	$4,%r13
+	addq	%r8,%r12
+	xorq	%rdx,%rdi
+
+	rorq	$6,%r14
+	xorq	%rbx,%r13
+	addq	%rdi,%r12
+
+	movq	%r9,%rdi
+	addq	(%rbp),%r12
+	xorq	%r9,%r14
+
+	xorq	%r10,%rdi
+	rorq	$14,%r13
+	movq	%r10,%r8
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%r8
+	addq	%r12,%rax
+	addq	%r12,%r8
+
+	leaq	24(%rbp),%rbp
+	movq	104(%rsp),%r13
+	movq	80(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%r8
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	40(%rsp),%r12
+
+	addq	96(%rsp),%r12
+	movq	%rax,%r13
+	addq	%r15,%r12
+	movq	%r8,%r14
+	rorq	$23,%r13
+	movq	%rbx,%r15
+
+	xorq	%rax,%r13
+	rorq	$5,%r14
+	xorq	%rcx,%r15
+
+	movq	%r12,96(%rsp)
+	xorq	%r8,%r14
+	andq	%rax,%r15
+
+	rorq	$4,%r13
+	addq	%rdx,%r12
+	xorq	%rcx,%r15
+
+	rorq	$6,%r14
+	xorq	%rax,%r13
+	addq	%r15,%r12
+
+	movq	%r8,%r15
+	addq	(%rbp),%r12
+	xorq	%r8,%r14
+
+	xorq	%r9,%r15
+	rorq	$14,%r13
+	movq	%r9,%rdx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rdx
+	addq	%r12,%r11
+	addq	%r12,%rdx
+
+	leaq	8(%rbp),%rbp
+	movq	112(%rsp),%r13
+	movq	88(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rdx
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	48(%rsp),%r12
+
+	addq	104(%rsp),%r12
+	movq	%r11,%r13
+	addq	%rdi,%r12
+	movq	%rdx,%r14
+	rorq	$23,%r13
+	movq	%rax,%rdi
+
+	xorq	%r11,%r13
+	rorq	$5,%r14
+	xorq	%rbx,%rdi
+
+	movq	%r12,104(%rsp)
+	xorq	%rdx,%r14
+	andq	%r11,%rdi
+
+	rorq	$4,%r13
+	addq	%rcx,%r12
+	xorq	%rbx,%rdi
+
+	rorq	$6,%r14
+	xorq	%r11,%r13
+	addq	%rdi,%r12
+
+	movq	%rdx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rdx,%r14
+
+	xorq	%r8,%rdi
+	rorq	$14,%r13
+	movq	%r8,%rcx
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rcx
+	addq	%r12,%r10
+	addq	%r12,%rcx
+
+	leaq	24(%rbp),%rbp
+	movq	120(%rsp),%r13
+	movq	96(%rsp),%r15
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rcx
+	movq	%r15,%r14
+	rorq	$42,%r15
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%r15
+	shrq	$6,%r14
+
+	rorq	$19,%r15
+	xorq	%r13,%r12
+	xorq	%r14,%r15
+	addq	56(%rsp),%r12
+
+	addq	112(%rsp),%r12
+	movq	%r10,%r13
+	addq	%r15,%r12
+	movq	%rcx,%r14
+	rorq	$23,%r13
+	movq	%r11,%r15
+
+	xorq	%r10,%r13
+	rorq	$5,%r14
+	xorq	%rax,%r15
+
+	movq	%r12,112(%rsp)
+	xorq	%rcx,%r14
+	andq	%r10,%r15
+
+	rorq	$4,%r13
+	addq	%rbx,%r12
+	xorq	%rax,%r15
+
+	rorq	$6,%r14
+	xorq	%r10,%r13
+	addq	%r15,%r12
+
+	movq	%rcx,%r15
+	addq	(%rbp),%r12
+	xorq	%rcx,%r14
+
+	xorq	%rdx,%r15
+	rorq	$14,%r13
+	movq	%rdx,%rbx
+
+	andq	%r15,%rdi
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%rdi,%rbx
+	addq	%r12,%r9
+	addq	%r12,%rbx
+
+	leaq	8(%rbp),%rbp
+	movq	0(%rsp),%r13
+	movq	104(%rsp),%rdi
+
+	movq	%r13,%r12
+	rorq	$7,%r13
+	addq	%r14,%rbx
+	movq	%rdi,%r14
+	rorq	$42,%rdi
+
+	xorq	%r12,%r13
+	shrq	$7,%r12
+	rorq	$1,%r13
+	xorq	%r14,%rdi
+	shrq	$6,%r14
+
+	rorq	$19,%rdi
+	xorq	%r13,%r12
+	xorq	%r14,%rdi
+	addq	64(%rsp),%r12
+
+	addq	120(%rsp),%r12
+	movq	%r9,%r13
+	addq	%rdi,%r12
+	movq	%rbx,%r14
+	rorq	$23,%r13
+	movq	%r10,%rdi
+
+	xorq	%r9,%r13
+	rorq	$5,%r14
+	xorq	%r11,%rdi
+
+	movq	%r12,120(%rsp)
+	xorq	%rbx,%r14
+	andq	%r9,%rdi
+
+	rorq	$4,%r13
+	addq	%rax,%r12
+	xorq	%r11,%rdi
+
+	rorq	$6,%r14
+	xorq	%r9,%r13
+	addq	%rdi,%r12
+
+	movq	%rbx,%rdi
+	addq	(%rbp),%r12
+	xorq	%rbx,%r14
+
+	xorq	%rcx,%rdi
+	rorq	$14,%r13
+	movq	%rcx,%rax
+
+	andq	%rdi,%r15
+	rorq	$28,%r14
+	addq	%r13,%r12
+
+	xorq	%r15,%rax
+	addq	%r12,%r8
+	addq	%r12,%rax
+
+	leaq	24(%rbp),%rbp
+	cmpb	$0,7(%rbp)
+	jnz	L$rounds_16_xx
+
+	movq	128+0(%rsp),%rdi
+	addq	%r14,%rax
+	leaq	128(%rsi),%rsi
+
+	addq	0(%rdi),%rax
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	addq	48(%rdi),%r10
+	addq	56(%rdi),%r11
+
+	cmpq	128+16(%rsp),%rsi
+
+	movq	%rax,0(%rdi)
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+	jb	L$loop
+
+	movq	152(%rsp),%rsi
+
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+L$epilogue:
+	.byte	0xf3,0xc3
+
+
+.p2align	6
+
+K512:
+.quad	0x428a2f98d728ae22,0x7137449123ef65cd
+.quad	0x428a2f98d728ae22,0x7137449123ef65cd
+.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+.quad	0x3956c25bf348b538,0x59f111f1b605d019
+.quad	0x3956c25bf348b538,0x59f111f1b605d019
+.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+.quad	0xd807aa98a3030242,0x12835b0145706fbe
+.quad	0xd807aa98a3030242,0x12835b0145706fbe
+.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+.quad	0x9bdc06a725c71235,0xc19bf174cf692694
+.quad	0x9bdc06a725c71235,0xc19bf174cf692694
+.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+.quad	0x983e5152ee66dfab,0xa831c66d2db43210
+.quad	0x983e5152ee66dfab,0xa831c66d2db43210
+.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
+.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
+.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
+.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
+.quad	0x06ca6351e003826f,0x142929670a0e6e70
+.quad	0x06ca6351e003826f,0x142929670a0e6e70
+.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
+.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
+.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
+.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
+.quad	0x81c2c92e47edaee6,0x92722c851482353b
+.quad	0x81c2c92e47edaee6,0x92722c851482353b
+.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
+.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
+.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
+.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
+.quad	0xd192e819d6ef5218,0xd69906245565a910
+.quad	0xd192e819d6ef5218,0xd69906245565a910
+.quad	0xf40e35855771202a,0x106aa07032bbd1b8
+.quad	0xf40e35855771202a,0x106aa07032bbd1b8
+.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
+.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
+.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
+.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
+.quad	0x90befffa23631e28,0xa4506cebde82bde9
+.quad	0x90befffa23631e28,0xa4506cebde82bde9
+.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
+.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
+.quad	0xca273eceea26619c,0xd186b8c721c0c207
+.quad	0xca273eceea26619c,0xd186b8c721c0c207
+.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
+.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
+.quad	0x113f9804bef90dae,0x1b710b35131c471b
+.quad	0x113f9804bef90dae,0x1b710b35131c471b
+.quad	0x28db77f523047d84,0x32caab7b40c72493
+.quad	0x28db77f523047d84,0x32caab7b40c72493
+.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+
+.quad	0x0001020304050607,0x08090a0b0c0d0e0f
+.quad	0x0001020304050607,0x08090a0b0c0d0e0f
+.byte	83,72,65,53,49,50,32,98,108,111,99,107,32,116,114,97,110,115,102,111,114,109,32,102,111,114,32,120,56,54,95,54,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
+
+.p2align	6
+sha512_block_data_order_xop:
+
+L$xop_shortcut:
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	shlq	$4,%rdx
+	subq	$160,%rsp
+	leaq	(%rsi,%rdx,8),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,128+0(%rsp)
+	movq	%rsi,128+8(%rsp)
+	movq	%rdx,128+16(%rsp)
+	movq	%rax,152(%rsp)
+
+L$prologue_xop:
+
+	vzeroupper
+	movq	0(%rdi),%rax
+	movq	8(%rdi),%rbx
+	movq	16(%rdi),%rcx
+	movq	24(%rdi),%rdx
+	movq	32(%rdi),%r8
+	movq	40(%rdi),%r9
+	movq	48(%rdi),%r10
+	movq	56(%rdi),%r11
+	jmp	L$loop_xop
+.p2align	4
+L$loop_xop:
+	vmovdqa	K512+1280(%rip),%xmm11
+	vmovdqu	0(%rsi),%xmm0
+	leaq	K512+128(%rip),%rbp
+	vmovdqu	16(%rsi),%xmm1
+	vmovdqu	32(%rsi),%xmm2
+	vpshufb	%xmm11,%xmm0,%xmm0
+	vmovdqu	48(%rsi),%xmm3
+	vpshufb	%xmm11,%xmm1,%xmm1
+	vmovdqu	64(%rsi),%xmm4
+	vpshufb	%xmm11,%xmm2,%xmm2
+	vmovdqu	80(%rsi),%xmm5
+	vpshufb	%xmm11,%xmm3,%xmm3
+	vmovdqu	96(%rsi),%xmm6
+	vpshufb	%xmm11,%xmm4,%xmm4
+	vmovdqu	112(%rsi),%xmm7
+	vpshufb	%xmm11,%xmm5,%xmm5
+	vpaddq	-128(%rbp),%xmm0,%xmm8
+	vpshufb	%xmm11,%xmm6,%xmm6
+	vpaddq	-96(%rbp),%xmm1,%xmm9
+	vpshufb	%xmm11,%xmm7,%xmm7
+	vpaddq	-64(%rbp),%xmm2,%xmm10
+	vpaddq	-32(%rbp),%xmm3,%xmm11
+	vmovdqa	%xmm8,0(%rsp)
+	vpaddq	0(%rbp),%xmm4,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	vpaddq	32(%rbp),%xmm5,%xmm9
+	vmovdqa	%xmm10,32(%rsp)
+	vpaddq	64(%rbp),%xmm6,%xmm10
+	vmovdqa	%xmm11,48(%rsp)
+	vpaddq	96(%rbp),%xmm7,%xmm11
+	vmovdqa	%xmm8,64(%rsp)
+	movq	%rax,%r14
+	vmovdqa	%xmm9,80(%rsp)
+	movq	%rbx,%rdi
+	vmovdqa	%xmm10,96(%rsp)
+	xorq	%rcx,%rdi
+	vmovdqa	%xmm11,112(%rsp)
+	movq	%r8,%r13
+	jmp	L$xop_00_47
+
+.p2align	4
+L$xop_00_47:
+	addq	$256,%rbp
+	vpalignr	$8,%xmm0,%xmm1,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%rax
+	vpalignr	$8,%xmm4,%xmm5,%xmm11
+	movq	%r9,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%rax,%r14
+	vpaddq	%xmm11,%xmm0,%xmm0
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	0(%rsp),%r11
+	movq	%rax,%r15
+.byte	143,72,120,195,209,7
+	xorq	%r10,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,223,3
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rbx,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm7,%xmm10
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	vpaddq	%xmm8,%xmm0,%xmm0
+	movq	%rdx,%r13
+	addq	%r11,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%r11
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%r8,%r12
+	rorq	$5,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	vpaddq	%xmm11,%xmm0,%xmm0
+	addq	8(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	rorq	$6,%r14
+	vpaddq	-128(%rbp),%xmm0,%xmm10
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	rorq	$28,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	vmovdqa	%xmm10,0(%rsp)
+	vpalignr	$8,%xmm1,%xmm2,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%r10
+	vpalignr	$8,%xmm5,%xmm6,%xmm11
+	movq	%rdx,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%r10,%r14
+	vpaddq	%xmm11,%xmm1,%xmm1
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	16(%rsp),%r9
+	movq	%r10,%r15
+.byte	143,72,120,195,209,7
+	xorq	%r8,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,216,3
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r11,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm0,%xmm10
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	vpaddq	%xmm8,%xmm1,%xmm1
+	movq	%rbx,%r13
+	addq	%r9,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%r9
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%rcx,%r12
+	rorq	$5,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	vpaddq	%xmm11,%xmm1,%xmm1
+	addq	24(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	rorq	$6,%r14
+	vpaddq	-96(%rbp),%xmm1,%xmm10
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	rorq	$28,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	vmovdqa	%xmm10,16(%rsp)
+	vpalignr	$8,%xmm2,%xmm3,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%r8
+	vpalignr	$8,%xmm6,%xmm7,%xmm11
+	movq	%rbx,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%r8,%r14
+	vpaddq	%xmm11,%xmm2,%xmm2
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	32(%rsp),%rdx
+	movq	%r8,%r15
+.byte	143,72,120,195,209,7
+	xorq	%rcx,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,217,3
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r9,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm1,%xmm10
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	vpaddq	%xmm8,%xmm2,%xmm2
+	movq	%r11,%r13
+	addq	%rdx,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%rdx
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%rax,%r12
+	rorq	$5,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	vpaddq	%xmm11,%xmm2,%xmm2
+	addq	40(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	rorq	$6,%r14
+	vpaddq	-64(%rbp),%xmm2,%xmm10
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	rorq	$28,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	vmovdqa	%xmm10,32(%rsp)
+	vpalignr	$8,%xmm3,%xmm4,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%rcx
+	vpalignr	$8,%xmm7,%xmm0,%xmm11
+	movq	%r11,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%rcx,%r14
+	vpaddq	%xmm11,%xmm3,%xmm3
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	48(%rsp),%rbx
+	movq	%rcx,%r15
+.byte	143,72,120,195,209,7
+	xorq	%rax,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,218,3
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rdx,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm2,%xmm10
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	vpaddq	%xmm8,%xmm3,%xmm3
+	movq	%r9,%r13
+	addq	%rbx,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%rbx
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%r10,%r12
+	rorq	$5,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	vpaddq	%xmm11,%xmm3,%xmm3
+	addq	56(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	rorq	$6,%r14
+	vpaddq	-32(%rbp),%xmm3,%xmm10
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	rorq	$28,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	vmovdqa	%xmm10,48(%rsp)
+	vpalignr	$8,%xmm4,%xmm5,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%rax
+	vpalignr	$8,%xmm0,%xmm1,%xmm11
+	movq	%r9,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%rax,%r14
+	vpaddq	%xmm11,%xmm4,%xmm4
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	64(%rsp),%r11
+	movq	%rax,%r15
+.byte	143,72,120,195,209,7
+	xorq	%r10,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,219,3
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rbx,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm3,%xmm10
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	vpaddq	%xmm8,%xmm4,%xmm4
+	movq	%rdx,%r13
+	addq	%r11,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%r11
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%r8,%r12
+	rorq	$5,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	vpaddq	%xmm11,%xmm4,%xmm4
+	addq	72(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	rorq	$6,%r14
+	vpaddq	0(%rbp),%xmm4,%xmm10
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	rorq	$28,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	vmovdqa	%xmm10,64(%rsp)
+	vpalignr	$8,%xmm5,%xmm6,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%r10
+	vpalignr	$8,%xmm1,%xmm2,%xmm11
+	movq	%rdx,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%r10,%r14
+	vpaddq	%xmm11,%xmm5,%xmm5
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	80(%rsp),%r9
+	movq	%r10,%r15
+.byte	143,72,120,195,209,7
+	xorq	%r8,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,220,3
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r11,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm4,%xmm10
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	vpaddq	%xmm8,%xmm5,%xmm5
+	movq	%rbx,%r13
+	addq	%r9,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%r9
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%rcx,%r12
+	rorq	$5,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	vpaddq	%xmm11,%xmm5,%xmm5
+	addq	88(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	rorq	$6,%r14
+	vpaddq	32(%rbp),%xmm5,%xmm10
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	rorq	$28,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	vmovdqa	%xmm10,80(%rsp)
+	vpalignr	$8,%xmm6,%xmm7,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%r8
+	vpalignr	$8,%xmm2,%xmm3,%xmm11
+	movq	%rbx,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%r8,%r14
+	vpaddq	%xmm11,%xmm6,%xmm6
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	96(%rsp),%rdx
+	movq	%r8,%r15
+.byte	143,72,120,195,209,7
+	xorq	%rcx,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,221,3
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r9,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm5,%xmm10
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	vpaddq	%xmm8,%xmm6,%xmm6
+	movq	%r11,%r13
+	addq	%rdx,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%rdx
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%rax,%r12
+	rorq	$5,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	vpaddq	%xmm11,%xmm6,%xmm6
+	addq	104(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	rorq	$6,%r14
+	vpaddq	64(%rbp),%xmm6,%xmm10
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	rorq	$28,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	vmovdqa	%xmm10,96(%rsp)
+	vpalignr	$8,%xmm7,%xmm0,%xmm8
+	rorq	$23,%r13
+	movq	%r14,%rcx
+	vpalignr	$8,%xmm3,%xmm4,%xmm11
+	movq	%r11,%r12
+	rorq	$5,%r14
+.byte	143,72,120,195,200,56
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	vpsrlq	$7,%xmm8,%xmm8
+	rorq	$4,%r13
+	xorq	%rcx,%r14
+	vpaddq	%xmm11,%xmm7,%xmm7
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	112(%rsp),%rbx
+	movq	%rcx,%r15
+.byte	143,72,120,195,209,7
+	xorq	%rax,%r12
+	rorq	$6,%r14
+	vpxor	%xmm9,%xmm8,%xmm8
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+.byte	143,104,120,195,222,3
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rdx,%rdi
+	rorq	$28,%r14
+	vpsrlq	$6,%xmm6,%xmm10
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	vpaddq	%xmm8,%xmm7,%xmm7
+	movq	%r9,%r13
+	addq	%rbx,%r14
+.byte	143,72,120,195,203,42
+	rorq	$23,%r13
+	movq	%r14,%rbx
+	vpxor	%xmm10,%xmm11,%xmm11
+	movq	%r10,%r12
+	rorq	$5,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	vpxor	%xmm9,%xmm11,%xmm11
+	rorq	$4,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	vpaddq	%xmm11,%xmm7,%xmm7
+	addq	120(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	rorq	$6,%r14
+	vpaddq	96(%rbp),%xmm7,%xmm10
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	rorq	$28,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	vmovdqa	%xmm10,112(%rsp)
+	cmpb	$0,135(%rbp)
+	jne	L$xop_00_47
+	rorq	$23,%r13
+	movq	%r14,%rax
+	movq	%r9,%r12
+	rorq	$5,%r14
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	rorq	$4,%r13
+	xorq	%rax,%r14
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	0(%rsp),%r11
+	movq	%rax,%r15
+	xorq	%r10,%r12
+	rorq	$6,%r14
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	xorq	%rbx,%rdi
+	rorq	$28,%r14
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	rorq	$23,%r13
+	movq	%r14,%r11
+	movq	%r8,%r12
+	rorq	$5,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	rorq	$4,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	addq	8(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	rorq	$6,%r14
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	rorq	$28,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	rorq	$23,%r13
+	movq	%r14,%r10
+	movq	%rdx,%r12
+	rorq	$5,%r14
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	rorq	$4,%r13
+	xorq	%r10,%r14
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	16(%rsp),%r9
+	movq	%r10,%r15
+	xorq	%r8,%r12
+	rorq	$6,%r14
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	xorq	%r11,%rdi
+	rorq	$28,%r14
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	rorq	$23,%r13
+	movq	%r14,%r9
+	movq	%rcx,%r12
+	rorq	$5,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	rorq	$4,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	addq	24(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	rorq	$6,%r14
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	rorq	$28,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	rorq	$23,%r13
+	movq	%r14,%r8
+	movq	%rbx,%r12
+	rorq	$5,%r14
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	rorq	$4,%r13
+	xorq	%r8,%r14
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	32(%rsp),%rdx
+	movq	%r8,%r15
+	xorq	%rcx,%r12
+	rorq	$6,%r14
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	xorq	%r9,%rdi
+	rorq	$28,%r14
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rdx
+	movq	%rax,%r12
+	rorq	$5,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	rorq	$4,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	addq	40(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	rorq	$6,%r14
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	rorq	$28,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rcx
+	movq	%r11,%r12
+	rorq	$5,%r14
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	rorq	$4,%r13
+	xorq	%rcx,%r14
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	48(%rsp),%rbx
+	movq	%rcx,%r15
+	xorq	%rax,%r12
+	rorq	$6,%r14
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	xorq	%rdx,%rdi
+	rorq	$28,%r14
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rbx
+	movq	%r10,%r12
+	rorq	$5,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	rorq	$4,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	addq	56(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	rorq	$6,%r14
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	rorq	$28,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	rorq	$23,%r13
+	movq	%r14,%rax
+	movq	%r9,%r12
+	rorq	$5,%r14
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	rorq	$4,%r13
+	xorq	%rax,%r14
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	64(%rsp),%r11
+	movq	%rax,%r15
+	xorq	%r10,%r12
+	rorq	$6,%r14
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	xorq	%rbx,%rdi
+	rorq	$28,%r14
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	rorq	$23,%r13
+	movq	%r14,%r11
+	movq	%r8,%r12
+	rorq	$5,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	rorq	$4,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	addq	72(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	rorq	$6,%r14
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	rorq	$28,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	rorq	$23,%r13
+	movq	%r14,%r10
+	movq	%rdx,%r12
+	rorq	$5,%r14
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	rorq	$4,%r13
+	xorq	%r10,%r14
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	80(%rsp),%r9
+	movq	%r10,%r15
+	xorq	%r8,%r12
+	rorq	$6,%r14
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	xorq	%r11,%rdi
+	rorq	$28,%r14
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	rorq	$23,%r13
+	movq	%r14,%r9
+	movq	%rcx,%r12
+	rorq	$5,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	rorq	$4,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	addq	88(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	rorq	$6,%r14
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	rorq	$28,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	rorq	$23,%r13
+	movq	%r14,%r8
+	movq	%rbx,%r12
+	rorq	$5,%r14
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	rorq	$4,%r13
+	xorq	%r8,%r14
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	96(%rsp),%rdx
+	movq	%r8,%r15
+	xorq	%rcx,%r12
+	rorq	$6,%r14
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	xorq	%r9,%rdi
+	rorq	$28,%r14
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rdx
+	movq	%rax,%r12
+	rorq	$5,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	rorq	$4,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	addq	104(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	rorq	$6,%r14
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	rorq	$28,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rcx
+	movq	%r11,%r12
+	rorq	$5,%r14
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	rorq	$4,%r13
+	xorq	%rcx,%r14
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	112(%rsp),%rbx
+	movq	%rcx,%r15
+	xorq	%rax,%r12
+	rorq	$6,%r14
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	rorq	$14,%r13
+	andq	%r15,%rdi
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	xorq	%rdx,%rdi
+	rorq	$28,%r14
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	rorq	$23,%r13
+	movq	%r14,%rbx
+	movq	%r10,%r12
+	rorq	$5,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	rorq	$4,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	addq	120(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	rorq	$6,%r14
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	rorq	$14,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	rorq	$28,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	movq	128+0(%rsp),%rdi
+	movq	%r14,%rax
+
+	addq	0(%rdi),%rax
+	leaq	128(%rsi),%rsi
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	addq	48(%rdi),%r10
+	addq	56(%rdi),%r11
+
+	cmpq	128+16(%rsp),%rsi
+
+	movq	%rax,0(%rdi)
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+	jb	L$loop_xop
+
+	movq	152(%rsp),%rsi
+
+	vzeroupper
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+L$epilogue_xop:
+	.byte	0xf3,0xc3
+
+
+
+.p2align	6
+sha512_block_data_order_avx:
+
+L$avx_shortcut:
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	shlq	$4,%rdx
+	subq	$160,%rsp
+	leaq	(%rsi,%rdx,8),%rdx
+	andq	$-64,%rsp
+	movq	%rdi,128+0(%rsp)
+	movq	%rsi,128+8(%rsp)
+	movq	%rdx,128+16(%rsp)
+	movq	%rax,152(%rsp)
+
+L$prologue_avx:
+
+	vzeroupper
+	movq	0(%rdi),%rax
+	movq	8(%rdi),%rbx
+	movq	16(%rdi),%rcx
+	movq	24(%rdi),%rdx
+	movq	32(%rdi),%r8
+	movq	40(%rdi),%r9
+	movq	48(%rdi),%r10
+	movq	56(%rdi),%r11
+	jmp	L$loop_avx
+.p2align	4
+L$loop_avx:
+	vmovdqa	K512+1280(%rip),%xmm11
+	vmovdqu	0(%rsi),%xmm0
+	leaq	K512+128(%rip),%rbp
+	vmovdqu	16(%rsi),%xmm1
+	vmovdqu	32(%rsi),%xmm2
+	vpshufb	%xmm11,%xmm0,%xmm0
+	vmovdqu	48(%rsi),%xmm3
+	vpshufb	%xmm11,%xmm1,%xmm1
+	vmovdqu	64(%rsi),%xmm4
+	vpshufb	%xmm11,%xmm2,%xmm2
+	vmovdqu	80(%rsi),%xmm5
+	vpshufb	%xmm11,%xmm3,%xmm3
+	vmovdqu	96(%rsi),%xmm6
+	vpshufb	%xmm11,%xmm4,%xmm4
+	vmovdqu	112(%rsi),%xmm7
+	vpshufb	%xmm11,%xmm5,%xmm5
+	vpaddq	-128(%rbp),%xmm0,%xmm8
+	vpshufb	%xmm11,%xmm6,%xmm6
+	vpaddq	-96(%rbp),%xmm1,%xmm9
+	vpshufb	%xmm11,%xmm7,%xmm7
+	vpaddq	-64(%rbp),%xmm2,%xmm10
+	vpaddq	-32(%rbp),%xmm3,%xmm11
+	vmovdqa	%xmm8,0(%rsp)
+	vpaddq	0(%rbp),%xmm4,%xmm8
+	vmovdqa	%xmm9,16(%rsp)
+	vpaddq	32(%rbp),%xmm5,%xmm9
+	vmovdqa	%xmm10,32(%rsp)
+	vpaddq	64(%rbp),%xmm6,%xmm10
+	vmovdqa	%xmm11,48(%rsp)
+	vpaddq	96(%rbp),%xmm7,%xmm11
+	vmovdqa	%xmm8,64(%rsp)
+	movq	%rax,%r14
+	vmovdqa	%xmm9,80(%rsp)
+	movq	%rbx,%rdi
+	vmovdqa	%xmm10,96(%rsp)
+	xorq	%rcx,%rdi
+	vmovdqa	%xmm11,112(%rsp)
+	movq	%r8,%r13
+	jmp	L$avx_00_47
+
+.p2align	4
+L$avx_00_47:
+	addq	$256,%rbp
+	vpalignr	$8,%xmm0,%xmm1,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rax
+	vpalignr	$8,%xmm4,%xmm5,%xmm11
+	movq	%r9,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	vpaddq	%xmm11,%xmm0,%xmm0
+	shrdq	$4,%r13,%r13
+	xorq	%rax,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	0(%rsp),%r11
+	movq	%rax,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%r10,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rbx,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm7,%xmm11
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	vpsllq	$3,%xmm7,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r11
+	vpaddq	%xmm8,%xmm0,%xmm0
+	movq	%r8,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm7,%xmm9
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%r11,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	8(%rsp),%r10
+	movq	%r11,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%r9,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm0,%xmm0
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	vpaddq	-128(%rbp),%xmm0,%xmm10
+	xorq	%rax,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	vmovdqa	%xmm10,0(%rsp)
+	vpalignr	$8,%xmm1,%xmm2,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r10
+	vpalignr	$8,%xmm5,%xmm6,%xmm11
+	movq	%rdx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	vpaddq	%xmm11,%xmm1,%xmm1
+	shrdq	$4,%r13,%r13
+	xorq	%r10,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	16(%rsp),%r9
+	movq	%r10,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%r8,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r11,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm0,%xmm11
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	vpsllq	$3,%xmm0,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r9
+	vpaddq	%xmm8,%xmm1,%xmm1
+	movq	%rcx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm0,%xmm9
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%r9,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	24(%rsp),%r8
+	movq	%r9,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%rdx,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm1,%xmm1
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	vpaddq	-96(%rbp),%xmm1,%xmm10
+	xorq	%r10,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	vmovdqa	%xmm10,16(%rsp)
+	vpalignr	$8,%xmm2,%xmm3,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r8
+	vpalignr	$8,%xmm6,%xmm7,%xmm11
+	movq	%rbx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	vpaddq	%xmm11,%xmm2,%xmm2
+	shrdq	$4,%r13,%r13
+	xorq	%r8,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	32(%rsp),%rdx
+	movq	%r8,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%rcx,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r9,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm1,%xmm11
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	vpsllq	$3,%xmm1,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rdx
+	vpaddq	%xmm8,%xmm2,%xmm2
+	movq	%rax,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm1,%xmm9
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%rdx,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	40(%rsp),%rcx
+	movq	%rdx,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%rbx,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm2,%xmm2
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	vpaddq	-64(%rbp),%xmm2,%xmm10
+	xorq	%r8,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	vmovdqa	%xmm10,32(%rsp)
+	vpalignr	$8,%xmm3,%xmm4,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rcx
+	vpalignr	$8,%xmm7,%xmm0,%xmm11
+	movq	%r11,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	vpaddq	%xmm11,%xmm3,%xmm3
+	shrdq	$4,%r13,%r13
+	xorq	%rcx,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	48(%rsp),%rbx
+	movq	%rcx,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%rax,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rdx,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm2,%xmm11
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	vpsllq	$3,%xmm2,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rbx
+	vpaddq	%xmm8,%xmm3,%xmm3
+	movq	%r10,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm2,%xmm9
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%rbx,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	56(%rsp),%rax
+	movq	%rbx,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%r11,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm3,%xmm3
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	vpaddq	-32(%rbp),%xmm3,%xmm10
+	xorq	%rcx,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	vmovdqa	%xmm10,48(%rsp)
+	vpalignr	$8,%xmm4,%xmm5,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rax
+	vpalignr	$8,%xmm0,%xmm1,%xmm11
+	movq	%r9,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	vpaddq	%xmm11,%xmm4,%xmm4
+	shrdq	$4,%r13,%r13
+	xorq	%rax,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	64(%rsp),%r11
+	movq	%rax,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%r10,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rbx,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm3,%xmm11
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	vpsllq	$3,%xmm3,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r11
+	vpaddq	%xmm8,%xmm4,%xmm4
+	movq	%r8,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm3,%xmm9
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%r11,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	72(%rsp),%r10
+	movq	%r11,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%r9,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm4,%xmm4
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	vpaddq	0(%rbp),%xmm4,%xmm10
+	xorq	%rax,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	vmovdqa	%xmm10,64(%rsp)
+	vpalignr	$8,%xmm5,%xmm6,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r10
+	vpalignr	$8,%xmm1,%xmm2,%xmm11
+	movq	%rdx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	vpaddq	%xmm11,%xmm5,%xmm5
+	shrdq	$4,%r13,%r13
+	xorq	%r10,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	80(%rsp),%r9
+	movq	%r10,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%r8,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r11,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm4,%xmm11
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	vpsllq	$3,%xmm4,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r9
+	vpaddq	%xmm8,%xmm5,%xmm5
+	movq	%rcx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm4,%xmm9
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%r9,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	88(%rsp),%r8
+	movq	%r9,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%rdx,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm5,%xmm5
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	vpaddq	32(%rbp),%xmm5,%xmm10
+	xorq	%r10,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	vmovdqa	%xmm10,80(%rsp)
+	vpalignr	$8,%xmm6,%xmm7,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r8
+	vpalignr	$8,%xmm2,%xmm3,%xmm11
+	movq	%rbx,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	vpaddq	%xmm11,%xmm6,%xmm6
+	shrdq	$4,%r13,%r13
+	xorq	%r8,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	96(%rsp),%rdx
+	movq	%r8,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%rcx,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%r9,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm5,%xmm11
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	vpsllq	$3,%xmm5,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rdx
+	vpaddq	%xmm8,%xmm6,%xmm6
+	movq	%rax,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm5,%xmm9
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%rdx,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	104(%rsp),%rcx
+	movq	%rdx,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%rbx,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm6,%xmm6
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	vpaddq	64(%rbp),%xmm6,%xmm10
+	xorq	%r8,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	vmovdqa	%xmm10,96(%rsp)
+	vpalignr	$8,%xmm7,%xmm0,%xmm8
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rcx
+	vpalignr	$8,%xmm3,%xmm4,%xmm11
+	movq	%r11,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$1,%xmm8,%xmm10
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	vpaddq	%xmm11,%xmm7,%xmm7
+	shrdq	$4,%r13,%r13
+	xorq	%rcx,%r14
+	vpsrlq	$7,%xmm8,%xmm11
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	vpsllq	$56,%xmm8,%xmm9
+	addq	112(%rsp),%rbx
+	movq	%rcx,%r15
+	vpxor	%xmm10,%xmm11,%xmm8
+	xorq	%rax,%r12
+	shrdq	$6,%r14,%r14
+	vpsrlq	$7,%xmm10,%xmm10
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	vpxor	%xmm9,%xmm8,%xmm8
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	vpsllq	$7,%xmm9,%xmm9
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	vpxor	%xmm10,%xmm8,%xmm8
+	xorq	%rdx,%rdi
+	shrdq	$28,%r14,%r14
+	vpsrlq	$6,%xmm6,%xmm11
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	vpxor	%xmm9,%xmm8,%xmm8
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	vpsllq	$3,%xmm6,%xmm10
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rbx
+	vpaddq	%xmm8,%xmm7,%xmm7
+	movq	%r10,%r12
+	shrdq	$5,%r14,%r14
+	vpsrlq	$19,%xmm6,%xmm9
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	vpxor	%xmm10,%xmm11,%xmm11
+	shrdq	$4,%r13,%r13
+	xorq	%rbx,%r14
+	vpsllq	$42,%xmm10,%xmm10
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	vpxor	%xmm9,%xmm11,%xmm11
+	addq	120(%rsp),%rax
+	movq	%rbx,%rdi
+	vpsrlq	$42,%xmm9,%xmm9
+	xorq	%r11,%r12
+	shrdq	$6,%r14,%r14
+	vpxor	%xmm10,%xmm11,%xmm11
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	vpxor	%xmm9,%xmm11,%xmm11
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	vpaddq	%xmm11,%xmm7,%xmm7
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	vpaddq	96(%rbp),%xmm7,%xmm10
+	xorq	%rcx,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	vmovdqa	%xmm10,112(%rsp)
+	cmpb	$0,135(%rbp)
+	jne	L$avx_00_47
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rax
+	movq	%r9,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rax,%r14
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	0(%rsp),%r11
+	movq	%rax,%r15
+	xorq	%r10,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	xorq	%rbx,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r11
+	movq	%r8,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	addq	8(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r10
+	movq	%rdx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r10,%r14
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	16(%rsp),%r9
+	movq	%r10,%r15
+	xorq	%r8,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	xorq	%r11,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r9
+	movq	%rcx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	addq	24(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r8
+	movq	%rbx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r8,%r14
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	32(%rsp),%rdx
+	movq	%r8,%r15
+	xorq	%rcx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	xorq	%r9,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rdx
+	movq	%rax,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	addq	40(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rcx
+	movq	%r11,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rcx,%r14
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	48(%rsp),%rbx
+	movq	%rcx,%r15
+	xorq	%rax,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	xorq	%rdx,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rbx
+	movq	%r10,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	addq	56(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rax
+	movq	%r9,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r8,%r13
+	xorq	%r10,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rax,%r14
+	andq	%r8,%r12
+	xorq	%r8,%r13
+	addq	64(%rsp),%r11
+	movq	%rax,%r15
+	xorq	%r10,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rbx,%r15
+	addq	%r12,%r11
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%rax,%r14
+	addq	%r13,%r11
+	xorq	%rbx,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%r11,%rdx
+	addq	%rdi,%r11
+	movq	%rdx,%r13
+	addq	%r11,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r11
+	movq	%r8,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rdx,%r13
+	xorq	%r9,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r11,%r14
+	andq	%rdx,%r12
+	xorq	%rdx,%r13
+	addq	72(%rsp),%r10
+	movq	%r11,%rdi
+	xorq	%r9,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rax,%rdi
+	addq	%r12,%r10
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%r11,%r14
+	addq	%r13,%r10
+	xorq	%rax,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r10,%rcx
+	addq	%r15,%r10
+	movq	%rcx,%r13
+	addq	%r10,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r10
+	movq	%rdx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rcx,%r13
+	xorq	%r8,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r10,%r14
+	andq	%rcx,%r12
+	xorq	%rcx,%r13
+	addq	80(%rsp),%r9
+	movq	%r10,%r15
+	xorq	%r8,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r11,%r15
+	addq	%r12,%r9
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%r10,%r14
+	addq	%r13,%r9
+	xorq	%r11,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%r9,%rbx
+	addq	%rdi,%r9
+	movq	%rbx,%r13
+	addq	%r9,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r9
+	movq	%rcx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rbx,%r13
+	xorq	%rdx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r9,%r14
+	andq	%rbx,%r12
+	xorq	%rbx,%r13
+	addq	88(%rsp),%r8
+	movq	%r9,%rdi
+	xorq	%rdx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r10,%rdi
+	addq	%r12,%r8
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%r9,%r14
+	addq	%r13,%r8
+	xorq	%r10,%r15
+	shrdq	$28,%r14,%r14
+	addq	%r8,%rax
+	addq	%r15,%r8
+	movq	%rax,%r13
+	addq	%r8,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%r8
+	movq	%rbx,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%rax,%r13
+	xorq	%rcx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%r8,%r14
+	andq	%rax,%r12
+	xorq	%rax,%r13
+	addq	96(%rsp),%rdx
+	movq	%r8,%r15
+	xorq	%rcx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r9,%r15
+	addq	%r12,%rdx
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%r8,%r14
+	addq	%r13,%rdx
+	xorq	%r9,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%rdx,%r11
+	addq	%rdi,%rdx
+	movq	%r11,%r13
+	addq	%rdx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rdx
+	movq	%rax,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r11,%r13
+	xorq	%rbx,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rdx,%r14
+	andq	%r11,%r12
+	xorq	%r11,%r13
+	addq	104(%rsp),%rcx
+	movq	%rdx,%rdi
+	xorq	%rbx,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%r8,%rdi
+	addq	%r12,%rcx
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%rdx,%r14
+	addq	%r13,%rcx
+	xorq	%r8,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rcx,%r10
+	addq	%r15,%rcx
+	movq	%r10,%r13
+	addq	%rcx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rcx
+	movq	%r11,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r10,%r13
+	xorq	%rax,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rcx,%r14
+	andq	%r10,%r12
+	xorq	%r10,%r13
+	addq	112(%rsp),%rbx
+	movq	%rcx,%r15
+	xorq	%rax,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rdx,%r15
+	addq	%r12,%rbx
+	shrdq	$14,%r13,%r13
+	andq	%r15,%rdi
+	xorq	%rcx,%r14
+	addq	%r13,%rbx
+	xorq	%rdx,%rdi
+	shrdq	$28,%r14,%r14
+	addq	%rbx,%r9
+	addq	%rdi,%rbx
+	movq	%r9,%r13
+	addq	%rbx,%r14
+	shrdq	$23,%r13,%r13
+	movq	%r14,%rbx
+	movq	%r10,%r12
+	shrdq	$5,%r14,%r14
+	xorq	%r9,%r13
+	xorq	%r11,%r12
+	shrdq	$4,%r13,%r13
+	xorq	%rbx,%r14
+	andq	%r9,%r12
+	xorq	%r9,%r13
+	addq	120(%rsp),%rax
+	movq	%rbx,%rdi
+	xorq	%r11,%r12
+	shrdq	$6,%r14,%r14
+	xorq	%rcx,%rdi
+	addq	%r12,%rax
+	shrdq	$14,%r13,%r13
+	andq	%rdi,%r15
+	xorq	%rbx,%r14
+	addq	%r13,%rax
+	xorq	%rcx,%r15
+	shrdq	$28,%r14,%r14
+	addq	%rax,%r8
+	addq	%r15,%rax
+	movq	%r8,%r13
+	addq	%rax,%r14
+	movq	128+0(%rsp),%rdi
+	movq	%r14,%rax
+
+	addq	0(%rdi),%rax
+	leaq	128(%rsi),%rsi
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	addq	48(%rdi),%r10
+	addq	56(%rdi),%r11
+
+	cmpq	128+16(%rsp),%rsi
+
+	movq	%rax,0(%rdi)
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+	jb	L$loop_avx
+
+	movq	152(%rsp),%rsi
+
+	vzeroupper
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+L$epilogue_avx:
+	.byte	0xf3,0xc3
+
+
+
+.p2align	6
+sha512_block_data_order_avx2:
+
+L$avx2_shortcut:
+	movq	%rsp,%rax
+
+	pushq	%rbx
+
+	pushq	%rbp
+
+	pushq	%r12
+
+	pushq	%r13
+
+	pushq	%r14
+
+	pushq	%r15
+
+	subq	$1312,%rsp
+	shlq	$4,%rdx
+	andq	$-2048,%rsp
+	leaq	(%rsi,%rdx,8),%rdx
+	addq	$1152,%rsp
+	movq	%rdi,128+0(%rsp)
+	movq	%rsi,128+8(%rsp)
+	movq	%rdx,128+16(%rsp)
+	movq	%rax,152(%rsp)
+
+L$prologue_avx2:
+
+	vzeroupper
+	subq	$-128,%rsi
+	movq	0(%rdi),%rax
+	movq	%rsi,%r12
+	movq	8(%rdi),%rbx
+	cmpq	%rdx,%rsi
+	movq	16(%rdi),%rcx
+	cmoveq	%rsp,%r12
+	movq	24(%rdi),%rdx
+	movq	32(%rdi),%r8
+	movq	40(%rdi),%r9
+	movq	48(%rdi),%r10
+	movq	56(%rdi),%r11
+	jmp	L$oop_avx2
+.p2align	4
+L$oop_avx2:
+	vmovdqu	-128(%rsi),%xmm0
+	vmovdqu	-128+16(%rsi),%xmm1
+	vmovdqu	-128+32(%rsi),%xmm2
+	leaq	K512+128(%rip),%rbp
+	vmovdqu	-128+48(%rsi),%xmm3
+	vmovdqu	-128+64(%rsi),%xmm4
+	vmovdqu	-128+80(%rsi),%xmm5
+	vmovdqu	-128+96(%rsi),%xmm6
+	vmovdqu	-128+112(%rsi),%xmm7
+
+	vmovdqa	1152(%rbp),%ymm10
+	vinserti128	$1,(%r12),%ymm0,%ymm0
+	vinserti128	$1,16(%r12),%ymm1,%ymm1
+	vpshufb	%ymm10,%ymm0,%ymm0
+	vinserti128	$1,32(%r12),%ymm2,%ymm2
+	vpshufb	%ymm10,%ymm1,%ymm1
+	vinserti128	$1,48(%r12),%ymm3,%ymm3
+	vpshufb	%ymm10,%ymm2,%ymm2
+	vinserti128	$1,64(%r12),%ymm4,%ymm4
+	vpshufb	%ymm10,%ymm3,%ymm3
+	vinserti128	$1,80(%r12),%ymm5,%ymm5
+	vpshufb	%ymm10,%ymm4,%ymm4
+	vinserti128	$1,96(%r12),%ymm6,%ymm6
+	vpshufb	%ymm10,%ymm5,%ymm5
+	vinserti128	$1,112(%r12),%ymm7,%ymm7
+
+	vpaddq	-128(%rbp),%ymm0,%ymm8
+	vpshufb	%ymm10,%ymm6,%ymm6
+	vpaddq	-96(%rbp),%ymm1,%ymm9
+	vpshufb	%ymm10,%ymm7,%ymm7
+	vpaddq	-64(%rbp),%ymm2,%ymm10
+	vpaddq	-32(%rbp),%ymm3,%ymm11
+	vmovdqa	%ymm8,0(%rsp)
+	vpaddq	0(%rbp),%ymm4,%ymm8
+	vmovdqa	%ymm9,32(%rsp)
+	vpaddq	32(%rbp),%ymm5,%ymm9
+	vmovdqa	%ymm10,64(%rsp)
+	vpaddq	64(%rbp),%ymm6,%ymm10
+	vmovdqa	%ymm11,96(%rsp)
+
+	movq	152(%rsp),%rdi
+
+	leaq	-128(%rsp),%rsp
+
+
+
+	movq	%rdi,-8(%rsp)
+
+	vpaddq	96(%rbp),%ymm7,%ymm11
+	vmovdqa	%ymm8,0(%rsp)
+	xorq	%r14,%r14
+	vmovdqa	%ymm9,32(%rsp)
+	movq	%rbx,%rdi
+	vmovdqa	%ymm10,64(%rsp)
+	xorq	%rcx,%rdi
+	vmovdqa	%ymm11,96(%rsp)
+	movq	%r9,%r12
+	addq	$32*8,%rbp
+	jmp	L$avx2_00_47
+
+.p2align	4
+L$avx2_00_47:
+	leaq	-128(%rsp),%rsp
+
+
+	pushq	128-8(%rsp)
+
+	leaq	8(%rsp),%rsp
+
+	vpalignr	$8,%ymm0,%ymm1,%ymm8
+	addq	0+256(%rsp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	vpalignr	$8,%ymm4,%ymm5,%ymm11
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	vpaddq	%ymm11,%ymm0,%ymm0
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	vpsrlq	$6,%ymm7,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	vpsllq	$3,%ymm7,%ymm10
+	vpaddq	%ymm8,%ymm0,%ymm0
+	addq	8+256(%rsp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	vpsrlq	$19,%ymm7,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	vpaddq	%ymm11,%ymm0,%ymm0
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	vpaddq	-128(%rbp),%ymm0,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	vmovdqa	%ymm10,0(%rsp)
+	vpalignr	$8,%ymm1,%ymm2,%ymm8
+	addq	32+256(%rsp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	vpalignr	$8,%ymm5,%ymm6,%ymm11
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	vpaddq	%ymm11,%ymm1,%ymm1
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	vpsrlq	$6,%ymm0,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	vpsllq	$3,%ymm0,%ymm10
+	vpaddq	%ymm8,%ymm1,%ymm1
+	addq	40+256(%rsp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	vpsrlq	$19,%ymm0,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	vpaddq	%ymm11,%ymm1,%ymm1
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	vpaddq	-96(%rbp),%ymm1,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	vmovdqa	%ymm10,32(%rsp)
+	vpalignr	$8,%ymm2,%ymm3,%ymm8
+	addq	64+256(%rsp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	vpalignr	$8,%ymm6,%ymm7,%ymm11
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	vpaddq	%ymm11,%ymm2,%ymm2
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	vpsrlq	$6,%ymm1,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	vpsllq	$3,%ymm1,%ymm10
+	vpaddq	%ymm8,%ymm2,%ymm2
+	addq	72+256(%rsp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	vpsrlq	$19,%ymm1,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	vpaddq	%ymm11,%ymm2,%ymm2
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	vpaddq	-64(%rbp),%ymm2,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	vmovdqa	%ymm10,64(%rsp)
+	vpalignr	$8,%ymm3,%ymm4,%ymm8
+	addq	96+256(%rsp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	vpalignr	$8,%ymm7,%ymm0,%ymm11
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	vpaddq	%ymm11,%ymm3,%ymm3
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	vpsrlq	$6,%ymm2,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	vpsllq	$3,%ymm2,%ymm10
+	vpaddq	%ymm8,%ymm3,%ymm3
+	addq	104+256(%rsp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	vpsrlq	$19,%ymm2,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	vpaddq	%ymm11,%ymm3,%ymm3
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	vpaddq	-32(%rbp),%ymm3,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	vmovdqa	%ymm10,96(%rsp)
+	leaq	-128(%rsp),%rsp
+
+
+	pushq	128-8(%rsp)
+
+	leaq	8(%rsp),%rsp
+
+	vpalignr	$8,%ymm4,%ymm5,%ymm8
+	addq	0+256(%rsp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	vpalignr	$8,%ymm0,%ymm1,%ymm11
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	vpaddq	%ymm11,%ymm4,%ymm4
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	vpsrlq	$6,%ymm3,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	vpsllq	$3,%ymm3,%ymm10
+	vpaddq	%ymm8,%ymm4,%ymm4
+	addq	8+256(%rsp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	vpsrlq	$19,%ymm3,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	vpaddq	%ymm11,%ymm4,%ymm4
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	vpaddq	0(%rbp),%ymm4,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	vmovdqa	%ymm10,0(%rsp)
+	vpalignr	$8,%ymm5,%ymm6,%ymm8
+	addq	32+256(%rsp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	vpalignr	$8,%ymm1,%ymm2,%ymm11
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	vpaddq	%ymm11,%ymm5,%ymm5
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	vpsrlq	$6,%ymm4,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	vpsllq	$3,%ymm4,%ymm10
+	vpaddq	%ymm8,%ymm5,%ymm5
+	addq	40+256(%rsp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	vpsrlq	$19,%ymm4,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	vpaddq	%ymm11,%ymm5,%ymm5
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	vpaddq	32(%rbp),%ymm5,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	vmovdqa	%ymm10,32(%rsp)
+	vpalignr	$8,%ymm6,%ymm7,%ymm8
+	addq	64+256(%rsp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	vpalignr	$8,%ymm2,%ymm3,%ymm11
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	vpaddq	%ymm11,%ymm6,%ymm6
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	vpsrlq	$6,%ymm5,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	vpsllq	$3,%ymm5,%ymm10
+	vpaddq	%ymm8,%ymm6,%ymm6
+	addq	72+256(%rsp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	vpsrlq	$19,%ymm5,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	vpaddq	%ymm11,%ymm6,%ymm6
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	vpaddq	64(%rbp),%ymm6,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	vmovdqa	%ymm10,64(%rsp)
+	vpalignr	$8,%ymm7,%ymm0,%ymm8
+	addq	96+256(%rsp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	vpalignr	$8,%ymm3,%ymm4,%ymm11
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	vpsrlq	$1,%ymm8,%ymm10
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	vpaddq	%ymm11,%ymm7,%ymm7
+	vpsrlq	$7,%ymm8,%ymm11
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	vpsllq	$56,%ymm8,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm8
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	vpsrlq	$7,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm8,%ymm8
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	vpsllq	$7,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm8,%ymm8
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	vpsrlq	$6,%ymm6,%ymm11
+	vpxor	%ymm9,%ymm8,%ymm8
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	vpsllq	$3,%ymm6,%ymm10
+	vpaddq	%ymm8,%ymm7,%ymm7
+	addq	104+256(%rsp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	vpsrlq	$19,%ymm6,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	vpsllq	$42,%ymm10,%ymm10
+	vpxor	%ymm9,%ymm11,%ymm11
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	vpsrlq	$42,%ymm9,%ymm9
+	vpxor	%ymm10,%ymm11,%ymm11
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	vpxor	%ymm9,%ymm11,%ymm11
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	vpaddq	%ymm11,%ymm7,%ymm7
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	vpaddq	96(%rbp),%ymm7,%ymm10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	vmovdqa	%ymm10,96(%rsp)
+	leaq	256(%rbp),%rbp
+	cmpb	$0,-121(%rbp)
+	jne	L$avx2_00_47
+	addq	0+128(%rsp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	addq	8+128(%rsp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	addq	32+128(%rsp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	addq	40+128(%rsp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	addq	64+128(%rsp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	addq	72+128(%rsp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	addq	96+128(%rsp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	addq	104+128(%rsp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	addq	0(%rsp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	addq	8(%rsp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	addq	32(%rsp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	addq	40(%rsp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	addq	64(%rsp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	addq	72(%rsp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	addq	96(%rsp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	addq	104(%rsp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	movq	1280(%rsp),%rdi
+	addq	%r14,%rax
+
+	leaq	1152(%rsp),%rbp
+
+	addq	0(%rdi),%rax
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	addq	48(%rdi),%r10
+	addq	56(%rdi),%r11
+
+	movq	%rax,0(%rdi)
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+
+	cmpq	144(%rbp),%rsi
+	je	L$done_avx2
+
+	xorq	%r14,%r14
+	movq	%rbx,%rdi
+	xorq	%rcx,%rdi
+	movq	%r9,%r12
+	jmp	L$ower_avx2
+.p2align	4
+L$ower_avx2:
+	addq	0+16(%rbp),%r11
+	andq	%r8,%r12
+	rorxq	$41,%r8,%r13
+	rorxq	$18,%r8,%r15
+	leaq	(%rax,%r14,1),%rax
+	leaq	(%r11,%r12,1),%r11
+	andnq	%r10,%r8,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r8,%r14
+	leaq	(%r11,%r12,1),%r11
+	xorq	%r14,%r13
+	movq	%rax,%r15
+	rorxq	$39,%rax,%r12
+	leaq	(%r11,%r13,1),%r11
+	xorq	%rbx,%r15
+	rorxq	$34,%rax,%r14
+	rorxq	$28,%rax,%r13
+	leaq	(%rdx,%r11,1),%rdx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rbx,%rdi
+	xorq	%r13,%r14
+	leaq	(%r11,%rdi,1),%r11
+	movq	%r8,%r12
+	addq	8+16(%rbp),%r10
+	andq	%rdx,%r12
+	rorxq	$41,%rdx,%r13
+	rorxq	$18,%rdx,%rdi
+	leaq	(%r11,%r14,1),%r11
+	leaq	(%r10,%r12,1),%r10
+	andnq	%r9,%rdx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rdx,%r14
+	leaq	(%r10,%r12,1),%r10
+	xorq	%r14,%r13
+	movq	%r11,%rdi
+	rorxq	$39,%r11,%r12
+	leaq	(%r10,%r13,1),%r10
+	xorq	%rax,%rdi
+	rorxq	$34,%r11,%r14
+	rorxq	$28,%r11,%r13
+	leaq	(%rcx,%r10,1),%rcx
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rax,%r15
+	xorq	%r13,%r14
+	leaq	(%r10,%r15,1),%r10
+	movq	%rdx,%r12
+	addq	32+16(%rbp),%r9
+	andq	%rcx,%r12
+	rorxq	$41,%rcx,%r13
+	rorxq	$18,%rcx,%r15
+	leaq	(%r10,%r14,1),%r10
+	leaq	(%r9,%r12,1),%r9
+	andnq	%r8,%rcx,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rcx,%r14
+	leaq	(%r9,%r12,1),%r9
+	xorq	%r14,%r13
+	movq	%r10,%r15
+	rorxq	$39,%r10,%r12
+	leaq	(%r9,%r13,1),%r9
+	xorq	%r11,%r15
+	rorxq	$34,%r10,%r14
+	rorxq	$28,%r10,%r13
+	leaq	(%rbx,%r9,1),%rbx
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r11,%rdi
+	xorq	%r13,%r14
+	leaq	(%r9,%rdi,1),%r9
+	movq	%rcx,%r12
+	addq	40+16(%rbp),%r8
+	andq	%rbx,%r12
+	rorxq	$41,%rbx,%r13
+	rorxq	$18,%rbx,%rdi
+	leaq	(%r9,%r14,1),%r9
+	leaq	(%r8,%r12,1),%r8
+	andnq	%rdx,%rbx,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%rbx,%r14
+	leaq	(%r8,%r12,1),%r8
+	xorq	%r14,%r13
+	movq	%r9,%rdi
+	rorxq	$39,%r9,%r12
+	leaq	(%r8,%r13,1),%r8
+	xorq	%r10,%rdi
+	rorxq	$34,%r9,%r14
+	rorxq	$28,%r9,%r13
+	leaq	(%rax,%r8,1),%rax
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r10,%r15
+	xorq	%r13,%r14
+	leaq	(%r8,%r15,1),%r8
+	movq	%rbx,%r12
+	addq	64+16(%rbp),%rdx
+	andq	%rax,%r12
+	rorxq	$41,%rax,%r13
+	rorxq	$18,%rax,%r15
+	leaq	(%r8,%r14,1),%r8
+	leaq	(%rdx,%r12,1),%rdx
+	andnq	%rcx,%rax,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%rax,%r14
+	leaq	(%rdx,%r12,1),%rdx
+	xorq	%r14,%r13
+	movq	%r8,%r15
+	rorxq	$39,%r8,%r12
+	leaq	(%rdx,%r13,1),%rdx
+	xorq	%r9,%r15
+	rorxq	$34,%r8,%r14
+	rorxq	$28,%r8,%r13
+	leaq	(%r11,%rdx,1),%r11
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%r9,%rdi
+	xorq	%r13,%r14
+	leaq	(%rdx,%rdi,1),%rdx
+	movq	%rax,%r12
+	addq	72+16(%rbp),%rcx
+	andq	%r11,%r12
+	rorxq	$41,%r11,%r13
+	rorxq	$18,%r11,%rdi
+	leaq	(%rdx,%r14,1),%rdx
+	leaq	(%rcx,%r12,1),%rcx
+	andnq	%rbx,%r11,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r11,%r14
+	leaq	(%rcx,%r12,1),%rcx
+	xorq	%r14,%r13
+	movq	%rdx,%rdi
+	rorxq	$39,%rdx,%r12
+	leaq	(%rcx,%r13,1),%rcx
+	xorq	%r8,%rdi
+	rorxq	$34,%rdx,%r14
+	rorxq	$28,%rdx,%r13
+	leaq	(%r10,%rcx,1),%r10
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%r8,%r15
+	xorq	%r13,%r14
+	leaq	(%rcx,%r15,1),%rcx
+	movq	%r11,%r12
+	addq	96+16(%rbp),%rbx
+	andq	%r10,%r12
+	rorxq	$41,%r10,%r13
+	rorxq	$18,%r10,%r15
+	leaq	(%rcx,%r14,1),%rcx
+	leaq	(%rbx,%r12,1),%rbx
+	andnq	%rax,%r10,%r12
+	xorq	%r15,%r13
+	rorxq	$14,%r10,%r14
+	leaq	(%rbx,%r12,1),%rbx
+	xorq	%r14,%r13
+	movq	%rcx,%r15
+	rorxq	$39,%rcx,%r12
+	leaq	(%rbx,%r13,1),%rbx
+	xorq	%rdx,%r15
+	rorxq	$34,%rcx,%r14
+	rorxq	$28,%rcx,%r13
+	leaq	(%r9,%rbx,1),%r9
+	andq	%r15,%rdi
+	xorq	%r12,%r14
+	xorq	%rdx,%rdi
+	xorq	%r13,%r14
+	leaq	(%rbx,%rdi,1),%rbx
+	movq	%r10,%r12
+	addq	104+16(%rbp),%rax
+	andq	%r9,%r12
+	rorxq	$41,%r9,%r13
+	rorxq	$18,%r9,%rdi
+	leaq	(%rbx,%r14,1),%rbx
+	leaq	(%rax,%r12,1),%rax
+	andnq	%r11,%r9,%r12
+	xorq	%rdi,%r13
+	rorxq	$14,%r9,%r14
+	leaq	(%rax,%r12,1),%rax
+	xorq	%r14,%r13
+	movq	%rbx,%rdi
+	rorxq	$39,%rbx,%r12
+	leaq	(%rax,%r13,1),%rax
+	xorq	%rcx,%rdi
+	rorxq	$34,%rbx,%r14
+	rorxq	$28,%rbx,%r13
+	leaq	(%r8,%rax,1),%r8
+	andq	%rdi,%r15
+	xorq	%r12,%r14
+	xorq	%rcx,%r15
+	xorq	%r13,%r14
+	leaq	(%rax,%r15,1),%rax
+	movq	%r9,%r12
+	leaq	-128(%rbp),%rbp
+	cmpq	%rsp,%rbp
+	jae	L$ower_avx2
+
+	movq	1280(%rsp),%rdi
+	addq	%r14,%rax
+
+	leaq	1152(%rsp),%rsp
+
+
+
+	addq	0(%rdi),%rax
+	addq	8(%rdi),%rbx
+	addq	16(%rdi),%rcx
+	addq	24(%rdi),%rdx
+	addq	32(%rdi),%r8
+	addq	40(%rdi),%r9
+	leaq	256(%rsi),%rsi
+	addq	48(%rdi),%r10
+	movq	%rsi,%r12
+	addq	56(%rdi),%r11
+	cmpq	128+16(%rsp),%rsi
+
+	movq	%rax,0(%rdi)
+	cmoveq	%rsp,%r12
+	movq	%rbx,8(%rdi)
+	movq	%rcx,16(%rdi)
+	movq	%rdx,24(%rdi)
+	movq	%r8,32(%rdi)
+	movq	%r9,40(%rdi)
+	movq	%r10,48(%rdi)
+	movq	%r11,56(%rdi)
+
+	jbe	L$oop_avx2
+	leaq	(%rsp),%rbp
+
+
+
+
+L$done_avx2:
+	movq	152(%rbp),%rsi
+
+	vzeroupper
+	movq	-48(%rsi),%r15
+
+	movq	-40(%rsi),%r14
+
+	movq	-32(%rsi),%r13
+
+	movq	-24(%rsi),%r12
+
+	movq	-16(%rsi),%rbp
+
+	movq	-8(%rsi),%rbx
+
+	leaq	(%rsi),%rsp
+
+L$epilogue_avx2:
+	.byte	0xf3,0xc3
+
+
+
diff --git a/lib/accelerated/x86/sha-padlock.c b/lib/accelerated/x86/sha-padlock.c
new file mode 100644
index 0000000..4c0da36
--- /dev/null
+++ b/lib/accelerated/x86/sha-padlock.c
@@ -0,0 +1,395 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Portions Copyright (C) 2001 Niels Moeller
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <hash_int.h>
+#include "errors.h"
+#include <nettle/sha.h>
+#include <nettle/hmac.h>
+#include <nettle/macros.h>
+#include <aes-padlock.h>
+#include <assert.h>
+#include <sha-padlock.h>
+#include <x86-common.h>
+
+#ifdef HAVE_LIBNETTLE
+
+typedef void (*update_func) (void *, size_t, const uint8_t *);
+typedef void (*digest_func) (void *, size_t, uint8_t *);
+typedef void (*set_key_func) (void *, size_t, const uint8_t *);
+typedef void (*init_func) (void *);
+
+struct padlock_hash_ctx {
+	union {
+		struct sha1_ctx sha1;
+		struct sha224_ctx sha224;
+		struct sha256_ctx sha256;
+		struct sha384_ctx sha384;
+		struct sha512_ctx sha512;
+	} ctx;
+	void *ctx_ptr;
+	gnutls_digest_algorithm_t algo;
+	size_t length;
+	update_func update;
+	digest_func digest;
+	init_func init;
+};
+
+static int
+wrap_padlock_hash_update(void *_ctx, const void *text, size_t textsize)
+{
+	struct padlock_hash_ctx *ctx = _ctx;
+
+	ctx->update(ctx->ctx_ptr, textsize, text);
+
+	return GNUTLS_E_SUCCESS;
+}
+
+static void wrap_padlock_hash_deinit(void *hd)
+{
+	gnutls_free(hd);
+}
+
+#define MD1_INCR(c) (c->count++)
+#define SHA1_COMPRESS(ctx, data) (padlock_sha1_blocks((void*)(ctx)->state, data, 1))
+#define SHA256_COMPRESS(ctx, data) (padlock_sha256_blocks((void*)(ctx)->state, data, 1))
+#define SHA512_COMPRESS(ctx, data) (padlock_sha512_blocks((void*)(ctx)->state, data, 1))
+
+void
+padlock_sha1_update(struct sha1_ctx *ctx,
+		    size_t length, const uint8_t * data)
+{
+	MD_UPDATE(ctx, length, data, SHA1_COMPRESS, MD1_INCR(ctx));
+}
+
+void
+padlock_sha256_update(struct sha256_ctx *ctx,
+		      size_t length, const uint8_t * data)
+{
+	MD_UPDATE(ctx, length, data, SHA256_COMPRESS, MD1_INCR(ctx));
+}
+
+void
+padlock_sha512_update(struct sha512_ctx *ctx,
+		      size_t length, const uint8_t * data)
+{
+	MD_UPDATE(ctx, length, data, SHA512_COMPRESS, MD_INCR(ctx));
+}
+
+static void
+_nettle_write_be32(unsigned length, uint8_t * dst, uint32_t * src)
+{
+	unsigned i;
+	unsigned words;
+	unsigned leftover;
+
+	words = length / 4;
+	leftover = length % 4;
+
+	for (i = 0; i < words; i++, dst += 4)
+		WRITE_UINT32(dst, src[i]);
+
+	if (leftover) {
+		uint32_t word;
+		unsigned j = leftover;
+
+		word = src[i];
+
+		switch (leftover) {
+		default:
+			abort();
+		case 3:
+			dst[--j] = (word >> 8) & 0xff;
+			FALLTHROUGH;
+		case 2:
+			dst[--j] = (word >> 16) & 0xff;
+			FALLTHROUGH;
+		case 1:
+			dst[--j] = (word >> 24) & 0xff;
+		}
+	}
+}
+
+static void
+padlock_sha1_digest(struct sha1_ctx *ctx,
+		    size_t length, uint8_t * digest)
+{
+	uint64_t bit_count;
+
+	assert(length <= SHA1_DIGEST_SIZE);
+
+	MD_PAD(ctx, 8, SHA1_COMPRESS);
+
+	/* There are 512 = 2^9 bits in one block */
+	bit_count = (ctx->count << 9) | (ctx->index << 3);
+
+	/* append the 64 bit count */
+	WRITE_UINT64(ctx->block + (SHA1_BLOCK_SIZE - 8), bit_count);
+	SHA1_COMPRESS(ctx, ctx->block);
+
+	_nettle_write_be32(length, digest, ctx->state);
+}
+
+static void
+padlock_sha256_digest(struct sha256_ctx *ctx,
+		      size_t length, uint8_t * digest)
+{
+	uint64_t bit_count;
+
+	assert(length <= SHA256_DIGEST_SIZE);
+
+	MD_PAD(ctx, 8, SHA256_COMPRESS);
+
+	/* There are 512 = 2^9 bits in one block */
+	bit_count = (ctx->count << 9) | (ctx->index << 3);
+
+	/* This is slightly inefficient, as the numbers are converted to
+	   big-endian format, and will be converted back by the compression
+	   function. It's probably not worth the effort to fix this. */
+	WRITE_UINT64(ctx->block + (SHA256_BLOCK_SIZE - 8), bit_count);
+	SHA256_COMPRESS(ctx, ctx->block);
+
+	_nettle_write_be32(length, digest, ctx->state);
+}
+
+static void
+padlock_sha512_digest(struct sha512_ctx *ctx,
+		      size_t length, uint8_t * digest)
+{
+	uint64_t high, low;
+
+	unsigned i;
+	unsigned words;
+	unsigned leftover;
+
+	assert(length <= SHA512_DIGEST_SIZE);
+
+	MD_PAD(ctx, 16, SHA512_COMPRESS);
+
+	/* There are 1024 = 2^10 bits in one block */
+	high = (ctx->count_high << 10) | (ctx->count_low >> 54);
+	low = (ctx->count_low << 10) | (ctx->index << 3);
+
+	/* This is slightly inefficient, as the numbers are converted to
+	   big-endian format, and will be converted back by the compression
+	   function. It's probably not worth the effort to fix this. */
+	WRITE_UINT64(ctx->block + (SHA512_DATA_SIZE - 16), high);
+	WRITE_UINT64(ctx->block + (SHA512_DATA_SIZE - 8), low);
+	SHA512_COMPRESS(ctx, ctx->block);
+
+	words = length / 8;
+	leftover = length % 8;
+
+	for (i = 0; i < words; i++, digest += 8)
+		WRITE_UINT64(digest, ctx->state[i]);
+
+	if (leftover) {
+		/* Truncate to the right size */
+		uint64_t word = ctx->state[i] >> (8 * (8 - leftover));
+
+		do {
+			digest[--leftover] = word & 0xff;
+			word >>= 8;
+		} while (leftover);
+	}
+}
+
+
+static int _ctx_init(gnutls_digest_algorithm_t algo,
+		     struct padlock_hash_ctx *ctx)
+{
+	switch (algo) {
+	case GNUTLS_DIG_SHA1:
+		sha1_init(&ctx->ctx.sha1);
+		ctx->update = (update_func) padlock_sha1_update;
+		ctx->digest = (digest_func) padlock_sha1_digest;
+		ctx->init = (init_func) sha1_init;
+		ctx->ctx_ptr = &ctx->ctx.sha1;
+		ctx->length = SHA1_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA224:
+		sha224_init(&ctx->ctx.sha224);
+		ctx->update = (update_func) padlock_sha256_update;
+		ctx->digest = (digest_func) padlock_sha256_digest;
+		ctx->init = (init_func) sha224_init;
+		ctx->ctx_ptr = &ctx->ctx.sha224;
+		ctx->length = SHA224_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA256:
+		sha256_init(&ctx->ctx.sha256);
+		ctx->update = (update_func) padlock_sha256_update;
+		ctx->digest = (digest_func) padlock_sha256_digest;
+		ctx->init = (init_func) sha256_init;
+		ctx->ctx_ptr = &ctx->ctx.sha256;
+		ctx->length = SHA256_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA384:
+		sha384_init(&ctx->ctx.sha384);
+		ctx->update = (update_func) padlock_sha512_update;
+		ctx->digest = (digest_func) padlock_sha512_digest;
+		ctx->init = (init_func) sha384_init;
+		ctx->ctx_ptr = &ctx->ctx.sha384;
+		ctx->length = SHA384_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA512:
+		sha512_init(&ctx->ctx.sha512);
+		ctx->update = (update_func) padlock_sha512_update;
+		ctx->digest = (digest_func) padlock_sha512_digest;
+		ctx->init = (init_func) sha512_init;
+		ctx->ctx_ptr = &ctx->ctx.sha512;
+		ctx->length = SHA512_DIGEST_SIZE;
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return 0;
+}
+
+
+static int
+wrap_padlock_hash_init(gnutls_digest_algorithm_t algo, void **_ctx)
+{
+	struct padlock_hash_ctx *ctx;
+	int ret;
+
+	ctx = gnutls_malloc(sizeof(struct padlock_hash_ctx));
+	if (ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ctx->algo = algo;
+
+	if ((ret = _ctx_init(algo, ctx)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	*_ctx = ctx;
+
+	return 0;
+}
+
+static void *
+wrap_padlock_hash_copy(const void *_ctx)
+{
+	struct padlock_hash_ctx *new_ctx;
+	const struct padlock_hash_ctx *ctx=_ctx;
+	ptrdiff_t off = (uint8_t *)ctx->ctx_ptr - (uint8_t *)(&ctx->ctx);
+
+	new_ctx = gnutls_malloc(sizeof(struct padlock_hash_ctx));
+	if (new_ctx == NULL) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	memcpy(new_ctx, ctx, sizeof(*new_ctx));
+	new_ctx->ctx_ptr = (uint8_t *)&new_ctx->ctx + off;
+
+	return new_ctx;
+}
+
+static int
+wrap_padlock_hash_output(void *src_ctx, void *digest, size_t digestsize)
+{
+	struct padlock_hash_ctx *ctx;
+	ctx = src_ctx;
+
+	if (digestsize < ctx->length)
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ctx->digest(ctx->ctx_ptr, digestsize, digest);
+
+	ctx->init(ctx->ctx_ptr);
+
+	return 0;
+}
+
+int wrap_padlock_hash_fast(gnutls_digest_algorithm_t algo,
+			   const void *text, size_t text_size,
+			   void *digest)
+{
+	if (text_size == 0 && text == NULL)
+		text = digest;
+	if (algo == GNUTLS_DIG_SHA1) {
+		uint32_t iv[5] = {
+			0x67452301UL,
+			0xEFCDAB89UL,
+			0x98BADCFEUL,
+			0x10325476UL,
+			0xC3D2E1F0UL,
+		};
+		padlock_sha1_oneshot(iv, text, text_size);
+		_nettle_write_be32(20, digest, iv);
+	} else if (algo == GNUTLS_DIG_SHA256) {
+		uint32_t iv[8] = {
+			0x6a09e667UL, 0xbb67ae85UL, 0x3c6ef372UL,
+			    0xa54ff53aUL,
+			0x510e527fUL, 0x9b05688cUL, 0x1f83d9abUL,
+			    0x5be0cd19UL,
+		};
+		padlock_sha256_oneshot(iv, text, text_size);
+		_nettle_write_be32(32, digest, iv);
+	} else {
+		struct padlock_hash_ctx ctx;
+		int ret;
+
+		ret = _ctx_init(algo, &ctx);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		ctx.algo = algo;
+
+		wrap_padlock_hash_update(&ctx, text, text_size);
+
+		wrap_padlock_hash_output(&ctx, digest, ctx.length);
+	}
+
+	return 0;
+}
+
+const struct nettle_hash padlock_sha1 = NN_HASH(sha1, padlock_sha1_update, padlock_sha1_digest, SHA1);
+const struct nettle_hash padlock_sha224 = NN_HASH(sha224, padlock_sha256_update, padlock_sha256_digest, SHA224);
+const struct nettle_hash padlock_sha256 = NN_HASH(sha256, padlock_sha256_update, padlock_sha256_digest, SHA256);
+const struct nettle_hash padlock_sha384 = NN_HASH(sha384, padlock_sha512_update, padlock_sha512_digest, SHA384);
+const struct nettle_hash padlock_sha512 = NN_HASH(sha512, padlock_sha512_update, padlock_sha512_digest, SHA512);
+
+const gnutls_crypto_digest_st _gnutls_sha_padlock_oneshot = {
+	.init = NULL,
+	.hash = NULL,
+	.output = NULL,
+	.deinit = NULL,
+	.fast = wrap_padlock_hash_fast
+};
+
+const gnutls_crypto_digest_st _gnutls_sha_padlock = {
+	.init = wrap_padlock_hash_init,
+	.hash = wrap_padlock_hash_update,
+	.output = wrap_padlock_hash_output,
+	.copy = wrap_padlock_hash_copy,
+	.deinit = wrap_padlock_hash_deinit,
+	.fast = wrap_padlock_hash_fast,
+};
+
+#endif				/* HAVE_LIBNETTLE */
diff --git a/lib/accelerated/x86/sha-padlock.h b/lib/accelerated/x86/sha-padlock.h
new file mode 100644
index 0000000..fda6fba
--- /dev/null
+++ b/lib/accelerated/x86/sha-padlock.h
@@ -0,0 +1,36 @@
+#ifndef GNUTLS_LIB_ACCELERATED_X86_SHA_PADLOCK_H
+#define GNUTLS_LIB_ACCELERATED_X86_SHA_PADLOCK_H
+
+#include <nettle/sha.h>
+
+void padlock_sha1_oneshot(void *ctx, const void *inp, size_t len);
+void padlock_sha256_oneshot(void *ctx, const void *inp, size_t len);
+
+void padlock_sha1_blocks(unsigned int *ctx, const void *inp,
+			 size_t blocks);
+void padlock_sha256_blocks(unsigned int *ctx, const void *inp,
+			   size_t blocks);
+void padlock_sha512_blocks(unsigned int *ctx, const void *inp,
+			   size_t blocks);
+
+int wrap_padlock_hash_fast(gnutls_digest_algorithm_t algo,
+			   const void *text, size_t text_size,
+			   void *digest);
+
+void padlock_sha1_update(struct sha1_ctx *ctx,
+			 size_t length, const uint8_t * data);
+void padlock_sha256_update(struct sha256_ctx *ctx,
+			   size_t length, const uint8_t * data);
+void padlock_sha512_update(struct sha512_ctx *ctx,
+			   size_t length, const uint8_t * data);
+
+extern const struct nettle_hash padlock_sha1;
+extern const struct nettle_hash padlock_sha224;
+extern const struct nettle_hash padlock_sha256;
+extern const struct nettle_hash padlock_sha384;
+extern const struct nettle_hash padlock_sha512;
+
+extern const gnutls_crypto_mac_st _gnutls_hmac_sha_padlock;
+extern const gnutls_crypto_digest_st _gnutls_sha_padlock;
+
+#endif /* GNUTLS_LIB_ACCELERATED_X86_SHA_PADLOCK_H */
diff --git a/lib/accelerated/x86/sha-x86-ssse3.c b/lib/accelerated/x86/sha-x86-ssse3.c
new file mode 100644
index 0000000..1d442e9
--- /dev/null
+++ b/lib/accelerated/x86/sha-x86-ssse3.c
@@ -0,0 +1,377 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aes-x86.h>
+#include <nettle/sha.h>
+#include <nettle/macros.h>
+#include <nettle/nettle-meta.h>
+#include <sha-x86.h>
+#include <x86-common.h>
+
+void sha1_block_data_order(void *c, const void *p, size_t len);
+void sha256_block_data_order(void *c, const void *p, size_t len);
+void sha512_block_data_order(void *c, const void *p, size_t len);
+
+typedef void (*update_func) (void *, size_t, const uint8_t *);
+typedef void (*digest_func) (void *, size_t, uint8_t *);
+typedef void (*set_key_func) (void *, size_t, const uint8_t *);
+typedef void (*init_func) (void *);
+
+struct x86_hash_ctx {
+	union {
+		struct sha1_ctx sha1;
+		struct sha224_ctx sha224;
+		struct sha256_ctx sha256;
+		struct sha384_ctx sha384;
+		struct sha512_ctx sha512;
+	} ctx;
+	void *ctx_ptr;
+	gnutls_digest_algorithm_t algo;
+	size_t length;
+	update_func update;
+	digest_func digest;
+	init_func init;
+};
+
+static int
+wrap_x86_hash_update(void *_ctx, const void *text, size_t textsize)
+{
+	struct x86_hash_ctx *ctx = _ctx;
+
+	ctx->update(ctx->ctx_ptr, textsize, text);
+
+	return GNUTLS_E_SUCCESS;
+}
+
+static void wrap_x86_hash_deinit(void *hd)
+{
+	gnutls_free(hd);
+}
+
+void x86_sha1_update(struct sha1_ctx *ctx, size_t length,
+		     const uint8_t * data)
+{
+	struct {
+		uint32_t h0, h1, h2, h3, h4;
+		uint32_t Nl, Nh;
+		uint32_t data[16];
+		unsigned int num;
+	} octx;
+	size_t res;
+	unsigned t2, i;
+
+	if ((res = ctx->index)) {
+		res = SHA1_DATA_SIZE - res;
+		if (length < res)
+			res = length;
+		sha1_update(ctx, res, data);
+		data += res;
+		length -= res;
+	}
+
+	octx.h0 = ctx->state[0];
+	octx.h1 = ctx->state[1];
+	octx.h2 = ctx->state[2];
+	octx.h3 = ctx->state[3];
+	octx.h4 = ctx->state[4];
+
+	memcpy(octx.data, ctx->block, SHA1_DATA_SIZE);
+	octx.num = ctx->index;
+
+	res = length % SHA1_DATA_SIZE;
+	length -= res;
+
+	if (length > 0) {
+
+		t2 = length / SHA1_DATA_SIZE;
+
+		sha1_block_data_order(&octx, data, t2);
+
+		for (i=0;i<t2;i++)
+			ctx->count++;
+		data += length;
+	}
+
+	ctx->state[0] = octx.h0;
+	ctx->state[1] = octx.h1;
+	ctx->state[2] = octx.h2;
+	ctx->state[3] = octx.h3;
+	ctx->state[4] = octx.h4;
+
+	memcpy(ctx->block, octx.data, octx.num);
+	ctx->index = octx.num;
+
+	if (res > 0) {
+		sha1_update(ctx, res, data);
+	}
+
+}
+
+void x86_sha256_update(struct sha256_ctx *ctx, size_t length,
+		     const uint8_t * data)
+{
+	struct {
+		uint32_t h[8];
+		uint32_t Nl, Nh;
+		uint32_t data[16];
+		unsigned int num;
+		unsigned md_len;
+	} octx;
+	size_t res;
+	unsigned t2, i;
+
+	if ((res = ctx->index)) {
+		res = SHA256_DATA_SIZE - res;
+		if (length < res)
+			res = length;
+		sha256_update(ctx, res, data);
+		data += res;
+		length -= res;
+	}
+
+	memcpy(octx.h, ctx->state, sizeof(octx.h));
+	memcpy(octx.data, ctx->block, SHA256_DATA_SIZE);
+	octx.num = ctx->index;
+
+	res = length % SHA256_DATA_SIZE;
+	length -= res;
+
+	if (length > 0) {
+		t2 = length / SHA1_DATA_SIZE;
+		sha256_block_data_order(&octx, data, t2);
+		
+		for (i=0;i<t2;i++)
+			ctx->count++;
+		data += length;
+	}
+
+	memcpy(ctx->state, octx.h, sizeof(octx.h));
+
+	memcpy(ctx->block, octx.data, octx.num);
+	ctx->index = octx.num;
+
+	if (res > 0) {
+		sha256_update(ctx, res, data);
+	}
+}
+
+void x86_sha512_update(struct sha512_ctx *ctx, size_t length,
+		     const uint8_t * data)
+{
+	struct {
+		uint64_t h[8];
+		uint64_t Nl, Nh;
+		union {
+			uint64_t d[16];
+			uint8_t p[16*8];
+		} u;
+		unsigned int num;
+		unsigned md_len;
+	} octx;
+	size_t res;
+	unsigned t2, i;
+
+	if ((res = ctx->index)) {
+		res = SHA512_DATA_SIZE - res;
+		if (length < res)
+			res = length;
+		sha512_update(ctx, res, data);
+		data += res;
+		length -= res;
+	}
+
+	memcpy(octx.h, ctx->state, sizeof(octx.h));
+	memcpy(octx.u.p, ctx->block, SHA512_DATA_SIZE);
+	octx.num = ctx->index;
+
+	res = length % SHA512_DATA_SIZE;
+	length -= res;
+
+	if (length > 0) {
+		t2 = length / SHA512_DATA_SIZE;
+		sha512_block_data_order(&octx, data, t2);
+		
+		for (i=0;i<t2;i++)
+			MD_INCR(ctx);
+		data += length;
+	}
+
+	memcpy(ctx->state, octx.h, sizeof(octx.h));
+
+	memcpy(ctx->block, octx.u.p, octx.num);
+	ctx->index = octx.num;
+
+	if (res > 0) {
+		sha512_update(ctx, res, data);
+	}
+}
+
+static int _ctx_init(gnutls_digest_algorithm_t algo,
+		     struct x86_hash_ctx *ctx)
+{
+	switch (algo) {
+	case GNUTLS_DIG_SHA1:
+		sha1_init(&ctx->ctx.sha1);
+		ctx->update = (update_func) x86_sha1_update;
+		ctx->digest = (digest_func) sha1_digest;
+		ctx->init = (init_func) sha1_init;
+		ctx->ctx_ptr = &ctx->ctx.sha1;
+		ctx->length = SHA1_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA224:
+		sha224_init(&ctx->ctx.sha224);
+		ctx->update = (update_func) x86_sha256_update;
+		ctx->digest = (digest_func) sha224_digest;
+		ctx->init = (init_func) sha224_init;
+		ctx->ctx_ptr = &ctx->ctx.sha224;
+		ctx->length = SHA224_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA256:
+		sha256_init(&ctx->ctx.sha256);
+		ctx->update = (update_func) x86_sha256_update;
+		ctx->digest = (digest_func) sha256_digest;
+		ctx->init = (init_func) sha256_init;
+		ctx->ctx_ptr = &ctx->ctx.sha256;
+		ctx->length = SHA256_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA384:
+		sha384_init(&ctx->ctx.sha384);
+		ctx->update = (update_func) x86_sha512_update;
+		ctx->digest = (digest_func) sha384_digest;
+		ctx->init = (init_func) sha384_init;
+		ctx->ctx_ptr = &ctx->ctx.sha384;
+		ctx->length = SHA384_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA512:
+		sha512_init(&ctx->ctx.sha512);
+		ctx->update = (update_func) x86_sha512_update;
+		ctx->digest = (digest_func) sha512_digest;
+		ctx->init = (init_func) sha512_init;
+		ctx->ctx_ptr = &ctx->ctx.sha512;
+		ctx->length = SHA512_DIGEST_SIZE;
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return 0;
+}
+
+
+static int wrap_x86_hash_init(gnutls_digest_algorithm_t algo, void **_ctx)
+{
+	struct x86_hash_ctx *ctx;
+	int ret;
+
+	ctx = gnutls_malloc(sizeof(struct x86_hash_ctx));
+	if (ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ctx->algo = algo;
+
+	if ((ret = _ctx_init(algo, ctx)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	*_ctx = ctx;
+
+	return 0;
+}
+
+static void *
+wrap_x86_hash_copy(const void *_ctx)
+{
+	struct x86_hash_ctx *new_ctx;
+	const struct x86_hash_ctx *ctx=_ctx;
+	ptrdiff_t off = (uint8_t *)ctx->ctx_ptr - (uint8_t *)(&ctx->ctx);
+
+	new_ctx = gnutls_malloc(sizeof(struct x86_hash_ctx));
+	if (new_ctx == NULL) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	memcpy(new_ctx, ctx, sizeof(*new_ctx));
+	new_ctx->ctx_ptr = (uint8_t *)&new_ctx->ctx + off;
+
+	return new_ctx;
+}
+
+static int
+wrap_x86_hash_output(void *src_ctx, void *digest, size_t digestsize)
+{
+	struct x86_hash_ctx *ctx;
+	ctx = src_ctx;
+
+	if (digestsize < ctx->length)
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ctx->digest(ctx->ctx_ptr, digestsize, digest);
+
+	return 0;
+}
+
+static int wrap_x86_hash_fast(gnutls_digest_algorithm_t algo,
+				 const void *text, size_t text_size,
+				 void *digest)
+{
+	struct x86_hash_ctx ctx;
+	int ret;
+
+	ret = _ctx_init(algo, &ctx);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ctx.update(&ctx, text_size, text);
+	ctx.digest(&ctx, ctx.length, digest);
+
+	return 0;
+}
+
+const struct nettle_hash x86_sha1 =
+NN_HASH(sha1, x86_sha1_update, sha1_digest, SHA1);
+const struct nettle_hash x86_sha224 =
+NN_HASH(sha224, x86_sha256_update, sha224_digest, SHA224);
+const struct nettle_hash x86_sha256 =
+NN_HASH(sha256, x86_sha256_update, sha256_digest, SHA256);
+
+const struct nettle_hash x86_sha384 =
+NN_HASH(sha384, x86_sha512_update, sha384_digest, SHA384);
+const struct nettle_hash x86_sha512 =
+NN_HASH(sha512, x86_sha512_update, sha512_digest, SHA512);
+
+const gnutls_crypto_digest_st _gnutls_sha_x86_ssse3 = {
+	.init = wrap_x86_hash_init,
+	.hash = wrap_x86_hash_update,
+	.output = wrap_x86_hash_output,
+	.copy = wrap_x86_hash_copy,
+	.deinit = wrap_x86_hash_deinit,
+	.fast = wrap_x86_hash_fast,
+};
diff --git a/lib/accelerated/x86/sha-x86.h b/lib/accelerated/x86/sha-x86.h
new file mode 100644
index 0000000..6bbbfb8
--- /dev/null
+++ b/lib/accelerated/x86/sha-x86.h
@@ -0,0 +1,19 @@
+#ifndef GNUTLS_LIB_ACCELERATED_X86_SHA_X86_H
+#define GNUTLS_LIB_ACCELERATED_X86_SHA_X86_H
+
+#include <nettle/sha.h>
+
+extern const struct nettle_hash x86_sha1;
+extern const struct nettle_hash x86_sha224;
+extern const struct nettle_hash x86_sha256;
+extern const struct nettle_hash x86_sha384;
+extern const struct nettle_hash x86_sha512;
+
+void x86_sha1_update(struct sha1_ctx *ctx, size_t length, const uint8_t * data);
+void x86_sha256_update(struct sha256_ctx *ctx, size_t length, const uint8_t * data);
+void x86_sha512_update(struct sha512_ctx *ctx, size_t length, const uint8_t * data);
+
+extern const gnutls_crypto_digest_st _gnutls_sha_x86_ssse3;
+extern const gnutls_crypto_mac_st _gnutls_hmac_sha_x86_ssse3;
+
+#endif /* GNUTLS_LIB_ACCELERATED_X86_SHA_X86_H */
diff --git a/lib/accelerated/x86/x86-common.c b/lib/accelerated/x86/x86-common.c
new file mode 100644
index 0000000..d1a76c9
--- /dev/null
+++ b/lib/accelerated/x86/x86-common.c
@@ -0,0 +1,1228 @@
+/*
+ * Copyright (C) 2011-2018 Free Software Foundation, Inc.
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-CBC cipher
+ * using intel's AES instruction set. 
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aes-x86.h>
+#include <sha-x86.h>
+#include <x86-common.h>
+#ifdef HAVE_LIBNETTLE
+# include <nettle/aes.h>		/* for key generation in 192 and 256 bits */
+# include <sha-padlock.h>
+#endif
+#include <aes-padlock.h>
+#ifdef HAVE_CPUID_H
+# include <cpuid.h>
+#else
+# define __get_cpuid(...) 0
+# define __get_cpuid_count(...) 0
+#endif
+
+/* ebx, ecx, edx 
+ * This is a format compatible with openssl's CPUID detection.
+ */
+#if defined(__GNUC__)
+__attribute__((visibility("hidden")))
+#elif defined(__SUNPRO_C)
+__hidden
+#endif
+unsigned int GNUTLS_x86_cpuid_s[4];
+
+#ifndef bit_SHA
+# define bit_SHA (1<<29)
+#endif
+
+/* ecx */
+#ifndef bit_AVX512BITALG
+# define bit_AVX512BITALG 0x4000
+#endif
+
+#ifndef bit_PCLMUL
+# define bit_PCLMUL 0x2
+#endif
+
+#ifndef bit_SSSE3
+/* ecx */
+# define bit_SSSE3 0x0000200
+#endif
+
+#ifndef bit_AES
+# define bit_AES 0x2000000
+#endif
+
+#ifndef bit_AVX
+# define bit_AVX 0x10000000
+#endif
+
+#ifndef bit_AVX2
+# define bit_AVX2 0x00000020
+#endif
+
+#ifndef bit_AVX512F
+# define bit_AVX512F 0x00010000
+#endif
+
+#ifndef bit_AVX512IFMA
+# define bit_AVX512IFMA 0x00200000
+#endif
+
+#ifndef bit_AVX512BW
+# define bit_AVX512BW 0x40000000
+#endif
+
+#ifndef bit_AVX512VL
+# define bit_AVX512VL 0x80000000
+#endif
+
+#ifndef bit_OSXSAVE
+# define bit_OSXSAVE 0x8000000
+#endif
+
+#ifndef bit_MOVBE
+# define bit_MOVBE 0x00400000
+#endif
+
+#define bit_PADLOCK (0x3 << 6)
+#define bit_PADLOCK_PHE (0x3 << 10)
+#define bit_PADLOCK_PHE_SHA512 (0x3 << 25)
+
+/* Our internal bit-string for cpu capabilities. Should be set
+ * in GNUTLS_CPUID_OVERRIDE */
+#define EMPTY_SET 1
+#define INTEL_AES_NI (1<<1)
+#define INTEL_SSSE3 (1<<2)
+#define INTEL_PCLMUL (1<<3)
+#define INTEL_AVX (1<<4)
+#define INTEL_SHA (1<<5)
+#define PADLOCK (1<<20)
+#define PADLOCK_PHE (1<<21)
+#define PADLOCK_PHE_SHA512 (1<<22)
+
+#ifndef HAVE_GET_CPUID_COUNT
+static inline void
+get_cpuid_level7(unsigned int *eax, unsigned int *ebx,
+		 unsigned int *ecx, unsigned int *edx)
+{
+	/* we avoid using __get_cpuid_count, because it is not available with gcc 4.8 */
+	if (__get_cpuid_max(7, 0) < 7)
+		return;
+
+	__cpuid_count(7, 0, *eax, *ebx, *ecx, *edx);
+	return;
+}
+#else
+# define get_cpuid_level7(a,b,c,d) __get_cpuid_count(7, 0, a, b, c, d)
+#endif
+
+static unsigned read_cpuid_vals(unsigned int vals[4])
+{
+	unsigned t1, t2, t3;
+	vals[0] = vals[1] = vals[2] = vals[3] = 0;
+
+	if (!__get_cpuid(1, &t1, &t2, &vals[1], &vals[0]))
+		return 0;
+	/* suppress AVX512; it works conditionally on certain CPUs on the original code */
+	vals[1] &= 0xfffff7ff;
+
+	get_cpuid_level7(&t1, &vals[2], &t2, &t3);
+
+	return 1;
+}
+
+/* Based on the example in "How to detect New Instruction support in
+ * the 4th generation Intel Core processor family.
+ * https://software.intel.com/en-us/articles/how-to-detect-new-instruction-support-in-the-4th-generation-intel-core-processor-family
+ */
+static unsigned check_4th_gen_intel_features(unsigned ecx)
+{
+	uint32_t xcr0;
+
+	if ((ecx & bit_OSXSAVE) != bit_OSXSAVE)
+		return 0;
+
+#if defined(_MSC_VER) && !defined(__clang__)
+	xcr0 = _xgetbv(0);
+#else
+	__asm__ ("xgetbv" : "=a" (xcr0) : "c" (0) : "%edx");
+#endif
+	/* Check if xmm and ymm state are enabled in XCR0. */
+	return (xcr0 & 6) == 6;
+}
+
+static void capabilities_to_intel_cpuid(unsigned capabilities)
+{
+	unsigned a[4];
+
+	if (capabilities & EMPTY_SET) {
+		return;
+	}
+
+	if (!read_cpuid_vals(a))
+		return;
+
+	if (capabilities & INTEL_AES_NI) {
+		if (a[1] & bit_AES) {
+			GNUTLS_x86_cpuid_s[1] |= bit_AES;
+		} else {
+			_gnutls_debug_log
+			    ("AESNI acceleration requested but not available\n");
+		}
+	}
+
+	if (capabilities & INTEL_SSSE3) {
+		if (a[1] & bit_SSSE3) {
+			GNUTLS_x86_cpuid_s[1] |= bit_SSSE3;
+		} else {
+			_gnutls_debug_log
+			    ("SSSE3 acceleration requested but not available\n");
+		}
+	}
+
+	if (capabilities & INTEL_AVX) {
+		if ((a[1] & bit_AVX) && (a[1] & bit_MOVBE) &&
+		    check_4th_gen_intel_features(a[1])) {
+			GNUTLS_x86_cpuid_s[1] |= bit_AVX|bit_MOVBE;
+		} else {
+			_gnutls_debug_log
+			    ("AVX acceleration requested but not available\n");
+		}
+	}
+
+	if (capabilities & INTEL_PCLMUL) {
+		if (a[1] & bit_PCLMUL) {
+			GNUTLS_x86_cpuid_s[1] |= bit_PCLMUL;
+		} else {
+			_gnutls_debug_log
+			    ("PCLMUL acceleration requested but not available\n");
+		}
+	}
+
+	if (capabilities & INTEL_SHA) {
+		if (a[2] & bit_SHA) {
+			GNUTLS_x86_cpuid_s[2] |= bit_SHA;
+		} else {
+			_gnutls_debug_log
+			    ("SHA acceleration requested but not available\n");
+		}
+	}
+}
+
+
+static unsigned check_optimized_aes(void)
+{
+	return (GNUTLS_x86_cpuid_s[1] & bit_AES);
+}
+
+static unsigned check_ssse3(void)
+{
+	return (GNUTLS_x86_cpuid_s[1] & bit_SSSE3);
+}
+
+static unsigned check_sha(void)
+{
+	return (GNUTLS_x86_cpuid_s[2] & bit_SHA);
+}
+
+#ifdef ASM_X86_64
+static unsigned check_avx_movbe(void)
+{
+	return (GNUTLS_x86_cpuid_s[1] & (bit_AVX|bit_MOVBE)) == (bit_AVX|bit_MOVBE);
+}
+
+static unsigned check_pclmul(void)
+{
+	return (GNUTLS_x86_cpuid_s[1] & bit_PCLMUL);
+}
+#endif
+
+#ifdef ENABLE_PADLOCK
+static unsigned capabilities_to_zhaoxin_edx(unsigned capabilities)
+{
+	unsigned a,b,c,t;
+
+	if (capabilities & EMPTY_SET) {
+		return 0;
+	}
+
+	if (!__get_cpuid(1, &t, &a, &b, &c))
+		return 0;
+	if (capabilities & PADLOCK) {
+		if (c & bit_PADLOCK) {
+			GNUTLS_x86_cpuid_s[2] |= bit_PADLOCK;
+		} else {
+			_gnutls_debug_log
+			    ("Padlock acceleration requested but not available\n");
+		}
+	}
+
+	if (capabilities & PADLOCK_PHE) {
+		if (c & bit_PADLOCK_PHE) {
+			GNUTLS_x86_cpuid_s[2] |= bit_PADLOCK_PHE;
+		} else {
+			_gnutls_debug_log
+			    ("Padlock-PHE acceleration requested but not available\n");
+		}
+	}
+
+	if (capabilities & PADLOCK_PHE_SHA512) {
+		if (c & bit_PADLOCK_PHE_SHA512) {
+			GNUTLS_x86_cpuid_s[2] |= bit_PADLOCK_PHE_SHA512;
+		} else {
+			_gnutls_debug_log
+			    ("Padlock-PHE-SHA512 acceleration requested but not available\n");
+		}
+	}
+
+	return GNUTLS_x86_cpuid_s[2];
+}
+
+static int check_padlock(unsigned edx)
+{
+	return ((edx & bit_PADLOCK) == bit_PADLOCK);
+}
+
+static int check_phe(unsigned edx)
+{
+	return ((edx & bit_PADLOCK_PHE) == bit_PADLOCK_PHE);
+}
+
+/* We are actually checking for SHA512 */
+static int check_phe_sha512(unsigned edx)
+{
+	return ((edx & bit_PADLOCK_PHE_SHA512) == bit_PADLOCK_PHE_SHA512);
+}
+
+/* On some of the Zhaoxin CPUs, pclmul has a faster acceleration effect */
+static int check_fast_pclmul(void)
+{
+	unsigned int a,b,c,d;
+	unsigned int family,model;
+
+	if (!__get_cpuid(1, &a, &b, &c, &d))
+		return 0;
+
+	family = ((a >> 8) & 0x0F);
+	model = ((a >> 4) & 0x0F) + ((a >> 12) & 0xF0);
+
+	if (((family == 0x6) && (model == 0xf || model == 0x19)) ||
+	    ((family == 0x7) && (model == 0x1B || model == 0x3B)))
+		return 1;
+	else
+		return 0;
+}
+
+static int check_phe_partial(void)
+{
+	const char text[64] =
+		"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+		"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
+	uint32_t iv[5] = { 0x67452301UL, 0xEFCDAB89UL,
+		0x98BADCFEUL, 0x10325476UL, 0xC3D2E1F0UL
+	};
+
+	/* If EAX is set to -1 (this is the case with padlock_sha1_blocks), the
+	 * xsha1 instruction takes a complete SHA-1 block (64 bytes), while it
+	 * takes arbitrary length data otherwise. */
+	padlock_sha1_blocks(iv, text, 1);
+
+	if (iv[0] == 0xDA4968EBUL && iv[1] == 0x2E377C1FUL &&
+	    iv[2] == 0x884E8F52UL && iv[3] == 0x83524BEBUL &&
+	    iv[4] == 0xE74EBDBDUL)
+		return 1;
+	else
+		return 0;
+}
+
+static unsigned check_zhaoxin(void)
+{
+	unsigned int a, b, c, d;
+
+	if (!__get_cpuid(0, &a, &b, &c, &d))
+		return 0;
+
+	/* Zhaoxin and VIA CPU was detected */
+	if ((memcmp(&b, "Cent", 4) == 0 &&
+	     memcmp(&d, "aurH", 4) == 0 &&
+	     memcmp(&c, "auls", 4) == 0) ||
+	    (memcmp(&b, "  Sh", 4) == 0 &&
+	     memcmp(&d, "angh", 4) == 0 && memcmp(&c, "ai  ", 4) == 0)) {
+		return 1;
+	}
+
+	return 0;
+}
+
+static
+void register_x86_padlock_crypto(unsigned capabilities)
+{
+	int ret, phe;
+	unsigned edx;
+
+	if (check_zhaoxin() == 0)
+		return;
+
+	memset(GNUTLS_x86_cpuid_s, 0, sizeof(GNUTLS_x86_cpuid_s));
+
+	if (capabilities == 0){
+		if(!read_cpuid_vals(GNUTLS_x86_cpuid_s))
+			return;
+		edx = padlock_capability();
+	} else{
+		capabilities_to_intel_cpuid(capabilities);
+		edx = capabilities_to_zhaoxin_edx(capabilities);
+	}
+
+	if (check_ssse3()) {
+		_gnutls_debug_log("Zhaoxin SSSE3 was detected\n");
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_GCM, 90,
+		     &_gnutls_aes_gcm_x86_ssse3, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_192_GCM, 90,
+		     &_gnutls_aes_gcm_x86_ssse3, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_GCM, 90,
+		     &_gnutls_aes_gcm_x86_ssse3, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_CBC, 90, &_gnutls_aes_ssse3, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_192_CBC, 90, &_gnutls_aes_ssse3, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_CBC, 90, &_gnutls_aes_ssse3, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+	}
+
+	if (check_sha() || check_ssse3()) {
+		if (check_sha())
+			_gnutls_debug_log("Zhaoxin SHA was detected\n");
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
+							 80,
+							 &_gnutls_sha_x86_ssse3, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA224,
+							 80,
+							 &_gnutls_sha_x86_ssse3, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
+							 80,
+							 &_gnutls_sha_x86_ssse3, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+
+		ret =
+		    gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA1,
+							 80,
+							 &_gnutls_hmac_sha_x86_ssse3, 0);
+		if (ret < 0)
+			gnutls_assert();
+
+		ret =
+		    gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA224,
+							 80,
+							 &_gnutls_hmac_sha_x86_ssse3, 0);
+		if (ret < 0)
+			gnutls_assert();
+
+		ret =
+		    gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA256,
+							 80,
+							 &_gnutls_hmac_sha_x86_ssse3, 0);
+		if (ret < 0)
+			gnutls_assert();
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA384,
+							 80,
+							 &_gnutls_sha_x86_ssse3, 0);
+		if (ret < 0)
+			gnutls_assert();
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA512,
+							 80,
+							 &_gnutls_sha_x86_ssse3, 0);
+		if (ret < 0)
+			gnutls_assert();
+		ret =
+		    gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA384,
+							 80,
+							 &_gnutls_hmac_sha_x86_ssse3, 0);
+		if (ret < 0)
+			gnutls_assert();
+
+		ret =
+		    gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA512,
+							 80,
+							 &_gnutls_hmac_sha_x86_ssse3, 0);
+		if (ret < 0)
+			gnutls_assert();
+	}
+
+	if (check_optimized_aes()) {
+		_gnutls_debug_log("Zhaoxin AES accelerator was detected\n");
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_CBC, 80, &_gnutls_aesni_x86, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_192_CBC, 80, &_gnutls_aesni_x86, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_CBC, 80, &_gnutls_aesni_x86, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_CCM, 80,
+		     &_gnutls_aes_ccm_x86_aesni, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_CCM, 80,
+		     &_gnutls_aes_ccm_x86_aesni, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_CCM_8, 80,
+		     &_gnutls_aes_ccm_x86_aesni, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_CCM_8, 80,
+		     &_gnutls_aes_ccm_x86_aesni, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_XTS, 80,
+		     &_gnutls_aes_xts_x86_aesni, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_XTS, 80,
+		     &_gnutls_aes_xts_x86_aesni, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+#ifdef ASM_X86_64
+		if (check_pclmul()) {
+			/* register GCM ciphers */
+			_gnutls_debug_log
+				("Zhaoxin GCM accelerator was detected\n");
+			if (check_avx_movbe() && check_fast_pclmul()) {
+				_gnutls_debug_log
+				    ("Zhaoxin GCM accelerator (AVX) was detected\n");
+				ret =
+				    gnutls_crypto_single_cipher_register
+				    (GNUTLS_CIPHER_AES_128_GCM, 80,
+				     &_gnutls_aes_gcm_pclmul_avx, 0);
+				if (ret < 0) {
+					gnutls_assert();
+				}
+
+				ret =
+				    gnutls_crypto_single_cipher_register
+				    (GNUTLS_CIPHER_AES_192_GCM, 80,
+				     &_gnutls_aes_gcm_pclmul_avx, 0);
+				if (ret < 0) {
+					gnutls_assert();
+				}
+
+				ret =
+				    gnutls_crypto_single_cipher_register
+				    (GNUTLS_CIPHER_AES_256_GCM, 80,
+				     &_gnutls_aes_gcm_pclmul_avx, 0);
+				if (ret < 0) {
+					gnutls_assert();
+				}
+			} else {
+				ret =
+					gnutls_crypto_single_cipher_register
+					(GNUTLS_CIPHER_AES_128_GCM, 80,
+					&_gnutls_aes_gcm_pclmul, 0);
+				if (ret < 0) {
+					gnutls_assert();
+				}
+
+				ret =
+					gnutls_crypto_single_cipher_register
+					(GNUTLS_CIPHER_AES_192_GCM, 80,
+					&_gnutls_aes_gcm_pclmul, 0);
+				if (ret < 0) {
+					gnutls_assert();
+				}
+
+				ret =
+					gnutls_crypto_single_cipher_register
+					(GNUTLS_CIPHER_AES_256_GCM, 80,
+					&_gnutls_aes_gcm_pclmul, 0);
+				if (ret < 0) {
+					gnutls_assert();
+				}
+			}
+		} else
+#endif
+		{
+			ret =
+			    gnutls_crypto_single_cipher_register
+			    (GNUTLS_CIPHER_AES_128_GCM, 80,
+			     &_gnutls_aes_gcm_x86_aesni, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+
+			ret =
+			    gnutls_crypto_single_cipher_register
+			    (GNUTLS_CIPHER_AES_192_GCM, 80,
+			     &_gnutls_aes_gcm_x86_aesni, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+
+			ret =
+			    gnutls_crypto_single_cipher_register
+			    (GNUTLS_CIPHER_AES_256_GCM, 80,
+			     &_gnutls_aes_gcm_x86_aesni, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+		}
+	}
+
+	if (check_padlock(edx)) {
+		_gnutls_debug_log
+		    ("Padlock AES accelerator was detected\n");
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_CBC, 80, &_gnutls_aes_padlock, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_192_CBC, 80, &_gnutls_aes_padlock, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		/* register GCM ciphers */
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_GCM, 90,
+		     &_gnutls_aes_gcm_padlock, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_CBC, 80, &_gnutls_aes_padlock, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_GCM, 90,
+		     &_gnutls_aes_gcm_padlock, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+	}
+
+	if(!check_optimized_aes() && !check_padlock(edx))
+		_gnutls_priority_update_non_aesni();
+
+#ifdef HAVE_LIBNETTLE
+	phe = check_phe(edx);
+
+	if (phe && check_phe_partial()) {
+		_gnutls_debug_log
+		    ("Padlock SHA1 and SHA256 (partial) accelerator was detected\n");
+		if (check_phe_sha512(edx)) {
+			_gnutls_debug_log
+			    ("Padlock SHA512 (partial) accelerator was detected\n");
+			ret =
+			    gnutls_crypto_single_digest_register
+			    (GNUTLS_DIG_SHA384, 80,
+			     &_gnutls_sha_padlock, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+
+			ret =
+			    gnutls_crypto_single_digest_register
+			    (GNUTLS_DIG_SHA512, 80,
+			     &_gnutls_sha_padlock, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+
+			ret =
+			    gnutls_crypto_single_mac_register
+			    (GNUTLS_MAC_SHA384, 80,
+			     &_gnutls_hmac_sha_padlock, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+
+			ret =
+			    gnutls_crypto_single_mac_register
+			    (GNUTLS_MAC_SHA512, 80,
+			     &_gnutls_hmac_sha_padlock, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+		}
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
+							 90,
+							 &_gnutls_sha_padlock, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA224,
+							 90,
+							 &_gnutls_sha_padlock, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
+							 90,
+							 &_gnutls_sha_padlock, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA1,
+						      90,
+						      &_gnutls_hmac_sha_padlock, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		/* we don't register MAC_SHA224 because it is not used by TLS */
+
+		ret =
+		    gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA256,
+						      90,
+						      &_gnutls_hmac_sha_padlock, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+	} else if (phe) {
+		/* Original padlock PHE. Does not support incremental operations.
+		 */
+		_gnutls_debug_log
+		    ("Padlock SHA1 and SHA256 accelerator was detected\n");
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
+							 90,
+							 &_gnutls_sha_padlock_oneshot, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
+							 90,
+							 &_gnutls_sha_padlock_oneshot, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA1,
+						      90,
+						      &_gnutls_hmac_sha_padlock_oneshot, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA256,
+						      90,
+						      &_gnutls_hmac_sha_padlock_oneshot, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+	}
+#endif
+
+	return;
+}
+#endif
+
+enum x86_cpu_vendor {
+	X86_CPU_VENDOR_OTHER,
+	X86_CPU_VENDOR_INTEL,
+	X86_CPU_VENDOR_AMD,
+};
+
+static enum x86_cpu_vendor check_x86_cpu_vendor(void)
+{
+	unsigned int a, b, c, d;
+
+	if (!__get_cpuid(0, &a, &b, &c, &d)) {
+		return X86_CPU_VENDOR_OTHER;
+	}
+
+	if (memcmp(&b, "Genu", 4) == 0 &&
+	    memcmp(&d, "ineI", 4) == 0 &&
+	    memcmp(&c, "ntel", 4) == 0) {
+		return X86_CPU_VENDOR_INTEL;
+	}
+
+	if (memcmp(&b, "Auth", 4) == 0 &&
+	    memcmp(&d, "enti", 4) == 0 &&
+	    memcmp(&c, "cAMD", 4) == 0) {
+		return X86_CPU_VENDOR_AMD;
+	}
+
+	return X86_CPU_VENDOR_OTHER;
+}
+
+static
+void register_x86_intel_crypto(unsigned capabilities)
+{
+	int ret;
+	enum x86_cpu_vendor vendor;
+
+	memset(GNUTLS_x86_cpuid_s, 0, sizeof(GNUTLS_x86_cpuid_s));
+
+	vendor = check_x86_cpu_vendor();
+	if (vendor == X86_CPU_VENDOR_OTHER) {
+		return;
+	}
+
+	if (capabilities == 0) {
+		if (!read_cpuid_vals(GNUTLS_x86_cpuid_s))
+			return;
+		if (!check_4th_gen_intel_features(GNUTLS_x86_cpuid_s[1])) {
+			GNUTLS_x86_cpuid_s[1] &= ~bit_AVX;
+
+			/* Clear AVX2 bits as well, according to what
+			 * OpenSSL does.  Should we clear
+			 * bit_AVX512DQ, bit_AVX512PF, bit_AVX512ER,
+			 * and bit_AVX512CD? */
+			GNUTLS_x86_cpuid_s[2] &= ~(bit_AVX2|
+						    bit_AVX512F|
+						    bit_AVX512IFMA|
+						    bit_AVX512BW|
+						    bit_AVX512BW);
+		}
+	} else {
+		capabilities_to_intel_cpuid(capabilities);
+	}
+
+	/* CRYPTOGAMS uses the (1 << 30) bit as an indicator of Intel CPUs */
+	if (vendor == X86_CPU_VENDOR_INTEL) {
+		GNUTLS_x86_cpuid_s[0] |= 1 << 30;
+	} else {
+		GNUTLS_x86_cpuid_s[0] &= ~(1 << 30);
+	}
+
+	if (check_ssse3()) {
+		_gnutls_debug_log("Intel SSSE3 was detected\n");
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_GCM, 90,
+		     &_gnutls_aes_gcm_x86_ssse3, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_192_GCM, 90,
+		     &_gnutls_aes_gcm_x86_ssse3, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_GCM, 90,
+		     &_gnutls_aes_gcm_x86_ssse3, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_CBC, 90, &_gnutls_aes_ssse3, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_192_CBC, 90, &_gnutls_aes_ssse3, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_CBC, 90, &_gnutls_aes_ssse3, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+	}
+
+	if (check_sha() || check_ssse3()) {
+		if (check_sha())
+			_gnutls_debug_log("Intel SHA was detected\n");
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
+							 80,
+							 &_gnutls_sha_x86_ssse3, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA224,
+							 80,
+							 &_gnutls_sha_x86_ssse3, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
+							 80,
+							 &_gnutls_sha_x86_ssse3, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+
+		ret =
+		    gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA1,
+							 80,
+							 &_gnutls_hmac_sha_x86_ssse3, 0);
+		if (ret < 0)
+			gnutls_assert();
+
+		ret =
+		    gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA224,
+							 80,
+							 &_gnutls_hmac_sha_x86_ssse3, 0);
+		if (ret < 0)
+			gnutls_assert();
+
+		ret =
+		    gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA256,
+							 80,
+							 &_gnutls_hmac_sha_x86_ssse3, 0);
+		if (ret < 0)
+			gnutls_assert();
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA384,
+							 80,
+							 &_gnutls_sha_x86_ssse3, 0);
+		if (ret < 0)
+			gnutls_assert();
+
+		ret =
+		    gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA512,
+							 80,
+							 &_gnutls_sha_x86_ssse3, 0);
+		if (ret < 0)
+			gnutls_assert();
+		ret =
+		    gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA384,
+							 80,
+							 &_gnutls_hmac_sha_x86_ssse3, 0);
+		if (ret < 0)
+			gnutls_assert();
+
+		ret =
+		    gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA512,
+							 80,
+							 &_gnutls_hmac_sha_x86_ssse3, 0);
+		if (ret < 0)
+			gnutls_assert();
+	}
+
+	if (check_optimized_aes()) {
+		_gnutls_debug_log("Intel AES accelerator was detected\n");
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_CBC, 80, &_gnutls_aesni_x86, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_192_CBC, 80, &_gnutls_aesni_x86, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_CBC, 80, &_gnutls_aesni_x86, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_CCM, 80,
+		     &_gnutls_aes_ccm_x86_aesni, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_CCM, 80,
+		     &_gnutls_aes_ccm_x86_aesni, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_CCM_8, 80,
+		     &_gnutls_aes_ccm_x86_aesni, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_CCM_8, 80,
+		     &_gnutls_aes_ccm_x86_aesni, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_128_XTS, 80,
+		     &_gnutls_aes_xts_x86_aesni, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+		ret =
+		    gnutls_crypto_single_cipher_register
+		    (GNUTLS_CIPHER_AES_256_XTS, 80,
+		     &_gnutls_aes_xts_x86_aesni, 0);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+
+#ifdef ASM_X86_64
+		if (check_pclmul()) {
+			/* register GCM ciphers */
+			if (check_avx_movbe()) {
+				_gnutls_debug_log
+				    ("Intel GCM accelerator (AVX) was detected\n");
+				ret =
+				    gnutls_crypto_single_cipher_register
+				    (GNUTLS_CIPHER_AES_128_GCM, 80,
+				     &_gnutls_aes_gcm_pclmul_avx, 0);
+				if (ret < 0) {
+					gnutls_assert();
+				}
+
+				ret =
+				    gnutls_crypto_single_cipher_register
+				    (GNUTLS_CIPHER_AES_192_GCM, 80,
+				     &_gnutls_aes_gcm_pclmul_avx, 0);
+				if (ret < 0) {
+					gnutls_assert();
+				}
+
+				ret =
+				    gnutls_crypto_single_cipher_register
+				    (GNUTLS_CIPHER_AES_256_GCM, 80,
+				     &_gnutls_aes_gcm_pclmul_avx, 0);
+				if (ret < 0) {
+					gnutls_assert();
+				}
+			} else {
+				_gnutls_debug_log
+				    ("Intel GCM accelerator was detected\n");
+				ret =
+				    gnutls_crypto_single_cipher_register
+				    (GNUTLS_CIPHER_AES_128_GCM, 80,
+				     &_gnutls_aes_gcm_pclmul, 0);
+				if (ret < 0) {
+					gnutls_assert();
+				}
+
+				ret =
+				    gnutls_crypto_single_cipher_register
+				    (GNUTLS_CIPHER_AES_192_GCM, 80,
+				     &_gnutls_aes_gcm_pclmul, 0);
+				if (ret < 0) {
+					gnutls_assert();
+				}
+
+				ret =
+				    gnutls_crypto_single_cipher_register
+				    (GNUTLS_CIPHER_AES_256_GCM, 80,
+				     &_gnutls_aes_gcm_pclmul, 0);
+				if (ret < 0) {
+					gnutls_assert();
+				}
+			}
+		} else
+#endif
+		{
+			ret =
+			    gnutls_crypto_single_cipher_register
+			    (GNUTLS_CIPHER_AES_128_GCM, 80,
+			     &_gnutls_aes_gcm_x86_aesni, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+
+			ret =
+			    gnutls_crypto_single_cipher_register
+			    (GNUTLS_CIPHER_AES_192_GCM, 80,
+			     &_gnutls_aes_gcm_x86_aesni, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+
+			ret =
+			    gnutls_crypto_single_cipher_register
+			    (GNUTLS_CIPHER_AES_256_GCM, 80,
+			     &_gnutls_aes_gcm_x86_aesni, 0);
+			if (ret < 0) {
+				gnutls_assert();
+			}
+		}
+	} else {
+		_gnutls_priority_update_non_aesni();
+	}
+
+	return;
+}
+
+
+void register_x86_crypto(void)
+{
+	unsigned capabilities = 0;
+	char *p;
+	p = secure_getenv("GNUTLS_CPUID_OVERRIDE");
+	if (p) {
+		capabilities = strtol(p, NULL, 0);
+	}
+
+	register_x86_intel_crypto(capabilities);
+#ifdef ENABLE_PADLOCK
+	register_x86_padlock_crypto(capabilities);
+#endif
+}
+
diff --git a/lib/accelerated/x86/x86-common.h b/lib/accelerated/x86/x86-common.h
new file mode 100644
index 0000000..d15786f
--- /dev/null
+++ b/lib/accelerated/x86/x86-common.h
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ *
+ */
+#ifndef GNUTLS_LIB_ACCELERATED_X86_X86_COMMON_H
+# define GNUTLS_LIB_ACCELERATED_X86_X86_COMMON_H
+
+#include <config.h>
+
+#if defined(ASM_X86)
+
+void gnutls_cpuid(unsigned int func, unsigned int *ax, unsigned int *bx,
+		  unsigned int *cx, unsigned int *dx);
+
+#endif
+
+#define CHECK_AES_KEYSIZE(s) \
+	if (s != 16 && s != 24 && s != 32) \
+		return GNUTLS_E_INVALID_REQUEST
+
+#define NN_HASH(name, update_func, digest_func, NAME) {	\
+ #name,						\
+ sizeof(struct name##_ctx),			\
+ NAME##_DIGEST_SIZE,				\
+ NAME##_DATA_SIZE,				\
+ (nettle_hash_init_func *) name##_init,		\
+ (nettle_hash_update_func *) update_func,	\
+ (nettle_hash_digest_func *) digest_func	\
+} 
+
+#endif
diff --git a/lib/alert.c b/lib/alert.c
new file mode 100644
index 0000000..50bd1d3
--- /dev/null
+++ b/lib/alert.c
@@ -0,0 +1,419 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <record.h>
+#include <debug.h>
+#include "str.h"
+#include <system/ktls.h>
+
+typedef struct {
+	gnutls_alert_description_t alert;
+	const char *name;
+	const char *desc;
+} gnutls_alert_entry;
+
+#define ALERT_ENTRY(x,y) \
+  {x, #x, y}
+
+static const gnutls_alert_entry sup_alerts[] = {
+	ALERT_ENTRY(GNUTLS_A_CLOSE_NOTIFY, N_("Close notify")),
+	ALERT_ENTRY(GNUTLS_A_UNEXPECTED_MESSAGE, N_("Unexpected message")),
+	ALERT_ENTRY(GNUTLS_A_BAD_RECORD_MAC, N_("Bad record MAC")),
+	ALERT_ENTRY(GNUTLS_A_DECRYPTION_FAILED, N_("Decryption failed")),
+	ALERT_ENTRY(GNUTLS_A_RECORD_OVERFLOW, N_("Record overflow")),
+	ALERT_ENTRY(GNUTLS_A_DECOMPRESSION_FAILURE,
+		    N_("Decompression failed")),
+	ALERT_ENTRY(GNUTLS_A_HANDSHAKE_FAILURE, N_("Handshake failed")),
+	ALERT_ENTRY(GNUTLS_A_BAD_CERTIFICATE, N_("Certificate is bad")),
+	ALERT_ENTRY(GNUTLS_A_UNSUPPORTED_CERTIFICATE,
+		    N_("Certificate is not supported")),
+	ALERT_ENTRY(GNUTLS_A_CERTIFICATE_REVOKED,
+		    N_("Certificate was revoked")),
+	ALERT_ENTRY(GNUTLS_A_CERTIFICATE_EXPIRED,
+		    N_("Certificate is expired")),
+	ALERT_ENTRY(GNUTLS_A_CERTIFICATE_UNKNOWN,
+		    N_("Unknown certificate")),
+	ALERT_ENTRY(GNUTLS_A_ILLEGAL_PARAMETER, N_("Illegal parameter")),
+	ALERT_ENTRY(GNUTLS_A_UNKNOWN_CA, N_("CA is unknown")),
+	ALERT_ENTRY(GNUTLS_A_ACCESS_DENIED, N_("Access was denied")),
+	ALERT_ENTRY(GNUTLS_A_DECODE_ERROR, N_("Decode error")),
+	ALERT_ENTRY(GNUTLS_A_DECRYPT_ERROR, N_("Decrypt error")),
+	ALERT_ENTRY(GNUTLS_A_EXPORT_RESTRICTION, N_("Export restriction")),
+	ALERT_ENTRY(GNUTLS_A_PROTOCOL_VERSION,
+		    N_("Error in protocol version")),
+	ALERT_ENTRY(GNUTLS_A_INSUFFICIENT_SECURITY,
+		    N_("Insufficient security")),
+	ALERT_ENTRY(GNUTLS_A_USER_CANCELED, N_("User canceled")),
+	ALERT_ENTRY(GNUTLS_A_SSL3_NO_CERTIFICATE,
+		    N_("No certificate (SSL 3.0)")),
+	ALERT_ENTRY(GNUTLS_A_INTERNAL_ERROR, N_("Internal error")),
+	ALERT_ENTRY(GNUTLS_A_INAPPROPRIATE_FALLBACK,
+		    N_("Inappropriate fallback")),
+	ALERT_ENTRY(GNUTLS_A_NO_RENEGOTIATION,
+		    N_("No renegotiation is allowed")),
+	ALERT_ENTRY(GNUTLS_A_CERTIFICATE_UNOBTAINABLE,
+		    N_("Could not retrieve the specified certificate")),
+	ALERT_ENTRY(GNUTLS_A_UNSUPPORTED_EXTENSION,
+		    N_("An unsupported extension was sent")),
+	ALERT_ENTRY(GNUTLS_A_UNRECOGNIZED_NAME,
+		    N_("The server name sent was not recognized")),
+	ALERT_ENTRY(GNUTLS_A_UNKNOWN_PSK_IDENTITY,
+		    N_("The SRP/PSK username is missing or not known")),
+	ALERT_ENTRY(GNUTLS_A_MISSING_EXTENSION,
+		    N_("An extension was expected but was not seen")),
+	ALERT_ENTRY(GNUTLS_A_NO_APPLICATION_PROTOCOL,
+		    N_
+		    ("No supported application protocol could be negotiated")),
+	ALERT_ENTRY(GNUTLS_A_CERTIFICATE_REQUIRED,
+		    N_("Certificate is required")),
+	{0, NULL, NULL}
+};
+
+/**
+ * gnutls_alert_get_name:
+ * @alert: is an alert number.
+ *
+ * This function will return a string that describes the given alert
+ * number, or %NULL.  See gnutls_alert_get().
+ *
+ * Returns: string corresponding to #gnutls_alert_description_t value.
+ **/
+const char *gnutls_alert_get_name(gnutls_alert_description_t alert)
+{
+	const gnutls_alert_entry *p;
+
+	for (p = sup_alerts; p->desc != NULL; p++)
+		if (p->alert == alert)
+			return _(p->desc);
+
+	return NULL;
+}
+
+/**
+ * gnutls_alert_get_strname:
+ * @alert: is an alert number.
+ *
+ * This function will return a string of the name of the alert.
+ *
+ * Returns: string corresponding to #gnutls_alert_description_t value.
+ *
+ * Since: 3.0
+ **/
+const char *gnutls_alert_get_strname(gnutls_alert_description_t alert)
+{
+	const gnutls_alert_entry *p;
+
+	for (p = sup_alerts; p->name != NULL; p++)
+		if (p->alert == alert)
+			return p->name;
+
+	return NULL;
+}
+
+/**
+ * gnutls_alert_send:
+ * @session: is a #gnutls_session_t type.
+ * @level: is the level of the alert
+ * @desc: is the alert description
+ *
+ * This function will send an alert to the peer in order to inform
+ * him of something important (eg. his Certificate could not be verified).
+ * If the alert level is Fatal then the peer is expected to close the
+ * connection, otherwise he may ignore the alert and continue.
+ *
+ * The error code of the underlying record send function will be
+ * returned, so you may also receive %GNUTLS_E_INTERRUPTED or
+ * %GNUTLS_E_AGAIN as well.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ **/
+int
+gnutls_alert_send(gnutls_session_t session, gnutls_alert_level_t level,
+		  gnutls_alert_description_t desc)
+{
+	uint8_t data[2];
+	int ret;
+	const char *name;
+
+	data[0] = (uint8_t) level;
+	data[1] = (uint8_t) desc;
+
+	name = gnutls_alert_get_name((gnutls_alert_description_t) data[1]);
+	if (name == NULL)
+		name = "(unknown)";
+	_gnutls_record_log("REC: Sending Alert[%d|%d] - %s\n", data[0],
+			   data[1], name);
+
+	if (session->internals.alert_read_func) {
+		record_parameters_st *params;
+
+		ret = _gnutls_epoch_get(session, EPOCH_WRITE_CURRENT, &params);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		ret = session->internals.alert_read_func(session,
+						     params->write.level,
+						     level,
+						     desc);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		return ret;
+	}
+
+	if (IS_KTLS_ENABLED(session, GNUTLS_KTLS_SEND)) {
+		ret =
+			_gnutls_ktls_send_control_msg(session, GNUTLS_ALERT, data, 2);
+	} else {
+		ret =
+			_gnutls_send_int(session, GNUTLS_ALERT, -1,
+				EPOCH_WRITE_CURRENT, data, 2,
+				MBUFFER_FLUSH);
+	}
+	return (ret < 0) ? ret : 0;
+}
+
+/**
+ * gnutls_error_to_alert:
+ * @err: is a negative integer
+ * @level: the alert level will be stored there
+ *
+ * Get an alert depending on the error code returned by a gnutls
+ * function.  All alerts sent by this function should be considered
+ * fatal.  The only exception is when @err is %GNUTLS_E_REHANDSHAKE,
+ * where a warning alert should be sent to the peer indicating that no
+ * renegotiation will be performed.
+ *
+ * If there is no mapping to a valid alert the alert to indicate
+ * internal error (%GNUTLS_A_INTERNAL_ERROR) is returned.
+ *
+ * Returns: the alert code to use for a particular error code.
+ **/
+int gnutls_error_to_alert(int err, int *level)
+{
+	int ret, _level = -1;
+
+	switch (err) {		/* send appropriate alert */
+	case GNUTLS_E_PK_SIG_VERIFY_FAILED:
+	case GNUTLS_E_ERROR_IN_FINISHED_PACKET:
+		ret = GNUTLS_A_DECRYPT_ERROR;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_DECRYPTION_FAILED:
+		/* GNUTLS_A_DECRYPTION_FAILED is not sent, because
+		 * it is not defined in SSL3. Note that we must
+		 * not distinguish Decryption failures from mac
+		 * check failures, due to the possibility of some
+		 * attacks.
+		 */
+		ret = GNUTLS_A_BAD_RECORD_MAC;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_UNEXPECTED_PACKET_LENGTH:
+	case GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH:
+	case GNUTLS_E_NO_CERTIFICATE_FOUND:
+	case GNUTLS_E_HANDSHAKE_TOO_LARGE:
+		ret = GNUTLS_A_DECODE_ERROR;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_DECOMPRESSION_FAILED:
+		ret = GNUTLS_A_DECOMPRESSION_FAILURE;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_ILLEGAL_PARAMETER:
+	case GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER:
+	case GNUTLS_E_ILLEGAL_SRP_USERNAME:
+	case GNUTLS_E_PK_INVALID_PUBKEY:
+	case GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM:
+	case GNUTLS_E_RECEIVED_DISALLOWED_NAME:
+	case GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY:
+		ret = GNUTLS_A_ILLEGAL_PARAMETER;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_UNKNOWN_SRP_USERNAME:
+		ret = GNUTLS_A_UNKNOWN_PSK_IDENTITY;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_ASN1_ELEMENT_NOT_FOUND:
+	case GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND:
+	case GNUTLS_E_ASN1_DER_ERROR:
+	case GNUTLS_E_ASN1_VALUE_NOT_FOUND:
+	case GNUTLS_E_ASN1_GENERIC_ERROR:
+	case GNUTLS_E_ASN1_VALUE_NOT_VALID:
+	case GNUTLS_E_ASN1_TAG_ERROR:
+	case GNUTLS_E_ASN1_TAG_IMPLICIT:
+	case GNUTLS_E_ASN1_TYPE_ANY_ERROR:
+	case GNUTLS_E_ASN1_SYNTAX_ERROR:
+	case GNUTLS_E_ASN1_DER_OVERFLOW:
+	case GNUTLS_E_CERTIFICATE_ERROR:
+	case GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR:
+		ret = GNUTLS_A_BAD_CERTIFICATE;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_UNKNOWN_CIPHER_SUITE:
+	case GNUTLS_E_INSUFFICIENT_CREDENTIALS:
+	case GNUTLS_E_NO_CIPHER_SUITES:
+	case GNUTLS_E_NO_COMPRESSION_ALGORITHMS:
+	case GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM:
+	case GNUTLS_E_SAFE_RENEGOTIATION_FAILED:
+	case GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL:
+	case GNUTLS_E_UNKNOWN_PK_ALGORITHM:
+	case GNUTLS_E_UNWANTED_ALGORITHM:
+	case GNUTLS_E_NO_COMMON_KEY_SHARE:
+	case GNUTLS_E_ECC_NO_SUPPORTED_CURVES:
+	case GNUTLS_E_ECC_UNSUPPORTED_CURVE:
+		ret = GNUTLS_A_HANDSHAKE_FAILURE;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION:
+		ret = GNUTLS_A_UNSUPPORTED_EXTENSION;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_MISSING_EXTENSION:
+		ret = GNUTLS_A_MISSING_EXTENSION;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_USER_ERROR:
+		ret = GNUTLS_A_USER_CANCELED;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_UNEXPECTED_PACKET:
+	case GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET:
+	case GNUTLS_E_PREMATURE_TERMINATION:
+		ret = GNUTLS_A_UNEXPECTED_MESSAGE;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_REHANDSHAKE:
+	case GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED:
+		ret = GNUTLS_A_NO_RENEGOTIATION;
+		_level = GNUTLS_AL_WARNING;
+		break;
+	case GNUTLS_E_UNSUPPORTED_VERSION_PACKET:
+		ret = GNUTLS_A_PROTOCOL_VERSION;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE:
+		ret = GNUTLS_A_UNSUPPORTED_CERTIFICATE;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_RECORD_OVERFLOW:
+		ret = GNUTLS_A_RECORD_OVERFLOW;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_INTERNAL_ERROR:
+	case GNUTLS_E_NO_TEMPORARY_DH_PARAMS:
+	case GNUTLS_E_NO_TEMPORARY_RSA_PARAMS:
+		ret = GNUTLS_A_INTERNAL_ERROR;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_INAPPROPRIATE_FALLBACK:
+		ret = GNUTLS_A_INAPPROPRIATE_FALLBACK;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_OPENPGP_GETKEY_FAILED:
+		ret = GNUTLS_A_CERTIFICATE_UNOBTAINABLE;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_DH_PRIME_UNACCEPTABLE:
+	case GNUTLS_E_SESSION_USER_ID_CHANGED:
+	case GNUTLS_E_INSUFFICIENT_SECURITY:
+		ret = GNUTLS_A_INSUFFICIENT_SECURITY;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_NO_APPLICATION_PROTOCOL:
+		ret = GNUTLS_A_NO_APPLICATION_PROTOCOL;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_UNRECOGNIZED_NAME:
+		ret = GNUTLS_A_UNRECOGNIZED_NAME;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	case GNUTLS_E_CERTIFICATE_REQUIRED:
+		ret = GNUTLS_A_CERTIFICATE_REQUIRED;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	default:
+		ret = GNUTLS_A_INTERNAL_ERROR;
+		_level = GNUTLS_AL_FATAL;
+		break;
+	}
+
+	if (level != NULL)
+		*level = _level;
+
+	return ret;
+}
+
+/**
+ * gnutls_alert_send_appropriate:
+ * @session: is a #gnutls_session_t type.
+ * @err: is an error code returned by another GnuTLS function
+ *
+ * Sends an alert to the peer depending on the error code returned by
+ * a gnutls function. This function will call gnutls_error_to_alert()
+ * to determine the appropriate alert to send.
+ *
+ * This function may also return %GNUTLS_E_AGAIN, or
+ * %GNUTLS_E_INTERRUPTED.
+ *
+ * This function historically was always sending an alert to the
+ * peer, even if @err was inappropriate to respond with an alert
+ * (e.g., %GNUTLS_E_SUCCESS). Since 3.6.6 this function returns
+ * success without transmitting any data on error codes that
+ * should not result to an alert.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ */
+int gnutls_alert_send_appropriate(gnutls_session_t session, int err)
+{
+	int alert;
+	int level;
+
+	if (err != GNUTLS_E_REHANDSHAKE && (!gnutls_error_is_fatal(err) ||
+	    err == GNUTLS_E_FATAL_ALERT_RECEIVED))
+		return gnutls_assert_val(0);
+
+	alert = gnutls_error_to_alert(err, &level);
+
+	return gnutls_alert_send(session, (gnutls_alert_level_t)level, alert);
+}
+
+/**
+ * gnutls_alert_get:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function will return the last alert number received.  This
+ * function should be called when %GNUTLS_E_WARNING_ALERT_RECEIVED or
+ * %GNUTLS_E_FATAL_ALERT_RECEIVED errors are returned by a gnutls
+ * function.  The peer may send alerts if he encounters an error.
+ * If no alert has been received the returned value is undefined.
+ *
+ * Returns: the last alert received, a
+ *   #gnutls_alert_description_t value.
+ **/
+gnutls_alert_description_t gnutls_alert_get(gnutls_session_t session)
+{
+	return (gnutls_alert_description_t)session->internals.last_alert;
+}
diff --git a/lib/algorithms.h b/lib/algorithms.h
new file mode 100644
index 0000000..2c33a72
--- /dev/null
+++ b/lib/algorithms.h
@@ -0,0 +1,578 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_ALGORITHMS_H
+#define GNUTLS_LIB_ALGORITHMS_H
+
+#include "auth.h"
+
+#ifdef DISABLE_SYSTEM_CONFIG
+# define SYSTEM_CONFIG_OR_CONST const
+#else
+# define SYSTEM_CONFIG_OR_CONST
+#endif
+
+#define version_to_entry _gnutls_version_to_entry
+
+#define GNUTLS_RENEGO_PROTECTION_REQUEST_MAJOR 0x00
+#define GNUTLS_RENEGO_PROTECTION_REQUEST_MINOR 0xFF
+
+#define GNUTLS_FALLBACK_SCSV_MAJOR 0x56
+#define GNUTLS_FALLBACK_SCSV_MINOR 0x00
+
+#define IS_GOSTEC(x) (((x)==GNUTLS_PK_GOST_01)	|| \
+		      ((x)==GNUTLS_PK_GOST_12_256)|| \
+		      ((x)==GNUTLS_PK_GOST_12_512))
+
+#define IS_EC(x) (((x)==GNUTLS_PK_ECDSA)|| \
+		  ((x)==GNUTLS_PK_ECDH_X25519)||((x)==GNUTLS_PK_EDDSA_ED25519)|| \
+		  ((x)==GNUTLS_PK_ECDH_X448)||((x)==GNUTLS_PK_EDDSA_ED448))
+
+#define SIG_SEM_PRE_TLS12 (1<<1)
+#define SIG_SEM_TLS13 (1<<2)
+#define SIG_SEM_DEFAULT (SIG_SEM_PRE_TLS12|SIG_SEM_TLS13)
+
+#define TLS_SIGN_AID_UNKNOWN {{255, 255}, 0}
+#define HAVE_UNKNOWN_SIGAID(aid) ((aid)->id[0] == 255 && (aid)->id[1] == 255)
+
+#define CS_INVALID_MAJOR 0x00
+#define CS_INVALID_MINOR 0x00
+
+/* Functions for version handling. */
+const version_entry_st *version_to_entry(gnutls_protocol_t version);
+const version_entry_st *nversion_to_entry(uint8_t major, uint8_t minor);
+const version_entry_st *_gnutls_version_lowest(gnutls_session_t session);
+
+const version_entry_st *_gnutls_legacy_version_max(gnutls_session_t session);
+const version_entry_st *_gnutls_version_max(gnutls_session_t session);
+int _gnutls_version_priority(gnutls_session_t session,
+			     gnutls_protocol_t version);
+int _gnutls_nversion_is_supported(gnutls_session_t session,
+				  unsigned char major, unsigned char minor);
+gnutls_protocol_t _gnutls_version_get(uint8_t major, uint8_t minor);
+unsigned _gnutls_version_is_too_high(gnutls_session_t session, uint8_t major, uint8_t minor);
+
+int _gnutls_write_supported_versions(gnutls_session_t session, uint8_t *buffer, ssize_t buffer_size);
+
+/* Functions for feature checks */
+int
+_gnutls_figure_common_ciphersuite(gnutls_session_t session,
+				  const ciphersuite_list_st *peer_clist,
+				  const gnutls_cipher_suite_entry_st **ce);
+
+inline static int
+_gnutls_version_has_selectable_prf(const version_entry_st * ver)
+{
+	if (unlikely(ver == NULL))
+		return 0;
+	return ver->selectable_prf;
+}
+
+inline static int
+_gnutls_version_has_selectable_sighash(const version_entry_st * ver)
+{
+	if (unlikely(ver == NULL))
+		return 0;
+	return ver->selectable_sighash;
+}
+
+inline static
+int _gnutls_version_has_extensions(const version_entry_st * ver)
+{
+	if (unlikely(ver == NULL))
+		return 0;
+	return ver->extensions;
+}
+
+inline static
+int _gnutls_version_has_explicit_iv(const version_entry_st * ver)
+{
+	if (unlikely(ver == NULL))
+		return 0;
+	return ver->explicit_iv;
+}
+
+/* Functions for MACs. */
+const mac_entry_st *_gnutls_mac_to_entry(gnutls_mac_algorithm_t c);
+#define mac_to_entry(x) _gnutls_mac_to_entry(x)
+#define hash_to_entry(x) mac_to_entry((gnutls_mac_algorithm_t)(x))
+
+inline static int _gnutls_mac_is_ok(const mac_entry_st * e)
+{
+	if (unlikely(e == NULL) || e->id == 0)
+		return 0;
+	else
+		return 1;
+}
+
+/*-
+ * _gnutls_mac_get_algo_len:
+ * @algorithm: is an encryption algorithm
+ *
+ * Get size of MAC key.
+ *
+ * Returns: length (in bytes) of the MAC output size, or 0 if the
+ *   given MAC algorithm is invalid.
+ -*/
+inline static size_t _gnutls_mac_get_algo_len(const mac_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return 0;
+	else
+		return e->output_size;
+}
+
+inline static const char *_gnutls_x509_mac_to_oid(const mac_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return NULL;
+	else
+		return e->oid;
+}
+
+inline static const char *_gnutls_mac_get_name(const mac_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return NULL;
+	else
+		return e->name;
+}
+
+inline static int _gnutls_mac_block_size(const mac_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return 0;
+	else
+		return e->block_size;
+}
+
+inline static int _gnutls_mac_get_key_size(const mac_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return 0;
+	else
+		return e->key_size;
+}
+
+inline static gnutls_digest_algorithm_t
+_gnutls_mac_to_dig(gnutls_mac_algorithm_t mac)
+{
+	if (unlikely(mac >= GNUTLS_MAC_AEAD))
+		return GNUTLS_DIG_UNKNOWN;
+
+	return (gnutls_digest_algorithm_t)mac;
+}
+
+#define MAC_TO_DIG(mac) _gnutls_mac_to_dig(mac)
+
+/* Functions for digests. */
+#define _gnutls_x509_digest_to_oid _gnutls_x509_mac_to_oid
+#define _gnutls_digest_get_name _gnutls_mac_get_name
+#define _gnutls_hash_get_algo_len _gnutls_mac_get_algo_len
+
+#define DIG_TO_MAC(dig) (gnutls_mac_algorithm_t)(dig)
+
+/* Security against pre-image attacks */
+inline static int _gnutls_digest_is_secure(const mac_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return 0;
+	else
+		return !(e->flags & GNUTLS_MAC_FLAG_PREIMAGE_INSECURE);
+}
+
+/* Functions for cipher suites. */
+int _gnutls_get_client_ciphersuites(gnutls_session_t session,
+	gnutls_buffer_st * cdata, const version_entry_st *minver,
+	unsigned add_scsv);
+
+int _gnutls_supported_ciphersuites(gnutls_session_t session,
+				   uint8_t * cipher_suites,
+				   unsigned int max_cipher_suite_size);
+
+const gnutls_cipher_suite_entry_st
+    *cipher_suite_get(gnutls_kx_algorithm_t kx_algorithm,
+		      gnutls_cipher_algorithm_t cipher_algorithm,
+		      gnutls_mac_algorithm_t mac_algorithm);
+
+const char *_gnutls_cipher_suite_get_name(const uint8_t suite[2]);
+gnutls_kx_algorithm_t _gnutls_cipher_suite_get_kx_algo(const uint8_t
+						       suite[2]);
+
+int
+_gnutls_cipher_suite_get_id(gnutls_kx_algorithm_t kx_algorithm,
+			    gnutls_cipher_algorithm_t cipher_algorithm,
+			    gnutls_mac_algorithm_t mac_algorithm,
+			    uint8_t suite[2]);
+
+const gnutls_cipher_suite_entry_st *ciphersuite_to_entry(const uint8_t suite[2]);
+
+/* Functions for ciphers. */
+const cipher_entry_st *_gnutls_cipher_to_entry(gnutls_cipher_algorithm_t c);
+#define cipher_to_entry(x) _gnutls_cipher_to_entry(x)
+const cipher_entry_st *cipher_name_to_entry(const char *name);
+
+inline static cipher_type_t _gnutls_cipher_type(const cipher_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return CIPHER_AEAD; /* doesn't matter */
+	return e->type;
+}
+
+inline static int _gnutls_cipher_get_block_size(const cipher_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return 0;
+	return e->blocksize;
+}
+
+inline static int
+_gnutls_cipher_get_implicit_iv_size(const cipher_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return 0;
+	return e->implicit_iv;
+}
+
+inline static int
+_gnutls_cipher_get_iv_size(const cipher_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return 0;
+	return e->cipher_iv;
+}
+
+inline static int
+_gnutls_cipher_get_explicit_iv_size(const cipher_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return 0;
+	return e->explicit_iv;
+}
+
+inline static int _gnutls_cipher_get_key_size(const cipher_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return 0;
+	return e->keysize;
+}
+
+inline static const char *_gnutls_cipher_get_name(const cipher_entry_st *
+						  e)
+{
+	if (unlikely(e == NULL))
+		return NULL;
+	return e->name;
+}
+
+inline static int _gnutls_cipher_algo_is_aead(const cipher_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return 0;
+	return (e->type == CIPHER_AEAD)?1:0;
+}
+
+inline static int _gnutls_cipher_is_ok(const cipher_entry_st * e)
+{
+	if (unlikely(e == NULL) || e->id == 0)
+		return 0;
+	else
+		return 1;
+}
+
+inline static int _gnutls_cipher_get_tag_size(const cipher_entry_st * e)
+{
+	size_t ret = 0;
+
+	if (unlikely(e == NULL))
+		return ret;
+
+	/* non-AEAD have 0 as tag size */
+	return e->tagsize;
+}
+
+/* Functions for key exchange. */
+bool _gnutls_kx_needs_dh_params(gnutls_kx_algorithm_t algorithm);
+bool _gnutls_kx_allows_false_start(gnutls_session_t session);
+mod_auth_st *_gnutls_kx_auth_struct(gnutls_kx_algorithm_t algorithm);
+int _gnutls_kx_is_ok(gnutls_kx_algorithm_t algorithm);
+
+int _gnutls_kx_get_id(const char *name);
+
+gnutls_credentials_type_t _gnutls_map_kx_get_cred(gnutls_kx_algorithm_t
+						  algorithm, int server);
+
+/* KX to PK mapping. */
+unsigned
+_gnutls_kx_supports_pk(gnutls_kx_algorithm_t kx_algorithm,
+		       gnutls_pk_algorithm_t pk_algorithm);
+
+unsigned
+_gnutls_kx_supports_pk_usage(gnutls_kx_algorithm_t kx_algorithm,
+		       gnutls_pk_algorithm_t pk_algorithm,
+		       unsigned key_usage);
+
+enum encipher_type { CIPHER_ENCRYPT = 0, CIPHER_SIGN = 1, CIPHER_IGN };
+
+enum encipher_type _gnutls_kx_encipher_type(gnutls_kx_algorithm_t
+					    kx_algorithm);
+
+/* Functions for sign algorithms. */
+
+typedef enum hash_security_level_t {
+	_SECURE,
+	_INSECURE_FOR_CERTS,
+	_INSECURE
+} hash_security_level_t;
+
+int _gnutls_ecc_curve_mark_disabled(gnutls_ecc_curve_t curve);
+int _gnutls_sign_mark_insecure(gnutls_sign_algorithm_t, hash_security_level_t);
+int _gnutls_digest_mark_insecure(gnutls_digest_algorithm_t dig);
+unsigned _gnutls_digest_is_insecure(gnutls_digest_algorithm_t dig);
+bool _gnutls_digest_is_insecure2(gnutls_digest_algorithm_t dig,	unsigned flags);
+const gnutls_protocol_t *_gnutls_protocol_list(void);
+int _gnutls_version_mark_disabled(gnutls_protocol_t version);
+gnutls_protocol_t _gnutls_protocol_get_id_if_supported(const char *name);
+
+int _gnutls_digest_set_secure(gnutls_digest_algorithm_t dig, unsigned int secure);
+int _gnutls_sign_set_secure(gnutls_sign_algorithm_t sign, hash_security_level_t slevel);
+int _gnutls_protocol_set_enabled(gnutls_protocol_t version, unsigned int enabled);
+int _gnutls_ecc_curve_set_enabled(gnutls_ecc_curve_t curve, unsigned int enabled);
+
+/* these functions are for revertible settings, meaning that algorithms marked
+ * as disabled/insecure with mark_*_all functions can be re-enabled with
+ * mark_{enabled,secure} functions */
+void _gnutls_ecc_curve_mark_disabled_all(void);
+void _gnutls_version_mark_disabled_all(void);
+void _gnutls_sign_mark_insecure_all(hash_security_level_t level);
+void _gnutls_digest_mark_insecure_all(void);
+
+#define GNUTLS_SIGN_FLAG_TLS13_OK	1 /* if it is ok to use under TLS1.3 */
+#define GNUTLS_SIGN_FLAG_CRT_VRFY_REVERSE (1 << 1) /* reverse order of bytes in CrtVrfy signature */
+#define GNUTLS_SIGN_FLAG_INSECURE_REVERTIBLE (1 << 2)
+#define GNUTLS_SIGN_FLAG_ALLOW_INSECURE_REVERTIBLE (1 << 3)
+struct gnutls_sign_entry_st {
+	const char *name;
+	const char *oid;
+	gnutls_sign_algorithm_t id;
+	gnutls_pk_algorithm_t pk;
+	gnutls_digest_algorithm_t hash;
+
+	/* if non-zero it must be the algorithm of the
+	 * private key used or certificate. This is for algorithms
+	 * which can have a different public key type than the
+	 * private key (e.g., RSA PKCS#1 1.5 certificate, but
+	 * an RSA-PSS private key, or an RSA private key and
+	 * an RSA-PSS certificate). */
+	gnutls_pk_algorithm_t priv_pk;
+	gnutls_pk_algorithm_t cert_pk;
+
+	unsigned flags;
+
+	/* if this signature algorithm is restricted to a curve
+	 * under TLS 1.3. */
+	gnutls_ecc_curve_t curve;
+
+	/* See RFC 5246 HashAlgorithm and SignatureAlgorithm
+	   for values to use in aid struct. */
+	const sign_algorithm_st aid;
+	hash_security_level_t slevel;	/* contains values of hash_security_level_t */
+
+	/* 0 if it matches the predefined hash output size, otherwise
+	 * it is truncated or expanded (with XOF) */
+	unsigned hash_output_size;
+};
+typedef struct gnutls_sign_entry_st gnutls_sign_entry_st;
+
+const gnutls_sign_entry_st *_gnutls_sign_to_entry(gnutls_sign_algorithm_t sign);
+const gnutls_sign_entry_st *_gnutls_pk_to_sign_entry(gnutls_pk_algorithm_t pk, gnutls_digest_algorithm_t hash);
+const gnutls_sign_entry_st *_gnutls_oid_to_sign_entry(const char *oid);
+
+/* returns true if that signature can be generated
+ * from the given private key algorithm. */
+inline static unsigned
+sign_supports_priv_pk_algorithm(const gnutls_sign_entry_st *se, gnutls_pk_algorithm_t pk)
+{
+	if (pk == se->pk || (se->priv_pk && se->priv_pk == pk))
+		return 1;
+
+	return 0;
+}
+
+/* returns true if that signature can be verified with
+ * the given public key algorithm. */
+inline static unsigned
+sign_supports_cert_pk_algorithm(const gnutls_sign_entry_st *se, gnutls_pk_algorithm_t pk)
+{
+	if ((!se->cert_pk && pk == se->pk) || (se->cert_pk && se->cert_pk == pk))
+		return 1;
+
+	return 0;
+}
+
+bool _gnutls_sign_is_secure2(const gnutls_sign_entry_st *se, unsigned int flags);
+
+gnutls_pk_algorithm_t _gnutls_x509_sign_to_pk(gnutls_sign_algorithm_t
+					      sign);
+const char *_gnutls_x509_sign_to_oid(gnutls_pk_algorithm_t,
+				     gnutls_digest_algorithm_t mac);
+
+const gnutls_sign_entry_st *
+_gnutls_tls_aid_to_sign_entry(uint8_t id0, uint8_t id1, const version_entry_st *ver);
+
+gnutls_sign_algorithm_t
+_gnutls_tls_aid_to_sign(uint8_t id0, uint8_t id1, const version_entry_st *ver);
+const sign_algorithm_st *_gnutls_sign_to_tls_aid(gnutls_sign_algorithm_t
+						 sign);
+
+const gnutls_sign_entry_st *
+_gnutls13_sign_get_compatible_with_privkey(gnutls_privkey_t privkey);
+
+unsigned int _gnutls_pk_bits_to_subgroup_bits(unsigned int pk_bits);
+gnutls_digest_algorithm_t _gnutls_pk_bits_to_sha_hash(unsigned int pk_bits);
+
+gnutls_digest_algorithm_t _gnutls_hash_size_to_sha_hash(unsigned int size);
+
+bool _gnutls_pk_is_not_prehashed(gnutls_pk_algorithm_t algorithm);
+
+/* ECC */
+typedef struct gnutls_ecc_curve_entry_st {
+	const char *name;
+	const char *oid;
+	gnutls_ecc_curve_t id;
+	gnutls_pk_algorithm_t pk;
+	unsigned size;		/* the size in bytes */
+	unsigned sig_size;	/* the size of curve signatures in bytes (EdDSA) */
+	unsigned gost_curve;
+	bool supported;
+	bool supported_revertible;
+	gnutls_group_t group;
+} gnutls_ecc_curve_entry_st;
+
+const gnutls_ecc_curve_entry_st
+    *_gnutls_ecc_curve_get_params(gnutls_ecc_curve_t curve);
+
+unsigned _gnutls_ecc_curve_is_supported(gnutls_ecc_curve_t);
+
+gnutls_group_t _gnutls_ecc_curve_get_group(gnutls_ecc_curve_t);
+const gnutls_group_entry_st *_gnutls_tls_id_to_group(unsigned num);
+const gnutls_group_entry_st * _gnutls_id_to_group(unsigned id);
+gnutls_group_t _gnutls_group_get_id(const char *name);
+
+gnutls_ecc_curve_t _gnutls_ecc_bits_to_curve(gnutls_pk_algorithm_t pk, int bits);
+#define MAX_ECC_CURVE_SIZE 66
+
+gnutls_pk_algorithm_t _gnutls_oid_to_pk_and_curve(const char *oid, gnutls_ecc_curve_t *curve);
+
+inline static int _curve_is_eddsa(const gnutls_ecc_curve_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return 0;
+	if (e->pk == GNUTLS_PK_EDDSA_ED25519 ||
+	    e->pk == GNUTLS_PK_EDDSA_ED448)
+		return 1;
+	return 0;
+}
+
+inline static int _curve_is_modern_ecdh(const gnutls_ecc_curve_entry_st * e)
+{
+	if (unlikely(e == NULL))
+		return 0;
+	if (e->pk == GNUTLS_PK_ECDH_X25519 ||
+	    e->pk == GNUTLS_PK_ECDH_X448)
+		return 1;
+	return 0;
+}
+
+inline static int curve_is_eddsa(gnutls_ecc_curve_t id)
+{
+	const gnutls_ecc_curve_entry_st *e = _gnutls_ecc_curve_get_params(id);
+	return _curve_is_eddsa(e);
+}
+
+inline static int curve_is_modern_ecdh(gnutls_ecc_curve_t id)
+{
+	const gnutls_ecc_curve_entry_st *e = _gnutls_ecc_curve_get_params(id);
+	return _curve_is_modern_ecdh(e);
+}
+
+static inline int _gnutls_kx_is_ecc(gnutls_kx_algorithm_t kx)
+{
+	if (kx == GNUTLS_KX_ECDHE_RSA || kx == GNUTLS_KX_ECDHE_ECDSA ||
+	    kx == GNUTLS_KX_ANON_ECDH || kx == GNUTLS_KX_ECDHE_PSK)
+		return 1;
+
+	return 0;
+}
+
+static inline int _gnutls_kx_is_psk(gnutls_kx_algorithm_t kx)
+{
+	if (kx == GNUTLS_KX_PSK || kx == GNUTLS_KX_DHE_PSK ||
+	    kx == GNUTLS_KX_ECDHE_PSK || kx == GNUTLS_KX_RSA_PSK)
+		return 1;
+
+	return 0;
+}
+
+static inline int _gnutls_kx_is_dhe(gnutls_kx_algorithm_t kx)
+{
+	if (kx == GNUTLS_KX_DHE_RSA || kx == GNUTLS_KX_DHE_DSS ||
+	    kx == GNUTLS_KX_ANON_DH || kx == GNUTLS_KX_DHE_PSK)
+		return 1;
+
+	return 0;
+}
+
+static inline unsigned _gnutls_kx_is_vko_gost(gnutls_kx_algorithm_t kx)
+{
+	if (kx == GNUTLS_KX_VKO_GOST_12)
+		return 1;
+
+	return 0;
+}
+
+static inline bool
+_sign_is_gost(const gnutls_sign_entry_st *se)
+{
+	gnutls_pk_algorithm_t pk = se->pk;
+
+	return  (pk == GNUTLS_PK_GOST_01) ||
+		(pk == GNUTLS_PK_GOST_12_256) ||
+		(pk == GNUTLS_PK_GOST_12_512);
+}
+
+static inline int _sig_is_ecdsa(gnutls_sign_algorithm_t sig)
+{
+	if (sig == GNUTLS_SIGN_ECDSA_SHA1 || sig == GNUTLS_SIGN_ECDSA_SHA224 ||
+	    sig == GNUTLS_SIGN_ECDSA_SHA256 || sig == GNUTLS_SIGN_ECDSA_SHA384 ||
+	    sig == GNUTLS_SIGN_ECDSA_SHA512)
+		return 1;
+
+	return 0;
+}
+
+bool _gnutls_pk_are_compat(gnutls_pk_algorithm_t pk1, gnutls_pk_algorithm_t pk2);
+
+unsigned _gnutls_sign_get_hash_strength(gnutls_sign_algorithm_t sign);
+
+#endif /* GNUTLS_LIB_ALGORITHMS_H */
diff --git a/lib/algorithms/Makefile.am b/lib/algorithms/Makefile.am
new file mode 100644
index 0000000..18aac8a
--- /dev/null
+++ b/lib/algorithms/Makefile.am
@@ -0,0 +1,39 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2011-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+include $(top_srcdir)/lib/common.mk
+
+AM_CPPFLAGS = \
+	-I$(srcdir)/../../gl		\
+	-I$(builddir)/../../gl		\
+	-I$(srcdir)/../includes		\
+	-I$(builddir)/../includes	\
+	-I$(builddir)/../../gl          \
+	-I$(srcdir)/..	
+
+if ENABLE_MINITASN1
+AM_CPPFLAGS += -I$(srcdir)/../minitasn1
+endif
+
+noinst_LTLIBRARIES = libgnutls_alg.la
+
+libgnutls_alg_la_SOURCES = cert_types.c ciphers.c ciphersuites.c \
+	ecc.c kx.c mac.c protocols.c publickey.c secparams.c sign.c \
+	groups.c
diff --git a/lib/algorithms/Makefile.in b/lib/algorithms/Makefile.in
new file mode 100644
index 0000000..a3333d5
--- /dev/null
+++ b/lib/algorithms/Makefile.in
@@ -0,0 +1,2427 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2011-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@ENABLE_MINITASN1_TRUE@am__append_1 = -I$(srcdir)/../minitasn1
+subdir = lib/algorithms
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+LTLIBRARIES = $(noinst_LTLIBRARIES)
+libgnutls_alg_la_LIBADD =
+am_libgnutls_alg_la_OBJECTS = cert_types.lo ciphers.lo ciphersuites.lo \
+	ecc.lo kx.lo mac.lo protocols.lo publickey.lo secparams.lo \
+	sign.lo groups.lo
+libgnutls_alg_la_OBJECTS = $(am_libgnutls_alg_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/cert_types.Plo \
+	./$(DEPDIR)/ciphers.Plo ./$(DEPDIR)/ciphersuites.Plo \
+	./$(DEPDIR)/ecc.Plo ./$(DEPDIR)/groups.Plo ./$(DEPDIR)/kx.Plo \
+	./$(DEPDIR)/mac.Plo ./$(DEPDIR)/protocols.Plo \
+	./$(DEPDIR)/publickey.Plo ./$(DEPDIR)/secparams.Plo \
+	./$(DEPDIR)/sign.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+SOURCES = $(libgnutls_alg_la_SOURCES)
+DIST_SOURCES = $(libgnutls_alg_la_SOURCES)
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in \
+	$(top_srcdir)/build-aux/depcomp $(top_srcdir)/lib/common.mk
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = @GPERF@
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+AM_CFLAGS = $(WERROR_CFLAGS) $(WSTACK_CFLAGS) $(WARN_CFLAGS) $(NETTLE_CFLAGS) \
+  $(LIBTASN1_CFLAGS) $(LIBIDN2_CFLAGS) $(P11_KIT_CFLAGS) $(LIBZSTD_CFLAGS) \
+  $(CODE_COVERAGE_CFLAGS)
+
+COMMON_LINK_FLAGS = $(CODE_COVERAGE_LDFLAGS)
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
+AM_CPPFLAGS = -I$(srcdir)/../../gl -I$(builddir)/../../gl \
+	-I$(srcdir)/../includes -I$(builddir)/../includes \
+	-I$(builddir)/../../gl -I$(srcdir)/.. $(am__append_1)
+noinst_LTLIBRARIES = libgnutls_alg.la
+libgnutls_alg_la_SOURCES = cert_types.c ciphers.c ciphersuites.c \
+	ecc.c kx.c mac.c protocols.c publickey.c secparams.c sign.c \
+	groups.c
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/lib/common.mk $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/algorithms/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign lib/algorithms/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+$(top_srcdir)/lib/common.mk $(am__empty):
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+	-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+	@list='$(noinst_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+
+libgnutls_alg.la: $(libgnutls_alg_la_OBJECTS) $(libgnutls_alg_la_DEPENDENCIES) $(EXTRA_libgnutls_alg_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(LINK)  $(libgnutls_alg_la_OBJECTS) $(libgnutls_alg_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cert_types.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ciphers.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ciphersuites.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ecc.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/groups.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kx.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mac.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocols.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/publickey.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/secparams.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sign.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	mostlyclean-am
+
+distclean: distclean-am
+		-rm -f ./$(DEPDIR)/cert_types.Plo
+	-rm -f ./$(DEPDIR)/ciphers.Plo
+	-rm -f ./$(DEPDIR)/ciphersuites.Plo
+	-rm -f ./$(DEPDIR)/ecc.Plo
+	-rm -f ./$(DEPDIR)/groups.Plo
+	-rm -f ./$(DEPDIR)/kx.Plo
+	-rm -f ./$(DEPDIR)/mac.Plo
+	-rm -f ./$(DEPDIR)/protocols.Plo
+	-rm -f ./$(DEPDIR)/publickey.Plo
+	-rm -f ./$(DEPDIR)/secparams.Plo
+	-rm -f ./$(DEPDIR)/sign.Plo
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+		-rm -f ./$(DEPDIR)/cert_types.Plo
+	-rm -f ./$(DEPDIR)/ciphers.Plo
+	-rm -f ./$(DEPDIR)/ciphersuites.Plo
+	-rm -f ./$(DEPDIR)/ecc.Plo
+	-rm -f ./$(DEPDIR)/groups.Plo
+	-rm -f ./$(DEPDIR)/kx.Plo
+	-rm -f ./$(DEPDIR)/mac.Plo
+	-rm -f ./$(DEPDIR)/protocols.Plo
+	-rm -f ./$(DEPDIR)/publickey.Plo
+	-rm -f ./$(DEPDIR)/secparams.Plo
+	-rm -f ./$(DEPDIR)/sign.Plo
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+	clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	cscopelist-am ctags ctags-am distclean distclean-compile \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man install-pdf \
+	install-pdf-am install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-am uninstall uninstall-am
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/lib/algorithms/cert_types.c b/lib/algorithms/cert_types.c
new file mode 100644
index 0000000..4fa43b8
--- /dev/null
+++ b/lib/algorithms/cert_types.c
@@ -0,0 +1,90 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <algorithms.h>
+#include "errors.h"
+#include <x509/common.h>
+#include "c-strcase.h"
+
+/**
+ * gnutls_certificate_type_get_name:
+ * @type: is a certificate type
+ *
+ * Convert a #gnutls_certificate_type_t type to a string.
+ *
+ * Returns: a string that contains the name of the specified
+ *   certificate type, or %NULL in case of unknown types.
+ **/
+const char *gnutls_certificate_type_get_name(gnutls_certificate_type_t
+					     type)
+{
+	const char *ret = NULL;
+
+	if (type == GNUTLS_CRT_X509)
+		ret = "X.509";
+	if (type == GNUTLS_CRT_RAWPK)
+		ret = "Raw Public Key";
+
+	return ret;
+}
+
+/**
+ * gnutls_certificate_type_get_id:
+ * @name: is a certificate type name
+ *
+ * The names are compared in a case insensitive way.
+ *
+ * Returns: a #gnutls_certificate_type_t for the specified in a
+ *   string certificate type, or %GNUTLS_CRT_UNKNOWN on error.
+ **/
+gnutls_certificate_type_t gnutls_certificate_type_get_id(const char *name)
+{
+	gnutls_certificate_type_t ret = GNUTLS_CRT_UNKNOWN;
+
+	if (c_strcasecmp(name, "X.509") == 0
+	    || c_strcasecmp(name, "X509") == 0)
+		return GNUTLS_CRT_X509;
+	if (c_strcasecmp(name, "RAWPK") == 0)
+		return GNUTLS_CRT_RAWPK;
+
+	return ret;
+}
+
+static const gnutls_certificate_type_t supported_certificate_types[] = {
+	GNUTLS_CRT_X509,
+	GNUTLS_CRT_RAWPK,
+	0
+};
+
+/**
+ * gnutls_certificate_type_list:
+ *
+ * Get a list of certificate types.
+ *
+ * Returns: a (0)-terminated list of #gnutls_certificate_type_t
+ *   integers indicating the available certificate types.
+ **/
+const gnutls_certificate_type_t *gnutls_certificate_type_list(void)
+{
+	return supported_certificate_types;
+}
diff --git a/lib/algorithms/ciphers.c b/lib/algorithms/ciphers.c
new file mode 100644
index 0000000..ffe936a
--- /dev/null
+++ b/lib/algorithms/ciphers.c
@@ -0,0 +1,529 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <algorithms.h>
+#include "errors.h"
+#include <x509/common.h>
+#include "c-strcase.h"
+
+
+/* Note that all algorithms are in CBC or STREAM modes.
+ * Do not add any algorithms in other modes (avoid modified algorithms).
+ * View first: "The order of encryption and authentication for
+ * protecting communications" by Hugo Krawczyk - CRYPTO 2001
+ *
+ * On update, make sure to update MAX_CIPHER_BLOCK_SIZE, MAX_CIPHER_IV_SIZE,
+ * and MAX_CIPHER_KEY_SIZE as well.
+ * If any ciphers are removed, remove them from the back-end but
+ * keep them in that list to allow backwards compatibility with applications
+ * that specify them (they will be a no-op).
+ */
+static const cipher_entry_st algorithms[] = {
+	{ .name = "AES-256-CBC",
+	  .id = GNUTLS_CIPHER_AES_256_CBC,
+	  .blocksize = 16,
+	  .keysize = 32,
+	  .type = CIPHER_BLOCK,
+	  .explicit_iv = 16,
+	  .cipher_iv = 16},
+	{ .name = "AES-192-CBC",
+	  .id = GNUTLS_CIPHER_AES_192_CBC,
+	  .blocksize = 16,
+	  .keysize = 24,
+	  .type = CIPHER_BLOCK,
+	  .explicit_iv = 16,
+	  .cipher_iv = 16},
+	{ .name = "AES-128-CBC",
+	  .id = GNUTLS_CIPHER_AES_128_CBC,
+	  .blocksize = 16,
+	  .keysize = 16,
+	  .type = CIPHER_BLOCK,
+	  .explicit_iv = 16,
+	  .cipher_iv = 16},
+	{ .name = "AES-128-GCM",
+	  .id = GNUTLS_CIPHER_AES_128_GCM,
+	  .blocksize = 16,
+	  .keysize = 16,
+	  .type = CIPHER_AEAD,
+	  .implicit_iv = 4,
+	  .explicit_iv = 8,
+	  .cipher_iv = 12,
+	  .tagsize = 16},
+	{ .name = "AES-192-GCM",
+	  .id = GNUTLS_CIPHER_AES_192_GCM,
+	  .blocksize = 16,
+	  .keysize = 24,
+	  .type = CIPHER_AEAD,
+	  .implicit_iv = 4,
+	  .explicit_iv = 8,
+	  .cipher_iv = 12,
+	  .tagsize = 16},
+	{ .name = "AES-256-GCM",
+	  .id = GNUTLS_CIPHER_AES_256_GCM,
+	  .blocksize = 16,
+	  .keysize = 32,
+	  .type = CIPHER_AEAD,
+	  .implicit_iv = 4,
+	  .explicit_iv = 8,
+	  .cipher_iv = 12,
+	  .tagsize = 16},
+	{ .name = "AES-128-CCM",
+	  .id = GNUTLS_CIPHER_AES_128_CCM,
+	  .blocksize = 16,
+	  .keysize = 16,
+	  .type = CIPHER_AEAD,
+	  .implicit_iv = 4,
+	  .explicit_iv = 8,
+	  .cipher_iv = 12,
+	  .flags = GNUTLS_CIPHER_FLAG_ONLY_AEAD,
+	  .tagsize = 16},
+	{ .name = "AES-256-CCM",
+	  .id = GNUTLS_CIPHER_AES_256_CCM,
+	  .blocksize = 16,
+	  .keysize = 32,
+	  .type = CIPHER_AEAD,
+	  .implicit_iv = 4,
+	  .explicit_iv = 8,
+	  .cipher_iv = 12,
+	  .flags = GNUTLS_CIPHER_FLAG_ONLY_AEAD,
+	  .tagsize = 16},
+	{ .name = "AES-128-CCM-8",
+	  .id = GNUTLS_CIPHER_AES_128_CCM_8,
+	  .blocksize = 16,
+	  .keysize = 16,
+	  .type = CIPHER_AEAD,
+	  .implicit_iv = 4,
+	  .explicit_iv = 8,
+	  .cipher_iv = 12,
+	  .flags = GNUTLS_CIPHER_FLAG_ONLY_AEAD,
+	  .tagsize = 8},
+	{ .name = "AES-256-CCM-8",
+	  .id = GNUTLS_CIPHER_AES_256_CCM_8,
+	  .blocksize = 16,
+	  .keysize = 32,
+	  .type = CIPHER_AEAD,
+	  .implicit_iv = 4,
+	  .explicit_iv = 8,
+	  .cipher_iv = 12,
+	  .flags = GNUTLS_CIPHER_FLAG_ONLY_AEAD,
+	  .tagsize = 8},
+	{ .name = "ARCFOUR-128",
+	  .id = GNUTLS_CIPHER_ARCFOUR_128,
+	  .blocksize = 1,
+	  .keysize = 16,
+	  .type = CIPHER_STREAM,
+	 0, 0, 0, 0},
+	{ .name = "ESTREAM-SALSA20-256",
+	  .id = GNUTLS_CIPHER_ESTREAM_SALSA20_256,
+	  .blocksize = 64,
+	  .keysize = 32,
+	 .type = CIPHER_STREAM, 0, 0, 8, 0},
+	{ .name = "SALSA20-256",
+	  .id = GNUTLS_CIPHER_SALSA20_256,
+	  .blocksize = 64,
+	  .keysize = 32,
+	  .type = CIPHER_STREAM,
+	  .explicit_iv = 0,
+	  .cipher_iv = 8},
+	{ .name = "CHACHA20-32",
+	  .id = GNUTLS_CIPHER_CHACHA20_32,
+	  .blocksize = 64,
+	  .keysize = 32,
+	  .type = CIPHER_STREAM,
+	  .explicit_iv = 0,
+	  /* IV includes counter */
+	  .cipher_iv = 16},
+	{ .name = "CHACHA20-64",
+	  .id = GNUTLS_CIPHER_CHACHA20_64,
+	  .blocksize = 64,
+	  .keysize = 32,
+	  .type = CIPHER_STREAM,
+	  .explicit_iv = 0,
+	  /* IV includes counter */
+	  .cipher_iv = 16},
+	{ .name = "CAMELLIA-256-CBC",
+	  .id = GNUTLS_CIPHER_CAMELLIA_256_CBC,
+	  .blocksize = 16,
+	  .keysize = 32,
+	  .type = CIPHER_BLOCK,
+	  .explicit_iv = 16,
+	  .cipher_iv = 16},
+	{ .name = "CAMELLIA-192-CBC",
+	  .id = GNUTLS_CIPHER_CAMELLIA_192_CBC,
+	  .blocksize = 16,
+	  .keysize = 24,
+	  .type = CIPHER_BLOCK,
+	  .explicit_iv = 16,
+	  .cipher_iv = 16},
+	{ .name = "CAMELLIA-128-CBC",
+	  .id = GNUTLS_CIPHER_CAMELLIA_128_CBC,
+	  .blocksize = 16,
+	  .keysize = 16,
+	  .type = CIPHER_BLOCK,
+	  .explicit_iv = 16,
+	  .cipher_iv = 16},
+	{ .name = "CHACHA20-POLY1305",
+	  .id = GNUTLS_CIPHER_CHACHA20_POLY1305,
+	  .blocksize = 64,
+	  .keysize = 32,
+	  .type = CIPHER_AEAD,
+	  .implicit_iv = 12,
+	  .explicit_iv = 0,
+	  /* in chacha20 we don't need a rekey after 2^24 messages */
+	  .flags = GNUTLS_CIPHER_FLAG_XOR_NONCE | GNUTLS_CIPHER_FLAG_NO_REKEY,
+	  .cipher_iv = 12,
+	  .tagsize = 16
+	},
+	{ .name = "CAMELLIA-128-GCM",
+	  .id = GNUTLS_CIPHER_CAMELLIA_128_GCM,
+	  .blocksize = 16,
+	  .keysize = 16,
+	  .type = CIPHER_AEAD, 4, 8, 12, 16},
+	{ .name = "CAMELLIA-256-GCM",
+	  .id = GNUTLS_CIPHER_CAMELLIA_256_GCM,
+	  .blocksize = 16,
+	  .keysize = 32,
+	  .type = CIPHER_AEAD,
+	  .implicit_iv = 4,
+	  .explicit_iv = 8,
+	  .cipher_iv = 12,
+	  .tagsize = 16},
+	{ .name = "GOST28147-TC26Z-CFB",
+	  .id = GNUTLS_CIPHER_GOST28147_TC26Z_CFB,
+	  .blocksize = 8,
+	  .keysize = 32,
+	  .type = CIPHER_STREAM,
+	  .implicit_iv = 8,
+	  .cipher_iv = 8},
+	{ .name = "GOST28147-CPA-CFB",
+	  .id = GNUTLS_CIPHER_GOST28147_CPA_CFB,
+	  .blocksize = 8,
+	  .keysize = 32,
+	  .type = CIPHER_STREAM,
+	  .implicit_iv = 8,
+	  .cipher_iv = 8},
+	{ .name = "GOST28147-CPB-CFB",
+	  .id = GNUTLS_CIPHER_GOST28147_CPB_CFB,
+	  .blocksize = 8,
+	  .keysize = 32,
+	  .type = CIPHER_STREAM,
+	  .implicit_iv = 8,
+	  .cipher_iv = 8},
+	{ .name = "GOST28147-CPC-CFB",
+	  .id = GNUTLS_CIPHER_GOST28147_CPC_CFB,
+	  .blocksize = 8,
+	  .keysize = 32,
+	  .type = CIPHER_STREAM,
+	  .implicit_iv = 8,
+	  .cipher_iv = 8},
+	{ .name = "GOST28147-CPD-CFB",
+	  .id = GNUTLS_CIPHER_GOST28147_CPD_CFB,
+	  .blocksize = 8,
+	  .keysize = 32,
+	  .type = CIPHER_STREAM,
+	  .implicit_iv = 8,
+	  .cipher_iv = 8},
+
+	{ .name = "AES-128-CFB8",
+	  .id = GNUTLS_CIPHER_AES_128_CFB8,
+	  .blocksize = 16,
+	  .keysize = 16,
+	  .type = CIPHER_BLOCK,
+	  .explicit_iv = 16,
+	  .cipher_iv = 16},
+	{ .name = "AES-192-CFB8",
+	  .id = GNUTLS_CIPHER_AES_192_CFB8,
+	  .blocksize = 16,
+	  .keysize = 24,
+	  .type = CIPHER_BLOCK,
+	  .explicit_iv = 16,
+	  .cipher_iv = 16},
+	{ .name = "AES-256-CFB8",
+	  .id = GNUTLS_CIPHER_AES_256_CFB8,
+	  .blocksize = 16,
+	  .keysize = 32,
+	  .type = CIPHER_BLOCK,
+	  .explicit_iv = 16,
+	  .cipher_iv = 16},
+	{ .name = "AES-128-XTS",
+	  .id = GNUTLS_CIPHER_AES_128_XTS,
+	  .blocksize = 16,
+	  .keysize = 32,
+	  .type = CIPHER_BLOCK,
+	  .explicit_iv = 16,
+	  .cipher_iv = 16},
+	{ .name = "AES-256-XTS",
+	  .id = GNUTLS_CIPHER_AES_256_XTS,
+	  .blocksize = 16,
+	  .keysize = 64,
+	  .type = CIPHER_BLOCK,
+	  .explicit_iv = 16,
+	  .cipher_iv = 16},
+	{ .name = "AES-128-SIV",
+	  .id = GNUTLS_CIPHER_AES_128_SIV,
+	  .blocksize = 16,
+	  .keysize = 32,
+	  .type = CIPHER_AEAD,
+	  .explicit_iv = 16,
+	  .cipher_iv = 16,
+	  .flags = GNUTLS_CIPHER_FLAG_ONLY_AEAD |
+	  GNUTLS_CIPHER_FLAG_TAG_PREFIXED,
+	  .tagsize = 16},
+	{ .name = "AES-256-SIV",
+	  .id = GNUTLS_CIPHER_AES_256_SIV,
+	  .blocksize = 16,
+	  .keysize = 64,
+	  .type = CIPHER_AEAD,
+	  .explicit_iv = 16,
+	  .cipher_iv = 16,
+	  .flags = GNUTLS_CIPHER_FLAG_ONLY_AEAD |
+	  GNUTLS_CIPHER_FLAG_TAG_PREFIXED,
+	  .tagsize = 16},
+	{ .name = "GOST28147-TC26Z-CNT",
+	  .id = GNUTLS_CIPHER_GOST28147_TC26Z_CNT,
+	  .blocksize = 8,
+	  .keysize = 32,
+	  .type = CIPHER_STREAM,
+	  .implicit_iv = 8,
+	  .cipher_iv = 8},
+	{ .name = "MAGMA-CTR-ACPKM",
+	  .id = GNUTLS_CIPHER_MAGMA_CTR_ACPKM,
+	  .blocksize = 8,
+	  .keysize = 32,
+	  .type = CIPHER_STREAM,
+	  .implicit_iv = 4,
+	  .cipher_iv = 8},
+	{ .name = "KUZNYECHIK-CTR-ACPKM",
+	  .id = GNUTLS_CIPHER_KUZNYECHIK_CTR_ACPKM,
+	  .blocksize = 16,
+	  .keysize = 32,
+	  .type = CIPHER_STREAM,
+	  .implicit_iv = 8,
+	  .cipher_iv = 16},
+	{ .name = "3DES-CBC",
+	  .id = GNUTLS_CIPHER_3DES_CBC,
+	  .blocksize = 8,
+	  .keysize = 24,
+	  .type = CIPHER_BLOCK,
+	  .explicit_iv = 8,
+	  .cipher_iv = 8},
+	{ .name = "DES-CBC",
+	  .id = GNUTLS_CIPHER_DES_CBC,
+	  .blocksize = 8,
+	  .keysize = 8,
+	  .type = CIPHER_BLOCK,
+	  .explicit_iv = 8,
+	  .cipher_iv = 8},
+	{ .name = "ARCFOUR-40",
+	  .id = GNUTLS_CIPHER_ARCFOUR_40,
+	  .blocksize = 1,
+	  .keysize = 5,
+	  .type = CIPHER_STREAM},
+	{ .name = "RC2-40",
+	  .id = GNUTLS_CIPHER_RC2_40_CBC,
+	  .blocksize = 8,
+	  .keysize = 5,
+	  .type = CIPHER_BLOCK,
+	  .explicit_iv = 8,
+	  .cipher_iv = 8},
+	{ .name = "NULL",
+	  .id = GNUTLS_CIPHER_NULL,
+	  .blocksize = 1,
+	  .keysize = 0,
+	  .type = CIPHER_STREAM
+	},
+	{0, 0, 0, 0, 0, 0, 0}
+};
+
+#define GNUTLS_CIPHER_LOOP(b) \
+	const cipher_entry_st *p; \
+		for(p = algorithms; p->name != NULL; p++) { b ; }
+
+#define GNUTLS_ALG_LOOP(a) \
+			GNUTLS_CIPHER_LOOP( if(p->id == algorithm) { a; break; } )
+
+/* CIPHER functions */
+
+const cipher_entry_st *_gnutls_cipher_to_entry(gnutls_cipher_algorithm_t c)
+{
+	GNUTLS_CIPHER_LOOP(if (c == p->id) return p);
+
+	return NULL;
+}
+
+/* Returns cipher entry even for ciphers that are not supported,
+ * but are listed (e.g., deprecated ciphers).
+ */
+const cipher_entry_st *cipher_name_to_entry(const char *name)
+{
+	GNUTLS_CIPHER_LOOP(
+		if (c_strcasecmp(p->name, name) == 0) {
+			return p;
+		}
+	);
+
+	return NULL;
+}
+
+/**
+ * gnutls_cipher_get_block_size:
+ * @algorithm: is an encryption algorithm
+ *
+ * Returns: the block size of the encryption algorithm.
+ *
+ * Since: 2.10.0
+ **/
+unsigned gnutls_cipher_get_block_size(gnutls_cipher_algorithm_t algorithm)
+{
+	size_t ret = 0;
+	GNUTLS_ALG_LOOP(ret = p->blocksize);
+	return ret;
+
+}
+
+/**
+ * gnutls_cipher_get_tag_size:
+ * @algorithm: is an encryption algorithm
+ *
+ * This function returns the tag size of an authenticated encryption
+ * algorithm. For non-AEAD algorithms, it returns zero.
+ *
+ * Returns: the tag size of the authenticated encryption algorithm.
+ *
+ * Since: 3.2.2
+ **/
+unsigned gnutls_cipher_get_tag_size(gnutls_cipher_algorithm_t algorithm)
+{
+	return _gnutls_cipher_get_tag_size(cipher_to_entry(algorithm));
+}
+
+/**
+ * gnutls_cipher_get_iv_size:
+ * @algorithm: is an encryption algorithm
+ *
+ * This function returns the size of the initialization vector (IV) for the
+ * provided algorithm. For algorithms with variable size IV (e.g., AES-CCM),
+ * the returned size will be the one used by TLS.
+ *
+ * Returns: block size for encryption algorithm.
+ *
+ * Since: 3.2.0
+ **/
+unsigned gnutls_cipher_get_iv_size(gnutls_cipher_algorithm_t algorithm)
+{
+	size_t ret = 0;
+	GNUTLS_ALG_LOOP(ret = p->cipher_iv);
+	return ret;
+}
+
+/**
+ * gnutls_cipher_get_key_size:
+ * @algorithm: is an encryption algorithm
+ *
+ * This function returns the key size of the provided algorithm.
+ *
+ * Returns: length (in bytes) of the given cipher's key size, or 0 if
+ *   the given cipher is invalid.
+ **/
+size_t gnutls_cipher_get_key_size(gnutls_cipher_algorithm_t algorithm)
+{				/* In bytes */
+	size_t ret = 0;
+	GNUTLS_ALG_LOOP(ret = p->keysize);
+	return ret;
+
+}
+
+/**
+ * gnutls_cipher_get_name:
+ * @algorithm: is an encryption algorithm
+ *
+ * Convert a #gnutls_cipher_algorithm_t type to a string.
+ *
+ * Returns: a pointer to a string that contains the name of the
+ *   specified cipher, or %NULL.
+ **/
+const char *gnutls_cipher_get_name(gnutls_cipher_algorithm_t algorithm)
+{
+	const char *ret = NULL;
+
+	/* avoid prefix */
+	GNUTLS_ALG_LOOP(ret = p->name);
+
+	return ret;
+}
+
+/**
+ * gnutls_cipher_get_id:
+ * @name: is a cipher algorithm name
+ *
+ * The names are compared in a case insensitive way.
+ *
+ * Returns: return a #gnutls_cipher_algorithm_t value corresponding to
+ *   the specified cipher, or %GNUTLS_CIPHER_UNKNOWN on error.
+ **/
+gnutls_cipher_algorithm_t gnutls_cipher_get_id(const char *name)
+{
+	gnutls_cipher_algorithm_t ret = GNUTLS_CIPHER_UNKNOWN;
+
+	GNUTLS_CIPHER_LOOP(
+		if (c_strcasecmp(p->name, name) == 0) {
+			if (p->id == GNUTLS_CIPHER_NULL || _gnutls_cipher_exists(p->id))
+				ret = p->id;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/**
+ * gnutls_cipher_list:
+ *
+ * Get a list of supported cipher algorithms.  Note that not
+ * necessarily all ciphers are supported as TLS cipher suites.  For
+ * example, DES is not supported as a cipher suite, but is supported
+ * for other purposes (e.g., PKCS#8 or similar).
+ *
+ * This function is not thread safe.
+ *
+ * Returns: a (0)-terminated list of #gnutls_cipher_algorithm_t
+ *   integers indicating the available ciphers.
+ *
+ **/
+const gnutls_cipher_algorithm_t *gnutls_cipher_list(void)
+{
+	static gnutls_cipher_algorithm_t supported_ciphers[MAX_ALGOS] =
+	    { 0 };
+
+	if (supported_ciphers[0] == 0) {
+		int i = 0;
+
+		GNUTLS_CIPHER_LOOP(
+			if (p->id == GNUTLS_CIPHER_NULL || _gnutls_cipher_exists(p->id))
+				supported_ciphers[i++] = p->id;
+		);
+		supported_ciphers[i++] = 0;
+	}
+
+	return supported_ciphers;
+}
diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c
new file mode 100644
index 0000000..c7ce245
--- /dev/null
+++ b/lib/algorithms/ciphersuites.c
@@ -0,0 +1,1734 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <algorithms.h>
+#include "errors.h"
+#include <dh.h>
+#include <state.h>
+#include <x509/common.h>
+#include <auth/cert.h>
+#include <auth/anon.h>
+#include <auth/psk.h>
+#include <ext/safe_renegotiation.h>
+
+#ifndef ENABLE_SSL3
+# define GNUTLS_SSL3 GNUTLS_TLS1
+#endif
+
+/* Cipher SUITES */
+#define ENTRY( name, canonical_name, block_algorithm, kx_algorithm, mac_algorithm, min_version, dtls_version ) \
+	{ #name, name, canonical_name, block_algorithm, kx_algorithm, mac_algorithm, min_version, GNUTLS_TLS1_2, dtls_version, GNUTLS_DTLS1_2, GNUTLS_MAC_SHA256}
+#define ENTRY_PRF( name, canonical_name, block_algorithm, kx_algorithm, mac_algorithm, min_version, dtls_version, prf ) \
+	{ #name, name, canonical_name, block_algorithm, kx_algorithm, mac_algorithm, min_version, GNUTLS_TLS1_2, dtls_version, GNUTLS_DTLS1_2, prf}
+#define ENTRY_TLS13( name, canonical_name, block_algorithm, min_version, prf ) \
+	{ #name, name, canonical_name, block_algorithm, 0, GNUTLS_MAC_AEAD, min_version, GNUTLS_TLS1_3, GNUTLS_VERSION_UNKNOWN, GNUTLS_VERSION_UNKNOWN, prf}
+
+/* TLS 1.3 ciphersuites */
+#define GNUTLS_AES_128_GCM_SHA256 { 0x13, 0x01 }
+#define GNUTLS_AES_256_GCM_SHA384 { 0x13, 0x02 }
+#define GNUTLS_CHACHA20_POLY1305_SHA256 { 0x13, 0x03 }
+#define GNUTLS_AES_128_CCM_SHA256 { 0x13, 0x04 }
+#define GNUTLS_AES_128_CCM_8_SHA256 { 0x13,0x05 }
+
+/* RSA with NULL cipher and MD5 MAC
+ * for test purposes.
+ */
+#define GNUTLS_RSA_NULL_MD5 { 0x00, 0x01 }
+#define GNUTLS_RSA_NULL_SHA1 { 0x00, 0x02 }
+#define GNUTLS_RSA_NULL_SHA256 { 0x00, 0x3B }
+
+/* ANONymous cipher suites.
+ */
+
+#define GNUTLS_DH_ANON_3DES_EDE_CBC_SHA1 { 0x00, 0x1B }
+#define GNUTLS_DH_ANON_ARCFOUR_128_MD5 { 0x00, 0x18 }
+
+ /* rfc3268: */
+#define GNUTLS_DH_ANON_AES_128_CBC_SHA1 { 0x00, 0x34 }
+#define GNUTLS_DH_ANON_AES_256_CBC_SHA1 { 0x00, 0x3A }
+
+/* rfc4132 */
+#define GNUTLS_DH_ANON_CAMELLIA_128_CBC_SHA1 { 0x00,0x46 }
+#define GNUTLS_DH_ANON_CAMELLIA_256_CBC_SHA1 { 0x00,0x89 }
+
+/* rfc5932 */
+#define GNUTLS_RSA_CAMELLIA_128_CBC_SHA256     { 0x00,0xBA }
+#define GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA256 { 0x00,0xBD }
+#define GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA256 { 0x00,0xBE }
+#define GNUTLS_DH_ANON_CAMELLIA_128_CBC_SHA256 { 0x00,0xBF }
+#define GNUTLS_RSA_CAMELLIA_256_CBC_SHA256     { 0x00,0xC0 }
+#define GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA256 { 0x00,0xC3 }
+#define GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA256 { 0x00,0xC4 }
+#define GNUTLS_DH_ANON_CAMELLIA_256_CBC_SHA256 { 0x00,0xC5 }
+
+/* rfc6367 */
+#define GNUTLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256 { 0xC0,0x72 }
+#define GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384 { 0xC0,0x73 }
+#define GNUTLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256   { 0xC0,0x76 }
+#define GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384   { 0xC0,0x77 }
+#define GNUTLS_PSK_CAMELLIA_128_CBC_SHA256     { 0xC0,0x94 }
+#define GNUTLS_PSK_CAMELLIA_256_CBC_SHA384     { 0xC0,0x95 }
+#define GNUTLS_DHE_PSK_CAMELLIA_128_CBC_SHA256 { 0xC0,0x96 }
+#define GNUTLS_DHE_PSK_CAMELLIA_256_CBC_SHA384 { 0xC0,0x97 }
+#define GNUTLS_RSA_PSK_CAMELLIA_128_CBC_SHA256 { 0xC0,0x98 }
+#define GNUTLS_RSA_PSK_CAMELLIA_256_CBC_SHA384 { 0xC0,0x99 }
+#define GNUTLS_ECDHE_PSK_CAMELLIA_128_CBC_SHA256 { 0xC0,0x9A }
+#define GNUTLS_ECDHE_PSK_CAMELLIA_256_CBC_SHA384 { 0xC0,0x9B }
+
+#define GNUTLS_RSA_CAMELLIA_128_GCM_SHA256	  { 0xC0, 0x7A }
+#define GNUTLS_RSA_CAMELLIA_256_GCM_SHA384	  { 0xC0,0x7B }
+#define GNUTLS_DHE_RSA_CAMELLIA_128_GCM_SHA256      { 0xC0,0x7C }
+#define GNUTLS_DHE_RSA_CAMELLIA_256_GCM_SHA384      { 0xC0,0x7D }
+#define GNUTLS_DHE_DSS_CAMELLIA_128_GCM_SHA256      { 0xC0,0x80 }
+#define GNUTLS_DHE_DSS_CAMELLIA_256_GCM_SHA384      { 0xC0,0x81 }
+#define GNUTLS_DH_ANON_CAMELLIA_128_GCM_SHA256      { 0xC0,0x84 }
+#define GNUTLS_DH_ANON_CAMELLIA_256_GCM_SHA384      { 0xC0,0x85 }
+#define GNUTLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256  { 0xC0,0x86 }
+#define GNUTLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384  { 0xC0,0x87 }
+#define GNUTLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256    { 0xC0,0x8A }
+#define GNUTLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384    { 0xC0,0x8B }
+#define GNUTLS_PSK_CAMELLIA_128_GCM_SHA256	{ 0xC0,0x8E }
+#define GNUTLS_PSK_CAMELLIA_256_GCM_SHA384	{ 0xC0,0x8F }
+#define GNUTLS_DHE_PSK_CAMELLIA_128_GCM_SHA256    { 0xC0,0x90 }
+#define GNUTLS_DHE_PSK_CAMELLIA_256_GCM_SHA384    { 0xC0,0x91 }
+#define GNUTLS_RSA_PSK_CAMELLIA_128_GCM_SHA256    { 0xC0,0x92 }
+#define GNUTLS_RSA_PSK_CAMELLIA_256_GCM_SHA384    { 0xC0,0x93 }
+
+#define GNUTLS_DH_ANON_AES_128_CBC_SHA256 { 0x00, 0x6C }
+#define GNUTLS_DH_ANON_AES_256_CBC_SHA256 { 0x00, 0x6D }
+
+/* draft-ietf-tls-chacha20-poly1305-02 */
+#define GNUTLS_ECDHE_RSA_CHACHA20_POLY1305      { 0xCC, 0xA8 }
+#define GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305	{ 0xCC, 0xA9 }
+#define GNUTLS_DHE_RSA_CHACHA20_POLY1305	{ 0xCC, 0xAA }
+
+#define GNUTLS_PSK_CHACHA20_POLY1305		{ 0xCC, 0xAB }
+#define GNUTLS_ECDHE_PSK_CHACHA20_POLY1305	{ 0xCC, 0xAC }
+#define GNUTLS_DHE_PSK_CHACHA20_POLY1305	{ 0xCC, 0xAD }
+#define GNUTLS_RSA_PSK_CHACHA20_POLY1305	{ 0xCC, 0xAE }
+
+/* PSK (not in TLS 1.0)
+ * draft-ietf-tls-psk:
+ */
+#define GNUTLS_PSK_ARCFOUR_128_SHA1 { 0x00, 0x8A }
+#define GNUTLS_PSK_3DES_EDE_CBC_SHA1 { 0x00, 0x8B }
+#define GNUTLS_PSK_AES_128_CBC_SHA1 { 0x00, 0x8C }
+#define GNUTLS_PSK_AES_256_CBC_SHA1 { 0x00, 0x8D }
+
+#define GNUTLS_DHE_PSK_ARCFOUR_128_SHA1 { 0x00, 0x8E }
+#define GNUTLS_DHE_PSK_3DES_EDE_CBC_SHA1 { 0x00, 0x8F }
+#define GNUTLS_DHE_PSK_AES_128_CBC_SHA1 { 0x00, 0x90 }
+#define GNUTLS_DHE_PSK_AES_256_CBC_SHA1 { 0x00, 0x91 }
+
+#define GNUTLS_RSA_PSK_ARCFOUR_128_SHA1 { 0x00, 0x92 }
+#define GNUTLS_RSA_PSK_3DES_EDE_CBC_SHA1 { 0x00, 0x93 }
+#define GNUTLS_RSA_PSK_AES_128_CBC_SHA1 { 0x00, 0x94 }
+#define GNUTLS_RSA_PSK_AES_256_CBC_SHA1 { 0x00, 0x95 }
+
+/* SRP (rfc5054)
+ */
+#define GNUTLS_SRP_SHA_3DES_EDE_CBC_SHA1 { 0xC0, 0x1A }
+#define GNUTLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1 { 0xC0, 0x1B }
+#define GNUTLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1 { 0xC0, 0x1C }
+
+#define GNUTLS_SRP_SHA_AES_128_CBC_SHA1 { 0xC0, 0x1D }
+#define GNUTLS_SRP_SHA_RSA_AES_128_CBC_SHA1 { 0xC0, 0x1E }
+#define GNUTLS_SRP_SHA_DSS_AES_128_CBC_SHA1 { 0xC0, 0x1F }
+
+#define GNUTLS_SRP_SHA_AES_256_CBC_SHA1 { 0xC0, 0x20 }
+#define GNUTLS_SRP_SHA_RSA_AES_256_CBC_SHA1 { 0xC0, 0x21 }
+#define GNUTLS_SRP_SHA_DSS_AES_256_CBC_SHA1 { 0xC0, 0x22 }
+
+/* RSA
+ */
+#define GNUTLS_RSA_ARCFOUR_128_SHA1 { 0x00, 0x05 }
+#define GNUTLS_RSA_ARCFOUR_128_MD5 { 0x00, 0x04 }
+#define GNUTLS_RSA_3DES_EDE_CBC_SHA1 { 0x00, 0x0A }
+
+/* rfc3268:
+ */
+#define GNUTLS_RSA_AES_128_CBC_SHA1 { 0x00, 0x2F }
+#define GNUTLS_RSA_AES_256_CBC_SHA1 { 0x00, 0x35 }
+
+/* rfc4132 */
+#define GNUTLS_RSA_CAMELLIA_128_CBC_SHA1 { 0x00,0x41 }
+#define GNUTLS_RSA_CAMELLIA_256_CBC_SHA1 { 0x00,0x84 }
+
+#define GNUTLS_RSA_AES_128_CBC_SHA256 { 0x00, 0x3C }
+#define GNUTLS_RSA_AES_256_CBC_SHA256 { 0x00, 0x3D }
+
+/* DHE DSS
+ */
+#define GNUTLS_DHE_DSS_3DES_EDE_CBC_SHA1 { 0x00, 0x13 }
+
+
+/* draft-ietf-tls-56-bit-ciphersuites-01:
+ */
+#define GNUTLS_DHE_DSS_ARCFOUR_128_SHA1 { 0x00, 0x66 }
+
+
+/* rfc3268:
+ */
+#define GNUTLS_DHE_DSS_AES_256_CBC_SHA1 { 0x00, 0x38 }
+#define GNUTLS_DHE_DSS_AES_128_CBC_SHA1 { 0x00, 0x32 }
+
+/* rfc4132 */
+#define GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1 { 0x00,0x44 }
+#define GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1 { 0x00,0x87 }
+
+#define GNUTLS_DHE_DSS_AES_128_CBC_SHA256 { 0x00, 0x40 }
+#define GNUTLS_DHE_DSS_AES_256_CBC_SHA256 { 0x00, 0x6A }
+
+/* DHE RSA
+ */
+#define GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1 { 0x00, 0x16 }
+
+/* rfc3268:
+ */
+#define GNUTLS_DHE_RSA_AES_128_CBC_SHA1 { 0x00, 0x33 }
+#define GNUTLS_DHE_RSA_AES_256_CBC_SHA1 { 0x00, 0x39 }
+
+/* rfc4132 */
+#define GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 { 0x00,0x45 }
+#define GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 { 0x00,0x88 }
+
+#define GNUTLS_DHE_RSA_AES_128_CBC_SHA256 { 0x00, 0x67 }
+#define GNUTLS_DHE_RSA_AES_256_CBC_SHA256 { 0x00, 0x6B }
+
+/* GCM: RFC5288 */
+#define GNUTLS_RSA_AES_128_GCM_SHA256 { 0x00, 0x9C }
+#define GNUTLS_DHE_RSA_AES_128_GCM_SHA256 {0x00,0x9E}
+#define GNUTLS_DHE_DSS_AES_128_GCM_SHA256 {0x00,0xA2}
+#define GNUTLS_DH_ANON_AES_128_GCM_SHA256 {0x00,0xA6}
+#define GNUTLS_RSA_AES_256_GCM_SHA384 { 0x00, 0x9D }
+#define GNUTLS_DHE_RSA_AES_256_GCM_SHA384 {0x00,0x9F}
+#define GNUTLS_DHE_DSS_AES_256_GCM_SHA384 {0x00,0xA3}
+#define GNUTLS_DH_ANON_AES_256_GCM_SHA384 {0x00,0xA7}
+
+/* CCM: RFC6655/7251 */
+#define GNUTLS_RSA_AES_128_CCM { 0xC0, 0x9C }
+#define GNUTLS_RSA_AES_256_CCM { 0xC0, 0x9D }
+#define GNUTLS_DHE_RSA_AES_128_CCM {0xC0,0x9E}
+#define GNUTLS_DHE_RSA_AES_256_CCM {0xC0,0x9F}
+
+#define GNUTLS_ECDHE_ECDSA_AES_128_CCM {0xC0,0xAC}
+#define GNUTLS_ECDHE_ECDSA_AES_256_CCM {0xC0,0xAD}
+
+#define GNUTLS_PSK_AES_128_CCM { 0xC0, 0xA4 }
+#define GNUTLS_PSK_AES_256_CCM { 0xC0, 0xA5 }
+#define GNUTLS_DHE_PSK_AES_128_CCM {0xC0,0xA6}
+#define GNUTLS_DHE_PSK_AES_256_CCM {0xC0,0xA7}
+
+/* CCM-8: RFC6655/7251 */
+#define GNUTLS_RSA_AES_128_CCM_8 { 0xC0, 0xA0 }
+#define GNUTLS_RSA_AES_256_CCM_8 { 0xC0, 0xA1 }
+#define GNUTLS_DHE_RSA_AES_128_CCM_8 {0xC0,0xA2}
+#define GNUTLS_DHE_RSA_AES_256_CCM_8 {0xC0,0xA3}
+
+#define GNUTLS_ECDHE_ECDSA_AES_128_CCM_8 {0xC0,0xAE}
+#define GNUTLS_ECDHE_ECDSA_AES_256_CCM_8 {0xC0,0xAF}
+
+#define GNUTLS_PSK_AES_128_CCM_8 { 0xC0, 0xA8 }
+#define GNUTLS_PSK_AES_256_CCM_8 { 0xC0, 0xA9 }
+#define GNUTLS_DHE_PSK_AES_128_CCM_8 {0xC0,0xAA}
+#define GNUTLS_DHE_PSK_AES_256_CCM_8 {0xC0,0xAB}
+
+
+/* RFC 5487 */
+/* GCM-PSK */
+#define GNUTLS_PSK_AES_128_GCM_SHA256 { 0x00, 0xA8 }
+#define GNUTLS_DHE_PSK_AES_128_GCM_SHA256 { 0x00, 0xAA }
+#define GNUTLS_PSK_AES_256_GCM_SHA384 { 0x00, 0xA9 }
+#define GNUTLS_DHE_PSK_AES_256_GCM_SHA384 { 0x00, 0xAB }
+
+#define GNUTLS_PSK_AES_256_CBC_SHA384     { 0x00,0xAF }
+#define GNUTLS_PSK_NULL_SHA384	    { 0x00,0xB1 }
+#define GNUTLS_DHE_PSK_AES_256_CBC_SHA384 { 0x00,0xB3 }
+#define GNUTLS_DHE_PSK_NULL_SHA384	{ 0x00,0xB5 }
+
+#define GNUTLS_PSK_NULL_SHA1	      { 0x00,0x2C }
+#define GNUTLS_DHE_PSK_NULL_SHA1	  { 0x00,0x2D }
+#define GNUTLS_RSA_PSK_NULL_SHA1	  { 0x00,0x2E }
+#define GNUTLS_ECDHE_PSK_NULL_SHA1	{ 0xC0,0x39 }
+
+#define GNUTLS_RSA_PSK_AES_128_GCM_SHA256 { 0x00,0xAC }
+#define GNUTLS_RSA_PSK_AES_256_GCM_SHA384 { 0x00,0xAD }
+#define GNUTLS_RSA_PSK_AES_128_CBC_SHA256 { 0x00,0xB6 }
+#define GNUTLS_RSA_PSK_AES_256_CBC_SHA384 { 0x00,0xB7 }
+#define GNUTLS_RSA_PSK_NULL_SHA256	{ 0x00,0xB8 }
+#define GNUTLS_RSA_PSK_NULL_SHA384	{ 0x00,0xB9 }
+
+
+/* PSK - SHA256 HMAC */
+#define GNUTLS_PSK_AES_128_CBC_SHA256 { 0x00, 0xAE }
+#define GNUTLS_DHE_PSK_AES_128_CBC_SHA256 { 0x00, 0xB2 }
+
+#define GNUTLS_PSK_NULL_SHA256 { 0x00, 0xB0 }
+#define GNUTLS_DHE_PSK_NULL_SHA256 { 0x00, 0xB4 }
+
+/* ECC */
+#define GNUTLS_ECDH_ANON_NULL_SHA1 { 0xC0, 0x15 }
+#define GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA1 { 0xC0, 0x17 }
+#define GNUTLS_ECDH_ANON_AES_128_CBC_SHA1 { 0xC0, 0x18 }
+#define GNUTLS_ECDH_ANON_AES_256_CBC_SHA1 { 0xC0, 0x19 }
+#define GNUTLS_ECDH_ANON_ARCFOUR_128_SHA1 { 0xC0, 0x16 }
+
+/* ECC-RSA */
+#define GNUTLS_ECDHE_RSA_NULL_SHA1 { 0xC0, 0x10 }
+#define GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1 { 0xC0, 0x12 }
+#define GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1 { 0xC0, 0x13 }
+#define GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1 { 0xC0, 0x14 }
+#define GNUTLS_ECDHE_RSA_ARCFOUR_128_SHA1 { 0xC0, 0x11 }
+
+/* ECC-ECDSA */
+#define GNUTLS_ECDHE_ECDSA_NULL_SHA1	   { 0xC0, 0x06 }
+#define GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1   { 0xC0, 0x08 }
+#define GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1    { 0xC0, 0x09 }
+#define GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1    { 0xC0, 0x0A }
+#define GNUTLS_ECDHE_ECDSA_ARCFOUR_128_SHA1 { 0xC0, 0x07 }
+
+/* RFC5289 */
+/* ECC with SHA2 */
+#define GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256     {0xC0,0x23}
+#define GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256       {0xC0,0x27}
+#define GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384       { 0xC0,0x28 }
+
+/* ECC with AES-GCM */
+#define GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256   {0xC0,0x2B}
+#define GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256     {0xC0,0x2F}
+#define GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384     {0xC0,0x30}
+
+/* SuiteB */
+#define GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384   {0xC0,0x2C}
+#define GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384   {0xC0,0x24}
+
+
+/* ECC with PSK */
+#define GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA1 { 0xC0, 0x34 }
+#define GNUTLS_ECDHE_PSK_AES_128_CBC_SHA1 { 0xC0, 0x35 }
+#define GNUTLS_ECDHE_PSK_AES_256_CBC_SHA1 { 0xC0, 0x36 }
+#define GNUTLS_ECDHE_PSK_AES_128_CBC_SHA256 { 0xC0, 0x37 }
+#define GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384 { 0xC0, 0x38 }
+#define GNUTLS_ECDHE_PSK_ARCFOUR_128_SHA1 { 0xC0, 0x33 }
+#define GNUTLS_ECDHE_PSK_NULL_SHA256 { 0xC0, 0x3A }
+#define GNUTLS_ECDHE_PSK_NULL_SHA384 { 0xC0, 0x3B }
+
+/* draft-smyshlyaev-tls12-gost-suites */
+#ifdef ENABLE_GOST
+#define GNUTLS_GOSTR341112_256_28147_CNT_IMIT { 0xc1, 0x02 }
+#endif
+
+#define CIPHER_SUITES_COUNT (sizeof(cs_algorithms)/sizeof(gnutls_cipher_suite_entry_st)-1)
+
+/* The following is a potential list of ciphersuites. For the options to be
+ * available, the ciphers and MACs must be available to gnutls as well.
+ */
+static const gnutls_cipher_suite_entry_st cs_algorithms[] = {
+/* TLS 1.3 */
+	ENTRY_TLS13(GNUTLS_AES_128_GCM_SHA256, "TLS_AES_128_GCM_SHA256",
+		    GNUTLS_CIPHER_AES_128_GCM,
+		    GNUTLS_TLS1_3,
+		    GNUTLS_MAC_SHA256),
+
+	ENTRY_TLS13(GNUTLS_AES_256_GCM_SHA384, "TLS_AES_256_GCM_SHA384",
+		    GNUTLS_CIPHER_AES_256_GCM,
+		    GNUTLS_TLS1_3,
+		    GNUTLS_MAC_SHA384),
+
+	ENTRY_TLS13(GNUTLS_CHACHA20_POLY1305_SHA256, "TLS_CHACHA20_POLY1305_SHA256",
+		    GNUTLS_CIPHER_CHACHA20_POLY1305,
+		    GNUTLS_TLS1_3,
+		    GNUTLS_MAC_SHA256),
+
+	ENTRY_TLS13(GNUTLS_AES_128_CCM_SHA256, "TLS_AES_128_CCM_SHA256",
+		    GNUTLS_CIPHER_AES_128_CCM,
+		    GNUTLS_TLS1_3,
+		    GNUTLS_MAC_SHA256),
+
+	ENTRY_TLS13(GNUTLS_AES_128_CCM_8_SHA256, "TLS_AES_128_CCM_8_SHA256",
+		    GNUTLS_CIPHER_AES_128_CCM_8,
+		    GNUTLS_TLS1_3,
+		    GNUTLS_MAC_SHA256),
+
+	/* RSA-NULL */
+	ENTRY(GNUTLS_RSA_NULL_MD5, "TLS_RSA_WITH_NULL_MD5",
+	      GNUTLS_CIPHER_NULL,
+	      GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_RSA_NULL_SHA1, "TLS_RSA_WITH_NULL_SHA",
+	      GNUTLS_CIPHER_NULL,
+	      GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_RSA_NULL_SHA256, "TLS_RSA_WITH_NULL_SHA256",
+	      GNUTLS_CIPHER_NULL,
+	      GNUTLS_KX_RSA, GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+
+	/* RSA */
+	ENTRY(GNUTLS_RSA_ARCFOUR_128_SHA1, "TLS_RSA_WITH_RC4_128_SHA",
+	      GNUTLS_CIPHER_ARCFOUR_128,
+	      GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_VERSION_UNKNOWN),
+	ENTRY(GNUTLS_RSA_ARCFOUR_128_MD5, "TLS_RSA_WITH_RC4_128_MD5",
+	      GNUTLS_CIPHER_ARCFOUR_128,
+	      GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3,
+	      GNUTLS_VERSION_UNKNOWN),
+	ENTRY(GNUTLS_RSA_3DES_EDE_CBC_SHA1, "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
+	      GNUTLS_CIPHER_3DES_CBC,
+	      GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_RSA_AES_128_CBC_SHA1, "TLS_RSA_WITH_AES_128_CBC_SHA",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_RSA_AES_256_CBC_SHA1, "TLS_RSA_WITH_AES_256_CBC_SHA",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+
+	ENTRY(GNUTLS_RSA_CAMELLIA_128_CBC_SHA256, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_RSA,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_RSA_CAMELLIA_256_CBC_SHA256, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_RSA,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_RSA_CAMELLIA_128_CBC_SHA1, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA",
+	      GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_RSA_CAMELLIA_256_CBC_SHA1, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA",
+	      GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_RSA_AES_128_CBC_SHA256, "TLS_RSA_WITH_AES_128_CBC_SHA256",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_RSA_AES_256_CBC_SHA256, "TLS_RSA_WITH_AES_256_CBC_SHA256",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+
+
+/* GCM */
+	ENTRY(GNUTLS_RSA_AES_128_GCM_SHA256, "TLS_RSA_WITH_AES_128_GCM_SHA256",
+	      GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_RSA_AES_256_GCM_SHA384, "TLS_RSA_WITH_AES_256_GCM_SHA384",
+		  GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_RSA,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY(GNUTLS_RSA_CAMELLIA_128_GCM_SHA256, "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_RSA_CAMELLIA_256_GCM_SHA384, "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_RSA,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+/* CCM */
+	ENTRY(GNUTLS_RSA_AES_128_CCM, "TLS_RSA_WITH_AES_128_CCM",
+	      GNUTLS_CIPHER_AES_128_CCM, GNUTLS_KX_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_RSA_AES_256_CCM, "TLS_RSA_WITH_AES_256_CCM",
+	      GNUTLS_CIPHER_AES_256_CCM, GNUTLS_KX_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+
+
+/* CCM_8 */
+	ENTRY(GNUTLS_RSA_AES_128_CCM_8, "TLS_RSA_WITH_AES_128_CCM_8",
+	      GNUTLS_CIPHER_AES_128_CCM_8, GNUTLS_KX_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_RSA_AES_256_CCM_8, "TLS_RSA_WITH_AES_256_CCM_8",
+	      GNUTLS_CIPHER_AES_256_CCM_8, GNUTLS_KX_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+
+
+	/* DHE_DSS */
+#ifdef ENABLE_DHE
+	ENTRY(GNUTLS_DHE_DSS_ARCFOUR_128_SHA1, "TLS_DHE_DSS_RC4_128_SHA",
+	      GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_KX_DHE_DSS,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_VERSION_UNKNOWN),
+	ENTRY(GNUTLS_DHE_DSS_3DES_EDE_CBC_SHA1, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
+	      GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_DSS,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DHE_DSS_AES_128_CBC_SHA1, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_DSS,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DHE_DSS_AES_256_CBC_SHA1, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_DSS,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA256, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_CBC,
+	      GNUTLS_KX_DHE_DSS,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA256, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_256_CBC,
+	      GNUTLS_KX_DHE_DSS,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+
+	ENTRY(GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA",
+	      GNUTLS_CIPHER_CAMELLIA_128_CBC,
+	      GNUTLS_KX_DHE_DSS,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA",
+	      GNUTLS_CIPHER_CAMELLIA_256_CBC,
+	      GNUTLS_KX_DHE_DSS,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DHE_DSS_AES_128_CBC_SHA256, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_DSS,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_DSS_AES_256_CBC_SHA256, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_DSS,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+/* GCM */
+	ENTRY(GNUTLS_DHE_DSS_AES_128_GCM_SHA256, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
+	      GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_DHE_DSS,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_DHE_DSS_AES_256_GCM_SHA384, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
+		  GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_DHE_DSS,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY(GNUTLS_DHE_DSS_CAMELLIA_128_GCM_SHA256, "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_DHE_DSS,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_DHE_DSS_CAMELLIA_256_GCM_SHA384, "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_DHE_DSS,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+	/* DHE_RSA */
+	ENTRY(GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
+	      GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DHE_RSA_AES_128_CBC_SHA1, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DHE_RSA_AES_256_CBC_SHA1, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA256, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_CBC,
+	      GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA256, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_256_CBC,
+	      GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA",
+	      GNUTLS_CIPHER_CAMELLIA_128_CBC,
+	      GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA",
+	      GNUTLS_CIPHER_CAMELLIA_256_CBC,
+	      GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DHE_RSA_AES_128_CBC_SHA256, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_RSA_AES_256_CBC_SHA256, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+/* GCM */
+	ENTRY(GNUTLS_DHE_RSA_AES_128_GCM_SHA256, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
+	      GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_DHE_RSA_AES_256_GCM_SHA384, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
+		  GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_DHE_RSA,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY(GNUTLS_DHE_RSA_CAMELLIA_128_GCM_SHA256, "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_DHE_RSA_CAMELLIA_256_GCM_SHA384, "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_DHE_RSA,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+	ENTRY(GNUTLS_DHE_RSA_CHACHA20_POLY1305, "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
+	      GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, GNUTLS_DTLS1_2),
+
+/* CCM */
+	ENTRY(GNUTLS_DHE_RSA_AES_128_CCM, "TLS_DHE_RSA_WITH_AES_128_CCM",
+	      GNUTLS_CIPHER_AES_128_CCM, GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_RSA_AES_256_CCM, "TLS_DHE_RSA_WITH_AES_256_CCM",
+	      GNUTLS_CIPHER_AES_256_CCM, GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_RSA_AES_128_CCM_8, "TLS_DHE_RSA_WITH_AES_128_CCM_8",
+	      GNUTLS_CIPHER_AES_128_CCM_8, GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_RSA_AES_256_CCM_8, "TLS_DHE_RSA_WITH_AES_256_CCM_8",
+	      GNUTLS_CIPHER_AES_256_CCM_8, GNUTLS_KX_DHE_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+
+#endif				/* DHE */
+#ifdef ENABLE_ECDHE
+/* ECC-RSA */
+	ENTRY(GNUTLS_ECDHE_RSA_NULL_SHA1, "TLS_ECDHE_RSA_WITH_NULL_SHA",
+	      GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
+	      GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY_PRF(GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+		  GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_RSA,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY(GNUTLS_ECDHE_RSA_ARCFOUR_128_SHA1, "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
+	      GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_ECDHE_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_VERSION_UNKNOWN),
+	ENTRY(GNUTLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_ECDHE_RSA,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_ECDHE_RSA,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+	/* ECDHE-ECDSA */
+	ENTRY(GNUTLS_ECDHE_ECDSA_NULL_SHA1, "TLS_ECDHE_ECDSA_WITH_NULL_SHA",
+	      GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_ECDSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
+	      GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_ECDSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_ECDSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_ECDSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDHE_ECDSA_ARCFOUR_128_SHA1, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
+	      GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_ECDHE_ECDSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_VERSION_UNKNOWN),
+	ENTRY(GNUTLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_ECDHE_ECDSA,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_ECDHE_ECDSA,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+	/* More ECC */
+
+	ENTRY(GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_ECDSA,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_RSA,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_ECDHE_ECDSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_ECDHE_ECDSA,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY(GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+	      GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_ECDHE_ECDSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+		  GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_ECDHE_ECDSA,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY(GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+	      GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_ECDHE_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+		  GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_ECDHE_RSA,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY_PRF(GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
+		  GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_ECDSA,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+	ENTRY(GNUTLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_ECDHE_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_ECDHE_RSA,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+	ENTRY(GNUTLS_ECDHE_RSA_CHACHA20_POLY1305, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
+	      GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_KX_ECDHE_RSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+
+	ENTRY(GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
+	      GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_KX_ECDHE_ECDSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+
+	ENTRY(GNUTLS_ECDHE_ECDSA_AES_128_CCM, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM",
+	      GNUTLS_CIPHER_AES_128_CCM, GNUTLS_KX_ECDHE_ECDSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_ECDHE_ECDSA_AES_256_CCM, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM",
+	      GNUTLS_CIPHER_AES_256_CCM, GNUTLS_KX_ECDHE_ECDSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_ECDHE_ECDSA_AES_128_CCM_8, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8",
+	      GNUTLS_CIPHER_AES_128_CCM_8, GNUTLS_KX_ECDHE_ECDSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_ECDHE_ECDSA_AES_256_CCM_8, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8",
+	      GNUTLS_CIPHER_AES_256_CCM_8, GNUTLS_KX_ECDHE_ECDSA,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+#endif
+#ifdef ENABLE_PSK
+	/* ECC - PSK */
+	ENTRY(GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA1, "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA",
+	      GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDHE_PSK_AES_128_CBC_SHA1, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDHE_PSK_AES_256_CBC_SHA1, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDHE_PSK_AES_128_CBC_SHA256, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_PSK,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384",
+		  GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_PSK,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY(GNUTLS_ECDHE_PSK_ARCFOUR_128_SHA1, "TLS_ECDHE_PSK_WITH_RC4_128_SHA",
+	      GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_ECDHE_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_VERSION_UNKNOWN),
+	ENTRY(GNUTLS_ECDHE_PSK_NULL_SHA1, "TLS_ECDHE_PSK_WITH_NULL_SHA",
+	      GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDHE_PSK_NULL_SHA256, "TLS_ECDHE_PSK_WITH_NULL_SHA256",
+	      GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_PSK,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_ECDHE_PSK_NULL_SHA384, "TLS_ECDHE_PSK_WITH_NULL_SHA384",
+		  GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_PSK,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY(GNUTLS_ECDHE_PSK_CAMELLIA_128_CBC_SHA256, "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_ECDHE_PSK,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_ECDHE_PSK_CAMELLIA_256_CBC_SHA384, "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_ECDHE_PSK,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+	/* PSK */
+	ENTRY(GNUTLS_PSK_ARCFOUR_128_SHA1, "TLS_PSK_WITH_RC4_128_SHA",
+	      GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_VERSION_UNKNOWN),
+	ENTRY(GNUTLS_PSK_3DES_EDE_CBC_SHA1, "TLS_PSK_WITH_3DES_EDE_CBC_SHA",
+	      GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_PSK_AES_128_CBC_SHA1, "TLS_PSK_WITH_AES_128_CBC_SHA",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_PSK_AES_256_CBC_SHA1, "TLS_PSK_WITH_AES_256_CBC_SHA",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_PSK_AES_128_CBC_SHA256, "TLS_PSK_WITH_AES_128_CBC_SHA256",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_PSK_AES_256_GCM_SHA384, "TLS_PSK_WITH_AES_256_GCM_SHA384",
+		  GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_PSK,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY(GNUTLS_PSK_CAMELLIA_128_GCM_SHA256, "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_PSK_CAMELLIA_256_GCM_SHA384, "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_PSK,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+
+	ENTRY(GNUTLS_PSK_AES_128_GCM_SHA256, "TLS_PSK_WITH_AES_128_GCM_SHA256",
+	      GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_PSK_NULL_SHA1, "TLS_PSK_WITH_NULL_SHA",
+	      GNUTLS_CIPHER_NULL, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_PSK_NULL_SHA256, "TLS_PSK_WITH_NULL_SHA256",
+	      GNUTLS_CIPHER_NULL, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_PSK_CAMELLIA_128_CBC_SHA256, "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_PSK_CAMELLIA_256_CBC_SHA384, "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_PSK,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+	ENTRY_PRF(GNUTLS_PSK_AES_256_CBC_SHA384, "TLS_PSK_WITH_AES_256_CBC_SHA384",
+		  GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_PSK,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY_PRF(GNUTLS_PSK_NULL_SHA384, "TLS_PSK_WITH_NULL_SHA384",
+		  GNUTLS_CIPHER_NULL, GNUTLS_KX_PSK,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+	/* RSA-PSK */
+	ENTRY(GNUTLS_RSA_PSK_ARCFOUR_128_SHA1, "TLS_RSA_PSK_WITH_RC4_128_SHA",
+	      GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_RSA_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_TLS1,
+	      GNUTLS_VERSION_UNKNOWN),
+	ENTRY(GNUTLS_RSA_PSK_3DES_EDE_CBC_SHA1, "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA",
+	      GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_RSA_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_TLS1,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_RSA_PSK_AES_128_CBC_SHA1, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_TLS1,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_RSA_PSK_AES_256_CBC_SHA1, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_TLS1,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_RSA_PSK_CAMELLIA_128_GCM_SHA256, "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_RSA_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_RSA_PSK_CAMELLIA_256_GCM_SHA384, "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_RSA_PSK,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+
+	ENTRY(GNUTLS_RSA_PSK_AES_128_GCM_SHA256, "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256",
+	      GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_RSA_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_RSA_PSK_AES_128_CBC_SHA256, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA_PSK,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_RSA_PSK_NULL_SHA1, "TLS_RSA_PSK_WITH_NULL_SHA",
+	      GNUTLS_CIPHER_NULL, GNUTLS_KX_RSA_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_TLS1,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_RSA_PSK_NULL_SHA256, "TLS_RSA_PSK_WITH_NULL_SHA256",
+	      GNUTLS_CIPHER_NULL, GNUTLS_KX_RSA_PSK,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_RSA_PSK_AES_256_GCM_SHA384, "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384",
+		  GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_RSA_PSK,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY_PRF(GNUTLS_RSA_PSK_AES_256_CBC_SHA384, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384",
+		  GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA_PSK,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY_PRF(GNUTLS_RSA_PSK_NULL_SHA384, "TLS_RSA_PSK_WITH_NULL_SHA384",
+		  GNUTLS_CIPHER_NULL, GNUTLS_KX_RSA_PSK,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY(GNUTLS_RSA_PSK_CAMELLIA_128_CBC_SHA256, "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_RSA_PSK,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_RSA_PSK_CAMELLIA_256_CBC_SHA384, "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_RSA_PSK,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+
+	/* DHE-PSK */
+	ENTRY(GNUTLS_DHE_PSK_ARCFOUR_128_SHA1, "TLS_DHE_PSK_WITH_RC4_128_SHA",
+	      GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_VERSION_UNKNOWN),
+	ENTRY(GNUTLS_DHE_PSK_3DES_EDE_CBC_SHA1, "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA",
+	      GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DHE_PSK_AES_128_CBC_SHA1, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DHE_PSK_AES_256_CBC_SHA1, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DHE_PSK_AES_128_CBC_SHA256, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_PSK_AES_128_GCM_SHA256, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256",
+	      GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_PSK_NULL_SHA1, "TLS_DHE_PSK_WITH_NULL_SHA",
+	      GNUTLS_CIPHER_NULL, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DHE_PSK_NULL_SHA256, "TLS_DHE_PSK_WITH_NULL_SHA256",
+	      GNUTLS_CIPHER_NULL, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_DHE_PSK_NULL_SHA384, "TLS_DHE_PSK_WITH_NULL_SHA384",
+		  GNUTLS_CIPHER_NULL, GNUTLS_KX_DHE_PSK,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY_PRF(GNUTLS_DHE_PSK_AES_256_CBC_SHA384, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384",
+		  GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_PSK,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY_PRF(GNUTLS_DHE_PSK_AES_256_GCM_SHA384, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384",
+		  GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_DHE_PSK,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY(GNUTLS_DHE_PSK_CAMELLIA_128_CBC_SHA256, "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_DHE_PSK_CAMELLIA_256_CBC_SHA384, "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_DHE_PSK,
+		  GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY(GNUTLS_DHE_PSK_CAMELLIA_128_GCM_SHA256, "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_DHE_PSK_CAMELLIA_256_GCM_SHA384, "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_DHE_PSK,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+	ENTRY(GNUTLS_PSK_AES_128_CCM, "TLS_PSK_WITH_AES_128_CCM",
+	      GNUTLS_CIPHER_AES_128_CCM, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_PSK_AES_256_CCM, "TLS_PSK_WITH_AES_256_CCM",
+	      GNUTLS_CIPHER_AES_256_CCM, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_PSK_AES_128_CCM, "TLS_DHE_PSK_WITH_AES_128_CCM",
+	      GNUTLS_CIPHER_AES_128_CCM, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_PSK_AES_256_CCM, "TLS_DHE_PSK_WITH_AES_256_CCM",
+	      GNUTLS_CIPHER_AES_256_CCM, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_PSK_AES_128_CCM_8, "TLS_PSK_WITH_AES_128_CCM_8",
+	      GNUTLS_CIPHER_AES_128_CCM_8, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_PSK_AES_256_CCM_8, "TLS_PSK_WITH_AES_256_CCM_8",
+	      GNUTLS_CIPHER_AES_256_CCM_8, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_PSK_AES_128_CCM_8, "TLS_PSK_DHE_WITH_AES_128_CCM_8",
+	      GNUTLS_CIPHER_AES_128_CCM_8, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_PSK_AES_256_CCM_8, "TLS_PSK_DHE_WITH_AES_256_CCM_8",
+	      GNUTLS_CIPHER_AES_256_CCM_8, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DHE_PSK_CHACHA20_POLY1305, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
+	      GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_KX_DHE_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_ECDHE_PSK_CHACHA20_POLY1305, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
+	      GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_KX_ECDHE_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, GNUTLS_DTLS1_2),
+
+	ENTRY(GNUTLS_RSA_PSK_CHACHA20_POLY1305, "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256",
+	      GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_KX_RSA_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, GNUTLS_DTLS1_2),
+
+	ENTRY(GNUTLS_PSK_CHACHA20_POLY1305, "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256",
+	      GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_KX_PSK,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, GNUTLS_DTLS1_2),
+
+#endif
+#ifdef ENABLE_ANON
+	/* DH_ANON */
+	ENTRY(GNUTLS_DH_ANON_ARCFOUR_128_MD5, "TLS_DH_anon_WITH_RC4_128_MD5",
+	      GNUTLS_CIPHER_ARCFOUR_128,
+	      GNUTLS_KX_ANON_DH, GNUTLS_MAC_MD5,
+	      GNUTLS_SSL3, GNUTLS_VERSION_UNKNOWN),
+	ENTRY(GNUTLS_DH_ANON_3DES_EDE_CBC_SHA1, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
+	      GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ANON_DH,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DH_ANON_AES_128_CBC_SHA1, "TLS_DH_anon_WITH_AES_128_CBC_SHA",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_DH,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DH_ANON_AES_256_CBC_SHA1, "TLS_DH_anon_WITH_AES_256_CBC_SHA",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_DH,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DH_ANON_CAMELLIA_128_CBC_SHA256, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_CBC,
+	      GNUTLS_KX_ANON_DH,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DH_ANON_CAMELLIA_256_CBC_SHA256, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_256_CBC,
+	      GNUTLS_KX_ANON_DH,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DH_ANON_CAMELLIA_128_CBC_SHA1, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA",
+	      GNUTLS_CIPHER_CAMELLIA_128_CBC,
+	      GNUTLS_KX_ANON_DH,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DH_ANON_CAMELLIA_256_CBC_SHA1, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA",
+	      GNUTLS_CIPHER_CAMELLIA_256_CBC,
+	      GNUTLS_KX_ANON_DH,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_DH_ANON_AES_128_CBC_SHA256, "TLS_DH_anon_WITH_AES_128_CBC_SHA256",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_DH,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DH_ANON_AES_256_CBC_SHA256, "TLS_DH_anon_WITH_AES_256_CBC_SHA256",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_DH,
+	      GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY(GNUTLS_DH_ANON_AES_128_GCM_SHA256, "TLS_DH_anon_WITH_AES_128_GCM_SHA256",
+	      GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_ANON_DH,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_DH_ANON_AES_256_GCM_SHA384, "TLS_DH_anon_WITH_AES_256_GCM_SHA384",
+		  GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_ANON_DH,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+	ENTRY(GNUTLS_DH_ANON_CAMELLIA_128_GCM_SHA256, "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256",
+	      GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_ANON_DH,
+	      GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+	      GNUTLS_DTLS1_2),
+	ENTRY_PRF(GNUTLS_DH_ANON_CAMELLIA_256_GCM_SHA384, "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384",
+		  GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_ANON_DH,
+		  GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+		  GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384),
+
+/* ECC-ANON */
+	ENTRY(GNUTLS_ECDH_ANON_NULL_SHA1, "TLS_ECDH_anon_WITH_NULL_SHA",
+	      GNUTLS_CIPHER_NULL, GNUTLS_KX_ANON_ECDH,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA1, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
+	      GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ANON_ECDH,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDH_ANON_AES_128_CBC_SHA1, "TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_ECDH,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDH_ANON_AES_256_CBC_SHA1, "TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_ECDH,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_ECDH_ANON_ARCFOUR_128_SHA1, "TLS_ECDH_anon_WITH_RC4_128_SHA",
+	      GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_ANON_ECDH,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_VERSION_UNKNOWN),
+#endif
+#ifdef ENABLE_SRP
+	/* SRP */
+	ENTRY(GNUTLS_SRP_SHA_3DES_EDE_CBC_SHA1, "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA",
+	      GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_SRP_SHA_AES_128_CBC_SHA1, "TLS_SRP_SHA_WITH_AES_128_CBC_SHA",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+	ENTRY(GNUTLS_SRP_SHA_AES_256_CBC_SHA1, "TLS_SRP_SHA_WITH_AES_256_CBC_SHA",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+
+	ENTRY(GNUTLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1, "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA",
+	      GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP_DSS,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+
+	ENTRY(GNUTLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1, "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA",
+	      GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+
+	ENTRY(GNUTLS_SRP_SHA_DSS_AES_128_CBC_SHA1, "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP_DSS,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+
+	ENTRY(GNUTLS_SRP_SHA_RSA_AES_128_CBC_SHA1, "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA",
+	      GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+
+	ENTRY(GNUTLS_SRP_SHA_DSS_AES_256_CBC_SHA1, "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP_DSS,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+
+	ENTRY(GNUTLS_SRP_SHA_RSA_AES_256_CBC_SHA1, "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA",
+	      GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP_RSA,
+	      GNUTLS_MAC_SHA1, GNUTLS_SSL3,
+	      GNUTLS_DTLS_VERSION_MIN),
+#endif
+
+#ifdef ENABLE_GOST
+	ENTRY_PRF(GNUTLS_GOSTR341112_256_28147_CNT_IMIT, "TLS_GOSTR341112_256_WITH_28147_CNT_IMIT",
+		  GNUTLS_CIPHER_GOST28147_TC26Z_CNT, GNUTLS_KX_VKO_GOST_12,
+		  GNUTLS_MAC_GOST28147_TC26Z_IMIT, GNUTLS_TLS1_2,
+		  GNUTLS_VERSION_UNKNOWN, GNUTLS_MAC_STREEBOG_256),
+#endif
+
+	{0, {0, 0}, 0, 0, 0, 0, 0, 0}
+};
+
+#define CIPHER_SUITE_LOOP(b) { \
+	const gnutls_cipher_suite_entry_st *p; \
+		for(p = cs_algorithms; p->name != NULL; p++) { b ; } }
+
+#define CIPHER_SUITE_ALG_LOOP(a, suite) \
+	CIPHER_SUITE_LOOP( if( (p->id[0] == suite[0]) && (p->id[1] == suite[1])) { a; break; } )
+
+
+/* Cipher Suite's functions */
+const gnutls_cipher_suite_entry_st *ciphersuite_to_entry(const uint8_t suite[2])
+{
+	CIPHER_SUITE_ALG_LOOP(return p, suite);
+	return NULL;
+}
+
+gnutls_kx_algorithm_t
+_gnutls_cipher_suite_get_kx_algo(const uint8_t suite[2])
+{
+	gnutls_kx_algorithm_t ret = GNUTLS_KX_UNKNOWN;
+
+	CIPHER_SUITE_ALG_LOOP(ret = p->kx_algorithm, suite);
+	return ret;
+
+}
+
+const char *_gnutls_cipher_suite_get_name(const uint8_t suite[2])
+{
+	const char *ret = NULL;
+
+	/* avoid prefix */
+	CIPHER_SUITE_ALG_LOOP(ret = p->name + sizeof("GNUTLS_") - 1, suite);
+
+	return ret;
+}
+
+
+const gnutls_cipher_suite_entry_st
+    *cipher_suite_get(gnutls_kx_algorithm_t kx_algorithm,
+		      gnutls_cipher_algorithm_t cipher_algorithm,
+		      gnutls_mac_algorithm_t mac_algorithm)
+{
+	const gnutls_cipher_suite_entry_st *ret = NULL;
+
+	CIPHER_SUITE_LOOP(
+		if (kx_algorithm == p->kx_algorithm &&
+			      cipher_algorithm == p->block_algorithm
+			      && mac_algorithm == p->mac_algorithm) {
+			ret = p;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/* Returns 0 if the given KX has not the corresponding parameters
+ * (DH or RSA) set up. Otherwise returns 1.
+ */
+static unsigned
+check_server_dh_params(gnutls_session_t session,
+		    unsigned cred_type,
+		    gnutls_kx_algorithm_t kx)
+{
+	unsigned have_dh_params = 0;
+
+	if (!_gnutls_kx_needs_dh_params(kx)) {
+		return 1;
+	}
+
+	if (session->internals.hsk_flags & HSK_HAVE_FFDHE) {
+		/* if the client has advertized FFDHE then it doesn't matter
+		 * whether we have server DH parameters. They are no good. */
+		gnutls_assert();
+		return 0;
+	}
+
+	/* Read the Diffie-Hellman parameters, if any.
+	 */
+	if (cred_type == GNUTLS_CRD_CERTIFICATE) {
+		gnutls_certificate_credentials_t x509_cred =
+		    (gnutls_certificate_credentials_t)
+		    _gnutls_get_cred(session, cred_type);
+
+		if (x509_cred != NULL && (x509_cred->dh_params || x509_cred->params_func || x509_cred->dh_sec_param)) {
+			have_dh_params = 1;
+		}
+
+#ifdef ENABLE_ANON
+	} else if (cred_type == GNUTLS_CRD_ANON) {
+		gnutls_anon_server_credentials_t anon_cred =
+		    (gnutls_anon_server_credentials_t)
+		    _gnutls_get_cred(session, cred_type);
+
+		if (anon_cred != NULL && (anon_cred->dh_params || anon_cred->params_func || anon_cred->dh_sec_param)) {
+			have_dh_params = 1;
+		}
+#endif
+#ifdef ENABLE_PSK
+	} else if (cred_type == GNUTLS_CRD_PSK) {
+		gnutls_psk_server_credentials_t psk_cred =
+		    (gnutls_psk_server_credentials_t)
+		    _gnutls_get_cred(session, cred_type);
+
+		if (psk_cred != NULL && (psk_cred->dh_params || psk_cred->params_func || psk_cred->dh_sec_param)) {
+			have_dh_params = 1;
+		}
+#endif
+	} else {
+		return 1;	/* no need for params */
+	}
+
+	return have_dh_params;
+}
+
+/**
+ * gnutls_cipher_suite_get_name:
+ * @kx_algorithm: is a Key exchange algorithm
+ * @cipher_algorithm: is a cipher algorithm
+ * @mac_algorithm: is a MAC algorithm
+ *
+ * This function returns the ciphersuite name under TLS1.2 or earlier
+ * versions when provided with individual algorithms. The full cipher suite
+ * name must be prepended by TLS or SSL depending of the protocol in use.
+ *
+ * To get a description of the current ciphersuite across versions, it
+ * is recommended to use gnutls_session_get_desc().
+ *
+ * Returns: a string that contains the name of a TLS cipher suite,
+ * specified by the given algorithms, or %NULL.
+ **/
+const char *gnutls_cipher_suite_get_name(gnutls_kx_algorithm_t
+					 kx_algorithm,
+					 gnutls_cipher_algorithm_t
+					 cipher_algorithm,
+					 gnutls_mac_algorithm_t
+					 mac_algorithm)
+{
+	const gnutls_cipher_suite_entry_st *ce;
+
+	ce = cipher_suite_get(kx_algorithm, cipher_algorithm,
+			      mac_algorithm);
+	if (ce == NULL)
+		return NULL;
+	else
+		return ce->name + sizeof("GNUTLS_") - 1;
+}
+
+/*-
+ * _gnutls_cipher_suite_get_id:
+ * @kx_algorithm: is a Key exchange algorithm
+ * @cipher_algorithm: is a cipher algorithm
+ * @mac_algorithm: is a MAC algorithm
+ * @suite: The id to be returned
+ *
+ * This function returns the ciphersuite ID in @suite, under TLS1.2 or earlier
+ * versions when provided with individual algorithms.
+ *
+ * Returns: 0 on success or a negative error code otherwise.
+ -*/
+int
+_gnutls_cipher_suite_get_id(gnutls_kx_algorithm_t kx_algorithm,
+			    gnutls_cipher_algorithm_t cipher_algorithm,
+			    gnutls_mac_algorithm_t mac_algorithm,
+			    uint8_t suite[2])
+{
+	const gnutls_cipher_suite_entry_st *ce;
+
+	ce = cipher_suite_get(kx_algorithm, cipher_algorithm,
+			      mac_algorithm);
+	if (ce == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+	else {
+		suite[0] = ce->id[0];
+		suite[1] = ce->id[1];
+	}
+	return 0;
+}
+
+/**
+ * gnutls_cipher_suite_info:
+ * @idx: index of cipher suite to get information about, starts on 0.
+ * @cs_id: output buffer with room for 2 bytes, indicating cipher suite value
+ * @kx: output variable indicating key exchange algorithm, or %NULL.
+ * @cipher: output variable indicating cipher, or %NULL.
+ * @mac: output variable indicating MAC algorithm, or %NULL.
+ * @min_version: output variable indicating TLS protocol version, or %NULL.
+ *
+ * Get information about supported cipher suites.  Use the function
+ * iteratively to get information about all supported cipher suites.
+ * Call with idx=0 to get information about first cipher suite, then
+ * idx=1 and so on until the function returns NULL.
+ *
+ * Returns: the name of @idx cipher suite, and set the information
+ * about the cipher suite in the output variables.  If @idx is out of
+ * bounds, %NULL is returned.
+ **/
+const char *gnutls_cipher_suite_info(size_t idx,
+				     unsigned char *cs_id,
+				     gnutls_kx_algorithm_t * kx,
+				     gnutls_cipher_algorithm_t * cipher,
+				     gnutls_mac_algorithm_t * mac,
+				     gnutls_protocol_t * min_version)
+{
+	if (idx >= CIPHER_SUITES_COUNT)
+		return NULL;
+
+	if (cs_id)
+		memcpy(cs_id, cs_algorithms[idx].id, 2);
+	if (kx)
+		*kx = cs_algorithms[idx].kx_algorithm;
+	if (cipher)
+		*cipher = cs_algorithms[idx].block_algorithm;
+	if (mac)
+		*mac = cs_algorithms[idx].mac_algorithm;
+	if (min_version)
+		*min_version = cs_algorithms[idx].min_version;
+
+	return cs_algorithms[idx].name + sizeof("GNU") - 1;
+}
+
+#define VERSION_CHECK(entry) \
+			if (is_dtls) { \
+				if (entry->min_dtls_version == GNUTLS_VERSION_UNKNOWN || \
+				    version->id < entry->min_dtls_version || \
+				    version->id > entry->max_dtls_version) \
+					continue; \
+			} else { \
+				if (entry->min_version == GNUTLS_VERSION_UNKNOWN || \
+				    version->id < entry->min_version || \
+				    version->id > entry->max_version) \
+					continue; \
+			}
+
+#define CIPHER_CHECK(algo) \
+			if (session->internals.priorities->force_etm && !have_etm) { \
+				const cipher_entry_st *_cipher; \
+				_cipher = cipher_to_entry(algo); \
+				if (_cipher == NULL || _gnutls_cipher_type(_cipher) == CIPHER_BLOCK) \
+					continue; \
+			}
+
+#define KX_SRP_CHECKS(kx, action) \
+	if (kx == GNUTLS_KX_SRP_RSA || kx == GNUTLS_KX_SRP_DSS) { \
+		if (!_gnutls_get_cred(session, GNUTLS_CRD_SRP)) { \
+			action; \
+		} \
+	}
+
+static unsigned kx_is_ok(gnutls_session_t session, gnutls_kx_algorithm_t kx, unsigned cred_type,
+			 const gnutls_group_entry_st **sgroup)
+{
+	if (_gnutls_kx_is_ecc(kx)) {
+		if (session->internals.cand_ec_group == NULL) {
+			return 0;
+		} else {
+			*sgroup = session->internals.cand_ec_group;
+		}
+	} else if (_gnutls_kx_is_dhe(kx)) {
+		if (session->internals.cand_dh_group == NULL) {
+			if (!check_server_dh_params(session, cred_type, kx)) {
+				return 0;
+			}
+		} else {
+			*sgroup = session->internals.cand_dh_group;
+		}
+	}
+	KX_SRP_CHECKS(kx, return 0);
+
+	return 1;
+}
+
+/* Called on server-side only */
+int
+_gnutls_figure_common_ciphersuite(gnutls_session_t session,
+				  const ciphersuite_list_st *peer_clist,
+				  const gnutls_cipher_suite_entry_st **ce)
+{
+
+	unsigned int i, j;
+	int ret;
+	const version_entry_st *version = get_version(session);
+	unsigned int is_dtls = IS_DTLS(session);
+	gnutls_kx_algorithm_t kx;
+	gnutls_credentials_type_t cred_type = GNUTLS_CRD_CERTIFICATE; /* default for TLS1.3 */
+	const gnutls_group_entry_st *sgroup = NULL;
+	gnutls_ext_priv_data_t epriv;
+	unsigned have_etm = 0;
+
+	if (version == NULL) {
+		return gnutls_assert_val(GNUTLS_E_NO_CIPHER_SUITES);
+	}
+
+	/* we figure whether etm is negotiated by checking the raw extension data
+	 * because we only set (security_params) EtM to true only after the ciphersuite is
+	 * negotiated. */
+	ret = _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_ETM, &epriv);
+	if (ret >= 0 && ((intptr_t)epriv) != 0)
+		have_etm = 1;
+
+	/* If we didn't receive the supported_groups extension, then
+	 * we should assume that SECP256R1 is supported; that is required
+	 * by RFC4492, probably to allow SSLv2 hellos negotiate elliptic curve
+	 * ciphersuites */
+	if (!version->tls13_sem && session->internals.cand_ec_group == NULL &&
+	    !_gnutls_hello_ext_is_present(session, GNUTLS_EXTENSION_SUPPORTED_GROUPS)) {
+		session->internals.cand_ec_group = _gnutls_id_to_group(DEFAULT_EC_GROUP);
+	}
+
+	if (session->internals.priorities->server_precedence == 0) {
+		for (i = 0; i < peer_clist->size; i++) {
+			_gnutls_debug_log("checking %.2x.%.2x (%s) for compatibility\n",
+				(unsigned)peer_clist->entry[i]->id[0],
+				(unsigned)peer_clist->entry[i]->id[1],
+				peer_clist->entry[i]->name);
+			VERSION_CHECK(peer_clist->entry[i]);
+
+			kx = peer_clist->entry[i]->kx_algorithm;
+
+			CIPHER_CHECK(peer_clist->entry[i]->block_algorithm);
+
+			if (!version->tls13_sem)
+				cred_type = _gnutls_map_kx_get_cred(kx, 1);
+
+			for (j = 0; j < session->internals.priorities->cs.size; j++) {
+				if (session->internals.priorities->cs.entry[j] == peer_clist->entry[i]) {
+					sgroup = NULL;
+					if (!kx_is_ok(session, kx, cred_type, &sgroup))
+						continue;
+
+					/* if we have selected PSK, we need a ciphersuites which matches
+					 * the selected binder */
+					if (session->internals.hsk_flags & HSK_PSK_SELECTED) {
+						if (session->key.binders[0].prf->id != session->internals.priorities->cs.entry[j]->prf)
+							continue;
+					} else if (cred_type == GNUTLS_CRD_CERTIFICATE) {
+						ret = _gnutls_select_server_cert(session, peer_clist->entry[i]);
+						if (ret < 0) {
+							/* couldn't select cert with this ciphersuite */
+							gnutls_assert();
+							break;
+						}
+					}
+
+					/* select the group based on the selected ciphersuite */
+					if (sgroup)
+						_gnutls_session_group_set(session, sgroup);
+					*ce = peer_clist->entry[i];
+					return 0;
+				}
+			}
+		}
+	} else {
+		for (j = 0; j < session->internals.priorities->cs.size; j++) {
+			VERSION_CHECK(session->internals.priorities->cs.entry[j]);
+
+			CIPHER_CHECK(session->internals.priorities->cs.entry[j]->block_algorithm);
+
+			for (i = 0; i < peer_clist->size; i++) {
+				_gnutls_debug_log("checking %.2x.%.2x (%s) for compatibility\n",
+					(unsigned)peer_clist->entry[i]->id[0],
+					(unsigned)peer_clist->entry[i]->id[1],
+					peer_clist->entry[i]->name);
+
+				if (session->internals.priorities->cs.entry[j] == peer_clist->entry[i]) {
+					sgroup = NULL;
+					kx = peer_clist->entry[i]->kx_algorithm;
+
+					if (!version->tls13_sem)
+						cred_type = _gnutls_map_kx_get_cred(kx, 1);
+
+					if (!kx_is_ok(session, kx, cred_type, &sgroup))
+						break;
+
+					/* if we have selected PSK, we need a ciphersuites which matches
+					 * the selected binder */
+					if (session->internals.hsk_flags & HSK_PSK_SELECTED) {
+						if (session->key.binders[0].prf->id != session->internals.priorities->cs.entry[j]->prf)
+							break;
+					} else if (cred_type == GNUTLS_CRD_CERTIFICATE) {
+						ret = _gnutls_select_server_cert(session, peer_clist->entry[i]);
+						if (ret < 0) {
+							/* couldn't select cert with this ciphersuite */
+							gnutls_assert();
+							break;
+						}
+					}
+
+					/* select the group based on the selected ciphersuite */
+					if (sgroup)
+						_gnutls_session_group_set(session, sgroup);
+					*ce = peer_clist->entry[i];
+					return 0;
+				}
+			}
+		}
+
+	}
+
+	/* nothing in common */
+
+	return gnutls_assert_val(GNUTLS_E_NO_CIPHER_SUITES);
+}
+
+#define CLIENT_VERSION_CHECK(minver, maxver, e) \
+			if (is_dtls) { \
+				if (e->min_dtls_version > maxver->id) \
+					continue; \
+			} else { \
+				if (e->min_version > maxver->id) \
+					continue; \
+			}
+
+#define RESERVED_CIPHERSUITES 4
+int
+_gnutls_get_client_ciphersuites(gnutls_session_t session,
+			 gnutls_buffer_st * cdata,
+			 const version_entry_st *vmin,
+			 unsigned add_scsv)
+{
+
+	unsigned int j;
+	int ret;
+	unsigned int is_dtls = IS_DTLS(session);
+	gnutls_kx_algorithm_t kx;
+	gnutls_credentials_type_t cred_type;
+	uint8_t cipher_suites[MAX_CIPHERSUITE_SIZE*2 + RESERVED_CIPHERSUITES];
+	unsigned cipher_suites_size = 0;
+	size_t init_length = cdata->length;
+	const version_entry_st *vmax;
+
+	vmax = _gnutls_version_max(session);
+	if (vmax == NULL)
+		return gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET);
+
+	for (j = 0; j < session->internals.priorities->cs.size; j++) {
+		CLIENT_VERSION_CHECK(vmin, vmax, session->internals.priorities->cs.entry[j]);
+
+		kx = session->internals.priorities->cs.entry[j]->kx_algorithm;
+		if (kx != GNUTLS_KX_UNKNOWN) { /* In TLS 1.3 ciphersuites don't map to credentials */
+			cred_type = _gnutls_map_kx_get_cred(kx, 0);
+
+			if (!session->internals.premaster_set && _gnutls_get_cred(session, cred_type) == NULL)
+				continue;
+
+			KX_SRP_CHECKS(kx, continue);
+		}
+
+		_gnutls_debug_log("Keeping ciphersuite %.2x.%.2x (%s)\n",
+				(unsigned)session->internals.priorities->cs.entry[j]->id[0],
+				(unsigned)session->internals.priorities->cs.entry[j]->id[1],
+				session->internals.priorities->cs.entry[j]->name);
+		cipher_suites[cipher_suites_size] = session->internals.priorities->cs.entry[j]->id[0];
+		cipher_suites[cipher_suites_size + 1] = session->internals.priorities->cs.entry[j]->id[1];
+		cipher_suites_size += 2;
+
+		if (cipher_suites_size >= MAX_CIPHERSUITE_SIZE*2)
+			break;
+	}
+#ifdef ENABLE_SSL3
+	if (add_scsv) {
+		cipher_suites[cipher_suites_size] = 0x00;
+		cipher_suites[cipher_suites_size + 1] = 0xff;
+		cipher_suites_size += 2;
+
+		ret = _gnutls_ext_sr_send_cs(session);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		_gnutls_hello_ext_save_sr(session);
+	}
+#endif
+
+	if (session->internals.priorities->fallback) {
+		cipher_suites[cipher_suites_size] = GNUTLS_FALLBACK_SCSV_MAJOR;
+		cipher_suites[cipher_suites_size + 1] = GNUTLS_FALLBACK_SCSV_MINOR;
+		cipher_suites_size += 2;
+	}
+
+	ret = _gnutls_buffer_append_data_prefix(cdata, 16, cipher_suites, cipher_suites_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return cdata->length - init_length;
+}
+
+/**
+ * gnutls_priority_get_cipher_suite_index:
+ * @pcache: is a #gnutls_priority_t type.
+ * @idx: is an index number.
+ * @sidx: internal index of cipher suite to get information about.
+ *
+ * Provides the internal ciphersuite index to be used with
+ * gnutls_cipher_suite_info(). The index @idx provided is an
+ * index kept at the priorities structure. It might be that a valid
+ * priorities index does not correspond to a ciphersuite and in
+ * that case %GNUTLS_E_UNKNOWN_CIPHER_SUITE will be returned.
+ * Once the last available index is crossed then
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ *
+ * Returns: On success it returns %GNUTLS_E_SUCCESS (0), or a negative error value otherwise.
+ *
+ * Since: 3.0.9
+ **/
+int
+gnutls_priority_get_cipher_suite_index(gnutls_priority_t pcache,
+				       unsigned int idx,
+				       unsigned int *sidx)
+{
+	unsigned int i, j;
+	unsigned max_tls = 0;
+	unsigned max_dtls = 0;
+
+	if (idx >= pcache->cs.size)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+	/* find max_tls and max_dtls */
+	for (j=0;j<pcache->protocol.num_priorities;j++) {
+		if (pcache->protocol.priorities[j] <= GNUTLS_TLS_VERSION_MAX &&
+		    pcache->protocol.priorities[j] >= max_tls) {
+			max_tls = pcache->protocol.priorities[j];
+		} else if (pcache->protocol.priorities[j] <= GNUTLS_DTLS_VERSION_MAX &&
+			   pcache->protocol.priorities[j] >= max_dtls) {
+			max_dtls = pcache->protocol.priorities[j];
+		}
+	}
+
+	for (i = 0; i < CIPHER_SUITES_COUNT; i++) {
+		if (pcache->cs.entry[idx] != &cs_algorithms[i])
+			continue;
+
+		*sidx = i;
+		if (_gnutls_cipher_exists(cs_algorithms[i].block_algorithm) &&
+		    _gnutls_mac_exists(cs_algorithms[i].mac_algorithm)) {
+			if (max_tls >= cs_algorithms[i].min_version) {
+				return 0;
+			} else if (max_dtls >= cs_algorithms[i].min_dtls_version) {
+				return 0;
+			}
+		} else
+			break;
+	}
+
+	return GNUTLS_E_UNKNOWN_CIPHER_SUITE;
+}
diff --git a/lib/algorithms/ecc.c b/lib/algorithms/ecc.c
new file mode 100644
index 0000000..303a426
--- /dev/null
+++ b/lib/algorithms/ecc.c
@@ -0,0 +1,581 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <algorithms.h>
+#include "errors.h"
+#include <x509/common.h>
+#include <pk.h>
+#include "c-strcase.h"
+
+/* Supported ECC curves
+ */
+
+static SYSTEM_CONFIG_OR_CONST
+gnutls_ecc_curve_entry_st ecc_curves[] = {
+#ifdef ENABLE_NON_SUITEB_CURVES
+	{
+	 .name = "SECP192R1",
+	 .oid = "1.2.840.10045.3.1.1",
+	 .id = GNUTLS_ECC_CURVE_SECP192R1,
+	 .group = GNUTLS_GROUP_SECP192R1,
+	 .pk = GNUTLS_PK_ECDSA,
+	 .size = 24,
+	 .supported = 1,
+	},
+	{
+	 .name = "SECP224R1",
+	 .oid = "1.3.132.0.33",
+	 .id = GNUTLS_ECC_CURVE_SECP224R1,
+	 .group = GNUTLS_GROUP_SECP224R1,
+	 .pk = GNUTLS_PK_ECDSA,
+	 .size = 28,
+	 .supported = 1,
+	},
+#endif
+	{
+	 .name = "SECP256R1",
+	 .oid = "1.2.840.10045.3.1.7",
+	 .id = GNUTLS_ECC_CURVE_SECP256R1,
+	 .group = GNUTLS_GROUP_SECP256R1,
+	 .pk = GNUTLS_PK_ECDSA,
+	 .size = 32,
+	 .supported = 1,
+	},
+	{
+	 .name = "SECP384R1",
+	 .oid = "1.3.132.0.34",
+	 .id = GNUTLS_ECC_CURVE_SECP384R1,
+	 .group = GNUTLS_GROUP_SECP384R1,
+	 .pk = GNUTLS_PK_ECDSA,
+	 .size = 48,
+	 .supported = 1,
+	},
+	{
+	 .name = "SECP521R1",
+	 .oid = "1.3.132.0.35",
+	 .id = GNUTLS_ECC_CURVE_SECP521R1,
+	 .group = GNUTLS_GROUP_SECP521R1,
+	 .pk = GNUTLS_PK_ECDSA,
+	 .size = 66,
+	 .supported = 1,
+	},
+	{
+	 .name = "X25519",
+         .oid = ECDH_X25519_OID,
+	 .id = GNUTLS_ECC_CURVE_X25519,
+	 .group = GNUTLS_GROUP_X25519,
+	 .pk = GNUTLS_PK_ECDH_X25519,
+	 .size = 32,
+	 .supported = 1,
+	},
+	{
+	 .name = "Ed25519",
+	 .oid = SIG_EDDSA_SHA512_OID,
+	 .id = GNUTLS_ECC_CURVE_ED25519,
+	 .pk = GNUTLS_PK_EDDSA_ED25519,
+	 .size = 32,
+	 .sig_size = 64,
+	 .supported = 1,
+	},
+	{
+	 .name = "X448",
+         .oid = ECDH_X448_OID,
+	 .id = GNUTLS_ECC_CURVE_X448,
+	 .pk = GNUTLS_PK_ECDH_X448,
+	 .size = 56,
+	 .supported = 1,
+	},
+	{
+	 .name = "Ed448",
+	 .oid = SIG_ED448_OID,
+	 .id = GNUTLS_ECC_CURVE_ED448,
+	 .pk = GNUTLS_PK_EDDSA_ED448,
+	 .size = 57,
+	 .sig_size = 114,
+	 .supported = 1,
+	},
+#if ENABLE_GOST
+	/* Curves for usage in GOST digital signature algorithm (GOST R
+	 * 34.10-2001/-2012) and key agreement (VKO GOST R 34.10-2001/-2012).
+	 *
+	 * Historically CryptoPro has defined three 256-bit curves for use with
+	 * digital signature algorithm (CryptoPro-A, -B, -C).
+	 *
+	 * Also it has reissues two of them with different OIDs for key
+	 * exchange (CryptoPro-XchA = CryptoPro-A and CryptoPro-XchB =
+	 * CryptoPro-C).
+	 *
+	 * Then TC26 (Standard committee working on cryptographic standards) has
+	 * defined one 256-bit curve (TC26-256-A) and three 512-bit curves
+	 * (TC26-512-A, -B, -C).
+	 *
+	 * And finally TC26 has reissues original CryptoPro curves under their
+	 * own OID namespace (TC26-256-B = CryptoPro-A, TC26-256-C =
+	 * CryptoPro-B and TC26-256-D = CryptoPro-C).
+	 *
+	 * CryptoPro OIDs are usable for both GOST R 34.10-2001 and
+	 * GOST R 34.10-2012 keys (thus they have GNUTLS_PK_UNKNOWN in this
+	 * table).
+	 * TC26 OIDs are usable only for GOST R 34.10-2012 keys.
+	 */
+	{
+	 .name = "CryptoPro-A",
+	 .oid = "1.2.643.2.2.35.1",
+	 .id = GNUTLS_ECC_CURVE_GOST256CPA,
+	 .group = GNUTLS_GROUP_GC256B,
+	 .pk = GNUTLS_PK_UNKNOWN,
+	 .size = 32,
+	 .gost_curve = 1,
+	 .supported = 1,
+	},
+	{
+	 .name = "CryptoPro-B",
+	 .oid = "1.2.643.2.2.35.2",
+	 .id = GNUTLS_ECC_CURVE_GOST256CPB,
+	 .group = GNUTLS_GROUP_GC256C,
+	 .pk = GNUTLS_PK_UNKNOWN,
+	 .size = 32,
+	 .gost_curve = 1,
+	 .supported = 1,
+	},
+	{
+	 .name = "CryptoPro-C",
+	 .oid = "1.2.643.2.2.35.3",
+	 .id = GNUTLS_ECC_CURVE_GOST256CPC,
+	 .group = GNUTLS_GROUP_GC256D,
+	 .pk = GNUTLS_PK_UNKNOWN,
+	 .size = 32,
+	 .gost_curve = 1,
+	 .supported = 1,
+	},
+	{
+	 .name = "CryptoPro-XchA",
+	 .oid = "1.2.643.2.2.36.0",
+	 .id = GNUTLS_ECC_CURVE_GOST256CPXA,
+	 .group = GNUTLS_GROUP_GC256B,
+	 .pk = GNUTLS_PK_UNKNOWN,
+	 .size = 32,
+	 .gost_curve = 1,
+	 .supported = 1,
+	},
+	{
+	 .name = "CryptoPro-XchB",
+	 .oid = "1.2.643.2.2.36.1",
+	 .id = GNUTLS_ECC_CURVE_GOST256CPXB,
+	 .group = GNUTLS_GROUP_GC256D,
+	 .pk = GNUTLS_PK_UNKNOWN,
+	 .size = 32,
+	 .gost_curve = 1,
+	 .supported = 1,
+	},
+	{
+	 .name = "TC26-256-A",
+	 .oid = "1.2.643.7.1.2.1.1.1",
+	 .id = GNUTLS_ECC_CURVE_GOST256A,
+	 .group = GNUTLS_GROUP_GC256A,
+	 .pk = GNUTLS_PK_GOST_12_256,
+	 .size = 32,
+	 .gost_curve = 1,
+	 .supported = 1,
+	},
+	{
+	 .name = "TC26-256-B",
+	 .oid = "1.2.643.7.1.2.1.1.2",
+	 .id = GNUTLS_ECC_CURVE_GOST256B,
+	 .group = GNUTLS_GROUP_GC256B,
+	 .pk = GNUTLS_PK_GOST_12_256,
+	 .size = 32,
+	 .gost_curve = 1,
+	 .supported = 1,
+	},
+	{
+	 .name = "TC26-256-C",
+	 .oid = "1.2.643.7.1.2.1.1.3",
+	 .id = GNUTLS_ECC_CURVE_GOST256C,
+	 .group = GNUTLS_GROUP_GC256C,
+	 .pk = GNUTLS_PK_GOST_12_256,
+	 .size = 32,
+	 .gost_curve = 1,
+	 .supported = 1,
+	},
+	{
+	 .name = "TC26-256-D",
+	 .oid = "1.2.643.7.1.2.1.1.4",
+	 .id = GNUTLS_ECC_CURVE_GOST256D,
+	 .group = GNUTLS_GROUP_GC256D,
+	 .pk = GNUTLS_PK_GOST_12_256,
+	 .size = 32,
+	 .gost_curve = 1,
+	 .supported = 1,
+	},
+	{
+	 .name = "TC26-512-A",
+	 .oid = "1.2.643.7.1.2.1.2.1",
+	 .id = GNUTLS_ECC_CURVE_GOST512A,
+	 .group = GNUTLS_GROUP_GC512A,
+	 .pk = GNUTLS_PK_GOST_12_512,
+	 .size = 64,
+	 .gost_curve = 1,
+	 .supported = 1,
+	},
+	{
+	 .name = "TC26-512-B",
+	 .oid = "1.2.643.7.1.2.1.2.2",
+	 .id = GNUTLS_ECC_CURVE_GOST512B,
+	 .group = GNUTLS_GROUP_GC512B,
+	 .pk = GNUTLS_PK_GOST_12_512,
+	 .size = 64,
+	 .gost_curve = 1,
+	 .supported = 1,
+	},
+	{
+	 .name = "TC26-512-C",
+	 .oid = "1.2.643.7.1.2.1.2.3",
+	 .id = GNUTLS_ECC_CURVE_GOST512C,
+	 .group = GNUTLS_GROUP_GC512C,
+	 .pk = GNUTLS_PK_GOST_12_512,
+	 .size = 64,
+	 .gost_curve = 1,
+	 .supported = 1,
+	},
+#endif
+	{0, 0, 0}
+};
+
+#define GNUTLS_ECC_CURVE_LOOP(b) \
+	{ const gnutls_ecc_curve_entry_st *p; \
+		for(p = ecc_curves; p->name != NULL; p++) { b ; } }
+
+
+/**
+ * gnutls_ecc_curve_list:
+ *
+ * Get the list of supported elliptic curves.
+ *
+ * This function is not thread safe.
+ *
+ * Returns: Return a (0)-terminated list of #gnutls_ecc_curve_t
+ *   integers indicating the available curves.
+ **/
+const gnutls_ecc_curve_t *gnutls_ecc_curve_list(void)
+{
+	static gnutls_ecc_curve_t supported_curves[MAX_ALGOS] = { 0 };
+
+	if (supported_curves[0] == 0) {
+		int i = 0;
+
+		GNUTLS_ECC_CURVE_LOOP(
+			if (p->supported && _gnutls_pk_curve_exists(p->id))
+				supported_curves[i++] = p->id;
+		);
+		supported_curves[i++] = 0;
+	}
+
+	return supported_curves;
+}
+
+unsigned _gnutls_ecc_curve_is_supported(gnutls_ecc_curve_t curve)
+{
+	GNUTLS_ECC_CURVE_LOOP(
+		if (p->id == curve && p->supported && _gnutls_pk_curve_exists(p->id))
+			return 1;
+	);
+	return 0;
+}
+
+/**
+ * gnutls_oid_to_ecc_curve:
+ * @oid: is a curve's OID
+ *
+ * Returns: return a #gnutls_ecc_curve_t value corresponding to
+ *   the specified OID, or %GNUTLS_ECC_CURVE_INVALID on error.
+ *
+ * Since: 3.4.3
+ **/
+gnutls_ecc_curve_t gnutls_oid_to_ecc_curve(const char *oid)
+{
+	gnutls_ecc_curve_t ret = GNUTLS_ECC_CURVE_INVALID;
+
+	GNUTLS_ECC_CURVE_LOOP(
+		if (p->oid != NULL && c_strcasecmp(p->oid, oid) == 0 && p->supported &&
+		    _gnutls_pk_curve_exists(p->id)) {
+			ret = p->id;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/**
+ * gnutls_ecc_curve_get_id:
+ * @name: is a curve name
+ *
+ * The names are compared in a case insensitive way.
+ *
+ * Returns: return a #gnutls_ecc_curve_t value corresponding to
+ *   the specified curve, or %GNUTLS_ECC_CURVE_INVALID on error.
+ *
+ * Since: 3.4.3
+ **/
+gnutls_ecc_curve_t gnutls_ecc_curve_get_id(const char *name)
+{
+	gnutls_ecc_curve_t ret = GNUTLS_ECC_CURVE_INVALID;
+
+	GNUTLS_ECC_CURVE_LOOP(
+		if (c_strcasecmp(p->name, name) == 0 && p->supported &&
+		    _gnutls_pk_curve_exists(p->id)) {
+			ret = p->id;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/* This is only called by cfg_apply in priority.c, in blocklisting mode. */
+int _gnutls_ecc_curve_mark_disabled(gnutls_ecc_curve_t curve)
+{
+	gnutls_ecc_curve_entry_st *p;
+
+	for(p = ecc_curves; p->name != NULL; p++) {
+		if (p->id == curve) {
+			p->supported = false;
+			return 0;
+		}
+	}
+
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+}
+
+/* This is only called by cfg_apply in priority.c, in allowlisting mode. */
+void _gnutls_ecc_curve_mark_disabled_all(void)
+{
+	gnutls_ecc_curve_entry_st *p;
+
+	for(p = ecc_curves; p->name != NULL; p++) {
+		p->supported = false;
+		p->supported_revertible = true;
+	}
+}
+
+int
+_gnutls_ecc_curve_set_enabled(gnutls_ecc_curve_t curve, unsigned int enabled)
+{
+	gnutls_ecc_curve_entry_st *p;
+
+	for(p = ecc_curves; p->name != NULL; p++) {
+		if (p->id == curve) {
+			if (!p->supported_revertible) {
+				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+			}
+			p->supported = enabled;
+			return 0;
+		}
+	}
+
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+}
+
+static int _gnutls_ecc_pk_compatible(const gnutls_ecc_curve_entry_st *p,
+				     gnutls_pk_algorithm_t pk)
+{
+	if (!p->supported || !_gnutls_pk_curve_exists(p->id))
+		return 0;
+
+	if (pk == GNUTLS_PK_GOST_01 ||
+	    pk == GNUTLS_PK_GOST_12_256)
+		return p->gost_curve && p->size == 32;
+
+	return pk == p->pk;
+}
+
+/*-
+ * _gnutls_ecc_bits_to_curve:
+ * @bits: is a security parameter in bits
+ *
+ * Returns: return a #gnutls_ecc_curve_t value corresponding to
+ *   the specified bit length, or %GNUTLS_ECC_CURVE_INVALID on error.
+ -*/
+gnutls_ecc_curve_t _gnutls_ecc_bits_to_curve(gnutls_pk_algorithm_t pk, int bits)
+{
+	gnutls_ecc_curve_t ret;
+
+	if (pk == GNUTLS_PK_ECDSA)
+		ret = GNUTLS_ECC_CURVE_SECP256R1;
+	else if (pk == GNUTLS_PK_GOST_01 ||
+		 pk == GNUTLS_PK_GOST_12_256)
+		ret = GNUTLS_ECC_CURVE_GOST256CPA;
+	else if (pk == GNUTLS_PK_GOST_12_512)
+		ret = GNUTLS_ECC_CURVE_GOST512A;
+	else
+		ret = GNUTLS_ECC_CURVE_ED25519;
+
+	GNUTLS_ECC_CURVE_LOOP(
+		if (_gnutls_ecc_pk_compatible(p, pk) && 8 * p->size >= (unsigned)bits) {
+			ret = p->id;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/**
+ * gnutls_ecc_curve_get_name:
+ * @curve: is an ECC curve
+ *
+ * Convert a #gnutls_ecc_curve_t value to a string.
+ *
+ * Returns: a string that contains the name of the specified
+ *   curve or %NULL.
+ *
+ * Since: 3.0
+ **/
+const char *gnutls_ecc_curve_get_name(gnutls_ecc_curve_t curve)
+{
+	const char *ret = NULL;
+
+	GNUTLS_ECC_CURVE_LOOP(
+		if (p->id == curve) {
+			ret = p->name;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/**
+ * gnutls_ecc_curve_get_oid:
+ * @curve: is an ECC curve
+ *
+ * Convert a #gnutls_ecc_curve_t value to its object identifier.
+ *
+ * Returns: a string that contains the OID of the specified
+ *   curve or %NULL.
+ *
+ * Since: 3.4.3
+ **/
+const char *gnutls_ecc_curve_get_oid(gnutls_ecc_curve_t curve)
+{
+	const char *ret = NULL;
+
+	GNUTLS_ECC_CURVE_LOOP(
+		if (p->id == curve) {
+			ret = p->oid;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/*-
+ * _gnutls_ecc_curve_get_params:
+ * @curve: is an ECC curve
+ *
+ * Returns the information on a curve.
+ *
+ * Returns: a pointer to #gnutls_ecc_curve_entry_st or %NULL.
+ -*/
+const gnutls_ecc_curve_entry_st
+    *_gnutls_ecc_curve_get_params(gnutls_ecc_curve_t curve)
+{
+	const gnutls_ecc_curve_entry_st *ret = NULL;
+
+	GNUTLS_ECC_CURVE_LOOP(
+		if (p->id == curve) {
+			ret = p;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/**
+ * gnutls_ecc_curve_get_size:
+ * @curve: is an ECC curve
+ *
+ * Returns: the size in bytes of the curve or 0 on failure.
+ *
+ * Since: 3.0
+ **/
+int gnutls_ecc_curve_get_size(gnutls_ecc_curve_t curve)
+{
+	int ret = 0;
+
+	GNUTLS_ECC_CURVE_LOOP(
+		if (p->id == curve) {
+			ret = p->size;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/**
+ * gnutls_ecc_curve_get_pk:
+ * @curve: is an ECC curve
+ *
+ * Returns: the public key algorithm associated with the named curve or %GNUTLS_PK_UNKNOWN.
+ *
+ * Since: 3.5.0
+ **/
+gnutls_pk_algorithm_t gnutls_ecc_curve_get_pk(gnutls_ecc_curve_t curve)
+{
+	int ret = GNUTLS_PK_UNKNOWN;
+
+	GNUTLS_ECC_CURVE_LOOP(
+		if (p->id == curve && p->supported) {
+			ret = p->pk;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/**
+ * _gnutls_ecc_curve_get_group:
+ * @curve: is an ECC curve
+ *
+ * Returns: the group associated with the named curve or %GNUTLS_GROUP_INVALID.
+ *
+ * Since: 3.6.11
+ */
+gnutls_group_t _gnutls_ecc_curve_get_group(gnutls_ecc_curve_t curve)
+{
+	gnutls_group_t ret = GNUTLS_GROUP_INVALID;
+
+	GNUTLS_ECC_CURVE_LOOP(
+		if (p->id == curve && p->supported && _gnutls_pk_curve_exists(p->id)) {
+			ret = p->group;
+			break;
+		}
+	);
+
+	return ret;
+}
diff --git a/lib/algorithms/groups.c b/lib/algorithms/groups.c
new file mode 100644
index 0000000..d8bf958
--- /dev/null
+++ b/lib/algorithms/groups.c
@@ -0,0 +1,317 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <algorithms.h>
+#include "errors.h"
+#include <x509/common.h>
+#include <pk.h>
+#include "c-strcase.h"
+
+/* Supported ECC curves
+ */
+
+static const gnutls_group_entry_st supported_groups[] = {
+	{
+	 .name = "SECP192R1",
+	 .id = GNUTLS_GROUP_SECP192R1,
+	 .curve = GNUTLS_ECC_CURVE_SECP192R1,
+	 .tls_id = 19,
+	 .pk = GNUTLS_PK_ECDSA,
+	},
+	{
+	 .name = "SECP224R1",
+	 .id = GNUTLS_GROUP_SECP224R1,
+	 .curve = GNUTLS_ECC_CURVE_SECP224R1,
+	 .tls_id = 21,
+	 .pk = GNUTLS_PK_ECDSA,
+	},
+	{
+	 .name = "SECP256R1",
+	 .id = GNUTLS_GROUP_SECP256R1,
+	 .curve = GNUTLS_ECC_CURVE_SECP256R1,
+	 .tls_id = 23,
+	 .pk = GNUTLS_PK_ECDSA,
+	},
+	{
+	 .name = "SECP384R1",
+	 .id = GNUTLS_GROUP_SECP384R1,
+	 .curve = GNUTLS_ECC_CURVE_SECP384R1,
+	 .tls_id = 24,
+	 .pk = GNUTLS_PK_ECDSA,
+	},
+	{
+	 .name = "SECP521R1",
+	 .id = GNUTLS_GROUP_SECP521R1,
+	 .curve = GNUTLS_ECC_CURVE_SECP521R1,
+	 .tls_id = 25,
+	 .pk = GNUTLS_PK_ECDSA,
+	},
+	{
+	 .name = "X25519",
+	 .id = GNUTLS_GROUP_X25519,
+	 .curve = GNUTLS_ECC_CURVE_X25519,
+	 .tls_id = 29,
+	 .pk = GNUTLS_PK_ECDH_X25519
+	},
+#ifdef ENABLE_GOST
+	/* draft-smyshlyaev-tls12-gost-suites-06, Section 6 */
+	{
+	 .name = "GC256A",
+	 .id = GNUTLS_GROUP_GC256A,
+	 .curve = GNUTLS_ECC_CURVE_GOST256A,
+	 .pk = GNUTLS_PK_GOST_12_256,
+	 .tls_id = 34,
+	},
+	{
+	 .name = "GC256B",
+	 .id = GNUTLS_GROUP_GC256B,
+	 .curve = GNUTLS_ECC_CURVE_GOST256B,
+	 .pk = GNUTLS_PK_GOST_12_256,
+	 .tls_id = 35,
+	},
+	{
+	 .name = "GC256C",
+	 .id = GNUTLS_GROUP_GC256C,
+	 .curve = GNUTLS_ECC_CURVE_GOST256C,
+	 .pk = GNUTLS_PK_GOST_12_256,
+	 .tls_id = 36,
+	},
+	{
+	 .name = "GC256D",
+	 .id = GNUTLS_GROUP_GC256D,
+	 .curve = GNUTLS_ECC_CURVE_GOST256D,
+	 .pk = GNUTLS_PK_GOST_12_256,
+	 .tls_id = 37,
+	},
+	{
+	 .name = "GC512A",
+	 .id = GNUTLS_GROUP_GC512A,
+	 .curve = GNUTLS_ECC_CURVE_GOST512A,
+	 .pk = GNUTLS_PK_GOST_12_512,
+	 .tls_id = 38,
+	},
+	{
+	 .name = "GC512B",
+	 .id = GNUTLS_GROUP_GC512B,
+	 .curve = GNUTLS_ECC_CURVE_GOST512B,
+	 .pk = GNUTLS_PK_GOST_12_512,
+	 .tls_id = 39,
+	},
+	{
+	 .name = "GC512C",
+	 .id = GNUTLS_GROUP_GC512C,
+	 .curve = GNUTLS_ECC_CURVE_GOST512C,
+	 .pk = GNUTLS_PK_GOST_12_512,
+	 .tls_id = 40,
+	},
+#endif
+	{
+	 .name = "X448",
+	 .id = GNUTLS_GROUP_X448,
+	 .curve = GNUTLS_ECC_CURVE_X448,
+	 .tls_id = 30,
+	 .pk = GNUTLS_PK_ECDH_X448
+	},
+#ifdef ENABLE_DHE
+	{
+	 .name = "FFDHE2048",
+	 .id = GNUTLS_GROUP_FFDHE2048,
+	 .generator = &gnutls_ffdhe_2048_group_generator,
+	 .prime = &gnutls_ffdhe_2048_group_prime,
+	 .q = &gnutls_ffdhe_2048_group_q,
+	 .q_bits = &gnutls_ffdhe_2048_key_bits,
+	 .pk = GNUTLS_PK_DH,
+	 .tls_id = 0x100
+	},
+	{
+	 .name = "FFDHE3072",
+	 .id = GNUTLS_GROUP_FFDHE3072,
+	 .generator = &gnutls_ffdhe_3072_group_generator,
+	 .prime = &gnutls_ffdhe_3072_group_prime,
+	 .q = &gnutls_ffdhe_3072_group_q,
+	 .q_bits = &gnutls_ffdhe_3072_key_bits,
+	 .pk = GNUTLS_PK_DH,
+	 .tls_id = 0x101
+	},
+	{
+	 .name = "FFDHE4096",
+	 .id = GNUTLS_GROUP_FFDHE4096,
+	 .generator = &gnutls_ffdhe_4096_group_generator,
+	 .prime = &gnutls_ffdhe_4096_group_prime,
+	 .q = &gnutls_ffdhe_4096_group_q,
+	 .q_bits = &gnutls_ffdhe_4096_key_bits,
+	 .pk = GNUTLS_PK_DH,
+	 .tls_id = 0x102
+	},
+	{
+	 .name = "FFDHE6144",
+	 .id = GNUTLS_GROUP_FFDHE6144,
+	 .generator = &gnutls_ffdhe_6144_group_generator,
+	 .prime = &gnutls_ffdhe_6144_group_prime,
+	 .q = &gnutls_ffdhe_6144_group_q,
+	 .q_bits = &gnutls_ffdhe_6144_key_bits,
+	 .pk = GNUTLS_PK_DH,
+	 .tls_id = 0x103
+	},
+	{
+	 .name = "FFDHE8192",
+	 .id = GNUTLS_GROUP_FFDHE8192,
+	 .generator = &gnutls_ffdhe_8192_group_generator,
+	 .prime = &gnutls_ffdhe_8192_group_prime,
+	 .q = &gnutls_ffdhe_8192_group_q,
+	 .q_bits = &gnutls_ffdhe_8192_key_bits,
+	 .pk = GNUTLS_PK_DH,
+	 .tls_id = 0x104
+	},
+#endif
+	{0, 0, 0}
+};
+
+#define GNUTLS_GROUP_LOOP(b) \
+	{ const gnutls_group_entry_st *p; \
+		for(p = supported_groups; p->name != NULL; p++) { b ; } }
+
+
+/* Returns the TLS id of the given curve
+ */
+const gnutls_group_entry_st * _gnutls_tls_id_to_group(unsigned num)
+{
+	GNUTLS_GROUP_LOOP(
+		if (p->tls_id == num &&
+		    (p->curve == 0 || _gnutls_ecc_curve_is_supported(p->curve))) {
+			return p;
+		}
+	);
+
+	return NULL;
+}
+
+const gnutls_group_entry_st * _gnutls_id_to_group(unsigned id)
+{
+	if (id == 0)
+		return NULL;
+
+	GNUTLS_GROUP_LOOP(
+		if (p->id == id &&
+		    (p->curve == 0 || _gnutls_ecc_curve_is_supported(p->curve))) {
+			return p;
+		}
+	);
+
+	return NULL;
+}
+
+/**
+ * gnutls_group_list:
+ *
+ * Get the list of supported elliptic curves.
+ *
+ * This function is not thread safe.
+ *
+ * Returns: Return a (0)-terminated list of #gnutls_group_t
+ *   integers indicating the available groups.
+ *
+ * Since: 3.6.0
+ **/
+const gnutls_group_t *gnutls_group_list(void)
+{
+	static gnutls_group_t groups[MAX_ALGOS] = { 0 };
+
+	if (groups[0] == 0) {
+		int i = 0;
+
+		GNUTLS_GROUP_LOOP(
+			if (p->curve == 0 || _gnutls_ecc_curve_is_supported(p->curve))
+				groups[i++] = p->id;
+		);
+		groups[i++] = 0;
+	}
+
+	return groups;
+}
+
+/**
+ * gnutls_group_get_id:
+ * @name: is a group name
+ *
+ * The names are compared in a case insensitive way.
+ *
+ * Returns: return a #gnutls_group_t value corresponding to
+ *   the specified group, or %GNUTLS_GROUP_INVALID on error.
+ *
+ * Since: 3.6.0
+ **/
+gnutls_group_t gnutls_group_get_id(const char *name)
+{
+	gnutls_group_t ret = GNUTLS_GROUP_INVALID;
+
+	GNUTLS_GROUP_LOOP(
+		if (c_strcasecmp(p->name, name) == 0 && (
+		    p->curve == 0 ||_gnutls_ecc_curve_is_supported(p->curve))) {
+			ret = p->id;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+
+/* Similar to gnutls_group_get_id, except that it does not check if
+ * the curve is supported.
+ */
+gnutls_group_t _gnutls_group_get_id(const char *name)
+{
+	gnutls_group_t ret = GNUTLS_GROUP_INVALID;
+
+	GNUTLS_GROUP_LOOP(
+		if (c_strcasecmp(p->name, name) == 0) {
+			ret = p->id;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/**
+ * gnutls_group_get_name:
+ * @group: is an element from %gnutls_group_t
+ *
+ * Convert a #gnutls_group_t value to a string.
+ *
+ * Returns: a string that contains the name of the specified
+ *   group or %NULL.
+ *
+ * Since: 3.6.0
+ **/
+const char *gnutls_group_get_name(gnutls_group_t group)
+{
+	GNUTLS_GROUP_LOOP(
+		if (p->id == group) {
+			return p->name;
+		}
+	);
+
+	return NULL;
+}
diff --git a/lib/algorithms/kx.c b/lib/algorithms/kx.c
new file mode 100644
index 0000000..2591ec1
--- /dev/null
+++ b/lib/algorithms/kx.c
@@ -0,0 +1,309 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <algorithms.h>
+#include "errors.h"
+#include <x509/common.h>
+#include "state.h"
+#include "c-strcase.h"
+
+extern mod_auth_st rsa_auth_struct;
+extern mod_auth_st dhe_rsa_auth_struct;
+extern mod_auth_st ecdhe_rsa_auth_struct;
+extern mod_auth_st ecdhe_psk_auth_struct;
+extern mod_auth_st ecdhe_ecdsa_auth_struct;
+extern mod_auth_st dhe_dss_auth_struct;
+extern mod_auth_st anon_auth_struct;
+extern mod_auth_st anon_ecdh_auth_struct;
+extern mod_auth_st srp_auth_struct;
+extern mod_auth_st psk_auth_struct;
+extern mod_auth_st dhe_psk_auth_struct;
+extern mod_auth_st rsa_psk_auth_struct;
+extern mod_auth_st srp_rsa_auth_struct;
+extern mod_auth_st srp_dss_auth_struct;
+extern mod_auth_st vko_gost_auth_struct;
+
+
+/* Cred type mappings to KX algorithms
+ * The mappings are not 1-1. Some KX such as SRP_RSA require
+ * more than one credentials type.
+ */
+typedef struct {
+	gnutls_kx_algorithm_t algorithm;
+	gnutls_credentials_type_t client_type;
+	gnutls_credentials_type_t server_type;	/* The type of credentials a server
+						 * needs to set */
+} gnutls_cred_map;
+
+static const gnutls_cred_map cred_mappings[] = {
+	{GNUTLS_KX_ECDHE_RSA, GNUTLS_CRD_CERTIFICATE,
+	 GNUTLS_CRD_CERTIFICATE},
+	{GNUTLS_KX_ECDHE_ECDSA, GNUTLS_CRD_CERTIFICATE,
+	 GNUTLS_CRD_CERTIFICATE},
+	{GNUTLS_KX_RSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
+	{GNUTLS_KX_DHE_DSS, GNUTLS_CRD_CERTIFICATE,
+	 GNUTLS_CRD_CERTIFICATE},
+	{GNUTLS_KX_DHE_RSA, GNUTLS_CRD_CERTIFICATE,
+	 GNUTLS_CRD_CERTIFICATE},
+	{GNUTLS_KX_ECDHE_PSK, GNUTLS_CRD_PSK, GNUTLS_CRD_PSK},
+	{GNUTLS_KX_PSK, GNUTLS_CRD_PSK, GNUTLS_CRD_PSK},
+	{GNUTLS_KX_DHE_PSK, GNUTLS_CRD_PSK, GNUTLS_CRD_PSK},
+	{GNUTLS_KX_RSA_PSK, GNUTLS_CRD_PSK, GNUTLS_CRD_CERTIFICATE},
+	{GNUTLS_KX_SRP, GNUTLS_CRD_SRP, GNUTLS_CRD_SRP},
+	{GNUTLS_KX_SRP_RSA, GNUTLS_CRD_SRP, GNUTLS_CRD_CERTIFICATE},
+	{GNUTLS_KX_SRP_DSS, GNUTLS_CRD_SRP, GNUTLS_CRD_CERTIFICATE},
+	{GNUTLS_KX_ANON_DH, GNUTLS_CRD_ANON, GNUTLS_CRD_ANON},
+	{GNUTLS_KX_ANON_ECDH, GNUTLS_CRD_ANON, GNUTLS_CRD_ANON},
+	{GNUTLS_KX_VKO_GOST_12, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
+	{0, 0, 0}
+};
+
+#define GNUTLS_KX_MAP_LOOP(b) \
+	const gnutls_cred_map *p; \
+		for(p = cred_mappings; p->algorithm != 0; p++) { b ; }
+
+struct gnutls_kx_algo_entry {
+	const char *name;
+	gnutls_kx_algorithm_t algorithm;
+	mod_auth_st *auth_struct;
+	bool needs_dh_params;
+	bool false_start;
+};
+typedef struct gnutls_kx_algo_entry gnutls_kx_algo_entry;
+
+static const gnutls_kx_algo_entry _gnutls_kx_algorithms[] = {
+#ifdef ENABLE_ECDHE
+	{"ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, &ecdhe_rsa_auth_struct, 0, 1},
+	{"ECDHE-ECDSA", GNUTLS_KX_ECDHE_ECDSA, &ecdhe_ecdsa_auth_struct,
+	 0, 1},
+#endif
+	{"RSA", GNUTLS_KX_RSA, &rsa_auth_struct, 0, 0},
+#ifdef ENABLE_DHE
+	{"DHE-RSA", GNUTLS_KX_DHE_RSA, &dhe_rsa_auth_struct, 1, 1},
+	{"DHE-DSS", GNUTLS_KX_DHE_DSS, &dhe_dss_auth_struct, 1, 1},
+#endif
+#ifdef ENABLE_PSK
+	{"PSK", GNUTLS_KX_PSK, &psk_auth_struct, 0, 0},
+	{"RSA-PSK", GNUTLS_KX_RSA_PSK, &rsa_psk_auth_struct, 0, 0},
+#ifdef ENABLE_DHE
+	{"DHE-PSK", GNUTLS_KX_DHE_PSK, &dhe_psk_auth_struct,
+	 1 /* needs DHE params */, 0},
+#endif
+#ifdef ENABLE_ECDHE
+	{"ECDHE-PSK", GNUTLS_KX_ECDHE_PSK, &ecdhe_psk_auth_struct, 0, 0},
+#endif
+#endif
+#ifdef ENABLE_SRP
+	{"SRP-DSS", GNUTLS_KX_SRP_DSS, &srp_dss_auth_struct, 0, 0},
+	{"SRP-RSA", GNUTLS_KX_SRP_RSA, &srp_rsa_auth_struct, 0, 0},
+	{"SRP", GNUTLS_KX_SRP, &srp_auth_struct, 0, 0},
+#endif
+#if defined(ENABLE_ANON) && defined(ENABLE_DHE)
+	{"ANON-DH", GNUTLS_KX_ANON_DH, &anon_auth_struct, 1, 0},
+#endif
+#if defined(ENABLE_ANON) && defined(ENABLE_ECDHE)
+	{"ANON-ECDH", GNUTLS_KX_ANON_ECDH, &anon_ecdh_auth_struct, 0, 0},
+#endif
+#ifdef ENABLE_GOST
+	{"VKO-GOST-12", GNUTLS_KX_VKO_GOST_12, &vko_gost_auth_struct, 0, 0},
+#endif
+	/* for deprecated and legacy algorithms no longer supported, use
+	 * GNUTLS_KX_INVALID as an entry. This will make them available
+	 * as priority strings, but they will be a no-op.
+	 */
+	{"RSA-EXPORT", GNUTLS_KX_INVALID, NULL, 0, 0},
+	{0, 0, 0, 0, 0}
+};
+
+#define GNUTLS_KX_LOOP(b) \
+	const gnutls_kx_algo_entry *p; \
+		for(p = _gnutls_kx_algorithms; p->name != NULL; p++) { b ; }
+
+#define GNUTLS_KX_ALG_LOOP(a) \
+			GNUTLS_KX_LOOP( if(p->algorithm == algorithm) { a; break; } )
+
+
+/* Key EXCHANGE functions */
+mod_auth_st *_gnutls_kx_auth_struct(gnutls_kx_algorithm_t algorithm)
+{
+	mod_auth_st *ret = NULL;
+	GNUTLS_KX_ALG_LOOP(ret = p->auth_struct);
+	return ret;
+
+}
+
+/**
+ * gnutls_kx_get_name:
+ * @algorithm: is a key exchange algorithm
+ *
+ * Convert a #gnutls_kx_algorithm_t value to a string.
+ *
+ * Returns: a pointer to a string that contains the name of the
+ *   specified key exchange algorithm, or %NULL.
+ **/
+const char *gnutls_kx_get_name(gnutls_kx_algorithm_t algorithm)
+{
+	const char *ret = NULL;
+
+	/* avoid prefix */
+	GNUTLS_KX_ALG_LOOP(ret = p->name);
+
+	return ret;
+}
+
+/**
+ * gnutls_kx_get_id:
+ * @name: is a KX name
+ *
+ * Convert a string to a #gnutls_kx_algorithm_t value.  The names are
+ * compared in a case insensitive way.
+ *
+ * Returns: an id of the specified KX algorithm, or %GNUTLS_KX_UNKNOWN
+ *   on error.
+ **/
+gnutls_kx_algorithm_t gnutls_kx_get_id(const char *name)
+{
+	gnutls_kx_algorithm_t ret = GNUTLS_KX_UNKNOWN;
+
+	GNUTLS_KX_LOOP(
+		if (c_strcasecmp(p->name, name) == 0 && (int)p->algorithm != GNUTLS_KX_INVALID) {
+			ret = p->algorithm;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/* As with gnutls_kx_get_id(), but it returns all known
+ * key exchange algorithms (even legacy), with GNUTLS_KX_INVALID
+ * value.
+ */
+int _gnutls_kx_get_id(const char *name)
+{
+	gnutls_kx_algorithm_t ret = GNUTLS_KX_UNKNOWN;
+
+	GNUTLS_KX_LOOP(
+		if (c_strcasecmp(p->name, name) == 0) {
+			ret = p->algorithm;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/**
+ * gnutls_kx_list:
+ *
+ * Get a list of supported key exchange algorithms.
+ *
+ * This function is not thread safe.
+ *
+ * Returns: a (0)-terminated list of #gnutls_kx_algorithm_t integers
+ * indicating the available key exchange algorithms.
+ **/
+const gnutls_kx_algorithm_t *gnutls_kx_list(void)
+{
+	static gnutls_kx_algorithm_t supported_kxs[MAX_ALGOS] = { 0 };
+
+	if (supported_kxs[0] == 0) {
+		int i = 0;
+
+		GNUTLS_KX_LOOP(supported_kxs[i++] = p->algorithm);
+		supported_kxs[i++] = 0;
+	}
+
+	return supported_kxs;
+}
+
+int _gnutls_kx_is_ok(gnutls_kx_algorithm_t algorithm)
+{
+	ssize_t ret = -1;
+	GNUTLS_KX_ALG_LOOP(ret = p->algorithm);
+	if (ret >= 0)
+		ret = 0;
+	else
+		ret = 1;
+	return ret;
+}
+
+bool _gnutls_kx_allows_false_start(gnutls_session_t session)
+{
+	unsigned algorithm = session->security_parameters.cs->kx_algorithm;
+	bool needs_dh = 0;
+	int bits;
+
+	ssize_t ret = 0;
+	GNUTLS_KX_ALG_LOOP(ret = p->false_start; needs_dh = p->needs_dh_params);
+
+	if (ret != 0) {
+		const gnutls_group_entry_st *e;
+
+		e = get_group(session);
+
+#if defined(ENABLE_DHE) || defined(ENABLE_ANON)
+		if (needs_dh != 0) {
+			bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_HIGH);
+			/* check whether sizes are sufficient */
+			if (e && e->prime) {
+				if (e->prime->size*8 < (unsigned)bits)
+					ret = 0;
+			} else if (gnutls_dh_get_prime_bits(session) < bits)
+				ret = 0;
+		} else
+#endif
+		if (algorithm == GNUTLS_KX_ECDHE_RSA || algorithm == GNUTLS_KX_ECDHE_ECDSA) {
+			bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_EC, GNUTLS_SEC_PARAM_HIGH);
+
+			if (e != NULL && gnutls_ecc_curve_get_size(e->curve) * 8 < bits)
+				ret = 0;
+		}
+	}
+	return ret;
+}
+
+bool _gnutls_kx_needs_dh_params(gnutls_kx_algorithm_t algorithm)
+{
+	ssize_t ret = 0;
+	GNUTLS_KX_ALG_LOOP(ret = p->needs_dh_params);
+	return ret;
+}
+
+/* Returns the credentials type required for this
+ * Key exchange method.
+ */
+gnutls_credentials_type_t
+_gnutls_map_kx_get_cred(gnutls_kx_algorithm_t algorithm, int server)
+{
+	gnutls_credentials_type_t ret = -1;
+	if (server) {
+		GNUTLS_KX_MAP_LOOP(if (p->algorithm == algorithm) ret =
+				   p->server_type);
+	} else {
+		GNUTLS_KX_MAP_LOOP(if (p->algorithm == algorithm) ret =
+				   p->client_type);
+	}
+
+	return ret;
+}
diff --git a/lib/algorithms/mac.c b/lib/algorithms/mac.c
new file mode 100644
index 0000000..47fbc22
--- /dev/null
+++ b/lib/algorithms/mac.c
@@ -0,0 +1,585 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <algorithms.h>
+#include "errors.h"
+#include <x509/common.h>
+#include "c-strcase.h"
+
+#define MAC_OID_SHA1 "1.2.840.113549.2.7"
+#define MAC_OID_SHA224 "1.2.840.113549.2.8"
+#define MAC_OID_SHA256 "1.2.840.113549.2.9"
+#define MAC_OID_SHA384 "1.2.840.113549.2.10"
+#define MAC_OID_SHA512 "1.2.840.113549.2.11"
+#define MAC_OID_GOST_R_3411_94 "1.2.643.2.2.10"
+#define MAC_OID_STREEBOG_256 "1.2.643.7.1.1.4.1"
+#define MAC_OID_STREEBOG_512 "1.2.643.7.1.1.4.2"
+
+static SYSTEM_CONFIG_OR_CONST
+mac_entry_st hash_algorithms[] = {
+	{.name = "SHA1",
+	 .oid = HASH_OID_SHA1,
+	 .mac_oid = MAC_OID_SHA1,
+	 .id = GNUTLS_MAC_SHA1,
+	 .output_size = 20,
+	 .key_size = 20,
+	 .block_size = 64},
+	{.name = "MD5+SHA1",
+	 .id = GNUTLS_MAC_MD5_SHA1,
+	 .output_size = 36,
+	 .key_size = 36,
+	 .flags = GNUTLS_MAC_FLAG_PREIMAGE_INSECURE,
+	 .block_size = 64},
+	{.name = "SHA256",
+	 .oid = HASH_OID_SHA256,
+	 .mac_oid = MAC_OID_SHA256,
+	 .id = GNUTLS_MAC_SHA256,
+	 .output_size = 32,
+	 .key_size = 32,
+	 .block_size = 64},
+	{.name = "SHA384",
+	 .oid = HASH_OID_SHA384,
+	 .mac_oid = MAC_OID_SHA384,
+	 .id = GNUTLS_MAC_SHA384,
+	 .output_size = 48,
+	 .key_size = 48,
+	 .block_size = 128},
+	{.name = "SHA512",
+	 .oid = HASH_OID_SHA512,
+	 .mac_oid = MAC_OID_SHA512,
+	 .id = GNUTLS_MAC_SHA512,
+	 .output_size = 64,
+	 .key_size = 64,
+	 .block_size = 128},
+	{.name = "SHA224",
+	 .oid = HASH_OID_SHA224,
+	 .mac_oid = MAC_OID_SHA224,
+	 .id = GNUTLS_MAC_SHA224,
+	 .output_size = 28,
+	 .key_size = 28,
+	 .block_size = 64},
+	{.name = "SHA3-256",
+	 .oid = HASH_OID_SHA3_256,
+	 .id = GNUTLS_MAC_SHA3_256,
+	 .output_size = 32,
+	 .key_size = 32,
+	 .block_size = 136},
+	{.name = "SHA3-384",
+	 .oid = HASH_OID_SHA3_384,
+	 .id = GNUTLS_MAC_SHA3_384,
+	 .output_size = 48,
+	 .key_size = 48,
+	 .block_size = 104},
+	{.name = "SHA3-512",
+	 .oid = HASH_OID_SHA3_512,
+	 .id = GNUTLS_MAC_SHA3_512,
+	 .output_size = 64,
+	 .key_size = 64,
+	 .block_size = 72},
+	{.name = "SHA3-224",
+	 .oid = HASH_OID_SHA3_224,
+	 .id = GNUTLS_MAC_SHA3_224,
+	 .output_size = 28,
+	 .key_size = 28,
+	 .block_size = 144},
+	{.name = "UMAC-96",
+	 .id = GNUTLS_MAC_UMAC_96,
+	 .output_size = 12,
+	 .key_size = 16,
+	 .nonce_size = 8},
+	{.name = "UMAC-128",
+	 .id = GNUTLS_MAC_UMAC_128,
+	 .output_size = 16,
+	 .key_size = 16,
+	 .nonce_size = 8},
+	{.name = "AEAD",
+	 .id = GNUTLS_MAC_AEAD,
+	 .placeholder = 1},
+	{.name = "MD5",
+	 .oid = HASH_OID_MD5,
+	 .id = GNUTLS_MAC_MD5,
+	 .output_size = 16,
+	 .key_size = 16,
+	 .flags = GNUTLS_MAC_FLAG_PREIMAGE_INSECURE,
+	 .block_size = 64},
+	{.name = "MD2",
+	 .oid = HASH_OID_MD2,
+	 .flags = GNUTLS_MAC_FLAG_PREIMAGE_INSECURE,
+	 .id = GNUTLS_MAC_MD2},
+	{.name = "RIPEMD160",
+	 .oid = HASH_OID_RMD160,
+	 .id = GNUTLS_MAC_RMD160,
+	 .output_size = 20,
+	 .key_size = 20,
+	 .block_size = 64
+	},
+	{.name = "GOSTR341194",
+	 .oid = HASH_OID_GOST_R_3411_94,
+	 .mac_oid = MAC_OID_GOST_R_3411_94,
+	 .id = GNUTLS_MAC_GOSTR_94,
+	 .output_size = 32,
+	 .key_size = 32,
+	 .block_size = 32,
+	 .flags = GNUTLS_MAC_FLAG_PREIMAGE_INSECURE
+	},
+	{.name = "STREEBOG-256",
+	 .oid = HASH_OID_STREEBOG_256,
+	 .mac_oid = MAC_OID_STREEBOG_256,
+	 .id = GNUTLS_MAC_STREEBOG_256,
+	 .output_size = 32,
+	 .key_size = 32,
+	 .block_size = 64},
+	{.name = "STREEBOG-512",
+	 .oid = HASH_OID_STREEBOG_512,
+	 .mac_oid = MAC_OID_STREEBOG_512,
+	 .id = GNUTLS_MAC_STREEBOG_512,
+	 .output_size = 64,
+	 .key_size = 64,
+	 .block_size = 64},
+	{.name = "AES-CMAC-128",
+	 .id = GNUTLS_MAC_AES_CMAC_128,
+	 .output_size = 16,
+	 .key_size = 16,},
+	{.name = "AES-CMAC-256",
+	 .id = GNUTLS_MAC_AES_CMAC_256,
+	 .output_size = 16,
+	 .key_size = 32},
+	{.name = "AES-GMAC-128",
+	 .id = GNUTLS_MAC_AES_GMAC_128,
+	 .output_size = 16,
+	 .key_size = 16,
+	 .nonce_size = 12},
+	{.name = "AES-GMAC-192",
+	 .id = GNUTLS_MAC_AES_GMAC_192,
+	 .output_size = 16,
+	 .key_size = 24,
+	 .nonce_size = 12},
+	{.name = "AES-GMAC-256",
+	 .id = GNUTLS_MAC_AES_GMAC_256,
+	 .output_size = 16,
+	 .key_size = 32,
+	 .nonce_size = 12},
+	{.name = "GOST28147-TC26Z-IMIT",
+	 .id = GNUTLS_MAC_GOST28147_TC26Z_IMIT,
+	 .output_size = 4,
+	 .key_size = 32,
+	 .block_size = 8,
+	 .flags = GNUTLS_MAC_FLAG_CONTINUOUS_MAC},
+	{.name = "SHAKE-128",
+	 .oid = HASH_OID_SHAKE_128,
+	 .id = GNUTLS_MAC_SHAKE_128,
+	 .block_size = 168},
+	{.name = "SHAKE-256",
+	 .oid = HASH_OID_SHAKE_256,
+	 .id = GNUTLS_MAC_SHAKE_256,
+	 .block_size = 136},
+	{.name = "OMAC-MAGMA",
+	 .id = GNUTLS_MAC_MAGMA_OMAC,
+	 .output_size = 8,
+	 .key_size = 32,
+	 .block_size = 8},
+	{.name = "OMAC-KUZNYECHIK",
+	 .id = GNUTLS_MAC_KUZNYECHIK_OMAC,
+	 .output_size = 16,
+	 .key_size = 32,
+	 .block_size = 16},
+	{.name = "MAC-NULL",
+	 .id = GNUTLS_MAC_NULL},
+	{0, 0, 0, 0, 0, 0, 0, 0, 0}
+};
+
+
+#define GNUTLS_HASH_LOOP(b) \
+	const mac_entry_st *p; \
+		for(p = hash_algorithms; p->name != NULL; p++) { b ; }
+
+#define GNUTLS_HASH_ALG_LOOP(a) \
+			GNUTLS_HASH_LOOP( if(p->id == algorithm) { a; break; } )
+
+const mac_entry_st *_gnutls_mac_to_entry(gnutls_mac_algorithm_t c)
+{
+	GNUTLS_HASH_LOOP(if (c == p->id) return p);
+
+	return NULL;
+}
+
+/**
+ * gnutls_mac_get_name:
+ * @algorithm: is a MAC algorithm
+ *
+ * Convert a #gnutls_mac_algorithm_t value to a string.
+ *
+ * Returns: a string that contains the name of the specified MAC
+ *   algorithm, or %NULL.
+ **/
+const char *gnutls_mac_get_name(gnutls_mac_algorithm_t algorithm)
+{
+	const char *ret = NULL;
+
+	/* avoid prefix */
+	GNUTLS_HASH_ALG_LOOP(ret = p->name);
+
+	return ret;
+}
+
+/**
+ * gnutls_digest_get_name:
+ * @algorithm: is a digest algorithm
+ *
+ * Convert a #gnutls_digest_algorithm_t value to a string.
+ *
+ * Returns: a string that contains the name of the specified digest
+ *   algorithm, or %NULL.
+ **/
+const char *gnutls_digest_get_name(gnutls_digest_algorithm_t algorithm)
+{
+	const char *ret = NULL;
+
+	GNUTLS_HASH_LOOP(
+		if (algorithm == (unsigned) p->id && p->oid != NULL) {
+			ret = p->name;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/**
+ * gnutls_digest_get_id:
+ * @name: is a digest algorithm name
+ *
+ * Convert a string to a #gnutls_digest_algorithm_t value.  The names are
+ * compared in a case insensitive way.
+ *
+ * Returns: a #gnutls_digest_algorithm_t id of the specified MAC
+ *   algorithm string, or %GNUTLS_DIG_UNKNOWN on failure.
+ **/
+gnutls_digest_algorithm_t gnutls_digest_get_id(const char *name)
+{
+	gnutls_digest_algorithm_t ret = GNUTLS_DIG_UNKNOWN;
+
+	GNUTLS_HASH_LOOP(
+		if (p->oid != NULL && c_strcasecmp(p->name, name) == 0) {
+			if (_gnutls_digest_exists((gnutls_digest_algorithm_t)p->id))
+				ret = (gnutls_digest_algorithm_t)p->id;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/* This is only called by cfg_apply in priority.c, in blocklisting mode. */
+int _gnutls_digest_mark_insecure(gnutls_digest_algorithm_t dig)
+{
+#ifndef DISABLE_SYSTEM_CONFIG
+	mac_entry_st *p;
+
+	for(p = hash_algorithms; p->name != NULL; p++) {
+		if (p->oid != NULL && p->id == (gnutls_mac_algorithm_t)dig) {
+			p->flags |= GNUTLS_MAC_FLAG_PREIMAGE_INSECURE;
+			return 0;
+		}
+	}
+
+#endif
+	return GNUTLS_E_INVALID_REQUEST;
+}
+
+/* This is only called by cfg_apply in priority.c, in allowlisting mode. */
+void _gnutls_digest_mark_insecure_all(void)
+{
+#ifndef DISABLE_SYSTEM_CONFIG
+	mac_entry_st *p;
+
+	for(p = hash_algorithms; p->name != NULL; p++) {
+		p->flags |= GNUTLS_MAC_FLAG_PREIMAGE_INSECURE_REVERTIBLE |
+			GNUTLS_MAC_FLAG_PREIMAGE_INSECURE;
+	}
+
+#endif
+}
+
+int
+_gnutls_digest_set_secure(gnutls_digest_algorithm_t dig, unsigned int secure)
+{
+#ifndef DISABLE_SYSTEM_CONFIG
+	mac_entry_st *p;
+
+	for(p = hash_algorithms; p->name != NULL; p++) {
+		if (p->oid != NULL && p->id == (gnutls_mac_algorithm_t)dig) {
+			if (!(p->flags & GNUTLS_MAC_FLAG_PREIMAGE_INSECURE_REVERTIBLE)) {
+				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+			}
+			if (secure) {
+				p->flags &= ~GNUTLS_MAC_FLAG_PREIMAGE_INSECURE;
+			} else {
+				p->flags |= GNUTLS_MAC_FLAG_PREIMAGE_INSECURE;
+			}
+			return 0;
+		}
+	}
+
+#endif
+	return GNUTLS_E_INVALID_REQUEST;
+}
+
+unsigned _gnutls_digest_is_insecure(gnutls_digest_algorithm_t dig)
+{
+	const mac_entry_st *p;
+
+	for(p = hash_algorithms; p->name != NULL; p++) {
+		if (p->oid != NULL && p->id == (gnutls_mac_algorithm_t)dig) {
+			return p->flags & GNUTLS_MAC_FLAG_PREIMAGE_INSECURE;
+		}
+	}
+
+	return 1;
+}
+
+bool _gnutls_digest_is_insecure2(gnutls_digest_algorithm_t dig,	unsigned flags)
+{
+	const mac_entry_st *p;
+
+	for(p = hash_algorithms; p->name != NULL; p++) {
+		if (p->oid != NULL && p->id == (gnutls_mac_algorithm_t)dig) {
+			return (p->flags & GNUTLS_MAC_FLAG_PREIMAGE_INSECURE &&
+				!(flags & GNUTLS_MAC_FLAG_ALLOW_INSECURE_REVERTIBLE &&
+				  p->flags & GNUTLS_MAC_FLAG_PREIMAGE_INSECURE_REVERTIBLE));
+		}
+	}
+
+	return true;
+}
+
+/**
+ * gnutls_mac_get_id:
+ * @name: is a MAC algorithm name
+ *
+ * Convert a string to a #gnutls_mac_algorithm_t value.  The names are
+ * compared in a case insensitive way.
+ *
+ * Returns: a #gnutls_mac_algorithm_t id of the specified MAC
+ *   algorithm string, or %GNUTLS_MAC_UNKNOWN on failure.
+ **/
+gnutls_mac_algorithm_t gnutls_mac_get_id(const char *name)
+{
+	gnutls_mac_algorithm_t ret = GNUTLS_MAC_UNKNOWN;
+
+	GNUTLS_HASH_LOOP(
+		if (c_strcasecmp(p->name, name) == 0) {
+			if (p->placeholder != 0 || _gnutls_mac_exists(p->id))
+				ret = p->id;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/**
+ * gnutls_mac_get_key_size:
+ * @algorithm: is an encryption algorithm
+ *
+ * Returns the size of the MAC key used in TLS.
+ *
+ * Returns: length (in bytes) of the given MAC key size, or 0 if the
+ *   given MAC algorithm is invalid.
+ **/
+size_t gnutls_mac_get_key_size(gnutls_mac_algorithm_t algorithm)
+{
+	size_t ret = 0;
+
+	/* avoid prefix */
+	GNUTLS_HASH_ALG_LOOP(ret = p->key_size);
+
+	return ret;
+}
+
+/**
+ * gnutls_mac_get_nonce_size:
+ * @algorithm: is an encryption algorithm
+ *
+ * Returns the size of the nonce used by the MAC in TLS.
+ *
+ * Returns: length (in bytes) of the given MAC nonce size, or 0.
+ *
+ * Since: 3.2.0
+ **/
+size_t gnutls_mac_get_nonce_size(gnutls_mac_algorithm_t algorithm)
+{
+	size_t ret = 0;
+
+	/* avoid prefix */
+	GNUTLS_HASH_ALG_LOOP(ret = p->nonce_size);
+
+	return ret;
+}
+
+/**
+ * gnutls_mac_list:
+ *
+ * Get a list of hash algorithms for use as MACs.  Note that not
+ * necessarily all MACs are supported in TLS cipher suites.
+ * This function is not thread safe.
+ *
+ * Returns: Return a (0)-terminated list of #gnutls_mac_algorithm_t
+ *   integers indicating the available MACs.
+ **/
+const gnutls_mac_algorithm_t *gnutls_mac_list(void)
+{
+	static gnutls_mac_algorithm_t supported_macs[MAX_ALGOS] = { 0 };
+
+	if (supported_macs[0] == 0) {
+		int i = 0;
+
+		GNUTLS_HASH_LOOP(
+			if (p->placeholder != 0 || _gnutls_mac_exists(p->id))
+				 supported_macs[i++] = p->id;
+		);
+		supported_macs[i++] = 0;
+	}
+
+	return supported_macs;
+}
+
+/**
+ * gnutls_digest_list:
+ *
+ * Get a list of hash (digest) algorithms supported by GnuTLS.
+ *
+ * This function is not thread safe.
+ *
+ * Returns: Return a (0)-terminated list of #gnutls_digest_algorithm_t
+ *   integers indicating the available digests.
+ **/
+const gnutls_digest_algorithm_t *gnutls_digest_list(void)
+{
+	static gnutls_digest_algorithm_t supported_digests[MAX_ALGOS] =
+	    { 0 };
+
+	if (supported_digests[0] == 0) {
+		int i = 0;
+
+		GNUTLS_HASH_LOOP(
+			if (p->oid != NULL && (p->placeholder != 0 ||
+				_gnutls_mac_exists(p->id))) {
+
+				supported_digests[i++] = (gnutls_digest_algorithm_t)p->id;
+			}
+		);
+		supported_digests[i++] = 0;
+	}
+
+	return supported_digests;
+}
+
+/**
+ * gnutls_oid_to_digest:
+ * @oid: is an object identifier
+ *
+ * Converts a textual object identifier to a #gnutls_digest_algorithm_t value.
+ *
+ * Returns: a #gnutls_digest_algorithm_t id of the specified digest
+ *   algorithm, or %GNUTLS_DIG_UNKNOWN on failure.
+ *
+ * Since: 3.4.3
+ **/
+gnutls_digest_algorithm_t gnutls_oid_to_digest(const char *oid)
+{
+	GNUTLS_HASH_LOOP(
+		if (p->oid && strcmp(oid, p->oid) == 0) {
+			if (_gnutls_digest_exists((gnutls_digest_algorithm_t)p->id)) {
+				return (gnutls_digest_algorithm_t) p->id;
+			}
+			break;
+		}
+	);
+
+	return GNUTLS_DIG_UNKNOWN;
+}
+
+/**
+ * gnutls_oid_to_mac:
+ * @oid: is an object identifier
+ *
+ * Converts a textual object identifier typically from PKCS#5 values to a #gnutls_mac_algorithm_t value.
+ *
+ * Returns: a #gnutls_mac_algorithm_t id of the specified digest
+ *   algorithm, or %GNUTLS_MAC_UNKNOWN on failure.
+ *
+ * Since: 3.5.4
+ **/
+gnutls_mac_algorithm_t gnutls_oid_to_mac(const char *oid)
+{
+	GNUTLS_HASH_LOOP(
+		if (p->mac_oid && strcmp(oid, p->mac_oid) == 0) {
+			if (_gnutls_mac_exists(p->id)) {
+				return p->id;
+			}
+			break;
+		}
+	);
+
+	return GNUTLS_MAC_UNKNOWN;
+}
+
+/**
+ * gnutls_digest_get_oid:
+ * @algorithm: is a digest algorithm
+ *
+ * Convert a #gnutls_digest_algorithm_t value to its object identifier.
+ *
+ * Returns: a string that contains the object identifier of the specified digest
+ *   algorithm, or %NULL.
+ *
+ * Since: 3.4.3
+ **/
+const char *gnutls_digest_get_oid(gnutls_digest_algorithm_t algorithm)
+{
+	GNUTLS_HASH_LOOP(
+		if (algorithm == (unsigned) p->id && p->oid != NULL) {
+			return p->oid;
+		}
+	);
+
+	return NULL;
+}
+
+gnutls_digest_algorithm_t _gnutls_hash_size_to_sha_hash(unsigned int size)
+{
+	if (size == 20)
+		return GNUTLS_DIG_SHA1;
+	else if (size == 28)
+		return GNUTLS_DIG_SHA224;
+	else if (size == 32)
+		return GNUTLS_DIG_SHA256;
+	else if (size == 48)
+		return GNUTLS_DIG_SHA384;
+	else if (size == 64)
+		return GNUTLS_DIG_SHA512;
+
+	return GNUTLS_DIG_UNKNOWN;
+}
diff --git a/lib/algorithms/protocols.c b/lib/algorithms/protocols.c
new file mode 100644
index 0000000..a4fd483
--- /dev/null
+++ b/lib/algorithms/protocols.c
@@ -0,0 +1,585 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <algorithms.h>
+#include "errors.h"
+#include <x509/common.h>
+#include "c-strcase.h"
+
+/* TLS Versions */
+
+static SYSTEM_CONFIG_OR_CONST
+version_entry_st sup_versions[] = {
+	{.name = "SSL3.0",
+	 .id = GNUTLS_SSL3,
+	 .age = 0,
+	 .major = 3,
+	 .minor = 0,
+	 .transport = GNUTLS_STREAM,
+#ifdef ENABLE_SSL3
+	 .supported = 1,
+#endif
+	 .explicit_iv = 0,
+	 .extensions = 0,
+	 .selectable_sighash = 0,
+	 .selectable_prf = 0,
+	 .obsolete = 1,
+	 .only_extension = 0,
+	 .tls_sig_sem = SIG_SEM_PRE_TLS12,
+	 .false_start = 0
+	},
+	{.name = "TLS1.0",
+	 .id = GNUTLS_TLS1,
+	 .age = 1,
+	 .major = 3,
+	 .minor = 1,
+	 .transport = GNUTLS_STREAM,
+	 .supported = 1,
+	 .explicit_iv = 0,
+	 .extensions = 1,
+	 .selectable_sighash = 0,
+	 .selectable_prf = 0,
+	 .obsolete = 0,
+	 .only_extension = 0,
+	 .tls_sig_sem = SIG_SEM_PRE_TLS12,
+	 .false_start = 0
+	},
+	{.name = "TLS1.1",
+	 .id = GNUTLS_TLS1_1,
+	 .age = 2,
+	 .major = 3,
+	 .minor = 2,
+	 .transport = GNUTLS_STREAM,
+	 .supported = 1,
+	 .explicit_iv = 1,
+	 .extensions = 1,
+	 .selectable_sighash = 0,
+	 .selectable_prf = 0,
+	 .obsolete = 0,
+	 .only_extension = 0,
+	 .tls_sig_sem = SIG_SEM_PRE_TLS12,
+	 .false_start = 0
+	},
+	{.name = "TLS1.2",
+	 .id = GNUTLS_TLS1_2,
+	 .age = 3,
+	 .major = 3,
+	 .minor = 3,
+	 .transport = GNUTLS_STREAM,
+	 .supported = 1,
+	 .explicit_iv = 1,
+	 .extensions = 1,
+	 .selectable_sighash = 1,
+	 .selectable_prf = 1,
+	 .obsolete = 0,
+	 .only_extension = 0,
+	 .tls_sig_sem = SIG_SEM_PRE_TLS12,
+	 .false_start = 1
+	},
+	{.name = "TLS1.3",
+	 .id = GNUTLS_TLS1_3,
+	 .age = 5,
+	 .major = 3,
+	 .minor = 4,
+	 .transport = GNUTLS_STREAM,
+	 .supported = 1,
+	 .explicit_iv = 0,
+	 .extensions = 1,
+	 .selectable_sighash = 1,
+	 .selectable_prf = 1,
+	 .tls13_sem = 1,
+	 .obsolete = 0,
+	 .only_extension = 1,
+	 .post_handshake_auth = 1,
+	 .multi_ocsp = 1,
+	 .key_shares = 1,
+	 .false_start = 0, /* doesn't make sense */
+	 .tls_sig_sem = SIG_SEM_TLS13
+	},
+	{.name = "DTLS0.9", /* Cisco AnyConnect (based on about OpenSSL 0.9.8e) */
+	 .id = GNUTLS_DTLS0_9,
+	 .age = 200,
+	 .major = 1,
+	 .minor = 0,
+	 .transport = GNUTLS_DGRAM,
+	 .supported = 1,
+	 .explicit_iv = 1,
+	 .extensions = 1,
+	 .selectable_sighash = 0,
+	 .selectable_prf = 0,
+	 .obsolete = 0,
+	 .only_extension = 0,
+	 .tls_sig_sem = SIG_SEM_PRE_TLS12,
+	 .false_start = 0
+	},
+	{.name = "DTLS1.0",
+	 .id = GNUTLS_DTLS1_0,
+	 .age = 201,
+	 .major = 254,
+	 .minor = 255,
+	 .transport = GNUTLS_DGRAM,
+	 .supported = 1,
+	 .explicit_iv = 1,
+	 .extensions = 1,
+	 .selectable_sighash = 0,
+	 .selectable_prf = 0,
+	 .obsolete = 0,
+	 .only_extension = 0,
+	 .tls_sig_sem = SIG_SEM_PRE_TLS12,
+	 .false_start = 0
+	},
+	{.name = "DTLS1.2",
+	 .id = GNUTLS_DTLS1_2,
+	 .age = 202,
+	 .major = 254,
+	 .minor = 253,
+	 .transport = GNUTLS_DGRAM,
+	 .supported = 1,
+	 .explicit_iv = 1,
+	 .extensions = 1,
+	 .selectable_sighash = 1,
+	 .selectable_prf = 1,
+	 .obsolete = 0,
+	 .only_extension = 0,
+	 .tls_sig_sem = SIG_SEM_PRE_TLS12,
+	 .false_start = 1
+	},
+	{0, 0, 0, 0, 0}
+};
+
+const version_entry_st *version_to_entry(gnutls_protocol_t version)
+{
+	const version_entry_st *p;
+
+	for (p = sup_versions; p->name != NULL; p++)
+		if (p->id == version)
+			return p;
+	return NULL;
+}
+
+const version_entry_st *nversion_to_entry(uint8_t major, uint8_t minor)
+{
+	const version_entry_st *p;
+
+	for (p = sup_versions; p->name != NULL; p++) {
+		if ((p->major == major) && (p->minor == minor))
+			    return p;
+	}
+	return NULL;
+}
+
+static int
+version_is_valid_for_session(gnutls_session_t session,
+			     const version_entry_st *v)
+{
+	if (!v->supported && !(v->supported_revertible && _gnutls_allowlisting_mode()))
+		return 0;
+	if (v->transport != session->internals.transport)
+		return 0;
+	return 1;
+}
+
+/* This is only called by cfg_apply in priority.c, in blocklisting mode. */
+int _gnutls_version_mark_disabled(gnutls_protocol_t version)
+{
+#ifndef DISABLE_SYSTEM_CONFIG
+	version_entry_st *p;
+
+	for (p = sup_versions; p->name != NULL; p++)
+		if (p->id == version) {
+			p->supported = false;
+			return 0;
+		}
+
+#endif
+	return GNUTLS_E_INVALID_REQUEST;
+}
+
+/* This is only called by cfg_apply in priority.c, in allowlisting mode. */
+void _gnutls_version_mark_disabled_all(void)
+{
+#ifndef DISABLE_SYSTEM_CONFIG
+	version_entry_st *p;
+
+	for (p = sup_versions; p->name != NULL; p++) {
+		p->supported = false;
+		p->supported_revertible = true;
+	}
+#endif
+}
+
+int
+_gnutls_protocol_set_enabled(gnutls_protocol_t version,
+			    unsigned int enabled)
+{
+#ifndef DISABLE_SYSTEM_CONFIG
+	version_entry_st *p;
+
+	for (p = sup_versions; p->name != NULL; p++)
+		if (p->id == version) {
+			if (!p->supported_revertible) {
+				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+			}
+			p->supported = enabled;
+			return 0;
+		}
+
+#endif
+	return GNUTLS_E_INVALID_REQUEST;
+}
+
+/* Return the priority of the provided version number */
+int
+_gnutls_version_priority(gnutls_session_t session,
+			 gnutls_protocol_t version)
+{
+	unsigned int i;
+
+	for (i = 0; i < session->internals.priorities->protocol.num_priorities;
+	     i++) {
+		if (session->internals.priorities->protocol.priorities[i] ==
+		    version)
+			return i;
+	}
+	return -1;
+}
+
+/* Returns the lowest TLS version number in the priorities.
+ */
+const version_entry_st *_gnutls_version_lowest(gnutls_session_t session)
+{
+	unsigned int i;
+	gnutls_protocol_t cur_prot;
+	const version_entry_st *v, *min_v = NULL;
+	const version_entry_st *backup = NULL;
+
+	for (i=0;i < session->internals.priorities->protocol.num_priorities;i++) {
+		cur_prot =
+		    session->internals.priorities->protocol.priorities[i];
+		v = version_to_entry(cur_prot);
+
+		if (v != NULL && version_is_valid_for_session(session, v)) {
+			if (min_v == NULL) {
+				if (v->obsolete != 0)
+					backup = v;
+				else
+					min_v = v;
+			} else if (v->obsolete == 0 && v->age < min_v->age) {
+				min_v = v;
+			}
+		}
+	}
+
+	if (min_v == NULL)
+		return backup;
+
+	return min_v;
+}
+
+/* Returns the maximum version in the priorities
+ */
+const version_entry_st *_gnutls_version_max(gnutls_session_t session)
+{
+	unsigned int i;
+	gnutls_protocol_t cur_prot;
+	const version_entry_st *p, *max = NULL;
+
+	if (!session->internals.priorities) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	for (i = 0; i < session->internals.priorities->protocol.num_priorities;
+	     i++) {
+		cur_prot =
+		    session->internals.priorities->protocol.priorities[i];
+
+		for (p = sup_versions; p->name != NULL; p++) {
+			if(p->id == cur_prot) {
+#ifndef ENABLE_SSL3
+				if (p->obsolete != 0)
+					break;
+#endif
+				if (!p->supported && !(p->supported_revertible && _gnutls_allowlisting_mode()))
+					break;
+
+				if (p->transport != session->internals.transport)
+					break;
+
+				if (p->tls13_sem && (session->internals.flags & INT_FLAG_NO_TLS13))
+				    break;
+
+				if (max == NULL || cur_prot > max->id) {
+					max = p;
+				}
+
+				break;
+			}
+		}
+	}
+
+	return max;
+}
+
+const version_entry_st *_gnutls_legacy_version_max(gnutls_session_t session)
+{
+	const version_entry_st *max = _gnutls_version_max(session);
+
+	if (max && max->only_extension != 0) {
+		/* TLS 1.3 or later found */
+		if (max->transport == GNUTLS_STREAM) {
+			return version_to_entry(GNUTLS_TLS1_2);
+		} else {
+			return version_to_entry(GNUTLS_DTLS1_2);
+		}
+	}
+
+	return max;
+}
+
+/* Returns the number of bytes written to buffer or a negative
+ * error code. It will return GNUTLS_E_UNSUPPORTED_VERSION_PACKET
+ * if there is no version >= TLS 1.3.
+ */
+int _gnutls_write_supported_versions(gnutls_session_t session, uint8_t *buffer, ssize_t buffer_size)
+{
+	gnutls_protocol_t cur_prot;
+	size_t written_bytes = 0;
+	unsigned at_least_one_new = 0;
+	unsigned i;
+	const version_entry_st *p;
+
+	for (i = 0; i < session->internals.priorities->protocol.num_priorities; i++) {
+		cur_prot =
+		    session->internals.priorities->protocol.priorities[i];
+
+		for (p = sup_versions; p->name != NULL; p++) {
+			if(p->id == cur_prot) {
+				if (p->obsolete != 0)
+					break;
+
+				if (!p->supported && !(p->supported_revertible && _gnutls_allowlisting_mode()))
+					break;
+
+				if (p->transport != session->internals.transport)
+					break;
+
+				if (p->only_extension)
+					at_least_one_new = 1;
+
+				if (buffer_size > 2) {
+					_gnutls_debug_log("Advertizing version %d.%d\n", (int)p->major, (int)p->minor);
+					buffer[0] = p->major;
+					buffer[1] = p->minor;
+					written_bytes += 2;
+					buffer += 2;
+				}
+
+				buffer_size -= 2;
+
+				if (buffer_size <= 0)
+					goto finish;
+
+				break;
+			}
+		}
+	}
+
+ finish:
+	if (written_bytes == 0)
+		return gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET);
+
+	if (at_least_one_new == 0)
+		return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
+
+	return written_bytes;
+}
+
+/* Returns true (1) if the given version is higher than the highest supported
+ * and (0) otherwise */
+unsigned _gnutls_version_is_too_high(gnutls_session_t session, uint8_t major, uint8_t minor)
+{
+	const version_entry_st *e;
+
+	e = _gnutls_legacy_version_max(session);
+	if (e == NULL) /* we don't know; but that means something is unconfigured */
+		return 1;
+
+	if (e->transport == GNUTLS_DGRAM) {
+		if (major < e->major)
+			return 1;
+
+		if (e->major == major && minor < e->minor)
+			return 1;
+	} else {
+		if (major > e->major)
+			return 1;
+
+		if (e->major == major && minor > e->minor)
+			return 1;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_protocol_get_name:
+ * @version: is a (gnutls) version number
+ *
+ * Convert a #gnutls_protocol_t value to a string.
+ *
+ * Returns: a string that contains the name of the specified TLS
+ *   version (e.g., "TLS1.0"), or %NULL.
+ **/
+const char *gnutls_protocol_get_name(gnutls_protocol_t version)
+{
+	const version_entry_st *p;
+	/* avoid prefix */
+	for (p = sup_versions; p->name != NULL; p++)
+		if (p->id == version)
+			return p->name;
+	return NULL;
+}
+
+/**
+ * gnutls_protocol_get_id:
+ * @name: is a protocol name
+ *
+ * The names are compared in a case insensitive way.
+ *
+ * Returns: an id of the specified protocol, or
+ * %GNUTLS_VERSION_UNKNOWN on error.
+ **/
+gnutls_protocol_t gnutls_protocol_get_id(const char *name)
+{
+	const version_entry_st *p;
+	gnutls_protocol_t ret = GNUTLS_VERSION_UNKNOWN;
+
+	for (p = sup_versions; p->name != NULL; p++) {
+		if (c_strcasecmp(p->name, name) == 0) {
+			ret = p->id;
+			break;
+		}
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_protocol_list:
+ *
+ * Get a list of supported protocols, e.g. SSL 3.0, TLS 1.0 etc.
+ *
+ * This function is not thread safe.
+ *
+ * Returns: a (0)-terminated list of #gnutls_protocol_t integers
+ * indicating the available protocols.
+ *
+ **/
+const gnutls_protocol_t *gnutls_protocol_list(void)
+{
+	const version_entry_st *p;
+	static gnutls_protocol_t supported_protocols[MAX_ALGOS] = { 0 };
+
+	if (supported_protocols[0] == 0) {
+		int i = 0;
+
+		for (p = sup_versions; p->name != NULL; p++) {
+			if (!p->supported)
+				continue;
+			supported_protocols[i++] = p->id;
+		}
+		supported_protocols[i++] = 0;
+	}
+
+	return supported_protocols;
+}
+
+/* Return all versions, including non-supported ones.
+ */
+const gnutls_protocol_t *_gnutls_protocol_list(void)
+{
+	const version_entry_st *p;
+	static gnutls_protocol_t protocols[MAX_ALGOS] = { 0 };
+
+	if (protocols[0] == 0) {
+		int i = 0;
+
+		for (p = sup_versions; p->name != NULL; p++) {
+			protocols[i++] = p->id;
+		}
+		protocols[i++] = 0;
+	}
+
+	return protocols;
+}
+
+/* Returns a version number given the major and minor numbers.
+ */
+gnutls_protocol_t _gnutls_version_get(uint8_t major, uint8_t minor)
+{
+	const version_entry_st *p;
+	int ret = GNUTLS_VERSION_UNKNOWN;
+
+	for (p = sup_versions; p->name != NULL; p++)
+		if ((p->major == major) && (p->minor == minor))
+			ret = p->id;
+	return ret;
+}
+
+/* Version Functions */
+
+int
+_gnutls_nversion_is_supported(gnutls_session_t session,
+			      unsigned char major, unsigned char minor)
+{
+	const version_entry_st *p;
+	int version = 0;
+
+	for (p = sup_versions; p->name != NULL; p++) {
+		if(p->major == major && p->minor == minor) {
+#ifndef ENABLE_SSL3
+			if (p->obsolete != 0) return 0;
+#endif
+			if (p->tls13_sem && (session->internals.flags & INT_FLAG_NO_TLS13))
+				return 0;
+
+			if (!p->supported && !(p->supported_revertible && _gnutls_allowlisting_mode()))
+				return 0;
+
+			if (p->transport != session->internals.transport)
+				return 0;
+
+			version = p->id;
+			break;
+		}
+	}
+
+	if (version == 0)
+		return 0;
+
+	if (_gnutls_version_priority(session, version) < 0)
+		return 0;	/* disabled by the user */
+	else
+		return 1;
+}
diff --git a/lib/algorithms/publickey.c b/lib/algorithms/publickey.c
new file mode 100644
index 0000000..caf5397
--- /dev/null
+++ b/lib/algorithms/publickey.c
@@ -0,0 +1,400 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <algorithms.h>
+#include "errors.h"
+#include <x509/common.h>
+#include "pk.h"
+
+
+/* KX mappings to PK algorithms */
+typedef struct {
+	gnutls_kx_algorithm_t kx_algorithm;
+	gnutls_pk_algorithm_t pk_algorithm;
+	enum encipher_type encipher_type;	/* CIPHER_ENCRYPT if this algorithm is to be used
+						 * for encryption, CIPHER_SIGN if signature only,
+						 * CIPHER_IGN if this does not apply at all.
+						 *
+						 * This is useful to certificate cipher suites, which check
+						 * against the certificate key usage bits.
+						 */
+} gnutls_pk_map;
+
+/* This table maps the Key exchange algorithms to
+ * the certificate algorithms. Eg. if we have
+ * RSA algorithm in the certificate then we can
+ * use GNUTLS_KX_RSA or GNUTLS_KX_DHE_RSA.
+ */
+static const gnutls_pk_map pk_mappings[] = {
+	{GNUTLS_KX_RSA, GNUTLS_PK_RSA, CIPHER_ENCRYPT},
+	{GNUTLS_KX_DHE_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
+	{GNUTLS_KX_SRP_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
+	{GNUTLS_KX_ECDHE_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
+	{GNUTLS_KX_ECDHE_ECDSA, GNUTLS_PK_EC, CIPHER_SIGN},
+	{GNUTLS_KX_ECDHE_ECDSA, GNUTLS_PK_EDDSA_ED25519, CIPHER_SIGN},
+	{GNUTLS_KX_ECDHE_ECDSA, GNUTLS_PK_EDDSA_ED448, CIPHER_SIGN},
+	{GNUTLS_KX_DHE_DSS, GNUTLS_PK_DSA, CIPHER_SIGN},
+	{GNUTLS_KX_DHE_RSA, GNUTLS_PK_RSA_PSS, CIPHER_SIGN},
+	{GNUTLS_KX_ECDHE_RSA, GNUTLS_PK_RSA_PSS, CIPHER_SIGN},
+	{GNUTLS_KX_SRP_DSS, GNUTLS_PK_DSA, CIPHER_SIGN},
+	{GNUTLS_KX_RSA_PSK, GNUTLS_PK_RSA, CIPHER_ENCRYPT},
+	{GNUTLS_KX_VKO_GOST_12, GNUTLS_PK_GOST_01, CIPHER_SIGN},
+	{GNUTLS_KX_VKO_GOST_12, GNUTLS_PK_GOST_12_256, CIPHER_SIGN},
+	{GNUTLS_KX_VKO_GOST_12, GNUTLS_PK_GOST_12_512, CIPHER_SIGN},
+	{0, 0, 0}
+};
+
+#define GNUTLS_PK_MAP_LOOP(b) \
+	const gnutls_pk_map *p; \
+		for(p = pk_mappings; p->kx_algorithm != 0; p++) { b }
+
+#define GNUTLS_PK_MAP_ALG_LOOP(a) \
+			GNUTLS_PK_MAP_LOOP( if(p->kx_algorithm == kx_algorithm) { a; break; })
+
+
+unsigned
+_gnutls_kx_supports_pk(gnutls_kx_algorithm_t kx_algorithm,
+		       gnutls_pk_algorithm_t pk_algorithm)
+{
+	GNUTLS_PK_MAP_LOOP(if (p->kx_algorithm == kx_algorithm && p->pk_algorithm == pk_algorithm) { return 1; })
+	return 0;
+}
+
+unsigned
+_gnutls_kx_supports_pk_usage(gnutls_kx_algorithm_t kx_algorithm,
+			     gnutls_pk_algorithm_t pk_algorithm,
+			     unsigned int key_usage)
+{
+	const gnutls_pk_map *p;
+
+	for(p = pk_mappings; p->kx_algorithm != 0; p++) {
+		if (p->kx_algorithm == kx_algorithm && p->pk_algorithm == pk_algorithm) {
+			if (key_usage == 0)
+				return 1;
+			else if (p->encipher_type == CIPHER_SIGN && (key_usage & GNUTLS_KEY_DIGITAL_SIGNATURE))
+				return 1;
+			else if (p->encipher_type == CIPHER_ENCRYPT && (key_usage & GNUTLS_KEY_KEY_ENCIPHERMENT))
+				return 1;
+			else
+				return 0;
+		}
+	}
+
+	return 0;
+}
+
+/* pk algorithms;
+ */
+struct gnutls_pk_entry {
+	const char *name;
+	const char *oid;
+	gnutls_pk_algorithm_t id;
+	gnutls_ecc_curve_t curve; /* to map PK to specific OID, we need to know the curve for EdDSA */
+	bool no_prehashed; /* non-zero if the algorithm cannot sign pre-hashed data */
+};
+typedef struct gnutls_pk_entry gnutls_pk_entry;
+
+static const gnutls_pk_entry pk_algorithms[] = {
+	/* having duplicate entries is ok, as long as the one
+	 * we want to return OID from is first */
+	{ .name = "RSA", .oid = PK_PKIX1_RSA_OID, .id = GNUTLS_PK_RSA,
+	   .curve = GNUTLS_ECC_CURVE_INVALID },
+	{ .name = "RSA-PSS", .oid = PK_PKIX1_RSA_PSS_OID, .id = GNUTLS_PK_RSA_PSS,
+	   .curve = GNUTLS_ECC_CURVE_INVALID },
+	{ .name = "RSA (X.509)", .oid = PK_X509_RSA_OID, .id = GNUTLS_PK_RSA,
+	   .curve = GNUTLS_ECC_CURVE_INVALID },	/* some certificates use this OID for RSA */
+	{ .name = "RSA-MD5", .oid = SIG_RSA_MD5_OID, .id = GNUTLS_PK_RSA,
+	   .curve = GNUTLS_ECC_CURVE_INVALID },	/* some other broken certificates set RSA with MD5 as an indicator of RSA */
+	{ .name = "RSA-SHA1", .oid = SIG_RSA_SHA1_OID, .id = GNUTLS_PK_RSA,
+	   .curve = GNUTLS_ECC_CURVE_INVALID },	/* some other broken certificates set RSA with SHA1 as an indicator of RSA */
+	{ .name = "RSA-SHA1", .oid = ISO_SIG_RSA_SHA1_OID, .id = GNUTLS_PK_RSA,
+	   .curve = GNUTLS_ECC_CURVE_INVALID },	/* some other broken certificates set RSA with SHA1 as an indicator of RSA */
+	{ .name = "DSA", .oid = PK_DSA_OID, .id = GNUTLS_PK_DSA,
+	   .curve = GNUTLS_ECC_CURVE_INVALID },
+	{ .name = "GOST R 34.10-2012-512", .oid = PK_GOST_R3410_2012_512_OID, .id = GNUTLS_PK_GOST_12_512,
+	   .curve = GNUTLS_ECC_CURVE_INVALID },
+	{ .name = "GOST R 34.10-2012-256", .oid = PK_GOST_R3410_2012_256_OID, .id = GNUTLS_PK_GOST_12_256,
+	   .curve = GNUTLS_ECC_CURVE_INVALID },
+	{ .name = "GOST R 34.10-2001", .oid = PK_GOST_R3410_2001_OID, .id = GNUTLS_PK_GOST_01,
+	   .curve = GNUTLS_ECC_CURVE_INVALID },
+	{ .name = "GOST R 34.10-94", .oid = PK_GOST_R3410_94_OID, .id = GNUTLS_PK_UNKNOWN,
+	   .curve = GNUTLS_ECC_CURVE_INVALID },
+	{ .name = "EC/ECDSA", .oid = "1.2.840.10045.2.1", .id = GNUTLS_PK_ECDSA,
+	   .curve = GNUTLS_ECC_CURVE_INVALID },
+	{ .name = "EdDSA (Ed25519)", .oid = SIG_EDDSA_SHA512_OID, .id = GNUTLS_PK_EDDSA_ED25519, 
+	  .curve = GNUTLS_ECC_CURVE_ED25519, .no_prehashed = 1 },
+	{ .name = "EdDSA (Ed448)", .oid = SIG_ED448_OID, .id = GNUTLS_PK_EDDSA_ED448,
+	  .curve = GNUTLS_ECC_CURVE_ED448, .no_prehashed = 1 },
+	{ .name = "DH", .oid = NULL, .id = GNUTLS_PK_DH,
+	   .curve = GNUTLS_ECC_CURVE_INVALID },
+	{ .name = "ECDH (X25519)", .oid = ECDH_X25519_OID, .id = GNUTLS_PK_ECDH_X25519,
+	  .curve = GNUTLS_ECC_CURVE_X25519 },
+	{ .name = "ECDH (X448)", .oid = ECDH_X448_OID, .id = GNUTLS_PK_ECDH_X448,
+	  .curve = GNUTLS_ECC_CURVE_X448 },
+	{ .name = "UNKNOWN", .oid = NULL, .id = GNUTLS_PK_UNKNOWN, 
+	  .curve = GNUTLS_ECC_CURVE_INVALID },
+	{0, 0, 0, 0}
+};
+
+#define GNUTLS_PK_LOOP(b) \
+	{ const gnutls_pk_entry *p; \
+		for(p = pk_algorithms; p->name != NULL; p++) { b ; } }
+
+
+/**
+ * gnutls_pk_algorithm_get_name:
+ * @algorithm: is a pk algorithm
+ *
+ * Convert a #gnutls_pk_algorithm_t value to a string.
+ *
+ * Returns: a string that contains the name of the specified public
+ *   key algorithm, or %NULL.
+ **/
+const char *gnutls_pk_algorithm_get_name(gnutls_pk_algorithm_t algorithm)
+{
+	const char *ret = NULL;
+
+	GNUTLS_PK_LOOP(
+		if (p->id == algorithm) {
+			ret = p->name;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/**
+ * gnutls_pk_list:
+ *
+ * Get a list of supported public key algorithms.
+ *
+ * This function is not thread safe.
+ *
+ * Returns: a (0)-terminated list of #gnutls_pk_algorithm_t integers
+ *   indicating the available ciphers.
+ *
+ * Since: 2.6.0
+ **/
+const gnutls_pk_algorithm_t *gnutls_pk_list(void)
+{
+	static gnutls_pk_algorithm_t supported_pks[MAX_ALGOS] = { 0 };
+
+	if (supported_pks[0] == 0) {
+		int i = 0;
+
+		GNUTLS_PK_LOOP(
+			if (p->id != GNUTLS_PK_UNKNOWN &&
+			    supported_pks[i > 0 ? (i - 1) : 0] != p->id &&
+			    _gnutls_pk_exists(p->id)) {
+				supported_pks[i++] = p->id;
+			}
+		);
+		supported_pks[i++] = 0;
+	}
+
+	return supported_pks;
+}
+
+/**
+ * gnutls_pk_get_id:
+ * @name: is a string containing a public key algorithm name.
+ *
+ * Convert a string to a #gnutls_pk_algorithm_t value.  The names are
+ * compared in a case insensitive way.  For example,
+ * gnutls_pk_get_id("RSA") will return %GNUTLS_PK_RSA.
+ *
+ * Returns: a #gnutls_pk_algorithm_t id of the specified public key
+ *   algorithm string, or %GNUTLS_PK_UNKNOWN on failures.
+ *
+ * Since: 2.6.0
+ **/
+gnutls_pk_algorithm_t gnutls_pk_get_id(const char *name)
+{
+	gnutls_pk_algorithm_t ret = GNUTLS_PK_UNKNOWN;
+	const gnutls_pk_entry *p;
+
+	for (p = pk_algorithms; p->name != NULL; p++)
+		if (name && strcmp(p->name, name) == 0) {
+			ret = p->id;
+			break;
+		}
+
+	return ret;
+}
+
+/**
+ * gnutls_pk_get_name:
+ * @algorithm: is a public key algorithm
+ *
+ * Convert a #gnutls_pk_algorithm_t value to a string.
+ *
+ * Returns: a pointer to a string that contains the name of the
+ *   specified public key algorithm, or %NULL.
+ *
+ * Since: 2.6.0
+ **/
+const char *gnutls_pk_get_name(gnutls_pk_algorithm_t algorithm)
+{
+	const char *ret = "Unknown";
+	const gnutls_pk_entry *p;
+
+	for (p = pk_algorithms; p->name != NULL; p++)
+		if (algorithm == p->id) {
+			ret = p->name;
+			break;
+		}
+
+	return ret;
+}
+
+/*-
+ * _gnutls_pk_is_not_prehashed:
+ * @algorithm: is a public key algorithm
+ *
+ * Returns non-zero when the public key algorithm does not support pre-hashed
+ * data.
+ *
+ * Since: 3.6.0
+ **/
+bool _gnutls_pk_is_not_prehashed(gnutls_pk_algorithm_t algorithm)
+{
+	const gnutls_pk_entry *p;
+
+	for (p = pk_algorithms; p->name != NULL; p++)
+		if (algorithm == p->id) {
+			return p->no_prehashed;
+		}
+
+	return 0;
+}
+
+/**
+ * gnutls_oid_to_pk:
+ * @oid: is an object identifier
+ *
+ * Converts a textual object identifier to a #gnutls_pk_algorithm_t value.
+ *
+ * Returns: a #gnutls_pk_algorithm_t id of the specified digest
+ *   algorithm, or %GNUTLS_PK_UNKNOWN on failure.
+ *
+ * Since: 3.4.3
+ **/
+gnutls_pk_algorithm_t gnutls_oid_to_pk(const char *oid)
+{
+	gnutls_pk_algorithm_t ret = GNUTLS_PK_UNKNOWN;
+	const gnutls_pk_entry *p;
+
+	for (p = pk_algorithms; p->name != NULL; p++)
+		if (p->oid && strcmp(p->oid, oid) == 0) {
+			ret = p->id;
+			break;
+		}
+
+	return ret;
+}
+
+/**
+ * gnutls_pk_get_oid:
+ * @algorithm: is a public key algorithm
+ *
+ * Convert a #gnutls_pk_algorithm_t value to its object identifier string.
+ *
+ * Returns: a pointer to a string that contains the object identifier of the
+ *   specified public key algorithm, or %NULL.
+ *
+ * Since: 3.4.3
+ **/
+const char *gnutls_pk_get_oid(gnutls_pk_algorithm_t algorithm)
+{
+	const char *ret = NULL;
+	const gnutls_pk_entry *p;
+
+	if (algorithm == 0)
+		return NULL;
+
+	for (p = pk_algorithms; p->name != NULL; p++)
+		if (p->id == algorithm) {
+			ret = p->oid;
+			break;
+		}
+
+	return ret;
+}
+
+/*-
+ * _gnutls_oid_to_pk_and_curve:
+ * @oid: is an object identifier
+ *
+ * Convert an OID to a #gnutls_pk_algorithm_t and curve values. If no curve
+ * is applicable, curve will be set GNUTLS_ECC_CURVE_INVALID.
+ *
+ * Returns: a #gnutls_pk_algorithm_t id of the specified digest
+ *   algorithm, or %GNUTLS_PK_UNKNOWN on failure.
+ *
+ * Since: 3.6.0
+ -*/
+gnutls_pk_algorithm_t _gnutls_oid_to_pk_and_curve(const char *oid, gnutls_ecc_curve_t *curve)
+{
+	gnutls_pk_algorithm_t ret = GNUTLS_PK_UNKNOWN;
+	const gnutls_pk_entry *p;
+
+	for (p = pk_algorithms; p->name != NULL; p++)
+		if (p->oid && strcmp(p->oid, oid) == 0) {
+			ret = p->id;
+			if (curve)
+				*curve = p->curve;
+			break;
+		}
+
+	if (ret == GNUTLS_PK_UNKNOWN && curve)
+		*curve = GNUTLS_ECC_CURVE_INVALID;
+
+	return ret;
+}
+
+/* Returns the encipher type for the given key exchange algorithm.
+ * That one of CIPHER_ENCRYPT, CIPHER_SIGN, CIPHER_IGN.
+ *
+ * ex. GNUTLS_KX_RSA requires a certificate able to encrypt... so returns CIPHER_ENCRYPT.
+ */
+enum encipher_type
+_gnutls_kx_encipher_type(gnutls_kx_algorithm_t kx_algorithm)
+{
+	int ret = CIPHER_IGN;
+	GNUTLS_PK_MAP_ALG_LOOP(ret = p->encipher_type)
+
+	return ret;
+
+}
+
+bool _gnutls_pk_are_compat(gnutls_pk_algorithm_t pk1, gnutls_pk_algorithm_t pk2)
+{
+	if (pk1 == pk2)
+		return 1;
+
+	if (GNUTLS_PK_IS_RSA(pk1) && GNUTLS_PK_IS_RSA(pk2))
+		return 1;
+
+	return 0;
+}
diff --git a/lib/algorithms/secparams.c b/lib/algorithms/secparams.c
new file mode 100644
index 0000000..efd1f47
--- /dev/null
+++ b/lib/algorithms/secparams.c
@@ -0,0 +1,223 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <algorithms.h>
+#include "errors.h"
+#include <x509/common.h>
+
+typedef struct {
+	const char *name;
+	gnutls_sec_param_t sec_param;
+	unsigned int bits;	/* security level */
+	unsigned int pk_bits;	/* DH, RSA, SRP */
+	unsigned int dsa_bits;	/* bits for DSA. Handled differently since
+				 * choice of key size in DSA is political.
+				 */
+	unsigned int subgroup_bits;	/* subgroup bits */
+	unsigned int ecc_bits;	/* bits for ECC keys */
+} gnutls_sec_params_entry;
+
+static const gnutls_sec_params_entry sec_params[] = {
+	{"Insecure", GNUTLS_SEC_PARAM_INSECURE, 0, 0, 0, 0, 0},
+	{"Export", GNUTLS_SEC_PARAM_EXPORT, 42, 512, 0, 84, 0},
+	{"Very weak", GNUTLS_SEC_PARAM_VERY_WEAK, 64, 767, 0, 128, 0},
+	{"Weak", GNUTLS_SEC_PARAM_WEAK, 72, 1008, 1008, 160, 160},
+#ifdef ENABLE_FIPS140
+	{"Low", GNUTLS_SEC_PARAM_LOW, 80, 1024, 1024, 160, 160},
+	{"Legacy", GNUTLS_SEC_PARAM_LEGACY, 96, 1024, 1024, 192, 192},
+	{"Medium", GNUTLS_SEC_PARAM_MEDIUM, 112, 2048, 2048, 224, 224},
+	{"High", GNUTLS_SEC_PARAM_HIGH, 128, 3072, 3072, 256, 256},
+#else
+	{"Low", GNUTLS_SEC_PARAM_LOW, 80, 1024, 1024, 160, 160}, /* ENISA-LEGACY */
+	{"Legacy", GNUTLS_SEC_PARAM_LEGACY, 96, 1776, 2048, 192, 192},
+	{"Medium", GNUTLS_SEC_PARAM_MEDIUM, 112, 2048, 2048, 256, 224},
+	{"High", GNUTLS_SEC_PARAM_HIGH, 128, 3072, 3072, 256, 256},
+#endif
+	{"Ultra", GNUTLS_SEC_PARAM_ULTRA, 192, 8192, 8192, 384, 384},
+	{"Future", GNUTLS_SEC_PARAM_FUTURE, 256, 15360, 15360, 512, 512},
+	{NULL, 0, 0, 0, 0, 0}
+};
+
+#define GNUTLS_SEC_PARAM_LOOP(b) \
+	{ const gnutls_sec_params_entry *p; \
+		for(p = sec_params; p->name != NULL; p++) { b ; } }
+
+/**
+ * gnutls_sec_param_to_pk_bits:
+ * @algo: is a public key algorithm
+ * @param: is a security parameter
+ *
+ * When generating private and public key pairs a difficult question
+ * is which size of "bits" the modulus will be in RSA and the group size
+ * in DSA. The easy answer is 1024, which is also wrong. This function
+ * will convert a human understandable security parameter to an
+ * appropriate size for the specific algorithm.
+ *
+ * Returns: The number of bits, or (0).
+ *
+ * Since: 2.12.0
+ **/
+unsigned int
+gnutls_sec_param_to_pk_bits(gnutls_pk_algorithm_t algo,
+			    gnutls_sec_param_t param)
+{
+	unsigned int ret = 0;
+
+	/* handle DSA differently */
+	GNUTLS_SEC_PARAM_LOOP(
+	if (p->sec_param == param) {
+		if (algo == GNUTLS_PK_DSA)
+			ret = p->dsa_bits;
+		else if (IS_EC(algo)||IS_GOSTEC(algo))
+			ret = p->ecc_bits;
+		else
+			ret = p->pk_bits;
+		break;
+	}
+	);
+	return ret;
+}
+
+/**
+ * gnutls_sec_param_to_symmetric_bits:
+ * @algo: is a public key algorithm
+ * @param: is a security parameter
+ *
+ * This function will return the number of bits that correspond to
+ * symmetric cipher strength for the given security parameter.
+ *
+ * Returns: The number of bits, or (0).
+ *
+ * Since: 3.3.0
+ **/
+unsigned int
+gnutls_sec_param_to_symmetric_bits(gnutls_sec_param_t param)
+{
+	unsigned int ret = 0;
+
+	/* handle DSA differently */
+	GNUTLS_SEC_PARAM_LOOP(
+	if (p->sec_param == param) {
+		ret = p->bits; break;
+	}
+	);
+	return ret;
+}
+
+/* Returns the corresponding size for subgroup bits (q),
+ * given the group bits (p).
+ */
+unsigned int _gnutls_pk_bits_to_subgroup_bits(unsigned int pk_bits)
+{
+	unsigned int ret = 0;
+
+	GNUTLS_SEC_PARAM_LOOP(
+		ret = p->subgroup_bits;
+		if (p->pk_bits >= pk_bits)
+			break;
+	);
+	return ret;
+}
+
+/* Returns a corresponding SHA algorithm size for the
+ * public key bits given. It is based on the NIST mappings.
+ */
+gnutls_digest_algorithm_t _gnutls_pk_bits_to_sha_hash(unsigned int pk_bits)
+{
+	GNUTLS_SEC_PARAM_LOOP(
+		if (p->pk_bits >= pk_bits) {
+			if (p->bits <= 128)
+				return GNUTLS_DIG_SHA256;
+			else if (p->bits <= 192)
+				return GNUTLS_DIG_SHA384;
+			else
+				return GNUTLS_DIG_SHA512;
+		}
+	);
+	return GNUTLS_DIG_SHA256;
+}
+
+/**
+ * gnutls_sec_param_get_name:
+ * @param: is a security parameter
+ *
+ * Convert a #gnutls_sec_param_t value to a string.
+ *
+ * Returns: a pointer to a string that contains the name of the
+ *   specified security level, or %NULL.
+ *
+ * Since: 2.12.0
+ **/
+const char *gnutls_sec_param_get_name(gnutls_sec_param_t param)
+{
+	const char *ret = "Unknown";
+
+	GNUTLS_SEC_PARAM_LOOP(
+		if (p->sec_param == param) {
+			ret = p->name;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/**
+ * gnutls_pk_bits_to_sec_param:
+ * @algo: is a public key algorithm
+ * @bits: is the number of bits
+ *
+ * This is the inverse of gnutls_sec_param_to_pk_bits(). Given an algorithm
+ * and the number of bits, it will return the security parameter. This is
+ * a rough indication.
+ *
+ * Returns: The security parameter.
+ *
+ * Since: 2.12.0
+ **/
+gnutls_sec_param_t
+gnutls_pk_bits_to_sec_param(gnutls_pk_algorithm_t algo, unsigned int bits)
+{
+	gnutls_sec_param_t ret = GNUTLS_SEC_PARAM_INSECURE;
+
+	if (bits == 0)
+		return GNUTLS_SEC_PARAM_UNKNOWN;
+
+	if (IS_EC(algo)||IS_GOSTEC(algo)) {
+		GNUTLS_SEC_PARAM_LOOP(
+			if (p->ecc_bits > bits) {
+				break;
+			}
+			ret = p->sec_param;
+		);
+	} else {
+		GNUTLS_SEC_PARAM_LOOP(
+			if (p->pk_bits > bits) {
+			      break;
+			}
+			ret = p->sec_param;
+		);
+	}
+
+	return ret;
+}
diff --git a/lib/algorithms/sign.c b/lib/algorithms/sign.c
new file mode 100644
index 0000000..06e2839
--- /dev/null
+++ b/lib/algorithms/sign.c
@@ -0,0 +1,859 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <algorithms.h>
+#include "errors.h"
+#include <x509/common.h>
+#include <assert.h>
+#include "c-strcase.h"
+#include "pk.h"
+
+/* signature algorithms;
+ */
+
+#ifdef ALLOW_SHA1
+# define SHA1_SECURE_VAL _SECURE
+#else
+# define SHA1_SECURE_VAL _INSECURE_FOR_CERTS
+#endif
+
+static SYSTEM_CONFIG_OR_CONST
+gnutls_sign_entry_st sign_algorithms[] = {
+	 /* RSA-PKCS#1 1.5: must be before PSS,
+	  * so that gnutls_pk_to_sign() will return
+	  * these first for backwards compatibility. */
+	{.name = "RSA-SHA256",
+	 .oid = SIG_RSA_SHA256_OID,
+	 .id = GNUTLS_SIGN_RSA_SHA256,
+	 .pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_SHA256,
+	 .aid = {{4, 1}, SIG_SEM_DEFAULT}},
+	{.name = "RSA-SHA384",
+	 .oid = SIG_RSA_SHA384_OID,
+	 .id = GNUTLS_SIGN_RSA_SHA384,
+	 .pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_SHA384,
+	 .aid = {{5, 1}, SIG_SEM_DEFAULT}},
+	{.name = "RSA-SHA512",
+	 .oid = SIG_RSA_SHA512_OID,
+	 .id = GNUTLS_SIGN_RSA_SHA512,
+	 .pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_SHA512,
+	 .aid = {{6, 1}, SIG_SEM_DEFAULT}},
+
+	/* RSA-PSS */
+	{.name = "RSA-PSS-SHA256",
+	 .oid = PK_PKIX1_RSA_PSS_OID,
+	 .id = GNUTLS_SIGN_RSA_PSS_SHA256,
+	 .pk = GNUTLS_PK_RSA_PSS,
+	 .priv_pk = GNUTLS_PK_RSA, /* PKCS#11 doesn't separate RSA from RSA-PSS privkeys */
+	 .hash = GNUTLS_DIG_SHA256,
+	 .flags = GNUTLS_SIGN_FLAG_TLS13_OK,
+	 .aid = {{8, 9}, SIG_SEM_DEFAULT}},
+	{.name = "RSA-PSS-RSAE-SHA256",
+	 .oid = PK_PKIX1_RSA_PSS_OID,
+	 .id = GNUTLS_SIGN_RSA_PSS_RSAE_SHA256,
+	 .pk = GNUTLS_PK_RSA_PSS,
+	 .cert_pk = GNUTLS_PK_RSA,
+	 .priv_pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_SHA256,
+	 .flags = GNUTLS_SIGN_FLAG_TLS13_OK,
+	 .aid = {{8, 4}, SIG_SEM_DEFAULT}},
+	{.name = "RSA-PSS-SHA384",
+	 .oid = PK_PKIX1_RSA_PSS_OID,
+	 .id = GNUTLS_SIGN_RSA_PSS_SHA384,
+	 .pk = GNUTLS_PK_RSA_PSS,
+	 .priv_pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_SHA384,
+	 .flags = GNUTLS_SIGN_FLAG_TLS13_OK,
+	 .aid = {{8, 0x0A}, SIG_SEM_DEFAULT}},
+	{.name = "RSA-PSS-RSAE-SHA384",
+	 .oid = PK_PKIX1_RSA_PSS_OID,
+	 .id = GNUTLS_SIGN_RSA_PSS_RSAE_SHA384,
+	 .pk = GNUTLS_PK_RSA_PSS,
+	 .cert_pk = GNUTLS_PK_RSA,
+	 .priv_pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_SHA384,
+	 .flags = GNUTLS_SIGN_FLAG_TLS13_OK,
+	 .aid = {{8, 5}, SIG_SEM_DEFAULT}},
+	{.name = "RSA-PSS-SHA512",
+	 .oid = PK_PKIX1_RSA_PSS_OID,
+	 .id = GNUTLS_SIGN_RSA_PSS_SHA512,
+	 .pk = GNUTLS_PK_RSA_PSS,
+	 .priv_pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_SHA512,
+	 .flags = GNUTLS_SIGN_FLAG_TLS13_OK,
+	 .aid = {{8, 0x0B}, SIG_SEM_DEFAULT}},
+	{.name = "RSA-PSS-RSAE-SHA512",
+	 .oid = PK_PKIX1_RSA_PSS_OID,
+	 .id = GNUTLS_SIGN_RSA_PSS_RSAE_SHA512,
+	 .pk = GNUTLS_PK_RSA_PSS,
+	 .cert_pk = GNUTLS_PK_RSA,
+	 .priv_pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_SHA512,
+	 .flags = GNUTLS_SIGN_FLAG_TLS13_OK,
+	 .aid = {{8, 6}, SIG_SEM_DEFAULT}},
+
+	 /* Ed25519: The hash algorithm here is set to be SHA512, although that is
+	  * an internal detail of Ed25519; we set it, because CMS/PKCS#7 requires
+	  * that mapping. */
+	 {.name = "EdDSA-Ed25519",
+	 .oid = SIG_EDDSA_SHA512_OID,
+	 .id = GNUTLS_SIGN_EDDSA_ED25519,
+	 .pk = GNUTLS_PK_EDDSA_ED25519,
+	 .hash = GNUTLS_DIG_SHA512,
+	 .flags = GNUTLS_SIGN_FLAG_TLS13_OK,
+	 .aid = {{8, 7}, SIG_SEM_DEFAULT}},
+
+	 /* Ed448: The hash algorithm here is set to be SHAKE256, although that is
+	  * an internal detail of Ed448; we set it, because CMS/PKCS#7 requires
+	  * that mapping. */
+	 {.name = "EdDSA-Ed448",
+	 .oid = SIG_ED448_OID,
+	 .id = GNUTLS_SIGN_EDDSA_ED448,
+	 .pk = GNUTLS_PK_EDDSA_ED448,
+	 .hash = GNUTLS_DIG_SHAKE_256,
+	 .flags = GNUTLS_SIGN_FLAG_TLS13_OK,
+	 .aid = {{8, 8}, SIG_SEM_DEFAULT},
+	 .hash_output_size = 114},
+
+	 /* ECDSA */
+	 /* The following three signature algorithms
+	  * have different semantics when used under TLS 1.2
+	  * or TLS 1.3. Under the former they behave as the
+	  * as ECDSA signed by SHAXXX by any curve, but under the
+	  * latter they are restricted to a single curve.
+	  * For this reason the ECDSA-SHAXXX algorithms act
+	  * as an alias to them. */
+	 /* we have intentionally the ECDSA-SHAXXX algorithms first
+	  * so that gnutls_pk_to_sign() will return these. */
+	{.name = "ECDSA-SHA256",
+	 .oid = "1.2.840.10045.4.3.2",
+	 .id = GNUTLS_SIGN_ECDSA_SHA256,
+	 .pk = GNUTLS_PK_ECDSA,
+	 .hash = GNUTLS_DIG_SHA256,
+	 .aid = {{4, 3}, SIG_SEM_PRE_TLS12}},
+	{.name = "ECDSA-SHA384",
+	 .oid = "1.2.840.10045.4.3.3",
+	 .id = GNUTLS_SIGN_ECDSA_SHA384,
+	 .pk = GNUTLS_PK_ECDSA,
+	 .hash = GNUTLS_DIG_SHA384,
+	 .aid = {{5, 3}, SIG_SEM_PRE_TLS12}},
+	{.name = "ECDSA-SHA512",
+	 .oid = "1.2.840.10045.4.3.4",
+	 .id = GNUTLS_SIGN_ECDSA_SHA512,
+	 .pk = GNUTLS_PK_ECDSA,
+	 .hash = GNUTLS_DIG_SHA512,
+	 .aid = {{6, 3}, SIG_SEM_PRE_TLS12}},
+
+	{.name = "ECDSA-SECP256R1-SHA256",
+	 .id = GNUTLS_SIGN_ECDSA_SECP256R1_SHA256,
+	 .pk = GNUTLS_PK_ECDSA,
+	 .curve = GNUTLS_ECC_CURVE_SECP256R1,
+	 .hash = GNUTLS_DIG_SHA256,
+	 .flags = GNUTLS_SIGN_FLAG_TLS13_OK,
+	 .aid = {{4, 3}, SIG_SEM_TLS13}},
+	{.name = "ECDSA-SECP384R1-SHA384",
+	 .id = GNUTLS_SIGN_ECDSA_SECP384R1_SHA384,
+	 .pk = GNUTLS_PK_ECDSA,
+	 .curve = GNUTLS_ECC_CURVE_SECP384R1,
+	 .hash = GNUTLS_DIG_SHA384,
+	 .flags = GNUTLS_SIGN_FLAG_TLS13_OK,
+	 .aid = {{5, 3}, SIG_SEM_TLS13}},
+	{.name = "ECDSA-SECP521R1-SHA512",
+	 .id = GNUTLS_SIGN_ECDSA_SECP521R1_SHA512,
+	 .pk = GNUTLS_PK_ECDSA,
+	 .curve = GNUTLS_ECC_CURVE_SECP521R1,
+	 .hash = GNUTLS_DIG_SHA512,
+	 .flags = GNUTLS_SIGN_FLAG_TLS13_OK,
+	 .aid = {{6, 3}, SIG_SEM_TLS13}},
+
+	 /* ECDSA-SHA3 */
+	{.name = "ECDSA-SHA3-224",
+	 .oid = SIG_ECDSA_SHA3_224_OID,
+	 .id = GNUTLS_SIGN_ECDSA_SHA3_224,
+	 .pk = GNUTLS_PK_EC,
+	 .hash = GNUTLS_DIG_SHA3_224,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "ECDSA-SHA3-256",
+	 .oid = SIG_ECDSA_SHA3_256_OID,
+	 .id = GNUTLS_SIGN_ECDSA_SHA3_256,
+	 .pk = GNUTLS_PK_EC,
+	 .hash = GNUTLS_DIG_SHA3_256,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "ECDSA-SHA3-384",
+	 .oid = SIG_ECDSA_SHA3_384_OID,
+	 .id = GNUTLS_SIGN_ECDSA_SHA3_384,
+	 .pk = GNUTLS_PK_EC,
+	 .hash = GNUTLS_DIG_SHA3_384,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "ECDSA-SHA3-512",
+	 .oid = SIG_ECDSA_SHA3_512_OID,
+	 .id = GNUTLS_SIGN_ECDSA_SHA3_512,
+	 .pk = GNUTLS_PK_EC,
+	 .hash = GNUTLS_DIG_SHA3_512,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "RSA-SHA3-224",
+	 .oid = SIG_RSA_SHA3_224_OID,
+	 .id = GNUTLS_SIGN_RSA_SHA3_224,
+	 .pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_SHA3_224,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "RSA-SHA3-256",
+	 .oid = SIG_RSA_SHA3_256_OID,
+	 .id = GNUTLS_SIGN_RSA_SHA3_256,
+	 .pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_SHA3_256,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "RSA-SHA3-384",
+	 .oid = SIG_RSA_SHA3_384_OID,
+	 .id = GNUTLS_SIGN_RSA_SHA3_384,
+	 .pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_SHA3_384,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "RSA-SHA3-512",
+	 .oid = SIG_RSA_SHA3_512_OID,
+	 .id = GNUTLS_SIGN_RSA_SHA3_512,
+	 .pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_SHA3_512,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+
+	 /* DSA-SHA3 */
+	{.name = "DSA-SHA3-224",
+	 .oid = SIG_DSA_SHA3_224_OID,
+	 .id = GNUTLS_SIGN_DSA_SHA3_224,
+	 .pk = GNUTLS_PK_DSA,
+	 .hash = GNUTLS_DIG_SHA3_224,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "DSA-SHA3-256",
+	 .oid = SIG_DSA_SHA3_256_OID,
+	 .id = GNUTLS_SIGN_DSA_SHA3_256,
+	 .pk = GNUTLS_PK_DSA,
+	 .hash = GNUTLS_DIG_SHA3_256,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "DSA-SHA3-384",
+	 .oid = SIG_DSA_SHA3_384_OID,
+	 .id = GNUTLS_SIGN_DSA_SHA3_384,
+	 .pk = GNUTLS_PK_DSA,
+	 .hash = GNUTLS_DIG_SHA3_384,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "DSA-SHA3-512",
+	 .oid = SIG_DSA_SHA3_512_OID,
+	 .id = GNUTLS_SIGN_DSA_SHA3_512,
+	 .pk = GNUTLS_PK_DSA,
+	 .hash = GNUTLS_DIG_SHA3_512,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+
+	 /* legacy */
+	{.name = "RSA-RAW",
+	 .oid = NULL,
+	 .id = GNUTLS_SIGN_RSA_RAW,
+	 .pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_UNKNOWN,
+	 .aid = TLS_SIGN_AID_UNKNOWN
+	},
+	{.name = "RSA-SHA1",
+	 .oid = SIG_RSA_SHA1_OID,
+	 .id = GNUTLS_SIGN_RSA_SHA1,
+	 .pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_SHA1,
+	 .slevel = SHA1_SECURE_VAL,
+	 .aid = {{2, 1}, SIG_SEM_DEFAULT}},
+	{.name = "RSA-SHA1",
+	 .oid = ISO_SIG_RSA_SHA1_OID,
+	 .id = GNUTLS_SIGN_RSA_SHA1,
+	 .pk = GNUTLS_PK_RSA,
+	 .slevel = SHA1_SECURE_VAL,
+	 .hash = GNUTLS_DIG_SHA1,
+	 .aid = {{2, 1}, SIG_SEM_DEFAULT}},
+	{.name = "RSA-SHA224",
+	 .oid = SIG_RSA_SHA224_OID,
+	 .id = GNUTLS_SIGN_RSA_SHA224,
+	 .pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_SHA224,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "RSA-RMD160",
+	 .oid = SIG_RSA_RMD160_OID,
+	 .id = GNUTLS_SIGN_RSA_RMD160,
+	 .pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_RMD160,
+	 .slevel = _INSECURE_FOR_CERTS,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "DSA-SHA1",
+	 .oid = SIG_DSA_SHA1_OID,
+	 .id = GNUTLS_SIGN_DSA_SHA1,
+	 .pk = GNUTLS_PK_DSA,
+	 .slevel = SHA1_SECURE_VAL,
+	 .hash = GNUTLS_DIG_SHA1,
+	 .aid = {{2, 2}, SIG_SEM_PRE_TLS12}},
+	{.name = "DSA-SHA1",
+	 .oid = "1.3.14.3.2.27",
+	 .id = GNUTLS_SIGN_DSA_SHA1,
+	 .pk = GNUTLS_PK_DSA,
+	 .hash = GNUTLS_DIG_SHA1,
+	 .slevel = SHA1_SECURE_VAL,
+	 .aid = {{2, 2}, SIG_SEM_PRE_TLS12}},
+	{.name = "DSA-SHA224",
+	 .oid = SIG_DSA_SHA224_OID,
+	 .id = GNUTLS_SIGN_DSA_SHA224,
+	 .pk = GNUTLS_PK_DSA,
+	 .hash = GNUTLS_DIG_SHA224,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "DSA-SHA256",
+	 .oid = SIG_DSA_SHA256_OID,
+	 .id = GNUTLS_SIGN_DSA_SHA256,
+	 .pk = GNUTLS_PK_DSA,
+	 .hash = GNUTLS_DIG_SHA256,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "RSA-MD5",
+	 .oid = SIG_RSA_MD5_OID,
+	 .id = GNUTLS_SIGN_RSA_MD5,
+	 .pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_MD5,
+	 .slevel = _INSECURE,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "RSA-MD5",
+	 .oid = "1.3.14.3.2.25",
+	 .id = GNUTLS_SIGN_RSA_MD5,
+	 .pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_MD5,
+	 .slevel = _INSECURE,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "RSA-MD2",
+	 .oid = SIG_RSA_MD2_OID,
+	 .id = GNUTLS_SIGN_RSA_MD2,
+	 .pk = GNUTLS_PK_RSA,
+	 .hash = GNUTLS_DIG_MD2,
+	 .slevel = _INSECURE,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "ECDSA-SHA1",
+	 .oid = "1.2.840.10045.4.1",
+	 .id = GNUTLS_SIGN_ECDSA_SHA1,
+	 .pk = GNUTLS_PK_EC,
+	 .slevel = SHA1_SECURE_VAL,
+	 .hash = GNUTLS_DIG_SHA1,
+	 .aid = {{2, 3}, SIG_SEM_DEFAULT}},
+	{.name = "ECDSA-SHA224",
+	 .oid = "1.2.840.10045.4.3.1",
+	 .id = GNUTLS_SIGN_ECDSA_SHA224,
+	 .pk = GNUTLS_PK_EC,
+	 .hash = GNUTLS_DIG_SHA224,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	/* GOST R 34.10-2012-512 */
+	{.name = "GOSTR341012-512",
+	 .oid = SIG_GOST_R3410_2012_512_OID,
+	 .id = GNUTLS_SIGN_GOST_512,
+	 .pk = GNUTLS_PK_GOST_12_512,
+	 .hash = GNUTLS_DIG_STREEBOG_512,
+	 .flags = GNUTLS_SIGN_FLAG_CRT_VRFY_REVERSE,
+	 .aid = {{8, 65}, SIG_SEM_PRE_TLS12}},
+	/* GOST R 34.10-2012-256 */
+	{.name = "GOSTR341012-256",
+	 .oid = SIG_GOST_R3410_2012_256_OID,
+	 .id = GNUTLS_SIGN_GOST_256,
+	 .pk = GNUTLS_PK_GOST_12_256,
+	 .hash = GNUTLS_DIG_STREEBOG_256,
+	 .flags = GNUTLS_SIGN_FLAG_CRT_VRFY_REVERSE,
+	 .aid = {{8, 64}, SIG_SEM_PRE_TLS12}},
+	/* GOST R 34.10-2001 */
+	{.name = "GOSTR341001",
+	 .oid = SIG_GOST_R3410_2001_OID,
+	 .id = GNUTLS_SIGN_GOST_94,
+	 .pk = GNUTLS_PK_GOST_01,
+	 .hash = GNUTLS_DIG_GOSTR_94,
+	 .flags = GNUTLS_SIGN_FLAG_CRT_VRFY_REVERSE,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	/* GOST R 34.10-94 */
+	{.name = "GOSTR341094",
+	 .oid = SIG_GOST_R3410_94_OID,
+	 .id = 0,
+	 .pk = 0,
+	 .hash = 0,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "DSA-SHA384",
+	 .oid = SIG_DSA_SHA384_OID,
+	 .id = GNUTLS_SIGN_DSA_SHA384,
+	 .pk = GNUTLS_PK_DSA,
+	 .hash = GNUTLS_DIG_SHA384,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+	{.name = "DSA-SHA512",
+	 .oid = SIG_DSA_SHA512_OID,
+	 .id = GNUTLS_SIGN_DSA_SHA512,
+	 .pk = GNUTLS_PK_DSA,
+	 .hash = GNUTLS_DIG_SHA512,
+	 .aid = TLS_SIGN_AID_UNKNOWN},
+
+	{.name = 0,
+	 .oid = 0,
+	 .id = 0,
+	 .pk = 0,
+	 .hash = 0,
+	 .aid = TLS_SIGN_AID_UNKNOWN}
+};
+
+#define GNUTLS_SIGN_LOOP(b) \
+  do {								       \
+    const gnutls_sign_entry_st *p;					       \
+    for(p = sign_algorithms; p->name != NULL; p++) { b ; }	       \
+  } while (0)
+
+#define GNUTLS_SIGN_ALG_LOOP(a) \
+  GNUTLS_SIGN_LOOP( if(p->id && p->id == sign) { a; break; } )
+
+/**
+ * gnutls_sign_get_name:
+ * @algorithm: is a sign algorithm
+ *
+ * Convert a #gnutls_sign_algorithm_t value to a string.
+ *
+ * Returns: a string that contains the name of the specified sign
+ *   algorithm, or %NULL.
+ **/
+const char *gnutls_sign_get_name(gnutls_sign_algorithm_t algorithm)
+{
+	gnutls_sign_algorithm_t sign = algorithm;
+	const char *ret = NULL;
+
+	/* avoid prefix */
+	GNUTLS_SIGN_ALG_LOOP(ret = p->name);
+
+	return ret;
+}
+
+/**
+ * gnutls_sign_is_secure:
+ * @algorithm: is a sign algorithm
+ *
+ * Returns: Non-zero if the provided signature algorithm is considered to be secure.
+ **/
+unsigned gnutls_sign_is_secure(gnutls_sign_algorithm_t algorithm)
+{
+	return gnutls_sign_is_secure2(algorithm, 0);
+}
+
+bool _gnutls_sign_is_secure2(const gnutls_sign_entry_st *se, unsigned int flags)
+{
+	if (se->hash != GNUTLS_DIG_UNKNOWN &&
+	    _gnutls_digest_is_insecure2(se->hash,
+					flags & GNUTLS_SIGN_FLAG_ALLOW_INSECURE_REVERTIBLE ?
+					GNUTLS_MAC_FLAG_ALLOW_INSECURE_REVERTIBLE :
+					0)) {
+		return gnutls_assert_val(false);
+	}
+
+	return (flags & GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS ?
+		se->slevel == _SECURE :
+		(se->slevel == _SECURE || se->slevel == _INSECURE_FOR_CERTS)) ||
+		(flags & GNUTLS_SIGN_FLAG_ALLOW_INSECURE_REVERTIBLE &&
+		 se->flags & GNUTLS_SIGN_FLAG_INSECURE_REVERTIBLE);
+}
+
+/* This is only called by cfg_apply in priority.c, in blocklisting mode. */
+int _gnutls_sign_mark_insecure(gnutls_sign_algorithm_t sign, hash_security_level_t level)
+{
+#ifndef DISABLE_SYSTEM_CONFIG
+	gnutls_sign_entry_st *p;
+
+	if (unlikely(level == _SECURE))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	for(p = sign_algorithms; p->name != NULL; p++) {
+		if (p->id && p->id == sign) {
+			if (p->slevel < level)
+				p->slevel = level;
+			return 0;
+		}
+	}
+#endif
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+}
+
+/* This is only called by cfg_apply in priority.c, in allowlisting mode. */
+void _gnutls_sign_mark_insecure_all(hash_security_level_t level)
+{
+#ifndef DISABLE_SYSTEM_CONFIG
+	gnutls_sign_entry_st *p;
+
+	for(p = sign_algorithms; p->name != NULL; p++) {
+		if (p->slevel < level)
+			p->slevel = level;
+		p->flags |= GNUTLS_SIGN_FLAG_INSECURE_REVERTIBLE;
+	}
+#endif
+}
+
+int
+_gnutls_sign_set_secure(gnutls_sign_algorithm_t sign,
+			hash_security_level_t slevel)
+{
+#ifndef DISABLE_SYSTEM_CONFIG
+	gnutls_sign_entry_st *p;
+
+	for(p = sign_algorithms; p->name != NULL; p++) {
+		if (p->id && p->id == sign) {
+			if (!(p->flags & GNUTLS_SIGN_FLAG_INSECURE_REVERTIBLE)) {
+				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+			}
+			p->slevel = slevel;
+			return 0;
+		}
+	}
+#endif
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+}
+
+/**
+ * gnutls_sign_is_secure2:
+ * @algorithm: is a sign algorithm
+ * @flags: zero or %GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS
+ *
+ * Returns: Non-zero if the provided signature algorithm is considered to be secure.
+ **/
+unsigned gnutls_sign_is_secure2(gnutls_sign_algorithm_t algorithm, unsigned int flags)
+{
+	const gnutls_sign_entry_st *se;
+
+	se = _gnutls_sign_to_entry(algorithm);
+	if (se == NULL)
+		return 0;
+
+	return _gnutls_sign_is_secure2(se, flags);
+}
+
+/**
+ * gnutls_sign_list:
+ *
+ * Get a list of supported public key signature algorithms.
+ * This function is not thread safe.
+ *
+ * Returns: a (0)-terminated list of #gnutls_sign_algorithm_t
+ *   integers indicating the available ciphers.
+ *
+ **/
+const gnutls_sign_algorithm_t *gnutls_sign_list(void)
+{
+	static gnutls_sign_algorithm_t supported_sign[MAX_ALGOS+1] = { 0 };
+
+	if (supported_sign[0] == 0) {
+		int i = 0;
+
+		GNUTLS_SIGN_LOOP(
+			/* list all algorithms, but not duplicates */
+			if (supported_sign[i] != p->id &&
+			    _gnutls_pk_sign_exists(p->id)) {
+				assert(i+1 < MAX_ALGOS);
+				supported_sign[i++] = p->id;
+				supported_sign[i+1] = 0;
+			}
+		);
+	}
+
+	return supported_sign;
+}
+
+/**
+ * gnutls_sign_get_id:
+ * @name: is a sign algorithm name
+ *
+ * The names are compared in a case insensitive way.
+ *
+ * Returns: return a #gnutls_sign_algorithm_t value corresponding to
+ *   the specified algorithm, or %GNUTLS_SIGN_UNKNOWN on error.
+ **/
+gnutls_sign_algorithm_t gnutls_sign_get_id(const char *name)
+{
+	gnutls_sign_algorithm_t ret = GNUTLS_SIGN_UNKNOWN;
+
+	GNUTLS_SIGN_LOOP(
+		if (c_strcasecmp(p->name, name) == 0) {
+			ret = p->id;
+			break;
+		}
+	);
+
+	return ret;
+
+}
+
+const gnutls_sign_entry_st *_gnutls_oid_to_sign_entry(const char *oid)
+{
+	GNUTLS_SIGN_LOOP(
+		if (p->oid && strcmp(oid, p->oid) == 0) {
+			return p;
+		}
+	);
+	return NULL;
+}
+
+/**
+ * gnutls_oid_to_sign:
+ * @oid: is an object identifier
+ *
+ * Converts a textual object identifier to a #gnutls_sign_algorithm_t value.
+ *
+ * Returns: a #gnutls_sign_algorithm_t id of the specified digest
+ *   algorithm, or %GNUTLS_SIGN_UNKNOWN on failure.
+ *
+ * Since: 3.4.3
+ **/
+gnutls_sign_algorithm_t gnutls_oid_to_sign(const char *oid)
+{
+	const gnutls_sign_entry_st *se;
+
+	se = _gnutls_oid_to_sign_entry(oid);
+	if (se == NULL) {
+		_gnutls_debug_log("Unknown SIGN OID: '%s'\n", oid);
+		return GNUTLS_SIGN_UNKNOWN;
+	}
+	return se->id;
+}
+
+const gnutls_sign_entry_st *_gnutls_pk_to_sign_entry(gnutls_pk_algorithm_t pk, gnutls_digest_algorithm_t hash)
+{
+	GNUTLS_SIGN_LOOP(
+		if (pk == p->pk && hash == p->hash) {
+			return p;
+		}
+	);
+
+	return NULL;
+}
+
+/**
+ * gnutls_pk_to_sign:
+ * @pk: is a public key algorithm
+ * @hash: a hash algorithm
+ *
+ * This function maps public key and hash algorithms combinations
+ * to signature algorithms.
+ *
+ * Returns: return a #gnutls_sign_algorithm_t value, or %GNUTLS_SIGN_UNKNOWN on error.
+ **/
+gnutls_sign_algorithm_t
+gnutls_pk_to_sign(gnutls_pk_algorithm_t pk, gnutls_digest_algorithm_t hash)
+{
+	const gnutls_sign_entry_st *e;
+
+	e = _gnutls_pk_to_sign_entry(pk, hash);
+	if (e == NULL)
+		return GNUTLS_SIGN_UNKNOWN;
+	return e->id;
+}
+
+/**
+ * gnutls_sign_get_oid:
+ * @sign: is a sign algorithm
+ *
+ * Convert a #gnutls_sign_algorithm_t value to its object identifier.
+ *
+ * Returns: a string that contains the object identifier of the specified sign
+ *   algorithm, or %NULL.
+ *
+ * Since: 3.4.3
+ **/
+const char *gnutls_sign_get_oid(gnutls_sign_algorithm_t sign)
+{
+	const char *ret = NULL;
+
+	GNUTLS_SIGN_ALG_LOOP(ret = p->oid);
+
+	return ret;
+}
+
+/**
+ * gnutls_sign_get_hash_algorithm:
+ * @sign: is a signature algorithm
+ *
+ * This function returns the digest algorithm corresponding to
+ * the given signature algorithms.
+ *
+ * Since: 3.1.1
+ *
+ * Returns: return a #gnutls_digest_algorithm_t value, or %GNUTLS_DIG_UNKNOWN on error.
+ **/
+gnutls_digest_algorithm_t
+gnutls_sign_get_hash_algorithm(gnutls_sign_algorithm_t sign)
+{
+	gnutls_digest_algorithm_t ret = GNUTLS_DIG_UNKNOWN;
+
+	GNUTLS_SIGN_ALG_LOOP(ret = p->hash);
+
+	return ret;
+}
+
+/**
+ * gnutls_sign_get_pk_algorithm:
+ * @sign: is a signature algorithm
+ *
+ * This function returns the public key algorithm corresponding to
+ * the given signature algorithms. Note that there may be multiple
+ * public key algorithms supporting a particular signature type;
+ * when dealing with such algorithms use instead gnutls_sign_supports_pk_algorithm().
+ *
+ * Since: 3.1.1
+ *
+ * Returns: return a #gnutls_pk_algorithm_t value, or %GNUTLS_PK_UNKNOWN on error.
+ **/
+gnutls_pk_algorithm_t
+gnutls_sign_get_pk_algorithm(gnutls_sign_algorithm_t sign)
+{
+	gnutls_pk_algorithm_t ret = GNUTLS_PK_UNKNOWN;
+
+	GNUTLS_SIGN_ALG_LOOP(ret = p->pk);
+
+	return ret;
+}
+
+/**
+ * gnutls_sign_supports_pk_algorithm:
+ * @sign: is a signature algorithm
+ * @pk: is a public key algorithm
+ *
+ * This function returns non-zero if the public key algorithm corresponds to
+ * the given signature algorithm. That is, if that signature can be generated
+ * from the given private key algorithm.
+ *
+ * Since: 3.6.0
+ *
+ * Returns: return non-zero when the provided algorithms are compatible.
+ **/
+unsigned
+gnutls_sign_supports_pk_algorithm(gnutls_sign_algorithm_t sign, gnutls_pk_algorithm_t pk)
+{
+	const gnutls_sign_entry_st *p;
+	unsigned r;
+
+	for(p = sign_algorithms; p->name != NULL; p++) {
+		if (p->id && p->id == sign) {
+			r = sign_supports_priv_pk_algorithm(p, pk);
+			if (r != 0)
+				return r;
+		}
+	}
+
+	return 0;
+}
+
+gnutls_sign_algorithm_t
+_gnutls_tls_aid_to_sign(uint8_t id0, uint8_t id1, const version_entry_st *ver)
+{
+	gnutls_sign_algorithm_t ret = GNUTLS_SIGN_UNKNOWN;
+
+	if (id0 == 255 && id1 == 255)
+		return ret;
+
+	GNUTLS_SIGN_LOOP(
+		if (p->aid.id[0] == id0 &&
+		     p->aid.id[1] == id1 &&
+		     ((p->aid.tls_sem & ver->tls_sig_sem) != 0)) {
+
+			ret = p->id;
+			break;
+		}
+	);
+
+	return ret;
+}
+
+/* Returns NULL if a valid AID is not found
+ */
+const sign_algorithm_st *_gnutls_sign_to_tls_aid(gnutls_sign_algorithm_t
+						 sign)
+{
+	const sign_algorithm_st *ret = NULL;
+
+	GNUTLS_SIGN_ALG_LOOP(ret = &p->aid);
+
+	if (ret != NULL && HAVE_UNKNOWN_SIGAID(ret))
+		return NULL;
+
+	return ret;
+}
+
+const gnutls_sign_entry_st *_gnutls_sign_to_entry(gnutls_sign_algorithm_t sign)
+{
+	const gnutls_sign_entry_st *ret = NULL;
+
+	GNUTLS_SIGN_ALG_LOOP(ret = p);
+
+	return ret;
+}
+
+const gnutls_sign_entry_st *
+_gnutls_tls_aid_to_sign_entry(uint8_t id0, uint8_t id1, const version_entry_st *ver)
+{
+	if (id0 == 255 && id1 == 255)
+		return NULL;
+
+	GNUTLS_SIGN_LOOP(
+		if (p->aid.id[0] == id0 &&
+		     p->aid.id[1] == id1 &&
+		     ((p->aid.tls_sem & ver->tls_sig_sem) != 0)) {
+
+			return p;
+		}
+	);
+
+	return NULL;
+}
+
+const gnutls_sign_entry_st *
+_gnutls13_sign_get_compatible_with_privkey(gnutls_privkey_t privkey)
+{
+	GNUTLS_SIGN_LOOP(
+		if ((p->flags & GNUTLS_SIGN_FLAG_TLS13_OK) &&
+		    _gnutls_privkey_compatible_with_sig(privkey, p->id)) {
+			return p;
+		}
+	);
+
+	return NULL;
+}
+
+unsigned
+_gnutls_sign_get_hash_strength(gnutls_sign_algorithm_t sign)
+{
+	const gnutls_sign_entry_st *se = _gnutls_sign_to_entry(sign);
+	const mac_entry_st *me;
+	unsigned hash_output_size;
+
+	if (unlikely(se == NULL))
+		return 0;
+
+	me = hash_to_entry(se->hash);
+	if (unlikely(me == NULL))
+		return 0;
+
+	if (se->hash_output_size > 0)
+		hash_output_size = se->hash_output_size;
+	else
+		hash_output_size = _gnutls_mac_get_algo_len(me);
+
+	if (me->id == GNUTLS_MAC_SHAKE_128)
+		return MIN(hash_output_size*8/2, 128);
+	else if (me->id == GNUTLS_MAC_SHAKE_256)
+		return MIN(hash_output_size*8/2, 256);
+
+	return hash_output_size*8/2;
+}
diff --git a/lib/anon_cred.c b/lib/anon_cred.c
new file mode 100644
index 0000000..49c273a
--- /dev/null
+++ b/lib/anon_cred.c
@@ -0,0 +1,199 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+
+#ifdef ENABLE_ANON
+
+#include "errors.h"
+#include <auth/anon.h>
+#include "auth.h"
+#include "dh.h"
+#include "num.h"
+#include "mpi.h"
+
+/**
+ * gnutls_anon_free_server_credentials:
+ * @sc: is a #gnutls_anon_server_credentials_t type.
+ *
+ * Free a gnutls_anon_server_credentials_t structure.
+ **/
+void
+gnutls_anon_free_server_credentials(gnutls_anon_server_credentials_t sc)
+{
+	if (sc->deinit_dh_params) {
+		gnutls_dh_params_deinit(sc->dh_params);
+	}
+	gnutls_free(sc);
+}
+
+/**
+ * gnutls_anon_allocate_server_credentials:
+ * @sc: is a pointer to a #gnutls_anon_server_credentials_t type.
+ *
+ * Allocate a gnutls_anon_server_credentials_t structure.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ **/
+int
+gnutls_anon_allocate_server_credentials(gnutls_anon_server_credentials_t *
+					sc)
+{
+
+	*sc = gnutls_calloc(1, sizeof(anon_server_credentials_st));
+
+	return 0;
+}
+
+
+/**
+ * gnutls_anon_free_client_credentials:
+ * @sc: is a #gnutls_anon_client_credentials_t type.
+ *
+ * Free a gnutls_anon_client_credentials_t structure.
+ **/
+void
+gnutls_anon_free_client_credentials(gnutls_anon_client_credentials_t sc)
+{
+}
+
+static struct gnutls_anon_client_credentials_st anon_dummy_struct;
+static const gnutls_anon_client_credentials_t anon_dummy =
+    &anon_dummy_struct;
+
+/**
+ * gnutls_anon_allocate_client_credentials:
+ * @sc: is a pointer to a #gnutls_anon_client_credentials_t type.
+ *
+ * Allocate a gnutls_anon_client_credentials_t structure.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ **/
+int
+gnutls_anon_allocate_client_credentials(gnutls_anon_client_credentials_t *
+					sc)
+{
+	/* anon_dummy is only there for *sc not to be null.
+	 * it is not used at all;
+	 */
+	*sc = anon_dummy;
+
+	return 0;
+}
+
+/**
+ * gnutls_anon_set_server_dh_params:
+ * @res: is a gnutls_anon_server_credentials_t type
+ * @dh_params: The Diffie-Hellman parameters.
+ *
+ * This function will set the Diffie-Hellman parameters for an
+ * anonymous server to use.  These parameters will be used in
+ * Anonymous Diffie-Hellman cipher suites.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ **/
+void
+gnutls_anon_set_server_dh_params(gnutls_anon_server_credentials_t res,
+				 gnutls_dh_params_t dh_params)
+{
+	if (res->deinit_dh_params) {
+		res->deinit_dh_params = 0;
+		gnutls_dh_params_deinit(res->dh_params);
+		res->dh_params = NULL;
+	}
+
+	res->dh_params = dh_params;
+	res->dh_sec_param = gnutls_pk_bits_to_sec_param(GNUTLS_PK_DH, _gnutls_mpi_get_nbits(dh_params->params[0]));
+}
+
+/**
+ * gnutls_anon_set_server_known_dh_params:
+ * @res: is a gnutls_anon_server_credentials_t type
+ * @sec_param: is an option of the %gnutls_sec_param_t enumeration
+ *
+ * This function will set the Diffie-Hellman parameters for an
+ * anonymous server to use.  These parameters will be used in
+ * Anonymous Diffie-Hellman cipher suites and will be selected from
+ * the FFDHE set of RFC7919 according to the security level provided.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.6
+ **/
+int
+gnutls_anon_set_server_known_dh_params(gnutls_anon_server_credentials_t res,
+					gnutls_sec_param_t sec_param)
+{
+	res->dh_sec_param = sec_param;
+
+	return 0;
+}
+
+/**
+ * gnutls_anon_set_server_params_function:
+ * @res: is a gnutls_certificate_credentials_t type
+ * @func: is the function to be called
+ *
+ * This function will set a callback in order for the server to get
+ * the Diffie-Hellman parameters for anonymous authentication.  The
+ * callback should return %GNUTLS_E_SUCCESS (0) on success.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
+ **/
+void
+gnutls_anon_set_server_params_function(gnutls_anon_server_credentials_t
+				       res, gnutls_params_function * func)
+{
+	res->params_func = func;
+}
+
+/**
+ * gnutls_anon_set_params_function:
+ * @res: is a gnutls_anon_server_credentials_t type
+ * @func: is the function to be called
+ *
+ * This function will set a callback in order for the server to get
+ * the Diffie-Hellman or RSA parameters for anonymous authentication.
+ * The callback should return %GNUTLS_E_SUCCESS (0) on success.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
+ **/
+void
+gnutls_anon_set_params_function(gnutls_anon_server_credentials_t res,
+				gnutls_params_function * func)
+{
+	res->params_func = func;
+}
+#endif
diff --git a/lib/atfork.c b/lib/atfork.c
new file mode 100644
index 0000000..8d85176
--- /dev/null
+++ b/lib/atfork.c
@@ -0,0 +1,79 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2014 Red Hat
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include <config.h>
+#include "gnutls_int.h"
+#include "errors.h"
+
+#include <sys/socket.h>
+#include <errno.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <atfork.h>
+
+unsigned int _gnutls_forkid = 0;
+
+#ifndef _WIN32
+
+# ifdef HAVE_ATFORK
+static void fork_handler(void)
+{
+	_gnutls_forkid++;
+}
+# endif
+
+# if defined(HAVE___REGISTER_ATFORK)
+extern int __register_atfork(void (*)(void), void(*)(void), void (*)(void), void *);
+extern void *__dso_handle;
+
+int _gnutls_register_fork_handler(void)
+{
+	if (__register_atfork(NULL, NULL, fork_handler, __dso_handle) != 0)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	return 0;
+}
+
+# else
+
+unsigned int _gnutls_get_forkid(void)
+{
+	return getpid();
+}
+
+int _gnutls_detect_fork(unsigned int forkid)
+{
+	if ((unsigned int)getpid() == forkid)
+		return 0;
+	return 1;
+}
+
+/* we have to detect fork manually */
+int _gnutls_register_fork_handler(void)
+{
+	_gnutls_forkid = getpid();
+	return 0;
+}
+
+# endif
+
+#endif /* !_WIN32 */
diff --git a/lib/atfork.h b/lib/atfork.h
new file mode 100644
index 0000000..8c779ef
--- /dev/null
+++ b/lib/atfork.h
@@ -0,0 +1,64 @@
+/*
+ * Copyright (C) 2014 Red Hat
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_ATFORK_H
+#define GNUTLS_LIB_ATFORK_H
+
+#include <config.h>
+#include "gnutls_int.h"
+
+extern unsigned int _gnutls_forkid;
+
+#if defined(HAVE___REGISTER_ATFORK)
+# define HAVE_ATFORK
+#endif
+
+#ifndef _WIN32
+
+/* API */
+int _gnutls_register_fork_handler(void); /* global init */
+
+# if defined(HAVE_ATFORK)
+inline static int _gnutls_detect_fork(unsigned int forkid)
+{
+	if (forkid == _gnutls_forkid)
+		return 0;
+	return 1;
+}
+
+inline static unsigned int _gnutls_get_forkid(void)
+{
+	return _gnutls_forkid;
+}
+# else
+int _gnutls_detect_fork(unsigned int forkid);
+unsigned int _gnutls_get_forkid(void);
+# endif
+
+#else
+
+# define _gnutls_detect_fork(x) 0
+# define _gnutls_get_forkid() 0
+
+#endif
+
+#endif /* GNUTLS_LIB_ATFORK_H */
diff --git a/lib/atomic.h b/lib/atomic.h
new file mode 100644
index 0000000..b6db703
--- /dev/null
+++ b/lib/atomic.h
@@ -0,0 +1,81 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_ATOMIC_H
+#define GNUTLS_LIB_ATOMIC_H
+
+#ifdef HAVE_STDATOMIC_H
+# include <stdatomic.h>
+
+# define gnutls_atomic_uint_t atomic_uint
+# define DEF_ATOMIC_INT(x) atomic_uint x
+# define gnutls_atomic_increment(x) (*x)++
+# define gnutls_atomic_decrement(x) (*x)--
+# define gnutls_atomic_init(x) (*x)=(0)
+# define gnutls_atomic_deinit(x)
+# define gnutls_atomic_val(x) (*x)
+#else
+# include "locks.h"
+
+struct gnutls_atomic_uint_st {
+	void *lock;
+	unsigned int value;
+};
+typedef struct gnutls_atomic_uint_st *gnutls_atomic_uint_t;
+
+# define DEF_ATOMIC_INT(x) struct gnutls_atomic_uint_st x
+
+inline static unsigned gnutls_atomic_val(gnutls_atomic_uint_t x)
+{
+	unsigned int t;
+	gnutls_mutex_lock(&x->lock);
+	t = x->value;
+	gnutls_mutex_unlock(&x->lock);
+	return t;
+}
+
+inline static void gnutls_atomic_increment(gnutls_atomic_uint_t x)
+{
+	gnutls_mutex_lock(&x->lock);
+	x->value++;
+	gnutls_mutex_unlock(&x->lock);
+}
+
+inline static void gnutls_atomic_decrement(gnutls_atomic_uint_t x)
+{
+	gnutls_mutex_lock(&x->lock);
+	x->value--;
+	gnutls_mutex_unlock(&x->lock);
+}
+
+inline static void gnutls_atomic_init(gnutls_atomic_uint_t x)
+{
+	gnutls_mutex_init(&x->lock);
+	x->value = 0;
+}
+inline static void gnutls_atomic_deinit(gnutls_atomic_uint_t x)
+{
+	gnutls_mutex_deinit(&x->lock);
+}
+#endif
+
+#endif /* GNUTLS_LIB_ATOMIC_H */
diff --git a/lib/auth.c b/lib/auth.c
new file mode 100644
index 0000000..7c58bd8
--- /dev/null
+++ b/lib/auth.c
@@ -0,0 +1,473 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "auth.h"
+#include "auth.h"
+#include "algorithms.h"
+#include <auth/cert.h>
+#include <auth/psk.h>
+#include <auth/srp_kx.h>
+#include <auth/anon.h>
+#include <datum.h>
+
+/* The functions here are used in order for authentication algorithms
+ * to be able to retrieve the needed credentials eg public and private
+ * key etc.
+ */
+
+/**
+ * gnutls_credentials_clear:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Clears all the credentials previously set in this session.
+ **/
+void gnutls_credentials_clear(gnutls_session_t session)
+{
+	if (session->key.cred) {	/* beginning of the list */
+		auth_cred_st *ccred, *ncred;
+		ccred = session->key.cred;
+		while (ccred != NULL) {
+			ncred = ccred->next;
+			gnutls_free(ccred);
+			ccred = ncred;
+		}
+		session->key.cred = NULL;
+	}
+}
+
+/* 
+ * This creates a linked list of the form:
+ * { algorithm, credentials, pointer to next }
+ */
+/**
+ * gnutls_credentials_set:
+ * @session: is a #gnutls_session_t type.
+ * @type: is the type of the credentials
+ * @cred: the credentials to set
+ *
+ * Sets the needed credentials for the specified type.  E.g. username,
+ * password - or public and private keys etc.  The @cred parameter is
+ * a structure that depends on the specified type and on the current
+ * session (client or server).
+ *
+ * In order to minimize memory usage, and share credentials between
+ * several threads gnutls keeps a pointer to cred, and not the whole
+ * cred structure.  Thus you will have to keep the structure allocated
+ * until you call gnutls_deinit().
+ *
+ * For %GNUTLS_CRD_ANON, @cred should be
+ * #gnutls_anon_client_credentials_t in case of a client.  In case of
+ * a server it should be #gnutls_anon_server_credentials_t.
+ *
+ * For %GNUTLS_CRD_SRP, @cred should be #gnutls_srp_client_credentials_t
+ * in case of a client, and #gnutls_srp_server_credentials_t, in case
+ * of a server.
+ *
+ * For %GNUTLS_CRD_CERTIFICATE, @cred should be
+ * #gnutls_certificate_credentials_t.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int
+gnutls_credentials_set(gnutls_session_t session,
+		       gnutls_credentials_type_t type, void *cred)
+{
+	auth_cred_st *ccred = NULL, *pcred = NULL;
+	int exists = 0;
+
+	if (session->key.cred == NULL) {	/* beginning of the list */
+
+		session->key.cred = gnutls_malloc(sizeof(auth_cred_st));
+		if (session->key.cred == NULL)
+			return GNUTLS_E_MEMORY_ERROR;
+
+		/* copy credentials locally */
+		session->key.cred->credentials = cred;
+
+		session->key.cred->next = NULL;
+		session->key.cred->algorithm = type;
+	} else {
+		ccred = session->key.cred;
+		while (ccred != NULL) {
+			if (ccred->algorithm == type) {
+				exists = 1;
+				break;
+			}
+			pcred = ccred;
+			ccred = ccred->next;
+		}
+		/* After this, pcred is not null.
+		 */
+
+		if (exists == 0) {	/* new entry */
+			pcred->next = gnutls_malloc(sizeof(auth_cred_st));
+			if (pcred->next == NULL)
+				return GNUTLS_E_MEMORY_ERROR;
+
+			ccred = pcred->next;
+
+			/* copy credentials locally */
+			ccred->credentials = cred;
+
+			ccred->next = NULL;
+			ccred->algorithm = type;
+		} else {	/* modify existing entry */
+			ccred->credentials = cred;
+		}
+	}
+
+	/* sanity tests */
+	if (type == GNUTLS_CRD_CERTIFICATE) {
+		gnutls_certificate_credentials_t c = cred;
+		unsigned i;
+		bool allow_tls13 = 0;
+		unsigned key_usage;
+
+		if (c != NULL && c->ncerts != 0) {
+			for (i = 0; i < c->ncerts; i++) {
+				key_usage = get_key_usage(session, c->certs[i].cert_list[0].pubkey);
+				if (key_usage == 0 || (key_usage & GNUTLS_KEY_DIGITAL_SIGNATURE)) {
+					allow_tls13 = 1;
+					break;
+				}
+			}
+
+			if (session->security_parameters.entity == GNUTLS_SERVER &&
+			    !c->tls13_ok)
+				allow_tls13 = 0;
+
+			if (!allow_tls13) {
+				/* to prevent the server random indicate TLS1.3 support */
+				session->internals.flags |= INT_FLAG_NO_TLS13;
+			}
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_credentials_get:
+ * @session: is a #gnutls_session_t type.
+ * @type: is the type of the credentials to return
+ * @cred: will contain the credentials.
+ *
+ * Returns the previously provided credentials structures.
+ *
+ * For %GNUTLS_CRD_ANON, @cred will be
+ * #gnutls_anon_client_credentials_t in case of a client.  In case of
+ * a server it should be #gnutls_anon_server_credentials_t.
+ *
+ * For %GNUTLS_CRD_SRP, @cred will be #gnutls_srp_client_credentials_t
+ * in case of a client, and #gnutls_srp_server_credentials_t, in case
+ * of a server.
+ *
+ * For %GNUTLS_CRD_CERTIFICATE, @cred will be
+ * #gnutls_certificate_credentials_t.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since: 3.3.3
+ **/
+int
+gnutls_credentials_get(gnutls_session_t session,
+		       gnutls_credentials_type_t type, void **cred)
+{
+	const void *_cred;
+
+	_cred = _gnutls_get_cred(session, type);
+	if (_cred == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (cred)
+		*cred = (void*)_cred;
+
+	return 0;
+}
+
+/**
+ * gnutls_auth_get_type:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Returns type of credentials for the current authentication schema.
+ * The returned information is to be used to distinguish the function used
+ * to access authentication data.
+ *
+ * Eg. for CERTIFICATE ciphersuites (key exchange algorithms:
+ * %GNUTLS_KX_RSA, %GNUTLS_KX_DHE_RSA), the same function are to be
+ * used to access the authentication data.
+ *
+ * Note that on resumed sessions, this function returns the schema
+ * used in the original session authentication.
+ *
+ * Returns: The type of credentials for the current authentication
+ *   schema, a #gnutls_credentials_type_t type.
+ **/
+gnutls_credentials_type_t gnutls_auth_get_type(gnutls_session_t session)
+{
+	if (session->security_parameters.entity == GNUTLS_SERVER)
+		return gnutls_auth_client_get_type(session);
+	else
+		return gnutls_auth_server_get_type(session);
+}
+
+/**
+ * gnutls_auth_server_get_type:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Returns the type of credentials that were used for server authentication.
+ * The returned information is to be used to distinguish the function used
+ * to access authentication data.
+ *
+ * Note that on resumed sessions, this function returns the schema
+ * used in the original session authentication.
+ *
+ * Returns: The type of credentials for the server authentication
+ *   schema, a #gnutls_credentials_type_t type.
+ **/
+gnutls_credentials_type_t
+gnutls_auth_server_get_type(gnutls_session_t session)
+{
+	return session->security_parameters.server_auth_type;
+}
+
+/**
+ * gnutls_auth_client_get_type:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Returns the type of credentials that were used for client authentication.
+ * The returned information is to be used to distinguish the function used
+ * to access authentication data.
+ *
+ * Note that on resumed sessions, this function returns the schema
+ * used in the original session authentication.
+ *
+ * Returns: The type of credentials for the client authentication
+ *   schema, a #gnutls_credentials_type_t type.
+ **/
+gnutls_credentials_type_t
+gnutls_auth_client_get_type(gnutls_session_t session)
+{
+	return session->security_parameters.client_auth_type;
+}
+
+
+/* 
+ * This returns a pointer to the linked list. Don't
+ * free that!!!
+ */
+const void *_gnutls_get_kx_cred(gnutls_session_t session,
+				gnutls_kx_algorithm_t algo)
+{
+	int server =
+	    session->security_parameters.entity == GNUTLS_SERVER ? 1 : 0;
+
+	return _gnutls_get_cred(session,
+				_gnutls_map_kx_get_cred(algo, server));
+}
+
+const void *_gnutls_get_cred(gnutls_session_t session,
+			     gnutls_credentials_type_t type)
+{
+	auth_cred_st *ccred;
+	gnutls_key_st *key = &session->key;
+
+	ccred = key->cred;
+	while (ccred != NULL) {
+		if (ccred->algorithm == type) {
+			break;
+		}
+		ccred = ccred->next;
+	}
+	if (ccred == NULL)
+		return NULL;
+
+	return ccred->credentials;
+}
+
+/*-
+ * _gnutls_free_auth_info - Frees the auth info structure
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function frees the auth info structure and sets it to
+ * null. It must be called since some structures contain malloced
+ * elements.
+ -*/
+void _gnutls_free_auth_info(gnutls_session_t session)
+{
+	dh_info_st *dh_info;
+
+	if (session == NULL) {
+		gnutls_assert();
+		return;
+	}
+
+	switch (session->key.auth_info_type) {
+	case GNUTLS_CRD_SRP:
+		{
+			srp_server_auth_info_t info =
+			    _gnutls_get_auth_info(session, GNUTLS_CRD_SRP);
+
+			if (info == NULL)
+				break;
+
+			gnutls_free(info->username);
+			info->username = NULL;
+		}
+		break;
+#ifdef ENABLE_ANON
+	case GNUTLS_CRD_ANON:
+		{
+			anon_auth_info_t info =
+			    _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
+
+			if (info == NULL)
+				break;
+
+			dh_info = &info->dh;
+			_gnutls_free_dh_info(dh_info);
+		}
+		break;
+#endif
+	case GNUTLS_CRD_PSK:
+		{
+			psk_auth_info_t info =
+			    _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+
+			if (info == NULL)
+				break;
+
+			gnutls_free(info->username);
+			info->username = NULL;
+			info->username_len = 0;
+
+			gnutls_free(info->hint);
+			info->hint = NULL;
+			info->hint_len = 0;
+
+#ifdef ENABLE_DHE
+			dh_info = &info->dh;
+			_gnutls_free_dh_info(dh_info);
+#endif
+		}
+		break;
+	case GNUTLS_CRD_CERTIFICATE:
+		{
+			unsigned int i;
+			cert_auth_info_t info =
+			    _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+
+			if (info == NULL)
+				break;
+
+			dh_info = &info->dh;
+			for (i = 0; i < info->ncerts; i++) {
+				_gnutls_free_datum(&info->raw_certificate_list[i]);
+			}
+
+			for (i = 0; i < info->nocsp; i++) {
+				_gnutls_free_datum(&info->raw_ocsp_list[i]);
+			}
+
+			gnutls_free(info->raw_certificate_list);
+			gnutls_free(info->raw_ocsp_list);
+			info->ncerts = 0;
+			info->nocsp = 0;
+
+#ifdef ENABLE_DHE
+			_gnutls_free_dh_info(dh_info);
+#endif
+		}
+
+
+		break;
+	default:
+		return;
+
+	}
+
+	gnutls_free(session->key.auth_info);
+	session->key.auth_info_size = 0;
+	session->key.auth_info_type = 0;
+
+}
+
+/* This function will create the auth info structure in the key
+ * structure if needed.
+ *
+ * If allow change is !=0 then this will allow changing the auth
+ * info structure to a different type.
+ */
+int
+_gnutls_auth_info_init(gnutls_session_t session,
+		      gnutls_credentials_type_t type, int size,
+		      int allow_change)
+{
+	if (session->key.auth_info == NULL) {
+		session->key.auth_info = gnutls_calloc(1, size);
+		if (session->key.auth_info == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+		session->key.auth_info_type = type;
+		session->key.auth_info_size = size;
+	} else {
+		if (allow_change == 0) {
+			/* If the credentials for the current authentication scheme,
+			 * are not the one we want to set, then it's an error.
+			 * This may happen if a rehandshake is performed an the
+			 * ciphersuite which is negotiated has different authentication
+			 * schema.
+			 */
+			if (type != session->key.auth_info_type) {
+				gnutls_assert();
+				return GNUTLS_E_INVALID_REQUEST;
+			}
+		} else {
+			/* The new behaviour: Here we reallocate the auth info structure
+			 * in order to be able to negotiate different authentication
+			 * types. Ie. perform an auth_anon and then authenticate again using a
+			 * certificate (in order to prevent revealing the certificate's contents,
+			 * to passive eavesdropers.
+			 */
+			if (type != session->key.auth_info_type) {
+
+				_gnutls_free_auth_info(session);
+
+				session->key.auth_info = gnutls_calloc(1, size);
+				if (session->key.auth_info == NULL) {
+					gnutls_assert();
+					return GNUTLS_E_MEMORY_ERROR;
+				}
+
+				session->key.auth_info_type = type;
+				session->key.auth_info_size = size;
+			}
+		}
+	}
+	return 0;
+}
diff --git a/lib/auth.h b/lib/auth.h
new file mode 100644
index 0000000..7e2f3af
--- /dev/null
+++ b/lib/auth.h
@@ -0,0 +1,86 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_AUTH_H
+#define GNUTLS_LIB_AUTH_H
+
+#include "str.h"
+
+typedef struct mod_auth_st_int {
+	const char *name;	/* null terminated */
+	int (*gnutls_generate_server_certificate) (gnutls_session_t,
+						   gnutls_buffer_st *);
+	int (*gnutls_generate_client_certificate) (gnutls_session_t,
+						   gnutls_buffer_st *);
+	int (*gnutls_generate_server_kx) (gnutls_session_t,
+					  gnutls_buffer_st *);
+	int (*gnutls_generate_client_kx) (gnutls_session_t, gnutls_buffer_st *);	/* used in SRP */
+	int (*gnutls_generate_client_crt_vrfy) (gnutls_session_t,
+						gnutls_buffer_st *);
+	int (*gnutls_generate_server_crt_request) (gnutls_session_t,
+						   gnutls_buffer_st *);
+
+	int (*gnutls_process_server_certificate) (gnutls_session_t,
+						  uint8_t *, size_t);
+	int (*gnutls_process_client_certificate) (gnutls_session_t,
+						  uint8_t *, size_t);
+	int (*gnutls_process_server_kx) (gnutls_session_t, uint8_t *,
+					 size_t);
+	int (*gnutls_process_client_kx) (gnutls_session_t, uint8_t *,
+					 size_t);
+	int (*gnutls_process_client_crt_vrfy) (gnutls_session_t, uint8_t *,
+					       size_t);
+	int (*gnutls_process_server_crt_request) (gnutls_session_t,
+						  uint8_t *, size_t);
+} mod_auth_st;
+
+const void *_gnutls_get_cred(gnutls_session_t session,
+			     gnutls_credentials_type_t type);
+const void *_gnutls_get_kx_cred(gnutls_session_t session,
+				gnutls_kx_algorithm_t algo);
+int _gnutls_auth_info_init(gnutls_session_t session,
+			  gnutls_credentials_type_t type, int size,
+			  int allow_change);
+
+/*-
+ * _gnutls_get_auth_info - Returns a pointer to authentication information.
+ * @session: is a #gnutls_session_t structure.
+ *
+ * This function must be called after a successful gnutls_handshake().
+ * Returns a pointer to authentication information. That information
+ * is data obtained by the handshake protocol, the key exchange algorithm,
+ * and the TLS extensions messages.
+ *
+ * In case of GNUTLS_CRD_ANON returns a type of &anon_(server/client)_auth_info_t;
+ * In case of GNUTLS_CRD_CERTIFICATE returns a type of &cert_auth_info_t;
+ * In case of GNUTLS_CRD_SRP returns a type of &srp_(server/client)_auth_info_t;
+ -*/
+inline static
+void *_gnutls_get_auth_info(gnutls_session_t session, gnutls_credentials_type_t type)
+{
+	if (type == session->key.auth_info_type)
+		return session->key.auth_info;
+	else
+		return NULL;
+}
+
+#endif /* GNUTLS_LIB_AUTH_H */
diff --git a/lib/auth/Makefile.am b/lib/auth/Makefile.am
new file mode 100644
index 0000000..e85eaae
--- /dev/null
+++ b/lib/auth/Makefile.am
@@ -0,0 +1,41 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2002-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+include $(top_srcdir)/lib/common.mk
+
+AM_CPPFLAGS = \
+	-I$(srcdir)/../../gl		\
+	-I$(builddir)/../../gl		\
+	-I$(srcdir)/../includes		\
+	-I$(builddir)/../includes	\
+	-I$(builddir)/../../gl          \
+	-I$(srcdir)/..
+
+if ENABLE_MINITASN1
+AM_CPPFLAGS += -I$(srcdir)/../minitasn1
+endif
+
+noinst_LTLIBRARIES = libgnutls_auth.la
+
+libgnutls_auth_la_SOURCES = anon.c cert.c dh_common.c dhe.c \
+	rsa_psk.c dhe_psk.c psk.c psk_passwd.c rsa.c srp_kx.c \
+	srp_passwd.c srp_rsa.c srp_sb64.c anon.h cert.h dh_common.h \
+	psk.h psk_passwd.h srp_kx.h srp_passwd.h anon_ecdh.c \
+	ecdhe.c ecdhe.h rsa_common.h vko_gost.c
diff --git a/lib/auth/Makefile.in b/lib/auth/Makefile.in
new file mode 100644
index 0000000..5f7e6f1
--- /dev/null
+++ b/lib/auth/Makefile.in
@@ -0,0 +1,2447 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2002-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@ENABLE_MINITASN1_TRUE@am__append_1 = -I$(srcdir)/../minitasn1
+subdir = lib/auth
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+LTLIBRARIES = $(noinst_LTLIBRARIES)
+libgnutls_auth_la_LIBADD =
+am_libgnutls_auth_la_OBJECTS = anon.lo cert.lo dh_common.lo dhe.lo \
+	rsa_psk.lo dhe_psk.lo psk.lo psk_passwd.lo rsa.lo srp_kx.lo \
+	srp_passwd.lo srp_rsa.lo srp_sb64.lo anon_ecdh.lo ecdhe.lo \
+	vko_gost.lo
+libgnutls_auth_la_OBJECTS = $(am_libgnutls_auth_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/anon.Plo ./$(DEPDIR)/anon_ecdh.Plo \
+	./$(DEPDIR)/cert.Plo ./$(DEPDIR)/dh_common.Plo \
+	./$(DEPDIR)/dhe.Plo ./$(DEPDIR)/dhe_psk.Plo \
+	./$(DEPDIR)/ecdhe.Plo ./$(DEPDIR)/psk.Plo \
+	./$(DEPDIR)/psk_passwd.Plo ./$(DEPDIR)/rsa.Plo \
+	./$(DEPDIR)/rsa_psk.Plo ./$(DEPDIR)/srp_kx.Plo \
+	./$(DEPDIR)/srp_passwd.Plo ./$(DEPDIR)/srp_rsa.Plo \
+	./$(DEPDIR)/srp_sb64.Plo ./$(DEPDIR)/vko_gost.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+SOURCES = $(libgnutls_auth_la_SOURCES)
+DIST_SOURCES = $(libgnutls_auth_la_SOURCES)
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in \
+	$(top_srcdir)/build-aux/depcomp $(top_srcdir)/lib/common.mk
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = @GPERF@
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+AM_CFLAGS = $(WERROR_CFLAGS) $(WSTACK_CFLAGS) $(WARN_CFLAGS) $(NETTLE_CFLAGS) \
+  $(LIBTASN1_CFLAGS) $(LIBIDN2_CFLAGS) $(P11_KIT_CFLAGS) $(LIBZSTD_CFLAGS) \
+  $(CODE_COVERAGE_CFLAGS)
+
+COMMON_LINK_FLAGS = $(CODE_COVERAGE_LDFLAGS)
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
+AM_CPPFLAGS = -I$(srcdir)/../../gl -I$(builddir)/../../gl \
+	-I$(srcdir)/../includes -I$(builddir)/../includes \
+	-I$(builddir)/../../gl -I$(srcdir)/.. $(am__append_1)
+noinst_LTLIBRARIES = libgnutls_auth.la
+libgnutls_auth_la_SOURCES = anon.c cert.c dh_common.c dhe.c \
+	rsa_psk.c dhe_psk.c psk.c psk_passwd.c rsa.c srp_kx.c \
+	srp_passwd.c srp_rsa.c srp_sb64.c anon.h cert.h dh_common.h \
+	psk.h psk_passwd.h srp_kx.h srp_passwd.h anon_ecdh.c \
+	ecdhe.c ecdhe.h rsa_common.h vko_gost.c
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/lib/common.mk $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/auth/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign lib/auth/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+$(top_srcdir)/lib/common.mk $(am__empty):
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+	-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+	@list='$(noinst_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+
+libgnutls_auth.la: $(libgnutls_auth_la_OBJECTS) $(libgnutls_auth_la_DEPENDENCIES) $(EXTRA_libgnutls_auth_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(LINK)  $(libgnutls_auth_la_OBJECTS) $(libgnutls_auth_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/anon.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/anon_ecdh.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cert.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dh_common.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dhe.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dhe_psk.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ecdhe.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/psk.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/psk_passwd.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rsa.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rsa_psk.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srp_kx.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srp_passwd.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srp_rsa.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srp_sb64.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vko_gost.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	mostlyclean-am
+
+distclean: distclean-am
+		-rm -f ./$(DEPDIR)/anon.Plo
+	-rm -f ./$(DEPDIR)/anon_ecdh.Plo
+	-rm -f ./$(DEPDIR)/cert.Plo
+	-rm -f ./$(DEPDIR)/dh_common.Plo
+	-rm -f ./$(DEPDIR)/dhe.Plo
+	-rm -f ./$(DEPDIR)/dhe_psk.Plo
+	-rm -f ./$(DEPDIR)/ecdhe.Plo
+	-rm -f ./$(DEPDIR)/psk.Plo
+	-rm -f ./$(DEPDIR)/psk_passwd.Plo
+	-rm -f ./$(DEPDIR)/rsa.Plo
+	-rm -f ./$(DEPDIR)/rsa_psk.Plo
+	-rm -f ./$(DEPDIR)/srp_kx.Plo
+	-rm -f ./$(DEPDIR)/srp_passwd.Plo
+	-rm -f ./$(DEPDIR)/srp_rsa.Plo
+	-rm -f ./$(DEPDIR)/srp_sb64.Plo
+	-rm -f ./$(DEPDIR)/vko_gost.Plo
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+		-rm -f ./$(DEPDIR)/anon.Plo
+	-rm -f ./$(DEPDIR)/anon_ecdh.Plo
+	-rm -f ./$(DEPDIR)/cert.Plo
+	-rm -f ./$(DEPDIR)/dh_common.Plo
+	-rm -f ./$(DEPDIR)/dhe.Plo
+	-rm -f ./$(DEPDIR)/dhe_psk.Plo
+	-rm -f ./$(DEPDIR)/ecdhe.Plo
+	-rm -f ./$(DEPDIR)/psk.Plo
+	-rm -f ./$(DEPDIR)/psk_passwd.Plo
+	-rm -f ./$(DEPDIR)/rsa.Plo
+	-rm -f ./$(DEPDIR)/rsa_psk.Plo
+	-rm -f ./$(DEPDIR)/srp_kx.Plo
+	-rm -f ./$(DEPDIR)/srp_passwd.Plo
+	-rm -f ./$(DEPDIR)/srp_rsa.Plo
+	-rm -f ./$(DEPDIR)/srp_sb64.Plo
+	-rm -f ./$(DEPDIR)/vko_gost.Plo
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+	clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	cscopelist-am ctags ctags-am distclean distclean-compile \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man install-pdf \
+	install-pdf-am install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-am uninstall uninstall-am
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/lib/auth/anon.c b/lib/auth/anon.c
new file mode 100644
index 0000000..2fc2cd7
--- /dev/null
+++ b/lib/auth/anon.c
@@ -0,0 +1,131 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the Anonymous Diffie-Hellman key exchange part of
+ * the anonymous authentication. The functions here are used in the
+ * handshake.
+ */
+
+#include "gnutls_int.h"
+
+#if defined(ENABLE_ANON) && defined(ENABLE_DHE)
+
+#include "auth.h"
+#include "errors.h"
+#include "dh.h"
+#include "auth/anon.h"
+#include "num.h"
+#include "mpi.h"
+#include <state.h>
+#include <auth/dh_common.h>
+
+static int gen_anon_server_kx(gnutls_session_t, gnutls_buffer_st *);
+static int proc_anon_client_kx(gnutls_session_t, uint8_t *, size_t);
+static int proc_anon_server_kx(gnutls_session_t, uint8_t *, size_t);
+
+const mod_auth_st anon_auth_struct = {
+	"ANON",
+	NULL,
+	NULL,
+	gen_anon_server_kx,
+	_gnutls_gen_dh_common_client_kx,	/* this can be shared */
+	NULL,
+	NULL,
+
+	NULL,
+	NULL,			/* certificate */
+	proc_anon_server_kx,
+	proc_anon_client_kx,
+	NULL,
+	NULL
+};
+
+static int
+gen_anon_server_kx(gnutls_session_t session, gnutls_buffer_st * data)
+{
+	int ret;
+	gnutls_anon_server_credentials_t cred;
+
+	cred = (gnutls_anon_server_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_ANON);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_ANON,
+				   sizeof(anon_auth_info_st), 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_figure_dh_params(session, cred->dh_params, cred->params_func, cred->dh_sec_param);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	ret =
+	    _gnutls_dh_common_print_server_kx(session, data);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+	return ret;
+}
+
+
+static int
+proc_anon_client_kx(gnutls_session_t session, uint8_t * data,
+		    size_t _data_size)
+{
+	return
+	    _gnutls_proc_dh_common_client_kx(session, data, _data_size, NULL);
+
+}
+
+int
+proc_anon_server_kx(gnutls_session_t session, uint8_t * data,
+		    size_t _data_size)
+{
+
+	int ret;
+
+	/* set auth_info */
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_ANON,
+				   sizeof(anon_auth_info_st), 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_proc_dh_common_server_kx(session, data, _data_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+#endif				/* ENABLE_ANON */
diff --git a/lib/auth/anon.h b/lib/auth/anon.h
new file mode 100644
index 0000000..3a8db4b
--- /dev/null
+++ b/lib/auth/anon.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_AUTH_ANON_H
+#define GNUTLS_LIB_AUTH_ANON_H
+
+/* this is not to be included by gnutls_anon.c */
+#include <auth.h>
+#include <auth/dh_common.h>
+
+typedef struct gnutls_anon_server_credentials_st {
+	gnutls_dh_params_t dh_params;
+	unsigned deinit_dh_params;
+	gnutls_sec_param_t dh_sec_param;
+
+	/* this callback is used to retrieve the DH or RSA
+	 * parameters.
+	 */
+	gnutls_params_function *params_func;
+} anon_server_credentials_st;
+
+typedef struct gnutls_anon_client_credentials_st {
+	int dummy;
+} anon_client_credentials_st;
+
+typedef struct anon_auth_info_st {
+	dh_info_st dh;
+	gnutls_ecc_curve_t curve;
+} *anon_auth_info_t;
+
+typedef struct anon_auth_info_st anon_auth_info_st;
+
+#endif /* GNUTLS_LIB_AUTH_ANON_H */
diff --git a/lib/auth/anon_ecdh.c b/lib/auth/anon_ecdh.c
new file mode 100644
index 0000000..48da739
--- /dev/null
+++ b/lib/auth/anon_ecdh.c
@@ -0,0 +1,139 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the Anonymous Diffie-Hellman key exchange part of
+ * the anonymous authentication. The functions here are used in the
+ * handshake.
+ */
+
+#include "gnutls_int.h"
+
+#if defined(ENABLE_ANON) && defined(ENABLE_ECDHE)
+
+#include "auth.h"
+#include "errors.h"
+#include "dh.h"
+#include "auth/anon.h"
+#include "num.h"
+#include "mpi.h"
+#include <state.h>
+#include <auth/ecdhe.h>
+#include <ext/supported_groups.h>
+
+static int gen_anon_ecdh_server_kx(gnutls_session_t, gnutls_buffer_st *);
+static int proc_anon_ecdh_client_kx(gnutls_session_t, uint8_t *, size_t);
+static int proc_anon_ecdh_server_kx(gnutls_session_t, uint8_t *, size_t);
+
+const mod_auth_st anon_ecdh_auth_struct = {
+	"ANON ECDH",
+	NULL,
+	NULL,
+	gen_anon_ecdh_server_kx,
+	_gnutls_gen_ecdh_common_client_kx,	/* this can be shared */
+	NULL,
+	NULL,
+
+	NULL,
+	NULL,			/* certificate */
+	proc_anon_ecdh_server_kx,
+	proc_anon_ecdh_client_kx,
+	NULL,
+	NULL
+};
+
+static int
+gen_anon_ecdh_server_kx(gnutls_session_t session, gnutls_buffer_st * data)
+{
+	int ret;
+	gnutls_anon_server_credentials_t cred;
+
+	cred = (gnutls_anon_server_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_ANON);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_ANON,
+				   sizeof(anon_auth_info_st), 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_ecdh_common_print_server_kx(session, data,
+						get_group
+						(session));
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+	return ret;
+}
+
+
+static int
+proc_anon_ecdh_client_kx(gnutls_session_t session, uint8_t * data,
+			 size_t _data_size)
+{
+	gnutls_anon_server_credentials_t cred;
+
+	cred = (gnutls_anon_server_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_ANON);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	return _gnutls_proc_ecdh_common_client_kx(session, data,
+						  _data_size,
+						  get_group
+						  (session), NULL);
+}
+
+int
+proc_anon_ecdh_server_kx(gnutls_session_t session, uint8_t * data,
+			 size_t _data_size)
+{
+
+	int ret;
+
+	/* set auth_info */
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_ANON,
+				   sizeof(anon_auth_info_st), 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_proc_ecdh_common_server_kx(session, data, _data_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+#endif				/* ENABLE_ANON */
diff --git a/lib/auth/cert.c b/lib/auth/cert.c
new file mode 100644
index 0000000..4540706
--- /dev/null
+++ b/lib/auth/cert.c
@@ -0,0 +1,1914 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* The certificate authentication functions which are needed in the handshake,
+ * and are common to RSA and DHE key exchange, are in this file.
+ */
+
+#include "gnutls_int.h"
+#include "auth.h"
+#include "errors.h"
+#include <auth/cert.h>
+#include "dh.h"
+#include "num.h"
+#include "libtasn1.h"
+#include "datum.h"
+#include "ext/signature.h"
+#include <pk.h>
+#include <algorithms.h>
+#include <global.h>
+#include <record.h>
+#include <tls-sig.h>
+#include <state.h>
+#include <pk.h>
+#include <x509.h>
+#include <x509/verify-high.h>
+#include <gnutls/abstract.h>
+#include "abstract_int.h"
+#include "debug.h"
+
+static void
+selected_certs_set(gnutls_session_t session,
+		   gnutls_pcert_st * certs, int ncerts,
+		   gnutls_ocsp_data_st *ocsp, unsigned nocsp,
+		   gnutls_privkey_t key, int need_free,
+		   gnutls_status_request_ocsp_func ocsp_func,
+		   void *ocsp_func_ptr);
+
+#define MAX_CLIENT_SIGN_ALGOS 5
+#define CERTTYPE_SIZE (MAX_CLIENT_SIGN_ALGOS+1)
+typedef enum CertificateSigType { RSA_SIGN = 1, DSA_SIGN = 2, ECDSA_SIGN = 64,
+#ifdef ENABLE_GOST
+	GOSTR34102012_256_SIGN = 67,
+	GOSTR34102012_512_SIGN = 68
+#endif
+} CertificateSigType;
+
+enum CertificateSigTypeFlags {
+	RSA_SIGN_FLAG = 1,
+	DSA_SIGN_FLAG = 1 << 1,
+	ECDSA_SIGN_FLAG = 1 << 2,
+#ifdef ENABLE_GOST
+	GOSTR34102012_256_SIGN_FLAG = 1 << 3,
+	GOSTR34102012_512_SIGN_FLAG = 1 << 4
+#endif
+};
+
+/* Moves data from an internal certificate struct (gnutls_pcert_st) to
+ * another internal certificate struct (cert_auth_info_t), and deinitializes
+ * the former.
+ */
+int _gnutls_pcert_to_auth_info(cert_auth_info_t info, gnutls_pcert_st * certs, size_t ncerts)
+{
+	size_t i, j;
+
+	if (info->raw_certificate_list != NULL) {
+		for (j = 0; j < info->ncerts; j++)
+			_gnutls_free_datum(&info->raw_certificate_list[j]);
+		gnutls_free(info->raw_certificate_list);
+	}
+
+	if (ncerts == 0) {
+		info->raw_certificate_list = NULL;
+		info->ncerts = 0;
+		return 0;
+	}
+
+	info->raw_certificate_list =
+	    gnutls_calloc(ncerts, sizeof(gnutls_datum_t));
+	if (info->raw_certificate_list == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	info->cert_type = certs[0].type;
+	info->ncerts = ncerts;
+
+	for (i = 0; i < ncerts; i++) {
+		info->raw_certificate_list[i].data = certs[i].cert.data;
+		info->raw_certificate_list[i].size = certs[i].cert.size;
+		certs[i].cert.data = NULL;
+		gnutls_pcert_deinit(&certs[i]);
+	}
+	gnutls_free(certs);
+
+	return 0;
+}
+
+/* returns 0 if the algo_to-check exists in the pk_algos list,
+ * -1 otherwise.
+ */
+inline static int
+check_pk_algo_in_list(const gnutls_pk_algorithm_t *
+		      pk_algos, int pk_algos_length,
+		      gnutls_pk_algorithm_t algo_to_check)
+{
+	int i;
+	for (i = 0; i < pk_algos_length; i++) {
+		if (algo_to_check == pk_algos[i]) {
+			return 0;
+		}
+	}
+	return -1;
+}
+
+/* Returns the issuer's Distinguished name in odn, of the certificate
+ * specified in cert.
+ */
+static int cert_get_issuer_dn(gnutls_pcert_st * cert, gnutls_datum_t * odn)
+{
+	asn1_node dn;
+	int len, result;
+	int start, end;
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.Certificate", &dn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = asn1_der_decoding(&dn, cert->cert.data, cert->cert.size, NULL);
+	if (result != ASN1_SUCCESS) {
+		/* couldn't decode DER */
+		gnutls_assert();
+		asn1_delete_structure(&dn);
+		return _gnutls_asn2err(result);
+	}
+
+	result =
+	    asn1_der_decoding_startEnd(dn, cert->cert.data,
+				       cert->cert.size,
+				       "tbsCertificate.issuer", &start, &end);
+
+	if (result != ASN1_SUCCESS) {
+		/* couldn't decode DER */
+		gnutls_assert();
+		asn1_delete_structure(&dn);
+		return _gnutls_asn2err(result);
+	}
+	asn1_delete_structure(&dn);
+
+	len = end - start + 1;
+
+	odn->size = len;
+	odn->data = &cert->cert.data[start];
+
+	return 0;
+}
+
+/* Locates the most appropriate x509 certificate using the
+ * given DN. If indx == -1 then no certificate was found.
+ *
+ * That is to guess which certificate to use, based on the
+ * CAs and sign algorithms supported by the peer server.
+ */
+static int
+find_x509_client_cert(gnutls_session_t session,
+	       const gnutls_certificate_credentials_t cred,
+	       const uint8_t * _data, size_t _data_size,
+	       const gnutls_pk_algorithm_t * pk_algos,
+	       int pk_algos_length, int *indx)
+{
+	unsigned size;
+	gnutls_datum_t odn = { NULL, 0 }, asked_dn;
+	const uint8_t *data = _data;
+	ssize_t data_size = _data_size;
+	unsigned i, j;
+	int result, cert_pk;
+	unsigned key_usage;
+
+	*indx = -1;
+
+	/* If peer doesn't send any issuers and we have a single certificate
+	 * then send that one.
+	 */
+	if (cred->ncerts == 1 &&
+	    (data_size == 0
+	     || (session->internals.flags & GNUTLS_FORCE_CLIENT_CERT))) {
+		if (cred->certs[0].cert_list[0].type == GNUTLS_CRT_X509) {
+
+			key_usage = get_key_usage(session, cred->certs[0].cert_list[0].pubkey);
+
+			/* For client certificates we require signatures */
+			result = _gnutls_check_key_usage_for_sig(session, key_usage, 1);
+			if (result < 0) {
+				_gnutls_debug_log("Client certificate is not suitable for signing\n");
+				return gnutls_assert_val(result);
+			}
+
+			*indx = 0;
+			return 0;
+		}
+	}
+
+	do {
+		DECR_LENGTH_RET(data_size, 2, 0);
+		size = _gnutls_read_uint16(data);
+		DECR_LENGTH_RET(data_size, size, 0);
+		data += 2;
+
+		asked_dn.data = (void*)data;
+		asked_dn.size = size;
+		_gnutls_dn_log("Peer requested CA", &asked_dn);
+
+		for (i = 0; i < cred->ncerts; i++) {
+			for (j = 0; j < cred->certs[i].cert_list_length; j++) {
+				if ((result =
+				     cert_get_issuer_dn(&cred->certs
+							[i].cert_list
+							[j], &odn)) < 0) {
+					gnutls_assert();
+					return result;
+				}
+
+				if (odn.size == 0 || odn.size != asked_dn.size)
+					continue;
+
+				key_usage = get_key_usage(session, cred->certs[i].cert_list[0].pubkey);
+
+				/* For client certificates we require signatures */
+				if (_gnutls_check_key_usage_for_sig(session, key_usage, 1) < 0) {
+					_gnutls_debug_log("Client certificate is not suitable for signing\n");
+					continue;
+				}
+
+				/* If the DN matches and
+				 * the *_SIGN algorithm matches
+				 * the cert is our cert!
+				 */
+				cert_pk =
+				    gnutls_pubkey_get_pk_algorithm(cred->certs
+								   [i].cert_list
+								   [0].pubkey,
+								   NULL);
+
+				if ((memcmp(odn.data, asked_dn.data, asked_dn.size) == 0) &&
+				    (check_pk_algo_in_list
+				     (pk_algos, pk_algos_length,
+				      cert_pk) == 0)) {
+					*indx = i;
+					break;
+				}
+			}
+			if (*indx != -1)
+				break;
+		}
+
+		if (*indx != -1)
+			break;
+
+		/* move to next record */
+		data += size;
+	}
+	while (1);
+
+	return 0;
+
+}
+
+
+/* Locates the first raw public-key.
+ * Currently it only makes sense to associate one raw pubkey per session.
+ * Associating more raw pubkeys with a session has no use because we
+ * don't know how to select the correct one.
+ */
+static int
+find_rawpk_client_cert(gnutls_session_t session,
+			const gnutls_certificate_credentials_t cred,
+			const gnutls_pk_algorithm_t* pk_algos,
+			int pk_algos_length, int* indx)
+{
+	unsigned i;
+	int ret;
+	gnutls_pk_algorithm_t pk;
+
+	*indx = -1;
+
+	for (i = 0; i < cred->ncerts; i++) {
+		/* We know that our list length will be 1, therefore we can
+		 * ignore the rest.
+		 */
+		if (cred->certs[i].cert_list_length == 1 && cred->certs[i].cert_list[0].type == GNUTLS_CRT_RAWPK) {
+			pk = gnutls_pubkey_get_pk_algorithm(cred->certs[i].cert_list[0].pubkey, NULL);
+
+			/* For client certificates we require signatures */
+			ret = _gnutls_check_key_usage_for_sig(session, get_key_usage(session, cred->certs[i].cert_list[0].pubkey), 1);
+			if (ret < 0) {
+				/* we return an error instead of skipping so that the user is notified about
+				 * the key incompatibility */
+				_gnutls_debug_log("Client certificate is not suitable for signing\n");
+				return gnutls_assert_val(ret);
+			}
+
+			/* Check whether the public-key algorithm of our credential is in
+			 * the list with supported public-key algorithms and whether the
+			 * cert type matches. */
+			if ((check_pk_algo_in_list(pk_algos, pk_algos_length, pk) == 0)) {
+				// We found a compatible credential
+				*indx = i;
+				break;
+			}
+		}
+	}
+
+	return 0;
+}
+
+
+/* Returns the number of issuers in the server's
+ * certificate request packet.
+ */
+static int
+get_issuers_num(gnutls_session_t session, const uint8_t * data, ssize_t data_size)
+{
+	int issuers_dn_len = 0;
+	unsigned size;
+
+	/* Count the number of the given issuers;
+	 * This is used to allocate the issuers_dn without
+	 * using realloc().
+	 */
+
+	if (data_size == 0 || data == NULL)
+		return 0;
+
+	while (data_size > 0) {
+		/* This works like DECR_LEN()
+		 */
+		DECR_LENGTH_RET(data_size, 2, GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+		size = _gnutls_read_uint16(data);
+
+		DECR_LENGTH_RET(data_size, size, GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+		data += 2;
+
+		if (size > 0) {
+			issuers_dn_len++;
+			data += size;
+		}
+	}
+
+	return issuers_dn_len;
+}
+
+/* Returns the issuers in the server's certificate request
+ * packet.
+ */
+static int
+get_issuers(gnutls_session_t session,
+	    gnutls_datum_t * issuers_dn, int issuers_len,
+	    const uint8_t * data, size_t data_size)
+{
+	int i;
+	unsigned size;
+
+	if (get_certificate_type(session, GNUTLS_CTYPE_CLIENT) != GNUTLS_CRT_X509)
+		return 0;
+
+	/* put the requested DNs to req_dn, only in case
+	 * of X509 certificates.
+	 */
+	if (issuers_len > 0) {
+
+		for (i = 0; i < issuers_len; i++) {
+			/* The checks here for the buffer boundaries
+			 * are not needed since the buffer has been
+			 * parsed above.
+			 */
+			data_size -= 2;
+
+			size = _gnutls_read_uint16(data);
+
+			data += 2;
+
+			issuers_dn[i].data = (void*)data;
+			issuers_dn[i].size = size;
+
+			_gnutls_dn_log("Peer requested CA", &issuers_dn[i]);
+
+			data += size;
+		}
+	}
+
+	return 0;
+}
+
+/* Calls the client or server certificate get callback.
+ */
+static int
+call_get_cert_callback(gnutls_session_t session,
+		       const gnutls_datum_t * issuers_dn,
+		       int issuers_dn_length,
+		       gnutls_pk_algorithm_t * pk_algos, int pk_algos_length)
+{
+	gnutls_privkey_t local_key = NULL;
+	int ret = GNUTLS_E_INTERNAL_ERROR;
+	gnutls_certificate_type_t type;
+	gnutls_certificate_credentials_t cred;
+	gnutls_pcert_st *pcert = NULL;
+	gnutls_ocsp_data_st *ocsp = NULL;
+	unsigned int ocsp_length = 0;
+	unsigned int pcert_length = 0;
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	/* Correctly set the certificate type for ourselves */
+	type = get_certificate_type(session, GNUTLS_CTYPE_OURS);
+
+	/* Check whether a callback is set and call it */
+	if (cred->get_cert_callback3) {
+		struct gnutls_cert_retr_st info;
+		unsigned int flags = 0;
+
+		memset(&info, 0, sizeof(info));
+		info.req_ca_rdn = issuers_dn;
+		info.nreqs = issuers_dn_length;
+		info.pk_algos = pk_algos;
+		info.pk_algos_length = pk_algos_length;
+		info.cred = cred;
+
+		/* we avoid all allocations and transformations */
+		ret =
+		    cred->get_cert_callback3(session, &info,
+					     &pcert, &pcert_length,
+					     &ocsp, &ocsp_length,
+					     &local_key, &flags);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_USER_ERROR);
+
+		if (pcert_length > 0 && type != pcert[0].type)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		if (pcert_length == 0) {
+			pcert = NULL;
+			local_key = NULL;
+		}
+
+		selected_certs_set(session, pcert, pcert_length,
+				   ocsp, ocsp_length,
+				   local_key, (flags&GNUTLS_CERT_RETR_DEINIT_ALL)?1:0,
+				   cred->glob_ocsp_func, cred->glob_ocsp_func_ptr);
+
+		return 0;
+	} else {
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+}
+
+/* Finds the appropriate certificate depending on the cA Distinguished name
+ * advertized by the server. If none matches then returns 0 and -1 as index.
+ * In case of an error a negative error code, is returned.
+ *
+ * 20020128: added ability to select a certificate depending on the SIGN
+ * algorithm (only in automatic mode).
+ */
+int
+_gnutls_select_client_cert(gnutls_session_t session,
+			   const uint8_t * _data, size_t _data_size,
+			   gnutls_pk_algorithm_t * pk_algos, int pk_algos_length)
+{
+	int result;
+	int indx = -1;
+	gnutls_certificate_credentials_t cred;
+	const uint8_t *data = _data;
+	ssize_t data_size = _data_size;
+	int issuers_dn_length;
+	gnutls_datum_t *issuers_dn = NULL;
+	gnutls_certificate_type_t cert_type;
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	cert_type = get_certificate_type(session, GNUTLS_CTYPE_CLIENT);
+
+	if (cred->get_cert_callback3 != NULL) {
+
+		/* use a callback to get certificate
+		 */
+		if (cert_type == GNUTLS_CRT_X509) {
+			issuers_dn_length =
+			    get_issuers_num(session, data, data_size);
+			if (issuers_dn_length < 0) {
+				gnutls_assert();
+				return issuers_dn_length;
+			}
+
+			if (issuers_dn_length > 0) {
+				issuers_dn =
+				    gnutls_malloc(sizeof(gnutls_datum_t) *
+						  issuers_dn_length);
+				if (issuers_dn == NULL) {
+					gnutls_assert();
+					return GNUTLS_E_MEMORY_ERROR;
+				}
+
+				result =
+				    get_issuers(session, issuers_dn,
+						issuers_dn_length, data,
+						data_size);
+				if (result < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+			}
+		} else {
+			issuers_dn_length = 0;
+		}
+
+		result =
+		    call_get_cert_callback(session, issuers_dn,
+					   issuers_dn_length, pk_algos,
+					   pk_algos_length);
+		goto cleanup;
+
+	} else {
+		/* If we have no callbacks, try to guess.
+		 */
+		switch (cert_type) {
+			case GNUTLS_CRT_X509:
+				result = find_x509_client_cert(session, cred, _data,
+										_data_size, pk_algos,
+										pk_algos_length, &indx);
+				break;
+			case GNUTLS_CRT_RAWPK:
+				result = find_rawpk_client_cert(session, cred,
+							pk_algos, pk_algos_length, &indx);
+				break;
+			default:
+				result = GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
+				break;
+		}
+
+		if (result < 0) {
+			return gnutls_assert_val(result);
+		}
+
+		if (indx >= 0) {
+			selected_certs_set(session,
+					   &cred->certs[indx].
+					   cert_list[0],
+					   cred->certs[indx].
+					   cert_list_length,
+					   cred->certs[indx].ocsp_data,
+					   cred->certs[indx].ocsp_data_length,
+					   cred->certs[indx].pkey, 0,
+					   NULL, NULL);
+		} else {
+			selected_certs_set(session, NULL, 0, NULL, 0,
+					   NULL, 0, NULL, NULL);
+		}
+
+		result = 0;
+	}
+
+ cleanup:
+	gnutls_free(issuers_dn);
+	return result;
+
+}
+
+/* Generate certificate message
+ */
+static int gen_x509_crt(gnutls_session_t session, gnutls_buffer_st * data)
+{
+	int ret, i;
+	gnutls_pcert_st *apr_cert_list;
+	gnutls_privkey_t apr_pkey;
+	int apr_cert_list_length;
+	unsigned init_pos = data->length;
+
+	/* find the appropriate certificate
+	 */
+	if ((ret =
+	     _gnutls_get_selected_cert(session, &apr_cert_list,
+				       &apr_cert_list_length, &apr_pkey)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = 3;
+	for (i = 0; i < apr_cert_list_length; i++) {
+		ret += apr_cert_list[i].cert.size + 3;
+		/* hold size
+		 * for uint24 */
+	}
+
+	/* if no certificates were found then send:
+	 * 0B 00 00 03 00 00 00    // Certificate with no certs
+	 * instead of:
+	 * 0B 00 00 00	  // empty certificate handshake
+	 *
+	 * ( the above is the whole handshake message, not
+	 * the one produced here )
+	 */
+
+	ret = _gnutls_buffer_append_prefix(data, 24, ret - 3);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	for (i = 0; i < apr_cert_list_length; i++) {
+		ret =
+		    _gnutls_buffer_append_data_prefix(data, 24,
+						      apr_cert_list[i].
+						      cert.data,
+						      apr_cert_list[i].
+						      cert.size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	return data->length - init_pos;
+}
+
+
+/* Generates a Raw Public Key certificate message that holds only the
+ * SubjectPublicKeyInfo part of a regular certificate message.
+ *
+ * Returns the number of bytes sent or a negative error code.
+ */
+int
+_gnutls_gen_rawpk_crt(gnutls_session_t session, gnutls_buffer_st* data)
+{
+	int ret;
+	gnutls_pcert_st *apr_cert_list;
+	gnutls_privkey_t apr_pkey;
+	int apr_cert_list_length;
+
+	if((ret = _gnutls_get_selected_cert(session, &apr_cert_list,
+				       &apr_cert_list_length, &apr_pkey)) < 0)	{
+			return gnutls_assert_val(ret);
+	}
+
+	/* Since we are transmitting a raw public key with no additional
+	 * certificate credentials attached to it, it doesn't make sense to
+	 * have more than one certificate set (i.e. to have a certificate chain).
+	 */
+	assert(apr_cert_list_length <= 1);
+
+	/* Write our certificate containing only the SubjectPublicKeyInfo to
+	 * the output buffer. We always have exactly one certificate that
+	 * contains our raw public key. Our message looks like:
+	 * <length++certificate> where
+	 * length = 3 bytes (or 24 bits) and
+	 * certificate = length bytes.
+	 */
+	if (apr_cert_list_length == 0) {
+		ret = _gnutls_buffer_append_prefix(data, 24, 0);
+	} else {
+		ret = _gnutls_buffer_append_data_prefix(data, 24,
+							apr_cert_list[0].cert.data,
+							apr_cert_list[0].cert.size);
+	}
+
+
+	if (ret < 0) return gnutls_assert_val(ret);
+
+	return data->length;
+}
+
+
+int
+_gnutls_gen_cert_client_crt(gnutls_session_t session, gnutls_buffer_st * data)
+{
+	gnutls_certificate_type_t cert_type;
+
+	// Retrieve the (negotiated) certificate type for the client
+	cert_type = get_certificate_type(session, GNUTLS_CTYPE_CLIENT);
+
+	switch (cert_type) {
+		case GNUTLS_CRT_X509:
+			return gen_x509_crt(session, data);
+		case GNUTLS_CRT_RAWPK:
+			return _gnutls_gen_rawpk_crt(session, data);
+		default:
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+}
+
+int
+_gnutls_gen_cert_server_crt(gnutls_session_t session, gnutls_buffer_st * data)
+{
+	gnutls_certificate_type_t cert_type;
+
+	// Retrieve the (negotiated) certificate type for the server
+	cert_type = get_certificate_type(session, GNUTLS_CTYPE_SERVER);
+
+	switch (cert_type) {
+		case GNUTLS_CRT_X509:
+			return gen_x509_crt(session, data);
+		case GNUTLS_CRT_RAWPK:
+			return _gnutls_gen_rawpk_crt(session, data);
+		default:
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+}
+
+static
+int check_pk_compat(gnutls_session_t session, gnutls_pubkey_t pubkey)
+{
+	unsigned cert_pk;
+	unsigned kx;
+
+	if (session->security_parameters.entity != GNUTLS_CLIENT)
+		return 0;
+
+	cert_pk = gnutls_pubkey_get_pk_algorithm(pubkey, NULL);
+	if (cert_pk == GNUTLS_PK_UNKNOWN) {
+		gnutls_assert();
+		return GNUTLS_E_CERTIFICATE_ERROR;
+	}
+
+	kx = session->security_parameters.cs->kx_algorithm;
+
+	if (_gnutls_map_kx_get_cred(kx, 1) == GNUTLS_CRD_CERTIFICATE &&
+	    !_gnutls_kx_supports_pk(kx, cert_pk)) {
+		gnutls_assert();
+		return GNUTLS_E_CERTIFICATE_ERROR;
+	}
+
+	return 0;
+}
+
+/* Process server certificate
+ */
+#define CLEAR_CERTS for(x=0;x<peer_certificate_list_size;x++) gnutls_pcert_deinit(&peer_certificate_list[x])
+static int
+_gnutls_proc_x509_crt(gnutls_session_t session,
+			     uint8_t * data, size_t data_size)
+{
+	int size, len, ret;
+	uint8_t *p = data;
+	cert_auth_info_t info;
+	gnutls_certificate_credentials_t cred;
+	ssize_t dsize = data_size;
+	int i;
+	gnutls_pcert_st *peer_certificate_list;
+	size_t peer_certificate_list_size = 0, j, x;
+	gnutls_datum_t tmp;
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_CERTIFICATE,
+				   sizeof(cert_auth_info_st), 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	if (unlikely(!info)) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (data == NULL || data_size == 0) {
+		gnutls_assert();
+		/* no certificate was sent */
+		return GNUTLS_E_NO_CERTIFICATE_FOUND;
+	}
+
+	DECR_LEN(dsize, 3);
+	size = _gnutls_read_uint24(p);
+	p += 3;
+
+	/* ensure no discrepancy in data */
+	if (size != dsize)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	/* some implementations send 0B 00 00 06 00 00 03 00 00 00
+	 * instead of just 0B 00 00 03 00 00 00 as an empty certificate message.
+	 */
+	if (size == 0 || (size == 3 && memcmp(p, "\x00\x00\x00", 3) == 0)) {
+		gnutls_assert();
+		/* no certificate was sent */
+		return GNUTLS_E_NO_CERTIFICATE_FOUND;
+	}
+
+	i = dsize;
+	while (i > 0) {
+		DECR_LEN(dsize, 3);
+		len = _gnutls_read_uint24(p);
+		p += 3;
+		DECR_LEN(dsize, len);
+		peer_certificate_list_size++;
+		p += len;
+		i -= len + 3;
+	}
+
+	if (dsize != 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	if (peer_certificate_list_size == 0) {
+		gnutls_assert();
+		return GNUTLS_E_NO_CERTIFICATE_FOUND;
+	}
+
+	/* Ok we now allocate the memory to hold the
+	 * certificate list
+	 */
+
+	peer_certificate_list =
+	    gnutls_calloc(1,
+			  sizeof(gnutls_pcert_st) *
+			  (peer_certificate_list_size));
+	if (peer_certificate_list == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	p = data + 3;
+
+	/* Now we start parsing the list (again).
+	 * We don't use DECR_LEN since the list has
+	 * been parsed before.
+	 */
+
+	for (j = 0; j < peer_certificate_list_size; j++) {
+		len = _gnutls_read_uint24(p);
+		p += 3;
+
+		tmp.size = len;
+		tmp.data = p;
+
+		ret =
+		    gnutls_pcert_import_x509_raw(&peer_certificate_list
+						 [j], &tmp,
+						 GNUTLS_X509_FMT_DER, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			peer_certificate_list_size = j;
+			ret = GNUTLS_E_CERTIFICATE_ERROR;
+			goto cleanup;
+		}
+
+		p += len;
+	}
+
+	ret = check_pk_compat(session, peer_certificate_list[0].pubkey);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	     _gnutls_pcert_to_auth_info(info,
+					peer_certificate_list,
+					peer_certificate_list_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	return 0;
+
+ cleanup:
+	CLEAR_CERTS;
+	gnutls_free(peer_certificate_list);
+	return ret;
+
+}
+
+
+int _gnutls_proc_rawpk_crt(gnutls_session_t session,
+				uint8_t * data, size_t data_size)
+{
+	int cert_size, ret;
+	cert_auth_info_t info;
+	gnutls_pcert_st* peer_certificate;
+	gnutls_datum_t tmp_cert;
+
+	uint8_t *p = data;
+	ssize_t dsize = data_size;
+
+	/* We assume data != null and data_size > 0 because
+	 * the caller checks this for us. */
+
+	/* Read the length of our certificate. We always have exactly
+	 * one certificate that contains our raw public key. Our message
+	 * looks like:
+	 * <length++certificate> where
+	 * length = 3 bytes and
+	 * certificate = length bytes.
+	 */
+	DECR_LEN(dsize, 3);
+	cert_size = _gnutls_read_uint24(p);
+	p += 3;
+
+	/* Ensure no discrepancy in data */
+	if (cert_size != dsize)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+
+	if (cert_size == 0)	{
+		// No certificate was sent. This is not OK.
+		return gnutls_assert_val(GNUTLS_E_NO_CERTIFICATE_FOUND);
+	}
+
+	DECR_LEN_FINAL(dsize, cert_size);
+
+	/* We are now going to read our certificate and store it into
+	 * the authentication info structure.
+	 */
+	tmp_cert.size = cert_size;
+	tmp_cert.data = p;
+
+	peer_certificate = gnutls_calloc(1, sizeof(*peer_certificate));
+	if (peer_certificate == NULL) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	// Import our raw certificate holding only a raw public key into this pcert
+	ret = gnutls_pcert_import_rawpk_raw(peer_certificate, &tmp_cert, GNUTLS_X509_FMT_DER, 0, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	// Check whether the PK algo is compatible with the negotiated KX
+	ret = check_pk_compat(session, peer_certificate->pubkey);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_auth_info_init(session, GNUTLS_CRD_CERTIFICATE,
+				     sizeof(cert_auth_info_st), 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	if (unlikely(!info)) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Copy our imported certificate into the auth info structure
+	 * and free our temporary cert storage peer_certificate.
+	 */
+	ret = _gnutls_pcert_to_auth_info(info, peer_certificate, 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	return GNUTLS_E_SUCCESS;
+
+cleanup:
+	if (peer_certificate != NULL) {
+		gnutls_pcert_deinit(peer_certificate);
+		gnutls_free(peer_certificate);
+	}
+
+	return ret;
+}
+
+
+int _gnutls_proc_crt(gnutls_session_t session, uint8_t * data, size_t data_size)
+{
+	gnutls_certificate_credentials_t cred;
+	gnutls_certificate_type_t cert_type;
+
+	cred =
+	    (gnutls_certificate_credentials_t) _gnutls_get_cred(session,
+								GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	/* Determine what certificate type we need to process.
+	 * We need to process the certificate of the peer. */
+	cert_type = get_certificate_type(session, GNUTLS_CTYPE_PEERS);
+
+	switch (cert_type) {
+		case GNUTLS_CRT_X509:
+			return _gnutls_proc_x509_crt(session, data, data_size);
+		case GNUTLS_CRT_RAWPK:
+			return _gnutls_proc_rawpk_crt(session, data, data_size);
+		default:
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+}
+
+/* Checks if we support the given signature algorithm
+ * (RSA or DSA). Returns the corresponding gnutls_pk_algorithm_t
+ * if true;
+ */
+inline static int _gnutls_check_supported_sign_algo(CertificateSigType algo)
+{
+	switch (algo) {
+	case RSA_SIGN:
+		return GNUTLS_PK_RSA;
+	case DSA_SIGN:
+		return GNUTLS_PK_DSA;
+	case ECDSA_SIGN:
+		return GNUTLS_PK_EC;
+#ifdef ENABLE_GOST
+	case GOSTR34102012_256_SIGN:
+		return GNUTLS_PK_GOST_12_256;
+	case GOSTR34102012_512_SIGN:
+		return GNUTLS_PK_GOST_12_512;
+#endif
+	}
+
+	return -1;
+}
+
+int
+_gnutls_proc_cert_cert_req(gnutls_session_t session, uint8_t * data,
+			   size_t data_size)
+{
+	int size, ret;
+	uint8_t *p;
+	gnutls_certificate_credentials_t cred;
+	ssize_t dsize;
+	int i;
+	gnutls_pk_algorithm_t pk_algos[MAX_CLIENT_SIGN_ALGOS];
+	int pk_algos_length;
+	const version_entry_st *ver = get_version(session);
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_CERTIFICATE,
+				   sizeof(cert_auth_info_st), 0)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	p = data;
+	dsize = data_size;
+
+	DECR_LEN(dsize, 1);
+	size = p[0];
+	p++;
+	/* check if the sign algorithm is supported.
+	 */
+	pk_algos_length = 0;
+	for (i = 0; i < size; i++, p++) {
+		DECR_LEN(dsize, 1);
+		if ((ret = _gnutls_check_supported_sign_algo(*p)) > 0) {
+			if (pk_algos_length < MAX_CLIENT_SIGN_ALGOS) {
+				pk_algos[pk_algos_length++] = ret;
+			}
+		}
+	}
+
+	if (pk_algos_length == 0) {
+		gnutls_assert();
+		return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
+	}
+
+	if (_gnutls_version_has_selectable_sighash(ver)) {
+		/* read supported hashes */
+		int hash_num;
+		DECR_LEN(dsize, 2);
+		hash_num = _gnutls_read_uint16(p);
+		p += 2;
+		DECR_LEN(dsize, hash_num);
+
+		ret = _gnutls_sign_algorithm_parse_data(session, p, hash_num);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		p += hash_num;
+	}
+
+	/* read the certificate authorities */
+	DECR_LEN(dsize, 2);
+	size = _gnutls_read_uint16(p);
+	p += 2;
+
+	DECR_LEN_FINAL(dsize, size);
+
+	/* We should reply with a certificate message,
+	 * even if we have no certificate to send.
+	 */
+	session->internals.hsk_flags |= HSK_CRT_ASKED;
+
+	/* now we ask the user to tell which one
+	 * he wants to use.
+	 */
+	if ((ret =
+	     _gnutls_select_client_cert(session, p, size, pk_algos,
+					pk_algos_length)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+int
+_gnutls_gen_cert_client_crt_vrfy(gnutls_session_t session,
+				 gnutls_buffer_st * data)
+{
+	int ret;
+	gnutls_pcert_st *apr_cert_list;
+	gnutls_privkey_t apr_pkey;
+	int apr_cert_list_length;
+	gnutls_datum_t signature = { NULL, 0 };
+	gnutls_sign_algorithm_t sign_algo;
+	const version_entry_st *ver = get_version(session);
+	unsigned init_pos = data->length;
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	/* find the appropriate certificate */
+	if ((ret =
+	     _gnutls_get_selected_cert(session, &apr_cert_list,
+				       &apr_cert_list_length, &apr_pkey)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (apr_cert_list_length > 0) {
+		if ((ret =
+		     _gnutls_handshake_sign_crt_vrfy(session,
+						     &apr_cert_list[0],
+						     apr_pkey,
+						     &signature)) < 0) {
+			gnutls_assert();
+			return ret;
+		}
+		sign_algo = ret;
+	} else {
+		return 0;
+	}
+
+	if (_gnutls_version_has_selectable_sighash(ver)) {
+		const sign_algorithm_st *aid;
+		uint8_t p[2];
+		/* error checking is not needed here since we have used those algorithms */
+		aid = _gnutls_sign_to_tls_aid(sign_algo);
+		if (aid == NULL)
+			return gnutls_assert_val(GNUTLS_E_UNKNOWN_ALGORITHM);
+
+		p[0] = aid->id[0];
+		p[1] = aid->id[1];
+		ret = _gnutls_buffer_append_data(data, p, 2);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret =
+	    _gnutls_buffer_append_data_prefix(data, 16, signature.data,
+					      signature.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = data->length - init_pos;
+
+ cleanup:
+	_gnutls_free_datum(&signature);
+	return ret;
+}
+
+int
+_gnutls_proc_cert_client_crt_vrfy(gnutls_session_t session,
+				  uint8_t * data, size_t data_size)
+{
+	int size, ret;
+	ssize_t dsize = data_size;
+	uint8_t *pdata = data;
+	gnutls_datum_t sig;
+	cert_auth_info_t info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	gnutls_pcert_st peer_cert;
+	gnutls_sign_algorithm_t sign_algo = GNUTLS_SIGN_UNKNOWN;
+	const version_entry_st *ver = get_version(session);
+	gnutls_certificate_credentials_t cred;
+	unsigned vflags;
+
+	if (unlikely(info == NULL || info->ncerts == 0 || ver == NULL)) {
+		gnutls_assert();
+		/* we need this in order to get peer's certificate */
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	vflags = cred->verify_flags | session->internals.additional_verify_flags;
+
+	if (_gnutls_version_has_selectable_sighash(ver)) {
+		DECR_LEN(dsize, 2);
+
+		sign_algo = _gnutls_tls_aid_to_sign(pdata[0], pdata[1], ver);
+		if (sign_algo == GNUTLS_SIGN_UNKNOWN) {
+			gnutls_assert();
+			return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
+		}
+		pdata += 2;
+	}
+
+	ret = _gnutls_session_sign_algo_enabled(session, sign_algo);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM);
+
+	DECR_LEN(dsize, 2);
+	size = _gnutls_read_uint16(pdata);
+	pdata += 2;
+
+	DECR_LEN_FINAL(dsize, size);
+
+	sig.data = pdata;
+	sig.size = size;
+
+	ret = _gnutls_get_auth_info_pcert(&peer_cert,
+					  session->security_parameters.
+					  client_ctype, info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if ((ret =
+	     _gnutls_handshake_verify_crt_vrfy(session, vflags, &peer_cert, &sig,
+					       sign_algo)) < 0) {
+		gnutls_assert();
+		gnutls_pcert_deinit(&peer_cert);
+		return ret;
+	}
+	gnutls_pcert_deinit(&peer_cert);
+
+	return 0;
+}
+
+int
+_gnutls_gen_cert_server_cert_req(gnutls_session_t session,
+				 gnutls_buffer_st * data)
+{
+	gnutls_certificate_credentials_t cred;
+	int ret, i;
+	uint8_t tmp_data[CERTTYPE_SIZE];
+	const version_entry_st *ver = get_version(session);
+	unsigned init_pos = data->length;
+	enum CertificateSigTypeFlags flags;
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	/* Now we need to generate the RDN sequence. This is
+	 * already in the CERTIFICATE_CRED structure, to improve
+	 * performance.
+	 */
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if (_gnutls_version_has_selectable_sighash(ver)) {
+		size_t j;
+
+		flags = 0;
+		for (j = 0; j < session->internals.priorities->sigalg.size; j++) {
+			const gnutls_sign_entry_st *se =
+				session->internals.priorities->sigalg.entry[j];
+			switch (se->pk) {
+			case GNUTLS_PK_RSA:
+			case GNUTLS_PK_RSA_PSS:
+				flags |= RSA_SIGN_FLAG;
+				break;
+			case GNUTLS_PK_DSA:
+				flags |= DSA_SIGN_FLAG;
+				break;
+			case GNUTLS_PK_ECDSA:
+				flags |= ECDSA_SIGN_FLAG;
+				break;
+#ifdef ENABLE_GOST
+			case GNUTLS_PK_GOST_12_256:
+				flags |= GOSTR34102012_256_SIGN_FLAG;
+				break;
+			case GNUTLS_PK_GOST_12_512:
+				flags |= GOSTR34102012_512_SIGN_FLAG;
+				break;
+#endif
+			default:
+				gnutls_assert();
+				_gnutls_debug_log(
+					"%s is unsupported for cert request\n",
+					gnutls_pk_get_name(se->pk));
+			}
+		}
+
+	} else {
+#ifdef ENABLE_GOST
+		if (_gnutls_kx_is_vko_gost(session->security_parameters.
+					   cs->kx_algorithm)) {
+			flags = GOSTR34102012_256_SIGN_FLAG |
+				GOSTR34102012_512_SIGN_FLAG;
+		} else
+#endif
+		{
+			flags = RSA_SIGN_FLAG | DSA_SIGN_FLAG | ECDSA_SIGN_FLAG;
+		}
+	}
+
+	i = 1;
+	if (flags & RSA_SIGN_FLAG) {
+		tmp_data[i++] = RSA_SIGN;
+	}
+	if (flags & DSA_SIGN_FLAG) {
+		tmp_data[i++] = DSA_SIGN;
+	}
+	if (flags & ECDSA_SIGN_FLAG) {
+		tmp_data[i++] = ECDSA_SIGN;
+	}
+#ifdef ENABLE_GOST
+	if (flags & GOSTR34102012_256_SIGN_FLAG) {
+		tmp_data[i++] = GOSTR34102012_256_SIGN;
+	}
+	if (flags & GOSTR34102012_512_SIGN_FLAG) {
+		tmp_data[i++] = GOSTR34102012_512_SIGN;
+	}
+#endif
+	tmp_data[0] = i - 1;
+
+	ret = _gnutls_buffer_append_data(data, tmp_data, i);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (_gnutls_version_has_selectable_sighash(ver)) {
+		ret =
+		    _gnutls_sign_algorithm_write_params(session, data);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	if (session->security_parameters.client_ctype == GNUTLS_CRT_X509 &&
+	    session->internals.ignore_rdn_sequence == 0) {
+
+		ret =
+		    _gnutls_buffer_append_data_prefix(data, 16,
+						      cred->
+						      tlist->x509_rdn_sequence.
+						      data,
+						      cred->
+						      tlist->x509_rdn_sequence.
+						      size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	} else {
+		ret = _gnutls_buffer_append_prefix(data, 16, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	return data->length - init_pos;
+}
+
+/* This function will return the appropriate certificate to use.
+ * Fills in the apr_cert_list, apr_cert_list_length and apr_pkey.
+ * The return value is a negative error code on error.
+ *
+ * It is normal to return 0 with no certificates in client side.
+ *
+ */
+int
+_gnutls_get_selected_cert(gnutls_session_t session,
+			  gnutls_pcert_st ** apr_cert_list,
+			  int *apr_cert_list_length,
+			  gnutls_privkey_t * apr_pkey)
+{
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+
+		*apr_cert_list = session->internals.selected_cert_list;
+		*apr_pkey = session->internals.selected_key;
+		*apr_cert_list_length =
+		    session->internals.selected_cert_list_length;
+
+		if (*apr_cert_list_length == 0 || *apr_cert_list == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+		}
+
+	} else {		/* CLIENT SIDE */
+		/* _gnutls_select_client_cert() must have been called before.
+		 */
+		*apr_cert_list = session->internals.selected_cert_list;
+		*apr_cert_list_length =
+		    session->internals.selected_cert_list_length;
+		*apr_pkey = session->internals.selected_key;
+
+	}
+
+	return 0;
+}
+
+
+void _gnutls_selected_certs_deinit(gnutls_session_t session)
+{
+	if (session->internals.selected_need_free != 0) {
+		int i;
+
+		for (i = 0;
+		     i < session->internals.selected_cert_list_length; i++) {
+			gnutls_pcert_deinit(&session->internals.
+					    selected_cert_list[i]);
+		}
+		gnutls_free(session->internals.selected_cert_list);
+
+		for (i = 0;
+		     i < session->internals.selected_ocsp_length; i++) {
+			_gnutls_free_datum(&session->internals.
+					   selected_ocsp[i].response);
+		}
+		gnutls_free(session->internals.selected_ocsp);
+
+		gnutls_privkey_deinit(session->internals.selected_key);
+	}
+	session->internals.selected_ocsp_func = NULL;
+
+	session->internals.selected_cert_list = NULL;
+	session->internals.selected_cert_list_length = 0;
+
+	session->internals.selected_key = NULL;
+
+	return;
+}
+
+static void
+selected_certs_set(gnutls_session_t session,
+		   gnutls_pcert_st * certs, int ncerts,
+		   gnutls_ocsp_data_st *ocsp, unsigned nocsp,
+		   gnutls_privkey_t key, int need_free,
+		   gnutls_status_request_ocsp_func ocsp_func,
+		   void *ocsp_func_ptr)
+{
+	_gnutls_selected_certs_deinit(session);
+
+	session->internals.selected_cert_list = certs;
+	session->internals.selected_cert_list_length = ncerts;
+
+	session->internals.selected_ocsp = ocsp;
+	session->internals.selected_ocsp_length = nocsp;
+
+	session->internals.selected_key = key;
+	session->internals.selected_need_free = need_free;
+
+	session->internals.selected_ocsp_func = ocsp_func;
+	session->internals.selected_ocsp_func_ptr = ocsp_func_ptr;
+}
+
+static void get_server_name(gnutls_session_t session, uint8_t * name,
+			    size_t max_name_size)
+{
+	int ret, i;
+	size_t max_name;
+	unsigned int type;
+
+	ret = 0;
+	for (i = 0; !(ret < 0); i++) {
+		max_name = max_name_size;
+		ret =
+		    gnutls_server_name_get(session, name, &max_name, &type, i);
+		if (ret >= 0 && type == GNUTLS_NAME_DNS)
+			return;
+	}
+
+	name[0] = 0;
+
+	return;
+}
+
+/* Checks the compatibility of the pubkey in the certificate with the
+ * ciphersuite and selects a signature algorithm (if required by the
+ * ciphersuite and TLS version) appropriate for the certificate. If none
+ * can be selected returns an error.
+ *
+ * IMPORTANT
+ * Currently this function is only called from _gnutls_select_server_cert,
+ * i.e. it is only called at the server. We therefore retrieve the
+ * negotiated server certificate type within this function.
+ * If, in the future, this routine is called at the client then we
+ * need to adapt the implementation accordingly.
+ */
+static
+int cert_select_sign_algorithm(gnutls_session_t session,
+			       gnutls_pcert_st * cert,
+			       gnutls_privkey_t pkey,
+			       const gnutls_cipher_suite_entry_st *cs)
+{
+	gnutls_pubkey_t pubkey = cert->pubkey;
+	gnutls_certificate_type_t cert_type = cert->type;
+	unsigned pk = pubkey->params.algo;
+	unsigned key_usage;
+	gnutls_sign_algorithm_t algo;
+	const version_entry_st *ver = get_version(session);
+	gnutls_certificate_type_t ctype;
+
+	assert(IS_SERVER(session));
+
+	/* Retrieve the server certificate type */
+	ctype = get_certificate_type(session, GNUTLS_CTYPE_SERVER);
+
+	if (ctype != cert_type) {
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+	}
+
+	key_usage = get_key_usage(session, pubkey);
+
+	/* In TLS1.3 we support only signatures; ensure the selected key supports them */
+	if (ver->tls13_sem && _gnutls_check_key_usage_for_sig(session, key_usage, 1) < 0)
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+
+	if (!ver->tls13_sem && !_gnutls_kx_supports_pk_usage(cs->kx_algorithm, pk, key_usage)) {
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+	}
+
+	if (!ver->tls13_sem && _gnutls_kx_encipher_type(cs->kx_algorithm) != CIPHER_SIGN)
+		return 0;
+
+	if (!_gnutls_version_has_selectable_sighash(ver)) {
+		/* For SSL3.0 and TLS1.0 we lie as we cannot express md5-sha1 as
+		 * signature algorithm. */
+		algo = gnutls_pk_to_sign(cert->pubkey->params.algo, GNUTLS_DIG_SHA1);
+		gnutls_sign_algorithm_set_server(session, algo);
+		return 0;
+	}
+
+	algo = _gnutls_session_get_sign_algo(session, cert, pkey, 0, cs->kx_algorithm);
+	if (algo == GNUTLS_SIGN_UNKNOWN)
+		return gnutls_assert_val(GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY);
+
+	gnutls_sign_algorithm_set_server(session, algo);
+	_gnutls_handshake_log("Selected signature algorithm: %s\n", gnutls_sign_algorithm_get_name(algo));
+
+	return 0;
+}
+
+/* finds the most appropriate certificate in the cert list.
+ * The 'appropriate' is defined by the user.
+ *
+ * requested_algo holds the parameters required by the peer (RSA, DSA
+ * or -1 for any).
+ *
+ * Returns 0 on success and a negative error code on error. The
+ * selected certificate will be in session->internals.selected_*.
+ *
+ */
+int
+_gnutls_select_server_cert(gnutls_session_t session, const gnutls_cipher_suite_entry_st *cs)
+{
+	unsigned i, j;
+	int idx, ret;
+	gnutls_certificate_credentials_t cred;
+	char server_name[MAX_CN];
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert(); /* we don't need to select a cert */
+		return 0;
+	}
+
+	/* When a callback is set, we call it once to get the
+	 * certificate and then check its compatibility with
+	 * the ciphersuites.
+	 */
+	if (cred->get_cert_callback3) {
+		if (session->internals.selected_cert_list_length == 0) {
+			ret = call_get_cert_callback(session, NULL, 0, NULL, 0);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			if (session->internals.selected_cert_list_length == 0)
+				return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+
+			_gnutls_debug_log("Selected (%s) cert\n",
+					  gnutls_pk_get_name(session->internals.selected_cert_list[0].pubkey->params.algo));
+		}
+
+		ret = cert_select_sign_algorithm(session,
+						 &session->internals.selected_cert_list[0],
+						 session->internals.selected_key,
+						 cs);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		return 0;
+	}
+
+	/* Otherwise... we check the compatibility of the ciphersuite
+	 * with all the certificates available. */
+
+	get_server_name(session, (unsigned char *)server_name,
+			sizeof(server_name));
+
+	_gnutls_handshake_log ("HSK[%p]: Requested server name: '%s'\n",
+				     session, server_name);
+	idx = -1;		/* default is use no certificate */
+
+	/* find certificates that match the requested server_name
+	 */
+
+	if (server_name[0] != 0) {
+		for (j = 0; j < cred->ncerts; j++) {
+			i = cred->sorted_cert_idx[j];
+
+			if (cred->certs[i].names != NULL
+			    && _gnutls_str_array_match(cred->certs[i].names,
+						       server_name) != 0) {
+				/* if requested algorithms are also compatible select it */
+
+				ret = cert_select_sign_algorithm(session,
+								 &cred->certs[i].cert_list[0],
+								 cred->certs[i].pkey,
+								 cs);
+				if (ret >= 0) {
+					idx = i;
+					_gnutls_debug_log("Selected (%s) cert based on ciphersuite %x.%x: %s\n",
+						  gnutls_pk_get_name(cred->certs[i].cert_list[0].pubkey->params.algo),
+						  (unsigned)cs->id[0],
+						  (unsigned)cs->id[1],
+						  cs->name);
+					/* found */
+					goto finished;
+				}
+			}
+		}
+	}
+
+	/* no name match */
+	for (j = 0; j < cred->ncerts; j++) {
+		i = cred->sorted_cert_idx[j];
+
+		_gnutls_handshake_log
+		    ("HSK[%p]: checking compat of %s with certificate[%d] (%s/%s)\n",
+		     session, cs->name, i,
+		     gnutls_pk_get_name(cred->certs[i].cert_list[0].pubkey->
+					params.algo),
+		     gnutls_certificate_type_get_name(cred->certs[i].
+						      cert_list[0].type));
+
+		ret = cert_select_sign_algorithm(session,
+						 &cred->certs[i].cert_list[0],
+						 cred->certs[i].pkey,
+						 cs);
+		if (ret >= 0) {
+			idx = i;
+			_gnutls_debug_log("Selected (%s) cert based on ciphersuite %x.%x: %s\n",
+					  gnutls_pk_get_name(cred->certs[i].cert_list[0].pubkey->params.algo),
+					  (unsigned)cs->id[0],
+					  (unsigned)cs->id[1],
+					  cs->name);
+			/* found */
+			goto finished;
+		}
+	}
+
+	/* store the certificate pointer for future use, in the handshake.
+	 * (This will allow not calling this callback again.)
+	 */
+ finished:
+	if (idx >= 0) {
+		gnutls_status_request_ocsp_func ocsp_func = NULL;
+		void *ocsp_ptr = NULL;
+		gnutls_ocsp_data_st *ocsp = NULL;
+		unsigned nocsp = 0;
+
+		if (cred->certs[idx].ocsp_data_length > 0) {
+			ocsp = &cred->certs[idx].ocsp_data[0];
+			nocsp = cred->certs[idx].ocsp_data_length;
+		} else if (cred->glob_ocsp_func != NULL) {
+			ocsp_func = cred->glob_ocsp_func;
+			ocsp_ptr = cred->glob_ocsp_func_ptr;
+		} else if (cred->certs[idx].ocsp_func != NULL) {
+			ocsp_func = cred->certs[idx].ocsp_func;
+			ocsp_ptr = cred->certs[idx].ocsp_func_ptr;
+		}
+
+		selected_certs_set(session,
+				   &cred->certs[idx].cert_list[0],
+				   cred->certs[idx].cert_list_length,
+				   ocsp, nocsp,
+				   cred->certs[idx].pkey, 0,
+				   ocsp_func,
+				   ocsp_ptr);
+	} else {
+		/* Certificate does not support REQUESTED_ALGO.  */
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+	}
+
+	return 0;
+}
+
+int _gnutls_gen_dhe_signature(gnutls_session_t session,
+			      gnutls_buffer_st * data, uint8_t * plain,
+			      unsigned plain_size)
+{
+	gnutls_pcert_st *apr_cert_list;
+	gnutls_privkey_t apr_pkey;
+	int apr_cert_list_length;
+	gnutls_datum_t signature = { NULL, 0 }, ddata;
+	gnutls_sign_algorithm_t sign_algo;
+	const version_entry_st *ver = get_version(session);
+	int ret;
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	ddata.data = plain;
+	ddata.size = plain_size;
+
+	/* find the appropriate certificate */
+	if ((ret =
+	     _gnutls_get_selected_cert(session, &apr_cert_list,
+				       &apr_cert_list_length, &apr_pkey)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (apr_cert_list_length > 0) {
+		if ((ret =
+		     _gnutls_handshake_sign_data(session,
+						 &apr_cert_list[0],
+						 apr_pkey, &ddata,
+						 &signature, &sign_algo)) < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	} else {
+		gnutls_assert();
+		ret = 0;	/* ANON-DH, do not put a signature - ILLEGAL! */
+		goto cleanup;
+	}
+
+	if (_gnutls_version_has_selectable_sighash(ver)) {
+		const sign_algorithm_st *aid;
+		uint8_t p[2];
+
+		if (sign_algo == GNUTLS_SIGN_UNKNOWN) {
+			ret = GNUTLS_E_UNKNOWN_ALGORITHM;
+			goto cleanup;
+		}
+
+		aid = _gnutls_sign_to_tls_aid(sign_algo);
+		if (aid == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_UNKNOWN_ALGORITHM;
+			goto cleanup;
+		}
+
+		p[0] = aid->id[0];
+		p[1] = aid->id[1];
+
+		ret = _gnutls_buffer_append_data(data, p, 2);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret =
+	    _gnutls_buffer_append_data_prefix(data, 16, signature.data,
+					      signature.size);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+	ret = 0;
+
+ cleanup:
+	_gnutls_free_datum(&signature);
+	return ret;
+}
+
+int
+_gnutls_proc_dhe_signature(gnutls_session_t session, uint8_t * data,
+			   size_t _data_size, gnutls_datum_t * vparams)
+{
+	int sigsize;
+	gnutls_datum_t signature;
+	int ret;
+	cert_auth_info_t info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	ssize_t data_size = _data_size;
+	gnutls_pcert_st peer_cert;
+	gnutls_sign_algorithm_t sign_algo = GNUTLS_SIGN_UNKNOWN;
+	const version_entry_st *ver = get_version(session);
+	gnutls_certificate_credentials_t cred;
+	unsigned vflags;
+	gnutls_certificate_type_t cert_type;
+
+	if (unlikely(info == NULL || info->ncerts == 0 || ver == NULL)) {
+		gnutls_assert();
+		/* we need this in order to get peer's certificate */
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	vflags = cred->verify_flags | session->internals.additional_verify_flags;
+
+	/* VERIFY SIGNATURE */
+	if (_gnutls_version_has_selectable_sighash(ver)) {
+		uint8_t id[2];
+
+		DECR_LEN(data_size, 1);
+		id[0] = *data++;
+		DECR_LEN(data_size, 1);
+		id[1] = *data++;
+
+		sign_algo = _gnutls_tls_aid_to_sign(id[0], id[1], ver);
+		if (sign_algo == GNUTLS_SIGN_UNKNOWN) {
+			_gnutls_debug_log("unknown signature %d.%d\n",
+					  (int)id[0], (int)id[1]);
+			gnutls_assert();
+			return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
+		}
+	}
+	DECR_LEN(data_size, 2);
+	sigsize = _gnutls_read_uint16(data);
+	data += 2;
+
+	DECR_LEN_FINAL(data_size, sigsize);
+	signature.data = data;
+	signature.size = sigsize;
+
+	// Retrieve the negotiated certificate type
+	cert_type = get_certificate_type(session, GNUTLS_CTYPE_SERVER);
+
+	if ((ret =
+	     _gnutls_get_auth_info_pcert(&peer_cert, cert_type, info)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_handshake_verify_data(session, vflags, &peer_cert, vparams,
+					  &signature, sign_algo);
+
+	gnutls_pcert_deinit(&peer_cert);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
diff --git a/lib/auth/cert.h b/lib/auth/cert.h
new file mode 100644
index 0000000..29b7220
--- /dev/null
+++ b/lib/auth/cert.h
@@ -0,0 +1,189 @@
+/*
+ * Copyright (C) 2002-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2016-2019 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_AUTH_CERT_H
+#define GNUTLS_LIB_AUTH_CERT_H
+
+#include "auth.h"
+#include <auth/dh_common.h>
+#include <x509/x509_int.h>
+#include <gnutls/abstract.h>
+#include <gnutls/compat.h>
+#include <str_array.h>
+#include "abstract_int.h"
+
+#define MAX_OCSP_RESPONSES 8
+
+/* We use the structure below to hold a certificate chain
+ * with corresponding public/private key pair. This structure will
+ * also be used when raw public keys are used. The cert_list will
+ * then not hold the cert chain but only a raw public-key. In that case
+ * the list length is always 1.
+ */
+typedef struct {
+	gnutls_pcert_st *cert_list;	/* a certificate chain */
+	unsigned int cert_list_length;	/* its length */
+	gnutls_str_array_t names;	/* the names in the first certificate */
+
+	gnutls_status_request_ocsp_func ocsp_func;
+	void *ocsp_func_ptr; /* corresponding OCSP response function + ptr */
+
+	gnutls_ocsp_data_st ocsp_data[MAX_OCSP_RESPONSES];
+	unsigned int ocsp_data_length;
+
+	/* the private key corresponding to certificate */
+	gnutls_privkey_t pkey;
+} certs_st;
+
+/* This structure may be complex, but it's the only way to
+ * support a server that has multiple certificates
+ */
+typedef struct gnutls_certificate_credentials_st {
+	gnutls_dh_params_t dh_params;
+	unsigned deinit_dh_params; /* if the internal values are set */
+	gnutls_sec_param_t dh_sec_param; /* used in RFC7919 negotiation */
+
+	/* this callback is used to retrieve the DH or RSA
+	 * parameters.
+	 */
+	gnutls_params_function *params_func;
+
+	certs_st *certs;
+	unsigned ncerts;	/* the number of certs */
+
+	/* contains sorted index values for certs. Sorted in a way
+	 * that RSA-PSS keys always take precedence over plain RSA keys
+	 * to ensure that we use only RSA-PSS keys if present for RSA-PSS
+	 * operations. We keep indexes to certs structures above.
+	 */
+	unsigned int *sorted_cert_idx;
+
+	/* X509 specific stuff */
+	gnutls_x509_trust_list_t tlist;
+	unsigned flags; /* gnutls_certificate_flags */
+	unsigned int verify_flags;	/* flags to be used at
+					 * certificate verification.
+					 */
+	unsigned int verify_depth;
+	unsigned int verify_bits;
+
+	/* It's a mess here. However we need to keep the old 3 functions
+	 * for compatibility */
+	gnutls_certificate_retrieve_function *legacy_cert_cb1; /* deprecated */
+	gnutls_certificate_retrieve_function2 *legacy_cert_cb2;
+	gnutls_certificate_retrieve_function3 *get_cert_callback3;
+
+	gnutls_certificate_verify_function *verify_callback;
+
+	struct pin_info_st pin;
+	/* temporarily hold the PIN if set_key_file2() is used with a PIN */
+	char pin_tmp[GNUTLS_PKCS11_MAX_PIN_LEN];
+
+	/* OCSP */
+	gnutls_status_request_ocsp_func glob_ocsp_func;
+	void *glob_ocsp_func_ptr; /* corresponding OCSP response function */
+
+	/* This is only used by server to indicate whether this
+	 * credentials can be used for signing in TLS 1.3. */
+	bool tls13_ok;
+} certificate_credentials_st;
+
+/* This is the information we keep for the peer
+ * certificate.
+ */
+typedef struct cert_auth_info_st {
+	/* These (dh/rsa) are just copies from the credentials_t structure.
+	 * They must be freed.
+	 */
+	dh_info_st dh;
+
+	/* we store the peer's OCSP responses received during
+	 * this session. */
+	gnutls_datum_t *raw_ocsp_list;
+	unsigned int nocsp;
+
+	/* we store the peer's certificates received during
+	 * this ession */
+	gnutls_datum_t *raw_certificate_list;
+	unsigned int ncerts;
+
+	gnutls_certificate_type_t cert_type;
+} *cert_auth_info_t;
+
+typedef struct cert_auth_info_st cert_auth_info_st;
+
+/* AUTH X509 functions */
+int _gnutls_gen_cert_server_crt(gnutls_session_t, gnutls_buffer_st *);
+int _gnutls_gen_cert_client_crt(gnutls_session_t, gnutls_buffer_st *);
+int _gnutls_gen_cert_client_crt_vrfy(gnutls_session_t, gnutls_buffer_st *);
+int _gnutls_gen_cert_server_cert_req(gnutls_session_t, gnutls_buffer_st *);
+int _gnutls_proc_cert_cert_req(gnutls_session_t, uint8_t *, size_t);
+int _gnutls_proc_cert_client_crt_vrfy(gnutls_session_t, uint8_t *, size_t);
+int _gnutls_proc_crt(gnutls_session_t, uint8_t *, size_t);
+int _gnutls_get_selected_cert(gnutls_session_t session,
+			      gnutls_pcert_st ** apr_cert_list,
+			      int *apr_cert_list_length,
+			      gnutls_privkey_t * apr_pkey);
+
+int
+_gnutls_select_client_cert(gnutls_session_t session,
+			   const uint8_t * _data, size_t _data_size,
+			   gnutls_pk_algorithm_t * pk_algos, int pk_algos_length);
+
+int _gnutls_pcert_to_auth_info(cert_auth_info_t info, gnutls_pcert_st * certs, size_t ncerts);
+
+int
+_gnutls_select_server_cert(gnutls_session_t session, const gnutls_cipher_suite_entry_st *cs);
+void _gnutls_selected_certs_deinit(gnutls_session_t session);
+
+int _gnutls_get_auth_info_pcert(gnutls_pcert_st * gcert,
+				gnutls_certificate_type_t type,
+				cert_auth_info_t info);
+
+int _gnutls_selected_cert_supported_kx(struct gnutls_session_int *session,
+				       gnutls_kx_algorithm_t * alg,
+				       int *alg_size);
+
+int _gnutls_check_key_cert_match(gnutls_certificate_credentials_t res);
+
+int _gnutls_gen_dhe_signature(gnutls_session_t session,
+			      gnutls_buffer_st * data, uint8_t * plain,
+			      unsigned plain_size);
+int _gnutls_proc_dhe_signature(gnutls_session_t session, uint8_t * data,
+			       size_t _data_size,
+			       gnutls_datum_t * vparams);
+
+int _gnutls_gen_rawpk_crt(gnutls_session_t session, gnutls_buffer_st* data);
+int _gnutls_proc_rawpk_crt(gnutls_session_t session,
+				uint8_t * data, size_t data_size);
+
+inline static unsigned get_key_usage(gnutls_session_t session, gnutls_pubkey_t pubkey)
+{
+	if (unlikely(session->internals.priorities &&
+	    session->internals.priorities->allow_server_key_usage_violation))
+		return 0;
+	else
+		return pubkey->key_usage;
+}
+
+#endif /* GNUTLS_LIB_AUTH_CERT_H */
diff --git a/lib/auth/dh_common.c b/lib/auth/dh_common.c
new file mode 100644
index 0000000..fcd696d
--- /dev/null
+++ b/lib/auth/dh_common.c
@@ -0,0 +1,379 @@
+/*
+ * Copyright (C) 2002-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains common stuff in Ephemeral Diffie-Hellman (DHE)
+ * and Anonymous DH key exchange(DHA). These are used in the handshake
+ * procedure of the certificate and anonymous authentication.
+ */
+
+#include "gnutls_int.h"
+#include "auth.h"
+#include "errors.h"
+#include "dh.h"
+#include "num.h"
+#include "tls-sig.h"
+#include <datum.h>
+#include <x509.h>
+#include <state.h>
+#include <pk.h>
+#include <auth/dh_common.h>
+#include <algorithms.h>
+#include <auth/psk.h>
+
+#if defined(ENABLE_DHE) || defined(ENABLE_ANON)
+
+/* Frees the dh_info_st structure.
+ */
+void _gnutls_free_dh_info(dh_info_st * dh)
+{
+	dh->secret_bits = 0;
+	_gnutls_free_datum(&dh->prime);
+	_gnutls_free_datum(&dh->generator);
+	_gnutls_free_datum(&dh->public_key);
+}
+
+int
+_gnutls_proc_dh_common_client_kx(gnutls_session_t session,
+				 uint8_t * data, size_t _data_size,
+				 gnutls_datum_t * psk_key)
+{
+	uint16_t n_Y;
+	size_t _n_Y;
+	int ret;
+	ssize_t data_size = _data_size;
+	gnutls_datum_t tmp_dh_key = {NULL, 0};
+	gnutls_pk_params_st peer_pub;
+	
+	gnutls_pk_params_init(&peer_pub);
+
+	DECR_LEN(data_size, 2);
+	n_Y = _gnutls_read_uint16(&data[0]);
+	_n_Y = n_Y;
+
+	DECR_LEN(data_size, n_Y);
+
+	if (data_size != 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	if (_gnutls_mpi_init_scan_nz(&session->key.proto.tls12.dh.client_Y, &data[2], _n_Y)) {
+		gnutls_assert();
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; /* most likely zero or illegal size */
+	}
+
+	_gnutls_dh_set_peer_public(session, session->key.proto.tls12.dh.client_Y);
+
+	peer_pub.params[DH_Y] = session->key.proto.tls12.dh.client_Y;
+
+	/* calculate the key after calculating the message */
+	ret = _gnutls_pk_derive(GNUTLS_PK_DH, &tmp_dh_key, &session->key.proto.tls12.dh.params, &peer_pub);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if (psk_key == NULL) {
+		session->key.key.data = tmp_dh_key.data;
+		session->key.key.size = tmp_dh_key.size;
+	} else {		/* In DHE_PSK the key is set differently */
+		ret =
+		    _gnutls_set_psk_session_key(session, psk_key,
+						&tmp_dh_key);
+		_gnutls_free_temp_key_datum(&tmp_dh_key);
+	}
+	
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = 0;
+ error:
+	_gnutls_mpi_release(&session->key.proto.tls12.dh.client_Y);
+	gnutls_pk_params_clear(&session->key.proto.tls12.dh.params);
+
+	return ret;
+}
+
+int _gnutls_gen_dh_common_client_kx(gnutls_session_t session,
+				    gnutls_buffer_st * data)
+{
+	return _gnutls_gen_dh_common_client_kx_int(session, data, NULL);
+}
+
+int
+_gnutls_gen_dh_common_client_kx_int(gnutls_session_t session,
+				    gnutls_buffer_st * data,
+				    gnutls_datum_t * pskkey)
+{
+	int ret;
+	gnutls_pk_params_st peer_pub;
+	gnutls_datum_t tmp_dh_key = {NULL, 0};
+	unsigned init_pos = data->length;
+	
+	gnutls_pk_params_init(&peer_pub);
+
+	ret =
+	    _gnutls_pk_generate_keys(GNUTLS_PK_DH, 0,
+				     &session->key.proto.tls12.dh.params, 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_dh_set_secret_bits(session, _gnutls_mpi_get_nbits(session->key.proto.tls12.dh.params.params[DH_X]));
+
+	ret = _gnutls_buffer_append_mpi(data, 16, session->key.proto.tls12.dh.params.params[DH_Y], 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	
+	peer_pub.params[DH_Y] = session->key.proto.tls12.dh.client_Y;
+
+	/* calculate the key after calculating the message */
+	ret = _gnutls_pk_derive(GNUTLS_PK_DH, &tmp_dh_key, &session->key.proto.tls12.dh.params, &peer_pub);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if (session->security_parameters.cs->kx_algorithm != GNUTLS_KX_DHE_PSK) {
+		session->key.key.data = tmp_dh_key.data;
+		session->key.key.size = tmp_dh_key.size;
+	} else {		/* In DHE_PSK the key is set differently */
+		ret =
+		    _gnutls_set_psk_session_key(session, pskkey,
+						&tmp_dh_key);
+		_gnutls_free_temp_key_datum(&tmp_dh_key);
+	}
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = data->length - init_pos;
+
+ error:
+	gnutls_pk_params_clear(&session->key.proto.tls12.dh.params);
+	return ret;
+}
+
+/* Returns the bytes parsed */
+int
+_gnutls_proc_dh_common_server_kx(gnutls_session_t session,
+				 uint8_t * data, size_t _data_size)
+{
+	uint16_t n_Y, n_g, n_p;
+	size_t _n_Y, _n_g, _n_p, _n_q;
+	uint8_t *data_p;
+	uint8_t *data_g;
+	uint8_t *data_Y;
+	uint8_t *data_q = NULL;
+	int i, bits, ret, p_bits;
+	unsigned j;
+	ssize_t data_size = _data_size;
+
+	/* just in case we are resuming a session */
+	gnutls_pk_params_release(&session->key.proto.tls12.dh.params);
+
+	gnutls_pk_params_init(&session->key.proto.tls12.dh.params);
+
+	i = 0;
+
+	DECR_LEN(data_size, 2);
+	n_p = _gnutls_read_uint16(&data[i]);
+	i += 2;
+
+	DECR_LEN(data_size, n_p);
+	data_p = &data[i];
+	i += n_p;
+
+	DECR_LEN(data_size, 2);
+	n_g = _gnutls_read_uint16(&data[i]);
+	i += 2;
+
+	DECR_LEN(data_size, n_g);
+	data_g = &data[i];
+	i += n_g;
+
+	DECR_LEN(data_size, 2);
+	n_Y = _gnutls_read_uint16(&data[i]);
+	i += 2;
+
+	DECR_LEN(data_size, n_Y);
+	data_Y = &data[i];
+
+	_n_Y = n_Y;
+	_n_g = n_g;
+	_n_p = n_p;
+
+	if (_gnutls_mpi_init_scan_nz(&session->key.proto.tls12.dh.client_Y, data_Y, _n_Y) != 0) {
+		gnutls_assert();
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+
+	/* if we are doing RFC7919 */
+	if (session->internals.priorities->groups.have_ffdhe != 0) {
+		/* verify whether the received parameters match the advertised, otherwise
+		 * log that. */
+		for (j=0;j<session->internals.priorities->groups.size;j++) {
+			if (session->internals.priorities->groups.entry[j]->generator &&
+			    session->internals.priorities->groups.entry[j]->generator->size == n_g &&
+			    session->internals.priorities->groups.entry[j]->prime->size == n_p &&
+			    memcmp(session->internals.priorities->groups.entry[j]->generator->data,
+				   data_g, n_g) == 0 &&
+			    memcmp(session->internals.priorities->groups.entry[j]->prime->data,
+				   data_p, n_p) == 0) {
+
+				session->internals.hsk_flags |= HSK_USED_FFDHE;
+				_gnutls_session_group_set(session, session->internals.priorities->groups.entry[j]);
+				session->key.proto.tls12.dh.params.qbits = *session->internals.priorities->groups.entry[j]->q_bits;
+				data_q = session->internals.priorities->groups.entry[j]->q->data;
+				_n_q = session->internals.priorities->groups.entry[j]->q->size;
+				break;
+			}
+		}
+
+		if (!(session->internals.hsk_flags & HSK_USED_FFDHE)) {
+			_gnutls_audit_log(session, "FFDHE groups advertised, but server didn't support it; falling back to server's choice\n");
+		}
+	}
+
+#ifdef ENABLE_FIPS140
+	if (gnutls_fips140_mode_enabled() &&
+	    !_gnutls_dh_prime_match_fips_approved(data_p, n_p, data_g, n_g, NULL, NULL)) {
+		gnutls_assert();
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+#endif
+
+	if (_gnutls_mpi_init_scan_nz(&session->key.proto.tls12.dh.params.params[DH_G], data_g, _n_g) != 0) {
+		gnutls_assert();
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+
+	if (_gnutls_mpi_init_scan_nz(&session->key.proto.tls12.dh.params.params[DH_P], data_p, _n_p) != 0) {
+		gnutls_assert();
+		/* we release now because session->key.proto.tls12.dh.params.params_nr is not yet set */
+		_gnutls_mpi_release(&session->key.proto.tls12.dh.params.params[DH_G]);
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+	if (data_q && _gnutls_mpi_init_scan_nz(
+			    &session->key.proto.tls12.dh.params.params[DH_Q],
+			    data_q, _n_q) != 0) {
+		/* we release now because params_nr is not yet set */
+		_gnutls_mpi_release(
+			&session->key.proto.tls12.dh.params.params[DH_P]);
+		_gnutls_mpi_release(
+			&session->key.proto.tls12.dh.params.params[DH_G]);
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+
+	/* include, possibly empty, q */
+	session->key.proto.tls12.dh.params.params_nr = 3;
+	session->key.proto.tls12.dh.params.algo = GNUTLS_PK_DH;
+
+	if (!(session->internals.hsk_flags & HSK_USED_FFDHE)) {
+		bits = _gnutls_dh_get_min_prime_bits(session);
+		if (bits < 0) {
+			gnutls_assert();
+			return bits;
+		}
+
+		p_bits = _gnutls_mpi_get_nbits(session->key.proto.tls12.dh.params.params[DH_P]);
+		if (p_bits < bits) {
+			/* the prime used by the peer is not acceptable
+			 */
+			gnutls_assert();
+			_gnutls_debug_log
+			    ("Received a prime of %u bits, limit is %u\n",
+			     (unsigned) _gnutls_mpi_get_nbits(session->key.proto.tls12.dh.params.params[DH_P]),
+			     (unsigned) bits);
+			return GNUTLS_E_DH_PRIME_UNACCEPTABLE;
+		}
+
+		if (p_bits >= DEFAULT_MAX_VERIFY_BITS) {
+			gnutls_assert();
+			_gnutls_debug_log
+			    ("Received a prime of %u bits, limit is %u\n",
+			     (unsigned) p_bits,
+			     (unsigned) DEFAULT_MAX_VERIFY_BITS);
+			return GNUTLS_E_DH_PRIME_UNACCEPTABLE;
+		}
+	}
+
+	_gnutls_dh_save_group(session, session->key.proto.tls12.dh.params.params[DH_G],
+			     session->key.proto.tls12.dh.params.params[DH_P]);
+	_gnutls_dh_set_peer_public(session, session->key.proto.tls12.dh.client_Y);
+
+	ret = n_Y + n_p + n_g + 6;
+
+	return ret;
+}
+
+int
+_gnutls_dh_common_print_server_kx(gnutls_session_t session,
+				  gnutls_buffer_st * data)
+{
+	int ret;
+	unsigned q_bits = session->key.proto.tls12.dh.params.qbits;
+	unsigned init_pos = data->length;
+
+	if (q_bits < 192 && q_bits != 0) {
+		gnutls_assert();
+		_gnutls_debug_log("too small q_bits value for DH: %u\n", q_bits);
+		q_bits = 0; /* auto-detect */
+	}
+
+	/* Y=g^x mod p */
+	ret =
+	    _gnutls_pk_generate_keys(GNUTLS_PK_DH, q_bits,
+				     &session->key.proto.tls12.dh.params, 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_dh_set_secret_bits(session, _gnutls_mpi_get_nbits(session->key.proto.tls12.dh.params.params[DH_X]));
+
+	ret = _gnutls_buffer_append_mpi(data, 16, session->key.proto.tls12.dh.params.params[DH_P], 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_buffer_append_mpi(data, 16, session->key.proto.tls12.dh.params.params[DH_G], 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_buffer_append_mpi(data, 16, session->key.proto.tls12.dh.params.params[DH_Y], 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = data->length - init_pos;
+
+cleanup:
+	return ret;
+}
+
+#endif
diff --git a/lib/auth/dh_common.h b/lib/auth/dh_common.h
new file mode 100644
index 0000000..7584f89
--- /dev/null
+++ b/lib/auth/dh_common.h
@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2002-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_AUTH_DH_COMMON_H
+#define GNUTLS_LIB_AUTH_DH_COMMON_H
+
+#include <auth.h>
+
+typedef struct {
+	int secret_bits;
+
+	gnutls_datum_t prime;
+	gnutls_datum_t generator;
+	gnutls_datum_t public_key;
+} dh_info_st;
+
+void _gnutls_free_dh_info(dh_info_st * dh);
+
+int _gnutls_gen_dh_common_client_kx_int(gnutls_session_t,
+					gnutls_buffer_st *,
+					gnutls_datum_t * pskkey);
+int _gnutls_gen_dh_common_client_kx(gnutls_session_t, gnutls_buffer_st *);
+int _gnutls_proc_dh_common_client_kx(gnutls_session_t session,
+				     uint8_t * data, size_t _data_size,
+				     gnutls_datum_t * psk_key);
+int _gnutls_dh_common_print_server_kx(gnutls_session_t, 
+				      gnutls_buffer_st * data);
+int _gnutls_proc_dh_common_server_kx(gnutls_session_t session,
+				     uint8_t * data, size_t _data_size);
+
+#endif /* GNUTLS_LIB_AUTH_DH_COMMON_H */
diff --git a/lib/auth/dhe.c b/lib/auth/dhe.c
new file mode 100644
index 0000000..1d16cde
--- /dev/null
+++ b/lib/auth/dhe.c
@@ -0,0 +1,152 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains everything for the Ephemeral Diffie-Hellman
+ * (DHE) key exchange.  This is used in the handshake procedure of the
+ * certificate authentication.
+ */
+
+#include "gnutls_int.h"
+#include "auth.h"
+#include "errors.h"
+#include "dh.h"
+#include "num.h"
+#include "tls-sig.h"
+#include <datum.h>
+#include <algorithms.h>
+#include <auth/cert.h>
+#include <x509.h>
+#include <state.h>
+#include <auth/dh_common.h>
+#include <auth/ecdhe.h>
+
+static int gen_dhe_server_kx(gnutls_session_t, gnutls_buffer_st *);
+static int proc_dhe_server_kx(gnutls_session_t, uint8_t *, size_t);
+static int proc_dhe_client_kx(gnutls_session_t, uint8_t *, size_t);
+
+#ifdef ENABLE_DHE
+
+const mod_auth_st dhe_rsa_auth_struct = {
+	"DHE_RSA",
+	_gnutls_gen_cert_server_crt,
+	_gnutls_gen_cert_client_crt,
+	gen_dhe_server_kx,
+	_gnutls_gen_dh_common_client_kx,
+	_gnutls_gen_cert_client_crt_vrfy,	/* gen client cert vrfy */
+	_gnutls_gen_cert_server_cert_req,	/* server cert request */
+
+	_gnutls_proc_crt,
+	_gnutls_proc_crt,
+	proc_dhe_server_kx,
+	proc_dhe_client_kx,
+	_gnutls_proc_cert_client_crt_vrfy,	/* proc client cert vrfy */
+	_gnutls_proc_cert_cert_req	/* proc server cert request */
+};
+
+const mod_auth_st dhe_dss_auth_struct = {
+	"DHE_DSS",
+	_gnutls_gen_cert_server_crt,
+	_gnutls_gen_cert_client_crt,
+	gen_dhe_server_kx,
+	_gnutls_gen_dh_common_client_kx,
+	_gnutls_gen_cert_client_crt_vrfy,	/* gen client cert vrfy */
+	_gnutls_gen_cert_server_cert_req,	/* server cert request */
+
+	_gnutls_proc_crt,
+	_gnutls_proc_crt,
+	proc_dhe_server_kx,
+	proc_dhe_client_kx,
+	_gnutls_proc_cert_client_crt_vrfy,	/* proc client cert vrfy */
+	_gnutls_proc_cert_cert_req	/* proc server cert request */
+};
+
+#endif
+
+static int
+gen_dhe_server_kx(gnutls_session_t session, gnutls_buffer_st * data)
+{
+	int ret = 0;
+	gnutls_certificate_credentials_t cred;
+	unsigned sig_pos;
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if ((ret = _gnutls_auth_info_init(session, GNUTLS_CRD_CERTIFICATE,
+					 sizeof(cert_auth_info_st),
+					 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_figure_dh_params(session, cred->dh_params, cred->params_func, cred->dh_sec_param);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	sig_pos = data->length;
+
+	ret =
+	    _gnutls_dh_common_print_server_kx(session, data);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* Generate the signature. */
+	return _gnutls_gen_dhe_signature(session, data, &data->data[sig_pos],
+					 data->length-sig_pos);
+}
+
+
+static int
+proc_dhe_server_kx(gnutls_session_t session, uint8_t * data,
+		   size_t _data_size)
+{
+	gnutls_datum_t vdata;
+	int ret;
+
+	ret = _gnutls_proc_dh_common_server_kx(session, data, _data_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	vdata.data = data;
+	vdata.size = ret;
+
+	return _gnutls_proc_dhe_signature(session, data + ret,
+					  _data_size - ret, &vdata);
+}
+
+
+static int
+proc_dhe_client_kx(gnutls_session_t session, uint8_t * data,
+		   size_t _data_size)
+{
+	return _gnutls_proc_dh_common_client_kx(session, data, _data_size,
+						NULL);
+}
diff --git a/lib/auth/dhe_psk.c b/lib/auth/dhe_psk.c
new file mode 100644
index 0000000..81e0e1a
--- /dev/null
+++ b/lib/auth/dhe_psk.c
@@ -0,0 +1,506 @@
+/*
+ * Copyright (C) 2005-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the PSK Diffie-Hellman key exchange part of the
+ * PSK authentication.  The functions here are used in the handshake.
+ */
+
+#include "gnutls_int.h"
+
+#ifdef ENABLE_PSK
+
+/* Contains PSK code for DHE and ECDHE
+ */
+
+#include "auth.h"
+#include "errors.h"
+#include "dh.h"
+#include <auth/psk.h>
+#include "num.h"
+#include "mpi.h"
+#include <state.h>
+#include <auth/dh_common.h>
+#include <auth/ecdhe.h>
+#include <datum.h>
+#include <auth/psk_passwd.h>
+
+static int
+proc_ecdhe_psk_server_kx(gnutls_session_t session, uint8_t * data,
+			 size_t _data_size);
+static int gen_dhe_psk_server_kx(gnutls_session_t, gnutls_buffer_st *);
+static int gen_dhe_psk_client_kx(gnutls_session_t, gnutls_buffer_st *);
+static int gen_ecdhe_psk_client_kx(gnutls_session_t, gnutls_buffer_st *);
+static int proc_ecdhe_psk_client_kx(gnutls_session_t, uint8_t *, size_t);
+static int proc_dhe_psk_server_kx(gnutls_session_t, uint8_t *, size_t);
+static int gen_ecdhe_psk_server_kx(gnutls_session_t session,
+				   gnutls_buffer_st * data);
+static int proc_dhe_psk_client_kx(gnutls_session_t session, uint8_t * data,
+				  size_t _data_size);
+#ifdef ENABLE_DHE
+const mod_auth_st dhe_psk_auth_struct = {
+	"DHE PSK",
+	NULL,
+	NULL,
+	gen_dhe_psk_server_kx,
+	gen_dhe_psk_client_kx,
+	NULL,
+	NULL,
+
+	NULL,
+	NULL,			/* certificate */
+	proc_dhe_psk_server_kx,
+	proc_dhe_psk_client_kx,
+	NULL,
+	NULL
+};
+#endif
+
+#ifdef ENABLE_ECDHE
+const mod_auth_st ecdhe_psk_auth_struct = {
+	"ECDHE PSK",
+	NULL,
+	NULL,
+	gen_ecdhe_psk_server_kx,
+	gen_ecdhe_psk_client_kx,
+	NULL,
+	NULL,
+
+	NULL,
+	NULL,			/* certificate */
+	proc_ecdhe_psk_server_kx,
+	proc_ecdhe_psk_client_kx,
+	NULL,
+	NULL
+};
+#endif
+
+static int
+gen_ecdhe_psk_client_kx(gnutls_session_t session, gnutls_buffer_st * data)
+{
+	int ret, free;
+	gnutls_psk_client_credentials_t cred;
+	gnutls_datum_t username, key;
+	unsigned init_pos = data->length;
+
+	cred = (gnutls_psk_client_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_PSK);
+
+	if (cred == NULL)
+		return
+		    gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+
+	ret = _gnutls_find_psk_key(session, cred, &username, &key, &free);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret =
+	    _gnutls_buffer_append_data_prefix(data, 16, username.data,
+					      username.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* The PSK key is set in there */
+	ret = _gnutls_gen_ecdh_common_client_kx_int(session, data, &key);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = data->length - init_pos;
+
+      cleanup:
+	if (free) {
+		_gnutls_free_datum(&username);
+		_gnutls_free_temp_key_datum(&key);
+	}
+
+	return ret;
+}
+
+static int
+gen_dhe_psk_client_kx(gnutls_session_t session, gnutls_buffer_st * data)
+{
+	int ret, free;
+	gnutls_psk_client_credentials_t cred;
+	gnutls_datum_t username, key;
+	unsigned init_pos = data->length;
+
+	cred = (gnutls_psk_client_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_PSK);
+
+	if (cred == NULL)
+		return
+		    gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+
+	ret = _gnutls_find_psk_key(session, cred, &username, &key, &free);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret =
+	    _gnutls_buffer_append_data_prefix(data, 16, username.data,
+					      username.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* The PSK key is set in there */
+	ret = _gnutls_gen_dh_common_client_kx_int(session, data, &key);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = data->length - init_pos;
+
+      cleanup:
+	if (free) {
+		_gnutls_free_datum(&username);
+		_gnutls_free_temp_key_datum(&key);
+	}
+
+	return ret;
+}
+
+static int
+gen_dhe_psk_server_kx(gnutls_session_t session, gnutls_buffer_st * data)
+{
+	int ret;
+	gnutls_psk_server_credentials_t cred;
+	gnutls_datum_t hint = {NULL, 0};
+
+	cred = (gnutls_psk_server_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_PSK);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_PSK,
+				   sizeof(psk_auth_info_st), 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_figure_dh_params(session, cred->dh_params, cred->params_func, cred->dh_sec_param);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (cred->hint) {
+		hint.data = (uint8_t *) cred->hint;
+		hint.size = strlen(cred->hint);
+	}
+
+	ret = _gnutls_buffer_append_data_prefix(data, 16, hint.data, hint.size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret =
+	    _gnutls_dh_common_print_server_kx(session, data);
+	if (ret < 0)
+		gnutls_assert();
+
+	return ret;
+}
+
+static int
+gen_ecdhe_psk_server_kx(gnutls_session_t session, gnutls_buffer_st * data)
+{
+	int ret;
+	gnutls_psk_server_credentials_t cred;
+	gnutls_datum_t hint = {NULL, 0};
+
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_PSK,
+				   sizeof(psk_auth_info_st), 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	cred = (gnutls_psk_server_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_PSK);
+
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if (cred->hint) {
+		hint.data = (uint8_t *) cred->hint;
+		hint.size = strlen(cred->hint);
+	}
+
+	ret = _gnutls_buffer_append_data_prefix(data, 16, hint.data, hint.size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_ecdh_common_print_server_kx(session, data,
+						  get_group
+						  (session));
+	if (ret < 0)
+		gnutls_assert();
+
+	return ret;
+}
+
+
+static int
+proc_dhe_psk_client_kx(gnutls_session_t session, uint8_t * data,
+		       size_t _data_size)
+{
+	int ret;
+	gnutls_datum_t psk_key;
+	gnutls_psk_server_credentials_t cred;
+	psk_auth_info_t info;
+	gnutls_datum_t username;
+	ssize_t data_size = _data_size;
+
+	cred = (gnutls_psk_server_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_PSK);
+
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_PSK,
+				   sizeof(psk_auth_info_st), 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	DECR_LEN(data_size, 2);
+	username.size = _gnutls_read_uint16(&data[0]);
+
+	DECR_LEN(data_size, username.size);
+
+	username.data = &data[2];
+
+	/* copy the username to the auth info structures
+	 */
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+	if (info == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	if (username.size > MAX_USERNAME_SIZE) {
+		gnutls_assert();
+		return GNUTLS_E_ILLEGAL_SRP_USERNAME;
+	}
+
+	ret = _gnutls_copy_psk_username(info, username);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* Adjust the data */
+	data += username.size + 2;
+
+	ret =
+	    _gnutls_psk_pwd_find_entry(session, info->username, info->username_len, &psk_key);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_proc_dh_common_client_kx(session, data, data_size,
+					       &psk_key);
+
+	_gnutls_free_key_datum(&psk_key);
+
+	return ret;
+
+}
+
+static int
+proc_ecdhe_psk_client_kx(gnutls_session_t session, uint8_t * data,
+			 size_t _data_size)
+{
+	int ret;
+	gnutls_psk_server_credentials_t cred;
+	gnutls_datum_t psk_key;
+	psk_auth_info_t info;
+	gnutls_datum_t username;
+	ssize_t data_size = _data_size;
+
+	cred = (gnutls_psk_server_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_PSK);
+
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_PSK,
+				   sizeof(psk_auth_info_st), 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	DECR_LEN(data_size, 2);
+	username.size = _gnutls_read_uint16(&data[0]);
+
+	DECR_LEN(data_size, username.size);
+
+	username.data = &data[2];
+
+	/* copy the username to the auth info structures
+	 */
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+	if (info == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+
+	if (username.size > MAX_USERNAME_SIZE) {
+		gnutls_assert();
+		return GNUTLS_E_ILLEGAL_SRP_USERNAME;
+	}
+
+	ret = _gnutls_copy_psk_username(info, username);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* Adjust the data */
+	data += username.size + 2;
+
+	/* should never fail. It will always return a key even if it is
+	 * a random one */
+	ret =
+	    _gnutls_psk_pwd_find_entry(session, info->username, info->username_len, &psk_key);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_proc_ecdh_common_client_kx(session, data, data_size,
+						 get_group
+						 (session), &psk_key);
+
+	_gnutls_free_key_datum(&psk_key);
+
+	return ret;
+}
+
+static int
+proc_dhe_psk_server_kx(gnutls_session_t session, uint8_t * data,
+		       size_t _data_size)
+{
+
+	int ret;
+	ssize_t data_size = _data_size;
+	psk_auth_info_t info;
+	gnutls_datum_t hint;
+
+	/* set auth_info */
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_PSK,
+				   sizeof(psk_auth_info_st), 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	DECR_LEN(data_size, 2);
+
+	hint.size = _gnutls_read_uint16(&data[0]);
+	hint.data = &data[2];
+
+	DECR_LEN(data_size, hint.size);
+	data += 2 + hint.size;
+
+	ret = _gnutls_proc_dh_common_server_kx(session, data, data_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+	if (info == NULL)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (hint.size > MAX_USERNAME_SIZE)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_SRP_USERNAME);
+
+	ret = _gnutls_copy_psk_hint(info, hint);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+static int
+proc_ecdhe_psk_server_kx(gnutls_session_t session, uint8_t * data,
+			 size_t _data_size)
+{
+
+	int ret;
+	ssize_t data_size = _data_size;
+	psk_auth_info_t info;
+	gnutls_datum_t hint;
+
+	/* set auth_info */
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_PSK,
+				   sizeof(psk_auth_info_st), 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	DECR_LEN(data_size, 2);
+
+	hint.size = _gnutls_read_uint16(&data[0]);
+	hint.data = &data[2];
+
+	DECR_LEN(data_size, hint.size);
+	data += 2 + hint.size;
+
+	ret = _gnutls_proc_ecdh_common_server_kx(session, data, data_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+	if (info == NULL)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (hint.size > MAX_USERNAME_SIZE)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_SRP_USERNAME);
+
+	ret = _gnutls_copy_psk_hint(info, hint);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+#endif				/* ENABLE_PSK */
diff --git a/lib/auth/ecdhe.c b/lib/auth/ecdhe.c
new file mode 100644
index 0000000..9f53b1b
--- /dev/null
+++ b/lib/auth/ecdhe.c
@@ -0,0 +1,522 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains common stuff in Ephemeral Diffie-Hellman (DHE)
+ * and Anonymous DH key exchange(DHA). These are used in the handshake
+ * procedure of the certificate and anonymous authentication.
+ */
+
+#include "gnutls_int.h"
+#include "auth.h"
+#include "errors.h"
+#include "dh.h"
+#include "num.h"
+#include "tls-sig.h"
+#include <state.h>
+#include <datum.h>
+#include <x509.h>
+#include <auth/ecdhe.h>
+#include <ecc.h>
+#include <ext/supported_groups.h>
+#include <algorithms.h>
+#include <auth/psk.h>
+#include <auth/cert.h>
+#include <pk.h>
+
+static int gen_ecdhe_server_kx(gnutls_session_t, gnutls_buffer_st *);
+static int
+proc_ecdhe_server_kx(gnutls_session_t session,
+		     uint8_t * data, size_t _data_size);
+static int
+proc_ecdhe_client_kx(gnutls_session_t session,
+		     uint8_t * data, size_t _data_size);
+
+#if defined(ENABLE_ECDHE)
+const mod_auth_st ecdhe_ecdsa_auth_struct = {
+	"ECDHE_ECDSA",
+	_gnutls_gen_cert_server_crt,
+	_gnutls_gen_cert_client_crt,
+	gen_ecdhe_server_kx,
+	_gnutls_gen_ecdh_common_client_kx,	/* This is the only difference */
+	_gnutls_gen_cert_client_crt_vrfy,
+	_gnutls_gen_cert_server_cert_req,
+
+	_gnutls_proc_crt,
+	_gnutls_proc_crt,
+	proc_ecdhe_server_kx,
+	proc_ecdhe_client_kx,
+	_gnutls_proc_cert_client_crt_vrfy,
+	_gnutls_proc_cert_cert_req
+};
+
+const mod_auth_st ecdhe_rsa_auth_struct = {
+	"ECDHE_RSA",
+	_gnutls_gen_cert_server_crt,
+	_gnutls_gen_cert_client_crt,
+	gen_ecdhe_server_kx,
+	_gnutls_gen_ecdh_common_client_kx,	/* This is the only difference */
+	_gnutls_gen_cert_client_crt_vrfy,
+	_gnutls_gen_cert_server_cert_req,
+
+	_gnutls_proc_crt,
+	_gnutls_proc_crt,
+	proc_ecdhe_server_kx,
+	proc_ecdhe_client_kx,
+	_gnutls_proc_cert_client_crt_vrfy,
+	_gnutls_proc_cert_cert_req
+};
+
+static int calc_ecdh_key(gnutls_session_t session,
+			 gnutls_datum_t * psk_key,
+			 const gnutls_ecc_curve_entry_st *ecurve)
+{
+	gnutls_pk_params_st pub;
+	int ret;
+	gnutls_datum_t tmp_dh_key;
+
+	gnutls_pk_params_init(&pub);
+	pub.params[ECC_X] = session->key.proto.tls12.ecdh.x;
+	pub.params[ECC_Y] = session->key.proto.tls12.ecdh.y;
+	pub.raw_pub.data = session->key.proto.tls12.ecdh.raw.data;
+	pub.raw_pub.size = session->key.proto.tls12.ecdh.raw.size;
+	pub.curve = ecurve->id;
+
+	ret =
+	    _gnutls_pk_derive(ecurve->pk, &tmp_dh_key,
+			      &session->key.proto.tls12.ecdh.params, &pub);
+	if (ret < 0) {
+		ret = gnutls_assert_val(ret);
+		goto cleanup;
+	}
+
+	if (psk_key == NULL) {
+		memcpy(&session->key.key, &tmp_dh_key, sizeof(gnutls_datum_t));
+		tmp_dh_key.data = NULL; /* no longer needed */
+	} else {
+		ret =
+		    _gnutls_set_psk_session_key(session, psk_key,
+						&tmp_dh_key);
+		_gnutls_free_temp_key_datum(&tmp_dh_key);
+
+		if (ret < 0) {
+			ret = gnutls_assert_val(ret);
+			goto cleanup;
+		}
+	}
+
+	ret = 0;
+
+      cleanup:
+	/* no longer needed */
+	_gnutls_mpi_release(&session->key.proto.tls12.ecdh.x);
+	_gnutls_mpi_release(&session->key.proto.tls12.ecdh.y);
+	_gnutls_free_datum(&session->key.proto.tls12.ecdh.raw);
+	gnutls_pk_params_release(&session->key.proto.tls12.ecdh.params);
+	return ret;
+}
+
+int _gnutls_proc_ecdh_common_client_kx(gnutls_session_t session,
+				       uint8_t * data, size_t _data_size,
+				       const struct gnutls_group_entry_st *group,
+				       gnutls_datum_t * psk_key)
+{
+	ssize_t data_size = _data_size;
+	int ret, i = 0;
+	unsigned point_size;
+	const gnutls_ecc_curve_entry_st *ecurve;
+
+	if (group == NULL)
+		return gnutls_assert_val(GNUTLS_E_ECC_NO_SUPPORTED_CURVES);
+
+	 ecurve = _gnutls_ecc_curve_get_params(group->curve);
+	if (ecurve == NULL)
+		return gnutls_assert_val(GNUTLS_E_ECC_NO_SUPPORTED_CURVES);
+
+	DECR_LEN(data_size, 1);
+	point_size = data[i];
+	i += 1;
+
+	if (point_size == 0) {
+		ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+		goto cleanup;
+	}
+
+	DECR_LEN(data_size, point_size);
+
+	if (ecurve->pk == GNUTLS_PK_EC) {
+		ret =
+		    _gnutls_ecc_ansi_x962_import(&data[i], point_size,
+					 &session->key.proto.tls12.ecdh.x,
+					 &session->key.proto.tls12.ecdh.y);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	} else if (ecurve->pk == GNUTLS_PK_ECDH_X25519 ||
+		   ecurve->pk == GNUTLS_PK_ECDH_X448) {
+		if (ecurve->size != point_size)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		ret = _gnutls_set_datum(&session->key.proto.tls12.ecdh.raw,
+					&data[i], point_size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		/* RFC7748 requires to mask the MSB in the final byte
+		 * for X25519 (not X448) */
+		if (ecurve->id == GNUTLS_ECC_CURVE_X25519) {
+			session->key.proto.tls12.ecdh.raw.data[point_size-1] &= 0x7f;
+		}
+	} else {
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	if (data_size != 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	/* generate pre-shared key */
+	ret = calc_ecdh_key(session, psk_key, ecurve);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+ cleanup:
+	gnutls_pk_params_clear(&session->key.proto.tls12.ecdh.params);
+	return ret;
+}
+
+static int
+proc_ecdhe_client_kx(gnutls_session_t session,
+		     uint8_t * data, size_t _data_size)
+{
+	gnutls_certificate_credentials_t cred;
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	return _gnutls_proc_ecdh_common_client_kx(session, data,
+						  _data_size,
+						  get_group
+						  (session), NULL);
+}
+
+int
+_gnutls_gen_ecdh_common_client_kx(gnutls_session_t session,
+				  gnutls_buffer_st * data)
+{
+	return _gnutls_gen_ecdh_common_client_kx_int(session, data, NULL);
+}
+
+int
+_gnutls_gen_ecdh_common_client_kx_int(gnutls_session_t session,
+				      gnutls_buffer_st * data,
+				      gnutls_datum_t * psk_key)
+{
+	int ret;
+	gnutls_datum_t out;
+	const gnutls_group_entry_st *group = get_group(session);
+	const gnutls_ecc_curve_entry_st *ecurve;
+	int pk;
+	unsigned init_pos = data->length;
+
+	if (group == NULL)
+		return gnutls_assert_val(GNUTLS_E_ECC_NO_SUPPORTED_CURVES);
+
+	 ecurve = _gnutls_ecc_curve_get_params(group->curve);
+	if (ecurve == NULL)
+		return gnutls_assert_val(GNUTLS_E_ECC_NO_SUPPORTED_CURVES);
+
+	pk = ecurve->pk;
+
+	/* generate temporal key */
+	ret =
+	    _gnutls_pk_generate_keys(pk, ecurve->id,
+				     &session->key.proto.tls12.ecdh.params, 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (pk == GNUTLS_PK_EC) {
+		ret =
+		    _gnutls_ecc_ansi_x962_export(ecurve->id,
+						 session->key.proto.tls12.ecdh.params.
+						 params[ECC_X] /* x */ ,
+						 session->key.proto.tls12.ecdh.params.
+						 params[ECC_Y] /* y */ , &out);
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret =
+		    _gnutls_buffer_append_data_prefix(data, 8, out.data, out.size);
+
+		_gnutls_free_datum(&out);
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	} else if (pk == GNUTLS_PK_ECDH_X25519 || pk == GNUTLS_PK_ECDH_X448) {
+		ret =
+		    _gnutls_buffer_append_data_prefix(data, 8,
+					session->key.proto.tls12.ecdh.params.raw_pub.data,
+					session->key.proto.tls12.ecdh.params.raw_pub.size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	/* generate pre-shared key */
+	ret = calc_ecdh_key(session, psk_key, ecurve);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = data->length - init_pos;
+ cleanup:
+	gnutls_pk_params_clear(&session->key.proto.tls12.ecdh.params);
+	return ret;
+}
+
+static int
+proc_ecdhe_server_kx(gnutls_session_t session,
+		     uint8_t * data, size_t _data_size)
+{
+	int ret;
+	gnutls_datum_t vparams;
+
+	ret =
+	    _gnutls_proc_ecdh_common_server_kx(session, data, _data_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	vparams.data = data;
+	vparams.size = ret;
+
+	return _gnutls_proc_dhe_signature(session, data + ret,
+					  _data_size - ret, &vparams);
+}
+
+int
+_gnutls_proc_ecdh_common_server_kx(gnutls_session_t session,
+				   uint8_t * data, size_t _data_size)
+{
+	int i, ret;
+	unsigned point_size;
+	const gnutls_group_entry_st *group;
+	ssize_t data_size = _data_size;
+	const gnutls_ecc_curve_entry_st *ecurve;
+
+	/* just in case we are resuming a session */
+	gnutls_pk_params_release(&session->key.proto.tls12.ecdh.params);
+
+	gnutls_pk_params_init(&session->key.proto.tls12.ecdh.params);
+
+	i = 0;
+	DECR_LEN(data_size, 1);
+	if (data[i++] != 3)
+		return gnutls_assert_val(GNUTLS_E_ECC_NO_SUPPORTED_CURVES);
+
+	DECR_LEN(data_size, 2);
+
+	group = _gnutls_tls_id_to_group(_gnutls_read_uint16(&data[i]));
+	if (group == NULL || group->curve == 0) {
+		_gnutls_debug_log("received unknown curve %u.%u\n", (unsigned)data[i], (unsigned)data[i+1]);
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	} else {
+		_gnutls_debug_log("received curve %s\n", group->name);
+	}
+
+	i += 2;
+
+	ret = _gnutls_session_supports_group(session, group->id);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ecurve = _gnutls_ecc_curve_get_params(group->curve);
+	if (ecurve == NULL) {
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	_gnutls_session_group_set(session, group);
+
+	DECR_LEN(data_size, 1);
+	point_size = data[i];
+	i++;
+
+	DECR_LEN(data_size, point_size);
+
+	if (ecurve->pk == GNUTLS_PK_EC) {
+		ret =
+		    _gnutls_ecc_ansi_x962_import(&data[i], point_size,
+						 &session->key.proto.tls12.ecdh.x,
+						 &session->key.proto.tls12.ecdh.y);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+	} else if (ecurve->pk == GNUTLS_PK_ECDH_X25519 ||
+		   ecurve->pk == GNUTLS_PK_ECDH_X448) {
+		if (ecurve->size != point_size)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		ret = _gnutls_set_datum(&session->key.proto.tls12.ecdh.raw,
+					&data[i], point_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		/* RFC7748 requires to mask the MSB in the final byte
+		 * for X25519 (not X448) */
+		if (ecurve->id == GNUTLS_ECC_CURVE_X25519) {
+			session->key.proto.tls12.ecdh.raw.data[point_size-1] &= 0x7f;
+		}
+	} else {
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	i += point_size;
+
+	return i;
+}
+
+/* If the psk flag is set, then an empty psk_identity_hint will
+ * be inserted */
+int _gnutls_ecdh_common_print_server_kx(gnutls_session_t session,
+					gnutls_buffer_st * data,
+					const gnutls_group_entry_st *group)
+{
+	uint8_t p;
+	int ret;
+	gnutls_datum_t out;
+	unsigned init_pos = data->length;
+
+	if (group == NULL || group->curve == 0)
+		return gnutls_assert_val(GNUTLS_E_ECC_NO_SUPPORTED_CURVES);
+
+	/* just in case we are resuming a session */
+	gnutls_pk_params_release(&session->key.proto.tls12.ecdh.params);
+
+	gnutls_pk_params_init(&session->key.proto.tls12.ecdh.params);
+
+	/* curve type */
+	p = 3;
+
+	ret = _gnutls_buffer_append_data(data, &p, 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret =
+	    _gnutls_buffer_append_prefix(data, 16,
+					 group->tls_id);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+
+	/* generate temporal key */
+	ret =
+	    _gnutls_pk_generate_keys(group->pk, group->curve,
+				     &session->key.proto.tls12.ecdh.params, 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (group->pk == GNUTLS_PK_EC) {
+		ret =
+		    _gnutls_ecc_ansi_x962_export(group->curve,
+						 session->key.proto.tls12.ecdh.params.
+						 params[ECC_X] /* x */ ,
+						 session->key.proto.tls12.ecdh.params.
+						 params[ECC_Y] /* y */ , &out);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    _gnutls_buffer_append_data_prefix(data, 8, out.data, out.size);
+
+		_gnutls_free_datum(&out);
+
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+	} else if (group->pk == GNUTLS_PK_ECDH_X25519 ||
+		   group->pk == GNUTLS_PK_ECDH_X448) {
+		ret =
+			_gnutls_buffer_append_data_prefix(data, 8,
+					session->key.proto.tls12.ecdh.params.raw_pub.data,
+					session->key.proto.tls12.ecdh.params.raw_pub.size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	} else {
+		return gnutls_assert_val(GNUTLS_E_ECC_NO_SUPPORTED_CURVES);
+	}
+
+
+	return data->length - init_pos;
+}
+
+static int
+gen_ecdhe_server_kx(gnutls_session_t session, gnutls_buffer_st * data)
+{
+	int ret = 0;
+	gnutls_certificate_credentials_t cred;
+	unsigned sig_pos;
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if ((ret = _gnutls_auth_info_init(session, GNUTLS_CRD_CERTIFICATE,
+					 sizeof(cert_auth_info_st),
+					 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	sig_pos = data->length;
+
+	ret =
+	    _gnutls_ecdh_common_print_server_kx(session, data,
+						get_group
+						(session));
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* Generate the signature. */
+	return _gnutls_gen_dhe_signature(session, data, &data->data[sig_pos],
+					 data->length-sig_pos);
+}
+
+#endif
diff --git a/lib/auth/ecdhe.h b/lib/auth/ecdhe.h
new file mode 100644
index 0000000..e80e1ba
--- /dev/null
+++ b/lib/auth/ecdhe.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_AUTH_ECDHE_H
+#define GNUTLS_LIB_AUTH_ECDHE_H
+
+#include <auth.h>
+
+int
+_gnutls_gen_ecdh_common_client_kx(gnutls_session_t session,
+				  gnutls_buffer_st * data);
+
+int
+_gnutls_gen_ecdh_common_client_kx_int(gnutls_session_t session,
+				      gnutls_buffer_st * data,
+				      gnutls_datum_t * psk_key);
+
+int
+_gnutls_proc_ecdh_common_client_kx(gnutls_session_t session,
+				   uint8_t * data, size_t _data_size,
+				   const struct gnutls_group_entry_st *group,
+				   gnutls_datum_t * psk_key);
+
+int _gnutls_ecdh_common_print_server_kx(gnutls_session_t,
+					gnutls_buffer_st * data,
+					const struct gnutls_group_entry_st *group);
+int _gnutls_proc_ecdh_common_server_kx(gnutls_session_t session,
+				       uint8_t * data, size_t _data_size);
+
+
+
+#endif /* GNUTLS_LIB_AUTH_ECDHE_H */
diff --git a/lib/auth/psk.c b/lib/auth/psk.c
new file mode 100644
index 0000000..cdb1f1b
--- /dev/null
+++ b/lib/auth/psk.c
@@ -0,0 +1,334 @@
+/*
+ * Copyright (C) 2005-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+
+#ifdef ENABLE_PSK
+
+#include "errors.h"
+#include "auth.h"
+#include "debug.h"
+#include "num.h"
+#include <auth/psk.h>
+#include <auth/psk_passwd.h>
+#include <str.h>
+#include <datum.h>
+
+
+static int _gnutls_proc_psk_client_kx(gnutls_session_t, uint8_t *, size_t);
+static int
+_gnutls_proc_psk_server_kx(gnutls_session_t session, uint8_t * data,
+			   size_t _data_size);
+
+
+const mod_auth_st psk_auth_struct = {
+	"PSK",
+	NULL,
+	NULL,
+	_gnutls_gen_psk_server_kx,
+	_gnutls_gen_psk_client_kx,
+	NULL,
+	NULL,
+
+	NULL,
+	NULL,			/* certificate */
+	_gnutls_proc_psk_server_kx,
+	_gnutls_proc_psk_client_kx,
+	NULL,
+	NULL
+};
+
+/* Set the PSK premaster secret.
+ */
+int
+_gnutls_set_psk_session_key(gnutls_session_t session,
+			    gnutls_datum_t * ppsk /* key */ ,
+			    gnutls_datum_t * dh_secret)
+{
+	gnutls_datum_t pwd_psk = { NULL, 0 };
+	size_t dh_secret_size;
+	uint8_t *p;
+	int ret;
+
+	if (dh_secret == NULL)
+		dh_secret_size = ppsk->size;
+	else
+		dh_secret_size = dh_secret->size;
+
+	/* set the session key
+	 */
+	session->key.key.size = 4 + dh_secret_size + ppsk->size;
+	session->key.key.data = gnutls_malloc(session->key.key.size);
+	if (session->key.key.data == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto error;
+	}
+
+	/* format of the premaster secret:
+	 * (uint16_t) psk_size
+	 * psk_size bytes of (0)s
+	 * (uint16_t) psk_size
+	 * the psk
+	 */
+	p = session->key.key.data;
+	_gnutls_write_uint16(dh_secret_size, p);
+	p += 2;
+	if (dh_secret == NULL)
+		memset(p, 0, dh_secret_size);
+	else
+		memcpy(p, dh_secret->data, dh_secret->size);
+
+	p += dh_secret_size;
+	_gnutls_write_uint16(ppsk->size, p);
+	if (ppsk->data != NULL)
+		memcpy(p + 2, ppsk->data, ppsk->size);
+
+	ret = 0;
+
+      error:
+	_gnutls_free_temp_key_datum(&pwd_psk);
+	return ret;
+}
+
+
+/* Generates the PSK client key exchange
+ *
+ * 
+ * struct {
+ *    select (KeyExchangeAlgorithm) {
+ *       uint8_t psk_identity<0..2^16-1>;
+ *    } exchange_keys;
+ * } ClientKeyExchange;
+ *
+ */
+int
+_gnutls_gen_psk_client_kx(gnutls_session_t session,
+			  gnutls_buffer_st * data)
+{
+	int ret, free;
+	gnutls_datum_t username = {NULL, 0};
+	gnutls_datum_t key;
+	gnutls_psk_client_credentials_t cred;
+	psk_auth_info_t info;
+
+	cred = (gnutls_psk_client_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_PSK);
+
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+	if (info == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	ret = _gnutls_find_psk_key(session, cred, &username, &key, &free);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_set_psk_session_key(session, &key, NULL);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_buffer_append_data_prefix(data, 16, username.data,
+					      username.size);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+	if (username.size > MAX_USERNAME_SIZE) {
+		gnutls_assert();
+		ret = GNUTLS_E_ILLEGAL_SRP_USERNAME;
+		goto cleanup;
+	}
+
+	assert(username.data != NULL);
+	ret = _gnutls_copy_psk_username(info, username);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+      cleanup:
+	if (free) {
+		gnutls_free(username.data);
+		_gnutls_free_temp_key_datum(&key);
+	}
+
+	return ret;
+}
+
+
+/* just read the username from the client key exchange.
+ */
+static int
+_gnutls_proc_psk_client_kx(gnutls_session_t session, uint8_t * data,
+			   size_t _data_size)
+{
+	ssize_t data_size = _data_size;
+	int ret;
+	gnutls_datum_t username, psk_key;
+	gnutls_psk_server_credentials_t cred;
+	psk_auth_info_t info;
+
+	cred = (gnutls_psk_server_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_PSK);
+
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_PSK,
+				   sizeof(psk_auth_info_st), 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	DECR_LEN(data_size, 2);
+	username.size = _gnutls_read_uint16(&data[0]);
+
+	DECR_LEN(data_size, username.size);
+
+	username.data = &data[2];
+
+
+	/* copy the username to the auth info structures
+	 */
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+	if (info == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	if (username.size > MAX_USERNAME_SIZE) {
+		gnutls_assert();
+		return GNUTLS_E_ILLEGAL_SRP_USERNAME;
+	}
+
+	ret = _gnutls_copy_psk_username(info, username);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret =
+	    _gnutls_psk_pwd_find_entry(session, info->username, info->username_len, &psk_key);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_set_psk_session_key(session, &psk_key, NULL);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = 0;
+
+      error:
+	_gnutls_free_key_datum(&psk_key);
+
+	return ret;
+}
+
+
+/* Generates the PSK server key exchange
+ *
+ * struct {
+ *     select (KeyExchangeAlgorithm) {
+ *	 // other cases for rsa, diffie_hellman, etc.
+ *	 case psk:  // NEW
+ *	     uint8_t psk_identity_hint<0..2^16-1>;
+ *     };
+ * } ServerKeyExchange;
+ *
+ */
+int
+_gnutls_gen_psk_server_kx(gnutls_session_t session,
+			  gnutls_buffer_st * data)
+{
+	gnutls_psk_server_credentials_t cred;
+	gnutls_datum_t hint;
+
+	cred = (gnutls_psk_server_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_PSK);
+
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	/* Abort sending this message if there is no PSK identity hint. */
+	if (cred->hint == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INT_RET_0;
+	}
+
+	hint.data = (uint8_t *) cred->hint;
+	hint.size = strlen(cred->hint);
+
+	return _gnutls_buffer_append_data_prefix(data, 16, hint.data,
+						 hint.size);
+}
+
+/* Read the hint from the server key exchange */
+static int
+_gnutls_proc_psk_server_kx(gnutls_session_t session, uint8_t * data, size_t _data_size)
+{
+	int ret;
+	ssize_t data_size = _data_size;
+	gnutls_psk_client_credentials_t cred;
+	psk_auth_info_t info;
+	gnutls_datum_t hint;
+
+	cred = (gnutls_psk_client_credentials_t) _gnutls_get_cred(session, GNUTLS_CRD_PSK);
+	if (cred == NULL)
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+
+	ret = _gnutls_auth_info_init(session, GNUTLS_CRD_PSK, sizeof(psk_auth_info_st), 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	DECR_LENGTH_RET(data_size, 2, 0);
+	hint.size = _gnutls_read_uint16(&data[0]);
+
+	DECR_LEN(data_size, hint.size);
+	hint.data = &data[2];
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+	if (info == NULL)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (hint.size > MAX_USERNAME_SIZE)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_SRP_USERNAME);
+
+        ret = _gnutls_copy_psk_hint(info, hint);
+	return ret;
+}
+
+#endif				/* ENABLE_PSK */
diff --git a/lib/auth/psk.h b/lib/auth/psk.h
new file mode 100644
index 0000000..202ee05
--- /dev/null
+++ b/lib/auth/psk.h
@@ -0,0 +1,110 @@
+/*
+ * Copyright (C) 2005-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_AUTH_PSK_H
+#define GNUTLS_LIB_AUTH_PSK_H
+
+#include <auth.h>
+#include <auth/dh_common.h>
+
+#define _gnutls_copy_psk_username(info, datum) \
+	_gnutls_copy_psk_string(&(info)->username, &(info)->username_len, (datum))
+
+#define _gnutls_copy_psk_hint(info, datum) \
+	_gnutls_copy_psk_string(&(info)->hint, &(info)->hint_len, (datum))
+
+typedef struct gnutls_psk_client_credentials_st {
+	gnutls_datum_t username;
+	gnutls_datum_t key;
+	gnutls_psk_client_credentials_function2 *get_function;
+	gnutls_psk_client_credentials_function *get_function_legacy;
+	/* TLS 1.3 - The HMAC algorithm to use to compute the binder values */
+	const mac_entry_st *binder_algo;
+} psk_client_credentials_st;
+
+typedef struct gnutls_psk_server_credentials_st {
+	char *password_file;
+	/* callback function, instead of reading the
+	 * password files.
+	 */
+	gnutls_psk_server_credentials_function2 *pwd_callback;
+	gnutls_psk_server_credentials_function *pwd_callback_legacy;
+
+	/* For DHE_PSK */
+	gnutls_dh_params_t dh_params;
+	unsigned int deinit_dh_params;
+	gnutls_sec_param_t dh_sec_param;
+	/* this callback is used to retrieve the DH or RSA
+	 * parameters.
+	 */
+	gnutls_params_function *params_func;
+
+	/* Identity hint. */
+	char *hint;
+	/* TLS 1.3 - HMAC algorithm for the binder values */
+	const mac_entry_st *binder_algo;
+} psk_server_cred_st;
+
+typedef struct psk_auth_info_st {
+	char *username;
+	uint16_t username_len;
+	dh_info_st dh;
+	char *hint;
+	uint16_t hint_len;
+} *psk_auth_info_t;
+
+typedef struct psk_auth_info_st psk_auth_info_st;
+
+inline static int
+_gnutls_copy_psk_string(char **dest, uint16_t *dest_len, const gnutls_datum_t str)
+{
+	char *_tmp;
+
+	assert(MAX_USERNAME_SIZE >= str.size);
+	
+	_tmp = gnutls_malloc(str.size + 1);
+	if (_tmp == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+	memcpy(_tmp, str.data, str.size);
+	_tmp[str.size] = '\0';
+	
+	gnutls_free(*dest);
+	*dest = _tmp;
+	*dest_len = str.size;
+	
+	return GNUTLS_E_SUCCESS;
+}
+
+#ifdef ENABLE_PSK
+
+int
+_gnutls_set_psk_session_key(gnutls_session_t session, gnutls_datum_t * key,
+			    gnutls_datum_t * psk2);
+int _gnutls_gen_psk_server_kx(gnutls_session_t session,
+			      gnutls_buffer_st * data);
+int _gnutls_gen_psk_client_kx(gnutls_session_t, gnutls_buffer_st *);
+
+#else
+#define _gnutls_set_psk_session_key(x,y,z) GNUTLS_E_UNIMPLEMENTED_FEATURE
+#endif				/* ENABLE_PSK */
+
+#endif /* GNUTLS_LIB_AUTH_PSK_H */
diff --git a/lib/auth/psk_passwd.c b/lib/auth/psk_passwd.c
new file mode 100644
index 0000000..2953c2d
--- /dev/null
+++ b/lib/auth/psk_passwd.c
@@ -0,0 +1,273 @@
+/*
+ * Copyright (C) 2005-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions for operating in an PSK passwd file are included here */
+
+#include "gnutls_int.h"
+
+#include "x509_b64.h"
+#include "errors.h"
+#include <auth/psk_passwd.h>
+#include <auth/psk.h>
+#include "auth.h"
+#include "dh.h"
+#include "debug.h"
+#include <str.h>
+#include <datum.h>
+#include <num.h>
+#include <random.h>
+
+
+/* this function parses passwd.psk file. Format is:
+ * string(username):hex(passwd)
+ */
+static int pwd_put_values(gnutls_datum_t * psk, char *str)
+{
+	char *p;
+	int len, ret;
+	gnutls_datum_t tmp;
+
+	p = strchr(str, ':');
+	if (p == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_SRP_PWD_PARSING_ERROR;
+	}
+
+	*p = '\0';
+	p++;
+
+	/* skip username
+	 */
+
+	/* read the key
+	 */
+	len = strlen(p);
+	if (p[len - 1] == '\n' || p[len - 1] == ' ')
+		len--;
+
+	tmp.data = (void*)p;
+	tmp.size = len;
+	ret = gnutls_hex_decode2(&tmp, psk);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+static bool username_matches(const gnutls_datum_t *username,
+			     const char *line, size_t line_size)
+{
+	int retval;
+	unsigned i;
+	gnutls_datum_t hexline, hex_username = { NULL, 0 };
+
+	/*
+	 * Guard against weird behavior - we don't check 'line',
+	 * as it's returned by getline(), which will never return NULL
+	 * if successful.
+	 */
+	if (username->data == NULL)
+		return false;
+
+	if (line_size == 0)
+		return (username->size == 0);
+
+	/* move to first ':' */
+	i = 0;
+	while ((i < line_size) && (line[i] != '\0')
+	       && (line[i] != ':')) {
+		i++;
+	}
+
+	/* if format is in hex, e.g. #FAFAFA */
+	if (line[0] == '#' && line_size > 1) {
+		hexline.data = (void *) &line[1];
+		hexline.size = i - 1;
+
+		if (gnutls_hex_decode2(&hexline, &hex_username) < 0)
+			return gnutls_assert_val(0);
+
+		if (hex_username.size == username->size)
+			retval = memcmp(username->data, hex_username.data, username->size);
+		else
+			retval = -1;
+
+		_gnutls_free_datum(&hex_username);
+	} else {
+		retval = strncmp((const char *) username->data, line, MAX(i, username->size));
+	}
+
+	return (retval == 0);
+}
+
+
+/* Randomizes the given password entry. It actually sets a random password. 
+ * Returns 0 on success.
+ */
+static int _randomize_psk(gnutls_datum_t * psk)
+{
+	int ret;
+
+	psk->data = gnutls_malloc(16);
+	if (psk->data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	psk->size = 16;
+
+	ret = gnutls_rnd(GNUTLS_RND_NONCE, (char *) psk->data, 16);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/* Returns the PSK key of the given user. 
+ * If the user doesn't exist a random password is returned instead.
+ */
+int
+_gnutls_psk_pwd_find_entry(gnutls_session_t session,
+			   const char *username, uint16_t username_len,
+			   gnutls_datum_t * psk)
+{
+	gnutls_psk_server_credentials_t cred;
+	FILE *fp;
+	char *line = NULL;
+	size_t line_size = 0;
+	int ret;
+	gnutls_datum_t username_datum = {
+		.data = (unsigned char *) username,
+		.size = username_len
+	};
+
+	cred = (gnutls_psk_server_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_PSK);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	/* if the callback which sends the parameters is
+	 * set, use it.
+	 */
+	if (cred->pwd_callback != NULL) {
+		ret = cred->pwd_callback(session, &username_datum, psk);
+
+		if (ret == 1) {	/* the user does not exist */
+			ret = _randomize_psk(psk);
+			if (ret < 0) {
+				gnutls_assert();
+				return ret;
+			}
+			return 0;
+		}
+
+		if (ret < 0) {
+			gnutls_assert();
+			return GNUTLS_E_SRP_PWD_ERROR;
+		}
+
+		return 0;
+	}
+
+	/* The callback was not set. Proceed.
+	 */
+	if (cred->password_file == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_SRP_PWD_ERROR;
+	}
+
+	/* Open the selected password file.
+	 */
+	fp = fopen(cred->password_file, "re");
+	if (fp == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_SRP_PWD_ERROR;
+	}
+
+	while (getline(&line, &line_size, fp) > 0) {
+		if (username_matches(&username_datum, line, line_size)) {
+			ret = pwd_put_values(psk, line);
+			if (ret < 0) {
+				gnutls_assert();
+				ret = GNUTLS_E_SRP_PWD_ERROR;
+				goto cleanup;
+			}
+			ret = 0;
+			goto cleanup;
+		}
+	}
+
+	/* user was not found. Fake him. 
+	 */
+	ret = _randomize_psk(psk);
+	if (ret < 0) {
+		goto cleanup;
+	}
+
+	ret = 0;
+cleanup:
+	if (fp != NULL)
+		fclose(fp);
+
+	zeroize_key(line, line_size);
+	free(line);
+
+	return ret;
+
+}
+
+/* returns the username and they key for the PSK session.
+ * Free is non (0) if they have to be freed.
+ */
+int _gnutls_find_psk_key(gnutls_session_t session,
+			 gnutls_psk_client_credentials_t cred,
+			 gnutls_datum_t * username, gnutls_datum_t * key,
+			 int *free)
+{
+	int ret;
+
+	*free = 0;
+
+	if (cred->username.data != NULL && cred->key.data != NULL) {
+		username->data = cred->username.data;
+		username->size = cred->username.size;
+		key->data = cred->key.data;
+		key->size = cred->key.size;
+	} else if (cred->get_function != NULL) {
+		ret = cred->get_function(session, username, key);
+
+		if (ret)
+			return gnutls_assert_val(ret);
+
+		*free = 1;
+	} else
+		return
+		    gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+
+	return 0;
+}
diff --git a/lib/auth/psk_passwd.h b/lib/auth/psk_passwd.h
new file mode 100644
index 0000000..3d351f2
--- /dev/null
+++ b/lib/auth/psk_passwd.h
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2005-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_AUTH_PSK_PASSWD_H
+#define GNUTLS_LIB_AUTH_PSK_PASSWD_H
+
+/* this is locally allocated. It should be freed using the provided function */
+int _gnutls_psk_pwd_find_entry(gnutls_session_t,
+			       const char *username, uint16_t username_len,
+			       gnutls_datum_t * key);
+
+int _gnutls_find_psk_key(gnutls_session_t session,
+			 gnutls_psk_client_credentials_t cred,
+			 gnutls_datum_t * username, gnutls_datum_t * key,
+			 int *free);
+
+#endif /* GNUTLS_LIB_AUTH_PSK_PASSWD_H */
diff --git a/lib/auth/rsa.c b/lib/auth/rsa.c
new file mode 100644
index 0000000..858701f
--- /dev/null
+++ b/lib/auth/rsa.c
@@ -0,0 +1,316 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the RSA key exchange part of the certificate
+ * authentication.
+ */
+
+#include "gnutls_int.h"
+#include "auth.h"
+#include "errors.h"
+#include "dh.h"
+#include "num.h"
+#include "datum.h"
+#include <auth/cert.h>
+#include <pk.h>
+#include <algorithms.h>
+#include <global.h>
+#include "debug.h"
+#include <tls-sig.h>
+#include <x509.h>
+#include <random.h>
+#include <mpi.h>
+#include <abstract_int.h>
+#include <auth/rsa_common.h>
+
+int _gnutls_gen_rsa_client_kx(gnutls_session_t, gnutls_buffer_st *);
+static int proc_rsa_client_kx(gnutls_session_t, uint8_t *, size_t);
+
+const mod_auth_st rsa_auth_struct = {
+	"RSA",
+	_gnutls_gen_cert_server_crt,
+	_gnutls_gen_cert_client_crt,
+	NULL,			/* gen server kx */
+	_gnutls_gen_rsa_client_kx,
+	_gnutls_gen_cert_client_crt_vrfy,	/* gen client cert vrfy */
+	_gnutls_gen_cert_server_cert_req,	/* server cert request */
+
+	_gnutls_proc_crt,
+	_gnutls_proc_crt,
+	NULL,			/* proc server kx */
+	proc_rsa_client_kx,	/* proc client kx */
+	_gnutls_proc_cert_client_crt_vrfy,	/* proc client cert vrfy */
+	_gnutls_proc_cert_cert_req	/* proc server cert request */
+};
+
+static
+int check_key_usage_for_enc(gnutls_session_t session, unsigned key_usage)
+{
+	if (key_usage != 0) {
+		if (!(key_usage & GNUTLS_KEY_KEY_ENCIPHERMENT) && !(key_usage & GNUTLS_KEY_KEY_AGREEMENT)) {
+			gnutls_assert();
+			if (session->internals.allow_key_usage_violation == 0) {
+				_gnutls_audit_log(session,
+					  "Peer's certificate does not allow encryption. Key usage violation detected.\n");
+				return GNUTLS_E_KEY_USAGE_VIOLATION;
+			} else {
+				_gnutls_audit_log(session,
+					  "Peer's certificate does not allow encryption. Key usage violation detected (ignored).\n");
+			}
+		}
+	}
+	return 0;
+}
+
+/* This function reads the RSA parameters from peer's certificate;
+ *
+ * IMPORTANT:
+ * Currently this function gets only called on the client side
+ * during generation of the client kx msg. This function
+ * retrieves the RSA params from the peer's certificate. That is in
+ * this case the server's certificate. As of GNUTLS version 3.6.4 it is
+ * possible to negotiate different certificate types for client and
+ * server. Therefore the correct cert type needs to be retrieved to be
+ * used for the _gnutls_get_auth_info_pcert call. If this
+ * function is to be called on the server side in the future, extra
+ * checks need to be build in order to retrieve the correct
+ * certificate type.
+ */
+int
+_gnutls_get_public_rsa_params(gnutls_session_t session,
+			      gnutls_pk_params_st * params)
+{
+	int ret;
+	cert_auth_info_t info;
+	unsigned key_usage;
+	gnutls_pcert_st peer_cert;
+	gnutls_certificate_type_t cert_type;
+
+	assert(!IS_SERVER(session));
+
+	/* normal non export case */
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+
+	if (info == NULL || info->ncerts == 0) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	// Get the negotiated server certificate type
+	cert_type = get_certificate_type(session, GNUTLS_CTYPE_SERVER);
+
+	ret = _gnutls_get_auth_info_pcert(&peer_cert, cert_type, info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	gnutls_pubkey_get_key_usage(peer_cert.pubkey, &key_usage);
+
+	ret = check_key_usage_for_enc(session, key_usage);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup2;
+	}
+
+	gnutls_pk_params_init(params);
+
+	ret = _gnutls_pubkey_get_mpis(peer_cert.pubkey, params);
+	if (ret < 0) {
+		ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		goto cleanup2;
+	}
+
+	gnutls_pcert_deinit(&peer_cert);
+	return 0;
+
+      cleanup2:
+	gnutls_pcert_deinit(&peer_cert);
+
+	return ret;
+}
+
+static int
+proc_rsa_client_kx(gnutls_session_t session, uint8_t * data,
+		   size_t _data_size)
+{
+	gnutls_datum_t ciphertext;
+	int ret, dsize;
+	ssize_t data_size = _data_size;
+	volatile uint8_t ver_maj, ver_min;
+
+#ifdef ENABLE_SSL3
+	if (get_num_version(session) == GNUTLS_SSL3) {
+		/* SSL 3.0 
+		 */
+		ciphertext.data = data;
+		ciphertext.size = data_size;
+	} else
+#endif
+	{
+		/* TLS 1.0+
+		 */
+		DECR_LEN(data_size, 2);
+		ciphertext.data = &data[2];
+		dsize = _gnutls_read_uint16(data);
+
+		if (dsize != data_size) {
+			gnutls_assert();
+			return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+		}
+		ciphertext.size = dsize;
+	}
+
+	ver_maj = _gnutls_get_adv_version_major(session);
+	ver_min = _gnutls_get_adv_version_minor(session);
+
+	session->key.key.data = gnutls_malloc(GNUTLS_MASTER_SIZE);
+	if (session->key.key.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+	session->key.key.size = GNUTLS_MASTER_SIZE;
+
+	/* Fallback value when decryption fails. Needs to be unpredictable. */
+	ret = gnutls_rnd(GNUTLS_RND_NONCE, session->key.key.data,
+			 GNUTLS_MASTER_SIZE);
+	if (ret < 0) {
+		gnutls_free(session->key.key.data);
+		session->key.key.size = 0;
+		gnutls_assert();
+		return ret;
+	}
+
+	gnutls_privkey_decrypt_data2(session->internals.selected_key,
+				     0, &ciphertext, session->key.key.data,
+				     session->key.key.size);
+	/* After this point, any conditional on failure that cause differences
+	 * in execution may create a timing or cache access pattern side
+	 * channel that can be used as an oracle, so treat very carefully */
+
+	/* Error handling logic:
+	 * In case decryption fails then don't inform the peer. Just use the
+	 * random key previously generated. (in order to avoid attack against
+	 * pkcs-1 formatting).
+	 *
+	 * If we get version mismatches no error is returned either. We
+	 * proceed normally. This is to defend against the attack described
+	 * in the paper "Attacking RSA-based sessions in SSL/TLS" by
+	 * Vlastimil Klima, Ondej Pokorny and Tomas Rosa.
+	 */
+
+	/* This is here to avoid the version check attack
+	 * discussed above.
+	 */
+	session->key.key.data[0] = ver_maj;
+	session->key.key.data[1] = ver_min;
+
+	return 0;
+}
+
+
+
+/* return RSA(random) using the peers public key 
+ */
+int
+_gnutls_gen_rsa_client_kx(gnutls_session_t session,
+			  gnutls_buffer_st * data)
+{
+	cert_auth_info_t auth = session->key.auth_info;
+	gnutls_datum_t sdata;	/* data to send */
+	gnutls_pk_params_st params;
+	int ret;
+
+	if (auth == NULL) {
+		/* this shouldn't have happened. The proc_certificate
+		 * function should have detected that.
+		 */
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	session->key.key.size = GNUTLS_MASTER_SIZE;
+	session->key.key.data = gnutls_malloc(session->key.key.size);
+
+	if (session->key.key.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret = gnutls_rnd(GNUTLS_RND_RANDOM, session->key.key.data,
+			  session->key.key.size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (session->internals.rsa_pms_version[0] == 0) {
+		session->key.key.data[0] =
+		    _gnutls_get_adv_version_major(session);
+		session->key.key.data[1] =
+		    _gnutls_get_adv_version_minor(session);
+	} else {		/* use the version provided */
+		session->key.key.data[0] =
+		    session->internals.rsa_pms_version[0];
+		session->key.key.data[1] =
+		    session->internals.rsa_pms_version[1];
+	}
+
+	/* move RSA parameters to key (session).
+	 */
+	if ((ret = _gnutls_get_public_rsa_params(session, &params)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_pk_encrypt(GNUTLS_PK_RSA, &sdata, &session->key.key,
+			       &params);
+
+	gnutls_pk_params_release(&params);
+
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+
+#ifdef ENABLE_SSL3
+	if (get_num_version(session) == GNUTLS_SSL3) {
+		/* SSL 3.0 */
+		ret =
+		    _gnutls_buffer_append_data(data, sdata.data,
+					       sdata.size);
+
+		_gnutls_free_datum(&sdata);
+		return ret;
+	} else
+#endif
+	{		/* TLS 1.x */
+		ret =
+		    _gnutls_buffer_append_data_prefix(data, 16, sdata.data,
+						      sdata.size);
+
+		_gnutls_free_datum(&sdata);
+		return ret;
+	}
+}
diff --git a/lib/auth/rsa_common.h b/lib/auth/rsa_common.h
new file mode 100644
index 0000000..d91448b
--- /dev/null
+++ b/lib/auth/rsa_common.h
@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2007, 2008, 2010
+ * Free Software Foundation, Inc.
+ *
+ * Copyright (C) 2011
+ * Bardenheuer GmbH, Munich and Bundesdruckerei GmbH, Berlin
+ *
+ * Copyright (C) 2013
+ * Frank Morgner <morgner@informatik.hu-berlin.de>
+ *
+ * Author: Frank Morgner
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_AUTH_RSA_COMMON_H
+#define GNUTLS_LIB_AUTH_RSA_COMMON_H
+
+#include <abstract_int.h>
+
+int
+_gnutls_get_public_rsa_params(gnutls_session_t session,
+			      gnutls_pk_params_st * params);
+
+#endif /* GNUTLS_LIB_AUTH_RSA_COMMON_H */
diff --git a/lib/auth/rsa_psk.c b/lib/auth/rsa_psk.c
new file mode 100644
index 0000000..3909295
--- /dev/null
+++ b/lib/auth/rsa_psk.c
@@ -0,0 +1,436 @@
+/*
+ * Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2007, 2009, 2010
+ * Free Software Foundation, Inc.
+ *
+ * Copyright (C) 2011
+ * Bardenheuer GmbH, Munich and Bundesdruckerei GmbH, Berlin
+ *
+ * Copyright (C) 2013 Frank Morgner
+ * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
+ * USA
+ *
+ */
+
+#include "gnutls_int.h"
+
+#ifdef ENABLE_PSK
+
+#include "auth.h"
+#include "dh.h"
+#include "errors.h"
+#include "mpi.h"
+#include "num.h"
+#include "gnutls_int.h"
+#include "pk.h"
+#include "random.h"
+#include <abstract_int.h>
+#include <algorithms.h>
+#include <auth/dh_common.h>
+#include <auth/psk.h>
+#include <auth/psk_passwd.h>
+#include <auth/rsa_common.h>
+#include <cert.h>
+#include <datum.h>
+#include <state.h>
+
+static int _gnutls_gen_rsa_psk_client_kx(gnutls_session_t session,
+					 gnutls_buffer_st * data);
+static int _gnutls_proc_rsa_psk_client_kx(gnutls_session_t, uint8_t *,
+					  size_t);
+static int
+_gnutls_proc_rsa_psk_server_kx(gnutls_session_t session, uint8_t * data,
+			   size_t _data_size);
+
+const mod_auth_st rsa_psk_auth_struct = {
+	"RSA PSK",
+	_gnutls_gen_cert_server_crt,
+	NULL,			/* generate_client_certificate */
+	_gnutls_gen_psk_server_kx,
+	_gnutls_gen_rsa_psk_client_kx,
+	NULL,			/* generate_client_cert_vrfy */
+	NULL,			/* generate_server_certificate_request */
+	_gnutls_proc_crt,
+	NULL,			/* process_client_certificate */
+	_gnutls_proc_rsa_psk_server_kx,
+	_gnutls_proc_rsa_psk_client_kx,
+	NULL,			/* process_client_cert_vrfy */
+	NULL			/* process_server_certificate_reuqest */
+};
+
+/* Set the PSK premaster secret.
+ */
+static int
+set_rsa_psk_session_key(gnutls_session_t session,
+			gnutls_datum_t * ppsk, gnutls_datum_t * rsa_secret)
+{
+	unsigned char *p;
+	size_t rsa_secret_size;
+	int ret;
+
+
+	rsa_secret_size = rsa_secret->size;
+
+	/* set the session key
+	 */
+	session->key.key.size = 2 + rsa_secret_size + 2 + ppsk->size;
+	session->key.key.data = gnutls_malloc(session->key.key.size);
+	if (session->key.key.data == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto error;
+	}
+
+	/* format of the premaster secret:
+	 * (uint16_t) other_secret size (48)
+	 * other_secret: 2 byte version + 46 byte random
+	 * (uint16_t) psk_size
+	 * the psk
+	 */
+	_gnutls_write_uint16(rsa_secret_size, session->key.key.data);
+	memcpy(&session->key.key.data[2], rsa_secret->data,
+	       rsa_secret->size);
+	p = &session->key.key.data[rsa_secret_size + 2];
+	_gnutls_write_uint16(ppsk->size, p);
+	if (ppsk->data != NULL)
+		memcpy(p + 2, ppsk->data, ppsk->size);
+
+	ret = 0;
+
+      error:
+	return ret;
+}
+
+/* Generate client key exchange message
+ *
+ *
+ * struct {
+ *    select (KeyExchangeAlgorithm) {
+ *       uint8_t psk_identity<0..2^16-1>;
+ *       EncryptedPreMasterSecret;
+ *    } exchange_keys;
+ * } ClientKeyExchange;
+ */
+static int
+_gnutls_gen_rsa_psk_client_kx(gnutls_session_t session,
+			      gnutls_buffer_st * data)
+{
+	cert_auth_info_t auth = session->key.auth_info;
+	gnutls_datum_t sdata;	/* data to send */
+	gnutls_pk_params_st params;
+	gnutls_psk_client_credentials_t cred;
+	gnutls_datum_t username, key;
+	int ret, free;
+	unsigned init_pos;
+
+	if (auth == NULL) {
+		/* this shouldn't have happened. The proc_certificate
+		 * function should have detected that.
+		 */
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	gnutls_datum_t premaster_secret;
+	premaster_secret.size = GNUTLS_MASTER_SIZE;
+	premaster_secret.data =
+	    gnutls_malloc(premaster_secret.size);
+
+	if (premaster_secret.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	/* Generate random */
+	ret = gnutls_rnd(GNUTLS_RND_RANDOM, premaster_secret.data,
+			  premaster_secret.size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* Set version */
+	if (session->internals.rsa_pms_version[0] == 0) {
+		premaster_secret.data[0] =
+		    _gnutls_get_adv_version_major(session);
+		premaster_secret.data[1] =
+		    _gnutls_get_adv_version_minor(session);
+	} else {		/* use the version provided */
+		premaster_secret.data[0] =
+		    session->internals.rsa_pms_version[0];
+		premaster_secret.data[1] =
+		    session->internals.rsa_pms_version[1];
+	}
+
+	/* move RSA parameters to key (session).
+	 */
+	if ((ret = _gnutls_get_public_rsa_params(session, &params)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* Encrypt premaster secret */
+	if ((ret =
+	     _gnutls_pk_encrypt(GNUTLS_PK_RSA, &sdata, &premaster_secret,
+				&params)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	gnutls_pk_params_release(&params);
+
+	cred = (gnutls_psk_client_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_PSK);
+
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	ret = _gnutls_find_psk_key(session, cred, &username, &key, &free);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* Here we set the PSK key */
+	ret = set_rsa_psk_session_key(session, &key, &premaster_secret);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Create message for client key exchange
+	 *
+	 * struct {
+	 *   uint8_t psk_identity<0..2^16-1>;
+	 *   EncryptedPreMasterSecret;
+	 * }
+	 */
+
+	init_pos = data->length;
+
+	/* Write psk_identity and EncryptedPreMasterSecret into data stream
+	 */
+	ret =
+	    _gnutls_buffer_append_data_prefix(data, 16,
+					      username.data,
+					      username.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_buffer_append_data_prefix(data, 16, sdata.data,
+					      sdata.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = data->length - init_pos;
+
+      cleanup:
+	_gnutls_free_datum(&sdata);
+	_gnutls_free_temp_key_datum(&premaster_secret);
+	if (free) {
+		_gnutls_free_temp_key_datum(&key);
+		gnutls_free(username.data);
+	}
+
+	return ret;
+}
+
+/*
+  Process the client key exchange message
+*/
+static int
+_gnutls_proc_rsa_psk_client_kx(gnutls_session_t session, uint8_t * data,
+			       size_t _data_size)
+{
+	gnutls_datum_t username;
+	psk_auth_info_t info;
+	gnutls_datum_t plaintext;
+	gnutls_datum_t ciphertext;
+	gnutls_datum_t pwd_psk = { NULL, 0 };
+	int ret, dsize;
+	int randomize_key = 0;
+	ssize_t data_size = _data_size;
+	gnutls_psk_server_credentials_t cred;
+	gnutls_datum_t premaster_secret = { NULL, 0 };
+
+	cred = (gnutls_psk_server_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_PSK);
+
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	ret = _gnutls_auth_info_init(session, GNUTLS_CRD_PSK,
+				    sizeof(psk_auth_info_st), 1);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+  /*** 1. Extract user psk_identity ***/
+
+	DECR_LEN(data_size, 2);
+	username.size = _gnutls_read_uint16(&data[0]);
+
+	DECR_LEN(data_size, username.size);
+
+	username.data = &data[2];
+
+	/* copy the username to the auth info structures
+	 */
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+	if (info == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	if (username.size > MAX_USERNAME_SIZE) {
+		gnutls_assert();
+		return GNUTLS_E_ILLEGAL_SRP_USERNAME;
+	}
+
+	ret = _gnutls_copy_psk_username(info, username);
+	if (ret < 0)
+		gnutls_assert_val(ret);
+
+	/* Adjust data so it points to EncryptedPreMasterSecret */
+	data += username.size + 2;
+
+  /*** 2. Decrypt and extract EncryptedPreMasterSecret ***/
+
+	DECR_LEN(data_size, 2);
+	ciphertext.data = &data[2];
+	dsize = _gnutls_read_uint16(data);
+
+	if (dsize != data_size) {
+		gnutls_assert();
+		return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+	}
+	ciphertext.size = dsize;
+
+	ret =
+	    gnutls_privkey_decrypt_data(session->internals.selected_key, 0,
+					&ciphertext, &plaintext);
+	if (ret < 0 || plaintext.size != GNUTLS_MASTER_SIZE) {
+		/* In case decryption fails then don't inform
+		 * the peer. Just use a random key. (in order to avoid
+		 * attack against pkcs-1 formatting).
+		 */
+		gnutls_assert();
+		_gnutls_debug_log
+		    ("auth_rsa_psk: Possible PKCS #1 format attack\n");
+		if (ret >= 0) {
+			gnutls_free(plaintext.data);
+		}
+		randomize_key = 1;
+	} else {
+		/* If the secret was properly formatted, then
+		 * check the version number.
+		 */
+		if (_gnutls_get_adv_version_major(session) !=
+		    plaintext.data[0]
+		    || (session->internals.allow_wrong_pms == 0
+			&& _gnutls_get_adv_version_minor(session) !=
+			plaintext.data[1])) {
+			/* No error is returned here, if the version number check
+			 * fails. We proceed normally.
+			 * That is to defend against the attack described in the paper
+			 * "Attacking RSA-based sessions in SSL/TLS" by Vlastimil Klima,
+			 * Ondej Pokorny and Tomas Rosa.
+			 */
+			gnutls_assert();
+			_gnutls_debug_log
+			    ("auth_rsa: Possible PKCS #1 version check format attack\n");
+		}
+	}
+
+
+	if (randomize_key != 0) {
+		premaster_secret.size = GNUTLS_MASTER_SIZE;
+		premaster_secret.data =
+		    gnutls_malloc(premaster_secret.size);
+		if (premaster_secret.data == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+
+		/* we do not need strong random numbers here.
+		 */
+		ret = gnutls_rnd(GNUTLS_RND_NONCE, premaster_secret.data,
+				  premaster_secret.size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	} else {
+		premaster_secret.data = plaintext.data;
+		premaster_secret.size = plaintext.size;
+	}
+
+	/* This is here to avoid the version check attack
+	 * discussed above.
+	 */
+
+	premaster_secret.data[0] = _gnutls_get_adv_version_major(session);
+	premaster_secret.data[1] = _gnutls_get_adv_version_minor(session);
+
+	/* find the key of this username
+	 */
+	ret =
+	    _gnutls_psk_pwd_find_entry(session, info->username, strlen(info->username), &pwd_psk);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    set_rsa_psk_session_key(session, &pwd_psk, &premaster_secret);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+      cleanup:
+	_gnutls_free_key_datum(&pwd_psk);
+	_gnutls_free_temp_key_datum(&premaster_secret);
+
+	return ret;
+}
+
+static int
+_gnutls_proc_rsa_psk_server_kx(gnutls_session_t session, uint8_t * data,
+			   size_t _data_size)
+{
+	/* In RSA-PSK the key is calculated elsewhere.
+	 * Moreover, since we only keep a single auth info structure, we cannot
+	 * store the hint (as we store certificate auth info).
+	 * Ideally we need to handle that by multiple auth info
+	 * structures or something similar.
+	 */
+
+	return 0;
+}
+
+#endif				/* ENABLE_PSK */
diff --git a/lib/auth/srp_kx.c b/lib/auth/srp_kx.c
new file mode 100644
index 0000000..e6ecf24
--- /dev/null
+++ b/lib/auth/srp_kx.c
@@ -0,0 +1,1021 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+
+#ifdef ENABLE_SRP
+
+#include "errors.h"
+#include <auth/srp_passwd.h>
+#include "auth.h"
+#include "srp.h"
+#include "num.h"
+#include <auth/srp_kx.h>
+#include <str.h>
+#include <datum.h>
+#include <ext/srp.h>
+
+const mod_auth_st srp_auth_struct = {
+	"SRP",
+	NULL,
+	NULL,
+	_gnutls_gen_srp_server_kx,
+	_gnutls_gen_srp_client_kx,
+	NULL,
+	NULL,
+
+	NULL,
+	NULL,			/* certificate */
+	_gnutls_proc_srp_server_kx,
+	_gnutls_proc_srp_client_kx,
+	NULL,
+	NULL
+};
+
+
+#define _b session->key.proto.tls12.srp.b
+#define B session->key.proto.tls12.srp.B
+#define _a session->key.proto.tls12.srp.a
+#define A session->key.proto.tls12.srp.A
+#define N session->key.proto.tls12.srp.srp_p
+#define G session->key.proto.tls12.srp.srp_g
+#define V session->key.proto.tls12.srp.x
+#define S session->key.proto.tls12.srp.srp_key
+
+/* Checks if a%n==0,+1,-1%n which is a fatal srp error.
+ * Returns a proper error code in that case, and 0 when
+ * all are ok.
+ */
+inline static int check_param_mod_n(bigint_t a, bigint_t n, int is_a)
+{
+	int ret, err = 0;
+	bigint_t r;
+
+	ret = _gnutls_mpi_init(&r);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_mpi_modm(r, a, n);
+	if (ret < 0) {
+		_gnutls_mpi_release(&r);
+		return gnutls_assert_val(ret);
+	}
+
+	ret = _gnutls_mpi_cmp_ui(r, 0);
+	if (ret == 0)
+		err = 1;
+
+	if (is_a != 0) {
+		ret = _gnutls_mpi_cmp_ui(r, 1);
+		if (ret == 0)
+			err = 1;
+
+		ret = _gnutls_mpi_add_ui(r, r, 1);
+		if (ret < 0) {
+			_gnutls_mpi_release(&r);
+			return gnutls_assert_val(ret);
+		}
+		
+		ret = _gnutls_mpi_cmp(r, n);
+		if (ret == 0)
+			err = 1;
+	}
+
+	_gnutls_mpi_release(&r);
+
+	if (err != 0) {
+		gnutls_assert();
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+
+	return 0;
+}
+
+
+/* Send the first key exchange message ( g, n, s) and append the verifier algorithm number 
+ * Data is allocated by the caller, and should have data_size size.
+ */
+int
+_gnutls_gen_srp_server_kx(gnutls_session_t session,
+			  gnutls_buffer_st * data)
+{
+	int ret;
+	SRP_PWD_ENTRY *pwd_entry;
+	srp_server_auth_info_t info;
+	size_t tmp_size, username_length;
+	gnutls_ext_priv_data_t epriv;
+	srp_ext_st *priv;
+	unsigned init_pos;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_SRP,
+					 &epriv);
+	if (ret < 0) {		/* peer didn't send a username */
+		gnutls_assert();
+		return GNUTLS_E_UNKNOWN_SRP_USERNAME;
+	}
+	priv = epriv;
+
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_SRP,
+				   sizeof(srp_server_auth_info_st),
+				   1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_SRP);
+	if (info == NULL)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	username_length = strlen(priv->username);
+	if (username_length > MAX_USERNAME_SIZE)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_SRP_USERNAME);
+
+	gnutls_free(info->username);
+	info->username = gnutls_strdup(priv->username);
+	if (info->username == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	ret = _gnutls_srp_pwd_read_entry(session, priv->username, &pwd_entry);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	init_pos = data->length;
+
+	/* copy from pwd_entry to local variables (actually in session) */
+	tmp_size = pwd_entry->g.size;
+	if (_gnutls_mpi_init_scan_nz(&G, pwd_entry->g.data, tmp_size) < 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+		goto cleanup;
+	}
+
+	tmp_size = pwd_entry->n.size;
+	if (_gnutls_mpi_init_scan_nz(&N, pwd_entry->n.data, tmp_size) < 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+		goto cleanup;
+	}
+
+	tmp_size = pwd_entry->v.size;
+	if (_gnutls_mpi_init_scan_nz(&V, pwd_entry->v.data, tmp_size) < 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+		goto cleanup;
+	}
+
+	/* Calculate:  B = (k*v + g^b) % N 
+	 */
+	B = _gnutls_calc_srp_B(&_b, G, N, V);
+	if (B == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	/* copy N (mod n) 
+	 */
+	ret =
+	    _gnutls_buffer_append_data_prefix(data, 16, pwd_entry->n.data,
+					      pwd_entry->n.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* copy G (generator) to data 
+	 */
+	ret =
+	    _gnutls_buffer_append_data_prefix(data, 16, pwd_entry->g.data,
+					      pwd_entry->g.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* copy the salt 
+	 */
+	ret =
+	    _gnutls_buffer_append_data_prefix(data, 8,
+					      pwd_entry->salt.data,
+					      pwd_entry->salt.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Copy the B value
+	 */
+
+	ret = _gnutls_buffer_append_mpi(data, 16, B, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	_gnutls_mpi_log("SRP B: ", B);
+
+	ret = data->length - init_pos;
+
+      cleanup:
+	_gnutls_srp_entry_free(pwd_entry);
+	return ret;
+}
+
+/* return A = g^a % N */
+int
+_gnutls_gen_srp_client_kx(gnutls_session_t session,
+			  gnutls_buffer_st * data)
+{
+	int ret;
+	char *username, *password;
+	gnutls_srp_client_credentials_t cred;
+	gnutls_ext_priv_data_t epriv;
+	srp_ext_st *priv;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_SRP,
+					 &epriv);
+	if (ret < 0) {		/* peer didn't send a username */
+		gnutls_assert();
+		return GNUTLS_E_UNKNOWN_SRP_USERNAME;
+	}
+	priv = epriv;
+
+	cred = (gnutls_srp_client_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_SRP);
+
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if (priv->username == NULL) {
+		username = cred->username;
+		password = cred->password;
+	} else {
+
+		username = priv->username;
+		password = priv->password;
+	}
+
+	if (username == NULL || password == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	/* calc A = g^a % N 
+	 */
+	if (G == NULL || N == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	A = _gnutls_calc_srp_A(&_a, G, N);
+	if (A == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	/* Rest of SRP calculations 
+	 */
+
+	/* calculate u */
+	session->key.proto.tls12.srp.u = _gnutls_calc_srp_u(A, B, N);
+	if (session->key.proto.tls12.srp.u == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	_gnutls_mpi_log("SRP U: ", session->key.proto.tls12.srp.u);
+
+	/* S = (B - g^x) ^ (a + u * x) % N */
+	S = _gnutls_calc_srp_S2(B, G, session->key.proto.tls12.srp.x, _a, session->key.proto.tls12.srp.u,
+				N);
+	if (S == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	_gnutls_mpi_log("SRP B: ", B);
+
+	zrelease_temp_mpi_key(&_b);
+	zrelease_temp_mpi_key(&V);
+	zrelease_temp_mpi_key(&session->key.proto.tls12.srp.u);
+	zrelease_temp_mpi_key(&B);
+
+	ret = _gnutls_mpi_dprint(session->key.proto.tls12.srp.srp_key, &session->key.key);
+	zrelease_temp_mpi_key(&S);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_buffer_append_mpi(data, 16, A, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_mpi_log("SRP A: ", A);
+
+	_gnutls_mpi_release(&A);
+
+	return data->length;
+}
+
+
+/* just read A and put it to session */
+int
+_gnutls_proc_srp_client_kx(gnutls_session_t session, uint8_t * data,
+			   size_t _data_size)
+{
+	ssize_t _n_A;
+	ssize_t data_size = _data_size;
+	int ret;
+
+	DECR_LEN(data_size, 2);
+	_n_A = _gnutls_read_uint16(&data[0]);
+
+	DECR_LEN(data_size, _n_A);
+	if (_gnutls_mpi_init_scan_nz(&A, &data[2], _n_A) || A == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+
+	_gnutls_mpi_log("SRP A: ", A);
+	_gnutls_mpi_log("SRP B: ", B);
+
+	/* Checks if A % n == 0.
+	 */
+	if ((ret = check_param_mod_n(A, N, 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* Start the SRP calculations.
+	 * - Calculate u 
+	 */
+	session->key.proto.tls12.srp.u = _gnutls_calc_srp_u(A, B, N);
+	if (session->key.proto.tls12.srp.u == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	_gnutls_mpi_log("SRP U: ", session->key.proto.tls12.srp.u);
+
+	/* S = (A * v^u) ^ b % N 
+	 */
+	S = _gnutls_calc_srp_S1(A, _b, session->key.proto.tls12.srp.u, V, N);
+	if (S == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	_gnutls_mpi_log("SRP S: ", S);
+
+	_gnutls_mpi_release(&A);
+	zrelease_temp_mpi_key(&_b);
+	zrelease_temp_mpi_key(&V);
+	zrelease_temp_mpi_key(&session->key.proto.tls12.srp.u);
+	zrelease_temp_mpi_key(&B);
+
+	ret = _gnutls_mpi_dprint(session->key.proto.tls12.srp.srp_key, &session->key.key);
+	zrelease_temp_mpi_key(&S);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+
+
+/* Static parameters according to draft-ietf-tls-srp-07
+ * Note that if more parameters are added check_g_n()
+ * and _gnutls_srp_entry_free() should be changed.
+ */
+static const unsigned char srp_params_1024[] = {
+	0xEE, 0xAF, 0x0A, 0xB9, 0xAD, 0xB3, 0x8D, 0xD6,
+	0x9C, 0x33, 0xF8, 0x0A, 0xFA, 0x8F, 0xC5, 0xE8,
+	0x60, 0x72, 0x61, 0x87, 0x75, 0xFF, 0x3C, 0x0B,
+	0x9E, 0xA2, 0x31, 0x4C, 0x9C, 0x25, 0x65, 0x76,
+	0xD6, 0x74, 0xDF, 0x74, 0x96, 0xEA, 0x81, 0xD3,
+	0x38, 0x3B, 0x48, 0x13, 0xD6, 0x92, 0xC6, 0xE0,
+	0xE0, 0xD5, 0xD8, 0xE2, 0x50, 0xB9, 0x8B, 0xE4,
+	0x8E, 0x49, 0x5C, 0x1D, 0x60, 0x89, 0xDA, 0xD1,
+	0x5D, 0xC7, 0xD7, 0xB4, 0x61, 0x54, 0xD6, 0xB6,
+	0xCE, 0x8E, 0xF4, 0xAD, 0x69, 0xB1, 0x5D, 0x49,
+	0x82, 0x55, 0x9B, 0x29, 0x7B, 0xCF, 0x18, 0x85,
+	0xC5, 0x29, 0xF5, 0x66, 0x66, 0x0E, 0x57, 0xEC,
+	0x68, 0xED, 0xBC, 0x3C, 0x05, 0x72, 0x6C, 0xC0,
+	0x2F, 0xD4, 0xCB, 0xF4, 0x97, 0x6E, 0xAA, 0x9A,
+	0xFD, 0x51, 0x38, 0xFE, 0x83, 0x76, 0x43, 0x5B,
+	0x9F, 0xC6, 0x1D, 0x2F, 0xC0, 0xEB, 0x06, 0xE3
+};
+
+static const unsigned char srp_generator = 0x02;
+static const unsigned char srp3072_generator = 0x05;
+static const unsigned char srp8192_generator = 19;
+
+const gnutls_datum_t gnutls_srp_1024_group_prime = {
+	(void *) srp_params_1024, sizeof(srp_params_1024)
+};
+
+const gnutls_datum_t gnutls_srp_1024_group_generator = {
+	(void *) &srp_generator, sizeof(srp_generator)
+};
+
+static const unsigned char srp_params_1536[] = {
+	0x9D, 0xEF, 0x3C, 0xAF, 0xB9, 0x39, 0x27, 0x7A, 0xB1,
+	0xF1, 0x2A, 0x86, 0x17, 0xA4, 0x7B, 0xBB, 0xDB, 0xA5,
+	0x1D, 0xF4, 0x99, 0xAC, 0x4C, 0x80, 0xBE, 0xEE, 0xA9,
+	0x61, 0x4B, 0x19, 0xCC, 0x4D, 0x5F, 0x4F, 0x5F, 0x55,
+	0x6E, 0x27, 0xCB, 0xDE, 0x51, 0xC6, 0xA9, 0x4B, 0xE4,
+	0x60, 0x7A, 0x29, 0x15, 0x58, 0x90, 0x3B, 0xA0, 0xD0,
+	0xF8, 0x43, 0x80, 0xB6, 0x55, 0xBB, 0x9A, 0x22, 0xE8,
+	0xDC, 0xDF, 0x02, 0x8A, 0x7C, 0xEC, 0x67, 0xF0, 0xD0,
+	0x81, 0x34, 0xB1, 0xC8, 0xB9, 0x79, 0x89, 0x14, 0x9B,
+	0x60, 0x9E, 0x0B, 0xE3, 0xBA, 0xB6, 0x3D, 0x47, 0x54,
+	0x83, 0x81, 0xDB, 0xC5, 0xB1, 0xFC, 0x76, 0x4E, 0x3F,
+	0x4B, 0x53, 0xDD, 0x9D, 0xA1, 0x15, 0x8B, 0xFD, 0x3E,
+	0x2B, 0x9C, 0x8C, 0xF5, 0x6E, 0xDF, 0x01, 0x95, 0x39,
+	0x34, 0x96, 0x27, 0xDB, 0x2F, 0xD5, 0x3D, 0x24, 0xB7,
+	0xC4, 0x86, 0x65, 0x77, 0x2E, 0x43, 0x7D, 0x6C, 0x7F,
+	0x8C, 0xE4, 0x42, 0x73, 0x4A, 0xF7, 0xCC, 0xB7, 0xAE,
+	0x83, 0x7C, 0x26, 0x4A, 0xE3, 0xA9, 0xBE, 0xB8, 0x7F,
+	0x8A, 0x2F, 0xE9, 0xB8, 0xB5, 0x29, 0x2E, 0x5A, 0x02,
+	0x1F, 0xFF, 0x5E, 0x91, 0x47, 0x9E, 0x8C, 0xE7, 0xA2,
+	0x8C, 0x24, 0x42, 0xC6, 0xF3, 0x15, 0x18, 0x0F, 0x93,
+	0x49, 0x9A, 0x23, 0x4D, 0xCF, 0x76, 0xE3, 0xFE, 0xD1,
+	0x35, 0xF9, 0xBB
+};
+
+const gnutls_datum_t gnutls_srp_1536_group_prime = {
+	(void *) srp_params_1536, sizeof(srp_params_1536)
+};
+
+const gnutls_datum_t gnutls_srp_1536_group_generator = {
+	(void *) &srp_generator, sizeof(srp_generator)
+};
+
+static const unsigned char srp_params_2048[] = {
+	0xAC, 0x6B, 0xDB, 0x41, 0x32, 0x4A, 0x9A, 0x9B, 0xF1,
+	0x66, 0xDE, 0x5E, 0x13, 0x89, 0x58, 0x2F, 0xAF, 0x72,
+	0xB6, 0x65, 0x19, 0x87, 0xEE, 0x07, 0xFC, 0x31, 0x92,
+	0x94, 0x3D, 0xB5, 0x60, 0x50, 0xA3, 0x73, 0x29, 0xCB,
+	0xB4, 0xA0, 0x99, 0xED, 0x81, 0x93, 0xE0, 0x75, 0x77,
+	0x67, 0xA1, 0x3D, 0xD5, 0x23, 0x12, 0xAB, 0x4B, 0x03,
+	0x31, 0x0D, 0xCD, 0x7F, 0x48, 0xA9, 0xDA, 0x04, 0xFD,
+	0x50, 0xE8, 0x08, 0x39, 0x69, 0xED, 0xB7, 0x67, 0xB0,
+	0xCF, 0x60, 0x95, 0x17, 0x9A, 0x16, 0x3A, 0xB3, 0x66,
+	0x1A, 0x05, 0xFB, 0xD5, 0xFA, 0xAA, 0xE8, 0x29, 0x18,
+	0xA9, 0x96, 0x2F, 0x0B, 0x93, 0xB8, 0x55, 0xF9, 0x79,
+	0x93, 0xEC, 0x97, 0x5E, 0xEA, 0xA8, 0x0D, 0x74, 0x0A,
+	0xDB, 0xF4, 0xFF, 0x74, 0x73, 0x59, 0xD0, 0x41, 0xD5,
+	0xC3, 0x3E, 0xA7, 0x1D, 0x28, 0x1E, 0x44, 0x6B, 0x14,
+	0x77, 0x3B, 0xCA, 0x97, 0xB4, 0x3A, 0x23, 0xFB, 0x80,
+	0x16, 0x76, 0xBD, 0x20, 0x7A, 0x43, 0x6C, 0x64, 0x81,
+	0xF1, 0xD2, 0xB9, 0x07, 0x87, 0x17, 0x46, 0x1A, 0x5B,
+	0x9D, 0x32, 0xE6, 0x88, 0xF8, 0x77, 0x48, 0x54, 0x45,
+	0x23, 0xB5, 0x24, 0xB0, 0xD5, 0x7D, 0x5E, 0xA7, 0x7A,
+	0x27, 0x75, 0xD2, 0xEC, 0xFA, 0x03, 0x2C, 0xFB, 0xDB,
+	0xF5, 0x2F, 0xB3, 0x78, 0x61, 0x60, 0x27, 0x90, 0x04,
+	0xE5, 0x7A, 0xE6, 0xAF, 0x87, 0x4E, 0x73, 0x03, 0xCE,
+	0x53, 0x29, 0x9C, 0xCC, 0x04, 0x1C, 0x7B, 0xC3, 0x08,
+	0xD8, 0x2A, 0x56, 0x98, 0xF3, 0xA8, 0xD0, 0xC3, 0x82,
+	0x71, 0xAE, 0x35, 0xF8, 0xE9, 0xDB, 0xFB, 0xB6, 0x94,
+	0xB5, 0xC8, 0x03, 0xD8, 0x9F, 0x7A, 0xE4, 0x35, 0xDE,
+	0x23, 0x6D, 0x52, 0x5F, 0x54, 0x75, 0x9B, 0x65, 0xE3,
+	0x72, 0xFC, 0xD6, 0x8E, 0xF2, 0x0F, 0xA7, 0x11, 0x1F,
+	0x9E, 0x4A, 0xFF, 0x73
+};
+
+const gnutls_datum_t gnutls_srp_2048_group_prime = {
+	(void *) srp_params_2048, sizeof(srp_params_2048)
+};
+
+const gnutls_datum_t gnutls_srp_2048_group_generator = {
+	(void *) &srp_generator, sizeof(srp_generator)
+};
+
+static const unsigned char srp_params_3072[] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9,
+	0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6,
+	0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E,
+	0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
+	0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E,
+	0x34, 0x04, 0xDD, 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A,
+	0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14,
+	0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+	0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4,
+	0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF,
+	0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38, 0x6B,
+	0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
+	0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC,
+	0xE4, 0x5B, 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63,
+	0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3,
+	0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+	0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C,
+	0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5,
+	0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 0x67, 0x0C, 0x35,
+	0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
+	0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E,
+	0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E,
+	0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2,
+	0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+	0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39,
+	0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2,
+	0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, 0x15, 0x72, 0x8E,
+	0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
+	0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF,
+	0x1C, 0xBA, 0x64, 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB,
+	0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C,
+	0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
+	0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E,
+	0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3,
+	0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA,
+	0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
+	0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17,
+	0x7B, 0x20, 0x0C, 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61,
+	0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46,
+	0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
+	0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B,
+	0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_srp_3072_group_generator = {
+	(void *) &srp3072_generator, sizeof(srp3072_generator)
+};
+
+const gnutls_datum_t gnutls_srp_3072_group_prime = {
+	(void *) srp_params_3072, sizeof(srp_params_3072)
+};
+
+static const unsigned char srp_params_4096[] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA,
+	    0xA2,
+	0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C,
+	    0xD1,
+	0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE,
+	    0xA6,
+	0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04,
+	    0xDD,
+	0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A,
+	    0x6D,
+	0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2,
+	    0x45,
+	0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42,
+	    0xE9,
+	0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7,
+	    0xED,
+	0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24,
+	    0x11,
+	0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B,
+	    0x3D,
+	0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48,
+	    0x36,
+	0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF,
+	    0x5F,
+	0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3,
+	    0x56,
+	0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96,
+	    0x6D,
+	0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C,
+	    0x08,
+	0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE,
+	    0x3B,
+	0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83,
+	    0xA2,
+	0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52,
+	    0xC9,
+	0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49,
+	    0x7C,
+	0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05,
+	    0x10,
+	0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17,
+	    0x0D,
+	0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA,
+	    0x64,
+	0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71,
+	    0x57,
+	0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4,
+	    0xC7,
+	0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94,
+	    0xE0,
+	0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE,
+	    0x6B,
+	0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02,
+	    0x73,
+	0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20,
+	    0x0C,
+	0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88,
+	    0xC0,
+	0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB,
+	    0x31,
+	0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1,
+	    0x20,
+	0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6,
+	    0xD7,
+	0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27,
+	    0x18,
+	0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B,
+	    0xDA,
+	0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2,
+	    0xDB,
+	0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA,
+	    0xA6,
+	0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96,
+	    0x4F,
+	0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7,
+	    0xED,
+	0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD,
+	    0x76,
+	0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A,
+	    0xA9,
+	0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7,
+	    0xDC,
+	0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31,
+	    0x99,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_srp_4096_group_generator = {
+	(void *) &srp3072_generator, sizeof(srp3072_generator)
+};
+
+const gnutls_datum_t gnutls_srp_4096_group_prime = {
+	(void *) srp_params_4096, sizeof(srp_params_4096)
+};
+
+static const unsigned char srp_params_8192[] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+	0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+	0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+	0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+	0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+	0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+	0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+	0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+	0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+	0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+	0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+	0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+	0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+	0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+	0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+	0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
+	0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+	0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
+	0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+	0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+	0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+	0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
+	0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+	0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
+	0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+	0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+	0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+	0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
+	0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+	0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,
+	0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,
+	0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
+	0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,
+	0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+	0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
+	0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,
+	0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,
+	0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
+	0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,
+	0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,
+	0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+	0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,
+	0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,
+	0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
+	0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,
+	0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,
+	0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
+	0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
+	0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,
+	0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
+	0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,
+	0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,
+	0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
+	0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,
+	0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
+	0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
+	0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,
+	0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,
+	0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
+	0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,
+	0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,
+	0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
+	0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26,
+	0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, 0x46, 0xDE,
+	0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD,
+	0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E,
+	0xE5, 0xDB, 0x38, 0x2F, 0x41, 0x30, 0x01, 0xAE,
+	0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31,
+	0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18,
+	0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, 0xED,
+	0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B,
+	0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B,
+	0x33, 0x20, 0x51, 0x51, 0x2B, 0xD7, 0xAF, 0x42,
+	0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF,
+	0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC,
+	0xF0, 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03,
+	0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6,
+	0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82,
+	0xB5, 0xA8, 0x40, 0x31, 0x90, 0x0B, 0x1C, 0x9E,
+	0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3,
+	0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE,
+	0x0F, 0x1D, 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5,
+	0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
+	0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8,
+	0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, 0x37, 0xE0,
+	0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28,
+	0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76,
+	0xF5, 0x50, 0xAA, 0x3D, 0x8A, 0x1F, 0xBF, 0xF0,
+	0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C,
+	0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32,
+	0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, 0x68,
+	0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE,
+	0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6,
+	0xE6, 0x94, 0xF9, 0x1E, 0x6D, 0xBE, 0x11, 0x59,
+	0x74, 0xA3, 0x92, 0x6F, 0x12, 0xFE, 0xE5, 0xE4,
+	0x38, 0x77, 0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C,
+	0xD8, 0xBE, 0xC4, 0xD0, 0x73, 0xB9, 0x31, 0xBA,
+	0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3, 0x00,
+	0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC, 0x47, 0xED,
+	0x25, 0x76, 0xF6, 0x93, 0x6B, 0xA4, 0x24, 0x66,
+	0x3A, 0xAB, 0x63, 0x9C, 0x5A, 0xE4, 0xF5, 0x68,
+	0x34, 0x23, 0xB4, 0x74, 0x2B, 0xF1, 0xC9, 0x78,
+	0x23, 0x8F, 0x16, 0xCB, 0xE3, 0x9D, 0x65, 0x2D,
+	0xE3, 0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9,
+	0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C, 0x07,
+	0x13, 0xEB, 0x57, 0xA8, 0x1A, 0x23, 0xF0, 0xC7,
+	0x34, 0x73, 0xFC, 0x64, 0x6C, 0xEA, 0x30, 0x6B,
+	0x4B, 0xCB, 0xC8, 0x86, 0x2F, 0x83, 0x85, 0xDD,
+	0xFA, 0x9D, 0x4B, 0x7F, 0xA2, 0xC0, 0x87, 0xE8,
+	0x79, 0x68, 0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A,
+	0x06, 0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6,
+	0x6D, 0x2A, 0x13, 0xF8, 0x3F, 0x44, 0xF8, 0x2D,
+	0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB, 0x6A, 0x36,
+	0x45, 0x97, 0xE8, 0x99, 0xA0, 0x25, 0x5D, 0xC1,
+	0x64, 0xF3, 0x1C, 0xC5, 0x08, 0x46, 0x85, 0x1D,
+	0xF9, 0xAB, 0x48, 0x19, 0x5D, 0xED, 0x7E, 0xA1,
+	0xB1, 0xD5, 0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73,
+	0xFA, 0xF3, 0x6B, 0xC3, 0x1E, 0xCF, 0xA2, 0x68,
+	0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F, 0x92,
+	0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C, 0x6C, 0xD7,
+	0x88, 0x9A, 0x00, 0x2E, 0xD5, 0xEE, 0x38, 0x2B,
+	0xC9, 0x19, 0x0D, 0xA6, 0xFC, 0x02, 0x6E, 0x47,
+	0x95, 0x58, 0xE4, 0x47, 0x56, 0x77, 0xE9, 0xAA,
+	0x9E, 0x30, 0x50, 0xE2, 0x76, 0x56, 0x94, 0xDF,
+	0xC8, 0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71,
+	0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3, 0xDF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_srp_8192_group_prime = {
+	(void *) srp_params_8192, sizeof(srp_params_8192)
+};
+
+const gnutls_datum_t gnutls_srp_8192_group_generator = {
+	(void *) &srp8192_generator, sizeof(srp8192_generator)
+};
+
+/* Check if G and N are parameters from the SRP draft.
+ */
+static int
+check_g_n(const uint8_t * g, size_t n_g, const uint8_t * n, size_t n_n)
+{
+
+	if (n_n == sizeof(srp_params_8192)) {
+		if (memcmp(srp_params_8192, n, n_n) == 0 &&
+		    n_g == 1 && g[0] == srp8192_generator)
+			return 0;
+		return
+		    gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	if (n_n == sizeof(srp_params_4096)) {
+		if (memcmp(srp_params_4096, n, n_n) == 0 &&
+		    n_g == 1 && g[0] == srp3072_generator)
+			return 0;
+		return
+		    gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	if (n_n == sizeof(srp_params_3072)) {
+		if (memcmp(srp_params_3072, n, n_n) == 0 &&
+		    n_g == 1 && g[0] == srp3072_generator)
+			return 0;
+		return
+		    gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	/* 2048, 1536 and 1024 */
+	if (n_g != 1 || g[0] != srp_generator) {
+		gnutls_assert();
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+
+	if (n_n == sizeof(srp_params_1024) &&
+	    memcmp(srp_params_1024, n, n_n) == 0) {
+		return 0;
+	}
+
+	if (n_n == sizeof(srp_params_1536) &&
+	    memcmp(srp_params_1536, n, n_n) == 0) {
+		return 0;
+	}
+
+	if (n_n == sizeof(srp_params_2048) &&
+	    memcmp(srp_params_2048, n, n_n) == 0) {
+		return 0;
+	}
+
+	gnutls_assert();
+	return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+}
+
+/* receive the key exchange message ( n, g, s, B)
+ */
+int
+_gnutls_proc_srp_server_kx(gnutls_session_t session, uint8_t * data,
+			   size_t _data_size)
+{
+	uint8_t n_s;
+	uint16_t n_g, n_n, n_b;
+	size_t _n_g, _n_n, _n_b;
+	const uint8_t *data_n;
+	const uint8_t *data_g;
+	const uint8_t *data_s;
+	const uint8_t *data_b;
+	int i, ret;
+	uint8_t hd[SRP_MAX_HASH_SIZE];
+	char *username, *password;
+	ssize_t data_size = _data_size;
+	gnutls_srp_client_credentials_t cred;
+	gnutls_ext_priv_data_t epriv;
+	srp_ext_st *priv;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_SRP,
+					 &epriv);
+	if (ret < 0) {
+		gnutls_assert();
+		return GNUTLS_E_UNKNOWN_SRP_USERNAME;
+	}
+	priv = epriv;
+
+	cred = (gnutls_srp_client_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_SRP);
+
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if (priv->username == NULL) {
+		username = cred->username;
+		password = cred->password;
+	} else {
+		username = priv->username;
+		password = priv->password;
+	}
+
+	if (username == NULL || password == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	i = 0;
+
+	/* Read N
+	 */
+	DECR_LEN(data_size, 2);
+	n_n = _gnutls_read_uint16(&data[i]);
+	i += 2;
+
+	DECR_LEN(data_size, n_n);
+	data_n = &data[i];
+	i += n_n;
+
+	/* Read G
+	 */
+	DECR_LEN(data_size, 2);
+	n_g = _gnutls_read_uint16(&data[i]);
+	i += 2;
+
+	DECR_LEN(data_size, n_g);
+	data_g = &data[i];
+	i += n_g;
+
+	/* Read salt
+	 */
+	DECR_LEN(data_size, 1);
+	n_s = data[i];
+	i += 1;
+
+	DECR_LEN(data_size, n_s);
+	data_s = &data[i];
+	i += n_s;
+
+	/* Read B
+	 */
+	DECR_LEN(data_size, 2);
+	n_b = _gnutls_read_uint16(&data[i]);
+	i += 2;
+
+	DECR_LEN(data_size, n_b);
+	data_b = &data[i];
+	i += n_b;
+
+	_n_g = n_g;
+	_n_n = n_n;
+	_n_b = n_b;
+
+	if (_gnutls_mpi_init_scan_nz(&N, data_n, _n_n) != 0) {
+		gnutls_assert();
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+
+	if (_gnutls_mpi_init_scan_nz(&G, data_g, _n_g) != 0) {
+		gnutls_assert();
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+
+	if (_gnutls_mpi_init_scan_nz(&B, data_b, _n_b) != 0) {
+		gnutls_assert();
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+
+
+	/* Check if the g and n are from the SRP
+	 * draft. Otherwise check if N is a prime and G
+	 * a generator.
+	 */
+	if ((ret = check_g_n(data_g, _n_g, data_n, _n_n)) < 0) {
+		_gnutls_audit_log(session,
+				  "SRP group parameters are not in the white list; rejecting.\n");
+		return gnutls_assert_val(ret);
+	}
+
+	/* Checks if b % n == 0
+	 */
+	if ((ret = check_param_mod_n(B, N, 0)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+
+	/* generate x = SHA(s | SHA(U | ":" | p))
+	 * (or the equivalent using bcrypt)
+	 */
+	if ((ret =
+	     _gnutls_calc_srp_x(username, password, (uint8_t *) data_s,
+				n_s, &_n_g, hd)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (_gnutls_mpi_init_scan_nz(&session->key.proto.tls12.srp.x, hd, _n_g) != 0) {
+		gnutls_assert();
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+
+
+	return i;		/* return the processed data
+				 * needed in auth_srp_rsa.
+				 */
+}
+
+#endif				/* ENABLE_SRP */
diff --git a/lib/auth/srp_kx.h b/lib/auth/srp_kx.h
new file mode 100644
index 0000000..3cf5252
--- /dev/null
+++ b/lib/auth/srp_kx.h
@@ -0,0 +1,74 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_AUTH_SRP_KX_H
+#define GNUTLS_LIB_AUTH_SRP_KX_H
+
+#include <auth.h>
+
+#define MAX_FAKE_SALT_SEED_SIZE 64
+
+typedef struct gnutls_srp_client_credentials_st {
+	char *username;
+	char *password;
+	gnutls_srp_client_credentials_function *get_function;
+} srp_client_credentials_st;
+
+typedef struct gnutls_srp_server_credentials_st {
+	char *password_file;
+	char *password_conf_file;
+	/* callback function, instead of reading the
+	 * password files.
+	 */
+	gnutls_srp_server_credentials_function *pwd_callback;
+	unsigned char fake_salt_seed[MAX_FAKE_SALT_SEED_SIZE];
+	unsigned int fake_salt_seed_size;
+
+	unsigned int fake_salt_length;
+} srp_server_cred_st;
+
+typedef struct srp_server_auth_info_st {
+	char *username;
+} *srp_server_auth_info_t;
+
+#ifdef ENABLE_SRP
+
+int _gnutls_proc_srp_server_hello(gnutls_session_t state,
+				  const uint8_t * data, size_t data_size);
+int _gnutls_gen_srp_server_hello(gnutls_session_t state, uint8_t * data,
+				 size_t data_size);
+
+int _gnutls_gen_srp_server_kx(gnutls_session_t, gnutls_buffer_st *);
+int _gnutls_gen_srp_client_kx(gnutls_session_t, gnutls_buffer_st *);
+
+int _gnutls_proc_srp_server_kx(gnutls_session_t, uint8_t *, size_t);
+int _gnutls_proc_srp_client_kx(gnutls_session_t, uint8_t *, size_t);
+
+typedef struct srp_server_auth_info_st srp_server_auth_info_st;
+
+/* MAC algorithm used to generate fake salts for unknown usernames
+ */
+#define SRP_FAKE_SALT_MAC GNUTLS_MAC_SHA1
+
+#endif				/* ENABLE_SRP */
+
+#endif /* GNUTLS_LIB_AUTH_SRP_KX_H */
diff --git a/lib/auth/srp_passwd.c b/lib/auth/srp_passwd.c
new file mode 100644
index 0000000..e7d8d60
--- /dev/null
+++ b/lib/auth/srp_passwd.c
@@ -0,0 +1,470 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions for operating in an SRP passwd file are included here */
+
+#include "gnutls_int.h"
+
+#ifdef ENABLE_SRP
+
+#include "x509_b64.h"
+#include "errors.h"
+#include <auth/srp_passwd.h>
+#include <auth/srp_kx.h>
+#include "auth.h"
+#include "srp.h"
+#include "dh.h"
+#include "debug.h"
+#include <str.h>
+#include <datum.h>
+#include <num.h>
+#include <random.h>
+#include <algorithms.h>
+
+static int _randomize_pwd_entry(SRP_PWD_ENTRY * entry,
+				gnutls_srp_server_credentials_t cred,
+				const char * username);
+
+/* this function parses tpasswd.conf file. Format is:
+ * string(username):base64(v):base64(salt):int(index)
+ */
+static int parse_tpasswd_values(SRP_PWD_ENTRY * entry, char *str)
+{
+	char *p;
+	int len, ret;
+	uint8_t *verifier;
+	size_t verifier_size;
+	int indx;
+
+	p = strrchr(str, ':');	/* we have index */
+	if (p == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_SRP_PWD_PARSING_ERROR;
+	}
+
+	*p = '\0';
+	p++;
+
+	indx = atoi(p);
+	if (indx == 0) {
+		gnutls_assert();
+		return GNUTLS_E_SRP_PWD_PARSING_ERROR;
+	}
+
+	/* now go for salt */
+	p = strrchr(str, ':');	/* we have salt */
+	if (p == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_SRP_PWD_PARSING_ERROR;
+	}
+
+	*p = '\0';
+	p++;
+
+	len = strlen(p);
+
+	entry->salt.size =
+	    _gnutls_sbase64_decode(p, len, &entry->salt.data);
+
+	if (entry->salt.size <= 0) {
+		gnutls_assert();
+		return GNUTLS_E_SRP_PWD_PARSING_ERROR;
+	}
+
+	/* now go for verifier */
+	p = strrchr(str, ':');	/* we have verifier */
+	if (p == NULL) {
+		_gnutls_free_datum(&entry->salt);
+		return GNUTLS_E_SRP_PWD_PARSING_ERROR;
+	}
+
+	*p = '\0';
+	p++;
+
+	len = strlen(p);
+	ret = _gnutls_sbase64_decode(p, len, &verifier);
+	if (ret <= 0) {
+		gnutls_assert();
+		_gnutls_free_datum(&entry->salt);
+		return GNUTLS_E_SRP_PWD_PARSING_ERROR;
+	}
+
+	verifier_size = ret;
+	entry->v.data = verifier;
+	entry->v.size = verifier_size;
+
+	/* now go for username */
+	*p = '\0';
+
+	entry->username = gnutls_strdup(str);
+	if (entry->username == NULL) {
+		_gnutls_free_datum(&entry->salt);
+		_gnutls_free_key_datum(&entry->v);
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return indx;
+}
+
+
+/* this function parses tpasswd.conf file. Format is:
+ * int(index):base64(n):int(g)
+ */
+static int parse_tpasswd_conf_values(SRP_PWD_ENTRY * entry, char *str)
+{
+	char *p;
+	int len;
+	uint8_t *tmp;
+	int ret;
+
+	p = strrchr(str, ':');	/* we have g */
+	if (p == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_SRP_PWD_PARSING_ERROR;
+	}
+
+	*p = '\0';
+	p++;
+
+	/* read the generator */
+	len = strlen(p);
+	if (p[len - 1] == '\n' || p[len - 1] == ' ')
+		len--;
+	ret = _gnutls_sbase64_decode(p, len, &tmp);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return GNUTLS_E_SRP_PWD_PARSING_ERROR;
+	}
+
+	entry->g.data = tmp;
+	entry->g.size = ret;
+
+	/* now go for n - modulo */
+	p = strrchr(str, ':');	/* we have n */
+	if (p == NULL) {
+		_gnutls_free_datum(&entry->g);
+		gnutls_assert();
+		return GNUTLS_E_SRP_PWD_PARSING_ERROR;
+	}
+
+	*p = '\0';
+	p++;
+
+	len = strlen(p);
+	ret = _gnutls_sbase64_decode(p, len, &tmp);
+
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_free_datum(&entry->g);
+		return GNUTLS_E_SRP_PWD_PARSING_ERROR;
+	}
+
+	entry->n.data = tmp;
+	entry->n.size = ret;
+
+	return 0;
+}
+
+
+/* this function opens the tpasswd.conf file and reads the g and n
+ * values. They are put in the entry.
+ */
+static int
+pwd_read_conf(const char *pconf_file, SRP_PWD_ENTRY * entry, int idx)
+{
+	FILE *fp;
+	char *line = NULL;
+	size_t line_size = 0;
+	unsigned i, len;
+	char indexstr[10];
+	int ret;
+
+	snprintf(indexstr, sizeof(indexstr), "%u", (unsigned int) idx);
+
+	fp = fopen(pconf_file, "re");
+	if (fp == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_FILE_ERROR;
+	}
+
+	len = strlen(indexstr);
+	while (getline(&line, &line_size, fp) > 0) {
+		/* move to first ':' */
+		i = 0;
+		while ((i < line_size) && (line[i] != ':')
+		       && (line[i] != '\0')) {
+			i++;
+		}
+
+		if (strncmp(indexstr, line, MAX(i, len)) == 0) {
+			if (parse_tpasswd_conf_values(entry, line) >= 0) {
+				ret = 0;
+				goto cleanup;
+			} else {
+				ret = GNUTLS_E_SRP_PWD_ERROR;
+				goto cleanup;
+			}
+		}
+	}
+	ret = GNUTLS_E_SRP_PWD_ERROR;
+
+cleanup:
+	zeroize_key(line, line_size);
+	free(line);
+	fclose(fp);
+	return ret;
+
+}
+
+int
+_gnutls_srp_pwd_read_entry(gnutls_session_t state, char *username,
+			   SRP_PWD_ENTRY ** _entry)
+{
+	gnutls_srp_server_credentials_t cred;
+	FILE *fp = NULL;
+	char *line = NULL;
+	size_t line_size = 0;
+	unsigned i, len;
+	int ret;
+	int idx;
+	SRP_PWD_ENTRY *entry = NULL;
+
+	*_entry = gnutls_calloc(1, sizeof(SRP_PWD_ENTRY));
+	if (*_entry == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+	entry = *_entry;
+
+	cred = (gnutls_srp_server_credentials_t)
+	    _gnutls_get_cred(state, GNUTLS_CRD_SRP);
+	if (cred == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+		goto cleanup;
+	}
+
+	/* if the callback which sends the parameters is
+	 * set, use it.
+	 */
+	if (cred->pwd_callback != NULL) {
+		ret = cred->pwd_callback(state, username, &entry->salt,
+					 &entry->v, &entry->g, &entry->n);
+
+		if (ret == 1) {	/* the user does not exist */
+			if (entry->g.size != 0 && entry->n.size != 0) {
+				ret = _randomize_pwd_entry(entry, cred, username);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+				return 0;
+			} else {
+				gnutls_assert();
+				ret = -1;	/* error in the callback */
+			}
+		}
+
+		if (ret < 0) {
+			gnutls_assert();
+			ret = GNUTLS_E_SRP_PWD_ERROR;
+			goto cleanup;
+		}
+
+		return 0;
+	}
+
+	/* The callback was not set. Proceed.
+	 */
+
+	if (cred->password_file == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_SRP_PWD_ERROR;
+		goto cleanup;
+	}
+
+	/* Open the selected password file.
+	 */
+	fp = fopen(cred->password_file, "re");
+	if (fp == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_SRP_PWD_ERROR;
+		goto cleanup;
+	}
+
+	len = strlen(username);
+	while (getline(&line, &line_size, fp) > 0) {
+		/* move to first ':' */
+		i = 0;
+		while ((i < line_size) && (line[i] != '\0')
+		       && (line[i] != ':')) {
+			i++;
+		}
+
+		if (strncmp(username, line, MAX(i, len)) == 0) {
+			if ((idx = parse_tpasswd_values(entry, line)) >= 0) {
+				/* Keep the last index in memory, so we can retrieve fake parameters (g,n)
+				 * when the user does not exist.
+				 */
+				if (pwd_read_conf
+				    (cred->password_conf_file, entry,
+				     idx) == 0) {
+					ret = 0;
+					goto found;
+				} else {
+					gnutls_assert();
+					ret = GNUTLS_E_SRP_PWD_ERROR;
+					goto cleanup;
+				}
+			} else {
+				gnutls_assert();
+				ret = GNUTLS_E_SRP_PWD_ERROR;
+				goto cleanup;
+			}
+		}
+	}
+
+	/* user was not found. Fake him. Actually read the g,n values from
+	 * the last index found and randomize the entry.
+	 */
+	if (pwd_read_conf(cred->password_conf_file, entry, 1) == 0) {
+		ret = _randomize_pwd_entry(entry, cred, username);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = 0;
+		goto found;
+	}
+
+	ret = GNUTLS_E_SRP_PWD_ERROR;
+
+cleanup:
+	gnutls_assert();
+	_gnutls_srp_entry_free(entry);
+
+found:
+	if (line) {
+		zeroize_key(line, line_size);
+		free(line);
+	}
+	if (fp)
+		fclose(fp);
+	return ret;
+}
+
+/* Randomizes the given password entry. It actually sets the verifier
+ * to random data and sets the salt based on fake_salt_seed and
+ * username. Returns 0 on success.
+ */
+static int _randomize_pwd_entry(SRP_PWD_ENTRY * entry,
+				gnutls_srp_server_credentials_t sc,
+				const char * username)
+{
+	int ret;
+	const mac_entry_st *me = mac_to_entry(SRP_FAKE_SALT_MAC);
+	mac_hd_st ctx;
+	size_t username_len = strlen(username);
+
+	if (entry->g.size == 0 || entry->n.size == 0) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	entry->v.data = gnutls_malloc(20);
+	entry->v.size = 20;
+	if (entry->v.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret = gnutls_rnd(GNUTLS_RND_NONCE, entry->v.data, 20);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* Always allocate and work with the output size of the MAC,
+	 * even if they don't need salts that long, for convenience.
+	 *
+	 * In case an error occurs 'entry' (and the salt inside)
+	 * is deallocated by our caller: _gnutls_srp_pwd_read_entry().
+	 */
+	entry->salt.data = gnutls_malloc(me->output_size);
+	if (entry->salt.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret = _gnutls_mac_init(&ctx, me, sc->fake_salt_seed,
+			       sc->fake_salt_seed_size);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	_gnutls_mac(&ctx, "salt", 4);
+	_gnutls_mac(&ctx, username, username_len);
+	_gnutls_mac_deinit(&ctx, entry->salt.data);
+
+	/* Set length to the actual number of bytes they asked for.
+	 * This is always less than or equal to the output size of
+	 * the MAC, enforced by gnutls_srp_set_server_fake_salt_seed().
+	 */
+	entry->salt.size = sc->fake_salt_length;
+
+	return 0;
+}
+
+/* Free all the entry parameters, except if g and n are
+ * the static ones defined in gnutls.h
+ */
+void _gnutls_srp_entry_free(SRP_PWD_ENTRY * entry)
+{
+	_gnutls_free_key_datum(&entry->v);
+	_gnutls_free_datum(&entry->salt);
+
+	if ((entry->g.data != gnutls_srp_1024_group_generator.data) &&
+	    (entry->g.data != gnutls_srp_1536_group_generator.data) &&
+	    (entry->g.data != gnutls_srp_2048_group_generator.data) &&
+	    (entry->g.data != gnutls_srp_3072_group_generator.data) &&
+	    (entry->g.data != gnutls_srp_4096_group_generator.data) &&
+	    (entry->g.data != gnutls_srp_8192_group_generator.data))
+		_gnutls_free_datum(&entry->g);
+
+	if (entry->n.data != gnutls_srp_1024_group_prime.data &&
+	    entry->n.data != gnutls_srp_1536_group_prime.data &&
+	    entry->n.data != gnutls_srp_2048_group_prime.data &&
+	    entry->n.data != gnutls_srp_3072_group_prime.data &&
+	    entry->n.data != gnutls_srp_4096_group_prime.data &&
+	    entry->n.data != gnutls_srp_8192_group_prime.data)
+		_gnutls_free_datum(&entry->n);
+
+	gnutls_free(entry->username);
+	gnutls_free(entry);
+}
+
+#endif				/* ENABLE SRP */
diff --git a/lib/auth/srp_passwd.h b/lib/auth/srp_passwd.h
new file mode 100644
index 0000000..56ecec2
--- /dev/null
+++ b/lib/auth/srp_passwd.h
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_AUTH_SRP_PASSWD_H
+#define GNUTLS_LIB_AUTH_SRP_PASSWD_H
+
+#ifdef ENABLE_SRP
+
+typedef struct {
+	char *username;
+
+	gnutls_datum_t salt;
+	gnutls_datum_t v;
+	gnutls_datum_t g;
+	gnutls_datum_t n;
+} SRP_PWD_ENTRY;
+
+/* this is locally allocated. It should be freed using the provided function */
+int _gnutls_srp_pwd_read_entry(gnutls_session_t state, char *username,
+			       SRP_PWD_ENTRY **);
+void _gnutls_srp_entry_free(SRP_PWD_ENTRY * entry);
+int _gnutls_sbase64_decode(char *data, size_t data_size,
+			   uint8_t ** result);
+
+#endif				/* ENABLE_SRP */
+
+#endif /* GNUTLS_LIB_AUTH_SRP_PASSWD_H */
diff --git a/lib/auth/srp_rsa.c b/lib/auth/srp_rsa.c
new file mode 100644
index 0000000..2627189
--- /dev/null
+++ b/lib/auth/srp_rsa.c
@@ -0,0 +1,265 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+
+#ifdef ENABLE_SRP
+
+#include "errors.h"
+#include <auth/srp_passwd.h>
+#include "auth.h"
+#include "auth.h"
+#include "srp.h"
+#include "debug.h"
+#include "num.h"
+#include <auth/srp_kx.h>
+#include <str.h>
+#include <auth/cert.h>
+#include <datum.h>
+#include <tls-sig.h>
+#include <x509.h>
+#include <algorithms.h>
+
+static int gen_srp_cert_server_kx(gnutls_session_t, gnutls_buffer_st *);
+static int proc_srp_cert_server_kx(gnutls_session_t, uint8_t *, size_t);
+
+const mod_auth_st srp_rsa_auth_struct = {
+	"SRP",
+	_gnutls_gen_cert_server_crt,
+	NULL,
+	gen_srp_cert_server_kx,
+	_gnutls_gen_srp_client_kx,
+	NULL,
+	NULL,
+
+	_gnutls_proc_crt,
+	NULL,			/* certificate */
+	proc_srp_cert_server_kx,
+	_gnutls_proc_srp_client_kx,
+	NULL,
+	NULL
+};
+
+const mod_auth_st srp_dss_auth_struct = {
+	"SRP",
+	_gnutls_gen_cert_server_crt,
+	NULL,
+	gen_srp_cert_server_kx,
+	_gnutls_gen_srp_client_kx,
+	NULL,
+	NULL,
+
+	_gnutls_proc_crt,
+	NULL,			/* certificate */
+	proc_srp_cert_server_kx,
+	_gnutls_proc_srp_client_kx,
+	NULL,
+	NULL
+};
+
+static int
+gen_srp_cert_server_kx(gnutls_session_t session, gnutls_buffer_st * data)
+{
+	ssize_t ret;
+	gnutls_datum_t signature, ddata;
+	gnutls_certificate_credentials_t cred;
+	gnutls_pcert_st *apr_cert_list;
+	gnutls_privkey_t apr_pkey;
+	int apr_cert_list_length;
+	gnutls_sign_algorithm_t sign_algo;
+	const version_entry_st *ver = get_version(session);
+	unsigned init_pos;
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	init_pos = data->length;
+
+	ret = _gnutls_gen_srp_server_kx(session, data);
+
+	if (ret < 0)
+		return ret;
+
+	ddata.data = &data->data[init_pos];
+	ddata.size = data->length-init_pos;
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	/* find the appropriate certificate */
+	if ((ret =
+	     _gnutls_get_selected_cert(session, &apr_cert_list,
+				       &apr_cert_list_length,
+				       &apr_pkey)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if ((ret =
+	     _gnutls_handshake_sign_data(session, &apr_cert_list[0],
+					 apr_pkey, &ddata, &signature,
+					 &sign_algo)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (_gnutls_version_has_selectable_sighash(ver)) {
+		const sign_algorithm_st *aid;
+		uint8_t p[2];
+
+		if (sign_algo == GNUTLS_SIGN_UNKNOWN) {
+			ret = GNUTLS_E_UNKNOWN_ALGORITHM;
+			goto cleanup;
+		}
+
+		aid = _gnutls_sign_to_tls_aid(sign_algo);
+		if (aid == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_UNKNOWN_ALGORITHM;
+			goto cleanup;
+		}
+
+		p[0] = aid->id[0];
+		p[1] = aid->id[1];
+
+		ret = _gnutls_buffer_append_data(data, p, 2);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret =
+	    _gnutls_buffer_append_data_prefix(data, 16, signature.data,
+					      signature.size);
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = data->length - init_pos;
+
+      cleanup:
+	_gnutls_free_datum(&signature);
+	return ret;
+}
+
+static int
+proc_srp_cert_server_kx(gnutls_session_t session, uint8_t * data,
+			size_t _data_size)
+{
+	ssize_t ret;
+	int sigsize;
+	gnutls_datum_t vparams, signature;
+	ssize_t data_size;
+	cert_auth_info_t info;
+	gnutls_pcert_st peer_cert;
+	uint8_t *p;
+	gnutls_sign_algorithm_t sign_algo = GNUTLS_SIGN_UNKNOWN;
+	gnutls_certificate_credentials_t cred;
+	unsigned vflags;
+	const version_entry_st *ver = get_version(session);
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	ret = _gnutls_proc_srp_server_kx(session, data, _data_size);
+	if (ret < 0)
+		return ret;
+
+	data_size = _data_size - ret;
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	vflags = cred->verify_flags | session->internals.additional_verify_flags;
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	if (info == NULL || info->ncerts == 0) {
+		gnutls_assert();
+		/* we need this in order to get peer's certificate */
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	/* VERIFY SIGNATURE */
+
+	vparams.size = ret;	/* all the data minus the signature */
+	vparams.data = data;
+
+	p = &data[vparams.size];
+	if (_gnutls_version_has_selectable_sighash(ver)) {
+		uint8_t id[2];
+
+		DECR_LEN(data_size, 1);
+		id[0] = *p++;
+		DECR_LEN(data_size, 1);
+		id[1] = *p++;
+
+		sign_algo = _gnutls_tls_aid_to_sign(id[0], id[1], ver);
+		if (sign_algo == GNUTLS_SIGN_UNKNOWN) {
+			_gnutls_debug_log("unknown signature %d.%d\n",
+					  (int)id[0], (int)id[1]);
+			gnutls_assert();
+			return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
+		}
+	}
+
+	DECR_LEN(data_size, 2);
+	sigsize = _gnutls_read_uint16(p);
+
+	DECR_LEN(data_size, sigsize);
+	signature.data = &p[2];
+	signature.size = sigsize;
+
+	ret =
+	    _gnutls_get_auth_info_pcert(&peer_cert,
+					session->security_parameters.server_ctype, info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_handshake_verify_data(session, vflags, &peer_cert, &vparams,
+					  &signature, sign_algo);
+
+	gnutls_pcert_deinit(&peer_cert);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+
+#endif				/* ENABLE_SRP */
diff --git a/lib/auth/srp_sb64.c b/lib/auth/srp_sb64.c
new file mode 100644
index 0000000..16945e9
--- /dev/null
+++ b/lib/auth/srp_sb64.c
@@ -0,0 +1,453 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <datum.h>
+#include <auth/srp_passwd.h>
+
+#ifdef ENABLE_SRP
+
+/* this is a modified base64 for srp !!!
+ * It seems that everybody makes their own base64 conversion.
+ */
+static const uint8_t b64table[] =
+    "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./";
+
+static const uint8_t asciitable[128] = {
+	0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+	0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+	0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+	0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+	0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+	0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+	0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+	0xff, 0xff, 0xff, 0xff, 0x3e, 0x3f,
+	0x00, 0x01, 0x02, 0x03, 0x04, 0x05,
+	0x06, 0x07, 0x08, 0x09, 0xff, 0xff,
+	0xff, 0xff, 0xff, 0xff, 0xff, 0x0a,
+	0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
+	0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
+	0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c,
+	0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22,
+	0x23, 0xff, 0xff, 0xff, 0xff, 0xff,
+	0xff, 0x24, 0x25, 0x26, 0x27, 0x28,
+	0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e,
+	0x2f, 0x30, 0x31, 0x32, 0x33, 0x34,
+	0x35, 0x36, 0x37, 0x38, 0x39, 0x3a,
+	0x3b, 0x3c, 0x3d, 0xff, 0xff, 0xff,
+	0xff, 0xff
+};
+
+inline static int encode(uint8_t * result, const uint8_t * rdata, unsigned left)
+{
+
+	int data_len;
+	int c, ret = 4;
+	uint8_t data[3];
+
+	if (left > 3)
+		data_len = 3;
+	else
+		data_len = left;
+
+	data[0] = data[1] = data[2] = 0;
+	memcpy(data, rdata, data_len);
+
+	switch (data_len) {
+	case 3:
+		result[0] = b64table[((data[0] & 0xfc) >> 2)];
+		result[1] =
+		    b64table[(((((data[0] & 0x03) & 0xff) << 4) & 0xff) |
+			      ((data[1] & 0xf0) >> 4))];
+		result[2] =
+		    b64table[((((data[1] & 0x0f) << 2) & 0xff) |
+			      ((data[2] & 0xc0) >> 6))];
+		result[3] = b64table[(data[2] & 0x3f) & 0xff];
+		break;
+	case 2:
+		if ((c = ((data[0] & 0xf0) >> 4)) != 0) {
+			result[0] = b64table[c];
+			result[1] =
+			    b64table[((((data[0] & 0x0f) << 2) & 0xff) |
+				      ((data[1] & 0xc0) >> 6))];
+			result[2] = b64table[(data[1] & 0x3f) & 0xff];
+			result[3] = '\0';
+			ret -= 1;
+		} else {
+			if ((c =
+			     ((data[0] & 0x0f) << 2) | ((data[1] & 0xc0) >>
+							6)) != 0) {
+				result[0] = b64table[c];
+				result[1] = b64table[data[1] & 0x3f];
+				result[2] = '\0';
+				result[3] = '\0';
+				ret -= 2;
+			} else {
+				result[0] = b64table[data[0] & 0x3f];
+				result[1] = '\0';
+				result[2] = '\0';
+				result[3] = '\0';
+				ret -= 3;
+			}
+		}
+		break;
+	case 1:
+		if ((c = ((data[0] & 0xc0) >> 6)) != 0) {
+			result[0] = b64table[c];
+			result[1] = b64table[(data[0] & 0x3f) & 0xff];
+			result[2] = '\0';
+			result[3] = '\0';
+			ret -= 2;
+		} else {
+			result[0] = b64table[(data[0] & 0x3f) & 0xff];
+			result[1] = '\0';
+			result[2] = '\0';
+			result[3] = '\0';
+			ret -= 3;
+		}
+		break;
+	default:
+		return GNUTLS_E_BASE64_ENCODING_ERROR;
+	}
+
+	return ret;
+
+}
+
+/* encodes data and puts the result into result (locally allocated)
+ * The result_size is the return value
+ */
+static int
+_gnutls_sbase64_encode(uint8_t * data, size_t data_size, char **result)
+{
+	unsigned i, j;
+	int ret, tmp;
+	uint8_t tmpres[4];
+	unsigned mod = data_size % 3;
+
+	ret = mod;
+	if (ret != 0)
+		ret = 4;
+	else
+		ret = 0;
+
+	ret += (data_size * 4) / 3;
+
+	(*result) = gnutls_calloc(1, ret + 1);
+	if ((*result) == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	i = j = 0;
+/* encode the bytes that are not a multiple of 3 
+ */
+	if (mod > 0) {
+		tmp = encode(tmpres, &data[0], mod);
+		if (tmp < 0) {
+			gnutls_free((*result));
+			return tmp;
+		}
+
+		memcpy(&(*result)[0], tmpres, tmp);
+		i = mod;
+		j = tmp;
+
+	}
+/* encode the rest
+ */
+	for (; i < data_size; i += 3, j += 4) {
+		tmp = encode(tmpres, &data[i], data_size - i);
+		if (tmp < 0) {
+			gnutls_free((*result));
+			return tmp;
+		}
+		memcpy(&(*result)[j], tmpres, tmp);
+	}
+
+	return strlen(*result);
+}
+
+
+/* data must be 4 bytes
+ * result should be 3 bytes
+ */
+#define TOASCII(c) (c < 127 ? asciitable[c] : 0xff)
+inline static int decode(uint8_t * result, const uint8_t * data)
+{
+	uint8_t a1, a2;
+	int ret = 3;
+
+	memset(result, 0, 3);
+
+	a1 = TOASCII(data[3]);
+	a2 = TOASCII(data[2]);
+	if (a1 != 0xff)
+		result[2] = a1 & 0xff;
+	else
+		return GNUTLS_E_BASE64_DECODING_ERROR;
+	if (a2 != 0xff)
+		result[2] |= ((a2 & 0x03) << 6) & 0xff;
+
+	a1 = a2;
+	a2 = TOASCII(data[1]);
+	if (a1 != 0xff)
+		result[1] = ((a1 & 0x3c) >> 2);
+	if (a2 != 0xff)
+		result[1] |= ((a2 & 0x0f) << 4);
+	else if (a1 == 0xff || result[1] == 0)
+		ret--;
+
+	a1 = a2;
+	a2 = TOASCII(data[0]);
+	if (a1 != 0xff)
+		result[0] = (((a1 & 0x30) >> 4) & 0xff);
+	if (a2 != 0xff)
+		result[0] |= ((a2 << 2) & 0xff);
+	else if (a1 == 0xff || result[0] == 0)
+		ret--;
+
+	return ret;
+}
+
+/* decodes data and puts the result into result (locally allocated)
+ * The result_size is the return value.
+ * That function does not ignore newlines tabs etc. You should remove them
+ * before calling it.
+ */
+int
+_gnutls_sbase64_decode(char *data, size_t idata_size, uint8_t ** result)
+{
+	unsigned i, j;
+	int ret, left;
+	int data_size, tmp;
+	uint8_t datrev[4];
+	uint8_t tmpres[3];
+
+	data_size = (idata_size / 4) * 4;
+	left = idata_size % 4;
+
+	ret = (data_size / 4) * 3;
+
+	if (left > 0)
+		ret += 3;
+
+	(*result) = gnutls_malloc(ret + 1);
+	if ((*result) == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	/* the first "block" is treated with special care */
+	tmp = 0;
+	if (left > 0) {
+		memset(datrev, 0, 4);
+		memcpy(&datrev[4 - left], data, left);
+
+		tmp = decode(tmpres, datrev);
+		if (tmp < 0) {
+			gnutls_free((*result));
+			return tmp;
+		}
+
+		memcpy(*result, &tmpres[3 - tmp], tmp);
+		if (tmp < 3)
+			ret -= (3 - tmp);
+	}
+
+	/* rest data */
+	for (i = left, j = tmp; i < idata_size; i += 4) {
+		tmp = decode(tmpres, (uint8_t *) & data[i]);
+		if (tmp < 0) {
+			gnutls_free((*result));
+			return tmp;
+		}
+		memcpy(&(*result)[j], tmpres, tmp);
+		if (tmp < 3)
+			ret -= (3 - tmp);
+		j += 3;
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_srp_base64_encode:
+ * @data: contain the raw data
+ * @result: the place where base64 data will be copied
+ * @result_size: holds the size of the result
+ *
+ * This function will convert the given data to printable data, using
+ * the base64 encoding, as used in the libsrp.  This is the encoding
+ * used in SRP password files.  If the provided buffer is not long
+ * enough GNUTLS_E_SHORT_MEMORY_BUFFER is returned.
+ *
+ * Warning!  This base64 encoding is not the "standard" encoding, so
+ * do not use it for non-SRP purposes.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not
+ * long enough, or 0 on success.
+ **/
+int
+gnutls_srp_base64_encode(const gnutls_datum_t * data, char *result,
+			 size_t * result_size)
+{
+	char *res;
+	int size;
+
+	size = _gnutls_sbase64_encode(data->data, data->size, &res);
+	if (size < 0)
+		return size;
+
+	if (result == NULL || *result_size < (size_t) size) {
+		gnutls_free(res);
+		*result_size = size;
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	} else {
+		memcpy(result, res, size);
+		gnutls_free(res);
+		*result_size = size;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_srp_base64_encode2:
+ * @data: contains the raw data
+ * @result: will hold the newly allocated encoded data
+ *
+ * This function will convert the given data to printable data, using
+ * the base64 encoding.  This is the encoding used in SRP password
+ * files.  This function will allocate the required memory to hold
+ * the encoded data.
+ *
+ * You should use gnutls_free() to free the returned data.
+ *
+ * Warning!  This base64 encoding is not the "standard" encoding, so
+ * do not use it for non-SRP purposes.
+ *
+ * Returns: 0 on success, or an error code.
+ **/
+int
+gnutls_srp_base64_encode2(const gnutls_datum_t * data,
+			       gnutls_datum_t * result)
+{
+	char *res;
+	int size;
+
+	size = _gnutls_sbase64_encode(data->data, data->size, &res);
+	if (size < 0)
+		return size;
+
+	if (result == NULL) {
+		gnutls_free(res);
+		return GNUTLS_E_INVALID_REQUEST;
+	} else {
+		result->data = (uint8_t *) res;
+		result->size = size;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_srp_base64_decode:
+ * @b64_data: contain the encoded data
+ * @result: the place where decoded data will be copied
+ * @result_size: holds the size of the result
+ *
+ * This function will decode the given encoded data, using the base64
+ * encoding found in libsrp.
+ *
+ * Note that @b64_data should be null terminated.
+ *
+ * Warning!  This base64 encoding is not the "standard" encoding, so
+ * do not use it for non-SRP purposes.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not
+ * long enough, or 0 on success.
+ **/
+int
+gnutls_srp_base64_decode(const gnutls_datum_t * b64_data, char *result,
+			 size_t * result_size)
+{
+	uint8_t *res;
+	int size;
+
+	size =
+	    _gnutls_sbase64_decode((char *) b64_data->data, b64_data->size,
+				   &res);
+	if (size < 0)
+		return size;
+
+	if (result == NULL || *result_size < (size_t) size) {
+		gnutls_free(res);
+		*result_size = size;
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	} else {
+		memcpy(result, res, size);
+		gnutls_free(res);
+		*result_size = size;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_srp_base64_decode2:
+ * @b64_data: contains the encoded data
+ * @result: the place where decoded data lie
+ *
+ * This function will decode the given encoded data. The decoded data
+ * will be allocated, and stored into result.  It will decode using
+ * the base64 algorithm as used in libsrp.
+ *
+ * You should use gnutls_free() to free the returned data.
+ *
+ * Warning!  This base64 encoding is not the "standard" encoding, so
+ * do not use it for non-SRP purposes.
+ *
+ * Returns: 0 on success, or an error code.
+ **/
+int
+gnutls_srp_base64_decode2(const gnutls_datum_t * b64_data,
+			       gnutls_datum_t * result)
+{
+	uint8_t *ret;
+	int size;
+
+	size =
+	    _gnutls_sbase64_decode((char *) b64_data->data, b64_data->size,
+				   &ret);
+	if (size < 0)
+		return size;
+
+	if (result == NULL) {
+		gnutls_free(ret);
+		return GNUTLS_E_INVALID_REQUEST;
+	} else {
+		result->data = ret;
+		result->size = size;
+	}
+
+	return 0;
+}
+
+#endif				/* ENABLE_SRP */
diff --git a/lib/auth/vko_gost.c b/lib/auth/vko_gost.c
new file mode 100644
index 0000000..7654202
--- /dev/null
+++ b/lib/auth/vko_gost.c
@@ -0,0 +1,323 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Dmitry Eremin-Solenikov
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "auth.h"
+#include "errors.h"
+#include "vko.h"
+#include <state.h>
+#include <datum.h>
+#include <ext/signature.h>
+#include <ext/supported_groups.h>
+#include <auth/cert.h>
+#include <pk.h>
+#include <abstract_int.h>
+
+#if defined(ENABLE_GOST)
+static int gen_vko_gost_client_kx(gnutls_session_t, gnutls_buffer_st *);
+static int proc_vko_gost_client_kx(gnutls_session_t session,
+				   uint8_t * data, size_t _data_size);
+
+/* VKO GOST Key Exchange:
+ * see draft-smyshlyaev-tls12-gost-suites-06, Section 4.2.4
+ *
+ * Client generates ephemeral key pair, uses server's public key (from
+ * certificate), ephemeral private key and additional nonce (UKM) to generate
+ * (VKO) shared point/shared secret. This secret is used to encrypt (key wrap)
+ * random PMS. Then encrypted PMS and client's ephemeral public key are wrappen
+ * in ASN.1 structure and sent in KX message.
+ *
+ * Server uses decodes ASN.1 structure and uses its own private key and
+ * client's ephemeral public key to unwrap PMS.
+ *
+ * Note, this KX is not PFS one, despite using ephemeral key pairs on client
+ * side.
+ */
+const mod_auth_st vko_gost_auth_struct = {
+	"VKO_GOST",
+	_gnutls_gen_cert_server_crt,
+	_gnutls_gen_cert_client_crt,
+	NULL,
+	gen_vko_gost_client_kx,
+	_gnutls_gen_cert_client_crt_vrfy,
+	_gnutls_gen_cert_server_cert_req,
+
+	_gnutls_proc_crt,
+	_gnutls_proc_crt,
+	NULL,
+	proc_vko_gost_client_kx,
+	_gnutls_proc_cert_client_crt_vrfy,
+	_gnutls_proc_cert_cert_req
+};
+
+#define VKO_GOST_UKM_LEN	8
+
+static int
+calc_ukm(gnutls_session_t session, uint8_t *ukm)
+{
+	gnutls_digest_algorithm_t digalg = GNUTLS_DIG_STREEBOG_256;
+	gnutls_hash_hd_t dig;
+	int ret;
+
+	ret = gnutls_hash_init(&dig, digalg);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	gnutls_hash(dig, session->security_parameters.client_random,
+		    sizeof(session->security_parameters.client_random));
+
+	gnutls_hash(dig, session->security_parameters.server_random,
+		    sizeof(session->security_parameters.server_random));
+
+	gnutls_hash_deinit(dig, ukm);
+
+	return gnutls_hash_get_len(digalg);
+}
+
+static int print_priv_key(gnutls_pk_params_st *params)
+{
+	int ret;
+	uint8_t priv_buf[512/8];
+	char buf[512 / 4 + 1];
+	size_t bytes = sizeof(priv_buf);
+
+	/* Check if _gnutls_hard_log will print anything */
+	if (likely(_gnutls_log_level < 9))
+		return GNUTLS_E_SUCCESS;
+
+	ret = _gnutls_mpi_print(params->params[GOST_K],
+				priv_buf, &bytes);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_hard_log("INT: VKO PRIVATE KEY[%zd]: %s\n",
+			 bytes, _gnutls_bin2hex(priv_buf,
+						bytes,
+						buf, sizeof(buf),
+						NULL));
+	return 0;
+}
+
+static int
+vko_prepare_client_keys(gnutls_session_t session,
+			gnutls_pk_params_st *pub,
+			gnutls_pk_params_st *priv)
+{
+	int ret;
+	gnutls_ecc_curve_t curve;
+	const gnutls_group_entry_st *group;
+	cert_auth_info_t info;
+	gnutls_pcert_st peer_cert;
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	if (info == NULL || info->ncerts == 0)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	ret = _gnutls_get_auth_info_pcert(&peer_cert,
+					  session->security_parameters.
+					  server_ctype, info);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* Copy public key contents and free the rest */
+	memcpy(pub, &peer_cert.pubkey->params, sizeof(gnutls_pk_params_st));
+	gnutls_free(peer_cert.pubkey);
+	peer_cert.pubkey = NULL;
+	gnutls_pcert_deinit(&peer_cert);
+
+	curve = pub->curve;
+	group = _gnutls_id_to_group(_gnutls_ecc_curve_get_group(curve));
+	if (group == NULL) {
+		_gnutls_debug_log("received unknown curve %d\n", curve);
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	} else {
+		_gnutls_debug_log("received curve %s\n", group->name);
+	}
+
+	ret = _gnutls_session_supports_group(session, group->id);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (pub->algo == GNUTLS_PK_GOST_12_512) {
+		gnutls_sign_algorithm_set_server(session, GNUTLS_SIGN_GOST_512);
+	} else {
+		gnutls_sign_algorithm_set_server(session, GNUTLS_SIGN_GOST_256);
+	}
+
+	_gnutls_session_group_set(session, group);
+
+	ret =  _gnutls_pk_generate_keys(pub->algo,
+					curve,
+					priv, 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	priv->gost_params = pub->gost_params;
+
+	print_priv_key(priv);
+
+	session->key.key.size = 32; /* GOST key size */
+	session->key.key.data = gnutls_malloc(session->key.key.size);
+	if (session->key.key.data == NULL) {
+		gnutls_assert();
+		session->key.key.size = 0;
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	/* Generate random */
+	ret = gnutls_rnd(GNUTLS_RND_RANDOM, session->key.key.data,
+			 session->key.key.size);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_free(session->key.key.data);
+		session->key.key.size = 0;
+		return ret;
+	}
+
+	return 0;
+}
+
+/* KX message is:
+   TLSGostKeyTransportBlob ::= SEQUENCE {
+        keyBlob GostR3410-KeyTransport,
+        proxyKeyBlobs SEQUENCE OF TLSProxyKeyTransportBlob OPTIONAL
+   }
+
+   draft-smyshlyaev-tls12-gost-suites does not define proxyKeyBlobs, but old
+   CSPs still send additional information after keyBlob.
+
+   We only need keyBlob and we completely ignore the rest of the structure.
+
+   _gnutls_gost_keytrans_decrypt will decrypt GostR3410-KeyTransport
+   */
+
+static int
+proc_vko_gost_client_kx(gnutls_session_t session,
+			uint8_t * data, size_t _data_size)
+{
+	int ret, i = 0;
+	ssize_t data_size = _data_size;
+	gnutls_privkey_t privkey = session->internals.selected_key;
+	uint8_t ukm_data[MAX_HASH_SIZE];
+	gnutls_datum_t ukm = {ukm_data, VKO_GOST_UKM_LEN};
+	gnutls_datum_t cek;
+	int len;
+
+	if (!privkey || privkey->type != GNUTLS_PRIVKEY_X509)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	/* Skip TLSGostKeyTransportBlob tag and length */
+	DECR_LEN(data_size, 1);
+	if (data[0] != (ASN1_TAG_SEQUENCE | ASN1_CLASS_STRUCTURED))
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	i += 1;
+
+	ret = asn1_get_length_der(&data[i], data_size, &len);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_ASN1_DER_ERROR);
+	DECR_LEN(data_size, len);
+	i += len;
+
+	/* Check that nothing is left after TLSGostKeyTransportBlob */
+	DECR_LEN_FINAL(data_size, ret);
+
+	/* Point data to GostR3410-KeyTransport */
+	data_size = ret;
+	data += i;
+
+	/* Now do the tricky part: determine length of GostR3410-KeyTransport */
+	DECR_LEN(data_size, 1); /* tag */
+	ret = asn1_get_length_der(&data[1], data_size, &len);
+	DECR_LEN_FINAL(data_size, len + ret);
+
+	cek.data = data;
+	cek.size = ret + len + 1;
+
+	ret = calc_ukm(session, ukm_data);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_gost_keytrans_decrypt(&privkey->key.x509->params,
+					    &cek, &ukm,
+					    &session->key.key);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+static int
+gen_vko_gost_client_kx(gnutls_session_t session,
+		       gnutls_buffer_st * data)
+{
+	int ret;
+	gnutls_datum_t out = {};
+	uint8_t ukm_data[MAX_HASH_SIZE];
+	gnutls_datum_t ukm = {ukm_data, VKO_GOST_UKM_LEN};
+	gnutls_pk_params_st pub;
+	gnutls_pk_params_st priv;
+	uint8_t tl[1 + ASN1_MAX_LENGTH_SIZE];
+	int len;
+
+	ret = calc_ukm(session, ukm_data);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	gnutls_pk_params_init(&pub);
+	gnutls_pk_params_init(&priv);
+	ret = vko_prepare_client_keys(session, &pub, &priv);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_gost_keytrans_encrypt(&pub,
+					    &priv,
+					    &session->key.key,
+					    &ukm, &out);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	tl[0] = ASN1_TAG_SEQUENCE | ASN1_CLASS_STRUCTURED;
+	asn1_length_der(out.size, tl + 1, &len);
+	ret = gnutls_buffer_append_data(data, tl, len + 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_buffer_append_data(data, out.data, out.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = data->length;
+ cleanup:
+	/* no longer needed */
+	gnutls_pk_params_release(&priv);
+	gnutls_pk_params_release(&pub);
+
+	_gnutls_free_datum(&out);
+
+	return ret;
+}
+#endif
diff --git a/lib/auto-verify.c b/lib/auto-verify.c
new file mode 100644
index 0000000..c9ec503
--- /dev/null
+++ b/lib/auto-verify.c
@@ -0,0 +1,154 @@
+/*
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <auth/cert.h>
+#include <gnutls/gnutls.h>
+
+/* This file implements the client certificate auto verification functionality.
+ */
+
+/* The actual verification callback. */
+static int auto_verify_cb(gnutls_session_t session)
+{
+	unsigned int status;
+	int ret;
+
+	if (session->internals.vc_elements == 0) {
+		ret = gnutls_certificate_verify_peers2(session, &status);
+	} else {
+		ret = gnutls_certificate_verify_peers(session, session->internals.vc_data,
+						      session->internals.vc_elements, &status);
+	}
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_CERTIFICATE_ERROR);
+	}
+
+	session->internals.vc_status = status;
+
+	if (status != 0)	/* Certificate is not trusted */
+		return gnutls_assert_val(GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR);
+
+	/* notify gnutls to continue handshake normally */
+	return 0;
+}
+
+/**
+ * gnutls_session_set_verify_cert:
+ * @session: is a gnutls session
+ * @hostname: is the expected name of the peer; may be %NULL
+ * @flags: flags for certificate verification -- #gnutls_certificate_verify_flags
+ *
+ * This function instructs GnuTLS to verify the peer's certificate
+ * using the provided hostname. If the verification fails the handshake
+ * will also fail with %GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR. In that
+ * case the verification result can be obtained using gnutls_session_get_verify_cert_status().
+ *
+ * The @hostname pointer provided must remain valid for the lifetime
+ * of the session. More precisely it should be available during any subsequent
+ * handshakes. If no hostname is provided, no hostname verification
+ * will be performed. For a more advanced verification function check
+ * gnutls_session_set_verify_cert2().
+ *
+ * If @flags is provided which contain a profile, this function should be
+ * called after any session priority setting functions.
+ *
+ * The gnutls_session_set_verify_cert() function is intended to be used by TLS
+ * clients to verify the server's certificate.
+ *
+ * Since: 3.4.6
+ **/
+void gnutls_session_set_verify_cert(gnutls_session_t session,
+				     const char *hostname, unsigned flags)
+{
+	if (hostname) {
+		session->internals.vc_sdata.type = GNUTLS_DT_DNS_HOSTNAME;
+		session->internals.vc_sdata.data = (void*)hostname;
+		session->internals.vc_sdata.size = 0;
+		session->internals.vc_elements = 1;
+		session->internals.vc_data = &session->internals.vc_sdata;
+	} else {
+		session->internals.vc_elements = 0;
+	}
+
+	if (flags) {
+		ADD_PROFILE_VFLAGS(session, flags);
+	}
+
+	gnutls_session_set_verify_function(session, auto_verify_cb);
+}
+
+/**
+ * gnutls_session_set_verify_cert2:
+ * @session: is a gnutls session
+ * @data: an array of typed data
+ * @elements: the number of data elements
+ * @flags: flags for certificate verification -- #gnutls_certificate_verify_flags
+ *
+ * This function instructs GnuTLS to verify the peer's certificate
+ * using the provided typed data information. If the verification fails the handshake
+ * will also fail with %GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR. In that
+ * case the verification result can be obtained using gnutls_session_get_verify_cert_status().
+ *
+ * The acceptable typed data are the same as in gnutls_certificate_verify_peers(),
+ * and once set must remain valid for the lifetime of the session. More precisely
+ * they should be available during any subsequent handshakes.
+ *
+ * If @flags is provided which contain a profile, this function should be
+ * called after any session priority setting functions.
+ *
+ * Since: 3.4.6
+ **/
+void gnutls_session_set_verify_cert2(gnutls_session_t session,
+				     gnutls_typed_vdata_st * data,
+				     unsigned elements,
+				     unsigned flags)
+{
+	session->internals.vc_data = data;
+	session->internals.vc_elements = elements;
+
+	if (flags)
+		session->internals.additional_verify_flags |= flags;
+
+	gnutls_session_set_verify_function(session, auto_verify_cb);
+}
+
+/**
+ * gnutls_session_get_verify_cert_status:
+ * @session: is a gnutls session
+ *
+ * This function returns the status of the verification when initiated
+ * via auto-verification, i.e., by gnutls_session_set_verify_cert2() or
+ * gnutls_session_set_verify_cert(). If no certificate verification
+ * was occurred then the return value would be set to ((unsigned int)-1).
+ *
+ * The certificate verification status is the same as in gnutls_certificate_verify_peers().
+ *
+ * Returns: the certificate verification status.
+ *
+ * Since: 3.4.6
+ **/
+unsigned int gnutls_session_get_verify_cert_status(gnutls_session_t session)
+{
+	return session->internals.vc_status;
+}
diff --git a/lib/buffers.c b/lib/buffers.c
new file mode 100644
index 0000000..2a2aaec
--- /dev/null
+++ b/lib/buffers.c
@@ -0,0 +1,1482 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * This file holds all the buffering code used in gnutls.
+ * The buffering code works as:
+ *
+ * RECORD LAYER:
+ *  1. uses a buffer to hold data (application/handshake),
+ *    we got but they were not requested, yet.
+ *  (see gnutls_record_buffer_put(), gnutls_record_buffer_get_size() etc.)
+ *
+ *  2. uses a buffer to hold data that were incomplete (ie the read/write
+ *    was interrupted)
+ *  (see _gnutls_io_read_buffered(), _gnutls_io_write_buffered() etc.)
+ *
+ * HANDSHAKE LAYER:
+ *  1. Uses buffer to hold the last received handshake message.
+ *  (see _gnutls_handshake_hash_buffer_put() etc.)
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <num.h>
+#include <record.h>
+#include <buffers.h>
+#include <mbuffers.h>
+#include <state.h>
+#include <dtls.h>
+#include <system.h>
+#include <constate.h>	/* gnutls_epoch_get */
+#include <handshake.h>	/* remaining_time() */
+#include <errno.h>
+#include <system.h>
+#include "debug.h"
+
+#ifndef EAGAIN
+#define EAGAIN EWOULDBLOCK
+#endif
+
+/* this is the maximum number of messages allowed to queue.
+ */
+#define MAX_QUEUE 32
+
+/* Buffers received packets of type APPLICATION DATA,
+ * HANDSHAKE DATA and HEARTBEAT.
+ */
+void
+_gnutls_record_buffer_put(gnutls_session_t session,
+			  content_type_t type, uint64_t seq,
+			  mbuffer_st * bufel)
+{
+
+	bufel->type = type;
+	bufel->record_sequence = seq;
+
+	_mbuffer_enqueue(&session->internals.record_buffer, bufel);
+	_gnutls_buffers_log("BUF[REC]: Inserted %d bytes of Data(%d)\n",
+			    (int) bufel->msg.size, (int) type);
+
+	return;
+}
+
+/**
+ * gnutls_record_check_pending:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function checks if there are unread data
+ * in the gnutls buffers. If the return value is
+ * non-zero the next call to gnutls_record_recv()
+ * is guaranteed not to block.
+ *
+ * Returns: Returns the size of the data or zero.
+ **/
+size_t gnutls_record_check_pending(gnutls_session_t session)
+{
+	return _gnutls_record_buffer_get_size(session);
+}
+
+/**
+ * gnutls_record_check_corked:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function checks if there pending corked
+ * data in the gnutls buffers --see gnutls_record_cork().
+ *
+ * Returns: Returns the size of the corked data or zero.
+ *
+ * Since: 3.2.8
+ **/
+size_t gnutls_record_check_corked(gnutls_session_t session)
+{
+	return session->internals.record_presend_buffer.length;
+}
+
+int
+_gnutls_record_buffer_get(content_type_t type,
+			  gnutls_session_t session, uint8_t * data,
+			  size_t length, uint8_t seq[8])
+{
+	gnutls_datum_t msg;
+	mbuffer_st *bufel;
+
+	if (length == 0 || data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	bufel =
+	    _mbuffer_head_get_first(&session->internals.record_buffer,
+				    &msg);
+	if (bufel == NULL)
+		return
+		    gnutls_assert_val
+		    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (type != bufel->type) {
+		if (IS_DTLS(session))
+			_gnutls_audit_log(session,
+					  "Discarded unexpected %s (%d) packet (expecting: %s (%d))\n",
+					  _gnutls_packet2str(bufel->type),
+					  (int) bufel->type,
+					  _gnutls_packet2str(type),
+					  (int) type);
+		else
+			_gnutls_debug_log("received unexpected packet: %s(%d)\n",
+						_gnutls_packet2str(bufel->type), (int)bufel->type);
+
+		_mbuffer_head_remove_bytes(&session->internals.
+					   record_buffer, msg.size);
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+	}
+
+	if (msg.size <= length)
+		length = msg.size;
+
+	if (seq)
+		_gnutls_write_uint64(bufel->record_sequence, seq);
+
+	memcpy(data, msg.data, length);
+	_mbuffer_head_remove_bytes(&session->internals.record_buffer,
+				   length);
+
+	return length;
+}
+
+int
+_gnutls_record_buffer_get_packet(content_type_t type, gnutls_session_t session, gnutls_packet_t *packet)
+{
+	mbuffer_st *bufel;
+
+	bufel =
+	    _mbuffer_head_pop_first(&session->internals.record_buffer);
+	if (bufel == NULL)
+		return
+		    gnutls_assert_val
+		    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (type != bufel->type) {
+		if (IS_DTLS(session))
+			_gnutls_audit_log(session,
+					  "Discarded unexpected %s (%d) packet (expecting: %s)\n",
+					  _gnutls_packet2str(bufel->type),
+					  (int) bufel->type,
+					  _gnutls_packet2str(type));
+		_mbuffer_head_remove_bytes(&session->internals.
+					   record_buffer, bufel->msg.size);
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+	}
+
+	*packet = bufel;
+
+	return bufel->msg.size - bufel->mark;
+}
+
+inline static void reset_errno(gnutls_session_t session)
+{
+	session->internals.errnum = 0;
+}
+
+inline static int get_errno(gnutls_session_t session)
+{
+	int ret;
+
+	if (session->internals.errnum != 0)
+		ret = session->internals.errnum;
+	else
+		ret =
+		    session->internals.errno_func(session->internals.
+						  transport_recv_ptr);
+	return ret;
+}
+
+inline static
+int errno_to_gerr(int err, unsigned dtls)
+{
+	switch (err) {
+	case EAGAIN:
+		return GNUTLS_E_AGAIN;
+	case EINTR:
+		return GNUTLS_E_INTERRUPTED;
+	case EMSGSIZE:
+		if (dtls != 0)
+			return GNUTLS_E_LARGE_PACKET;
+		else
+			return GNUTLS_E_PUSH_ERROR;
+	case ECONNRESET:
+		return GNUTLS_E_PREMATURE_TERMINATION;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_PUSH_ERROR;
+	}
+}
+
+static ssize_t
+_gnutls_dgram_read(gnutls_session_t session, mbuffer_st ** bufel,
+		   gnutls_pull_func pull_func, unsigned int *ms)
+{
+	ssize_t i, ret;
+	uint8_t *ptr;
+	struct timespec t1, t2;
+	size_t max_size, recv_size;
+	gnutls_transport_ptr_t fd = session->internals.transport_recv_ptr;
+	unsigned int diff;
+
+	max_size = max_record_recv_size(session);
+	recv_size = max_size;
+
+	session->internals.direction = 0;
+
+	if (ms && *ms > 0) {
+		ret = _gnutls_io_check_recv(session, *ms);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		gnutls_gettime(&t1);
+	}
+
+	*bufel = _mbuffer_alloc_align16(max_size, get_total_headers(session));
+	if (*bufel == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	ptr = (*bufel)->msg.data;
+
+	reset_errno(session);
+	i = pull_func(fd, ptr, recv_size);
+
+	if (i < 0) {
+		int err = get_errno(session);
+
+		_gnutls_read_log("READ: %d returned from %p, errno=%d\n",
+				 (int) i, fd, err);
+
+		ret = errno_to_gerr(err, 1);
+		goto cleanup;
+	} else {
+		_gnutls_read_log("READ: Got %d bytes from %p\n", (int) i,
+				 fd);
+		if (i == 0) {
+			/* If we get here, we likely have a stream socket.
+			 * That assumption may not work on DCCP. */
+			gnutls_assert();
+			ret = 0;
+			goto cleanup;
+		}
+
+		_mbuffer_set_udata_size(*bufel, i);
+	}
+
+	if (ms && *ms > 0) {
+		gnutls_gettime(&t2);
+		diff = timespec_sub_ms(&t2, &t1);
+		if (diff < *ms)
+			*ms -= diff;
+		else {
+			ret = gnutls_assert_val(GNUTLS_E_TIMEDOUT);
+			goto cleanup;
+		}
+	}
+
+	_gnutls_read_log("READ: read %d bytes from %p\n", (int) i, fd);
+
+	return i;
+
+      cleanup:
+	_mbuffer_xfree(bufel);
+	return ret;
+}
+
+static ssize_t
+_gnutls_stream_read(gnutls_session_t session, mbuffer_st ** bufel,
+		    size_t size, gnutls_pull_func pull_func,
+		    unsigned int *ms)
+{
+	size_t left;
+	ssize_t i = 0;
+	size_t max_size = max_record_recv_size(session);
+	uint8_t *ptr;
+	gnutls_transport_ptr_t fd = session->internals.transport_recv_ptr;
+	int ret;
+	struct timespec t1, t2;
+	unsigned int diff;
+
+	session->internals.direction = 0;
+
+	*bufel = _mbuffer_alloc_align16(MAX(max_size, size), get_total_headers(session));
+	if (!*bufel) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+	ptr = (*bufel)->msg.data;
+
+	left = size;
+	while (left > 0) {
+		if (ms && *ms > 0) {
+			ret = _gnutls_io_check_recv(session, *ms);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			gnutls_gettime(&t1);
+		}
+
+		reset_errno(session);
+
+		i = pull_func(fd, &ptr[size - left], left);
+
+		if (i < 0) {
+			int err = get_errno(session);
+
+			_gnutls_read_log
+			    ("READ: %d returned from %p, errno=%d gerrno=%d\n",
+			     (int) i, fd, errno,
+			     session->internals.errnum);
+
+			if (err == EAGAIN || err == EINTR) {
+				if (size - left > 0) {
+
+					_gnutls_read_log
+					    ("READ: returning %d bytes from %p\n",
+					     (int) (size - left), fd);
+
+					goto finish;
+				}
+
+				ret = errno_to_gerr(err, 0);
+				goto cleanup;
+			} else {
+				gnutls_assert();
+				ret = GNUTLS_E_PULL_ERROR;
+				goto cleanup;
+			}
+		} else {
+
+			_gnutls_read_log("READ: Got %d bytes from %p\n",
+					 (int) i, fd);
+
+			if (i == 0)
+				break;	/* EOF */
+		}
+
+		left -= i;
+		(*bufel)->msg.size += i;
+
+		if (ms && *ms > 0 && *ms != GNUTLS_INDEFINITE_TIMEOUT) {
+			gnutls_gettime(&t2);
+			diff = timespec_sub_ms(&t2, &t1);
+			if (diff < *ms)
+				*ms -= diff;
+			else {
+				ret = gnutls_assert_val(GNUTLS_E_TIMEDOUT);
+				goto cleanup;
+			}
+		}
+	}
+
+      finish:
+
+	_gnutls_read_log("READ: read %d bytes from %p\n",
+			 (int) (size - left), fd);
+
+	if (size - left == 0)
+		_mbuffer_xfree(bufel);
+
+	return (size - left);
+
+      cleanup:
+	_mbuffer_xfree(bufel);
+	return ret;
+}
+
+
+/* This function is like read. But it does not return -1 on error.
+ * It does return gnutls_errno instead.
+ *
+ * Flags are only used if the default recv() function is being used.
+ */
+static ssize_t
+_gnutls_read(gnutls_session_t session, mbuffer_st ** bufel,
+	     size_t size, gnutls_pull_func pull_func, unsigned int *ms)
+{
+	if (IS_DTLS(session))
+		/* Size is not passed, since a whole datagram will be read. */
+		return _gnutls_dgram_read(session, bufel, pull_func, ms);
+	else
+		return _gnutls_stream_read(session, bufel, size, pull_func,
+					   ms);
+}
+
+/* @vec: if non-zero then the vector function will be used to
+ *       push the data.
+ */
+static ssize_t
+_gnutls_writev_emu(gnutls_session_t session, gnutls_transport_ptr_t fd,
+		   const giovec_t * giovec, unsigned int giovec_cnt, unsigned vec)
+{
+	unsigned int j = 0;
+	size_t total = 0;
+	ssize_t ret = 0;
+
+	for (j = 0; j < giovec_cnt; j++) {
+		if (vec) {
+			ret = session->internals.vec_push_func(fd, &giovec[j], 1);
+		} else {
+			size_t sent = 0;
+			ssize_t left = giovec[j].iov_len;
+			char *p = giovec[j].iov_base;
+			do {
+				ret =
+				    session->internals.push_func(fd, p,
+								 left);
+				if (ret > 0) {
+					sent += ret;
+					left -= ret;
+					p += ret;
+				}
+			} while(ret > 0 && left > 0);
+
+			if (sent > 0)
+				ret = sent;
+		}
+
+		if (ret == -1) {
+			gnutls_assert();
+			break;
+		}
+
+		total += ret;
+
+		if ((size_t) ret != giovec[j].iov_len)
+			break;
+	}
+
+	if (total > 0)
+		return total;
+
+	return ret;
+}
+
+/* @total: The sum of the data in giovec
+ */
+static ssize_t
+_gnutls_writev(gnutls_session_t session, const giovec_t * giovec,
+	       unsigned giovec_cnt, unsigned total)
+{
+	int i;
+	bool is_dtls = IS_DTLS(session);
+	unsigned no_writev = 0;
+	gnutls_transport_ptr_t fd = session->internals.transport_send_ptr;
+
+	reset_errno(session);
+
+	if (session->internals.vec_push_func != NULL) {
+		if (is_dtls && giovec_cnt > 1) {
+			if (total > session->internals.dtls.mtu) {
+				no_writev = 1;
+			}
+		}
+
+		if (no_writev == 0) {
+			i = session->internals.vec_push_func(fd, giovec, giovec_cnt);
+		} else {
+			i = _gnutls_writev_emu(session, fd, giovec, giovec_cnt, 1);
+		}
+	} else if (session->internals.push_func != NULL) {
+		i = _gnutls_writev_emu(session, fd, giovec, giovec_cnt, 0);
+	} else
+		return gnutls_assert_val(GNUTLS_E_PUSH_ERROR);
+
+	if (i == -1) {
+		int err = get_errno(session);
+		_gnutls_debug_log("WRITE: %d returned from %p, errno: %d\n",
+				  i, fd, err);
+
+		return errno_to_gerr(err, is_dtls);
+	}
+	return i;
+}
+
+/*
+ * @ms: a pointer to the number of milliseconds to wait for data. Use zero or NULL for indefinite.
+ *
+ * This function is like recv(with MSG_PEEK). But it does not return -1 on error.
+ * It does return gnutls_errno instead.
+ * This function reads data from the socket and keeps them in a buffer, of up to
+ * max_record_recv_size.
+ *
+ * This is not a general purpose function. It returns EXACTLY the data requested,
+ * which are stored in a local (in the session) buffer.
+ *
+ * If the @ms parameter is non zero then this function will return before
+ * the given amount of milliseconds or return GNUTLS_E_TIMEDOUT.
+ *
+ */
+ssize_t
+_gnutls_io_read_buffered(gnutls_session_t session, size_t total,
+			 content_type_t recv_type, unsigned int *ms)
+{
+	ssize_t ret;
+	size_t min;
+	mbuffer_st *bufel = NULL;
+	size_t recvdata, readsize;
+
+	if (total > max_record_recv_size(session) || total == 0) {
+		gnutls_assert();
+		return GNUTLS_E_RECORD_OVERFLOW;
+	}
+
+	/* calculate the actual size, ie. get the minimum of the
+	 * buffered data and the requested data.
+	 */
+	min =
+	    MIN(session->internals.record_recv_buffer.byte_length, total);
+	if (min > 0) {
+		/* if we have enough buffered data
+		 * then just return them.
+		 */
+		if (min == total) {
+			return min;
+		}
+	}
+
+	/* min is over zero. recvdata is the data we must
+	 * receive in order to return the requested data.
+	 */
+	recvdata = total - min;
+	readsize = recvdata;
+
+	/* Check if the previously read data plus the new data to
+	 * receive are longer than the maximum receive buffer size.
+	 */
+	if ((session->internals.record_recv_buffer.byte_length +
+	     recvdata) > max_record_recv_size(session)) {
+		gnutls_assert();	/* internal error */
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* READ DATA
+	 */
+	if (readsize > 0) {
+		ret =
+		    _gnutls_read(session, &bufel, readsize,
+				 session->internals.pull_func, ms);
+
+		/* return immediately if we got an interrupt or eagain
+		 * error.
+		 */
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		if (ret == 0)	/* EOF */
+			return gnutls_assert_val(0);
+
+		/* copy fresh data to our buffer.
+		 */
+		_gnutls_read_log
+		    ("RB: Have %d bytes into buffer. Adding %d bytes.\n",
+		     (int) session->internals.record_recv_buffer.
+		     byte_length, (int) ret);
+		_gnutls_read_log("RB: Requested %d bytes\n", (int) total);
+
+		_mbuffer_enqueue(&session->internals.record_recv_buffer,
+				 bufel);
+
+		if (IS_DTLS(session))
+			ret =
+			    MIN(total,
+				session->internals.record_recv_buffer.
+				byte_length);
+		else
+			ret =
+			    session->internals.record_recv_buffer.
+			    byte_length;
+
+		if ((ret > 0) && ((size_t) ret < total))	/* Short Read */
+			return gnutls_assert_val(GNUTLS_E_AGAIN);
+		else
+			return ret;
+	} else
+		return gnutls_assert_val(0);
+}
+
+/* This function is like write. But it does not return -1 on error.
+ * It does return gnutls_errno instead.
+ *
+ * This function takes full responsibility of freeing msg->data.
+ *
+ * In case of E_AGAIN and E_INTERRUPTED errors, you must call
+ * gnutls_write_flush(), until it returns ok (0).
+ *
+ * We need to push exactly the data in msg->size, since we cannot send
+ * less data. In TLS the peer must receive the whole packet in order
+ * to decrypt and verify the integrity.
+ *
+ */
+ssize_t
+_gnutls_io_write_buffered(gnutls_session_t session,
+			  mbuffer_st * bufel, unsigned int mflag)
+{
+	mbuffer_head_st *const send_buffer =
+	    &session->internals.record_send_buffer;
+
+	/* to know where the procedure was interrupted.
+	 */
+	session->internals.direction = 1;
+
+	_mbuffer_enqueue(send_buffer, bufel);
+
+	_gnutls_write_log
+	    ("WRITE: enqueued %d bytes for %p. Total %d bytes.\n",
+	     (int) bufel->msg.size, session->internals.transport_recv_ptr,
+	     (int) send_buffer->byte_length);
+
+	if (mflag == MBUFFER_FLUSH)
+		return _gnutls_io_write_flush(session);
+	else
+		return bufel->msg.size;
+}
+
+typedef ssize_t(*send_func) (gnutls_session_t, const giovec_t *, int);
+
+/* This function writes the data that are left in the
+ * TLS write buffer (ie. because the previous write was
+ * interrupted.
+ */
+ssize_t _gnutls_io_write_flush(gnutls_session_t session)
+{
+	gnutls_datum_t msg;
+	mbuffer_head_st *send_buffer =
+	    &session->internals.record_send_buffer;
+	int ret;
+	ssize_t sent = 0, tosend = 0;
+	giovec_t iovec[MAX_QUEUE];
+	int i = 0;
+	mbuffer_st *cur;
+
+	session->internals.direction = 1;
+	_gnutls_write_log("WRITE FLUSH: %d bytes in buffer.\n",
+			  (int) send_buffer->byte_length);
+
+	for (cur = _mbuffer_head_get_first(send_buffer, &msg);
+	     cur != NULL; cur = _mbuffer_head_get_next(cur, &msg)) {
+		iovec[i].iov_base = msg.data;
+		iovec[i++].iov_len = msg.size;
+		tosend += msg.size;
+
+		/* we buffer up to MAX_QUEUE messages */
+		if (i >= MAX_QUEUE) {
+			gnutls_assert();
+			return GNUTLS_E_INTERNAL_ERROR;
+		}
+	}
+
+	if (tosend == 0) {
+		gnutls_assert();
+		return 0;
+	}
+
+	ret = _gnutls_writev(session, iovec, i, tosend);
+	if (ret >= 0) {
+		_mbuffer_head_remove_bytes(send_buffer, ret);
+		_gnutls_write_log
+		    ("WRITE: wrote %d bytes, %d bytes left.\n", ret,
+		     (int) send_buffer->byte_length);
+
+		sent += ret;
+	} else if (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN) {
+		_gnutls_write_log("WRITE interrupted: %d bytes left.\n",
+				  (int) send_buffer->byte_length);
+		return ret;
+	} else if (ret == GNUTLS_E_LARGE_PACKET) {
+		_mbuffer_head_remove_bytes(send_buffer, tosend);
+		_gnutls_write_log
+		    ("WRITE cannot send large packet (%u bytes).\n",
+		     (unsigned int) tosend);
+		return ret;
+	} else {
+		_gnutls_write_log("WRITE error: code %d, %d bytes left.\n",
+				  ret, (int) send_buffer->byte_length);
+
+		gnutls_assert();
+		return ret;
+	}
+
+	if (sent < tosend) {
+		return gnutls_assert_val(GNUTLS_E_AGAIN);
+	}
+
+	return sent;
+}
+
+/* Checks whether there are received data within
+ * a timeframe.
+ *
+ * Returns 0 if data were received, GNUTLS_E_TIMEDOUT
+ * on timeout and a negative error code on error.
+ */
+int _gnutls_io_check_recv(gnutls_session_t session, unsigned int ms)
+{
+	gnutls_transport_ptr_t fd = session->internals.transport_recv_ptr;
+	int ret = 0, err;
+
+	if (NO_TIMEOUT_FUNC_SET(session)) {
+		_gnutls_debug_log("The pull function has been replaced but not the pull timeout.\n");
+		return gnutls_assert_val(GNUTLS_E_PULL_ERROR);
+	}
+
+	reset_errno(session);
+
+	ret = session->internals.pull_timeout_func(fd, ms);
+	if (ret == -1) {
+		err = get_errno(session);
+		_gnutls_read_log
+		    ("READ_TIMEOUT: %d returned from %p, errno=%d (timeout: %u)\n",
+		     (int) ret, fd, err, ms);
+		return errno_to_gerr(err, IS_DTLS(session));
+	}
+
+	if (ret > 0)
+		return 0;
+	else
+		return GNUTLS_E_TIMEDOUT;
+}
+
+/* HANDSHAKE buffers part
+ */
+
+/* This function writes the data that are left in the
+ * Handshake write buffer (ie. because the previous write was
+ * interrupted.
+ *
+ */
+ssize_t _gnutls_handshake_io_write_flush(gnutls_session_t session)
+{
+	mbuffer_head_st *const send_buffer =
+	    &session->internals.handshake_send_buffer;
+	gnutls_datum_t msg;
+	int ret;
+	uint16_t epoch;
+	ssize_t total = 0;
+	mbuffer_st *cur;
+
+	_gnutls_write_log("HWRITE FLUSH: %d bytes in buffer.\n",
+			  (int) send_buffer->byte_length);
+
+	if (IS_DTLS(session))
+		return _dtls_transmit(session);
+
+	for (cur = _mbuffer_head_get_first(send_buffer, &msg);
+	     cur != NULL; cur = _mbuffer_head_get_first(send_buffer, &msg))
+	{
+		epoch = cur->epoch;
+
+		if (session->internals.h_read_func) {
+			record_parameters_st *params;
+
+			ret = _gnutls_epoch_get(session, epoch, &params);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+			ret = session->internals.h_read_func(session,
+							     params->write.level,
+							     cur->htype,
+							     msg.data,
+							     msg.size);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			ret = msg.size;
+		} else {
+			ret = _gnutls_send_int(session, cur->type,
+					       cur->htype,
+					       epoch, msg.data, msg.size, 0);
+		}
+
+		if (ret >= 0) {
+			total += ret;
+
+			ret = _mbuffer_head_remove_bytes(send_buffer, ret);
+			/* for each queued message we send, ensure that
+			 * we drop the epoch refcount set in _gnutls_handshake_io_cache_int(). */
+			if (ret == 1)
+				_gnutls_epoch_refcount_dec(session, epoch);
+
+			_gnutls_write_log
+			    ("HWRITE: wrote %d bytes, %d bytes left.\n",
+			     ret, (int) send_buffer->byte_length);
+
+		} else {
+			_gnutls_write_log
+			    ("HWRITE error: code %d, %d bytes left.\n",
+			     ret, (int) send_buffer->byte_length);
+
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	return _gnutls_io_write_flush(session);
+}
+
+
+/* This is a send function for the gnutls handshake
+ * protocol. Just makes sure that all data have been sent.
+ *
+ */
+int
+_gnutls_handshake_io_cache_int(gnutls_session_t session,
+			       gnutls_handshake_description_t htype,
+			       mbuffer_st * bufel)
+{
+	mbuffer_head_st *send_buffer;
+
+	if (IS_DTLS(session)) {
+		bufel->handshake_sequence =
+		    session->internals.dtls.hsk_write_seq - 1;
+	}
+
+	send_buffer = &session->internals.handshake_send_buffer;
+
+	/* ensure that our epoch does not get garbage collected
+	 * before we send all queued messages with it */
+	bufel->epoch =
+	    (uint16_t) _gnutls_epoch_refcount_inc(session,
+						  EPOCH_WRITE_CURRENT);
+	bufel->htype = htype;
+	if (bufel->htype == GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC)
+		bufel->type = GNUTLS_CHANGE_CIPHER_SPEC;
+	else
+		bufel->type = GNUTLS_HANDSHAKE;
+
+	_mbuffer_enqueue(send_buffer, bufel);
+
+	_gnutls_write_log
+	    ("HWRITE: enqueued [%s] %d. Total %d bytes.\n",
+	     _gnutls_handshake2str(bufel->htype), (int) bufel->msg.size,
+	     (int) send_buffer->byte_length);
+
+	return 0;
+}
+
+static int handshake_compare(const void *_e1, const void *_e2)
+{
+	const handshake_buffer_st *e1 = _e1;
+	const handshake_buffer_st *e2 = _e2;
+
+	if (e1->sequence <= e2->sequence)
+		return 1;
+	else
+		return -1;
+}
+
+#define SSL2_HEADERS 1
+static int
+parse_handshake_header(gnutls_session_t session, mbuffer_st * bufel,
+		       handshake_buffer_st * hsk)
+{
+	uint8_t *dataptr = NULL;	/* for realloc */
+	size_t handshake_header_size =
+	    HANDSHAKE_HEADER_SIZE(session), data_size, frag_size;
+
+	/* Note: SSL2_HEADERS == 1 */
+	if (_mbuffer_get_udata_size(bufel) < handshake_header_size)
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	dataptr = _mbuffer_get_udata_ptr(bufel);
+
+	/* if reading a client hello of SSLv2 */
+#ifdef ENABLE_SSL2
+	if (unlikely
+	    (!IS_DTLS(session)
+	     && bufel->htype == GNUTLS_HANDSHAKE_CLIENT_HELLO_V2)) {
+		handshake_header_size = SSL2_HEADERS;	/* we've already read one byte */
+
+		frag_size = _mbuffer_get_udata_size(bufel) - handshake_header_size;	/* we've read the first byte */
+
+		if (dataptr[0] != GNUTLS_HANDSHAKE_CLIENT_HELLO)
+			return
+			    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+
+		hsk->rtype = hsk->htype = GNUTLS_HANDSHAKE_CLIENT_HELLO_V2;
+
+		hsk->sequence = 0;
+		hsk->start_offset = 0;
+		hsk->length = frag_size;
+	} else
+#endif
+	{	/* TLS or DTLS handshake headers */
+
+
+		hsk->rtype = hsk->htype = dataptr[0];
+
+		/* we do not use DECR_LEN because we know
+		 * that the packet has enough data.
+		 */
+		hsk->length = _gnutls_read_uint24(&dataptr[1]);
+
+		if (IS_DTLS(session)) {
+			hsk->sequence = _gnutls_read_uint16(&dataptr[4]);
+			hsk->start_offset =
+			    _gnutls_read_uint24(&dataptr[6]);
+			frag_size =
+			    _gnutls_read_uint24(&dataptr[9]);
+		} else {
+			hsk->sequence = 0;
+			hsk->start_offset = 0;
+			frag_size =
+			    MIN((_mbuffer_get_udata_size(bufel) -
+				 handshake_header_size), hsk->length);
+		}
+
+		/* TLS1.3: distinguish server hello versus hello retry request.
+		 * The epitome of slick protocol design. */
+		if (hsk->htype == GNUTLS_HANDSHAKE_SERVER_HELLO && hsk->start_offset == 0 && !IS_DTLS(session)) {
+			if (_mbuffer_get_udata_size(bufel) > handshake_header_size+2+GNUTLS_RANDOM_SIZE &&
+			    memcmp(dataptr+handshake_header_size+2, HRR_RANDOM, GNUTLS_RANDOM_SIZE) == 0) {
+				hsk->htype = GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST;
+			}
+		}
+	}
+	data_size = _mbuffer_get_udata_size(bufel) - handshake_header_size;
+
+	if (frag_size > 0)
+		hsk->end_offset = hsk->start_offset + frag_size - 1;
+	else
+		hsk->end_offset = 0;
+
+	_gnutls_handshake_log
+	    ("HSK[%p]: %s (%u) was received. Length %d[%d], frag offset %d, frag length: %d, sequence: %d\n",
+	     session, _gnutls_handshake2str(hsk->htype),
+	     (unsigned) hsk->htype, (int) hsk->length, (int) data_size,
+	     hsk->start_offset, (int) frag_size,
+	     (int) hsk->sequence);
+
+	hsk->header_size = handshake_header_size;
+	memcpy(hsk->header, _mbuffer_get_udata_ptr(bufel),
+	       handshake_header_size);
+
+	if (hsk->length > 0 && (frag_size > data_size ||
+				(frag_size > 0 &&
+				 hsk->end_offset >= hsk->length))) {
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+	}
+	else if (hsk->length == 0 && hsk->end_offset != 0
+		 && hsk->start_offset != 0)
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	return handshake_header_size;
+}
+
+static void _gnutls_handshake_buffer_move(handshake_buffer_st * dst,
+					  handshake_buffer_st * src)
+{
+	memcpy(dst, src, sizeof(*dst));
+	memset(src, 0, sizeof(*src));
+	src->htype = -1;
+}
+
+/* will merge the given handshake_buffer_st to the handshake_recv_buffer
+ * list. The given hsk packet will be released in any case (success or failure).
+ * Only used in DTLS.
+ */
+static int merge_handshake_packet(gnutls_session_t session,
+				  handshake_buffer_st * hsk)
+{
+	int exists = 0, i, pos = 0;
+	int ret;
+
+	for (i = 0; i < session->internals.handshake_recv_buffer_size; i++) {
+		if (session->internals.handshake_recv_buffer[i].htype ==
+		    hsk->htype) {
+			exists = 1;
+			pos = i;
+			break;
+		}
+	}
+
+	if (!exists)
+		pos = session->internals.handshake_recv_buffer_size;
+
+	if (pos >= MAX_HANDSHAKE_MSGS)
+		return
+		    gnutls_assert_val(GNUTLS_E_TOO_MANY_HANDSHAKE_PACKETS);
+
+	if (!exists) {
+		if (hsk->length > 0 && hsk->end_offset > 0
+		    && hsk->end_offset - hsk->start_offset + 1 !=
+		    hsk->length) {
+			ret =
+			    _gnutls_buffer_resize(&hsk->data, hsk->length);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			hsk->data.length = hsk->length;
+
+			memmove(&hsk->data.data[hsk->start_offset],
+				hsk->data.data,
+				hsk->end_offset - hsk->start_offset + 1);
+		}
+
+		session->internals.handshake_recv_buffer_size++;
+
+		/* rewrite headers to make them look as each packet came as a single fragment */
+		_gnutls_write_uint24(hsk->length, &hsk->header[1]);
+		_gnutls_write_uint24(0, &hsk->header[6]);
+		_gnutls_write_uint24(hsk->length, &hsk->header[9]);
+
+		_gnutls_handshake_buffer_move(&session->internals.
+					      handshake_recv_buffer[pos],
+					      hsk);
+
+	} else {
+		if (hsk->start_offset <
+		    session->internals.handshake_recv_buffer[pos].
+		    start_offset
+		    && hsk->end_offset + 1 >=
+		    session->internals.handshake_recv_buffer[pos].
+		    start_offset) {
+			memcpy(&session->internals.
+			       handshake_recv_buffer[pos].data.data[hsk->
+								    start_offset],
+			       hsk->data.data, hsk->data.length);
+			session->internals.handshake_recv_buffer[pos].
+			    start_offset = hsk->start_offset;
+			session->internals.handshake_recv_buffer[pos].
+			    end_offset =
+			    MIN(hsk->end_offset,
+				session->internals.
+				handshake_recv_buffer[pos].end_offset);
+		} else if (hsk->end_offset >
+			   session->internals.handshake_recv_buffer[pos].
+			   end_offset
+			   && hsk->start_offset <=
+			   session->internals.handshake_recv_buffer[pos].
+			   end_offset + 1) {
+			memcpy(&session->internals.
+			       handshake_recv_buffer[pos].data.data[hsk->
+								    start_offset],
+			       hsk->data.data, hsk->data.length);
+
+			session->internals.handshake_recv_buffer[pos].
+			    end_offset = hsk->end_offset;
+			session->internals.handshake_recv_buffer[pos].
+			    start_offset =
+			    MIN(hsk->start_offset,
+				session->internals.
+				handshake_recv_buffer[pos].start_offset);
+		}
+		_gnutls_handshake_buffer_clear(hsk);
+	}
+
+	return 0;
+}
+
+/* returns non-zero on match and zero on mismatch
+ */
+inline static int cmp_hsk_types(gnutls_handshake_description_t expected,
+				gnutls_handshake_description_t recvd)
+{
+	if (expected == GNUTLS_HANDSHAKE_ANY)
+		return 1;
+
+#ifdef ENABLE_SSL2
+	if (expected == GNUTLS_HANDSHAKE_CLIENT_HELLO
+	     && recvd == GNUTLS_HANDSHAKE_CLIENT_HELLO_V2)
+		return 1;
+#endif
+	if (expected != recvd)
+		return 0;
+
+	return 1;
+}
+
+#define LAST_ELEMENT (session->internals.handshake_recv_buffer_size-1)
+
+/* returns the last stored handshake packet.
+ */
+static int get_last_packet(gnutls_session_t session,
+			   gnutls_handshake_description_t htype,
+			   handshake_buffer_st * hsk,
+			   unsigned int optional)
+{
+	handshake_buffer_st *recv_buf =
+	    session->internals.handshake_recv_buffer;
+
+	if (IS_DTLS(session)) {
+		if (session->internals.handshake_recv_buffer_size == 0 ||
+		    (session->internals.dtls.hsk_read_seq !=
+		     recv_buf[LAST_ELEMENT].sequence))
+			goto timeout;
+
+		if (htype != recv_buf[LAST_ELEMENT].htype) {
+			if (optional == 0)
+				_gnutls_audit_log(session,
+						  "Received unexpected handshake message '%s' (%d). Expected '%s' (%d)\n",
+						  _gnutls_handshake2str
+						  (recv_buf[0].htype),
+						  (int) recv_buf[0].htype,
+						  _gnutls_handshake2str
+						  (htype), (int) htype);
+
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET);
+		}
+
+		else if ((recv_buf[LAST_ELEMENT].start_offset == 0 &&
+			  recv_buf[LAST_ELEMENT].end_offset ==
+			  recv_buf[LAST_ELEMENT].length - 1)
+			 || recv_buf[LAST_ELEMENT].length == 0) {
+			session->internals.dtls.hsk_read_seq++;
+			_gnutls_handshake_buffer_move(hsk,
+						      &recv_buf
+						      [LAST_ELEMENT]);
+			session->internals.handshake_recv_buffer_size--;
+			return 0;
+		} else {
+			/* if we don't have a complete handshake message, but we
+			 * have queued data waiting, try again to reconstruct the
+			 * handshake packet, using the queued */
+			if (recv_buf[LAST_ELEMENT].end_offset != recv_buf[LAST_ELEMENT].length - 1 &&
+			    record_check_unprocessed(session) > 0)
+				return gnutls_assert_val(GNUTLS_E_INT_CHECK_AGAIN);
+			else
+				goto timeout;
+		}
+	} else {		/* TLS */
+
+		if (session->internals.handshake_recv_buffer_size > 0
+		    && recv_buf[0].length == recv_buf[0].data.length) {
+			if (cmp_hsk_types(htype, recv_buf[0].htype) == 0) {
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET);
+			}
+
+			_gnutls_handshake_buffer_move(hsk, &recv_buf[0]);
+			session->internals.handshake_recv_buffer_size--;
+			return 0;
+		} else
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+	}
+
+      timeout:
+	RETURN_DTLS_EAGAIN_OR_TIMEOUT(session, 0);
+}
+
+/* This is a receive function for the gnutls handshake
+ * protocol. Makes sure that we have received all data.
+ *
+ * htype is the next handshake packet expected.
+ */
+int _gnutls_parse_record_buffered_msgs(gnutls_session_t session)
+{
+	gnutls_datum_t msg;
+	mbuffer_st *bufel = NULL, *prev = NULL;
+	int ret;
+	size_t data_size;
+	handshake_buffer_st *recv_buf =
+	    session->internals.handshake_recv_buffer;
+
+	bufel =
+	    _mbuffer_head_get_first(&session->internals.record_buffer,
+				    &msg);
+	if (bufel == NULL)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+	if (!IS_DTLS(session)) {
+		ssize_t append, header_size;
+
+		do {
+			if (bufel->type != GNUTLS_HANDSHAKE)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_UNEXPECTED_PACKET);
+
+			if (unlikely
+			    (session->internals.handshake_recv_buffer_size == 0 &&
+			     msg.size < HANDSHAKE_HEADER_SIZE(session) &&
+			     session->internals.handshake_header_recv_buffer.byte_length <
+			     HANDSHAKE_HEADER_SIZE(session) - msg.size)) {
+				bufel = _mbuffer_head_pop_first(&session->internals.record_buffer);
+				_mbuffer_enqueue(&session->internals.handshake_header_recv_buffer,
+						 bufel);
+				break;
+			} else if (session->internals.handshake_recv_buffer_size >
+				   0 && recv_buf[0].length > recv_buf[0].data.length) {
+				/* this is the rest of a previous message */
+				append = MIN(msg.size,
+					     recv_buf[0].length -
+					     recv_buf[0].data.length);
+
+				ret =
+				    _gnutls_buffer_append_data(&recv_buf
+							       [0].data,
+							       msg.data,
+							       append);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+
+				_mbuffer_head_remove_bytes(&session->
+							   internals.
+							   record_buffer,
+							   append);
+			} else {	/* received new message */
+				if (unlikely
+				    (session->internals.
+				     handshake_header_recv_buffer.length > 0)) {
+					bufel = _mbuffer_head_pop_first(&session->internals.
+									record_buffer);
+					_mbuffer_enqueue(&session->internals.
+							 handshake_header_recv_buffer,
+							 bufel);
+					ret = _mbuffer_linearize_align16(&session->internals.
+									 handshake_header_recv_buffer,
+									 get_total_headers(session));
+					if (ret < 0)
+						return gnutls_assert_val(ret);
+					bufel = _mbuffer_head_pop_first(&session->internals.
+									handshake_header_recv_buffer);
+					_mbuffer_head_push_first(&session->internals.
+								 record_buffer,
+								 bufel);
+				}
+
+				ret =
+				    parse_handshake_header(session, bufel,
+							   &recv_buf[0]);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+
+				header_size = ret;
+				session->internals.
+				    handshake_recv_buffer_size = 1;
+
+				_mbuffer_set_uhead_size(bufel,
+							header_size);
+
+				data_size =
+				    MIN(recv_buf[0].length,
+					_mbuffer_get_udata_size(bufel));
+				ret =
+				    _gnutls_buffer_append_data(&recv_buf
+							       [0].data,
+							       _mbuffer_get_udata_ptr
+							       (bufel),
+							       data_size);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+				_mbuffer_set_uhead_size(bufel, 0);
+				_mbuffer_head_remove_bytes(&session->
+							   internals.
+							   record_buffer,
+							   data_size +
+							   header_size);
+			}
+
+			/* if packet is complete then return it
+			 */
+			if (recv_buf[0].length == recv_buf[0].data.length) {
+				return 0;
+			}
+			bufel =
+			    _mbuffer_head_get_first(&session->internals.
+						    record_buffer, &msg);
+		}
+		while (bufel != NULL);
+
+		/* if we are here it means that the received packets were not
+		 * enough to complete the handshake packet.
+		 */
+		return gnutls_assert_val(GNUTLS_E_AGAIN);
+	} else {		/* DTLS */
+
+		handshake_buffer_st tmp;
+
+		do {
+			/* we now
+			 * 0. parse headers
+			 * 1. insert to handshake_recv_buffer
+			 * 2. sort handshake_recv_buffer on sequence numbers
+			 * 3. return first packet if completed or GNUTLS_E_AGAIN.
+			 */
+			do {
+				if (bufel->type != GNUTLS_HANDSHAKE) {
+					gnutls_assert();
+					goto next;	/* ignore packet */
+				}
+
+				_gnutls_handshake_buffer_init(&tmp);
+
+				ret =
+				    parse_handshake_header(session, bufel,
+							   &tmp);
+				if (ret < 0) {
+					gnutls_assert();
+					_gnutls_audit_log(session,
+							  "Invalid handshake packet headers. Discarding.\n");
+					break;
+				}
+
+				_mbuffer_consume(&session->internals.
+						 record_buffer, bufel,
+						 ret);
+
+				data_size =
+				    MIN(tmp.length,
+					tmp.end_offset - tmp.start_offset +
+					1);
+
+				ret =
+				    _gnutls_buffer_append_data(&tmp.data,
+							       _mbuffer_get_udata_ptr
+							       (bufel),
+							       data_size);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+
+				_mbuffer_consume(&session->internals.
+						 record_buffer, bufel,
+						 data_size);
+
+				ret =
+				    merge_handshake_packet(session, &tmp);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+
+			}
+			while (_mbuffer_get_udata_size(bufel) > 0);
+
+			prev = bufel;
+			bufel =
+			    _mbuffer_dequeue(&session->internals.
+					     record_buffer, bufel);
+
+			_mbuffer_xfree(&prev);
+			continue;
+
+		      next:
+			bufel = _mbuffer_head_get_next(bufel, NULL);
+		}
+		while (bufel != NULL);
+
+		/* sort in descending order */
+		if (session->internals.handshake_recv_buffer_size > 1)
+			qsort(recv_buf,
+			      session->internals.
+			      handshake_recv_buffer_size,
+			      sizeof(recv_buf[0]), handshake_compare);
+
+		while (session->internals.handshake_recv_buffer_size > 0 &&
+		       recv_buf[LAST_ELEMENT].sequence <
+		       session->internals.dtls.hsk_read_seq) {
+			_gnutls_audit_log(session,
+					  "Discarded replayed handshake packet with sequence %d\n",
+					  recv_buf[LAST_ELEMENT].sequence);
+			_gnutls_handshake_buffer_clear(&recv_buf
+						       [LAST_ELEMENT]);
+			session->internals.handshake_recv_buffer_size--;
+		}
+
+		return 0;
+	}
+}
+
+/* This is a receive function for the gnutls handshake
+ * protocol. Makes sure that we have received all data.
+ */
+ssize_t
+_gnutls_handshake_io_recv_int(gnutls_session_t session,
+			      gnutls_handshake_description_t htype,
+			      handshake_buffer_st * hsk,
+			      unsigned int optional)
+{
+	int ret;
+	unsigned int tleft = 0;
+	int retries = 7;
+
+	ret = get_last_packet(session, htype, hsk, optional);
+	if (ret != GNUTLS_E_AGAIN && ret != GNUTLS_E_INTERRUPTED &&
+	    ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE &&
+	    ret != GNUTLS_E_INT_CHECK_AGAIN) {
+		return gnutls_assert_val(ret);
+	}
+
+	/* try using the already existing records before
+	 * trying to receive.
+	 */
+	ret = _gnutls_parse_record_buffered_msgs(session);
+
+	if (ret == 0) {
+		ret = get_last_packet(session, htype, hsk, optional);
+	}
+
+	if (IS_DTLS(session)) {
+		if (ret >= 0)
+			return ret;
+	} else {
+		if ((ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+		     && ret < 0) || ret >= 0)
+			return gnutls_assert_val(ret);
+	}
+
+	/* If handshake is handled manually, don't receive records from I/O */
+	if (session->internals.h_read_func)
+		return GNUTLS_E_AGAIN;
+
+	if (htype != (gnutls_handshake_description_t) -1) {
+		ret = handshake_remaining_time(session);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		tleft = ret;
+	}
+
+	do {
+		/* if we don't have a complete message waiting for us, try
+		 * receiving more */
+		ret =
+		    _gnutls_recv_in_buffers(session, GNUTLS_HANDSHAKE, htype,
+					    tleft);
+		if (ret < 0)
+			return gnutls_assert_val_fatal(ret);
+
+		ret = _gnutls_parse_record_buffered_msgs(session);
+		if (ret == 0) {
+			ret = get_last_packet(session, htype, hsk, optional);
+		}
+		/* we put an upper limit (retries) to the number of partial handshake
+		 * messages in a record packet. */
+	} while(IS_DTLS(session) && ret == GNUTLS_E_INT_CHECK_AGAIN && retries-- > 0);
+
+	if (unlikely(IS_DTLS(session) && ret == GNUTLS_E_INT_CHECK_AGAIN)) {
+		ret = gnutls_assert_val(GNUTLS_E_TOO_MANY_HANDSHAKE_PACKETS);
+	}
+
+	return ret;
+}
diff --git a/lib/buffers.h b/lib/buffers.h
new file mode 100644
index 0000000..5576020
--- /dev/null
+++ b/lib/buffers.h
@@ -0,0 +1,133 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_BUFFERS_H
+#define GNUTLS_LIB_BUFFERS_H
+
+#include "mbuffers.h"
+
+#define MBUFFER_FLUSH 1
+
+void
+_gnutls_record_buffer_put(gnutls_session_t session,
+			  content_type_t type, uint64_t seq,
+			  mbuffer_st * bufel);
+
+inline static int _gnutls_record_buffer_get_size(gnutls_session_t session)
+{
+	return session->internals.record_buffer.byte_length;
+}
+
+#define NO_TIMEOUT_FUNC_SET(session) unlikely(session->internals.pull_timeout_func == gnutls_system_recv_timeout \
+	     && session->internals.pull_func != system_read)
+
+/*-
+ * record_check_unprocessed:
+ * @session: is a #gnutls_session_t structure.
+ *
+ * This function checks if there are unprocessed data
+ * in the gnutls record buffers. Those data might not
+ * be complete records.
+ *
+ * Returns: Returns the size of the data or zero.
+ -*/
+inline static size_t record_check_unprocessed(gnutls_session_t session)
+{
+	return session->internals.record_recv_buffer.byte_length;
+}
+
+int _gnutls_record_buffer_get(content_type_t type,
+			      gnutls_session_t session, uint8_t * data,
+			      size_t length, uint8_t seq[8]);
+int _gnutls_record_buffer_get_packet(content_type_t type,
+				     gnutls_session_t session,
+				     gnutls_packet_t *packet);
+ssize_t _gnutls_io_read_buffered(gnutls_session_t, size_t n,
+				 content_type_t, unsigned int *ms);
+int _gnutls_io_clear_peeked_data(gnutls_session_t session);
+
+ssize_t _gnutls_io_write_buffered(gnutls_session_t session,
+				  mbuffer_st * bufel, unsigned int mflag);
+
+int _gnutls_handshake_io_cache_int(gnutls_session_t,
+				   gnutls_handshake_description_t,
+				   mbuffer_st * bufel);
+
+ssize_t
+_gnutls_handshake_io_recv_int(gnutls_session_t session,
+			      gnutls_handshake_description_t htype,
+			      handshake_buffer_st * hsk,
+			      unsigned int optional);
+
+ssize_t _gnutls_io_write_flush(gnutls_session_t session);
+int _gnutls_io_check_recv(gnutls_session_t session, unsigned int ms);
+ssize_t _gnutls_handshake_io_write_flush(gnutls_session_t session);
+
+inline static void _gnutls_handshake_buffer_clear(handshake_buffer_st *
+						  hsk)
+{
+	_gnutls_buffer_clear(&hsk->data);
+	hsk->htype = -1;
+}
+
+inline static void _gnutls_handshake_buffer_init(handshake_buffer_st * hsk)
+{
+	memset(hsk, 0, sizeof(*hsk));
+	_gnutls_buffer_init(&hsk->data);
+	hsk->htype = -1;
+}
+
+inline static void _gnutls_handshake_recv_buffer_clear(gnutls_session_t
+						       session)
+{
+	int i;
+	for (i = 0; i < session->internals.handshake_recv_buffer_size; i++)
+		_gnutls_handshake_buffer_clear(&session->internals.
+					       handshake_recv_buffer[i]);
+	session->internals.handshake_recv_buffer_size = 0;
+	_mbuffer_head_clear(&session->internals.handshake_header_recv_buffer);
+}
+
+inline static void _gnutls_handshake_recv_buffer_init(gnutls_session_t
+						      session)
+{
+	int i;
+	for (i = 0; i < MAX_HANDSHAKE_MSGS; i++) {
+		_gnutls_handshake_buffer_init(&session->internals.
+					      handshake_recv_buffer[i]);
+	}
+	session->internals.handshake_recv_buffer_size = 0;
+	_mbuffer_head_init(&session->internals.handshake_header_recv_buffer);
+}
+
+int _gnutls_parse_record_buffered_msgs(gnutls_session_t session);
+
+ssize_t
+_gnutls_recv_in_buffers(gnutls_session_t session, content_type_t type,
+			gnutls_handshake_description_t htype,
+			unsigned int ms);
+
+#define _gnutls_handshake_io_buffer_clear( session) \
+	_mbuffer_head_clear( &session->internals.handshake_send_buffer); \
+	_gnutls_handshake_recv_buffer_clear( session);
+
+#endif /* GNUTLS_LIB_BUFFERS_H */
diff --git a/lib/cert-cred-rawpk.c b/lib/cert-cred-rawpk.c
new file mode 100644
index 0000000..56bc5f6
--- /dev/null
+++ b/lib/cert-cred-rawpk.c
@@ -0,0 +1,365 @@
+/*
+ * Copyright (C) 2017 - 2018 ARPA2 project
+ *
+ * Author: Tom Vrancken (dev@tomvrancken.nl)
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/gnutls.h>
+#include "datum.h"
+#include "auth/cert.h"
+#include "x509.h"
+#include "cert-cred.h"
+#include "read-file.h"
+#include <stdint.h>
+
+
+/**
+ * gnutls_certificate_set_rawpk_key_mem:
+ * @cred: is a #gnutls_certificate_credentials_t type.
+ * @spki: contains a raw public key in
+ *   PKIX.SubjectPublicKeyInfo format.
+ * @pkey: contains a raw private key.
+ * @format: encoding of the keys. DER or PEM.
+ * @pass: an optional password to unlock the private key pkey.
+ * @key_usage: An ORed sequence of %GNUTLS_KEY_* flags.
+ * @names: is an array of DNS names belonging to the public-key (NULL if none).
+ * @names_length: holds the length of the names list.
+ * @flags: an ORed sequence of #gnutls_pkcs_encrypt_flags_t.
+ *   These apply to the private key pkey.
+ *
+ * This function sets a public/private keypair in the
+ * #gnutls_certificate_credentials_t type to be used for authentication
+ * and/or encryption. @spki and @privkey should match otherwise set
+ * signatures cannot be validated. In case of no match this function
+ * returns %GNUTLS_E_CERTIFICATE_KEY_MISMATCH. This function should
+ * be called once for the client because there is currently no mechanism
+ * to determine which raw public-key to select for the peer when there
+ * are multiple present. Multiple raw public keys for the server can be
+ * distinghuished by setting the @names.
+ *
+ * Note here that @spki is a raw public-key as defined
+ * in RFC7250. It means that there is no surrounding certificate that
+ * holds the public key and that there is therefore no direct mechanism
+ * to prove the authenticity of this key. The keypair can be used during
+ * a TLS handshake but its authenticity should be established via a
+ * different mechanism (e.g. TOFU or known fingerprint).
+ *
+ * The supported formats are basic unencrypted key, PKCS8, PKCS12,
+ * and the openssl format and will be autodetected.
+ *
+ * If the raw public-key and the private key are given in PEM encoding
+ * then the strings that hold their values must be null terminated.
+ *
+ * Key usage (as defined by X.509 extension (2.5.29.15)) can be explicitly
+ * set because there is no certificate structure around the key to define
+ * this value. See for more info gnutls_x509_crt_get_key_usage().
+ *
+ * Note that, this function by default returns zero on success and a
+ * negative value on error. Since 3.5.6, when the flag %GNUTLS_CERTIFICATE_API_V2
+ * is set using gnutls_certificate_set_flags() it returns an index
+ * (greater or equal to zero). That index can be used in other functions
+ * to refer to the added key-pair.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, in case the
+ *   key pair does not match %GNUTLS_E_CERTIFICATE_KEY_MISMATCH is returned,
+ *   in other erroneous cases a different negative error code is returned.
+ *
+ * Since: 3.6.6
+ **/
+int gnutls_certificate_set_rawpk_key_mem(gnutls_certificate_credentials_t cred,
+				    const gnutls_datum_t* spki,
+				    const gnutls_datum_t* pkey,
+				    gnutls_x509_crt_fmt_t format,
+				    const char* pass,
+				    unsigned int key_usage,
+				    const char **names,
+				    unsigned int names_length,
+				    unsigned int flags)
+{
+	int ret;
+	gnutls_privkey_t privkey;
+	gnutls_pcert_st* pcert;
+	gnutls_str_array_t str_names;
+	unsigned int i;
+
+	if (pkey == NULL || spki == NULL) {
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+	}
+
+	/* Import our private key. This function does all the necessary
+	 * inits, checks and imports. */
+	ret = _gnutls_read_key_mem(cred, pkey->data, pkey->size,
+				format, pass, flags, &privkey);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	/* We now convert our raw public key to a parsed certificate (pcert) structure */
+	pcert = gnutls_calloc(1, sizeof(*pcert));
+	if (pcert == NULL) {
+		gnutls_privkey_deinit(privkey);
+
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+	// Import our raw public key to the pcert structure
+	ret = gnutls_pcert_import_rawpk_raw(pcert, spki,
+					format, key_usage, 0);
+	if (ret < 0) {
+		gnutls_privkey_deinit(privkey);
+
+		return gnutls_assert_val(ret);
+	}
+
+	/* Process the names, if any */
+	_gnutls_str_array_init(&str_names);
+
+	if (names != NULL && names_length > 0) {
+		for (i = 0; i < names_length; i++) {
+			ret =
+			    _gnutls_str_array_append_idna(&str_names, names[i],
+						     strlen(names[i]));
+			if (ret < 0) {
+				gnutls_privkey_deinit(privkey);
+				_gnutls_str_array_clear(&str_names);
+
+				return gnutls_assert_val(ret);
+			}
+		}
+	}
+
+	/* Now that we have converted the key material to our internal structures
+	 * we can now add them to the credentials structure */
+	ret = _gnutls_certificate_credential_append_keypair(cred, privkey, str_names, pcert, 1);
+	// Check for errors
+	if (ret < 0) {
+		gnutls_privkey_deinit(privkey);
+		gnutls_pcert_deinit(pcert);
+		gnutls_free(pcert);
+
+		return gnutls_assert_val(ret);
+	}
+	// Successfully added a certificate
+	cred->ncerts++;
+
+	/* Check whether the key pair matches.
+	 * After this point we do not deinitialize anything on failure to avoid
+	 * double freeing. We intentionally keep everything as the credentials state
+	 * is documented to be in undefined state. */
+	if ((ret = _gnutls_check_key_cert_match(cred)) < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	CRED_RET_SUCCESS(cred);
+}
+
+
+/**
+ * gnutls_certificate_set_rawpk_key_file:
+ * @cred: is a #gnutls_certificate_credentials_t type.
+ * @rawpkfile: contains a raw public key in
+ *   PKIX.SubjectPublicKeyInfo format.
+ * @privkeyfile: contains a file path to a private key.
+ * @format: encoding of the keys. DER or PEM.
+ * @pass: an optional password to unlock the private key privkeyfile.
+ * @key_usage: an ORed sequence of %GNUTLS_KEY_* flags.
+ * @names: is an array of DNS names belonging to the public-key (NULL if none).
+ * @names_length: holds the length of the names list.
+ * @privkey_flags: an ORed sequence of #gnutls_pkcs_encrypt_flags_t.
+ *   These apply to the private key pkey.
+ * @pkcs11_flags: one of gnutls_pkcs11_obj_flags. These apply to URLs.
+ *
+ * This function sets a public/private keypair read from file in the
+ * #gnutls_certificate_credentials_t type to be used for authentication
+ * and/or encryption. @spki and @privkey should match otherwise set
+ * signatures cannot be validated. In case of no match this function
+ * returns %GNUTLS_E_CERTIFICATE_KEY_MISMATCH. This function should
+ * be called once for the client because there is currently no mechanism
+ * to determine which raw public-key to select for the peer when there
+ * are multiple present. Multiple raw public keys for the server can be
+ * distinghuished by setting the @names.
+ *
+ * Note here that @spki is a raw public-key as defined
+ * in RFC7250. It means that there is no surrounding certificate that
+ * holds the public key and that there is therefore no direct mechanism
+ * to prove the authenticity of this key. The keypair can be used during
+ * a TLS handshake but its authenticity should be established via a
+ * different mechanism (e.g. TOFU or known fingerprint).
+ *
+ * The supported formats are basic unencrypted key, PKCS8, PKCS12,
+ * and the openssl format and will be autodetected.
+ *
+ * If the raw public-key and the private key are given in PEM encoding
+ * then the strings that hold their values must be null terminated.
+ *
+ * Key usage (as defined by X.509 extension (2.5.29.15)) can be explicitly
+ * set because there is no certificate structure around the key to define
+ * this value. See for more info gnutls_x509_crt_get_key_usage().
+ *
+ * Note that, this function by default returns zero on success and a
+ * negative value on error. Since 3.5.6, when the flag %GNUTLS_CERTIFICATE_API_V2
+ * is set using gnutls_certificate_set_flags() it returns an index
+ * (greater or equal to zero). That index can be used in other functions
+ * to refer to the added key-pair.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, in case the
+ *   key pair does not match %GNUTLS_E_CERTIFICATE_KEY_MISMATCH is returned,
+ *   in other erroneous cases a different negative error code is returned.
+ *
+ * Since: 3.6.6
+ */
+int gnutls_certificate_set_rawpk_key_file(gnutls_certificate_credentials_t cred,
+				      const char* rawpkfile,
+				      const char* privkeyfile,
+				      gnutls_x509_crt_fmt_t format,
+				      const char *pass,
+				      unsigned int key_usage,
+				      const char **names,
+				      unsigned int names_length,
+				      unsigned int privkey_flags,
+				      unsigned int pkcs11_flags)
+{
+	int ret;
+	gnutls_privkey_t privkey;
+	gnutls_pubkey_t pubkey;
+	gnutls_pcert_st* pcert;
+	gnutls_str_array_t str_names;
+	unsigned int i;
+
+	if (rawpkfile == NULL || privkeyfile == NULL) {
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+	}
+
+	/* Import our private key. This function does all the necessary
+	 * inits, checks and imports. */
+	ret = _gnutls_read_key_file(cred, privkeyfile, format, pass, privkey_flags, &privkey);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	pcert = gnutls_calloc(1, sizeof(*pcert));
+	if (pcert == NULL) {
+		gnutls_privkey_deinit(privkey);
+
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	/* Check whether we are importing our raw public-key from a URL
+	 * or from a regular file.
+	 */
+	if (gnutls_url_is_supported(rawpkfile)) {
+
+		ret = gnutls_pubkey_init(&pubkey);
+		if (ret < 0) {
+			gnutls_privkey_deinit(privkey);
+
+			return gnutls_assert_val(ret);
+		}
+
+		ret = gnutls_pubkey_import_url(pubkey, rawpkfile, pkcs11_flags);
+		if (ret < 0) {
+			gnutls_privkey_deinit(privkey);
+			gnutls_pubkey_deinit(pubkey);
+
+			return gnutls_assert_val(ret);
+		}
+
+		ret = gnutls_pcert_import_rawpk(pcert, pubkey, 0);
+		if (ret < 0) {
+			gnutls_privkey_deinit(privkey);
+			gnutls_pubkey_deinit(pubkey);
+
+			return gnutls_assert_val(ret);
+		}
+
+	} else {
+		gnutls_datum_t rawpubkey; // to hold rawpk data from file
+		size_t key_size;
+
+		/* Read our raw public-key into memory from file */
+		rawpubkey.data = (void*) read_file(rawpkfile,
+						   RF_BINARY | RF_SENSITIVE,
+						   &key_size);
+		if (rawpubkey.data == NULL) {
+			gnutls_privkey_deinit(privkey);
+
+			return gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+		}
+		rawpubkey.size = key_size; // Implicit type casting
+
+		/* We now convert our raw public key that we've loaded into memory to
+		 * a parsed certificate (pcert) structure. Note that rawpubkey will
+		 * be copied into pcert. Therefore we can directly cleanup rawpubkey.
+		 */
+		ret = gnutls_pcert_import_rawpk_raw(pcert, &rawpubkey,
+						format, key_usage, 0);
+
+		zeroize_key(rawpubkey.data, rawpubkey.size);
+		free(rawpubkey.data);
+		rawpubkey.size = 0;
+
+		if (ret < 0) {
+			gnutls_privkey_deinit(privkey);
+
+			return gnutls_assert_val(ret);
+		}
+
+	}
+
+	/* Process the names, if any */
+	_gnutls_str_array_init(&str_names);
+
+	if (names != NULL && names_length > 0) {
+		for (i = 0; i < names_length; i++) {
+			ret =
+			    _gnutls_str_array_append_idna(&str_names, names[i],
+						     strlen(names[i]));
+			if (ret < 0) {
+				gnutls_privkey_deinit(privkey);
+				_gnutls_str_array_clear(&str_names);
+
+				return gnutls_assert_val(ret);
+			}
+		}
+	}
+
+	/* Now that we have converted the key material to our internal structures
+	 * we can now add them to the credentials structure */
+	ret = _gnutls_certificate_credential_append_keypair(cred, privkey, str_names, pcert, 1);
+	if (ret < 0) {
+		gnutls_privkey_deinit(privkey);
+		gnutls_pcert_deinit(pcert);
+		gnutls_free(pcert);
+
+		return gnutls_assert_val(ret);
+	}
+	// Successfully added a certificate
+	cred->ncerts++;
+
+	/* Check whether the key pair matches.
+	 * After this point we do not deinitialize anything on failure to avoid
+	 * double freeing. We intentionally keep everything as the credentials state
+	 * is documented to be in undefined state. */
+	if ((ret = _gnutls_check_key_cert_match(cred)) < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	CRED_RET_SUCCESS(cred);
+}
+
diff --git a/lib/cert-cred-x509.c b/lib/cert-cred-x509.c
new file mode 100644
index 0000000..bbe2750
--- /dev/null
+++ b/lib/cert-cred-x509.c
@@ -0,0 +1,1644 @@
+/*
+ * Copyright (C) 2002-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "auth.h"
+#include "errors.h"
+#include <auth/cert.h>
+#include "dh.h"
+#include "num.h"
+#include "datum.h"
+#include <pk.h>
+#include <algorithms.h>
+#include <global.h>
+#include <record.h>
+#include <tls-sig.h>
+#include <state.h>
+#include <pk.h>
+#include "str.h"
+#include <debug.h>
+#include <x509_b64.h>
+#include <x509.h>
+#include "x509/common.h"
+#include "x509/x509_int.h"
+#include <str_array.h>
+#include <gnutls/x509.h>
+#include "read-file.h"
+#include "system-keys.h"
+#include "urls.h"
+#include "cert-cred.h"
+#ifdef _WIN32
+#include <wincrypt.h>
+#endif
+
+/*
+ * This file includes functions related to adding certificates and other
+ * related objects in a certificate credentials structure.
+ */
+
+
+/* Returns the name of the certificate of a null name
+ */
+int _gnutls_get_x509_name(gnutls_x509_crt_t crt, gnutls_str_array_t * names)
+{
+	size_t max_size;
+	int i, ret = 0, ret2;
+	char name[MAX_CN];
+	unsigned have_dns_name = 0;
+
+	for (i = 0; !(ret < 0); i++) {
+		max_size = sizeof(name);
+
+		ret =
+		    gnutls_x509_crt_get_subject_alt_name(crt, i, name,
+							 &max_size, NULL);
+		if (ret == GNUTLS_SAN_DNSNAME) {
+			have_dns_name = 1;
+
+			ret2 =
+			    _gnutls_str_array_append_idna(names, name,
+						  max_size);
+			if (ret2 < 0) {
+				_gnutls_str_array_clear(names);
+				return gnutls_assert_val(ret2);
+			}
+		}
+	}
+
+	if (have_dns_name == 0) {
+		max_size = sizeof(name);
+		ret =
+		    gnutls_x509_crt_get_dn_by_oid(crt, OID_X520_COMMON_NAME, 0, 0,
+						  name, &max_size);
+		if (ret >= 0) {
+			ret = _gnutls_str_array_append_idna(names, name, max_size);
+			if (ret < 0) {
+				_gnutls_str_array_clear(names);
+				return gnutls_assert_val(ret);
+			}
+		}
+	}
+
+	return 0;
+}
+
+/* Reads a DER encoded certificate list from memory and stores it to a
+ * gnutls_cert structure. Returns the number of certificates parsed.
+ */
+static int
+parse_der_cert_mem(gnutls_certificate_credentials_t res,
+		   gnutls_privkey_t key,
+		   const void *input_cert, int input_cert_size)
+{
+	gnutls_datum_t tmp;
+	gnutls_x509_crt_t crt;
+	gnutls_pcert_st *ccert;
+	int ret;
+	gnutls_str_array_t names;
+
+	_gnutls_str_array_init(&names);
+
+	ccert = gnutls_malloc(sizeof(*ccert));
+	if (ccert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret = gnutls_x509_crt_init(&crt);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	tmp.data = (uint8_t *) input_cert;
+	tmp.size = input_cert_size;
+
+	ret = gnutls_x509_crt_import(crt, &tmp, GNUTLS_X509_FMT_DER);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_x509_crt_deinit(crt);
+		goto cleanup;
+	}
+
+	ret = _gnutls_get_x509_name(crt, &names);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_x509_crt_deinit(crt);
+		goto cleanup;
+	}
+
+	ret = gnutls_pcert_import_x509(ccert, crt, 0);
+	gnutls_x509_crt_deinit(crt);
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_certificate_credential_append_keypair(res, key, names, ccert, 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	return ret;
+
+      cleanup:
+	_gnutls_str_array_clear(&names);
+	gnutls_free(ccert);
+	return ret;
+}
+
+/* Reads a base64 encoded certificate list from memory and stores it to
+ * a gnutls_cert structure. Returns the number of certificate parsed.
+ */
+static int
+parse_pem_cert_mem(gnutls_certificate_credentials_t res,
+		   gnutls_privkey_t key,
+		   const char *input_cert, int input_cert_size)
+{
+	int size;
+	const char *ptr;
+	gnutls_datum_t tmp;
+	int ret, count, i;
+	unsigned ncerts = 0;
+	gnutls_pcert_st *pcerts = NULL;
+	gnutls_str_array_t names;
+	gnutls_x509_crt_t unsorted[DEFAULT_MAX_VERIFY_DEPTH];
+
+	_gnutls_str_array_init(&names);
+
+	/* move to the certificate
+	 */
+	ptr = memmem(input_cert, input_cert_size,
+		     PEM_CERT_SEP, sizeof(PEM_CERT_SEP) - 1);
+	if (ptr == NULL)
+		ptr = memmem(input_cert, input_cert_size,
+			     PEM_CERT_SEP2, sizeof(PEM_CERT_SEP2) - 1);
+
+	if (ptr == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_BASE64_DECODING_ERROR;
+	}
+	size = input_cert_size - (ptr - input_cert);
+
+	count = 0;
+
+	do {
+		tmp.data = (void *) ptr;
+		tmp.size = size;
+
+		ret = gnutls_x509_crt_init(&unsorted[count]);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = gnutls_x509_crt_import(unsorted[count], &tmp, GNUTLS_X509_FMT_PEM);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		count++;
+
+		/* now we move ptr after the pem header
+		 */
+		ptr++;
+		size--;
+
+		/* find the next certificate (if any)
+		 */
+
+		if (size > 0) {
+			char *ptr3;
+
+			ptr3 =
+			    memmem(ptr, size, PEM_CERT_SEP,
+				   sizeof(PEM_CERT_SEP) - 1);
+			if (ptr3 == NULL)
+				ptr3 = memmem(ptr, size, PEM_CERT_SEP2,
+					      sizeof(PEM_CERT_SEP2) - 1);
+
+			ptr = ptr3;
+			size = input_cert_size - (ptr - input_cert);
+		} else
+			ptr = NULL;
+
+	}
+	while (ptr != NULL && count < DEFAULT_MAX_VERIFY_DEPTH);
+
+	ret =
+	    _gnutls_get_x509_name(unsorted[0], &names);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	pcerts = _gnutls_reallocarray(NULL, count, sizeof(gnutls_pcert_st));
+	if (pcerts == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ncerts = count;
+	ret =
+	    gnutls_pcert_import_x509_list(pcerts, unsorted, &ncerts, GNUTLS_X509_CRT_LIST_SORT);
+	if (ret < 0) {
+		gnutls_free(pcerts);
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_certificate_credential_append_keypair(res, key, names, pcerts, ncerts);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	for (i = 0; i < count; i++)
+		gnutls_x509_crt_deinit(unsorted[i]);
+
+	return ncerts;
+
+      cleanup:
+	_gnutls_str_array_clear(&names);
+	for (i = 0; i < count; i++)
+		gnutls_x509_crt_deinit(unsorted[i]);
+	if (pcerts) {
+		for (i = 0; i < count; i++)
+			gnutls_pcert_deinit(&pcerts[i]);
+		gnutls_free(pcerts);
+	}
+	return ret;
+}
+
+
+
+/* Reads a DER or PEM certificate from memory
+ */
+static int
+read_cert_mem(gnutls_certificate_credentials_t res,
+	      gnutls_privkey_t key,
+	      const void *cert,
+	      int cert_size, gnutls_x509_crt_fmt_t type)
+{
+	int ret;
+
+	if (type == GNUTLS_X509_FMT_DER)
+		ret = parse_der_cert_mem(res, key, cert, cert_size);
+	else
+		ret = parse_pem_cert_mem(res, key, cert, cert_size);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return ret;
+}
+
+static int tmp_pin_cb(void *userdata, int attempt, const char *token_url,
+		      const char *token_label, unsigned int flags,
+		      char *pin, size_t pin_max)
+{
+	const char *tmp_pin = userdata;
+
+	if (attempt == 0) {
+		snprintf(pin, pin_max, "%s", tmp_pin);
+		return 0;
+	}
+
+	return -1;
+}
+
+/* Reads a PEM encoded PKCS-1 RSA/DSA private key from memory.  Type
+ * indicates the certificate format.
+ *
+ * It returns the private key read in @rkey.
+ */
+int
+_gnutls_read_key_mem(gnutls_certificate_credentials_t res,
+	     const void *key, int key_size, gnutls_x509_crt_fmt_t type,
+	     const char *pass, unsigned int flags,
+	     gnutls_privkey_t *rkey)
+{
+	int ret;
+	gnutls_datum_t tmp;
+	gnutls_privkey_t privkey;
+
+	if (key) {
+		tmp.data = (uint8_t *) key;
+		tmp.size = key_size;
+
+		ret = gnutls_privkey_init(&privkey);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		if (res->pin.cb) {
+			gnutls_privkey_set_pin_function(privkey,
+							res->pin.cb,
+							res->pin.data);
+		} else if (pass != NULL) {
+			snprintf(res->pin_tmp, sizeof(res->pin_tmp), "%s",
+				 pass);
+			gnutls_privkey_set_pin_function(privkey,
+							tmp_pin_cb,
+							res->pin_tmp);
+		}
+
+		ret =
+		    gnutls_privkey_import_x509_raw(privkey, &tmp, type,
+						   pass, flags);
+		if (ret < 0) {
+			gnutls_assert();
+			gnutls_privkey_deinit(privkey);
+			return ret;
+		}
+
+		*rkey = privkey;
+	} else {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return 0;
+}
+
+
+/* Reads a private key from a token.
+ */
+static int
+read_key_url(gnutls_certificate_credentials_t res, const char *url, gnutls_privkey_t *rkey)
+{
+	int ret;
+	gnutls_privkey_t pkey = NULL;
+
+	/* allocate space for the pkey list
+	 */
+	ret = gnutls_privkey_init(&pkey);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (res->pin.cb)
+		gnutls_privkey_set_pin_function(pkey, res->pin.cb,
+						res->pin.data);
+
+	ret = gnutls_privkey_import_url(pkey, url, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	*rkey = pkey;
+
+	return 0;
+
+      cleanup:
+	if (pkey)
+		gnutls_privkey_deinit(pkey);
+
+	return ret;
+}
+
+
+#define MAX_PKCS11_CERT_CHAIN 8
+/* Reads a certificate key from a token.
+ */
+static int
+read_cert_url(gnutls_certificate_credentials_t res, gnutls_privkey_t key, const char *url)
+{
+	int ret;
+	gnutls_x509_crt_t crt = NULL;
+	gnutls_pcert_st *ccert = NULL;
+	gnutls_str_array_t names;
+	gnutls_datum_t t = {NULL, 0};
+	unsigned i, count = 0;
+
+	_gnutls_str_array_init(&names);
+
+	ccert = _gnutls_reallocarray(NULL, MAX_PKCS11_CERT_CHAIN,
+				     sizeof(*ccert));
+	if (ccert == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_crt_init(&crt);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (res->pin.cb)
+		gnutls_x509_crt_set_pin_function(crt, res->pin.cb,
+						 res->pin.data);
+
+	ret = gnutls_x509_crt_import_url(crt, url, 0);
+	if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+		ret =
+		    gnutls_x509_crt_import_url(crt, url,
+					       GNUTLS_PKCS11_OBJ_FLAG_LOGIN);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_get_x509_name(crt, &names);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Try to load the whole certificate chain from the PKCS #11 token */
+	for (i=0;i<MAX_PKCS11_CERT_CHAIN;i++) {
+		ret = gnutls_x509_crt_check_issuer(crt, crt);
+		if (i > 0 && ret != 0) {
+			/* self signed */
+			break;
+		}
+
+		ret = gnutls_pcert_import_x509(&ccert[i], crt, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		count++;
+
+		ret = _gnutls_get_raw_issuer(url, crt, &t, 0);
+		if (ret < 0)
+			break;
+
+		gnutls_x509_crt_deinit(crt);
+		crt = NULL;
+		ret = gnutls_x509_crt_init(&crt);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = gnutls_x509_crt_import(crt, &t, GNUTLS_X509_FMT_DER);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		gnutls_free(t.data);
+	}
+
+	ret = _gnutls_certificate_credential_append_keypair(res, key, names, ccert, count);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (crt != NULL)
+		gnutls_x509_crt_deinit(crt);
+
+	return 0;
+cleanup:
+	if (crt != NULL)
+		gnutls_x509_crt_deinit(crt);
+	gnutls_free(t.data);
+	_gnutls_str_array_clear(&names);
+	gnutls_free(ccert);
+	return ret;
+}
+
+/* Reads a certificate file
+ */
+static int
+read_cert_file(gnutls_certificate_credentials_t res,
+	       gnutls_privkey_t key,
+	       const char *certfile, gnutls_x509_crt_fmt_t type)
+{
+	int ret;
+	size_t size;
+	char *data;
+
+	if (gnutls_url_is_supported(certfile)) {
+		return read_cert_url(res, key, certfile);
+	}
+
+	data = read_file(certfile, RF_BINARY, &size);
+
+	if (data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_FILE_ERROR;
+	}
+
+	ret = read_cert_mem(res, key, data, size, type);
+	free(data);
+
+	return ret;
+
+}
+
+
+
+/* Reads PKCS-1 RSA private key file or a DSA file (in the format openssl
+ * stores it).
+ */
+int
+_gnutls_read_key_file(gnutls_certificate_credentials_t res,
+	      const char *keyfile, gnutls_x509_crt_fmt_t type,
+	      const char *pass, unsigned int flags,
+	      gnutls_privkey_t *rkey)
+{
+	int ret;
+	size_t size;
+	char *data;
+
+	if (_gnutls_url_is_known(keyfile)) {
+		if (gnutls_url_is_supported(keyfile)) {
+			/* if no PIN function is specified, and we have a PIN,
+			 * specify one */
+			if (pass != NULL && res->pin.cb == NULL) {
+				snprintf(res->pin_tmp, sizeof(res->pin_tmp), "%s", pass);
+				gnutls_certificate_set_pin_function(res, tmp_pin_cb, res->pin_tmp);
+			}
+
+			return read_key_url(res, keyfile, rkey);
+		} else
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_UNIMPLEMENTED_FEATURE);
+	}
+
+	data = read_file(keyfile, RF_BINARY | RF_SENSITIVE, &size);
+
+	if (data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_FILE_ERROR;
+	}
+
+	ret = _gnutls_read_key_mem(res, data, size, type, pass, flags, rkey);
+	zeroize_key(data, size);
+	free(data);
+
+	return ret;
+}
+
+/**
+ * gnutls_certificate_set_x509_key_mem:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @cert: contains a certificate list (path) for the specified private key
+ * @key: is the private key, or %NULL
+ * @type: is PEM or DER
+ *
+ * This function sets a certificate/private key pair in the
+ * gnutls_certificate_credentials_t type. This function may be called
+ * more than once, in case multiple keys/certificates exist for the
+ * server.
+ *
+ * Note that the keyUsage (2.5.29.15) PKIX extension in X.509 certificates
+ * is supported. This means that certificates intended for signing cannot
+ * be used for ciphersuites that require encryption.
+ *
+ * If the certificate and the private key are given in PEM encoding
+ * then the strings that hold their values must be null terminated.
+ *
+ * The @key may be %NULL if you are using a sign callback, see
+ * gnutls_sign_callback_set().
+ *
+ * Note that, this function by default returns zero on success and a negative value on error.
+ * Since 3.5.6, when the flag %GNUTLS_CERTIFICATE_API_V2 is set using gnutls_certificate_set_flags()
+ * it returns an index (greater or equal to zero). That index can be used to other functions to refer to the added key-pair.
+ *
+ * Returns: On success this functions returns zero, and otherwise a negative value on error (see above for modifying that behavior).
+ *
+ **/
+int
+gnutls_certificate_set_x509_key_mem(gnutls_certificate_credentials_t res,
+				    const gnutls_datum_t * cert,
+				    const gnutls_datum_t * key,
+				    gnutls_x509_crt_fmt_t type)
+{
+	return gnutls_certificate_set_x509_key_mem2(res, cert, key, type,
+						    NULL, 0);
+}
+
+/**
+ * gnutls_certificate_set_x509_key_mem2:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @cert: contains a certificate list (path) for the specified private key
+ * @key: is the private key, or %NULL
+ * @type: is PEM or DER
+ * @pass: is the key's password
+ * @flags: an ORed sequence of gnutls_pkcs_encrypt_flags_t
+ *
+ * This function sets a certificate/private key pair in the
+ * gnutls_certificate_credentials_t type. This function may be called
+ * more than once, in case multiple keys/certificates exist for the
+ * server.
+ *
+ * Note that the keyUsage (2.5.29.15) PKIX extension in X.509 certificates
+ * is supported. This means that certificates intended for signing cannot
+ * be used for ciphersuites that require encryption.
+ *
+ * If the certificate and the private key are given in PEM encoding
+ * then the strings that hold their values must be null terminated.
+ *
+ * The @key may be %NULL if you are using a sign callback, see
+ * gnutls_sign_callback_set().
+ *
+ * Note that, this function by default returns zero on success and a negative value on error.
+ * Since 3.5.6, when the flag %GNUTLS_CERTIFICATE_API_V2 is set using gnutls_certificate_set_flags()
+ * it returns an index (greater or equal to zero). That index can be used to other functions to refer to the added key-pair.
+ *
+ * Returns: On success this functions returns zero, and otherwise a negative value on error (see above for modifying that behavior).
+ **/
+int
+gnutls_certificate_set_x509_key_mem2(gnutls_certificate_credentials_t res,
+				     const gnutls_datum_t * cert,
+				     const gnutls_datum_t * key,
+				     gnutls_x509_crt_fmt_t type,
+				     const char *pass, unsigned int flags)
+{
+	int ret;
+	gnutls_privkey_t rkey;
+
+	/* this should be first
+	 */
+	if ((ret = _gnutls_read_key_mem(res, key ? key->data : NULL,
+				key ? key->size : 0, type, pass,
+				flags, &rkey)) < 0)
+		return ret;
+
+	if ((ret = read_cert_mem(res, rkey, cert->data, cert->size, type)) < 0) {
+		gnutls_privkey_deinit(rkey);
+		return ret;
+	}
+
+	res->ncerts++;
+
+	if (key && (ret = _gnutls_check_key_cert_match(res)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	CRED_RET_SUCCESS(res);
+}
+
+
+/**
+ * gnutls_certificate_set_x509_key:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @cert_list: contains a certificate list (path) for the specified private key
+ * @cert_list_size: holds the size of the certificate list
+ * @key: is a #gnutls_x509_privkey_t key
+ *
+ * This function sets a certificate/private key pair in the
+ * gnutls_certificate_credentials_t type.  This function may be
+ * called more than once, in case multiple keys/certificates exist for
+ * the server.  For clients that wants to send more than their own end
+ * entity certificate (e.g., also an intermediate CA cert) then put
+ * the certificate chain in @cert_list.
+ *
+ * Note that the certificates and keys provided, can be safely deinitialized
+ * after this function is called.
+ *
+ * If that function fails to load the @res type is at an undefined state, it must
+ * not be reused to load other keys or certificates.
+ *
+ * Note that, this function by default returns zero on success and a negative value on error.
+ * Since 3.5.6, when the flag %GNUTLS_CERTIFICATE_API_V2 is set using gnutls_certificate_set_flags()
+ * it returns an index (greater or equal to zero). That index can be used to other functions to refer to the added key-pair.
+ *
+ * Returns: On success this functions returns zero, and otherwise a negative value on error (see above for modifying that behavior).
+ *
+ * Since: 2.4.0
+ **/
+int
+gnutls_certificate_set_x509_key(gnutls_certificate_credentials_t res,
+				gnutls_x509_crt_t * cert_list,
+				int cert_list_size,
+				gnutls_x509_privkey_t key)
+{
+	int ret;
+	int npcerts = 0;
+	gnutls_privkey_t pkey;
+	gnutls_pcert_st *pcerts = NULL;
+	gnutls_str_array_t names;
+
+	if (cert_list == NULL || cert_list_size < 1)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	_gnutls_str_array_init(&names);
+
+	/* this should be first
+	 */
+	ret = gnutls_privkey_init(&pkey);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (res->pin.cb)
+		gnutls_privkey_set_pin_function(pkey, res->pin.cb,
+						res->pin.data);
+
+	ret =
+	    gnutls_privkey_import_x509(pkey, key,
+				       GNUTLS_PRIVKEY_IMPORT_COPY);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* load certificates */
+	pcerts = _gnutls_reallocarray(NULL, cert_list_size,
+				      sizeof(gnutls_pcert_st));
+	if (pcerts == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret = _gnutls_get_x509_name(cert_list[0], &names);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+		gnutls_pcert_import_x509_list(pcerts, cert_list, (unsigned int*)&cert_list_size,
+					      GNUTLS_X509_CRT_LIST_SORT);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	npcerts = cert_list_size;
+
+	ret =
+	    _gnutls_certificate_credential_append_keypair(res, pkey, names, pcerts,
+						   npcerts);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	res->ncerts++;
+
+	/* after this point we do not deinitialize anything on failure to avoid
+	 * double freeing. We intentionally keep everything as the credentials state
+	 * is documented to be on undefined state. */
+	if ((ret = _gnutls_check_key_cert_match(res)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	CRED_RET_SUCCESS(res);
+
+      cleanup:
+	while (npcerts-- > 0)
+		gnutls_pcert_deinit(&pcerts[npcerts]);
+	gnutls_free(pcerts);
+	_gnutls_str_array_clear(&names);
+	return ret;
+}
+
+/**
+ * gnutls_certificate_get_x509_key:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @index: The index of the key to obtain.
+ * @key: Location to store the key.
+ *
+ * Obtains a X.509 private key that has been stored in @res with one of
+ * gnutls_certificate_set_x509_key(), gnutls_certificate_set_key(),
+ * gnutls_certificate_set_x509_key_file(),
+ * gnutls_certificate_set_x509_key_file2(),
+ * gnutls_certificate_set_x509_key_mem(), or
+ * gnutls_certificate_set_x509_key_mem2(). The returned key must be deallocated
+ * with gnutls_x509_privkey_deinit() when no longer needed.
+ *
+ * The @index matches the return value of gnutls_certificate_set_x509_key() and friends
+ * functions, when the %GNUTLS_CERTIFICATE_API_V2 flag is set.
+ *
+ * If there is no key with the given index,
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned. If the key with the
+ * given index is not a X.509 key, %GNUTLS_E_INVALID_REQUEST is returned.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success, or a negative error code.
+ *
+ * Since: 3.4.0
+ */
+int
+gnutls_certificate_get_x509_key(gnutls_certificate_credentials_t res,
+				unsigned index,
+				gnutls_x509_privkey_t *key)
+{
+	if (index >= res->ncerts) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	return gnutls_privkey_export_x509(res->certs[index].pkey, key);
+}
+
+/**
+ * gnutls_certificate_get_x509_crt:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @index: The index of the certificate list to obtain.
+ * @crt_list: Where to store the certificate list.
+ * @crt_list_size: Will hold the number of certificates.
+ *
+ * Obtains a X.509 certificate list that has been stored in @res with one of
+ * gnutls_certificate_set_x509_key(), gnutls_certificate_set_key(),
+ * gnutls_certificate_set_x509_key_file(),
+ * gnutls_certificate_set_x509_key_file2(),
+ * gnutls_certificate_set_x509_key_mem(), or
+ * gnutls_certificate_set_x509_key_mem2(). Each certificate in the returned
+ * certificate list must be deallocated with gnutls_x509_crt_deinit(), and the
+ * list itself must be freed with gnutls_free().
+ *
+ * The @index matches the return value of gnutls_certificate_set_x509_key() and friends
+ * functions, when the %GNUTLS_CERTIFICATE_API_V2 flag is set.
+ *
+ * If there is no certificate with the given index,
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned. If the certificate
+ * with the given index is not a X.509 certificate, %GNUTLS_E_INVALID_REQUEST
+ * is returned. The returned certificates must be deinitialized after
+ * use, and the @crt_list pointer must be freed using gnutls_free().
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success, or a negative error code.
+ *
+ * Since: 3.4.0
+ */
+int
+gnutls_certificate_get_x509_crt(gnutls_certificate_credentials_t res,
+				unsigned index,
+				gnutls_x509_crt_t **crt_list,
+				unsigned *crt_list_size)
+{
+	int ret;
+	unsigned i;
+
+	if (index >= res->ncerts) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	*crt_list_size = res->certs[index].cert_list_length;
+	*crt_list = _gnutls_reallocarray(NULL,
+					 res->certs[index].cert_list_length,
+					 sizeof (gnutls_x509_crt_t));
+	if (*crt_list == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	for (i = 0; i < res->certs[index].cert_list_length; ++i) {
+		ret = gnutls_pcert_export_x509(&res->certs[index].cert_list[i], &(*crt_list)[i]);
+		if (ret < 0) {
+			while (i--)
+				gnutls_x509_crt_deinit((*crt_list)[i]);
+			gnutls_free(*crt_list);
+
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_certificate_set_trust_list:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @tlist: is a #gnutls_x509_trust_list_t type
+ * @flags: must be zero
+ *
+ * This function sets a trust list in the gnutls_certificate_credentials_t type.
+ *
+ * Note that the @tlist will become part of the credentials
+ * structure and must not be deallocated. It will be automatically deallocated
+ * when the @res structure is deinitialized.
+ *
+ * Since: 3.2.2
+ **/
+void
+gnutls_certificate_set_trust_list(gnutls_certificate_credentials_t res,
+				  gnutls_x509_trust_list_t tlist,
+				  unsigned flags)
+{
+	gnutls_x509_trust_list_deinit(res->tlist, 1);
+
+	res->tlist = tlist;
+}
+
+/**
+ * gnutls_certificate_get_trust_list:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @tlist: Location where to store the trust list.
+ *
+ * Obtains the list of trusted certificates stored in @res and writes a
+ * pointer to it to the location @tlist. The pointer will point to memory
+ * internal to @res, and must not be deinitialized. It will be automatically
+ * deallocated when the @res structure is deinitialized.
+ *
+ * Since: 3.4.0
+ **/
+void
+gnutls_certificate_get_trust_list(gnutls_certificate_credentials_t res,
+				  gnutls_x509_trust_list_t *tlist)
+{
+	*tlist = res->tlist;
+}
+
+/**
+ * gnutls_certificate_set_x509_key_file:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @certfile: is a file that containing the certificate list (path) for
+ *   the specified private key, in PKCS7 format, or a list of certificates
+ * @keyfile: is a file that contains the private key
+ * @type: is PEM or DER
+ *
+ * This function sets a certificate/private key pair in the
+ * gnutls_certificate_credentials_t type.  This function may be
+ * called more than once, in case multiple keys/certificates exist for
+ * the server.  For clients that need to send more than its own end
+ * entity certificate, e.g., also an intermediate CA cert, then the
+ * @certfile must contain the ordered certificate chain.
+ *
+ * Note that the names in the certificate provided will be considered
+ * when selecting the appropriate certificate to use (in case of multiple
+ * certificate/key pairs).
+ *
+ * This function can also accept URLs at @keyfile and @certfile. In that case it
+ * will use the private key and certificate indicated by the URLs. Note
+ * that the supported URLs are the ones indicated by gnutls_url_is_supported().
+ *
+ * In case the @certfile is provided as a PKCS #11 URL, then the certificate, and its
+ * present issuers in the token are imported (i.e., forming the required trust chain).
+ *
+ * If that function fails to load the @res structure is at an undefined state, it must
+ * not be reused to load other keys or certificates.
+ *
+ * Note that, this function by default returns zero on success and a negative value on error.
+ * Since 3.5.6, when the flag %GNUTLS_CERTIFICATE_API_V2 is set using gnutls_certificate_set_flags()
+ * it returns an index (greater or equal to zero). That index can be used to other functions to refer to the added key-pair.
+ *
+ * Returns: On success this functions returns zero, and otherwise a negative value on error (see above for modifying that behavior).
+ *
+ * Since: 3.1.11
+ **/
+int
+gnutls_certificate_set_x509_key_file(gnutls_certificate_credentials_t res,
+				     const char *certfile,
+				     const char *keyfile,
+				     gnutls_x509_crt_fmt_t type)
+{
+	return gnutls_certificate_set_x509_key_file2(res, certfile,
+						     keyfile, type, NULL,
+						     0);
+}
+
+/**
+ * gnutls_certificate_set_x509_key_file2:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @certfile: is a file that containing the certificate list (path) for
+ *   the specified private key, in PKCS7 format, or a list of certificates
+ * @keyfile: is a file that contains the private key
+ * @type: is PEM or DER
+ * @pass: is the password of the key
+ * @flags: an ORed sequence of gnutls_pkcs_encrypt_flags_t
+ *
+ * This function sets a certificate/private key pair in the
+ * gnutls_certificate_credentials_t type.  This function may be
+ * called more than once, in case multiple keys/certificates exist for
+ * the server.  For clients that need to send more than its own end
+ * entity certificate, e.g., also an intermediate CA cert, then the
+ * @certfile must contain the ordered certificate chain.
+ *
+ * Note that the names in the certificate provided will be considered
+ * when selecting the appropriate certificate to use (in case of multiple
+ * certificate/key pairs).
+ *
+ * This function can also accept URLs at @keyfile and @certfile. In that case it
+ * will use the private key and certificate indicated by the URLs. Note
+ * that the supported URLs are the ones indicated by gnutls_url_is_supported().
+ * Before GnuTLS 3.4.0 when a URL was specified, the @pass part was ignored and a
+ * PIN callback had to be registered, this is no longer the case in current releases.
+ *
+ * In case the @certfile is provided as a PKCS #11 URL, then the certificate, and its
+ * present issuers in the token are imported (i.e., forming the required trust chain).
+ *
+ * If that function fails to load the @res structure is at an undefined state, it must
+ * not be reused to load other keys or certificates.
+ *
+ * Note that, this function by default returns zero on success and a negative value on error.
+ * Since 3.5.6, when the flag %GNUTLS_CERTIFICATE_API_V2 is set using gnutls_certificate_set_flags()
+ * it returns an index (greater or equal to zero). That index can be used to other functions to refer to the added key-pair.
+ *
+ * Returns: On success this functions returns zero, and otherwise a negative value on error (see above for modifying that behavior).
+ *
+ **/
+int
+gnutls_certificate_set_x509_key_file2(gnutls_certificate_credentials_t res,
+				      const char *certfile,
+				      const char *keyfile,
+				      gnutls_x509_crt_fmt_t type,
+				      const char *pass, unsigned int flags)
+{
+	int ret;
+	gnutls_privkey_t rkey;
+
+	/* this should be first
+	 */
+	if ((ret = _gnutls_read_key_file(res, keyfile, type, pass, flags, &rkey)) < 0)
+		return ret;
+
+	if ((ret = read_cert_file(res, rkey, certfile, type)) < 0) {
+		gnutls_privkey_deinit(rkey);
+		return ret;
+	}
+
+	res->ncerts++;
+
+	if ((ret = _gnutls_check_key_cert_match(res)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	CRED_RET_SUCCESS(res);
+}
+
+/**
+ * gnutls_certificate_set_x509_trust_mem:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @ca: is a list of trusted CAs or a DER certificate
+ * @type: is DER or PEM
+ *
+ * This function adds the trusted CAs in order to verify client or
+ * server certificates. In case of a client this is not required to be
+ * called if the certificates are not verified using
+ * gnutls_certificate_verify_peers2().  This function may be called
+ * multiple times.
+ *
+ * In case of a server the CAs set here will be sent to the client if
+ * a certificate request is sent. This can be disabled using
+ * gnutls_certificate_send_x509_rdn_sequence().
+ *
+ * Returns: the number of certificates processed or a negative error code
+ * on error.
+ **/
+int
+gnutls_certificate_set_x509_trust_mem(gnutls_certificate_credentials_t res,
+				      const gnutls_datum_t * ca,
+				      gnutls_x509_crt_fmt_t type)
+{
+int ret;
+
+	ret = gnutls_x509_trust_list_add_trust_mem(res->tlist, ca, NULL,
+					type, GNUTLS_TL_USE_IN_TLS, 0);
+	if (ret == GNUTLS_E_NO_CERTIFICATE_FOUND)
+		return 0;
+
+	return ret;
+}
+
+/**
+ * gnutls_certificate_set_x509_trust:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @ca_list: is a list of trusted CAs
+ * @ca_list_size: holds the size of the CA list
+ *
+ * This function adds the trusted CAs in order to verify client
+ * or server certificates. In case of a client this is not required
+ * to be called if the certificates are not verified using
+ * gnutls_certificate_verify_peers2().
+ * This function may be called multiple times.
+ *
+ * In case of a server the CAs set here will be sent to the client if
+ * a certificate request is sent. This can be disabled using
+ * gnutls_certificate_send_x509_rdn_sequence().
+ *
+ * Returns: the number of certificates processed or a negative error code
+ * on error.
+ *
+ * Since: 2.4.0
+ **/
+int
+gnutls_certificate_set_x509_trust(gnutls_certificate_credentials_t res,
+				  gnutls_x509_crt_t * ca_list,
+				  int ca_list_size)
+{
+	int ret, i, j;
+	gnutls_x509_crt_t *new_list;
+
+	if (ca_list == NULL || ca_list_size < 1)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	new_list = _gnutls_reallocarray(NULL, ca_list_size,
+					sizeof(gnutls_x509_crt_t));
+	if (!new_list)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	for (i = 0; i < ca_list_size; i++) {
+		ret = gnutls_x509_crt_init(&new_list[i]);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gnutls_x509_crt_cpy(new_list[i], ca_list[i]);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret =
+	    gnutls_x509_trust_list_add_cas(res->tlist, new_list,
+					   ca_list_size, GNUTLS_TL_USE_IN_TLS);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	gnutls_free(new_list);
+	return ret;
+
+      cleanup:
+	for (j = 0; j < i; j++)
+		gnutls_x509_crt_deinit(new_list[j]);
+	gnutls_free(new_list);
+
+	return ret;
+}
+
+
+/**
+ * gnutls_certificate_set_x509_trust_file:
+ * @cred: is a #gnutls_certificate_credentials_t type.
+ * @cafile: is a file containing the list of trusted CAs (DER or PEM list)
+ * @type: is PEM or DER
+ *
+ * This function adds the trusted CAs in order to verify client or
+ * server certificates. In case of a client this is not required to
+ * be called if the certificates are not verified using
+ * gnutls_certificate_verify_peers2().  This function may be called
+ * multiple times.
+ *
+ * In case of a server the names of the CAs set here will be sent to
+ * the client if a certificate request is sent. This can be disabled
+ * using gnutls_certificate_send_x509_rdn_sequence().
+ *
+ * This function can also accept URLs. In that case it
+ * will import all certificates that are marked as trusted. Note
+ * that the supported URLs are the ones indicated by gnutls_url_is_supported().
+ *
+ * Returns: the number of certificates processed
+ **/
+int
+gnutls_certificate_set_x509_trust_file(gnutls_certificate_credentials_t
+				       cred, const char *cafile,
+				       gnutls_x509_crt_fmt_t type)
+{
+int ret;
+
+	ret = gnutls_x509_trust_list_add_trust_file(cred->tlist, cafile, NULL,
+						type, GNUTLS_TL_USE_IN_TLS, 0);
+	if (ret == GNUTLS_E_NO_CERTIFICATE_FOUND)
+		return 0;
+
+	return ret;
+}
+
+/**
+ * gnutls_certificate_set_x509_trust_dir:
+ * @cred: is a #gnutls_certificate_credentials_t type.
+ * @ca_dir: is a directory containing the list of trusted CAs (DER or PEM list)
+ * @type: is PEM or DER
+ *
+ * This function adds the trusted CAs present in the directory in order to
+ * verify client or server certificates. This function is identical
+ * to gnutls_certificate_set_x509_trust_file() but loads all certificates
+ * in a directory.
+ *
+ * Returns: the number of certificates processed
+ *
+ * Since: 3.3.6
+ *
+ **/
+int
+gnutls_certificate_set_x509_trust_dir(gnutls_certificate_credentials_t cred,
+				      const char *ca_dir,
+				      gnutls_x509_crt_fmt_t type)
+{
+int ret;
+
+	ret = gnutls_x509_trust_list_add_trust_dir(cred->tlist, ca_dir, NULL,
+						type, GNUTLS_TL_USE_IN_TLS, 0);
+	if (ret == GNUTLS_E_NO_CERTIFICATE_FOUND)
+		return 0;
+
+	return ret;
+}
+
+/**
+ * gnutls_certificate_set_x509_system_trust:
+ * @cred: is a #gnutls_certificate_credentials_t type.
+ *
+ * This function adds the system's default trusted CAs in order to
+ * verify client or server certificates.
+ *
+ * In the case the system is currently unsupported %GNUTLS_E_UNIMPLEMENTED_FEATURE
+ * is returned.
+ *
+ * Returns: the number of certificates processed or a negative error code
+ * on error.
+ *
+ * Since: 3.0.20
+ **/
+int
+gnutls_certificate_set_x509_system_trust(gnutls_certificate_credentials_t
+					 cred)
+{
+	return gnutls_x509_trust_list_add_system_trust(cred->tlist,
+					GNUTLS_TL_USE_IN_TLS, 0);
+}
+
+/**
+ * gnutls_certificate_set_x509_crl_mem:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @CRL: is a list of trusted CRLs. They should have been verified before.
+ * @type: is DER or PEM
+ *
+ * This function adds the trusted CRLs in order to verify client or
+ * server certificates.  In case of a client this is not required to
+ * be called if the certificates are not verified using
+ * gnutls_certificate_verify_peers2().  This function may be called
+ * multiple times.
+ *
+ * Returns: number of CRLs processed, or a negative error code on error.
+ **/
+int
+gnutls_certificate_set_x509_crl_mem(gnutls_certificate_credentials_t res,
+				    const gnutls_datum_t * CRL,
+				    gnutls_x509_crt_fmt_t type)
+{
+	unsigned flags = GNUTLS_TL_USE_IN_TLS;
+	int ret;
+
+	if (res->flags & GNUTLS_CERTIFICATE_VERIFY_CRLS)
+		flags |= GNUTLS_TL_VERIFY_CRL|GNUTLS_TL_FAIL_ON_INVALID_CRL;
+
+	ret = gnutls_x509_trust_list_add_trust_mem(res->tlist, NULL, CRL,
+					type, flags, 0);
+	if (ret == GNUTLS_E_NO_CERTIFICATE_FOUND)
+		return 0;
+
+	return ret;
+}
+
+/**
+ * gnutls_certificate_set_x509_crl:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @crl_list: is a list of trusted CRLs. They should have been verified before.
+ * @crl_list_size: holds the size of the crl_list
+ *
+ * This function adds the trusted CRLs in order to verify client or
+ * server certificates.  In case of a client this is not required to
+ * be called if the certificates are not verified using
+ * gnutls_certificate_verify_peers2().  This function may be called
+ * multiple times.
+ *
+ * Returns: number of CRLs processed, or a negative error code on error.
+ *
+ * Since: 2.4.0
+ **/
+int
+gnutls_certificate_set_x509_crl(gnutls_certificate_credentials_t res,
+				gnutls_x509_crl_t * crl_list,
+				int crl_list_size)
+{
+	int ret, i, j;
+	gnutls_x509_crl_t *new_crl;
+	unsigned flags;
+
+	flags = GNUTLS_TL_USE_IN_TLS;
+	if (res->flags & GNUTLS_CERTIFICATE_VERIFY_CRLS)
+		flags |= GNUTLS_TL_VERIFY_CRL|GNUTLS_TL_FAIL_ON_INVALID_CRL;
+
+	new_crl = _gnutls_reallocarray(NULL, crl_list_size,
+				       sizeof(gnutls_x509_crl_t));
+	if (!new_crl)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	for (i = 0; i < crl_list_size; i++) {
+		ret = gnutls_x509_crl_init(&new_crl[i]);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gnutls_x509_crl_cpy(new_crl[i], crl_list[i]);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret =
+	    gnutls_x509_trust_list_add_crls(res->tlist, new_crl,
+				    crl_list_size, flags, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	free(new_crl);
+	return ret;
+
+      cleanup:
+	for (j = 0; j < i; j++)
+		gnutls_x509_crl_deinit(new_crl[j]);
+	free(new_crl);
+
+	return ret;
+}
+
+/**
+ * gnutls_certificate_set_x509_crl_file:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @crlfile: is a file containing the list of verified CRLs (DER or PEM list)
+ * @type: is PEM or DER
+ *
+ * This function adds the trusted CRLs in order to verify client or server
+ * certificates.  In case of a client this is not required
+ * to be called if the certificates are not verified using
+ * gnutls_certificate_verify_peers2().
+ * This function may be called multiple times.
+ *
+ * Returns: number of CRLs processed or a negative error code on error.
+ **/
+int
+gnutls_certificate_set_x509_crl_file(gnutls_certificate_credentials_t res,
+				     const char *crlfile,
+				     gnutls_x509_crt_fmt_t type)
+{
+	int ret;
+	unsigned flags = GNUTLS_TL_USE_IN_TLS;
+
+	if (res->flags & GNUTLS_CERTIFICATE_VERIFY_CRLS)
+		flags |= GNUTLS_TL_VERIFY_CRL|GNUTLS_TL_FAIL_ON_INVALID_CRL;
+
+	ret = gnutls_x509_trust_list_add_trust_file(res->tlist, NULL, crlfile,
+						type, flags, 0);
+	if (ret == GNUTLS_E_NO_CERTIFICATE_FOUND)
+		return 0;
+
+	return ret;
+}
+
+#include <gnutls/pkcs12.h>
+
+
+/**
+ * gnutls_certificate_set_x509_simple_pkcs12_file:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @pkcs12file: filename of file containing PKCS#12 blob.
+ * @type: is PEM or DER of the @pkcs12file.
+ * @password: optional password used to decrypt PKCS#12 file, bags and keys.
+ *
+ * This function sets a certificate/private key pair and/or a CRL in
+ * the gnutls_certificate_credentials_t type.  This function may
+ * be called more than once (in case multiple keys/certificates exist
+ * for the server).
+ *
+ * PKCS#12 files with a MAC, encrypted bags and PKCS #8
+ * private keys are supported. However,
+ * only password based security, and the same password for all
+ * operations, are supported.
+ *
+ * PKCS#12 file may contain many keys and/or certificates, and this
+ * function will try to auto-detect based on the key ID the certificate
+ * and key pair to use. If the PKCS#12 file contain the issuer of
+ * the selected certificate, it will be appended to the certificate
+ * to form a chain.
+ *
+ * If more than one private keys are stored in the PKCS#12 file,
+ * then only one key will be read (and it is undefined which one).
+ *
+ * It is believed that the limitations of this function is acceptable
+ * for most usage, and that any more flexibility would introduce
+ * complexity that would make it harder to use this functionality at
+ * all.
+ *
+ * Note that, this function by default returns zero on success and a negative value on error.
+ * Since 3.5.6, when the flag %GNUTLS_CERTIFICATE_API_V2 is set using gnutls_certificate_set_flags()
+ * it returns an index (greater or equal to zero). That index can be used to other functions to refer to the added key-pair.
+ *
+ * Returns: On success this functions returns zero, and otherwise a negative value on error (see above for modifying that behavior).
+ *
+ **/
+int
+ gnutls_certificate_set_x509_simple_pkcs12_file
+    (gnutls_certificate_credentials_t res, const char *pkcs12file,
+     gnutls_x509_crt_fmt_t type, const char *password) {
+	gnutls_datum_t p12blob;
+	size_t size;
+	int ret;
+
+	p12blob.data = (void *) read_file(pkcs12file, RF_BINARY | RF_SENSITIVE,
+					  &size);
+	p12blob.size = (unsigned int) size;
+	if (p12blob.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_FILE_ERROR;
+	}
+
+	ret =
+	    gnutls_certificate_set_x509_simple_pkcs12_mem(res, &p12blob,
+							  type, password);
+	zeroize_key(p12blob.data, p12blob.size);
+	free(p12blob.data);
+	p12blob.size = 0;
+
+	return ret;
+}
+
+/**
+ * gnutls_certificate_set_x509_simple_pkcs12_mem:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @p12blob: the PKCS#12 blob.
+ * @type: is PEM or DER of the @pkcs12file.
+ * @password: optional password used to decrypt PKCS#12 file, bags and keys.
+ *
+ * This function sets a certificate/private key pair and/or a CRL in
+ * the gnutls_certificate_credentials_t type.  This function may
+ * be called more than once (in case multiple keys/certificates exist
+ * for the server).
+ *
+ * Encrypted PKCS#12 bags and PKCS#8 private keys are supported.  However,
+ * only password based security, and the same password for all
+ * operations, are supported.
+ *
+ * PKCS#12 file may contain many keys and/or certificates, and this
+ * function will try to auto-detect based on the key ID the certificate
+ * and key pair to use. If the PKCS#12 file contain the issuer of
+ * the selected certificate, it will be appended to the certificate
+ * to form a chain.
+ *
+ * If more than one private keys are stored in the PKCS#12 file,
+ * then only one key will be read (and it is undefined which one).
+ *
+ * It is believed that the limitations of this function is acceptable
+ * for most usage, and that any more flexibility would introduce
+ * complexity that would make it harder to use this functionality at
+ * all.
+ *
+ * Note that, this function by default returns zero on success and a negative value on error.
+ * Since 3.5.6, when the flag %GNUTLS_CERTIFICATE_API_V2 is set using gnutls_certificate_set_flags()
+ * it returns an index (greater or equal to zero). That index can be used to other functions to refer to the added key-pair.
+ *
+ * Returns: On success this functions returns zero, and otherwise a negative value on error (see above for modifying that behavior).
+ *
+ * Since: 2.8.0
+ **/
+int
+ gnutls_certificate_set_x509_simple_pkcs12_mem
+    (gnutls_certificate_credentials_t res, const gnutls_datum_t * p12blob,
+     gnutls_x509_crt_fmt_t type, const char *password) {
+	gnutls_pkcs12_t p12;
+	gnutls_x509_privkey_t key = NULL;
+	gnutls_x509_crt_t *chain = NULL;
+	gnutls_x509_crl_t crl = NULL;
+	unsigned int chain_size = 0, i;
+	int ret, idx;
+
+	ret = gnutls_pkcs12_init(&p12);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_pkcs12_import(p12, p12blob, type, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_pkcs12_deinit(p12);
+		return ret;
+	}
+
+	if (password) {
+		ret = gnutls_pkcs12_verify_mac(p12, password);
+		if (ret < 0) {
+			gnutls_assert();
+			gnutls_pkcs12_deinit(p12);
+			return ret;
+		}
+	}
+
+	ret =
+	    gnutls_pkcs12_simple_parse(p12, password, &key, &chain,
+				       &chain_size, NULL, NULL, &crl, 0);
+	gnutls_pkcs12_deinit(p12);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (key && chain) {
+		ret =
+		    gnutls_certificate_set_x509_key(res, chain, chain_size,
+						    key);
+		if (ret < 0) {
+			gnutls_assert();
+			goto done;
+		}
+
+		idx = ret;
+	} else {
+		gnutls_assert();
+		ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		goto done;
+	}
+
+	if (crl) {
+		ret = gnutls_certificate_set_x509_crl(res, &crl, 1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto done;
+		}
+	}
+
+	if (res->flags & GNUTLS_CERTIFICATE_API_V2)
+		ret = idx;
+	else
+		ret = 0;
+
+      done:
+	if (chain) {
+		for (i = 0; i < chain_size; i++)
+			gnutls_x509_crt_deinit(chain[i]);
+		gnutls_free(chain);
+	}
+	if (key)
+		gnutls_x509_privkey_deinit(key);
+	if (crl)
+		gnutls_x509_crl_deinit(crl);
+
+	return ret;
+}
+
+
+
+/**
+ * gnutls_certificate_free_crls:
+ * @sc: is a #gnutls_certificate_credentials_t type.
+ *
+ * This function will delete all the CRLs associated
+ * with the given credentials.
+ **/
+void gnutls_certificate_free_crls(gnutls_certificate_credentials_t sc)
+{
+	/* do nothing for now */
+	return;
+}
+
+/**
+ * gnutls_certificate_credentials_t:
+ * @cred: is a #gnutls_certificate_credentials_t type.
+ * @fn: A PIN callback
+ * @userdata: Data to be passed in the callback
+ *
+ * This function will set a callback function to be used when
+ * required to access a protected object. This function overrides any other
+ * global PIN functions.
+ *
+ * Note that this function must be called right after initialization
+ * to have effect.
+ *
+ * Since: 3.1.0
+ **/
+void gnutls_certificate_set_pin_function(gnutls_certificate_credentials_t
+					 cred, gnutls_pin_callback_t fn,
+					 void *userdata)
+{
+	cred->pin.cb = fn;
+	cred->pin.data = userdata;
+}
diff --git a/lib/cert-cred.c b/lib/cert-cred.c
new file mode 100644
index 0000000..71aebc9
--- /dev/null
+++ b/lib/cert-cred.c
@@ -0,0 +1,1259 @@
+/*
+ * Copyright (C) 2001-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Some of the stuff needed for Certificate authentication is contained
+ * in this file.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <auth/cert.h>
+#include <datum.h>
+#include <mpi.h>
+#include <global.h>
+#include <algorithms.h>
+#include <dh.h>
+#include "str.h"
+#include <state.h>
+#include <auth.h>
+#include <x509.h>
+#include <str_array.h>
+#include <x509/verify-high.h>
+#include "x509/x509_int.h"
+#include "x509/common.h"
+#include "dh.h"
+#include "cert-cred.h"
+#include "intprops.h"
+
+
+/*
+ * Adds a public/private key pair to a certificate credential
+ */
+int
+_gnutls_certificate_credential_append_keypair(gnutls_certificate_credentials_t res,
+				       gnutls_privkey_t key,
+				       gnutls_str_array_t names,
+				       gnutls_pcert_st * crt,
+				       int nr)
+{
+	if (unlikely(INT_ADD_OVERFLOW(res->ncerts, 1))) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	res->sorted_cert_idx = _gnutls_reallocarray_fast(res->sorted_cert_idx,
+							 res->ncerts + 1,
+							 sizeof(unsigned int));
+	if (res->sorted_cert_idx == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	res->certs = _gnutls_reallocarray_fast(res->certs,
+					       res->ncerts + 1,
+					       sizeof(certs_st));
+	if (res->certs == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	memset(&res->certs[res->ncerts], 0, sizeof(res->certs[0]));
+
+	res->certs[res->ncerts].cert_list = crt;
+	res->certs[res->ncerts].cert_list_length = nr;
+	res->certs[res->ncerts].names = names;
+	res->certs[res->ncerts].pkey = key;
+
+	if (_gnutls13_sign_get_compatible_with_privkey(key))
+		res->tls13_ok = 1;
+
+	/* move RSA-PSS certificates before any RSA key.
+	 * Note that we cannot assume that any previous pointers
+	 * to sorted list are ok, due to the realloc in res->certs. */
+	if (crt->pubkey->params.algo == GNUTLS_PK_RSA_PSS) {
+		unsigned i,ridx;
+		unsigned tmp;
+
+		for (i=0;i<res->ncerts;i++) {
+			ridx = res->sorted_cert_idx[i];
+
+			if (res->certs[ridx].cert_list->pubkey->params.algo == GNUTLS_PK_RSA) {
+				tmp = ridx;
+				res->sorted_cert_idx[i] = res->ncerts;
+				res->sorted_cert_idx[res->ncerts] = tmp;
+				goto finish;
+			}
+		}
+	}
+
+	/* otherwise append it normally on the end */
+	res->sorted_cert_idx[res->ncerts] = res->ncerts;
+
+ finish:
+	return 0;
+
+}
+
+
+/**
+ * gnutls_certificate_set_key:
+ * @res: is a #gnutls_certificate_credentials_t type.
+ * @names: is an array of DNS names belonging to the public-key (NULL if none)
+ * @names_size: holds the size of the names list
+ * @pcert_list: contains a certificate list (chain) or raw public-key
+ * @pcert_list_size: holds the size of the certificate list
+ * @key: is a #gnutls_privkey_t key corresponding to the first public-key in pcert_list
+ *
+ * This function sets a public/private key pair in the
+ * gnutls_certificate_credentials_t type. The given public key may be encapsulated
+ * in a certificate or can be given as a raw key. This function may be
+ * called more than once, in case multiple key pairs exist for
+ * the server. For clients that want to send more than their own end-
+ * entity certificate (e.g., also an intermediate CA cert), the full
+ * certificate chain must be provided in @pcert_list.
+ *
+ * Note that the @key will become part of the credentials structure and must
+ * not be deallocated. It will be automatically deallocated when the @res structure
+ * is deinitialized.
+ *
+ * If this function fails, the @res structure is at an undefined state and it must
+ * not be reused to load other keys or certificates.
+ *
+ * Note that, this function by default returns zero on success and a negative value on error.
+ * Since 3.5.6, when the flag %GNUTLS_CERTIFICATE_API_V2 is set using gnutls_certificate_set_flags()
+ * it returns an index (greater or equal to zero). That index can be used for other functions to refer to the added key-pair.
+ *
+ * Since GnuTLS 3.6.6 this function also handles raw public keys.
+ *
+ * Returns: On success this functions returns zero, and otherwise a negative value on error (see above for modifying that behavior).
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_certificate_set_key(gnutls_certificate_credentials_t res,
+			   const char **names,
+			   int names_size,
+			   gnutls_pcert_st * pcert_list,
+			   int pcert_list_size,
+			   gnutls_privkey_t key)
+{
+	int ret, i;
+	gnutls_str_array_t str_names;
+	gnutls_pcert_st *new_pcert_list;
+
+	/* Sanity checks */
+	// Check for a valid credential struct
+	if (res == NULL) {
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+	}
+
+	// A complete key pair must be given
+	if (pcert_list == NULL || key == NULL) {
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+	}
+
+	/* Process the names, if any */
+	_gnutls_str_array_init(&str_names);
+
+	if (names != NULL && names_size > 0) {
+		for (i = 0; i < names_size; i++) {
+			ret =
+			    _gnutls_str_array_append_idna(&str_names, names[i],
+						     strlen(names[i]));
+			if (ret < 0) {
+				ret = gnutls_assert_val(ret);
+				goto cleanup;
+			}
+		}
+	} else if (names == NULL && pcert_list[0].type == GNUTLS_CRT_X509) {
+		gnutls_x509_crt_t crt;
+
+		ret = gnutls_x509_crt_init(&crt);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = gnutls_x509_crt_import(crt, &pcert_list[0].cert, GNUTLS_X509_FMT_DER);
+		if (ret < 0) {
+			gnutls_assert();
+			gnutls_x509_crt_deinit(crt);
+			goto cleanup;
+		}
+
+		ret = _gnutls_get_x509_name(crt, &str_names);
+		gnutls_x509_crt_deinit(crt);
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	if (res->pin.cb)
+		gnutls_privkey_set_pin_function(key, res->pin.cb,
+						res->pin.data);
+
+	new_pcert_list = _gnutls_reallocarray(NULL, pcert_list_size,
+					      sizeof(gnutls_pcert_st));
+	if (new_pcert_list == NULL) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+	memcpy(new_pcert_list, pcert_list, sizeof(gnutls_pcert_st) * pcert_list_size);
+
+	ret =
+	    _gnutls_certificate_credential_append_keypair(res, key, str_names,
+						   new_pcert_list,
+						   pcert_list_size);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_free(new_pcert_list);
+		goto cleanup;
+	}
+
+	res->ncerts++;
+
+	/* Unlike gnutls_certificate_set_x509_key, we deinitialize everything
+	 * local after a failure. That is because the caller is responsible for
+	 * freeing these values after a failure, and if we keep references we
+	 * lead to double freeing */
+	if ((ret = _gnutls_check_key_cert_match(res)) < 0) {
+		gnutls_assert();
+		gnutls_free(new_pcert_list);
+		res->ncerts--;
+		goto cleanup;
+	}
+
+	CRED_RET_SUCCESS(res);
+
+      cleanup:
+	_gnutls_str_array_clear(&str_names);
+	return ret;
+}
+
+/**
+ * gnutls_certificate_free_keys:
+ * @sc: is a #gnutls_certificate_credentials_t type.
+ *
+ * This function will delete all the keys and the certificates associated
+ * with the given credentials. This function must not be called when a
+ * TLS negotiation that uses the credentials is in progress.
+ *
+ **/
+void gnutls_certificate_free_keys(gnutls_certificate_credentials_t sc)
+{
+	unsigned i, j;
+
+	for (i = 0; i < sc->ncerts; i++) {
+		for (j = 0; j < sc->certs[i].cert_list_length; j++) {
+			gnutls_pcert_deinit(&sc->certs[i].cert_list[j]);
+		}
+		gnutls_free(sc->certs[i].cert_list);
+
+		for (j = 0; j < sc->certs[i].ocsp_data_length; j++) {
+			gnutls_free(sc->certs[i].ocsp_data[j].response.data);
+		}
+		_gnutls_str_array_clear(&sc->certs[i].names);
+		gnutls_privkey_deinit(sc->certs[i].pkey);
+	}
+
+	gnutls_free(sc->certs);
+	gnutls_free(sc->sorted_cert_idx);
+
+	sc->ncerts = 0;
+}
+
+/**
+ * gnutls_certificate_free_cas:
+ * @sc: is a #gnutls_certificate_credentials_t type.
+ *
+ * This function was operational on very early versions of gnutls.
+ * Due to internal refactorings and the fact that this was hardly ever
+ * used, it is currently a no-op.
+ *
+ **/
+void gnutls_certificate_free_cas(gnutls_certificate_credentials_t sc)
+{
+	return;
+}
+
+/**
+ * gnutls_certificate_get_issuer:
+ * @sc: is a #gnutls_certificate_credentials_t type.
+ * @cert: is the certificate to find issuer for
+ * @issuer: Will hold the issuer if any. Should be treated as constant.
+ * @flags: Use zero or %GNUTLS_TL_GET_COPY
+ *
+ * This function will return the issuer of a given certificate.
+ * If the flag %GNUTLS_TL_GET_COPY is specified a copy of the issuer
+ * will be returned which must be freed using gnutls_x509_crt_deinit().
+ * In that case the provided @issuer must not be initialized.
+ *
+ * As with gnutls_x509_trust_list_get_issuer() this function requires
+ * the %GNUTLS_TL_GET_COPY flag in order to operate with PKCS#11 trust
+ * lists in a thread-safe way.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_certificate_get_issuer(gnutls_certificate_credentials_t sc,
+			      gnutls_x509_crt_t cert,
+			      gnutls_x509_crt_t * issuer,
+			      unsigned int flags)
+{
+	return gnutls_x509_trust_list_get_issuer(sc->tlist, cert, issuer,
+						 flags);
+}
+
+/**
+ * gnutls_certificate_get_crt_raw:
+ * @sc: is a #gnutls_certificate_credentials_t type.
+ * @idx1: the index of the certificate chain if multiple are present
+ * @idx2: the index of the certificate in the chain. Zero gives the server's certificate.
+ * @cert: Will hold the DER encoded certificate.
+ *
+ * This function will return the DER encoded certificate of the
+ * server or any other certificate on its certificate chain (based on @idx2).
+ * The returned data should be treated as constant and only accessible during the lifetime
+ * of @sc. The @idx1 matches the value gnutls_certificate_set_x509_key() and friends
+ * functions.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. In case the indexes are out of bounds %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ *   is returned.
+ *
+ * Since: 3.2.5
+ **/
+int
+gnutls_certificate_get_crt_raw(gnutls_certificate_credentials_t sc,
+			       unsigned idx1,
+			       unsigned idx2, gnutls_datum_t * cert)
+{
+	if (idx1 >= sc->ncerts)
+		return
+		    gnutls_assert_val
+		    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (idx2 >= sc->certs[idx1].cert_list_length)
+		return
+		    gnutls_assert_val
+		    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	cert->data = sc->certs[idx1].cert_list[idx2].cert.data;
+	cert->size = sc->certs[idx1].cert_list[idx2].cert.size;
+
+	return 0;
+}
+
+/**
+ * gnutls_certificate_free_ca_names:
+ * @sc: is a #gnutls_certificate_credentials_t type.
+ *
+ * This function will delete all the CA name in the given
+ * credentials. Clients may call this to save some memory since in
+ * client side the CA names are not used. Servers might want to use
+ * this function if a large list of trusted CAs is present and
+ * sending the names of it would just consume bandwidth without providing
+ * information to client.
+ *
+ * CA names are used by servers to advertise the CAs they support to
+ * clients.
+ **/
+void gnutls_certificate_free_ca_names(gnutls_certificate_credentials_t sc)
+{
+	_gnutls_free_datum(&sc->tlist->x509_rdn_sequence);
+}
+
+
+/**
+ * gnutls_certificate_free_credentials:
+ * @sc: is a #gnutls_certificate_credentials_t type.
+ *
+ * Free a gnutls_certificate_credentials_t structure.
+ *
+ * This function does not free any temporary parameters associated
+ * with this structure (ie RSA and DH parameters are not freed by this
+ * function).
+ **/
+void
+gnutls_certificate_free_credentials(gnutls_certificate_credentials_t sc)
+{
+	// Check for valid pointer and otherwise do nothing
+	if (sc == NULL)
+		return;
+
+	gnutls_x509_trust_list_deinit(sc->tlist, 1);
+	gnutls_certificate_free_keys(sc);
+	memset(sc->pin_tmp, 0, sizeof(sc->pin_tmp));
+
+	if (sc->deinit_dh_params) {
+		gnutls_dh_params_deinit(sc->dh_params);
+	}
+
+	gnutls_free(sc);
+}
+
+
+/**
+ * gnutls_certificate_allocate_credentials:
+ * @res: is a pointer to a #gnutls_certificate_credentials_t type.
+ *
+ * Allocate a gnutls_certificate_credentials_t structure.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ **/
+int
+gnutls_certificate_allocate_credentials(gnutls_certificate_credentials_t *
+					res)
+{
+	int ret;
+
+	*res = gnutls_calloc(1, sizeof(certificate_credentials_st));
+
+	if (*res == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	ret = gnutls_x509_trust_list_init(&(*res)->tlist, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_free(*res);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+	(*res)->verify_bits = DEFAULT_MAX_VERIFY_BITS;
+	(*res)->verify_depth = DEFAULT_MAX_VERIFY_DEPTH;
+
+
+	return 0;
+}
+
+/* converts the given x509 certificate list to gnutls_pcert_st* and allocates
+ * space for them.
+ */
+static gnutls_pcert_st *alloc_and_load_x509_certs(gnutls_x509_crt_t *
+						  certs, unsigned ncerts)
+{
+	gnutls_pcert_st *local_certs;
+	int ret = 0;
+	unsigned i, j;
+
+	if (certs == NULL)
+		return NULL;
+
+	local_certs = _gnutls_reallocarray(NULL, ncerts,
+					   sizeof(gnutls_pcert_st));
+	if (local_certs == NULL) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	for (i = 0; i < ncerts; i++) {
+		ret = gnutls_pcert_import_x509(&local_certs[i], certs[i], 0);
+		if (ret < 0)
+			break;
+	}
+
+	if (ret < 0) {
+		gnutls_assert();
+		for (j = 0; j < i; j++) {
+			gnutls_pcert_deinit(&local_certs[j]);
+		}
+		gnutls_free(local_certs);
+		return NULL;
+	}
+
+	return local_certs;
+}
+
+/* converts the given x509 key to gnutls_privkey* and allocates
+ * space for it.
+ */
+static gnutls_privkey_t
+alloc_and_load_x509_key(gnutls_x509_privkey_t key, int deinit)
+{
+	gnutls_privkey_t local_key;
+	int ret = 0;
+
+	if (key == NULL)
+		return NULL;
+
+	ret = gnutls_privkey_init(&local_key);
+	if (ret < 0) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	ret =
+	    gnutls_privkey_import_x509(local_key, key,
+				       deinit ?
+				       GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE : 0);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_privkey_deinit(local_key);
+		return NULL;
+	}
+
+	return local_key;
+}
+
+#ifdef ENABLE_PKCS11
+
+/* converts the given raw key to gnutls_privkey* and allocates
+ * space for it.
+ */
+static gnutls_privkey_t
+alloc_and_load_pkcs11_key(gnutls_pkcs11_privkey_t key, int deinit)
+{
+	gnutls_privkey_t local_key;
+	int ret = 0;
+
+	if (key == NULL)
+		return NULL;
+
+	ret = gnutls_privkey_init(&local_key);
+	if (ret < 0) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	ret =
+	    gnutls_privkey_import_pkcs11(local_key, key,
+					 deinit ?
+					 GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE
+					 : 0);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_privkey_deinit(local_key);
+		return NULL;
+	}
+
+	return local_key;
+}
+
+#endif
+
+/**
+ * gnutls_certificate_server_set_request:
+ * @session: is a #gnutls_session_t type.
+ * @req: is one of GNUTLS_CERT_REQUEST, GNUTLS_CERT_REQUIRE, GNUTLS_CERT_IGNORE
+ *
+ * This function specifies if we (in case of a server) are going to
+ * send a certificate request message to the client. If @req is
+ * GNUTLS_CERT_REQUIRE then the server will return the %GNUTLS_E_NO_CERTIFICATE_FOUND
+ * error if the peer does not provide a certificate. If you do not call this
+ * function then the client will not be asked to send a certificate. Invoking
+ * the function with @req GNUTLS_CERT_IGNORE has the same effect.
+ **/
+void
+gnutls_certificate_server_set_request(gnutls_session_t session,
+				      gnutls_certificate_request_t req)
+{
+	session->internals.send_cert_req = req;
+}
+
+static int call_legacy_cert_cb1(gnutls_session_t session,
+				const struct gnutls_cert_retr_st *info,
+				gnutls_pcert_st **certs,
+				unsigned int *pcert_length,
+				gnutls_ocsp_data_st **ocsp,
+				unsigned int *ocsp_length,
+				gnutls_privkey_t *privkey,
+				unsigned int *flags)
+{
+	gnutls_retr2_st st2;
+	gnutls_pcert_st *local_certs = NULL;
+	gnutls_privkey_t local_key = NULL;
+	unsigned i;
+	int ret;
+
+	*ocsp_length = 0;
+
+	memset(&st2, 0, sizeof(st2));
+
+	ret = info->cred->legacy_cert_cb1(session, info->req_ca_rdn, info->nreqs,
+					  info->pk_algos, info->pk_algos_length,
+				          &st2);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (st2.ncerts == 0) {
+		*pcert_length = 0;
+		*ocsp_length = 0;
+		*privkey = NULL;
+		return 0;
+	}
+
+	if (st2.cert_type != GNUTLS_CRT_X509) {
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	local_certs =
+	    alloc_and_load_x509_certs(st2.cert.x509, st2.ncerts);
+	if (local_certs == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	switch (st2.key_type) {
+#ifdef ENABLE_PKCS11
+	case GNUTLS_PRIVKEY_PKCS11:
+		if (st2.key.pkcs11 != NULL) {
+			local_key =
+			    alloc_and_load_pkcs11_key(st2.key.pkcs11,
+						      st2.deinit_all);
+			if (local_key == NULL) {
+				gnutls_assert();
+				ret = GNUTLS_E_INTERNAL_ERROR;
+				goto cleanup;
+			}
+		}
+		break;
+#endif
+	case GNUTLS_PRIVKEY_X509:
+		if (st2.key.x509 != NULL) {
+			local_key =
+			    alloc_and_load_x509_key(st2.key.x509,
+						    st2.deinit_all);
+			if (local_key == NULL) {
+				gnutls_assert();
+				ret = GNUTLS_E_INTERNAL_ERROR;
+				goto cleanup;
+			}
+		}
+		break;
+	default:
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	*privkey = local_key;
+	*certs = local_certs;
+	*pcert_length = st2.ncerts;
+
+	/* flag the caller to deinitialize our values */
+	*flags |= GNUTLS_CERT_RETR_DEINIT_ALL;
+
+	ret = 0;
+
+ cleanup:
+
+	if (st2.cert_type == GNUTLS_CRT_X509) {
+		if (st2.deinit_all) {
+			for (i = 0; i < st2.ncerts; i++) {
+				gnutls_x509_crt_deinit(st2.cert.x509[i]);
+			}
+			gnutls_free(st2.cert.x509);
+		}
+	}
+
+	return ret;
+
+}
+
+/**
+ * gnutls_certificate_set_retrieve_function:
+ * @cred: is a #gnutls_certificate_credentials_t type.
+ * @func: is the callback function
+ *
+ * This function sets a callback to be called in order to retrieve the
+ * certificate to be used in the handshake. The callback will take control
+ * only if a certificate is requested by the peer. You are advised
+ * to use gnutls_certificate_set_retrieve_function2() because it
+ * is much more efficient in the processing it requires from gnutls.
+ *
+ * The callback's function prototype is:
+ * int (*callback)(gnutls_session_t, const gnutls_datum_t* req_ca_dn, int nreqs,
+ * const gnutls_pk_algorithm_t* pk_algos, int pk_algos_length, gnutls_retr2_st* st);
+ *
+ * @req_ca_dn is only used in X.509 certificates.
+ * Contains a list with the CA names that the server considers trusted.
+ * This is a hint and typically the client should send a certificate that is signed
+ * by one of these CAs. These names, when available, are DER encoded. To get a more
+ * meaningful value use the function gnutls_x509_rdn_get().
+ *
+ * @pk_algos contains a list with server's acceptable public key algorithms.
+ * The certificate returned should support the server's given algorithms.
+ *
+ * @st should contain the certificates and private keys.
+ *
+ * If the callback function is provided then gnutls will call it, in the
+ * handshake, after the certificate request message has been received.
+ *
+ * In server side pk_algos and req_ca_dn are NULL.
+ *
+ * The callback function should set the certificate list to be sent,
+ * and return 0 on success. If no certificate was selected then the
+ * number of certificates should be set to zero. The value (-1)
+ * indicates error and the handshake will be terminated. If both certificates
+ * are set in the credentials and a callback is available, the callback
+ * takes predence.
+ *
+ * Since: 3.0
+ **/
+void gnutls_certificate_set_retrieve_function
+    (gnutls_certificate_credentials_t cred,
+     gnutls_certificate_retrieve_function * func)
+{
+	cred->legacy_cert_cb1 = func;
+	if (!func)
+		cred->get_cert_callback3 = NULL;
+	else
+		cred->get_cert_callback3 = call_legacy_cert_cb1;
+}
+
+static int call_legacy_cert_cb2(gnutls_session_t session,
+				const struct gnutls_cert_retr_st *info,
+				gnutls_pcert_st **certs,
+				unsigned int *pcert_length,
+				gnutls_ocsp_data_st **ocsp,
+				unsigned int *ocsp_length,
+				gnutls_privkey_t *privkey,
+				unsigned int *flags)
+{
+	int ret;
+	*ocsp_length = 0;
+	/* flags will be assumed to be zero */
+
+	ret = info->cred->legacy_cert_cb2(session, info->req_ca_rdn, info->nreqs,
+					  info->pk_algos, info->pk_algos_length,
+					  certs, pcert_length, privkey);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+	return ret;
+}
+
+/**
+ * gnutls_certificate_set_retrieve_function2:
+ * @cred: is a #gnutls_certificate_credentials_t type.
+ * @func: is the callback function
+ *
+ * This function sets a callback to be called in order to retrieve the
+ * certificate to be used in the handshake. The callback will take control
+ * only if a certificate is requested by the peer.
+ *
+ * The callback's function prototype is:
+ * int (*callback)(gnutls_session_t, const gnutls_datum_t* req_ca_dn, int nreqs,
+ * const gnutls_pk_algorithm_t* pk_algos, int pk_algos_length, gnutls_pcert_st** pcert,
+ * unsigned int *pcert_length, gnutls_privkey_t * pkey);
+ *
+ * @req_ca_dn is only used in X.509 certificates.
+ * Contains a list with the CA names that the server considers trusted.
+ * This is a hint and typically the client should send a certificate that is signed
+ * by one of these CAs. These names, when available, are DER encoded. To get a more
+ * meaningful value use the function gnutls_x509_rdn_get().
+ *
+ * @pk_algos contains a list with server's acceptable public key algorithms.
+ * The certificate returned should support the server's given algorithms.
+ *
+ * @pcert should contain a single certificate and public key or a list of them.
+ *
+ * @pcert_length is the size of the previous list.
+ *
+ * @pkey is the private key.
+ *
+ * If the callback function is provided then gnutls will call it, in the
+ * handshake, after the certificate request message has been received.
+ * All the provided by the callback values will not be released or
+ * modified by gnutls.
+ *
+ * In server side pk_algos and req_ca_dn are NULL.
+ *
+ * The callback function should set the certificate list to be sent,
+ * and return 0 on success. If no certificate was selected then the
+ * number of certificates should be set to zero. The value (-1)
+ * indicates error and the handshake will be terminated. If both certificates
+ * are set in the credentials and a callback is available, the callback
+ * takes predence.
+ *
+ * Since: 3.0
+ **/
+void gnutls_certificate_set_retrieve_function2
+    (gnutls_certificate_credentials_t cred,
+     gnutls_certificate_retrieve_function2 * func)
+{
+	cred->legacy_cert_cb2 = func;
+	if (!func)
+		cred->get_cert_callback3 = NULL;
+	else
+		cred->get_cert_callback3 = call_legacy_cert_cb2;
+}
+
+/**
+ * gnutls_certificate_set_retrieve_function3:
+ * @cred: is a #gnutls_certificate_credentials_t type.
+ * @func: is the callback function
+ *
+ * This function sets a callback to be called in order to retrieve the
+ * certificate and OCSP responses to be used in the handshake. @func will
+ * be called only if the peer requests a certificate either during handshake
+ * or during post-handshake authentication.
+ *
+ * The callback's function prototype is defined in `abstract.h':
+ *
+ * int gnutls_certificate_retrieve_function3(
+ * gnutls_session_t,
+ * const struct gnutls_cert_retr_st *info,
+ * gnutls_pcert_st **certs,
+ * unsigned int *certs_length,
+ * gnutls_ocsp_data_st **ocsp,
+ * unsigned int *ocsp_length,
+ * gnutls_privkey_t *privkey,
+ * unsigned int *flags);
+ *
+ * The info field of the callback contains:
+ * @req_ca_dn which is a list with the CA names that the server considers trusted.
+ * This is a hint and typically the client should send a certificate that is signed
+ * by one of these CAs. These names, when available, are DER encoded. To get a more
+ * meaningful value use the function gnutls_x509_rdn_get().
+ * @pk_algos contains a list with server's acceptable public key algorithms.
+ * The certificate returned should support the server's given algorithms.
+ *
+ * The callback should fill-in the following values:
+ *
+ * @certs should contain an allocated list of certificates and public keys.
+ * @certs_length is the size of the previous list.
+ * @ocsp should contain an allocated list of OCSP responses.
+ * @ocsp_length is the size of the previous list.
+ * @privkey is the private key.
+ *
+ * If flags in the callback are set to %GNUTLS_CERT_RETR_DEINIT_ALL then
+ * all provided values must be allocated using gnutls_malloc(), and will
+ * be released by gnutls; otherwise they will not be touched by gnutls.
+ *
+ * The callback function should set the certificate and OCSP response
+ * list to be sent, and return 0 on success. If no certificates are available,
+ * the @certs_length and @ocsp_length should be set to zero. The return
+ * value (-1) indicates error and the handshake will be terminated. If both
+ * certificates are set in the credentials and a callback is available, the
+ * callback takes predence.
+ *
+ * Raw public-keys:
+ * In case raw public-keys are negotiated as certificate type, certificates
+ * that would normally hold the public-key material are not available. In that case,
+ * @certs contains an allocated list with only the public key. Since there is no
+ * certificate, there is also no certificate status. Therefore, OCSP information
+ * should not be set.
+ *
+ * Since: 3.6.3
+ **/
+void gnutls_certificate_set_retrieve_function3
+    (gnutls_certificate_credentials_t cred,
+     gnutls_certificate_retrieve_function3 *func)
+{
+	cred->get_cert_callback3 = func;
+}
+
+/**
+ * gnutls_certificate_set_verify_function:
+ * @cred: is a #gnutls_certificate_credentials_t type.
+ * @func: is the callback function
+ *
+ * This function sets a callback to be called when peer's certificate
+ * has been received in order to verify it on receipt rather than
+ * doing after the handshake is completed.
+ *
+ * The callback's function prototype is:
+ * int (*callback)(gnutls_session_t);
+ *
+ * If the callback function is provided then gnutls will call it, in the
+ * handshake, just after the certificate message has been received.
+ * To verify or obtain the certificate the gnutls_certificate_verify_peers2(),
+ * gnutls_certificate_type_get(), gnutls_certificate_get_peers() functions
+ * can be used.
+ *
+ * The callback function should return 0 for the handshake to continue
+ * or non-zero to terminate.
+ *
+ * Since: 2.10.0
+ **/
+void
+ gnutls_certificate_set_verify_function
+    (gnutls_certificate_credentials_t cred,
+     gnutls_certificate_verify_function * func)
+{
+	cred->verify_callback = func;
+}
+
+/**
+ * gnutls_x509_trust_list_set_getissuer_function:
+ * @tlist: is a #gnutls_x509_trust_list_t type.
+ * @func: is the callback function
+ *
+ * This function sets a callback to be called when the peer's certificate
+ * chain is incomplete due a missing intermediate certificate. The callback
+ * may provide the missing certificate for use during verification.
+ *
+ * The callback's function prototype is defined in gnutls/x509.h as:
+ *
+ *   int (*callback)(gnutls_x509_trust_list_t list,
+ *                   const gnutls_x509_crt_t cert,
+ *                   gnutls_x509_crt_t **issuers,
+ *                   unsigned int *issuers_size);
+ *
+ * If the callback function is provided then gnutls will call it during the
+ * certificate verification procedure. The callback may wish to use
+ * gnutls_x509_crt_get_authority_info_access() to get a URI from which
+ * to attempt to download the missing issuer certificate, if available.
+ *
+ * On a successful call, the callback shall allocate the 'issuers' array with
+ * gnutls_x509_crt_list_import2(). The ownership of both the array and the
+ * elements is transferred to the caller and thus the application does not need
+ * to maintain the memory after the call.
+ *
+ * The callback function should return 0 if the missing issuer certificate
+ * for 'crt' was properly populated and added to the 'issuers', or non-zero
+ * to continue the certificate list verification but with issuer as %NULL.
+ *
+ * Since: 3.7.0
+ **/
+void gnutls_x509_trust_list_set_getissuer_function(gnutls_x509_trust_list_t tlist,
+		gnutls_x509_trust_list_getissuer_function * func)
+{
+	tlist->issuer_callback = func;
+}
+
+/**
+ * gnutls_x509_trust_list_set_ptr:
+ * @tlist: is a #gnutls_x509_trust_list_t type.
+ * @ptr: is the user pointer
+ *
+ * This function will set (associate) the user given pointer @ptr to
+ * the tlist structure. This pointer can be accessed with
+ * gnutls_x509_trust_list_get_ptr(). Useful in the callback function
+ * gnutls_x509_trust_list_set_getissuer_function.
+ *
+ * Since: 3.7.0
+ **/
+void gnutls_x509_trust_list_set_ptr(gnutls_x509_trust_list_t tlist, void *ptr)
+{
+	tlist->usr_ptr = ptr;
+}
+
+/**
+ * gnutls_x509_trust_list_get_ptr:
+ * @tlist: is a #gnutls_x509_trust_list_t type.
+ *
+ * Get user pointer for tlist. Useful in callback function
+ * gnutls_x509_trust_list_set_getissuer_function.
+ * This is the pointer set with gnutls_x509_trust_list_set_ptr().
+ *
+ * Returns: the user given pointer from the tlist structure, or
+ *   %NULL if it was never set.
+ *
+ * Since: 3.7.0
+ **/
+void *gnutls_x509_trust_list_get_ptr(gnutls_x509_trust_list_t tlist)
+{
+	return tlist->usr_ptr;
+}
+
+/**
+ * gnutls_session_set_verify_output_function:
+ * @session: is a #gnutls_x509_trust_list_t type.
+ * @func: is the callback function
+ *
+ * This function sets a callback to be called when the peer's certificate
+ * chain has to be verified and full path to the trusted root has to be
+ * printed.
+ *
+ * The callback's function prototype is defined in `x509.h':
+ * int (*callback)(
+ * gnutls_x509_crt_t cert,
+ * gnutls_x509_crt_t issuer,
+ * gnutls_x509_crl_t crl,
+ * unsigned int verification_output);
+ *
+ * If the callback function is provided then gnutls will call it, in the
+ * certificate verification procedure.
+ * To verify the certificate chain and print its path uptp the trusted root,
+ * functions such as gnutls_certificate_verify_peers(),
+ * gnutls_x509_trust_list_verify_crt(), and gnutls_x509_trust_list_verify_crt2()
+ * can be used. The callback is set in _gnutls_verify_crt_status() and
+ * _gnutls_pkcs11_verify_crt_status().
+ *
+ * Since: 3.7.0
+ **/
+void gnutls_session_set_verify_output_function(gnutls_session_t session,
+		gnutls_verify_output_function * func)
+{
+	session->internals.cert_output_callback = func;
+}
+
+#define TEST_TEXT "test text"
+/* returns error if the certificate has different algorithm than
+ * the given key parameters.
+ */
+int _gnutls_check_key_cert_match(gnutls_certificate_credentials_t res)
+{
+	gnutls_datum_t test = {(void*)TEST_TEXT, sizeof(TEST_TEXT)-1};
+	gnutls_datum_t sig = {NULL, 0};
+	gnutls_digest_algorithm_t dig;
+	int pk, pk2, ret;
+	unsigned sign_algo;
+
+	if (res->flags & GNUTLS_CERTIFICATE_SKIP_KEY_CERT_MATCH)
+		return 0;
+
+	pk =
+	    gnutls_pubkey_get_pk_algorithm(res->certs[res->ncerts - 1].
+					   cert_list[0].pubkey, NULL);
+	pk2 =
+	    gnutls_privkey_get_pk_algorithm(res->certs[res->ncerts - 1].pkey,
+					    NULL);
+
+	if (GNUTLS_PK_IS_RSA(pk) && GNUTLS_PK_IS_RSA(pk2)) {
+		if (pk2 == GNUTLS_PK_RSA_PSS && pk == GNUTLS_PK_RSA) {
+			_gnutls_debug_log("you cannot mix an RSA-PSS key with an RSA certificate\n");
+			return GNUTLS_E_CERTIFICATE_KEY_MISMATCH;
+		}
+
+		if (pk2 == GNUTLS_PK_RSA_PSS || pk == GNUTLS_PK_RSA_PSS)
+			pk = GNUTLS_PK_RSA_PSS;
+	} else if (pk2 != pk) {
+		gnutls_assert();
+		_gnutls_debug_log("key is %s, certificate is %s\n", gnutls_pk_get_name(pk2),
+			gnutls_pk_get_name(pk));
+		return GNUTLS_E_CERTIFICATE_KEY_MISMATCH;
+	}
+
+	if (pk == GNUTLS_PK_GOST_01)
+		dig = GNUTLS_DIG_GOSTR_94;
+	else if (pk == GNUTLS_PK_GOST_12_256)
+		dig = GNUTLS_DIG_STREEBOG_256;
+	else if (pk == GNUTLS_PK_GOST_12_512)
+		dig = GNUTLS_DIG_STREEBOG_512;
+	else
+		dig = GNUTLS_DIG_SHA256;
+
+	sign_algo = gnutls_pk_to_sign(pk, dig);
+
+	/* now check if keys really match. We use the sign/verify approach
+	 * because we cannot always obtain the parameters from the abstract
+	 * keys (e.g. PKCS #11). */
+	ret = gnutls_privkey_sign_data2(res->certs[res->ncerts - 1].pkey,
+		sign_algo, 0, &test, &sig);
+	if (ret < 0) {
+		/* for some reason we couldn't sign that. That shouldn't have
+		 * happened, but since it did, report the issue and do not
+		 * try the key matching test */
+		_gnutls_debug_log("%s: failed signing\n", __func__);
+		goto finish;
+	}
+
+	ret = gnutls_pubkey_verify_data2(res->certs[res->ncerts - 1].cert_list[0].pubkey,
+					 sign_algo,
+					 GNUTLS_VERIFY_ALLOW_BROKEN, &test, &sig);
+
+	gnutls_free(sig.data);
+
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_CERTIFICATE_KEY_MISMATCH);
+
+ finish:
+	return 0;
+}
+
+/**
+ * gnutls_certificate_verification_status_print:
+ * @status: The status flags to be printed
+ * @type: The certificate type
+ * @out: Newly allocated datum with (0) terminated string.
+ * @flags: should be zero
+ *
+ * This function will pretty print the status of a verification
+ * process -- eg. the one obtained by gnutls_certificate_verify_peers3().
+ *
+ * The output @out needs to be deallocated using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.4
+ **/
+int
+gnutls_certificate_verification_status_print(unsigned int status,
+					     gnutls_certificate_type_t
+					     type, gnutls_datum_t * out,
+					     unsigned int flags)
+{
+	gnutls_buffer_st str;
+
+	_gnutls_buffer_init(&str);
+
+	if (status == 0)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The certificate is trusted. "));
+	else
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The certificate is NOT trusted. "));
+
+	if (type == GNUTLS_CRT_X509) {
+		if (status & GNUTLS_CERT_REVOKED)
+			_gnutls_buffer_append_str(&str,
+						  _
+						  ("The certificate chain is revoked. "));
+
+		if (status & GNUTLS_CERT_MISMATCH)
+			_gnutls_buffer_append_str(&str,
+						  _
+						  ("The certificate doesn't match the local copy (TOFU). "));
+
+		if (status & GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED)
+			_gnutls_buffer_append_str(&str,
+						  _
+						  ("The revocation or OCSP data are old and have been superseded. "));
+
+		if (status & GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE)
+			_gnutls_buffer_append_str(&str,
+						  _
+						  ("The revocation or OCSP data are issued with a future date. "));
+
+		if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
+			_gnutls_buffer_append_str(&str,
+						  _
+						  ("The certificate issuer is unknown. "));
+
+		if (status & GNUTLS_CERT_SIGNER_NOT_CA)
+			_gnutls_buffer_append_str(&str,
+						  _
+						  ("The certificate issuer is not a CA. "));
+	}
+
+	if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The certificate chain uses insecure algorithm. "));
+
+	if (status & GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The certificate chain violates the signer's constraints. "));
+
+	if (status & GNUTLS_CERT_PURPOSE_MISMATCH)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The certificate chain does not match the intended purpose. "));
+
+	if (status & GNUTLS_CERT_NOT_ACTIVATED)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The certificate chain uses not yet valid certificate. "));
+
+	if (status & GNUTLS_CERT_EXPIRED)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The certificate chain uses expired certificate. "));
+
+	if (status & GNUTLS_CERT_SIGNATURE_FAILURE)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The signature in the certificate is invalid. "));
+
+	if (status & GNUTLS_CERT_UNEXPECTED_OWNER)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The name in the certificate does not match the expected. "));
+
+	if (status & GNUTLS_CERT_MISSING_OCSP_STATUS)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The certificate requires the server to include an OCSP status in its response, but the OCSP status is missing. "));
+
+	if (status & GNUTLS_CERT_INVALID_OCSP_STATUS)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The received OCSP status response is invalid. "));
+
+	if (status & GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The certificate contains an unknown critical extension. "));
+
+	return _gnutls_buffer_to_datum(&str, out, 1);
+}
+
+#if defined(ENABLE_DHE) || defined(ENABLE_ANON)
+/**
+ * gnutls_certificate_set_dh_params:
+ * @res: is a gnutls_certificate_credentials_t type
+ * @dh_params: the Diffie-Hellman parameters.
+ *
+ * This function will set the Diffie-Hellman parameters for a
+ * certificate server to use. These parameters will be used in
+ * Ephemeral Diffie-Hellman cipher suites.  Note that only a pointer
+ * to the parameters are stored in the certificate handle, so you
+ * must not deallocate the parameters before the certificate is deallocated.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
+ **/
+void
+gnutls_certificate_set_dh_params(gnutls_certificate_credentials_t res,
+				 gnutls_dh_params_t dh_params)
+{
+	if (res->deinit_dh_params) {
+		res->deinit_dh_params = 0;
+		gnutls_dh_params_deinit(res->dh_params);
+		res->dh_params = NULL;
+	}
+
+	res->dh_params = dh_params;
+	res->dh_sec_param = gnutls_pk_bits_to_sec_param(GNUTLS_PK_DH, _gnutls_mpi_get_nbits(dh_params->params[0]));
+}
+
+
+/**
+ * gnutls_certificate_set_known_dh_params:
+ * @res: is a gnutls_certificate_credentials_t type
+ * @sec_param: is an option of the %gnutls_sec_param_t enumeration
+ *
+ * This function will set the Diffie-Hellman parameters for a
+ * certificate server to use. These parameters will be used in
+ * Ephemeral Diffie-Hellman cipher suites and will be selected from
+ * the FFDHE set of RFC7919 according to the security level provided.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.6
+ **/
+int
+gnutls_certificate_set_known_dh_params(gnutls_certificate_credentials_t res,
+				       gnutls_sec_param_t sec_param)
+{
+	res->dh_sec_param = sec_param;
+
+	return 0;
+}
+
+#endif				/* DH */
diff --git a/lib/cert-cred.h b/lib/cert-cred.h
new file mode 100644
index 0000000..1131f6d
--- /dev/null
+++ b/lib/cert-cred.h
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 2018 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_CERT_CRED_H
+#define GNUTLS_LIB_CERT_CRED_H
+
+#include <gnutls/abstract.h>
+#include "str_array.h"
+
+
+int
+_gnutls_certificate_credential_append_keypair(gnutls_certificate_credentials_t res,
+				       gnutls_privkey_t key,
+				       gnutls_str_array_t names,
+				       gnutls_pcert_st * crt, int nr);
+
+int
+_gnutls_read_key_mem(gnutls_certificate_credentials_t res,
+	     const void *key, int key_size, gnutls_x509_crt_fmt_t type,
+	     const char *pass, unsigned int flags,
+	     gnutls_privkey_t *rkey);
+
+int
+_gnutls_read_key_file(gnutls_certificate_credentials_t res,
+	      const char *keyfile, gnutls_x509_crt_fmt_t type,
+	      const char *pass, unsigned int flags,
+	      gnutls_privkey_t *rkey);
+
+int
+_gnutls_get_x509_name(gnutls_x509_crt_t crt, gnutls_str_array_t * names);
+
+#define CRED_RET_SUCCESS(cred) \
+	if (cred->flags & GNUTLS_CERTIFICATE_API_V2) { \
+		return cred->ncerts-1; \
+	} else { \
+		return 0; \
+	}
+
+#endif /* GNUTLS_LIB_CERT_CRED_H */
diff --git a/lib/cert-session.c b/lib/cert-session.c
new file mode 100644
index 0000000..9b03600
--- /dev/null
+++ b/lib/cert-session.c
@@ -0,0 +1,919 @@
+/*
+ * Copyright (C) 2001-2015 Free Software Foundation, Inc.
+ * Copyright (C) 2015 Nikos Mavrogiannopoulos
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains certificate authentication functions to be exported in the
+ * API which did not fit elsewhere.
+ */
+
+#include "gnutls_int.h"
+#include <auth/srp_kx.h>
+#include <auth/anon.h>
+#include <auth/cert.h>
+#include <auth/psk.h>
+#include "errors.h"
+#include <auth.h>
+#include <state.h>
+#include <datum.h>
+#include <algorithms.h>
+#include <gnutls/ocsp.h>
+#include "x509.h"
+#include "hello_ext.h"
+#include "x509/ocsp.h"
+
+/**
+ * gnutls_certificate_get_ours:
+ * @session: is a gnutls session
+ *
+ * Gets the certificate as sent to the peer in the last handshake.
+ * The certificate is in raw (DER) format.  No certificate
+ * list is being returned. Only the first certificate.
+ *
+ * This function returns the certificate that was sent in the current
+ * handshake. In subsequent resumed sessions this function will return
+ * %NULL. That differs from gnutls_certificate_get_peers() which always
+ * returns the peer's certificate used in the original session.
+ *
+ * Returns: a pointer to a #gnutls_datum_t containing our
+ *   certificate, or %NULL in case of an error or if no certificate
+ *   was used.
+ **/
+const gnutls_datum_t *gnutls_certificate_get_ours(gnutls_session_t session)
+{
+	gnutls_certificate_credentials_t cred;
+
+	CHECK_AUTH_TYPE(GNUTLS_CRD_CERTIFICATE, NULL);
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	if (session->internals.selected_cert_list == NULL)
+		return NULL;
+
+	return &session->internals.selected_cert_list[0].cert;
+}
+
+/**
+ * gnutls_certificate_get_peers:
+ * @session: is a gnutls session
+ * @list_size: is the length of the certificate list (may be %NULL)
+ *
+ * Get the peer's raw certificate (chain) as sent by the peer.  These
+ * certificates are in raw format (DER encoded for X.509).  In case of
+ * a X.509 then a certificate list may be present.  The list
+ * is provided as sent by the server; the server must send as first
+ * certificate in the list its own certificate, following the
+ * issuer's certificate, then the issuer's issuer etc. However, there
+ * are servers which violate this principle and thus on certain
+ * occasions this may be an unsorted list.
+ *
+ * In resumed sessions, this function will return the peer's certificate
+ * list as used in the first/original session.
+ *
+ * Returns: a pointer to a #gnutls_datum_t containing the peer's
+ *   certificates, or %NULL in case of an error or if no certificate
+ *   was used.
+ **/
+const gnutls_datum_t *gnutls_certificate_get_peers(gnutls_session_t
+						   session,
+						   unsigned int *list_size)
+{
+	cert_auth_info_t info;
+
+	CHECK_AUTH_TYPE(GNUTLS_CRD_CERTIFICATE, NULL);
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	if (info == NULL)
+		return NULL;
+
+	if (list_size)
+		*list_size = info->ncerts;
+	return info->raw_certificate_list;
+}
+
+/**
+ * gnutls_certificate_client_get_request_status:
+ * @session: is a gnutls session
+ *
+ * Get whether client certificate was requested on the last
+ * handshake or not.
+ *
+ * Returns: 0 if the peer (server) did not request client
+ *   authentication or 1 otherwise.
+ **/
+unsigned
+gnutls_certificate_client_get_request_status(gnutls_session_t session)
+{
+	return (session->internals.hsk_flags & HSK_CRT_ASKED)?1:0;
+}
+
+/**
+ * gnutls_certificate_set_params_function:
+ * @res: is a gnutls_certificate_credentials_t type
+ * @func: is the function to be called
+ *
+ * This function will set a callback in order for the server to get
+ * the Diffie-Hellman or RSA parameters for certificate
+ * authentication.  The callback should return %GNUTLS_E_SUCCESS (0) on success.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
+ **/
+void
+gnutls_certificate_set_params_function(gnutls_certificate_credentials_t
+				       res, gnutls_params_function * func)
+{
+	res->params_func = func;
+}
+
+/**
+ * gnutls_certificate_set_flags:
+ * @res: is a gnutls_certificate_credentials_t type
+ * @flags: are the flags of #gnutls_certificate_flags type
+ *
+ * This function will set flags to tweak the operation of
+ * the credentials structure. See the #gnutls_certificate_flags enumerations
+ * for more information on the available flags. 
+ *
+ * Since: 3.4.7
+ **/
+void
+gnutls_certificate_set_flags(gnutls_certificate_credentials_t res,
+			     unsigned int flags)
+{
+	res->flags = flags;
+}
+
+/**
+ * gnutls_certificate_set_verify_flags:
+ * @res: is a gnutls_certificate_credentials_t type
+ * @flags: are the flags
+ *
+ * This function will set the flags to be used for verification 
+ * of certificates and override any defaults.  The provided flags must be an OR of the
+ * #gnutls_certificate_verify_flags enumerations. 
+ *
+ **/
+void
+gnutls_certificate_set_verify_flags(gnutls_certificate_credentials_t
+				    res, unsigned int flags)
+{
+	res->verify_flags = flags;
+}
+
+/**
+ * gnutls_certificate_get_verify_flags:
+ * @res: is a gnutls_certificate_credentials_t type
+ *
+ * Returns the verification flags set with
+ * gnutls_certificate_set_verify_flags().
+ *
+ * Returns: The certificate verification flags used by @res.
+ *
+ * Since: 3.4.0
+ */
+unsigned int
+gnutls_certificate_get_verify_flags(gnutls_certificate_credentials_t res)
+{
+	return res->verify_flags;
+}
+
+/**
+ * gnutls_certificate_set_verify_limits:
+ * @res: is a gnutls_certificate_credentials type
+ * @max_bits: is the number of bits of an acceptable certificate (default 8200)
+ * @max_depth: is maximum depth of the verification of a certificate chain (default 5)
+ *
+ * This function will set some upper limits for the default
+ * verification function, gnutls_certificate_verify_peers2(), to avoid
+ * denial of service attacks.  You can set them to zero to disable
+ * limits.
+ **/
+void
+gnutls_certificate_set_verify_limits(gnutls_certificate_credentials_t res,
+				     unsigned int max_bits,
+				     unsigned int max_depth)
+{
+	res->verify_depth = max_depth;
+	res->verify_bits = max_bits;
+}
+
+#ifdef ENABLE_OCSP
+static int
+_gnutls_ocsp_verify_mandatory_stapling(gnutls_session_t session,
+				       gnutls_x509_crt_t cert,
+				       unsigned int * ocsp_status);
+
+/* If the certificate is revoked status will be GNUTLS_CERT_REVOKED.
+ * 
+ * Returns:
+ *  Zero on success, a negative error code otherwise.
+ */
+static int
+check_ocsp_response(gnutls_session_t session, gnutls_x509_crt_t cert,
+		    gnutls_x509_trust_list_t tl,
+		    unsigned verify_flags,
+		    gnutls_x509_crt_t *cand_issuers, unsigned cand_issuers_size,
+		    gnutls_datum_t * data, unsigned int *ostatus)
+{
+	gnutls_ocsp_resp_t resp;
+	int ret;
+	unsigned int status, cert_status;
+	time_t rtime, vtime, ntime, now;
+	int check_failed = 0;
+
+	now = gnutls_time(0);
+
+	ret = gnutls_ocsp_resp_init(&resp);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_ocsp_resp_import(resp, data);
+	if (ret < 0) {
+		_gnutls_audit_log(session,
+				  "There was an error parsing the OCSP response: %s.\n",
+				  gnutls_strerror(ret));
+		ret = gnutls_assert_val(0);
+		check_failed = 1;
+		*ostatus |= GNUTLS_CERT_INVALID;
+		*ostatus |= GNUTLS_CERT_INVALID_OCSP_STATUS;
+		goto cleanup;
+	}
+
+	if (gnutls_ocsp_resp_get_status(resp) != GNUTLS_OCSP_RESP_SUCCESSFUL) {
+		ret = _gnutls_ocsp_verify_mandatory_stapling(session, cert, ostatus);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		if (*ostatus & GNUTLS_CERT_MISSING_OCSP_STATUS) {
+			_gnutls_audit_log(session,
+					  "Missing basic OCSP response while required: %s.\n",
+					  gnutls_strerror(ret));
+			check_failed = 1;
+		}
+		ret = gnutls_assert_val(0);
+		goto cleanup;
+	}
+
+	ret = gnutls_ocsp_resp_check_crt(resp, 0, cert);
+	if (ret < 0) {
+		ret = gnutls_assert_val(0);
+		_gnutls_audit_log(session,
+				  "Got OCSP response with an unrelated certificate.\n");
+		check_failed = 1;
+		*ostatus |= GNUTLS_CERT_INVALID;
+		*ostatus |= GNUTLS_CERT_INVALID_OCSP_STATUS;
+		goto cleanup;
+	}
+
+	/* Attempt to verify against our trusted list */
+	ret = gnutls_ocsp_resp_verify(resp, tl, &status, verify_flags);
+	if ((ret < 0 || status != 0) && cand_issuers_size > 0) {
+		/* Attempt to verify against the certificate list provided by the server */
+
+		ret = gnutls_ocsp_resp_verify_direct(resp, cand_issuers[0], &status, verify_flags);
+		/* if verification fails attempt to find whether any of the other
+		 * bundled CAs is an issuer of the OCSP response */
+		if ((ret < 0 || status != 0) && cand_issuers_size > 1) {
+			int ret2;
+			unsigned status2, i;
+
+			for (i=1;i<cand_issuers_size;i++) {
+				ret2 = gnutls_ocsp_resp_verify_direct(resp, cand_issuers[i], &status2, verify_flags);
+				if (ret2 >= 0 && status2 == 0) {
+					status = status2;
+					ret = ret2;
+					break;
+				}
+			}
+		}
+	}
+
+	if (ret < 0) {
+		ret = gnutls_assert_val(0);
+		gnutls_assert();
+		check_failed = 1;
+		*ostatus |= GNUTLS_CERT_INVALID;
+		*ostatus |= GNUTLS_CERT_INVALID_OCSP_STATUS;
+		goto cleanup;
+	}
+
+	/* do not consider revocation data if response was not verified */
+	if (status != 0) {
+		char buf[MAX_OCSP_MSG_SIZE];
+
+		_gnutls_debug_log("OCSP rejection reason: %s\n",
+				  _gnutls_ocsp_verify_status_to_str(status, buf));
+
+		ret = gnutls_assert_val(0);
+		check_failed = 1;
+		*ostatus |= GNUTLS_CERT_INVALID;
+		*ostatus |= GNUTLS_CERT_INVALID_OCSP_STATUS;
+		goto cleanup;
+	}
+
+	ret = gnutls_ocsp_resp_get_single(resp, 0, NULL, NULL, NULL, NULL,
+					  &cert_status, &vtime, &ntime,
+					  &rtime, NULL);
+	if (ret < 0) {
+		_gnutls_audit_log(session,
+				  "There was an error parsing the OCSP response: %s.\n",
+				  gnutls_strerror(ret));
+		ret = gnutls_assert_val(0);
+		check_failed = 1;
+		*ostatus |= GNUTLS_CERT_INVALID;
+		*ostatus |= GNUTLS_CERT_INVALID_OCSP_STATUS;
+		goto cleanup;
+	}
+
+	if (cert_status == GNUTLS_OCSP_CERT_REVOKED) {
+		_gnutls_audit_log(session,
+				  "The certificate was revoked via OCSP\n");
+		check_failed = 1;
+		*ostatus |= GNUTLS_CERT_INVALID;
+		*ostatus |= GNUTLS_CERT_REVOKED;
+		ret = gnutls_assert_val(0);
+		goto cleanup;
+	}
+
+	/* Report but do not fail on the following errors. That is
+	 * because including the OCSP response in the handshake shouldn't 
+	 * cause more problems that not including it.
+	 */
+	if (ntime == -1) {
+		if (now - vtime > MAX_OCSP_VALIDITY_SECS) {
+			_gnutls_audit_log(session,
+					  "The OCSP response is old\n");
+			check_failed = 1;
+			*ostatus |= GNUTLS_CERT_INVALID;
+			*ostatus |= GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED;
+			goto cleanup;
+		}
+	} else {
+		/* there is a newer OCSP answer, don't trust this one */
+		if (ntime < now) {
+			_gnutls_audit_log(session,
+					  "There is a newer OCSP response but was not provided by the server\n");
+			check_failed = 1;
+			*ostatus |= GNUTLS_CERT_INVALID;
+			*ostatus |= GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED;
+			goto cleanup;
+		}
+	}
+
+	ret = 0;
+      cleanup:
+	if (check_failed == 0)
+		session->internals.ocsp_check_ok = 1;
+
+	gnutls_ocsp_resp_deinit(resp);
+
+	return ret;
+}
+
+static int
+_gnutls_ocsp_verify_mandatory_stapling(gnutls_session_t session,
+				       gnutls_x509_crt_t cert,
+				       unsigned int * ocsp_status)
+{
+	gnutls_x509_tlsfeatures_t tlsfeatures;
+	int i, ret;
+	unsigned feature;
+
+	/* RFC 7633: If cert has TLS feature GNUTLS_EXTENSION_STATUS_REQUEST, stapling is mandatory.
+	 *
+	 * At this point, we know that we did not get the certificate status.
+	 *
+	 * To proceed, first check whether we have requested the certificate status
+	 */
+	if (!(session->internals.hsk_flags & HSK_OCSP_REQUESTED))
+		return 0;
+
+	ret = gnutls_x509_tlsfeatures_init(&tlsfeatures);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* We have requested the status, now check whether the certificate mandates a response */
+	if (gnutls_x509_crt_get_tlsfeatures(cert, tlsfeatures, 0, NULL) == 0) {
+		for (i = 0;; ++i) {
+			ret = gnutls_x509_tlsfeatures_get(tlsfeatures, i, &feature);
+			if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+				break;
+			}
+
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			if (feature == 5 /* TLS ID for status request */) {
+				/* We sent a status request, the certificate mandates a reply, but we did not get any. */
+				*ocsp_status |= GNUTLS_CERT_INVALID;
+				*ocsp_status |= GNUTLS_CERT_MISSING_OCSP_STATUS;
+				break;
+			}
+		}
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_x509_tlsfeatures_deinit(tlsfeatures);
+	return ret;
+}
+#endif
+
+#define CLEAR_CERTS for(x=0;x<peer_certificate_list_size;x++) { \
+	if (peer_certificate_list[x]) \
+		gnutls_x509_crt_deinit(peer_certificate_list[x]); \
+	} \
+	gnutls_free( peer_certificate_list)
+
+/*-
+ * _gnutls_x509_cert_verify_peers - return the peer's certificate status
+ * @session: is a gnutls session
+ *
+ * This function will try to verify the peer's certificate and return its status (TRUSTED, REVOKED etc.).
+ * The return value (status) should be one of the gnutls_certificate_status_t enumerated elements.
+ * However you must also check the peer's name in order to check if the verified certificate belongs to the
+ * actual peer. Returns a negative error code in case of an error, or GNUTLS_E_NO_CERTIFICATE_FOUND if no certificate was sent.
+ -*/
+int
+_gnutls_x509_cert_verify_peers(gnutls_session_t session,
+			       gnutls_typed_vdata_st * data,
+			       unsigned int elements,
+			       unsigned int *status)
+{
+	cert_auth_info_t info;
+	gnutls_certificate_credentials_t cred;
+	gnutls_x509_crt_t *peer_certificate_list;
+	gnutls_datum_t resp;
+	int peer_certificate_list_size, i, x, ret;
+	gnutls_x509_crt_t *cand_issuers;
+	unsigned cand_issuers_size;
+	unsigned int ocsp_status = 0;
+	unsigned int verify_flags;
+
+	/* No OCSP check so far */
+	session->internals.ocsp_check_ok = 0;
+
+	CHECK_AUTH_TYPE(GNUTLS_CRD_CERTIFICATE, GNUTLS_E_INVALID_REQUEST);
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	if (info == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if (info->raw_certificate_list == NULL || info->ncerts == 0)
+		return GNUTLS_E_NO_CERTIFICATE_FOUND;
+
+	if (info->ncerts > cred->verify_depth && cred->verify_depth > 0) {
+		gnutls_assert();
+		return GNUTLS_E_CONSTRAINT_ERROR;
+	}
+
+	verify_flags =
+	    cred->verify_flags | session->internals.additional_verify_flags;
+	/* generate a list of gnutls_certs based on the auth info
+	 * raw certs.
+	 */
+	peer_certificate_list_size = info->ncerts;
+	peer_certificate_list =
+	    gnutls_calloc(peer_certificate_list_size,
+			  sizeof(gnutls_x509_crt_t));
+	if (peer_certificate_list == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	for (i = 0; i < peer_certificate_list_size; i++) {
+		ret = gnutls_x509_crt_init(&peer_certificate_list[i]);
+		if (ret < 0) {
+			gnutls_assert();
+			CLEAR_CERTS;
+			return ret;
+		}
+
+		ret =
+		    gnutls_x509_crt_import(peer_certificate_list[i],
+					   &info->raw_certificate_list[i],
+					   GNUTLS_X509_FMT_DER);
+		if (ret < 0) {
+			gnutls_assert();
+			CLEAR_CERTS;
+			return ret;
+		}
+	}
+
+	/* Use the OCSP extension if any */
+#ifdef ENABLE_OCSP
+	if (verify_flags & GNUTLS_VERIFY_DISABLE_CRL_CHECKS)
+		goto skip_ocsp;
+
+	for (i=0;i<peer_certificate_list_size;i++) {
+		ret = gnutls_ocsp_status_request_get2(session, i, &resp);
+		if (ret < 0) {
+			ret = _gnutls_ocsp_verify_mandatory_stapling(session, peer_certificate_list[i], &ocsp_status);
+			if (ret < 0) {
+				gnutls_assert();
+				CLEAR_CERTS;
+				return ret;
+			}
+
+			continue;
+		}
+
+		cand_issuers = NULL;
+		cand_issuers_size = 0;
+		if (peer_certificate_list_size > i+1) {
+			cand_issuers = &peer_certificate_list[i+1];
+			cand_issuers_size = peer_certificate_list_size-i-1;
+		}
+
+		ret =
+			check_ocsp_response(session,
+					    peer_certificate_list[i],
+					    cred->tlist,
+					    verify_flags, cand_issuers,
+					    cand_issuers_size,
+					    &resp, &ocsp_status);
+
+		if (ret < 0) {
+			CLEAR_CERTS;
+			return gnutls_assert_val(ret);
+		}
+	}
+#endif
+
+      skip_ocsp:
+	/* Verify certificate
+	 */
+	if (session->internals.cert_output_callback != NULL) {
+		_gnutls_debug_log("Print full certificate path validation to trust root.\n");
+	    ret =
+	        gnutls_x509_trust_list_verify_crt2(cred->tlist,
+					           peer_certificate_list,
+					           peer_certificate_list_size,
+					           data, elements,
+					           verify_flags, status,
+					           session->internals.cert_output_callback);
+	} else {
+	    ret =
+	        gnutls_x509_trust_list_verify_crt2(cred->tlist,
+					           peer_certificate_list,
+					           peer_certificate_list_size,
+					           data, elements,
+					           verify_flags, status, NULL);
+	}
+
+	if (ret < 0) {
+		gnutls_assert();
+		CLEAR_CERTS;
+		return ret;
+	}
+
+	CLEAR_CERTS;
+
+	*status |= ocsp_status;
+
+	return 0;
+}
+
+/**
+ * gnutls_certificate_verify_peers2:
+ * @session: is a gnutls session
+ * @status: is the output of the verification
+ *
+ * This function will verify the peer's certificate and store
+ * the status in the @status variable as a bitwise OR of gnutls_certificate_status_t
+ * values or zero if the certificate is trusted. Note that value in @status
+ * is set only when the return value of this function is success (i.e, failure 
+ * to trust a certificate does not imply a negative return value).
+ * The default verification flags used by this function can be overridden
+ * using gnutls_certificate_set_verify_flags().
+ *
+ * This function will take into account the stapled OCSP responses sent by the server,
+ * as well as the following X.509 certificate extensions: Name Constraints,
+ * Key Usage, and Basic Constraints (pathlen).
+ * 
+ * Note that you must also check the peer's name in order to check if
+ * the verified certificate belongs to the actual peer, see gnutls_x509_crt_check_hostname(),
+ * or use gnutls_certificate_verify_peers3().
+ *
+ * To avoid denial of service attacks some
+ * default upper limits regarding the certificate key size and chain
+ * size are set. To override them use gnutls_certificate_set_verify_limits().
+ *
+ * Note that when using raw public-keys verification will not work because there is
+ * no corresponding certificate body belonging to the raw key that can be verified. In that
+ * case this function will return %GNUTLS_E_INVALID_REQUEST.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) when the validation is performed, or a negative error code otherwise.
+ * A successful error code means that the @status parameter must be checked to obtain the validation status.
+ **/
+int
+gnutls_certificate_verify_peers2(gnutls_session_t session,
+				 unsigned int *status)
+{
+	return gnutls_certificate_verify_peers(session, NULL, 0, status);
+}
+
+/**
+ * gnutls_certificate_verify_peers3:
+ * @session: is a gnutls session
+ * @hostname: is the expected name of the peer; may be %NULL
+ * @status: is the output of the verification
+ *
+ * This function will verify the peer's certificate and store the
+ * the status in the @status variable as a bitwise OR of gnutls_certificate_status_t
+ * values or zero if the certificate is trusted. Note that value in @status
+ * is set only when the return value of this function is success (i.e, failure 
+ * to trust a certificate does not imply a negative return value).
+ * The default verification flags used by this function can be overridden
+ * using gnutls_certificate_set_verify_flags(). See the documentation
+ * of gnutls_certificate_verify_peers2() for details in the verification process.
+ *
+ * This function will take into account the stapled OCSP responses sent by the server,
+ * as well as the following X.509 certificate extensions: Name Constraints,
+ * Key Usage, and Basic Constraints (pathlen).
+ * 
+ * If the @hostname provided is non-NULL then this function will compare
+ * the hostname in the certificate against it. The comparison will follow
+ * the RFC6125 recommendations. If names do not match the
+ * %GNUTLS_CERT_UNEXPECTED_OWNER status flag will be set.
+ *
+ * In order to verify the purpose of the end-certificate (by checking the extended
+ * key usage), use gnutls_certificate_verify_peers().
+ *
+ * To avoid denial of service attacks some
+ * default upper limits regarding the certificate key size and chain
+ * size are set. To override them use gnutls_certificate_set_verify_limits().
+ *
+ * Note that when using raw public-keys verification will not work because there is
+ * no corresponding certificate body belonging to the raw key that can be verified. In that
+ * case this function will return %GNUTLS_E_INVALID_REQUEST.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) when the validation is performed, or a negative error code otherwise.
+ * A successful error code means that the @status parameter must be checked to obtain the validation status.
+ *
+ * Since: 3.1.4
+ **/
+int
+gnutls_certificate_verify_peers3(gnutls_session_t session,
+				 const char *hostname,
+				 unsigned int *status)
+{
+gnutls_typed_vdata_st data;
+
+	data.type = GNUTLS_DT_DNS_HOSTNAME;
+	data.size = 0;
+	data.data = (void*)hostname;
+
+	return gnutls_certificate_verify_peers(session, &data, 1, status);
+}
+
+/**
+ * gnutls_certificate_verify_peers:
+ * @session: is a gnutls session
+ * @data: an array of typed data
+ * @elements: the number of data elements
+ * @status: is the output of the verification
+ *
+ * This function will verify the peer's certificate and store the
+ * the status in the @status variable as a bitwise OR of gnutls_certificate_status_t
+ * values or zero if the certificate is trusted. Note that value in @status
+ * is set only when the return value of this function is success (i.e, failure 
+ * to trust a certificate does not imply a negative return value).
+ * The default verification flags used by this function can be overridden
+ * using gnutls_certificate_set_verify_flags(). See the documentation
+ * of gnutls_certificate_verify_peers2() for details in the verification process.
+ *
+ * This function will take into account the stapled OCSP responses sent by the server,
+ * as well as the following X.509 certificate extensions: Name Constraints,
+ * Key Usage, and Basic Constraints (pathlen).
+ * 
+ * The acceptable @data types are %GNUTLS_DT_DNS_HOSTNAME, %GNUTLS_DT_RFC822NAME and %GNUTLS_DT_KEY_PURPOSE_OID.
+ * The former two accept as data a null-terminated hostname or email address, and the latter a null-terminated
+ * object identifier (e.g., %GNUTLS_KP_TLS_WWW_SERVER).
+ *
+ * If a DNS hostname is provided then this function will compare
+ * the hostname in the certificate against the given. If names do not match the 
+ * %GNUTLS_CERT_UNEXPECTED_OWNER status flag will be set.
+ * If a key purpose OID is provided and the end-certificate contains the extended key
+ * usage PKIX extension, it will be required to be have the provided key purpose 
+ * or be marked for any purpose, otherwise verification status will have the
+ * %GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE flag set.
+ *
+ * To avoid denial of service attacks some
+ * default upper limits regarding the certificate key size and chain
+ * size are set. To override them use gnutls_certificate_set_verify_limits().
+ *
+ * Note that when using raw public-keys verification will not work because there is
+ * no corresponding certificate body belonging to the raw key that can be verified. In that
+ * case this function will return %GNUTLS_E_INVALID_REQUEST.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) when the validation is performed, or a negative error code otherwise.
+ * A successful error code means that the @status parameter must be checked to obtain the validation status.
+ *
+ * Since: 3.3.0
+ **/
+int
+gnutls_certificate_verify_peers(gnutls_session_t session,
+				gnutls_typed_vdata_st * data,
+				unsigned int elements,
+				unsigned int *status)
+{
+	cert_auth_info_t info;
+
+	CHECK_AUTH_TYPE(GNUTLS_CRD_CERTIFICATE, GNUTLS_E_INVALID_REQUEST);
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	if (info == NULL) {
+		return GNUTLS_E_NO_CERTIFICATE_FOUND;
+	}
+
+	if (info->raw_certificate_list == NULL || info->ncerts == 0)
+		return GNUTLS_E_NO_CERTIFICATE_FOUND;
+
+
+	switch (get_certificate_type(session, GNUTLS_CTYPE_PEERS)) {
+		case GNUTLS_CRT_X509:
+			return _gnutls_x509_cert_verify_peers(session, data, elements,
+										status);
+		default:
+			return GNUTLS_E_INVALID_REQUEST;
+	}
+}
+
+/*-
+ * _gnutls_x509_extract_certificate_activation_time - return the peer's certificate activation time
+ * @cert: should contain an X.509 DER encoded certificate
+ *
+ * This function will return the certificate's activation time in UNIX time
+ * (ie seconds since 00:00:00 UTC January 1, 1970).
+ *
+ * Returns a (time_t) -1 in case of an error.
+ *
+ -*/
+static time_t
+_gnutls_x509_get_raw_crt_activation_time(const gnutls_datum_t * cert)
+{
+	gnutls_x509_crt_t xcert;
+	time_t result;
+
+	result = gnutls_x509_crt_init(&xcert);
+	if (result < 0)
+		return (time_t) - 1;
+
+	result = gnutls_x509_crt_import(xcert, cert, GNUTLS_X509_FMT_DER);
+	if (result < 0) {
+		gnutls_x509_crt_deinit(xcert);
+		return (time_t) - 1;
+	}
+
+	result = gnutls_x509_crt_get_activation_time(xcert);
+
+	gnutls_x509_crt_deinit(xcert);
+
+	return result;
+}
+
+/*-
+ * gnutls_x509_extract_certificate_expiration_time:
+ * @cert: should contain an X.509 DER encoded certificate
+ *
+ * This function will return the certificate's expiration time in UNIX
+ * time (ie seconds since 00:00:00 UTC January 1, 1970).  Returns a
+ *
+ * (time_t) -1 in case of an error.
+ *
+ -*/
+static time_t
+_gnutls_x509_get_raw_crt_expiration_time(const gnutls_datum_t * cert)
+{
+	gnutls_x509_crt_t xcert;
+	time_t result;
+
+	result = gnutls_x509_crt_init(&xcert);
+	if (result < 0)
+		return (time_t) - 1;
+
+	result = gnutls_x509_crt_import(xcert, cert, GNUTLS_X509_FMT_DER);
+	if (result < 0) {
+		gnutls_x509_crt_deinit(xcert);
+		return (time_t) - 1;
+	}
+
+	result = gnutls_x509_crt_get_expiration_time(xcert);
+
+	gnutls_x509_crt_deinit(xcert);
+
+	return result;
+}
+
+/**
+ * gnutls_certificate_expiration_time_peers:
+ * @session: is a gnutls session
+ *
+ * This function will return the peer's certificate expiration time.
+ *
+ * Returns: (time_t)-1 on error.
+ *
+ * Deprecated: gnutls_certificate_verify_peers2() now verifies expiration times.
+ **/
+time_t gnutls_certificate_expiration_time_peers(gnutls_session_t session)
+{
+	cert_auth_info_t info;
+
+	CHECK_AUTH_TYPE(GNUTLS_CRD_CERTIFICATE, GNUTLS_E_INVALID_REQUEST);
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	if (info == NULL) {
+		return (time_t) - 1;
+	}
+
+	if (info->raw_certificate_list == NULL || info->ncerts == 0) {
+		gnutls_assert();
+		return (time_t) - 1;
+	}
+
+	switch (get_certificate_type(session, GNUTLS_CTYPE_PEERS)) {
+		case GNUTLS_CRT_X509:
+			return
+					_gnutls_x509_get_raw_crt_expiration_time(&info->
+										 raw_certificate_list[0]);
+		default:
+			return (time_t) - 1;
+	}
+}
+
+/**
+ * gnutls_certificate_activation_time_peers:
+ * @session: is a gnutls session
+ *
+ * This function will return the peer's certificate activation time.
+ *
+ * Returns: (time_t)-1 on error.
+ *
+ * Deprecated: gnutls_certificate_verify_peers2() now verifies activation times.
+ **/
+time_t gnutls_certificate_activation_time_peers(gnutls_session_t session)
+{
+	cert_auth_info_t info;
+
+	CHECK_AUTH_TYPE(GNUTLS_CRD_CERTIFICATE, GNUTLS_E_INVALID_REQUEST);
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	if (info == NULL) {
+		return (time_t) - 1;
+	}
+
+	if (info->raw_certificate_list == NULL || info->ncerts == 0) {
+		gnutls_assert();
+		return (time_t) - 1;
+	}
+
+	switch (get_certificate_type(session, GNUTLS_CTYPE_PEERS)) {
+		case GNUTLS_CRT_X509:
+			return
+					_gnutls_x509_get_raw_crt_activation_time(&info->
+										 raw_certificate_list[0]);
+		default:
+			return (time_t) - 1;
+	}
+}
diff --git a/lib/cipher-cbc.c b/lib/cipher-cbc.c
new file mode 100644
index 0000000..178fc2e
--- /dev/null
+++ b/lib/cipher-cbc.c
@@ -0,0 +1,163 @@
+/*
+ * Copyright (C) 2000-2013 Free Software Foundation, Inc.
+ * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ * Copyright (C) 2017-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "cipher.h"
+
+static void dummy_wait(record_parameters_st *params,
+		       const uint8_t *data, size_t data_size,
+		       unsigned int mac_data, unsigned int max_mac_data)
+{
+	/* this hack is only needed on CBC ciphers when Encrypt-then-MAC mode
+	 * is not supported by the peer. */
+	unsigned v;
+	unsigned int tag_size =
+	    _gnutls_auth_cipher_tag_len(&params->read.ctx.tls12);
+	unsigned hash_block = _gnutls_mac_block_size(params->mac);
+
+	/* force additional hash compression function evaluations to prevent timing
+	 * attacks that distinguish between wrong-mac + correct pad, from wrong-mac + incorrect pad.
+	 */
+
+	if (params->mac && params->mac->id == GNUTLS_MAC_SHA384)
+		/* v = 1 for the hash function padding + 16 for message length */
+		v = 17;
+	else /* v = 1 for the hash function padding + 8 for message length */
+		v = 9;
+
+	if (hash_block > 0) {
+		int max_blocks = (max_mac_data+v+hash_block-1)/hash_block;
+		int hashed_blocks = (mac_data+v+hash_block-1)/hash_block;
+		unsigned to_hash;
+
+		max_blocks -= hashed_blocks;
+		if (max_blocks < 1)
+			return;
+
+		to_hash = max_blocks * hash_block;
+		if ((unsigned)to_hash+1+tag_size < data_size) {
+			_gnutls_auth_cipher_add_auth
+				    (&params->read.ctx.tls12,
+				     data+data_size-tag_size-to_hash-1,
+				     to_hash);
+		}
+	}
+}
+
+/* Verifies the CBC HMAC. That's a special case as it tries to avoid
+ * any leaks which could make CBC ciphersuites without EtM usable as an
+ * oracle to attacks.
+ */
+int cbc_mac_verify(gnutls_session_t session, record_parameters_st *params,
+		   uint8_t preamble[MAX_PREAMBLE_SIZE],
+		   content_type_t type,
+		   uint64_t sequence,
+		   const uint8_t *data, size_t data_size,
+		   size_t tag_size)
+{
+	int ret;
+	const version_entry_st *ver = get_version(session);
+	unsigned int tmp_pad_failed = 0;
+	unsigned int pad_failed = 0;
+	unsigned int pad, i, length;
+	const uint8_t *tag_ptr = NULL;
+	unsigned preamble_size;
+	uint8_t tag[MAX_HASH_SIZE];
+#ifdef ENABLE_SSL3
+	unsigned blocksize = _gnutls_cipher_get_block_size(params->cipher);
+#endif
+
+	pad = data[data_size - 1];	/* pad */
+
+	/* Check the padding bytes (TLS 1.x).
+	 * Note that we access all 256 bytes of ciphertext for padding check
+	 * because there is a timing channel in that memory access (in certain CPUs).
+	 */
+#ifdef ENABLE_SSL3
+	if (ver->id == GNUTLS_SSL3) {
+		if (pad >= blocksize)
+			pad_failed = 1;
+	} else
+#endif
+	{
+		for (i = 2; i <= MIN(256, data_size); i++) {
+			tmp_pad_failed |=
+			    (data[data_size - i] != pad);
+			pad_failed |=
+			    ((i <= (1 + pad)) & (tmp_pad_failed));
+		}
+	}
+
+	if (unlikely
+	    (pad_failed != 0
+	     || (1 + pad > ((int) data_size - tag_size)))) {
+		/* We do not fail here. We check below for the
+		 * the pad_failed. If zero means success.
+		 */
+		pad_failed = 1;
+		pad = 0;
+	}
+
+	length = data_size - tag_size - pad - 1;
+	tag_ptr = &data[length];
+
+	/* Pass the type, version, length and plain through
+	 * MAC.
+	 */
+	preamble_size =
+	    _gnutls_make_preamble(sequence, type,
+				  length, ver, preamble);
+
+	ret =
+	    _gnutls_auth_cipher_add_auth(&params->read.
+					 ctx.tls12, preamble,
+					 preamble_size);
+	if (unlikely(ret < 0))
+		return gnutls_assert_val(ret);
+
+	ret =
+	    _gnutls_auth_cipher_add_auth(&params->read.
+					 ctx.tls12,
+					 data, length);
+	if (unlikely(ret < 0))
+		return gnutls_assert_val(ret);
+
+	ret =
+	    _gnutls_auth_cipher_tag(&params->read.ctx.tls12, tag,
+				    tag_size);
+	if (unlikely(ret < 0))
+		return gnutls_assert_val(ret);
+
+	if (unlikely
+	    (gnutls_memcmp(tag, tag_ptr, tag_size) != 0 || pad_failed != 0)) {
+		/* HMAC was not the same. */
+		dummy_wait(params, data, data_size,
+			   length + preamble_size,
+			   preamble_size + data_size - tag_size - 1);
+
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+	}
+
+	return length;
+}
diff --git a/lib/cipher.c b/lib/cipher.c
new file mode 100644
index 0000000..28eafbe
--- /dev/null
+++ b/lib/cipher.c
@@ -0,0 +1,912 @@
+/*
+ * Copyright (C) 2000-2013 Free Software Foundation, Inc.
+ * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ * Copyright (C) 2017-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Some high level functions to be used in the record encryption are
+ * included here.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "cipher.h"
+#include "algorithms.h"
+#include "hash_int.h"
+#include "cipher_int.h"
+#include "debug.h"
+#include "num.h"
+#include "datum.h"
+#include "kx.h"
+#include "record.h"
+#include "constate.h"
+#include "mbuffers.h"
+#include <state.h>
+#include <random.h>
+
+#include <nettle/memxor.h>
+
+static int encrypt_packet(gnutls_session_t session,
+			    uint8_t * cipher_data, int cipher_size,
+			    gnutls_datum_t * plain,
+			    size_t min_pad,
+			    content_type_t _type,
+			    record_parameters_st * params);
+
+static int decrypt_packet(gnutls_session_t session,
+			    gnutls_datum_t * ciphertext,
+			    gnutls_datum_t * plain,
+			    content_type_t type,
+			    record_parameters_st * params,
+			    uint64_t sequence);
+
+static int
+decrypt_packet_tls13(gnutls_session_t session,
+		     gnutls_datum_t * ciphertext,
+		     gnutls_datum_t * plain,
+		     content_type_t *type, record_parameters_st * params,
+		     uint64_t sequence);
+
+static int
+encrypt_packet_tls13(gnutls_session_t session,
+		     uint8_t *cipher_data, size_t cipher_size,
+		     gnutls_datum_t *plain,
+		     size_t pad_size,
+		     uint8_t type,
+		     record_parameters_st *params);
+
+/* returns ciphertext which contains the headers too. This also
+ * calculates the size in the header field.
+ *
+ */
+int
+_gnutls_encrypt(gnutls_session_t session,
+		const uint8_t *data, size_t data_size,
+		size_t min_pad,
+		mbuffer_st *bufel,
+		content_type_t type, record_parameters_st *params)
+{
+	gnutls_datum_t plaintext;
+	const version_entry_st *vers =
+		(session->internals.hsk_flags & HSK_EARLY_DATA_IN_FLIGHT) &&
+		!IS_SERVER(session) ?
+		session->internals.resumed_security_parameters.pversion :
+		get_version(session);
+	int ret;
+
+	plaintext.data = (uint8_t *) data;
+	plaintext.size = data_size;
+
+	if (vers && vers->tls13_sem) {
+		/* it fills the header, as it is included in the authenticated
+		 * data of the AEAD cipher. */
+		ret =
+		    encrypt_packet_tls13(session,
+					 _mbuffer_get_udata_ptr(bufel),
+					 _mbuffer_get_udata_size(bufel),
+					 &plaintext, min_pad, type,
+					 params);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	} else {
+		ret =
+		    encrypt_packet(session,
+				   _mbuffer_get_udata_ptr(bufel),
+				   _mbuffer_get_udata_size
+				   (bufel), &plaintext, min_pad, type,
+				   params);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+	}
+
+	if (IS_DTLS(session))
+		_gnutls_write_uint16(ret,
+				     ((uint8_t *)
+				      _mbuffer_get_uhead_ptr(bufel)) + 11);
+	else
+		_gnutls_write_uint16(ret,
+				     ((uint8_t *)
+				      _mbuffer_get_uhead_ptr(bufel)) + 3);
+
+	_mbuffer_set_udata_size(bufel, ret);
+	_mbuffer_set_uhead_size(bufel, 0);
+
+	return _mbuffer_get_udata_size(bufel);
+}
+
+/* Decrypts the given data.
+ * Returns the decrypted data length.
+ *
+ * The output is preallocated with the maximum allowed data size.
+ */
+int
+_gnutls_decrypt(gnutls_session_t session,
+		gnutls_datum_t *ciphertext,
+		gnutls_datum_t *output,
+		content_type_t *type,
+		record_parameters_st *params,
+		uint64_t sequence)
+{
+	int ret;
+	const version_entry_st *vers = get_version(session);
+
+	if (ciphertext->size == 0)
+		return 0;
+
+	if (vers && vers->tls13_sem)
+		ret =
+		    decrypt_packet_tls13(session, ciphertext,
+					 output, type, params,
+					 sequence);
+	else
+		ret =
+		    decrypt_packet(session, ciphertext,
+				   output, *type, params,
+				   sequence);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return ret;
+}
+
+
+inline static int
+calc_enc_length_block(gnutls_session_t session,
+		      const version_entry_st * ver,
+		      int data_size,
+		      int hash_size, uint8_t * pad,
+		      unsigned auth_cipher,
+		      uint16_t blocksize,
+		      unsigned etm)
+{
+	/* pad is the LH pad the user wants us to add. Besides
+	 * this LH pad, we only add minimal padding
+	 */
+	unsigned int pre_length = data_size + *pad;
+	unsigned int length, new_pad;
+
+	if (etm == 0)
+		pre_length += hash_size;
+
+	new_pad = (uint8_t) (blocksize - (pre_length % blocksize)) + *pad;
+
+	if (new_pad > 255)
+		new_pad -= blocksize;
+	*pad = new_pad;
+
+	length = data_size + hash_size + *pad;
+
+	if (_gnutls_version_has_explicit_iv(ver))
+		length += blocksize;	/* for the IV */
+
+	return length;
+}
+
+inline static int
+calc_enc_length_stream(gnutls_session_t session, int data_size,
+		       int hash_size, unsigned auth_cipher,
+		       unsigned exp_iv_size)
+{
+	unsigned int length;
+
+	length = data_size + hash_size;
+	if (auth_cipher)
+		length += exp_iv_size;
+
+	return length;
+}
+
+/* generates the authentication data (data to be hashed only
+ * and are not to be sent). Returns their size.
+ */
+int
+_gnutls_make_preamble(uint64_t uint64_data, uint8_t type, unsigned int length,
+		      const version_entry_st * ver, uint8_t preamble[MAX_PREAMBLE_SIZE])
+{
+	uint8_t *p = preamble;
+	uint16_t c_length;
+
+	c_length = _gnutls_conv_uint16(length);
+
+	_gnutls_write_uint64(uint64_data, p);
+	p += 8;
+	*p = type;
+	p++;
+#ifdef ENABLE_SSL3
+	if (ver->id != GNUTLS_SSL3)
+#endif
+	{	/* TLS protocols */
+		*p = ver->major;
+		p++;
+		*p = ver->minor;
+		p++;
+	}
+	memcpy(p, &c_length, 2);
+	p += 2;
+	return p - preamble;
+}
+
+/* This is the actual encryption
+ * Encrypts the given plaintext datum, and puts the result to cipher_data,
+ * which has cipher_size size.
+ * return the actual encrypted data length.
+ */
+static int
+encrypt_packet(gnutls_session_t session,
+			 uint8_t * cipher_data, int cipher_size,
+			 gnutls_datum_t * plain,
+			 size_t min_pad,
+			 content_type_t type,
+			 record_parameters_st * params)
+{
+	uint8_t pad;
+	int length, ret;
+	uint8_t preamble[MAX_PREAMBLE_SIZE];
+	int preamble_size;
+	int tag_size =
+	    _gnutls_auth_cipher_tag_len(&params->write.ctx.tls12);
+	int blocksize = _gnutls_cipher_get_block_size(params->cipher);
+	unsigned algo_type = _gnutls_cipher_type(params->cipher);
+	uint8_t *data_ptr, *full_cipher_ptr;
+	const version_entry_st *ver = get_version(session);
+	int explicit_iv = _gnutls_version_has_explicit_iv(ver);
+	int auth_cipher =
+	    _gnutls_auth_cipher_is_aead(&params->write.ctx.tls12);
+	uint8_t nonce[MAX_CIPHER_IV_SIZE];
+	unsigned imp_iv_size = 0, exp_iv_size = 0;
+	bool etm = 0;
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (algo_type == CIPHER_BLOCK && params->etm != 0)
+		etm = 1;
+
+	_gnutls_hard_log("ENC[%p]: cipher: %s, MAC: %s, Epoch: %u\n",
+			 session, _gnutls_cipher_get_name(params->cipher),
+			 _gnutls_mac_get_name(params->mac),
+			 (unsigned int) params->epoch);
+
+	/* Calculate the encrypted length (padding etc.)
+	 */
+	if (algo_type == CIPHER_BLOCK) {
+		/* Call gnutls_rnd() once. Get data used for the IV
+		 */
+		ret = gnutls_rnd(GNUTLS_RND_NONCE, nonce, blocksize);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		pad = min_pad;
+
+		length =
+		    calc_enc_length_block(session, ver, plain->size,
+					  tag_size, &pad, auth_cipher,
+					  blocksize, etm);
+	} else { /* AEAD + STREAM */
+		imp_iv_size = _gnutls_cipher_get_implicit_iv_size(params->cipher);
+		exp_iv_size = _gnutls_cipher_get_explicit_iv_size(params->cipher);
+
+		pad = 0;
+		length =
+		    calc_enc_length_stream(session, plain->size,
+					   tag_size, auth_cipher,
+					   exp_iv_size);
+	}
+
+	if (length < 0)
+		return gnutls_assert_val(length);
+
+	/* copy the encrypted data to cipher_data.
+	 */
+	if (cipher_size < length)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	data_ptr = cipher_data;
+	full_cipher_ptr = data_ptr;
+
+	if (algo_type == CIPHER_BLOCK || algo_type == CIPHER_STREAM) {
+		if (algo_type == CIPHER_BLOCK && explicit_iv != 0) {
+			/* copy the random IV.
+			 */
+			memcpy(data_ptr, nonce, blocksize);
+			ret = _gnutls_auth_cipher_setiv(&params->write.
+						  ctx.tls12, data_ptr,
+						  blocksize);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			/*data_ptr += blocksize;*/
+			cipher_data += blocksize;
+		}
+	} else { /* AEAD */
+		if ((params->cipher->flags & GNUTLS_CIPHER_FLAG_XOR_NONCE) == 0) {
+			/* Values in AEAD are pretty fixed in TLS 1.2 for 128-bit block
+			 */
+			 if (params->write.iv_size != imp_iv_size)
+				return
+				    gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			/* Instead of generating a new nonce on every packet, we use the
+			 * write.sequence_number (It is a MAY on RFC 5288), and safer
+			 * as it will never reuse a value.
+			 */
+			memcpy(nonce, params->write.iv,
+			       params->write.iv_size);
+			_gnutls_write_uint64(params->write.sequence_number, &nonce[imp_iv_size]);
+
+			memcpy(data_ptr, &nonce[imp_iv_size],
+			       exp_iv_size);
+
+			/*data_ptr += exp_iv_size;*/
+			cipher_data += exp_iv_size;
+		} else { /* XOR nonce with IV */
+			if (unlikely(params->write.iv_size != 12 || imp_iv_size != 12 || exp_iv_size != 0))
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			memset(nonce, 0, 4);
+			_gnutls_write_uint64(params->write.sequence_number, &nonce[4]);
+
+			memxor(nonce, params->write.iv, 12);
+		}
+	}
+
+	if (etm)
+		ret = length-tag_size;
+	else
+		ret = plain->size;
+
+	preamble_size =
+	    _gnutls_make_preamble(params->write.sequence_number,
+				  type, ret, ver, preamble);
+
+	if (algo_type == CIPHER_BLOCK || algo_type == CIPHER_STREAM) {
+		/* add the authenticated data */
+		ret =
+		    _gnutls_auth_cipher_add_auth(&params->write.ctx.tls12,
+					 preamble, preamble_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		if (etm && explicit_iv) {
+			/* In EtM we need to hash the IV as well */
+			ret =
+			    _gnutls_auth_cipher_add_auth(&params->write.ctx.tls12,
+						 full_cipher_ptr, blocksize);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+
+		/* Actual encryption.
+		 */
+		ret =
+		    _gnutls_auth_cipher_encrypt2_tag(&params->write.ctx.tls12,
+						     plain->data,
+						     plain->size, cipher_data,
+						     cipher_size, pad);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	} else { /* AEAD */
+		ret = _gnutls_aead_cipher_encrypt(&params->write.ctx.tls12.cipher,
+						  nonce, imp_iv_size + exp_iv_size,
+						  preamble, preamble_size,
+						  tag_size,
+						  plain->data, plain->size,
+						  cipher_data, cipher_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	return length;
+}
+
+static int
+encrypt_packet_tls13(gnutls_session_t session,
+		     uint8_t *cipher_data, size_t cipher_size,
+		     gnutls_datum_t *plain,
+		     size_t pad_size,
+		     uint8_t type,
+		     record_parameters_st *params)
+{
+	int ret;
+	unsigned int tag_size = params->write.aead_tag_size;
+	const version_entry_st *ver = get_version(session);
+	uint8_t nonce[MAX_CIPHER_IV_SIZE];
+	unsigned iv_size = 0;
+	ssize_t max, total;
+	uint8_t aad[5];
+	giovec_t auth_iov[1];
+	giovec_t iov[2];
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	_gnutls_hard_log("ENC[%p]: cipher: %s, MAC: %s, Epoch: %u\n",
+			 session, _gnutls_cipher_get_name(params->cipher),
+			 _gnutls_mac_get_name(params->mac),
+			 (unsigned int) params->epoch);
+
+	iv_size = params->write.iv_size;
+
+	if (params->cipher->id == GNUTLS_CIPHER_NULL) {
+		if (cipher_size < plain->size+1)
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		memcpy(cipher_data, plain->data, plain->size);
+		return plain->size;
+	}
+
+	if (unlikely(iv_size < 8))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	memset(nonce, 0, iv_size - 8);
+	_gnutls_write_uint64(params->write.sequence_number, &nonce[iv_size-8]);
+	memxor(nonce, params->write.iv, iv_size);
+
+	max = MAX_RECORD_SEND_SIZE(session);
+
+	/* make TLS 1.3 form of data */
+	total = plain->size + 1 + pad_size;
+
+	/* check whether padding would exceed max */
+	if (total > max) {
+		if (unlikely(max < (ssize_t)plain->size+1))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		pad_size = max - plain->size - 1;
+		total = max;
+	}
+
+	/* create authenticated data header */
+	aad[0] = GNUTLS_APPLICATION_DATA;
+	aad[1] = 0x03;
+	aad[2] = 0x03;
+	_gnutls_write_uint16(total+tag_size, &aad[3]);
+
+	auth_iov[0].iov_base = aad;
+	auth_iov[0].iov_len = sizeof(aad);
+
+	iov[0].iov_base = plain->data;
+	iov[0].iov_len = plain->size;
+
+	if (pad_size || (session->internals.flags & GNUTLS_SAFE_PADDING_CHECK)) {
+		uint8_t *pad = gnutls_calloc(1, 1+pad_size);
+		if (pad == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		pad[0] = type;
+
+		iov[1].iov_base = pad;
+		iov[1].iov_len = 1+pad_size;
+
+		ret = gnutls_aead_cipher_encryptv(&params->write.ctx.aead,
+						  nonce, iv_size,
+						  auth_iov, 1,
+						  tag_size,
+						  iov, 2,
+						  cipher_data, &cipher_size);
+		gnutls_free(pad);
+	} else {
+		iov[1].iov_base = &type;
+		iov[1].iov_len = 1;
+
+		ret = gnutls_aead_cipher_encryptv(&params->write.ctx.aead,
+						  nonce, iv_size,
+						  auth_iov, 1,
+						  tag_size,
+						  iov, 2,
+						  cipher_data, &cipher_size);
+	}
+
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return cipher_size;
+}
+
+
+/* Deciphers the ciphertext packet, and puts the result to plain.
+ * Returns the actual plaintext packet size.
+ */
+static int
+decrypt_packet(gnutls_session_t session,
+		gnutls_datum_t * ciphertext,
+		gnutls_datum_t * plain,
+		content_type_t type, record_parameters_st * params,
+		uint64_t sequence)
+{
+	uint8_t tag[MAX_HASH_SIZE];
+	uint8_t nonce[MAX_CIPHER_IV_SIZE];
+	const uint8_t *tag_ptr = NULL;
+	unsigned int pad = 0;
+	int length, length_to_decrypt;
+	uint16_t blocksize;
+	int ret;
+	uint8_t preamble[MAX_PREAMBLE_SIZE];
+	unsigned int preamble_size = 0;
+	const version_entry_st *ver = get_version(session);
+	unsigned int tag_size =
+	    _gnutls_auth_cipher_tag_len(&params->read.ctx.tls12);
+	unsigned int explicit_iv = _gnutls_version_has_explicit_iv(ver);
+	unsigned imp_iv_size, exp_iv_size;
+	unsigned cipher_type = _gnutls_cipher_type(params->cipher);
+	bool etm = 0;
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	imp_iv_size = _gnutls_cipher_get_implicit_iv_size(params->cipher);
+	exp_iv_size = _gnutls_cipher_get_explicit_iv_size(params->cipher);
+	blocksize = _gnutls_cipher_get_block_size(params->cipher);
+
+	if (params->etm !=0 && cipher_type == CIPHER_BLOCK)
+		etm = 1;
+
+	/* if EtM mode and not AEAD */
+	if (etm) {
+		if (unlikely(ciphertext->size < tag_size))
+			return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+		preamble_size = _gnutls_make_preamble(sequence,
+						      type, ciphertext->size-tag_size,
+						      ver, preamble);
+
+		ret = _gnutls_auth_cipher_add_auth(&params->read.
+						   ctx.tls12, preamble,
+						   preamble_size);
+		if (unlikely(ret < 0))
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_auth_cipher_add_auth(&params->read.
+						   ctx.tls12,
+						   ciphertext->data,
+						   ciphertext->size-tag_size);
+		if (unlikely(ret < 0))
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_auth_cipher_tag(&params->read.ctx.tls12, tag, tag_size);
+		if (unlikely(ret < 0))
+			return gnutls_assert_val(ret);
+
+		if (unlikely(gnutls_memcmp(tag, &ciphertext->data[ciphertext->size-tag_size], tag_size) != 0)) {
+			/* HMAC was not the same. */
+			return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+		}
+	}
+
+	/* actual decryption (inplace)
+	 */
+	switch (cipher_type) {
+	case CIPHER_AEAD:
+		/* The way AEAD ciphers are defined in RFC5246, it allows
+		 * only stream ciphers.
+		 */
+		if (unlikely(_gnutls_auth_cipher_is_aead(&params->read.
+						   ctx.tls12) == 0))
+			return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+
+		if (unlikely(ciphertext->size < (tag_size + exp_iv_size)))
+			return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+		if ((params->cipher->flags & GNUTLS_CIPHER_FLAG_XOR_NONCE) == 0) {
+			/* Values in AEAD are pretty fixed in TLS 1.2 for 128-bit block
+			 */
+			 if (unlikely(params->read.iv_size != 4))
+				return
+				    gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+			memcpy(nonce, params->read.iv,
+			       imp_iv_size);
+
+			memcpy(&nonce[imp_iv_size],
+			       ciphertext->data, exp_iv_size);
+
+			ciphertext->data += exp_iv_size;
+			ciphertext->size -= exp_iv_size;
+		} else { /* XOR nonce with IV */
+			if (unlikely(params->read.iv_size != 12 || imp_iv_size != 12 || exp_iv_size != 0))
+				return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+			memset(nonce, 0, 4);
+			_gnutls_write_uint64(sequence, &nonce[4]);
+
+			memxor(nonce, params->read.iv, 12);
+		}
+
+		length =
+		    ciphertext->size - tag_size;
+
+		length_to_decrypt = ciphertext->size;
+
+		/* Pass the type, version, length and plain through
+		 * MAC.
+		 */
+		preamble_size =
+		    _gnutls_make_preamble(sequence, type,
+					  length, ver, preamble);
+
+
+		if (unlikely
+		    ((unsigned) length_to_decrypt > plain->size)) {
+			_gnutls_audit_log(session,
+					  "Received %u bytes, while expecting less than %u\n",
+					  (unsigned int) length_to_decrypt,
+					  (unsigned int) plain->size);
+			return
+			    gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+		}
+
+		ret = _gnutls_aead_cipher_decrypt(&params->read.ctx.tls12.cipher,
+						  nonce, exp_iv_size + imp_iv_size,
+						  preamble, preamble_size,
+						  tag_size,
+						  ciphertext->data, length_to_decrypt,
+						  plain->data, plain->size);
+		if (unlikely(ret < 0))
+			return gnutls_assert_val(ret);
+
+		return length;
+
+		break;
+	case CIPHER_STREAM:
+		if (unlikely(ciphertext->size < tag_size))
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+		length_to_decrypt = ciphertext->size;
+		length = ciphertext->size - tag_size;
+		tag_ptr = plain->data + length;
+
+		/* Pass the type, version, length and plain through
+		 * MAC.
+		 */
+		preamble_size =
+		    _gnutls_make_preamble(sequence, type,
+					  length, ver, preamble);
+
+		ret =
+		    _gnutls_auth_cipher_add_auth(&params->read.
+						 ctx.tls12, preamble,
+						 preamble_size);
+		if (unlikely(ret < 0))
+			return gnutls_assert_val(ret);
+
+		if (unlikely
+		    ((unsigned) length_to_decrypt > plain->size)) {
+			_gnutls_audit_log(session,
+					  "Received %u bytes, while expecting less than %u\n",
+					  (unsigned int) length_to_decrypt,
+					  (unsigned int) plain->size);
+			return
+			    gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+		}
+
+		ret =
+		    _gnutls_auth_cipher_decrypt2(&params->read.
+						 ctx.tls12,
+						 ciphertext->data,
+						 length_to_decrypt,
+						 plain->data,
+						 plain->size);
+
+		if (unlikely(ret < 0))
+			return gnutls_assert_val(ret);
+
+		ret =
+		    _gnutls_auth_cipher_tag(&params->read.ctx.tls12, tag,
+					    tag_size);
+		if (unlikely(ret < 0))
+			return gnutls_assert_val(ret);
+
+		if (unlikely
+		    (gnutls_memcmp(tag, tag_ptr, tag_size) != 0)) {
+			return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+		}
+
+		break;
+	case CIPHER_BLOCK:
+		if (unlikely(ciphertext->size < blocksize))
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+		if (etm == 0) {
+			if (unlikely(ciphertext->size % blocksize != 0))
+				return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+		} else {
+			if (unlikely((ciphertext->size - tag_size) % blocksize != 0))
+				return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+		}
+
+		/* ignore the IV in TLS 1.1+
+		 */
+		if (explicit_iv) {
+			ret = _gnutls_auth_cipher_setiv(&params->read.
+						  ctx.tls12,
+						  ciphertext->data,
+						  blocksize);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			memcpy(nonce, ciphertext->data, blocksize);
+			ciphertext->size -= blocksize;
+			ciphertext->data += blocksize;
+		}
+
+		if (unlikely(ciphertext->size < tag_size + 1))
+			return
+			    gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+		/* we don't use the auth_cipher interface here, since
+		 * TLS with block ciphers is impossible to be used under such
+		 * an API. (the length of plaintext is required to calculate
+		 * auth_data, but it is not available before decryption).
+		 */
+		if (unlikely(ciphertext->size > plain->size))
+			return
+			    gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+		if (etm == 0) {
+			ret =
+			    _gnutls_cipher_decrypt2(&params->read.ctx.tls12.
+						    cipher, ciphertext->data,
+						    ciphertext->size,
+						    plain->data,
+						    plain->size);
+			if (unlikely(ret < 0))
+				return gnutls_assert_val(ret);
+
+			ret = cbc_mac_verify(session, params, preamble, type,
+					     sequence, plain->data, ciphertext->size,
+					     tag_size);
+			if (unlikely(ret < 0))
+				return gnutls_assert_val(ret);
+
+			length = ret;
+		} else { /* EtM */
+			ret =
+			    _gnutls_cipher_decrypt2(&params->read.ctx.tls12.
+						    cipher, ciphertext->data,
+						    ciphertext->size - tag_size,
+						    plain->data,
+						    plain->size);
+			if (unlikely(ret < 0))
+				return gnutls_assert_val(ret);
+
+			pad = plain->data[ciphertext->size - tag_size - 1]; /* pad */
+			length = ciphertext->size - tag_size - pad - 1;
+
+			if (unlikely(length < 0))
+				return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+		}
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+	}
+
+
+	return length;
+}
+
+static int
+decrypt_packet_tls13(gnutls_session_t session,
+		     gnutls_datum_t *ciphertext,
+		     gnutls_datum_t *plain,
+		     content_type_t *type, record_parameters_st *params,
+		     uint64_t sequence)
+{
+	uint8_t nonce[MAX_CIPHER_IV_SIZE];
+	size_t length, length_to_decrypt;
+	int ret;
+	const version_entry_st *ver = get_version(session);
+	unsigned int tag_size = params->read.aead_tag_size;
+	unsigned iv_size;
+	unsigned j;
+	volatile unsigned length_set;
+	uint8_t aad[5];
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (params->cipher->id == GNUTLS_CIPHER_NULL) {
+		if (plain->size < ciphertext->size)
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		length = ciphertext->size;
+		memcpy(plain->data, ciphertext->data, length);
+
+		return length;
+	}
+
+	iv_size = _gnutls_cipher_get_iv_size(params->cipher);
+
+	/* The way AEAD ciphers are defined in RFC5246, it allows
+	 * only stream ciphers.
+	 */
+	if (unlikely(ciphertext->size < tag_size))
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+	if (unlikely(params->read.iv_size != iv_size || iv_size < 8))
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+	memset(nonce, 0, iv_size - 8);
+	_gnutls_write_uint64(sequence, &nonce[iv_size-8]);
+	memxor(nonce, params->read.iv, params->read.iv_size);
+
+	length =
+	    ciphertext->size - tag_size;
+
+	length_to_decrypt = ciphertext->size;
+
+	if (unlikely
+	    ((unsigned) length_to_decrypt > plain->size)) {
+			_gnutls_audit_log(session,
+				  "Received %u bytes, while expecting less than %u\n",
+				  (unsigned int) length_to_decrypt,
+				  (unsigned int) plain->size);
+		return
+		    gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+	}
+
+	aad[0] = GNUTLS_APPLICATION_DATA;
+	aad[1] = 0x03;
+	aad[2] = 0x03;
+	_gnutls_write_uint16(ciphertext->size, &aad[3]);
+
+	ret = gnutls_aead_cipher_decrypt(&params->read.ctx.aead,
+					 nonce, iv_size,
+					 aad, sizeof(aad),
+					 tag_size,
+					 ciphertext->data, length_to_decrypt,
+					 plain->data, &length);
+	if (unlikely(ret < 0))
+		return gnutls_assert_val(ret);
+
+	/* 1 octet for content type */
+	if (length > max_decrypted_size(session) + 1) {
+		_gnutls_audit_log
+		    (session, "Received packet with illegal length: %u\n",
+		     (unsigned int) length);
+
+		return gnutls_assert_val(GNUTLS_E_RECORD_OVERFLOW);
+	}
+
+	length_set = 0;
+
+	/* now figure the actual data size. We intentionally iterate through all data,
+	 * to avoid leaking the padding length due to timing differences in processing.
+	 */
+	for (j=length;j>0;j--) {
+		if (plain->data[j-1]!=0 && length_set == 0) {
+			*type = plain->data[j-1];
+			length = j-1;
+			length_set = 1;
+			if (!(session->internals.flags & GNUTLS_SAFE_PADDING_CHECK))
+				break;
+		}
+	}
+
+	if (!length_set)
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+	return length;
+}
diff --git a/lib/cipher.h b/lib/cipher.h
new file mode 100644
index 0000000..43cdde2
--- /dev/null
+++ b/lib/cipher.h
@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_CIPHER_H
+#define GNUTLS_LIB_CIPHER_H
+
+int _gnutls_encrypt(gnutls_session_t session,
+		    const uint8_t * data,
+		    size_t data_size, size_t min_pad,
+		    mbuffer_st * bufel,
+		    content_type_t type, record_parameters_st * params);
+
+int _gnutls_decrypt(gnutls_session_t session,
+		    gnutls_datum_t * ciphertext, gnutls_datum_t * output,
+		    content_type_t *type, record_parameters_st * params,
+		    uint64_t sequence);
+
+#define MAX_PREAMBLE_SIZE 16
+
+int
+_gnutls_make_preamble(uint64_t uint64_data, uint8_t type, unsigned int length,
+		      const version_entry_st * ver, uint8_t preamble[MAX_PREAMBLE_SIZE]);
+
+int cbc_mac_verify(gnutls_session_t session, record_parameters_st *params,
+		   uint8_t preamble[MAX_PREAMBLE_SIZE],
+		   content_type_t type,
+		   uint64_t sequence,
+		   const uint8_t *data, size_t data_size,
+		   size_t tag_size);
+
+#endif /* GNUTLS_LIB_CIPHER_H */
diff --git a/lib/cipher_int.c b/lib/cipher_int.c
new file mode 100644
index 0000000..6680442
--- /dev/null
+++ b/lib/cipher_int.c
@@ -0,0 +1,475 @@
+/*
+ * Copyright (C) 2009-2013 Free Software Foundation, Inc.
+ * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <cipher_int.h>
+#include <datum.h>
+#include <gnutls/crypto.h>
+#include <crypto.h>
+#include <fips.h>
+#include <algorithms.h>
+
+#define SR_FB(x, cleanup) ret=(x); if ( ret<0 ) { \
+  if (ret == GNUTLS_E_NEED_FALLBACK) { \
+    if (handle->handle) \
+	handle->deinit(handle->handle); \
+    goto fallback; \
+  } \
+  gnutls_assert(); \
+  ret = GNUTLS_E_INTERNAL_ERROR; \
+  goto cleanup; \
+  }
+
+#define SR(x, cleanup) if ( (x)<0 ) { \
+  gnutls_assert(); \
+  ret = GNUTLS_E_INTERNAL_ERROR; \
+  goto cleanup; \
+  }
+
+/* Returns true(non-zero) or false(0) if the 
+ * provided cipher exists
+ */
+int _gnutls_cipher_exists(gnutls_cipher_algorithm_t cipher)
+{
+	const gnutls_crypto_cipher_st *cc;
+	int ret;
+
+	if (!is_cipher_algo_allowed(cipher))
+		return 0;
+
+	/* All the other ciphers are disabled on the back-end library.
+	 * The NULL needs to be detected here as it is not a cipher
+	 * that is provided by the back-end.
+	 */
+	if (cipher == GNUTLS_CIPHER_NULL)
+		return 1;
+
+	cc = _gnutls_get_crypto_cipher(cipher);
+	if (cc != NULL)
+		return 1;
+
+	ret = _gnutls_cipher_ops.exists(cipher);
+	return ret;
+}
+
+int
+_gnutls_cipher_init(cipher_hd_st *handle, const cipher_entry_st *e,
+		    const gnutls_datum_t *key, const gnutls_datum_t *iv,
+		    int enc)
+{
+	int ret = GNUTLS_E_INTERNAL_ERROR;
+	const gnutls_crypto_cipher_st *cc = NULL;
+
+	if (unlikely(e == NULL || e->id == GNUTLS_CIPHER_NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	FAIL_IF_LIB_ERROR;
+
+	handle->e = e;
+	handle->handle = NULL;
+
+	/* check if a cipher has been registered
+	 */
+	cc = _gnutls_get_crypto_cipher(e->id);
+	if (cc != NULL) {
+		handle->encrypt = cc->encrypt;
+		handle->decrypt = cc->decrypt;
+		handle->aead_encrypt = cc->aead_encrypt;
+		handle->aead_decrypt = cc->aead_decrypt;
+		handle->deinit = cc->deinit;
+		handle->auth = cc->auth;
+		handle->tag = cc->tag;
+		handle->setiv = cc->setiv;
+		handle->getiv = cc->getiv;
+		handle->setkey = cc->setkey;
+
+		/* if cc->init() returns GNUTLS_E_NEED_FALLBACK we
+		 * use the default ciphers */
+		SR_FB(cc->init(e->id, &handle->handle, enc), cc_cleanup);
+		SR_FB(cc->setkey(handle->handle, key->data, key->size),
+		   cc_cleanup);
+		if (iv) {
+			/* the API doesn't accept IV */
+			if (unlikely(cc->setiv == NULL)) {
+				if (cc->aead_encrypt) {
+					if (handle->handle)
+						handle->deinit(handle->handle);
+					goto fallback;
+				}
+				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+			}
+			SR(cc->setiv(handle->handle, iv->data, iv->size),
+			   cc_cleanup);
+		}
+
+		return 0;
+	}
+
+ fallback:
+	handle->encrypt = _gnutls_cipher_ops.encrypt;
+	handle->decrypt = _gnutls_cipher_ops.decrypt;
+	handle->aead_encrypt = _gnutls_cipher_ops.aead_encrypt;
+	handle->aead_decrypt = _gnutls_cipher_ops.aead_decrypt;
+	handle->deinit = _gnutls_cipher_ops.deinit;
+	handle->auth = _gnutls_cipher_ops.auth;
+	handle->tag = _gnutls_cipher_ops.tag;
+	handle->setiv = _gnutls_cipher_ops.setiv;
+	handle->getiv = _gnutls_cipher_ops.getiv;
+	handle->setkey = _gnutls_cipher_ops.setkey;
+
+	/* otherwise use generic cipher interface
+	 */
+	ret = _gnutls_cipher_ops.init(e->id, &handle->handle, enc);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_cipher_ops.setkey(handle->handle, key->data,
+				      key->size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cc_cleanup;
+	}
+
+	if (iv) {
+		ret =
+		    _gnutls_cipher_ops.setiv(handle->handle, iv->data,
+					     iv->size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cc_cleanup;
+		}
+	}
+
+	return 0;
+
+      cc_cleanup:
+
+	if (handle->handle)
+		handle->deinit(handle->handle);
+
+	return ret;
+}
+
+/* Auth_cipher API 
+ */
+int _gnutls_auth_cipher_init(auth_cipher_hd_st * handle,
+			     const cipher_entry_st * e,
+			     const gnutls_datum_t * cipher_key,
+			     const gnutls_datum_t * iv,
+			     const mac_entry_st * me,
+			     const gnutls_datum_t * mac_key,
+			     unsigned etm,
+#ifdef ENABLE_SSL3
+			     unsigned ssl_hmac,
+#endif
+			     int enc)
+{
+	int ret;
+
+	if (unlikely(e == NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	FAIL_IF_LIB_ERROR;
+
+	memset(handle, 0, sizeof(*handle));
+	handle->etm = etm;
+
+	if (e->id != GNUTLS_CIPHER_NULL) {
+		handle->non_null = 1;
+		ret =
+		    _gnutls_cipher_init(&handle->cipher, e, cipher_key, iv,
+					enc);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	} else
+		handle->non_null = 0;
+
+	if (me->id != GNUTLS_MAC_AEAD) {
+		handle->is_mac = 1;
+#ifdef ENABLE_SSL3
+		handle->ssl_hmac = ssl_hmac;
+
+		if (ssl_hmac)
+			ret =
+			    _gnutls_mac_init_ssl3(&handle->mac.dig, me,
+						  mac_key->data,
+						  mac_key->size);
+		else
+#endif
+			ret =
+			    _gnutls_mac_init(&handle->mac.mac, me,
+					     mac_key->data, mac_key->size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+#ifdef ENABLE_GOST
+		handle->continuous_mac = !!(me->flags & GNUTLS_MAC_FLAG_CONTINUOUS_MAC);
+#endif
+
+		handle->tag_size = _gnutls_mac_get_algo_len(me);
+	} else if (_gnutls_cipher_algo_is_aead(e)) {
+		handle->tag_size = _gnutls_cipher_get_tag_size(e);
+	} else {
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	return 0;
+      cleanup:
+	if (handle->non_null != 0)
+		_gnutls_cipher_deinit(&handle->cipher);
+	return ret;
+
+}
+
+#ifdef ENABLE_SSL3
+# define MAC(handle, text, textlen) \
+		if (handle->ssl_hmac) { \
+			ret = \
+			    _gnutls_hash(&handle->mac.dig, text, textlen); \
+		} else { \
+			ret = _gnutls_mac(&handle->mac.mac, text, textlen); \
+		} \
+		if (unlikely(ret < 0)) \
+			return gnutls_assert_val(ret)
+#else
+# define MAC(handle, text, textlen) \
+		ret = _gnutls_mac(&handle->mac.mac, text, textlen); \
+		if (unlikely(ret < 0)) \
+			return gnutls_assert_val(ret)
+#endif
+
+int _gnutls_auth_cipher_add_auth(auth_cipher_hd_st * handle,
+				 const void *text, int textlen)
+{
+	int ret;
+
+	if (handle->is_mac) {
+		MAC(handle, text, textlen);
+	} else if (_gnutls_cipher_is_aead(&handle->cipher))
+		return _gnutls_cipher_auth(&handle->cipher, text, textlen);
+	return 0;
+}
+
+
+/* The caller must make sure that textlen+pad_size+tag_size is divided by the block size of the cipher */
+int _gnutls_auth_cipher_encrypt2_tag(auth_cipher_hd_st * handle,
+				     const uint8_t * text, int textlen,
+				     void *_ciphertext, int ciphertextlen,
+				     int pad_size)
+{
+	int ret;
+	uint8_t *ciphertext = _ciphertext;
+	unsigned blocksize =
+	    _gnutls_cipher_get_block_size(handle->cipher.e);
+	unsigned l;
+
+	assert(ciphertext != NULL);
+
+	if (handle->is_mac) { /* cipher + mac */
+		if (handle->non_null == 0) { /* NULL cipher + MAC */
+			MAC(handle, text, textlen);
+
+			if (unlikely(textlen + pad_size + handle->tag_size) >
+			    ciphertextlen)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			if (text != ciphertext)
+				memcpy(ciphertext, text, textlen);
+			ret =
+			    _gnutls_auth_cipher_tag(handle,
+						    ciphertext + textlen,
+						    handle->tag_size);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+		} else {
+			uint8_t *orig_ciphertext = ciphertext;
+
+			if (handle->etm == 0 || handle->cipher.e->type != CIPHER_BLOCK) {
+				MAC(handle, text, textlen);
+			}
+
+			if (unlikely(textlen + pad_size + handle->tag_size) >
+			    ciphertextlen)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			assert(blocksize != 0);
+			l = (textlen / blocksize) * blocksize;
+			if (l > 0) {
+				ret =
+					_gnutls_cipher_encrypt2(&handle->cipher, text,
+							    l, ciphertext,
+							    ciphertextlen);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+
+				textlen -= l;
+				text += l;
+				ciphertext += l;
+				ciphertextlen -= l;
+			}
+
+			if (ciphertext != text && textlen > 0)
+				memcpy(ciphertext, text, textlen);
+
+			if (handle->etm == 0 || handle->cipher.e->type != CIPHER_BLOCK) {
+				ret =
+				    _gnutls_auth_cipher_tag(handle,
+							    ciphertext + textlen,
+							    handle->tag_size);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+				textlen += handle->tag_size;
+			}
+
+			/* TLS 1.0 style padding */
+			if (pad_size > 0) {
+				memset(ciphertext + textlen, pad_size - 1,
+				       pad_size);
+				textlen += pad_size;
+			}
+
+			ret =
+			    _gnutls_cipher_encrypt2(&handle->cipher,
+						    ciphertext, textlen,
+						    ciphertext,
+						    ciphertextlen);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			if (handle->etm != 0 && handle->cipher.e->type == CIPHER_BLOCK) {
+				MAC(handle, orig_ciphertext, l);
+				MAC(handle, ciphertext, textlen);
+
+				ret =
+					_gnutls_auth_cipher_tag(handle,
+							ciphertext + textlen,
+							handle->tag_size);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+			}
+		}
+	} else if (_gnutls_cipher_is_aead(&handle->cipher)) {
+		ret =
+		    _gnutls_cipher_encrypt2(&handle->cipher, text, textlen,
+					    ciphertext, ciphertextlen);
+		if (unlikely(ret < 0))
+			return gnutls_assert_val(ret);
+
+		ret =
+		    _gnutls_auth_cipher_tag(handle, ciphertext + textlen,
+					    handle->tag_size);
+		if (unlikely(ret < 0))
+			return gnutls_assert_val(ret);
+	} else if (handle->non_null == 0 && text != ciphertext) /* NULL cipher - no MAC */
+		memcpy(ciphertext, text, textlen);
+
+	return 0;
+}
+
+int _gnutls_auth_cipher_decrypt2(auth_cipher_hd_st * handle,
+				 const void *ciphertext, int ciphertextlen,
+				 void *text, int textlen)
+{
+	int ret;
+
+	if (unlikely(ciphertextlen > textlen))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (handle->is_mac && (handle->etm != 0 && handle->cipher.e->type == CIPHER_BLOCK)) {
+		/* The MAC is not to be hashed */
+		ciphertextlen -= handle->tag_size;
+
+		MAC(handle, ciphertext, ciphertextlen);
+	}
+
+	if (handle->non_null != 0) {
+		ret =
+		    _gnutls_cipher_decrypt2(&handle->cipher, ciphertext,
+					    ciphertextlen, text, textlen);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	} else if (handle->non_null == 0 && text != ciphertext)
+		memcpy(text, ciphertext, ciphertextlen);
+
+	if (handle->is_mac && (handle->etm == 0 || handle->cipher.e->type != CIPHER_BLOCK)) {
+		/* The MAC is not to be hashed */
+		ciphertextlen -= handle->tag_size;
+
+		MAC(handle, text, ciphertextlen);
+	}
+
+	return 0;
+}
+
+int _gnutls_auth_cipher_tag(auth_cipher_hd_st * handle, void *tag,
+			    int tag_size)
+{
+	if (handle->is_mac) {
+#ifdef ENABLE_SSL3
+		if (handle->ssl_hmac) {
+			int ret =
+			    _gnutls_mac_output_ssl3(&handle->mac.dig, tag);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		} else
+#endif
+#ifdef ENABLE_GOST
+		/* draft-smyshlyaev-tls12-gost-suites section 4.1.2 */
+		if (handle->continuous_mac) {
+			mac_hd_st temp_mac;
+			int ret = _gnutls_mac_copy(&handle->mac.mac, &temp_mac);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+			_gnutls_mac_deinit(&temp_mac, tag);
+		} else
+#endif
+			_gnutls_mac_output(&handle->mac.mac, tag);
+	} else if (_gnutls_cipher_is_aead(&handle->cipher)) {
+		_gnutls_cipher_tag(&handle->cipher, tag, tag_size);
+	} else
+		memset(tag, 0, tag_size);
+
+	return 0;
+}
+
+void _gnutls_auth_cipher_deinit(auth_cipher_hd_st * handle)
+{
+	if (handle->is_mac) {
+#ifdef ENABLE_SSL3
+		if (handle->ssl_hmac)	/* failure here doesn't matter */
+			_gnutls_mac_deinit_ssl3(&handle->mac.dig, NULL);
+		else
+#endif
+			_gnutls_mac_deinit(&handle->mac.mac, NULL);
+	}
+	if (handle->non_null != 0)
+		_gnutls_cipher_deinit(&handle->cipher);
+}
diff --git a/lib/cipher_int.h b/lib/cipher_int.h
new file mode 100644
index 0000000..a17afc3
--- /dev/null
+++ b/lib/cipher_int.h
@@ -0,0 +1,276 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_CIPHER_INT_H
+#define GNUTLS_LIB_CIPHER_INT_H
+
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <crypto-backend.h>
+
+extern int crypto_cipher_prio;
+extern gnutls_crypto_cipher_st _gnutls_cipher_ops;
+
+typedef int (*cipher_encrypt_func) (void *hd, const void *plaintext,
+				    size_t, void *ciphertext, size_t);
+typedef int (*cipher_decrypt_func) (void *hd, const void *ciphertext,
+				    size_t, void *plaintext, size_t);
+typedef int (*aead_cipher_encrypt_func) (void *hd,
+					 const void *nonce, size_t,
+					 const void *auth, size_t,
+					 size_t tag,
+					 const void *plaintext, size_t,
+					 void *ciphertext, size_t);
+typedef int (*aead_cipher_decrypt_func) (void *hd,
+					 const void *nonce, size_t,
+					 const void *auth, size_t,
+					 size_t tag,
+					 const void *ciphertext, size_t, 
+					 void *plaintext, size_t);
+typedef void (*cipher_deinit_func) (void *hd);
+
+typedef int (*cipher_auth_func) (void *hd, const void *data, size_t);
+typedef int (*cipher_setiv_func) (void *hd, const void *iv, size_t);
+typedef int (*cipher_getiv_func) (void *hd, void *iv, size_t);
+
+typedef int (*cipher_setkey_func) (void *hd, const void *key, size_t keysize);
+
+typedef void (*cipher_tag_func) (void *hd, void *tag, size_t);
+
+typedef struct {
+	void *handle;
+	const cipher_entry_st *e;
+	cipher_encrypt_func encrypt;
+	cipher_decrypt_func decrypt;
+	aead_cipher_encrypt_func aead_encrypt;
+	aead_cipher_decrypt_func aead_decrypt;
+	cipher_auth_func auth;
+	cipher_tag_func tag;
+	cipher_setiv_func setiv;
+	cipher_getiv_func getiv;
+	cipher_setkey_func setkey;
+	cipher_deinit_func deinit;
+} cipher_hd_st;
+
+int _gnutls_cipher_init(cipher_hd_st *, const cipher_entry_st * e,
+			const gnutls_datum_t * key,
+			const gnutls_datum_t * iv, int enc);
+
+inline static int _gnutls_cipher_setiv(const cipher_hd_st * handle,
+					const void *iv, size_t ivlen)
+{
+	return handle->setiv(handle->handle, iv, ivlen);
+}
+
+inline static int _gnutls_cipher_getiv(const cipher_hd_st * handle,
+				       void *iv, size_t ivlen)
+{
+	if (unlikely(handle == NULL || handle->handle == NULL ||
+		    handle->getiv == NULL))
+		return GNUTLS_E_INVALID_REQUEST;
+
+	return handle->getiv(handle->handle, iv, ivlen);
+}
+
+inline static int _gnutls_cipher_setkey(const cipher_hd_st * handle,
+					const void *key, size_t keylen)
+{
+	return handle->setkey(handle->handle, key, keylen);
+}
+
+inline static int
+_gnutls_cipher_encrypt2(const cipher_hd_st * handle, const void *text,
+			size_t textlen, void *ciphertext,
+			size_t ciphertextlen)
+{
+	if (likely(handle != NULL && handle->handle != NULL)) {
+		if (handle->encrypt == NULL) {
+			return (GNUTLS_E_INVALID_REQUEST);
+		}
+		return handle->encrypt(handle->handle, text, textlen,
+				       ciphertext, ciphertextlen);
+	}
+
+	return 0;
+}
+
+inline static int
+_gnutls_cipher_decrypt2(const cipher_hd_st * handle,
+			const void *ciphertext, size_t ciphertextlen,
+			void *text, size_t textlen)
+{
+	if (likely(handle != NULL && handle->handle != NULL)) {
+		if (handle->decrypt == NULL) {
+			return (GNUTLS_E_INVALID_REQUEST);
+		}
+		return handle->decrypt(handle->handle, ciphertext,
+				       ciphertextlen, text, textlen);
+	}
+
+	return 0;
+}
+
+inline static int
+_gnutls_aead_cipher_encrypt(const cipher_hd_st * handle,
+			    const void *nonce, size_t nonce_len,
+			    const void *auth, size_t auth_len,
+			    size_t tag,
+			    const void *text, size_t textlen,
+			    void *ciphertext, size_t ciphertextlen)
+{
+	if (likely(handle != NULL && handle->handle != NULL && handle->aead_encrypt != NULL)) {
+		return handle->aead_encrypt(handle->handle,
+					    nonce, nonce_len,
+					    auth, auth_len,
+					    tag,
+					    text, textlen,
+					    ciphertext, ciphertextlen);
+	}
+
+	return GNUTLS_E_INVALID_REQUEST;
+}
+
+inline static int
+_gnutls_aead_cipher_decrypt(const cipher_hd_st * handle,
+			    const void *nonce, size_t nonce_len,
+			    const void *auth, size_t auth_len,
+			    size_t tag,
+			    const void *ciphertext, size_t ciphertextlen,
+			    void *text, size_t textlen)
+{
+	if (likely(handle != NULL && handle->handle != NULL && handle->aead_decrypt != NULL)) {
+		return handle->aead_decrypt(handle->handle,
+					    nonce, nonce_len,
+					    auth, auth_len,
+					    tag,
+					    ciphertext, ciphertextlen,
+					    text, textlen);
+	}
+
+	return GNUTLS_E_INVALID_REQUEST;
+}
+
+inline static void _gnutls_cipher_deinit(cipher_hd_st * handle)
+{
+	if (likely(handle != NULL && handle->handle != NULL)) {
+		handle->deinit(handle->handle);
+		handle->handle = NULL;
+	}
+}
+
+int _gnutls_cipher_exists(gnutls_cipher_algorithm_t cipher);
+
+int _gnutls_cipher_get_iv(gnutls_cipher_hd_t handle, void *iv,
+			  size_t ivlen);
+
+int _gnutls_cipher_set_key(gnutls_cipher_hd_t handle, void *key, size_t keylen);
+
+#define _gnutls_cipher_is_aead(h) _gnutls_cipher_algo_is_aead((h)->e)
+
+/* returns the tag in AUTHENC ciphers */
+inline static void _gnutls_cipher_tag(const cipher_hd_st * handle,
+				      void *tag, size_t tag_size)
+{
+	if (likely(handle != NULL && handle->handle != NULL)) {
+		handle->tag(handle->handle, tag, tag_size);
+	}
+}
+
+/* Add auth data for AUTHENC ciphers
+ */
+inline static int _gnutls_cipher_auth(const cipher_hd_st * handle,
+				      const void *text, size_t textlen)
+{
+	if (likely(handle != NULL && handle->handle != NULL)) {
+		return handle->auth(handle->handle, text, textlen);
+	}
+	return GNUTLS_E_INTERNAL_ERROR;
+}
+
+#define _gnutls_cipher_encrypt(x,y,z) _gnutls_cipher_encrypt2(x,y,z,y,z)
+#define _gnutls_cipher_decrypt(x,y,z) _gnutls_cipher_decrypt2(x,y,z,y,z)
+
+/* auth_cipher API. Allows combining a cipher with a MAC.
+ */
+
+typedef struct {
+	cipher_hd_st cipher;
+	union {
+		digest_hd_st dig;
+		mac_hd_st mac;
+	} mac;
+	unsigned int is_mac:1;
+#ifdef ENABLE_SSL3
+	unsigned int ssl_hmac:1;
+#endif
+#ifdef ENABLE_GOST
+	unsigned int continuous_mac:1;
+#endif
+	unsigned int non_null:1;
+	unsigned int etm:1;
+	size_t tag_size;
+} auth_cipher_hd_st;
+
+int _gnutls_auth_cipher_init(auth_cipher_hd_st * handle,
+			     const cipher_entry_st * e,
+			     const gnutls_datum_t * cipher_key,
+			     const gnutls_datum_t * iv,
+			     const mac_entry_st * me,
+			     const gnutls_datum_t * mac_key,
+			     unsigned etm,
+#ifdef ENABLE_SSL3
+			     unsigned ssl_hmac,
+#endif
+			     int enc);
+
+int _gnutls_auth_cipher_add_auth(auth_cipher_hd_st * handle,
+				 const void *text, int textlen);
+
+int _gnutls_auth_cipher_encrypt2_tag(auth_cipher_hd_st * handle,
+				     const uint8_t * text, int textlen,
+				     void *ciphertext, int ciphertextlen,
+				     int pad_size);
+int _gnutls_auth_cipher_decrypt2(auth_cipher_hd_st * handle,
+				 const void *ciphertext, int ciphertextlen,
+				 void *text, int textlen);
+int _gnutls_auth_cipher_tag(auth_cipher_hd_st * handle, void *tag,
+			    int tag_size);
+
+inline static int _gnutls_auth_cipher_setiv(const auth_cipher_hd_st *
+					     handle, const void *iv,
+					     size_t ivlen)
+{
+	return _gnutls_cipher_setiv(&handle->cipher, iv, ivlen);
+}
+
+inline static size_t _gnutls_auth_cipher_tag_len(auth_cipher_hd_st *
+						 handle)
+{
+	return handle->tag_size;
+}
+
+#define _gnutls_auth_cipher_is_aead(h) _gnutls_cipher_is_aead(&(h)->cipher)
+
+void _gnutls_auth_cipher_deinit(auth_cipher_hd_st * handle);
+
+
+#endif /* GNUTLS_LIB_CIPHER_INT_H */
diff --git a/lib/common.mk b/lib/common.mk
new file mode 100644
index 0000000..2e0d075
--- /dev/null
+++ b/lib/common.mk
@@ -0,0 +1,8 @@
+AM_CFLAGS = $(WERROR_CFLAGS) $(WSTACK_CFLAGS) $(WARN_CFLAGS) $(NETTLE_CFLAGS) \
+  $(LIBTASN1_CFLAGS) $(LIBIDN2_CFLAGS) $(P11_KIT_CFLAGS) $(LIBZSTD_CFLAGS) \
+  $(CODE_COVERAGE_CFLAGS)
+COMMON_LINK_FLAGS = $(CODE_COVERAGE_LDFLAGS)
+
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
diff --git a/lib/compress.c b/lib/compress.c
new file mode 100644
index 0000000..dbcf4fa
--- /dev/null
+++ b/lib/compress.c
@@ -0,0 +1,266 @@
+/*
+ * Copyright (C) 2017-2022 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "compress.h"
+
+#ifdef HAVE_LIBZ
+#include <zlib.h>
+#endif
+
+#ifdef HAVE_LIBBROTLI
+#include <brotli/decode.h>
+#include <brotli/encode.h>
+#endif
+
+#ifdef HAVE_LIBZSTD
+#include <zstd.h>
+#endif
+
+typedef struct {
+	gnutls_compression_method_t id;
+	const char *name;
+} comp_entry;
+
+static const comp_entry comp_algs[] = {
+	{ GNUTLS_COMP_NULL, "NULL" },
+#ifdef HAVE_LIBZ
+	{ GNUTLS_COMP_ZLIB, "ZLIB" },
+#endif
+#ifdef HAVE_LIBBROTLI
+	{ GNUTLS_COMP_BROTLI, "BROTLI" },
+#endif
+#ifdef HAVE_LIBZSTD
+	{ GNUTLS_COMP_ZSTD, "ZSTD" },
+#endif
+	{ GNUTLS_COMP_UNKNOWN, NULL }
+};
+
+static const gnutls_compression_method_t alg_list[] = {
+	GNUTLS_COMP_NULL,
+#ifdef HAVE_LIBZ
+	GNUTLS_COMP_ZLIB,
+#endif
+#ifdef HAVE_LIBBROTLI
+	GNUTLS_COMP_BROTLI,
+#endif
+#ifdef HAVE_LIBZSTD
+	GNUTLS_COMP_ZSTD,
+#endif
+	0
+};
+
+/**
+ * gnutls_compression_get_name:
+ * @algorithm: is a Compression algorithm
+ *
+ * Convert a #gnutls_compression_method_t value to a string.
+ *
+ * Returns: a pointer to a string that contains the name of the
+ *   specified compression algorithm, or %NULL.
+ **/
+const char *
+gnutls_compression_get_name(gnutls_compression_method_t algorithm)
+{
+	const comp_entry *p;
+
+	for (p = comp_algs; p->name; ++p)
+		if (p->id == algorithm)
+			return p->name;
+
+	return NULL;
+}
+
+/**
+ * gnutls_compression_get_id:
+ * @name: is a compression method name
+ *
+ * The names are compared in a case insensitive way.
+ *
+ * Returns: an id of the specified in a string compression method, or
+ *   %GNUTLS_COMP_UNKNOWN on error.
+ **/
+gnutls_compression_method_t
+gnutls_compression_get_id(const char *name)
+{
+	const comp_entry *p;
+
+	for (p = comp_algs; p->name; ++p)
+		if (!strcasecmp(p->name, name))
+			return p->id;
+
+	return GNUTLS_COMP_UNKNOWN;
+}
+
+/**
+ * gnutls_compression_list:
+ *
+ * Get a list of compression methods.
+ *
+ * Returns: a zero-terminated list of #gnutls_compression_method_t
+ *   integers indicating the available compression methods.
+ **/
+const gnutls_compression_method_t *
+gnutls_compression_list(void)
+{
+	return alg_list;
+}
+
+
+/*************************/
+/* Compression functions */
+/*************************/
+
+
+size_t
+_gnutls_compress_bound(gnutls_compression_method_t alg, size_t src_len)
+{
+	switch (alg) {
+#ifdef HAVE_LIBZ
+	case GNUTLS_COMP_ZLIB:
+		return compressBound(src_len);
+#endif
+#ifdef HAVE_LIBBROTLI
+	case GNUTLS_COMP_BROTLI:
+		return BrotliEncoderMaxCompressedSize(src_len);
+#endif
+#ifdef HAVE_LIBZSTD
+	case GNUTLS_COMP_ZSTD:
+		return ZSTD_compressBound(src_len);
+#endif
+	default:
+		return 0;
+	}
+	return 0;
+}
+
+int
+_gnutls_compress(gnutls_compression_method_t alg, 
+		 uint8_t * dst, size_t dst_len,
+		 const uint8_t * src, size_t src_len)
+{
+	int ret = GNUTLS_E_COMPRESSION_FAILED;
+
+	switch (alg) {
+#ifdef HAVE_LIBZ
+	case GNUTLS_COMP_ZLIB:
+		{
+			int err;
+			uLongf comp_len = dst_len;
+
+			err = compress(dst, &comp_len, src, src_len);
+			if (err != Z_OK)
+				return gnutls_assert_val(GNUTLS_E_COMPRESSION_FAILED);
+			ret = comp_len;
+		}
+		break;
+#endif
+#ifdef HAVE_LIBBROTLI
+	case GNUTLS_COMP_BROTLI:
+		{
+			BROTLI_BOOL err;
+			size_t comp_len = dst_len; 
+
+			err = BrotliEncoderCompress(BROTLI_DEFAULT_QUALITY,
+						    BROTLI_DEFAULT_WINDOW,
+						    BROTLI_DEFAULT_MODE,
+						    src_len, src, &comp_len, dst);
+			if (!err)
+				return gnutls_assert_val(GNUTLS_E_COMPRESSION_FAILED);
+			ret = comp_len;
+		}
+		break;
+#endif
+#ifdef HAVE_LIBZSTD
+	case GNUTLS_COMP_ZSTD:
+		{
+			size_t comp_len;
+
+			comp_len = ZSTD_compress(dst, dst_len, src, src_len, ZSTD_CLEVEL_DEFAULT);
+			if (ZSTD_isError(comp_len))
+				return gnutls_assert_val(GNUTLS_E_COMPRESSION_FAILED);
+			ret = comp_len;
+		}
+		break;
+#endif
+	default:
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+#ifdef COMPRESSION_DEBUG
+	_gnutls_debug_log("Compression ratio: %f\n", (float)((float)ret / (float)src_len));
+#endif
+
+	return ret;
+}
+
+int
+_gnutls_decompress(gnutls_compression_method_t alg,
+		   uint8_t * dst, size_t dst_len,
+		   const uint8_t * src, size_t src_len)
+{
+	int ret = GNUTLS_E_DECOMPRESSION_FAILED;
+
+	switch (alg) {
+#ifdef HAVE_LIBZ
+	case GNUTLS_COMP_ZLIB:
+		{
+			int err;
+			uLongf plain_len = dst_len;
+
+			err = uncompress(dst, &plain_len, src, src_len);
+			if (err != Z_OK)
+				return gnutls_assert_val(GNUTLS_E_DECOMPRESSION_FAILED);
+			ret = plain_len;
+		}
+		break;
+#endif
+#ifdef HAVE_LIBBROTLI
+	case GNUTLS_COMP_BROTLI:
+		{
+			BrotliDecoderResult err;
+			size_t plain_len = dst_len;
+
+			err = BrotliDecoderDecompress(src_len, src, &plain_len, dst);
+			if (err != BROTLI_DECODER_RESULT_SUCCESS)
+				return gnutls_assert_val(GNUTLS_E_DECOMPRESSION_FAILED);
+			ret = plain_len;
+		}
+		break;
+#endif
+#ifdef HAVE_LIBZSTD
+	case GNUTLS_COMP_ZSTD:
+		{
+			size_t plain_len;
+
+			plain_len = ZSTD_decompress(dst, dst_len, src, src_len);
+			if (ZSTD_isError(plain_len))
+				return gnutls_assert_val(GNUTLS_E_DECOMPRESSION_FAILED);
+			ret = plain_len;
+		}
+		break;
+#endif
+	default:
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	return ret;
+}
diff --git a/lib/compress.h b/lib/compress.h
new file mode 100644
index 0000000..3221f7d
--- /dev/null
+++ b/lib/compress.h
@@ -0,0 +1,34 @@
+/*
+ * Copyright (C) 2022 Red Hat, Inc.
+ *
+ * Author: Zoltan Fridrich
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_COMPRESS_H
+#define GNUTLS_LIB_COMPRESS_H
+
+#include "gnutls_int.h"
+
+size_t _gnutls_compress_bound(gnutls_compression_method_t alg, size_t src_len);
+int _gnutls_compress(gnutls_compression_method_t alg, uint8_t * dst, size_t dst_len,
+		     const uint8_t * src, size_t src_len);
+int _gnutls_decompress(gnutls_compression_method_t alg, uint8_t * dst, size_t dst_len,
+		     const uint8_t * src, size_t src_len);
+
+#endif /* GNUTLS_LIB_COMPRESS_H */
diff --git a/lib/constate.c b/lib/constate.c
new file mode 100644
index 0000000..b1925f6
--- /dev/null
+++ b/lib/constate.c
@@ -0,0 +1,1333 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that are supposed to run after the handshake procedure is
+ * finished. These functions activate the established security parameters.
+ */
+
+#include "gnutls_int.h"
+#include <constate.h>
+#include "errors.h"
+#include "fips.h"
+#include <kx.h>
+#include <algorithms.h>
+#include <num.h>
+#include <datum.h>
+#include <state.h>
+#include <hello_ext.h>
+#include <buffers.h>
+#include "dtls.h"
+#include "secrets.h"
+#include "handshake.h"
+#include "crypto-api.h"
+#include "locks.h"
+
+static const char keyexp[] = "key expansion";
+static const int keyexp_length = sizeof(keyexp) - 1;
+
+static int
+_tls13_init_record_state(gnutls_cipher_algorithm_t algo, record_state_st *state);
+
+/* This function is to be called after handshake, when master_secret,
+ *  client_random and server_random have been initialized. 
+ * This function creates the keys and stores them into pending session.
+ * (session->cipher_specs)
+ */
+static int
+_gnutls_set_keys(gnutls_session_t session, record_parameters_st * params,
+		 unsigned hash_size, unsigned IV_size, unsigned key_size)
+{
+	uint8_t rnd[2 * GNUTLS_RANDOM_SIZE];
+	int pos, ret;
+	int block_size;
+	char buf[4 * MAX_HASH_SIZE + 4 * MAX_CIPHER_KEY_SIZE +
+		 4 * MAX_CIPHER_BLOCK_SIZE];
+	/* avoid using malloc */
+	uint8_t key_block[2 * MAX_HASH_SIZE + 2 * MAX_CIPHER_KEY_SIZE +
+			  2 * MAX_CIPHER_BLOCK_SIZE];
+	record_state_st *client_write, *server_write;
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		client_write = &params->write;
+		server_write = &params->read;
+	} else {
+		client_write = &params->read;
+		server_write = &params->write;
+	}
+
+	block_size = 2 * hash_size + 2 * key_size;
+	block_size += 2 * IV_size;
+
+	memcpy(rnd, session->security_parameters.server_random,
+	       GNUTLS_RANDOM_SIZE);
+	memcpy(&rnd[GNUTLS_RANDOM_SIZE],
+	       session->security_parameters.client_random,
+	       GNUTLS_RANDOM_SIZE);
+
+	_gnutls_memory_mark_defined(session->security_parameters.master_secret,
+				    GNUTLS_MASTER_SIZE);
+#ifdef ENABLE_SSL3
+	if (get_num_version(session) == GNUTLS_SSL3) {	/* SSL 3 */
+		ret =
+		    _gnutls_ssl3_generate_random
+		    (session->security_parameters.master_secret,
+		     GNUTLS_MASTER_SIZE, rnd, 2 * GNUTLS_RANDOM_SIZE,
+		     block_size, key_block);
+	} else /* TLS 1.0+ */
+#endif
+		ret =
+		    _gnutls_PRF(session,
+				session->security_parameters.master_secret,
+				GNUTLS_MASTER_SIZE, keyexp, keyexp_length,
+				rnd, 2 * GNUTLS_RANDOM_SIZE, block_size,
+				key_block);
+
+	if (ret < 0) {
+		_gnutls_memory_mark_undefined(session->security_parameters.master_secret,
+					      GNUTLS_MASTER_SIZE);
+		return gnutls_assert_val(ret);
+	}
+
+	_gnutls_hard_log("INT: KEY BLOCK[%d]: %s\n", block_size,
+			 _gnutls_bin2hex(key_block, block_size, buf,
+					 sizeof(buf), NULL));
+
+	pos = 0;
+	if (hash_size > 0) {
+		assert(hash_size<=sizeof(client_write->mac_key));
+		client_write->mac_key_size = hash_size;
+		memcpy(client_write->mac_key, &key_block[pos], hash_size);
+
+		pos += hash_size;
+
+		server_write->mac_key_size = hash_size;
+		memcpy(server_write->mac_key, &key_block[pos], hash_size);
+
+		pos += hash_size;
+
+		_gnutls_hard_log("INT: CLIENT MAC KEY [%d]: %s\n",
+				 key_size,
+				 _gnutls_bin2hex(client_write->mac_key,
+						 hash_size,
+						 buf, sizeof(buf), NULL));
+
+		_gnutls_hard_log("INT: SERVER MAC KEY [%d]: %s\n",
+				 key_size,
+				 _gnutls_bin2hex(server_write->mac_key,
+						 hash_size,
+						 buf, sizeof(buf), NULL));
+	}
+
+	if (key_size > 0) {
+		assert(key_size <=sizeof(client_write->key));
+		client_write->key_size = key_size;
+		memcpy(client_write->key, &key_block[pos], key_size);
+
+		pos += key_size;
+
+		server_write->key_size = key_size;
+		memcpy(server_write->key, &key_block[pos], key_size);
+
+		pos += key_size;
+
+		_gnutls_hard_log("INT: CLIENT WRITE KEY [%d]: %s\n",
+				 key_size,
+				 _gnutls_bin2hex(client_write->key,
+						 key_size,
+						 buf, sizeof(buf), NULL));
+
+		_gnutls_hard_log("INT: SERVER WRITE KEY [%d]: %s\n",
+				 key_size,
+				 _gnutls_bin2hex(server_write->key,
+						 key_size,
+						 buf, sizeof(buf), NULL));
+
+	}
+
+	/* IV generation in export and non export ciphers.
+	 */
+	if (IV_size > 0) {
+		assert(IV_size <= sizeof(client_write->iv));
+
+		client_write->iv_size = IV_size;
+		memcpy(client_write->iv, &key_block[pos], IV_size);
+
+		pos += IV_size;
+
+		server_write->iv_size = IV_size;
+		memcpy(server_write->iv, &key_block[pos], IV_size);
+
+		_gnutls_hard_log("INT: CLIENT WRITE IV [%d]: %s\n",
+				 client_write->iv_size,
+				 _gnutls_bin2hex(client_write->iv,
+						 client_write->iv_size,
+						 buf, sizeof(buf), NULL));
+
+		_gnutls_hard_log("INT: SERVER WRITE IV [%d]: %s\n",
+				 server_write->iv_size,
+				 _gnutls_bin2hex(server_write->iv,
+						 server_write->iv_size,
+						 buf, sizeof(buf), NULL));
+	}
+
+	return 0;
+}
+
+static int
+_tls13_update_keys(gnutls_session_t session, hs_stage_t stage,
+		   record_parameters_st *params,
+		   unsigned iv_size, unsigned key_size)
+{
+	uint8_t key_block[MAX_CIPHER_KEY_SIZE];
+	uint8_t iv_block[MAX_CIPHER_IV_SIZE];
+	char buf[65];
+	record_state_st *upd_state;
+	record_parameters_st *prev = NULL;
+	int ret;
+
+	/* generate new keys for direction needed and copy old from previous epoch */
+
+	if (stage == STAGE_UPD_OURS) {
+		upd_state = &params->write;
+
+		ret = _gnutls_epoch_get(session, EPOCH_READ_CURRENT, &prev);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		assert(prev != NULL);
+
+		params->read.sequence_number = prev->read.sequence_number;
+
+		params->read.key_size = prev->read.key_size;
+		memcpy(params->read.key, prev->read.key, prev->read.key_size);
+
+		_gnutls_hard_log("INT: READ KEY [%d]: %s\n",
+				 params->read.key_size,
+				 _gnutls_bin2hex(params->read.key, params->read.key_size,
+						 buf, sizeof(buf), NULL));
+
+		params->read.iv_size = prev->read.iv_size;
+		memcpy(params->read.iv, prev->read.iv, prev->read.key_size);
+
+		_gnutls_hard_log("INT: READ IV [%d]: %s\n",
+				 params->read.iv_size,
+				 _gnutls_bin2hex(params->read.iv, params->read.iv_size,
+						 buf, sizeof(buf), NULL));
+	} else {
+		upd_state = &params->read;
+
+		ret = _gnutls_epoch_get(session, EPOCH_WRITE_CURRENT, &prev);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		assert(prev != NULL);
+
+		params->write.sequence_number = prev->write.sequence_number;
+
+		params->write.key_size = prev->write.key_size;
+		memcpy(params->write.key, prev->write.key, prev->write.key_size);
+
+		_gnutls_hard_log("INT: WRITE KEY [%d]: %s\n",
+				 params->write.key_size,
+				 _gnutls_bin2hex(params->write.key, params->write.key_size,
+						 buf, sizeof(buf), NULL));
+
+		params->write.iv_size = prev->write.iv_size;
+		memcpy(params->write.iv, prev->write.iv, prev->write.iv_size);
+
+		_gnutls_hard_log("INT: WRITE IV [%d]: %s\n",
+				 params->write.iv_size,
+				 _gnutls_bin2hex(params->write.iv, params->write.iv_size,
+						 buf, sizeof(buf), NULL));
+	}
+
+
+	if ((session->security_parameters.entity == GNUTLS_CLIENT && stage == STAGE_UPD_OURS) ||
+	    (session->security_parameters.entity == GNUTLS_SERVER && stage == STAGE_UPD_PEERS)) {
+
+		/* client keys */
+		ret = _tls13_expand_secret(session, APPLICATION_TRAFFIC_UPDATE,
+					   sizeof(APPLICATION_TRAFFIC_UPDATE)-1,
+					   NULL, 0,
+					   session->key.proto.tls13.ap_ckey,
+					   session->security_parameters.prf->output_size,
+					   session->key.proto.tls13.ap_ckey);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _tls13_expand_secret(session, "key", 3, NULL, 0, session->key.proto.tls13.ap_ckey, key_size, key_block);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _tls13_expand_secret(session, "iv", 2, NULL, 0, session->key.proto.tls13.ap_ckey, iv_size, iv_block);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	} else {
+		ret = _tls13_expand_secret(session, APPLICATION_TRAFFIC_UPDATE,
+					   sizeof(APPLICATION_TRAFFIC_UPDATE)-1,
+					   NULL, 0,
+					   session->key.proto.tls13.ap_skey,
+					   session->security_parameters.prf->output_size,
+					   session->key.proto.tls13.ap_skey);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _tls13_expand_secret(session, "key", 3, NULL, 0, session->key.proto.tls13.ap_skey, key_size, key_block);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _tls13_expand_secret(session, "iv", 2, NULL, 0, session->key.proto.tls13.ap_skey, iv_size, iv_block);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	upd_state->mac_key_size = 0;
+
+	assert(key_size <= sizeof(upd_state->key));
+	memcpy(upd_state->key, key_block, key_size);
+	upd_state->key_size = key_size;
+
+	_gnutls_hard_log("INT: NEW %s KEY [%d]: %s\n",
+			 (upd_state == &params->read)?"READ":"WRITE",
+			 key_size,
+			 _gnutls_bin2hex(key_block, key_size,
+					 buf, sizeof(buf), NULL));
+
+	if (iv_size > 0) {
+		assert(iv_size <= sizeof(upd_state->iv));
+		memcpy(upd_state->iv, iv_block, iv_size);
+		upd_state->iv_size = iv_size;
+
+		_gnutls_hard_log("INT: NEW %s IV [%d]: %s\n",
+				 (upd_state == &params->read)?"READ":"WRITE",
+				 iv_size,
+				 _gnutls_bin2hex(iv_block, iv_size,
+						 buf, sizeof(buf), NULL));
+	}
+
+	return 0;
+}
+
+static int
+_tls13_set_early_keys(gnutls_session_t session,
+		      record_parameters_st * params,
+		      unsigned iv_size, unsigned key_size)
+{
+	uint8_t key_block[MAX_CIPHER_KEY_SIZE];
+	uint8_t iv_block[MAX_CIPHER_IV_SIZE];
+	char buf[65];
+	record_state_st *early_state;
+	int ret;
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT &&
+	    !(session->internals.hsk_flags & HSK_TLS13_TICKET_SENT)) {
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _tls13_expand_secret2(session->internals.
+				    resumed_security_parameters.prf,
+				    "key", 3, NULL, 0,
+				    session->key.proto.tls13.e_ckey,
+				    key_size, key_block);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _tls13_expand_secret2(session->internals.
+				    resumed_security_parameters.prf,
+				    "iv", 2, NULL, 0,
+				    session->key.proto.tls13.e_ckey,
+				    iv_size, iv_block);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		early_state = &params->write;
+	} else {
+		early_state = &params->read;
+	}
+
+	early_state->mac_key_size = 0;
+
+	assert(key_size <= sizeof(early_state->key));
+	memcpy(early_state->key, key_block, key_size);
+	early_state->key_size = key_size;
+
+	_gnutls_hard_log("INT: EARLY KEY [%d]: %s\n",
+			 key_size,
+			 _gnutls_bin2hex(key_block, key_size,
+					 buf, sizeof(buf), NULL));
+
+	if (iv_size > 0) {
+		assert(iv_size <= sizeof(early_state->iv));
+		memcpy(early_state->iv, iv_block, iv_size);
+		early_state->iv_size = iv_size;
+
+		_gnutls_hard_log("INT: EARLY IV [%d]: %s\n",
+				 iv_size,
+				 _gnutls_bin2hex(iv_block, iv_size,
+						 buf, sizeof(buf), NULL));
+	}
+
+	return 0;
+}
+
+static int
+_tls13_set_keys(gnutls_session_t session, hs_stage_t stage,
+		record_parameters_st * params,
+		unsigned iv_size, unsigned key_size)
+{
+	uint8_t ckey_block[MAX_CIPHER_KEY_SIZE];
+	uint8_t civ_block[MAX_CIPHER_IV_SIZE];
+	uint8_t skey_block[MAX_CIPHER_KEY_SIZE];
+	uint8_t siv_block[MAX_CIPHER_IV_SIZE];
+	char buf[65];
+	record_state_st *client_write, *server_write;
+	const char *label;
+	unsigned label_size, hsk_len;
+	const char *keylog_label;
+	void *ckey, *skey;
+	int ret;
+
+	if (stage == STAGE_UPD_OURS || stage == STAGE_UPD_PEERS)
+		return _tls13_update_keys(session, stage,
+					  params, iv_size, key_size);
+
+	else if (stage == STAGE_EARLY)
+		return _tls13_set_early_keys(session,
+					     params, iv_size, key_size);
+
+	else if (stage == STAGE_HS) {
+		label = HANDSHAKE_CLIENT_TRAFFIC_LABEL;
+		label_size = sizeof(HANDSHAKE_CLIENT_TRAFFIC_LABEL)-1;
+		hsk_len = session->internals.handshake_hash_buffer.length;
+		keylog_label = "CLIENT_HANDSHAKE_TRAFFIC_SECRET";
+		ckey = session->key.proto.tls13.hs_ckey;
+	} else {
+		label = APPLICATION_CLIENT_TRAFFIC_LABEL;
+		label_size = sizeof(APPLICATION_CLIENT_TRAFFIC_LABEL)-1;
+		hsk_len = session->internals.handshake_hash_buffer_server_finished_len;
+		keylog_label = "CLIENT_TRAFFIC_SECRET_0";
+		ckey = session->key.proto.tls13.ap_ckey;
+	}
+
+	ret = _tls13_derive_secret(session, label, label_size,
+				   session->internals.handshake_hash_buffer.data,
+				   hsk_len,
+				   session->key.proto.tls13.temp_secret,
+				   ckey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_call_keylog_func(session, keylog_label,
+				       ckey,
+				       session->security_parameters.prf->output_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* client keys */
+	ret = _tls13_expand_secret(session, "key", 3, NULL, 0, ckey, key_size, ckey_block);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _tls13_expand_secret(session, "iv", 2, NULL, 0, ckey, iv_size, civ_block);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* server keys */
+	if (stage == STAGE_HS) {
+		label = HANDSHAKE_SERVER_TRAFFIC_LABEL;
+		label_size = sizeof(HANDSHAKE_SERVER_TRAFFIC_LABEL)-1;
+		keylog_label = "SERVER_HANDSHAKE_TRAFFIC_SECRET";
+		skey = session->key.proto.tls13.hs_skey;
+	} else {
+		label = APPLICATION_SERVER_TRAFFIC_LABEL;
+		label_size = sizeof(APPLICATION_SERVER_TRAFFIC_LABEL)-1;
+		keylog_label = "SERVER_TRAFFIC_SECRET_0";
+		skey = session->key.proto.tls13.ap_skey;
+	}
+
+	ret = _tls13_derive_secret(session, label, label_size,
+				   session->internals.handshake_hash_buffer.data,
+				   hsk_len,
+				   session->key.proto.tls13.temp_secret,
+				   skey);
+
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_call_keylog_func(session, keylog_label,
+				       skey,
+				       session->security_parameters.prf->output_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _tls13_expand_secret(session, "key", 3, NULL, 0, skey, key_size, skey_block);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _tls13_expand_secret(session, "iv", 2, NULL, 0, skey, iv_size, siv_block);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		client_write = &params->write;
+		server_write = &params->read;
+	} else {
+		client_write = &params->read;
+		server_write = &params->write;
+	}
+
+	client_write->mac_key_size = 0;
+	server_write->mac_key_size = 0;
+
+	assert(key_size <= sizeof(client_write->key));
+	memcpy(client_write->key, ckey_block, key_size);
+	client_write->key_size = key_size;
+
+	_gnutls_hard_log("INT: CLIENT WRITE KEY [%d]: %s\n",
+			 key_size,
+			 _gnutls_bin2hex(ckey_block, key_size,
+					 buf, sizeof(buf), NULL));
+
+	memcpy(server_write->key, skey_block, key_size);
+	server_write->key_size = key_size;
+
+	_gnutls_hard_log("INT: SERVER WRITE KEY [%d]: %s\n",
+			 key_size,
+			 _gnutls_bin2hex(skey_block, key_size,
+					 buf, sizeof(buf), NULL));
+
+	if (iv_size > 0) {
+		assert(iv_size <= sizeof(client_write->iv));
+		memcpy(client_write->iv, civ_block, iv_size);
+		client_write->iv_size = iv_size;
+
+		_gnutls_hard_log("INT: CLIENT WRITE IV [%d]: %s\n",
+				 iv_size,
+				 _gnutls_bin2hex(civ_block, iv_size,
+						 buf, sizeof(buf), NULL));
+
+		memcpy(server_write->iv, siv_block, iv_size);
+		server_write->iv_size = iv_size;
+
+		_gnutls_hard_log("INT: SERVER WRITE IV [%d]: %s\n",
+				 iv_size,
+				 _gnutls_bin2hex(siv_block, iv_size,
+						 buf, sizeof(buf), NULL));
+	}
+
+	client_write->level = server_write->level = stage == STAGE_HS ?
+		GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE :
+		GNUTLS_ENCRYPTION_LEVEL_APPLICATION;
+
+	return 0;
+}
+
+static int
+_gnutls_init_record_state(record_parameters_st * params,
+			  const version_entry_st * ver, int read,
+			  record_state_st * state)
+{
+	int ret;
+	gnutls_datum_t *iv = NULL, _iv;
+	gnutls_datum_t key;
+	gnutls_datum_t mac;
+
+	_iv.data = state->iv;
+	_iv.size = state->iv_size;
+
+	key.data = state->key;
+	key.size = state->key_size;
+
+	mac.data = state->mac_key;
+	mac.size = state->mac_key_size;
+
+	if (_gnutls_cipher_type(params->cipher) == CIPHER_BLOCK) {
+		if (!_gnutls_version_has_explicit_iv(ver))
+			iv = &_iv;
+	} else if (_gnutls_cipher_type(params->cipher) == CIPHER_STREAM) {
+		/* To handle GOST ciphersuites */
+		if (_gnutls_cipher_get_implicit_iv_size(params->cipher))
+			iv = &_iv;
+	}
+
+	ret = _gnutls_auth_cipher_init(&state->ctx.tls12,
+				       params->cipher, &key, iv,
+				       params->mac, &mac,
+				       params->etm,
+#ifdef ENABLE_SSL3
+				       (ver->id == GNUTLS_SSL3) ? 1 : 0,
+#endif
+				       1 - read /*1==encrypt */ );
+	if (ret < 0 && params->cipher->id != GNUTLS_CIPHER_NULL) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+	
+	if (is_cipher_algo_allowed(params->cipher->id))
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	else
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+
+	return 0;
+}
+
+int
+_gnutls_set_cipher_suite2(gnutls_session_t session,
+			  const gnutls_cipher_suite_entry_st *cs)
+{
+	const cipher_entry_st *cipher_algo;
+	const mac_entry_st *mac_algo;
+	record_parameters_st *params;
+	int ret;
+	const version_entry_st *ver = get_version(session);
+
+	ret = _gnutls_epoch_get(session, EPOCH_NEXT, &params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	cipher_algo = cipher_to_entry(cs->block_algorithm);
+	mac_algo = mac_to_entry(cs->mac_algorithm);
+
+	if (ver->tls13_sem && (session->internals.hsk_flags & HSK_HRR_SENT)) {
+		if (params->initialized && (params->cipher != cipher_algo ||
+		    params->mac != mac_algo || cs != session->security_parameters.cs))
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		return 0;
+	}
+
+	/* The params shouldn't have been initialized at this point, unless we
+	 * are doing trial encryption/decryption of early data.
+	 */
+	if (unlikely
+	    (!((session->internals.hsk_flags & HSK_EARLY_DATA_IN_FLIGHT &&
+		!IS_SERVER(session)) ||
+	       (session->internals.hsk_flags & HSK_EARLY_DATA_ACCEPTED &&
+		IS_SERVER(session))) &&
+	     (params->initialized
+	      || params->cipher != NULL || params->mac != NULL))) {
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	if (_gnutls_cipher_is_ok(cipher_algo) == 0
+	    || _gnutls_mac_is_ok(mac_algo) == 0)
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+
+	if (_gnutls_version_has_selectable_prf(get_version(session))) {
+		if (cs->prf == GNUTLS_MAC_UNKNOWN ||
+		    _gnutls_mac_is_ok(mac_to_entry(cs->prf)) == 0)
+			return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+		session->security_parameters.prf = mac_to_entry(cs->prf);
+	} else {
+		session->security_parameters.prf = mac_to_entry(GNUTLS_MAC_MD5_SHA1);
+	}
+
+	session->security_parameters.cs = cs;
+	params->cipher = cipher_algo;
+	params->mac = mac_algo;
+
+	return 0;
+}
+
+/* Sets the next epoch to be a clone of the current one.
+ * The keys are not cloned, only the cipher and MAC.
+ */
+int _gnutls_epoch_dup(gnutls_session_t session, unsigned int epoch_rel)
+{
+	record_parameters_st *prev;
+	record_parameters_st *next;
+	int ret;
+
+	ret = _gnutls_epoch_get(session, epoch_rel, &prev);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_epoch_get(session, EPOCH_NEXT, &next);
+	if (ret < 0) {
+		ret = _gnutls_epoch_setup_next(session, 0, &next);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	if (next->initialized
+	    || next->cipher != NULL || next->mac != NULL)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	next->cipher = prev->cipher;
+	next->mac = prev->mac;
+
+	return 0;
+}
+
+int _gnutls_epoch_set_keys(gnutls_session_t session, uint16_t epoch, hs_stage_t stage)
+{
+	int hash_size;
+	int IV_size;
+	int key_size;
+	record_parameters_st *params;
+	int ret;
+	const version_entry_st *ver =
+		stage == STAGE_EARLY && !IS_SERVER(session) ?
+		session->internals.resumed_security_parameters.pversion :
+		get_version(session);
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	ret = _gnutls_epoch_get(session, epoch, &params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (params->initialized)
+		return 0;
+
+	_gnutls_record_log
+	    ("REC[%p]: Initializing epoch #%u\n", session, params->epoch);
+
+	if (_gnutls_cipher_is_ok(params->cipher) == 0 ||
+	    _gnutls_mac_is_ok(params->mac) == 0)
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+
+	if (_gnutls_version_has_explicit_iv(ver) &&
+	    (_gnutls_cipher_type(params->cipher) != CIPHER_BLOCK)) {
+		IV_size = _gnutls_cipher_get_implicit_iv_size(params->cipher);
+	} else {
+		IV_size = _gnutls_cipher_get_iv_size(params->cipher);
+	}
+
+	key_size = _gnutls_cipher_get_key_size(params->cipher);
+	hash_size = _gnutls_mac_get_key_size(params->mac);
+	params->etm = session->security_parameters.etm;
+
+	if (ver->tls13_sem) {
+		ret = _tls13_set_keys
+		    (session, stage, params, IV_size, key_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		if (stage != STAGE_EARLY ||
+		    session->security_parameters.entity == GNUTLS_SERVER) {
+			ret = _tls13_init_record_state(params->cipher->id, &params->read);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+
+		if (stage != STAGE_EARLY ||
+		    session->security_parameters.entity == GNUTLS_CLIENT) {
+			ret = _tls13_init_record_state(params->cipher->id, &params->write);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+	} else {
+		ret = _gnutls_set_keys
+		    (session, params, hash_size, IV_size, key_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_init_record_state(params, ver, 1, &params->read);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_init_record_state(params, ver, 0, &params->write);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	/* The TLS1.3 limit of 256 additional bytes is also enforced under CBC
+	 * ciphers to ensure we interoperate with gnutls 2.12.x which could add padding
+	 * data exceeding the maximum. */
+	if (ver->tls13_sem || _gnutls_cipher_type(params->cipher) == CIPHER_BLOCK) {
+		session->internals.max_recv_size = 256;
+	} else {
+		session->internals.max_recv_size = 0;
+	}
+
+	if (!ver->tls13_sem) {
+		session->internals.max_recv_size += _gnutls_record_overhead(ver, params->cipher, params->mac, 1);
+		if (session->internals.allow_large_records != 0)
+			session->internals.max_recv_size += EXTRA_COMP_SIZE;
+	}
+
+	session->internals.max_recv_size += session->security_parameters.max_record_recv_size + RECORD_HEADER_SIZE(session);
+
+	_dtls_reset_window(params);
+
+	_gnutls_record_log("REC[%p]: Epoch #%u ready\n", session,
+			   params->epoch);
+
+	params->initialized = 1;
+	return 0;
+}
+
+void _gnutls_set_resumed_parameters(gnutls_session_t session)
+{
+	security_parameters_st *src =
+	    &session->internals.resumed_security_parameters;
+	security_parameters_st *dst = &session->security_parameters;
+	const version_entry_st *ver = get_version(session);
+
+	/* Under TLS 1.3, these values are items which are not
+	 * negotiated on the subsequent session. */
+	if (!ver->tls13_sem) {
+		dst->cs = src->cs;
+		_gnutls_memory_mark_defined(dst->master_secret, GNUTLS_MASTER_SIZE);
+		memcpy(dst->master_secret, src->master_secret, GNUTLS_MASTER_SIZE);
+		_gnutls_memory_mark_defined(dst->client_random, GNUTLS_RANDOM_SIZE);
+		memcpy(dst->client_random, src->client_random, GNUTLS_RANDOM_SIZE);
+		_gnutls_memory_mark_defined(dst->server_random, GNUTLS_RANDOM_SIZE);
+		memcpy(dst->server_random, src->server_random, GNUTLS_RANDOM_SIZE);
+		dst->ext_master_secret = src->ext_master_secret;
+		dst->etm = src->etm;
+		dst->prf = src->prf;
+		dst->grp = src->grp;
+		dst->pversion = src->pversion;
+	}
+	memcpy(dst->session_id, src->session_id, GNUTLS_MAX_SESSION_ID_SIZE);
+	dst->session_id_size = src->session_id_size;
+	dst->timestamp = src->timestamp;
+	dst->client_ctype = src->client_ctype;
+	dst->server_ctype = src->server_ctype;
+	dst->client_auth_type = src->client_auth_type;
+	dst->server_auth_type = src->server_auth_type;
+
+	if (!ver->tls13_sem &&
+	    !(session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_NEGOTIATED)) {
+		dst->max_record_recv_size = src->max_record_recv_size;
+		dst->max_record_send_size = src->max_record_send_size;
+	}
+}
+
+/* Sets the current connection session to conform with the
+ * Security parameters(pending session), and initializes encryption.
+ * Actually it initializes and starts encryption ( so it needs
+ * secrets and random numbers to have been negotiated)
+ * This is to be called after sending the Change Cipher Spec packet.
+ */
+int _gnutls_connection_state_init(gnutls_session_t session)
+{
+	int ret;
+
+/* Setup the master secret 
+ */
+	if ((ret = _gnutls_generate_master(session, 0)) < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+/* Initializes the read connection session
+ * (read encrypted data)
+ */
+int _gnutls_read_connection_state_init(gnutls_session_t session)
+{
+	const uint16_t epoch_next =
+	    session->security_parameters.epoch_next;
+	int ret;
+
+	/* Update internals from CipherSuite selected.
+	 * If we are resuming just copy the connection session
+	 */
+	if (session->internals.resumed &&
+	    session->security_parameters.entity == GNUTLS_CLIENT)
+		_gnutls_set_resumed_parameters(session);
+
+	ret = _gnutls_epoch_set_keys(session, epoch_next, 0);
+	if (ret < 0)
+		return ret;
+
+	_gnutls_handshake_log("HSK[%p]: Cipher Suite: %s\n",
+			      session,
+			      session->security_parameters.cs->name);
+
+	session->security_parameters.epoch_read = epoch_next;
+
+	return 0;
+}
+
+/* Initializes the write connection session
+ * (write encrypted data)
+ */
+int _gnutls_write_connection_state_init(gnutls_session_t session)
+{
+	const uint16_t epoch_next =
+	    session->security_parameters.epoch_next;
+	int ret;
+
+	/* reset max_record_send_size if it was negotiated in the
+	 * previous handshake using the record_size_limit extension */
+	if (!(session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_NEGOTIATED) &&
+	    session->security_parameters.entity == GNUTLS_SERVER)
+		session->security_parameters.max_record_send_size =
+			session->security_parameters.max_user_record_send_size;
+
+/* Update internals from CipherSuite selected.
+ * If we are resuming just copy the connection session
+ */
+	if (session->internals.resumed &&
+	    session->security_parameters.entity == GNUTLS_SERVER)
+		_gnutls_set_resumed_parameters(session);
+
+	ret = _gnutls_epoch_set_keys(session, epoch_next, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_handshake_log("HSK[%p]: Cipher Suite: %s\n", session,
+			      session->security_parameters.cs->name);
+
+	_gnutls_handshake_log
+	    ("HSK[%p]: Initializing internal [write] cipher sessions\n",
+	     session);
+
+	session->security_parameters.epoch_write = epoch_next;
+
+	return 0;
+}
+
+static inline int
+epoch_resolve(gnutls_session_t session,
+	      unsigned int epoch_rel, uint16_t * epoch_out)
+{
+	switch (epoch_rel) {
+	case EPOCH_READ_CURRENT:
+		*epoch_out = session->security_parameters.epoch_read;
+		return 0;
+
+	case EPOCH_WRITE_CURRENT:
+		*epoch_out = session->security_parameters.epoch_write;
+		return 0;
+
+	case EPOCH_NEXT:
+		*epoch_out = session->security_parameters.epoch_next;
+		return 0;
+
+	default:
+		if (epoch_rel > 0xffffu)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		*epoch_out = epoch_rel;
+		return 0;
+	}
+}
+
+static inline record_parameters_st **epoch_get_slot(gnutls_session_t
+						    session,
+						    uint16_t epoch)
+{
+	uint16_t epoch_index =
+	    epoch - session->security_parameters.epoch_min;
+
+	if (epoch_index >= MAX_EPOCH_INDEX) {
+		_gnutls_handshake_log
+		    ("Epoch %d out of range (idx: %d, max: %d)\n",
+		     (int) epoch, (int) epoch_index, MAX_EPOCH_INDEX);
+		gnutls_assert();
+		return NULL;
+	}
+	/* The slot may still be empty (NULL) */
+	return &session->record_parameters[epoch_index];
+}
+
+int
+_gnutls_epoch_get(gnutls_session_t session, unsigned int epoch_rel,
+		  record_parameters_st ** params_out)
+{
+	uint16_t epoch;
+	record_parameters_st **params;
+	int ret;
+
+	gnutls_mutex_lock(&session->internals.epoch_lock);
+
+	ret = epoch_resolve(session, epoch_rel, &epoch);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	params = epoch_get_slot(session, epoch);
+	if (params == NULL || *params == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto cleanup;
+	}
+
+	if (params_out)
+		*params_out = *params;
+
+	ret = 0;
+
+cleanup:
+	gnutls_mutex_unlock(&session->internals.epoch_lock);
+	return ret;
+}
+
+/* Ensures that the next epoch is setup. When an epoch will null ciphers
+ * is to be setup, call with @null_epoch set to true. In that case
+ * the epoch is fully initialized after call.
+ */
+int
+_gnutls_epoch_setup_next(gnutls_session_t session, unsigned null_epoch, record_parameters_st **newp)
+{
+	record_parameters_st **slot;
+
+	slot = epoch_get_slot(session, session->security_parameters.epoch_next);
+
+	/* If slot out of range or not empty. */
+	if (slot == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (*slot != NULL) { /* already initialized */
+		if (unlikely(null_epoch && !(*slot)->initialized))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		if (unlikely((*slot)->epoch != session->security_parameters.epoch_next))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		goto finish;
+	}
+
+	_gnutls_record_log("REC[%p]: Allocating epoch #%u\n", session,
+			   session->security_parameters.epoch_next);
+
+	*slot = gnutls_calloc(1, sizeof(record_parameters_st));
+	if (*slot == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	(*slot)->epoch = session->security_parameters.epoch_next;
+
+	if (null_epoch) {
+		(*slot)->cipher = cipher_to_entry(GNUTLS_CIPHER_NULL);
+		(*slot)->mac = mac_to_entry(GNUTLS_MAC_NULL);
+		(*slot)->initialized = 1;
+	} else {
+		(*slot)->cipher = NULL;
+		(*slot)->mac = NULL;
+	}
+
+	if (IS_DTLS(session)) {
+		uint64_t seq = (*slot)->write.sequence_number;
+		seq &= UINT64_C(0xffffffffffff);
+		seq |= ((uint64_t)session->security_parameters.epoch_next) << 48;
+		(*slot)->write.sequence_number = seq;
+	}
+
+ finish:
+	if (newp != NULL)
+		*newp = *slot;
+
+	return 0;
+}
+
+static inline int
+epoch_is_active(gnutls_session_t session, record_parameters_st * params)
+{
+	const security_parameters_st *sp = &session->security_parameters;
+
+	if (params->epoch == sp->epoch_read)
+		return 1;
+
+	if (params->epoch == sp->epoch_write)
+		return 1;
+
+	if (params->epoch == sp->epoch_next)
+		return 1;
+
+	return 0;
+}
+
+static inline int
+epoch_alive(gnutls_session_t session, record_parameters_st * params)
+{
+	if (params->usage_cnt > 0)
+		return 1;
+
+	return epoch_is_active(session, params);
+}
+
+void _gnutls_epoch_gc(gnutls_session_t session)
+{
+	int i, j;
+	unsigned int min_index = 0;
+
+	_gnutls_record_log("REC[%p]: Start of epoch cleanup\n", session);
+
+	gnutls_mutex_lock(&session->internals.epoch_lock);
+
+	/* Free all dead cipher state */
+	for (i = 0; i < MAX_EPOCH_INDEX; i++) {
+		if (session->record_parameters[i] != NULL) {
+			if (!epoch_is_active
+			    (session, session->record_parameters[i])
+			    && session->record_parameters[i]->usage_cnt)
+				_gnutls_record_log
+				    ("REC[%p]: Note inactive epoch %d has %d users\n",
+				     session,
+				     session->record_parameters[i]->epoch,
+				     session->record_parameters[i]->
+				     usage_cnt);
+			if (!epoch_alive
+			    (session, session->record_parameters[i])) {
+				_gnutls_epoch_free(session,
+						   session->
+						   record_parameters[i]);
+				session->record_parameters[i] = NULL;
+			}
+		}
+	}
+
+	/* Look for contiguous NULLs at the start of the array */
+	for (i = 0;
+	     i < MAX_EPOCH_INDEX && session->record_parameters[i] == NULL;
+	     i++);
+	min_index = i;
+
+	/* Pick up the slack in the epoch window. */
+	if (min_index != 0) {
+		for (i = 0, j = min_index; j < MAX_EPOCH_INDEX; i++, j++) {
+			session->record_parameters[i] =
+			    session->record_parameters[j];
+			session->record_parameters[j] = NULL;
+		}
+	}
+
+	/* Set the new epoch_min */
+	if (session->record_parameters[0] != NULL)
+		session->security_parameters.epoch_min =
+		    session->record_parameters[0]->epoch;
+
+	gnutls_mutex_unlock(&session->internals.epoch_lock);
+
+	_gnutls_record_log("REC[%p]: End of epoch cleanup\n", session);
+}
+
+static inline void free_record_state(record_state_st * state)
+{
+	zeroize_temp_key(state->mac_key, state->mac_key_size);
+	zeroize_temp_key(state->iv, state->iv_size);
+	zeroize_temp_key(state->key, state->key_size);
+
+	if (state->is_aead)
+		_gnutls_aead_cipher_deinit(&state->ctx.aead);
+	else
+		_gnutls_auth_cipher_deinit(&state->ctx.tls12);
+}
+
+void
+_gnutls_epoch_free(gnutls_session_t session, record_parameters_st * params)
+{
+	_gnutls_record_log("REC[%p]: Epoch #%u freed\n", session,
+			   params->epoch);
+
+	free_record_state(&params->read);
+	free_record_state(&params->write);
+
+	gnutls_free(params);
+}
+
+static int
+_gnutls_call_secret_func(gnutls_session_t session,
+			 hs_stage_t stage,
+			 bool for_read, bool for_write)
+{
+	const mac_entry_st *prf = NULL;
+	gnutls_record_encryption_level_t level;
+	void *secret_read = NULL, *secret_write = NULL;
+
+	if (session->internals.h_secret_func == NULL)
+		return 0;
+
+	switch (stage) {
+	case STAGE_EARLY:
+		prf = session->key.binders[0].prf;
+		level = GNUTLS_ENCRYPTION_LEVEL_EARLY;
+		if (for_read) {
+			if (unlikely(session->security_parameters.entity == GNUTLS_CLIENT))
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+			secret_read = session->key.proto.tls13.e_ckey;
+		}
+		if (for_write) {
+			if (unlikely(session->security_parameters.entity == GNUTLS_SERVER))
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+			secret_write = session->key.proto.tls13.e_ckey;
+		}
+		break;
+	case STAGE_HS:
+		prf = session->security_parameters.prf;
+		level = GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE;
+		if (for_read)
+			secret_read = session->security_parameters.
+				entity == GNUTLS_CLIENT ?
+				session->key.proto.tls13.hs_skey :
+				session->key.proto.tls13.hs_ckey;
+		if (for_write)
+			secret_write = session->security_parameters.
+				entity == GNUTLS_CLIENT ?
+				session->key.proto.tls13.hs_ckey :
+				session->key.proto.tls13.hs_skey;
+		break;
+	case STAGE_APP:
+	case STAGE_UPD_OURS:
+	case STAGE_UPD_PEERS:
+		prf = session->security_parameters.prf;
+		level = GNUTLS_ENCRYPTION_LEVEL_APPLICATION;
+		if (for_read)
+			secret_read = session->security_parameters.
+				entity == GNUTLS_CLIENT ?
+				session->key.proto.tls13.ap_skey :
+				session->key.proto.tls13.ap_ckey;
+		if (for_write)
+			secret_write = session->security_parameters.
+				entity == GNUTLS_CLIENT ?
+				session->key.proto.tls13.ap_ckey :
+				session->key.proto.tls13.ap_skey;
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	return session->internals.h_secret_func(session, level,
+						secret_read, secret_write,
+						prf->output_size);
+}
+
+int _tls13_connection_state_init(gnutls_session_t session, hs_stage_t stage)
+{
+	const uint16_t epoch_next =
+	    session->security_parameters.epoch_next;
+	int ret;
+
+	ret = _gnutls_epoch_set_keys(session, epoch_next, stage);
+	if (ret < 0)
+		return ret;
+
+	_gnutls_handshake_log("HSK[%p]: TLS 1.3 re-key with cipher suite: %s\n",
+			      session,
+			      session->security_parameters.cs->name);
+
+	session->security_parameters.epoch_read = epoch_next;
+	session->security_parameters.epoch_write = epoch_next;
+
+	ret = _gnutls_call_secret_func(session, stage, 1, 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+int _tls13_read_connection_state_init(gnutls_session_t session, hs_stage_t stage)
+{
+	const uint16_t epoch_next =
+	    session->security_parameters.epoch_next;
+	int ret;
+
+	if (unlikely(stage == STAGE_EARLY && !IS_SERVER(session))) {
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	ret = _gnutls_epoch_set_keys(session, epoch_next, stage);
+	if (ret < 0)
+		return ret;
+
+	_gnutls_handshake_log("HSK[%p]: TLS 1.3 set read key with cipher suite: %s\n",
+			      session,
+			      stage == STAGE_EARLY ?
+			      session->internals.resumed_security_parameters.cs->name :
+			      session->security_parameters.cs->name);
+
+	session->security_parameters.epoch_read = epoch_next;
+
+	ret = _gnutls_call_secret_func(session, stage, 1, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+int _tls13_write_connection_state_init(gnutls_session_t session, hs_stage_t stage)
+{
+	const uint16_t epoch_next =
+	    session->security_parameters.epoch_next;
+	int ret;
+
+	if (unlikely(stage == STAGE_EARLY && IS_SERVER(session))) {
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	ret = _gnutls_epoch_set_keys(session, epoch_next, stage);
+	if (ret < 0)
+		return ret;
+
+	_gnutls_handshake_log("HSK[%p]: TLS 1.3 set write key with cipher suite: %s\n",
+			      session,
+			      stage == STAGE_EARLY ?
+			      session->internals.resumed_security_parameters.cs->name :
+			      session->security_parameters.cs->name);
+
+	session->security_parameters.epoch_write = epoch_next;
+
+	ret = _gnutls_call_secret_func(session, stage, 0, 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+static int
+_tls13_init_record_state(gnutls_cipher_algorithm_t algo, record_state_st *state)
+{
+	int ret;
+	gnutls_datum_t key;
+
+	key.data = state->key;
+	key.size = state->key_size;
+
+	ret = _gnutls_aead_cipher_init(&state->ctx.aead, algo, &key);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+
+	if (is_cipher_algo_allowed(algo))
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	else
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+
+	state->aead_tag_size = gnutls_cipher_get_tag_size(algo);
+	state->is_aead = 1;
+
+	return 0;
+}
+
+/**
+ * gnutls_handshake_set_secret_function:
+ * @session: is a #gnutls_session_t type.
+ * @func: the secret func
+ *
+ * This function will set a callback to be called when a new traffic
+ * secret is installed.
+ *
+ * Since: 3.7.0
+ */
+void
+gnutls_handshake_set_secret_function(gnutls_session_t session,
+				     gnutls_handshake_secret_func func)
+{
+	session->internals.h_secret_func = func;
+}
diff --git a/lib/constate.h b/lib/constate.h
new file mode 100644
index 0000000..bd5d8c0
--- /dev/null
+++ b/lib/constate.h
@@ -0,0 +1,98 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_CONSTATE_H
+#define GNUTLS_LIB_CONSTATE_H
+
+int _gnutls_set_cipher_suite2(gnutls_session_t session,
+			     const gnutls_cipher_suite_entry_st *cs);
+
+int _gnutls_epoch_set_keys(gnutls_session_t session, uint16_t epoch, hs_stage_t stage);
+int _gnutls_connection_state_init(gnutls_session_t session);
+int _gnutls_read_connection_state_init(gnutls_session_t session);
+int _gnutls_write_connection_state_init(gnutls_session_t session);
+
+#define _gnutls_epoch_bump(session) \
+	(session)->security_parameters.epoch_next++
+
+int _gnutls_epoch_dup(gnutls_session_t session, unsigned int epoch_rel);
+
+int _gnutls_epoch_get(gnutls_session_t session, unsigned int epoch_rel,
+		      record_parameters_st ** params_out);
+int _gnutls_epoch_setup_next(gnutls_session_t session, unsigned null_epoch, record_parameters_st **newp);
+void _gnutls_epoch_gc(gnutls_session_t session);
+void _gnutls_epoch_free(gnutls_session_t session,
+			record_parameters_st * state);
+
+void _gnutls_set_resumed_parameters(gnutls_session_t session);
+
+int _tls13_connection_state_init(gnutls_session_t session, hs_stage_t stage);
+int _tls13_read_connection_state_init(gnutls_session_t session, hs_stage_t stage);
+int _tls13_write_connection_state_init(gnutls_session_t session, hs_stage_t stage);
+
+static inline int _gnutls_epoch_is_valid(gnutls_session_t session,
+					 int epoch)
+{
+	record_parameters_st *params;
+	int ret;
+
+	ret = _gnutls_epoch_get(session, epoch, &params);
+	if (ret < 0)
+		return 0;
+
+	return 1;
+}
+
+
+static inline int _gnutls_epoch_refcount_inc(gnutls_session_t session,
+					     int epoch)
+{
+	record_parameters_st *params;
+	int ret;
+
+	ret = _gnutls_epoch_get(session, epoch, &params);
+	if (ret < 0)
+		return ret;
+
+	params->usage_cnt++;
+
+	return params->epoch;
+}
+
+static inline int _gnutls_epoch_refcount_dec(gnutls_session_t session,
+					     uint16_t epoch)
+{
+	record_parameters_st *params;
+	int ret;
+
+	ret = _gnutls_epoch_get(session, epoch, &params);
+	if (ret < 0)
+		return ret;
+
+	params->usage_cnt--;
+	if (params->usage_cnt < 0)
+		return GNUTLS_E_INTERNAL_ERROR;
+
+	return 0;
+}
+
+#endif /* GNUTLS_LIB_CONSTATE_H */
diff --git a/lib/crypto-api.c b/lib/crypto-api.c
new file mode 100644
index 0000000..7f81011
--- /dev/null
+++ b/lib/crypto-api.c
@@ -0,0 +1,2232 @@
+/*
+ * Copyright (C) 2000-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <cipher_int.h>
+#include <datum.h>
+#include <gnutls/crypto.h>
+#include <algorithms.h>
+#include <random.h>
+#include <crypto.h>
+#include <fips.h>
+#include "crypto-api.h"
+#include "iov.h"
+#include "intprops.h"
+
+typedef struct api_cipher_hd_st {
+	cipher_hd_st ctx_enc;
+	cipher_hd_st ctx_dec;
+} api_cipher_hd_st;
+
+/**
+ * gnutls_cipher_init:
+ * @handle: is a #gnutls_cipher_hd_t type
+ * @cipher: the encryption algorithm to use
+ * @key: the key to be used for encryption/decryption
+ * @iv: the IV to use (if not applicable set NULL)
+ *
+ * This function will initialize the @handle context to be usable
+ * for encryption/decryption of data. This will effectively use the
+ * current crypto backend in use by gnutls or the cryptographic
+ * accelerator in use.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 2.10.0
+ **/
+int
+gnutls_cipher_init(gnutls_cipher_hd_t * handle,
+		   gnutls_cipher_algorithm_t cipher,
+		   const gnutls_datum_t * key, const gnutls_datum_t * iv)
+{
+	api_cipher_hd_st *h;
+	int ret;
+	const cipher_entry_st* e;
+	bool not_approved = false;
+
+	if (!is_cipher_algo_allowed(cipher)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+	} else if (!is_cipher_algo_approved_in_fips(cipher)) {
+		not_approved = true;
+	}
+
+	e = cipher_to_entry(cipher);
+	if (e == NULL || (e->flags & GNUTLS_CIPHER_FLAG_ONLY_AEAD)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	h = gnutls_calloc(1, sizeof(api_cipher_hd_st));
+	if (h == NULL) {
+		gnutls_assert();
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret =
+	    _gnutls_cipher_init(&h->ctx_enc, e, key,
+				iv, 1);
+	if (ret < 0) {
+		gnutls_free(h);
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return ret;
+	}
+
+	if (_gnutls_cipher_type(e) == CIPHER_BLOCK) {
+		ret =
+		    _gnutls_cipher_init(&h->ctx_dec, e, key, iv, 0);
+		if (ret < 0) {
+			gnutls_free(h);
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return ret;
+		}
+	}
+
+	*handle = h;
+
+	if (not_approved) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_cipher_tag:
+ * @handle: is a #gnutls_cipher_hd_t type
+ * @tag: will hold the tag
+ * @tag_size: the length of the tag to return
+ *
+ * This function operates on authenticated encryption with
+ * associated data (AEAD) ciphers and will return the
+ * output tag.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_cipher_tag(gnutls_cipher_hd_t handle, void *tag, size_t tag_size)
+{
+	api_cipher_hd_st *h = handle;
+
+	if (_gnutls_cipher_is_aead(&h->ctx_enc) == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	_gnutls_cipher_tag(&h->ctx_enc, tag, tag_size);
+
+	return 0;
+}
+
+/**
+ * gnutls_cipher_add_auth:
+ * @handle: is a #gnutls_cipher_hd_t type
+ * @ptext: the data to be authenticated
+ * @ptext_size: the length of the data
+ *
+ * This function operates on authenticated encryption with
+ * associated data (AEAD) ciphers and authenticate the
+ * input data. This function can only be called once
+ * and before any encryption operations.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_cipher_add_auth(gnutls_cipher_hd_t handle, const void *ptext,
+		       size_t ptext_size)
+{
+	api_cipher_hd_st *h = handle;
+	int ret;
+
+	if (_gnutls_cipher_is_aead(&h->ctx_enc) == 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	ret = _gnutls_cipher_auth(&h->ctx_enc, ptext, ptext_size);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	}
+	return ret;
+}
+
+/**
+ * gnutls_cipher_set_iv:
+ * @handle: is a #gnutls_cipher_hd_t type
+ * @iv: the IV to set
+ * @ivlen: the length of the IV
+ *
+ * This function will set the IV to be used for the next
+ * encryption block.
+ *
+ * Since: 3.0
+ **/
+void
+gnutls_cipher_set_iv(gnutls_cipher_hd_t handle, void *iv, size_t ivlen)
+{
+	api_cipher_hd_st *h = handle;
+
+	if (_gnutls_cipher_setiv(&h->ctx_enc, iv, ivlen) < 0) {
+		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	}
+
+	if (_gnutls_cipher_type(h->ctx_enc.e) == CIPHER_BLOCK) {
+		if (_gnutls_cipher_setiv(&h->ctx_dec, iv, ivlen) < 0) {
+			_gnutls_switch_lib_state(LIB_STATE_ERROR);
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		}
+	}
+}
+
+/*-
+ * _gnutls_cipher_get_iv:
+ * @handle: is a #gnutls_cipher_hd_t type
+ * @iv: the IV to set
+ * @ivlen: the length of the IV
+ *
+ * This function will retrieve the internally calculated IV value. It is
+ * intended to be used  for modes like CFB. @iv must have @ivlen length
+ * at least.
+ *
+ * This is solely for validation purposes of our crypto
+ * implementation.  For other purposes, the IV can be typically
+ * calculated from the initial IV value and the subsequent ciphertext
+ * values.  As such, this function only works with the internally
+ * registered ciphers.
+ *
+ * Returns: The length of IV or a negative error code on error.
+ *
+ * Since: 3.6.8
+ -*/
+int
+_gnutls_cipher_get_iv(gnutls_cipher_hd_t handle, void *iv, size_t ivlen)
+{
+	api_cipher_hd_st *h = handle;
+
+	return _gnutls_cipher_getiv(&h->ctx_enc, iv, ivlen);
+}
+
+/*-
+ * _gnutls_cipher_set_key:
+ * @handle: is a #gnutls_cipher_hd_t type
+ * @key: the key to set
+ * @keylen: the length of the key
+ *
+ * This function will set the key used by the cipher
+ *
+ * This is solely for validation purposes of our crypto
+ * implementation.  For other purposes, the key should be set at the time of
+ * cipher setup.  As such, this function only works with the internally
+ * registered ciphers.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.6.14
+ -*/
+int
+_gnutls_cipher_set_key(gnutls_cipher_hd_t handle, void *key, size_t keylen)
+{
+	api_cipher_hd_st *h = handle;
+	int ret;
+
+	ret = _gnutls_cipher_setkey(&h->ctx_enc, key, keylen);
+
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	}
+	return ret;
+}
+
+/**
+ * gnutls_cipher_encrypt:
+ * @handle: is a #gnutls_cipher_hd_t type
+ * @ptext: the data to encrypt
+ * @ptext_len: the length of data to encrypt
+ *
+ * This function will encrypt the given data using the algorithm
+ * specified by the context.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 2.10.0
+ **/
+int
+gnutls_cipher_encrypt(gnutls_cipher_hd_t handle, void *ptext,
+		      size_t ptext_len)
+{
+	api_cipher_hd_st *h = handle;
+	int ret;
+
+	ret = _gnutls_cipher_encrypt(&h->ctx_enc, ptext, ptext_len);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+	return ret;
+}
+
+/**
+ * gnutls_cipher_decrypt:
+ * @handle: is a #gnutls_cipher_hd_t type
+ * @ctext: the data to decrypt
+ * @ctext_len: the length of data to decrypt
+ *
+ * This function will decrypt the given data using the algorithm
+ * specified by the context.
+ *
+ * Note that in AEAD ciphers, this will not check the tag. You will
+ * need to compare the tag sent with the value returned from gnutls_cipher_tag().
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 2.10.0
+ **/
+int
+gnutls_cipher_decrypt(gnutls_cipher_hd_t handle, void *ctext,
+		      size_t ctext_len)
+{
+	api_cipher_hd_st *h = handle;
+	int ret;
+
+	if (_gnutls_cipher_type(h->ctx_enc.e) != CIPHER_BLOCK) {
+		ret = _gnutls_cipher_decrypt(&h->ctx_enc, ctext,
+					     ctext_len);
+	} else {
+		ret = _gnutls_cipher_decrypt(&h->ctx_dec, ctext,
+					     ctext_len);
+	}
+
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+	return ret;
+}
+
+/**
+ * gnutls_cipher_encrypt2:
+ * @handle: is a #gnutls_cipher_hd_t type
+ * @ptext: the data to encrypt
+ * @ptext_len: the length of data to encrypt
+ * @ctext: the encrypted data
+ * @ctext_len: the available length for encrypted data
+ *
+ * This function will encrypt the given data using the algorithm
+ * specified by the context. For block ciphers the @ptext_len must be
+ * a multiple of the block size. For the supported ciphers the encrypted
+ * data length will equal the plaintext size.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_cipher_encrypt2(gnutls_cipher_hd_t handle, const void *ptext,
+		       size_t ptext_len, void *ctext,
+		       size_t ctext_len)
+{
+	api_cipher_hd_st *h = handle;
+	int ret;
+
+	ret = _gnutls_cipher_encrypt2(&h->ctx_enc, ptext, ptext_len,
+				      ctext, ctext_len);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+	return ret;
+}
+
+/**
+ * gnutls_cipher_decrypt2:
+ * @handle: is a #gnutls_cipher_hd_t type
+ * @ctext: the data to decrypt
+ * @ctext_len: the length of data to decrypt
+ * @ptext: the decrypted data
+ * @ptext_len: the available length for decrypted data
+ *
+ * This function will decrypt the given data using the algorithm
+ * specified by the context. For block ciphers the @ctext_len must be
+ * a multiple of the block size. For the supported ciphers the plaintext
+ * data length will equal the ciphertext size.
+ *
+ * Note that in AEAD ciphers, this will not check the tag. You will
+ * need to compare the tag sent with the value returned from gnutls_cipher_tag().
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_cipher_decrypt2(gnutls_cipher_hd_t handle, const void *ctext,
+		       size_t ctext_len, void *ptext, size_t ptext_len)
+{
+	api_cipher_hd_st *h = handle;
+	int ret;
+
+	if (_gnutls_cipher_type(h->ctx_enc.e) != CIPHER_BLOCK) {
+		ret = _gnutls_cipher_decrypt2(&h->ctx_enc, ctext,
+					      ctext_len, ptext,
+					      ptext_len);
+	} else {
+		ret = _gnutls_cipher_decrypt2(&h->ctx_dec, ctext,
+					      ctext_len, ptext,
+					      ptext_len);
+	}
+
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+	return ret;
+}
+
+/**
+ * gnutls_cipher_encrypt3:
+ * @handle: is a #gnutls_cipher_hd_t type
+ * @ptext: the data to encrypt
+ * @ptext_len: the length of data to encrypt
+ * @ctext: the encrypted data
+ * @ctext_len: the length of encrypted data (initially must hold the maximum available size)
+ * @flags: flags for padding
+ *
+ * This function will encrypt the given data using the algorithm
+ * specified by the context. For block ciphers, @ptext_len is
+ * typically a multiple of the block size. If not, the caller can
+ * instruct the function to pad the last block according to @flags.
+ * Currently, the only available padding scheme is
+ * %GNUTLS_CIPHER_PADDING_PKCS7.
+ *
+ * If @ctext is not %NULL, it must hold enough space to store
+ * resulting cipher text. To check the required size, this function
+ * can be called with @ctext set to %NULL. Then @ctext_len will be
+ * updated without performing actual encryption.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.7.7
+ **/
+int
+gnutls_cipher_encrypt3(gnutls_cipher_hd_t handle,
+		       const void *ptext, size_t ptext_len,
+		       void *ctext, size_t *ctext_len,
+		       unsigned flags)
+{
+	api_cipher_hd_st *h = handle;
+	const cipher_entry_st *e = h->ctx_enc.e;
+	int block_size = _gnutls_cipher_get_block_size(e);
+	int ret = 0;
+
+	if (unlikely(ctext_len == NULL)) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (_gnutls_cipher_type(e) == CIPHER_BLOCK &&
+	    (flags & GNUTLS_CIPHER_PADDING_PKCS7)) {
+		size_t n, r;
+		uint8_t last_block[MAX_CIPHER_BLOCK_SIZE];
+		const uint8_t *p = ptext;
+		uint8_t *c = ctext;
+
+		if (!INT_ADD_OK(ptext_len, block_size, &n)) {
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		}
+
+		n = (n / block_size) * block_size;
+
+		if (!ctext) {
+			*ctext_len = n;
+			return 0;
+		}
+
+		if (*ctext_len < n) {
+			return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+		}
+
+		/* Encrypt up to the last complete block */
+		r = ptext_len % block_size;
+
+		ret = _gnutls_cipher_encrypt2(&h->ctx_enc,
+					      ptext, ptext_len - r,
+					      ctext, ptext_len - r);
+		if (ret < 0) {
+			goto error;
+		}
+
+		/* Encrypt the last block with padding */
+		gnutls_memset(last_block, block_size - r, sizeof(last_block));
+		if (r > 0) {
+			memcpy(last_block, &p[ptext_len - r], r);
+		}
+		ret = _gnutls_cipher_encrypt2(&h->ctx_enc,
+					      last_block, block_size,
+					      &c[ptext_len - r], block_size);
+		if (ret < 0) {
+			goto error;
+		}
+		*ctext_len = n;
+	} else {
+		if (!ctext) {
+			*ctext_len = ptext_len;
+			return 0;
+		}
+
+		ret = _gnutls_cipher_encrypt2(&h->ctx_enc, ptext, ptext_len,
+					      ctext, *ctext_len);
+		if (ret < 0) {
+			goto error;
+		}
+		*ctext_len = ptext_len;
+	}
+
+ error:
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+	return ret;
+}
+
+/**
+ * gnutls_cipher_decrypt3:
+ * @handle: is a #gnutls_cipher_hd_t type
+ * @ctext: the data to decrypt
+ * @ctext_len: the length of data to decrypt
+ * @ptext: the decrypted data
+ * @ptext_len: the available length for decrypted data
+ * @flags: flags for padding
+ *
+ * This function will decrypt the given data using the algorithm
+ * specified by the context. If @flags is specified, padding for the
+ * decrypted data will be removed accordingly and @ptext_len will be
+ * updated.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.7.7
+ **/
+int
+gnutls_cipher_decrypt3(gnutls_cipher_hd_t handle,
+		       const void *ctext, size_t ctext_len,
+		       void *ptext, size_t *ptext_len,
+		       unsigned flags)
+{
+	api_cipher_hd_st *h = handle;
+	int ret;
+
+	ret = gnutls_cipher_decrypt2(handle,
+				     ctext, ctext_len,
+				     ptext, *ptext_len);
+	if (ret < 0) {
+		return ret;
+	}
+
+	if (_gnutls_cipher_type(h->ctx_enc.e) == CIPHER_BLOCK &&
+	    (flags & GNUTLS_CIPHER_PADDING_PKCS7)) {
+		uint8_t *p = ptext;
+		uint8_t padding = p[*ptext_len - 1];
+		if (!padding || padding > _gnutls_cipher_get_block_size(h->ctx_enc.e)) {
+			return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+		}
+		/* Check that the prior bytes are all PADDING */
+		for (size_t i = *ptext_len - padding; i < *ptext_len; i++) {
+			if (padding != p[*ptext_len - 1]) {
+				return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+			}
+		}
+		*ptext_len -= padding;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_cipher_deinit:
+ * @handle: is a #gnutls_cipher_hd_t type
+ *
+ * This function will deinitialize all resources occupied by the given
+ * encryption context.
+ *
+ * Since: 2.10.0
+ **/
+void gnutls_cipher_deinit(gnutls_cipher_hd_t handle)
+{
+	api_cipher_hd_st *h = handle;
+
+	_gnutls_cipher_deinit(&h->ctx_enc);
+	if (_gnutls_cipher_type(h->ctx_enc.e) == CIPHER_BLOCK)
+		_gnutls_cipher_deinit(&h->ctx_dec);
+	gnutls_free(handle);
+}
+
+
+/* HMAC */
+
+
+/**
+ * gnutls_hmac_init:
+ * @dig: is a #gnutls_hmac_hd_t type
+ * @algorithm: the HMAC algorithm to use
+ * @key: the key to be used for encryption
+ * @keylen: the length of the key
+ *
+ * This function will initialize an context that can be used to
+ * produce a Message Authentication Code (MAC) of data.  This will
+ * effectively use the current crypto backend in use by gnutls or the
+ * cryptographic accelerator in use.
+ *
+ * Note that despite the name of this function, it can be used
+ * for other MAC algorithms than HMAC.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 2.10.0
+ **/
+int
+gnutls_hmac_init(gnutls_hmac_hd_t * dig,
+		 gnutls_mac_algorithm_t algorithm,
+		 const void *key, size_t keylen)
+{
+	int ret;
+	bool not_approved = false;
+
+	/* MD5 is only allowed internally for TLS */
+	if (!is_mac_algo_allowed(algorithm)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+	} else if (!is_mac_algo_approved_in_fips(algorithm)) {
+		not_approved = true;
+	}
+
+	/* Key lengths of less than 112 bits are not approved */
+	if (keylen < 14) {
+		not_approved = true;
+	}
+
+	*dig = gnutls_malloc(sizeof(mac_hd_st));
+	if (*dig == NULL) {
+		gnutls_assert();
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret = _gnutls_mac_init(((mac_hd_st *) * dig),
+			       mac_to_entry(algorithm), key, keylen);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else if (not_approved) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+	return ret;
+}
+
+/**
+ * gnutls_hmac_set_nonce:
+ * @handle: is a #gnutls_hmac_hd_t type
+ * @nonce: the data to set as nonce
+ * @nonce_len: the length of data
+ *
+ * This function will set the nonce in the MAC algorithm.
+ *
+ * Since: 3.2.0
+ **/
+void
+gnutls_hmac_set_nonce(gnutls_hmac_hd_t handle, const void *nonce,
+		      size_t nonce_len)
+{
+	_gnutls_mac_set_nonce((mac_hd_st *) handle, nonce, nonce_len);
+}
+
+/**
+ * gnutls_hmac:
+ * @handle: is a #gnutls_hmac_hd_t type
+ * @ptext: the data to hash
+ * @ptext_len: the length of data to hash
+ *
+ * This function will hash the given data using the algorithm
+ * specified by the context.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 2.10.0
+ **/
+int gnutls_hmac(gnutls_hmac_hd_t handle, const void *ptext, size_t ptext_len)
+{
+	int ret;
+
+	ret = _gnutls_mac((mac_hd_st *) handle, ptext, ptext_len);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+	return ret;
+}
+
+/**
+ * gnutls_hmac_output:
+ * @handle: is a #gnutls_hmac_hd_t type
+ * @digest: is the output value of the MAC
+ *
+ * This function will output the current MAC value
+ * and reset the state of the MAC.
+ *
+ * Since: 2.10.0
+ **/
+void gnutls_hmac_output(gnutls_hmac_hd_t handle, void *digest)
+{
+	_gnutls_mac_output((mac_hd_st *) handle, digest);
+}
+
+/**
+ * gnutls_hmac_deinit:
+ * @handle: is a #gnutls_hmac_hd_t type
+ * @digest: is the output value of the MAC
+ *
+ * This function will deinitialize all resources occupied by
+ * the given hmac context.
+ *
+ * Since: 2.10.0
+ **/
+void gnutls_hmac_deinit(gnutls_hmac_hd_t handle, void *digest)
+{
+	_gnutls_mac_deinit((mac_hd_st *) handle, digest);
+	gnutls_free(handle);
+}
+
+/**
+ * gnutls_hmac_get_len:
+ * @algorithm: the hmac algorithm to use
+ *
+ * This function will return the length of the output data
+ * of the given hmac algorithm.
+ *
+ * Returns: The length or zero on error.
+ *
+ * Since: 2.10.0
+ **/
+unsigned gnutls_hmac_get_len(gnutls_mac_algorithm_t algorithm)
+{
+	return _gnutls_mac_get_algo_len(mac_to_entry(algorithm));
+}
+
+/**
+ * gnutls_hmac_get_key_size:
+ * @algorithm: the mac algorithm to use
+ *
+ * This function will return the size of the key to be used with this
+ * algorithm. On the algorithms which may accept arbitrary key sizes,
+ * the returned size is the MAC key size used in the TLS protocol.
+ *
+ * Returns: The key size or zero on error.
+ *
+ * Since: 3.6.12
+ **/
+unsigned gnutls_hmac_get_key_size(gnutls_mac_algorithm_t algorithm)
+{
+	return _gnutls_mac_get_key_size(mac_to_entry(algorithm));
+}
+
+/**
+ * gnutls_hmac_fast:
+ * @algorithm: the hash algorithm to use
+ * @key: the key to use
+ * @keylen: the length of the key
+ * @ptext: the data to hash
+ * @ptext_len: the length of data to hash
+ * @digest: is the output value of the hash
+ *
+ * This convenience function will hash the given data and return output
+ * on a single call. Note, this call will not work for MAC algorithms
+ * that require nonce (like UMAC or GMAC).
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 2.10.0
+ **/
+int
+gnutls_hmac_fast(gnutls_mac_algorithm_t algorithm,
+		 const void *key, size_t keylen,
+		 const void *ptext, size_t ptext_len, void *digest)
+{
+	int ret;
+	bool not_approved = false;
+
+	if (!is_mac_algo_allowed(algorithm)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+	} else if (!is_mac_algo_approved_in_fips(algorithm)) {
+		not_approved = true;
+	}
+
+	/* Key lengths of less than 112 bits are not approved */
+	if (keylen < 14) {
+		not_approved = true;
+	}
+
+	ret = _gnutls_mac_fast(algorithm, key, keylen, ptext, ptext_len,
+			       digest);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else if (not_approved) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+	return ret;
+}
+
+/**
+ * gnutls_hmac_copy:
+ * @handle: is a #gnutls_hmac_hd_t type
+ *
+ * This function will create a copy of MAC context, containing all its current
+ * state. Copying contexts for MACs registered using
+ * gnutls_crypto_register_mac() is not supported and will always result in an
+ * error. In addition to that, some of the MAC implementations do not support
+ * this operation. Applications should check the return value and provide a
+ * proper fallback.
+ *
+ * Returns: new MAC context or NULL in case of an error.
+ *
+ * Since: 3.6.9
+ */
+gnutls_hmac_hd_t gnutls_hmac_copy(gnutls_hmac_hd_t handle)
+{
+	gnutls_hmac_hd_t dig;
+
+	dig = gnutls_malloc(sizeof(mac_hd_st));
+	if (dig == NULL) {
+		gnutls_assert();
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return NULL;
+	}
+
+	if (_gnutls_mac_copy((const mac_hd_st *) handle, (mac_hd_st *)dig) != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(dig);
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return NULL;
+	}
+
+	return dig;
+}
+
+/* HASH */
+
+/**
+ * gnutls_hash_init:
+ * @dig: is a #gnutls_hash_hd_t type
+ * @algorithm: the hash algorithm to use
+ *
+ * This function will initialize an context that can be used to
+ * produce a Message Digest of data.  This will effectively use the
+ * current crypto backend in use by gnutls or the cryptographic
+ * accelerator in use.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 2.10.0
+ **/
+int
+gnutls_hash_init(gnutls_hash_hd_t * dig,
+		 gnutls_digest_algorithm_t algorithm)
+{
+	int ret;
+	bool not_approved = false;
+
+	if (!is_mac_algo_allowed(DIG_TO_MAC(algorithm))) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+	} else if (!is_mac_algo_approved_in_fips(DIG_TO_MAC(algorithm))) {
+		not_approved = true;
+	}
+
+	*dig = gnutls_malloc(sizeof(digest_hd_st));
+	if (*dig == NULL) {
+		gnutls_assert();
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret = _gnutls_hash_init(((digest_hd_st *) * dig),
+				hash_to_entry(algorithm));
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else if (not_approved) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+	return ret;
+}
+
+/**
+ * gnutls_hash:
+ * @handle: is a #gnutls_hash_hd_t type
+ * @ptext: the data to hash
+ * @ptext_len: the length of data to hash
+ *
+ * This function will hash the given data using the algorithm
+ * specified by the context.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 2.10.0
+ **/
+int gnutls_hash(gnutls_hash_hd_t handle, const void *ptext, size_t ptext_len)
+{
+	int ret;
+
+	ret = _gnutls_hash((digest_hd_st *) handle, ptext, ptext_len);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	}
+	return ret;
+}
+
+/**
+ * gnutls_hash_output:
+ * @handle: is a #gnutls_hash_hd_t type
+ * @digest: is the output value of the hash
+ *
+ * This function will output the current hash value
+ * and reset the state of the hash.
+ *
+ * Since: 2.10.0
+ **/
+void gnutls_hash_output(gnutls_hash_hd_t handle, void *digest)
+{
+	_gnutls_hash_output((digest_hd_st *) handle, digest);
+}
+
+/**
+ * gnutls_hash_deinit:
+ * @handle: is a #gnutls_hash_hd_t type
+ * @digest: is the output value of the hash
+ *
+ * This function will deinitialize all resources occupied by
+ * the given hash context.
+ *
+ * Since: 2.10.0
+ **/
+void gnutls_hash_deinit(gnutls_hash_hd_t handle, void *digest)
+{
+	_gnutls_hash_deinit((digest_hd_st *) handle, digest);
+	gnutls_free(handle);
+}
+
+/**
+ * gnutls_hash_get_len:
+ * @algorithm: the hash algorithm to use
+ *
+ * This function will return the length of the output data
+ * of the given hash algorithm.
+ *
+ * Returns: The length or zero on error.
+ *
+ * Since: 2.10.0
+ **/
+unsigned gnutls_hash_get_len(gnutls_digest_algorithm_t algorithm)
+{
+	return _gnutls_hash_get_algo_len(hash_to_entry(algorithm));
+}
+
+/**
+ * gnutls_hash_fast:
+ * @algorithm: the hash algorithm to use
+ * @ptext: the data to hash
+ * @ptext_len: the length of data to hash
+ * @digest: is the output value of the hash
+ *
+ * This convenience function will hash the given data and return output
+ * on a single call.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 2.10.0
+ **/
+int
+gnutls_hash_fast(gnutls_digest_algorithm_t algorithm,
+		 const void *ptext, size_t ptext_len, void *digest)
+{
+	int ret;
+	bool not_approved = false;
+
+	if (!is_mac_algo_allowed(DIG_TO_MAC(algorithm))) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+	} else if (!is_mac_algo_approved_in_fips(DIG_TO_MAC(algorithm))) {
+		not_approved = true;
+	}
+
+	ret = _gnutls_hash_fast(algorithm, ptext, ptext_len, digest);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else if (not_approved) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	}
+		
+	return ret;
+}
+
+/**
+ * gnutls_hash_copy:
+ * @handle: is a #gnutls_hash_hd_t type
+ *
+ * This function will create a copy of Message Digest context, containing all
+ * its current state. Copying contexts for Message Digests registered using
+ * gnutls_crypto_register_digest() is not supported and will always result in
+ * an error. In addition to that, some of the Message Digest implementations do
+ * not support this operation. Applications should check the return value and
+ * provide a proper fallback.
+ *
+ * Returns: new Message Digest context or NULL in case of an error.
+ *
+ * Since: 3.6.9
+ */
+gnutls_hash_hd_t gnutls_hash_copy(gnutls_hash_hd_t handle)
+{
+	gnutls_hash_hd_t dig;
+
+	dig = gnutls_malloc(sizeof(digest_hd_st));
+	if (dig == NULL) {
+		gnutls_assert();
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return NULL;
+	}
+
+	if (_gnutls_hash_copy((const digest_hd_st *) handle, (digest_hd_st *)dig) != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(dig);
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return NULL;
+	}
+
+	return dig;
+}
+
+/**
+ * gnutls_key_generate:
+ * @key: is a pointer to a #gnutls_datum_t which will contain a newly
+ * created key
+ * @key_size: the number of bytes of the key
+ *
+ * Generates a random key of @key_size bytes.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or an
+ * error code.
+ *
+ * Since: 3.0
+ **/
+int gnutls_key_generate(gnutls_datum_t * key, unsigned int key_size)
+{
+	int ret;
+
+	FAIL_IF_LIB_ERROR;
+
+#ifdef ENABLE_FIPS140
+	/* The FIPS140 approved RNGs are not allowed to be used
+	 * to extract key sizes longer than their original seed.
+	 */
+	if (_gnutls_fips_mode_enabled() != 0 &&
+	    key_size > FIPS140_RND_KEY_SIZE)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+#endif
+
+	key->size = key_size;
+	key->data = gnutls_malloc(key->size);
+	if (!key->data) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret = gnutls_rnd(GNUTLS_RND_RANDOM, key->data, key->size);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_free_datum(key);
+		return ret;
+	}
+
+	return 0;
+}
+
+/* AEAD API */
+
+/**
+ * gnutls_aead_cipher_init:
+ * @handle: is a #gnutls_aead_cipher_hd_t type.
+ * @cipher: the authenticated-encryption algorithm to use
+ * @key: The key to be used for encryption
+ *
+ * This function will initialize an context that can be used for
+ * encryption/decryption of data. This will effectively use the
+ * current crypto backend in use by gnutls or the cryptographic
+ * accelerator in use.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.4.0
+ **/
+int gnutls_aead_cipher_init(gnutls_aead_cipher_hd_t *handle,
+			    gnutls_cipher_algorithm_t cipher,
+			    const gnutls_datum_t *key)
+{
+	api_aead_cipher_hd_st *h;
+	const cipher_entry_st *e;
+	int ret;
+	bool not_approved = false;
+
+	if (!is_cipher_algo_allowed(cipher)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+	} else if (!is_cipher_algo_approved_in_fips(cipher)) {
+		not_approved = true;
+	}
+
+	e = cipher_to_entry(cipher);
+	if (e == NULL || e->type != CIPHER_AEAD) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	h = gnutls_calloc(1, sizeof(api_aead_cipher_hd_st));
+	if (h == NULL) {
+		gnutls_assert();
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret = _gnutls_aead_cipher_init(h, cipher, key);
+	if (ret < 0) {
+		gnutls_free(h);
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return ret;
+	}
+
+	*handle = h;
+
+	if (not_approved) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_aead_cipher_set_key:
+ * @handle: is a #gnutls_aead_cipher_hd_t type.
+ * @key: The key to be used for encryption
+ *
+ * This function will set a new key without re-initializing the
+ * context.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.7.5
+ **/
+int gnutls_aead_cipher_set_key(gnutls_aead_cipher_hd_t handle,
+			       const gnutls_datum_t *key)
+{
+	const cipher_entry_st* e;
+	int ret;
+
+	e = cipher_to_entry(handle->ctx_enc.e->id);
+	if (e == NULL || e->type != CIPHER_AEAD) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	ret = handle->ctx_enc.setkey(handle->ctx_enc.handle,
+				     key->data, key->size);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_aead_cipher_decrypt:
+ * @handle: is a #gnutls_aead_cipher_hd_t type.
+ * @nonce: the nonce to set
+ * @nonce_len: The length of the nonce
+ * @auth: additional data to be authenticated
+ * @auth_len: The length of the data
+ * @tag_size: The size of the tag to use (use zero for the default)
+ * @ctext: the data to decrypt (including the authentication tag)
+ * @ctext_len: the length of data to decrypt (includes tag size)
+ * @ptext: the decrypted data
+ * @ptext_len: the length of decrypted data (initially must hold the maximum available size)
+ *
+ * This function will decrypt the given data using the algorithm
+ * specified by the context. This function must be provided the complete
+ * data to be decrypted, including the authentication tag. On several
+ * AEAD ciphers, the authentication tag is appended to the ciphertext,
+ * though this is not a general rule. This function will fail if
+ * the tag verification fails.
+ *
+ * Returns: Zero or a negative error code on verification failure or other error.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_aead_cipher_decrypt(gnutls_aead_cipher_hd_t handle,
+			   const void *nonce, size_t nonce_len,
+			   const void *auth, size_t auth_len,
+			   size_t tag_size,
+			   const void *ctext, size_t ctext_len,
+			   void *ptext, size_t *ptext_len)
+{
+	int ret;
+	api_aead_cipher_hd_st *h = handle;
+
+	if (tag_size == 0)
+		tag_size = _gnutls_cipher_get_tag_size(h->ctx_enc.e);
+	else if (tag_size > (unsigned)_gnutls_cipher_get_tag_size(h->ctx_enc.e)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (unlikely(ctext_len < tag_size)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+	}
+
+	ret = _gnutls_aead_cipher_decrypt(&h->ctx_enc,
+					  nonce, nonce_len,
+					  auth, auth_len,
+					  tag_size,
+					  ctext, ctext_len,
+					  ptext, *ptext_len);
+	if (unlikely(ret < 0)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+
+	/* That assumes that AEAD ciphers are stream */
+	*ptext_len = ctext_len - tag_size;
+
+	return 0;
+}
+
+
+/**
+ * gnutls_aead_cipher_encrypt:
+ * @handle: is a #gnutls_aead_cipher_hd_t type.
+ * @nonce: the nonce to set
+ * @nonce_len: The length of the nonce
+ * @auth: additional data to be authenticated
+ * @auth_len: The length of the data
+ * @tag_size: The size of the tag to use (use zero for the default)
+ * @ptext: the data to encrypt
+ * @ptext_len: The length of data to encrypt
+ * @ctext: the encrypted data including authentication tag
+ * @ctext_len: the length of encrypted data (initially must hold the maximum available size, including space for tag)
+ *
+ * This function will encrypt the given data using the algorithm
+ * specified by the context. The output data will contain the
+ * authentication tag.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_aead_cipher_encrypt(gnutls_aead_cipher_hd_t handle,
+			   const void *nonce, size_t nonce_len,
+			   const void *auth, size_t auth_len,
+			   size_t tag_size,
+			   const void *ptext, size_t ptext_len,
+			   void *ctext, size_t *ctext_len)
+{
+	api_aead_cipher_hd_st *h = handle;
+	int ret;
+
+	if (tag_size == 0)
+		tag_size = _gnutls_cipher_get_tag_size(h->ctx_enc.e);
+	else if (tag_size > (unsigned)_gnutls_cipher_get_tag_size(h->ctx_enc.e)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (unlikely(*ctext_len < ptext_len + tag_size)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+	}
+
+	ret = _gnutls_aead_cipher_encrypt(&h->ctx_enc,
+					  nonce, nonce_len,
+					  auth, auth_len,
+					  tag_size,
+					  ptext, ptext_len,
+					  ctext, *ctext_len);
+	if (unlikely(ret < 0)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+
+	/* That assumes that AEAD ciphers are stream */
+	*ctext_len = ptext_len + tag_size;
+
+	return 0;
+}
+
+struct iov_store_st {
+	void *data;
+	size_t length;
+	size_t capacity;
+};
+
+static void iov_store_free(struct iov_store_st *s)
+{
+	gnutls_free(s->data);
+}
+
+static int iov_store_grow(struct iov_store_st *s, size_t length)
+{
+	void *new_data;
+	size_t new_capacity = s->capacity;
+
+	if (INT_ADD_OVERFLOW(new_capacity, length)) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+	new_capacity += length;
+	new_data = gnutls_realloc(s->data, new_capacity);
+	if (!new_data) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+	s->data = new_data;
+	s->capacity = new_capacity;
+	return 0;
+}
+
+static int
+append_from_iov(struct iov_store_st *dst, const giovec_t *iov, int iovcnt)
+{
+	if (iovcnt > 0) {
+		int i;
+		uint8_t *p;
+		void *new_data;
+		size_t new_capacity = dst->capacity;
+
+		for (i = 0; i < iovcnt; i++) {
+			if (INT_ADD_OVERFLOW(new_capacity, iov[i].iov_len)) {
+				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+			}
+			new_capacity += iov[i].iov_len;
+		}
+		new_data = gnutls_realloc(dst->data, new_capacity);
+		if (!new_data) {
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		}
+		dst->data = new_data;
+		dst->capacity = new_capacity;
+
+		p = (uint8_t *) dst->data + dst->length;
+		for (i = 0; i < iovcnt; i++) {
+			if (iov[i].iov_len > 0) {
+				memcpy(p, iov[i].iov_base, iov[i].iov_len);
+			}
+			p += iov[i].iov_len;
+			dst->length += iov[i].iov_len;
+		}
+	}
+	return 0;
+}
+
+static int
+copy_to_iov(const uint8_t *data, size_t size,
+	    const giovec_t *iov, int iovcnt)
+{
+	size_t offset = 0;
+	int i;
+
+	for (i = 0; i < iovcnt && size > 0; i++) {
+		size_t to_copy = MIN(size, iov[i].iov_len);
+		memcpy(iov[i].iov_base, (uint8_t *) data + offset, to_copy);
+		offset += to_copy;
+		size -= to_copy;
+	}
+	if (size > 0)
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+	return 0;
+}
+
+#define IOV_STORE_INIT { NULL, 0, 0 }
+
+static int
+aead_cipher_encryptv_fallback(gnutls_aead_cipher_hd_t handle,
+			      const void *nonce, size_t nonce_len,
+			      const giovec_t *auth_iov, int auth_iovcnt,
+			      size_t tag_size,
+			      const giovec_t *iov, int iovcnt,
+			      void *ctext, size_t *ctext_len)
+{
+	struct iov_store_st auth = IOV_STORE_INIT;
+	struct iov_store_st ptext = IOV_STORE_INIT;
+	int ret;
+
+	if (tag_size == 0)
+		tag_size = _gnutls_cipher_get_tag_size(handle->ctx_enc.e);
+	else if (tag_size > (unsigned)_gnutls_cipher_get_tag_size(handle->ctx_enc.e)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	ret = append_from_iov(&auth, auth_iov, auth_iovcnt);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+
+	ret = append_from_iov(&ptext, iov, iovcnt);
+	if (ret < 0) {
+		iov_store_free(&auth);
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+
+	ret = gnutls_aead_cipher_encrypt(handle, nonce, nonce_len,
+					 auth.data, auth.length,
+					 tag_size,
+					 ptext.data, ptext.length,
+					 ctext, ctext_len);
+	iov_store_free(&auth);
+	iov_store_free(&ptext);
+
+	/* FIPS operation state is set by gnutls_aead_cipher_encrypt */
+	return ret;
+}
+
+static int
+aead_cipher_encryptv(gnutls_aead_cipher_hd_t handle,
+		     const void *nonce, size_t nonce_len,
+		     const giovec_t *auth_iov, int auth_iovcnt,
+		     size_t tag_size,
+		     const giovec_t *iov, int iovcnt,
+		     void *ctext, size_t *ctext_len)
+{
+	int ret;
+	uint8_t *dst;
+	size_t dst_size, total = 0;
+	uint8_t *p;
+	size_t len;
+	size_t blocksize = handle->ctx_enc.e->blocksize;
+	struct iov_iter_st iter;
+
+	if (tag_size == 0)
+		tag_size = _gnutls_cipher_get_tag_size(handle->ctx_enc.e);
+	else if (tag_size > (unsigned)_gnutls_cipher_get_tag_size(handle->ctx_enc.e)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	ret = _gnutls_cipher_setiv(&handle->ctx_enc, nonce, nonce_len);
+	if (unlikely(ret < 0)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+
+	ret = _gnutls_iov_iter_init(&iter, auth_iov, auth_iovcnt, blocksize);
+	if (unlikely(ret < 0)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+	while (1) {
+		ret = _gnutls_iov_iter_next(&iter, &p);
+		if (unlikely(ret < 0)) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+		if (ret == 0)
+			break;
+		ret = _gnutls_cipher_auth(&handle->ctx_enc, p, ret);
+		if (unlikely(ret < 0)) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	dst = ctext;
+	dst_size = *ctext_len;
+
+	ret = _gnutls_iov_iter_init(&iter, iov, iovcnt, blocksize);
+	if (unlikely(ret < 0)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+	while (1) {
+		ret = _gnutls_iov_iter_next(&iter, &p);
+		if (unlikely(ret < 0)) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+		if (ret == 0)
+			break;
+		len = ret;
+		ret = _gnutls_cipher_encrypt2(&handle->ctx_enc,
+					      p, len,
+					      dst, dst_size);
+		if (unlikely(ret < 0)) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+
+		DECR_LEN(dst_size, len);
+		dst += len;
+		total += len;
+	}
+
+	if (dst_size < tag_size) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+	}
+
+	_gnutls_cipher_tag(&handle->ctx_enc, dst, tag_size);
+
+	total += tag_size;
+	*ctext_len = total;
+
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	return 0;
+}
+
+/**
+ * gnutls_aead_cipher_encryptv:
+ * @handle: is a #gnutls_aead_cipher_hd_t type.
+ * @nonce: the nonce to set
+ * @nonce_len: The length of the nonce
+ * @auth_iov: additional data to be authenticated
+ * @auth_iovcnt: The number of buffers in @auth_iov
+ * @tag_size: The size of the tag to use (use zero for the default)
+ * @iov: the data to be encrypted
+ * @iovcnt: The number of buffers in @iov
+ * @ctext: the encrypted data including authentication tag
+ * @ctext_len: the length of encrypted data (initially must hold the maximum available size, including space for tag)
+ *
+ * This function will encrypt the provided data buffers using the algorithm
+ * specified by the context. The output data will contain the
+ * authentication tag.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_aead_cipher_encryptv(gnutls_aead_cipher_hd_t handle,
+			    const void *nonce, size_t nonce_len,
+			    const giovec_t *auth_iov, int auth_iovcnt,
+			    size_t tag_size,
+			    const giovec_t *iov, int iovcnt,
+			    void *ctext, size_t *ctext_len)
+{
+	/* Limitation: this function provides an optimization under the internally registered
+	 * AEAD ciphers. When an AEAD cipher is used registered with gnutls_crypto_register_aead_cipher(),
+	 * then this becomes a convenience function as it missed the lower-level primitives
+	 * necessary for piecemeal encryption. */
+	if ((handle->ctx_enc.e->flags & GNUTLS_CIPHER_FLAG_ONLY_AEAD) ||
+	    handle->ctx_enc.encrypt == NULL) {
+		return aead_cipher_encryptv_fallback(handle,
+						     nonce, nonce_len,
+						     auth_iov, auth_iovcnt,
+						     tag_size,
+						     iov, iovcnt,
+						     ctext, ctext_len);
+	} else {
+		return aead_cipher_encryptv(handle,
+					    nonce, nonce_len,
+					    auth_iov, auth_iovcnt,
+					    tag_size,
+					    iov, iovcnt,
+					    ctext, ctext_len);
+	}
+}
+
+static int
+aead_cipher_encryptv2_fallback(gnutls_aead_cipher_hd_t handle,
+			       const void *nonce, size_t nonce_len,
+			       const giovec_t *auth_iov, int auth_iovcnt,
+			       const giovec_t *iov, int iovcnt,
+			       void *tag, size_t *tag_size)
+{
+	struct iov_store_st auth = IOV_STORE_INIT;
+	struct iov_store_st ptext = IOV_STORE_INIT;
+	uint8_t *ptext_data;
+	size_t ptext_size;
+	uint8_t *ctext_data;
+	size_t ctext_size;
+	uint8_t *_tag;
+	size_t _tag_size;
+	int ret;
+
+	if (tag_size == NULL || *tag_size == 0)
+		_tag_size = _gnutls_cipher_get_tag_size(handle->ctx_enc.e);
+	else
+		_tag_size = *tag_size;
+
+	if (_tag_size > (unsigned)_gnutls_cipher_get_tag_size(handle->ctx_enc.e)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	ret = append_from_iov(&auth, auth_iov, auth_iovcnt);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+
+	if (handle->ctx_enc.e->flags & GNUTLS_CIPHER_FLAG_TAG_PREFIXED) {
+		/* prepend space for tag */
+		ret = iov_store_grow(&ptext, _tag_size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+		ptext.length = _tag_size;
+
+		ret = append_from_iov(&ptext, iov, iovcnt);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		/* We must set ptext_data after the above
+		 * grow/append opereations, otherwise it will point to an invalid pointer after realloc.
+		 */
+		ptext_data = (uint8_t *) ptext.data + _tag_size;
+		ptext_size = ptext.length - _tag_size;
+	} else {
+		ret = append_from_iov(&ptext, iov, iovcnt);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		/* append space for tag */
+		ret = iov_store_grow(&ptext, _tag_size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		/* We must set ptext_data after the above
+		 * grow/append opereations, otherwise it will point to an invalid pointer after realloc.
+		 */
+		ptext_data = ptext.data;
+		ptext_size = ptext.length;
+	}
+
+	ctext_size = ptext.capacity;
+	ret = gnutls_aead_cipher_encrypt(handle, nonce, nonce_len,
+					 auth.data, auth.length,
+					 _tag_size,
+					 ptext_data, ptext_size,
+					 ptext.data, &ctext_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if (handle->ctx_enc.e->flags & GNUTLS_CIPHER_FLAG_TAG_PREFIXED) {
+		ctext_data = (uint8_t *)ptext.data + _tag_size;
+		_tag = ptext.data;
+	} else {
+		ctext_data = ptext.data;
+		_tag = (uint8_t *)ptext.data + ptext_size;
+	}
+
+	ret = copy_to_iov(ctext_data, ptext_size, iov, iovcnt);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if (tag != NULL) {
+		memcpy(tag, _tag, _tag_size);
+	}
+	if (tag_size != NULL) {
+		*tag_size = _tag_size;
+	}
+
+ error:
+	iov_store_free(&auth);
+	iov_store_free(&ptext);
+
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	}
+	/* FIPS operation state is set by gnutls_aead_cipher_encrypt */
+	return ret;
+}
+
+static int
+aead_cipher_encryptv2(gnutls_aead_cipher_hd_t handle,
+		      const void *nonce, size_t nonce_len,
+		      const giovec_t *auth_iov, int auth_iovcnt,
+		      const giovec_t *iov, int iovcnt,
+		      void *tag, size_t *tag_size)
+{
+	api_aead_cipher_hd_st *h = handle;
+	int ret;
+	uint8_t *p;
+	size_t len;
+	size_t blocksize = handle->ctx_enc.e->blocksize;
+	struct iov_iter_st iter;
+	size_t _tag_size;
+
+	if (tag_size == NULL || *tag_size == 0)
+		_tag_size = _gnutls_cipher_get_tag_size(h->ctx_enc.e);
+	else
+		_tag_size = *tag_size;
+
+	if (_tag_size > (unsigned)_gnutls_cipher_get_tag_size(h->ctx_enc.e)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	ret = _gnutls_cipher_setiv(&handle->ctx_enc, nonce, nonce_len);
+	if (unlikely(ret < 0)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+
+	ret = _gnutls_iov_iter_init(&iter, auth_iov, auth_iovcnt, blocksize);
+	if (unlikely(ret < 0)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+	while (1) {
+		ret = _gnutls_iov_iter_next(&iter, &p);
+		if (unlikely(ret < 0)) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+		if (ret == 0)
+			break;
+		ret = _gnutls_cipher_auth(&handle->ctx_enc, p, ret);
+		if (unlikely(ret < 0)) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	ret = _gnutls_iov_iter_init(&iter, iov, iovcnt, blocksize);
+	if (unlikely(ret < 0))
+		return gnutls_assert_val(ret);
+	while (1) {
+		ret = _gnutls_iov_iter_next(&iter, &p);
+		if (unlikely(ret < 0)) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+		if (ret == 0)
+			break;
+
+		len = ret;
+		ret = _gnutls_cipher_encrypt2(&handle->ctx_enc, p, len, p, len);
+		if (unlikely(ret < 0)) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+
+		ret = _gnutls_iov_iter_sync(&iter, p, len);
+		if (unlikely(ret < 0)) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	if (tag != NULL)
+		_gnutls_cipher_tag(&handle->ctx_enc, tag, _tag_size);
+	if (tag_size != NULL)
+		*tag_size = _tag_size;
+
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	return 0;
+}
+
+/**
+ * gnutls_aead_cipher_encryptv2:
+ * @handle: is a #gnutls_aead_cipher_hd_t type.
+ * @nonce: the nonce to set
+ * @nonce_len: The length of the nonce
+ * @auth_iov: additional data to be authenticated
+ * @auth_iovcnt: The number of buffers in @auth_iov
+ * @iov: the data to be encrypted
+ * @iovcnt: The number of buffers in @iov
+ * @tag: The authentication tag
+ * @tag_size: The size of the tag to use (use zero for the default)
+ *
+ * This is similar to gnutls_aead_cipher_encrypt(), but it performs
+ * in-place encryption on the provided data buffers.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.6.10
+ **/
+int
+gnutls_aead_cipher_encryptv2(gnutls_aead_cipher_hd_t handle,
+			     const void *nonce, size_t nonce_len,
+			     const giovec_t *auth_iov, int auth_iovcnt,
+			     const giovec_t *iov, int iovcnt,
+			     void *tag, size_t *tag_size)
+{
+	/* Limitation: this function provides an optimization under the internally registered
+	 * AEAD ciphers. When an AEAD cipher is used registered with gnutls_crypto_register_aead_cipher(),
+	 * then this becomes a convenience function as it missed the lower-level primitives
+	 * necessary for piecemeal encryption. */
+	if ((handle->ctx_enc.e->flags & GNUTLS_CIPHER_FLAG_ONLY_AEAD) ||
+	    handle->ctx_enc.encrypt == NULL) {
+		return aead_cipher_encryptv2_fallback(handle,
+						      nonce, nonce_len,
+						      auth_iov, auth_iovcnt,
+						      iov, iovcnt,
+						      tag, tag_size);
+	} else {
+		return aead_cipher_encryptv2(handle,
+					     nonce, nonce_len,
+					     auth_iov, auth_iovcnt,
+					     iov, iovcnt,
+					     tag, tag_size);
+	}
+}
+
+static int
+aead_cipher_decryptv2_fallback(gnutls_aead_cipher_hd_t handle,
+			       const void *nonce, size_t nonce_len,
+			       const giovec_t *auth_iov, int auth_iovcnt,
+			       const giovec_t *iov, int iovcnt,
+			       void *tag, size_t tag_size)
+{
+	struct iov_store_st auth = IOV_STORE_INIT;
+	struct iov_store_st ctext = IOV_STORE_INIT;
+	uint8_t *ctext_data;
+	size_t ptext_size;
+	int ret;
+
+	if (tag_size == 0)
+		tag_size = _gnutls_cipher_get_tag_size(handle->ctx_enc.e);
+	else if (tag_size > (unsigned)_gnutls_cipher_get_tag_size(handle->ctx_enc.e)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	ret = append_from_iov(&auth, auth_iov, auth_iovcnt);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+
+	if (handle->ctx_enc.e->flags & GNUTLS_CIPHER_FLAG_TAG_PREFIXED) {
+		/* prepend tag */
+		ret = iov_store_grow(&ctext, tag_size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+		memcpy(ctext.data, tag, tag_size);
+		ctext.length += tag_size;
+
+		ret = append_from_iov(&ctext, iov, iovcnt);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		/* We must set ctext_data after the above
+		 * grow/append opereations, otherwise it will point to an invalid pointer after realloc.
+		 */
+		ctext_data = (uint8_t *) ctext.data + tag_size;
+	} else {
+		ret = append_from_iov(&ctext, iov, iovcnt);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		/* append tag */
+		ret = iov_store_grow(&ctext, tag_size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+		memcpy((uint8_t *) ctext.data + ctext.length, tag, tag_size);
+		ctext.length += tag_size;
+
+		/* We must set ctext_data after the above
+		 * grow/append opereations, otherwise it will point to an invalid pointer after realloc.
+		 */
+		ctext_data = ctext.data;
+	}
+
+	ptext_size = ctext.capacity;
+	ret = gnutls_aead_cipher_decrypt(handle, nonce, nonce_len,
+					 auth.data, auth.length,
+					 tag_size,
+					 ctext.data, ctext.length,
+					 ctext_data, &ptext_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = copy_to_iov(ctext.data, ptext_size, iov, iovcnt);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+ error:
+	iov_store_free(&auth);
+	iov_store_free(&ctext);
+
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	}
+	/* FIPS operation state is set by gnutls_aead_cipher_decrypt */
+	return ret;
+}
+
+static int
+aead_cipher_decryptv2(gnutls_aead_cipher_hd_t handle,
+		      const void *nonce, size_t nonce_len,
+		      const giovec_t *auth_iov, int auth_iovcnt,
+		      const giovec_t *iov, int iovcnt,
+		      void *tag, size_t tag_size)
+{
+	int ret;
+	uint8_t *p;
+	size_t len;
+	ssize_t blocksize = handle->ctx_enc.e->blocksize;
+	struct iov_iter_st iter;
+	uint8_t _tag[MAX_HASH_SIZE];
+
+	if (tag_size == 0)
+		tag_size = _gnutls_cipher_get_tag_size(handle->ctx_enc.e);
+	else if (tag_size > (unsigned)_gnutls_cipher_get_tag_size(handle->ctx_enc.e)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	ret = _gnutls_cipher_setiv(&handle->ctx_enc, nonce, nonce_len);
+	if (unlikely(ret < 0)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+
+	ret = _gnutls_iov_iter_init(&iter, auth_iov, auth_iovcnt, blocksize);
+	if (unlikely(ret < 0)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+	while (1) {
+		ret = _gnutls_iov_iter_next(&iter, &p);
+		if (unlikely(ret < 0)) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+		if (ret == 0)
+			break;
+		ret = _gnutls_cipher_auth(&handle->ctx_enc, p, ret);
+		if (unlikely(ret < 0)) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	ret = _gnutls_iov_iter_init(&iter, iov, iovcnt, blocksize);
+	if (unlikely(ret < 0)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+	while (1) {
+		ret = _gnutls_iov_iter_next(&iter, &p);
+		if (unlikely(ret < 0)) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+		if (ret == 0)
+			break;
+
+		len = ret;
+		ret = _gnutls_cipher_decrypt2(&handle->ctx_enc, p, len, p, len);
+		if (unlikely(ret < 0)) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+
+		ret = _gnutls_iov_iter_sync(&iter, p, len);
+		if (unlikely(ret < 0)) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	if (tag != NULL) {
+		_gnutls_cipher_tag(&handle->ctx_enc, _tag, tag_size);
+		if (gnutls_memcmp(_tag, tag, tag_size) != 0) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+		}
+	}
+
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	return 0;
+}
+
+/**
+ * gnutls_aead_cipher_decryptv2:
+ * @handle: is a #gnutls_aead_cipher_hd_t type.
+ * @nonce: the nonce to set
+ * @nonce_len: The length of the nonce
+ * @auth_iov: additional data to be authenticated
+ * @auth_iovcnt: The number of buffers in @auth_iov
+ * @iov: the data to decrypt
+ * @iovcnt: The number of buffers in @iov
+ * @tag: The authentication tag
+ * @tag_size: The size of the tag to use (use zero for the default)
+ *
+ * This is similar to gnutls_aead_cipher_decrypt(), but it performs
+ * in-place encryption on the provided data buffers.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.6.10
+ **/
+int
+gnutls_aead_cipher_decryptv2(gnutls_aead_cipher_hd_t handle,
+			     const void *nonce, size_t nonce_len,
+			     const giovec_t *auth_iov, int auth_iovcnt,
+			     const giovec_t *iov, int iovcnt,
+			     void *tag, size_t tag_size)
+{
+	/* Limitation: this function provides an optimization under the internally registered
+	 * AEAD ciphers. When an AEAD cipher is used registered with gnutls_crypto_register_aead_cipher(),
+	 * then this becomes a convenience function as it missed the lower-level primitives
+	 * necessary for piecemeal encryption. */
+	if ((handle->ctx_enc.e->flags & GNUTLS_CIPHER_FLAG_ONLY_AEAD) ||
+	    handle->ctx_enc.encrypt == NULL) {
+		return aead_cipher_decryptv2_fallback(handle,
+						      nonce, nonce_len,
+						      auth_iov, auth_iovcnt,
+						      iov, iovcnt,
+						      tag, tag_size);
+	} else {
+		return aead_cipher_decryptv2(handle,
+					     nonce, nonce_len,
+					     auth_iov, auth_iovcnt,
+					     iov, iovcnt,
+					     tag, tag_size);
+	}
+}
+
+/**
+ * gnutls_aead_cipher_deinit:
+ * @handle: is a #gnutls_aead_cipher_hd_t type.
+ *
+ * This function will deinitialize all resources occupied by the given
+ * authenticated-encryption context.
+ *
+ * Since: 3.4.0
+ **/
+void gnutls_aead_cipher_deinit(gnutls_aead_cipher_hd_t handle)
+{
+	_gnutls_aead_cipher_deinit(handle);
+	gnutls_free(handle);
+}
+
+extern gnutls_crypto_kdf_st _gnutls_kdf_ops;
+
+/* Same as @gnutls_hkdf_extract but without changing FIPS context */
+int
+_gnutls_hkdf_extract(gnutls_mac_algorithm_t mac,
+		    const gnutls_datum_t *key,
+		    const gnutls_datum_t *salt,
+		    void *output)
+{
+	/* MD5 is only allowed internally for TLS */
+	if (!is_mac_algo_allowed(mac)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+	}
+
+	/* We don't check whether MAC is approved, because HKDF is
+	 * only approved in TLS, which is handled separately. */
+
+	return _gnutls_kdf_ops.hkdf_extract(mac, key->data, key->size,
+					    salt ? salt->data : NULL,
+					    salt ? salt->size : 0,
+					    output);
+}
+
+/**
+ * gnutls_hkdf_extract:
+ * @mac: the mac algorithm used internally
+ * @key: the initial keying material
+ * @salt: the optional salt
+ * @output: the output value of the extract operation
+ *
+ * This function will derive a fixed-size key using the HKDF-Extract
+ * function as defined in RFC 5869.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.6.13
+ */
+int
+gnutls_hkdf_extract(gnutls_mac_algorithm_t mac,
+		    const gnutls_datum_t *key,
+		    const gnutls_datum_t *salt,
+		    void *output)
+{
+	int ret;
+
+	ret = _gnutls_hkdf_extract(mac, key, salt, output);
+	if (ret < 0)
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	else
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+
+	return ret;
+}
+
+/* Same as @gnutls_hkdf_expand but without changing FIPS context */
+int
+_gnutls_hkdf_expand(gnutls_mac_algorithm_t mac,
+		   const gnutls_datum_t *key,
+		   const gnutls_datum_t *info,
+		   void *output, size_t length)
+{
+	/* MD5 is only allowed internally for TLS */
+	if (!is_mac_algo_allowed(mac)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+	}
+
+	/* We don't check whether MAC is approved, because HKDF is
+	 * only approved in TLS, which is handled separately. */
+
+	return _gnutls_kdf_ops.hkdf_expand(mac, key->data, key->size,
+					  info->data, info->size,
+					  output, length);
+}
+
+/**
+ * gnutls_hkdf_expand:
+ * @mac: the mac algorithm used internally
+ * @key: the pseudorandom key created with HKDF-Extract
+ * @info: the optional informational data
+ * @output: the output value of the expand operation
+ * @length: the desired length of the output key
+ *
+ * This function will derive a variable length keying material from
+ * the pseudorandom key using the HKDF-Expand function as defined in
+ * RFC 5869.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.6.13
+ */
+int
+gnutls_hkdf_expand(gnutls_mac_algorithm_t mac,
+		   const gnutls_datum_t *key,
+		   const gnutls_datum_t *info,
+		   void *output, size_t length)
+{
+	int ret;
+
+	ret = _gnutls_hkdf_expand(mac, key, info, output, length);
+	if (ret < 0)
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	else
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+
+	return ret;
+}
+
+/**
+ * gnutls_pbkdf2:
+ * @mac: the mac algorithm used internally
+ * @key: the initial keying material
+ * @salt: the salt
+ * @iter_count: the iteration count
+ * @output: the output value
+ * @length: the desired length of the output key
+ *
+ * This function will derive a variable length keying material from
+ * a password according to PKCS #5 PBKDF2.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.6.13
+ */
+int
+gnutls_pbkdf2(gnutls_mac_algorithm_t mac,
+	      const gnutls_datum_t *key,
+	      const gnutls_datum_t *salt,
+	      unsigned iter_count,
+	      void *output, size_t length)
+{
+	int ret;
+	bool not_approved = false;
+
+	/* MD5 is only allowed internally for TLS */
+	if (!is_mac_algo_allowed(mac)) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+	} else if (!is_mac_algo_approved_in_fips(mac)) {
+		not_approved = true;
+	}
+
+	ret = _gnutls_kdf_ops.pbkdf2(mac, key->data, key->size,
+				     salt->data, salt->size, iter_count,
+				     output, length);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else if (not_approved) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+	return ret;
+}
diff --git a/lib/crypto-api.h b/lib/crypto-api.h
new file mode 100644
index 0000000..9ed7600
--- /dev/null
+++ b/lib/crypto-api.h
@@ -0,0 +1,65 @@
+/*
+ * Copyright (C) 2000-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_CRYPTO_API_H
+#define GNUTLS_LIB_CRYPTO_API_H
+
+#include <gnutls_int.h>
+
+inline static
+int _gnutls_aead_cipher_init(gnutls_aead_cipher_hd_t handle,
+			     gnutls_cipher_algorithm_t cipher,
+			     const gnutls_datum_t * key)
+{
+	const cipher_entry_st* e;
+
+	e = cipher_to_entry(cipher);
+	if (e == NULL || e->type != CIPHER_AEAD)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	return
+	    _gnutls_cipher_init(&handle->ctx_enc, e, key,
+				NULL, 1);
+}
+
+inline static
+void _gnutls_aead_cipher_deinit(gnutls_aead_cipher_hd_t handle)
+{
+	api_aead_cipher_hd_st *h = handle;
+
+	_gnutls_cipher_deinit(&h->ctx_enc);
+}
+
+int
+_gnutls_hkdf_extract(gnutls_mac_algorithm_t mac,
+		     const gnutls_datum_t *key,
+		     const gnutls_datum_t *salt,
+		     void *output);
+
+int
+_gnutls_hkdf_expand(gnutls_mac_algorithm_t mac,
+		    const gnutls_datum_t *key,
+		    const gnutls_datum_t *info,
+		    void *output, size_t length);
+
+#endif /* GNUTLS_LIB_CRYPTO_API_H */
diff --git a/lib/crypto-backend.c b/lib/crypto-backend.c
new file mode 100644
index 0000000..5429520
--- /dev/null
+++ b/lib/crypto-backend.c
@@ -0,0 +1,475 @@
+/*
+ * Copyright (C) 2008-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include <crypto-backend.h>
+#include <crypto.h>
+#include <mpi.h>
+#include <pk.h>
+#include <random.h>
+#include <cipher_int.h>
+
+/* default values for priorities */
+int crypto_mac_prio = INT_MAX;
+int crypto_digest_prio = INT_MAX;
+int crypto_cipher_prio = INT_MAX;
+
+typedef struct algo_list {
+	int algorithm;
+	int priority;
+	void *alg_data;
+	int free_alg_data;
+	struct algo_list *next;
+} algo_list;
+
+#define cipher_list algo_list
+#define mac_list algo_list
+#define digest_list algo_list
+
+static int
+_algo_register(algo_list * al, int algorithm, int priority, void *s, int free_s)
+{
+	algo_list *cl;
+	algo_list *last_cl = al;
+	int ret;
+
+	if (al == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto cleanup;
+	}
+
+	/* look if there is any cipher with lowest priority. In that case do not add.
+	 */
+	cl = al;
+	while (cl && cl->alg_data) {
+		if (cl->algorithm == algorithm) {
+			if (cl->priority < priority) {
+				gnutls_assert();
+				ret = GNUTLS_E_CRYPTO_ALREADY_REGISTERED;
+				goto cleanup;
+			} else {
+				/* the current has higher priority -> overwrite */
+				cl->algorithm = algorithm;
+				cl->priority = priority;
+				cl->alg_data = s;
+				cl->free_alg_data = free_s;
+				return 0;
+			}
+		}
+		cl = cl->next;
+		if (cl)
+			last_cl = cl;
+	}
+
+	cl = gnutls_calloc(1, sizeof(cipher_list));
+
+	if (cl == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	last_cl->algorithm = algorithm;
+	last_cl->priority = priority;
+	last_cl->alg_data = s;
+	last_cl->free_alg_data = free_s;
+	last_cl->next = cl;
+
+	return 0;
+ cleanup:
+	if (free_s) gnutls_free(s);
+	return ret;
+}
+
+static const void *_get_algo(algo_list * al, int algo)
+{
+	cipher_list *cl;
+
+	/* look if there is any cipher with lowest priority. In that case do not add.
+	 */
+	cl = al;
+	while (cl && cl->alg_data) {
+		if (cl->algorithm == algo) {
+			return cl->alg_data;
+		}
+		cl = cl->next;
+	}
+
+	return NULL;
+}
+
+static cipher_list glob_cl = { GNUTLS_CIPHER_NULL, 0, NULL, 0, NULL };
+static mac_list glob_ml = { GNUTLS_MAC_NULL, 0, NULL, 0, NULL };
+static digest_list glob_dl = { GNUTLS_MAC_NULL, 0, NULL, 0, NULL };
+
+static void _deregister(algo_list * cl)
+{
+	algo_list *next;
+
+	next = cl->next;
+	cl->next = NULL;
+	cl = next;
+
+	while (cl) {
+		next = cl->next;
+		if (cl->free_alg_data)
+			gnutls_free(cl->alg_data);
+		gnutls_free(cl);
+		cl = next;
+	}
+}
+
+void _gnutls_crypto_deregister(void)
+{
+	_deregister(&glob_cl);
+	_deregister(&glob_ml);
+	_deregister(&glob_dl);
+}
+
+/*-
+ * gnutls_crypto_single_cipher_register:
+ * @algorithm: is the gnutls algorithm identifier
+ * @priority: is the priority of the algorithm
+ * @s: is a structure holding new cipher's data
+ *
+ * This function will register a cipher algorithm to be used by
+ * gnutls.  Any algorithm registered will override the included
+ * algorithms and by convention kernel implemented algorithms have
+ * priority of 90 and CPU-assisted of 80.  The algorithm with the lowest priority will be
+ * used by gnutls.
+ *
+ * In the case the registered init or setkey functions return %GNUTLS_E_NEED_FALLBACK,
+ * GnuTLS will attempt to use the next in priority registered cipher.
+ *
+ * This function should be called before gnutls_global_init().
+ *
+ * For simplicity you can use the convenience
+ * gnutls_crypto_single_cipher_register() macro.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 2.6.0
+ -*/
+int
+gnutls_crypto_single_cipher_register(gnutls_cipher_algorithm_t algorithm,
+				     int priority,
+				     const gnutls_crypto_cipher_st * s,
+				     int free_s)
+{
+	/* we override const in case free_s is set */
+	return _algo_register(&glob_cl, algorithm, priority, (void*)s, free_s);
+}
+
+const gnutls_crypto_cipher_st
+    *_gnutls_get_crypto_cipher(gnutls_cipher_algorithm_t algo)
+{
+	return _get_algo(&glob_cl, algo);
+}
+
+/**
+ * gnutls_crypto_register_cipher:
+ * @algorithm: is the gnutls algorithm identifier
+ * @priority: is the priority of the algorithm
+ * @init: A function which initializes the cipher
+ * @setkey: A function which sets the key of the cipher
+ * @setiv: A function which sets the nonce/IV of the cipher (non-AEAD)
+ * @encrypt: A function which performs encryption (non-AEAD)
+ * @decrypt: A function which performs decryption (non-AEAD)
+ * @deinit: A function which deinitializes the cipher
+ *
+ * This function will register a cipher algorithm to be used by
+ * gnutls.  Any algorithm registered will override the included
+ * algorithms and by convention kernel implemented algorithms have
+ * priority of 90 and CPU-assisted of 80.  The algorithm with the lowest priority will be
+ * used by gnutls.
+ *
+ * In the case the registered init or setkey functions return %GNUTLS_E_NEED_FALLBACK,
+ * GnuTLS will attempt to use the next in priority registered cipher.
+ *
+ * The functions which are marked as non-AEAD they are not required when
+ * registering a cipher to be used with the new AEAD API introduced in
+ * GnuTLS 3.4.0. Internally GnuTLS uses the new AEAD API.
+ *
+ * Deprecated: since 3.7.0 it is no longer possible to override cipher implementation
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_crypto_register_cipher(gnutls_cipher_algorithm_t algorithm,
+			      int priority,
+			      gnutls_cipher_init_func init,
+			      gnutls_cipher_setkey_func setkey,
+			      gnutls_cipher_setiv_func setiv,
+			      gnutls_cipher_encrypt_func encrypt,
+			      gnutls_cipher_decrypt_func decrypt,
+			      gnutls_cipher_deinit_func deinit)
+{
+	_gnutls_debug_log("called the deprecated gnutls_crypto_register_cipher()\n");
+	return 0;
+}
+
+int
+_gnutls_crypto_register_cipher(gnutls_cipher_algorithm_t algorithm,
+			       int priority,
+			       gnutls_cipher_init_func init,
+			       gnutls_cipher_setkey_func setkey,
+			       gnutls_cipher_setiv_func setiv,
+			       gnutls_cipher_encrypt_func encrypt,
+			       gnutls_cipher_decrypt_func decrypt,
+			       gnutls_cipher_deinit_func deinit)
+{
+	gnutls_crypto_cipher_st *s = gnutls_calloc(1, sizeof(gnutls_crypto_cipher_st));
+	if (s == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	s->init = init;
+	s->setkey = setkey;
+	s->setiv = setiv;
+	s->encrypt = encrypt;
+	s->decrypt = decrypt;
+	s->deinit = deinit;
+
+	return gnutls_crypto_single_cipher_register(algorithm, priority, s, 1);
+}
+
+/**
+ * gnutls_crypto_register_aead_cipher:
+ * @algorithm: is the gnutls AEAD cipher identifier
+ * @priority: is the priority of the algorithm
+ * @init: A function which initializes the cipher
+ * @setkey: A function which sets the key of the cipher
+ * @aead_encrypt: Perform the AEAD encryption
+ * @aead_decrypt: Perform the AEAD decryption
+ * @deinit: A function which deinitializes the cipher
+ *
+ * This function will register a cipher algorithm to be used by
+ * gnutls.  Any algorithm registered will override the included
+ * algorithms and by convention kernel implemented algorithms have
+ * priority of 90 and CPU-assisted of 80.  The algorithm with the lowest priority will be
+ * used by gnutls.
+ *
+ * In the case the registered init or setkey functions return %GNUTLS_E_NEED_FALLBACK,
+ * GnuTLS will attempt to use the next in priority registered cipher.
+ *
+ * The functions registered will be used with the new AEAD API introduced in
+ * GnuTLS 3.4.0. Internally GnuTLS uses the new AEAD API.
+ *
+ * Deprecated: since 3.7.0 it is no longer possible to override cipher implementation
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_crypto_register_aead_cipher(gnutls_cipher_algorithm_t algorithm,
+			      int priority,
+			      gnutls_cipher_init_func init,
+			      gnutls_cipher_setkey_func setkey,
+			      gnutls_cipher_aead_encrypt_func aead_encrypt,
+			      gnutls_cipher_aead_decrypt_func aead_decrypt,
+			      gnutls_cipher_deinit_func deinit)
+{
+	_gnutls_debug_log("called the deprecated gnutls_crypto_register_aead_cipher()\n");
+	return 0;
+}
+
+/*-
+ * gnutls_crypto_rnd_register:
+ * @priority: is the priority of the generator
+ * @s: is a structure holding new generator's data
+ *
+ * This function will register a random generator to be used by
+ * gnutls.  Any generator registered will override the included
+ * generator and by convention kernel implemented generators have
+ * priority of 90 and CPU-assisted of 80. The generator with the lowest priority will be
+ * used by gnutls.
+ *
+ * This function should be called before gnutls_global_init().
+ *
+ * For simplicity you can use the convenience
+ * gnutls_crypto_rnd_register() macro.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 2.6.0
+ -*/
+int
+gnutls_crypto_rnd_register(int priority, const gnutls_crypto_rnd_st * s)
+{
+	if (crypto_rnd_prio >= priority) {
+		memcpy(&_gnutls_rnd_ops, s, sizeof(*s));
+		crypto_rnd_prio = priority;
+		return 0;
+	}
+
+	return GNUTLS_E_CRYPTO_ALREADY_REGISTERED;
+}
+
+/*-
+ * gnutls_crypto_single_mac_register:
+ * @algorithm: is the gnutls algorithm identifier
+ * @priority: is the priority of the algorithm
+ * @s: is a structure holding new algorithms's data
+ *
+ * This function will register a MAC algorithm to be used by gnutls.
+ * Any algorithm registered will override the included algorithms and
+ * by convention kernel implemented algorithms have priority of 90
+ *  and CPU-assisted of 80.
+ * The algorithm with the lowest priority will be used by gnutls.
+ *
+ * This function should be called before gnutls_global_init().
+ *
+ * For simplicity you can use the convenience
+ * gnutls_crypto_single_mac_register() macro.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 2.6.0
+ -*/
+int
+gnutls_crypto_single_mac_register(gnutls_mac_algorithm_t algorithm,
+				  int priority,
+				  const gnutls_crypto_mac_st * s,
+				  int free_s)
+{
+	return _algo_register(&glob_ml, algorithm, priority, (void*)s, free_s);
+}
+
+const gnutls_crypto_mac_st *_gnutls_get_crypto_mac(gnutls_mac_algorithm_t
+						   algo)
+{
+	return _get_algo(&glob_ml, algo);
+}
+
+/*-
+ * gnutls_crypto_single_digest_register:
+ * @algorithm: is the gnutls algorithm identifier
+ * @priority: is the priority of the algorithm
+ * @s: is a structure holding new algorithms's data
+ *
+ * This function will register a digest (hash) algorithm to be used by
+ * gnutls.  Any algorithm registered will override the included
+ * algorithms and by convention kernel implemented algorithms have
+ * priority of 90  and CPU-assisted of 80.  The algorithm with the lowest priority will be
+ * used by gnutls.
+ *
+ * This function should be called before gnutls_global_init().
+ *
+ * For simplicity you can use the convenience
+ * gnutls_crypto_single_digest_register() macro.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 2.6.0
+ -*/
+int
+gnutls_crypto_single_digest_register(gnutls_digest_algorithm_t algorithm,
+				     int priority,
+				     const gnutls_crypto_digest_st * s,
+				     int free_s)
+{
+	return _algo_register(&glob_dl, algorithm, priority, (void*)s, free_s);
+}
+
+const gnutls_crypto_digest_st
+    *_gnutls_get_crypto_digest(gnutls_digest_algorithm_t algo)
+{
+	return _get_algo(&glob_dl, algo);
+}
+
+/**
+ * gnutls_crypto_register_mac:
+ * @algorithm: is the gnutls MAC identifier
+ * @priority: is the priority of the algorithm
+ * @init: A function which initializes the MAC
+ * @setkey: A function which sets the key of the MAC
+ * @setnonce: A function which sets the nonce for the mac (may be %NULL for common MAC algorithms)
+ * @hash: Perform the hash operation
+ * @output: Provide the output of the MAC
+ * @deinit: A function which deinitializes the MAC
+ * @hash_fast: Perform the MAC operation in one go
+ *
+ * This function will register a MAC algorithm to be used by gnutls.
+ * Any algorithm registered will override the included algorithms and
+ * by convention kernel implemented algorithms have priority of 90
+ *  and CPU-assisted of 80.
+ * The algorithm with the lowest priority will be used by gnutls.
+ *
+ * Deprecated: since 3.7.0 it is no longer possible to override cipher implementation
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_crypto_register_mac(gnutls_mac_algorithm_t algorithm,
+			   int priority,
+			   gnutls_mac_init_func init,
+			   gnutls_mac_setkey_func setkey,
+			   gnutls_mac_setnonce_func setnonce,
+			   gnutls_mac_hash_func hash,
+			   gnutls_mac_output_func output,
+			   gnutls_mac_deinit_func deinit,
+			   gnutls_mac_fast_func hash_fast)
+{
+	_gnutls_debug_log("called the deprecated gnutls_crypto_register_mac()\n");
+	return 0;
+}
+
+/**
+ * gnutls_crypto_register_digest:
+ * @algorithm: is the gnutls digest identifier
+ * @priority: is the priority of the algorithm
+ * @init: A function which initializes the digest
+ * @hash: Perform the hash operation
+ * @output: Provide the output of the digest
+ * @deinit: A function which deinitializes the digest
+ * @hash_fast: Perform the digest operation in one go
+ *
+ * This function will register a digest algorithm to be used by gnutls.
+ * Any algorithm registered will override the included algorithms and
+ * by convention kernel implemented algorithms have priority of 90
+ *  and CPU-assisted of 80.
+ * The algorithm with the lowest priority will be used by gnutls.
+ *
+ * Deprecated: since 3.7.0 it is no longer possible to override cipher implementation
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_crypto_register_digest(gnutls_digest_algorithm_t algorithm,
+			   int priority,
+			   gnutls_digest_init_func init,
+			   gnutls_digest_hash_func hash,
+			   gnutls_digest_output_func output,
+			   gnutls_digest_deinit_func deinit,
+			   gnutls_digest_fast_func hash_fast)
+{
+	_gnutls_debug_log("called the deprecated gnutls_crypto_register_digest()\n");
+	return 0;
+}
diff --git a/lib/crypto-backend.h b/lib/crypto-backend.h
new file mode 100644
index 0000000..f0f68c3
--- /dev/null
+++ b/lib/crypto-backend.h
@@ -0,0 +1,481 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_CRYPTO_BACKEND_H
+#define GNUTLS_LIB_CRYPTO_BACKEND_H
+
+#include <gnutls/crypto.h>
+
+#define gnutls_crypto_single_cipher_st gnutls_crypto_cipher_st
+#define gnutls_crypto_single_mac_st gnutls_crypto_mac_st
+#define gnutls_crypto_single_digest_st gnutls_crypto_digest_st
+
+typedef struct {
+	gnutls_cipher_init_func init;
+	gnutls_cipher_setkey_func setkey;
+	gnutls_cipher_setiv_func setiv;
+	gnutls_cipher_getiv_func getiv;
+	gnutls_cipher_encrypt_func encrypt;
+	gnutls_cipher_decrypt_func decrypt;
+	gnutls_cipher_aead_encrypt_func aead_encrypt;
+	gnutls_cipher_aead_decrypt_func aead_decrypt;
+	gnutls_cipher_deinit_func deinit;
+	gnutls_cipher_auth_func auth;
+	gnutls_cipher_tag_func tag;
+
+	/* Not needed for registered on run-time. Only included
+	 * should define it. */
+	int (*exists) (gnutls_cipher_algorithm_t);	/* true/false */
+} gnutls_crypto_cipher_st;
+
+typedef struct {
+	gnutls_mac_init_func init;
+	gnutls_mac_setkey_func setkey;
+	gnutls_mac_setnonce_func setnonce;
+	gnutls_mac_hash_func hash;
+	gnutls_mac_output_func output;
+	gnutls_mac_deinit_func deinit;
+	gnutls_mac_fast_func fast;
+	gnutls_mac_copy_func copy;
+
+	/* Not needed for registered on run-time. Only included
+	 * should define it. */
+	int (*exists) (gnutls_mac_algorithm_t);
+} gnutls_crypto_mac_st;
+
+typedef struct {
+	gnutls_digest_init_func init;
+	gnutls_digest_hash_func hash;
+	gnutls_digest_output_func output;
+	gnutls_digest_deinit_func deinit;
+	gnutls_digest_fast_func fast;
+	gnutls_digest_copy_func copy;
+
+	/* Not needed for registered on run-time. Only included
+	 * should define it. */
+	int (*exists) (gnutls_digest_algorithm_t);
+} gnutls_crypto_digest_st;
+
+typedef struct {
+	int (*hkdf_extract) (gnutls_mac_algorithm_t,
+			     const void *key, size_t keysize,
+			     const void *salt, size_t saltsize,
+			     void *output);
+	int (*hkdf_expand) (gnutls_mac_algorithm_t,
+			    const void *key, size_t keysize,
+			    const void *info, size_t infosize,
+			    void *output, size_t length);
+	int (*pbkdf2) (gnutls_mac_algorithm_t,
+		       const void *key, size_t keysize,
+		       const void *salt, size_t saltsize,
+		       unsigned iter_count,
+		       void *output, size_t length);
+} gnutls_crypto_kdf_st;
+
+typedef struct gnutls_crypto_rnd {
+	int (*init) (void **ctx); /* called prior to first usage of randomness */
+	int (*rnd) (void *ctx, int level, void *data, size_t datasize);
+	void (*rnd_refresh) (void *ctx);
+	void (*deinit) (void *ctx);
+	int (*self_test) (void); /* this should not require rng initialization */
+} gnutls_crypto_rnd_st;
+
+typedef void *bigint_t;
+
+/**
+ * gnutls_bigint_format_t:
+ * @GNUTLS_MPI_FORMAT_USG: Raw unsigned integer format.
+ * @GNUTLS_MPI_FORMAT_STD: Raw signed integer format, always a leading
+ *   zero when positive.
+ *
+ * Enumeration of different bignum integer encoding formats.
+ */
+typedef enum {
+	/* raw unsigned integer format */
+	GNUTLS_MPI_FORMAT_USG = 0,
+	/* raw signed integer format - always a leading zero when positive */
+	GNUTLS_MPI_FORMAT_STD = 1,
+	/* raw unsigned integer format, little endian format */
+	GNUTLS_MPI_FORMAT_ULE = 2
+} gnutls_bigint_format_t;
+
+/* Multi precision integer arithmetic */
+typedef struct gnutls_crypto_bigint {
+	int (*bigint_init) (bigint_t*);
+	int (*bigint_init_multi) (bigint_t*, ...);
+	void (*bigint_release) (bigint_t n);
+	void (*bigint_clear) (bigint_t n);	/* zeros the int */
+	/* 0 for equality, > 0 for m1>m2, < 0 for m1<m2 */
+	int (*bigint_cmp) (const bigint_t m1, const bigint_t m2);
+	/* as bigint_cmp */
+	int (*bigint_cmp_ui) (const bigint_t m1, unsigned long m2);
+	/* r = a % b */
+	int (*bigint_modm) (bigint_t r, const bigint_t a, const bigint_t b);
+	/* a = b -> ret == a */
+	int (*bigint_set) (bigint_t a, const bigint_t b);
+	bigint_t (*bigint_copy) (const bigint_t a);
+	/* a = b -> ret == a */
+	int (*bigint_set_ui) (bigint_t a, unsigned long b);
+	unsigned int (*bigint_get_nbits) (const bigint_t a);
+	/* w = b ^ e mod m */
+	int (*bigint_powm) (bigint_t w, const bigint_t b,
+				 const bigint_t e, const bigint_t m);
+	/* w = a + b mod m */
+	int (*bigint_addm) (bigint_t w, const bigint_t a,
+				 const bigint_t b, const bigint_t m);
+	/* w = a - b mod m */
+	int (*bigint_subm) (bigint_t w, const bigint_t a,
+				 const bigint_t b, const bigint_t m);
+	/* w = a * b mod m */
+	int (*bigint_mulm) (bigint_t w, const bigint_t a,
+				 const bigint_t b, const bigint_t m);
+	/* w = a + b */ int (*bigint_add) (bigint_t w,
+					       const bigint_t a,
+					       const bigint_t b);
+	/* w = a - b */ int (*bigint_sub) (bigint_t w,
+					       const bigint_t a,
+					       const bigint_t b);
+	/* w = a * b */
+	int (*bigint_mul) (bigint_t w, const bigint_t a,
+				const bigint_t b);
+	/* w = a + b */
+	int (*bigint_add_ui) (bigint_t w, const bigint_t a,
+				   unsigned long b);
+	/* w = a - b */
+	int (*bigint_sub_ui) (bigint_t w, const bigint_t a,
+				   unsigned long b);
+	/* w = a * b */
+	int (*bigint_mul_ui) (bigint_t w, const bigint_t a,
+				   unsigned long b);
+	/* q = a / b */
+	int (*bigint_div) (bigint_t q, const bigint_t a,
+				const bigint_t b);
+	/* 0 if prime */
+	int (*bigint_prime_check) (const bigint_t pp);
+
+	/* reads a bigint from a buffer */
+	/* stores a bigint into the buffer.  returns
+	 * GNUTLS_E_SHORT_MEMORY_BUFFER if buf_size is not sufficient to
+	 * store this integer, and updates the buf_size;
+	 */
+	int (*bigint_scan) (bigint_t m, const void *buf, size_t buf_size,
+				 gnutls_bigint_format_t format);
+	int (*bigint_print) (const bigint_t a, void *buf,
+			     size_t * buf_size,
+			     gnutls_bigint_format_t format);
+} gnutls_crypto_bigint_st;
+
+/* Additional information about the public key, filled from
+ * SubjectPublicKeyInfo parameters. When there are no parameters,
+ * the pk field will be set to GNUTLS_PK_UNKNOWN.
+ */
+typedef struct gnutls_x509_spki_st {
+	/* We can have a key which is of type RSA, but a certificate
+	 * of type RSA-PSS; the value here will be the expected value
+	 * for signatures (i.e., RSA-PSS) */
+	gnutls_pk_algorithm_t pk;
+
+	/* the digest used by RSA-PSS */
+	gnutls_digest_algorithm_t rsa_pss_dig;
+
+	/* the size of salt used by RSA-PSS */
+	unsigned int salt_size;
+
+	/* if non-zero, the legacy value for PKCS#7 signatures will be
+	 * written for RSA signatures. */
+	unsigned int legacy;
+
+	/* the digest used by ECDSA/DSA */
+	gnutls_digest_algorithm_t dsa_dig;
+
+	/* flags may include GNUTLS_PK_FLAG_REPRODUCIBLE for
+	 * deterministic ECDSA/DSA */
+	unsigned int flags;
+} gnutls_x509_spki_st;
+
+#define GNUTLS_MAX_PK_PARAMS 16
+
+typedef struct {
+	bigint_t params[GNUTLS_MAX_PK_PARAMS];
+	unsigned int params_nr;	/* the number of parameters */
+	unsigned int pkflags; /* gnutls_pk_flag_t */
+	unsigned int qbits; /* GNUTLS_PK_DH */
+	gnutls_ecc_curve_t curve; /* GNUTLS_PK_EC, GNUTLS_PK_ED25519, GNUTLS_PK_GOST* */
+	gnutls_group_t dh_group; /* GNUTLS_PK_DH - used by ext/key_share */
+	gnutls_gost_paramset_t gost_params; /* GNUTLS_PK_GOST_* */
+	gnutls_datum_t raw_pub; /* used by x25519 */
+	gnutls_datum_t raw_priv;
+
+	unsigned int seed_size;
+	uint8_t seed[MAX_PVP_SEED_SIZE];
+	gnutls_digest_algorithm_t palgo;
+	/* public key information */
+	gnutls_x509_spki_st spki;
+
+	gnutls_pk_algorithm_t algo;
+} gnutls_pk_params_st;
+
+/**
+ * gnutls_pk_flag_t:
+ * @GNUTLS_PK_FLAG_NONE: No flag.
+ *
+ * Enumeration of public-key flag.
+ */
+typedef enum {
+	GNUTLS_PK_FLAG_NONE = 0,
+	GNUTLS_PK_FLAG_PROVABLE = 1,
+	GNUTLS_PK_FLAG_REPRODUCIBLE = 2,
+	GNUTLS_PK_FLAG_RSA_PSS_FIXED_SALT_LENGTH = 4
+} gnutls_pk_flag_t;
+
+#define FIX_SIGN_PARAMS(params, flags, dig) do {		\
+	if ((flags) & GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE) {	\
+		(params).flags |= GNUTLS_PK_FLAG_REPRODUCIBLE;	\
+		(params).dsa_dig = (dig);			\
+	}							\
+} while (0)
+
+void gnutls_pk_params_release(gnutls_pk_params_st * p);
+void gnutls_pk_params_clear(gnutls_pk_params_st * p);
+void gnutls_pk_params_init(gnutls_pk_params_st * p);
+
+
+#define MAX_PUBLIC_PARAMS_SIZE 4	/* ok for RSA and DSA */
+
+/* parameters should not be larger than this limit */
+#define DSA_PUBLIC_PARAMS 4
+#define DH_PUBLIC_PARAMS 4
+#define RSA_PUBLIC_PARAMS 2
+#define ECC_PUBLIC_PARAMS 2
+#define GOST_PUBLIC_PARAMS 2
+
+
+#define MAX_PRIV_PARAMS_SIZE GNUTLS_MAX_PK_PARAMS	/* ok for RSA and DSA */
+
+/* parameters should not be larger than this limit */
+#define DSA_PRIVATE_PARAMS 5
+#define DH_PRIVATE_PARAMS 5
+#define RSA_PRIVATE_PARAMS 8
+#define ECC_PRIVATE_PARAMS 3
+#define GOST_PRIVATE_PARAMS 3
+
+#if MAX_PRIV_PARAMS_SIZE - RSA_PRIVATE_PARAMS < 0
+#error INCREASE MAX_PRIV_PARAMS
+#endif
+
+#if MAX_PRIV_PARAMS_SIZE - ECC_PRIVATE_PARAMS < 0
+#error INCREASE MAX_PRIV_PARAMS
+#endif
+
+#if MAX_PRIV_PARAMS_SIZE - GOST_PRIVATE_PARAMS < 0
+#error INCREASE MAX_PRIV_PARAMS
+#endif
+
+#if MAX_PRIV_PARAMS_SIZE - DSA_PRIVATE_PARAMS < 0
+#error INCREASE MAX_PRIV_PARAMS
+#endif
+
+
+/* params are:
+ * RSA:
+ *  [0] is modulus
+ *  [1] is public exponent
+ *  [2] is private exponent (private key only)
+ *  [3] is prime1 (p) (private key only)
+ *  [4] is prime2 (q) (private key only)
+ *  [5] is coefficient (u == inverse of p mod q) (private key only)
+ *  [6] e1 == d mod (p-1)
+ *  [7] e2 == d mod (q-1)
+ *
+ *  note that for libgcrypt that does not use the inverse of q mod p,
+ *  we need to perform conversions using fixup_params().
+ *
+ * DSA:
+ *  [0] is p
+ *  [1] is q
+ *  [2] is g
+ *  [3] is y (public key)
+ *  [4] is x (private key only)
+ *
+ * DH: as DSA
+ *
+ * ECC:
+ *  [0] is prime
+ *  [1] is order
+ *  [2] is A
+ *  [3] is B
+ *  [4] is Gx
+ *  [5] is Gy
+ *  [6] is x
+ *  [7] is y
+ *  [8] is k (private key)
+ */
+
+#define ECC_X 0
+#define ECC_Y 1
+#define ECC_K 2
+
+#define GOST_X 0
+#define GOST_Y 1
+#define GOST_K 2
+
+#define DSA_P 0
+#define DSA_Q 1
+#define DSA_G 2
+#define DSA_Y 3
+#define DSA_X 4
+
+#define DH_P 0
+#define DH_Q 1
+#define DH_G 2
+#define DH_Y 3
+#define DH_X 4
+
+#define RSA_MODULUS 0
+#define RSA_PUB 1
+#define RSA_PRIV 2
+#define RSA_PRIME1 3
+#define RSA_PRIME2 4
+#define RSA_COEF 5
+#define RSA_E1 6
+#define RSA_E2 7
+
+/**
+ * gnutls_direction_t:
+ * @GNUTLS_IMPORT: Import direction.
+ * @GNUTLS_EXPORT: Export direction.
+ *
+ * Enumeration of different directions.
+ */
+typedef enum {
+	GNUTLS_IMPORT = 0,
+	GNUTLS_EXPORT = 1
+} gnutls_direction_t;
+
+/* Public key algorithms */
+typedef struct gnutls_crypto_pk {
+	/* The params structure should contain the private or public key
+	 * parameters, depending on the operation */
+	int (*encrypt) (gnutls_pk_algorithm_t, gnutls_datum_t * ciphertext,
+			const gnutls_datum_t * plaintext,
+			const gnutls_pk_params_st * pub);
+	int (*decrypt) (gnutls_pk_algorithm_t,
+                        gnutls_datum_t * plaintext,
+			const gnutls_datum_t * ciphertext,
+			const gnutls_pk_params_st * priv);
+	int (*decrypt2) (gnutls_pk_algorithm_t,
+			 const gnutls_datum_t * ciphertext,
+                         unsigned char * plaintext,
+                         size_t paintext_size,
+			 const gnutls_pk_params_st * priv);
+	int (*sign) (gnutls_pk_algorithm_t, gnutls_datum_t * signature,
+		     const gnutls_datum_t * data,
+		     const gnutls_pk_params_st *priv,
+		     const gnutls_x509_spki_st *sign);
+	int (*verify) (gnutls_pk_algorithm_t, const gnutls_datum_t * data,
+		       const gnutls_datum_t * sig,
+		       const gnutls_pk_params_st *pub,
+		       const gnutls_x509_spki_st *sign);
+	/* sanity checks the public key parameters */
+	int (*verify_priv_params) (gnutls_pk_algorithm_t,
+			      const gnutls_pk_params_st * priv);
+	int (*verify_pub_params) (gnutls_pk_algorithm_t,
+			      const gnutls_pk_params_st * pub);
+	int (*generate_keys) (gnutls_pk_algorithm_t, unsigned int nbits,
+			 gnutls_pk_params_st *, unsigned ephemeral);
+	int (*generate_params) (gnutls_pk_algorithm_t, unsigned int nbits,
+			 gnutls_pk_params_st *);
+	/* this function should convert params to ones suitable
+	 * for the above functions
+	 */
+	int (*pk_fixup_private_params) (gnutls_pk_algorithm_t,
+					gnutls_direction_t,
+					gnutls_pk_params_st *);
+#define PK_DERIVE_TLS13 1
+	int (*derive) (gnutls_pk_algorithm_t, gnutls_datum_t * out,
+		       const gnutls_pk_params_st * priv,
+		       const gnutls_pk_params_st * pub,
+		       const gnutls_datum_t *nonce,
+		       unsigned int flags);
+
+	int (*curve_exists) (gnutls_ecc_curve_t);	/* true/false */
+	int (*pk_exists) (gnutls_pk_algorithm_t);	/* true/false */
+	int (*sign_exists) (gnutls_sign_algorithm_t);	/* true/false */
+} gnutls_crypto_pk_st;
+
+/* priority: infinity for backend algorithms, 90 for kernel
+   algorithms, lowest wins
+ */
+int gnutls_crypto_single_cipher_register(gnutls_cipher_algorithm_t
+					 algorithm, int priority,
+					 const gnutls_crypto_single_cipher_st *s,
+					 int free_s);
+int gnutls_crypto_single_mac_register(gnutls_mac_algorithm_t algorithm,
+				      int priority,
+				      const gnutls_crypto_single_mac_st *
+				      s, int free_s);
+int gnutls_crypto_single_digest_register(gnutls_digest_algorithm_t
+					 algorithm, int priority,
+					 const
+					 gnutls_crypto_single_digest_st *
+					 s, int free_s);
+
+int gnutls_crypto_rnd_register(int priority,
+			       const gnutls_crypto_rnd_st * s);
+int gnutls_crypto_pk_register(int priority, const gnutls_crypto_pk_st * s);
+int gnutls_crypto_bigint_register(int priority,
+				  const gnutls_crypto_bigint_st * s);
+
+/* Provided by crypto-backend */
+int
+_gnutls_prf_raw(gnutls_mac_algorithm_t mac,
+		size_t master_size, const void *master,
+		size_t label_size, const char *label,
+		size_t seed_size, const uint8_t *seed, size_t outsize,
+		char *out);
+
+int _gnutls_gost_key_wrap(gnutls_gost_paramset_t gost_params,
+			  const gnutls_datum_t *kek,
+			  const gnutls_datum_t *ukm,
+			  const gnutls_datum_t *cek,
+			  gnutls_datum_t *enc,
+			  gnutls_datum_t *imit);
+
+int _gnutls_gost_key_unwrap(gnutls_gost_paramset_t gost_params,
+			    const gnutls_datum_t *kek,
+			    const gnutls_datum_t *ukm,
+			    const gnutls_datum_t *enc,
+			    const gnutls_datum_t *imit,
+			    gnutls_datum_t *cek);
+
+int
+_gnutls_rsa_pkcs1_sign_pad(size_t key_bits,
+			   const gnutls_datum_t *data,
+			   unsigned char *buffer, size_t buffer_size);
+
+int
+_gnutls_rsa_pss_sign_pad(gnutls_x509_spki_st *params,
+			 size_t key_bits,
+			 const gnutls_datum_t *data,
+			 unsigned char *buffer, size_t buffer_size);
+
+#endif /* GNUTLS_LIB_CRYPTO_BACKEND_H */
diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c
new file mode 100644
index 0000000..9b7c692
--- /dev/null
+++ b/lib/crypto-selftests-pk.c
@@ -0,0 +1,1102 @@
+/*
+ * Copyright (C) 2013 Red Hat
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "fips.h"
+#include <cipher_int.h>
+#include <datum.h>
+#include <gnutls/crypto.h>
+#include <gnutls/self-test.h>
+#include "errors.h"
+#include <gnutls/abstract.h>
+#include <pk.h>
+#include <debug.h>
+
+#define DATASTR "Hello there!"
+static const gnutls_datum_t signed_data = {
+	.data = (void *) DATASTR,
+	.size = sizeof(DATASTR) - 1
+};
+
+static const gnutls_datum_t bad_data = {
+	.data = (void *) DATASTR,
+	.size = sizeof(DATASTR) - 2
+};
+
+/* RSA 2048 private key and signature */
+static const char rsa_2048_privkey[] =
+	"-----BEGIN RSA PRIVATE KEY-----\n"
+	"MIIEogIBAAKCAQEA6yCv+BLrRP/dMPBXJWK21c0aqxIX6JkODL4K+zlyEURt8/Wp\n"
+	"nw37CJwHD3VrimSnk2SJvBfTNhzYhCsLShDOPvi4qBrLZ1WozjoVJ8tRE4VCcjQJ\n"
+	"snpJ7ldiV+Eos1Z3FkbV/uQcw5CYCb/TciSukaWlI+G/xas9EOOFt4aELbc1yDe0\n"
+	"hyfPDtoaKfek4GhT9qT1I8pTC40P9OrA9Jt8lblqxHWwqmdunLTjPjB5zJT6QgI+\n"
+	"j1xuq7ZOQhveNA/AOyzh574GIpgsuvPPLBQwsCQkscr7cFnCsyOPgYJrQW3De2+l\n"
+	"wjp2D7gZeeQcFQKazXcFoiqNpJWoBWmU0qqsgwIDAQABAoIBAAghNzRioxPdrO42\n"
+	"QS0fvqah0tw7Yew+7oduQr7w+4qxTQP0aIsBVr6zdmMIclF0rX6hKUoBoOHsGWho\n"
+	"fJlw/1CaFPhrBMFr6sxGodigZQtBvkxolDVBmTDOgK39MQUSZke0501K4du5MiiU\n"
+	"I2F89zQ9//m/onvZMeFVnJf95LAX5qHr/FLARQFtOpgWzcGVxdvJdJlYb1zMUril\n"
+	"PqyAZXo1j0vgHWwSd54k8mBLus7l8KT57VFce8+9nBPrOrqW4rDVXzs/go3S+kiI\n"
+	"OyzYeUs9czg1N1e3VhEaC+EdYUawc0ASuEkbsJ53L8pwDvS+2ly2ykYziJp95Fjv\n"
+	"bzyd1dECgYEA8FzGCxu7A6/ei9Dn0Fmi8Ns/QvEgbdlGw4v4MlXHjrGJYdOB0BwG\n"
+	"2D2k0ODNYKlUX2J4hi5x8aCH33y/v0EcOHyuqM33vOWBVbdcumCqcOmp341UebAO\n"
+	"uCPgDJNhjxXaeDVPnizqnOBA1B9sTxwmCOmFIiFRLbR+XluvDh3t8L0CgYEA+my6\n"
+	"124Rw7kcFx+9JoB/Z+bUJDYpefUT91gBUhhEdEMx5fujhMzAbLpIRjFQq+75Qb7v\n"
+	"0NyIS09B4oKOqQYzVEJwqKY7H71BTl7QuzJ8Qtuh/DMZsVIt6xpvdeuAKpEOqz44\n"
+	"ZD3fW1B59A3ja7kqZadCqq2b02UTk+gdeOrYBj8CgYACX3gZDfoHrEnPKY3QUcI5\n"
+	"DIEQYR8H1phLP+uAW7ZvozMPAy6J5mzu35Tr9vwwExvhITC9amH3l7UfsLSX58Wm\n"
+	"jRyQUBA9Dir7tKa2tFOab8Qcj+GgnetXSAtjNGVHK1kPzL7vedQLHm+laHYCRe3e\n"
+	"Mqf80UVi5SBGQDN3OTZrJQKBgEkj2oozDqMwfGDQl0kYfJ2XEFynKQQCrVsva+tT\n"
+	"RSMDwR4fmcmel5Dp81P08U/WExy9rIM+9duxAVgrs4jwU6uHYCoRqvEBMIK4NJSI\n"
+	"ETzhsvTa4+UjUF/7L5SsPJmyFiuzl3rHi2W7InNCXyrGQPjBmjoJTJq4SbiIMZtw\n"
+	"U7m3AoGACG2rE/Ud71kyOJcKwxzEt8kd+2CMuaZeE/xk+3zLSSjXJzKPficogM3I\n"
+	"K37/N7N0FjhdQ5hRuD3GH1fcjv9AKdGHsH7RuaG+jHTRUjS1glr17SSQzh6xXnWj\n"
+	"jG0M4UZm5P9STL09nZuWH0wfpr/eg+9+A6yOVfnADI13v+Ygk7k=\n"
+	"-----END RSA PRIVATE KEY-----\n";
+
+static const char rsa_2048_sig[] =
+	"\x7a\xb3\xf8\xb0\xf9\xf0\x52\x88\x37\x17\x97\x9f\xbe\x61\xb4\xd2"
+	"\x43\x78\x9f\x79\x92\xd0\xad\x08\xdb\xbd\x3c\x72\x7a\xb5\x51\x59"
+	"\x63\xd6\x7d\xf1\x9c\x1e\x10\x7b\x27\xab\xf8\xd4\x9d\xcd\xc5\xf9"
+	"\xae\xf7\x09\x6b\x40\x93\xc5\xe9\x1c\x0f\xb4\x82\xa1\x47\x86\x54"
+	"\x63\xd2\x4d\x40\x9a\x80\xb9\x38\x45\x69\xa2\xd6\x92\xb6\x69\x7f"
+	"\x3f\xf3\x5b\xa5\x1d\xac\x06\xad\xdf\x4e\xbb\xe6\xda\x68\x0d\xe5"
+	"\xab\xef\xd2\xf0\xc5\xd8\xc0\xed\x80\xe2\xd4\x76\x98\xec\x44\xa2"
+	"\xfc\x3f\xce\x2e\x8b\xc4\x4b\xab\xb0\x70\x24\x52\x85\x2a\x36\xcd"
+	"\x9a\xb5\x05\x00\xea\x98\x7c\x72\x06\x68\xb1\x38\x44\x16\x80\x6a"
+	"\x3b\x64\x72\xbb\xfd\x4b\xc9\xdd\xda\x2a\x68\xde\x7f\x6e\x48\x28"
+	"\xc1\x63\x57\x2b\xde\x83\xa3\x27\x34\xd7\xa6\x87\x18\x35\x10\xff"
+	"\x31\xd9\x47\xc9\x84\x35\xe1\xaa\xe2\xf7\x98\xfa\x19\xd3\xf1\x94"
+	"\x25\x2a\x96\xe4\xa8\xa7\x05\x10\x93\x87\xde\x96\x85\xe5\x68\xb8"
+	"\xe5\x4e\xbf\x66\x85\x91\xbd\x52\x5b\x3d\x9f\x1b\x79\xea\xe3\x8b"
+	"\xef\x62\x18\x39\x7a\x50\x01\x46\x1b\xde\x8d\x37\xbc\x90\x6c\x07"
+	"\xc0\x07\xed\x60\xce\x2e\x31\xd6\x8f\xe8\x75\xdb\x45\x21\xc6\xcb";
+
+/* DSA 2048 private key and signature */
+static const char dsa_2048_privkey[] =
+	"-----BEGIN DSA PRIVATE KEY-----\n"
+	"MIIDTQIBAAKCAQEAh60B6yPMRIT7udq2kKuwnQDohvT1U0w+RJcSr23C05cM/Ovn\n"
+	"UP/8Rrj6T8K+uYhMbKgLaZiJJW9q04jaPQk0cfUphbLvRjzVHwE/0Bkb+Y1Rv7ni\n"
+	"Jot2IFMq5iuNraf889PC0WREvFCcIkSFY2Ac4WT7mCcBtfx/raGFXDUjcUrJ0HwZ\n"
+	"IOhjQDfcXUsztuyYsYA75ociEY8kyDZq/ixyr5++R1VjNf30Re8AbQlXOEGxEN5t\n"
+	"t+Tvpq8K5L3prQs2KNSzyOUmedjb/ojH4T4qe/RL9EVjjeuIGHDNUT6F197yZ91y\n"
+	"qLLTf1WjnUyZcKij5rryX0LJBBWawEZjNSHZawIdAMQlyycia4NigCdiDR+QptUn\n"
+	"2xrj9o14fXkIrXcCggEAXRZm1rbPhsjSTo6cpCVrmDzO1grv83EHiBH4MvRQQnP8\n"
+	"FpAREsBA5cYju97XvLaLhioZeMjLn08kU7TUbHRUB+ULTuVvE2dQbBpGuKiLRRt9\n"
+	"6U2T0eD3xGLoM+o8EY/kpqaWGEpZv7hzM9xuo4vy55+viAZgFWULqmltwfG/7w7V\n"
+	"NXUHNv5H4Ipw//fSDLTPqzUlNqSSswDLz6pCjWEs0rWAqNAMaOiLTz4id9pL48Oe\n"
+	"oAfpcQR9tgTEnwyXfZBnrJVclHhkHKGeXvU05IgCzpKO76Z5R+By50T0i/JV7vzM\n"
+	"l2yS9aAl/cprT6U7yI3oU/blldCVNpMcFAFb+fO8DAKCAQBVMo8xptyvQOJeSvbO\n"
+	"SSYdJ3IiI/0GdkcGWXblWg9z7mrPaWEnT7OquEm/+vYtWd3GHDtyNM+jzsN4Xgjc\n"
+	"TL3AEd2hLiozJQ1BFKw25VU08UHAYTzUxZhO4Vwtmp46Kwj8YLDQ3NHRWCBxpDQR\n"
+	"fbiFvyXP+qXap6plMfrydnUD1mae/JSOWOYgdB7tFIehstLxVXx/cAnjwgFU03Df\n"
+	"grjsad92zA1Hc9wIjbsgAQdTR5DWnFRkRt3UtayBwoyqm6QceZHsv1NAGvkQ4ion\n"
+	"bEjkHkjF9YCkR9/rspR8cLghRIXMjOpypuSbaRPeeWq0gP2UOxFL/d3iWH0ETr/L\n"
+	"kTlCAhxYGpVgtfB96qmJukyl9GOGvfkwFTgEyIDoV84M\n"
+	"-----END DSA PRIVATE KEY-----\n";
+
+static const char dsa_2048_sig[] =
+	"\x30\x3d\x02\x1d\x00\xbe\x87\x2f\xcf\xa1\xe4\x86\x5c\x72\x58\x4a"
+	"\x7b\x8f\x32\x7f\xa5\x1b\xdc\x5c\xae\xda\x98\xea\x15\x32\xed\x0c"
+	"\x4e\x02\x1c\x4c\x76\x01\x2b\xcd\xb9\x33\x95\xf2\xfa\xde\x56\x01"
+	"\xb7\xaa\xe4\x5a\x4a\x2e\xf1\x24\x5a\xd1\xb5\x83\x9a\x93\x61";
+
+/* secp256r1 private key and signature */
+static const char ecdsa_secp256r1_privkey[] =
+	"-----BEGIN EC PRIVATE KEY-----\n"
+	"MHcCAQEEIPAKWV7+pZe9c5EubMNfAEKWRQtP/MvlO9HehwHmJssNoAoGCCqGSM49\n"
+	"AwEHoUQDQgAE2CNONRio3ciuXtoomJKs3MdbzLbd44VPhtzJN30VLFm5gvnfiCj2\n"
+	"zzz7pl9Cv0ECHl6yedNI8QEKdcwCDgEmkQ==\n"
+	"-----END EC PRIVATE KEY-----\n";
+
+static const char ecdsa_secp256r1_sig[] =
+	"\x30\x45\x02\x21\x00\x80\x67\x18\xb9\x72\xc6\x0b\xe1\xc9\x89\x9b"
+	"\x85\x11\x49\x29\x08\xd9\x86\x76\xcc\xfb\xc1\xf4\xd0\xa2\x5e\xa7"
+	"\xb9\x12\xfb\x1a\x68\x02\x20\x67\x12\xb1\x89\x9e\x1d\x9d\x5c\x0f"
+	"\xef\x6e\xa7\x2a\x95\x8c\xfa\x54\x20\x80\xc8\x30\x7c\xff\x06\xbc"
+	"\xc8\xe2\x9a\x2f\x05\x2f\x67";
+
+#ifdef ENABLE_NON_SUITEB_CURVES
+/* secp192r1 private key and signature */
+static const char ecdsa_secp192r1_privkey[] =
+	"-----BEGIN EC PRIVATE KEY-----"
+	"MF8CAQEEGLjezFcbgDMeApVrdtZHvu/k1a8/tVZ41KAKBggqhkjOPQMBAaE0AzIA"
+	"BO1lciKdgxeRH8k64vxcaV1OYIK9akVrW02Dw21MXhRLP0l0wzCw6LGSr5rS6AaL"
+	"Fg==" "-----END EC PRIVATE KEY-----";
+
+static const char ecdsa_secp192r1_sig[] =
+	"\x30\x34\x02\x18\x7c\x43\xe3\xb7\x26\x90\x43\xb5\xf5\x63\x8f\xee"
+	"\xac\x78\x3d\xac\x35\x35\xd0\x1e\x83\x17\x2b\x64\x02\x18\x14\x6e"
+	"\x94\xd5\x7e\xac\x43\x42\x0b\x71\x7a\xc8\x29\xe6\xe3\xda\xf2\x95"
+	"\x0e\xe0\x63\x24\xed\xf2";
+
+/* secp224r1 private key and signature */
+static const char ecdsa_secp224r1_privkey[] =
+	"-----BEGIN EC PRIVATE KEY-----"
+	"MGgCAQEEHOKWJFdWdrR/CgVrUeTeawOrJ9GozE9KKx2a8PmgBwYFK4EEACGhPAM6"
+	"AAQKQj3YpenWT7lFR41SnBvmj/+Bj+kgzQnaF65qWAtPRJsZXFlLTu3/IUNqSRu9"
+	"DqPsk8xBHAB7pA==" "-----END EC PRIVATE KEY-----";
+
+static const char ecdsa_secp224r1_sig[] =
+	"\x30\x3d\x02\x1c\x14\x22\x09\xa1\x51\x33\x37\xfd\x78\x73\xbd\x84"
+	"\x6e\x76\xa8\x60\x90\xf5\xb6\x57\x34\x25\xe0\x79\xe3\x01\x61\xa9"
+	"\x02\x1d\x00\xb1\xee\xdb\xae\xb3\xe6\x9c\x04\x68\xd5\xe1\x0d\xb6"
+	"\xfc\x5c\x45\xc3\x4f\xbf\x2b\xa5\xe0\x89\x37\x84\x04\x82\x5f";
+#endif
+
+/* secp384r1 private key and signature */
+static const char ecdsa_secp384r1_privkey[] =
+	"-----BEGIN EC PRIVATE KEY-----"
+	"MIGkAgEBBDDevshD6gb+4rZpC9vwFcIwNs4KmGzdqCxyyN40a8uOWRbyf7aHdiSS"
+	"03oAyKtc4JCgBwYFK4EEACKhZANiAARO1KkPMno2tnNXx1S9EZkp8SOpDCZ4aobH"
+	"IYv8RHnSmKf8I3OKD6TaoeR+1MwJmNJUH90Bj45WXla68/vsPiFcfVKboxsZYe/n"
+	"pv8e4ugXagVQVBXNZJ859iYPdJR24vo=" "-----END EC PRIVATE KEY-----";
+
+static const char ecdsa_secp384r1_sig[] =
+	"\x30\x65\x02\x31\x00\xa7\x73\x60\x16\xdb\xf9\x1f\xfc\x9e\xd2\x12"
+	"\x23\xd4\x04\xa7\x31\x1f\x15\x28\xfd\x87\x9c\x2c\xb1\xf3\x38\x35"
+	"\x23\x3b\x6e\xfe\x6a\x5d\x89\x34\xbe\x02\x82\xc6\x27\xea\x45\x53"
+	"\xa9\x87\xc5\x31\x0a\x02\x30\x76\x32\x80\x6b\x43\x3c\xb4\xfd\x90"
+	"\x03\xe0\x1d\x5d\x77\x18\x45\xf6\x71\x29\xa9\x05\x87\x49\x75\x3a"
+	"\x78\x9c\x49\xe5\x6c\x8e\x18\xcd\x5d\xee\x2c\x6f\x92\xf7\x15\xd3"
+	"\x38\xd5\xf9\x9b\x9d\x1a\xf4";
+
+/* secp521r1 private key and signature */
+static const char ecdsa_secp521r1_privkey[] =
+	"-----BEGIN EC PRIVATE KEY-----"
+	"MIHbAgEBBEGO2n7NN363qSCvJVdlQtCvudtaW4o0fEufXRjE1AsCrle+VXX0Zh0w"
+	"Y1slSeDHMndpakoiF+XkQ+bhcB867UV6aKAHBgUrgQQAI6GBiQOBhgAEAQb6jDpo"
+	"byy1tF8Zucg0TMGUzIN2DK+RZJ3QQRdWdirO25OIC3FoFi1Yird6rpoB6HlNyJ7R"
+	"0bNG9Uv34bSHMn8yAFoiqxUCdJZQbEenMoZsi6COaePe3e0QqvDMr0hEWT23Sr3t"
+	"LpEV7eZGFfFIJw5wSUp2KOcs+O9WjmoukTWtDKNV"
+	"-----END EC PRIVATE KEY-----";
+
+static const char ecdsa_secp521r1_sig[] =
+	"\x30\x81\x88\x02\x42\x01\x9d\x13\x2e\xc9\x75\x1b\x60\x10\x62\xc5"
+	"\x0d\xcb\x08\x9e\x86\x01\xd3\xc9\x8c\xee\x2e\x16\x3d\x8c\xc2\x65"
+	"\x80\xe1\x32\x56\xc3\x02\x9d\xf0\x4a\x89\x8d\x2e\x33\x2a\x90\x4e"
+	"\x72\x1d\xaa\x84\x14\xe8\xcb\xdf\x7a\x4a\xc9\x67\x2e\xba\xa3\xf2"
+	"\xc2\x07\xf7\x1b\xa5\x91\xbd\x02\x42\x01\xe3\x32\xd2\x25\xeb\x2e"
+	"\xaf\xb4\x6c\xc0\xaa\x5c\xc1\x56\x14\x13\x23\x7f\x62\xcf\x4c\xb8"
+	"\xd1\x96\xe0\x29\x6d\xed\x74\xdd\x23\x64\xf9\x29\x86\x40\x22\x2f"
+	"\xb6\x8d\x4c\x8e\x0b\x7a\xda\xdb\x03\x44\x01\x9b\x81\x1c\x3c\xab"
+	"\x78\xee\xf2\xc5\x24\x33\x61\x65\x01\x87\x66";
+
+/* GOST01 private key */
+static const char gost01_privkey[] =
+	"-----BEGIN PRIVATE KEY-----\n"
+	"MEUCAQAwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEEIgQgdNfuHGmmTdPm\n"
+	"p5dAa3ea9UYxpdYQPP9lbDwzQwG2bJM=\n"
+	"-----END PRIVATE KEY-----\n";
+
+/* GOST12 256 private key */
+static const char gost12_256_privkey[] =
+	"-----BEGIN PRIVATE KEY-----\n"
+	"MEgCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIEIgQgKOF96tom\n"
+	"D61rhSnzKjyrmO3fv0gdlHei+6ovrc8SnBk=\n"
+	"-----END PRIVATE KEY-----\n";
+
+/* GOST12 512 private key */
+static const char gost12_512_privkey[] =
+	"-----BEGIN PRIVATE KEY-----\n"
+	"MGoCAQAwIQYIKoUDBwEBAQIwFQYJKoUDBwECAQIBBggqhQMHAQECAwRCBECjFpvp\n"
+	"B0vdc7u59b99TCNXhHiB69JJtUjvieNkGYJpoaaIvoKZTNCjpSZASsZcQZCHOTof\n"
+	"hsQ3JCCy4xnd5jWT\n"
+	"-----END PRIVATE KEY-----\n";
+
+static int test_rsa_enc(gnutls_pk_algorithm_t pk,
+			unsigned bits, gnutls_digest_algorithm_t ign)
+{
+	int ret;
+	gnutls_datum_t enc = { NULL, 0 };
+	gnutls_datum_t dec = { NULL, 0 };
+	gnutls_datum_t raw_rsa_key = { (void*)rsa_2048_privkey, sizeof(rsa_2048_privkey)-1 };
+	gnutls_privkey_t key;
+	gnutls_pubkey_t pub = NULL;
+	unsigned char plaintext2[sizeof(DATASTR) - 1];
+
+	ret = gnutls_privkey_init(&key);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pubkey_init(&pub);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_privkey_import_x509_raw(key, &raw_rsa_key, GNUTLS_X509_FMT_PEM, NULL, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_import_privkey(pub, key, 0, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_encrypt_data(pub, 0, &signed_data, &enc);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (enc.size == signed_data.size && memcmp(signed_data.data, enc.data,
+		enc.size) == 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_SELF_TEST_ERROR;
+		goto cleanup;
+	}
+
+	ret = gnutls_privkey_decrypt_data(key, 0, &enc, &dec);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (dec.size != signed_data.size
+	    || memcmp(dec.data, signed_data.data, dec.size) != 0) {
+		ret = GNUTLS_E_SELF_TEST_ERROR;
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_privkey_decrypt_data2(key, 0, &enc, plaintext2,
+					   signed_data.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	if (memcmp(plaintext2, signed_data.data, signed_data.size) != 0) {
+		ret = GNUTLS_E_SELF_TEST_ERROR;
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+      cleanup:
+	if (pub != NULL)
+		gnutls_pubkey_deinit(pub);
+	gnutls_privkey_deinit(key);
+	gnutls_free(enc.data);
+	gnutls_free(dec.data);
+
+	if (ret == 0)
+		_gnutls_debug_log("%s-%u-enc self test succeeded\n",
+				  gnutls_pk_get_name(pk), bits);
+	else
+		_gnutls_debug_log("%s-%u-enc self test failed\n",
+				  gnutls_pk_get_name(pk), bits);
+
+	return ret;
+}
+
+static int test_sig(gnutls_pk_algorithm_t pk,
+		    unsigned bits, gnutls_sign_algorithm_t sigalgo)
+{
+	int ret;
+	gnutls_privkey_t key;
+	gnutls_datum_t raw_key;
+	gnutls_datum_t sig = { NULL, 0 };
+	gnutls_pubkey_t pub = NULL;
+	char param_name[32];
+	unsigned vflags = 0;
+
+	if (sigalgo == GNUTLS_SIGN_GOST_94)
+		vflags |= GNUTLS_VERIFY_ALLOW_BROKEN;
+
+	ret = gnutls_privkey_init(&key);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pubkey_init(&pub);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	switch(pk) {
+		case GNUTLS_PK_RSA:
+				raw_key.data = (void*)rsa_2048_privkey;
+				raw_key.size = sizeof(rsa_2048_privkey) - 1;
+				snprintf(param_name, sizeof(param_name), "%u", bits);
+			break;
+		case GNUTLS_PK_RSA_PSS:
+				raw_key.data = (void*)rsa_2048_privkey;
+				raw_key.size = sizeof(rsa_2048_privkey) - 1;
+				snprintf(param_name, sizeof(param_name), "%u", bits);
+			break;
+		case GNUTLS_PK_DSA:
+				raw_key.data = (void*)dsa_2048_privkey;
+				raw_key.size = sizeof(dsa_2048_privkey) - 1;
+				snprintf(param_name, sizeof(param_name), "%u", bits);
+			break;
+		case GNUTLS_PK_ECC:
+			switch(bits) {
+#ifdef ENABLE_NON_SUITEB_CURVES
+				case GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP192R1):
+					raw_key.data = (void*)ecdsa_secp192r1_privkey;
+					raw_key.size = sizeof(ecdsa_secp192r1_privkey) - 1;
+					break;
+				case GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP224R1):
+					raw_key.data = (void*)ecdsa_secp224r1_privkey;
+					raw_key.size = sizeof(ecdsa_secp224r1_privkey) - 1;
+					break;
+#endif
+				case GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1):
+					raw_key.data = (void*)ecdsa_secp256r1_privkey;
+					raw_key.size = sizeof(ecdsa_secp256r1_privkey) - 1;
+					break;
+				case GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP384R1):
+					raw_key.data = (void*)ecdsa_secp384r1_privkey;
+					raw_key.size = sizeof(ecdsa_secp384r1_privkey) - 1;
+					break;
+				case GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP521R1):
+					raw_key.data = (void*)ecdsa_secp521r1_privkey;
+					raw_key.size = sizeof(ecdsa_secp521r1_privkey) - 1;
+					break;
+				default:
+					gnutls_assert();
+					ret = GNUTLS_E_INTERNAL_ERROR;
+					goto cleanup;
+			}
+			snprintf(param_name, sizeof(param_name), "%s",
+					 gnutls_ecc_curve_get_name(GNUTLS_BITS_TO_CURVE
+					 (bits)));
+			break;
+		case GNUTLS_PK_GOST_01:
+			raw_key.data = (void*)gost01_privkey;
+			raw_key.size = sizeof(gost01_privkey) - 1;
+			snprintf(param_name, sizeof(param_name), "%s",
+					 gnutls_ecc_curve_get_name(GNUTLS_BITS_TO_CURVE
+					 (bits)));
+			break;
+		case GNUTLS_PK_GOST_12_256:
+			raw_key.data = (void*)gost12_256_privkey;
+			raw_key.size = sizeof(gost12_256_privkey) - 1;
+			snprintf(param_name, sizeof(param_name), "%s",
+					 gnutls_ecc_curve_get_name(GNUTLS_BITS_TO_CURVE
+					 (bits)));
+			break;
+		case GNUTLS_PK_GOST_12_512:
+			raw_key.data = (void*)gost12_512_privkey;
+			raw_key.size = sizeof(gost12_512_privkey) - 1;
+			snprintf(param_name, sizeof(param_name), "%s",
+					 gnutls_ecc_curve_get_name(GNUTLS_BITS_TO_CURVE
+					 (bits)));
+			break;
+		default:
+			gnutls_assert();
+			ret = GNUTLS_E_INTERNAL_ERROR;
+			goto cleanup;
+	}
+
+	ret = gnutls_privkey_import_x509_raw(key, &raw_key, GNUTLS_X509_FMT_PEM, NULL, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_import_privkey(pub, key, 0, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_privkey_sign_data2(key, sigalgo, 0, &signed_data, &sig);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    gnutls_pubkey_verify_data2(pub, sigalgo, vflags,
+				       &signed_data, &sig);
+	if (ret < 0) {
+		ret = GNUTLS_E_SELF_TEST_ERROR;
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    gnutls_pubkey_verify_data2(pub, sigalgo, vflags,
+				       &bad_data, &sig);
+
+	if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) {
+		ret = GNUTLS_E_SELF_TEST_ERROR;
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+cleanup:
+	if (pub != NULL)
+		gnutls_pubkey_deinit(pub);
+	gnutls_privkey_deinit(key);
+	gnutls_free(sig.data);
+
+	if (ret == 0)
+		_gnutls_debug_log("%s-%s-sig self test succeeded\n",
+				  gnutls_pk_get_name(pk), param_name);
+	else
+		_gnutls_debug_log("%s-%s-sig self test failed\n",
+				  gnutls_pk_get_name(pk), param_name);
+
+	return ret;
+}
+
+static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits,
+			  gnutls_digest_algorithm_t dig,
+			  const void *privkey, size_t privkey_size,
+			  const void *stored_sig, size_t stored_sig_size,
+			  gnutls_privkey_flags_t flags)
+{
+	int ret;
+	gnutls_datum_t sig = { NULL, 0 };
+	gnutls_datum_t t, ssig;
+	gnutls_pubkey_t pub = NULL;
+	gnutls_privkey_t key;
+	char param_name[32];
+	unsigned vflags = 0;
+
+	if (pk == GNUTLS_PK_EC ||
+	    pk == GNUTLS_PK_GOST_01 ||
+	    pk == GNUTLS_PK_GOST_12_256 ||
+	    pk == GNUTLS_PK_GOST_12_512)
+	{
+		snprintf(param_name, sizeof(param_name), "%s",
+			 gnutls_ecc_curve_get_name(GNUTLS_BITS_TO_CURVE
+						   (bits)));
+		if (dig == GNUTLS_DIG_GOSTR_94)
+			vflags |= GNUTLS_VERIFY_ALLOW_BROKEN;
+	} else {
+		snprintf(param_name, sizeof(param_name), "%u", bits);
+	}
+
+	ret = gnutls_privkey_init(&key);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pubkey_init(&pub);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	t.data = (void *) privkey;
+	t.size = privkey_size;
+
+	ret =
+	    gnutls_privkey_import_x509_raw(key, &t, GNUTLS_X509_FMT_PEM,
+					   NULL, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (pk != (unsigned) gnutls_privkey_get_pk_algorithm(key, NULL)) {
+		ret = GNUTLS_E_SELF_TEST_ERROR;
+		goto cleanup;
+	}
+
+	ret = gnutls_privkey_sign_data(key, dig, flags, &signed_data, &sig);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Test if the generated signature matches the stored */
+	ssig.data = (void *) stored_sig;
+	ssig.size = stored_sig_size;
+
+	if (sig.size != ssig.size
+		|| memcmp(sig.data, ssig.data, sig.size) != 0) {
+		ret = GNUTLS_E_SELF_TEST_ERROR;
+#if 0
+		unsigned i;
+		fprintf(stderr, "Algorithm: %s-%s\n",
+				  gnutls_pk_get_name(pk), param_name);
+		fprintf(stderr, "\nstored[%d]: ", ssig.size);
+		for (i = 0; i < ssig.size; i++)
+			fprintf(stderr, "\\x%.2x", ssig.data[i]);
+
+		fprintf(stderr, "\ngenerated[%d]: ", sig.size);
+		for (i = 0; i < sig.size; i++)
+			fprintf(stderr, "\\x%.2x", sig.data[i]);
+		fprintf(stderr, "\n");
+#endif
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Test if we can verify the generated signature */
+
+	ret = gnutls_pubkey_import_privkey(pub, key, 0, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), vflags,
+				       &signed_data, &sig);
+	if (ret < 0) {
+		ret = GNUTLS_E_SELF_TEST_ERROR;
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Test if a broken signature will cause verification error */
+
+	ret =
+	    gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0,
+				       &bad_data, &sig);
+
+	if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) {
+		ret = GNUTLS_E_SELF_TEST_ERROR;
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	gnutls_free(sig.data);
+	if (pub != 0)
+		gnutls_pubkey_deinit(pub);
+	gnutls_privkey_deinit(key);
+
+	if (ret == 0)
+		_gnutls_debug_log("%s-%s-known-sig self test succeeded\n",
+				  gnutls_pk_get_name(pk), param_name);
+	else
+		_gnutls_debug_log("%s-%s-known-sig self test failed\n",
+				  gnutls_pk_get_name(pk), param_name);
+
+	return ret;
+}
+
+#define PK_TEST(pk, func, bits, sigalgo) \
+			ret = func(pk, bits, sigalgo); \
+			if (ret < 0) { \
+				gnutls_assert(); \
+				goto cleanup; \
+			}
+
+#define PK_KNOWN_TEST(pk, bits, dig, pkey, sig, flags) \
+			ret = test_known_sig(pk, bits, dig, pkey, sizeof(pkey)-1, sig, sizeof(sig)-1, flags); \
+			if (ret < 0) { \
+				gnutls_assert(); \
+				goto cleanup; \
+			}
+
+
+/* Known answer tests for DH */
+static int test_dh(void)
+{
+	int ret;
+	gnutls_pk_params_st priv;
+	gnutls_pk_params_st pub;
+	gnutls_datum_t out = {NULL, 0};
+
+	/* FFDHE 3072 test vector provided by Stephan Mueller in:
+	 * https://gitlab.com/gnutls/gnutls/-/merge_requests/1342#note_424430996
+	 */
+	static const uint8_t known_dh_k[] = {
+		0xec, 0xb3, 0x85, 0x0c, 0x72, 0x55, 0x55, 0xc2, 0x98, 0x36,
+		0xbe, 0x75, 0x9e, 0xc9, 0x9d, 0x8b, 0x16, 0xa6, 0xe6, 0x84,
+		0x33, 0x12, 0x80, 0x1d, 0xac, 0xde, 0x6a, 0xd7, 0x3b, 0x1e,
+		0x15, 0xca, 0x5d, 0x26, 0xb3, 0x0a, 0x35, 0xf4, 0xbb, 0xad,
+		0x71, 0xcb, 0x03, 0x1a, 0xcb, 0xfb, 0x83, 0xf0, 0xa8, 0xde,
+		0xed, 0x5e, 0x3d, 0x98, 0xd2, 0xb0, 0xef, 0xad, 0xdf, 0x32,
+		0xa0, 0x16, 0x7d, 0x0e, 0x29, 0xd8, 0x85, 0xca, 0x12, 0x97,
+		0x56, 0xab, 0x6a, 0x26, 0xa4, 0x46, 0x3d, 0x87, 0xd7, 0xe0,
+		0xb4, 0x3e, 0x28, 0x75, 0xac, 0x59, 0xc5, 0x71, 0x3a, 0x24,
+		0x15, 0x76, 0x98, 0x72, 0x94, 0x2d, 0xd0, 0x0e, 0xbc, 0x9a,
+		0x77, 0xd4, 0xe2, 0xb2, 0x76, 0x54, 0x4a, 0x56, 0xbe, 0x0b,
+		0x43, 0xf8, 0x21, 0x6f, 0x54, 0x32, 0xde, 0xb7, 0xd5, 0xb7,
+		0x08, 0x00, 0xd2, 0x57, 0x8c, 0x0b, 0x8b, 0x02, 0x3e, 0xdb,
+		0x72, 0x54, 0x3a, 0xc0, 0x50, 0x66, 0xbc, 0xc9, 0x67, 0xf5,
+		0x22, 0x28, 0xf2, 0x3c, 0x51, 0x94, 0x61, 0x26, 0x9a, 0xc6,
+		0x42, 0x0e, 0x8b, 0x42, 0xad, 0x79, 0x40, 0xa9, 0x0b, 0xdc,
+		0x84, 0xd5, 0x71, 0x83, 0x94, 0xd9, 0x83, 0x2f, 0x08, 0x74,
+		0xbc, 0x37, 0x6a, 0x3e, 0x1e, 0xbc, 0xcc, 0x09, 0x23, 0x30,
+		0x79, 0x01, 0x39, 0xf6, 0xe3, 0xa8, 0xc0, 0xfa, 0x7e, 0xdb,
+		0x0b, 0x71, 0x3e, 0x4f, 0x1f, 0x69, 0x84, 0xa6, 0x58, 0x6c,
+		0x36, 0x2c, 0xcc, 0xb4, 0x7c, 0x94, 0xec, 0x06, 0x0b, 0x11,
+		0x53, 0x95, 0xe6, 0x05, 0x43, 0xa4, 0xe4, 0xea, 0x1d, 0x4f,
+		0xdc, 0xd0, 0x38, 0x0e, 0x32, 0xa1, 0xde, 0xd9, 0x8d, 0xd8,
+		0x20, 0xac, 0x04, 0x83, 0xf8, 0x1b, 0x55, 0x52, 0x16, 0x20,
+		0xe3, 0x2e, 0x6d, 0x11, 0x15, 0x29, 0x2f, 0x3a, 0x7c, 0x80,
+		0x0a, 0x71, 0x3d, 0x31, 0x9c, 0x1b, 0x73, 0x59, 0xe1, 0x0d,
+		0x27, 0xc5, 0xc0, 0x6a, 0x72, 0x3a, 0x5b, 0xd6, 0xf6, 0x50,
+		0xe6, 0x69, 0x48, 0x1e, 0xfd, 0xeb, 0x4a, 0x47, 0x73, 0xfb,
+		0x88, 0x14, 0xea, 0x6d, 0x36, 0xe1, 0x4c, 0x2c, 0xf9, 0x04,
+		0xc1, 0xb7, 0x29, 0xfc, 0x5d, 0x02, 0x5d, 0x1c, 0x4d, 0x31,
+		0x4a, 0x51, 0x3f, 0xa4, 0x45, 0x19, 0x29, 0xc4, 0x32, 0xa6,
+		0x45, 0xdb, 0x94, 0x3a, 0xbd, 0x76, 0x2c, 0xd6, 0x1a, 0xb1,
+		0xff, 0xe7, 0x62, 0x75, 0x16, 0xe5, 0x0b, 0xa3, 0x3a, 0x93,
+		0x84, 0xd6, 0xad, 0xc2, 0x24, 0x68, 0x3d, 0xd6, 0x07, 0xe4,
+		0xbe, 0x5a, 0x49, 0x31, 0x06, 0xad, 0x3f, 0x31, 0x4a, 0x1c,
+		0xf7, 0x58, 0xdf, 0x34, 0xcb, 0xc8, 0xa9, 0x07, 0x24, 0x42,
+		0x63, 0xa5, 0x8e, 0xdd, 0x37, 0x78, 0x92, 0x68, 0x3f, 0xd8,
+		0x2f, 0xea, 0x8c, 0xf1, 0x8e, 0xd4, 0x8b, 0xa7, 0x3f, 0xa0,
+		0xfa, 0xaf, 0xf0, 0x35,
+	};
+	static const uint8_t test_x[] = {
+		0x16, 0x5c, 0xa6, 0xe0, 0x9b, 0x87, 0xfa, 0x2d, 0xbc, 0x13,
+		0x20, 0xcd, 0xac, 0x4e, 0xcc, 0x60, 0x1e, 0x48, 0xec, 0xbe,
+		0x73, 0x0c, 0xa8, 0x6b, 0x6e, 0x2a, 0xee, 0xdd, 0xd8, 0xf3,
+		0x2d, 0x5f, 0x75, 0xf3, 0x07, 0x94, 0x88, 0x3d, 0xb1, 0x38,
+		0xcf, 0xae, 0x4a, 0xcc, 0xcb, 0x6a, 0x80, 0xbc, 0xeb, 0x3b,
+		0xaa, 0x0b, 0x18, 0x74, 0x58, 0x7c, 0x3e, 0x74, 0xef, 0xb6,
+		0xd3, 0x15, 0xee, 0x73, 0x29, 0x88, 0x7b, 0x65, 0x02, 0x39,
+		0x33, 0xec, 0x22, 0x06, 0x8c, 0x5b, 0xd6, 0x2f, 0x4c, 0xf7,
+		0xe0, 0x97, 0x6d, 0x2a, 0x90, 0x36, 0xfe, 0x1a, 0x44, 0x4d,
+		0x9d, 0x41, 0x4b, 0xcb, 0xec, 0x25, 0xf4, 0xc3, 0xa5, 0x91,
+		0xd0, 0x90, 0xc9, 0x34, 0x7b, 0xba, 0x27, 0x30, 0x5a, 0xa2,
+		0x21, 0x58, 0xce, 0x88, 0x25, 0x39, 0xaf, 0xf1, 0x17, 0x02,
+		0x12, 0xf8, 0x55, 0xdc, 0xd2, 0x08, 0x5b, 0xd3, 0xc7, 0x8e,
+		0xcf, 0x29, 0x85, 0x85, 0xdb, 0x5c, 0x08, 0xc2, 0xd7, 0xb0,
+		0x33, 0x0e, 0xe3, 0xb9, 0x2c, 0x1a, 0x1d, 0x4b, 0xe5, 0x76,
+		0x8f, 0xd3, 0x14, 0xb6, 0x8c, 0xdc, 0x9a, 0xe8, 0x15, 0x60,
+		0x60, 0x5e, 0xaa, 0xf9, 0xfa, 0xa6, 0xb2, 0x4f, 0xff, 0x46,
+		0xc1, 0x5e, 0x93, 0x50, 0x90, 0x7e, 0x4c, 0x26, 0xd7, 0xbb,
+		0x21, 0x05, 0x3d, 0x27, 0xc5, 0x9b, 0x0d, 0x46, 0x69, 0xe4,
+		0x74, 0x87, 0x74, 0x55, 0xee, 0x5f, 0xe5, 0x72, 0x04, 0x46,
+		0x1f, 0x2e, 0x55, 0xc7, 0xcc, 0x2b, 0x2b, 0x39, 0x6d, 0x90,
+		0x60, 0x31, 0x37, 0x5b, 0x44, 0xde, 0xfd, 0xf2, 0xd1, 0xc6,
+		0x9c, 0x12, 0x82, 0xcc, 0x7c, 0xb1, 0x0e, 0xa9, 0x95, 0x9d,
+		0xe0, 0xa8, 0x3e, 0xc1, 0xa3, 0x4a, 0x6a, 0x37, 0x59, 0x17,
+		0x93, 0x63, 0x1e, 0xbf, 0x04, 0xa3, 0xaa, 0xc0, 0x1d, 0xc4,
+		0x6d, 0x7a, 0xdc, 0x69, 0x9c, 0xb0, 0x22, 0x56, 0xd9, 0x76,
+		0x92, 0x2d, 0x1e, 0x62, 0xae, 0xfd, 0xd6, 0x9b, 0xfd, 0x08,
+		0x2c, 0x95, 0xec, 0xe7, 0x02, 0x43, 0x62, 0x68, 0x1a, 0xaf,
+		0x46, 0x59, 0xb7, 0xce, 0x8e, 0x42, 0x24, 0xae, 0xf7, 0x0e,
+		0x9a, 0x3b, 0xf8, 0x77, 0xdf, 0x26, 0x85, 0x9f, 0x45, 0xad,
+		0x8c, 0xa9, 0x54, 0x9c, 0x46, 0x44, 0xd5, 0x8a, 0xe9, 0xcc,
+		0x34, 0x5e, 0xc5, 0xd1, 0x42, 0x6f, 0x44, 0xf3, 0x0f, 0x90,
+		0x3a, 0x32, 0x1a, 0x9c, 0x2a, 0x63, 0xec, 0x21, 0xb4, 0xfc,
+		0xfa, 0xa5, 0xcf, 0xe7, 0x9e, 0x43, 0xc7, 0x49, 0x56, 0xbc,
+		0x50, 0xc5, 0x84, 0xf0, 0x42, 0xc8, 0x6a, 0xf1, 0x78, 0xe4,
+		0xaa, 0x06, 0x37, 0xe1, 0x30, 0xf7, 0x65, 0x97, 0xca, 0xfd,
+		0x35, 0xfa, 0xeb, 0x48, 0x6d, 0xaa, 0x45, 0x46, 0x9d, 0xbc,
+		0x1d, 0x98, 0x17, 0x45, 0xa3, 0xee, 0x21, 0xa0, 0x97, 0x38,
+		0x80, 0xc5, 0x28, 0x1f,
+	};
+	static const uint8_t test_y[] = { /* y=g^x mod p */
+		0x93, 0xeb, 0x5c, 0x37, 0x1d, 0x3c, 0x06, 0x6f, 0xbf, 0xbe,
+		0x96, 0x51, 0x26, 0x58, 0x81, 0x36, 0xc6, 0x4f, 0x9a, 0x34,
+		0xc4, 0xc5, 0xa8, 0xa3, 0x2c, 0x41, 0x76, 0xa8, 0xc6, 0xc0,
+		0xa0, 0xc8, 0x51, 0x36, 0xc4, 0x40, 0x4e, 0x2c, 0x69, 0xf7,
+		0x51, 0xbb, 0xb0, 0xd6, 0xf5, 0xdb, 0x40, 0x29, 0x50, 0x3b,
+		0x8a, 0xf9, 0xf3, 0x53, 0x78, 0xfc, 0x86, 0xe9, 0xf1, 0xe9,
+		0xac, 0x85, 0x13, 0x65, 0x62, 0x22, 0x04, 0x1b, 0x14, 0x2a,
+		0xf4, 0x8f, 0x2f, 0xf1, 0x2f, 0x81, 0xd6, 0x18, 0x0e, 0x76,
+		0x91, 0x43, 0xb2, 0xfc, 0x7c, 0x6f, 0x0c, 0x45, 0x37, 0x31,
+		0x31, 0x58, 0x5c, 0xdf, 0x42, 0x24, 0x7a, 0xba, 0x8b, 0x7f,
+		0x79, 0x06, 0x07, 0xef, 0xd6, 0x06, 0xeb, 0xcb, 0x3c, 0xbd,
+		0xbc, 0xe5, 0xff, 0xfd, 0x62, 0x15, 0x0c, 0x40, 0x46, 0x37,
+		0xef, 0xd0, 0xa1, 0xde, 0x63, 0x4f, 0x20, 0x0b, 0x45, 0x7d,
+		0x06, 0x77, 0xfd, 0x23, 0xc1, 0x32, 0x8a, 0x89, 0x65, 0x16,
+		0xe8, 0x48, 0x12, 0x1c, 0x25, 0x33, 0x2d, 0xbd, 0xd8, 0x9f,
+		0x1c, 0x9d, 0xbc, 0xe3, 0x08, 0x60, 0x87, 0x1a, 0xc6, 0x06,
+		0x36, 0xd2, 0xac, 0x09, 0x6d, 0x99, 0x02, 0x89, 0xc6, 0x12,
+		0x93, 0x8c, 0x4b, 0xd0, 0x7e, 0x36, 0x8a, 0xd6, 0xa0, 0x97,
+		0x4f, 0x97, 0x3f, 0x97, 0x0b, 0xfe, 0x05, 0xfc, 0xc8, 0xef,
+		0x21, 0x4d, 0x4a, 0x06, 0x6e, 0xb4, 0xa6, 0x4f, 0xe1, 0xdd,
+		0x44, 0x06, 0xfa, 0xd5, 0x0e, 0x54, 0xf5, 0x54, 0x3e, 0x8c,
+		0xb9, 0x85, 0x86, 0x00, 0x40, 0x98, 0xe7, 0x01, 0xdd, 0x93,
+		0x9d, 0x95, 0xea, 0xf0, 0xd3, 0x99, 0x4b, 0xeb, 0xd5, 0x79,
+		0x47, 0xa4, 0xad, 0x2a, 0xe0, 0x4d, 0x36, 0x3b, 0x46, 0x10,
+		0x96, 0xbb, 0x48, 0xe9, 0xa1, 0x78, 0x01, 0x35, 0x0a, 0x5c,
+		0x7b, 0x3f, 0xf5, 0xf7, 0xb1, 0xe3, 0x97, 0x17, 0x4d, 0x76,
+		0x10, 0x8d, 0x68, 0x4c, 0x94, 0x7d, 0xee, 0x0e, 0x20, 0x8b,
+		0xce, 0x7d, 0x0a, 0xa3, 0x51, 0xfb, 0xe6, 0xcf, 0xf0, 0x0e,
+		0x7f, 0x3c, 0xd4, 0xef, 0x56, 0x31, 0xb2, 0x95, 0xf0, 0x5f,
+		0x4b, 0x9c, 0x03, 0x9e, 0xae, 0xb1, 0xc1, 0x46, 0xd7, 0xc0,
+		0x4f, 0xb0, 0xf6, 0x6c, 0xe1, 0xe9, 0x2a, 0x97, 0xe0, 0x3f,
+		0x3a, 0x93, 0x04, 0xcd, 0x41, 0x7d, 0x45, 0x03, 0xb3, 0x40,
+		0x20, 0xe6, 0xad, 0x2d, 0xd3, 0xf7, 0x32, 0x7b, 0xcc, 0x4f,
+		0x81, 0x18, 0x4c, 0x50, 0x77, 0xc4, 0xb7, 0x6a, 0x4d, 0x05,
+		0xd8, 0x6d, 0xbf, 0x6f, 0xba, 0x1d, 0x38, 0x78, 0x87, 0xd2,
+		0x8e, 0xc2, 0x6d, 0xb6, 0xed, 0x66, 0x61, 0xa8, 0xb9, 0x19,
+		0x0e, 0x93, 0xd1, 0xcd, 0x5b, 0xbe, 0x19, 0x05, 0x52, 0x43,
+		0xd6, 0xc1, 0x07, 0x3c, 0x6a, 0x62, 0xbd, 0x33, 0x9b, 0x1b,
+		0x02, 0x42, 0x61, 0x14,
+	};
+
+	gnutls_pk_params_init(&priv);
+	gnutls_pk_params_init(&pub);
+	
+	priv.algo = pub.algo = GNUTLS_PK_DH;
+	
+	ret = _gnutls_mpi_init_scan(&priv.params[DH_P],
+				    gnutls_ffdhe_3072_group_prime.data,
+				    gnutls_ffdhe_3072_group_prime.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_mpi_init_scan(&priv.params[DH_G],
+				    gnutls_ffdhe_3072_group_generator.data,
+				    gnutls_ffdhe_3072_group_generator.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_mpi_init_scan(&priv.params[DH_X], test_x, sizeof(test_x));
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_mpi_init_scan(&pub.params[DH_Y], test_y, sizeof(test_y));
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* check whether Y^X mod p is the expected value */
+	ret = _gnutls_pk_derive(GNUTLS_PK_DH, &out, &priv, &pub);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (sizeof(known_dh_k) != out.size) {
+		ret = GNUTLS_E_SELF_TEST_ERROR;
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (memcmp(out.data, known_dh_k, out.size) != 0) {
+		ret = GNUTLS_E_SELF_TEST_ERROR;
+		gnutls_assert();
+		goto cleanup;
+	}
+	
+	
+	ret = 0;
+cleanup:
+	_gnutls_mpi_release(&pub.params[DH_Y]);
+	_gnutls_mpi_release(&priv.params[DH_G]);
+	_gnutls_mpi_release(&priv.params[DH_P]);
+	_gnutls_mpi_release(&priv.params[DH_X]);
+	gnutls_free(out.data);
+
+	if (ret < 0) {
+		_gnutls_debug_log("DH self test failed\n");
+	} else {
+		_gnutls_debug_log("DH self test succeeded\n");
+	}
+
+	return ret;
+}
+
+/* Known answer tests for DH */
+static int test_ecdh(void)
+{
+	int ret;
+	gnutls_pk_params_st priv;
+	gnutls_pk_params_st pub;
+	gnutls_datum_t out = {NULL, 0};
+	static const uint8_t known_key[] = { 
+		0x22, 0x7a, 0x95, 0x98, 0x5f, 0xb1, 0x25, 0x79, 
+		0xee, 0x07, 0xe3, 0x8b, 0x1a, 0x97, 0x1d, 0x63, 
+		0x53, 0xa8, 0xbd, 0xde, 0x67, 0x4b, 0xcf, 0xa4, 
+		0x5f, 0x5e, 0x67, 0x27, 0x6d, 0x86, 0x27, 0x26 };
+	static const uint8_t test_k[] = { /* priv */
+		0x52, 0x9c, 0x30, 0xac, 0x6b, 0xce, 0x71, 0x9a, 
+		0x37, 0xcd, 0x40, 0x93, 0xbf, 0xf0, 0x36, 0x89, 
+		0x53, 0xcc, 0x0e, 0x17, 0xc6, 0xb6, 0xe2, 0x6a, 
+		0x3c, 0x2c, 0x51, 0xdb, 0xa6, 0x69, 0x8c, 0xb1 };
+	static const uint8_t test_x[] = {
+		0x51, 0x35, 0xd1, 0xd2, 0xb6, 0xad, 0x13, 0xf4, 
+		0xa2, 0x25, 0xd3, 0x85, 0x83, 0xbe, 0x42, 0x1e, 
+		0x19, 0x09, 0x54, 0x39, 0x00, 0x46, 0x91, 0x49, 
+		0x0f, 0x3f, 0xaf, 0x3f, 0x67, 0xda, 0x10, 0x6f };
+	static const uint8_t test_y[] = { /* y=g^x mod p */
+		0x07, 0x3a, 0xa1, 0xa2, 0x47, 0x3d, 0xa2, 0x74, 
+		0x74, 0xc2, 0xde, 0x62, 0xb6, 0xb9, 0x59, 0xc9, 
+		0x56, 0xf6, 0x9e, 0x17, 0xea, 0xbf, 0x7d, 0xa1, 
+		0xd7, 0x65, 0xd6, 0x7b, 0xac, 0xca, 0xd5, 0xe3 };
+	gnutls_pk_params_init(&priv);
+	gnutls_pk_params_init(&pub);
+	
+	priv.curve = GNUTLS_ECC_CURVE_SECP256R1;
+	pub.curve = GNUTLS_ECC_CURVE_SECP256R1;
+	
+	priv.algo = pub.algo = GNUTLS_PK_EC;
+	
+	ret = _gnutls_mpi_init_scan(&priv.params[ECC_K], test_k, sizeof(test_k));
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_mpi_init_scan(&priv.params[ECC_X], test_x, sizeof(test_x));
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_mpi_init_scan(&priv.params[ECC_Y], test_y, sizeof(test_y));
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_mpi_init_scan(&pub.params[ECC_X], test_x, sizeof(test_x));
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_mpi_init_scan(&pub.params[ECC_Y], test_y, sizeof(test_y));
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* check whether Y^X mod p is the expected value */
+	ret = _gnutls_pk_derive(GNUTLS_PK_EC, &out, &priv, &pub);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (sizeof(known_key) != out.size) {
+		ret = GNUTLS_E_SELF_TEST_ERROR;
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (memcmp(out.data, known_key, out.size) != 0) {
+		ret = GNUTLS_E_SELF_TEST_ERROR;
+		gnutls_assert();
+		goto cleanup;
+	}
+	
+	ret = 0;
+cleanup:
+	_gnutls_mpi_release(&pub.params[ECC_Y]);
+	_gnutls_mpi_release(&pub.params[ECC_X]);
+	_gnutls_mpi_release(&priv.params[ECC_K]);
+	_gnutls_mpi_release(&priv.params[ECC_X]);
+	_gnutls_mpi_release(&priv.params[ECC_Y]);
+	gnutls_free(out.data);
+
+	if (ret < 0) {
+		_gnutls_debug_log("ECDH self test failed\n");
+	} else {
+		_gnutls_debug_log("ECDH self test succeeded\n");
+	}
+
+	return ret;
+}
+
+/*-
+ * gnutls_pk_self_test:
+ * @flags: GNUTLS_SELF_TEST_FLAG flags
+ * @pk: the algorithm to use
+ *
+ * This function will run self tests on the provided public key algorithm.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.3.0-FIPS140
+ -*/
+int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)
+{
+	int ret;
+
+	bool is_post = false;
+	bool is_fips140_mode_enabled = false;
+
+	if (flags & GNUTLS_SELF_TEST_FLAG_ALL)
+		pk = GNUTLS_PK_UNKNOWN;
+
+	if (_gnutls_get_lib_state() == LIB_STATE_SELFTEST)
+		is_post = true;
+
+	if (gnutls_fips140_mode_enabled())
+		is_fips140_mode_enabled = true;
+
+	switch (pk) {
+	case GNUTLS_PK_UNKNOWN:
+		FALLTHROUGH;
+	case GNUTLS_PK_DH:
+		ret = test_dh();
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+			return 0;
+		FALLTHROUGH;
+	case GNUTLS_PK_RSA:
+		PK_KNOWN_TEST(GNUTLS_PK_RSA, 2048, GNUTLS_DIG_SHA256,
+			      rsa_2048_privkey, rsa_2048_sig, 0);
+
+		PK_TEST(GNUTLS_PK_RSA, test_rsa_enc, 2048, 0);
+
+		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+			return 0;
+
+		FALLTHROUGH;
+	case GNUTLS_PK_RSA_PSS:
+		PK_TEST(GNUTLS_PK_RSA_PSS, test_sig, 2048,
+			GNUTLS_SIGN_RSA_PSS_RSAE_SHA256);
+
+		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+			return 0;
+
+		FALLTHROUGH;
+	case GNUTLS_PK_DSA:
+		if (is_post || !is_fips140_mode_enabled) {
+			PK_KNOWN_TEST(GNUTLS_PK_DSA, 2048, GNUTLS_DIG_SHA256,
+				      dsa_2048_privkey, dsa_2048_sig,
+				      GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE);
+		} else {
+			PK_TEST(GNUTLS_PK_DSA, test_sig, 2048,
+				GNUTLS_SIGN_DSA_SHA256);
+		}
+
+		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+			return 0;
+
+		FALLTHROUGH;
+	case GNUTLS_PK_EC:
+		/* Test ECDH and ECDSA */
+		ret = test_ecdh();
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		/* Test ECDSA */
+		if (is_post || !is_fips140_mode_enabled) {
+			PK_KNOWN_TEST(GNUTLS_PK_EC,
+					  GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1),
+					  GNUTLS_DIG_SHA256, ecdsa_secp256r1_privkey,
+					  ecdsa_secp256r1_sig, GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE);
+		} else {
+			PK_TEST(GNUTLS_PK_EC, test_sig,
+				GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1),
+				GNUTLS_SIGN_ECDSA_SHA256);
+		}
+
+		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+			return 0;
+
+		if (is_post || !is_fips140_mode_enabled) {
+			PK_KNOWN_TEST(GNUTLS_PK_EC,
+					  GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP384R1),
+					  GNUTLS_DIG_SHA384, ecdsa_secp384r1_privkey,
+					  ecdsa_secp384r1_sig, GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE);
+		} else {
+			PK_TEST(GNUTLS_PK_EC, test_sig,
+				GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP384R1),
+				GNUTLS_SIGN_ECDSA_SHA384);
+		}
+
+		if (is_post || !is_fips140_mode_enabled) {
+			PK_KNOWN_TEST(GNUTLS_PK_EC,
+					  GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP521R1),
+					  GNUTLS_DIG_SHA512, ecdsa_secp521r1_privkey,
+					  ecdsa_secp521r1_sig, GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE);
+		} else {
+			PK_TEST(GNUTLS_PK_EC, test_sig,
+				GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP521R1),
+				GNUTLS_SIGN_ECDSA_SHA512);
+		}
+
+#ifdef ENABLE_NON_SUITEB_CURVES
+		if (is_post || !is_fips140_mode_enabled) {
+			PK_KNOWN_TEST(GNUTLS_PK_EC,
+					  GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP192R1),
+					  GNUTLS_DIG_SHA256, ecdsa_secp192r1_privkey,
+					  ecdsa_secp192r1_sig, GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE);
+		} else {
+			PK_TEST(GNUTLS_PK_EC, test_sig,
+				GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP192R1),
+				GNUTLS_SIGN_ECDSA_SHA256);
+		}
+
+		if (is_post || !is_fips140_mode_enabled) {
+			PK_KNOWN_TEST(GNUTLS_PK_EC,
+					  GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP224R1),
+					  GNUTLS_DIG_SHA256, ecdsa_secp224r1_privkey,
+					  ecdsa_secp224r1_sig, GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE);
+		} else {
+			PK_TEST(GNUTLS_PK_EC, test_sig,
+				GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP224R1),
+				GNUTLS_SIGN_ECDSA_SHA256);
+		}
+#endif
+
+
+#if ENABLE_GOST
+		FALLTHROUGH;
+	case GNUTLS_PK_GOST_01:
+		PK_TEST(GNUTLS_PK_GOST_01, test_sig,
+			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST256CPA),
+			GNUTLS_SIGN_GOST_94);
+
+		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+			return 0;
+
+		FALLTHROUGH;
+	case GNUTLS_PK_GOST_12_256:
+		PK_TEST(GNUTLS_PK_GOST_12_256, test_sig,
+			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST256CPA),
+			GNUTLS_SIGN_GOST_256);
+
+		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+			return 0;
+
+		FALLTHROUGH;
+	case GNUTLS_PK_GOST_12_512:
+		PK_TEST(GNUTLS_PK_GOST_12_512, test_sig,
+			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST512A),
+			GNUTLS_SIGN_GOST_512);
+
+		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+			return 0;
+#endif
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_NO_SELF_TEST);
+	}
+
+	ret = 0;
+
+      cleanup:
+	return ret;
+}
diff --git a/lib/crypto-selftests.c b/lib/crypto-selftests.c
new file mode 100644
index 0000000..e51e082
--- /dev/null
+++ b/lib/crypto-selftests.c
@@ -0,0 +1,3394 @@
+/*
+ * Copyright (C) 2013-2018 Red Hat
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <cipher_int.h>
+#include <datum.h>
+#include <gnutls/crypto.h>
+#include <gnutls/self-test.h>
+#include "errors.h"
+#include <random.h>
+#include <crypto.h>
+#include <nettle/sha3.h>
+
+#define STR(tag, tag_size, val) \
+	.tag = (uint8_t*)val, \
+	.tag_size = (sizeof(val)-1)
+
+#define V(x) (x), (sizeof(x)/sizeof(x[0]))
+
+/* This does check the AES and SHA implementation against test vectors.
+ * This should not run under valgrind in order to use the native
+ * cpu instructions (AES-NI or padlock).
+ */
+
+struct cipher_vectors_st {
+	const uint8_t *key;
+	unsigned int key_size;
+
+	const uint8_t *plaintext;
+	unsigned int plaintext_size;
+	const uint8_t *ciphertext;	/* also of plaintext_size */
+
+	const uint8_t *iv;
+	unsigned int iv_size;
+
+	const uint8_t *internal_iv;
+	unsigned int internal_iv_size;
+};
+
+struct cipher_aead_vectors_st {
+	unsigned compat_apis;
+	const uint8_t *key;
+	unsigned int key_size;
+
+	const uint8_t *auth;
+	unsigned int auth_size;
+
+	const uint8_t *plaintext;
+	unsigned int plaintext_size;
+	const uint8_t *ciphertext;	/* also of plaintext_size */
+
+	unsigned int iv_size;
+	const uint8_t *iv;
+	const uint8_t *tag;
+	unsigned tag_size;
+	unsigned tag_prepended;
+};
+
+const struct cipher_aead_vectors_st chacha_poly1305_vectors[] = {
+	{
+	 .compat_apis = 1,
+	 STR(key, key_size,
+	     "\x1c\x92\x40\xa5\xeb\x55\xd3\x8a\xf3\x33\x88\x86\x04\xf6\xb5\xf0\x47\x39\x17\xc1\x40\x2b\x80\x09\x9d\xca\x5c\xbc\x20\x70\x75\xc0"),
+	 .auth = (void*)"\xf3\x33\x88\x86\x00\x00\x00\x00\x00\x00\x4e\x91",
+	 .auth_size = 12,
+	 .plaintext = (void*)"\x49\x6e\x74\x65\x72\x6e\x65\x74\x2d\x44\x72\x61\x66\x74\x73\x20\x61\x72\x65\x20\x64\x72\x61\x66\x74\x20\x64\x6f\x63\x75\x6d\x65\x6e\x74\x73\x20\x76\x61\x6c\x69\x64\x20\x66\x6f\x72\x20\x61\x20\x6d\x61\x78\x69\x6d\x75\x6d\x20\x6f\x66\x20\x73\x69\x78\x20\x6d\x6f\x6e\x74\x68\x73\x20\x61\x6e\x64\x20\x6d\x61\x79\x20\x62\x65\x20\x75\x70\x64\x61\x74\x65\x64\x2c\x20\x72\x65\x70\x6c\x61\x63\x65\x64\x2c\x20\x6f\x72\x20\x6f\x62\x73\x6f\x6c\x65\x74\x65\x64\x20\x62\x79\x20\x6f\x74\x68\x65\x72\x20\x64\x6f\x63\x75\x6d\x65\x6e\x74\x73\x20\x61\x74\x20\x61\x6e\x79\x20\x74\x69\x6d\x65\x2e\x20\x49\x74\x20\x69\x73\x20\x69\x6e\x61\x70\x70\x72\x6f\x70\x72\x69\x61\x74\x65\x20\x74\x6f\x20\x75\x73\x65\x20\x49\x6e\x74\x65\x72\x6e\x65\x74\x2d\x44\x72\x61\x66\x74\x73\x20\x61\x73\x20\x72\x65\x66\x65\x72\x65\x6e\x63\x65\x20\x6d\x61\x74\x65\x72\x69\x61\x6c\x20\x6f\x72\x20\x74\x6f\x20\x63\x69\x74\x65\x20\x74\x68\x65\x6d\x20\x6f\x74\x68\x65\x72\x20\x74\x68\x61\x6e\x20\x61\x73\x20\x2f\xe2\x80\x9c\x77\x6f\x72\x6b\x20\x69\x6e\x20\x70\x72\x6f\x67\x72\x65\x73\x73\x2e\x2f\xe2\x80\x9d",
+	 .plaintext_size = 265,
+	 .ciphertext = (void*)"\x64\xa0\x86\x15\x75\x86\x1a\xf4\x60\xf0\x62\xc7\x9b\xe6\x43\xbd\x5e\x80\x5c\xfd\x34\x5c\xf3\x89\xf1\x08\x67\x0a\xc7\x6c\x8c\xb2\x4c\x6c\xfc\x18\x75\x5d\x43\xee\xa0\x9e\xe9\x4e\x38\x2d\x26\xb0\xbd\xb7\xb7\x3c\x32\x1b\x01\x00\xd4\xf0\x3b\x7f\x35\x58\x94\xcf\x33\x2f\x83\x0e\x71\x0b\x97\xce\x98\xc8\xa8\x4a\xbd\x0b\x94\x81\x14\xad\x17\x6e\x00\x8d\x33\xbd\x60\xf9\x82\xb1\xff\x37\xc8\x55\x97\x97\xa0\x6e\xf4\xf0\xef\x61\xc1\x86\x32\x4e\x2b\x35\x06\x38\x36\x06\x90\x7b\x6a\x7c\x02\xb0\xf9\xf6\x15\x7b\x53\xc8\x67\xe4\xb9\x16\x6c\x76\x7b\x80\x4d\x46\xa5\x9b\x52\x16\xcd\xe7\xa4\xe9\x90\x40\xc5\xa4\x04\x33\x22\x5e\xe2\x82\xa1\xb0\xa0\x6c\x52\x3e\xaf\x45\x34\xd7\xf8\x3f\xa1\x15\x5b\x00\x47\x71\x8c\xbc\x54\x6a\x0d\x07\x2b\x04\xb3\x56\x4e\xea\x1b\x42\x22\x73\xf5\x48\x27\x1a\x0b\xb2\x31\x60\x53\xfa\x76\x99\x19\x55\xeb\xd6\x31\x59\x43\x4e\xce\xbb\x4e\x46\x6d\xae\x5a\x10\x73\xa6\x72\x76\x27\x09\x7a\x10\x49\xe6\x17\xd9\x1d\x36\x10\x94\xfa\x68\xf0\xff\x77\x98\x71\x30\x30\x5b\xea\xba\x2e\xda\x04\xdf\x99\x7b\x71\x4d\x6c\x6f\x2c\x29\xa6\xad\x5c\xb4\x02\x2b\x02\x70\x9b",
+	 STR(iv, iv_size,
+	     "\x00\x00\x00\x00\x01\x02\x03\x04\x05\x06\x07\x08"),
+	 .tag_size = 16,
+	 .tag = (void *)
+	 "\xee\xad\x9d\x67\x89\x0c\xbb\x22\x39\x23\x36\xfe\xa1\x85\x1f\x38"},
+};
+
+const struct cipher_aead_vectors_st aes128_gcm_vectors[] = {
+	{
+	 .compat_apis = 1,
+	 STR(key, key_size,
+	     "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"),
+	 .auth = NULL,
+	 .auth_size = 0,
+	 .plaintext = NULL,
+	 .plaintext_size = 0,
+	 .ciphertext = NULL,
+	 STR(iv, iv_size,
+	     "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"),
+	 .tag_size = 16,
+	 .tag = (void *)
+	 "\x58\xe2\xfc\xce\xfa\x7e\x30\x61\x36\x7f\x1d\x57\xa4\xe7\x45\x5a"},
+	{
+	 .compat_apis = 1,
+	 STR(key, key_size,
+	     "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"),
+	 .auth = NULL,
+	 .auth_size = 0,
+	 STR(plaintext, plaintext_size,
+	     "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"),
+	 .ciphertext = (void *)
+	 "\x03\x88\xda\xce\x60\xb6\xa3\x92\xf3\x28\xc2\xb9\x71\xb2\xfe\x78",
+	 STR(iv, iv_size,
+	     "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"),
+	 .tag_size = 16,
+	 .tag = (void *)
+	 "\xab\x6e\x47\xd4\x2c\xec\x13\xbd\xf5\x3a\x67\xb2\x12\x57\xbd\xdf"},
+	{
+	 .compat_apis = 1,
+	 STR(key, key_size,
+	     "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"),
+	 .auth = (void *)
+	 "\xfe\xed\xfa\xce\xde\xad\xbe\xef\xfe\xed\xfa\xce\xde\xad\xbe\xef\xab\xad\xda\xd2",
+	 .auth_size = 20,
+	 STR(plaintext, plaintext_size,
+	     "\xd9\x31\x32\x25\xf8\x84\x06\xe5\xa5\x59\x09\xc5\xaf\xf5\x26\x9a\x86\xa7\xa9\x53\x15\x34\xf7\xda\x2e\x4c\x30\x3d\x8a\x31\x8a\x72\x1c\x3c\x0c\x95\x95\x68\x09\x53\x2f\xcf\x0e\x24\x49\xa6\xb5\x25\xb1\x6a\xed\xf5\xaa\x0d\xe6\x57\xba\x63\x7b\x39"),
+	 .ciphertext = (void *)
+	 "\x42\x83\x1e\xc2\x21\x77\x74\x24\x4b\x72\x21\xb7\x84\xd0\xd4\x9c\xe3\xaa\x21\x2f\x2c\x02\xa4\xe0\x35\xc1\x7e\x23\x29\xac\xa1\x2e\x21\xd5\x14\xb2\x54\x66\x93\x1c\x7d\x8f\x6a\x5a\xac\x84\xaa\x05\x1b\xa3\x0b\x39\x6a\x0a\xac\x97\x3d\x58\xe0\x91",
+	 STR(iv, iv_size,
+	     "\xca\xfe\xba\xbe\xfa\xce\xdb\xad\xde\xca\xf8\x88"),
+	 .tag_size = 16,
+	 .tag = (void *)
+	 "\x5b\xc9\x4f\xbc\x32\x21\xa5\xdb\x94\xfa\xe9\x5a\xe7\x12\x1a\x47"}
+};
+
+const struct cipher_aead_vectors_st aes192_gcm_vectors[] = {
+	{
+	 .compat_apis = 1,
+	 STR(key, key_size,
+	     "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08\xfe\xff\xe9\x92\x86\x65\x73\x1c"),
+	 .auth = NULL,
+	 .auth_size = 0,
+	 STR(plaintext, plaintext_size,
+	     "\xd9\x31\x32\x25\xf8\x84\x06\xe5\xa5\x59\x09\xc5\xaf\xf5\x26\x9a\x86\xa7\xa9\x53\x15\x34\xf7\xda\x2e\x4c\x30\x3d\x8a\x31\x8a\x72\x1c\x3c\x0c\x95\x95\x68\x09\x53\x2f\xcf\x0e\x24\x49\xa6\xb5\x25\xb1\x6a\xed\xf5\xaa\x0d\xe6\x57\xba\x63\x7b\x39\x1a\xaf\xd2\x55"),
+	 .ciphertext =
+	 (uint8_t *)
+	 "\x39\x80\xca\x0b\x3c\x00\xe8\x41\xeb\x06\xfa\xc4\x87\x2a\x27\x57\x85\x9e\x1c\xea\xa6\xef\xd9\x84\x62\x85\x93\xb4\x0c\xa1\xe1\x9c\x7d\x77\x3d\x00\xc1\x44\xc5\x25\xac\x61\x9d\x18\xc8\x4a\x3f\x47\x18\xe2\x44\x8b\x2f\xe3\x24\xd9\xcc\xda\x27\x10\xac\xad\xe2\x56",
+	 STR(iv, iv_size,
+	     "\xca\xfe\xba\xbe\xfa\xce\xdb\xad\xde\xca\xf8\x88"),
+	 .tag_size = 16,
+	 .tag =
+	 (void *)
+	 "\x99\x24\xa7\xc8\x58\x73\x36\xbf\xb1\x18\x02\x4d\xb8\x67\x4a\x14"},
+
+};
+
+const struct cipher_aead_vectors_st aes256_gcm_vectors[] = {
+	{
+	 .compat_apis = 1,
+	 STR(key, key_size,
+	     "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"),
+	 .auth = NULL,
+	 .auth_size = 0,
+	 STR(plaintext, plaintext_size,
+	     "\xd9\x31\x32\x25\xf8\x84\x06\xe5\xa5\x59\x09\xc5\xaf\xf5\x26\x9a\x86\xa7\xa9\x53\x15\x34\xf7\xda\x2e\x4c\x30\x3d\x8a\x31\x8a\x72\x1c\x3c\x0c\x95\x95\x68\x09\x53\x2f\xcf\x0e\x24\x49\xa6\xb5\x25\xb1\x6a\xed\xf5\xaa\x0d\xe6\x57\xba\x63\x7b\x39\x1a\xaf\xd2\x55"),
+	 .ciphertext =
+	 (uint8_t *)
+	 "\x52\x2d\xc1\xf0\x99\x56\x7d\x07\xf4\x7f\x37\xa3\x2a\x84\x42\x7d\x64\x3a\x8c\xdc\xbf\xe5\xc0\xc9\x75\x98\xa2\xbd\x25\x55\xd1\xaa\x8c\xb0\x8e\x48\x59\x0d\xbb\x3d\xa7\xb0\x8b\x10\x56\x82\x88\x38\xc5\xf6\x1e\x63\x93\xba\x7a\x0a\xbc\xc9\xf6\x62\x89\x80\x15\xad",
+	 STR(iv, iv_size,
+	     "\xca\xfe\xba\xbe\xfa\xce\xdb\xad\xde\xca\xf8\x88"),
+	 .tag_size = 16,
+	 .tag =
+	 (void *)
+	 "\xb0\x94\xda\xc5\xd9\x34\x71\xbd\xec\x1a\x50\x22\x70\xe3\xcc\x6c"},
+
+};
+
+const struct cipher_aead_vectors_st aes256_ccm_vectors[] = {
+	{
+	 .compat_apis = 0,
+	 STR(key, key_size,
+	     "\xfb\x76\x15\xb2\x3d\x80\x89\x1d\xd4\x70\x98\x0b\xc7\x95\x84\xc8\xb2\xfb\x64\xce\x60\x97\x8f\x4d\x17\xfc\xe4\x5a\x49\xe8\x30\xb7"),
+	 .auth = NULL,
+	 .auth_size = 0,
+	 STR(plaintext, plaintext_size,
+	     "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e"),
+	 .ciphertext = (void *)
+	     "\xcc\x88\x12\x61\xc6\xa7\xfa\x72\xb9\x6a\x17\x39\x17\x6b\x27\x7f",
+	 STR(iv, iv_size,
+	     "\xdb\xd1\xa3\x63\x60\x24\xb7\xb4\x02\xda\x7d\x6f"),
+	 .tag_size = 16,
+	 .tag = (void *)
+	     "\x34\x72\xe1\x14\x5f\x2c\x0c\xbe\x14\x63\x49\x06\x2c\xf0\xe4\x23"},
+	{
+	 .compat_apis = 0,
+	 STR(key, key_size,
+	     "\xfb\x76\x15\xb2\x3d\x80\x89\x1d\xd4\x70\x98\x0b\xc7\x95\x84\xc8\xb2\xfb\x64\xce\x60\x97\x87\x8d\x17\xfc\xe4\x5a\x49\xe8\x30\xb7"),
+	 STR(auth, auth_size, "\x36"),
+	 STR(plaintext, plaintext_size,
+	     "\xa9"),
+	 .ciphertext = (void *)
+	     "\x9d",
+	 STR(iv, iv_size,
+	     "\xdb\xd1\xa3\x63\x60\x24\xb7\xb4\x02\xda\x7d\x6f"),
+	 .tag_size = 16,
+	 .tag = (void *)
+	     "\x32\x61\xb1\xcf\x93\x14\x31\xe9\x9a\x32\x80\x67\x38\xec\xbd\x2a"},
+};
+
+const struct cipher_aead_vectors_st aes128_ccm_vectors[] = {
+	{
+	 .compat_apis = 0,
+	 STR(key, key_size,
+	     "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF"),
+	 STR(auth, auth_size, "\x08\xD0\x84\x21\x43\x01\x00\x00\x00\x00\x48\xDE\xAC\x02\x05\x00\x00\x00\x55\xCF\x00\x00\x51\x52\x53\x54"),
+	 .plaintext = NULL,
+	 .plaintext_size = 0,
+	 STR(iv, iv_size,
+	     "\xAC\xDE\x48\x00\x00\x00\x00\x01\x00\x00\x00\x05\x02"),
+	 .tag_size = 8,
+	 .tag = (void *)
+	     "\x22\x3B\xC1\xEC\x84\x1A\xB5\x53"},
+	{
+	 .compat_apis = 0,
+	 STR(key, key_size,
+	     "\x40\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"),
+	 STR(auth, auth_size, "\x00\x01\x02\x03\x04\x05\x06\x07"),
+	 STR(plaintext, plaintext_size,
+	     "\x20\x21\x22\x23"),
+	 .ciphertext = (void *)
+	     "\x71\x62\x01\x5b",
+	 STR(iv, iv_size,
+	     "\x10\x11\x12\x13\x14\x15\x16"),
+	 .tag_size = 4,
+	 .tag = (void *)
+	     "\x4d\xac\x25\x5d"},
+	/* from rfc3610 */
+	{
+	 .compat_apis = 0,
+	 STR(key, key_size,
+	     "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF"),
+	 STR(auth, auth_size, "\x00\x01\x02\x03\x04\x05\x06\x07"),
+	 STR(plaintext, plaintext_size,
+	     "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E"),
+	 .ciphertext = (void *)
+	     "\x01\x35\xD1\xB2\xC9\x5F\x41\xD5\xD1\xD4\xFE\xC1\x85\xD1\x66\xB8\x09\x4E\x99\x9D\xFE\xD9\x6C",
+	 STR(iv, iv_size,
+	     "\x00\x00\x00\x09\x08\x07\x06\xA0\xA1\xA2\xA3\xA4\xA5"),
+	 .tag_size = 10,
+	 .tag = (void *)
+	     "\x04\x8C\x56\x60\x2C\x97\xAC\xBB\x74\x90"},
+	{
+	 .compat_apis = 0,
+	 STR(key, key_size,
+	     "\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF"),
+	 STR(auth, auth_size, "\x00\x01\x02\x03\x04\x05\x06\x07"),
+	 STR(plaintext, plaintext_size,
+	     "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E"),
+	 .ciphertext = (void *)
+	     "\x58\x8C\x97\x9A\x61\xC6\x63\xD2\xF0\x66\xD0\xC2\xC0\xF9\x89\x80\x6D\x5F\x6B\x61\xDA\xC3\x84",
+	 STR(iv, iv_size,
+	     "\x00\x00\x00\x03\x02\x01\x00\xA0\xA1\xA2\xA3\xA4\xA5"),
+	 .tag_size = 8,
+	 .tag = (void *)
+	     "\x17\xE8\xD1\x2C\xFD\xF9\x26\xE0"},
+};
+
+const struct cipher_vectors_st aes128_cbc_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c"),
+	 STR(plaintext, plaintext_size,
+	     "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"),
+	 .ciphertext = (uint8_t *)
+	 "\x76\x49\xab\xac\x81\x19\xb2\x46\xce\xe9\x8e\x9b\x12\xe9\x19\x7d",
+	 STR(iv, iv_size,
+	     "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F"),
+	 },
+	{
+	 STR(key, key_size,
+	     "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c"),
+	 STR(plaintext, plaintext_size,
+	     "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"),
+	 .ciphertext =
+	 (uint8_t *)
+	 "\x50\x86\xcb\x9b\x50\x72\x19\xee\x95\xdb\x11\x3a\x91\x76\x78\xb2",
+	 STR(iv, iv_size,
+	     "\x76\x49\xab\xac\x81\x19\xb2\x46\xce\xe9\x8e\x9b\x12\xe9\x19\x7d"),
+	 },
+};
+
+const struct cipher_vectors_st aes192_cbc_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5\x62\xf8\xea\xd2\x52\x2c\x6b\x7b"),
+	 STR(plaintext, plaintext_size,
+	     "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"),
+	 .ciphertext = (uint8_t *)
+	 "\x4f\x02\x1d\xb2\x43\xbc\x63\x3d\x71\x78\x18\x3a\x9f\xa0\x71\xe8",
+	 STR(iv, iv_size,
+	     "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F"),
+	 },
+	{
+	 STR(key, key_size,
+	     "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5\x62\xf8\xea\xd2\x52\x2c\x6b\x7b"),
+	 STR(plaintext, plaintext_size,
+	     "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"),
+	 .ciphertext = (uint8_t *)
+	 "\xb4\xd9\xad\xa9\xad\x7d\xed\xf4\xe5\xe7\x38\x76\x3f\x69\x14\x5a",
+	 STR(iv, iv_size,
+	     "\x4F\x02\x1D\xB2\x43\xBC\x63\x3D\x71\x78\x18\x3A\x9F\xA0\x71\xE8"),
+	 },
+};
+
+const struct cipher_vectors_st aes256_cbc_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4"),
+	 STR(plaintext, plaintext_size,
+	     "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"),
+	 .ciphertext = (uint8_t *)
+	 "\xF5\x8C\x4C\x04\xD6\xE5\xF1\xBA\x77\x9E\xAB\xFB\x5F\x7B\xFB\xD6",
+	 STR(iv, iv_size,
+	     "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F"),
+	 },
+	{
+	 STR(key, key_size,
+	     "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4"),
+	 STR(plaintext, plaintext_size,
+	     "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"),
+	 .ciphertext = (uint8_t *)
+	 "\x9c\xfc\x4e\x96\x7e\xdb\x80\x8d\x67\x9f\x77\x7b\xc6\x70\x2c\x7d",
+	 STR(iv, iv_size,
+	     "\xF5\x8C\x4C\x04\xD6\xE5\xF1\xBA\x77\x9E\xAB\xFB\x5F\x7B\xFB\xD6"),
+	 },
+};
+
+const struct cipher_vectors_st tdes_cbc_vectors[] = {
+/* First 2 from https://www.cosic.esat.kuleuven.be/nessie/testvectors/bc/des/Triple-Des-3-Key-192-64.unverified.test-vectors */
+	{
+	 STR(key, key_size,
+	     "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17"),
+	 STR(plaintext, plaintext_size,
+	     "\x98\x26\x62\x60\x55\x53\x24\x4D"),
+	 .ciphertext = (uint8_t *)
+	 "\x00\x11\x22\x33\x44\x55\x66\x77",
+	 STR(iv, iv_size, "\x00\x00\x00\x00\x00\x00\x00\x00"),
+	 },
+	{
+	 STR(key, key_size,
+	     "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00\x95\x2C\x49\x10\x48\x81\xFF\x48\x2B\xD6\x45\x9F\x82\xC5\xB3\x00"),
+	 STR(plaintext, plaintext_size,
+	     "\x85\x98\x53\x8A\x8E\xCF\x11\x7D"),
+	 .ciphertext = (uint8_t *)
+	 "\xEA\x02\x47\x14\xAD\x5C\x4D\x84",
+	 STR(iv, iv_size, "\x00\x00\x00\x00\x00\x00\x00\x00"),
+	 },
+};
+
+const struct cipher_vectors_st arcfour_vectors[] = { /* RFC6229 */
+	{
+	 STR(key, key_size,
+	     "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18"),
+	 STR(plaintext, plaintext_size,
+	     "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"),
+	 .ciphertext = (uint8_t *)
+	     "\x05\x95\xe5\x7f\xe5\xf0\xbb\x3c\x70\x6e\xda\xc8\xa4\xb2\xdb\x11",
+	 .iv = NULL,
+	 .iv_size = 0
+	},
+	{
+	 STR(key, key_size,
+	     "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20"),
+	 STR(plaintext, plaintext_size,
+	     "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"),
+	 .ciphertext = (uint8_t *)
+	     "\xea\xa6\xbd\x25\x88\x0b\xf9\x3d\x3f\x5d\x1e\x4c\xa2\x61\x1d\x91",
+	 .iv = NULL,
+	 .iv_size = 0
+	},
+	{
+	 STR(key, key_size,
+	     "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10"),
+	 STR(plaintext, plaintext_size,
+	     "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"),
+	 .ciphertext = (uint8_t *)
+	 "\x9a\xc7\xcc\x9a\x60\x9d\x1e\xf7\xb2\x93\x28\x99\xcd\xe4\x1b\x97",
+	 .iv = NULL,
+	 .iv_size = 0
+	},
+};
+
+const struct cipher_vectors_st aes128_cfb8_vectors[] = { /* NIST 800-38a */
+	{
+	 STR(key, key_size,
+	     "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c"),
+	 STR(plaintext, plaintext_size,
+	     "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
+             "\xae\x2d"),
+	 .ciphertext = (uint8_t *)
+	     "\x3b\x79\x42\x4c\x9c\x0d\xd4\x36\xba\xce\x9e\x0e\xd4\x58\x6a\x4f"
+             "\x32\xb9",
+	 STR(iv, iv_size,
+	     "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"),
+	 /* the least significant 16 bytes of ciphertext */
+	 STR(internal_iv, internal_iv_size,
+	     "\x42\x4c\x9c\x0d\xd4\x36\xba\xce\x9e\x0e\xd4\x58\x6a\x4f\x32\xb9"),
+	 },
+};
+
+const struct cipher_vectors_st aes192_cfb8_vectors[] = { /* NIST 800-38a */
+	{
+	 STR(key, key_size,
+	     "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
+             "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b"),
+	 STR(plaintext, plaintext_size,
+	     "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
+             "\xae\x2d"),
+	 .ciphertext = (uint8_t *)
+	     "\xcd\xa2\x52\x1e\xf0\xa9\x05\xca\x44\xcd\x05\x7c\xbf\x0d\x47\xa0"
+             "\x67\x8a",
+	 STR(iv, iv_size,
+	     "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"),
+	 /* the least significant 16 bytes of ciphertext */
+	 STR(internal_iv, internal_iv_size,
+	     "\x52\x1e\xf0\xa9\x05\xca\x44\xcd\x05\x7c\xbf\x0d\x47\xa0\x67\x8a"),
+	 },
+};
+
+const struct cipher_vectors_st aes256_cfb8_vectors[] = { /* NIST 800-38a */
+	{
+	 STR(key, key_size,
+	     "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
+             "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4"),
+	 STR(plaintext, plaintext_size,
+	     "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
+             "\xae\x2d"),
+	 .ciphertext = (uint8_t *)
+	     "\xdc\x1f\x1a\x85\x20\xa6\x4d\xb5\x5f\xcc\x8a\xc5\x54\x84\x4e\x88"
+             "\x97\x00",
+	 STR(iv, iv_size,
+	     "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"),
+	 /* the least significant 16 bytes of ciphertext */
+	 STR(internal_iv, internal_iv_size,
+	     "\x1a\x85\x20\xa6\x4d\xb5\x5f\xcc\x8a\xc5\x54\x84\x4e\x88\x97\x00"),
+	 },
+};
+
+/* GOST 28147-89 vectors come from the testsuite contributed to OpenSSL by
+ * Sergey E. Leontiev. CryptoPro-B test vector is just truncated.
+ * TC26Z is calculated using Nettle */
+const struct cipher_vectors_st gost28147_cpa_cfb_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x8d\x5a\x2c\x83\xa7\xc7\x0a\x61\xd6\x1b\x34\xb5\x1f\xdf\x42\x68"
+	     "\x66\x71\xa3\x5d\x87\x4c\xfd\x84\x99\x36\x63\xb6\x1e\xd6\x0d\xad"),
+	 STR(plaintext, plaintext_size,
+	     "\xd2\xfd\xf8\x3a\xc1\xb4\x39\x23\x2e\xaa\xcc\x98\x0a\x02\xda\x33"),
+	 .ciphertext = (uint8_t *)
+		 "\x88\xb7\x75\x16\x74\xa5\xee\x2d\x14\xfe\x91\x67\xd0\x5c\xcc\x40",
+	 STR(iv, iv_size,
+	     "\x46\x60\x6f\x0d\x88\x34\x23\x5a"),
+	},
+};
+
+const struct cipher_vectors_st gost28147_cpb_cfb_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x48\x0c\x74\x1b\x02\x6b\x55\xd5\xb6\x6d\xd7\x1d\x40\x48\x05\x6b"
+	     "\x6d\xeb\x3c\x29\x0f\x84\x80\x23\xee\x0d\x47\x77\xe3\xfe\x61\xc9"),
+	 STR(plaintext, plaintext_size,
+	     "\x8c\x9c\x44\x35\xfb\xe9\xa5\xa3\xa0\xae\x28\x56\x91\x10\x8e\x1e"
+	     "\xd2\xbb\x18\x53\x81\x27\x0d\xa6\x68\x59\x36\xc5\x81\x62\x9a\x8e"
+	     "\x7d\x50\xf1\x6f\x97\x62\x29\xec\x80\x51\xe3\x7d\x6c\xc4\x07\x95"
+	     "\x28\x63\xdc\xb4\xb9\x2d\xb8\x13\xb1\x05\xb5\xf9\xeb\x75\x37"),
+	 .ciphertext = (uint8_t *)
+		 "\x23\xc6\x7f\x20\xa1\x23\x58\xbc\x7b\x05\xdb\x21\x15\xcf\x96\x41"
+		 "\xc7\x88\xef\x76\x5c\x49\xdb\x42\xbf\xf3\xc0\xf5\xbd\x5d\xd9\x8e"
+		 "\xaf\x3d\xf4\xe4\xda\x88\xbd\xbc\x47\x5d\x76\x07\xc9\x5f\x54\x1d"
+		 "\x1d\x6a\xa1\x2e\x18\xd6\x60\x84\x02\x18\x37\x92\x92\x15\xab",
+	 STR(iv, iv_size,
+	     "\x1f\x3f\x82\x1e\x0d\xd8\x1e\x22"),
+	},
+};
+
+const struct cipher_vectors_st gost28147_cpc_cfb_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x77\xc3\x45\x8e\xf6\x42\xe7\x04\x8e\xfc\x08\xe4\x70\x96\xd6\x05"
+	     "\x93\x59\x02\x6d\x6f\x97\xca\xe9\xcf\x89\x44\x4b\xde\x6c\x22\x1d"),
+	 STR(plaintext, plaintext_size,
+	     "\x07\x9c\x91\xbe"),
+	 .ciphertext = (uint8_t *)
+		 "\x19\x35\x81\x34",
+	 STR(iv, iv_size,
+	     "\x43\x7c\x3e\x8e\x2f\x2a\x00\x98"),
+	},
+};
+
+const struct cipher_vectors_st gost28147_cpd_cfb_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x38\x9f\xe8\x37\xff\x9c\x5d\x29\xfc\x48\x55\xa0\x87\xea\xe8\x40"
+	     "\x20\x87\x5b\xb2\x01\x15\x55\xa7\xe3\x2d\xcb\x3d\xd6\x59\x04\x73"),
+	 STR(plaintext, plaintext_size,
+	     "\x2f\x31\xd8\x83\xb4\x20\xe8\x6e\xda"),
+	 .ciphertext = (uint8_t *)
+		 "\x6d\xa4\xed\x40\x08\x88\x71\xad\x16",
+	 STR(iv, iv_size,
+	     "\xc5\xa2\xd2\x1f\x2f\xdf\xb8\xeb"),
+	},
+};
+
+const struct cipher_vectors_st gost28147_tc26z_cfb_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x8d\x5a\x2c\x83\xa7\xc7\x0a\x61\xd6\x1b\x34\xb5\x1f\xdf\x42\x68"
+	     "\x66\x71\xa3\x5d\x87\x4c\xfd\x84\x99\x36\x63\xb6\x1e\xd6\x0d\xad"),
+	 STR(plaintext, plaintext_size,
+	     "\xd2\xfd\xf8\x3a\xc1\xb4\x39\x23\x2e\xaa\xcc\x98\x0a\x02\xda\x33"),
+	 .ciphertext = (uint8_t *)
+		 "\xed\xa7\xf1\x41\x01\x9c\xbd\xcd\x44\x6b\x00\x96\x87\xf7\xc7\xe6",
+	 STR(iv, iv_size,
+	     "\x46\x60\x6f\x0d\x88\x34\x23\x5a"),
+	},
+};
+
+const struct cipher_vectors_st gost28147_tc26z_cnt_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x59\x9f\x84\xba\xc3\xf3\xd2\xf1\x60\xe1\xe3\xf2\x6a\x96\x1a\xf9"
+	     "\x9c\x48\xb2\x4e\xbc\xbb\xbf\x7c\xd8\xf3\xac\xcd\x96\x8d\x28\x6a"),
+	 STR(plaintext, plaintext_size,
+	     "\x90\xa2\x39\x66\xae\x01\xb9\xa3\x52\x4e\xc8\xed\x6c\xdd\x88\x30"),
+	 .ciphertext = (uint8_t *)
+		 "\xe8\xb1\x4f\xc7\x30\xdc\x25\xbb\x36\xba\x64\x3c\x17\xdb\xff\x99",
+	 STR(iv, iv_size,
+	     "\x8d\xaf\xa8\xd1\x58\xed\x05\x8d"),
+	}
+};
+
+/* Manually calculated to overcome section size differences between TLS cipher
+ * and test vectors defined in recommendation for standarization
+ * R 1323565.1.017-2018. TLS uses 1024 byte sections, we need more to have at
+ * least one rekeying. */
+const struct cipher_vectors_st magma_ctr_acpkm_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x88\x99\xaa\xbb\xcc\xdd\xee\xff\x00\x11\x22\x33\x44\x55\x66\x77"
+	     "\xfe\xdc\xba\x98\x76\x54\x32\x10\x01\x23\x45\x67\x89\xab\xcd\xef"),
+	 STR(plaintext, plaintext_size,
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     ),
+	 .ciphertext = (uint8_t *)
+	     "\x2a\xb8\x1d\xee\xeb\x1e\x4c\xab\x68\xe1\x04\xc4\xbd\x6b\x94\xea"
+	     "\xc0\x4d\xdb\x07\xea\x92\x8f\xa2\x22\x0d\x97\x91\x83\x20\x78\x6b"
+	     "\x17\x0d\x8e\xaf\x6e\x3c\xa1\xab\xf2\x92\x93\x9a\xb1\x19\x54\xbb"
+	     "\xd3\x3f\x07\x38\x54\x26\x56\xed\xe3\xed\x4d\x54\x42\xb3\x0d\x0d"
+	     "\x43\xa1\x2e\xe8\xcf\x83\x81\x30\xe5\x90\xf3\x71\xe6\x7a\x42\xc3"
+	     "\xf8\x75\x91\xeb\xb8\xf7\xea\x17\xb3\xc4\xec\x9f\xa0\xca\x54\xd5"
+	     "\xbc\x42\x9b\x60\xd8\x90\xce\x61\xc1\xb4\x0d\x20\x52\x45\x0a\xfa"
+	     "\x77\xb4\x83\x54\xb4\x43\x77\x11\x50\x8f\xdc\xf4\xc4\x8f\x24\x2b"
+	     "\x84\xec\x97\xc9\xc1\x76\x3c\xf3\x17\x3c\x5a\xe8\x57\x86\x41\x22"
+	     "\xb6\x5b\x57\x29\xae\x1b\xb0\x75\x06\x95\xe5\xe2\x37\x93\x3b\x5a"
+	     "\xbe\x85\x5d\xb0\x16\x70\x5b\x53\x35\x57\x52\xdb\x87\x50\x89\x34"
+	     "\xa3\xd2\x1e\xc3\x83\x03\xbd\xdc\xc1\x24\xc3\xc9\x9d\xd7\x1b\x45"
+	     "\xfb\xcb\x4e\xd5\x64\x10\x5c\xe6\xc5\x93\x4d\xa9\x9b\xea\xed\xc5"
+	     "\xf4\x02\x30\x13\xbc\x41\x97\x81\x05\xb0\xcc\x6a\x39\x83\xe9\x05"
+	     "\x25\x11\x6e\x04\x63\x14\x6d\x85\x78\x9a\x09\xa7\x0d\x4c\x7b\xd7"
+	     "\xdf\xb1\x33\xeb\xbf\xeb\x92\x58\xf3\xda\x9d\xed\x8e\xf9\x8a\x3c"
+	     "\x71\x8d\x19\x67\x1a\x12\x49\xdf\x0e\xb1\x88\x3c\x9e\xf5\x1b\x77"
+	     "\x13\x60\x80\x1a\x28\x46\xa0\x48\x31\xec\xc2\xcb\xe7\xe7\x72\xdb"
+	     "\x92\x2a\x7b\x04\xd0\xa3\xd0\x17\x8c\xb2\x4d\xb3\xa2\x43\x16\x17"
+	     "\x8d\xec\x78\xf0\xdd\xe5\x60\x07\x77\x49\x66\xad\xb3\x36\xdd\xe4"
+	     "\xc9\xef\xf7\x6d\xe4\x00\xfc\x9c\x5b\x9d\x8a\x65\x58\xbb\xbd\x5c"
+	     "\xfe\x18\xe6\x97\x83\xd1\xae\x20\xed\x12\xac\xe5\x29\x7f\x58\xab"
+	     "\x83\xea\xd2\x92\xea\x17\x00\xaf\x2b\x55\x43\x7c\x5b\x17\xf2\x91"
+	     "\x0e\x79\x0b\x95\xb4\xe0\x4a\xb0\x55\x62\xe5\x5d\xda\x55\x02\xd6"
+	     "\xa1\xea\x99\x73\x16\x59\xb3\x3e\xc9\x86\x92\x1d\xb2\x1a\xf1\x4e"
+	     "\x6b\x2e\xeb\x49\x7d\xf6\x35\xc0\x23\xae\xb5\x56\xff\x90\xe7\xc5"
+	     "\xc5\x4c\xef\xea\x8f\x9e\xf1\xc2\xd0\x1c\xee\xef\xb7\xac\x0c\x0c"
+	     "\x43\xdf\xcc\x8e\x95\xe2\xd3\xd5\x9f\x17\x81\x85\x66\x87\x7e\xdb"
+	     "\x5e\x45\xde\xb2\x45\x95\x69\x90\x75\x80\xc1\x5e\x0c\x3d\xe8\xd9"
+	     "\x9a\x17\xc5\x62\x49\x90\xa6\x54\x68\xc2\xfa\xb0\x96\xc9\xac\x42"
+	     "\x9e\xa9\x6f\x33\x0c\x5b\xc2\xc5\x81\xc1\xc5\x5d\x91\x44\xb7\x48"
+	     "\xd0\x32\xc6\x7d\x99\xa1\xad\x43\x6c\xba\xc5\xf5\x10\xbd\xf2\x44"
+	     "\x75\x36\xe8\x7e\x91\x21\x8c\x16\xce\x74\xa4\xc2\x3d\x18\x28\x1a"
+	     "\x82\x79\x04\x3e\x15\x73\x22\x30\x7a\x33\x7f\x76\x63\xbc\x9b\x0b"
+	     "\xcb\x3c\xe2\x3d\x66\x22\x28\x20\x1c\xc3\x43\x12\x89\x2d\x05\x51"
+	     "\x0b\x65\x2b\xf3\xca\x0f\x21\xd7\x57\xac\xa9\x4d\x4f\xd0\x03\x13"
+	     "\x89\x94\xec\xad\x38\x9b\x95\xaf\xf8\x0a\xc5\xb0\x8b\xb3\x57\xcd"
+	     "\xdd\xe7\xa3\xfe\x3e\x84\x35\xad\xe6\x87\x69\xd5\xb7\xc5\xf0\xde"
+	     "\xcc\xc7\x81\x59\xd7\x52\x4b\xa1\x77\x8f\xec\x6a\x9d\xcd\x0d\x08"
+	     "\xa7\xbf\x32\x6b\x5a\xa3\xc8\x4a\x0b\xde\x8c\xf8\x12\x86\xf1\x6b"
+	     "\x78\x86\xaf\xf3\x49\x78\x81\x5b\x9d\x6b\xe9\xf7\x59\xe2\x36\xea"
+	     "\xab\x40\x87\x1b\x0b\x2a\x70\x9b\x4c\x29\x3f\x3d\x5a\xfb\x09\x11"
+	     "\x9a\x39\xfc\x41\x65\xac\x64\xbd\xfd\x8b\xf3\x09\x1b\x13\xde\x38"
+	     "\x5b\x35\x0e\xce\x71\xab\x87\x99\x82\xd4\x26\x5c\x5d\x4d\x5b\xfe"
+	     "\xe8\x33\x11\x37\xf8\x3b\x16\x93\x20\xbe\x47\x68\xd9\x19\x94\x17"
+	     "\xdf\x56\xce\xbf\x82\x34\x75\x74\x7a\x39\xb3\xb5\xc3\x54\x86\x30"
+	     "\x33\x7e\xbd\xe7\xd9\x24\x18\x8f\xbf\xc1\x69\x28\x75\x37\xb6\x90"
+	     "\x2e\x4c\x71\x88\xcf\xfe\x90\xd6\xe5\x3d\xf3\xf2\x42\x8f\xee\x76"
+	     "\x00\xb8\x84\x5f\xeb\xbc\x5d\x46\xcd\xa6\x13\xaf\x3b\x37\xae\xb4"
+	     "\x82\xd5\x37\x88\x86\x94\x0f\xd8\x00\x0b\x97\x86\xa3\x91\x43\x8f"
+	     "\x05\x40\x04\xdb\x7c\x17\x5e\xbf\xf0\x07\x29\x94\x34\x04\x6b\x1f"
+	     "\x32\xa0\xa3\x30\x1a\xc8\x72\xde\xd7\x42\xfe\xb8\xe2\x2e\x6c\xe9"
+	     "\x71\x3e\xe5\x9a\x6c\x83\xc1\x75\xc2\x04\xfb\x8d\x45\x4a\x52\x7a"
+	     "\xac\xca\x87\x7a\xf3\x88\x42\x42\xfb\x40\x71\x67\xc0\xa7\xcc\x10"
+	     "\x30\x32\xc2\x7e\x3d\x93\x40\xb6\xb2\x53\xcd\xe4\x23\x4b\x5a\x99"
+	     "\x20\xfe\xe9\xef\xce\x82\xb0\x0f\x4e\x21\xa6\xc0\xad\x6a\x7b\x08"
+	     "\xb9\x33\x6b\xc2\x35\x5e\x0d\x6e\xd5\x9d\x65\xef\x70\x5d\xc7\x02"
+	     "\xa8\x4e\x5e\x80\xb1\x9c\xa8\x50\xfd\x25\x44\x0d\xe6\x78\x8c\xd9"
+	     "\x18\x01\x43\xd0\xee\x9f\xa7\x68\xd9\x37\xf3\x5e\xcb\xf6\x08\x92"
+	     "\x75\x02\x65\xee\xcf\xed\xdc\xe5\x3f\x6d\x9f\x84\x75\x39\x93\x27"
+	     "\xff\xc5\x97\x37\x6e\xc7\x60\x9c\x1d\x39\x4d\xbc\x27\xa2\xe5\x85"
+	     "\x05\xa4\x3d\x28\xce\x42\x51\x81\xd5\xcb\xbd\x83\x11\x13\x05\x93"
+	     "\x4f\x70\xb3\x97\xa9\xfa\x14\x95\x77\xc5\x1e\x40\xd0\x4d\x77\xef"
+	     "\xa8\x53\xfc\x26\x30\xd4\xfe\xda\xd0\x74\x58\x38\x21\xc0\xbb\x21"
+
+	     "\xd9\x6a\xf3\xcc\x57\x01\xcb\xbb\x01\x9a\x99\xe6\x4e\xaf\xf2\x32",
+	 STR(iv, iv_size,
+	     "\x12\x34\x56\x78\x00\x00\x00\x00"),
+	}
+};
+
+/* Manually calculated to overcome section size differences between TLS cipher
+ * and test vectors defined in recommendation for standarization
+ * R 1323565.1.017-2018. TLS uses 4096 byte sections, we need more to have at
+ * least one rekeying. */
+const struct cipher_vectors_st kuznyechik_ctr_acpkm_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x88\x99\xaa\xbb\xcc\xdd\xee\xff\x00\x11\x22\x33\x44\x55\x66\x77"
+	     "\xfe\xdc\xba\x98\x76\x54\x32\x10\x01\x23\x45\x67\x89\xab\xcd\xef"),
+	 STR(plaintext, plaintext_size,
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	     "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	     "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"
+
+	     "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     ),
+	 .ciphertext = (uint8_t *)
+	     "\xf1\x95\xd8\xbe\xc1\x0e\xd1\xdb\xd5\x7b\x5f\xa2\x40\xbd\xa1\xb8"
+	     "\x85\xee\xe7\x33\xf6\xa1\x3e\x5d\xf3\x3c\xe4\xb3\x3c\x45\xde\xe4"
+	     "\xa5\xea\xe8\x8b\xe6\x35\x6e\xd3\xd5\xe8\x77\xf1\x35\x64\xa3\xa5"
+	     "\xcb\x91\xfa\xb1\xf2\x0c\xba\xb6\xd1\xc6\xd1\x58\x20\xbd\xba\x73"
+	     "\x7e\x08\xf5\x9f\x71\xb8\x56\x08\xe3\x89\x55\xb1\x7b\x53\xed\x27"
+	     "\xee\x04\xce\x2c\x02\xae\xf0\x75\x8f\x5d\x64\x77\xea\x0a\x79\xb2"
+	     "\x9f\xc0\xb0\x9a\xf0\x93\xd5\xbf\xb9\xdf\xab\x18\x25\xf7\x51\xc9"
+	     "\x82\x69\x88\x08\x00\x2b\x35\x8e\x2c\x2f\x7c\x01\xdc\x31\x56\x1d"
+	     "\x52\xb4\xca\x07\xbf\x02\xa5\x9a\x80\x88\x91\x19\xf1\x26\x0b\x7f"
+	     "\x9d\x3e\x1c\xe5\xf9\x92\x1a\xf5\xb5\x53\xed\x1e\x1a\xdf\xdc\x53"
+	     "\x9e\x2e\x79\x65\xbd\x7b\x48\x48\x57\x58\x90\x76\x40\x57\x86\x76"
+	     "\x7d\xe3\xb2\x82\x06\xed\xeb\xce\x35\x1b\xcc\x5c\xee\x54\xe4\x3f"
+	     "\x53\x4b\xb5\x0d\x07\x0a\x2d\x0c\xb7\xcf\x7c\xf8\x81\xad\x32\x01"
+	     "\x26\x50\x0f\xe9\x32\xf3\xd7\xc9\xf0\x86\xab\xb8\xf8\xea\x72\x3a"
+	     "\x9a\x17\x48\x12\xa5\xbb\x3b\xa9\x6d\x01\x51\x82\xc0\xe2\x98\x4d"
+	     "\x69\x3c\xbd\x67\x6a\xa0\xb1\x7d\x7a\xa8\x2c\xb8\xe2\xb9\xf6\x68"
+	     "\xfa\xeb\xae\x0d\x41\xcb\xb0\xfe\xe5\x55\x65\xb6\x5d\x56\xe5\x05"
+	     "\x20\x08\x51\x77\x7c\x18\x3a\x25\x69\xaa\xa2\x39\x68\xcf\xd1\x3e"
+	     "\x51\x47\xb5\xd8\x13\xcc\xaf\x2d\x31\xd5\x28\xae\x61\x48\xe6\x9a"
+	     "\x0a\xd8\x30\x0b\x1f\x7c\xef\x3d\x32\xa5\x40\x05\x41\xdf\x84\x1e"
+	     "\xce\xde\xca\x31\x42\xa6\xc4\xbc\x2b\x56\xb7\x7e\xa6\x22\x1f\x85"
+	     "\x7b\xe8\x80\x01\xc1\xff\x78\x45\x14\xb5\x4d\x9b\xe3\x21\xf7\xb8"
+	     "\x13\xd5\x44\x3d\x6f\x33\x85\x46\x56\x07\x79\x15\xb4\xec\xe5\xfd"
+	     "\x34\x35\xc8\x8a\x5f\x4d\x58\x84\x82\x9d\xb6\x4d\x0e\x90\x65\xb0"
+	     "\x5e\x61\x83\x30\x3d\x51\x34\xe3\x0e\x6e\x78\x05\xc8\x6d\x1e\x7d"
+	     "\x76\xe2\x3d\x85\x33\x82\x42\x7c\x7d\x67\x33\xbb\x60\x5e\x4d\xb0"
+	     "\xc8\xd0\x7a\x6c\xbe\x4e\xc8\xc4\x82\x9d\xb6\x25\x56\xc9\x1b\x52"
+	     "\x3b\x9b\x4a\xf5\x8f\x67\x12\xd5\x41\x60\xe6\x97\x08\x90\x7b\x17"
+	     "\x3b\xf9\x1c\x82\x0d\x15\x0a\x3d\x1b\x27\xd4\x46\xd6\x91\x5c\x74"
+	     "\x48\x45\x1a\x4c\x60\x26\xf3\xe3\x1f\xe7\x0a\xfc\x79\x42\x8a\x5f"
+	     "\x5f\x5b\x33\xf4\xb3\xda\xbd\x4c\x4a\x10\x5e\x3b\x9d\x09\xf8\xf2"
+	     "\x51\x25\x44\x37\x7b\xca\x88\xf0\x88\xa9\x5d\x2e\x9e\x42\xf6\xac"
+	     "\x3d\xd6\x01\x06\x06\x5c\x96\x4b\x13\xf5\x5f\xaa\x06\x34\x16\x67"
+	     "\xfd\xa5\x49\x12\xcc\x21\x8f\xb4\xb9\x33\xfc\x58\xf0\x36\xeb\xd7"
+	     "\x50\xf2\x38\x39\x9e\x93\x7b\xf7\xf5\xc7\x9c\x73\x36\x1f\xbe\xa9"
+	     "\x49\xf9\x2c\x4f\x17\xfc\xb3\x64\x51\x68\xaf\xed\xe3\x43\xbf\x2f"
+	     "\x3f\x57\xbb\x74\x93\x51\xc4\x93\x1e\x2e\x05\xed\xda\x74\x27\x1b"
+	     "\x7b\xa8\x98\x3e\xa6\x62\x75\xbd\x68\xab\x44\xe8\xe4\x2d\x2f\x08"
+	     "\x44\x64\x85\xa6\x42\xfe\xdb\x11\xb5\xbc\x1a\x83\xc4\x58\x7a\xd1"
+	     "\x0d\x64\xa2\xdb\xd5\x4c\x3a\xd7\x2a\xd8\xc7\x0b\xf5\x33\x80\xe2"
+	     "\xaa\xc6\xaf\xad\xee\x39\x83\x1c\xfb\xda\x39\xd6\xe4\xbe\x6f\xde"
+	     "\x46\xd1\xdc\xc8\x77\x3b\x42\x3a\x19\x83\xdb\x79\x5e\x9d\xd9\xef"
+	     "\xe7\x54\x9e\xfa\xde\x56\x26\x0e\x33\x44\xb6\xac\xc7\x25\x1f\x0b"
+	     "\xd0\x12\x4a\x75\x6f\xef\x9f\xb7\xe7\xf1\xc3\xb2\x77\xa7\x01\xc1"
+	     "\x24\xf2\x60\xf2\x04\xa4\x07\x47\x25\x81\x2a\x51\x36\x1d\xb3\x42"
+	     "\x3c\xc5\x12\xbb\x53\x89\xc3\x00\xb4\xe8\x0e\xd8\xed\x5d\x9c\x18"
+	     "\x08\x16\x05\x57\x22\x99\xc1\xcb\x97\x4d\x7d\x42\xb0\xbf\xf3\x35"
+	     "\x9e\xc9\xc0\x4e\xe6\x42\xec\x49\x06\x5e\x50\x7f\x6c\x86\x20\x9e"
+	     "\xe0\x49\x6a\x1d\x50\x45\x52\x3d\x66\xdc\x66\xb2\xa1\x57\xbb\x1d"
+	     "\x65\x30\xf9\x3e\x6c\x8b\xf8\x07\x5e\xf9\xb0\xcf\x15\x1f\xa4\x22"
+	     "\xe6\x28\xdf\x40\x44\x27\x80\x99\xbf\xcc\x86\x94\x3d\xe1\x97\xbc"
+	     "\x64\x7b\xc9\x8a\xc8\xb7\xdd\x8e\xd9\x95\xfa\x97\x44\x59\x70\xb6"
+	     "\xa4\x59\xdd\x94\x2a\x4e\x71\x76\xe1\xf8\xff\x2e\xef\xf7\xf3\x26"
+	     "\x0d\xeb\x63\x9b\x34\x74\xcf\xc7\xe4\x99\xb3\x8b\xe5\xf8\xfa\xf8"
+	     "\x60\x6a\x8f\x16\xfe\xb3\x12\xe8\x66\x5c\x26\x61\x11\xaa\x14\x85"
+	     "\x5e\x4c\x0f\xf8\x47\x99\x49\x4c\x22\xa5\x37\xb7\x4b\xed\x1d\x33"
+	     "\x54\xe4\x6f\xfe\x4b\x7e\x95\x44\x56\xa9\xa9\x48\x6f\x40\x08\x42"
+	     "\x28\xa0\xd6\x8e\x52\x72\x84\x87\xd5\xcc\x08\xf4\x34\x9b\xc7\xf7"
+	     "\x92\xac\x5d\x5a\x30\x4c\x87\xc2\x2c\x94\x68\x10\x03\x02\x8c\x38"
+	     "\x6e\xf6\xca\xd1\xd6\x55\x02\x3c\x3a\xf4\x21\x1c\x90\x03\x7c\x33"
+	     "\xcd\x81\x93\x3f\x4c\xa1\xe6\x7c\x7d\x27\xaf\x97\x7a\xd8\xb0\x32"
+	     "\xcb\x1f\xb6\x5d\xb0\x7c\x9e\xf7\x15\x6a\x29\xc9\xb3\x13\x8e\xb2"
+	     "\x2e\xf2\x9d\xb2\x64\xe9\xc7\x13\x86\xc3\x46\x97\x9e\x53\x37\xac"
+	     "\xd1\x75\x0b\xe2\x20\x4a\x5e\x3a\x47\xdf\xb3\x67\x78\x23\x22\xa6"
+	     "\xb6\x69\x83\x1b\x41\xe1\xdc\xe3\xbb\x63\x8e\x6a\x70\xe2\x91\x30"
+	     "\xa2\x48\x43\x07\x9b\xf1\x87\x9d\xd9\x2f\x36\x62\xaf\x51\x70\x10"
+	     "\x5d\x68\x42\x6e\x95\xe6\x86\x85\x90\x08\x80\x42\xc6\x11\x7d\x38"
+	     "\x37\x94\xc7\x7a\x9d\xec\xff\x87\x15\x0d\x30\x42\x7d\xbf\xb0\x21"
+	     "\xa8\x28\xc3\xa9\x56\x31\xda\x2e\x91\x8d\x0d\x78\x93\xe2\x4d\x7f"
+	     "\xb3\xdb\x87\x5b\xf2\x2a\x55\x54\xc4\x1a\x47\x9b\x51\x79\x2c\x55"
+	     "\xaa\xaf\x57\x89\x90\x32\x26\xfa\xcf\x26\x3d\xbd\xc3\x59\x7e\x4b"
+	     "\x53\x7a\xa3\xf8\xec\x31\x3e\x9f\x22\x33\x41\xec\xe5\xf1\x50\x41"
+	     "\x57\x64\x37\x0e\x24\x0f\x03\x0c\x93\xaf\xd7\x44\xef\x33\xf9\x96"
+	     "\x8e\x63\x9c\x79\x09\xdf\x58\xdb\xcd\xd2\xf2\x81\xed\x97\x28\x5e"
+	     "\x6d\x99\x45\xad\xf1\xa4\xe8\x59\xaa\xeb\x59\xbd\xfa\x54\x27\xe2"
+	     "\x01\x6d\xfa\x08\xe5\x1a\x46\x92\x31\xa0\xfd\x2e\x25\x21\x5e\x9d"
+	     "\x1d\x41\x82\x16\x21\xea\xe8\x29\x5a\xe7\xd4\xd8\x7c\x91\x6d\xa8"
+	     "\x69\xa8\x6b\xac\xf9\x3d\x2c\x07\xfa\xaf\x65\x5e\x84\x63\x5c\x1c"
+	     "\xb6\x71\x1c\x6e\x1a\x1a\xcf\x5f\x39\x08\x02\xeb\xde\x75\x28\x44"
+	     "\x90\x3b\x6d\x09\xf5\xa4\x3a\x00\x99\xc1\x6e\xb8\x23\x47\xb6\xe6"
+	     "\x44\x69\x24\x86\x0d\x93\x7d\xc2\x1a\xe7\xf8\x97\x97\x6d\x2f\x7d"
+	     "\x6a\x3e\xd7\x6d\x94\xbe\x9b\xfa\x7d\x40\xff\x35\x7e\x2d\x9c\x50"
+	     "\x71\xf8\x99\x5f\xf3\x53\x16\x59\x77\x72\x4b\xef\x8d\x21\x8c\x28"
+	     "\x15\x8a\x57\x6d\x3d\x35\xf4\x2c\x37\x39\x0e\x97\x8f\xd3\x45\x17"
+	     "\xac\x0b\xa2\xaa\x16\xe7\x98\x70\xbd\x91\x4b\x7b\xc9\x14\x5b\x85"
+	     "\x29\xe5\xd9\x20\xa6\xf3\x89\x63\xc8\x01\x94\x2c\x20\xb0\xf1\x1c"
+	     "\x61\x90\x5b\xe8\xaf\xdb\xe2\x20\x62\x4f\xd0\x3c\x51\x1f\x5f\x14"
+	     "\x28\x13\x07\x5e\xbc\x4a\xa0\x46\xa7\x9c\xc7\x00\x24\xb4\x67\x0d"
+	     "\x9c\xe8\x05\xa7\xe3\x37\x94\xd3\x97\xc5\xd6\x1d\xb3\x79\x0c\x7f"
+	     "\xf0\xeb\x68\xa7\xa9\x75\x30\x3c\xf1\xf8\xfb\x96\x4b\xa5\x99\xb1"
+	     "\xf0\x71\xab\xb4\x8a\xa6\x5d\x97\xb5\x6f\x42\x81\xef\x38\x0e\x41"
+	     "\x21\xcd\x15\xe4\xf1\xdc\x02\xc2\xe5\xe4\xb2\xf2\xdb\xc5\x42\x0f"
+	     "\xeb\x00\xb8\x49\x48\x90\x97\x59\x69\x8c\x3d\x90\xfa\x7f\xaf\x75"
+	     "\xff\xe8\x0f\xff\x13\x2f\x7a\xca\x33\xbc\xb0\x41\x7b\xd4\x94\xce"
+	     "\xd5\xd7\x53\xe5\x36\x9d\xea\x0c\x13\x60\x63\xd9\x79\x83\x53\x03"
+	     "\x3c\x5f\x33\x6b\x16\xd2\xd6\x07\xbd\xbc\xa9\xcd\xd6\x21\x58\x8a"
+	     "\x90\xac\x85\x7c\x0a\x85\xf1\x02\xfd\x6c\x5b\xac\x92\xa5\x6f\xfc"
+	     "\x02\x60\xb3\x05\x91\x31\x80\xd5\x75\x82\xa8\xab\xcc\x7b\x47\xdb"
+	     "\x79\xaf\x85\xea\x75\x2d\xf4\x46\x45\xa6\x24\x35\x2d\xba\x9e\x19"
+	     "\x4e\x48\xb3\x5f\x40\x96\x6c\x73\x44\x09\x67\x27\xee\xdb\xdb\xca"
+	     "\xf6\x14\x3f\x32\xdf\x3b\xd3\xcb\x87\x48\x6b\x03\xda\xfe\xb5\x20"
+	     "\xf8\x72\xd0\xe4\x65\xfd\x14\x5d\x9b\xd3\xc5\x67\x4b\x41\xf4\xcb"
+	     "\xac\xe4\xce\x61\xe0\x06\x8e\xb6\xca\xef\xa5\xe4\x70\xd4\xff\x4f"
+	     "\x4c\x81\xb7\xc7\xc1\xe3\x1d\x6b\xfe\x44\x37\xfe\x7e\xb4\xec\xda"
+	     "\x55\xbc\x26\xdd\x44\x08\x28\x49\x19\xc9\x52\x20\x4a\x5e\xe1\xae"
+	     "\x6b\x87\x35\xa2\x9a\x02\x17\xb0\x74\xe1\x19\x92\xca\x5d\x34\x81"
+	     "\xd7\x3f\xb1\x14\xe2\x44\x97\x7f\xab\x0a\xc3\x44\x8d\x9c\xe6\x27"
+	     "\x84\x5e\x2e\xe1\x0e\x7b\x74\xee\x47\xe2\x6f\x79\x3a\x0d\x25\x90"
+	     "\x9b\x32\x13\x78\xd3\xd1\x19\x10\xb7\x88\xc4\xb4\xb8\x0f\x84\x0c"
+	     "\xc4\x6d\xb3\xbc\xbc\xea\x1d\x84\xfe\x6f\x95\x1e\x44\x78\xbb\x73"
+	     "\xd0\x08\x8b\xbe\xae\x91\x6f\x84\xeb\x6c\x05\x58\x3a\xb7\x68\xee"
+	     "\x62\x14\x0b\xba\xd3\xd6\x78\x23\x35\x03\x2f\xed\xac\xf2\x35\xa7"
+	     "\x0b\xf5\x37\xa1\xa5\x4d\x57\x0e\x2e\x5e\x0d\x0c\xd6\x04\xc8\x07"
+	     "\x60\xe6\xda\xd9\x55\x16\xf6\xc6\x0c\x53\xc0\x46\xa8\x91\xa6\xdd"
+	     "\x22\x99\x88\x9f\x23\x93\x64\x81\xdb\x4b\xe8\x99\x1e\x16\x5c\xb5"
+	     "\x08\xc0\x74\xf9\x79\xd3\xc1\x6a\xe5\x38\x6b\xcd\xf0\xcb\x1e\xb8"
+	     "\x5c\x6b\x14\xd6\x85\x58\xa3\xc8\x3d\x5b\x14\x50\xc4\x70\x97\xb2"
+	     "\xcd\x93\xd6\x3a\x42\x2f\x3a\x88\x28\x8a\xd0\xa7\xe9\x98\x87\xbe"
+	     "\x66\x89\x69\xd9\xbd\x11\x91\xd3\x9b\xc4\x22\x14\xe6\x8f\xc8\xbd"
+	     "\x95\x5d\x3d\xd2\x1d\x10\xbd\x61\x69\x87\xf9\x4a\x9c\x61\x5b\x80"
+	     "\x9b\x3f\x32\xce\x17\xcd\x98\x79\xb9\xeb\x45\xf7\x54\x3c\xc9\xa6"
+	     "\x2e\xb4\x0b\x0d\x84\x0d\x35\xcc\x64\x5f\x5a\x92\xf8\xcb\xd6\xfa"
+	     "\xae\xd9\xce\x9c\x41\x83\xc2\xab\xd5\x73\x21\xea\x95\xd5\x73\x2f"
+	     "\xf1\xd0\x71\x95\x45\x07\x7c\x1f\xcc\xba\xf3\xb0\x75\xfa\x1a\xd4"
+	     "\x89\x66\x4e\x93\x93\x80\xb7\x67\xd5\xdf\x99\xd8\x43\x6d\xf6\xde"
+	     "\x19\xc8\x13\x56\xf8\x63\xe5\xf2\x53\xfd\x2e\x62\x8d\xde\x92\xd4"
+	     "\x98\xfc\x1c\x36\x08\x3d\x33\x0f\xee\xbc\xb8\x2f\x49\xa2\xb3\xb4"
+	     "\x9b\x0c\x7e\x16\xd4\xe8\xc0\x98\xd0\x5c\xda\x25\xaa\xe4\x60\x95"
+	     "\xe6\xc5\x7b\x62\xa5\xe9\xbc\xa1\x5e\x11\x4f\x5d\xb4\x19\x29\x33"
+	     "\x6f\xff\xf4\xef\x7f\x62\x2b\xf2\xbd\x47\x90\xcb\xba\xbc\xe8\xa8"
+	     "\xd7\xcf\xac\x44\x05\x67\xf3\xd3\x93\x22\xc0\x48\x23\xdf\xef\x54"
+	     "\x3d\x64\xc7\x13\xfd\x4f\x0a\x21\x20\x2b\xad\x34\x88\x02\x69\x84"
+	     "\xaf\x8a\xfb\xbb\x97\x7d\xca\x0e\x80\xdc\x8a\x50\x51\x49\xc8\x1f"
+	     "\xbd\x35\x46\x11\xf6\xdf\x52\x29\xc2\x52\xc4\xae\xd5\x16\xbb\x67"
+	     "\x21\x7b\x25\xeb\xc4\x21\x0d\xc7\x3f\x1b\xae\x42\xc2\x21\x58\x1e"
+	     "\x32\x46\x0d\x72\x15\x89\x75\xaa\xd9\x0b\x2d\xa7\x25\x3a\x2a\x3d"
+	     "\xc6\x46\xd1\xa3\x9d\xed\x52\xd8\xbb\x53\xb9\x1f\x6d\xfc\x63\xb7"
+	     "\x28\xa1\x78\x78\x18\x43\xa2\x3d\x6f\xcd\x6a\x40\x6a\xc2\x44\x88"
+	     "\x59\x03\xdd\xd3\x47\x8d\x3d\xe2\x24\xc2\x11\x00\xb1\x2e\xc7\x24"
+	     "\x81\x4b\xc0\x9c\x90\x64\xb7\x8b\xfb\x3a\xdc\x69\xe1\x4c\xf4\xc4"
+	     "\xc7\x78\x5a\xca\xf8\x6f\x16\xa0\xb8\xe3\xb0\x66\x94\xab\x7a\x86"
+	     "\x5c\xa8\xb9\x7f\xf7\x6a\x64\x1d\x8f\x03\xcf\x4b\x4b\xb0\xd8\xc2"
+	     "\xc2\xea\x02\x5a\xaa\x14\x19\x8f\x60\x49\x5b\xf4\x05\xc8\x98\x30"
+	     "\xeb\xbc\x00\x12\xa4\xc0\x27\x5f\x38\x91\x89\x73\xfa\xb7\xc1\x3a"
+	     "\xf4\x7c\x18\xe4\xe7\x7f\x8c\x82\x51\xb0\x64\x2b\x9d\xa3\x98\x47"
+	     "\x67\xe4\x0f\x1f\x30\x8e\x78\x0a\x3e\xc4\xa8\xc4\x1c\x79\x0a\x09"
+	     "\x91\xbd\xa1\x6a\xab\x47\xce\x54\x24\xda\x4b\xa6\x7b\x40\x43\x92"
+	     "\xd5\x43\xbb\x50\x53\x54\x1d\xf0\x0c\x87\x01\xc0\x82\x0a\xf0\xd8"
+	     "\x7d\xd7\x22\xfc\x33\x59\xf7\x54\x87\x5c\x45\xc8\x2d\x92\x6d\x3a"
+	     "\xfc\x90\x03\xa9\x23\xa8\xa3\xa5\x00\x3d\x3f\x7d\x9f\x6c\x7a\xba"
+	     "\xdd\xff\xfd\x09\x04\x9b\x82\xea\x9f\x0e\x05\x92\xed\x08\x24\x1d"
+	     "\x00\xfa\xac\x61\xf0\xe7\xc7\x37\x7e\x0d\x73\x38\x3e\x7a\x63\xcb"
+	     "\x4e\x26\x21\xd6\x50\x12\xe4\x95\x1e\xc7\xd0\xed\xcb\xf9\xbf\x1d"
+	     "\x34\x81\x81\xa4\x0e\xeb\xf6\xe8\xc5\x1e\x98\xca\x79\xad\x15\x3c"
+	     "\xdc\xf5\xe3\xa9\xfe\xe9\x4c\x6a\xc5\x79\x55\x89\x18\xf2\xd1\x86"
+	     "\x4e\xd6\x95\x38\xf8\x78\x0b\xfc\x50\x40\x72\xd4\x3c\x45\xdf\xaa"
+	     "\x13\x1e\x9e\x74\xff\xde\xa9\x33\x5e\xa8\xa1\x70\x75\xd7\x7c\x4f"
+	     "\x71\xf1\x03\xb3\xfb\x0f\xad\x19\x4f\x5d\xfe\xbb\xc5\x98\x81\x11"
+	     "\xee\x24\x24\x13\xa4\xa4\xfe\x40\x4b\x20\x38\x61\x6e\xe3\xec\x05"
+	     "\x15\x46\x35\x2d\xd4\x61\x7d\x0f\x4a\x34\xf1\x23\x87\x5e\xc6\x8e"
+	     "\xf5\x77\x8c\x03\x4b\x58\xe2\x3b\x35\x08\x2f\x40\x60\xd6\xe3\x3a"
+	     "\xf0\xb4\xdd\xb9\x18\xfc\x7d\x79\x7a\xf3\x0a\x5c\x89\x2e\xcc\x30"
+	     "\x9b\x8f\x7e\x3c\xd3\x1d\x45\xcb\xfb\xb5\x09\xe8\x6e\xd4\x87\xb0"
+	     "\xc5\x5c\x0e\x70\xec\xd9\x04\xb2\xc1\x44\x9b\x78\x4f\x46\x92\x4b"
+	     "\x18\x0b\x90\xaa\xe3\xf9\x11\x8d\xf8\x9e\x5e\xc6\x2e\xfb\x9f\xba"
+	     "\x31\x49\x9e\x9d\xb7\xb8\x5c\x0b\x09\xcf\x45\xb0\x82\x9d\x6a\xd7"
+	     "\xeb\x1d\x79\x6f\x26\x1a\xec\x5d\x16\xb1\xa8\xc5\x90\x00\x9a\x79"
+	     "\x51\x9b\xab\x79\x09\xa1\x7f\x65\x74\xa0\xf8\x54\xfd\xf3\x74\x52"
+	     "\x80\x09\x25\x33\xa4\xd5\x22\xba\x79\xc0\x77\xe0\x56\xfb\x19\xa9"
+	     "\x8f\x23\x16\x29\xa9\x39\x54\x10\x0d\x85\xb9\x20\xd3\x27\xa2\x7d"
+	     "\xe4\x81\x9e\x0a\x4a\xc4\xf6\xef\xc7\x0b\xb8\x6a\x50\xa9\xed\x72"
+	     "\xb4\x79\x01\xf3\xc3\x89\x5d\x19\x5e\x9a\xf1\x35\x14\xcc\x04\x4c"
+	     "\x2d\xe5\x0f\xd8\x07\xee\x50\xee\x3f\xaf\x74\x86\xcd\xc5\xf8\x34"
+	     "\x0f\xeb\x32\x7f\x36\xcc\x03\xa8\xbc\xde\xd9\xf8\xfc\x01\x73\x83"
+	     "\x74\x4a\x26\xdc\x70\x1a\x76\x71\x5a\xee\xac\x0b\xe0\xdb\x16\xd4"
+	     "\x26\x7c\xfb\xb8\x96\x74\x00\x7d\xb8\x5c\x4a\x07\xfc\x9e\xc9\xff"
+	     "\x4a\xd0\xaf\x86\x4b\xb0\xc6\x29\x8e\x3f\x2e\x9f\xa0\x33\xd3\xdf"
+	     "\xb9\xe0\xd5\x48\xb9\xf0\x08\x7e\xae\xdd\xd0\x2e\xf5\x41\xd8\xa3"
+	     "\x9a\xff\x76\x93\x04\x7a\xef\xd2\xf5\xb8\x05\xa1\x55\x8e\xe8\x03"
+	     "\x9f\x6e\xd9\xc4\x75\xd0\xfe\x75\xd1\x77\x3f\x22\xbe\x2e\xc7\x27"
+	     "\x10\x4e\x2c\xab\x2f\x38\x53\xcb\xe7\x27\x9d\xff\xd8\x86\xb7\xca"
+	     "\xc1\x7e\xeb\x23\xd8\x8f\x5e\x85\xa3\x2a\xa3\xe6\xc8\x8f\x71\x30"
+	     "\x98\x91\x1d\x11\x8d\x76\xdf\x42\xe8\x72\x6b\x41\x3a\x70\x46\x26"
+	     "\x78\x16\xc8\x6a\x21\x66\x81\xdc\xec\xac\x3e\x5d\x8a\x9a\x01\x03"
+	     "\xee\xee\x0a\x34\x1a\xad\xdc\xc9\x4f\x3d\x22\x3b\x48\x67\x43\x7d"
+	     "\x7e\x53\x08\x91\x26\xbf\x7d\x60\x4a\xf4\xfb\x21\xcf\x74\xc9\xc6"
+	     "\x47\x9b\x39\x58\x61\xde\x5d\x3c\xbe\x60\x2e\x2b\x6c\x08\x42\x3e"
+	     "\xe3\x03\x76\x6d\xa8\xac\xba\x11\xb2\xce\x0f\xdb\x95\x6a\x33\xf4"
+	     "\x00\xc9\x66\x13\xd4\x5f\xab\xe7\x1b\x17\x62\xa1\xe6\x4a\x82\x67"
+	     "\x28\xa3\x7b\xf7\x4b\xfc\x57\xcb\x16\x3e\xfe\xb5\xa4\xef\x3b\x35"
+	     "\xdd\x14\xd5\x48\x41\x5e\xa5\x62\xcc\x18\xba\x97\x6c\x75\xe9\x39"
+	     "\x63\xd4\x9d\xce\x2d\x9d\x4c\xc3\x82\xb1\x31\x69\x91\x90\x3e\x6d"
+	     "\x66\xc7\xea\xd3\x88\x02\xd3\x39\x10\x22\x04\x1a\xbf\xc5\x0d\x02"
+	     "\xb8\x7c\x9a\x86\xc5\x04\x87\xef\xaf\x75\xe5\xc7\xe6\x21\xba\xa1"
+	     "\xbd\x9c\x14\x90\xc3\x99\x80\xbb\x61\xe3\xe2\xc1\x79\xf0\xc6\x46"
+	     "\x4f\x38\x86\x35\x93\x1a\x55\xd8\x76\x0f\x7c\xa2\xae\x3b\x6a\xa8"
+	     "\xe4\x74\x74\xc2\x50\x38\xcf\xc5\xda\x85\xee\xe0\x2f\x23\x1a\x83"
+	     "\x17\x54\xa7\x34\xa0\x1f\xd7\xd3\xb2\x53\xe3\x77\xfe\x8e\x97\x49"
+	     "\xc5\x5b\xe0\x5f\xcb\x2c\x90\xe9\x09\x83\x40\x89\x81\x51\xf6\x40"
+	     "\x64\x2c\x89\xca\xcf\x61\xda\x04\x0d\xaf\x3b\x48\xf9\x8a\xfa\x74"
+	     "\x6a\x6a\xe5\x29\x5e\x3a\x6b\xee\xb5\x5e\xa3\x0c\x78\xf1\xe0\xcb"
+	     "\x74\x69\x2c\x7b\xf6\x73\xc1\x53\x20\x8c\x15\x54\x03\x5d\x96\xe3"
+	     "\x6a\x8d\x19\x5d\xec\x5a\xd4\xe3\x6b\x1a\x72\x27\x73\x73\xbb\x2e"
+	     "\x7c\x4e\xbb\x63\x26\xdb\x9d\x9c\xde\x67\xd8\x50\x7c\x85\x1a\xff"
+	     "\xf0\xd0\x12\x4d\x3e\x69\xb1\x2d\x2a\xd1\x28\x4a\xc9\x82\x1e\xd5"
+	     "\xfc\xa3\x64\x0b\x2f\xcc\x4c\xef\x17\xa6\xe5\x0b\xd5\x76\xb4\x33"
+	     "\xff\x3b\x3d\xc3\xb0\x28\xf7\x38\xf5\x7a\x76\x2c\x84\xf7\xcc\x4f"
+	     "\x3a\xdf\x68\xab\xbc\x6b\x24\xac\x84\x8a\x09\x5e\x0d\x89\x9d\x85"
+	     "\x98\xf5\x61\x60\x38\xb0\xdd\x86\xe1\xb5\x42\xa0\x6c\x25\x77\x28"
+	     "\x8f\xf1\x21\xb3\xa8\xed\x8c\xfd\x18\xcf\x23\xae\x2a\x9f\x1c\x67"
+	     "\xc3\x17\x48\x73\x3b\x6e\xbf\x02\x88\xed\x4d\xa2\x86\x07\x6a\x5d"
+	     "\x16\x55\x3b\x87\x29\x88\xd0\x8d\xe3\x30\x3b\x89\x22\x5c\xa2\xb6"
+	     "\xbb\xcf\xda\xd8\x1f\xe4\x7f\xa5\x50\xb9\x8b\xc2\x61\x73\x86\x61"
+	     "\x92\x44\x1b\xc2\x9d\x34\x72\x81\x30\xca\x22\x83\x78\xe0\xa5\xb5"
+	     "\x39\xba\xa3\x46\x7a\x4c\xd9\x2b\x5e\xaf\x42\xdf\xba\x80\x4a\x83"
+	     "\x9c\x20\xe0\x86\x90\x88\x4e\xbf\x7b\xa6\x44\x3d\x7f\x9c\xbe\xc8"
+	     "\xdf\x74\xe8\x2c\xf7\x4b\xc0\x06\x3f\x9e\x23\x30\xe8\x31\xc6\x07"
+	     "\x5b\xc9\x26\xf1\x1c\xc8\xbe\xe3\xc7\xcb\x4f\x1b\x37\x09\xf0\xcf"
+	     "\x0c\x5e\x1d\xac\x1c\xb8\x91\xcf\x0a\x54\x09\x6c\xa9\x4e\x9f\xa1"
+	     "\x36\xde\x41\xa8\x67\xe4\x4c\x65\xc9\x28\x20\x0f\xbd\x49\x74\x7f"
+	     "\x83\x26\x48\xb1\xe6\xca\x6f\xd8\x88\x27\x94\xdd\xa4\xaa\x03\x43"
+	     "\xc6\x19\xab\x8b\x83\x78\x4f\x2a\x51\x34\x98\xff\x27\x6b\xda\x39"
+	     "\xe4\x2e\xf6\xe9\xe7\xd6\x96\x86\x60\x3b\xc3\x80\xb8\xba\x51\x77"
+	     "\x8a\x79\x07\x62\xb1\xaa\xa9\x58\x96\x54\x84\x04\x9e\xee\x24\x8d"
+	     "\xf1\xac\x34\x03\x43\x8e\xd0\x92\xdc\x4d\xbc\xc7\x15\xdc\x82\xfc"
+	     "\x19\x9b\x7e\x43\xe1\x36\xc5\x6b\xfb\xb8\x9e\xf4\x22\x5e\x29\x6f"
+	     "\x4c\x45\xdd\xfe\xcb\x17\x77\xee\xd3\x6b\x80\x50\x96\xd0\x07\xa3"
+	     "\xb2\xf0\x68\xc7\x40\xeb\x24\x16\x23\xa7\x57\xc4\xbb\x9c\x69\x16"
+	     "\x49\x30\xb8\xd9\x4d\x41\x4e\x22\xc6\x24\x7f\x44\x59\x4e\x3c\x46"
+	     "\x61\x64\x60\xc5\x82\xc2\x60\xc5\x63\xe7\xb3\xe1\xb9\xd1\x71\x65"
+	     "\x32\xaa\x88\xa1\x4e\x98\xdb\x0b\x29\xe8\x5a\xa4\xbc\x61\x20\x62"
+	     "\xbc\xea\xb0\x90\x3c\x2f\x29\xef\x74\x87\x4b\x1b\x36\xf7\x01\xde"
+	     "\x30\xf0\x00\xe3\xd7\x2d\xf6\x52\x09\xe1\xe5\x84\x13\x04\xfe\x1f"
+	     "\x2c\x1c\xeb\xfb\x2c\x40\x7d\x4d\xf5\x9c\x6e\x47\xe9\x2d\xb0\xca"
+	     "\x88\x37\xf4\x8d\xbe\x50\xfb\xec\x5e\xee\x5d\x0f\x1a\x71\x42\xe3"
+	     "\xc0\x9c\x57\xe3\x50\xba\x98\x0d\x79\xfa\x56\xe9\x7a\x09\x03\x75"
+	     "\x21\x0f\x97\x69\xe0\xed\x9d\x10\x8f\x64\xdd\xd5\x10\xdc\x3b\x21"
+	     "\x08\xc2\x7e\x7e\xac\x6e\x7c\x0b\xb9\x71\x65\x3e\xfa\x1c\xf3\x13"
+	     "\xdc\x03\x9c\xf2\xa4\x21\xf1\xfc\x07\xaa\xef\xa0\x55\xd7\x21\xfc"
+	     "\x0c\x17\x6a\x06\x57\x6b\x0e\x8e\x1d\xea\xb2\xc8\x23\xb3\xad\x42"
+	     "\x00\x41\xe2\x9c\x1f\x2e\xa8\x51\x19\x3d\xdb\x24\x73\x4a\x8f\x08"
+	     "\x74\xb5\x6b\x58\x48\x7a\x4e\x7b\xa6\x5c\x4b\x81\xd6\x38\xf9\xe5"
+	     "\x66\xe3\x15\x9a\x74\x49\x68\x8e\x5b\x1e\xdd\x3f\x4f\xc8\xe3\x0c"
+	     "\x73\x32\xf0\x35\x16\x8c\xd9\x84\xc3\x9a\x65\x16\x93\x65\x0f\x47"
+	     "\x15\x97\xc8\xb4\x6a\x7f\x91\x0a\x05\xf2\x08\x36\xf0\x7e\x2c\xcb"
+	     "\x79\xc4\xc4\xcb\x5a\xa0\x25\xc9\xe9\xac\x35\x8f\x56\xf6\x87\x4e"
+	     "\x9b\x4b\x9d\x1a\x38\xb0\x43\x41\x94\x07\x17\x78\xec\xd3\x8c\x89"
+	     "\x58\x09\xef\x07\xe1\xd8\x65\x97\x3e\xce\x61\xad\x51\x0a\x48\x3d"
+	     "\x64\xd5\x6e\xa1\xe5\x86\x06\xb7\x22\xcd\x03\x44\xec\x94\x52\x15"
+	     "\x5d\xf6\x9b\xc6\xb6\x22\x49\x5e\xb1\xdb\x01\x24\xd2\xc2\xac\x13"
+	     "\xdc\xec\xb3\x93\x4c\x88\x3b\x11\x6d\x77\xab\x44\x67\x8c\xca\xa8"
+	     "\x18\x47\xe3\xdc\x58\x13\x45\x43\xb3\x7f\xdf\x3a\xdf\xef\x0e\x4f"
+	     "\xc0\xf3\x95\xb6\x7d\xdf\x97\xd7\x0d\x03\x9d\x14\x76\xd6\xae\x5f"
+	     "\xb4\x13\x7f\x2a\xdb\x00\xa2\xe7\xfd\x33\xa6\x4d\x3f\xc1\x14\x58"
+	     "\x7c\x55\x30\x6a\xae\x71\x0f\x73\xe3\x64\x1f\xc5\x2e\x6f\x82\x82"
+	     "\x62\xd2\x02\xde\xf8\x29\x1e\xd5\x71\x3a\xbe\xcd\x43\xf8\x71\x5e"
+	     "\xa1\xce\x68\xca\xcb\x23\xfa\x83\xba\xc2\x0f\x9b\x6b\x86\x5d\x9f",
+	 STR(iv, iv_size,
+	     "\x12\x34\x56\x78\x90\xab\xce\xf0\x00\x00\x00\x00\x00\x00\x00\x00"),
+	}
+};
+
+const struct cipher_vectors_st aes128_xts_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\xa1\xb9\x0c\xba\x3f\x06\xac\x35\x3b\x2c\x34\x38\x76\x08\x17\x62"
+             "\x09\x09\x23\x02\x6e\x91\x77\x18\x15\xf2\x9d\xab\x01\x93\x2f\x2f"),
+	 STR(plaintext, plaintext_size,
+	     "\xeb\xab\xce\x95\xb1\x4d\x3c\x8d\x6f\xb3\x50\x39\x07\x90\x31\x1c"),
+	 .ciphertext = (uint8_t *)
+	     "\x77\x8a\xe8\xb4\x3c\xb9\x8d\x5a\x82\x50\x81\xd5\xbe\x47\x1c\x63",
+	 STR(iv, iv_size,
+	     "\x4f\xae\xf7\x11\x7c\xda\x59\xc6\x6e\x4b\x92\x01\x3e\x76\x8a\xd5"),
+	 },
+	{
+	 STR(key, key_size,
+	     "\x75\x03\x72\xc3\xd8\x2f\x63\x38\x28\x67\xbe\x66\x62\xac\xfa\x4a"
+             "\x25\x9b\xe3\xfa\x9b\xc6\x62\xa1\x15\x4f\xfa\xae\xd8\xb4\x48\xa5"),
+	 STR(plaintext, plaintext_size,
+	     "\xd8\xe3\xa5\x65\x59\xa4\x36\xce\x0d\x8b\x21\x2c\x80\xa8\x8b\x23"
+             "\xaf\x62\xb0\xe5\x98\xf2\x08\xe0\x3c\x1f\x2e\x9f\xa5\x63\xa5\x4b"),
+	 .ciphertext = (uint8_t *)
+	     "\x49\x5f\x78\x55\x53\x5e\xfd\x13\x34\x64\xdc\x9a\x9a\xbf\x8a\x0f"
+             "\x28\xfa\xcb\xce\x21\xbd\x3c\x22\x17\x8e\xc4\x89\xb7\x99\xe4\x91",
+	 STR(iv, iv_size,
+	     "\x93\xa2\x92\x54\xc4\x7e\x42\x60\x66\x96\x21\x30\x7d\x4f\x5c\xd3"),
+	 },
+};
+
+const struct cipher_vectors_st aes256_xts_vectors[] = {
+	{
+	 STR(key, key_size,
+             "\x1e\xa6\x61\xc5\x8d\x94\x3a\x0e\x48\x01\xe4\x2f\x4b\x09\x47\x14"
+             "\x9e\x7f\x9f\x8e\x3e\x68\xd0\xc7\x50\x52\x10\xbd\x31\x1a\x0e\x7c"
+             "\xd6\xe1\x3f\xfd\xf2\x41\x8d\x8d\x19\x11\xc0\x04\xcd\xa5\x8d\xa3"
+             "\xd6\x19\xb7\xe2\xb9\x14\x1e\x58\x31\x8e\xea\x39\x2c\xf4\x1b\x08"),
+	 STR(plaintext, plaintext_size,
+	     "\x2e\xed\xea\x52\xcd\x82\x15\xe1\xac\xc6\x47\xe8\x10\xbb\xc3\x64"
+             "\x2e\x87\x28\x7f\x8d\x2e\x57\xe3\x6c\x0a\x24\xfb\xc1\x2a\x20\x2e"),
+	 .ciphertext = (uint8_t *)
+	     "\xcb\xaa\xd0\xe2\xf6\xce\xa3\xf5\x0b\x37\xf9\x34\xd4\x6a\x9b\x13"
+             "\x0b\x9d\x54\xf0\x7e\x34\xf3\x6a\xf7\x93\xe8\x6f\x73\xc6\xd7\xdb",
+	 STR(iv, iv_size,
+	     "\xad\xf8\xd9\x26\x27\x46\x4a\xd2\xf0\x42\x8e\x84\xa9\xf8\x75\x64"),
+	 },
+};
+
+const struct cipher_aead_vectors_st aes128_siv_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x7f\x7e\x7d\x7c\x7b\x7a\x79\x78\x77\x76\x75\x74\x73\x72\x71\x70"
+	     "\x40\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"),
+	 STR(auth, auth_size,
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xdd\xee\xff"
+	     "\xde\xad\xda\xda\xde\xad\xda\xda\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x77\x66\x55\x44\x33\x22\x11\x00"),
+	 STR(plaintext, plaintext_size,
+	     "\x74\x68\x69\x73\x20\x69\x73\x20\x73\x6f\x6d\x65\x20\x70\x6c\x61"
+	     "\x69\x6e\x74\x65\x78\x74\x20\x74\x6f\x20\x65\x6e\x63\x72\x79\x70"
+	     "\x74\x20\x75\x73\x69\x6e\x67\x20\x53\x49\x56\x2d\x41\x45\x53"),
+	 .ciphertext = (uint8_t *)
+	     "\xa4\xff\xb8\x7f\xdb\xa9\x7c\x89\x44\xa6\x23\x25\xf1\x33\xb4\xe0"
+	     "\x1c\xa5\x52\x76\xe2\x26\x1c\x1a\x1d\x1d\x42\x48\xd1\xda\x30\xba"
+	     "\x52\xb9\xc8\xd7\x95\x5d\x65\xc8\xd2\xce\x6e\xb7\xe3\x67\xd0",
+	 STR(iv, iv_size,
+	     "\x02\x03\x04"),
+	 .tag_size = 16,
+	 .tag = (void *)
+	     "\xf1\xdb\xa3\x3d\xe5\xb3\x36\x9e\x88\x3f\x67\xb6\xfc\x82\x3c\xee",
+	 .tag_prepended = 1,
+	}
+};
+
+const struct cipher_aead_vectors_st aes256_siv_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\xc2\x7d\xf2\xfd\xae\xc3\x5d\x4a\x2a\x41\x2a\x50\xc3\xe8\xc4\x7d"
+	     "\x2d\x56\x8e\x91\xa3\x8e\x54\x14\x8a\xbd\xc0\xb6\xe8\x6c\xaf\x87"
+	     "\x69\x5c\x0a\x8a\xdf\x4c\x5f\x8e\xb2\xc6\xc8\xb1\x36\x52\x98\x64"
+	     "\xf3\xb8\x4b\x3a\xe8\xe3\x67\x6c\xe7\x60\xc4\x61\xf3\xa1\x3e\x83"),
+	 STR(auth, auth_size,
+	     "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xdd\xee\xff"
+	     "\xde\xad\xda\xda\xde\xad\xda\xda\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	     "\x77\x66\x55\x44\x33\x22\x11\x00"),
+	 STR(plaintext, plaintext_size,
+	     "\x74\x68\x69\x73\x20\x69\x73\x20\x73\x6f\x6d\x65\x20\x70\x6c\x61"
+	     "\x69\x6e\x74\x65\x78\x74\x20\x74\x6f\x20\x65\x6e\x63\x72\x79\x70"
+	     "\x74\x20\x75\x73\x69\x6e\x67\x20\x53\x49\x56\x2d\x41\x45\x53"),
+	 .ciphertext = (uint8_t *)
+	     "\x50\x93\x3d\xa8\x04\x7b\xc3\x06\xfa\xba\xf0\xc3\xd9\xfa\x84\x71"
+	 "\xc7\x0a\x7d\xef\x39\xa2\xf9\x1d\x68\xa2\x02\x1c\x99\xac\x7e\x2a\x24"
+	 "\x53\x5a\x13\x4b\xa2\x3e\xc1\x57\x87\xce\xbe\x5c\x53\xcc",
+	 STR(iv, iv_size,
+	     "\x09\xf9\x11\x02\x9d\x74\xe3\x5b\xd8\x41\x56\xc5\x63\x56\x88\xc0"),
+	 .tag_size = 16,
+	 .tag = (void *)
+	     "\x5a\x97\x9b\x0d\xa5\x8f\xde\x80\x51\x62\x1a\xe6\xbf\x96\xfe\xda",
+	 .tag_prepended = 1,
+	}
+};
+
+const struct cipher_vectors_st chacha20_32_vectors[] = { /* RFC8439 */
+	{
+	 STR(key, key_size,
+	     "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"),
+	 STR(plaintext, plaintext_size,
+	     "\x4c\x61\x64\x69\x65\x73\x20\x61\x6e\x64\x20\x47\x65\x6e\x74\x6c\x65\x6d\x65\x6e\x20\x6f\x66\x20\x74\x68\x65\x20\x63\x6c\x61\x73\x73\x20\x6f\x66\x20\x27\x39\x39\x3a\x20\x49\x66\x20\x49\x20\x63\x6f\x75\x6c\x64\x20\x6f\x66\x66\x65\x72\x20\x79\x6f\x75\x20\x6f\x6e\x6c\x79\x20\x6f\x6e\x65\x20\x74\x69\x70\x20\x66\x6f\x72\x20\x74\x68\x65\x20\x66\x75\x74\x75\x72\x65\x2c\x20\x73\x75\x6e\x73\x63\x72\x65\x65\x6e\x20\x77\x6f\x75\x6c\x64\x20\x62\x65\x20\x69\x74\x2e"),
+	 .ciphertext = (uint8_t *)
+	     "\x6e\x2e\x35\x9a\x25\x68\xf9\x80\x41\xba\x07\x28\xdd\x0d\x69\x81\xe9\x7e\x7a\xec\x1d\x43\x60\xc2\x0a\x27\xaf\xcc\xfd\x9f\xae\x0b\xf9\x1b\x65\xc5\x52\x47\x33\xab\x8f\x59\x3d\xab\xcd\x62\xb3\x57\x16\x39\xd6\x24\xe6\x51\x52\xab\x8f\x53\x0c\x35\x9f\x08\x61\xd8\x07\xca\x0d\xbf\x50\x0d\x6a\x61\x56\xa3\x8e\x08\x8a\x22\xb6\x5e\x52\xbc\x51\x4d\x16\xcc\xf8\x06\x81\x8c\xe9\x1a\xb7\x79\x37\x36\x5a\xf9\x0b\xbf\x74\xa3\x5b\xe6\xb4\x0b\x8e\xed\xf2\x78\x5e\x42\x87\x4d",
+	 STR(iv, iv_size,
+	     "\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x4a\x00\x00\x00\x00")
+	},
+};
+
+static int test_cipher(gnutls_cipher_algorithm_t cipher,
+		       const struct cipher_vectors_st *vectors,
+		       size_t vectors_size, unsigned flags)
+{
+	gnutls_cipher_hd_t hd;
+	int ret;
+	unsigned int i;
+	uint8_t tmp[4096 + 16];
+	gnutls_datum_t key, iv = {NULL, 0};
+
+	for (i = 0; i < vectors_size; i++) {
+		key.data = (void *) vectors[i].key;
+		key.size = vectors[i].key_size;
+
+		if (vectors[i].iv != NULL) {
+			iv.data = (void *) vectors[i].iv;
+			iv.size = gnutls_cipher_get_iv_size(cipher);
+		}
+
+		if (iv.size != vectors[i].iv_size)
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+
+		ret = gnutls_cipher_init(&hd, cipher, &key, &iv);
+		if (ret < 0) {
+			_gnutls_debug_log("error initializing: %s\n",
+					  gnutls_cipher_get_name(cipher));
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		ret =
+		    gnutls_cipher_encrypt2(hd,
+					   vectors[i].plaintext,
+					   vectors[i].plaintext_size,
+					   tmp, sizeof(tmp));
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+
+		if (memcmp
+		    (tmp, vectors[i].ciphertext,
+		     vectors[i].plaintext_size) != 0) {
+			_gnutls_debug_log("%s test vector %d failed!\n",
+					  gnutls_cipher_get_name(cipher),
+					  i);
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		/* check in-place encryption */
+		if (cipher != GNUTLS_CIPHER_ARCFOUR_128) { /* arcfour is stream */
+			if (cipher == GNUTLS_CIPHER_MAGMA_CTR_ACPKM ||
+			    cipher == GNUTLS_CIPHER_KUZNYECHIK_CTR_ACPKM)
+				_gnutls_cipher_set_key(hd, (void*)vectors[i].key, vectors[i].key_size);
+			gnutls_cipher_set_iv(hd, (void*)vectors[i].iv, vectors[i].iv_size);
+
+			memcpy(tmp, vectors[i].plaintext, vectors[i].plaintext_size);
+			ret = gnutls_cipher_encrypt(hd, tmp, vectors[i].plaintext_size);
+			if (ret < 0)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_SELF_TEST_ERROR);
+
+			if (memcmp(tmp, vectors[i].ciphertext, vectors[i].plaintext_size) != 0) {
+				_gnutls_debug_log("%s vector %d in-place encryption failed!\n", gnutls_cipher_get_name(cipher), i);
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+		}
+
+		/* check the internal IV */
+		if (vectors[i].internal_iv_size > 0) {
+			ret = _gnutls_cipher_get_iv(hd, tmp, sizeof(tmp));
+			if (ret < 0)
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+
+			if (memcmp(tmp, vectors[i].internal_iv, ret) != 0) {
+				_gnutls_debug_log("%s vector %d internal IV check failed!\n",
+						  gnutls_cipher_get_name(cipher),
+						  i);
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+		}
+
+		gnutls_cipher_deinit(hd);
+	}
+
+	iv.size = gnutls_cipher_get_iv_size(cipher);
+
+	for (i = 0; i < vectors_size; i++) {
+		key.data = (void *) vectors[i].key;
+		key.size = vectors[i].key_size;
+
+		iv.data = (void *) vectors[i].iv;
+
+		ret = gnutls_cipher_init(&hd, cipher, &key, &iv);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+
+		ret =
+		    gnutls_cipher_decrypt2(hd,
+					   vectors[i].ciphertext,
+					   vectors[i].plaintext_size, tmp,
+					   sizeof(tmp));
+		if (ret < 0) {
+			_gnutls_debug_log
+			    ("%s decryption of test vector %d failed!\n",
+			     gnutls_cipher_get_name(cipher), i);
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (memcmp
+		    (tmp, vectors[i].plaintext,
+		     vectors[i].plaintext_size) != 0) {
+			_gnutls_debug_log("%s test vector %d failed!\n",
+					  gnutls_cipher_get_name(cipher),
+					  i);
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		/* check in-place decryption */
+		if (cipher != GNUTLS_CIPHER_ARCFOUR_128) { /* arcfour is stream */
+			if (cipher == GNUTLS_CIPHER_MAGMA_CTR_ACPKM ||
+			    cipher == GNUTLS_CIPHER_KUZNYECHIK_CTR_ACPKM)
+				_gnutls_cipher_set_key(hd, (void*)vectors[i].key, vectors[i].key_size);
+			gnutls_cipher_set_iv(hd, (void*)vectors[i].iv, vectors[i].iv_size);
+
+			memcpy(tmp, vectors[i].ciphertext, vectors[i].plaintext_size);
+			ret = gnutls_cipher_decrypt(hd, tmp, vectors[i].plaintext_size);
+			if (ret < 0)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_SELF_TEST_ERROR);
+
+			if (memcmp(tmp, vectors[i].plaintext, vectors[i].plaintext_size) != 0) {
+				_gnutls_debug_log("%s vector %d in-place decryption failed!\n", gnutls_cipher_get_name(cipher), i);
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+		}
+
+		gnutls_cipher_deinit(hd);
+	}
+
+	_gnutls_debug_log
+	    ("%s self check succeeded\n",
+	     gnutls_cipher_get_name(cipher));
+
+	return 0;
+}
+
+static int test_cipher_all_block_sizes(gnutls_cipher_algorithm_t cipher,
+				       const struct cipher_vectors_st *vectors,
+				       size_t vectors_size, unsigned flags)
+{
+	gnutls_cipher_hd_t hd;
+	int ret;
+	unsigned int i;
+	uint8_t tmp[384];
+	gnutls_datum_t key, iv = {NULL, 0};
+	size_t block;
+	size_t offset;
+
+	for (i = 0; i < vectors_size; i++) {
+		for (block = 1; block <= vectors[i].plaintext_size; block++) {
+			key.data = (void *) vectors[i].key;
+			key.size = vectors[i].key_size;
+
+			iv.data = (void *) vectors[i].iv;
+			iv.size = gnutls_cipher_get_iv_size(cipher);
+
+			if (iv.size != vectors[i].iv_size)
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+
+			ret = gnutls_cipher_init(&hd, cipher, &key, &iv);
+			if (ret < 0) {
+				_gnutls_debug_log("error initializing: %s\n",
+						  gnutls_cipher_get_name(cipher));
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+
+			for (offset = 0;
+			     offset < vectors[i].plaintext_size;
+			     offset += block) {
+				ret =
+				    gnutls_cipher_encrypt2(hd,
+							   vectors[i].plaintext + offset,
+							   MIN(block, vectors[i].plaintext_size - offset),
+							   tmp + offset,
+							   sizeof(tmp) - offset);
+				if (ret < 0)
+					return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+
+			if (memcmp
+			    (tmp, vectors[i].ciphertext,
+			     vectors[i].plaintext_size) != 0) {
+				_gnutls_debug_log("%s encryption of test vector %d failed with block size %d/%d!\n",
+						  gnutls_cipher_get_name(cipher),
+						  i, (int)block, (int)vectors[i].plaintext_size);
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+
+			gnutls_cipher_deinit(hd);
+		}
+	}
+
+	for (i = 0; i < vectors_size; i++) {
+		for (block = 1; block <= vectors[i].plaintext_size; block++) {
+			key.data = (void *) vectors[i].key;
+			key.size = vectors[i].key_size;
+
+			iv.data = (void *) vectors[i].iv;
+			iv.size = gnutls_cipher_get_iv_size(cipher);
+
+			ret = gnutls_cipher_init(&hd, cipher, &key, &iv);
+			if (ret < 0)
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+
+			for (offset = 0;
+			     offset + block <= vectors[i].plaintext_size;
+			     offset += block) {
+				ret =
+				    gnutls_cipher_decrypt2(hd,
+							   vectors[i].ciphertext + offset,
+							   MIN(block, vectors[i].plaintext_size - offset),
+							   tmp + offset,
+							   sizeof(tmp) - offset);
+				if (ret < 0)
+					return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+
+			if (memcmp
+			    (tmp, vectors[i].plaintext,
+			     vectors[i].plaintext_size) != 0) {
+				_gnutls_debug_log("%s decryption of test vector %d failed with block size %d!\n",
+						  gnutls_cipher_get_name(cipher),
+						  i, (int)block);
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+
+			gnutls_cipher_deinit(hd);
+		}
+	}
+
+	_gnutls_debug_log
+	    ("%s self check succeeded\n",
+	     gnutls_cipher_get_name(cipher));
+
+	return 0;
+}
+
+/* AEAD modes (compat APIs) */
+static int test_cipher_aead_compat(gnutls_cipher_algorithm_t cipher,
+			    const struct cipher_aead_vectors_st *vectors,
+			    size_t vectors_size)
+{
+	gnutls_cipher_hd_t hd;
+	int ret;
+	unsigned int i;
+	uint8_t tmp[384];
+	uint8_t tmp2[384];
+	gnutls_datum_t key, iv;
+	unsigned tag_size;
+
+	_gnutls_debug_log("compat: running tests for: %s\n",
+				  gnutls_cipher_get_name(cipher));
+
+	for (i = 0; i < vectors_size; i++) {
+		memset(tmp, 0, sizeof(tmp));
+		key.data = (void *) vectors[i].key;
+		key.size = vectors[i].key_size;
+
+		iv.data = (void *) vectors[i].iv;
+		iv.size = vectors[i].iv_size;
+		tag_size = vectors[i].tag_size;
+
+
+		if (tag_size > gnutls_cipher_get_tag_size(cipher)) {
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		ret = gnutls_cipher_init(&hd, cipher, &key, &iv);
+		if (ret < 0) {
+			if (vectors[i].compat_apis == 0) {
+				return 0; /* expected */
+			} else {
+				_gnutls_debug_log("compat: error initializing: %s\n",
+					  gnutls_cipher_get_name(cipher));
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+		}
+
+		if (vectors[i].compat_apis == 0) {
+			_gnutls_debug_log("compat: initialized but shouldn't: %s\n",
+				  gnutls_cipher_get_name(cipher));
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (vectors[i].auth_size) {
+			ret = gnutls_cipher_add_auth(hd, vectors[i].auth, vectors[i].auth_size);
+			if (ret < 0)
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		ret = gnutls_cipher_encrypt2(hd, vectors[i].plaintext, vectors[i].plaintext_size,
+					     tmp, sizeof(tmp));
+		if (ret < 0)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_SELF_TEST_ERROR);
+
+		ret = gnutls_cipher_tag(hd, tmp+vectors[i].plaintext_size, tag_size);
+		if (ret < 0)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_SELF_TEST_ERROR);
+
+		if (memcmp(tmp+vectors[i].plaintext_size, vectors[i].tag, tag_size) != 0) {
+			_gnutls_debug_log
+			    ("compat: %s test vector %d failed (tag)!\n",
+			     gnutls_cipher_get_name(cipher), i);
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (vectors[i].plaintext_size > 0) {
+			if (memcmp
+			    (tmp, vectors[i].ciphertext,
+			     vectors[i].plaintext_size) != 0) {
+				_gnutls_debug_log
+				    ("compat: %s test vector %d failed!\n",
+				     gnutls_cipher_get_name(cipher), i);
+
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_SELF_TEST_ERROR);
+			}
+		}
+
+		if (vectors[i].plaintext_size > 0) {
+			/* check inplace encryption */
+			gnutls_cipher_set_iv(hd, (void*)vectors[i].iv, vectors[i].iv_size);
+			memcpy(tmp2, vectors[i].plaintext, vectors[i].plaintext_size);
+
+			ret = gnutls_cipher_encrypt(hd, tmp2, vectors[i].plaintext_size);
+			if (ret < 0)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_SELF_TEST_ERROR);
+
+			if (memcmp(tmp, tmp2, vectors[i].plaintext_size) != 0) {
+				_gnutls_debug_log("compat: %s vector %d in-place encryption failed!\n", gnutls_cipher_get_name(cipher), i);
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+
+			/* check decryption with separate buffers */
+			gnutls_cipher_set_iv(hd, (void*)vectors[i].iv, vectors[i].iv_size);
+
+			if (vectors[i].auth_size) {
+				ret = gnutls_cipher_add_auth(hd, vectors[i].auth, vectors[i].auth_size);
+				if (ret < 0)
+					return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+
+			ret =
+			    gnutls_cipher_decrypt2(hd, tmp, vectors[i].plaintext_size,
+						   tmp2, sizeof(tmp2));
+			if (ret < 0)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_SELF_TEST_ERROR);
+
+			if (memcmp(tmp2, vectors[i].plaintext, vectors[i].plaintext_size) != 0) {
+				_gnutls_debug_log("compat: %s test vector %d failed (decryption)!\n",
+					gnutls_cipher_get_name(cipher), i);
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+
+			/* check in-place decryption */
+			if (vectors[i].plaintext_size > 0) {
+				gnutls_cipher_set_iv(hd, (void*)vectors[i].iv, vectors[i].iv_size);
+
+				if (vectors[i].auth_size) {
+					ret = gnutls_cipher_add_auth(hd, vectors[i].auth, vectors[i].auth_size);
+					if (ret < 0)
+						return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+				}
+
+				memcpy(tmp2, tmp, vectors[i].plaintext_size);
+				ret = gnutls_cipher_decrypt(hd, tmp2, vectors[i].plaintext_size);
+				if (ret < 0)
+					return
+					    gnutls_assert_val
+					    (GNUTLS_E_SELF_TEST_ERROR);
+
+				if (memcmp(tmp2, vectors[i].plaintext, vectors[i].plaintext_size) != 0) {
+					_gnutls_debug_log("compat: %s vector %d in-place decryption failed!\n", gnutls_cipher_get_name(cipher), i);
+					return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+				}
+			}
+		}
+
+		gnutls_cipher_deinit(hd);
+	}
+
+	_gnutls_debug_log
+	    ("%s compat self check succeeded\n",
+	     gnutls_cipher_get_name(cipher));
+
+	return 0;
+
+}
+
+#define IOV_PARTS 8
+/* AEAD modes - scatter read */
+static int test_cipher_aead_scatter(gnutls_cipher_algorithm_t cipher,
+				    const struct cipher_aead_vectors_st *vectors,
+				    size_t vectors_size, unsigned flags)
+{
+	gnutls_aead_cipher_hd_t hd;
+	int ret;
+	unsigned int i, z;
+	uint8_t tmp[384];
+	gnutls_datum_t key, iv;
+	size_t s;
+	unsigned tag_size;
+	giovec_t auth_iov[IOV_PARTS];
+	int auth_iov_len;
+	int iov_len;
+	giovec_t iov[IOV_PARTS];
+	const uint8_t *tag;
+	uint8_t *ciphertext;
+
+	_gnutls_debug_log("running scatter (iovec) tests for: %s\n",
+				  gnutls_cipher_get_name(cipher));
+
+	for (i = 0; i < vectors_size; i++) {
+		memset(tmp, 0, sizeof(tmp));
+		key.data = (void *) vectors[i].key;
+		key.size = vectors[i].key_size;
+
+		iv.data = (void *) vectors[i].iv;
+		iv.size = vectors[i].iv_size;
+		tag_size = vectors[i].tag_size;
+
+		if (tag_size > gnutls_cipher_get_tag_size(cipher)) {
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		ret = gnutls_aead_cipher_init(&hd, cipher, &key);
+		if (ret < 0) {
+			_gnutls_debug_log("error initializing: %s\n",
+					  gnutls_cipher_get_name(cipher));
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		s = sizeof(tmp);
+
+		/* single vector */
+		auth_iov_len = 1;
+		auth_iov[0].iov_base = (void*)vectors[i].auth;
+		auth_iov[0].iov_len = vectors[i].auth_size;
+
+		iov_len = 1;
+		iov[0].iov_base = (void*)vectors[i].plaintext;
+		iov[0].iov_len = vectors[i].plaintext_size;
+
+		ret =
+		    gnutls_aead_cipher_encryptv(hd,
+						iv.data, iv.size,
+						auth_iov, auth_iov_len,
+						vectors[i].tag_size,
+						iov, iov_len,
+						tmp, &s);
+		if (ret < 0)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_SELF_TEST_ERROR);
+
+		if (s != vectors[i].plaintext_size + tag_size) {
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (vectors[i].tag_prepended)
+			tag = tmp;
+		else
+			tag = tmp+vectors[i].plaintext_size;
+
+		if (memcmp(tag, vectors[i].tag, tag_size) != 0) {
+			_gnutls_debug_log
+			    ("%s test vector %d failed (tag)!\n",
+			     gnutls_cipher_get_name(cipher), i);
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (vectors[i].tag_prepended)
+			ciphertext = tmp+vectors[i].tag_size;
+		else
+			ciphertext = tmp;
+
+		if (vectors[i].plaintext_size > 0) {
+			if (memcmp
+			    (ciphertext, vectors[i].ciphertext,
+			     vectors[i].plaintext_size) != 0) {
+				_gnutls_debug_log
+				    ("%s test vector %d failed!\n",
+				     gnutls_cipher_get_name(cipher), i);
+
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_SELF_TEST_ERROR);
+			}
+		}
+
+		/* multi-vector */
+		auth_iov_len = 0;
+		if (vectors[i].auth_size > IOV_PARTS) {
+			unsigned split = vectors[i].auth_size / IOV_PARTS;
+			assert(split>0);
+			for (z=0;z<IOV_PARTS;z++) {
+				auth_iov[z].iov_base = (void*)(vectors[i].auth+(z*split));
+				if (z==IOV_PARTS-1)
+					auth_iov[z].iov_len = vectors[i].auth_size - z*split;
+				else
+					auth_iov[z].iov_len = split;
+				auth_iov_len++;
+			}
+		} else {
+			auth_iov_len = 1;
+			auth_iov[0].iov_base = (void*)vectors[i].auth;
+			auth_iov[0].iov_len = vectors[i].auth_size;
+		}
+
+		iov_len = 0;
+		if (vectors[i].plaintext_size > IOV_PARTS) {
+			unsigned split = vectors[i].plaintext_size / IOV_PARTS;
+			assert(split>0);
+
+			for (z=0;z<IOV_PARTS;z++) {
+				iov[z].iov_base = (void*)(vectors[i].plaintext+(z*split));
+				if (z==IOV_PARTS-1)
+					iov[z].iov_len = vectors[i].plaintext_size - z*split;
+				else
+					iov[z].iov_len = split;
+				iov_len++;
+			}
+		} else {
+			iov_len = 1;
+			iov[0].iov_base = (void*)vectors[i].plaintext;
+			iov[0].iov_len = vectors[i].plaintext_size;
+		}
+
+		s = sizeof(tmp);
+
+		ret =
+		    gnutls_aead_cipher_encryptv(hd,
+						iv.data, iv.size,
+						auth_iov, auth_iov_len,
+						vectors[i].tag_size,
+						iov, iov_len,
+						tmp, &s);
+		if (ret < 0)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_SELF_TEST_ERROR);
+
+		if (s != vectors[i].plaintext_size + tag_size) {
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (vectors[i].tag_prepended)
+			tag = tmp;
+		else
+			tag = tmp+vectors[i].plaintext_size;
+
+		if (memcmp(tag, vectors[i].tag, tag_size) != 0) {
+			_gnutls_debug_log
+			    ("%s test vector %d failed (tag)!\n",
+			     gnutls_cipher_get_name(cipher), i);
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (vectors[i].tag_prepended)
+			ciphertext = tmp+vectors[i].tag_size;
+		else
+			ciphertext = tmp;
+
+		if (vectors[i].plaintext_size > 0) {
+			if (memcmp
+			    (ciphertext, vectors[i].ciphertext,
+			     vectors[i].plaintext_size) != 0) {
+				_gnutls_debug_log
+				    ("%s test vector %d failed!\n",
+				     gnutls_cipher_get_name(cipher), i);
+
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_SELF_TEST_ERROR);
+			}
+		}
+
+
+
+		gnutls_aead_cipher_deinit(hd);
+	}
+
+	_gnutls_debug_log
+	    ("%s scatter self check succeeded\n",
+	     gnutls_cipher_get_name(cipher));
+
+	if (flags & GNUTLS_SELF_TEST_FLAG_NO_COMPAT)
+		return 0;
+	else
+		return test_cipher_aead_compat(cipher, vectors, vectors_size);
+}
+
+/* AEAD modes */
+static int test_cipher_aead(gnutls_cipher_algorithm_t cipher,
+			    const struct cipher_aead_vectors_st *vectors,
+			    size_t vectors_size, unsigned flags)
+{
+	gnutls_aead_cipher_hd_t hd;
+	int ret;
+	unsigned int i;
+	uint8_t tmp[384];
+	uint8_t tmp2[384];
+	gnutls_datum_t key, iv;
+	size_t s, s2;
+	const uint8_t *tag;
+	unsigned tag_size;
+	uint8_t *ciphertext;
+
+	_gnutls_debug_log("running tests for: %s\n",
+				  gnutls_cipher_get_name(cipher));
+
+	for (i = 0; i < vectors_size; i++) {
+		memset(tmp, 0, sizeof(tmp));
+		key.data = (void *) vectors[i].key;
+		key.size = vectors[i].key_size;
+
+		iv.data = (void *) vectors[i].iv;
+		iv.size = vectors[i].iv_size;
+		tag_size = vectors[i].tag_size;
+
+		if (tag_size > gnutls_cipher_get_tag_size(cipher)) {
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+#if 0
+		if (iv.size != vectors[i].iv_size)
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+#endif
+		ret = gnutls_aead_cipher_init(&hd, cipher, &key);
+		if (ret < 0) {
+			_gnutls_debug_log("error initializing: %s\n",
+					  gnutls_cipher_get_name(cipher));
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		s = sizeof(tmp);
+
+		ret =
+		    gnutls_aead_cipher_encrypt(hd,
+					   iv.data, iv.size,
+					   vectors[i].auth, vectors[i].auth_size,
+					   vectors[i].tag_size,
+					   vectors[i].plaintext,
+					   vectors[i].plaintext_size,
+					   tmp, &s);
+		if (ret < 0)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_SELF_TEST_ERROR);
+
+		if (s != vectors[i].plaintext_size + tag_size) {
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (vectors[i].tag_prepended)
+			tag = tmp;
+		else
+			tag = tmp+vectors[i].plaintext_size;
+
+		if (memcmp(tag, vectors[i].tag, tag_size) != 0) {
+			_gnutls_debug_log
+			    ("%s test vector %d failed (tag)!\n",
+			     gnutls_cipher_get_name(cipher), i);
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (vectors[i].tag_prepended)
+			ciphertext = tmp+vectors[i].tag_size;
+		else
+			ciphertext = tmp;
+
+		if (vectors[i].plaintext_size > 0) {
+			if (memcmp
+			    (ciphertext, vectors[i].ciphertext,
+			     vectors[i].plaintext_size) != 0) {
+				_gnutls_debug_log
+				    ("%s test vector %d failed!\n",
+				     gnutls_cipher_get_name(cipher), i);
+
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_SELF_TEST_ERROR);
+			}
+		}
+
+		/* check decryption */
+		{
+			s2 = sizeof(tmp2);
+			ret =
+			    gnutls_aead_cipher_decrypt(hd,
+						   iv.data, iv.size,
+						   vectors[i].auth, vectors[i].auth_size,
+						   vectors[i].tag_size,
+						   tmp, s,
+						   tmp2, &s2);
+			if (ret < 0)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_SELF_TEST_ERROR);
+
+			if (s2 != vectors[i].plaintext_size ||
+			    (vectors[i].plaintext_size > 0 &&
+			     memcmp(tmp2, vectors[i].plaintext, vectors[i].plaintext_size) != 0)) {
+				_gnutls_debug_log("%s test vector %d failed (decryption)!\n",
+					gnutls_cipher_get_name(cipher), i);
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+
+			/* test tag verification */
+			if (s > 0) {
+				(*ciphertext)++;
+
+				s2 = sizeof(tmp2);
+				ret =
+				    gnutls_aead_cipher_decrypt(hd,
+							   iv.data, iv.size,
+							   vectors[i].auth, vectors[i].auth_size,
+							   vectors[i].tag_size,
+							   tmp, s,
+							   tmp2, &s2);
+
+				if (ret >= 0) {
+					_gnutls_debug_log("%s: tag check failed\n", gnutls_cipher_get_name(cipher));
+					return
+					    gnutls_assert_val
+					    (GNUTLS_E_SELF_TEST_ERROR);
+				}
+			}
+		}
+
+		gnutls_aead_cipher_deinit(hd);
+	}
+
+	_gnutls_debug_log
+	    ("%s self check succeeded\n",
+	     gnutls_cipher_get_name(cipher));
+
+	return test_cipher_aead_scatter(cipher, vectors, vectors_size, flags);
+}
+
+
+
+struct hash_vectors_st {
+	const uint8_t *plaintext;
+	unsigned int plaintext_size;
+	const uint8_t *output;
+	unsigned int output_size;
+};
+
+const struct hash_vectors_st md5_vectors[] = {
+	{
+	 STR(plaintext, plaintext_size, "abcdefghijklmnopqrstuvwxyz"),
+	 STR(output, output_size,
+	     "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1\x3b"),
+	 },
+};
+
+const struct hash_vectors_st sha1_vectors[] = {
+	{
+	 STR(plaintext, plaintext_size, "what do ya want for nothing?"),
+	 STR(output, output_size,
+	     "\x8f\x82\x03\x94\xf9\x53\x35\x18\x20\x45\xda\x24\xf3\x4d\xe5\x2b\xf8\xbc\x34\x32"),
+	 },
+	{
+	 STR(plaintext, plaintext_size,
+	     "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"),
+	 STR(output, output_size,
+	     "\xbe\xae\xd1\x6d\x65\x8e\xc7\x92\x9e\xdf\xd6\x2b\xfa\xfe\xac\x29\x9f\x0d\x74\x4d"),
+	 },
+};
+
+const struct hash_vectors_st sha224_vectors[] = {
+	{
+	 STR(plaintext, plaintext_size,
+	     "The quick brown fox jumps over the lazy dog"),
+	 STR(output, output_size,
+	     "\x73\x0e\x10\x9b\xd7\xa8\xa3\x2b\x1c\xb9\xd9\xa0\x9a\xa2\x32\x5d\x24\x30\x58\x7d\xdb\xc0\xc3\x8b\xad\x91\x15\x25"),
+	 },
+};
+
+const struct hash_vectors_st sha256_vectors[] = {
+	{
+	 STR(plaintext, plaintext_size,
+	     "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"),
+	 STR(output, output_size,
+	     "\x24\x8d\x6a\x61\xd2\x06\x38\xb8\xe5\xc0\x26\x93\x0c\x3e\x60\x39\xa3\x3c\xe4\x59\x64\xff\x21\x67\xf6\xec\xed\xd4\x19\xdb\x06\xc1"),
+	 },
+	{
+	 STR(plaintext, plaintext_size,
+	     "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"),
+	 STR(output, output_size,
+	     "\x50\xea\x82\x5d\x96\x84\xf4\x22\x9c\xa2\x9f\x1f\xec\x51\x15\x93\xe2\x81\xe4\x6a\x14\x0d\x81\xe0\x00\x5f\x8f\x68\x86\x69\xa0\x6c"),
+	 },
+};
+
+const struct hash_vectors_st sha384_vectors[] = {
+	{
+	 STR(plaintext, plaintext_size,
+	     "The quick brown fox jumps over the lazy dog"),
+	 STR(output, output_size,
+	     "\xca\x73\x7f\x10\x14\xa4\x8f\x4c\x0b\x6d\xd4\x3c\xb1\x77\xb0\xaf\xd9\xe5\x16\x93\x67\x54\x4c\x49\x40\x11\xe3\x31\x7d\xbf\x9a\x50\x9c\xb1\xe5\xdc\x1e\x85\xa9\x41\xbb\xee\x3d\x7f\x2a\xfb\xc9\xb1"),
+	 },
+};
+
+const struct hash_vectors_st sha512_vectors[] = {
+	{
+	 STR(plaintext, plaintext_size,
+	     "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"),
+	 STR(output, output_size,
+	     "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b\x87\x4b\xe9\x09"),
+	 },
+};
+
+const struct hash_vectors_st sha3_224_vectors[] = {
+	{
+	 STR(plaintext, plaintext_size,
+	     "\xC1\xEC\xFD\xFC"),
+	 STR(output, output_size,
+	     "\xA3\x3C\x58\xDF\x8A\x80\x26\xF0\xF9\x59\x19\x66\xBD\x6D\x00\xEE\xD3\xB1\xE8\x29\x58\x0A\xB9\xBE\x26\x8C\xAF\x39"),
+	 },
+};
+
+const struct hash_vectors_st sha3_256_vectors[] = {
+	{
+	 STR(plaintext, plaintext_size,
+	     "\xC1\xEC\xFD\xFC"),
+	 STR(output, output_size,
+	     "\xC5\x85\x9B\xE8\x25\x60\xCC\x87\x89\x13\x3F\x7C\x83\x4A\x6E\xE6\x28\xE3\x51\xE5\x04\xE6\x01\xE8\x05\x9A\x06\x67\xFF\x62\xC1\x24"),
+	 }
+};
+
+const struct hash_vectors_st sha3_384_vectors[] = {
+	{
+	 STR(plaintext, plaintext_size,
+	     "\x4A\x4F\x20\x24\x84\x51\x25\x26"),
+	 STR(output, output_size,
+	     "\x89\xDB\xF4\xC3\x9B\x8F\xB4\x6F\xDF\x0A\x69\x26\xCE\xC0\x35\x5A\x4B\xDB\xF9\xC6\xA4\x46\xE1\x40\xB7\xC8\xBD\x08\xFF\x6F\x48\x9F\x20\x5D\xAF\x8E\xFF\xE1\x60\xF4\x37\xF6\x74\x91\xEF\x89\x7C\x23"),
+	 },
+};
+
+const struct hash_vectors_st sha3_512_vectors[] = {
+	{
+	 STR(plaintext, plaintext_size,
+	     "\x82\xE1\x92\xE4\x04\x3D\xDC\xD1\x2E\xCF\x52\x96\x9D\x0F\x80\x7E\xED"),
+	 STR(output, output_size,
+	     "\x96\x44\xE3\xC9\x0B\x67\xE2\x21\x24\xE9\x6D\xFE\xDC\xE5\x3D\x33\xC4\x60\xF1\x32\x86\x8F\x09\x75\xD1\x8B\x22\xCF\xD5\x9F\x63\x7D\xD8\x5A\xA4\x05\xE3\x98\x08\xA4\x55\x70\xA4\x98\xC0\xB8\xF2\xCB\xA5\x9F\x8E\x14\x37\xEA\xEF\x89\xF2\x0B\x88\x29\x8A\xDF\xA2\xDE"),
+	 },
+};
+
+const struct hash_vectors_st gostr_94_vectors[] = {
+	{
+	 STR(plaintext, plaintext_size,
+	     "The quick brown fox jumps over the lazy dog"),
+	 STR(output, output_size,
+	     "\x90\x04\x29\x4a\x36\x1a\x50\x8c\x58\x6f\xe5\x3d\x1f\x1b\x02\x74\x67\x65\xe7\x1b\x76\x54\x72\x78\x6e\x47\x70\xd5\x65\x83\x0a\x76"),
+	},
+};
+
+/* GOST R 34.11-2012 */
+const struct hash_vectors_st streebog_512_vectors[] = {
+	{
+            STR(plaintext, plaintext_size,
+		"\xd1\xe5\x20\xe2\xe5\xf2\xf0\xe8\x2c\x20\xd1\xf2\xf0\xe8\xe1\xee"
+		"\xe6\xe8\x20\xe2\xed\xf3\xf6\xe8\x2c\x20\xe2\xe5\xfe\xf2\xfa\x20"
+		"\xf1\x20\xec\xee\xf0\xff\x20\xf1\xf2\xf0\xe5\xeb\xe0\xec\xe8\x20"
+		"\xed\xe0\x20\xf5\xf0\xe0\xe1\xf0\xfb\xff\x20\xef\xeb\xfa\xea\xfb"
+		"\x20\xc8\xe3\xee\xf0\xe5\xe2\xfb"),
+            STR(output, output_size,
+		"\x1e\x88\xe6\x22\x26\xbf\xca\x6f\x99\x94\xf1\xf2\xd5\x15\x69\xe0"
+		"\xda\xf8\x47\x5a\x3b\x0f\xe6\x1a\x53\x00\xee\xe4\x6d\x96\x13\x76"
+		"\x03\x5f\xe8\x35\x49\xad\xa2\xb8\x62\x0f\xcd\x7c\x49\x6c\xe5\xb3"
+		"\x3f\x0c\xb9\xdd\xdc\x2b\x64\x60\x14\x3b\x03\xda\xba\xc9\xfb\x28"),
+	},
+	{
+            STR(plaintext, plaintext_size,
+		"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
+		"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
+		"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
+		"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
+		"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
+		"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
+		"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
+		"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"),
+            STR(output, output_size,
+		"\x90\xa1\x61\xd1\x2a\xd3\x09\x49\x8d\x3f\xe5\xd4\x82\x02\xd8\xa4"
+		"\xe9\xc4\x06\xd6\xa2\x64\xae\xab\x25\x8a\xc5\xec\xc3\x7a\x79\x62"
+		"\xaa\xf9\x58\x7a\x5a\xbb\x09\xb6\xbb\x81\xec\x4b\x37\x52\xa3\xff"
+		"\x5a\x83\x8e\xf1\x75\xbe\x57\x72\x05\x6b\xc5\xfe\x54\xfc\xfc\x7e"),
+	},
+};
+
+/* GOST R 34.11-2012 */
+const struct hash_vectors_st streebog_256_vectors[] = {
+	{
+            STR(plaintext, plaintext_size,
+		"\xd1\xe5\x20\xe2\xe5\xf2\xf0\xe8\x2c\x20\xd1\xf2\xf0\xe8\xe1\xee"
+		"\xe6\xe8\x20\xe2\xed\xf3\xf6\xe8\x2c\x20\xe2\xe5\xfe\xf2\xfa\x20"
+		"\xf1\x20\xec\xee\xf0\xff\x20\xf1\xf2\xf0\xe5\xeb\xe0\xec\xe8\x20"
+		"\xed\xe0\x20\xf5\xf0\xe0\xe1\xf0\xfb\xff\x20\xef\xeb\xfa\xea\xfb"
+		"\x20\xc8\xe3\xee\xf0\xe5\xe2\xfb"),
+            STR(output, output_size,
+		"\x9d\xd2\xfe\x4e\x90\x40\x9e\x5d\xa8\x7f\x53\x97\x6d\x74\x05\xb0"
+		"\xc0\xca\xc6\x28\xfc\x66\x9a\x74\x1d\x50\x06\x3c\x55\x7e\x8f\x50"),
+	},
+};
+
+#define HASH_DATA_SIZE 64
+
+/* SHA1 and other hashes */
+static int test_digest(gnutls_digest_algorithm_t dig,
+		       const struct hash_vectors_st *vectors,
+		       size_t vectors_size, unsigned flags)
+{
+	uint8_t data[HASH_DATA_SIZE];
+	unsigned int i;
+	int ret;
+	size_t data_size;
+	gnutls_hash_hd_t hd;
+	gnutls_hash_hd_t copy;
+
+	if (_gnutls_digest_exists(dig) == 0)
+		return 0;
+
+	for (i = 0; i < vectors_size; i++) {
+		ret = gnutls_hash_init(&hd, dig);
+		if (ret < 0) {
+			_gnutls_debug_log("error initializing: %s\n",
+					  gnutls_digest_get_name(dig));
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		ret = gnutls_hash(hd, vectors[i].plaintext, 1);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+
+		copy = gnutls_hash_copy(hd);
+		if (!copy) {
+			_gnutls_debug_log("copy is not supported for: %s\n",
+					  gnutls_digest_get_name(dig));
+		}
+
+		ret = gnutls_hash(hd,
+				  &vectors[i].plaintext[1],
+				  vectors[i].plaintext_size - 1);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+
+		gnutls_hash_deinit(hd, data);
+
+		data_size = gnutls_hash_get_len(dig);
+		if (data_size <= 0)
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+
+		if (data_size != vectors[i].output_size ||
+		    memcmp(data, vectors[i].output,
+			   vectors[i].output_size) != 0) {
+			_gnutls_debug_log("%s test vector %d failed!\n",
+					  gnutls_digest_get_name(dig), i);
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (copy != NULL) {
+			ret = gnutls_hash(copy,
+					  &vectors[i].plaintext[1],
+					  vectors[i].plaintext_size - 1);
+			if (ret < 0)
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+
+			memset(data, 0xaa, data_size);
+			gnutls_hash_deinit(copy, data);
+
+			if (memcmp(data, vectors[i].output,
+			    vectors[i].output_size) != 0) {
+				_gnutls_debug_log("%s copy test vector %d failed!\n",
+						  gnutls_digest_get_name(dig), i);
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+		}
+	}
+
+	_gnutls_debug_log("%s self check succeeded\n",
+			  gnutls_digest_get_name(dig));
+
+	return 0;
+}
+
+
+struct mac_vectors_st {
+	const uint8_t *key;
+	unsigned int key_size;
+	const uint8_t *nonce;
+	unsigned int nonce_size;
+	const uint8_t *plaintext;
+	unsigned int plaintext_size;
+	const uint8_t *output;
+	unsigned int output_size;
+};
+
+const struct mac_vectors_st hmac_md5_vectors[] = {
+	{
+	 STR(key, key_size, "Jefe"),
+	 STR(plaintext, plaintext_size, "what do ya want for nothing?"),
+	 STR(output, output_size,
+	     "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7\x38"),
+	 },
+};
+
+const struct mac_vectors_st hmac_sha1_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"),
+	 STR(plaintext, plaintext_size, "Hi There"),
+	 STR(output, output_size,
+	     "\x67\x5b\x0b\x3a\x1b\x4d\xdf\x4e\x12\x48\x72\xda\x6c\x2f\x63\x2b\xfe\xd9\x57\xe9"),
+	 },
+};
+
+	    /* from rfc4231 */
+const struct mac_vectors_st hmac_sha224_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"),
+	 STR(plaintext, plaintext_size, "Hi There"),
+	 STR(output, output_size,
+	     "\x89\x6f\xb1\x12\x8a\xbb\xdf\x19\x68\x32\x10\x7c\xd4\x9d\xf3\x3f\x47\xb4\xb1\x16\x99\x12\xba\x4f\x53\x68\x4b\x22"),
+	 },
+};
+
+const struct mac_vectors_st hmac_sha256_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"),
+	 STR(plaintext, plaintext_size, "Hi There"),
+	 STR(output, output_size,
+	     "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32\xcf\xf7"),
+	 },
+};
+
+const struct mac_vectors_st hmac_sha384_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"),
+	 STR(plaintext, plaintext_size, "Hi There"),
+	 STR(output, output_size,
+	     "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2\xfa\x9c\xb6"),
+	 },
+};
+
+const struct mac_vectors_st hmac_sha512_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"),
+	 STR(plaintext, plaintext_size, "Hi There"),
+	 STR(output, output_size,
+	     "\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20\x3a\x12\x68\x54"),
+	 },
+};
+
+/* Calculated */
+const struct mac_vectors_st hmac_gostr_94_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+	     "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"),
+	 STR(plaintext, plaintext_size,
+	     "\x01\x26\xbd\xb8\x78\x00\xaf\x21\x43\x41\x45\x65\x63\x78\x01\x00"),
+	 STR(output, output_size,
+	     "\xba\xd7\x0b\x61\xc4\x10\x95\xbc\x47\xe1\x14\x1c\xfa\xed\x42\x72"
+	     "\x6a\x5c\xee\xbd\x62\xce\x75\xdb\xbb\x9a\xd7\x6c\xda\x9f\x72\xf7"),
+	},
+};
+
+/* RFC 7836 */
+const struct mac_vectors_st hmac_streebog_512_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+	     "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"),
+	 STR(plaintext, plaintext_size,
+	     "\x01\x26\xbd\xb8\x78\x00\xaf\x21\x43\x41\x45\x65\x63\x78\x01\x00"),
+	 STR(output, output_size,
+	     "\xa5\x9b\xab\x22\xec\xae\x19\xc6\x5f\xbd\xe6\xe5\xf4\xe9\xf5\xd8"
+	     "\x54\x9d\x31\xf0\x37\xf9\xdf\x9b\x90\x55\x00\xe1\x71\x92\x3a\x77"
+	     "\x3d\x5f\x15\x30\xf2\xed\x7e\x96\x4c\xb2\xee\xdc\x29\xe9\xad\x2f"
+	     "\x3a\xfe\x93\xb2\x81\x4f\x79\xf5\x00\x0f\xfc\x03\x66\xc2\x51\xe6"),
+	},
+};
+
+/* RFC 7836 */
+const struct mac_vectors_st hmac_streebog_256_vectors[] = {
+	{
+	 STR(key, key_size,
+	     "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+	     "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"),
+	 STR(plaintext, plaintext_size,
+	     "\x01\x26\xbd\xb8\x78\x00\xaf\x21\x43\x41\x45\x65\x63\x78\x01\x00"),
+	 STR(output, output_size,
+	     "\xa1\xaa\x5f\x7d\xe4\x02\xd7\xb3\xd3\x23\xf2\x99\x1c\x8d\x45\x34"
+	     "\x01\x31\x37\x01\x0a\x83\x75\x4f\xd0\xaf\x6d\x7c\xd4\x92\x2e\xd9"),
+	},
+};
+
+const struct mac_vectors_st aes_cmac_128_vectors[] = { /* NIST SP800-38A */
+	{
+	 STR(key, key_size,
+	     "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c"),
+	 STR(plaintext, plaintext_size,
+             "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"),
+	 STR(output, output_size,
+	     "\x07\x0a\x16\xb4\x6b\x4d\x41\x44\xf7\x9b\xdd\x9d\xd0\x4a\x28\x7c"),
+	 },
+};
+
+const struct mac_vectors_st aes_cmac_256_vectors[] = { /* NIST SP800-38A */
+	{
+	 STR(key, key_size,
+	     "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81"
+             "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4"),
+	 STR(plaintext, plaintext_size,
+             "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a"),
+	 STR(output, output_size,
+	     "\x28\xa7\x02\x3f\x45\x2e\x8f\x82\xbd\x4b\xf2\x8d\x8c\x37\xc3\x5c"),
+	 },
+};
+
+const struct mac_vectors_st aes_gmac_128_vectors[] = { /* NIST test vectors */
+	{
+	 STR(key, key_size,
+	     "\x23\x70\xe3\x20\xd4\x34\x42\x08\xe0\xff\x56\x83\xf2\x43\xb2\x13"),
+	 STR(nonce, nonce_size,
+	     "\x04\xdb\xb8\x2f\x04\x4d\x30\x83\x1c\x44\x12\x28"),
+	 STR(plaintext, plaintext_size,
+	     "\xd4\x3a\x8e\x50\x89\xee\xa0\xd0\x26\xc0\x3a\x85\x17\x8b\x27\xda"),
+	 STR(output, output_size,
+	     "\x2a\x04\x9c\x04\x9d\x25\xaa\x95\x96\x9b\x45\x1d\x93\xc3\x1c\x6e"),
+	},
+};
+
+const struct mac_vectors_st aes_gmac_192_vectors[] = { /* NIST test vectors */
+	{
+	 STR(key, key_size,
+	     "\xaa\x92\x1c\xb5\xa2\x43\xab\x08\x91\x1f\x32\x89\x26\x6b\x39\xda"
+	     "\xb1\x33\xf5\xc4\x20\xa6\xc5\xcd"),
+	 STR(nonce, nonce_size,
+	     "\x8f\x73\xdb\x68\xda\xee\xed\x2d\x15\x5f\xb1\xa0"),
+	 STR(plaintext, plaintext_size,
+	     "\x48\x74\x43\xc7\xc1\x4c\xe4\x74\xcb\x3d\x29\x1f\x25\x70\x70\xa2"),
+	 STR(output, output_size,
+	     "\xb1\x26\x74\xfb\xea\xc6\x88\x9a\x24\x94\x8f\x27\x92\xe3\x0a\x50"),
+	},
+};
+
+const struct mac_vectors_st aes_gmac_256_vectors[] = { /* NIST test vectors */
+	{
+	 STR(key, key_size,
+	     "\x6d\xfd\xaf\xd6\x70\x3c\x28\x5c\x01\xf1\x4f\xd1\x0a\x60\x12\x86"
+	     "\x2b\x2a\xf9\x50\xd4\x73\x3a\xbb\x40\x3b\x2e\x74\x5b\x26\x94\x5d"),
+	 STR(nonce, nonce_size,
+	     "\x37\x49\xd0\xb3\xd5\xba\xcb\x71\xbe\x06\xad\xe6"),
+	 STR(plaintext, plaintext_size,
+	     "\xc0\xd2\x49\x87\x19\x92\xe7\x03\x02\xae\x00\x81\x93\xd1\xe8\x9f"),
+	 STR(output, output_size,
+	     "\x4a\xa4\xcc\x69\xf8\x4e\xe6\xac\x16\xd9\xbf\xb4\xe0\x5d\xe5\x00"),
+	},
+};
+
+const struct mac_vectors_st gost28147_tc26z_imit_vectors[] = {
+	{
+		STR(key, key_size,
+		    "\x9d\x05\xb7\x9e\x90\xca\xd0\x0a\x2c\xda\xd2\x2e\xf4\xe8\x6f\x5c"
+		    "\xf5\xdc\x37\x68\x19\x85\xb3\xbf\xaa\x18\xc1\xc3\x05\x0a\x91\xa2"),
+		STR(plaintext, plaintext_size,
+		    "\xb5\xa1\xf0\xe3\xce\x2f\x02\x1d\x67\x61\x94\x34\x5c\x41\xe3\x6e"),
+		STR(output, output_size,
+		    "\x03\xe5\x67\x66"),
+	},
+};
+
+/* GOST R 34.13-2015 */
+const struct mac_vectors_st magma_omac_vectors[] = {
+	{
+        STR(key, key_size,
+	    "\xff\xee\xdd\xcc\xbb\xaa\x99\x88\x77\x66\x55\x44\x33\x22\x11\x00"
+	    "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"),
+        STR(plaintext, plaintext_size,
+	    "\x92\xde\xf0\x6b\x3c\x13\x0a\x59"
+	    "\xdb\x54\xc7\x04\xf8\x18\x9d\x20"
+	    "\x4a\x98\xfb\x2e\x67\xa8\x02\x4c"
+	    "\x89\x12\x40\x9b\x17\xb5\x7e\x41"),
+	STR(output, output_size,
+	    "\x15\x4e\x72\x10\x20\x30\xc5\xbb"),
+	},
+};
+
+/* GOST R 34.13-2015 */
+const struct mac_vectors_st kuznyechik_omac_vectors[] = {
+	{
+        STR(key, key_size,
+	    "\x88\x99\xaa\xbb\xcc\xdd\xee\xff\x00\x11\x22\x33\x44\x55\x66\x77"
+	    "\xfe\xdc\xba\x98\x76\x54\x32\x10\x01\x23\x45\x67\x89\xab\xcd\xef"),
+        STR(plaintext, plaintext_size,
+	    "\x11\x22\x33\x44\x55\x66\x77\x00\xff\xee\xdd\xcc\xbb\xaa\x99\x88"
+	    "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a"
+	    "\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00"
+	    "\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xee\xff\x0a\x00\x11"),
+	STR(output, output_size,
+	    "\x33\x6f\x4d\x29\x60\x59\xfb\xe3\x4d\xde\xb3\x5b\x37\x74\x9c\x67"),
+	},
+};
+
+static int test_mac(gnutls_mac_algorithm_t mac,
+		    const struct mac_vectors_st *vectors,
+		    size_t vectors_size, unsigned flags)
+{
+	uint8_t data[HASH_DATA_SIZE];
+	unsigned int i;
+	int ret;
+	size_t data_size;
+	gnutls_hmac_hd_t hd;
+	gnutls_hmac_hd_t copy;
+
+	for (i = 0; i < vectors_size; i++) {
+		ret = gnutls_hmac_init(&hd,
+				       mac, vectors[i].key,
+				       vectors[i].key_size);
+
+		if (ret < 0) {
+			_gnutls_debug_log("error initializing: MAC-%s\n",
+					  gnutls_mac_get_name(mac));
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (vectors[i].nonce_size)
+			gnutls_hmac_set_nonce(hd,
+					      vectors[i].nonce,
+					      vectors[i].nonce_size);
+
+		ret = gnutls_hmac(hd, vectors[i].plaintext, 1);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+
+		copy = gnutls_hmac_copy(hd);
+		if (!copy) {
+			_gnutls_debug_log("copy is not supported for: %s\n",
+					  gnutls_mac_get_name(mac));
+		}
+
+		ret = gnutls_hmac(hd,
+				  &vectors[i].plaintext[1],
+				  vectors[i].plaintext_size - 1);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+
+		gnutls_hmac_deinit(hd, data);
+
+		data_size = gnutls_hmac_get_len(mac);
+		if (data_size <= 0)
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+
+		if (data_size != vectors[i].output_size ||
+		    memcmp(data, vectors[i].output,
+			   vectors[i].output_size) != 0) {
+
+			_gnutls_debug_log
+			    ("MAC-%s test vector %d failed!\n",
+			     gnutls_mac_get_name(mac), i);
+
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (copy != NULL) {
+			ret = gnutls_hmac(copy,
+					  &vectors[i].plaintext[1],
+					  vectors[i].plaintext_size - 1);
+			if (ret < 0)
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+
+			memset(data, 0xaa, data_size);
+			gnutls_hmac_deinit(copy, data);
+
+			if (memcmp(data, vectors[i].output,
+			    vectors[i].output_size) != 0) {
+				_gnutls_debug_log
+					("MAC-%s copy test vector %d failed!\n",
+					 gnutls_mac_get_name(mac), i);
+				return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+			}
+		}
+	}
+
+	_gnutls_debug_log
+	    ("MAC-%s self check succeeded\n",
+	     gnutls_mac_get_name(mac));
+
+	return 0;
+}
+
+#define CASE(x, func, vectors) case x: \
+			ret = func(x, V(vectors), flags); \
+			if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL) || ret < 0) \
+				return ret
+
+#define CASE2(x, func, func2, vectors) case x:	  \
+			ret = func(x, V(vectors), flags); \
+			if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL) || ret < 0) \
+				return ret; \
+			ret = func2(x, V(vectors), flags); \
+			if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL) || ret < 0) \
+				return ret
+
+#define NON_FIPS_CASE(x, func, vectors) case x: \
+			if (_gnutls_fips_mode_enabled() == 0) { \
+				ret = func(x, V(vectors), flags); \
+				if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL) || ret < 0) \
+					return ret; \
+			}
+
+/*-
+ * gnutls_cipher_self_test:
+ * @flags: GNUTLS_SELF_TEST_FLAG flags
+ * @cipher: the encryption algorithm to use
+ *
+ * This function will run self tests on the provided cipher or all
+ * available ciphers if @flags is %GNUTLS_SELF_TEST_FLAG_ALL.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.3.0-FIPS140
+ -*/
+int gnutls_cipher_self_test(unsigned flags, gnutls_cipher_algorithm_t cipher)
+{
+	int ret;
+
+	if (flags & GNUTLS_SELF_TEST_FLAG_ALL)
+		cipher = GNUTLS_CIPHER_UNKNOWN;
+
+	switch (cipher) {
+	case GNUTLS_CIPHER_UNKNOWN:
+		CASE(GNUTLS_CIPHER_AES_128_CCM, test_cipher_aead,
+		     aes128_ccm_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_CIPHER_AES_256_CCM, test_cipher_aead,
+		     aes256_ccm_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_CIPHER_AES_128_CBC, test_cipher,
+		     aes128_cbc_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_CIPHER_AES_192_CBC, test_cipher,
+		     aes192_cbc_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_CIPHER_AES_256_CBC, test_cipher,
+		     aes256_cbc_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_CIPHER_3DES_CBC, test_cipher,
+		     tdes_cbc_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_CIPHER_ARCFOUR_128, test_cipher,
+		     arcfour_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_CIPHER_AES_128_GCM, test_cipher_aead,
+		     aes128_gcm_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_CIPHER_AES_192_GCM, test_cipher_aead,
+		     aes192_gcm_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_CIPHER_AES_256_GCM, test_cipher_aead,
+		     aes256_gcm_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_CIPHER_CHACHA20_POLY1305, test_cipher_aead,
+		     chacha_poly1305_vectors);
+		FALLTHROUGH;
+		CASE2(GNUTLS_CIPHER_AES_128_CFB8, test_cipher,
+		      test_cipher_all_block_sizes,
+		      aes128_cfb8_vectors);
+		FALLTHROUGH;
+		CASE2(GNUTLS_CIPHER_AES_192_CFB8, test_cipher,
+		      test_cipher_all_block_sizes,
+		      aes192_cfb8_vectors);
+		FALLTHROUGH;
+		CASE2(GNUTLS_CIPHER_AES_256_CFB8, test_cipher,
+		      test_cipher_all_block_sizes,
+		      aes256_cfb8_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_CIPHER_AES_128_XTS, test_cipher,
+		     aes128_xts_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_CIPHER_AES_256_XTS, test_cipher,
+		     aes256_xts_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_CIPHER_AES_128_SIV, test_cipher_aead,
+		     aes128_siv_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_CIPHER_AES_256_SIV, test_cipher_aead,
+		     aes256_siv_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_CIPHER_CHACHA20_32, test_cipher,
+		     chacha20_32_vectors);
+		FALLTHROUGH;
+		/* The same test vector for _32 variant should work */
+		NON_FIPS_CASE(GNUTLS_CIPHER_CHACHA20_64, test_cipher,
+		     chacha20_32_vectors);
+#if ENABLE_GOST
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_CIPHER_GOST28147_CPA_CFB, test_cipher,
+			      gost28147_cpa_cfb_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_CIPHER_GOST28147_CPB_CFB, test_cipher,
+			      gost28147_cpb_cfb_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_CIPHER_GOST28147_CPC_CFB, test_cipher,
+			      gost28147_cpc_cfb_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_CIPHER_GOST28147_CPD_CFB, test_cipher,
+			      gost28147_cpd_cfb_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_CIPHER_GOST28147_TC26Z_CFB, test_cipher,
+			      gost28147_tc26z_cfb_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_CIPHER_GOST28147_TC26Z_CNT, test_cipher,
+			      gost28147_tc26z_cnt_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_CIPHER_MAGMA_CTR_ACPKM, test_cipher,
+			      magma_ctr_acpkm_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_CIPHER_KUZNYECHIK_CTR_ACPKM, test_cipher,
+			      kuznyechik_ctr_acpkm_vectors);
+#endif
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_NO_SELF_TEST);
+	}
+
+	return 0;
+}
+
+/*-
+ * gnutls_mac_self_test:
+ * @flags: GNUTLS_SELF_TEST_FLAG flags
+ * @mac: the message authentication algorithm to use
+ *
+ * This function will run self tests on the provided mac.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.3.0-FIPS140
+ -*/
+int gnutls_mac_self_test(unsigned flags, gnutls_mac_algorithm_t mac)
+{
+	int ret;
+
+	if (flags & GNUTLS_SELF_TEST_FLAG_ALL)
+		mac = GNUTLS_MAC_UNKNOWN;
+
+	switch (mac) {
+	case GNUTLS_MAC_UNKNOWN:
+		NON_FIPS_CASE(GNUTLS_MAC_MD5, test_mac, hmac_md5_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_MAC_SHA1, test_mac, hmac_sha1_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_MAC_SHA224, test_mac, hmac_sha224_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_MAC_SHA256, test_mac, hmac_sha256_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_MAC_SHA384, test_mac, hmac_sha384_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_MAC_SHA512, test_mac, hmac_sha512_vectors);
+#if ENABLE_GOST
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_MAC_GOSTR_94, test_mac, hmac_gostr_94_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_MAC_STREEBOG_512, test_mac, hmac_streebog_512_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_MAC_STREEBOG_256, test_mac, hmac_streebog_256_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_MAC_GOST28147_TC26Z_IMIT, test_mac, gost28147_tc26z_imit_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_MAC_MAGMA_OMAC, test_mac, magma_omac_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_MAC_KUZNYECHIK_OMAC, test_mac, kuznyechik_omac_vectors);
+#endif
+		FALLTHROUGH;
+		CASE(GNUTLS_MAC_AES_CMAC_128, test_mac, aes_cmac_128_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_MAC_AES_CMAC_256, test_mac, aes_cmac_256_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_MAC_AES_GMAC_128, test_mac, aes_gmac_128_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_MAC_AES_GMAC_192, test_mac, aes_gmac_192_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_MAC_AES_GMAC_256, test_mac, aes_gmac_256_vectors);
+
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_NO_SELF_TEST);
+	}
+
+	return 0;
+}
+
+/*-
+ * gnutls_digest_self_test:
+ * @flags: GNUTLS_SELF_TEST_FLAG flags
+ * @digest: the digest algorithm to use
+ *
+ * This function will run self tests on the provided digest.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.3.0-FIPS140
+ -*/
+int gnutls_digest_self_test(unsigned flags, gnutls_digest_algorithm_t digest)
+{
+	int ret;
+
+	if (flags & GNUTLS_SELF_TEST_FLAG_ALL)
+		digest = GNUTLS_DIG_UNKNOWN;
+
+	switch (digest) {
+	case GNUTLS_DIG_UNKNOWN:
+		NON_FIPS_CASE(GNUTLS_DIG_MD5, test_digest, md5_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_DIG_SHA1, test_digest, sha1_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_DIG_SHA224, test_digest, sha224_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_DIG_SHA256, test_digest, sha256_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_DIG_SHA384, test_digest, sha384_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_DIG_SHA512, test_digest, sha512_vectors);
+#ifdef NETTLE_SHA3_FIPS202
+		FALLTHROUGH;
+		CASE(GNUTLS_DIG_SHA3_224, test_digest, sha3_224_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_DIG_SHA3_256, test_digest, sha3_256_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_DIG_SHA3_384, test_digest, sha3_384_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_DIG_SHA3_512, test_digest, sha3_512_vectors);
+#endif
+#if ENABLE_GOST
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_DIG_GOSTR_94, test_digest, gostr_94_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_DIG_STREEBOG_512, test_digest, streebog_512_vectors);
+		FALLTHROUGH;
+		NON_FIPS_CASE(GNUTLS_DIG_STREEBOG_256, test_digest, streebog_256_vectors);
+#endif
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_NO_SELF_TEST);
+	}
+
+	return 0;
+}
+
+struct hkdf_vectors_st {
+	const uint8_t *ikm;
+	unsigned int ikm_size;
+	const uint8_t *salt;
+	unsigned int salt_size;
+	const uint8_t *prk;
+	unsigned int prk_size;
+	const uint8_t *info;
+	unsigned int info_size;
+	const uint8_t *okm;
+	unsigned int okm_size;
+};
+
+const struct hkdf_vectors_st hkdf_sha256_vectors[] = {
+	/* RFC 5869: A.1. Test Case 1: Basic test case with SHA-256 */
+	{
+		STR(ikm, ikm_size,
+		    "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+		    "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"),
+		STR(salt, salt_size,
+		    "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c"),
+		STR(prk, prk_size,
+		    "\x07\x77\x09\x36\x2c\x2e\x32\xdf\x0d\xdc\x3f\x0d\xc4\x7b"
+		    "\xba\x63\x90\xb6\xc7\x3b\xb5\x0f\x9c\x31\x22\xec\x84\x4a"
+		    "\xd7\xc2\xb3\xe5"),
+		STR(info, info_size,
+		    "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9"),
+		STR(okm, okm_size,
+		    "\x3c\xb2\x5f\x25\xfa\xac\xd5\x7a\x90\x43\x4f\x64\xd0\x36"
+		    "\x2f\x2a\x2d\x2d\x0a\x90\xcf\x1a\x5a\x4c\x5d\xb0\x2d\x56"
+		    "\xec\xc4\xc5\xbf\x34\x00\x72\x08\xd5\xb8\x87\x18\x58\x65"),
+	},
+	/* RFC 5869: A.2. Test Case 2: Test with SHA-256 and longer inputs/outputs */
+	{
+		STR(ikm, ikm_size,
+		    "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d"
+		    "\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b"
+		    "\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29"
+		    "\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37"
+		    "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40\x41\x42\x43\x44\x45"
+		    "\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"),
+		STR(salt, salt_size,
+		    "\x60\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d"
+		    "\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x7b"
+		    "\x7c\x7d\x7e\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89"
+		    "\x8a\x8b\x8c\x8d\x8e\x8f\x90\x91\x92\x93\x94\x95\x96\x97"
+		    "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f\xa0\xa1\xa2\xa3\xa4\xa5"
+		    "\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf"),
+		STR(prk, prk_size,
+		    "\x06\xa6\xb8\x8c\x58\x53\x36\x1a\x06\x10\x4c\x9c\xeb\x35"
+		    "\xb4\x5c\xef\x76\x00\x14\x90\x46\x71\x01\x4a\x19\x3f\x40"
+		    "\xc1\x5f\xc2\x44"),
+		STR(info, info_size,
+		    "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd"
+		    "\xbe\xbf\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb"
+		    "\xcc\xcd\xce\xcf\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9"
+		    "\xda\xdb\xdc\xdd\xde\xdf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+		    "\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5"
+		    "\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"),
+		STR(okm, okm_size,
+		    "\xb1\x1e\x39\x8d\xc8\x03\x27\xa1\xc8\xe7\xf7\x8c\x59\x6a"
+		    "\x49\x34\x4f\x01\x2e\xda\x2d\x4e\xfa\xd8\xa0\x50\xcc\x4c"
+		    "\x19\xaf\xa9\x7c\x59\x04\x5a\x99\xca\xc7\x82\x72\x71\xcb"
+		    "\x41\xc6\x5e\x59\x0e\x09\xda\x32\x75\x60\x0c\x2f\x09\xb8"
+		    "\x36\x77\x93\xa9\xac\xa3\xdb\x71\xcc\x30\xc5\x81\x79\xec"
+		    "\x3e\x87\xc1\x4c\x01\xd5\xc1\xf3\x43\x4f\x1d\x87"),
+	},
+};
+
+static int test_hkdf(gnutls_mac_algorithm_t mac,
+		     const struct hkdf_vectors_st *vectors,
+		     size_t vectors_size, unsigned flags)
+{
+	unsigned int i;
+
+	for (i = 0; i < vectors_size; i++) {
+		gnutls_datum_t ikm, prk, salt, info;
+		uint8_t output[4096];
+		int ret;
+
+		ikm.data = (void *) vectors[i].ikm;
+		ikm.size = vectors[i].ikm_size;
+		salt.data = (void *) vectors[i].salt;
+		salt.size = vectors[i].salt_size;
+
+		ret = gnutls_hkdf_extract(mac, &ikm, &salt, output);
+		if (ret < 0) {
+			_gnutls_debug_log("error extracting HKDF: MAC-%s\n",
+					  gnutls_mac_get_name(mac));
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (memcmp(output, vectors[i].prk, vectors[i].prk_size) != 0) {
+			_gnutls_debug_log
+			    ("HKDF extract: MAC-%s test vector failed!\n",
+			     gnutls_mac_get_name(mac));
+
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		prk.data = (void *) vectors[i].prk;
+		prk.size = vectors[i].prk_size;
+		info.data = (void *) vectors[i].info;
+		info.size = vectors[i].info_size;
+
+		ret = gnutls_hkdf_expand(mac, &prk, &info,
+					 output, vectors[i].okm_size);
+		if (ret < 0) {
+			_gnutls_debug_log("error extracting HKDF: MAC-%s\n",
+					  gnutls_mac_get_name(mac));
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (memcmp(output, vectors[i].okm, vectors[i].okm_size) != 0) {
+			_gnutls_debug_log
+			    ("HKDF expand: MAC-%s test vector failed!\n",
+			     gnutls_mac_get_name(mac));
+
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+	}
+
+	_gnutls_debug_log
+	    ("HKDF: MAC-%s self check succeeded\n",
+	     gnutls_mac_get_name(mac));
+
+	return 0;
+}
+
+/*-
+ * gnutls_hkdf_self_test:
+ * @flags: GNUTLS_SELF_TEST_FLAG flags
+ * @mac: the message authentication algorithm to use
+ *
+ * This function will run self tests on HKDF with the provided mac.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.3.0-FIPS140
+ -*/
+int gnutls_hkdf_self_test(unsigned flags, gnutls_mac_algorithm_t mac)
+{
+	int ret;
+
+	if (flags & GNUTLS_SELF_TEST_FLAG_ALL)
+		mac = GNUTLS_MAC_UNKNOWN;
+
+	switch (mac) {
+	case GNUTLS_MAC_UNKNOWN:
+		CASE(GNUTLS_MAC_SHA256, test_hkdf, hkdf_sha256_vectors);
+
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_NO_SELF_TEST);
+	}
+
+	return 0;
+}
+
+struct pbkdf2_vectors_st {
+	const uint8_t *key;
+	size_t key_size;
+	const uint8_t *salt;
+	size_t salt_size;
+	unsigned iter_count;
+	const uint8_t *output;
+	size_t output_size;
+};
+
+const struct pbkdf2_vectors_st pbkdf2_sha256_vectors[] = {
+	/* RFC 7914: 11. Test Vectors for PBKDF2 with HMAC-SHA-256 */
+	{
+		STR(key, key_size, "passwd"),
+		STR(salt, salt_size, "salt"),
+		.iter_count = 1,
+		STR(output, output_size,
+		    "\x55\xac\x04\x6e\x56\xe3\x08\x9f\xec\x16\x91\xc2\x25\x44"
+		    "\xb6\x05\xf9\x41\x85\x21\x6d\xde\x04\x65\xe6\x8b\x9d\x57"
+		    "\xc2\x0d\xac\xbc\x49\xca\x9c\xcc\xf1\x79\xb6\x45\x99\x16"
+		    "\x64\xb3\x9d\x77\xef\x31\x7c\x71\xb8\x45\xb1\xe3\x0b\xd5"
+		    "\x09\x11\x20\x41\xd3\xa1\x97\x83"),
+	},
+	/* RFC 7914: 11. Test Vectors for PBKDF2 with HMAC-SHA-256 */
+	{
+		STR(key, key_size, "Password"),
+		STR(salt, salt_size, "NaCl"),
+		.iter_count = 80000,
+		STR(output, output_size,
+		    "\x4d\xdc\xd8\xf6\x0b\x98\xbe\x21\x83\x0c\xee\x5e\xf2\x27"
+		    "\x01\xf9\x64\x1a\x44\x18\xd0\x4c\x04\x14\xae\xff\x08\x87"
+		    "\x6b\x34\xab\x56\xa1\xd4\x25\xa1\x22\x58\x33\x54\x9a\xdb"
+		    "\x84\x1b\x51\xc9\xb3\x17\x6a\x27\x2b\xde\xbb\xa1\xd0\x78"
+		    "\x47\x8f\x62\xb3\x97\xf3\x3c\x8d"),
+	},
+	/* Test vector extracted from:
+	 * https://dev.gnupg.org/source/libgcrypt/browse/master/cipher/kdf.c */
+	{
+		STR(key, key_size, "passwordPASSWORDpassword"),
+		STR(salt, salt_size, "saltSALTsaltSALTsaltSALTsaltSALTsalt"),
+		.iter_count = 4096,
+		STR(output, output_size,
+		    "\x34\x8c\x89\xdb\xcb\xd3\x2b\x2f\x32\xd8\x14\xb8\x11\x6e"
+		    "\x84\xcf\x2b\x17\x34\x7e\xbc\x18\x00\x18\x1c\x4e\x2a\x1f"
+		    "\xb8\xdd\x53\xe1\xc6\x35\x51\x8c\x7d\xac\x47\xe9"),
+	},
+};
+
+static int test_pbkdf2(gnutls_mac_algorithm_t mac,
+		       const struct pbkdf2_vectors_st *vectors,
+		       size_t vectors_size, unsigned flags)
+{
+	unsigned int i;
+
+	for (i = 0; i < vectors_size; i++) {
+		gnutls_datum_t key, salt;
+		uint8_t output[4096];
+		int ret;
+
+		key.data = (void *) vectors[i].key;
+		key.size = vectors[i].key_size;
+		salt.data = (void *) vectors[i].salt;
+		salt.size = vectors[i].salt_size;
+
+		ret = gnutls_pbkdf2(mac, &key, &salt, vectors[i].iter_count,
+				    output, vectors[i].output_size);
+		if (ret < 0) {
+			_gnutls_debug_log("error calculating PBKDF2: MAC-%s\n",
+					  gnutls_mac_get_name(mac));
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (memcmp(output, vectors[i].output, vectors[i].output_size) != 0) {
+			_gnutls_debug_log
+			    ("PBKDF2: MAC-%s test vector failed!\n",
+			     gnutls_mac_get_name(mac));
+
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+	}
+
+	_gnutls_debug_log
+	    ("PBKDF2: MAC-%s self check succeeded\n",
+	     gnutls_mac_get_name(mac));
+
+	return 0;
+}
+
+/*-
+ * gnutls_pbkdf2_self_test:
+ * @flags: GNUTLS_SELF_TEST_FLAG flags
+ * @mac: the message authentication algorithm to use
+ *
+ * This function will run self tests on PBKDF2 with the provided mac.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.3.0-FIPS140
+ -*/
+int gnutls_pbkdf2_self_test(unsigned flags, gnutls_mac_algorithm_t mac)
+{
+	int ret;
+
+	if (flags & GNUTLS_SELF_TEST_FLAG_ALL)
+		mac = GNUTLS_MAC_UNKNOWN;
+
+	switch (mac) {
+	case GNUTLS_MAC_UNKNOWN:
+		CASE(GNUTLS_MAC_SHA256, test_pbkdf2, pbkdf2_sha256_vectors);
+
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_NO_SELF_TEST);
+	}
+
+	return 0;
+}
+
+struct tlsprf_vectors_st {
+	const uint8_t *key;
+	size_t key_size;
+	const uint8_t *label;
+	size_t label_size;
+	const uint8_t *seed;
+	size_t seed_size;
+	const uint8_t *output;
+	size_t output_size;
+};
+
+const struct tlsprf_vectors_st tls10prf_vectors[] = {
+	/* tests/tls10-prf.c: test1 */
+	{
+		STR(key, key_size,
+		    "\x26\x3b\xdb\xbb\x6f\x6d\x4c\x66\x4e\x05\x8d\x0a\xa9\xd3"
+		    "\x21\xbe"),
+		STR(label, label_size,
+		    "test label"),
+		STR(seed, seed_size,
+		    "\xb9\x20\x57\x3b\x19\x96\x01\x02\x4f\x04\xd6\xdc\x61\x96"
+		    "\x6e\x65"),
+		STR(output, output_size,
+		    "\x66\x17\x99\x37\x65\xfa\x6c\xa7\x03\xd1\x9e\xc7\x0d\xd5"
+		    "\xdd\x16\x0f\xfc\xc0\x77\x25\xfa\xfb\x71\x4a\x9f\x81\x5a"
+		    "\x2a\x30\xbf\xb7\xe3\xbb\xfb\x7e\xee\x57\x4b\x3b\x61\x3e"
+		    "\xb7\xfe\x80\xee\xc9\x69\x1d\x8c\x1b\x0e\x2d\x9b\x3c\x8b"
+		    "\x4b\x02\xb6\xb6\xd6\xdb\x88\xe2\x09\x46\x23\xef\x62\x40"
+		    "\x60\x7e\xda\x7a\xbe\x3c\x84\x6e\x82\xa3"),
+	},
+};
+
+const struct tlsprf_vectors_st tls12prf_sha256_vectors[] = {
+	/* tests/tls12-prf.c: sha256_test1 */
+	{
+		STR(key, key_size,
+		    "\x04\x50\xb0\xea\x9e\xcd\x36\x02\xee\x0d\x76\xc5\xc3\xc8"
+		    "\x6f\x4a"),
+		STR(label, label_size,
+		    "test label"),
+		STR(seed, seed_size,
+		    "\x20\x7a\xcc\x02\x54\xb8\x67\xf5\xb9\x25\xb4\x5a\x33\x60"
+		    "\x1d\x8b"),
+		STR(output, output_size,
+		    "\xae\x67\x9e\x0e\x71\x4f\x59\x75\x76\x37\x68\xb1\x66\x97"
+		    "\x9e\x1d"),
+	},
+	/* tests/tls12-prf.c: sha256_test2 */
+	{
+		STR(key, key_size,
+		    "\x34\x20\x4a\x9d\xf0\xbe\x6e\xb4\xe9\x25\xa8\x02\x7c\xf6"
+		    "\xc6\x02"),
+		STR(label, label_size,
+		    "test label"),
+		STR(seed, seed_size,
+		    "\x98\xb2\xc4\x0b\xcd\x66\x4c\x83\xbb\x92\x0c\x18\x20\x1a"
+		    "\x63\x95"),
+		STR(output, output_size,
+		    "\xaf\xa9\x31\x24\x53\xc2\x2f\xa8\x3d\x2b\x51\x1b\x37\x2d"
+		    "\x73\xa4\x02\xa2\xa6\x28\x73\x23\x9a\x51\xfa\xde\x45\x08"
+		    "\x2f\xaf\x3f\xd2\xbb\x7f\xfb\x3e\x9b\xf3\x6e\x28\xb3\x14"
+		    "\x1a\xab\xa4\x84\x00\x53\x32\xa9\xf9\xe3\x88\xa4\xd3\x29"
+		    "\xf1\x58\x7a\x4b\x31\x7d\xa0\x77\x08\xea\x1b\xa9\x5a\x53"
+		    "\xf8\x78\x67\x24\xbd\x83\xce\x4b\x03\xaf"),
+	},
+	/* tests/tls12-prf.c: sha256_test3 */
+	{
+		STR(key, key_size,
+		    "\xa3\x69\x1a\xa1\xf6\x81\x4b\x80\x59\x2b\xf1\xcf\x2a\xcf"
+		    "\x16\x97"),
+		STR(label, label_size,
+		    "test label"),
+		STR(seed, seed_size,
+		    "\x55\x23\xd4\x1e\x32\x0e\x69\x4d\x0c\x1f\xf5\x73\x4d\x83"
+		    "\x0b\x93\x3e\x46\x92\x70\x71\xc9\x26\x21"),
+		STR(output, output_size,
+		    "\x6a\xd0\x98\x4f\xa0\x6f\x78\xfe\x16\x1b\xd4\x6d\x7c\x26"
+		    "\x1d\xe4\x33\x40\xd7\x28\xdd\xdc\x3d\x0f\xf0\xdd\x7e\x0d"),
+	},
+	/* tests/tls12-prf.c: sha256_test4 */
+	{
+		STR(key, key_size,
+		    "\x21\x0e\xc9\x37\x06\x97\x07\xe5\x46\x5b\xc4\x6b\xf7\x79"
+		    "\xe1\x04\x10\x8b\x18\xfd\xb7\x93\xbe\x7b\x21\x8d\xbf\x14"
+		    "\x5c\x86\x41\xf3"),
+		STR(label, label_size,
+		    "test label"),
+		STR(seed, seed_size,
+		    "\x1e\x35\x1a\x0b\xaf\x35\xc7\x99\x45\x92\x43\x94\xb8\x81"
+		    "\xcf\xe3\x1d\xae\x8f\x1c\x1e\xd5\x4d\x3b"),
+		STR(output, output_size,
+		    "\x76\x53\xfa\x80\x9c\xde\x3b\x55\x3c\x4a\x17\xe2\xcd\xbc"
+		    "\xc9\x18\xf3\x65\x27\xf2\x22\x19\xa7\xd7\xf9\x5d\x97\x24"
+		    "\x3f\xf2\xd5\xde\xe8\x26\x5e\xf0\xaf\x03"),
+	},
+};
+
+const struct tlsprf_vectors_st tls12prf_sha384_vectors[] = {
+	/* tests/tls12-prf.c: sha384_test1
+	 * https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
+	 */
+	{
+		STR(key, key_size,
+		    "\xb8\x0b\x73\x3d\x6c\xee\xfc\xdc\x71\x56\x6e\xa4\x8e\x55"
+		    "\x67\xdf"),
+		STR(label, label_size,
+		    "test label"),
+		STR(seed, seed_size,
+		    "\xcd\x66\x5c\xf6\xa8\x44\x7d\xd6\xff\x8b\x27\x55\x5e\xdb"
+		    "\x74\x65"),
+		STR(output, output_size,
+		    "\x7b\x0c\x18\xe9\xce\xd4\x10\xed\x18\x04\xf2\xcf\xa3\x4a"
+		    "\x33\x6a\x1c\x14\xdf\xfb\x49\x00\xbb\x5f\xd7\x94\x21\x07"
+		    "\xe8\x1c\x83\xcd\xe9\xca\x0f\xaa\x60\xbe\x9f\xe3\x4f\x82"
+		    "\xb1\x23\x3c\x91\x46\xa0\xe5\x34\xcb\x40\x0f\xed\x27\x00"
+		    "\x88\x4f\x9d\xc2\x36\xf8\x0e\xdd\x8b\xfa\x96\x11\x44\xc9"
+		    "\xe8\xd7\x92\xec\xa7\x22\xa7\xb3\x2f\xc3\xd4\x16\xd4\x73"
+		    "\xeb\xc2\xc5\xfd\x4a\xbf\xda\xd0\x5d\x91\x84\x25\x9b\x5b"
+		    "\xf8\xcd\x4d\x90\xfa\x0d\x31\xe2\xde\xc4\x79\xe4\xf1\xa2"
+		    "\x60\x66\xf2\xee\xa9\xa6\x92\x36\xa3\xe5\x26\x55\xc9\xe9"
+		    "\xae\xe6\x91\xc8\xf3\xa2\x68\x54\x30\x8d\x5e\xaa\x3b\xe8"
+		    "\x5e\x09\x90\x70\x3d\x73\xe5\x6f"),
+	},
+};
+
+static int test_tlsprf(gnutls_mac_algorithm_t mac,
+		       const struct tlsprf_vectors_st *vectors,
+		       size_t vectors_size, unsigned flags)
+{
+	unsigned int i;
+
+	for (i = 0; i < vectors_size; i++) {
+		char output[4096];
+		int ret;
+
+		ret = _gnutls_prf_raw(mac,
+				      vectors[i].key_size, vectors[i].key,
+				      vectors[i].label_size, (const char *)vectors[i].label,
+				      vectors[i].seed_size, vectors[i].seed,
+				      vectors[i].output_size, output);
+		if (ret < 0) {
+			_gnutls_debug_log("error calculating TLS-PRF: MAC-%s\n",
+					  gnutls_mac_get_name(mac));
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+
+		if (memcmp(output, vectors[i].output, vectors[i].output_size) != 0) {
+			_gnutls_debug_log
+			    ("TLS-PRF: MAC-%s test vector failed!\n",
+			     gnutls_mac_get_name(mac));
+
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+	}
+
+	_gnutls_debug_log
+	    ("TLS-PRF: MAC-%s self check succeeded\n",
+	     gnutls_mac_get_name(mac));
+
+	return 0;
+}
+
+/*-
+ * gnutls_tlsprf_self_test:
+ * @flags: GNUTLS_SELF_TEST_FLAG flags
+ * @mac: the message authentication algorithm to use
+ *
+ * This function will run self tests on TLS-PRF with the provided mac.
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.3.0-FIPS140
+ -*/
+int gnutls_tlsprf_self_test(unsigned flags, gnutls_mac_algorithm_t mac)
+{
+	int ret;
+
+	if (flags & GNUTLS_SELF_TEST_FLAG_ALL)
+		mac = GNUTLS_MAC_UNKNOWN;
+
+	switch (mac) {
+	case GNUTLS_MAC_UNKNOWN:
+		NON_FIPS_CASE(GNUTLS_MAC_MD5_SHA1, test_tlsprf, tls10prf_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_MAC_SHA256, test_tlsprf, tls12prf_sha256_vectors);
+		FALLTHROUGH;
+		CASE(GNUTLS_MAC_SHA384, test_tlsprf, tls12prf_sha384_vectors);
+
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_NO_SELF_TEST);
+	}
+
+	return 0;
+}
diff --git a/lib/crypto.h b/lib/crypto.h
new file mode 100644
index 0000000..10f36c8
--- /dev/null
+++ b/lib/crypto.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2008-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_CRYPTO_H
+#define GNUTLS_LIB_CRYPTO_H
+
+const gnutls_crypto_cipher_st
+    * _gnutls_get_crypto_cipher(gnutls_cipher_algorithm_t algo);
+const gnutls_crypto_digest_st
+    * _gnutls_get_crypto_digest(gnutls_digest_algorithm_t algo);
+const gnutls_crypto_mac_st *_gnutls_get_crypto_mac(gnutls_mac_algorithm_t
+						   algo);
+void _gnutls_crypto_deregister(void);
+int _gnutls_crypto_register_cipher(gnutls_cipher_algorithm_t algorithm,
+				   int priority,
+				   gnutls_cipher_init_func init,
+				   gnutls_cipher_setkey_func setkey,
+				   gnutls_cipher_setiv_func setiv,
+				   gnutls_cipher_encrypt_func encrypt,
+				   gnutls_cipher_decrypt_func decrypt,
+				   gnutls_cipher_deinit_func deinit);
+
+#endif /* GNUTLS_LIB_CRYPTO_H */
diff --git a/lib/datum.c b/lib/datum.c
new file mode 100644
index 0000000..bd0f216
--- /dev/null
+++ b/lib/datum.c
@@ -0,0 +1,76 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* contains functions that make it easier to
+ * write vectors of <size|data>. The destination size
+ * should be preallocated (datum.size+(bits/8))
+ */
+
+#include "gnutls_int.h"
+#include <num.h>
+#include <datum.h>
+#include "errors.h"
+
+/* On error, @dat is not changed. */
+int
+_gnutls_set_datum(gnutls_datum_t * dat, const void *data, size_t data_size)
+{
+	if (data_size == 0 || data == NULL) {
+		dat->data = NULL;
+		dat->size = 0;
+		return 0;
+	}
+
+	unsigned char *m = gnutls_malloc(data_size);
+	if (!m)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	dat->data = m;
+	dat->size = data_size;
+	memcpy(dat->data, data, data_size);
+
+	return 0;
+}
+
+/* ensures that the data set are null-terminated
+ * The function always returns an allocated string in @dat on success.
+ * On error, @dat is not changed.
+ */
+int
+_gnutls_set_strdatum(gnutls_datum_t * dat, const void *data, size_t data_size)
+{
+	if (data == NULL)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+	unsigned char *m = gnutls_malloc(data_size + 1);
+	if (!m)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	dat->data = m;
+	dat->size = data_size;
+	if (data_size)
+		memcpy(dat->data, data, data_size);
+	dat->data[data_size] = 0;
+
+	return 0;
+}
+
diff --git a/lib/datum.h b/lib/datum.h
new file mode 100644
index 0000000..35b9e3b
--- /dev/null
+++ b/lib/datum.h
@@ -0,0 +1,73 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_DATUM_H
+#define GNUTLS_LIB_DATUM_H
+
+# include "gnutls_int.h"
+
+/* This will copy the provided data in @dat. If the provided data are
+ * NULL or zero-size @dat will be NULL as well.
+ */
+NODISCARD ATTRIBUTE_NONNULL((1))
+int _gnutls_set_datum(gnutls_datum_t * dat, const void *data,
+		      size_t data_size);
+
+/* This will always return a non-NULL, and zero-terminated string in @dat.
+ */
+NODISCARD ATTRIBUTE_NONNULL((1))
+int _gnutls_set_strdatum(gnutls_datum_t * dat, const void *data,
+			 size_t data_size);
+
+
+inline static
+void _gnutls_free_datum(gnutls_datum_t * dat)
+{
+	if (dat != NULL) {
+		gnutls_free(dat->data);
+		dat->size = 0;
+	}
+}
+
+inline static ATTRIBUTE_NONNULL()
+void _gnutls_free_temp_key_datum(gnutls_datum_t * dat)
+{
+	if (dat->data != NULL) {
+		zeroize_temp_key(dat->data, dat->size);
+		gnutls_free(dat->data);
+	}
+
+	dat->size = 0;
+}
+
+inline static ATTRIBUTE_NONNULL()
+void _gnutls_free_key_datum(gnutls_datum_t * dat)
+{
+	if (dat->data != NULL) {
+		zeroize_key(dat->data, dat->size);
+		gnutls_free(dat->data);
+	}
+
+	dat->size = 0;
+}
+
+#endif /* GNUTLS_LIB_DATUM_H */
diff --git a/lib/db.c b/lib/db.c
new file mode 100644
index 0000000..4ff7612
--- /dev/null
+++ b/lib/db.c
@@ -0,0 +1,417 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains functions that manipulate a database backend for
+ * resumed sessions.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <db.h>
+#include <session_pack.h>
+#include <datum.h>
+#include "ext/server_name.h"
+#include <intprops.h>
+
+/**
+ * gnutls_db_set_retrieve_function:
+ * @session: is a #gnutls_session_t type.
+ * @retr_func: is the function.
+ *
+ * Sets the function that will be used to retrieve data from the
+ * resumed sessions database.  This function must return a
+ * gnutls_datum_t containing the data on success, or a gnutls_datum_t
+ * containing null and 0 on failure.
+ *
+ * The datum's data must be allocated using the function
+ * gnutls_malloc().
+ *
+ * The first argument to @retr_func will be null unless
+ * gnutls_db_set_ptr() has been called.
+ **/
+void
+gnutls_db_set_retrieve_function(gnutls_session_t session,
+				gnutls_db_retr_func retr_func)
+{
+	session->internals.db_retrieve_func = retr_func;
+}
+
+/**
+ * gnutls_db_set_remove_function:
+ * @session: is a #gnutls_session_t type.
+ * @rem_func: is the function.
+ *
+ * Sets the function that will be used to remove data from the
+ * resumed sessions database. This function must return 0 on success.
+ *
+ * The first argument to @rem_func will be null unless
+ * gnutls_db_set_ptr() has been called.
+ **/
+void
+gnutls_db_set_remove_function(gnutls_session_t session,
+			      gnutls_db_remove_func rem_func)
+{
+	session->internals.db_remove_func = rem_func;
+}
+
+/**
+ * gnutls_db_set_store_function:
+ * @session: is a #gnutls_session_t type.
+ * @store_func: is the function
+ *
+ * Sets the function that will be used to store data in the resumed
+ * sessions database. This function must return 0 on success.
+ *
+ * The first argument to @store_func will be null unless
+ * gnutls_db_set_ptr() has been called.
+ **/
+void
+gnutls_db_set_store_function(gnutls_session_t session,
+			     gnutls_db_store_func store_func)
+{
+	session->internals.db_store_func = store_func;
+}
+
+/**
+ * gnutls_db_set_ptr:
+ * @session: is a #gnutls_session_t type.
+ * @ptr: is the pointer
+ *
+ * Sets the pointer that will be provided to db store, retrieve and
+ * delete functions, as the first argument.
+ **/
+void gnutls_db_set_ptr(gnutls_session_t session, void *ptr)
+{
+	session->internals.db_ptr = ptr;
+}
+
+/**
+ * gnutls_db_get_ptr:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get db function pointer.
+ *
+ * Returns: the pointer that will be sent to db store, retrieve and
+ *   delete functions, as the first argument.
+ **/
+void *gnutls_db_get_ptr(gnutls_session_t session)
+{
+	return session->internals.db_ptr;
+}
+
+/**
+ * gnutls_db_set_cache_expiration:
+ * @session: is a #gnutls_session_t type.
+ * @seconds: is the number of seconds.
+ *
+ * Set the expiration time for resumed sessions. The default is 21600
+ * (6 hours) at the time of writing.
+ *
+ * The maximum value that can be set using this function is 604800
+ * (7 days).
+ *
+ **/
+void gnutls_db_set_cache_expiration(gnutls_session_t session, int seconds)
+{
+	session->internals.expire_time = seconds;
+	if (session->internals.expire_time > 604800)
+		session->internals.expire_time = 604800;
+}
+
+/**
+ * gnutls_db_get_default_cache_expiration:
+ *
+ * Returns the expiration time (in seconds) of stored sessions for resumption. 
+ **/
+unsigned gnutls_db_get_default_cache_expiration(void)
+{
+	return DEFAULT_EXPIRE_TIME;
+}
+
+/**
+ * gnutls_db_check_entry:
+ * @session: is a #gnutls_session_t type.
+ * @session_entry: is the session data (not key)
+ *
+ * This function has no effect. 
+ *
+ * Returns: Returns %GNUTLS_E_EXPIRED, if the database entry has
+ *   expired or 0 otherwise.
+ *
+ * Deprecated: This function is deprecated.
+ **/
+int
+gnutls_db_check_entry(gnutls_session_t session,
+		      gnutls_datum_t session_entry)
+{
+	return 0;
+}
+
+/**
+ * gnutls_db_check_entry_time:
+ * @entry: is a pointer to a #gnutls_datum_t type.
+ *
+ * This function returns the time that this entry was active.
+ * It can be used for database entry expiration.
+ *
+ * Returns: The time this entry was created, or zero on error.
+ **/
+time_t gnutls_db_check_entry_time(gnutls_datum_t * entry)
+{
+	uint32_t t;
+	uint32_t magic;
+
+	if (entry->size < 8)
+		return gnutls_assert_val(0);
+
+	magic = _gnutls_read_uint32(entry->data);
+
+	if (magic != PACKED_SESSION_MAGIC)
+		return gnutls_assert_val(0);
+
+	t = _gnutls_read_uint32(&entry->data[4]);
+
+	return t;
+}
+
+/**
+ * gnutls_db_check_entry_expire_time:
+ * @entry: is a pointer to a #gnutls_datum_t type.
+ *
+ * This function returns the time that this entry will expire.
+ * It can be used for database entry expiration.
+ *
+ * Returns: The time this entry will expire, or zero on error.
+ *
+ * Since: 3.6.5
+ **/
+time_t gnutls_db_check_entry_expire_time(gnutls_datum_t *entry)
+{
+	uint32_t t;
+	uint32_t e;
+	uint32_t magic;
+
+	if (entry->size < 12)
+		return gnutls_assert_val(0);
+
+	magic = _gnutls_read_uint32(entry->data);
+
+	if (magic != PACKED_SESSION_MAGIC)
+		return gnutls_assert_val(0);
+
+	t = _gnutls_read_uint32(&entry->data[4]);
+	e = _gnutls_read_uint32(&entry->data[8]);
+
+	if (INT_ADD_OVERFLOW(t, e))
+		return gnutls_assert_val(0);
+
+	return t + e;
+}
+
+/* Checks if both db_store and db_retrieve functions have
+ * been set up.
+ */
+static int db_func_is_ok(gnutls_session_t session)
+{
+	if (session->internals.db_store_func != NULL &&
+	    session->internals.db_retrieve_func != NULL)
+		return 0;
+	else
+		return GNUTLS_E_DB_ERROR;
+}
+
+/* Stores session data to the db backend.
+ */
+static int
+store_session(gnutls_session_t session,
+	      gnutls_datum_t session_id, gnutls_datum_t session_data)
+{
+	int ret = 0;
+
+	if (db_func_is_ok(session) != 0) {
+		return GNUTLS_E_DB_ERROR;
+	}
+
+	if (session_data.data == NULL || session_data.size == 0) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_SESSION;
+	}
+
+	/* if we can't read why bother writing? */
+	ret = session->internals.db_store_func(session->internals.db_ptr,
+					       session_id, session_data);
+
+	return (ret == 0 ? ret : GNUTLS_E_DB_ERROR);
+}
+
+int _gnutls_server_register_current_session(gnutls_session_t session)
+{
+	gnutls_datum_t key;
+	gnutls_datum_t content;
+	int ret = 0;
+
+	key.data = session->security_parameters.session_id;
+	key.size = session->security_parameters.session_id_size;
+
+	if (!session->internals.resumable) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_SESSION;
+	}
+
+	if (session->security_parameters.session_id_size == 0) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_SESSION;
+	}
+
+	ret = _gnutls_session_pack(session, &content);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = store_session(session, key, content);
+	_gnutls_free_datum(&content);
+
+	return ret;
+}
+
+int _gnutls_check_resumed_params(gnutls_session_t session)
+{
+	time_t timestamp = gnutls_time(0);
+	const version_entry_st *vers;
+
+	/* check whether the session is expired */
+	if (timestamp -
+	    session->internals.resumed_security_parameters.timestamp >
+	    session->internals.expire_time
+	    || session->internals.resumed_security_parameters.timestamp >
+	    timestamp)
+		return gnutls_assert_val(GNUTLS_E_EXPIRED);
+
+	/* check various parameters applicable to resumption in TLS1.2 or earlier
+	 */
+	vers = get_version(session);
+	if (!vers || !vers->tls13_sem) {
+		if (session->internals.resumed_security_parameters.ext_master_secret !=
+		    session->security_parameters.ext_master_secret)
+			return gnutls_assert_val(GNUTLS_E_INVALID_SESSION);
+
+		if (!_gnutls_server_name_matches_resumed(session))
+			return gnutls_assert_val(GNUTLS_E_INVALID_SESSION);
+	}
+
+	return 0;
+}
+
+int
+_gnutls_server_restore_session(gnutls_session_t session,
+			       uint8_t * session_id, int session_id_size)
+{
+	gnutls_datum_t data;
+	gnutls_datum_t key;
+	int ret;
+
+	if (session_id == NULL || session_id_size == 0) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (session->internals.premaster_set != 0) {	/* hack for CISCO's DTLS-0.9 */
+		if (session_id_size ==
+		    session->internals.resumed_security_parameters.
+		    session_id_size
+		    && memcmp(session_id,
+			      session->internals.
+			      resumed_security_parameters.session_id,
+			      session_id_size) == 0)
+			return 0;
+	}
+
+	key.data = session_id;
+	key.size = session_id_size;
+
+	if (db_func_is_ok(session) != 0) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_SESSION;
+	}
+
+	data =
+	    session->internals.db_retrieve_func(session->internals.db_ptr,
+						key);
+
+	if (data.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_SESSION;
+	}
+
+	ret = gnutls_session_set_data(session, data.data, data.size);
+	gnutls_free(data.data);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* expiration check is performed inside */
+	ret = _gnutls_check_resumed_params(session);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+/**
+ * gnutls_db_remove_session:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function will remove the current session data from the
+ * session database.  This will prevent future handshakes reusing
+ * these session data.  This function should be called if a session
+ * was terminated abnormally, and before gnutls_deinit() is called.
+ *
+ * Normally gnutls_deinit() will remove abnormally terminated
+ * sessions.
+ **/
+void gnutls_db_remove_session(gnutls_session_t session)
+{
+	gnutls_datum_t session_id;
+	int ret = 0;
+
+	session_id.data = session->security_parameters.session_id;
+	session_id.size = session->security_parameters.session_id_size;
+
+	if (session->internals.db_remove_func == NULL) {
+		gnutls_assert();
+		return /* GNUTLS_E_DB_ERROR */ ;
+	}
+
+	if (session_id.data == NULL || session_id.size == 0) {
+		gnutls_assert();
+		return /* GNUTLS_E_INVALID_SESSION */ ;
+	}
+
+	/* if we can't read why bother writing? */
+	ret = session->internals.db_remove_func(session->internals.db_ptr,
+						session_id);
+	if (ret != 0)
+		gnutls_assert();
+}
diff --git a/lib/db.h b/lib/db.h
new file mode 100644
index 0000000..6dc5f7f
--- /dev/null
+++ b/lib/db.h
@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_DB_H
+#define GNUTLS_LIB_DB_H
+
+int _gnutls_server_register_current_session(gnutls_session_t session);
+int _gnutls_server_restore_session(gnutls_session_t session,
+				   uint8_t * session_id,
+				   int session_id_size);
+
+int _gnutls_check_resumed_params(gnutls_session_t session);
+
+#define PACKED_SESSION_MAGIC ((0xfadebadd)+(_gnutls_global_version))
+
+#endif /* GNUTLS_LIB_DB_H */
diff --git a/lib/debug.c b/lib/debug.c
new file mode 100644
index 0000000..991f7a7
--- /dev/null
+++ b/lib/debug.c
@@ -0,0 +1,134 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include "debug.h"
+#include <mpi.h>
+
+#ifdef DEBUG
+void _gnutls_dump_mpi(const char *prefix, bigint_t a)
+{
+	char buf[400];
+	char buf_hex[2 * sizeof(buf) + 1];
+	size_t n = sizeof buf;
+
+	if (_gnutls_mpi_print(a, buf, &n))
+		strcpy(buf, "[can't print value]");	/* Flawfinder: ignore */
+	_gnutls_debug_log("MPI: length: %d\n\t%s%s\n", (int) n, prefix,
+			  _gnutls_bin2hex(buf, n, buf_hex, sizeof(buf_hex),
+					  NULL));
+}
+
+void
+_gnutls_dump_vector(const char *prefix, const uint8_t * a, size_t a_size)
+{
+	char buf_hex[2 * a_size + 1];
+
+	_gnutls_debug_log("Vector: length: %d\n\t%s%s\n", (int) a_size,
+			  prefix, _gnutls_bin2hex(a, a_size, buf_hex,
+						  sizeof(buf_hex), NULL));
+}
+#endif
+
+const char *_gnutls_packet2str(content_type_t packet)
+{
+	switch (packet) {
+	case GNUTLS_CHANGE_CIPHER_SPEC:
+		return "ChangeCipherSpec";
+	case GNUTLS_ALERT:
+		return "Alert";
+	case GNUTLS_HANDSHAKE:
+		return "Handshake";
+	case GNUTLS_APPLICATION_DATA:
+		return "Application Data";
+	case GNUTLS_HEARTBEAT:
+		return "HeartBeat";
+	default:
+		return "Unknown Packet";
+	}
+}
+
+/**
+ * gnutls_handshake_description_get_name:
+ * @type: is a handshake message description
+ *
+ * Convert a #gnutls_handshake_description_t value to a string.
+ *
+ * Returns: a string that contains the name of the specified handshake
+ *   message or %NULL.
+ **/
+const char
+    *gnutls_handshake_description_get_name(gnutls_handshake_description_t
+					   type)
+{
+	switch (type) {
+	case GNUTLS_HANDSHAKE_END_OF_EARLY_DATA:
+		return "END OF EARLY DATA";
+	case GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST:
+		return "HELLO RETRY REQUEST";
+	case GNUTLS_HANDSHAKE_HELLO_REQUEST:
+		return "HELLO REQUEST";
+	case GNUTLS_HANDSHAKE_CLIENT_HELLO:
+		return "CLIENT HELLO";
+#ifdef ENABLE_SSL2
+	case GNUTLS_HANDSHAKE_CLIENT_HELLO_V2:
+		return "SSL2 CLIENT HELLO";
+#endif
+	case GNUTLS_HANDSHAKE_SERVER_HELLO:
+		return "SERVER HELLO";
+	case GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST:
+		return "HELLO VERIFY REQUEST";
+	case GNUTLS_HANDSHAKE_CERTIFICATE_PKT:
+		return "CERTIFICATE";
+	case GNUTLS_HANDSHAKE_ENCRYPTED_EXTENSIONS:
+		return "ENCRYPTED EXTENSIONS";
+	case GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE:
+		return "SERVER KEY EXCHANGE";
+	case GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST:
+		return "CERTIFICATE REQUEST";
+	case GNUTLS_HANDSHAKE_SERVER_HELLO_DONE:
+		return "SERVER HELLO DONE";
+	case GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY:
+		return "CERTIFICATE VERIFY";
+	case GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE:
+		return "CLIENT KEY EXCHANGE";
+	case GNUTLS_HANDSHAKE_FINISHED:
+		return "FINISHED";
+	case GNUTLS_HANDSHAKE_KEY_UPDATE:
+		return "KEY_UPDATE";
+	case GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT:
+		return "COMPRESSED CERTIFICATE";
+	case GNUTLS_HANDSHAKE_SUPPLEMENTAL:
+		return "SUPPLEMENTAL";
+	case GNUTLS_HANDSHAKE_CERTIFICATE_STATUS:
+		return "CERTIFICATE STATUS";
+	case GNUTLS_HANDSHAKE_NEW_SESSION_TICKET:
+		return "NEW SESSION TICKET";
+	case GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC:
+		return "CHANGE CIPHER SPEC";
+	default:
+		return "Unknown Handshake packet";
+	}
+}
diff --git a/lib/debug.h b/lib/debug.h
new file mode 100644
index 0000000..231570f
--- /dev/null
+++ b/lib/debug.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_DEBUG_H
+#define GNUTLS_LIB_DEBUG_H
+
+const char *_gnutls_packet2str(content_type_t packet);
+inline static const char *_gnutls_handshake2str(unsigned x)
+{
+	const char *s = gnutls_handshake_description_get_name(x);
+	if (s == NULL)
+		return "Unknown Handshake packet";
+	else
+		return s;
+}
+
+void _gnutls_dump_mpi(const char *prefix, bigint_t a);
+void _gnutls_dump_vector(const char *prefix, const uint8_t * a,
+			 size_t a_size);
+
+#endif /* GNUTLS_LIB_DEBUG_H */
diff --git a/lib/dh-primes.c b/lib/dh-primes.c
new file mode 100644
index 0000000..94b69e3
--- /dev/null
+++ b/lib/dh-primes.c
@@ -0,0 +1,1934 @@
+/*
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/gnutls.h>
+
+#include "dh.h"
+
+static const unsigned char ffdhe_generator = 0x02;
+
+static const unsigned char ffdhe_params_2048[] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 
+	0x4A, 0x9A, 0xAF, 0xDC, 0x56, 0x20, 0x27, 
+	0x3D, 0x3C, 0xF1, 0xD8, 0xB9, 0xC5, 0x83, 
+	0xCE, 0x2D, 0x36, 0x95, 0xA9, 0xE1, 0x36, 
+	0x41, 0x14, 0x64, 0x33, 0xFB, 0xCC, 0x93, 
+	0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 0x7D, 
+	0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, 
+	0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 
+	0x7A, 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 
+	0x65, 0x61, 0x24, 0x33, 0xF5, 0x1F, 0x5F, 
+	0x06, 0x6E, 0xD0, 0x85, 0x63, 0x65, 0x55, 
+	0x3D, 0xED, 0x1A, 0xF3, 0xB5, 0x57, 0x13, 
+	0x5E, 0x7F, 0x57, 0xC9, 0x35, 0x98, 0x4F, 
+	0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, 0xE2, 
+	0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, 
+	0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 
+	0x35, 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 
+	0x79, 0x7A, 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 
+	0x24, 0xFB, 0x61, 0xD1, 0x08, 0xA9, 0x4B, 
+	0xB2, 0xC8, 0xE3, 0xFB, 0xB9, 0x6A, 0xDA, 
+	0xB7, 0x60, 0xD7, 0xF4, 0x68, 0x1D, 0x4F, 
+	0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, 0xAE, 
+	0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, 
+	0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 
+	0x70, 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 
+	0xE2, 0xEC, 0xC0, 0x34, 0x04, 0xCD, 0x28, 
+	0x34, 0x2F, 0x61, 0x91, 0x72, 0xFE, 0x9C, 
+	0xE9, 0x85, 0x83, 0xFF, 0x8E, 0x4F, 0x12, 
+	0x32, 0xEE, 0xF2, 0x81, 0x83, 0xC3, 0xFE, 
+	0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, 0x3B, 
+	0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, 
+	0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 
+	0xB2, 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 
+	0xEF, 0xFA, 0x88, 0x6B, 0x42, 0x38, 0x61, 
+	0x28, 0x5C, 0x97, 0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xFF, 0xFF, 0xFF
+};
+
+static const unsigned char ffdhe_q_2048[] = {
+	0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D,
+	0xA5, 0x4D, 0x57, 0xEE, 0x2B, 0x10, 0x13,
+	0x9E, 0x9E, 0x78, 0xEC, 0x5C, 0xE2, 0xC1,
+	0xE7, 0x16, 0x9B, 0x4A, 0xD4, 0xF0, 0x9B,
+	0x20, 0x8A, 0x32, 0x19, 0xFD, 0xE6, 0x49,
+	0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, 0xBE,
+	0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
+	0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30,
+	0xBD, 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE,
+	0xB2, 0xB0, 0x92, 0x19, 0xFA, 0x8F, 0xAF,
+	0x83, 0x37, 0x68, 0x42, 0xB1, 0xB2, 0xAA,
+	0x9E, 0xF6, 0x8D, 0x79, 0xDA, 0xAB, 0x89,
+	0xAF, 0x3F, 0xAB, 0xE4, 0x9A, 0xCC, 0x27,
+	0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, 0xF1,
+	0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
+	0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3,
+	0x9A, 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D,
+	0x3C, 0xBD, 0x5E, 0x05, 0x58, 0xC1, 0x59,
+	0x92, 0x7D, 0xB0, 0xE8, 0x84, 0x54, 0xA5,
+	0xD9, 0x64, 0x71, 0xFD, 0xDC, 0xB5, 0x6D,
+	0x5B, 0xB0, 0x6B, 0xFA, 0x34, 0x0E, 0xA7,
+	0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, 0x57,
+	0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
+	0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36,
+	0xB8, 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB,
+	0xF1, 0x76, 0x60, 0x1A, 0x02, 0x66, 0x94,
+	0x1A, 0x17, 0xB0, 0xC8, 0xB9, 0x7F, 0x4E,
+	0x74, 0xC2, 0xC1, 0xFF, 0xC7, 0x27, 0x89,
+	0x19, 0x77, 0x79, 0x40, 0xC1, 0xE1, 0xFF,
+	0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, 0x9D,
+	0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
+	0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41,
+	0xD9, 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9,
+	0x77, 0xFD, 0x44, 0x35, 0xA1, 0x1C, 0x30,
+	0x94, 0x2E, 0x4B, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_ffdhe_2048_group_prime = {
+	(void *) ffdhe_params_2048, sizeof(ffdhe_params_2048)
+};
+const gnutls_datum_t gnutls_ffdhe_2048_group_q = {
+	(void *) ffdhe_q_2048, sizeof(ffdhe_q_2048)
+};
+const gnutls_datum_t gnutls_ffdhe_2048_group_generator = {
+	(void *) &ffdhe_generator, sizeof(ffdhe_generator)
+};
+const unsigned int gnutls_ffdhe_2048_key_bits = 256;
+
+static const unsigned char ffdhe_params_3072[] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 
+	0x4A, 0x9A, 0xAF, 0xDC, 0x56, 0x20, 0x27, 
+	0x3D, 0x3C, 0xF1, 0xD8, 0xB9, 0xC5, 0x83, 
+	0xCE, 0x2D, 0x36, 0x95, 0xA9, 0xE1, 0x36, 
+	0x41, 0x14, 0x64, 0x33, 0xFB, 0xCC, 0x93, 
+	0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 0x7D, 
+	0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, 
+	0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 
+	0x7A, 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 
+	0x65, 0x61, 0x24, 0x33, 0xF5, 0x1F, 0x5F, 
+	0x06, 0x6E, 0xD0, 0x85, 0x63, 0x65, 0x55, 
+	0x3D, 0xED, 0x1A, 0xF3, 0xB5, 0x57, 0x13, 
+	0x5E, 0x7F, 0x57, 0xC9, 0x35, 0x98, 0x4F, 
+	0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, 0xE2, 
+	0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, 
+	0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 
+	0x35, 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 
+	0x79, 0x7A, 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 
+	0x24, 0xFB, 0x61, 0xD1, 0x08, 0xA9, 0x4B, 
+	0xB2, 0xC8, 0xE3, 0xFB, 0xB9, 0x6A, 0xDA, 
+	0xB7, 0x60, 0xD7, 0xF4, 0x68, 0x1D, 0x4F, 
+	0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, 0xAE, 
+	0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, 
+	0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 
+	0x70, 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 
+	0xE2, 0xEC, 0xC0, 0x34, 0x04, 0xCD, 0x28, 
+	0x34, 0x2F, 0x61, 0x91, 0x72, 0xFE, 0x9C, 
+	0xE9, 0x85, 0x83, 0xFF, 0x8E, 0x4F, 0x12, 
+	0x32, 0xEE, 0xF2, 0x81, 0x83, 0xC3, 0xFE, 
+	0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, 0x3B, 
+	0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, 
+	0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 
+	0xB2, 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 
+	0xEF, 0xFA, 0x88, 0x6B, 0x42, 0x38, 0x61, 
+	0x1F, 0xCF, 0xDC, 0xDE, 0x35, 0x5B, 0x3B, 
+	0x65, 0x19, 0x03, 0x5B, 0xBC, 0x34, 0xF4, 
+	0xDE, 0xF9, 0x9C, 0x02, 0x38, 0x61, 0xB4, 
+	0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, 0x7A, 
+	0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, 
+	0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 
+	0x1C, 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 
+	0x92, 0x70, 0xB4, 0x13, 0x0C, 0x93, 0xBC, 
+	0x43, 0x79, 0x44, 0xF4, 0xFD, 0x44, 0x52, 
+	0xE2, 0xD7, 0x4D, 0xD3, 0x64, 0xF2, 0xE2, 
+	0x1E, 0x71, 0xF5, 0x4B, 0xFF, 0x5C, 0xAE, 
+	0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, 0xE8, 
+	0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, 
+	0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 
+	0xDA, 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 
+	0x48, 0x4E, 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 
+	0x53, 0xDD, 0xEF, 0x3C, 0x1B, 0x20, 0xEE, 
+	0x3F, 0xD5, 0x9D, 0x7C, 0x25, 0xE4, 0x1D, 
+	0x2B, 0x66, 0xC6, 0x2E, 0x37, 0xFF, 0xFF, 
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+static const unsigned char ffdhe_q_3072[] = {
+	0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D,
+	0xA5, 0x4D, 0x57, 0xEE, 0x2B, 0x10, 0x13,
+	0x9E, 0x9E, 0x78, 0xEC, 0x5C, 0xE2, 0xC1,
+	0xE7, 0x16, 0x9B, 0x4A, 0xD4, 0xF0, 0x9B,
+	0x20, 0x8A, 0x32, 0x19, 0xFD, 0xE6, 0x49,
+	0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, 0xBE,
+	0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
+	0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30,
+	0xBD, 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE,
+	0xB2, 0xB0, 0x92, 0x19, 0xFA, 0x8F, 0xAF,
+	0x83, 0x37, 0x68, 0x42, 0xB1, 0xB2, 0xAA,
+	0x9E, 0xF6, 0x8D, 0x79, 0xDA, 0xAB, 0x89,
+	0xAF, 0x3F, 0xAB, 0xE4, 0x9A, 0xCC, 0x27,
+	0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, 0xF1,
+	0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
+	0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3,
+	0x9A, 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D,
+	0x3C, 0xBD, 0x5E, 0x05, 0x58, 0xC1, 0x59,
+	0x92, 0x7D, 0xB0, 0xE8, 0x84, 0x54, 0xA5,
+	0xD9, 0x64, 0x71, 0xFD, 0xDC, 0xB5, 0x6D,
+	0x5B, 0xB0, 0x6B, 0xFA, 0x34, 0x0E, 0xA7,
+	0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, 0x57,
+	0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
+	0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36,
+	0xB8, 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB,
+	0xF1, 0x76, 0x60, 0x1A, 0x02, 0x66, 0x94,
+	0x1A, 0x17, 0xB0, 0xC8, 0xB9, 0x7F, 0x4E,
+	0x74, 0xC2, 0xC1, 0xFF, 0xC7, 0x27, 0x89,
+	0x19, 0x77, 0x79, 0x40, 0xC1, 0xE1, 0xFF,
+	0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, 0x9D,
+	0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
+	0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41,
+	0xD9, 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9,
+	0x77, 0xFD, 0x44, 0x35, 0xA1, 0x1C, 0x30,
+	0x8F, 0xE7, 0xEE, 0x6F, 0x1A, 0xAD, 0x9D,
+	0xB2, 0x8C, 0x81, 0xAD, 0xDE, 0x1A, 0x7A,
+	0x6F, 0x7C, 0xCE, 0x01, 0x1C, 0x30, 0xDA,
+	0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83, 0xBD,
+	0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
+	0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C,
+	0x8E, 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89,
+	0xC9, 0x38, 0x5A, 0x09, 0x86, 0x49, 0xDE,
+	0x21, 0xBC, 0xA2, 0x7A, 0x7E, 0xA2, 0x29,
+	0x71, 0x6B, 0xA6, 0xE9, 0xB2, 0x79, 0x71,
+	0x0F, 0x38, 0xFA, 0xA5, 0xFF, 0xAE, 0x57,
+	0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F, 0x74,
+	0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
+	0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5,
+	0x6D, 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2,
+	0x24, 0x27, 0x05, 0x5E, 0x68, 0x35, 0xFD,
+	0x29, 0xEE, 0xF7, 0x9E, 0x0D, 0x90, 0x77,
+	0x1F, 0xEA, 0xCE, 0xBE, 0x12, 0xF2, 0x0E,
+	0x95, 0xB3, 0x63, 0x17, 0x1B, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_ffdhe_3072_group_prime = {
+	(void *) ffdhe_params_3072, sizeof(ffdhe_params_3072)
+};
+const gnutls_datum_t gnutls_ffdhe_3072_group_q = {
+	(void *) ffdhe_q_3072, sizeof(ffdhe_q_3072)
+};
+const gnutls_datum_t gnutls_ffdhe_3072_group_generator = {
+	(void *) &ffdhe_generator, sizeof(ffdhe_generator)
+};
+const unsigned int gnutls_ffdhe_3072_key_bits = 276;
+
+static const unsigned char ffdhe_params_4096[] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 
+	0x4A, 0x9A, 0xAF, 0xDC, 0x56, 0x20, 0x27, 
+	0x3D, 0x3C, 0xF1, 0xD8, 0xB9, 0xC5, 0x83, 
+	0xCE, 0x2D, 0x36, 0x95, 0xA9, 0xE1, 0x36, 
+	0x41, 0x14, 0x64, 0x33, 0xFB, 0xCC, 0x93, 
+	0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 0x7D, 
+	0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, 
+	0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 
+	0x7A, 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 
+	0x65, 0x61, 0x24, 0x33, 0xF5, 0x1F, 0x5F, 
+	0x06, 0x6E, 0xD0, 0x85, 0x63, 0x65, 0x55, 
+	0x3D, 0xED, 0x1A, 0xF3, 0xB5, 0x57, 0x13, 
+	0x5E, 0x7F, 0x57, 0xC9, 0x35, 0x98, 0x4F, 
+	0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, 0xE2, 
+	0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, 
+	0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 
+	0x35, 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 
+	0x79, 0x7A, 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 
+	0x24, 0xFB, 0x61, 0xD1, 0x08, 0xA9, 0x4B, 
+	0xB2, 0xC8, 0xE3, 0xFB, 0xB9, 0x6A, 0xDA, 
+	0xB7, 0x60, 0xD7, 0xF4, 0x68, 0x1D, 0x4F, 
+	0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, 0xAE, 
+	0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, 
+	0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 
+	0x70, 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 
+	0xE2, 0xEC, 0xC0, 0x34, 0x04, 0xCD, 0x28, 
+	0x34, 0x2F, 0x61, 0x91, 0x72, 0xFE, 0x9C, 
+	0xE9, 0x85, 0x83, 0xFF, 0x8E, 0x4F, 0x12, 
+	0x32, 0xEE, 0xF2, 0x81, 0x83, 0xC3, 0xFE, 
+	0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, 0x3B, 
+	0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, 
+	0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 
+	0xB2, 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 
+	0xEF, 0xFA, 0x88, 0x6B, 0x42, 0x38, 0x61, 
+	0x1F, 0xCF, 0xDC, 0xDE, 0x35, 0x5B, 0x3B, 
+	0x65, 0x19, 0x03, 0x5B, 0xBC, 0x34, 0xF4, 
+	0xDE, 0xF9, 0x9C, 0x02, 0x38, 0x61, 0xB4, 
+	0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, 0x7A, 
+	0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, 
+	0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 
+	0x1C, 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 
+	0x92, 0x70, 0xB4, 0x13, 0x0C, 0x93, 0xBC, 
+	0x43, 0x79, 0x44, 0xF4, 0xFD, 0x44, 0x52, 
+	0xE2, 0xD7, 0x4D, 0xD3, 0x64, 0xF2, 0xE2, 
+	0x1E, 0x71, 0xF5, 0x4B, 0xFF, 0x5C, 0xAE, 
+	0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, 0xE8, 
+	0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, 
+	0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 
+	0xDA, 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 
+	0x48, 0x4E, 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 
+	0x53, 0xDD, 0xEF, 0x3C, 0x1B, 0x20, 0xEE, 
+	0x3F, 0xD5, 0x9D, 0x7C, 0x25, 0xE4, 0x1D, 
+	0x2B, 0x66, 0x9E, 0x1E, 0xF1, 0x6E, 0x6F, 
+	0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, 0x79, 
+	0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, 
+	0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 
+	0x18, 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 
+	0x40, 0x04, 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 
+	0x31, 0xCC, 0x7A, 0x71, 0x35, 0xC8, 0x86, 
+	0xEF, 0xB4, 0x31, 0x8A, 0xED, 0x6A, 0x1E, 
+	0x01, 0x2D, 0x9E, 0x68, 0x32, 0xA9, 0x07, 
+	0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, 0x6D, 
+	0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, 
+	0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 
+	0x7A, 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 
+	0x00, 0x3C, 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 
+	0x8D, 0x0A, 0xCC, 0x0A, 0x82, 0x91, 0xCD, 
+	0xCE, 0xC9, 0x7D, 0xCF, 0x8E, 0xC9, 0xB5, 
+	0x5A, 0x7F, 0x88, 0xA4, 0x6B, 0x4D, 0xB5, 
+	0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, 0xC6, 
+	0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A, 
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF
+};
+
+static const unsigned char ffdhe_q_4096[] = {
+	0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D,
+	0xA5, 0x4D, 0x57, 0xEE, 0x2B, 0x10, 0x13,
+	0x9E, 0x9E, 0x78, 0xEC, 0x5C, 0xE2, 0xC1,
+	0xE7, 0x16, 0x9B, 0x4A, 0xD4, 0xF0, 0x9B,
+	0x20, 0x8A, 0x32, 0x19, 0xFD, 0xE6, 0x49,
+	0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, 0xBE,
+	0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
+	0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30,
+	0xBD, 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE,
+	0xB2, 0xB0, 0x92, 0x19, 0xFA, 0x8F, 0xAF,
+	0x83, 0x37, 0x68, 0x42, 0xB1, 0xB2, 0xAA,
+	0x9E, 0xF6, 0x8D, 0x79, 0xDA, 0xAB, 0x89,
+	0xAF, 0x3F, 0xAB, 0xE4, 0x9A, 0xCC, 0x27,
+	0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, 0xF1,
+	0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
+	0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3,
+	0x9A, 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D,
+	0x3C, 0xBD, 0x5E, 0x05, 0x58, 0xC1, 0x59,
+	0x92, 0x7D, 0xB0, 0xE8, 0x84, 0x54, 0xA5,
+	0xD9, 0x64, 0x71, 0xFD, 0xDC, 0xB5, 0x6D,
+	0x5B, 0xB0, 0x6B, 0xFA, 0x34, 0x0E, 0xA7,
+	0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, 0x57,
+	0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
+	0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36,
+	0xB8, 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB,
+	0xF1, 0x76, 0x60, 0x1A, 0x02, 0x66, 0x94,
+	0x1A, 0x17, 0xB0, 0xC8, 0xB9, 0x7F, 0x4E,
+	0x74, 0xC2, 0xC1, 0xFF, 0xC7, 0x27, 0x89,
+	0x19, 0x77, 0x79, 0x40, 0xC1, 0xE1, 0xFF,
+	0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, 0x9D,
+	0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
+	0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41,
+	0xD9, 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9,
+	0x77, 0xFD, 0x44, 0x35, 0xA1, 0x1C, 0x30,
+	0x8F, 0xE7, 0xEE, 0x6F, 0x1A, 0xAD, 0x9D,
+	0xB2, 0x8C, 0x81, 0xAD, 0xDE, 0x1A, 0x7A,
+	0x6F, 0x7C, 0xCE, 0x01, 0x1C, 0x30, 0xDA,
+	0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83, 0xBD,
+	0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
+	0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C,
+	0x8E, 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89,
+	0xC9, 0x38, 0x5A, 0x09, 0x86, 0x49, 0xDE,
+	0x21, 0xBC, 0xA2, 0x7A, 0x7E, 0xA2, 0x29,
+	0x71, 0x6B, 0xA6, 0xE9, 0xB2, 0x79, 0x71,
+	0x0F, 0x38, 0xFA, 0xA5, 0xFF, 0xAE, 0x57,
+	0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F, 0x74,
+	0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
+	0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5,
+	0x6D, 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2,
+	0x24, 0x27, 0x05, 0x5E, 0x68, 0x35, 0xFD,
+	0x29, 0xEE, 0xF7, 0x9E, 0x0D, 0x90, 0x77,
+	0x1F, 0xEA, 0xCE, 0xBE, 0x12, 0xF2, 0x0E,
+	0x95, 0xB3, 0x4F, 0x0F, 0x78, 0xB7, 0x37,
+	0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D, 0xBC,
+	0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB,
+	0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6,
+	0x8C, 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81,
+	0xA0, 0x02, 0x43, 0xFA, 0xAD, 0xD2, 0xBF,
+	0x18, 0xE6, 0x3D, 0x38, 0x9A, 0xE4, 0x43,
+	0x77, 0xDA, 0x18, 0xC5, 0x76, 0xB5, 0x0F,
+	0x00, 0x96, 0xCF, 0x34, 0x19, 0x54, 0x83,
+	0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62, 0x36,
+	0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C,
+	0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5,
+	0xBD, 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0,
+	0x00, 0x1E, 0x15, 0x27, 0x67, 0x54, 0xFC,
+	0xC6, 0x85, 0x66, 0x05, 0x41, 0x48, 0xE6,
+	0xE7, 0x64, 0xBE, 0xE7, 0xC7, 0x64, 0xDA,
+	0xAD, 0x3F, 0xC4, 0x52, 0x35, 0xA6, 0xDA,
+	0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70, 0xE3,
+	0x45, 0x00, 0x3F, 0x2F, 0x32, 0xAF, 0xB5,
+	0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF
+};
+
+const gnutls_datum_t gnutls_ffdhe_4096_group_prime = {
+	(void *) ffdhe_params_4096, sizeof(ffdhe_params_4096)
+};
+const gnutls_datum_t gnutls_ffdhe_4096_group_q = {
+	(void *) ffdhe_q_4096, sizeof(ffdhe_q_4096)
+};
+const gnutls_datum_t gnutls_ffdhe_4096_group_generator = {
+	(void *) &ffdhe_generator, sizeof(ffdhe_generator)
+};
+const unsigned int gnutls_ffdhe_4096_key_bits = 336;
+
+static const unsigned char ffdhe_params_6144[] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB,
+	0x4A, 0x9A, 0xAF, 0xDC, 0x56, 0x20, 0x27,
+	0x3D, 0x3C, 0xF1, 0xD8, 0xB9, 0xC5, 0x83,
+	0xCE, 0x2D, 0x36, 0x95, 0xA9, 0xE1, 0x36,
+	0x41, 0x14, 0x64, 0x33, 0xFB, 0xCC, 0x93,
+	0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 0x7D,
+	0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
+	0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61,
+	0x7A, 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD,
+	0x65, 0x61, 0x24, 0x33, 0xF5, 0x1F, 0x5F,
+	0x06, 0x6E, 0xD0, 0x85, 0x63, 0x65, 0x55,
+	0x3D, 0xED, 0x1A, 0xF3, 0xB5, 0x57, 0x13,
+	0x5E, 0x7F, 0x57, 0xC9, 0x35, 0x98, 0x4F,
+	0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, 0xE2,
+	0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
+	0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7,
+	0x35, 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A,
+	0x79, 0x7A, 0xBC, 0x0A, 0xB1, 0x82, 0xB3,
+	0x24, 0xFB, 0x61, 0xD1, 0x08, 0xA9, 0x4B,
+	0xB2, 0xC8, 0xE3, 0xFB, 0xB9, 0x6A, 0xDA,
+	0xB7, 0x60, 0xD7, 0xF4, 0x68, 0x1D, 0x4F,
+	0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, 0xAE,
+	0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
+	0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D,
+	0x70, 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7,
+	0xE2, 0xEC, 0xC0, 0x34, 0x04, 0xCD, 0x28,
+	0x34, 0x2F, 0x61, 0x91, 0x72, 0xFE, 0x9C,
+	0xE9, 0x85, 0x83, 0xFF, 0x8E, 0x4F, 0x12,
+	0x32, 0xEE, 0xF2, 0x81, 0x83, 0xC3, 0xFE,
+	0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, 0x3B,
+	0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
+	0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83,
+	0xB2, 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2,
+	0xEF, 0xFA, 0x88, 0x6B, 0x42, 0x38, 0x61,
+	0x1F, 0xCF, 0xDC, 0xDE, 0x35, 0x5B, 0x3B,
+	0x65, 0x19, 0x03, 0x5B, 0xBC, 0x34, 0xF4,
+	0xDE, 0xF9, 0x9C, 0x02, 0x38, 0x61, 0xB4,
+	0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, 0x7A,
+	0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
+	0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9,
+	0x1C, 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13,
+	0x92, 0x70, 0xB4, 0x13, 0x0C, 0x93, 0xBC,
+	0x43, 0x79, 0x44, 0xF4, 0xFD, 0x44, 0x52,
+	0xE2, 0xD7, 0x4D, 0xD3, 0x64, 0xF2, 0xE2,
+	0x1E, 0x71, 0xF5, 0x4B, 0xFF, 0x5C, 0xAE,
+	0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, 0xE8,
+	0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
+	0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA,
+	0xDA, 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4,
+	0x48, 0x4E, 0x0A, 0xBC, 0xD0, 0x6B, 0xFA,
+	0x53, 0xDD, 0xEF, 0x3C, 0x1B, 0x20, 0xEE,
+	0x3F, 0xD5, 0x9D, 0x7C, 0x25, 0xE4, 0x1D,
+	0x2B, 0x66, 0x9E, 0x1E, 0xF1, 0x6E, 0x6F,
+	0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, 0x79,
+	0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
+	0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D,
+	0x18, 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03,
+	0x40, 0x04, 0x87, 0xF5, 0x5B, 0xA5, 0x7E,
+	0x31, 0xCC, 0x7A, 0x71, 0x35, 0xC8, 0x86,
+	0xEF, 0xB4, 0x31, 0x8A, 0xED, 0x6A, 0x1E,
+	0x01, 0x2D, 0x9E, 0x68, 0x32, 0xA9, 0x07,
+	0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, 0x6D,
+	0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
+	0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B,
+	0x7A, 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40,
+	0x00, 0x3C, 0x2A, 0x4E, 0xCE, 0xA9, 0xF9,
+	0x8D, 0x0A, 0xCC, 0x0A, 0x82, 0x91, 0xCD,
+	0xCE, 0xC9, 0x7D, 0xCF, 0x8E, 0xC9, 0xB5,
+	0x5A, 0x7F, 0x88, 0xA4, 0x6B, 0x4D, 0xB5,
+	0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, 0xC6,
+	0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02,
+	0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C,
+	0x7A, 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53,
+	0x2A, 0x3A, 0x23, 0xBA, 0x44, 0x42, 0xCA,
+	0xF5, 0x3E, 0xA6, 0x3B, 0xB4, 0x54, 0x32,
+	0x9B, 0x76, 0x24, 0xC8, 0x91, 0x7B, 0xDD,
+	0x64, 0xB1, 0xC0, 0xFD, 0x4C, 0xB3, 0x8E,
+	0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, 0xCD,
+	0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71,
+	0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04,
+	0x1F, 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD,
+	0xB4, 0x77, 0xA5, 0x24, 0x71, 0xF7, 0xA9,
+	0xA9, 0x69, 0x10, 0xB8, 0x55, 0x32, 0x2E,
+	0xDB, 0x63, 0x40, 0xD8, 0xA0, 0x0E, 0xF0,
+	0x92, 0x35, 0x05, 0x11, 0xE3, 0x0A, 0xBE,
+	0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, 0x7F,
+	0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3,
+	0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9,
+	0xB4, 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2,
+	0xBB, 0xC1, 0x94, 0xC6, 0x65, 0x1E, 0x77,
+	0xCA, 0xF9, 0x92, 0xEE, 0xAA, 0xC0, 0x23,
+	0x2A, 0x28, 0x1B, 0xF6, 0xB3, 0xA7, 0x39,
+	0xC1, 0x22, 0x61, 0x16, 0x82, 0x0A, 0xE8,
+	0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, 0xF9,
+	0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C,
+	0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F,
+	0x5E, 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62,
+	0xA8, 0x46, 0x50, 0x5D, 0xC8, 0x2D, 0xB8,
+	0x54, 0x33, 0x8A, 0xE4, 0x9F, 0x52, 0x35,
+	0xC9, 0x5B, 0x91, 0x17, 0x8C, 0xCF, 0x2D,
+	0xD5, 0xCA, 0xCE, 0xF4, 0x03, 0xEC, 0x9D,
+	0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, 0x5B,
+	0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6,
+	0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E,
+	0x69, 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31,
+	0x61, 0xC1, 0xA4, 0x1D, 0x57, 0x0D, 0x79,
+	0x38, 0xDA, 0xD4, 0xA4, 0x0E, 0x32, 0x9C,
+	0xD0, 0xE4, 0x0E, 0x65, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+static const unsigned char ffdhe_q_6144[] = {
+	0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D,
+	0xA5, 0x4D, 0x57, 0xEE, 0x2B, 0x10, 0x13,
+	0x9E, 0x9E, 0x78, 0xEC, 0x5C, 0xE2, 0xC1,
+	0xE7, 0x16, 0x9B, 0x4A, 0xD4, 0xF0, 0x9B,
+	0x20, 0x8A, 0x32, 0x19, 0xFD, 0xE6, 0x49,
+	0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, 0xBE,
+	0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
+	0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30,
+	0xBD, 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE,
+	0xB2, 0xB0, 0x92, 0x19, 0xFA, 0x8F, 0xAF,
+	0x83, 0x37, 0x68, 0x42, 0xB1, 0xB2, 0xAA,
+	0x9E, 0xF6, 0x8D, 0x79, 0xDA, 0xAB, 0x89,
+	0xAF, 0x3F, 0xAB, 0xE4, 0x9A, 0xCC, 0x27,
+	0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, 0xF1,
+	0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
+	0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3,
+	0x9A, 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D,
+	0x3C, 0xBD, 0x5E, 0x05, 0x58, 0xC1, 0x59,
+	0x92, 0x7D, 0xB0, 0xE8, 0x84, 0x54, 0xA5,
+	0xD9, 0x64, 0x71, 0xFD, 0xDC, 0xB5, 0x6D,
+	0x5B, 0xB0, 0x6B, 0xFA, 0x34, 0x0E, 0xA7,
+	0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, 0x57,
+	0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
+	0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36,
+	0xB8, 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB,
+	0xF1, 0x76, 0x60, 0x1A, 0x02, 0x66, 0x94,
+	0x1A, 0x17, 0xB0, 0xC8, 0xB9, 0x7F, 0x4E,
+	0x74, 0xC2, 0xC1, 0xFF, 0xC7, 0x27, 0x89,
+	0x19, 0x77, 0x79, 0x40, 0xC1, 0xE1, 0xFF,
+	0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, 0x9D,
+	0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
+	0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41,
+	0xD9, 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9,
+	0x77, 0xFD, 0x44, 0x35, 0xA1, 0x1C, 0x30,
+	0x8F, 0xE7, 0xEE, 0x6F, 0x1A, 0xAD, 0x9D,
+	0xB2, 0x8C, 0x81, 0xAD, 0xDE, 0x1A, 0x7A,
+	0x6F, 0x7C, 0xCE, 0x01, 0x1C, 0x30, 0xDA,
+	0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83, 0xBD,
+	0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
+	0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C,
+	0x8E, 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89,
+	0xC9, 0x38, 0x5A, 0x09, 0x86, 0x49, 0xDE,
+	0x21, 0xBC, 0xA2, 0x7A, 0x7E, 0xA2, 0x29,
+	0x71, 0x6B, 0xA6, 0xE9, 0xB2, 0x79, 0x71,
+	0x0F, 0x38, 0xFA, 0xA5, 0xFF, 0xAE, 0x57,
+	0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F, 0x74,
+	0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
+	0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5,
+	0x6D, 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2,
+	0x24, 0x27, 0x05, 0x5E, 0x68, 0x35, 0xFD,
+	0x29, 0xEE, 0xF7, 0x9E, 0x0D, 0x90, 0x77,
+	0x1F, 0xEA, 0xCE, 0xBE, 0x12, 0xF2, 0x0E,
+	0x95, 0xB3, 0x4F, 0x0F, 0x78, 0xB7, 0x37,
+	0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D, 0xBC,
+	0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB,
+	0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6,
+	0x8C, 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81,
+	0xA0, 0x02, 0x43, 0xFA, 0xAD, 0xD2, 0xBF,
+	0x18, 0xE6, 0x3D, 0x38, 0x9A, 0xE4, 0x43,
+	0x77, 0xDA, 0x18, 0xC5, 0x76, 0xB5, 0x0F,
+	0x00, 0x96, 0xCF, 0x34, 0x19, 0x54, 0x83,
+	0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62, 0x36,
+	0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C,
+	0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5,
+	0xBD, 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0,
+	0x00, 0x1E, 0x15, 0x27, 0x67, 0x54, 0xFC,
+	0xC6, 0x85, 0x66, 0x05, 0x41, 0x48, 0xE6,
+	0xE7, 0x64, 0xBE, 0xE7, 0xC7, 0x64, 0xDA,
+	0xAD, 0x3F, 0xC4, 0x52, 0x35, 0xA6, 0xDA,
+	0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70, 0xE3,
+	0x45, 0x00, 0x3F, 0x2F, 0x06, 0xEC, 0x81,
+	0x05, 0xFE, 0xB2, 0x5B, 0x22, 0x81, 0xB6,
+	0x3D, 0x27, 0x33, 0xBE, 0x96, 0x1C, 0x29,
+	0x95, 0x1D, 0x11, 0xDD, 0x22, 0x21, 0x65,
+	0x7A, 0x9F, 0x53, 0x1D, 0xDA, 0x2A, 0x19,
+	0x4D, 0xBB, 0x12, 0x64, 0x48, 0xBD, 0xEE,
+	0xB2, 0x58, 0xE0, 0x7E, 0xA6, 0x59, 0xC7,
+	0x46, 0x19, 0xA6, 0x38, 0x0E, 0x1D, 0x66,
+	0xD6, 0x83, 0x2B, 0xFE, 0x67, 0xF6, 0x38,
+	0xCD, 0x8F, 0xAE, 0x1F, 0x27, 0x23, 0x02,
+	0x0F, 0x9C, 0x40, 0xA3, 0xFD, 0xA6, 0x7E,
+	0xDA, 0x3B, 0xD2, 0x92, 0x38, 0xFB, 0xD4,
+	0xD4, 0xB4, 0x88, 0x5C, 0x2A, 0x99, 0x17,
+	0x6D, 0xB1, 0xA0, 0x6C, 0x50, 0x07, 0x78,
+	0x49, 0x1A, 0x82, 0x88, 0xF1, 0x85, 0x5F,
+	0x60, 0xFF, 0xFC, 0xF1, 0xD1, 0x37, 0x3F,
+	0xD9, 0x4F, 0xC6, 0x0C, 0x18, 0x11, 0xE1,
+	0xAC, 0x3F, 0x1C, 0x6D, 0x00, 0x3B, 0xEC,
+	0xDA, 0x3B, 0x1F, 0x27, 0x25, 0xCA, 0x59,
+	0x5D, 0xE0, 0xCA, 0x63, 0x32, 0x8F, 0x3B,
+	0xE5, 0x7C, 0xC9, 0x77, 0x55, 0x60, 0x11,
+	0x95, 0x14, 0x0D, 0xFB, 0x59, 0xD3, 0x9C,
+	0xE0, 0x91, 0x30, 0x8B, 0x41, 0x05, 0x74,
+	0x6D, 0xAC, 0x23, 0xD3, 0x3E, 0x5F, 0x7C,
+	0xE4, 0x84, 0x8D, 0xA3, 0x16, 0xA9, 0xC6,
+	0x6B, 0x95, 0x81, 0xBA, 0x35, 0x73, 0xBF,
+	0xAF, 0x31, 0x14, 0x96, 0x18, 0x8A, 0xB1,
+	0x54, 0x23, 0x28, 0x2E, 0xE4, 0x16, 0xDC,
+	0x2A, 0x19, 0xC5, 0x72, 0x4F, 0xA9, 0x1A,
+	0xE4, 0xAD, 0xC8, 0x8B, 0xC6, 0x67, 0x96,
+	0xEA, 0xE5, 0x67, 0x7A, 0x01, 0xF6, 0x4E,
+	0x8C, 0x08, 0x63, 0x13, 0x95, 0x82, 0x2D,
+	0x9D, 0xB8, 0xFC, 0xEE, 0x35, 0xC0, 0x6B,
+	0x1F, 0xEE, 0xA5, 0x47, 0x4D, 0x6D, 0x8F,
+	0x34, 0xB1, 0x53, 0x4A, 0x93, 0x6A, 0x18,
+	0xB0, 0xE0, 0xD2, 0x0E, 0xAB, 0x86, 0xBC,
+	0x9C, 0x6D, 0x6A, 0x52, 0x07, 0x19, 0x4E,
+	0x68, 0x72, 0x07, 0x32, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_ffdhe_6144_group_prime = {
+	(void *) ffdhe_params_6144, sizeof(ffdhe_params_6144)
+};
+const gnutls_datum_t gnutls_ffdhe_6144_group_q = {
+	(void *) ffdhe_q_6144, sizeof(ffdhe_q_6144)
+};
+const gnutls_datum_t gnutls_ffdhe_6144_group_generator = {
+	(void *) &ffdhe_generator, sizeof(ffdhe_generator)
+};
+const unsigned int gnutls_ffdhe_6144_key_bits = 376;
+
+static const unsigned char ffdhe_params_8192[] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 
+	0x4A, 0x9A, 0xAF, 0xDC, 0x56, 0x20, 0x27, 
+	0x3D, 0x3C, 0xF1, 0xD8, 0xB9, 0xC5, 0x83, 
+	0xCE, 0x2D, 0x36, 0x95, 0xA9, 0xE1, 0x36, 
+	0x41, 0x14, 0x64, 0x33, 0xFB, 0xCC, 0x93, 
+	0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 0x7D, 
+	0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, 
+	0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 
+	0x7A, 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 
+	0x65, 0x61, 0x24, 0x33, 0xF5, 0x1F, 0x5F, 
+	0x06, 0x6E, 0xD0, 0x85, 0x63, 0x65, 0x55, 
+	0x3D, 0xED, 0x1A, 0xF3, 0xB5, 0x57, 0x13, 
+	0x5E, 0x7F, 0x57, 0xC9, 0x35, 0x98, 0x4F, 
+	0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, 0xE2, 
+	0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, 
+	0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 
+	0x35, 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 
+	0x79, 0x7A, 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 
+	0x24, 0xFB, 0x61, 0xD1, 0x08, 0xA9, 0x4B, 
+	0xB2, 0xC8, 0xE3, 0xFB, 0xB9, 0x6A, 0xDA, 
+	0xB7, 0x60, 0xD7, 0xF4, 0x68, 0x1D, 0x4F, 
+	0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, 0xAE, 
+	0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, 
+	0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 
+	0x70, 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 
+	0xE2, 0xEC, 0xC0, 0x34, 0x04, 0xCD, 0x28, 
+	0x34, 0x2F, 0x61, 0x91, 0x72, 0xFE, 0x9C, 
+	0xE9, 0x85, 0x83, 0xFF, 0x8E, 0x4F, 0x12, 
+	0x32, 0xEE, 0xF2, 0x81, 0x83, 0xC3, 0xFE, 
+	0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, 0x3B, 
+	0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, 
+	0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 
+	0xB2, 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 
+	0xEF, 0xFA, 0x88, 0x6B, 0x42, 0x38, 0x61, 
+	0x1F, 0xCF, 0xDC, 0xDE, 0x35, 0x5B, 0x3B, 
+	0x65, 0x19, 0x03, 0x5B, 0xBC, 0x34, 0xF4, 
+	0xDE, 0xF9, 0x9C, 0x02, 0x38, 0x61, 0xB4, 
+	0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, 0x7A, 
+	0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, 
+	0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 
+	0x1C, 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 
+	0x92, 0x70, 0xB4, 0x13, 0x0C, 0x93, 0xBC, 
+	0x43, 0x79, 0x44, 0xF4, 0xFD, 0x44, 0x52, 
+	0xE2, 0xD7, 0x4D, 0xD3, 0x64, 0xF2, 0xE2, 
+	0x1E, 0x71, 0xF5, 0x4B, 0xFF, 0x5C, 0xAE, 
+	0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, 0xE8, 
+	0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, 
+	0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 
+	0xDA, 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 
+	0x48, 0x4E, 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 
+	0x53, 0xDD, 0xEF, 0x3C, 0x1B, 0x20, 0xEE, 
+	0x3F, 0xD5, 0x9D, 0x7C, 0x25, 0xE4, 0x1D, 
+	0x2B, 0x66, 0x9E, 0x1E, 0xF1, 0x6E, 0x6F, 
+	0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, 0x79, 
+	0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, 
+	0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 
+	0x18, 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 
+	0x40, 0x04, 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 
+	0x31, 0xCC, 0x7A, 0x71, 0x35, 0xC8, 0x86, 
+	0xEF, 0xB4, 0x31, 0x8A, 0xED, 0x6A, 0x1E, 
+	0x01, 0x2D, 0x9E, 0x68, 0x32, 0xA9, 0x07, 
+	0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, 0x6D, 
+	0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, 
+	0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 
+	0x7A, 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 
+	0x00, 0x3C, 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 
+	0x8D, 0x0A, 0xCC, 0x0A, 0x82, 0x91, 0xCD, 
+	0xCE, 0xC9, 0x7D, 0xCF, 0x8E, 0xC9, 0xB5, 
+	0x5A, 0x7F, 0x88, 0xA4, 0x6B, 0x4D, 0xB5, 
+	0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, 0xC6, 
+	0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, 
+	0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 
+	0x7A, 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 
+	0x2A, 0x3A, 0x23, 0xBA, 0x44, 0x42, 0xCA, 
+	0xF5, 0x3E, 0xA6, 0x3B, 0xB4, 0x54, 0x32, 
+	0x9B, 0x76, 0x24, 0xC8, 0x91, 0x7B, 0xDD, 
+	0x64, 0xB1, 0xC0, 0xFD, 0x4C, 0xB3, 0x8E, 
+	0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, 0xCD, 
+	0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, 
+	0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 
+	0x1F, 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 
+	0xB4, 0x77, 0xA5, 0x24, 0x71, 0xF7, 0xA9, 
+	0xA9, 0x69, 0x10, 0xB8, 0x55, 0x32, 0x2E, 
+	0xDB, 0x63, 0x40, 0xD8, 0xA0, 0x0E, 0xF0, 
+	0x92, 0x35, 0x05, 0x11, 0xE3, 0x0A, 0xBE, 
+	0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, 0x7F, 
+	0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, 
+	0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 
+	0xB4, 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 
+	0xBB, 0xC1, 0x94, 0xC6, 0x65, 0x1E, 0x77, 
+	0xCA, 0xF9, 0x92, 0xEE, 0xAA, 0xC0, 0x23, 
+	0x2A, 0x28, 0x1B, 0xF6, 0xB3, 0xA7, 0x39, 
+	0xC1, 0x22, 0x61, 0x16, 0x82, 0x0A, 0xE8, 
+	0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, 0xF9, 
+	0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, 
+	0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 
+	0x5E, 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 
+	0xA8, 0x46, 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 
+	0x54, 0x33, 0x8A, 0xE4, 0x9F, 0x52, 0x35, 
+	0xC9, 0x5B, 0x91, 0x17, 0x8C, 0xCF, 0x2D, 
+	0xD5, 0xCA, 0xCE, 0xF4, 0x03, 0xEC, 0x9D, 
+	0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, 0x5B, 
+	0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, 
+	0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 
+	0x69, 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 
+	0x61, 0xC1, 0xA4, 0x1D, 0x57, 0x0D, 0x79, 
+	0x38, 0xDA, 0xD4, 0xA4, 0x0E, 0x32, 0x9C, 
+	0xCF, 0xF4, 0x6A, 0xAA, 0x36, 0xAD, 0x00, 
+	0x4C, 0xF6, 0x00, 0xC8, 0x38, 0x1E, 0x42, 
+	0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64, 0xFD, 
+	0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43, 
+	0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 
+	0x5E, 0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 
+	0x10, 0xEF, 0x86, 0xB6, 0x31, 0x42, 0xA3, 
+	0xAB, 0x88, 0x29, 0x55, 0x5B, 0x2F, 0x74, 
+	0x7C, 0x93, 0x26, 0x65, 0xCB, 0x2C, 0x0F, 
+	0x1C, 0xC0, 0x1B, 0xD7, 0x02, 0x29, 0x38, 
+	0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4, 0x54, 
+	0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82, 
+	0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 
+	0x5C, 0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 
+	0x82, 0x51, 0x54, 0x1F, 0xC6, 0x8C, 0x9C, 
+	0x86, 0xB0, 0x22, 0xBB, 0x70, 0x99, 0x87, 
+	0x6A, 0x46, 0x0E, 0x74, 0x51, 0xA8, 0xA9, 
+	0x31, 0x09, 0x70, 0x3F, 0xEE, 0x1C, 0x21, 
+	0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C, 0x51, 
+	0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC, 
+	0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 
+	0x7B, 0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 
+	0x95, 0xF9, 0xD5, 0xB8, 0x01, 0x94, 0x88, 
+	0xD9, 0xC0, 0xA0, 0xA1, 0xFE, 0x30, 0x75, 
+	0xA5, 0x77, 0xE2, 0x31, 0x83, 0xF8, 0x1D, 
+	0x4A, 0x3F, 0x2F, 0xA4, 0x57, 0x1E, 0xFC, 
+	0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8, 0xB6, 
+	0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E, 
+	0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 
+	0x30, 0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 
+	0xA8, 0x7E, 0x2F, 0x74, 0x1E, 0xF8, 0xC1, 
+	0xFE, 0x86, 0xFE, 0xA6, 0xBB, 0xFD, 0xE5, 
+	0x30, 0x67, 0x7F, 0x0D, 0x97, 0xD1, 0x1D, 
+	0x49, 0xF7, 0xA8, 0x44, 0x3D, 0x08, 0x22, 
+	0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E, 0x01, 
+	0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C, 
+	0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 
+	0x4C, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 
+	0xFF, 0xFF
+};
+
+static const unsigned char ffdhe_q_8192[] = {
+	0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D,
+	0xA5, 0x4D, 0x57, 0xEE, 0x2B, 0x10, 0x13,
+	0x9E, 0x9E, 0x78, 0xEC, 0x5C, 0xE2, 0xC1,
+	0xE7, 0x16, 0x9B, 0x4A, 0xD4, 0xF0, 0x9B,
+	0x20, 0x8A, 0x32, 0x19, 0xFD, 0xE6, 0x49,
+	0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C, 0xBE,
+	0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
+	0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30,
+	0xBD, 0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE,
+	0xB2, 0xB0, 0x92, 0x19, 0xFA, 0x8F, 0xAF,
+	0x83, 0x37, 0x68, 0x42, 0xB1, 0xB2, 0xAA,
+	0x9E, 0xF6, 0x8D, 0x79, 0xDA, 0xAB, 0x89,
+	0xAF, 0x3F, 0xAB, 0xE4, 0x9A, 0xCC, 0x27,
+	0x86, 0x38, 0x70, 0x73, 0x45, 0xBB, 0xF1,
+	0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
+	0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3,
+	0x9A, 0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D,
+	0x3C, 0xBD, 0x5E, 0x05, 0x58, 0xC1, 0x59,
+	0x92, 0x7D, 0xB0, 0xE8, 0x84, 0x54, 0xA5,
+	0xD9, 0x64, 0x71, 0xFD, 0xDC, 0xB5, 0x6D,
+	0x5B, 0xB0, 0x6B, 0xFA, 0x34, 0x0E, 0xA7,
+	0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA, 0x57,
+	0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
+	0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36,
+	0xB8, 0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB,
+	0xF1, 0x76, 0x60, 0x1A, 0x02, 0x66, 0x94,
+	0x1A, 0x17, 0xB0, 0xC8, 0xB9, 0x7F, 0x4E,
+	0x74, 0xC2, 0xC1, 0xFF, 0xC7, 0x27, 0x89,
+	0x19, 0x77, 0x79, 0x40, 0xC1, 0xE1, 0xFF,
+	0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9, 0x9D,
+	0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
+	0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41,
+	0xD9, 0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9,
+	0x77, 0xFD, 0x44, 0x35, 0xA1, 0x1C, 0x30,
+	0x8F, 0xE7, 0xEE, 0x6F, 0x1A, 0xAD, 0x9D,
+	0xB2, 0x8C, 0x81, 0xAD, 0xDE, 0x1A, 0x7A,
+	0x6F, 0x7C, 0xCE, 0x01, 0x1C, 0x30, 0xDA,
+	0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83, 0xBD,
+	0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
+	0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C,
+	0x8E, 0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89,
+	0xC9, 0x38, 0x5A, 0x09, 0x86, 0x49, 0xDE,
+	0x21, 0xBC, 0xA2, 0x7A, 0x7E, 0xA2, 0x29,
+	0x71, 0x6B, 0xA6, 0xE9, 0xB2, 0x79, 0x71,
+	0x0F, 0x38, 0xFA, 0xA5, 0xFF, 0xAE, 0x57,
+	0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F, 0x74,
+	0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
+	0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5,
+	0x6D, 0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2,
+	0x24, 0x27, 0x05, 0x5E, 0x68, 0x35, 0xFD,
+	0x29, 0xEE, 0xF7, 0x9E, 0x0D, 0x90, 0x77,
+	0x1F, 0xEA, 0xCE, 0xBE, 0x12, 0xF2, 0x0E,
+	0x95, 0xB3, 0x4F, 0x0F, 0x78, 0xB7, 0x37,
+	0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D, 0xBC,
+	0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB,
+	0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6,
+	0x8C, 0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81,
+	0xA0, 0x02, 0x43, 0xFA, 0xAD, 0xD2, 0xBF,
+	0x18, 0xE6, 0x3D, 0x38, 0x9A, 0xE4, 0x43,
+	0x77, 0xDA, 0x18, 0xC5, 0x76, 0xB5, 0x0F,
+	0x00, 0x96, 0xCF, 0x34, 0x19, 0x54, 0x83,
+	0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62, 0x36,
+	0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C,
+	0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5,
+	0xBD, 0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0,
+	0x00, 0x1E, 0x15, 0x27, 0x67, 0x54, 0xFC,
+	0xC6, 0x85, 0x66, 0x05, 0x41, 0x48, 0xE6,
+	0xE7, 0x64, 0xBE, 0xE7, 0xC7, 0x64, 0xDA,
+	0xAD, 0x3F, 0xC4, 0x52, 0x35, 0xA6, 0xDA,
+	0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70, 0xE3,
+	0x45, 0x00, 0x3F, 0x2F, 0x06, 0xEC, 0x81,
+	0x05, 0xFE, 0xB2, 0x5B, 0x22, 0x81, 0xB6,
+	0x3D, 0x27, 0x33, 0xBE, 0x96, 0x1C, 0x29,
+	0x95, 0x1D, 0x11, 0xDD, 0x22, 0x21, 0x65,
+	0x7A, 0x9F, 0x53, 0x1D, 0xDA, 0x2A, 0x19,
+	0x4D, 0xBB, 0x12, 0x64, 0x48, 0xBD, 0xEE,
+	0xB2, 0x58, 0xE0, 0x7E, 0xA6, 0x59, 0xC7,
+	0x46, 0x19, 0xA6, 0x38, 0x0E, 0x1D, 0x66,
+	0xD6, 0x83, 0x2B, 0xFE, 0x67, 0xF6, 0x38,
+	0xCD, 0x8F, 0xAE, 0x1F, 0x27, 0x23, 0x02,
+	0x0F, 0x9C, 0x40, 0xA3, 0xFD, 0xA6, 0x7E,
+	0xDA, 0x3B, 0xD2, 0x92, 0x38, 0xFB, 0xD4,
+	0xD4, 0xB4, 0x88, 0x5C, 0x2A, 0x99, 0x17,
+	0x6D, 0xB1, 0xA0, 0x6C, 0x50, 0x07, 0x78,
+	0x49, 0x1A, 0x82, 0x88, 0xF1, 0x85, 0x5F,
+	0x60, 0xFF, 0xFC, 0xF1, 0xD1, 0x37, 0x3F,
+	0xD9, 0x4F, 0xC6, 0x0C, 0x18, 0x11, 0xE1,
+	0xAC, 0x3F, 0x1C, 0x6D, 0x00, 0x3B, 0xEC,
+	0xDA, 0x3B, 0x1F, 0x27, 0x25, 0xCA, 0x59,
+	0x5D, 0xE0, 0xCA, 0x63, 0x32, 0x8F, 0x3B,
+	0xE5, 0x7C, 0xC9, 0x77, 0x55, 0x60, 0x11,
+	0x95, 0x14, 0x0D, 0xFB, 0x59, 0xD3, 0x9C,
+	0xE0, 0x91, 0x30, 0x8B, 0x41, 0x05, 0x74,
+	0x6D, 0xAC, 0x23, 0xD3, 0x3E, 0x5F, 0x7C,
+	0xE4, 0x84, 0x8D, 0xA3, 0x16, 0xA9, 0xC6,
+	0x6B, 0x95, 0x81, 0xBA, 0x35, 0x73, 0xBF,
+	0xAF, 0x31, 0x14, 0x96, 0x18, 0x8A, 0xB1,
+	0x54, 0x23, 0x28, 0x2E, 0xE4, 0x16, 0xDC,
+	0x2A, 0x19, 0xC5, 0x72, 0x4F, 0xA9, 0x1A,
+	0xE4, 0xAD, 0xC8, 0x8B, 0xC6, 0x67, 0x96,
+	0xEA, 0xE5, 0x67, 0x7A, 0x01, 0xF6, 0x4E,
+	0x8C, 0x08, 0x63, 0x13, 0x95, 0x82, 0x2D,
+	0x9D, 0xB8, 0xFC, 0xEE, 0x35, 0xC0, 0x6B,
+	0x1F, 0xEE, 0xA5, 0x47, 0x4D, 0x6D, 0x8F,
+	0x34, 0xB1, 0x53, 0x4A, 0x93, 0x6A, 0x18,
+	0xB0, 0xE0, 0xD2, 0x0E, 0xAB, 0x86, 0xBC,
+	0x9C, 0x6D, 0x6A, 0x52, 0x07, 0x19, 0x4E,
+	0x67, 0xFA, 0x35, 0x55, 0x1B, 0x56, 0x80,
+	0x26, 0x7B, 0x00, 0x64, 0x1C, 0x0F, 0x21,
+	0x2D, 0x18, 0xEC, 0xA8, 0xD7, 0x32, 0x7E,
+	0xD9, 0x1F, 0xE7, 0x64, 0xA8, 0x4E, 0xA1,
+	0xB4, 0x3F, 0xF5, 0xB4, 0xF6, 0xE8, 0xE6,
+	0x2F, 0x05, 0xC6, 0x61, 0xDE, 0xFB, 0x25,
+	0x88, 0x77, 0xC3, 0x5B, 0x18, 0xA1, 0x51,
+	0xD5, 0xC4, 0x14, 0xAA, 0xAD, 0x97, 0xBA,
+	0x3E, 0x49, 0x93, 0x32, 0xE5, 0x96, 0x07,
+	0x8E, 0x60, 0x0D, 0xEB, 0x81, 0x14, 0x9C,
+	0x44, 0x1C, 0xE9, 0x57, 0x82, 0xF2, 0x2A,
+	0x28, 0x25, 0x63, 0xC5, 0xBA, 0xC1, 0x41,
+	0x14, 0x23, 0x60, 0x5D, 0x1A, 0xE1, 0xAF,
+	0xAE, 0x2C, 0x8B, 0x06, 0x60, 0x23, 0x7E,
+	0xC1, 0x28, 0xAA, 0x0F, 0xE3, 0x46, 0x4E,
+	0x43, 0x58, 0x11, 0x5D, 0xB8, 0x4C, 0xC3,
+	0xB5, 0x23, 0x07, 0x3A, 0x28, 0xD4, 0x54,
+	0x98, 0x84, 0xB8, 0x1F, 0xF7, 0x0E, 0x10,
+	0xBF, 0x36, 0x1C, 0x13, 0x72, 0x96, 0x28,
+	0xD5, 0x34, 0x8F, 0x07, 0x21, 0x1E, 0x7E,
+	0x4C, 0xF4, 0xF1, 0x8B, 0x28, 0x60, 0x90,
+	0xBD, 0xB1, 0x24, 0x0B, 0x66, 0xD6, 0xCD,
+	0x4A, 0xFC, 0xEA, 0xDC, 0x00, 0xCA, 0x44,
+	0x6C, 0xE0, 0x50, 0x50, 0xFF, 0x18, 0x3A,
+	0xD2, 0xBB, 0xF1, 0x18, 0xC1, 0xFC, 0x0E,
+	0xA5, 0x1F, 0x97, 0xD2, 0x2B, 0x8F, 0x7E,
+	0x46, 0x70, 0x5D, 0x45, 0x27, 0xF4, 0x5B,
+	0x42, 0xAE, 0xFF, 0x39, 0x58, 0x53, 0x37,
+	0x6F, 0x69, 0x7D, 0xD5, 0xFD, 0xF2, 0xC5,
+	0x18, 0x7D, 0x7D, 0x5F, 0x0E, 0x2E, 0xB8,
+	0xD4, 0x3F, 0x17, 0xBA, 0x0F, 0x7C, 0x60,
+	0xFF, 0x43, 0x7F, 0x53, 0x5D, 0xFE, 0xF2,
+	0x98, 0x33, 0xBF, 0x86, 0xCB, 0xE8, 0x8E,
+	0xA4, 0xFB, 0xD4, 0x22, 0x1E, 0x84, 0x11,
+	0x72, 0x83, 0x54, 0xFA, 0x30, 0xA7, 0x00,
+	0x8F, 0x15, 0x4A, 0x41, 0xC7, 0xFC, 0x46,
+	0x6B, 0x46, 0x45, 0xDB, 0xE2, 0xE3, 0x21,
+	0x26, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_ffdhe_8192_group_prime = {
+	(void *) ffdhe_params_8192, sizeof(ffdhe_params_8192)
+};
+const gnutls_datum_t gnutls_ffdhe_8192_group_q = {
+	(void *) ffdhe_q_8192, sizeof(ffdhe_q_8192)
+};
+const gnutls_datum_t gnutls_ffdhe_8192_group_generator = {
+	(void *) &ffdhe_generator, sizeof(ffdhe_generator)
+};
+const unsigned int gnutls_ffdhe_8192_key_bits = 512;
+
+static const unsigned char modp_generator = 0x02;
+
+static const unsigned char modp_params_2048[] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68,
+	0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80,
+	0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08,
+	0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE,
+	0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A,
+	0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF,
+	0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+	0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14,
+	0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51,
+	0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62,
+	0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+	0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C,
+	0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38,
+	0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE,
+	0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+	0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B,
+	0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63,
+	0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C,
+	0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8,
+	0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D,
+	0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62,
+	0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E,
+	0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+	0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98,
+	0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18,
+	0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E,
+	0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C,
+	0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83,
+	0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5,
+	0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE,
+	0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+	0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A,
+	0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA,
+	0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A,
+	0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF
+};
+
+static const unsigned char modp_q_2048[] = {
+	0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4,
+	0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0,
+	0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04,
+	0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF,
+	0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5,
+	0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7,
+	0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D,
+	0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A,
+	0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8,
+	0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31,
+	0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74,
+	0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE,
+	0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C,
+	0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7,
+	0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3,
+	0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D,
+	0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1,
+	0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E,
+	0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4,
+	0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE,
+	0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31,
+	0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF,
+	0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36,
+	0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C,
+	0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C,
+	0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17,
+	0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96,
+	0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1,
+	0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2,
+	0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF,
+	0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C,
+	0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5,
+	0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D,
+	0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45,
+	0x56, 0x55, 0x34, 0x7F, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_modp_2048_group_prime = {
+	(void *) modp_params_2048, sizeof(modp_params_2048)
+};
+const gnutls_datum_t gnutls_modp_2048_group_q = {
+	(void *) modp_q_2048, sizeof(modp_q_2048)
+};
+const gnutls_datum_t gnutls_modp_2048_group_generator = {
+	(void *) &modp_generator, sizeof(modp_generator)
+};
+const unsigned int gnutls_modp_2048_key_bits = 256;
+
+static const unsigned char modp_params_3072[] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68,
+	0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80,
+	0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08,
+	0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE,
+	0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A,
+	0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF,
+	0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+	0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14,
+	0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51,
+	0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62,
+	0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+	0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C,
+	0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38,
+	0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE,
+	0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+	0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B,
+	0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63,
+	0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C,
+	0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8,
+	0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D,
+	0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62,
+	0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E,
+	0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+	0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98,
+	0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18,
+	0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E,
+	0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C,
+	0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83,
+	0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5,
+	0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE,
+	0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+	0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A,
+	0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA,
+	0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A,
+	0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
+	0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21,
+	0xAB, 0xDF, 0x1C, 0xBA, 0x64, 0xEC, 0xFB,
+	0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A,
+	0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+	0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4,
+	0xC7, 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09,
+	0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, 0x4A,
+	0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26,
+	0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA,
+	0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76,
+	0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 0x52,
+	0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+	0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D,
+	0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9,
+	0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74,
+	0xE5, 0xAB, 0x31, 0x43, 0xDB, 0x5B, 0xFC,
+	0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1,
+	0x20, 0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+static const unsigned char modp_q_3072[] = {
+	0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4,
+	0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0,
+	0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04,
+	0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF,
+	0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5,
+	0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7,
+	0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D,
+	0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A,
+	0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8,
+	0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31,
+	0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74,
+	0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE,
+	0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C,
+	0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7,
+	0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3,
+	0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D,
+	0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1,
+	0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E,
+	0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4,
+	0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE,
+	0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31,
+	0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF,
+	0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36,
+	0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C,
+	0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C,
+	0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17,
+	0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96,
+	0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1,
+	0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2,
+	0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF,
+	0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C,
+	0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5,
+	0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D,
+	0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45,
+	0x55, 0x62, 0x16, 0xD6, 0x99, 0x8B, 0x86,
+	0x82, 0x28, 0x3D, 0x19, 0xD4, 0x2A, 0x90,
+	0xD5, 0xEF, 0x8E, 0x5D, 0x32, 0x76, 0x7D,
+	0xC2, 0x82, 0x2C, 0x6D, 0xF7, 0x85, 0x45,
+	0x75, 0x38, 0xAB, 0xAE, 0x83, 0x06, 0x3E,
+	0xD9, 0xCB, 0x87, 0xC2, 0xD3, 0x70, 0xF2,
+	0x63, 0xD5, 0xFA, 0xD7, 0x46, 0x6D, 0x84,
+	0x99, 0xEB, 0x8F, 0x46, 0x4A, 0x70, 0x25,
+	0x12, 0xB0, 0xCE, 0xE7, 0x71, 0xE9, 0x13,
+	0x0D, 0x69, 0x77, 0x35, 0xF8, 0x97, 0xFD,
+	0x03, 0x6C, 0xC5, 0x04, 0x32, 0x6C, 0x3B,
+	0x01, 0x39, 0x9F, 0x64, 0x35, 0x32, 0x29,
+	0x0F, 0x95, 0x8C, 0x0B, 0xBD, 0x90, 0x06,
+	0x5D, 0xF0, 0x8B, 0xAB, 0xBD, 0x30, 0xAE,
+	0xB6, 0x3B, 0x84, 0xC4, 0x60, 0x5D, 0x6C,
+	0xA3, 0x71, 0x04, 0x71, 0x27, 0xD0, 0x3A,
+	0x72, 0xD5, 0x98, 0xA1, 0xED, 0xAD, 0xFE,
+	0x70, 0x7E, 0x88, 0x47, 0x25, 0xC1, 0x68,
+	0x90, 0x54, 0x9D, 0x69, 0x65, 0x7F, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_modp_3072_group_prime = {
+	(void *) modp_params_3072, sizeof(modp_params_3072)
+};
+const gnutls_datum_t gnutls_modp_3072_group_q = {
+	(void *) modp_q_3072, sizeof(modp_q_3072)
+};
+const gnutls_datum_t gnutls_modp_3072_group_generator = {
+	(void *) &modp_generator, sizeof(modp_generator)
+};
+const unsigned int gnutls_modp_3072_key_bits = 276;
+
+static const unsigned char modp_params_4096[] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68,
+	0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80,
+	0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08,
+	0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE,
+	0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A,
+	0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF,
+	0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+	0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14,
+	0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51,
+	0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62,
+	0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+	0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C,
+	0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38,
+	0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE,
+	0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+	0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B,
+	0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63,
+	0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C,
+	0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8,
+	0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D,
+	0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62,
+	0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E,
+	0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+	0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98,
+	0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18,
+	0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E,
+	0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C,
+	0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83,
+	0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5,
+	0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE,
+	0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+	0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A,
+	0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA,
+	0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A,
+	0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
+	0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21,
+	0xAB, 0xDF, 0x1C, 0xBA, 0x64, 0xEC, 0xFB,
+	0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A,
+	0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+	0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4,
+	0xC7, 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09,
+	0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, 0x4A,
+	0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26,
+	0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA,
+	0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76,
+	0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 0x52,
+	0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+	0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D,
+	0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9,
+	0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74,
+	0xE5, 0xAB, 0x31, 0x43, 0xDB, 0x5B, 0xFC,
+	0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1,
+	0x20, 0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72,
+	0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, 0x88,
+	0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
+	0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2,
+	0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15,
+	0x0B, 0xDA, 0x25, 0x83, 0xE9, 0xCA, 0x2A,
+	0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
+	0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC,
+	0x14, 0x1F, 0xBE, 0xCA, 0xA6, 0x28, 0x7C,
+	0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99,
+	0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
+	0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7,
+	0xED, 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2,
+	0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76, 0x21,
+	0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27,
+	0xD5, 0xB0, 0x5A, 0xA9, 0x93, 0xB4, 0xEA,
+	0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF,
+	0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, 0x4D,
+	0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF
+};
+
+static const unsigned char modp_q_4096[] = {
+	0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4,
+	0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0,
+	0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04,
+	0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF,
+	0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5,
+	0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7,
+	0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D,
+	0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A,
+	0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8,
+	0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31,
+	0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74,
+	0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE,
+	0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C,
+	0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7,
+	0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3,
+	0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D,
+	0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1,
+	0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E,
+	0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4,
+	0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE,
+	0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31,
+	0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF,
+	0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36,
+	0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C,
+	0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C,
+	0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17,
+	0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96,
+	0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1,
+	0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2,
+	0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF,
+	0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C,
+	0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5,
+	0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D,
+	0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45,
+	0x55, 0x62, 0x16, 0xD6, 0x99, 0x8B, 0x86,
+	0x82, 0x28, 0x3D, 0x19, 0xD4, 0x2A, 0x90,
+	0xD5, 0xEF, 0x8E, 0x5D, 0x32, 0x76, 0x7D,
+	0xC2, 0x82, 0x2C, 0x6D, 0xF7, 0x85, 0x45,
+	0x75, 0x38, 0xAB, 0xAE, 0x83, 0x06, 0x3E,
+	0xD9, 0xCB, 0x87, 0xC2, 0xD3, 0x70, 0xF2,
+	0x63, 0xD5, 0xFA, 0xD7, 0x46, 0x6D, 0x84,
+	0x99, 0xEB, 0x8F, 0x46, 0x4A, 0x70, 0x25,
+	0x12, 0xB0, 0xCE, 0xE7, 0x71, 0xE9, 0x13,
+	0x0D, 0x69, 0x77, 0x35, 0xF8, 0x97, 0xFD,
+	0x03, 0x6C, 0xC5, 0x04, 0x32, 0x6C, 0x3B,
+	0x01, 0x39, 0x9F, 0x64, 0x35, 0x32, 0x29,
+	0x0F, 0x95, 0x8C, 0x0B, 0xBD, 0x90, 0x06,
+	0x5D, 0xF0, 0x8B, 0xAB, 0xBD, 0x30, 0xAE,
+	0xB6, 0x3B, 0x84, 0xC4, 0x60, 0x5D, 0x6C,
+	0xA3, 0x71, 0x04, 0x71, 0x27, 0xD0, 0x3A,
+	0x72, 0xD5, 0x98, 0xA1, 0xED, 0xAD, 0xFE,
+	0x70, 0x7E, 0x88, 0x47, 0x25, 0xC1, 0x68,
+	0x90, 0x54, 0x90, 0x84, 0x00, 0x8D, 0x39,
+	0x1E, 0x09, 0x53, 0xC3, 0xF3, 0x6B, 0xC4,
+	0x38, 0xCD, 0x08, 0x5E, 0xDD, 0x2D, 0x93,
+	0x4C, 0xE1, 0x93, 0x8C, 0x35, 0x7A, 0x71,
+	0x1E, 0x0D, 0x4A, 0x34, 0x1A, 0x5B, 0x0A,
+	0x85, 0xED, 0x12, 0xC1, 0xF4, 0xE5, 0x15,
+	0x6A, 0x26, 0x74, 0x6D, 0xDD, 0xE1, 0x6D,
+	0x82, 0x6F, 0x47, 0x7C, 0x97, 0x47, 0x7E,
+	0x0A, 0x0F, 0xDF, 0x65, 0x53, 0x14, 0x3E,
+	0x2C, 0xA3, 0xA7, 0x35, 0xE0, 0x2E, 0xCC,
+	0xD9, 0x4B, 0x27, 0xD0, 0x48, 0x61, 0xD1,
+	0x11, 0x9D, 0xD0, 0xC3, 0x28, 0xAD, 0xF3,
+	0xF6, 0x8F, 0xB0, 0x94, 0xB8, 0x67, 0x71,
+	0x6B, 0xD7, 0xDC, 0x0D, 0xEE, 0xBB, 0x10,
+	0xB8, 0x24, 0x0E, 0x68, 0x03, 0x48, 0x93,
+	0xEA, 0xD8, 0x2D, 0x54, 0xC9, 0xDA, 0x75,
+	0x4C, 0x46, 0xC7, 0xEE, 0xE0, 0xC3, 0x7F,
+	0xDB, 0xEE, 0x48, 0x53, 0x60, 0x47, 0xA6,
+	0xFA, 0x1A, 0xE4, 0x9A, 0x03, 0x18, 0xCC,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF
+};
+
+const gnutls_datum_t gnutls_modp_4096_group_prime = {
+	(void *) modp_params_4096, sizeof(modp_params_4096)
+};
+const gnutls_datum_t gnutls_modp_4096_group_q = {
+	(void *) modp_q_4096, sizeof(modp_q_4096)
+};
+const gnutls_datum_t gnutls_modp_4096_group_generator = {
+	(void *) &modp_generator, sizeof(modp_generator)
+};
+const unsigned int gnutls_modp_4096_key_bits = 336;
+
+static const unsigned char modp_params_6144[] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68,
+	0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80,
+	0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08,
+	0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE,
+	0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A,
+	0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF,
+	0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+	0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14,
+	0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51,
+	0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62,
+	0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+	0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C,
+	0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38,
+	0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE,
+	0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+	0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B,
+	0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63,
+	0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C,
+	0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8,
+	0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D,
+	0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62,
+	0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E,
+	0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+	0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98,
+	0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18,
+	0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E,
+	0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C,
+	0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83,
+	0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5,
+	0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE,
+	0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+	0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A,
+	0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA,
+	0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A,
+	0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
+	0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21,
+	0xAB, 0xDF, 0x1C, 0xBA, 0x64, 0xEC, 0xFB,
+	0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A,
+	0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+	0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4,
+	0xC7, 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09,
+	0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, 0x4A,
+	0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26,
+	0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA,
+	0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76,
+	0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 0x52,
+	0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+	0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D,
+	0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9,
+	0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74,
+	0xE5, 0xAB, 0x31, 0x43, 0xDB, 0x5B, 0xFC,
+	0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1,
+	0x20, 0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72,
+	0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, 0x88,
+	0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
+	0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2,
+	0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15,
+	0x0B, 0xDA, 0x25, 0x83, 0xE9, 0xCA, 0x2A,
+	0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
+	0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC,
+	0x14, 0x1F, 0xBE, 0xCA, 0xA6, 0x28, 0x7C,
+	0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99,
+	0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
+	0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7,
+	0xED, 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2,
+	0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76, 0x21,
+	0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27,
+	0xD5, 0xB0, 0x5A, 0xA9, 0x93, 0xB4, 0xEA,
+	0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF,
+	0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, 0x4D,
+	0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
+	0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70,
+	0x26, 0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26,
+	0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D,
+	0xBA, 0x37, 0xBD, 0xF8, 0xFF, 0x94, 0x06,
+	0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38,
+	0x2F, 0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A,
+	0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, 0x17,
+	0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18,
+	0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14,
+	0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4,
+	0xBB, 0x1B, 0xDB, 0x7F, 0x14, 0x47, 0xE6,
+	0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51,
+	0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4,
+	0x01, 0x37, 0x8C, 0xD2, 0xBF, 0x59, 0x83,
+	0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0,
+	0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03,
+	0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE,
+	0xF6, 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98,
+	0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31, 0x90,
+	0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F,
+	0xBE, 0xC7, 0xE8, 0xF3, 0x23, 0xA9, 0x7A,
+	0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D,
+	0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5, 0x4B,
+	0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
+	0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1,
+	0xD8, 0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80,
+	0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2,
+	0x9B, 0xE3, 0x28, 0x06, 0xA1, 0xD5, 0x8B,
+	0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA,
+	0x3D, 0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19,
+	0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, 0xDA,
+	0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32,
+	0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04,
+	0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48,
+	0x60, 0xEE, 0x12, 0xBF, 0x2D, 0x5B, 0x0B,
+	0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E,
+	0x6D, 0xCC, 0x40, 0x24, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+static const unsigned char modp_q_6144[] = {
+	0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4,
+	0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0,
+	0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04,
+	0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF,
+	0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5,
+	0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7,
+	0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D,
+	0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A,
+	0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8,
+	0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31,
+	0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74,
+	0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE,
+	0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C,
+	0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7,
+	0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3,
+	0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D,
+	0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1,
+	0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E,
+	0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4,
+	0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE,
+	0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31,
+	0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF,
+	0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36,
+	0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C,
+	0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C,
+	0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17,
+	0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96,
+	0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1,
+	0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2,
+	0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF,
+	0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C,
+	0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5,
+	0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D,
+	0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45,
+	0x55, 0x62, 0x16, 0xD6, 0x99, 0x8B, 0x86,
+	0x82, 0x28, 0x3D, 0x19, 0xD4, 0x2A, 0x90,
+	0xD5, 0xEF, 0x8E, 0x5D, 0x32, 0x76, 0x7D,
+	0xC2, 0x82, 0x2C, 0x6D, 0xF7, 0x85, 0x45,
+	0x75, 0x38, 0xAB, 0xAE, 0x83, 0x06, 0x3E,
+	0xD9, 0xCB, 0x87, 0xC2, 0xD3, 0x70, 0xF2,
+	0x63, 0xD5, 0xFA, 0xD7, 0x46, 0x6D, 0x84,
+	0x99, 0xEB, 0x8F, 0x46, 0x4A, 0x70, 0x25,
+	0x12, 0xB0, 0xCE, 0xE7, 0x71, 0xE9, 0x13,
+	0x0D, 0x69, 0x77, 0x35, 0xF8, 0x97, 0xFD,
+	0x03, 0x6C, 0xC5, 0x04, 0x32, 0x6C, 0x3B,
+	0x01, 0x39, 0x9F, 0x64, 0x35, 0x32, 0x29,
+	0x0F, 0x95, 0x8C, 0x0B, 0xBD, 0x90, 0x06,
+	0x5D, 0xF0, 0x8B, 0xAB, 0xBD, 0x30, 0xAE,
+	0xB6, 0x3B, 0x84, 0xC4, 0x60, 0x5D, 0x6C,
+	0xA3, 0x71, 0x04, 0x71, 0x27, 0xD0, 0x3A,
+	0x72, 0xD5, 0x98, 0xA1, 0xED, 0xAD, 0xFE,
+	0x70, 0x7E, 0x88, 0x47, 0x25, 0xC1, 0x68,
+	0x90, 0x54, 0x90, 0x84, 0x00, 0x8D, 0x39,
+	0x1E, 0x09, 0x53, 0xC3, 0xF3, 0x6B, 0xC4,
+	0x38, 0xCD, 0x08, 0x5E, 0xDD, 0x2D, 0x93,
+	0x4C, 0xE1, 0x93, 0x8C, 0x35, 0x7A, 0x71,
+	0x1E, 0x0D, 0x4A, 0x34, 0x1A, 0x5B, 0x0A,
+	0x85, 0xED, 0x12, 0xC1, 0xF4, 0xE5, 0x15,
+	0x6A, 0x26, 0x74, 0x6D, 0xDD, 0xE1, 0x6D,
+	0x82, 0x6F, 0x47, 0x7C, 0x97, 0x47, 0x7E,
+	0x0A, 0x0F, 0xDF, 0x65, 0x53, 0x14, 0x3E,
+	0x2C, 0xA3, 0xA7, 0x35, 0xE0, 0x2E, 0xCC,
+	0xD9, 0x4B, 0x27, 0xD0, 0x48, 0x61, 0xD1,
+	0x11, 0x9D, 0xD0, 0xC3, 0x28, 0xAD, 0xF3,
+	0xF6, 0x8F, 0xB0, 0x94, 0xB8, 0x67, 0x71,
+	0x6B, 0xD7, 0xDC, 0x0D, 0xEE, 0xBB, 0x10,
+	0xB8, 0x24, 0x0E, 0x68, 0x03, 0x48, 0x93,
+	0xEA, 0xD8, 0x2D, 0x54, 0xC9, 0xDA, 0x75,
+	0x4C, 0x46, 0xC7, 0xEE, 0xE0, 0xC3, 0x7F,
+	0xDB, 0xEE, 0x48, 0x53, 0x60, 0x47, 0xA6,
+	0xFA, 0x1A, 0xE4, 0x9A, 0x01, 0x42, 0x49,
+	0x1B, 0x61, 0xFD, 0x5A, 0x69, 0x3E, 0x38,
+	0x13, 0x60, 0xEA, 0x6E, 0x59, 0x30, 0x13,
+	0x23, 0x6F, 0x64, 0xBA, 0x8F, 0x3B, 0x1E,
+	0xDD, 0x1B, 0xDE, 0xFC, 0x7F, 0xCA, 0x03,
+	0x56, 0xCF, 0x29, 0x87, 0x72, 0xED, 0x9C,
+	0x17, 0xA0, 0x98, 0x00, 0xD7, 0x58, 0x35,
+	0x29, 0xF6, 0xC8, 0x13, 0xEC, 0x18, 0x8B,
+	0xCB, 0x93, 0xD8, 0x43, 0x2D, 0x44, 0x8C,
+	0x6D, 0x1F, 0x6D, 0xF5, 0xE7, 0xCD, 0x8A,
+	0x76, 0xA2, 0x67, 0x36, 0x5D, 0x67, 0x6A,
+	0x5D, 0x8D, 0xED, 0xBF, 0x8A, 0x23, 0xF3,
+	0x66, 0x12, 0xA5, 0x99, 0x90, 0x28, 0xA8,
+	0x95, 0xEB, 0xD7, 0xA1, 0x37, 0xDC, 0x7A,
+	0x00, 0x9B, 0xC6, 0x69, 0x5F, 0xAC, 0xC1,
+	0xE5, 0x00, 0xE3, 0x25, 0xC9, 0x76, 0x78,
+	0x19, 0x75, 0x0A, 0xE8, 0xB9, 0x0E, 0x81,
+	0xFA, 0x41, 0x6B, 0xE7, 0x37, 0x3A, 0x7F,
+	0x7B, 0x6A, 0xAF, 0x38, 0x17, 0xA3, 0x4C,
+	0x06, 0x41, 0x5A, 0xD4, 0x20, 0x18, 0xC8,
+	0x05, 0x8E, 0x4F, 0x2C, 0xF3, 0xE4, 0xBF,
+	0xDF, 0x63, 0xF4, 0x79, 0x91, 0xD4, 0xBD,
+	0x3F, 0x1B, 0x66, 0x44, 0x5F, 0x07, 0x8E,
+	0xA2, 0xDB, 0xFF, 0xAC, 0x2D, 0x62, 0xA5,
+	0xEA, 0x03, 0xD9, 0x15, 0xA0, 0xAA, 0x55,
+	0x66, 0x47, 0xB6, 0xBF, 0x5F, 0xA4, 0x70,
+	0xEC, 0x0A, 0x66, 0x2F, 0x69, 0x07, 0xC0,
+	0x1B, 0xF0, 0x53, 0xCB, 0x8A, 0xF7, 0x79,
+	0x4D, 0xF1, 0x94, 0x03, 0x50, 0xEA, 0xC5,
+	0xDB, 0xE2, 0xED, 0x3B, 0x7A, 0xA8, 0x55,
+	0x1E, 0xC5, 0x0F, 0xDF, 0xF8, 0x75, 0x8C,
+	0xE6, 0x58, 0xD1, 0x89, 0xEA, 0xAE, 0x6D,
+	0x2B, 0x64, 0xF6, 0x17, 0x79, 0x4B, 0x19,
+	0x1C, 0x3F, 0xF4, 0x6B, 0xB7, 0x1E, 0x02,
+	0x34, 0x02, 0x1F, 0x47, 0xB3, 0x1F, 0xA4,
+	0x30, 0x77, 0x09, 0x5F, 0x96, 0xAD, 0x85,
+	0xBA, 0x3A, 0x6B, 0x73, 0x4A, 0x7C, 0x8F,
+	0x36, 0xE6, 0x20, 0x12, 0x7F, 0xFF, 0xFF,
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_modp_6144_group_prime = {
+	(void *) modp_params_6144, sizeof(modp_params_6144)
+};
+const gnutls_datum_t gnutls_modp_6144_group_q = {
+	(void *) modp_q_6144, sizeof(modp_q_6144)
+};
+const gnutls_datum_t gnutls_modp_6144_group_generator = {
+	(void *) &modp_generator, sizeof(modp_generator)
+};
+const unsigned int gnutls_modp_6144_key_bits = 376;
+
+static const unsigned char modp_params_8192[] = {
+	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68,
+	0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80,
+	0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08,
+	0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE,
+	0xA6, 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A,
+	0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF,
+	0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+	0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14,
+	0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51,
+	0xC2, 0x45, 0xE4, 0x85, 0xB5, 0x76, 0x62,
+	0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
+	0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C,
+	0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38,
+	0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE,
+	0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+	0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B,
+	0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63,
+	0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C,
+	0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8,
+	0xFD, 0x24, 0xCF, 0x5F, 0x83, 0x65, 0x5D,
+	0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62,
+	0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E,
+	0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+	0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98,
+	0x04, 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18,
+	0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E,
+	0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C,
+	0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83,
+	0xA2, 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5,
+	0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, 0xDE,
+	0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+	0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A,
+	0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA,
+	0x05, 0x10, 0x15, 0x72, 0x8E, 0x5A, 0x8A,
+	0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
+	0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21,
+	0xAB, 0xDF, 0x1C, 0xBA, 0x64, 0xEC, 0xFB,
+	0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A,
+	0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+	0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4,
+	0xC7, 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09,
+	0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, 0x4A,
+	0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26,
+	0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA,
+	0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76,
+	0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, 0x52,
+	0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+	0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D,
+	0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9,
+	0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74,
+	0xE5, 0xAB, 0x31, 0x43, 0xDB, 0x5B, 0xFC,
+	0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1,
+	0x20, 0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72,
+	0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, 0x88,
+	0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
+	0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2,
+	0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15,
+	0x0B, 0xDA, 0x25, 0x83, 0xE9, 0xCA, 0x2A,
+	0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
+	0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC,
+	0x14, 0x1F, 0xBE, 0xCA, 0xA6, 0x28, 0x7C,
+	0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99,
+	0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
+	0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7,
+	0xED, 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2,
+	0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76, 0x21,
+	0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27,
+	0xD5, 0xB0, 0x5A, 0xA9, 0x93, 0xB4, 0xEA,
+	0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF,
+	0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, 0x4D,
+	0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
+	0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70,
+	0x26, 0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26,
+	0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D,
+	0xBA, 0x37, 0xBD, 0xF8, 0xFF, 0x94, 0x06,
+	0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38,
+	0x2F, 0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A,
+	0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, 0x17,
+	0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18,
+	0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14,
+	0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4,
+	0xBB, 0x1B, 0xDB, 0x7F, 0x14, 0x47, 0xE6,
+	0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51,
+	0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4,
+	0x01, 0x37, 0x8C, 0xD2, 0xBF, 0x59, 0x83,
+	0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0,
+	0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03,
+	0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE,
+	0xF6, 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98,
+	0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31, 0x90,
+	0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F,
+	0xBE, 0xC7, 0xE8, 0xF3, 0x23, 0xA9, 0x7A,
+	0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D,
+	0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5, 0x4B,
+	0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
+	0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1,
+	0xD8, 0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80,
+	0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2,
+	0x9B, 0xE3, 0x28, 0x06, 0xA1, 0xD5, 0x8B,
+	0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA,
+	0x3D, 0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19,
+	0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, 0xDA,
+	0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32,
+	0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04,
+	0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48,
+	0x60, 0xEE, 0x12, 0xBF, 0x2D, 0x5B, 0x0B,
+	0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E,
+	0x6D, 0xBE, 0x11, 0x59, 0x74, 0xA3, 0x92,
+	0x6F, 0x12, 0xFE, 0xE5, 0xE4, 0x38, 0x77,
+	0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C, 0xD8,
+	0xBE, 0xC4, 0xD0, 0x73, 0xB9, 0x31, 0xBA,
+	0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3,
+	0x00, 0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC,
+	0x47, 0xED, 0x25, 0x76, 0xF6, 0x93, 0x6B,
+	0xA4, 0x24, 0x66, 0x3A, 0xAB, 0x63, 0x9C,
+	0x5A, 0xE4, 0xF5, 0x68, 0x34, 0x23, 0xB4,
+	0x74, 0x2B, 0xF1, 0xC9, 0x78, 0x23, 0x8F,
+	0x16, 0xCB, 0xE3, 0x9D, 0x65, 0x2D, 0xE3,
+	0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9,
+	0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C,
+	0x07, 0x13, 0xEB, 0x57, 0xA8, 0x1A, 0x23,
+	0xF0, 0xC7, 0x34, 0x73, 0xFC, 0x64, 0x6C,
+	0xEA, 0x30, 0x6B, 0x4B, 0xCB, 0xC8, 0x86,
+	0x2F, 0x83, 0x85, 0xDD, 0xFA, 0x9D, 0x4B,
+	0x7F, 0xA2, 0xC0, 0x87, 0xE8, 0x79, 0x68,
+	0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A, 0x06,
+	0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6,
+	0x6D, 0x2A, 0x13, 0xF8, 0x3F, 0x44, 0xF8,
+	0x2D, 0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB,
+	0x6A, 0x36, 0x45, 0x97, 0xE8, 0x99, 0xA0,
+	0x25, 0x5D, 0xC1, 0x64, 0xF3, 0x1C, 0xC5,
+	0x08, 0x46, 0x85, 0x1D, 0xF9, 0xAB, 0x48,
+	0x19, 0x5D, 0xED, 0x7E, 0xA1, 0xB1, 0xD5,
+	0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73, 0xFA,
+	0xF3, 0x6B, 0xC3, 0x1E, 0xCF, 0xA2, 0x68,
+	0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F,
+	0x92, 0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C,
+	0x6C, 0xD7, 0x88, 0x9A, 0x00, 0x2E, 0xD5,
+	0xEE, 0x38, 0x2B, 0xC9, 0x19, 0x0D, 0xA6,
+	0xFC, 0x02, 0x6E, 0x47, 0x95, 0x58, 0xE4,
+	0x47, 0x56, 0x77, 0xE9, 0xAA, 0x9E, 0x30,
+	0x50, 0xE2, 0x76, 0x56, 0x94, 0xDF, 0xC8,
+	0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71,
+	0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3,
+	0xDF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF
+};
+
+static const unsigned char modp_q_8192[] = {
+	0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4,
+	0x61, 0x1A, 0x62, 0x63, 0x31, 0x45, 0xC0,
+	0x6E, 0x0E, 0x68, 0x94, 0x81, 0x27, 0x04,
+	0x45, 0x33, 0xE6, 0x3A, 0x01, 0x05, 0xDF,
+	0x53, 0x1D, 0x89, 0xCD, 0x91, 0x28, 0xA5,
+	0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E, 0xF7,
+	0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D,
+	0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A,
+	0x1B, 0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8,
+	0xE1, 0x22, 0xF2, 0x42, 0xDA, 0xBB, 0x31,
+	0x2F, 0x3F, 0x63, 0x7A, 0x26, 0x21, 0x74,
+	0xD3, 0x1B, 0xF6, 0xB5, 0x85, 0xFF, 0xAE,
+	0x5B, 0x7A, 0x03, 0x5B, 0xF6, 0xF7, 0x1C,
+	0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2, 0xD7,
+	0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3,
+	0x24, 0x94, 0x33, 0x28, 0xF6, 0x72, 0x2D,
+	0x9E, 0xE1, 0x00, 0x3E, 0x5C, 0x50, 0xB1,
+	0xDF, 0x82, 0xCC, 0x6D, 0x24, 0x1B, 0x0E,
+	0x2A, 0xE9, 0xCD, 0x34, 0x8B, 0x1F, 0xD4,
+	0x7E, 0x92, 0x67, 0xAF, 0xC1, 0xB2, 0xAE,
+	0x91, 0xEE, 0x51, 0xD6, 0xCB, 0x0E, 0x31,
+	0x79, 0xAB, 0x10, 0x42, 0xA9, 0x5D, 0xCF,
+	0x6A, 0x94, 0x83, 0xB8, 0x4B, 0x4B, 0x36,
+	0xB3, 0x86, 0x1A, 0xA7, 0x25, 0x5E, 0x4C,
+	0x02, 0x78, 0xBA, 0x36, 0x04, 0x65, 0x0C,
+	0x10, 0xBE, 0x19, 0x48, 0x2F, 0x23, 0x17,
+	0x1B, 0x67, 0x1D, 0xF1, 0xCF, 0x3B, 0x96,
+	0x0C, 0x07, 0x43, 0x01, 0xCD, 0x93, 0xC1,
+	0xD1, 0x76, 0x03, 0xD1, 0x47, 0xDA, 0xE2,
+	0xAE, 0xF8, 0x37, 0xA6, 0x29, 0x64, 0xEF,
+	0x15, 0xE5, 0xFB, 0x4A, 0xAC, 0x0B, 0x8C,
+	0x1C, 0xCA, 0xA4, 0xBE, 0x75, 0x4A, 0xB5,
+	0x72, 0x8A, 0xE9, 0x13, 0x0C, 0x4C, 0x7D,
+	0x02, 0x88, 0x0A, 0xB9, 0x47, 0x2D, 0x45,
+	0x55, 0x62, 0x16, 0xD6, 0x99, 0x8B, 0x86,
+	0x82, 0x28, 0x3D, 0x19, 0xD4, 0x2A, 0x90,
+	0xD5, 0xEF, 0x8E, 0x5D, 0x32, 0x76, 0x7D,
+	0xC2, 0x82, 0x2C, 0x6D, 0xF7, 0x85, 0x45,
+	0x75, 0x38, 0xAB, 0xAE, 0x83, 0x06, 0x3E,
+	0xD9, 0xCB, 0x87, 0xC2, 0xD3, 0x70, 0xF2,
+	0x63, 0xD5, 0xFA, 0xD7, 0x46, 0x6D, 0x84,
+	0x99, 0xEB, 0x8F, 0x46, 0x4A, 0x70, 0x25,
+	0x12, 0xB0, 0xCE, 0xE7, 0x71, 0xE9, 0x13,
+	0x0D, 0x69, 0x77, 0x35, 0xF8, 0x97, 0xFD,
+	0x03, 0x6C, 0xC5, 0x04, 0x32, 0x6C, 0x3B,
+	0x01, 0x39, 0x9F, 0x64, 0x35, 0x32, 0x29,
+	0x0F, 0x95, 0x8C, 0x0B, 0xBD, 0x90, 0x06,
+	0x5D, 0xF0, 0x8B, 0xAB, 0xBD, 0x30, 0xAE,
+	0xB6, 0x3B, 0x84, 0xC4, 0x60, 0x5D, 0x6C,
+	0xA3, 0x71, 0x04, 0x71, 0x27, 0xD0, 0x3A,
+	0x72, 0xD5, 0x98, 0xA1, 0xED, 0xAD, 0xFE,
+	0x70, 0x7E, 0x88, 0x47, 0x25, 0xC1, 0x68,
+	0x90, 0x54, 0x90, 0x84, 0x00, 0x8D, 0x39,
+	0x1E, 0x09, 0x53, 0xC3, 0xF3, 0x6B, 0xC4,
+	0x38, 0xCD, 0x08, 0x5E, 0xDD, 0x2D, 0x93,
+	0x4C, 0xE1, 0x93, 0x8C, 0x35, 0x7A, 0x71,
+	0x1E, 0x0D, 0x4A, 0x34, 0x1A, 0x5B, 0x0A,
+	0x85, 0xED, 0x12, 0xC1, 0xF4, 0xE5, 0x15,
+	0x6A, 0x26, 0x74, 0x6D, 0xDD, 0xE1, 0x6D,
+	0x82, 0x6F, 0x47, 0x7C, 0x97, 0x47, 0x7E,
+	0x0A, 0x0F, 0xDF, 0x65, 0x53, 0x14, 0x3E,
+	0x2C, 0xA3, 0xA7, 0x35, 0xE0, 0x2E, 0xCC,
+	0xD9, 0x4B, 0x27, 0xD0, 0x48, 0x61, 0xD1,
+	0x11, 0x9D, 0xD0, 0xC3, 0x28, 0xAD, 0xF3,
+	0xF6, 0x8F, 0xB0, 0x94, 0xB8, 0x67, 0x71,
+	0x6B, 0xD7, 0xDC, 0x0D, 0xEE, 0xBB, 0x10,
+	0xB8, 0x24, 0x0E, 0x68, 0x03, 0x48, 0x93,
+	0xEA, 0xD8, 0x2D, 0x54, 0xC9, 0xDA, 0x75,
+	0x4C, 0x46, 0xC7, 0xEE, 0xE0, 0xC3, 0x7F,
+	0xDB, 0xEE, 0x48, 0x53, 0x60, 0x47, 0xA6,
+	0xFA, 0x1A, 0xE4, 0x9A, 0x01, 0x42, 0x49,
+	0x1B, 0x61, 0xFD, 0x5A, 0x69, 0x3E, 0x38,
+	0x13, 0x60, 0xEA, 0x6E, 0x59, 0x30, 0x13,
+	0x23, 0x6F, 0x64, 0xBA, 0x8F, 0x3B, 0x1E,
+	0xDD, 0x1B, 0xDE, 0xFC, 0x7F, 0xCA, 0x03,
+	0x56, 0xCF, 0x29, 0x87, 0x72, 0xED, 0x9C,
+	0x17, 0xA0, 0x98, 0x00, 0xD7, 0x58, 0x35,
+	0x29, 0xF6, 0xC8, 0x13, 0xEC, 0x18, 0x8B,
+	0xCB, 0x93, 0xD8, 0x43, 0x2D, 0x44, 0x8C,
+	0x6D, 0x1F, 0x6D, 0xF5, 0xE7, 0xCD, 0x8A,
+	0x76, 0xA2, 0x67, 0x36, 0x5D, 0x67, 0x6A,
+	0x5D, 0x8D, 0xED, 0xBF, 0x8A, 0x23, 0xF3,
+	0x66, 0x12, 0xA5, 0x99, 0x90, 0x28, 0xA8,
+	0x95, 0xEB, 0xD7, 0xA1, 0x37, 0xDC, 0x7A,
+	0x00, 0x9B, 0xC6, 0x69, 0x5F, 0xAC, 0xC1,
+	0xE5, 0x00, 0xE3, 0x25, 0xC9, 0x76, 0x78,
+	0x19, 0x75, 0x0A, 0xE8, 0xB9, 0x0E, 0x81,
+	0xFA, 0x41, 0x6B, 0xE7, 0x37, 0x3A, 0x7F,
+	0x7B, 0x6A, 0xAF, 0x38, 0x17, 0xA3, 0x4C,
+	0x06, 0x41, 0x5A, 0xD4, 0x20, 0x18, 0xC8,
+	0x05, 0x8E, 0x4F, 0x2C, 0xF3, 0xE4, 0xBF,
+	0xDF, 0x63, 0xF4, 0x79, 0x91, 0xD4, 0xBD,
+	0x3F, 0x1B, 0x66, 0x44, 0x5F, 0x07, 0x8E,
+	0xA2, 0xDB, 0xFF, 0xAC, 0x2D, 0x62, 0xA5,
+	0xEA, 0x03, 0xD9, 0x15, 0xA0, 0xAA, 0x55,
+	0x66, 0x47, 0xB6, 0xBF, 0x5F, 0xA4, 0x70,
+	0xEC, 0x0A, 0x66, 0x2F, 0x69, 0x07, 0xC0,
+	0x1B, 0xF0, 0x53, 0xCB, 0x8A, 0xF7, 0x79,
+	0x4D, 0xF1, 0x94, 0x03, 0x50, 0xEA, 0xC5,
+	0xDB, 0xE2, 0xED, 0x3B, 0x7A, 0xA8, 0x55,
+	0x1E, 0xC5, 0x0F, 0xDF, 0xF8, 0x75, 0x8C,
+	0xE6, 0x58, 0xD1, 0x89, 0xEA, 0xAE, 0x6D,
+	0x2B, 0x64, 0xF6, 0x17, 0x79, 0x4B, 0x19,
+	0x1C, 0x3F, 0xF4, 0x6B, 0xB7, 0x1E, 0x02,
+	0x34, 0x02, 0x1F, 0x47, 0xB3, 0x1F, 0xA4,
+	0x30, 0x77, 0x09, 0x5F, 0x96, 0xAD, 0x85,
+	0xBA, 0x3A, 0x6B, 0x73, 0x4A, 0x7C, 0x8F,
+	0x36, 0xDF, 0x08, 0xAC, 0xBA, 0x51, 0xC9,
+	0x37, 0x89, 0x7F, 0x72, 0xF2, 0x1C, 0x3B,
+	0xBE, 0x5B, 0x54, 0x99, 0x6F, 0xC6, 0x6C,
+	0x5F, 0x62, 0x68, 0x39, 0xDC, 0x98, 0xDD,
+	0x1D, 0xE4, 0x19, 0x5B, 0x46, 0xCE, 0xE9,
+	0x80, 0x3A, 0x0F, 0xD3, 0xDF, 0xC5, 0x7E,
+	0x23, 0xF6, 0x92, 0xBB, 0x7B, 0x49, 0xB5,
+	0xD2, 0x12, 0x33, 0x1D, 0x55, 0xB1, 0xCE,
+	0x2D, 0x72, 0x7A, 0xB4, 0x1A, 0x11, 0xDA,
+	0x3A, 0x15, 0xF8, 0xE4, 0xBC, 0x11, 0xC7,
+	0x8B, 0x65, 0xF1, 0xCE, 0xB2, 0x96, 0xF1,
+	0xFE, 0xDC, 0x5F, 0x7E, 0x42, 0x45, 0x6C,
+	0x91, 0x11, 0x17, 0x02, 0x52, 0x01, 0xBE,
+	0x03, 0x89, 0xF5, 0xAB, 0xD4, 0x0D, 0x11,
+	0xF8, 0x63, 0x9A, 0x39, 0xFE, 0x32, 0x36,
+	0x75, 0x18, 0x35, 0xA5, 0xE5, 0xE4, 0x43,
+	0x17, 0xC1, 0xC2, 0xEE, 0xFD, 0x4E, 0xA5,
+	0xBF, 0xD1, 0x60, 0x43, 0xF4, 0x3C, 0xB4,
+	0x19, 0x81, 0xF6, 0xAD, 0xEE, 0x9D, 0x03,
+	0x15, 0x9E, 0x7A, 0xD9, 0xD1, 0x3C, 0x53,
+	0x36, 0x95, 0x09, 0xFC, 0x1F, 0xA2, 0x7C,
+	0x16, 0xEF, 0x98, 0x87, 0x70, 0x3A, 0x55,
+	0xB5, 0x1B, 0x22, 0xCB, 0xF4, 0x4C, 0xD0,
+	0x12, 0xAE, 0xE0, 0xB2, 0x79, 0x8E, 0x62,
+	0x84, 0x23, 0x42, 0x8E, 0xFC, 0xD5, 0xA4,
+	0x0C, 0xAE, 0xF6, 0xBF, 0x50, 0xD8, 0xEA,
+	0x88, 0x5E, 0xBF, 0x73, 0xA6, 0xB9, 0xFD,
+	0x79, 0xB5, 0xE1, 0x8F, 0x67, 0xD1, 0x34,
+	0x1A, 0xC8, 0x23, 0x7A, 0x75, 0xC3, 0xCF,
+	0xC9, 0x20, 0x04, 0xA1, 0xC5, 0xA4, 0x0E,
+	0x36, 0x6B, 0xC4, 0x4D, 0x00, 0x17, 0x6A,
+	0xF7, 0x1C, 0x15, 0xE4, 0x8C, 0x86, 0xD3,
+	0x7E, 0x01, 0x37, 0x23, 0xCA, 0xAC, 0x72,
+	0x23, 0xAB, 0x3B, 0xF4, 0xD5, 0x4F, 0x18,
+	0x28, 0x71, 0x3B, 0x2B, 0x4A, 0x6F, 0xE4,
+	0x0F, 0xAB, 0x74, 0x40, 0x5C, 0xB7, 0x38,
+	0xB0, 0x64, 0xC0, 0x6E, 0xCC, 0x76, 0xE9,
+	0xEF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+	0xFF, 0xFF
+};
+
+const gnutls_datum_t gnutls_modp_8192_group_prime = {
+	(void *) modp_params_8192, sizeof(modp_params_8192)
+};
+const gnutls_datum_t gnutls_modp_8192_group_q = {
+	(void *) modp_q_8192, sizeof(modp_q_8192)
+};
+const gnutls_datum_t gnutls_modp_8192_group_generator = {
+	(void *) &modp_generator, sizeof(modp_generator)
+};
+const unsigned int gnutls_modp_8192_key_bits = 512;
+
+unsigned
+_gnutls_dh_prime_match_fips_approved(const uint8_t *prime,
+				     size_t prime_size,
+				     const uint8_t *generator,
+				     size_t generator_size,
+				     uint8_t **q,
+				     size_t *q_size)
+{
+	static const struct {
+		const gnutls_datum_t *prime;
+		const gnutls_datum_t *generator;
+		const gnutls_datum_t *q;
+	} primes[] = {
+		{ &gnutls_ffdhe_8192_group_prime, &gnutls_ffdhe_8192_group_generator, &gnutls_ffdhe_8192_group_q },
+		{ &gnutls_ffdhe_6144_group_prime, &gnutls_ffdhe_6144_group_generator, &gnutls_ffdhe_6144_group_q },
+		{ &gnutls_ffdhe_4096_group_prime, &gnutls_ffdhe_4096_group_generator, &gnutls_ffdhe_4096_group_q },
+		{ &gnutls_ffdhe_3072_group_prime, &gnutls_ffdhe_3072_group_generator, &gnutls_ffdhe_3072_group_q },
+		{ &gnutls_ffdhe_2048_group_prime, &gnutls_ffdhe_2048_group_generator, &gnutls_ffdhe_2048_group_q },
+		{ &gnutls_modp_8192_group_prime, &gnutls_modp_8192_group_generator, &gnutls_modp_8192_group_q },
+		{ &gnutls_modp_6144_group_prime, &gnutls_modp_6144_group_generator, &gnutls_modp_6144_group_q },
+		{ &gnutls_modp_4096_group_prime, &gnutls_modp_4096_group_generator, &gnutls_modp_4096_group_q },
+		{ &gnutls_modp_3072_group_prime, &gnutls_modp_3072_group_generator, &gnutls_modp_3072_group_q },
+		{ &gnutls_modp_2048_group_prime, &gnutls_modp_2048_group_generator, &gnutls_modp_2048_group_q },
+	};
+	size_t i;
+
+	for (i = 0; i < sizeof(primes) / sizeof(primes[0]); i++) {
+		if (primes[i].prime->size == prime_size &&
+		    memcmp(primes[i].prime->data, prime, primes[i].prime->size) == 0 &&
+		    primes[i].generator->size == generator_size &&
+		    memcmp(primes[i].generator->data, generator, primes[i].generator->size) == 0) {
+			if (q) {
+				*q = primes[i].q->data;
+				*q_size = primes[i].q->size;
+			}
+			return 1;
+		}
+	}
+
+	return 0;
+}
diff --git a/lib/dh-session.c b/lib/dh-session.c
new file mode 100644
index 0000000..accc71c
--- /dev/null
+++ b/lib/dh-session.c
@@ -0,0 +1,393 @@
+/*
+ * Copyright (C) 2001-2015 Free Software Foundation, Inc.
+ * Copyright (C) 2015 Nikos Mavrogiannopoulos
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains certificate authentication functions to be exported in the
+ * API which did not fit elsewhere.
+ */
+
+#include "gnutls_int.h"
+#include <auth/srp_kx.h>
+#include <auth/anon.h>
+#include <auth/cert.h>
+#include <auth/psk.h>
+#include "errors.h"
+#include <auth.h>
+#include <state.h>
+#include <datum.h>
+#include <algorithms.h>
+
+/* ANON & DHE */
+
+#if defined(ENABLE_DHE) || defined(ENABLE_ANON)
+/**
+ * gnutls_dh_set_prime_bits:
+ * @session: is a #gnutls_session_t type.
+ * @bits: is the number of bits
+ *
+ * This function sets the number of bits, for use in a Diffie-Hellman
+ * key exchange.  This is used both in DH ephemeral and DH anonymous
+ * cipher suites.  This will set the minimum size of the prime that
+ * will be used for the handshake.
+ *
+ * In the client side it sets the minimum accepted number of bits.  If
+ * a server sends a prime with less bits than that
+ * %GNUTLS_E_DH_PRIME_UNACCEPTABLE will be returned by the handshake.
+ *
+ * Note that this function will warn via the audit log for value that
+ * are believed to be weak.
+ *
+ * The function has no effect in server side.
+ * 
+ * Note that since 3.1.7 this function is deprecated. The minimum
+ * number of bits is set by the priority string level.
+ * Also this function must be called after gnutls_priority_set_direct()
+ * or the set value may be overridden by the selected priority options.
+ *
+ *
+ **/
+void gnutls_dh_set_prime_bits(gnutls_session_t session, unsigned int bits)
+{
+	if (bits < gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_WEAK)
+		&& bits != 0)
+		_gnutls_audit_log(session,
+				  "Note that the security level of the Diffie-Hellman key exchange has been lowered to %u bits and this may allow decryption of the session data\n",
+				  bits);
+	session->internals.dh_prime_bits = bits;
+}
+
+
+/**
+ * gnutls_dh_get_group:
+ * @session: is a gnutls session
+ * @raw_gen: will hold the generator.
+ * @raw_prime: will hold the prime.
+ *
+ * This function will return the group parameters used in the last
+ * Diffie-Hellman key exchange with the peer.  These are the prime and
+ * the generator used.  This function should be used for both
+ * anonymous and ephemeral Diffie-Hellman.  The output parameters must
+ * be freed with gnutls_free().
+ *
+ * Note, that the prime and generator are exported as non-negative
+ * integers and may include a leading zero byte.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ **/
+int
+gnutls_dh_get_group(gnutls_session_t session,
+		    gnutls_datum_t * raw_gen, gnutls_datum_t * raw_prime)
+{
+	dh_info_st *dh;
+	int ret;
+	anon_auth_info_t anon_info;
+	cert_auth_info_t cert_info;
+	psk_auth_info_t psk_info;
+
+	switch (gnutls_auth_get_type(session)) {
+	case GNUTLS_CRD_ANON:
+		anon_info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
+		if (anon_info == NULL)
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		dh = &anon_info->dh;
+		break;
+	case GNUTLS_CRD_PSK:
+		psk_info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+		if (psk_info == NULL)
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		dh = &psk_info->dh;
+		break;
+	case GNUTLS_CRD_CERTIFICATE:
+		cert_info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+		if (cert_info == NULL)
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		dh = &cert_info->dh;
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_set_datum(raw_prime, dh->prime.data, dh->prime.size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_set_datum(raw_gen, dh->generator.data,
+			      dh->generator.size);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_free_datum(raw_prime);
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_dh_get_pubkey:
+ * @session: is a gnutls session
+ * @raw_key: will hold the public key.
+ *
+ * This function will return the peer's public key used in the last
+ * Diffie-Hellman key exchange.  This function should be used for both
+ * anonymous and ephemeral Diffie-Hellman.  The output parameters must
+ * be freed with gnutls_free().
+ *
+ * Note, that public key is exported as non-negative
+ * integer and may include a leading zero byte.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ **/
+int
+gnutls_dh_get_pubkey(gnutls_session_t session, gnutls_datum_t * raw_key)
+{
+	dh_info_st *dh;
+	anon_auth_info_t anon_info;
+	cert_auth_info_t cert_info;
+	psk_auth_info_t psk_info;
+
+	switch (gnutls_auth_get_type(session)) {
+	case GNUTLS_CRD_ANON:
+		{
+			anon_info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
+			if (anon_info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+			dh = &anon_info->dh;
+			break;
+		}
+	case GNUTLS_CRD_PSK:
+		{
+			psk_info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+			if (psk_info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+			dh = &psk_info->dh;
+			break;
+		}
+	case GNUTLS_CRD_CERTIFICATE:
+		{
+
+			cert_info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+			if (cert_info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+			dh = &cert_info->dh;
+			break;
+		}
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_set_datum(raw_key, dh->public_key.data,
+				 dh->public_key.size);
+}
+
+/**
+ * gnutls_dh_get_secret_bits:
+ * @session: is a gnutls session
+ *
+ * This function will return the bits used in the last Diffie-Hellman
+ * key exchange with the peer.  Should be used for both anonymous and
+ * ephemeral Diffie-Hellman.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ **/
+int gnutls_dh_get_secret_bits(gnutls_session_t session)
+{
+	switch (gnutls_auth_get_type(session)) {
+	case GNUTLS_CRD_ANON:
+		{
+			anon_auth_info_t info;
+
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+			return info->dh.secret_bits;
+		}
+	case GNUTLS_CRD_PSK:
+		{
+			psk_auth_info_t info;
+
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+			return info->dh.secret_bits;
+		}
+	case GNUTLS_CRD_CERTIFICATE:
+		{
+			cert_auth_info_t info;
+
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			return info->dh.secret_bits;
+		}
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+}
+
+
+static int mpi_buf2bits(gnutls_datum_t * mpi_buf)
+{
+	bigint_t mpi;
+	int rc;
+
+	rc = _gnutls_mpi_init_scan_nz(&mpi, mpi_buf->data, mpi_buf->size);
+	if (rc) {
+		gnutls_assert();
+		return rc;
+	}
+
+	rc = _gnutls_mpi_get_nbits(mpi);
+	_gnutls_mpi_release(&mpi);
+
+	return rc;
+}
+
+/**
+ * gnutls_dh_get_prime_bits:
+ * @session: is a gnutls session
+ *
+ * This function will return the bits of the prime used in the last
+ * Diffie-Hellman key exchange with the peer.  Should be used for both
+ * anonymous and ephemeral Diffie-Hellman.  Note that some ciphers,
+ * like RSA and DSA without DHE, do not use a Diffie-Hellman key
+ * exchange, and then this function will return 0.
+ *
+ * Returns: The Diffie-Hellman bit strength is returned, or 0 if no
+ *   Diffie-Hellman key exchange was done, or a negative error code on
+ *   failure.
+ **/
+int gnutls_dh_get_prime_bits(gnutls_session_t session)
+{
+	dh_info_st *dh;
+
+	switch (gnutls_auth_get_type(session)) {
+	case GNUTLS_CRD_ANON:
+		{
+			anon_auth_info_t info;
+
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+			dh = &info->dh;
+			break;
+		}
+	case GNUTLS_CRD_PSK:
+		{
+			psk_auth_info_t info;
+
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+			dh = &info->dh;
+			break;
+		}
+	case GNUTLS_CRD_CERTIFICATE:
+		{
+			cert_auth_info_t info;
+
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			dh = &info->dh;
+			break;
+		}
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if(dh->prime.size == 0)
+		return 0;
+
+	return mpi_buf2bits(&dh->prime);
+}
+
+
+/**
+ * gnutls_dh_get_peers_public_bits:
+ * @session: is a gnutls session
+ *
+ * Get the Diffie-Hellman public key bit size.  Can be used for both
+ * anonymous and ephemeral Diffie-Hellman.
+ *
+ * Returns: The public key bit size used in the last Diffie-Hellman
+ *   key exchange with the peer, or a negative error code in case of error.
+ **/
+int gnutls_dh_get_peers_public_bits(gnutls_session_t session)
+{
+	dh_info_st *dh;
+
+	switch (gnutls_auth_get_type(session)) {
+	case GNUTLS_CRD_ANON:
+		{
+			anon_auth_info_t info;
+
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			dh = &info->dh;
+			break;
+		}
+	case GNUTLS_CRD_PSK:
+		{
+			psk_auth_info_t info;
+
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			dh = &info->dh;
+			break;
+		}
+	case GNUTLS_CRD_CERTIFICATE:
+		{
+			cert_auth_info_t info;
+
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			dh = &info->dh;
+			break;
+		}
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return mpi_buf2bits(&dh->public_key);
+}
+
+#endif				/* DH */
+
diff --git a/lib/dh.c b/lib/dh.c
new file mode 100644
index 0000000..8f88467
--- /dev/null
+++ b/lib/dh.c
@@ -0,0 +1,818 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <datum.h>
+#include <x509_b64.h>		/* for PKCS3 PEM decoding */
+#include <global.h>
+#include <dh.h>
+#include <pk.h>
+#include <x509/common.h>
+#include <gnutls/crypto.h>
+#include "x509/x509_int.h"
+#include <mpi.h>
+#include "debug.h"
+#include "state.h"
+
+static
+int set_dh_pk_params(gnutls_session_t session, bigint_t g, bigint_t p,
+		     bigint_t q, unsigned q_bits)
+{
+	/* just in case we are resuming a session */
+	gnutls_pk_params_release(&session->key.proto.tls12.dh.params);
+
+	gnutls_pk_params_init(&session->key.proto.tls12.dh.params);
+
+	session->key.proto.tls12.dh.params.params[DH_G] = _gnutls_mpi_copy(g);
+	if (session->key.proto.tls12.dh.params.params[DH_G] == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	session->key.proto.tls12.dh.params.params[DH_P] = _gnutls_mpi_copy(p);
+	if (session->key.proto.tls12.dh.params.params[DH_P] == NULL) {
+		_gnutls_mpi_release(&session->key.proto.tls12.dh.params.params[DH_G]);
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	if (q) {
+		session->key.proto.tls12.dh.params.params[DH_Q] = _gnutls_mpi_copy(q);
+		if (session->key.proto.tls12.dh.params.params[DH_Q] == NULL) {
+			_gnutls_mpi_release(&session->key.proto.tls12.dh.params.params[DH_P]);
+			_gnutls_mpi_release(&session->key.proto.tls12.dh.params.params[DH_G]);
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		}
+	}
+	/* include, possibly empty, q */
+	session->key.proto.tls12.dh.params.params_nr = 3;
+	session->key.proto.tls12.dh.params.algo = GNUTLS_PK_DH;
+	session->key.proto.tls12.dh.params.qbits = q_bits;
+
+	return 0;
+}
+
+/* Use all available information to decide the DH parameters to use,
+ * that being the negotiated RFC7919 group, the callback, and the
+ * provided parameters structure.
+ */
+int
+_gnutls_figure_dh_params(gnutls_session_t session, gnutls_dh_params_t dh_params,
+		      gnutls_params_function * func, gnutls_sec_param_t sec_param)
+{
+	gnutls_params_st params;
+	bigint_t p, g, q = NULL;
+	unsigned free_pg = 0;
+	int ret;
+	unsigned q_bits = 0, i;
+	const gnutls_group_entry_st *group;
+
+	group = get_group(session);
+
+	params.deinit = 0;
+
+	/* if we negotiated RFC7919 FFDHE */
+	if (group && group->pk == GNUTLS_PK_DH) {
+		for (i=0;i<session->internals.priorities->groups.size;i++) {
+			if (session->internals.priorities->groups.entry[i] == group) {
+				ret = _gnutls_mpi_init_scan_nz(&p,
+						session->internals.priorities->groups.entry[i]->prime->data,
+						session->internals.priorities->groups.entry[i]->prime->size);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+
+				free_pg = 1;
+
+				ret = _gnutls_mpi_init_scan_nz(&g,
+						session->internals.priorities->groups.entry[i]->generator->data,
+						session->internals.priorities->groups.entry[i]->generator->size);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+
+				ret = _gnutls_mpi_init_scan_nz(&q,
+						session->internals.priorities->groups.entry[i]->q->data,
+						session->internals.priorities->groups.entry[i]->q->size);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+
+				session->internals.hsk_flags |= HSK_USED_FFDHE;
+				q_bits = *session->internals.priorities->groups.entry[i]->q_bits;
+				goto finished;
+			}
+		}
+
+		/* didn't find anything, that shouldn't have occurred
+		 * as we received that extension */
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	} else if (sec_param) {
+		unsigned bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, sec_param)/8;
+
+		for (i=0;i<session->internals.priorities->groups.size;i++) {
+			if (!session->internals.priorities->groups.entry[i]->prime)
+				continue;
+
+			if (bits <= session->internals.priorities->groups.entry[i]->prime->size) {
+				ret = _gnutls_mpi_init_scan_nz(&p,
+						session->internals.priorities->groups.entry[i]->prime->data,
+						session->internals.priorities->groups.entry[i]->prime->size);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+
+				free_pg = 1;
+
+				ret = _gnutls_mpi_init_scan_nz(&g,
+						session->internals.priorities->groups.entry[i]->generator->data,
+						session->internals.priorities->groups.entry[i]->generator->size);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+
+				q_bits = *session->internals.priorities->groups.entry[i]->q_bits;
+				goto finished;
+			}
+		}
+
+	}
+
+	if (dh_params) {
+		p = dh_params->params[0];
+		g = dh_params->params[1];
+		q_bits = dh_params->q_bits;
+	} else if (func) {
+		ret = func(session, GNUTLS_PARAMS_DH, &params);
+		if (ret == 0 && params.type == GNUTLS_PARAMS_DH) {
+			p = params.params.dh->params[0];
+			g = params.params.dh->params[1];
+			q_bits = params.params.dh->q_bits;
+		} else
+			return gnutls_assert_val(GNUTLS_E_NO_TEMPORARY_DH_PARAMS);
+	} else
+		return gnutls_assert_val(GNUTLS_E_NO_TEMPORARY_DH_PARAMS);
+
+ finished:
+	_gnutls_dh_save_group(session, g, p);
+
+	ret = set_dh_pk_params(session, g, p, q, q_bits);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+ cleanup:
+	if (free_pg) {
+		_gnutls_mpi_release(&p);
+		_gnutls_mpi_release(&q);
+		_gnutls_mpi_release(&g);
+	}
+	if (params.deinit && params.type == GNUTLS_PARAMS_DH)
+		gnutls_dh_params_deinit(params.params.dh);
+
+	return ret;
+
+}
+
+/* returns the prime and the generator of DH params.
+ */
+const bigint_t *_gnutls_dh_params_to_mpi(gnutls_dh_params_t dh_primes)
+{
+	if (dh_primes == NULL || dh_primes->params[1] == NULL ||
+	    dh_primes->params[0] == NULL) {
+		return NULL;
+	}
+
+	return dh_primes->params;
+}
+
+
+/**
+ * gnutls_dh_params_import_raw:
+ * @dh_params: The parameters
+ * @prime: holds the new prime
+ * @generator: holds the new generator
+ *
+ * This function will replace the pair of prime and generator for use
+ * in the Diffie-Hellman key exchange.  The new parameters should be
+ * stored in the appropriate gnutls_datum.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int
+gnutls_dh_params_import_raw(gnutls_dh_params_t dh_params,
+			    const gnutls_datum_t * prime,
+			    const gnutls_datum_t * generator)
+{
+	return gnutls_dh_params_import_raw2(dh_params, prime, generator, 0);
+}
+
+/**
+ * gnutls_dh_params_import_dsa:
+ * @dh_params: The parameters
+ * @key: holds a DSA private key
+ *
+ * This function will import the prime and generator of the DSA key for use 
+ * in the Diffie-Hellman key exchange.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int
+gnutls_dh_params_import_dsa(gnutls_dh_params_t dh_params, gnutls_x509_privkey_t key)
+{
+	gnutls_datum_t p, g, q;
+	int ret;
+
+	ret = gnutls_x509_privkey_export_dsa_raw(key, &p, &q, &g, NULL, NULL);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_dh_params_import_raw3(dh_params, &p, &q, &g);
+
+	gnutls_free(p.data);
+	gnutls_free(g.data);
+	gnutls_free(q.data);
+
+	return ret;
+}
+
+/**
+ * gnutls_dh_params_import_raw2:
+ * @dh_params: The parameters
+ * @prime: holds the new prime
+ * @generator: holds the new generator
+ * @key_bits: the private key bits (set to zero when unknown)
+ *
+ * This function will replace the pair of prime and generator for use
+ * in the Diffie-Hellman key exchange.  The new parameters should be
+ * stored in the appropriate gnutls_datum.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int
+gnutls_dh_params_import_raw2(gnutls_dh_params_t dh_params,
+			     const gnutls_datum_t * prime,
+			     const gnutls_datum_t * generator,
+			     unsigned key_bits)
+{
+	bigint_t tmp_prime, tmp_g;
+	size_t siz;
+
+	siz = prime->size;
+	if (_gnutls_mpi_init_scan_nz(&tmp_prime, prime->data, siz)) {
+		gnutls_assert();
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	siz = generator->size;
+	if (_gnutls_mpi_init_scan_nz(&tmp_g, generator->data, siz)) {
+		_gnutls_mpi_release(&tmp_prime);
+		gnutls_assert();
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	/* store the generated values
+	 */
+	dh_params->params[0] = tmp_prime;
+	dh_params->params[1] = tmp_g;
+	dh_params->q_bits = key_bits;
+
+	return 0;
+}
+
+/**
+ * gnutls_dh_params_import_raw3:
+ * @dh_params: The parameters
+ * @prime: holds the new prime
+ * @q: holds the subgroup if available, otherwise NULL
+ * @generator: holds the new generator
+ *
+ * This function will replace the pair of prime and generator for use
+ * in the Diffie-Hellman key exchange.  The new parameters should be
+ * stored in the appropriate gnutls_datum.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int
+gnutls_dh_params_import_raw3(gnutls_dh_params_t dh_params,
+			     const gnutls_datum_t * prime,
+			     const gnutls_datum_t * q,
+			     const gnutls_datum_t * generator)
+{
+	bigint_t tmp_p, tmp_g, tmp_q = NULL;
+
+	if (_gnutls_mpi_init_scan_nz(&tmp_p, prime->data, prime->size)) {
+		gnutls_assert();
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	if (_gnutls_mpi_init_scan_nz(&tmp_g, generator->data,
+				     generator->size)) {
+		_gnutls_mpi_release(&tmp_p);
+		gnutls_assert();
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	if (q) {
+		if (_gnutls_mpi_init_scan_nz(&tmp_q, q->data, q->size)) {
+			_gnutls_mpi_release(&tmp_p);
+			_gnutls_mpi_release(&tmp_g);
+			gnutls_assert();
+			return GNUTLS_E_MPI_SCAN_FAILED;
+		}
+	} else if (_gnutls_fips_mode_enabled()) {
+		/* Mandatory in FIPS mode */
+		gnutls_assert();
+		return GNUTLS_E_DH_PRIME_UNACCEPTABLE;
+	}
+
+	/* store the generated values
+	 */
+	dh_params->params[0] = tmp_p;
+	dh_params->params[1] = tmp_g;
+	dh_params->params[2] = tmp_q;
+	if (tmp_q)
+		dh_params->q_bits = _gnutls_mpi_get_nbits(tmp_q);
+
+	return 0;
+}
+
+/**
+ * gnutls_dh_params_init:
+ * @dh_params: The parameters
+ *
+ * This function will initialize the DH parameters type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int gnutls_dh_params_init(gnutls_dh_params_t * dh_params)
+{
+
+	(*dh_params) = gnutls_calloc(1, sizeof(dh_params_st));
+	if (*dh_params == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+
+}
+
+/**
+ * gnutls_dh_params_deinit:
+ * @dh_params: The parameters
+ *
+ * This function will deinitialize the DH parameters type.
+ **/
+void gnutls_dh_params_deinit(gnutls_dh_params_t dh_params)
+{
+	if (dh_params == NULL)
+		return;
+
+	_gnutls_mpi_release(&dh_params->params[0]);
+	_gnutls_mpi_release(&dh_params->params[1]);
+	_gnutls_mpi_release(&dh_params->params[2]);
+
+	gnutls_free(dh_params);
+
+}
+
+/**
+ * gnutls_dh_params_cpy:
+ * @dst: Is the destination parameters, which should be initialized.
+ * @src: Is the source parameters
+ *
+ * This function will copy the DH parameters structure from source
+ * to destination. The destination should be already initialized.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int gnutls_dh_params_cpy(gnutls_dh_params_t dst, gnutls_dh_params_t src)
+{
+	if (src == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	dst->params[0] = _gnutls_mpi_copy(src->params[0]);
+	dst->params[1] = _gnutls_mpi_copy(src->params[1]);
+	if (src->params[2])
+		dst->params[2] = _gnutls_mpi_copy(src->params[2]);
+	dst->q_bits = src->q_bits;
+
+	if (dst->params[0] == NULL || dst->params[1] == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	return 0;
+}
+
+
+/**
+ * gnutls_dh_params_generate2:
+ * @dparams: The parameters
+ * @bits: is the prime's number of bits
+ *
+ * This function will generate a new pair of prime and generator for use in
+ * the Diffie-Hellman key exchange. This may take long time.
+ *
+ * It is recommended not to set the number of bits directly, but 
+ * use gnutls_sec_param_to_pk_bits() instead.
+
+ * Also note that the DH parameters are only useful to servers.
+ * Since clients use the parameters sent by the server, it's of
+ * no use to call this in client side.
+ *
+ * The parameters generated are of the DSA form. It also is possible
+ * to generate provable parameters (following the Shawe-Taylor
+ * algorithm), using gnutls_x509_privkey_generate2() with DSA option
+ * and the %GNUTLS_PRIVKEY_FLAG_PROVABLE flag set. These can the
+ * be imported with gnutls_dh_params_import_dsa().
+ *
+ * It is no longer recommended for applications to generate parameters.
+ * See the "Parameter generation" section in the manual.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int
+gnutls_dh_params_generate2(gnutls_dh_params_t dparams, unsigned int bits)
+{
+	int ret;
+	gnutls_pk_params_st params;
+
+	gnutls_pk_params_init(&params);
+
+	ret = _gnutls_pk_generate_params(GNUTLS_PK_DH, bits, &params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	dparams->params[0] = params.params[DSA_P];
+	dparams->params[1] = params.params[DSA_G];
+	dparams->q_bits = _gnutls_mpi_get_nbits(params.params[DSA_Q]);
+
+	_gnutls_mpi_release(&params.params[DSA_Q]);
+
+	return 0;
+}
+
+/**
+ * gnutls_dh_params_import_pkcs3:
+ * @params: The parameters
+ * @pkcs3_params: should contain a PKCS3 DHParams structure PEM or DER encoded
+ * @format: the format of params. PEM or DER.
+ *
+ * This function will extract the DHParams found in a PKCS3 formatted
+ * structure. This is the format generated by "openssl dhparam" tool.
+ *
+ * If the structure is PEM encoded, it should have a header
+ * of "BEGIN DH PARAMETERS".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int
+gnutls_dh_params_import_pkcs3(gnutls_dh_params_t params,
+			      const gnutls_datum_t * pkcs3_params,
+			      gnutls_x509_crt_fmt_t format)
+{
+	asn1_node c2;
+	int result, need_free = 0;
+	unsigned int q_bits;
+	gnutls_datum_t _params;
+
+	if (format == GNUTLS_X509_FMT_PEM) {
+
+		result = _gnutls_fbase64_decode("DH PARAMETERS",
+						pkcs3_params->data,
+						pkcs3_params->size,
+						&_params);
+
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+
+		need_free = 1;
+	} else {
+		_params.data = pkcs3_params->data;
+		_params.size = pkcs3_params->size;
+	}
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.DHParameter", &c2))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		if (need_free != 0) {
+			gnutls_free(_params.data);
+			_params.data = NULL;
+		}
+		return _gnutls_asn2err(result);
+	}
+
+	/* PKCS#3 doesn't specify whether DHParameter is encoded as
+	 * BER or DER, thus we don't restrict libtasn1 to DER subset */
+	result = asn1_der_decoding(&c2, _params.data, _params.size, NULL);
+
+	if (need_free != 0) {
+		gnutls_free(_params.data);
+		_params.data = NULL;
+	}
+
+	if (result != ASN1_SUCCESS) {
+		/* couldn't decode DER */
+
+		_gnutls_debug_log("DHParams: Decoding error %d\n", result);
+		gnutls_assert();
+		asn1_delete_structure(&c2);
+		return _gnutls_asn2err(result);
+	}
+
+	/* Read q length */
+	result = _gnutls_x509_read_uint(c2, "privateValueLength", &q_bits);
+	if (result < 0) {
+		gnutls_assert();
+		params->q_bits = 0;
+	} else
+		params->q_bits = q_bits;
+
+	/* Read PRIME 
+	 */
+	result = _gnutls_x509_read_int(c2, "prime", &params->params[0]);
+	if (result < 0) {
+		asn1_delete_structure(&c2);
+		gnutls_assert();
+		return result;
+	}
+
+	if (_gnutls_mpi_cmp_ui(params->params[0], 0) == 0) {
+		asn1_delete_structure(&c2);
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	/* read the generator
+	 */
+	result = _gnutls_x509_read_int(c2, "base", &params->params[1]);
+	if (result < 0) {
+		asn1_delete_structure(&c2);
+		_gnutls_mpi_release(&params->params[0]);
+		gnutls_assert();
+		return result;
+	}
+
+	if (_gnutls_mpi_cmp_ui(params->params[1], 0) == 0) {
+		asn1_delete_structure(&c2);
+		_gnutls_mpi_release(&params->params[0]);
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	asn1_delete_structure(&c2);
+
+	return 0;
+}
+
+/**
+ * gnutls_dh_params_export_pkcs3:
+ * @params: Holds the DH parameters
+ * @format: the format of output params. One of PEM or DER.
+ * @params_data: will contain a PKCS3 DHParams structure PEM or DER encoded
+ * @params_data_size: holds the size of params_data (and will be replaced by the actual size of parameters)
+ *
+ * This function will export the given dh parameters to a PKCS3
+ * DHParams structure. This is the format generated by "openssl dhparam" tool.
+ * If the buffer provided is not long enough to hold the output, then
+ * GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN DH PARAMETERS".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int
+gnutls_dh_params_export_pkcs3(gnutls_dh_params_t params,
+			      gnutls_x509_crt_fmt_t format,
+			      unsigned char *params_data,
+			      size_t * params_data_size)
+{
+	gnutls_datum_t out = {NULL, 0};
+	int ret;
+
+	ret = gnutls_dh_params_export2_pkcs3(params, format, &out);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (*params_data_size < (unsigned) out.size + 1) {
+		gnutls_assert();
+		gnutls_free(out.data);
+		*params_data_size = out.size + 1;
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	assert(out.data != NULL);
+	*params_data_size = out.size;
+	if (params_data) {
+		memcpy(params_data, out.data, out.size);
+		params_data[out.size] = 0;
+	}
+
+	gnutls_free(out.data);
+
+	return 0;
+}
+
+/**
+ * gnutls_dh_params_export2_pkcs3:
+ * @params: Holds the DH parameters
+ * @format: the format of output params. One of PEM or DER.
+ * @out: will contain a PKCS3 DHParams structure PEM or DER encoded
+ *
+ * This function will export the given dh parameters to a PKCS3
+ * DHParams structure. This is the format generated by "openssl dhparam" tool.
+ * The data in @out will be allocated using gnutls_malloc().
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN DH PARAMETERS".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since: 3.1.3
+ **/
+int
+gnutls_dh_params_export2_pkcs3(gnutls_dh_params_t params,
+			       gnutls_x509_crt_fmt_t format,
+			       gnutls_datum_t * out)
+{
+	asn1_node c2;
+	int result;
+	size_t g_size, p_size;
+	uint8_t *p_data, *g_data;
+	uint8_t *all_data;
+
+	_gnutls_mpi_print_lz(params->params[1], NULL, &g_size);
+	_gnutls_mpi_print_lz(params->params[0], NULL, &p_size);
+
+	all_data = gnutls_malloc(g_size + p_size);
+	if (all_data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	p_data = &all_data[0];
+	_gnutls_mpi_print_lz(params->params[0], p_data, &p_size);
+
+	g_data = &all_data[p_size];
+	_gnutls_mpi_print_lz(params->params[1], g_data, &g_size);
+
+
+	/* Ok. Now we have the data. Create the asn1 structures
+	 */
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.DHParameter", &c2))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(all_data);
+		return _gnutls_asn2err(result);
+	}
+
+	/* Write PRIME 
+	 */
+	if ((result = asn1_write_value(c2, "prime",
+				       p_data, p_size)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(all_data);
+		asn1_delete_structure(&c2);
+		return _gnutls_asn2err(result);
+	}
+
+	if (params->q_bits > 0)
+		result =
+		    _gnutls_x509_write_uint32(c2, "privateValueLength",
+					      params->q_bits);
+	else
+		result =
+		    asn1_write_value(c2, "privateValueLength", NULL, 0);
+
+	if (result < 0) {
+		gnutls_assert();
+		gnutls_free(all_data);
+		asn1_delete_structure(&c2);
+		return _gnutls_asn2err(result);
+	}
+
+	/* Write the GENERATOR
+	 */
+	if ((result = asn1_write_value(c2, "base",
+				       g_data, g_size)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(all_data);
+		asn1_delete_structure(&c2);
+		return _gnutls_asn2err(result);
+	}
+
+	gnutls_free(all_data);
+
+
+	if (format == GNUTLS_X509_FMT_DER) {
+		result = _gnutls_x509_der_encode(c2, "", out, 0);
+
+		asn1_delete_structure(&c2);
+
+		if (result < 0)
+			return gnutls_assert_val(result);
+
+	} else {		/* PEM */
+		gnutls_datum_t t;
+
+		result = _gnutls_x509_der_encode(c2, "", &t, 0);
+
+		asn1_delete_structure(&c2);
+
+		if (result < 0)
+			return gnutls_assert_val(result);
+
+		result =
+		    _gnutls_fbase64_encode("DH PARAMETERS", t.data, t.size,
+					   out);
+
+		gnutls_free(t.data);
+
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_dh_params_export_raw:
+ * @params: Holds the DH parameters
+ * @prime: will hold the new prime
+ * @generator: will hold the new generator
+ * @bits: if non null will hold the secret key's number of bits
+ *
+ * This function will export the pair of prime and generator for use
+ * in the Diffie-Hellman key exchange.  The new parameters will be
+ * allocated using gnutls_malloc() and will be stored in the
+ * appropriate datum.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int
+gnutls_dh_params_export_raw(gnutls_dh_params_t params,
+			    gnutls_datum_t * prime,
+			    gnutls_datum_t * generator, unsigned int *bits)
+{
+	int ret;
+
+	if (params->params[1] == NULL || params->params[0] == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_mpi_dprint(params->params[1], generator);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_mpi_dprint(params->params[0], prime);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_free_datum(generator);
+		return ret;
+	}
+
+	if (bits)
+		*bits = params->q_bits;
+
+	return 0;
+
+}
diff --git a/lib/dh.h b/lib/dh.h
new file mode 100644
index 0000000..f5c2c09
--- /dev/null
+++ b/lib/dh.h
@@ -0,0 +1,71 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_DH_H
+#define GNUTLS_LIB_DH_H
+
+const bigint_t *_gnutls_dh_params_to_mpi(gnutls_dh_params_t);
+
+int
+_gnutls_figure_dh_params(gnutls_session_t session, gnutls_dh_params_t dh_params,
+		      gnutls_params_function * func, gnutls_sec_param_t sec_param);
+
+int _gnutls_set_cred_dh_params(gnutls_dh_params_t *cparams, gnutls_sec_param_t sec_param);
+
+/* The static parameters defined in RFC 3526, used for the approved
+ * primes check in SP800-56A (Appendix D).
+ */
+
+extern const gnutls_datum_t gnutls_modp_8192_group_prime;
+extern const gnutls_datum_t gnutls_modp_8192_group_q;
+extern const gnutls_datum_t gnutls_modp_8192_group_generator;
+extern const unsigned int gnutls_modp_8192_key_bits;
+
+extern const gnutls_datum_t gnutls_modp_6144_group_prime;
+extern const gnutls_datum_t gnutls_modp_6144_group_q;
+extern const gnutls_datum_t gnutls_modp_6144_group_generator;
+extern const unsigned int gnutls_modp_6144_key_bits;
+
+extern const gnutls_datum_t gnutls_modp_4096_group_prime;
+extern const gnutls_datum_t gnutls_modp_4096_group_q;
+extern const gnutls_datum_t gnutls_modp_4096_group_generator;
+extern const unsigned int gnutls_modp_4096_key_bits;
+
+extern const gnutls_datum_t gnutls_modp_3072_group_prime;
+extern const gnutls_datum_t gnutls_modp_3072_group_q;
+extern const gnutls_datum_t gnutls_modp_3072_group_generator;
+extern const unsigned int gnutls_modp_3072_key_bits;
+
+extern const gnutls_datum_t gnutls_modp_2048_group_prime;
+extern const gnutls_datum_t gnutls_modp_2048_group_q;
+extern const gnutls_datum_t gnutls_modp_2048_group_generator;
+extern const unsigned int gnutls_modp_2048_key_bits;
+
+unsigned
+_gnutls_dh_prime_match_fips_approved(const uint8_t *prime,
+				     size_t prime_size,
+				     const uint8_t *generator,
+				     size_t generator_size,
+				     uint8_t **q,
+				     size_t *q_size);
+
+#endif /* GNUTLS_LIB_DH_H */
diff --git a/lib/dtls-sw.c b/lib/dtls-sw.c
new file mode 100644
index 0000000..2511fb3
--- /dev/null
+++ b/lib/dtls-sw.c
@@ -0,0 +1,140 @@
+/*
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Authors: Fridolin Pokorny
+ *	  Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that relate to DTLS sliding window handling.
+ */
+
+#ifndef DTLS_SW_NO_INCLUDES
+#include "gnutls_int.h"
+#include "errors.h"
+#include "debug.h"
+#include "dtls.h"
+#include "record.h"
+#endif
+
+/*
+ * DTLS sliding window handling
+ */
+#define DTLS_EPOCH_SHIFT		(6*CHAR_BIT)
+#define DTLS_SEQ_NUM_MASK		0x0000FFFFFFFFFFFF
+
+#define DTLS_EMPTY_BITMAP		(0xFFFFFFFFFFFFFFFFULL)
+
+void _dtls_reset_window(struct record_parameters_st *rp)
+{
+	rp->dtls_sw_have_recv = 0;
+}
+
+/* Checks if a sequence number is not replayed. If a replayed
+ * packet is detected it returns a negative value (but no sensible error code).
+ * Otherwise zero.
+ */
+int _dtls_record_check(struct record_parameters_st *rp, uint64_t seq_num)
+{
+	if ((seq_num >> DTLS_EPOCH_SHIFT) != rp->epoch) {
+		return gnutls_assert_val(-1);
+	}
+
+	seq_num &= DTLS_SEQ_NUM_MASK;
+
+	/*
+	 * rp->dtls_sw_next is the next *expected* packet (N), being
+	 * the sequence number *after* the latest we have received.
+	 *
+	 * By definition, therefore, packet N-1 *has* been received.
+	 * And thus there's no point wasting a bit in the bitmap for it.
+	 *
+	 * So the backlog bitmap covers the 64 packets prior to that,
+	 * with the LSB representing packet (N - 2), and the MSB
+	 * representing (N - 65). A received packet is represented
+	 * by a zero bit, and a missing packet is represented by a one.
+	 *
+	 * Thus we can allow out-of-order reception of packets that are
+	 * within a reasonable interval of the latest packet received.
+	 */
+	if (!rp->dtls_sw_have_recv) {
+		rp->dtls_sw_next = seq_num + 1;
+		rp->dtls_sw_bits = DTLS_EMPTY_BITMAP;
+		rp->dtls_sw_have_recv = 1;
+		return 0;
+	} else if (seq_num == rp->dtls_sw_next) {
+		/* The common case. This is the packet we expected next. */
+
+		rp->dtls_sw_bits <<= 1;
+
+		/* This might reach a value higher than 48-bit DTLS sequence
+		 * numbers can actually reach. Which is fine. When that
+		 * happens, we'll do the right thing and just not accept
+		 * any newer packets. Someone needs to start a new epoch. */
+		rp->dtls_sw_next++;
+		return 0;
+	} else if (seq_num > rp->dtls_sw_next) {
+		/* The packet we were expecting has gone missing; this one is newer.
+		 * We always advance the window to accommodate it. */
+		uint64_t delta = seq_num - rp->dtls_sw_next;
+
+		if (delta >= 64) {
+			/* We jumped a long way into the future. We have not seen
+			 * any of the previous 32 packets so set the backlog bitmap
+			 * to all ones. */
+			rp->dtls_sw_bits = DTLS_EMPTY_BITMAP;
+		} else if (delta == 63) {
+			/* Avoid undefined behaviour that shifting by 64 would incur.
+			 * The (clear) top bit represents the packet which is currently
+			 * rp->dtls_sw_next, which we know was already received. */
+			rp->dtls_sw_bits = DTLS_EMPTY_BITMAP >> 1;
+		} else {
+			/* We have missed (delta) packets. Shift the backlog by that
+			 * amount *plus* the one we would have shifted it anyway if
+			 * we'd received the packet we were expecting. The zero bit
+			 * representing the packet which is currently rp->dtls_sw_next-1,
+			 * which we know has been received, ends up at bit position
+			 * (1<<delta). Then we set all the bits lower than that, which
+			 * represent the missing packets. */
+			rp->dtls_sw_bits <<= delta + 1;
+			rp->dtls_sw_bits |= (1ULL << delta) - 1;
+		}
+		rp->dtls_sw_next = seq_num + 1;
+		return 0;
+	} else {
+		/* This packet is older than the one we were expecting. By how much...? */
+		uint64_t delta = rp->dtls_sw_next - seq_num;
+
+		if (delta > 65) {
+			/* Too old. We can't know if it's a replay */
+			return gnutls_assert_val(-2);
+		} else if (delta == 1) {
+			/* Not in the bitmask since it is by definition already received. */
+			return gnutls_assert_val(-3);
+		} else {
+			/* Within the sliding window, so we remember whether we've seen it or not */
+			uint64_t mask = 1ULL << (rp->dtls_sw_next - seq_num - 2);
+
+			if (!(rp->dtls_sw_bits & mask))
+				return gnutls_assert_val(-3);
+
+			rp->dtls_sw_bits &= ~mask;
+			return 0;
+		}
+	}
+}
diff --git a/lib/dtls.c b/lib/dtls.c
new file mode 100644
index 0000000..002c714
--- /dev/null
+++ b/lib/dtls.c
@@ -0,0 +1,1064 @@
+/*
+ * Copyright (C) 2009-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ *
+ * Authors: Jonathan Bastien-Filiatrault
+ *	  Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that relate to DTLS retransmission and reassembly.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "debug.h"
+#include "dtls.h"
+#include "record.h"
+#include <mbuffers.h>
+#include <buffers.h>
+#include <constate.h>
+#include <state.h>
+#include <gnutls/dtls.h>
+#include <algorithms.h>
+
+void _dtls_async_timer_delete(gnutls_session_t session)
+{
+	if (session->internals.dtls.async_term != 0) {
+		_gnutls_dtls_log
+		    ("DTLS[%p]: Deinitializing previous handshake state.\n",
+		     session);
+		session->internals.dtls.async_term = 0;	/* turn off "timer" */
+
+		_dtls_reset_hsk_state(session);
+		_gnutls_handshake_io_buffer_clear(session);
+		_gnutls_epoch_gc(session);
+	}
+}
+
+/* This function fragments and transmits a previously buffered
+ * outgoing message. It accepts mtu_data which is a buffer to
+ * be reused (should be set to NULL initially).
+ */
+static inline int
+transmit_message(gnutls_session_t session,
+		 mbuffer_st * bufel, uint8_t ** buf)
+{
+	uint8_t *data, *mtu_data;
+	int ret = 0;
+	unsigned int offset, frag_len, data_size;
+	unsigned int mtu =
+	    gnutls_dtls_get_data_mtu(session);
+
+	if (session->security_parameters.max_record_send_size < mtu)
+		mtu = session->security_parameters.max_record_send_size;
+
+	mtu -= DTLS_HANDSHAKE_HEADER_SIZE;
+
+	if (bufel->type == GNUTLS_CHANGE_CIPHER_SPEC) {
+		_gnutls_dtls_log
+		    ("DTLS[%p]: Sending Packet[%u] fragment %s(%d), mtu %u\n",
+		     session, bufel->handshake_sequence,
+		     _gnutls_handshake2str(bufel->htype), bufel->htype, mtu);
+
+		return _gnutls_send_int(session, bufel->type, -1,
+					bufel->epoch,
+					_mbuffer_get_uhead_ptr(bufel),
+					_mbuffer_get_uhead_size(bufel), 0);
+	}
+
+	if (*buf == NULL)
+		*buf = gnutls_malloc(mtu + DTLS_HANDSHAKE_HEADER_SIZE);
+	if (*buf == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	mtu_data = *buf;
+
+	data = _mbuffer_get_udata_ptr(bufel);
+	data_size = _mbuffer_get_udata_size(bufel);
+
+	/* Write fixed headers
+	 */
+
+	/* Handshake type */
+	mtu_data[0] = (uint8_t) bufel->htype;
+
+	/* Total length */
+	_gnutls_write_uint24(data_size, &mtu_data[1]);
+
+	/* Handshake sequence */
+	_gnutls_write_uint16(bufel->handshake_sequence, &mtu_data[4]);
+
+	/* Chop up and send handshake message into mtu-size pieces. */
+	for (offset = 0; offset <= data_size; offset += mtu) {
+		/* Calculate fragment length */
+		if (offset + mtu > data_size)
+			frag_len = data_size - offset;
+		else
+			frag_len = mtu;
+
+		/* we normally allow fragments of zero length, to allow
+		 * the packets which have zero size. On the others don't
+		 * send such fragments */
+		if (frag_len == 0 && data_size > 0) {
+			ret = 0;
+			break;
+		}
+
+		/* Fragment offset */
+		_gnutls_write_uint24(offset, &mtu_data[6]);
+
+		/* Fragment length */
+		_gnutls_write_uint24(frag_len, &mtu_data[9]);
+
+		memcpy(&mtu_data[DTLS_HANDSHAKE_HEADER_SIZE],
+		       data + offset, frag_len);
+
+		_gnutls_dtls_log
+		    ("DTLS[%p]: Sending Packet[%u] fragment %s(%d) with "
+		     "length: %u, offset: %u, fragment length: %u, mtu: %u\n",
+		     session, bufel->handshake_sequence,
+		     _gnutls_handshake2str(bufel->htype), bufel->htype,
+		     data_size, offset, frag_len, mtu);
+
+		ret = _gnutls_send_int(session, bufel->type, bufel->htype,
+				       bufel->epoch, mtu_data,
+				       DTLS_HANDSHAKE_HEADER_SIZE +
+				       frag_len, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			break;
+		}
+	}
+
+	return ret;
+}
+
+static int drop_usage_count(gnutls_session_t session,
+			    mbuffer_head_st * const send_buffer)
+{
+	int ret;
+	mbuffer_st *cur;
+
+	for (cur = send_buffer->head; cur != NULL; cur = cur->next) {
+		ret = _gnutls_epoch_refcount_dec(session, cur->epoch);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+
+/* Checks whether the received packet contains a handshake
+ * packet with sequence higher that the previously received.
+ * It must be called only when an actual packet has been
+ * received.
+ *
+ * Returns: 0 if expected, negative value otherwise.
+ */
+static int is_next_hpacket_expected(gnutls_session_t session)
+{
+	int ret;
+
+	/* htype is arbitrary */
+	ret =
+	    _gnutls_recv_in_buffers(session, GNUTLS_HANDSHAKE,
+				    GNUTLS_HANDSHAKE_FINISHED, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_parse_record_buffered_msgs(session);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (session->internals.handshake_recv_buffer_size > 0)
+		return 0;
+	else
+		return
+		    gnutls_assert_val
+		    (GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET);
+}
+
+void _dtls_reset_hsk_state(gnutls_session_t session)
+{
+	session->internals.dtls.flight_init = 0;
+	drop_usage_count(session,
+			 &session->internals.handshake_send_buffer);
+	_mbuffer_head_clear(&session->internals.handshake_send_buffer);
+}
+
+
+#define UPDATE_TIMER { \
+      session->internals.dtls.actual_retrans_timeout_ms *= 2; \
+      session->internals.dtls.actual_retrans_timeout_ms %= MAX_DTLS_TIMEOUT; \
+    }
+
+#define RESET_TIMER \
+      session->internals.dtls.actual_retrans_timeout_ms = session->internals.dtls.retrans_timeout_ms
+
+#define TIMER_WINDOW session->internals.dtls.actual_retrans_timeout_ms
+
+/* This function transmits the flight that has been previously
+ * buffered.
+ *
+ * This function is called from the handshake layer and calls the
+ * record layer.
+ */
+int _dtls_transmit(gnutls_session_t session)
+{
+	int ret;
+	uint8_t *buf = NULL;
+	unsigned int timeout;
+
+	/* PREPARING -> SENDING state transition */
+	mbuffer_head_st *const send_buffer =
+	    &session->internals.handshake_send_buffer;
+	mbuffer_st *cur;
+	gnutls_handshake_description_t last_type = 0;
+	unsigned int diff;
+	struct timespec now;
+
+	gnutls_gettime(&now);
+
+	/* If we have already sent a flight and we are operating in a 
+	 * non blocking way, check if it is time to retransmit or just
+	 * return.
+	 */
+	if (session->internals.dtls.flight_init != 0
+	    && (session->internals.flags & GNUTLS_NONBLOCK)) {
+		/* just in case previous run was interrupted */
+		ret = _gnutls_io_write_flush(session);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		if (session->internals.dtls.last_flight == 0
+		    || !_dtls_is_async(session)) {
+			/* check for ACK */
+			ret = _gnutls_io_check_recv(session, 0);
+			if (ret == GNUTLS_E_TIMEDOUT) {
+				/* if no retransmission is required yet just return 
+				 */
+				if (timespec_sub_ms
+				    (&now,
+				     &session->internals.dtls.
+				     last_retransmit) < TIMER_WINDOW) {
+					gnutls_assert();
+					goto nb_timeout;
+				}
+			} else {	/* received something */
+
+				if (ret == 0) {
+					ret =
+					    is_next_hpacket_expected
+					    (session);
+					if (ret == GNUTLS_E_AGAIN
+					    || ret == GNUTLS_E_INTERRUPTED)
+						goto nb_timeout;
+					if (ret < 0
+					    && ret !=
+					    GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET)
+					{
+						gnutls_assert();
+						goto cleanup;
+					}
+					if (ret == 0)
+						goto end_flight;
+					/* if ret == GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET retransmit */
+				} else
+					goto nb_timeout;
+			}
+		}
+	}
+
+	do {
+		timeout = TIMER_WINDOW;
+
+		diff =
+		    timespec_sub_ms(&now,
+				    &session->internals.handshake_start_time);
+		if (diff >= session->internals.handshake_timeout_ms) {
+			_gnutls_dtls_log("Session timeout: %u ms\n", diff);
+			ret = gnutls_assert_val(GNUTLS_E_TIMEDOUT);
+			goto end_flight;
+		}
+
+		diff =
+		    timespec_sub_ms(&now,
+				    &session->internals.dtls.
+				    last_retransmit);
+		if (session->internals.dtls.flight_init == 0
+		    || diff >= TIMER_WINDOW) {
+			_gnutls_dtls_log
+			    ("DTLS[%p]: %sStart of flight transmission.\n",
+			     session,
+			     (session->internals.dtls.flight_init ==
+			      0) ? "" : "re-");
+			for (cur = send_buffer->head; cur != NULL;
+			     cur = cur->next) {
+				ret = transmit_message(session, cur, &buf);
+				if (ret < 0) {
+					gnutls_assert();
+					goto end_flight;
+				}
+
+				last_type = cur->htype;
+			}
+			gnutls_gettime(&session->internals.dtls.last_retransmit);
+
+			if (session->internals.dtls.flight_init == 0) {
+				session->internals.dtls.flight_init = 1;
+				RESET_TIMER;
+				timeout = TIMER_WINDOW;
+
+				if (last_type == GNUTLS_HANDSHAKE_FINISHED) {
+					/* On the last flight we cannot ensure retransmission
+					 * from here. _dtls_wait_and_retransmit() is being called
+					 * by handshake.
+					 */
+					session->internals.dtls.
+					    last_flight = 1;
+				} else
+					session->internals.dtls.
+					    last_flight = 0;
+			} else {
+				UPDATE_TIMER;
+			}
+		}
+
+		ret = _gnutls_io_write_flush(session);
+		if (ret < 0) {
+			ret = gnutls_assert_val(ret);
+			goto cleanup;
+		}
+
+		/* last message in handshake -> no ack */
+		if (session->internals.dtls.last_flight != 0) {
+			/* we don't wait here. We just return 0 and
+			 * if a retransmission occurs because peer didn't receive it
+			 * we rely on the record or handshake
+			 * layer calling this function again.
+			 */
+			ret = 0;
+			goto cleanup;
+		} else {	/* all other messages -> implicit ack (receive of next flight) */
+
+			if (!(session->internals.flags & GNUTLS_NONBLOCK))
+				ret =
+				    _gnutls_io_check_recv(session,
+							  timeout);
+			else {
+				ret = _gnutls_io_check_recv(session, 0);
+				if (ret == GNUTLS_E_TIMEDOUT) {
+					goto nb_timeout;
+				}
+			}
+
+			if (ret == 0) {
+				ret = is_next_hpacket_expected(session);
+				if (ret == GNUTLS_E_AGAIN
+				    || ret == GNUTLS_E_INTERRUPTED)
+					goto nb_timeout;
+
+				if (ret ==
+				    GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET) {
+					ret = GNUTLS_E_TIMEDOUT;
+					goto keep_up;
+				}
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+				goto end_flight;
+			}
+		}
+
+	      keep_up:
+		gnutls_gettime(&now);
+	} while (ret == GNUTLS_E_TIMEDOUT);
+
+	if (ret < 0) {
+		ret = gnutls_assert_val(ret);
+		goto end_flight;
+	}
+
+	ret = 0;
+
+      end_flight:
+	_gnutls_dtls_log("DTLS[%p]: End of flight transmission.\n",
+			 session);
+	_dtls_reset_hsk_state(session);
+
+      cleanup:
+	if (buf != NULL)
+		gnutls_free(buf);
+
+	/* SENDING -> WAITING state transition */
+	return ret;
+
+      nb_timeout:
+	if (buf != NULL)
+		gnutls_free(buf);
+
+	RETURN_DTLS_EAGAIN_OR_TIMEOUT(session, ret);
+}
+
+/* Waits for the last flight or retransmits
+ * the previous on timeout. Returns 0 on success.
+ */
+int _dtls_wait_and_retransmit(gnutls_session_t session)
+{
+	int ret;
+
+	if (!(session->internals.flags & GNUTLS_NONBLOCK))
+		ret = _gnutls_io_check_recv(session, TIMER_WINDOW);
+	else
+		ret = _gnutls_io_check_recv(session, 0);
+
+	if (ret == GNUTLS_E_TIMEDOUT) {
+		ret = _dtls_retransmit(session);
+		if (ret == 0) {
+			RETURN_DTLS_EAGAIN_OR_TIMEOUT(session, 0);
+		} else
+			return gnutls_assert_val(ret);
+	}
+
+	RESET_TIMER;
+	return 0;
+}
+
+/**
+ * gnutls_dtls_set_timeouts:
+ * @session: is a #gnutls_session_t type.
+ * @retrans_timeout: The time at which a retransmission will occur in milliseconds
+ * @total_timeout: The time at which the connection will be aborted, in milliseconds.
+ *
+ * This function will set the timeouts required for the DTLS handshake
+ * protocol. The retransmission timeout is the time after which a
+ * message from the peer is not received, the previous messages will
+ * be retransmitted. The total timeout is the time after which the
+ * handshake will be aborted with %GNUTLS_E_TIMEDOUT.
+ *
+ * The DTLS protocol recommends the values of 1 sec and 60 seconds
+ * respectively, and these are the default values.
+ *
+ * To disable retransmissions set a @retrans_timeout larger than the @total_timeout.
+ *
+ * Since: 3.0
+ **/
+void gnutls_dtls_set_timeouts(gnutls_session_t session,
+			      unsigned int retrans_timeout,
+			      unsigned int total_timeout)
+{
+	if (total_timeout == GNUTLS_INDEFINITE_TIMEOUT)
+		session->internals.handshake_timeout_ms = 0;
+	else
+		session->internals.handshake_timeout_ms = total_timeout;
+
+	session->internals.dtls.retrans_timeout_ms = retrans_timeout;
+}
+
+/**
+ * gnutls_dtls_set_mtu:
+ * @session: is a #gnutls_session_t type.
+ * @mtu: The maximum transfer unit of the transport
+ *
+ * This function will set the maximum transfer unit of the transport
+ * that DTLS packets are sent over. Note that this should exclude
+ * the IP (or IPv6) and UDP headers. So for DTLS over IPv6 on an
+ * Ethernet device with MTU 1500, the DTLS MTU set with this function
+ * would be 1500 - 40 (IPV6 header) - 8 (UDP header) = 1452.
+ *
+ * Since: 3.0
+ **/
+void gnutls_dtls_set_mtu(gnutls_session_t session, unsigned int mtu)
+{
+	session->internals.dtls.mtu = MIN(mtu, DEFAULT_MAX_RECORD_SIZE);
+}
+
+/* when max is non-zero this function will return the maximum
+ * overhead that this ciphersuite may introduce, e.g., the maximum
+ * amount of padding required */
+unsigned _gnutls_record_overhead(const version_entry_st *ver,
+				 const cipher_entry_st *cipher,
+				 const mac_entry_st *mac,
+				 unsigned max)
+{
+	int total = 0;
+	int ret;
+	int hash_len = 0;
+
+	if (unlikely(cipher == NULL))
+		return 0;
+
+	/* 1 octet content type in the unencrypted content */
+	if (ver->tls13_sem)
+		total++;
+
+	if (mac->id == GNUTLS_MAC_AEAD) {
+		if (!ver->tls13_sem)
+			total += _gnutls_cipher_get_explicit_iv_size(cipher);
+
+		total += _gnutls_cipher_get_tag_size(cipher);
+	} else {
+		/* STREAM + BLOCK have a MAC appended */
+		ret = _gnutls_mac_get_algo_len(mac);
+		if (unlikely(ret < 0))
+			return 0;
+
+		hash_len = ret;
+		total += hash_len;
+	}
+
+	/* Block ciphers have padding + IV */
+	if (_gnutls_cipher_type(cipher) == CIPHER_BLOCK) {
+		int exp_iv;
+
+		exp_iv = _gnutls_cipher_get_explicit_iv_size(cipher);
+
+		if (max)
+			total += 2*exp_iv; /* block == iv size */
+		else
+			total += exp_iv + 1;
+	}
+
+	return total;
+}
+
+/**
+ * gnutls_est_record_overhead_size:
+ * @version: is a #gnutls_protocol_t value
+ * @cipher: is a #gnutls_cipher_algorithm_t value
+ * @mac: is a #gnutls_mac_algorithm_t value
+ * @comp: is a #gnutls_compression_method_t value (ignored)
+ * @flags: must be zero
+ *
+ * This function will return the set size in bytes of the overhead
+ * due to TLS (or DTLS) per record.
+ *
+ * Note that this function may provide inaccurate values when TLS
+ * extensions that modify the record format are negotiated. In these
+ * cases a more accurate value can be obtained using gnutls_record_overhead_size() 
+ * after a completed handshake.
+ *
+ * Since: 3.2.2
+ **/
+size_t gnutls_est_record_overhead_size(gnutls_protocol_t version,
+				       gnutls_cipher_algorithm_t cipher,
+				       gnutls_mac_algorithm_t mac,
+				       gnutls_compression_method_t comp,
+				       unsigned int flags)
+{
+	const cipher_entry_st *c;
+	const mac_entry_st *m;
+	const version_entry_st *v;
+	size_t total = 0;
+
+	c = cipher_to_entry(cipher);
+	if (c == NULL)
+		return 0;
+
+	m = mac_to_entry(mac);
+	if (m == NULL)
+		return 0;
+
+	v = version_to_entry(version);
+	if (v == NULL)
+		return 0;
+
+	if (v->transport == GNUTLS_STREAM)
+		total = TLS_RECORD_HEADER_SIZE;
+	else
+		total = DTLS_RECORD_HEADER_SIZE;
+
+	total += _gnutls_record_overhead(v, c, m, 1);
+
+	return total;
+}
+
+/* returns overhead imposed by the record layer (encryption/compression)
+ * etc. It does not include the record layer headers, since the caller
+ * needs to cope with rounding to multiples of blocksize, and the header
+ * is outside that.
+ *
+ * blocksize: will contain the block size when padding may be required or 1
+ *
+ * It may return a negative error code on error.
+ */
+static int record_overhead_rt(gnutls_session_t session)
+{
+	record_parameters_st *params;
+	int ret;
+
+	if (session->internals.initial_negotiation_completed == 0)
+		return GNUTLS_E_INVALID_REQUEST;
+	ret = _gnutls_epoch_get(session, EPOCH_WRITE_CURRENT, &params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return _gnutls_record_overhead(get_version(session), params->cipher, params->mac, 1);
+}
+
+/**
+ * gnutls_record_overhead_size:
+ * @session: is #gnutls_session_t
+ *
+ * This function will return the size in bytes of the overhead
+ * due to TLS (or DTLS) per record. On certain occasions
+ * (e.g., CBC ciphers) the returned value is the maximum
+ * possible overhead.
+ *
+ * Since: 3.2.2
+ **/
+size_t gnutls_record_overhead_size(gnutls_session_t session)
+{
+	const version_entry_st *v = get_version(session);
+	int ret;
+	size_t total;
+
+	if (v->transport == GNUTLS_STREAM)
+		total = TLS_RECORD_HEADER_SIZE;
+	else
+		total = DTLS_RECORD_HEADER_SIZE;
+
+	ret = record_overhead_rt(session);
+	if (ret >= 0)
+		total += ret;
+
+	return total;
+}
+
+
+
+/**
+ * gnutls_dtls_get_data_mtu:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function will return the actual maximum transfer unit for
+ * application data. I.e. DTLS headers are subtracted from the
+ * actual MTU which is set using gnutls_dtls_set_mtu().
+ *
+ * Returns: the maximum allowed transfer unit.
+ *
+ * Since: 3.0
+ **/
+unsigned int gnutls_dtls_get_data_mtu(gnutls_session_t session)
+{
+	int mtu = session->internals.dtls.mtu;
+	record_parameters_st *params;
+	int ret, k, hash_size, block;
+
+	mtu -= RECORD_HEADER_SIZE(session);
+
+	if (session->internals.initial_negotiation_completed == 0)
+		return mtu;
+
+	ret = _gnutls_epoch_get(session, EPOCH_WRITE_CURRENT, &params);
+	if (ret < 0)
+		return mtu;
+
+	if (params->cipher->type == CIPHER_AEAD || params->cipher->type == CIPHER_STREAM)
+		return mtu-_gnutls_record_overhead(get_version(session), params->cipher, params->mac, 0);
+
+	/* CIPHER_BLOCK: in CBC ciphers guess the data MTU as it depends on residues
+	 */
+	hash_size = _gnutls_mac_get_algo_len(params->mac);
+	block = _gnutls_cipher_get_explicit_iv_size(params->cipher);
+	assert(_gnutls_cipher_get_block_size(params->cipher) == block);
+
+	if (params->etm) {
+		/* the maximum data mtu satisfies:
+		 * data mtu (mod block) = block-1
+		 * or data mtu = (k+1)*(block) - 1
+	         *
+		 * and data mtu + block + hash size + 1 = link_mtu
+		 *     (k+2) * (block) + hash size = link_mtu
+		 *
+		 *     We try to find k, and thus data mtu
+		 */
+		k = ((mtu-hash_size)/block) - 2;
+
+		return (k+1)*block - 1;
+	} else {
+		/* the maximum data mtu satisfies:
+		 * data mtu + hash size (mod block) = block-1
+		 * or data mtu = (k+1)*(block) - hash size - 1
+		 *
+		 * and data mtu + block + hash size + 1 = link_mtu
+		 *     (k+2) * (block) = link_mtu
+		 *
+		 *     We try to find k, and thus data mtu
+		 */
+		k = ((mtu)/block) - 2;
+
+		return (k+1)*block - hash_size - 1;
+	}
+}
+
+/**
+ * gnutls_dtls_set_data_mtu:
+ * @session: is a #gnutls_session_t type.
+ * @mtu: The maximum unencrypted transfer unit of the session
+ *
+ * This function will set the maximum size of the *unencrypted* records
+ * which will be sent over a DTLS session. It is equivalent to calculating
+ * the DTLS packet overhead with the current encryption parameters, and
+ * calling gnutls_dtls_set_mtu() with that value. In particular, this means
+ * that you may need to call this function again after any negotiation or
+ * renegotiation, in order to ensure that the MTU is still sufficient to
+ * account for the new protocol overhead.
+ *
+ * In most cases you only need to call gnutls_dtls_set_mtu() with
+ * the maximum MTU of your transport layer.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success, or a negative error code.
+ *
+ * Since: 3.1
+ **/
+int gnutls_dtls_set_data_mtu(gnutls_session_t session, unsigned int mtu)
+{
+	int overhead;
+
+	overhead = record_overhead_rt(session);
+
+	/* You can't call this until the session is actually running */
+	if (overhead < 0)
+		return GNUTLS_E_INVALID_SESSION;
+
+	/* Add the overhead inside the encrypted part */
+	mtu += overhead;
+
+	/* Add the *unencrypted header size */
+	mtu += RECORD_HEADER_SIZE(session);
+
+	gnutls_dtls_set_mtu(session, mtu);
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_dtls_get_mtu:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function will return the MTU size as set with
+ * gnutls_dtls_set_mtu(). This is not the actual MTU
+ * of data you can transmit. Use gnutls_dtls_get_data_mtu()
+ * for that reason.
+ *
+ * Returns: the set maximum transfer unit.
+ *
+ * Since: 3.0
+ **/
+unsigned int gnutls_dtls_get_mtu(gnutls_session_t session)
+{
+	return session->internals.dtls.mtu;
+}
+
+/**
+ * gnutls_dtls_get_timeout:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function will return the milliseconds remaining
+ * for a retransmission of the previously sent handshake
+ * message. This function is useful when DTLS is used in
+ * non-blocking mode, to estimate when to call gnutls_handshake()
+ * if no packets have been received.
+ *
+ * Returns: the remaining time in milliseconds.
+ *
+ * Since: 3.0
+ **/
+unsigned int gnutls_dtls_get_timeout(gnutls_session_t session)
+{
+	struct timespec now;
+	unsigned int diff;
+
+	gnutls_gettime(&now);
+
+	diff =
+	    timespec_sub_ms(&now,
+			    &session->internals.dtls.last_retransmit);
+	if (diff >= TIMER_WINDOW)
+		return 0;
+	else
+		return TIMER_WINDOW - diff;
+}
+
+#define COOKIE_SIZE 16
+#define COOKIE_MAC_SIZE 16
+
+/*   MAC
+ * 16 bytes
+ *
+ * total 19 bytes
+ */
+
+#define C_HASH GNUTLS_MAC_SHA1
+#define C_HASH_SIZE 20
+
+/**
+ * gnutls_dtls_cookie_send:
+ * @key: is a random key to be used at cookie generation
+ * @client_data: contains data identifying the client (i.e. address)
+ * @client_data_size: The size of client's data
+ * @prestate: The previous cookie returned by gnutls_dtls_cookie_verify()
+ * @ptr: A transport pointer to be used by @push_func
+ * @push_func: A function that will be used to reply
+ *
+ * This function can be used to prevent denial of service
+ * attacks to a DTLS server by requiring the client to
+ * reply using a cookie sent by this function. That way
+ * it can be ensured that a client we allocated resources
+ * for (i.e. #gnutls_session_t) is the one that the 
+ * original incoming packet was originated from.
+ *
+ * This function must be called at the first incoming packet,
+ * prior to allocating any resources and must be succeeded
+ * by gnutls_dtls_cookie_verify().
+ *
+ * Returns: the number of bytes sent, or a negative error code.  
+ *
+ * Since: 3.0
+ **/
+int gnutls_dtls_cookie_send(gnutls_datum_t * key, void *client_data,
+			    size_t client_data_size,
+			    gnutls_dtls_prestate_st * prestate,
+			    gnutls_transport_ptr_t ptr,
+			    gnutls_push_func push_func)
+{
+	uint8_t hvr[20 + DTLS_HANDSHAKE_HEADER_SIZE + COOKIE_SIZE];
+	int hvr_size = 0, ret;
+	uint8_t digest[C_HASH_SIZE];
+
+	if (key == NULL || key->data == NULL || key->size == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+/* send
+ *  struct {
+ *    ContentType type - 1 byte GNUTLS_HANDSHAKE;
+ *    ProtocolVersion version; - 2 bytes (254,255)
+ *    uint16 epoch; - 2 bytes (0, 0)
+ *    uint48 sequence_number; - 4 bytes (0,0,0,0)
+ *    uint16 length; - 2 bytes (COOKIE_SIZE+1+2)+DTLS_HANDSHAKE_HEADER_SIZE
+ *    uint8_t fragment[DTLSPlaintext.length];
+ *  } DTLSPlaintext;
+ *
+ *
+ * struct {
+ *    HandshakeType msg_type; 1 byte - GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST
+ *    uint24 length; - COOKIE_SIZE+3
+ *    uint16 message_seq; - 2 bytes (0,0)
+ *    uint24 fragment_offset; - 3 bytes (0,0,0)
+ *    uint24 fragment_length; - same as length
+ * }
+ *
+ * struct {
+ *   ProtocolVersion server_version;
+ *   uint8_t cookie<0..32>;
+ * } HelloVerifyRequest;
+ */
+
+	hvr[hvr_size++] = GNUTLS_HANDSHAKE;
+	/* version */
+	hvr[hvr_size++] = 254;
+	hvr[hvr_size++] = 255;
+
+	/* epoch + seq */
+	memset(&hvr[hvr_size], 0, 8);
+	hvr_size += 7;
+	hvr[hvr_size++] = prestate->record_seq;
+
+	/* length */
+	_gnutls_write_uint16(DTLS_HANDSHAKE_HEADER_SIZE + COOKIE_SIZE + 3,
+			     &hvr[hvr_size]);
+	hvr_size += 2;
+
+	/* now handshake headers */
+	hvr[hvr_size++] = GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST;
+	_gnutls_write_uint24(COOKIE_SIZE + 3, &hvr[hvr_size]);
+	hvr_size += 3;
+
+	/* handshake seq */
+	hvr[hvr_size++] = 0;
+	hvr[hvr_size++] = prestate->hsk_write_seq;
+
+	_gnutls_write_uint24(0, &hvr[hvr_size]);
+	hvr_size += 3;
+
+	_gnutls_write_uint24(COOKIE_SIZE + 3, &hvr[hvr_size]);
+	hvr_size += 3;
+
+	/* version */
+	hvr[hvr_size++] = 254;
+	hvr[hvr_size++] = 255;
+	hvr[hvr_size++] = COOKIE_SIZE;
+
+	ret =
+	    _gnutls_mac_fast(C_HASH, key->data, key->size, client_data,
+			     client_data_size, digest);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	memcpy(&hvr[hvr_size], digest, COOKIE_MAC_SIZE);
+	hvr_size += COOKIE_MAC_SIZE;
+
+	ret = push_func(ptr, hvr, hvr_size);
+	if (ret < 0)
+		ret = GNUTLS_E_PUSH_ERROR;
+
+	return ret;
+}
+
+/**
+ * gnutls_dtls_cookie_verify:
+ * @key: is a random key to be used at cookie generation
+ * @client_data: contains data identifying the client (i.e. address)
+ * @client_data_size: The size of client's data
+ * @_msg: An incoming message that initiates a connection.
+ * @msg_size: The size of the message.
+ * @prestate: The cookie of this client.
+ *
+ * This function will verify the received message for
+ * a valid cookie. If a valid cookie is returned then
+ * it should be associated with the session using
+ * gnutls_dtls_prestate_set();
+ *
+ * This function must be called after gnutls_dtls_cookie_send().
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success, or a negative error code.  
+ *
+ * Since: 3.0
+ **/
+int gnutls_dtls_cookie_verify(gnutls_datum_t * key,
+			      void *client_data, size_t client_data_size,
+			      void *_msg, size_t msg_size,
+			      gnutls_dtls_prestate_st * prestate)
+{
+	gnutls_datum_t cookie;
+	int ret;
+	unsigned int pos, sid_size;
+	uint8_t *msg = _msg;
+	uint8_t digest[C_HASH_SIZE];
+
+	if (key == NULL || key->data == NULL || key->size == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	/* format:
+	 * version - 2 bytes
+	 * random - 32 bytes
+	 * session_id - 1 byte length + content
+	 * cookie - 1 byte length + content
+	 */
+
+	pos = 34 + DTLS_RECORD_HEADER_SIZE + DTLS_HANDSHAKE_HEADER_SIZE;
+
+	if (msg_size < pos + 1)
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	sid_size = msg[pos++];
+
+	if (sid_size > 32 || msg_size < pos + sid_size + 1)
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	pos += sid_size;
+	cookie.size = msg[pos++];
+
+	if (msg_size < pos + cookie.size + 1)
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	cookie.data = &msg[pos];
+	if (cookie.size != COOKIE_SIZE) {
+		if (cookie.size > 0)
+			_gnutls_audit_log(NULL,
+					  "Received cookie with illegal size %d. Expected %d\n",
+					  (int) cookie.size, COOKIE_SIZE);
+		return gnutls_assert_val(GNUTLS_E_BAD_COOKIE);
+	}
+
+	ret =
+	    _gnutls_mac_fast(C_HASH, key->data, key->size, client_data,
+			     client_data_size, digest);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (memcmp(digest, cookie.data, COOKIE_MAC_SIZE) != 0)
+		return gnutls_assert_val(GNUTLS_E_BAD_COOKIE);
+
+	prestate->record_seq = msg[10];	/* client's record seq */
+	prestate->hsk_read_seq = msg[DTLS_RECORD_HEADER_SIZE + 5];	/* client's hsk seq */
+	prestate->hsk_write_seq = 0;	/* we always send zero for this msg */
+
+	return 0;
+}
+
+/**
+ * gnutls_dtls_prestate_set:
+ * @session: a new session
+ * @prestate: contains the client's prestate
+ *
+ * This function will associate the prestate acquired by
+ * the cookie authentication with the client, with the newly 
+ * established session.
+ *
+ * This functions must be called after a successful gnutls_dtls_cookie_verify()
+ * and should be succeeded by the actual DTLS handshake using gnutls_handshake().
+ *
+ * Since: 3.0
+ **/
+void gnutls_dtls_prestate_set(gnutls_session_t session,
+			      gnutls_dtls_prestate_st * prestate)
+{
+	record_parameters_st *params;
+	int ret;
+
+	if (prestate == NULL)
+		return;
+
+	/* we do not care about read_params, since we accept anything
+	 * the peer sends.
+	 */
+	ret = _gnutls_epoch_get(session, EPOCH_WRITE_CURRENT, &params);
+	if (ret < 0)
+		return;
+
+	params->write.sequence_number = prestate->record_seq;
+
+	session->internals.dtls.hsk_read_seq = prestate->hsk_read_seq;
+	session->internals.dtls.hsk_write_seq =
+	    prestate->hsk_write_seq + 1;
+}
+
+/**
+ * gnutls_record_get_discarded:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Returns the number of discarded packets in a
+ * DTLS connection.
+ *
+ * Returns: The number of discarded packets.
+ *
+ * Since: 3.0
+ **/
+unsigned int gnutls_record_get_discarded(gnutls_session_t session)
+{
+	return session->internals.dtls.packets_dropped;
+}
diff --git a/lib/dtls.h b/lib/dtls.h
new file mode 100644
index 0000000..7d9fb40
--- /dev/null
+++ b/lib/dtls.h
@@ -0,0 +1,138 @@
+/*
+ * Copyright (C) 2009-2012 Free Software Foundation, Inc.
+ *
+ * Author: Jonathan Bastien-Filiatrault
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_DTLS_H
+#define GNUTLS_LIB_DTLS_H
+
+#include <config.h>
+#include "gnutls_int.h"
+#include <buffers.h>
+#include <mbuffers.h>
+#include <constate.h>
+
+int _dtls_transmit(gnutls_session_t session);
+int _dtls_record_check(struct record_parameters_st *rp, uint64_t seq_num);
+void _dtls_reset_hsk_state(gnutls_session_t session);
+void _dtls_reset_window(struct record_parameters_st *rp);
+
+#define MAX_DTLS_TIMEOUT 60000
+
+
+#define RETURN_DTLS_EAGAIN_OR_TIMEOUT(session, r) { \
+  struct timespec _now; \
+  unsigned int _diff; \
+  gnutls_gettime(&_now); \
+   \
+  _diff = timespec_sub_ms(&_now, &session->internals.handshake_start_time); \
+  if (_diff > session->internals.handshake_timeout_ms) \
+    { \
+      _gnutls_dtls_log("Session timeout: %u ms\n", _diff); \
+      return gnutls_assert_val(GNUTLS_E_TIMEDOUT); \
+    } \
+  else \
+    { \
+      int _rr; \
+      if (r != GNUTLS_E_INTERRUPTED) _rr = GNUTLS_E_AGAIN; \
+      else _rr = r; \
+      if (!(session->internals.flags & GNUTLS_NONBLOCK)) \
+	millisleep(50); \
+      return gnutls_assert_val(_rr); \
+    } \
+  }
+
+
+int _dtls_wait_and_retransmit(gnutls_session_t session);
+
+/* returns true or false depending on whether we need to
+ * handle asynchronously handshake data.
+ */
+inline static int _dtls_is_async(gnutls_session_t session)
+{
+	if ((session->security_parameters.entity == GNUTLS_SERVER
+	     && !session->internals.resumed)
+	    || (session->security_parameters.entity == GNUTLS_CLIENT
+		&& session->internals.resumed))
+		return 1;
+	else
+		return 0;
+}
+
+inline static void _dtls_async_timer_init(gnutls_session_t session)
+{
+	if (_dtls_is_async(session)) {
+		_gnutls_dtls_log
+		    ("DTLS[%p]: Initializing timer for handshake state.\n",
+		     session);
+		session->internals.dtls.async_term =
+		    gnutls_time(0) + MAX_DTLS_TIMEOUT / 1000;
+	} else {
+		_dtls_reset_hsk_state(session);
+		_gnutls_handshake_io_buffer_clear(session);
+		_gnutls_epoch_gc(session);
+		session->internals.dtls.async_term = 0;
+	}
+}
+
+void _dtls_async_timer_delete(gnutls_session_t session);
+
+/* Checks whether it is time to terminate the timer
+ */
+inline static void _dtls_async_timer_check(gnutls_session_t session)
+{
+	if (!IS_DTLS(session))
+		return;
+
+	if (session->internals.dtls.async_term != 0) {
+		time_t _now = time(0);
+
+		/* check if we need to expire the queued handshake data */
+		if (_now > session->internals.dtls.async_term) {
+			_dtls_async_timer_delete(session);
+		}
+	}
+}
+
+unsigned _gnutls_record_overhead(const version_entry_st *ver,
+				 const cipher_entry_st *cipher,
+				 const mac_entry_st *mac,
+				 unsigned max);
+
+/* Returns non-zero if the async timer is active */
+inline static int _dtls_async_timer_active(gnutls_session_t session)
+{
+	if (!IS_DTLS(session))
+		return 0;
+
+	return session->internals.dtls.async_term;
+}
+
+/* This function is to be called from record layer once
+ * a handshake replay is detected. It will make sure
+ * it transmits only once per few seconds. Otherwise
+ * it is the same as _dtls_transmit().
+ */
+inline static int _dtls_retransmit(gnutls_session_t session)
+{
+	return _dtls_transmit(session);
+}
+
+#endif /* GNUTLS_LIB_DTLS_H */
diff --git a/lib/ecc.c b/lib/ecc.c
new file mode 100644
index 0000000..b4d7a23
--- /dev/null
+++ b/lib/ecc.c
@@ -0,0 +1,127 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Helper functions for ECC handling 
+ * based on public domain code by Tom St. Dennis.
+ */
+#include "gnutls_int.h"
+#include <mpi.h>
+#include <ecc.h>
+#include <algorithms.h>
+#include "errors.h"
+
+int
+_gnutls_ecc_ansi_x962_export(gnutls_ecc_curve_t curve, bigint_t x,
+			     bigint_t y, gnutls_datum_t * out)
+{
+	int numlen = gnutls_ecc_curve_get_size(curve);
+	int byte_size, ret;
+	size_t size;
+
+	if (numlen == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	out->size = 1 + 2 * numlen;
+
+	out->data = gnutls_malloc(out->size);
+	if (out->data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	memset(out->data, 0, out->size);
+
+	/* store byte 0x04 */
+	out->data[0] = 0x04;
+
+	/* pad and store x */
+	byte_size = (_gnutls_mpi_get_nbits(x) + 7) / 8;
+	if (numlen < byte_size) {
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto cleanup;
+	}
+
+	size = out->size - (1 + (numlen - byte_size));
+	ret =
+	    _gnutls_mpi_print(x, &out->data[1 + (numlen - byte_size)],
+			      &size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	byte_size = (_gnutls_mpi_get_nbits(y) + 7) / 8;
+	if (numlen < byte_size) {
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto cleanup;
+	}
+
+	size = out->size - (1 + (numlen + numlen - byte_size));
+	ret =
+	    _gnutls_mpi_print(y,
+			      &out->data[1 + numlen + numlen - byte_size],
+			      &size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* pad and store y */
+	return 0;
+ cleanup:
+	_gnutls_free_datum(out);
+	return ret;
+}
+
+
+
+int
+_gnutls_ecc_ansi_x962_import(const uint8_t * in,
+			     unsigned long inlen, bigint_t * x,
+			     bigint_t * y)
+{
+	int ret;
+
+	/* must be odd */
+	if ((inlen & 1) == 0) {
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* check for 4  */
+	if (in[0] != 4) {
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+	}
+
+	/* read data */
+	ret = _gnutls_mpi_init_scan(x, in + 1, (inlen - 1) >> 1);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	ret =
+	    _gnutls_mpi_init_scan(y, in + 1 + ((inlen - 1) >> 1),
+			     (inlen - 1) >> 1);
+	if (ret < 0) {
+		_gnutls_mpi_release(x);
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	return 0;
+}
+
diff --git a/lib/ecc.h b/lib/ecc.h
new file mode 100644
index 0000000..6e724b8
--- /dev/null
+++ b/lib/ecc.h
@@ -0,0 +1,31 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_ECC_H
+#define GNUTLS_LIB_ECC_H
+
+int _gnutls_ecc_ansi_x962_import(const uint8_t * in, unsigned long inlen,
+				 bigint_t * x, bigint_t * y);
+int _gnutls_ecc_ansi_x962_export(gnutls_ecc_curve_t curve, bigint_t x,
+				 bigint_t y, gnutls_datum_t * out);
+
+#endif /* GNUTLS_LIB_ECC_H */
diff --git a/lib/errors.c b/lib/errors.c
new file mode 100644
index 0000000..4e59d63
--- /dev/null
+++ b/lib/errors.c
@@ -0,0 +1,711 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#ifdef STDC_HEADERS
+#include <stdarg.h>
+#endif
+#include "str.h"
+
+#define ERROR_ENTRY(desc, name) \
+	{ desc, #name, name}
+
+struct gnutls_error_entry {
+	const char *desc;
+	const char *_name;
+	int number;
+};
+typedef struct gnutls_error_entry gnutls_error_entry;
+
+static const gnutls_error_entry error_entries[] = {
+	/* "Short Description", Error code define, critical (0,1) -- 1 in most cases */
+	ERROR_ENTRY(N_("Could not negotiate a supported cipher suite."),
+		    GNUTLS_E_UNKNOWN_CIPHER_SUITE),
+	ERROR_ENTRY(N_("No or insufficient priorities were set."),
+		    GNUTLS_E_NO_PRIORITIES_WERE_SET),
+	ERROR_ENTRY(N_("The cipher type is unsupported."),
+		    GNUTLS_E_UNKNOWN_CIPHER_TYPE),
+	ERROR_ENTRY(N_("The certificate and the given key do not match."),
+		    GNUTLS_E_CERTIFICATE_KEY_MISMATCH),
+	ERROR_ENTRY(N_
+		    ("Could not negotiate a supported compression method."),
+		    GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM),
+	ERROR_ENTRY(N_("An unknown public key algorithm was encountered."),
+		    GNUTLS_E_UNKNOWN_PK_ALGORITHM),
+
+	ERROR_ENTRY(N_("An algorithm that is not enabled was negotiated."),
+		    GNUTLS_E_UNWANTED_ALGORITHM),
+	ERROR_ENTRY(N_
+		    ("A packet with illegal or unsupported version was received."),
+		    GNUTLS_E_UNSUPPORTED_VERSION_PACKET),
+	ERROR_ENTRY(N_
+		    ("The Diffie-Hellman prime sent by the server is not acceptable (not long enough)."),
+		    GNUTLS_E_DH_PRIME_UNACCEPTABLE),
+	ERROR_ENTRY(N_
+		    ("Error decoding the received TLS packet."),
+		    GNUTLS_E_UNEXPECTED_PACKET_LENGTH),
+	ERROR_ENTRY(N_
+		    ("A TLS record packet with invalid length was received."),
+		    GNUTLS_E_RECORD_OVERFLOW),
+	ERROR_ENTRY(N_("The TLS connection was non-properly terminated."),
+		    GNUTLS_E_PREMATURE_TERMINATION),
+	ERROR_ENTRY(N_
+		    ("The specified session has been invalidated for some reason."),
+		    GNUTLS_E_INVALID_SESSION),
+
+	ERROR_ENTRY(N_("GnuTLS internal error."), GNUTLS_E_INTERNAL_ERROR),
+	ERROR_ENTRY(N_(
+		    "A connection with inappropriate fallback was attempted."),
+		    GNUTLS_E_INAPPROPRIATE_FALLBACK),
+	ERROR_ENTRY(N_("An illegal TLS extension was received."),
+		    GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION),
+	ERROR_ENTRY(N_("An required TLS extension was received."),
+		    GNUTLS_E_MISSING_EXTENSION),
+	ERROR_ENTRY(N_("A TLS fatal alert has been received."),
+		    GNUTLS_E_FATAL_ALERT_RECEIVED),
+	ERROR_ENTRY(N_("An unexpected TLS packet was received."),
+		    GNUTLS_E_UNEXPECTED_PACKET),
+	ERROR_ENTRY(N_("Failed to import the key into store."),
+		    GNUTLS_E_KEY_IMPORT_FAILED),
+	ERROR_ENTRY(N_
+		    ("An error was encountered at the TLS Finished packet calculation."),
+		    GNUTLS_E_ERROR_IN_FINISHED_PACKET),
+	ERROR_ENTRY(N_("No certificate was found."),
+		    GNUTLS_E_NO_CERTIFICATE_FOUND),
+	ERROR_ENTRY(N_("Certificate is required."),
+		    GNUTLS_E_CERTIFICATE_REQUIRED),
+	ERROR_ENTRY(N_
+		    ("The given DSA key is incompatible with the selected TLS protocol."),
+		    GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL),
+	ERROR_ENTRY(N_
+		    ("There is already a crypto algorithm with lower priority."),
+		    GNUTLS_E_CRYPTO_ALREADY_REGISTERED),
+
+	ERROR_ENTRY(N_("No temporary RSA parameters were found."),
+		    GNUTLS_E_NO_TEMPORARY_RSA_PARAMS),
+	ERROR_ENTRY(N_("No temporary DH parameters were found."),
+		    GNUTLS_E_NO_TEMPORARY_DH_PARAMS),
+	ERROR_ENTRY(N_("An unexpected TLS handshake packet was received."),
+		    GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET),
+	ERROR_ENTRY(N_("The scanning of a large integer has failed."),
+		    GNUTLS_E_MPI_SCAN_FAILED),
+	ERROR_ENTRY(N_("Could not export a large integer."),
+		    GNUTLS_E_MPI_PRINT_FAILED),
+	ERROR_ENTRY(N_("Decryption has failed."),
+		    GNUTLS_E_DECRYPTION_FAILED),
+	ERROR_ENTRY(N_("Encryption has failed."),
+		    GNUTLS_E_ENCRYPTION_FAILED),
+	ERROR_ENTRY(N_("Public key decryption has failed."),
+		    GNUTLS_E_PK_DECRYPTION_FAILED),
+	ERROR_ENTRY(N_("Public key encryption has failed."),
+		    GNUTLS_E_PK_ENCRYPTION_FAILED),
+	ERROR_ENTRY(N_("Public key signing has failed."),
+		    GNUTLS_E_PK_SIGN_FAILED),
+	ERROR_ENTRY(N_("Public key signature verification has failed."),
+		    GNUTLS_E_PK_SIG_VERIFY_FAILED),
+	ERROR_ENTRY(N_
+		    ("Decompression of the TLS record packet has failed."),
+		    GNUTLS_E_DECOMPRESSION_FAILED),
+	ERROR_ENTRY(N_("Compression of the TLS record packet has failed."),
+		    GNUTLS_E_COMPRESSION_FAILED),
+
+	ERROR_ENTRY(N_("Internal error in memory allocation."),
+		    GNUTLS_E_MEMORY_ERROR),
+	ERROR_ENTRY(N_
+		    ("An unimplemented or disabled feature has been requested."),
+		    GNUTLS_E_UNIMPLEMENTED_FEATURE),
+	ERROR_ENTRY(N_("Insufficient credentials for that request."),
+		    GNUTLS_E_INSUFFICIENT_CREDENTIALS),
+	ERROR_ENTRY(N_("Error in password/key file."), GNUTLS_E_SRP_PWD_ERROR),
+	ERROR_ENTRY(N_("Wrong padding in PKCS1 packet."),
+		    GNUTLS_E_PKCS1_WRONG_PAD),
+	ERROR_ENTRY(N_("The session or certificate has expired."),
+		    GNUTLS_E_EXPIRED),
+	ERROR_ENTRY(N_("The certificate is not yet activated."),
+		    GNUTLS_E_NOT_YET_ACTIVATED),
+	ERROR_ENTRY(N_("Hashing has failed."), GNUTLS_E_HASH_FAILED),
+	ERROR_ENTRY(N_("Base64 decoding error."),
+		    GNUTLS_E_BASE64_DECODING_ERROR),
+	ERROR_ENTRY(N_("Base64 unexpected header error."),
+		    GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR),
+	ERROR_ENTRY(N_("Base64 encoding error."),
+		    GNUTLS_E_BASE64_ENCODING_ERROR),
+	ERROR_ENTRY(N_("Parsing error in password/key file."),
+		    GNUTLS_E_SRP_PWD_PARSING_ERROR),
+	ERROR_ENTRY(N_("The requested data were not available."),
+		    GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE),
+	ERROR_ENTRY(N_("There are no embedded data in the structure."),
+		    GNUTLS_E_NO_EMBEDDED_DATA),
+	ERROR_ENTRY(N_("Error in the pull function."), GNUTLS_E_PULL_ERROR),
+	ERROR_ENTRY(N_("Error in the push function."), GNUTLS_E_PUSH_ERROR),
+	ERROR_ENTRY(N_
+		    ("The upper limit of record packet sequence numbers has been reached. Wow!"),
+		    GNUTLS_E_RECORD_LIMIT_REACHED),
+	ERROR_ENTRY(N_("Error in the certificate."),
+		    GNUTLS_E_CERTIFICATE_ERROR),
+	ERROR_ENTRY(N_("Error in the time fields of certificate."),
+		    GNUTLS_E_CERTIFICATE_TIME_ERROR),
+	ERROR_ENTRY(N_("Error in the certificate verification."),
+		    GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR),
+	ERROR_ENTRY(N_("Error in the CRL verification."),
+		    GNUTLS_E_CRL_VERIFICATION_ERROR),
+	ERROR_ENTRY(N_("Error in the private key verification; seed doesn't match."),
+		    GNUTLS_E_PRIVKEY_VERIFICATION_ERROR),
+	ERROR_ENTRY(N_("Could not authenticate peer."),
+		    GNUTLS_E_AUTH_ERROR),
+	ERROR_ENTRY(N_
+		    ("Unknown Subject Alternative name in X.509 certificate."),
+		    GNUTLS_E_X509_UNKNOWN_SAN),
+	ERROR_ENTRY(N_
+			("CIDR name constraint is malformed in size or structure."),
+			GNUTLS_E_MALFORMED_CIDR),
+
+	ERROR_ENTRY(N_
+		    ("Unsupported critical extension in X.509 certificate."),
+		    GNUTLS_E_X509_UNSUPPORTED_CRITICAL_EXTENSION),
+	ERROR_ENTRY(N_("Unsupported extension in X.509 certificate."),
+		    GNUTLS_E_X509_UNSUPPORTED_EXTENSION),
+	ERROR_ENTRY(N_("Duplicate extension in X.509 certificate."),
+		    GNUTLS_E_X509_DUPLICATE_EXTENSION),
+	ERROR_ENTRY(N_
+		    ("Key usage violation in certificate has been detected."),
+		    GNUTLS_E_KEY_USAGE_VIOLATION),
+	ERROR_ENTRY(N_("Function was interrupted."), GNUTLS_E_INTERRUPTED),
+	ERROR_ENTRY(N_
+		    ("TLS Application data were received, while expecting handshake data."),
+		    GNUTLS_E_GOT_APPLICATION_DATA),
+	ERROR_ENTRY(N_("Error in Database backend."), GNUTLS_E_DB_ERROR),
+	ERROR_ENTRY(N_("The Database entry already exists."), GNUTLS_E_DB_ENTRY_EXISTS),
+	ERROR_ENTRY(N_("The certificate type is not supported."),
+		    GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE),
+	ERROR_ENTRY(N_
+		    ("The given memory buffer is too short to hold parameters."),
+		    GNUTLS_E_SHORT_MEMORY_BUFFER),
+	ERROR_ENTRY(N_("The request is invalid."),
+		    GNUTLS_E_INVALID_REQUEST),
+	ERROR_ENTRY(N_("The cookie was bad."), GNUTLS_E_BAD_COOKIE),
+	ERROR_ENTRY(N_("An illegal parameter has been received."),
+		    GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER),
+	ERROR_ENTRY(N_("An illegal parameter was found."),
+		    GNUTLS_E_ILLEGAL_PARAMETER),
+	ERROR_ENTRY(N_("Error while reading file."), GNUTLS_E_FILE_ERROR),
+	ERROR_ENTRY(N_("A disallowed SNI server name has been received."),
+		    GNUTLS_E_RECEIVED_DISALLOWED_NAME),
+
+	ERROR_ENTRY(N_("ASN1 parser: Element was not found."),
+		    GNUTLS_E_ASN1_ELEMENT_NOT_FOUND),
+	ERROR_ENTRY(N_("ASN1 parser: Identifier was not found"),
+		    GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND),
+	ERROR_ENTRY(N_("ASN1 parser: Error in DER parsing."),
+		    GNUTLS_E_ASN1_DER_ERROR),
+	ERROR_ENTRY(N_("ASN1 parser: Value was not found."),
+		    GNUTLS_E_ASN1_VALUE_NOT_FOUND),
+	ERROR_ENTRY(N_("ASN1 parser: Generic parsing error."),
+		    GNUTLS_E_ASN1_GENERIC_ERROR),
+	ERROR_ENTRY(N_("ASN1 parser: Value is not valid."),
+		    GNUTLS_E_ASN1_VALUE_NOT_VALID),
+	ERROR_ENTRY(N_("ASN1 parser: Error in TAG."),
+		    GNUTLS_E_ASN1_TAG_ERROR),
+	ERROR_ENTRY(N_("ASN1 parser: error in implicit tag"),
+		    GNUTLS_E_ASN1_TAG_IMPLICIT),
+	ERROR_ENTRY(N_("ASN1 parser: Error in type 'ANY'."),
+		    GNUTLS_E_ASN1_TYPE_ANY_ERROR),
+	ERROR_ENTRY(N_("ASN1 parser: Syntax error."),
+		    GNUTLS_E_ASN1_SYNTAX_ERROR),
+	ERROR_ENTRY(N_("ASN1 parser: Overflow in DER parsing."),
+		    GNUTLS_E_ASN1_DER_OVERFLOW),
+
+	ERROR_ENTRY(N_
+		    ("Too many empty record packets have been received."),
+		    GNUTLS_E_TOO_MANY_EMPTY_PACKETS),
+	ERROR_ENTRY(N_("Too many handshake packets have been received."),
+		    GNUTLS_E_TOO_MANY_HANDSHAKE_PACKETS),
+	ERROR_ENTRY(N_("More than a single object matches the criteria."),
+		    GNUTLS_E_TOO_MANY_MATCHES),
+	ERROR_ENTRY(N_("The crypto library version is too old."),
+		    GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY),
+
+	ERROR_ENTRY(N_("The tasn1 library version is too old."),
+		    GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY),
+	ERROR_ENTRY(N_("The OpenPGP User ID is revoked."),
+		    GNUTLS_E_OPENPGP_UID_REVOKED),
+	ERROR_ENTRY(N_("The OpenPGP key has not a preferred key set."),
+		    GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR),
+	ERROR_ENTRY(N_("Error loading the keyring."),
+		    GNUTLS_E_OPENPGP_KEYRING_ERROR),
+	ERROR_ENTRY(N_("The initialization of crypto backend has failed."),
+		    GNUTLS_E_CRYPTO_INIT_FAILED),
+	ERROR_ENTRY(N_
+		    ("No supported compression algorithms have been found."),
+		    GNUTLS_E_NO_COMPRESSION_ALGORITHMS),
+	ERROR_ENTRY(N_("No supported cipher suites have been found."),
+		    GNUTLS_E_NO_CIPHER_SUITES),
+	ERROR_ENTRY(N_("Could not get OpenPGP key."),
+		    GNUTLS_E_OPENPGP_GETKEY_FAILED),
+	ERROR_ENTRY(N_("Could not find OpenPGP subkey."),
+		    GNUTLS_E_OPENPGP_SUBKEY_ERROR),
+	ERROR_ENTRY(N_("Safe renegotiation failed."),
+		    GNUTLS_E_SAFE_RENEGOTIATION_FAILED),
+	ERROR_ENTRY(N_("Unsafe renegotiation denied."),
+		    GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED),
+
+	ERROR_ENTRY(N_("The SRP username supplied is illegal."),
+		    GNUTLS_E_ILLEGAL_SRP_USERNAME),
+	ERROR_ENTRY(N_("The username supplied is unknown."),
+		    GNUTLS_E_UNKNOWN_SRP_USERNAME),
+
+	ERROR_ENTRY(N_("The OpenPGP fingerprint is not supported."),
+		    GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED),
+	ERROR_ENTRY(N_("The signature algorithm is not supported."),
+		    GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM),
+	ERROR_ENTRY(N_("The certificate has unsupported attributes."),
+		    GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE),
+	ERROR_ENTRY(N_("The OID is not supported."),
+		    GNUTLS_E_X509_UNSUPPORTED_OID),
+	ERROR_ENTRY(N_("The hash algorithm is unknown."),
+		    GNUTLS_E_UNKNOWN_HASH_ALGORITHM),
+	ERROR_ENTRY(N_("The PKCS structure's content type is unknown."),
+		    GNUTLS_E_UNKNOWN_PKCS_CONTENT_TYPE),
+	ERROR_ENTRY(N_("The PKCS structure's bag type is unknown."),
+		    GNUTLS_E_UNKNOWN_PKCS_BAG_TYPE),
+	ERROR_ENTRY(N_("The given password contains invalid characters."),
+		    GNUTLS_E_INVALID_PASSWORD),
+	ERROR_ENTRY(N_("The given string contains invalid UTF-8 characters."),
+		    GNUTLS_E_INVALID_UTF8_STRING),
+	ERROR_ENTRY(N_("The given email string contains non-ASCII characters before '@'."),
+		    GNUTLS_E_INVALID_UTF8_EMAIL),
+	ERROR_ENTRY(N_("The given password contains invalid characters."),
+		    GNUTLS_E_INVALID_PASSWORD_STRING),
+	ERROR_ENTRY(N_
+		    ("The Message Authentication Code verification failed."),
+		    GNUTLS_E_MAC_VERIFY_FAILED),
+	ERROR_ENTRY(N_("Some constraint limits were reached."),
+		    GNUTLS_E_CONSTRAINT_ERROR),
+	ERROR_ENTRY(N_("Failed to acquire random data."),
+		    GNUTLS_E_RANDOM_FAILED),
+	ERROR_ENTRY(N_("Verifying TLS/IA phase checksum failed"),
+		    GNUTLS_E_IA_VERIFY_FAILED),
+
+	ERROR_ENTRY(N_("The specified algorithm or protocol is unknown."),
+		    GNUTLS_E_UNKNOWN_ALGORITHM),
+
+	ERROR_ENTRY(N_("The handshake data size is too large."),
+		    GNUTLS_E_HANDSHAKE_TOO_LARGE),
+
+	ERROR_ENTRY(N_("Error opening /dev/crypto"),
+		    GNUTLS_E_CRYPTODEV_DEVICE_ERROR),
+
+	ERROR_ENTRY(N_("Error interfacing with /dev/crypto"),
+		    GNUTLS_E_CRYPTODEV_IOCTL_ERROR),
+	ERROR_ENTRY(N_("Peer has terminated the connection"),
+		    GNUTLS_E_SESSION_EOF),
+	ERROR_ENTRY(N_("Channel binding data not available"),
+		    GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE),
+
+	ERROR_ENTRY(N_("TPM error."),
+		    GNUTLS_E_TPM_ERROR),
+	ERROR_ENTRY(N_("The TPM library (trousers) cannot be found."),
+		    GNUTLS_E_TPM_NO_LIB),
+	ERROR_ENTRY(N_("TPM is not initialized."),
+		    GNUTLS_E_TPM_UNINITIALIZED),
+	ERROR_ENTRY(N_("TPM key was not found in persistent storage."),
+		    GNUTLS_E_TPM_KEY_NOT_FOUND),
+	ERROR_ENTRY(N_("Cannot initialize a session with the TPM."),
+		    GNUTLS_E_TPM_SESSION_ERROR),
+	ERROR_ENTRY(N_("PKCS #11 error."),
+		    GNUTLS_E_PKCS11_ERROR),
+	ERROR_ENTRY(N_("PKCS #11 initialization error."),
+		    GNUTLS_E_PKCS11_LOAD_ERROR),
+	ERROR_ENTRY(N_("Error in parsing."),
+		    GNUTLS_E_PARSING_ERROR),
+	ERROR_ENTRY(N_("Error in provided PIN."),
+		    GNUTLS_E_PKCS11_PIN_ERROR),
+	ERROR_ENTRY(N_("Error in provided SRK password for TPM."),
+		    GNUTLS_E_TPM_SRK_PASSWORD_ERROR),
+	ERROR_ENTRY(N_
+		    ("Error in provided password for key to be loaded in TPM."),
+		    GNUTLS_E_TPM_KEY_PASSWORD_ERROR),
+	ERROR_ENTRY(N_("PKCS #11 error in slot"),
+		    GNUTLS_E_PKCS11_SLOT_ERROR),
+	ERROR_ENTRY(N_("Thread locking error"),
+		    GNUTLS_E_LOCKING_ERROR),
+	ERROR_ENTRY(N_("PKCS #11 error in attribute"),
+		    GNUTLS_E_PKCS11_ATTRIBUTE_ERROR),
+	ERROR_ENTRY(N_("PKCS #11 error in device"),
+		    GNUTLS_E_PKCS11_DEVICE_ERROR),
+	ERROR_ENTRY(N_("PKCS #11 error in data"),
+		    GNUTLS_E_PKCS11_DATA_ERROR),
+	ERROR_ENTRY(N_("PKCS #11 unsupported feature"),
+		    GNUTLS_E_PKCS11_UNSUPPORTED_FEATURE_ERROR),
+	ERROR_ENTRY(N_("PKCS #11 error in key"),
+		    GNUTLS_E_PKCS11_KEY_ERROR),
+	ERROR_ENTRY(N_("PKCS #11 PIN expired"),
+		    GNUTLS_E_PKCS11_PIN_EXPIRED),
+	ERROR_ENTRY(N_("PKCS #11 PIN locked"),
+		    GNUTLS_E_PKCS11_PIN_LOCKED),
+	ERROR_ENTRY(N_("PKCS #11 error in session"),
+		    GNUTLS_E_PKCS11_SESSION_ERROR),
+	ERROR_ENTRY(N_("PKCS #11 error in signature"),
+		    GNUTLS_E_PKCS11_SIGNATURE_ERROR),
+	ERROR_ENTRY(N_("PKCS #11 error in token"),
+		    GNUTLS_E_PKCS11_TOKEN_ERROR),
+	ERROR_ENTRY(N_("PKCS #11 user error"),
+		    GNUTLS_E_PKCS11_USER_ERROR),
+	ERROR_ENTRY(N_("The operation timed out"),
+		    GNUTLS_E_TIMEDOUT),
+	ERROR_ENTRY(N_("The operation was cancelled due to user error"),
+		    GNUTLS_E_USER_ERROR),
+	ERROR_ENTRY(N_("No supported ECC curves were found"),
+		    GNUTLS_E_ECC_NO_SUPPORTED_CURVES),
+	ERROR_ENTRY(N_("The curve is unsupported"),
+		    GNUTLS_E_ECC_UNSUPPORTED_CURVE),
+	ERROR_ENTRY(N_("The requested PKCS #11 object is not available"),
+		    GNUTLS_E_PKCS11_REQUESTED_OBJECT_NOT_AVAILBLE),
+	ERROR_ENTRY(N_
+		    ("The provided X.509 certificate list is not sorted (in subject to issuer order)"),
+		    GNUTLS_E_CERTIFICATE_LIST_UNSORTED),
+	ERROR_ENTRY(N_("The OCSP response is invalid"),
+		    GNUTLS_E_OCSP_RESPONSE_ERROR),
+	ERROR_ENTRY(N_("The OCSP response provided doesn't match the available certificates"),
+		    GNUTLS_E_OCSP_MISMATCH_WITH_CERTS),
+	ERROR_ENTRY(N_("There is no certificate status (OCSP)."),
+		    GNUTLS_E_NO_CERTIFICATE_STATUS),
+	ERROR_ENTRY(N_("Error in the system's randomness device."),
+		    GNUTLS_E_RANDOM_DEVICE_ERROR),
+	ERROR_ENTRY(N_
+		    ("No common application protocol could be negotiated."),
+		    GNUTLS_E_NO_APPLICATION_PROTOCOL),
+	ERROR_ENTRY(N_("Error while performing self checks."),
+		    GNUTLS_E_SELF_TEST_ERROR),
+	ERROR_ENTRY(N_("There is no self test for this algorithm."),
+		    GNUTLS_E_NO_SELF_TEST),
+	ERROR_ENTRY(N_("An error has been detected in the library and cannot continue operations."),
+		    GNUTLS_E_LIB_IN_ERROR_STATE),
+	ERROR_ENTRY(N_("Error in sockets initialization."),
+		    GNUTLS_E_SOCKETS_INIT_ERROR),
+	ERROR_ENTRY(N_("Error in public key generation."),
+		    GNUTLS_E_PK_GENERATION_ERROR),
+	ERROR_ENTRY(N_("Invalid TLS extensions length field."),
+		    GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH),
+	ERROR_ENTRY(N_("Peer's certificate or username has changed during a rehandshake."),
+		    GNUTLS_E_SESSION_USER_ID_CHANGED),
+	ERROR_ENTRY(N_("The provided string has an embedded null."),
+		    GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING),
+	ERROR_ENTRY(N_("Attempted handshake during false start."),
+		    GNUTLS_E_HANDSHAKE_DURING_FALSE_START),
+	ERROR_ENTRY(N_("The SNI host name not recognised."),
+		    GNUTLS_E_UNRECOGNIZED_NAME),
+	ERROR_ENTRY(N_("There was an issue converting to or from UTF8."),
+		    GNUTLS_E_IDNA_ERROR),
+	ERROR_ENTRY(N_("Cannot perform this action while handshake is in progress."),
+		    GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE),
+	ERROR_ENTRY(N_("The public key is invalid."),
+		    GNUTLS_E_PK_INVALID_PUBKEY),
+	ERROR_ENTRY(N_("There are no validation parameters present."),
+		    GNUTLS_E_PK_NO_VALIDATION_PARAMS),
+	ERROR_ENTRY(N_("The public key parameters are invalid."),
+		    GNUTLS_E_PK_INVALID_PUBKEY_PARAMS),
+	ERROR_ENTRY(N_("The private key is invalid."),
+		    GNUTLS_E_PK_INVALID_PRIVKEY),
+	ERROR_ENTRY(N_("The DER time encoding is invalid."),
+		    GNUTLS_E_ASN1_TIME_ERROR),
+	ERROR_ENTRY(N_("The signature is incompatible with the public key."),
+		    GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY),
+	ERROR_ENTRY(N_("One of the involved algorithms has insufficient security level."),
+		    GNUTLS_E_INSUFFICIENT_SECURITY),
+	ERROR_ENTRY(N_("No common key share with peer."),
+		    GNUTLS_E_NO_COMMON_KEY_SHARE),
+	ERROR_ENTRY(N_("The early data were rejected."),
+		    GNUTLS_E_EARLY_DATA_REJECTED),
+	{NULL, NULL, 0}
+};
+
+static const gnutls_error_entry non_fatal_error_entries[] = {
+	ERROR_ENTRY(N_("Success."), GNUTLS_E_SUCCESS),
+	ERROR_ENTRY(N_("A TLS warning alert has been received."),
+		    GNUTLS_E_WARNING_ALERT_RECEIVED),
+	ERROR_ENTRY(N_("A heartbeat pong message was received."),
+		    GNUTLS_E_HEARTBEAT_PONG_RECEIVED),
+	ERROR_ENTRY(N_("A heartbeat ping message was received."),
+		    GNUTLS_E_HEARTBEAT_PING_RECEIVED),
+	ERROR_ENTRY(N_("Resource temporarily unavailable, try again."),
+		    GNUTLS_E_AGAIN),
+	ERROR_ENTRY(N_("The transmitted packet is too large (EMSGSIZE)."),
+		    GNUTLS_E_LARGE_PACKET),
+	ERROR_ENTRY(N_("Function was interrupted."), GNUTLS_E_INTERRUPTED),
+	ERROR_ENTRY(N_("Rehandshake was requested by the peer."),
+		    GNUTLS_E_REHANDSHAKE),
+	ERROR_ENTRY(N_("Re-authentication was requested by the peer."),
+		    GNUTLS_E_REAUTH_REQUEST),
+	/* Only non fatal (for handshake) errors here */
+	{NULL, NULL, 0}
+};
+
+/**
+ * gnutls_error_is_fatal:
+ * @error: is a GnuTLS error code, a negative error code
+ *
+ * If a GnuTLS function returns a negative error code you may feed that
+ * value to this function to see if the error condition is fatal to
+ * a TLS session (i.e., must be terminated).
+ *
+ * Note that you may also want to check the error code manually, since some
+ * non-fatal errors to the protocol (such as a warning alert or
+ * a rehandshake request) may be fatal for your program.
+ *
+ * This function is only useful if you are dealing with errors from
+ * functions that relate to a TLS session (e.g., record layer or handshake
+ * layer handling functions).
+ *
+ * Returns: Non-zero value on fatal errors or zero on non-fatal.
+ **/
+int gnutls_error_is_fatal(int error)
+{
+	int ret = 1;
+	const gnutls_error_entry *p;
+
+	/* Input sanitzation.  Positive values are not errors at all, and
+	   definitely not fatal. */
+	if (error > 0)
+		return 0;
+
+	for (p = non_fatal_error_entries; p->desc != NULL; p++) {
+		if (p->number == error) {
+			ret = 0;
+			break;
+		}
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_perror:
+ * @error: is a GnuTLS error code, a negative error code
+ *
+ * This function is like perror(). The only difference is that it
+ * accepts an error number returned by a gnutls function.
+ **/
+void gnutls_perror(int error)
+{
+	fprintf(stderr, "GnuTLS error: %s\n", gnutls_strerror(error));
+}
+
+
+/**
+ * gnutls_strerror:
+ * @error: is a GnuTLS error code, a negative error code
+ *
+ * This function is similar to strerror.  The difference is that it
+ * accepts an error number returned by a gnutls function; In case of
+ * an unknown error a descriptive string is sent instead of %NULL.
+ *
+ * Error codes are always a negative error code.
+ *
+ * Returns: A string explaining the GnuTLS error message.
+ **/
+const char *gnutls_strerror(int error)
+{
+	const char *ret = NULL;
+	const gnutls_error_entry *p;
+
+	for (p = error_entries; p->desc != NULL; p++) {
+		if (p->number == error) {
+			ret = p->desc;
+			break;
+		}
+	}
+
+	if (ret == NULL) {
+		for (p = non_fatal_error_entries; p->desc != NULL; p++) {
+			if (p->number == error) {
+				ret = p->desc;
+				break;
+			}
+		}
+	}
+
+	/* avoid prefix */
+	if (ret == NULL)
+		return _("(unknown error code)");
+
+	return _(ret);
+}
+
+/**
+ * gnutls_strerror_name:
+ * @error: is an error returned by a gnutls function.
+ *
+ * Return the GnuTLS error code define as a string.  For example,
+ * gnutls_strerror_name (GNUTLS_E_DH_PRIME_UNACCEPTABLE) will return
+ * the string "GNUTLS_E_DH_PRIME_UNACCEPTABLE".
+ *
+ * Returns: A string corresponding to the symbol name of the error
+ * code.
+ *
+ * Since: 2.6.0
+ **/
+const char *gnutls_strerror_name(int error)
+{
+	const char *ret = NULL;
+	const gnutls_error_entry *p;
+
+	for (p = error_entries; p->desc != NULL; p++) {
+		if (p->number == error) {
+			ret = p->_name;
+			break;
+		}
+	}
+
+	if (ret == NULL) {
+		for (p = non_fatal_error_entries; p->desc != NULL; p++) {
+			if (p->number == error) {
+				ret = p->_name;
+				break;
+			}
+		}
+	}
+
+	return ret;
+}
+
+void _gnutls_mpi_log(const char *prefix, bigint_t a)
+{
+	size_t binlen = 0;
+	void *binbuf;
+	size_t hexlen;
+	char *hexbuf;
+	int res;
+
+	if (_gnutls_log_level < 2)
+		return;
+
+	res = _gnutls_mpi_print(a, NULL, &binlen);
+	if (res < 0 && res != GNUTLS_E_SHORT_MEMORY_BUFFER) {
+		gnutls_assert();
+		_gnutls_hard_log("MPI: %s can't print value (%d/%d)\n",
+				 prefix, res, (int) binlen);
+		return;
+	}
+
+	if (binlen > 1024 * 1024) {
+		gnutls_assert();
+		_gnutls_hard_log("MPI: %s too large mpi (%d)\n", prefix,
+				 (int) binlen);
+		return;
+	}
+
+	binbuf = gnutls_malloc(binlen);
+	if (!binbuf) {
+		gnutls_assert();
+		_gnutls_hard_log("MPI: %s out of memory (%d)\n", prefix,
+				 (int) binlen);
+		return;
+	}
+
+	res = _gnutls_mpi_print(a, binbuf, &binlen);
+	if (res != 0) {
+		gnutls_assert();
+		_gnutls_hard_log("MPI: %s can't print value (%d/%d)\n",
+				 prefix, res, (int) binlen);
+		gnutls_free(binbuf);
+		return;
+	}
+
+	hexlen = 2 * binlen + 1;
+	hexbuf = gnutls_malloc(hexlen);
+
+	if (!hexbuf) {
+		gnutls_assert();
+		_gnutls_hard_log("MPI: %s out of memory (hex %d)\n",
+				 prefix, (int) hexlen);
+		gnutls_free(binbuf);
+		return;
+	}
+
+	_gnutls_bin2hex(binbuf, binlen, hexbuf, hexlen, NULL);
+
+	_gnutls_hard_log("MPI: length: %d\n\t%s%s\n", (int) binlen, prefix,
+			 hexbuf);
+
+	gnutls_free(hexbuf);
+	gnutls_free(binbuf);
+}
+
+/* this function will output a message using the
+ * caller provided function
+ */
+void _gnutls_log(int level, const char *fmt, ...)
+{
+	va_list args;
+	char *str;
+	int ret;
+
+	if (_gnutls_log_func == NULL)
+		return;
+
+	va_start(args, fmt);
+	ret = vasprintf(&str, fmt, args);
+	va_end(args);
+
+	if (ret >= 0) {
+		_gnutls_log_func(level, str);
+		free(str);
+	}
+}
+
+void _gnutls_audit_log(gnutls_session_t session, const char *fmt, ...)
+{
+	va_list args;
+	char *str;
+	int ret;
+
+	if (_gnutls_audit_log_func == NULL && _gnutls_log_func == NULL)
+		return;
+
+	va_start(args, fmt);
+	ret = vasprintf(&str, fmt, args);
+	va_end(args);
+
+	if (ret >= 0) {
+		if (_gnutls_audit_log_func)
+			_gnutls_audit_log_func(session, str);
+		else
+			_gnutls_log_func(1, str);
+		free(str);
+	}
+}
+
+#ifndef DEBUG
+#ifndef C99_MACROS
+
+/* Without C99 macros these functions have to
+ * be called. This may affect performance.
+ */
+void _gnutls_null_log(void *x, ...)
+{
+	return;
+}
+
+#endif				/* C99_MACROS */
+#endif				/* DEBUG */
diff --git a/lib/errors.h b/lib/errors.h
new file mode 100644
index 0000000..86c6b02
--- /dev/null
+++ b/lib/errors.h
@@ -0,0 +1,186 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_ERRORS_H
+#define GNUTLS_LIB_ERRORS_H
+
+#include "gnutls_int.h"
+#include <global.h>
+#include <mpi.h>
+#include <gnutls/x509.h>
+
+#ifdef __FILE__
+#ifdef __LINE__
+#define gnutls_assert() _gnutls_assert_log( "ASSERT: %s[%s]:%d\n", __FILE__,__func__,__LINE__);
+#else
+#define gnutls_assert()
+#endif
+#else				/* __FILE__ not defined */
+#define gnutls_assert()
+#endif
+
+inline static int _gnutls_asn2err(int asn_err) __GNUTLS_CONST__;
+
+inline static int _gnutls_asn2err(int asn_err)
+{
+	switch (asn_err) {
+#ifdef ASN1_TIME_ENCODING_ERROR
+	case ASN1_TIME_ENCODING_ERROR:
+		return GNUTLS_E_ASN1_TIME_ERROR;
+#endif
+	case ASN1_FILE_NOT_FOUND:
+		return GNUTLS_E_FILE_ERROR;
+	case ASN1_ELEMENT_NOT_FOUND:
+		return GNUTLS_E_ASN1_ELEMENT_NOT_FOUND;
+	case ASN1_IDENTIFIER_NOT_FOUND:
+		return GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND;
+	case ASN1_DER_ERROR:
+		return GNUTLS_E_ASN1_DER_ERROR;
+	case ASN1_VALUE_NOT_FOUND:
+		return GNUTLS_E_ASN1_VALUE_NOT_FOUND;
+	case ASN1_GENERIC_ERROR:
+		return GNUTLS_E_ASN1_GENERIC_ERROR;
+	case ASN1_VALUE_NOT_VALID:
+		return GNUTLS_E_ASN1_VALUE_NOT_VALID;
+	case ASN1_TAG_ERROR:
+		return GNUTLS_E_ASN1_TAG_ERROR;
+	case ASN1_TAG_IMPLICIT:
+		return GNUTLS_E_ASN1_TAG_IMPLICIT;
+	case ASN1_ERROR_TYPE_ANY:
+		return GNUTLS_E_ASN1_TYPE_ANY_ERROR;
+	case ASN1_SYNTAX_ERROR:
+		return GNUTLS_E_ASN1_SYNTAX_ERROR;
+	case ASN1_MEM_ERROR:
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	case ASN1_MEM_ALLOC_ERROR:
+		return GNUTLS_E_MEMORY_ERROR;
+	case ASN1_DER_OVERFLOW:
+		return GNUTLS_E_ASN1_DER_OVERFLOW;
+	default:
+		return GNUTLS_E_ASN1_GENERIC_ERROR;
+	}
+}
+
+void _gnutls_log(int, const char *fmt, ...)
+#ifdef __GNUC__
+    __attribute__ ((format(printf, 2, 3)));
+#else
+;
+#endif
+
+void _gnutls_audit_log(gnutls_session_t, const char *fmt, ...)
+#ifdef __GNUC__
+    __attribute__ ((format(printf, 2, 3)));
+#else
+;
+#endif
+
+void _gnutls_mpi_log(const char *prefix, bigint_t a);
+
+#define _gnutls_cert_log(str, cert) \
+	do { \
+		if (unlikely(_gnutls_log_level >= 3)) { \
+			gnutls_datum_t _cl_out; int _cl_ret; \
+			_cl_ret = gnutls_x509_crt_print(cert, GNUTLS_CRT_PRINT_ONELINE, &_cl_out); \
+			if (_cl_ret >= 0) { \
+				_gnutls_log( 3, "%s: %s\n", str, _cl_out.data); \
+				gnutls_free(_cl_out.data); \
+	                } \
+		} \
+        } while(0)
+
+#define _gnutls_dn_log(str, dn) \
+	do { \
+		if (unlikely(_gnutls_log_level >= 3)) { \
+			gnutls_datum_t _cl_out; int _cl_ret; \
+			_cl_ret = gnutls_x509_rdn_get2((dn), &_cl_out, 0); \
+			if (_cl_ret >= 0) { \
+				_gnutls_log( 3, "%s: %s\n", str, _cl_out.data); \
+				gnutls_free(_cl_out.data); \
+	                } \
+		} \
+        } while(0)
+
+#define _gnutls_reason_log(str, status) \
+	do { \
+		if (unlikely(_gnutls_log_level >= 3)) { \
+			gnutls_datum_t _cl_out; int _cl_ret; \
+			_cl_ret = gnutls_certificate_verification_status_print(status, GNUTLS_CRT_X509, &_cl_out, 0); \
+			if (_cl_ret >= 0) { \
+				_gnutls_log( 3, "%s: %s\n", str, _cl_out.data); \
+				gnutls_free(_cl_out.data); \
+	                } \
+		} \
+         } while(0)
+
+#ifdef C99_MACROS
+#define LEVEL(l, ...) do { if (unlikely(_gnutls_log_level >= l)) \
+      _gnutls_log( l, __VA_ARGS__); } while(0)
+
+#define _gnutls_debug_log(...) LEVEL(2, __VA_ARGS__)
+#define _gnutls_assert_log(...) LEVEL(3, __VA_ARGS__)
+#define _gnutls_handshake_log(...) LEVEL(4, __VA_ARGS__)
+#define _gnutls_record_log(...) LEVEL(5, __VA_ARGS__)
+#define _gnutls_dtls_log(...) LEVEL(6, __VA_ARGS__)
+
+#define _gnutls_hard_log(...) LEVEL(9, __VA_ARGS__)
+
+#define _gnutls_read_log(...) LEVEL(10, __VA_ARGS__)
+#define _gnutls_write_log(...) LEVEL(11, __VA_ARGS__)
+#define _gnutls_io_log(...) LEVEL(12, __VA_ARGS__)
+#define _gnutls_buffers_log(...) LEVEL(13, __VA_ARGS__)
+#define _gnutls_no_log(...) LEVEL(INT_MAX, __VA_ARGS__)
+#else
+#define _gnutls_debug_log _gnutls_null_log
+#define _gnutls_assert_log _gnutls_null_log
+#define _gnutls_handshake_log _gnutls_null_log
+#define _gnutls_io_log _gnutls_null_log
+#define _gnutls_buffers_log _gnutls_null_log
+#define _gnutls_hard_log _gnutls_null_log
+#define _gnutls_record_log _gnutls_null_log
+#define _gnutls_dtls_log _gnutls_null_log
+#define _gnutls_read_log _gnutls_null_log
+#define _gnutls_write_log _gnutls_null_log
+#define _gnutls_no_log _gnutle_null_log
+
+void _gnutls_null_log(void *, ...);
+
+#endif				/* C99_MACROS */
+
+/* GCC won't inline this by itself and results in a "fatal warning"
+   otherwise. Making this a macro has been tried, but it interacts
+   badly with the do..while in the expansion. Welcome to the dark
+   side. */
+static inline
+#ifdef __GNUC__
+    __attribute__ ((always_inline))
+#endif
+int gnutls_assert_val_int(int val, const char *file, const char *func, int line)
+{
+	_gnutls_assert_log( "ASSERT: %s[%s]:%d\n", file,func,line);
+	return val;
+}
+
+#define gnutls_assert_val(x) gnutls_assert_val_int(x, __FILE__, __func__, __LINE__)
+#define gnutls_assert_val_fatal(x) (((x)!=GNUTLS_E_AGAIN && (x)!=GNUTLS_E_INTERRUPTED)?gnutls_assert_val_int(x, __FILE__, __func__, __LINE__):(x))
+
+#endif /* GNUTLS_LIB_ERRORS_H */
diff --git a/lib/ext/Makefile.am b/lib/ext/Makefile.am
new file mode 100644
index 0000000..81efdbc
--- /dev/null
+++ b/lib/ext/Makefile.am
@@ -0,0 +1,63 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2002-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+include $(top_srcdir)/lib/common.mk
+
+AM_CPPFLAGS = \
+	-I$(srcdir)/../../gl		\
+	-I$(builddir)/../../gl		\
+	-I$(srcdir)/../includes		\
+	-I$(builddir)/../includes	\
+	-I$(builddir)/../../gl          \
+	-I$(srcdir)/..
+
+if ENABLE_MINITASN1
+AM_CPPFLAGS += -I$(srcdir)/../minitasn1
+endif
+
+noinst_LTLIBRARIES = libgnutls_ext.la
+
+libgnutls_ext_la_SOURCES = max_record.c \
+	server_name.c signature.c safe_renegotiation.c \
+	max_record.h server_name.h srp.h \
+	session_ticket.h signature.h safe_renegotiation.h \
+	session_ticket.c srp.c heartbeat.c heartbeat.h \
+	status_request.h status_request.c dumbfw.c dumbfw.h \
+	ext_master_secret.c ext_master_secret.h etm.h etm.c \
+	supported_versions.c supported_versions.h \
+	post_handshake.c post_handshake.h key_share.c key_share.h \
+	cookie.c cookie.h \
+	psk_ke_modes.c psk_ke_modes.h pre_shared_key.c pre_shared_key.h \
+	supported_groups.c supported_groups.h \
+	ec_point_formats.c ec_point_formats.h \
+	early_data.c early_data.h \
+	record_size_limit.c record_size_limit.h \
+	client_cert_type.c client_cert_type.h \
+	server_cert_type.c server_cert_type.h \
+	cert_types.h \
+	compress_certificate.c compress_certificate.h
+
+if ENABLE_ALPN
+libgnutls_ext_la_SOURCES += alpn.c alpn.h
+endif
+
+if ENABLE_DTLS_SRTP
+libgnutls_ext_la_SOURCES += srtp.c srtp.h
+endif
diff --git a/lib/ext/Makefile.in b/lib/ext/Makefile.in
new file mode 100644
index 0000000..47c4abc
--- /dev/null
+++ b/lib/ext/Makefile.in
@@ -0,0 +1,2517 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2002-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@ENABLE_MINITASN1_TRUE@am__append_1 = -I$(srcdir)/../minitasn1
+@ENABLE_ALPN_TRUE@am__append_2 = alpn.c alpn.h
+@ENABLE_DTLS_SRTP_TRUE@am__append_3 = srtp.c srtp.h
+subdir = lib/ext
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+LTLIBRARIES = $(noinst_LTLIBRARIES)
+libgnutls_ext_la_LIBADD =
+am__libgnutls_ext_la_SOURCES_DIST = max_record.c server_name.c \
+	signature.c safe_renegotiation.c max_record.h server_name.h \
+	srp.h session_ticket.h signature.h safe_renegotiation.h \
+	session_ticket.c srp.c heartbeat.c heartbeat.h \
+	status_request.h status_request.c dumbfw.c dumbfw.h \
+	ext_master_secret.c ext_master_secret.h etm.h etm.c \
+	supported_versions.c supported_versions.h post_handshake.c \
+	post_handshake.h key_share.c key_share.h cookie.c cookie.h \
+	psk_ke_modes.c psk_ke_modes.h pre_shared_key.c \
+	pre_shared_key.h supported_groups.c supported_groups.h \
+	ec_point_formats.c ec_point_formats.h early_data.c \
+	early_data.h record_size_limit.c record_size_limit.h \
+	client_cert_type.c client_cert_type.h server_cert_type.c \
+	server_cert_type.h cert_types.h compress_certificate.c \
+	compress_certificate.h alpn.c alpn.h srtp.c srtp.h
+@ENABLE_ALPN_TRUE@am__objects_1 = alpn.lo
+@ENABLE_DTLS_SRTP_TRUE@am__objects_2 = srtp.lo
+am_libgnutls_ext_la_OBJECTS = max_record.lo server_name.lo \
+	signature.lo safe_renegotiation.lo session_ticket.lo srp.lo \
+	heartbeat.lo status_request.lo dumbfw.lo ext_master_secret.lo \
+	etm.lo supported_versions.lo post_handshake.lo key_share.lo \
+	cookie.lo psk_ke_modes.lo pre_shared_key.lo \
+	supported_groups.lo ec_point_formats.lo early_data.lo \
+	record_size_limit.lo client_cert_type.lo server_cert_type.lo \
+	compress_certificate.lo $(am__objects_1) $(am__objects_2)
+libgnutls_ext_la_OBJECTS = $(am_libgnutls_ext_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/alpn.Plo \
+	./$(DEPDIR)/client_cert_type.Plo \
+	./$(DEPDIR)/compress_certificate.Plo ./$(DEPDIR)/cookie.Plo \
+	./$(DEPDIR)/dumbfw.Plo ./$(DEPDIR)/early_data.Plo \
+	./$(DEPDIR)/ec_point_formats.Plo ./$(DEPDIR)/etm.Plo \
+	./$(DEPDIR)/ext_master_secret.Plo ./$(DEPDIR)/heartbeat.Plo \
+	./$(DEPDIR)/key_share.Plo ./$(DEPDIR)/max_record.Plo \
+	./$(DEPDIR)/post_handshake.Plo ./$(DEPDIR)/pre_shared_key.Plo \
+	./$(DEPDIR)/psk_ke_modes.Plo ./$(DEPDIR)/record_size_limit.Plo \
+	./$(DEPDIR)/safe_renegotiation.Plo \
+	./$(DEPDIR)/server_cert_type.Plo ./$(DEPDIR)/server_name.Plo \
+	./$(DEPDIR)/session_ticket.Plo ./$(DEPDIR)/signature.Plo \
+	./$(DEPDIR)/srp.Plo ./$(DEPDIR)/srtp.Plo \
+	./$(DEPDIR)/status_request.Plo \
+	./$(DEPDIR)/supported_groups.Plo \
+	./$(DEPDIR)/supported_versions.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+SOURCES = $(libgnutls_ext_la_SOURCES)
+DIST_SOURCES = $(am__libgnutls_ext_la_SOURCES_DIST)
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in \
+	$(top_srcdir)/build-aux/depcomp $(top_srcdir)/lib/common.mk
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = @GPERF@
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+AM_CFLAGS = $(WERROR_CFLAGS) $(WSTACK_CFLAGS) $(WARN_CFLAGS) $(NETTLE_CFLAGS) \
+  $(LIBTASN1_CFLAGS) $(LIBIDN2_CFLAGS) $(P11_KIT_CFLAGS) $(LIBZSTD_CFLAGS) \
+  $(CODE_COVERAGE_CFLAGS)
+
+COMMON_LINK_FLAGS = $(CODE_COVERAGE_LDFLAGS)
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
+AM_CPPFLAGS = -I$(srcdir)/../../gl -I$(builddir)/../../gl \
+	-I$(srcdir)/../includes -I$(builddir)/../includes \
+	-I$(builddir)/../../gl -I$(srcdir)/.. $(am__append_1)
+noinst_LTLIBRARIES = libgnutls_ext.la
+libgnutls_ext_la_SOURCES = max_record.c server_name.c signature.c \
+	safe_renegotiation.c max_record.h server_name.h srp.h \
+	session_ticket.h signature.h safe_renegotiation.h \
+	session_ticket.c srp.c heartbeat.c heartbeat.h \
+	status_request.h status_request.c dumbfw.c dumbfw.h \
+	ext_master_secret.c ext_master_secret.h etm.h etm.c \
+	supported_versions.c supported_versions.h post_handshake.c \
+	post_handshake.h key_share.c key_share.h cookie.c cookie.h \
+	psk_ke_modes.c psk_ke_modes.h pre_shared_key.c \
+	pre_shared_key.h supported_groups.c supported_groups.h \
+	ec_point_formats.c ec_point_formats.h early_data.c \
+	early_data.h record_size_limit.c record_size_limit.h \
+	client_cert_type.c client_cert_type.h server_cert_type.c \
+	server_cert_type.h cert_types.h compress_certificate.c \
+	compress_certificate.h $(am__append_2) $(am__append_3)
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/lib/common.mk $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/ext/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign lib/ext/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+$(top_srcdir)/lib/common.mk $(am__empty):
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+	-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+	@list='$(noinst_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+
+libgnutls_ext.la: $(libgnutls_ext_la_OBJECTS) $(libgnutls_ext_la_DEPENDENCIES) $(EXTRA_libgnutls_ext_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(LINK)  $(libgnutls_ext_la_OBJECTS) $(libgnutls_ext_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alpn.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/client_cert_type.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/compress_certificate.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cookie.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dumbfw.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/early_data.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ec_point_formats.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/etm.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ext_master_secret.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/heartbeat.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/key_share.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/max_record.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/post_handshake.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pre_shared_key.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/psk_ke_modes.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/record_size_limit.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/safe_renegotiation.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/server_cert_type.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/server_name.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/session_ticket.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signature.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srp.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srtp.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/status_request.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/supported_groups.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/supported_versions.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	mostlyclean-am
+
+distclean: distclean-am
+		-rm -f ./$(DEPDIR)/alpn.Plo
+	-rm -f ./$(DEPDIR)/client_cert_type.Plo
+	-rm -f ./$(DEPDIR)/compress_certificate.Plo
+	-rm -f ./$(DEPDIR)/cookie.Plo
+	-rm -f ./$(DEPDIR)/dumbfw.Plo
+	-rm -f ./$(DEPDIR)/early_data.Plo
+	-rm -f ./$(DEPDIR)/ec_point_formats.Plo
+	-rm -f ./$(DEPDIR)/etm.Plo
+	-rm -f ./$(DEPDIR)/ext_master_secret.Plo
+	-rm -f ./$(DEPDIR)/heartbeat.Plo
+	-rm -f ./$(DEPDIR)/key_share.Plo
+	-rm -f ./$(DEPDIR)/max_record.Plo
+	-rm -f ./$(DEPDIR)/post_handshake.Plo
+	-rm -f ./$(DEPDIR)/pre_shared_key.Plo
+	-rm -f ./$(DEPDIR)/psk_ke_modes.Plo
+	-rm -f ./$(DEPDIR)/record_size_limit.Plo
+	-rm -f ./$(DEPDIR)/safe_renegotiation.Plo
+	-rm -f ./$(DEPDIR)/server_cert_type.Plo
+	-rm -f ./$(DEPDIR)/server_name.Plo
+	-rm -f ./$(DEPDIR)/session_ticket.Plo
+	-rm -f ./$(DEPDIR)/signature.Plo
+	-rm -f ./$(DEPDIR)/srp.Plo
+	-rm -f ./$(DEPDIR)/srtp.Plo
+	-rm -f ./$(DEPDIR)/status_request.Plo
+	-rm -f ./$(DEPDIR)/supported_groups.Plo
+	-rm -f ./$(DEPDIR)/supported_versions.Plo
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+		-rm -f ./$(DEPDIR)/alpn.Plo
+	-rm -f ./$(DEPDIR)/client_cert_type.Plo
+	-rm -f ./$(DEPDIR)/compress_certificate.Plo
+	-rm -f ./$(DEPDIR)/cookie.Plo
+	-rm -f ./$(DEPDIR)/dumbfw.Plo
+	-rm -f ./$(DEPDIR)/early_data.Plo
+	-rm -f ./$(DEPDIR)/ec_point_formats.Plo
+	-rm -f ./$(DEPDIR)/etm.Plo
+	-rm -f ./$(DEPDIR)/ext_master_secret.Plo
+	-rm -f ./$(DEPDIR)/heartbeat.Plo
+	-rm -f ./$(DEPDIR)/key_share.Plo
+	-rm -f ./$(DEPDIR)/max_record.Plo
+	-rm -f ./$(DEPDIR)/post_handshake.Plo
+	-rm -f ./$(DEPDIR)/pre_shared_key.Plo
+	-rm -f ./$(DEPDIR)/psk_ke_modes.Plo
+	-rm -f ./$(DEPDIR)/record_size_limit.Plo
+	-rm -f ./$(DEPDIR)/safe_renegotiation.Plo
+	-rm -f ./$(DEPDIR)/server_cert_type.Plo
+	-rm -f ./$(DEPDIR)/server_name.Plo
+	-rm -f ./$(DEPDIR)/session_ticket.Plo
+	-rm -f ./$(DEPDIR)/signature.Plo
+	-rm -f ./$(DEPDIR)/srp.Plo
+	-rm -f ./$(DEPDIR)/srtp.Plo
+	-rm -f ./$(DEPDIR)/status_request.Plo
+	-rm -f ./$(DEPDIR)/supported_groups.Plo
+	-rm -f ./$(DEPDIR)/supported_versions.Plo
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+	clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	cscopelist-am ctags ctags-am distclean distclean-compile \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man install-pdf \
+	install-pdf-am install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-am uninstall uninstall-am
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/lib/ext/alpn.c b/lib/ext/alpn.c
new file mode 100644
index 0000000..7cc7997
--- /dev/null
+++ b/lib/ext/alpn.c
@@ -0,0 +1,327 @@
+/*
+ * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ * Copyright (C) 2017 Red Hat, Inc.
+ * 
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "auth.h"
+#include "errors.h"
+#include "num.h"
+#include <ext/alpn.h>
+
+static int _gnutls_alpn_recv_params(gnutls_session_t session,
+				    const uint8_t * data,
+				    size_t data_size);
+static int _gnutls_alpn_send_params(gnutls_session_t session,
+				    gnutls_buffer_st * extdata);
+
+static void _gnutls_alpn_deinit_data(gnutls_ext_priv_data_t priv);
+
+
+const hello_ext_entry_st ext_mod_alpn = {
+	.name = "ALPN",
+	.tls_id = 16,
+	.gid = GNUTLS_EXTENSION_ALPN,
+	/* this extension must be parsed even on resumption */
+	.client_parse_point = GNUTLS_EXT_MANDATORY,
+	.server_parse_point = GNUTLS_EXT_MANDATORY,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS |
+		    GNUTLS_EXT_FLAG_CLIENT_HELLO | GNUTLS_EXT_FLAG_EE |
+		    GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
+	.recv_func = _gnutls_alpn_recv_params,
+	.send_func = _gnutls_alpn_send_params,
+	.deinit_func = _gnutls_alpn_deinit_data,
+	.cannot_be_overriden = 1
+};
+
+static int
+_gnutls_alpn_recv_params(gnutls_session_t session,
+			 const uint8_t * data, size_t data_size)
+{
+	unsigned int i;
+	int ret;
+	const uint8_t *p = data;
+	unsigned len1, len;
+	alpn_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+	int selected_protocol_index;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_ALPN,
+					 &epriv);
+	if (ret < 0)
+		return 0;
+
+	priv = epriv;
+
+	DECR_LENGTH_RET(data_size, 2, GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+	len = _gnutls_read_uint16(p);
+	p += 2;
+
+	if (len == 0 || len > (size_t)data_size)
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		selected_protocol_index = MAX_ALPN_PROTOCOLS+1;
+
+		while (data_size > 0) {
+			DECR_LENGTH_RET(data_size, 1, GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+			len1 = *p;
+			p += 1;
+			DECR_LENGTH_RET(data_size, len1, GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+			if (len1 == 0)
+				return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+			for (i = 0; i < priv->size; i++) {
+				if (priv->protocol_size[i] == len1
+				    && memcmp(p, priv->protocols[i],
+					      len1) == 0) {
+
+					if (priv->flags & GNUTLS_ALPN_SERVER_PRECEDENCE) {
+						if (selected_protocol_index > (int)i) {
+							selected_protocol_index = i;
+							priv->selected_protocol =
+							    priv->protocols[i];
+							priv->selected_protocol_size =
+							    priv->protocol_size[i];
+							break;
+						}
+					} else {
+						priv->selected_protocol =
+						    priv->protocols[i];
+						priv->selected_protocol_size =
+						    priv->protocol_size[i];
+						return 0;
+					}
+				}
+			}
+			p += len1;
+		}
+	} else {
+		DECR_LENGTH_RET(data_size, 1, GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+		len1 = *p;
+		p += 1;
+		DECR_LENGTH_RET(data_size, len1, GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+		for (i = 0; i < priv->size; i++) {
+			if (priv->protocol_size[i] == len1
+			    && memcmp(p, priv->protocols[i], len1) == 0) {
+				priv->selected_protocol =
+				    priv->protocols[i];
+				priv->selected_protocol_size =
+				    priv->protocol_size[i];
+				break;
+			}
+		}
+		/*p += len1;*/
+	}
+
+	if (priv->selected_protocol == NULL
+	    && (priv->flags & GNUTLS_ALPN_MAND))
+		return gnutls_assert_val(GNUTLS_E_NO_APPLICATION_PROTOCOL);
+
+	return 0;
+}
+
+static int
+_gnutls_alpn_send_params(gnutls_session_t session,
+			 gnutls_buffer_st * extdata)
+{
+	unsigned i;
+	int total_size = 0, ret;
+	alpn_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_ALPN,
+					 &epriv);
+	if (ret < 0)
+		return 0;
+
+	priv = epriv;
+
+	if (priv->size == 0)
+		return 0;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		if (priv->selected_protocol_size == 0)
+			return 0;
+
+		ret =
+		    _gnutls_buffer_append_prefix(extdata, 16,
+						 priv->
+						 selected_protocol_size +
+						 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		total_size += 2;
+
+		ret =
+		    _gnutls_buffer_append_data_prefix(extdata, 8,
+						      priv->
+						      selected_protocol,
+						      priv->
+						      selected_protocol_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		total_size += 1 + priv->selected_protocol_size;
+	} else {
+		int t = 0;
+		for (i = 0; i < priv->size; i++)
+			t += priv->protocol_size[i] + 1;
+
+		ret = _gnutls_buffer_append_prefix(extdata, 16, t);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		total_size += 2;
+
+		for (i = 0; i < priv->size; i++) {
+			ret =
+			    _gnutls_buffer_append_data_prefix(extdata, 8,
+							      priv->
+							      protocols[i],
+							      priv->
+							      protocol_size
+							      [i]);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			total_size += 1 + priv->protocol_size[i];
+		}
+	}
+
+	return total_size;
+}
+
+/**
+ * gnutls_alpn_get_selected_protocol:
+ * @session: is a #gnutls_session_t type.
+ * @protocol: will hold the protocol name
+ *
+ * This function allows you to get the negotiated protocol name. The
+ * returned protocol should be treated as opaque, constant value and
+ * only valid during the session life.
+ *
+ * The selected protocol is the first supported by the list sent
+ * by the client.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since 3.2.0
+ **/
+int
+gnutls_alpn_get_selected_protocol(gnutls_session_t session,
+				  gnutls_datum_t * protocol)
+{
+	alpn_ext_st *priv;
+	int ret;
+	gnutls_ext_priv_data_t epriv;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_ALPN,
+					 &epriv);
+	if (ret < 0) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	priv = epriv;
+
+	if (priv->selected_protocol_size == 0)
+		return
+		    gnutls_assert_val
+		    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	protocol->data = priv->selected_protocol;
+	protocol->size = priv->selected_protocol_size;
+
+	return 0;
+}
+
+/**
+ * gnutls_alpn_set_protocols:
+ * @session: is a #gnutls_session_t type.
+ * @protocols: is the protocol names to add.
+ * @protocols_size: the number of protocols to add.
+ * @flags: zero or a sequence of %gnutls_alpn_flags_t
+ *
+ * This function is to be used by both clients and servers, to declare
+ * the supported ALPN protocols, which are used during negotiation with peer.
+ *
+ * See %gnutls_alpn_flags_t description for the documentation of available
+ * flags.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since 3.2.0
+ **/
+int
+gnutls_alpn_set_protocols(gnutls_session_t session,
+			  const gnutls_datum_t * protocols,
+			  unsigned protocols_size, unsigned int flags)
+{
+	int ret;
+	alpn_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+	unsigned i;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_ALPN,
+					 &epriv);
+	if (ret < 0) {
+		priv = gnutls_calloc(1, sizeof(*priv));
+		if (priv == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+		epriv = priv;
+		_gnutls_hello_ext_set_priv(session,
+					     GNUTLS_EXTENSION_ALPN, epriv);
+	} else
+		priv = epriv;
+
+	if (protocols_size > MAX_ALPN_PROTOCOLS)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	for (i = 0; i < protocols_size; i++) {
+		if (protocols[i].size >= MAX_ALPN_PROTOCOL_NAME)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		memcpy(priv->protocols[i], protocols[i].data,
+		       protocols[i].size);
+		priv->protocol_size[i] = protocols[i].size;
+		priv->size++;
+	}
+	priv->flags = flags;
+
+	return 0;
+}
+
+
+static void _gnutls_alpn_deinit_data(gnutls_ext_priv_data_t priv)
+{
+	gnutls_free(priv);
+}
diff --git a/lib/ext/alpn.h b/lib/ext/alpn.h
new file mode 100644
index 0000000..0b32a32
--- /dev/null
+++ b/lib/ext/alpn.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_ALPN_H
+#define GNUTLS_LIB_EXT_ALPN_H
+
+#include <hello_ext.h>
+
+#define MAX_ALPN_PROTOCOLS 8
+#define MAX_ALPN_PROTOCOL_NAME 32
+
+typedef struct {
+	uint8_t protocols[MAX_ALPN_PROTOCOLS][MAX_ALPN_PROTOCOL_NAME];
+	unsigned protocol_size[MAX_ALPN_PROTOCOLS];
+	unsigned size;
+	uint8_t *selected_protocol;
+	unsigned selected_protocol_size;
+	unsigned flags;
+} alpn_ext_st;
+
+extern const hello_ext_entry_st ext_mod_alpn;
+
+#endif /* GNUTLS_LIB_EXT_ALPN_H */
diff --git a/lib/ext/cert_types.h b/lib/ext/cert_types.h
new file mode 100644
index 0000000..98dfdef
--- /dev/null
+++ b/lib/ext/cert_types.h
@@ -0,0 +1,88 @@
+/*
+ * Copyright (C) 2018 ARPA2 project
+ *
+ * Author: Tom Vrancken (dev@tomvrancken.nl)
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ * This file provides common functionality for certificate type
+ * handling during TLS hello extensions.
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_CERT_TYPES_H
+#define GNUTLS_LIB_EXT_CERT_TYPES_H
+
+/* Maps IANA TLS Certificate Types identifiers to internal
+ * certificate type representation.
+ */
+static inline gnutls_certificate_type_t IANA2cert_type(int num)
+{
+	switch (num) {
+		case 0:
+			return GNUTLS_CRT_X509;
+		case 2:
+			return GNUTLS_CRT_RAWPK;
+		default:
+			return GNUTLS_CRT_UNKNOWN;
+	}
+}
+
+/* Maps internal certificate type representation to
+ * IANA TLS Certificate Types identifiers.
+ */
+static inline int cert_type2IANA(gnutls_certificate_type_t cert_type)
+{
+	switch (cert_type) {
+		case GNUTLS_CRT_X509:
+			return 0;
+		case GNUTLS_CRT_RAWPK:
+			return 2;
+		default:
+			return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
+	}
+}
+
+/* Checks whether the given cert type is enabled in the application
+ */
+static inline bool is_cert_type_enabled(gnutls_session_t session, gnutls_certificate_type_t cert_type)
+{
+	switch(cert_type) {
+		case GNUTLS_CRT_X509:
+			// Default cert type, always enabled
+			return true;
+		case GNUTLS_CRT_RAWPK:
+			return session->internals.flags & GNUTLS_ENABLE_RAWPK;
+		default:
+			// When not explicitly supported here disable it
+			return false;
+	}
+}
+
+/* Checks whether alternative cert types (i.e. other than X.509)
+ * are enabled in the application
+ */
+static inline bool are_alternative_cert_types_allowed(gnutls_session_t session)
+{
+	// OR-ed list of defined cert type init flags
+	#define CERT_TYPES_FLAGS GNUTLS_ENABLE_RAWPK
+
+	return session->internals.flags & CERT_TYPES_FLAGS;
+
+	#undef CERT_TYPES_FLAGS
+}
+
+#endif /* GNUTLS_LIB_EXT_CERT_TYPES_H */
diff --git a/lib/ext/client_cert_type.c b/lib/ext/client_cert_type.c
new file mode 100644
index 0000000..261b56c
--- /dev/null
+++ b/lib/ext/client_cert_type.c
@@ -0,0 +1,393 @@
+/*
+ * Copyright (C) 2016 - 2018 ARPA2 project
+ *
+ * Author: Tom Vrancken (dev@tomvrancken.nl)
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ * This file is part of the client_certificate_type extension as
+ * defined in RFC7250 (https://tools.ietf.org/html/rfc7250).
+ *
+ * The client_certificate_type extension in the client hello indicates
+ * the certificate types the client is able to provide to the server,
+ * when requested using a certificate_request message.
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/gnutls.h>
+#include "ext/cert_types.h"
+#include "ext/client_cert_type.h"
+#include "hello_ext.h"
+#include "hello_ext_lib.h"
+#include "errors.h"
+#include "state.h"
+#include "datum.h"
+
+
+static int _gnutls_client_cert_type_recv_params(gnutls_session_t session,
+						const uint8_t* data,
+						size_t data_size);
+static int _gnutls_client_cert_type_send_params(gnutls_session_t session,
+						gnutls_buffer_st* data);
+
+
+const hello_ext_entry_st ext_mod_client_cert_type = {
+	.name = "Client Certificate Type",
+	.tls_id = 19,
+	.gid = GNUTLS_EXTENSION_CLIENT_CERT_TYPE,
+	.client_parse_point = GNUTLS_EXT_TLS,
+	.server_parse_point = GNUTLS_EXT_TLS,
+	.validity = GNUTLS_EXT_FLAG_TLS |
+		GNUTLS_EXT_FLAG_DTLS |
+		GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO |
+		GNUTLS_EXT_FLAG_EE,
+	.recv_func = _gnutls_client_cert_type_recv_params,
+	.send_func = _gnutls_client_cert_type_send_params,
+	.pack_func = _gnutls_hello_ext_default_pack,
+	.unpack_func = _gnutls_hello_ext_default_unpack,
+	.deinit_func = _gnutls_hello_ext_default_deinit,
+	.cannot_be_overriden = 1
+};
+
+
+static int _gnutls_client_cert_type_recv_params(gnutls_session_t session,
+						const uint8_t* data,
+						size_t data_size)
+{
+	int ret;
+	gnutls_certificate_type_t cert_type;
+	size_t i;
+	bool found = false;
+	const uint8_t* pdata = data;
+
+	/* Only activate this extension if we have cert credentials set
+	 * and alternative cert types are allowed */
+	if (!are_alternative_cert_types_allowed(session) ||
+		(_gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE) == NULL))
+		return 0;
+
+	if (!IS_SERVER(session)) {	// client mode
+		gnutls_datum_t sent_cert_types; // Holds the previously sent cert types
+
+		/* Compare packet length with expected packet length. For the
+		 * client this is a single byte. */
+		if (data_size != 1) {
+			return
+					gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+		}
+
+		/* The server picked one of the offered cert types if he supports
+		 * at least one of them and decided to do a client certificate
+		 * request. If both parties play by the rules then we may only
+		 * receive a cert type that we offered, i.e. one that we support.
+		 * Because the world isn't as beautiful as it may seem, we're going
+		 * to check it nevertheless. */
+		cert_type = IANA2cert_type(pdata[0]);
+
+		_gnutls_handshake_log("EXT[%p]: Received a %s client certificate type confirmation from the server.\n",
+		                      session, gnutls_certificate_type_get_name(cert_type));
+
+		// Check validity of cert type
+		if (cert_type == GNUTLS_CRT_UNKNOWN) {
+			return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE);
+		}
+
+		/* Get the cert types that we sent to the server (they were stored
+		 * in IANA representation.
+		 */
+		ret = _gnutls_hello_ext_get_datum(session,
+							 GNUTLS_EXTENSION_CLIENT_CERT_TYPE,
+							 &sent_cert_types);
+		if (ret < 0) {
+			/* This should not happen and indicate a memory corruption!
+			 * Assertion are always on in production code so execution
+			 * will halt here. */
+			assert(false);
+		}
+
+		// Check whether what we got back is actually offered by us
+		for (i = 0; i < sent_cert_types.size; i++) {
+			if (IANA2cert_type(sent_cert_types.data[i]) == cert_type)
+				found = true;
+		}
+
+		if (found) {
+			// Everything OK, now set the client certificate type
+			_gnutls_session_client_cert_type_set(session, cert_type);
+			ret = GNUTLS_E_SUCCESS;
+		} else {
+			// No valid cert type found
+			ret = GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
+		}
+
+		return ret;
+
+	} else {	// server mode
+		gnutls_datum_t cert_types; // Holds the received cert types
+
+		// Compare packet length with expected packet length.
+		DECR_LEN(data_size, 1);
+		if (data[0] != data_size) {
+			return
+					gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+		}
+		pdata += 1;
+
+		// Assign the contents of our data buffer to a gnutls_datum_t
+		cert_types.data = (uint8_t*)pdata; // Need casting to get rid of 'discards const qualifier' warning
+		cert_types.size = data_size;
+
+		// Store the client certificate types in our session
+		_gnutls_hello_ext_set_datum(session,
+							 GNUTLS_EXTENSION_CLIENT_CERT_TYPE,
+							 &cert_types);
+
+		/* We receive a list of supported certificate types that the client
+		 * is able to provide when requested via a client certificate
+		 * request. This list is sorted by order of preference. We now check
+		 * in this order of preference whether we support any of these
+		 * certificate types.
+		 */
+		for (i = 0; i < cert_types.size; i++) {
+			// Convert to internal representation
+			cert_type = IANA2cert_type(cert_types.data[i]);
+
+			// If we have an invalid cert id then continue to the next
+			if (cert_type == GNUTLS_CRT_UNKNOWN)
+				continue;
+
+			_gnutls_handshake_log("EXT[%p]: Checking compatibility of a %s client certificate type that was received from the client.\n",
+			                      session, gnutls_certificate_type_get_name(cert_type));
+
+			// Check for support of this cert type
+			if (_gnutls_session_is_cert_type_supported(session, cert_type, false, GNUTLS_CTYPE_CLIENT) == 0) {
+				found = true;
+				break;
+			}
+		}
+
+		// We found a matching ctype, we pick this one
+		if (found) {
+			_gnutls_session_client_cert_type_set(session, cert_type);
+			ret = GNUTLS_E_SUCCESS;
+		} else {
+			/* If no supported certificate type can be found we terminate
+			 * with a fatal alert of type "unsupported_certificate"
+			 * (according to specification rfc7250).
+			 */
+			_gnutls_handshake_log
+					("EXT[%p]: No supported client certificate type was found. "
+					 "Aborting connection.\n", session);
+			ret = GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
+		}
+
+		return ret;
+	}
+}
+
+static int _gnutls_client_cert_type_send_params(gnutls_session_t session,
+						gnutls_buffer_st* data)
+{
+	int ret;
+	uint8_t cert_type_IANA; // Holds an IANA cert type ID
+	gnutls_certificate_type_t cert_type;
+
+	/* Only activate this extension if we have cert credentials set
+	 * and alternative cert types are allowed */
+	if (!are_alternative_cert_types_allowed(session) ||
+		(_gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE) == NULL))
+		return 0;
+
+	if (!IS_SERVER(session)) {	// Client mode
+		uint8_t cert_types[GNUTLS_CRT_MAX]; // The list with supported (IANA) cert types. Inv: 0 <= cert type Id < 256
+		size_t i, num_cert_types = 0;
+		priority_st* cert_priorities;
+		gnutls_datum_t tmp_cert_types; // For type conversion
+
+		// For brevity
+		cert_priorities =
+				&session->internals.priorities->client_ctype;
+
+		/* Retrieve client certificate type priorities if any. If no
+		 * priorities are set then the default client certificate type
+		 * initialization values apply. This default is currently set to
+		 * x.509 in which case we don't enable this extension.
+		 */
+		if (cert_priorities->num_priorities > 0) {	// Priorities are explicitly set
+			/* If the certificate priority is explicitly set to only
+			 * X.509 (default) then, according to spec we don't send
+			 * this extension. We check this here to avoid further work in
+			 * this routine. We also check it below after pruning supported
+			 * types.
+			 */
+			if (cert_priorities->num_priorities == 1 &&
+					cert_priorities->priorities[0] == DEFAULT_CERT_TYPE) {
+				_gnutls_handshake_log
+						("EXT[%p]: Client certificate type was set to default cert type (%s). "
+						 "We therefore do not send this extension.\n",
+						 session,
+						 gnutls_certificate_type_get_name(DEFAULT_CERT_TYPE));
+
+				// Explicitly set but default ctype, so don't send anything
+				return 0;
+			}
+
+			/* We are only allowed to send certificate types that we support,
+			 * i.e. have credentials for. Therefore we check this here and
+			 * prune our original list.
+			 */
+			for (i = 0; i < cert_priorities->num_priorities; i++) {
+				cert_type = cert_priorities->priorities[i];
+
+				if (_gnutls_session_is_cert_type_supported(session, cert_type,
+				    true, GNUTLS_CTYPE_CLIENT) == 0) {
+					/* Check whether we are allowed to store another cert type
+					 * in our buffer. In other words, prevent a possible buffer
+					 * overflow. This situation can occur when a user sets
+					 * duplicate cert types in the priority strings. */
+					if (num_cert_types >= GNUTLS_CRT_MAX)
+						return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+					// Convert to IANA representation
+					ret = cert_type2IANA(cert_type);
+
+					if (ret < 0)
+						return gnutls_assert_val(ret);
+
+					cert_type_IANA = ret; // For readability
+
+					// Add this cert type to our list with supported types
+					cert_types[num_cert_types] = cert_type_IANA;
+					num_cert_types++;
+
+					_gnutls_handshake_log
+							("EXT[%p]: Client certificate type %s (%d) was queued.\n",
+							 session,
+							 gnutls_certificate_type_get_name(cert_type),
+							 cert_type_IANA);
+				}
+			}
+
+			/* Check whether there are any supported certificate types left
+			 * after the previous pruning step. If not, we do not send this
+			 * extension. Also, if the only supported type is the default type
+			 * we do not send this extension (according to RFC7250).
+			 */
+			if (num_cert_types == 0) {
+				_gnutls_handshake_log
+						("EXT[%p]: Client certificate types were set but none of them is supported. "
+						 "You might want to check your credentials or your priorities. "
+						 "We do not send this extension.\n",
+						 session);
+
+				return 0;
+			} else if (num_cert_types == 1 &&
+					 IANA2cert_type(cert_types[0]) == DEFAULT_CERT_TYPE) {
+				_gnutls_handshake_log
+						("EXT[%p]: The only supported client certificate type is (%s) which is the default. "
+						 "We therefore do not send this extension.\n",
+						 session,
+						 gnutls_certificate_type_get_name(DEFAULT_CERT_TYPE));
+
+				return 0;
+			}
+
+			/* We have data to send and store a copy internally. We convert
+			 * our list with supported cert types to a datum_t in order to
+			 * be able to make the ..._set_datum call.
+			 */
+			tmp_cert_types.data = cert_types;
+			tmp_cert_types.size = num_cert_types;
+
+			_gnutls_hello_ext_set_datum(session,
+								 GNUTLS_EXTENSION_CLIENT_CERT_TYPE,
+								 &tmp_cert_types);
+
+			/* Serialize the certificate types into a sequence of octets
+			 * uint8: length of sequence of cert types (1 octet)
+			 * uint8: cert types (0 <= #octets <= 255)
+			 */
+			ret = _gnutls_buffer_append_data_prefix(data, 8,
+																							cert_types,
+																							num_cert_types);
+
+			// Check for errors
+			if (ret < 0) {
+				return gnutls_assert_val(ret);
+			} else {
+				// Number of bytes we are sending
+				return num_cert_types + 1;
+			}
+		}
+	} else {	// Server mode
+		const version_entry_st* vers = get_version(session);
+		/* TLS 1.2:
+		 * Check whether we are going to send a certificate request,
+		 * otherwise omit the response. This is conform spec.
+		 * (RFC7250, 4.2 case 3.).
+		 *
+		 * TLS 1.3:
+		 * TLS 1.3 supports post-handshake authentication for the client.
+		 * It means that a server can ask for a client certificate anytime
+		 * after the handshake. In order for this to work we must always
+		 * complete the certificate type negotiation and therefore respond
+		 * with a cert type message.
+		 */
+		if (session->internals.send_cert_req != 0 ||
+				vers->tls13_sem) {
+			/* Retrieve negotiated client certificate type and send it to
+			 * the client.
+			 * The scenario where we want to send a certificate request but
+			 * do not have a matching certificate does not occur because we
+			 * already terminate the connection at reception of this extension
+			 * when we cannot find a matching client certificate. This is conform
+			 * spec (RFC7250, 4.2 case 2.).
+			 */
+			cert_type = get_certificate_type(session, GNUTLS_CTYPE_CLIENT);
+			ret = cert_type2IANA(cert_type);
+
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			cert_type_IANA = ret; // For readability
+
+			_gnutls_handshake_log("EXT[%p]: Confirming to use a %s client certificate type.\n",
+			                      session, gnutls_certificate_type_get_name(cert_type));
+
+			ret = gnutls_buffer_append_data(data, &cert_type_IANA, 1);
+
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			return 1; // sent one byte
+		}
+	}
+
+	// In all other cases don't enable this extension
+	return 0;
+}
+
+
+/** Extension interface **/
+
+/* The interface is defined in state.c:
+ * Public:
+ * - gnutls_certificate_type_get2
+ *
+ * Private:
+ * - _gnutls_session_client_cert_type_set
+ */
diff --git a/lib/ext/client_cert_type.h b/lib/ext/client_cert_type.h
new file mode 100644
index 0000000..7e89ca8
--- /dev/null
+++ b/lib/ext/client_cert_type.h
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2016 - 2018 ARPA2 project
+ *
+ * Author: Tom Vrancken (dev@tomvrancken.nl)
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ * This file is part of the client_certificate_type extension as
+ * defined in RFC7250 (https://tools.ietf.org/html/rfc7250).
+ *
+ * The client_certificate_type extension in the client hello indicates
+ * the certificate types the client is able to provide to the server,
+ * when requested using a certificate_request message.
+ */
+
+#ifndef GNUTLS_LIB_EXT_CLIENT_CERT_TYPE_H
+#define GNUTLS_LIB_EXT_CLIENT_CERT_TYPE_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_client_cert_type;
+
+#endif /* GNUTLS_LIB_EXT_CLIENT_CERT_TYPE_H */
diff --git a/lib/ext/compress_certificate.c b/lib/ext/compress_certificate.c
new file mode 100644
index 0000000..8f8d75c
--- /dev/null
+++ b/lib/ext/compress_certificate.c
@@ -0,0 +1,252 @@
+/*
+ * Copyright (C) 2022 Red Hat, Inc.
+ *
+ * Author: Zoltan Fridrich
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include "hello_ext_lib.h"
+#include "num.h"
+#include <ext/compress_certificate.h>
+
+/* Check whether certificate compression method is valid, ie. supported by gnutls */
+static inline int
+is_valid_method(gnutls_compression_method_t method)
+{
+	switch (method) {
+#ifdef HAVE_LIBZ
+	case GNUTLS_COMP_ZLIB:
+		return 1;
+#endif
+#ifdef HAVE_LIBBROTLI
+	case GNUTLS_COMP_BROTLI:
+		return 1;
+#endif
+#ifdef HAVE_LIBZSTD
+	case GNUTLS_COMP_ZSTD:
+		return 1;
+#endif
+	default:
+		return 0;
+	}
+}
+
+/* Converts compression algorithm number established in RFC8879 to internal compression method type */
+gnutls_compression_method_t 
+_gnutls_compress_certificate_num2method(uint16_t num)
+{
+	switch (num)  {
+	case 1:
+		return GNUTLS_COMP_ZLIB;
+	case 2:
+		return GNUTLS_COMP_BROTLI;
+	case 3:
+		return GNUTLS_COMP_ZSTD;
+	default:
+		return GNUTLS_COMP_UNKNOWN;
+	 }
+}
+
+/* Converts compression method type to compression algorithm number established in RFC8879 */
+int 
+_gnutls_compress_certificate_method2num(gnutls_compression_method_t method)
+{
+	switch (method) {
+	case GNUTLS_COMP_ZLIB:
+		return 1;
+	case GNUTLS_COMP_BROTLI:
+		return 2;
+	case GNUTLS_COMP_ZSTD:
+		return 3;
+	default:
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+}
+
+/**
+ * gnutls_compress_certificate_get_selected_method:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function returns the certificate compression method that has been
+ * selected to compress the certificate before sending it to the peer.
+ * The selection is done based on the local list of supported compression
+ * methods and the peer's requested compression methods.
+ *
+ * Returns: selected certificate compression method.
+ *
+ * Since 3.7.4
+ **/
+gnutls_compression_method_t
+gnutls_compress_certificate_get_selected_method(gnutls_session_t session)
+{
+	return session->internals.compress_certificate_method;
+}
+
+/**
+ * gnutls_compress_certificate_set_methods:
+ * @session: is a #gnutls_session_t type.
+ * @methods: is a list of supported compression methods.
+ * @methods_len: number of compression methods in @methods
+ *
+ * This function sets the supported compression methods for certificate compression
+ * for the given session. The list of supported compression methods will be used
+ * for a) requesting the compression of peer's certificate and b) selecting the
+ * method to compress the local certificate before sending it to the peer.
+ * The order of compression methods inside the list does matter as the method
+ * that appears earlier in the list will be preffered before the later ones.
+ * Note that even if you set the list of supported compression methods, the
+ * compression might not be used if the peer does not support any of your chosen
+ * compression methods.
+ *
+ * The list of supported compression methods must meet the following criteria:
+ * Argument @methods must be an array of valid compression methods of type
+ * #gnutls_compression_method_t. Argument @methods_len must contain the number of
+ * compression methods stored in the @methods array and must be within range <1, 127>.
+ * The length constraints are defined by %MIN_COMPRESS_CERTIFICATE_METHODS
+ * and %MAX_COMPRESS_CERTIFICATE_METHODS macros located in the header file
+ * compress_certificate.h.
+ *
+ * If either @methods or @methods_len is equal to 0, current list of supported
+ * compression methods will be unset.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since 3.7.4
+ **/
+int
+gnutls_compress_certificate_set_methods(gnutls_session_t session,
+					const gnutls_compression_method_t * methods,
+					size_t methods_len)
+{
+	unsigned i;
+	compress_certificate_ext_st *priv;
+
+	if (methods == NULL || methods_len == 0) {
+		_gnutls_hello_ext_unset_priv(session, GNUTLS_EXTENSION_COMPRESS_CERTIFICATE);
+		return 0;
+	}
+
+	if (methods_len > MAX_COMPRESS_CERTIFICATE_METHODS)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	for (i = 0; i < methods_len; ++i)
+		if (!is_valid_method(methods[i]))
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	priv = gnutls_malloc(sizeof(*priv));
+	if (priv == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	priv->methods_len = methods_len;
+	memcpy(priv->methods, methods, methods_len * sizeof(*methods));
+	_gnutls_hello_ext_set_priv(session, GNUTLS_EXTENSION_COMPRESS_CERTIFICATE, priv);
+
+	return 0;
+}
+
+int
+_gnutls_compress_certificate_recv_params(gnutls_session_t session,
+					 const uint8_t * data,
+					 size_t data_size)
+{
+	int ret;
+	unsigned i, j;
+	uint16_t num;
+	uint8_t bytes_len;
+	size_t methods_len;
+	gnutls_compression_method_t methods[MAX_COMPRESS_CERTIFICATE_METHODS];
+	gnutls_compression_method_t method = GNUTLS_COMP_UNKNOWN;
+	compress_certificate_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+
+	ret = _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_COMPRESS_CERTIFICATE, &epriv);
+	if (ret < 0)
+		return 0;
+	priv = epriv;
+
+	DECR_LEN(data_size, 1);
+	bytes_len = *data;
+	
+	if (bytes_len < 2 || bytes_len > 254 || bytes_len % 2 == 1)
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	DECR_LEN(data_size, bytes_len);
+	methods_len = bytes_len / 2;
+
+	for (i = 0; i < methods_len; ++i) {
+		num = _gnutls_read_uint16(data + i + i + 1);
+		methods[i] = _gnutls_compress_certificate_num2method(num);
+		if (methods[i] == GNUTLS_COMP_UNKNOWN)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	for (i = 0; i < methods_len; ++i)
+		for (j = 0; j < priv->methods_len; ++j)
+			if (methods[i] == priv->methods[j]) {
+				method = methods[i];
+				goto endloop;
+			}
+endloop:
+	session->internals.compress_certificate_method = method;
+
+	return 0;
+}
+
+int
+_gnutls_compress_certificate_send_params(gnutls_session_t session,
+					 gnutls_buffer_st * data)
+{
+	int ret, num;
+	unsigned i;
+	uint8_t bytes_len;
+	uint8_t bytes[2 * MAX_COMPRESS_CERTIFICATE_METHODS];
+	compress_certificate_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+
+	ret = _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_COMPRESS_CERTIFICATE, &epriv);
+	if (ret < 0)
+		return 0;
+	priv = epriv;
+
+	bytes_len = 2 * priv->methods_len;
+	for (i = 0; i < priv->methods_len; ++i) {
+		num = _gnutls_compress_certificate_method2num(priv->methods[i]);
+		_gnutls_write_uint16(num, bytes + i + i);
+	}
+
+	ret = _gnutls_buffer_append_data_prefix(data, 8, bytes, bytes_len);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return bytes_len + 1;
+}
+
+const hello_ext_entry_st ext_mod_compress_certificate = {
+	.name = "Compress Certificate",
+	.tls_id = 27,
+	.gid = GNUTLS_EXTENSION_COMPRESS_CERTIFICATE,
+	.client_parse_point = GNUTLS_EXT_TLS,
+	.server_parse_point = GNUTLS_EXT_TLS,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | 
+		    GNUTLS_EXT_FLAG_CLIENT_HELLO,
+	.recv_func = _gnutls_compress_certificate_recv_params,
+	.send_func = _gnutls_compress_certificate_send_params,
+	.deinit_func = _gnutls_hello_ext_default_deinit
+};
diff --git a/lib/ext/compress_certificate.h b/lib/ext/compress_certificate.h
new file mode 100644
index 0000000..b708374
--- /dev/null
+++ b/lib/ext/compress_certificate.h
@@ -0,0 +1,49 @@
+/*
+ * Copyright (C) 2022 Red Hat, Inc.
+ *
+ * Author: Zoltan Fridrich
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_COMPRESS_CERTIFICATE_H
+#define GNUTLS_LIB_EXT_COMPRESS_CERTIFICATE_H
+
+#include <hello_ext.h>
+
+#define MIN_COMPRESS_CERTIFICATE_METHODS 1
+#define MAX_COMPRESS_CERTIFICATE_METHODS 127
+
+typedef struct {
+	gnutls_compression_method_t methods[MAX_COMPRESS_CERTIFICATE_METHODS];
+	size_t methods_len;
+} compress_certificate_ext_st;
+
+extern const hello_ext_entry_st ext_mod_compress_certificate;
+
+gnutls_compression_method_t _gnutls_compress_certificate_num2method(uint16_t num);
+int _gnutls_compress_certificate_method2num(gnutls_compression_method_t method);
+
+int
+_gnutls_compress_certificate_recv_params(gnutls_session_t session,
+					 const uint8_t * data,
+					 size_t data_size);
+int
+_gnutls_compress_certificate_send_params(gnutls_session_t session,
+					 gnutls_buffer_st * data);
+
+#endif /* GNUTLS_LIB_EXT_COMPRESS_CERTIFICATE_H */
diff --git a/lib/ext/cookie.c b/lib/ext/cookie.c
new file mode 100644
index 0000000..b4608f3
--- /dev/null
+++ b/lib/ext/cookie.c
@@ -0,0 +1,117 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the code for the Max Record Size TLS extension.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "num.h"
+#include "hello_ext_lib.h"
+#include <ext/cookie.h>
+
+static int cookie_recv_params(gnutls_session_t session,
+					  const uint8_t * data,
+					  size_t data_size);
+static int cookie_send_params(gnutls_session_t session,
+					  gnutls_buffer_st * extdata);
+
+const hello_ext_entry_st ext_mod_cookie = {
+	.name = "Cookie",
+	.tls_id = 44,
+	.gid = GNUTLS_EXTENSION_COOKIE,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		    GNUTLS_EXT_FLAG_HRR | GNUTLS_EXT_FLAG_IGNORE_CLIENT_REQUEST,
+	.client_parse_point = GNUTLS_EXT_MANDATORY, /* force parsing prior to EXT_TLS extensions */
+	.server_parse_point = GNUTLS_EXT_MANDATORY, /* force parsing prior to EXT_TLS extensions */
+	.recv_func = cookie_recv_params,
+	.send_func = cookie_send_params,
+	.pack_func = NULL,
+	.unpack_func = NULL,
+	.deinit_func = _gnutls_hello_ext_default_deinit,
+	.cannot_be_overriden = 0
+};
+
+/* Only client sends this extension. */
+static int
+cookie_recv_params(gnutls_session_t session,
+		   const uint8_t * data, size_t data_size)
+{
+	size_t csize;
+	int ret;
+	gnutls_datum_t tmp;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		/* we don't support it */
+		return 0;
+	} else { /* client */
+		if (_gnutls_ext_get_msg(session) == GNUTLS_EXT_FLAG_HRR) {
+			DECR_LEN(data_size, 2);
+
+			csize = _gnutls_read_uint16(data);
+			data += 2;
+
+			DECR_LEN(data_size, csize);
+
+			if (data_size != 0)
+				return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+			tmp.data = (void*)data;
+			tmp.size = csize;
+
+			ret = _gnutls_hello_ext_set_datum(session, GNUTLS_EXTENSION_COOKIE, &tmp);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			return 0;
+		}
+
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
+	}
+
+	return 0;
+}
+
+/* returns data_size or a negative number on failure
+ */
+static int
+cookie_send_params(gnutls_session_t session,
+		   gnutls_buffer_st * extdata)
+{
+	gnutls_datum_t tmp;
+	int ret;
+
+	/* this function sends the client extension data (dnsname) */
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		ret = _gnutls_hello_ext_get_datum(session, GNUTLS_EXTENSION_COOKIE, &tmp);
+		if (ret < 0)
+			return 0;
+
+		ret = _gnutls_buffer_append_data_prefix(extdata, 16, tmp.data, tmp.size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		return 0;
+	}
+
+	return 0;
+}
diff --git a/lib/ext/cookie.h b/lib/ext/cookie.h
new file mode 100644
index 0000000..13ea7c7
--- /dev/null
+++ b/lib/ext/cookie.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_COOKIE_H
+#define GNUTLS_LIB_EXT_COOKIE_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_cookie;
+
+#endif /* GNUTLS_LIB_EXT_COOKIE_H */
diff --git a/lib/ext/dumbfw.c b/lib/ext/dumbfw.c
new file mode 100644
index 0000000..dfd2ee0
--- /dev/null
+++ b/lib/ext/dumbfw.c
@@ -0,0 +1,84 @@
+/*
+ * Copyright (C) 2013-2018 Nikos Mavrogiannopoulos
+ * Copyright (C) 2018 Red Hat, Inc.
+ * 
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "auth.h"
+#include "errors.h"
+#include "num.h"
+#include <ext/dumbfw.h>
+
+/* This extension adds additional padding data in the TLS client hello.
+ * There is an issue with some firewalls [0] rejecting TLS client hello
+ * data that are between 256 and 511 bytes, and this extension will
+ * make sure that client hello isn't in this range.
+ *
+ * [0]. https://www.ietf.org/mail-archive/web/tls/current/msg10423.html
+ */
+
+static int _gnutls_dumbfw_send_params(gnutls_session_t session,
+				    gnutls_buffer_st * extdata);
+
+const hello_ext_entry_st ext_mod_dumbfw = {
+	.name = "ClientHello Padding",
+	.tls_id = 21,
+	.gid = GNUTLS_EXTENSION_DUMBFW,
+	.client_parse_point = GNUTLS_EXT_APPLICATION,
+	.server_parse_point = GNUTLS_EXT_APPLICATION,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_CLIENT_HELLO,
+	.recv_func = NULL,
+	.send_func = _gnutls_dumbfw_send_params,
+	.pack_func = NULL,
+	.unpack_func = NULL,
+	.deinit_func = NULL,
+	.cannot_be_overriden = 0
+};
+
+static int
+_gnutls_dumbfw_send_params(gnutls_session_t session,
+			 gnutls_buffer_st * extdata)
+{
+	int total_size = 0, ret;
+	uint8_t pad[257];
+	unsigned pad_size;
+	ssize_t len = extdata->length - sizeof(mbuffer_st);
+
+	if (session->security_parameters.entity == GNUTLS_SERVER ||
+	    session->internals.dumbfw == 0 ||
+	    IS_DTLS(session) != 0 ||
+	    (len < 256 || len >= 512)) {
+		return 0;
+	} else {
+		/* 256 <= extdata->length < 512 */
+		pad_size = 512 - len;
+		memset(pad, 0, pad_size);
+
+		ret =
+		    gnutls_buffer_append_data(extdata, pad,
+						       pad_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		total_size += pad_size;
+	}
+
+	return total_size;
+}
+
diff --git a/lib/ext/dumbfw.h b/lib/ext/dumbfw.h
new file mode 100644
index 0000000..87bb072
--- /dev/null
+++ b/lib/ext/dumbfw.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_DUMBFW_H
+#define GNUTLS_LIB_EXT_DUMBFW_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_dumbfw;
+
+#endif /* GNUTLS_LIB_EXT_DUMBFW_H */
diff --git a/lib/ext/early_data.c b/lib/ext/early_data.c
new file mode 100644
index 0000000..28c3182
--- /dev/null
+++ b/lib/ext/early_data.c
@@ -0,0 +1,147 @@
+/*
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the code for the Early Data TLS 1.3 extension.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "num.h"
+#include "hello_ext_lib.h"
+#include <ext/early_data.h>
+
+static int early_data_recv_params(gnutls_session_t session,
+				  const uint8_t * data,
+				  size_t data_size);
+static int early_data_send_params(gnutls_session_t session,
+				  gnutls_buffer_st * extdata);
+
+const hello_ext_entry_st ext_mod_early_data = {
+	.name = "Early Data",
+	.tls_id = 42,
+	.gid = GNUTLS_EXTENSION_EARLY_DATA,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_CLIENT_HELLO | GNUTLS_EXT_FLAG_EE,
+	.client_parse_point = GNUTLS_EXT_MANDATORY, /* force parsing prior to EXT_TLS extensions */
+	.server_parse_point = GNUTLS_EXT_MANDATORY, /* force parsing prior to EXT_TLS extensions */
+	.recv_func = early_data_recv_params,
+	.send_func = early_data_send_params,
+	.pack_func = NULL,
+	.unpack_func = NULL,
+	.deinit_func = _gnutls_hello_ext_default_deinit,
+	.cannot_be_overriden = 0
+};
+
+static int
+early_data_recv_params(gnutls_session_t session,
+		       const uint8_t * data, size_t _data_size)
+{
+	const version_entry_st *vers = get_version(session);
+
+	if (!vers || !vers->tls13_sem)
+		return gnutls_assert_val(0);
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		/* Whether to accept early data is decided during processing the
+		 * pre_shared_key extension in the later phase.
+		 */
+		session->internals.hsk_flags |= HSK_EARLY_DATA_IN_FLIGHT;
+	} else {
+		if (_gnutls_ext_get_msg(session) == GNUTLS_EXT_FLAG_EE)
+			session->internals.hsk_flags |= HSK_EARLY_DATA_ACCEPTED;
+	}
+
+	return 0;
+}
+
+/* returns data_size or a negative number on failure
+ */
+static int
+early_data_send_params(gnutls_session_t session,
+		       gnutls_buffer_st * extdata)
+{
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		if (session->internals.hsk_flags & HSK_EARLY_DATA_ACCEPTED)
+			return GNUTLS_E_INT_RET_0;
+	} else {
+		/* early data is enabled and resuming a TLS 1.3 session */
+		if (session->internals.flags & GNUTLS_ENABLE_EARLY_DATA &&
+		    !(session->internals.resumption_requested == 0 &&
+		      session->internals.premaster_set == 0) &&
+		    session->internals.resumed_security_parameters.pversion &&
+		    session->internals.resumed_security_parameters.pversion->tls13_sem) {
+			session->internals.hsk_flags |= HSK_EARLY_DATA_IN_FLIGHT;
+			return GNUTLS_E_INT_RET_0;
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_record_get_max_early_data_size:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function returns the maximum early data size in this connection.
+ * This property can only be set to servers.  The client may be
+ * provided with the maximum allowed size through the "early_data"
+ * extension of the NewSessionTicket handshake message.
+ *
+ * Returns: The maximum early data size in this connection.
+ *
+ * Since: 3.6.5
+ **/
+size_t
+gnutls_record_get_max_early_data_size(gnutls_session_t session)
+{
+	return session->security_parameters.max_early_data_size;
+}
+
+/**
+ * gnutls_record_set_max_early_data_size:
+ * @session: is a #gnutls_session_t type.
+ * @size: is the new size
+ *
+ * This function sets the maximum early data size in this connection.
+ * This property can only be set to servers.  The client may be
+ * provided with the maximum allowed size through the "early_data"
+ * extension of the NewSessionTicket handshake message.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since: 3.6.4
+ **/
+int
+gnutls_record_set_max_early_data_size(gnutls_session_t session,
+				      size_t size)
+{
+	if (session->security_parameters.entity == GNUTLS_CLIENT)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	/* Reject zero as well, as it is useless. */
+	if (size == 0 || size > UINT32_MAX)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	session->security_parameters.max_early_data_size = (uint32_t) size;
+
+	return 0;
+}
diff --git a/lib/ext/early_data.h b/lib/ext/early_data.h
new file mode 100644
index 0000000..d7178e8
--- /dev/null
+++ b/lib/ext/early_data.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_EARLY_DATA_H
+#define GNUTLS_LIB_EXT_EARLY_DATA_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_early_data;
+
+#endif /* GNUTLS_LIB_EXT_EARLY_DATA_H */
diff --git a/lib/ext/ec_point_formats.c b/lib/ext/ec_point_formats.c
new file mode 100644
index 0000000..d426580
--- /dev/null
+++ b/lib/ext/ec_point_formats.c
@@ -0,0 +1,124 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the code for the Elliptic Curve Point Formats extension.
+ */
+
+#include "ext/ec_point_formats.h"
+#include "str.h"
+#include "state.h"
+#include <gnutls/gnutls.h>
+
+
+static int _gnutls_supported_ec_point_formats_recv_params(gnutls_session_t session,
+						const uint8_t * data,
+						size_t data_size);
+static int _gnutls_supported_ec_point_formats_send_params(gnutls_session_t session,
+						gnutls_buffer_st * extdata);
+
+
+const hello_ext_entry_st ext_mod_supported_ec_point_formats = {
+	.name = "Supported EC Point Formats",
+	.tls_id = 11,
+	.gid = GNUTLS_EXTENSION_SUPPORTED_EC_POINT_FORMATS,
+	.client_parse_point = GNUTLS_EXT_TLS,
+	.server_parse_point = GNUTLS_EXT_TLS,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS |
+		    GNUTLS_EXT_FLAG_CLIENT_HELLO | GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
+	.recv_func = _gnutls_supported_ec_point_formats_recv_params,
+	.send_func = _gnutls_supported_ec_point_formats_send_params,
+	.pack_func = NULL,
+	.unpack_func = NULL,
+	.deinit_func = NULL
+};
+
+
+/* Receive point formats
+ */
+static int
+_gnutls_supported_ec_point_formats_recv_params(gnutls_session_t session,
+				     const uint8_t * data,
+				     size_t data_size)
+{
+	size_t len, i;
+	int uncompressed = 0;
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		if (data_size < 1)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
+
+		len = data[0];
+		if (len < 1)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
+
+		DECR_LEN(data_size, len + 1);
+
+		for (i = 1; i <= len; i++)
+			if (data[i] == 0) {	/* uncompressed */
+				uncompressed = 1;
+				break;
+			}
+
+		if (uncompressed == 0)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_UNKNOWN_PK_ALGORITHM);
+	} else {
+		/* only sanity check here. We only support uncompressed points
+		 * and a client must support it thus nothing to check.
+		 */
+		if (data_size < 1)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
+	}
+
+	return 0;
+}
+
+/* returns data_size or a negative number on failure
+ */
+static int
+_gnutls_supported_ec_point_formats_send_params(gnutls_session_t session,
+				     gnutls_buffer_st * extdata)
+{
+	const uint8_t p[2] = { 0x01, 0x00 };	/* only support uncompressed point format */
+	int ret;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER
+	    && !_gnutls_session_is_ecc(session))
+		return 0;
+
+	if (session->internals.priorities->groups.size > 0) {
+		ret = _gnutls_buffer_append_data(extdata, p, 2);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		return 2;
+	}
+	return 0;
+}
diff --git a/lib/ext/ec_point_formats.h b/lib/ext/ec_point_formats.h
new file mode 100644
index 0000000..cc65c04
--- /dev/null
+++ b/lib/ext/ec_point_formats.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_EC_POINT_FORMATS_H
+#define GNUTLS_LIB_EXT_EC_POINT_FORMATS_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_supported_ec_point_formats;
+
+#endif /* GNUTLS_LIB_EXT_EC_POINT_FORMATS_H */
diff --git a/lib/ext/etm.c b/lib/ext/etm.c
new file mode 100644
index 0000000..273a31a
--- /dev/null
+++ b/lib/ext/etm.c
@@ -0,0 +1,151 @@
+/*
+ * Copyright (C) 2014 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the code for the Max Record Size TLS extension.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "num.h"
+#include <hello_ext.h>
+#include <ext/etm.h>
+
+static int _gnutls_ext_etm_recv_params(gnutls_session_t session,
+					  const uint8_t * data,
+					  size_t data_size);
+static int _gnutls_ext_etm_send_params(gnutls_session_t session,
+					  gnutls_buffer_st * extdata);
+
+const hello_ext_entry_st ext_mod_etm = {
+	.name = "Encrypt-then-MAC",
+	.tls_id = 22,
+	.gid = GNUTLS_EXTENSION_ETM,
+	.client_parse_point = GNUTLS_EXT_MANDATORY,
+	.server_parse_point = GNUTLS_EXT_MANDATORY,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		    GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
+	.recv_func = _gnutls_ext_etm_recv_params,
+	.send_func = _gnutls_ext_etm_send_params,
+	.pack_func = NULL,
+	.unpack_func = NULL,
+	.deinit_func = NULL,
+	.cannot_be_overriden = 1
+};
+
+/* 
+ * In case of a server: if an EXT_MASTER_SECRET extension type is received then it
+ * sets a flag into the session security parameters.
+ *
+ */
+static int
+_gnutls_ext_etm_recv_params(gnutls_session_t session,
+			       const uint8_t * data, size_t _data_size)
+{
+	ssize_t data_size = _data_size;
+
+	if (data_size != 0) {
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		gnutls_ext_priv_data_t epriv;
+
+		if (session->internals.no_etm != 0)
+			return 0;
+
+		epriv = (void*)(intptr_t)1;
+		_gnutls_hello_ext_set_priv(session,
+						   GNUTLS_EXTENSION_ETM,
+						   epriv);
+
+		/* don't decide now, decide on send */
+		return 0;
+	} else { /* client */
+		const gnutls_cipher_suite_entry_st *e = 
+			session->security_parameters.cs;
+		if (e != NULL) {
+			const cipher_entry_st *c;
+			c = cipher_to_entry(e->block_algorithm);
+			if (c == NULL || (c->type == CIPHER_AEAD || c->type == CIPHER_STREAM))
+				return 0;
+
+			session->security_parameters.etm = 1;
+		}
+	}
+
+	return 0;
+}
+
+/* returns data_size or a negative number on failure
+ */
+static int
+_gnutls_ext_etm_send_params(gnutls_session_t session,
+			       gnutls_buffer_st * extdata)
+{
+	if (session->internals.no_etm != 0)
+		return 0;
+
+	/* this function sends the client extension data */
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		if (session->internals.priorities->have_cbc != 0)
+			return GNUTLS_E_INT_RET_0;
+		else
+			return 0;
+	} else { /* server side */
+		const gnutls_cipher_suite_entry_st *e;
+		const cipher_entry_st *c;
+		int ret;
+		gnutls_ext_priv_data_t epriv;
+
+		e = session->security_parameters.cs;
+		if (e != NULL) {
+			c = cipher_to_entry(e->block_algorithm);
+			if (c == NULL || (c->type == CIPHER_AEAD || c->type == CIPHER_STREAM))
+				return 0;
+
+			ret = _gnutls_hello_ext_get_priv(session,
+							   GNUTLS_EXTENSION_ETM,
+							   &epriv);
+			if (ret < 0 || ((intptr_t)epriv) == 0)
+				return 0;
+
+			session->security_parameters.etm = 1;
+			return GNUTLS_E_INT_RET_0;
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_session_etm_status:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get the status of the encrypt-then-mac extension negotiation.
+ * This is in accordance to rfc7366
+ *
+ * Returns: Non-zero if the negotiation was successful or zero otherwise.
+ **/
+unsigned gnutls_session_etm_status(gnutls_session_t session)
+{
+	return session->security_parameters.etm;
+}
diff --git a/lib/ext/etm.h b/lib/ext/etm.h
new file mode 100644
index 0000000..76f9dd5
--- /dev/null
+++ b/lib/ext/etm.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2014 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_ETM_H
+#define GNUTLS_LIB_EXT_ETM_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_etm;
+
+#endif /* GNUTLS_LIB_EXT_ETM_H */
diff --git a/lib/ext/ext_master_secret.c b/lib/ext/ext_master_secret.c
new file mode 100644
index 0000000..bc704e6
--- /dev/null
+++ b/lib/ext/ext_master_secret.c
@@ -0,0 +1,155 @@
+/*
+ * Copyright (C) 2014-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the code for the RFC7627 (ext master secret) TLS extension.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "num.h"
+#include <hello_ext.h>
+#include <ext/ext_master_secret.h>
+
+static int _gnutls_ext_master_secret_recv_params(gnutls_session_t session,
+					  const uint8_t * data,
+					  size_t data_size);
+static int _gnutls_ext_master_secret_send_params(gnutls_session_t session,
+					  gnutls_buffer_st * extdata);
+
+const hello_ext_entry_st ext_mod_ext_master_secret = {
+	.name = "Extended Master Secret",
+	.tls_id = 23,
+	.gid = GNUTLS_EXTENSION_EXT_MASTER_SECRET,
+	.client_parse_point = GNUTLS_EXT_MANDATORY,
+	.server_parse_point = GNUTLS_EXT_MANDATORY,
+	.validity = GNUTLS_EXT_FLAG_TLS|GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		    GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
+	.recv_func = _gnutls_ext_master_secret_recv_params,
+	.send_func = _gnutls_ext_master_secret_send_params,
+	.pack_func = NULL,
+	.unpack_func = NULL,
+	.deinit_func = NULL,
+	.cannot_be_overriden = 1
+};
+
+#ifdef ENABLE_SSL3
+static inline unsigned have_only_ssl3_enabled(gnutls_session_t session)
+{
+	if (session->internals.priorities->protocol.num_priorities == 1 &&
+	    session->internals.priorities->protocol.priorities[0] == GNUTLS_SSL3)
+	    return 1;
+	return 0;
+}
+#endif
+
+/*
+ * In case of a server: if an EXT_MASTER_SECRET extension type is received then it
+ * sets a flag into the session security parameters.
+ *
+ */
+static int
+_gnutls_ext_master_secret_recv_params(gnutls_session_t session,
+			       const uint8_t * data, size_t _data_size)
+{
+	ssize_t data_size = _data_size;
+
+	if ((session->internals.flags & GNUTLS_NO_EXTENSIONS) ||
+	    session->internals.priorities->no_extensions ||
+	    session->internals.no_ext_master_secret != 0) {
+		return 0;
+	}
+
+	if (data_size != 0) {
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+	}
+
+#ifdef ENABLE_SSL3
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		const version_entry_st *ver = get_version(session);
+
+		if (unlikely(ver == NULL))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		if (ver->id != GNUTLS_SSL3)
+			session->security_parameters.ext_master_secret = 1;
+	/* do not enable ext master secret if SSL 3.0 is the only protocol supported by server */
+	} else if (!have_only_ssl3_enabled(session))
+#endif
+		session->security_parameters.ext_master_secret = 1;
+
+	return 0;
+}
+
+/* returns data_size or a negative number on failure
+ */
+static int
+_gnutls_ext_master_secret_send_params(gnutls_session_t session,
+			       gnutls_buffer_st * extdata)
+{
+	if ((session->internals.flags & GNUTLS_NO_EXTENSIONS) ||
+	    session->internals.priorities->no_extensions != 0 ||
+	    session->internals.no_ext_master_secret != 0) {
+	    session->security_parameters.ext_master_secret = 0;
+	    return 0;
+	}
+
+	/* this function sends the client extension data */
+#ifdef ENABLE_SSL3
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		if (have_only_ssl3_enabled(session))
+		    return 0; /* this extension isn't available for SSL 3.0 */
+
+		return GNUTLS_E_INT_RET_0;
+	} else { /* server side */
+		const version_entry_st *ver = get_version(session);
+		if (unlikely(ver == NULL))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		if (ver->id != GNUTLS_SSL3 && session->security_parameters.ext_master_secret != 0)
+			return GNUTLS_E_INT_RET_0;
+	}
+
+
+	return 0;
+#else
+	if (session->security_parameters.entity == GNUTLS_CLIENT ||
+	    session->security_parameters.ext_master_secret != 0)
+		return GNUTLS_E_INT_RET_0;
+	return 0;
+#endif
+}
+
+/**
+ * gnutls_session_ext_master_secret_status:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get the status of the extended master secret extension negotiation.
+ * This is in accordance to RFC7627. That information is also
+ * available to the more generic gnutls_session_get_flags().
+ *
+ * Returns: Non-zero if the negotiation was successful or zero otherwise.
+ **/
+unsigned gnutls_session_ext_master_secret_status(gnutls_session_t session)
+{
+	return session->security_parameters.ext_master_secret;
+}
+
diff --git a/lib/ext/ext_master_secret.h b/lib/ext/ext_master_secret.h
new file mode 100644
index 0000000..419335b
--- /dev/null
+++ b/lib/ext/ext_master_secret.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2014 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_EXT_MASTER_SECRET_H
+#define GNUTLS_LIB_EXT_EXT_MASTER_SECRET_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_ext_master_secret;
+
+#endif /* GNUTLS_LIB_EXT_EXT_MASTER_SECRET_H */
diff --git a/lib/ext/heartbeat.c b/lib/ext/heartbeat.c
new file mode 100644
index 0000000..5d9e9f4
--- /dev/null
+++ b/lib/ext/heartbeat.c
@@ -0,0 +1,574 @@
+/*
+ * Copyright (C) 2012,2013 Free Software Foundation, Inc.
+ * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file implements the TLS heartbeat extension.
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <dtls.h>
+#include <record.h>
+#include <ext/heartbeat.h>
+#include <hello_ext.h>
+#include <random.h>
+
+#ifdef ENABLE_HEARTBEAT
+/**
+  * gnutls_heartbeat_enable:
+  * @session: is a #gnutls_session_t type.
+  * @type: one of the GNUTLS_HB_* flags
+  *
+  * If this function is called with the %GNUTLS_HB_PEER_ALLOWED_TO_SEND
+  * @type, GnuTLS will allow heartbeat messages to be received. Moreover it also
+  * request the peer to accept heartbeat messages. This function
+  * must be called prior to TLS handshake.
+  *
+  * If the @type used is %GNUTLS_HB_LOCAL_ALLOWED_TO_SEND, then the peer
+  * will be asked to accept heartbeat messages but not send ones.
+  *
+  * The function gnutls_heartbeat_allowed() can be used to test Whether
+  * locally generated heartbeat messages can be accepted by the peer.
+  *
+  * Since: 3.1.2
+  **/
+void gnutls_heartbeat_enable(gnutls_session_t session, unsigned int type)
+{
+	gnutls_ext_priv_data_t epriv;
+
+	epriv = (void*)(intptr_t)type;
+	_gnutls_hello_ext_set_priv(session, GNUTLS_EXTENSION_HEARTBEAT,
+				     epriv);
+}
+
+/**
+  * gnutls_heartbeat_allowed:
+  * @session: is a #gnutls_session_t type.
+  * @type: one of %GNUTLS_HB_LOCAL_ALLOWED_TO_SEND and %GNUTLS_HB_PEER_ALLOWED_TO_SEND
+  *
+  * This function will check whether heartbeats are allowed
+  * to be sent or received in this session. 
+  *
+  * Returns: Non zero if heartbeats are allowed.
+  *
+  * Since: 3.1.2
+  **/
+unsigned gnutls_heartbeat_allowed(gnutls_session_t session, unsigned int type)
+{
+	gnutls_ext_priv_data_t epriv;
+
+	if (session->internals.handshake_in_progress != 0)
+		return 0; /* not allowed */
+
+	if (_gnutls_hello_ext_get_priv
+	    (session, GNUTLS_EXTENSION_HEARTBEAT, &epriv) < 0)
+		return 0;	/* Not enabled */
+
+	if (type == GNUTLS_HB_LOCAL_ALLOWED_TO_SEND) {
+		if (((intptr_t)epriv) & LOCAL_ALLOWED_TO_SEND)
+			return 1;
+	} else if (((intptr_t)epriv) & GNUTLS_HB_PEER_ALLOWED_TO_SEND)
+		return 1;
+
+	return 0;
+}
+
+#define DEFAULT_PADDING_SIZE 16
+
+/*
+ * Sends heartbeat data.
+ */
+static int
+heartbeat_send_data(gnutls_session_t session, const void *data,
+		    size_t data_size, uint8_t type)
+{
+	int ret, pos;
+	uint8_t *response;
+
+	response = gnutls_malloc(1 + 2 + data_size + DEFAULT_PADDING_SIZE);
+	if (response == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	pos = 0;
+	response[pos++] = type;
+
+	_gnutls_write_uint16(data_size, &response[pos]);
+	pos += 2;
+
+	memcpy(&response[pos], data, data_size);
+	pos += data_size;
+
+	ret =
+	    gnutls_rnd(GNUTLS_RND_NONCE, &response[pos],
+		       DEFAULT_PADDING_SIZE);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	pos += DEFAULT_PADDING_SIZE;
+
+	ret =
+	    _gnutls_send_int(session, GNUTLS_HEARTBEAT, -1,
+			     EPOCH_WRITE_CURRENT, response, pos,
+			     MBUFFER_FLUSH);
+
+      cleanup:
+	gnutls_free(response);
+	return ret;
+}
+
+/**
+ * gnutls_heartbeat_ping:
+ * @session: is a #gnutls_session_t type.
+ * @data_size: is the length of the ping payload.
+ * @max_tries: if flags is %GNUTLS_HEARTBEAT_WAIT then this sets the number of retransmissions. Use zero for indefinite (until timeout).
+ * @flags: if %GNUTLS_HEARTBEAT_WAIT then wait for pong or timeout instead of returning immediately.
+ *
+ * This function sends a ping to the peer. If the @flags is set
+ * to %GNUTLS_HEARTBEAT_WAIT then it waits for a reply from the peer.
+ * 
+ * Note that it is highly recommended to use this function with the
+ * flag %GNUTLS_HEARTBEAT_WAIT, or you need to handle retransmissions
+ * and timeouts manually.
+ *
+ * The total TLS data transmitted as part of the ping message are given by
+ * the following formula: MAX(16, @data_size)+gnutls_record_overhead_size()+3.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.1.2
+ **/
+int
+gnutls_heartbeat_ping(gnutls_session_t session, size_t data_size,
+		      unsigned int max_tries, unsigned int flags)
+{
+	int ret;
+	unsigned int retries = 1, diff;
+	struct timespec now;
+
+	if (data_size > MAX_HEARTBEAT_LENGTH)
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	if (gnutls_heartbeat_allowed
+	    (session, GNUTLS_HB_LOCAL_ALLOWED_TO_SEND) == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	/* resume previous call if interrupted */
+	if (session->internals.record_send_buffer.byte_length > 0 &&
+	    session->internals.record_send_buffer.head != NULL &&
+	    session->internals.record_send_buffer.head->type ==
+	    GNUTLS_HEARTBEAT)
+		return _gnutls_io_write_flush(session);
+
+	switch (session->internals.hb_state) {
+	case SHB_SEND1:
+		if (data_size > DEFAULT_PADDING_SIZE)
+			data_size -= DEFAULT_PADDING_SIZE;
+		else
+			data_size = 0;
+
+		_gnutls_buffer_reset(&session->internals.hb_local_data);
+
+		ret =
+		    _gnutls_buffer_resize(&session->internals.
+					  hb_local_data, data_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    gnutls_rnd(GNUTLS_RND_NONCE,
+				session->internals.hb_local_data.data,
+				data_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		gnutls_gettime(&session->internals.hb_ping_start);
+		session->internals.hb_local_data.length = data_size;
+		session->internals.hb_state = SHB_SEND2;
+
+		FALLTHROUGH;
+	case SHB_SEND2:
+		session->internals.hb_actual_retrans_timeout_ms =
+		    session->internals.hb_retrans_timeout_ms;
+	      retry:
+		ret =
+		    heartbeat_send_data(session,
+					session->internals.hb_local_data.
+					data,
+					session->internals.hb_local_data.
+					length, HEARTBEAT_REQUEST);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		gnutls_gettime(&session->internals.hb_ping_sent);
+
+		if (!(flags & GNUTLS_HEARTBEAT_WAIT)) {
+			session->internals.hb_state = SHB_SEND1;
+			break;
+		}
+
+		session->internals.hb_state = SHB_RECV;
+		FALLTHROUGH;
+
+	case SHB_RECV:
+		ret =
+		    _gnutls_recv_int(session, GNUTLS_HEARTBEAT,
+				     NULL, 0, NULL,
+				     session->internals.
+				     hb_actual_retrans_timeout_ms);
+		if (ret == GNUTLS_E_HEARTBEAT_PONG_RECEIVED) {
+			session->internals.hb_state = SHB_SEND1;
+			break;
+		} else if (ret == GNUTLS_E_TIMEDOUT) {
+			retries++;
+			if (max_tries > 0 && retries > max_tries) {
+				session->internals.hb_state = SHB_SEND1;
+				return gnutls_assert_val(ret);
+			}
+
+			gnutls_gettime(&now);
+			diff =
+			    timespec_sub_ms(&now,
+					    &session->internals.
+					    hb_ping_start);
+			if (diff > session->internals.hb_total_timeout_ms) {
+				session->internals.hb_state = SHB_SEND1;
+				return
+				    gnutls_assert_val(GNUTLS_E_TIMEDOUT);
+			}
+
+			session->internals.hb_actual_retrans_timeout_ms *=
+			    2;
+			session->internals.hb_actual_retrans_timeout_ms %=
+			    MAX_DTLS_TIMEOUT;
+
+			session->internals.hb_state = SHB_SEND2;
+			goto retry;
+		} else if (ret < 0) {
+			session->internals.hb_state = SHB_SEND1;
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_heartbeat_pong:
+ * @session: is a #gnutls_session_t type.
+ * @flags: should be zero
+ *
+ * This function replies to a ping by sending a pong to the peer.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.1.2
+ **/
+int gnutls_heartbeat_pong(gnutls_session_t session, unsigned int flags)
+{
+	int ret;
+
+	if (session->internals.record_send_buffer.byte_length > 0 &&
+	    session->internals.record_send_buffer.head != NULL &&
+	    session->internals.record_send_buffer.head->type ==
+	    GNUTLS_HEARTBEAT)
+		return _gnutls_io_write_flush(session);
+
+	if (session->internals.hb_remote_data.length == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret =
+	    heartbeat_send_data(session,
+				session->internals.hb_remote_data.data,
+				session->internals.hb_remote_data.length,
+				HEARTBEAT_RESPONSE);
+
+	_gnutls_buffer_reset(&session->internals.hb_remote_data);
+
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+/*
+ * Processes a heartbeat message. 
+ */
+int _gnutls_heartbeat_handle(gnutls_session_t session, mbuffer_st * bufel)
+{
+	int ret;
+	unsigned type;
+	unsigned pos;
+	uint8_t *msg = _mbuffer_get_udata_ptr(bufel);
+	size_t hb_len, len = _mbuffer_get_udata_size(bufel);
+
+	if (gnutls_heartbeat_allowed
+	    (session, GNUTLS_HB_PEER_ALLOWED_TO_SEND) == 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+
+	if (len < 3 + DEFAULT_PADDING_SIZE)
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	pos = 0;
+	type = msg[pos++];
+
+	hb_len = _gnutls_read_uint16(&msg[pos]);
+	if (hb_len > len - 3 - DEFAULT_PADDING_SIZE)
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	pos += 2;
+
+	switch (type) {
+	case HEARTBEAT_REQUEST:
+		_gnutls_buffer_reset(&session->internals.hb_remote_data);
+
+		ret =
+		    _gnutls_buffer_resize(&session->internals.
+					  hb_remote_data, hb_len);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		if (hb_len > 0)
+			memcpy(session->internals.hb_remote_data.data,
+			       &msg[pos], hb_len);
+		session->internals.hb_remote_data.length = hb_len;
+
+		return gnutls_assert_val(GNUTLS_E_HEARTBEAT_PING_RECEIVED);
+
+	case HEARTBEAT_RESPONSE:
+
+		if (hb_len != session->internals.hb_local_data.length)
+			return
+			    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+
+		if (hb_len > 0 &&
+		    memcmp(&msg[pos],
+			   session->internals.hb_local_data.data,
+			   hb_len) != 0) {
+			if (IS_DTLS(session))
+				return gnutls_assert_val(GNUTLS_E_AGAIN);	/* ignore it */
+			else
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_UNEXPECTED_PACKET);
+		}
+
+		_gnutls_buffer_reset(&session->internals.hb_local_data);
+
+		return gnutls_assert_val(GNUTLS_E_HEARTBEAT_PONG_RECEIVED);
+	default:
+		_gnutls_record_log
+		    ("REC[%p]: HB: received unknown type %u\n", session,
+		     type);
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+	}
+}
+
+/**
+ * gnutls_heartbeat_get_timeout:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function will return the milliseconds remaining
+ * for a retransmission of the previously sent ping
+ * message. This function is useful when ping is used in
+ * non-blocking mode, to estimate when to call gnutls_heartbeat_ping()
+ * if no packets have been received.
+ *
+ * Returns: the remaining time in milliseconds.
+ *
+ * Since: 3.1.2
+ **/
+unsigned int gnutls_heartbeat_get_timeout(gnutls_session_t session)
+{
+	struct timespec now;
+	unsigned int diff;
+
+	gnutls_gettime(&now);
+	diff = timespec_sub_ms(&now, &session->internals.hb_ping_sent);
+	if (diff >= session->internals.hb_actual_retrans_timeout_ms)
+		return 0;
+	else
+		return session->internals.hb_actual_retrans_timeout_ms -
+		    diff;
+}
+
+/**
+ * gnutls_heartbeat_set_timeouts:
+ * @session: is a #gnutls_session_t type.
+ * @retrans_timeout: The time at which a retransmission will occur in milliseconds
+ * @total_timeout: The time at which the connection will be aborted, in milliseconds.
+ *
+ * This function will override the timeouts for the DTLS heartbeat
+ * protocol. The retransmission timeout is the time after which a
+ * message from the peer is not received, the previous request will
+ * be retransmitted. The total timeout is the time after which the
+ * handshake will be aborted with %GNUTLS_E_TIMEDOUT.
+ *
+ * Since: 3.1.2
+ **/
+void gnutls_heartbeat_set_timeouts(gnutls_session_t session,
+				   unsigned int retrans_timeout,
+				   unsigned int total_timeout)
+{
+	session->internals.hb_retrans_timeout_ms = retrans_timeout;
+	session->internals.hb_total_timeout_ms = total_timeout;
+}
+
+
+static int
+_gnutls_heartbeat_recv_params(gnutls_session_t session,
+			      const uint8_t * data, size_t _data_size)
+{
+	unsigned policy;
+	gnutls_ext_priv_data_t epriv;
+
+	if (_gnutls_hello_ext_get_priv
+	    (session, GNUTLS_EXTENSION_HEARTBEAT, &epriv) < 0) {
+		if (session->security_parameters.entity == GNUTLS_CLIENT)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+		return 0;	/* Not enabled */
+	}
+
+	if (_data_size == 0)
+		return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+
+	policy = (intptr_t)epriv;
+
+	if (data[0] == 1)
+		policy |= LOCAL_ALLOWED_TO_SEND;
+	else if (data[0] == 2)
+		policy |= LOCAL_NOT_ALLOWED_TO_SEND;
+	else
+		return
+		    gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	epriv = (void*)(intptr_t)policy;
+	_gnutls_hello_ext_set_priv(session, GNUTLS_EXTENSION_HEARTBEAT,
+				     epriv);
+
+	return 0;
+}
+
+static int
+_gnutls_heartbeat_send_params(gnutls_session_t session,
+			      gnutls_buffer_st * extdata)
+{
+	gnutls_ext_priv_data_t epriv;
+	uint8_t p;
+
+	if (_gnutls_hello_ext_get_priv
+	    (session, GNUTLS_EXTENSION_HEARTBEAT, &epriv) < 0)
+		return 0;	/* nothing to send - not enabled */
+
+	if (((intptr_t)epriv) & GNUTLS_HB_PEER_ALLOWED_TO_SEND)
+		p = 1;
+	else			/*if (epriv.num & GNUTLS_HB_PEER_NOT_ALLOWED_TO_SEND) */
+		p = 2;
+
+	if (_gnutls_buffer_append_data(extdata, &p, 1) < 0)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	return 1;
+}
+
+static int
+_gnutls_heartbeat_pack(gnutls_ext_priv_data_t epriv, gnutls_buffer_st * ps)
+{
+	int ret;
+
+	BUFFER_APPEND_NUM(ps, (intptr_t)epriv);
+
+	return 0;
+
+}
+
+static int
+_gnutls_heartbeat_unpack(gnutls_buffer_st * ps,
+			 gnutls_ext_priv_data_t * _priv)
+{
+	gnutls_ext_priv_data_t epriv;
+	int ret;
+
+	BUFFER_POP_CAST_NUM(ps, epriv);
+
+	*_priv = epriv;
+
+	ret = 0;
+      error:
+	return ret;
+}
+
+const hello_ext_entry_st ext_mod_heartbeat = {
+	.name = "Heartbeat",
+	.tls_id = 15,
+	.gid = GNUTLS_EXTENSION_HEARTBEAT,
+	.client_parse_point = GNUTLS_EXT_TLS,
+	.server_parse_point = GNUTLS_EXT_TLS,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		    GNUTLS_EXT_FLAG_EE | GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
+	.recv_func = _gnutls_heartbeat_recv_params,
+	.send_func = _gnutls_heartbeat_send_params,
+	.pack_func = _gnutls_heartbeat_pack,
+	.unpack_func = _gnutls_heartbeat_unpack,
+	.deinit_func = NULL,
+	.cannot_be_overriden = 1
+};
+
+#else
+void gnutls_heartbeat_enable(gnutls_session_t session, unsigned int type)
+{
+}
+
+unsigned gnutls_heartbeat_allowed(gnutls_session_t session, unsigned int type)
+{
+	return 0;
+}
+
+int
+gnutls_heartbeat_ping(gnutls_session_t session, size_t data_size,
+		      unsigned int max_tries, unsigned int flags)
+{
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+}
+
+int gnutls_heartbeat_pong(gnutls_session_t session, unsigned int flags)
+{
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+}
+
+unsigned int gnutls_heartbeat_get_timeout(gnutls_session_t session)
+{
+	return 0;
+}
+
+void gnutls_heartbeat_set_timeouts(gnutls_session_t session,
+				   unsigned int retrans_timeout,
+				   unsigned int total_timeout)
+{
+	return;
+}
+#endif
diff --git a/lib/ext/heartbeat.h b/lib/ext/heartbeat.h
new file mode 100644
index 0000000..1a21004
--- /dev/null
+++ b/lib/ext/heartbeat.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2012 Free Software Foundation, Inc.
+ * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_HEARTBEAT_H
+#define GNUTLS_LIB_EXT_HEARTBEAT_H
+
+#include <hello_ext.h>
+
+#define HEARTBEAT_REQUEST 1
+#define HEARTBEAT_RESPONSE 2
+
+#define MAX_HEARTBEAT_LENGTH DEFAULT_MAX_RECORD_SIZE
+
+#define LOCAL_ALLOWED_TO_SEND (1<<2)
+#define LOCAL_NOT_ALLOWED_TO_SEND (1<<3)
+
+#define HEARTBEAT_DEFAULT_POLICY PEER_NOT_ALLOWED_TO_SEND
+
+extern const hello_ext_entry_st ext_mod_heartbeat;
+
+int _gnutls_heartbeat_handle(gnutls_session_t session, mbuffer_st * bufel);
+int _gnutls_heartbeat_enabled(gnutls_session_t session, int local);
+
+#endif /* GNUTLS_LIB_EXT_HEARTBEAT_H */
diff --git a/lib/ext/key_share.c b/lib/ext/key_share.c
new file mode 100644
index 0000000..a4db3af
--- /dev/null
+++ b/lib/ext/key_share.c
@@ -0,0 +1,794 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the code the Key Share TLS 1.3 extension.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "num.h"
+#include "ext/supported_groups.h"
+#include <state.h>
+#include <num.h>
+#include <algorithms.h>
+#include "auth/psk.h"
+#include "auth/cert.h"
+#include "handshake.h"
+#include "../ecc.h"
+#include "../algorithms.h"
+#include "pk.h"
+
+static int key_share_recv_params(gnutls_session_t session,
+					     const uint8_t * data,
+					     size_t data_size);
+static int key_share_send_params(gnutls_session_t session,
+					     gnutls_buffer_st * extdata);
+
+const hello_ext_entry_st ext_mod_key_share = {
+	.name = "Key Share",
+	.tls_id = 51,
+	.gid = GNUTLS_EXTENSION_KEY_SHARE,
+	.client_parse_point = _GNUTLS_EXT_TLS_POST_CS,
+	.server_parse_point = _GNUTLS_EXT_TLS_POST_CS,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_CLIENT_HELLO | GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO |
+		    GNUTLS_EXT_FLAG_HRR,
+	.recv_func = key_share_recv_params,
+	.send_func = key_share_send_params,
+	.pack_func = NULL,
+	.unpack_func = NULL,
+	.deinit_func = NULL,
+	.cannot_be_overriden = 1
+};
+
+/*
+ * Generates key exchange parameters, and stores them in
+ * session->key.kshare_*_params.
+ *
+ * struct {
+ *     NamedGroup group;
+ *     opaque key_exchange<1..2^16-1>;
+ * } KeyShareEntry;
+ *
+ */
+static int client_gen_key_share(gnutls_session_t session, const gnutls_group_entry_st *group, gnutls_buffer_st *extdata)
+{
+	gnutls_datum_t tmp = {NULL, 0};
+	int ret;
+
+	if (group->pk != GNUTLS_PK_EC && group->pk != GNUTLS_PK_ECDH_X25519 &&
+	    group->pk != GNUTLS_PK_ECDH_X448 &&
+	    group->pk != GNUTLS_PK_DH) {
+		_gnutls_debug_log("Cannot send key share for group %s!\n", group->name);
+		return GNUTLS_E_INT_RET_0;
+	}
+
+	_gnutls_handshake_log("EXT[%p]: sending key share for %s\n", session, group->name);
+
+	ret =
+	    _gnutls_buffer_append_prefix(extdata, 16, group->tls_id);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (group->pk == GNUTLS_PK_EC) {
+		gnutls_pk_params_release(&session->key.kshare.ecdh_params);
+		gnutls_pk_params_init(&session->key.kshare.ecdh_params);
+
+		ret = _gnutls_pk_generate_keys(group->pk, group->curve,
+						&session->key.kshare.ecdh_params, 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_ecc_ansi_x962_export(group->curve,
+				session->key.kshare.ecdh_params.params[ECC_X],
+				session->key.kshare.ecdh_params.params[ECC_Y],
+				&tmp);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    _gnutls_buffer_append_data_prefix(extdata, 16, tmp.data, tmp.size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		session->key.kshare.ecdh_params.algo = group->pk;
+		session->key.kshare.ecdh_params.curve = group->curve;
+
+		ret = 0;
+
+	} else if (group->pk == GNUTLS_PK_ECDH_X25519 ||
+		   group->pk == GNUTLS_PK_ECDH_X448) {
+		gnutls_pk_params_release(&session->key.kshare.ecdhx_params);
+		gnutls_pk_params_init(&session->key.kshare.ecdhx_params);
+
+		ret = _gnutls_pk_generate_keys(group->pk, group->curve,
+						&session->key.kshare.ecdhx_params, 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    _gnutls_buffer_append_data_prefix(extdata, 16,
+				session->key.kshare.ecdhx_params.raw_pub.data,
+				session->key.kshare.ecdhx_params.raw_pub.size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		session->key.kshare.ecdhx_params.algo = group->pk;
+		session->key.kshare.ecdhx_params.curve = group->curve;
+
+		ret = 0;
+
+	} else if (group->pk == GNUTLS_PK_DH) {
+		/* we need to initialize the group parameters first */
+		gnutls_pk_params_release(&session->key.kshare.dh_params);
+		gnutls_pk_params_init(&session->key.kshare.dh_params);
+
+		ret = _gnutls_mpi_init_scan_nz(&session->key.kshare.dh_params.params[DH_G],
+			group->generator->data, group->generator->size);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		ret = _gnutls_mpi_init_scan_nz(&session->key.kshare.dh_params.params[DH_P],
+			group->prime->data, group->prime->size);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		ret = _gnutls_mpi_init_scan_nz(&session->key.kshare.dh_params.params[DH_Q],
+			group->q->data, group->q->size);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		session->key.kshare.dh_params.algo = group->pk;
+		session->key.kshare.dh_params.dh_group = group->id; /* no curve in FFDH, we write the group */
+		session->key.kshare.dh_params.qbits = *group->q_bits;
+		session->key.kshare.dh_params.params_nr = 3;
+
+		ret = _gnutls_pk_generate_keys(group->pk, 0, &session->key.kshare.dh_params, 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    _gnutls_buffer_append_prefix(extdata, 16, group->prime->size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_buffer_append_fixed_mpi(extdata, session->key.kshare.dh_params.params[DH_Y],
+				group->prime->size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = 0;
+	}
+
+ cleanup:
+	gnutls_free(tmp.data);
+	return ret;
+}
+
+/*
+ * Sends server key exchange parameters
+ *
+ */
+static int server_gen_key_share(gnutls_session_t session, const gnutls_group_entry_st *group, gnutls_buffer_st *extdata)
+{
+	gnutls_datum_t tmp = {NULL, 0};
+	int ret;
+
+	if (group->pk != GNUTLS_PK_EC && group->pk != GNUTLS_PK_ECDH_X25519 &&
+	    group->pk != GNUTLS_PK_ECDH_X448 &&
+	    group->pk != GNUTLS_PK_DH) {
+		_gnutls_debug_log("Cannot send key share for group %s!\n", group->name);
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+
+	_gnutls_handshake_log("EXT[%p]: sending key share for %s\n", session, group->name);
+
+	ret =
+	    _gnutls_buffer_append_prefix(extdata, 16, group->tls_id);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (group->pk == GNUTLS_PK_EC) {
+		ret = _gnutls_ecc_ansi_x962_export(group->curve,
+				session->key.kshare.ecdh_params.params[ECC_X],
+				session->key.kshare.ecdh_params.params[ECC_Y],
+				&tmp);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    _gnutls_buffer_append_data_prefix(extdata, 16, tmp.data, tmp.size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = 0;
+
+	} else if (group->pk == GNUTLS_PK_ECDH_X25519 ||
+		   group->pk == GNUTLS_PK_ECDH_X448) {
+		ret =
+		    _gnutls_buffer_append_data_prefix(extdata, 16,
+				session->key.kshare.ecdhx_params.raw_pub.data,
+				session->key.kshare.ecdhx_params.raw_pub.size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = 0;
+
+	} else if (group->pk == GNUTLS_PK_DH) {
+		ret =
+		    _gnutls_buffer_append_prefix(extdata, 16, group->prime->size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_buffer_append_fixed_mpi(extdata, session->key.kshare.dh_params.params[DH_Y],
+				group->prime->size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = 0;
+	}
+
+ cleanup:
+	gnutls_free(tmp.data);
+	return ret;
+}
+
+/* Generates shared key and stores it in session->key.key
+ */
+static int
+server_use_key_share(gnutls_session_t session, const gnutls_group_entry_st *group,
+		     const uint8_t * data, size_t data_size)
+{
+	const gnutls_ecc_curve_entry_st *curve;
+	int ret;
+
+	if (group->pk == GNUTLS_PK_EC) {
+		gnutls_pk_params_st pub;
+
+		gnutls_pk_params_release(&session->key.kshare.ecdh_params);
+		gnutls_pk_params_init(&session->key.kshare.ecdh_params);
+
+		curve = _gnutls_ecc_curve_get_params(group->curve);
+
+		gnutls_pk_params_init(&pub);
+
+		if (curve->size*2+1 != data_size)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		/* generate our key */
+		ret = _gnutls_pk_generate_keys(curve->pk, curve->id, &session->key.kshare.ecdh_params, 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		/* read the public key */
+		ret = _gnutls_ecc_ansi_x962_import(data, data_size,
+						   &pub.params[ECC_X],
+						   &pub.params[ECC_Y]);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		pub.algo = group->pk;
+		pub.curve = curve->id;
+		pub.params_nr = 2;
+
+		/* generate shared */
+		ret = _gnutls_pk_derive_tls13(curve->pk, &session->key.key, &session->key.kshare.ecdh_params, &pub);
+		gnutls_pk_params_release(&pub);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		ret = 0;
+
+	} else if (group->pk == GNUTLS_PK_ECDH_X25519 ||
+		   group->pk == GNUTLS_PK_ECDH_X448) {
+		gnutls_pk_params_st pub;
+
+		gnutls_pk_params_release(&session->key.kshare.ecdhx_params);
+		gnutls_pk_params_init(&session->key.kshare.ecdhx_params);
+
+		curve = _gnutls_ecc_curve_get_params(group->curve);
+
+		if (curve->size != data_size)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		/* generate our key */
+		ret = _gnutls_pk_generate_keys(curve->pk, curve->id, &session->key.kshare.ecdhx_params, 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		/* read the public key and generate shared */
+		gnutls_pk_params_init(&pub);
+
+		pub.algo = group->pk;
+		pub.curve = curve->id;
+
+		pub.raw_pub.data = (void*)data;
+		pub.raw_pub.size = data_size;
+
+		/* We don't mask the MSB in the final byte as required
+		 * by RFC7748. This will be done internally by nettle 3.3 or later.
+		 */
+		ret = _gnutls_pk_derive_tls13(curve->pk, &session->key.key, &session->key.kshare.ecdhx_params, &pub);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		ret = 0;
+
+	} else if (group->pk == GNUTLS_PK_DH) {
+		gnutls_pk_params_st pub;
+
+		/* we need to initialize the group parameters first */
+		gnutls_pk_params_release(&session->key.kshare.dh_params);
+		gnutls_pk_params_init(&session->key.kshare.dh_params);
+
+		if (data_size != group->prime->size)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		/* set group params */
+		ret = _gnutls_mpi_init_scan_nz(&session->key.kshare.dh_params.params[DH_G],
+			group->generator->data, group->generator->size);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		ret = _gnutls_mpi_init_scan_nz(&session->key.kshare.dh_params.params[DH_P],
+			group->prime->data, group->prime->size);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		ret = _gnutls_mpi_init_scan_nz(&session->key.kshare.dh_params.params[DH_Q],
+			group->q->data, group->q->size);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		session->key.kshare.dh_params.algo = GNUTLS_PK_DH;
+		session->key.kshare.dh_params.qbits = *group->q_bits;
+		session->key.kshare.dh_params.params_nr = 3;
+
+		/* generate our keys */
+		ret = _gnutls_pk_generate_keys(group->pk, 0, &session->key.kshare.dh_params, 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		/* read the public key and generate shared */
+		gnutls_pk_params_init(&pub);
+
+		ret = _gnutls_mpi_init_scan_nz(&pub.params[DH_Y],
+			data, data_size);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		pub.algo = group->pk;
+
+		/* generate shared key */
+		ret = _gnutls_pk_derive_tls13(GNUTLS_PK_DH, &session->key.key, &session->key.kshare.dh_params, &pub);
+		_gnutls_mpi_release(&pub.params[DH_Y]);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = 0;
+	} else {
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	_gnutls_debug_log("EXT[%p]: server generated %s shared key\n", session, group->name);
+
+	return ret;
+}
+
+/* Generates shared key and stores it in session->key.key
+ */
+static int
+client_use_key_share(gnutls_session_t session, const gnutls_group_entry_st *group,
+		     const uint8_t * data, size_t data_size)
+{
+	const gnutls_ecc_curve_entry_st *curve;
+	int ret;
+
+	if (group->pk == GNUTLS_PK_EC) {
+		gnutls_pk_params_st pub;
+
+		curve = _gnutls_ecc_curve_get_params(group->curve);
+
+		gnutls_pk_params_init(&pub);
+
+		if (session->key.kshare.ecdh_params.algo != group->pk || session->key.kshare.ecdh_params.curve != curve->id)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		if (curve->size*2+1 != data_size)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		/* read the server's public key */
+		ret = _gnutls_ecc_ansi_x962_import(data, data_size,
+						   &pub.params[ECC_X],
+						   &pub.params[ECC_Y]);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		pub.algo = group->pk;
+		pub.curve = curve->id;
+		pub.params_nr = 2;
+
+		/* generate shared key */
+		ret = _gnutls_pk_derive_tls13(curve->pk, &session->key.key, &session->key.kshare.ecdh_params, &pub);
+		gnutls_pk_params_release(&pub);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		ret = 0;
+
+	} else if (group->pk == GNUTLS_PK_ECDH_X25519 ||
+		   group->pk == GNUTLS_PK_ECDH_X448) {
+		gnutls_pk_params_st pub;
+
+		curve = _gnutls_ecc_curve_get_params(group->curve);
+
+		if (session->key.kshare.ecdhx_params.algo != group->pk || session->key.kshare.ecdhx_params.curve != curve->id)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		if (curve->size != data_size)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		/* read the public key and generate shared */
+		gnutls_pk_params_init(&pub);
+
+		pub.algo = group->pk;
+		pub.curve = curve->id;
+
+		pub.raw_pub.data = (void*)data;
+		pub.raw_pub.size = data_size;
+
+		/* We don't mask the MSB in the final byte as required
+		 * by RFC7748. This will be done internally by nettle 3.3 or later.
+		 */
+		ret = _gnutls_pk_derive_tls13(curve->pk, &session->key.key, &session->key.kshare.ecdhx_params, &pub);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		ret = 0;
+
+	} else if (group->pk == GNUTLS_PK_DH) {
+		gnutls_pk_params_st pub;
+
+		if (session->key.kshare.dh_params.algo != group->pk || session->key.kshare.dh_params.dh_group != group->id)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		if (data_size != group->prime->size)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		/* read the public key and generate shared */
+		gnutls_pk_params_init(&pub);
+
+		ret = _gnutls_mpi_init_scan_nz(&pub.params[DH_Y],
+			data, data_size);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		pub.algo = group->pk;
+
+		/* generate shared key */
+		ret = _gnutls_pk_derive_tls13(GNUTLS_PK_DH, &session->key.key, &session->key.kshare.dh_params, &pub);
+		_gnutls_mpi_release(&pub.params[DH_Y]);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = 0;
+	} else {
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	_gnutls_debug_log("EXT[%p]: client generated %s shared key\n", session, group->name);
+
+	return ret;
+}
+
+static int
+key_share_recv_params(gnutls_session_t session,
+		      const uint8_t * data, size_t data_size)
+{
+	int ret;
+	size_t size;
+	unsigned gid;
+	const version_entry_st *ver;
+	const gnutls_group_entry_st *group;
+	unsigned used_share = 0;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		ver = get_version(session);
+		if (ver == NULL || ver->key_shares == 0)
+			return gnutls_assert_val(0);
+
+		DECR_LEN(data_size, 2);
+		size = _gnutls_read_uint16(data);
+		data += 2;
+
+		if (data_size != size)
+			return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+		/* if we do PSK without DH ignore that share */
+		if ((session->internals.hsk_flags & HSK_PSK_SELECTED) &&
+		    (session->internals.hsk_flags & HSK_PSK_KE_MODE_PSK)) {
+			reset_cand_groups(session);
+			return 0;
+		}
+
+		while(data_size > 0) {
+			DECR_LEN(data_size, 2);
+			gid = _gnutls_read_uint16(data);
+			data += 2;
+
+			DECR_LEN(data_size, 2);
+			size = _gnutls_read_uint16(data);
+			data += 2;
+
+			DECR_LEN(data_size, size);
+
+			/* at this point we have already negotiated a group;
+			 * find the group's share. */
+			group = _gnutls_tls_id_to_group(gid);
+
+			if (group != NULL)
+				_gnutls_handshake_log("EXT[%p]: Received key share for %s\n", session, group->name);
+
+			if (group != NULL && group == session->internals.cand_group) {
+				_gnutls_session_group_set(session, group);
+
+				ret = server_use_key_share(session, group, data, size);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+
+				used_share = 1;
+				break;
+
+			}
+
+			data += size;
+			continue;
+		}
+
+		/* we utilize GNUTLS_E_NO_COMMON_KEY_SHARE for:
+		 * 1. signal for hello-retry-request in the handshake
+		 *    layer during first client hello parsing (server side - here).
+		 *    This does not result to error code being
+		 *    propagated to app layer.
+		 * 2. Propagate to application error code that no
+		 *    common key share was found after an HRR was
+		 *    received (client side)
+		 * 3. Propagate to application error code that no
+		 *    common key share was found after an HRR was
+		 *    sent (server side).
+		 * In cases (2,3) the error is translated to illegal
+		 * parameter alert.
+		 */
+		if (used_share == 0) {
+			return gnutls_assert_val(GNUTLS_E_NO_COMMON_KEY_SHARE);
+		}
+
+		session->internals.hsk_flags |= HSK_KEY_SHARE_RECEIVED;
+	} else { /* Client */
+		ver = get_version(session);
+		if (unlikely(ver == NULL || ver->key_shares == 0))
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		if (_gnutls_ext_get_msg(session) == GNUTLS_EXT_FLAG_HRR) {
+			if (unlikely(!(session->internals.hsk_flags & HSK_HRR_RECEIVED)))
+				return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+			DECR_LEN(data_size, 2);
+			gid = _gnutls_read_uint16(data);
+
+			group = _gnutls_tls_id_to_group(gid);
+			if (group == NULL)
+				return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+			_gnutls_handshake_log("EXT[%p]: HRR key share with %s\n", session, group->name);
+
+			/* check if we support it */
+			ret = _gnutls_session_supports_group(session, group->id);
+			if (ret < 0) {
+				_gnutls_handshake_log("EXT[%p]: received share for %s which is disabled\n", session, group->name);
+				return gnutls_assert_val(ret);
+			}
+
+			_gnutls_session_group_set(session, group);
+
+			return 0;
+		}
+		/* else */
+
+		DECR_LEN(data_size, 2);
+		gid = _gnutls_read_uint16(data);
+		data += 2;
+
+		DECR_LEN(data_size, 2);
+		size = _gnutls_read_uint16(data);
+		data+=2;
+
+		if (data_size != size)
+			return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+		group = _gnutls_tls_id_to_group(gid);
+		if (group == NULL)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		/* check if we support it */
+		ret = _gnutls_session_supports_group(session, group->id);
+		if (ret < 0) {
+			_gnutls_handshake_log("EXT[%p]: received share for %s which is disabled\n", session, group->name);
+			return gnutls_assert_val(ret);
+		}
+
+		_gnutls_session_group_set(session, group);
+		session->internals.hsk_flags |= HSK_KEY_SHARE_RECEIVED;
+
+		ret = client_use_key_share(session, group, data, size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+static inline bool
+pk_type_is_ecdhx(gnutls_pk_algorithm_t pk)
+{
+	return pk == GNUTLS_PK_ECDH_X25519 || pk == GNUTLS_PK_ECDH_X448;
+}
+
+static inline bool
+pk_type_equal(gnutls_pk_algorithm_t a, gnutls_pk_algorithm_t b)
+{
+	return a == b || (pk_type_is_ecdhx(a) && pk_type_is_ecdhx(b));
+}
+
+/* returns data_size or a negative number on failure
+ */
+static int
+key_share_send_params(gnutls_session_t session,
+		      gnutls_buffer_st * extdata)
+{
+	unsigned i;
+	int ret;
+	unsigned int generated = 0;
+	const gnutls_group_entry_st *group;
+	const version_entry_st *ver;
+
+	/* this extension is only being sent on client side */
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		unsigned int length_pos;
+
+		ver = _gnutls_version_max(session);
+		if (unlikely(ver == NULL || ver->key_shares == 0))
+			return 0;
+
+		if (!have_creds_for_tls13(session))
+			return 0;
+
+		length_pos = extdata->length;
+
+		ret =
+		    _gnutls_buffer_append_prefix(extdata, 16, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		if (session->internals.hsk_flags & HSK_HRR_RECEIVED) { /* we know the group */
+			group = get_group(session);
+			if (unlikely(group == NULL))
+				return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+			ret = client_gen_key_share(session, group, extdata);
+			if (ret == GNUTLS_E_INT_RET_0)
+				return gnutls_assert_val(GNUTLS_E_NO_COMMON_KEY_SHARE);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		} else {
+			gnutls_pk_algorithm_t selected_groups[3];
+			unsigned max_groups = 2; /* GNUTLS_KEY_SHARE_TOP2 */
+
+			if (session->internals.flags & GNUTLS_KEY_SHARE_TOP)
+				max_groups = 1;
+			else if (session->internals.flags & GNUTLS_KEY_SHARE_TOP3)
+				max_groups = 3;
+
+			assert(max_groups <= sizeof(selected_groups)/sizeof(selected_groups[0]));
+
+			/* generate key shares for out top-(max_groups) groups
+			 * if they are of different PK type. */
+			for (i = 0; i < session->internals.priorities->groups.size; i++) {
+				unsigned int j;
+
+				group = session->internals.priorities->groups.entry[i];
+
+				for (j = 0; j < generated; j++) {
+					if (pk_type_equal(group->pk, selected_groups[j])) {
+						break;
+					}
+				}
+				if (j < generated) {
+					continue;
+				}
+
+				selected_groups[generated] = group->pk;
+
+				ret = client_gen_key_share(session, group, extdata);
+				if (ret == GNUTLS_E_INT_RET_0)
+					continue; /* no key share for this algorithm */
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+
+				generated++;
+
+				if (generated >= max_groups)
+					break;
+			}
+		}
+
+		/* copy actual length */
+		_gnutls_write_uint16(extdata->length - length_pos - 2,
+				     &extdata->data[length_pos]);
+
+	} else { /* server */
+		ver = get_version(session);
+		if (unlikely(ver == NULL || ver->key_shares == 0))
+			return gnutls_assert_val(0);
+
+		if (_gnutls_ext_get_msg(session) == GNUTLS_EXT_FLAG_HRR) {
+			group = session->internals.cand_group;
+
+			if (group == NULL)
+				return gnutls_assert_val(GNUTLS_E_NO_COMMON_KEY_SHARE);
+
+			_gnutls_session_group_set(session, group);
+
+			_gnutls_handshake_log("EXT[%p]: requesting retry with group %s\n", session, group->name);
+			ret =
+			    _gnutls_buffer_append_prefix(extdata, 16, group->tls_id);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		} else {
+			/* if we are negotiating PSK without DH, do not send a key share */
+			if ((session->internals.hsk_flags & HSK_PSK_SELECTED) &&
+			    (session->internals.hsk_flags & HSK_PSK_KE_MODE_PSK))
+				return gnutls_assert_val(0);
+
+			group = get_group(session);
+			if (unlikely(group == NULL))
+				return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+			ret = server_gen_key_share(session, group, extdata);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+
+		session->internals.hsk_flags |= HSK_KEY_SHARE_SENT;
+	}
+
+	return 0;
+}
diff --git a/lib/ext/key_share.h b/lib/ext/key_share.h
new file mode 100644
index 0000000..ed9aa16
--- /dev/null
+++ b/lib/ext/key_share.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_KEY_SHARE_H
+#define GNUTLS_LIB_EXT_KEY_SHARE_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_key_share;
+
+#endif /* GNUTLS_LIB_EXT_KEY_SHARE_H */
diff --git a/lib/ext/max_record.c b/lib/ext/max_record.c
new file mode 100644
index 0000000..87302cb
--- /dev/null
+++ b/lib/ext/max_record.c
@@ -0,0 +1,317 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the code for the Max Record Size TLS extension.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "num.h"
+#include <hello_ext.h>
+#include <ext/max_record.h>
+
+static int _gnutls_max_record_recv_params(gnutls_session_t session,
+					  const uint8_t * data,
+					  size_t data_size);
+static int _gnutls_max_record_send_params(gnutls_session_t session,
+					  gnutls_buffer_st * extdata);
+
+/* Maps record size to numbers according to the
+ * extensions draft.
+ */
+static int _gnutls_mre_num2record(int num);
+static int _gnutls_mre_record2num(uint16_t record_size);
+
+
+const hello_ext_entry_st ext_mod_max_record_size = {
+	.name = "Maximum Record Size",
+	.tls_id = 1,
+	.gid = GNUTLS_EXTENSION_MAX_RECORD_SIZE,
+	.client_parse_point = GNUTLS_EXT_TLS,
+	.server_parse_point = GNUTLS_EXT_TLS,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		    GNUTLS_EXT_FLAG_EE | GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
+	.recv_func = _gnutls_max_record_recv_params,
+	.send_func = _gnutls_max_record_send_params
+};
+
+/* 
+ * In case of a server: if a MAX_RECORD_SIZE extension type is received then it stores
+ * into the session the new value. The server may use gnutls_get_max_record_size(),
+ * in order to access it.
+ *
+ * In case of a client: If a different max record size (than the default) has
+ * been specified then it sends the extension.
+ *
+ */
+
+static int
+_gnutls_max_record_recv_params(gnutls_session_t session,
+			       const uint8_t * data, size_t data_size)
+{
+	ssize_t new_size;
+
+	if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_NEGOTIATED)
+		return 0;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		if (data_size > 0) {
+			DECR_LEN(data_size, 1);
+
+			new_size = _gnutls_mre_num2record(data[0]);
+
+			if (new_size < 0) {
+				gnutls_assert();
+				return new_size;
+			}
+
+			session->security_parameters.max_record_send_size =
+			    new_size;
+			session->security_parameters.max_record_recv_size =
+			    new_size;
+		}
+	} else {		/* CLIENT SIDE - we must check if the sent record size is the right one 
+				 */
+		if (data_size > 0) {
+			if (data_size != 1) {
+				gnutls_assert();
+				return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+			}
+
+			new_size = _gnutls_mre_num2record(data[0]);
+
+			if (new_size < 0) {
+				gnutls_assert();
+				return new_size;
+			}
+
+			if (new_size != session->security_parameters.
+			    max_user_record_send_size) {
+				gnutls_assert();
+				return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+			} else {
+				session->security_parameters.
+				    max_record_send_size = new_size;
+				session->security_parameters.
+				    max_record_recv_size = new_size;
+			}
+
+		}
+
+
+	}
+
+	return 0;
+}
+
+/* returns data_size or a negative number on failure
+ */
+static int
+_gnutls_max_record_send_params(gnutls_session_t session,
+			       gnutls_buffer_st * extdata)
+{
+	uint8_t p;
+	int ret;
+
+	/* this function sends the client extension data (dnsname) */
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		/* if the user limits for sending and receiving are
+		 * different, that means the programmer had chosen to
+		 * use record_size_limit instead */
+		if (session->security_parameters.max_user_record_send_size !=
+		    session->security_parameters.max_user_record_recv_size)
+			return 0;
+
+		if (session->security_parameters.max_user_record_send_size !=
+		    DEFAULT_MAX_RECORD_SIZE) {
+			ret = _gnutls_mre_record2num
+			      (session->security_parameters.
+			       max_user_record_send_size);
+
+			/* it's not an error, as long as we send the
+			 * record_size_limit extension with that value */
+			if (ret < 0)
+				return 0;
+
+			p = (uint8_t) ret;
+			ret = _gnutls_buffer_append_data(extdata, &p, 1);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			return 1;
+		}
+
+	} else {		/* server side */
+
+		if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_SENT)
+			return 0;
+
+		if (session->security_parameters.max_record_recv_size !=
+		    DEFAULT_MAX_RECORD_SIZE) {
+			ret = _gnutls_mre_record2num
+			      (session->security_parameters.
+			       max_record_recv_size);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			p = (uint8_t) ret;
+			ret = _gnutls_buffer_append_data(extdata, &p, 1);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			return 1;
+		}
+	}
+
+	return 0;
+}
+
+
+/* Maps numbers to record sizes according to the
+ * extensions draft.
+ */
+static int _gnutls_mre_num2record(int num)
+{
+	switch (num) {
+	case 1:
+		return 512;
+	case 2:
+		return 1024;
+	case 3:
+		return 2048;
+	case 4:
+		return 4096;
+	default:
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+}
+
+/* Maps record size to numbers according to the
+ * extensions draft.
+ */
+static int _gnutls_mre_record2num(uint16_t record_size)
+{
+	switch (record_size) {
+	case 512:
+		return 1;
+	case 1024:
+		return 2;
+	case 2048:
+		return 3;
+	case 4096:
+		return 4;
+	default:
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+
+}
+
+/**
+ * gnutls_record_get_max_size:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get the record size.  The maximum record size is negotiated by the
+ * client after the first handshake message.
+ *
+ * Returns: The maximum record packet size in this connection.
+ **/
+size_t gnutls_record_get_max_size(gnutls_session_t session)
+{
+	/* Recv will hold the negotiated max record size
+	 * always.
+	 */
+	return session->security_parameters.max_record_recv_size;
+}
+
+
+/**
+ * gnutls_record_set_max_size:
+ * @session: is a #gnutls_session_t type.
+ * @size: is the new size
+ *
+ * This function sets the maximum amount of plaintext sent and
+ * received in a record in this connection.
+ *
+ * Prior to 3.6.4, this function was implemented using a TLS extension
+ * called 'max fragment length', which limits the acceptable values to
+ * 512(=2^9), 1024(=2^10), 2048(=2^11) and 4096(=2^12).
+ *
+ * Since 3.6.4, the limit is also negotiated through a new TLS
+ * extension called 'record size limit', which doesn't have the
+ * limitation, as long as the value ranges between 512 and 16384.
+ * Note that while the 'record size limit' extension is preferred, not
+ * all TLS implementations use or even understand the extension.
+ *
+ * Deprecated: if the client can assume that the 'record size limit'
+ * extension is supported by the server, we recommend using
+ * gnutls_record_set_max_recv_size() instead.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+ssize_t gnutls_record_set_max_size(gnutls_session_t session, size_t size)
+{
+	if (size < MIN_RECORD_SIZE || size > DEFAULT_MAX_RECORD_SIZE)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	if (session->internals.handshake_in_progress)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	session->security_parameters.max_user_record_send_size = size;
+	session->security_parameters.max_user_record_recv_size = size;
+
+	return 0;
+}
+
+/**
+ * gnutls_record_set_max_recv_size:
+ * @session: is a #gnutls_session_t type.
+ * @size: is the new size
+ *
+ * This function sets the maximum amount of plaintext received in a
+ * record in this connection.
+ *
+ * The limit is also negotiated through a TLS extension called 'record
+ * size limit'.  Note that while the 'record size limit' extension is
+ * preferred, not all TLS implementations use or even understand the
+ * extension.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since: 3.6.8
+ **/
+ssize_t gnutls_record_set_max_recv_size(gnutls_session_t session, size_t size)
+{
+	if (size <
+	    (session->internals.allow_small_records ?
+	     MIN_RECORD_SIZE_SMALL : MIN_RECORD_SIZE) ||
+	    size > DEFAULT_MAX_RECORD_SIZE)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	if (session->internals.handshake_in_progress)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	session->security_parameters.max_user_record_recv_size = size;
+
+	return 0;
+}
diff --git a/lib/ext/max_record.h b/lib/ext/max_record.h
new file mode 100644
index 0000000..758c8e1
--- /dev/null
+++ b/lib/ext/max_record.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_MAX_RECORD_H
+#define GNUTLS_LIB_EXT_MAX_RECORD_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_max_record_size;
+
+#endif /* GNUTLS_LIB_EXT_MAX_RECORD_H */
diff --git a/lib/ext/post_handshake.c b/lib/ext/post_handshake.c
new file mode 100644
index 0000000..27fe1e7
--- /dev/null
+++ b/lib/ext/post_handshake.c
@@ -0,0 +1,101 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the code for the Post-Handshake TLS 1.3 extension.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "num.h"
+#include <hello_ext.h>
+#include <ext/post_handshake.h>
+#include "auth/cert.h"
+
+static int _gnutls_post_handshake_recv_params(gnutls_session_t session,
+					  const uint8_t * data,
+					  size_t data_size);
+static int _gnutls_post_handshake_send_params(gnutls_session_t session,
+					  gnutls_buffer_st * extdata);
+
+const hello_ext_entry_st ext_mod_post_handshake = {
+	.name = "Post Handshake Auth",
+	.tls_id = 49,
+	.gid = GNUTLS_EXTENSION_POST_HANDSHAKE,
+	.client_parse_point = GNUTLS_EXT_TLS,
+	.server_parse_point = GNUTLS_EXT_TLS,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_CLIENT_HELLO,
+	.recv_func = _gnutls_post_handshake_recv_params,
+	.send_func = _gnutls_post_handshake_send_params,
+	.pack_func = NULL,
+	.unpack_func = NULL,
+	.deinit_func = NULL,
+	.cannot_be_overriden = 1
+};
+
+static int
+_gnutls_post_handshake_recv_params(gnutls_session_t session,
+			       const uint8_t * data, size_t _data_size)
+{
+	const version_entry_st *vers;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		vers = get_version(session);
+		if (unlikely(vers == NULL))
+			return 0;
+
+		if ((session->internals.flags & GNUTLS_POST_HANDSHAKE_AUTH) &&
+		    vers->post_handshake_auth)
+			session->security_parameters.post_handshake_auth = 1;
+	}
+
+	return 0;
+}
+
+/* returns data_size or a negative number on failure
+ */
+static int
+_gnutls_post_handshake_send_params(gnutls_session_t session,
+			       gnutls_buffer_st * extdata)
+{
+	gnutls_certificate_credentials_t cred;
+	const version_entry_st *max;
+
+	if (session->security_parameters.entity != GNUTLS_CLIENT ||
+	    !(session->internals.flags & GNUTLS_POST_HANDSHAKE_AUTH)) {
+		/* not sent on server side */
+		return 0;
+	}
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL)	/* no certificate authentication */
+		return gnutls_assert_val(0);
+
+	max = _gnutls_version_max(session);
+	if (unlikely(max == NULL))
+		return gnutls_assert_val(0);
+
+	if (max->post_handshake_auth)
+		return GNUTLS_E_INT_RET_0;
+	else
+		return 0;
+}
diff --git a/lib/ext/post_handshake.h b/lib/ext/post_handshake.h
new file mode 100644
index 0000000..7a1cc7a
--- /dev/null
+++ b/lib/ext/post_handshake.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_POST_HANDSHAKE_H
+#define GNUTLS_LIB_EXT_POST_HANDSHAKE_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_post_handshake;
+
+#endif /* GNUTLS_LIB_EXT_POST_HANDSHAKE_H */
diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c
new file mode 100644
index 0000000..8dff2b4
--- /dev/null
+++ b/lib/ext/pre_shared_key.c
@@ -0,0 +1,911 @@
+/*
+ * Copyright (C) 2017-2018 Free Software Foundation, Inc.
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Ander Juaristi, Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "auth/psk.h"
+#include "handshake.h"
+#include "kx.h"
+#include "secrets.h"
+#include "tls13/anti_replay.h"
+#include "tls13/psk_ext_parser.h"
+#include "tls13/finished.h"
+#include "tls13/session_ticket.h"
+#include "auth/psk_passwd.h"
+#include <ext/session_ticket.h>
+#include <ext/pre_shared_key.h>
+#include <assert.h>
+
+static int
+compute_psk_from_ticket(const tls13_ticket_st *ticket, gnutls_datum_t *key)
+{
+	int ret;
+
+	if (unlikely(ticket->prf == NULL || ticket->prf->output_size == 0))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	key->data = gnutls_malloc(ticket->prf->output_size);
+	if (!key->data) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+	key->size = ticket->prf->output_size;
+
+	ret = _tls13_expand_secret2(ticket->prf,
+				    RESUMPTION_LABEL, sizeof(RESUMPTION_LABEL)-1,
+				    ticket->nonce, ticket->nonce_size,
+				    ticket->resumption_master_secret,
+				    key->size,
+				    key->data);
+	if (ret < 0)
+		gnutls_assert();
+
+	return ret;
+}
+
+static int
+compute_binder_key(const mac_entry_st *prf,
+		   const uint8_t *key, size_t keylen,
+		   bool resuming,
+		   void *out)
+{
+	int ret;
+	const char ext_label[] = EXT_BINDER_LABEL;
+	const size_t ext_label_len = sizeof(ext_label) - 1;
+	const char res_label[] = RES_BINDER_LABEL;
+	const size_t res_label_len = sizeof(res_label) - 1;
+	const char *label = resuming ? res_label : ext_label;
+	size_t label_len = resuming ? res_label_len : ext_label_len;
+	uint8_t tmp_key[MAX_HASH_SIZE];
+
+	/* Compute HKDF-Extract(0, psk) */
+	ret = _tls13_init_secret2(prf, key, keylen, tmp_key);
+	if (ret < 0)
+		return ret;
+
+	/* Compute Derive-Secret(secret, label, transcript_hash) */
+	ret = _tls13_derive_secret2(prf, label, label_len,
+				    NULL, 0, tmp_key, out);
+	if (ret < 0)
+		return ret;
+
+	return 0;
+}
+
+static int
+compute_psk_binder(gnutls_session_t session,
+		   const mac_entry_st *prf, unsigned binders_length,
+		   int exts_length, int ext_offset,
+		   const gnutls_datum_t *psk, const gnutls_datum_t *client_hello,
+		   bool resuming, void *out)
+{
+	int ret;
+	unsigned client_hello_pos, extensions_len_pos;
+	gnutls_buffer_st handshake_buf;
+	uint8_t binder_key[MAX_HASH_SIZE];
+
+	_gnutls_buffer_init(&handshake_buf);
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		if (session->internals.hsk_flags & HSK_HRR_RECEIVED) {
+			ret = gnutls_buffer_append_data(&handshake_buf,
+							(const void *) session->internals.handshake_hash_buffer.data,
+							session->internals.handshake_hash_buffer.length);
+			if (ret < 0) {
+				gnutls_assert();
+				goto error;
+			}
+		}
+
+		client_hello_pos = handshake_buf.length;
+		ret = gnutls_buffer_append_data(&handshake_buf, client_hello->data,
+						client_hello->size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		/* This is a ClientHello message */
+		handshake_buf.data[client_hello_pos] = GNUTLS_HANDSHAKE_CLIENT_HELLO;
+
+		/* At this point we have not yet added the binders to the ClientHello,
+		 * but we have to overwrite the size field, pretending as if binders
+		 * of the correct length were present.
+		 */
+		_gnutls_write_uint24(handshake_buf.length - client_hello_pos + binders_length - 2, &handshake_buf.data[client_hello_pos + 1]);
+		_gnutls_write_uint16(handshake_buf.length - client_hello_pos + binders_length - ext_offset,
+				     &handshake_buf.data[client_hello_pos + ext_offset]);
+		extensions_len_pos = handshake_buf.length - client_hello_pos - exts_length - 2;
+		_gnutls_write_uint16(exts_length + binders_length + 2,
+				     &handshake_buf.data[client_hello_pos + extensions_len_pos]);
+	} else {
+		if (session->internals.hsk_flags & HSK_HRR_SENT) {
+			if (unlikely(session->internals.handshake_hash_buffer.length <= client_hello->size)) {
+				ret = gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+				goto error;
+			}
+
+			ret = gnutls_buffer_append_data(&handshake_buf,
+							session->internals.handshake_hash_buffer.data,
+							session->internals.handshake_hash_buffer.length - client_hello->size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto error;
+			}
+		}
+
+		if (unlikely(client_hello->size <= binders_length)) {
+			ret = gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+			goto error;
+		}
+
+		ret = gnutls_buffer_append_data(&handshake_buf,
+						(const void *) client_hello->data,
+						client_hello->size - binders_length);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	}
+
+	ret = compute_binder_key(prf,
+				 psk->data, psk->size, resuming,
+				 binder_key);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = _gnutls13_compute_finished(prf, binder_key,
+					 &handshake_buf,
+					 out);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = 0;
+error:
+	_gnutls_buffer_clear(&handshake_buf);
+	return ret;
+}
+
+static int
+generate_early_secrets(gnutls_session_t session,
+		       const mac_entry_st *prf)
+{
+	int ret;
+
+	ret = _tls13_derive_secret2(prf, EARLY_TRAFFIC_LABEL, sizeof(EARLY_TRAFFIC_LABEL)-1,
+				    session->internals.handshake_hash_buffer.data,
+				    session->internals.handshake_hash_buffer_client_hello_len,
+				    session->key.proto.tls13.temp_secret,
+				    session->key.proto.tls13.e_ckey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_call_keylog_func(session, "CLIENT_EARLY_TRAFFIC_SECRET",
+				       session->key.proto.tls13.e_ckey,
+				       prf->output_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _tls13_derive_secret2(prf, EARLY_EXPORTER_MASTER_LABEL, sizeof(EARLY_EXPORTER_MASTER_LABEL)-1,
+				    session->internals.handshake_hash_buffer.data,
+				    session->internals.handshake_hash_buffer_client_hello_len,
+				    session->key.proto.tls13.temp_secret,
+				    session->key.proto.tls13.ap_expkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_call_keylog_func(session, "EARLY_EXPORTER_SECRET",
+				       session->key.proto.tls13.ap_expkey,
+				       prf->output_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+/* Calculate TLS 1.3 Early Secret and the derived secrets from the
+ * selected PSK. */
+int
+_gnutls_generate_early_secrets_for_psk(gnutls_session_t session)
+{
+	const uint8_t *psk;
+	size_t psk_size;
+	const mac_entry_st *prf;
+	int ret;
+
+	psk = session->key.binders[0].psk.data;
+	psk_size = session->key.binders[0].psk.size;
+	prf = session->key.binders[0].prf;
+
+	if (unlikely(psk_size == 0))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = _tls13_init_secret2(prf, psk, psk_size,
+				  session->key.proto.tls13.temp_secret);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	session->key.proto.tls13.temp_secret_size = prf->output_size;
+
+	ret = generate_early_secrets(session, session->key.binders[0].prf);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+static int
+client_send_params(gnutls_session_t session,
+		   gnutls_buffer_t extdata,
+		   const gnutls_psk_client_credentials_t cred)
+{
+	int ret, ext_offset = 0;
+	uint8_t binder_value[MAX_HASH_SIZE];
+	size_t spos;
+	gnutls_datum_t username = {NULL, 0};
+	gnutls_datum_t user_key = {NULL, 0}, rkey = {NULL, 0};
+	unsigned client_hello_len;
+	unsigned next_idx;
+	const mac_entry_st *prf_res = NULL;
+	const mac_entry_st *prf_psk = NULL;
+	struct timespec cur_time;
+	uint32_t ticket_age, ob_ticket_age;
+	int free_username = 0;
+	psk_auth_info_t info = NULL;
+	unsigned psk_id_len = 0;
+	unsigned binders_len, binders_pos;
+	tls13_ticket_st *ticket = &session->internals.tls13_ticket;
+
+	if (((session->internals.flags & GNUTLS_NO_TICKETS) ||
+	    session->internals.tls13_ticket.ticket.data == NULL) &&
+	    (!cred || !_gnutls_have_psk_credentials(cred, session))) {
+
+		return 0;
+	}
+
+	binders_len = 0;
+
+	/* placeholder to be filled later */
+	spos = extdata->length;
+	ret = _gnutls_buffer_append_prefix(extdata, 16, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* First, let's see if we have a session ticket to send */
+	if (!(session->internals.flags & GNUTLS_NO_TICKETS) &&
+	    ticket->ticket.data != NULL) {
+
+		/* We found a session ticket */
+		if (unlikely(ticket->prf == NULL)) {
+			tls13_ticket_deinit(ticket);
+			ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+			goto cleanup;
+		}
+
+		prf_res = ticket->prf;
+
+		gnutls_gettime(&cur_time);
+		if (unlikely(_gnutls_timespec_cmp(&cur_time,
+						  &ticket->arrival_time) < 0)) {
+			gnutls_assert();
+			tls13_ticket_deinit(ticket);
+			goto ignore_ticket;
+		}
+
+		/* Check whether the ticket is stale */
+		ticket_age = timespec_sub_ms(&cur_time, &ticket->arrival_time);
+		if (ticket_age / 1000 > ticket->lifetime) {
+			tls13_ticket_deinit(ticket);
+			goto ignore_ticket;
+		}
+
+		ret = compute_psk_from_ticket(ticket, &rkey);
+		if (ret < 0) {
+			tls13_ticket_deinit(ticket);
+			goto ignore_ticket;
+		}
+
+		/* Calculate obfuscated ticket age, in milliseconds, mod 2^32 */
+		ob_ticket_age = ticket_age + ticket->age_add;
+
+		if ((ret = _gnutls_buffer_append_data_prefix(extdata, 16,
+							     ticket->ticket.data,
+							     ticket->ticket.size)) < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		/* Now append the obfuscated ticket age */
+		if ((ret = _gnutls_buffer_append_prefix(extdata, 32, ob_ticket_age)) < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		psk_id_len += 6 + ticket->ticket.size;
+		binders_len += 1 + _gnutls_mac_get_algo_len(prf_res);
+	}
+
+ ignore_ticket:
+	if (cred && _gnutls_have_psk_credentials(cred, session)) {
+		gnutls_datum_t tkey;
+
+		if (cred->binder_algo == NULL) {
+			gnutls_assert();
+			ret = gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+			goto cleanup;
+		}
+
+		prf_psk = cred->binder_algo;
+
+		ret = _gnutls_find_psk_key(session, cred, &username, &tkey, &free_username);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		if (username.size == 0 || username.size > UINT16_MAX) {
+			ret = gnutls_assert_val(GNUTLS_E_INVALID_PASSWORD);
+			goto cleanup;
+		}
+
+		if (!free_username) {
+			/* we need to copy the key */
+			ret = _gnutls_set_datum(&user_key, tkey.data, tkey.size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+		} else {
+			user_key.data = tkey.data;
+			user_key.size = tkey.size;
+		}
+
+		ret = _gnutls_auth_info_init(session, GNUTLS_CRD_PSK, sizeof(psk_auth_info_st), 1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+		assert(info != NULL);
+
+		ret = _gnutls_copy_psk_username(info, username);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+
+		if ((ret = _gnutls_buffer_append_data_prefix(extdata, 16,
+							     username.data,
+							     username.size)) < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		/* Now append the obfuscated ticket age */
+		if ((ret = _gnutls_buffer_append_prefix(extdata, 32, 0)) < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		psk_id_len += 6 + username.size;
+		binders_len += 1 + _gnutls_mac_get_algo_len(prf_psk);
+	}
+
+	/* if no tickets or identities to be sent */
+	if (psk_id_len == 0) {
+		/* reset extensions buffer */
+		extdata->length = spos;
+		return 0;
+	}
+
+	_gnutls_write_uint16(psk_id_len, &extdata->data[spos]);
+
+	binders_pos = extdata->length-spos;
+	ext_offset = _gnutls_ext_get_extensions_offset(session);
+
+	/* Compute the binders. extdata->data points to the start
+	 * of this client hello. */
+	assert(extdata->length >= sizeof(mbuffer_st));
+	assert(ext_offset >= (ssize_t)sizeof(mbuffer_st));
+	ext_offset -= sizeof(mbuffer_st);
+	client_hello_len = extdata->length-sizeof(mbuffer_st);
+
+	next_idx = 0;
+
+	ret = _gnutls_buffer_append_prefix(extdata, 16, binders_len);
+	if (ret < 0) {
+		gnutls_assert_val(ret);
+		goto cleanup;
+	}
+
+	if (prf_res && rkey.size > 0) {
+		gnutls_datum_t client_hello;
+
+		client_hello.data = extdata->data+sizeof(mbuffer_st);
+		client_hello.size = client_hello_len;
+
+		ret = compute_psk_binder(session, prf_res,
+					 binders_len, binders_pos,
+					 ext_offset, &rkey, &client_hello, 1,
+					 binder_value);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		/* Associate the selected pre-shared key with the session */
+		gnutls_free(session->key.binders[next_idx].psk.data);
+		session->key.binders[next_idx].psk.data = rkey.data;
+		session->key.binders[next_idx].psk.size = rkey.size;
+		rkey.data = NULL;
+
+		session->key.binders[next_idx].prf = prf_res;
+		session->key.binders[next_idx].resumption = 1;
+		session->key.binders[next_idx].idx = next_idx;
+
+		_gnutls_handshake_log("EXT[%p]: sent PSK resumption identity (%d)\n", session, next_idx);
+
+		next_idx++;
+
+		/* Add the binder */
+		ret = _gnutls_buffer_append_data_prefix(extdata, 8, binder_value, prf_res->output_size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		session->internals.hsk_flags |= HSK_TLS13_TICKET_SENT;
+	}
+
+	if (prf_psk && user_key.size > 0 && info) {
+		gnutls_datum_t client_hello;
+
+		client_hello.data = extdata->data+sizeof(mbuffer_st);
+		client_hello.size = client_hello_len;
+
+		ret = compute_psk_binder(session, prf_psk,
+					 binders_len, binders_pos,
+					 ext_offset, &user_key, &client_hello, 0,
+					 binder_value);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		/* Associate the selected pre-shared key with the session */
+		gnutls_free(session->key.binders[next_idx].psk.data);
+		session->key.binders[next_idx].psk.data = user_key.data;
+		session->key.binders[next_idx].psk.size = user_key.size;
+		user_key.data = NULL;
+
+		session->key.binders[next_idx].prf = prf_psk;
+		session->key.binders[next_idx].resumption = 0;
+		session->key.binders[next_idx].idx = next_idx;
+
+		_gnutls_handshake_log("EXT[%p]: sent PSK identity '%s' (%d)\n", session, info->username, next_idx);
+
+		next_idx++;
+
+		/* Add the binder */
+		ret = _gnutls_buffer_append_data_prefix(extdata, 8, binder_value, prf_psk->output_size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret = 0;
+
+cleanup:
+	if (free_username)
+		_gnutls_free_datum(&username);
+
+	_gnutls_free_temp_key_datum(&user_key);
+	_gnutls_free_temp_key_datum(&rkey);
+
+	return ret;
+}
+
+static int
+server_send_params(gnutls_session_t session, gnutls_buffer_t extdata)
+{
+	int ret;
+
+	if (!(session->internals.hsk_flags & HSK_PSK_SELECTED))
+		return 0;
+
+	ret = _gnutls_buffer_append_prefix(extdata, 16,
+					   session->key.binders[0].idx);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 2;
+}
+
+static int server_recv_params(gnutls_session_t session,
+			      const unsigned char *data, size_t len,
+			      const gnutls_psk_server_credentials_t pskcred)
+{
+	int ret;
+	const mac_entry_st *prf;
+	gnutls_datum_t full_client_hello;
+	uint8_t binder_value[MAX_HASH_SIZE];
+	uint16_t psk_index, i;
+	gnutls_datum_t binder_recvd = { NULL, 0 };
+	gnutls_datum_t key = {NULL, 0};
+	psk_ext_parser_st psk_parser;
+	psk_ext_iter_st psk_iter;
+	struct psk_st psk;
+	psk_auth_info_t info;
+	tls13_ticket_st ticket_data;
+	/* These values should be set properly when session ticket is accepted. */
+	uint32_t ticket_age = UINT32_MAX;
+	struct timespec ticket_creation_time = { 0, 0 };
+	bool resuming;
+	bool refuse_early_data = false;
+
+	ret = _gnutls13_psk_ext_parser_init(&psk_parser, data, len);
+	if (ret < 0) {
+		/* No PSKs advertised by client */
+		if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+			return 0;
+		return gnutls_assert_val(ret);
+	}
+
+	_gnutls13_psk_ext_iter_init(&psk_iter, &psk_parser);
+	for (psk_index = 0; ; psk_index++) {
+		ret = _gnutls13_psk_ext_iter_next_identity(&psk_iter, &psk);
+		if (ret < 0) {
+			/* We couldn't find any usable PSK */
+			if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+				return 0;
+			return gnutls_assert_val(ret);
+		}
+
+		/* This will unpack the session ticket if it is well
+		 * formed and has the expected name */
+		if (!(session->internals.flags & GNUTLS_NO_TICKETS) &&
+		    _gnutls13_unpack_session_ticket(session, &psk.identity, &ticket_data) == 0) {
+			prf = ticket_data.prf;
+
+			session->internals.resumption_requested = 1;
+
+			/* Check whether ticket is stale or not */
+			ticket_age = psk.ob_ticket_age - ticket_data.age_add;
+			if (ticket_age / 1000 > ticket_data.lifetime) {
+				gnutls_assert();
+				tls13_ticket_deinit(&ticket_data);
+				continue;
+			}
+
+			ret = compute_psk_from_ticket(&ticket_data, &key);
+			if (ret < 0) {
+				gnutls_assert();
+				tls13_ticket_deinit(&ticket_data);
+				continue;
+			}
+
+			memcpy(&ticket_creation_time,
+			       &ticket_data.creation_time,
+			       sizeof(struct timespec));
+
+			tls13_ticket_deinit(&ticket_data);
+
+			resuming = 1;
+			break;
+		} else if (pskcred &&
+			   psk.ob_ticket_age == 0 &&
+			   psk.identity.size > 0 && psk.identity.size <= MAX_USERNAME_SIZE) {
+			prf = pskcred->binder_algo;
+
+			/* this fails only on configuration errors; as such we always
+			 * return its error code in that case */
+			ret = _gnutls_psk_pwd_find_entry(session, (char *) psk.identity.data, psk.identity.size, &key);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			resuming = 0;
+			break;
+		}
+	}
+
+	_gnutls13_psk_ext_iter_init(&psk_iter, &psk_parser);
+	for (i = 0; i <= psk_index; i++) {
+		ret = _gnutls13_psk_ext_iter_next_binder(&psk_iter, &binder_recvd);
+		if (ret < 0) {
+			gnutls_assert();
+			/* We couldn't extract binder */
+			if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+				ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+			goto fail;
+		}
+	}
+
+	/* Get full ClientHello */
+	if (!_gnutls_ext_get_full_client_hello(session, &full_client_hello)) {
+		ret = GNUTLS_E_INTERNAL_ERROR;
+		gnutls_assert();
+		goto fail;
+	}
+
+	/* Compute the binder value for this PSK */
+	ret = compute_psk_binder(session, prf, psk_parser.binders_len+2, 0, 0,
+				 &key, &full_client_hello, resuming,
+				 binder_value);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	if (_gnutls_mac_get_algo_len(prf) != binder_recvd.size ||
+	    gnutls_memcmp(binder_value, binder_recvd.data, binder_recvd.size)) {
+		gnutls_assert();
+		ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+		goto fail;
+	}
+
+	if (session->internals.hsk_flags & HSK_PSK_KE_MODE_DHE_PSK)
+		_gnutls_handshake_log("EXT[%p]: selected DHE-PSK mode\n", session);
+	else {
+		reset_cand_groups(session);
+		_gnutls_handshake_log("EXT[%p]: selected PSK mode\n", session);
+	}
+
+	/* save the username in psk_auth_info to make it available
+	 * using gnutls_psk_server_get_username() */
+	if (!resuming) {
+		assert(psk.identity.size <= MAX_USERNAME_SIZE);
+
+		ret = _gnutls_auth_info_init(session, GNUTLS_CRD_PSK, sizeof(psk_auth_info_st), 1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+		assert(info != NULL);
+
+		ret = _gnutls_copy_psk_username(info, psk.identity);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		_gnutls_handshake_log("EXT[%p]: selected PSK identity: %s (%d)\n", session, info->username, psk_index);
+
+		/* We currently only support early data in resuming connection,
+		 * due to lack of API function to associate encryption
+		 * parameters with external PSK.
+		 */
+		refuse_early_data = true;
+	} else {
+		if (session->internals.hsk_flags & HSK_EARLY_DATA_IN_FLIGHT) {
+			if (session->internals.anti_replay) {
+				ret = _gnutls_anti_replay_check(session->internals.anti_replay,
+								ticket_age,
+								&ticket_creation_time,
+								&binder_recvd);
+				if (ret < 0) {
+					refuse_early_data = true;
+					_gnutls_handshake_log("EXT[%p]: replay detected; rejecting early data\n",
+						      session);
+				}
+			} else {
+				refuse_early_data = true;
+				_gnutls_handshake_log("EXT[%p]: anti-replay is not enabled; rejecting early data\n",
+						      session);
+			}
+		}
+
+		session->internals.resumed = true;
+		_gnutls_handshake_log("EXT[%p]: selected resumption PSK identity (%d)\n", session, psk_index);
+	}
+
+	session->internals.hsk_flags |= HSK_PSK_SELECTED;
+
+	if ((session->internals.flags & GNUTLS_ENABLE_EARLY_DATA) &&
+	    (session->internals.hsk_flags & HSK_EARLY_DATA_IN_FLIGHT) &&
+	    !refuse_early_data &&
+	    !(session->internals.hsk_flags & HSK_HRR_SENT)) {
+		session->internals.hsk_flags |= HSK_EARLY_DATA_ACCEPTED;
+		_gnutls_handshake_log("EXT[%p]: early data accepted\n",
+				      session);
+	}
+
+	/* Reference the selected pre-shared key */
+	session->key.binders[0].psk.data = key.data;
+	session->key.binders[0].psk.size = key.size;
+
+	session->key.binders[0].idx = psk_index;
+	session->key.binders[0].prf = prf;
+	session->key.binders[0].resumption = resuming;
+
+	ret = _gnutls_generate_early_secrets_for_psk(session);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	return 0;
+
+ fail:
+	gnutls_free(key.data);
+	return ret;
+}
+
+/*
+ * Return values for this function:
+ *  -  0 : Not applicable.
+ *  - >0 : Ok. Return size of extension data.
+ *  - GNUTLS_E_INT_RET_0 : Size of extension data is zero.
+ *  - <0 : There's been an error.
+ *
+ * In the client, generates the PskIdentity and PskBinderEntry messages.
+ *
+ *      PskIdentity identities<7..2^16-1>;
+ *      PskBinderEntry binders<33..2^16-1>;
+ *
+ *      struct {
+ *          opaque identity<1..2^16-1>;
+ *          uint32 obfuscated_ticket_age;
+ *      } PskIdentity;
+ *
+ *      opaque PskBinderEntry<32..255>;
+ *
+ * The server sends the selected identity, which is a zero-based index
+ * of the PSKs offered by the client:
+ *
+ *      struct {
+ *          uint16 selected_identity;
+ *      } PreSharedKeyExtension;
+ */
+static int _gnutls_psk_send_params(gnutls_session_t session,
+				   gnutls_buffer_t extdata)
+{
+	gnutls_psk_client_credentials_t cred = NULL;
+	const version_entry_st *vers;
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		vers = _gnutls_version_max(session);
+
+		if (!vers || !vers->tls13_sem)
+			return 0;
+
+		if (session->internals.hsk_flags & HSK_PSK_KE_MODES_SENT) {
+			cred = (gnutls_psk_client_credentials_t)
+					_gnutls_get_cred(session, GNUTLS_CRD_PSK);
+		}
+
+		if ((session->internals.flags & GNUTLS_NO_TICKETS) && !session->internals.priorities->have_psk)
+			return 0;
+
+		return client_send_params(session, extdata, cred);
+	} else {
+		vers = get_version(session);
+
+		if (!vers || !vers->tls13_sem)
+			return 0;
+
+		if ((session->internals.flags & GNUTLS_NO_TICKETS) && !session->internals.priorities->have_psk)
+			return 0;
+
+		if (session->internals.hsk_flags & HSK_PSK_KE_MODES_RECEIVED)
+			return server_send_params(session, extdata);
+		else
+			return 0;
+	}
+}
+
+static void swap_binders(gnutls_session_t session)
+{
+	struct binder_data_st tmp;
+
+	memcpy(&tmp, &session->key.binders[0], sizeof(struct binder_data_st));
+	memcpy(&session->key.binders[0], &session->key.binders[1], sizeof(struct binder_data_st));
+	memcpy(&session->key.binders[1], &tmp, sizeof(struct binder_data_st));
+}
+
+/*
+ * Return values for this function:
+ *  -  0 : Not applicable.
+ *  - >0 : Ok. Return size of extension data.
+ *  - <0 : There's been an error.
+ */
+static int _gnutls_psk_recv_params(gnutls_session_t session,
+				   const unsigned char *data, size_t len)
+{
+	unsigned i;
+	gnutls_psk_server_credentials_t pskcred;
+	const version_entry_st *vers = get_version(session);
+	int ret;
+
+	if (!vers || !vers->tls13_sem)
+		return 0;
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		if (session->internals.hsk_flags & HSK_PSK_KE_MODES_SENT) {
+			uint16_t selected_identity = _gnutls_read_uint16(data);
+
+			for (i=0;i<sizeof(session->key.binders)/sizeof(session->key.binders[0]);i++) {
+				if (session->key.binders[i].prf != NULL && session->key.binders[i].idx == selected_identity) {
+					if (session->key.binders[i].resumption) {
+						session->internals.resumed = true;
+						_gnutls_handshake_log("EXT[%p]: selected PSK-resumption mode\n", session);
+					} else {
+						_gnutls_handshake_log("EXT[%p]: selected PSK mode\n", session);
+					}
+
+					/* different PSK is selected, than the one we calculated early secrets */
+					if (i != 0) {
+						/* ensure that selected binder is set on (our) index zero */
+						swap_binders(session);
+
+						ret = _gnutls_generate_early_secrets_for_psk(session);
+						if (ret < 0)
+							return gnutls_assert_val(ret);
+					}
+					session->internals.hsk_flags |= HSK_PSK_SELECTED;
+				}
+			}
+
+			return 0;
+		} else {
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
+		}
+	} else {
+		if (session->internals.hsk_flags & HSK_PSK_KE_MODES_RECEIVED) {
+			if (session->internals.hsk_flags & HSK_PSK_KE_MODE_INVALID) {
+				/* We received a "psk_ke_modes" extension, but with a value we don't support */
+				return 0;
+			}
+
+			pskcred = (gnutls_psk_server_credentials_t)
+					_gnutls_get_cred(session, GNUTLS_CRD_PSK);
+
+			/* If there are no PSK credentials, this extension is not applicable,
+			 * so we return zero. */
+			if (pskcred == NULL && (session->internals.flags & GNUTLS_NO_TICKETS))
+				return 0;
+
+			return server_recv_params(session, data, len, pskcred);
+		} else {
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
+		}
+	}
+}
+
+const hello_ext_entry_st ext_mod_pre_shared_key = {
+	.name = "Pre Shared Key",
+	.tls_id = PRE_SHARED_KEY_TLS_ID,
+	.gid = GNUTLS_EXTENSION_PRE_SHARED_KEY,
+	.client_parse_point = GNUTLS_EXT_TLS,
+	.server_parse_point = GNUTLS_EXT_TLS,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_CLIENT_HELLO | GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO,
+	.send_func = _gnutls_psk_send_params,
+	.recv_func = _gnutls_psk_recv_params
+};
diff --git a/lib/ext/pre_shared_key.h b/lib/ext/pre_shared_key.h
new file mode 100644
index 0000000..f1ea62c
--- /dev/null
+++ b/lib/ext/pre_shared_key.h
@@ -0,0 +1,23 @@
+#ifndef GNUTLS_LIB_EXT_PRE_SHARED_KEY_H
+#define GNUTLS_LIB_EXT_PRE_SHARED_KEY_H
+
+#include "auth/psk.h"
+#include <hello_ext.h>
+#include "tls13/session_ticket.h"
+
+#define PRE_SHARED_KEY_TLS_ID 41
+
+extern const hello_ext_entry_st ext_mod_pre_shared_key;
+
+inline static
+unsigned _gnutls_have_psk_credentials(const gnutls_psk_client_credentials_t cred, gnutls_session_t session)
+{
+	if ((cred->get_function || cred->username.data) && session->internals.priorities->have_psk)
+		return 1;
+	else
+		return 0;
+}
+
+int _gnutls_generate_early_secrets_for_psk(gnutls_session_t session);
+
+#endif /* GNUTLS_LIB_EXT_PRE_SHARED_KEY_H */
diff --git a/lib/ext/psk_ke_modes.c b/lib/ext/psk_ke_modes.c
new file mode 100644
index 0000000..cc28536
--- /dev/null
+++ b/lib/ext/psk_ke_modes.c
@@ -0,0 +1,205 @@
+/*
+ * Copyright (C) 2017 Free Software Foundation, Inc.
+ *
+ * Author: Ander Juaristi
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "ext/psk_ke_modes.h"
+#include "ext/pre_shared_key.h"
+#include <assert.h>
+
+#define PSK_KE 0
+#define PSK_DHE_KE 1
+
+static int
+psk_ke_modes_send_params(gnutls_session_t session,
+			 gnutls_buffer_t extdata)
+{
+	int ret;
+	const version_entry_st *vers;
+	uint8_t data[2];
+	unsigned pos, i;
+	unsigned have_dhpsk = 0;
+	unsigned have_psk = 0;
+
+	/* Server doesn't send psk_key_exchange_modes */
+	if (session->security_parameters.entity == GNUTLS_SERVER)
+		return 0;
+
+	/* If session ticket is disabled and no PSK key exchange is
+	 * enabled, don't send the extension */
+	if ((session->internals.flags & GNUTLS_NO_TICKETS) &&
+	    !session->internals.priorities->have_psk)
+		return 0;
+
+	vers = _gnutls_version_max(session);
+	if (!vers || !vers->tls13_sem)
+		return 0;
+
+	/* We send the list prioritized according to our preferences as a convention
+	 * (used throughout the protocol), even if the protocol doesn't mandate that
+	 * for this particular message. That way we can keep the TLS 1.2 semantics/
+	 * prioritization when negotiating PSK or DHE-PSK. Receiving servers would
+	 * very likely respect our prioritization if they parse the message serially. */
+	pos = 0;
+	for (i=0;i<session->internals.priorities->_kx.num_priorities;i++) {
+		if (session->internals.priorities->_kx.priorities[i] == GNUTLS_KX_PSK && !have_psk) {
+			assert(pos <= 1);
+			data[pos++] = PSK_KE;
+			session->internals.hsk_flags |= HSK_PSK_KE_MODE_PSK;
+			have_psk = 1;
+		} else if ((session->internals.priorities->_kx.priorities[i] == GNUTLS_KX_DHE_PSK ||
+			    session->internals.priorities->_kx.priorities[i] == GNUTLS_KX_ECDHE_PSK) && !have_dhpsk) {
+			assert(pos <= 1);
+			data[pos++] = PSK_DHE_KE;
+			session->internals.hsk_flags |= HSK_PSK_KE_MODE_DHE_PSK;
+			have_dhpsk = 1;
+		}
+
+		if (have_psk && have_dhpsk)
+			break;
+	}
+
+	/* For session resumption we need to send at least one */
+	if (pos == 0) {
+		if (session->internals.flags & GNUTLS_NO_TICKETS)
+			return 0;
+
+		data[pos++] = PSK_DHE_KE;
+		data[pos++] = PSK_KE;
+		session->internals.hsk_flags |= HSK_PSK_KE_MODE_DHE_PSK;
+		session->internals.hsk_flags |= HSK_PSK_KE_MODE_PSK;
+	}
+
+	ret = _gnutls_buffer_append_data_prefix(extdata, 8, data, pos);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	session->internals.hsk_flags |= HSK_PSK_KE_MODES_SENT;
+
+	return 0;
+}
+
+#define MAX_POS INT_MAX
+
+/*
+ * Since we only support ECDHE-authenticated PSKs, the server
+ * just verifies that a "psk_key_exchange_modes" extension was received,
+ * and that it contains the value one.
+ */
+static int
+psk_ke_modes_recv_params(gnutls_session_t session,
+			 const unsigned char *data, size_t len)
+{
+	uint8_t ke_modes_len;
+	const version_entry_st *vers = get_version(session);
+	gnutls_psk_server_credentials_t cred;
+	int dhpsk_pos = MAX_POS;
+	int psk_pos = MAX_POS;
+	int cli_psk_pos = MAX_POS;
+	int cli_dhpsk_pos = MAX_POS;
+	unsigned i;
+
+	/* Client doesn't receive psk_key_exchange_modes */
+	if (session->security_parameters.entity == GNUTLS_CLIENT)
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
+
+	/* we set hsk_flags to HSK_PSK_KE_MODE_INVALID on failure to ensure that
+	 * when we parse the pre-shared key extension we detect PSK_KE_MODES as
+	 * received. */
+	if (!vers || !vers->tls13_sem) {
+		session->internals.hsk_flags |= HSK_PSK_KE_MODE_INVALID;
+		return gnutls_assert_val(0);
+	}
+
+	cred = (gnutls_psk_server_credentials_t)_gnutls_get_cred(session, GNUTLS_CRD_PSK);
+	if (cred == NULL && (session->internals.flags & GNUTLS_NO_TICKETS)) {
+		session->internals.hsk_flags |= HSK_PSK_KE_MODE_INVALID;
+		return gnutls_assert_val(0);
+	}
+
+	DECR_LEN(len, 1);
+	ke_modes_len = *(data++);
+
+	for (i=0;i<session->internals.priorities->_kx.num_priorities;i++) {
+		if (session->internals.priorities->_kx.priorities[i] == GNUTLS_KX_PSK && psk_pos == MAX_POS) {
+			psk_pos = i;
+		} else if ((session->internals.priorities->_kx.priorities[i] == GNUTLS_KX_DHE_PSK ||
+			    session->internals.priorities->_kx.priorities[i] == GNUTLS_KX_ECDHE_PSK) &&
+			    dhpsk_pos == MAX_POS) {
+			dhpsk_pos = i;
+		}
+
+		if (dhpsk_pos != MAX_POS && psk_pos != MAX_POS)
+			break;
+	}
+
+	if (psk_pos == MAX_POS && dhpsk_pos == MAX_POS) {
+		if (!(session->internals.flags & GNUTLS_NO_TICKETS))
+			dhpsk_pos = 0;
+		else if (session->internals.priorities->groups.size == 0)
+			return gnutls_assert_val(0);
+	}
+
+	for (i=0;i<ke_modes_len;i++) {
+		DECR_LEN(len, 1);
+		if (data[i] == PSK_DHE_KE)
+			cli_dhpsk_pos = i;
+		else if (data[i] == PSK_KE)
+			cli_psk_pos = i;
+
+		_gnutls_handshake_log("EXT[%p]: PSK KE mode %.2x received\n",
+				      session, (unsigned)data[i]);
+		if (cli_psk_pos != MAX_POS && cli_dhpsk_pos != MAX_POS)
+			break;
+	}
+
+	if (session->internals.priorities->server_precedence) {
+		if (dhpsk_pos != MAX_POS && cli_dhpsk_pos != MAX_POS && (dhpsk_pos < psk_pos || cli_psk_pos == MAX_POS))
+			session->internals.hsk_flags |= HSK_PSK_KE_MODE_DHE_PSK;
+		else if (psk_pos != MAX_POS && cli_psk_pos != MAX_POS && (psk_pos < dhpsk_pos || cli_dhpsk_pos == MAX_POS))
+			session->internals.hsk_flags |= HSK_PSK_KE_MODE_PSK;
+	} else {
+		if (dhpsk_pos != MAX_POS && cli_dhpsk_pos != MAX_POS && (cli_dhpsk_pos < cli_psk_pos || psk_pos == MAX_POS))
+			session->internals.hsk_flags |= HSK_PSK_KE_MODE_DHE_PSK;
+		else if (psk_pos != MAX_POS && cli_psk_pos != MAX_POS && (cli_psk_pos < cli_dhpsk_pos || dhpsk_pos == MAX_POS))
+			session->internals.hsk_flags |= HSK_PSK_KE_MODE_PSK;
+	}
+
+	if ((session->internals.hsk_flags & HSK_PSK_KE_MODE_PSK) ||
+	    (session->internals.hsk_flags & HSK_PSK_KE_MODE_DHE_PSK)) {
+
+		return 0;
+	} else {
+		session->internals.hsk_flags |= HSK_PSK_KE_MODE_INVALID;
+		return gnutls_assert_val(0);
+	}
+}
+
+const hello_ext_entry_st ext_mod_psk_ke_modes = {
+	.name = "PSK Key Exchange Modes",
+	.tls_id = 45,
+	.gid = GNUTLS_EXTENSION_PSK_KE_MODES,
+	.client_parse_point = GNUTLS_EXT_TLS,
+	.server_parse_point = GNUTLS_EXT_TLS,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_CLIENT_HELLO | GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO,
+	.send_func = psk_ke_modes_send_params,
+	.recv_func = psk_ke_modes_recv_params
+};
diff --git a/lib/ext/psk_ke_modes.h b/lib/ext/psk_ke_modes.h
new file mode 100644
index 0000000..56876a9
--- /dev/null
+++ b/lib/ext/psk_ke_modes.h
@@ -0,0 +1,8 @@
+#ifndef GNUTLS_LIB_EXT_PSK_KE_MODES_H
+#define GNUTLS_LIB_EXT_PSK_KE_MODES_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_psk_ke_modes;
+
+#endif /* GNUTLS_LIB_EXT_PSK_KE_MODES_H */
diff --git a/lib/ext/record_size_limit.c b/lib/ext/record_size_limit.c
new file mode 100644
index 0000000..9398b18
--- /dev/null
+++ b/lib/ext/record_size_limit.c
@@ -0,0 +1,157 @@
+/*
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the code for the Record Size Limit TLS extension.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "num.h"
+#include <hello_ext.h>
+#include <ext/record_size_limit.h>
+
+static int _gnutls_record_size_limit_recv_params(gnutls_session_t session,
+						 const uint8_t * data,
+						 size_t data_size);
+static int _gnutls_record_size_limit_send_params(gnutls_session_t session,
+						 gnutls_buffer_st * extdata);
+
+const hello_ext_entry_st ext_mod_record_size_limit = {
+	.name = "Record Size Limit",
+	.tls_id = 28,
+	.gid = GNUTLS_EXTENSION_RECORD_SIZE_LIMIT,
+	.client_parse_point = GNUTLS_EXT_MANDATORY,
+	.server_parse_point = GNUTLS_EXT_MANDATORY,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		    GNUTLS_EXT_FLAG_EE | GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
+	.recv_func = _gnutls_record_size_limit_recv_params,
+	.send_func = _gnutls_record_size_limit_send_params
+};
+
+static int
+_gnutls_record_size_limit_recv_params(gnutls_session_t session,
+				      const uint8_t * data, size_t data_size)
+{
+	ssize_t new_size;
+	const version_entry_st *vers;
+
+	DECR_LEN(data_size, 2);
+	if (data_size != 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+	new_size = _gnutls_read_uint16(data);
+
+	/* protocol error */
+	if (new_size < 64)
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	session->internals.hsk_flags |= HSK_RECORD_SIZE_LIMIT_RECEIVED;
+
+	/* we do not want to accept sizes outside of our supported range */
+	if (new_size <
+	    (session->internals.allow_small_records ?
+	     MIN_RECORD_SIZE_SMALL : MIN_RECORD_SIZE)) {
+		/* for server, reject it by omitting the extension in the reply */
+		if (session->security_parameters.entity == GNUTLS_SERVER) {
+			_gnutls_handshake_log("EXT[%p]: client requested too small record_size_limit %u; ignoring\n",
+					      session, (unsigned)new_size);
+			return gnutls_assert_val(0);
+		} else {
+			_gnutls_handshake_log("EXT[%p]: server requested too small record_size_limit %u; closing the connection\n",
+					      session, (unsigned)new_size);
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+		}
+	}
+
+	session->internals.hsk_flags |= HSK_RECORD_SIZE_LIMIT_NEGOTIATED;
+
+	/* client uses the reception of this extension as an
+	 * indication of the request was accepted by the server */
+	if (session->security_parameters.entity == GNUTLS_CLIENT)
+		session->security_parameters.max_record_recv_size =
+			session->security_parameters.max_user_record_recv_size;
+
+	_gnutls_handshake_log("EXT[%p]: record_size_limit %u negotiated\n",
+			      session, (unsigned)new_size);
+
+	/* subtract 1 octet for content type */
+	vers = get_version(session);
+	if (unlikely(vers == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	session->security_parameters.max_record_send_size =
+		MIN(new_size - vers->tls13_sem,
+		    session->security_parameters.max_user_record_send_size);
+
+	return 0;
+}
+
+/* returns data_size or a negative number on failure
+ */
+static int
+_gnutls_record_size_limit_send_params(gnutls_session_t session,
+				      gnutls_buffer_st * extdata)
+{
+	int ret;
+	uint16_t send_size;
+
+	assert(session->security_parameters.max_user_record_recv_size >= 64 &&
+	       session->security_parameters.max_user_record_recv_size <=
+	       DEFAULT_MAX_RECORD_SIZE);
+
+	send_size = session->security_parameters.max_user_record_recv_size;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		const version_entry_st *vers;
+
+		/* if we had received the extension and rejected, don't send it */
+		if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_RECEIVED &&
+		    !(session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_NEGOTIATED))
+			return gnutls_assert_val(0);
+
+		/* add 1 octet for content type */
+		vers = get_version(session);
+		if (unlikely(vers == NULL))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		session->security_parameters.max_record_recv_size =
+			send_size;
+
+		send_size += vers->tls13_sem;
+	} else {
+		const version_entry_st *vers;
+
+		/* add 1 octet for content type */
+		vers = _gnutls_version_max(session);
+		if (unlikely(vers == NULL))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		send_size += vers->tls13_sem;
+	}
+
+	ret = _gnutls_buffer_append_prefix(extdata, 16, send_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	session->internals.hsk_flags |= HSK_RECORD_SIZE_LIMIT_SENT;
+
+	return 2;
+}
diff --git a/lib/ext/record_size_limit.h b/lib/ext/record_size_limit.h
new file mode 100644
index 0000000..da7cade
--- /dev/null
+++ b/lib/ext/record_size_limit.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_RECORD_SIZE_LIMIT_H
+#define GNUTLS_LIB_EXT_RECORD_SIZE_LIMIT_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_record_size_limit;
+
+#endif /* GNUTLS_LIB_EXT_RECORD_SIZE_LIMIT_H */
diff --git a/lib/ext/safe_renegotiation.c b/lib/ext/safe_renegotiation.c
new file mode 100644
index 0000000..f76895d
--- /dev/null
+++ b/lib/ext/safe_renegotiation.c
@@ -0,0 +1,449 @@
+/*
+ * Copyright (C) 2009-2012 Free Software Foundation, Inc.
+ *
+ * Author: Steve Dispensa (<dispensa@phonefactor.com>)
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <ext/safe_renegotiation.h>
+#include "errors.h"
+
+
+static int _gnutls_sr_recv_params(gnutls_session_t state,
+				  const uint8_t * data, size_t data_size);
+static int _gnutls_sr_send_params(gnutls_session_t state,
+				  gnutls_buffer_st *);
+static void _gnutls_sr_deinit_data(gnutls_ext_priv_data_t priv);
+
+const hello_ext_entry_st ext_mod_sr = {
+	.name = "Safe Renegotiation",
+	.tls_id = 65281,
+	.gid = GNUTLS_EXTENSION_SAFE_RENEGOTIATION,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		    GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
+	.client_parse_point = GNUTLS_EXT_MANDATORY,
+	.server_parse_point = GNUTLS_EXT_MANDATORY,
+	.recv_func = _gnutls_sr_recv_params,
+	.send_func = _gnutls_sr_send_params,
+	.pack_func = NULL,
+	.unpack_func = NULL,
+	.deinit_func = _gnutls_sr_deinit_data,
+	.cannot_be_overriden = 1
+};
+
+int
+_gnutls_ext_sr_finished(gnutls_session_t session, void *vdata,
+			size_t vdata_size, int dir)
+{
+	int ret;
+	sr_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+
+	if (session->internals.priorities->sr == SR_DISABLED ||
+	    session->internals.priorities->no_extensions) {
+		return 0;
+	}
+
+	ret = _gnutls_hello_ext_get_priv(session,
+					   GNUTLS_EXTENSION_SAFE_RENEGOTIATION,
+					   &epriv);
+	if (ret < 0) {
+		gnutls_assert();
+		/* if a client didn't advertise safe renegotiation, we treat
+		 * it as disabled. */
+		if (session->security_parameters.entity == GNUTLS_SERVER)
+			return 0;
+		return ret;
+	}
+	priv = epriv;
+
+	/* Save data for safe renegotiation. 
+	 */
+	if (vdata_size > MAX_VERIFY_DATA_SIZE) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	if ((session->security_parameters.entity == GNUTLS_CLIENT
+	     && dir == 0)
+	    || (session->security_parameters.entity == GNUTLS_SERVER
+		&& dir == 1)) {
+		priv->client_verify_data_len = vdata_size;
+		memcpy(priv->client_verify_data, vdata, vdata_size);
+	} else {
+		priv->server_verify_data_len = vdata_size;
+		memcpy(priv->server_verify_data, vdata, vdata_size);
+	}
+
+	return 0;
+}
+
+int _gnutls_ext_sr_verify(gnutls_session_t session)
+{
+	int ret;
+	sr_ext_st *priv = NULL;
+	gnutls_ext_priv_data_t epriv;
+
+	if (session->internals.priorities->sr == SR_DISABLED) {
+		gnutls_assert();
+		return 0;
+	}
+
+	ret = _gnutls_hello_ext_get_priv(session,
+					   GNUTLS_EXTENSION_SAFE_RENEGOTIATION,
+					   &epriv);
+	if (ret >= 0)
+		priv = epriv;
+
+	/* Safe renegotiation */
+
+	if (priv && priv->safe_renegotiation_received) {
+		if ((priv->ri_extension_data_len <
+		     priv->client_verify_data_len)
+		    ||
+		    (memcmp
+		     (priv->ri_extension_data, priv->client_verify_data,
+		      priv->client_verify_data_len))) {
+			gnutls_assert();
+			_gnutls_handshake_log
+			    ("HSK[%p]: Safe renegotiation failed [1]\n",
+			     session);
+			return GNUTLS_E_SAFE_RENEGOTIATION_FAILED;
+		}
+
+		if (session->security_parameters.entity == GNUTLS_CLIENT) {
+			if ((priv->ri_extension_data_len !=
+			     priv->client_verify_data_len +
+			     priv->server_verify_data_len)
+			    || memcmp(priv->ri_extension_data +
+				      priv->client_verify_data_len,
+				      priv->server_verify_data,
+				      priv->server_verify_data_len) != 0) {
+				gnutls_assert();
+				_gnutls_handshake_log
+				    ("HSK[%p]: Safe renegotiation failed [2]\n",
+				     session);
+				return GNUTLS_E_SAFE_RENEGOTIATION_FAILED;
+			}
+		} else {	/* Make sure there are 0 extra bytes */
+
+			if (priv->ri_extension_data_len !=
+			    priv->client_verify_data_len) {
+				gnutls_assert();
+				_gnutls_handshake_log
+				    ("HSK[%p]: Safe renegotiation failed [3]\n",
+				     session);
+				return GNUTLS_E_SAFE_RENEGOTIATION_FAILED;
+			}
+		}
+
+		_gnutls_handshake_log
+		    ("HSK[%p]: Safe renegotiation succeeded\n", session);
+	} else {		/* safe renegotiation not received... */
+
+		if (priv && priv->connection_using_safe_renegotiation) {
+			gnutls_assert();
+			_gnutls_handshake_log
+			    ("HSK[%p]: Peer previously asked for safe renegotiation\n",
+			     session);
+			return GNUTLS_E_SAFE_RENEGOTIATION_FAILED;
+		}
+
+		/* Clients can't tell if it's an initial negotiation */
+		if (session->internals.initial_negotiation_completed) {
+			if (session->internals.priorities->sr < SR_PARTIAL) {
+				_gnutls_handshake_log
+				    ("HSK[%p]: Allowing unsafe (re)negotiation\n",
+				     session);
+			} else {
+				gnutls_assert();
+				_gnutls_handshake_log
+				    ("HSK[%p]: Denying unsafe (re)negotiation\n",
+				     session);
+				return
+				    GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED;
+			}
+		} else {
+			if (session->internals.priorities->sr < SR_SAFE) {
+				_gnutls_handshake_log
+				    ("HSK[%p]: Allowing unsafe initial negotiation\n",
+				     session);
+			} else {
+				gnutls_assert();
+				_gnutls_handshake_log
+				    ("HSK[%p]: Denying unsafe initial negotiation\n",
+				     session);
+				return GNUTLS_E_SAFE_RENEGOTIATION_FAILED;
+			}
+		}
+	}
+
+	return 0;
+}
+
+/* if a server received the special ciphersuite.
+ */
+int _gnutls_ext_sr_recv_cs(gnutls_session_t session)
+{
+	int ret, set = 0;
+	sr_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+
+	ret = _gnutls_hello_ext_get_priv(session,
+					   GNUTLS_EXTENSION_SAFE_RENEGOTIATION,
+					   &epriv);
+	if (ret < 0) {
+		set = 1;
+	}
+
+	if (set != 0) {
+		priv = gnutls_calloc(1, sizeof(*priv));
+		if (priv == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+		epriv = priv;
+	} else
+		priv = epriv;
+
+	priv->safe_renegotiation_received = 1;
+	priv->connection_using_safe_renegotiation = 1;
+	_gnutls_hello_ext_save_sr(session);
+
+	if (set != 0)
+		_gnutls_hello_ext_set_priv(session,
+					     GNUTLS_EXTENSION_SAFE_RENEGOTIATION,
+					     epriv);
+
+	return 0;
+}
+
+int _gnutls_ext_sr_send_cs(gnutls_session_t session)
+{
+	int ret, set = 0;
+	sr_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+
+	ret = _gnutls_hello_ext_get_priv(session,
+					   GNUTLS_EXTENSION_SAFE_RENEGOTIATION,
+					   &epriv);
+	if (ret < 0) {
+		set = 1;
+	}
+
+	if (set != 0) {
+		priv = gnutls_calloc(1, sizeof(*priv));
+		if (priv == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+		epriv = priv;
+
+		_gnutls_hello_ext_set_priv(session,
+					     GNUTLS_EXTENSION_SAFE_RENEGOTIATION,
+					     epriv);
+	}
+
+	return 0;
+}
+
+static int
+_gnutls_sr_recv_params(gnutls_session_t session,
+		       const uint8_t * data, size_t data_size)
+{
+	unsigned int len;
+	sr_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+	int set = 0, ret;
+
+	if (data_size == 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	len = data[0];
+	DECR_LEN(data_size,
+		 len + 1 /* count the first byte and payload */ );
+
+	if (session->internals.priorities->sr == SR_DISABLED) {
+		gnutls_assert();
+		return 0;
+	}
+
+	ret = _gnutls_hello_ext_get_priv(session,
+					   GNUTLS_EXTENSION_SAFE_RENEGOTIATION,
+					   &epriv);
+	if (ret < 0
+	    && session->security_parameters.entity == GNUTLS_SERVER) {
+		set = 1;
+	} else if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (set != 0) {
+		priv = gnutls_calloc(1, sizeof(*priv));
+		if (priv == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+		epriv = priv;
+
+		_gnutls_hello_ext_set_priv(session,
+					     GNUTLS_EXTENSION_SAFE_RENEGOTIATION,
+					     epriv);
+	} else {
+		priv = epriv;
+	}
+
+	/* It is not legal to receive this extension on a renegotiation and
+	 * not receive it on the initial negotiation.
+	 */
+	if (session->internals.initial_negotiation_completed != 0 &&
+	    priv->connection_using_safe_renegotiation == 0) {
+		gnutls_assert();
+		return GNUTLS_E_SAFE_RENEGOTIATION_FAILED;
+	}
+
+	if (len > sizeof(priv->ri_extension_data)) {
+		gnutls_assert();
+		return GNUTLS_E_SAFE_RENEGOTIATION_FAILED;
+	}
+
+	if (len > 0)
+		memcpy(priv->ri_extension_data, &data[1], len);
+	priv->ri_extension_data_len = len;
+
+	/* "safe renegotiation received" means on *this* handshake; "connection using
+	 * safe renegotiation" means that the initial hello received on the connection
+	 * indicated safe renegotiation.
+	 */
+	priv->safe_renegotiation_received = 1;
+	priv->connection_using_safe_renegotiation = 1;
+
+	return 0;
+}
+
+static int
+_gnutls_sr_send_params(gnutls_session_t session,
+		       gnutls_buffer_st * extdata)
+{
+	/* The format of this extension is a one-byte length of verify data followed
+	 * by the verify data itself. Note that the length byte does not include
+	 * itself; IOW, empty verify data is represented as a length of 0. That means
+	 * the minimum extension is one byte: 0x00.
+	 */
+	sr_ext_st *priv;
+	int ret, set = 0, len;
+	gnutls_ext_priv_data_t epriv;
+	size_t init_length = extdata->length;
+
+	if (session->internals.priorities->sr == SR_DISABLED) {
+		gnutls_assert();
+		return 0;
+	}
+
+	ret = _gnutls_hello_ext_get_priv(session,
+					   GNUTLS_EXTENSION_SAFE_RENEGOTIATION,
+					   &epriv);
+	if (ret < 0) {
+		set = 1;
+	}
+
+	if (set != 0) {
+		priv = gnutls_calloc(1, sizeof(*priv));
+		if (priv == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+		epriv = priv;
+
+		_gnutls_hello_ext_set_priv(session,
+					     GNUTLS_EXTENSION_SAFE_RENEGOTIATION,
+					     epriv);
+	} else
+		priv = epriv;
+
+	/* Always offer the extension if we're a client */
+	if (priv->connection_using_safe_renegotiation ||
+	    session->security_parameters.entity == GNUTLS_CLIENT) {
+		len = priv->client_verify_data_len;
+		if (session->security_parameters.entity == GNUTLS_SERVER)
+			len += priv->server_verify_data_len;
+
+		ret = _gnutls_buffer_append_prefix(extdata, 8, len);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    _gnutls_buffer_append_data(extdata,
+					       priv->client_verify_data,
+					       priv->
+					       client_verify_data_len);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		if (session->security_parameters.entity == GNUTLS_SERVER) {
+			ret =
+			    _gnutls_buffer_append_data(extdata,
+						       priv->
+						       server_verify_data,
+						       priv->
+						       server_verify_data_len);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+	} else
+		return 0;
+
+	return extdata->length - init_length;
+}
+
+static void _gnutls_sr_deinit_data(gnutls_ext_priv_data_t priv)
+{
+	gnutls_free(priv);
+}
+
+/**
+ * gnutls_safe_renegotiation_status:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Can be used to check whether safe renegotiation is being used
+ * in the current session.
+ *
+ * Returns: 0 when safe renegotiation is not used and non (0) when
+ *   safe renegotiation is used.
+ *
+ * Since: 2.10.0
+ **/
+unsigned gnutls_safe_renegotiation_status(gnutls_session_t session)
+{
+	int ret;
+	sr_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+
+	ret = _gnutls_hello_ext_get_priv(session,
+					   GNUTLS_EXTENSION_SAFE_RENEGOTIATION,
+					   &epriv);
+	if (ret < 0) {
+		gnutls_assert();
+		return 0;
+	}
+	priv = epriv;
+
+	return priv->connection_using_safe_renegotiation;
+}
diff --git a/lib/ext/safe_renegotiation.h b/lib/ext/safe_renegotiation.h
new file mode 100644
index 0000000..bc2024a
--- /dev/null
+++ b/lib/ext/safe_renegotiation.h
@@ -0,0 +1,49 @@
+/*
+ * Copyright (C) 2009-2012 Free Software Foundation, Inc.
+ *
+ * Author: Steve Dispensa (<dispensa@phonefactor.com>)
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_SAFE_RENEGOTIATION_H
+#define GNUTLS_LIB_EXT_SAFE_RENEGOTIATION_H
+
+#include <hello_ext.h>
+
+typedef struct {
+	uint8_t client_verify_data[MAX_VERIFY_DATA_SIZE];
+	size_t client_verify_data_len;
+	uint8_t server_verify_data[MAX_VERIFY_DATA_SIZE];
+	size_t server_verify_data_len;
+	uint8_t ri_extension_data[MAX_VERIFY_DATA_SIZE * 2];	/* max signal is 72 bytes in s->c sslv3 */
+	size_t ri_extension_data_len;
+
+	unsigned int safe_renegotiation_received:1;
+	unsigned int initial_negotiation_completed:1;
+	unsigned int connection_using_safe_renegotiation:1;
+} sr_ext_st;
+
+extern const hello_ext_entry_st ext_mod_sr;
+
+int _gnutls_ext_sr_finished(gnutls_session_t session, void *vdata,
+			    size_t vdata_size, int dir);
+int _gnutls_ext_sr_recv_cs(gnutls_session_t session);
+int _gnutls_ext_sr_verify(gnutls_session_t session);
+int _gnutls_ext_sr_send_cs(gnutls_session_t);
+
+#endif /* GNUTLS_LIB_EXT_SAFE_RENEGOTIATION_H */
diff --git a/lib/ext/server_cert_type.c b/lib/ext/server_cert_type.c
new file mode 100644
index 0000000..6db2a1f
--- /dev/null
+++ b/lib/ext/server_cert_type.c
@@ -0,0 +1,370 @@
+/*
+ * Copyright (C) 2016 - 2018 ARPA2 project
+ *
+ * Author: Tom Vrancken (dev@tomvrancken.nl)
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ * This file is part of the server_certificate_type extension as
+ * defined in RFC7250 (https://tools.ietf.org/html/rfc7250).
+ *
+ * The server_certificate_type extension in the client hello indicates
+ * the types of certificates the client is able to process when provided
+ * by the server in a subsequent certificate payload.
+ */
+
+#include <gnutls_int.h>
+#include <gnutls/gnutls.h>
+#include "ext/cert_types.h"
+#include "ext/server_cert_type.h"
+#include "hello_ext.h"
+#include "hello_ext_lib.h"
+#include "errors.h"
+#include "state.h"
+#include "datum.h"
+
+
+static int _gnutls_server_cert_type_recv_params(gnutls_session_t session,
+						const uint8_t* data,
+						size_t data_size);
+static int _gnutls_server_cert_type_send_params(gnutls_session_t session,
+						gnutls_buffer_st* data);
+
+
+const hello_ext_entry_st ext_mod_server_cert_type = {
+	.name = "Server Certificate Type",
+	.tls_id = 20,
+	.gid = GNUTLS_EXTENSION_SERVER_CERT_TYPE,
+	.client_parse_point = GNUTLS_EXT_TLS,
+	.server_parse_point = GNUTLS_EXT_TLS,
+	.validity = GNUTLS_EXT_FLAG_TLS |
+		GNUTLS_EXT_FLAG_DTLS |
+		GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO |
+		GNUTLS_EXT_FLAG_EE,
+	.recv_func = _gnutls_server_cert_type_recv_params,
+	.send_func = _gnutls_server_cert_type_send_params,
+	.pack_func = _gnutls_hello_ext_default_pack,
+	.unpack_func = _gnutls_hello_ext_default_unpack,
+	.deinit_func = _gnutls_hello_ext_default_deinit,
+	.cannot_be_overriden = 1
+};
+
+
+static int _gnutls_server_cert_type_recv_params(gnutls_session_t session,
+						const uint8_t* data,
+						size_t data_size)
+{
+	int ret;
+	gnutls_certificate_type_t cert_type;
+	size_t i;
+	bool found = false;
+	const uint8_t* pdata = data;
+
+	/* Only activate this extension if we have cert credentials set
+	 * and alternative cert types are allowed */
+	if (!are_alternative_cert_types_allowed(session) ||
+		(_gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE) == NULL))
+		return 0;
+
+	if (!IS_SERVER(session)) {	// client mode
+		gnutls_datum_t sent_cert_types; // Holds the previously sent cert types
+
+		/* Compare packet length with expected packet length. For the
+		 * client this is a single byte. */
+		if (data_size != 1) {
+			return
+					gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+		}
+
+		/* The server picked one of the offered cert types if he supports
+		 * at least one of them. If both parties play by the rules then we
+		 * may only receive a cert type that we offered, i.e. one that we
+		 * support. Because the world isn't as beautiful as it may seem,
+		 * we're going to check it nevertheless. */
+		cert_type = IANA2cert_type(pdata[0]);
+
+		_gnutls_handshake_log("EXT[%p]: Received a %s server certificate type confirmation from the server.\n",
+		                      session, gnutls_certificate_type_get_name(cert_type));
+
+		// Check validity of cert type
+		if (cert_type == GNUTLS_CRT_UNKNOWN) {
+			return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE);
+		}
+
+		/* Get the cert types that we sent to the server (they were stored
+		 * in IANA representation.
+		 */
+		ret = _gnutls_hello_ext_get_datum(session,
+							 GNUTLS_EXTENSION_SERVER_CERT_TYPE,
+							 &sent_cert_types);
+		if (ret < 0) {
+			/* This should not happen and indicate a memory corruption!
+			 * Assertion are always on in production code so execution
+			 * will halt here. */
+			assert(false);
+		}
+
+		// Check whether what we got back is actually offered by us
+		for (i = 0; i < sent_cert_types.size; i++) {
+			if (IANA2cert_type(sent_cert_types.data[i]) == cert_type)
+				found = true;
+		}
+
+		if (found) {
+			// Everything OK, now set the server certificate type
+			_gnutls_session_server_cert_type_set(session, cert_type);
+			ret = GNUTLS_E_SUCCESS;
+		} else {
+			// No valid cert type found
+			ret = GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
+		}
+
+		return ret;
+
+	} else {		// server mode
+		gnutls_datum_t cert_types; // Holds the received cert types
+
+		// Compare packet length with expected packet length.
+		DECR_LEN(data_size, 1);
+		if (data[0] != data_size) {
+			return
+					gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+		}
+		pdata += 1;
+
+		// Assign the contents of our data buffer to a gnutls_datum_t
+		cert_types.data = (uint8_t*)pdata; // Need casting to get rid of 'discards const qualifier' warning
+		cert_types.size = data_size;
+
+		// Store the server certificate types in our session
+		_gnutls_hello_ext_set_datum(session,
+							 GNUTLS_EXTENSION_SERVER_CERT_TYPE,
+							 &cert_types);
+
+		/* We receive a list of supported certificate types that the client
+		 * is able to process when offered by the server via a subsequent
+		 * Certificate message. This list is sorted by order of preference.
+		 * We now check in this order of preference whether we support any
+		 * of these certificate types.
+		 */
+		for (i = 0; i < cert_types.size; i++) {
+			// Convert to internal representation
+			cert_type = IANA2cert_type(cert_types.data[i]);
+
+			// If we have an invalid cert id then continue to the next
+			if (cert_type == GNUTLS_CRT_UNKNOWN)
+				continue;
+
+			_gnutls_handshake_log("EXT[%p]: Checking compatibility of a %s server certificate type that was received from the client.\n",
+			                      session, gnutls_certificate_type_get_name(cert_type));
+
+			// Check for support of this cert type
+			if (_gnutls_session_is_cert_type_supported(session, cert_type, true, GNUTLS_CTYPE_SERVER) == 0) {
+				found = true;
+				break;
+			}
+		}
+
+		// We found a matching ctype, we pick this one
+		if (found) {
+			_gnutls_session_server_cert_type_set(session, cert_type);
+			ret = GNUTLS_E_SUCCESS;
+		} else {
+			/* If no supported certificate type can be found we terminate
+			 * with a fatal alert of type "unsupported_certificate"
+			 * (according to specification rfc7250).
+			 */
+			ret = GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
+		}
+
+		return ret;
+	}
+}
+
+static int _gnutls_server_cert_type_send_params(gnutls_session_t session,
+						gnutls_buffer_st* data)
+{
+	int ret;
+	uint8_t cert_type_IANA; // Holds an IANA cert type ID
+	gnutls_certificate_type_t cert_type;
+
+	/* Only activate this extension if we have cert credentials set
+	 * and alternative cert types are allowed */
+	if (!are_alternative_cert_types_allowed(session) ||
+	   (_gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE) == NULL))
+		return 0;
+
+	if (!IS_SERVER(session)) {	// Client mode
+		uint8_t cert_types[GNUTLS_CRT_MAX]; // The list with supported (IANA) cert types. Inv: 0 <= cert type Id < 256
+		size_t i, num_cert_types = 0;
+		priority_st* cert_priorities;
+		gnutls_datum_t tmp_cert_types; // For type conversion
+
+		// For brevity
+		cert_priorities = &session->internals.priorities->server_ctype;
+
+		/* Retrieve server certificate type priorities if any. If no
+		 * priorities are set then the default server certificate type
+		 * initialization values apply. This default is currently set to
+		 * X.509 in which case we don't enable this extension.
+		 */
+		if (cert_priorities->num_priorities > 0) {	// Priorities are explicitly set
+			/* If the certificate priority is explicitly set to only
+			 * X.509 (default) then, according to spec we don't send
+			 * this extension. We check this here to avoid further work in
+			 * this routine. We also check it below after pruning supported
+			 * types.
+			 */
+			if (cert_priorities->num_priorities == 1 &&
+					cert_priorities->priorities[0] == DEFAULT_CERT_TYPE) {
+				_gnutls_handshake_log
+						("EXT[%p]: Server certificate type was set to default cert type (%s). "
+						 "We therefore do not send this extension.\n",
+						 session,
+						 gnutls_certificate_type_get_name(DEFAULT_CERT_TYPE));
+
+				// Explicitly set but default ctype, so don't send anything
+				return 0;
+			}
+
+			/* We are only allowed to send certificate types that we support.
+			 * Therefore we check this here and prune our original list.
+			 * This check might seem redundant now because we don't check for
+			 * credentials (they are not needed for a client) and only check the
+			 * priorities over which we already iterate. In the future,
+			 * additional checks might be necessary and they can be easily
+			 * added in the ..type_supported() routine without modifying the
+			 * structure of the code here.
+			 */
+			for (i = 0; i < cert_priorities->num_priorities; i++) {
+
+				cert_type = cert_priorities->priorities[i];
+
+				if (_gnutls_session_is_cert_type_supported(session, cert_type,
+				    false, GNUTLS_CTYPE_SERVER) == 0) {
+					/* Check whether we are allowed to store another cert type
+					 * in our buffer. In other words, prevent a possible buffer
+					 * overflow. This situation can occur when a user sets
+					 * duplicate cert types in the priority strings. */
+					if (num_cert_types >= GNUTLS_CRT_MAX)
+						return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+					// Convert to IANA representation
+					ret = cert_type2IANA(cert_type);
+
+					if (ret < 0)
+						return gnutls_assert_val(ret);
+
+					cert_type_IANA = ret; // For readability
+
+					// Add this cert type to our list with supported types
+					cert_types[num_cert_types] = cert_type_IANA;
+					num_cert_types++;
+
+					_gnutls_handshake_log
+							("EXT[%p]: Server certificate type %s (%d) was queued.\n",
+							 session,
+							 gnutls_certificate_type_get_name(cert_type),
+							 cert_type_IANA);
+				}
+			}
+
+			/* Check whether there are any supported certificate types left
+			 * after the previous pruning step. If not, we do not send this
+			 * extension. Also, if the only supported type is the default type
+			 * we do not send this extension (according to RFC7250).
+			 */
+			if (num_cert_types == 0) {	// For now, this should not occur since we only check priorities while pruning.
+				_gnutls_handshake_log
+						("EXT[%p]: Server certificate types were set but none of them is supported. "
+						 "We do not send this extension.\n",
+						 session);
+
+				return 0;
+			} else if (num_cert_types == 1 &&
+					 IANA2cert_type(cert_types[0]) == DEFAULT_CERT_TYPE) {
+				_gnutls_handshake_log
+						("EXT[%p]: The only supported server certificate type is (%s) which is the default. "
+						 "We therefore do not send this extension.\n",
+						 session,
+						 gnutls_certificate_type_get_name(DEFAULT_CERT_TYPE));
+
+				return 0;
+			}
+
+			/* We have data to send and store a copy internally. We convert
+			 * our list with supported cert types to a datum_t in order to
+			 * be able to make the ..._set_datum call.
+			 */
+			tmp_cert_types.data = cert_types;
+			tmp_cert_types.size = num_cert_types;
+
+			_gnutls_hello_ext_set_datum(session,
+								 GNUTLS_EXTENSION_SERVER_CERT_TYPE,
+								 &tmp_cert_types);
+
+			/* Serialize the certificate types into a sequence of octets
+			 * uint8: length of sequence of cert types (1 octet)
+			 * uint8: cert types (0 <= #octets <= 255)
+			 */
+			ret = _gnutls_buffer_append_data_prefix(data, 8,
+								cert_types,
+								num_cert_types);
+
+			// Check for errors and cleanup in case of error
+			if (ret < 0) {
+				return gnutls_assert_val(ret);
+			} else {
+				// Number of bytes we are sending
+				return num_cert_types + 1;
+			}
+		}
+	} else {	// Server mode
+		// Retrieve negotiated server certificate type and send it
+		cert_type = get_certificate_type(session, GNUTLS_CTYPE_SERVER);
+		ret = cert_type2IANA(cert_type);
+
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		cert_type_IANA = ret; // For readability
+
+		_gnutls_handshake_log("EXT[%p]: Confirming to use a %s server certificate type.\n",
+		                      session, gnutls_certificate_type_get_name(cert_type));
+
+		ret = gnutls_buffer_append_data(data, &cert_type_IANA, 1);
+
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		return 1;	// sent one byte
+	}
+
+	// In all other cases don't enable this extension
+	return 0;
+}
+
+
+/** Extension interface **/
+
+/* The interface is defined in state.c:
+ * Public:
+ * - gnutls_certificate_type_get2
+ *
+ * Private:
+ * - _gnutls_session_server_cert_type_set
+ */
diff --git a/lib/ext/server_cert_type.h b/lib/ext/server_cert_type.h
new file mode 100644
index 0000000..3c15b0b
--- /dev/null
+++ b/lib/ext/server_cert_type.h
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2016 - 2018 ARPA2 project
+ *
+ * Author: Tom Vrancken (dev@tomvrancken.nl)
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ * This file is part of the server_certificate_type extension as
+ * defined in RFC7250 (https://tools.ietf.org/html/rfc7250).
+ *
+ * The server_certificate_type extension in the client hello indicates
+ * the certificate types the client is able to process from the server
+ * in order to authenticate the server.
+ */
+
+#ifndef GNUTLS_LIB_EXT_SERVER_CERT_TYPE_H
+#define GNUTLS_LIB_EXT_SERVER_CERT_TYPE_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_server_cert_type;
+
+#endif /* GNUTLS_LIB_EXT_SERVER_CERT_TYPE_H */
diff --git a/lib/ext/server_name.c b/lib/ext/server_name.c
new file mode 100644
index 0000000..d52c8d0
--- /dev/null
+++ b/lib/ext/server_name.c
@@ -0,0 +1,385 @@
+/*
+ * Copyright (C) 2002-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "auth.h"
+#include "errors.h"
+#include "num.h"
+#include "str.h"
+#include <ext/server_name.h>
+#include "hello_ext_lib.h"
+
+static int _gnutls_server_name_recv_params(gnutls_session_t session,
+					   const uint8_t * data,
+					   size_t data_size);
+static int _gnutls_server_name_send_params(gnutls_session_t session,
+					   gnutls_buffer_st * extdata);
+
+int
+_gnutls_server_name_set_raw(gnutls_session_t session,
+			    gnutls_server_name_type_t type,
+			    const void *name, size_t name_length);
+
+const hello_ext_entry_st ext_mod_server_name = {
+	.name = "Server Name Indication",
+	.tls_id = 0,
+	.gid = GNUTLS_EXTENSION_SERVER_NAME,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		    GNUTLS_EXT_FLAG_EE | GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
+	.client_parse_point = GNUTLS_EXT_MANDATORY,
+	.server_parse_point = GNUTLS_EXT_MANDATORY,
+	.recv_func = _gnutls_server_name_recv_params,
+	.send_func = _gnutls_server_name_send_params,
+	.pack_func = _gnutls_hello_ext_default_pack,
+	.unpack_func = _gnutls_hello_ext_default_unpack,
+	.deinit_func = _gnutls_hello_ext_default_deinit,
+	.cannot_be_overriden = 1
+};
+
+/*
+ * In case of a server: if a NAME_DNS extension type is received then
+ * it stores into the session the value of NAME_DNS. The server may
+ * use gnutls_ext_get_server_name(), in order to access it.
+ *
+ * In case of a client: If a proper NAME_DNS extension type is found
+ * in the session then it sends the extension to the peer.
+ *
+ */
+static int
+_gnutls_server_name_recv_params(gnutls_session_t session,
+				const uint8_t * data, size_t data_size)
+{
+	const unsigned char *p;
+	uint16_t len, type;
+	gnutls_datum_t name;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		DECR_LENGTH_RET(data_size, 2, GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+		len = _gnutls_read_uint16(data);
+		if (len == 0)
+			return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+		if (len != data_size) {
+			gnutls_assert();
+			return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+		}
+
+		p = data + 2;
+
+		while (data_size > 0) {
+			DECR_LEN(data_size, 1);
+			type = *p;
+			p++;
+
+			DECR_LEN(data_size, 2);
+			len = _gnutls_read_uint16(p);
+			p += 2;
+
+			if (len == 0) {
+				_gnutls_handshake_log
+				    ("HSK[%p]: Received server name size of zero\n",
+				     session);
+				return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+			}
+
+			DECR_LEN(data_size, len);
+
+			if (type == 0) { /* NAME_DNS */
+				if (!_gnutls_dnsname_is_valid((char*)p, len)) {
+					_gnutls_handshake_log
+					    ("HSK[%p]: Server name is not acceptable: '%.*s'\n",
+					     session, (int) len, p);
+					return gnutls_assert_val(GNUTLS_E_RECEIVED_DISALLOWED_NAME);
+				}
+
+				name.data = (void*)p;
+				name.size = len;
+
+				_gnutls_hello_ext_unset_priv(session, GNUTLS_EXTENSION_SERVER_NAME);
+				return _gnutls_hello_ext_set_datum(session,
+					     GNUTLS_EXTENSION_SERVER_NAME,
+					     &name);
+			}
+			p += len;
+
+		}
+
+
+	}
+
+	return 0;
+}
+
+/* returns data_size or a negative number on failure
+ */
+static int
+_gnutls_server_name_send_params(gnutls_session_t session,
+				gnutls_buffer_st * extdata)
+{
+	int total_size = 0, ret;
+	gnutls_datum_t name;
+
+	ret =
+	    _gnutls_hello_ext_get_datum(session, GNUTLS_EXTENSION_SERVER_NAME,
+					&name);
+	if (ret < 0)
+		return 0;
+
+	/* this function sends the client extension data (dnsname)
+	 */
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		if (name.size == 0)
+			return 0;
+
+		/* uint8_t + uint16_t + size
+		 */
+		total_size = 2 + 1 + 2 + name.size;
+
+		/* UINT16: write total size of all names
+		 */
+		ret =
+		    _gnutls_buffer_append_prefix(extdata, 16,
+						 total_size - 2);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		/* UINT8: type of this extension
+		 * UINT16: size of the first name
+		 * LEN: the actual server name.
+		 */
+		ret =
+		    _gnutls_buffer_append_prefix(extdata, 8, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		_gnutls_debug_log("HSK[%p]: sent server name: '%.*s'\n", session, name.size, name.data);
+
+		ret =
+		    _gnutls_buffer_append_data_prefix
+			    (extdata, 16,
+			     name.data, name.size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	} else {
+		return 0;
+	}
+
+	return total_size;
+}
+
+/**
+ * gnutls_server_name_get:
+ * @session: is a #gnutls_session_t type.
+ * @data: will hold the data
+ * @data_length: will hold the data length. Must hold the maximum size of data.
+ * @type: will hold the server name indicator type
+ * @indx: is the index of the server_name
+ *
+ * This function will allow you to get the name indication (if any), a
+ * client has sent.  The name indication may be any of the enumeration
+ * gnutls_server_name_type_t.
+ *
+ * If @type is GNUTLS_NAME_DNS, then this function is to be used by
+ * servers that support virtual hosting, and the data will be a null
+ * terminated IDNA ACE string (prior to GnuTLS 3.4.0 it was a UTF-8 string).
+ *
+ * If @data has not enough size to hold the server name
+ * GNUTLS_E_SHORT_MEMORY_BUFFER is returned, and @data_length will
+ * hold the required size.
+ *
+ * @indx is used to retrieve more than one server names (if sent by
+ * the client).  The first server name has an index of 0, the second 1
+ * and so on.  If no name with the given index exists
+ * GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, on UTF-8
+ *  decoding error %GNUTLS_E_IDNA_ERROR is returned, otherwise a negative
+ *  error code is returned.
+ **/
+int
+gnutls_server_name_get(gnutls_session_t session, void *data,
+		       size_t * data_length,
+		       unsigned int *type, unsigned int indx)
+{
+	char *_data = data;
+	gnutls_datum_t name;
+	int ret;
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (indx != 0)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+	ret =
+	    _gnutls_hello_ext_get_datum(session, GNUTLS_EXTENSION_SERVER_NAME, &name);
+	if (ret < 0) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	if (name.size == 0) {
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	*type = GNUTLS_NAME_DNS;
+
+	if (*data_length > name.size) { /* greater since we need one extra byte for the null */
+		*data_length = name.size;
+		memcpy(data, name.data, *data_length);
+
+		/* null terminate */
+		_data[(*data_length)] = 0;
+
+	} else {
+		*data_length = name.size + 1;
+		ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	return ret;
+}
+
+/* This does not do any conversion not perform any check */
+int
+_gnutls_server_name_set_raw(gnutls_session_t session,
+			    gnutls_server_name_type_t type,
+			    const void *name, size_t name_length)
+{
+	int ret;
+	gnutls_datum_t dname;
+
+	if (name_length >= MAX_SERVER_NAME_SIZE) {
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	_gnutls_hello_ext_unset_priv(session, GNUTLS_EXTENSION_SERVER_NAME);
+
+	dname.data = (void*)name;
+	dname.size = name_length;
+
+	ret = _gnutls_hello_ext_set_datum(session, GNUTLS_EXTENSION_SERVER_NAME, &dname);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+/**
+ * gnutls_server_name_set:
+ * @session: is a #gnutls_session_t type.
+ * @type: specifies the indicator type
+ * @name: is a string that contains the server name.
+ * @name_length: holds the length of name excluding the terminating null byte
+ *
+ * This function is to be used by clients that want to inform (via a
+ * TLS extension mechanism) the server of the name they connected to.
+ * This should be used by clients that connect to servers that do
+ * virtual hosting.
+ *
+ * The value of @name depends on the @type type.  In case of
+ * %GNUTLS_NAME_DNS, a UTF-8 null-terminated domain name string,
+ * without the trailing dot, is expected.
+ *
+ * IPv4 or IPv6 addresses are not permitted to be set by this function.
+ * If the function is called with a name of @name_length zero it will clear
+ * all server names set.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int
+gnutls_server_name_set(gnutls_session_t session,
+		       gnutls_server_name_type_t type,
+		       const void *name, size_t name_length)
+{
+	int ret;
+	gnutls_datum_t idn_name = {NULL,0};
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (name_length == 0) { /* unset extension */
+		_gnutls_hello_ext_unset_priv(session, GNUTLS_EXTENSION_SERVER_NAME);
+		return 0;
+	}
+
+	ret = gnutls_idna_map(name, name_length, &idn_name, 0);
+	if (ret < 0) {
+		 _gnutls_debug_log("unable to convert name %s to IDNA2008 format\n", (char*)name);
+		 return ret;
+	}
+
+	name = idn_name.data;
+	name_length = idn_name.size;
+
+	ret = _gnutls_server_name_set_raw(session, type, name, name_length);
+	gnutls_free(idn_name.data);
+
+	return ret;
+}
+
+unsigned _gnutls_server_name_matches_resumed(gnutls_session_t session)
+{
+	gnutls_datum_t name1, name2;
+	int ret;
+
+	ret =
+	    _gnutls_hello_ext_get_datum(session,
+					GNUTLS_EXTENSION_SERVER_NAME,
+					&name1);
+	if (ret < 0) { /* no server name in this session */
+		name1.data = NULL;
+		name1.size = 0;
+	}
+
+	ret =
+	    _gnutls_hello_ext_get_resumed_datum(session,
+						GNUTLS_EXTENSION_SERVER_NAME,
+						&name2);
+	if (ret < 0) { /* no server name in this session */
+		name2.data = NULL;
+		name2.size = 0;
+	}
+
+	if (name1.data == NULL || name2.data == NULL) {
+		if (name1.data == name2.data)
+			return 1;
+		else
+			return 0;
+	}
+
+	if (name1.size != name2.size)
+		return 0;
+
+	if (memcmp(name1.data, name2.data, name1.size) != 0)
+		return 0;
+
+	return 1;
+}
diff --git a/lib/ext/server_name.h b/lib/ext/server_name.h
new file mode 100644
index 0000000..b5cdd0e
--- /dev/null
+++ b/lib/ext/server_name.h
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_SERVER_NAME_H
+#define GNUTLS_LIB_EXT_SERVER_NAME_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_server_name;
+
+unsigned _gnutls_server_name_matches_resumed(gnutls_session_t);
+
+#endif /* GNUTLS_LIB_EXT_SERVER_NAME_H */
diff --git a/lib/ext/session_ticket.c b/lib/ext/session_ticket.c
new file mode 100644
index 0000000..87d9069
--- /dev/null
+++ b/lib/ext/session_ticket.c
@@ -0,0 +1,843 @@
+/*
+ * Copyright (C) 2009-2018 Free Software Foundation, Inc.
+ *
+ * Author: Daiki Ueno, Ander Juaristi
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file implements the TLS session ticket extension.
+ *
+ * Note that the extension is only used in TLS 1.2.  For TLS 1.3, session
+ * tickets are sent as part of pre_shared_key extension (see pre_shared_key.c).
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <fips.h>
+#include <datum.h>
+#include <algorithms.h>
+#include <handshake.h>
+#include <num.h>
+#include <constate.h>
+#include <session_pack.h>
+#include <random.h>
+#include <ext/session_ticket.h>
+#include <mbuffers.h>
+#include <hello_ext.h>
+#include <constate.h>
+#include <dtls.h>
+#include "stek.h"
+#include "db.h"
+
+static int session_ticket_recv_params(gnutls_session_t session,
+				      const uint8_t * data,
+				      size_t data_size);
+static int session_ticket_send_params(gnutls_session_t session,
+				      gnutls_buffer_st * extdata);
+static int session_ticket_unpack(gnutls_buffer_st * ps,
+				 gnutls_ext_priv_data_t * _priv);
+static int session_ticket_pack(gnutls_ext_priv_data_t _priv,
+			       gnutls_buffer_st * ps);
+static void session_ticket_deinit_data(gnutls_ext_priv_data_t priv);
+
+const hello_ext_entry_st ext_mod_session_ticket = {
+	.name = "Session Ticket",
+	.tls_id = 35,
+	.gid = GNUTLS_EXTENSION_SESSION_TICKET,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		    GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
+	/* This extension must be parsed on session resumption as well; see
+	 * https://gitlab.com/gnutls/gnutls/issues/841 */
+	.client_parse_point = GNUTLS_EXT_MANDATORY,
+	/* on server side we want this parsed after normal handshake resumption
+	 * actions are complete */
+	.server_parse_point = GNUTLS_EXT_TLS,
+	.recv_func = session_ticket_recv_params,
+	.send_func = session_ticket_send_params,
+	.pack_func = session_ticket_pack,
+	.unpack_func = session_ticket_unpack,
+	.deinit_func = session_ticket_deinit_data,
+	.cannot_be_overriden = 1
+};
+
+typedef struct {
+	uint8_t *session_ticket;
+	int session_ticket_len;
+} session_ticket_ext_st;
+
+static void
+deinit_ticket(struct ticket_st *ticket)
+{
+	free(ticket->encrypted_state);
+}
+
+static int
+unpack_ticket(const gnutls_datum_t *ticket_data, struct ticket_st *ticket)
+{
+	const uint8_t * data = ticket_data->data;
+	size_t data_size = ticket_data->size;
+	const uint8_t *encrypted_state;
+
+	/* Format:
+	 *  Key name
+	 *  IV
+	 *  data length
+	 *  encrypted data
+	 *  MAC
+	 */
+	DECR_LEN(data_size, TICKET_KEY_NAME_SIZE);
+	memcpy(ticket->key_name, data, TICKET_KEY_NAME_SIZE);
+	data += TICKET_KEY_NAME_SIZE;
+
+	DECR_LEN(data_size, TICKET_IV_SIZE);
+	memcpy(ticket->IV, data, TICKET_IV_SIZE);
+	data += TICKET_IV_SIZE;
+
+	DECR_LEN(data_size, 2);
+	ticket->encrypted_state_len = _gnutls_read_uint16(data);
+	data += 2;
+
+	encrypted_state = data;
+
+	DECR_LEN(data_size, ticket->encrypted_state_len);
+	data += ticket->encrypted_state_len;
+
+	DECR_LEN(data_size, TICKET_MAC_SIZE);
+	memcpy(ticket->mac, data, TICKET_MAC_SIZE);
+
+	ticket->encrypted_state =
+		gnutls_malloc(ticket->encrypted_state_len);
+	if (!ticket->encrypted_state) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+	memcpy(ticket->encrypted_state, encrypted_state,
+	       ticket->encrypted_state_len);
+
+	return 0;
+}
+
+static void
+pack_ticket(const struct ticket_st *ticket, gnutls_datum_t *ticket_data)
+{
+	uint8_t *p;
+
+	p = ticket_data->data;
+
+	memcpy(p, ticket->key_name, TICKET_KEY_NAME_SIZE);
+	p += TICKET_KEY_NAME_SIZE;
+
+	memcpy(p, ticket->IV, TICKET_IV_SIZE);
+	p += TICKET_IV_SIZE;
+
+	_gnutls_write_uint16(ticket->encrypted_state_len, p);
+	p += 2;
+
+	/* We use memmove instead of memcpy here because
+	 * ticket->encrypted_state is allocated from
+	 * ticket_data->data, and thus both memory areas may overlap.
+	 */
+	memmove(p, ticket->encrypted_state, ticket->encrypted_state_len);
+	p += ticket->encrypted_state_len;
+
+	memcpy(p, ticket->mac, TICKET_MAC_SIZE);
+}
+
+static
+int digest_ticket(const gnutls_datum_t * key, struct ticket_st *ticket,
+	      uint8_t * digest)
+{
+	mac_hd_st digest_hd;
+	uint16_t length16;
+	int ret;
+
+	ret = _gnutls_mac_init(&digest_hd, mac_to_entry(TICKET_MAC_ALGO),
+			      key->data, key->size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	_gnutls_mac(&digest_hd, ticket->key_name, TICKET_KEY_NAME_SIZE);
+	_gnutls_mac(&digest_hd, ticket->IV, TICKET_IV_SIZE);
+	length16 = _gnutls_conv_uint16(ticket->encrypted_state_len);
+	_gnutls_mac(&digest_hd, &length16, 2);
+	_gnutls_mac(&digest_hd, ticket->encrypted_state,
+		   ticket->encrypted_state_len);
+	_gnutls_mac_deinit(&digest_hd, digest);
+
+	return 0;
+}
+
+int
+_gnutls_decrypt_session_ticket(gnutls_session_t session,
+			       const gnutls_datum_t *ticket_data,
+			       gnutls_datum_t *state)
+{
+	cipher_hd_st cipher_hd;
+	gnutls_datum_t IV;
+	gnutls_datum_t stek_key_name, stek_cipher_key, stek_mac_key;
+	uint8_t cmac[TICKET_MAC_SIZE];
+	struct ticket_st ticket;
+	int ret;
+
+	/* Retrieve ticket decryption keys */
+	if (_gnutls_get_session_ticket_decryption_key(session,
+						      ticket_data,
+						      &stek_key_name,
+						      &stek_mac_key,
+						      &stek_cipher_key) < 0)
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+	ret = unpack_ticket(ticket_data, &ticket);
+	if (ret < 0)
+		return ret;
+
+	/* If the key name of the ticket does not match the one that is currently active,
+	   issue a new ticket. */
+	if (memcmp
+	    (ticket.key_name, stek_key_name.data,
+	     stek_key_name.size)) {
+		ret = GNUTLS_E_DECRYPTION_FAILED;
+		goto cleanup;
+	}
+
+	/* Check the integrity of ticket */
+	ret = digest_ticket(&stek_mac_key, &ticket, cmac);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (memcmp(ticket.mac, cmac, TICKET_MAC_SIZE)) {
+		ret = gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+		goto cleanup;
+	}
+
+	if (ticket.encrypted_state_len % TICKET_BLOCK_SIZE != 0) {
+		ret = gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+		goto cleanup;
+	}
+
+	/* Decrypt encrypted_state */
+	IV.data = ticket.IV;
+	IV.size = TICKET_IV_SIZE;
+	ret =
+	    _gnutls_cipher_init(&cipher_hd,
+				cipher_to_entry(TICKET_CIPHER),
+				&stek_cipher_key, &IV, 0);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		gnutls_assert();
+		goto cleanup;
+	}
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+
+	ret = _gnutls_cipher_decrypt(&cipher_hd, ticket.encrypted_state,
+				     ticket.encrypted_state_len);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup2;
+	}
+
+	state->data = ticket.encrypted_state;
+	state->size = ticket.encrypted_state_len;
+
+	ticket.encrypted_state = NULL;
+
+	ret = 0;
+
+cleanup2:
+	_gnutls_cipher_deinit(&cipher_hd);
+
+cleanup:
+	deinit_ticket(&ticket);
+
+	return ret;
+
+}
+
+int
+_gnutls_encrypt_session_ticket(gnutls_session_t session,
+			       const gnutls_datum_t *state,
+			       gnutls_datum_t *ticket_data)
+{
+	cipher_hd_st cipher_hd;
+	gnutls_datum_t IV;
+	gnutls_datum_t encrypted_state;
+	gnutls_datum_t result = { NULL, 0 };
+	uint8_t iv[TICKET_IV_SIZE];
+	gnutls_datum_t stek_cipher_key, stek_mac_key, stek_key_name;
+	struct ticket_st ticket;
+	int ret;
+
+	encrypted_state.size = ((state->size + TICKET_BLOCK_SIZE - 1) / TICKET_BLOCK_SIZE) * TICKET_BLOCK_SIZE;
+	result.size = TICKET_KEY_NAME_SIZE + TICKET_IV_SIZE + 2 +
+	    encrypted_state.size + TICKET_MAC_SIZE;
+	result.data = gnutls_calloc(1, result.size);
+	if (!result.data) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+	encrypted_state.data = result.data + TICKET_KEY_NAME_SIZE + TICKET_IV_SIZE + 2;
+	memcpy(encrypted_state.data, state->data, state->size);
+
+	/* Retrieve ticket encryption keys */
+	if (_gnutls_get_session_ticket_encryption_key(session,
+						      &stek_key_name,
+						      &stek_mac_key,
+						      &stek_cipher_key) < 0) {
+		ret = GNUTLS_E_ENCRYPTION_FAILED;
+		goto cleanup;
+	}
+
+	/* Encrypt state */
+	IV.data = iv;
+	IV.size = TICKET_IV_SIZE;
+
+	ret = gnutls_rnd(GNUTLS_RND_NONCE, iv, TICKET_IV_SIZE);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_cipher_init(&cipher_hd,
+				cipher_to_entry(TICKET_CIPHER),
+				&stek_cipher_key, &IV, 1);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		gnutls_assert();
+		goto cleanup;
+	}
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+
+	ret = _gnutls_cipher_encrypt(&cipher_hd, encrypted_state.data,
+				     encrypted_state.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup2;
+	}
+
+
+	/* Fill the ticket structure to compute MAC. */
+	memcpy(ticket.key_name, stek_key_name.data, stek_key_name.size);
+	memcpy(ticket.IV, IV.data, IV.size);
+	ticket.encrypted_state_len = encrypted_state.size;
+	ticket.encrypted_state = encrypted_state.data;
+
+	ret = digest_ticket(&stek_mac_key, &ticket, ticket.mac);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup2;
+	}
+
+	pack_ticket(&ticket, &result);
+	ticket_data->data = result.data;
+	ticket_data->size = result.size;
+	result.data = NULL;
+
+cleanup2:
+	_gnutls_cipher_deinit(&cipher_hd);
+
+cleanup:
+	_gnutls_free_datum(&result);
+
+	return ret;
+}
+
+static int
+unpack_session(gnutls_session_t session, const gnutls_datum_t *state)
+{
+	int ret;
+
+	if (unlikely(!state))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	ret = _gnutls_session_unpack(session, state);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_check_resumed_params(session);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	session->internals.resumed = true;
+	return 0;
+}
+
+static int
+session_ticket_recv_params(gnutls_session_t session,
+			   const uint8_t * data, size_t data_size)
+{
+	gnutls_datum_t ticket_data;
+	gnutls_datum_t state;
+	int ret;
+
+	if (session->internals.flags & (GNUTLS_NO_TICKETS | GNUTLS_NO_TICKETS_TLS12))
+		return 0;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		/* The client requested a new session ticket. */
+		if (data_size == 0) {
+			session->internals.session_ticket_renew = 1;
+			return 0;
+		}
+
+		ticket_data.data = (void *)data;
+		ticket_data.size = data_size;
+		if ((ret = _gnutls_decrypt_session_ticket(session, &ticket_data, &state)) == 0) {
+			ret = unpack_session(session, &state);
+
+			_gnutls_free_datum(&state);
+		}
+
+		if (ret < 0) {
+			session->internals.session_ticket_renew = 1;
+			return 0;
+		}
+	} else {		/* Client */
+
+		if (data_size == 0) {
+			session->internals.session_ticket_renew = 1;
+			return 0;
+		}
+	}
+
+	return 0;
+}
+
+/* returns a positive number if we send the extension data, (0) if we
+   do not want to send it, and a negative number on failure.
+ */
+static int
+session_ticket_send_params(gnutls_session_t session,
+			   gnutls_buffer_st * extdata)
+{
+	session_ticket_ext_st *priv = NULL;
+	gnutls_ext_priv_data_t epriv;
+	int ret;
+
+	if (session->internals.flags & (GNUTLS_NO_TICKETS | GNUTLS_NO_TICKETS_TLS12))
+		return 0;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		if (session->internals.session_ticket_renew) {
+			return GNUTLS_E_INT_RET_0;
+		}
+	} else {
+		ret =
+		    _gnutls_hello_ext_get_resumed_priv(session,
+							 GNUTLS_EXTENSION_SESSION_TICKET,
+							 &epriv);
+		if (ret >= 0)
+			priv = epriv;
+
+		/* no previous data. Just advertise it */
+		if (ret < 0)
+			return GNUTLS_E_INT_RET_0;
+
+		/* previous data had session tickets disabled. Don't advertise. Ignore. */
+		if (session->internals.flags & GNUTLS_NO_TICKETS)
+			return 0;
+
+		if (priv->session_ticket_len > 0) {
+			ret =
+			    _gnutls_buffer_append_data(extdata,
+						       priv->
+						       session_ticket,
+						       priv->
+						       session_ticket_len);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			return priv->session_ticket_len;
+		}
+	}
+	return 0;
+}
+
+
+static void session_ticket_deinit_data(gnutls_ext_priv_data_t epriv)
+{
+	session_ticket_ext_st *priv = epriv;
+
+	gnutls_free(priv->session_ticket);
+	gnutls_free(priv);
+}
+
+static int
+session_ticket_pack(gnutls_ext_priv_data_t epriv, gnutls_buffer_st * ps)
+{
+	session_ticket_ext_st *priv = epriv;
+	int ret;
+
+	BUFFER_APPEND_PFX4(ps, priv->session_ticket,
+			   priv->session_ticket_len);
+
+	return 0;
+}
+
+static int
+session_ticket_unpack(gnutls_buffer_st * ps, gnutls_ext_priv_data_t * _priv)
+{
+	session_ticket_ext_st *priv = NULL;
+	int ret;
+	gnutls_ext_priv_data_t epriv;
+	gnutls_datum_t ticket;
+
+	priv = gnutls_calloc(1, sizeof(*priv));
+	if (priv == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	BUFFER_POP_DATUM(ps, &ticket);
+	priv->session_ticket = ticket.data;
+	priv->session_ticket_len = ticket.size;
+
+	epriv = priv;
+	*_priv = epriv;
+
+	return 0;
+
+      error:
+	gnutls_free(priv);
+	return ret;
+}
+
+
+
+/**
+ * gnutls_session_ticket_key_generate:
+ * @key: is a pointer to a #gnutls_datum_t which will contain a newly
+ * created key.
+ *
+ * Generate a random key to encrypt security parameters within
+ * SessionTicket.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or an
+ * error code.
+ *
+ * Since: 2.10.0
+ **/
+int gnutls_session_ticket_key_generate(gnutls_datum_t * key)
+{
+	if (_gnutls_fips_mode_enabled()) {
+		int ret;
+		/* in FIPS140-2 mode gnutls_key_generate imposes
+		 * some limits on allowed key size, thus it is not
+		 * used. These limits do not affect this function as
+		 * it does not generate a "key" but rather key material
+		 * that includes nonces and other stuff. */
+		key->data = gnutls_malloc(TICKET_MASTER_KEY_SIZE);
+		if (key->data == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		key->size = TICKET_MASTER_KEY_SIZE;
+		ret = gnutls_rnd(GNUTLS_RND_RANDOM, key->data, key->size);
+		if (ret < 0) {
+			gnutls_free(key->data);
+			return ret;
+		}
+		return 0;
+	} else {
+		return gnutls_key_generate(key, TICKET_MASTER_KEY_SIZE);
+	}
+}
+
+/**
+ * gnutls_session_ticket_enable_client:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Request that the client should attempt session resumption using
+ * SessionTicket. This call is typically unnecessary as session
+ * tickets are enabled by default.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or an
+ * error code.
+ *
+ * Since: 2.10.0
+ **/
+int gnutls_session_ticket_enable_client(gnutls_session_t session)
+{
+	if (!session) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	session->internals.flags &= ~GNUTLS_NO_TICKETS;
+
+	return 0;
+}
+
+/**
+ * gnutls_session_ticket_enable_server:
+ * @session: is a #gnutls_session_t type.
+ * @key: key to encrypt session parameters.
+ *
+ * Request that the server should attempt session resumption using
+ * session tickets, i.e., by delegating storage to the client.
+ * @key must be initialized using gnutls_session_ticket_key_generate().
+ * To avoid leaking that key, use gnutls_memset() prior to
+ * releasing it.
+ *
+ * The default ticket expiration time can be overridden using
+ * gnutls_db_set_cache_expiration().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or an
+ * error code.
+ *
+ * Since: 2.10.0
+ **/
+int
+gnutls_session_ticket_enable_server(gnutls_session_t session,
+				    const gnutls_datum_t * key)
+{
+	int ret;
+
+	if (!session || !key || key->size != TICKET_MASTER_KEY_SIZE || !key->data) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_initialize_session_ticket_key_rotation(session, key);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	session->internals.flags &= ~GNUTLS_NO_TICKETS;
+
+	return 0;
+}
+
+/*
+ * Return zero if session tickets haven't been enabled.
+ */
+int _gnutls_send_new_session_ticket(gnutls_session_t session, int again)
+{
+	mbuffer_st *bufel = NULL;
+	uint8_t *data = NULL, *p;
+	int data_size = 0;
+	int ret;
+	gnutls_datum_t state = { NULL, 0 };
+	uint16_t epoch_saved = session->security_parameters.epoch_write;
+	gnutls_datum_t ticket_data;
+
+	if (again == 0) {
+		if (session->internals.flags & (GNUTLS_NO_TICKETS |
+						GNUTLS_NO_TICKETS_TLS12)) {
+			return 0;
+		}
+		if (!session->key.stek_initialized) {
+			return 0;
+		}
+		if (!session->internals.session_ticket_renew) {
+			return 0;
+		}
+
+		_gnutls_handshake_log
+		    ("HSK[%p]: sending session ticket\n", session);
+
+		/* XXX: Temporarily set write algorithms to be used.
+		   _gnutls_write_connection_state_init() does this job, but it also
+		   triggers encryption, while NewSessionTicket should not be
+		   encrypted in the record layer. */
+		ret =
+		    _gnutls_epoch_set_keys(session,
+					   session->security_parameters.
+					   epoch_next, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		/* Under TLS1.2 with session tickets, the session ID is used for different
+		 * purposes than the TLS1.0 session ID. Ensure that there is an internally
+		 * set value which the server will see on the original and resumed sessions */
+		if (!session->internals.resumed) {
+			ret = _gnutls_generate_session_id(session->security_parameters.
+							  session_id,
+							  &session->security_parameters.
+							  session_id_size);
+			if (ret < 0) {
+				gnutls_assert();
+				return ret;
+			}
+		}
+
+		session->security_parameters.epoch_write =
+		    session->security_parameters.epoch_next;
+
+		/* Pack security parameters. */
+		ret = _gnutls_session_pack(session, &state);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		/* Generate an encrypted ticket */
+		ret = _gnutls_encrypt_session_ticket(session, &state, &ticket_data);
+		session->security_parameters.epoch_write = epoch_saved;
+		_gnutls_free_datum(&state);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		bufel =
+		    _gnutls_handshake_alloc(session, 
+					    4 + 2 + ticket_data.size);
+		if (!bufel) {
+			gnutls_assert();
+			_gnutls_free_datum(&ticket_data);
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+
+		data = _mbuffer_get_udata_ptr(bufel);
+		p = data;
+
+		_gnutls_write_uint32(session->internals.expire_time, p);
+		p += 4;
+
+		_gnutls_write_uint16(ticket_data.size, p);
+		p += 2;
+
+		memcpy(p, ticket_data.data, ticket_data.size);
+		p += ticket_data.size;
+
+		_gnutls_free_datum(&ticket_data);
+
+		data_size = p - data;
+
+		session->internals.hsk_flags |= HSK_TLS12_TICKET_SENT;
+	}
+	return _gnutls_send_handshake(session, data_size ? bufel : NULL,
+				      GNUTLS_HANDSHAKE_NEW_SESSION_TICKET);
+}
+
+/*
+ * Return zero if session tickets haven't been enabled.
+ */
+int _gnutls_recv_new_session_ticket(gnutls_session_t session)
+{
+	uint8_t *p;
+	int data_size;
+	gnutls_buffer_st buf;
+	uint16_t ticket_len;
+	int ret;
+	session_ticket_ext_st *priv = NULL;
+	gnutls_ext_priv_data_t epriv;
+
+	if (session->internals.flags & (GNUTLS_NO_TICKETS |
+					GNUTLS_NO_TICKETS_TLS12))
+		return 0;
+	if (!session->internals.session_ticket_renew)
+		return 0;
+
+	/* This is the last flight and peer cannot be sure
+	 * we have received it unless we notify him. So we
+	 * wait for a message and retransmit if needed. */
+	if (IS_DTLS(session) && !_dtls_is_async(session)) {
+		unsigned have;
+		mbuffer_st *bufel = NULL;
+
+		have = gnutls_record_check_pending(session) +
+		       record_check_unprocessed(session);
+
+		if (have != 0) {
+			bufel = _mbuffer_head_get_first(&session->internals.record_buffer, NULL);
+		}
+
+		if (have == 0 || (bufel && bufel->type != GNUTLS_HANDSHAKE)) {
+			ret = _dtls_wait_and_retransmit(session);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+	}
+
+	ret = _gnutls_recv_handshake(session,
+				     GNUTLS_HANDSHAKE_NEW_SESSION_TICKET,
+				     0, &buf);
+	if (ret < 0)
+		return gnutls_assert_val_fatal(ret);
+
+	p = buf.data;
+	data_size = buf.length;
+
+	DECR_LENGTH_COM(data_size, 4, ret =
+			GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+			goto error);
+	/* skip over lifetime hint */
+	p += 4;
+
+	DECR_LENGTH_COM(data_size, 2, ret =
+			GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+			goto error);
+	ticket_len = _gnutls_read_uint16(p);
+	p += 2;
+
+	DECR_LENGTH_COM(data_size, ticket_len, ret =
+			GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+			goto error);
+
+	priv = gnutls_calloc(1, sizeof(*priv));
+	if (!priv) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto error;
+	}
+	if (ticket_len > 0) {
+		priv->session_ticket =
+		    gnutls_realloc_fast(priv->session_ticket, ticket_len);
+		if (!priv->session_ticket) {
+			gnutls_free(priv);
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto error;
+		}
+		memcpy(priv->session_ticket, p, ticket_len);
+	}
+	priv->session_ticket_len = ticket_len;
+	epriv = priv;
+
+	/* Discard the current session ID.  (RFC5077 3.4) */
+	ret =
+	    _gnutls_generate_session_id(session->security_parameters.
+					session_id,
+					&session->security_parameters.
+					session_id_size);
+	if (ret < 0) {
+		gnutls_assert();
+		session_ticket_deinit_data(epriv);
+		ret = GNUTLS_E_INTERNAL_ERROR;
+		goto error;
+	}
+	ret = 0;
+
+	_gnutls_handshake_log
+		    ("HSK[%p]: received session ticket\n", session);
+	session->internals.hsk_flags |= HSK_TICKET_RECEIVED;
+
+	_gnutls_hello_ext_set_priv(session,
+			GNUTLS_EXTENSION_SESSION_TICKET,
+			epriv);
+
+      error:
+	_gnutls_buffer_clear(&buf);
+
+	return ret;
+}
diff --git a/lib/ext/session_ticket.h b/lib/ext/session_ticket.h
new file mode 100644
index 0000000..da804ec
--- /dev/null
+++ b/lib/ext/session_ticket.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2009-2012 Free Software Foundation, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_SESSION_TICKET_H
+#define GNUTLS_LIB_EXT_SESSION_TICKET_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_session_ticket;
+
+int _gnutls_send_new_session_ticket(gnutls_session_t session, int again);
+int _gnutls_recv_new_session_ticket(gnutls_session_t session);
+
+int _gnutls_encrypt_session_ticket(gnutls_session_t session,
+				   const gnutls_datum_t *state,
+				   gnutls_datum_t *ticket_data);
+int _gnutls_decrypt_session_ticket(gnutls_session_t session,
+				   const gnutls_datum_t *ticket_data,
+				   gnutls_datum_t *state);
+
+#endif /* GNUTLS_LIB_EXT_SESSION_TICKET_H */
diff --git a/lib/ext/signature.c b/lib/ext/signature.c
new file mode 100644
index 0000000..bb350f5
--- /dev/null
+++ b/lib/ext/signature.c
@@ -0,0 +1,587 @@
+/*
+ * Copyright (C) 2002-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the code for the Signature Algorithms TLS extension.
+ * This extension is currently gnutls specific.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "num.h"
+#include <gnutls/gnutls.h>
+#include <ext/signature.h>
+#include <state.h>
+#include <num.h>
+#include <algorithms.h>
+#include <abstract_int.h>
+
+/*
+ * Some (all SChannel) clients fail to send proper SigAlgs due to Micro$oft crazyness.
+ * Patch the extension for them.
+ */
+#ifdef ENABLE_GOST
+#define GOST_SIG_FIXUP_SCHANNEL
+#endif
+
+static int _gnutls_signature_algorithm_recv_params(gnutls_session_t
+						   session,
+						   const uint8_t * data,
+						   size_t data_size);
+static int _gnutls_signature_algorithm_send_params(gnutls_session_t
+						   session,
+						   gnutls_buffer_st * extdata);
+static void signature_algorithms_deinit_data(gnutls_ext_priv_data_t priv);
+static int signature_algorithms_pack(gnutls_ext_priv_data_t epriv,
+				     gnutls_buffer_st * ps);
+static int signature_algorithms_unpack(gnutls_buffer_st * ps,
+				       gnutls_ext_priv_data_t * _priv);
+
+const hello_ext_entry_st ext_mod_sig = {
+	.name = "Signature Algorithms",
+	.tls_id = 13,
+	.gid = GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO,
+	.client_parse_point = GNUTLS_EXT_TLS,
+	.server_parse_point = GNUTLS_EXT_TLS,
+	.recv_func = _gnutls_signature_algorithm_recv_params,
+	.send_func = _gnutls_signature_algorithm_send_params,
+	.pack_func = signature_algorithms_pack,
+	.unpack_func = signature_algorithms_unpack,
+	.deinit_func = signature_algorithms_deinit_data,
+	.cannot_be_overriden = 1
+};
+
+typedef struct {
+	/* TLS 1.2 signature algorithms */
+	gnutls_sign_algorithm_t sign_algorithms[MAX_ALGOS];
+	uint16_t sign_algorithms_size;
+} sig_ext_st;
+
+/* generates a SignatureAndHashAlgorithm structure with length as prefix
+ * by using the setup priorities.
+ */
+int
+_gnutls_sign_algorithm_write_params(gnutls_session_t session,
+				    gnutls_buffer_st * extdata)
+{
+	uint8_t *p;
+	unsigned int len, i;
+	const sign_algorithm_st *aid, *prev = NULL;
+	uint8_t buffer[MAX_ALGOS*2];
+
+	p = buffer;
+	len = 0;
+
+	/* This generates a list of TLS signature algorithms. It has
+	 * limited duplicate detection, and does not add twice the same
+	 * AID */
+
+	for (i=0;i<session->internals.priorities->sigalg.size;i++) {
+		aid = &session->internals.priorities->sigalg.entry[i]->aid;
+
+		if (HAVE_UNKNOWN_SIGAID(aid))
+			continue;
+
+		if (prev && prev->id[0] == aid->id[0] && prev->id[1] == aid->id[1])
+			continue;
+
+		/* Ignore non-GOST sign types for CertReq */
+		if (session->security_parameters.cs &&
+		    _gnutls_kx_is_vko_gost(session->security_parameters.cs->kx_algorithm) &&
+		    !_sign_is_gost(session->internals.priorities->sigalg.entry[i]))
+			continue;
+
+		_gnutls_handshake_log
+		    ("EXT[%p]: sent signature algo (%d.%d) %s\n", session,
+		     (int)aid->id[0], (int)aid->id[1],
+		     session->internals.priorities->sigalg.entry[i]->name);
+
+		len += 2;
+		if (unlikely(len >= sizeof(buffer))) {
+			len -= 2;
+			break;
+		}
+
+		*p = aid->id[0];
+		p++;
+		*p = aid->id[1];
+		p++;
+		prev = aid;
+	}
+
+	return _gnutls_buffer_append_data_prefix(extdata, 16, buffer, len);
+}
+
+
+/* Parses the Signature Algorithm structure and stores data into
+ * session->security_parameters.extensions.
+ */
+int
+_gnutls_sign_algorithm_parse_data(gnutls_session_t session,
+				  const uint8_t * data, size_t data_size)
+{
+	unsigned int sig, i;
+	sig_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+	const version_entry_st *ver = get_version(session);
+
+	if (data_size == 0 || data_size % 2 != 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	if (ver == NULL) { /* assume TLS 1.2 semantics */
+		ver = version_to_entry(GNUTLS_TLS1_2);
+		if (unlikely(ver == NULL)) {
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		}
+	}
+
+	priv = gnutls_calloc(1, sizeof(*priv));
+	if (priv == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	for (i = 0; i < data_size; i += 2) {
+		uint8_t id[2];
+
+		id[0] = data[i];
+		id[1] = data[i + 1];
+
+		sig = _gnutls_tls_aid_to_sign(id[0], id[1], ver);
+
+		_gnutls_handshake_log
+		    ("EXT[%p]: rcvd signature algo (%d.%d) %s\n", session,
+		     (int)id[0], (int)id[1],
+		     gnutls_sign_get_name(sig));
+
+		if (sig != GNUTLS_SIGN_UNKNOWN) {
+			if (priv->sign_algorithms_size == MAX_ALGOS)
+				break;
+			priv->sign_algorithms[priv->
+					      sign_algorithms_size++] = sig;
+		}
+	}
+
+	epriv = priv;
+	_gnutls_hello_ext_set_priv(session,
+				     GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS,
+				     epriv);
+
+	return 0;
+}
+
+/*
+ * In case of a server: if a SIGNATURE_ALGORITHMS extension type is
+ * received then it stores into the session security parameters the
+ * new value.
+ *
+ * In case of a client: If a signature_algorithms have been specified
+ * then it is an error;
+ */
+
+static int
+_gnutls_signature_algorithm_recv_params(gnutls_session_t session,
+					const uint8_t * data,
+					size_t data_size)
+{
+	int ret;
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		/* nothing for now */
+		gnutls_assert();
+		/* Although TLS 1.2 mandates that we must not accept reply
+		 * to this message, there are good reasons to just ignore it. Check
+		 * https://www.ietf.org/mail-archive/web/tls/current/msg03880.html
+		 */
+		/* return GNUTLS_E_UNEXPECTED_PACKET; */
+	} else {
+		/* SERVER SIDE
+		 */
+		if (data_size >= 2) {
+			uint16_t len;
+
+			DECR_LEN(data_size, 2);
+			len = _gnutls_read_uint16(data);
+			DECR_LEN(data_size, len);
+
+			if (data_size > 0)
+				return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+			ret =
+			    _gnutls_sign_algorithm_parse_data(session,
+							      data + 2,
+							      len);
+			if (ret < 0) {
+				gnutls_assert();
+				return ret;
+			}
+		} else {
+			return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+		}
+	}
+
+	return 0;
+}
+
+/* returns data_size or a negative number on failure
+ */
+static int
+_gnutls_signature_algorithm_send_params(gnutls_session_t session,
+					gnutls_buffer_st * extdata)
+{
+	int ret;
+	size_t init_length = extdata->length;
+	const version_entry_st *ver = get_version(session);
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	/* this function sends the client extension data */
+	if (session->security_parameters.entity == GNUTLS_CLIENT
+	    && _gnutls_version_has_selectable_sighash(ver)) {
+		if (session->internals.priorities->sigalg.size > 0) {
+			ret =
+			    _gnutls_sign_algorithm_write_params(session, extdata);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			return extdata->length - init_length;
+		}
+	}
+
+	/* if we are here it means we don't send the extension */
+	return 0;
+}
+
+#ifdef GOST_SIG_FIXUP_SCHANNEL
+static bool
+is_gost_sig_present(sig_ext_st *priv)
+{
+	unsigned i;
+	const gnutls_sign_entry_st *se;
+
+	for (i = 0; i < priv->sign_algorithms_size; i++) {
+		se = _gnutls_sign_to_entry(priv->sign_algorithms[i]);
+		if (se != NULL && _sign_is_gost(se))
+			return true;
+	}
+
+	return false;
+}
+#endif
+
+/* Returns a requested by the peer signature algorithm that
+ * matches the given certificate's public key algorithm.
+ *
+ * When the @client_cert flag is not set, then this function will
+ * also check whether the signature algorithm is allowed to be
+ * used in that session. Otherwise GNUTLS_SIGN_UNKNOWN is
+ * returned.
+ */
+gnutls_sign_algorithm_t
+_gnutls_session_get_sign_algo(gnutls_session_t session,
+			      gnutls_pcert_st * cert,
+			      gnutls_privkey_t privkey,
+			      unsigned client_cert,
+			      gnutls_kx_algorithm_t kx_algorithm)
+{
+	unsigned i;
+	int ret;
+	const version_entry_st *ver = get_version(session);
+	sig_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+	unsigned int cert_algo;
+	const gnutls_sign_entry_st *se;
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_SIGN_UNKNOWN);
+
+	cert_algo = gnutls_pubkey_get_pk_algorithm(cert->pubkey, NULL);
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session,
+					GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS,
+					&epriv);
+	if (ret < 0)
+		priv = NULL;
+	else
+		priv = epriv;
+
+#ifdef GOST_SIG_FIXUP_SCHANNEL
+	/*
+	 * Some (all SChannel) clients fail to send proper SigAlgs due to Micro$oft crazyness.
+	 * If we are negotiating GOST KX (because we have received GOST
+	 * ciphersuites) and if we have received no GOST SignatureAlgorithms,
+	 * assume that the client could not send them and continue negotiation
+	 * as if correct algorithm was sent.
+	 */
+	if (_gnutls_kx_is_vko_gost(kx_algorithm) &&
+	    (!priv ||
+	     !is_gost_sig_present(priv) ||
+	     !_gnutls_version_has_selectable_sighash(ver))) {
+		gnutls_digest_algorithm_t dig;
+
+		_gnutls_handshake_log("EXT[%p]: GOST KX, but no GOST SigAlgs received, patching up.", session);
+
+		if (cert_algo == GNUTLS_PK_GOST_01)
+			dig = GNUTLS_DIG_GOSTR_94;
+		else if (cert_algo == GNUTLS_PK_GOST_12_256)
+			dig = GNUTLS_DIG_STREEBOG_256;
+		else if (cert_algo == GNUTLS_PK_GOST_12_512)
+			dig = GNUTLS_DIG_STREEBOG_512;
+		else
+			dig = GNUTLS_DIG_SHA1;
+
+		ret = gnutls_pk_to_sign(cert_algo, dig);
+
+		if (!client_cert && _gnutls_session_sign_algo_enabled(session, ret) < 0)
+			goto fail;
+		return ret;
+	}
+#endif
+
+	if (!priv || !_gnutls_version_has_selectable_sighash(ver)) {
+		/* none set, allow SHA-1 only */
+		ret = gnutls_pk_to_sign(cert_algo, GNUTLS_DIG_SHA1);
+
+		if (!client_cert && _gnutls_session_sign_algo_enabled(session, ret) < 0)
+			goto fail;
+		return ret;
+	}
+
+
+
+	for (i = 0; i < priv->sign_algorithms_size; i++) {
+		se = _gnutls_sign_to_entry(priv->sign_algorithms[i]);
+		if (se == NULL)
+			continue;
+
+		_gnutls_handshake_log("checking cert compat with %s\n", se->name);
+
+		if (_gnutls_privkey_compatible_with_sig(privkey, priv->sign_algorithms[i]) == 0)
+			continue;
+
+		if (sign_supports_cert_pk_algorithm(se, cert_algo) != 0) {
+			if (_gnutls_pubkey_compatible_with_sig
+			    (session, cert->pubkey, ver, se->id) < 0)
+				continue;
+
+			if (_gnutls_session_sign_algo_enabled
+			    (session, se->id) < 0)
+				continue;
+
+			return se->id;
+		}
+	}
+
+	/* When having a legacy client certificate which can only be signed
+	 * using algorithms we don't always enable by default (e.g., DSA-SHA1),
+	 * continue and sign with it. */
+	if (client_cert) {
+		_gnutls_audit_log(session, "No shared signature schemes with peer for client certificate (%s). Is the certificate a legacy one?\n",
+				  gnutls_pk_get_name(cert_algo));
+	}
+
+ fail:
+	return GNUTLS_SIGN_UNKNOWN;
+}
+
+/* Check if the given signature algorithm is supported.
+ * This means that it is enabled by the priority functions,
+ * and in case of a server a matching certificate exists.
+ */
+int
+_gnutls_session_sign_algo_enabled(gnutls_session_t session,
+				  gnutls_sign_algorithm_t sig)
+{
+	unsigned i;
+	const version_entry_st *ver = get_version(session);
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (!_gnutls_version_has_selectable_sighash(ver)) {
+		return 0;
+	}
+
+	if (ver->tls13_sem) {
+		/* disallow RSA, DSA, and SHA1 */
+		const gnutls_sign_entry_st *se;
+
+		se = _gnutls_sign_to_entry(sig);
+		if (se == NULL || (se->flags & GNUTLS_SIGN_FLAG_TLS13_OK) == 0) {
+			gnutls_assert();
+			goto disallowed;
+		}
+	}
+
+	for (i = 0; i < session->internals.priorities->sigalg.size; i++) {
+		if (session->internals.priorities->sigalg.entry[i]->id == sig) {
+			return 0;	/* ok */
+		}
+	}
+
+ disallowed:
+	_gnutls_handshake_log("Signature algorithm %s is not enabled\n", gnutls_sign_algorithm_get_name(sig));
+	return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
+}
+
+static void signature_algorithms_deinit_data(gnutls_ext_priv_data_t priv)
+{
+	gnutls_free(priv);
+}
+
+static int
+signature_algorithms_pack(gnutls_ext_priv_data_t epriv,
+			  gnutls_buffer_st * ps)
+{
+	sig_ext_st *priv = epriv;
+	int ret, i;
+
+	BUFFER_APPEND_NUM(ps, priv->sign_algorithms_size);
+	for (i = 0; i < priv->sign_algorithms_size; i++) {
+		BUFFER_APPEND_NUM(ps, priv->sign_algorithms[i]);
+	}
+	return 0;
+}
+
+static int
+signature_algorithms_unpack(gnutls_buffer_st * ps,
+			    gnutls_ext_priv_data_t * _priv)
+{
+	sig_ext_st *priv;
+	int i, ret;
+	gnutls_ext_priv_data_t epriv;
+
+	priv = gnutls_calloc(1, sizeof(*priv));
+	if (priv == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	BUFFER_POP_NUM(ps, priv->sign_algorithms_size);
+	for (i = 0; i < priv->sign_algorithms_size; i++) {
+		BUFFER_POP_NUM(ps, priv->sign_algorithms[i]);
+	}
+
+	epriv = priv;
+	*_priv = epriv;
+
+	return 0;
+
+      error:
+	gnutls_free(priv);
+	return ret;
+}
+
+
+
+/**
+ * gnutls_sign_algorithm_get_requested:
+ * @session: is a #gnutls_session_t type.
+ * @indx: is an index of the signature algorithm to return
+ * @algo: the returned certificate type will be stored there
+ *
+ * Returns the signature algorithm specified by index that was
+ * requested by the peer. If the specified index has no data available
+ * this function returns %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.  If
+ * the negotiated TLS version does not support signature algorithms
+ * then %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned even
+ * for the first index.  The first index is 0.
+ *
+ * This function is useful in the certificate callback functions
+ * to assist in selecting the correct certificate.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since: 2.10.0
+ **/
+int
+gnutls_sign_algorithm_get_requested(gnutls_session_t session,
+				    size_t indx,
+				    gnutls_sign_algorithm_t * algo)
+{
+	const version_entry_st *ver = get_version(session);
+	sig_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+	int ret;
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session,
+					GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS,
+					&epriv);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+	priv = epriv;
+
+	if (!_gnutls_version_has_selectable_sighash(ver)
+	    || priv->sign_algorithms_size == 0) {
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	if (indx < priv->sign_algorithms_size) {
+		*algo = priv->sign_algorithms[indx];
+		return 0;
+	} else
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+}
+
+/**
+ * gnutls_sign_algorithm_get:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Returns the signature algorithm that is (or will be) used in this
+ * session by the server to sign data. This function should be
+ * used only with TLS 1.2 or later.
+ *
+ * Returns: The sign algorithm or %GNUTLS_SIGN_UNKNOWN.
+ *
+ * Since: 3.1.1
+ **/
+int gnutls_sign_algorithm_get(gnutls_session_t session)
+{
+	return session->security_parameters.server_sign_algo;
+}
+
+/**
+ * gnutls_sign_algorithm_get_client:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Returns the signature algorithm that is (or will be) used in this
+ * session by the client to sign data. This function should be
+ * used only with TLS 1.2 or later.
+ *
+ * Returns: The sign algorithm or %GNUTLS_SIGN_UNKNOWN.
+ *
+ * Since: 3.1.11
+ **/
+int gnutls_sign_algorithm_get_client(gnutls_session_t session)
+{
+	return session->security_parameters.client_sign_algo;
+}
diff --git a/lib/ext/signature.h b/lib/ext/signature.h
new file mode 100644
index 0000000..ef42763
--- /dev/null
+++ b/lib/ext/signature.h
@@ -0,0 +1,61 @@
+/*
+ * Copyright (C) 2002-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_SIGNATURE_H
+#define GNUTLS_LIB_EXT_SIGNATURE_H
+
+/* signature algorithms extension
+ */
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_sig;
+
+gnutls_sign_algorithm_t
+_gnutls_session_get_sign_algo(gnutls_session_t session,
+			      gnutls_pcert_st * cert,
+			      gnutls_privkey_t privkey,
+			      unsigned client_cert,
+			      gnutls_kx_algorithm_t kx_algorithm);
+int _gnutls_sign_algorithm_parse_data(gnutls_session_t session,
+				      const uint8_t * data,
+				      size_t data_size);
+int _gnutls_sign_algorithm_write_params(gnutls_session_t session,
+					gnutls_buffer_st * extdata);
+int _gnutls_session_sign_algo_enabled(gnutls_session_t session,
+				      gnutls_sign_algorithm_t sig);
+
+static inline void
+gnutls_sign_algorithm_set_server(gnutls_session_t session,
+				 gnutls_sign_algorithm_t sign)
+{
+	session->security_parameters.server_sign_algo = sign;
+}
+
+static inline void
+gnutls_sign_algorithm_set_client(gnutls_session_t session,
+				 gnutls_sign_algorithm_t sign)
+{
+	session->security_parameters.client_sign_algo = sign;
+}
+
+#endif /* GNUTLS_LIB_EXT_SIGNATURE_H */
diff --git a/lib/ext/srp.c b/lib/ext/srp.c
new file mode 100644
index 0000000..f236c64
--- /dev/null
+++ b/lib/ext/srp.c
@@ -0,0 +1,277 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <ext/srp.h>
+
+#ifdef ENABLE_SRP
+
+#include "auth.h"
+#include <auth/srp_kx.h>
+#include "errors.h"
+#include "algorithms.h"
+#include <num.h>
+#include <hello_ext.h>
+
+static int _gnutls_srp_unpack(gnutls_buffer_st * ps,
+			      gnutls_ext_priv_data_t * _priv);
+static int _gnutls_srp_pack(gnutls_ext_priv_data_t epriv,
+			    gnutls_buffer_st * ps);
+static void _gnutls_srp_deinit_data(gnutls_ext_priv_data_t epriv);
+static int _gnutls_srp_recv_params(gnutls_session_t state,
+				   const uint8_t * data, size_t data_size);
+static int _gnutls_srp_send_params(gnutls_session_t state,
+				   gnutls_buffer_st * extdata);
+
+const hello_ext_entry_st ext_mod_srp = {
+	.name = "SRP",
+	.tls_id = 12,
+	.gid = GNUTLS_EXTENSION_SRP,
+	.client_parse_point = GNUTLS_EXT_TLS,
+	.server_parse_point = GNUTLS_EXT_TLS,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO,
+	.recv_func = _gnutls_srp_recv_params,
+	.send_func = _gnutls_srp_send_params,
+	.pack_func = _gnutls_srp_pack,
+	.unpack_func = _gnutls_srp_unpack,
+	.deinit_func = _gnutls_srp_deinit_data,
+	.cannot_be_overriden = 1
+};
+
+
+static int
+_gnutls_srp_recv_params(gnutls_session_t session, const uint8_t * data,
+			size_t data_size)
+{
+	uint8_t len;
+	gnutls_ext_priv_data_t epriv;
+	srp_ext_st *priv;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		if (data_size > 0) {
+			DECR_LEN(data_size, 1);
+
+			len = data[0];
+			DECR_LEN(data_size, len);
+
+			priv = gnutls_calloc(1, sizeof(*priv));
+			if (priv == NULL) {
+				gnutls_assert();
+				return GNUTLS_E_MEMORY_ERROR;
+			}
+
+			priv->username = gnutls_malloc(len + 1);
+			if (priv->username) {
+				memcpy(priv->username, &data[1], len);
+				/* null terminated */
+				priv->username[len] = 0;
+			}
+
+			epriv = priv;
+			_gnutls_hello_ext_set_priv(session,
+						     GNUTLS_EXTENSION_SRP,
+						     epriv);
+		}
+	}
+	return 0;
+}
+
+static unsigned have_srp_ciphersuites(gnutls_session_t session)
+{
+	unsigned j;
+	unsigned kx;
+
+	for (j = 0; j < session->internals.priorities->cs.size; j++) {
+		kx = session->internals.priorities->cs.entry[j]->kx_algorithm;
+		if (kx == GNUTLS_KX_SRP || kx == GNUTLS_KX_SRP_RSA || kx == GNUTLS_KX_SRP_DSS)
+			return 1;
+	}
+
+	return 0;
+}
+
+/* returns data_size or a negative number on failure
+ * data is allocated locally
+ */
+static int
+_gnutls_srp_send_params(gnutls_session_t session,
+			gnutls_buffer_st * extdata)
+{
+	unsigned len;
+	int ret;
+	gnutls_ext_priv_data_t epriv;
+	srp_ext_st *priv = NULL;
+	char *username = NULL, *password = NULL;
+	gnutls_srp_client_credentials_t cred =
+		    (gnutls_srp_client_credentials_t)
+		    _gnutls_get_cred(session, GNUTLS_CRD_SRP);
+
+	if (session->security_parameters.entity != GNUTLS_CLIENT)
+		return 0;
+
+	if (cred == NULL)
+		return 0;
+
+	if (!have_srp_ciphersuites(session)) {
+		return 0;
+	}
+
+	/* this function sends the client extension data (username) */
+	priv = gnutls_calloc(1, sizeof(*priv));
+	if (priv == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	if (cred->username != NULL) {	/* send username */
+		len = MIN(strlen(cred->username), 255);
+
+		ret =
+		    _gnutls_buffer_append_data_prefix(extdata, 8,
+						      cred->
+						      username,
+						      len);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		priv->username = gnutls_strdup(cred->username);
+		if (priv->username == NULL) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		priv->password = gnutls_strdup(cred->password);
+		if (priv->password == NULL) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		epriv = priv;
+		_gnutls_hello_ext_set_priv(session,
+					     GNUTLS_EXTENSION_SRP,
+					     epriv);
+
+		return len + 1;
+	} else if (cred->get_function != NULL) {
+		/* Try the callback
+		 */
+
+		if (cred->
+		    get_function(session, &username, &password) < 0
+		    || username == NULL || password == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_ILLEGAL_SRP_USERNAME;
+		}
+
+		len = MIN(strlen(username), 255);
+
+		priv->username = username;
+		priv->password = password;
+
+		ret =
+		    _gnutls_buffer_append_data_prefix(extdata, 8,
+						      username,
+						      len);
+		if (ret < 0) {
+			ret = gnutls_assert_val(ret);
+			goto cleanup;
+		}
+
+		epriv = priv;
+		_gnutls_hello_ext_set_priv(session,
+					     GNUTLS_EXTENSION_SRP,
+					     epriv);
+
+		return len + 1;
+	}
+	return 0;
+
+      cleanup:
+	gnutls_free(username);
+	gnutls_free(password);
+	gnutls_free(priv);
+
+	return ret;
+}
+
+static void _gnutls_srp_deinit_data(gnutls_ext_priv_data_t epriv)
+{
+	srp_ext_st *priv = epriv;
+
+	gnutls_free(priv->username);
+	gnutls_free(priv->password);
+	gnutls_free(priv);
+}
+
+static int
+_gnutls_srp_pack(gnutls_ext_priv_data_t epriv, gnutls_buffer_st * ps)
+{
+	srp_ext_st *priv = epriv;
+	int ret;
+	int password_len = 0, username_len = 0;
+
+	if (priv->username)
+		username_len = strlen(priv->username);
+
+	if (priv->password)
+		password_len = strlen(priv->password);
+
+	BUFFER_APPEND_PFX4(ps, priv->username, username_len);
+	BUFFER_APPEND_PFX4(ps, priv->password, password_len);
+
+	return 0;
+}
+
+static int
+_gnutls_srp_unpack(gnutls_buffer_st * ps, gnutls_ext_priv_data_t * _priv)
+{
+	srp_ext_st *priv;
+	int ret;
+	gnutls_ext_priv_data_t epriv;
+	gnutls_datum_t username = { NULL, 0 };
+	gnutls_datum_t password = { NULL, 0 };
+
+	priv = gnutls_calloc(1, sizeof(*priv));
+	if (priv == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	BUFFER_POP_DATUM(ps, &username);
+	BUFFER_POP_DATUM(ps, &password);
+
+	priv->username = (char *) username.data;
+	priv->password = (char *) password.data;
+
+	epriv = priv;
+	*_priv = epriv;
+
+	return 0;
+
+      error:
+	_gnutls_free_datum(&username);
+	_gnutls_free_datum(&password);
+	return ret;
+}
+
+
+#endif				/* ENABLE_SRP */
diff --git a/lib/ext/srp.h b/lib/ext/srp.h
new file mode 100644
index 0000000..fd7576f
--- /dev/null
+++ b/lib/ext/srp.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_SRP_H
+#define GNUTLS_LIB_EXT_SRP_H
+
+#include <hello_ext.h>
+
+#define IS_SRP_KX(kx) ((kx == GNUTLS_KX_SRP || (kx == GNUTLS_KX_SRP_RSA) || \
+	  kx == GNUTLS_KX_SRP_DSS)?1:0)
+
+#ifdef ENABLE_SRP
+
+extern const hello_ext_entry_st ext_mod_srp;
+
+typedef struct {
+	char *username;
+	char *password;
+} srp_ext_st;
+
+#endif
+
+#endif /* GNUTLS_LIB_EXT_SRP_H */
diff --git a/lib/ext/srtp.c b/lib/ext/srtp.c
new file mode 100644
index 0000000..b2e36b3
--- /dev/null
+++ b/lib/ext/srtp.c
@@ -0,0 +1,672 @@
+/*
+ * Copyright (C) 2012 Free Software Foundation
+ * 
+ * Author: Martin Storsjo
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "auth.h"
+#include "errors.h"
+#include "num.h"
+#include <ext/srtp.h>
+
+static int _gnutls_srtp_recv_params(gnutls_session_t session,
+				    const uint8_t * data,
+				    size_t data_size);
+static int _gnutls_srtp_send_params(gnutls_session_t session,
+				    gnutls_buffer_st * extdata);
+
+static int _gnutls_srtp_unpack(gnutls_buffer_st * ps,
+			       gnutls_ext_priv_data_t * _priv);
+static int _gnutls_srtp_pack(gnutls_ext_priv_data_t _priv,
+			     gnutls_buffer_st * ps);
+static void _gnutls_srtp_deinit_data(gnutls_ext_priv_data_t priv);
+
+
+const hello_ext_entry_st ext_mod_srtp = {
+	.name = "SRTP",
+	.tls_id = 14,
+	.gid = GNUTLS_EXTENSION_SRTP,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		    GNUTLS_EXT_FLAG_EE | GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
+	.client_parse_point = GNUTLS_EXT_APPLICATION,
+	.server_parse_point = GNUTLS_EXT_APPLICATION,
+	.recv_func = _gnutls_srtp_recv_params,
+	.send_func = _gnutls_srtp_send_params,
+	.pack_func = _gnutls_srtp_pack,
+	.unpack_func = _gnutls_srtp_unpack,
+	.deinit_func = _gnutls_srtp_deinit_data,
+	.cannot_be_overriden = 1
+};
+
+typedef struct {
+	const char *name;
+	gnutls_srtp_profile_t id;
+	unsigned int key_length;
+	unsigned int salt_length;
+} srtp_profile_st;
+
+static const srtp_profile_st profile_names[] = {
+	{
+	 "SRTP_AES128_CM_HMAC_SHA1_80",
+	 GNUTLS_SRTP_AES128_CM_HMAC_SHA1_80,
+	 16, 14},
+	{
+	 "SRTP_AES128_CM_HMAC_SHA1_32",
+	 GNUTLS_SRTP_AES128_CM_HMAC_SHA1_32,
+	 16, 14},
+	{
+	 "SRTP_NULL_HMAC_SHA1_80",
+	 GNUTLS_SRTP_NULL_HMAC_SHA1_80,
+	 16, 14},
+	{
+	 "SRTP_NULL_SHA1_32",
+	 GNUTLS_SRTP_NULL_HMAC_SHA1_32,
+	 16, 14},
+	{
+	 NULL,
+	 0, 0, 0}
+};
+
+static const srtp_profile_st *get_profile(gnutls_srtp_profile_t profile)
+{
+	const srtp_profile_st *p = profile_names;
+	while (p->name != NULL) {
+		if (p->id == profile)
+			return p;
+		p++;
+	}
+	return NULL;
+}
+
+static gnutls_srtp_profile_t find_profile(const char *str, const char *end)
+{
+	const srtp_profile_st *prof = profile_names;
+	unsigned int len;
+	if (end != NULL) {
+		len = end - str;
+	} else {
+		len = strlen(str);
+	}
+
+	while (prof->name != NULL) {
+		if (strlen(prof->name) == len
+		    && !strncmp(str, prof->name, len)) {
+			return prof->id;
+		}
+		prof++;
+	}
+	return 0;
+}
+
+/**
+ * gnutls_srtp_get_profile_id
+ * @name: The name of the profile to look up
+ * @profile: Will hold the profile id
+ *
+ * This function allows you to look up a profile based on a string.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since 3.1.4
+ **/
+int gnutls_srtp_get_profile_id(const char *name,
+			       gnutls_srtp_profile_t * profile)
+{
+	*profile = find_profile(name, NULL);
+	if (*profile == 0) {
+		return GNUTLS_E_ILLEGAL_PARAMETER;
+	}
+	return 0;
+}
+
+#define MAX_PROFILES_IN_SRTP_EXTENSION 256
+
+/**
+ * gnutls_srtp_get_profile_name
+ * @profile: The profile to look up a string for
+ *
+ * This function allows you to get the corresponding name for a
+ * SRTP protection profile.
+ *
+ * Returns: On success, the name of a SRTP profile as a string,
+ *   otherwise NULL.
+ *
+ * Since 3.1.4
+ **/
+const char *gnutls_srtp_get_profile_name(gnutls_srtp_profile_t profile)
+{
+	const srtp_profile_st *p = get_profile(profile);
+
+	if (p != NULL)
+		return p->name;
+
+	return NULL;
+}
+
+static int
+_gnutls_srtp_recv_params(gnutls_session_t session,
+			 const uint8_t * data, size_t data_size)
+{
+	unsigned int i;
+	int ret;
+	const uint8_t *p = data;
+	size_t len;
+	srtp_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+	uint16_t profile;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_SRTP,
+					 &epriv);
+	if (ret < 0)
+		return 0;
+
+	priv = epriv;
+
+	DECR_LENGTH_RET(data_size, 2, 0);
+	len = _gnutls_read_uint16(p);
+	p += 2;
+
+	if (len + 1 > data_size)
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		if (len > MAX_PROFILES_IN_SRTP_EXTENSION * 2)
+			return 0;
+	} else {
+		if (len != 2)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+	}
+
+	priv->selected_profile = 0;
+
+	while (len > 0) {
+		DECR_LEN(data_size, 2);
+		profile = _gnutls_read_uint16(p);
+
+		for (i = 0;
+		     i < priv->profiles_size
+		     && priv->selected_profile == 0; i++) {
+			if (priv->profiles[i] == profile) {
+				priv->selected_profile = profile;
+				break;
+			}
+		}
+		p += 2;
+		len -= 2;
+	}
+
+	DECR_LEN(data_size, 1);
+	priv->mki_size = *p;
+	p++;
+
+	if (priv->mki_size > 0) {
+		DECR_LEN(data_size, priv->mki_size);
+		memcpy(priv->mki, p, priv->mki_size);
+		priv->mki_received = 1;
+	}
+
+	return 0;
+}
+
+static int
+_gnutls_srtp_send_params(gnutls_session_t session,
+			 gnutls_buffer_st * extdata)
+{
+	unsigned i;
+	int total_size = 0, ret;
+	srtp_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_SRTP,
+					 &epriv);
+	if (ret < 0)
+		return 0;
+
+	priv = epriv;
+
+	if (priv->profiles_size == 0)
+		return 0;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		/* Don't send anything if no matching profile was found */
+		if (priv->selected_profile == 0)
+			return 0;
+
+		ret = _gnutls_buffer_append_prefix(extdata, 16, 2);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		ret =
+		    _gnutls_buffer_append_prefix(extdata, 16,
+						 priv->selected_profile);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		total_size = 4;
+	} else {
+		ret =
+		    _gnutls_buffer_append_prefix(extdata, 16,
+						 2 * priv->profiles_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		for (i = 0; i < priv->profiles_size; i++) {
+			ret =
+			    _gnutls_buffer_append_prefix(extdata, 16,
+							 priv->
+							 profiles[i]);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+		total_size = 2 + 2 * priv->profiles_size;
+	}
+
+	/* use_mki */
+	ret =
+	    _gnutls_buffer_append_data_prefix(extdata, 8, priv->mki,
+					      priv->mki_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+	total_size += 1 + priv->mki_size;
+
+	return total_size;
+}
+
+/**
+ * gnutls_srtp_get_selected_profile:
+ * @session: is a #gnutls_session_t type.
+ * @profile: will hold the profile
+ *
+ * This function allows you to get the negotiated SRTP profile.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since 3.1.4
+ **/
+int
+gnutls_srtp_get_selected_profile(gnutls_session_t session,
+				 gnutls_srtp_profile_t * profile)
+{
+	srtp_ext_st *priv;
+	int ret;
+	gnutls_ext_priv_data_t epriv;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_SRTP,
+					 &epriv);
+	if (ret < 0) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	priv = epriv;
+
+	if (priv->selected_profile == 0) {
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	*profile = priv->selected_profile;
+
+	return 0;
+}
+
+/**
+ * gnutls_srtp_get_mki:
+ * @session: is a #gnutls_session_t type.
+ * @mki: will hold the MKI
+ *
+ * This function exports the negotiated Master Key Identifier,
+ * received by the peer if any. The returned value in @mki should be 
+ * treated as constant and valid only during the session's lifetime.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since 3.1.4
+ **/
+int gnutls_srtp_get_mki(gnutls_session_t session, gnutls_datum_t * mki)
+{
+	srtp_ext_st *priv;
+	int ret;
+	gnutls_ext_priv_data_t epriv;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_SRTP,
+					 &epriv);
+	if (ret < 0)
+		return
+		    gnutls_assert_val
+		    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	priv = epriv;
+
+	if (priv->mki_received == 0)
+		return
+		    gnutls_assert_val
+		    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	mki->data = priv->mki;
+	mki->size = priv->mki_size;
+
+	return 0;
+}
+
+/**
+ * gnutls_srtp_set_mki:
+ * @session: is a #gnutls_session_t type.
+ * @mki: holds the MKI
+ *
+ * This function sets the Master Key Identifier, to be
+ * used by this session (if any).
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since 3.1.4
+ **/
+int
+gnutls_srtp_set_mki(gnutls_session_t session, const gnutls_datum_t * mki)
+{
+	int ret;
+	srtp_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_SRTP,
+					 &epriv);
+	if (ret < 0) {
+		priv = gnutls_calloc(1, sizeof(*priv));
+		if (priv == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+		epriv = priv;
+		_gnutls_hello_ext_set_priv(session,
+					     GNUTLS_EXTENSION_SRTP, epriv);
+	} else
+		priv = epriv;
+
+	if (mki->size > 0 && mki->size <= sizeof(priv->mki)) {
+		priv->mki_size = mki->size;
+		memcpy(priv->mki, mki->data, mki->size);
+	} else
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	return 0;
+}
+
+/**
+ * gnutls_srtp_set_profile:
+ * @session: is a #gnutls_session_t type.
+ * @profile: is the profile id to add.
+ *
+ * This function is to be used by both clients and servers, to declare
+ * what SRTP profiles they support, to negotiate with the peer.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since 3.1.4
+ **/
+int
+gnutls_srtp_set_profile(gnutls_session_t session,
+			gnutls_srtp_profile_t profile)
+{
+	int ret;
+	srtp_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_SRTP,
+					 &epriv);
+	if (ret < 0) {
+		priv = gnutls_calloc(1, sizeof(*priv));
+		if (priv == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+		epriv = priv;
+		_gnutls_hello_ext_set_priv(session,
+					     GNUTLS_EXTENSION_SRTP, epriv);
+	} else
+		priv = epriv;
+
+	if (priv->profiles_size < MAX_SRTP_PROFILES)
+		priv->profiles_size++;
+	priv->profiles[priv->profiles_size - 1] = profile;
+
+	return 0;
+}
+
+/**
+ * gnutls_srtp_set_profile_direct:
+ * @session: is a #gnutls_session_t type.
+ * @profiles: is a string that contains the supported SRTP profiles,
+ *   separated by colons.
+ * @err_pos: In case of an error this will have the position in the string the error occurred, may be NULL.
+ *
+ * This function is to be used by both clients and servers, to declare
+ * what SRTP profiles they support, to negotiate with the peer.
+ *
+ * Returns: On syntax error %GNUTLS_E_INVALID_REQUEST is returned,
+ * %GNUTLS_E_SUCCESS on success, or an error code.
+ *
+ * Since 3.1.4
+ **/
+int
+gnutls_srtp_set_profile_direct(gnutls_session_t session,
+			       const char *profiles, const char **err_pos)
+{
+	int ret;
+	srtp_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+	int set = 0;
+	const char *col;
+	gnutls_srtp_profile_t id;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_SRTP,
+					 &epriv);
+	if (ret < 0) {
+		set = 1;
+		priv = gnutls_calloc(1, sizeof(*priv));
+		if (priv == NULL) {
+			if (err_pos != NULL)
+				*err_pos = profiles;
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+		epriv = priv;
+	} else
+		priv = epriv;
+
+	do {
+		col = strchr(profiles, ':');
+		id = find_profile(profiles, col);
+		if (id == 0) {
+			if (set != 0)
+				gnutls_free(priv);
+			if (err_pos != NULL)
+				*err_pos = profiles;
+			return GNUTLS_E_INVALID_REQUEST;
+		}
+
+		if (priv->profiles_size < MAX_SRTP_PROFILES) {
+			priv->profiles_size++;
+		}
+		priv->profiles[priv->profiles_size - 1] = id;
+		profiles = col + 1;
+	} while (col != NULL);
+
+	if (set != 0)
+		_gnutls_hello_ext_set_priv(session,
+					     GNUTLS_EXTENSION_SRTP, epriv);
+
+	return 0;
+}
+
+/**
+ * gnutls_srtp_get_keys:
+ * @session: is a #gnutls_session_t type.
+ * @key_material: Space to hold the generated key material
+ * @key_material_size: The maximum size of the key material
+ * @client_key: The master client write key, pointing inside the key material
+ * @server_key: The master server write key, pointing inside the key material
+ * @client_salt: The master client write salt, pointing inside the key material
+ * @server_salt: The master server write salt, pointing inside the key material
+ *
+ * This is a helper function to generate the keying material for SRTP.
+ * It requires the space of the key material to be pre-allocated (should be at least
+ * 2x the maximum key size and salt size). The @client_key, @client_salt, @server_key
+ * and @server_salt are convenience datums that point inside the key material. They may
+ * be %NULL.
+ *
+ * Returns: On success the size of the key material is returned,
+ * otherwise, %GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not 
+ * sufficient, or a negative error code.
+ *
+ * Since 3.1.4
+ **/
+int
+gnutls_srtp_get_keys(gnutls_session_t session,
+		     void *key_material,
+		     unsigned int key_material_size,
+		     gnutls_datum_t * client_key,
+		     gnutls_datum_t * client_salt,
+		     gnutls_datum_t * server_key,
+		     gnutls_datum_t * server_salt)
+{
+	int ret;
+	const srtp_profile_st *p;
+	gnutls_srtp_profile_t profile;
+	unsigned int msize;
+	uint8_t *km = key_material;
+
+	ret = gnutls_srtp_get_selected_profile(session, &profile);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	p = get_profile(profile);
+	if (p == NULL)
+		return gnutls_assert_val(GNUTLS_E_UNKNOWN_ALGORITHM);
+
+	msize = 2 * (p->key_length + p->salt_length);
+	if (msize > key_material_size)
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	if (msize == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret =
+	    gnutls_prf(session, sizeof("EXTRACTOR-dtls_srtp") - 1,
+		       "EXTRACTOR-dtls_srtp", 0, 0, NULL, msize,
+		       key_material);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (client_key) {
+		client_key->data = km;
+		client_key->size = p->key_length;
+	}
+
+	if (server_key) {
+		server_key->data = km + p->key_length;
+		server_key->size = p->key_length;
+	}
+
+	if (client_salt) {
+		client_salt->data = km + 2 * p->key_length;
+		client_salt->size = p->salt_length;
+	}
+
+	if (server_salt) {
+		server_salt->data =
+		    km + 2 * p->key_length + p->salt_length;
+		server_salt->size = p->salt_length;
+	}
+
+	return msize;
+}
+
+static void _gnutls_srtp_deinit_data(gnutls_ext_priv_data_t priv)
+{
+	gnutls_free(priv);
+}
+
+static int
+_gnutls_srtp_pack(gnutls_ext_priv_data_t epriv, gnutls_buffer_st * ps)
+{
+	srtp_ext_st *priv = epriv;
+	unsigned int i;
+	int ret;
+
+	BUFFER_APPEND_NUM(ps, priv->profiles_size);
+	for (i = 0; i < priv->profiles_size; i++) {
+		BUFFER_APPEND_NUM(ps, priv->profiles[i]);
+	}
+
+	BUFFER_APPEND_NUM(ps, priv->mki_received);
+	if (priv->mki_received) {
+		BUFFER_APPEND_NUM(ps, priv->selected_profile);
+		BUFFER_APPEND_PFX4(ps, priv->mki, priv->mki_size);
+	}
+	return 0;
+}
+
+static int
+_gnutls_srtp_unpack(gnutls_buffer_st * ps, gnutls_ext_priv_data_t * _priv)
+{
+	srtp_ext_st *priv;
+	unsigned int i;
+	int ret;
+	gnutls_ext_priv_data_t epriv;
+
+	priv = gnutls_calloc(1, sizeof(*priv));
+	if (priv == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	BUFFER_POP_NUM(ps, priv->profiles_size);
+	for (i = 0; i < priv->profiles_size; i++) {
+		BUFFER_POP_NUM(ps, priv->profiles[i]);
+	}
+	BUFFER_POP_NUM(ps, priv->selected_profile);
+
+	BUFFER_POP_NUM(ps, priv->mki_received);
+	if (priv->mki_received) {
+		BUFFER_POP_NUM(ps, priv->mki_size);
+		BUFFER_POP(ps, priv->mki, priv->mki_size);
+	}
+
+	epriv = priv;
+	*_priv = epriv;
+
+	return 0;
+
+      error:
+	gnutls_free(priv);
+	return ret;
+}
diff --git a/lib/ext/srtp.h b/lib/ext/srtp.h
new file mode 100644
index 0000000..d05454a
--- /dev/null
+++ b/lib/ext/srtp.h
@@ -0,0 +1,45 @@
+/*
+ * Copyright (C) 2012 Free Software Foundation
+ *
+ * Author: Martin Storsjo
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_SRTP_H
+#define GNUTLS_LIB_EXT_SRTP_H
+#ifndef EXT_SRTP_H
+#define EXT_SRTP_H
+
+#include <hello_ext.h>
+
+#define MAX_SRTP_PROFILES 4
+
+typedef struct {
+	gnutls_srtp_profile_t profiles[MAX_SRTP_PROFILES];
+	unsigned profiles_size;
+	gnutls_srtp_profile_t selected_profile;
+	uint8_t mki[256];
+	unsigned mki_size;
+	unsigned int mki_received;
+} srtp_ext_st;
+
+extern const hello_ext_entry_st ext_mod_srtp;
+
+#endif
+
+#endif /* GNUTLS_LIB_EXT_SRTP_H */
diff --git a/lib/ext/status_request.c b/lib/ext/status_request.c
new file mode 100644
index 0000000..1e89286
--- /dev/null
+++ b/lib/ext/status_request.c
@@ -0,0 +1,512 @@
+/*
+ * Copyright (C) 2012-2017 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Simon Josefsson, Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+  Status Request (OCSP) TLS extension.  See RFC 6066 section 8:
+  https://tools.ietf.org/html/rfc6066#section-8
+*/
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <hello_ext.h>
+#include <ext/status_request.h>
+#include <mbuffers.h>
+#include <auth.h>
+#include <auth/cert.h>
+#include <handshake.h>
+
+#ifdef ENABLE_OCSP
+
+typedef struct {
+	/* server response */
+	gnutls_datum_t sresp;
+
+	unsigned int expect_cstatus;
+} status_request_ext_st;
+
+/*
+  From RFC 6066.  Client sends:
+
+      struct {
+	  CertificateStatusType status_type;
+	  select (status_type) {
+	      case ocsp: OCSPStatusRequest;
+	  } request;
+      } CertificateStatusRequest;
+
+      enum { ocsp(1), (255) } CertificateStatusType;
+
+      struct {
+	  ResponderID responder_id_list<0..2^16-1>;
+	  Extensions  request_extensions;
+      } OCSPStatusRequest;
+
+      opaque ResponderID<1..2^16-1>;
+      opaque Extensions<0..2^16-1>;
+*/
+
+
+static int
+client_send(gnutls_session_t session,
+	    gnutls_buffer_st * extdata, status_request_ext_st * priv)
+{
+	const uint8_t data[5] = "\x01\x00\x00\x00\x00";
+	const int len = 5;
+	int ret;
+
+	/* We do not support setting either ResponderID or Extensions */
+
+	ret = _gnutls_buffer_append_data(extdata, data, len);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	session->internals.hsk_flags |= HSK_OCSP_REQUESTED;
+
+	return len;
+}
+
+static int
+server_recv(gnutls_session_t session,
+	    const uint8_t * data, size_t data_size)
+{
+	unsigned rid_bytes = 0;
+
+	/* minimum message is type (1) + responder_id_list (2) +
+	   request_extension (2) = 5 */
+	if (data_size < 5)
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	/* We ignore non-ocsp CertificateStatusType.  The spec is unclear
+	   what should be done. */
+	if (data[0] != 0x01) {
+		gnutls_assert();
+		_gnutls_handshake_log("EXT[%p]: unknown status_type %d\n",
+				      session, data[0]);
+		return 0;
+	}
+	DECR_LEN(data_size, 1);
+	data++;
+
+	rid_bytes = _gnutls_read_uint16(data);
+
+	DECR_LEN(data_size, 2);
+	/*data += 2;*/
+
+	/* sanity check only, we don't use any of the data below */
+
+	if (data_size < rid_bytes)
+		return
+		    gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	_gnutls_handshake_log("EXT[%p]: OCSP status was requested\n", session);
+	session->internals.hsk_flags |= HSK_OCSP_REQUESTED;
+
+	return 0;
+}
+
+
+static int
+client_recv(gnutls_session_t session,
+	    status_request_ext_st * priv,
+	    const uint8_t * data, size_t size)
+{
+	if (size != 0)
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+	else {
+		priv->expect_cstatus = 1;
+		return 0;
+	}
+}
+
+
+/*
+ * Servers return a certificate response along with their certificate
+ * by sending a "CertificateStatus" message immediately after the
+ * "Certificate" message (and before any "ServerKeyExchange" or
+ * "CertificateRequest" messages).  If a server returns a
+ * "CertificateStatus" message, then the server MUST have included an
+ * extension of type "status_request" with empty "extension_data" in
+ * the extended server hello.
+ *
+ * According to the description above, as a server we could simply 
+ * return GNUTLS_E_INT_RET_0 on this function. In that case we would
+ * only need to use the callbacks at the time we need to send the data,
+ * and skip the status response packet if no such data are there.
+ * However, that behavior would break gnutls 3.3.x which expects the status 
+ * response to be always send if the extension is present.
+ *
+ * Instead we ensure that this extension is parsed after the CS/certificate
+ * are selected (with the _GNUTLS_EXT_TLS_POST_CS type), and we discover
+ * (or not) the response to send early.
+ */
+static int
+server_send(gnutls_session_t session,
+	    gnutls_buffer_st * extdata, status_request_ext_st * priv)
+{
+	int ret;
+	gnutls_certificate_credentials_t cred;
+	gnutls_status_request_ocsp_func func;
+	void *func_ptr;
+	const version_entry_st *ver = get_version(session);
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL)	/* no certificate authentication */
+		return 0;
+
+	/* no need to set sresp; responses are send during certificate sending and
+	 * no response is required from server side. */
+	if (ver && ver->multi_ocsp)
+		return 0;
+
+	/* Under TLS1.2 we obtain the response at this point in order to respond
+	 * appropriately (empty extension vs no response) */
+	if (session->internals.selected_ocsp_length > 0) {
+		if (session->internals.selected_ocsp[0].response.data) {
+			if (session->internals.selected_ocsp[0].exptime != 0 &&
+			    (gnutls_time(0) >= session->internals.selected_ocsp[0].exptime)) {
+				gnutls_assert();
+				return 0;
+			}
+
+			ret = _gnutls_set_datum(&priv->sresp,
+						session->internals.selected_ocsp[0].response.data,
+						session->internals.selected_ocsp[0].response.size);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+			return GNUTLS_E_INT_RET_0;
+		} else {
+			return 0;
+		}
+	} else if (session->internals.selected_ocsp_func) {
+		func = session->internals.selected_ocsp_func;
+		func_ptr = session->internals.selected_ocsp_func_ptr;
+
+		if (func == NULL)
+			return 0;
+
+		ret = func(session, func_ptr, &priv->sresp);
+		if (ret == GNUTLS_E_NO_CERTIFICATE_STATUS)
+			return 0;
+		else if (ret < 0)
+			return gnutls_assert_val(ret);
+	} else {
+		return 0;
+	}
+
+	return GNUTLS_E_INT_RET_0;
+}
+
+static int
+_gnutls_status_request_send_params(gnutls_session_t session,
+				   gnutls_buffer_st * extdata)
+{
+	gnutls_ext_priv_data_t epriv;
+	status_request_ext_st *priv;
+	int ret;
+
+	/* Do not bother sending the OCSP status request extension
+	 * if we are not using certificate authentication */
+	if (_gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE) == NULL)
+		return 0;
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		ret = _gnutls_hello_ext_get_priv(session,
+						 GNUTLS_EXTENSION_STATUS_REQUEST,
+						 &epriv);
+		if (ret < 0 || epriv == NULL)	/* it is ok not to have it */
+			return 0;
+		priv = epriv;
+
+		return client_send(session, extdata, priv);
+	} else {
+		epriv = priv = gnutls_calloc(1, sizeof(*priv));
+		if (priv == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		_gnutls_hello_ext_set_priv(session,
+					   GNUTLS_EXTENSION_STATUS_REQUEST,
+					   epriv);
+
+		return server_send(session, extdata, priv);
+	}
+}
+
+static int
+_gnutls_status_request_recv_params(gnutls_session_t session,
+				   const uint8_t * data, size_t size)
+{
+	gnutls_ext_priv_data_t epriv;
+	status_request_ext_st *priv;
+	int ret;
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		ret = _gnutls_hello_ext_get_priv(session,
+						 GNUTLS_EXTENSION_STATUS_REQUEST,
+						 &epriv);
+		if (ret < 0 || epriv == NULL)	/* it is ok not to have it */
+			return 0;
+		priv = epriv;
+
+		return client_recv(session, priv, data, size);
+	} else {
+		return server_recv(session, data, size);
+	}
+}
+
+/**
+ * gnutls_ocsp_status_request_enable_client:
+ * @session: is a #gnutls_session_t type.
+ * @responder_id: ignored, must be %NULL
+ * @responder_id_size: ignored, must be zero
+ * @extensions: ignored, must be %NULL
+ *
+ * This function is to be used by clients to request OCSP response
+ * from the server, using the "status_request" TLS extension.  Only
+ * OCSP status type is supported.
+ *
+ * Previous versions of GnuTLS supported setting @responder_id and
+ * @extensions fields, but due to the difficult semantics of the
+ * parameter usage, and other issues, this support was removed
+ * since 3.6.0 and these parameters must be set to %NULL.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since: 3.1.3
+ **/
+int
+gnutls_ocsp_status_request_enable_client(gnutls_session_t session,
+					 gnutls_datum_t * responder_id,
+					 size_t responder_id_size,
+					 gnutls_datum_t * extensions)
+{
+	status_request_ext_st *priv;
+	gnutls_ext_priv_data_t epriv;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	epriv = priv = gnutls_calloc(1, sizeof(*priv));
+	if (priv == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	_gnutls_hello_ext_set_priv(session,
+				     GNUTLS_EXTENSION_STATUS_REQUEST,
+				     epriv);
+
+	return 0;
+}
+
+
+static void _gnutls_status_request_deinit_data(gnutls_ext_priv_data_t epriv)
+{
+	status_request_ext_st *priv = epriv;
+
+	if (priv == NULL)
+		return;
+
+	gnutls_free(priv->sresp.data);
+	gnutls_free(priv);
+}
+
+const hello_ext_entry_st ext_mod_status_request = {
+	.name = "OCSP Status Request",
+	.tls_id = STATUS_REQUEST_TLS_ID,
+	.gid = GNUTLS_EXTENSION_STATUS_REQUEST,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		    GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
+	.client_parse_point = _GNUTLS_EXT_TLS_POST_CS,
+	.server_parse_point = _GNUTLS_EXT_TLS_POST_CS,
+	.recv_func = _gnutls_status_request_recv_params,
+	.send_func = _gnutls_status_request_send_params,
+	.deinit_func = _gnutls_status_request_deinit_data,
+	.cannot_be_overriden = 1
+};
+
+/* Functions to be called from handshake */
+
+int
+_gnutls_send_server_certificate_status(gnutls_session_t session, int again)
+{
+	mbuffer_st *bufel = NULL;
+	uint8_t *data;
+	int data_size = 0;
+	int ret;
+	gnutls_ext_priv_data_t epriv;
+	status_request_ext_st *priv;
+
+	if (!(session->internals.hsk_flags & HSK_OCSP_REQUESTED))
+		return 0;
+
+	if (again == 0) {
+		ret =
+		    _gnutls_hello_ext_get_priv(session,
+						GNUTLS_EXTENSION_STATUS_REQUEST,
+						&epriv);
+		if (ret < 0)
+			return 0;
+
+		priv = epriv;
+
+		if (!priv->sresp.size)
+			return 0;
+
+		data_size = priv->sresp.size + 4;
+		bufel =
+		    _gnutls_handshake_alloc(session, data_size);
+		if (!bufel) {
+			_gnutls_free_datum(&priv->sresp);
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		}
+
+		data = _mbuffer_get_udata_ptr(bufel);
+
+		data[0] = 0x01;
+		_gnutls_write_uint24(priv->sresp.size, &data[1]);
+		memcpy(&data[4], priv->sresp.data, priv->sresp.size);
+
+		_gnutls_free_datum(&priv->sresp);
+	}
+	return _gnutls_send_handshake(session, data_size ? bufel : NULL,
+				      GNUTLS_HANDSHAKE_CERTIFICATE_STATUS);
+}
+
+int _gnutls_parse_ocsp_response(gnutls_session_t session, const uint8_t *data, ssize_t data_size, gnutls_datum_t *resp)
+{
+	int ret;
+	ssize_t r_size;
+
+	resp->data = 0;
+	resp->size = 0;
+
+	/* minimum message is type (1) + response (3) + data */
+	if (data_size < 4)
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	if (data[0] != 0x01) {
+		gnutls_assert();
+		_gnutls_handshake_log("EXT[%p]: unknown status_type %d\n",
+				      session, data[0]);
+		return 0;
+	}
+
+	DECR_LENGTH_RET(data_size, 1,
+			GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+	data++;
+
+	DECR_LENGTH_RET(data_size, 3,
+			GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	r_size = _gnutls_read_uint24(data);
+	data += 3;
+
+	DECR_LENGTH_RET(data_size, r_size,
+			GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	if (r_size < 1)
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	ret = _gnutls_set_datum(resp, data, r_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+int _gnutls_recv_server_certificate_status(gnutls_session_t session)
+{
+	uint8_t *data;
+	ssize_t data_size;
+	gnutls_buffer_st buf;
+	int ret;
+	gnutls_datum_t resp;
+	status_request_ext_st *priv = NULL;
+	gnutls_ext_priv_data_t epriv;
+	cert_auth_info_t info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+
+	if (info == NULL)
+		return 0;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session,
+					 GNUTLS_EXTENSION_STATUS_REQUEST,
+					 &epriv);
+	if (ret < 0)
+		return 0;
+
+	priv = epriv;
+
+	if (!priv->expect_cstatus)
+		return 0;
+
+	ret = _gnutls_recv_handshake(session,
+				     GNUTLS_HANDSHAKE_CERTIFICATE_STATUS,
+				     1, &buf);
+	if (ret < 0)
+		return gnutls_assert_val_fatal(ret);
+
+	priv->expect_cstatus = 0;
+
+	data = buf.data;
+	data_size = buf.length;
+
+	if (data_size == 0) {
+		ret = 0;
+		goto error;
+	}
+
+	ret = _gnutls_parse_ocsp_response(session, data, data_size, &resp);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if (resp.data && resp.size > 0) {
+		for (unsigned int i = 0; i < info->nocsp; i++)
+			gnutls_free(info->raw_ocsp_list[i].data);
+		gnutls_free(info->raw_ocsp_list);
+
+		info->raw_ocsp_list = gnutls_malloc(sizeof(gnutls_datum_t));
+		if (info->raw_ocsp_list == NULL) {
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto error;
+		}
+		info->raw_ocsp_list[0].data = resp.data;
+		info->raw_ocsp_list[0].size = resp.size;
+		info->nocsp = 1;
+	}
+
+	ret = 0;
+
+      error:
+	_gnutls_buffer_clear(&buf);
+
+	return ret;
+}
+
+#endif
diff --git a/lib/ext/status_request.h b/lib/ext/status_request.h
new file mode 100644
index 0000000..dc1d233
--- /dev/null
+++ b/lib/ext/status_request.h
@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2012 Free Software Foundation, Inc.
+ *
+ * Author: Simon Josefsson
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_STATUS_REQUEST_H
+#define GNUTLS_LIB_EXT_STATUS_REQUEST_H
+
+#include <hello_ext.h>
+
+#define STATUS_REQUEST_TLS_ID 5
+
+extern const hello_ext_entry_st ext_mod_status_request;
+
+int
+_gnutls_send_server_certificate_status(gnutls_session_t session,
+				       int again);
+int _gnutls_recv_server_certificate_status(gnutls_session_t session);
+
+int _gnutls_parse_ocsp_response(gnutls_session_t session, const uint8_t *data,
+				ssize_t data_size,
+				gnutls_datum_t *resp);
+
+#endif /* GNUTLS_LIB_EXT_STATUS_REQUEST_H */
diff --git a/lib/ext/supported_groups.c b/lib/ext/supported_groups.c
new file mode 100644
index 0000000..56e514a
--- /dev/null
+++ b/lib/ext/supported_groups.c
@@ -0,0 +1,269 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the code for the Supported Groups extension (rfc7919).
+ * This extension was previously named Supported Elliptic Curves under TLS 1.2.
+ */
+
+#include "ext/supported_groups.h"
+#include "str.h"
+#include "num.h"
+#include "auth/psk.h"
+#include "auth/cert.h"
+#include "auth/anon.h"
+#include "algorithms.h"
+#include <gnutls/gnutls.h>
+
+
+static int _gnutls_supported_groups_recv_params(gnutls_session_t session,
+					     const uint8_t * data,
+					     size_t data_size);
+static int _gnutls_supported_groups_send_params(gnutls_session_t session,
+					     gnutls_buffer_st * extdata);
+
+
+const hello_ext_entry_st ext_mod_supported_groups = {
+	.name = "Supported Groups",
+	.tls_id = 10,
+	.gid = GNUTLS_EXTENSION_SUPPORTED_GROUPS,
+	.client_parse_point = GNUTLS_EXT_TLS,
+	.server_parse_point = GNUTLS_EXT_TLS,
+	.validity = GNUTLS_EXT_FLAG_TLS | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_CLIENT_HELLO |
+		    GNUTLS_EXT_FLAG_EE | GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
+	.recv_func = _gnutls_supported_groups_recv_params,
+	.send_func = _gnutls_supported_groups_send_params,
+	.pack_func = NULL,
+	.unpack_func = NULL,
+	.deinit_func = NULL,
+	.cannot_be_overriden = 1
+};
+
+
+static unsigned get_min_dh(gnutls_session_t session)
+{
+	gnutls_certificate_credentials_t cert_cred;
+	gnutls_psk_server_credentials_t psk_cred;
+	gnutls_anon_server_credentials_t anon_cred;
+	unsigned level = 0;
+
+	cert_cred = (gnutls_certificate_credentials_t)_gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	psk_cred = (gnutls_psk_server_credentials_t)_gnutls_get_cred(session, GNUTLS_CRD_PSK);
+	anon_cred = (gnutls_anon_server_credentials_t)_gnutls_get_cred(session, GNUTLS_CRD_ANON);
+
+	if (cert_cred) {
+		level = cert_cred->dh_sec_param;
+	} else if (psk_cred) {
+		level = psk_cred->dh_sec_param;
+	} else if (anon_cred) {
+		level = anon_cred->dh_sec_param;
+	}
+
+	if (level)
+		return gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, level);
+
+	return 0;
+}
+
+/*
+ * In case of a server: if a SUPPORTED_GROUPS extension type is received then it stores
+ * into the session security parameters the new value. The server may use gnutls_session_certificate_type_get(),
+ * to access it.
+ *
+ * In case of a client: If supported_eccs have been specified then we send the extension.
+ *
+ */
+static int
+_gnutls_supported_groups_recv_params(gnutls_session_t session,
+				  const uint8_t * data, size_t data_size)
+{
+	int i;
+	uint16_t len;
+	const uint8_t *p = data;
+	const gnutls_group_entry_st *group = NULL;
+	unsigned have_ffdhe = 0;
+	unsigned tls_id;
+	unsigned min_dh;
+	unsigned j;
+	int serv_ec_idx, serv_dh_idx; /* index in server's priority listing */
+	int cli_ec_pos, cli_dh_pos; /* position in listing sent by client */
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		/* A client shouldn't receive this extension in TLS1.2. It is
+		 * possible to read that message under TLS1.3 as an encrypted
+		 * extension. */
+		return 0;
+	} else {		/* SERVER SIDE - we must check if the sent supported ecc type is the right one
+				 */
+		if (data_size < 2)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
+
+		DECR_LEN(data_size, 2);
+		len = _gnutls_read_uint16(p);
+		p += 2;
+
+		if (len % 2 != 0)
+			return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+		DECR_LEN(data_size, len);
+
+		/* we figure what is the minimum DH allowed for this session, if any */
+		min_dh = get_min_dh(session);
+
+		serv_ec_idx = serv_dh_idx = -1;
+		cli_ec_pos = cli_dh_pos = -1;
+
+		/* This extension is being processed prior to a ciphersuite being selected,
+		 * so we cannot rely on ciphersuite information. */
+		for (i = 0; i < len; i += 2) {
+			if (have_ffdhe == 0 && p[i] == 0x01)
+				have_ffdhe = 1;
+
+			tls_id = _gnutls_read_uint16(&p[i]);
+			group = _gnutls_tls_id_to_group(tls_id);
+
+			_gnutls_handshake_log("EXT[%p]: Received group %s (0x%x)\n", session, group?group->name:"unknown", tls_id);
+			if (group == NULL)
+				continue;
+
+			if (min_dh > 0 && group->prime && group->prime->size*8 < min_dh)
+				continue;
+
+			/* we simulate _gnutls_session_supports_group, but we prioritize if
+			 * %SERVER_PRECEDENCE is given */
+			for (j = 0; j < session->internals.priorities->groups.size; j++) {
+				if (session->internals.priorities->groups.entry[j]->id == group->id) {
+					if (session->internals.priorities->server_precedence) {
+						if (group->pk == GNUTLS_PK_DH) {
+							if (serv_dh_idx != -1 && (int)j > serv_dh_idx)
+								break;
+							serv_dh_idx = j;
+							cli_dh_pos = i;
+						} else if (IS_EC(group->pk)) {
+							if (serv_ec_idx != -1 && (int)j > serv_ec_idx)
+								break;
+							serv_ec_idx = j;
+							cli_ec_pos = i;
+						}
+					} else {
+						if (group->pk == GNUTLS_PK_DH) {
+							if (cli_dh_pos != -1)
+								break;
+							cli_dh_pos = i;
+							serv_dh_idx = j;
+						} else if (IS_EC(group->pk)) {
+							if (cli_ec_pos != -1)
+								break;
+							cli_ec_pos = i;
+							serv_ec_idx = j;
+						}
+					}
+					break;
+				}
+			}
+		}
+
+		/* serv_dh/ec_pos contain the index of the groups we want to use.
+		 */
+		if (serv_dh_idx != -1) {
+			session->internals.cand_dh_group = session->internals.priorities->groups.entry[serv_dh_idx];
+			session->internals.cand_group = session->internals.cand_dh_group;
+		}
+
+		if (serv_ec_idx != -1) {
+			session->internals.cand_ec_group = session->internals.priorities->groups.entry[serv_ec_idx];
+			if (session->internals.cand_group == NULL ||
+			    (session->internals.priorities->server_precedence && serv_ec_idx < serv_dh_idx) ||
+			    (!session->internals.priorities->server_precedence && cli_ec_pos < cli_dh_pos)) {
+				session->internals.cand_group = session->internals.cand_ec_group;
+			}
+		}
+
+		if (session->internals.cand_group)
+			_gnutls_handshake_log("EXT[%p]: Selected group %s\n", session, session->internals.cand_group->name);
+
+		if (have_ffdhe)
+			session->internals.hsk_flags |= HSK_HAVE_FFDHE;
+	}
+
+	return 0;
+}
+
+/* returns data_size or a negative number on failure
+ */
+static int
+_gnutls_supported_groups_send_params(gnutls_session_t session,
+				  gnutls_buffer_st * extdata)
+{
+	unsigned len, i;
+	int ret;
+	uint16_t p;
+
+	/* this extension is only being sent on client side */
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+
+		len = session->internals.priorities->groups.size;
+		if (len > 0) {
+			ret =
+			    _gnutls_buffer_append_prefix(extdata, 16,
+							 len * 2);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			for (i = 0; i < len; i++) {
+				p = session->internals.priorities->groups.entry[i]->tls_id;
+
+				_gnutls_handshake_log("EXT[%p]: Sent group %s (0x%x)\n", session,
+					session->internals.priorities->groups.entry[i]->name, (unsigned)p);
+
+				ret =
+				    _gnutls_buffer_append_prefix(extdata,
+								 16, p);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+			}
+			return (len + 1) * 2;
+		}
+
+	}
+
+	return 0;
+}
+
+/* Returns 0 if the given ECC curve is allowed in the current
+ * session. A negative error value is returned otherwise.
+ */
+int
+_gnutls_session_supports_group(gnutls_session_t session,
+				unsigned int group)
+{
+	unsigned i;
+
+	for (i = 0; i < session->internals.priorities->groups.size; i++) {
+		if (session->internals.priorities->groups.entry[i]->id == group)
+			return 0;
+	}
+
+	return GNUTLS_E_ECC_UNSUPPORTED_CURVE;
+}
diff --git a/lib/ext/supported_groups.h b/lib/ext/supported_groups.h
new file mode 100644
index 0000000..769b3be
--- /dev/null
+++ b/lib/ext/supported_groups.h
@@ -0,0 +1,34 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_SUPPORTED_GROUPS_H
+#define GNUTLS_LIB_EXT_SUPPORTED_GROUPS_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_supported_groups;
+
+int
+_gnutls_session_supports_group(gnutls_session_t session,
+				unsigned int group);
+
+#endif /* GNUTLS_LIB_EXT_SUPPORTED_GROUPS_H */
diff --git a/lib/ext/supported_versions.c b/lib/ext/supported_versions.c
new file mode 100644
index 0000000..157a0a7
--- /dev/null
+++ b/lib/ext/supported_versions.c
@@ -0,0 +1,239 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the code for the Max Record Size TLS extension.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "num.h"
+#include <hello_ext.h>
+#include <ext/supported_versions.h>
+#include "handshake.h"
+
+static int supported_versions_recv_params(gnutls_session_t session,
+					  const uint8_t * data,
+					  size_t data_size);
+static int supported_versions_send_params(gnutls_session_t session,
+					  gnutls_buffer_st * extdata);
+
+const hello_ext_entry_st ext_mod_supported_versions = {
+	.name = "Supported Versions",
+	.tls_id = 43,
+	.gid = GNUTLS_EXTENSION_SUPPORTED_VERSIONS,
+	.validity = GNUTLS_EXT_FLAG_CLIENT_HELLO | GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO |
+		    GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO | GNUTLS_EXT_FLAG_HRR|GNUTLS_EXT_FLAG_TLS,
+	.client_parse_point = GNUTLS_EXT_VERSION_NEG, /* force parsing prior to EXT_TLS extensions */
+	.server_parse_point = GNUTLS_EXT_VERSION_NEG,
+	.recv_func = supported_versions_recv_params,
+	.send_func = supported_versions_send_params,
+	.pack_func = NULL,
+	.unpack_func = NULL,
+	.deinit_func = NULL,
+	.cannot_be_overriden = 1
+};
+
+static int
+supported_versions_recv_params(gnutls_session_t session,
+			       const uint8_t * data, size_t data_size)
+{
+	const version_entry_st *vers;
+	uint8_t major, minor;
+	size_t bytes;
+	int ret;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		const version_entry_st *old_vers;
+		const version_entry_st *cli_vers = NULL;
+
+		vers = _gnutls_version_max(session);
+		old_vers = get_version(session);
+
+		/* do not parse this extension when we haven't TLS1.3
+		 * enabled. That is because we cannot handle earlier protocol
+		 * negotiation (such as SSL3.0) with this */
+		if (vers && !vers->tls13_sem)
+			return 0;
+
+		DECR_LEN(data_size, 1);
+		bytes = data[0];
+		data++;
+
+		if (bytes % 2 == 1)
+			return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+		DECR_LEN(data_size, bytes);
+
+		if (data_size != 0)
+			return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+		while (bytes > 0) {
+			major = data[0];
+			minor = data[1];
+			data += 2;
+			bytes -= 2;
+
+			_gnutls_handshake_log("EXT[%p]: Found version: %d.%d\n",
+					      session, (int)major, (int)minor);
+
+			if (!_gnutls_nversion_is_supported(session, major, minor))
+				continue;
+
+			/* Prefer the latest possible version
+			 * regardless of the client's precedence.  See
+			 * https://gitlab.com/gnutls/gnutls/issues/837
+			 * for the rationale.
+			 */
+			if (!cli_vers ||
+			    major > cli_vers->major ||
+			    (major == cli_vers->major &&
+			     minor > cli_vers->minor))
+				cli_vers = nversion_to_entry(major, minor);
+		}
+
+		if (!cli_vers)
+			return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+		session->security_parameters.pversion = cli_vers;
+
+		_gnutls_handshake_log("EXT[%p]: Negotiated version: %d.%d\n",
+				      session,
+				      (int)cli_vers->major,
+				      (int)cli_vers->minor);
+
+		if (old_vers != cli_vers) {
+			/* regenerate the random value to set
+			 * downgrade sentinel if necessary
+			 */
+			ret = _gnutls_gen_server_random(session, cli_vers->id);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+
+		return 0;
+	} else { /* client */
+
+		if (!have_creds_for_tls13(session)) {
+			/* if we don't have certificate or PSK (which work under TLS1.3)
+			 * don't try to negotiate version using the extension. We fallback
+			 * instead to the normal TLS negotiation which has a cap on TLS1.2.
+			 */
+			return 0;
+		}
+
+		DECR_LEN(data_size, 2);
+
+		if (data_size != 0)
+			return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+		major = data[0];
+		minor = data[1];
+
+		vers = nversion_to_entry(major, minor);
+		if (!vers)
+			return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+		set_adv_version(session, major, minor);
+
+		_gnutls_handshake_log("EXT[%p]: Negotiated version: %d.%d\n",
+				      session, (int)major, (int)minor);
+
+		if (!vers->tls13_sem)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		ret = _gnutls_negotiate_version(session, major, minor, 1);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	return 0;
+}
+
+/* returns data_size or a negative number on failure
+ */
+static int
+supported_versions_send_params(gnutls_session_t session,
+			       gnutls_buffer_st * extdata)
+{
+	uint8_t versions[32];
+	size_t versions_size;
+	const version_entry_st *vers;
+	int ret;
+
+	/* this function sends the client extension data (dnsname) */
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		vers = _gnutls_version_max(session);
+
+		/* Do not advertise this extension if we are not doing certificate
+		 * or PSK authentication; i.e., do not try to do TLS1.3 if we have
+		 * credentials which do not fit it. */
+		if (!have_creds_for_tls13(session)) {
+			/* if we don't have certificate or PSK (which work under TLS1.3)
+			 * don't try to negotiate version using the extension. We fallback
+			 * instead to the normal TLS negotiation which has a cap on TLS1.2.
+			 */
+			return 0;
+		}
+
+		/* do not advertise this extension when we haven't TLS1.3
+		 * enabled. */
+		if (vers && !vers->tls13_sem)
+			return 0;
+
+		ret = _gnutls_write_supported_versions(session, versions, sizeof(versions));
+		if (ret <= 0) /* if this function doesn't succeed do not send anything */
+			return 0;
+
+		versions_size = ret;
+
+		ret = _gnutls_buffer_append_data_prefix(extdata, 8, versions, versions_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		return versions_size+2;
+	} else {
+		vers = get_version(session);
+		if (unlikely(vers == NULL))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		/* don't use this extension to negotiate versions <= 1.2,
+		 * pretend we don't support it, so that we use a single
+		 * code path to negotiate these protocols. */
+		if (!vers->tls13_sem)
+			return 0;
+
+		ret = _gnutls_buffer_append_data(extdata, &vers->major, 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_buffer_append_data(extdata, &vers->minor, 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		return 2;
+	}
+
+	return 0;
+}
diff --git a/lib/ext/supported_versions.h b/lib/ext/supported_versions.h
new file mode 100644
index 0000000..f7dfb9e
--- /dev/null
+++ b/lib/ext/supported_versions.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXT_SUPPORTED_VERSIONS_H
+#define GNUTLS_LIB_EXT_SUPPORTED_VERSIONS_H
+
+#include <hello_ext.h>
+
+extern const hello_ext_entry_st ext_mod_supported_versions;
+
+#endif /* GNUTLS_LIB_EXT_SUPPORTED_VERSIONS_H */
diff --git a/lib/extras/Makefile.am b/lib/extras/Makefile.am
new file mode 100644
index 0000000..7e5274b
--- /dev/null
+++ b/lib/extras/Makefile.am
@@ -0,0 +1,39 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2002-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+include $(top_srcdir)/lib/common.mk
+
+AM_CPPFLAGS = \
+	-I$(srcdir)/../../gl		\
+	-I$(builddir)/../../gl		\
+	-I$(srcdir)/../includes		\
+	-I$(builddir)/../includes	\
+	-I$(builddir)/../../gl          \
+	-I$(srcdir)/..	
+
+EXTRA_DIST = licenses/CC0
+
+if ENABLE_MINITASN1
+AM_CPPFLAGS += -I$(srcdir)/../minitasn1
+endif
+
+noinst_LTLIBRARIES = libgnutls_extras.la
+
+libgnutls_extras_la_SOURCES = randomart.c randomart.h hex.c hex.h
diff --git a/lib/extras/Makefile.in b/lib/extras/Makefile.in
new file mode 100644
index 0000000..c934bed
--- /dev/null
+++ b/lib/extras/Makefile.in
@@ -0,0 +1,2391 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2002-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@ENABLE_MINITASN1_TRUE@am__append_1 = -I$(srcdir)/../minitasn1
+subdir = lib/extras
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+LTLIBRARIES = $(noinst_LTLIBRARIES)
+libgnutls_extras_la_LIBADD =
+am_libgnutls_extras_la_OBJECTS = randomart.lo hex.lo
+libgnutls_extras_la_OBJECTS = $(am_libgnutls_extras_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/hex.Plo ./$(DEPDIR)/randomart.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+SOURCES = $(libgnutls_extras_la_SOURCES)
+DIST_SOURCES = $(libgnutls_extras_la_SOURCES)
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in \
+	$(top_srcdir)/build-aux/depcomp $(top_srcdir)/lib/common.mk
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = @GPERF@
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+AM_CFLAGS = $(WERROR_CFLAGS) $(WSTACK_CFLAGS) $(WARN_CFLAGS) $(NETTLE_CFLAGS) \
+  $(LIBTASN1_CFLAGS) $(LIBIDN2_CFLAGS) $(P11_KIT_CFLAGS) $(LIBZSTD_CFLAGS) \
+  $(CODE_COVERAGE_CFLAGS)
+
+COMMON_LINK_FLAGS = $(CODE_COVERAGE_LDFLAGS)
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
+AM_CPPFLAGS = -I$(srcdir)/../../gl -I$(builddir)/../../gl \
+	-I$(srcdir)/../includes -I$(builddir)/../includes \
+	-I$(builddir)/../../gl -I$(srcdir)/.. $(am__append_1)
+EXTRA_DIST = licenses/CC0
+noinst_LTLIBRARIES = libgnutls_extras.la
+libgnutls_extras_la_SOURCES = randomart.c randomart.h hex.c hex.h
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/lib/common.mk $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/extras/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign lib/extras/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+$(top_srcdir)/lib/common.mk $(am__empty):
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+	-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+	@list='$(noinst_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+
+libgnutls_extras.la: $(libgnutls_extras_la_OBJECTS) $(libgnutls_extras_la_DEPENDENCIES) $(EXTRA_libgnutls_extras_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(LINK)  $(libgnutls_extras_la_OBJECTS) $(libgnutls_extras_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hex.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/randomart.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	mostlyclean-am
+
+distclean: distclean-am
+		-rm -f ./$(DEPDIR)/hex.Plo
+	-rm -f ./$(DEPDIR)/randomart.Plo
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+		-rm -f ./$(DEPDIR)/hex.Plo
+	-rm -f ./$(DEPDIR)/randomart.Plo
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+	clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	cscopelist-am ctags ctags-am distclean distclean-compile \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man install-pdf \
+	install-pdf-am install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-am uninstall uninstall-am
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/lib/extras/hex.c b/lib/extras/hex.c
new file mode 100644
index 0000000..b88777f
--- /dev/null
+++ b/lib/extras/hex.c
@@ -0,0 +1,63 @@
+/* CC0 license (public domain) - see LICENSE file for details */
+#include <config.h>
+#include <hex.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+static bool char_to_hex(unsigned char *val, char c)
+{
+	if (c >= '0' && c <= '9') {
+		*val = c - '0';
+		return true;
+	}
+	if (c >= 'a' && c <= 'f') {
+		*val = c - 'a' + 10;
+		return true;
+	}
+	if (c >= 'A' && c <= 'F') {
+		*val = c - 'A' + 10;
+		return true;
+	}
+	return false;
+}
+
+bool hex_decode(const char *str, size_t slen, void *buf, size_t bufsize)
+{
+	unsigned char v1, v2;
+	unsigned char *p = buf;
+
+	while (slen > 1) {
+		if (!char_to_hex(&v1, str[0]) || !char_to_hex(&v2, str[1]))
+			return false;
+		if (!bufsize)
+			return false;
+		*(p++) = (v1 << 4) | v2;
+		str += 2;
+		slen -= 2;
+		bufsize--;
+	}
+	return slen == 0 && bufsize == 0;
+}
+
+static const char HEX_CHARS[] = "0123456789abcdef";
+
+bool hex_encode(const void *buf, size_t bufsize, char *dest, size_t destsize)
+{
+	size_t used = 0;
+
+	if (destsize < 1)
+		return false;
+
+	while (used < bufsize) {
+		unsigned int c = ((const unsigned char *)buf)[used];
+		if (destsize < 3)
+			return false;
+		*(dest++) = HEX_CHARS[(c >> 4) & 0xF];
+		*(dest++) = HEX_CHARS[c & 0xF];
+		used++;
+		destsize -= 2;
+	}
+	*dest = '\0';
+
+	return used + 1;
+}
diff --git a/lib/extras/hex.h b/lib/extras/hex.h
new file mode 100644
index 0000000..5fcac98
--- /dev/null
+++ b/lib/extras/hex.h
@@ -0,0 +1,77 @@
+/* CC0 (Public domain) - see LICENSE file for details */
+
+#ifndef GNUTLS_LIB_EXTRAS_HEX_H
+#define GNUTLS_LIB_EXTRAS_HEX_H
+
+#include "config.h"
+#include <stdbool.h>
+#include <stdlib.h>
+
+/**
+ * hex_decode - Unpack a hex string.
+ * @str: the hexadecimal string
+ * @slen: the length of @str
+ * @buf: the buffer to write the data into
+ * @bufsize: the length of @buf
+ *
+ * Returns false if there are any characters which aren't 0-9, a-f or A-F,
+ * of the string wasn't the right length for @bufsize.
+ *
+ * Example:
+ *	unsigned char data[20];
+ *
+ *	if (!hex_decode(argv[1], strlen(argv[1]), data, 20))
+ *		printf("String is malformed!\n");
+ */
+
+bool hex_decode(const char *str, size_t slen, void *buf, size_t bufsize);
+
+/**
+ * hex_encode - Create a nul-terminated hex string
+ * @buf: the buffer to read the data from
+ * @bufsize: the length of @buf
+ * @dest: the string to fill
+ * @destsize: the max size of the string
+ *
+ * Returns true if the string, including terminator, fit in @destsize;
+ *
+ * Example:
+ *	unsigned char buf[] = { 0x1F, 0x2F };
+ *	char str[5];
+ *
+ *	if (!hex_encode(buf, sizeof(buf), str, sizeof(str)))
+ *		abort();
+ */
+bool hex_encode(const void *buf, size_t bufsize, char *dest, size_t destsize);
+
+/**
+ * hex_str_size - Calculate how big a nul-terminated hex string is
+ * @bytes: bytes of data to represent
+ *
+ * Example:
+ *	unsigned char buf[] = { 0x1F, 0x2F };
+ *	char str[hex_str_size(sizeof(buf))];
+ *
+ *	hex_encode(buf, sizeof(buf), str, sizeof(str));
+ */
+static inline size_t hex_str_size(size_t bytes)
+{
+	return 2 * bytes + 1;
+}
+
+/**
+ * hex_data_size - Calculate how many bytes of data in a hex string
+ * @strlen: the length of the string (with or without NUL)
+ *
+ * Example:
+ *	const char str[] = "1F2F";
+ *	unsigned char buf[hex_data_size(sizeof(str))];
+ *
+ *	hex_decode(str, strlen(str), buf, sizeof(buf));
+ */
+static inline size_t hex_data_size(size_t slen)
+{
+	return slen / 2;
+}
+
+#endif /* GNUTLS_LIB_EXTRAS_HEX_H */
diff --git a/lib/extras/licenses/CC0 b/lib/extras/licenses/CC0
new file mode 100644
index 0000000..feb9b11
--- /dev/null
+++ b/lib/extras/licenses/CC0
@@ -0,0 +1,28 @@
+Statement of Purpose
+
+The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work").
+
+Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others.
+
+For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights.
+
+1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following:
+
+    the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work;
+    moral rights retained by the original author(s) and/or performer(s);
+    publicity and privacy rights pertaining to a person's image or likeness depicted in a Work;
+    rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below;
+    rights protecting the extraction, dissemination, use and reuse of data in a Work;
+    database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and
+    other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof.
+
+2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose.
+
+3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose.
+
+4. Limitations and Disclaimers.
+
+    No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document.
+    Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law.
+    Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work.
+    Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work.
diff --git a/lib/extras/randomart.c b/lib/extras/randomart.c
new file mode 100644
index 0000000..cfd7e1c
--- /dev/null
+++ b/lib/extras/randomart.c
@@ -0,0 +1,172 @@
+/* $OpenBSD: key.c,v 1.98 2011/10/18 04:58:26 djm Exp $ */
+/*
+ * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
+ * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <randomart.h>
+
+/*
+ * Draw an ASCII-Art representing the fingerprint so human brain can
+ * profit from its built-in pattern recognition ability.
+ * This technique is called "random art" and can be found in some
+ * scientific publications like this original paper:
+ *
+ * "Hash Visualization: a New Technique to improve Real-World Security",
+ * Perrig A. and Song D., 1999, International Workshop on Cryptographic
+ * Techniques and E-Commerce (CrypTEC '99)
+ * sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf
+ *
+ * The subject came up in a talk by Dan Kaminsky, too.
+ *
+ * If you see the picture is different, the key is different.
+ * If the picture looks the same, you still know nothing.
+ *
+ * The algorithm used here is a worm crawling over a discrete plane,
+ * leaving a trace (augmenting the field) everywhere it goes.
+ * Movement is taken from dgst_raw 2bit-wise.  Bumping into walls
+ * makes the respective movement vector be ignored for this turn.
+ * Graphs are not unambiguous, because circles in graphs can be
+ * walked in either direction.
+ */
+
+/*
+ * Field sizes for the random art.  Have to be odd, so the starting point
+ * can be in the exact middle of the picture, and FLDBASE should be >=8 .
+ * Else pictures would be too dense, and drawing the frame would
+ * fail, too, because the key type would not fit in anymore.
+ */
+#define	FLDBASE		8
+#define	FLDSIZE_Y	(FLDBASE + 1)
+#define	FLDSIZE_X	(FLDBASE * 2 + 1)
+char *_gnutls_key_fingerprint_randomart(uint8_t * dgst_raw,
+					u_int dgst_raw_len,
+					const char *key_type,
+					unsigned int key_size,
+					const char *prefix)
+{
+	/*
+	 * Chars to be used after each other every time the worm
+	 * intersects with itself.  Matter of taste.
+	 */
+	const char augmentation_string[] = " .o+=*BOX@%&#/^SE";
+	char *retval, *p;
+	uint8_t field[FLDSIZE_X][FLDSIZE_Y];
+	char size_txt[16];
+	unsigned int i, b;
+	int x, y;
+	const size_t len = sizeof(augmentation_string) - 2;
+	unsigned int prefix_len = 0;
+
+	if (prefix)
+		prefix_len = strlen(prefix);
+
+	retval =
+	    gnutls_calloc(1,
+			  (FLDSIZE_X + 3 + prefix_len) * (FLDSIZE_Y + 2));
+	if (retval == NULL) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	/* initialize field */
+	memset(field, 0, FLDSIZE_X * FLDSIZE_Y * sizeof(char));
+	x = FLDSIZE_X / 2;
+	y = FLDSIZE_Y / 2;
+
+	/* process raw key */
+	for (i = 0; i < dgst_raw_len; i++) {
+		int input;
+		/* each byte conveys four 2-bit move commands */
+		input = dgst_raw[i];
+		for (b = 0; b < 4; b++) {
+			/* evaluate 2 bit, rest is shifted later */
+			x += (input & 0x1) ? 1 : -1;
+			y += (input & 0x2) ? 1 : -1;
+
+			/* assure we are still in bounds */
+			x = MAX(x, 0);
+			y = MAX(y, 0);
+			x = MIN(x, FLDSIZE_X - 1);
+			y = MIN(y, FLDSIZE_Y - 1);
+
+			/* augment the field */
+			if (field[x][y] < len - 2)
+				field[x][y]++;
+			input = input >> 2;
+		}
+	}
+
+	/* mark starting point and end point */
+	field[FLDSIZE_X / 2][FLDSIZE_Y / 2] = len - 1;
+	field[x][y] = len;
+
+	if (key_size > 0)
+		snprintf(size_txt, sizeof(size_txt), " %4u", key_size);
+	else
+		size_txt[0] = 0;
+
+	/* fill in retval */
+	if (prefix_len)
+		snprintf(retval, FLDSIZE_X + prefix_len, "%s+--[%4s%s]",
+			 prefix, key_type, size_txt);
+	else
+		snprintf(retval, FLDSIZE_X, "+--[%4s%s]", key_type,
+			 size_txt);
+	p = strchr(retval, '\0');
+
+	/* output upper border */
+	for (i = p - retval - 1; i < FLDSIZE_X + prefix_len; i++)
+		*p++ = '-';
+	*p++ = '+';
+	*p++ = '\n';
+
+	if (prefix_len) {
+		memcpy(p, prefix, prefix_len);
+		p += prefix_len;
+	}
+
+	/* output content */
+	for (y = 0; y < FLDSIZE_Y; y++) {
+		*p++ = '|';
+		for (x = 0; x < FLDSIZE_X; x++)
+			*p++ = augmentation_string[MIN(field[x][y], len)];
+		*p++ = '|';
+		*p++ = '\n';
+
+		if (prefix_len) {
+			memcpy(p, prefix, prefix_len);
+			p += prefix_len;
+		}
+	}
+
+	/* output lower border */
+	*p++ = '+';
+	for (i = 0; i < FLDSIZE_X; i++)
+		*p++ = '-';
+	*p++ = '+';
+
+	return retval;
+}
diff --git a/lib/extras/randomart.h b/lib/extras/randomart.h
new file mode 100644
index 0000000..b468eb4
--- /dev/null
+++ b/lib/extras/randomart.h
@@ -0,0 +1,10 @@
+#ifndef GNUTLS_LIB_EXTRAS_RANDOMART_H
+#define GNUTLS_LIB_EXTRAS_RANDOMART_H
+
+char *_gnutls_key_fingerprint_randomart(uint8_t * dgst_raw,
+					u_int dgst_raw_len,
+					const char *key_type,
+					unsigned int key_size,
+					const char *prefix);
+
+#endif /* GNUTLS_LIB_EXTRAS_RANDOMART_H */
diff --git a/lib/extv.c b/lib/extv.c
new file mode 100644
index 0000000..0c0c46f
--- /dev/null
+++ b/lib/extv.c
@@ -0,0 +1,242 @@
+/*
+ * Copyright (C) 2017-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "hello_ext.h"
+#include "errors.h"
+#include "extv.h"
+
+/* Iterates through all extensions found, and calls the cb()
+ * function with their data */
+int _gnutls_extv_parse(void *ctx,
+		       gnutls_ext_raw_process_func cb,
+		       const uint8_t * data, int data_size)
+{
+	int next, ret;
+	int pos = 0;
+	uint16_t tls_id;
+	const uint8_t *sdata;
+	uint16_t size;
+
+	if (data_size == 0)
+		return 0;
+
+	DECR_LENGTH_RET(data_size, 2, GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH);
+	next = _gnutls_read_uint16(data);
+	pos += 2;
+
+	DECR_LENGTH_RET(data_size, next, GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH);
+
+	if (next == 0 && data_size == 0) /* field is present, but has zero length? Ignore it. */
+		return 0;
+	else if (data_size > 0) /* forbid unaccounted data */
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH);
+
+	do {
+		DECR_LENGTH_RET(next, 2, GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH);
+		tls_id = _gnutls_read_uint16(&data[pos]);
+		pos += 2;
+
+		DECR_LENGTH_RET(next, 2, GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH);
+		size = _gnutls_read_uint16(&data[pos]);
+		pos += 2;
+
+		DECR_LENGTH_RET(next, size, GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH);
+		sdata = &data[pos];
+		pos += size;
+
+		ret = cb(ctx, tls_id, sdata, size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+	while (next > 2);
+
+	/* forbid leftovers */
+	if (next > 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH);
+
+	return 0;
+}
+
+#define HANDSHAKE_SESSION_ID_POS (34)
+/**
+ * gnutls_ext_raw_parse:
+ * @ctx: a pointer to pass to callback function
+ * @cb: callback function to process each extension found
+ * @data: TLS extension data
+ * @flags: should be zero or %GNUTLS_EXT_RAW_FLAG_TLS_CLIENT_HELLO or %GNUTLS_EXT_RAW_FLAG_DTLS_CLIENT_HELLO
+ *
+ * This function iterates through the TLS extensions as passed in
+ * @data, passing the individual extension data to callback. The
+ * @data must conform to Extension extensions<0..2^16-1> format.
+ *
+ * If flags is %GNUTLS_EXT_RAW_TLS_FLAG_CLIENT_HELLO then this function
+ * will parse the extension data from the position, as if the packet in
+ * @data is a client hello (without record or handshake headers) -
+ * as provided by gnutls_handshake_set_hook_function().
+ *
+ * The return value of the callback will be propagated.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code. On unknown
+ *   flags it returns %GNUTLS_E_INVALID_REQUEST.
+ *
+ * Since: 3.6.3
+ **/
+int gnutls_ext_raw_parse(void *ctx, gnutls_ext_raw_process_func cb,
+			 const gnutls_datum_t *data, unsigned int flags)
+{
+	if (flags & GNUTLS_EXT_RAW_FLAG_TLS_CLIENT_HELLO) {
+		size_t size = data->size;
+		size_t len;
+		uint8_t *p = data->data;
+
+		DECR_LEN(size, HANDSHAKE_SESSION_ID_POS);
+
+		if (p[0] != 0x03)
+			return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+		p += HANDSHAKE_SESSION_ID_POS;
+
+		/* skip session id */
+		DECR_LEN(size, 1);
+		len = p[0];
+		p++;
+		DECR_LEN(size, len);
+		p += len;
+
+		/* CipherSuites */
+		DECR_LEN(size, 2);
+		len = _gnutls_read_uint16(p);
+		p += 2;
+		DECR_LEN(size, len);
+		p += len;
+
+		/* legacy_compression_methods */
+		DECR_LEN(size, 1);
+		len = p[0];
+		p++;
+		DECR_LEN(size, len);
+		p += len;
+
+		if (size == 0)
+			return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+		return _gnutls_extv_parse(ctx, cb, p, size);
+	} else if (flags & GNUTLS_EXT_RAW_FLAG_DTLS_CLIENT_HELLO) {
+		size_t size = data->size;
+		size_t len;
+		uint8_t *p = data->data;
+
+		DECR_LEN(size, HANDSHAKE_SESSION_ID_POS);
+
+		if (p[0] != 254)
+			return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+		p += HANDSHAKE_SESSION_ID_POS;
+
+		/* skip session id */
+		DECR_LEN(size, 1);
+		len = p[0];
+		p++;
+		DECR_LEN(size, len);
+		p += len;
+
+		/* skip cookie */
+		DECR_LEN(size, 1);
+		len = p[0];
+		p++;
+		DECR_LEN(size, len);
+		p += len;
+
+		/* CipherSuites */
+		DECR_LEN(size, 2);
+		len = _gnutls_read_uint16(p);
+		p += 2;
+		DECR_LEN(size, len);
+		p += len;
+
+		/* legacy_compression_methods */
+		DECR_LEN(size, 1);
+		len = p[0];
+		p++;
+		DECR_LEN(size, len);
+		p += len;
+
+		if (size == 0)
+			return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+		return _gnutls_extv_parse(ctx, cb, p, size);
+	}
+
+	if (flags != 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	return _gnutls_extv_parse(ctx, cb, data->data, data->size);
+}
+
+/* Returns:
+ *  * On success the number of bytes appended (always positive), or zero if not sent
+ *  * On failure, a negative error code.
+ */
+int _gnutls_extv_append(gnutls_buffer_st *buf,
+			uint16_t tls_id,
+		        void *ctx,
+		        int (*cb)(void *ctx, gnutls_buffer_st *buf))
+{
+	int size_pos, appended, ret;
+	size_t size_prev;
+
+	ret = _gnutls_buffer_append_prefix(buf, 16, tls_id);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	size_pos = buf->length;
+	ret = _gnutls_buffer_append_prefix(buf, 16, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	size_prev = buf->length;
+	ret = cb(ctx, buf);
+	if (ret < 0 && ret != GNUTLS_E_INT_RET_0) {
+		return gnutls_assert_val(ret);
+	}
+
+	/* returning GNUTLS_E_INT_RET_0 means to send an empty
+	 * extension of this type.
+	 */
+	appended = buf->length - size_prev;
+
+	if (appended > 0 || ret == GNUTLS_E_INT_RET_0) {
+		if (ret == GNUTLS_E_INT_RET_0)
+			appended = 0;
+
+		/* write the real size */
+		_gnutls_write_uint16(appended,
+				     &buf->data[size_pos]);
+	} else if (appended == 0) {
+		buf->length -= 4;	/* reset type and size */
+		return 0;
+	}
+
+	return appended + 4;
+}
+
diff --git a/lib/extv.h b/lib/extv.h
new file mode 100644
index 0000000..3c0bd33
--- /dev/null
+++ b/lib/extv.h
@@ -0,0 +1,81 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_EXTV_H
+#define GNUTLS_LIB_EXTV_H
+
+#include <gnutls/gnutls.h>
+#include "str.h"
+
+/* Iterates through all TLS-type extensions in data, and
+ * calls the callback function for each of them. The ctx, flags
+ * and parse_type are passed verbatim to callback. */
+int _gnutls_extv_parse(void *ctx,
+		       gnutls_ext_raw_process_func cb,
+		       const uint8_t * data, int data_size);
+
+inline static
+int _gnutls_extv_append_init(gnutls_buffer_st *buf)
+{
+	unsigned pos;
+	int ret;
+
+	pos = buf->length;
+
+	ret = _gnutls_buffer_append_prefix(buf, 16, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return pos;
+}
+
+/* its input is the buffer and the return value of _gnutls_extv_append_init()
+ * @is_hello: should be true for client and server hello messages.
+ */
+inline static
+int _gnutls_extv_append_final(gnutls_buffer_st *buf, unsigned init, unsigned is_hello)
+{
+	unsigned size = buf->length - init - 2;
+
+	if (size > UINT16_MAX) /* sent too many extensions */
+		return gnutls_assert_val(GNUTLS_E_HANDSHAKE_TOO_LARGE);
+
+	if (size > 0)
+		_gnutls_write_uint16(size, &buf->data[init]);
+	else if (is_hello && size == 0) {
+		/* there is no point to send empty extension bytes, and
+		 * they are known to break certain clients */
+		buf->length -= 2;
+	}
+
+	return 0;
+}
+
+typedef int (*extv_append_func)(void *ctx, gnutls_buffer_st *buf);
+
+int _gnutls_extv_append(gnutls_buffer_st *buf,
+			uint16_t tls_id,
+		        void *ctx,
+		        extv_append_func cb);
+
+
+#endif /* GNUTLS_LIB_EXTV_H */
diff --git a/lib/file.c b/lib/file.c
new file mode 100644
index 0000000..3ded849
--- /dev/null
+++ b/lib/file.c
@@ -0,0 +1,78 @@
+/*
+ * Copyright (C) 2005-2015 Free Software Foundation, Inc.
+ * Copyright (C) 2015 Nikos Mavrogiannopoulos, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <file.h>
+#include <read-file.h>
+
+int _gnutls_file_exists(const char *file)
+{
+	FILE *fp;
+
+	fp = fopen(file, "re");
+	if (fp == NULL)
+		return -1;
+
+	fclose(fp);
+	return 0;
+}
+
+/**
+ * gnutls_load_file:
+ * @filename: the name of the file to load
+ * @data: Where the file will be stored
+ *
+ * This function will load a file into a datum. The data are
+ * zero terminated but the terminating null is not included in length.
+ * The returned data are allocated using gnutls_malloc().
+ *
+ * Note that this function is not designed for reading sensitive materials,
+ * such as private keys, on practical applications. When the reading fails
+ * in the middle, the partially loaded content might remain on memory.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since 3.1.0
+ **/
+int gnutls_load_file(const char *filename, gnutls_datum_t * data)
+{
+	size_t len;
+
+	data->data = (void *) read_file(filename, RF_BINARY, &len);
+	if (data->data == NULL)
+		return GNUTLS_E_FILE_ERROR;
+
+	if (malloc != gnutls_malloc) {
+		void *tmp = gnutls_malloc(len);
+
+		memcpy(tmp, data->data, len);
+		free(data->data);
+		data->data = tmp;
+	}
+
+	data->size = len;
+
+	return 0;
+}
+
diff --git a/lib/file.h b/lib/file.h
new file mode 100644
index 0000000..98fb90e
--- /dev/null
+++ b/lib/file.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2005-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_FILE_H
+#define GNUTLS_LIB_FILE_H
+
+int _gnutls_file_exists(const char *file);
+
+#endif /* GNUTLS_LIB_FILE_H */
diff --git a/lib/fingerprint.c b/lib/fingerprint.c
new file mode 100644
index 0000000..62e0783
--- /dev/null
+++ b/lib/fingerprint.c
@@ -0,0 +1,80 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <auth/srp_kx.h>
+#include <auth/anon.h>
+#include <auth/cert.h>
+#include <auth/psk.h>
+#include "errors.h"
+#include <auth.h>
+#include <state.h>
+#include <datum.h>
+#include <algorithms.h>
+
+/**
+ * gnutls_fingerprint:
+ * @algo: is a digest algorithm
+ * @data: is the data
+ * @result: is the place where the result will be copied (may be null).
+ * @result_size: should hold the size of the result. The actual size
+ * of the returned result will also be copied there.
+ *
+ * This function will calculate a fingerprint (actually a hash), of
+ * the given data.  The result is not printable data.  You should
+ * convert it to hex, or to something else printable.
+ *
+ * This is the usual way to calculate a fingerprint of an X.509 DER
+ * encoded certificate.  Note however that the fingerprint of an
+ * OpenPGP certificate is not just a hash and cannot be calculated with this
+ * function.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ **/
+int
+gnutls_fingerprint(gnutls_digest_algorithm_t algo,
+		   const gnutls_datum_t * data, void *result,
+		   size_t * result_size)
+{
+	int ret;
+	int hash_len = _gnutls_hash_get_algo_len(hash_to_entry(algo));
+
+	if (hash_len < 0 || (unsigned) hash_len > *result_size
+	    || result == NULL) {
+		*result_size = hash_len;
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+	*result_size = hash_len;
+
+	if (result) {
+		ret =
+		    _gnutls_hash_fast(algo, data->data, data->size,
+				      result);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+
diff --git a/lib/fips.c b/lib/fips.c
new file mode 100644
index 0000000..54eb4a3
--- /dev/null
+++ b/lib/fips.c
@@ -0,0 +1,939 @@
+/*
+ * Copyright (C) 2013 Red Hat
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+#include "gnutls_int.h"
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
+#include <unistd.h>
+#include "errors.h"
+#include "file.h"
+#include "inih/ini.h"
+#include <fips.h>
+#include <gnutls/self-test.h>
+#include <stdio.h>
+#include <extras/hex.h>
+#include <random.h>
+
+#include "gthreads.h"
+
+unsigned int _gnutls_lib_state = LIB_STATE_POWERON;
+
+struct gnutls_fips140_context_st {
+	gnutls_fips140_operation_state_t state;
+	struct gnutls_fips140_context_st *next;
+};
+
+#ifdef ENABLE_FIPS140
+
+#include <dlfcn.h>
+
+#define FIPS_KERNEL_FILE "/proc/sys/crypto/fips_enabled"
+#define FIPS_SYSTEM_FILE "/etc/system-fips"
+
+/* We provide a per-thread FIPS-mode so that an application
+ * can use gnutls_fips140_set_mode() to override a specific
+ * operation on a thread */
+static gnutls_fips_mode_t _global_fips_mode = -1;
+static _Thread_local gnutls_fips_mode_t _tfips_mode = -1;
+
+static _Thread_local gnutls_fips140_context_t _tfips_context = NULL;
+
+static int _skip_integrity_checks = 0;
+
+/* Returns:
+ * a gnutls_fips_mode_t value
+ */
+unsigned _gnutls_fips_mode_enabled(void)
+{
+	unsigned f1p = 0, f2p;
+	FILE* fd;
+	const char *p;
+	unsigned ret;
+
+	/* We initialize this threads' mode, and
+	 * the global mode if not already initialized.
+	 * When the global mode is initialized, then
+	 * the thread mode is copied from it. As this
+	 * is called on library initialization, the
+	 * _global_fips_mode is always set during app run.
+	 */
+	if (_tfips_mode != (gnutls_fips_mode_t)-1)
+		return _tfips_mode;
+
+	if (_global_fips_mode != (gnutls_fips_mode_t)-1) {
+		return _global_fips_mode;
+	}
+
+	p = secure_getenv("GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS");
+	if (p && p[0] == '1') {
+		_skip_integrity_checks = 1;
+	}
+
+	p = secure_getenv("GNUTLS_FORCE_FIPS_MODE");
+	if (p) {
+		if (p[0] == '1')
+			ret = GNUTLS_FIPS140_STRICT;
+		else if (p[0] == '2')
+			ret = GNUTLS_FIPS140_SELFTESTS;
+		else if (p[0] == '3')
+			ret = GNUTLS_FIPS140_LAX;
+		else if (p[0] == '4')
+			ret = GNUTLS_FIPS140_LOG;
+		else
+			ret = GNUTLS_FIPS140_DISABLED;
+
+		goto exit;
+	}
+
+	fd = fopen(FIPS_KERNEL_FILE, "re");
+	if (fd != NULL) {
+		f1p = fgetc(fd);
+		fclose(fd);
+
+		if (f1p == '1') f1p = 1;
+		else f1p = 0;
+	}
+
+	if (f1p != 0) {
+		_gnutls_debug_log("FIPS140-2 mode enabled\n");
+		ret = GNUTLS_FIPS140_STRICT;
+		goto exit;
+	}
+
+	f2p = !access(FIPS_SYSTEM_FILE, F_OK);
+	if (f2p != 0) {
+		/* a funny state where self tests are performed
+		 * and ignored */
+		_gnutls_debug_log("FIPS140-2 ZOMBIE mode enabled\n");
+		ret = GNUTLS_FIPS140_SELFTESTS;
+		goto exit;
+	}
+
+	ret = GNUTLS_FIPS140_DISABLED;
+	goto exit;
+
+ exit:
+	_global_fips_mode = ret;
+	return ret;
+}
+
+/* This _fips_mode == 2 is a strange mode where checks are being
+ * performed, but its output is ignored. */
+void _gnutls_fips_mode_reset_zombie(void)
+{
+	if (_global_fips_mode == GNUTLS_FIPS140_SELFTESTS) {
+		_global_fips_mode = GNUTLS_FIPS140_DISABLED;
+	}
+}
+
+/* These only works with the platform where SONAME is part of the ABI.
+ * For example, *_SONAME will be set to "none" on Windows platforms. */
+#define GNUTLS_LIBRARY_NAME GNUTLS_LIBRARY_SONAME
+#define NETTLE_LIBRARY_NAME NETTLE_LIBRARY_SONAME
+#define HOGWEED_LIBRARY_NAME HOGWEED_LIBRARY_SONAME
+#define GMP_LIBRARY_NAME GMP_LIBRARY_SONAME
+
+#define HMAC_SIZE 32
+#define HMAC_ALGO GNUTLS_MAC_SHA256
+#define HMAC_FILE_NAME ".gnutls.hmac"
+#define HMAC_FORMAT_VERSION 1
+
+struct hmac_entry
+{
+	char path[GNUTLS_PATH_MAX];
+	uint8_t hmac[HMAC_SIZE];
+};
+
+typedef struct
+{
+	int version;
+	struct hmac_entry gnutls;
+	struct hmac_entry nettle;
+	struct hmac_entry hogweed;
+	struct hmac_entry gmp;
+} hmac_file;
+
+static int get_library_path(const char* lib, const char* symbol, char* path, size_t path_size)
+{
+	int ret;
+	void *dl, *sym;
+	Dl_info info;
+
+	dl = dlopen(lib, RTLD_LAZY);
+	if (dl == NULL)
+		return gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+
+	sym = dlsym(dl, symbol);
+	if (sym == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+		goto cleanup;
+	}
+
+	ret = dladdr(sym, &info);
+	if (ret == 0) {
+		ret = gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+		goto cleanup;
+	}
+
+	ret = snprintf(path, path_size, "%s", info.dli_fname);
+	if ((size_t)ret >= path_size) {
+		ret = gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+		goto cleanup;
+	}
+
+	ret = 0;
+cleanup:
+	dlclose(dl);
+	return ret;
+}
+
+/* Parses hmac data and copies hex value into dest.
+ * dest must point to at least HMAC_SIZE amount of memory
+ */
+static int get_hmac(uint8_t *dest, const char *value)
+{
+	int ret;
+	size_t hmac_size;
+	gnutls_datum_t data;
+
+	data.size = strlen(value);
+	data.data = (unsigned char *)value;
+
+	hmac_size = HMAC_SIZE;
+	ret = gnutls_hex_decode(&data, dest, &hmac_size);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	if (hmac_size != HMAC_SIZE)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	return 0;
+}
+
+static int
+lib_handler(struct hmac_entry *entry,
+	    const char *section, const char *name, const char *value)
+{
+	if (!strcmp(name, "path")) {
+		snprintf(entry->path, GNUTLS_PATH_MAX, "%s", value);
+	} else if (!strcmp(name, "hmac")) {
+		if (get_hmac(entry->hmac, value) < 0)
+			return 0;
+	} else {
+		return 0;
+	}
+	return 1;
+}
+
+static int handler(void *user, const char *section, const char *name, const char *value)
+{
+	hmac_file *p = (hmac_file *)user;
+
+	if (!strcmp(section, "global")) {
+		if (!strcmp(name, "format-version")) {
+			p->version = strtol(value, NULL, 10);
+		} else {
+			return 0;
+		}
+	} else if (!strcmp(section, GNUTLS_LIBRARY_NAME)) {
+		return lib_handler(&p->gnutls, section, name, value);
+	} else if (!strcmp(section, NETTLE_LIBRARY_NAME)) {
+		return lib_handler(&p->nettle, section, name, value);
+	} else if (!strcmp(section, HOGWEED_LIBRARY_NAME)) {
+		return lib_handler(&p->hogweed, section, name, value);
+	} else if (!strcmp(section, GMP_LIBRARY_NAME)) {
+		return lib_handler(&p->gmp, section, name, value);
+	} else {
+		return 0;
+	}
+	return 1;
+}
+
+static int get_hmac_path(char *mac_file, size_t mac_file_size)
+{
+	int ret;
+	char *p;
+	char file[GNUTLS_PATH_MAX];
+
+	ret = get_library_path(GNUTLS_LIBRARY_NAME, "gnutls_global_init",
+			       file, sizeof(file));
+	if (ret < 0)
+		return ret;
+
+	p = strrchr(file, '/');
+
+	if (p == NULL)
+		ret = snprintf(mac_file, mac_file_size, HMAC_FILE_NAME);
+	else
+		ret = snprintf(mac_file, mac_file_size,
+			       "%.*s/"HMAC_FILE_NAME, (int)(p - file), file);
+	if ((size_t)ret >= mac_file_size)
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ret = _gnutls_file_exists(mac_file);
+	if (ret == 0)
+		return GNUTLS_E_SUCCESS;
+
+	if (p == NULL)
+		ret = snprintf(mac_file, mac_file_size, "fipscheck/"HMAC_FILE_NAME);
+	else
+		ret = snprintf(mac_file, mac_file_size,
+			       "%.*s/fipscheck/"HMAC_FILE_NAME, (int)(p - file), file);
+	if ((size_t)ret >= mac_file_size)
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+	ret = _gnutls_file_exists(mac_file);
+	if (ret == 0)
+		return GNUTLS_E_SUCCESS;
+
+	return GNUTLS_E_FILE_ERROR;
+}
+
+static int load_hmac_file(hmac_file *p)
+{
+	int ret;
+	FILE *stream;
+	char hmac_path[GNUTLS_PATH_MAX];
+
+	ret = get_hmac_path(hmac_path, sizeof(hmac_path));
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	stream = fopen(hmac_path, "r");
+	if (stream == NULL)
+		return gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+
+	gnutls_memset(p, 0, sizeof(*p));
+	ret = ini_parse_file(stream, handler, p);
+	fclose(stream);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	if (p->version != HMAC_FORMAT_VERSION)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	return 0;
+}
+
+/* Run an HMAC using the key above on the library binary data.
+ * Returns 0 on success and negative value on error.
+ */
+static int check_lib_hmac(struct hmac_entry *entry,
+			  const char *lib, const char *sym)
+{
+	int ret;
+	unsigned prev;
+	char path[GNUTLS_PATH_MAX];
+	uint8_t hmac[HMAC_SIZE];
+	gnutls_datum_t data;
+
+	ret = get_library_path(lib, sym, path, sizeof(path));
+	if (ret < 0) {
+		_gnutls_debug_log("Could not get lib path for %s: %s\n",
+				  lib, gnutls_strerror(ret));
+		return gnutls_assert_val(ret);
+	}
+
+	if (strncmp(entry->path, path, GNUTLS_PATH_MAX)) {
+		_gnutls_debug_log("Library path for %s does not match with HMAC file\n", lib);
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+	}
+
+	_gnutls_debug_log("Loading: %s\n", path);
+	ret = gnutls_load_file(path, &data);
+	if (ret < 0) {
+		_gnutls_debug_log("Could not load %s: %s\n",
+				  path, gnutls_strerror(ret));
+		return gnutls_assert_val(ret);
+	}
+
+	prev = _gnutls_get_lib_state();
+	_gnutls_switch_lib_state(LIB_STATE_OPERATIONAL);
+	ret = gnutls_hmac_fast(HMAC_ALGO, FIPS_KEY, sizeof(FIPS_KEY)-1,
+			       data.data, data.size, hmac);
+	_gnutls_switch_lib_state(prev);
+
+	gnutls_free(data.data);
+	if (ret < 0) {
+		_gnutls_debug_log("Could not calculate HMAC for %s: %s\n",
+				  path, gnutls_strerror(ret));
+		return gnutls_assert_val(ret);
+	}
+
+	if (gnutls_memcmp(entry->hmac, hmac, HMAC_SIZE)) {
+		_gnutls_debug_log("Calculated MAC for %s does not match\n", path);
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+	}
+	_gnutls_debug_log("Successfully verified MAC for %s\n", path);
+
+	return 0;
+}
+
+static int check_binary_integrity(void)
+{
+	int ret;
+	hmac_file file;
+
+	ret = load_hmac_file(&file);
+	if (ret < 0) {
+		_gnutls_debug_log("Could not load hmac file: %s\n",
+				  gnutls_strerror(ret));
+		return ret;
+	}
+
+	ret = check_lib_hmac(&file.gnutls, GNUTLS_LIBRARY_NAME, "gnutls_global_init");
+	if (ret < 0)
+		return ret;
+	ret = check_lib_hmac(&file.nettle, NETTLE_LIBRARY_NAME, "nettle_aes_set_encrypt_key");
+	if (ret < 0)
+		return ret;
+	ret = check_lib_hmac(&file.hogweed, HOGWEED_LIBRARY_NAME, "nettle_mpz_sizeinbase_256_u");
+	if (ret < 0)
+		return ret;
+	ret = check_lib_hmac(&file.gmp, GMP_LIBRARY_NAME, "__gmpz_init");
+	if (ret < 0)
+		return ret;
+
+	return 0;
+}
+
+int _gnutls_fips_perform_self_checks1(void)
+{
+	int ret;
+
+	/* Tests the FIPS algorithms used by nettle internally.
+	 * In our case we test AES-CBC since nettle's AES is used by
+	 * the DRBG-AES.
+	 */
+
+	/* ciphers - one test per cipher */
+	ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_128_CBC);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	return 0;
+}
+
+int _gnutls_fips_perform_self_checks2(void)
+{
+	int ret;
+
+	/* Tests the FIPS algorithms */
+
+	/* ciphers - one test per cipher */
+	ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_256_CBC);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_256_GCM);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_256_XTS);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_256_CFB8);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	/* Digest tests */
+	ret = gnutls_digest_self_test(0, GNUTLS_DIG_SHA3_224);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	ret = gnutls_digest_self_test(0, GNUTLS_DIG_SHA3_256);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	ret = gnutls_digest_self_test(0, GNUTLS_DIG_SHA3_384);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	ret = gnutls_digest_self_test(0, GNUTLS_DIG_SHA3_512);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	/* MAC (includes message digest test) */
+	ret = gnutls_mac_self_test(0, GNUTLS_MAC_SHA1);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	ret = gnutls_mac_self_test(0, GNUTLS_MAC_SHA224);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	ret = gnutls_mac_self_test(0, GNUTLS_MAC_SHA256);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	ret = gnutls_mac_self_test(0, GNUTLS_MAC_SHA384);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	ret = gnutls_mac_self_test(0, GNUTLS_MAC_SHA512);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	ret = gnutls_mac_self_test(0, GNUTLS_MAC_AES_CMAC_256);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	/* PK */
+	ret = gnutls_pk_self_test(0, GNUTLS_PK_RSA);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	ret = gnutls_pk_self_test(0, GNUTLS_PK_DSA);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	ret = gnutls_pk_self_test(0, GNUTLS_PK_EC);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	ret = gnutls_pk_self_test(0, GNUTLS_PK_DH);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	/* HKDF */
+	ret = gnutls_hkdf_self_test(0, GNUTLS_MAC_SHA256);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	/* PBKDF2 */
+	ret = gnutls_pbkdf2_self_test(0, GNUTLS_MAC_SHA256);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	/* TLS-PRF */
+	ret = gnutls_tlsprf_self_test(0, GNUTLS_MAC_SHA256);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	if (_gnutls_rnd_ops.self_test == NULL) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	/* this does not require rng initialization */
+	ret = _gnutls_rnd_ops.self_test();
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+	}
+
+	if (_skip_integrity_checks == 0) {
+		ret = check_binary_integrity();
+		if (ret < 0) {
+			return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+		}
+	}
+
+	return 0;
+}
+#endif
+
+/**
+ * gnutls_fips140_mode_enabled:
+ *
+ * Checks whether this library is in FIPS140 mode. The returned
+ * value corresponds to the library mode as set with
+ * gnutls_fips140_set_mode().
+ *
+ * If gnutls_fips140_set_mode() was called with %GNUTLS_FIPS140_SET_MODE_THREAD
+ * then this function will return the current thread's FIPS140 mode, otherwise
+ * the global value is returned.
+ *
+ * Returns: return non-zero if true or zero if false.
+ *
+ * Since: 3.3.0
+ **/
+unsigned gnutls_fips140_mode_enabled(void)
+{
+#ifdef ENABLE_FIPS140
+	unsigned ret = _gnutls_fips_mode_enabled();
+
+	if (ret > GNUTLS_FIPS140_DISABLED) {
+		/* If the previous run of selftests has failed, return as if
+		 * the FIPS mode is disabled. We could use HAVE_LIB_ERROR, if
+		 * we can assume that all the selftests run atomically from
+		 * the ELF constructor.
+		 */
+		if (_gnutls_get_lib_state() == LIB_STATE_ERROR)
+			return 0;
+
+		return ret;
+	}
+#endif
+	return 0;
+}
+
+/**
+ * gnutls_fips140_set_mode:
+ * @mode: the FIPS140-2 mode to switch to
+ * @flags: should be zero or %GNUTLS_FIPS140_SET_MODE_THREAD
+ *
+ * That function is not thread-safe when changing the mode with no flags
+ * (globally), and should be called prior to creating any threads. Its
+ * behavior with no flags after threads are created is undefined.
+ *
+ * When the flag %GNUTLS_FIPS140_SET_MODE_THREAD is specified
+ * then this call will change the FIPS140-2 mode for this particular
+ * thread and not for the whole process. That way an application
+ * can utilize this function to set and reset mode for specific
+ * operations.
+ *
+ * This function never fails but will be a no-op if used when
+ * the library is not in FIPS140-2 mode. When asked to switch to unknown
+ * values for @mode or to %GNUTLS_FIPS140_SELFTESTS mode, the library
+ * switches to %GNUTLS_FIPS140_STRICT mode.
+ *
+ * Since: 3.6.2
+ **/
+void gnutls_fips140_set_mode(gnutls_fips_mode_t mode, unsigned flags)
+{
+#ifdef ENABLE_FIPS140
+	gnutls_fips_mode_t prev = _gnutls_fips_mode_enabled();
+	if (prev == GNUTLS_FIPS140_DISABLED || prev == GNUTLS_FIPS140_SELFTESTS) {
+		/* we need to run self-tests first to be in FIPS140-2 mode */
+		_gnutls_audit_log(NULL, "The library should be initialized in FIPS140-2 mode to do that operation\n");
+		return;
+	}
+
+	switch (mode) {
+		case GNUTLS_FIPS140_STRICT:
+		case GNUTLS_FIPS140_LAX:
+		case GNUTLS_FIPS140_LOG:
+		case GNUTLS_FIPS140_DISABLED:
+			break;
+		case GNUTLS_FIPS140_SELFTESTS:
+			_gnutls_audit_log(NULL, "Cannot switch library to FIPS140-2 self-tests mode; defaulting to strict\n");
+			mode = GNUTLS_FIPS140_STRICT;
+			break;
+		default:
+			_gnutls_audit_log(NULL, "Cannot switch library to mode %u; defaulting to strict\n", (unsigned)mode);
+			mode = GNUTLS_FIPS140_STRICT;
+			break;
+	}
+
+	if (flags & GNUTLS_FIPS140_SET_MODE_THREAD)
+		_tfips_mode = mode;
+	else {
+		_global_fips_mode = mode;
+		_tfips_mode = -1;
+	}
+#endif
+}
+
+void _gnutls_lib_simulate_error(void)
+{
+	_gnutls_switch_lib_state(LIB_STATE_ERROR);
+}
+
+void _gnutls_lib_force_operational(void)
+{
+	_gnutls_switch_lib_state(LIB_STATE_OPERATIONAL);
+}
+
+/**
+ * gnutls_fips140_context_init:
+ * @context: location to store @gnutls_fips140_context_t
+ *
+ * Create and initialize the FIPS context object.
+ *
+ * Returns: 0 upon success, a negative error code otherwise
+ *
+ * Since: 3.7.3
+ */
+int
+gnutls_fips140_context_init(gnutls_fips140_context_t *context)
+{
+	*context = gnutls_malloc(sizeof(struct gnutls_fips140_context_st));
+	if (!*context) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+	(*context)->state = GNUTLS_FIPS140_OP_INITIAL;
+	return 0;
+}
+
+/**
+ * gnutls_fips140_context_deinit:
+ * @context: a #gnutls_fips140_context_t
+ *
+ * Uninitialize and release the FIPS context @context.
+ *
+ * Since: 3.7.3
+ */
+void
+gnutls_fips140_context_deinit(gnutls_fips140_context_t context)
+{
+	gnutls_free(context);
+}
+
+/**
+ * gnutls_fips140_get_operation_state:
+ * @context: a #gnutls_fips140_context_t
+ *
+ * Get the previous operation state of @context in terms of FIPS.
+ *
+ * Returns: a #gnutls_fips140_operation_state_t
+ *
+ * Since: 3.7.3
+ */
+gnutls_fips140_operation_state_t
+gnutls_fips140_get_operation_state(gnutls_fips140_context_t context)
+{
+	return context->state;
+}
+
+/**
+ * gnutls_fips140_push_context:
+ * @context: a #gnutls_fips140_context_t
+ *
+ * Associate the FIPS @context to the current thread, diverting the
+ * currently active context. If a cryptographic operation is ongoing
+ * in the current thread, e.g., gnutls_aead_cipher_init() is called
+ * but gnutls_aead_cipher_deinit() is not yet called, it returns an
+ * error %GNUTLS_E_INVALID_REQUEST.
+ *
+ * The operation state of @context will be reset to
+ * %GNUTLS_FIPS140_OP_INITIAL.
+ *
+ * This function is no-op if FIPS140 is not compiled in nor enabled
+ * at run-time.
+ *
+ * Returns: 0 upon success, a negative error code otherwise
+ *
+ * Since: 3.7.3
+ */
+int
+gnutls_fips140_push_context(gnutls_fips140_context_t context)
+{
+#ifdef ENABLE_FIPS140
+	if (_gnutls_fips_mode_enabled() != GNUTLS_FIPS140_DISABLED) {
+		context->next = _tfips_context;
+		_tfips_context = context;
+
+		context->state = GNUTLS_FIPS140_OP_INITIAL;
+	}
+	return 0;
+#else
+	return GNUTLS_E_INVALID_REQUEST;
+#endif
+}
+
+/**
+ * gnutls_fips140_pop_context:
+ *
+ * Dissociate the FIPS context currently
+ * active on the current thread, reverting to the previously active
+ * context. If a cryptographic operation is ongoing in the current
+ * thread, e.g., gnutls_aead_cipher_init() is called but
+ * gnutls_aead_cipher_deinit() is not yet called, it returns an error
+ * %GNUTLS_E_INVALID_REQUEST.
+ *
+ * This function is no-op if FIPS140 is not compiled in nor enabled
+ * at run-time.
+ *
+ * Returns: 0 upon success, a negative error code otherwise
+ *
+ * Since: 3.7.3
+ */
+int
+gnutls_fips140_pop_context(void)
+{
+#ifdef ENABLE_FIPS140
+	if (_gnutls_fips_mode_enabled() != GNUTLS_FIPS140_DISABLED) {
+		if (!_tfips_context) {
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		}
+
+		_tfips_context = _tfips_context->next;
+	}
+	return 0;
+#else
+	return GNUTLS_E_INVALID_REQUEST;
+#endif
+}
+
+#ifdef ENABLE_FIPS140
+
+static inline const char *
+operation_state_to_string(gnutls_fips140_operation_state_t state)
+{
+	switch (state) {
+	case GNUTLS_FIPS140_OP_INITIAL:
+		return "initial";
+	case GNUTLS_FIPS140_OP_APPROVED:
+		return "approved";
+	case GNUTLS_FIPS140_OP_NOT_APPROVED:
+		return "not-approved";
+	case GNUTLS_FIPS140_OP_ERROR:
+		return "error";
+	default:
+		/*NOTREACHED*/
+		assert(0);
+		return NULL;
+	}
+}
+
+void
+_gnutls_switch_fips_state(gnutls_fips140_operation_state_t state)
+{
+	gnutls_fips_mode_t mode = _gnutls_fips_mode_enabled();
+	if (mode == GNUTLS_FIPS140_DISABLED) {
+		return;
+	}
+
+	if (!_tfips_context) {
+		_gnutls_debug_log("FIPS140-2 context is not set\n");
+		return;
+	}
+
+	if (_tfips_context->state == state) {
+		return;
+	}
+
+	switch (_tfips_context->state) {
+	case GNUTLS_FIPS140_OP_INITIAL:
+		/* initial can be transitioned to any state */
+		if (mode != GNUTLS_FIPS140_LAX) {
+			_gnutls_audit_log(NULL, "FIPS140-2 operation mode switched from initial to %s\n",
+					  operation_state_to_string(state));
+		}
+		_tfips_context->state = state;
+		break;
+	case GNUTLS_FIPS140_OP_APPROVED:
+		/* approved can only be transitioned to not-approved */
+		if (likely(state == GNUTLS_FIPS140_OP_NOT_APPROVED)) {
+			if (mode != GNUTLS_FIPS140_LAX) {
+				_gnutls_audit_log(NULL, "FIPS140-2 operation mode switched from approved to %s\n",
+						  operation_state_to_string(state));
+			}
+			_tfips_context->state = state;
+			return;
+		}
+		FALLTHROUGH;
+	default:
+		/* other transitions are prohibited */
+		if (mode != GNUTLS_FIPS140_LAX) {
+			_gnutls_audit_log(NULL, "FIPS140-2 operation mode cannot be switched from %s to %s\n",
+					  operation_state_to_string(_tfips_context->state),
+					  operation_state_to_string(state));
+		}
+		break;
+	}
+}
+
+#else
+
+void
+_gnutls_switch_fips_state(gnutls_fips140_operation_state_t state)
+{
+	(void)state;
+}
+
+#endif
+
+/**
+ * gnutls_fips140_run_self_tests:
+ *
+ * Manually perform the second round of the FIPS140 self-tests,
+ * including:
+ *
+ * - Known answer tests (KAT) for the selected set of symmetric
+ *   cipher, MAC, public key, KDF, and DRBG
+ * - Library integrity checks
+ *
+ * Upon failure with FIPS140 mode enabled, it makes the library
+ * unusable.  This function is not thread-safe.
+ *
+ * Returns: 0 upon success, a negative error code otherwise
+ *
+ * Since: 3.7.7
+ */
+int
+gnutls_fips140_run_self_tests(void)
+{
+#ifdef ENABLE_FIPS140
+	int ret;
+	unsigned prev_lib_state;
+	gnutls_fips140_context_t fips_context = NULL;
+
+	/* Save the FIPS context, because self tests change it */
+	if (gnutls_fips140_mode_enabled() != GNUTLS_FIPS140_DISABLED) {
+		if (gnutls_fips140_context_init(&fips_context) < 0 ||
+		    gnutls_fips140_push_context(fips_context) < 0) {
+			gnutls_fips140_context_deinit(fips_context);
+			fips_context = NULL;
+		}
+	}
+
+	/* Temporarily switch to LIB_STATE_SELFTEST as some of the
+	 * algorithms are implemented using special constructs in
+	 * self-tests (such as deterministic variants) */
+	prev_lib_state = _gnutls_get_lib_state();
+	_gnutls_switch_lib_state(LIB_STATE_SELFTEST);
+
+	ret = _gnutls_fips_perform_self_checks2();
+	if (gnutls_fips140_mode_enabled() != GNUTLS_FIPS140_DISABLED &&
+	    ret < 0) {
+		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+		_gnutls_audit_log(NULL, "FIPS140-2 self testing part 2 failed\n");
+	} else {
+		/* Restore the previous library state */
+		_gnutls_switch_lib_state(prev_lib_state);
+	}
+
+	/* Restore the previous FIPS context */
+	if (gnutls_fips140_mode_enabled() != GNUTLS_FIPS140_DISABLED && fips_context) {
+		if (gnutls_fips140_pop_context() < 0) {
+			_gnutls_switch_lib_state(LIB_STATE_ERROR);
+			_gnutls_audit_log(NULL, "FIPS140-2 context restoration failed\n");
+		}
+		gnutls_fips140_context_deinit(fips_context);
+	}
+	return ret;
+#else
+	return 0;
+#endif
+}
diff --git a/lib/fips.h b/lib/fips.h
new file mode 100644
index 0000000..3a74f25
--- /dev/null
+++ b/lib/fips.h
@@ -0,0 +1,214 @@
+/*
+ * Copyright (C) 2013 Red Hat
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_FIPS_H
+#define GNUTLS_LIB_FIPS_H
+
+#include "gnutls_int.h"
+#include <gnutls/gnutls.h>
+
+#define FIPS140_RND_KEY_SIZE 32
+
+typedef enum {
+  LIB_STATE_POWERON,
+  LIB_STATE_INIT,
+  LIB_STATE_SELFTEST,
+  LIB_STATE_OPERATIONAL,
+  LIB_STATE_ERROR,
+  LIB_STATE_SHUTDOWN
+} gnutls_lib_state_t;
+
+/* do not access directly */
+extern unsigned int _gnutls_lib_state;
+extern gnutls_crypto_rnd_st _gnutls_fips_rnd_ops;
+
+void _gnutls_switch_fips_state(gnutls_fips140_operation_state_t state);
+
+inline static 
+void _gnutls_switch_lib_state(gnutls_lib_state_t state)
+{
+	/* Once into zombie state no errors can change us */
+	_gnutls_lib_state = state;
+}
+
+inline static gnutls_lib_state_t _gnutls_get_lib_state(void)
+{
+	return _gnutls_lib_state;
+}
+
+int _gnutls_fips_perform_self_checks1(void);
+int _gnutls_fips_perform_self_checks2(void);
+void _gnutls_fips_mode_reset_zombie(void);
+
+#ifdef ENABLE_FIPS140
+unsigned _gnutls_fips_mode_enabled(void);
+#else
+# define _gnutls_fips_mode_enabled() 0
+#endif
+
+# define HAVE_LIB_ERROR() unlikely(_gnutls_get_lib_state() != LIB_STATE_OPERATIONAL && _gnutls_get_lib_state() != LIB_STATE_SELFTEST)
+
+# define FAIL_IF_LIB_ERROR \
+	if (HAVE_LIB_ERROR()) return GNUTLS_E_LIB_IN_ERROR_STATE
+
+void _gnutls_switch_lib_state(gnutls_lib_state_t state);
+
+void _gnutls_lib_simulate_error(void);
+void _gnutls_lib_force_operational(void);
+
+inline static bool
+is_mac_algo_approved_in_fips(gnutls_mac_algorithm_t algo)
+{
+	switch (algo) {
+	case GNUTLS_MAC_SHA1:
+	case GNUTLS_MAC_SHA256:
+	case GNUTLS_MAC_SHA384:
+	case GNUTLS_MAC_SHA512:
+	case GNUTLS_MAC_SHA224:
+	case GNUTLS_MAC_SHA3_224:
+	case GNUTLS_MAC_SHA3_256:
+	case GNUTLS_MAC_SHA3_384:
+	case GNUTLS_MAC_SHA3_512:
+	case GNUTLS_MAC_AES_CMAC_128:
+	case GNUTLS_MAC_AES_CMAC_256:
+	case GNUTLS_MAC_AES_GMAC_128:
+	case GNUTLS_MAC_AES_GMAC_192:
+	case GNUTLS_MAC_AES_GMAC_256:
+		return true;
+	default:
+		return false;
+	}
+}
+
+inline static bool
+is_mac_algo_allowed_in_fips(gnutls_mac_algorithm_t algo)
+{
+	return is_mac_algo_approved_in_fips(algo);
+}
+
+inline static bool
+is_cipher_algo_approved_in_fips(gnutls_cipher_algorithm_t algo)
+{
+	switch (algo) {
+	case GNUTLS_CIPHER_AES_128_CBC:
+	case GNUTLS_CIPHER_AES_256_CBC:
+	case GNUTLS_CIPHER_AES_192_CBC:
+	case GNUTLS_CIPHER_AES_128_CCM:
+	case GNUTLS_CIPHER_AES_256_CCM:
+	case GNUTLS_CIPHER_AES_128_CCM_8:
+	case GNUTLS_CIPHER_AES_256_CCM_8:
+	case GNUTLS_CIPHER_AES_128_CFB8:
+	case GNUTLS_CIPHER_AES_192_CFB8:
+	case GNUTLS_CIPHER_AES_256_CFB8:
+	case GNUTLS_CIPHER_AES_128_XTS:
+	case GNUTLS_CIPHER_AES_256_XTS:
+		return true;
+	default:
+		return false;
+	}
+}
+
+inline static bool
+is_cipher_algo_allowed_in_fips(gnutls_cipher_algorithm_t algo)
+{
+	if (is_cipher_algo_approved_in_fips(algo)) {
+		return true;
+	}
+
+	/* GCM is only approved in TLS */
+	switch (algo) {
+	case GNUTLS_CIPHER_AES_128_GCM:
+	case GNUTLS_CIPHER_AES_192_GCM:
+	case GNUTLS_CIPHER_AES_256_GCM:
+		return true;
+	default:
+		return false;
+	}
+}
+
+#ifdef ENABLE_FIPS140
+/* This will test the condition when in FIPS140-2 mode
+ * and return an error if necessary or ignore */
+# define FIPS_RULE(condition, ret_error, ...) { \
+	gnutls_fips_mode_t _mode = _gnutls_fips_mode_enabled(); \
+	if (_mode != GNUTLS_FIPS140_DISABLED) { \
+		if (condition) { \
+			if (_mode == GNUTLS_FIPS140_LOG) { \
+				_gnutls_audit_log(NULL, "fips140-2: allowing "__VA_ARGS__); \
+			} else if (_mode != GNUTLS_FIPS140_LAX) { \
+				_gnutls_debug_log("fips140-2: disallowing "__VA_ARGS__); \
+				return ret_error; \
+			} \
+		} \
+	}}
+
+inline static bool
+is_mac_algo_allowed(gnutls_mac_algorithm_t algo)
+{
+	gnutls_fips_mode_t mode = _gnutls_fips_mode_enabled();
+	if (_gnutls_get_lib_state() != LIB_STATE_SELFTEST &&
+	    !is_mac_algo_allowed_in_fips(algo)) {
+		switch (mode) {
+		case GNUTLS_FIPS140_LOG:
+			_gnutls_audit_log(NULL,
+					  "fips140-2: allowing access to %s\n",
+					  gnutls_mac_get_name(algo));
+			FALLTHROUGH;
+		case GNUTLS_FIPS140_DISABLED:
+		case GNUTLS_FIPS140_LAX:
+			return true;
+		default:
+			return false;
+		}
+	}
+
+	return true;
+}
+
+inline static bool
+is_cipher_algo_allowed(gnutls_cipher_algorithm_t algo)
+{
+	gnutls_fips_mode_t mode = _gnutls_fips_mode_enabled();
+	if (_gnutls_get_lib_state() != LIB_STATE_SELFTEST &&
+	    !is_cipher_algo_allowed_in_fips(algo)) {
+		switch (mode) {
+		case GNUTLS_FIPS140_LOG:
+			_gnutls_audit_log(NULL, "fips140-2: allowing access to %s\n",
+					  gnutls_cipher_get_name(algo));
+			FALLTHROUGH;
+		case GNUTLS_FIPS140_DISABLED:
+		case GNUTLS_FIPS140_LAX:
+			return true;
+		default:
+			return false;
+		}
+	}
+
+	return true;
+}
+#else
+# define is_mac_algo_allowed(x) true
+# define is_cipher_algo_allowed(x) true
+# define FIPS_RULE(condition, ret_error, ...)
+#endif
+
+#endif /* GNUTLS_LIB_FIPS_H */
diff --git a/lib/fipshmac.c b/lib/fipshmac.c
new file mode 100644
index 0000000..b091572
--- /dev/null
+++ b/lib/fipshmac.c
@@ -0,0 +1,168 @@
+/*
+ * Copyright (C) 2020-2022 Red Hat, Inc.
+ *
+ * Authors: Ondrej Moris, Zoltan Fridrich
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "config.h"
+
+#include <gnutls/gnutls.h>
+#include <gnutls/crypto.h>
+#include <dlfcn.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include "dirname.h"
+#include "errors.h"
+
+#define FORMAT_VERSION 1
+#define HMAC_SIZE 32
+#define HMAC_ALGO GNUTLS_MAC_SHA256
+#define HMAC_STR_SIZE (2 * HMAC_SIZE + 1)
+
+static int get_path(const char *lib, const char *symbol, char *path, size_t path_size)
+{
+	int ret;
+	void *dl, *sym;
+	Dl_info info;
+
+	dl = dlopen(lib, RTLD_LAZY);
+	if (dl == NULL)
+		return gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+
+	sym = dlsym(dl, symbol);
+	if (sym == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+		goto cleanup;
+	}
+
+	ret = dladdr(sym, &info);
+	if (ret == 0) {
+		ret = gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+		goto cleanup;
+	}
+
+	ret = snprintf(path, path_size, "%s", info.dli_fname);
+	if ((size_t)ret >= path_size) {
+		ret = gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+		goto cleanup;
+	}
+
+	ret = 0;
+cleanup:
+	dlclose(dl);
+	return ret;
+}
+
+static int get_hmac(const char *path, char *hmac, size_t hmac_size)
+{
+	int ret;
+	size_t size;
+	uint8_t buffer[HMAC_SIZE];
+	gnutls_datum_t hex = { buffer, sizeof(buffer) };
+	gnutls_datum_t data = { NULL, 0 };
+
+	ret = gnutls_load_file(path, &data);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	GNUTLS_FIPS140_SET_LAX_MODE();
+	ret = gnutls_hmac_fast(HMAC_ALGO, FIPS_KEY, sizeof(FIPS_KEY) - 1,
+                               data.data, data.size, buffer);
+	GNUTLS_FIPS140_SET_STRICT_MODE();
+
+	gnutls_free(data.data);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	size = hmac_size;
+	ret = gnutls_hex_encode(&hex, hmac, &size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+static int print_lib_path(const char *path)
+{
+	int ret;
+	char hmac[HMAC_STR_SIZE];
+
+	ret = get_hmac(path, hmac, sizeof(hmac));
+	if (ret < 0) {
+		fprintf(stderr, "Could not calculate HMAC for %s: %s\n",
+                        last_component(path), gnutls_strerror(ret));
+		return ret;
+	}
+
+	printf("[%s]\n", last_component(path));
+	printf("path = %s\n", path);
+	printf("hmac = %s\n", hmac);
+
+	return 0;
+}
+
+static int print_lib_dl(const char *lib, const char *sym)
+{
+	int ret;
+	char path[GNUTLS_PATH_MAX];
+
+	ret = get_path(lib, sym, path, sizeof(path));
+	if (ret < 0) {
+		fprintf(stderr, "Could not get lib path for %s: %s\n",
+                        lib, gnutls_strerror(ret));
+		return ret;
+	}
+
+	return print_lib_path(path);
+}
+
+int main(int argc, char **argv)
+{
+	int ret;
+
+	if (argc != 1 && argc != 2) {
+		fprintf(stderr, "Usage: %s [gnutls_so_path]\n", last_component(argv[0]));
+		return EXIT_FAILURE;
+	}
+
+	printf("[global]\n");
+	printf("format-version = %d\n", FORMAT_VERSION);
+
+	if (argc == 2)
+		ret = print_lib_path(argv[1]);
+	else
+		ret = print_lib_dl(GNUTLS_LIBRARY_SONAME, "gnutls_global_init");
+	if (ret < 0)
+		return EXIT_FAILURE;
+
+	ret = print_lib_dl(NETTLE_LIBRARY_SONAME, "nettle_aes_set_encrypt_key");
+	if (ret < 0)
+		return EXIT_FAILURE;
+	
+	ret = print_lib_dl(HOGWEED_LIBRARY_SONAME, "nettle_mpz_sizeinbase_256_u");
+	if (ret < 0)
+		return EXIT_FAILURE;
+	
+	ret = print_lib_dl(GMP_LIBRARY_SONAME, "__gmpz_init");
+	if (ret < 0)
+		return EXIT_FAILURE;
+
+	return EXIT_SUCCESS;
+}
diff --git a/lib/global.c b/lib/global.c
new file mode 100644
index 0000000..3d59951
--- /dev/null
+++ b/lib/global.c
@@ -0,0 +1,588 @@
+/*
+ * Copyright (C) 2001-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <libtasn1.h>
+#include <dh.h>
+#include <random.h>
+#include <gnutls/pkcs11.h>
+
+#include <hello_ext.h>	/* for _gnutls_hello_ext_init */
+#include <supplemental.h> /* for _gnutls_supplemental_deinit */
+#include <locks.h>
+#include <system.h>
+#include <accelerated/cryptodev.h>
+#include <accelerated/afalg.h>
+#include <accelerated/accelerated.h>
+#include <fips.h>
+#include <atfork.h>
+#include <system-keys.h>
+#include "str.h"
+#include "global.h"
+
+/* Minimum library versions we accept. */
+#define GNUTLS_MIN_LIBTASN1_VERSION "0.3.4"
+
+#ifdef __sun
+# pragma fini(lib_deinit)
+# pragma init(lib_init)
+# define _CONSTRUCTOR
+# define _DESTRUCTOR
+#else
+# define _CONSTRUCTOR __attribute__((constructor))
+# define _DESTRUCTOR __attribute__((destructor))
+#endif
+
+#ifndef _WIN32
+int __attribute__((weak)) _gnutls_global_init_skip(void);
+int _gnutls_global_init_skip(void)
+{
+	return 0;
+}
+#else
+inline static int _gnutls_global_init_skip(void)
+{
+	return 0;
+}
+#endif
+
+/* created by asn1c */
+extern const asn1_static_node gnutls_asn1_tab[];
+extern const asn1_static_node pkix_asn1_tab[];
+
+asn1_node _gnutls_pkix1_asn = NULL;
+asn1_node _gnutls_gnutls_asn = NULL;
+
+gnutls_log_func _gnutls_log_func = NULL;
+gnutls_audit_log_func _gnutls_audit_log_func = NULL;
+int _gnutls_log_level = 0;	/* default log level */
+
+unsigned int _gnutls_global_version = GNUTLS_VERSION_NUMBER;
+
+static int _gnutls_global_init(unsigned constructor);
+static void _gnutls_global_deinit(unsigned destructor);
+
+static void default_log_func(int level, const char* str)
+{
+	fprintf(stderr, "gnutls[%d]: %s", level, str);
+}
+
+/**
+ * gnutls_global_set_log_function:
+ * @log_func: it's a log function
+ *
+ * This is the function where you set the logging function gnutls is
+ * going to use.  This function only accepts a character array.
+ * Normally you may not use this function since it is only used for
+ * debugging purposes.
+ *
+ * @gnutls_log_func is of the form,
+ * void (*gnutls_log_func)( int level, const char*);
+ **/
+void gnutls_global_set_log_function(gnutls_log_func log_func)
+{
+	_gnutls_log_func = log_func;
+}
+
+/**
+ * gnutls_global_set_audit_log_function:
+ * @log_func: it is the audit log function
+ *
+ * This is the function to set the audit logging function. This
+ * is a function to report important issues, such as possible
+ * attacks in the protocol. This is different from gnutls_global_set_log_function()
+ * because it will report also session-specific events. The session
+ * parameter will be null if there is no corresponding TLS session.
+ *
+ * @gnutls_audit_log_func is of the form,
+ * void (*gnutls_audit_log_func)( gnutls_session_t, const char*);
+ *
+ * Since: 3.0
+ **/
+void gnutls_global_set_audit_log_function(gnutls_audit_log_func log_func)
+{
+	_gnutls_audit_log_func = log_func;
+}
+
+/**
+ * gnutls_global_set_time_function:
+ * @time_func: it's the system time function, a gnutls_time_func() callback.
+ *
+ * This is the function where you can override the default system time
+ * function.  The application provided function should behave the same
+ * as the standard function.
+ *
+ * Since: 2.12.0
+ **/
+void gnutls_global_set_time_function(gnutls_time_func time_func)
+{
+	gnutls_time = time_func;
+}
+
+/**
+ * gnutls_global_set_log_level:
+ * @level: it's an integer from 0 to 99.
+ *
+ * This is the function that allows you to set the log level.  The
+ * level is an integer between 0 and 9.  Higher values mean more
+ * verbosity. The default value is 0.  Larger values should only be
+ * used with care, since they may reveal sensitive information.
+ *
+ * Use a log level over 10 to enable all debugging options.
+ **/
+void gnutls_global_set_log_level(int level)
+{
+	_gnutls_log_level = level;
+}
+
+/**
+ * gnutls_global_set_mem_functions:
+ * @alloc_func: it's the default memory allocation function. Like malloc().
+ * @secure_alloc_func: This is the memory allocation function that will be used for sensitive data.
+ * @is_secure_func: a function that returns 0 if the memory given is not secure. May be NULL.
+ * @realloc_func: A realloc function
+ * @free_func: The function that frees allocated data. Must accept a NULL pointer.
+ *
+ * Deprecated: since 3.3.0 it is no longer possible to replace the internally used 
+ *  memory allocation functions
+ *
+ * This is the function where you set the memory allocation functions
+ * gnutls is going to use. By default the libc's allocation functions
+ * (malloc(), free()), are used by gnutls, to allocate both sensitive
+ * and not sensitive data.  This function is provided to set the
+ * memory allocation functions to something other than the defaults
+ *
+ * This function must be called before gnutls_global_init() is called.
+ * This function is not thread safe.
+ **/
+void
+gnutls_global_set_mem_functions(gnutls_alloc_function alloc_func,
+				gnutls_alloc_function secure_alloc_func,
+				gnutls_is_secure_function is_secure_func,
+				gnutls_realloc_function realloc_func,
+				gnutls_free_function free_func)
+{
+	_gnutls_debug_log("called the deprecated gnutls_global_set_mem_functions()\n");
+}
+
+GNUTLS_STATIC_MUTEX(global_init_mutex);
+static int _gnutls_init = 0;
+
+/* cache the return code */
+static int _gnutls_init_ret = 0;
+
+/**
+ * gnutls_global_init:
+ *
+ * Since GnuTLS 3.3.0 this function is no longer necessary to be explicitly
+ * called. To disable the implicit call (in a library constructor) of this
+ * function set the environment variable %GNUTLS_NO_IMPLICIT_INIT to 1.
+ *
+ * This function performs any required precalculations, detects
+ * the supported CPU capabilities and initializes the underlying
+ * cryptographic backend. In order to free any resources 
+ * taken by this call you should gnutls_global_deinit() 
+ * when gnutls usage is no longer needed.
+ *
+ * This function increments a global counter, so that
+ * gnutls_global_deinit() only releases resources when it has been
+ * called as many times as gnutls_global_init().  This is useful when
+ * GnuTLS is used by more than one library in an application.  This
+ * function can be called many times, but will only do something the
+ * first time. It is thread safe since GnuTLS 3.3.0.
+ *
+ * A subsequent call of this function if the initial has failed will
+ * return the same error code.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int gnutls_global_init(void)
+{
+	return _gnutls_global_init(0);
+}
+
+static int _gnutls_global_init(unsigned constructor)
+{
+	int ret = 0, res;
+	int level;
+	const char* e;
+
+	if (!constructor) {
+		ret = gnutls_static_mutex_lock(&global_init_mutex);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	_gnutls_init++;
+	if (_gnutls_init > 1) {
+		ret = _gnutls_init_ret;
+		goto out;
+	}
+
+	_gnutls_switch_lib_state(LIB_STATE_INIT);
+
+	e = secure_getenv("GNUTLS_DEBUG_LEVEL");
+	if (e != NULL) {
+		level = atoi(e);
+		gnutls_global_set_log_level(level);
+		if (_gnutls_log_func == NULL)
+			gnutls_global_set_log_function(default_log_func);
+		_gnutls_debug_log("Enabled GnuTLS "VERSION" logging...\n");
+	}
+
+#ifdef HAVE_DCGETTEXT
+	bindtextdomain(PACKAGE, LOCALEDIR);
+#endif
+
+	res = gnutls_crypto_init();
+	if (res != 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_CRYPTO_INIT_FAILED;
+		goto out;
+	}
+
+	ret = _gnutls_system_key_init();
+	if (ret != 0) {
+		gnutls_assert();
+	}
+
+	/* initialize ASN.1 parser
+	 */
+	if (asn1_check_version(GNUTLS_MIN_LIBTASN1_VERSION) == NULL) {
+		gnutls_assert();
+		_gnutls_debug_log
+		    ("Checking for libtasn1 failed: %s < %s\n",
+		     asn1_check_version(NULL),
+		     GNUTLS_MIN_LIBTASN1_VERSION);
+		ret = GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY;
+		goto out;
+	}
+
+	_gnutls_pkix1_asn = NULL;
+	res = asn1_array2tree(pkix_asn1_tab, &_gnutls_pkix1_asn, NULL);
+	if (res != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(res);
+		goto out;
+	}
+
+	res = asn1_array2tree(gnutls_asn1_tab, &_gnutls_gnutls_asn, NULL);
+	if (res != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(res);
+		goto out;
+	}
+
+	/* Initialize the random generator */
+	ret = _gnutls_rnd_preinit();
+	if (ret < 0) {
+		gnutls_assert();
+		goto out;
+	}
+
+	/* Initialize the default TLS extensions */
+	ret = _gnutls_hello_ext_init();
+	if (ret < 0) {
+		gnutls_assert();
+		goto out;
+	}
+
+	ret = gnutls_system_global_init();
+	if (ret < 0) {
+		gnutls_assert();
+		goto out;
+	}
+
+#ifndef _WIN32
+	ret = _gnutls_register_fork_handler();
+	if (ret < 0) {
+		gnutls_assert();
+		goto out;
+	}
+#endif
+
+#ifdef ENABLE_FIPS140
+	res = _gnutls_fips_mode_enabled();
+	/* res == 1 -> fips140-2 mode enabled
+	 * res == 2 -> only self checks performed - but no failure
+	 * res == not in fips140 mode
+	 */
+	if (res != 0) {
+		_gnutls_debug_log("FIPS140-2 mode: %d\n", res);
+		_gnutls_priority_update_fips();
+
+		/* first round of self checks, these are done on the
+		 * nettle algorithms which are used internally */
+		_gnutls_switch_lib_state(LIB_STATE_SELFTEST);
+		ret = _gnutls_fips_perform_self_checks1();
+		if (ret < 0) {
+			_gnutls_switch_lib_state(LIB_STATE_ERROR);
+			_gnutls_audit_log(NULL, "FIPS140-2 self testing part1 failed\n");
+			if (res != 2) {
+				gnutls_assert();
+				goto out;
+			}
+		}
+	}
+#endif
+
+	_gnutls_register_accel_crypto();
+	_gnutls_cryptodev_init();
+	_gnutls_afalg_init();
+
+#ifdef ENABLE_FIPS140
+	/* These self tests are performed on the overridden algorithms
+	 * (e.g., AESNI overridden AES). They are after _gnutls_register_accel_crypto()
+	 * intentionally */
+	if (res != 0) {
+		_gnutls_switch_lib_state(LIB_STATE_SELFTEST);
+		ret = _gnutls_fips_perform_self_checks2();
+		if (ret < 0) {
+			_gnutls_switch_lib_state(LIB_STATE_ERROR);
+			_gnutls_audit_log(NULL, "FIPS140-2 self testing part 2 failed\n");
+			if (res != 2) {
+				gnutls_assert();
+				goto out;
+			}
+		}
+		_gnutls_fips_mode_reset_zombie();
+	}
+#endif
+	_gnutls_prepare_to_load_system_priorities();
+	_gnutls_switch_lib_state(LIB_STATE_OPERATIONAL);
+	ret = 0;
+
+      out:
+	_gnutls_init_ret = ret;
+	if (!constructor) {
+		(void)gnutls_static_mutex_unlock(&global_init_mutex);
+	}
+	return ret;
+}
+
+static void _gnutls_global_deinit(unsigned destructor)
+{
+	if (!destructor) {
+		if (gnutls_static_mutex_lock(&global_init_mutex) < 0) {
+			return;
+		}
+	}
+
+	if (_gnutls_init == 1) {
+		_gnutls_init = 0;
+		if (_gnutls_init_ret < 0) {
+			/* only deinitialize if gnutls_global_init() has
+			 * succeeded */
+			gnutls_assert();
+			goto fail;
+		}
+
+		_gnutls_system_key_deinit();
+		gnutls_crypto_deinit();
+		_gnutls_rnd_deinit();
+		_gnutls_hello_ext_deinit();
+		asn1_delete_structure(&_gnutls_gnutls_asn);
+		asn1_delete_structure(&_gnutls_pkix1_asn);
+
+		_gnutls_crypto_deregister();
+		gnutls_system_global_deinit();
+		_gnutls_cryptodev_deinit();
+
+		_gnutls_supplemental_deinit();
+		_gnutls_unload_system_priorities();
+
+#ifdef ENABLE_PKCS11
+		/* Do not try to deinitialize the PKCS #11 libraries
+		 * from the destructor. If we do and the PKCS #11 modules
+		 * are already being unloaded, we may crash.
+		 */
+		if (destructor == 0) {
+			gnutls_pkcs11_deinit();
+		}
+#endif
+#ifdef HAVE_TROUSERS
+		_gnutls_tpm_global_deinit();
+#endif
+#ifdef HAVE_TPM2
+		_gnutls_tpm2_deinit();
+#endif
+
+		_gnutls_nss_keylog_deinit();
+	} else {
+		if (_gnutls_init > 0)
+			_gnutls_init--;
+	}
+
+ fail:
+	if (!destructor) {
+		(void)gnutls_static_mutex_unlock(&global_init_mutex);
+	}
+}
+
+/**
+ * gnutls_global_deinit:
+ *
+ * This function deinitializes the global data, that were initialized
+ * using gnutls_global_init().
+ *
+ * Since GnuTLS 3.3.0 this function is no longer necessary to be explicitly
+ * called. GnuTLS will automatically deinitialize on library destructor. See
+ * gnutls_global_init() for disabling the implicit initialization/deinitialization.
+ *
+ **/
+void gnutls_global_deinit(void)
+{
+	_gnutls_global_deinit(0);
+}
+
+/**
+ * gnutls_check_version:
+ * @req_version: version string to compare with, or %NULL.
+ *
+ * Check the GnuTLS Library version against the provided string.
+ * See %GNUTLS_VERSION for a suitable @req_version string.
+ *
+ * See also gnutls_check_version_numeric(), which provides this
+ * functionality as a macro.
+ *
+ * Returns: Check that the version of the library is at
+ *   minimum the one given as a string in @req_version and return the
+ *   actual version string of the library; return %NULL if the
+ *   condition is not met.  If %NULL is passed to this function no
+ *   check is done and only the version string is returned.
+  **/
+const char *gnutls_check_version(const char *req_version)
+{
+	if (!req_version || strverscmp(req_version, VERSION) <= 0)
+		return VERSION;
+
+	return NULL;
+}
+
+static void _CONSTRUCTOR lib_init(void)
+{
+	int ret;
+	const char *e;
+
+	if (_gnutls_global_init_skip() != 0)
+		return;
+
+	e = secure_getenv("GNUTLS_NO_IMPLICIT_INIT");
+	if (e != NULL) {
+		ret = atoi(e);
+		if (ret == 1)
+			return;
+	}
+
+	e = secure_getenv("GNUTLS_NO_EXPLICIT_INIT");
+	if (e != NULL) {
+		_gnutls_debug_log("GNUTLS_NO_EXPLICIT_INIT is deprecated; use GNUTLS_NO_IMPLICIT_INIT\n");
+		ret = atoi(e);
+		if (ret == 1)
+			return;
+	}
+
+	ret = _gnutls_global_init(1);
+	if (ret < 0) {
+		fprintf(stderr, "Error in GnuTLS initialization: %s\n", gnutls_strerror(ret));
+		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+	}
+}
+
+static void _DESTRUCTOR lib_deinit(void)
+{
+	int ret;
+	const char *e;
+
+	if (_gnutls_global_init_skip() != 0)
+		return;
+
+	e = secure_getenv("GNUTLS_NO_IMPLICIT_INIT");
+	if (e != NULL) {
+		ret = atoi(e);
+		if (ret == 1)
+			return;
+	}
+
+	e = secure_getenv("GNUTLS_NO_EXPLICIT_INIT");
+	if (e != NULL) {
+		_gnutls_debug_log("GNUTLS_NO_EXPLICIT_INIT is deprecated; use GNUTLS_NO_IMPLICIT_INIT\n");
+		ret = atoi(e);
+		if (ret == 1)
+			return;
+	}
+
+	_gnutls_global_deinit(1);
+}
+
+static const struct gnutls_library_config_st _gnutls_library_config[] = {
+#ifdef FIPS_MODULE_NAME
+	{ "fips-module-name", FIPS_MODULE_NAME },
+#endif
+#ifdef FIPS_MODULE_VERSION
+	{ "fips-module-version", FIPS_MODULE_VERSION },
+#endif
+	{ "libgnutls-soname", GNUTLS_LIBRARY_SONAME },
+	{ "libnettle-soname", NETTLE_LIBRARY_SONAME },
+	{ "libhogweed-soname", HOGWEED_LIBRARY_SONAME },
+	{ "libgmp-soname", GMP_LIBRARY_SONAME },
+	{ "hardware-features", HW_FEATURES },
+	{ "tls-features", TLS_FEATURES },
+	{ "default-system-config", SYSTEM_PRIORITY_FILE },
+	{ NULL, NULL }
+};
+
+/**
+ * gnutls_get_library_config:
+ *
+ * Returns the library configuration as key value pairs.
+ * Currently defined keys are:
+ *
+ *  - fips-module-name: the name of the FIPS140 module
+ *
+ *  - fips-module-version: the version of the FIPS140 module
+ *
+ *  - libgnutls-soname: the SONAME of the library itself
+ *
+ *  - libnettle-soname: the library SONAME of linked libnettle
+ *
+ *  - libhogweed-soname: the library SONAME of linked libhogweed
+ *
+ *  - libgmp-soname: the library SONAME of linked libgmp
+ *
+ *  - hardware-features: enabled hardware support features
+ *
+ *  - tls-features: enabled TLS protocol features
+ *
+ * Returns: a NUL-terminated %gnutls_library_config_st array
+ *
+ * Since: 3.7.3
+ */
+const gnutls_library_config_st *
+gnutls_get_library_config(void)
+{
+	return _gnutls_library_config;
+}
diff --git a/lib/global.h b/lib/global.h
new file mode 100644
index 0000000..6bd70df
--- /dev/null
+++ b/lib/global.h
@@ -0,0 +1,53 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_GLOBAL_H
+#define GNUTLS_LIB_GLOBAL_H
+
+#include <libtasn1.h>
+#include <gnutls/gnutls.h>
+
+int gnutls_is_secure_memory(const void *mem);
+
+extern asn1_node _gnutls_pkix1_asn;
+extern asn1_node _gnutls_gnutls_asn;
+
+/* removed const from asn1_node* to
+ * prevent warnings, since libtasn1 doesn't
+ * use the const keyword in its functions.
+ */
+#define _gnutls_get_gnutls_asn() ((asn1_node) _gnutls_gnutls_asn)
+#define _gnutls_get_pkix() ((asn1_node) _gnutls_pkix1_asn)
+
+extern gnutls_log_func _gnutls_log_func;
+extern gnutls_audit_log_func _gnutls_audit_log_func;
+extern int _gnutls_log_level;
+extern int gnutls_crypto_init(void);
+extern void gnutls_crypto_deinit(void);
+extern void _gnutls_tpm_global_deinit(void);
+extern void _gnutls_nss_keylog_deinit(void);
+
+extern void _gnutls_prepare_to_load_system_priorities(void);
+extern void _gnutls_unload_system_priorities(void);
+extern bool _gnutls_allowlisting_mode(void);
+
+#endif /* GNUTLS_LIB_GLOBAL_H */
diff --git a/lib/gnutls.asn b/lib/gnutls.asn
new file mode 100644
index 0000000..e1076fe
--- /dev/null
+++ b/lib/gnutls.asn
@@ -0,0 +1,185 @@
+GNUTLS { }
+
+DEFINITIONS EXPLICIT TAGS ::=
+
+BEGIN
+
+-- This file contains parts of PKCS-1 structures and some stuff
+-- required for DSA keys.
+
+RSAPublicKey ::= SEQUENCE {
+        modulus                 INTEGER, -- n
+        publicExponent          INTEGER  -- e 
+}
+
+-- 
+-- Representation of RSA private key with information for the 
+-- CRT algorithm.
+--
+RSAPrivateKey ::= SEQUENCE {
+  version          INTEGER,
+  modulus          INTEGER, -- (Usually large) n
+  publicExponent   INTEGER, -- (Usually small) e
+  privateExponent  INTEGER, -- (Usually large) d
+  prime1           INTEGER, -- (Usually large) p
+  prime2           INTEGER, -- (Usually large) q
+  exponent1        INTEGER, -- (Usually large) d mod (p-1)
+  exponent2        INTEGER, -- (Usually large) d mod (q-1)
+  coefficient      INTEGER, -- (Usually large) (inverse of q) mod p
+  otherPrimeInfos  OtherPrimeInfos OPTIONAL
+}
+
+ProvableSeed ::= SEQUENCE {
+  algorithm OBJECT IDENTIFIER, -- the hash algorithm OID used for FIPS186-4 generation
+  seed OCTET STRING
+}
+
+
+OtherPrimeInfos ::= SEQUENCE SIZE(1..MAX) OF OtherPrimeInfo
+
+OtherPrimeInfo ::= SEQUENCE {
+  prime INTEGER,  -- ri
+  exponent INTEGER, -- di
+  coefficient INTEGER -- ti 
+}
+
+-- for signature calculation
+-- added by nmav
+
+AlgorithmIdentifier ::= SEQUENCE  {
+     algorithm               OBJECT IDENTIFIER,
+     parameters              ANY DEFINED BY algorithm OPTIONAL  
+}
+                                -- contains a value of the type
+                                -- registered for use with the
+                                -- algorithm object identifier value
+
+DigestInfo ::= SEQUENCE {
+     digestAlgorithm DigestAlgorithmIdentifier,
+     digest OCTET STRING
+}
+
+DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+
+DSAPublicKey ::= INTEGER
+
+DSAParameters ::= SEQUENCE {
+        p                   INTEGER,
+        q                   INTEGER,
+        g                   INTEGER
+}
+
+DSASignatureValue ::= SEQUENCE {
+        r                   INTEGER,
+        s                   INTEGER
+}
+
+DSAPrivateKey ::= SEQUENCE {
+  version  INTEGER, -- should be zero
+  p        INTEGER,
+  q        INTEGER,
+  g        INTEGER,
+  Y        INTEGER, -- public
+  priv     INTEGER
+}
+
+-- from PKCS#3
+DHParameter ::= SEQUENCE {
+  prime               INTEGER, -- p
+  base                INTEGER, -- g
+  privateValueLength  INTEGER OPTIONAL 
+}
+
+-- From PKCS #11 3.0
+pkcs-11-ec-Parameters ::= CHOICE {
+  --ecParameters   ECParameters,
+  oId              OBJECT IDENTIFIER,
+  --implicitlyCA   NULL,
+  curveName        PrintableString
+}
+
+-- ECC from RFC5480
+ECParameters ::= CHOICE {
+  namedCurve         OBJECT IDENTIFIER
+}
+
+ECPrivateKey ::= SEQUENCE {
+   Version       INTEGER, -- { ecPrivkeyVer1(1) }
+   privateKey    OCTET STRING,
+   parameters    [0] ECParameters OPTIONAL,
+   publicKey     [1] BIT STRING OPTIONAL
+}
+
+-- Structures used for the PKINIT othername variables
+PrincipalName   ::= SEQUENCE {
+        name-type       [0] INTEGER,
+        name-string     [1] SEQUENCE OF GeneralString
+}
+
+KRB5PrincipalName ::= SEQUENCE {
+	realm                   [0] GeneralString,
+	principalName           [1] PrincipalName
+}
+
+-- from RFC4055
+RSAPSSParameters ::= SEQUENCE {
+	hashAlgorithm		[0] AlgorithmIdentifier OPTIONAL, -- sha1Identifier
+	maskGenAlgorithm	[1] AlgorithmIdentifier OPTIONAL, -- mgf1SHA1Identifier
+	saltLength		[2] INTEGER DEFAULT 20,
+	trailerField		[3] INTEGER DEFAULT 1
+}
+
+-- GOST R 34.10
+GOSTParameters ::= SEQUENCE {
+   publicKeyParamSet  OBJECT IDENTIFIER,
+   digestParamSet     OBJECT IDENTIFIER OPTIONAL
+}
+
+GOSTParametersOld ::= SEQUENCE {
+   publicKeyParamSet  OBJECT IDENTIFIER,
+   digestParamSet     OBJECT IDENTIFIER,
+   encryptionParamSet OBJECT IDENTIFIER OPTIONAL
+}
+
+GOSTPrivateKey ::= OCTET STRING
+GOSTPrivateKeyOld ::= INTEGER
+
+-- GOST x509 Extensions
+IssuerSignTool ::= SEQUENCE {
+	signTool	UTF8String, -- (SIZE (1..200))
+	cATool		UTF8String, -- (SIZE (1..200))
+	signToolCert	UTF8String, -- (SIZE (1..100))
+	cAToolCert	UTF8String  -- (SIZE (1..100))
+}
+
+Gost28147-89-EncryptedKey ::= SEQUENCE {
+	encryptedKey		OCTET STRING, -- (SIZE (32))
+	maskKey			[0] IMPLICIT OCTET STRING OPTIONAL,
+	macKey			OCTET STRING -- (SIZE (1..4))
+}
+
+SubjectPublicKeyInfo ::= SEQUENCE {
+	algorithm		AlgorithmIdentifier,
+	subjectPublicKey	BIT STRING
+}
+
+GostR3410-TransportParameters ::= SEQUENCE {
+	encryptionParamSet	OBJECT IDENTIFIER,
+	ephemeralPublicKey	[0] IMPLICIT SubjectPublicKeyInfo OPTIONAL,
+	ukm			OCTET STRING
+}
+
+GostR3410-KeyTransport ::= SEQUENCE {
+	sessionEncryptedKey	Gost28147-89-EncryptedKey,
+	transportParameters	[0] IMPLICIT GostR3410-TransportParameters OPTIONAL
+}
+
+TPMKey ::= SEQUENCE {
+    type            OBJECT IDENTIFIER,
+    emptyAuth       [0] EXPLICIT BOOLEAN OPTIONAL,
+    parent          INTEGER,
+    pubkey          OCTET STRING,
+    privkey         OCTET STRING
+}
+
+END
diff --git a/lib/gnutls.pc.in b/lib/gnutls.pc.in
new file mode 100644
index 0000000..eeb957c
--- /dev/null
+++ b/lib/gnutls.pc.in
@@ -0,0 +1,24 @@
+# Process this file with autoconf to produce a pkg-config metadata file.
+
+# Copyright (C) 2004-2012 Free Software Foundation, Inc.
+
+# Copying and distribution of this file, with or without modification,
+# are permitted in any medium without royalty provided the copyright
+# notice and this notice are preserved.  This file is offered as-is,
+# without any warranty.
+
+# Author: Simon Josefsson
+
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: GnuTLS
+Description: Transport Security Layer implementation for the GNU system
+URL: https://www.gnutls.org/
+Version: @VERSION@
+Libs: -L${libdir} -lgnutls
+Libs.private: @LIBZ_PC@ @LIBINTL@ @LIBSOCKET@ @INET_PTON_LIB@ @LIBPTHREAD@ @LIB_SELECT@ @TSS_LIBS@ @GMP_LIBS@ @LIBUNISTRING@ @LIBATOMIC_LIBS@ @GNUTLS_LIBS_PRIVATE@
+@GNUTLS_REQUIRES_PRIVATE@
+Cflags: -I${includedir}
diff --git a/lib/gnutls_asn1_tab.c b/lib/gnutls_asn1_tab.c
new file mode 100644
index 0000000..fdf8472
--- /dev/null
+++ b/lib/gnutls_asn1_tab.c
@@ -0,0 +1,134 @@
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <libtasn1.h>
+
+const asn1_static_node gnutls_asn1_tab[] = {
+  { "GNUTLS", 536872976, NULL },
+  { NULL, 1073741836, NULL },
+  { "RSAPublicKey", 1610612741, NULL },
+  { "modulus", 1073741827, NULL },
+  { "publicExponent", 3, NULL },
+  { "RSAPrivateKey", 1610612741, NULL },
+  { "version", 1073741827, NULL },
+  { "modulus", 1073741827, NULL },
+  { "publicExponent", 1073741827, NULL },
+  { "privateExponent", 1073741827, NULL },
+  { "prime1", 1073741827, NULL },
+  { "prime2", 1073741827, NULL },
+  { "exponent1", 1073741827, NULL },
+  { "exponent2", 1073741827, NULL },
+  { "coefficient", 1073741827, NULL },
+  { "otherPrimeInfos", 16386, "OtherPrimeInfos"},
+  { "ProvableSeed", 1610612741, NULL },
+  { "algorithm", 1073741836, NULL },
+  { "seed", 7, NULL },
+  { "OtherPrimeInfos", 1612709899, NULL },
+  { "MAX", 1074266122, "1"},
+  { NULL, 2, "OtherPrimeInfo"},
+  { "OtherPrimeInfo", 1610612741, NULL },
+  { "prime", 1073741827, NULL },
+  { "exponent", 1073741827, NULL },
+  { "coefficient", 3, NULL },
+  { "AlgorithmIdentifier", 1610612741, NULL },
+  { "algorithm", 1073741836, NULL },
+  { "parameters", 541081613, NULL },
+  { "algorithm", 1, NULL },
+  { "DigestInfo", 1610612741, NULL },
+  { "digestAlgorithm", 1073741826, "DigestAlgorithmIdentifier"},
+  { "digest", 7, NULL },
+  { "DigestAlgorithmIdentifier", 1073741826, "AlgorithmIdentifier"},
+  { "DSAPublicKey", 1073741827, NULL },
+  { "DSAParameters", 1610612741, NULL },
+  { "p", 1073741827, NULL },
+  { "q", 1073741827, NULL },
+  { "g", 3, NULL },
+  { "DSASignatureValue", 1610612741, NULL },
+  { "r", 1073741827, NULL },
+  { "s", 3, NULL },
+  { "DSAPrivateKey", 1610612741, NULL },
+  { "version", 1073741827, NULL },
+  { "p", 1073741827, NULL },
+  { "q", 1073741827, NULL },
+  { "g", 1073741827, NULL },
+  { "Y", 1073741827, NULL },
+  { "priv", 3, NULL },
+  { "DHParameter", 1610612741, NULL },
+  { "prime", 1073741827, NULL },
+  { "base", 1073741827, NULL },
+  { "privateValueLength", 16387, NULL },
+  { "pkcs-11-ec-Parameters", 1610612754, NULL },
+  { "oId", 1073741836, NULL },
+  { "curveName", 31, NULL },
+  { "ECParameters", 1610612754, NULL },
+  { "namedCurve", 12, NULL },
+  { "ECPrivateKey", 1610612741, NULL },
+  { "Version", 1073741827, NULL },
+  { "privateKey", 1073741831, NULL },
+  { "parameters", 1610637314, "ECParameters"},
+  { NULL, 2056, "0"},
+  { "publicKey", 536895494, NULL },
+  { NULL, 2056, "1"},
+  { "PrincipalName", 1610612741, NULL },
+  { "name-type", 1610620931, NULL },
+  { NULL, 2056, "0"},
+  { "name-string", 536879115, NULL },
+  { NULL, 1073743880, "1"},
+  { NULL, 27, NULL },
+  { "KRB5PrincipalName", 1610612741, NULL },
+  { "realm", 1610620955, NULL },
+  { NULL, 2056, "0"},
+  { "principalName", 536879106, "PrincipalName"},
+  { NULL, 2056, "1"},
+  { "RSAPSSParameters", 1610612741, NULL },
+  { "hashAlgorithm", 1610637314, "AlgorithmIdentifier"},
+  { NULL, 2056, "0"},
+  { "maskGenAlgorithm", 1610637314, "AlgorithmIdentifier"},
+  { NULL, 2056, "1"},
+  { "saltLength", 1610653699, NULL },
+  { NULL, 1073741833, "20"},
+  { NULL, 2056, "2"},
+  { "trailerField", 536911875, NULL },
+  { NULL, 1073741833, "1"},
+  { NULL, 2056, "3"},
+  { "GOSTParameters", 1610612741, NULL },
+  { "publicKeyParamSet", 1073741836, NULL },
+  { "digestParamSet", 16396, NULL },
+  { "GOSTParametersOld", 1610612741, NULL },
+  { "publicKeyParamSet", 1073741836, NULL },
+  { "digestParamSet", 1073741836, NULL },
+  { "encryptionParamSet", 16396, NULL },
+  { "GOSTPrivateKey", 1073741831, NULL },
+  { "GOSTPrivateKeyOld", 1073741827, NULL },
+  { "IssuerSignTool", 1610612741, NULL },
+  { "signTool", 1073741858, NULL },
+  { "cATool", 1073741858, NULL },
+  { "signToolCert", 1073741858, NULL },
+  { "cAToolCert", 34, NULL },
+  { "Gost28147-89-EncryptedKey", 1610612741, NULL },
+  { "encryptedKey", 1073741831, NULL },
+  { "maskKey", 1610637319, NULL },
+  { NULL, 4104, "0"},
+  { "macKey", 7, NULL },
+  { "SubjectPublicKeyInfo", 1610612741, NULL },
+  { "algorithm", 1073741826, "AlgorithmIdentifier"},
+  { "subjectPublicKey", 6, NULL },
+  { "GostR3410-TransportParameters", 1610612741, NULL },
+  { "encryptionParamSet", 1073741836, NULL },
+  { "ephemeralPublicKey", 1610637314, "SubjectPublicKeyInfo"},
+  { NULL, 4104, "0"},
+  { "ukm", 7, NULL },
+  { "GostR3410-KeyTransport", 1610612741, NULL },
+  { "sessionEncryptedKey", 1073741826, "Gost28147-89-EncryptedKey"},
+  { "transportParameters", 536895490, "GostR3410-TransportParameters"},
+  { NULL, 4104, "0"},
+  { "TPMKey", 536870917, NULL },
+  { "type", 1073741836, NULL },
+  { "emptyAuth", 1610637316, NULL },
+  { NULL, 2056, "0"},
+  { "parent", 1073741827, NULL },
+  { "pubkey", 1073741831, NULL },
+  { "privkey", 7, NULL },
+  { NULL, 0, NULL }
+};
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
new file mode 100644
index 0000000..8daad77
--- /dev/null
+++ b/lib/gnutls_int.h
@@ -0,0 +1,1660 @@
+/*
+ * Copyright (C) 2000-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_GNUTLS_INT_H
+#define GNUTLS_LIB_GNUTLS_INT_H
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stddef.h>
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <ctype.h>
+#include <limits.h>
+#include <stdint.h>
+#include <stdbool.h>
+#include <assert.h>
+
+#ifdef NO_SSIZE_T
+#define HAVE_SSIZE_T
+typedef int ssize_t;
+#endif
+
+#include <sys/types.h>
+#include <unistd.h>
+#include <sys/stat.h>
+#if HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#elif HAVE_WS2TCPIP_H
+#include <ws2tcpip.h>
+#endif
+#include <time.h>
+
+#include "attribute.h"
+
+#define ENABLE_ALIGN16
+
+#ifdef __clang_major
+# define _GNUTLS_CLANG_VERSION (__clang_major__ * 10000 + __clang_minor__ * 100 + __clang_patchlevel__)
+#else
+# define _GNUTLS_CLANG_VERSION 0
+#endif
+
+/* clang also defines __GNUC__. It promotes a GCC version of 4.2.1. */
+#ifdef __GNUC__
+# define _GNUTLS_GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__)
+#endif
+
+#if _GNUTLS_GCC_VERSION >= 30100
+# define likely(x)      __builtin_expect((x), 1)
+# define unlikely(x)    __builtin_expect((x), 0)
+#else
+# define likely
+# define unlikely
+#endif
+
+#include <gnutls/gnutls.h>
+#include <gnutls/dtls.h>
+#include <gnutls/abstract.h>
+#include <gnutls/socket.h>
+#include <system.h>
+
+/* in case we compile with system headers taking priority, we
+ * make sure that some new attributes are still available.
+ */
+#ifndef __GNUTLS_CONST__
+# define __GNUTLS_CONST__
+#endif
+
+/* The size of a handshake message should not
+ * be larger than this value.
+ */
+#define MAX_HANDSHAKE_PACKET_SIZE 128*1024
+
+#define GNUTLS_DEF_SESSION_ID_SIZE 32
+
+/* The maximum digest size of hash algorithms.
+ */
+#define MAX_FILENAME 512
+#define MAX_HASH_SIZE 64
+
+#define MAX_MAC_KEY_SIZE 64
+
+#define MAX_CIPHER_BLOCK_SIZE 64 /* CHACHA20 */
+#define MAX_CIPHER_KEY_SIZE 32
+
+#define MAX_CIPHER_IV_SIZE 16
+
+/* Maximum size of 2^16-1 has been chosen so that usernames can hold
+ * PSK identities as defined in RFC 4279 section 2 and RFC 8446 section 4.2.11
+ */
+#define MAX_USERNAME_SIZE 65535
+#define MAX_SERVER_NAME_SIZE 256
+
+#define AEAD_EXPLICIT_DATA_SIZE 8
+#define AEAD_IMPLICIT_DATA_SIZE 4
+
+#define GNUTLS_MASTER_SIZE 48
+#define GNUTLS_RANDOM_SIZE 32
+
+/* Under TLS1.3 a hello retry request is sent as server hello */
+#define REAL_HSK_TYPE(t) ((t)==GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST?GNUTLS_HANDSHAKE_SERVER_HELLO:t)
+
+/* DTLS */
+#define DTLS_RETRANS_TIMEOUT 1000
+
+/* TLS Extensions */
+/* we can receive up to MAX_EXT_TYPES extensions.
+ */
+#define MAX_EXT_TYPES 64
+
+/* TLS-internal extension (will be parsed after a ciphersuite is selected).
+ * This amends the gnutls_ext_parse_type_t. Not exported yet to allow more refining
+ * prior to finalizing an API. */
+#define _GNUTLS_EXT_TLS_POST_CS 177
+
+/* expire time for resuming sessions */
+#define DEFAULT_EXPIRE_TIME 21600
+#define STEK_ROTATION_PERIOD_PRODUCT 3
+#define DEFAULT_HANDSHAKE_TIMEOUT_MS 40*1000
+
+/* The EC group to be used when the extension
+ * supported groups/curves is not present */
+#define DEFAULT_EC_GROUP GNUTLS_GROUP_SECP256R1
+
+typedef enum transport_t {
+	GNUTLS_STREAM,
+	GNUTLS_DGRAM
+} transport_t;
+
+/* The TLS 1.3 stage of handshake */
+typedef enum hs_stage_t {
+	STAGE_HS,
+	STAGE_APP,
+	STAGE_UPD_OURS,
+	STAGE_UPD_PEERS,
+	STAGE_EARLY
+} hs_stage_t;
+
+typedef enum record_send_state_t {
+	RECORD_SEND_NORMAL = 0,
+	RECORD_SEND_CORKED, /* corked and transition to NORMAL afterwards */
+	RECORD_SEND_CORKED_TO_KU, /* corked but must transition to RECORD_SEND_KEY_UPDATE_1 */
+	RECORD_SEND_KEY_UPDATE_1,
+	RECORD_SEND_KEY_UPDATE_2,
+	RECORD_SEND_KEY_UPDATE_3
+} record_send_state_t;
+
+/* The mode check occurs a lot throughout GnuTLS and can be replaced by
+ * the following shorter macro. Also easier to update one macro
+ * in the future when the internal structure changes than all the conditionals
+ * itself.
+ */
+#define IS_SERVER(session) (session->security_parameters.entity == GNUTLS_SERVER)
+
+/* To check whether we have a DTLS session */
+#define IS_DTLS(session) (session->internals.transport == GNUTLS_DGRAM)
+
+/* To check whether we have a KTLS enabled */
+#define IS_KTLS_ENABLED(session, interface) (session->internals.ktls_enabled & interface)
+
+/* the maximum size of encrypted packets */
+#define DEFAULT_MAX_RECORD_SIZE 16384
+#define DEFAULT_MAX_EARLY_DATA_SIZE 16384
+#define TLS_RECORD_HEADER_SIZE 5
+#define DTLS_RECORD_HEADER_SIZE (TLS_RECORD_HEADER_SIZE+8)
+#define RECORD_HEADER_SIZE(session) (IS_DTLS(session) ? DTLS_RECORD_HEADER_SIZE : TLS_RECORD_HEADER_SIZE)
+#define MAX_RECORD_HEADER_SIZE DTLS_RECORD_HEADER_SIZE
+
+#define MIN_RECORD_SIZE 512
+#define MIN_RECORD_SIZE_SMALL 64
+
+/* The following macro is used to calculate the overhead when sending.
+ * when receiving we use a different way as there are implementations that
+ * store more data than allowed.
+ */
+#define MAX_RECORD_SEND_OVERHEAD(session) (MAX_CIPHER_BLOCK_SIZE/*iv*/+MAX_PAD_SIZE+MAX_HASH_SIZE/*MAC*/)
+#define MAX_RECORD_SEND_SIZE(session) (IS_DTLS(session)? \
+	(MIN((size_t)gnutls_dtls_get_mtu(session), (size_t)session->security_parameters.max_record_send_size+MAX_RECORD_SEND_OVERHEAD(session))): \
+	((size_t)session->security_parameters.max_record_send_size+MAX_RECORD_SEND_OVERHEAD(session)))
+#define MAX_PAD_SIZE 255
+#define EXTRA_COMP_SIZE 2048
+
+#define TLS_HANDSHAKE_HEADER_SIZE 4
+#define DTLS_HANDSHAKE_HEADER_SIZE (TLS_HANDSHAKE_HEADER_SIZE+8)
+#define HANDSHAKE_HEADER_SIZE(session) (IS_DTLS(session) ? DTLS_HANDSHAKE_HEADER_SIZE : TLS_HANDSHAKE_HEADER_SIZE)
+#define MAX_HANDSHAKE_HEADER_SIZE DTLS_HANDSHAKE_HEADER_SIZE
+
+/* Maximum seed size for provable parameters */
+#define MAX_PVP_SEED_SIZE 256
+
+/* This is the maximum handshake message size we send without
+   fragmentation. This currently ignores record layer overhead. */
+#define DTLS_DEFAULT_MTU 1200
+
+/* the maximum size of the DTLS cookie */
+#define DTLS_MAX_COOKIE_SIZE 32
+
+/* The maximum number of HELLO_VERIFY_REQUEST messages the client
+   processes before aborting. */
+#define MAX_HANDSHAKE_HELLO_VERIFY_REQUESTS 5
+
+#define MAX_PK_PARAM_SIZE 2048
+
+/* defaults for verification functions
+ */
+#define DEFAULT_MAX_VERIFY_DEPTH 16
+#define DEFAULT_MAX_VERIFY_BITS (MAX_PK_PARAM_SIZE*8)
+#define MAX_VERIFY_DEPTH 4096
+
+#include <mem.h>
+
+#define MEMSUB(x,y) ((ssize_t)((ptrdiff_t)x-(ptrdiff_t)y))
+
+#define DECR_LEN(len, x) DECR_LENGTH_RET(len, x, GNUTLS_E_UNEXPECTED_PACKET_LENGTH)
+#define DECR_LEN_FINAL(len, x) do { \
+	if (len != x) \
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); \
+	else \
+		len = 0; \
+	} while (0)
+#define DECR_LENGTH_RET(len, x, RET) DECR_LENGTH_COM(len, x, return RET)
+#define DECR_LENGTH_COM(len, x, COM) do { if (len<x) {gnutls_assert(); COM;} else len-=x; } while (0)
+
+#define GNUTLS_POINTER_TO_INT(_) ((int) GNUTLS_POINTER_TO_INT_CAST (_))
+#define GNUTLS_INT_TO_POINTER(_) ((void*) GNUTLS_POINTER_TO_INT_CAST (_))
+
+#define GNUTLS_KX_INVALID (-1)
+
+#include <mpi.h>
+
+typedef enum handshake_state_t { STATE0 = 0, STATE1, STATE2,
+	STATE3, STATE4, STATE5, STATE6, STATE7, STATE8,
+	STATE9, STATE10, STATE11, STATE12, STATE13, STATE14,
+	STATE15, STATE16, STATE17, STATE18, STATE19,
+	STATE20 = 20, STATE21, STATE22,
+	STATE30 = 30, STATE31, STATE40 = 40, STATE41, STATE50 = 50,
+	STATE90=90, STATE91, STATE92, STATE93, STATE94, STATE99=99,
+	STATE100=100, STATE101, STATE102, STATE103, STATE104,
+	STATE105, STATE106, STATE107, STATE108, STATE109, STATE110,
+	STATE111, STATE112, STATE113, STATE114, STATE115,
+	STATE150 /* key update */
+} handshake_state_t;
+
+typedef enum bye_state_t {
+	BYE_STATE0 = 0, BYE_STATE1, BYE_STATE2
+} bye_state_t;
+
+typedef enum send_ticket_state_t {
+	TICKET_STATE0 = 0, TICKET_STATE1
+} send_ticket_state_t;
+
+typedef enum reauth_state_t {
+	REAUTH_STATE0 = 0, REAUTH_STATE1, REAUTH_STATE2, REAUTH_STATE3,
+	REAUTH_STATE4, REAUTH_STATE5
+} reauth_state_t;
+
+#define TICKET_STATE session->internals.ticket_state
+#define BYE_STATE session->internals.bye_state
+#define REAUTH_STATE session->internals.reauth_state
+
+typedef enum heartbeat_state_t {
+	SHB_SEND1 = 0,
+	SHB_SEND2,
+	SHB_RECV
+} heartbeat_state_t;
+
+typedef enum recv_state_t {
+	RECV_STATE_0 = 0,
+	RECV_STATE_DTLS_RETRANSMIT,
+	/* client-side false start state */
+	RECV_STATE_FALSE_START_HANDLING, /* we are calling gnutls_handshake() within record_recv() */
+	RECV_STATE_FALSE_START, /* gnutls_record_recv() should complete the handshake */
+	/* async handshake msg state */
+	RECV_STATE_ASYNC_HANDSHAKE, /* an incomplete async handshake message was seen */
+	/* server-side early start under TLS1.3; enabled when no client cert is received */
+	RECV_STATE_EARLY_START_HANDLING, /* we are calling gnutls_handshake() within record_recv() */
+	RECV_STATE_EARLY_START, /* gnutls_record_recv() should complete the handshake */
+	RECV_STATE_REHANDSHAKE, /* gnutls_record_recv() should complete any incoming re-handshake requests */
+	RECV_STATE_REAUTH /* gnutls_record_recv() should complete any incoming reauthentication requests */
+} recv_state_t;
+
+#include "str.h"
+
+/* This is the maximum number of algorithms (ciphers or macs etc).
+ * keep it synced with GNUTLS_MAX_ALGORITHM_NUM in gnutls.h
+ */
+#define MAX_ALGOS GNUTLS_MAX_ALGORITHM_NUM
+
+/* IDs are allocated in a way that all values fit in 64-bit integer as (1<<val) */
+typedef enum extensions_t {
+	GNUTLS_EXTENSION_INVALID = 0xffff,
+	GNUTLS_EXTENSION_STATUS_REQUEST = 0,
+	GNUTLS_EXTENSION_CERT_TYPE,
+	GNUTLS_EXTENSION_CLIENT_CERT_TYPE,
+	GNUTLS_EXTENSION_SERVER_CERT_TYPE,
+	GNUTLS_EXTENSION_SUPPORTED_GROUPS,
+	GNUTLS_EXTENSION_SUPPORTED_EC_POINT_FORMATS,
+	GNUTLS_EXTENSION_SRP,
+	GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS,
+	GNUTLS_EXTENSION_SRTP,
+	GNUTLS_EXTENSION_HEARTBEAT,
+	GNUTLS_EXTENSION_ALPN,
+	GNUTLS_EXTENSION_ETM,
+	GNUTLS_EXTENSION_EXT_MASTER_SECRET,
+	GNUTLS_EXTENSION_SESSION_TICKET,
+	GNUTLS_EXTENSION_KEY_SHARE,
+	GNUTLS_EXTENSION_SUPPORTED_VERSIONS,
+	GNUTLS_EXTENSION_POST_HANDSHAKE,
+	GNUTLS_EXTENSION_SAFE_RENEGOTIATION,
+	GNUTLS_EXTENSION_SERVER_NAME,
+	GNUTLS_EXTENSION_COOKIE,
+	GNUTLS_EXTENSION_EARLY_DATA,
+	GNUTLS_EXTENSION_PSK_KE_MODES,
+	GNUTLS_EXTENSION_RECORD_SIZE_LIMIT,
+	GNUTLS_EXTENSION_MAX_RECORD_SIZE,
+	GNUTLS_EXTENSION_COMPRESS_CERTIFICATE,
+	/*
+	 * pre_shared_key and dumbfw must always be the last extensions,
+	 * in that order */
+	GNUTLS_EXTENSION_DUMBFW,
+	GNUTLS_EXTENSION_PRE_SHARED_KEY,
+	GNUTLS_EXTENSION_MAX /* not real extension - used for iterators */
+} extensions_t;
+
+#define GNUTLS_EXTENSION_MAX_VALUE 63
+#define ext_track_t uint64_t
+
+#include <verify.h>
+
+verify(GNUTLS_EXTENSION_MAX < GNUTLS_EXTENSION_MAX_VALUE);
+verify(GNUTLS_EXTENSION_MAX < MAX_EXT_TYPES);
+
+/* we must provide at least 16 extensions for users to register;
+ * increase GNUTLS_EXTENSION_MAX_VALUE, MAX_EXT_TYPES and used_exts
+ * type if this fails
+ */
+verify(GNUTLS_EXTENSION_MAX_VALUE - GNUTLS_EXTENSION_MAX >= 16);
+
+/* The 'verify' symbol from <verify.h> is used extensively in the
+ * code; undef it to avoid clash
+ */
+#undef verify
+
+typedef enum { CIPHER_STREAM, CIPHER_BLOCK, CIPHER_AEAD } cipher_type_t;
+
+/* Record Protocol */
+typedef enum content_type_t {
+	GNUTLS_CHANGE_CIPHER_SPEC = 20, GNUTLS_ALERT,
+	GNUTLS_HANDSHAKE, GNUTLS_APPLICATION_DATA,
+	GNUTLS_HEARTBEAT
+} content_type_t;
+
+
+#define GNUTLS_PK_ANY (gnutls_pk_algorithm_t)-1
+#define GNUTLS_PK_NONE (gnutls_pk_algorithm_t)-2
+
+#define GNUTLS_PK_IS_RSA(pk) ((pk) == GNUTLS_PK_RSA || (pk) == GNUTLS_PK_RSA_PSS)
+
+/* Message buffers (mbuffers) structures */
+
+/* this is actually the maximum number of distinct handshake
+ * messages that can arrive in a single flight
+ */
+#define MAX_HANDSHAKE_MSGS 6
+typedef struct {
+	/* Handshake layer type and sequence of message */
+	gnutls_handshake_description_t htype;
+
+	/* The "real" type received; that is, it does not distinguish
+	 * HRR from server hello, while htype does */
+	gnutls_handshake_description_t rtype;
+	uint32_t length;
+
+	/* valid in DTLS */
+	uint16_t sequence;
+
+	/* indicate whether that message is complete.
+	 * complete means start_offset == 0 and end_offset == length
+	 */
+	uint32_t start_offset;
+	uint32_t end_offset;
+
+	uint8_t header[MAX_HANDSHAKE_HEADER_SIZE];
+	int header_size;
+
+	gnutls_buffer_st data;
+} handshake_buffer_st;
+
+typedef struct mbuffer_st {
+	/* when used in mbuffer_head_st */
+	struct mbuffer_st *next;
+	struct mbuffer_st *prev;
+
+	/* msg->size - mark = number of bytes left to process in this
+	   message. Mark should only be non-zero when this buffer is the
+	   head of the queue. */
+	size_t mark;
+
+
+	/* the data */
+	gnutls_datum_t msg;
+	size_t maximum_size;
+
+	/* used during fill in, to separate header from data
+	 * body. */
+	unsigned int uhead_mark;
+
+	/* Filled in by record layer on recv:
+	 * type, record_sequence
+	 */
+
+	/* record layer content type */
+	content_type_t type;
+
+	/* record layer sequence */
+	uint64_t record_sequence;
+
+	/* Filled in by handshake layer on send:
+	 * type, epoch, htype, handshake_sequence
+	 */
+
+	/* Record layer epoch of message */
+	uint16_t epoch;
+
+	/* Handshake layer type and sequence of message */
+	gnutls_handshake_description_t htype;
+	uint16_t handshake_sequence;
+} mbuffer_st;
+
+typedef struct mbuffer_head_st {
+	mbuffer_st *head;
+	mbuffer_st *tail;
+
+	unsigned int length;
+	size_t byte_length;
+} mbuffer_head_st;
+
+/* Store & Retrieve functions defines:
+ */
+
+typedef struct auth_cred_st {
+	gnutls_credentials_type_t algorithm;
+
+	/* the type of credentials depends on algorithm
+	 */
+	void *credentials;
+	struct auth_cred_st *next;
+} auth_cred_st;
+
+/* session ticket definitions */
+#define TICKET_MASTER_KEY_SIZE (TICKET_KEY_NAME_SIZE+TICKET_CIPHER_KEY_SIZE+TICKET_MAC_SECRET_SIZE)
+#define TICKET_KEY_NAME_SIZE 16
+#define TICKET_CIPHER_KEY_SIZE 32
+#define TICKET_MAC_SECRET_SIZE 16
+
+/* These are restricted by TICKET_CIPHER_KEY_SIZE and TICKET_MAC_SECRET_SIZE */
+#define TICKET_CIPHER GNUTLS_CIPHER_AES_256_CBC
+#define TICKET_IV_SIZE 16
+#define TICKET_BLOCK_SIZE 16
+
+#define TICKET_MAC_ALGO GNUTLS_MAC_SHA1
+#define TICKET_MAC_SIZE 20 /* HMAC-SHA1 */
+
+struct ticket_st {
+	uint8_t key_name[TICKET_KEY_NAME_SIZE];
+	uint8_t IV[TICKET_IV_SIZE];
+	uint8_t *encrypted_state;
+	uint16_t encrypted_state_len;
+	uint8_t mac[TICKET_MAC_SIZE];
+};
+
+struct binder_data_st {
+	const struct mac_entry_st *prf; /* non-null if this struct is set */
+	gnutls_datum_t psk;
+
+	/* 0-based index of the selected PSK.
+	 * This only applies if the HSK_PSK_SELECTED flag is set in internals.hsk_flags,
+	 * which signals a PSK has indeed been selected. */
+	uint8_t idx;
+	uint8_t resumption; /* whether it is a resumption binder */
+};
+
+typedef void (* gnutls_stek_rotation_callback_t) (const gnutls_datum_t *prev_key,
+						const gnutls_datum_t *new_key,
+						uint64_t t);
+
+struct gnutls_key_st {
+	struct { /* These are kept outside the TLS1.3 union as they are
+	          * negotiated via extension, even before protocol is negotiated */
+		gnutls_pk_params_st ecdh_params;
+		gnutls_pk_params_st ecdhx_params;
+		gnutls_pk_params_st dh_params;
+	} kshare;
+
+	/* The union contents depend on the negotiated protocol.
+	 * It should not contain any values which are allocated
+	 * prior to protocol negotiation, as it would be impossible
+	 * to deinitialize.
+	 */
+	union {
+		struct {
+			/* the current (depending on state) secret, can be
+			 * early_secret, client_early_traffic_secret, ... */
+			uint8_t temp_secret[MAX_HASH_SIZE];
+			unsigned temp_secret_size; /* depends on negotiated PRF size */
+			uint8_t e_ckey[MAX_HASH_SIZE]; /* client_early_traffic_secret */
+			uint8_t hs_ckey[MAX_HASH_SIZE]; /* client_hs_traffic_secret */
+			uint8_t hs_skey[MAX_HASH_SIZE]; /* server_hs_traffic_secret */
+			uint8_t ap_ckey[MAX_HASH_SIZE]; /* client_ap_traffic_secret */
+			uint8_t ap_skey[MAX_HASH_SIZE]; /* server_ap_traffic_secret */
+			uint8_t ap_expkey[MAX_HASH_SIZE]; /* {early_,}exporter_master_secret */
+			uint8_t ap_rms[MAX_HASH_SIZE]; /* resumption_master_secret */
+		} tls13; /* tls1.3 */
+
+		/* Follow the SSL3.0 and TLS1.2 key exchanges */
+		struct {
+			/* For ECDH KX */
+			struct {
+				gnutls_pk_params_st params; /* private part */
+				/* public part */
+				bigint_t x;
+				bigint_t y;
+				gnutls_datum_t raw; /* public key used in ECDHX (point) */
+			} ecdh;
+
+			/* For DH KX */
+			struct {
+				gnutls_pk_params_st params;
+				bigint_t client_Y;
+			} dh;
+
+			/* for SRP KX */
+			struct {
+				bigint_t srp_key;
+				bigint_t srp_g;
+				bigint_t srp_p;
+				bigint_t A;
+				bigint_t B;
+				bigint_t u;
+				bigint_t b;
+				bigint_t a;
+				bigint_t x;
+			} srp;
+		} tls12; /* from ssl3.0 to tls12 */
+	} proto;
+
+	/* binders / pre-shared keys in use; temporary storage.
+	 * On client side it will hold data for the resumption and external
+	 * PSKs After server hello is received the selected binder is set on 0 position
+	 * and HSK_PSK_SELECTED is set.
+	 *
+	 * On server side the first value is populated with
+	 * the selected PSK data if HSK_PSK_SELECTED flag is set. */
+	struct binder_data_st binders[2];
+
+	/* TLS pre-master key; applies to 1.2 and 1.3 */
+	gnutls_datum_t key;
+
+	uint8_t
+		/* The key to encrypt and decrypt session tickets */
+		session_ticket_key[TICKET_MASTER_KEY_SIZE],
+		/* Static buffer for the previous key, whenever we need it */
+		previous_ticket_key[TICKET_MASTER_KEY_SIZE],
+		/* Initial key supplied by the caller */
+		initial_stek[TICKET_MASTER_KEY_SIZE];
+
+	/* Whether the initial_stek is set through
+	 * gnutls_session_ticket_enable_server() */
+	bool stek_initialized;
+
+	/* this is used to hold the peers authentication data
+	 */
+	/* auth_info_t structures SHOULD NOT contain malloced
+	 * elements. Check gnutls_session_pack.c, and gnutls_auth.c.
+	 * Remember that this should be calloced!
+	 */
+	void *auth_info;
+	gnutls_credentials_type_t auth_info_type;
+	int auth_info_size;	/* needed in order to store to db for restoring
+				 */
+	auth_cred_st *cred;	/* used to specify keys/certificates etc */
+
+	struct {
+		uint64_t last_result;
+		uint8_t was_rotated;
+		gnutls_stek_rotation_callback_t cb;
+	} totp;
+};
+
+typedef struct gnutls_key_st gnutls_key_st;
+
+struct pin_info_st {
+	gnutls_pin_callback_t cb;
+	void *data;
+};
+
+struct record_state_st;
+typedef struct record_state_st record_state_st;
+
+struct record_parameters_st;
+typedef struct record_parameters_st record_parameters_st;
+
+#define GNUTLS_CIPHER_FLAG_ONLY_AEAD	(1 << 0) /* When set, this cipher is only available through the new AEAD API */
+#define GNUTLS_CIPHER_FLAG_XOR_NONCE	(1 << 1) /* In this TLS AEAD cipher xor the implicit_iv with the nonce */
+#define GNUTLS_CIPHER_FLAG_NO_REKEY	(1 << 2) /* whether this tls1.3 cipher doesn't need to rekey after 2^24 messages */
+#define GNUTLS_CIPHER_FLAG_TAG_PREFIXED (1 << 3) /* When set, this cipher prefixes authentication tag */
+
+/* cipher and mac parameters */
+typedef struct cipher_entry_st {
+	const char *name;
+	gnutls_cipher_algorithm_t id;
+	uint16_t blocksize;
+	uint16_t keysize;
+	cipher_type_t type;
+	uint16_t implicit_iv;	/* the size of implicit IV - the IV generated but not sent */
+	uint16_t explicit_iv;	/* the size of explicit IV - the IV stored in record */
+	uint16_t cipher_iv;	/* the size of IV needed by the cipher */
+	uint16_t tagsize;
+	unsigned flags;
+} cipher_entry_st;
+
+typedef struct gnutls_cipher_suite_entry_st {
+	const char *name;
+	const uint8_t id[2];
+	const char *canonical_name;
+	gnutls_cipher_algorithm_t block_algorithm;
+	gnutls_kx_algorithm_t kx_algorithm;
+	gnutls_mac_algorithm_t mac_algorithm;
+	gnutls_protocol_t min_version;	/* this cipher suite is supported
+					 * from 'version' and above;
+					 */
+	gnutls_protocol_t max_version;	/* this cipher suite is not supported
+					 * after 'version' and above;
+					 */
+	gnutls_protocol_t min_dtls_version;	/* DTLS min version */
+	gnutls_protocol_t max_dtls_version;	/* DTLS max version */
+	gnutls_mac_algorithm_t prf;
+} gnutls_cipher_suite_entry_st;
+
+
+typedef struct gnutls_group_entry_st {
+	const char *name;
+	gnutls_group_t id;
+	const gnutls_datum_t *prime;
+	const gnutls_datum_t *q;
+	const gnutls_datum_t *generator;
+	const unsigned *q_bits;
+	gnutls_ecc_curve_t curve;
+	gnutls_pk_algorithm_t pk;
+	unsigned tls_id;		/* The RFC4492 namedCurve ID or TLS 1.3 group ID */
+} gnutls_group_entry_st;
+
+#define GNUTLS_MAC_FLAG_PREIMAGE_INSECURE	1  /* if this algorithm should not be trusted for pre-image attacks */
+#define GNUTLS_MAC_FLAG_CONTINUOUS_MAC		(1 << 1) /* if this MAC should be used in a 'continuous' way in TLS */
+#define GNUTLS_MAC_FLAG_PREIMAGE_INSECURE_REVERTIBLE	(1 << 2)  /* if this algorithm should not be trusted for pre-image attacks, but can be enabled through API */
+#define GNUTLS_MAC_FLAG_ALLOW_INSECURE_REVERTIBLE	(1 << 3)  /* when checking with _gnutls_digest_is_insecure2, don't treat revertible setting as fatal */
+/* This structure is used both for MACs and digests
+ */
+typedef struct mac_entry_st {
+	const char *name;
+	const char *oid;	/* OID of the hash - if it is a hash */
+	const char *mac_oid;    /* OID of the MAC algorithm - if it is a MAC */
+	gnutls_mac_algorithm_t id;
+	unsigned output_size;
+	unsigned key_size;
+	unsigned nonce_size;
+	unsigned placeholder;	/* if set, then not a real MAC */
+	unsigned block_size;	/* internal block size for HMAC */
+	unsigned flags;
+} mac_entry_st;
+
+typedef struct {
+	const char *name;
+	gnutls_protocol_t id;	/* gnutls internal version number */
+	unsigned age;		/* internal ordering by protocol age */
+	uint8_t major;		/* defined by the protocol */
+	uint8_t minor;		/* defined by the protocol */
+	transport_t transport;	/* Type of transport, stream or datagram */
+	bool supported;	/* 0 not supported, > 0 is supported */
+	bool supported_revertible;
+	bool explicit_iv;
+	bool extensions;	/* whether it supports extensions */
+	bool selectable_sighash;	/* whether signatures can be selected */
+	bool selectable_prf;	/* whether the PRF is ciphersuite-defined */
+
+	/* if SSL3 is disabled this flag indicates that this protocol is a placeholder,
+	 * otherwise it prevents this protocol from being set as record version */
+	bool obsolete;
+	bool tls13_sem;		/* The TLS 1.3 handshake semantics */
+	bool false_start;	/* That version can be used with false start */
+	bool only_extension;	/* negotiated only with an extension */
+	bool post_handshake_auth;	/* Supports the TLS 1.3 post handshake auth */
+	bool key_shares;	/* TLS 1.3 key share key exchange */
+	bool multi_ocsp;	/* TLS 1.3 multiple OCSP responses */
+	/*
+	 * TLS versions modify the semantics of signature algorithms. This number
+	 * is there to distinguish signature algorithms semantics between versions
+	 * (maps to sign_algorithm_st->tls_sem)
+	 */
+	uint8_t tls_sig_sem;
+} version_entry_st;
+
+
+/* STATE (cont) */
+
+#include <hash_int.h>
+#include <cipher_int.h>
+
+typedef struct {
+	uint8_t id[2]; /* used to be (in TLS 1.2) hash algorithm , PK algorithm */
+	uint8_t tls_sem; /* should match the protocol version's tls_sig_sem. */
+} sign_algorithm_st;
+
+/* This structure holds parameters got from TLS extension
+ * mechanism. (some extensions may hold parameters in auth_info_t
+ * structures also - see SRP).
+ */
+
+#define MAX_VERIFY_DATA_SIZE 36	/* in SSL 3.0, 12 in TLS 1.0 */
+
+/* auth_info_t structures now MAY contain malloced
+ * elements.
+ */
+
+/* This structure and auth_info_t, are stored in the resume database,
+ * and are restored, in case of resume.
+ * Holds all the required parameters to resume the current
+ * session.
+ */
+
+/* Note that the security parameters structure is set up after the
+ * handshake has finished. The only value you may depend on while
+ * the handshake is in progress is the cipher suite value.
+ */
+typedef struct {
+	unsigned int entity;	/* GNUTLS_SERVER or GNUTLS_CLIENT */
+
+	/* The epoch used to read and write */
+	uint16_t epoch_read;
+	uint16_t epoch_write;
+
+	/* The epoch that the next handshake will initialize. */
+	uint16_t epoch_next;
+
+	/* The epoch at index 0 of record_parameters. */
+	uint16_t epoch_min;
+
+	/* this is the ciphersuite we are going to use
+	 * moved here from internals in order to be restored
+	 * on resume;
+	 */
+	const struct gnutls_cipher_suite_entry_st *cs;
+
+	/* This is kept outside the ciphersuite entry as on certain
+	 * TLS versions we need a separate PRF MAC, i.e., MD5_SHA1. */
+	const mac_entry_st *prf;
+
+	uint8_t master_secret[GNUTLS_MASTER_SIZE];
+	uint8_t client_random[GNUTLS_RANDOM_SIZE];
+	uint8_t server_random[GNUTLS_RANDOM_SIZE];
+	uint8_t session_id[GNUTLS_MAX_SESSION_ID_SIZE];
+	uint8_t session_id_size;
+	time_t timestamp;
+
+	/* whether client has agreed in post handshake auth - only set on server side */
+	uint8_t post_handshake_auth;
+
+	/* The maximum amount of plaintext sent in a record,
+	 * negotiated with the peer.
+	 */
+	uint16_t max_record_send_size;
+	uint16_t max_record_recv_size;
+
+	/* The maximum amount of plaintext sent in a record, set by
+	 * the programmer.
+	 */
+	uint16_t max_user_record_send_size;
+	uint16_t max_user_record_recv_size;
+
+	/* The maximum amount of early data */
+	uint32_t max_early_data_size;
+
+	/* holds the negotiated certificate types */
+	gnutls_certificate_type_t client_ctype;
+	gnutls_certificate_type_t server_ctype;
+
+	/* The selected (after server hello EC or DH group */
+	const gnutls_group_entry_st *grp;
+
+	/* Holds the signature algorithm that will be used in this session,
+	 * selected by the server at the time of Ciphersuite/certificate
+	 * selection - see select_sign_algorithm() */
+	gnutls_sign_algorithm_t server_sign_algo;
+
+	/* Holds the signature algorithm used in this session - If any */
+	gnutls_sign_algorithm_t client_sign_algo;
+
+	/* Whether the master secret negotiation will be according to
+	 * draft-ietf-tls-session-hash-01
+	 */
+	uint8_t ext_master_secret;
+	/* encrypt-then-mac -> rfc7366 */
+	uint8_t etm;
+
+	uint8_t client_auth_type; /* gnutls_credentials_type_t */
+	uint8_t server_auth_type;
+
+	/* Note: if you add anything in Security_Parameters struct, then
+	 * also modify CPY_COMMON in constate.c, and session_pack.c,
+	 * in order to save it in the session storage.
+	 */
+
+	/* Used by extensions that enable supplemental data: Which ones
+	 * do that? Do they belong in security parameters?
+	 */
+	int do_recv_supplemental, do_send_supplemental;
+	const version_entry_st *pversion;
+} security_parameters_st;
+
+typedef struct api_aead_cipher_hd_st {
+	cipher_hd_st ctx_enc;
+} api_aead_cipher_hd_st;
+
+struct record_state_st {
+	/* mac keys can be as long as the hash size */
+	uint8_t mac_key[MAX_HASH_SIZE];
+	unsigned mac_key_size;
+
+	uint8_t iv[MAX_CIPHER_IV_SIZE];
+	unsigned iv_size;
+
+	uint8_t key[MAX_CIPHER_KEY_SIZE];
+	unsigned key_size;
+
+	union {
+		auth_cipher_hd_st tls12;
+		api_aead_cipher_hd_st aead;
+	} ctx;
+	unsigned aead_tag_size;
+	unsigned is_aead;
+	uint64_t sequence_number;
+	gnutls_record_encryption_level_t level;
+};
+
+
+/* These are used to resolve relative epochs. These values are just
+   outside the 16 bit range to prevent off-by-one errors. An absolute
+   epoch may be referred to by its numeric id in the range
+   0x0000-0xffff. */
+#define EPOCH_READ_CURRENT  70000
+#define EPOCH_WRITE_CURRENT 70001
+#define EPOCH_NEXT	  70002
+
+struct record_parameters_st {
+	uint16_t epoch;
+	int initialized;
+
+	const cipher_entry_st *cipher;
+	bool etm;
+	const mac_entry_st *mac;
+
+	/* for DTLS sliding window */
+	uint64_t dtls_sw_next; /* The end point (next expected packet) of the sliding window without epoch */
+	uint64_t dtls_sw_bits;
+	unsigned dtls_sw_have_recv; /* whether at least a packet has been received */
+
+	record_state_st read;
+	record_state_st write;
+
+	/* Whether this state is in use, i.e., if there is
+	   a pending handshake message waiting to be encrypted
+	   under this epoch's parameters.
+	 */
+	int usage_cnt;
+};
+
+typedef struct {
+	unsigned int priorities[MAX_ALGOS];
+	unsigned int num_priorities;
+} priority_st;
+
+typedef enum {
+	SR_DISABLED,
+	SR_UNSAFE,
+	SR_PARTIAL,
+	SR_SAFE
+} safe_renegotiation_t;
+
+#define MAX_CIPHERSUITE_SIZE 256
+
+typedef struct ciphersuite_list_st {
+	const gnutls_cipher_suite_entry_st *entry[MAX_CIPHERSUITE_SIZE];
+	unsigned int size;
+} ciphersuite_list_st;
+
+typedef struct group_list_st {
+	const gnutls_group_entry_st *entry[MAX_ALGOS];
+	unsigned int size;
+	bool have_ffdhe;
+} group_list_st;
+
+typedef struct sign_algo_list_st {
+	const struct gnutls_sign_entry_st *entry[MAX_ALGOS];
+	unsigned int size;
+} sign_algo_list_st;
+
+#include "atomic.h"
+
+/* For the external api */
+struct gnutls_priority_st {
+	priority_st protocol;
+	priority_st client_ctype;
+	priority_st server_ctype;
+
+	/* The following are not necessary to be stored in
+	 * the structure; however they are required by the
+	 * external APIs: gnutls_priority_*_list() */
+	priority_st _cipher;
+	priority_st _mac;
+	priority_st _kx;
+	priority_st _sign_algo;
+	priority_st _supported_ecc;
+
+	/* the supported groups */
+	group_list_st groups;
+
+	/* the supported signature algorithms */
+	sign_algo_list_st sigalg;
+
+	/* the supported ciphersuites */
+	ciphersuite_list_st cs;
+
+	/* to disable record padding */
+	bool no_extensions;
+
+
+	safe_renegotiation_t sr;
+	bool min_record_version;
+	bool server_precedence;
+	bool allow_server_key_usage_violation; /* for test suite purposes only */
+	bool no_tickets;
+	bool no_tickets_tls12;
+	bool have_cbc;
+	bool have_psk;
+	bool force_etm;
+	unsigned int additional_verify_flags;
+	bool tls13_compat_mode;
+
+	/* TLS_FALLBACK_SCSV */
+	bool fallback;
+
+	/* The session's expected security level.
+	 * Will be used to determine the minimum DH bits,
+	 * (or the acceptable certificate security level).
+	 */
+	gnutls_sec_param_t level;
+
+	/* these should be accessed from
+	 * session->internals.VAR names */
+	bool _allow_large_records;
+	bool _allow_small_records;
+	bool _no_etm;
+	bool _no_ext_master_secret;
+	bool _allow_key_usage_violation;
+	bool _allow_wrong_pms;
+	bool _dumbfw;
+	unsigned int _dh_prime_bits;	/* old (deprecated) variable */
+
+	DEF_ATOMIC_INT(usage_cnt);
+};
+
+/* Allow around 50KB of length-hiding padding
+ * when using legacy padding,
+ * or around 3.2MB when using new padding. */
+#define DEFAULT_MAX_EMPTY_RECORDS 200
+
+#define ENABLE_COMPAT(x) \
+	      (x)->allow_large_records = 1; \
+	      (x)->allow_small_records = 1; \
+	      (x)->no_etm = 1; \
+	      (x)->no_ext_master_secret = 1; \
+	      (x)->allow_key_usage_violation = 1; \
+	      (x)->allow_wrong_pms = 1; \
+	      (x)->dumbfw = 1
+
+#define ENABLE_PRIO_COMPAT(x) \
+	      (x)->_allow_large_records = 1; \
+	      (x)->_allow_small_records = 1; \
+	      (x)->_no_etm = 1; \
+	      (x)->_no_ext_master_secret = 1; \
+	      (x)->_allow_key_usage_violation = 1; \
+	      (x)->_allow_wrong_pms = 1; \
+	      (x)->_dumbfw = 1
+
+/* DH and RSA parameters types.
+ */
+typedef struct gnutls_dh_params_int {
+	/* [0] is the prime, [1] is the generator, [2] is Q if available.
+	 */
+	bigint_t params[3];
+	int q_bits;		/* length of q in bits. If zero then length is unknown.
+				 */
+} dh_params_st;
+
+/* TLS 1.3 session ticket
+ */
+typedef struct {
+	struct timespec arrival_time;
+	struct timespec creation_time;
+	uint32_t lifetime;
+	uint32_t age_add;
+	uint8_t nonce[255];
+	size_t nonce_size;
+	const mac_entry_st *prf;
+	uint8_t resumption_master_secret[MAX_HASH_SIZE];
+	gnutls_datum_t ticket;
+} tls13_ticket_st;
+
+/* DTLS session state
+ */
+typedef struct {
+	/* HelloVerifyRequest DOS prevention cookie */
+	gnutls_datum_t dcookie;
+
+	/* For DTLS handshake fragmentation and reassembly. */
+	uint16_t hsk_write_seq;
+	/* the sequence number of the expected packet */
+	unsigned int hsk_read_seq;
+	uint16_t mtu;
+
+	/* a flight transmission is in process */
+	bool flight_init;
+	/* whether this is the last flight in the protocol  */
+	bool last_flight;
+
+	/* the retransmission timeout in milliseconds */
+	unsigned int retrans_timeout_ms;
+
+	unsigned int hsk_hello_verify_requests;
+
+	/* The actual retrans_timeout for the next message (e.g. doubled or so)
+	 */
+	unsigned int actual_retrans_timeout_ms;
+
+	/* timers to handle async handshake after gnutls_handshake()
+	 * has terminated. Required to handle retransmissions.
+	 */
+	time_t async_term;
+
+	/* last retransmission triggered by record layer */
+	struct timespec last_retransmit;
+	unsigned int packets_dropped;
+} dtls_st;
+
+typedef struct tfo_st {
+	int fd;
+	int flags;
+	bool connect_only; /* a previous sendmsg() failed, attempting connect() */
+	struct sockaddr_storage connect_addr;
+	socklen_t connect_addrlen;
+} tfo_st;
+
+typedef struct {
+	/* holds all the parsed data received by the record layer */
+	mbuffer_head_st record_buffer;
+
+	int handshake_hash_buffer_prev_len;	/* keeps the length of handshake_hash_buffer, excluding
+						 * the last received message */
+	unsigned handshake_hash_buffer_client_hello_len; /* if non-zero it is the length of data until the client hello message */
+	unsigned handshake_hash_buffer_client_kx_len;/* if non-zero it is the length of data until the
+						 * the client key exchange message */
+	unsigned handshake_hash_buffer_server_finished_len;/* if non-zero it is the length of data until the
+						 * the server finished message */
+	unsigned handshake_hash_buffer_client_finished_len;/* if non-zero it is the length of data until the
+						 * the client finished message */
+	gnutls_buffer_st handshake_hash_buffer;	/* used to keep the last received handshake
+						 * message */
+
+	bool resumable;	/* if we can resume that session */
+
+	send_ticket_state_t ticket_state; /* used by gnutls_session_ticket_send() */
+	bye_state_t bye_state; /* used by gnutls_bye() */
+	reauth_state_t reauth_state; /* used by gnutls_reauth() */
+
+	handshake_state_t handshake_final_state;
+	handshake_state_t handshake_state;	/* holds
+						 * a number which indicates where
+						 * the handshake procedure has been
+						 * interrupted. If it is 0 then
+						 * no interruption has happened.
+						 */
+
+	bool invalid_connection;	/* if this session is valid */
+
+	bool may_not_read;	/* if it's 0 then we can read/write, otherwise it's forbidden to read/write
+				 */
+	bool may_not_write;
+	bool read_eof;		/* non-zero if we have received a closure alert. */
+
+	int last_alert;		/* last alert received */
+
+	/* The last handshake messages sent or received.
+	 */
+	int last_handshake_in;
+	int last_handshake_out;
+
+	/* priorities */
+	struct gnutls_priority_st *priorities;
+
+	/* variables directly set when setting the priorities above, or
+	 * when overriding them */
+	bool allow_large_records;
+	bool allow_small_records;
+	bool no_etm;
+	bool no_ext_master_secret;
+	bool allow_key_usage_violation;
+	bool allow_wrong_pms;
+	bool dumbfw;
+
+	/* old (deprecated) variable. This is used for both srp_prime_bits
+	 * and dh_prime_bits as they don't overlap */
+	/* For SRP: minimum bits to allow for SRP
+	 * use gnutls_srp_set_prime_bits() to adjust it.
+	 */
+	uint16_t dh_prime_bits; /* srp_prime_bits */
+
+	/* resumed session */
+	bool resumed;	/* if we are resuming a session */
+
+	/* server side: non-zero if resumption was requested by client
+	 * client side: non-zero if we set resumption parameters */
+	bool resumption_requested;
+	security_parameters_st resumed_security_parameters;
+	gnutls_datum_t resumption_data; /* copy of input to gnutls_session_set_data() */
+
+	/* These buffers are used in the handshake
+	 * protocol only. freed using _gnutls_handshake_io_buffer_clear();
+	 */
+	mbuffer_head_st handshake_send_buffer;
+	mbuffer_head_st handshake_header_recv_buffer;
+	handshake_buffer_st handshake_recv_buffer[MAX_HANDSHAKE_MSGS];
+	int handshake_recv_buffer_size;
+
+	/* this buffer holds a record packet -mostly used for
+	 * non blocking IO.
+	 */
+	mbuffer_head_st record_recv_buffer;	/* buffer holding the unparsed record that is currently
+						 * being received */
+	mbuffer_head_st record_send_buffer;	/* holds cached data
+						 * for the gnutls_io_write_buffered()
+						 * function.
+						 */
+	size_t record_send_buffer_user_size;	/* holds the
+						 * size of the user specified data to
+						 * send.
+						 */
+
+	mbuffer_head_st early_data_recv_buffer;
+	gnutls_buffer_st early_data_presend_buffer;
+
+	record_send_state_t rsend_state;
+	/* buffer used temporarily during key update */
+	gnutls_buffer_st record_key_update_buffer;
+	gnutls_buffer_st record_presend_buffer;	/* holds cached data
+						 * for the gnutls_record_send()
+						 * function.
+						 */
+
+	/* buffer used temporarily during TLS1.3 reauthentication */
+	gnutls_buffer_st reauth_buffer;
+
+	time_t expire_time;	/* after expire_time seconds this session will expire */
+	const struct mod_auth_st_int *auth_struct;	/* used in handshake packets and KX algorithms */
+
+	/* this is the highest version available
+	 * to the peer. (advertized version).
+	 * This is obtained by the Handshake Client Hello
+	 * message. (some implementations read the Record version)
+	 */
+	uint8_t adv_version_major;
+	uint8_t adv_version_minor;
+
+	/* if this is non zero a certificate request message
+	 * will be sent to the client. - only if the ciphersuite
+	 * supports it. In server side it contains GNUTLS_CERT_REQUIRE
+	 * or similar.
+	 */
+	gnutls_certificate_request_t send_cert_req;
+
+	/* callback to print the full path of certificate
+	 * validation to the trusted root.
+	 */
+	gnutls_verify_output_function *cert_output_callback;
+
+	size_t max_handshake_data_buffer_size;
+
+	/* PUSH & PULL functions.
+	 */
+	gnutls_pull_timeout_func pull_timeout_func;
+	gnutls_pull_func pull_func;
+	gnutls_push_func push_func;
+	gnutls_vec_push_func vec_push_func;
+	gnutls_errno_func errno_func;
+	/* Holds the first argument of PUSH and PULL
+	 * functions;
+	 */
+	gnutls_transport_ptr_t transport_recv_ptr;
+	gnutls_transport_ptr_t transport_send_ptr;
+
+	/* STORE & RETRIEVE functions. Only used if other
+	 * backend than gdbm is used.
+	 */
+	gnutls_db_store_func db_store_func;
+	gnutls_db_retr_func db_retrieve_func;
+	gnutls_db_remove_func db_remove_func;
+	void *db_ptr;
+
+	/* post client hello callback (server side only)
+	 */
+	gnutls_handshake_post_client_hello_func user_hello_func;
+	/* handshake hook function */
+	gnutls_handshake_hook_func h_hook;
+	unsigned int h_type;	/* the hooked type */
+	int16_t h_post;		/* whether post-generation/receive */
+	gnutls_handshake_read_func h_read_func;
+	gnutls_handshake_secret_func h_secret_func;
+	gnutls_alert_read_func alert_read_func;
+
+	gnutls_keylog_func keylog_func;
+
+	/* holds the selected certificate and key.
+	 * use _gnutls_selected_certs_deinit() and _gnutls_selected_certs_set()
+	 * to change them.
+	 */
+	gnutls_pcert_st *selected_cert_list;
+	uint16_t selected_cert_list_length;
+	struct gnutls_privkey_st *selected_key;
+
+	/* new callbacks such as gnutls_certificate_retrieve_function3
+	 * set the selected_ocsp datum values. The older OCSP callback-based
+	 * functions, set the ocsp_func. The former takes precedence when
+	 * set.
+	 */
+	gnutls_ocsp_data_st *selected_ocsp;
+	uint16_t selected_ocsp_length;
+	gnutls_status_request_ocsp_func selected_ocsp_func;
+	void *selected_ocsp_func_ptr;
+	bool selected_need_free;
+
+
+	/* This holds the default version that our first
+	 * record packet will have. */
+	uint8_t default_record_version[2];
+	uint8_t default_hello_version[2];
+
+	void *user_ptr;
+
+	/* Holds 0 if the last called function was interrupted while
+	 * receiving, and non zero otherwise.
+	 */
+	bool direction;
+
+	/* If non zero the server will not advertise the CA's he
+	 * trusts (do not send an RDN sequence).
+	 */
+	bool ignore_rdn_sequence;
+
+	/* This is used to set an arbitrary version in the RSA
+	 * PMS secret. Can be used by clients to test whether the
+	 * server checks that version. (** only used in gnutls-cli-debug)
+	 */
+	uint8_t rsa_pms_version[2];
+
+	/* To avoid using global variables, and especially on Windows where
+	 * the application may use a different errno variable than GnuTLS,
+	 * it is possible to use gnutls_transport_set_errno to set a
+	 * session-specific errno variable in the user-replaceable push/pull
+	 * functions.  This value is used by the send/recv functions.  (The
+	 * strange name of this variable is because 'errno' is typically
+	 * #define'd.)
+	 */
+	int errnum;
+
+	/* A handshake process has been completed */
+	bool initial_negotiation_completed;
+	void *post_negotiation_lock; /* protects access to the variable above
+				      * in the cases where negotiation is incomplete
+				      * after gnutls_handshake() - early/false start */
+
+	/* The type of transport protocol; stream or datagram */
+	transport_t transport;
+
+	/* DTLS session state */
+	dtls_st dtls;
+	/* Protect from infinite loops due to GNUTLS_E_LARGE_PACKET non-handling
+	 * or due to multiple alerts being received. */
+	unsigned handshake_suspicious_loops;
+	/* should be non-zero when a handshake is in progress */
+	bool handshake_in_progress;
+
+	/* if set it means that the master key was set using
+	 * gnutls_session_set_master() rather than being negotiated. */
+	bool premaster_set;
+
+	unsigned int cb_tls_unique_len;
+	unsigned char cb_tls_unique[MAX_VERIFY_DATA_SIZE];
+
+	/* starting time of current handshake */
+	struct timespec handshake_start_time;
+
+	/* expected end time of current handshake (start+timeout);
+	 * this is only filled if a handshake_time_ms is set. */
+	struct timespec handshake_abs_timeout;
+
+	/* An estimation of round-trip time under TLS1.3; populated in client side only */
+	unsigned ertt;
+
+	unsigned int handshake_timeout_ms;	/* timeout in milliseconds */
+	unsigned int record_timeout_ms;	/* timeout in milliseconds */
+
+	/* saved context of post handshake certificate request. In
+	 * client side is what we received in server's certificate request;
+	 * in server side is what we sent to client. */
+	gnutls_datum_t post_handshake_cr_context;
+	/* it is a copy of the handshake hash buffer if post handshake is used */
+	gnutls_buffer_st post_handshake_hash_buffer;
+
+/* When either of PSK or DHE-PSK is received */
+#define HSK_PSK_KE_MODES_RECEIVED (HSK_PSK_KE_MODE_PSK|HSK_PSK_KE_MODE_DHE_PSK|HSK_PSK_KE_MODE_INVALID)
+
+#define HSK_CRT_VRFY_EXPECTED 1
+#define HSK_CRT_ASKED (1<<2)
+#define HSK_HRR_SENT (1<<3)
+#define HSK_HRR_RECEIVED (1<<4)
+#define HSK_CRT_REQ_SENT (1<<5)
+#define HSK_KEY_UPDATE_ASKED (1<<7) /* flag is not used during handshake */
+#define HSK_FALSE_START_USED (1<<8) /* TLS1.2 only */
+#define HSK_HAVE_FFDHE (1<<9) /* whether the peer has advertized at least an FFDHE group */
+#define HSK_USED_FFDHE (1<<10) /* whether ffdhe was actually negotiated and used */
+#define HSK_PSK_KE_MODES_SENT (1<<11)
+#define HSK_PSK_KE_MODE_PSK (1<<12) /* client: whether PSK without DH is allowed,
+				     * server: whether PSK without DH is selected. */
+#define HSK_PSK_KE_MODE_INVALID (1<<13) /* server: no compatible PSK modes were seen */
+#define HSK_PSK_KE_MODE_DHE_PSK (1<<14) /* server: whether PSK with DH is selected
+					 * client: whether PSK with DH is allowed
+					 */
+#define HSK_PSK_SELECTED (1<<15) /* server: whether PSK was selected, either for resumption or not;
+				  *	    on resumption session->internals.resumed will be set as well.
+				  * client: the same */
+#define HSK_KEY_SHARE_SENT (1<<16) /* server: key share was sent to client */
+#define HSK_KEY_SHARE_RECEIVED (1<<17) /* client: key share was received
+					* server: key share was received and accepted */
+#define HSK_TLS13_TICKET_SENT (1<<18) /* client: sent a ticket under TLS1.3;
+					 * server: a ticket was sent to client.
+					 */
+#define HSK_TLS12_TICKET_SENT (1<<19) /* client: sent a ticket under TLS1.2;
+				       * server: a ticket was sent to client.
+				       */
+#define HSK_TICKET_RECEIVED (1<<20) /* client: a session ticket was received */
+#define HSK_EARLY_START_USED (1<<21)
+#define HSK_EARLY_DATA_IN_FLIGHT (1<<22) /* client: sent early_data extension in ClientHello
+					  * server: early_data extension was seen in ClientHello
+					  */
+#define HSK_EARLY_DATA_ACCEPTED (1<<23) /* client: early_data extension was seen in EncryptedExtensions
+					 * server: intend to process early data
+					 */
+#define HSK_RECORD_SIZE_LIMIT_NEGOTIATED (1<<24)
+#define HSK_RECORD_SIZE_LIMIT_SENT (1<<25) /* record_size_limit extension was sent */
+#define HSK_RECORD_SIZE_LIMIT_RECEIVED (1<<26) /* server: record_size_limit extension was seen but not accepted yet */
+#define HSK_OCSP_REQUESTED (1<<27) /* server: client requested OCSP stapling */
+#define HSK_CLIENT_OCSP_REQUESTED (1<<28) /* client: server requested OCSP stapling */
+#define HSK_SERVER_HELLO_RECEIVED (1<<29) /* client: Server Hello message has been received */
+
+	/* The hsk_flags are for use within the ongoing handshake;
+	 * they are reset to zero prior to handshake start by gnutls_handshake. */
+	unsigned hsk_flags;
+	struct timespec last_key_update;
+	unsigned key_update_count;
+	/* Read-only pointer to the full ClientHello message */
+	gnutls_buffer_st full_client_hello;
+	/* The offset at which extensions start in the ClientHello buffer */
+	int extensions_offset;
+
+	gnutls_buffer_st hb_local_data;
+	gnutls_buffer_st hb_remote_data;
+	struct timespec hb_ping_start;	/* timestamp: when first HeartBeat ping was sent */
+	struct timespec hb_ping_sent;	/* timestamp: when last HeartBeat ping was sent */
+	unsigned int hb_actual_retrans_timeout_ms;	/* current timeout, in milliseconds */
+	unsigned int hb_retrans_timeout_ms;	/* the default timeout, in milliseconds */
+	unsigned int hb_total_timeout_ms;	/* the total timeout, in milliseconds */
+
+	bool ocsp_check_ok;	/* will be zero if the OCSP response TLS extension
+					 * check failed (OCSP was old/unrelated or so). */
+
+	heartbeat_state_t hb_state;	/* for ping */
+
+	recv_state_t recv_state;	/* state of the receive function */
+
+	/* if set, server and client random were set by the application */
+	bool sc_random_set;
+
+#define INT_FLAG_NO_TLS13 (1LL<<60)
+	uint64_t flags; /* the flags in gnutls_init() and GNUTLS_INT_FLAGS */
+
+	/* a verify callback to override the verify callback from the credentials
+	 * structure */
+	gnutls_certificate_verify_function *verify_callback;
+	gnutls_typed_vdata_st *vc_data;
+	gnutls_typed_vdata_st vc_sdata;
+	unsigned vc_elements;
+	unsigned vc_status;
+	unsigned int additional_verify_flags; /* may be set by priorities or the vc functions */
+
+	/* we append the verify flags because these can be set,
+	 * either by this function or by gnutls_session_set_verify_cert().
+	 * However, we ensure that a single profile is set. */
+#define ADD_PROFILE_VFLAGS(session, vflags) do { \
+	if ((session->internals.additional_verify_flags & GNUTLS_VFLAGS_PROFILE_MASK) && \
+	    (vflags & GNUTLS_VFLAGS_PROFILE_MASK)) \
+		session->internals.additional_verify_flags &= ~GNUTLS_VFLAGS_PROFILE_MASK; \
+	session->internals.additional_verify_flags |= vflags; \
+	} while(0)
+
+	/* the SHA256 hash of the peer's certificate */
+	uint8_t cert_hash[32];
+	bool cert_hash_set;
+
+	/* The saved username from PSK or SRP auth */
+	char *saved_username;
+	/* Length of the saved username without the NULL terminating byte.
+	 * Must be set to -1 when saved username is NULL
+	 */
+	int saved_username_size;
+
+	/* Needed for TCP Fast Open (TFO), set by gnutls_transport_set_fastopen() */
+	tfo_st tfo;
+
+	struct gnutls_supplemental_entry_st *rsup;
+	unsigned rsup_size;
+
+	struct hello_ext_entry_st *rexts;
+	unsigned rexts_size;
+
+	struct { /* ext_data[id] contains data for extension_t id */
+		gnutls_ext_priv_data_t priv;
+		gnutls_ext_priv_data_t resumed_priv;
+		uint8_t set;
+		uint8_t resumed_set;
+	} ext_data[MAX_EXT_TYPES];
+
+	/* In case of a client holds the extensions we sent to the peer;
+	 * otherwise the extensions we received from the client. This is
+	 * an OR of (1<<extensions_t values).
+	 */
+	ext_track_t used_exts;
+
+	gnutls_ext_flags_t ext_msg; /* accessed through _gnutls_ext_get/set_msg() */
+
+	/* this is not the negotiated max_record_recv_size, but the actual maximum
+	 * receive size */
+	unsigned max_recv_size;
+
+	/* candidate groups to be selected for security params groups, they are
+	 * prioritized in isolation under TLS1.2 */
+	const gnutls_group_entry_st *cand_ec_group;
+	const gnutls_group_entry_st *cand_dh_group;
+	/* used under TLS1.3+ */
+	const gnutls_group_entry_st *cand_group;
+
+	/* the ciphersuite received in HRR */
+	uint8_t hrr_cs[2];
+
+	/* this is only used under TLS1.2 or earlier */
+	int session_ticket_renew;
+
+	tls13_ticket_st tls13_ticket;
+
+	/* the amount of early data received so far */
+	uint32_t early_data_received;
+
+	/* anti-replay measure for 0-RTT mode */
+	gnutls_anti_replay_t anti_replay;
+
+	/* Protects _gnutls_epoch_gc() from _gnutls_epoch_get(); these may be
+	 * called in parallel when false start is used and false start is used. */
+	void *epoch_lock;
+
+	/* indicates whether or not was KTLS initialized properly. */
+	int ktls_enabled;
+
+	/* Compression method for certificate compression */
+	gnutls_compression_method_t compress_certificate_method;
+
+	/* If you add anything here, check _gnutls_handshake_internal_state_clear().
+	 */
+} internals_st;
+
+/* Maximum number of epochs we keep around. */
+#define MAX_EPOCH_INDEX 4
+
+#define reset_cand_groups(session) \
+	session->internals.cand_ec_group = session->internals.cand_dh_group = \
+		session->internals.cand_group = NULL
+
+struct gnutls_session_int {
+	security_parameters_st security_parameters;
+	record_parameters_st *record_parameters[MAX_EPOCH_INDEX];
+	internals_st internals;
+	gnutls_key_st key;
+};
+
+
+/* functions
+ */
+void _gnutls_free_auth_info(gnutls_session_t session);
+
+/* These two macros return the advertised TLS version of
+ * the peer.
+ */
+#define _gnutls_get_adv_version_major(session) \
+	session->internals.adv_version_major
+
+#define _gnutls_get_adv_version_minor(session) \
+	session->internals.adv_version_minor
+
+#define set_adv_version(session, major, minor) \
+	session->internals.adv_version_major = major; \
+	session->internals.adv_version_minor = minor
+
+int _gnutls_is_secure_mem_null(const void *);
+
+inline static const version_entry_st *get_version(gnutls_session_t session)
+{
+	return session->security_parameters.pversion;
+}
+
+inline static unsigned get_num_version(gnutls_session_t session)
+{
+	if (likely(session->security_parameters.pversion != NULL))
+		return session->security_parameters.pversion->id;
+	else
+		return GNUTLS_VERSION_UNKNOWN;
+}
+
+void _gnutls_priority_update_fips(void);
+void _gnutls_priority_update_non_aesni(void);
+extern unsigned _gnutls_disable_tls13;
+
+#define timespec_sub_ms _gnutls_timespec_sub_ms
+unsigned int
+/* returns a-b in ms */
+ timespec_sub_ms(struct timespec *a, struct timespec *b);
+
+inline static int _gnutls_timespec_cmp(struct timespec *a, struct timespec *b) {
+	if (a->tv_sec < b->tv_sec)
+		return -1;
+	if (a->tv_sec > b->tv_sec)
+		return 1;
+	if (a->tv_nsec < b->tv_nsec)
+		return -1;
+	if (a->tv_nsec > b->tv_nsec)
+		return 1;
+	return 0;
+}
+
+#include <algorithms.h>
+inline static int _gnutls_set_current_version(gnutls_session_t s, unsigned v)
+{
+	s->security_parameters.pversion = version_to_entry(v);
+	if (s->security_parameters.pversion == NULL) {
+		return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
+	}
+	return 0;
+}
+
+/* Returns the maximum amount of the plaintext to be sent, considering
+ * both user-specified/negotiated maximum values.
+ */
+inline static size_t max_record_send_size(gnutls_session_t session,
+					  record_parameters_st *
+					  record_params)
+{
+	size_t max;
+
+	max = MIN(session->security_parameters.max_record_send_size,
+		  session->security_parameters.max_user_record_send_size);
+
+	if (IS_DTLS(session))
+		max = MIN(gnutls_dtls_get_data_mtu(session), max);
+
+	return max;
+}
+
+/* Returns the during the handshake negotiated certificate type(s).
+ * See state.c for the full function documentation.
+ *
+ * This function is made static inline for optimization reasons.
+ */
+inline static gnutls_certificate_type_t
+get_certificate_type(gnutls_session_t session,
+		     gnutls_ctype_target_t target)
+{
+	switch (target) {
+		case GNUTLS_CTYPE_CLIENT:
+			return session->security_parameters.client_ctype;
+			break;
+		case GNUTLS_CTYPE_SERVER:
+			return session->security_parameters.server_ctype;
+			break;
+		case GNUTLS_CTYPE_OURS:
+			if (IS_SERVER(session)) {
+				return session->security_parameters.server_ctype;
+			} else {
+				return session->security_parameters.client_ctype;
+			}
+			break;
+		case GNUTLS_CTYPE_PEERS:
+			if (IS_SERVER(session)) {
+				return session->security_parameters.client_ctype;
+			} else {
+				return session->security_parameters.server_ctype;
+			}
+			break;
+		default:	// Illegal parameter passed
+			return GNUTLS_CRT_UNKNOWN;
+	}
+}
+
+/* Macros to aide constant time/mem checks */
+#define CONSTCHECK_NOT_EQUAL(a, b) ((-((uint32_t)(a) ^ (uint32_t)(b))) >> 31)
+#define CONSTCHECK_EQUAL(a, b) (1U - CONSTCHECK_NOT_EQUAL(a, b))
+
+extern unsigned int _gnutls_global_version;
+
+bool _gnutls_config_is_ktls_enabled(void);
+
+#endif /* GNUTLS_LIB_GNUTLS_INT_H */
diff --git a/lib/gnutlsxx.cpp b/lib/gnutlsxx.cpp
new file mode 100644
index 0000000..f87490d
--- /dev/null
+++ b/lib/gnutlsxx.cpp
@@ -0,0 +1,1035 @@
+/*
+ * Copyright (C) 2006-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <gnutls/gnutlsxx.h>
+
+namespace gnutls
+{
+
+  inline static int RETWRAP (int ret)
+  {
+    if (ret < 0)
+      throw (exception (ret));
+    return ret;
+  }
+
+  session::session (unsigned int flags)
+  {
+    RETWRAP (gnutls_init (&s, flags));
+  }
+
+  session::~session ()
+  {
+    gnutls_deinit (s);
+  }
+
+  gnutls_session_t session::ptr()
+  {
+    return s;
+  }
+
+  int session::bye (gnutls_close_request_t how)
+  {
+    return RETWRAP (gnutls_bye (s, how));
+  }
+
+  int session::handshake ()
+  {
+    return RETWRAP (gnutls_handshake (s));
+  }
+
+  server_session::server_session ():session (GNUTLS_SERVER)
+  {
+  }
+
+  server_session::server_session (int flags):session (GNUTLS_SERVER |
+			      (flags & ~GNUTLS_CLIENT))
+  {
+  }
+
+  server_session::~server_session ()
+  {
+  }
+
+  int server_session::rehandshake ()
+  {
+    return RETWRAP (gnutls_rehandshake (s));
+  }
+
+  gnutls_alert_description_t session::get_alert () const
+  {
+    return gnutls_alert_get (s);
+  }
+
+  int session::send_alert (gnutls_alert_level_t level,
+			   gnutls_alert_description_t desc)
+  {
+    return RETWRAP (gnutls_alert_send (s, level, desc));
+  }
+
+  int session::send_appropriate_alert (int err)
+  {
+    return RETWRAP (gnutls_alert_send_appropriate (s, err));
+  }
+
+  gnutls_cipher_algorithm_t session::get_cipher () const
+  {
+    return gnutls_cipher_get (s);
+  }
+
+  gnutls_kx_algorithm_t session::get_kx () const
+  {
+    return gnutls_kx_get (s);
+  }
+
+  gnutls_mac_algorithm_t session::get_mac () const
+  {
+    return gnutls_mac_get (s);
+  }
+
+  gnutls_compression_method_t session::get_compression () const
+  {
+    return gnutls_compression_get (s);
+  }
+
+  gnutls_certificate_type_t session::get_certificate_type () const
+  {
+    return gnutls_certificate_type_get (s);
+  }
+
+  void session::set_private_extensions (bool allow)
+  {
+    gnutls_handshake_set_private_extensions (s, (int) allow);
+  }
+
+  gnutls_handshake_description_t session::get_handshake_last_out () const
+  {
+    return gnutls_handshake_get_last_out (s);
+  }
+
+  gnutls_handshake_description_t session::get_handshake_last_in () const
+  {
+    return gnutls_handshake_get_last_in (s);
+  }
+
+  ssize_t session::send (const void *data, size_t sizeofdata)
+  {
+    return RETWRAP (gnutls_record_send (s, data, sizeofdata));
+  }
+
+  ssize_t session::recv (void *data, size_t sizeofdata)
+  {
+    return RETWRAP (gnutls_record_recv (s, data, sizeofdata));
+  }
+
+  bool session::get_record_direction () const
+  {
+    return gnutls_record_get_direction (s);
+  }
+
+  // maximum packet size
+  size_t session::get_max_size () const
+  {
+    return gnutls_record_get_max_size (s);
+  }
+
+  void session::set_max_size (size_t size)
+  {
+    RETWRAP (gnutls_record_set_max_size (s, size));
+  }
+
+  size_t session::check_pending () const
+  {
+    return gnutls_record_check_pending (s);
+  }
+
+
+  void session::prf (size_t label_size, const char *label,
+		     int server_random_first,
+		     size_t extra_size, const char *extra,
+		     size_t outsize, char *out)
+  {
+    RETWRAP (gnutls_prf (s, label_size, label, server_random_first,
+			 extra_size, extra, outsize, out));
+  }
+
+  void session::prf_raw (size_t label_size, const char *label,
+			 size_t seed_size, const char *seed,
+			 size_t outsize, char *out)
+  {
+    RETWRAP (gnutls_prf_raw
+	     (s, label_size, label, seed_size, seed, outsize, out));
+  }
+
+
+/* if you just want some defaults, use the following.
+ */
+  void session::set_priority (const char *prio, const char **err_pos)
+  {
+    RETWRAP (gnutls_priority_set_direct (s, prio, err_pos));
+  }
+
+  void session::set_priority (gnutls_priority_t p)
+  {
+    RETWRAP (gnutls_priority_set (s, p));
+  }
+
+  gnutls_protocol_t session::get_protocol_version () const
+  {
+    return gnutls_protocol_get_version (s);
+  }
+
+  void session::set_data (const void *session_data, size_t session_data_size)
+  {
+    RETWRAP (gnutls_session_set_data (s, session_data, session_data_size));
+  }
+
+  void session::get_data (void *session_data, size_t * session_data_size) const
+  {
+    RETWRAP (gnutls_session_get_data (s, session_data, session_data_size));
+  }
+
+  void session::get_data (gnutls_session_t session, gnutls_datum_t & data) const
+  {
+    RETWRAP (gnutls_session_get_data2 (s, &data));
+
+  }
+
+  void session::get_id (void *session_id, size_t * session_id_size) const
+  {
+    RETWRAP (gnutls_session_get_id (s, session_id, session_id_size));
+  }
+
+  bool session::is_resumed () const
+  {
+    int ret = gnutls_session_is_resumed (s);
+
+    return (ret != 0);
+  }
+
+  bool session::get_peers_certificate (std::vector < gnutls_datum_t >
+				       &out_certs) const
+  {
+    const gnutls_datum_t *certs;
+    unsigned int certs_size;
+
+    certs = gnutls_certificate_get_peers (s, &certs_size);
+
+    if (certs == NULL)
+      return false;
+
+    for (unsigned int i = 0; i < certs_size; i++)
+      out_certs.push_back (certs[i]);
+
+    return true;
+  }
+
+  bool session::get_peers_certificate (const gnutls_datum_t ** certs,
+				       unsigned int *certs_size) const
+  {
+    *certs = gnutls_certificate_get_peers (s, certs_size);
+
+    if (*certs == NULL)
+      return false;
+    return true;
+  }
+
+  void session::get_our_certificate (gnutls_datum_t & cert) const
+  {
+    const gnutls_datum_t *d;
+
+    d = gnutls_certificate_get_ours (s);
+    if (d == NULL)
+      throw (exception (GNUTLS_E_INVALID_REQUEST));
+
+    cert = *d;
+  }
+
+  time_t session::get_peers_certificate_activation_time () const
+  {
+    return gnutls_certificate_activation_time_peers (s);
+  }
+
+  time_t session::get_peers_certificate_expiration_time () const
+  {
+    return gnutls_certificate_expiration_time_peers (s);
+  }
+  void session::verify_peers_certificate (unsigned int &status) const
+  {
+    RETWRAP (gnutls_certificate_verify_peers2 (s, &status));
+  }
+
+
+  client_session::client_session ():session (GNUTLS_CLIENT)
+  {
+  }
+
+  client_session::client_session (int flags):session (GNUTLS_CLIENT |
+				  (flags & ~GNUTLS_SERVER))
+  {
+  }
+
+  client_session::~client_session ()
+  {
+  }
+
+// client session
+  void client_session::set_verify_cert (const char *hostname, unsigned flags)
+  {
+    gnutls_session_set_verify_cert(s, hostname, flags);
+  }
+
+  void client_session::set_server_name (gnutls_server_name_type_t type,
+					const void *name, size_t name_length)
+  {
+    RETWRAP (gnutls_server_name_set (s, type, name, name_length));
+  }
+
+  bool client_session::get_request_status ()
+  {
+    return RETWRAP (gnutls_certificate_client_get_request_status (s));
+  }
+
+// server_session
+  void server_session::get_server_name (void *data, size_t * data_length,
+					unsigned int *type,
+					unsigned int indx) const
+  {
+    RETWRAP (gnutls_server_name_get (s, data, data_length, type, indx));
+  }
+
+// internal DB stuff
+  static int store_function (void *_db, gnutls_datum_t key,
+			     gnutls_datum_t data)
+  {
+    try
+    {
+      DB *db = static_cast < DB * >(_db);
+
+      if (db->store (key, data) == false)
+	return -1;
+    }
+    catch (...)
+    {
+      return -1;
+    }
+
+    return 0;
+  }
+
+  const static gnutls_datum_t null_datum = { NULL, 0 };
+
+  static gnutls_datum_t retrieve_function (void *_db, gnutls_datum_t key)
+  {
+    gnutls_datum_t data;
+
+    try
+    {
+      DB *db = static_cast < DB * >(_db);
+
+      if (db->retrieve (key, data) == false)
+	return null_datum;
+
+    }
+    catch (...)
+    {
+      return null_datum;
+    }
+
+    return data;
+  }
+
+  static int remove_function (void *_db, gnutls_datum_t key)
+  {
+    try
+    {
+      DB *db = static_cast < DB * >(_db);
+
+      if (db->remove (key) == false)
+	return -1;
+    }
+    catch (...)
+    {
+      return -1;
+    }
+
+    return 0;
+  }
+
+  void server_session::set_db (const DB & db)
+  {
+    gnutls_db_set_ptr (s, const_cast < DB * >(&db));
+    gnutls_db_set_store_function (s, store_function);
+    gnutls_db_set_retrieve_function (s, retrieve_function);
+    gnutls_db_set_remove_function (s, remove_function);
+  }
+
+  void server_session::set_db_cache_expiration (unsigned int seconds)
+  {
+    gnutls_db_set_cache_expiration (s, seconds);
+  }
+
+  void server_session::db_remove () const
+  {
+    gnutls_db_remove_session (s);
+  }
+
+  bool server_session::db_check_entry (const gnutls_datum_t & session_data) const
+  {
+    int ret = gnutls_db_check_entry (s, session_data);
+
+    if (ret != 0)
+      return true;
+    return false;
+  }
+
+  void session::set_max_handshake_packet_length (size_t max)
+  {
+    gnutls_handshake_set_max_packet_length (s, max);
+  }
+
+  void session::clear_credentials ()
+  {
+    gnutls_credentials_clear (s);
+  }
+
+  void session::set_credentials (const credentials & cred)
+  {
+    RETWRAP (gnutls_credentials_set (s, cred.get_type (), cred.ptr ()));
+  }
+
+  const char *server_session::get_srp_username () const
+  {
+#ifdef ENABLE_SRP
+    return gnutls_srp_server_get_username (s);
+#else
+    return NULL;
+#endif
+  }
+
+  const char *server_session::get_psk_username () const
+  {
+    return gnutls_psk_server_get_username (s);
+  }
+
+
+  void session::set_transport_ptr (gnutls_transport_ptr_t ptr)
+  {
+    gnutls_transport_set_ptr (s, ptr);
+  }
+
+  void session::set_transport_ptr (gnutls_transport_ptr_t recv_ptr,
+				   gnutls_transport_ptr_t send_ptr)
+  {
+    gnutls_transport_set_ptr2 (s, recv_ptr, send_ptr);
+  }
+
+
+  gnutls_transport_ptr_t session::get_transport_ptr () const
+  {
+    return gnutls_transport_get_ptr (s);
+  }
+
+  void session::get_transport_ptr (gnutls_transport_ptr_t & recv_ptr,
+				   gnutls_transport_ptr_t & send_ptr) const
+  {
+    gnutls_transport_get_ptr2 (s, &recv_ptr, &send_ptr);
+  }
+
+  void session::set_transport_lowat (size_t num)
+  {
+    throw (exception (GNUTLS_E_UNIMPLEMENTED_FEATURE));
+  }
+
+  void session::set_transport_push_function (gnutls_push_func push_func)
+  {
+    gnutls_transport_set_push_function (s, push_func);
+  }
+
+  void session::set_transport_vec_push_function (gnutls_vec_push_func vec_push_func)
+  {
+    gnutls_transport_set_vec_push_function (s, vec_push_func);
+  }
+
+  void session::set_transport_pull_function (gnutls_pull_func pull_func)
+  {
+    gnutls_transport_set_pull_function (s, pull_func);
+  }
+
+  void session::set_transport_pull_timeout_function (gnutls_pull_timeout_func pull_timeout_func)
+  {
+    gnutls_transport_set_pull_timeout_function (s, pull_timeout_func);
+  }
+
+  void session::set_user_ptr (void *ptr)
+  {
+    gnutls_session_set_ptr (s, ptr);
+  }
+
+  void *session::get_user_ptr () const
+  {
+    return gnutls_session_get_ptr (s);
+  }
+
+  void session::send_openpgp_cert (gnutls_openpgp_crt_status_t status)
+  {
+#ifdef ENABLE_OPENPGP
+    gnutls_openpgp_send_cert (s, status);
+#endif
+  }
+
+  void session::set_dh_prime_bits (unsigned int bits)
+  {
+    gnutls_dh_set_prime_bits (s, bits);
+  }
+
+  unsigned int session::get_dh_secret_bits () const
+  {
+    return RETWRAP (gnutls_dh_get_secret_bits (s));
+  }
+
+  unsigned int session::get_dh_peers_public_bits () const
+  {
+    return RETWRAP (gnutls_dh_get_peers_public_bits (s));
+  }
+
+  unsigned int session::get_dh_prime_bits () const
+  {
+    return RETWRAP (gnutls_dh_get_prime_bits (s));
+  }
+
+  void session::get_dh_group (gnutls_datum_t & gen,
+			      gnutls_datum_t & prime) const
+  {
+    RETWRAP (gnutls_dh_get_group (s, &gen, &prime));
+  }
+
+  void session::get_dh_pubkey (gnutls_datum_t & raw_key) const
+  {
+    RETWRAP (gnutls_dh_get_pubkey (s, &raw_key));
+  }
+
+#ifdef ENABLE_RSA_EXPORT
+  void session::get_rsa_export_pubkey (gnutls_datum_t & exponent,
+				       gnutls_datum_t & modulus) const
+  {
+    RETWRAP (gnutls_rsa_export_get_pubkey (s, &exponent, &modulus));
+  }
+
+  unsigned int session::get_rsa_export_modulus_bits () const
+  {
+    return RETWRAP (gnutls_rsa_export_get_modulus_bits (s));
+  }
+
+  void certificate_credentials::
+    set_rsa_export_params (const rsa_params & params)
+  {
+    gnutls_certificate_set_rsa_export_params (cred, params.get_params_t ());
+  }
+#endif
+
+  void server_session::
+    set_certificate_request (gnutls_certificate_request_t req)
+  {
+    gnutls_certificate_server_set_request (s, req);
+  }
+
+  gnutls_credentials_type_t session::get_auth_type () const
+  {
+    return gnutls_auth_get_type (s);
+  }
+
+  gnutls_credentials_type_t session::get_server_auth_type () const
+  {
+    return gnutls_auth_server_get_type (s);
+  }
+
+  gnutls_credentials_type_t session::get_client_auth_type () const
+  {
+    return gnutls_auth_client_get_type (s);
+  }
+
+
+  certificate_credentials::~certificate_credentials ()
+  {
+    gnutls_certificate_free_credentials (cred);
+  }
+
+  certificate_credentials::certificate_credentials ():credentials
+    (GNUTLS_CRD_CERTIFICATE)
+  {
+    RETWRAP (gnutls_certificate_allocate_credentials (&cred));
+    set_ptr (cred);
+  }
+
+  void certificate_server_credentials::
+    set_params_function (gnutls_params_function * func)
+  {
+    gnutls_certificate_set_params_function (cred, func);
+  }
+
+  anon_server_credentials::anon_server_credentials ():credentials
+    (GNUTLS_CRD_ANON)
+  {
+    RETWRAP (gnutls_anon_allocate_server_credentials (&cred));
+    set_ptr (cred);
+  }
+
+  anon_server_credentials::~anon_server_credentials ()
+  {
+    gnutls_anon_free_server_credentials (cred);
+  }
+
+  void anon_server_credentials::set_dh_params (const dh_params & params)
+  {
+    gnutls_anon_set_server_dh_params (cred, params.get_params_t ());
+  }
+
+  void anon_server_credentials::set_params_function (gnutls_params_function *
+						     func)
+  {
+    gnutls_anon_set_server_params_function (cred, func);
+  }
+
+  anon_client_credentials::anon_client_credentials ():credentials
+    (GNUTLS_CRD_ANON)
+  {
+    RETWRAP (gnutls_anon_allocate_client_credentials (&cred));
+    set_ptr (cred);
+  }
+
+  anon_client_credentials::~anon_client_credentials ()
+  {
+    gnutls_anon_free_client_credentials (cred);
+  }
+
+  void certificate_credentials::free_keys ()
+  {
+    gnutls_certificate_free_keys (cred);
+  }
+
+  void certificate_credentials::free_cas ()
+  {
+    gnutls_certificate_free_cas (cred);
+  }
+
+  void certificate_credentials::free_ca_names ()
+  {
+    gnutls_certificate_free_ca_names (cred);
+  }
+
+  void certificate_credentials::free_crls ()
+  {
+    gnutls_certificate_free_crls (cred);
+  }
+
+
+  void certificate_credentials::set_dh_params (const dh_params & params)
+  {
+    gnutls_certificate_set_dh_params (cred, params.get_params_t ());
+  }
+
+  void certificate_credentials::set_verify_flags (unsigned int flags)
+  {
+    gnutls_certificate_set_verify_flags (cred, flags);
+  }
+
+  void certificate_credentials::set_verify_limits (unsigned int max_bits,
+						   unsigned int max_depth)
+  {
+    gnutls_certificate_set_verify_limits (cred, max_bits, max_depth);
+  }
+
+  void certificate_credentials::set_x509_trust_file (const char *cafile,
+						     gnutls_x509_crt_fmt_t
+						     type)
+  {
+    RETWRAP (gnutls_certificate_set_x509_trust_file (cred, cafile, type));
+  }
+
+  void certificate_credentials::set_x509_trust (const gnutls_datum_t & CA,
+						gnutls_x509_crt_fmt_t type)
+  {
+    RETWRAP (gnutls_certificate_set_x509_trust_mem (cred, &CA, type));
+  }
+
+
+  void certificate_credentials::set_x509_crl_file (const char *crlfile,
+						   gnutls_x509_crt_fmt_t type)
+  {
+    RETWRAP (gnutls_certificate_set_x509_crl_file (cred, crlfile, type));
+  }
+
+  void certificate_credentials::set_x509_crl (const gnutls_datum_t & CRL,
+					      gnutls_x509_crt_fmt_t type)
+  {
+    RETWRAP (gnutls_certificate_set_x509_crl_mem (cred, &CRL, type));
+  }
+
+  void certificate_credentials::set_x509_key_file (const char *certfile,
+						   const char *keyfile,
+						   gnutls_x509_crt_fmt_t type)
+  {
+    RETWRAP (gnutls_certificate_set_x509_key_file
+	     (cred, certfile, keyfile, type));
+  }
+
+  void certificate_credentials::set_x509_key (const gnutls_datum_t & CERT,
+					      const gnutls_datum_t & KEY,
+					      gnutls_x509_crt_fmt_t type)
+  {
+    RETWRAP (gnutls_certificate_set_x509_key_mem (cred, &CERT, &KEY, type));
+  }
+
+  void certificate_credentials::
+    set_simple_pkcs12_file (const char *pkcs12file,
+			    gnutls_x509_crt_fmt_t type, const char *password)
+  {
+    RETWRAP (gnutls_certificate_set_x509_simple_pkcs12_file
+	     (cred, pkcs12file, type, password));
+  }
+
+  void certificate_credentials::set_x509_key (gnutls_x509_crt_t * cert_list,
+					      int cert_list_size,
+					      gnutls_x509_privkey_t key)
+  {
+    RETWRAP (gnutls_certificate_set_x509_key
+	     (cred, cert_list, cert_list_size, key));
+  }
+
+  void certificate_credentials::set_x509_trust (gnutls_x509_crt_t * ca_list,
+						int ca_list_size)
+  {
+    RETWRAP (gnutls_certificate_set_x509_trust (cred, ca_list, ca_list_size));
+  }
+
+  void certificate_credentials::set_x509_crl (gnutls_x509_crl_t * crl_list,
+					      int crl_list_size)
+  {
+    RETWRAP (gnutls_certificate_set_x509_crl (cred, crl_list, crl_list_size));
+  }
+
+  void certificate_credentials::
+    set_retrieve_function (gnutls_certificate_retrieve_function * func)
+  {
+    gnutls_certificate_set_retrieve_function (cred, func);
+  }
+
+// SRP
+
+#ifdef ENABLE_SRP
+
+  srp_server_credentials::srp_server_credentials ():credentials
+    (GNUTLS_CRD_SRP)
+  {
+    RETWRAP (gnutls_srp_allocate_server_credentials (&cred));
+    set_ptr (cred);
+  }
+
+  srp_server_credentials::~srp_server_credentials ()
+  {
+    gnutls_srp_free_server_credentials (cred);
+  }
+
+  srp_client_credentials::srp_client_credentials ():credentials
+    (GNUTLS_CRD_SRP)
+  {
+    RETWRAP (gnutls_srp_allocate_client_credentials (&cred));
+    set_ptr (cred);
+  }
+
+  srp_client_credentials::~srp_client_credentials ()
+  {
+    gnutls_srp_free_client_credentials (cred);
+  }
+
+  void srp_client_credentials::set_credentials (const char *username,
+						const char *password)
+  {
+    RETWRAP (gnutls_srp_set_client_credentials (cred, username, password));
+  }
+
+  void srp_server_credentials::
+    set_credentials_file (const char *password_file,
+			  const char *password_conf_file)
+  {
+    RETWRAP (gnutls_srp_set_server_credentials_file
+	     (cred, password_file, password_conf_file));
+  }
+
+  void srp_server_credentials::
+    set_credentials_function (gnutls_srp_server_credentials_function * func)
+  {
+    gnutls_srp_set_server_credentials_function (cred, func);
+  }
+
+  void srp_client_credentials::
+    set_credentials_function (gnutls_srp_client_credentials_function * func)
+  {
+    gnutls_srp_set_client_credentials_function (cred, func);
+  }
+
+#endif /* ENABLE_SRP */
+
+// PSK
+
+psk_server_credentials::psk_server_credentials ():credentials
+    (GNUTLS_CRD_PSK)
+  {
+    RETWRAP (gnutls_psk_allocate_server_credentials (&cred));
+    set_ptr (cred);
+  }
+
+  psk_server_credentials::~psk_server_credentials ()
+  {
+    gnutls_psk_free_server_credentials (cred);
+  }
+
+  void psk_server_credentials::
+    set_credentials_file (const char *password_file)
+  {
+    RETWRAP (gnutls_psk_set_server_credentials_file (cred, password_file));
+  }
+
+  void psk_server_credentials::
+    set_credentials_function (gnutls_psk_server_credentials_function * func)
+  {
+    gnutls_psk_set_server_credentials_function (cred, func);
+  }
+
+  void psk_server_credentials::set_dh_params (const dh_params & params)
+  {
+    gnutls_psk_set_server_dh_params (cred, params.get_params_t ());
+  }
+
+  void psk_server_credentials::set_params_function (gnutls_params_function *
+						    func)
+  {
+    gnutls_psk_set_server_params_function (cred, func);
+  }
+
+  psk_client_credentials::psk_client_credentials ():credentials
+    (GNUTLS_CRD_PSK)
+  {
+    RETWRAP (gnutls_psk_allocate_client_credentials (&cred));
+    set_ptr (cred);
+  }
+
+  psk_client_credentials::~psk_client_credentials ()
+  {
+    gnutls_psk_free_client_credentials (cred);
+  }
+
+  void psk_client_credentials::set_credentials (const char *username,
+						const gnutls_datum_t & key,
+						gnutls_psk_key_flags flags)
+  {
+    RETWRAP (gnutls_psk_set_client_credentials (cred, username, &key, flags));
+  }
+
+  void psk_client_credentials::
+    set_credentials_function (gnutls_psk_client_credentials_function * func)
+  {
+    gnutls_psk_set_client_credentials_function (cred, func);
+  }
+
+  credentials::credentials (gnutls_credentials_type_t t):type (t),
+    cred (NULL)
+  {
+  }
+
+  gnutls_credentials_type_t credentials::get_type () const
+  {
+    return type;
+  }
+
+  void *credentials::ptr () const
+  {
+    return cred;
+  }
+
+  void credentials::set_ptr (void *ptr)
+  {
+    cred = ptr;
+  }
+
+  exception::exception (int x)
+  {
+    retcode = x;
+  }
+
+  int exception::get_code ()
+  {
+    return retcode;
+  }
+
+  const char *exception::what () const throw ()
+  {
+    return gnutls_strerror (retcode);
+  }
+
+  dh_params::dh_params ()
+  {
+    RETWRAP (gnutls_dh_params_init (&params));
+  }
+
+  dh_params::~dh_params ()
+  {
+    gnutls_dh_params_deinit (params);
+  }
+
+  void dh_params::import_raw (const gnutls_datum_t & prime,
+			      const gnutls_datum_t & generator)
+  {
+    RETWRAP (gnutls_dh_params_import_raw (params, &prime, &generator));
+  }
+
+  void dh_params::import_pkcs3 (const gnutls_datum_t & pkcs3_params,
+				gnutls_x509_crt_fmt_t format)
+  {
+    RETWRAP (gnutls_dh_params_import_pkcs3 (params, &pkcs3_params, format));
+  }
+
+  void dh_params::generate (unsigned int bits)
+  {
+    RETWRAP (gnutls_dh_params_generate2 (params, bits));
+  }
+
+  void dh_params::export_pkcs3 (gnutls_x509_crt_fmt_t format,
+				unsigned char *params_data,
+				size_t * params_data_size)
+  {
+    RETWRAP (gnutls_dh_params_export_pkcs3
+	     (params, format, params_data, params_data_size));
+  }
+
+  void dh_params::export_raw (gnutls_datum_t & prime,
+			      gnutls_datum_t & generator)
+  {
+    RETWRAP (gnutls_dh_params_export_raw (params, &prime, &generator, NULL));
+  }
+
+  gnutls_dh_params_t dh_params::get_params_t () const
+  {
+    return params;
+  }
+
+  dh_params & dh_params::operator= (const dh_params & src)
+  {
+    dh_params *dst = new dh_params;
+    int ret;
+
+    ret = gnutls_dh_params_cpy (dst->params, src.params);
+
+    if (ret < 0)
+      {
+	delete dst;
+        throw (exception (ret));
+      }
+
+    std::swap (this->params, dst->params);
+    delete dst;
+
+    return *this;
+  }
+
+// RSA
+
+#ifdef ENABLE_RSA_EXPORT
+  rsa_params::rsa_params ()
+  {
+    RETWRAP (gnutls_rsa_params_init (&params));
+  }
+
+  rsa_params::~rsa_params ()
+  {
+    gnutls_rsa_params_deinit (params);
+  }
+
+  void rsa_params::import_pkcs1 (const gnutls_datum_t & pkcs1_params,
+				 gnutls_x509_crt_fmt_t format)
+  {
+    RETWRAP (gnutls_rsa_params_import_pkcs1 (params, &pkcs1_params, format));
+  }
+
+  void rsa_params::generate (unsigned int bits)
+  {
+    RETWRAP (gnutls_rsa_params_generate2 (params, bits));
+  }
+
+  void rsa_params::export_pkcs1 (gnutls_x509_crt_fmt_t format,
+				 unsigned char *params_data,
+				 size_t * params_data_size)
+  {
+    RETWRAP (gnutls_rsa_params_export_pkcs1
+	     (params, format, params_data, params_data_size));
+  }
+
+  gnutls_rsa_params_t rsa_params::get_params_t () const
+  {
+    return params;
+  }
+
+  rsa_params & rsa_params::operator= (const rsa_params & src)
+  {
+    rsa_params *dst = new rsa_params;
+    int ret;
+
+    ret = gnutls_rsa_params_cpy (dst->params, src.params);
+
+    if (ret < 0)
+      {
+	delete dst;
+        throw (exception (ret));
+      }
+
+    std::swap (this->params, dst->params);
+    delete dst;
+
+    return *this;
+  }
+
+  void rsa_params::import_raw (const gnutls_datum_t & m,
+			       const gnutls_datum_t & e,
+			       const gnutls_datum_t & d,
+			       const gnutls_datum_t & p,
+			       const gnutls_datum_t & q,
+			       const gnutls_datum_t & u)
+  {
+
+    RETWRAP (gnutls_rsa_params_import_raw (params, &m, &e, &d, &p, &q, &u));
+  }
+
+
+  void rsa_params::export_raw (gnutls_datum_t & m, gnutls_datum_t & e,
+			       gnutls_datum_t & d, gnutls_datum_t & p,
+			       gnutls_datum_t & q, gnutls_datum_t & u)
+  {
+    RETWRAP (gnutls_rsa_params_export_raw
+	     (params, &m, &e, &d, &p, &q, &u, NULL));
+  }
+#endif
+}				// namespace gnutls
diff --git a/lib/gthreads.h b/lib/gthreads.h
new file mode 100644
index 0000000..72bdb56
--- /dev/null
+++ b/lib/gthreads.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_GTHREADS_H
+#define GNUTLS_LIB_GTHREADS_H
+
+#include <config.h>
+
+/* Using a C99-only compiler installed in parallel with modern C11 environment
+ * will see HAVE_THREADS_H, but won't be able to use _Thread_local. */
+#if __STDC_VERSION__ >= 201112 && !defined(__STDC_NO_THREADS__) && defined(HAVE_THREADS_H)
+# include <threads.h>
+#elif defined(__GNUC__) || defined(__SUNPRO_C) || defined(__xlC__) /* clang is covered by __GNUC__ */
+# define _Thread_local __thread
+#elif defined(_MSC_VER)
+# define _Thread_local __declspec(thread)
+#else
+# error Unsupported platform
+#endif
+
+#endif /* GNUTLS_LIB_GTHREADS_H */
diff --git a/lib/handshake-checks.c b/lib/handshake-checks.c
new file mode 100644
index 0000000..f5a3a4d
--- /dev/null
+++ b/lib/handshake-checks.c
@@ -0,0 +1,135 @@
+/*
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that relate to the TLS handshake procedure.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "debug.h"
+#include "handshake.h"
+#include <auth/cert.h>
+#include "constate.h"
+#include <record.h>
+#include <state.h>
+#include <ext/safe_renegotiation.h>
+#include <auth/anon.h>		/* for gnutls_anon_server_credentials_t */
+#include <auth/psk.h>		/* for gnutls_psk_server_credentials_t */
+#ifdef ENABLE_SRP
+# include <auth/srp_kx.h>
+#endif
+
+int _gnutls_check_id_for_change(gnutls_session_t session)
+{
+	int cred_type;
+
+	/* This checks in PSK and SRP ciphersuites that the username remained the
+	 * same on a rehandshake. */
+	if (session->internals.flags & GNUTLS_ALLOW_ID_CHANGE)
+		return 0;
+
+	cred_type = gnutls_auth_get_type(session);
+	if (cred_type == GNUTLS_CRD_PSK || cred_type == GNUTLS_CRD_SRP) {
+		const char *username = NULL;
+		int username_length;
+
+		if (cred_type == GNUTLS_CRD_PSK) {
+			psk_auth_info_t ai;
+
+			ai = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+			if (ai == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			username = ai->username;
+			username_length = ai->username_len;
+#ifdef ENABLE_SRP
+		} else {
+			srp_server_auth_info_t ai = _gnutls_get_auth_info(session, GNUTLS_CRD_SRP);
+			if (ai == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			username = ai->username;
+			username_length = strlen(ai->username);
+#endif
+		}
+
+		if (username == NULL)
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		if (session->internals.saved_username &&
+		    session->internals.saved_username_size != -1) {
+			if (session->internals.saved_username_size == username_length &&
+			    strncmp(session->internals.saved_username, username, username_length)) {
+				_gnutls_debug_log("Session's PSK username changed during rehandshake; aborting!\n");
+				return gnutls_assert_val(GNUTLS_E_SESSION_USER_ID_CHANGED);
+			}
+		} else if (session->internals.saved_username == NULL &&
+			   session->internals.saved_username_size == -1) {
+			if (username_length > MAX_USERNAME_SIZE)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+			char *tmp = gnutls_malloc(username_length + 1);
+			if (tmp == NULL)
+				return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+			memcpy(tmp, username, username_length);
+			tmp[username_length] = '\0';
+			session->internals.saved_username = tmp;
+			session->internals.saved_username_size = username_length;
+		} else
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	}
+
+	return 0;
+}
+
+int _gnutls_check_if_cert_hash_is_same(gnutls_session_t session, gnutls_certificate_credentials_t cred)
+{
+	cert_auth_info_t ai;
+	char tmp[32];
+	int ret;
+
+	if (session->internals.flags & GNUTLS_ALLOW_ID_CHANGE)
+		return 0;
+
+	ai = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	if (ai == NULL || ai->ncerts == 0)
+		return 0;
+
+	ret = gnutls_hash_fast(GNUTLS_DIG_SHA256, 
+			       ai->raw_certificate_list[0].data,
+			       ai->raw_certificate_list[0].size,
+			       tmp);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (session->internals.cert_hash_set) {
+		if (memcmp(tmp, session->internals.cert_hash, 32) != 0) {
+			_gnutls_debug_log("Session certificate changed during rehandshake; aborting!\n");
+			return gnutls_assert_val(GNUTLS_E_SESSION_USER_ID_CHANGED);
+		}
+	} else {
+		memcpy(session->internals.cert_hash, tmp, 32);
+		session->internals.cert_hash_set = 1;
+	}
+
+	return 0;
+}
diff --git a/lib/handshake-defs.h b/lib/handshake-defs.h
new file mode 100644
index 0000000..0b89cca
--- /dev/null
+++ b/lib/handshake-defs.h
@@ -0,0 +1,49 @@
+/*
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+#ifndef HANDSHAKE_DEFS_H
+#define HANDSHAKE_DEFS_H
+
+#define EARLY_TRAFFIC_LABEL "c e traffic"
+#define EXT_BINDER_LABEL "ext binder"
+#define RES_BINDER_LABEL "res binder"
+#define EARLY_EXPORTER_MASTER_LABEL "e exp master"
+#define HANDSHAKE_CLIENT_TRAFFIC_LABEL "c hs traffic"
+#define HANDSHAKE_SERVER_TRAFFIC_LABEL "s hs traffic"
+#define DERIVED_LABEL "derived"
+#define APPLICATION_CLIENT_TRAFFIC_LABEL "c ap traffic"
+#define APPLICATION_SERVER_TRAFFIC_LABEL "s ap traffic"
+#define APPLICATION_TRAFFIC_UPDATE "traffic upd"
+#define EXPORTER_MASTER_LABEL "exp master"
+#define RMS_MASTER_LABEL "res master"
+#define EXPORTER_LABEL "exporter"
+#define RESUMPTION_LABEL "resumption"
+
+#define HRR_RANDOM \
+	 "\xCF\x21\xAD\x74\xE5\x9A\x61\x11\xBE\x1D\x8C\x02\x1E\x65\xB8\x91" \
+	 "\xC2\xA2\x11\x16\x7A\xBB\x8C\x5E\x07\x9E\x09\xE2\xC8\xA8\x33\x9C"
+
+#define TLS13_TICKETS_TO_SEND 2
+
+/* Enable: Appendix D4.  Middlebox Compatibility Mode */
+#define TLS13_APPENDIX_D4 1
+
+#endif /* HANDSHAKE_DEFS_H */
diff --git a/lib/handshake-tls13.c b/lib/handshake-tls13.c
new file mode 100644
index 0000000..d2c2c13
--- /dev/null
+++ b/lib/handshake-tls13.c
@@ -0,0 +1,768 @@
+/*
+ * Copyright (C) 2017-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that relate to the TLS handshake procedure.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "dh.h"
+#include "debug.h"
+#include "algorithms.h"
+#include "cipher.h"
+#include "buffers.h"
+#include "mbuffers.h"
+#include "kx.h"
+#include "handshake.h"
+#include "num.h"
+#include "hash_int.h"
+#include "db.h"
+#include "hello_ext.h"
+#include "supplemental.h"
+#include "auth.h"
+#include "sslv2_compat.h"
+#include <auth/cert.h>
+#include "constate.h"
+#include <record.h>
+#include <state.h>
+#include <random.h>
+#include <dtls.h>
+#include "secrets.h"
+#include "tls13/hello_retry.h"
+#include "tls13/encrypted_extensions.h"
+#include "tls13/certificate_request.h"
+#include "tls13/certificate_verify.h"
+#include "tls13/certificate.h"
+#include "tls13/early_data.h"
+#include "tls13/finished.h"
+#include "tls13/key_update.h"
+#include "ext/pre_shared_key.h"
+#include "locks.h"
+
+static int generate_rms_keys(gnutls_session_t session);
+static int generate_hs_traffic_keys(gnutls_session_t session);
+static int generate_ap_traffic_keys(gnutls_session_t session);
+
+#define SAVE_TRANSCRIPT \
+	if (session->internals.flags & GNUTLS_POST_HANDSHAKE_AUTH) { \
+		/* If post-handshake auth is in use we need a copy of the original \
+		 * handshake transcript */ \
+		memcpy( &session->internals.post_handshake_hash_buffer, \
+			&session->internals.handshake_hash_buffer, \
+			sizeof(session->internals.handshake_hash_buffer)); \
+		_gnutls_buffer_init(&session->internals.handshake_hash_buffer); \
+	}
+
+/*
+ * _gnutls13_handshake_client
+ * This function performs the client side of the handshake of the TLS/SSL protocol.
+ */
+int _gnutls13_handshake_client(gnutls_session_t session)
+{
+	int ret = 0;
+
+	switch (STATE) {
+	case STATE99:
+	case STATE100:
+#ifdef TLS13_APPENDIX_D4
+		if (session->internals.priorities->tls13_compat_mode &&
+		    /* Key change is indicated by sending an EndOfEarlyData below */
+		    !(session->internals.hsk_flags & HSK_EARLY_DATA_IN_FLIGHT)) {
+			/* We send it before keys are generated. That works because CCS
+			 * is always being cached and queued and not being sent directly */
+			ret = _gnutls_send_change_cipher_spec(session, AGAIN(STATE100));
+			STATE = STATE100;
+			IMED_RET("send change cipher spec", ret, 0);
+		}
+#endif
+		FALLTHROUGH;
+	case STATE101:
+		STATE = STATE101;
+		ret = generate_hs_traffic_keys(session);
+		/* Note that we check IN_FLIGHT, not ACCEPTED
+		 * here. This is because the client sends early data
+		 * speculatively. */
+		IMED_RET_FATAL("generate hs traffic keys", ret, 0);
+		if (session->internals.hsk_flags & HSK_EARLY_DATA_IN_FLIGHT)
+			ret = _tls13_read_connection_state_init(session, STAGE_HS);
+		else
+			ret = _tls13_connection_state_init(session, STAGE_HS);
+		IMED_RET_FATAL("set hs traffic keys", ret, 0);
+		FALLTHROUGH;
+	case STATE102:
+		ret = _gnutls13_recv_encrypted_extensions(session);
+		STATE = STATE102;
+		IMED_RET("recv encrypted extensions", ret, 0);
+		FALLTHROUGH;
+	case STATE103:
+		ret = _gnutls13_recv_certificate_request(session);
+		STATE = STATE103;
+		IMED_RET("recv certificate request", ret, 0);
+		FALLTHROUGH;
+	case STATE104:
+		ret = _gnutls13_recv_certificate(session);
+		STATE = STATE104;
+		IMED_RET("recv certificate", ret, 0);
+		FALLTHROUGH;
+	case STATE105:
+		ret = _gnutls13_recv_certificate_verify(session);
+		STATE = STATE105;
+		IMED_RET("recv server certificate verify", ret, 0);
+		FALLTHROUGH;
+	case STATE106:
+		ret = _gnutls_run_verify_callback(session, GNUTLS_CLIENT);
+		STATE = STATE106;
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		FALLTHROUGH;
+	case STATE107:
+		ret = _gnutls13_recv_finished(session);
+		STATE = STATE107;
+		IMED_RET("recv finished", ret, 0);
+		FALLTHROUGH;
+	case STATE108:
+		ret = _gnutls13_send_end_of_early_data(session, AGAIN(STATE108));
+		STATE = STATE108;
+		IMED_RET("send end of early data", ret, 0);
+
+		/* Note that we check IN_FLIGHT, not ACCEPTED
+		 * here. This is because the client sends early data
+		 * speculatively. */
+		if (session->internals.hsk_flags & HSK_EARLY_DATA_IN_FLIGHT) {
+			session->internals.hsk_flags &= ~HSK_EARLY_DATA_IN_FLIGHT;
+			ret = _tls13_write_connection_state_init(session, STAGE_HS);
+			IMED_RET_FATAL("set hs traffic key after sending early data", ret, 0);
+		}
+		FALLTHROUGH;
+	case STATE109:
+		ret = _gnutls13_send_certificate(session, AGAIN(STATE109));
+		STATE = STATE109;
+		IMED_RET("send certificate", ret, 0);
+		FALLTHROUGH;
+	case STATE110:
+		ret = _gnutls13_send_certificate_verify(session, AGAIN(STATE110));
+		STATE = STATE110;
+		IMED_RET("send certificate verify", ret, 0);
+		FALLTHROUGH;
+	case STATE111:
+		ret = _gnutls13_send_finished(session, AGAIN(STATE111));
+		STATE = STATE111;
+		IMED_RET("send finished", ret, 0);
+		FALLTHROUGH;
+	case STATE112:
+		STATE = STATE112;
+
+		ret =
+		    generate_ap_traffic_keys(session);
+		IMED_RET_FATAL("generate app keys", ret, 0);
+
+		ret = generate_rms_keys(session);
+		IMED_RET_FATAL("generate rms keys", ret, 0);
+
+		/* set traffic keys */
+		ret = _tls13_connection_state_init(session, STAGE_APP);
+		IMED_RET_FATAL("set app keys", ret, 0);
+
+		STATE = STATE0;
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	/* no lock of post_negotiation_lock is required here as this is not run
+	 * after handshake */
+	session->internals.recv_state = RECV_STATE_0;
+	session->internals.initial_negotiation_completed = 1;
+
+	SAVE_TRANSCRIPT;
+
+	if (session->internals.resumed)
+		_gnutls_set_resumed_parameters(session);
+
+	return 0;
+}
+
+static int generate_non_auth_rms_keys(gnutls_session_t session)
+{
+	int ret;
+	/* we simulate client finished */
+	uint8_t finished[MAX_HASH_SIZE+TLS_HANDSHAKE_HEADER_SIZE];
+	unsigned spos;
+
+	ret = _gnutls13_compute_finished(session->security_parameters.prf,
+					 session->key.proto.tls13.hs_ckey,
+					 &session->internals.handshake_hash_buffer,
+					 finished+TLS_HANDSHAKE_HEADER_SIZE);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	spos = session->internals.handshake_hash_buffer.length;
+
+	finished[0] = GNUTLS_HANDSHAKE_FINISHED;
+	_gnutls_write_uint24(session->security_parameters.prf->output_size, finished+1);
+
+	ret = _gnutls_buffer_append_data(&session->internals.handshake_hash_buffer, finished,
+					 TLS_HANDSHAKE_HEADER_SIZE+session->security_parameters.prf->output_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _tls13_derive_secret(session, RMS_MASTER_LABEL, sizeof(RMS_MASTER_LABEL)-1,
+				   session->internals.handshake_hash_buffer.data,
+				   session->internals.handshake_hash_buffer.length,
+				   session->key.proto.tls13.temp_secret,
+				   session->key.proto.tls13.ap_rms);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	session->internals.handshake_hash_buffer.length = spos;
+
+	return 0;
+}
+
+static int generate_rms_keys(gnutls_session_t session)
+{
+	int ret;
+
+	ret = _tls13_derive_secret(session, RMS_MASTER_LABEL, sizeof(RMS_MASTER_LABEL)-1,
+				   session->internals.handshake_hash_buffer.data,
+				   session->internals.handshake_hash_buffer_client_finished_len,
+				   session->key.proto.tls13.temp_secret,
+				   session->key.proto.tls13.ap_rms);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+static int generate_ap_traffic_keys(gnutls_session_t session)
+{
+	int ret;
+	uint8_t zero[MAX_HASH_SIZE];
+
+	ret = _tls13_derive_secret(session, DERIVED_LABEL, sizeof(DERIVED_LABEL)-1,
+				   NULL, 0, session->key.proto.tls13.temp_secret,
+				   session->key.proto.tls13.temp_secret);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	memset(zero, 0, session->security_parameters.prf->output_size);
+	ret = _tls13_update_secret(session, zero, session->security_parameters.prf->output_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _tls13_derive_secret(session, EXPORTER_MASTER_LABEL, sizeof(EXPORTER_MASTER_LABEL)-1,
+				   session->internals.handshake_hash_buffer.data,
+				   session->internals.handshake_hash_buffer_server_finished_len,
+				   session->key.proto.tls13.temp_secret,
+				   session->key.proto.tls13.ap_expkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_call_keylog_func(session, "EXPORTER_SECRET",
+				       session->key.proto.tls13.ap_expkey,
+				       session->security_parameters.prf->output_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_epoch_bump(session);
+	ret = _gnutls_epoch_dup(session, EPOCH_READ_CURRENT);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+static int generate_hs_traffic_keys(gnutls_session_t session)
+{
+	int ret;
+	unsigned null_key = 0;
+
+	if (unlikely(session->key.proto.tls13.temp_secret_size == 0))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	ret = _tls13_derive_secret(session, DERIVED_LABEL, sizeof(DERIVED_LABEL)-1,
+				   NULL, 0, session->key.proto.tls13.temp_secret,
+				   session->key.proto.tls13.temp_secret);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if ((session->security_parameters.entity == GNUTLS_CLIENT &&
+	      (!(session->internals.hsk_flags & HSK_KEY_SHARE_RECEIVED) ||
+	        (!(session->internals.hsk_flags & HSK_PSK_KE_MODE_DHE_PSK) &&
+	           session->internals.resumed))) ||
+	    (session->security_parameters.entity == GNUTLS_SERVER &&
+	      !(session->internals.hsk_flags & HSK_KEY_SHARE_SENT))) {
+
+		if ((session->internals.hsk_flags & HSK_PSK_SELECTED) &&
+		    (session->internals.hsk_flags & HSK_PSK_KE_MODE_PSK)) {
+			null_key = 1;
+		}
+	}
+
+	if (null_key) {
+		uint8_t digest[MAX_HASH_SIZE];
+		unsigned digest_size;
+
+		if (unlikely(session->security_parameters.prf == NULL))
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		digest_size = session->security_parameters.prf->output_size;
+		memset(digest, 0, digest_size);
+
+		ret = _tls13_update_secret(session, digest, digest_size);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	} else {
+		if (unlikely(session->key.key.size == 0))
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		ret = _tls13_update_secret(session, session->key.key.data, session->key.key.size);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	return 0;
+}
+
+/*
+ * _gnutls13_handshake_server
+ * This function does the server stuff of the handshake protocol.
+ */
+int _gnutls13_handshake_server(gnutls_session_t session)
+{
+	int ret = 0;
+
+	switch (STATE) {
+	case STATE90:
+		ret = _gnutls13_handshake_hash_buffers_synth(session, session->security_parameters.prf, 0);
+		STATE = STATE90;
+		IMED_RET_FATAL("reset handshake buffers", ret, 0);
+		FALLTHROUGH;
+	case STATE91:
+		ret = _gnutls13_send_hello_retry_request(session, AGAIN(STATE91));
+		STATE = STATE91;
+		IMED_RET("send hello retry request", ret, 0);
+		FALLTHROUGH;
+	case STATE92:
+#ifdef TLS13_APPENDIX_D4
+		if (session->internals.priorities->tls13_compat_mode) {
+			ret = _gnutls_send_change_cipher_spec(session, AGAIN(STATE92));
+			STATE = STATE92;
+			IMED_RET("send change cipher spec", ret, 0);
+		}
+#endif
+		FALLTHROUGH;
+	case STATE93:
+		ret =
+		    _gnutls_recv_handshake(session,
+					   GNUTLS_HANDSHAKE_CLIENT_HELLO,
+					   0, NULL);
+		if (ret == GNUTLS_E_INT_RET_0) {
+			/* this is triggered by post_client_hello, and instructs the
+			 * handshake to proceed but be put on hold */
+			ret = GNUTLS_E_INTERRUPTED;
+			STATE = STATE94; /* hello already parsed -> move to next state */
+		} else {
+			STATE = STATE93;
+		}
+
+		IMED_RET("recv client hello", ret, 0);
+		FALLTHROUGH;
+	case STATE94:
+		ret = _gnutls_send_server_hello(session, AGAIN(STATE94));
+		STATE = STATE94;
+		IMED_RET("send hello", ret, 0);
+		FALLTHROUGH;
+	case STATE99:
+	case STATE100:
+#ifdef TLS13_APPENDIX_D4
+		/* don't send CCS twice: when HRR has already been
+		 * sent, CCS should have followed it (see above) */
+		if (session->internals.priorities->tls13_compat_mode &&
+		    !(session->internals.hsk_flags & HSK_HRR_SENT)) {
+			ret = _gnutls_send_change_cipher_spec(session, AGAIN(STATE100));
+			STATE = STATE100;
+			IMED_RET("send change cipher spec", ret, 0);
+		}
+#endif
+		FALLTHROUGH;
+	case STATE101:
+		STATE = STATE101;
+
+		ret = generate_hs_traffic_keys(session);
+		IMED_RET_FATAL("generate hs traffic keys", ret, 0);
+
+		if (session->internals.hsk_flags & HSK_EARLY_DATA_ACCEPTED) {
+			ret = _tls13_write_connection_state_init(session, STAGE_HS);
+		} else {
+			ret = _tls13_connection_state_init(session, STAGE_HS);
+		}
+		IMED_RET_FATAL("set hs traffic keys", ret, 0);
+		FALLTHROUGH;
+	case STATE102:
+		ret = _gnutls13_send_encrypted_extensions(session, AGAIN(STATE102));
+		STATE = STATE102;
+		IMED_RET("send encrypted extensions", ret, 0);
+		FALLTHROUGH;
+	case STATE103:
+		ret = _gnutls13_send_certificate_request(session, AGAIN(STATE103));
+		STATE = STATE103;
+		IMED_RET("send certificate request", ret, 0);
+		FALLTHROUGH;
+	case STATE104:
+		ret = _gnutls13_send_certificate(session, AGAIN(STATE104));
+		STATE = STATE104;
+		IMED_RET("send certificate", ret, 0);
+		FALLTHROUGH;
+	case STATE105:
+		ret = _gnutls13_send_certificate_verify(session, AGAIN(STATE105));
+		STATE = STATE105;
+		IMED_RET("send certificate verify", ret, 0);
+		FALLTHROUGH;
+	case STATE106:
+		ret = _gnutls13_send_finished(session, AGAIN(STATE106));
+		STATE = STATE106;
+		IMED_RET("send finished", ret, 0);
+		FALLTHROUGH;
+	case STATE107:
+		ret = _gnutls13_recv_end_of_early_data(session);
+		STATE = STATE107;
+		IMED_RET("recv end of early data", ret, 0);
+
+		if (session->internals.hsk_flags & HSK_EARLY_DATA_ACCEPTED) {
+			ret = _tls13_read_connection_state_init(session, STAGE_HS);
+			IMED_RET_FATAL("set hs traffic key after receiving early data", ret, 0);
+		}
+		FALLTHROUGH;
+	case STATE108:
+		/* At this point our sending keys should be the app keys
+		 * see 4.4.4 at draft-ietf-tls-tls13-28 */
+		ret =
+		    generate_ap_traffic_keys(session);
+		IMED_RET_FATAL("generate app keys", ret, 0);
+
+		/* If the session is unauthenticated, try to optimize the handshake by
+		 * sending the session ticket early. */
+		if (!(session->internals.hsk_flags & (HSK_CRT_REQ_SENT|HSK_PSK_SELECTED))) {
+			STATE = STATE108;
+
+			ret = generate_non_auth_rms_keys(session);
+			IMED_RET_FATAL("generate rms keys", ret, 0);
+
+			session->internals.hsk_flags |= HSK_EARLY_START_USED;
+			_gnutls_handshake_log("HSK[%p]: unauthenticated session eligible for early start\n", session);
+		}
+
+		ret = _tls13_write_connection_state_init(session, STAGE_APP);
+		IMED_RET_FATAL("set write app keys", ret, 0);
+
+		_gnutls_handshake_log("HSK[%p]: switching early to application traffic keys\n", session);
+
+		FALLTHROUGH;
+	case STATE109:
+		if (session->internals.resumed)
+			_gnutls_set_resumed_parameters(session);
+
+		if (session->internals.hsk_flags & HSK_EARLY_START_USED) {
+			if (!(session->internals.flags & GNUTLS_NO_AUTO_SEND_TICKET) &&
+			    _gnutls13_can_send_session_ticket(session)) {
+				ret = _gnutls13_send_session_ticket(session, TLS13_TICKETS_TO_SEND,
+								    AGAIN(STATE109));
+			}
+
+			STATE = STATE109;
+			IMED_RET("send session ticket", ret, 0);
+
+			/* complete this phase of the handshake. We
+			 * should be called again by gnutls_record_recv()
+			 */
+
+			if (session->internals.flags & GNUTLS_ENABLE_EARLY_START) {
+				STATE = STATE113; /* finished */
+				gnutls_assert();
+
+				session->internals.recv_state = RECV_STATE_EARLY_START;
+				return 0;
+			}
+		}
+		FALLTHROUGH;
+	case STATE110:
+		ret = _gnutls13_recv_certificate(session);
+		STATE = STATE110;
+		IMED_RET("recv certificate", ret, 0);
+		FALLTHROUGH;
+	case STATE111:
+		ret = _gnutls13_recv_certificate_verify(session);
+		STATE = STATE111;
+		IMED_RET("recv certificate verify", ret, 0);
+		FALLTHROUGH;
+	case STATE112:
+		ret = _gnutls_run_verify_callback(session, GNUTLS_CLIENT);
+		STATE = STATE112;
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		FALLTHROUGH;
+	case STATE113: /* can enter from STATE109 */
+		ret = _gnutls13_recv_finished(session);
+		STATE = STATE113;
+		IMED_RET("recv finished", ret, 0);
+		FALLTHROUGH;
+	case STATE114:
+		/* If we did request a client certificate, then we can
+		 * only send the tickets here */
+		STATE = STATE114;
+
+		if (!(session->internals.hsk_flags & HSK_EARLY_START_USED)) {
+			ret = generate_rms_keys(session);
+			IMED_RET_FATAL("generate rms keys", ret, 0);
+		}
+
+		ret = _tls13_read_connection_state_init(session, STAGE_APP);
+		IMED_RET_FATAL("set read app keys", ret, 0);
+
+		FALLTHROUGH;
+	case STATE115:
+		if (!(session->internals.hsk_flags & (HSK_TLS13_TICKET_SENT|HSK_EARLY_START_USED)) &&
+		    !(session->internals.flags & GNUTLS_NO_AUTO_SEND_TICKET) &&
+		    _gnutls13_can_send_session_ticket(session)) {
+			ret = _gnutls13_send_session_ticket(session, TLS13_TICKETS_TO_SEND,
+							    AGAIN(STATE115));
+			STATE = STATE115;
+			IMED_RET("send session ticket", ret, 0);
+		}
+
+		STATE = STATE0;
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	/* explicitly reset any early start flags */
+	gnutls_mutex_lock(&session->internals.post_negotiation_lock);
+	session->internals.recv_state = RECV_STATE_0;
+	session->internals.initial_negotiation_completed = 1;
+	gnutls_mutex_unlock(&session->internals.post_negotiation_lock);
+
+	SAVE_TRANSCRIPT;
+
+
+	return 0;
+}
+
+/* Processes handshake messages received asynchronously after initial handshake.
+ *
+ * It is called once per message and should return success, or a fatal error code.
+ */
+int
+_gnutls13_recv_async_handshake(gnutls_session_t session)
+{
+	int ret;
+	handshake_buffer_st hsk;
+	recv_state_t next_state = RECV_STATE_0;
+
+	/* The following messages are expected asynchronously after
+	 * the handshake process is complete */
+	if (unlikely(session->internals.handshake_in_progress))
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+
+	do {
+		_gnutls_handshake_buffer_init(&hsk);
+
+		/* the received handshake message has already been pushed into
+		 * handshake buffers. As we do not need to use the handshake hash
+		 * buffers we call the lower level receive functions */
+		ret = _gnutls_handshake_io_recv_int(session, GNUTLS_HANDSHAKE_ANY, &hsk, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		session->internals.last_handshake_in = hsk.htype;
+
+		ret = _gnutls_call_hook_func(session, hsk.htype, GNUTLS_HOOK_PRE, 1,
+					     hsk.data.data, hsk.data.length);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		switch(hsk.htype) {
+			case GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST:
+				if (!(session->security_parameters.entity == GNUTLS_CLIENT) ||
+				    !(session->internals.flags & GNUTLS_POST_HANDSHAKE_AUTH)) {
+					ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+					goto cleanup;
+				}
+
+				_gnutls_buffer_reset(&session->internals.reauth_buffer);
+
+				/* include the handshake headers in reauth buffer */
+				ret = _gnutls_buffer_append_data(&session->internals.reauth_buffer,
+								 hsk.header, hsk.header_size);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+
+				ret = _gnutls_buffer_append_data(&session->internals.reauth_buffer,
+								 hsk.data.data, hsk.data.length);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+
+				if (session->internals.flags & GNUTLS_AUTO_REAUTH) {
+					ret = gnutls_reauth(session, 0);
+					if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) {
+						next_state = RECV_STATE_REAUTH;
+					} else if (ret < 0) {
+						gnutls_assert();
+						goto cleanup;
+					}
+				} else {
+					/* Application is expected to handle re-authentication
+					 * explicitly.  */
+					ret = GNUTLS_E_REAUTH_REQUEST;
+				}
+
+				goto cleanup;
+
+			case GNUTLS_HANDSHAKE_KEY_UPDATE:
+				ret = _gnutls13_recv_key_update(session, &hsk.data);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+
+				/* Handshake messages MUST NOT span key changes, i.e., we
+				 * should not have any other pending handshake messages from
+				 * the same record. */
+				if (session->internals.handshake_recv_buffer_size != 0) {
+					ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+					goto cleanup;
+				}
+				break;
+			case GNUTLS_HANDSHAKE_NEW_SESSION_TICKET:
+				if (session->security_parameters.entity != GNUTLS_CLIENT) {
+					ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+					goto cleanup;
+				}
+
+				ret = _gnutls13_recv_session_ticket(session, &hsk.data);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+
+				memcpy(session->internals.tls13_ticket.resumption_master_secret,
+				       session->key.proto.tls13.ap_rms,
+				       session->key.proto.tls13.temp_secret_size);
+
+				session->internals.tls13_ticket.prf = session->security_parameters.prf;
+				session->internals.hsk_flags |= HSK_TICKET_RECEIVED;
+				break;
+			default:
+				gnutls_assert();
+				ret = GNUTLS_E_UNEXPECTED_PACKET;
+				goto cleanup;
+		}
+
+		ret = _gnutls_call_hook_func(session, hsk.htype, GNUTLS_HOOK_POST, 1, hsk.data.data, hsk.data.length);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		_gnutls_handshake_buffer_clear(&hsk);
+
+	} while (_gnutls_record_buffer_get_size(session) > 0);
+
+	session->internals.recv_state = next_state;
+
+	return 0;
+
+ cleanup:
+	/* if we have pending/partial handshake data in buffers, ensure that
+	 * next read will read handshake data */
+	if (_gnutls_record_buffer_get_size(session) > 0)
+		session->internals.recv_state = RECV_STATE_ASYNC_HANDSHAKE;
+	else
+		session->internals.recv_state = next_state;
+
+	_gnutls_handshake_buffer_clear(&hsk);
+	return ret;
+}
+
+/**
+ * gnutls_session_ticket_send:
+ * @session: is a #gnutls_session_t type.
+ * @nr: the number of tickets to send
+ * @flags: must be zero
+ *
+ * Sends a fresh session ticket to the peer. This is relevant only
+ * in server side under TLS1.3. This function may also return %GNUTLS_E_AGAIN
+ * or %GNUTLS_E_INTERRUPTED and in that case it must be called again.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or a negative error code.
+ **/
+int gnutls_session_ticket_send(gnutls_session_t session, unsigned nr, unsigned flags)
+{
+	int ret = 0;
+	const version_entry_st *vers = get_version(session);
+
+	if (!vers->tls13_sem || session->security_parameters.entity == GNUTLS_CLIENT)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (nr == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	switch (TICKET_STATE) {
+	case TICKET_STATE0:
+		ret = _gnutls_io_write_flush(session);
+		TICKET_STATE = TICKET_STATE0;
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+		FALLTHROUGH;
+	case TICKET_STATE1:
+		ret =
+		    _gnutls13_send_session_ticket(session, nr, TICKET_STATE==TICKET_STATE1?1:0);
+		TICKET_STATE = TICKET_STATE1;
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	TICKET_STATE = TICKET_STATE0;
+
+	return 0;
+}
diff --git a/lib/handshake.c b/lib/handshake.c
new file mode 100644
index 0000000..21edc5e
--- /dev/null
+++ b/lib/handshake.c
@@ -0,0 +1,3788 @@
+/*
+ * Copyright (C) 2000-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that relate to the TLS handshake procedure.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "dh.h"
+#include "debug.h"
+#include "algorithms.h"
+#include "cipher.h"
+#include "buffers.h"
+#include "mbuffers.h"
+#include "kx.h"
+#include "handshake.h"
+#include "num.h"
+#include "hash_int.h"
+#include "db.h"
+#include "hello_ext.h"
+#include "supplemental.h"
+#include "auth.h"
+#include "sslv2_compat.h"
+#include <auth/cert.h>
+#include "constate.h"
+#include <record.h>
+#include <state.h>
+#include <ext/pre_shared_key.h>
+#include <ext/srp.h>
+#include <ext/session_ticket.h>
+#include <ext/status_request.h>
+#include <ext/safe_renegotiation.h>
+#include <auth/anon.h>		/* for gnutls_anon_server_credentials_t */
+#include <auth/psk.h>		/* for gnutls_psk_server_credentials_t */
+#include <random.h>
+#include <dtls.h>
+#include "secrets.h"
+#include "tls13/early_data.h"
+#include "tls13/session_ticket.h"
+#include "locks.h"
+#include "system/ktls.h"
+
+
+static int check_if_null_comp_present(gnutls_session_t session,
+					     uint8_t * data, int datalen);
+static int handshake_client(gnutls_session_t session);
+static int handshake_server(gnutls_session_t session);
+
+static int
+read_server_hello(gnutls_session_t session,
+		  uint8_t * data, int datalen);
+
+static int
+recv_handshake_final(gnutls_session_t session, int init);
+static int
+send_handshake_final(gnutls_session_t session, int init);
+
+/* Empties but does not free the buffer
+ */
+inline static void
+handshake_hash_buffer_reset(gnutls_session_t session)
+{
+	_gnutls_buffers_log("BUF[HSK]: Emptied buffer\n");
+
+	session->internals.handshake_hash_buffer_client_hello_len = 0;
+	session->internals.handshake_hash_buffer_client_kx_len = 0;
+	session->internals.handshake_hash_buffer_server_finished_len = 0;
+	session->internals.handshake_hash_buffer_client_finished_len = 0;
+	session->internals.handshake_hash_buffer_prev_len = 0;
+	session->internals.handshake_hash_buffer.length = 0;
+	session->internals.full_client_hello.length = 0;
+	return;
+}
+
+static int
+handshake_hash_add_recvd(gnutls_session_t session,
+			 gnutls_handshake_description_t recv_type,
+			 uint8_t * header, uint16_t header_size,
+			 uint8_t * dataptr, uint32_t datalen);
+
+static int
+handshake_hash_add_sent(gnutls_session_t session,
+			gnutls_handshake_description_t type,
+			uint8_t * dataptr, uint32_t datalen);
+
+static int
+recv_hello_verify_request(gnutls_session_t session,
+			  uint8_t * data, int datalen);
+
+
+/* Clears the handshake hash buffers and handles.
+ */
+void _gnutls_handshake_hash_buffers_clear(gnutls_session_t session)
+{
+	handshake_hash_buffer_reset(session);
+	_gnutls_buffer_clear(&session->internals.handshake_hash_buffer);
+	_gnutls_buffer_clear(&session->internals.full_client_hello);
+}
+
+/* Replace handshake message buffer, with the special synthetic message
+ * needed by TLS1.3 when HRR is sent. */
+int _gnutls13_handshake_hash_buffers_synth(gnutls_session_t session,
+					   const mac_entry_st *prf,
+					   unsigned client)
+{
+	int ret;
+	uint8_t hdata[4+MAX_HASH_SIZE];
+	size_t length;
+
+	if (client)
+		length = session->internals.handshake_hash_buffer_prev_len;
+	else
+		length = session->internals.handshake_hash_buffer.length;
+
+	/* calculate hash */
+	hdata[0] = 254;
+	_gnutls_write_uint24(prf->output_size, &hdata[1]);
+
+	ret = gnutls_hash_fast((gnutls_digest_algorithm_t)prf->id,
+			       session->internals.handshake_hash_buffer.data,
+			       length, hdata+4);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	handshake_hash_buffer_reset(session);
+
+	ret =
+	    _gnutls_buffer_append_data(&session->internals.
+				       handshake_hash_buffer,
+				       hdata, prf->output_size+4);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_buffers_log("BUF[HSK]: Replaced handshake buffer with synth message (%d bytes)\n",
+			    prf->output_size+4);
+
+	return 0;
+}
+
+/* this will copy the required values for resuming to
+ * internals, and to security_parameters.
+ * this will keep as less data to security_parameters.
+ */
+static int tls12_resume_copy_required_vals(gnutls_session_t session, unsigned ticket)
+{
+	int ret;
+
+	/* get the new random values */
+	memcpy(session->internals.resumed_security_parameters.
+	       server_random, session->security_parameters.server_random,
+	       GNUTLS_RANDOM_SIZE);
+	memcpy(session->internals.resumed_security_parameters.
+	       client_random, session->security_parameters.client_random,
+	       GNUTLS_RANDOM_SIZE);
+
+	/* keep the ciphersuite and compression
+	 * That is because the client must see these in our
+	 * hello message.
+	 */
+	ret = _gnutls_set_cipher_suite2(session,
+				       session->internals.
+				       resumed_security_parameters.
+				       cs);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* or write_compression_algorithm
+	 * they are the same
+	 */
+
+	session->security_parameters.entity =
+	    session->internals.resumed_security_parameters.entity;
+
+	if (session->internals.resumed_security_parameters.pversion ==
+	    NULL)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (_gnutls_set_current_version(session,
+				    session->internals.
+				    resumed_security_parameters.pversion->
+				    id) < 0)
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+	session->security_parameters.client_ctype =
+	    session->internals.resumed_security_parameters.client_ctype;
+	session->security_parameters.server_ctype =
+	    session->internals.resumed_security_parameters.server_ctype;
+
+	if (!ticket) {
+		memcpy(session->security_parameters.session_id,
+		       session->internals.resumed_security_parameters.session_id,
+		       sizeof(session->security_parameters.session_id));
+		session->security_parameters.session_id_size =
+		    session->internals.resumed_security_parameters.session_id_size;
+	}
+
+	return 0;
+}
+
+void _gnutls_set_client_random(gnutls_session_t session, uint8_t * rnd)
+{
+	_gnutls_memory_mark_defined(session->security_parameters.client_random,
+				    GNUTLS_RANDOM_SIZE);
+	memcpy(session->security_parameters.client_random, rnd,
+	       GNUTLS_RANDOM_SIZE);
+}
+
+static
+int _gnutls_gen_client_random(gnutls_session_t session)
+{
+	int ret;
+
+	/* no random given, we generate. */
+	if (session->internals.sc_random_set != 0) {
+		_gnutls_memory_mark_defined(session->security_parameters.client_random,
+					    GNUTLS_RANDOM_SIZE);
+		memcpy(session->security_parameters.client_random,
+		       session->internals.
+		       resumed_security_parameters.client_random,
+		       GNUTLS_RANDOM_SIZE);
+	} else {
+		_gnutls_memory_mark_defined(session->security_parameters.client_random,
+					    GNUTLS_RANDOM_SIZE);
+		ret = gnutls_rnd(GNUTLS_RND_NONCE,
+			session->security_parameters.client_random,
+			GNUTLS_RANDOM_SIZE);
+		if (ret < 0) {
+			_gnutls_memory_mark_undefined(session->security_parameters.client_random,
+						      GNUTLS_RANDOM_SIZE);
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	return 0;
+}
+
+static
+int _gnutls_set_server_random(gnutls_session_t session, const version_entry_st *vers, uint8_t * rnd)
+{
+	const version_entry_st *max;
+
+	_gnutls_memory_mark_defined(session->security_parameters.server_random,
+				    GNUTLS_RANDOM_SIZE);
+	memcpy(session->security_parameters.server_random, rnd,
+	       GNUTLS_RANDOM_SIZE);
+
+	/* check whether the server random value is set according to
+	 * to TLS 1.3. p4.1.3 requirements */
+	if (!IS_DTLS(session) && vers->id <= GNUTLS_TLS1_2 && have_creds_for_tls13(session)) {
+
+		max = _gnutls_version_max(session);
+		if (max->id <= GNUTLS_TLS1_2)
+			return 0;
+
+		if (vers->id == GNUTLS_TLS1_2 &&
+		    memcmp(&session->security_parameters.server_random[GNUTLS_RANDOM_SIZE-8],
+		    "\x44\x4F\x57\x4E\x47\x52\x44\x01", 8) == 0) {
+
+			_gnutls_audit_log(session,
+				  "Detected downgrade to TLS 1.2 from TLS 1.3\n");
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+		} else if (vers->id <= GNUTLS_TLS1_1 &&
+			   memcmp(&session->security_parameters.server_random[GNUTLS_RANDOM_SIZE-8],
+			   "\x44\x4F\x57\x4E\x47\x52\x44\x00", 8) == 0) {
+
+			_gnutls_audit_log(session,
+				  "Detected downgrade to TLS 1.1 or earlier from TLS 1.3\n");
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+		}
+	}
+
+	return 0;
+}
+
+int _gnutls_gen_server_random(gnutls_session_t session, int version)
+{
+	int ret;
+	const version_entry_st *max;
+
+	if (session->internals.sc_random_set != 0) {
+		_gnutls_memory_mark_defined(session->security_parameters.server_random,
+					    GNUTLS_RANDOM_SIZE);
+		memcpy(session->security_parameters.server_random,
+		       session->internals.
+		       resumed_security_parameters.server_random,
+		       GNUTLS_RANDOM_SIZE);
+		return 0;
+	}
+
+	max = _gnutls_version_max(session);
+	if (max == NULL)
+		return gnutls_assert_val(GNUTLS_E_NO_CIPHER_SUITES);
+
+	_gnutls_memory_mark_defined(session->security_parameters.server_random,
+				    GNUTLS_RANDOM_SIZE);
+
+	if (!IS_DTLS(session) && max->id >= GNUTLS_TLS1_3 &&
+	    version <= GNUTLS_TLS1_2) {
+		if (version == GNUTLS_TLS1_2) {
+			memcpy(&session->security_parameters.server_random[GNUTLS_RANDOM_SIZE-8],
+				"\x44\x4F\x57\x4E\x47\x52\x44\x01", 8);
+		} else {
+			memcpy(&session->security_parameters.server_random[GNUTLS_RANDOM_SIZE-8],
+				"\x44\x4F\x57\x4E\x47\x52\x44\x00", 8);
+		}
+		ret =
+		    gnutls_rnd(GNUTLS_RND_NONCE, session->security_parameters.server_random, GNUTLS_RANDOM_SIZE-8);
+
+	} else {
+		ret =
+		    gnutls_rnd(GNUTLS_RND_NONCE, session->security_parameters.server_random, GNUTLS_RANDOM_SIZE);
+	}
+
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_memory_mark_undefined(session->security_parameters.server_random,
+					      GNUTLS_RANDOM_SIZE);
+		return ret;
+	}
+
+	return 0;
+}
+
+#ifdef ENABLE_SSL3
+/* Calculate The SSL3 Finished message
+ */
+#define SSL3_CLIENT_MSG "CLNT"
+#define SSL3_SERVER_MSG "SRVR"
+#define SSL_MSG_LEN 4
+static int
+_gnutls_ssl3_finished(gnutls_session_t session, int type, uint8_t * ret,
+		      int sending)
+{
+	digest_hd_st td_md5;
+	digest_hd_st td_sha;
+	const char *mesg;
+	int rc, len;
+
+	if (sending)
+		len = session->internals.handshake_hash_buffer.length;
+	else
+		len = session->internals.handshake_hash_buffer_prev_len;
+
+	rc = _gnutls_hash_init(&td_sha, hash_to_entry(GNUTLS_DIG_SHA1));
+	if (rc < 0)
+		return gnutls_assert_val(rc);
+
+	rc = _gnutls_hash_init(&td_md5, hash_to_entry(GNUTLS_DIG_MD5));
+	if (rc < 0) {
+		_gnutls_hash_deinit(&td_sha, NULL);
+		return gnutls_assert_val(rc);
+	}
+
+	_gnutls_hash(&td_sha,
+		     session->internals.handshake_hash_buffer.data, len);
+	_gnutls_hash(&td_md5,
+		     session->internals.handshake_hash_buffer.data, len);
+
+	if (type == GNUTLS_SERVER)
+		mesg = SSL3_SERVER_MSG;
+	else
+		mesg = SSL3_CLIENT_MSG;
+
+	_gnutls_hash(&td_md5, mesg, SSL_MSG_LEN);
+	_gnutls_hash(&td_sha, mesg, SSL_MSG_LEN);
+
+	rc = _gnutls_mac_deinit_ssl3_handshake(&td_md5, ret,
+					       session->security_parameters.
+					       master_secret,
+					       GNUTLS_MASTER_SIZE);
+	if (rc < 0) {
+		_gnutls_hash_deinit(&td_md5, NULL);
+		_gnutls_hash_deinit(&td_sha, NULL);
+		return gnutls_assert_val(rc);
+	}
+
+	rc = _gnutls_mac_deinit_ssl3_handshake(&td_sha, &ret[16],
+					       session->security_parameters.
+					       master_secret,
+					       GNUTLS_MASTER_SIZE);
+	if (rc < 0) {
+		_gnutls_hash_deinit(&td_sha, NULL);
+		return gnutls_assert_val(rc);
+	}
+
+	return 0;
+}
+#endif
+
+/* Hash the handshake messages as required by TLS 1.0
+ */
+#define SERVER_MSG "server finished"
+#define CLIENT_MSG "client finished"
+#define TLS_MSG_LEN 15
+static int
+_gnutls_finished(gnutls_session_t session, int type, void *ret,
+		 int sending)
+{
+	const int siz = TLS_MSG_LEN;
+	uint8_t concat[MAX_HASH_SIZE];
+	size_t hash_len;
+	const char *mesg;
+	int rc, len, algorithm;
+
+	if (sending)
+		len = session->internals.handshake_hash_buffer.length;
+	else
+		len = session->internals.handshake_hash_buffer_prev_len;
+
+	algorithm = session->security_parameters.prf->id;
+	rc = _gnutls_hash_fast(algorithm,
+			       session->internals.
+			       handshake_hash_buffer.data, len,
+			       concat);
+	if (rc < 0)
+		return gnutls_assert_val(rc);
+
+	hash_len = session->security_parameters.prf->output_size;
+
+	if (type == GNUTLS_SERVER) {
+		mesg = SERVER_MSG;
+	} else {
+		mesg = CLIENT_MSG;
+	}
+
+	_gnutls_memory_mark_defined(session->security_parameters.master_secret,
+				    GNUTLS_MASTER_SIZE);
+	rc = _gnutls_PRF(session,
+			 session->security_parameters.master_secret,
+			 GNUTLS_MASTER_SIZE, mesg, siz, concat, hash_len,
+			 12, ret);
+	if (rc < 0) {
+		_gnutls_memory_mark_undefined(session->security_parameters.master_secret,
+					      GNUTLS_MASTER_SIZE);
+	}
+	return rc;
+}
+
+
+/* returns the 0 on success or a negative error code.
+ */
+int
+_gnutls_negotiate_version(gnutls_session_t session,
+			  uint8_t major, uint8_t minor, unsigned allow_tls13)
+{
+	const version_entry_st *vers;
+	const version_entry_st *aversion = nversion_to_entry(major, minor);
+
+	/* if we do not support that version, unless that version is TLS 1.2;
+	 * TLS 1.2 is handled separately because it is always advertized under TLS 1.3 or later */
+	if (aversion == NULL ||
+	    _gnutls_nversion_is_supported(session, major, minor) == 0) {
+
+		if (aversion && aversion->id == GNUTLS_TLS1_2) {
+			vers = _gnutls_version_max(session);
+			if (unlikely(vers == NULL))
+				return gnutls_assert_val(GNUTLS_E_NO_CIPHER_SUITES);
+
+			if (vers->id >= GNUTLS_TLS1_2) {
+				session->security_parameters.pversion = aversion;
+				return 0;
+			}
+		}
+
+		/* if we get an unknown/unsupported version, then fail if the version we
+		 * got is too low to be supported */
+		if (!_gnutls_version_is_too_high(session, major, minor))
+			return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+		/* If he requested something we do not support
+		 * then we send him the highest we support.
+		 */
+		vers = _gnutls_legacy_version_max(session);
+		if (vers == NULL) {
+			/* this check is not really needed.
+			 */
+			gnutls_assert();
+			return GNUTLS_E_UNKNOWN_CIPHER_SUITE;
+		}
+
+		session->security_parameters.pversion = vers;
+
+		return 0;
+	} else {
+		session->security_parameters.pversion = aversion;
+
+		/* we do not allow TLS1.3 negotiation using this mechanism */
+		if (aversion->tls13_sem && !allow_tls13) {
+			vers = _gnutls_legacy_version_max(session);
+			session->security_parameters.pversion = vers;
+		}
+
+		return 0;
+	}
+}
+
+/* This function returns:
+ *  - zero on success
+ *  - GNUTLS_E_INT_RET_0 if GNUTLS_E_AGAIN || GNUTLS_E_INTERRUPTED were returned by the callback
+ *  - a negative error code on other error
+ */
+int
+_gnutls_user_hello_func(gnutls_session_t session,
+			uint8_t major, uint8_t minor)
+{
+	int ret, sret = 0;
+	const version_entry_st *vers, *old_vers;
+	const version_entry_st *new_max;
+
+	if (session->internals.user_hello_func != NULL) {
+		ret = session->internals.user_hello_func(session);
+
+		if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) {
+			gnutls_assert();
+			sret = GNUTLS_E_INT_RET_0;
+		} else if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		/* This callback is often used to switch the priority string of the
+		 * server, and that includes switching version which we have already
+		 * negotiated; note that this doesn't apply when resuming as the version
+		 * negotiation is already complete. */
+		if (!session->internals.resumed) {
+			new_max = _gnutls_version_max(session);
+			old_vers = get_version(session);
+
+			if (!old_vers->tls13_sem || (new_max && !new_max->tls13_sem)) {
+#if GNUTLS_TLS_VERSION_MAX != GNUTLS_TLS1_3
+# error "Need to update the following logic"
+#endif
+				/* Here we need to renegotiate the version since the callee might
+				 * have disabled some TLS versions. This logic does not cope for
+				 * protocols later than TLS1.3 if they have the tls13_sem set */
+				ret = _gnutls_negotiate_version(session, major, minor, 0);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+
+				vers = get_version(session);
+				if (old_vers != vers) {
+					/* at this point we need to regenerate the random value to
+					 * avoid the peer detecting this session as a rollback
+					 * attempt. */
+					ret = _gnutls_gen_server_random(session, vers->id);
+					if (ret < 0)
+						return gnutls_assert_val(ret);
+				}
+			}
+		}
+	}
+	return sret;
+}
+
+/* Associates the right credential types for the session, and
+ * performs sanity checks. */
+static int set_auth_types(gnutls_session_t session)
+{
+	const version_entry_st *ver = get_version(session);
+	gnutls_kx_algorithm_t kx;
+
+	/* sanity check:
+	 * we see TLS1.3 negotiated but no key share was sent */
+	if (ver->tls13_sem) {
+		if (unlikely(!(session->internals.hsk_flags & HSK_PSK_KE_MODE_PSK) &&
+			     !(session->internals.hsk_flags & HSK_KEY_SHARE_RECEIVED))) {
+			return gnutls_assert_val(GNUTLS_E_MISSING_EXTENSION);
+		}
+
+		/* Under TLS1.3 this returns a KX which matches the negotiated
+		 * groups from the key shares; if we are resuming then the KX seen
+		 * here doesn't match the original session. */
+		if (!session->internals.resumed)
+			kx = gnutls_kx_get(session);
+		else
+			kx = GNUTLS_KX_UNKNOWN;
+	} else {
+		/* TLS1.2 or earlier, kx is associated with ciphersuite */
+		kx = session->security_parameters.cs->kx_algorithm;
+	}
+
+	if (kx != GNUTLS_KX_UNKNOWN) {
+		session->security_parameters.server_auth_type = _gnutls_map_kx_get_cred(kx, 1);
+		session->security_parameters.client_auth_type = _gnutls_map_kx_get_cred(kx, 0);
+	} else if (unlikely(!session->internals.resumed)) {
+		/* Here we can only arrive if something we received
+		 * prevented the session from completing. */
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+	}
+
+	return 0;
+}
+
+/* Read a client hello packet.
+ * A client hello must be a known version client hello
+ * or version 2.0 client hello (only for compatibility
+ * since SSL version 2.0 is not supported).
+ */
+static int
+read_client_hello(gnutls_session_t session, uint8_t * data,
+			  int datalen)
+{
+	uint8_t session_id_len;
+	int pos = 0, ret;
+	uint16_t suite_size, comp_size;
+	int ext_size;
+	int neg_version, sret = 0;
+	int len = datalen;
+	uint8_t major, minor;
+	uint8_t *suite_ptr, *comp_ptr, *session_id, *ext_ptr;
+	const version_entry_st *vers;
+
+	DECR_LEN(len, 2);
+	_gnutls_handshake_log("HSK[%p]: Client's version: %d.%d\n",
+			      session, data[pos], data[pos + 1]);
+
+	major = data[pos];
+	minor = data[pos+1];
+
+	set_adv_version(session, major, minor);
+
+	ret = _gnutls_negotiate_version(session, major, minor, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	vers = get_version(session);
+	if (vers == NULL)
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+	neg_version = vers->id;
+
+	pos += 2;
+
+	/* Read client random value.
+	 */
+	DECR_LEN(len, GNUTLS_RANDOM_SIZE);
+	_gnutls_set_client_random(session, &data[pos]);
+
+	pos += GNUTLS_RANDOM_SIZE;
+
+	ret = _gnutls_gen_server_random(session, neg_version);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	session->security_parameters.timestamp = gnutls_time(NULL);
+
+	DECR_LEN(len, 1);
+	session_id_len = data[pos++];
+
+	/* RESUME SESSION
+	 */
+	if (session_id_len > GNUTLS_MAX_SESSION_ID_SIZE) {
+		gnutls_assert();
+		return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+	}
+	DECR_LEN(len, session_id_len);
+	session_id = &data[pos];
+	pos += session_id_len;
+
+	if (IS_DTLS(session)) {
+		int cookie_size;
+
+		DECR_LEN(len, 1);
+		cookie_size = data[pos++];
+		DECR_LEN(len, cookie_size);
+		pos += cookie_size;
+	}
+
+	/* move forward to extensions and store other vals */
+	DECR_LEN(len, 2);
+	suite_size = _gnutls_read_uint16(&data[pos]);
+	pos += 2;
+
+	if (suite_size == 0 || (suite_size % 2) != 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	suite_ptr = &data[pos];
+	DECR_LEN(len, suite_size);
+	pos += suite_size;
+
+	DECR_LEN(len, 1);
+	comp_size = data[pos++]; /* the number of compression methods */
+
+	if (comp_size == 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	comp_ptr = &data[pos];
+	DECR_LEN(len, comp_size);
+	pos += comp_size;
+
+	ext_ptr = &data[pos];
+	ext_size = len;
+
+	/* Parse only the mandatory to read extensions for resumption
+	 * and version negotiation. We don't want to parse any other
+	 * extensions since  we don't want new extension values to override
+	 * the resumed ones. */
+	ret =
+	    _gnutls_parse_hello_extensions(session, GNUTLS_EXT_FLAG_CLIENT_HELLO,
+					   GNUTLS_EXT_VERSION_NEG,
+					   ext_ptr, ext_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret =
+	    _gnutls_parse_hello_extensions(session, GNUTLS_EXT_FLAG_CLIENT_HELLO,
+					   GNUTLS_EXT_MANDATORY,
+					   ext_ptr, ext_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	vers = get_version(session);
+	if (unlikely(vers == NULL))
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+	if (!vers->tls13_sem) {
+		ret =
+		    _gnutls_server_restore_session(session, session_id,
+						   session_id_len);
+
+		if (session_id_len > 0)
+			session->internals.resumption_requested = 1;
+
+		if (ret == 0) {		/* resumed using default TLS resumption! */
+			ret = _gnutls_server_select_suite(session, suite_ptr, suite_size, 1);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			ret = tls12_resume_copy_required_vals(session, 0);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			session->internals.resumed = true;
+
+			return _gnutls_user_hello_func(session, major, minor);
+		} else {
+			ret = _gnutls_generate_session_id(session->security_parameters.
+							  session_id,
+							  &session->security_parameters.
+							  session_id_size);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			session->internals.resumed = false;
+		}
+	} else { /* TLS1.3 */
+		/* we echo client's session ID - length was checked previously */
+		assert(session_id_len <= GNUTLS_MAX_SESSION_ID_SIZE);
+		if (session_id_len > 0)
+			memcpy(session->security_parameters.session_id, session_id, session_id_len);
+		session->security_parameters.session_id_size = session_id_len;
+	}
+
+	/* Parse the extensions (if any)
+	 *
+	 * Unconditionally try to parse extensions; safe renegotiation uses them in
+	 * sslv3 and higher, even though sslv3 doesn't officially support them.
+	 */
+	ret = _gnutls_parse_hello_extensions(session, GNUTLS_EXT_FLAG_CLIENT_HELLO,
+					     GNUTLS_EXT_APPLICATION,
+					     ext_ptr, ext_size);
+	/* len is the rest of the parsed length */
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* we cache this error code */
+	sret = _gnutls_user_hello_func(session, major, minor);
+	if (sret < 0 && sret != GNUTLS_E_INT_RET_0) {
+		gnutls_assert();
+		return sret;
+	}
+
+	/* Session tickets are parsed in this point */
+	ret =
+	    _gnutls_parse_hello_extensions(session, GNUTLS_EXT_FLAG_CLIENT_HELLO,
+					   GNUTLS_EXT_TLS, ext_ptr, ext_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (session->internals.hsk_flags & HSK_EARLY_DATA_ACCEPTED) {
+		const cipher_entry_st *ce;
+		const mac_entry_st *me;
+		record_parameters_st *params;
+
+		ce = cipher_to_entry(session->internals.
+				     resumed_security_parameters.
+				     cs->block_algorithm);
+		me = mac_to_entry(session->internals.
+				  resumed_security_parameters.
+				  cs->mac_algorithm);
+
+		ret = _gnutls_epoch_get(session, EPOCH_NEXT, &params);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		params->cipher = ce;
+		params->mac = me;
+
+		ret = _tls13_read_connection_state_init(session, STAGE_EARLY);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		_gnutls_epoch_bump(session);
+		ret = _gnutls_epoch_dup(session, EPOCH_READ_CURRENT);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	/* resumed by session_ticket extension */
+	if (!vers->tls13_sem && session->internals.resumed) {
+		session->internals.resumed_security_parameters.
+		    max_record_recv_size =
+		    session->security_parameters.max_record_recv_size;
+		session->internals.resumed_security_parameters.
+		    max_record_send_size =
+		    session->security_parameters.max_record_send_size;
+
+		ret = _gnutls_server_select_suite(session, suite_ptr, suite_size, 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = tls12_resume_copy_required_vals(session, 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		/* to indicate to the client that the current session is resumed */
+		memcpy(session->security_parameters.session_id, session_id, session_id_len);
+		session->security_parameters.session_id_size = session_id_len;
+
+		return 0;
+	}
+
+	/* select an appropriate cipher suite (as well as certificate)
+	 */
+	ret = _gnutls_server_select_suite(session, suite_ptr, suite_size, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* Only at this point we know the version we are actually going to use
+	 * ("supported_versions" extension is parsed, user_hello_func is called,
+	 * legacy version negotiation is done). */
+	vers = get_version(session);
+	if (unlikely(vers == NULL))
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+	if (_gnutls_version_priority(session, vers->id) < 0)
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+	_gnutls_handshake_log("HSK[%p]: Selected version %s\n", session, vers->name);
+
+	/* select appropriate compression method */
+	ret =
+	    check_if_null_comp_present(session, comp_ptr,
+					      comp_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* call extensions that are intended to be parsed after the ciphersuite/cert
+	 * are known. */
+	ret =
+	    _gnutls_parse_hello_extensions(session, GNUTLS_EXT_FLAG_CLIENT_HELLO,
+				     _GNUTLS_EXT_TLS_POST_CS, ext_ptr, ext_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* Calculate TLS 1.3 Early Secret */
+	if (session->security_parameters.pversion->tls13_sem &&
+	    !(session->internals.hsk_flags & HSK_PSK_SELECTED)) {
+		ret = _tls13_init_secret(session, NULL, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	ret = set_auth_types(session);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return sret;
+}
+
+/* This is to be called after sending CHANGE CIPHER SPEC packet
+ * and initializing encryption. This is the first encrypted message
+ * we send.
+ */
+int _gnutls_send_finished(gnutls_session_t session, int again)
+{
+	mbuffer_st *bufel;
+	uint8_t *data;
+	int ret;
+	size_t vdata_size = 0;
+	const version_entry_st *vers;
+
+	if (again == 0) {
+		bufel =
+		    _gnutls_handshake_alloc(session,
+					    MAX_VERIFY_DATA_SIZE);
+		if (bufel == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+		data = _mbuffer_get_udata_ptr(bufel);
+
+		vers = get_version(session);
+		if (unlikely(vers == NULL))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+#ifdef ENABLE_SSL3
+		if (vers->id == GNUTLS_SSL3) {
+			ret =
+			    _gnutls_ssl3_finished(session,
+						  session->
+						  security_parameters.
+						  entity, data, 1);
+			_mbuffer_set_udata_size(bufel, 36);
+		} else {	/* TLS 1.0+ */
+#endif
+			ret = _gnutls_finished(session,
+					       session->
+					       security_parameters.entity,
+					       data, 1);
+			_mbuffer_set_udata_size(bufel, 12);
+#ifdef ENABLE_SSL3
+		}
+#endif
+
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		vdata_size = _mbuffer_get_udata_size(bufel);
+
+		ret =
+		    _gnutls_ext_sr_finished(session, data, vdata_size, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		if ((!session->internals.resumed
+		     && session->security_parameters.entity ==
+		     GNUTLS_CLIENT)
+		    || (session->internals.resumed
+			&& session->security_parameters.entity ==
+			GNUTLS_SERVER)) {
+			/* if we are a client not resuming - or we are a server resuming */
+			_gnutls_handshake_log
+			    ("HSK[%p]: recording tls-unique CB (send)\n",
+			     session);
+			memcpy(session->internals.cb_tls_unique, data,
+			       vdata_size);
+			session->internals.cb_tls_unique_len = vdata_size;
+		}
+
+		ret =
+		    _gnutls_send_handshake(session, bufel,
+					   GNUTLS_HANDSHAKE_FINISHED);
+	} else {
+		ret =
+		    _gnutls_send_handshake(session, NULL,
+					   GNUTLS_HANDSHAKE_FINISHED);
+	}
+
+	return ret;
+}
+
+/* This is to be called after sending our finished message. If everything
+ * went fine we have negotiated a secure connection
+ */
+int _gnutls_recv_finished(gnutls_session_t session)
+{
+	uint8_t data[MAX_VERIFY_DATA_SIZE], *vrfy;
+	gnutls_buffer_st buf;
+	int data_size;
+	int ret;
+	int vrfy_size;
+	const version_entry_st *vers = get_version(session);
+
+	if (unlikely(vers == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	ret =
+	    _gnutls_recv_handshake(session, GNUTLS_HANDSHAKE_FINISHED,
+				   0, &buf);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	vrfy = buf.data;
+	vrfy_size = buf.length;
+
+#ifdef ENABLE_SSL3
+	if (vers->id == GNUTLS_SSL3)
+		data_size = 36;
+	else
+#endif
+		data_size = 12;
+
+	if (vrfy_size != data_size) {
+		gnutls_assert();
+		ret = GNUTLS_E_ERROR_IN_FINISHED_PACKET;
+		goto cleanup;
+	}
+
+#ifdef ENABLE_SSL3
+	if (vers->id == GNUTLS_SSL3) {
+		ret =
+		    _gnutls_ssl3_finished(session,
+					  (session->security_parameters.
+					   entity + 1) % 2, data, 0);
+	} else /* TLS 1.0+ */
+#endif
+		ret =
+		    _gnutls_finished(session,
+				     (session->security_parameters.entity +
+				      1) % 2, data, 0);
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+	/* When fuzzying allow to proceed without verifying the handshake
+	 * consistency */
+	(void) vrfy;
+# warning This is unsafe for production builds
+
+#else
+	if (memcmp(vrfy, data, data_size) != 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_ERROR_IN_FINISHED_PACKET;
+		goto cleanup;
+	}
+#endif
+
+	ret = _gnutls_ext_sr_finished(session, data, data_size, 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if ((session->internals.resumed
+	     && session->security_parameters.entity == GNUTLS_CLIENT)
+	    || (!session->internals.resumed
+		&& session->security_parameters.entity == GNUTLS_SERVER)) {
+		/* if we are a client resuming - or we are a server not resuming */
+		_gnutls_handshake_log
+		    ("HSK[%p]: recording tls-unique CB (recv)\n", session);
+		memcpy(session->internals.cb_tls_unique, data, data_size);
+		session->internals.cb_tls_unique_len = data_size;
+	}
+
+
+      cleanup:
+	_gnutls_buffer_clear(&buf);
+
+	return ret;
+}
+
+/* This selects the best supported ciphersuite from the given ones. Then
+ * it adds the suite to the session and performs some checks.
+ *
+ * When @scsv_only is non-zero only the available SCSVs are parsed
+ * and acted upon.
+ */
+int
+_gnutls_server_select_suite(gnutls_session_t session, uint8_t * data,
+			    unsigned int datalen, unsigned scsv_only)
+{
+	int ret;
+	unsigned int i;
+	ciphersuite_list_st peer_clist;
+	const gnutls_cipher_suite_entry_st *selected;
+	gnutls_kx_algorithm_t kx;
+	int retval;
+	const version_entry_st *vers = get_version(session);
+
+	peer_clist.size = 0;
+
+	for (i = 0; i < datalen; i += 2) {
+		/* we support the TLS renegotiation SCSV, even if we are
+		 * not under SSL 3.0, because openssl sends this SCSV
+		 * on resumption unconditionally. */
+		/* TLS_RENEGO_PROTECTION_REQUEST = { 0x00, 0xff } */
+		if (session->internals.priorities->sr != SR_DISABLED &&
+		    data[i] == GNUTLS_RENEGO_PROTECTION_REQUEST_MAJOR &&
+		    data[i + 1] == GNUTLS_RENEGO_PROTECTION_REQUEST_MINOR) {
+			_gnutls_handshake_log
+			    ("HSK[%p]: Received safe renegotiation CS\n",
+			     session);
+			retval = _gnutls_ext_sr_recv_cs(session);
+			if (retval < 0) {
+				gnutls_assert();
+				return retval;
+			}
+		}
+
+		/* TLS_FALLBACK_SCSV */
+		if (data[i] == GNUTLS_FALLBACK_SCSV_MAJOR &&
+		    data[i + 1] == GNUTLS_FALLBACK_SCSV_MINOR) {
+			const version_entry_st *max = _gnutls_version_max(session);
+
+			_gnutls_handshake_log
+			    ("HSK[%p]: Received fallback CS\n",
+			     session);
+
+			if (vers != max)
+				return gnutls_assert_val(GNUTLS_E_INAPPROPRIATE_FALLBACK);
+		} else if (!scsv_only) {
+			if (peer_clist.size < MAX_CIPHERSUITE_SIZE) {
+				peer_clist.entry[peer_clist.size] = ciphersuite_to_entry(&data[i]);
+				if (peer_clist.entry[peer_clist.size] != NULL)
+					peer_clist.size++;
+			}
+		}
+	}
+
+	if (scsv_only)
+		return 0;
+
+	ret = _gnutls_figure_common_ciphersuite(session, &peer_clist, &selected);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	_gnutls_handshake_log
+		    ("HSK[%p]: Selected cipher suite: %s\n", session, selected->name);
+
+	ret = _gnutls_set_cipher_suite2(session, selected);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (!vers->tls13_sem) {
+		/* check if the credentials (username, public key etc.) are ok
+		 */
+		kx = selected->kx_algorithm;
+		if (_gnutls_get_kx_cred(session, kx) == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+		}
+
+		/* set the mod_auth_st to the appropriate struct
+		 * according to the KX algorithm. This is needed since all the
+		 * handshake functions are read from there;
+		 */
+		session->internals.auth_struct = _gnutls_kx_auth_struct(kx);
+		if (session->internals.auth_struct == NULL) {
+			_gnutls_handshake_log
+			    ("HSK[%p]: Cannot find the appropriate handler for the KX algorithm\n",
+			     session);
+			gnutls_assert();
+			return GNUTLS_E_INTERNAL_ERROR;
+		}
+	}
+
+	return 0;
+
+}
+
+
+/* This checks whether the null compression method is present.
+ */
+static int
+check_if_null_comp_present(gnutls_session_t session,
+			  uint8_t * data, int datalen)
+{
+	int j;
+
+	for (j = 0; j < datalen; j++) {
+		if (data[j] == 0)
+			return 0;
+	}
+
+	/* we were not able to find a the NULL compression
+	 * algorithm
+	 */
+	gnutls_assert();
+	return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
+
+}
+
+/* This function sends an empty handshake packet. (like hello request).
+ * If the previous _gnutls_send_empty_handshake() returned
+ * GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED, then it must be called again
+ * (until it returns ok), with NULL parameters.
+ */
+static int
+_gnutls_send_empty_handshake(gnutls_session_t session,
+			     gnutls_handshake_description_t type,
+			     int again)
+{
+	mbuffer_st *bufel;
+
+	if (again == 0) {
+		bufel = _gnutls_handshake_alloc(session, 0);
+		if (bufel == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+	} else
+		bufel = NULL;
+
+	return _gnutls_send_handshake(session, bufel, type);
+}
+
+int _gnutls_call_hook_func(gnutls_session_t session,
+			   gnutls_handshake_description_t type,
+			   int post, unsigned incoming,
+			   const uint8_t *data, unsigned data_size)
+{
+	gnutls_datum_t msg = {(void*)data, data_size};
+
+	if (session->internals.h_hook != NULL) {
+		if ((session->internals.h_type == type
+		     || session->internals.h_type == GNUTLS_HANDSHAKE_ANY)
+		    && (session->internals.h_post == post
+			|| session->internals.h_post == GNUTLS_HOOK_BOTH)) {
+
+			/* internal API for testing: when we are expected to
+			 * wait for GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC, we
+			 * do so, but not when doing for all messages. The
+			 * reason is that change cipher specs are not handshake
+			 * messages, and we don't support waiting for them
+			 * consistently (only sending is tracked, not receiving).
+			 */
+			if (type == GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC &&
+			    session->internals.h_type != GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC)
+				return 0;
+
+			return session->internals.h_hook(session, type,
+							 post, incoming, &msg);
+		}
+	}
+	return 0;
+}
+
+/* Note that the "New session ticket" handshake packet behaves differently under
+ * TLS 1.2 or 1.3. In 1.2 it is included in the handshake process, while in 1.3
+ * it is sent asynchronously */
+#define IS_ASYNC(t, v) \
+	(t == GNUTLS_HANDSHAKE_HELLO_REQUEST || t == GNUTLS_HANDSHAKE_KEY_UPDATE || \
+	 (t == GNUTLS_HANDSHAKE_NEW_SESSION_TICKET && v->tls13_sem))
+
+int
+_gnutls_send_handshake(gnutls_session_t session, mbuffer_st * bufel,
+		       gnutls_handshake_description_t type)
+{
+	return _gnutls_send_handshake2(session, bufel, type, 0);
+}
+
+/* This function sends a handshake message of type 'type' containing the
+ * data specified here. If the previous _gnutls_send_handshake() returned
+ * GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED, then it must be called again
+ * (until it returns ok), with NULL parameters.
+ */
+int
+_gnutls_send_handshake2(gnutls_session_t session, mbuffer_st * bufel,
+		        gnutls_handshake_description_t type, unsigned queue_only)
+{
+	int ret;
+	uint8_t *data;
+	uint32_t datasize, i_datasize;
+	int pos = 0;
+	const version_entry_st *vers = get_version(session);
+
+	if (bufel == NULL) {
+		/* we are resuming a previously interrupted
+		 * send.
+		 */
+		ret = _gnutls_handshake_io_write_flush(session);
+		return ret;
+
+	}
+
+	/* first run */
+	data = _mbuffer_get_uhead_ptr(bufel);
+	i_datasize = _mbuffer_get_udata_size(bufel);
+	datasize = i_datasize + _mbuffer_get_uhead_size(bufel);
+
+	data[pos++] = (uint8_t) REAL_HSK_TYPE(type);
+	_gnutls_write_uint24(_mbuffer_get_udata_size(bufel), &data[pos]);
+	pos += 3;
+
+	/* Add DTLS handshake fragment headers.  The message will be
+	 * fragmented later by the fragmentation sub-layer. All fields must
+	 * be set properly for HMAC. The HMAC requires we pretend that the
+	 * message was sent in a single fragment. */
+	if (IS_DTLS(session)) {
+		_gnutls_write_uint16(session->internals.dtls.
+				     hsk_write_seq++, &data[pos]);
+		pos += 2;
+
+		/* Fragment offset */
+		_gnutls_write_uint24(0, &data[pos]);
+		pos += 3;
+
+		/* Fragment length */
+		_gnutls_write_uint24(i_datasize, &data[pos]);
+		/* pos += 3; */
+	}
+
+	_gnutls_handshake_log("HSK[%p]: %s was queued [%ld bytes]\n",
+			      session, _gnutls_handshake2str(type),
+			      (long) datasize);
+
+	/* Here we keep the handshake messages in order to hash them...
+	 */
+	if (!IS_ASYNC(type, vers)) {
+		if ((ret =
+		     handshake_hash_add_sent(session, type, data,
+						     datasize)) < 0) {
+			gnutls_assert();
+			_mbuffer_xfree(&bufel);
+			return ret;
+		}
+		/* If we are sending a PSK, generate early secrets here.
+		 * This cannot be done in pre_shared_key.c, because it
+		 * relies on transcript hash of a Client Hello. */
+		if (type == GNUTLS_HANDSHAKE_CLIENT_HELLO &&
+		    session->key.binders[0].prf != NULL) {
+			ret = _gnutls_generate_early_secrets_for_psk(session);
+			if (ret < 0) {
+				gnutls_assert();
+				_mbuffer_xfree(&bufel);
+				return ret;
+			}
+		}
+	}
+
+	ret = _gnutls_call_hook_func(session, type, GNUTLS_HOOK_PRE, 0,
+				     _mbuffer_get_udata_ptr(bufel), _mbuffer_get_udata_size(bufel));
+	if (ret < 0) {
+		gnutls_assert();
+		_mbuffer_xfree(&bufel);
+		return ret;
+	}
+
+	session->internals.last_handshake_out = type;
+
+	ret = _gnutls_handshake_io_cache_int(session, type, bufel);
+	if (ret < 0) {
+		_mbuffer_xfree(&bufel);
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_call_hook_func(session, type, GNUTLS_HOOK_POST, 0,
+				      _mbuffer_get_udata_ptr(bufel), _mbuffer_get_udata_size(bufel));
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (queue_only)
+		return 0;
+
+	/* Decide when to cache and when to send */
+	if (vers && vers->tls13_sem) {
+
+		if (session->internals.initial_negotiation_completed) {
+			/* we are under TLS1.3 in a re-authentication phase.
+			 * we don't attempt to cache any messages */
+			goto force_send;
+		}
+
+		/* The messages which are followed by another are not sent by default
+		 * but are cached instead */
+		switch (type) {
+		case GNUTLS_HANDSHAKE_SERVER_HELLO:	/* always followed by something */
+		case GNUTLS_HANDSHAKE_ENCRYPTED_EXTENSIONS: /* followed by finished or cert */
+		case GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST:  /* followed by certificate */
+		case GNUTLS_HANDSHAKE_CERTIFICATE_PKT:	/* this one is followed by cert verify */
+		case GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT:	/* as above */
+		case GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY: /* followed by finished */
+			ret = 0; /* cache */
+			break;
+		default:
+			/* send this and any cached messages */
+			goto force_send;
+		}
+	} else {
+		/* The messages which are followed by another are not sent by default
+		 * but are cached instead */
+		switch (type) {
+		case GNUTLS_HANDSHAKE_CERTIFICATE_PKT:	/* this one is followed by ServerHelloDone
+							 * or ClientKeyExchange always.
+							 */
+		case GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT:	/* as above */
+		case GNUTLS_HANDSHAKE_CERTIFICATE_STATUS:
+		case GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE:	/* as above */
+		case GNUTLS_HANDSHAKE_SERVER_HELLO:	/* as above */
+		case GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST:	/* as above */
+		case GNUTLS_HANDSHAKE_NEW_SESSION_TICKET:	/* followed by ChangeCipherSpec */
+
+			/* now for client Certificate, ClientKeyExchange and
+			 * CertificateVerify are always followed by ChangeCipherSpec
+			 */
+		case GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY:
+		case GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE:
+			ret = 0;
+			break;
+		default:
+			/* send this and any cached messages */
+			goto force_send;
+		}
+	}
+
+	return ret;
+
+ force_send:
+	return _gnutls_handshake_io_write_flush(session);
+}
+
+#define CHECK_SIZE(ll) \
+  if ((session->internals.max_handshake_data_buffer_size > 0) && \
+      (((ll) + session->internals.handshake_hash_buffer.length) > \
+       session->internals.max_handshake_data_buffer_size)) { \
+    _gnutls_debug_log("Handshake buffer length is %u (max: %u)\n", (unsigned)((ll) + session->internals.handshake_hash_buffer.length), (unsigned)session->internals.max_handshake_data_buffer_size); \
+    return gnutls_assert_val(GNUTLS_E_HANDSHAKE_TOO_LARGE); \
+    }
+
+
+/* This function add the handshake headers and the
+ * handshake data to the handshake hash buffers. Needed
+ * for the finished messages calculations.
+ */
+static int
+handshake_hash_add_recvd(gnutls_session_t session,
+				 gnutls_handshake_description_t recv_type,
+				 uint8_t * header, uint16_t header_size,
+				 uint8_t * dataptr, uint32_t datalen)
+{
+	int ret;
+	const version_entry_st *vers = get_version(session);
+
+	if (unlikely(vers == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if ((vers->id != GNUTLS_DTLS0_9 &&
+	     recv_type == GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST) ||
+	     IS_ASYNC(recv_type, vers))
+		return 0;
+
+	CHECK_SIZE(header_size + datalen);
+
+	session->internals.handshake_hash_buffer_prev_len =
+	    session->internals.handshake_hash_buffer.length;
+
+	if (vers->id != GNUTLS_DTLS0_9) {
+		ret =
+		    _gnutls_buffer_append_data(&session->internals.
+					       handshake_hash_buffer,
+					       header, header_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+	if (datalen > 0) {
+		ret =
+		    _gnutls_buffer_append_data(&session->internals.
+					       handshake_hash_buffer,
+					       dataptr, datalen);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	/* save the size until client KX. That is because the TLS
+	 * session hash is calculated up to this message.
+	 */
+	if (recv_type == GNUTLS_HANDSHAKE_CLIENT_HELLO)
+		session->internals.handshake_hash_buffer_client_hello_len =
+			session->internals.handshake_hash_buffer.length;
+	if (recv_type == GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE)
+		session->internals.handshake_hash_buffer_client_kx_len =
+			session->internals.handshake_hash_buffer.length;
+	if (recv_type == GNUTLS_HANDSHAKE_FINISHED && session->security_parameters.entity == GNUTLS_CLIENT)
+		session->internals.handshake_hash_buffer_server_finished_len =
+			session->internals.handshake_hash_buffer.length;
+	if (recv_type == GNUTLS_HANDSHAKE_FINISHED && session->security_parameters.entity == GNUTLS_SERVER)
+		session->internals.handshake_hash_buffer_client_finished_len =
+			session->internals.handshake_hash_buffer.length;
+
+	return 0;
+}
+
+/* This function will store the handshake message we sent.
+ */
+static int
+handshake_hash_add_sent(gnutls_session_t session,
+				gnutls_handshake_description_t type,
+				uint8_t * dataptr, uint32_t datalen)
+{
+	int ret;
+	const version_entry_st *vers = get_version(session);
+
+	if (unlikely(vers == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (IS_ASYNC(type, vers))
+		return 0;
+
+	CHECK_SIZE(datalen);
+
+	if (vers->id == GNUTLS_DTLS0_9) {
+		/* Old DTLS doesn't include the header in the MAC */
+		if (datalen < 12) {
+			gnutls_assert();
+			return GNUTLS_E_INTERNAL_ERROR;
+		}
+		dataptr += 12;
+		datalen -= 12;
+
+		if (datalen == 0)
+			return 0;
+	}
+
+	ret =
+	    _gnutls_buffer_append_data(&session->internals.
+				       handshake_hash_buffer,
+				       dataptr, datalen);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (type == GNUTLS_HANDSHAKE_CLIENT_HELLO)
+		session->internals.handshake_hash_buffer_client_hello_len =
+			session->internals.handshake_hash_buffer.length;
+	if (type == GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE)
+		session->internals.handshake_hash_buffer_client_kx_len =
+			session->internals.handshake_hash_buffer.length;
+	if (type == GNUTLS_HANDSHAKE_FINISHED && session->security_parameters.entity == GNUTLS_SERVER)
+		session->internals.handshake_hash_buffer_server_finished_len =
+			session->internals.handshake_hash_buffer.length;
+	if (type == GNUTLS_HANDSHAKE_FINISHED && session->security_parameters.entity == GNUTLS_CLIENT)
+		session->internals.handshake_hash_buffer_client_finished_len =
+			session->internals.handshake_hash_buffer.length;
+
+	return 0;
+}
+
+/* This function will receive handshake messages of the given types,
+ * and will pass the message to the right place in order to be processed.
+ * E.g. for the SERVER_HELLO message (if it is expected), it will be
+ * passed to _gnutls_recv_hello().
+ */
+int
+_gnutls_recv_handshake(gnutls_session_t session,
+		       gnutls_handshake_description_t type,
+		       unsigned int optional, gnutls_buffer_st * buf)
+{
+	int ret, ret2;
+	handshake_buffer_st hsk;
+
+	ret = _gnutls_handshake_io_recv_int(session, type, &hsk, optional);
+	if (ret < 0) {
+		if (optional != 0
+		    && ret == GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET) {
+			if (buf)
+				_gnutls_buffer_init(buf);
+			return 0;
+		}
+
+		return gnutls_assert_val_fatal(ret);
+	}
+	session->internals.last_handshake_in = hsk.htype;
+
+	ret = _gnutls_call_hook_func(session, hsk.htype, GNUTLS_HOOK_PRE, 1, hsk.data.data, hsk.data.length);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = handshake_hash_add_recvd(session, hsk.rtype,
+				       hsk.header, hsk.header_size,
+				       hsk.data.data,
+				       hsk.data.length);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	switch (hsk.htype) {
+	case GNUTLS_HANDSHAKE_CLIENT_HELLO_V2:
+	case GNUTLS_HANDSHAKE_CLIENT_HELLO:
+		if (!(IS_SERVER(session))) {
+			ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+			goto cleanup;
+		}
+
+#ifdef ENABLE_SSL2
+		if (hsk.htype == GNUTLS_HANDSHAKE_CLIENT_HELLO_V2)
+			ret =
+			    _gnutls_read_client_hello_v2(session,
+							 hsk.data.data,
+							 hsk.data.length);
+		else
+#endif
+		{
+			/* Reference the full ClientHello in case an extension needs it */
+			ret = _gnutls_ext_set_full_client_hello(session, &hsk);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			ret = read_client_hello(session, hsk.data.data,
+						hsk.data.length);
+		}
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		break;
+
+	case GNUTLS_HANDSHAKE_SERVER_HELLO:
+		if (IS_SERVER(session)) {
+			ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+			goto cleanup;
+		}
+
+		ret = read_server_hello(session, hsk.data.data,
+					hsk.data.length);
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		break;
+	case GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST:
+		if (IS_SERVER(session)) {
+			ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+			goto cleanup;
+		}
+
+		ret =
+		    recv_hello_verify_request(session,
+					      hsk.data.data,
+					      hsk.data.length);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		} else {
+			/* Signal our caller we have received a verification cookie
+			   and ClientHello needs to be sent again. */
+			ret = 1;
+		}
+
+		break;
+	case GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST: {
+		/* hash buffer synth message is generated during hello retry parsing */
+		gnutls_datum_t hrr = {hsk.data.data, hsk.data.length};
+
+		if (IS_SERVER(session)) {
+			ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+			goto cleanup;
+		}
+
+		ret =
+		    _gnutls13_recv_hello_retry_request(session,
+						       &hsk.data);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		} else {
+			/* during hello retry parsing, we reset handshake hash buffer,
+			 * re-add this message */
+			ret = handshake_hash_add_recvd(session, hsk.htype,
+						       hsk.header, hsk.header_size,
+						       hrr.data,
+						       hrr.size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			/* Signal our caller we have received a retry request
+			   and ClientHello needs to be sent again. */
+			ret = 1;
+		}
+
+		break;
+	}
+	case GNUTLS_HANDSHAKE_SERVER_HELLO_DONE:
+		if (hsk.data.length == 0)
+			ret = 0;
+		else {
+			gnutls_assert();
+			ret = GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+			goto cleanup;
+		}
+		break;
+	case GNUTLS_HANDSHAKE_CERTIFICATE_PKT:
+	case GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT:
+	case GNUTLS_HANDSHAKE_CERTIFICATE_STATUS:
+	case GNUTLS_HANDSHAKE_FINISHED:
+	case GNUTLS_HANDSHAKE_ENCRYPTED_EXTENSIONS:
+	case GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE:
+	case GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE:
+	case GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST:
+	case GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY:
+	case GNUTLS_HANDSHAKE_SUPPLEMENTAL:
+	case GNUTLS_HANDSHAKE_NEW_SESSION_TICKET:
+	case GNUTLS_HANDSHAKE_END_OF_EARLY_DATA:
+		ret = hsk.data.length;
+		break;
+	default:
+		gnutls_assert();
+		/* we shouldn't actually arrive here in any case .
+		 * unexpected messages should be caught after _gnutls_handshake_io_recv_int()
+		 */
+		ret = GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET;
+		goto cleanup;
+	}
+
+	ret2 = _gnutls_call_hook_func(session, hsk.htype, GNUTLS_HOOK_POST, 1, hsk.data.data, hsk.data.length);
+	if (ret2 < 0) {
+		ret = ret2;
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (buf) {
+		*buf = hsk.data;
+		return ret;
+	}
+
+      cleanup:
+	_gnutls_handshake_buffer_clear(&hsk);
+	return ret;
+}
+
+/* This function checks if the given cipher suite is supported, and sets it
+ * to the session;
+ */
+static int
+set_client_ciphersuite(gnutls_session_t session, uint8_t suite[2])
+{
+	unsigned j;
+	int ret;
+	const gnutls_cipher_suite_entry_st *selected = NULL;
+	const version_entry_st *vers = get_version(session);
+	gnutls_kx_algorithm_t kx;
+
+	for (j = 0; j < session->internals.priorities->cs.size; j++) {
+		if (suite[0] == session->internals.priorities->cs.entry[j]->id[0] &&
+		    suite[1] == session->internals.priorities->cs.entry[j]->id[1]) {
+			selected = session->internals.priorities->cs.entry[j];
+			break;
+		}
+	}
+
+	if (!selected) {
+		gnutls_assert();
+		_gnutls_handshake_log
+		    ("HSK[%p]: unsupported cipher suite %.2X.%.2X was negotiated\n",
+		     session, (unsigned int) suite[0],
+		     (unsigned int) suite[1]);
+		return GNUTLS_E_UNKNOWN_CIPHER_SUITE;
+	}
+
+	ret = _gnutls_set_cipher_suite2(session, selected);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_handshake_log("HSK[%p]: Selected cipher suite: %s\n",
+			      session,
+			      selected->name);
+
+	/* check if the credentials (username, public key etc.) are ok.
+	 * Actually checks if they exist.
+	 */
+	if (!vers->tls13_sem) {
+		kx = selected->kx_algorithm;
+
+		if (!session->internals.premaster_set &&
+		    _gnutls_get_kx_cred
+		    (session, kx) == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+		}
+
+		/* set the mod_auth_st to the appropriate struct
+		 * according to the KX algorithm. This is needed since all the
+		 * handshake functions are read from there;
+		 */
+		session->internals.auth_struct =
+		    _gnutls_kx_auth_struct(kx);
+
+		if (session->internals.auth_struct == NULL) {
+			_gnutls_handshake_log
+			    ("HSK[%p]: Cannot find the appropriate handler for the KX algorithm\n",
+			     session);
+			gnutls_assert();
+			return GNUTLS_E_INTERNAL_ERROR;
+		}
+	} else {
+		if (session->internals.hsk_flags & HSK_PSK_SELECTED) {
+			if (session->key.binders[0].prf->id != selected->prf) {
+				_gnutls_handshake_log
+				    ("HSK[%p]: PRF of ciphersuite differs with the PSK identity (cs: %s, id: %s)\n",
+				     session, selected->name, session->key.binders[0].prf->name);
+				gnutls_assert();
+				return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+			}
+		}
+	}
+
+	return 0;
+}
+
+/* This function returns 0 if we are resuming a session or -1 otherwise.
+ * This also sets the variables in the session. Used only while reading a server
+ * hello. Only applicable to TLS1.2 or earlier.
+ */
+static int
+client_check_if_resuming(gnutls_session_t session,
+			 uint8_t * session_id, int session_id_len)
+{
+	char buf[2 * GNUTLS_MAX_SESSION_ID_SIZE + 1];
+	int ret;
+
+	_gnutls_handshake_log("HSK[%p]: SessionID length: %d\n", session,
+			      session_id_len);
+	_gnutls_handshake_log("HSK[%p]: SessionID: %s\n", session,
+			      _gnutls_bin2hex(session_id, session_id_len,
+					      buf, sizeof(buf), NULL));
+
+	if ((session->internals.resumption_requested != 0 ||
+	     session->internals.premaster_set != 0) &&
+	    session_id_len > 0 &&
+	    session->internals.resumed_security_parameters.
+	    session_id_size == session_id_len
+	    && memcmp(session_id,
+		      session->internals.resumed_security_parameters.
+		      session_id, session_id_len) == 0) {
+		/* resume session */
+		memcpy(session->internals.resumed_security_parameters.
+		       server_random,
+		       session->security_parameters.server_random,
+		       GNUTLS_RANDOM_SIZE);
+		memcpy(session->internals.resumed_security_parameters.
+		       client_random,
+		       session->security_parameters.client_random,
+		       GNUTLS_RANDOM_SIZE);
+
+		ret = _gnutls_set_cipher_suite2
+		    (session,
+		     session->internals.resumed_security_parameters.
+		     cs);
+		if (ret < 0) {
+			gnutls_assert();
+			goto no_resume;
+		}
+
+		session->internals.resumed = true;	/* we are resuming */
+
+		return 0;
+	} else {
+no_resume:
+		/* keep the new session id */
+		session->internals.resumed = false;	/* we are not resuming */
+		return -1;
+	}
+}
+
+
+/* This function reads and parses the server hello handshake message.
+ * This function also restores resumed parameters if we are resuming a
+ * session.
+ */
+static int
+read_server_hello(gnutls_session_t session,
+		  uint8_t * data, int datalen)
+{
+	uint8_t session_id_len = 0;
+	uint8_t *session_id;
+	uint8_t *cs_pos, *comp_pos, *srandom_pos;
+	uint8_t major, minor;
+	int pos = 0;
+	int ret;
+	int len = datalen;
+	unsigned ext_parse_flag = 0;
+	const version_entry_st *vers, *saved_vers;
+
+	if (datalen < GNUTLS_RANDOM_SIZE+2) {
+		gnutls_assert();
+		return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+	}
+
+	_gnutls_handshake_log("HSK[%p]: Server's version: %d.%d\n",
+			      session, data[pos], data[pos + 1]);
+
+	DECR_LEN(len, 2);
+	major = data[pos];
+	minor = data[pos+1];
+
+	saved_vers = get_version(session); /* will be non-null if HRR has been received */
+
+	vers = nversion_to_entry(major, minor);
+	if (unlikely(vers == NULL))
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+	if (vers->tls13_sem) /* that shouldn't have been negotiated here */
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+	if (_gnutls_set_current_version(session, vers->id) < 0)
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+	pos += 2;
+
+	DECR_LEN(len, GNUTLS_RANDOM_SIZE);
+	srandom_pos = &data[pos];
+	pos += GNUTLS_RANDOM_SIZE;
+
+	/* Read session ID
+	 */
+	DECR_LEN(len, 1);
+	session_id_len = data[pos++];
+
+	if (len < session_id_len || session_id_len > GNUTLS_MAX_SESSION_ID_SIZE) {
+		gnutls_assert();
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+	DECR_LEN(len, session_id_len);
+	session_id = &data[pos];
+	pos += session_id_len;
+
+	DECR_LEN(len, 2);
+	cs_pos = &data[pos];
+	pos += 2;
+
+	/* move to compression
+	 */
+	DECR_LEN(len, 1);
+	comp_pos = &data[pos];
+	pos++;
+
+	/* parse extensions to figure version */
+	ret =
+	    _gnutls_parse_hello_extensions(session, GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO|
+					   GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO,
+					   GNUTLS_EXT_VERSION_NEG,
+					   &data[pos], len);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	vers = get_version(session);
+	if (unlikely(vers == NULL))
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+	if (vers->tls13_sem) {
+		if (major != 0x03 || minor != 0x03)
+			return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+	}
+
+	if (_gnutls_nversion_is_supported(session, vers->major, vers->minor) == 0)
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+	/* set server random - done after final version is selected */
+	ret = _gnutls_set_server_random(session, vers, srandom_pos);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* reset keys and binders if we are not using TLS 1.3 */
+	if (!vers->tls13_sem) {
+		gnutls_memset(&session->key.proto.tls13, 0,
+			      sizeof(session->key.proto.tls13));
+		reset_binders(session);
+	}
+
+	/* check if we are resuming and set the appropriate
+	 * values;
+	 */
+	if (!vers->tls13_sem &&
+	    client_check_if_resuming(session, session_id, session_id_len) == 0) {
+		ret =
+		    _gnutls_parse_hello_extensions(session, GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
+						   GNUTLS_EXT_MANDATORY,
+						   &data[pos], len);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		return 0;
+	} else {
+		session->security_parameters.session_id_size = session_id_len;
+		if (session_id_len > 0)
+			memcpy(session->security_parameters.session_id, session_id,
+			       session_id_len);
+	}
+
+	/* Check if the given cipher suite is supported and copy
+	 * it to the session.
+	 */
+	ret = set_client_ciphersuite(session, cs_pos);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (session->internals.hsk_flags & HSK_HRR_RECEIVED) {
+		/* check if ciphersuite matches */
+		if (memcmp(cs_pos, session->internals.hrr_cs, 2) != 0)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+		/* check if HRR version matches this version */
+		if (vers != saved_vers)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	if (*comp_pos != 0)
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	if (vers->tls13_sem)
+		ext_parse_flag |= GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO;
+	else
+		ext_parse_flag |= GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO;
+
+	/* Parse extensions in order.
+	 */
+	ret =
+	    _gnutls_parse_hello_extensions(session,
+					   ext_parse_flag,
+					   GNUTLS_EXT_MANDATORY,
+					   &data[pos], len);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* check if EtM is required */
+	if (!vers->tls13_sem && session->internals.priorities->force_etm && !session->security_parameters.etm) {
+		const cipher_entry_st *cipher = cipher_to_entry(session->security_parameters.cs->block_algorithm);
+		if (_gnutls_cipher_type(cipher) == CIPHER_BLOCK)
+			return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+	}
+
+
+	ret =
+	    _gnutls_parse_hello_extensions(session,
+					   ext_parse_flag,
+					   GNUTLS_EXT_APPLICATION,
+					   &data[pos], len);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret =
+	    _gnutls_parse_hello_extensions(session,
+					   ext_parse_flag,
+					   GNUTLS_EXT_TLS,
+					   &data[pos], len);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret =
+	    _gnutls_parse_hello_extensions(session,
+					   ext_parse_flag,
+					   _GNUTLS_EXT_TLS_POST_CS,
+					   &data[pos], len);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* Calculate TLS 1.3 Early Secret */
+	if (vers->tls13_sem &&
+	    !(session->internals.hsk_flags & HSK_PSK_SELECTED)) {
+		ret = _tls13_init_secret(session, NULL, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	ret = set_auth_types(session);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	session->internals.hsk_flags |= HSK_SERVER_HELLO_RECEIVED;
+
+	return 0;
+}
+
+/* This function copies the appropriate compression methods, to a locally allocated buffer
+ * Needed in hello messages. Returns the new data length.
+ */
+static int
+append_null_comp(gnutls_session_t session,
+			  gnutls_buffer_st * cdata)
+{
+	uint8_t compression_methods[2] = {0x01, 0x00};
+	size_t init_length = cdata->length;
+	int ret;
+
+	ret =
+	    _gnutls_buffer_append_data(cdata, compression_methods, 2);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = cdata->length - init_length;
+
+	return ret;
+}
+
+/* This function sends the client hello handshake message.
+ */
+static int send_client_hello(gnutls_session_t session, int again)
+{
+	mbuffer_st *bufel = NULL;
+	int type;
+	int ret = 0;
+	const version_entry_st *hver, *min_ver, *max_ver;
+	uint8_t tver[2];
+	gnutls_buffer_st extdata;
+	bool rehandshake = false;
+	bool resuming = false;
+	unsigned add_sr_scsv = 0;
+	uint8_t *session_id =
+		session->internals.resumed_security_parameters.session_id;
+	uint8_t session_id_len =
+		session->internals.resumed_security_parameters.session_id_size;
+
+	if (again == 0) {
+		/* note that rehandshake is different than resuming
+		 */
+		if (session->internals.initial_negotiation_completed)
+			rehandshake = true;
+
+		ret = _gnutls_buffer_init_handshake_mbuffer(&extdata);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		/* if we are resuming a session then we set the
+		 * version number to the previously established.
+		 */
+		if (session->internals.resumption_requested == 0 &&
+		    session->internals.premaster_set == 0) {
+			if (rehandshake)	/* already negotiated version thus version_max == negotiated version */
+				hver = get_version(session);
+			else	/* new handshake. just get the max */
+				hver = _gnutls_legacy_version_max(session);
+		} else {
+			/* we are resuming a session */
+			resuming = true;
+
+			hver =
+			    session->internals.resumed_security_parameters.
+			    pversion;
+
+			if (hver && hver->tls13_sem)
+				hver = _gnutls_legacy_version_max(session);
+		}
+
+		if (hver == NULL) {
+			gnutls_assert();
+			if (session->internals.flags & INT_FLAG_NO_TLS13)
+				ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+			else
+				ret = GNUTLS_E_NO_PRIORITIES_WERE_SET;
+			goto cleanup;
+		}
+
+		if (unlikely(session->internals.default_hello_version[0] != 0)) {
+			tver[0] = session->internals.default_hello_version[0];
+			tver[1] = session->internals.default_hello_version[1];
+		} else {
+			tver[0] = hver->major;
+			tver[1] = hver->minor;
+		}
+		ret = _gnutls_buffer_append_data(&extdata, tver, 2);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		_gnutls_handshake_log("HSK[%p]: Adv. version: %u.%u\n", session,
+				      (unsigned)tver[0], (unsigned)tver[1]);
+
+		min_ver = _gnutls_version_lowest(session);
+		max_ver = _gnutls_version_max(session);
+		if (min_ver == NULL || max_ver == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_NO_PRIORITIES_WERE_SET;
+			goto cleanup;
+		}
+
+		/* if we are replying to an HRR the version is already negotiated */
+		if (!(session->internals.hsk_flags & HSK_HRR_RECEIVED) || !get_version(session)) {
+			/* Set the version we advertized as maximum
+			 * (RSA uses it). */
+			set_adv_version(session, hver->major, hver->minor);
+			if (_gnutls_set_current_version(session, hver->id) < 0) {
+				ret = gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+				goto cleanup;
+			}
+		}
+
+		if (session->internals.priorities->min_record_version != 0) {
+			/* Advertise the lowest supported (SSL 3.0) record packet
+			 * version in record packets during the handshake.
+			 * That is to avoid confusing implementations
+			 * that do not support TLS 1.2 and don't know
+			 * how 3,3 version of record packets look like.
+			 */
+			set_default_version(session, min_ver);
+		} else {
+			set_default_version(session, hver);
+		}
+
+		/* In order to know when this session was initiated.
+		 */
+		session->security_parameters.timestamp = gnutls_time(NULL);
+
+		/* Generate random data
+		 */
+		if (!(session->internals.hsk_flags & HSK_HRR_RECEIVED) &&
+		    !(IS_DTLS(session) && session->internals.dtls.hsk_hello_verify_requests != 0)) {
+			ret = _gnutls_gen_client_random(session);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+		}
+
+		ret = _gnutls_buffer_append_data(&extdata,
+						 session->security_parameters.client_random,
+						 GNUTLS_RANDOM_SIZE);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+#ifdef TLS13_APPENDIX_D4
+		if (max_ver->tls13_sem &&
+		    session->internals.priorities->tls13_compat_mode &&
+		    !resuming) {
+			if (!(session->internals.hsk_flags & HSK_HRR_RECEIVED)) {
+				/* Under TLS1.3 we generate a random session ID to make
+				 * the TLS1.3 session look like a resumed TLS1.2 session */
+				ret = _gnutls_generate_session_id(session->security_parameters.
+								  session_id,
+								  &session->security_parameters.
+								  session_id_size);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+			}
+			session_id = session->security_parameters.session_id;
+			session_id_len = session->security_parameters.session_id_size;
+		}
+#endif
+
+		/* Copy the Session ID - if any
+		 */
+		ret = _gnutls_buffer_append_data_prefix(&extdata, 8,
+							session_id,
+							session_id_len);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		/* Copy the DTLS cookie
+		 */
+		if (IS_DTLS(session)) {
+			ret = _gnutls_buffer_append_data_prefix(&extdata, 8,
+								session->internals.dtls.dcookie.data,
+								session->internals.dtls.dcookie.size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			_gnutls_free_datum(&session->internals.dtls.dcookie);
+		}
+
+		/* Copy the ciphersuites.
+		 */
+#ifdef ENABLE_SSL3
+		/* If using SSLv3 Send TLS_RENEGO_PROTECTION_REQUEST SCSV for MITM
+		 * prevention on initial negotiation (but not renegotiation; that's
+		 * handled with the RI extension below).
+		 */
+		if (!session->internals.initial_negotiation_completed &&
+		    session->security_parameters.entity == GNUTLS_CLIENT &&
+		    (hver->id == GNUTLS_SSL3 &&
+		     session->internals.priorities->no_extensions != 0)) {
+			add_sr_scsv = 1;
+		}
+#endif
+		ret = _gnutls_get_client_ciphersuites(session, &extdata, min_ver, add_sr_scsv);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		/* Copy the compression methods.
+		 */
+		ret = append_null_comp(session, &extdata);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		/* Generate and copy TLS extensions.
+		 */
+		if (session->internals.priorities->no_extensions == 0) {
+			if (_gnutls_version_has_extensions(hver)) {
+				type = GNUTLS_EXT_ANY;
+			} else {
+				type = GNUTLS_EXT_MANDATORY;
+			}
+
+			ret =
+			    _gnutls_gen_hello_extensions(session, &extdata,
+							 GNUTLS_EXT_FLAG_CLIENT_HELLO,
+							 type);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+		}
+
+		bufel = _gnutls_buffer_to_mbuffer(&extdata);
+	}
+
+	ret = _gnutls_send_handshake(session, bufel,
+				     GNUTLS_HANDSHAKE_CLIENT_HELLO);
+
+	if (session->internals.hsk_flags & HSK_EARLY_DATA_IN_FLIGHT) {
+		const cipher_entry_st *ce;
+		const mac_entry_st *me;
+		record_parameters_st *params;
+
+		ce = cipher_to_entry(session->internals.
+				     resumed_security_parameters.
+				     cs->block_algorithm);
+		me = mac_to_entry(session->internals.
+				  resumed_security_parameters.
+				  cs->mac_algorithm);
+
+		ret = _gnutls_epoch_get(session, EPOCH_NEXT, &params);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		params->cipher = ce;
+		params->mac = me;
+
+		ret = _tls13_write_connection_state_init(session, STAGE_EARLY);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		_gnutls_epoch_bump(session);
+		ret = _gnutls_epoch_dup(session, EPOCH_WRITE_CURRENT);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		ret = _gnutls13_send_early_data(session);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	return ret;
+
+ cleanup:
+	_gnutls_buffer_clear(&extdata);
+	return ret;
+}
+
+int _gnutls_send_server_hello(gnutls_session_t session, int again)
+{
+	mbuffer_st *bufel = NULL;
+	gnutls_buffer_st buf;
+	int ret;
+	uint8_t session_id_len =
+	    session->security_parameters.session_id_size;
+	char tmpbuf[2 * GNUTLS_MAX_SESSION_ID_SIZE + 1];
+	const version_entry_st *vers;
+	uint8_t vbytes[2];
+	unsigned extflag = 0;
+	gnutls_ext_parse_type_t etype;
+
+	_gnutls_buffer_init(&buf);
+
+	if (again == 0) {
+		vers = get_version(session);
+		if (unlikely(vers == NULL || session->security_parameters.cs == NULL))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		if (vers->tls13_sem) {
+			vbytes[0] = 0x03; /* TLS1.2 */
+			vbytes[1] = 0x03;
+			extflag |= GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO;
+		} else {
+			vbytes[0] = vers->major;
+			vbytes[1] = vers->minor;
+			extflag |= GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO;
+		}
+
+		ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		ret = _gnutls_buffer_append_data(&buf, vbytes, 2);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		ret = _gnutls_buffer_append_data(&buf,
+						 session->security_parameters.server_random,
+						 GNUTLS_RANDOM_SIZE);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		ret = _gnutls_buffer_append_data_prefix(&buf, 8,
+							session->security_parameters.session_id,
+							session_id_len);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		_gnutls_handshake_log("HSK[%p]: SessionID: %s\n", session,
+				      _gnutls_bin2hex(session->
+						      security_parameters.session_id,
+						      session_id_len, tmpbuf,
+						      sizeof(tmpbuf), NULL));
+
+		ret = _gnutls_buffer_append_data(&buf,
+						 session->security_parameters.cs->id,
+						 2);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		/* compression */
+		ret = _gnutls_buffer_append_prefix(&buf, 8, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		if (!vers->tls13_sem && session->internals.resumed)
+			etype = GNUTLS_EXT_MANDATORY;
+		else
+			etype = GNUTLS_EXT_ANY;
+		ret =
+		    _gnutls_gen_hello_extensions(session, &buf, extflag, etype);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		if (vers->tls13_sem) {
+			/* Under TLS1.3, the session ID is used for different purposes than
+			 * the TLS1.0 session ID. Ensure that there is an internally set
+			 * value which the server will see on the original and resumed sessions */
+			ret = _gnutls_generate_session_id(session->security_parameters.
+							  session_id,
+							  &session->security_parameters.
+							  session_id_size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto fail;
+			}
+		}
+
+		bufel = _gnutls_buffer_to_mbuffer(&buf);
+	}
+
+	ret =
+	    _gnutls_send_handshake(session, bufel,
+				   GNUTLS_HANDSHAKE_SERVER_HELLO);
+
+fail:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+static int
+recv_hello_verify_request(gnutls_session_t session,
+				  uint8_t * data, int datalen)
+{
+	ssize_t len = datalen;
+	size_t pos = 0;
+	uint8_t cookie_len;
+	unsigned int nb_verifs;
+	int ret;
+
+	if (!IS_DTLS(session)) {
+		gnutls_assert();
+		return GNUTLS_E_UNEXPECTED_PACKET;
+	}
+
+	nb_verifs = ++session->internals.dtls.hsk_hello_verify_requests;
+	if (nb_verifs >= MAX_HANDSHAKE_HELLO_VERIFY_REQUESTS) {
+		/* The server is either buggy, malicious or changing cookie
+		   secrets _way_ too fast. */
+		gnutls_assert();
+		return GNUTLS_E_UNEXPECTED_PACKET;
+	}
+
+	DECR_LEN(len, 2);
+	pos += 2;
+
+	DECR_LEN(len, 1);
+	cookie_len = data[pos];
+	pos++;
+
+	if (cookie_len > DTLS_MAX_COOKIE_SIZE) {
+		gnutls_assert();
+		return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+	}
+
+	DECR_LEN(len, cookie_len);
+
+	gnutls_free(session->internals.dtls.dcookie.data);
+	ret = _gnutls_set_datum(&session->internals.dtls.dcookie, &data[pos], cookie_len);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (len != 0) {
+		gnutls_assert();
+		return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+	}
+
+	/* reset handshake hash buffers */
+	handshake_hash_buffer_reset(session);
+	/* reset extensions used in previous hello */
+	session->internals.used_exts = 0;
+
+	return 0;
+}
+
+/* The packets in gnutls_handshake (it's more broad than original TLS handshake)
+ *
+ *     Client					       Server
+ *
+ *     ClientHello		  -------->
+ *				  <--------	 ServerHello
+ *
+ *						    Certificate*
+ *					      ServerKeyExchange*
+ *				  <--------   CertificateRequest*
+ *
+ *				  <--------      ServerHelloDone
+ *     Certificate*
+ *     ClientKeyExchange
+ *     CertificateVerify*
+ *     [ChangeCipherSpec]
+ *     Finished		     -------->
+ *						NewSessionTicket
+ *					      [ChangeCipherSpec]
+ *				  <--------	     Finished
+ *
+ * (*): means optional packet.
+ */
+
+/* Handshake when resumming session:
+ *      Client						Server
+ *
+ *      ClientHello		   -------->
+ *						      ServerHello
+ *					       [ChangeCipherSpec]
+ *				   <--------	     Finished
+ *     [ChangeCipherSpec]
+ *     Finished		      -------->
+ *
+ */
+
+/**
+ * gnutls_rehandshake:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function can only be called in server side, and
+ * instructs a TLS 1.2 or earlier client to renegotiate
+ * parameters (perform a handshake), by sending a
+ * hello request message.
+ *
+ * If this function succeeds, the calling application
+ * should call gnutls_record_recv() until %GNUTLS_E_REHANDSHAKE
+ * is returned to clear any pending data. If the %GNUTLS_E_REHANDSHAKE
+ * error code is not seen, then the handshake request was
+ * not followed by the peer (the TLS protocol does not require
+ * the client to do, and such compliance should be handled
+ * by the application protocol).
+ *
+ * Once the %GNUTLS_E_REHANDSHAKE error code is seen, the
+ * calling application should proceed to calling
+ * gnutls_handshake() to negotiate the new
+ * parameters.
+ *
+ * If the client does not wish to renegotiate parameters he
+ * may reply with an alert message, and in that case the return code seen
+ * by subsequent gnutls_record_recv() will be
+ * %GNUTLS_E_WARNING_ALERT_RECEIVED with the specific alert being
+ * %GNUTLS_A_NO_RENEGOTIATION.  A client may also choose to ignore
+ * this request.
+ *
+ * Under TLS 1.3 this function is equivalent to gnutls_session_key_update()
+ * with the %GNUTLS_KU_PEER flag. In that case subsequent calls to
+ * gnutls_record_recv() will not return %GNUTLS_E_REHANDSHAKE, and
+ * calls to gnutls_handshake() in server side are a no-op.
+ *
+ * This function always fails with %GNUTLS_E_INVALID_REQUEST when
+ * called in client side.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ **/
+int gnutls_rehandshake(gnutls_session_t session)
+{
+	int ret;
+	const version_entry_st *vers = get_version(session);
+
+	/* only server sends that handshake packet */
+	if (session->security_parameters.entity == GNUTLS_CLIENT)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	if (vers->tls13_sem) {
+		return gnutls_session_key_update(session, GNUTLS_KU_PEER);
+	}
+
+	_dtls_async_timer_delete(session);
+
+	ret =
+	    _gnutls_send_empty_handshake(session,
+					 GNUTLS_HANDSHAKE_HELLO_REQUEST,
+					 AGAIN(STATE50));
+	STATE = STATE50;
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+	STATE = STATE0;
+
+	return 0;
+}
+
+/* This function checks whether the error code should be treated fatal
+ * or not, and also does the necessary state transition.  In
+ * particular, in the case of a rehandshake abort it resets the
+ * handshake's internal state.
+ */
+inline static int
+_gnutls_abort_handshake(gnutls_session_t session, int ret)
+{
+	switch (ret) {
+	case GNUTLS_E_WARNING_ALERT_RECEIVED:
+		if (gnutls_alert_get(session) == GNUTLS_A_NO_RENEGOTIATION) {
+			/* The server always toleretes a "no_renegotiation" alert. */
+			if (session->security_parameters.entity == GNUTLS_SERVER) {
+				STATE = STATE0;
+				return ret;
+			}
+
+			/* The client should tolerete a "no_renegotiation" alert only if:
+			 * - the initial handshake has completed, or
+			 * - a Server Hello is not yet received
+			 */
+			if (session->internals.initial_negotiation_completed ||
+			    !(session->internals.hsk_flags & HSK_SERVER_HELLO_RECEIVED)) {
+				STATE = STATE0;
+				return ret;
+			}
+
+			return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+		}
+		return ret;
+	case GNUTLS_E_GOT_APPLICATION_DATA:
+		STATE = STATE0;
+		return ret;
+	default:
+		return ret;
+	}
+}
+
+
+static int _gnutls_send_supplemental(gnutls_session_t session, int again)
+{
+	mbuffer_st *bufel = NULL;
+	int ret = 0;
+
+	_gnutls_debug_log("EXT[%p]: Sending supplemental data\n", session);
+
+	if (!again) {
+		gnutls_buffer_st buf;
+		ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_gen_supplemental(session, &buf);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_buffer_clear(&buf);
+			return ret;
+		}
+
+		bufel = _gnutls_buffer_to_mbuffer(&buf);
+	}
+
+	return _gnutls_send_handshake(session, bufel,
+				      GNUTLS_HANDSHAKE_SUPPLEMENTAL);
+}
+
+static int _gnutls_recv_supplemental(gnutls_session_t session)
+{
+	gnutls_buffer_st buf;
+	int ret;
+
+	_gnutls_debug_log("EXT[%p]: Expecting supplemental data\n",
+			  session);
+
+	ret =
+	    _gnutls_recv_handshake(session, GNUTLS_HANDSHAKE_SUPPLEMENTAL,
+				   1, &buf);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_parse_supplemental(session, buf.data, buf.length);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+      cleanup:
+	_gnutls_buffer_clear(&buf);
+
+	return ret;
+}
+
+/**
+ * gnutls_handshake:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function performs the handshake of the TLS/SSL protocol, and
+ * initializes the TLS session parameters.
+ *
+ * The non-fatal errors expected by this function are:
+ * %GNUTLS_E_INTERRUPTED, %GNUTLS_E_AGAIN,
+ * %GNUTLS_E_WARNING_ALERT_RECEIVED. When this function is called
+ * for re-handshake under TLS 1.2 or earlier, the non-fatal error code
+ * %GNUTLS_E_GOT_APPLICATION_DATA may also be returned.
+ *
+ * The former two interrupt the handshake procedure due to the transport
+ * layer being interrupted, and the latter because of a "warning" alert that
+ * was sent by the peer (it is always a good idea to check any
+ * received alerts). On these non-fatal errors call this function again,
+ * until it returns 0; cf.  gnutls_record_get_direction() and
+ * gnutls_error_is_fatal(). In DTLS sessions the non-fatal error
+ * %GNUTLS_E_LARGE_PACKET is also possible, and indicates that
+ * the MTU should be adjusted.
+ *
+ * When this function is called by a server after a rehandshake request
+ * under TLS 1.2 or earlier the %GNUTLS_E_GOT_APPLICATION_DATA error code indicates
+ * that some data were pending prior to peer initiating the handshake.
+ * Under TLS 1.3 this function when called after a successful handshake, is a no-op
+ * and always succeeds in server side; in client side this function is
+ * equivalent to gnutls_session_key_update() with %GNUTLS_KU_PEER flag.
+ *
+ * This function handles both full and abbreviated TLS handshakes (resumption).
+ * For abbreviated handshakes, in client side, the gnutls_session_set_data()
+ * should be called prior to this function to set parameters from a previous session.
+ * In server side, resumption is handled by either setting a DB back-end, or setting
+ * up keys for session tickets.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on a successful handshake, otherwise a negative error code.
+ **/
+int gnutls_handshake(gnutls_session_t session)
+{
+	const version_entry_st *vers = get_version(session);
+	int ret;
+
+	if (unlikely(session->internals.initial_negotiation_completed)) {
+		if (vers->tls13_sem) {
+			if (session->security_parameters.entity == GNUTLS_CLIENT) {
+				return gnutls_session_key_update(session, GNUTLS_KU_PEER);
+			} else {
+				/* This is a no-op for a server under TLS 1.3, as
+				 * a server has already called gnutls_rehandshake()
+				 * which performed a key update.
+				 */
+				return 0;
+			}
+		}
+	}
+
+	if (STATE == STATE0) {
+		unsigned int tmo_ms;
+		struct timespec *end;
+		struct timespec *start;
+
+		/* first call */
+		if (session->internals.priorities == NULL ||
+		    session->internals.priorities->cs.size == 0)
+			return gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET);
+
+		ret =
+		    _gnutls_epoch_setup_next(session, 0, NULL);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		session->internals.used_exts = 0;
+		session->internals.hsk_flags = 0;
+		session->internals.handshake_in_progress = 1;
+		session->internals.vc_status = -1;
+		gnutls_gettime(&session->internals.handshake_start_time);
+
+		tmo_ms = session->internals.handshake_timeout_ms;
+		end = &session->internals.handshake_abs_timeout;
+		start = &session->internals.handshake_start_time;
+
+		if (tmo_ms && end->tv_sec == 0 && end->tv_nsec == 0) {
+			end->tv_sec =
+				start->tv_sec + (start->tv_nsec + tmo_ms * 1000000LL) / 1000000000LL;
+			end->tv_nsec =
+				(start->tv_nsec + tmo_ms * 1000000LL) % 1000000000LL;
+		}
+
+#ifdef ENABLE_KTLS
+		if (_gnutls_config_is_ktls_enabled()) {
+			if ((session->internals.pull_func &&
+				session->internals.pull_func != system_read) ||
+			    session->internals.push_func) {
+				_gnutls_audit_log(session,
+						  "Not enabling KTLS with "
+						  "custom pull/push function\n");
+			} else {
+				_gnutls_ktls_enable(session);
+			}
+		}
+#endif
+	}
+
+	if (session->internals.recv_state == RECV_STATE_FALSE_START) {
+		session_invalidate(session);
+		return gnutls_assert_val(GNUTLS_E_HANDSHAKE_DURING_FALSE_START);
+	}
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		do {
+			ret = handshake_client(session);
+		} while (ret == 1);
+	} else {
+		ret = handshake_server(session);
+	}
+
+	if (ret < 0) {
+		return _gnutls_abort_handshake(session, ret);
+	}
+
+	/* clear handshake buffer */
+	if (session->internals.recv_state != RECV_STATE_FALSE_START &&
+	    session->internals.recv_state != RECV_STATE_EARLY_START) {
+
+		_gnutls_handshake_hash_buffers_clear(session);
+
+		if (IS_DTLS(session) == 0) {
+			_gnutls_handshake_io_buffer_clear(session);
+		} else {
+			_dtls_async_timer_init(session);
+		}
+
+		_gnutls_handshake_internal_state_clear(session);
+
+		_gnutls_buffer_clear(&session->internals.record_presend_buffer);
+
+		_gnutls_epoch_bump(session);
+	}
+
+	/* Give an estimation of the round-trip under TLS1.3, used by gnutls_session_get_data2() */
+	if (!IS_SERVER(session) && vers->tls13_sem) {
+		struct timespec handshake_finish_time;
+		gnutls_gettime(&handshake_finish_time);
+
+		if (!(session->internals.hsk_flags & HSK_HRR_RECEIVED)) {
+			session->internals.ertt = timespec_sub_ms(&handshake_finish_time, &session->internals.handshake_start_time)/2;
+		} else {
+			session->internals.ertt = timespec_sub_ms(&handshake_finish_time, &session->internals.handshake_start_time)/4;
+		}
+	}
+
+#ifdef ENABLE_KTLS
+	if (IS_KTLS_ENABLED(session, GNUTLS_KTLS_DUPLEX)) {
+		_gnutls_ktls_set_keys(session);
+	}
+#endif
+
+	return 0;
+}
+
+/**
+ * gnutls_handshake_set_timeout:
+ * @session: is a #gnutls_session_t type.
+ * @ms: is a timeout value in milliseconds
+ *
+ * This function sets the timeout for the TLS handshake process
+ * to the provided value. Use an @ms value of zero to disable
+ * timeout, or %GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT for a reasonable
+ * default value. For the DTLS protocol, the more detailed
+ * gnutls_dtls_set_timeouts() is provided.
+ *
+ * This function requires to set a pull timeout callback. See
+ * gnutls_transport_set_pull_timeout_function().
+ *
+ * Since: 3.1.0
+ **/
+void
+gnutls_handshake_set_timeout(gnutls_session_t session, unsigned int ms)
+{
+	if (ms == GNUTLS_INDEFINITE_TIMEOUT) {
+		session->internals.handshake_timeout_ms = 0;
+		return;
+	}
+
+	if (ms == GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT)
+		ms = DEFAULT_HANDSHAKE_TIMEOUT_MS;
+
+	if (IS_DTLS(session)) {
+		gnutls_dtls_set_timeouts(session, DTLS_RETRANS_TIMEOUT, ms);
+		return;
+	}
+
+	session->internals.handshake_timeout_ms = ms;
+}
+
+/* Runs the certificate verification callback.
+ * side is the side that we verify the certificate
+ * from (either GNUTLS_CLIENT or GNUTLS_SERVER).
+ */
+int _gnutls_run_verify_callback(gnutls_session_t session, unsigned int side)
+{
+	gnutls_certificate_credentials_t cred;
+	int ret, type;
+
+	if (session->internals.hsk_flags & HSK_PSK_SELECTED)
+		return 0;
+
+	cred =
+	    (gnutls_certificate_credentials_t) _gnutls_get_cred(session,
+								GNUTLS_CRD_CERTIFICATE);
+
+	if (side == GNUTLS_CLIENT)
+		type = gnutls_auth_server_get_type(session);
+	else
+		type = gnutls_auth_client_get_type(session);
+
+	if (type != GNUTLS_CRD_CERTIFICATE)
+		return 0;
+
+	/* verify whether the certificate of the peer remained the same
+	 * as with any previous handshakes */
+	if (cred != NULL) {
+		ret = _gnutls_check_if_cert_hash_is_same(session, cred);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	if (cred != NULL &&
+	    (cred->verify_callback != NULL || session->internals.verify_callback != NULL) &&
+	    (session->security_parameters.entity == GNUTLS_CLIENT ||
+	     session->internals.send_cert_req != GNUTLS_CERT_IGNORE)) {
+		if (session->internals.verify_callback)
+			ret = session->internals.verify_callback(session);
+		else
+			ret = cred->verify_callback(session);
+		if (ret < -1)
+			return gnutls_assert_val(ret);
+		else if (ret != 0)
+			return gnutls_assert_val(GNUTLS_E_CERTIFICATE_ERROR);
+	}
+
+	return 0;
+}
+
+static bool can_send_false_start(gnutls_session_t session)
+{
+	const version_entry_st *vers;
+
+	vers = get_version(session);
+	if (unlikely(vers == NULL || !vers->false_start))
+		return 0;
+
+	if (session->internals.selected_cert_list != NULL)
+		return 0;
+
+	if (!_gnutls_kx_allows_false_start(session))
+		return 0;
+
+	return 1;
+}
+
+/*
+ * handshake_client
+ * This function performs the client side of the handshake of the TLS/SSL protocol.
+ */
+static int handshake_client(gnutls_session_t session)
+{
+	int ret = 0;
+	const version_entry_st *ver;
+
+ reset:
+	if (STATE >= STATE99)
+		return _gnutls13_handshake_client(session);
+
+	switch (STATE) {
+	case STATE0:
+	case STATE1:
+		ret = send_client_hello(session, AGAIN(STATE1));
+		STATE = STATE1;
+		IMED_RET("send hello", ret, 1);
+		FALLTHROUGH;
+	case STATE2:
+		if (IS_DTLS(session)) {
+			ret =
+			    _gnutls_recv_handshake(session,
+						   GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST,
+						   1, NULL);
+			STATE = STATE2;
+			IMED_RET("recv hello verify", ret, 1);
+
+			if (ret == 1) {
+				STATE = STATE0;
+				return 1;
+			}
+		} else {
+			ret =
+			    _gnutls_recv_handshake(session,
+						   GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST,
+						   1, NULL);
+			STATE = STATE2;
+			IMED_RET("recv hello retry", ret, 1);
+
+			if (ret == 1) {
+				STATE = STATE0;
+				return 1;
+			}
+		}
+		FALLTHROUGH;
+	case STATE3:
+		/* receive the server hello */
+		ret =
+		    _gnutls_recv_handshake(session,
+					   GNUTLS_HANDSHAKE_SERVER_HELLO,
+					   0, NULL);
+		STATE = STATE3;
+		IMED_RET("recv hello", ret, 1);
+		FALLTHROUGH;
+	case STATE4:
+		ver = get_version(session);
+		if (ver->tls13_sem) { /* TLS 1.3 state machine */
+			STATE = STATE99;
+			goto reset;
+		}
+
+		ret = _gnutls_ext_sr_verify(session);
+		STATE = STATE4;
+		IMED_RET_FATAL("recv hello", ret, 0);
+		FALLTHROUGH;
+	case STATE5:
+		if (session->security_parameters.do_recv_supplemental) {
+			ret = _gnutls_recv_supplemental(session);
+			STATE = STATE5;
+			IMED_RET("recv supplemental", ret, 1);
+		}
+		FALLTHROUGH;
+	case STATE6:
+		/* RECV CERTIFICATE */
+		if (!session->internals.resumed)	/* if we are not resuming */
+			ret = _gnutls_recv_server_certificate(session);
+		STATE = STATE6;
+		IMED_RET("recv server certificate", ret, 1);
+		FALLTHROUGH;
+	case STATE7:
+#ifdef ENABLE_OCSP
+		/* RECV CERTIFICATE STATUS */
+		if (!session->internals.resumed)	/* if we are not resuming */
+			ret =
+			    _gnutls_recv_server_certificate_status
+			    (session);
+		STATE = STATE7;
+		IMED_RET("recv server certificate", ret, 1);
+#endif
+		FALLTHROUGH;
+	case STATE8:
+		ret = _gnutls_run_verify_callback(session, GNUTLS_CLIENT);
+		STATE = STATE8;
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		FALLTHROUGH;
+	case STATE9:
+		/* receive the server key exchange */
+		if (!session->internals.resumed)	/* if we are not resuming */
+			ret = _gnutls_recv_server_kx_message(session);
+		STATE = STATE9;
+		IMED_RET("recv server kx message", ret, 1);
+		FALLTHROUGH;
+	case STATE10:
+		/* receive the server certificate request - if any
+		 */
+
+		if (!session->internals.resumed)	/* if we are not resuming */
+			ret = _gnutls_recv_server_crt_request(session);
+		STATE = STATE10;
+		IMED_RET("recv server certificate request message", ret,
+			 1);
+		FALLTHROUGH;
+	case STATE11:
+		/* receive the server hello done */
+		if (!session->internals.resumed)	/* if we are not resuming */
+			ret =
+			    _gnutls_recv_handshake(session,
+						   GNUTLS_HANDSHAKE_SERVER_HELLO_DONE,
+						   0, NULL);
+		STATE = STATE11;
+		IMED_RET("recv server hello done", ret, 1);
+		FALLTHROUGH;
+	case STATE12:
+		if (session->security_parameters.do_send_supplemental) {
+			ret =
+			    _gnutls_send_supplemental(session,
+						      AGAIN(STATE12));
+			STATE = STATE12;
+			IMED_RET("send supplemental", ret, 0);
+		}
+		FALLTHROUGH;
+	case STATE13:
+		/* send our certificate - if any and if requested
+		 */
+		if (!session->internals.resumed)	/* if we are not resuming */
+			ret =
+			    _gnutls_send_client_certificate(session,
+							    AGAIN
+							    (STATE13));
+		STATE = STATE13;
+		IMED_RET("send client certificate", ret, 0);
+		FALLTHROUGH;
+	case STATE14:
+		if (!session->internals.resumed)	/* if we are not resuming */
+			ret =
+			    _gnutls_send_client_kx_message(session,
+							   AGAIN(STATE14));
+		STATE = STATE14;
+		IMED_RET("send client kx", ret, 0);
+		FALLTHROUGH;
+	case STATE15:
+		/* send client certificate verify */
+		if (!session->internals.resumed)	/* if we are not resuming */
+			ret =
+			    _gnutls_send_client_certificate_verify(session,
+								   AGAIN
+								   (STATE15));
+		STATE = STATE15;
+		IMED_RET("send client certificate verify", ret, 1);
+		FALLTHROUGH;
+	case STATE16:
+		STATE = STATE16;
+		if (!session->internals.resumed) {
+			ret = send_handshake_final(session, true);
+			IMED_RET("send handshake final 2", ret, 1);
+		} else {
+			ret = _gnutls_recv_new_session_ticket(session);
+			IMED_RET("recv handshake new session ticket", ret,
+				 1);
+		}
+		FALLTHROUGH;
+	case STATE17:
+		STATE = STATE17;
+		if (!session->internals.resumed && (session->internals.flags & GNUTLS_ENABLE_FALSE_START) && can_send_false_start(session)) {
+			session->internals.hsk_flags |= HSK_FALSE_START_USED;
+			session->internals.recv_state = RECV_STATE_FALSE_START;
+			/* complete this phase of the handshake. We
+			 * should be called again by gnutls_record_recv()
+			 */
+			STATE = STATE18;
+			gnutls_assert();
+
+			return 0;
+		}
+		FALLTHROUGH;
+	case STATE18:
+		STATE = STATE18;
+
+		if (!session->internals.resumed) {
+			ret = _gnutls_recv_new_session_ticket(session);
+			IMED_RET("recv handshake new session ticket", ret,
+				 1);
+		} else {
+			ret = recv_handshake_final(session, true);
+			IMED_RET("recv handshake final", ret, 1);
+		}
+		FALLTHROUGH;
+	case STATE19:
+		STATE = STATE19;
+		if (!session->internals.resumed) {
+			ret = recv_handshake_final(session, false);
+			IMED_RET("recv handshake final 2", ret, 1);
+		} else {
+			ret = send_handshake_final(session, false);
+			IMED_RET("send handshake final", ret, 1);
+		}
+
+		STATE = STATE0;
+		FALLTHROUGH;
+	default:
+		break;
+	}
+
+	/* explicitly reset any false start flags */
+	gnutls_mutex_lock(&session->internals.post_negotiation_lock);
+	session->internals.initial_negotiation_completed = 1;
+	session->internals.recv_state = RECV_STATE_0;
+	gnutls_mutex_unlock(&session->internals.post_negotiation_lock);
+
+	return 0;
+}
+
+
+
+/* This function is to be called if the handshake was successfully
+ * completed. This sends a Change Cipher Spec packet to the peer.
+ */
+ssize_t _gnutls_send_change_cipher_spec(gnutls_session_t session, int again)
+{
+	uint8_t *data;
+	mbuffer_st *bufel;
+	int ret;
+	const version_entry_st *vers;
+
+	if (again == 0) {
+		bufel = _gnutls_handshake_alloc(session, 3); /* max for DTLS0.9 */
+		if (bufel == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		vers = get_version(session);
+		if (unlikely(vers == NULL))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		if (vers->id == GNUTLS_DTLS0_9)
+			_mbuffer_set_uhead_size(bufel, 3);
+		else
+			_mbuffer_set_uhead_size(bufel, 1);
+		_mbuffer_set_udata_size(bufel, 0);
+
+		data = _mbuffer_get_uhead_ptr(bufel);
+
+		data[0] = 1;
+		if (vers->id == GNUTLS_DTLS0_9) {
+			_gnutls_write_uint16(session->internals.dtls.
+					     hsk_write_seq, &data[1]);
+			session->internals.dtls.hsk_write_seq++;
+		}
+
+		ret = _gnutls_call_hook_func(session, GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC, GNUTLS_HOOK_PRE, 0,
+					     data, 1);
+		if (ret < 0) {
+			_mbuffer_xfree(&bufel);
+			return gnutls_assert_val(ret);
+		}
+
+		ret =
+		    _gnutls_handshake_io_cache_int(session,
+						   GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC,
+						   bufel);
+		if (ret < 0) {
+			_mbuffer_xfree(&bufel);
+			return gnutls_assert_val(ret);
+		}
+
+		ret = _gnutls_call_hook_func(session, GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC, GNUTLS_HOOK_POST, 0,
+					     data, 1);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		/* under TLS 1.3, CCS may be immediately followed by
+		 * receiving ClientHello thus cannot be cached */
+		if (vers->tls13_sem) {
+			ret = _gnutls_handshake_io_write_flush(session);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+
+		_gnutls_handshake_log("REC[%p]: Sent ChangeCipherSpec\n",
+				      session);
+	}
+
+	return 0;
+}
+
+/* This function sends the final handshake packets and initializes connection
+ */
+static int send_handshake_final(gnutls_session_t session, int init)
+{
+	int ret = 0;
+
+	/* Send the CHANGE CIPHER SPEC PACKET */
+
+	switch (FINAL_STATE) {
+	case STATE0:
+	case STATE1:
+		ret = _gnutls_send_change_cipher_spec(session, FAGAIN(STATE1));
+		FINAL_STATE = STATE0;
+
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+		/* Initialize the connection session (start encryption) - in case of client
+		 */
+		if (init) {
+			ret = _gnutls_connection_state_init(session);
+			if (ret < 0) {
+				gnutls_assert();
+				return ret;
+			}
+		}
+
+		ret = _gnutls_write_connection_state_init(session);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		FALLTHROUGH;
+	case STATE2:
+		/* send the finished message */
+		ret = _gnutls_send_finished(session, FAGAIN(STATE2));
+		FINAL_STATE = STATE2;
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		FINAL_STATE = STATE0;
+		FALLTHROUGH;
+	default:
+		break;
+	}
+
+	return 0;
+}
+
+/* This function receives the final handshake packets
+ * And executes the appropriate function to initialize the
+ * read session.
+ */
+static int recv_handshake_final(gnutls_session_t session, int init)
+{
+	int ret = 0;
+	uint8_t ccs[3];
+	unsigned int ccs_len = 1;
+	unsigned int tleft;
+	const version_entry_st *vers;
+
+	ret = handshake_remaining_time(session);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+	tleft = ret;
+
+	switch (FINAL_STATE) {
+	case STATE0:
+	case STATE30:
+		FINAL_STATE = STATE30;
+
+		/* This is the last flight and peer cannot be sure
+		 * we have received it unless we notify him. So we
+		 * wait for a message and retransmit if needed. */
+		if (IS_DTLS(session) && !_dtls_is_async(session) &&
+		    (gnutls_record_check_pending(session) +
+		     record_check_unprocessed(session)) == 0) {
+			ret = _dtls_wait_and_retransmit(session);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+
+		vers = get_version(session);
+		if (unlikely(vers == NULL))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		if (vers->id == GNUTLS_DTLS0_9)
+			ccs_len = 3;
+
+		ret =
+		    _gnutls_recv_int(session, GNUTLS_CHANGE_CIPHER_SPEC,
+				     ccs, ccs_len, NULL, tleft);
+		if (ret <= 0) {
+			gnutls_assert();
+			return (ret<0)?ret:GNUTLS_E_UNEXPECTED_PACKET;
+		}
+
+		if (vers->id == GNUTLS_DTLS0_9)
+			session->internals.dtls.hsk_read_seq++;
+
+		/* Initialize the connection session (start encryption) - in case of server */
+		if (init) {
+			ret = _gnutls_connection_state_init(session);
+			if (ret < 0) {
+				gnutls_assert();
+				return ret;
+			}
+		}
+
+		ret = _gnutls_read_connection_state_init(session);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+		FALLTHROUGH;
+	case STATE31:
+		FINAL_STATE = STATE31;
+
+		if (IS_DTLS(session) && !_dtls_is_async(session) &&
+		    (gnutls_record_check_pending(session) +
+		     record_check_unprocessed(session)) == 0) {
+			ret = _dtls_wait_and_retransmit(session);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+
+		ret = _gnutls_recv_finished(session);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+		FINAL_STATE = STATE0;
+		FALLTHROUGH;
+	default:
+		break;
+	}
+
+	return 0;
+}
+
+/*
+ * handshake_server
+ * This function does the server stuff of the handshake protocol.
+ */
+static int handshake_server(gnutls_session_t session)
+{
+	int ret = 0;
+	const version_entry_st *ver;
+
+ reset:
+
+	if (STATE >= STATE90)
+		return _gnutls13_handshake_server(session);
+
+	switch (STATE) {
+	case STATE0:
+	case STATE1:
+		ret =
+		    _gnutls_recv_handshake(session,
+					   GNUTLS_HANDSHAKE_CLIENT_HELLO,
+					   0, NULL);
+		if (ret == GNUTLS_E_INT_RET_0) {
+			/* this is triggered by post_client_hello, and instructs the
+			 * handshake to proceed but be put on hold */
+			ret = GNUTLS_E_INTERRUPTED;
+			STATE = STATE2; /* hello already parsed -> move on */
+		} else {
+			STATE = STATE1;
+		}
+
+		if (ret == GNUTLS_E_NO_COMMON_KEY_SHARE) {
+			STATE = STATE90;
+			session->internals.hsk_flags |= HSK_HRR_SENT;
+			goto reset;
+		}
+
+		IMED_RET("recv hello", ret, 1);
+		FALLTHROUGH;
+	case STATE2:
+
+		ret = _gnutls_ext_sr_verify(session);
+		STATE = STATE2;
+		IMED_RET_FATAL("recv hello", ret, 0);
+		FALLTHROUGH;
+	case STATE3:
+		ret = _gnutls_send_server_hello(session, AGAIN(STATE3));
+		STATE = STATE3;
+		IMED_RET("send hello", ret, 1);
+
+		ver = get_version(session);
+		if (ver->tls13_sem) { /* TLS 1.3 state machine */
+			STATE = STATE99;
+			goto reset;
+		}
+
+		FALLTHROUGH;
+	case STATE4:
+		if (session->security_parameters.do_send_supplemental) {
+			ret =
+			    _gnutls_send_supplemental(session,
+						      AGAIN(STATE4));
+			STATE = STATE4;
+			IMED_RET("send supplemental data", ret, 0);
+		}
+		/* SEND CERTIFICATE + KEYEXCHANGE + CERTIFICATE_REQUEST */
+		FALLTHROUGH;
+	case STATE5:
+		/* NOTE: these should not be send if we are resuming */
+
+		if (!session->internals.resumed)
+			ret =
+			    _gnutls_send_server_certificate(session,
+							    AGAIN(STATE5));
+		STATE = STATE5;
+		IMED_RET("send server certificate", ret, 0);
+		FALLTHROUGH;
+	case STATE6:
+#ifdef ENABLE_OCSP
+		if (!session->internals.resumed)
+			ret =
+			    _gnutls_send_server_certificate_status(session,
+								   AGAIN
+								   (STATE6));
+		STATE = STATE6;
+		IMED_RET("send server certificate status", ret, 0);
+#endif
+		FALLTHROUGH;
+	case STATE7:
+		/* send server key exchange (A) */
+		if (!session->internals.resumed)
+			ret =
+			    _gnutls_send_server_kx_message(session,
+							   AGAIN(STATE7));
+		STATE = STATE7;
+		IMED_RET("send server kx", ret, 0);
+		FALLTHROUGH;
+	case STATE8:
+		/* Send certificate request - if requested to */
+		if (!session->internals.resumed)
+			ret =
+			    _gnutls_send_server_crt_request(session,
+							    AGAIN(STATE8));
+		STATE = STATE8;
+		IMED_RET("send server cert request", ret, 0);
+		FALLTHROUGH;
+	case STATE9:
+		/* send the server hello done */
+		if (!session->internals.resumed)	/* if we are not resuming */
+			ret =
+			    _gnutls_send_empty_handshake(session,
+							 GNUTLS_HANDSHAKE_SERVER_HELLO_DONE,
+							 AGAIN(STATE9));
+		STATE = STATE9;
+		IMED_RET("send server hello done", ret, 1);
+		FALLTHROUGH;
+	case STATE10:
+		if (session->security_parameters.do_recv_supplemental) {
+			ret = _gnutls_recv_supplemental(session);
+			STATE = STATE10;
+			IMED_RET("recv client supplemental", ret, 1);
+		}
+		/* RECV CERTIFICATE + KEYEXCHANGE + CERTIFICATE_VERIFY */
+		FALLTHROUGH;
+	case STATE11:
+		/* receive the client certificate message */
+		if (!session->internals.resumed)	/* if we are not resuming */
+			ret = _gnutls_recv_client_certificate(session);
+		STATE = STATE11;
+		IMED_RET("recv client certificate", ret, 1);
+		FALLTHROUGH;
+	case STATE12:
+		ret = _gnutls_run_verify_callback(session, GNUTLS_SERVER);
+		STATE = STATE12;
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		FALLTHROUGH;
+	case STATE13:
+		/* receive the client key exchange message */
+		if (!session->internals.resumed)	/* if we are not resuming */
+			ret = _gnutls_recv_client_kx_message(session);
+		STATE = STATE13;
+		IMED_RET("recv client kx", ret, 1);
+		FALLTHROUGH;
+	case STATE14:
+		/* receive the client certificate verify message */
+		if (!session->internals.resumed)	/* if we are not resuming */
+			ret =
+			    _gnutls_recv_client_certificate_verify_message
+			    (session);
+		STATE = STATE14;
+		IMED_RET("recv client certificate verify", ret, 1);
+		FALLTHROUGH;
+	case STATE15:
+		STATE = STATE15;
+		if (!session->internals.resumed) {	/* if we are not resuming */
+			ret = recv_handshake_final(session, true);
+			IMED_RET("recv handshake final", ret, 1);
+		} else {
+			ret = send_handshake_final(session, true);
+			IMED_RET("send handshake final 2", ret, 1);
+		}
+		FALLTHROUGH;
+	case STATE16:
+		ret =
+		    _gnutls_send_new_session_ticket(session,
+						    AGAIN(STATE16));
+		STATE = STATE16;
+		IMED_RET("send handshake new session ticket", ret, 0);
+		FALLTHROUGH;
+	case STATE17:
+		STATE = STATE17;
+		if (!session->internals.resumed) {	/* if we are not resuming */
+			ret = send_handshake_final(session, false);
+			IMED_RET("send handshake final", ret, 1);
+
+			if (session->security_parameters.entity ==
+			    GNUTLS_SERVER
+			    && !(session->internals.hsk_flags & HSK_TLS12_TICKET_SENT)) {
+				/* if no ticket, save session data */
+				_gnutls_server_register_current_session
+				    (session);
+			}
+		} else {
+			ret = recv_handshake_final(session, false);
+			IMED_RET("recv handshake final 2", ret, 1);
+		}
+
+		STATE = STATE0;
+		FALLTHROUGH;
+	default:
+		break;
+	}
+
+	/* no lock of post_negotiation_lock is required here as this is not run
+	 * after handshake */
+	session->internals.initial_negotiation_completed = 1;
+
+	return _gnutls_check_id_for_change(session);
+}
+
+int _gnutls_generate_session_id(uint8_t * session_id, uint8_t *len)
+{
+	int ret;
+
+	*len = GNUTLS_DEF_SESSION_ID_SIZE;
+
+	ret =
+	    gnutls_rnd(GNUTLS_RND_NONCE, session_id,
+			GNUTLS_DEF_SESSION_ID_SIZE);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+
+/**
+ * gnutls_handshake_set_max_packet_length:
+ * @session: is a #gnutls_session_t type.
+ * @max: is the maximum number.
+ *
+ * This function will set the maximum size of all handshake messages.
+ * Handshakes over this size are rejected with
+ * %GNUTLS_E_HANDSHAKE_TOO_LARGE error code.  The default value is
+ * 128kb which is typically large enough.  Set this to 0 if you do not
+ * want to set an upper limit.
+ *
+ * The reason for restricting the handshake message sizes are to
+ * limit Denial of Service attacks.
+ *
+ * Note that the maximum handshake size was increased to 128kb
+ * from 48kb in GnuTLS 3.5.5.
+ **/
+void
+gnutls_handshake_set_max_packet_length(gnutls_session_t session,
+				       size_t max)
+{
+	session->internals.max_handshake_data_buffer_size = max;
+}
+
+/**
+ * gnutls_handshake_get_last_in:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function is only useful to check where the last performed
+ * handshake failed.  If the previous handshake succeed or was not
+ * performed at all then no meaningful value will be returned.
+ *
+ * Check %gnutls_handshake_description_t in gnutls.h for the
+ * available handshake descriptions.
+ *
+ * Returns: the last handshake message type received, a
+ * %gnutls_handshake_description_t.
+ **/
+gnutls_handshake_description_t
+gnutls_handshake_get_last_in(gnutls_session_t session)
+{
+	return session->internals.last_handshake_in;
+}
+
+/**
+ * gnutls_handshake_get_last_out:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function is only useful to check where the last performed
+ * handshake failed.  If the previous handshake succeed or was not
+ * performed at all then no meaningful value will be returned.
+ *
+ * Check %gnutls_handshake_description_t in gnutls.h for the
+ * available handshake descriptions.
+ *
+ * Returns: the last handshake message type sent, a
+ * %gnutls_handshake_description_t.
+ **/
+gnutls_handshake_description_t
+gnutls_handshake_get_last_out(gnutls_session_t session)
+{
+	return session->internals.last_handshake_out;
+}
+
+/* This returns the session hash as in draft-ietf-tls-session-hash-02.
+ */
+int _gnutls_handshake_get_session_hash(gnutls_session_t session, gnutls_datum_t *shash)
+{
+	const version_entry_st *ver = get_version(session);
+	int ret;
+	uint8_t concat[2*MAX_HASH_SIZE];
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (session->internals.handshake_hash_buffer_client_kx_len == 0 ||
+	    (session->internals.handshake_hash_buffer.length <
+	    session->internals.handshake_hash_buffer_client_kx_len)) {
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	ret =
+	    _gnutls_hash_fast((gnutls_digest_algorithm_t)session->security_parameters.prf->id,
+			      session->internals.handshake_hash_buffer.
+			      data,
+			      session->internals.handshake_hash_buffer_client_kx_len,
+			      concat);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return _gnutls_set_datum(shash, concat, session->security_parameters.prf->output_size);
+}
diff --git a/lib/handshake.h b/lib/handshake.h
new file mode 100644
index 0000000..8d858f4
--- /dev/null
+++ b/lib/handshake.h
@@ -0,0 +1,177 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_HANDSHAKE_H
+#define GNUTLS_LIB_HANDSHAKE_H
+
+#include "errors.h"
+#include "record.h"
+#include <assert.h>
+
+/* The following two macros are used in the handshake state machines; the first
+ * (IMED_RET) accounts for non-fatal errors and re-entry to current state, while
+ * the latter invalidates the handshake on any error (to be used by functions
+ * that are not expected to return non-fatal errors).
+ */
+#define IMED_RET( str, ret, allow_alert) do { \
+	if (ret < 0) { \
+		/* EAGAIN and INTERRUPTED are always non-fatal */ \
+		if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) \
+			return ret; \
+		if (ret == GNUTLS_E_GOT_APPLICATION_DATA && session->internals.initial_negotiation_completed != 0) \
+			return ret; \
+		if (session->internals.handshake_suspicious_loops < 16) { \
+			if (ret == GNUTLS_E_LARGE_PACKET) { \
+				session->internals.handshake_suspicious_loops++; \
+				return ret; \
+			} \
+			/* a warning alert might interrupt handshake */ \
+			if (allow_alert != 0 && ret==GNUTLS_E_WARNING_ALERT_RECEIVED) { \
+				session->internals.handshake_suspicious_loops++; \
+				return ret; \
+			} \
+		} \
+		gnutls_assert(); \
+		/* do not allow non-fatal errors at this point */ \
+		if (gnutls_error_is_fatal(ret) == 0) ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); \
+		session_invalidate(session); \
+		_gnutls_handshake_hash_buffers_clear(session); \
+		return ret; \
+	} } while (0)
+
+#define IMED_RET_FATAL( str, ret, allow_alert) do { \
+	if (ret < 0) { \
+		gnutls_assert(); \
+		if (gnutls_error_is_fatal(ret) == 0) \
+			ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); \
+		session_invalidate(session); \
+		_gnutls_handshake_hash_buffers_clear(session); \
+		return ret; \
+	} } while (0)
+
+int _gnutls_send_handshake(gnutls_session_t session, mbuffer_st * bufel,
+			   gnutls_handshake_description_t type);
+int _gnutls_recv_handshake(gnutls_session_t session,
+			   gnutls_handshake_description_t type,
+			   unsigned int optional, gnutls_buffer_st * buf);
+
+int
+_gnutls_send_handshake2(gnutls_session_t session, mbuffer_st * bufel,
+		        gnutls_handshake_description_t type, unsigned queue_only);
+
+int _gnutls_generate_session_id(uint8_t * session_id, uint8_t * len);
+int _gnutls_gen_server_random(gnutls_session_t session, int version);
+void _gnutls_set_client_random(gnutls_session_t session, uint8_t * rnd);
+
+ssize_t _gnutls_send_change_cipher_spec(gnutls_session_t session, int again);
+
+int _gnutls_send_server_hello(gnutls_session_t session, int again);
+
+int _gnutls_find_pk_algos_in_ciphersuites(uint8_t * data, int datalen);
+int _gnutls_server_select_suite(gnutls_session_t session, uint8_t * data,
+				unsigned int datalen, unsigned int scsv_only);
+
+int _gnutls_negotiate_version(gnutls_session_t session,
+			      uint8_t major, uint8_t minor,
+			      unsigned allow_tls13);
+int _gnutls_user_hello_func(gnutls_session_t session,
+			    uint8_t major, uint8_t minor);
+
+void _gnutls_handshake_hash_buffers_clear(gnutls_session_t session);
+
+int _gnutls13_handshake_hash_buffers_synth(gnutls_session_t session,
+					   const mac_entry_st *prf,
+					   unsigned client);
+
+#define STATE session->internals.handshake_state
+#define FINAL_STATE session->internals.handshake_final_state
+/* This returns true if we have got there
+ * before (and not finished due to an interrupt).
+ */
+#define AGAIN(target) (STATE==target?1:0)
+#define FAGAIN(target) (FINAL_STATE==target?1:0)
+#define AGAIN2(state, target) (state==target?1:0)
+
+/* return the remaining time in ms */
+inline static int handshake_remaining_time(gnutls_session_t session)
+{
+	struct timespec *end = &session->internals.handshake_abs_timeout;
+
+	if (end->tv_sec || end->tv_nsec) {
+		struct timespec now;
+		gnutls_gettime(&now);
+
+		if (now.tv_sec < end->tv_sec ||
+		   (now.tv_sec == end->tv_sec && now.tv_nsec < end->tv_nsec))
+		{
+			long long now_ms = now.tv_sec * 1000LL + now.tv_nsec / 1000000;
+			long long end_ms = end->tv_sec * 1000LL + end->tv_nsec / 1000000;
+
+			return end_ms - now_ms;
+		} else
+			return gnutls_assert_val(GNUTLS_E_TIMEDOUT);
+	}
+	return 0;
+}
+
+/* Returns non-zero if the present credentials are sufficient for TLS1.3 negotiation.
+ * This is to be used in client side only. On server side, it is allowed to start
+ * without credentials.
+ */
+inline static unsigned have_creds_for_tls13(gnutls_session_t session)
+{
+	assert(session->security_parameters.entity == GNUTLS_CLIENT);
+	if (_gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE) != NULL ||
+	    _gnutls_get_cred(session, GNUTLS_CRD_PSK) != NULL)
+		return 1;
+
+	return 0;
+}
+
+int _gnutls_handshake_get_session_hash(gnutls_session_t session, gnutls_datum_t *shash);
+
+int _gnutls_check_id_for_change(gnutls_session_t session);
+int _gnutls_check_if_cert_hash_is_same(gnutls_session_t session, gnutls_certificate_credentials_t cred);
+
+#include "handshake-defs.h"
+
+int _gnutls_call_hook_func(gnutls_session_t session,
+			   gnutls_handshake_description_t type,
+			   int post, unsigned incoming,
+			   const uint8_t *data, unsigned data_size);
+
+int _gnutls_run_verify_callback(gnutls_session_t session, unsigned int side);
+int _gnutls_recv_finished(gnutls_session_t session);
+int _gnutls_send_finished(gnutls_session_t session, int again);
+
+int _gnutls13_handshake_client(gnutls_session_t session);
+int _gnutls13_handshake_server(gnutls_session_t session);
+
+int
+_gnutls13_recv_hello_retry_request(gnutls_session_t session,
+				   gnutls_buffer_st *buf);
+
+int
+_gnutls13_recv_async_handshake(gnutls_session_t session);
+
+#endif /* GNUTLS_LIB_HANDSHAKE_H */
diff --git a/lib/hash_int.c b/lib/hash_int.c
new file mode 100644
index 0000000..289b6b9
--- /dev/null
+++ b/lib/hash_int.c
@@ -0,0 +1,549 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file handles all the internal functions that cope with hashes
+ * and HMACs.
+ */
+
+#include "gnutls_int.h"
+#include <hash_int.h>
+#include "errors.h"
+#include <algorithms.h>
+#include <fips.h>
+
+int _gnutls_hash_init(digest_hd_st * dig, const mac_entry_st * e)
+{
+	int result;
+	const gnutls_crypto_digest_st *cc = NULL;
+
+	FAIL_IF_LIB_ERROR;
+
+	if (unlikely(e == NULL || e->id == GNUTLS_MAC_NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	dig->e = e;
+
+	/* check if a digest has been registered 
+	 */
+	cc = _gnutls_get_crypto_digest((gnutls_digest_algorithm_t)e->id);
+	if (cc != NULL && cc->init) {
+		if (cc->init((gnutls_digest_algorithm_t)e->id, &dig->handle) < 0) {
+			gnutls_assert();
+			return GNUTLS_E_HASH_FAILED;
+		}
+
+		dig->hash = cc->hash;
+		dig->output = cc->output;
+		dig->deinit = cc->deinit;
+		dig->copy = cc->copy;
+
+		return 0;
+	}
+
+	result = _gnutls_digest_ops.init((gnutls_digest_algorithm_t)e->id, &dig->handle);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	dig->hash = _gnutls_digest_ops.hash;
+	dig->output = _gnutls_digest_ops.output;
+	dig->deinit = _gnutls_digest_ops.deinit;
+	dig->copy = _gnutls_digest_ops.copy;
+
+	return 0;
+}
+
+/* Returns true(non-zero) or false(0) if the 
+ * provided hash exists
+ */
+int _gnutls_digest_exists(gnutls_digest_algorithm_t algo)
+{
+	const gnutls_crypto_digest_st *cc = NULL;
+
+	if (!is_mac_algo_allowed(DIG_TO_MAC(algo)))
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+
+	cc = _gnutls_get_crypto_digest(algo);
+	if (cc != NULL)
+		return 1;
+
+	return _gnutls_digest_ops.exists(algo);
+}
+
+int _gnutls_hash_copy(const digest_hd_st * handle, digest_hd_st * dst)
+{
+	if (handle->copy == NULL)
+		return gnutls_assert_val(GNUTLS_E_HASH_FAILED);
+
+	*dst = *handle; /* copy data */
+	dst->handle = handle->copy(handle->handle);
+
+	if (dst->handle == NULL)
+		return GNUTLS_E_HASH_FAILED;
+
+	return 0;
+}
+
+void _gnutls_hash_deinit(digest_hd_st * handle, void *digest)
+{
+	if (handle->handle == NULL) {
+		return;
+	}
+
+	if (digest != NULL)
+		_gnutls_hash_output(handle, digest);
+
+	handle->deinit(handle->handle);
+	handle->handle = NULL;
+}
+
+int
+_gnutls_hash_fast(gnutls_digest_algorithm_t algorithm,
+		  const void *text, size_t textlen, void *digest)
+{
+	int ret;
+	const gnutls_crypto_digest_st *cc = NULL;
+	
+	FAIL_IF_LIB_ERROR;
+
+	/* check if a digest has been registered 
+	 */
+	cc = _gnutls_get_crypto_digest(algorithm);
+	if (cc != NULL) {
+		if (cc->fast(algorithm, text, textlen, digest) < 0) {
+			gnutls_assert();
+			return GNUTLS_E_HASH_FAILED;
+		}
+
+		return 0;
+	}
+
+	ret = _gnutls_digest_ops.fast(algorithm, text, textlen, digest);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+
+/* HMAC interface */
+
+int
+_gnutls_mac_fast(gnutls_mac_algorithm_t algorithm, const void *key,
+		 int keylen, const void *text, size_t textlen,
+		 void *digest)
+{
+	int ret;
+	const gnutls_crypto_mac_st *cc = NULL;
+
+	FAIL_IF_LIB_ERROR;
+
+	/* check if a digest has been registered 
+	 */
+	cc = _gnutls_get_crypto_mac(algorithm);
+	if (cc != NULL) {
+		if (cc->
+		    fast(algorithm, NULL, 0, key, keylen, text, textlen,
+			 digest) < 0) {
+			gnutls_assert();
+			return GNUTLS_E_HASH_FAILED;
+		}
+
+		return 0;
+	}
+
+	ret =
+	    _gnutls_mac_ops.fast(algorithm, NULL, 0, key, keylen, text,
+				 textlen, digest);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+
+}
+
+/* Returns true(non-zero) or false(0) if the 
+ * provided hash exists
+ */
+int _gnutls_mac_exists(gnutls_mac_algorithm_t algo)
+{
+	const gnutls_crypto_mac_st *cc = NULL;
+
+	/* exceptionally it exists, as it is not a real MAC */
+	if (algo == GNUTLS_MAC_AEAD)
+		return 1;
+
+	if (!is_mac_algo_allowed(algo))
+		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
+
+	cc = _gnutls_get_crypto_mac(algo);
+	if (cc != NULL)
+		return 1;
+
+	return _gnutls_mac_ops.exists(algo);
+}
+
+int
+_gnutls_mac_init(mac_hd_st * mac, const mac_entry_st * e,
+		 const void *key, int keylen)
+{
+	int result;
+	const gnutls_crypto_mac_st *cc = NULL;
+
+	FAIL_IF_LIB_ERROR;
+
+	if (unlikely(e == NULL || e->id == GNUTLS_MAC_NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	mac->e = e;
+	mac->mac_len = _gnutls_mac_get_algo_len(e);
+
+	/* check if a digest has been registered 
+	 */
+	cc = _gnutls_get_crypto_mac(e->id);
+	if (cc != NULL && cc->init != NULL) {
+		if (cc->init(e->id, &mac->handle) < 0) {
+			gnutls_assert();
+			return GNUTLS_E_HASH_FAILED;
+		}
+
+		if (cc->setkey(mac->handle, key, keylen) < 0) {
+			gnutls_assert();
+			cc->deinit(mac->handle);
+			return GNUTLS_E_HASH_FAILED;
+		}
+
+		mac->hash = cc->hash;
+		mac->setnonce = cc->setnonce;
+		mac->output = cc->output;
+		mac->deinit = cc->deinit;
+		mac->copy = cc->copy;
+		mac->setkey = cc->setkey;
+
+		return 0;
+	}
+
+	result = _gnutls_mac_ops.init(e->id, &mac->handle);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	mac->hash = _gnutls_mac_ops.hash;
+	mac->setnonce = _gnutls_mac_ops.setnonce;
+	mac->output = _gnutls_mac_ops.output;
+	mac->deinit = _gnutls_mac_ops.deinit;
+	mac->copy = _gnutls_mac_ops.copy;
+	mac->setkey = _gnutls_mac_ops.setkey;
+
+	if (_gnutls_mac_ops.setkey(mac->handle, key, keylen) < 0) {
+		gnutls_assert();
+		mac->deinit(mac->handle);
+		return GNUTLS_E_HASH_FAILED;
+	}
+
+	return 0;
+}
+
+int _gnutls_mac_copy(const mac_hd_st * handle, mac_hd_st * dst)
+{
+	if (handle->copy == NULL)
+		return gnutls_assert_val(GNUTLS_E_HASH_FAILED);
+
+	*dst = *handle; /* copy data */
+	dst->handle = handle->copy(handle->handle);
+
+	if (dst->handle == NULL)
+		return GNUTLS_E_HASH_FAILED;
+
+	return 0;
+}
+
+void _gnutls_mac_deinit(mac_hd_st * handle, void *digest)
+{
+	if (handle->handle == NULL) {
+		return;
+	}
+
+	if (digest)
+		_gnutls_mac_output(handle, digest);
+
+	handle->deinit(handle->handle);
+	handle->handle = NULL;
+}
+
+#ifdef ENABLE_SSL3
+inline static int get_padsize(gnutls_mac_algorithm_t algorithm)
+{
+	switch (algorithm) {
+	case GNUTLS_MAC_MD5:
+		return 48;
+	case GNUTLS_MAC_SHA1:
+		return 40;
+	default:
+		return 0;
+	}
+}
+
+/* Special functions for SSL3 MAC
+ */
+
+int
+_gnutls_mac_init_ssl3(digest_hd_st * ret, const mac_entry_st * e,
+		      void *key, int keylen)
+{
+	uint8_t ipad[48];
+	int padsize, result;
+
+	FAIL_IF_LIB_ERROR;
+
+	padsize = get_padsize(e->id);
+	if (padsize == 0) {
+		gnutls_assert();
+		return GNUTLS_E_HASH_FAILED;
+	}
+
+	memset(ipad, 0x36, padsize);
+
+	result = _gnutls_hash_init(ret, e);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	ret->key = key;
+	ret->keysize = keylen;
+
+	if (keylen > 0)
+		_gnutls_hash(ret, key, keylen);
+	_gnutls_hash(ret, ipad, padsize);
+
+	return 0;
+}
+
+int _gnutls_mac_output_ssl3(digest_hd_st * handle, void *digest)
+{
+	uint8_t ret[MAX_HASH_SIZE];
+	digest_hd_st td;
+	uint8_t opad[48];
+	int padsize;
+	int block, rc;
+
+	padsize = get_padsize(handle->e->id);
+	if (padsize == 0) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	memset(opad, 0x5C, padsize);
+
+	rc = _gnutls_hash_init(&td, handle->e);
+	if (rc < 0) {
+		gnutls_assert();
+		return rc;
+	}
+
+	if (handle->keysize > 0)
+		_gnutls_hash(&td, handle->key, handle->keysize);
+
+	_gnutls_hash(&td, opad, padsize);
+	block = _gnutls_mac_get_algo_len(handle->e);
+	_gnutls_hash_output(handle, ret);	/* get the previous hash */
+	_gnutls_hash(&td, ret, block);
+
+	_gnutls_hash_deinit(&td, digest);
+
+	/* reset handle */
+	memset(opad, 0x36, padsize);
+
+	if (handle->keysize > 0)
+		_gnutls_hash(handle, handle->key, handle->keysize);
+	_gnutls_hash(handle, opad, padsize);
+
+	return 0;
+}
+
+int _gnutls_mac_deinit_ssl3(digest_hd_st * handle, void *digest)
+{
+	int ret = 0;
+
+	if (digest != NULL)
+		ret = _gnutls_mac_output_ssl3(handle, digest);
+	_gnutls_hash_deinit(handle, NULL);
+
+	return ret;
+}
+
+int
+_gnutls_mac_deinit_ssl3_handshake(digest_hd_st * handle,
+				  void *digest, uint8_t * key,
+				  uint32_t key_size)
+{
+	uint8_t ret[MAX_HASH_SIZE];
+	digest_hd_st td;
+	uint8_t opad[48];
+	uint8_t ipad[48];
+	int padsize;
+	int block, rc;
+
+	padsize = get_padsize(handle->e->id);
+	if (padsize == 0) {
+		gnutls_assert();
+		rc = GNUTLS_E_INTERNAL_ERROR;
+		goto cleanup;
+	}
+
+	memset(opad, 0x5C, padsize);
+	memset(ipad, 0x36, padsize);
+
+	rc = _gnutls_hash_init(&td, handle->e);
+	if (rc < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (key_size > 0)
+		_gnutls_hash(&td, key, key_size);
+
+	_gnutls_hash(&td, opad, padsize);
+	block = _gnutls_mac_get_algo_len(handle->e);
+
+	if (key_size > 0)
+		_gnutls_hash(handle, key, key_size);
+	_gnutls_hash(handle, ipad, padsize);
+	_gnutls_hash_deinit(handle, ret);	/* get the previous hash */
+
+	_gnutls_hash(&td, ret, block);
+
+	_gnutls_hash_deinit(&td, digest);
+
+	return 0;
+
+      cleanup:
+	_gnutls_hash_deinit(handle, NULL);
+	return rc;
+}
+
+static int
+ssl3_sha(int i, uint8_t * secret, int secret_len,
+	 uint8_t * rnd, int rnd_len, void *digest)
+{
+	int j, ret;
+	uint8_t text1[26];
+
+	digest_hd_st td;
+
+	for (j = 0; j < i + 1; j++) {
+		text1[j] = 65 + i;	/* A==65 */
+	}
+
+	ret = _gnutls_hash_init(&td, mac_to_entry(GNUTLS_MAC_SHA1));
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	_gnutls_hash(&td, text1, i + 1);
+	_gnutls_hash(&td, secret, secret_len);
+	_gnutls_hash(&td, rnd, rnd_len);
+
+	_gnutls_hash_deinit(&td, digest);
+	return 0;
+}
+
+#define SHA1_DIGEST_OUTPUT 20
+#define MD5_DIGEST_OUTPUT 16
+
+static int
+ssl3_md5(int i, uint8_t * secret, int secret_len,
+	 uint8_t * rnd, int rnd_len, void *digest)
+{
+	uint8_t tmp[MAX_HASH_SIZE];
+	digest_hd_st td;
+	int ret;
+
+	ret = _gnutls_hash_init(&td, mac_to_entry(GNUTLS_MAC_MD5));
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	_gnutls_hash(&td, secret, secret_len);
+
+	ret = ssl3_sha(i, secret, secret_len, rnd, rnd_len, tmp);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_hash_deinit(&td, digest);
+		return ret;
+	}
+
+	_gnutls_hash(&td, tmp, SHA1_DIGEST_OUTPUT);
+
+	_gnutls_hash_deinit(&td, digest);
+	return 0;
+}
+
+int
+_gnutls_ssl3_generate_random(void *secret, int secret_len,
+			     void *rnd, int rnd_len,
+			     int ret_bytes, uint8_t * ret)
+{
+	int i = 0, copy, output_bytes;
+	uint8_t digest[MAX_HASH_SIZE];
+	int block = MD5_DIGEST_OUTPUT;
+	int result, times;
+
+	output_bytes = 0;
+	do {
+		output_bytes += block;
+	}
+	while (output_bytes < ret_bytes);
+
+	times = output_bytes / block;
+
+	for (i = 0; i < times; i++) {
+
+		result =
+		    ssl3_md5(i, secret, secret_len, rnd, rnd_len, digest);
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+
+		if ((1 + i) * block < ret_bytes) {
+			copy = block;
+		} else {
+			copy = ret_bytes - (i) * block;
+		}
+
+		memcpy(&ret[i * block], digest, copy);
+	}
+
+	return 0;
+}
+
+#endif
diff --git a/lib/hash_int.h b/lib/hash_int.h
new file mode 100644
index 0000000..675ac4e
--- /dev/null
+++ b/lib/hash_int.h
@@ -0,0 +1,169 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_HASH_INT_H
+#define GNUTLS_LIB_HASH_INT_H
+
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include <crypto-backend.h>
+#include <crypto.h>
+
+/* for message digests */
+
+extern int crypto_mac_prio;
+extern gnutls_crypto_mac_st _gnutls_mac_ops;
+
+extern int crypto_digest_prio;
+extern gnutls_crypto_digest_st _gnutls_digest_ops;
+
+typedef int (*hash_func) (void *handle, const void *text, size_t size);
+typedef int (*nonce_func) (void *handle, const void *text, size_t size);
+typedef int (*output_func) (void *src_ctx, void *digest,
+			    size_t digestsize);
+typedef void (*hash_deinit_func) (void *handle);
+typedef void *(*copy_func) (const void *handle);
+typedef int (*setkey_func) (void *handle, const void *key, size_t keysize);
+
+typedef struct {
+	const mac_entry_st *e;
+	hash_func hash;
+	output_func output;
+	hash_deinit_func deinit;
+	copy_func copy;
+
+	const void *key;	/* esoteric use by SSL3 MAC functions */
+	int keysize;
+
+	void *handle;
+} digest_hd_st;
+
+typedef struct {
+	const mac_entry_st *e;
+	int mac_len;
+
+	hash_func hash;
+	nonce_func setnonce;
+	output_func output;
+	hash_deinit_func deinit;
+	copy_func copy;
+	setkey_func setkey;
+
+	void *handle;
+} mac_hd_st;
+
+/* basic functions */
+int _gnutls_digest_exists(gnutls_digest_algorithm_t algo);
+
+int _gnutls_mac_exists(gnutls_mac_algorithm_t algorithm);
+int _gnutls_mac_init(mac_hd_st *, const mac_entry_st * e,
+		     const void *key, int keylen);
+
+int _gnutls_mac_copy(const mac_hd_st * handle, mac_hd_st * dst);
+
+int _gnutls_mac_fast(gnutls_mac_algorithm_t algorithm, const void *key,
+		     int keylen, const void *text, size_t textlen,
+		     void *digest);
+
+inline static int
+_gnutls_mac(mac_hd_st * handle, const void *text, size_t textlen)
+{
+	if (textlen > 0) {
+		return handle->hash(handle->handle, text, textlen);
+	}
+	return 0;
+}
+
+inline static void _gnutls_mac_output(mac_hd_st * handle, void *digest)
+{
+	if (digest != NULL) {
+		handle->output(handle->handle, digest, handle->mac_len);
+	}
+}
+
+inline static int
+_gnutls_mac_set_nonce(mac_hd_st * handle, const void *nonce, size_t n_size)
+{
+	if (handle->setnonce)
+		return handle->setnonce(handle->handle, nonce, n_size);
+	return 0;
+}
+
+inline static int
+_gnutls_mac_setkey(mac_hd_st * handle, const void *key, size_t key_size)
+{
+	return handle->setkey(handle->handle, key, key_size);
+}
+
+
+void _gnutls_mac_deinit(mac_hd_st * handle, void *digest);
+
+/* Hash interface */
+int _gnutls_hash_init(digest_hd_st *, const mac_entry_st * e);
+
+inline static int
+_gnutls_hash(digest_hd_st * handle, const void *text, size_t textlen)
+{
+	if (textlen > 0) {
+		return handle->hash(handle->handle, text, textlen);
+	}
+	return 0;
+}
+
+/* when the current output is needed without calling deinit
+ */
+#define _gnutls_hash_output(h, d) \
+  (h)->output((h)->handle, d, _gnutls_hash_get_algo_len((h)->e))
+
+void _gnutls_hash_deinit(digest_hd_st * handle, void *digest);
+
+int _gnutls_hash_copy(const digest_hd_st * handle, digest_hd_st * dst);
+
+int
+_gnutls_hash_fast(gnutls_digest_algorithm_t algorithm,
+		  const void *text, size_t textlen, void *digest);
+
+#ifdef ENABLE_SSL3
+/* helper functions */
+int _gnutls_mac_init_ssl3(digest_hd_st *, const mac_entry_st * e,
+			  void *key, int keylen);
+int _gnutls_mac_deinit_ssl3(digest_hd_st * handle, void *digest);
+int _gnutls_mac_output_ssl3(digest_hd_st * handle, void *digest);
+
+int _gnutls_ssl3_generate_random(void *secret, int secret_len,
+				 void *rnd, int random_len, int bytes,
+				 uint8_t * ret);
+
+int _gnutls_mac_deinit_ssl3_handshake(digest_hd_st * handle, void *digest,
+				      uint8_t * key, uint32_t key_size);
+#endif
+
+inline static int IS_SHA(gnutls_digest_algorithm_t algo)
+{
+	if (algo == GNUTLS_DIG_SHA1 || algo == GNUTLS_DIG_SHA224 ||
+	    algo == GNUTLS_DIG_SHA256 || algo == GNUTLS_DIG_SHA384 ||
+	    algo == GNUTLS_DIG_SHA512)
+		return 1;
+	return 0;
+}
+
+#endif /* GNUTLS_LIB_HASH_INT_H */
diff --git a/lib/hello_ext.c b/lib/hello_ext.c
new file mode 100644
index 0000000..779638b
--- /dev/null
+++ b/lib/hello_ext.c
@@ -0,0 +1,1037 @@
+/*
+ * Copyright (C) 2001-2018 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos, Simon Josefsson
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that relate to the TLS hello extension parsing.
+ * Hello extensions are packets appended in the TLS hello packet, and
+ * allow for extra functionality.
+ */
+
+#include "gnutls_int.h"
+#include "hello_ext.h"
+#include "errors.h"
+#include "ext/max_record.h"
+#include <ext/server_name.h>
+#include <ext/srp.h>
+#include <ext/heartbeat.h>
+#include <ext/session_ticket.h>
+#include <ext/safe_renegotiation.h>
+#include <ext/signature.h>
+#include <ext/safe_renegotiation.h>
+#include "ext/supported_groups.h"
+#include "ext/ec_point_formats.h"
+#include <ext/status_request.h>
+#include <ext/ext_master_secret.h>
+#include <ext/supported_versions.h>
+#include <ext/post_handshake.h>
+#include <ext/srtp.h>
+#include <ext/alpn.h>
+#include <ext/dumbfw.h>
+#include <ext/key_share.h>
+#include <ext/pre_shared_key.h>
+#include <ext/psk_ke_modes.h>
+#include <ext/etm.h>
+#include <ext/cookie.h>
+#include <ext/early_data.h>
+#include <ext/record_size_limit.h>
+#include "extv.h"
+#include <num.h>
+#include <ext/client_cert_type.h>
+#include <ext/server_cert_type.h>
+#include <ext/compress_certificate.h>
+#include "intprops.h"
+
+static void
+unset_ext_data(gnutls_session_t session, const struct hello_ext_entry_st *, unsigned idx);
+
+static void unset_resumed_ext_data(gnutls_session_t session, const struct hello_ext_entry_st *, unsigned idx);
+
+static hello_ext_entry_st const *extfunc[MAX_EXT_TYPES+1] = {
+	[GNUTLS_EXTENSION_EXT_MASTER_SECRET] = &ext_mod_ext_master_secret,
+	[GNUTLS_EXTENSION_SUPPORTED_VERSIONS] = &ext_mod_supported_versions,
+	[GNUTLS_EXTENSION_POST_HANDSHAKE] = &ext_mod_post_handshake,
+	[GNUTLS_EXTENSION_ETM] = &ext_mod_etm,
+#ifdef ENABLE_OCSP
+	[GNUTLS_EXTENSION_STATUS_REQUEST] = &ext_mod_status_request,
+#endif
+	[GNUTLS_EXTENSION_SERVER_NAME] = &ext_mod_server_name,
+	[GNUTLS_EXTENSION_SAFE_RENEGOTIATION] = &ext_mod_sr,
+#ifdef ENABLE_SRP
+	[GNUTLS_EXTENSION_SRP] = &ext_mod_srp,
+#endif
+#ifdef ENABLE_HEARTBEAT
+	[GNUTLS_EXTENSION_HEARTBEAT] = &ext_mod_heartbeat,
+#endif
+	[GNUTLS_EXTENSION_SESSION_TICKET] = &ext_mod_session_ticket,
+	[GNUTLS_EXTENSION_CLIENT_CERT_TYPE] = &ext_mod_client_cert_type,
+	[GNUTLS_EXTENSION_SERVER_CERT_TYPE] = &ext_mod_server_cert_type,
+	[GNUTLS_EXTENSION_SUPPORTED_GROUPS] = &ext_mod_supported_groups,
+	[GNUTLS_EXTENSION_SUPPORTED_EC_POINT_FORMATS] = &ext_mod_supported_ec_point_formats,
+	[GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS] = &ext_mod_sig,
+	[GNUTLS_EXTENSION_KEY_SHARE] = &ext_mod_key_share,
+	[GNUTLS_EXTENSION_COOKIE] = &ext_mod_cookie,
+	[GNUTLS_EXTENSION_EARLY_DATA] = &ext_mod_early_data,
+#ifdef ENABLE_DTLS_SRTP
+	[GNUTLS_EXTENSION_SRTP] = &ext_mod_srtp,
+#endif
+#ifdef ENABLE_ALPN
+	[GNUTLS_EXTENSION_ALPN] = &ext_mod_alpn,
+#endif
+	[GNUTLS_EXTENSION_RECORD_SIZE_LIMIT] = &ext_mod_record_size_limit,
+	[GNUTLS_EXTENSION_MAX_RECORD_SIZE] = &ext_mod_max_record_size,
+	[GNUTLS_EXTENSION_PSK_KE_MODES] = &ext_mod_psk_ke_modes,
+	[GNUTLS_EXTENSION_COMPRESS_CERTIFICATE] = &ext_mod_compress_certificate,
+	[GNUTLS_EXTENSION_PRE_SHARED_KEY] = &ext_mod_pre_shared_key,
+	/* This must be the last extension registered.
+	 */
+	[GNUTLS_EXTENSION_DUMBFW] = &ext_mod_dumbfw,
+};
+
+static const hello_ext_entry_st *
+gid_to_ext_entry(gnutls_session_t session, extensions_t id)
+{
+	unsigned i;
+
+	assert(id < MAX_EXT_TYPES);
+
+	for (i=0;i<session->internals.rexts_size;i++) {
+		if (session->internals.rexts[i].gid == id) {
+			return &session->internals.rexts[i];
+		}
+	}
+
+	return extfunc[id];
+}
+
+static const hello_ext_entry_st *
+tls_id_to_ext_entry(gnutls_session_t session, uint16_t tls_id, gnutls_ext_parse_type_t parse_point)
+{
+	unsigned i;
+	const hello_ext_entry_st *e;
+
+	for (i=0;i<session->internals.rexts_size;i++) {
+		if (session->internals.rexts[i].tls_id == tls_id) {
+			e = &session->internals.rexts[i];
+			goto done;
+		}
+	}
+
+	for (i = 0; i < MAX_EXT_TYPES; i++) {
+		if (!extfunc[i])
+			continue;
+
+		if (extfunc[i]->tls_id == tls_id) {
+			e = extfunc[i];
+			goto done;
+		}
+	}
+
+	return NULL;
+done:
+	if (parse_point == GNUTLS_EXT_ANY || (IS_SERVER(session) && e->server_parse_point == parse_point) ||
+	    (!IS_SERVER(session) && e->client_parse_point == parse_point)) {
+		return e;
+	} else {
+		return NULL;
+	}
+}
+
+
+/**
+ * gnutls_ext_get_name:
+ * @ext: is a TLS extension numeric ID
+ *
+ * Convert a TLS extension numeric ID to a printable string.
+ *
+ * Returns: a pointer to a string that contains the name of the
+ *   specified cipher, or %NULL.
+ **/
+const char *gnutls_ext_get_name(unsigned int ext)
+{
+	size_t i;
+
+	for (i = 0; i < MAX_EXT_TYPES; i++) {
+		if (!extfunc[i])
+			continue;
+
+		if (extfunc[i]->tls_id == ext)
+			return extfunc[i]->name;
+	}
+
+	return NULL;
+}
+
+/* Returns %GNUTLS_EXTENSION_INVALID on error
+ */
+static unsigned tls_id_to_gid(gnutls_session_t session, unsigned tls_id)
+{
+	unsigned i;
+
+	for (i=0; i < session->internals.rexts_size; i++) {
+		if (session->internals.rexts[i].tls_id == tls_id)
+			return session->internals.rexts[i].gid;
+	}
+
+	for (i = 0; i < MAX_EXT_TYPES; i++) {
+		if (!extfunc[i])
+			continue;
+
+		if (extfunc[i]->tls_id == tls_id)
+			return extfunc[i]->gid;
+	}
+
+	return GNUTLS_EXTENSION_INVALID;
+}
+
+typedef struct hello_ext_ctx_st {
+	gnutls_session_t session;
+	gnutls_ext_flags_t msg;
+	gnutls_ext_parse_type_t parse_point;
+	const hello_ext_entry_st *ext; /* used during send */
+	unsigned seen_pre_shared_key;
+} hello_ext_ctx_st;
+
+static
+int hello_ext_parse(void *_ctx, unsigned tls_id, const uint8_t *data, unsigned data_size)
+{
+	hello_ext_ctx_st *ctx = _ctx;
+	gnutls_session_t session = ctx->session;
+	const hello_ext_entry_st *ext;
+	int ret;
+
+	if (tls_id == PRE_SHARED_KEY_TLS_ID) {
+		ctx->seen_pre_shared_key = 1;
+	} else if (ctx->seen_pre_shared_key && session->security_parameters.entity == GNUTLS_SERVER) {
+		/* the pre-shared key extension must always be the last one,
+		 * draft-ietf-tls-tls13-28: 4.2.11 */
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	ext = tls_id_to_ext_entry(session, tls_id, ctx->parse_point);
+	if (ext == NULL || ext->recv_func == NULL) {
+		goto ignore;
+	}
+
+	/* we do not hard fail when extensions defined for TLS are used for
+	 * DTLS and vice-versa. They may extend their role in the future. */
+	if (IS_DTLS(session)) {
+		if (!(ext->validity & GNUTLS_EXT_FLAG_DTLS)) {
+			gnutls_assert();
+			goto ignore;
+		}
+	} else {
+		if (!(ext->validity & GNUTLS_EXT_FLAG_TLS)) {
+			gnutls_assert();
+			goto ignore;
+		}
+	}
+
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		if (!(ext->validity & GNUTLS_EXT_FLAG_IGNORE_CLIENT_REQUEST) &&
+		    !_gnutls_hello_ext_is_present(session, ext->gid)) {
+			_gnutls_debug_log("EXT[%p]: Received unexpected extension '%s/%d'\n", session,
+					ext->name, (int)tls_id);
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
+		}
+	}
+
+	if ((ext->validity & ctx->msg) == 0) {
+		_gnutls_debug_log("EXT[%p]: Received unexpected extension (%s/%d) for '%s'\n", session,
+				  ext->name, (int)tls_id,
+				  ext_msg_validity_to_str(ctx->msg));
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
+	}
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		ret = _gnutls_hello_ext_save(session, ext->gid, 1);
+		if (ret == 0)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
+	}
+
+	_gnutls_handshake_log
+	    ("EXT[%p]: Parsing extension '%s/%d' (%d bytes)\n",
+	     session, ext->name, (int)tls_id,
+	     data_size);
+
+	_gnutls_ext_set_msg(session, ctx->msg);
+	if ((ret = ext->recv_func(session, data, data_size)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+
+ ignore:
+	if (ext) {
+		_gnutls_handshake_log
+		    ("EXT[%p]: Ignoring extension '%s/%d'\n", session,
+		     ext->name, (int)tls_id);
+	}
+	return 0;
+}
+
+int
+_gnutls_parse_hello_extensions(gnutls_session_t session,
+			       gnutls_ext_flags_t msg,
+			       gnutls_ext_parse_type_t parse_point,
+			       const uint8_t * data, int data_size)
+{
+	int ret;
+	hello_ext_ctx_st ctx;
+
+	msg &= GNUTLS_EXT_FLAG_SET_ONLY_FLAGS_MASK;
+
+	ctx.session = session;
+	ctx.msg = msg;
+	ctx.parse_point = parse_point;
+	ctx.seen_pre_shared_key = 0;
+
+	ret = _gnutls_extv_parse(&ctx, hello_ext_parse, data, data_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+static
+int hello_ext_send(void *_ctx, gnutls_buffer_st *buf)
+{
+	hello_ext_ctx_st *ctx = _ctx;
+	int ret;
+	const hello_ext_entry_st *p = ctx->ext;
+	gnutls_session_t session = ctx->session;
+	int appended;
+	size_t size_prev;
+
+	if (unlikely(p->send_func == NULL))
+		return 0;
+
+	if (ctx->parse_point != GNUTLS_EXT_ANY &&
+	    ((IS_SERVER(session) && p->server_parse_point != ctx->parse_point) ||
+	     (!IS_SERVER(session) && p->client_parse_point != ctx->parse_point))) {
+		return 0;
+	}
+
+	if (IS_DTLS(session)) {
+		if (!(p->validity & GNUTLS_EXT_FLAG_DTLS)) {
+			gnutls_assert();
+			goto skip;
+		}
+	} else {
+		if (!(p->validity & GNUTLS_EXT_FLAG_TLS)) {
+			gnutls_assert();
+			goto skip;
+		}
+	}
+
+	if ((ctx->msg & p->validity) == 0) {
+		goto skip;
+	} else {
+		_gnutls_handshake_log("EXT[%p]: Preparing extension (%s/%d) for '%s'\n", session,
+				  p->name, (int)p->tls_id,
+				  ext_msg_validity_to_str(ctx->msg));
+	}
+
+	/* ensure we don't send something twice (i.e, overridden extensions in
+	 * client), and ensure we are sending only what we received in server. */
+	ret = _gnutls_hello_ext_is_present(session, p->gid);
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		/* if client didn't advertise and the override flag is not present */
+		if (!(p->validity & GNUTLS_EXT_FLAG_IGNORE_CLIENT_REQUEST) && ret == 0)
+			return 0;
+	} else {
+		if (ret != 0) /* already sent */
+			return 0;
+	}
+
+
+	size_prev = buf->length;
+
+	_gnutls_ext_set_msg(session, ctx->msg);
+	ret = p->send_func(session, buf);
+	if (ret < 0 && ret != GNUTLS_E_INT_RET_0) {
+		return gnutls_assert_val(ret);
+	}
+
+	appended = buf->length - size_prev;
+
+	/* add this extension to the extension list, to know which extensions
+	 * to expect.
+	 */
+	if ((appended > 0 || ret == GNUTLS_E_INT_RET_0) &&
+	    session->security_parameters.entity == GNUTLS_CLIENT) {
+
+		_gnutls_hello_ext_save(session, p->gid, 0);
+	}
+
+	return ret;
+
+ skip:
+	_gnutls_handshake_log("EXT[%p]: Not sending extension (%s/%d) for '%s'\n", session,
+			  p->name, (int)p->tls_id,
+			  ext_msg_validity_to_str(ctx->msg));
+	return 0;
+}
+
+int
+_gnutls_gen_hello_extensions(gnutls_session_t session,
+			     gnutls_buffer_st * buf,
+			     gnutls_ext_flags_t msg,
+			     gnutls_ext_parse_type_t parse_point)
+{
+	int pos, ret;
+	size_t i;
+	hello_ext_ctx_st ctx;
+
+	msg &= GNUTLS_EXT_FLAG_SET_ONLY_FLAGS_MASK;
+
+	ctx.session = session;
+	ctx.msg = msg;
+	ctx.parse_point = parse_point;
+
+	ret = _gnutls_extv_append_init(buf);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	pos = ret;
+	_gnutls_ext_set_extensions_offset(session, pos);
+
+	for (i=0; i < session->internals.rexts_size; i++) {
+		ctx.ext = &session->internals.rexts[i];
+		ret = _gnutls_extv_append(buf, session->internals.rexts[i].tls_id,
+					  &ctx, hello_ext_send);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		if (ret > 0)
+			_gnutls_handshake_log
+				    ("EXT[%p]: Sending extension %s/%d (%d bytes)\n",
+				     session, ctx.ext->name, (int)ctx.ext->tls_id, ret-4);
+	}
+
+	/* hello_ext_send() ensures we don't send duplicates, in case
+	 * of overridden extensions */
+	for (i = 0; i < MAX_EXT_TYPES; i++) {
+		if (!extfunc[i])
+			continue;
+
+		ctx.ext = extfunc[i];
+		ret = _gnutls_extv_append(buf, extfunc[i]->tls_id,
+					  &ctx, hello_ext_send);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		if (ret > 0)
+			_gnutls_handshake_log
+				    ("EXT[%p]: Sending extension %s/%d (%d bytes)\n",
+				     session, ctx.ext->name, (int)ctx.ext->tls_id, ret-4);
+	}
+
+	ret = _gnutls_extv_append_final(buf, pos, !(msg & GNUTLS_EXT_FLAG_EE));
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+/* Global deinit and init of global extensions */
+int _gnutls_hello_ext_init(void)
+{
+	return GNUTLS_E_SUCCESS;
+}
+
+void _gnutls_hello_ext_deinit(void)
+{
+	unsigned i;
+
+	for (i = 0; i < MAX_EXT_TYPES; i++) {
+		if (!extfunc[i])
+			continue;
+
+		if (extfunc[i]->free_struct != 0) {
+			gnutls_free(((hello_ext_entry_st *)extfunc[i])->name);
+			gnutls_free(extfunc[i]);
+		}
+	}
+}
+
+/* Packing of extension data (for use in resumption) */
+static int pack_extension(gnutls_session_t session, const hello_ext_entry_st *extp,
+			  gnutls_buffer_st *packed)
+{
+	int ret;
+	int size_offset;
+	int cur_size;
+	gnutls_ext_priv_data_t data;
+	int rval = 0;
+
+	ret =
+	    _gnutls_hello_ext_get_priv(session, extp->gid,
+					 &data);
+	if (ret >= 0 && extp->pack_func != NULL) {
+		BUFFER_APPEND_NUM(packed, extp->gid);
+
+		size_offset = packed->length;
+		BUFFER_APPEND_NUM(packed, 0);
+
+		cur_size = packed->length;
+
+		ret = extp->pack_func(data, packed);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		rval = 1;
+		/* write the actual size */
+		_gnutls_write_uint32(packed->length - cur_size,
+				     packed->data + size_offset);
+	}
+
+	return rval;
+}
+
+int _gnutls_hello_ext_pack(gnutls_session_t session, gnutls_buffer_st *packed)
+{
+	unsigned int i;
+	int ret;
+	int total_exts_pos;
+	int n_exts = 0;
+	const struct hello_ext_entry_st *ext;
+
+	total_exts_pos = packed->length;
+	BUFFER_APPEND_NUM(packed, 0);
+
+	for (i = 0; i <= GNUTLS_EXTENSION_MAX_VALUE; i++) {
+		if (session->internals.used_exts & ((ext_track_t)1 << i)) {
+
+			ext = gid_to_ext_entry(session, i);
+			if (ext == NULL)
+				continue;
+
+			ret = pack_extension(session, ext, packed);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			if (ret > 0)
+				n_exts++;
+		}
+	}
+
+	_gnutls_write_uint32(n_exts, packed->data + total_exts_pos);
+
+	return 0;
+}
+
+int _gnutls_ext_set_full_client_hello(gnutls_session_t session,
+				      handshake_buffer_st *recv_buf)
+{
+	int ret;
+	gnutls_buffer_st *buf = &session->internals.full_client_hello;
+
+	_gnutls_buffer_clear(buf);
+
+	if ((ret = _gnutls_buffer_append_prefix(buf, 8, recv_buf->htype)) < 0)
+		return gnutls_assert_val(ret);
+	if ((ret = _gnutls_buffer_append_prefix(buf, 24, recv_buf->data.length)) < 0)
+		return gnutls_assert_val(ret);
+	if ((ret = _gnutls_buffer_append_data(buf, recv_buf->data.data, recv_buf->data.length)) < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+unsigned _gnutls_ext_get_full_client_hello(gnutls_session_t session,
+				           gnutls_datum_t *d)
+{
+	gnutls_buffer_st *buf = &session->internals.full_client_hello;
+
+	if (!buf->length)
+		return 0;
+
+	d->data = buf->data;
+	d->size = buf->length;
+
+	return 1;
+}
+
+static void
+_gnutls_ext_set_resumed_session_data(gnutls_session_t session,
+				     extensions_t id,
+				     gnutls_ext_priv_data_t data)
+{
+	const struct hello_ext_entry_st *ext;
+
+	/* If this happens we need to increase the max */
+	assert(id < MAX_EXT_TYPES);
+
+	ext = gid_to_ext_entry(session, id);
+	assert(ext != NULL);
+
+	if (session->internals.ext_data[id].resumed_set != 0)
+		unset_resumed_ext_data(session, ext, id);
+
+	session->internals.ext_data[id].resumed_priv = data;
+	session->internals.ext_data[id].resumed_set = 1;
+	return;
+}
+
+int _gnutls_hello_ext_unpack(gnutls_session_t session, gnutls_buffer_st * packed)
+{
+	int i, ret;
+	gnutls_ext_priv_data_t data;
+	int max_exts = 0;
+	extensions_t id;
+	int size_for_id, cur_pos;
+	const struct hello_ext_entry_st *ext;
+
+	BUFFER_POP_NUM(packed, max_exts);
+	for (i = 0; i < max_exts; i++) {
+		BUFFER_POP_NUM(packed, id);
+		BUFFER_POP_NUM(packed, size_for_id);
+
+		cur_pos = packed->length;
+
+		ext = gid_to_ext_entry(session, id);
+		if (ext == NULL || ext->unpack_func == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_PARSING_ERROR;
+		}
+
+		ret = ext->unpack_func(packed, &data);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		/* verify that unpack read the correct bytes */
+		cur_pos = cur_pos - packed->length;
+		if (cur_pos /* read length */  != size_for_id) {
+			gnutls_assert();
+			return GNUTLS_E_PARSING_ERROR;
+		}
+
+		_gnutls_ext_set_resumed_session_data(session, id, data);
+	}
+
+	return 0;
+
+      error:
+	return ret;
+}
+
+static void
+unset_ext_data(gnutls_session_t session, const struct hello_ext_entry_st *ext, unsigned idx)
+{
+	if (session->internals.ext_data[idx].set == 0)
+		return;
+
+	if (ext && ext->deinit_func && session->internals.ext_data[idx].priv != NULL)
+		ext->deinit_func(session->internals.ext_data[idx].priv);
+	session->internals.ext_data[idx].set = 0;
+}
+
+void
+_gnutls_hello_ext_unset_priv(gnutls_session_t session,
+			      extensions_t id)
+{
+	const struct hello_ext_entry_st *ext;
+
+	ext = gid_to_ext_entry(session, id);
+	if (ext)
+		unset_ext_data(session, ext, id);
+}
+
+static void unset_resumed_ext_data(gnutls_session_t session, const struct hello_ext_entry_st *ext, unsigned idx)
+{
+	if (session->internals.ext_data[idx].resumed_set == 0)
+		return;
+
+	if (ext && ext->deinit_func && session->internals.ext_data[idx].resumed_priv) {
+		ext->deinit_func(session->internals.ext_data[idx].resumed_priv);
+	}
+	session->internals.ext_data[idx].resumed_set = 0;
+}
+
+/* Deinitializes all data that are associated with TLS extensions.
+ */
+void _gnutls_hello_ext_priv_deinit(gnutls_session_t session)
+{
+	unsigned int i;
+	const struct hello_ext_entry_st *ext;
+
+	for (i = 0; i < MAX_EXT_TYPES; i++) {
+		if (!session->internals.ext_data[i].set && !session->internals.ext_data[i].resumed_set)
+			continue;
+
+		ext = gid_to_ext_entry(session, i);
+		if (ext) {
+			unset_ext_data(session, ext, i);
+			unset_resumed_ext_data(session, ext, i);
+		}
+	}
+}
+
+/* This function allows an extension to store data in the current session
+ * and retrieve them later on. We use functions instead of a pointer to a
+ * private pointer, to allow API additions by individual extensions.
+ */
+void
+_gnutls_hello_ext_set_priv(gnutls_session_t session, extensions_t id,
+			     gnutls_ext_priv_data_t data)
+{
+	const struct hello_ext_entry_st *ext;
+
+	assert(id < MAX_EXT_TYPES);
+
+	ext = gid_to_ext_entry(session, id);
+	assert(ext != NULL);
+
+	if (session->internals.ext_data[id].set != 0) {
+		unset_ext_data(session, ext, id);
+	}
+	session->internals.ext_data[id].priv = data;
+	session->internals.ext_data[id].set = 1;
+
+	return;
+}
+
+int
+_gnutls_hello_ext_get_priv(gnutls_session_t session,
+			    extensions_t id, gnutls_ext_priv_data_t * data)
+{
+	if (session->internals.ext_data[id].set != 0) {
+		*data =
+		    session->internals.ext_data[id].priv;
+		return 0;
+	}
+
+	return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+}
+
+int
+_gnutls_hello_ext_get_resumed_priv(gnutls_session_t session,
+				    extensions_t id,
+				    gnutls_ext_priv_data_t * data)
+{
+	if (session->internals.ext_data[id].resumed_set != 0) {
+		*data =
+		    session->internals.ext_data[id].resumed_priv;
+		return 0;
+	}
+
+	return GNUTLS_E_INVALID_REQUEST;
+}
+
+/**
+ * gnutls_ext_register:
+ * @name: the name of the extension to register
+ * @id: the numeric TLS id of the extension
+ * @parse_point: the parse type of the extension (see gnutls_ext_parse_type_t)
+ * @recv_func: a function to receive the data
+ * @send_func: a function to send the data
+ * @deinit_func: a function deinitialize any private data
+ * @pack_func: a function which serializes the extension's private data (used on session packing for resumption)
+ * @unpack_func: a function which will deserialize the extension's private data
+ *
+ * This function will register a new extension type. The extension will remain
+ * registered until gnutls_global_deinit() is called. If the extension type
+ * is already registered then %GNUTLS_E_ALREADY_REGISTERED will be returned.
+ *
+ * Each registered extension can store temporary data into the gnutls_session_t
+ * structure using gnutls_ext_set_data(), and they can be retrieved using
+ * gnutls_ext_get_data().
+ *
+ * Any extensions registered with this function are valid for the client
+ * and TLS1.2 server hello (or encrypted extensions for TLS1.3).
+ *
+ * This function is not thread safe.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_ext_register(const char *name, int id, gnutls_ext_parse_type_t parse_point,
+		    gnutls_ext_recv_func recv_func, gnutls_ext_send_func send_func,
+		    gnutls_ext_deinit_data_func deinit_func, gnutls_ext_pack_func pack_func,
+		    gnutls_ext_unpack_func unpack_func)
+{
+	hello_ext_entry_st *tmp_mod;
+	unsigned i;
+	unsigned gid = GNUTLS_EXTENSION_MAX+1;
+
+	for (i = 0; i < MAX_EXT_TYPES; i++) {
+		if (!extfunc[i])
+			continue;
+
+		if (extfunc[i]->tls_id == id)
+			return gnutls_assert_val(GNUTLS_E_ALREADY_REGISTERED);
+
+		if (extfunc[i]->gid >= gid)
+			gid = extfunc[i]->gid + 1;
+	}
+
+	assert(gid < sizeof(extfunc)/sizeof(extfunc[0]));
+	if (gid > GNUTLS_EXTENSION_MAX_VALUE)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	tmp_mod = gnutls_calloc(1, sizeof(*tmp_mod));
+	if (tmp_mod == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	tmp_mod->name = gnutls_strdup(name);
+	tmp_mod->free_struct = 1;
+	tmp_mod->tls_id = id;
+	tmp_mod->gid = gid;
+	tmp_mod->client_parse_point = parse_point;
+	tmp_mod->server_parse_point = parse_point;
+	tmp_mod->recv_func = recv_func;
+	tmp_mod->send_func = send_func;
+	tmp_mod->deinit_func = deinit_func;
+	tmp_mod->pack_func = pack_func;
+	tmp_mod->unpack_func = unpack_func;
+	tmp_mod->validity = GNUTLS_EXT_FLAG_CLIENT_HELLO | GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO |
+			    GNUTLS_EXT_FLAG_EE | GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_TLS;
+
+	assert(extfunc[gid] == NULL);
+	extfunc[gid] = tmp_mod;
+
+	return 0;
+}
+
+#define VALIDITY_MASK (GNUTLS_EXT_FLAG_CLIENT_HELLO | GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO | \
+			GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO | \
+			GNUTLS_EXT_FLAG_EE | GNUTLS_EXT_FLAG_HRR)
+
+/**
+ * gnutls_session_ext_register:
+ * @session: the session for which this extension will be set
+ * @name: the name of the extension to register
+ * @id: the numeric id of the extension
+ * @parse_point: the parse type of the extension (see gnutls_ext_parse_type_t)
+ * @recv_func: a function to receive the data
+ * @send_func: a function to send the data
+ * @deinit_func: a function deinitialize any private data
+ * @pack_func: a function which serializes the extension's private data (used on session packing for resumption)
+ * @unpack_func: a function which will deserialize the extension's private data
+ * @flags: must be zero or flags from %gnutls_ext_flags_t
+ *
+ * This function will register a new extension type. The extension will be
+ * only usable within the registered session. If the extension type
+ * is already registered then %GNUTLS_E_ALREADY_REGISTERED will be returned,
+ * unless the flag %GNUTLS_EXT_FLAG_OVERRIDE_INTERNAL is specified. The latter
+ * flag when specified can be used to override certain extensions introduced
+ * after 3.6.0. It is expected to be used by applications which handle
+ * custom extensions that are not currently supported in GnuTLS, but direct
+ * support for them may be added in the future.
+ *
+ * Each registered extension can store temporary data into the gnutls_session_t
+ * structure using gnutls_ext_set_data(), and they can be retrieved using
+ * gnutls_ext_get_data().
+ *
+ * The validity of the extension registered can be given by the appropriate flags
+ * of %gnutls_ext_flags_t. If no validity is given, then the registered extension
+ * will be valid for client and TLS1.2 server hello (or encrypted extensions for TLS1.3).
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.5.5
+ **/
+int
+gnutls_session_ext_register(gnutls_session_t session,
+			    const char *name, int id, gnutls_ext_parse_type_t parse_point,
+			    gnutls_ext_recv_func recv_func, gnutls_ext_send_func send_func,
+			    gnutls_ext_deinit_data_func deinit_func, gnutls_ext_pack_func pack_func,
+			    gnutls_ext_unpack_func unpack_func, unsigned flags)
+{
+	hello_ext_entry_st tmp_mod;
+	hello_ext_entry_st *exts;
+	unsigned i;
+	unsigned gid = GNUTLS_EXTENSION_MAX+1;
+
+	/* reject handling any extensions which modify the TLS handshake
+	 * in any way, or are mapped to an exported API. */
+	for (i = 0; i < GNUTLS_EXTENSION_MAX; i++) {
+		if (!extfunc[i])
+			continue;
+
+		if (extfunc[i]->tls_id == id) {
+			if (!(flags & GNUTLS_EXT_FLAG_OVERRIDE_INTERNAL)) {
+				return gnutls_assert_val(GNUTLS_E_ALREADY_REGISTERED);
+			} else if (extfunc[i]->cannot_be_overriden) {
+				return gnutls_assert_val(GNUTLS_E_ALREADY_REGISTERED);
+			}
+			break;
+		}
+
+		if (extfunc[i]->gid >= gid)
+			gid = extfunc[i]->gid + 1;
+	}
+
+	for (i=0;i<session->internals.rexts_size;i++) {
+		if (session->internals.rexts[i].tls_id == id) {
+			return gnutls_assert_val(GNUTLS_E_ALREADY_REGISTERED);
+		}
+
+		if (session->internals.rexts[i].gid >= gid)
+			gid = session->internals.rexts[i].gid + 1;
+	}
+
+	if (gid > GNUTLS_EXTENSION_MAX_VALUE)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	memset(&tmp_mod, 0, sizeof(hello_ext_entry_st));
+	tmp_mod.name = gnutls_strdup(name);
+	tmp_mod.free_struct = 1;
+	tmp_mod.tls_id = id;
+	tmp_mod.gid = gid;
+	tmp_mod.client_parse_point = parse_point;
+	tmp_mod.server_parse_point = parse_point;
+	tmp_mod.recv_func = recv_func;
+	tmp_mod.send_func = send_func;
+	tmp_mod.deinit_func = deinit_func;
+	tmp_mod.pack_func = pack_func;
+	tmp_mod.unpack_func = unpack_func;
+	tmp_mod.validity = flags;
+
+	if ((tmp_mod.validity & VALIDITY_MASK) == 0) {
+		tmp_mod.validity = GNUTLS_EXT_FLAG_CLIENT_HELLO | GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO |
+				   GNUTLS_EXT_FLAG_EE;
+	}
+
+	if ((tmp_mod.validity & (GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_TLS)) == 0) {
+		if (IS_DTLS(session))
+			tmp_mod.validity |= GNUTLS_EXT_FLAG_DTLS;
+		else
+			tmp_mod.validity |= GNUTLS_EXT_FLAG_TLS;
+	}
+
+	if (unlikely(INT_ADD_OVERFLOW(session->internals.rexts_size, 1))) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	exts = _gnutls_reallocarray(session->internals.rexts,
+				    session->internals.rexts_size + 1,
+				    sizeof(*exts));
+	if (exts == NULL) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	session->internals.rexts = exts;
+
+	memcpy(&session->internals.rexts[session->internals.rexts_size], &tmp_mod, sizeof(hello_ext_entry_st));
+	session->internals.rexts_size++;
+
+	return 0;
+}
+
+/**
+ * gnutls_ext_set_data:
+ * @session: a #gnutls_session_t opaque pointer
+ * @tls_id: the numeric id of the extension
+ * @data: the private data to set
+ *
+ * This function allows an extension handler to store data in the current session
+ * and retrieve them later on. The set data will be deallocated using
+ * the gnutls_ext_deinit_data_func.
+ *
+ * Since: 3.4.0
+ **/
+void
+gnutls_ext_set_data(gnutls_session_t session, unsigned tls_id,
+		    gnutls_ext_priv_data_t data)
+{
+	unsigned id = tls_id_to_gid(session, tls_id);
+	if (id == GNUTLS_EXTENSION_INVALID)
+		return;
+
+	_gnutls_hello_ext_set_priv(session, id, data);
+}
+
+/**
+ * gnutls_ext_get_data:
+ * @session: a #gnutls_session_t opaque pointer
+ * @tls_id: the numeric id of the extension
+ * @data: a pointer to the private data to retrieve
+ *
+ * This function retrieves any data previously stored with gnutls_ext_set_data().
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_ext_get_data(gnutls_session_t session,
+		    unsigned tls_id, gnutls_ext_priv_data_t *data)
+{
+	unsigned id = tls_id_to_gid(session, tls_id);
+	if (id == GNUTLS_EXTENSION_INVALID)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	return _gnutls_hello_ext_get_priv(session, id, data);
+}
+
+/**
+ * gnutls_ext_get_current_msg:
+ * @session: a #gnutls_session_t opaque pointer
+ *
+ * This function allows an extension handler to obtain the message
+ * this extension is being called from. The returned value is a single
+ * entry of the %gnutls_ext_flags_t enumeration. That is, if an
+ * extension was registered with the %GNUTLS_EXT_FLAG_HRR and
+ * %GNUTLS_EXT_FLAG_EE flags, the value when called during parsing of the
+ * encrypted extensions message will be %GNUTLS_EXT_FLAG_EE.
+ *
+ * If not called under an extension handler, its value is undefined.
+ *
+ * Since: 3.6.3
+ **/
+unsigned gnutls_ext_get_current_msg(gnutls_session_t session)
+{
+	return _gnutls_ext_get_msg(session);
+}
+
+/**
+ * gnutls_ext_get_name2:
+ * @session: a #gnutls_session_t opaque pointer
+ * @tls_id: is a TLS extension numeric ID
+ * @parse_point: the parse type of the extension
+ *
+ * Convert a TLS extension numeric ID to a printable string.
+ *
+ * Returns: a pointer to a string that contains the name of the
+ *   specified cipher, or %NULL.
+ **/
+const char *gnutls_ext_get_name2(gnutls_session_t session, unsigned int tls_id,
+				 gnutls_ext_parse_type_t parse_point)
+{
+	const struct hello_ext_entry_st *ext;
+
+	ext = tls_id_to_ext_entry(session, tls_id, parse_point);
+	if (ext)
+		return ext->name;
+
+	return NULL;
+}
+
diff --git a/lib/hello_ext.h b/lib/hello_ext.h
new file mode 100644
index 0000000..a7b9218
--- /dev/null
+++ b/lib/hello_ext.h
@@ -0,0 +1,198 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_HELLO_EXT_H
+#define GNUTLS_LIB_HELLO_EXT_H
+
+#include "gnutls_int.h"
+#include <gnutls/gnutls.h>
+#include "str.h"
+
+/* Functions for hello extension parsing.
+ */
+int _gnutls_parse_hello_extensions(gnutls_session_t session,
+				   gnutls_ext_flags_t msg,
+				   gnutls_ext_parse_type_t parse_type,
+				   const uint8_t * data, int data_size);
+int _gnutls_gen_hello_extensions(gnutls_session_t session,
+				 gnutls_buffer_st * extdata,
+				 gnutls_ext_flags_t msg,
+				 gnutls_ext_parse_type_t);
+int _gnutls_hello_ext_init(void);
+void _gnutls_hello_ext_deinit(void);
+
+void _gnutls_hello_ext_priv_deinit(gnutls_session_t session);
+
+/* functions to be used by extensions internally
+ */
+void _gnutls_hello_ext_unset_priv(gnutls_session_t session,
+				    extensions_t ext);
+void _gnutls_hello_ext_set_priv(gnutls_session_t session, extensions_t ext,
+				  gnutls_ext_priv_data_t);
+int _gnutls_hello_ext_get_priv(gnutls_session_t session, extensions_t ext,
+				 gnutls_ext_priv_data_t *);
+int _gnutls_hello_ext_get_resumed_priv(gnutls_session_t session,
+					 extensions_t ext,
+					 gnutls_ext_priv_data_t * data);
+
+#define GNUTLS_EXT_FLAG_MSG_MASK (GNUTLS_EXT_FLAG_CLIENT_HELLO | GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO| \
+		 GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO | GNUTLS_EXT_FLAG_EE | GNUTLS_EXT_FLAG_HRR)
+
+/* these flags can only be set in the extensions, but cannot be requested;
+ * they are handled internally by the hello parsing/generating functions. */
+#define GNUTLS_EXT_FLAG_SET_ONLY_FLAGS_MASK ~(GNUTLS_EXT_FLAG_DTLS | GNUTLS_EXT_FLAG_TLS)
+
+/* obtain the message this extension was received at */
+inline static gnutls_ext_flags_t _gnutls_ext_get_msg(gnutls_session_t session)
+{
+	return session->internals.ext_msg & GNUTLS_EXT_FLAG_MSG_MASK;
+}
+
+inline static void _gnutls_ext_set_msg(gnutls_session_t session, gnutls_ext_flags_t msg)
+{
+	session->internals.ext_msg = msg;
+}
+
+inline static void _gnutls_ext_set_extensions_offset(gnutls_session_t session,
+		int offset)
+{
+	session->internals.extensions_offset = offset;
+}
+
+inline static int _gnutls_ext_get_extensions_offset(gnutls_session_t session)
+{
+	return session->internals.extensions_offset;
+}
+
+int _gnutls_ext_set_full_client_hello(gnutls_session_t session,
+				      handshake_buffer_st *recv_buf);
+unsigned _gnutls_ext_get_full_client_hello(gnutls_session_t session,
+					   gnutls_datum_t *datum);
+
+/* for session packing */
+int _gnutls_hello_ext_pack(gnutls_session_t session, gnutls_buffer_st * packed);
+int _gnutls_hello_ext_unpack(gnutls_session_t session,
+		       gnutls_buffer_st * packed);
+
+inline static const char *ext_msg_validity_to_str(gnutls_ext_flags_t msg)
+{
+	msg &= GNUTLS_EXT_FLAG_MSG_MASK;
+
+	switch(msg) {
+		case GNUTLS_EXT_FLAG_CLIENT_HELLO:
+			return "client hello";
+		case GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO:
+			return "TLS 1.2 server hello";
+		case GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO:
+			return "TLS 1.3 server hello";
+		case GNUTLS_EXT_FLAG_EE:
+			return "encrypted extensions";
+		case GNUTLS_EXT_FLAG_HRR:
+			return "hello retry request";
+		default:
+			return "(unknown)";
+	}
+}
+
+typedef struct hello_ext_entry_st {
+	const char *name; /* const overridden when free_struct is set */
+	unsigned free_struct;
+
+	uint16_t tls_id;
+	unsigned gid; /* gnutls internal ID */
+
+	gnutls_ext_parse_type_t client_parse_point;
+	gnutls_ext_parse_type_t server_parse_point;
+	unsigned validity; /* multiple items of gnutls_ext_flags_t */
+
+	/* this function must return 0 when Not Applicable
+	 * size of extension data if ok
+	 * < 0 on other error.
+	 */
+	gnutls_ext_recv_func recv_func;
+
+	/* this function must return 0 when Not Applicable
+	 * size of extension data if ok
+	 * GNUTLS_E_INT_RET_0 if extension data size is zero
+	 * < 0 on other error.
+	 */
+	gnutls_ext_send_func send_func;
+
+	gnutls_ext_deinit_data_func deinit_func;	/* this will be called to deinitialize
+							 * internal data
+							 */
+	gnutls_ext_pack_func pack_func;	/* packs internal data to machine independent format */
+	gnutls_ext_unpack_func unpack_func;	/* unpacks internal data */
+
+	/* non-zero if that extension cannot be overridden by the applications.
+	 * That should be set to extensions which allocate data early, e.g., on
+	 * gnutls_init(), or modify the TLS protocol in a way that the application
+	 * cannot control. */
+	unsigned cannot_be_overriden;
+} hello_ext_entry_st;
+
+/* Checks if the extension @id provided has been requested
+ * by us (in client side).In server side it checks whether this
+ * extension was advertized by the client.
+ *
+ * It returns non-zero for true, otherwise zero.
+ */
+inline static unsigned
+_gnutls_hello_ext_is_present(gnutls_session_t session, extensions_t id)
+{
+	if (session->internals.used_exts & ((ext_track_t)1 << id))
+		return 1;
+
+	return 0;
+}
+
+/* Adds the extension we want to send in the extensions list.
+ * This list is used in client side to check whether the (later) received
+ * extensions are the ones we requested.
+ *
+ * In server side, this list is used to ensure we don't send
+ * extensions that we didn't receive a corresponding value.
+ *
+ * Returns zero if failed, non-zero on success.
+ */
+inline static
+unsigned _gnutls_hello_ext_save(gnutls_session_t session,
+				extensions_t id,
+				unsigned check_dup)
+{
+	if (check_dup && _gnutls_hello_ext_is_present(session, id)) {
+			return 0;
+	}
+
+	session->internals.used_exts |= ((ext_track_t)1 << id);
+
+	return 1;
+}
+
+inline static
+void _gnutls_hello_ext_save_sr(gnutls_session_t session)
+{
+	_gnutls_hello_ext_save(session, GNUTLS_EXTENSION_SAFE_RENEGOTIATION, 1);
+}
+
+#endif /* GNUTLS_LIB_HELLO_EXT_H */
diff --git a/lib/hello_ext_lib.c b/lib/hello_ext_lib.c
new file mode 100644
index 0000000..4f9b74d
--- /dev/null
+++ b/lib/hello_ext_lib.c
@@ -0,0 +1,128 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Internal API functions to be used by extension handlers.
+ */
+
+#include "gnutls_int.h"
+#include "hello_ext.h"
+#include "hello_ext_lib.h"
+
+void _gnutls_hello_ext_default_deinit(gnutls_ext_priv_data_t priv)
+{
+	gnutls_free(priv);
+}
+
+/* When this is used, the deinitialization function must be set to default:
+ * _gnutls_hello_ext_default_deinit.
+ *
+ * This also prevents and errors on duplicate entries.
+ */
+int
+_gnutls_hello_ext_set_datum(gnutls_session_t session,
+			    extensions_t id, const gnutls_datum_t *data)
+{
+	gnutls_ext_priv_data_t epriv;
+
+	if (_gnutls_hello_ext_get_priv(session, id, &epriv) >= 0)
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	if (data->size >= UINT16_MAX)
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	epriv = gnutls_malloc(data->size+2);
+	if (epriv == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	_gnutls_write_uint16(data->size, epriv);
+	memcpy(((uint8_t*)epriv)+2, data->data, data->size);
+
+	_gnutls_hello_ext_set_priv(session, id, epriv);
+
+	return 0;
+}
+
+int
+_gnutls_hello_ext_get_datum(gnutls_session_t session,
+			    extensions_t id, gnutls_datum_t *data /* constant contents */)
+{
+	gnutls_ext_priv_data_t epriv;
+	int ret;
+
+	ret = _gnutls_hello_ext_get_priv(session, id, &epriv);
+	if (ret < 0 || epriv == NULL)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+	data->size = _gnutls_read_uint16(epriv);
+	data->data = ((uint8_t*)epriv)+2;
+
+	return 0;
+}
+
+int
+_gnutls_hello_ext_get_resumed_datum(gnutls_session_t session,
+				    extensions_t id, gnutls_datum_t *data /* constant contents */)
+{
+	gnutls_ext_priv_data_t epriv;
+	int ret;
+
+	ret = _gnutls_hello_ext_get_resumed_priv(session, id, &epriv);
+	if (ret < 0 || epriv == NULL)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+	data->size = _gnutls_read_uint16(epriv);
+	data->data = ((uint8_t*)epriv)+2;
+
+	return 0;
+}
+
+int
+_gnutls_hello_ext_default_pack(gnutls_ext_priv_data_t epriv, gnutls_buffer_st *ps)
+{
+	size_t size;
+
+	size = _gnutls_read_uint16(epriv);
+
+	return _gnutls_buffer_append_data(ps, epriv, size+2);
+}
+
+int
+_gnutls_hello_ext_default_unpack(gnutls_buffer_st *ps, gnutls_ext_priv_data_t *epriv)
+{
+	gnutls_datum_t data;
+	uint8_t *store;
+	int ret;
+
+	ret = _gnutls_buffer_pop_datum_prefix16(ps, &data);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	store = gnutls_calloc(1, data.size+2);
+	if (store == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	_gnutls_write_uint16(data.size, store);
+	memcpy(store+2, data.data, data.size);
+
+	*epriv = store;
+	return 0;
+}
diff --git a/lib/hello_ext_lib.h b/lib/hello_ext_lib.h
new file mode 100644
index 0000000..c1a79ec
--- /dev/null
+++ b/lib/hello_ext_lib.h
@@ -0,0 +1,67 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_HELLO_EXT_LIB_H
+#define GNUTLS_LIB_HELLO_EXT_LIB_H
+
+#include <gnutls/gnutls.h>
+#include "hello_ext.h"
+
+/* Functions to use at the send() or recv() extension function to temporarily
+ * store and retrieve data related to the extension.
+ */
+int
+_gnutls_hello_ext_set_datum(gnutls_session_t session,
+			    extensions_t id, const gnutls_datum_t *data);
+int
+_gnutls_hello_ext_get_datum(gnutls_session_t session,
+			    extensions_t id, gnutls_datum_t *data /* constant contents */);
+
+int
+_gnutls_hello_ext_get_resumed_datum(gnutls_session_t session,
+				    extensions_t id, gnutls_datum_t *data /* constant contents */);
+
+/* clear up any set data for the extension */
+#if 0 /* defined in hello_ext.h */
+void
+_gnutls_hello_ext_unset_priv(gnutls_session_t session,
+                              extensions_t id);
+#endif
+
+/* Function that will deinitialize the temporal data. Must be set
+ * as the deinit_func in the hello_ext_entry_st if the functions above
+ * are used.
+ */
+void _gnutls_hello_ext_default_deinit(gnutls_ext_priv_data_t priv);
+
+/* Functions to pack and unpack data if they need to be stored at
+ * session resumption data. Must be set as the pack_func and unpack_func
+ * of hello_ext_entry_st if the set and get functions above are used,
+ * and data must be accessible on resumed sessions.
+ */
+int
+_gnutls_hello_ext_default_pack(gnutls_ext_priv_data_t epriv, gnutls_buffer_st *ps);
+
+int
+_gnutls_hello_ext_default_unpack(gnutls_buffer_st *ps, gnutls_ext_priv_data_t *epriv);
+
+#endif /* GNUTLS_LIB_HELLO_EXT_LIB_H */
diff --git a/lib/includes/Makefile.am b/lib/includes/Makefile.am
new file mode 100644
index 0000000..42bec1c
--- /dev/null
+++ b/lib/includes/Makefile.am
@@ -0,0 +1,31 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2000-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+nobase_include_HEADERS = gnutls/x509.h gnutls/pkcs12.h gnutls/compat.h	\
+	gnutls/openpgp.h gnutls/crypto.h gnutls/pkcs11.h		\
+	gnutls/abstract.h gnutls/dtls.h gnutls/ocsp.h gnutls/tpm.h	\
+	gnutls/x509-ext.h gnutls/self-test.h gnutls/system-keys.h	\
+	gnutls/urls.h gnutls/pkcs7.h gnutls/socket.h
+
+if ENABLE_CXX
+nobase_include_HEADERS += gnutls/gnutlsxx.h
+endif
+
+nobase_nodist_include_HEADERS = gnutls/gnutls.h
diff --git a/lib/includes/Makefile.in b/lib/includes/Makefile.in
new file mode 100644
index 0000000..73f1e64
--- /dev/null
+++ b/lib/includes/Makefile.in
@@ -0,0 +1,2380 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2000-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@ENABLE_CXX_TRUE@am__append_1 = gnutls/gnutlsxx.h
+subdir = lib/includes
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__nobase_include_HEADERS_DIST) \
+	$(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+SOURCES =
+DIST_SOURCES =
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+am__nobase_include_HEADERS_DIST = gnutls/x509.h gnutls/pkcs12.h \
+	gnutls/compat.h gnutls/openpgp.h gnutls/crypto.h \
+	gnutls/pkcs11.h gnutls/abstract.h gnutls/dtls.h gnutls/ocsp.h \
+	gnutls/tpm.h gnutls/x509-ext.h gnutls/self-test.h \
+	gnutls/system-keys.h gnutls/urls.h gnutls/pkcs7.h \
+	gnutls/socket.h gnutls/gnutlsxx.h
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+    $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+    *) f=$$p;; \
+  esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+  srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+  for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+  for p in $$list; do echo "$$p $$p"; done | \
+  sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+  $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+    if (++n[$$2] == $(am__install_max)) \
+      { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+    END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+  sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+  sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
+am__installdirs = "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)"
+HEADERS = $(nobase_include_HEADERS) $(nobase_nodist_include_HEADERS)
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = @GPERF@
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+nobase_include_HEADERS = gnutls/x509.h gnutls/pkcs12.h gnutls/compat.h \
+	gnutls/openpgp.h gnutls/crypto.h gnutls/pkcs11.h \
+	gnutls/abstract.h gnutls/dtls.h gnutls/ocsp.h gnutls/tpm.h \
+	gnutls/x509-ext.h gnutls/self-test.h gnutls/system-keys.h \
+	gnutls/urls.h gnutls/pkcs7.h gnutls/socket.h $(am__append_1)
+nobase_nodist_include_HEADERS = gnutls/gnutls.h
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am  $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/includes/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign lib/includes/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+install-nobase_includeHEADERS: $(nobase_include_HEADERS)
+	@$(NORMAL_INSTALL)
+	@list='$(nobase_include_HEADERS)'; test -n "$(includedir)" || list=; \
+	if test -n "$$list"; then \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(includedir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(includedir)" || exit 1; \
+	fi; \
+	$(am__nobase_list) | while read dir files; do \
+	  xfiles=; for file in $$files; do \
+	    if test -f "$$file"; then xfiles="$$xfiles $$file"; \
+	    else xfiles="$$xfiles $(srcdir)/$$file"; fi; done; \
+	  test -z "$$xfiles" || { \
+	    test "x$$dir" = x. || { \
+	      echo " $(MKDIR_P) '$(DESTDIR)$(includedir)/$$dir'"; \
+	      $(MKDIR_P) "$(DESTDIR)$(includedir)/$$dir"; }; \
+	    echo " $(INSTALL_HEADER) $$xfiles '$(DESTDIR)$(includedir)/$$dir'"; \
+	    $(INSTALL_HEADER) $$xfiles "$(DESTDIR)$(includedir)/$$dir" || exit $$?; }; \
+	done
+
+uninstall-nobase_includeHEADERS:
+	@$(NORMAL_UNINSTALL)
+	@list='$(nobase_include_HEADERS)'; test -n "$(includedir)" || list=; \
+	$(am__nobase_strip_setup); files=`$(am__nobase_strip)`; \
+	dir='$(DESTDIR)$(includedir)'; $(am__uninstall_files_from_dir)
+install-nobase_nodist_includeHEADERS: $(nobase_nodist_include_HEADERS)
+	@$(NORMAL_INSTALL)
+	@list='$(nobase_nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \
+	if test -n "$$list"; then \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(includedir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(includedir)" || exit 1; \
+	fi; \
+	$(am__nobase_list) | while read dir files; do \
+	  xfiles=; for file in $$files; do \
+	    if test -f "$$file"; then xfiles="$$xfiles $$file"; \
+	    else xfiles="$$xfiles $(srcdir)/$$file"; fi; done; \
+	  test -z "$$xfiles" || { \
+	    test "x$$dir" = x. || { \
+	      echo " $(MKDIR_P) '$(DESTDIR)$(includedir)/$$dir'"; \
+	      $(MKDIR_P) "$(DESTDIR)$(includedir)/$$dir"; }; \
+	    echo " $(INSTALL_HEADER) $$xfiles '$(DESTDIR)$(includedir)/$$dir'"; \
+	    $(INSTALL_HEADER) $$xfiles "$(DESTDIR)$(includedir)/$$dir" || exit $$?; }; \
+	done
+
+uninstall-nobase_nodist_includeHEADERS:
+	@$(NORMAL_UNINSTALL)
+	@list='$(nobase_nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \
+	$(am__nobase_strip_setup); files=`$(am__nobase_strip)`; \
+	dir='$(DESTDIR)$(includedir)'; $(am__uninstall_files_from_dir)
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-am
+all-am: Makefile $(HEADERS)
+installdirs:
+	for dir in "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)"; do \
+	  test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+	done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+	-rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-nobase_includeHEADERS \
+	install-nobase_nodist_includeHEADERS
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-nobase_includeHEADERS \
+	uninstall-nobase_nodist_includeHEADERS
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+	clean-libtool cscopelist-am ctags ctags-am distclean \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man \
+	install-nobase_includeHEADERS \
+	install-nobase_nodist_includeHEADERS install-pdf \
+	install-pdf-am install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-generic \
+	mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
+	uninstall-am uninstall-nobase_includeHEADERS \
+	uninstall-nobase_nodist_includeHEADERS
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/lib/includes/gnutls/abstract.h b/lib/includes/gnutls/abstract.h
new file mode 100644
index 0000000..c9f8067
--- /dev/null
+++ b/lib/includes/gnutls/abstract.h
@@ -0,0 +1,782 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_ABSTRACT_H
+#define GNUTLS_ABSTRACT_H
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+#include <gnutls/pkcs11.h>
+#include <gnutls/openpgp.h>
+#include <gnutls/tpm.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+/* Public key operations */
+
+#define GNUTLS_PUBKEY_VERIFY_FLAG_TLS_RSA GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA
+/**
+ * gnutls_pubkey_flags:
+ * @GNUTLS_PUBKEY_DISABLE_CALLBACKS: The following flag disables call to PIN callbacks. Only
+ *   relevant to TPM keys.
+ * @GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT: request an OPENPGP fingerprint instead of the default.
+ *
+ * Enumeration of different certificate import flags.
+ */
+typedef enum gnutls_pubkey_flags {
+	GNUTLS_PUBKEY_DISABLE_CALLBACKS = 1 << 2,
+	GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT = 1 << 3
+} gnutls_pubkey_flags_t;
+
+/**
+ * gnutls_abstract_export_flags:
+ * @GNUTLS_EXPORT_FLAG_NO_LZ: do not prepend a leading zero to exported values
+ *
+ * Enumeration of different certificate import flags.
+ */
+typedef enum gnutls_abstract_export_flags {
+	GNUTLS_EXPORT_FLAG_NO_LZ = 1
+} gnutls_abstract_export_flags_t;
+
+#define GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA GNUTLS_VERIFY_USE_TLS1_RSA
+
+typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key,
+					 void *userdata,
+					 const gnutls_datum_t *raw_data,
+					 gnutls_datum_t * signature);
+
+
+typedef int (*gnutls_privkey_decrypt_func) (gnutls_privkey_t key,
+					    void *userdata,
+					    const gnutls_datum_t *ciphertext,
+					    gnutls_datum_t * plaintext);
+
+typedef int (*gnutls_privkey_decrypt_func2) (gnutls_privkey_t key,
+					     void *userdata,
+					     const gnutls_datum_t *ciphertext,
+					     unsigned char * plaintext,
+					     size_t plaintext_size);
+
+/* to be called to sign pre-hashed data. The input will be
+ * the output of the hash (such as SHA256) corresponding to
+ * the signature algorithm. The algorithm GNUTLS_SIGN_RSA_RAW
+ * will be provided when RSA PKCS#1 DigestInfo structure is provided
+ * as data (when this is called from a TLS 1.0 or 1.1 session).
+ */
+typedef int (*gnutls_privkey_sign_hash_func) (gnutls_privkey_t key,
+					      gnutls_sign_algorithm_t algo,
+					      void *userdata,
+					      unsigned int flags,
+					      const gnutls_datum_t *hash,
+					      gnutls_datum_t * signature);
+
+/* to be called to sign data. The input data will be
+ * the data to be signed (and hashed), with the provided
+ * signature algorithm. This function is used for algorithms
+ * like ed25519 which cannot take pre-hashed data as input.
+ */
+typedef int (*gnutls_privkey_sign_data_func) (gnutls_privkey_t key,
+					      gnutls_sign_algorithm_t algo,
+					      void *userdata,
+					      unsigned int flags,
+					      const gnutls_datum_t *data,
+					      gnutls_datum_t * signature);
+
+typedef void (*gnutls_privkey_deinit_func) (gnutls_privkey_t key,
+					    void *userdata);
+
+
+#define GNUTLS_SIGN_ALGO_TO_FLAGS(sig) (unsigned int)((sig)<<20)
+#define GNUTLS_FLAGS_TO_SIGN_ALGO(flags) (unsigned int)((flags)>>20)
+
+/* Should return the public key algorithm (gnutls_pk_algorithm_t) */
+#define GNUTLS_PRIVKEY_INFO_PK_ALGO 1
+/* Should return the preferred signature algorithm (gnutls_sign_algorithm_t) or 0. */
+#define GNUTLS_PRIVKEY_INFO_SIGN_ALGO (1<<1)
+/* Should return true (1) or false (0) if the provided sign algorithm
+ * (obtained with GNUTLS_FLAGS_TO_SIGN_ALGO) is supported.
+ */
+#define GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO (1<<2)
+/* Should return the number of bits of the public key algorithm (required for RSA-PSS)
+ * It is the value that should be returned by gnutls_pubkey_get_pk_algorithm() */
+#define GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS (1<<3)
+
+/* returns information on the public key associated with userdata */
+typedef int (*gnutls_privkey_info_func) (gnutls_privkey_t key, unsigned int flags, void *userdata);
+
+int gnutls_pubkey_init(gnutls_pubkey_t * key);
+void gnutls_pubkey_deinit(gnutls_pubkey_t key);
+
+int gnutls_pubkey_verify_params(gnutls_pubkey_t key);
+
+void gnutls_pubkey_set_pin_function(gnutls_pubkey_t key,
+				    gnutls_pin_callback_t fn,
+				    void *userdata);
+
+int gnutls_pubkey_get_pk_algorithm(gnutls_pubkey_t key,
+				   unsigned int *bits);
+
+int
+gnutls_pubkey_set_spki(gnutls_pubkey_t key,
+			const gnutls_x509_spki_t spki,
+			unsigned int flags);
+
+int
+gnutls_pubkey_get_spki(gnutls_pubkey_t key,
+			const gnutls_x509_spki_t spki,
+			unsigned int flags);
+
+int gnutls_pubkey_import_x509(gnutls_pubkey_t key,
+			      gnutls_x509_crt_t crt, unsigned int flags);
+int gnutls_pubkey_import_x509_crq(gnutls_pubkey_t key,
+				  gnutls_x509_crq_t crq,
+				  unsigned int flags);
+int gnutls_pubkey_import_pkcs11(gnutls_pubkey_t key,
+				gnutls_pkcs11_obj_t obj,
+				unsigned int flags);
+int gnutls_pubkey_import_openpgp(gnutls_pubkey_t key,
+				 gnutls_openpgp_crt_t crt,
+				 unsigned int flags);
+
+int gnutls_pubkey_import_openpgp_raw(gnutls_pubkey_t pkey,
+				     const gnutls_datum_t * data,
+				     gnutls_openpgp_crt_fmt_t
+				     format,
+				     const gnutls_openpgp_keyid_t
+				     keyid, unsigned int flags);
+int gnutls_pubkey_import_x509_raw(gnutls_pubkey_t pkey,
+				  const gnutls_datum_t * data,
+				  gnutls_x509_crt_fmt_t format,
+				  unsigned int flags);
+
+int
+gnutls_pubkey_import_privkey(gnutls_pubkey_t key,
+			     gnutls_privkey_t pkey,
+			     unsigned int usage, unsigned int flags);
+
+int
+gnutls_pubkey_import_tpm_url(gnutls_pubkey_t pkey,
+			     const char *url,
+			     const char *srk_password, unsigned int flags);
+
+int
+gnutls_pubkey_import_url(gnutls_pubkey_t key, const char *url,
+			 unsigned int flags);
+
+int
+gnutls_pubkey_import_tpm_raw(gnutls_pubkey_t pkey,
+			     const gnutls_datum_t * fdata,
+			     gnutls_tpmkey_fmt_t format,
+			     const char *srk_password, unsigned int flags);
+
+int gnutls_pubkey_get_preferred_hash_algorithm(gnutls_pubkey_t key,
+					       gnutls_digest_algorithm_t
+					       * hash, unsigned int *mand);
+
+#define gnutls_pubkey_get_pk_rsa_raw gnutls_pubkey_export_rsa_raw
+int gnutls_pubkey_export_rsa_raw(gnutls_pubkey_t key,
+				 gnutls_datum_t * m, gnutls_datum_t * e);
+
+int gnutls_pubkey_export_rsa_raw2(gnutls_pubkey_t key,
+				  gnutls_datum_t * m, gnutls_datum_t * e,
+				  unsigned flags);
+
+#define gnutls_pubkey_get_pk_dsa_raw gnutls_pubkey_export_dsa_raw
+int gnutls_pubkey_export_dsa_raw(gnutls_pubkey_t key,
+				 gnutls_datum_t * p,
+				 gnutls_datum_t * q,
+				 gnutls_datum_t * g, gnutls_datum_t * y);
+
+int gnutls_pubkey_export_dsa_raw2(gnutls_pubkey_t key,
+				 gnutls_datum_t * p,
+				 gnutls_datum_t * q,
+				 gnutls_datum_t * g, gnutls_datum_t * y,
+				 unsigned flags);
+
+int gnutls_pubkey_export_ecc_raw2(gnutls_pubkey_t key,
+				 gnutls_ecc_curve_t * curve,
+				 gnutls_datum_t * x, gnutls_datum_t * y,
+				 unsigned flags);
+
+int gnutls_pubkey_export_gost_raw2(gnutls_pubkey_t key,
+				   gnutls_ecc_curve_t * curve,
+				   gnutls_digest_algorithm_t * digest,
+				   gnutls_gost_paramset_t * paramset,
+				   gnutls_datum_t * x, gnutls_datum_t * y,
+				   unsigned int flags);
+
+#define gnutls_pubkey_get_pk_ecc_raw gnutls_pubkey_export_ecc_raw
+int gnutls_pubkey_export_ecc_raw(gnutls_pubkey_t key,
+				 gnutls_ecc_curve_t * curve,
+				 gnutls_datum_t * x, gnutls_datum_t * y);
+
+#define gnutls_pubkey_get_pk_ecc_x962 gnutls_pubkey_export_ecc_x962
+int gnutls_pubkey_export_ecc_x962(gnutls_pubkey_t key,
+				  gnutls_datum_t * parameters,
+				  gnutls_datum_t * ecpoint);
+
+int gnutls_pubkey_export(gnutls_pubkey_t key,
+			 gnutls_x509_crt_fmt_t format,
+			 void *output_data, size_t * output_data_size);
+
+int gnutls_pubkey_export2(gnutls_pubkey_t key,
+			  gnutls_x509_crt_fmt_t format,
+			  gnutls_datum_t * out);
+
+int gnutls_pubkey_get_key_id(gnutls_pubkey_t key,
+			     unsigned int flags,
+			     unsigned char *output_data,
+			     size_t * output_data_size);
+
+int
+gnutls_pubkey_get_openpgp_key_id(gnutls_pubkey_t key,
+				 unsigned int flags,
+				 unsigned char *output_data,
+				 size_t * output_data_size,
+				 unsigned int *subkey);
+
+int gnutls_pubkey_get_key_usage(gnutls_pubkey_t key, unsigned int *usage);
+int gnutls_pubkey_set_key_usage(gnutls_pubkey_t key, unsigned int usage);
+
+int gnutls_pubkey_import(gnutls_pubkey_t key,
+			 const gnutls_datum_t * data,
+			 gnutls_x509_crt_fmt_t format);
+
+
+#define gnutls_pubkey_import_pkcs11_url(key, url, flags) gnutls_pubkey_import_url(key, url, flags)
+
+int gnutls_pubkey_import_dsa_raw(gnutls_pubkey_t key,
+				 const gnutls_datum_t * p,
+				 const gnutls_datum_t * q,
+				 const gnutls_datum_t * g,
+				 const gnutls_datum_t * y);
+int gnutls_pubkey_import_rsa_raw(gnutls_pubkey_t key,
+				 const gnutls_datum_t * m,
+				 const gnutls_datum_t * e);
+
+int
+gnutls_pubkey_import_ecc_x962(gnutls_pubkey_t key,
+			      const gnutls_datum_t * parameters,
+			      const gnutls_datum_t * ecpoint);
+
+int
+gnutls_pubkey_import_ecc_raw(gnutls_pubkey_t key,
+			     gnutls_ecc_curve_t curve,
+			     const gnutls_datum_t * x,
+			     const gnutls_datum_t * y);
+
+int
+gnutls_pubkey_import_gost_raw(gnutls_pubkey_t key,
+			     gnutls_ecc_curve_t curve,
+			     gnutls_digest_algorithm_t digest,
+			     gnutls_gost_paramset_t paramset,
+			     const gnutls_datum_t * x,
+			     const gnutls_datum_t * y);
+
+int
+gnutls_pubkey_encrypt_data(gnutls_pubkey_t key,
+			   unsigned int flags,
+			   const gnutls_datum_t * plaintext,
+			   gnutls_datum_t * ciphertext);
+
+int gnutls_x509_crt_set_pubkey(gnutls_x509_crt_t crt, gnutls_pubkey_t key);
+
+int gnutls_x509_crq_set_pubkey(gnutls_x509_crq_t crq, gnutls_pubkey_t key);
+
+int
+gnutls_pubkey_verify_hash2(gnutls_pubkey_t key,
+			   gnutls_sign_algorithm_t algo,
+			   unsigned int flags,
+			   const gnutls_datum_t * hash,
+			   const gnutls_datum_t * signature);
+
+int
+gnutls_pubkey_verify_data2(gnutls_pubkey_t pubkey,
+			   gnutls_sign_algorithm_t algo,
+			   unsigned int flags,
+			   const gnutls_datum_t * data,
+			   const gnutls_datum_t * signature);
+
+/* Private key operations */
+
+int gnutls_privkey_init(gnutls_privkey_t * key);
+void gnutls_privkey_deinit(gnutls_privkey_t key);
+
+/* macros to allow specifying a subgroup and group size in gnutls_privkey_generate()
+ * and gnutls_x509_privkey_generate() */
+#define GNUTLS_SUBGROUP_TO_BITS(group, subgroup) (unsigned int)((subgroup<<16)|(group))
+#define GNUTLS_BITS_TO_SUBGROUP(bits) ((bits >> 16) & 0xFFFF)
+#define GNUTLS_BITS_TO_GROUP(bits) (bits & 0xFFFF)
+#define GNUTLS_BITS_HAVE_SUBGROUP(bits) ((bits) & 0xFFFF0000)
+
+int
+gnutls_privkey_generate (gnutls_privkey_t key,
+                         gnutls_pk_algorithm_t algo, unsigned int bits,
+                         unsigned int flags);
+int
+gnutls_privkey_generate2(gnutls_privkey_t pkey,
+			 gnutls_pk_algorithm_t algo, unsigned int bits,
+			 unsigned int flags, const gnutls_keygen_data_st *data, unsigned data_size);
+
+int
+gnutls_privkey_set_spki(gnutls_privkey_t key,
+			const gnutls_x509_spki_t spki,
+			unsigned int flags);
+
+int
+gnutls_privkey_get_spki(gnutls_privkey_t key,
+			const gnutls_x509_spki_t spki,
+			unsigned int flags);
+
+int gnutls_privkey_verify_seed(gnutls_privkey_t key, gnutls_digest_algorithm_t, const void *seed, size_t seed_size);
+int gnutls_privkey_get_seed(gnutls_privkey_t key, gnutls_digest_algorithm_t*, void *seed, size_t *seed_size);
+
+int gnutls_privkey_verify_params(gnutls_privkey_t key);
+
+void gnutls_privkey_set_flags(gnutls_privkey_t key, unsigned int flags);
+
+void gnutls_privkey_set_pin_function (gnutls_privkey_t key,
+                                      gnutls_pin_callback_t fn, void *userdata);
+
+int gnutls_privkey_get_pk_algorithm(gnutls_privkey_t key,
+				    unsigned int *bits);
+gnutls_privkey_type_t gnutls_privkey_get_type(gnutls_privkey_t key);
+int gnutls_privkey_status(gnutls_privkey_t key);
+
+/**
+ * gnutls_privkey_flags:
+ * @GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA: Make an RSA signature on the hashed data as in the TLS protocol.
+ * @GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS: Make an RSA signature on the hashed data with the PSS padding.
+ * @GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE: Make a signature on the hashed data with reproducible parameters.
+ *   For RSA-PSS, that means to use empty salt instead of random value. To
+ *   verify a signature created using this flag, the corresponding SPKI needs
+ *   to be set on the public key. Use gnutls_pubkey_set_spki() for that.
+ *   For ECDSA/DSA, it uses the deterministic construction of random parameter
+ *   according to RFC 6979. Note that this only supports the NIST curves and DSA
+ *   subgroup bits up to 512.
+ * @GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE: When importing a private key, automatically
+ *   release it when the structure it was imported is released.
+ * @GNUTLS_PRIVKEY_IMPORT_COPY: Copy required values during import.
+ * @GNUTLS_PRIVKEY_DISABLE_CALLBACKS: The following flag disables call to PIN callbacks etc.
+ *   Only relevant to TPM keys.
+ * @GNUTLS_PRIVKEY_FLAG_PROVABLE: When generating a key involving prime numbers, use provable primes; a seed may be required.
+ * @GNUTLS_PRIVKEY_FLAG_CA: The generated private key is going to be used as a CA (relevant for RSA-PSS keys).
+ * @GNUTLS_PRIVKEY_FLAG_EXPORT_COMPAT: Keys generated or imported as provable require an extended format which cannot be read by previous versions
+ *   of gnutls or other applications. By setting this flag the key will be exported in a backwards compatible way,
+ *   even if the information about the seed used will be lost.
+ * @GNUTLS_PRIVKEY_FLAG_RSA_PSS_FIXED_SALT_LENGTH: When making an RSA-PSS
+ *   signature, use the salt whose length is equal to the digest length, as
+ *   mandated in RFC 8446 4.2.3.
+ *
+ * Enumeration of different certificate import flags.
+ */
+typedef enum gnutls_privkey_flags {
+	GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE = 1,
+	GNUTLS_PRIVKEY_IMPORT_COPY = 1 << 1,
+	GNUTLS_PRIVKEY_DISABLE_CALLBACKS = 1 << 2,
+	GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA = 1 << 4,
+	GNUTLS_PRIVKEY_FLAG_PROVABLE = 1 << 5,
+	GNUTLS_PRIVKEY_FLAG_EXPORT_COMPAT = 1 << 6,
+	GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS = 1 << 7,
+	GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE = 1 << 8,
+	GNUTLS_PRIVKEY_FLAG_CA = 1 << 9,
+	GNUTLS_PRIVKEY_FLAG_RSA_PSS_FIXED_SALT_LENGTH = 1 << 10
+} gnutls_privkey_flags_t;
+
+int gnutls_privkey_import_pkcs11(gnutls_privkey_t pkey,
+				 gnutls_pkcs11_privkey_t key,
+				 unsigned int flags);
+int gnutls_privkey_import_x509(gnutls_privkey_t pkey,
+			       gnutls_x509_privkey_t key,
+			       unsigned int flags);
+int gnutls_privkey_import_openpgp(gnutls_privkey_t pkey,
+				  gnutls_openpgp_privkey_t key,
+				  unsigned int flags);
+
+int gnutls_privkey_export_x509(gnutls_privkey_t pkey,
+                               gnutls_x509_privkey_t * key);
+int gnutls_privkey_export_openpgp(gnutls_privkey_t pkey,
+                                  gnutls_openpgp_privkey_t * key);
+int
+gnutls_privkey_export_pkcs11(gnutls_privkey_t pkey,
+                             gnutls_pkcs11_privkey_t *key);
+
+int gnutls_privkey_import_openpgp_raw(gnutls_privkey_t pkey,
+				      const gnutls_datum_t * data,
+				      gnutls_openpgp_crt_fmt_t
+				      format,
+				      const gnutls_openpgp_keyid_t
+				      keyid, const char *password);
+
+int gnutls_privkey_import_x509_raw(gnutls_privkey_t pkey,
+				   const gnutls_datum_t * data,
+				   gnutls_x509_crt_fmt_t format,
+				   const char *password,
+				   unsigned int flags);
+
+int
+gnutls_privkey_import_tpm_raw(gnutls_privkey_t pkey,
+			      const gnutls_datum_t * fdata,
+			      gnutls_tpmkey_fmt_t format,
+			      const char *srk_password,
+			      const char *key_password,
+			      unsigned int flags);
+
+int
+gnutls_privkey_import_tpm_url(gnutls_privkey_t pkey,
+			      const char *url,
+			      const char *srk_password,
+			      const char *key_password,
+			      unsigned int flags);
+
+int gnutls_privkey_import_url(gnutls_privkey_t key,
+			      const char *url, unsigned int flags);
+
+#if 0
+/* for documentation purposes */
+int gnutls_privkey_import_pkcs11_url(gnutls_privkey_t key, const char *url);
+#endif
+
+#define gnutls_privkey_import_pkcs11_url(key, url) gnutls_privkey_import_url(key, url, 0)
+
+int
+gnutls_privkey_import_ext(gnutls_privkey_t pkey,
+			  gnutls_pk_algorithm_t pk,
+			  void *userdata,
+			  gnutls_privkey_sign_func sign_func,
+			  gnutls_privkey_decrypt_func
+			  decrypt_func, unsigned int flags);
+
+int
+gnutls_privkey_import_ext2(gnutls_privkey_t pkey,
+			   gnutls_pk_algorithm_t pk,
+			   void *userdata,
+			   gnutls_privkey_sign_func sign_func,
+			   gnutls_privkey_decrypt_func
+			   decrypt_func,
+			   gnutls_privkey_deinit_func deinit_func,
+			   unsigned int flags);
+
+int
+gnutls_privkey_import_ext3(gnutls_privkey_t pkey,
+                           void *userdata,
+                           gnutls_privkey_sign_func sign_func,
+                           gnutls_privkey_decrypt_func decrypt_func,
+                           gnutls_privkey_deinit_func deinit_func,
+                           gnutls_privkey_info_func info_func,
+                           unsigned int flags);
+
+int
+gnutls_privkey_import_ext4(gnutls_privkey_t pkey,
+                           void *userdata,
+                           gnutls_privkey_sign_data_func sign_data_func,
+                           gnutls_privkey_sign_hash_func sign_hash_func,
+                           gnutls_privkey_decrypt_func decrypt_func,
+                           gnutls_privkey_deinit_func deinit_func,
+                           gnutls_privkey_info_func info_func,
+                           unsigned int flags);
+
+int gnutls_privkey_import_dsa_raw(gnutls_privkey_t key,
+				       const gnutls_datum_t * p,
+				       const gnutls_datum_t * q,
+				       const gnutls_datum_t * g,
+				       const gnutls_datum_t * y,
+				       const gnutls_datum_t * x);
+
+int gnutls_privkey_import_rsa_raw(gnutls_privkey_t key,
+					const gnutls_datum_t * m,
+					const gnutls_datum_t * e,
+					const gnutls_datum_t * d,
+					const gnutls_datum_t * p,
+					const gnutls_datum_t * q,
+					const gnutls_datum_t * u,
+					const gnutls_datum_t * e1,
+					const gnutls_datum_t * e2);
+int gnutls_privkey_import_ecc_raw(gnutls_privkey_t key,
+				       gnutls_ecc_curve_t curve,
+				       const gnutls_datum_t * x,
+				       const gnutls_datum_t * y,
+				       const gnutls_datum_t * k);
+
+int gnutls_privkey_import_gost_raw(gnutls_privkey_t key,
+				       gnutls_ecc_curve_t curve,
+				       gnutls_digest_algorithm_t digest,
+				       gnutls_gost_paramset_t paramset,
+				       const gnutls_datum_t * x,
+				       const gnutls_datum_t * y,
+				       const gnutls_datum_t * k);
+
+
+int gnutls_privkey_sign_data(gnutls_privkey_t signer,
+			     gnutls_digest_algorithm_t hash,
+			     unsigned int flags,
+			     const gnutls_datum_t * data,
+			     gnutls_datum_t * signature);
+
+int gnutls_privkey_sign_data2(gnutls_privkey_t signer,
+			      gnutls_sign_algorithm_t algo,
+			      unsigned int flags,
+			      const gnutls_datum_t * data,
+			      gnutls_datum_t * signature);
+
+#define gnutls_privkey_sign_raw_data(key, flags, data, sig) \
+	gnutls_privkey_sign_hash ( key, 0, GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, data, sig)
+
+int gnutls_privkey_sign_hash(gnutls_privkey_t signer,
+			     gnutls_digest_algorithm_t hash_algo,
+			     unsigned int flags,
+			     const gnutls_datum_t * hash_data,
+			     gnutls_datum_t * signature);
+
+int gnutls_privkey_sign_hash2(gnutls_privkey_t signer,
+			      gnutls_sign_algorithm_t algo,
+			      unsigned int flags,
+			      const gnutls_datum_t * hash_data,
+			      gnutls_datum_t * signature);
+
+int gnutls_privkey_decrypt_data(gnutls_privkey_t key,
+				unsigned int flags,
+				const gnutls_datum_t * ciphertext,
+				gnutls_datum_t * plaintext);
+
+int gnutls_privkey_decrypt_data2(gnutls_privkey_t key,
+				 unsigned int flags,
+				 const gnutls_datum_t * ciphertext,
+				 unsigned char * plaintext,
+                                 size_t plaintext_size);
+
+int
+gnutls_privkey_export_rsa_raw(gnutls_privkey_t key,
+				    gnutls_datum_t * m, gnutls_datum_t * e,
+				    gnutls_datum_t * d, gnutls_datum_t * p,
+				    gnutls_datum_t * q, gnutls_datum_t * u,
+				    gnutls_datum_t * e1,
+				    gnutls_datum_t * e2);
+
+int
+gnutls_privkey_export_rsa_raw2(gnutls_privkey_t key,
+				    gnutls_datum_t * m, gnutls_datum_t * e,
+				    gnutls_datum_t * d, gnutls_datum_t * p,
+				    gnutls_datum_t * q, gnutls_datum_t * u,
+				    gnutls_datum_t * e1,
+				    gnutls_datum_t * e2, unsigned flags);
+
+int
+gnutls_privkey_export_dsa_raw(gnutls_privkey_t key,
+			     gnutls_datum_t * p, gnutls_datum_t * q,
+			     gnutls_datum_t * g, gnutls_datum_t * y,
+			     gnutls_datum_t * x);
+
+int
+gnutls_privkey_export_dsa_raw2(gnutls_privkey_t key,
+			     gnutls_datum_t * p, gnutls_datum_t * q,
+			     gnutls_datum_t * g, gnutls_datum_t * y,
+			     gnutls_datum_t * x, unsigned flags);
+
+int
+gnutls_privkey_export_ecc_raw(gnutls_privkey_t key,
+				       gnutls_ecc_curve_t * curve,
+				       gnutls_datum_t * x,
+				       gnutls_datum_t * y,
+				       gnutls_datum_t * k);
+
+int
+gnutls_privkey_export_ecc_raw2(gnutls_privkey_t key,
+				       gnutls_ecc_curve_t * curve,
+				       gnutls_datum_t * x,
+				       gnutls_datum_t * y,
+				       gnutls_datum_t * k,
+				       unsigned flags);
+
+int
+gnutls_privkey_export_gost_raw2(gnutls_privkey_t key,
+				       gnutls_ecc_curve_t * curve,
+				       gnutls_digest_algorithm_t * digest,
+				       gnutls_gost_paramset_t * paramset,
+				       gnutls_datum_t * x,
+				       gnutls_datum_t * y,
+				       gnutls_datum_t * k,
+				       unsigned flags);
+
+
+int gnutls_x509_crt_privkey_sign(gnutls_x509_crt_t crt,
+				 gnutls_x509_crt_t issuer,
+				 gnutls_privkey_t issuer_key,
+				 gnutls_digest_algorithm_t dig,
+				 unsigned int flags);
+
+int gnutls_x509_crl_privkey_sign(gnutls_x509_crl_t crl,
+				 gnutls_x509_crt_t issuer,
+				 gnutls_privkey_t issuer_key,
+				 gnutls_digest_algorithm_t dig,
+				 unsigned int flags);
+
+int gnutls_x509_crq_privkey_sign(gnutls_x509_crq_t crq,
+				 gnutls_privkey_t key,
+				 gnutls_digest_algorithm_t dig,
+				 unsigned int flags);
+
+/**
+ * gnutls_pcert_st:
+ * @pubkey: public key of parsed certificate.
+ * @cert: certificate itself of parsed certificate
+ * @type: type of certificate, a #gnutls_certificate_type_t type.
+ *
+ * A parsed certificate.
+ */
+typedef struct gnutls_pcert_st {
+	gnutls_pubkey_t pubkey;
+	gnutls_datum_t cert;
+	gnutls_certificate_type_t type;
+} gnutls_pcert_st;
+
+/* This flag is unused/ignored */
+#define GNUTLS_PCERT_NO_CERT 1
+
+int gnutls_pcert_import_x509(gnutls_pcert_st * pcert,
+			     gnutls_x509_crt_t crt, unsigned int flags);
+
+int gnutls_pcert_import_x509_list(gnutls_pcert_st * pcert,
+				  gnutls_x509_crt_t *crt, unsigned *ncrt,
+				  unsigned int flags);
+
+int gnutls_pcert_export_x509(gnutls_pcert_st * pcert,
+                             gnutls_x509_crt_t * crt);
+
+int
+gnutls_pcert_list_import_x509_raw(gnutls_pcert_st * pcerts,
+				  unsigned int *pcert_max,
+				  const gnutls_datum_t * data,
+				  gnutls_x509_crt_fmt_t format,
+				  unsigned int flags);
+
+int gnutls_pcert_list_import_x509_file(gnutls_pcert_st *pcert_list,
+				       unsigned *pcert_list_size,
+				       const char *file,
+				       gnutls_x509_crt_fmt_t format,
+				       gnutls_pin_callback_t pin_fn,
+				       void *pin_fn_userdata,
+				       unsigned int flags);
+
+int gnutls_pcert_import_x509_raw(gnutls_pcert_st * pcert,
+				 const gnutls_datum_t * cert,
+				 gnutls_x509_crt_fmt_t format,
+				 unsigned int flags);
+
+int gnutls_pcert_import_openpgp_raw(gnutls_pcert_st * pcert,
+				    const gnutls_datum_t * cert,
+				    gnutls_openpgp_crt_fmt_t
+				    format,
+				    gnutls_openpgp_keyid_t keyid,
+				    unsigned int flags);
+
+int gnutls_pcert_import_openpgp(gnutls_pcert_st * pcert,
+				gnutls_openpgp_crt_t crt,
+				unsigned int flags);
+
+int gnutls_pcert_export_openpgp(gnutls_pcert_st * pcert,
+                                gnutls_openpgp_crt_t * crt);
+
+void gnutls_pcert_deinit(gnutls_pcert_st * pcert);
+
+int gnutls_pcert_import_rawpk(gnutls_pcert_st* pcert,
+			     gnutls_pubkey_t key, unsigned int flags);
+
+int gnutls_pcert_import_rawpk_raw(gnutls_pcert_st* pcert,
+				    const gnutls_datum_t* rawpubkey,
+				    gnutls_x509_crt_fmt_t format,
+				    unsigned int key_usage, unsigned int flags);
+
+/* For certificate credentials */
+	/* This is the same as gnutls_certificate_retrieve_function()
+	 * but retrieves a gnutls_pcert_st which requires much less processing
+	 * within the library.
+	 */
+typedef int gnutls_certificate_retrieve_function2(gnutls_session_t,
+				  const gnutls_datum_t *req_ca_rdn,
+				  int nreqs,
+				  const gnutls_pk_algorithm_t *pk_algos,
+				  int pk_algos_length,
+				  gnutls_pcert_st**,
+				  unsigned int *pcert_length,
+				  gnutls_privkey_t *privkey);
+
+
+void gnutls_certificate_set_retrieve_function2
+    (gnutls_certificate_credentials_t cred,
+     gnutls_certificate_retrieve_function2 *func);
+
+struct gnutls_cert_retr_st {
+	unsigned version; /* set to 1 */
+	gnutls_certificate_credentials_t cred;
+	const gnutls_datum_t *req_ca_rdn;
+	unsigned nreqs;
+	const gnutls_pk_algorithm_t *pk_algos;
+	unsigned pk_algos_length;
+
+	/* other fields may be added if version is > 1 */
+	unsigned char padding[64];
+};
+
+/* When the callback sets this value, gnutls will deinitialize the given
+ * values after use */
+#define GNUTLS_CERT_RETR_DEINIT_ALL 1
+
+typedef int gnutls_certificate_retrieve_function3(
+				gnutls_session_t,
+				const struct gnutls_cert_retr_st *info,
+				gnutls_pcert_st **certs,
+				unsigned int *certs_length,
+				gnutls_ocsp_data_st **ocsp,
+				unsigned int *ocsp_length,
+				gnutls_privkey_t *privkey,
+				unsigned int *flags);
+
+
+void gnutls_certificate_set_retrieve_function3
+    (gnutls_certificate_credentials_t cred,
+     gnutls_certificate_retrieve_function3 *func);
+
+int
+gnutls_certificate_set_key(gnutls_certificate_credentials_t res,
+			   const char **names,
+			   int names_size,
+			   gnutls_pcert_st * pcert_list,
+			   int pcert_list_size, gnutls_privkey_t key);
+
+int
+gnutls_pubkey_print(gnutls_pubkey_t pubkey,
+		    gnutls_certificate_print_formats_t format,
+		    gnutls_datum_t * out);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_ABSTRACT_H */
diff --git a/lib/includes/gnutls/compat.h b/lib/includes/gnutls/compat.h
new file mode 100644
index 0000000..2779ca9
--- /dev/null
+++ b/lib/includes/gnutls/compat.h
@@ -0,0 +1,246 @@
+/*
+ * Copyright (C) 2008-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Typedefs for more compatibility with older GnuTLS. */
+
+#ifndef GNUTLS_COMPAT_H
+#define GNUTLS_COMPAT_H
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+#ifdef __GNUC__
+
+#define _GNUTLS_GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__)
+
+#if !defined GNUTLS_INTERNAL_BUILD
+#if _GNUTLS_GCC_VERSION >= 30100
+#define _GNUTLS_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__))
+#endif
+#endif
+
+#endif				/* __GNUC__ */
+
+#ifndef _GNUTLS_GCC_ATTR_DEPRECATED
+#define _GNUTLS_GCC_ATTR_DEPRECATED
+#endif
+
+/* gnutls_connection_end_t was made redundant in 2.99.0 */
+typedef unsigned int gnutls_connection_end_t _GNUTLS_GCC_ATTR_DEPRECATED;
+
+/* Stuff deprecated in 2.x */
+typedef gnutls_cipher_algorithm_t gnutls_cipher_algorithm
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_kx_algorithm_t gnutls_kx_algorithm
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_mac_algorithm_t gnutls_mac_algorithm
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_digest_algorithm_t gnutls_digest_algorithm
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_compression_method_t gnutls_compression_method
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_connection_end_t gnutls_connection_end
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_x509_crt_fmt_t gnutls_x509_crt_fmt
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_pk_algorithm_t gnutls_pk_algorithm
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_sign_algorithm_t gnutls_sign_algorithm
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_close_request_t gnutls_close_request
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_certificate_request_t gnutls_certificate_request
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_certificate_status_t gnutls_certificate_status
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_session_t gnutls_session _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_alert_level_t gnutls_alert_level
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_alert_description_t gnutls_alert_description
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_x509_subject_alt_name_t gnutls_x509_subject_alt_name
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_openpgp_privkey_t gnutls_openpgp_privkey
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_openpgp_keyring_t gnutls_openpgp_keyring
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_x509_crt_t gnutls_x509_crt _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_x509_privkey_t gnutls_x509_privkey
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_x509_crl_t gnutls_x509_crl _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_x509_crq_t gnutls_x509_crq _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_certificate_credentials_t
+    gnutls_certificate_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_anon_server_credentials_t
+    gnutls_anon_server_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_anon_client_credentials_t
+    gnutls_anon_client_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_srp_client_credentials_t
+    gnutls_srp_client_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_srp_server_credentials_t
+    gnutls_srp_server_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_dh_params_t gnutls_dh_params _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_rsa_params_t gnutls_rsa_params _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_params_type_t gnutls_params_type
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_credentials_type_t gnutls_credentials_type
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_certificate_type_t gnutls_certificate_type
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_datum_t gnutls_datum _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_transport_ptr_t gnutls_transport_ptr
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+/* Old verification flags */
+#define GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT  (0)
+
+/* Old SRP alerts removed in 2.1.x because the TLS-SRP RFC was
+   modified to use the PSK alert. */
+#define GNUTLS_A_MISSING_SRP_USERNAME GNUTLS_A_UNKNOWN_PSK_IDENTITY
+#define GNUTLS_A_UNKNOWN_SRP_USERNAME GNUTLS_A_UNKNOWN_PSK_IDENTITY
+
+/* OpenPGP stuff renamed in 2.1.x. */
+#define GNUTLS_OPENPGP_KEY GNUTLS_OPENPGP_CERT
+#define GNUTLS_OPENPGP_KEY_FINGERPRINT GNUTLS_OPENPGP_CERT_FINGERPRINT
+#define gnutls_openpgp_send_key gnutls_openpgp_send_cert
+typedef gnutls_openpgp_crt_status_t gnutls_openpgp_key_status_t
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_openpgp_crt_t gnutls_openpgp_key_t
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+#define gnutls_openpgp_key_init gnutls_openpgp_crt_init
+#define gnutls_openpgp_key_deinit gnutls_openpgp_crt_deinit
+#define gnutls_openpgp_key_import gnutls_openpgp_crt_import
+#define gnutls_openpgp_key_export gnutls_openpgp_crt_export
+#define gnutls_openpgp_key_get_key_usage gnutls_openpgp_crt_get_key_usage
+#define gnutls_openpgp_key_get_fingerprint gnutls_openpgp_crt_get_fingerprint
+#define gnutls_openpgp_key_get_pk_algorithm gnutls_openpgp_crt_get_pk_algorithm
+#define gnutls_openpgp_key_get_name gnutls_openpgp_crt_get_name
+#define gnutls_openpgp_key_get_version gnutls_openpgp_crt_get_version
+#define gnutls_openpgp_key_get_creation_time gnutls_openpgp_crt_get_creation_time
+#define gnutls_openpgp_key_get_expiration_time gnutls_openpgp_crt_get_expiration_time
+#define gnutls_openpgp_key_get_id gnutls_openpgp_crt_get_id
+#define gnutls_openpgp_key_check_hostname gnutls_openpgp_crt_check_hostname
+
+/* OpenPGP stuff renamed in 2.3.x. */
+#define gnutls_openpgp_crt_get_id gnutls_openpgp_crt_get_key_id
+
+/* New better names renamed in 2.3.x, add these for backwards
+   compatibility with old poor names.*/
+#define GNUTLS_X509_CRT_FULL GNUTLS_CRT_PRINT_FULL
+#define GNUTLS_X509_CRT_ONELINE GNUTLS_CRT_PRINT_ONELINE
+#define GNUTLS_X509_CRT_UNSIGNED_FULL GNUTLS_CRT_PRINT_UNSIGNED_FULL
+
+/* Namespace problems. */
+#define LIBGNUTLS_VERSION GNUTLS_VERSION
+#define LIBGNUTLS_VERSION_MAJOR GNUTLS_VERSION_MAJOR
+#define LIBGNUTLS_VERSION_MINOR GNUTLS_VERSION_MINOR
+#define LIBGNUTLS_VERSION_PATCH GNUTLS_VERSION_PATCH
+#define LIBGNUTLS_VERSION_NUMBER GNUTLS_VERSION_NUMBER
+#define LIBGNUTLS_EXTRA_VERSION GNUTLS_VERSION
+
+/* This is a very dangerous and error-prone function.
+ * Use gnutls_privkey_sign_hash() instead.
+ */
+int gnutls_x509_privkey_sign_hash(gnutls_x509_privkey_t key,
+				  const gnutls_datum_t * hash,
+				  gnutls_datum_t * signature)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_privkey_sign_hash(gnutls_openpgp_privkey_t key,
+				     const gnutls_datum_t * hash,
+				     gnutls_datum_t * signature)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+	/* gnutls_pubkey_get_preferred_hash_algorithm() */
+int gnutls_x509_crt_get_preferred_hash_algorithm(gnutls_x509_crt_t
+						 crt,
+						 gnutls_digest_algorithm_t
+						 * hash, unsigned int
+						 *mand)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+	/* use gnutls_privkey_sign_hash() with the GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA flag */
+
+#ifdef _ISOC99_SOURCE
+/* we provide older functions for compatibility as inline functions that
+ * depend on gnutls_session_get_random. */
+
+static inline const void
+*gnutls_session_get_server_random(gnutls_session_t session)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+static inline const void
+*gnutls_session_get_server_random(gnutls_session_t session)
+{
+	gnutls_datum_t rnd;
+	gnutls_session_get_random(session, NULL, &rnd);	/*doc-skip */
+	return rnd.data;
+}
+
+static inline const void
+*gnutls_session_get_client_random(gnutls_session_t session)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+static inline const void
+*gnutls_session_get_client_random(gnutls_session_t session)
+{
+	gnutls_datum_t rnd;
+	gnutls_session_get_random(session, &rnd, NULL);	/*doc-skip */
+	return rnd.data;
+}
+#endif
+
+void
+gnutls_global_set_mem_functions(gnutls_alloc_function alloc_func,
+				gnutls_alloc_function secure_alloc_func,
+				gnutls_is_secure_function is_secure_func,
+				gnutls_realloc_function realloc_func,
+				gnutls_free_function free_func) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+/* defined in old headers - unused nevertheless */
+#define GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA 0
+
+/* old compression related functions */
+gnutls_compression_method_t
+gnutls_compression_get(gnutls_session_t session) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+const char *
+gnutls_compression_get_name(gnutls_compression_method_t
+			    algorithm) __GNUTLS_CONST__ _GNUTLS_GCC_ATTR_DEPRECATED;
+
+gnutls_compression_method_t
+	gnutls_compression_get_id(const char *name) __GNUTLS_CONST__ _GNUTLS_GCC_ATTR_DEPRECATED;
+
+const gnutls_compression_method_t *
+	gnutls_compression_list(void) __GNUTLS_PURE__ _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_priority_compression_list(gnutls_priority_t pcache,
+				     const unsigned int **list) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_COMPAT_H */
diff --git a/lib/includes/gnutls/crypto.h b/lib/includes/gnutls/crypto.h
new file mode 100644
index 0000000..47b4423
--- /dev/null
+++ b/lib/includes/gnutls/crypto.h
@@ -0,0 +1,327 @@
+/*
+ * Copyright (C) 2008-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_CRYPTO_H
+#define GNUTLS_CRYPTO_H
+
+#include <gnutls/gnutls.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+typedef struct api_cipher_hd_st *gnutls_cipher_hd_t;
+
+int gnutls_cipher_init(gnutls_cipher_hd_t * handle,
+		       gnutls_cipher_algorithm_t cipher,
+		       const gnutls_datum_t * key,
+		       const gnutls_datum_t * iv);
+int gnutls_cipher_encrypt(const gnutls_cipher_hd_t handle,
+			  void *text, size_t textlen);
+int gnutls_cipher_decrypt(const gnutls_cipher_hd_t handle,
+			  void *ciphertext, size_t ciphertextlen);
+int gnutls_cipher_decrypt2(gnutls_cipher_hd_t handle,
+			   const void *ciphertext,
+			   size_t ciphertextlen, void *text,
+			   size_t textlen);
+int gnutls_cipher_encrypt2(gnutls_cipher_hd_t handle,
+			   const void *text, size_t textlen,
+			   void *ciphertext, size_t ciphertextlen);
+
+/**
+ * gnutls_cipher_flags_t:
+ * @GNUTLS_CIPHER_PADDING_PKCS7: Flag to indicate PKCS#7 padding
+ *
+ * Enumeration of flags to control block cipher padding, used by
+ * gnutls_cipher_encrypt3() and gnutls_cipher_decrypt3().
+ *
+ * Since: 3.7.7
+ */
+typedef enum gnutls_cipher_flags_t {
+	GNUTLS_CIPHER_PADDING_PKCS7 = 1
+} gnutls_cipher_flags_t;
+
+int gnutls_cipher_encrypt3(gnutls_cipher_hd_t handle,
+			   const void *ptext, size_t ptext_len,
+			   void *ctext, size_t *ctext_len,
+			   unsigned flags);
+int gnutls_cipher_decrypt3(gnutls_cipher_hd_t handle,
+			   const void *ctext, size_t ctext_len,
+			   void *ptext, size_t *ptext_len,
+			   unsigned flags);
+
+void gnutls_cipher_set_iv(gnutls_cipher_hd_t handle, void *iv,
+			  size_t ivlen);
+
+int gnutls_cipher_tag(gnutls_cipher_hd_t handle, void *tag,
+		      size_t tag_size);
+int gnutls_cipher_add_auth(gnutls_cipher_hd_t handle,
+			   const void *text, size_t text_size);
+
+void gnutls_cipher_deinit(gnutls_cipher_hd_t handle);
+unsigned gnutls_cipher_get_block_size(gnutls_cipher_algorithm_t algorithm) __GNUTLS_CONST__;
+unsigned gnutls_cipher_get_iv_size(gnutls_cipher_algorithm_t algorithm) __GNUTLS_CONST__;
+unsigned gnutls_cipher_get_tag_size(gnutls_cipher_algorithm_t algorithm) __GNUTLS_CONST__;
+
+/* AEAD API
+ */
+typedef struct api_aead_cipher_hd_st *gnutls_aead_cipher_hd_t;
+
+int gnutls_aead_cipher_init(gnutls_aead_cipher_hd_t * handle,
+			    gnutls_cipher_algorithm_t cipher,
+			    const gnutls_datum_t * key);
+
+int gnutls_aead_cipher_set_key(gnutls_aead_cipher_hd_t handle,
+			       const gnutls_datum_t *key);
+
+int
+gnutls_aead_cipher_decrypt(gnutls_aead_cipher_hd_t handle,
+			   const void *nonce, size_t nonce_len,
+			   const void *auth, size_t auth_len,
+			   size_t tag_size,
+			   const void *ctext, size_t ctext_len,
+			   void *ptext, size_t *ptext_len);
+int
+gnutls_aead_cipher_encrypt(gnutls_aead_cipher_hd_t handle,
+			   const void *nonce, size_t nonce_len,
+			   const void *auth, size_t auth_len,
+			   size_t tag_size,
+			   const void *ptext, size_t ptext_len,
+			   void *ctext, size_t *ctext_len);
+
+int
+gnutls_aead_cipher_encryptv(gnutls_aead_cipher_hd_t handle,
+			    const void *nonce, size_t nonce_len,
+			    const giovec_t *auth_iov, int auth_iovcnt,
+			    size_t tag_size,
+			    const giovec_t *iov, int iovcnt,
+			    void *ctext, size_t *ctext_len);
+
+int
+gnutls_aead_cipher_encryptv2(gnutls_aead_cipher_hd_t handle,
+			     const void *nonce, size_t nonce_len,
+			     const giovec_t *auth_iov, int auth_iovcnt,
+			     const giovec_t *iov, int iovcnt,
+			     void *tag, size_t *tag_size);
+
+int
+gnutls_aead_cipher_decryptv2(gnutls_aead_cipher_hd_t handle,
+			     const void *nonce, size_t nonce_len,
+			     const giovec_t *auth_iov, int auth_iovcnt,
+			     const giovec_t *iov, int iovcnt,
+			     void *tag, size_t tag_size);
+
+void gnutls_aead_cipher_deinit(gnutls_aead_cipher_hd_t handle);
+
+/* Hash - MAC API */
+
+typedef struct hash_hd_st *gnutls_hash_hd_t;
+typedef struct hmac_hd_st *gnutls_hmac_hd_t;
+
+size_t gnutls_mac_get_nonce_size(gnutls_mac_algorithm_t algorithm) __GNUTLS_CONST__;
+int gnutls_hmac_init(gnutls_hmac_hd_t * dig,
+		     gnutls_mac_algorithm_t algorithm,
+		     const void *key, size_t keylen);
+void gnutls_hmac_set_nonce(gnutls_hmac_hd_t handle,
+			   const void *nonce, size_t nonce_len);
+int gnutls_hmac(gnutls_hmac_hd_t handle, const void *text, size_t textlen);
+void gnutls_hmac_output(gnutls_hmac_hd_t handle, void *digest);
+void gnutls_hmac_deinit(gnutls_hmac_hd_t handle, void *digest);
+unsigned gnutls_hmac_get_len(gnutls_mac_algorithm_t algorithm) __GNUTLS_CONST__;
+unsigned gnutls_hmac_get_key_size(gnutls_mac_algorithm_t algorithm) __GNUTLS_CONST__;
+int gnutls_hmac_fast(gnutls_mac_algorithm_t algorithm,
+		     const void *key, size_t keylen,
+		     const void *text, size_t textlen, void *digest);
+gnutls_hmac_hd_t gnutls_hmac_copy(gnutls_hmac_hd_t handle);
+
+int gnutls_hash_init(gnutls_hash_hd_t * dig,
+		     gnutls_digest_algorithm_t algorithm);
+int gnutls_hash(gnutls_hash_hd_t handle, const void *text, size_t textlen);
+void gnutls_hash_output(gnutls_hash_hd_t handle, void *digest);
+void gnutls_hash_deinit(gnutls_hash_hd_t handle, void *digest);
+unsigned gnutls_hash_get_len(gnutls_digest_algorithm_t algorithm) __GNUTLS_CONST__;
+int gnutls_hash_fast(gnutls_digest_algorithm_t algorithm,
+		     const void *text, size_t textlen, void *digest);
+gnutls_hash_hd_t gnutls_hash_copy(gnutls_hash_hd_t handle);
+
+/* KDF API */
+
+int gnutls_hkdf_extract(gnutls_mac_algorithm_t mac,
+			const gnutls_datum_t *key,
+			const gnutls_datum_t *salt,
+			void *output);
+
+int gnutls_hkdf_expand(gnutls_mac_algorithm_t mac,
+		       const gnutls_datum_t *key,
+		       const gnutls_datum_t *info,
+		       void *output, size_t length);
+
+int gnutls_pbkdf2(gnutls_mac_algorithm_t mac,
+		  const gnutls_datum_t *key,
+		  const gnutls_datum_t *salt,
+		  unsigned iter_count,
+		  void *output, size_t length);
+
+/* register ciphers */
+
+
+/**
+ * gnutls_rnd_level_t:
+ * @GNUTLS_RND_NONCE: Non-predictable random number.  Fatal in parts
+ *   of session if broken, i.e., vulnerable to statistical analysis.
+ * @GNUTLS_RND_RANDOM: Pseudo-random cryptographic random number.
+ *   Fatal in session if broken. Example use: temporal keys.
+ * @GNUTLS_RND_KEY: Fatal in many sessions if broken. Example use:
+ *   Long-term keys.
+ *
+ * Enumeration of random quality levels.
+ */
+typedef enum gnutls_rnd_level {
+	GNUTLS_RND_NONCE = 0,
+	GNUTLS_RND_RANDOM = 1,
+	GNUTLS_RND_KEY = 2
+} gnutls_rnd_level_t;
+
+int gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len);
+
+void gnutls_rnd_refresh(void);
+
+
+/* API to override ciphers and MAC algorithms 
+ */
+
+typedef int (*gnutls_cipher_init_func) (gnutls_cipher_algorithm_t, void **ctx, int enc);
+typedef int (*gnutls_cipher_setkey_func) (void *ctx, const void *key, size_t keysize);
+/* old style ciphers */
+typedef int (*gnutls_cipher_setiv_func) (void *ctx, const void *iv, size_t ivsize);
+typedef int (*gnutls_cipher_getiv_func) (void *ctx, void *iv, size_t ivsize);
+typedef int (*gnutls_cipher_encrypt_func) (void *ctx, const void *plain, size_t plainsize,
+				void *encr, size_t encrsize);
+typedef int (*gnutls_cipher_decrypt_func) (void *ctx, const void *encr, size_t encrsize,
+			void *plain, size_t plainsize);
+
+/* aead ciphers */
+typedef int (*gnutls_cipher_auth_func) (void *ctx, const void *data, size_t datasize);
+typedef void (*gnutls_cipher_tag_func) (void *ctx, void *tag, size_t tagsize);
+
+typedef int (*gnutls_cipher_aead_encrypt_func) (void *ctx,
+			const void *nonce, size_t noncesize,
+			const void *auth, size_t authsize,
+			size_t tag_size,
+			const void *plain, size_t plainsize,
+			void *encr, size_t encrsize);
+typedef int (*gnutls_cipher_aead_decrypt_func) (void *ctx,
+			const void *nonce, size_t noncesize,
+			const void *auth, size_t authsize,
+			size_t tag_size,
+			const void *encr, size_t encrsize,
+			void *plain, size_t plainsize);
+typedef void (*gnutls_cipher_deinit_func) (void *ctx);
+
+int
+gnutls_crypto_register_cipher(gnutls_cipher_algorithm_t algorithm,
+			      int priority,
+			      gnutls_cipher_init_func init,
+			      gnutls_cipher_setkey_func setkey,
+			      gnutls_cipher_setiv_func setiv,
+			      gnutls_cipher_encrypt_func encrypt,
+			      gnutls_cipher_decrypt_func decrypt,
+			      gnutls_cipher_deinit_func deinit)
+			      _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int
+gnutls_crypto_register_aead_cipher(gnutls_cipher_algorithm_t algorithm,
+			      int priority,
+			      gnutls_cipher_init_func init,
+			      gnutls_cipher_setkey_func setkey,
+			      gnutls_cipher_aead_encrypt_func aead_encrypt,
+			      gnutls_cipher_aead_decrypt_func aead_decrypt,
+			      gnutls_cipher_deinit_func deinit)
+			      _GNUTLS_GCC_ATTR_DEPRECATED;
+
+typedef int (*gnutls_mac_init_func) (gnutls_mac_algorithm_t, void **ctx);
+typedef int (*gnutls_mac_setkey_func) (void *ctx, const void *key, size_t keysize);
+typedef int (*gnutls_mac_setnonce_func) (void *ctx, const void *nonce, size_t noncesize);
+typedef int (*gnutls_mac_hash_func) (void *ctx, const void *text, size_t textsize);
+typedef int (*gnutls_mac_output_func) (void *src_ctx, void *digest, size_t digestsize);
+typedef void (*gnutls_mac_deinit_func) (void *ctx);
+typedef int (*gnutls_mac_fast_func) (gnutls_mac_algorithm_t, const void *nonce,
+		     size_t nonce_size, const void *key, size_t keysize,
+		     const void *text, size_t textsize, void *digest);
+typedef void *(*gnutls_mac_copy_func) (const void *ctx);
+
+int
+gnutls_crypto_register_mac(gnutls_mac_algorithm_t mac,
+			   int priority,
+			   gnutls_mac_init_func init,
+			   gnutls_mac_setkey_func setkey,
+			   gnutls_mac_setnonce_func setnonce,
+			   gnutls_mac_hash_func hash,
+			   gnutls_mac_output_func output,
+			   gnutls_mac_deinit_func deinit,
+			   gnutls_mac_fast_func hash_fast)
+			   _GNUTLS_GCC_ATTR_DEPRECATED;
+
+typedef int (*gnutls_digest_init_func) (gnutls_digest_algorithm_t, void **ctx);
+typedef int (*gnutls_digest_hash_func) (void *ctx, const void *text, size_t textsize);
+typedef int (*gnutls_digest_output_func) (void *src_ctx, void *digest, size_t digestsize);
+typedef void (*gnutls_digest_deinit_func) (void *ctx);
+typedef int (*gnutls_digest_fast_func) (gnutls_digest_algorithm_t,
+		     const void *text, size_t textsize, void *digest);
+typedef void *(*gnutls_digest_copy_func) (const void *ctx);
+
+int
+gnutls_crypto_register_digest(gnutls_digest_algorithm_t digest,
+			   int priority,
+			   gnutls_digest_init_func init,
+			   gnutls_digest_hash_func hash,
+			   gnutls_digest_output_func output,
+			   gnutls_digest_deinit_func deinit,
+			   gnutls_digest_fast_func hash_fast)
+			   _GNUTLS_GCC_ATTR_DEPRECATED;
+
+/* RSA-PKCS#1 1.5 helper functions */
+int
+gnutls_encode_ber_digest_info(gnutls_digest_algorithm_t hash,
+			      const gnutls_datum_t * digest,
+			      gnutls_datum_t * output);
+
+int
+gnutls_decode_ber_digest_info(const gnutls_datum_t * info,
+			      gnutls_digest_algorithm_t *hash,
+			      unsigned char *digest, unsigned int *digest_size);
+
+int gnutls_decode_rs_value(const gnutls_datum_t * sig_value, gnutls_datum_t *r, gnutls_datum_t *s);
+int gnutls_encode_rs_value(gnutls_datum_t * sig_value, const gnutls_datum_t * r, const gnutls_datum_t * s);
+
+int gnutls_encode_gost_rs_value(gnutls_datum_t * sig_value, const gnutls_datum_t * r, const gnutls_datum_t  *s);
+int gnutls_decode_gost_rs_value(const gnutls_datum_t * sig_value, gnutls_datum_t * r, gnutls_datum_t * s);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_CRYPTO_H */
diff --git a/lib/includes/gnutls/dtls.h b/lib/includes/gnutls/dtls.h
new file mode 100644
index 0000000..972ec0a
--- /dev/null
+++ b/lib/includes/gnutls/dtls.h
@@ -0,0 +1,93 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the types and prototypes for the X.509
+ * certificate and CRL handling functions.
+ */
+
+#ifndef GNUTLS_DTLS_H
+#define GNUTLS_DTLS_H
+
+#include <gnutls/gnutls.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+#define GNUTLS_COOKIE_KEY_SIZE 16
+
+void gnutls_dtls_set_timeouts(gnutls_session_t session,
+			      unsigned int retrans_timeout,
+			      unsigned int total_timeout);
+
+unsigned int gnutls_dtls_get_mtu(gnutls_session_t session);
+unsigned int gnutls_dtls_get_data_mtu(gnutls_session_t session);
+
+void gnutls_dtls_set_mtu(gnutls_session_t session, unsigned int mtu);
+int gnutls_dtls_set_data_mtu(gnutls_session_t session, unsigned int mtu);
+
+unsigned int gnutls_dtls_get_timeout(gnutls_session_t session);
+
+/**
+ * gnutls_dtls_prestate_st:
+ * @record_seq: record sequence number
+ * @hsk_read_seq: handshake read sequence number
+ * @hsk_write_seq: handshake write sequence number
+ *
+ * DTLS cookie prestate struct.  This is usually never modified by
+ * the application, it is used to carry the cookie data between
+ * gnutls_dtls_cookie_send(), gnutls_dtls_cookie_verify() and
+ * gnutls_dtls_prestate_set().
+ */
+typedef struct {
+	unsigned int record_seq;
+	unsigned int hsk_read_seq;
+	unsigned int hsk_write_seq;
+} gnutls_dtls_prestate_st;
+
+int gnutls_dtls_cookie_send(gnutls_datum_t * key,
+			    void *client_data,
+			    size_t client_data_size,
+			    gnutls_dtls_prestate_st * prestate,
+			    gnutls_transport_ptr_t ptr,
+			    gnutls_push_func push_func);
+
+int gnutls_dtls_cookie_verify(gnutls_datum_t * key,
+			      void *client_data,
+			      size_t client_data_size, void *_msg,
+			      size_t msg_size,
+			      gnutls_dtls_prestate_st * prestate);
+
+void gnutls_dtls_prestate_set(gnutls_session_t session,
+			      gnutls_dtls_prestate_st * prestate);
+
+unsigned int gnutls_record_get_discarded(gnutls_session_t session);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_DTLS_H */
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
new file mode 100644
index 0000000..9b700e0
--- /dev/null
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -0,0 +1,3682 @@
+/* -*- c -*-
+ * Copyright (C) 2000-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the types and prototypes for all the
+ * high level functionality of the gnutls main library.
+ *
+ * If the optional C++ binding was built, it is available in
+ * gnutls/gnutlsxx.h.
+ *
+ * The openssl compatibility layer (which is under the GNU GPL
+ * license) is in gnutls/openssl.h.
+ *
+ * The low level cipher functionality is in gnutls/crypto.h.
+ */
+
+#ifndef GNUTLS_GNUTLS_H
+#define GNUTLS_GNUTLS_H
+
+/* Get ssize_t. */
+#include <sys/types.h>
+
+/* Get size_t. */
+#include <stddef.h>
+
+/* Get time_t. */
+#include <time.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+#define GNUTLS_VERSION "@VERSION@"
+
+#define GNUTLS_VERSION_MAJOR @MAJOR_VERSION@
+#define GNUTLS_VERSION_MINOR @MINOR_VERSION@
+#define GNUTLS_VERSION_PATCH @PATCH_VERSION@
+
+#define GNUTLS_VERSION_NUMBER @NUMBER_VERSION@
+
+#define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC
+#define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC
+#define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC
+#define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128
+
+#if !defined(GNUTLS_INTERNAL_BUILD) && defined(_WIN32)
+# define _SYM_EXPORT __declspec(dllimport)
+#else
+# define _SYM_EXPORT
+#endif
+
+#ifdef __GNUC__
+# define __GNUTLS_CONST__  __attribute__((const))
+# define __GNUTLS_PURE__  __attribute__((pure))
+#else
+# define __GNUTLS_CONST__
+# define __GNUTLS_PURE__
+#endif
+
+
+/* Use the following definition globally in your program to disable
+ * implicit initialization of gnutls. */
+#define GNUTLS_SKIP_GLOBAL_INIT int _gnutls_global_init_skip(void); \
+    int _gnutls_global_init_skip(void) {return 1;}
+
+/**
+ * gnutls_cipher_algorithm_t:
+ * @GNUTLS_CIPHER_UNKNOWN: Value to identify an unknown/unsupported algorithm.
+ * @GNUTLS_CIPHER_NULL: The NULL (identity) encryption algorithm.
+ * @GNUTLS_CIPHER_ARCFOUR_128: ARCFOUR stream cipher with 128-bit keys.
+ * @GNUTLS_CIPHER_3DES_CBC: 3DES in CBC mode.
+ * @GNUTLS_CIPHER_AES_128_CBC: AES in CBC mode with 128-bit keys.
+ * @GNUTLS_CIPHER_AES_192_CBC: AES in CBC mode with 192-bit keys.
+ * @GNUTLS_CIPHER_AES_256_CBC: AES in CBC mode with 256-bit keys.
+ * @GNUTLS_CIPHER_AES_128_CFB8: AES in CFB8 mode with 128-bit keys.
+ * @GNUTLS_CIPHER_AES_192_CFB8: AES in CFB8 mode with 192-bit keys.
+ * @GNUTLS_CIPHER_AES_256_CFB8: AES in CFB8 mode with 256-bit keys.
+ * @GNUTLS_CIPHER_ARCFOUR_40: ARCFOUR stream cipher with 40-bit keys.
+ * @GNUTLS_CIPHER_CAMELLIA_128_CBC: Camellia in CBC mode with 128-bit keys.
+ * @GNUTLS_CIPHER_CAMELLIA_192_CBC: Camellia in CBC mode with 192-bit keys.
+ * @GNUTLS_CIPHER_CAMELLIA_256_CBC: Camellia in CBC mode with 256-bit keys.
+ * @GNUTLS_CIPHER_RC2_40_CBC: RC2 in CBC mode with 40-bit keys.
+ * @GNUTLS_CIPHER_DES_CBC: DES in CBC mode (56-bit keys).
+ * @GNUTLS_CIPHER_AES_128_GCM: AES in GCM mode with 128-bit keys (AEAD).
+ * @GNUTLS_CIPHER_AES_256_GCM: AES in GCM mode with 256-bit keys (AEAD).
+ * @GNUTLS_CIPHER_AES_128_CCM: AES in CCM mode with 128-bit keys (AEAD).
+ * @GNUTLS_CIPHER_AES_256_CCM: AES in CCM mode with 256-bit keys (AEAD).
+ * @GNUTLS_CIPHER_AES_128_CCM_8: AES in CCM mode with 64-bit tag and 128-bit keys (AEAD).
+ * @GNUTLS_CIPHER_AES_256_CCM_8: AES in CCM mode with 64-bit tag and 256-bit keys (AEAD).
+ * @GNUTLS_CIPHER_CAMELLIA_128_GCM: CAMELLIA in GCM mode with 128-bit keys (AEAD).
+ * @GNUTLS_CIPHER_CAMELLIA_256_GCM: CAMELLIA in GCM mode with 256-bit keys (AEAD).
+ * @GNUTLS_CIPHER_SALSA20_256: Salsa20 with 256-bit keys.
+ * @GNUTLS_CIPHER_ESTREAM_SALSA20_256: Estream's Salsa20 variant with 256-bit keys.
+ * @GNUTLS_CIPHER_CHACHA20_32: Chacha20 cipher with 96-bit nonces and 32-bit block counters.
+ * @GNUTLS_CIPHER_CHACHA20_64: Chacha20 cipher with 64-bit nonces and 64-bit block counters.
+ * @GNUTLS_CIPHER_CHACHA20_POLY1305: The Chacha20 cipher with the Poly1305 authenticator (AEAD).
+ * @GNUTLS_CIPHER_GOST28147_TC26Z_CFB: GOST 28147-89 (Magma) cipher in CFB mode with TC26 Z S-box.
+ * @GNUTLS_CIPHER_GOST28147_CPA_CFB: GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro A S-box.
+ * @GNUTLS_CIPHER_GOST28147_CPB_CFB: GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro B S-box.
+ * @GNUTLS_CIPHER_GOST28147_CPC_CFB: GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro C S-box.
+ * @GNUTLS_CIPHER_GOST28147_CPD_CFB: GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro D S-box.
+ * @GNUTLS_CIPHER_AES_128_XTS: AES in XTS mode with 128-bit key + 128bit tweak key.
+ * @GNUTLS_CIPHER_AES_256_XTS: AES in XTS mode with 256-bit key + 256bit tweak key.
+ *                             Note that the XTS ciphers are message oriented.
+ *                             The whole message needs to be provided with a single call, because
+ *                             cipher-stealing requires to know where the message actually terminates
+ *                             in order to be able to compute where the stealing occurs.
+ * @GNUTLS_CIPHER_GOST28147_TC26Z_CNT: GOST 28147-89 (Magma) cipher in CNT mode with TC26 Z S-box.
+ * @GNUTLS_CIPHER_MAGMA_CTR_ACPKM: GOST R 34.12-2015 (Magma) cipher in CTR-ACPKM mode.
+ * @GNUTLS_CIPHER_KUZNYECHIK_CTR_ACPKM: GOST R 34.12-2015 (Kuznyechik) cipher in CTR-ACPKM mode.
+ * @GNUTLS_CIPHER_IDEA_PGP_CFB: IDEA in CFB mode (placeholder - unsupported).
+ * @GNUTLS_CIPHER_3DES_PGP_CFB: 3DES in CFB mode (placeholder - unsupported).
+ * @GNUTLS_CIPHER_CAST5_PGP_CFB: CAST5 in CFB mode (placeholder - unsupported).
+ * @GNUTLS_CIPHER_BLOWFISH_PGP_CFB: Blowfish in CFB mode (placeholder - unsupported).
+ * @GNUTLS_CIPHER_SAFER_SK128_PGP_CFB: Safer-SK in CFB mode with 128-bit keys (placeholder - unsupported).
+ * @GNUTLS_CIPHER_AES128_PGP_CFB: AES in CFB mode with 128-bit keys (placeholder - unsupported).
+ * @GNUTLS_CIPHER_AES192_PGP_CFB: AES in CFB mode with 192-bit keys (placeholder - unsupported).
+ * @GNUTLS_CIPHER_AES256_PGP_CFB: AES in CFB mode with 256-bit keys (placeholder - unsupported).
+ * @GNUTLS_CIPHER_TWOFISH_PGP_CFB: Twofish in CFB mode (placeholder - unsupported).
+ * @GNUTLS_CIPHER_AES_128_SIV: AES in SIV mode with 128-bit key.
+ * @GNUTLS_CIPHER_AES_256_SIV: AES in SIV mode with 256-bit key.
+ *                             Note that the SIV ciphers can only be used with
+ *                             the AEAD interface, and the IV plays a role as
+ *                             the authentication tag while it is prepended to
+ *                             the cipher text.
+ * @GNUTLS_CIPHER_AES_192_GCM: AES in GCM mode with 192-bit keys (AEAD).
+ *
+ * Enumeration of different symmetric encryption algorithms.
+ */
+typedef enum gnutls_cipher_algorithm {
+	GNUTLS_CIPHER_UNKNOWN = 0,
+	GNUTLS_CIPHER_NULL = 1,
+	GNUTLS_CIPHER_ARCFOUR_128 = 2,
+	GNUTLS_CIPHER_3DES_CBC = 3,
+	GNUTLS_CIPHER_AES_128_CBC = 4,
+	GNUTLS_CIPHER_AES_256_CBC = 5,
+	GNUTLS_CIPHER_ARCFOUR_40 = 6,
+	GNUTLS_CIPHER_CAMELLIA_128_CBC = 7,
+	GNUTLS_CIPHER_CAMELLIA_256_CBC = 8,
+	GNUTLS_CIPHER_AES_192_CBC = 9,
+	GNUTLS_CIPHER_AES_128_GCM = 10,
+	GNUTLS_CIPHER_AES_256_GCM = 11,
+	GNUTLS_CIPHER_CAMELLIA_192_CBC = 12,
+	GNUTLS_CIPHER_SALSA20_256 = 13,
+	GNUTLS_CIPHER_ESTREAM_SALSA20_256 = 14,
+	GNUTLS_CIPHER_CAMELLIA_128_GCM = 15,
+	GNUTLS_CIPHER_CAMELLIA_256_GCM = 16,
+	GNUTLS_CIPHER_RC2_40_CBC = 17,
+	GNUTLS_CIPHER_DES_CBC = 18,
+	GNUTLS_CIPHER_AES_128_CCM = 19,
+	GNUTLS_CIPHER_AES_256_CCM = 20,
+	GNUTLS_CIPHER_AES_128_CCM_8 = 21,
+	GNUTLS_CIPHER_AES_256_CCM_8 = 22,
+	GNUTLS_CIPHER_CHACHA20_POLY1305 = 23,
+	GNUTLS_CIPHER_GOST28147_TC26Z_CFB = 24,
+	GNUTLS_CIPHER_GOST28147_CPA_CFB = 25,
+	GNUTLS_CIPHER_GOST28147_CPB_CFB = 26,
+	GNUTLS_CIPHER_GOST28147_CPC_CFB = 27,
+	GNUTLS_CIPHER_GOST28147_CPD_CFB = 28,
+	GNUTLS_CIPHER_AES_128_CFB8 = 29,
+	GNUTLS_CIPHER_AES_192_CFB8 = 30,
+	GNUTLS_CIPHER_AES_256_CFB8 = 31,
+	GNUTLS_CIPHER_AES_128_XTS = 32,
+	GNUTLS_CIPHER_AES_256_XTS = 33,
+	GNUTLS_CIPHER_GOST28147_TC26Z_CNT = 34,
+	GNUTLS_CIPHER_CHACHA20_64 = 35,
+	GNUTLS_CIPHER_CHACHA20_32 = 36,
+	GNUTLS_CIPHER_AES_128_SIV = 37,
+	GNUTLS_CIPHER_AES_256_SIV = 38,
+	GNUTLS_CIPHER_AES_192_GCM = 39,
+	GNUTLS_CIPHER_MAGMA_CTR_ACPKM = 40,
+	GNUTLS_CIPHER_KUZNYECHIK_CTR_ACPKM = 41,
+
+	/* used only for PGP internals. Ignored in TLS/SSL
+	 */
+	GNUTLS_CIPHER_IDEA_PGP_CFB = 200,
+	GNUTLS_CIPHER_3DES_PGP_CFB = 201,
+	GNUTLS_CIPHER_CAST5_PGP_CFB = 202,
+	GNUTLS_CIPHER_BLOWFISH_PGP_CFB = 203,
+	GNUTLS_CIPHER_SAFER_SK128_PGP_CFB = 204,
+	GNUTLS_CIPHER_AES128_PGP_CFB = 205,
+	GNUTLS_CIPHER_AES192_PGP_CFB = 206,
+	GNUTLS_CIPHER_AES256_PGP_CFB = 207,
+	GNUTLS_CIPHER_TWOFISH_PGP_CFB = 208
+} gnutls_cipher_algorithm_t;
+
+/**
+ * gnutls_kx_algorithm_t:
+ * @GNUTLS_KX_UNKNOWN: Unknown key-exchange algorithm.
+ * @GNUTLS_KX_RSA: RSA key-exchange algorithm.
+ * @GNUTLS_KX_DHE_DSS: DHE-DSS key-exchange algorithm.
+ * @GNUTLS_KX_DHE_RSA: DHE-RSA key-exchange algorithm.
+ * @GNUTLS_KX_ECDHE_RSA: ECDHE-RSA key-exchange algorithm.
+ * @GNUTLS_KX_ECDHE_ECDSA: ECDHE-ECDSA key-exchange algorithm.
+ * @GNUTLS_KX_ANON_DH: Anon-DH key-exchange algorithm.
+ * @GNUTLS_KX_ANON_ECDH: Anon-ECDH key-exchange algorithm.
+ * @GNUTLS_KX_SRP: SRP key-exchange algorithm.
+ * @GNUTLS_KX_RSA_EXPORT: RSA-EXPORT key-exchange algorithm (defunc).
+ * @GNUTLS_KX_SRP_RSA: SRP-RSA key-exchange algorithm.
+ * @GNUTLS_KX_SRP_DSS: SRP-DSS key-exchange algorithm.
+ * @GNUTLS_KX_PSK: PSK key-exchange algorithm.
+ * @GNUTLS_KX_DHE_PSK: DHE-PSK key-exchange algorithm.
+ * @GNUTLS_KX_ECDHE_PSK: ECDHE-PSK key-exchange algorithm.
+ * @GNUTLS_KX_RSA_PSK: RSA-PSK key-exchange algorithm.
+ * @GNUTLS_KX_VKO_GOST_12: VKO GOST R 34.10-2012 key-exchange algorithm.
+ *
+ * Enumeration of different key exchange algorithms.
+ */
+typedef enum {
+	GNUTLS_KX_UNKNOWN = 0,
+	GNUTLS_KX_RSA = 1,
+	GNUTLS_KX_DHE_DSS = 2,
+	GNUTLS_KX_DHE_RSA = 3,
+	GNUTLS_KX_ANON_DH = 4,
+	GNUTLS_KX_SRP = 5,
+	GNUTLS_KX_RSA_EXPORT = 6,
+	GNUTLS_KX_SRP_RSA = 7,
+	GNUTLS_KX_SRP_DSS = 8,
+	GNUTLS_KX_PSK = 9,
+	GNUTLS_KX_DHE_PSK = 10,
+	GNUTLS_KX_ANON_ECDH = 11,
+	GNUTLS_KX_ECDHE_RSA = 12,
+	GNUTLS_KX_ECDHE_ECDSA = 13,
+	GNUTLS_KX_ECDHE_PSK = 14,
+	GNUTLS_KX_RSA_PSK = 15,
+	GNUTLS_KX_VKO_GOST_12 = 16
+} gnutls_kx_algorithm_t;
+
+/**
+ * gnutls_params_type_t:
+ * @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters (defunc).
+ * @GNUTLS_PARAMS_DH: Session Diffie-Hellman parameters.
+ * @GNUTLS_PARAMS_ECDH: Session Elliptic-Curve Diffie-Hellman parameters.
+ *
+ * Enumeration of different TLS session parameter types.
+ */
+typedef enum {
+	GNUTLS_PARAMS_RSA_EXPORT = 1,
+	GNUTLS_PARAMS_DH = 2,
+	GNUTLS_PARAMS_ECDH = 3
+} gnutls_params_type_t;
+
+/**
+ * gnutls_credentials_type_t:
+ * @GNUTLS_CRD_CERTIFICATE: Certificate credential.
+ * @GNUTLS_CRD_ANON: Anonymous credential.
+ * @GNUTLS_CRD_SRP: SRP credential.
+ * @GNUTLS_CRD_PSK: PSK credential.
+ * @GNUTLS_CRD_IA: IA credential.
+ *
+ * Enumeration of different credential types.
+ */
+typedef enum {
+	GNUTLS_CRD_CERTIFICATE = 1,
+	GNUTLS_CRD_ANON,
+	GNUTLS_CRD_SRP,
+	GNUTLS_CRD_PSK,
+	GNUTLS_CRD_IA
+} gnutls_credentials_type_t;
+
+#define GNUTLS_MAC_SHA GNUTLS_MAC_SHA1
+#define GNUTLS_DIG_SHA GNUTLS_DIG_SHA1
+
+/**
+ * gnutls_mac_algorithm_t:
+ * @GNUTLS_MAC_UNKNOWN: Unknown MAC algorithm.
+ * @GNUTLS_MAC_NULL: NULL MAC algorithm (empty output).
+ * @GNUTLS_MAC_MD5: HMAC-MD5 algorithm.
+ * @GNUTLS_MAC_SHA1: HMAC-SHA-1 algorithm.
+ * @GNUTLS_MAC_RMD160: HMAC-RMD160 algorithm.
+ * @GNUTLS_MAC_MD2: HMAC-MD2 algorithm.
+ * @GNUTLS_MAC_SHA256: HMAC-SHA-256 algorithm.
+ * @GNUTLS_MAC_SHA384: HMAC-SHA-384 algorithm.
+ * @GNUTLS_MAC_SHA512: HMAC-SHA-512 algorithm.
+ * @GNUTLS_MAC_SHA224: HMAC-SHA-224 algorithm.
+ * @GNUTLS_MAC_MD5_SHA1: Combined MD5+SHA1 MAC placeholder.
+ * @GNUTLS_MAC_GOSTR_94: HMAC GOST R 34.11-94 algorithm.
+ * @GNUTLS_MAC_STREEBOG_256: HMAC GOST R 34.11-2001 (Streebog) algorithm, 256 bit.
+ * @GNUTLS_MAC_STREEBOG_512: HMAC GOST R 34.11-2001 (Streebog) algorithm, 512 bit.
+ * @GNUTLS_MAC_AEAD: MAC implicit through AEAD cipher.
+ * @GNUTLS_MAC_UMAC_96: The UMAC-96 MAC algorithm (requires nonce).
+ * @GNUTLS_MAC_UMAC_128: The UMAC-128 MAC algorithm (requires nonce).
+ * @GNUTLS_MAC_AES_CMAC_128: The AES-CMAC-128 MAC algorithm.
+ * @GNUTLS_MAC_AES_CMAC_256: The AES-CMAC-256 MAC algorithm.
+ * @GNUTLS_MAC_AES_GMAC_128: The AES-GMAC-128 MAC algorithm (requires nonce).
+ * @GNUTLS_MAC_AES_GMAC_192: The AES-GMAC-192 MAC algorithm (requires nonce).
+ * @GNUTLS_MAC_AES_GMAC_256: The AES-GMAC-256 MAC algorithm (requires nonce).
+ * @GNUTLS_MAC_SHA3_224: Reserved; unimplemented.
+ * @GNUTLS_MAC_SHA3_256: Reserved; unimplemented.
+ * @GNUTLS_MAC_SHA3_384: Reserved; unimplemented.
+ * @GNUTLS_MAC_SHA3_512: Reserved; unimplemented.
+ * @GNUTLS_MAC_GOST28147_TC26Z_IMIT: The GOST 28147-89 working in IMIT mode with TC26 Z S-box.
+ * @GNUTLS_MAC_SHAKE_128: Reserved; unimplemented.
+ * @GNUTLS_MAC_SHAKE_256: Reserved; unimplemented.
+ * @GNUTLS_MAC_MAGMA_OMAC: GOST R 34.12-2015 (Magma) in OMAC (CMAC) mode.
+ * @GNUTLS_MAC_KUZNYECHIK_OMAC: GOST R 34.12-2015 (Kuznyechik) in OMAC (CMAC) mode.
+ *
+ * Enumeration of different Message Authentication Code (MAC)
+ * algorithms.
+ */
+typedef enum {
+	GNUTLS_MAC_UNKNOWN = 0,
+	GNUTLS_MAC_NULL = 1,
+	GNUTLS_MAC_MD5 = 2,
+	GNUTLS_MAC_SHA1 = 3,
+	GNUTLS_MAC_RMD160 = 4,
+	GNUTLS_MAC_MD2 = 5,
+	GNUTLS_MAC_SHA256 = 6,
+	GNUTLS_MAC_SHA384 = 7,
+	GNUTLS_MAC_SHA512 = 8,
+	GNUTLS_MAC_SHA224 = 9,
+	GNUTLS_MAC_SHA3_224 = 10, /* reserved: no implementation */
+	GNUTLS_MAC_SHA3_256 = 11, /* reserved: no implementation */
+	GNUTLS_MAC_SHA3_384 = 12, /* reserved: no implementation */
+	GNUTLS_MAC_SHA3_512 = 13, /* reserved: no implementation */
+	GNUTLS_MAC_MD5_SHA1 = 14, /* reserved: no implementation */
+	GNUTLS_MAC_GOSTR_94 = 15,
+	GNUTLS_MAC_STREEBOG_256 = 16,
+	GNUTLS_MAC_STREEBOG_512 = 17,
+	/* If you add anything here, make sure you align with
+	   gnutls_digest_algorithm_t. */
+	GNUTLS_MAC_AEAD = 200,	/* indicates that MAC is on the cipher */
+	GNUTLS_MAC_UMAC_96 = 201,
+	GNUTLS_MAC_UMAC_128 = 202,
+	GNUTLS_MAC_AES_CMAC_128 = 203,
+	GNUTLS_MAC_AES_CMAC_256 = 204,
+	GNUTLS_MAC_AES_GMAC_128 = 205,
+	GNUTLS_MAC_AES_GMAC_192 = 206,
+	GNUTLS_MAC_AES_GMAC_256 = 207,
+	GNUTLS_MAC_GOST28147_TC26Z_IMIT = 208,
+	GNUTLS_MAC_SHAKE_128 = 209,
+	GNUTLS_MAC_SHAKE_256 = 210,
+	GNUTLS_MAC_MAGMA_OMAC = 211,
+	GNUTLS_MAC_KUZNYECHIK_OMAC = 212
+} gnutls_mac_algorithm_t;
+
+/**
+ * gnutls_digest_algorithm_t:
+ * @GNUTLS_DIG_UNKNOWN: Unknown hash algorithm.
+ * @GNUTLS_DIG_NULL: NULL hash algorithm (empty output).
+ * @GNUTLS_DIG_MD5: MD5 algorithm.
+ * @GNUTLS_DIG_SHA1: SHA-1 algorithm.
+ * @GNUTLS_DIG_RMD160: RMD160 algorithm.
+ * @GNUTLS_DIG_MD2: MD2 algorithm.
+ * @GNUTLS_DIG_SHA256: SHA-256 algorithm.
+ * @GNUTLS_DIG_SHA384: SHA-384 algorithm.
+ * @GNUTLS_DIG_SHA512: SHA-512 algorithm.
+ * @GNUTLS_DIG_SHA224: SHA-224 algorithm.
+ * @GNUTLS_DIG_SHA3_224: SHA3-224 algorithm.
+ * @GNUTLS_DIG_SHA3_256: SHA3-256 algorithm.
+ * @GNUTLS_DIG_SHA3_384: SHA3-384 algorithm.
+ * @GNUTLS_DIG_SHA3_512: SHA3-512 algorithm.
+ * @GNUTLS_DIG_MD5_SHA1: Combined MD5+SHA1 algorithm.
+ * @GNUTLS_DIG_GOSTR_94: GOST R 34.11-94 algorithm.
+ * @GNUTLS_DIG_STREEBOG_256: GOST R 34.11-2001 (Streebog) algorithm, 256 bit.
+ * @GNUTLS_DIG_STREEBOG_512: GOST R 34.11-2001 (Streebog) algorithm, 512 bit.
+ * @GNUTLS_DIG_SHAKE_128: Reserved; unimplemented.
+ * @GNUTLS_DIG_SHAKE_256: Reserved; unimplemented.
+ *
+ * Enumeration of different digest (hash) algorithms.
+ */
+typedef enum {
+	GNUTLS_DIG_UNKNOWN = GNUTLS_MAC_UNKNOWN,
+	GNUTLS_DIG_NULL = GNUTLS_MAC_NULL,
+	GNUTLS_DIG_MD5 = GNUTLS_MAC_MD5,
+	GNUTLS_DIG_SHA1 = GNUTLS_MAC_SHA1,
+	GNUTLS_DIG_RMD160 = GNUTLS_MAC_RMD160,
+	GNUTLS_DIG_MD2 = GNUTLS_MAC_MD2,
+	GNUTLS_DIG_SHA256 = GNUTLS_MAC_SHA256,
+	GNUTLS_DIG_SHA384 = GNUTLS_MAC_SHA384,
+	GNUTLS_DIG_SHA512 = GNUTLS_MAC_SHA512,
+	GNUTLS_DIG_SHA224 = GNUTLS_MAC_SHA224,
+	GNUTLS_DIG_SHA3_224 = GNUTLS_MAC_SHA3_224,
+	GNUTLS_DIG_SHA3_256 = GNUTLS_MAC_SHA3_256,
+	GNUTLS_DIG_SHA3_384 = GNUTLS_MAC_SHA3_384,
+	GNUTLS_DIG_SHA3_512 = GNUTLS_MAC_SHA3_512,
+	GNUTLS_DIG_MD5_SHA1 = GNUTLS_MAC_MD5_SHA1,
+	GNUTLS_DIG_GOSTR_94 = GNUTLS_MAC_GOSTR_94,
+	GNUTLS_DIG_STREEBOG_256 = GNUTLS_MAC_STREEBOG_256,
+	GNUTLS_DIG_STREEBOG_512 = GNUTLS_MAC_STREEBOG_512,
+	GNUTLS_DIG_SHAKE_128 = GNUTLS_MAC_SHAKE_128,
+	GNUTLS_DIG_SHAKE_256 = GNUTLS_MAC_SHAKE_256
+	    /* If you add anything here, make sure you align with
+	       gnutls_mac_algorithm_t. */
+} gnutls_digest_algorithm_t;
+
+  /* exported for other gnutls headers. This is the maximum number of
+   * algorithms (ciphers, kx or macs).
+   */
+#define GNUTLS_MAX_ALGORITHM_NUM 128
+#define GNUTLS_MAX_SESSION_ID_SIZE 32
+
+
+/**
+ * gnutls_compression_method_t:
+ * @GNUTLS_COMP_UNKNOWN: Unknown compression method.
+ * @GNUTLS_COMP_NULL: The NULL compression method (no compression).
+ * @GNUTLS_COMP_DEFLATE: The DEFLATE compression method from zlib.
+ * @GNUTLS_COMP_ZLIB: Same as %GNUTLS_COMP_DEFLATE.
+ * @GNUTLS_COMP_BROTLI: Brotli compression method.
+ * @GNUTLS_COMP_ZSTD: Zstandard compression method.
+ *
+ * Enumeration of different TLS compression methods.
+ */
+typedef enum {
+	GNUTLS_COMP_UNKNOWN = 0,
+	GNUTLS_COMP_NULL = 1,
+	GNUTLS_COMP_DEFLATE = 2,
+	GNUTLS_COMP_ZLIB = GNUTLS_COMP_DEFLATE,
+	GNUTLS_COMP_BROTLI = 3,
+	GNUTLS_COMP_ZSTD = 4
+} gnutls_compression_method_t;
+
+
+/**
+ * gnutls_init_flags_t:
+ *
+ * @GNUTLS_SERVER: Connection end is a server.
+ * @GNUTLS_CLIENT: Connection end is a client.
+ * @GNUTLS_DATAGRAM: Connection is datagram oriented (DTLS). Since 3.0.0.
+ * @GNUTLS_NONBLOCK: Connection should not block. Since 3.0.0.
+ * @GNUTLS_NO_SIGNAL: In systems where SIGPIPE is delivered on send, it will be disabled. That flag has effect in systems which support the MSG_NOSIGNAL sockets flag (since 3.4.2).
+ * @GNUTLS_NO_EXTENSIONS: Do not enable any TLS extensions by default (since 3.1.2). As TLS 1.2 and later require extensions this option is considered obsolete and should not be used.
+ * @GNUTLS_NO_REPLAY_PROTECTION: Disable any replay protection in DTLS. This must only be used if  replay protection is achieved using other means. Since 3.2.2.
+ * @GNUTLS_ALLOW_ID_CHANGE: Allow the peer to replace its certificate, or change its ID during a rehandshake. This change is often used in attacks and thus prohibited by default. Since 3.5.0.
+ * @GNUTLS_ENABLE_FALSE_START: Enable the TLS false start on client side if the negotiated ciphersuites allow it. This will enable sending data prior to the handshake being complete, and may introduce a risk of crypto failure when combined with certain key exchanged; for that GnuTLS may not enable that option in ciphersuites that are known to be not safe for false start. Since 3.5.0.
+ * @GNUTLS_ENABLE_EARLY_START: Under TLS1.3 allow the server to return earlier than the full handshake
+ *   finish; similarly to false start the handshake will be completed once data are received by the
+ *   client, while the server is able to transmit sooner. This is not enabled by default as it could
+ *   break certain existing server assumptions and use-cases. Since 3.6.4.
+ * @GNUTLS_ENABLE_EARLY_DATA: Under TLS1.3 allow the server to receive early data sent as part of the initial ClientHello (0-RTT).
+ *   This can also be used to explicitly indicate that the client will send early data.
+ *   This is not enabled by default as early data has weaker security properties than other data. Since 3.6.5.
+ * @GNUTLS_FORCE_CLIENT_CERT: When in client side and only a single cert is specified, send that certificate irrespective of the issuers expected by the server. Since 3.5.0.
+ * @GNUTLS_NO_TICKETS: Flag to indicate that the session should not use resumption with session tickets.
+ * @GNUTLS_NO_TICKETS_TLS12: Flag to indicate that the session should not use resumption with session tickets. This flag only has effect if TLS 1.2 is used.
+ * @GNUTLS_KEY_SHARE_TOP3: Generate key shares for the top-3 different groups which are enabled.
+ *   That is, as each group is associated with a key type (EC, finite field, x25519), generate
+ *   three keys using %GNUTLS_PK_DH, %GNUTLS_PK_EC, %GNUTLS_PK_ECDH_X25519 if all of them are enabled.
+ * @GNUTLS_KEY_SHARE_TOP2: Generate key shares for the top-2 different groups which are enabled.
+ *   For example (ECDH + x25519). This is the default.
+ * @GNUTLS_KEY_SHARE_TOP: Generate key share for the first group which is enabled.
+ *   For example x25519. This option is the most performant for client (less CPU spent
+ *   generating keys), but if the server doesn't support the advertized option it may
+ *   result to more roundtrips needed to discover the server's choice.
+ * @GNUTLS_NO_AUTO_REKEY: Disable auto-rekeying under TLS1.3. If this option is not specified
+ *   gnutls will force a rekey after 2^24 records have been sent.
+ * @GNUTLS_POST_HANDSHAKE_AUTH: Enable post handshake authentication for server and client. When set and
+ *   a server requests authentication after handshake %GNUTLS_E_REAUTH_REQUEST will be returned
+ *   by gnutls_record_recv(). A client should then call gnutls_reauth() to re-authenticate.
+ * @GNUTLS_SAFE_PADDING_CHECK: Flag to indicate that the TLS 1.3 padding check will be done in a
+ *   safe way which doesn't leak the pad size based on GnuTLS processing time. This is of use to
+ *   applications which hide the length of transferred data via the TLS1.3 padding mechanism and
+ *   are already taking steps to hide the data processing time. This comes at a performance
+ *   penalty.
+ * @GNUTLS_AUTO_REAUTH: Enable transparent re-authentication in client side when the server
+ *    requests to. That is, reauthentication is handled within gnutls_record_recv(), and
+ *    the %GNUTLS_E_REHANDSHAKE or %GNUTLS_E_REAUTH_REQUEST are not returned. This must be
+ *    enabled with %GNUTLS_POST_HANDSHAKE_AUTH for TLS1.3. Enabling this flag requires to restore
+ *    interrupted calls to gnutls_record_recv() based on the output of gnutls_record_get_direction(),
+ *    since gnutls_record_recv() could be interrupted when sending when this flag is enabled.
+ *    Note this flag may not be used if you are using the same session for sending and receiving
+ *    in different threads.
+ * @GNUTLS_ENABLE_RAWPK: Allows raw public-keys to be negotiated during the handshake. Since 3.6.6.
+ * @GNUTLS_NO_AUTO_SEND_TICKET: Under TLS1.3 disable auto-sending of
+ *    session tickets during the handshake.
+ * @GNUTLS_NO_END_OF_EARLY_DATA: Under TLS1.3 suppress sending EndOfEarlyData message. Since 3.7.2.
+ *
+ * Enumeration of different flags for gnutls_init() function. All the flags
+ * can be combined except @GNUTLS_SERVER and @GNUTLS_CLIENT which are mutually
+ * exclusive.
+ *
+ * The key share options relate to the TLS 1.3 key share extension
+ * which is a speculative key generation expecting that the server
+ * would support the generated key.
+ */
+typedef enum {
+	GNUTLS_SERVER = 1,
+	GNUTLS_CLIENT = (1<<1),
+	GNUTLS_DATAGRAM = (1<<2),
+	GNUTLS_NONBLOCK = (1<<3),
+	GNUTLS_NO_EXTENSIONS = (1<<4),
+	GNUTLS_NO_REPLAY_PROTECTION = (1<<5),
+	GNUTLS_NO_SIGNAL = (1<<6),
+	GNUTLS_ALLOW_ID_CHANGE = (1<<7),
+	GNUTLS_ENABLE_FALSE_START = (1<<8),
+	GNUTLS_FORCE_CLIENT_CERT = (1<<9),
+	GNUTLS_NO_TICKETS = (1<<10),
+	GNUTLS_KEY_SHARE_TOP = (1<<11),
+	GNUTLS_KEY_SHARE_TOP2 = (1<<12),
+	GNUTLS_KEY_SHARE_TOP3 = (1<<13),
+	GNUTLS_POST_HANDSHAKE_AUTH = (1<<14),
+	GNUTLS_NO_AUTO_REKEY = (1<<15),
+	GNUTLS_SAFE_PADDING_CHECK = (1<<16),
+	GNUTLS_ENABLE_EARLY_START = (1<<17),
+	GNUTLS_ENABLE_RAWPK = (1<<18),
+	GNUTLS_AUTO_REAUTH = (1<<19),
+	GNUTLS_ENABLE_EARLY_DATA = (1<<20),
+	GNUTLS_NO_AUTO_SEND_TICKET = (1<<21),
+	GNUTLS_NO_END_OF_EARLY_DATA = (1<<22),
+	GNUTLS_NO_TICKETS_TLS12 = (1<<23)
+} gnutls_init_flags_t;
+
+/* compatibility defines (previous versions of gnutls
+ * used defines instead of enumerated values). */
+#define GNUTLS_SERVER (1)
+#define GNUTLS_CLIENT (1<<1)
+#define GNUTLS_DATAGRAM (1<<2)
+#define GNUTLS_NONBLOCK (1<<3)
+#define GNUTLS_NO_EXTENSIONS (1<<4)
+#define GNUTLS_NO_REPLAY_PROTECTION (1<<5)
+#define GNUTLS_NO_SIGNAL (1<<6)
+#define GNUTLS_ALLOW_ID_CHANGE (1<<7)
+#define GNUTLS_ENABLE_FALSE_START (1<<8)
+#define GNUTLS_FORCE_CLIENT_CERT (1<<9)
+#define GNUTLS_NO_TICKETS (1<<10)
+#define GNUTLS_ENABLE_CERT_TYPE_NEG 0
+	// Here for compatibility reasons
+
+/**
+ * gnutls_alert_level_t:
+ * @GNUTLS_AL_WARNING: Alert of warning severity.
+ * @GNUTLS_AL_FATAL: Alert of fatal severity.
+ *
+ * Enumeration of different TLS alert severities.
+ */
+typedef enum {
+	GNUTLS_AL_WARNING = 1,
+	GNUTLS_AL_FATAL
+} gnutls_alert_level_t;
+
+/**
+ * gnutls_alert_description_t:
+ * @GNUTLS_A_CLOSE_NOTIFY: Close notify.
+ * @GNUTLS_A_UNEXPECTED_MESSAGE: Unexpected message.
+ * @GNUTLS_A_BAD_RECORD_MAC: Bad record MAC.
+ * @GNUTLS_A_DECRYPTION_FAILED: Decryption failed.
+ * @GNUTLS_A_RECORD_OVERFLOW: Record overflow.
+ * @GNUTLS_A_DECOMPRESSION_FAILURE: Decompression failed.
+ * @GNUTLS_A_HANDSHAKE_FAILURE: Handshake failed.
+ * @GNUTLS_A_SSL3_NO_CERTIFICATE: No certificate.
+ * @GNUTLS_A_BAD_CERTIFICATE: Certificate is bad.
+ * @GNUTLS_A_UNSUPPORTED_CERTIFICATE: Certificate is not supported.
+ * @GNUTLS_A_CERTIFICATE_REVOKED: Certificate was revoked.
+ * @GNUTLS_A_CERTIFICATE_EXPIRED: Certificate is expired.
+ * @GNUTLS_A_CERTIFICATE_UNKNOWN: Unknown certificate.
+ * @GNUTLS_A_ILLEGAL_PARAMETER: Illegal parameter.
+ * @GNUTLS_A_UNKNOWN_CA: CA is unknown.
+ * @GNUTLS_A_ACCESS_DENIED: Access was denied.
+ * @GNUTLS_A_DECODE_ERROR: Decode error.
+ * @GNUTLS_A_DECRYPT_ERROR: Decrypt error.
+ * @GNUTLS_A_EXPORT_RESTRICTION: Export restriction.
+ * @GNUTLS_A_PROTOCOL_VERSION: Error in protocol version.
+ * @GNUTLS_A_INSUFFICIENT_SECURITY: Insufficient security.
+ * @GNUTLS_A_INTERNAL_ERROR: Internal error.
+ * @GNUTLS_A_INAPPROPRIATE_FALLBACK: Inappropriate fallback,
+ * @GNUTLS_A_USER_CANCELED: User canceled.
+ * @GNUTLS_A_NO_RENEGOTIATION: No renegotiation is allowed.
+ * @GNUTLS_A_MISSING_EXTENSION: An extension was expected but was not seen
+ * @GNUTLS_A_UNSUPPORTED_EXTENSION: An unsupported extension was
+ *   sent.
+ * @GNUTLS_A_CERTIFICATE_UNOBTAINABLE: Could not retrieve the
+ *   specified certificate.
+ * @GNUTLS_A_UNRECOGNIZED_NAME: The server name sent was not
+ *   recognized.
+ * @GNUTLS_A_UNKNOWN_PSK_IDENTITY: The SRP/PSK username is missing
+ *   or not known.
+ * @GNUTLS_A_CERTIFICATE_REQUIRED: Certificate is required.
+ * @GNUTLS_A_NO_APPLICATION_PROTOCOL: The ALPN protocol requested is
+ *   not supported by the peer.
+ *
+ * Enumeration of different TLS alerts.
+ */
+typedef enum {
+	GNUTLS_A_CLOSE_NOTIFY,
+	GNUTLS_A_UNEXPECTED_MESSAGE = 10,
+	GNUTLS_A_BAD_RECORD_MAC = 20,
+	GNUTLS_A_DECRYPTION_FAILED,
+	GNUTLS_A_RECORD_OVERFLOW,
+	GNUTLS_A_DECOMPRESSION_FAILURE = 30,
+	GNUTLS_A_HANDSHAKE_FAILURE = 40,
+	GNUTLS_A_SSL3_NO_CERTIFICATE = 41,
+	GNUTLS_A_BAD_CERTIFICATE = 42,
+	GNUTLS_A_UNSUPPORTED_CERTIFICATE,
+	GNUTLS_A_CERTIFICATE_REVOKED,
+	GNUTLS_A_CERTIFICATE_EXPIRED,
+	GNUTLS_A_CERTIFICATE_UNKNOWN,
+	GNUTLS_A_ILLEGAL_PARAMETER,
+	GNUTLS_A_UNKNOWN_CA,
+	GNUTLS_A_ACCESS_DENIED,
+	GNUTLS_A_DECODE_ERROR = 50,
+	GNUTLS_A_DECRYPT_ERROR,
+	GNUTLS_A_EXPORT_RESTRICTION = 60,
+	GNUTLS_A_PROTOCOL_VERSION = 70,
+	GNUTLS_A_INSUFFICIENT_SECURITY,
+	GNUTLS_A_INTERNAL_ERROR = 80,
+	GNUTLS_A_INAPPROPRIATE_FALLBACK = 86,
+	GNUTLS_A_USER_CANCELED = 90,
+	GNUTLS_A_NO_RENEGOTIATION = 100,
+	GNUTLS_A_MISSING_EXTENSION = 109,
+	GNUTLS_A_UNSUPPORTED_EXTENSION = 110,
+	GNUTLS_A_CERTIFICATE_UNOBTAINABLE = 111,
+	GNUTLS_A_UNRECOGNIZED_NAME = 112,
+	GNUTLS_A_UNKNOWN_PSK_IDENTITY = 115,
+	GNUTLS_A_CERTIFICATE_REQUIRED = 116,
+	GNUTLS_A_NO_APPLICATION_PROTOCOL = 120,
+	GNUTLS_A_MAX = GNUTLS_A_NO_APPLICATION_PROTOCOL
+} gnutls_alert_description_t;
+
+/**
+ * gnutls_handshake_description_t:
+ * @GNUTLS_HANDSHAKE_HELLO_REQUEST: Hello request.
+ * @GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST: DTLS Hello verify request.
+ * @GNUTLS_HANDSHAKE_CLIENT_HELLO: Client hello.
+ * @GNUTLS_HANDSHAKE_SERVER_HELLO: Server hello.
+ * @GNUTLS_HANDSHAKE_END_OF_EARLY_DATA: End of early data.
+ * @GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST: Hello retry request.
+ * @GNUTLS_HANDSHAKE_NEW_SESSION_TICKET: New session ticket.
+ * @GNUTLS_HANDSHAKE_CERTIFICATE_PKT: Certificate packet.
+ * @GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE: Server key exchange.
+ * @GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST: Certificate request.
+ * @GNUTLS_HANDSHAKE_SERVER_HELLO_DONE: Server hello done.
+ * @GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY: Certificate verify.
+ * @GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE: Client key exchange.
+ * @GNUTLS_HANDSHAKE_FINISHED: Finished.
+ * @GNUTLS_HANDSHAKE_CERTIFICATE_STATUS: Certificate status (OCSP).
+ * @GNUTLS_HANDSHAKE_KEY_UPDATE: TLS1.3 key update message.
+ * @GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT: Compressed certificate packet.
+ * @GNUTLS_HANDSHAKE_SUPPLEMENTAL: Supplemental.
+ * @GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC: Change Cipher Spec.
+ * @GNUTLS_HANDSHAKE_CLIENT_HELLO_V2: SSLv2 Client Hello.
+ * @GNUTLS_HANDSHAKE_ENCRYPTED_EXTENSIONS: Encrypted extensions message.
+ *
+ * Enumeration of different TLS handshake packets.
+ */
+typedef enum {
+	GNUTLS_HANDSHAKE_HELLO_REQUEST = 0,
+	GNUTLS_HANDSHAKE_CLIENT_HELLO = 1,
+	GNUTLS_HANDSHAKE_SERVER_HELLO = 2,
+	GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST = 3,
+	GNUTLS_HANDSHAKE_NEW_SESSION_TICKET = 4,
+	GNUTLS_HANDSHAKE_END_OF_EARLY_DATA = 5,
+	GNUTLS_HANDSHAKE_ENCRYPTED_EXTENSIONS = 8,
+	GNUTLS_HANDSHAKE_CERTIFICATE_PKT = 11,
+	GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE = 12,
+	GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST = 13,
+	GNUTLS_HANDSHAKE_SERVER_HELLO_DONE = 14,
+	GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY = 15,
+	GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE = 16,
+	GNUTLS_HANDSHAKE_FINISHED = 20,
+	GNUTLS_HANDSHAKE_CERTIFICATE_STATUS = 22,
+	GNUTLS_HANDSHAKE_SUPPLEMENTAL = 23,
+	GNUTLS_HANDSHAKE_KEY_UPDATE = 24,
+	GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT = 25,
+	GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC = 254,
+	GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024,
+	GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST = 1025,
+} gnutls_handshake_description_t;
+
+#define GNUTLS_HANDSHAKE_ANY ((unsigned int)-1)
+
+const char
+    *gnutls_handshake_description_get_name(gnutls_handshake_description_t
+					   type);
+
+/**
+ * gnutls_certificate_status_t:
+ * @GNUTLS_CERT_INVALID: The certificate is not signed by one of the
+ *   known authorities or the signature is invalid (deprecated by the flags 
+ *   %GNUTLS_CERT_SIGNATURE_FAILURE and %GNUTLS_CERT_SIGNER_NOT_FOUND).
+ * @GNUTLS_CERT_SIGNATURE_FAILURE: The signature verification failed.
+ * @GNUTLS_CERT_REVOKED: Certificate is revoked by its authority.  In X.509 this will be
+ *   set only if CRLs are checked.
+ * @GNUTLS_CERT_SIGNER_NOT_FOUND: The certificate's issuer is not known. 
+ *   This is the case if the issuer is not included in the trusted certificate list.
+ * @GNUTLS_CERT_SIGNER_NOT_CA: The certificate's signer was not a CA. This
+ *   may happen if this was a version 1 certificate, which is common with
+ *   some CAs, or a version 3 certificate without the basic constrains extension.
+ * @GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE: The certificate's signer constraints were
+ *   violated.
+ * @GNUTLS_CERT_INSECURE_ALGORITHM:  The certificate was signed using an insecure
+ *   algorithm such as MD2 or MD5. These algorithms have been broken and
+ *   should not be trusted.
+ * @GNUTLS_CERT_NOT_ACTIVATED: The certificate is not yet activated.
+ * @GNUTLS_CERT_EXPIRED: The certificate has expired.
+ * @GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED: The revocation data are old and have been superseded.
+ * @GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE: The revocation data have a future issue date.
+ * @GNUTLS_CERT_UNEXPECTED_OWNER: The owner is not the expected one.
+ * @GNUTLS_CERT_MISMATCH: The certificate presented isn't the expected one (TOFU)
+ * @GNUTLS_CERT_PURPOSE_MISMATCH: The certificate or an intermediate does not match the intended purpose (extended key usage).
+ * @GNUTLS_CERT_MISSING_OCSP_STATUS: The certificate requires the server to send the certificate status, but no status was received.
+ * @GNUTLS_CERT_INVALID_OCSP_STATUS: The received OCSP status response is invalid.
+ * @GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS: The certificate has extensions marked as critical which are not supported.
+ *
+ * Enumeration of certificate status codes.  Note that the status
+ * bits may have different meanings in OpenPGP keys and X.509
+ * certificate verification.
+ */
+typedef enum {
+	GNUTLS_CERT_INVALID = 1 << 1,
+	GNUTLS_CERT_REVOKED = 1 << 5,
+	GNUTLS_CERT_SIGNER_NOT_FOUND = 1 << 6,
+	GNUTLS_CERT_SIGNER_NOT_CA = 1 << 7,
+	GNUTLS_CERT_INSECURE_ALGORITHM = 1 << 8,
+	GNUTLS_CERT_NOT_ACTIVATED = 1 << 9,
+	GNUTLS_CERT_EXPIRED = 1 << 10,
+	GNUTLS_CERT_SIGNATURE_FAILURE = 1 << 11,
+	GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED = 1 << 12,
+	GNUTLS_CERT_UNEXPECTED_OWNER = 1 << 14,
+	GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE = 1 << 15,
+	GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE = 1 << 16,
+	GNUTLS_CERT_MISMATCH = 1 << 17,
+	GNUTLS_CERT_PURPOSE_MISMATCH = 1 << 18,
+	GNUTLS_CERT_MISSING_OCSP_STATUS = 1 << 19,
+	GNUTLS_CERT_INVALID_OCSP_STATUS = 1 << 20,
+	GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS = 1 << 21
+} gnutls_certificate_status_t;
+
+/**
+ * gnutls_certificate_request_t:
+ * @GNUTLS_CERT_IGNORE: Ignore certificate.
+ * @GNUTLS_CERT_REQUEST: Request certificate.
+ * @GNUTLS_CERT_REQUIRE: Require certificate.
+ *
+ * Enumeration of certificate request types.
+ */
+typedef enum {
+	GNUTLS_CERT_IGNORE = 0,
+	GNUTLS_CERT_REQUEST = 1,
+	GNUTLS_CERT_REQUIRE = 2
+} gnutls_certificate_request_t;
+
+/**
+ * gnutls_openpgp_crt_status_t:
+ * @GNUTLS_OPENPGP_CERT: Send entire certificate.
+ * @GNUTLS_OPENPGP_CERT_FINGERPRINT: Send only certificate fingerprint.
+ *
+ * Enumeration of ways to send OpenPGP certificate.
+ */
+typedef enum {
+	GNUTLS_OPENPGP_CERT = 0,
+	GNUTLS_OPENPGP_CERT_FINGERPRINT = 1
+} gnutls_openpgp_crt_status_t;
+
+/**
+ * gnutls_close_request_t:
+ * @GNUTLS_SHUT_RDWR: Disallow further receives/sends.
+ * @GNUTLS_SHUT_WR: Disallow further sends.
+ *
+ * Enumeration of how TLS session should be terminated.  See gnutls_bye().
+ */
+typedef enum {
+	GNUTLS_SHUT_RDWR = 0,
+	GNUTLS_SHUT_WR = 1
+} gnutls_close_request_t;
+
+/**
+ * gnutls_protocol_t:
+ * @GNUTLS_SSL3: SSL version 3.0.
+ * @GNUTLS_TLS1_0: TLS version 1.0.
+ * @GNUTLS_TLS1: Same as %GNUTLS_TLS1_0.
+ * @GNUTLS_TLS1_1: TLS version 1.1.
+ * @GNUTLS_TLS1_2: TLS version 1.2.
+ * @GNUTLS_TLS1_3: TLS version 1.3.
+ * @GNUTLS_DTLS1_0: DTLS version 1.0.
+ * @GNUTLS_DTLS1_2: DTLS version 1.2.
+ * @GNUTLS_DTLS0_9: DTLS version 0.9 (Cisco AnyConnect / OpenSSL 0.9.8e).
+ * @GNUTLS_TLS_VERSION_MAX: Maps to the highest supported TLS version.
+ * @GNUTLS_DTLS_VERSION_MAX: Maps to the highest supported DTLS version.
+ * @GNUTLS_VERSION_UNKNOWN: Unknown SSL/TLS version.
+ *
+ * Enumeration of different SSL/TLS protocol versions.
+ */
+typedef enum {
+	GNUTLS_SSL3 = 1,
+	GNUTLS_TLS1_0 = 2,
+	GNUTLS_TLS1 = GNUTLS_TLS1_0,
+	GNUTLS_TLS1_1 = 3,
+	GNUTLS_TLS1_2 = 4,
+	GNUTLS_TLS1_3 = 5,
+
+	GNUTLS_DTLS0_9 = 200,
+	GNUTLS_DTLS1_0 = 201,	/* 201 */
+	GNUTLS_DTLS1_2 = 202,
+	GNUTLS_DTLS_VERSION_MIN = GNUTLS_DTLS0_9,
+	GNUTLS_DTLS_VERSION_MAX = GNUTLS_DTLS1_2,
+	GNUTLS_TLS_VERSION_MAX = GNUTLS_TLS1_3,
+	GNUTLS_VERSION_UNKNOWN = 0xff	/* change it to 0xffff */
+} gnutls_protocol_t;
+
+#define GNUTLS_CRT_RAW GNUTLS_CRT_RAWPK
+
+/**
+ * gnutls_certificate_type_t:
+ * @GNUTLS_CRT_UNKNOWN: Unknown certificate type.
+ * @GNUTLS_CRT_X509: X.509 Certificate.
+ * @GNUTLS_CRT_OPENPGP: OpenPGP certificate.
+ * @GNUTLS_CRT_RAWPK: Raw public-key (SubjectPublicKeyInfo)
+ *
+ * Enumeration of different certificate types.
+ */
+typedef enum {
+	GNUTLS_CRT_UNKNOWN = 0,
+	GNUTLS_CRT_X509 = 1,
+	GNUTLS_CRT_OPENPGP = 2,
+	GNUTLS_CRT_RAWPK = 3,
+	GNUTLS_CRT_MAX = GNUTLS_CRT_RAWPK
+} gnutls_certificate_type_t;
+
+/**
+ * gnutls_x509_crt_fmt_t:
+ * @GNUTLS_X509_FMT_DER: X.509 certificate in DER format (binary).
+ * @GNUTLS_X509_FMT_PEM: X.509 certificate in PEM format (text).
+ *
+ * Enumeration of different certificate encoding formats.
+ */
+typedef enum {
+	GNUTLS_X509_FMT_DER = 0,
+	GNUTLS_X509_FMT_PEM = 1
+} gnutls_x509_crt_fmt_t;
+
+/**
+ * gnutls_certificate_print_formats_t:
+ * @GNUTLS_CRT_PRINT_FULL: Full information about certificate.
+ * @GNUTLS_CRT_PRINT_FULL_NUMBERS: Full information about certificate and include easy to parse public key parameters.
+ * @GNUTLS_CRT_PRINT_COMPACT: Information about certificate name in one line, plus identification of the public key.
+ * @GNUTLS_CRT_PRINT_ONELINE: Information about certificate in one line.
+ * @GNUTLS_CRT_PRINT_UNSIGNED_FULL: All info for an unsigned certificate.
+ *
+ * Enumeration of different certificate printing variants.
+ */
+typedef enum gnutls_certificate_print_formats {
+	GNUTLS_CRT_PRINT_FULL = 0,
+	GNUTLS_CRT_PRINT_ONELINE = 1,
+	GNUTLS_CRT_PRINT_UNSIGNED_FULL = 2,
+	GNUTLS_CRT_PRINT_COMPACT = 3,
+	GNUTLS_CRT_PRINT_FULL_NUMBERS = 4
+} gnutls_certificate_print_formats_t;
+
+#define GNUTLS_PK_ECC GNUTLS_PK_ECDSA
+#define GNUTLS_PK_EC GNUTLS_PK_ECDSA
+
+#define GNUTLS_PK_ECDHX GNUTLS_PK_ECDH_X25519
+/**
+ * gnutls_pk_algorithm_t:
+ * @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm.
+ * @GNUTLS_PK_RSA: RSA public-key algorithm.
+ * @GNUTLS_PK_RSA_PSS: RSA public-key algorithm, with PSS padding.
+ * @GNUTLS_PK_DSA: DSA public-key algorithm.
+ * @GNUTLS_PK_DH: Diffie-Hellman algorithm. Used to generate parameters.
+ * @GNUTLS_PK_ECDSA: Elliptic curve algorithm. These parameters are compatible with the ECDSA and ECDH algorithm.
+ * @GNUTLS_PK_ECDH_X25519: Elliptic curve algorithm, restricted to ECDH as per rfc7748.
+ * @GNUTLS_PK_EDDSA_ED25519: Edwards curve Digital signature algorithm. Used with SHA512 on signatures.
+ * @GNUTLS_PK_GOST_01: GOST R 34.10-2001 algorithm per rfc5832.
+ * @GNUTLS_PK_GOST_12_256: GOST R 34.10-2012 algorithm, 256-bit key per rfc7091.
+ * @GNUTLS_PK_GOST_12_512: GOST R 34.10-2012 algorithm, 512-bit key per rfc7091.
+ * @GNUTLS_PK_ECDH_X448: Elliptic curve algorithm, restricted to ECDH as per rfc7748.
+ * @GNUTLS_PK_EDDSA_ED448: Edwards curve Digital signature algorithm. Used with SHAKE256 on signatures.
+ *
+ * Enumeration of different public-key algorithms.
+ */
+typedef enum {
+	GNUTLS_PK_UNKNOWN = 0,
+	GNUTLS_PK_RSA = 1,
+	GNUTLS_PK_DSA = 2,
+	GNUTLS_PK_DH = 3,
+	GNUTLS_PK_ECDSA = 4,
+	GNUTLS_PK_ECDH_X25519 = 5,
+	GNUTLS_PK_RSA_PSS = 6,
+	GNUTLS_PK_EDDSA_ED25519 = 7,
+	GNUTLS_PK_GOST_01 = 8,
+	GNUTLS_PK_GOST_12_256 = 9,
+	GNUTLS_PK_GOST_12_512 = 10,
+	GNUTLS_PK_ECDH_X448 = 11,
+	GNUTLS_PK_EDDSA_ED448 = 12,
+	GNUTLS_PK_MAX = GNUTLS_PK_EDDSA_ED448
+} gnutls_pk_algorithm_t;
+
+
+const char *gnutls_pk_algorithm_get_name(gnutls_pk_algorithm_t algorithm);
+
+/**
+ * gnutls_sign_algorithm_t:
+ * @GNUTLS_SIGN_UNKNOWN: Unknown signature algorithm.
+ * @GNUTLS_SIGN_RSA_RAW: Digital signature algorithm RSA with DigestInfo formatted data
+ * @GNUTLS_SIGN_RSA_SHA1: Digital signature algorithm RSA with SHA-1
+ * @GNUTLS_SIGN_RSA_SHA: Same as %GNUTLS_SIGN_RSA_SHA1.
+ * @GNUTLS_SIGN_DSA_SHA1: Digital signature algorithm DSA with SHA-1
+ * @GNUTLS_SIGN_DSA_SHA224: Digital signature algorithm DSA with SHA-224
+ * @GNUTLS_SIGN_DSA_SHA256: Digital signature algorithm DSA with SHA-256
+ * @GNUTLS_SIGN_DSA_SHA384: Digital signature algorithm DSA with SHA-384
+ * @GNUTLS_SIGN_DSA_SHA512: Digital signature algorithm DSA with SHA-512
+ * @GNUTLS_SIGN_DSA_SHA: Same as %GNUTLS_SIGN_DSA_SHA1.
+ * @GNUTLS_SIGN_RSA_MD5: Digital signature algorithm RSA with MD5.
+ * @GNUTLS_SIGN_RSA_MD2: Digital signature algorithm RSA with MD2.
+ * @GNUTLS_SIGN_RSA_RMD160: Digital signature algorithm RSA with RMD-160.
+ * @GNUTLS_SIGN_RSA_SHA256: Digital signature algorithm RSA with SHA-256.
+ * @GNUTLS_SIGN_RSA_SHA384: Digital signature algorithm RSA with SHA-384.
+ * @GNUTLS_SIGN_RSA_SHA512: Digital signature algorithm RSA with SHA-512.
+ * @GNUTLS_SIGN_RSA_SHA224: Digital signature algorithm RSA with SHA-224.
+ * @GNUTLS_SIGN_ECDSA_SHA1: ECDSA with SHA1.
+ * @GNUTLS_SIGN_ECDSA_SHA224: Digital signature algorithm ECDSA with SHA-224.
+ * @GNUTLS_SIGN_ECDSA_SHA256: Digital signature algorithm ECDSA with SHA-256.
+ * @GNUTLS_SIGN_ECDSA_SHA384: Digital signature algorithm ECDSA with SHA-384.
+ * @GNUTLS_SIGN_ECDSA_SHA512: Digital signature algorithm ECDSA with SHA-512.
+ * @GNUTLS_SIGN_ECDSA_SECP256R1_SHA256: Digital signature algorithm ECDSA-SECP256R1 with SHA-256 (used in TLS 1.3 but not PKIX).
+ * @GNUTLS_SIGN_ECDSA_SECP384R1_SHA384: Digital signature algorithm ECDSA-SECP384R1 with SHA-384 (used in TLS 1.3 but not PKIX).
+ * @GNUTLS_SIGN_ECDSA_SECP521R1_SHA512: Digital signature algorithm ECDSA-SECP521R1 with SHA-512 (used in TLS 1.3 but not PKIX).
+ * @GNUTLS_SIGN_ECDSA_SHA3_224: Digital signature algorithm ECDSA with SHA3-224.
+ * @GNUTLS_SIGN_ECDSA_SHA3_256: Digital signature algorithm ECDSA with SHA3-256.
+ * @GNUTLS_SIGN_ECDSA_SHA3_384: Digital signature algorithm ECDSA with SHA3-384.
+ * @GNUTLS_SIGN_ECDSA_SHA3_512: Digital signature algorithm ECDSA with SHA3-512.
+ * @GNUTLS_SIGN_DSA_SHA3_224: Digital signature algorithm DSA with SHA3-224.
+ * @GNUTLS_SIGN_DSA_SHA3_256: Digital signature algorithm DSA with SHA3-256.
+ * @GNUTLS_SIGN_DSA_SHA3_384: Digital signature algorithm DSA with SHA3-384.
+ * @GNUTLS_SIGN_DSA_SHA3_512: Digital signature algorithm DSA with SHA3-512.
+ * @GNUTLS_SIGN_RSA_SHA3_224: Digital signature algorithm RSA with SHA3-224.
+ * @GNUTLS_SIGN_RSA_SHA3_256: Digital signature algorithm RSA with SHA3-256.
+ * @GNUTLS_SIGN_RSA_SHA3_384: Digital signature algorithm RSA with SHA3-384.
+ * @GNUTLS_SIGN_RSA_SHA3_512: Digital signature algorithm RSA with SHA3-512.
+ * @GNUTLS_SIGN_RSA_PSS_RSAE_SHA256: Digital signature algorithm RSA with SHA-256,
+ *      with PSS padding (RSA PKCS#1 1.5 certificate). This signature is identical
+ *      to #GNUTLS_SIGN_RSA_PSS_SHA256, but they are distinct as the TLS1.3 protocol
+ *      treats them differently.
+ * @GNUTLS_SIGN_RSA_PSS_RSAE_SHA384: Digital signature algorithm RSA with SHA-384,
+ *      with PSS padding (RSA PKCS#1 1.5 certificate). This signature is identical
+ *      to #GNUTLS_SIGN_RSA_PSS_SHA384, but they are distinct as the TLS1.3 protocol
+ *      treats them differently.
+ * @GNUTLS_SIGN_RSA_PSS_RSAE_SHA512: Digital signature algorithm RSA with SHA-512,
+ *      with PSS padding (RSA PKCS#1 1.5 certificate). This signature is identical
+ *      to #GNUTLS_SIGN_RSA_PSS_SHA512, but they are distinct as the TLS1.3 protocol
+ *      treats them differently.
+ * @GNUTLS_SIGN_RSA_PSS_SHA256: Digital signature algorithm RSA with SHA-256, with PSS padding (RSA-PSS certificate).
+ * @GNUTLS_SIGN_RSA_PSS_SHA384: Digital signature algorithm RSA with SHA-384, with PSS padding (RSA-PSS certificate).
+ * @GNUTLS_SIGN_RSA_PSS_SHA512: Digital signature algorithm RSA with SHA-512, with PSS padding (RSA-PSS certificate).
+ * @GNUTLS_SIGN_EDDSA_ED25519: Digital signature algorithm EdDSA with Ed25519 curve.
+ * @GNUTLS_SIGN_GOST_94: Digital signature algorithm GOST R 34.10-2001 with GOST R 34.11-94
+ * @GNUTLS_SIGN_GOST_256: Digital signature algorithm GOST R 34.10-2012 with GOST R 34.11-2012 256 bit
+ * @GNUTLS_SIGN_GOST_512: Digital signature algorithm GOST R 34.10-2012 with GOST R 34.11-2012 512 bit
+ * @GNUTLS_SIGN_EDDSA_ED448: Digital signature algorithm EdDSA with Ed448 curve.
+ *
+ * Enumeration of different digital signature algorithms.
+ */
+typedef enum {
+	GNUTLS_SIGN_UNKNOWN = 0,
+	GNUTLS_SIGN_RSA_SHA1 = 1,
+	GNUTLS_SIGN_RSA_SHA = GNUTLS_SIGN_RSA_SHA1,
+	GNUTLS_SIGN_DSA_SHA1 = 2,
+	GNUTLS_SIGN_DSA_SHA = GNUTLS_SIGN_DSA_SHA1,
+	GNUTLS_SIGN_RSA_MD5 = 3,
+	GNUTLS_SIGN_RSA_MD2 = 4,
+	GNUTLS_SIGN_RSA_RMD160 = 5,
+	GNUTLS_SIGN_RSA_SHA256 = 6,
+	GNUTLS_SIGN_RSA_SHA384 = 7,
+	GNUTLS_SIGN_RSA_SHA512 = 8,
+	GNUTLS_SIGN_RSA_SHA224 = 9,
+	GNUTLS_SIGN_DSA_SHA224 = 10,
+	GNUTLS_SIGN_DSA_SHA256 = 11,
+	GNUTLS_SIGN_ECDSA_SHA1 = 12,
+	GNUTLS_SIGN_ECDSA_SHA224 = 13,
+	GNUTLS_SIGN_ECDSA_SHA256 = 14,
+	GNUTLS_SIGN_ECDSA_SHA384 = 15,
+	GNUTLS_SIGN_ECDSA_SHA512 = 16,
+	GNUTLS_SIGN_DSA_SHA384 = 17,
+	GNUTLS_SIGN_DSA_SHA512 = 18,
+	GNUTLS_SIGN_ECDSA_SHA3_224 = 20,
+	GNUTLS_SIGN_ECDSA_SHA3_256 = 21,
+	GNUTLS_SIGN_ECDSA_SHA3_384 = 22,
+	GNUTLS_SIGN_ECDSA_SHA3_512 = 23,
+
+	GNUTLS_SIGN_DSA_SHA3_224 = 24,
+	GNUTLS_SIGN_DSA_SHA3_256 = 25,
+	GNUTLS_SIGN_DSA_SHA3_384 = 26,
+	GNUTLS_SIGN_DSA_SHA3_512 = 27,
+	GNUTLS_SIGN_RSA_SHA3_224 = 28,
+	GNUTLS_SIGN_RSA_SHA3_256 = 29,
+	GNUTLS_SIGN_RSA_SHA3_384 = 30,
+	GNUTLS_SIGN_RSA_SHA3_512 = 31,
+
+	GNUTLS_SIGN_RSA_PSS_SHA256 = 32,
+	GNUTLS_SIGN_RSA_PSS_SHA384 = 33,
+	GNUTLS_SIGN_RSA_PSS_SHA512 = 34,
+	GNUTLS_SIGN_EDDSA_ED25519 = 35,
+	GNUTLS_SIGN_RSA_RAW = 36,
+
+	GNUTLS_SIGN_ECDSA_SECP256R1_SHA256 = 37,
+	GNUTLS_SIGN_ECDSA_SECP384R1_SHA384 = 38,
+	GNUTLS_SIGN_ECDSA_SECP521R1_SHA512 = 39,
+
+	GNUTLS_SIGN_RSA_PSS_RSAE_SHA256 = 40,
+	GNUTLS_SIGN_RSA_PSS_RSAE_SHA384 = 41,
+	GNUTLS_SIGN_RSA_PSS_RSAE_SHA512 = 42,
+
+	GNUTLS_SIGN_GOST_94 = 43,
+	GNUTLS_SIGN_GOST_256 = 44,
+	GNUTLS_SIGN_GOST_512 = 45,
+	GNUTLS_SIGN_EDDSA_ED448 = 46,
+	GNUTLS_SIGN_MAX = GNUTLS_SIGN_EDDSA_ED448
+} gnutls_sign_algorithm_t;
+
+/**
+ * gnutls_ecc_curve_t:
+ * @GNUTLS_ECC_CURVE_INVALID: Cannot be known
+ * @GNUTLS_ECC_CURVE_SECP192R1: the SECP192R1 curve
+ * @GNUTLS_ECC_CURVE_SECP224R1: the SECP224R1 curve
+ * @GNUTLS_ECC_CURVE_SECP256R1: the SECP256R1 curve
+ * @GNUTLS_ECC_CURVE_SECP384R1: the SECP384R1 curve
+ * @GNUTLS_ECC_CURVE_SECP521R1: the SECP521R1 curve
+ * @GNUTLS_ECC_CURVE_X25519: the X25519 curve (ECDH only)
+ * @GNUTLS_ECC_CURVE_ED25519: the Ed25519 curve
+ * @GNUTLS_ECC_CURVE_GOST256CPA: GOST R 34.10 CryptoPro 256 A curve
+ * @GNUTLS_ECC_CURVE_GOST256CPB: GOST R 34.10 CryptoPro 256 B curve
+ * @GNUTLS_ECC_CURVE_GOST256CPC: GOST R 34.10 CryptoPro 256 C curve
+ * @GNUTLS_ECC_CURVE_GOST256CPXA: GOST R 34.10 CryptoPro 256 XchA curve
+ * @GNUTLS_ECC_CURVE_GOST256CPXB: GOST R 34.10 CryptoPro 256 XchB curve
+ * @GNUTLS_ECC_CURVE_GOST512A: GOST R 34.10 TC26 512 A curve
+ * @GNUTLS_ECC_CURVE_GOST512B: GOST R 34.10 TC26 512 B curve
+ * @GNUTLS_ECC_CURVE_GOST512C: GOST R 34.10 TC26 512 C curve
+ * @GNUTLS_ECC_CURVE_GOST256A: GOST R 34.10 TC26 256 A curve
+ * @GNUTLS_ECC_CURVE_GOST256B: GOST R 34.10 TC26 256 B curve
+ * @GNUTLS_ECC_CURVE_GOST256C: GOST R 34.10 TC26 256 C curve
+ * @GNUTLS_ECC_CURVE_GOST256D: GOST R 34.10 TC26 256 D curve
+ * @GNUTLS_ECC_CURVE_X448: the X448 curve (ECDH only)
+ * @GNUTLS_ECC_CURVE_ED448: the Ed448 curve
+ *
+ * Enumeration of ECC curves.
+ */
+typedef enum {
+	GNUTLS_ECC_CURVE_INVALID = 0,
+	GNUTLS_ECC_CURVE_SECP224R1,
+	GNUTLS_ECC_CURVE_SECP256R1,
+	GNUTLS_ECC_CURVE_SECP384R1,
+	GNUTLS_ECC_CURVE_SECP521R1,
+	GNUTLS_ECC_CURVE_SECP192R1,
+	GNUTLS_ECC_CURVE_X25519,
+	GNUTLS_ECC_CURVE_ED25519,
+	GNUTLS_ECC_CURVE_GOST256CPA,
+	GNUTLS_ECC_CURVE_GOST256CPB,
+	GNUTLS_ECC_CURVE_GOST256CPC,
+	GNUTLS_ECC_CURVE_GOST256CPXA,
+	GNUTLS_ECC_CURVE_GOST256CPXB,
+	GNUTLS_ECC_CURVE_GOST512A,
+	GNUTLS_ECC_CURVE_GOST512B,
+	GNUTLS_ECC_CURVE_GOST512C,
+	GNUTLS_ECC_CURVE_GOST256A,
+	GNUTLS_ECC_CURVE_GOST256B,
+	GNUTLS_ECC_CURVE_GOST256C,
+	GNUTLS_ECC_CURVE_GOST256D,
+	GNUTLS_ECC_CURVE_X448,
+	GNUTLS_ECC_CURVE_ED448,
+	GNUTLS_ECC_CURVE_MAX = GNUTLS_ECC_CURVE_ED448
+} gnutls_ecc_curve_t;
+
+/**
+ * gnutls_group_t:
+ * @GNUTLS_GROUP_INVALID: Indicates unknown/invalid group
+ * @GNUTLS_GROUP_SECP192R1: the SECP192R1 curve group (legacy, only for TLS 1.2 compatibility)
+ * @GNUTLS_GROUP_SECP224R1: the SECP224R1 curve group (legacy, only for TLS 1.2 compatibility)
+ * @GNUTLS_GROUP_SECP256R1: the SECP256R1 curve group
+ * @GNUTLS_GROUP_SECP384R1: the SECP384R1 curve group
+ * @GNUTLS_GROUP_SECP521R1: the SECP521R1 curve group
+ * @GNUTLS_GROUP_X25519: the X25519 curve group
+ * @GNUTLS_GROUP_GC256A: the GOST R 34.10 TC26 256 A curve group
+ * @GNUTLS_GROUP_GC256B: the GOST R 34.10 TC26 256 B curve group
+ * @GNUTLS_GROUP_GC256C: the GOST R 34.10 TC26 256 C curve group
+ * @GNUTLS_GROUP_GC256D: the GOST R 34.10 TC26 256 D curve group
+ * @GNUTLS_GROUP_GC512A: the GOST R 34.10 TC26 512 A curve group
+ * @GNUTLS_GROUP_GC512B: the GOST R 34.10 TC26 512 B curve group
+ * @GNUTLS_GROUP_GC512C: the GOST R 34.10 TC26 512 C curve group
+ * @GNUTLS_GROUP_FFDHE2048: the FFDHE2048 group
+ * @GNUTLS_GROUP_FFDHE3072: the FFDHE3072 group
+ * @GNUTLS_GROUP_FFDHE4096: the FFDHE4096 group
+ * @GNUTLS_GROUP_FFDHE6144: the FFDHE6144 group
+ * @GNUTLS_GROUP_FFDHE8192: the FFDHE8192 group
+ * @GNUTLS_GROUP_X448: the X448 curve group
+ *
+ * Enumeration of supported groups. It is intended to be backwards
+ * compatible with the enumerations in %gnutls_ecc_curve_t for the groups
+ * which are valid elliptic curves.
+ */
+typedef enum {
+	GNUTLS_GROUP_INVALID = 0,
+	GNUTLS_GROUP_SECP192R1 = GNUTLS_ECC_CURVE_SECP192R1,
+	GNUTLS_GROUP_SECP224R1 = GNUTLS_ECC_CURVE_SECP224R1,
+	GNUTLS_GROUP_SECP256R1 = GNUTLS_ECC_CURVE_SECP256R1,
+	GNUTLS_GROUP_SECP384R1 = GNUTLS_ECC_CURVE_SECP384R1,
+	GNUTLS_GROUP_SECP521R1 = GNUTLS_ECC_CURVE_SECP521R1,
+	GNUTLS_GROUP_X25519 = GNUTLS_ECC_CURVE_X25519,
+	GNUTLS_GROUP_X448 = GNUTLS_ECC_CURVE_X448,
+
+	GNUTLS_GROUP_GC256A = GNUTLS_ECC_CURVE_GOST256A,
+	GNUTLS_GROUP_GC256B = GNUTLS_ECC_CURVE_GOST256B,
+	GNUTLS_GROUP_GC256C = GNUTLS_ECC_CURVE_GOST256C,
+	GNUTLS_GROUP_GC256D = GNUTLS_ECC_CURVE_GOST256D,
+	GNUTLS_GROUP_GC512A = GNUTLS_ECC_CURVE_GOST512A,
+	GNUTLS_GROUP_GC512B = GNUTLS_ECC_CURVE_GOST512B,
+	GNUTLS_GROUP_GC512C = GNUTLS_ECC_CURVE_GOST512C,
+
+	GNUTLS_GROUP_FFDHE2048 = 256,
+	GNUTLS_GROUP_FFDHE3072,
+	GNUTLS_GROUP_FFDHE4096,
+	GNUTLS_GROUP_FFDHE8192,
+	GNUTLS_GROUP_FFDHE6144,
+	GNUTLS_GROUP_MAX = GNUTLS_GROUP_FFDHE6144,
+} gnutls_group_t;
+
+/* macros to allow specifying a specific curve in gnutls_privkey_generate()
+ * and gnutls_x509_privkey_generate() */
+#define GNUTLS_CURVE_TO_BITS(curve) (unsigned int)(((unsigned int)1<<31)|((unsigned int)(curve)))
+#define GNUTLS_BITS_TO_CURVE(bits) (((unsigned int)(bits)) & 0x7FFFFFFF)
+#define GNUTLS_BITS_ARE_CURVE(bits) (((unsigned int)(bits)) & 0x80000000)
+
+/**
+ * gnutls_sec_param_t:
+ * @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known
+ * @GNUTLS_SEC_PARAM_INSECURE: Less than 42 bits of security
+ * @GNUTLS_SEC_PARAM_EXPORT: 42 bits of security
+ * @GNUTLS_SEC_PARAM_VERY_WEAK: 64 bits of security
+ * @GNUTLS_SEC_PARAM_WEAK: 72 bits of security
+ * @GNUTLS_SEC_PARAM_LOW: 80 bits of security
+ * @GNUTLS_SEC_PARAM_LEGACY: 96 bits of security
+ * @GNUTLS_SEC_PARAM_MEDIUM: 112 bits of security (used to be %GNUTLS_SEC_PARAM_NORMAL)
+ * @GNUTLS_SEC_PARAM_HIGH: 128 bits of security
+ * @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security
+ * @GNUTLS_SEC_PARAM_FUTURE: 256 bits of security
+ *
+ * Enumeration of security parameters for passive attacks.
+ */
+typedef enum {
+	GNUTLS_SEC_PARAM_UNKNOWN = 0,
+	GNUTLS_SEC_PARAM_INSECURE = 5,
+	GNUTLS_SEC_PARAM_EXPORT = 10,
+	GNUTLS_SEC_PARAM_VERY_WEAK = 15,
+	GNUTLS_SEC_PARAM_WEAK = 20,
+	GNUTLS_SEC_PARAM_LOW = 25,
+	GNUTLS_SEC_PARAM_LEGACY = 30,
+	GNUTLS_SEC_PARAM_MEDIUM = 35,
+	GNUTLS_SEC_PARAM_HIGH = 40,
+	GNUTLS_SEC_PARAM_ULTRA = 45,
+	GNUTLS_SEC_PARAM_FUTURE = 50,
+	GNUTLS_SEC_PARAM_MAX = GNUTLS_SEC_PARAM_FUTURE
+} gnutls_sec_param_t;
+
+/* old name */
+#define GNUTLS_SEC_PARAM_NORMAL GNUTLS_SEC_PARAM_MEDIUM
+
+/**
+ * gnutls_channel_binding_t:
+ * @GNUTLS_CB_TLS_UNIQUE: "tls-unique" (RFC 5929) channel binding
+ * @GNUTLS_CB_TLS_SERVER_END_POINT: "tls-server-end-point" (RFC 5929) channel binding
+ * @GNUTLS_CB_TLS_EXPORTER: "tls-exporter" (RFC 9266) channel binding
+ *
+ * Enumeration of supported channel binding types.
+ */
+typedef enum {
+	GNUTLS_CB_TLS_UNIQUE,
+	GNUTLS_CB_TLS_SERVER_END_POINT,
+	GNUTLS_CB_TLS_EXPORTER
+} gnutls_channel_binding_t;
+
+/**
+ * gnutls_gost_paramset_t:
+ * @GNUTLS_GOST_PARAMSET_UNKNOWN: Unknown/default parameter set
+ * @GNUTLS_GOST_PARAMSET_TC26_Z: Specified by TC26, see rfc7836
+ * @GNUTLS_GOST_PARAMSET_CP_A: CryptoPro-A, see rfc4357
+ * @GNUTLS_GOST_PARAMSET_CP_B: CryptoPro-B, see rfc4357
+ * @GNUTLS_GOST_PARAMSET_CP_C: CryptoPro-C, see rfc4357
+ * @GNUTLS_GOST_PARAMSET_CP_D: CryptoPro-D, see rfc4357
+ *
+ * Enumeration of different GOST 28147 parameter sets.
+ */
+typedef enum {
+	GNUTLS_GOST_PARAMSET_UNKNOWN = 0,
+	GNUTLS_GOST_PARAMSET_TC26_Z,
+	GNUTLS_GOST_PARAMSET_CP_A,
+	GNUTLS_GOST_PARAMSET_CP_B,
+	GNUTLS_GOST_PARAMSET_CP_C,
+	GNUTLS_GOST_PARAMSET_CP_D
+} gnutls_gost_paramset_t;
+
+/**
+ * gnutls_ctype_target_t:
+ * @GNUTLS_CTYPE_CLIENT: for requesting client certificate type values.
+ * @GNUTLS_CTYPE_SERVER: for requesting server certificate type values.
+ * @GNUTLS_CTYPE_OURS: for requesting our certificate type values.
+ * @GNUTLS_CTYPE_PEERS: for requesting the peers' certificate type values.
+ *
+ * Enumeration of certificate type targets with respect to asymmetric
+ * certificate types as specified in RFC7250 and P2P connection set up
+ * as specified in draft-vanrein-tls-symmetry-02.
+ */
+typedef enum {
+	GNUTLS_CTYPE_CLIENT,
+	GNUTLS_CTYPE_SERVER,
+	GNUTLS_CTYPE_OURS,
+	GNUTLS_CTYPE_PEERS
+} gnutls_ctype_target_t;
+
+/* If you want to change this, then also change the define in
+ * gnutls_int.h, and recompile.
+ */
+typedef void *gnutls_transport_ptr_t;
+
+struct gnutls_session_int;
+typedef struct gnutls_session_int *gnutls_session_t;
+
+struct gnutls_dh_params_int;
+typedef struct gnutls_dh_params_int *gnutls_dh_params_t;
+
+  /* XXX ugly. */
+struct gnutls_x509_privkey_int;
+typedef struct gnutls_x509_privkey_int *gnutls_rsa_params_t;
+
+struct gnutls_priority_st;
+typedef struct gnutls_priority_st *gnutls_priority_t;
+
+typedef struct {
+	unsigned char *data;
+	unsigned int size;
+} gnutls_datum_t;
+
+typedef struct gnutls_library_config_st {
+	const char *name;
+	const char *value;
+} gnutls_library_config_st;
+
+
+typedef struct gnutls_params_st {
+	gnutls_params_type_t type;
+	union params {
+		gnutls_dh_params_t dh;
+		gnutls_rsa_params_t rsa_export;
+	} params;
+	int deinit;
+} gnutls_params_st;
+
+typedef int gnutls_params_function(gnutls_session_t, gnutls_params_type_t,
+				   gnutls_params_st *);
+
+/* internal functions */
+
+int gnutls_init(gnutls_session_t * session, unsigned int flags);
+void gnutls_deinit(gnutls_session_t session);
+#define _gnutls_deinit(x) gnutls_deinit(x)
+
+int gnutls_bye(gnutls_session_t session, gnutls_close_request_t how);
+
+int gnutls_handshake(gnutls_session_t session);
+
+int gnutls_reauth(gnutls_session_t session, unsigned int flags);
+
+#define GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT ((unsigned int)-1)
+#define GNUTLS_INDEFINITE_TIMEOUT ((unsigned int)-2)
+void gnutls_handshake_set_timeout(gnutls_session_t session,
+				  unsigned int ms);
+int gnutls_rehandshake(gnutls_session_t session);
+
+#define GNUTLS_KU_PEER 1
+int gnutls_session_key_update(gnutls_session_t session, unsigned flags);
+
+gnutls_alert_description_t gnutls_alert_get(gnutls_session_t session);
+int gnutls_alert_send(gnutls_session_t session,
+		      gnutls_alert_level_t level,
+		      gnutls_alert_description_t desc);
+int gnutls_alert_send_appropriate(gnutls_session_t session, int err);
+const char *gnutls_alert_get_name(gnutls_alert_description_t alert);
+const char *gnutls_alert_get_strname(gnutls_alert_description_t alert);
+
+gnutls_sec_param_t gnutls_pk_bits_to_sec_param(gnutls_pk_algorithm_t algo,
+					       unsigned int bits);
+const char *gnutls_sec_param_get_name(gnutls_sec_param_t param);
+unsigned int gnutls_sec_param_to_pk_bits(gnutls_pk_algorithm_t algo,
+					 gnutls_sec_param_t param);
+unsigned int
+	gnutls_sec_param_to_symmetric_bits(gnutls_sec_param_t param) __GNUTLS_CONST__;
+
+/* Elliptic curves */
+const char *
+	gnutls_ecc_curve_get_name(gnutls_ecc_curve_t curve) __GNUTLS_CONST__;
+const char *
+	gnutls_ecc_curve_get_oid(gnutls_ecc_curve_t curve) __GNUTLS_CONST__;
+
+const char *
+	gnutls_group_get_name(gnutls_group_t group) __GNUTLS_CONST__;
+
+int
+	gnutls_ecc_curve_get_size(gnutls_ecc_curve_t curve) __GNUTLS_CONST__;
+gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session);
+
+gnutls_group_t gnutls_group_get(gnutls_session_t session);
+
+/* get information on the current session */
+gnutls_cipher_algorithm_t gnutls_cipher_get(gnutls_session_t session);
+gnutls_cipher_algorithm_t gnutls_early_cipher_get(gnutls_session_t session);
+gnutls_kx_algorithm_t gnutls_kx_get(gnutls_session_t session);
+gnutls_mac_algorithm_t gnutls_mac_get(gnutls_session_t session);
+gnutls_digest_algorithm_t gnutls_prf_hash_get(const gnutls_session_t session);
+gnutls_digest_algorithm_t
+gnutls_early_prf_hash_get(const gnutls_session_t session);
+gnutls_certificate_type_t
+gnutls_certificate_type_get(gnutls_session_t session);
+gnutls_certificate_type_t
+gnutls_certificate_type_get2(gnutls_session_t session,
+			     gnutls_ctype_target_t target);
+
+int gnutls_sign_algorithm_get(gnutls_session_t session);
+int gnutls_sign_algorithm_get_client(gnutls_session_t session);
+
+int gnutls_sign_algorithm_get_requested(gnutls_session_t session,
+					size_t indx,
+					gnutls_sign_algorithm_t * algo);
+
+/* the name of the specified algorithms */
+const char *
+	gnutls_cipher_get_name(gnutls_cipher_algorithm_t algorithm) __GNUTLS_CONST__;
+const char *
+	gnutls_mac_get_name(gnutls_mac_algorithm_t algorithm) __GNUTLS_CONST__;
+
+const char *
+	gnutls_digest_get_name(gnutls_digest_algorithm_t algorithm) __GNUTLS_CONST__;
+const char *
+	gnutls_digest_get_oid(gnutls_digest_algorithm_t algorithm) __GNUTLS_CONST__;
+
+const char *
+	gnutls_kx_get_name(gnutls_kx_algorithm_t algorithm) __GNUTLS_CONST__;
+const char *
+	gnutls_certificate_type_get_name(gnutls_certificate_type_t
+					     type) __GNUTLS_CONST__;
+const char *
+	gnutls_pk_get_name(gnutls_pk_algorithm_t algorithm) __GNUTLS_CONST__;
+const char *
+	gnutls_pk_get_oid(gnutls_pk_algorithm_t algorithm) __GNUTLS_CONST__;
+
+const char *
+	gnutls_sign_get_name(gnutls_sign_algorithm_t algorithm) __GNUTLS_CONST__;
+
+const char *gnutls_sign_get_oid(gnutls_sign_algorithm_t sign) __GNUTLS_CONST__;
+
+const char *
+	gnutls_gost_paramset_get_name(gnutls_gost_paramset_t param) __GNUTLS_CONST__;
+const char *
+	gnutls_gost_paramset_get_oid(gnutls_gost_paramset_t param) __GNUTLS_CONST__;
+
+size_t
+	gnutls_cipher_get_key_size(gnutls_cipher_algorithm_t algorithm) __GNUTLS_CONST__;
+size_t
+	gnutls_mac_get_key_size(gnutls_mac_algorithm_t algorithm) __GNUTLS_CONST__;
+
+unsigned gnutls_sign_is_secure(gnutls_sign_algorithm_t algorithm) __GNUTLS_CONST__;
+
+/* It is possible that a signature algorithm is ok to use for short-lived
+ * data (e.g., to sign a TLS session), but not for data that are long-lived
+ * like certificates. This flag is about checking the security of the algorithm
+ * for long-lived data. */
+#define GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS 1
+unsigned gnutls_sign_is_secure2(gnutls_sign_algorithm_t algorithm, unsigned int flags) __GNUTLS_CONST__;
+
+gnutls_digest_algorithm_t
+	gnutls_sign_get_hash_algorithm(gnutls_sign_algorithm_t sign) __GNUTLS_CONST__;
+gnutls_pk_algorithm_t
+	gnutls_sign_get_pk_algorithm(gnutls_sign_algorithm_t sign) __GNUTLS_CONST__;
+gnutls_sign_algorithm_t
+	gnutls_pk_to_sign(gnutls_pk_algorithm_t pk,
+		  gnutls_digest_algorithm_t hash) __GNUTLS_CONST__;
+
+unsigned
+gnutls_sign_supports_pk_algorithm(gnutls_sign_algorithm_t sign, gnutls_pk_algorithm_t pk) __GNUTLS_CONST__;
+
+#define gnutls_sign_algorithm_get_name gnutls_sign_get_name
+
+gnutls_mac_algorithm_t gnutls_mac_get_id(const char *name) __GNUTLS_CONST__;
+gnutls_digest_algorithm_t gnutls_digest_get_id(const char *name) __GNUTLS_CONST__;
+
+gnutls_cipher_algorithm_t
+	gnutls_cipher_get_id(const char *name) __GNUTLS_CONST__;
+
+gnutls_kx_algorithm_t
+	gnutls_kx_get_id(const char *name) __GNUTLS_CONST__;
+gnutls_protocol_t
+	gnutls_protocol_get_id(const char *name) __GNUTLS_CONST__;
+gnutls_certificate_type_t
+	gnutls_certificate_type_get_id(const char *name) __GNUTLS_CONST__;
+gnutls_pk_algorithm_t
+	gnutls_pk_get_id(const char *name) __GNUTLS_CONST__;
+gnutls_sign_algorithm_t
+	gnutls_sign_get_id(const char *name) __GNUTLS_CONST__;
+gnutls_ecc_curve_t gnutls_ecc_curve_get_id(const char *name)  __GNUTLS_CONST__;
+gnutls_pk_algorithm_t gnutls_ecc_curve_get_pk(gnutls_ecc_curve_t curve) __GNUTLS_CONST__;
+gnutls_group_t gnutls_group_get_id(const char *name);
+
+gnutls_digest_algorithm_t
+	gnutls_oid_to_digest(const char *oid)  __GNUTLS_CONST__;
+gnutls_mac_algorithm_t
+	gnutls_oid_to_mac(const char *oid)  __GNUTLS_CONST__;
+gnutls_pk_algorithm_t
+	gnutls_oid_to_pk(const char *oid) __GNUTLS_CONST__;
+gnutls_sign_algorithm_t
+	gnutls_oid_to_sign(const char *oid) __GNUTLS_CONST__;
+gnutls_ecc_curve_t
+	gnutls_oid_to_ecc_curve(const char *oid) __GNUTLS_CONST__;
+gnutls_gost_paramset_t
+	gnutls_oid_to_gost_paramset(const char *oid) __GNUTLS_CONST__;
+
+  /* list supported algorithms */
+const gnutls_ecc_curve_t *
+	gnutls_ecc_curve_list(void)  __GNUTLS_PURE__;
+const gnutls_group_t *
+	gnutls_group_list(void)  __GNUTLS_PURE__;
+const gnutls_cipher_algorithm_t *
+	gnutls_cipher_list(void) __GNUTLS_PURE__;
+const gnutls_mac_algorithm_t *
+	gnutls_mac_list(void) __GNUTLS_PURE__;
+const gnutls_digest_algorithm_t *
+	gnutls_digest_list(void) __GNUTLS_PURE__;
+const gnutls_protocol_t *
+	gnutls_protocol_list(void) __GNUTLS_PURE__;
+const gnutls_certificate_type_t *
+	gnutls_certificate_type_list(void) __GNUTLS_PURE__;
+const gnutls_kx_algorithm_t *
+	gnutls_kx_list(void) __GNUTLS_PURE__;
+const gnutls_pk_algorithm_t *
+	gnutls_pk_list(void) __GNUTLS_PURE__;
+const gnutls_sign_algorithm_t *
+	gnutls_sign_list(void) __GNUTLS_PURE__;
+const char *
+	gnutls_cipher_suite_info(size_t idx,
+			         unsigned char *cs_id,
+				 gnutls_kx_algorithm_t * kx,
+				 gnutls_cipher_algorithm_t * cipher,
+				 gnutls_mac_algorithm_t * mac,
+				 gnutls_protocol_t * min_version);
+
+  /* functions for run-time enablement of algorithms */
+int gnutls_ecc_curve_set_enabled(gnutls_ecc_curve_t curve,
+				 unsigned int enabled);
+int gnutls_sign_set_secure(gnutls_sign_algorithm_t sign, unsigned int secure);
+int gnutls_sign_set_secure_for_certs(gnutls_sign_algorithm_t sign,
+				     unsigned int secure);
+int gnutls_digest_set_secure(gnutls_digest_algorithm_t dig,
+			     unsigned int secure);
+int gnutls_protocol_set_enabled(gnutls_protocol_t version,
+				unsigned int enabled);
+
+  /* error functions */
+int gnutls_error_is_fatal(int error) __GNUTLS_CONST__;
+int gnutls_error_to_alert(int err, int *level);
+
+void gnutls_perror(int error);
+const char * gnutls_strerror(int error) __GNUTLS_CONST__;
+const char * gnutls_strerror_name(int error) __GNUTLS_CONST__;
+
+/* Semi-internal functions.
+ */
+void gnutls_handshake_set_private_extensions(gnutls_session_t session,
+					     int allow);
+int gnutls_handshake_set_random(gnutls_session_t session,
+				const gnutls_datum_t * random);
+
+gnutls_handshake_description_t
+gnutls_handshake_get_last_out(gnutls_session_t session);
+gnutls_handshake_description_t
+gnutls_handshake_get_last_in(gnutls_session_t session);
+
+/* Record layer functions.
+ */
+#define GNUTLS_HEARTBEAT_WAIT 1
+int gnutls_heartbeat_ping(gnutls_session_t session, size_t data_size,
+			  unsigned int max_tries, unsigned int flags);
+int gnutls_heartbeat_pong(gnutls_session_t session, unsigned int flags);
+
+void gnutls_record_set_timeout(gnutls_session_t session, unsigned int ms);
+void gnutls_record_disable_padding(gnutls_session_t session);
+
+void gnutls_record_cork(gnutls_session_t session);
+#define GNUTLS_RECORD_WAIT 1
+int gnutls_record_uncork(gnutls_session_t session, unsigned int flags);
+size_t gnutls_record_discard_queued(gnutls_session_t session);
+
+int
+gnutls_record_get_state(gnutls_session_t session,
+			unsigned read,
+			gnutls_datum_t *mac_key,
+			gnutls_datum_t *IV,
+			gnutls_datum_t *cipher_key,
+			unsigned char seq_number[8]);
+
+int
+gnutls_record_set_state(gnutls_session_t session,
+			unsigned read,
+			const unsigned char seq_number[8]);
+
+typedef struct {
+	size_t low;
+	size_t high;
+} gnutls_range_st;
+
+int gnutls_range_split(gnutls_session_t session,
+		       const gnutls_range_st * orig,
+		       gnutls_range_st * small_range,
+		       gnutls_range_st * rem_range);
+
+ssize_t gnutls_record_send(gnutls_session_t session, const void *data,
+			   size_t data_size);
+ssize_t gnutls_record_send2(gnutls_session_t session, const void *data,
+			    size_t data_size, size_t pad, unsigned flags);
+ssize_t gnutls_record_send_range(gnutls_session_t session,
+				 const void *data, size_t data_size,
+				 const gnutls_range_st * range);
+ssize_t gnutls_record_send_file(gnutls_session_t session, int fd,
+		off_t *offset, size_t count);
+ssize_t gnutls_record_recv(gnutls_session_t session, void *data,
+			   size_t data_size);
+
+typedef struct mbuffer_st *gnutls_packet_t;
+
+ssize_t
+gnutls_record_recv_packet(gnutls_session_t session,
+			  gnutls_packet_t *packet);
+
+void gnutls_packet_get(gnutls_packet_t packet, gnutls_datum_t *data, unsigned char *sequence);
+void gnutls_packet_deinit(gnutls_packet_t packet);
+
+#define gnutls_read gnutls_record_recv
+#define gnutls_write gnutls_record_send
+ssize_t gnutls_record_recv_seq(gnutls_session_t session, void *data,
+			       size_t data_size, unsigned char *seq);
+
+size_t gnutls_record_overhead_size(gnutls_session_t session);
+
+size_t
+	gnutls_est_record_overhead_size(gnutls_protocol_t version,
+				        gnutls_cipher_algorithm_t cipher,
+				        gnutls_mac_algorithm_t mac,
+				        gnutls_compression_method_t comp,
+				        unsigned int flags) __GNUTLS_CONST__;
+
+void gnutls_session_enable_compatibility_mode(gnutls_session_t session);
+#define gnutls_record_set_max_empty_records(session, x)
+
+unsigned gnutls_record_can_use_length_hiding(gnutls_session_t session);
+
+int gnutls_record_get_direction(gnutls_session_t session);
+
+size_t gnutls_record_get_max_size(gnutls_session_t session);
+ssize_t gnutls_record_set_max_size(gnutls_session_t session, size_t size);
+ssize_t gnutls_record_set_max_recv_size(gnutls_session_t session, size_t size);
+
+size_t gnutls_record_check_pending(gnutls_session_t session);
+size_t gnutls_record_check_corked(gnutls_session_t session);
+
+size_t gnutls_record_get_max_early_data_size(gnutls_session_t session);
+int gnutls_record_set_max_early_data_size(gnutls_session_t session, size_t size);
+ssize_t gnutls_record_send_early_data(gnutls_session_t session,
+				      const void *data,
+				      size_t length);
+ssize_t gnutls_record_recv_early_data(gnutls_session_t session,
+				      void *data,
+				      size_t data_size);
+
+void gnutls_session_force_valid(gnutls_session_t session);
+
+int gnutls_prf(gnutls_session_t session,
+	       size_t label_size, const char *label,
+	       int server_random_first,
+	       size_t extra_size, const char *extra,
+	       size_t outsize, char *out);
+int gnutls_prf_rfc5705(gnutls_session_t session,
+	       size_t label_size, const char *label,
+	       size_t context_size, const char *context,
+	       size_t outsize, char *out);
+int gnutls_prf_early(gnutls_session_t session,
+		     size_t label_size, const char *label,
+		     size_t context_size, const char *context,
+		     size_t outsize, char *out);
+
+int gnutls_prf_raw(gnutls_session_t session,
+		   size_t label_size, const char *label,
+		   size_t seed_size, const char *seed,
+		   size_t outsize, char *out);
+
+/**
+ * gnutls_server_name_type_t:
+ * @GNUTLS_NAME_DNS: Domain Name System name type.
+ *
+ * Enumeration of different server name types.
+ */
+typedef enum {
+	GNUTLS_NAME_DNS = 1
+} gnutls_server_name_type_t;
+
+int gnutls_server_name_set(gnutls_session_t session,
+			   gnutls_server_name_type_t type,
+			   const void *name, size_t name_length);
+
+int gnutls_server_name_get(gnutls_session_t session,
+			   void *data, size_t * data_length,
+			   unsigned int *type, unsigned int indx);
+
+unsigned int gnutls_heartbeat_get_timeout(gnutls_session_t session);
+void gnutls_heartbeat_set_timeouts(gnutls_session_t session,
+				   unsigned int retrans_timeout,
+				   unsigned int total_timeout);
+
+#define GNUTLS_HB_PEER_ALLOWED_TO_SEND (1)
+#define GNUTLS_HB_PEER_NOT_ALLOWED_TO_SEND (1<<1)
+
+  /* Heartbeat */
+void gnutls_heartbeat_enable(gnutls_session_t session, unsigned int type);
+
+#define GNUTLS_HB_LOCAL_ALLOWED_TO_SEND (1<<2)
+unsigned gnutls_heartbeat_allowed(gnutls_session_t session, unsigned int type);
+
+  /* Safe renegotiation */
+unsigned gnutls_safe_renegotiation_status(gnutls_session_t session);
+unsigned gnutls_session_ext_master_secret_status(gnutls_session_t session);
+unsigned gnutls_session_etm_status(gnutls_session_t session);
+
+/**
+ * gnutls_session_flags_t:
+ * @GNUTLS_SFLAGS_SAFE_RENEGOTIATION: Safe renegotiation (RFC5746) was used
+ * @GNUTLS_SFLAGS_EXT_MASTER_SECRET: The extended master secret (RFC7627) extension was used
+ * @GNUTLS_SFLAGS_ETM: The encrypt then MAC (RFC7366) extension was used
+ * @GNUTLS_SFLAGS_RFC7919: The RFC7919 Diffie-Hellman parameters were negotiated
+ * @GNUTLS_SFLAGS_HB_LOCAL_SEND: The heartbeat negotiation allows the local side to send heartbeat messages
+ * @GNUTLS_SFLAGS_HB_PEER_SEND: The heartbeat negotiation allows the peer to send heartbeat messages
+ * @GNUTLS_SFLAGS_FALSE_START: False start was used in this client session.
+ * @GNUTLS_SFLAGS_SESSION_TICKET: A session ticket has been received by the server.
+ * @GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH: Indicates client capability for post-handshake auth; set only on server side.
+ * @GNUTLS_SFLAGS_EARLY_START: The TLS1.3 server session returned early.
+ * @GNUTLS_SFLAGS_EARLY_DATA: The TLS1.3 early data has been received by the server.
+ * @GNUTLS_SFLAGS_CLI_REQUESTED_OCSP: Set when the client has requested OCSP staple during handshake.
+ * @GNUTLS_SFLAGS_SERV_REQUESTED_OCSP: Set when the server has requested OCSP staple during handshake.
+ *
+ * Enumeration of different session parameters.
+ */
+typedef enum {
+	GNUTLS_SFLAGS_SAFE_RENEGOTIATION = 1,
+	GNUTLS_SFLAGS_EXT_MASTER_SECRET = 1<<1,
+	GNUTLS_SFLAGS_ETM = 1<<2,
+	GNUTLS_SFLAGS_HB_LOCAL_SEND = 1<<3,
+	GNUTLS_SFLAGS_HB_PEER_SEND = 1<<4,
+	GNUTLS_SFLAGS_FALSE_START = 1<<5,
+	GNUTLS_SFLAGS_RFC7919 = 1<<6,
+	GNUTLS_SFLAGS_SESSION_TICKET = 1<<7,
+	GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH = 1<<8,
+	GNUTLS_SFLAGS_EARLY_START = 1<<9,
+	GNUTLS_SFLAGS_EARLY_DATA = 1<<10,
+	GNUTLS_SFLAGS_CLI_REQUESTED_OCSP = 1<<11,
+	GNUTLS_SFLAGS_SERV_REQUESTED_OCSP = 1<<12
+} gnutls_session_flags_t;
+
+unsigned gnutls_session_get_flags(gnutls_session_t session);
+
+/**
+ * gnutls_supplemental_data_format_type_t:
+ * @GNUTLS_SUPPLEMENTAL_UNKNOWN: Unknown data format
+ *
+ * Enumeration of different supplemental data types (RFC 4680).
+ */
+typedef enum {
+	GNUTLS_SUPPLEMENTAL_UNKNOWN = 0,
+} gnutls_supplemental_data_format_type_t;
+
+const char
+*gnutls_supplemental_get_name(gnutls_supplemental_data_format_type_t type);
+
+  /* SessionTicket, RFC 5077. */
+int gnutls_session_ticket_key_generate(gnutls_datum_t * key);
+int gnutls_session_ticket_enable_client(gnutls_session_t session);
+int gnutls_session_ticket_enable_server(gnutls_session_t session,
+					const gnutls_datum_t * key);
+
+int gnutls_session_ticket_send(gnutls_session_t session, unsigned nr, unsigned flags);
+
+  /* SRTP, RFC 5764 */
+
+/**
+ * gnutls_srtp_profile_t:
+ * @GNUTLS_SRTP_AES128_CM_HMAC_SHA1_80: 128 bit AES with a 80 bit HMAC-SHA1
+ * @GNUTLS_SRTP_AES128_CM_HMAC_SHA1_32: 128 bit AES with a 32 bit HMAC-SHA1
+ * @GNUTLS_SRTP_NULL_HMAC_SHA1_80: NULL cipher with a 80 bit HMAC-SHA1
+ * @GNUTLS_SRTP_NULL_HMAC_SHA1_32: NULL cipher with a 32 bit HMAC-SHA1
+ *
+ * Enumeration of different SRTP protection profiles.
+ */
+typedef enum {
+	GNUTLS_SRTP_AES128_CM_HMAC_SHA1_80 = 0x0001,
+	GNUTLS_SRTP_AES128_CM_HMAC_SHA1_32 = 0x0002,
+	GNUTLS_SRTP_NULL_HMAC_SHA1_80 = 0x0005,
+	GNUTLS_SRTP_NULL_HMAC_SHA1_32 = 0x0006
+} gnutls_srtp_profile_t;
+
+int gnutls_srtp_set_profile(gnutls_session_t session,
+			    gnutls_srtp_profile_t profile);
+int gnutls_srtp_set_profile_direct(gnutls_session_t session,
+				   const char *profiles,
+				   const char **err_pos);
+int gnutls_srtp_get_selected_profile(gnutls_session_t session,
+				     gnutls_srtp_profile_t * profile);
+
+const char *gnutls_srtp_get_profile_name(gnutls_srtp_profile_t profile);
+int gnutls_srtp_get_profile_id(const char *name,
+			       gnutls_srtp_profile_t * profile);
+int gnutls_srtp_get_keys(gnutls_session_t session,
+			 void *key_material,
+			 unsigned int key_material_size,
+			 gnutls_datum_t * client_key,
+			 gnutls_datum_t * client_salt,
+			 gnutls_datum_t * server_key,
+			 gnutls_datum_t * server_salt);
+
+int gnutls_srtp_set_mki(gnutls_session_t session,
+			const gnutls_datum_t * mki);
+int gnutls_srtp_get_mki(gnutls_session_t session, gnutls_datum_t * mki);
+
+/* COMPRESS_CERTIFICATE extension, RFC8879 */
+gnutls_compression_method_t
+gnutls_compress_certificate_get_selected_method(gnutls_session_t session);
+int gnutls_compress_certificate_set_methods(gnutls_session_t session,
+					    const gnutls_compression_method_t * methods,
+					    size_t methods_len);
+
+/* ALPN TLS extension */
+
+/**
+ * gnutls_alpn_flags_t:
+ * @GNUTLS_ALPN_MANDATORY: Require ALPN negotiation. The connection will be
+ *   aborted if no matching ALPN protocol is found.
+ * @GNUTLS_ALPN_SERVER_PRECEDENCE: The choices set by the server
+ *   will take precedence over the client's.
+ *
+ * Enumeration of different ALPN flags. These are used by gnutls_alpn_set_protocols().
+ */
+typedef enum {
+	GNUTLS_ALPN_MANDATORY = 1,
+	GNUTLS_ALPN_SERVER_PRECEDENCE = (1<<1)
+} gnutls_alpn_flags_t;
+
+#define GNUTLS_ALPN_MAND GNUTLS_ALPN_MANDATORY
+int gnutls_alpn_get_selected_protocol(gnutls_session_t session,
+				      gnutls_datum_t * protocol);
+int gnutls_alpn_set_protocols(gnutls_session_t session,
+			      const gnutls_datum_t * protocols,
+			      unsigned protocols_size, unsigned flags);
+
+int gnutls_key_generate(gnutls_datum_t * key, unsigned int key_size);
+
+
+#define GNUTLS_PRIORITY_INIT_DEF_APPEND 1
+int gnutls_priority_init(gnutls_priority_t * priority_cache,
+			 const char *priorities, const char **err_pos);
+int gnutls_priority_init2(gnutls_priority_t * priority_cache,
+			  const char *priorities, const char **err_pos,
+			  unsigned flags);
+void gnutls_priority_deinit(gnutls_priority_t priority_cache);
+int gnutls_priority_get_cipher_suite_index(gnutls_priority_t pcache,
+					   unsigned int idx,
+					   unsigned int *sidx);
+
+#define GNUTLS_PRIORITY_LIST_INIT_KEYWORDS 1
+#define GNUTLS_PRIORITY_LIST_SPECIAL 2
+const char *
+gnutls_priority_string_list(unsigned iter, unsigned int flags);
+
+int gnutls_priority_set(gnutls_session_t session,
+			gnutls_priority_t priority);
+
+int gnutls_priority_set_direct(gnutls_session_t session,
+			       const char *priorities,
+			       const char **err_pos);
+
+int gnutls_priority_certificate_type_list(gnutls_priority_t pcache,
+					  const unsigned int **list);
+int gnutls_priority_certificate_type_list2(gnutls_priority_t pcache,
+					  const unsigned int **list,
+					  gnutls_ctype_target_t target);
+int gnutls_priority_sign_list(gnutls_priority_t pcache,
+			      const unsigned int **list);
+int gnutls_priority_protocol_list(gnutls_priority_t pcache,
+				  const unsigned int **list);
+int gnutls_priority_ecc_curve_list(gnutls_priority_t pcache,
+				   const unsigned int **list);
+int
+gnutls_priority_group_list(gnutls_priority_t pcache,
+			   const unsigned int **list);
+
+int gnutls_priority_kx_list(gnutls_priority_t pcache,
+			    const unsigned int **list);
+int gnutls_priority_cipher_list(gnutls_priority_t pcache,
+				const unsigned int **list);
+int gnutls_priority_mac_list(gnutls_priority_t pcache,
+			     const unsigned int **list);
+
+const char *gnutls_get_system_config_file(void);
+
+int gnutls_set_default_priority(gnutls_session_t session);
+int gnutls_set_default_priority_append(gnutls_session_t session,
+				       const char *add_prio,
+				       const char **err_pos,
+				       unsigned flags);
+
+/* Returns the name of a cipher suite */
+const char *
+	gnutls_cipher_suite_get_name(gnutls_kx_algorithm_t kx_algorithm,
+				     gnutls_cipher_algorithm_t cipher_algorithm,
+				     gnutls_mac_algorithm_t mac_algorithm) __GNUTLS_CONST__;
+
+const char *
+gnutls_ciphersuite_get(gnutls_session_t session) __GNUTLS_CONST__;
+
+/* get the currently used protocol version */
+gnutls_protocol_t gnutls_protocol_get_version(gnutls_session_t session);
+
+const char *
+	gnutls_protocol_get_name(gnutls_protocol_t version) __GNUTLS_CONST__;
+
+
+/* get/set session
+ */
+int gnutls_session_set_data(gnutls_session_t session,
+			    const void *session_data,
+			    size_t session_data_size);
+int gnutls_session_get_data(gnutls_session_t session, void *session_data,
+			    size_t * session_data_size);
+int gnutls_session_get_data2(gnutls_session_t session,
+			     gnutls_datum_t * data);
+void gnutls_session_get_random(gnutls_session_t session,
+			       gnutls_datum_t * client,
+			       gnutls_datum_t * server);
+
+void gnutls_session_get_master_secret(gnutls_session_t session,
+			              gnutls_datum_t * secret);
+
+char *gnutls_session_get_desc(gnutls_session_t session);
+
+typedef int gnutls_certificate_verify_function(gnutls_session_t);
+void gnutls_session_set_verify_function(gnutls_session_t session, gnutls_certificate_verify_function * func);
+
+/**
+ * gnutls_vdata_types_t:
+ * @GNUTLS_DT_UNKNOWN: Unknown data type.
+ * @GNUTLS_DT_DNS_HOSTNAME: The data contain a null-terminated DNS hostname; the hostname will be 
+ *   matched using the RFC6125 rules. If the data contain a textual IP (v4 or v6) address it will
+ *   be marched against the IPAddress Alternative name, unless the verification flag %GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES
+ *   is specified.
+ * @GNUTLS_DT_IP_ADDRESS: The data contain a raw IP address (4 or 16 bytes). If will be matched
+ *   against the IPAddress Alternative name; option available since 3.6.0.
+ * @GNUTLS_DT_RFC822NAME: The data contain a null-terminated email address; the email will be
+ *   matched against the RFC822Name Alternative name of the certificate, or the EMAIL DN component if the
+ *   former isn't available. Prior to matching the email address will be converted to ACE
+ *   (ASCII-compatible-encoding).
+ * @GNUTLS_DT_KEY_PURPOSE_OID: The data contain a null-terminated key purpose OID. It will be matched
+ *   against the certificate's Extended Key Usage extension.
+ *
+ * Enumeration of different typed-data options. They are used as input to certificate
+ * verification functions to provide information about the name and purpose of the
+ * certificate. Only a single option of a type can be provided to the relevant functions
+ * (i.e., options %GNUTLS_DT_DNS_HOSTNAME, %GNUTLS_DT_IP_ADDRESS and
+ * %GNUTLS_DT_RFC822NAME cannot be combined).
+ */
+typedef enum {
+	GNUTLS_DT_UNKNOWN = 0,
+	GNUTLS_DT_DNS_HOSTNAME = 1,
+	GNUTLS_DT_KEY_PURPOSE_OID = 2,
+	GNUTLS_DT_RFC822NAME = 3,
+	GNUTLS_DT_IP_ADDRESS = 4
+} gnutls_vdata_types_t;
+
+typedef struct {
+	gnutls_vdata_types_t type;
+	unsigned char *data;
+	unsigned int size;
+} gnutls_typed_vdata_st;
+
+void gnutls_session_set_verify_cert(gnutls_session_t session,
+			       const char *hostname, unsigned flags);
+
+void
+gnutls_session_set_verify_cert2(gnutls_session_t session,
+				gnutls_typed_vdata_st * data,
+				unsigned elements, unsigned flags);
+
+unsigned int gnutls_session_get_verify_cert_status(gnutls_session_t);
+
+int gnutls_session_set_premaster(gnutls_session_t session,
+				 unsigned int entity,
+				 gnutls_protocol_t version,
+				 gnutls_kx_algorithm_t kx,
+				 gnutls_cipher_algorithm_t cipher,
+				 gnutls_mac_algorithm_t mac,
+				 gnutls_compression_method_t comp,
+				 const gnutls_datum_t * master,
+				 const gnutls_datum_t * session_id);
+
+/* returns the session ID */
+#define GNUTLS_MAX_SESSION_ID 32
+int gnutls_session_get_id(gnutls_session_t session, void *session_id,
+			  size_t * session_id_size);
+int gnutls_session_get_id2(gnutls_session_t session,
+			   gnutls_datum_t * session_id);
+
+int gnutls_session_set_id(gnutls_session_t session,
+			  const gnutls_datum_t * sid);
+
+int gnutls_session_channel_binding(gnutls_session_t session,
+				   gnutls_channel_binding_t cbtype,
+				   gnutls_datum_t * cb);
+
+/* checks if this session is a resumed one
+ */
+int gnutls_session_is_resumed(gnutls_session_t session);
+int gnutls_session_resumption_requested(gnutls_session_t session);
+
+typedef int (*gnutls_db_store_func) (void *, gnutls_datum_t key,
+				     gnutls_datum_t data);
+typedef int (*gnutls_db_remove_func) (void *, gnutls_datum_t key);
+typedef gnutls_datum_t(*gnutls_db_retr_func) (void *, gnutls_datum_t key);
+
+void gnutls_db_set_cache_expiration(gnutls_session_t session, int seconds);
+unsigned gnutls_db_get_default_cache_expiration(void);
+
+void gnutls_db_remove_session(gnutls_session_t session);
+void gnutls_db_set_retrieve_function(gnutls_session_t session,
+				     gnutls_db_retr_func retr_func);
+void gnutls_db_set_remove_function(gnutls_session_t session,
+				   gnutls_db_remove_func rem_func);
+void gnutls_db_set_store_function(gnutls_session_t session,
+				  gnutls_db_store_func store_func);
+void gnutls_db_set_ptr(gnutls_session_t session, void *ptr);
+void *gnutls_db_get_ptr(gnutls_session_t session);
+int gnutls_db_check_entry(gnutls_session_t session,
+			  gnutls_datum_t session_entry);
+time_t gnutls_db_check_entry_time(gnutls_datum_t * entry);
+time_t gnutls_db_check_entry_expire_time(gnutls_datum_t * entry);
+
+  /**
+   * gnutls_handshake_hook_func:
+   * @session: the current session
+   * @htype: the type of the handshake message (%gnutls_handshake_description_t)
+   * @when: non zero if this is a post-process/generation call and zero otherwise
+   * @incoming: non zero if this is an incoming message and zero if this is an outgoing message
+   * @msg: the (const) data of the handshake message without the handshake headers.
+   *
+   * Function prototype for handshake hooks. It is set using
+   * gnutls_handshake_set_hook_function().
+   *
+   * Returns: Non zero on error.
+   */
+#define GNUTLS_HOOK_POST (1)
+#define GNUTLS_HOOK_PRE (0)
+#define GNUTLS_HOOK_BOTH (-1)
+
+typedef int (*gnutls_handshake_hook_func) (gnutls_session_t,
+					   unsigned int htype,
+					   unsigned when,
+					   unsigned int incoming,
+					   const gnutls_datum_t *msg);
+void gnutls_handshake_set_hook_function(gnutls_session_t session,
+					unsigned int htype, int when,
+					gnutls_handshake_hook_func func);
+
+#define gnutls_handshake_post_client_hello_func gnutls_handshake_simple_hook_func
+typedef int (*gnutls_handshake_simple_hook_func) (gnutls_session_t);
+void
+gnutls_handshake_set_post_client_hello_function(gnutls_session_t session,
+						gnutls_handshake_simple_hook_func func);
+
+void gnutls_handshake_set_max_packet_length(gnutls_session_t session,
+					    size_t max);
+
+/* returns libgnutls version (call it with a NULL argument)
+ */
+const char * gnutls_check_version(const char *req_version) __GNUTLS_CONST__;
+
+/* A macro which will allow optimizing out calls to gnutls_check_version()
+ * when the version being compiled with is sufficient.
+ * Used as:
+ *   if (gnutls_check_version_numerc(3,3,16)) {
+ */
+#define gnutls_check_version_numeric(a,b,c) \
+	((GNUTLS_VERSION_MAJOR >= (a)) &&  \
+	 ((GNUTLS_VERSION_NUMBER >= ( ((a) << 16) + ((b) << 8) + (c) )) || \
+	 gnutls_check_version(#a "." #b "." #c)))
+
+/* Functions for setting/clearing credentials
+ */
+void gnutls_credentials_clear(gnutls_session_t session);
+
+/* cred is a structure defined by the kx algorithm
+ */
+int gnutls_credentials_set(gnutls_session_t session,
+			   gnutls_credentials_type_t type, void *cred);
+int gnutls_credentials_get(gnutls_session_t session,
+			   gnutls_credentials_type_t type, void **cred);
+#define gnutls_cred_set	gnutls_credentials_set
+
+/* x.509 types */
+
+struct gnutls_pubkey_st;
+typedef struct gnutls_pubkey_st *gnutls_pubkey_t;
+
+struct gnutls_privkey_st;
+typedef struct gnutls_privkey_st *gnutls_privkey_t;
+
+struct gnutls_x509_privkey_int;
+typedef struct gnutls_x509_privkey_int *gnutls_x509_privkey_t;
+
+struct gnutls_x509_crl_int;
+typedef struct gnutls_x509_crl_int *gnutls_x509_crl_t;
+
+struct gnutls_x509_crt_int;
+typedef struct gnutls_x509_crt_int *gnutls_x509_crt_t;
+
+struct gnutls_x509_crq_int;
+typedef struct gnutls_x509_crq_int *gnutls_x509_crq_t;
+
+struct gnutls_openpgp_keyring_int;
+typedef struct gnutls_openpgp_keyring_int *gnutls_openpgp_keyring_t;
+
+
+/* Credential structures - used in gnutls_credentials_set(); */
+
+struct gnutls_certificate_credentials_st;
+typedef struct gnutls_certificate_credentials_st
+*gnutls_certificate_credentials_t;
+typedef gnutls_certificate_credentials_t
+    gnutls_certificate_server_credentials;
+typedef gnutls_certificate_credentials_t
+    gnutls_certificate_client_credentials;
+
+typedef struct gnutls_anon_server_credentials_st
+*gnutls_anon_server_credentials_t;
+typedef struct gnutls_anon_client_credentials_st
+*gnutls_anon_client_credentials_t;
+
+void gnutls_anon_free_server_credentials(gnutls_anon_server_credentials_t
+					 sc);
+int
+gnutls_anon_allocate_server_credentials(gnutls_anon_server_credentials_t
+					* sc);
+
+void gnutls_anon_set_server_dh_params(gnutls_anon_server_credentials_t res,
+				      gnutls_dh_params_t dh_params);
+
+int
+gnutls_anon_set_server_known_dh_params(gnutls_anon_server_credentials_t res,
+					gnutls_sec_param_t sec_param);
+
+void
+gnutls_anon_set_server_params_function(gnutls_anon_server_credentials_t
+				       res, gnutls_params_function * func);
+
+void
+gnutls_anon_free_client_credentials(gnutls_anon_client_credentials_t sc);
+int
+gnutls_anon_allocate_client_credentials(gnutls_anon_client_credentials_t
+					* sc);
+
+/* CERTFILE is an x509 certificate in PEM form.
+ * KEYFILE is a pkcs-1 private key in PEM form (for RSA keys).
+ */
+void
+gnutls_certificate_free_credentials(gnutls_certificate_credentials_t sc);
+int
+gnutls_certificate_allocate_credentials(gnutls_certificate_credentials_t
+					* res);
+
+int
+gnutls_certificate_get_issuer(gnutls_certificate_credentials_t sc,
+			      gnutls_x509_crt_t cert,
+			      gnutls_x509_crt_t * issuer,
+			      unsigned int flags);
+
+int gnutls_certificate_get_crt_raw(gnutls_certificate_credentials_t sc,
+				   unsigned idx1, unsigned idx2,
+				   gnutls_datum_t * cert);
+
+void gnutls_certificate_free_keys(gnutls_certificate_credentials_t sc);
+void gnutls_certificate_free_cas(gnutls_certificate_credentials_t sc);
+void gnutls_certificate_free_ca_names(gnutls_certificate_credentials_t sc);
+void gnutls_certificate_free_crls(gnutls_certificate_credentials_t sc);
+
+void gnutls_certificate_set_dh_params(gnutls_certificate_credentials_t res,
+				      gnutls_dh_params_t dh_params);
+
+int gnutls_certificate_set_known_dh_params(gnutls_certificate_credentials_t res,
+					   gnutls_sec_param_t sec_param);
+void gnutls_certificate_set_verify_flags(gnutls_certificate_credentials_t
+					 res, unsigned int flags);
+unsigned int
+gnutls_certificate_get_verify_flags(gnutls_certificate_credentials_t res);
+
+/**
+ * gnutls_certificate_flags:
+ * @GNUTLS_CERTIFICATE_SKIP_KEY_CERT_MATCH: Skip the key and certificate matching check.
+ * @GNUTLS_CERTIFICATE_API_V2: If set the gnutls_certificate_set_*key* functions will return an index of the added key pair instead of zero.
+ * @GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK: If set, the gnutls_certificate_set_ocsp_status_request_file
+ *    function, will not check whether the response set matches any of the certificates.
+ * @GNUTLS_CERTIFICATE_VERIFY_CRLS: This will enable CRL verification when added in the certificate structure.
+ *    When used, it requires CAs to be added before CRLs.
+ *
+ * Enumeration of different certificate credentials flags.
+ */
+typedef enum gnutls_certificate_flags {
+	GNUTLS_CERTIFICATE_SKIP_KEY_CERT_MATCH = 1,
+	GNUTLS_CERTIFICATE_API_V2 = (1<<1),
+	GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK = (1<<2),
+	GNUTLS_CERTIFICATE_VERIFY_CRLS = (1<<3)
+} gnutls_certificate_flags;
+
+void gnutls_certificate_set_flags(gnutls_certificate_credentials_t,
+				  unsigned flags);
+
+void gnutls_certificate_set_verify_limits(gnutls_certificate_credentials_t
+					  res, unsigned int max_bits,
+					  unsigned int max_depth);
+
+int
+gnutls_certificate_set_x509_system_trust(gnutls_certificate_credentials_t
+					 cred);
+
+int
+gnutls_certificate_set_x509_trust_file(gnutls_certificate_credentials_t
+				       cred, const char *cafile,
+				       gnutls_x509_crt_fmt_t type);
+int
+gnutls_certificate_set_x509_trust_dir(gnutls_certificate_credentials_t cred,
+				      const char *ca_dir,
+				      gnutls_x509_crt_fmt_t type);
+
+int gnutls_certificate_set_x509_trust_mem(gnutls_certificate_credentials_t
+					  res, const gnutls_datum_t * ca,
+					  gnutls_x509_crt_fmt_t type);
+
+int
+gnutls_certificate_set_x509_crl_file(gnutls_certificate_credentials_t
+				     res, const char *crlfile,
+				     gnutls_x509_crt_fmt_t type);
+int gnutls_certificate_set_x509_crl_mem(gnutls_certificate_credentials_t
+					res, const gnutls_datum_t * CRL,
+					gnutls_x509_crt_fmt_t type);
+
+int
+gnutls_certificate_set_x509_key_file(gnutls_certificate_credentials_t
+				     res, const char *certfile,
+				     const char *keyfile,
+				     gnutls_x509_crt_fmt_t type);
+
+int
+gnutls_certificate_set_x509_key_file2(gnutls_certificate_credentials_t
+				      res, const char *certfile,
+				      const char *keyfile,
+				      gnutls_x509_crt_fmt_t type,
+				      const char *pass,
+				      unsigned int flags);
+
+int gnutls_certificate_set_x509_key_mem(gnutls_certificate_credentials_t
+					res, const gnutls_datum_t * cert,
+					const gnutls_datum_t * key,
+					gnutls_x509_crt_fmt_t type);
+
+int gnutls_certificate_set_x509_key_mem2(gnutls_certificate_credentials_t
+					 res, const gnutls_datum_t * cert,
+					 const gnutls_datum_t * key,
+					 gnutls_x509_crt_fmt_t type,
+					 const char *pass,
+					 unsigned int flags);
+
+void gnutls_certificate_send_x509_rdn_sequence(gnutls_session_t session,
+					       int status);
+
+int
+gnutls_certificate_set_x509_simple_pkcs12_file
+(gnutls_certificate_credentials_t res, const char *pkcs12file,
+ gnutls_x509_crt_fmt_t type, const char *password);
+int
+gnutls_certificate_set_x509_simple_pkcs12_mem
+(gnutls_certificate_credentials_t res, const gnutls_datum_t * p12blob,
+ gnutls_x509_crt_fmt_t type, const char *password);
+
+/* New functions to allow setting already parsed X.509 stuff.
+ */
+
+int gnutls_certificate_set_x509_key(gnutls_certificate_credentials_t res,
+				    gnutls_x509_crt_t * cert_list,
+				    int cert_list_size,
+				    gnutls_x509_privkey_t key);
+int gnutls_certificate_set_x509_trust(gnutls_certificate_credentials_t res,
+				      gnutls_x509_crt_t * ca_list,
+				      int ca_list_size);
+int gnutls_certificate_set_x509_crl(gnutls_certificate_credentials_t res,
+				    gnutls_x509_crl_t * crl_list,
+				    int crl_list_size);
+
+int gnutls_certificate_get_x509_key(gnutls_certificate_credentials_t res,
+                                    unsigned index,
+                                    gnutls_x509_privkey_t *key);
+int gnutls_certificate_get_x509_crt(gnutls_certificate_credentials_t res,
+                                    unsigned index,
+                                    gnutls_x509_crt_t **crt_list,
+                                    unsigned *crt_list_size);
+
+  /* OCSP status request extension, RFC 6066 */
+typedef int (*gnutls_status_request_ocsp_func)
+ (gnutls_session_t session, void *ptr, gnutls_datum_t *ocsp_response);
+
+void
+gnutls_certificate_set_ocsp_status_request_function
+(gnutls_certificate_credentials_t res,
+gnutls_status_request_ocsp_func ocsp_func, void *ptr);
+
+int
+gnutls_certificate_set_ocsp_status_request_function2
+(gnutls_certificate_credentials_t res, unsigned idx,
+gnutls_status_request_ocsp_func ocsp_func, void *ptr);
+
+int
+gnutls_certificate_set_ocsp_status_request_file
+(gnutls_certificate_credentials_t res, const char *response_file,
+ unsigned idx);
+
+int
+gnutls_certificate_set_ocsp_status_request_file2
+(gnutls_certificate_credentials_t res, const char *response_file,
+ unsigned idx, gnutls_x509_crt_fmt_t fmt);
+
+int
+gnutls_certificate_set_ocsp_status_request_mem
+(gnutls_certificate_credentials_t res, const gnutls_datum_t *resp,
+ unsigned idx, gnutls_x509_crt_fmt_t fmt);
+
+typedef struct gnutls_ocsp_data_st {
+	unsigned int version; /* must be zero */
+	gnutls_datum_t response;
+	time_t exptime;
+	unsigned char padding[32];
+} gnutls_ocsp_data_st;
+
+time_t
+gnutls_certificate_get_ocsp_expiration(gnutls_certificate_credentials_t sc,
+				       unsigned idx,
+				       int oidx,
+				       unsigned flags);
+
+int gnutls_ocsp_status_request_enable_client(gnutls_session_t session,
+					     gnutls_datum_t * responder_id,
+					     size_t responder_id_size,
+					     gnutls_datum_t *
+					     request_extensions);
+
+int gnutls_ocsp_status_request_get(gnutls_session_t session,
+				   gnutls_datum_t * response);
+
+#define GNUTLS_OCSP_SR_IS_AVAIL 1
+unsigned gnutls_ocsp_status_request_is_checked(gnutls_session_t session,
+					       unsigned int flags);
+
+int
+gnutls_ocsp_status_request_get2(gnutls_session_t session,
+			        unsigned idx,
+			        gnutls_datum_t * response);
+
+/* RAW public key functions (RFC7250) */
+int gnutls_certificate_set_rawpk_key_mem(gnutls_certificate_credentials_t cred,
+				    const gnutls_datum_t* spki,
+				    const gnutls_datum_t* pkey,
+				    gnutls_x509_crt_fmt_t format,
+				    const char* pass,
+				    unsigned int key_usage,
+				    const char **names,
+				    unsigned int names_length,
+				    unsigned int flags);
+
+int gnutls_certificate_set_rawpk_key_file(gnutls_certificate_credentials_t cred,
+				      const char* rawpkfile,
+				      const char* privkeyfile,
+				      gnutls_x509_crt_fmt_t format,
+				      const char *pass,
+				      unsigned int key_usage,
+				      const char **names,
+				      unsigned int names_length,
+				      unsigned int privkey_flags,
+				      unsigned int pkcs11_flags);
+
+
+/* global state functions
+ */
+int gnutls_global_init(void);
+void gnutls_global_deinit(void);
+
+const gnutls_library_config_st *gnutls_get_library_config(void);
+
+  /**
+   * gnutls_time_func:
+   * @t: where to store time.
+   *
+   * Function prototype for time()-like function.  Set with
+   * gnutls_global_set_time_function().
+   *
+   * Returns: Number of seconds since the epoch, or (time_t)-1 on errors.
+   */
+typedef time_t(*gnutls_time_func) (time_t * t);
+
+typedef int (*mutex_init_func) (void **mutex);
+typedef int (*mutex_lock_func) (void **mutex);
+typedef int (*mutex_unlock_func) (void **mutex);
+typedef int (*mutex_deinit_func) (void **mutex);
+
+void gnutls_global_set_mutex(mutex_init_func init,
+			     mutex_deinit_func deinit,
+			     mutex_lock_func lock,
+			     mutex_unlock_func unlock);
+
+typedef void *(*gnutls_alloc_function) (size_t);
+typedef void *(*gnutls_calloc_function) (size_t, size_t);
+typedef int (*gnutls_is_secure_function) (const void *);
+typedef void (*gnutls_free_function) (void *);
+typedef void *(*gnutls_realloc_function) (void *, size_t);
+
+void gnutls_global_set_time_function(gnutls_time_func time_func);
+
+/* For use in callbacks */
+extern _SYM_EXPORT gnutls_alloc_function gnutls_malloc;
+extern _SYM_EXPORT gnutls_realloc_function gnutls_realloc;
+extern _SYM_EXPORT gnutls_calloc_function gnutls_calloc;
+extern _SYM_EXPORT gnutls_free_function gnutls_free;
+
+#ifdef GNUTLS_INTERNAL_BUILD
+#define gnutls_free(a) gnutls_free((void *) (a)), a=NULL
+#endif
+
+extern _SYM_EXPORT char *(*gnutls_strdup) (const char *);
+
+/* a variant of memset that doesn't get optimized out */
+void gnutls_memset(void *data, int c, size_t size);
+
+/* constant time memcmp */
+int gnutls_memcmp(const void *s1, const void *s2, size_t n);
+
+typedef void (*gnutls_log_func) (int, const char *);
+typedef void (*gnutls_audit_log_func) (gnutls_session_t, const char *);
+void gnutls_global_set_log_function(gnutls_log_func log_func);
+void gnutls_global_set_audit_log_function(gnutls_audit_log_func log_func);
+void gnutls_global_set_log_level(int level);
+
+  /**
+   * gnutls_keylog_func:
+   * @session: the current session
+   * @label: the keylog label
+   * @secret: the (const) data of the derived secret.
+   *
+   * Function prototype for keylog hooks. It is set using
+   * gnutls_session_set_keylog_function().
+   *
+   * Returns: Non zero on error.
+   * Since: 3.6.13
+   */
+typedef int (*gnutls_keylog_func) (gnutls_session_t session,
+				   const char *label,
+				   const gnutls_datum_t *secret);
+gnutls_keylog_func gnutls_session_get_keylog_function(const gnutls_session_t session);
+void gnutls_session_set_keylog_function(gnutls_session_t session,
+					gnutls_keylog_func func);
+
+/* Diffie-Hellman parameter handling.
+ */
+int gnutls_dh_params_init(gnutls_dh_params_t * dh_params);
+void gnutls_dh_params_deinit(gnutls_dh_params_t dh_params);
+int gnutls_dh_params_import_raw(gnutls_dh_params_t dh_params,
+				const gnutls_datum_t * prime,
+				const gnutls_datum_t * generator);
+int gnutls_dh_params_import_dsa(gnutls_dh_params_t dh_params, gnutls_x509_privkey_t key);
+int gnutls_dh_params_import_raw2(gnutls_dh_params_t dh_params,
+				 const gnutls_datum_t * prime,
+				 const gnutls_datum_t * generator,
+				 unsigned key_bits);
+int gnutls_dh_params_import_raw3(gnutls_dh_params_t dh_params,
+				 const gnutls_datum_t * prime,
+				 const gnutls_datum_t * q,
+				 const gnutls_datum_t * generator);
+int gnutls_dh_params_import_pkcs3(gnutls_dh_params_t params,
+				  const gnutls_datum_t * pkcs3_params,
+				  gnutls_x509_crt_fmt_t format);
+int gnutls_dh_params_generate2(gnutls_dh_params_t params,
+			       unsigned int bits);
+int gnutls_dh_params_export_pkcs3(gnutls_dh_params_t params,
+				  gnutls_x509_crt_fmt_t format,
+				  unsigned char *params_data,
+				  size_t * params_data_size);
+int gnutls_dh_params_export2_pkcs3(gnutls_dh_params_t params,
+				   gnutls_x509_crt_fmt_t format,
+				   gnutls_datum_t * out);
+int gnutls_dh_params_export_raw(gnutls_dh_params_t params,
+				gnutls_datum_t * prime,
+				gnutls_datum_t * generator,
+				unsigned int *bits);
+int gnutls_dh_params_cpy(gnutls_dh_params_t dst, gnutls_dh_params_t src);
+
+
+
+/* Session stuff
+ */
+@DEFINE_IOVEC_T@
+
+typedef ssize_t(*gnutls_pull_func) (gnutls_transport_ptr_t, void *,
+				    size_t);
+typedef ssize_t(*gnutls_push_func) (gnutls_transport_ptr_t, const void *,
+				    size_t);
+
+int gnutls_system_recv_timeout(gnutls_transport_ptr_t ptr, unsigned int ms);
+typedef int (*gnutls_pull_timeout_func) (gnutls_transport_ptr_t,
+					 unsigned int ms);
+
+typedef ssize_t(*gnutls_vec_push_func) (gnutls_transport_ptr_t,
+					const giovec_t * iov, int iovcnt);
+
+typedef int (*gnutls_errno_func) (gnutls_transport_ptr_t);
+
+#if 0
+ /* This will be defined as macro. */
+  void gnutls_transport_set_int (gnutls_session_t session, int r);
+#endif
+
+void gnutls_transport_set_int2(gnutls_session_t session, int r, int s);
+#define gnutls_transport_set_int(s, i) gnutls_transport_set_int2(s, i, i)
+
+void gnutls_transport_get_int2(gnutls_session_t session, int *r, int *s);
+int gnutls_transport_get_int(gnutls_session_t session);
+
+void gnutls_transport_set_ptr(gnutls_session_t session,
+			      gnutls_transport_ptr_t ptr);
+void gnutls_transport_set_ptr2(gnutls_session_t session,
+			       gnutls_transport_ptr_t recv_ptr,
+			       gnutls_transport_ptr_t send_ptr);
+
+gnutls_transport_ptr_t gnutls_transport_get_ptr(gnutls_session_t session);
+void gnutls_transport_get_ptr2(gnutls_session_t session,
+			       gnutls_transport_ptr_t * recv_ptr,
+			       gnutls_transport_ptr_t * send_ptr);
+
+void gnutls_transport_set_vec_push_function(gnutls_session_t session,
+					    gnutls_vec_push_func vec_func);
+void gnutls_transport_set_push_function(gnutls_session_t session,
+					gnutls_push_func push_func);
+void gnutls_transport_set_pull_function(gnutls_session_t session,
+					gnutls_pull_func pull_func);
+
+void gnutls_transport_set_pull_timeout_function(gnutls_session_t session,
+						gnutls_pull_timeout_func
+						func);
+
+void gnutls_transport_set_errno_function(gnutls_session_t session,
+					 gnutls_errno_func errno_func);
+
+void gnutls_transport_set_errno(gnutls_session_t session, int err);
+
+/* session specific
+ */
+void gnutls_session_set_ptr(gnutls_session_t session, void *ptr);
+void *gnutls_session_get_ptr(gnutls_session_t session);
+
+void gnutls_openpgp_send_cert(gnutls_session_t session,
+			      gnutls_openpgp_crt_status_t status);
+
+/* This function returns the hash of the given data.
+ */
+int gnutls_fingerprint(gnutls_digest_algorithm_t algo,
+		       const gnutls_datum_t * data, void *result,
+		       size_t * result_size);
+
+  /**
+   * gnutls_random_art_t:
+   * @GNUTLS_RANDOM_ART_OPENSSH: OpenSSH-style random art.
+   *
+   * Enumeration of different random art types.
+   */
+typedef enum gnutls_random_art {
+	GNUTLS_RANDOM_ART_OPENSSH = 1
+} gnutls_random_art_t;
+
+int gnutls_random_art(gnutls_random_art_t type,
+		      const char *key_type, unsigned int key_size,
+		      void *fpr, size_t fpr_size, gnutls_datum_t * art);
+
+/* IDNA */
+#define GNUTLS_IDNA_FORCE_2008 (1<<1)
+int gnutls_idna_map(const char * input, unsigned ilen, gnutls_datum_t *out, unsigned flags);
+int gnutls_idna_reverse_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsigned flags);
+
+/* SRP
+ */
+
+typedef struct gnutls_srp_server_credentials_st
+*gnutls_srp_server_credentials_t;
+typedef struct gnutls_srp_client_credentials_st
+*gnutls_srp_client_credentials_t;
+
+void
+gnutls_srp_free_client_credentials(gnutls_srp_client_credentials_t sc);
+int
+gnutls_srp_allocate_client_credentials(gnutls_srp_client_credentials_t *
+				       sc);
+int gnutls_srp_set_client_credentials(gnutls_srp_client_credentials_t res,
+				      const char *username,
+				      const char *password);
+
+void
+gnutls_srp_free_server_credentials(gnutls_srp_server_credentials_t sc);
+int
+gnutls_srp_allocate_server_credentials(gnutls_srp_server_credentials_t *
+				       sc);
+int gnutls_srp_set_server_credentials_file(gnutls_srp_server_credentials_t
+					   res, const char *password_file,
+					   const char *password_conf_file);
+
+const char *gnutls_srp_server_get_username(gnutls_session_t session);
+
+void gnutls_srp_set_prime_bits(gnutls_session_t session,
+                               unsigned int bits);
+
+int gnutls_srp_verifier(const char *username,
+			const char *password,
+			const gnutls_datum_t * salt,
+			const gnutls_datum_t * generator,
+			const gnutls_datum_t * prime,
+			gnutls_datum_t * res);
+
+/* The static parameters defined in draft-ietf-tls-srp-05
+ * Those should be used as input to gnutls_srp_verifier().
+ */
+extern _SYM_EXPORT const gnutls_datum_t gnutls_srp_8192_group_prime;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_srp_8192_group_generator;
+
+extern _SYM_EXPORT const gnutls_datum_t gnutls_srp_4096_group_prime;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_srp_4096_group_generator;
+
+extern _SYM_EXPORT const gnutls_datum_t gnutls_srp_3072_group_prime;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_srp_3072_group_generator;
+
+extern _SYM_EXPORT const gnutls_datum_t gnutls_srp_2048_group_prime;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_srp_2048_group_generator;
+
+extern _SYM_EXPORT const gnutls_datum_t gnutls_srp_1536_group_prime;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_srp_1536_group_generator;
+
+extern _SYM_EXPORT const gnutls_datum_t gnutls_srp_1024_group_prime;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_srp_1024_group_generator;
+
+/* The static parameters defined in rfc7919
+ */
+
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_8192_group_prime;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_8192_group_q;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_8192_group_generator;
+extern _SYM_EXPORT const unsigned int gnutls_ffdhe_8192_key_bits;
+
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_6144_group_prime;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_6144_group_q;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_6144_group_generator;
+extern _SYM_EXPORT const unsigned int gnutls_ffdhe_6144_key_bits;
+
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_4096_group_prime;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_4096_group_q;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_4096_group_generator;
+extern _SYM_EXPORT const unsigned int gnutls_ffdhe_4096_key_bits;
+
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_3072_group_prime;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_3072_group_q;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_3072_group_generator;
+extern _SYM_EXPORT const unsigned int gnutls_ffdhe_3072_key_bits;
+
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_2048_group_prime;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_2048_group_q;
+extern _SYM_EXPORT const gnutls_datum_t gnutls_ffdhe_2048_group_generator;
+extern _SYM_EXPORT const unsigned int gnutls_ffdhe_2048_key_bits;
+
+typedef int gnutls_srp_server_credentials_function(gnutls_session_t,
+						   const char *username,
+						   gnutls_datum_t * salt,
+						   gnutls_datum_t *
+						   verifier,
+						   gnutls_datum_t *
+						   generator,
+						   gnutls_datum_t * prime);
+void
+gnutls_srp_set_server_credentials_function(gnutls_srp_server_credentials_t
+					   cred,
+					   gnutls_srp_server_credentials_function
+					   * func);
+
+typedef int gnutls_srp_client_credentials_function(gnutls_session_t,
+						   char **, char **);
+void
+gnutls_srp_set_client_credentials_function(gnutls_srp_client_credentials_t
+					   cred,
+					   gnutls_srp_client_credentials_function
+					   * func);
+
+int gnutls_srp_base64_encode(const gnutls_datum_t * data, char *result,
+			     size_t * result_size);
+int gnutls_srp_base64_encode2(const gnutls_datum_t * data,
+				   gnutls_datum_t * result);
+
+int gnutls_srp_base64_decode(const gnutls_datum_t * b64_data, char *result,
+			     size_t * result_size);
+int gnutls_srp_base64_decode2(const gnutls_datum_t * b64_data,
+				   gnutls_datum_t * result);
+
+#define gnutls_srp_base64_encode_alloc gnutls_srp_base64_encode2
+#define gnutls_srp_base64_decode_alloc gnutls_srp_base64_decode2
+
+void
+gnutls_srp_set_server_fake_salt_seed(gnutls_srp_server_credentials_t
+				     sc,
+				     const gnutls_datum_t * seed,
+				     unsigned int salt_length);
+
+/* PSK stuff */
+typedef struct gnutls_psk_server_credentials_st
+*gnutls_psk_server_credentials_t;
+typedef struct gnutls_psk_client_credentials_st
+*gnutls_psk_client_credentials_t;
+
+/**
+ * gnutls_psk_key_flags:
+ * @GNUTLS_PSK_KEY_RAW: PSK-key in raw format.
+ * @GNUTLS_PSK_KEY_HEX: PSK-key in hex format.
+ *
+ * Enumeration of different PSK key flags.
+ */
+typedef enum gnutls_psk_key_flags {
+	GNUTLS_PSK_KEY_RAW = 0,
+	GNUTLS_PSK_KEY_HEX
+} gnutls_psk_key_flags;
+
+void
+gnutls_psk_free_client_credentials(gnutls_psk_client_credentials_t sc);
+int
+gnutls_psk_allocate_client_credentials(gnutls_psk_client_credentials_t *
+				       sc);
+int gnutls_psk_set_client_credentials(gnutls_psk_client_credentials_t res,
+				      const char *username,
+				      const gnutls_datum_t * key,
+				      gnutls_psk_key_flags flags);
+int gnutls_psk_set_client_credentials2(gnutls_psk_client_credentials_t res,
+				       const gnutls_datum_t *username,
+				       const gnutls_datum_t *key,
+				       gnutls_psk_key_flags flags);
+
+void
+gnutls_psk_free_server_credentials(gnutls_psk_server_credentials_t sc);
+int
+gnutls_psk_allocate_server_credentials(gnutls_psk_server_credentials_t *
+				       sc);
+int gnutls_psk_set_server_credentials_file(gnutls_psk_server_credentials_t
+					   res, const char *password_file);
+
+int
+gnutls_psk_set_server_credentials_hint(gnutls_psk_server_credentials_t
+				       res, const char *hint);
+
+const char *gnutls_psk_server_get_username(gnutls_session_t session);
+int gnutls_psk_server_get_username2(gnutls_session_t session,
+				    gnutls_datum_t *out);
+const char *gnutls_psk_client_get_hint(gnutls_session_t session);
+
+typedef int gnutls_psk_server_credentials_function(gnutls_session_t,
+						   const char *username,
+						   gnutls_datum_t * key);
+typedef int gnutls_psk_server_credentials_function2(gnutls_session_t,
+						    const gnutls_datum_t *username,
+						    gnutls_datum_t *key);
+void
+gnutls_psk_set_server_credentials_function(gnutls_psk_server_credentials_t
+					   cred,
+					   gnutls_psk_server_credentials_function
+					   * func);
+void
+gnutls_psk_set_server_credentials_function2(gnutls_psk_server_credentials_t cred,
+					    gnutls_psk_server_credentials_function2 *func);
+
+typedef int gnutls_psk_client_credentials_function(gnutls_session_t,
+						   char **username,
+						   gnutls_datum_t * key);
+typedef int gnutls_psk_client_credentials_function2(gnutls_session_t,
+						    gnutls_datum_t *username,
+						    gnutls_datum_t *key);
+void
+gnutls_psk_set_client_credentials_function(gnutls_psk_client_credentials_t
+					   cred,
+					   gnutls_psk_client_credentials_function
+					   * func);
+void
+gnutls_psk_set_client_credentials_function2(gnutls_psk_client_credentials_t cred,
+					    gnutls_psk_client_credentials_function2 *func);
+
+int gnutls_hex_encode(const gnutls_datum_t * data, char *result,
+		      size_t * result_size);
+int gnutls_hex_decode(const gnutls_datum_t * hex_data, void *result,
+		      size_t * result_size);
+
+int gnutls_hex_encode2(const gnutls_datum_t * data, gnutls_datum_t *result);
+int gnutls_hex_decode2(const gnutls_datum_t * data, gnutls_datum_t *result);
+
+void
+gnutls_psk_set_server_dh_params(gnutls_psk_server_credentials_t res,
+				gnutls_dh_params_t dh_params);
+
+int
+gnutls_psk_set_server_known_dh_params(gnutls_psk_server_credentials_t res,
+				      gnutls_sec_param_t sec_param);
+
+void
+gnutls_psk_set_server_params_function(gnutls_psk_server_credentials_t
+				      res, gnutls_params_function * func);
+
+/**
+ * gnutls_x509_subject_alt_name_t:
+ * @GNUTLS_SAN_DNSNAME: DNS-name SAN.
+ * @GNUTLS_SAN_RFC822NAME: E-mail address SAN.
+ * @GNUTLS_SAN_URI: URI SAN.
+ * @GNUTLS_SAN_IPADDRESS: IP address SAN.
+ * @GNUTLS_SAN_OTHERNAME: OtherName SAN.
+ * @GNUTLS_SAN_DN: DN SAN.
+ * @GNUTLS_SAN_REGISTERED_ID: RegisteredID.
+ * @GNUTLS_SAN_OTHERNAME_XMPP: Virtual SAN, used by certain functions for convenience.
+ * @GNUTLS_SAN_OTHERNAME_KRB5PRINCIPAL: Virtual SAN, used by certain functions for convenience.
+ * @GNUTLS_SAN_OTHERNAME_MSUSERPRINCIPAL: Virtual SAN, used by certain functions for convenience.
+ *
+ * Enumeration of different subject alternative names types.
+ */
+typedef enum gnutls_x509_subject_alt_name_t {
+	GNUTLS_SAN_DNSNAME = 1,
+	GNUTLS_SAN_RFC822NAME = 2,
+	GNUTLS_SAN_URI = 3,
+	GNUTLS_SAN_IPADDRESS = 4,
+	GNUTLS_SAN_OTHERNAME = 5,
+	GNUTLS_SAN_DN = 6,
+	GNUTLS_SAN_REGISTERED_ID = 7,
+	GNUTLS_SAN_MAX = GNUTLS_SAN_REGISTERED_ID,
+	/* The following are "virtual" subject alternative name types, in
+	   that they are represented by an otherName value and an OID.
+	   Used by gnutls_x509_crt_get_subject_alt_othername_oid.  */
+	GNUTLS_SAN_OTHERNAME_XMPP = 1000,
+	GNUTLS_SAN_OTHERNAME_KRB5PRINCIPAL,
+	GNUTLS_SAN_OTHERNAME_MSUSERPRINCIPAL
+} gnutls_x509_subject_alt_name_t;
+
+struct gnutls_openpgp_crt_int;
+typedef struct gnutls_openpgp_crt_int *gnutls_openpgp_crt_t;
+
+struct gnutls_openpgp_privkey_int;
+typedef struct gnutls_openpgp_privkey_int *gnutls_openpgp_privkey_t;
+
+struct gnutls_pkcs11_privkey_st;
+typedef struct gnutls_pkcs11_privkey_st *gnutls_pkcs11_privkey_t;
+
+/**
+ * gnutls_privkey_type_t:
+ * @GNUTLS_PRIVKEY_X509: X.509 private key, #gnutls_x509_privkey_t.
+ * @GNUTLS_PRIVKEY_OPENPGP: OpenPGP private key, #gnutls_openpgp_privkey_t.
+ * @GNUTLS_PRIVKEY_PKCS11: PKCS11 private key, #gnutls_pkcs11_privkey_t.
+ * @GNUTLS_PRIVKEY_EXT: External private key, operating using callbacks.
+ *
+ * Enumeration of different private key types.
+ */
+typedef enum {
+	GNUTLS_PRIVKEY_X509,
+	GNUTLS_PRIVKEY_OPENPGP,
+	GNUTLS_PRIVKEY_PKCS11,
+	GNUTLS_PRIVKEY_EXT
+} gnutls_privkey_type_t;
+
+typedef struct gnutls_retr2_st {
+	gnutls_certificate_type_t cert_type;
+	gnutls_privkey_type_t key_type;
+
+	union {
+		gnutls_x509_crt_t *x509;
+		gnutls_openpgp_crt_t pgp;
+	} cert;
+	unsigned int ncerts;	/* one for pgp keys */
+
+	union {
+		gnutls_x509_privkey_t x509;
+		gnutls_openpgp_privkey_t pgp;
+		gnutls_pkcs11_privkey_t pkcs11;
+	} key;
+
+	unsigned int deinit_all;	/* if non zero all keys will be deinited */
+} gnutls_retr2_st;
+
+
+  /* Functions that allow auth_info_t structures handling
+   */
+
+gnutls_credentials_type_t gnutls_auth_get_type(gnutls_session_t session);
+gnutls_credentials_type_t
+gnutls_auth_server_get_type(gnutls_session_t session);
+gnutls_credentials_type_t
+gnutls_auth_client_get_type(gnutls_session_t session);
+
+  /* DH */
+
+void gnutls_dh_set_prime_bits(gnutls_session_t session, unsigned int bits);
+int gnutls_dh_get_secret_bits(gnutls_session_t session);
+int gnutls_dh_get_peers_public_bits(gnutls_session_t session);
+int gnutls_dh_get_prime_bits(gnutls_session_t session);
+
+int gnutls_dh_get_group(gnutls_session_t session, gnutls_datum_t * raw_gen,
+			gnutls_datum_t * raw_prime);
+int gnutls_dh_get_pubkey(gnutls_session_t session,
+			 gnutls_datum_t * raw_key);
+
+  /* X509PKI */
+
+
+  /* These are set on the credentials structure.
+   */
+
+  /* use gnutls_certificate_set_retrieve_function2() in abstract.h
+   * instead. It's much more efficient.
+   */
+
+typedef int gnutls_certificate_retrieve_function(gnutls_session_t,
+						 const
+						 gnutls_datum_t *
+						 req_ca_rdn,
+						 int nreqs,
+						 const
+						 gnutls_pk_algorithm_t
+						 * pk_algos,
+						 int
+						 pk_algos_length,
+						 gnutls_retr2_st *);
+
+
+void
+gnutls_certificate_set_retrieve_function(gnutls_certificate_credentials_t
+					 cred,
+					 gnutls_certificate_retrieve_function
+					 * func);
+
+void
+gnutls_certificate_set_verify_function(gnutls_certificate_credentials_t
+				       cred,
+				       gnutls_certificate_verify_function
+				       * func);
+
+void
+gnutls_certificate_server_set_request(gnutls_session_t session,
+				      gnutls_certificate_request_t req);
+
+  /* get data from the session
+   */
+const gnutls_datum_t *gnutls_certificate_get_peers(gnutls_session_t
+						   session, unsigned int
+						   *list_size);
+const gnutls_datum_t *gnutls_certificate_get_ours(gnutls_session_t
+						  session);
+
+int gnutls_certificate_get_peers_subkey_id(gnutls_session_t session,
+					   gnutls_datum_t * id);
+
+time_t gnutls_certificate_activation_time_peers(gnutls_session_t session);
+time_t gnutls_certificate_expiration_time_peers(gnutls_session_t session);
+
+unsigned gnutls_certificate_client_get_request_status(gnutls_session_t session);
+int gnutls_certificate_verify_peers2(gnutls_session_t session,
+				     unsigned int *status);
+int gnutls_certificate_verify_peers3(gnutls_session_t session,
+				     const char *hostname,
+				     unsigned int *status);
+
+int
+gnutls_certificate_verify_peers(gnutls_session_t session,
+				gnutls_typed_vdata_st * data,
+				unsigned int elements,
+				unsigned int *status);
+
+int gnutls_certificate_verification_status_print(unsigned int status,
+						 gnutls_certificate_type_t
+						 type,
+						 gnutls_datum_t * out,
+						 unsigned int flags);
+
+int gnutls_pem_base64_encode(const char *msg, const gnutls_datum_t * data,
+			     char *result, size_t * result_size);
+int gnutls_pem_base64_decode(const char *header,
+			     const gnutls_datum_t * b64_data,
+			     unsigned char *result, size_t * result_size);
+
+int gnutls_pem_base64_encode2(const char *msg,
+				   const gnutls_datum_t * data,
+				   gnutls_datum_t * result);
+int gnutls_pem_base64_decode2(const char *header,
+				   const gnutls_datum_t * b64_data,
+				   gnutls_datum_t * result);
+
+int gnutls_base64_encode2(const gnutls_datum_t * data,
+			  gnutls_datum_t * result);
+int gnutls_base64_decode2(const gnutls_datum_t * b64_data,
+			  gnutls_datum_t * result);
+
+#define gnutls_pem_base64_encode_alloc gnutls_pem_base64_encode2
+#define gnutls_pem_base64_decode_alloc gnutls_pem_base64_decode2
+
+  /* key_usage will be an OR of the following values:
+   */
+
+  /* when the key is to be used for signing: */
+#define GNUTLS_KEY_DIGITAL_SIGNATURE	128
+#define GNUTLS_KEY_NON_REPUDIATION	64
+  /* when the key is to be used for encryption: */
+#define GNUTLS_KEY_KEY_ENCIPHERMENT	32
+#define GNUTLS_KEY_DATA_ENCIPHERMENT	16
+#define GNUTLS_KEY_KEY_AGREEMENT	8
+#define GNUTLS_KEY_KEY_CERT_SIGN	4
+#define GNUTLS_KEY_CRL_SIGN		2
+#define GNUTLS_KEY_ENCIPHER_ONLY	1
+#define GNUTLS_KEY_DECIPHER_ONLY	32768
+
+void
+gnutls_certificate_set_params_function(gnutls_certificate_credentials_t
+				       res, gnutls_params_function * func);
+void gnutls_anon_set_params_function(gnutls_anon_server_credentials_t res,
+				     gnutls_params_function * func);
+void gnutls_psk_set_params_function(gnutls_psk_server_credentials_t res,
+				    gnutls_params_function * func);
+
+int gnutls_hex2bin(const char *hex_data, size_t hex_size,
+		   void *bin_data, size_t * bin_size);
+
+  /* Trust on first use (or ssh like) functions */
+
+  /* stores the provided information to a database
+   */
+typedef int (*gnutls_tdb_store_func) (const char *db_name,
+				      const char *host,
+				      const char *service,
+				      time_t expiration,
+				      const gnutls_datum_t * pubkey);
+
+typedef int (*gnutls_tdb_store_commitment_func) (const char *db_name,
+						 const char *host,
+						 const char *service,
+						 time_t expiration,
+						 gnutls_digest_algorithm_t
+						 hash_algo,
+						 const gnutls_datum_t *
+						 hash);
+
+  /* searches for the provided host/service pair that match the
+   * provided public key in the database. */
+typedef int (*gnutls_tdb_verify_func) (const char *db_name,
+				       const char *host,
+				       const char *service,
+				       const gnutls_datum_t * pubkey);
+
+
+struct gnutls_tdb_int;
+typedef struct gnutls_tdb_int *gnutls_tdb_t;
+
+int gnutls_tdb_init(gnutls_tdb_t * tdb);
+void gnutls_tdb_set_store_func(gnutls_tdb_t tdb,
+			       gnutls_tdb_store_func store);
+void gnutls_tdb_set_store_commitment_func(gnutls_tdb_t tdb,
+					  gnutls_tdb_store_commitment_func
+					  cstore);
+void gnutls_tdb_set_verify_func(gnutls_tdb_t tdb,
+				gnutls_tdb_verify_func verify);
+void gnutls_tdb_deinit(gnutls_tdb_t tdb);
+
+int gnutls_verify_stored_pubkey(const char *db_name,
+				gnutls_tdb_t tdb,
+				const char *host,
+				const char *service,
+				gnutls_certificate_type_t cert_type,
+				const gnutls_datum_t * cert,
+				unsigned int flags);
+
+#define GNUTLS_SCOMMIT_FLAG_ALLOW_BROKEN 1
+int gnutls_store_commitment(const char *db_name,
+			    gnutls_tdb_t tdb,
+			    const char *host,
+			    const char *service,
+			    gnutls_digest_algorithm_t hash_algo,
+			    const gnutls_datum_t * hash,
+			    time_t expiration, unsigned int flags);
+
+int gnutls_store_pubkey(const char *db_name,
+			gnutls_tdb_t tdb,
+			const char *host,
+			const char *service,
+			gnutls_certificate_type_t cert_type,
+			const gnutls_datum_t * cert,
+			time_t expiration, unsigned int flags);
+
+  /* Other helper functions */
+int gnutls_load_file(const char *filename, gnutls_datum_t * data);
+
+unsigned gnutls_url_is_supported(const char *url);
+
+  /* PIN callback */
+
+/**
+ * gnutls_pin_flag_t:
+ * @GNUTLS_PIN_USER: The PIN for the user.
+ * @GNUTLS_PIN_SO: The PIN for the security officer (admin).
+ * @GNUTLS_PIN_CONTEXT_SPECIFIC: The PIN is for a specific action and key like signing.
+ * @GNUTLS_PIN_FINAL_TRY: This is the final try before blocking.
+ * @GNUTLS_PIN_COUNT_LOW: Few tries remain before token blocks.
+ * @GNUTLS_PIN_WRONG: Last given PIN was not correct.
+ *
+ * Enumeration of different flags that are input to the PIN function.
+ */
+typedef enum {
+	GNUTLS_PIN_USER = (1 << 0),
+	GNUTLS_PIN_SO = (1 << 1),
+	GNUTLS_PIN_FINAL_TRY = (1 << 2),
+	GNUTLS_PIN_COUNT_LOW = (1 << 3),
+	GNUTLS_PIN_CONTEXT_SPECIFIC = (1 << 4),
+	GNUTLS_PIN_WRONG = (1 << 5)
+} gnutls_pin_flag_t;
+
+#define GNUTLS_PKCS11_PIN_USER GNUTLS_PIN_USER
+#define GNUTLS_PKCS11_PIN_SO GNUTLS_PIN_SO
+#define GNUTLS_PKCS11_PIN_FINAL_TRY GNUTLS_PIN_FINAL_TRY
+#define GNUTLS_PKCS11_PIN_COUNT_LOW  GNUTLS_PIN_COUNT_LOW
+#define GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC GNUTLS_PIN_CONTEXT_SPECIFIC
+#define GNUTLS_PKCS11_PIN_WRONG GNUTLS_PIN_WRONG
+
+/**
+ * gnutls_pin_callback_t:
+ * @userdata: user-controlled data from gnutls_pkcs11_set_pin_function().
+ * @attempt: pin-attempt counter, initially 0.
+ * @token_url: URL of token.
+ * @token_label: label of token.
+ * @flags: a #gnutls_pin_flag_t flag.
+ * @pin: buffer to hold PIN, of size @pin_max.
+ * @pin_max: size of @pin buffer.
+ *
+ * Callback function type for PKCS#11 or TPM PIN entry.  It is set by
+ * functions like gnutls_pkcs11_set_pin_function().
+ *
+ * The callback should provides the PIN code to unlock the token with
+ * label @token_label, specified by the URL @token_url.
+ *
+ * The PIN code, as a NUL-terminated ASCII string, should be copied
+ * into the @pin buffer (of maximum size @pin_max), and return 0 to
+ * indicate success.  Alternatively, the callback may return a
+ * negative gnutls error code to indicate failure and cancel PIN entry
+ * (in which case, the contents of the @pin parameter are ignored).
+ *
+ * When a PIN is required, the callback will be invoked repeatedly
+ * (and indefinitely) until either the returned PIN code is correct,
+ * the callback returns failure, or the token refuses login (e.g. when
+ * the token is locked due to too many incorrect PINs!).  For the
+ * first such invocation, the @attempt counter will have value zero;
+ * it will increase by one for each subsequent attempt.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code on error.
+ *
+ * Since: 2.12.0
+ **/
+typedef int (*gnutls_pin_callback_t) (void *userdata, int attempt,
+				      const char *token_url,
+				      const char *token_label,
+				      unsigned int flags,
+				      char *pin, size_t pin_max);
+
+void gnutls_certificate_set_pin_function(gnutls_certificate_credentials_t,
+					 gnutls_pin_callback_t fn,
+					 void *userdata);
+
+/* Public string related functions */
+typedef struct gnutls_buffer_st *gnutls_buffer_t;
+
+int gnutls_buffer_append_data(gnutls_buffer_t, const void *data, size_t data_size);
+
+#define GNUTLS_UTF8_IGNORE_ERRS 1
+int gnutls_utf8_password_normalize(const unsigned char *password, unsigned password_len,
+				   gnutls_datum_t *out, unsigned flags);
+
+/* Public extensions related functions */
+
+typedef void *gnutls_ext_priv_data_t;
+
+void gnutls_ext_set_data(gnutls_session_t session, unsigned type,
+			 gnutls_ext_priv_data_t);
+int gnutls_ext_get_data(gnutls_session_t session, unsigned type,
+			gnutls_ext_priv_data_t *);
+
+unsigned gnutls_ext_get_current_msg(gnutls_session_t session);
+
+typedef int (*gnutls_ext_recv_func) (gnutls_session_t session,
+				     const unsigned char *data,
+				     size_t len);
+
+typedef int (*gnutls_ext_send_func) (gnutls_session_t session,
+				     gnutls_buffer_t extdata);
+
+typedef void (*gnutls_ext_deinit_data_func) (gnutls_ext_priv_data_t data);
+
+typedef int (*gnutls_ext_pack_func) (gnutls_ext_priv_data_t data,
+				     gnutls_buffer_t packed_data);
+
+typedef int (*gnutls_ext_unpack_func) (gnutls_buffer_t packed_data,
+				       gnutls_ext_priv_data_t *data);
+
+#define GNUTLS_EXT_RAW_FLAG_TLS_CLIENT_HELLO 1
+#define GNUTLS_EXT_RAW_FLAG_DTLS_CLIENT_HELLO (1<<1)
+typedef int (*gnutls_ext_raw_process_func)(void *ctx, unsigned tls_id, const unsigned char *data, unsigned data_size);
+int gnutls_ext_raw_parse(void *ctx, gnutls_ext_raw_process_func cb,
+			 const gnutls_datum_t *data, unsigned int flags);
+
+/**
+ * gnutls_ext_parse_type_t:
+ * @GNUTLS_EXT_NONE: Never to be parsed
+ * @GNUTLS_EXT_ANY: Any extension type (should not be used as it is used only internally).
+ * @GNUTLS_EXT_VERSION_NEG: Extensions to be parsed first for TLS version negotiation.
+ * @GNUTLS_EXT_MANDATORY: Parsed after @GNUTLS_EXT_VERSION_NEG and even when resuming.
+ * @GNUTLS_EXT_APPLICATION: Parsed after @GNUTLS_EXT_MANDATORY
+ * @GNUTLS_EXT_TLS: TLS-internal extensions, parsed after @GNUTLS_EXT_APPLICATION.
+ *
+ * Enumeration of different TLS extension parsing phases.  The @gnutls_ext_parse_type_t
+ * indicates the time/phase an extension is parsed during Client or Server hello parsing.
+ *
+ */
+typedef enum {
+  GNUTLS_EXT_ANY = 0,
+  GNUTLS_EXT_APPLICATION = 1,
+  GNUTLS_EXT_TLS = 2,
+  GNUTLS_EXT_MANDATORY = 3,
+  GNUTLS_EXT_NONE = 4,
+  GNUTLS_EXT_VERSION_NEG = 5
+} gnutls_ext_parse_type_t;
+
+/**
+ * gnutls_ext_flags_t:
+ * @GNUTLS_EXT_FLAG_OVERRIDE_INTERNAL: If specified the extension registered will override the internal; this does not work with extensions existing prior to 3.6.0.
+ * @GNUTLS_EXT_FLAG_CLIENT_HELLO: This extension can be present in a client hello
+ * @GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO: This extension can be present in a TLS1.2 or earlier server hello
+ * @GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO: This extension can be present in a TLS1.3 server hello
+ * @GNUTLS_EXT_FLAG_EE: This extension can be present in encrypted extensions message
+ * @GNUTLS_EXT_FLAG_HRR: This extension can be present in hello retry request message
+ * @GNUTLS_EXT_FLAG_IGNORE_CLIENT_REQUEST: When flag is present, this extension will be send even if the client didn't advertise it. An extension of this type is the Cookie TLS1.3 extension.
+ * @GNUTLS_EXT_FLAG_DTLS: This extension can be present under DTLS; otherwise ignored.
+ * @GNUTLS_EXT_FLAG_TLS: This extension can be present under TLS; otherwise ignored.
+ *
+ * Enumeration of different TLS extension registration flags.
+ */
+typedef enum {
+  GNUTLS_EXT_FLAG_OVERRIDE_INTERNAL = 1,
+  GNUTLS_EXT_FLAG_CLIENT_HELLO = (1<<1),
+  GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO = (1<<2),
+  GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO = (1<<3),
+  GNUTLS_EXT_FLAG_EE = (1<<4), /* ENCRYPTED */
+  GNUTLS_EXT_FLAG_HRR = (1<<5),
+  GNUTLS_EXT_FLAG_IGNORE_CLIENT_REQUEST = (1<<6),
+  GNUTLS_EXT_FLAG_TLS = (1<<7),
+  GNUTLS_EXT_FLAG_DTLS = (1<<8)
+} gnutls_ext_flags_t;
+
+/* Register a custom tls extension
+ */
+int gnutls_ext_register(const char *name, int type, gnutls_ext_parse_type_t parse_point,
+				gnutls_ext_recv_func recv_func, gnutls_ext_send_func send_func, 
+				gnutls_ext_deinit_data_func deinit_func, gnutls_ext_pack_func pack_func,
+				gnutls_ext_unpack_func unpack_func);
+
+int gnutls_session_ext_register(gnutls_session_t, const char *name, int type, gnutls_ext_parse_type_t parse_point,
+				gnutls_ext_recv_func recv_func, gnutls_ext_send_func send_func, 
+				gnutls_ext_deinit_data_func deinit_func, gnutls_ext_pack_func pack_func,
+				gnutls_ext_unpack_func unpack_func, unsigned flags);
+
+const char *gnutls_ext_get_name(unsigned int ext);
+const char *gnutls_ext_get_name2(gnutls_session_t session, unsigned int tls_id,
+				 gnutls_ext_parse_type_t parse_point);
+
+/* Public supplemental data related functions */
+
+typedef int (*gnutls_supp_recv_func) (gnutls_session_t session,
+			       const unsigned char * data, size_t data_size);
+typedef int (*gnutls_supp_send_func) (gnutls_session_t session,
+			       gnutls_buffer_t buf);
+
+int gnutls_supplemental_register(const char *name,
+				gnutls_supplemental_data_format_type_t type,
+				gnutls_supp_recv_func supp_recv_func,
+				gnutls_supp_send_func supp_send_func);
+
+int gnutls_session_supplemental_register(gnutls_session_t session, const char *name,
+				gnutls_supplemental_data_format_type_t type,
+				gnutls_supp_recv_func supp_recv_func,
+				gnutls_supp_send_func supp_send_func,
+				unsigned int flags);
+
+void gnutls_supplemental_recv(gnutls_session_t session, unsigned do_recv_supplemental);
+
+void gnutls_supplemental_send(gnutls_session_t session, unsigned do_send_supplemental);
+
+/* Anti-replay related functions */
+
+typedef struct gnutls_anti_replay_st *gnutls_anti_replay_t;
+
+int gnutls_anti_replay_init(gnutls_anti_replay_t *anti_replay);
+void gnutls_anti_replay_deinit(gnutls_anti_replay_t anti_replay);
+void gnutls_anti_replay_set_window(gnutls_anti_replay_t anti_replay,
+				   unsigned int window);
+void gnutls_anti_replay_enable(gnutls_session_t session,
+			       gnutls_anti_replay_t anti_replay);
+
+typedef int (*gnutls_db_add_func) (void *, time_t exp_time, const gnutls_datum_t *key,
+				   const gnutls_datum_t *data);
+
+void gnutls_anti_replay_set_add_function(gnutls_anti_replay_t,
+					 gnutls_db_add_func add_func);
+
+void gnutls_anti_replay_set_ptr(gnutls_anti_replay_t, void *ptr);
+
+
+/**
+ * gnutls_record_encryption_level_t:
+ * @GNUTLS_ENCRYPTION_LEVEL_INITIAL: initial level that doesn't involve any
+ *    encryption
+ * @GNUTLS_ENCRYPTION_LEVEL_EARLY: early traffic secret is installed
+ * @GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE: handshake traffic secret is installed
+ * @GNUTLS_ENCRYPTION_LEVEL_APPLICATION: application traffic secret is installed
+ *
+ * Enumeration of different levels of record encryption currently in place.
+ * This is used by gnutls_handshake_set_read_function() and
+ * gnutls_handshake_write().
+ *
+ * Since: 3.7.0
+ */
+typedef enum {
+	GNUTLS_ENCRYPTION_LEVEL_INITIAL,
+	GNUTLS_ENCRYPTION_LEVEL_EARLY,
+	GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE,
+	GNUTLS_ENCRYPTION_LEVEL_APPLICATION
+} gnutls_record_encryption_level_t;
+
+  /**
+   * gnutls_handshake_read_func:
+   * @session: the current session
+   * @htype: the type of the handshake message (#gnutls_handshake_description_t)
+   * @level: #gnutls_record_encryption_level_t
+   * @data: the (const) data that was being sent
+   * @data_size: the size of data
+   *
+   * Function prototype for handshake intercepting hooks. It is set using
+   * gnutls_handshake_set_read_function().
+   *
+   * Returns: Non zero on error.
+   * Since: 3.7.0
+   */
+typedef int (*gnutls_handshake_read_func) (gnutls_session_t session,
+					   gnutls_record_encryption_level_t level,
+					   gnutls_handshake_description_t htype,
+					   const void *data, size_t data_size);
+
+void
+gnutls_handshake_set_read_function(gnutls_session_t session,
+				   gnutls_handshake_read_func func);
+
+int
+gnutls_handshake_write(gnutls_session_t session,
+		       gnutls_record_encryption_level_t level,
+		       const void *data, size_t data_size);
+
+  /**
+   * gnutls_handshake_secret_func:
+   * @session: the current session
+   * @level: the encryption level
+   * @secret_read: the secret used for reading, can be %NULL if not set
+   * @secret_write: the secret used for writing, can be %NULL if not set
+   * @secret_size: the size of the secrets
+   *
+   * Function prototype for secret hooks. It is set using
+   * gnutls_handshake_set_secret_function().
+   *
+   * Returns: Non zero on error.
+   * Since: 3.7.0
+   */
+typedef int (*gnutls_handshake_secret_func) (gnutls_session_t session,
+					     gnutls_record_encryption_level_t level,
+					     const void *secret_read,
+					     const void *secret_write,
+					     size_t secret_size);
+
+void
+gnutls_handshake_set_secret_function(gnutls_session_t session,
+				     gnutls_handshake_secret_func func);
+
+  /**
+   * gnutls_alert_read_func:
+   * @session: the current session
+   * @level: #gnutls_record_encryption_level_t
+   * @alert_level: the level of the alert
+   * @alert_desc: the alert description
+   *
+   * Function prototype for alert intercepting hooks. It is set using
+   * gnutls_alert_set_read_function().
+   *
+   * Returns: Non zero on error.
+   * Since: 3.7.0
+   */
+typedef int (*gnutls_alert_read_func) (gnutls_session_t session,
+				       gnutls_record_encryption_level_t level,
+				       gnutls_alert_level_t alert_level,
+				       gnutls_alert_description_t alert_desc);
+
+void
+gnutls_alert_set_read_function(gnutls_session_t session,
+			       gnutls_alert_read_func func);
+
+/* FIPS140-2 related functions */
+unsigned gnutls_fips140_mode_enabled(void);
+
+/**
+ * gnutls_fips_mode_t:
+ * @GNUTLS_FIPS140_DISABLED: The FIPS140-2 mode is disabled.
+ * @GNUTLS_FIPS140_STRICT: The default mode; all forbidden operations will cause an
+ *                         operation failure via error code.
+ * @GNUTLS_FIPS140_LAX: The library still uses the FIPS140-2 relevant algorithms but all
+ *                      forbidden by FIPS140-2 operations are allowed; this is useful when the
+ *                      application is aware of the followed security policy, and needs
+ *                      to utilize disallowed operations for other reasons (e.g., compatibility).
+ * @GNUTLS_FIPS140_LOG: Similarly to %GNUTLS_FIPS140_LAX, it allows forbidden operations; any use of them results
+ *                      to a message to the audit callback functions.
+ * @GNUTLS_FIPS140_SELFTESTS: A transient state during library initialization. That state
+ *			cannot be set or seen by applications.
+ *
+ * Enumeration of different operational modes under FIPS140-2.
+ */
+typedef enum gnutls_fips_mode_t {
+  GNUTLS_FIPS140_DISABLED = 0,
+  GNUTLS_FIPS140_STRICT = 1,
+  GNUTLS_FIPS140_SELFTESTS = 2,
+  GNUTLS_FIPS140_LAX = 3,
+  GNUTLS_FIPS140_LOG = 4
+} gnutls_fips_mode_t;
+
+#define GNUTLS_FIPS140_SET_MODE_THREAD 1
+
+void gnutls_fips140_set_mode(gnutls_fips_mode_t mode, unsigned flags);
+
+#define GNUTLS_FIPS140_SET_LAX_MODE() do { \
+	if (gnutls_fips140_mode_enabled()) \
+		gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, GNUTLS_FIPS140_SET_MODE_THREAD); \
+	} while(0)
+
+#define GNUTLS_FIPS140_SET_STRICT_MODE() do { \
+	if (gnutls_fips140_mode_enabled()) \
+		gnutls_fips140_set_mode(GNUTLS_FIPS140_STRICT, GNUTLS_FIPS140_SET_MODE_THREAD); \
+	} while(0)
+
+typedef struct gnutls_fips140_context_st *gnutls_fips140_context_t;
+
+int gnutls_fips140_context_init(gnutls_fips140_context_t *context);
+void gnutls_fips140_context_deinit(gnutls_fips140_context_t context);
+
+/**
+ * gnutls_fips140_operation_state_t:
+ * @GNUTLS_FIPS140_OP_INITIAL: no previous operation has done
+ * @GNUTLS_FIPS140_OP_APPROVED: the previous operation was FIPS approved
+ * @GNUTLS_FIPS140_OP_NOT_APPROVED: the previous operation was not FIPS approved
+ * @GNUTLS_FIPS140_OP_ERROR: the previous operation caused an error regardless of FIPS
+ *
+ * The FIPS operation state set by the preceding operation.
+ *
+ * There are state transition rules among the enum values:
+ * - When the context is attached to a thread, it will be set to reset
+ *   to the %GNUTLS_FIPS140_OP_INITIAL state
+ * - From the %GNUTLS_FIPS140_OP_INITIAL state, the context can
+ *   transition to either %GNUTLS_FIPS140_OP_APPROVED,
+ *   %GNUTLS_FIPS140_OP_NOT_APPROVED, or %GNUTLS_FIPS140_OP_ERROR
+ * - From the %GNUTLS_FIPS140_OP_APPROVED state, the context can
+ *   transition to %GNUTLS_FIPS140_OP_NOT_APPROVED
+ * - All other transitions are prohibited.
+ *
+ * Since: 3.7.3
+ */
+typedef enum {
+        GNUTLS_FIPS140_OP_INITIAL,
+        GNUTLS_FIPS140_OP_APPROVED,
+        GNUTLS_FIPS140_OP_NOT_APPROVED,
+        GNUTLS_FIPS140_OP_ERROR
+} gnutls_fips140_operation_state_t;
+
+gnutls_fips140_operation_state_t
+gnutls_fips140_get_operation_state(gnutls_fips140_context_t context);
+
+int gnutls_fips140_push_context(gnutls_fips140_context_t context);
+int gnutls_fips140_pop_context(void);
+
+int gnutls_fips140_run_self_tests(void);
+
+  /* Gnutls error codes. The mapping to a TLS alert is also shown in
+   * comments.
+   */
+
+#define GNUTLS_E_SUCCESS 0
+#define	GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM -3
+#define	GNUTLS_E_UNKNOWN_CIPHER_TYPE -6
+#define	GNUTLS_E_LARGE_PACKET -7
+#define GNUTLS_E_UNSUPPORTED_VERSION_PACKET -8	/* GNUTLS_A_PROTOCOL_VERSION */
+#define GNUTLS_E_TLS_PACKET_DECODING_ERROR GNUTLS_E_UNEXPECTED_PACKET_LENGTH
+#define GNUTLS_E_UNEXPECTED_PACKET_LENGTH -9	/* GNUTLS_A_DECODE_ERROR */
+#define GNUTLS_E_INVALID_SESSION -10
+#define GNUTLS_E_FATAL_ALERT_RECEIVED -12
+#define GNUTLS_E_UNEXPECTED_PACKET -15	/* GNUTLS_A_UNEXPECTED_MESSAGE */
+#define GNUTLS_E_WARNING_ALERT_RECEIVED -16
+#define GNUTLS_E_ERROR_IN_FINISHED_PACKET -18
+#define GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET -19
+#define	GNUTLS_E_UNKNOWN_CIPHER_SUITE -21	/* GNUTLS_A_HANDSHAKE_FAILURE */
+#define	GNUTLS_E_UNWANTED_ALGORITHM -22
+#define	GNUTLS_E_MPI_SCAN_FAILED -23
+#define GNUTLS_E_DECRYPTION_FAILED -24	/* GNUTLS_A_DECRYPTION_FAILED, GNUTLS_A_BAD_RECORD_MAC */
+#define GNUTLS_E_MEMORY_ERROR -25
+#define GNUTLS_E_DECOMPRESSION_FAILED -26	/* GNUTLS_A_DECOMPRESSION_FAILURE */
+#define GNUTLS_E_COMPRESSION_FAILED -27
+#define GNUTLS_E_AGAIN -28
+#define GNUTLS_E_EXPIRED -29
+#define GNUTLS_E_DB_ERROR -30
+#define GNUTLS_E_SRP_PWD_ERROR GNUTLS_E_KEYFILE_ERROR
+#define GNUTLS_E_KEYFILE_ERROR -31
+#define GNUTLS_E_INSUFFICIENT_CREDENTIALS -32
+#define GNUTLS_E_INSUFICIENT_CREDENTIALS GNUTLS_E_INSUFFICIENT_CREDENTIALS	/* for backwards compatibility only */
+#define GNUTLS_E_INSUFFICIENT_CRED GNUTLS_E_INSUFFICIENT_CREDENTIALS
+#define GNUTLS_E_INSUFICIENT_CRED GNUTLS_E_INSUFFICIENT_CREDENTIALS	/* for backwards compatibility only */
+
+#define GNUTLS_E_HASH_FAILED -33
+#define GNUTLS_E_BASE64_DECODING_ERROR -34
+
+#define	GNUTLS_E_MPI_PRINT_FAILED -35
+#define GNUTLS_E_REHANDSHAKE -37	/* GNUTLS_A_NO_RENEGOTIATION */
+#define GNUTLS_E_GOT_APPLICATION_DATA -38
+#define GNUTLS_E_RECORD_LIMIT_REACHED -39
+#define GNUTLS_E_ENCRYPTION_FAILED -40
+
+#define GNUTLS_E_PK_ENCRYPTION_FAILED -44
+#define GNUTLS_E_PK_DECRYPTION_FAILED -45
+#define GNUTLS_E_PK_SIGN_FAILED -46
+#define GNUTLS_E_X509_UNSUPPORTED_CRITICAL_EXTENSION -47
+#define GNUTLS_E_KEY_USAGE_VIOLATION -48
+#define GNUTLS_E_NO_CERTIFICATE_FOUND -49	/* GNUTLS_A_BAD_CERTIFICATE */
+#define GNUTLS_E_INVALID_REQUEST -50
+#define GNUTLS_E_SHORT_MEMORY_BUFFER -51
+#define GNUTLS_E_INTERRUPTED -52
+#define GNUTLS_E_PUSH_ERROR -53
+#define GNUTLS_E_PULL_ERROR -54
+#define GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER -55	/* GNUTLS_A_ILLEGAL_PARAMETER */
+#define GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE -56
+#define GNUTLS_E_PKCS1_WRONG_PAD -57
+#define GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION -58
+#define GNUTLS_E_INTERNAL_ERROR -59
+#define GNUTLS_E_DH_PRIME_UNACCEPTABLE -63
+#define GNUTLS_E_FILE_ERROR -64
+#define GNUTLS_E_TOO_MANY_EMPTY_PACKETS -78
+#define GNUTLS_E_UNKNOWN_PK_ALGORITHM -80
+#define GNUTLS_E_TOO_MANY_HANDSHAKE_PACKETS -81
+#define GNUTLS_E_RECEIVED_DISALLOWED_NAME -82 /* GNUTLS_A_ILLEGAL_PARAMETER */
+#define GNUTLS_E_CERTIFICATE_REQUIRED -112 /* GNUTLS_A_CERTIFICATE_REQUIRED */
+
+  /* returned if you need to generate temporary RSA
+   * parameters. These are needed for export cipher suites.
+   */
+#define GNUTLS_E_NO_TEMPORARY_RSA_PARAMS -84
+
+#define GNUTLS_E_NO_COMPRESSION_ALGORITHMS -86
+#define GNUTLS_E_NO_CIPHER_SUITES -87
+
+#define GNUTLS_E_OPENPGP_GETKEY_FAILED -88
+#define GNUTLS_E_PK_SIG_VERIFY_FAILED -89
+
+#define GNUTLS_E_ILLEGAL_SRP_USERNAME -90
+#define GNUTLS_E_SRP_PWD_PARSING_ERROR GNUTLS_E_KEYFILE_PARSING_ERROR
+#define GNUTLS_E_KEYFILE_PARSING_ERROR -91
+#define GNUTLS_E_NO_TEMPORARY_DH_PARAMS -93
+
+  /* For certificate and key stuff
+   */
+#define GNUTLS_E_ASN1_ELEMENT_NOT_FOUND -67
+#define GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND -68
+#define GNUTLS_E_ASN1_DER_ERROR -69
+#define GNUTLS_E_ASN1_VALUE_NOT_FOUND -70
+#define GNUTLS_E_ASN1_GENERIC_ERROR -71
+#define GNUTLS_E_ASN1_VALUE_NOT_VALID -72
+#define GNUTLS_E_ASN1_TAG_ERROR -73
+#define GNUTLS_E_ASN1_TAG_IMPLICIT -74
+#define GNUTLS_E_ASN1_TYPE_ANY_ERROR -75
+#define GNUTLS_E_ASN1_SYNTAX_ERROR -76
+#define GNUTLS_E_ASN1_DER_OVERFLOW -77
+#define GNUTLS_E_OPENPGP_UID_REVOKED -79
+#define GNUTLS_E_CERTIFICATE_ERROR -43
+#define GNUTLS_E_X509_CERTIFICATE_ERROR GNUTLS_E_CERTIFICATE_ERROR
+#define GNUTLS_E_CERTIFICATE_KEY_MISMATCH -60
+#define GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE -61	/* GNUTLS_A_UNSUPPORTED_CERTIFICATE */
+#define GNUTLS_E_X509_UNKNOWN_SAN -62
+#define GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED -94
+#define GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE -95
+#define GNUTLS_E_UNKNOWN_HASH_ALGORITHM -96
+#define GNUTLS_E_UNKNOWN_PKCS_CONTENT_TYPE -97
+#define GNUTLS_E_UNKNOWN_PKCS_BAG_TYPE -98
+#define GNUTLS_E_INVALID_PASSWORD -99
+#define GNUTLS_E_MAC_VERIFY_FAILED -100	/* for PKCS #12 MAC */
+#define GNUTLS_E_CONSTRAINT_ERROR -101
+
+#define GNUTLS_E_WARNING_IA_IPHF_RECEIVED -102
+#define GNUTLS_E_WARNING_IA_FPHF_RECEIVED -103
+
+#define GNUTLS_E_IA_VERIFY_FAILED -104
+#define GNUTLS_E_UNKNOWN_ALGORITHM -105
+#define GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM -106
+#define GNUTLS_E_SAFE_RENEGOTIATION_FAILED -107
+#define GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED -108
+#define GNUTLS_E_UNKNOWN_SRP_USERNAME -109
+#define GNUTLS_E_PREMATURE_TERMINATION -110
+
+#define GNUTLS_E_MALFORMED_CIDR -111
+
+#define GNUTLS_E_BASE64_ENCODING_ERROR -201
+#define GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY -202	/* obsolete */
+#define GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY -202
+#define GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY -203
+
+#define GNUTLS_E_OPENPGP_KEYRING_ERROR -204
+#define GNUTLS_E_X509_UNSUPPORTED_OID -205
+
+#define GNUTLS_E_RANDOM_FAILED -206
+#define GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR -207
+
+#define GNUTLS_E_OPENPGP_SUBKEY_ERROR -208
+
+#define GNUTLS_E_CRYPTO_ALREADY_REGISTERED GNUTLS_E_ALREADY_REGISTERED
+#define GNUTLS_E_ALREADY_REGISTERED -209
+
+#define GNUTLS_E_HANDSHAKE_TOO_LARGE -210
+
+#define GNUTLS_E_CRYPTODEV_IOCTL_ERROR -211
+#define GNUTLS_E_CRYPTODEV_DEVICE_ERROR -212
+
+#define GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE -213
+#define GNUTLS_E_BAD_COOKIE -214
+#define GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR -215
+#define GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL -216
+#define GNUTLS_E_INSUFFICIENT_SECURITY -217
+
+#define GNUTLS_E_HEARTBEAT_PONG_RECEIVED -292
+#define GNUTLS_E_HEARTBEAT_PING_RECEIVED -293
+
+#define GNUTLS_E_UNRECOGNIZED_NAME -294
+
+/* PKCS11 related */
+#define GNUTLS_E_PKCS11_ERROR -300
+#define GNUTLS_E_PKCS11_LOAD_ERROR -301
+#define GNUTLS_E_PARSING_ERROR -302
+#define GNUTLS_E_PKCS11_PIN_ERROR -303
+
+#define GNUTLS_E_PKCS11_SLOT_ERROR -305
+#define GNUTLS_E_LOCKING_ERROR -306
+#define GNUTLS_E_PKCS11_ATTRIBUTE_ERROR -307
+#define GNUTLS_E_PKCS11_DEVICE_ERROR -308
+#define GNUTLS_E_PKCS11_DATA_ERROR -309
+#define GNUTLS_E_PKCS11_UNSUPPORTED_FEATURE_ERROR -310
+#define GNUTLS_E_PKCS11_KEY_ERROR -311
+#define GNUTLS_E_PKCS11_PIN_EXPIRED -312
+#define GNUTLS_E_PKCS11_PIN_LOCKED -313
+#define GNUTLS_E_PKCS11_SESSION_ERROR -314
+#define GNUTLS_E_PKCS11_SIGNATURE_ERROR -315
+#define GNUTLS_E_PKCS11_TOKEN_ERROR -316
+#define GNUTLS_E_PKCS11_USER_ERROR -317
+
+#define GNUTLS_E_CRYPTO_INIT_FAILED -318
+#define GNUTLS_E_TIMEDOUT -319
+#define GNUTLS_E_USER_ERROR -320
+#define GNUTLS_E_ECC_NO_SUPPORTED_CURVES -321
+#define GNUTLS_E_ECC_UNSUPPORTED_CURVE -322
+#define GNUTLS_E_PKCS11_REQUESTED_OBJECT_NOT_AVAILBLE -323
+#define GNUTLS_E_CERTIFICATE_LIST_UNSORTED -324
+#define GNUTLS_E_ILLEGAL_PARAMETER -325 /* GNUTLS_A_ILLEGAL_PARAMETER */
+#define GNUTLS_E_NO_PRIORITIES_WERE_SET -326
+#define GNUTLS_E_X509_UNSUPPORTED_EXTENSION -327
+#define GNUTLS_E_SESSION_EOF -328
+
+#define GNUTLS_E_TPM_ERROR -329
+#define GNUTLS_E_TPM_KEY_PASSWORD_ERROR -330
+#define GNUTLS_E_TPM_SRK_PASSWORD_ERROR -331
+#define GNUTLS_E_TPM_SESSION_ERROR -332
+#define GNUTLS_E_TPM_KEY_NOT_FOUND -333
+#define GNUTLS_E_TPM_UNINITIALIZED -334
+#define GNUTLS_E_TPM_NO_LIB -335
+
+#define GNUTLS_E_NO_CERTIFICATE_STATUS -340
+#define GNUTLS_E_OCSP_RESPONSE_ERROR -341
+#define GNUTLS_E_RANDOM_DEVICE_ERROR -342
+#define GNUTLS_E_AUTH_ERROR -343
+#define GNUTLS_E_NO_APPLICATION_PROTOCOL -344
+#define GNUTLS_E_SOCKETS_INIT_ERROR -345
+#define GNUTLS_E_KEY_IMPORT_FAILED -346
+#define GNUTLS_E_INAPPROPRIATE_FALLBACK -347 /*GNUTLS_A_INAPPROPRIATE_FALLBACK*/
+#define GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR -348
+#define GNUTLS_E_PRIVKEY_VERIFICATION_ERROR -349
+#define GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH -350 /*GNUTLS_A_DECODE_ERROR*/
+#define GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING -351
+
+#define GNUTLS_E_SELF_TEST_ERROR -400
+#define GNUTLS_E_NO_SELF_TEST -401
+#define GNUTLS_E_LIB_IN_ERROR_STATE -402
+#define GNUTLS_E_PK_GENERATION_ERROR -403
+#define GNUTLS_E_IDNA_ERROR -404
+
+#define GNUTLS_E_NEED_FALLBACK -405
+#define GNUTLS_E_SESSION_USER_ID_CHANGED -406
+#define GNUTLS_E_HANDSHAKE_DURING_FALSE_START -407
+#define GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE -408
+#define GNUTLS_E_PK_INVALID_PUBKEY -409
+#define GNUTLS_E_PK_INVALID_PRIVKEY -410
+#define GNUTLS_E_NOT_YET_ACTIVATED -411
+#define GNUTLS_E_INVALID_UTF8_STRING -412
+#define GNUTLS_E_NO_EMBEDDED_DATA -413
+#define GNUTLS_E_INVALID_UTF8_EMAIL -414
+#define GNUTLS_E_INVALID_PASSWORD_STRING -415
+#define GNUTLS_E_CERTIFICATE_TIME_ERROR -416
+#define GNUTLS_E_RECORD_OVERFLOW -417	/* GNUTLS_A_RECORD_OVERFLOW */
+#define GNUTLS_E_ASN1_TIME_ERROR -418
+#define GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY -419
+#define GNUTLS_E_PK_INVALID_PUBKEY_PARAMS -420
+#define GNUTLS_E_PK_NO_VALIDATION_PARAMS -421
+#define GNUTLS_E_OCSP_MISMATCH_WITH_CERTS -422
+
+#define GNUTLS_E_NO_COMMON_KEY_SHARE -423
+#define GNUTLS_E_REAUTH_REQUEST -424
+#define GNUTLS_E_TOO_MANY_MATCHES -425
+#define GNUTLS_E_CRL_VERIFICATION_ERROR -426
+#define GNUTLS_E_MISSING_EXTENSION -427
+#define GNUTLS_E_DB_ENTRY_EXISTS -428
+#define GNUTLS_E_EARLY_DATA_REJECTED -429
+#define GNUTLS_E_X509_DUPLICATE_EXTENSION -430
+
+#define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250
+
+/* Internal errors of the library; will never be returned
+ * to a calling application */
+#define GNUTLS_E_INT_RET_0 -1251
+#define GNUTLS_E_INT_CHECK_AGAIN -1252
+
+#define GNUTLS_E_APPLICATION_ERROR_MAX -65000
+#define GNUTLS_E_APPLICATION_ERROR_MIN -65500
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#include <gnutls/compat.h>
+
+#endif /* GNUTLS_GNUTLS_H */
diff --git a/lib/includes/gnutls/gnutlsxx.h b/lib/includes/gnutls/gnutlsxx.h
new file mode 100644
index 0000000..23bbd4e
--- /dev/null
+++ b/lib/includes/gnutls/gnutlsxx.h
@@ -0,0 +1,431 @@
+/*
+ * Copyright (C) 2006-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_GNUTLSXX_H
+#define GNUTLS_GNUTLSXX_H
+
+#include <exception>
+#include <vector>
+#include <gnutls/gnutls.h>
+
+namespace gnutls {
+
+	class noncopyable {
+	      protected:
+		noncopyable() {
+		} ~noncopyable() {
+	      } private:
+		// These are non-implemented.
+		 noncopyable(const noncopyable &);
+		noncopyable & operator=(const noncopyable &);
+	};
+
+
+	class exception:public std::exception {
+	      public:
+		explicit exception(int x);
+		const char *what() const throw();
+		int get_code();
+	      protected:
+		int retcode;
+	};
+
+
+	class dh_params:private noncopyable {
+	      public:
+		dh_params();
+		~dh_params();
+		void import_raw(const gnutls_datum_t & prime,
+				const gnutls_datum_t & generator);
+		void import_pkcs3(const gnutls_datum_t & pkcs3_params,
+				  gnutls_x509_crt_fmt_t format);
+		void generate(unsigned int bits);
+
+		void export_pkcs3(gnutls_x509_crt_fmt_t format,
+				  unsigned char *params_data,
+				  size_t * params_data_size);
+		void export_raw(gnutls_datum_t & prime,
+				gnutls_datum_t & generator);
+
+		gnutls_dh_params_t get_params_t() const;
+		 dh_params & operator=(const dh_params & src);
+	      protected:
+		 gnutls_dh_params_t params;
+	};
+
+
+	class rsa_params:private noncopyable {
+	      public:
+		rsa_params();
+		~rsa_params();
+		void import_raw(const gnutls_datum_t & m,
+				const gnutls_datum_t & e,
+				const gnutls_datum_t & d,
+				const gnutls_datum_t & p,
+				const gnutls_datum_t & q,
+				const gnutls_datum_t & u);
+		void import_pkcs1(const gnutls_datum_t & pkcs1_params,
+				  gnutls_x509_crt_fmt_t format);
+		void generate(unsigned int bits);
+
+		void export_pkcs1(gnutls_x509_crt_fmt_t format,
+				  unsigned char *params_data,
+				  size_t * params_data_size);
+		void export_raw(gnutls_datum_t & m, gnutls_datum_t & e,
+				gnutls_datum_t & d, gnutls_datum_t & p,
+				gnutls_datum_t & q, gnutls_datum_t & u);
+		gnutls_rsa_params_t get_params_t() const;
+		 rsa_params & operator=(const rsa_params & src);
+
+	      protected:
+		 gnutls_rsa_params_t params;
+	};
+
+	class session:private noncopyable {
+	      protected:
+		gnutls_session_t s;
+	      public:
+		explicit session(unsigned int);
+		 virtual ~ session();
+
+		gnutls_session_t ptr();
+		int bye(gnutls_close_request_t how);
+		int handshake();
+
+		gnutls_alert_description_t get_alert() const;
+
+		int send_alert(gnutls_alert_level_t level,
+			       gnutls_alert_description_t desc);
+		int send_appropriate_alert(int err);
+
+		gnutls_cipher_algorithm_t get_cipher() const;
+		gnutls_kx_algorithm_t get_kx() const;
+		gnutls_mac_algorithm_t get_mac() const;
+		gnutls_compression_method_t get_compression() const;
+		gnutls_certificate_type_t get_certificate_type() const;
+
+		// for the handshake
+		void set_private_extensions(bool allow);
+
+		gnutls_handshake_description_t get_handshake_last_out()
+		    const;
+		gnutls_handshake_description_t get_handshake_last_in()
+		    const;
+
+		ssize_t send(const void *data, size_t sizeofdata);
+		ssize_t recv(void *data, size_t sizeofdata);
+
+		bool get_record_direction() const;
+
+		// maximum packet size
+		size_t get_max_size() const;
+		void set_max_size(size_t size);
+
+		size_t check_pending() const;
+
+		void prf(size_t label_size, const char *label,
+			 int server_random_first,
+			 size_t extra_size, const char *extra,
+			 size_t outsize, char *out);
+
+		void prf_raw(size_t label_size, const char *label,
+			     size_t seed_size, const char *seed,
+			     size_t outsize, char *out);
+
+		/* if you just want some defaults, use the following.
+		 */
+		void set_priority(const char *prio, const char **err_pos);
+		void set_priority(gnutls_priority_t p);
+
+		gnutls_protocol_t get_protocol_version() const;
+
+		// for resuming sessions
+		void set_data(const void *session_data,
+			      size_t session_data_size);
+		void get_data(void *session_data,
+			      size_t * session_data_size) const;
+		void get_data(gnutls_session_t session,
+			      gnutls_datum_t & data) const;
+		void get_id(void *session_id,
+			    size_t * session_id_size) const;
+
+		bool is_resumed() const;
+
+		void set_max_handshake_packet_length(size_t max);
+
+		void clear_credentials();
+		void set_credentials(const class credentials & cred);
+
+		void set_transport_ptr(gnutls_transport_ptr_t ptr);
+		void set_transport_ptr(gnutls_transport_ptr_t recv_ptr,
+				       gnutls_transport_ptr_t send_ptr);
+		gnutls_transport_ptr_t get_transport_ptr() const;
+		void get_transport_ptr(gnutls_transport_ptr_t & recv_ptr,
+				       gnutls_transport_ptr_t & send_ptr)
+		    const;
+
+		void set_transport_lowat(size_t num);
+		void set_transport_push_function(gnutls_push_func
+						 push_func);
+		void set_transport_vec_push_function(gnutls_vec_push_func
+						     vec_push_func);
+		void set_transport_pull_function(gnutls_pull_func
+						 pull_func);
+		void set_transport_pull_timeout_function (gnutls_pull_timeout_func pull_timeout_func);
+
+		void set_user_ptr(void *ptr);
+		void *get_user_ptr() const;
+
+		void send_openpgp_cert(gnutls_openpgp_crt_status_t status);
+
+		gnutls_credentials_type_t get_auth_type() const;
+		gnutls_credentials_type_t get_server_auth_type() const;
+		gnutls_credentials_type_t get_client_auth_type() const;
+
+		// informational stuff
+		void set_dh_prime_bits(unsigned int bits);
+		unsigned int get_dh_secret_bits() const;
+		unsigned int get_dh_peers_public_bits() const;
+		unsigned int get_dh_prime_bits() const;
+		void get_dh_group(gnutls_datum_t & gen,
+				  gnutls_datum_t & prime) const;
+		void get_dh_pubkey(gnutls_datum_t & raw_key) const;
+		void get_rsa_export_pubkey(gnutls_datum_t & exponent,
+					   gnutls_datum_t & modulus) const;
+		unsigned int get_rsa_export_modulus_bits() const;
+
+		void get_our_certificate(gnutls_datum_t & cert) const;
+		bool get_peers_certificate(std::vector < gnutls_datum_t >
+					   &out_certs) const;
+		bool get_peers_certificate(const gnutls_datum_t ** certs,
+					   unsigned int *certs_size) const;
+
+		time_t get_peers_certificate_activation_time() const;
+		time_t get_peers_certificate_expiration_time() const;
+		void verify_peers_certificate(unsigned int &status) const;
+
+	};
+
+// interface for databases
+	class DB:private noncopyable {
+	      public:
+		virtual ~ DB() = 0;
+		virtual bool store(const gnutls_datum_t & key,
+				   const gnutls_datum_t & data) = 0;
+		virtual bool retrieve(const gnutls_datum_t & key,
+				      gnutls_datum_t & data) = 0;
+		virtual bool remove(const gnutls_datum_t & key) = 0;
+	};
+
+	class server_session:public session {
+	      public:
+		server_session();
+		explicit server_session(int flags);
+		~server_session();
+		void db_remove() const;
+
+		void set_db_cache_expiration(unsigned int seconds);
+		void set_db(const DB & db);
+
+		// returns true if session is expired
+		bool db_check_entry(const gnutls_datum_t & session_data) const;
+
+		// server side only
+		const char *get_srp_username() const;
+		const char *get_psk_username() const;
+
+		void get_server_name(void *data, size_t * data_length,
+				     unsigned int *type,
+				     unsigned int indx) const;
+
+		int rehandshake();
+		void set_certificate_request(gnutls_certificate_request_t);
+	};
+
+	class client_session:public session {
+	      public:
+		client_session();
+		explicit client_session(int flags);
+		~client_session();
+
+		void set_verify_cert(const char *hostname, unsigned flags);
+		void set_server_name(gnutls_server_name_type_t type,
+				     const void *name, size_t name_length);
+
+		bool get_request_status();
+	};
+
+
+	class credentials:private noncopyable {
+	      public:
+		virtual ~ credentials() {
+		} gnutls_credentials_type_t get_type() const;
+	      protected:
+		friend class session;
+		explicit credentials(gnutls_credentials_type_t t);
+		void *ptr() const;
+		void set_ptr(void *ptr);
+		gnutls_credentials_type_t type;
+	      private:
+		void *cred;
+	};
+
+	class certificate_credentials:public credentials {
+	      public:
+		~certificate_credentials();
+		certificate_credentials();
+
+		void free_keys();
+		void free_cas();
+		void free_ca_names();
+		void free_crls();
+
+		void set_dh_params(const dh_params & params);
+		void set_rsa_export_params(const rsa_params & params);
+		void set_verify_flags(unsigned int flags);
+		void set_verify_limits(unsigned int max_bits,
+				       unsigned int max_depth);
+
+		void set_x509_trust_file(const char *cafile,
+					 gnutls_x509_crt_fmt_t type);
+		void set_x509_trust(const gnutls_datum_t & CA,
+				    gnutls_x509_crt_fmt_t type);
+
+		void set_x509_trust(gnutls_x509_crt_t * ca_list,
+				    int ca_list_size);
+
+		void set_x509_crl_file(const char *crlfile,
+				       gnutls_x509_crt_fmt_t type);
+		void set_x509_crl(const gnutls_datum_t & CRL,
+				  gnutls_x509_crt_fmt_t type);
+		void set_x509_crl(gnutls_x509_crl_t * crl_list,
+				  int crl_list_size);
+
+		void set_x509_key_file(const char *certfile,
+				       const char *KEYFILE,
+				       gnutls_x509_crt_fmt_t type);
+		void set_x509_key(const gnutls_datum_t & CERT,
+				  const gnutls_datum_t & KEY,
+				  gnutls_x509_crt_fmt_t type);
+
+		void set_x509_key(gnutls_x509_crt_t * cert_list,
+				  int cert_list_size,
+				  gnutls_x509_privkey_t key);
+
+
+		void set_simple_pkcs12_file(const char *pkcs12file,
+					    gnutls_x509_crt_fmt_t type,
+					    const char *password);
+
+		void set_retrieve_function
+		    (gnutls_certificate_retrieve_function * func);
+
+	      protected:
+		 gnutls_certificate_credentials_t cred;
+	};
+
+	class certificate_server_credentials:public certificate_credentials {
+	      public:
+		void set_params_function(gnutls_params_function * func);
+	};
+
+	class certificate_client_credentials:public certificate_credentials {
+	      public:
+	};
+
+
+
+
+	class anon_server_credentials:public credentials {
+	      public:
+		anon_server_credentials();
+		~anon_server_credentials();
+		void set_dh_params(const dh_params & params);
+		void set_params_function(gnutls_params_function * func);
+	      protected:
+		 gnutls_anon_server_credentials_t cred;
+	};
+
+	class anon_client_credentials:public credentials {
+	      public:
+		anon_client_credentials();
+		~anon_client_credentials();
+	      protected:
+		gnutls_anon_client_credentials_t cred;
+	};
+
+
+	class srp_server_credentials:public credentials {
+	      public:
+		srp_server_credentials();
+		~srp_server_credentials();
+		void set_credentials_file(const char *password_file,
+					  const char *password_conf_file);
+		void set_credentials_function
+		    (gnutls_srp_server_credentials_function * func);
+	      protected:
+		 gnutls_srp_server_credentials_t cred;
+	};
+
+	class srp_client_credentials:public credentials {
+	      public:
+		srp_client_credentials();
+		~srp_client_credentials();
+		void set_credentials(const char *username,
+				     const char *password);
+		void set_credentials_function
+		    (gnutls_srp_client_credentials_function * func);
+	      protected:
+		 gnutls_srp_client_credentials_t cred;
+	};
+
+
+	class psk_server_credentials:public credentials {
+	      public:
+		psk_server_credentials();
+		~psk_server_credentials();
+		void set_credentials_file(const char *password_file);
+		void set_credentials_function
+		    (gnutls_psk_server_credentials_function * func);
+		void set_dh_params(const dh_params & params);
+		void set_params_function(gnutls_params_function * func);
+	      protected:
+		 gnutls_psk_server_credentials_t cred;
+	};
+
+	class psk_client_credentials:public credentials {
+	      public:
+		psk_client_credentials();
+		~psk_client_credentials();
+		void set_credentials(const char *username,
+				     const gnutls_datum_t & key,
+				     gnutls_psk_key_flags flags);
+		void set_credentials_function
+		    (gnutls_psk_client_credentials_function * func);
+	      protected:
+		 gnutls_psk_client_credentials_t cred;
+	};
+
+
+}				/* namespace */
+
+#endif /* GNUTLS_GNUTLSXX_H */
diff --git a/lib/includes/gnutls/ocsp.h b/lib/includes/gnutls/ocsp.h
new file mode 100644
index 0000000..87806cf
--- /dev/null
+++ b/lib/includes/gnutls/ocsp.h
@@ -0,0 +1,289 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Simon Josefsson
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Online Certificate Status Protocol - RFC 2560
+ */
+
+#ifndef GNUTLS_OCSP_H
+#define GNUTLS_OCSP_H
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+#define GNUTLS_OCSP_NONCE "1.3.6.1.5.5.7.48.1.2"
+
+/**
+ * gnutls_ocsp_print_formats_t:
+ * @GNUTLS_OCSP_PRINT_FULL: Full information about OCSP request/response.
+ * @GNUTLS_OCSP_PRINT_COMPACT: More compact information about OCSP request/response.
+ *
+ * Enumeration of different OCSP printing variants.
+ */
+typedef enum gnutls_ocsp_print_formats_t {
+	GNUTLS_OCSP_PRINT_FULL = 0,
+	GNUTLS_OCSP_PRINT_COMPACT = 1
+} gnutls_ocsp_print_formats_t;
+
+/**
+ * gnutls_ocsp_resp_status_t:
+ * @GNUTLS_OCSP_RESP_SUCCESSFUL: Response has valid confirmations.
+ * @GNUTLS_OCSP_RESP_MALFORMEDREQUEST: Illegal confirmation request
+ * @GNUTLS_OCSP_RESP_INTERNALERROR: Internal error in issuer
+ * @GNUTLS_OCSP_RESP_TRYLATER: Try again later
+ * @GNUTLS_OCSP_RESP_SIGREQUIRED: Must sign the request
+ * @GNUTLS_OCSP_RESP_UNAUTHORIZED: Request unauthorized
+ *
+ * Enumeration of different OCSP response status codes.
+ */
+typedef enum gnutls_ocsp_resp_status_t {
+	GNUTLS_OCSP_RESP_SUCCESSFUL = 0,
+	GNUTLS_OCSP_RESP_MALFORMEDREQUEST = 1,
+	GNUTLS_OCSP_RESP_INTERNALERROR = 2,
+	GNUTLS_OCSP_RESP_TRYLATER = 3,
+	GNUTLS_OCSP_RESP_SIGREQUIRED = 5,
+	GNUTLS_OCSP_RESP_UNAUTHORIZED = 6
+} gnutls_ocsp_resp_status_t;
+
+/**
+ * gnutls_ocsp_cert_status_t:
+ * @GNUTLS_OCSP_CERT_GOOD: Positive response to status inquiry.
+ * @GNUTLS_OCSP_CERT_REVOKED: Certificate has been revoked.
+ * @GNUTLS_OCSP_CERT_UNKNOWN: The responder doesn't know about the
+ *   certificate.
+ *
+ * Enumeration of different OCSP response certificate status codes.
+ */
+typedef enum gnutls_ocsp_cert_status_t {
+	GNUTLS_OCSP_CERT_GOOD = 0,
+	GNUTLS_OCSP_CERT_REVOKED = 1,
+	GNUTLS_OCSP_CERT_UNKNOWN = 2
+} gnutls_ocsp_cert_status_t;
+
+/**
+ * gnutls_x509_crl_reason_t:
+ * @GNUTLS_X509_CRLREASON_UNSPECIFIED: Unspecified reason.
+ * @GNUTLS_X509_CRLREASON_KEYCOMPROMISE: Private key compromised.
+ * @GNUTLS_X509_CRLREASON_CACOMPROMISE: CA compromised.
+ * @GNUTLS_X509_CRLREASON_AFFILIATIONCHANGED: Affiliation has changed.
+ * @GNUTLS_X509_CRLREASON_SUPERSEDED: Certificate superseded.
+ * @GNUTLS_X509_CRLREASON_CESSATIONOFOPERATION: Operation has ceased.
+ * @GNUTLS_X509_CRLREASON_CERTIFICATEHOLD: Certificate is on hold.
+ * @GNUTLS_X509_CRLREASON_REMOVEFROMCRL: Will be removed from delta CRL.
+ * @GNUTLS_X509_CRLREASON_PRIVILEGEWITHDRAWN: Privilege withdrawn.
+ * @GNUTLS_X509_CRLREASON_AACOMPROMISE: AA compromised.
+ *
+ * Enumeration of different reason codes.  Note that this
+ * corresponds to the CRLReason ASN.1 enumeration type, and not the
+ * ReasonFlags ASN.1 bit string.
+ */
+typedef enum gnutls_x509_crl_reason_t {
+	GNUTLS_X509_CRLREASON_UNSPECIFIED = 0,
+	GNUTLS_X509_CRLREASON_KEYCOMPROMISE = 1,
+	GNUTLS_X509_CRLREASON_CACOMPROMISE = 2,
+	GNUTLS_X509_CRLREASON_AFFILIATIONCHANGED = 3,
+	GNUTLS_X509_CRLREASON_SUPERSEDED = 4,
+	GNUTLS_X509_CRLREASON_CESSATIONOFOPERATION = 5,
+	GNUTLS_X509_CRLREASON_CERTIFICATEHOLD = 6,
+	GNUTLS_X509_CRLREASON_REMOVEFROMCRL = 8,
+	GNUTLS_X509_CRLREASON_PRIVILEGEWITHDRAWN = 9,
+	GNUTLS_X509_CRLREASON_AACOMPROMISE = 10
+} gnutls_x509_crl_reason_t;
+
+/* When adding a verify failure reason update:
+ * _gnutls_ocsp_verify_status_to_str()
+ */
+/**
+ * gnutls_ocsp_verify_reason_t:
+ * @GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND: Signer cert not found.
+ * @GNUTLS_OCSP_VERIFY_SIGNER_KEYUSAGE_ERROR: Signer keyusage bits incorrect.
+ * @GNUTLS_OCSP_VERIFY_UNTRUSTED_SIGNER: Signer is not trusted.
+ * @GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM: Signature using insecure algorithm.
+ * @GNUTLS_OCSP_VERIFY_SIGNATURE_FAILURE: Signature mismatch.
+ * @GNUTLS_OCSP_VERIFY_CERT_NOT_ACTIVATED: Signer cert is not yet activated.
+ * @GNUTLS_OCSP_VERIFY_CERT_EXPIRED: Signer cert has expired.
+ *
+ * Enumeration of OCSP verify status codes, used by
+ * gnutls_ocsp_resp_verify() and gnutls_ocsp_resp_verify_direct().
+ */
+typedef enum gnutls_ocsp_verify_reason_t {
+	GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND = 1,
+	GNUTLS_OCSP_VERIFY_SIGNER_KEYUSAGE_ERROR = 2,
+	GNUTLS_OCSP_VERIFY_UNTRUSTED_SIGNER = 4,
+	GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM = 8,
+	GNUTLS_OCSP_VERIFY_SIGNATURE_FAILURE = 16,
+	GNUTLS_OCSP_VERIFY_CERT_NOT_ACTIVATED = 32,
+	GNUTLS_OCSP_VERIFY_CERT_EXPIRED = 64
+} gnutls_ocsp_verify_reason_t;
+
+struct gnutls_ocsp_req_int;
+typedef struct gnutls_ocsp_req_int *gnutls_ocsp_req_t;
+typedef const struct gnutls_ocsp_req_int *gnutls_ocsp_req_const_t;
+
+int gnutls_ocsp_req_init(gnutls_ocsp_req_t * req);
+void gnutls_ocsp_req_deinit(gnutls_ocsp_req_t req);
+
+int gnutls_ocsp_req_import(gnutls_ocsp_req_t req,
+			   const gnutls_datum_t * data);
+int gnutls_ocsp_req_export(gnutls_ocsp_req_const_t req, gnutls_datum_t * data);
+int gnutls_ocsp_req_print(gnutls_ocsp_req_const_t req,
+			  gnutls_ocsp_print_formats_t format,
+			  gnutls_datum_t * out);
+
+int gnutls_ocsp_req_get_version(gnutls_ocsp_req_const_t req);
+
+int gnutls_ocsp_req_get_cert_id(gnutls_ocsp_req_const_t req,
+				unsigned indx,
+				gnutls_digest_algorithm_t * digest,
+				gnutls_datum_t * issuer_name_hash,
+				gnutls_datum_t * issuer_key_hash,
+				gnutls_datum_t * serial_number);
+int gnutls_ocsp_req_add_cert_id(gnutls_ocsp_req_t req,
+				gnutls_digest_algorithm_t digest,
+				const gnutls_datum_t *
+				issuer_name_hash,
+				const gnutls_datum_t *
+				issuer_key_hash,
+				const gnutls_datum_t * serial_number);
+int gnutls_ocsp_req_add_cert(gnutls_ocsp_req_t req,
+			     gnutls_digest_algorithm_t digest,
+			     gnutls_x509_crt_t issuer,
+			     gnutls_x509_crt_t cert);
+
+int gnutls_ocsp_req_get_extension(gnutls_ocsp_req_const_t req,
+				  unsigned indx,
+				  gnutls_datum_t * oid,
+				  unsigned int *critical,
+				  gnutls_datum_t * data);
+int gnutls_ocsp_req_set_extension(gnutls_ocsp_req_t req,
+				  const char *oid,
+				  unsigned int critical,
+				  const gnutls_datum_t * data);
+
+int gnutls_ocsp_req_get_nonce(gnutls_ocsp_req_const_t req,
+			      unsigned int *critical,
+			      gnutls_datum_t * nonce);
+int gnutls_ocsp_req_set_nonce(gnutls_ocsp_req_t req,
+			      unsigned int critical,
+			      const gnutls_datum_t * nonce);
+int gnutls_ocsp_req_randomize_nonce(gnutls_ocsp_req_t req);
+
+struct gnutls_ocsp_resp_int;
+typedef struct gnutls_ocsp_resp_int *gnutls_ocsp_resp_t;
+typedef const struct gnutls_ocsp_resp_int *gnutls_ocsp_resp_const_t;
+
+int gnutls_ocsp_resp_init(gnutls_ocsp_resp_t * resp);
+void gnutls_ocsp_resp_deinit(gnutls_ocsp_resp_t resp);
+
+int gnutls_ocsp_resp_import(gnutls_ocsp_resp_t resp,
+			    const gnutls_datum_t * data);
+int gnutls_ocsp_resp_import2(gnutls_ocsp_resp_t resp,
+			     const gnutls_datum_t * data,
+			     gnutls_x509_crt_fmt_t fmt);
+int gnutls_ocsp_resp_export(gnutls_ocsp_resp_const_t resp,
+			    gnutls_datum_t * data);
+int gnutls_ocsp_resp_export2(gnutls_ocsp_resp_const_t resp,
+			     gnutls_datum_t * data,
+			     gnutls_x509_crt_fmt_t fmt);
+int gnutls_ocsp_resp_print(gnutls_ocsp_resp_const_t resp,
+			   gnutls_ocsp_print_formats_t format,
+			   gnutls_datum_t * out);
+
+int gnutls_ocsp_resp_get_status(gnutls_ocsp_resp_const_t resp);
+int gnutls_ocsp_resp_get_response(gnutls_ocsp_resp_const_t resp,
+				  gnutls_datum_t *
+				  response_type_oid,
+				  gnutls_datum_t * response);
+
+int gnutls_ocsp_resp_get_version(gnutls_ocsp_resp_const_t resp);
+int gnutls_ocsp_resp_get_responder(gnutls_ocsp_resp_const_t resp,
+				   gnutls_datum_t * dn);
+int gnutls_ocsp_resp_get_responder2(gnutls_ocsp_resp_const_t resp,
+				    gnutls_datum_t * dn,
+				    unsigned flags);
+
+/* the raw key ID of the responder */
+#define GNUTLS_OCSP_RESP_ID_KEY 1
+/* the raw DN of the responder */
+#define GNUTLS_OCSP_RESP_ID_DN 2
+int
+gnutls_ocsp_resp_get_responder_raw_id(gnutls_ocsp_resp_const_t resp,
+				      unsigned type,
+				      gnutls_datum_t * raw);
+
+time_t gnutls_ocsp_resp_get_produced(gnutls_ocsp_resp_const_t resp);
+int gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_const_t resp,
+				unsigned indx,
+				gnutls_digest_algorithm_t * digest,
+				gnutls_datum_t * issuer_name_hash,
+				gnutls_datum_t * issuer_key_hash,
+				gnutls_datum_t * serial_number,
+				unsigned int *cert_status,
+				time_t * this_update,
+				time_t * next_update,
+				time_t * revocation_time,
+				unsigned int *revocation_reason);
+int gnutls_ocsp_resp_get_extension(gnutls_ocsp_resp_const_t resp,
+				   unsigned indx,
+				   gnutls_datum_t * oid,
+				   unsigned int *critical,
+				   gnutls_datum_t * data);
+int gnutls_ocsp_resp_get_nonce(gnutls_ocsp_resp_const_t resp,
+			       unsigned int *critical,
+			       gnutls_datum_t * nonce);
+int gnutls_ocsp_resp_get_signature_algorithm(gnutls_ocsp_resp_const_t resp);
+int gnutls_ocsp_resp_get_signature(gnutls_ocsp_resp_const_t resp,
+				   gnutls_datum_t * sig);
+int gnutls_ocsp_resp_get_certs(gnutls_ocsp_resp_const_t resp,
+			       gnutls_x509_crt_t ** certs,
+			       size_t * ncerts);
+
+int gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_const_t resp,
+				   gnutls_x509_crt_t issuer,
+				   unsigned int *verify,
+				   unsigned int flags);
+int gnutls_ocsp_resp_verify(gnutls_ocsp_resp_const_t resp,
+			    gnutls_x509_trust_list_t trustlist,
+			    unsigned int *verify, unsigned int flags);
+
+int gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_const_t resp,
+			       unsigned int indx, gnutls_x509_crt_t crt);
+
+int
+gnutls_ocsp_resp_list_import2(gnutls_ocsp_resp_t **ocsps,
+			     unsigned int *size,
+			     const gnutls_datum_t *resp_data,
+			     gnutls_x509_crt_fmt_t format,
+			     unsigned int flags);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_OCSP_H */
diff --git a/lib/includes/gnutls/openpgp.h b/lib/includes/gnutls/openpgp.h
new file mode 100644
index 0000000..632ffb1
--- /dev/null
+++ b/lib/includes/gnutls/openpgp.h
@@ -0,0 +1,381 @@
+/*
+ * Copyright (C) 2003-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the types and prototypes for the OpenPGP
+ * key and private key parsing functions.
+ */
+
+#ifndef GNUTLS_OPENPGP_H
+#define GNUTLS_OPENPGP_H
+
+#include <gnutls/gnutls.h>
+#include <limits.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+/* Openpgp certificate stuff
+ */
+
+/**
+ * gnutls_openpgp_crt_fmt_t:
+ * @GNUTLS_OPENPGP_FMT_RAW: OpenPGP certificate in raw format.
+ * @GNUTLS_OPENPGP_FMT_BASE64: OpenPGP certificate in base64 format.
+ *
+ * Enumeration of different OpenPGP key formats.
+ */
+typedef enum gnutls_openpgp_crt_fmt {
+	GNUTLS_OPENPGP_FMT_RAW,
+	GNUTLS_OPENPGP_FMT_BASE64
+} gnutls_openpgp_crt_fmt_t;
+
+#define GNUTLS_OPENPGP_KEYID_SIZE 8
+#define GNUTLS_OPENPGP_V4_FINGERPRINT_SIZE 20
+typedef unsigned char
+ gnutls_openpgp_keyid_t[GNUTLS_OPENPGP_KEYID_SIZE];
+
+/* gnutls_openpgp_cert_t should be defined in gnutls.h
+ */
+
+	/* initializes the memory for gnutls_openpgp_crt_t struct */
+int gnutls_openpgp_crt_init(gnutls_openpgp_crt_t * key) _GNUTLS_GCC_ATTR_DEPRECATED;
+	/* frees all memory */
+void gnutls_openpgp_crt_deinit(gnutls_openpgp_crt_t key) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_crt_import(gnutls_openpgp_crt_t key,
+			      const gnutls_datum_t * data,
+			      gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_crt_export(gnutls_openpgp_crt_t key,
+			      gnutls_openpgp_crt_fmt_t format,
+			      void *output_data,
+			      size_t * output_data_size) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_crt_export2(gnutls_openpgp_crt_t key,
+			       gnutls_openpgp_crt_fmt_t format,
+			       gnutls_datum_t * out) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_crt_print(gnutls_openpgp_crt_t cert,
+			     gnutls_certificate_print_formats_t
+			     format, gnutls_datum_t * out) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+/* The key_usage flags are defined in gnutls.h. They are
+ * the GNUTLS_KEY_* definitions.
+ */
+#define GNUTLS_OPENPGP_MASTER_KEYID_IDX INT_MAX
+
+int gnutls_openpgp_crt_get_key_usage(gnutls_openpgp_crt_t key,
+				     unsigned int *key_usage) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_crt_get_fingerprint(gnutls_openpgp_crt_t key,
+				       void *fpr, size_t * fprlen) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_crt_get_subkey_fingerprint(gnutls_openpgp_crt_t
+					      key,
+					      unsigned int idx,
+					      void *fpr, size_t * fprlen) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_crt_get_name(gnutls_openpgp_crt_t key,
+				int idx, char *buf, size_t * sizeof_buf) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+gnutls_pk_algorithm_t
+gnutls_openpgp_crt_get_pk_algorithm(gnutls_openpgp_crt_t key,
+				    unsigned int *bits) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_crt_get_version(gnutls_openpgp_crt_t key) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+time_t gnutls_openpgp_crt_get_creation_time(gnutls_openpgp_crt_t key) _GNUTLS_GCC_ATTR_DEPRECATED;
+time_t gnutls_openpgp_crt_get_expiration_time(gnutls_openpgp_crt_t key) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_crt_get_key_id(gnutls_openpgp_crt_t key,
+				  gnutls_openpgp_keyid_t keyid) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_crt_check_hostname(gnutls_openpgp_crt_t key,
+				      const char *hostname) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_crt_check_hostname2(gnutls_openpgp_crt_t key,
+				      const char *hostname, unsigned int flags) _GNUTLS_GCC_ATTR_DEPRECATED;
+int
+gnutls_openpgp_crt_check_email(gnutls_openpgp_crt_t key, const char *email, unsigned flags) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_crt_get_revoked_status(gnutls_openpgp_crt_t key) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_crt_get_subkey_count(gnutls_openpgp_crt_t key) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_crt_get_subkey_idx(gnutls_openpgp_crt_t key,
+				      const gnutls_openpgp_keyid_t keyid) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_crt_get_subkey_revoked_status
+    (gnutls_openpgp_crt_t key, unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED;
+gnutls_pk_algorithm_t
+gnutls_openpgp_crt_get_subkey_pk_algorithm(gnutls_openpgp_crt_t
+					   key,
+					   unsigned int idx,
+					   unsigned int *bits) _GNUTLS_GCC_ATTR_DEPRECATED;
+time_t
+    gnutls_openpgp_crt_get_subkey_creation_time
+    (gnutls_openpgp_crt_t key, unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED;
+time_t
+    gnutls_openpgp_crt_get_subkey_expiration_time
+    (gnutls_openpgp_crt_t key, unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_crt_get_subkey_id(gnutls_openpgp_crt_t key,
+				     unsigned int idx,
+				     gnutls_openpgp_keyid_t keyid) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_crt_get_subkey_usage(gnutls_openpgp_crt_t key,
+					unsigned int idx,
+					unsigned int *key_usage) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_crt_get_subkey_pk_dsa_raw(gnutls_openpgp_crt_t
+					     crt, unsigned int idx,
+					     gnutls_datum_t * p,
+					     gnutls_datum_t * q,
+					     gnutls_datum_t * g,
+					     gnutls_datum_t * y) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_crt_get_subkey_pk_rsa_raw(gnutls_openpgp_crt_t
+					     crt, unsigned int idx,
+					     gnutls_datum_t * m,
+					     gnutls_datum_t * e) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_crt_get_pk_dsa_raw(gnutls_openpgp_crt_t crt,
+				      gnutls_datum_t * p,
+				      gnutls_datum_t * q,
+				      gnutls_datum_t * g,
+				      gnutls_datum_t * y) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_crt_get_pk_rsa_raw(gnutls_openpgp_crt_t crt,
+				      gnutls_datum_t * m,
+				      gnutls_datum_t * e) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_crt_get_preferred_key_id(gnutls_openpgp_crt_t
+					    key,
+					    gnutls_openpgp_keyid_t keyid) _GNUTLS_GCC_ATTR_DEPRECATED;
+int
+gnutls_openpgp_crt_set_preferred_key_id(gnutls_openpgp_crt_t key,
+					const
+					gnutls_openpgp_keyid_t keyid) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+/* privkey stuff.
+ */
+int gnutls_openpgp_privkey_init(gnutls_openpgp_privkey_t * key) _GNUTLS_GCC_ATTR_DEPRECATED;
+void gnutls_openpgp_privkey_deinit(gnutls_openpgp_privkey_t key) _GNUTLS_GCC_ATTR_DEPRECATED;
+gnutls_pk_algorithm_t
+    gnutls_openpgp_privkey_get_pk_algorithm
+    (gnutls_openpgp_privkey_t key, unsigned int *bits) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+gnutls_sec_param_t
+gnutls_openpgp_privkey_sec_param(gnutls_openpgp_privkey_t key) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_privkey_import(gnutls_openpgp_privkey_t key,
+				  const gnutls_datum_t * data,
+				  gnutls_openpgp_crt_fmt_t format,
+				  const char *password,
+				  unsigned int flags) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_privkey_get_fingerprint(gnutls_openpgp_privkey_t
+					   key, void *fpr,
+					   size_t * fprlen) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_privkey_get_subkey_fingerprint
+    (gnutls_openpgp_privkey_t key, unsigned int idx, void *fpr,
+     size_t * fprlen) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_privkey_get_key_id(gnutls_openpgp_privkey_t key,
+				      gnutls_openpgp_keyid_t keyid) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_privkey_get_subkey_count(gnutls_openpgp_privkey_t key) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_privkey_get_subkey_idx(gnutls_openpgp_privkey_t
+					  key,
+					  const
+					  gnutls_openpgp_keyid_t keyid) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_privkey_get_subkey_revoked_status
+    (gnutls_openpgp_privkey_t key, unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_privkey_get_revoked_status
+    (gnutls_openpgp_privkey_t key) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+gnutls_pk_algorithm_t
+    gnutls_openpgp_privkey_get_subkey_pk_algorithm
+    (gnutls_openpgp_privkey_t key, unsigned int idx, unsigned int *bits) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+time_t
+    gnutls_openpgp_privkey_get_subkey_expiration_time
+    (gnutls_openpgp_privkey_t key, unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_privkey_get_subkey_id(gnutls_openpgp_privkey_t
+					 key, unsigned int idx,
+					 gnutls_openpgp_keyid_t keyid) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+time_t
+    gnutls_openpgp_privkey_get_subkey_creation_time
+    (gnutls_openpgp_privkey_t key, unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_privkey_export_subkey_dsa_raw
+    (gnutls_openpgp_privkey_t pkey, unsigned int idx,
+     gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g,
+     gnutls_datum_t * y, gnutls_datum_t * x) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_privkey_export_subkey_rsa_raw
+    (gnutls_openpgp_privkey_t pkey, unsigned int idx,
+     gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * d,
+     gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_privkey_export_dsa_raw(gnutls_openpgp_privkey_t
+					  pkey, gnutls_datum_t * p,
+					  gnutls_datum_t * q,
+					  gnutls_datum_t * g,
+					  gnutls_datum_t * y,
+					  gnutls_datum_t * x) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_privkey_export_rsa_raw(gnutls_openpgp_privkey_t
+					  pkey, gnutls_datum_t * m,
+					  gnutls_datum_t * e,
+					  gnutls_datum_t * d,
+					  gnutls_datum_t * p,
+					  gnutls_datum_t * q,
+					  gnutls_datum_t * u) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_privkey_export(gnutls_openpgp_privkey_t key,
+				  gnutls_openpgp_crt_fmt_t format,
+				  const char *password,
+				  unsigned int flags,
+				  void *output_data,
+				  size_t * output_data_size) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_privkey_export2(gnutls_openpgp_privkey_t key,
+				   gnutls_openpgp_crt_fmt_t format,
+				   const char *password,
+				   unsigned int flags,
+				   gnutls_datum_t * out) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_privkey_set_preferred_key_id
+    (gnutls_openpgp_privkey_t key, const gnutls_openpgp_keyid_t keyid) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_openpgp_privkey_get_preferred_key_id
+    (gnutls_openpgp_privkey_t key, gnutls_openpgp_keyid_t keyid) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_crt_get_auth_subkey(gnutls_openpgp_crt_t crt,
+				       gnutls_openpgp_keyid_t
+				       keyid, unsigned int flag) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+/* Keyring stuff.
+ */
+
+int gnutls_openpgp_keyring_init(gnutls_openpgp_keyring_t * keyring) _GNUTLS_GCC_ATTR_DEPRECATED;
+void gnutls_openpgp_keyring_deinit(gnutls_openpgp_keyring_t keyring) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_keyring_import(gnutls_openpgp_keyring_t keyring,
+				  const gnutls_datum_t * data,
+				  gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_keyring_check_id(gnutls_openpgp_keyring_t ring,
+				    const gnutls_openpgp_keyid_t
+				    keyid, unsigned int flags) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+
+int gnutls_openpgp_crt_verify_ring(gnutls_openpgp_crt_t key,
+				   gnutls_openpgp_keyring_t
+				   keyring, unsigned int flags,
+				   unsigned int *verify
+				   /* the output of the verification */
+    ) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_crt_verify_self(gnutls_openpgp_crt_t key,
+				   unsigned int flags,
+				   unsigned int *verify) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_keyring_get_crt(gnutls_openpgp_keyring_t ring,
+				   unsigned int idx,
+				   gnutls_openpgp_crt_t * cert) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_keyring_get_crt_count(gnutls_openpgp_keyring_t ring) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+
+
+/**
+ * gnutls_openpgp_recv_key_func:
+ * @session: a TLS session
+ * @keyfpr: key fingerprint
+ * @keyfpr_length: length of key fingerprint
+ * @key: output key.
+ *
+ * A callback of this type is used to retrieve OpenPGP keys.  Only
+ * useful on the server, and will only be used if the peer send a key
+ * fingerprint instead of a full key.  See also
+ * gnutls_openpgp_set_recv_key_function().
+ *
+ * The variable @key must be allocated using gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (zero) is returned,
+ *   otherwise an error code is returned.
+ */
+typedef int (*gnutls_openpgp_recv_key_func) (gnutls_session_t
+					     session,
+					     const unsigned char
+					     *keyfpr,
+					     unsigned int
+					     keyfpr_length,
+					     gnutls_datum_t * key);
+
+void
+gnutls_openpgp_set_recv_key_function(gnutls_session_t session,
+				     gnutls_openpgp_recv_key_func func) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+
+
+/* certificate authentication stuff.
+ */
+int gnutls_certificate_set_openpgp_key
+    (gnutls_certificate_credentials_t res,
+     gnutls_openpgp_crt_t crt, gnutls_openpgp_privkey_t pkey) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int
+gnutls_certificate_get_openpgp_key(gnutls_certificate_credentials_t res,
+                                   unsigned index,
+                                   gnutls_openpgp_privkey_t *key) _GNUTLS_GCC_ATTR_DEPRECATED;
+int
+gnutls_certificate_get_openpgp_crt(gnutls_certificate_credentials_t res,
+                                   unsigned index,
+                                   gnutls_openpgp_crt_t **crt_list,
+                                   unsigned *crt_list_size) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int
+ gnutls_certificate_set_openpgp_key_file
+    (gnutls_certificate_credentials_t res, const char *certfile,
+     const char *keyfile, gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_certificate_set_openpgp_key_mem
+    (gnutls_certificate_credentials_t res,
+     const gnutls_datum_t * cert, const gnutls_datum_t * key,
+     gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int
+ gnutls_certificate_set_openpgp_key_file2
+    (gnutls_certificate_credentials_t res, const char *certfile,
+     const char *keyfile, const char *subkey_id,
+     gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED;
+int
+ gnutls_certificate_set_openpgp_key_mem2
+    (gnutls_certificate_credentials_t res,
+     const gnutls_datum_t * cert, const gnutls_datum_t * key,
+     const char *subkey_id, gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_certificate_set_openpgp_keyring_mem
+    (gnutls_certificate_credentials_t c, const unsigned char *data,
+     size_t dlen, gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_certificate_set_openpgp_keyring_file
+    (gnutls_certificate_credentials_t c, const char *file,
+     gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_OPENPGP_H */
diff --git a/lib/includes/gnutls/pkcs11.h b/lib/includes/gnutls/pkcs11.h
new file mode 100644
index 0000000..2436069
--- /dev/null
+++ b/lib/includes/gnutls/pkcs11.h
@@ -0,0 +1,514 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2016-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_PKCS11_H
+#define GNUTLS_PKCS11_H
+
+#include <stdarg.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+#define GNUTLS_PKCS11_MAX_PIN_LEN 256
+
+/**
+ * gnutls_pkcs11_token_callback_t:
+ * @userdata: user-controlled data from gnutls_pkcs11_set_token_function().
+ * @label: token label.
+ * @retry: retry counter, initially 0.
+ *
+ * Token callback function. The callback will be used to ask the user
+ * to re-insert the token with given (null terminated) label.  The
+ * callback should return zero if token has been inserted by user and
+ * a negative error code otherwise.  It might be called multiple times
+ * if the token is not detected and the retry counter will be
+ * increased.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code
+ * on error.
+ *
+ * Since: 2.12.0
+ **/
+typedef int (*gnutls_pkcs11_token_callback_t) (void *const
+					       userdata,
+					       const char *const
+					       label, unsigned retry);
+
+
+struct gnutls_pkcs11_obj_st;
+typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t;
+
+
+#define GNUTLS_PKCS11_FLAG_MANUAL 0	/* Manual loading of libraries */
+#define GNUTLS_PKCS11_FLAG_AUTO 1	/* Automatically load libraries by reading /etc/gnutls/pkcs11.conf */
+#define GNUTLS_PKCS11_FLAG_AUTO_TRUSTED (1<<1)	/* Automatically load trusted libraries by reading /etc/gnutls/pkcs11.conf */
+
+/* pkcs11.conf format:
+ * load = /lib/xxx-pkcs11.so
+ * load = /lib/yyy-pkcs11.so
+ */
+
+int gnutls_pkcs11_init(unsigned int flags,
+		       const char *deprecated_config_file);
+int gnutls_pkcs11_reinit(void);
+void gnutls_pkcs11_deinit(void);
+void gnutls_pkcs11_set_token_function
+    (gnutls_pkcs11_token_callback_t fn, void *userdata);
+
+void gnutls_pkcs11_set_pin_function(gnutls_pin_callback_t fn,
+				    void *userdata);
+
+gnutls_pin_callback_t gnutls_pkcs11_get_pin_function(void
+						     **userdata);
+
+int gnutls_pkcs11_add_provider(const char *name, const char *params);
+int gnutls_pkcs11_obj_init(gnutls_pkcs11_obj_t * obj);
+void gnutls_pkcs11_obj_set_pin_function(gnutls_pkcs11_obj_t obj,
+					gnutls_pin_callback_t fn,
+					void *userdata);
+
+/**
+ * gnutls_pkcs11_obj_flags:
+ * @GNUTLS_PKCS11_OBJ_FLAG_LOGIN: Force login in the token for the operation (seek+store). 
+ * @GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED: object marked as trusted (seek+store).
+ * @GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE: object is explicitly marked as sensitive -unexportable (store).
+ * @GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO: force login as a security officer in the token for the operation (seek+store).
+ * @GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE: marked as private -requires PIN to access (store).
+ * @GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE: marked as not private (store).
+ * @GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY: When retrieving an object, do not set any requirements (store).
+ * @GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED: When retrieving an object, only retrieve the marked as trusted (alias to %GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED).
+ *   In gnutls_pkcs11_crt_is_known() it implies %GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_COMPARE if %GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY is not given.
+ * @GNUTLS_PKCS11_OBJ_FLAG_MARK_DISTRUSTED: When writing an object, mark it as distrusted (store).
+ * @GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED: When retrieving an object, only retrieve the marked as distrusted (seek).
+ * @GNUTLS_PKCS11_OBJ_FLAG_COMPARE: When checking an object's presence, fully compare it before returning any result (seek).
+ * @GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY: When checking an object's presence, compare the key before returning any result (seek).
+ * @GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE: The object must be present in a marked as trusted module (seek).
+ * @GNUTLS_PKCS11_OBJ_FLAG_MARK_CA: Mark the object as a CA (seek+store).
+ * @GNUTLS_PKCS11_OBJ_FLAG_MARK_KEY_WRAP: Mark the generated key pair as wrapping and unwrapping keys (store).
+ * @GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT: When an issuer is requested, override its extensions with the ones present in the trust module (seek).
+ * @GNUTLS_PKCS11_OBJ_FLAG_MARK_ALWAYS_AUTH: Mark the key pair as requiring authentication (pin entry) before every operation (seek+store).
+ * @GNUTLS_PKCS11_OBJ_FLAG_MARK_EXTRACTABLE: Mark the key pair as being extractable (store).
+ * @GNUTLS_PKCS11_OBJ_FLAG_NEVER_EXTRACTABLE: If set, the object was never marked as extractable (store).
+ * @GNUTLS_PKCS11_OBJ_FLAG_CRT: When searching, restrict to certificates only (seek).
+ * @GNUTLS_PKCS11_OBJ_FLAG_PUBKEY: When searching, restrict to public key objects only (seek).
+ * @GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY: When searching, restrict to private key objects only (seek).
+ * @GNUTLS_PKCS11_OBJ_FLAG_NO_STORE_PUBKEY: When generating a keypair don't store the public key (store).
+ * @GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE: object marked as not sensitive -exportable (store).
+ *
+ * Enumeration of different PKCS #11 object flags. Some flags are used
+ * to mark objects when storing, while others are also used while seeking
+ * or retrieving objects.
+ */
+typedef enum gnutls_pkcs11_obj_flags {
+	GNUTLS_PKCS11_OBJ_FLAG_LOGIN = (1<<0),
+	GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED = (1<<1),
+	GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE = (1<<2),
+	GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO = (1<<3),
+	GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE = (1<<4),
+	GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE = (1<<5),
+	GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY = (1<<6),
+	GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED = GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED,
+	GNUTLS_PKCS11_OBJ_FLAG_MARK_DISTRUSTED = (1<<8),
+	GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED = GNUTLS_PKCS11_OBJ_FLAG_MARK_DISTRUSTED,
+	GNUTLS_PKCS11_OBJ_FLAG_COMPARE = (1<<9),
+	GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE = (1<<10),
+	GNUTLS_PKCS11_OBJ_FLAG_MARK_CA = (1<<11),
+	GNUTLS_PKCS11_OBJ_FLAG_MARK_KEY_WRAP = (1<<12),
+	GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY = (1<<13),
+	GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT = (1<<14),
+	GNUTLS_PKCS11_OBJ_FLAG_MARK_ALWAYS_AUTH = (1<<15),
+	GNUTLS_PKCS11_OBJ_FLAG_MARK_EXTRACTABLE = (1<<16),
+	GNUTLS_PKCS11_OBJ_FLAG_NEVER_EXTRACTABLE = (1<<17),
+	GNUTLS_PKCS11_OBJ_FLAG_CRT = (1<<18),
+	GNUTLS_PKCS11_OBJ_FLAG_WITH_PRIVKEY = (1<<19),
+	GNUTLS_PKCS11_OBJ_FLAG_PUBKEY = (1<<20),
+	GNUTLS_PKCS11_OBJ_FLAG_NO_STORE_PUBKEY = GNUTLS_PKCS11_OBJ_FLAG_PUBKEY,
+	GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY = (1<<21),
+	GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE = (1<<22),
+	/* flags 1<<29 and later are reserved - see pkcs11_int.h */
+} gnutls_pkcs11_obj_flags;
+
+#define gnutls_pkcs11_obj_attr_t gnutls_pkcs11_obj_flags
+
+/**
+ * gnutls_pkcs11_url_type_t:
+ * @GNUTLS_PKCS11_URL_GENERIC: A generic-purpose URL.
+ * @GNUTLS_PKCS11_URL_LIB: A URL that specifies the library used as well.
+ * @GNUTLS_PKCS11_URL_LIB_VERSION: A URL that specifies the library and its version.
+ *
+ * Enumeration of different URL extraction flags.
+ */
+typedef enum {
+	GNUTLS_PKCS11_URL_GENERIC,	/* URL specifies the object on token level */
+	GNUTLS_PKCS11_URL_LIB,	/* URL specifies the object on module level */
+	GNUTLS_PKCS11_URL_LIB_VERSION	/* URL specifies the object on module and version level */
+} gnutls_pkcs11_url_type_t;
+
+int gnutls_pkcs11_obj_import_url(gnutls_pkcs11_obj_t obj,
+				 const char *url, unsigned int flags
+				 /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
+int gnutls_pkcs11_obj_export_url(gnutls_pkcs11_obj_t obj,
+				 gnutls_pkcs11_url_type_t detailed,
+				 char **url);
+void gnutls_pkcs11_obj_deinit(gnutls_pkcs11_obj_t obj);
+
+int gnutls_pkcs11_obj_export(gnutls_pkcs11_obj_t obj,
+			     void *output_data, size_t * output_data_size);
+int gnutls_pkcs11_obj_export2(gnutls_pkcs11_obj_t obj,
+			      gnutls_datum_t * out);
+
+int gnutls_pkcs11_obj_export3(gnutls_pkcs11_obj_t obj, gnutls_x509_crt_fmt_t fmt,
+			      gnutls_datum_t * out);
+
+int gnutls_pkcs11_get_raw_issuer(const char *url, gnutls_x509_crt_t cert,
+			     gnutls_datum_t * issuer,
+			     gnutls_x509_crt_fmt_t fmt,
+			     unsigned int flags);
+
+int gnutls_pkcs11_get_raw_issuer_by_dn (const char *url, const gnutls_datum_t *dn,
+					gnutls_datum_t *issuer,
+					gnutls_x509_crt_fmt_t fmt,
+					unsigned int flags);
+
+int gnutls_pkcs11_get_raw_issuer_by_subject_key_id (const char *url, 
+					const gnutls_datum_t *dn,
+					const gnutls_datum_t *spki,
+					gnutls_datum_t *issuer,
+					gnutls_x509_crt_fmt_t fmt,
+					unsigned int flags);
+
+unsigned gnutls_pkcs11_crt_is_known(const char *url, gnutls_x509_crt_t cert,
+			     unsigned int flags);
+
+#if 0
+/* for documentation */
+int gnutls_pkcs11_copy_x509_crt(const char *token_url,
+				gnutls_x509_crt_t crt,
+				const char *label, unsigned int flags
+				/* GNUTLS_PKCS11_OBJ_FLAG_* */ );
+
+int gnutls_pkcs11_copy_x509_privkey(const char *token_url,
+				    gnutls_x509_privkey_t key,
+				    const char *label,
+				    unsigned int key_usage,
+				    unsigned int flags);
+int
+gnutls_pkcs11_privkey_generate2(const char *url, gnutls_pk_algorithm_t pk,
+				unsigned int bits, const char *label,
+				gnutls_x509_crt_fmt_t fmt,
+				gnutls_datum_t * pubkey,
+				unsigned int flags);
+int
+gnutls_pkcs11_privkey_generate(const char *url, gnutls_pk_algorithm_t pk,
+			       unsigned int bits, const char *label,
+			       unsigned int flags);
+#endif
+
+int
+gnutls_pkcs11_copy_pubkey(const char *token_url,
+			  gnutls_pubkey_t crt, const char *label,
+			  const gnutls_datum_t *cid,
+			  unsigned int key_usage, unsigned int flags);
+
+#define gnutls_pkcs11_copy_x509_crt(url, crt, label, flags) \
+	gnutls_pkcs11_copy_x509_crt2(url, crt, label, NULL, flags)
+
+int gnutls_pkcs11_copy_x509_crt2(const char *token_url,
+				gnutls_x509_crt_t crt,
+				const char *label,
+				const gnutls_datum_t *id,
+				unsigned int flags /* GNUTLS_PKCS11_OBJ_FLAG_* */);
+
+#define gnutls_pkcs11_copy_x509_privkey(url, key, label, usage, flags) \
+	gnutls_pkcs11_copy_x509_privkey2(url, key, label, NULL, usage, flags)
+int gnutls_pkcs11_copy_x509_privkey2(const char *token_url,
+				    gnutls_x509_privkey_t key,
+				    const char *label,
+				    const gnutls_datum_t *cid,
+				    unsigned int key_usage
+				    /*GNUTLS_KEY_* */ ,
+				    unsigned int flags
+				    /* GNUTLS_PKCS11_OBJ_FLAG_* */
+);
+
+int gnutls_pkcs11_delete_url(const char *object_url, unsigned int flags
+			     /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
+
+int gnutls_pkcs11_copy_secret_key(const char *token_url,
+				  gnutls_datum_t * key,
+				  const char *label, unsigned int key_usage
+				  /* GNUTLS_KEY_* */ ,
+				  unsigned int flags
+				  /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
+
+/**
+ * gnutls_pkcs11_obj_info_t:
+ * @GNUTLS_PKCS11_OBJ_ID_HEX: The object ID in hex. Null-terminated text.
+ * @GNUTLS_PKCS11_OBJ_LABEL: The object label. Null-terminated text.
+ * @GNUTLS_PKCS11_OBJ_TOKEN_LABEL: The token's label. Null-terminated text.
+ * @GNUTLS_PKCS11_OBJ_TOKEN_SERIAL: The token's serial number. Null-terminated text.
+ * @GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER: The token's manufacturer. Null-terminated text.
+ * @GNUTLS_PKCS11_OBJ_TOKEN_MODEL: The token's model. Null-terminated text.
+ * @GNUTLS_PKCS11_OBJ_ID: The object ID. Raw bytes.
+ * @GNUTLS_PKCS11_OBJ_LIBRARY_VERSION: The library's version. Null-terminated text.
+ * @GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION: The library's description. Null-terminated text.
+ * @GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER: The library's manufacturer name. Null-terminated text.
+ *
+ * Enumeration of several object information types.
+ */
+typedef enum {
+	GNUTLS_PKCS11_OBJ_ID_HEX = 1,
+	GNUTLS_PKCS11_OBJ_LABEL,
+	GNUTLS_PKCS11_OBJ_TOKEN_LABEL,
+	GNUTLS_PKCS11_OBJ_TOKEN_SERIAL,
+	GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER,
+	GNUTLS_PKCS11_OBJ_TOKEN_MODEL,
+	GNUTLS_PKCS11_OBJ_ID,
+	/* the pkcs11 provider library info  */
+	GNUTLS_PKCS11_OBJ_LIBRARY_VERSION,
+	GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION,
+	GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER
+} gnutls_pkcs11_obj_info_t;
+
+int
+gnutls_pkcs11_obj_get_ptr(gnutls_pkcs11_obj_t obj, void **ptr,
+			  void **session, void **ohandle,
+			  unsigned long *slot_id,
+			  unsigned int flags);
+
+int gnutls_pkcs11_obj_get_info(gnutls_pkcs11_obj_t obj,
+			       gnutls_pkcs11_obj_info_t itype,
+			       void *output, size_t * output_size);
+int gnutls_pkcs11_obj_set_info(gnutls_pkcs11_obj_t obj,
+			       gnutls_pkcs11_obj_info_t itype,
+			       const void *data, size_t data_size,
+			       unsigned flags);
+
+#define GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL GNUTLS_PKCS11_OBJ_FLAG_CRT
+#define GNUTLS_PKCS11_OBJ_ATTR_MATCH 0 /* always match the given URL */
+#define GNUTLS_PKCS11_OBJ_ATTR_ALL 0 /* match everything! */
+#define GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED (GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED)
+#define GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY (GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_WITH_PRIVKEY)
+#define GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA (GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_MARK_CA|GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED)
+#define GNUTLS_PKCS11_OBJ_ATTR_PUBKEY GNUTLS_PKCS11_OBJ_FLAG_PUBKEY
+#define GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY
+
+/**
+ * gnutls_pkcs11_token_info_t:
+ * @GNUTLS_PKCS11_TOKEN_LABEL: The token's label (string)
+ * @GNUTLS_PKCS11_TOKEN_SERIAL: The token's serial number (string)
+ * @GNUTLS_PKCS11_TOKEN_MANUFACTURER: The token's manufacturer (string)
+ * @GNUTLS_PKCS11_TOKEN_MODEL: The token's model (string)
+ * @GNUTLS_PKCS11_TOKEN_MODNAME: The token's module name (string - since 3.4.3). This value is
+ *   unavailable for providers which were manually loaded.
+ *
+ * Enumeration of types for retrieving token information.
+ */
+typedef enum {
+	GNUTLS_PKCS11_TOKEN_LABEL,
+	GNUTLS_PKCS11_TOKEN_SERIAL,
+	GNUTLS_PKCS11_TOKEN_MANUFACTURER,
+	GNUTLS_PKCS11_TOKEN_MODEL,
+	GNUTLS_PKCS11_TOKEN_MODNAME
+} gnutls_pkcs11_token_info_t;
+
+/**
+ * gnutls_pkcs11_obj_type_t:
+ * @GNUTLS_PKCS11_OBJ_UNKNOWN: Unknown PKCS11 object.
+ * @GNUTLS_PKCS11_OBJ_X509_CRT: X.509 certificate.
+ * @GNUTLS_PKCS11_OBJ_PUBKEY: Public key.
+ * @GNUTLS_PKCS11_OBJ_PRIVKEY: Private key.
+ * @GNUTLS_PKCS11_OBJ_SECRET_KEY: Secret key.
+ * @GNUTLS_PKCS11_OBJ_DATA: Data object.
+ * @GNUTLS_PKCS11_OBJ_X509_CRT_EXTENSION: X.509 certificate extension (supported by p11-kit trust module only).
+ *
+ * Enumeration of object types.
+ */
+typedef enum {
+	GNUTLS_PKCS11_OBJ_UNKNOWN,
+	GNUTLS_PKCS11_OBJ_X509_CRT,
+	GNUTLS_PKCS11_OBJ_PUBKEY,
+	GNUTLS_PKCS11_OBJ_PRIVKEY,
+	GNUTLS_PKCS11_OBJ_SECRET_KEY,
+	GNUTLS_PKCS11_OBJ_DATA,
+	GNUTLS_PKCS11_OBJ_X509_CRT_EXTENSION
+} gnutls_pkcs11_obj_type_t;
+
+int
+gnutls_pkcs11_token_init(const char *token_url,
+			 const char *so_pin, const char *label);
+
+int
+gnutls_pkcs11_token_get_ptr(const char *url, void **ptr, unsigned long *slot_id,
+			    unsigned int flags);
+
+int
+gnutls_pkcs11_token_get_mechanism(const char *url,
+				  unsigned int idx,
+				  unsigned long *mechanism);
+
+unsigned
+gnutls_pkcs11_token_check_mechanism(const char *url,
+				    unsigned long mechanism,
+				    void *ptr, unsigned psize, unsigned flags);
+
+int gnutls_pkcs11_token_set_pin(const char *token_url, const char *oldpin, const char *newpin, unsigned int flags	/*gnutls_pin_flag_t */);
+
+int gnutls_pkcs11_token_get_url(unsigned int seq,
+				gnutls_pkcs11_url_type_t detailed,
+				char **url);
+int gnutls_pkcs11_token_get_info(const char *url,
+				 gnutls_pkcs11_token_info_t ttype,
+				 void *output, size_t * output_size);
+
+#define GNUTLS_PKCS11_TOKEN_HW 1
+#define GNUTLS_PKCS11_TOKEN_TRUSTED (1<<1) /* p11-kit trusted */
+#define GNUTLS_PKCS11_TOKEN_RNG (1<<2) /* CKF_RNG */
+#define GNUTLS_PKCS11_TOKEN_LOGIN_REQUIRED (1<<3) /* CKF_LOGIN_REQUIRED */
+#define GNUTLS_PKCS11_TOKEN_PROTECTED_AUTHENTICATION_PATH (1<<4) /* CKF_PROTECTED_AUTHENTICATION_PATH */
+#define GNUTLS_PKCS11_TOKEN_INITIALIZED (1<<5) /* CKF_TOKEN_INITIALIZED */
+#define GNUTLS_PKCS11_TOKEN_USER_PIN_COUNT_LOW (1<<6) /* CKF_USER_PIN_COUNT_LOW */
+#define GNUTLS_PKCS11_TOKEN_USER_PIN_FINAL_TRY (1<<7) /* CKF_USER_PIN_FINAL_TRY */
+#define GNUTLS_PKCS11_TOKEN_USER_PIN_LOCKED (1<<8) /* CKF_USER_PIN_LOCKED */
+#define GNUTLS_PKCS11_TOKEN_SO_PIN_COUNT_LOW (1<<9) /* CKF_SO_PIN_COUNT_LOW */
+#define GNUTLS_PKCS11_TOKEN_SO_PIN_FINAL_TRY (1<<10) /* CKF_SO_PIN_FINAL_TRY */
+#define GNUTLS_PKCS11_TOKEN_SO_PIN_LOCKED (1<<11) /* CKF_SO_PIN_LOCKED */
+#define GNUTLS_PKCS11_TOKEN_USER_PIN_INITIALIZED (1<<12) /* CKF_USER_PIN_INITIALIZED */
+#define GNUTLS_PKCS11_TOKEN_ERROR_STATE (1<<13) /* CKF_ERROR_STATE */
+
+int gnutls_pkcs11_token_get_flags(const char *url, unsigned int *flags);
+
+#define gnutls_pkcs11_obj_list_import_url(p_list, n_list, url, attrs, flags) gnutls_pkcs11_obj_list_import_url3(p_list, n_list, url, attrs|flags)
+#define gnutls_pkcs11_obj_list_import_url2(p_list, n_list, url, attrs, flags) gnutls_pkcs11_obj_list_import_url4(p_list, n_list, url, attrs|flags)
+
+int gnutls_pkcs11_obj_list_import_url3(gnutls_pkcs11_obj_t * p_list,
+				      unsigned int *const n_list,
+				      const char *url,
+				      unsigned int flags
+				      /* GNUTLS_PKCS11_OBJ_FLAG_* */
+    );
+
+int
+gnutls_pkcs11_obj_list_import_url4(gnutls_pkcs11_obj_t ** p_list,
+				   unsigned int *n_list,
+				   const char *url,
+				   unsigned int flags
+				   /* GNUTLS_PKCS11_OBJ_FLAG_* */
+    );
+
+int gnutls_x509_crt_import_pkcs11(gnutls_x509_crt_t crt,
+				  gnutls_pkcs11_obj_t pkcs11_crt);
+
+gnutls_pkcs11_obj_type_t
+gnutls_pkcs11_obj_get_type(gnutls_pkcs11_obj_t obj);
+const char *gnutls_pkcs11_type_get_name(gnutls_pkcs11_obj_type_t type);
+
+int
+gnutls_pkcs11_obj_get_exts(gnutls_pkcs11_obj_t obj,
+			   struct gnutls_x509_ext_st **exts, unsigned int *exts_size,
+			   unsigned int flags);
+
+int
+gnutls_pkcs11_obj_get_flags(gnutls_pkcs11_obj_t obj, unsigned int *oflags);
+char *gnutls_pkcs11_obj_flags_get_str(unsigned int flags);
+
+int gnutls_x509_crt_list_import_pkcs11(gnutls_x509_crt_t * certs,
+				       unsigned int cert_max,
+				       gnutls_pkcs11_obj_t *
+				       const objs, unsigned int flags
+				       /* must be zero */ );
+
+/* private key functions...*/
+int gnutls_pkcs11_privkey_init(gnutls_pkcs11_privkey_t * key);
+
+int
+gnutls_pkcs11_privkey_cpy(gnutls_pkcs11_privkey_t dst,
+			  gnutls_pkcs11_privkey_t src);
+
+void gnutls_pkcs11_privkey_set_pin_function(gnutls_pkcs11_privkey_t
+					    key,
+					    gnutls_pin_callback_t
+					    fn, void *userdata);
+void gnutls_pkcs11_privkey_deinit(gnutls_pkcs11_privkey_t key);
+int gnutls_pkcs11_privkey_get_pk_algorithm(gnutls_pkcs11_privkey_t
+					   key, unsigned int *bits);
+int gnutls_pkcs11_privkey_get_info(gnutls_pkcs11_privkey_t pkey,
+				   gnutls_pkcs11_obj_info_t itype,
+				   void *output, size_t * output_size);
+
+int gnutls_pkcs11_privkey_import_url(gnutls_pkcs11_privkey_t pkey,
+				     const char *url, unsigned int flags);
+
+int gnutls_pkcs11_privkey_export_url(gnutls_pkcs11_privkey_t key,
+				     gnutls_pkcs11_url_type_t
+				     detailed, char **url);
+unsigned gnutls_pkcs11_privkey_status(gnutls_pkcs11_privkey_t key);
+
+#define gnutls_pkcs11_privkey_generate(url, pk, bits, label, flags) \
+	gnutls_pkcs11_privkey_generate3(url, pk, bits, label, NULL, 0, NULL, 0, flags)
+
+#define gnutls_pkcs11_privkey_generate2(url, pk, bits, label, fmt, pubkey, flags) \
+	gnutls_pkcs11_privkey_generate3(url, pk, bits, label, NULL, fmt, pubkey, 0, flags)
+
+int
+gnutls_pkcs11_privkey_generate3(const char *url,
+				gnutls_pk_algorithm_t pk,
+				unsigned int bits,
+				const char *label,
+				const gnutls_datum_t *cid,
+				gnutls_x509_crt_fmt_t fmt,
+				gnutls_datum_t * pubkey,
+				unsigned int key_usage,
+				unsigned int flags);
+
+int
+gnutls_pkcs11_privkey_export_pubkey(gnutls_pkcs11_privkey_t pkey,
+			      gnutls_x509_crt_fmt_t fmt,
+			      gnutls_datum_t * pubkey,
+			      unsigned int flags);
+
+int
+gnutls_pkcs11_token_get_random(const char *token_url,
+			       void *data, size_t len);
+
+int
+gnutls_pkcs11_copy_attached_extension(const char *token_url,
+				      gnutls_x509_crt_t crt,
+				      gnutls_datum_t *data,
+				      const char *label,
+				      unsigned int flags);
+
+#define gnutls_x509_crt_import_pkcs11_url gnutls_x509_crt_import_url
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_PKCS11_H */
diff --git a/lib/includes/gnutls/pkcs12.h b/lib/includes/gnutls/pkcs12.h
new file mode 100644
index 0000000..e613fe1
--- /dev/null
+++ b/lib/includes/gnutls/pkcs12.h
@@ -0,0 +1,149 @@
+/*
+ * Copyright (C) 2003-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_PKCS12_H
+#define GNUTLS_PKCS12_H
+
+#include <gnutls/x509.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+	/* PKCS12 structures handling
+	 */
+struct gnutls_pkcs12_int;
+typedef struct gnutls_pkcs12_int *gnutls_pkcs12_t;
+
+struct gnutls_pkcs12_bag_int;
+typedef struct gnutls_pkcs12_bag_int *gnutls_pkcs12_bag_t;
+
+int gnutls_pkcs12_init(gnutls_pkcs12_t * pkcs12);
+void gnutls_pkcs12_deinit(gnutls_pkcs12_t pkcs12);
+int gnutls_pkcs12_import(gnutls_pkcs12_t pkcs12,
+			 const gnutls_datum_t * data,
+			 gnutls_x509_crt_fmt_t format, unsigned int flags);
+int gnutls_pkcs12_export(gnutls_pkcs12_t pkcs12,
+			 gnutls_x509_crt_fmt_t format,
+			 void *output_data, size_t * output_data_size);
+int gnutls_pkcs12_export2(gnutls_pkcs12_t pkcs12,
+			  gnutls_x509_crt_fmt_t format,
+			  gnutls_datum_t * out);
+
+int gnutls_pkcs12_get_bag(gnutls_pkcs12_t pkcs12,
+			  int indx, gnutls_pkcs12_bag_t bag);
+int gnutls_pkcs12_set_bag(gnutls_pkcs12_t pkcs12, gnutls_pkcs12_bag_t bag);
+
+int gnutls_pkcs12_generate_mac(gnutls_pkcs12_t pkcs12, const char *pass);
+int gnutls_pkcs12_generate_mac2(gnutls_pkcs12_t pkcs12, gnutls_mac_algorithm_t mac, const char *pass);
+int gnutls_pkcs12_verify_mac(gnutls_pkcs12_t pkcs12, const char *pass);
+
+int gnutls_pkcs12_bag_decrypt(gnutls_pkcs12_bag_t bag, const char *pass);
+int gnutls_pkcs12_bag_encrypt(gnutls_pkcs12_bag_t bag,
+			      const char *pass, unsigned int flags);
+
+int
+gnutls_pkcs12_bag_enc_info(gnutls_pkcs12_bag_t bag, unsigned int *schema, unsigned int *cipher,
+	void *salt, unsigned int *salt_size, unsigned int *iter_count, char **oid);
+int
+gnutls_pkcs12_mac_info(gnutls_pkcs12_t pkcs12, unsigned int *mac,
+	void *salt, unsigned int *salt_size, unsigned int *iter_count, char **oid);
+
+#define GNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED 1
+int gnutls_pkcs12_simple_parse(gnutls_pkcs12_t p12,
+			       const char *password,
+			       gnutls_x509_privkey_t * key,
+			       gnutls_x509_crt_t ** chain,
+			       unsigned int *chain_len,
+			       gnutls_x509_crt_t ** extra_certs,
+			       unsigned int *extra_certs_len,
+			       gnutls_x509_crl_t * crl,
+			       unsigned int flags);
+
+/**
+ * gnutls_pkcs12_bag_type_t:
+ * @GNUTLS_BAG_EMPTY: Empty PKCS-12 bag.
+ * @GNUTLS_BAG_PKCS8_ENCRYPTED_KEY: PKCS-12 bag with PKCS-8 encrypted key.
+ * @GNUTLS_BAG_PKCS8_KEY: PKCS-12 bag with PKCS-8 key.
+ * @GNUTLS_BAG_CERTIFICATE: PKCS-12 bag with certificate.
+ * @GNUTLS_BAG_CRL: PKCS-12 bag with CRL.
+ * @GNUTLS_BAG_SECRET: PKCS-12 bag with secret PKCS-9 keys.
+ * @GNUTLS_BAG_ENCRYPTED: Encrypted PKCS-12 bag.
+ * @GNUTLS_BAG_UNKNOWN: Unknown PKCS-12 bag.
+ *
+ * Enumeration of different PKCS 12 bag types.
+ */
+typedef enum gnutls_pkcs12_bag_type_t {
+	GNUTLS_BAG_EMPTY = 0,
+	GNUTLS_BAG_PKCS8_ENCRYPTED_KEY = 1,
+	GNUTLS_BAG_PKCS8_KEY = 2,
+	GNUTLS_BAG_CERTIFICATE = 3,
+	GNUTLS_BAG_CRL = 4,
+	GNUTLS_BAG_SECRET = 5,	/* Secret data. Underspecified in pkcs-12,
+				 * gnutls extension. We use the PKCS-9
+				 * random nonce ID 1.2.840.113549.1.9.25.3
+				 * to store randomly generated keys.
+				 */
+	GNUTLS_BAG_ENCRYPTED = 10,
+	GNUTLS_BAG_UNKNOWN = 20
+} gnutls_pkcs12_bag_type_t;
+
+int
+gnutls_pkcs12_bag_get_type(gnutls_pkcs12_bag_t bag, unsigned indx);
+int gnutls_pkcs12_bag_get_data(gnutls_pkcs12_bag_t bag, unsigned indx,
+			       gnutls_datum_t * data);
+int gnutls_pkcs12_bag_set_data(gnutls_pkcs12_bag_t bag,
+			       gnutls_pkcs12_bag_type_t type,
+			       const gnutls_datum_t * data);
+int gnutls_pkcs12_bag_set_crl(gnutls_pkcs12_bag_t bag,
+			      gnutls_x509_crl_t crl);
+int gnutls_pkcs12_bag_set_crt(gnutls_pkcs12_bag_t bag,
+			      gnutls_x509_crt_t crt);
+
+int
+gnutls_pkcs12_bag_set_privkey(gnutls_pkcs12_bag_t bag,
+			      gnutls_x509_privkey_t privkey,
+			      const char *password, unsigned flags);
+
+int gnutls_pkcs12_bag_init(gnutls_pkcs12_bag_t * bag);
+void gnutls_pkcs12_bag_deinit(gnutls_pkcs12_bag_t bag);
+int gnutls_pkcs12_bag_get_count(gnutls_pkcs12_bag_t bag);
+
+int gnutls_pkcs12_bag_get_key_id(gnutls_pkcs12_bag_t bag, unsigned indx,
+				 gnutls_datum_t * id);
+int gnutls_pkcs12_bag_set_key_id(gnutls_pkcs12_bag_t bag, unsigned indx,
+				 const gnutls_datum_t * id);
+
+int gnutls_pkcs12_bag_get_friendly_name(gnutls_pkcs12_bag_t bag,
+					unsigned indx, char **name);
+int gnutls_pkcs12_bag_set_friendly_name(gnutls_pkcs12_bag_t bag,
+					unsigned indx, const char *name);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_PKCS12_H */
diff --git a/lib/includes/gnutls/pkcs7.h b/lib/includes/gnutls/pkcs7.h
new file mode 100644
index 0000000..528427b
--- /dev/null
+++ b/lib/includes/gnutls/pkcs7.h
@@ -0,0 +1,157 @@
+/*
+ * Copyright (C) 2003-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the types and prototypes for the X.509
+ * certificate and CRL handling functions.
+ */
+
+#ifndef GNUTLS_PKCS7_H
+#define GNUTLS_PKCS7_H
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+/* PKCS7 structures handling
+ */
+struct gnutls_pkcs7_int;
+typedef struct gnutls_pkcs7_int *gnutls_pkcs7_t;
+
+int gnutls_pkcs7_init(gnutls_pkcs7_t * pkcs7);
+void gnutls_pkcs7_deinit(gnutls_pkcs7_t pkcs7);
+int gnutls_pkcs7_import(gnutls_pkcs7_t pkcs7,
+			const gnutls_datum_t * data,
+			gnutls_x509_crt_fmt_t format);
+int gnutls_pkcs7_export(gnutls_pkcs7_t pkcs7,
+			gnutls_x509_crt_fmt_t format,
+			void *output_data, size_t * output_data_size);
+int gnutls_pkcs7_export2(gnutls_pkcs7_t pkcs7,
+			 gnutls_x509_crt_fmt_t format,
+			 gnutls_datum_t * out);
+
+int gnutls_pkcs7_get_signature_count(gnutls_pkcs7_t pkcs7);
+
+#define GNUTLS_PKCS7_EDATA_GET_RAW (1<<24)
+int gnutls_pkcs7_get_embedded_data(gnutls_pkcs7_t pkcs7, unsigned flags, gnutls_datum_t *data);
+
+const char *
+gnutls_pkcs7_get_embedded_data_oid(gnutls_pkcs7_t pkcs7);
+
+int gnutls_pkcs7_get_crt_count(gnutls_pkcs7_t pkcs7);
+int gnutls_pkcs7_get_crt_raw(gnutls_pkcs7_t pkcs7, unsigned indx,
+			     void *certificate, size_t * certificate_size);
+
+int gnutls_pkcs7_set_crt_raw(gnutls_pkcs7_t pkcs7,
+			     const gnutls_datum_t * crt);
+int gnutls_pkcs7_set_crt(gnutls_pkcs7_t pkcs7, gnutls_x509_crt_t crt);
+int gnutls_pkcs7_delete_crt(gnutls_pkcs7_t pkcs7, int indx);
+
+int gnutls_pkcs7_get_crl_raw(gnutls_pkcs7_t pkcs7,
+			     unsigned indx, void *crl, size_t * crl_size);
+int gnutls_pkcs7_get_crl_count(gnutls_pkcs7_t pkcs7);
+
+int gnutls_pkcs7_set_crl_raw(gnutls_pkcs7_t pkcs7,
+			     const gnutls_datum_t * crl);
+int gnutls_pkcs7_set_crl(gnutls_pkcs7_t pkcs7, gnutls_x509_crl_t crl);
+int gnutls_pkcs7_delete_crl(gnutls_pkcs7_t pkcs7, int indx);
+
+typedef struct gnutls_pkcs7_attrs_st *gnutls_pkcs7_attrs_t;
+
+typedef struct gnutls_pkcs7_signature_info_st {
+	gnutls_sign_algorithm_t algo;
+	gnutls_datum_t sig;
+	gnutls_datum_t issuer_dn;
+	gnutls_datum_t signer_serial;
+	gnutls_datum_t issuer_keyid;
+	time_t signing_time;
+	gnutls_pkcs7_attrs_t signed_attrs;
+	gnutls_pkcs7_attrs_t unsigned_attrs;
+	char pad[64];
+} gnutls_pkcs7_signature_info_st;
+
+void gnutls_pkcs7_signature_info_deinit(gnutls_pkcs7_signature_info_st *info);
+int gnutls_pkcs7_get_signature_info(gnutls_pkcs7_t pkcs7, unsigned idx, gnutls_pkcs7_signature_info_st *info);
+
+int gnutls_pkcs7_verify_direct(gnutls_pkcs7_t pkcs7, gnutls_x509_crt_t signer,
+			       unsigned idx, const gnutls_datum_t *data, unsigned flags);
+int gnutls_pkcs7_verify(gnutls_pkcs7_t pkcs7, gnutls_x509_trust_list_t tl,
+			gnutls_typed_vdata_st * vdata, unsigned int vdata_size,
+			unsigned idx, const gnutls_datum_t *data, unsigned flags);
+
+#define GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING 1
+int gnutls_pkcs7_add_attr(gnutls_pkcs7_attrs_t *list, const char *oid, gnutls_datum_t *data, unsigned flags);
+void gnutls_pkcs7_attrs_deinit(gnutls_pkcs7_attrs_t list);
+int gnutls_pkcs7_get_attr(gnutls_pkcs7_attrs_t list, unsigned idx, char **oid, gnutls_datum_t *data, unsigned flags);
+
+/**
+ * gnutls_pkcs7_sign_flags:
+ * @GNUTLS_PKCS7_EMBED_DATA: The signed data will be embedded in the structure.
+ * @GNUTLS_PKCS7_INCLUDE_TIME: The signing time will be included in the structure.
+ * @GNUTLS_PKCS7_INCLUDE_CERT: The signer's certificate will be included in the cert list.
+ * @GNUTLS_PKCS7_WRITE_SPKI: Use the signer's key identifier instead of name.
+ *
+ * Enumeration of the different PKCS #7 signature flags.
+ */
+typedef enum gnutls_pkcs7_sign_flags {
+	GNUTLS_PKCS7_EMBED_DATA = 1,
+	GNUTLS_PKCS7_INCLUDE_TIME = (1<<1),
+	GNUTLS_PKCS7_INCLUDE_CERT = (1<<2),
+	GNUTLS_PKCS7_WRITE_SPKI = (1<<3)
+} gnutls_pkcs7_sign_flags;
+
+int gnutls_pkcs7_sign(gnutls_pkcs7_t pkcs7,
+		      gnutls_x509_crt_t signer,
+		      gnutls_privkey_t signer_key,
+		      const gnutls_datum_t *data,
+		      gnutls_pkcs7_attrs_t signed_attrs,
+		      gnutls_pkcs7_attrs_t unsigned_attrs,
+		      gnutls_digest_algorithm_t dig,
+		      unsigned flags);
+
+int
+gnutls_pkcs7_get_crt_raw2(gnutls_pkcs7_t pkcs7,
+			  unsigned indx, gnutls_datum_t *cert);
+int
+gnutls_pkcs7_get_crl_raw2(gnutls_pkcs7_t pkcs7,
+			  unsigned indx, gnutls_datum_t *crl);
+
+int gnutls_pkcs7_print(gnutls_pkcs7_t pkcs7,
+		       gnutls_certificate_print_formats_t format,
+		       gnutls_datum_t * out);
+
+int gnutls_pkcs7_print_signature_info(gnutls_pkcs7_signature_info_st * info,
+				      gnutls_certificate_print_formats_t format,
+				      gnutls_datum_t * out);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_PKCS7_H */
diff --git a/lib/includes/gnutls/self-test.h b/lib/includes/gnutls/self-test.h
new file mode 100644
index 0000000..88b5a8d
--- /dev/null
+++ b/lib/includes/gnutls/self-test.h
@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2014 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_SELF_TEST_H
+#define GNUTLS_SELF_TEST_H
+
+#include <gnutls/gnutls.h>
+
+ /* Self checking functions */
+ 
+#define GNUTLS_SELF_TEST_FLAG_ALL 1
+#define GNUTLS_SELF_TEST_FLAG_NO_COMPAT (1<<1)
+
+int gnutls_cipher_self_test(unsigned flags, gnutls_cipher_algorithm_t cipher);
+int gnutls_mac_self_test(unsigned flags, gnutls_mac_algorithm_t mac);
+int gnutls_digest_self_test(unsigned flags, gnutls_digest_algorithm_t digest);
+int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk);
+int gnutls_hkdf_self_test(unsigned flags, gnutls_mac_algorithm_t mac);
+int gnutls_pbkdf2_self_test(unsigned flags, gnutls_mac_algorithm_t mac);
+int gnutls_tlsprf_self_test(unsigned flags, gnutls_mac_algorithm_t mac);
+
+#endif /* GNUTLS_SELF_TEST_H */
diff --git a/lib/includes/gnutls/socket.h b/lib/includes/gnutls/socket.h
new file mode 100644
index 0000000..4df7bb2
--- /dev/null
+++ b/lib/includes/gnutls/socket.h
@@ -0,0 +1,73 @@
+/*
+ * Copyright (C) 2016 Free Software Foundation, Inc.
+ *
+ * Author: Tim Ruehsen
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains socket related types, prototypes and includes.
+ */
+
+#ifndef GNUTLS_SOCKET_H
+#define GNUTLS_SOCKET_H
+
+#include <gnutls/gnutls.h>
+
+/* Get socklen_t */
+#include <sys/socket.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+/**
+ * gnutls_transport_ktls_enable_flags_t:
+ * @GNUTLS_KTLS_RECV: ktls enabled for recv function.
+ * @GNUTLS_KTLS_SEND: ktls enabled for send function.
+ * @GNUTLS_KTLS_DUPLEX: ktls enabled for both recv and send functions.
+ *
+ * Flag enumeration of ktls enable status for recv and send functions.
+ * This is used by gnutls_transport_is_ktls_enabled().
+ *
+ * Since: 3.7.3
+ */
+typedef enum {
+	GNUTLS_KTLS_RECV = 1 << 0,
+	GNUTLS_KTLS_SEND = 1 << 1,
+	GNUTLS_KTLS_DUPLEX = GNUTLS_KTLS_RECV | GNUTLS_KTLS_SEND,
+} gnutls_transport_ktls_enable_flags_t;
+
+
+gnutls_transport_ktls_enable_flags_t
+gnutls_transport_is_ktls_enabled(gnutls_session_t session);
+
+void gnutls_transport_set_fastopen(gnutls_session_t session,
+                                   int fd,
+                                   struct sockaddr *connect_addr,
+                                   socklen_t connect_addrlen,
+                                   unsigned int flags);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_SOCKET_H */
diff --git a/lib/includes/gnutls/system-keys.h b/lib/includes/gnutls/system-keys.h
new file mode 100644
index 0000000..a0aa056
--- /dev/null
+++ b/lib/includes/gnutls/system-keys.h
@@ -0,0 +1,64 @@
+/*
+ * Copyright (C) 2014 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_SYSTEM_KEYS_H
+#define GNUTLS_SYSTEM_KEYS_H
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+/* This API allows to access user key and certificate pairs that are
+ * available in the current system. If any passwords are required,
+ * they will be requested through the pin callbacks.
+ */
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+struct system_key_iter_st;
+typedef struct system_key_iter_st *gnutls_system_key_iter_t;
+
+void gnutls_system_key_iter_deinit(gnutls_system_key_iter_t iter);
+int
+gnutls_system_key_iter_get_info(gnutls_system_key_iter_t *iter,
+			       unsigned cert_type /* gnutls_certificate_type_t */,
+			       char **cert_url,
+			       char **key_url,
+			       char **label,
+			       gnutls_datum_t *der,
+			       unsigned int flags);
+
+int gnutls_system_key_delete(const char *cert_url, const char *key_url);
+
+int gnutls_system_key_add_x509(gnutls_x509_crt_t crt, gnutls_x509_privkey_t privkey,
+				const char *label, char **cert_url, char **key_url);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_SYSTEM_KEYS_H */
diff --git a/lib/includes/gnutls/tpm.h b/lib/includes/gnutls/tpm.h
new file mode 100644
index 0000000..b5da3e9
--- /dev/null
+++ b/lib/includes/gnutls/tpm.h
@@ -0,0 +1,80 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_TPM_H
+#define GNUTLS_TPM_H
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+struct tpm_key_list_st;
+typedef struct tpm_key_list_st *gnutls_tpm_key_list_t;
+
+#define GNUTLS_TPM_KEY_SIGNING (1<<1)
+#define GNUTLS_TPM_REGISTER_KEY (1<<2)
+#define GNUTLS_TPM_KEY_USER (1<<3)
+
+/**
+ * gnutls_tpmkey_fmt_t:
+ * @GNUTLS_TPMKEY_FMT_RAW: The portable data format.
+ * @GNUTLS_TPMKEY_FMT_DER: An alias for the raw format.
+ * @GNUTLS_TPMKEY_FMT_CTK_PEM: A custom data format used by some TPM tools.
+ *
+ * Enumeration of different certificate encoding formats.
+ */
+typedef enum {
+	GNUTLS_TPMKEY_FMT_RAW = 0,
+	GNUTLS_TPMKEY_FMT_DER = GNUTLS_TPMKEY_FMT_RAW,
+	GNUTLS_TPMKEY_FMT_CTK_PEM = 1
+} gnutls_tpmkey_fmt_t;
+
+int
+gnutls_tpm_privkey_generate(gnutls_pk_algorithm_t pk,
+			    unsigned int bits,
+			    const char *srk_password,
+			    const char *key_password,
+			    gnutls_tpmkey_fmt_t format,
+			    gnutls_x509_crt_fmt_t pub_format,
+			    gnutls_datum_t * privkey,
+			    gnutls_datum_t * pubkey, unsigned int flags);
+
+void gnutls_tpm_key_list_deinit(gnutls_tpm_key_list_t list);
+int gnutls_tpm_key_list_get_url(gnutls_tpm_key_list_t list,
+				unsigned int idx, char **url,
+				unsigned int flags);
+int gnutls_tpm_get_registered(gnutls_tpm_key_list_t * list);
+int gnutls_tpm_privkey_delete(const char *url, const char *srk_password);
+
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_TPM_H */
diff --git a/lib/includes/gnutls/urls.h b/lib/includes/gnutls/urls.h
new file mode 100644
index 0000000..f4fd5a7
--- /dev/null
+++ b/lib/includes/gnutls/urls.h
@@ -0,0 +1,78 @@
+/*
+ * Copyright (C) 2014 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_URLS_H
+#define GNUTLS_URLS_H
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+#include <gnutls/abstract.h>
+
+/* This API allows to register application specific URLs for
+ * keys and certificates.
+ */
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+typedef int (*gnutls_privkey_import_url_func)(gnutls_privkey_t pkey,
+					       const char *url, unsigned flags);
+
+typedef int (*gnutls_x509_crt_import_url_func)(gnutls_x509_crt_t pkey,
+					        const char *url, unsigned flags);
+
+/* The following callbacks are optional */
+
+/* This is to enable gnutls_pubkey_import_url() */
+typedef int (*gnutls_pubkey_import_url_func)(gnutls_pubkey_t pkey,
+					     const char *url, unsigned flags);
+
+/* This is to allow constructing a certificate chain. It will be provided
+ * the initial certificate URL and the certificate to find its issuer, and must
+ * return zero and the DER encoding of the issuer's certificate. If not available,
+ * it should return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE. */
+typedef int (*gnutls_get_raw_issuer_func)(const char *url, gnutls_x509_crt_t crt,
+					  gnutls_datum_t *issuer_der, unsigned flags);
+
+typedef struct gnutls_custom_url_st {
+	const char *name;
+	unsigned name_size;
+	gnutls_privkey_import_url_func import_key;
+	gnutls_x509_crt_import_url_func import_crt;
+	gnutls_pubkey_import_url_func import_pubkey;
+	gnutls_get_raw_issuer_func get_issuer;
+	void *future1; /* replace in a future extension */
+	void *future2; /* replace in a future extension */
+} gnutls_custom_url_st;
+
+int gnutls_register_custom_url(const gnutls_custom_url_st *st);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_URLS_H */
diff --git a/lib/includes/gnutls/x509-ext.h b/lib/includes/gnutls/x509-ext.h
new file mode 100644
index 0000000..459c1e8
--- /dev/null
+++ b/lib/includes/gnutls/x509-ext.h
@@ -0,0 +1,224 @@
+/*
+ * Copyright (C) 2014 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Prototypes for direct handling of extension data */
+
+#ifndef GNUTLS_X509_EXT_H
+#define GNUTLS_X509_EXT_H
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+typedef struct gnutls_subject_alt_names_st *gnutls_subject_alt_names_t;
+
+int gnutls_subject_alt_names_init(gnutls_subject_alt_names_t *);
+void gnutls_subject_alt_names_deinit(gnutls_subject_alt_names_t sans);
+int gnutls_subject_alt_names_get(gnutls_subject_alt_names_t sans, unsigned int seq,
+				 unsigned int *san_type, gnutls_datum_t * san,
+				 gnutls_datum_t * othername_oid);
+int gnutls_subject_alt_names_set(gnutls_subject_alt_names_t sans,
+				 unsigned int san_type,
+				 const gnutls_datum_t * san,
+				 const char* othername_oid);
+
+
+int gnutls_x509_ext_import_subject_alt_names(const gnutls_datum_t * ext,
+					 gnutls_subject_alt_names_t,
+					 unsigned int flags);
+int gnutls_x509_ext_export_subject_alt_names(gnutls_subject_alt_names_t,
+					  gnutls_datum_t * ext);
+
+/* They are exactly the same */
+#define gnutls_x509_ext_import_issuer_alt_name gnutls_x509_ext_import_subject_alt_name
+#define gnutls_x509_ext_export_issuer_alt_name gnutls_x509_ext_export_subject_alt_name
+
+typedef struct gnutls_x509_crl_dist_points_st *gnutls_x509_crl_dist_points_t;
+
+int gnutls_x509_crl_dist_points_init(gnutls_x509_crl_dist_points_t *);
+void gnutls_x509_crl_dist_points_deinit(gnutls_x509_crl_dist_points_t);
+int gnutls_x509_crl_dist_points_get(gnutls_x509_crl_dist_points_t, unsigned int seq,
+				  unsigned int *type,
+				  gnutls_datum_t *dist, unsigned int *reason_flags);
+int gnutls_x509_crl_dist_points_set(gnutls_x509_crl_dist_points_t,
+				 gnutls_x509_subject_alt_name_t type,
+				 const gnutls_datum_t *dist, unsigned int reason_flags);
+
+int gnutls_x509_ext_import_crl_dist_points(const gnutls_datum_t * ext,
+					gnutls_x509_crl_dist_points_t dp,
+					unsigned int flags);
+int gnutls_x509_ext_export_crl_dist_points(gnutls_x509_crl_dist_points_t dp,
+					gnutls_datum_t * ext);
+
+int gnutls_x509_ext_import_name_constraints(const gnutls_datum_t * ext,
+					 gnutls_x509_name_constraints_t nc,
+					 unsigned int flags);
+int gnutls_x509_ext_export_name_constraints(gnutls_x509_name_constraints_t nc,
+					 gnutls_datum_t * ext);
+
+typedef struct gnutls_x509_aia_st *gnutls_x509_aia_t;
+
+int gnutls_x509_aia_init(gnutls_x509_aia_t *);
+void gnutls_x509_aia_deinit(gnutls_x509_aia_t);
+int gnutls_x509_aia_get(gnutls_x509_aia_t aia, unsigned int seq,
+			gnutls_datum_t *oid,
+			unsigned *san_type,
+			gnutls_datum_t *san);
+int gnutls_x509_aia_set(gnutls_x509_aia_t aia,
+			const char *oid,
+			unsigned san_type,
+			const gnutls_datum_t * san);
+
+int gnutls_x509_ext_import_aia(const gnutls_datum_t * ext,
+				gnutls_x509_aia_t,
+				unsigned int flags);
+int gnutls_x509_ext_export_aia(gnutls_x509_aia_t aia,
+					      gnutls_datum_t * ext);
+
+int gnutls_x509_ext_import_subject_key_id(const gnutls_datum_t * ext,
+				       gnutls_datum_t * id);
+int gnutls_x509_ext_export_subject_key_id(const gnutls_datum_t * id,
+				       gnutls_datum_t * ext);
+
+typedef struct gnutls_x509_aki_st *gnutls_x509_aki_t;
+
+int gnutls_x509_ext_export_authority_key_id(gnutls_x509_aki_t,
+					 gnutls_datum_t * ext);
+int gnutls_x509_ext_import_authority_key_id(const gnutls_datum_t * ext,
+					 gnutls_x509_aki_t,
+					 unsigned int flags);
+
+int gnutls_x509_othername_to_virtual(const char *oid, 
+				     const gnutls_datum_t *othername,
+				     unsigned int *virt_type,
+				     gnutls_datum_t *virt);
+
+int gnutls_x509_aki_init(gnutls_x509_aki_t *);
+int gnutls_x509_aki_get_id(gnutls_x509_aki_t, gnutls_datum_t *id);
+int gnutls_x509_aki_get_cert_issuer(gnutls_x509_aki_t aki, unsigned int seq,
+				 unsigned int *san_type, gnutls_datum_t * san,
+				 gnutls_datum_t *othername_oid,
+				 gnutls_datum_t *serial);
+int gnutls_x509_aki_set_id(gnutls_x509_aki_t aki, const gnutls_datum_t *id);
+int gnutls_x509_aki_set_cert_issuer(gnutls_x509_aki_t aki, 
+				 unsigned int san_type, 
+				 const gnutls_datum_t * san,
+				 const char *othername_oid,
+				 const gnutls_datum_t * serial);
+void gnutls_x509_aki_deinit(gnutls_x509_aki_t);
+
+int gnutls_x509_ext_import_private_key_usage_period(const gnutls_datum_t * ext,
+						 time_t * activation,
+						 time_t * expiration);
+int gnutls_x509_ext_export_private_key_usage_period(time_t activation,
+						 time_t expiration,
+						 gnutls_datum_t * ext);
+
+int gnutls_x509_ext_import_basic_constraints(const gnutls_datum_t * ext,
+					  unsigned int *ca, int *pathlen);
+int gnutls_x509_ext_export_basic_constraints(unsigned int ca, int pathlen,
+					  gnutls_datum_t * ext);
+
+typedef struct gnutls_x509_key_purposes_st *gnutls_x509_key_purposes_t;
+
+int gnutls_x509_key_purpose_init(gnutls_x509_key_purposes_t *p);
+void gnutls_x509_key_purpose_deinit(gnutls_x509_key_purposes_t p);
+int gnutls_x509_key_purpose_set(gnutls_x509_key_purposes_t p, const char *oid);
+int gnutls_x509_key_purpose_get(gnutls_x509_key_purposes_t p, unsigned idx, gnutls_datum_t *oid);
+
+int gnutls_x509_ext_import_key_purposes(const gnutls_datum_t * ext,
+				     gnutls_x509_key_purposes_t,
+				     unsigned int flags);
+int gnutls_x509_ext_export_key_purposes(gnutls_x509_key_purposes_t,
+				     gnutls_datum_t * ext);
+
+
+int gnutls_x509_ext_import_key_usage(const gnutls_datum_t * ext,
+				  unsigned int *key_usage);
+int gnutls_x509_ext_export_key_usage(unsigned int key_usage,
+				  gnutls_datum_t * ext);
+
+int gnutls_x509_ext_import_inhibit_anypolicy(const gnutls_datum_t * ext,
+				  unsigned int *skipcerts);
+int gnutls_x509_ext_export_inhibit_anypolicy(unsigned int skipcerts,
+				  gnutls_datum_t * ext);
+
+int gnutls_x509_ext_import_proxy(const gnutls_datum_t * ext, int *pathlen,
+			      char **policyLanguage, char **policy,
+			      size_t * sizeof_policy);
+int gnutls_x509_ext_export_proxy(int pathLenConstraint, const char *policyLanguage,
+			      const char *policy, size_t sizeof_policy,
+			      gnutls_datum_t * ext);
+
+typedef struct gnutls_x509_policies_st *gnutls_x509_policies_t;
+
+int gnutls_x509_policies_init(gnutls_x509_policies_t *);
+void gnutls_x509_policies_deinit(gnutls_x509_policies_t);
+
+int gnutls_x509_policies_get(gnutls_x509_policies_t policies, unsigned int seq,
+				 struct gnutls_x509_policy_st *policy);
+int gnutls_x509_policies_set(gnutls_x509_policies_t policies,
+				 const struct gnutls_x509_policy_st *policy);
+
+int gnutls_x509_ext_import_policies(const gnutls_datum_t * ext, gnutls_x509_policies_t
+				 policies,
+				 unsigned int flags);
+int gnutls_x509_ext_export_policies(gnutls_x509_policies_t policies,
+				 gnutls_datum_t * ext);
+
+int gnutls_x509_ext_import_tlsfeatures(const gnutls_datum_t * ext,
+									   gnutls_x509_tlsfeatures_t,
+									   unsigned int flags);
+
+int gnutls_x509_ext_export_tlsfeatures(gnutls_x509_tlsfeatures_t f,
+					  gnutls_datum_t * ext);
+
+int gnutls_x509_tlsfeatures_add(gnutls_x509_tlsfeatures_t f, unsigned int feature);
+
+typedef struct gnutls_x509_ct_scts_st *gnutls_x509_ct_scts_t;
+
+int gnutls_x509_ext_ct_scts_init(gnutls_x509_ct_scts_t * scts);
+void gnutls_x509_ext_ct_scts_deinit(gnutls_x509_ct_scts_t scts);
+int gnutls_x509_ext_ct_import_scts(const gnutls_datum_t * ext,
+				   gnutls_x509_ct_scts_t scts, unsigned int flags);
+int gnutls_x509_ext_ct_export_scts(const gnutls_x509_ct_scts_t scts, gnutls_datum_t * ext);
+int gnutls_x509_ct_sct_get_version(const gnutls_x509_ct_scts_t scts, unsigned idx,
+				   unsigned int *version_out);
+int gnutls_x509_ct_sct_get(const gnutls_x509_ct_scts_t scts,
+			   unsigned idx,
+			   time_t *timestamp,
+			   gnutls_datum_t *logid,
+			   gnutls_sign_algorithm_t *sigalg,
+			   gnutls_datum_t *signature);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_X509_EXT_H */
diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h
new file mode 100644
index 0000000..5ac601a
--- /dev/null
+++ b/lib/includes/gnutls/x509.h
@@ -0,0 +1,1750 @@
+/*
+ * Copyright (C) 2003-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the types and prototypes for the X.509
+ * certificate and CRL handling functions.
+ */
+
+#ifndef GNUTLS_X509_H
+#define GNUTLS_X509_H
+
+#include <gnutls/gnutls.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+/* Some OIDs usually found in Distinguished names, or
+ * in Subject Directory Attribute extensions.
+ */
+#define GNUTLS_OID_X520_COUNTRY_NAME		"2.5.4.6"
+#define GNUTLS_OID_X520_ORGANIZATION_NAME	"2.5.4.10"
+#define GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME "2.5.4.11"
+#define GNUTLS_OID_X520_COMMON_NAME		"2.5.4.3"
+#define GNUTLS_OID_X520_LOCALITY_NAME		"2.5.4.7"
+#define GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME	"2.5.4.8"
+
+#define GNUTLS_OID_X520_INITIALS		"2.5.4.43"
+#define GNUTLS_OID_X520_GENERATION_QUALIFIER	"2.5.4.44"
+#define GNUTLS_OID_X520_SURNAME			"2.5.4.4"
+#define GNUTLS_OID_X520_GIVEN_NAME		"2.5.4.42"
+#define GNUTLS_OID_X520_TITLE			"2.5.4.12"
+#define GNUTLS_OID_X520_DN_QUALIFIER		"2.5.4.46"
+#define GNUTLS_OID_X520_PSEUDONYM		"2.5.4.65"
+#define GNUTLS_OID_X520_POSTALCODE              "2.5.4.17"
+#define GNUTLS_OID_X520_NAME                    "2.5.4.41"
+
+#define GNUTLS_OID_LDAP_DC			"0.9.2342.19200300.100.1.25"
+#define GNUTLS_OID_LDAP_UID			"0.9.2342.19200300.100.1.1"
+
+/* The following should not be included in DN.
+ */
+#define GNUTLS_OID_PKCS9_EMAIL			"1.2.840.113549.1.9.1"
+
+#define GNUTLS_OID_PKIX_DATE_OF_BIRTH		"1.3.6.1.5.5.7.9.1"
+#define GNUTLS_OID_PKIX_PLACE_OF_BIRTH		"1.3.6.1.5.5.7.9.2"
+#define GNUTLS_OID_PKIX_GENDER			"1.3.6.1.5.5.7.9.3"
+#define GNUTLS_OID_PKIX_COUNTRY_OF_CITIZENSHIP	"1.3.6.1.5.5.7.9.4"
+#define GNUTLS_OID_PKIX_COUNTRY_OF_RESIDENCE	"1.3.6.1.5.5.7.9.5"
+
+/* Key purpose Object Identifiers.
+ */
+#define GNUTLS_KP_TLS_WWW_SERVER		"1.3.6.1.5.5.7.3.1"
+#define GNUTLS_KP_TLS_WWW_CLIENT                "1.3.6.1.5.5.7.3.2"
+#define GNUTLS_KP_CODE_SIGNING			"1.3.6.1.5.5.7.3.3"
+#define GNUTLS_KP_MS_SMART_CARD_LOGON		"1.3.6.1.4.1.311.20.2.2"
+#define GNUTLS_KP_EMAIL_PROTECTION		"1.3.6.1.5.5.7.3.4"
+#define GNUTLS_KP_TIME_STAMPING			"1.3.6.1.5.5.7.3.8"
+#define GNUTLS_KP_OCSP_SIGNING			"1.3.6.1.5.5.7.3.9"
+#define GNUTLS_KP_IPSEC_IKE			"1.3.6.1.5.5.7.3.17"
+#define GNUTLS_KP_ANY				"2.5.29.37.0"
+
+#define GNUTLS_KP_FLAG_DISALLOW_ANY		1
+
+#define GNUTLS_OID_AIA				"1.3.6.1.5.5.7.1.1"
+#define GNUTLS_OID_AD_OCSP			"1.3.6.1.5.5.7.48.1"
+#define GNUTLS_OID_AD_CAISSUERS			"1.3.6.1.5.5.7.48.2"
+
+#define GNUTLS_FSAN_SET 0
+#define GNUTLS_FSAN_APPEND 1
+#define GNUTLS_FSAN_ENCODE_OCTET_STRING (1<<1)
+#define GNUTLS_FSAN_ENCODE_UTF8_STRING (1<<2)
+
+#define GNUTLS_X509EXT_OID_SUBJECT_KEY_ID "2.5.29.14"
+#define GNUTLS_X509EXT_OID_KEY_USAGE "2.5.29.15"
+#define GNUTLS_X509EXT_OID_PRIVATE_KEY_USAGE_PERIOD "2.5.29.16"
+#define GNUTLS_X509EXT_OID_SAN "2.5.29.17"
+#define GNUTLS_X509EXT_OID_IAN "2.5.29.18"
+#define GNUTLS_X509EXT_OID_BASIC_CONSTRAINTS "2.5.29.19"
+#define GNUTLS_X509EXT_OID_NAME_CONSTRAINTS "2.5.29.30"
+#define GNUTLS_X509EXT_OID_CRL_DIST_POINTS "2.5.29.31"
+#define GNUTLS_X509EXT_OID_CRT_POLICY "2.5.29.32"
+#define GNUTLS_X509EXT_OID_AUTHORITY_KEY_ID "2.5.29.35"
+#define GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE "2.5.29.37"
+#define GNUTLS_X509EXT_OID_INHIBIT_ANYPOLICY "2.5.29.52"
+#define GNUTLS_X509EXT_OID_AUTHORITY_INFO_ACCESS "1.3.6.1.5.5.7.1.1"
+#define GNUTLS_X509EXT_OID_PROXY_CRT_INFO "1.3.6.1.5.5.7.1.14"
+#define GNUTLS_X509EXT_OID_TLSFEATURES "1.3.6.1.5.5.7.1.24"
+#define GNUTLS_X509EXT_OID_CT_SCT_V1 "1.3.6.1.4.1.11129.2.4.2"
+
+#define GNUTLS_X509_OID_POLICY_ANY "2.5.29.54"
+
+/* Certificate handling functions.
+ */
+
+/**
+ * gnutls_certificate_import_flags:
+ * @GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED: Fail if the
+ *   certificates in the buffer are more than the space allocated for
+ *   certificates. The error code will be %GNUTLS_E_SHORT_MEMORY_BUFFER.
+ * @GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED: Fail if the certificates
+ *   in the buffer are not ordered starting from subject to issuer.
+ *   The error code will be %GNUTLS_E_CERTIFICATE_LIST_UNSORTED.
+ * @GNUTLS_X509_CRT_LIST_SORT: Sort the certificate chain if unsorted.
+ *
+ * Enumeration of different certificate import flags.
+ */
+typedef enum gnutls_certificate_import_flags {
+	GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED = 1,
+	GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED = 1<<1,
+	GNUTLS_X509_CRT_LIST_SORT = 1<<2
+} gnutls_certificate_import_flags;
+
+int gnutls_x509_crt_init(gnutls_x509_crt_t * cert);
+void gnutls_x509_crt_deinit(gnutls_x509_crt_t cert);
+
+/**
+ * gnutls_certificate_import_flags:
+ * @GNUTLS_X509_CRT_FLAG_IGNORE_SANITY: Ignore any sanity checks at the
+ *   import of the certificate; i.e., ignore checks such as version/field
+ *   matching and strict time field checks. Intended to be used for debugging.
+ *
+ * Enumeration of different certificate flags.
+ */
+typedef enum gnutls_x509_crt_flags {
+	GNUTLS_X509_CRT_FLAG_IGNORE_SANITY = 1
+} gnutls_x509_crt_flags;
+void gnutls_x509_crt_set_flags(gnutls_x509_crt_t cert, unsigned flags);
+
+unsigned gnutls_x509_crt_equals(gnutls_x509_crt_t cert1, gnutls_x509_crt_t cert2);
+unsigned gnutls_x509_crt_equals2(gnutls_x509_crt_t cert1, const gnutls_datum_t * der);
+
+int gnutls_x509_crt_import(gnutls_x509_crt_t cert,
+			   const gnutls_datum_t * data,
+			   gnutls_x509_crt_fmt_t format);
+int gnutls_x509_crt_list_import2(gnutls_x509_crt_t ** certs,
+				 unsigned int *size,
+				 const gnutls_datum_t * data,
+				 gnutls_x509_crt_fmt_t format,
+				 unsigned int flags);
+int gnutls_x509_crt_list_import(gnutls_x509_crt_t * certs,
+				unsigned int *cert_max,
+				const gnutls_datum_t * data,
+				gnutls_x509_crt_fmt_t format,
+				unsigned int flags);
+
+int gnutls_x509_crt_import_url(gnutls_x509_crt_t crt,
+				      const char *url, unsigned int flags
+				      /* GNUTLS_PKCS11_OBJ_FLAG_* */
+    );
+
+int
+gnutls_x509_crt_list_import_url(gnutls_x509_crt_t **certs,
+				unsigned int *size,
+				const char *url,
+				gnutls_pin_callback_t pin_fn,
+				void *pin_fn_userdata,
+				unsigned int flags);
+
+int gnutls_x509_crt_export(gnutls_x509_crt_t cert,
+			   gnutls_x509_crt_fmt_t format,
+			   void *output_data, size_t * output_data_size);
+int gnutls_x509_crt_export2(gnutls_x509_crt_t cert,
+			    gnutls_x509_crt_fmt_t format,
+			    gnutls_datum_t * out);
+int gnutls_x509_crt_get_private_key_usage_period(gnutls_x509_crt_t
+						 cert,
+						 time_t *
+						 activation,
+						 time_t *
+						 expiration, unsigned int
+						 *critical);
+
+int gnutls_x509_crt_get_issuer_dn(gnutls_x509_crt_t cert,
+				  char *buf, size_t * buf_size);
+int gnutls_x509_crt_get_issuer_dn2(gnutls_x509_crt_t cert,
+				   gnutls_datum_t * dn);
+int gnutls_x509_crt_get_issuer_dn3(gnutls_x509_crt_t cert,
+				   gnutls_datum_t * dn, unsigned flags);
+int gnutls_x509_crt_get_issuer_dn_oid(gnutls_x509_crt_t cert,
+				      unsigned indx, void *oid,
+				      size_t * oid_size);
+int gnutls_x509_crt_get_issuer_dn_by_oid(gnutls_x509_crt_t cert,
+					 const char *oid, unsigned indx,
+					 unsigned int raw_flag,
+					 void *buf, size_t * buf_size);
+
+int gnutls_x509_crt_get_dn(gnutls_x509_crt_t cert, char *buf,
+			   size_t * buf_size);
+int gnutls_x509_crt_get_dn2(gnutls_x509_crt_t cert, gnutls_datum_t * dn);
+int gnutls_x509_crt_get_dn3(gnutls_x509_crt_t cert, gnutls_datum_t * dn, unsigned flags);
+
+int gnutls_x509_crt_get_dn_oid(gnutls_x509_crt_t cert, unsigned indx,
+			       void *oid, size_t * oid_size);
+int gnutls_x509_crt_get_dn_by_oid(gnutls_x509_crt_t cert,
+				  const char *oid, unsigned indx,
+				  unsigned int raw_flag, void *buf,
+				  size_t * buf_size);
+unsigned gnutls_x509_crt_check_hostname(gnutls_x509_crt_t cert,
+				   const char *hostname);
+unsigned gnutls_x509_crt_check_hostname2(gnutls_x509_crt_t cert,
+					 const char *hostname, unsigned int flags);
+unsigned
+gnutls_x509_crt_check_email(gnutls_x509_crt_t cert,
+			    const char *email, unsigned int flags);
+
+unsigned
+gnutls_x509_crt_check_ip(gnutls_x509_crt_t cert,
+			 const unsigned char *ip, unsigned int ip_size,
+			 unsigned int flags);
+
+int gnutls_x509_crt_get_signature_algorithm(gnutls_x509_crt_t cert);
+int gnutls_x509_crt_get_signature(gnutls_x509_crt_t cert,
+				  char *sig, size_t * sizeof_sig);
+int gnutls_x509_crt_get_version(gnutls_x509_crt_t cert);
+
+int gnutls_x509_crt_get_pk_oid(gnutls_x509_crt_t cert, char *oid, size_t *oid_size);
+int gnutls_x509_crt_get_signature_oid(gnutls_x509_crt_t cert, char *oid, size_t *oid_size);
+
+/**
+ * gnutls_keyid_flags_t:
+ * @GNUTLS_KEYID_USE_SHA1: Use SHA1 as the key ID algorithm (default).
+ * @GNUTLS_KEYID_USE_SHA256: Use SHA256 as the key ID algorithm.
+ * @GNUTLS_KEYID_USE_SHA512: Use SHA512 as the key ID algorithm.
+ * @GNUTLS_KEYID_USE_BEST_KNOWN: Use the best known algorithm to calculate key ID. Using that option will make your program behavior depend on the version of gnutls linked with. That option has a cap of 64-bytes key IDs.
+ *
+ * Enumeration of different flags for the key ID functions.
+ 
+ */
+typedef enum {
+	GNUTLS_KEYID_USE_SHA1 = 0,
+	GNUTLS_KEYID_USE_SHA256 = (1<<0),
+	GNUTLS_KEYID_USE_SHA512 = (1<<1),
+	GNUTLS_KEYID_USE_BEST_KNOWN = (1<<30)
+} gnutls_keyid_flags_t;
+int gnutls_x509_crt_get_key_id(gnutls_x509_crt_t crt,
+			       unsigned int flags,
+			       unsigned char *output_data,
+			       size_t * output_data_size);
+
+int gnutls_x509_crt_set_private_key_usage_period(gnutls_x509_crt_t
+						 crt,
+						 time_t activation,
+						 time_t expiration);
+int gnutls_x509_crt_set_authority_key_id(gnutls_x509_crt_t cert,
+					 const void *id, size_t id_size);
+int gnutls_x509_crt_get_authority_key_id(gnutls_x509_crt_t cert,
+					 void *id,
+					 size_t * id_size,
+					 unsigned int *critical);
+int gnutls_x509_crt_get_authority_key_gn_serial(gnutls_x509_crt_t
+						cert,
+						unsigned int seq,
+						void *alt,
+						size_t * alt_size,
+						unsigned int
+						*alt_type,
+						void *serial,
+						size_t *
+						serial_size, unsigned int
+						*critical);
+
+int gnutls_x509_crt_get_subject_key_id(gnutls_x509_crt_t cert,
+				       void *ret,
+				       size_t * ret_size,
+				       unsigned int *critical);
+
+int gnutls_x509_crt_get_subject_unique_id(gnutls_x509_crt_t crt,
+					  char *buf, size_t * buf_size);
+
+int gnutls_x509_crt_get_issuer_unique_id(gnutls_x509_crt_t crt,
+					 char *buf, size_t * buf_size);
+
+void gnutls_x509_crt_set_pin_function(gnutls_x509_crt_t crt,
+				      gnutls_pin_callback_t fn,
+				      void *userdata);
+
+  /**
+   * gnutls_info_access_what_t:
+   * @GNUTLS_IA_ACCESSMETHOD_OID: Get accessMethod OID.
+   * @GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE: Get accessLocation name type.
+   * @GNUTLS_IA_URI: Get accessLocation URI value.
+   * @GNUTLS_IA_OCSP_URI: get accessLocation URI value for OCSP.
+   * @GNUTLS_IA_CAISSUERS_URI: get accessLocation URI value for caIssuers.
+   *
+   * Enumeration of types for the @what parameter of
+   * gnutls_x509_crt_get_authority_info_access().
+   */
+typedef enum gnutls_info_access_what_t {
+	GNUTLS_IA_ACCESSMETHOD_OID = 1,
+	GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE = 2,
+	/* use 100-108 for the generalName types, populate as needed */
+	GNUTLS_IA_URI = 106,
+	/* quick-access variants that match both OID and name type. */
+	GNUTLS_IA_UNKNOWN = 10000,
+	GNUTLS_IA_OCSP_URI = 10006,
+	GNUTLS_IA_CAISSUERS_URI = 10106
+} gnutls_info_access_what_t;
+
+int gnutls_x509_crt_get_authority_info_access(gnutls_x509_crt_t
+					      crt,
+					      unsigned int seq,
+					      int what,
+					      gnutls_datum_t *
+					      data, unsigned int
+					      *critical);
+
+typedef struct gnutls_name_constraints_st *gnutls_x509_name_constraints_t;
+
+unsigned gnutls_x509_name_constraints_check(gnutls_x509_name_constraints_t nc,
+				       gnutls_x509_subject_alt_name_t type,
+				       const gnutls_datum_t * name);
+unsigned gnutls_x509_name_constraints_check_crt(gnutls_x509_name_constraints_t nc,
+				       gnutls_x509_subject_alt_name_t type,
+				       gnutls_x509_crt_t crt);
+
+int gnutls_x509_name_constraints_init(gnutls_x509_name_constraints_t *nc);
+void gnutls_x509_name_constraints_deinit(gnutls_x509_name_constraints_t nc);
+
+#define GNUTLS_EXT_FLAG_APPEND 1
+
+#define GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND GNUTLS_EXT_FLAG_APPEND
+int gnutls_x509_crt_get_name_constraints(gnutls_x509_crt_t crt,
+					 gnutls_x509_name_constraints_t nc,
+					 unsigned int flags,
+					 unsigned int *critical);
+int gnutls_x509_name_constraints_add_permitted(gnutls_x509_name_constraints_t nc,
+					       gnutls_x509_subject_alt_name_t type,
+					       const gnutls_datum_t * name);
+int gnutls_x509_name_constraints_add_excluded(gnutls_x509_name_constraints_t nc,
+					      gnutls_x509_subject_alt_name_t type,
+					      const gnutls_datum_t * name);
+int gnutls_x509_crt_set_name_constraints(gnutls_x509_crt_t crt, 
+					 gnutls_x509_name_constraints_t nc,
+					 unsigned int critical);
+int gnutls_x509_name_constraints_get_permitted(gnutls_x509_name_constraints_t nc,
+				     unsigned idx,
+				     unsigned *type, gnutls_datum_t * name);
+int gnutls_x509_name_constraints_get_excluded(gnutls_x509_name_constraints_t nc,
+				     unsigned idx,
+				     unsigned *type, gnutls_datum_t * name);
+int gnutls_x509_cidr_to_rfc5280(const char *cidr, gnutls_datum_t *cidr_rfc5280);
+
+
+#define GNUTLS_CRL_REASON_SUPERSEEDED GNUTLS_CRL_REASON_SUPERSEDED,
+  /**
+   * gnutls_x509_crl_reason_flags_t:
+   * @GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN: The privileges were withdrawn from the owner.
+   * @GNUTLS_CRL_REASON_CERTIFICATE_HOLD: The certificate is on hold.
+   * @GNUTLS_CRL_REASON_CESSATION_OF_OPERATION: The end-entity is no longer operating.
+   * @GNUTLS_CRL_REASON_SUPERSEDED: There is a newer certificate of the owner.
+   * @GNUTLS_CRL_REASON_AFFILIATION_CHANGED: The end-entity affiliation has changed.
+   * @GNUTLS_CRL_REASON_CA_COMPROMISE: The CA was compromised.
+   * @GNUTLS_CRL_REASON_KEY_COMPROMISE: The certificate's key was compromised.
+   * @GNUTLS_CRL_REASON_UNUSED: The key was never used.
+   * @GNUTLS_CRL_REASON_AA_COMPROMISE: AA compromised.
+   *
+   * Enumeration of types for the CRL revocation reasons. 
+   */
+typedef enum gnutls_x509_crl_reason_flags_t {
+	GNUTLS_CRL_REASON_UNSPECIFIED = 0,
+	GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN = 1,
+	GNUTLS_CRL_REASON_CERTIFICATE_HOLD = 2,
+	GNUTLS_CRL_REASON_CESSATION_OF_OPERATION = 4,
+	GNUTLS_CRL_REASON_SUPERSEDED = 8,
+	GNUTLS_CRL_REASON_AFFILIATION_CHANGED = 16,
+	GNUTLS_CRL_REASON_CA_COMPROMISE = 32,
+	GNUTLS_CRL_REASON_KEY_COMPROMISE = 64,
+	GNUTLS_CRL_REASON_UNUSED = 128,
+	GNUTLS_CRL_REASON_AA_COMPROMISE = 32768
+} gnutls_x509_crl_reason_flags_t;
+
+int gnutls_x509_crt_get_crl_dist_points(gnutls_x509_crt_t cert,
+					unsigned int seq,
+					void *ret,
+					size_t * ret_size,
+					unsigned int *reason_flags,
+					unsigned int *critical);
+int gnutls_x509_crt_set_crl_dist_points2(gnutls_x509_crt_t crt,
+					 gnutls_x509_subject_alt_name_t
+					 type, const void *data,
+					 unsigned int data_size,
+					 unsigned int reason_flags);
+int gnutls_x509_crt_set_crl_dist_points(gnutls_x509_crt_t crt,
+					gnutls_x509_subject_alt_name_t
+					type,
+					const void *data_string,
+					unsigned int reason_flags);
+int gnutls_x509_crt_cpy_crl_dist_points(gnutls_x509_crt_t dst,
+					gnutls_x509_crt_t src);
+
+int gnutls_x509_crl_sign(gnutls_x509_crl_t crl,
+			 gnutls_x509_crt_t issuer,
+			 gnutls_x509_privkey_t issuer_key);
+
+int gnutls_x509_crl_sign2(gnutls_x509_crl_t crl,
+			  gnutls_x509_crt_t issuer,
+			  gnutls_x509_privkey_t issuer_key,
+			  gnutls_digest_algorithm_t dig,
+			  unsigned int flags);
+
+time_t gnutls_x509_crt_get_activation_time(gnutls_x509_crt_t cert);
+
+/* This macro is deprecated and defunc; do not use */
+#define GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION ((time_t)4294197631)
+
+time_t gnutls_x509_crt_get_expiration_time(gnutls_x509_crt_t cert);
+int gnutls_x509_crt_get_serial(gnutls_x509_crt_t cert,
+			       void *result, size_t * result_size);
+
+typedef struct gnutls_x509_spki_st *gnutls_x509_spki_t;
+
+int gnutls_x509_spki_init(gnutls_x509_spki_t *spki);
+void gnutls_x509_spki_deinit(gnutls_x509_spki_t spki);
+
+int gnutls_x509_spki_get_rsa_pss_params(gnutls_x509_spki_t spki,
+			gnutls_digest_algorithm_t *dig, unsigned int *salt_size);
+
+void gnutls_x509_spki_set_rsa_pss_params(gnutls_x509_spki_t spki,
+			gnutls_digest_algorithm_t dig, unsigned int salt_size);
+
+int gnutls_x509_crt_get_pk_algorithm(gnutls_x509_crt_t cert,
+				     unsigned int *bits);
+int gnutls_x509_crt_set_spki(gnutls_x509_crt_t crt, const gnutls_x509_spki_t spki,
+			     unsigned int flags);
+int gnutls_x509_crt_get_spki(gnutls_x509_crt_t cert, gnutls_x509_spki_t spki,
+			     unsigned int flags);
+
+int gnutls_x509_crt_get_pk_rsa_raw(gnutls_x509_crt_t crt,
+				   gnutls_datum_t * m, gnutls_datum_t * e);
+int gnutls_x509_crt_get_pk_dsa_raw(gnutls_x509_crt_t crt,
+				   gnutls_datum_t * p,
+				   gnutls_datum_t * q,
+				   gnutls_datum_t * g, gnutls_datum_t * y);
+int gnutls_x509_crt_get_pk_ecc_raw(gnutls_x509_crt_t crt,
+				   gnutls_ecc_curve_t * curve,
+				   gnutls_datum_t * x,
+				   gnutls_datum_t * y);
+int gnutls_x509_crt_get_pk_gost_raw(gnutls_x509_crt_t crt,
+				    gnutls_ecc_curve_t * curve,
+				    gnutls_digest_algorithm_t * digest,
+				    gnutls_gost_paramset_t *paramset,
+				    gnutls_datum_t * x, gnutls_datum_t * y);
+
+int gnutls_x509_crt_get_subject_alt_name(gnutls_x509_crt_t cert,
+					 unsigned int seq,
+					 void *san,
+					 size_t * san_size,
+					 unsigned int *critical);
+int gnutls_x509_crt_get_subject_alt_name2(gnutls_x509_crt_t cert,
+					  unsigned int seq,
+					  void *san,
+					  size_t * san_size,
+					  unsigned int *san_type,
+					  unsigned int *critical);
+
+int gnutls_x509_crt_get_subject_alt_othername_oid(gnutls_x509_crt_t
+						  cert,
+						  unsigned int seq,
+						  void *oid,
+						  size_t * oid_size);
+
+int gnutls_x509_crt_get_issuer_alt_name(gnutls_x509_crt_t cert,
+					unsigned int seq,
+					void *ian,
+					size_t * ian_size,
+					unsigned int *critical);
+int gnutls_x509_crt_get_issuer_alt_name2(gnutls_x509_crt_t cert,
+					 unsigned int seq,
+					 void *ian,
+					 size_t * ian_size,
+					 unsigned int *ian_type,
+					 unsigned int *critical);
+
+int gnutls_x509_crt_get_issuer_alt_othername_oid(gnutls_x509_crt_t
+						 cert,
+						 unsigned int seq,
+						 void *ret,
+						 size_t * ret_size);
+
+int gnutls_x509_crt_get_ca_status(gnutls_x509_crt_t cert,
+				  unsigned int *critical);
+int gnutls_x509_crt_get_basic_constraints(gnutls_x509_crt_t cert,
+					  unsigned int *critical,
+					  unsigned int *ca, int *pathlen);
+
+/* The key_usage flags are defined in gnutls.h. They are the
+ * GNUTLS_KEY_* definitions.
+ */
+int gnutls_x509_crt_get_key_usage(gnutls_x509_crt_t cert,
+				  unsigned int *key_usage,
+				  unsigned int *critical);
+int gnutls_x509_crt_set_key_usage(gnutls_x509_crt_t crt,
+				  unsigned int usage);
+int gnutls_x509_crt_set_authority_info_access(gnutls_x509_crt_t
+					      crt, int what,
+					      gnutls_datum_t * data);
+
+int gnutls_x509_crt_get_inhibit_anypolicy(gnutls_x509_crt_t cert,
+				  unsigned int *skipcerts,
+				  unsigned int *critical);
+int
+gnutls_x509_crt_set_inhibit_anypolicy(gnutls_x509_crt_t crt, unsigned int skipcerts);
+
+int gnutls_x509_crt_get_proxy(gnutls_x509_crt_t cert,
+			      unsigned int *critical,
+			      int *pathlen,
+			      char **policyLanguage,
+			      char **policy, size_t * sizeof_policy);
+
+
+typedef struct gnutls_x509_tlsfeatures_st *gnutls_x509_tlsfeatures_t;
+
+int gnutls_x509_tlsfeatures_init(gnutls_x509_tlsfeatures_t *features);
+void gnutls_x509_tlsfeatures_deinit(gnutls_x509_tlsfeatures_t);
+int gnutls_x509_tlsfeatures_get(gnutls_x509_tlsfeatures_t f, unsigned idx, unsigned int *feature);
+
+int gnutls_x509_crt_set_tlsfeatures(gnutls_x509_crt_t crt,
+				    gnutls_x509_tlsfeatures_t features);
+
+int gnutls_x509_crt_get_tlsfeatures(gnutls_x509_crt_t cert,
+				    gnutls_x509_tlsfeatures_t features,
+				    unsigned int flags,
+				    unsigned int *critical);
+
+unsigned gnutls_x509_tlsfeatures_check_crt(gnutls_x509_tlsfeatures_t feat,
+				           gnutls_x509_crt_t crt);
+
+
+#define GNUTLS_MAX_QUALIFIERS 8
+
+  /**
+   * gnutls_x509_qualifier_t:
+   * @GNUTLS_X509_QUALIFIER_UNKNOWN: Unknown qualifier.
+   * @GNUTLS_X509_QUALIFIER_URI: A URL
+   * @GNUTLS_X509_QUALIFIER_NOICE: A text notice.
+   *
+   * Enumeration of types for the X.509 qualifiers, of the certificate policy extension. 
+   */
+typedef enum gnutls_x509_qualifier_t {
+	GNUTLS_X509_QUALIFIER_UNKNOWN = 0, GNUTLS_X509_QUALIFIER_URI,
+	GNUTLS_X509_QUALIFIER_NOTICE
+} gnutls_x509_qualifier_t;
+
+typedef struct gnutls_x509_policy_st {
+	char *oid;
+	unsigned int qualifiers;
+	struct {
+		gnutls_x509_qualifier_t type;
+		char *data;
+		unsigned int size;
+	} qualifier[GNUTLS_MAX_QUALIFIERS];
+} gnutls_x509_policy_st;
+
+void gnutls_x509_policy_release(struct gnutls_x509_policy_st
+				*policy);
+int gnutls_x509_crt_get_policy(gnutls_x509_crt_t crt, unsigned indx, struct gnutls_x509_policy_st
+			       *policy, unsigned int *critical);
+int gnutls_x509_crt_set_policy(gnutls_x509_crt_t crt, const struct gnutls_x509_policy_st
+			       *policy, unsigned int critical);
+
+int gnutls_x509_dn_oid_known(const char *oid);
+
+#define GNUTLS_X509_DN_OID_RETURN_OID 1
+const char *gnutls_x509_dn_oid_name(const char *oid, unsigned int flags);
+
+	/* Read extensions by OID. */
+int gnutls_x509_crt_get_extension_oid(gnutls_x509_crt_t cert,
+				      unsigned indx, void *oid,
+				      size_t * oid_size);
+int gnutls_x509_crt_get_extension_by_oid(gnutls_x509_crt_t cert,
+					 const char *oid, unsigned indx,
+					 void *buf,
+					 size_t * buf_size,
+					 unsigned int *critical);
+
+int gnutls_x509_crq_get_signature_algorithm(gnutls_x509_crq_t crq);
+int
+gnutls_x509_crq_get_extension_by_oid2(gnutls_x509_crq_t crq,
+				     const char *oid, unsigned indx,
+				     gnutls_datum_t *output,
+				     unsigned int *critical);
+
+	/* Read extensions by sequence number. */
+int gnutls_x509_crt_get_extension_info(gnutls_x509_crt_t cert,
+				       unsigned indx, void *oid,
+				       size_t * oid_size,
+				       unsigned int *critical);
+int gnutls_x509_crt_get_extension_data(gnutls_x509_crt_t cert,
+				       unsigned indx, void *data,
+				       size_t * sizeof_data);
+int
+gnutls_x509_crt_get_extension_data2(gnutls_x509_crt_t cert,
+			       unsigned indx, gnutls_datum_t * data);
+
+
+int gnutls_x509_crt_set_extension_by_oid(gnutls_x509_crt_t crt,
+					 const char *oid,
+					 const void *buf,
+					 size_t sizeof_buf,
+					 unsigned int critical);
+
+/* X.509 Certificate writing.
+ */
+int gnutls_x509_crt_set_dn(gnutls_x509_crt_t crt, const char *dn,
+			   const char **err);
+
+int gnutls_x509_crt_set_dn_by_oid(gnutls_x509_crt_t crt,
+				  const char *oid,
+				  unsigned int raw_flag,
+				  const void *name,
+				  unsigned int sizeof_name);
+int gnutls_x509_crt_set_issuer_dn_by_oid(gnutls_x509_crt_t crt,
+					 const char *oid,
+					 unsigned int raw_flag,
+					 const void *name,
+					 unsigned int sizeof_name);
+int gnutls_x509_crt_set_issuer_dn(gnutls_x509_crt_t crt,
+				  const char *dn, const char **err);
+
+int gnutls_x509_crt_set_version(gnutls_x509_crt_t crt,
+				unsigned int version);
+int gnutls_x509_crt_set_key(gnutls_x509_crt_t crt,
+			    gnutls_x509_privkey_t key);
+int gnutls_x509_crt_set_ca_status(gnutls_x509_crt_t crt, unsigned int ca);
+int gnutls_x509_crt_set_basic_constraints(gnutls_x509_crt_t crt,
+					  unsigned int ca,
+					  int pathLenConstraint);
+
+int
+gnutls_x509_crt_set_subject_unique_id(gnutls_x509_crt_t cert, const void *id,
+			   size_t id_size);
+int
+gnutls_x509_crt_set_issuer_unique_id(gnutls_x509_crt_t cert, const void *id,
+			   size_t id_size);
+
+int gnutls_x509_crt_set_subject_alternative_name(gnutls_x509_crt_t
+						 crt,
+						 gnutls_x509_subject_alt_name_t
+						 type, const char
+						 *data_string);
+int gnutls_x509_crt_set_subject_alt_name(gnutls_x509_crt_t crt,
+					 gnutls_x509_subject_alt_name_t
+					 type, const void *data,
+					 unsigned int data_size,
+					 unsigned int flags);
+
+int
+gnutls_x509_crt_set_subject_alt_othername(gnutls_x509_crt_t crt,
+				     const char *oid,
+				     const void *data,
+				     unsigned int data_size,
+				     unsigned int flags);
+
+int gnutls_x509_crt_set_issuer_alt_name(gnutls_x509_crt_t crt,
+					 gnutls_x509_subject_alt_name_t
+					 type, const void *data,
+					 unsigned int data_size,
+					 unsigned int flags);
+
+int
+gnutls_x509_crt_set_issuer_alt_othername(gnutls_x509_crt_t crt,
+				     const char *oid,
+				     const void *data,
+				     unsigned int data_size,
+				     unsigned int flags);
+
+int gnutls_x509_crt_sign(gnutls_x509_crt_t crt,
+			 gnutls_x509_crt_t issuer,
+			 gnutls_x509_privkey_t issuer_key);
+int gnutls_x509_crt_sign2(gnutls_x509_crt_t crt,
+			  gnutls_x509_crt_t issuer,
+			  gnutls_x509_privkey_t issuer_key,
+			  gnutls_digest_algorithm_t dig,
+			  unsigned int flags);
+int gnutls_x509_crt_set_activation_time(gnutls_x509_crt_t cert,
+					time_t act_time);
+int gnutls_x509_crt_set_expiration_time(gnutls_x509_crt_t cert,
+					time_t exp_time);
+int gnutls_x509_crt_set_serial(gnutls_x509_crt_t cert,
+			       const void *serial, size_t serial_size);
+
+int gnutls_x509_crt_set_subject_key_id(gnutls_x509_crt_t cert,
+				       const void *id, size_t id_size);
+
+int gnutls_x509_crt_set_proxy_dn(gnutls_x509_crt_t crt,
+				 gnutls_x509_crt_t eecrt,
+				 unsigned int raw_flag,
+				 const void *name,
+				 unsigned int sizeof_name);
+int gnutls_x509_crt_set_proxy(gnutls_x509_crt_t crt,
+			      int pathLenConstraint,
+			      const char *policyLanguage,
+			      const char *policy, size_t sizeof_policy);
+
+int gnutls_x509_crt_print(gnutls_x509_crt_t cert,
+			  gnutls_certificate_print_formats_t
+			  format, gnutls_datum_t * out);
+int gnutls_x509_crl_print(gnutls_x509_crl_t crl,
+			  gnutls_certificate_print_formats_t
+			  format, gnutls_datum_t * out);
+
+	/* Access to internal Certificate fields.
+	 */
+int gnutls_x509_crt_get_raw_issuer_dn(gnutls_x509_crt_t cert,
+				      gnutls_datum_t * start);
+int gnutls_x509_crt_get_raw_dn(gnutls_x509_crt_t cert,
+			       gnutls_datum_t * start);
+
+/* RDN handling.
+ */
+int gnutls_x509_rdn_get(const gnutls_datum_t * idn,
+			char *buf, size_t * sizeof_buf);
+int
+gnutls_x509_rdn_get2(const gnutls_datum_t * idn,
+                     gnutls_datum_t *str, unsigned flags);
+
+int gnutls_x509_rdn_get_oid(const gnutls_datum_t * idn,
+			    unsigned indx, void *buf, size_t * sizeof_buf);
+
+int gnutls_x509_rdn_get_by_oid(const gnutls_datum_t * idn,
+			       const char *oid, unsigned indx,
+			       unsigned int raw_flag, void *buf,
+			       size_t * sizeof_buf);
+
+typedef struct gnutls_x509_dn_st *gnutls_x509_dn_t;
+
+typedef struct gnutls_x509_ava_st {
+	gnutls_datum_t oid;
+	gnutls_datum_t value;
+	unsigned long value_tag;
+} gnutls_x509_ava_st;
+
+int gnutls_x509_crt_get_subject(gnutls_x509_crt_t cert,
+				gnutls_x509_dn_t * dn);
+int gnutls_x509_crt_get_issuer(gnutls_x509_crt_t cert,
+			       gnutls_x509_dn_t * dn);
+int gnutls_x509_dn_get_rdn_ava(gnutls_x509_dn_t dn, int irdn,
+			       int iava, gnutls_x509_ava_st * ava);
+
+int gnutls_x509_dn_get_str(gnutls_x509_dn_t dn, gnutls_datum_t *str);
+
+#define GNUTLS_X509_DN_FLAG_COMPAT 1
+int gnutls_x509_dn_get_str2(gnutls_x509_dn_t dn, gnutls_datum_t *str, unsigned flags);
+
+int
+gnutls_x509_dn_set_str(gnutls_x509_dn_t dn, const char *str, const char **err);
+
+int gnutls_x509_dn_init(gnutls_x509_dn_t * dn);
+
+int gnutls_x509_dn_import(gnutls_x509_dn_t dn,
+			  const gnutls_datum_t * data);
+
+int gnutls_x509_dn_export(gnutls_x509_dn_t dn,
+			  gnutls_x509_crt_fmt_t format,
+			  void *output_data, size_t * output_data_size);
+int gnutls_x509_dn_export2(gnutls_x509_dn_t dn,
+			   gnutls_x509_crt_fmt_t format,
+			   gnutls_datum_t * out);
+
+void gnutls_x509_dn_deinit(gnutls_x509_dn_t dn);
+
+
+/* CRL handling functions.
+ */
+int gnutls_x509_crl_init(gnutls_x509_crl_t * crl);
+void gnutls_x509_crl_deinit(gnutls_x509_crl_t crl);
+
+int gnutls_x509_crl_import(gnutls_x509_crl_t crl,
+			   const gnutls_datum_t * data,
+			   gnutls_x509_crt_fmt_t format);
+int gnutls_x509_crl_export(gnutls_x509_crl_t crl,
+			   gnutls_x509_crt_fmt_t format,
+			   void *output_data, size_t * output_data_size);
+int gnutls_x509_crl_export2(gnutls_x509_crl_t crl,
+			    gnutls_x509_crt_fmt_t format,
+			    gnutls_datum_t * out);
+
+int
+gnutls_x509_crl_get_raw_issuer_dn(gnutls_x509_crl_t crl,
+				  gnutls_datum_t * dn);
+
+int gnutls_x509_crl_get_issuer_dn(gnutls_x509_crl_t crl,
+				  char *buf, size_t * sizeof_buf);
+int gnutls_x509_crl_get_issuer_dn2(gnutls_x509_crl_t crl,
+				   gnutls_datum_t * dn);
+int gnutls_x509_crl_get_issuer_dn3(gnutls_x509_crl_t crl,
+				   gnutls_datum_t * dn, unsigned flags);
+
+int gnutls_x509_crl_get_issuer_dn_by_oid(gnutls_x509_crl_t crl,
+					 const char *oid, unsigned indx,
+					 unsigned int raw_flag,
+					 void *buf, size_t * sizeof_buf);
+int gnutls_x509_crl_get_dn_oid(gnutls_x509_crl_t crl, unsigned indx,
+			       void *oid, size_t * sizeof_oid);
+
+int gnutls_x509_crl_get_signature_algorithm(gnutls_x509_crl_t crl);
+int gnutls_x509_crl_get_signature(gnutls_x509_crl_t crl,
+				  char *sig, size_t * sizeof_sig);
+int gnutls_x509_crl_get_version(gnutls_x509_crl_t crl);
+
+int gnutls_x509_crl_get_signature_oid(gnutls_x509_crl_t crl, char *oid, size_t *oid_size);
+
+time_t gnutls_x509_crl_get_this_update(gnutls_x509_crl_t crl);
+time_t gnutls_x509_crl_get_next_update(gnutls_x509_crl_t crl);
+
+int gnutls_x509_crl_get_crt_count(gnutls_x509_crl_t crl);
+int gnutls_x509_crl_get_crt_serial(gnutls_x509_crl_t crl, unsigned indx,
+				   unsigned char *serial,
+				   size_t * serial_size, time_t * t);
+
+typedef struct gnutls_x509_crl_iter * gnutls_x509_crl_iter_t;
+
+int gnutls_x509_crl_iter_crt_serial(gnutls_x509_crl_t crl,
+				    gnutls_x509_crl_iter_t *,
+				    unsigned char *serial,
+				    size_t * serial_size, time_t * t);
+
+void gnutls_x509_crl_iter_deinit(gnutls_x509_crl_iter_t);
+
+#define gnutls_x509_crl_get_certificate_count gnutls_x509_crl_get_crt_count
+#define gnutls_x509_crl_get_certificate gnutls_x509_crl_get_crt_serial
+
+unsigned gnutls_x509_crl_check_issuer(gnutls_x509_crl_t crl,
+				 gnutls_x509_crt_t issuer);
+
+int gnutls_x509_crl_list_import2(gnutls_x509_crl_t ** crls,
+				 unsigned int *size,
+				 const gnutls_datum_t * data,
+				 gnutls_x509_crt_fmt_t format,
+				 unsigned int flags);
+
+int gnutls_x509_crl_list_import(gnutls_x509_crl_t * crls,
+				unsigned int *crl_max,
+				const gnutls_datum_t * data,
+				gnutls_x509_crt_fmt_t format,
+				unsigned int flags);
+/* CRL writing.
+ */
+int gnutls_x509_crl_set_version(gnutls_x509_crl_t crl,
+				unsigned int version);
+int gnutls_x509_crl_set_this_update(gnutls_x509_crl_t crl,
+				    time_t act_time);
+int gnutls_x509_crl_set_next_update(gnutls_x509_crl_t crl,
+				    time_t exp_time);
+int gnutls_x509_crl_set_crt_serial(gnutls_x509_crl_t crl,
+				   const void *serial,
+				   size_t serial_size,
+				   time_t revocation_time);
+int gnutls_x509_crl_set_crt(gnutls_x509_crl_t crl,
+			    gnutls_x509_crt_t crt, time_t revocation_time);
+
+int gnutls_x509_crl_get_authority_key_id(gnutls_x509_crl_t crl,
+					 void *id,
+					 size_t * id_size,
+					 unsigned int *critical);
+int gnutls_x509_crl_get_authority_key_gn_serial(gnutls_x509_crl_t
+						crl,
+						unsigned int seq,
+						void *alt,
+						size_t * alt_size,
+						unsigned int
+						*alt_type,
+						void *serial,
+						size_t *
+						serial_size, unsigned int
+						*critical);
+
+int gnutls_x509_crl_get_number(gnutls_x509_crl_t crl, void *ret,
+			       size_t * ret_size, unsigned int *critical);
+
+int gnutls_x509_crl_get_extension_oid(gnutls_x509_crl_t crl,
+				      unsigned indx, void *oid,
+				      size_t * sizeof_oid);
+
+int gnutls_x509_crl_get_extension_info(gnutls_x509_crl_t crl,
+				       unsigned indx, void *oid,
+				       size_t * sizeof_oid,
+				       unsigned int *critical);
+
+int gnutls_x509_crl_get_extension_data(gnutls_x509_crl_t crl,
+				       unsigned indx, void *data,
+				       size_t * sizeof_data);
+int
+gnutls_x509_crl_get_extension_data2(gnutls_x509_crl_t crl,
+			       unsigned indx, gnutls_datum_t * data);
+
+int gnutls_x509_crl_set_authority_key_id(gnutls_x509_crl_t crl,
+					 const void *id, size_t id_size);
+
+int gnutls_x509_crl_set_number(gnutls_x509_crl_t crl,
+			       const void *nr, size_t nr_size);
+
+
+/* X.509 Certificate verification functions.
+ */
+
+/**
+ * gnutls_certificate_verify_flags:
+ * @GNUTLS_VERIFY_DISABLE_CA_SIGN: If set a signer does not have to be
+ *   a certificate authority. This flag should normally be disabled,
+ *   unless you know what this means.
+ * @GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS: If set a signer in the trusted
+ *   list is never checked for expiration or activation.
+ * @GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT: Do not allow trusted CA
+ *   certificates that have version 1.  This option is to be used
+ *   to deprecate all certificates of version 1.
+ * @GNUTLS_VERIFY_DO_NOT_ALLOW_SAME: If a certificate is not signed by
+ *   anyone trusted but exists in the trusted CA list do not treat it
+ *   as trusted.
+ * @GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN: A certificate chain is tolerated
+ *   if unsorted (the case with many TLS servers out there). This is the
+ *   default since GnuTLS 3.1.4.
+ * @GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN: Do not tolerate an unsorted
+ *   certificate chain.
+ * @GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT: Allow CA certificates that
+ *   have version 1 (both root and intermediate). This might be
+ *   dangerous since those haven't the basicConstraints
+ *   extension. 
+ * @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2: Allow certificates to be signed
+ *   using the broken MD2 algorithm.
+ * @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5: Allow certificates to be signed
+ *   using the broken MD5 algorithm.
+ * @GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1: Allow certificates to be signed
+ *   using the broken SHA1 hash algorithm.
+ * @GNUTLS_VERIFY_ALLOW_BROKEN: Allow certificates to be signed
+ *   using any broken algorithm.
+ * @GNUTLS_VERIFY_DISABLE_TIME_CHECKS: Disable checking of activation
+ *   and expiration validity periods of certificate chains. Don't set
+ *   this unless you understand the security implications.
+ * @GNUTLS_VERIFY_DISABLE_CRL_CHECKS: Disable checking for validity
+ *   using certificate revocation lists or the available OCSP data.
+ * @GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS: When including a hostname
+ *   check in the verification, do not consider any wildcards.
+ * @GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES: When verifying a hostname
+ *   prevent textual IP addresses from matching IP addresses in the
+ *   certificate. Treat the input only as a DNS name.
+ * @GNUTLS_VERIFY_USE_TLS1_RSA: This indicates that a (raw) RSA signature is provided
+ *   as in the TLS 1.0 protocol. Not all functions accept this flag.
+ * @GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS: This signals the verification
+ *   process, not to fail on unknown critical extensions.
+ * @GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH: Disallow RSA-PSS signatures made
+ *   with mismatching salt length with digest length, as mandated in RFC 8446
+ *   4.2.3.
+ *
+ * Enumeration of different certificate verify flags. Additional
+ * verification profiles can be set using GNUTLS_PROFILE_TO_VFLAGS()
+ * and %gnutls_certificate_verification_profiles_t.
+ */
+typedef enum gnutls_certificate_verify_flags {
+	GNUTLS_VERIFY_DISABLE_CA_SIGN = 1 << 0,
+	GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES = 1<<1,
+	GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 1 << 2,
+	GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 1 << 3,
+	GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 1 << 4,
+	GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 1 << 5,
+	GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 1 << 6,
+	GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 1 << 7,
+	GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 1 << 8,
+	GNUTLS_VERIFY_DISABLE_CRL_CHECKS = 1 << 9,
+	GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN = 1 << 10,
+	GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN = 1 << 11,
+	GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS = 1 << 12,
+	GNUTLS_VERIFY_USE_TLS1_RSA = 1 << 13,
+	GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS = 1 << 14,
+	GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1 = 1 << 15,
+	GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH = 1 << 16
+	/* cannot exceed 2^24 due to GNUTLS_PROFILE_TO_VFLAGS() */
+} gnutls_certificate_verify_flags;
+
+#define GNUTLS_VERIFY_ALLOW_BROKEN (GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2|GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5)
+
+/**
+ * gnutls_certificate_verification_profiles_t:
+ * @GNUTLS_PROFILE_UNKNOWN: An invalid/unknown profile.
+ * @GNUTLS_PROFILE_VERY_WEAK: A verification profile that
+ *  corresponds to @GNUTLS_SEC_PARAM_VERY_WEAK (64 bits)
+ * @GNUTLS_PROFILE_LOW: A verification profile that
+ *  corresponds to @GNUTLS_SEC_PARAM_LOW (80 bits)
+ * @GNUTLS_PROFILE_LEGACY: A verification profile that
+ *  corresponds to @GNUTLS_SEC_PARAM_LEGACY (96 bits)
+ * @GNUTLS_PROFILE_MEDIUM: A verification profile that
+ *  corresponds to @GNUTLS_SEC_PARAM_MEDIUM (112 bits)
+ * @GNUTLS_PROFILE_HIGH: A verification profile that
+ *  corresponds to @GNUTLS_SEC_PARAM_HIGH (128 bits)
+ * @GNUTLS_PROFILE_ULTRA: A verification profile that
+ *  corresponds to @GNUTLS_SEC_PARAM_ULTRA (192 bits)
+ * @GNUTLS_PROFILE_FUTURE: A verification profile that
+ *  corresponds to @GNUTLS_SEC_PARAM_FUTURE (256 bits)
+ * @GNUTLS_PROFILE_SUITEB128: A verification profile that
+ *  applies the SUITEB128 rules
+ * @GNUTLS_PROFILE_SUITEB192: A verification profile that
+ *  applies the SUITEB192 rules
+ *
+ * Enumeration of different certificate verification profiles.
+ */
+typedef enum gnutls_certificate_verification_profiles_t {
+	GNUTLS_PROFILE_UNKNOWN = 0,
+	GNUTLS_PROFILE_VERY_WEAK = 1,
+	GNUTLS_PROFILE_LOW = 2,
+	GNUTLS_PROFILE_LEGACY = 4,
+	GNUTLS_PROFILE_MEDIUM = 5,
+	GNUTLS_PROFILE_HIGH = 6,
+	GNUTLS_PROFILE_ULTRA = 7,
+	GNUTLS_PROFILE_FUTURE = 8,
+	
+	GNUTLS_PROFILE_SUITEB128=32,
+	GNUTLS_PROFILE_SUITEB192=33
+	/*GNUTLS_PROFILE_MAX=255*/
+} gnutls_certificate_verification_profiles_t;
+
+#define GNUTLS_PROFILE_TO_VFLAGS(x) \
+	(((unsigned)x)<<24)
+
+#define GNUTLS_VFLAGS_PROFILE_MASK (0xff000000)
+
+#define GNUTLS_VFLAGS_TO_PROFILE(x) \
+	((((unsigned)x)>>24)&0xff)
+
+const char *
+	gnutls_certificate_verification_profile_get_name(gnutls_certificate_verification_profiles_t id) __GNUTLS_CONST__;
+gnutls_certificate_verification_profiles_t gnutls_certificate_verification_profile_get_id(const char *name) __GNUTLS_CONST__;
+
+unsigned gnutls_x509_crt_check_issuer(gnutls_x509_crt_t cert,
+				 gnutls_x509_crt_t issuer);
+
+int gnutls_x509_crt_list_verify(const gnutls_x509_crt_t *
+				cert_list, unsigned cert_list_length,
+				const gnutls_x509_crt_t * CA_list,
+				unsigned CA_list_length,
+				const gnutls_x509_crl_t * CRL_list,
+				unsigned CRL_list_length,
+				unsigned int flags, unsigned int *verify);
+
+int gnutls_x509_crt_verify(gnutls_x509_crt_t cert,
+			   const gnutls_x509_crt_t * CA_list,
+			   unsigned CA_list_length, unsigned int flags,
+			   unsigned int *verify);
+int gnutls_x509_crl_verify(gnutls_x509_crl_t crl,
+			   const gnutls_x509_crt_t * CA_list,
+			   unsigned CA_list_length, unsigned int flags,
+			   unsigned int *verify);
+
+int
+gnutls_x509_crt_verify_data2(gnutls_x509_crt_t crt,
+			   gnutls_sign_algorithm_t algo,
+			   unsigned int flags,
+			   const gnutls_datum_t * data,
+			   const gnutls_datum_t * signature);
+
+int gnutls_x509_crt_check_revocation(gnutls_x509_crt_t cert,
+				     const gnutls_x509_crl_t *
+				     crl_list, unsigned crl_list_length);
+
+int gnutls_x509_crt_get_fingerprint(gnutls_x509_crt_t cert,
+				    gnutls_digest_algorithm_t algo,
+				    void *buf, size_t * buf_size);
+
+int gnutls_x509_crt_get_key_purpose_oid(gnutls_x509_crt_t cert,
+					unsigned indx, void *oid,
+					size_t * oid_size,
+					unsigned int *critical);
+int gnutls_x509_crt_set_key_purpose_oid(gnutls_x509_crt_t cert,
+					const void *oid,
+					unsigned int critical);
+
+unsigned gnutls_x509_crt_check_key_purpose(gnutls_x509_crt_t cert,
+		const char *purpose, unsigned flags);
+
+/* Private key handling.
+ */
+
+/* Flags for the gnutls_x509_privkey_export_pkcs8() function.
+ */
+
+#define GNUTLS_PKCS8_PLAIN GNUTLS_PKCS_PLAIN
+#define GNUTLS_PKCS8_USE_PKCS12_3DES GNUTLS_PKCS_PKCS12_3DES
+#define GNUTLS_PKCS8_USE_PKCS12_ARCFOUR GNUTLS_PKCS_PKCS12_ARCFOUR
+#define GNUTLS_PKCS8_USE_PKCS12_RC2_40 GNUTLS_PKCS_PKCS12_RC2_40
+
+/**
+ * gnutls_pkcs_encrypt_flags_t:
+ * @GNUTLS_PKCS_PLAIN: Unencrypted private key.
+ * @GNUTLS_PKCS_NULL_PASSWORD: Some schemas distinguish between an empty and a NULL password.
+ * @GNUTLS_PKCS_PKCS12_3DES: PKCS-12 3DES.
+ * @GNUTLS_PKCS_PKCS12_ARCFOUR: PKCS-12 ARCFOUR.
+ * @GNUTLS_PKCS_PKCS12_RC2_40: PKCS-12 RC2-40.
+ * @GNUTLS_PKCS_PBES2_3DES: PBES2 3DES.
+ * @GNUTLS_PKCS_PBES2_AES_128: PBES2 AES-128.
+ * @GNUTLS_PKCS_PBES2_AES_192: PBES2 AES-192.
+ * @GNUTLS_PKCS_PBES2_AES_256: PBES2 AES-256.
+ * @GNUTLS_PKCS_PBES2_DES: PBES2 single DES.
+ * @GNUTLS_PKCS_PBES1_DES_MD5: PBES1 with single DES; for compatibility with openssl only.
+ * @GNUTLS_PKCS_PBES2_GOST_TC26Z: PBES2 GOST 28147-89 CFB with TC26-Z S-box.
+ * @GNUTLS_PKCS_PBES2_GOST_CPA: PBES2 GOST 28147-89 CFB with CryptoPro-A S-box.
+ * @GNUTLS_PKCS_PBES2_GOST_CPB: PBES2 GOST 28147-89 CFB with CryptoPro-B S-box.
+ * @GNUTLS_PKCS_PBES2_GOST_CPC: PBES2 GOST 28147-89 CFB with CryptoPro-C S-box.
+ * @GNUTLS_PKCS_PBES2_GOST_CPD: PBES2 GOST 28147-89 CFB with CryptoPro-D S-box.
+ *
+ * Enumeration of different PKCS encryption flags.
+ */
+typedef enum gnutls_pkcs_encrypt_flags_t {
+	GNUTLS_PKCS_PLAIN = 1,
+	GNUTLS_PKCS_PKCS12_3DES = 1<<1,
+	GNUTLS_PKCS_PKCS12_ARCFOUR = 1<<2,
+	GNUTLS_PKCS_PKCS12_RC2_40 = 1<<3,
+	GNUTLS_PKCS_PBES2_3DES = 1<<4,
+	GNUTLS_PKCS_PBES2_AES_128 = 1<<5,
+	GNUTLS_PKCS_PBES2_AES_192 = 1<<6,
+	GNUTLS_PKCS_PBES2_AES_256 = 1<<7,
+	GNUTLS_PKCS_NULL_PASSWORD = 1<<8,
+	GNUTLS_PKCS_PBES2_DES = 1<<9,
+	GNUTLS_PKCS_PBES1_DES_MD5 = 1<<10,
+	GNUTLS_PKCS_PBES2_GOST_TC26Z = 1<<11,
+	GNUTLS_PKCS_PBES2_GOST_CPA = 1<<12,
+	GNUTLS_PKCS_PBES2_GOST_CPB = 1<<13,
+	GNUTLS_PKCS_PBES2_GOST_CPC = 1<<14,
+	GNUTLS_PKCS_PBES2_GOST_CPD = 1<<15
+} gnutls_pkcs_encrypt_flags_t;
+
+#define GNUTLS_PKCS_CIPHER_MASK(x) ((x)&(~(GNUTLS_PKCS_NULL_PASSWORD)))
+
+#define GNUTLS_PKCS_USE_PKCS12_3DES GNUTLS_PKCS_PKCS12_3DES
+#define GNUTLS_PKCS_USE_PKCS12_ARCFOUR GNUTLS_PKCS_PKCS12_ARCFOUR
+#define GNUTLS_PKCS_USE_PKCS12_RC2_40 GNUTLS_PKCS_PKCS12_RC2_40
+#define GNUTLS_PKCS_USE_PBES2_3DES GNUTLS_PKCS_PBES2_3DES
+#define GNUTLS_PKCS_USE_PBES2_AES_128 GNUTLS_PKCS_PBES2_AES_128
+#define GNUTLS_PKCS_USE_PBES2_AES_192 GNUTLS_PKCS_PBES2_AES_192
+#define GNUTLS_PKCS_USE_PBES2_AES_256 GNUTLS_PKCS_PBES2_AES_256
+#define GNUTLS_PKCS_USE_PBES2_GOST_TC26Z GNUTLS_PKCS_PBES2_GOST_TC26Z
+#define GNUTLS_PKCS_USE_PBES2_GOST_CPA GNUTLS_PKCS_PBES2_GOST_CPA
+#define GNUTLS_PKCS_USE_PBES2_GOST_CPB GNUTLS_PKCS_PBES2_GOST_CPB
+#define GNUTLS_PKCS_USE_PBES2_GOST_CPC GNUTLS_PKCS_PBES2_GOST_CPC
+#define GNUTLS_PKCS_USE_PBES2_GOST_CPD GNUTLS_PKCS_PBES2_GOST_CPD
+
+const char *gnutls_pkcs_schema_get_name(unsigned int schema);
+const char *gnutls_pkcs_schema_get_oid(unsigned int schema);
+
+int gnutls_x509_privkey_init(gnutls_x509_privkey_t * key);
+void gnutls_x509_privkey_deinit(gnutls_x509_privkey_t key);
+gnutls_sec_param_t
+gnutls_x509_privkey_sec_param(gnutls_x509_privkey_t key);
+
+void gnutls_x509_privkey_set_pin_function(gnutls_x509_privkey_t key,
+				      gnutls_pin_callback_t fn,
+				      void *userdata);
+
+int gnutls_x509_privkey_cpy(gnutls_x509_privkey_t dst,
+			    gnutls_x509_privkey_t src);
+int gnutls_x509_privkey_import(gnutls_x509_privkey_t key,
+			       const gnutls_datum_t * data,
+			       gnutls_x509_crt_fmt_t format);
+int gnutls_x509_privkey_import_pkcs8(gnutls_x509_privkey_t key,
+				     const gnutls_datum_t * data,
+				     gnutls_x509_crt_fmt_t format,
+				     const char *password,
+				     unsigned int flags);
+int gnutls_x509_privkey_import_openssl(gnutls_x509_privkey_t key,
+				       const gnutls_datum_t * data,
+				       const char *password);
+
+int
+gnutls_pkcs8_info(const gnutls_datum_t * data, gnutls_x509_crt_fmt_t format,
+		  unsigned int *schema, unsigned int *cipher,
+		  void *salt, unsigned int *salt_size,
+		  unsigned int *iter_count, char **oid);
+
+int gnutls_x509_privkey_import2(gnutls_x509_privkey_t key,
+				const gnutls_datum_t * data,
+				gnutls_x509_crt_fmt_t format,
+				const char *password, unsigned int flags);
+
+int gnutls_x509_privkey_import_rsa_raw(gnutls_x509_privkey_t key,
+				       const gnutls_datum_t * m,
+				       const gnutls_datum_t * e,
+				       const gnutls_datum_t * d,
+				       const gnutls_datum_t * p,
+				       const gnutls_datum_t * q,
+				       const gnutls_datum_t * u);
+int gnutls_x509_privkey_import_rsa_raw2(gnutls_x509_privkey_t key,
+					const gnutls_datum_t * m,
+					const gnutls_datum_t * e,
+					const gnutls_datum_t * d,
+					const gnutls_datum_t * p,
+					const gnutls_datum_t * q,
+					const gnutls_datum_t * u,
+					const gnutls_datum_t * e1,
+					const gnutls_datum_t * e2);
+int gnutls_x509_privkey_import_ecc_raw(gnutls_x509_privkey_t key,
+				       gnutls_ecc_curve_t curve,
+				       const gnutls_datum_t * x,
+				       const gnutls_datum_t * y,
+				       const gnutls_datum_t * k);
+int gnutls_x509_privkey_import_gost_raw(gnutls_x509_privkey_t key,
+				       gnutls_ecc_curve_t curve,
+				       gnutls_digest_algorithm_t digest,
+				       gnutls_gost_paramset_t paramset,
+				       const gnutls_datum_t * x,
+				       const gnutls_datum_t * y,
+				       const gnutls_datum_t * k);
+
+int gnutls_x509_privkey_fix(gnutls_x509_privkey_t key);
+
+int gnutls_x509_privkey_export_dsa_raw(gnutls_x509_privkey_t key,
+				       gnutls_datum_t * p,
+				       gnutls_datum_t * q,
+				       gnutls_datum_t * g,
+				       gnutls_datum_t * y,
+				       gnutls_datum_t * x);
+int gnutls_x509_privkey_import_dsa_raw(gnutls_x509_privkey_t key,
+				       const gnutls_datum_t * p,
+				       const gnutls_datum_t * q,
+				       const gnutls_datum_t * g,
+				       const gnutls_datum_t * y,
+				       const gnutls_datum_t * x);
+
+int gnutls_x509_privkey_get_pk_algorithm(gnutls_x509_privkey_t key);
+int gnutls_x509_privkey_get_pk_algorithm2(gnutls_x509_privkey_t
+					  key, unsigned int *bits);
+int gnutls_x509_privkey_get_spki(gnutls_x509_privkey_t key,
+				 gnutls_x509_spki_t spki,
+				 unsigned int flags);
+int
+gnutls_x509_privkey_set_spki(gnutls_x509_privkey_t key,
+			     const gnutls_x509_spki_t spki,
+			     unsigned int flags);
+
+int gnutls_x509_privkey_get_key_id(gnutls_x509_privkey_t key,
+				   unsigned int flags,
+				   unsigned char *output_data,
+				   size_t * output_data_size);
+
+int gnutls_x509_privkey_generate(gnutls_x509_privkey_t key,
+				 gnutls_pk_algorithm_t algo,
+				 unsigned int bits, unsigned int flags);
+
+void gnutls_x509_privkey_set_flags(gnutls_x509_privkey_t key, unsigned int flags);
+
+/**
+ * gnutls_keygen_types_t:
+ * @GNUTLS_KEYGEN_SEED: Specifies the seed to be used in key generation.
+ * @GNUTLS_KEYGEN_DIGEST: The size field specifies the hash algorithm to be used in key generation.
+ * @GNUTLS_KEYGEN_SPKI: data points to a %gnutls_x509_spki_t structure; it is not used after the key generation call.
+ *
+ * Enumeration of different key generation data options.
+ */
+typedef enum {
+	GNUTLS_KEYGEN_SEED = 1,
+	GNUTLS_KEYGEN_DIGEST = 2,
+	GNUTLS_KEYGEN_SPKI = 3
+} gnutls_keygen_types_t;
+
+typedef struct {
+	gnutls_keygen_types_t type;
+	unsigned char *data;
+	unsigned int size;
+} gnutls_keygen_data_st;
+
+int
+gnutls_x509_privkey_generate2(gnutls_x509_privkey_t key,
+			      gnutls_pk_algorithm_t algo, unsigned int bits,
+			      unsigned int flags, const gnutls_keygen_data_st *data, unsigned data_size);
+
+int gnutls_x509_privkey_verify_seed(gnutls_x509_privkey_t key, gnutls_digest_algorithm_t, const void *seed, size_t seed_size);
+int gnutls_x509_privkey_get_seed(gnutls_x509_privkey_t key, gnutls_digest_algorithm_t*, void *seed, size_t *seed_size);
+
+int gnutls_x509_privkey_verify_params(gnutls_x509_privkey_t key);
+
+int gnutls_x509_privkey_export(gnutls_x509_privkey_t key,
+			       gnutls_x509_crt_fmt_t format,
+			       void *output_data,
+			       size_t * output_data_size);
+int gnutls_x509_privkey_export2(gnutls_x509_privkey_t key,
+				gnutls_x509_crt_fmt_t format,
+				gnutls_datum_t * out);
+int gnutls_x509_privkey_export_pkcs8(gnutls_x509_privkey_t key,
+				     gnutls_x509_crt_fmt_t format,
+				     const char *password,
+				     unsigned int flags,
+				     void *output_data,
+				     size_t * output_data_size);
+int gnutls_x509_privkey_export2_pkcs8(gnutls_x509_privkey_t key,
+				      gnutls_x509_crt_fmt_t format,
+				      const char *password,
+				      unsigned int flags,
+				      gnutls_datum_t * out);
+int gnutls_x509_privkey_export_rsa_raw2(gnutls_x509_privkey_t key,
+					gnutls_datum_t * m,
+					gnutls_datum_t * e,
+					gnutls_datum_t * d,
+					gnutls_datum_t * p,
+					gnutls_datum_t * q,
+					gnutls_datum_t * u,
+					gnutls_datum_t * e1,
+					gnutls_datum_t * e2);
+int gnutls_x509_privkey_export_rsa_raw(gnutls_x509_privkey_t key,
+				       gnutls_datum_t * m,
+				       gnutls_datum_t * e,
+				       gnutls_datum_t * d,
+				       gnutls_datum_t * p,
+				       gnutls_datum_t * q,
+				       gnutls_datum_t * u);
+int gnutls_x509_privkey_export_ecc_raw(gnutls_x509_privkey_t key,
+				       gnutls_ecc_curve_t * curve,
+				       gnutls_datum_t * x,
+				       gnutls_datum_t * y,
+				       gnutls_datum_t * k);
+int gnutls_x509_privkey_export_gost_raw(gnutls_x509_privkey_t key,
+				       gnutls_ecc_curve_t * curve,
+				       gnutls_digest_algorithm_t * digest,
+				       gnutls_gost_paramset_t * paramset,
+				       gnutls_datum_t * x,
+				       gnutls_datum_t * y,
+				       gnutls_datum_t * k);
+
+int gnutls_x509_privkey_sign_data(gnutls_x509_privkey_t key,
+				  gnutls_digest_algorithm_t digest,
+				  unsigned int flags,
+				  const gnutls_datum_t * data,
+				  void *signature,
+				  size_t * signature_size);
+
+/* Certificate request stuff.
+ */
+int gnutls_x509_crq_sign(gnutls_x509_crq_t crq,
+			 gnutls_x509_privkey_t key);
+
+int gnutls_x509_crq_sign2(gnutls_x509_crq_t crq,
+			  gnutls_x509_privkey_t key,
+			  gnutls_digest_algorithm_t dig,
+			  unsigned int flags);
+
+int gnutls_x509_crq_print(gnutls_x509_crq_t crq,
+			  gnutls_certificate_print_formats_t
+			  format, gnutls_datum_t * out);
+
+int gnutls_x509_crq_verify(gnutls_x509_crq_t crq, unsigned int flags);
+
+int gnutls_x509_crq_init(gnutls_x509_crq_t * crq);
+void gnutls_x509_crq_deinit(gnutls_x509_crq_t crq);
+int gnutls_x509_crq_import(gnutls_x509_crq_t crq,
+			   const gnutls_datum_t * data,
+			   gnutls_x509_crt_fmt_t format);
+
+int gnutls_x509_crq_get_private_key_usage_period(gnutls_x509_crq_t
+						 cert,
+						 time_t *
+						 activation,
+						 time_t *
+						 expiration, unsigned int
+						 *critical);
+
+int gnutls_x509_crq_get_dn(gnutls_x509_crq_t crq, char *buf,
+			   size_t * sizeof_buf);
+int gnutls_x509_crq_get_dn2(gnutls_x509_crq_t crq, gnutls_datum_t * dn);
+int gnutls_x509_crq_get_dn3(gnutls_x509_crq_t crq, gnutls_datum_t * dn, unsigned flags);
+int gnutls_x509_crq_get_dn_oid(gnutls_x509_crq_t crq, unsigned indx,
+			       void *oid, size_t * sizeof_oid);
+int gnutls_x509_crq_get_dn_by_oid(gnutls_x509_crq_t crq,
+				  const char *oid, unsigned indx,
+				  unsigned int raw_flag, void *buf,
+				  size_t * sizeof_buf);
+int gnutls_x509_crq_set_dn(gnutls_x509_crq_t crq, const char *dn,
+			   const char **err);
+int gnutls_x509_crq_set_dn_by_oid(gnutls_x509_crq_t crq,
+				  const char *oid,
+				  unsigned int raw_flag,
+				  const void *data,
+				  unsigned int sizeof_data);
+int gnutls_x509_crq_set_version(gnutls_x509_crq_t crq,
+				unsigned int version);
+int gnutls_x509_crq_get_version(gnutls_x509_crq_t crq);
+int gnutls_x509_crq_set_key(gnutls_x509_crq_t crq,
+			    gnutls_x509_privkey_t key);
+
+int
+gnutls_x509_crq_set_extension_by_oid(gnutls_x509_crq_t crq,
+				     const char *oid, const void *buf,
+				     size_t sizeof_buf,
+				     unsigned int critical);
+
+int gnutls_x509_crq_set_challenge_password(gnutls_x509_crq_t crq,
+					   const char *pass);
+int gnutls_x509_crq_get_challenge_password(gnutls_x509_crq_t crq,
+					   char *pass,
+					   size_t * sizeof_pass);
+
+int gnutls_x509_crq_set_attribute_by_oid(gnutls_x509_crq_t crq,
+					 const char *oid,
+					 void *buf, size_t sizeof_buf);
+int gnutls_x509_crq_get_attribute_by_oid(gnutls_x509_crq_t crq,
+					 const char *oid, unsigned indx,
+					 void *buf, size_t * sizeof_buf);
+
+int gnutls_x509_crq_export(gnutls_x509_crq_t crq,
+			   gnutls_x509_crt_fmt_t format,
+			   void *output_data, size_t * output_data_size);
+int gnutls_x509_crq_export2(gnutls_x509_crq_t crq,
+			    gnutls_x509_crt_fmt_t format,
+			    gnutls_datum_t * out);
+
+int gnutls_x509_crt_set_crq(gnutls_x509_crt_t crt, gnutls_x509_crq_t crq);
+int gnutls_x509_crt_set_crq_extensions(gnutls_x509_crt_t crt,
+				       gnutls_x509_crq_t crq);
+
+int
+gnutls_x509_crt_set_crq_extension_by_oid(gnutls_x509_crt_t crt,
+				         gnutls_x509_crq_t crq, const char *oid,
+				         unsigned flags);
+
+int gnutls_x509_crq_set_private_key_usage_period(gnutls_x509_crq_t
+						 crq,
+						 time_t activation,
+						 time_t expiration);
+int gnutls_x509_crq_set_key_rsa_raw(gnutls_x509_crq_t crq,
+				    const gnutls_datum_t * m,
+				    const gnutls_datum_t * e);
+int gnutls_x509_crq_set_subject_alt_name(gnutls_x509_crq_t crq,
+					 gnutls_x509_subject_alt_name_t
+					 nt, const void *data,
+					 unsigned int data_size,
+					 unsigned int flags);
+
+int
+gnutls_x509_crq_set_subject_alt_othername(gnutls_x509_crq_t crq,
+				     const char *oid,
+				     const void *data,
+				     unsigned int data_size,
+				     unsigned int flags);
+
+int gnutls_x509_crq_set_key_usage(gnutls_x509_crq_t crq,
+				  unsigned int usage);
+int gnutls_x509_crq_set_basic_constraints(gnutls_x509_crq_t crq,
+					  unsigned int ca,
+					  int pathLenConstraint);
+int gnutls_x509_crq_set_key_purpose_oid(gnutls_x509_crq_t crq,
+					const void *oid,
+					unsigned int critical);
+int gnutls_x509_crq_get_key_purpose_oid(gnutls_x509_crq_t crq,
+					unsigned indx, void *oid,
+					size_t * sizeof_oid,
+					unsigned int *critical);
+
+int gnutls_x509_crq_get_extension_data(gnutls_x509_crq_t crq,
+				       unsigned indx, void *data,
+				       size_t * sizeof_data);
+int
+gnutls_x509_crq_get_extension_data2(gnutls_x509_crq_t crq,
+			       unsigned indx,
+			       gnutls_datum_t * data);
+int gnutls_x509_crq_get_extension_info(gnutls_x509_crq_t crq,
+				       unsigned indx, void *oid,
+				       size_t * sizeof_oid,
+				       unsigned int *critical);
+int gnutls_x509_crq_get_attribute_data(gnutls_x509_crq_t crq,
+				       unsigned indx, void *data,
+				       size_t * sizeof_data);
+int gnutls_x509_crq_get_attribute_info(gnutls_x509_crq_t crq,
+				       unsigned indx, void *oid,
+				       size_t * sizeof_oid);
+int gnutls_x509_crq_get_pk_algorithm(gnutls_x509_crq_t crq,
+				     unsigned int *bits);
+int gnutls_x509_crq_get_spki(gnutls_x509_crq_t crq, gnutls_x509_spki_t spki,
+			     unsigned int flags);
+
+int gnutls_x509_crq_set_spki(gnutls_x509_crq_t crq, const gnutls_x509_spki_t spki,
+			     unsigned int flags);
+
+int gnutls_x509_crq_get_signature_oid(gnutls_x509_crq_t crq, char *oid, size_t *oid_size);
+int gnutls_x509_crq_get_pk_oid(gnutls_x509_crq_t crq, char *oid, size_t *oid_size);
+
+int gnutls_x509_crq_get_key_id(gnutls_x509_crq_t crq,
+			       unsigned int flags,
+			       unsigned char *output_data,
+			       size_t * output_data_size);
+int gnutls_x509_crq_get_key_rsa_raw(gnutls_x509_crq_t crq,
+				    gnutls_datum_t * m,
+				    gnutls_datum_t * e);
+
+int gnutls_x509_crq_get_key_usage(gnutls_x509_crq_t crq,
+				  unsigned int *key_usage,
+				  unsigned int *critical);
+int gnutls_x509_crq_get_basic_constraints(gnutls_x509_crq_t crq,
+					  unsigned int *critical,
+					  unsigned int *ca, int *pathlen);
+int gnutls_x509_crq_get_subject_alt_name(gnutls_x509_crq_t crq,
+					 unsigned int seq,
+					 void *ret,
+					 size_t * ret_size,
+					 unsigned int *ret_type,
+					 unsigned int *critical);
+int gnutls_x509_crq_get_subject_alt_othername_oid(gnutls_x509_crq_t
+						  crq,
+						  unsigned int seq,
+						  void *ret,
+						  size_t * ret_size);
+
+int gnutls_x509_crq_get_extension_by_oid(gnutls_x509_crq_t crq,
+					 const char *oid, unsigned indx,
+					 void *buf,
+					 size_t * sizeof_buf,
+					 unsigned int *critical);
+
+int gnutls_x509_crq_get_tlsfeatures(gnutls_x509_crq_t crq,
+				    gnutls_x509_tlsfeatures_t features,
+				    unsigned flags,
+				    unsigned int *critical);
+int gnutls_x509_crq_set_tlsfeatures(gnutls_x509_crq_t crq,
+				    gnutls_x509_tlsfeatures_t features);
+
+int
+gnutls_x509_crt_get_extension_by_oid2(gnutls_x509_crt_t cert,
+				     const char *oid, unsigned indx,
+				     gnutls_datum_t *output,
+				     unsigned int *critical);
+
+typedef struct gnutls_x509_trust_list_st *gnutls_x509_trust_list_t;
+typedef struct gnutls_x509_trust_list_iter *gnutls_x509_trust_list_iter_t;
+
+int
+gnutls_x509_trust_list_init(gnutls_x509_trust_list_t * list,
+			    unsigned int size);
+
+void
+gnutls_x509_trust_list_deinit(gnutls_x509_trust_list_t list,
+			      unsigned int all);
+
+int gnutls_x509_trust_list_get_issuer(gnutls_x509_trust_list_t
+				      list, gnutls_x509_crt_t cert,
+				      gnutls_x509_crt_t * issuer,
+				      unsigned int flags);
+
+int gnutls_x509_trust_list_get_issuer_by_dn(gnutls_x509_trust_list_t list,
+				      const gnutls_datum_t *dn,
+				      gnutls_x509_crt_t *issuer,
+				      unsigned int flags);
+
+int gnutls_x509_trust_list_get_issuer_by_subject_key_id(gnutls_x509_trust_list_t list,
+				      const gnutls_datum_t *dn,
+				      const gnutls_datum_t *spki,
+				      gnutls_x509_crt_t *issuer,
+				      unsigned int flags);
+/**
+ * gnutls_trust_list_flags_t:
+ * @GNUTLS_TL_VERIFY_CRL: If any CRLs are provided they will be verified for validity
+ *   prior to be added. The CA certificates that will be used for verification are the
+ *   ones already added in the trusted list.
+ * @GNUTLS_TL_USE_IN_TLS: Internal flag used by GnuTLS. If provided the trust list
+ *   structure will cache a copy of CA DNs to be used in the certificate request
+ *   TLS message.
+ * @GNUTLS_TL_NO_DUPLICATES: If this flag is specified, a function adding certificates
+ *   will check and eliminate any duplicates.
+ * @GNUTLS_TL_NO_DUPLICATE_KEY: If this flag is specified, a certificate sharing the
+ *   same key as a previously added on will not be added.
+ * @GNUTLS_TL_GET_COPY: The semantics of this flag are documented to the functions which
+ *   are applicable. In general, on returned value, the function will provide a copy
+ *   if this flag is provided, rather than a pointer to internal data.
+ * @GNUTLS_TL_FAIL_ON_INVALID_CRL: If an CRL is added which cannot be validated return
+ *   an error instead of ignoring (must be used with %GNUTLS_TL_VERIFY_CRL).
+ *
+ * Enumeration of different certificate trust list flags.
+ */
+typedef enum gnutls_trust_list_flags_t {
+	GNUTLS_TL_VERIFY_CRL = 1,
+#define GNUTLS_TL_VERIFY_CRL 1
+	GNUTLS_TL_USE_IN_TLS = (1<<1),
+#define GNUTLS_TL_USE_IN_TLS (1<<1)
+	GNUTLS_TL_NO_DUPLICATES = (1<<2),
+#define GNUTLS_TL_NO_DUPLICATES (1<<2)
+	GNUTLS_TL_NO_DUPLICATE_KEY = (1<<3),
+#define GNUTLS_TL_NO_DUPLICATE_KEY (1<<3)
+	GNUTLS_TL_GET_COPY = (1<<4),
+#define GNUTLS_TL_GET_COPY (1<<4)
+	GNUTLS_TL_FAIL_ON_INVALID_CRL = (1<<5)
+#define GNUTLS_TL_FAIL_ON_INVALID_CRL (1<<5)
+} gnutls_trust_list_flags_t;
+
+int
+gnutls_x509_trust_list_add_cas(gnutls_x509_trust_list_t list,
+			       const gnutls_x509_crt_t * clist,
+			       unsigned clist_size, unsigned int flags);
+int gnutls_x509_trust_list_remove_cas(gnutls_x509_trust_list_t
+				      list,
+				      const gnutls_x509_crt_t *
+				      clist, unsigned clist_size);
+
+int gnutls_x509_trust_list_add_named_crt(gnutls_x509_trust_list_t
+					 list,
+					 gnutls_x509_crt_t cert,
+					 const void *name,
+					 size_t name_size,
+					 unsigned int flags);
+
+int
+gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list,
+				const gnutls_x509_crl_t *
+				crl_list, unsigned crl_size,
+				unsigned int flags,
+				unsigned int verification_flags);
+
+
+int
+gnutls_x509_trust_list_iter_get_ca(gnutls_x509_trust_list_t list,
+                                   gnutls_x509_trust_list_iter_t *iter,
+                                   gnutls_x509_crt_t *crt);
+
+void gnutls_x509_trust_list_iter_deinit(gnutls_x509_trust_list_iter_t iter);
+
+typedef int gnutls_verify_output_function(gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
+												 /* The issuer if verification failed
+												 * because of him. might be null.
+												 */
+					  gnutls_x509_crl_t crl,	/* The CRL that caused verification failure 
+									 * if any. Might be null.
+									 */
+					  unsigned int
+					  verification_output);
+
+void gnutls_session_set_verify_output_function(gnutls_session_t session,
+		gnutls_verify_output_function * func);
+
+int gnutls_x509_trust_list_verify_named_crt
+    (gnutls_x509_trust_list_t list, gnutls_x509_crt_t cert,
+     const void *name, size_t name_size, unsigned int flags,
+     unsigned int *verify, gnutls_verify_output_function func);
+
+int
+gnutls_x509_trust_list_verify_crt2(gnutls_x509_trust_list_t list,
+				  gnutls_x509_crt_t * cert_list,
+				  unsigned int cert_list_size,
+				  gnutls_typed_vdata_st * data,
+				  unsigned int elements,
+				  unsigned int flags,
+				  unsigned int *voutput,
+				  gnutls_verify_output_function func);
+
+int
+gnutls_x509_trust_list_verify_crt(gnutls_x509_trust_list_t list,
+				  gnutls_x509_crt_t * cert_list,
+				  unsigned int cert_list_size,
+				  unsigned int flags,
+				  unsigned int *verify,
+				  gnutls_verify_output_function func);
+
+	/* trust list convenience functions */
+int
+gnutls_x509_trust_list_add_trust_mem(gnutls_x509_trust_list_t
+				     list,
+				     const gnutls_datum_t * cas,
+				     const gnutls_datum_t * crls,
+				     gnutls_x509_crt_fmt_t type,
+				     unsigned int tl_flags,
+				     unsigned int tl_vflags);
+
+int
+gnutls_x509_trust_list_add_trust_file(gnutls_x509_trust_list_t
+				      list, const char *ca_file,
+				      const char *crl_file,
+				      gnutls_x509_crt_fmt_t type,
+				      unsigned int tl_flags,
+				      unsigned int tl_vflags);
+
+int
+gnutls_x509_trust_list_add_trust_dir(gnutls_x509_trust_list_t list,
+				      const char *ca_dir,
+				      const char *crl_dir,
+				      gnutls_x509_crt_fmt_t type,
+				      unsigned int tl_flags,
+				      unsigned int tl_vflags);
+
+int
+gnutls_x509_trust_list_remove_trust_file(gnutls_x509_trust_list_t
+					 list,
+					 const char *ca_file,
+					 gnutls_x509_crt_fmt_t type);
+
+int
+gnutls_x509_trust_list_remove_trust_mem(gnutls_x509_trust_list_t
+					list,
+					const gnutls_datum_t *
+					cas, gnutls_x509_crt_fmt_t type);
+
+int
+gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t
+					list,
+					unsigned int tl_flags,
+					unsigned int tl_vflags);
+
+typedef int gnutls_x509_trust_list_getissuer_function(gnutls_x509_trust_list_t list,
+						      const gnutls_x509_crt_t cert,
+						      gnutls_x509_crt_t **issuers,
+						      unsigned int *issuers_size);
+
+void gnutls_x509_trust_list_set_getissuer_function(gnutls_x509_trust_list_t tlist,
+				gnutls_x509_trust_list_getissuer_function *func);
+
+void gnutls_x509_trust_list_set_ptr(gnutls_x509_trust_list_t tlist, void *ptr);
+
+void *gnutls_x509_trust_list_get_ptr(gnutls_x509_trust_list_t tlist);
+
+void gnutls_certificate_set_trust_list
+    (gnutls_certificate_credentials_t res,
+     gnutls_x509_trust_list_t tlist, unsigned flags);
+void gnutls_certificate_get_trust_list
+    (gnutls_certificate_credentials_t res,
+     gnutls_x509_trust_list_t *tlist);
+
+typedef struct gnutls_x509_ext_st {
+	char *oid;
+	unsigned int critical;
+	gnutls_datum_t data;
+} gnutls_x509_ext_st;
+
+void gnutls_x509_ext_deinit(gnutls_x509_ext_st *ext);
+
+int
+gnutls_x509_ext_print(gnutls_x509_ext_st *exts, unsigned int exts_size,
+		      gnutls_certificate_print_formats_t format,
+		      gnutls_datum_t * out);
+
+#include <gnutls/pkcs7.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* GNUTLS_X509_H */
diff --git a/lib/inih/LICENSE.txt b/lib/inih/LICENSE.txt
new file mode 100644
index 0000000..cb7ee2d
--- /dev/null
+++ b/lib/inih/LICENSE.txt
@@ -0,0 +1,27 @@
+
+The "inih" library is distributed under the New BSD license:
+
+Copyright (c) 2009, Ben Hoyt
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+    * Neither the name of Ben Hoyt nor the names of its contributors
+      may be used to endorse or promote products derived from this software
+      without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY BEN HOYT ''AS IS'' AND ANY
+EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL BEN HOYT BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/lib/inih/ini.c b/lib/inih/ini.c
new file mode 100644
index 0000000..0393625
--- /dev/null
+++ b/lib/inih/ini.c
@@ -0,0 +1,205 @@
+/* inih -- simple .INI file parser
+
+inih is released under the New BSD license (see LICENSE.txt). Go to the project
+home page for more info:
+
+https://github.com/benhoyt/inih
+
+*/
+
+#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_WARNINGS)
+#define _CRT_SECURE_NO_WARNINGS
+#endif
+
+#include <stdio.h>
+#include <ctype.h>
+#include <string.h>
+
+#include "ini.h"
+
+#if !INI_USE_STACK
+#include <stdlib.h>
+#endif
+
+#define MAX_SECTION 50
+#define MAX_NAME 50
+
+/* Strip whitespace chars off end of given string, in place. Return s. */
+static char* rstrip(char* s)
+{
+    char* p = s + strlen(s);
+    while (p > s && isspace((unsigned char)(*--p)))
+        *p = '\0';
+    return s;
+}
+
+/* Return pointer to first non-whitespace char in given string. */
+static char* lskip(const char* s)
+{
+    while (*s && isspace((unsigned char)(*s)))
+        s++;
+    return (char*)s;
+}
+
+/* Return pointer to first char (of chars) or inline comment in given string,
+   or pointer to null at end of string if neither found. Inline comment must
+   be prefixed by a whitespace character to register as a comment. */
+static char* find_chars_or_comment(const char* s, const char* chars)
+{
+#if INI_ALLOW_INLINE_COMMENTS
+    int was_space = 0;
+    while (*s && (!chars || !strchr(chars, *s)) &&
+           !(was_space && strchr(INI_INLINE_COMMENT_PREFIXES, *s))) {
+        was_space = isspace((unsigned char)(*s));
+        s++;
+    }
+#else
+    while (*s && (!chars || !strchr(chars, *s))) {
+        s++;
+    }
+#endif
+    return (char*)s;
+}
+
+/* Version of strncpy that ensures dest (size bytes) is null-terminated. */
+static char* strncpy0(char* dest, const char* src, size_t size)
+{
+    strncpy(dest, src, size - 1);
+    dest[size - 1] = '\0';
+    return dest;
+}
+
+/* See documentation in header file. */
+int ini_parse_file(FILE* file, ini_handler handler, void* user)
+{
+    /* Uses a fair bit of stack (use heap instead if you need to) */
+#if INI_USE_STACK
+    char line[INI_MAX_LINE];
+    int max_line = INI_MAX_LINE;
+#else
+    char* line;
+    int max_line = INI_INITIAL_ALLOC;
+#endif
+#if INI_ALLOW_REALLOC && !INI_USE_STACK
+    char* new_line;
+    int offset;
+#endif
+    char section[MAX_SECTION] = "";
+    char prev_name[MAX_NAME] = "";
+
+    char* end;
+    char* name;
+    char* value;
+    int lineno = 0;
+    int error = 0;
+
+#if !INI_USE_STACK
+    line = (char*)malloc(INI_INITIAL_ALLOC);
+    if (!line) {
+        return -2;
+    }
+#endif
+
+#if INI_HANDLER_LINENO
+#define HANDLER(u, s, n, v) handler(u, s, n, v, lineno)
+#else
+#define HANDLER(u, s, n, v) handler(u, s, n, v)
+#endif
+
+    /* Scan through stream line by line */
+    while (fgets(line, max_line, file) != NULL) {
+        char* start;
+#if INI_ALLOW_REALLOC && !INI_USE_STACK
+        offset = strlen(line);
+        while (offset == max_line - 1 && line[offset - 1] != '\n') {
+            max_line *= 2;
+            if (max_line > INI_MAX_LINE)
+                max_line = INI_MAX_LINE;
+            new_line = realloc(line, max_line);
+            if (!new_line) {
+                free(line);
+                return -2;
+            }
+            line = new_line;
+            if (fgets(line + offset, max_line - offset, file) == NULL)
+                break;
+            if (max_line >= INI_MAX_LINE)
+                break;
+            offset += strlen(line + offset);
+        }
+#endif
+
+        lineno++;
+
+        start = line;
+#if INI_ALLOW_BOM
+        if (lineno == 1 && (unsigned char)start[0] == 0xEF &&
+                           (unsigned char)start[1] == 0xBB &&
+                           (unsigned char)start[2] == 0xBF) {
+            start += 3;
+        }
+#endif
+        start = lskip(rstrip(start));
+
+        if (strchr(INI_START_COMMENT_PREFIXES, *start)) {
+            /* Start-of-line comment */
+        }
+#if INI_ALLOW_MULTILINE
+        else if (*prev_name && *start && start > line) {
+            /* Non-blank line with leading whitespace, treat as continuation
+               of previous name's value (as per Python configparser). */
+            if (!HANDLER(user, section, prev_name, start) && !error)
+                error = lineno;
+        }
+#endif
+        else if (*start == '[') {
+            /* A "[section]" line */
+            end = find_chars_or_comment(start + 1, "]");
+            if (*end == ']') {
+                *end = '\0';
+                strncpy0(section, start + 1, sizeof(section));
+                *prev_name = '\0';
+            }
+            else if (!error) {
+                /* No ']' found on section line */
+                error = lineno;
+            }
+        }
+        else if (*start) {
+            /* Not a comment, must be a name[=:]value pair */
+            end = find_chars_or_comment(start, "=:");
+            if (*end == '=' || *end == ':') {
+                *end = '\0';
+                name = rstrip(start);
+                value = end + 1;
+#if INI_ALLOW_INLINE_COMMENTS
+                end = find_chars_or_comment(value, NULL);
+                if (*end)
+                    *end = '\0';
+#endif
+                value = lskip(value);
+                rstrip(value);
+
+                /* Valid name[=:]value pair found, call handler */
+                strncpy0(prev_name, name, sizeof(prev_name));
+                if (!HANDLER(user, section, name, value) && !error)
+                    error = lineno;
+            }
+            else if (!error) {
+                /* No '=' or ':' found on name[=:]value line */
+                error = lineno;
+            }
+        }
+
+#if INI_STOP_ON_FIRST_ERROR
+        if (error)
+            break;
+#endif
+    }
+
+#if !INI_USE_STACK
+    free(line);
+#endif
+
+    return error;
+}
diff --git a/lib/inih/ini.h b/lib/inih/ini.h
new file mode 100644
index 0000000..a8fef27
--- /dev/null
+++ b/lib/inih/ini.h
@@ -0,0 +1,105 @@
+/* inih -- simple .INI file parser
+
+inih is released under the New BSD license (see LICENSE.txt). Go to the project
+home page for more info:
+
+https://github.com/benhoyt/inih
+
+*/
+
+#ifndef __INI_H__
+#define __INI_H__
+
+/* Make this header file easier to include in C++ code */
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <stdio.h>
+#include <config.h>
+
+/* Nonzero if ini_handler callback should accept lineno parameter. */
+#ifndef INI_HANDLER_LINENO
+#define INI_HANDLER_LINENO 0
+#endif
+
+/* Typedef for prototype of handler function. */
+#if INI_HANDLER_LINENO
+typedef int (*ini_handler)(void* user, const char* section,
+                           const char* name, const char* value,
+                           int lineno);
+#else
+typedef int (*ini_handler)(void* user, const char* section,
+                           const char* name, const char* value);
+#endif
+
+/* Typedef for prototype of fgets-style reader function. */
+typedef char* (*ini_reader)(char* str, int num, void* stream);
+
+/* Same as ini_parse(), but takes a FILE* instead of filename. This doesn't
+   close the file when it's finished -- the caller must do that. */
+int ini_parse_file(FILE* file, ini_handler handler, void* user);
+
+/* Nonzero to allow multi-line value parsing, in the style of Python's
+   configparser. If allowed, ini_parse() will call the handler with the same
+   name for each subsequent line parsed. */
+#ifndef INI_ALLOW_MULTILINE
+#define INI_ALLOW_MULTILINE 1
+#endif
+
+/* Nonzero to allow a UTF-8 BOM sequence (0xEF 0xBB 0xBF) at the start of
+   the file. See https://github.com/benhoyt/inih/issues/21 */
+#ifndef INI_ALLOW_BOM
+#define INI_ALLOW_BOM 1
+#endif
+
+/* Chars that begin a start-of-line comment. Per Python configparser, allow
+   both ; and # comments at the start of a line by default. */
+#ifndef INI_START_COMMENT_PREFIXES
+#define INI_START_COMMENT_PREFIXES ";#"
+#endif
+
+/* Nonzero to allow inline comments (with valid inline comment characters
+   specified by INI_INLINE_COMMENT_PREFIXES). Set to 0 to turn off and match
+   Python 3.2+ configparser behaviour. */
+#ifndef INI_ALLOW_INLINE_COMMENTS
+#define INI_ALLOW_INLINE_COMMENTS 1
+#endif
+#ifndef INI_INLINE_COMMENT_PREFIXES
+#define INI_INLINE_COMMENT_PREFIXES ";"
+#endif
+
+/* Nonzero to use stack for line buffer, zero to use heap (malloc/free). */
+#ifndef INI_USE_STACK
+#define INI_USE_STACK 1
+#endif
+
+/* Maximum line length for any line in INI file (stack or heap). Note that
+   this must be 3 more than the longest line (due to '\r', '\n', and '\0'). */
+#ifndef INI_MAX_LINE
+#define INI_MAX_LINE 200
+#endif
+
+/* Nonzero to allow heap line buffer to grow via realloc(), zero for a
+   fixed-size buffer of INI_MAX_LINE bytes. Only applies if INI_USE_STACK is
+   zero. */
+#ifndef INI_ALLOW_REALLOC
+#define INI_ALLOW_REALLOC 0
+#endif
+
+/* Initial size in bytes for heap line buffer. Only applies if INI_USE_STACK
+   is zero. */
+#ifndef INI_INITIAL_ALLOC
+#define INI_INITIAL_ALLOC 200
+#endif
+
+/* Stop parsing on first error (default is to keep parsing). */
+#ifndef INI_STOP_ON_FIRST_ERROR
+#define INI_STOP_ON_FIRST_ERROR 0
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __INI_H__ */
diff --git a/lib/iov.c b/lib/iov.c
new file mode 100644
index 0000000..d148ac9
--- /dev/null
+++ b/lib/iov.c
@@ -0,0 +1,200 @@
+/*
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "iov.h"
+
+/**
+ * _gnutls_iov_iter_init:
+ * @iter: the iterator
+ * @iov: the data buffers
+ * @iov_count: the number of data buffers
+ * @block_size: block size to iterate
+ *
+ * Initialize the iterator.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned
+ */
+int
+_gnutls_iov_iter_init(struct iov_iter_st *iter,
+		      const giovec_t *iov, size_t iov_count,
+		      size_t block_size)
+{
+	if (unlikely(block_size > MAX_CIPHER_BLOCK_SIZE))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	iter->iov = iov;
+	iter->iov_count = iov_count;
+	iter->iov_index = 0;
+	iter->iov_offset = 0;
+	iter->block_size = block_size;
+	iter->block_offset = 0;
+	return 0;
+}
+
+/**
+ * _gnutls_iov_iter_next:
+ * @iter: the iterator
+ * @data: the return location of extracted data
+ *
+ * Retrieve block(s) pointed by @iter and advance it to the next
+ * position.  It returns the number of bytes in @data.  At the end of
+ * iteration, 0 is returned.
+ *
+ * If the data stored in @iter is not multiple of the block size, the
+ * remaining data is stored in the "block" field of @iter with the
+ * size stored in the "block_offset" field.
+ *
+ * Returns: On success, a value greater than or equal to zero is
+ *   returned, otherwise a negative error code is returned
+ */
+ssize_t
+_gnutls_iov_iter_next(struct iov_iter_st *iter, uint8_t **data)
+{
+	while (iter->iov_index < iter->iov_count) {
+		const giovec_t *iov = &iter->iov[iter->iov_index];
+		uint8_t *p = iov->iov_base;
+		size_t len = iov->iov_len;
+		size_t block_left;
+
+		if (!p) {
+			// skip NULL iov entries, else we run into issues below
+			iter->iov_index++;
+			continue;
+		}
+
+		if (unlikely(len < iter->iov_offset))
+			return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+		len -= iter->iov_offset;
+		p += iter->iov_offset;
+
+		/* We have at least one full block, return a whole set
+		 * of full blocks immediately. */
+		if (iter->block_offset == 0 && len >= iter->block_size) {
+			if ((len % iter->block_size) == 0) {
+				iter->iov_index++;
+				iter->iov_offset = 0;
+			} else {
+				len -= (len % iter->block_size);
+				iter->iov_offset += len;
+			}
+
+			/* Return the blocks. */
+			*data = p;
+			return len;
+		}
+
+		/* We can complete one full block to return. */
+		block_left = iter->block_size - iter->block_offset;
+		if (len >= block_left) {
+			memcpy(iter->block + iter->block_offset, p, block_left);
+			if (len == block_left) {
+				iter->iov_index++;
+				iter->iov_offset = 0;
+			} else
+				iter->iov_offset += block_left;
+			iter->block_offset = 0;
+
+			/* Return the filled block. */
+			*data = iter->block;
+			return iter->block_size;
+		}
+
+		/* Not enough data for a full block, store in temp
+		 * memory and continue. */
+		memcpy(iter->block + iter->block_offset, p, len);
+		iter->block_offset += len;
+		iter->iov_index++;
+		iter->iov_offset = 0;
+	}
+
+	if (iter->block_offset > 0) {
+		size_t len = iter->block_offset;
+
+		/* Return the incomplete block. */
+		*data = iter->block;
+		iter->block_offset = 0;
+		return len;
+	}
+
+	return 0;
+}
+
+/**
+ * _gnutls_iov_iter_sync:
+ * @iter: the iterator
+ * @data: data returned by _gnutls_iov_iter_next
+ * @data_size: size of @data
+ *
+ * Flush the content of temp buffer (if any) to the data buffer.
+ */
+int
+_gnutls_iov_iter_sync(struct iov_iter_st *iter, const uint8_t *data,
+		      size_t data_size)
+{
+	size_t iov_index;
+	size_t iov_offset;
+
+	/* We didn't return the cached block. */
+	if (data != iter->block)
+		return 0;
+
+	iov_index = iter->iov_index;
+	iov_offset = iter->iov_offset;
+
+	/* When syncing a cache block we walk backwards because we only have a
+	 * pointer to were the block ends in the iovec, walking backwards is
+	 * fine as we are always writing a full block, so the whole content
+	 * is written in the right places:
+	 * iovec:     |--0--|---1---|--2--|-3-|
+	 * block:     |-----------------------|
+	 * 1st write                      |---|
+	 * 2nd write                |-----
+	 * 3rd write        |-------
+	 * last write |-----
+	 */
+	while (data_size > 0) {
+		const giovec_t *iov;
+		uint8_t *p;
+		size_t to_write;
+
+		while (iov_offset == 0) {
+			if (unlikely(iov_index == 0))
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			iov_index--;
+			iov_offset = iter->iov[iov_index].iov_len;
+		}
+
+		iov = &iter->iov[iov_index];
+		p = iov->iov_base;
+		to_write = MIN(data_size, iov_offset);
+
+		iov_offset -= to_write;
+		data_size -= to_write;
+
+		memcpy(p + iov_offset, &iter->block[data_size], to_write);
+	}
+
+	return 0;
+}
diff --git a/lib/iov.h b/lib/iov.h
new file mode 100644
index 0000000..5b99034
--- /dev/null
+++ b/lib/iov.h
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_IOV_H
+#define GNUTLS_LIB_IOV_H
+
+#include "gnutls_int.h"
+
+struct iov_iter_st {
+	const giovec_t *iov;
+	size_t iov_count;	/* the number of iov */
+	size_t iov_index;	/* index of the current buffer */
+	size_t iov_offset;	/* byte offset in the current buffer */
+
+	uint8_t block[MAX_CIPHER_BLOCK_SIZE]; /* incomplete block for reading */
+	size_t block_size;	/* actual block size of the cipher */
+	size_t block_offset;	/* offset in block */
+};
+
+int _gnutls_iov_iter_init(struct iov_iter_st *iter,
+			  const giovec_t *iov, size_t iov_count,
+			  size_t block_size);
+
+ssize_t _gnutls_iov_iter_next(struct iov_iter_st *iter, uint8_t **data);
+
+int _gnutls_iov_iter_sync(struct iov_iter_st *iter, const uint8_t *data,
+			  size_t data_size);
+
+#endif /* GNUTLS_LIB_IOV_H */
diff --git a/lib/kx.c b/lib/kx.c
new file mode 100644
index 0000000..b016779
--- /dev/null
+++ b/lib/kx.c
@@ -0,0 +1,834 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains functions which are wrappers for the key exchange
+ * part of TLS. They are called by the handshake functions (gnutls_handshake)
+ */
+
+#include "gnutls_int.h"
+#include "handshake.h"
+#include "kx.h"
+#include "dh.h"
+#include "errors.h"
+#include "algorithms.h"
+#include "debug.h"
+#include "locks.h"
+#include "mpi.h"
+#include <state.h>
+#include <datum.h>
+#include <mbuffers.h>
+
+/* This file contains important thing for the TLS handshake procedure.
+ */
+
+#define MASTER_SECRET "master secret"
+#define MASTER_SECRET_SIZE (sizeof(MASTER_SECRET)-1)
+
+#define EXT_MASTER_SECRET "extended master secret"
+#define EXT_MASTER_SECRET_SIZE (sizeof(EXT_MASTER_SECRET)-1)
+
+GNUTLS_STATIC_MUTEX(keylog_mutex);
+static FILE *keylog;
+
+static int generate_normal_master(gnutls_session_t session,
+				  gnutls_datum_t *, int);
+
+int _gnutls_generate_master(gnutls_session_t session, int keep_premaster)
+{
+	if (!session->internals.resumed)
+		return generate_normal_master(session, &session->key.key,
+					      keep_premaster);
+	else if (session->internals.premaster_set) {
+		gnutls_datum_t premaster;
+		premaster.size =
+		    sizeof(session->internals.resumed_security_parameters.
+			   master_secret);
+		premaster.data =
+		    session->internals.resumed_security_parameters.
+		    master_secret;
+		return generate_normal_master(session, &premaster, 1);
+	}
+	return 0;
+}
+
+/**
+ * gnutls_session_get_keylog_function:
+ * @session: is #gnutls_session_t type
+ *
+ * This function will return the callback function set using
+ * gnutls_session_set_keylog_function().
+ *
+ * Returns: The function set or %NULL otherwise.
+ *
+ * Since: 3.6.13
+ */
+gnutls_keylog_func
+gnutls_session_get_keylog_function(const gnutls_session_t session)
+{
+	return session->internals.keylog_func;
+}
+
+/**
+ * gnutls_session_set_keylog_function:
+ * @session: is #gnutls_session_t type
+ * @func: is the function to be called
+ *
+ * This function will set a callback to be called when a new secret is
+ * derived and installed during handshake.
+ *
+ * Since: 3.6.13
+ */
+void
+gnutls_session_set_keylog_function(gnutls_session_t session,
+				   gnutls_keylog_func func)
+{
+	session->internals.keylog_func = func;
+}
+
+int
+_gnutls_call_keylog_func(gnutls_session_t session,
+			 const char *label,
+			 const uint8_t *data,
+			 unsigned size)
+{
+	if (session->internals.keylog_func) {
+		gnutls_datum_t secret = {(void*)data, size};
+		return session->internals.keylog_func(session, label, &secret);
+	}
+	return 0;
+}
+
+int
+_gnutls_nss_keylog_func(gnutls_session_t session,
+			const char *label,
+			const gnutls_datum_t *secret)
+{
+	/* ignore subsequent traffic secrets that are calculated from
+	 * the previous traffic secret
+	 */
+	if (!session->internals.handshake_in_progress)
+		return 0;
+
+	_gnutls_nss_keylog_write(session, label, secret->data, secret->size);
+	return 0;
+}
+
+/* GCC analyzer doesn't like static FILE pointer */
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wanalyzer-file-leak"
+
+GNUTLS_ONCE(keylog_once);
+
+static void
+keylog_once_init(void)
+{
+	const char *keylogfile;
+
+	keylogfile = secure_getenv("SSLKEYLOGFILE");
+	if (keylogfile != NULL && *keylogfile != '\0') {
+		keylog = fopen(keylogfile, "ae");
+		_gnutls_debug_log("unable to open keylog file %s\n",
+				  keylogfile);
+	}
+}
+
+void _gnutls_nss_keylog_write(gnutls_session_t session,
+			      const char *label,
+			      const uint8_t *secret, size_t secret_size)
+{
+	(void)gnutls_once(&keylog_once, keylog_once_init);
+
+	if (keylog) {
+		char client_random_hex[2*GNUTLS_RANDOM_SIZE+1];
+		char secret_hex[2*MAX_HASH_SIZE+1];
+
+		if (gnutls_static_mutex_lock(&keylog_mutex) < 0) {
+			return;
+		}
+		fprintf(keylog, "%s %s %s\n",
+			label,
+			_gnutls_bin2hex(session->security_parameters.
+					client_random, GNUTLS_RANDOM_SIZE,
+					client_random_hex,
+					sizeof(client_random_hex), NULL),
+			_gnutls_bin2hex(secret, secret_size,
+					secret_hex, sizeof(secret_hex), NULL));
+		fflush(keylog);
+		(void)gnutls_static_mutex_unlock(&keylog_mutex);
+	}
+}
+
+void _gnutls_nss_keylog_deinit(void)
+{
+	if (keylog) {
+		fclose(keylog);
+		keylog = NULL;
+	}
+}
+
+#pragma GCC diagnostic pop
+
+/* here we generate the TLS Master secret.
+ */
+static int
+generate_normal_master(gnutls_session_t session,
+		       gnutls_datum_t * premaster, int keep_premaster)
+{
+	int ret = 0;
+	char buf[512];
+
+	_gnutls_hard_log("INT: PREMASTER SECRET[%d]: %s\n",
+			 premaster->size, _gnutls_bin2hex(premaster->data,
+							  premaster->size,
+							  buf, sizeof(buf),
+							  NULL));
+	_gnutls_hard_log("INT: CLIENT RANDOM[%d]: %s\n", 32,
+			 _gnutls_bin2hex(session->security_parameters.
+					 client_random, 32, buf,
+					 sizeof(buf), NULL));
+	_gnutls_hard_log("INT: SERVER RANDOM[%d]: %s\n", 32,
+			 _gnutls_bin2hex(session->security_parameters.
+					 server_random, 32, buf,
+					 sizeof(buf), NULL));
+
+	if (session->security_parameters.ext_master_secret == 0) {
+		uint8_t rnd[2 * GNUTLS_RANDOM_SIZE + 1];
+		memcpy(rnd, session->security_parameters.client_random,
+		       GNUTLS_RANDOM_SIZE);
+		memcpy(&rnd[GNUTLS_RANDOM_SIZE],
+		       session->security_parameters.server_random,
+		       GNUTLS_RANDOM_SIZE);
+
+		_gnutls_memory_mark_defined(session->security_parameters.master_secret,
+					    GNUTLS_MASTER_SIZE);
+#ifdef ENABLE_SSL3
+		if (get_num_version(session) == GNUTLS_SSL3) {
+			ret =
+			    _gnutls_ssl3_generate_random(premaster->data,
+							 premaster->size, rnd,
+							 2 * GNUTLS_RANDOM_SIZE,
+							 GNUTLS_MASTER_SIZE,
+							 session->security_parameters.
+							 master_secret);
+		} else
+#endif
+			ret =
+			    _gnutls_PRF(session, premaster->data, premaster->size,
+					MASTER_SECRET, MASTER_SECRET_SIZE,
+					rnd, 2 * GNUTLS_RANDOM_SIZE,
+					GNUTLS_MASTER_SIZE,
+					session->security_parameters.
+					master_secret);
+		if (ret < 0)
+			_gnutls_memory_mark_undefined(session->security_parameters.master_secret,
+						      GNUTLS_MASTER_SIZE);
+	} else {
+		gnutls_datum_t shash = {NULL, 0};
+
+		/* draft-ietf-tls-session-hash-02 */
+		ret = _gnutls_handshake_get_session_hash(session, &shash);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+#ifdef ENABLE_SSL3
+		if (get_num_version(session) == GNUTLS_SSL3)
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+#endif
+
+		_gnutls_memory_mark_defined(session->security_parameters.master_secret,
+					    GNUTLS_MASTER_SIZE);
+		ret =
+		    _gnutls_PRF(session, premaster->data, premaster->size,
+				EXT_MASTER_SECRET, EXT_MASTER_SECRET_SIZE,
+				shash.data, shash.size,
+				GNUTLS_MASTER_SIZE,
+				session->security_parameters.
+				master_secret);
+		if (ret < 0)
+			_gnutls_memory_mark_undefined(session->security_parameters.master_secret,
+						      GNUTLS_MASTER_SIZE);
+
+		gnutls_free(shash.data);
+	}
+
+	if (!keep_premaster)
+		_gnutls_free_temp_key_datum(premaster);
+
+	if (ret < 0)
+		return ret;
+
+	ret = _gnutls_call_keylog_func(session, "CLIENT_RANDOM",
+				       session->security_parameters.master_secret,
+				       GNUTLS_MASTER_SIZE);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_hard_log("INT: MASTER SECRET[%d]: %s\n",
+			 GNUTLS_MASTER_SIZE,
+			 _gnutls_bin2hex(session->security_parameters.
+					 master_secret, GNUTLS_MASTER_SIZE,
+					 buf, sizeof(buf), NULL));
+
+	return ret;
+}
+
+/* This is called when we want to receive the key exchange message of the
+ * server. It does nothing if this type of message is not required
+ * by the selected ciphersuite. 
+ */
+int _gnutls_send_server_kx_message(gnutls_session_t session, int again)
+{
+	gnutls_buffer_st buf;
+	int ret = 0;
+	mbuffer_st *bufel = NULL;
+
+	if (session->internals.auth_struct->gnutls_generate_server_kx ==
+	    NULL)
+		return 0;
+
+
+	if (again == 0) {
+		ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    session->internals.auth_struct->
+		    gnutls_generate_server_kx(session, &buf);
+
+		if (ret == GNUTLS_E_INT_RET_0) {
+			gnutls_assert();
+			ret = 0;
+			goto cleanup;
+		}
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		bufel = _gnutls_buffer_to_mbuffer(&buf);
+	}
+
+	return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE);
+
+ cleanup:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+/* This function sends a certificate request message to the
+ * client.
+ */
+int _gnutls_send_server_crt_request(gnutls_session_t session, int again)
+{
+	gnutls_buffer_st buf;
+	int ret = 0;
+	mbuffer_st *bufel = NULL;
+
+	if (session->internals.auth_struct->
+	    gnutls_generate_server_crt_request == NULL)
+		return 0;
+
+	if (session->internals.send_cert_req <= 0)
+		return 0;
+
+
+	if (again == 0) {
+		ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    session->internals.auth_struct->
+		    gnutls_generate_server_crt_request(session, &buf);
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		bufel = _gnutls_buffer_to_mbuffer(&buf);
+	}
+
+	return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST);
+
+ cleanup:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+
+/* This is the function for the client to send the key
+ * exchange message 
+ */
+int _gnutls_send_client_kx_message(gnutls_session_t session, int again)
+{
+	gnutls_buffer_st buf;
+	int ret = 0;
+	mbuffer_st *bufel = NULL;
+
+	if (session->internals.auth_struct->gnutls_generate_client_kx ==
+	    NULL)
+		return 0;
+
+	if (again == 0) {
+		ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    session->internals.auth_struct->
+		    gnutls_generate_client_kx(session, &buf);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		bufel = _gnutls_buffer_to_mbuffer(&buf);
+	}
+
+	return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE);
+
+ cleanup:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+
+/* This is the function for the client to send the certificate
+ * verify message
+ */
+int
+_gnutls_send_client_certificate_verify(gnutls_session_t session, int again)
+{
+	gnutls_buffer_st buf;
+	int ret = 0;
+	mbuffer_st *bufel = NULL;
+
+	/* This is a packet that is only sent by the client
+	 */
+	if (session->security_parameters.entity == GNUTLS_SERVER)
+		return 0;
+
+	/* if certificate verify is not needed just exit 
+	 */
+	if (!(session->internals.hsk_flags & HSK_CRT_ASKED))
+		return 0;
+
+
+	if (session->internals.auth_struct->
+	    gnutls_generate_client_crt_vrfy == NULL) {
+		gnutls_assert();
+		return 0;	/* this algorithm does not support cli_crt_vrfy 
+				 */
+	}
+
+	if (again == 0) {
+		ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    session->internals.auth_struct->
+		    gnutls_generate_client_crt_vrfy(session, &buf);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		if (ret == 0)
+			goto cleanup;
+
+
+		bufel = _gnutls_buffer_to_mbuffer(&buf);
+	}
+
+	return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY);
+
+ cleanup:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+/* This is called when we want send our certificate
+ */
+int _gnutls_send_client_certificate(gnutls_session_t session, int again)
+{
+	gnutls_buffer_st buf;
+	int ret = 0;
+	mbuffer_st *bufel = NULL;
+
+	if (!(session->internals.hsk_flags & HSK_CRT_ASKED))
+		return 0;
+
+	if (session->internals.auth_struct->
+	    gnutls_generate_client_certificate == NULL)
+		return 0;
+
+	if (again == 0) {
+		ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+#ifdef ENABLE_SSL3
+		if (get_num_version(session) != GNUTLS_SSL3 ||
+		    session->internals.selected_cert_list_length > 0)
+#endif
+		{
+			/* TLS 1.x or SSL 3.0 with a valid certificate 
+			 */
+			ret =
+			    session->internals.auth_struct->
+			    gnutls_generate_client_certificate(session,
+							       &buf);
+
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+		}
+
+		bufel = _gnutls_buffer_to_mbuffer(&buf);
+	}
+
+#ifdef ENABLE_SSL3
+	/* In the SSL 3.0 protocol we need to send a
+	 * no certificate alert instead of an
+	 * empty certificate.
+	 */
+	if (get_num_version(session) == GNUTLS_SSL3 &&
+	    session->internals.selected_cert_list_length == 0) {
+		_mbuffer_xfree(&bufel);
+		return
+		    gnutls_alert_send(session, GNUTLS_AL_WARNING,
+				      GNUTLS_A_SSL3_NO_CERTIFICATE);
+
+	} else		/* TLS 1.0 or SSL 3.0 with a valid certificate 
+			 */
+#endif
+		return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_CERTIFICATE_PKT);
+
+ cleanup:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+
+/* This is called when we want send our certificate
+ */
+int _gnutls_send_server_certificate(gnutls_session_t session, int again)
+{
+	gnutls_buffer_st buf;
+	int ret = 0;
+	mbuffer_st *bufel = NULL;
+
+	if (session->internals.auth_struct->
+	    gnutls_generate_server_certificate == NULL)
+		return 0;
+
+	if (again == 0) {
+		ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    session->internals.auth_struct->
+		    gnutls_generate_server_certificate(session, &buf);
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		bufel = _gnutls_buffer_to_mbuffer(&buf);
+	}
+
+	return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_CERTIFICATE_PKT);
+
+ cleanup:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+
+int _gnutls_recv_server_kx_message(gnutls_session_t session)
+{
+	gnutls_buffer_st buf;
+	int ret = 0;
+	unsigned int optflag = 0;
+
+	if (session->internals.auth_struct->gnutls_process_server_kx !=
+	    NULL) {
+		/* Server key exchange packet is optional for PSK. */
+		if (_gnutls_session_is_psk(session))
+			optflag = 1;
+
+		ret =
+		    _gnutls_recv_handshake(session,
+					   GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE,
+					   optflag, &buf);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		ret =
+		    session->internals.auth_struct->
+		    gnutls_process_server_kx(session, buf.data,
+					     buf.length);
+		_gnutls_buffer_clear(&buf);
+
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+	}
+	return ret;
+}
+
+int _gnutls_recv_server_crt_request(gnutls_session_t session)
+{
+	gnutls_buffer_st buf;
+	int ret = 0;
+
+	if (session->internals.auth_struct->
+	    gnutls_process_server_crt_request != NULL) {
+
+		ret =
+		    _gnutls_recv_handshake(session,
+					   GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST,
+					   1, &buf);
+		if (ret < 0)
+			return ret;
+
+		if (ret == 0 && buf.length == 0) {
+			_gnutls_buffer_clear(&buf);
+			return 0;	/* ignored */
+		}
+
+		ret =
+		    session->internals.auth_struct->
+		    gnutls_process_server_crt_request(session, buf.data,
+						      buf.length);
+		_gnutls_buffer_clear(&buf);
+		if (ret < 0)
+			return ret;
+
+	}
+	return ret;
+}
+
+int _gnutls_recv_client_kx_message(gnutls_session_t session)
+{
+	gnutls_buffer_st buf;
+	int ret = 0;
+
+
+	/* Do key exchange only if the algorithm permits it */
+	if (session->internals.auth_struct->gnutls_process_client_kx !=
+	    NULL) {
+
+		ret =
+		    _gnutls_recv_handshake(session,
+					   GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE,
+					   0, &buf);
+		if (ret < 0)
+			return ret;
+
+		ret =
+		    session->internals.auth_struct->
+		    gnutls_process_client_kx(session, buf.data,
+					     buf.length);
+		_gnutls_buffer_clear(&buf);
+		if (ret < 0)
+			return ret;
+
+	}
+
+	return ret;
+}
+
+
+int _gnutls_recv_client_certificate(gnutls_session_t session)
+{
+	gnutls_buffer_st buf;
+	int ret = 0;
+	int optional;
+
+	if (session->internals.auth_struct->
+	    gnutls_process_client_certificate == NULL)
+		return 0;
+
+	/* if we have not requested a certificate then just return
+	 */
+	if (session->internals.send_cert_req == 0) {
+		return 0;
+	}
+
+	if (session->internals.send_cert_req == GNUTLS_CERT_REQUIRE)
+		optional = 0;
+	else
+		optional = 1;
+
+	ret =
+	    _gnutls_recv_handshake(session,
+				   GNUTLS_HANDSHAKE_CERTIFICATE_PKT,
+				   optional, &buf);
+
+	if (ret < 0) {
+		/* Handle the case of old SSL3 clients who send
+		 * a warning alert instead of an empty certificate to indicate
+		 * no certificate.
+		 */
+#ifdef ENABLE_SSL3
+		if (optional != 0 &&
+		    ret == GNUTLS_E_WARNING_ALERT_RECEIVED &&
+		    get_num_version(session) == GNUTLS_SSL3 &&
+		    gnutls_alert_get(session) ==
+		    GNUTLS_A_SSL3_NO_CERTIFICATE) {
+
+			/* SSL3 does not send an empty certificate,
+			 * but this alert. So we just ignore it.
+			 */
+			gnutls_assert();
+			return 0;
+		}
+#endif
+
+		/* certificate was required 
+		 */
+		if ((ret == GNUTLS_E_WARNING_ALERT_RECEIVED
+		     || ret == GNUTLS_E_FATAL_ALERT_RECEIVED)
+		    && optional == 0) {
+			gnutls_assert();
+			return GNUTLS_E_NO_CERTIFICATE_FOUND;
+		}
+
+		return ret;
+	}
+
+	if (ret == 0 && buf.length == 0 && optional != 0) {
+		/* Client has not sent the certificate message.
+		 * well I'm not sure we should accept this
+		 * behaviour.
+		 */
+		gnutls_assert();
+		ret = 0;
+		goto cleanup;
+	}
+	ret =
+	    session->internals.auth_struct->
+	    gnutls_process_client_certificate(session, buf.data,
+					      buf.length);
+
+	if (ret < 0 && ret != GNUTLS_E_NO_CERTIFICATE_FOUND) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* ok we should expect a certificate verify message now 
+	 */
+	if (ret == GNUTLS_E_NO_CERTIFICATE_FOUND && optional != 0)
+		ret = 0;
+	else
+		session->internals.hsk_flags |= HSK_CRT_VRFY_EXPECTED;
+
+      cleanup:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+int _gnutls_recv_server_certificate(gnutls_session_t session)
+{
+	gnutls_buffer_st buf;
+	int ret = 0;
+
+	if (session->internals.auth_struct->
+	    gnutls_process_server_certificate != NULL) {
+
+		ret =
+		    _gnutls_recv_handshake(session,
+					   GNUTLS_HANDSHAKE_CERTIFICATE_PKT,
+					   0, &buf);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		ret =
+		    session->internals.auth_struct->
+		    gnutls_process_server_certificate(session, buf.data,
+						      buf.length);
+		_gnutls_buffer_clear(&buf);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	return ret;
+}
+
+
+/* Recv the client certificate verify. This packet may not
+ * arrive if the peer did not send us a certificate.
+ */
+int
+_gnutls_recv_client_certificate_verify_message(gnutls_session_t session)
+{
+	gnutls_buffer_st buf;
+	int ret = 0;
+
+
+	if (session->internals.auth_struct->
+	    gnutls_process_client_crt_vrfy == NULL)
+		return 0;
+
+	if (session->internals.send_cert_req == 0 ||
+	    (!(session->internals.hsk_flags & HSK_CRT_VRFY_EXPECTED))) {
+		return 0;
+	}
+
+	ret =
+	    _gnutls_recv_handshake(session,
+				   GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY,
+				   1, &buf);
+	if (ret < 0)
+		return ret;
+
+	if (ret == 0 && buf.length == 0
+	    && session->internals.send_cert_req == GNUTLS_CERT_REQUIRE) {
+		/* certificate was required */
+		gnutls_assert();
+		ret = GNUTLS_E_NO_CERTIFICATE_FOUND;
+		goto cleanup;
+	}
+
+	ret =
+	    session->internals.auth_struct->
+	    gnutls_process_client_crt_vrfy(session, buf.data, buf.length);
+
+      cleanup:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
diff --git a/lib/kx.h b/lib/kx.h
new file mode 100644
index 0000000..6b4a7fc
--- /dev/null
+++ b/lib/kx.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_KX_H
+#define GNUTLS_LIB_KX_H
+
+int _gnutls_send_server_kx_message(gnutls_session_t session, int again);
+int _gnutls_send_client_kx_message(gnutls_session_t session, int again);
+int _gnutls_recv_server_kx_message(gnutls_session_t session);
+int _gnutls_recv_client_kx_message(gnutls_session_t session);
+int _gnutls_send_client_certificate_verify(gnutls_session_t session,
+					   int again);
+int _gnutls_send_server_certificate(gnutls_session_t session, int again);
+int _gnutls_generate_master(gnutls_session_t session, int keep_premaster);
+int _gnutls_recv_client_certificate(gnutls_session_t session);
+int _gnutls_recv_server_certificate(gnutls_session_t session);
+int _gnutls_send_client_certificate(gnutls_session_t session, int again);
+int _gnutls_recv_server_crt_request(gnutls_session_t session);
+int _gnutls_send_server_crt_request(gnutls_session_t session, int again);
+int _gnutls_recv_client_certificate_verify_message(gnutls_session_t
+						   session);
+int _gnutls_call_keylog_func(gnutls_session_t session,
+			     const char *label,
+			     const uint8_t *data,
+			     unsigned size);
+void _gnutls_nss_keylog_write(gnutls_session_t session,
+			      const char *label,
+			      const uint8_t *secret, size_t secret_size);
+int _gnutls_nss_keylog_func(gnutls_session_t session,
+			    const char *label,
+			    const gnutls_datum_t *secret);
+
+#endif /* GNUTLS_LIB_KX_H */
diff --git a/lib/libgnutls.map b/lib/libgnutls.map
new file mode 100644
index 0000000..9e869d0
--- /dev/null
+++ b/lib/libgnutls.map
@@ -0,0 +1,1515 @@
+# libgnutls.map -- libgnutls linker version script.           -*- ld-script -*-
+# Copyright (C) 2005-2012 Free Software Foundation, Inc.
+#
+# Author: Simon Josefsson
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 2.1 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+# When new symbols are added in a release (x.y.z) they are added
+# as GNUTLS_x_y_z { global: new_symbol } GNUTLS_prev_release_version
+# That allows tools like rpm detect the correct library dependency of an application.
+# See CONTRIBUTION.md symbol versioning section for more information.
+
+GNUTLS_3_4
+{
+  global:
+	gnutls_alert_get;
+	gnutls_alert_get_name;
+	gnutls_alert_send;
+	gnutls_alert_send_appropriate;
+	gnutls_anon_allocate_client_credentials;
+	gnutls_anon_allocate_server_credentials;
+	gnutls_anon_free_client_credentials;
+	gnutls_anon_free_server_credentials;
+	gnutls_anon_set_params_function;
+	gnutls_anon_set_server_dh_params;
+	gnutls_anon_set_server_params_function;
+	gnutls_auth_client_get_type;
+	gnutls_auth_get_type;
+	gnutls_auth_server_get_type;
+	gnutls_bye;
+	gnutls_calloc;
+	gnutls_certificate_activation_time_peers;
+	gnutls_certificate_allocate_credentials;
+	gnutls_certificate_client_get_request_status;
+	gnutls_certificate_expiration_time_peers;
+	gnutls_certificate_free_ca_names;
+	gnutls_certificate_free_cas;
+	gnutls_certificate_free_credentials;
+	gnutls_certificate_free_crls;
+	gnutls_certificate_free_keys;
+	gnutls_certificate_get_ours;
+	gnutls_certificate_get_peers;
+	gnutls_certificate_send_x509_rdn_sequence;
+	gnutls_certificate_server_set_request;
+	gnutls_certificate_set_dh_params;
+	gnutls_certificate_set_openpgp_key;
+	gnutls_certificate_set_openpgp_key_file2;
+	gnutls_certificate_set_openpgp_key_file;
+	gnutls_certificate_set_openpgp_key_mem2;
+	gnutls_certificate_set_openpgp_key_mem;
+	gnutls_certificate_set_openpgp_keyring_file;
+	gnutls_certificate_set_openpgp_keyring_mem;
+	gnutls_certificate_set_params_function;
+	gnutls_certificate_set_verify_flags;
+	gnutls_certificate_set_verify_limits;
+	gnutls_certificate_set_x509_crl;
+	gnutls_certificate_set_x509_crl_file;
+	gnutls_certificate_set_x509_crl_mem;
+	gnutls_certificate_set_x509_key;
+	gnutls_certificate_set_x509_key_file;
+	gnutls_certificate_set_x509_key_mem;
+	gnutls_certificate_set_x509_simple_pkcs12_file;
+	gnutls_certificate_set_x509_trust;
+	gnutls_certificate_set_x509_trust_file;
+	gnutls_certificate_set_x509_trust_mem;
+	gnutls_certificate_type_get;
+	gnutls_certificate_type_get_id;
+	gnutls_certificate_type_get_name;
+	gnutls_certificate_type_list;
+	gnutls_certificate_verify_peers2;
+	gnutls_check_version;
+	gnutls_cipher_get;
+	gnutls_cipher_get_id;
+	gnutls_cipher_get_key_size;
+	gnutls_cipher_get_name;
+	gnutls_cipher_list;
+	gnutls_cipher_suite_get_name;
+	gnutls_cipher_suite_info;
+	gnutls_compression_get;
+	gnutls_compression_get_id;
+	gnutls_compression_get_name;
+	gnutls_compression_list;
+	gnutls_credentials_clear;
+	gnutls_credentials_set;
+	gnutls_db_check_entry;
+	gnutls_db_get_ptr;
+	gnutls_db_remove_session;
+	gnutls_db_set_cache_expiration;
+	gnutls_db_set_ptr;
+	gnutls_db_set_remove_function;
+	gnutls_db_set_retrieve_function;
+	gnutls_db_set_store_function;
+	gnutls_deinit;
+	gnutls_dh_get_group;
+	gnutls_dh_get_peers_public_bits;
+	gnutls_dh_get_prime_bits;
+	gnutls_dh_get_pubkey;
+	gnutls_dh_get_secret_bits;
+	gnutls_dh_params_cpy;
+	gnutls_dh_params_deinit;
+	gnutls_dh_params_export_pkcs3;
+	gnutls_dh_params_export_raw;
+	gnutls_dh_params_generate2;
+	gnutls_dh_params_import_pkcs3;
+	gnutls_dh_params_import_raw;
+	gnutls_dh_params_init;
+	gnutls_dh_set_prime_bits;
+	gnutls_error_is_fatal;
+	gnutls_error_to_alert;
+	gnutls_fingerprint;
+	gnutls_free;
+	gnutls_global_deinit;
+	gnutls_global_init;
+	gnutls_global_set_log_function;
+	gnutls_global_set_log_level;
+	gnutls_global_set_mem_functions;
+	gnutls_handshake;
+	gnutls_handshake_get_last_in;
+	gnutls_handshake_get_last_out;
+	gnutls_handshake_set_max_packet_length;
+	gnutls_handshake_set_post_client_hello_function;
+	gnutls_handshake_set_private_extensions;
+	gnutls_hex2bin;
+	gnutls_hex_decode;
+	gnutls_hex_encode;
+	gnutls_init;
+	gnutls_kx_get;
+	gnutls_kx_get_id;
+	gnutls_kx_get_name;
+	gnutls_kx_list;
+	gnutls_mac_get;
+	gnutls_mac_get_id;
+	gnutls_mac_get_key_size;
+	gnutls_mac_get_name;
+	gnutls_mac_list;
+	gnutls_malloc;
+	gnutls_openpgp_crt_check_hostname;
+	gnutls_openpgp_crt_deinit;
+	gnutls_openpgp_crt_export;
+	gnutls_openpgp_crt_get_auth_subkey;
+	gnutls_openpgp_crt_get_creation_time;
+	gnutls_openpgp_crt_get_expiration_time;
+	gnutls_openpgp_crt_get_fingerprint;
+	gnutls_openpgp_crt_get_key_id;
+	gnutls_openpgp_crt_get_key_usage;
+	gnutls_openpgp_crt_get_name;
+	gnutls_openpgp_crt_get_pk_algorithm;
+	gnutls_openpgp_crt_get_pk_dsa_raw;
+	gnutls_openpgp_crt_get_pk_rsa_raw;
+	gnutls_openpgp_crt_get_preferred_key_id;
+	gnutls_openpgp_crt_get_revoked_status;
+	gnutls_openpgp_crt_get_subkey_count;
+	gnutls_openpgp_crt_get_subkey_creation_time;
+	gnutls_openpgp_crt_get_subkey_expiration_time;
+	gnutls_openpgp_crt_get_subkey_fingerprint;
+	gnutls_openpgp_crt_get_subkey_id;
+	gnutls_openpgp_crt_get_subkey_idx;
+	gnutls_openpgp_crt_get_subkey_pk_algorithm;
+	gnutls_openpgp_crt_get_subkey_pk_dsa_raw;
+	gnutls_openpgp_crt_get_subkey_pk_rsa_raw;
+	gnutls_openpgp_crt_get_subkey_revoked_status;
+	gnutls_openpgp_crt_get_subkey_usage;
+	gnutls_openpgp_crt_get_version;
+	gnutls_openpgp_crt_import;
+	gnutls_openpgp_crt_init;
+	gnutls_openpgp_crt_print;
+	gnutls_openpgp_crt_set_preferred_key_id;
+	gnutls_openpgp_crt_verify_ring;
+	gnutls_openpgp_crt_verify_self;
+	gnutls_openpgp_keyring_check_id;
+	gnutls_openpgp_keyring_deinit;
+	gnutls_openpgp_keyring_get_crt;
+	gnutls_openpgp_keyring_get_crt_count;
+	gnutls_openpgp_keyring_import;
+	gnutls_openpgp_keyring_init;
+	gnutls_openpgp_privkey_deinit;
+	gnutls_openpgp_privkey_export;
+	gnutls_openpgp_privkey_export_dsa_raw;
+	gnutls_openpgp_privkey_export_rsa_raw;
+	gnutls_openpgp_privkey_export_subkey_dsa_raw;
+	gnutls_openpgp_privkey_export_subkey_rsa_raw;
+	gnutls_openpgp_privkey_get_fingerprint;
+	gnutls_openpgp_privkey_get_key_id;
+	gnutls_openpgp_privkey_get_pk_algorithm;
+	gnutls_openpgp_privkey_get_preferred_key_id;
+	gnutls_openpgp_privkey_get_revoked_status;
+	gnutls_openpgp_privkey_get_subkey_count;
+	gnutls_openpgp_privkey_get_subkey_creation_time;
+	gnutls_openpgp_privkey_get_subkey_expiration_time;
+	gnutls_openpgp_privkey_get_subkey_fingerprint;
+	gnutls_openpgp_privkey_get_subkey_id;
+	gnutls_openpgp_privkey_get_subkey_idx;
+	gnutls_openpgp_privkey_get_subkey_pk_algorithm;
+	gnutls_openpgp_privkey_get_subkey_revoked_status;
+	gnutls_openpgp_privkey_import;
+	gnutls_openpgp_privkey_init;
+	gnutls_openpgp_privkey_set_preferred_key_id;
+	gnutls_openpgp_privkey_sign_hash;
+	gnutls_openpgp_send_cert;
+	gnutls_openpgp_set_recv_key_function;
+	gnutls_pem_base64_decode;
+	gnutls_pem_base64_decode2;
+	gnutls_pem_base64_encode;
+	gnutls_pem_base64_encode2;
+	gnutls_perror;
+	gnutls_pk_algorithm_get_name;
+	gnutls_pk_get_id;
+	gnutls_pk_get_name;
+	gnutls_pk_list;
+	gnutls_pkcs12_bag_decrypt;
+	gnutls_pkcs12_bag_deinit;
+	gnutls_pkcs12_bag_encrypt;
+	gnutls_pkcs12_bag_get_count;
+	gnutls_pkcs12_bag_get_data;
+	gnutls_pkcs12_bag_get_friendly_name;
+	gnutls_pkcs12_bag_get_key_id;
+	gnutls_pkcs12_bag_get_type;
+	gnutls_pkcs12_bag_init;
+	gnutls_pkcs12_bag_set_crl;
+	gnutls_pkcs12_bag_set_crt;
+	gnutls_pkcs12_bag_set_data;
+	gnutls_pkcs12_bag_set_friendly_name;
+	gnutls_pkcs12_bag_set_key_id;
+	gnutls_pkcs12_deinit;
+	gnutls_pkcs12_export;
+	gnutls_pkcs12_generate_mac;
+	gnutls_pkcs12_get_bag;
+	gnutls_pkcs12_import;
+	gnutls_pkcs12_init;
+	gnutls_pkcs12_set_bag;
+	gnutls_pkcs12_verify_mac;
+	gnutls_pkcs7_deinit;
+	gnutls_pkcs7_delete_crl;
+	gnutls_pkcs7_delete_crt;
+	gnutls_pkcs7_export;
+	gnutls_pkcs7_get_crl_count;
+	gnutls_pkcs7_get_crl_raw;
+	gnutls_pkcs7_get_crt_count;
+	gnutls_pkcs7_get_crt_raw;
+	gnutls_pkcs7_import;
+	gnutls_pkcs7_init;
+	gnutls_pkcs7_set_crl;
+	gnutls_pkcs7_set_crl_raw;
+	gnutls_pkcs7_set_crt;
+	gnutls_pkcs7_set_crt_raw;
+	gnutls_prf;
+	gnutls_prf_raw;
+	gnutls_priority_deinit;
+	gnutls_priority_init;
+	gnutls_priority_set;
+	gnutls_priority_set_direct;
+	gnutls_protocol_get_id;
+	gnutls_protocol_get_name;
+	gnutls_protocol_get_version;
+	gnutls_protocol_list;
+	gnutls_psk_allocate_client_credentials;
+	gnutls_psk_allocate_server_credentials;
+	gnutls_psk_client_get_hint;
+	gnutls_psk_free_client_credentials;
+	gnutls_psk_free_server_credentials;
+	gnutls_psk_server_get_username;
+	gnutls_psk_set_client_credentials;
+	gnutls_psk_set_client_credentials_function;
+	gnutls_psk_set_params_function;
+	gnutls_psk_set_server_credentials_file;
+	gnutls_psk_set_server_credentials_function;
+	gnutls_psk_set_server_credentials_hint;
+	gnutls_psk_set_server_dh_params;
+	gnutls_psk_set_server_params_function;
+	gnutls_realloc;
+	gnutls_record_check_pending;
+	gnutls_record_disable_padding;
+	gnutls_record_get_direction;
+	gnutls_record_get_max_size;
+	gnutls_record_recv;
+	gnutls_record_send;
+	gnutls_record_set_max_size;
+	gnutls_rehandshake;
+	gnutls_secure_malloc;
+	gnutls_server_name_get;
+	gnutls_server_name_set;
+	gnutls_session_enable_compatibility_mode;
+	gnutls_session_get_data2;
+	gnutls_session_get_data;
+	gnutls_session_get_id;
+	gnutls_session_get_ptr;
+	gnutls_session_is_resumed;
+	gnutls_session_set_data;
+	gnutls_session_set_ptr;
+	gnutls_set_default_priority;
+	gnutls_sign_get_id;
+	gnutls_sign_get_name;
+	gnutls_sign_list;
+	gnutls_srp_1024_group_generator;
+	gnutls_srp_1024_group_prime;
+	gnutls_srp_1536_group_generator;
+	gnutls_srp_1536_group_prime;
+	gnutls_srp_2048_group_generator;
+	gnutls_srp_2048_group_prime;
+	gnutls_srp_allocate_client_credentials;
+	gnutls_srp_allocate_server_credentials;
+	gnutls_srp_base64_decode;
+	gnutls_srp_base64_decode2;
+	gnutls_srp_base64_encode;
+	gnutls_srp_base64_encode2;
+	gnutls_srp_free_client_credentials;
+	gnutls_srp_free_server_credentials;
+	gnutls_srp_server_get_username;
+	gnutls_srp_set_client_credentials;
+	gnutls_srp_set_client_credentials_function;
+	gnutls_srp_set_prime_bits;
+	gnutls_srp_set_server_credentials_file;
+	gnutls_srp_set_server_credentials_function;
+	gnutls_srp_verifier;
+	gnutls_strdup;
+	gnutls_strerror;
+	gnutls_strerror_name;
+	gnutls_supplemental_get_name;
+	gnutls_transport_get_ptr2;
+	gnutls_transport_get_ptr;
+	gnutls_transport_set_errno;
+	gnutls_transport_set_ptr2;
+	gnutls_transport_set_ptr;
+	gnutls_transport_set_pull_function;
+	gnutls_transport_set_push_function;
+	gnutls_x509_crl_check_issuer;
+	gnutls_x509_crl_deinit;
+	gnutls_x509_crl_export;
+	gnutls_x509_crl_get_crt_count;
+	gnutls_x509_crl_get_crt_serial;
+	gnutls_x509_crl_get_dn_oid;
+	gnutls_x509_crl_get_issuer_dn;
+	gnutls_x509_crl_get_issuer_dn_by_oid;
+	gnutls_x509_crl_get_next_update;
+	gnutls_x509_crl_get_signature;
+	gnutls_x509_crl_get_signature_algorithm;
+	gnutls_x509_crl_get_this_update;
+	gnutls_x509_crl_get_version;
+	gnutls_x509_crl_import;
+	gnutls_x509_crl_init;
+	gnutls_x509_crl_print;
+	gnutls_x509_crl_set_crt;
+	gnutls_x509_crl_set_crt_serial;
+	gnutls_x509_crl_set_next_update;
+	gnutls_x509_crl_set_this_update;
+	gnutls_x509_crl_set_version;
+	gnutls_x509_crl_sign2;
+	gnutls_x509_crl_sign;
+	gnutls_x509_crl_verify;
+	gnutls_x509_crq_deinit;
+	gnutls_x509_crq_export;
+	gnutls_x509_crq_get_attribute_by_oid;
+	gnutls_x509_crq_get_challenge_password;
+	gnutls_x509_crq_get_dn;
+	gnutls_x509_crq_get_dn_by_oid;
+	gnutls_x509_crq_get_dn_oid;
+	gnutls_x509_crq_get_pk_algorithm;
+	gnutls_x509_crq_get_version;
+	gnutls_x509_crq_import;
+	gnutls_x509_crq_init;
+	gnutls_x509_crq_set_attribute_by_oid;
+	gnutls_x509_crq_set_challenge_password;
+	gnutls_x509_crq_set_dn_by_oid;
+	gnutls_x509_crq_set_key;
+	gnutls_x509_crq_set_key_rsa_raw;
+	gnutls_x509_crq_set_version;
+	gnutls_x509_crq_sign2;
+	gnutls_x509_crq_sign;
+	gnutls_x509_crt_check_hostname;
+	gnutls_x509_crt_check_issuer;
+	gnutls_x509_crt_check_revocation;
+	gnutls_x509_crt_cpy_crl_dist_points;
+	gnutls_x509_crt_deinit;
+	gnutls_x509_crt_export;
+	gnutls_x509_crt_get_activation_time;
+	gnutls_x509_crt_get_authority_key_id;
+	gnutls_x509_crt_get_basic_constraints;
+	gnutls_x509_crt_get_ca_status;
+	gnutls_x509_crt_get_crl_dist_points;
+	gnutls_x509_crt_get_dn;
+	gnutls_x509_crt_get_dn_by_oid;
+	gnutls_x509_crt_get_dn_oid;
+	gnutls_x509_crt_get_expiration_time;
+	gnutls_x509_crt_get_extension_by_oid;
+	gnutls_x509_crt_get_extension_data;
+	gnutls_x509_crt_get_extension_info;
+	gnutls_x509_crt_get_extension_oid;
+	gnutls_x509_crt_get_fingerprint;
+	gnutls_x509_crt_get_issuer;
+	gnutls_x509_crt_get_issuer_dn;
+	gnutls_x509_crt_get_issuer_dn_by_oid;
+	gnutls_x509_crt_get_issuer_dn_oid;
+	gnutls_x509_crt_get_issuer_unique_id;
+	gnutls_x509_crt_get_key_id;
+	gnutls_x509_crt_get_key_purpose_oid;
+	gnutls_x509_crt_get_key_usage;
+	gnutls_x509_crt_get_pk_algorithm;
+	gnutls_x509_crt_get_pk_dsa_raw;
+	gnutls_x509_crt_get_pk_rsa_raw;
+	gnutls_x509_crt_get_proxy;
+	gnutls_x509_crt_get_raw_dn;
+	gnutls_x509_crt_get_raw_issuer_dn;
+	gnutls_x509_crt_get_serial;
+	gnutls_x509_crt_get_signature;
+	gnutls_x509_crt_get_signature_algorithm;
+	gnutls_x509_crt_get_subject;
+	gnutls_x509_crt_get_subject_alt_name2;
+	gnutls_x509_crt_get_subject_alt_name;
+	gnutls_x509_crt_get_subject_alt_othername_oid;
+	gnutls_x509_crt_get_subject_key_id;
+	gnutls_x509_crt_get_subject_unique_id;
+	gnutls_x509_crt_get_version;
+	gnutls_x509_crt_import;
+	gnutls_x509_crt_init;
+	gnutls_x509_crt_list_import;
+	gnutls_x509_crt_list_verify;
+	gnutls_x509_crt_print;
+	gnutls_x509_crt_set_activation_time;
+	gnutls_x509_crt_set_authority_key_id;
+	gnutls_x509_crt_set_basic_constraints;
+	gnutls_x509_crt_set_ca_status;
+	gnutls_x509_crt_set_crl_dist_points2;
+	gnutls_x509_crt_set_crl_dist_points;
+	gnutls_x509_crt_set_crq;
+	gnutls_x509_crt_set_dn_by_oid;
+	gnutls_x509_crt_set_expiration_time;
+	gnutls_x509_crt_set_extension_by_oid;
+	gnutls_x509_crt_set_issuer_dn_by_oid;
+	gnutls_x509_crt_set_key;
+	gnutls_x509_crt_set_key_purpose_oid;
+	gnutls_x509_crt_set_key_usage;
+	gnutls_x509_crt_set_proxy;
+	gnutls_x509_crt_set_proxy_dn;
+	gnutls_x509_crt_set_serial;
+	gnutls_x509_crt_set_subject_alt_name;
+	gnutls_x509_crt_set_subject_alternative_name;
+	gnutls_x509_crt_set_subject_key_id;
+	gnutls_x509_crt_set_version;
+	gnutls_x509_crt_sign2;
+	gnutls_x509_crt_sign;
+	gnutls_x509_crt_verify;
+	gnutls_x509_dn_deinit;
+	gnutls_x509_dn_export;
+	gnutls_x509_dn_get_rdn_ava;
+	gnutls_x509_dn_import;
+	gnutls_x509_dn_init;
+	gnutls_x509_dn_oid_known;
+	gnutls_x509_privkey_cpy;
+	gnutls_x509_privkey_deinit;
+	gnutls_x509_privkey_export;
+	gnutls_x509_privkey_export_dsa_raw;
+	gnutls_x509_privkey_export_pkcs8;
+	gnutls_x509_privkey_export_rsa_raw;
+	gnutls_x509_privkey_fix;
+	gnutls_x509_privkey_generate;
+	gnutls_x509_privkey_get_key_id;
+	gnutls_x509_privkey_get_pk_algorithm;
+	gnutls_x509_privkey_import;
+	gnutls_x509_privkey_import_dsa_raw;
+	gnutls_x509_privkey_import_pkcs8;
+	gnutls_x509_privkey_import_rsa_raw;
+	gnutls_x509_privkey_init;
+	gnutls_x509_privkey_sign_data;
+	gnutls_x509_privkey_sign_hash;
+	gnutls_x509_rdn_get;
+	gnutls_x509_rdn_get_by_oid;
+	gnutls_x509_rdn_get_oid;
+	gnutls_certificate_set_x509_simple_pkcs12_mem;
+	gnutls_x509_crl_get_authority_key_id;
+	gnutls_x509_crl_get_extension_data;
+	gnutls_x509_crl_get_extension_info;
+	gnutls_x509_crl_get_extension_oid;
+	gnutls_x509_crl_get_number;
+	gnutls_x509_crl_set_authority_key_id;
+	gnutls_x509_crl_set_number;
+	gnutls_x509_crq_get_attribute_data;
+	gnutls_x509_crq_get_attribute_info;
+	gnutls_x509_crq_get_basic_constraints;
+	gnutls_x509_crq_get_extension_by_oid;
+	gnutls_x509_crq_get_extension_data;
+	gnutls_x509_crq_get_extension_info;
+	gnutls_x509_crq_get_key_id;
+	gnutls_x509_crq_get_key_purpose_oid;
+	gnutls_x509_crq_get_key_rsa_raw;
+	gnutls_x509_crq_get_key_usage;
+	gnutls_x509_crq_get_subject_alt_name;
+	gnutls_x509_crq_get_subject_alt_othername_oid;
+	gnutls_x509_crq_print;
+	gnutls_x509_crq_set_basic_constraints;
+	gnutls_x509_crq_set_key_purpose_oid;
+	gnutls_x509_crq_set_key_usage;
+	gnutls_x509_crq_set_subject_alt_name;
+	gnutls_x509_crt_set_crq_extensions;
+	gnutls_session_ticket_key_generate;
+	gnutls_session_ticket_enable_client;
+	gnutls_session_ticket_enable_server;
+	gnutls_x509_crt_get_issuer_alt_name2;
+	gnutls_x509_crt_get_issuer_alt_name;
+	gnutls_x509_crt_get_issuer_alt_othername_oid;
+	gnutls_sign_algorithm_get_requested;
+	gnutls_cipher_init;
+	gnutls_cipher_encrypt;
+	gnutls_cipher_decrypt;
+	gnutls_cipher_deinit;
+	gnutls_cipher_get_block_size;
+	gnutls_hash_init;
+	gnutls_hash_get_len;
+	gnutls_hash;
+	gnutls_hash_fast;
+	gnutls_hash_deinit;
+	gnutls_hash_output;
+	gnutls_hmac_init;
+	gnutls_hmac_get_len;
+	gnutls_hmac;
+	gnutls_hmac_fast;
+	gnutls_hmac_deinit;
+	gnutls_hmac_output;
+	gnutls_certificate_set_verify_function;
+	gnutls_safe_renegotiation_status;
+	gnutls_certificate_set_retrieve_function;
+	gnutls_pkcs11_init;
+	gnutls_pkcs11_deinit;
+	gnutls_pkcs11_set_pin_function;
+	gnutls_pkcs11_set_token_function;
+	gnutls_pkcs11_add_provider;
+	gnutls_pkcs11_obj_init;
+	gnutls_pkcs11_obj_import_url;
+	gnutls_pkcs11_obj_export_url;
+	gnutls_pkcs11_obj_deinit;
+	gnutls_pkcs11_obj_list_import_url3;
+	gnutls_x509_crt_import_pkcs11;
+	gnutls_pkcs11_obj_get_type;
+	gnutls_x509_crt_list_import_pkcs11;
+	gnutls_x509_crt_import_url;
+	gnutls_pkcs11_obj_get_info;
+	gnutls_pkcs11_token_get_info;
+	gnutls_pkcs11_token_get_url;
+	gnutls_pkcs11_privkey_init;
+	gnutls_pkcs11_privkey_deinit;
+	gnutls_pkcs11_privkey_get_pk_algorithm;
+	gnutls_pkcs11_privkey_get_info;
+	gnutls_pkcs11_privkey_import_url;
+	gnutls_pkcs11_obj_export;
+	gnutls_pkcs11_type_get_name;
+	gnutls_privkey_init;
+	gnutls_privkey_deinit;
+	gnutls_privkey_get_pk_algorithm;
+	gnutls_privkey_get_type;
+	gnutls_privkey_import_pkcs11;
+	gnutls_privkey_import_x509;
+	gnutls_privkey_import_openpgp;
+	gnutls_privkey_decrypt_data;
+	gnutls_pkcs11_privkey_export_url;
+	gnutls_x509_crq_privkey_sign;
+	gnutls_x509_crl_privkey_sign;
+	gnutls_x509_crt_privkey_sign;
+	gnutls_pubkey_init;
+	gnutls_pubkey_deinit;
+	gnutls_pubkey_get_pk_algorithm;
+	gnutls_pubkey_import_x509;
+	gnutls_pubkey_import_openpgp;
+	gnutls_pubkey_export;
+	gnutls_pubkey_get_key_id;
+	gnutls_pubkey_get_key_usage;
+	gnutls_pubkey_import_pkcs11;
+	gnutls_pubkey_import_dsa_raw;
+	gnutls_pubkey_import_rsa_raw;
+	gnutls_pubkey_import;
+	gnutls_x509_crt_set_pubkey;
+	gnutls_x509_crq_set_pubkey;
+	gnutls_pkcs11_delete_url;
+	gnutls_x509_privkey_export_rsa_raw2;
+	gnutls_pubkey_get_preferred_hash_algorithm;
+	gnutls_x509_crt_get_preferred_hash_algorithm;
+	gnutls_global_set_mutex;
+	gnutls_transport_set_vec_push_function;
+	gnutls_transport_set_errno_function;
+	gnutls_sec_param_to_pk_bits;
+	gnutls_sec_param_get_name;
+	gnutls_pk_bits_to_sec_param;
+	gnutls_rnd;
+	gnutls_cipher_encrypt2;
+	gnutls_cipher_decrypt2;
+	gnutls_openpgp_privkey_sec_param;
+	gnutls_x509_privkey_sec_param;
+	gnutls_session_channel_binding;
+	gnutls_pkcs11_copy_secret_key;
+	gnutls_pkcs11_token_init;
+	gnutls_pkcs11_token_set_pin;
+	gnutls_pkcs11_token_get_mechanism;
+	gnutls_privkey_sign_hash;
+	gnutls_privkey_sign_data;
+	gnutls_pubkey_import_privkey;
+	gnutls_certificate_get_issuer;
+	gnutls_x509_crq_verify;
+	gnutls_global_set_time_function;
+	gnutls_x509_trust_list_verify_crt;
+	gnutls_x509_trust_list_add_crls;
+	gnutls_x509_trust_list_add_cas;
+	gnutls_x509_trust_list_init;
+	gnutls_x509_trust_list_deinit;
+	gnutls_x509_crl_list_import;
+	gnutls_x509_crl_list_import2;
+	gnutls_x509_crt_list_import2;
+	gnutls_cipher_tag;
+	gnutls_cipher_add_auth;
+	gnutls_dtls_set_timeouts;
+	gnutls_transport_set_pull_timeout_function;
+	gnutls_dtls_get_mtu;
+	gnutls_dtls_set_mtu;
+	gnutls_record_recv_seq;
+	gnutls_key_generate;
+	gnutls_dtls_cookie_verify;
+	gnutls_dtls_cookie_send;
+	gnutls_dtls_prestate_set;
+	gnutls_dtls_get_data_mtu;
+	gnutls_dtls_set_data_mtu;
+	gnutls_cipher_set_iv;
+	gnutls_pcert_deinit;
+	gnutls_pcert_import_x509;
+	gnutls_pcert_import_x509_raw;
+	gnutls_pcert_import_openpgp;
+	gnutls_pcert_import_openpgp_raw;
+	gnutls_pcert_export_x509;
+	gnutls_pcert_export_openpgp;
+	gnutls_pubkey_get_openpgp_key_id;
+	gnutls_certificate_set_retrieve_function2;
+	gnutls_x509_trust_list_get_issuer;
+	gnutls_global_set_audit_log_function;
+	gnutls_ecc_curve_get_name;
+	gnutls_ecc_curve_get_size;
+	gnutls_ecc_curve_get;
+	gnutls_x509_privkey_export_ecc_raw;
+	gnutls_x509_privkey_import_ecc_raw;
+	gnutls_pubkey_verify_data2;
+	gnutls_x509_trust_list_verify_named_crt;
+	gnutls_x509_trust_list_add_named_crt;
+	gnutls_alert_get_strname;
+	gnutls_pcert_list_import_x509_raw;
+	gnutls_pubkey_import_ecc_raw;
+	gnutls_record_get_discarded;
+	gnutls_x509_crt_get_authority_info_access;
+	gnutls_ocsp_req_add_cert;
+	gnutls_ocsp_req_add_cert_id;
+	gnutls_ocsp_req_deinit;
+	gnutls_ocsp_req_export;
+	gnutls_ocsp_req_get_cert_id;
+	gnutls_ocsp_req_get_extension;
+	gnutls_ocsp_req_get_nonce;
+	gnutls_ocsp_req_get_version;
+	gnutls_ocsp_req_import;
+	gnutls_ocsp_req_init;
+	gnutls_ocsp_req_print;
+	gnutls_ocsp_req_randomize_nonce;
+	gnutls_ocsp_req_set_extension;
+	gnutls_ocsp_req_set_nonce;
+	gnutls_ocsp_resp_deinit;
+	gnutls_ocsp_resp_export;
+	gnutls_ocsp_resp_get_certs;
+	gnutls_ocsp_resp_get_extension;
+	gnutls_ocsp_resp_get_nonce;
+	gnutls_ocsp_resp_get_produced;
+	gnutls_ocsp_resp_get_responder;
+	gnutls_ocsp_resp_get_response;
+	gnutls_ocsp_resp_get_signature;
+	gnutls_ocsp_resp_get_signature_algorithm;
+	gnutls_ocsp_resp_get_single;
+	gnutls_ocsp_resp_get_status;
+	gnutls_ocsp_resp_get_version;
+	gnutls_ocsp_resp_import;
+	gnutls_ocsp_resp_init;
+	gnutls_ocsp_resp_print;
+	gnutls_ocsp_resp_verify;
+	gnutls_ocsp_resp_verify_direct;
+	gnutls_privkey_import_ext;
+	gnutls_certificate_set_key;
+	gnutls_srp_3072_group_generator;
+	gnutls_srp_3072_group_prime;
+	gnutls_srp_4096_group_generator;
+	gnutls_srp_4096_group_prime;
+	gnutls_x509_privkey_verify_params;
+	gnutls_priority_get_cipher_suite_index;
+	gnutls_random_art;
+	gnutls_pubkey_encrypt_data;
+	gnutls_x509_dn_oid_name;
+	gnutls_session_resumption_requested;
+	gnutls_pkcs11_reinit;
+	gnutls_x509_crt_get_authority_key_gn_serial;
+	gnutls_x509_crl_get_authority_key_gn_serial;
+	gnutls_ecc_curve_list;
+	gnutls_priority_certificate_type_list;
+	gnutls_priority_sign_list;
+	gnutls_priority_protocol_list;
+	gnutls_priority_compression_list;
+	gnutls_priority_ecc_curve_list;
+	gnutls_verify_stored_pubkey;
+	gnutls_store_commitment;
+	gnutls_store_pubkey;
+	gnutls_dtls_get_timeout;
+	gnutls_tdb_init;
+	gnutls_tdb_set_store_func;
+	gnutls_tdb_set_store_commitment_func;
+	gnutls_tdb_set_verify_func;
+	gnutls_tdb_deinit;
+	gnutls_x509_crt_set_authority_info_access;
+	gnutls_x509_crt_get_private_key_usage_period;
+	gnutls_x509_crq_get_private_key_usage_period;
+	gnutls_x509_crt_set_private_key_usage_period;
+	gnutls_x509_crq_set_private_key_usage_period;
+	gnutls_session_get_random;
+	gnutls_pubkey_verify_hash2;
+	gnutls_pk_to_sign;
+	gnutls_certificate_set_x509_system_trust;
+	gnutls_session_set_premaster;
+	gnutls_ocsp_resp_check_crt;
+	gnutls_pkcs11_get_pin_function;
+	gnutls_pkcs11_obj_list_import_url4;
+	gnutls_x509_trust_list_add_system_trust;
+	gnutls_x509_trust_list_add_trust_file;
+	gnutls_x509_trust_list_add_trust_mem;
+	gnutls_x509_trust_list_iter_get_ca;
+	gnutls_x509_trust_list_iter_deinit;
+	gnutls_pkcs12_simple_parse;
+	gnutls_privkey_import_openpgp_raw;
+	gnutls_privkey_import_x509_raw;
+	gnutls_load_file;
+	gnutls_x509_privkey_import_openssl;
+	gnutls_x509_privkey_import2;
+	gnutls_privkey_import_ext2;
+	gnutls_privkey_import_tpm_raw;
+	gnutls_tpm_privkey_generate;
+	gnutls_pubkey_import_tpm_raw;
+	gnutls_tpm_key_list_deinit;
+	gnutls_tpm_key_list_get_url;
+	gnutls_tpm_get_registered;
+	gnutls_tpm_privkey_delete;
+	gnutls_pubkey_import_tpm_url;
+	gnutls_privkey_import_tpm_url;
+	gnutls_privkey_import_url;
+	gnutls_pubkey_import_url;
+	gnutls_url_is_supported;
+	gnutls_privkey_set_pin_function;
+	gnutls_pubkey_set_pin_function;
+	gnutls_pkcs11_obj_set_pin_function;
+	gnutls_pkcs11_privkey_set_pin_function;
+	gnutls_certificate_set_pin_function;
+	gnutls_x509_crt_set_pin_function;
+	gnutls_handshake_set_timeout;
+	gnutls_sign_get_pk_algorithm;
+	gnutls_sign_get_hash_algorithm;
+	gnutls_sign_algorithm_get;
+	gnutls_x509_privkey_get_pk_algorithm2;
+	gnutls_heartbeat_ping;
+	gnutls_heartbeat_pong;
+	gnutls_heartbeat_enable;
+	gnutls_heartbeat_allowed;
+	gnutls_heartbeat_get_timeout;
+	gnutls_heartbeat_set_timeouts;
+	gnutls_certificate_set_ocsp_status_request_function;
+	gnutls_certificate_set_ocsp_status_request_file;
+	gnutls_ocsp_status_request_enable_client;
+	gnutls_ocsp_status_request_get;
+	gnutls_dh_params_export2_pkcs3;
+	gnutls_pubkey_export2;
+	gnutls_x509_crt_export2;
+	gnutls_x509_dn_export2;
+	gnutls_x509_crl_export2;
+	gnutls_pkcs7_export2;
+	gnutls_x509_privkey_export2;
+	gnutls_x509_privkey_export2_pkcs8;
+	gnutls_x509_crq_export2;
+	gnutls_openpgp_crt_export2;
+	gnutls_openpgp_privkey_export2;
+	gnutls_pkcs11_obj_export2;
+	gnutls_pkcs12_export2;
+	gnutls_pubkey_import_openpgp_raw;
+	gnutls_pubkey_import_x509_raw;
+	gnutls_certificate_get_peers_subkey_id;
+	gnutls_session_get_id2;
+	gnutls_certificate_verify_peers3;
+	gnutls_certificate_verification_status_print;
+	gnutls_srtp_get_profile_id;
+	gnutls_srtp_get_profile_name;
+	gnutls_srtp_get_selected_profile;
+	gnutls_srtp_set_profile;
+	gnutls_srtp_set_profile_direct;
+	gnutls_srtp_get_keys;
+	gnutls_srtp_get_mki;
+	gnutls_srtp_set_mki;
+	gnutls_ocsp_status_request_is_checked;
+	gnutls_sign_is_secure;
+	gnutls_x509_crt_get_policy;
+	gnutls_x509_policy_release;
+	gnutls_x509_crt_set_policy;
+	gnutls_pubkey_import_x509_crq;
+	gnutls_pubkey_print;
+	gnutls_x509_crt_set_dn;
+	gnutls_x509_crq_set_dn;
+	gnutls_x509_crt_set_issuer_dn;
+	gnutls_session_force_valid;
+	gnutls_record_can_use_length_hiding;
+	gnutls_range_split;
+	gnutls_record_send_range;
+	gnutls_db_check_entry_time;
+	gnutls_handshake_set_random;
+	gnutls_record_cork;
+	gnutls_record_uncork;
+	gnutls_transport_set_int2;
+	gnutls_transport_get_int2;
+	gnutls_transport_get_int;
+	gnutls_pkcs11_privkey_status;
+	gnutls_x509_crt_get_issuer_dn2;
+	gnutls_x509_crt_get_dn2;
+	gnutls_x509_crl_get_issuer_dn2;
+	gnutls_x509_crq_get_dn2;
+	gnutls_x509_trust_list_remove_trust_mem;
+	gnutls_x509_trust_list_remove_trust_file;
+	gnutls_x509_trust_list_remove_cas;
+	gnutls_session_get_desc;
+	gnutls_privkey_status;
+	gnutls_cipher_get_iv_size;
+	gnutls_hmac_set_nonce;
+	gnutls_sign_algorithm_get_client;
+	gnutls_certificate_set_x509_key_mem2;
+	gnutls_certificate_set_x509_key_file2;
+	gnutls_alpn_get_selected_protocol;
+	gnutls_alpn_set_protocols;
+	gnutls_session_set_id;
+	gnutls_certificate_set_trust_list;
+	gnutls_certificate_get_trust_list;
+	gnutls_cipher_get_tag_size;
+	gnutls_record_overhead_size;
+	gnutls_handshake_set_hook_function;
+	gnutls_handshake_description_get_name;
+	gnutls_digest_list;
+	gnutls_digest_get_id;
+	gnutls_digest_get_name;
+	gnutls_priority_mac_list;
+	gnutls_priority_cipher_list;
+	gnutls_priority_kx_list;
+	gnutls_record_set_timeout;
+	gnutls_pkcs11_token_get_random;
+	gnutls_pkcs11_obj_export3;
+	gnutls_pkcs11_get_raw_issuer;
+	gnutls_est_record_overhead_size;
+	gnutls_pubkey_set_key_usage;
+	gnutls_x509_privkey_import_rsa_raw2;
+	gnutls_pkcs11_token_get_flags;
+	gnutls_pubkey_import_ecc_x962;
+	gnutls_rnd_refresh;
+	gnutls_mac_get_nonce_size;
+	gnutls_x509_crl_get_raw_issuer_dn;
+	gnutls_certificate_get_crt_raw;
+	gnutls_privkey_generate;
+	gnutls_privkey_export_x509;
+	gnutls_privkey_export_pkcs11;
+	gnutls_privkey_export_openpgp;
+	gnutls_fips140_mode_enabled;
+	gnutls_record_check_corked;
+	gnutls_pkcs11_crt_is_known;
+	gnutls_sec_param_to_symmetric_bits;
+	gnutls_privkey_export_ecc_raw;
+	gnutls_privkey_export_dsa_raw;
+	gnutls_privkey_export_rsa_raw;
+	gnutls_privkey_import_rsa_raw;
+	gnutls_privkey_import_dsa_raw;
+	gnutls_privkey_import_ecc_raw;
+	gnutls_pubkey_export_ecc_x962;
+	gnutls_pubkey_export_ecc_raw;
+	gnutls_pubkey_export_dsa_raw;
+	gnutls_pubkey_export_rsa_raw;
+	gnutls_privkey_verify_params;
+	gnutls_pubkey_verify_params;
+	gnutls_db_get_default_cache_expiration;
+	gnutls_x509_name_constraints_init;
+	gnutls_x509_name_constraints_deinit;
+	gnutls_x509_crt_get_name_constraints;
+	gnutls_x509_name_constraints_add_permitted;
+	gnutls_x509_name_constraints_add_excluded;
+	gnutls_x509_crt_set_name_constraints;
+	gnutls_x509_name_constraints_get_permitted;
+	gnutls_x509_name_constraints_get_excluded;
+	gnutls_x509_name_constraints_check;
+	gnutls_x509_name_constraints_check_crt;
+	gnutls_x509_cidr_to_rfc5280;
+	gnutls_srp_set_server_fake_salt_seed;
+	gnutls_x509_crt_get_extension_data2;
+	gnutls_x509_crq_get_extension_data2;
+	gnutls_x509_crl_get_extension_data2;
+	gnutls_subject_alt_names_init;
+	gnutls_subject_alt_names_deinit;
+	gnutls_subject_alt_names_get;
+	gnutls_subject_alt_names_set;
+	gnutls_x509_ext_import_subject_alt_names;
+	gnutls_x509_ext_export_subject_alt_names;
+	gnutls_x509_crl_dist_points_init;
+	gnutls_x509_crl_dist_points_deinit;
+	gnutls_x509_crl_dist_points_get;
+	gnutls_x509_crl_dist_points_set;
+	gnutls_x509_ext_import_crl_dist_points;
+	gnutls_x509_ext_export_crl_dist_points;
+	gnutls_x509_ext_import_name_constraints;
+	gnutls_x509_ext_export_name_constraints;
+	gnutls_x509_aia_init;
+	gnutls_x509_aia_deinit;
+	gnutls_x509_aia_get;
+	gnutls_x509_aia_set;
+	gnutls_x509_ext_import_aia;
+	gnutls_x509_ext_export_aia;
+	gnutls_x509_ext_import_subject_key_id;
+	gnutls_x509_ext_export_subject_key_id;
+	gnutls_x509_ext_export_authority_key_id;
+	gnutls_x509_ext_import_authority_key_id;
+	gnutls_x509_aki_init;
+	gnutls_x509_aki_get_id;
+	gnutls_x509_aki_get_cert_issuer;
+	gnutls_x509_aki_set_id;
+	gnutls_x509_aki_set_cert_issuer;
+	gnutls_x509_aki_deinit;
+	gnutls_x509_ext_import_private_key_usage_period;
+	gnutls_x509_ext_export_private_key_usage_period;
+	gnutls_x509_ext_import_basic_constraints;
+	gnutls_x509_ext_export_basic_constraints;
+	gnutls_x509_ext_import_key_usage;
+	gnutls_x509_ext_export_key_usage;
+	gnutls_x509_ext_import_proxy;
+	gnutls_x509_ext_export_proxy;
+	gnutls_x509_policies_init;
+	gnutls_x509_policies_deinit;
+	gnutls_x509_policies_get;
+	gnutls_x509_policies_set;
+	gnutls_x509_ext_import_policies;
+	gnutls_x509_ext_export_policies;
+	gnutls_x509_crt_set_issuer_alt_name;
+	gnutls_x509_key_purpose_init;
+	gnutls_x509_key_purpose_deinit;
+	gnutls_x509_key_purpose_set;
+	gnutls_x509_key_purpose_get;
+	gnutls_x509_ext_import_key_purposes;
+	gnutls_x509_ext_export_key_purposes;
+	gnutls_x509_crt_check_hostname2;
+	gnutls_openpgp_crt_check_hostname2;
+	gnutls_certificate_verify_peers;
+	gnutls_certificate_get_verify_flags;
+	gnutls_certificate_get_x509_key;
+	gnutls_certificate_get_x509_crt;
+	gnutls_certificate_get_openpgp_key;
+	gnutls_certificate_get_openpgp_crt;
+	gnutls_credentials_get;
+	gnutls_x509_crl_iter_crt_serial;
+	gnutls_x509_crl_iter_deinit;
+	gnutls_packet_deinit;
+	gnutls_record_recv_packet;
+	gnutls_packet_get;
+	gnutls_x509_trust_list_add_trust_dir;
+	gnutls_certificate_set_x509_trust_dir;
+	gnutls_pkcs_schema_get_name;
+	gnutls_pkcs_schema_get_oid;
+	gnutls_pkcs8_info;
+	gnutls_pkcs12_bag_enc_info;
+	gnutls_pkcs11_privkey_export_pubkey;
+	gnutls_pkcs11_obj_flags_get_str;
+	gnutls_pkcs11_obj_get_flags;
+	gnutls_pkcs12_mac_info;
+	gnutls_pkcs12_generate_mac2;
+	gnutls_x509_trust_list_verify_crt2;
+	gnutls_x509_crt_get_extension_by_oid2;
+	gnutls_x509_crq_get_extension_by_oid2;
+	gnutls_pkcs11_obj_get_exts;
+	gnutls_x509_ext_deinit;
+	gnutls_x509_ext_print;
+	gnutls_x509_othername_to_virtual;
+	gnutls_pkcs11_copy_attached_extension;
+	gnutls_pkcs11_privkey_cpy;
+	gnutls_x509_crq_get_signature_algorithm;
+	gnutls_privkey_import_ext3;
+	gnutls_record_discard_queued;
+	gnutls_session_ext_master_secret_status;
+	gnutls_session_etm_status;
+	gnutls_priority_string_list;
+	gnutls_aead_cipher_init;
+	gnutls_aead_cipher_decrypt;
+	gnutls_aead_cipher_encrypt;
+	gnutls_aead_cipher_deinit;
+	gnutls_dh_params_import_raw2;
+	gnutls_memset;
+	gnutls_memcmp;
+	gnutls_pkcs12_bag_set_privkey;
+	gnutls_x509_privkey_set_pin_function;
+	gnutls_ocsp_resp_get_responder_raw_id;
+	gnutls_system_key_iter_deinit;
+	gnutls_system_key_iter_get_info;
+	gnutls_system_key_delete;
+	gnutls_system_key_add_x509;
+	gnutls_register_custom_url;
+	gnutls_pcert_import_x509_list;
+	gnutls_pkcs11_get_raw_issuer_by_dn;
+	gnutls_x509_trust_list_get_issuer_by_dn;
+	gnutls_system_recv_timeout;
+	gnutls_record_set_state;
+	gnutls_record_get_state;
+	gnutls_pkcs11_obj_set_info;
+	gnutls_crypto_register_cipher;
+	gnutls_crypto_register_aead_cipher;
+	gnutls_crypto_register_mac;
+	gnutls_crypto_register_digest;
+	gnutls_ext_register;
+	gnutls_buffer_append_data;
+	gnutls_supplemental_register;
+	gnutls_supplemental_send;
+	gnutls_supplemental_recv;
+	gnutls_ext_get_data;
+	gnutls_ext_set_data;
+	gnutls_openpgp_crt_check_email;
+	gnutls_x509_crt_check_email;
+	gnutls_pkcs11_copy_x509_crt2;
+	gnutls_pkcs11_copy_x509_privkey2;
+	gnutls_pkcs11_privkey_generate3;
+	gnutls_x509_crt_get_pk_ecc_raw;
+	gnutls_x509_dn_get_str;
+	gnutls_pkcs11_get_raw_issuer_by_subject_key_id;
+	gnutls_x509_trust_list_get_issuer_by_subject_key_id;
+	gnutls_pkcs7_get_crt_raw2;
+	gnutls_pkcs7_signature_info_deinit;
+	gnutls_pkcs7_get_signature_info;
+	gnutls_pkcs7_verify_direct;
+	gnutls_pkcs7_verify;
+	gnutls_pkcs7_get_crl_raw2;
+	gnutls_pkcs7_sign;
+	gnutls_pkcs7_attrs_deinit;
+	gnutls_pkcs7_add_attr;
+	gnutls_pkcs7_get_attr;
+	gnutls_pkcs7_print;
+	gnutls_x509_crt_verify_data2;
+	gnutls_pkcs7_get_signature_count;
+	gnutls_ecc_curve_get_oid;
+	gnutls_digest_get_oid;
+	gnutls_pk_get_oid;
+	gnutls_sign_get_oid;
+	gnutls_ecc_curve_get_id;
+	gnutls_oid_to_digest;
+	gnutls_oid_to_pk;
+	gnutls_oid_to_sign;
+	gnutls_oid_to_ecc_curve;
+	gnutls_prf_rfc5705;
+	gnutls_hex_decode2;
+	gnutls_hex_encode2;
+	gnutls_session_set_verify_function;
+	gnutls_session_set_verify_cert;
+	gnutls_session_set_verify_cert2;
+	gnutls_session_get_verify_cert_status;
+	gnutls_x509_privkey_generate2;
+	gnutls_x509_privkey_get_seed;
+	gnutls_x509_privkey_verify_seed;
+	gnutls_privkey_generate2;
+	gnutls_privkey_get_seed;
+	gnutls_privkey_verify_seed;
+	gnutls_x509_privkey_set_flags;
+	gnutls_privkey_set_flags;
+	gnutls_pkcs11_copy_pubkey;
+	gnutls_x509_crt_set_subject_unique_id;
+	gnutls_x509_crt_set_issuer_unique_id;
+	_gnutls_global_init_skip;
+	gnutls_certificate_set_flags;
+	gnutls_decode_ber_digest_info;
+	gnutls_encode_ber_digest_info;
+	gnutls_pkcs7_get_embedded_data;
+	gnutls_x509_crq_set_subject_alt_othername;
+	gnutls_x509_crt_set_subject_alt_othername;
+	gnutls_x509_crt_set_issuer_alt_othername;
+	gnutls_dh_params_import_dsa;
+	gnutls_session_get_flags;
+	gnutls_session_get_master_secret;
+	gnutls_x509_crt_get_signature_oid;
+	gnutls_x509_crt_get_pk_oid;
+	gnutls_x509_crq_get_signature_oid;
+	gnutls_x509_crq_get_pk_oid;
+	gnutls_x509_crl_get_signature_oid;
+	gnutls_ecc_curve_get_pk;
+	gnutls_x509_crt_equals;
+	gnutls_x509_crt_equals2;
+	gnutls_x509_ext_import_tlsfeatures;
+	gnutls_x509_ext_export_tlsfeatures;
+	gnutls_x509_tlsfeatures_add;
+	gnutls_x509_tlsfeatures_init;
+	gnutls_x509_tlsfeatures_deinit;
+	gnutls_x509_tlsfeatures_get;
+	gnutls_x509_crt_get_tlsfeatures;
+	gnutls_x509_crt_set_tlsfeatures;
+	gnutls_x509_crq_get_tlsfeatures;
+	gnutls_x509_crq_set_tlsfeatures;
+	gnutls_ext_get_name;
+	gnutls_x509_crt_set_crq_extension_by_oid;
+	gnutls_x509_tlsfeatures_check_crt;
+	gnutls_x509_crq_set_extension_by_oid;
+	gnutls_x509_dn_set_str;
+	gnutls_transport_set_fastopen;
+	gnutls_oid_to_mac;
+	gnutls_certificate_set_ocsp_status_request_function2;
+	gnutls_session_ext_register;
+	gnutls_session_supplemental_register;
+	gnutls_pkcs7_get_embedded_data_oid;
+	gnutls_ffdhe_8192_group_prime;
+	gnutls_ffdhe_8192_group_generator;
+	gnutls_ffdhe_4096_group_prime;
+	gnutls_ffdhe_4096_group_generator;
+	gnutls_ffdhe_3072_group_prime;
+	gnutls_ffdhe_3072_group_generator;
+	gnutls_ffdhe_2048_group_prime;
+	gnutls_ffdhe_2048_group_generator;
+	gnutls_ffdhe_8192_key_bits;
+	gnutls_ffdhe_4096_key_bits;
+	gnutls_ffdhe_2048_key_bits;
+	gnutls_ffdhe_3072_key_bits;
+	gnutls_certificate_set_known_dh_params;
+	gnutls_anon_set_server_known_dh_params;
+	gnutls_psk_set_server_known_dh_params;
+	gnutls_x509_crt_check_key_purpose;
+	gnutls_ocsp_resp_get_responder2;
+	gnutls_x509_crt_get_issuer_dn3;
+	gnutls_x509_crt_get_dn3;
+	gnutls_x509_rdn_get2;
+	gnutls_x509_dn_get_str2;
+	gnutls_x509_crl_get_issuer_dn3;
+	gnutls_x509_crq_get_dn3;
+	gnutls_utf8_password_normalize;
+	gnutls_idna_map;
+	gnutls_idna_reverse_map;
+ local:
+	*;
+};
+
+GNUTLS_3_6_0
+{
+ global:
+	gnutls_pubkey_export_rsa_raw2;
+	gnutls_pubkey_export_dsa_raw2;
+	gnutls_pubkey_export_ecc_raw2;
+	gnutls_privkey_export_rsa_raw2;
+	gnutls_privkey_export_dsa_raw2;
+	gnutls_privkey_export_ecc_raw2;
+	gnutls_x509_crt_set_flags;
+	gnutls_x509_crt_check_ip;
+	gnutls_x509_ext_import_inhibit_anypolicy;
+	gnutls_x509_ext_export_inhibit_anypolicy;
+	gnutls_x509_crt_get_inhibit_anypolicy;
+	gnutls_x509_crt_set_inhibit_anypolicy;
+	gnutls_decode_rs_value;
+	gnutls_encode_rs_value;
+	gnutls_x509_spki_init;
+	gnutls_x509_spki_deinit;
+	gnutls_x509_spki_get_rsa_pss_params;
+	gnutls_x509_spki_set_rsa_pss_params;
+	gnutls_x509_crt_get_spki;
+	gnutls_x509_crt_set_spki;
+	gnutls_x509_crq_get_spki;
+	gnutls_x509_crq_set_spki;
+	gnutls_x509_privkey_set_spki;
+	gnutls_x509_privkey_get_spki;
+	gnutls_pubkey_set_spki;
+	gnutls_pubkey_get_spki;
+	gnutls_privkey_set_spki;
+	gnutls_privkey_get_spki;
+	gnutls_sign_supports_pk_algorithm;
+	gnutls_privkey_sign_hash2;
+	gnutls_privkey_sign_data2;
+	gnutls_sign_is_secure2;
+	gnutls_group_get_name;
+	gnutls_group_get_id;
+	gnutls_group_list;
+	gnutls_group_get;
+	gnutls_priority_group_list;
+	gnutls_pkcs11_token_check_mechanism;
+	gnutls_base64_encode2;
+	gnutls_base64_decode2;
+	gnutls_privkey_import_ext4;
+ local:
+	*;
+} GNUTLS_3_4;
+
+GNUTLS_3_6_2
+{
+ global:
+	gnutls_srp_8192_group_generator;
+	gnutls_srp_8192_group_prime;
+} GNUTLS_3_6_0;
+
+GNUTLS_3_6_3
+{
+ global:
+	gnutls_fips140_set_mode;
+	gnutls_session_key_update;
+	gnutls_ext_get_current_msg;
+	gnutls_reauth;
+	gnutls_ocsp_status_request_get2;
+	gnutls_ocsp_resp_import2;
+	gnutls_ocsp_resp_export2;
+	gnutls_ocsp_resp_list_import2;
+	gnutls_certificate_set_retrieve_function3;
+	gnutls_certificate_set_ocsp_status_request_file2;
+	gnutls_certificate_set_ocsp_status_request_mem;
+	gnutls_certificate_get_ocsp_expiration;
+	gnutls_record_send2;
+	gnutls_ext_raw_parse;
+	gnutls_x509_crt_list_import_url;
+	gnutls_pcert_list_import_x509_file;
+	gnutls_pkcs11_token_get_ptr;
+	gnutls_pkcs11_obj_get_ptr;
+	gnutls_session_ticket_send;
+	gnutls_aead_cipher_encryptv;
+	gnutls_gost_paramset_get_name;
+	gnutls_gost_paramset_get_oid;
+	gnutls_oid_to_gost_paramset;
+	gnutls_decode_gost_rs_value;
+	gnutls_encode_gost_rs_value;
+	gnutls_pubkey_export_gost_raw2;
+	gnutls_pubkey_import_gost_raw;
+	gnutls_x509_crt_get_pk_gost_raw;
+	gnutls_privkey_export_gost_raw2;
+	gnutls_privkey_import_gost_raw;
+	gnutls_x509_privkey_export_gost_raw;
+	gnutls_x509_privkey_import_gost_raw;
+	gnutls_set_default_priority_append;
+	gnutls_priority_init2;
+} GNUTLS_3_6_2;
+
+GNUTLS_3_6_4
+{
+ global:
+	gnutls_record_set_max_early_data_size;
+	gnutls_ffdhe_6144_group_prime;
+	gnutls_ffdhe_6144_group_generator;
+	gnutls_ffdhe_6144_key_bits;
+	gnutls_certificate_type_get2;
+	gnutls_priority_certificate_type_list2;
+} GNUTLS_3_6_3;
+
+GNUTLS_3_6_5
+{
+ global:
+	gnutls_record_get_max_early_data_size;
+	gnutls_record_send_early_data;
+	gnutls_record_recv_early_data;
+	gnutls_db_check_entry_expire_time;
+	gnutls_anti_replay_set_add_function;
+	gnutls_anti_replay_set_ptr;
+	gnutls_anti_replay_init;
+	gnutls_anti_replay_deinit;
+	gnutls_anti_replay_set_window;
+	gnutls_anti_replay_enable;
+	gnutls_privkey_decrypt_data2;
+} GNUTLS_3_6_4;
+
+GNUTLS_3_6_6
+{
+ global:
+	gnutls_certificate_set_rawpk_key_mem;
+	gnutls_certificate_set_rawpk_key_file;
+	gnutls_pcert_import_rawpk;
+	gnutls_pcert_import_rawpk_raw;
+} GNUTLS_3_6_5;
+
+GNUTLS_3_6_8
+{
+ global:
+	gnutls_prf_early;
+	gnutls_record_set_max_recv_size;
+	gnutls_dh_params_import_raw3;
+	gnutls_ffdhe_2048_group_q;
+	gnutls_ffdhe_3072_group_q;
+	gnutls_ffdhe_4096_group_q;
+	gnutls_ffdhe_6144_group_q;
+	gnutls_ffdhe_8192_group_q;
+} GNUTLS_3_6_6;
+
+GNUTLS_3_6_9
+{
+ global:
+	gnutls_get_system_config_file;
+	gnutls_hmac_copy;
+	gnutls_hash_copy;
+} GNUTLS_3_6_8;
+
+GNUTLS_3_6_10
+{
+ global:
+	gnutls_aead_cipher_encryptv2;
+	gnutls_aead_cipher_decryptv2;
+} GNUTLS_3_6_9;
+
+GNUTLS_3_6_12
+{
+ global:
+	gnutls_certificate_verification_profile_get_name;
+	gnutls_certificate_verification_profile_get_id;
+	gnutls_hmac_get_key_size;
+} GNUTLS_3_6_10;
+
+GNUTLS_3_6_13
+{
+ global:
+	gnutls_hkdf_extract;
+	gnutls_hkdf_expand;
+	gnutls_pbkdf2;
+	gnutls_session_get_keylog_function;
+	gnutls_session_set_keylog_function;
+	gnutls_prf_hash_get;
+	gnutls_psk_server_get_username2;
+	gnutls_psk_set_server_credentials_function2;
+	gnutls_psk_set_client_credentials2;
+	gnutls_psk_set_client_credentials_function2;
+} GNUTLS_3_6_12;
+
+GNUTLS_3_6_14
+{
+ global:
+	gnutls_ext_get_name2;
+	gnutls_pkcs7_print_signature_info;
+} GNUTLS_3_6_13;
+
+GNUTLS_3_7_0
+{
+ global:
+	gnutls_alert_set_read_function;
+	gnutls_handshake_set_read_function;
+	gnutls_handshake_set_secret_function;
+	gnutls_handshake_write;
+	gnutls_x509_trust_list_set_getissuer_function;
+	gnutls_x509_trust_list_get_ptr;
+	gnutls_x509_trust_list_set_ptr;
+	gnutls_session_set_verify_output_function;
+	gnutls_x509_ext_ct_scts_init;
+	gnutls_x509_ext_ct_scts_deinit;
+	gnutls_x509_ext_ct_import_scts;
+	gnutls_x509_ext_ct_export_scts;
+	gnutls_x509_ct_sct_get_version;
+	gnutls_x509_ct_sct_get;
+ local:
+	*;
+} GNUTLS_3_6_14;
+
+GNUTLS_3_7_2
+{
+ global:
+	gnutls_early_cipher_get;
+	gnutls_early_prf_hash_get;
+ local:
+	*;
+} GNUTLS_3_7_0;
+
+GNUTLS_3_7_3
+{
+ global:
+	gnutls_ecc_curve_set_enabled;
+	gnutls_sign_set_secure;
+	gnutls_sign_set_secure_for_certs;
+	gnutls_digest_set_secure;
+	gnutls_protocol_set_enabled;
+	gnutls_transport_is_ktls_enabled;
+	gnutls_fips140_context_init;
+	gnutls_fips140_context_deinit;
+	gnutls_fips140_get_operation_state;
+	gnutls_fips140_push_context;
+	gnutls_fips140_pop_context;
+	gnutls_get_library_config;
+ local:
+	*;
+} GNUTLS_3_7_2;
+
+GNUTLS_3_7_4
+{
+ global:
+	gnutls_ciphersuite_get;
+	gnutls_compress_certificate_get_selected_method;
+	gnutls_compress_certificate_set_methods;
+	gnutls_record_send_file;
+ local:
+	*;
+} GNUTLS_3_7_3;
+
+GNUTLS_3_7_5
+{
+ global:
+	gnutls_aead_cipher_set_key;
+ local:
+	*;
+} GNUTLS_3_7_4;
+
+GNUTLS_3_7_7
+{
+ global:
+	gnutls_fips140_run_self_tests;
+	gnutls_cipher_encrypt3;
+	gnutls_cipher_decrypt3;
+ local:
+	*;
+} GNUTLS_3_7_5;
+
+GNUTLS_FIPS140_3_4 {
+  global:
+	gnutls_cipher_self_test;
+	gnutls_pk_self_test;
+	gnutls_mac_self_test;
+	gnutls_digest_self_test;
+	gnutls_hkdf_self_test;
+	gnutls_pbkdf2_self_test;
+	gnutls_tlsprf_self_test;
+	#for FIPS140-2 validation
+	drbg_aes_reseed;
+	drbg_aes_init;
+	drbg_aes_generate;
+	_dsa_generate_dss_pq;
+	_dsa_generate_dss_g;
+	_dsa_validate_dss_g;
+	_dsa_validate_dss_pq;
+	dsa_generate_dss_keypair;
+	_gnutls_prf_raw;
+	_gnutls_encode_ber_rs_raw;
+	_gnutls_decode_ber_rs_raw;
+	_rsa_generate_fips186_4_keypair;
+	_gnutls_dh_compute_key;
+	_gnutls_dh_generate_key;
+	_gnutls_ecdh_generate_key;
+	_gnutls_ecdh_compute_key;
+	_gnutls_cipher_get_iv;
+} GNUTLS_3_4;
+
+GNUTLS_PRIVATE_3_4 {
+  global:
+	# Internal symbols needed by libgnutls-dane:
+	_gnutls_buffer_init;
+	_gnutls_buffer_append_str;
+	_gnutls_buffer_to_datum;
+
+	# Internal symbols used by fips-test
+	_gnutls_lib_simulate_error;
+	_gnutls_lib_force_operational;
+	#symbols needed for crypto-selftests
+	_gnutls_log_level;
+	_gnutls_digest_exists;
+	_gnutls_log;
+
+	# PSK extension parser unit test
+	_gnutls13_psk_ext_parser_init;
+	_gnutls13_psk_ext_iter_next_identity;
+	_gnutls13_psk_ext_iter_next_binder;
+
+	# Internal symbols needed by gnutls-cli-debug:
+	_gnutls_rsa_pms_set_version;
+	_gnutls_record_set_default_version;
+	_gnutls_hello_set_default_version;
+	# Internal symbols needed by tests/gc:
+	_gnutls_pbkdf2_sha1;
+	# Internal symbols needed by tests/mpi:
+	_gnutls_mpi_ops;
+	_gnutls_mpi_log;
+	_gnutls_mpi_release;
+	# tests/time.c
+	_gnutls_utcTime2gtime;
+	_gnutls_x509_generalTime2gtime;
+
+	# Internal symbols needed by tests/:
+	# by tests/tls13/prf-early.c
+	_gnutls_global_version;
+	_gnutls_default_priority_string;
+	_gnutls_supplemental_deinit;
+	_gnutls_record_overhead;
+	_gnutls_cipher_to_entry;
+	_gnutls_pkcs11_token_get_url;
+	_gnutls_pkcs12_string_to_key;
+	_gnutls_bin2hex;
+	_gnutls_version_to_entry;
+	_gnutls_mac_to_entry;
+	_gnutls_resolve_priorities;
+	# Internal symbols needed by tests/name-constraints:
+	_gnutls_ip_to_string;
+	_gnutls_cidr_to_string;
+	# needed by tests/conv-utf8.c:
+	_gnutls_utf8_to_ucs2;
+	_gnutls_ucs2_to_utf8;
+	# Internal symbols needed by tests/name-constraints-merge:
+	_gnutls_x509_name_constraints_merge;
+	_gnutls_server_name_set_raw;
+	# Internal symbols needed by tests/suite/resume-with-stek-expiration
+	_gnutls_set_session_ticket_key_rotation_callback;
+	# Internal symbols needed by tests/virt-time.h
+	_gnutls_global_set_gettime_function;
+	# Internal symbols needed by tests/tls13/anti_replay.c
+	_gnutls_anti_replay_check;
+	# needed by gnutls-strcodes.c
+	_gnutls_ecc_curve_is_supported;
+	# needed by tests/iov:
+	_gnutls_iov_iter_init;
+	_gnutls_iov_iter_next;
+	_gnutls_iov_iter_sync;
+	# needed by tests/buffer:
+	_gnutls_buffer_unescape;
+	_gnutls_buffer_pop_datum;
+	_gnutls_buffer_clear;
+	# needed by tests/cipher-alignment
+	_gnutls_crypto_register_cipher;
+} GNUTLS_3_4;
diff --git a/lib/locks.c b/lib/locks.c
new file mode 100644
index 0000000..8888ed6
--- /dev/null
+++ b/lib/locks.c
@@ -0,0 +1,65 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <libtasn1.h>
+#include <dh.h>
+#include <random.h>
+
+#include <locks.h>
+
+
+/**
+ * gnutls_global_set_mutex:
+ * @init: mutex initialization function
+ * @deinit: mutex deinitialization function
+ * @lock: mutex locking function
+ * @unlock: mutex unlocking function
+ *
+ * With this function you are allowed to override the default mutex
+ * locks used in some parts of gnutls and dependent libraries. This function
+ * should be used if you have complete control of your program and libraries.
+ * Do not call this function from a library, or preferably from any application
+ * unless really needed to. GnuTLS will use the appropriate locks for the running
+ * system.
+ *
+ * This function must be called prior to any other GnuTLS function; otherwise
+ * the behavior is undefined.
+ *
+ * Deprecated: This function is discouraged on GnuTLS 3.7.3 or later.
+ *
+ * Since: 2.12.0
+ **/
+void
+gnutls_global_set_mutex(mutex_init_func init, mutex_deinit_func deinit,
+			mutex_lock_func lock, mutex_unlock_func unlock)
+{
+	if (init == NULL || deinit == NULL || lock == NULL || unlock == NULL) {
+		return;
+	}
+
+	gnutls_mutex_init = init;
+	gnutls_mutex_deinit = deinit;
+	gnutls_mutex_lock = lock;
+	gnutls_mutex_unlock = unlock;
+}
diff --git a/lib/locks.h b/lib/locks.h
new file mode 100644
index 0000000..907adfc
--- /dev/null
+++ b/lib/locks.h
@@ -0,0 +1,78 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_LOCKS_H
+#define GNUTLS_LIB_LOCKS_H
+
+#include <gnutls/gnutls.h>
+#include "gnutls_int.h"
+#include "system.h"
+#include "glthread/lock.h"
+
+extern mutex_init_func gnutls_mutex_init;
+extern mutex_deinit_func gnutls_mutex_deinit;
+extern mutex_lock_func gnutls_mutex_lock;
+extern mutex_unlock_func gnutls_mutex_unlock;
+
+/* If a mutex is initialized with GNUTLS_STATIC_MUTEX, it must be
+ * locked/unlocked with the gnutls_static_mutex_* functions defined
+ * below instead of the above gnutls_mutex_* functions, because the
+ * latter can be replaced with gnutls_global_set_mutex().
+ */
+#define GNUTLS_STATIC_MUTEX(lock) gl_lock_define_initialized(static, lock)
+typedef gl_lock_t *gnutls_static_mutex_t;
+
+#define gnutls_static_mutex_lock(LOCK)			\
+	(unlikely(glthread_lock_lock(LOCK)) ?		\
+	gnutls_assert_val(GNUTLS_E_LOCKING_ERROR) : 0)
+
+#define gnutls_static_mutex_unlock(LOCK)		\
+	(unlikely(glthread_lock_unlock(LOCK)) ?		\
+	gnutls_assert_val(GNUTLS_E_LOCKING_ERROR) : 0)
+
+/* Unlike static mutexes, static rwlocks can be locked/unlocked with
+ * the functions defined below, because there is no way to replace
+ * those functions.
+ */
+#define GNUTLS_RWLOCK(rwlock) gl_rwlock_define_initialized(static, rwlock)
+typedef gl_rwlock_t *gnutls_rwlock_t;
+
+#define gnutls_rwlock_rdlock(RWLOCK)			\
+	(unlikely(glthread_rwlock_rdlock(RWLOCK)) ?	\
+	gnutls_assert_val(GNUTLS_E_LOCKING_ERROR) : 0)
+
+#define gnutls_rwlock_wrlock(RWLOCK)			\
+	(unlikely(glthread_rwlock_wrlock(RWLOCK)) ?	\
+	gnutls_assert_val(GNUTLS_E_LOCKING_ERROR) : 0)
+
+#define gnutls_rwlock_unlock(RWLOCK)			\
+	(unlikely(glthread_rwlock_unlock(RWLOCK)) ?	\
+	gnutls_assert_val(GNUTLS_E_LOCKING_ERROR) : 0)
+
+#define GNUTLS_ONCE(once) gl_once_define(static, once)
+typedef gl_once_t *gnutls_once_t;
+
+#define gnutls_once(ONCE, INIT_FUNC)			\
+	(unlikely(glthread_once(ONCE, INIT_FUNC)) ?	\
+	gnutls_assert_val(GNUTLS_E_LOCKING_ERROR) : 0)
+
+#endif /* GNUTLS_LIB_LOCKS_H */
diff --git a/lib/mbuffers.c b/lib/mbuffers.c
new file mode 100644
index 0000000..7eabf04
--- /dev/null
+++ b/lib/mbuffers.c
@@ -0,0 +1,452 @@
+/*
+ * Copyright (C) 2009-2012 Free Software Foundation, Inc.
+ *
+ * Author: Jonathan Bastien-Filiatrault
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "mbuffers.h"
+#include "errors.h"
+
+/* Here be mbuffers */
+
+/* A note on terminology:
+ *
+ * Variables named bufel designate a single buffer segment (mbuffer_st
+ * type). This type is textually referred to as a "segment" or a
+ * "buffer element".
+ *
+ * Variables named buf desigate a chain of buffer segments
+ * (mbuffer_head_st type).  This type is textually referred to as a
+ * "buffer head" or simply as "buffer".
+ *
+ * Design objectives:
+ *
+ * - Make existing code easier to understand.
+ * - Make common operations more efficient by avoiding unnecessary
+ *    copying.
+ * - Provide a common datatype with a well-known interface to move
+ *    data around and through the multiple protocol layers.
+ * - Enable a future implementation of DTLS, which needs the concept
+ *    of record boundaries.
+ */
+
+
+/* Initialize a buffer head.
+ *
+ * Cost: O(1)
+ */
+void _mbuffer_head_init(mbuffer_head_st * buf)
+{
+	buf->head = NULL;
+	buf->tail = NULL;
+
+	buf->length = 0;
+	buf->byte_length = 0;
+}
+
+/* Deallocate all buffer segments and reset the buffer head.
+ *
+ * Cost: O(n)
+ * n: Number of segments currently in the buffer.
+ */
+void _mbuffer_head_clear(mbuffer_head_st * buf)
+{
+	mbuffer_st *bufel, *next;
+
+	for (bufel = buf->head; bufel != NULL; bufel = next) {
+		next = bufel->next;
+		gnutls_free(bufel);
+	}
+
+	_mbuffer_head_init(buf);
+}
+
+/* Append a segment to the end of this buffer.
+ *
+ * Cost: O(1)
+ */
+void _mbuffer_enqueue(mbuffer_head_st * buf, mbuffer_st * bufel)
+{
+	bufel->next = NULL;
+	bufel->prev = buf->tail;
+
+	buf->length++;
+	buf->byte_length += bufel->msg.size - bufel->mark;
+
+	if (buf->tail != NULL)
+		buf->tail->next = bufel;
+	else
+		buf->head = bufel;
+	buf->tail = bufel;
+}
+
+/* Remove a segment from the buffer.
+ *
+ * Cost: O(1)
+ *
+ * Returns the buffer following it.
+ */
+mbuffer_st *_mbuffer_dequeue(mbuffer_head_st * buf, mbuffer_st * bufel)
+{
+	mbuffer_st *ret = bufel->next;
+
+	if (buf->tail == bufel)	/* if last */
+		buf->tail = bufel->prev;
+
+	if (buf->head == bufel)	/* if first */
+		buf->head = bufel->next;
+
+	if (bufel->prev)
+		bufel->prev->next = bufel->next;
+
+	if (bufel->next)
+		bufel->next->prev = NULL;
+
+	buf->length--;
+	buf->byte_length -= bufel->msg.size - bufel->mark;
+
+	bufel->next = bufel->prev = NULL;
+
+	return ret;
+}
+
+/* Append a segment to the beginning of this buffer.
+ *
+ * Cost: O(1)
+ */
+void _mbuffer_head_push_first(mbuffer_head_st * buf, mbuffer_st * bufel)
+{
+	bufel->prev = NULL;
+	bufel->next = buf->head;
+
+	buf->length++;
+	buf->byte_length += bufel->msg.size - bufel->mark;
+
+	if (buf->head != NULL)
+		buf->head->prev = bufel;
+	else
+		buf->tail = bufel;
+	buf->head = bufel;
+}
+
+/* Get a reference to the first segment of the buffer and
+ * remove it from the list.
+ *
+ * Used to start iteration.
+ *
+ * Cost: O(1)
+ */
+mbuffer_st *_mbuffer_head_pop_first(mbuffer_head_st * buf)
+{
+	mbuffer_st *bufel = buf->head;
+
+	if (buf->head == NULL)
+		return NULL;
+
+	_mbuffer_dequeue(buf, bufel);
+
+	return bufel;
+}
+
+/* Get a reference to the first segment of the buffer and its data.
+ *
+ * Used to start iteration or to peek at the data.
+ *
+ * Cost: O(1)
+ */
+mbuffer_st *_mbuffer_head_get_first(mbuffer_head_st * buf,
+				    gnutls_datum_t * msg)
+{
+	mbuffer_st *bufel = buf->head;
+
+	if (msg) {
+		if (bufel) {
+			msg->data = bufel->msg.data + bufel->mark;
+			msg->size = bufel->msg.size - bufel->mark;
+		} else {
+			msg->data = NULL;
+			msg->size = 0;
+		}
+	}
+	return bufel;
+}
+
+/* Get a reference to the next segment of the buffer and its data.
+ *
+ * Used to iterate over the buffer segments.
+ *
+ * Cost: O(1)
+ */
+mbuffer_st *_mbuffer_head_get_next(mbuffer_st * cur, gnutls_datum_t * msg)
+{
+	mbuffer_st *bufel = cur->next;
+
+	if (msg) {
+		if (bufel) {
+			msg->data = bufel->msg.data + bufel->mark;
+			msg->size = bufel->msg.size - bufel->mark;
+		} else {
+			msg->data = NULL;
+			msg->size = 0;
+		}
+	}
+	return bufel;
+}
+
+/* Remove the first segment from the buffer.
+ *
+ * Used to dequeue data from the buffer. Not yet exposed in the
+ * internal interface since it is not yet needed outside of this unit.
+ *
+ * Cost: O(1)
+ */
+static inline void remove_front(mbuffer_head_st * buf)
+{
+	mbuffer_st *bufel = buf->head;
+
+	if (!bufel)
+		return;
+
+	_mbuffer_dequeue(buf, bufel);
+	gnutls_free(bufel);
+}
+
+/* Remove a specified number of bytes from the start of the buffer.
+ *
+ * Useful for uses that treat the buffer as a simple array of bytes.
+ *
+ * If more than one mbuffer_st have been removed it
+ * returns 1, 0 otherwise and an error code on error.
+ *
+ * Cost: O(n)
+ * n: Number of segments needed to remove the specified amount of data.
+ */
+int _mbuffer_head_remove_bytes(mbuffer_head_st * buf, size_t bytes)
+{
+	size_t left = bytes;
+	mbuffer_st *bufel, *next;
+	int ret = 0;
+
+	if (bytes > buf->byte_length) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	for (bufel = buf->head; bufel != NULL && left > 0; bufel = next) {
+		next = bufel->next;
+
+		if (left >= (bufel->msg.size - bufel->mark)) {
+			left -= (bufel->msg.size - bufel->mark);
+			remove_front(buf);
+			ret = 1;
+		} else {
+			bufel->mark += left;
+			buf->byte_length -= left;
+			left = 0;
+		}
+	}
+	return ret;
+}
+
+/* Allocate a buffer segment. The segment is not initially "owned" by
+ * any buffer.
+ *
+ * maximum_size: Amount of data that this segment can contain.
+ *
+ * Returns the segment or NULL on error.
+ *
+ * Cost: O(1)
+ */
+mbuffer_st *_mbuffer_alloc(size_t maximum_size)
+{
+	mbuffer_st *st;
+
+	st = gnutls_malloc(maximum_size + sizeof(mbuffer_st));
+	if (st == NULL) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	/* set the structure to zero */
+	memset(st, 0, sizeof(*st));
+
+	/* payload points after the mbuffer_st structure */
+	st->msg.data = (uint8_t *) st + sizeof(mbuffer_st);
+	st->msg.size = 0;
+	st->maximum_size = maximum_size;
+
+	return st;
+}
+
+
+/* Copy data into a segment. The segment must not be part of a buffer
+ * head when using this function.
+ *
+ * Bounds checking is performed by this function.
+ *
+ * Returns 0 on success or an error code otherwise.
+ *
+ * Cost: O(n)
+ * n: number of bytes to copy
+ */
+int
+_mbuffer_append_data(mbuffer_st * bufel, void *newdata,
+		     size_t newdata_size)
+{
+	if (bufel->msg.size + newdata_size <= bufel->maximum_size) {
+		memcpy(&bufel->msg.data[bufel->msg.size], newdata,
+		       newdata_size);
+		bufel->msg.size += newdata_size;
+	} else {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return 0;
+}
+
+#ifdef ENABLE_ALIGN16
+# define ALIGN_SIZE 16
+
+/* Allocate a 16-byte aligned buffer segment. The segment is not initially "owned" by
+ * any buffer.
+ *
+ * maximum_size: Amount of data that this segment can contain.
+ * align_pos: identifies the position of the buffer that will be aligned at 16-bytes
+ *
+ * This function should be used to ensure that encrypted data or data to
+ * be encrypted are properly aligned.
+ *
+ * Returns the segment or NULL on error.
+ *
+ * Cost: O(1)
+ */
+mbuffer_st *_mbuffer_alloc_align16(size_t maximum_size, unsigned align_pos)
+{
+	mbuffer_st *st;
+	size_t cur_alignment;
+
+	st = gnutls_malloc(maximum_size + sizeof(mbuffer_st) + ALIGN_SIZE);
+	if (st == NULL) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	/* set the structure to zero */
+	memset(st, 0, sizeof(*st));
+
+	/* payload points after the mbuffer_st structure */
+	st->msg.data = (uint8_t *) st + sizeof(mbuffer_st);
+	
+	cur_alignment = ((size_t)(st->msg.data+align_pos)) % ALIGN_SIZE;
+	if (cur_alignment > 0)
+		st->msg.data += ALIGN_SIZE - cur_alignment;
+
+	st->msg.size = 0;
+	st->maximum_size = maximum_size;
+
+	return st;
+}
+
+static unsigned is_aligned16(mbuffer_st * bufel, unsigned align_pos)
+{
+	uint8_t * ptr = _mbuffer_get_udata_ptr(bufel);
+
+	if (((size_t)(ptr+align_pos)) % ALIGN_SIZE == 0)
+		return 1;
+	else
+		return 0;
+}
+
+/* Takes a buffer in multiple chunks and puts all the data in a single
+ * contiguous segment, ensuring that the @align_pos is 16-byte aligned.
+ *
+ * Returns 0 on success or an error code otherwise.
+ *
+ * Cost: O(n)
+ * n: number of segments initially in the buffer
+ */
+int _mbuffer_linearize_align16(mbuffer_head_st * buf, unsigned align_pos)
+{
+	mbuffer_st *bufel, *cur;
+	gnutls_datum_t msg;
+	size_t pos = 0;
+
+	if (buf->length == 0) {
+		/* Nothing to do */
+		return 0;
+	}
+	
+	bufel = _mbuffer_head_get_first(buf, NULL);
+	if (buf->length == 1 && is_aligned16(bufel, align_pos))
+		return 0;
+
+	bufel = _mbuffer_alloc_align16(buf->byte_length, align_pos);
+	if (!bufel) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	bufel->type = _mbuffer_head_get_first(buf, NULL)->type;
+
+	for (cur = _mbuffer_head_get_first(buf, &msg);
+	     msg.data != NULL; cur = _mbuffer_head_get_next(cur, &msg)) {
+		memcpy(&bufel->msg.data[pos], msg.data, msg.size);
+		bufel->msg.size += msg.size;
+		pos += msg.size;
+	}
+
+	_mbuffer_head_clear(buf);
+	_mbuffer_enqueue(buf, bufel);
+
+	return 0;
+}
+#else
+int _mbuffer_linearize(mbuffer_head_st * buf)
+{
+	mbuffer_st *bufel, *cur;
+	gnutls_datum_t msg;
+	size_t pos = 0;
+
+	if (buf->length <= 1) {
+		/* Nothing to do */
+		return 0;
+	}
+	
+	bufel = _mbuffer_alloc(buf->byte_length);
+	if (!bufel) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	bufel->type = _mbuffer_head_get_first(buf, NULL)->type;
+
+	for (cur = _mbuffer_head_get_first(buf, &msg);
+	     msg.data != NULL; cur = _mbuffer_head_get_next(cur, &msg)) {
+		memcpy(&bufel->msg.data[pos], msg.data, msg.size);
+		bufel->msg.size += msg.size;
+		pos += msg.size;
+	}
+
+	_mbuffer_head_clear(buf);
+	_mbuffer_enqueue(buf, bufel);
+
+	return 0;
+}
+#endif
diff --git a/lib/mbuffers.h b/lib/mbuffers.h
new file mode 100644
index 0000000..a41850c
--- /dev/null
+++ b/lib/mbuffers.h
@@ -0,0 +1,201 @@
+/*
+ * Copyright (C) 2009-2012 Free Software Foundation, Inc.
+ *
+ * Author: Jonathan Bastien-Filiatrault
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_MBUFFERS_H
+#define GNUTLS_LIB_MBUFFERS_H
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <assert.h>
+
+void _mbuffer_head_init(mbuffer_head_st * buf);
+void _mbuffer_head_clear(mbuffer_head_st * buf);
+void _mbuffer_enqueue(mbuffer_head_st * buf, mbuffer_st * bufel);
+mbuffer_st *_mbuffer_dequeue(mbuffer_head_st * buf, mbuffer_st * bufel);
+int _mbuffer_head_remove_bytes(mbuffer_head_st * buf, size_t bytes);
+mbuffer_st *_mbuffer_alloc(size_t maximum_size);
+int _mbuffer_linearize(mbuffer_head_st * buf);
+
+mbuffer_st *_mbuffer_head_get_first(mbuffer_head_st * buf,
+				    gnutls_datum_t * msg);
+mbuffer_st *_mbuffer_head_get_next(mbuffer_st * cur, gnutls_datum_t * msg);
+
+void _mbuffer_head_push_first(mbuffer_head_st * buf, mbuffer_st * bufel);
+
+mbuffer_st *_mbuffer_head_pop_first(mbuffer_head_st * buf);
+
+/* This is dangerous since it will replace bufel with a new
+ * one.
+ */
+int _mbuffer_append_data(mbuffer_st * bufel, void *newdata,
+			 size_t newdata_size);
+
+
+/* For "user" use. One can have buffer data and header.
+ */
+
+inline static void *_mbuffer_get_uhead_ptr(mbuffer_st * bufel)
+{
+	return bufel->msg.data + bufel->mark;
+}
+
+inline static void *_mbuffer_get_udata_ptr(mbuffer_st * bufel)
+{
+	return bufel->msg.data + bufel->uhead_mark + bufel->mark;
+}
+
+inline static void _mbuffer_set_udata_size(mbuffer_st * bufel, size_t size)
+{
+	bufel->msg.size = size + bufel->uhead_mark + bufel->mark;
+}
+
+inline static void
+_mbuffer_set_udata(mbuffer_st * bufel, void *data, size_t data_size)
+{
+	memcpy(_mbuffer_get_udata_ptr(bufel), data,
+	       data_size);
+	_mbuffer_set_udata_size(bufel, data_size);
+}
+
+inline static size_t _mbuffer_get_udata_size(mbuffer_st * bufel)
+{
+	return bufel->msg.size - bufel->uhead_mark - bufel->mark;
+}
+
+/* discards size bytes from the begging of the buffer */
+inline static void
+_mbuffer_consume(mbuffer_head_st * buf, mbuffer_st * bufel, size_t size)
+{
+	bufel->uhead_mark = 0;
+	if (bufel->mark + size < bufel->msg.size)
+		bufel->mark += size;
+	else
+		bufel->mark = bufel->msg.size;
+
+	buf->byte_length -= size;
+}
+
+inline static size_t _mbuffer_get_uhead_size(mbuffer_st * bufel)
+{
+	return bufel->uhead_mark;
+}
+
+inline static void _mbuffer_set_uhead_size(mbuffer_st * bufel, size_t size)
+{
+	bufel->uhead_mark = size;
+}
+
+inline static void _mbuffer_init(mbuffer_st *bufel, size_t max)
+{
+	memset(bufel, 0, sizeof(*bufel));
+	bufel->maximum_size = max;
+
+	/* payload points after the mbuffer_st structure */
+	bufel->msg.data = (uint8_t *) bufel + sizeof(mbuffer_st);
+}
+
+/* Helper functions to utilize a gnutls_buffer_st in order
+ * to generate a gnutls_mbuffer_st, without multiple allocations.
+ */
+inline static int _gnutls_buffer_init_mbuffer(gnutls_buffer_st * buf, size_t header_size)
+{
+	int ret;
+	mbuffer_st *bufel;
+
+	_gnutls_buffer_init(buf);
+
+	ret = _gnutls_buffer_resize(buf, sizeof(mbuffer_st)+header_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* we store the uhead size on the uninitialized bufel, only to read
+	 * it back on _gnutls_buffer_to_mbuffer(). */
+	bufel = (void*)buf->data;
+	_mbuffer_set_uhead_size(bufel, header_size);
+
+	buf->length = sizeof(mbuffer_st)+header_size;
+
+	return 0;
+}
+
+#define _gnutls_buffer_init_handshake_mbuffer(b) _gnutls_buffer_init_mbuffer(b, HANDSHAKE_HEADER_SIZE(session))
+
+
+/* Cannot fail */
+inline static mbuffer_st *_gnutls_buffer_to_mbuffer(gnutls_buffer_st * buf)
+{
+	mbuffer_st *bufel;
+	unsigned header_size;
+
+	bufel = (void*)buf->data;
+
+	header_size = _mbuffer_get_uhead_size(bufel);
+	assert(buf->length >= sizeof(mbuffer_st)+header_size);
+
+	_mbuffer_init(bufel, buf->length - sizeof(mbuffer_st));
+
+	_mbuffer_set_udata_size(bufel, buf->length - sizeof(mbuffer_st));
+	_mbuffer_set_uhead_size(bufel, header_size);
+
+	_gnutls_buffer_init(buf); /* avoid double frees */
+
+	return bufel;
+}
+
+inline static mbuffer_st *_gnutls_handshake_alloc(gnutls_session_t session,
+						  size_t maximum)
+{
+	mbuffer_st *bufel =
+	    _mbuffer_alloc(HANDSHAKE_HEADER_SIZE(session) + maximum);
+
+	if (!bufel)
+		return NULL;
+
+	_mbuffer_set_uhead_size(bufel, HANDSHAKE_HEADER_SIZE(session));
+	_mbuffer_set_udata_size(bufel, maximum);
+
+	return bufel;
+}
+
+/* Free a segment, if the pointer is not NULL
+ *
+ * We take a ** to detect and fix double free bugs (the dangling
+ * pointer case). It also makes sure the pointer has a known value
+ * after freeing.
+ */
+inline static void _mbuffer_xfree(mbuffer_st ** bufel)
+{
+	if (*bufel)
+		gnutls_free(*bufel);
+
+	*bufel = NULL;
+}
+
+#ifdef ENABLE_ALIGN16
+mbuffer_st *_mbuffer_alloc_align16(size_t maximum_size, unsigned align_pos);
+int _mbuffer_linearize_align16(mbuffer_head_st * buf, unsigned align_pos);
+#else
+# define _mbuffer_alloc_align16(x,y) _mbuffer_alloc(x)
+# define _mbuffer_linearize_align16(x,y) _mbuffer_linearize(x)
+#endif
+
+#endif /* GNUTLS_LIB_MBUFFERS_H */
diff --git a/lib/mem.c b/lib/mem.c
new file mode 100644
index 0000000..c6a78b1
--- /dev/null
+++ b/lib/mem.c
@@ -0,0 +1,143 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <num.h>
+#include "xalloc-oversized.h"
+
+gnutls_alloc_function gnutls_secure_malloc = malloc;
+gnutls_alloc_function gnutls_malloc = malloc;
+gnutls_free_function gnutls_free = free;
+gnutls_realloc_function gnutls_realloc = realloc;
+
+void *(*gnutls_calloc) (size_t, size_t) = calloc;
+char *(*gnutls_strdup) (const char *) = _gnutls_strdup;
+
+/* This realloc will free ptr in case realloc
+ * fails.
+ */
+void *gnutls_realloc_fast(void *ptr, size_t size)
+{
+	void *ret;
+
+	if (size == 0)
+		return ptr;
+
+	ret = gnutls_realloc(ptr, size);
+	if (ret == NULL) {
+		gnutls_free(ptr);
+	}
+
+	return ret;
+}
+
+/* This will free ptr in case reallocarray fails.
+ */
+void *_gnutls_reallocarray_fast(void *ptr, size_t nmemb, size_t size)
+{
+	void *ret;
+
+	if (size == 0)
+		return ptr;
+
+	ret = _gnutls_reallocarray(ptr, nmemb, size);
+	if (ret == NULL) {
+		gnutls_free(ptr);
+	}
+
+	return ret;
+}
+
+char *_gnutls_strdup(const char *str)
+{
+	size_t siz;
+	char *ret;
+
+	if(unlikely(!str))
+		return NULL;
+
+	siz = strlen(str) + 1;
+
+	ret = gnutls_malloc(siz);
+	if (ret != NULL)
+		memcpy(ret, str, siz);
+	return ret;
+}
+
+void *_gnutls_reallocarray(void *ptr, size_t nmemb, size_t size)
+{
+	return xalloc_oversized(nmemb, size) ? NULL :
+		gnutls_realloc(ptr, nmemb * size);
+}
+
+#if 0
+/* don't use them. They are included for documentation.
+ */
+
+/**
+ * gnutls_malloc:
+ * @s: size to allocate in bytes
+ *
+ * This function will allocate 's' bytes data, and
+ * return a pointer to memory. This function is supposed
+ * to be used by callbacks.
+ *
+ * The allocation function used is the one set by
+ * gnutls_global_set_mem_functions().
+ **/
+void *gnutls_malloc(size_t s)
+{
+	int x;
+}
+
+/**
+ * gnutls_free:
+ * @ptr: pointer to memory
+ *
+ * This function will free data pointed by ptr.
+ *
+ * The deallocation function used is the one set by
+ * gnutls_global_set_mem_functions().
+ *
+ **/
+void gnutls_free(void *ptr)
+{
+	int x;
+}
+
+#endif
+
+/* Returns 1 if the provided buffer is all zero.
+ * It leaks no information via timing.
+ */
+unsigned _gnutls_mem_is_zero(const uint8_t *ptr, unsigned size)
+{
+	unsigned i;
+	uint8_t res = 0;
+
+	for (i=0;i<size;i++) {
+		res |= ptr[i];
+	}
+
+	return ((res==0)?1:0);
+}
diff --git a/lib/mem.h b/lib/mem.h
new file mode 100644
index 0000000..3082aa8
--- /dev/null
+++ b/lib/mem.h
@@ -0,0 +1,82 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_MEM_H
+#define GNUTLS_LIB_MEM_H
+
+#include "config.h"
+
+#ifdef HAVE_SANITIZER_ASAN_INTERFACE_H
+#include <sanitizer/asan_interface.h>
+#endif
+
+#ifdef HAVE_VALGRIND_MEMCHECK_H
+#include <valgrind/memcheck.h>
+#endif
+
+/* These realloc functions will return ptr if size==0, and will free
+ * the ptr if the new allocation failed.
+ */
+void *gnutls_realloc_fast(void *ptr, size_t size);
+void *_gnutls_reallocarray_fast(void *ptr, size_t nmemb, size_t size);
+
+char *_gnutls_strdup(const char *);
+
+void *_gnutls_reallocarray(void *, size_t, size_t);
+
+unsigned _gnutls_mem_is_zero(const uint8_t *ptr, unsigned size);
+
+#define zrelease_mpi_key(mpi) if (*mpi!=NULL) { \
+		_gnutls_mpi_clear(*mpi); \
+		_gnutls_mpi_release(mpi); \
+	}
+
+#define zeroize_key(x, size) gnutls_memset(x, 0, size)
+
+#define zeroize_temp_key zeroize_key
+#define zrelease_temp_mpi_key zrelease_mpi_key
+
+static inline void
+_gnutls_memory_mark_undefined(void *addr, size_t size)
+{
+#ifdef HAVE_SANITIZER_ASAN_INTERFACE_H
+	ASAN_POISON_MEMORY_REGION(addr, size);
+#endif
+#ifdef HAVE_VALGRIND_MEMCHECK_H
+	if (RUNNING_ON_VALGRIND)
+		VALGRIND_MAKE_MEM_UNDEFINED(addr, size);
+#endif
+}
+
+static inline void
+_gnutls_memory_mark_defined(void *addr, size_t size)
+{
+#ifdef HAVE_SANITIZER_ASAN_INTERFACE_H
+	ASAN_UNPOISON_MEMORY_REGION(addr, size);
+#endif
+#ifdef HAVE_VALGRIND_MEMCHECK_H
+	if (RUNNING_ON_VALGRIND)
+		VALGRIND_MAKE_MEM_DEFINED(addr, size);
+#endif
+}
+
+#endif /* GNUTLS_LIB_MEM_H */
diff --git a/lib/minitasn1/Makefile.am b/lib/minitasn1/Makefile.am
new file mode 100644
index 0000000..9b67697
--- /dev/null
+++ b/lib/minitasn1/Makefile.am
@@ -0,0 +1,34 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2002-2010, 2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 2.1 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with GnuTLS; if not, write to the Free
+# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+# MA 02110-1301, USA
+
+include $(top_srcdir)/lib/common.mk
+
+AM_CPPFLAGS = -DASN1_BUILDING		\
+	-I$(srcdir)/../../gl		\
+	-I$(builddir)/../../gl          \
+	-I$(srcdir)/..
+
+noinst_LTLIBRARIES = libminitasn1.la
+
+libminitasn1_la_SOURCES = libtasn1.h gstr.h int.h parser_aux.h		\
+        structure.h element.h decoding.c gstr.c errors.c parser_aux.c	\
+        structure.c element.c coding.c version.c
diff --git a/lib/minitasn1/Makefile.in b/lib/minitasn1/Makefile.in
new file mode 100644
index 0000000..499bcfd
--- /dev/null
+++ b/lib/minitasn1/Makefile.in
@@ -0,0 +1,2418 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2002-2010, 2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 2.1 of
+# the License, or (at your option) any later version.
+#
+# The GnuTLS is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with GnuTLS; if not, write to the Free
+# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+# MA 02110-1301, USA
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = lib/minitasn1
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+LTLIBRARIES = $(noinst_LTLIBRARIES)
+libminitasn1_la_LIBADD =
+am_libminitasn1_la_OBJECTS = decoding.lo gstr.lo errors.lo \
+	parser_aux.lo structure.lo element.lo coding.lo version.lo
+libminitasn1_la_OBJECTS = $(am_libminitasn1_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/coding.Plo ./$(DEPDIR)/decoding.Plo \
+	./$(DEPDIR)/element.Plo ./$(DEPDIR)/errors.Plo \
+	./$(DEPDIR)/gstr.Plo ./$(DEPDIR)/parser_aux.Plo \
+	./$(DEPDIR)/structure.Plo ./$(DEPDIR)/version.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+SOURCES = $(libminitasn1_la_SOURCES)
+DIST_SOURCES = $(libminitasn1_la_SOURCES)
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in \
+	$(top_srcdir)/build-aux/depcomp $(top_srcdir)/lib/common.mk
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = @GPERF@
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+AM_CFLAGS = $(WERROR_CFLAGS) $(WSTACK_CFLAGS) $(WARN_CFLAGS) $(NETTLE_CFLAGS) \
+  $(LIBTASN1_CFLAGS) $(LIBIDN2_CFLAGS) $(P11_KIT_CFLAGS) $(LIBZSTD_CFLAGS) \
+  $(CODE_COVERAGE_CFLAGS)
+
+COMMON_LINK_FLAGS = $(CODE_COVERAGE_LDFLAGS)
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
+AM_CPPFLAGS = -DASN1_BUILDING		\
+	-I$(srcdir)/../../gl		\
+	-I$(builddir)/../../gl          \
+	-I$(srcdir)/..
+
+noinst_LTLIBRARIES = libminitasn1.la
+libminitasn1_la_SOURCES = libtasn1.h gstr.h int.h parser_aux.h		\
+        structure.h element.h decoding.c gstr.c errors.c parser_aux.c	\
+        structure.c element.c coding.c version.c
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/lib/common.mk $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/minitasn1/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign lib/minitasn1/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+$(top_srcdir)/lib/common.mk $(am__empty):
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+	-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+	@list='$(noinst_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+
+libminitasn1.la: $(libminitasn1_la_OBJECTS) $(libminitasn1_la_DEPENDENCIES) $(EXTRA_libminitasn1_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(LINK)  $(libminitasn1_la_OBJECTS) $(libminitasn1_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/coding.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/decoding.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/element.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/errors.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gstr.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/parser_aux.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/structure.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/version.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	mostlyclean-am
+
+distclean: distclean-am
+		-rm -f ./$(DEPDIR)/coding.Plo
+	-rm -f ./$(DEPDIR)/decoding.Plo
+	-rm -f ./$(DEPDIR)/element.Plo
+	-rm -f ./$(DEPDIR)/errors.Plo
+	-rm -f ./$(DEPDIR)/gstr.Plo
+	-rm -f ./$(DEPDIR)/parser_aux.Plo
+	-rm -f ./$(DEPDIR)/structure.Plo
+	-rm -f ./$(DEPDIR)/version.Plo
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+		-rm -f ./$(DEPDIR)/coding.Plo
+	-rm -f ./$(DEPDIR)/decoding.Plo
+	-rm -f ./$(DEPDIR)/element.Plo
+	-rm -f ./$(DEPDIR)/errors.Plo
+	-rm -f ./$(DEPDIR)/gstr.Plo
+	-rm -f ./$(DEPDIR)/parser_aux.Plo
+	-rm -f ./$(DEPDIR)/structure.Plo
+	-rm -f ./$(DEPDIR)/version.Plo
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+	clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	cscopelist-am ctags ctags-am distclean distclean-compile \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man install-pdf \
+	install-pdf-am install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-am uninstall uninstall-am
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/lib/minitasn1/coding.c b/lib/minitasn1/coding.c
new file mode 100644
index 0000000..5a947a7
--- /dev/null
+++ b/lib/minitasn1/coding.c
@@ -0,0 +1,1413 @@
+/*
+ * Copyright (C) 2002-2021 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * The LIBTASN1 library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA
+ */
+
+
+/*****************************************************/
+/* File: coding.c                                    */
+/* Description: Functions to create a DER coding of  */
+/*   an ASN1 type.                                   */
+/*****************************************************/
+
+#include <int.h>
+#include "parser_aux.h"
+#include <gstr.h>
+#include "element.h"
+#include "minmax.h"
+#include <structure.h>
+
+#define MAX_TAG_LEN 16
+
+/******************************************************/
+/* Function : _asn1_error_description_value_not_found */
+/* Description: creates the ErrorDescription string   */
+/* for the ASN1_VALUE_NOT_FOUND error.                */
+/* Parameters:                                        */
+/*   node: node of the tree where the value is NULL.  */
+/*   ErrorDescription: string returned.               */
+/* Return:                                            */
+/******************************************************/
+static void
+_asn1_error_description_value_not_found (asn1_node node,
+					 char *ErrorDescription)
+{
+
+  if (ErrorDescription == NULL)
+    return;
+
+  Estrcpy (ErrorDescription, ":: value of element '");
+  _asn1_hierarchical_name (node, ErrorDescription + strlen (ErrorDescription),
+			   ASN1_MAX_ERROR_DESCRIPTION_SIZE - 40);
+  Estrcat (ErrorDescription, "' not found");
+
+}
+
+/**
+ * asn1_length_der:
+ * @len: value to convert.
+ * @der: buffer to hold the returned encoding (may be %NULL).
+ * @der_len: number of meaningful bytes of ANS (der[0]..der[der_len-1]).
+ *
+ * Creates the DER encoding of the provided length value.
+ * The @der buffer must have enough room for the output. The maximum
+ * length this function will encode is %ASN1_MAX_LENGTH_SIZE.
+ *
+ * To know the size of the DER encoding use a %NULL value for @der.
+ **/
+void
+asn1_length_der (unsigned long int len, unsigned char *der, int *der_len)
+{
+  int k;
+  unsigned char temp[ASN1_MAX_LENGTH_SIZE];
+#if SIZEOF_UNSIGNED_LONG_INT > 8
+  len &= 0xFFFFFFFFFFFFFFFF;
+#endif
+
+  if (len < 128)
+    {
+      /* short form */
+      if (der != NULL)
+	der[0] = (unsigned char) len;
+      *der_len = 1;
+    }
+  else
+    {
+      /* Long form */
+      k = 0;
+      while (len)
+	{
+	  temp[k++] = len & 0xFF;
+	  len = len >> 8;
+	}
+      *der_len = k + 1;
+      if (der != NULL)
+	{
+	  der[0] = ((unsigned char) k & 0x7F) + 128;
+	  while (k--)
+	    der[*der_len - 1 - k] = temp[k];
+	}
+    }
+}
+
+/******************************************************/
+/* Function : _asn1_tag_der                           */
+/* Description: creates the DER coding for the CLASS  */
+/* and TAG parameters.                                */
+/* It is limited by the ASN1_MAX_TAG_SIZE variable    */
+/* Parameters:                                        */
+/*   class: value to convert.                         */
+/*   tag_value: value to convert.                     */
+/*   ans: string returned.                            */
+/*   ans_len: number of meaningful bytes of ANS       */
+/*            (ans[0]..ans[ans_len-1]).               */
+/* Return:                                            */
+/******************************************************/
+static void
+_asn1_tag_der (unsigned char class, unsigned int tag_value,
+	       unsigned char ans[ASN1_MAX_TAG_SIZE], int *ans_len)
+{
+  int k;
+  unsigned char temp[ASN1_MAX_TAG_SIZE];
+
+  if (tag_value < 31)
+    {
+      /* short form */
+      ans[0] = (class & 0xE0) + ((unsigned char) (tag_value & 0x1F));
+      *ans_len = 1;
+    }
+  else
+    {
+      /* Long form */
+      ans[0] = (class & 0xE0) + 31;
+      k = 0;
+      while (tag_value != 0)
+	{
+	  temp[k++] = tag_value & 0x7F;
+	  tag_value >>= 7;
+
+	  if (k > ASN1_MAX_TAG_SIZE - 1)
+	    break;		/* will not encode larger tags */
+	}
+      *ans_len = k + 1;
+      while (k--)
+	ans[*ans_len - 1 - k] = temp[k] + 128;
+      ans[*ans_len - 1] -= 128;
+    }
+}
+
+/**
+ * asn1_octet_der:
+ * @str: the input data.
+ * @str_len: STR length (str[0]..str[*str_len-1]).
+ * @der: encoded string returned.
+ * @der_len: number of meaningful bytes of DER (der[0]..der[der_len-1]).
+ *
+ * Creates a length-value DER encoding for the input data.
+ * The DER encoding of the input data will be placed in the @der variable.
+ *
+ * Note that the OCTET STRING tag is not included in the output.
+ *
+ * This function does not return any value because it is expected
+ * that @der_len will contain enough bytes to store the string
+ * plus the DER encoding. The DER encoding size can be obtained using
+ * asn1_length_der().
+ **/
+void
+asn1_octet_der (const unsigned char *str, int str_len,
+		unsigned char *der, int *der_len)
+{
+  int len_len;
+
+  if (der == NULL || str_len < 0)
+    return;
+
+  asn1_length_der (str_len, der, &len_len);
+  memcpy (der + len_len, str, str_len);
+  *der_len = str_len + len_len;
+}
+
+
+/**
+ * asn1_encode_simple_der:
+ * @etype: The type of the string to be encoded (ASN1_ETYPE_)
+ * @str: the string data.
+ * @str_len: the string length
+ * @tl: the encoded tag and length
+ * @tl_len: the bytes of the @tl field
+ *
+ * Creates the DER encoding for various simple ASN.1 types like strings etc.
+ * It stores the tag and length in @tl, which should have space for at least
+ * %ASN1_MAX_TL_SIZE bytes. Initially @tl_len should contain the size of @tl.
+ *
+ * The complete DER encoding should consist of the value in @tl appended
+ * with the provided @str.
+ *
+ * Returns: %ASN1_SUCCESS if successful or an error value.
+ **/
+int
+asn1_encode_simple_der (unsigned int etype, const unsigned char *str,
+			unsigned int str_len, unsigned char *tl,
+			unsigned int *tl_len)
+{
+  int tag_len, len_len;
+  unsigned tlen;
+  unsigned char der_tag[ASN1_MAX_TAG_SIZE];
+  unsigned char der_length[ASN1_MAX_LENGTH_SIZE];
+  unsigned char *p;
+
+  if (str == NULL)
+    return ASN1_VALUE_NOT_VALID;
+
+  if (ETYPE_OK (etype) == 0)
+    return ASN1_VALUE_NOT_VALID;
+
+  /* doesn't handle constructed classes */
+  if (ETYPE_CLASS (etype) != ASN1_CLASS_UNIVERSAL)
+    return ASN1_VALUE_NOT_VALID;
+
+  _asn1_tag_der (ETYPE_CLASS (etype), ETYPE_TAG (etype), der_tag, &tag_len);
+
+  asn1_length_der (str_len, der_length, &len_len);
+
+  if (tag_len <= 0 || len_len <= 0)
+    return ASN1_VALUE_NOT_VALID;
+
+  tlen = tag_len + len_len;
+
+  if (*tl_len < tlen)
+    return ASN1_MEM_ERROR;
+
+  p = tl;
+  memcpy (p, der_tag, tag_len);
+  p += tag_len;
+  memcpy (p, der_length, len_len);
+
+  *tl_len = tlen;
+
+  return ASN1_SUCCESS;
+}
+
+/******************************************************/
+/* Function : _asn1_time_der                          */
+/* Description: creates the DER coding for a TIME     */
+/* type (length included).                            */
+/* Parameters:                                        */
+/*   str: TIME null-terminated string.                */
+/*   der: string returned.                            */
+/*   der_len: number of meaningful bytes of DER       */
+/*            (der[0]..der[ans_len-1]). Initially it  */
+/*            if must store the lenght of DER.        */
+/* Return:                                            */
+/*   ASN1_MEM_ERROR when DER isn't big enough         */
+/*   ASN1_SUCCESS otherwise                           */
+/******************************************************/
+static int
+_asn1_time_der (unsigned char *str, int str_len, unsigned char *der,
+		int *der_len)
+{
+  int len_len;
+  int max_len;
+
+  max_len = *der_len;
+
+  asn1_length_der (str_len, (max_len > 0) ? der : NULL, &len_len);
+
+  if ((len_len + str_len) <= max_len)
+    memcpy (der + len_len, str, str_len);
+  *der_len = len_len + str_len;
+
+  if ((*der_len) > max_len)
+    return ASN1_MEM_ERROR;
+
+  return ASN1_SUCCESS;
+}
+
+
+/*
+void
+_asn1_get_utctime_der(unsigned char *der,int *der_len,unsigned char *str)
+{
+  int len_len,str_len;
+  char temp[20];
+
+  if(str==NULL) return;
+  str_len=asn1_get_length_der(der,*der_len,&len_len);
+  if (str_len<0) return;
+  memcpy(temp,der+len_len,str_len);
+  *der_len=str_len+len_len;
+  switch(str_len)
+  {
+  case 11:
+    temp[10]=0;
+    strcat(temp,"00+0000");
+    break;
+  case 13:
+    temp[12]=0;
+    strcat(temp,"+0000");
+    break;
+  case 15:
+    temp[15]=0;
+    memmove(temp+12,temp+10,6);
+    temp[10]=temp[11]='0';
+    break;
+  case 17:
+    temp[17]=0;
+    break;
+  default:
+    return;
+  }
+  strcpy(str,temp);
+}
+*/
+
+static
+void encode_val(uint64_t val, unsigned char *der, int max_len, int *der_len)
+{
+  int first, k;
+  unsigned char bit7;
+
+  first = 0;
+  for (k = sizeof(val); k >= 0; k--)
+    {
+      bit7 = (val >> (k * 7)) & 0x7F;
+      if (bit7 || first || !k)
+	{
+	  if (k)
+	    bit7 |= 0x80;
+	  if (max_len > (*der_len))
+	    der[*der_len] = bit7;
+	  (*der_len)++;
+	  first = 1;
+	}
+    }
+}
+
+/******************************************************/
+/* Function : _asn1_object_id_der                     */
+/* Description: creates the DER coding for an         */
+/* OBJECT IDENTIFIER  type (length included).         */
+/* Parameters:                                        */
+/*   str: OBJECT IDENTIFIER null-terminated string.   */
+/*   der: string returned.                            */
+/*   der_len: number of meaningful bytes of DER       */
+/*            (der[0]..der[ans_len-1]). Initially it  */
+/*            must store the length of DER.           */
+/* Return:                                            */
+/*   ASN1_MEM_ERROR when DER isn't big enough         */
+/*   ASN1_SUCCESS if succesful                        */
+/*   or an error value.                               */
+/******************************************************/
+static int
+_asn1_object_id_der (const char *str, unsigned char *der, int *der_len)
+{
+  int len_len, counter, max_len;
+  char *temp, *n_end, *n_start;
+  uint64_t val, val1 = 0;
+  int str_len = _asn1_strlen (str);
+
+  max_len = *der_len;
+  *der_len = 0;
+
+  if (der == NULL && max_len > 0)
+    return ASN1_VALUE_NOT_VALID;
+
+  temp = malloc (str_len + 2);
+  if (temp == NULL)
+    return ASN1_MEM_ALLOC_ERROR;
+
+  memcpy (temp, str, str_len);
+  temp[str_len] = '.';
+  temp[str_len + 1] = 0;
+
+  counter = 0;
+  n_start = temp;
+  while ((n_end = strchr (n_start, '.')))
+    {
+      *n_end = 0;
+      val = _asn1_strtou64 (n_start, NULL, 10);
+      counter++;
+
+      if (counter == 1)
+        {
+	  val1 = val;
+	}
+      else if (counter == 2)
+	{
+	  uint64_t val0;
+
+          if (val1 > 2)
+            {
+              free(temp);
+              return ASN1_VALUE_NOT_VALID;
+            }
+          else if ((val1 == 0 || val1 == 1) && val > 39)
+            {
+              free(temp);
+              return ASN1_VALUE_NOT_VALID;
+            }
+
+	  val0 = 40 * val1 + val;
+	  encode_val(val0, der, max_len, der_len);
+	}
+      else
+	{
+	  encode_val(val, der, max_len, der_len);
+	}
+      n_start = n_end + 1;
+    }
+
+  asn1_length_der (*der_len, NULL, &len_len);
+  if (max_len >= (*der_len + len_len))
+    {
+      memmove (der + len_len, der, *der_len);
+      asn1_length_der (*der_len, der, &len_len);
+    }
+  *der_len += len_len;
+
+  free (temp);
+
+  if (max_len < (*der_len))
+    return ASN1_MEM_ERROR;
+
+  return ASN1_SUCCESS;
+}
+
+/**
+ * asn1_object_id_der:
+ * @str: An object identifier in numeric, dot format.
+ * @der: buffer to hold the returned encoding (may be %NULL).
+ * @der_len: initially the size of @der; will hold the final size.
+ * @flags: must be zero
+ *
+ * Creates the DER encoding of the provided object identifier.
+ *
+ * Returns: %ASN1_SUCCESS if DER encoding was OK, %ASN1_VALUE_NOT_VALID
+ *   if @str is not a valid OID, %ASN1_MEM_ERROR if the @der
+ *   vector isn't big enough and in this case @der_len will contain the
+ *   length needed.
+ **/
+int asn1_object_id_der(const char *str, unsigned char *der, int *der_len, unsigned flags)
+{
+  unsigned char tag_der[MAX_TAG_LEN];
+  int tag_len = 0, r;
+  int max_len = *der_len;
+
+  *der_len = 0;
+
+  _asn1_tag_der (ETYPE_CLASS (ASN1_ETYPE_OBJECT_ID), ETYPE_TAG (ASN1_ETYPE_OBJECT_ID),
+                 tag_der, &tag_len);
+
+  if (max_len > tag_len)
+    {
+      memcpy(der, tag_der, tag_len);
+    }
+  max_len -= tag_len;
+  der += tag_len;
+
+  r = _asn1_object_id_der (str, der, &max_len);
+  if (r == ASN1_MEM_ERROR || r == ASN1_SUCCESS)
+    {
+      *der_len = max_len + tag_len;
+    }
+
+  return r;
+}
+
+static const unsigned char bit_mask[] =
+  { 0xFF, 0xFE, 0xFC, 0xF8, 0xF0, 0xE0, 0xC0, 0x80 };
+
+/**
+ * asn1_bit_der:
+ * @str: BIT string.
+ * @bit_len: number of meaningful bits in STR.
+ * @der: string returned.
+ * @der_len: number of meaningful bytes of DER
+ *   (der[0]..der[ans_len-1]).
+ *
+ * Creates a length-value DER encoding for the input data
+ * as it would have been for a BIT STRING.
+ * The DER encoded data will be copied in @der.
+ *
+ * Note that the BIT STRING tag is not included in the output.
+ *
+ * This function does not return any value because it is expected
+ * that @der_len will contain enough bytes to store the string
+ * plus the DER encoding. The DER encoding size can be obtained using
+ * asn1_length_der().
+ **/
+void
+asn1_bit_der (const unsigned char *str, int bit_len,
+	      unsigned char *der, int *der_len)
+{
+  int len_len, len_byte, len_pad;
+
+  if (der == NULL)
+    return;
+
+  len_byte = bit_len >> 3;
+  len_pad = 8 - (bit_len & 7);
+  if (len_pad == 8)
+    len_pad = 0;
+  else
+    len_byte++;
+  asn1_length_der (len_byte + 1, der, &len_len);
+  der[len_len] = len_pad;
+
+  if (str)
+    memcpy (der + len_len + 1, str, len_byte);
+  der[len_len + len_byte] &= bit_mask[len_pad];
+  *der_len = len_byte + len_len + 1;
+}
+
+
+/******************************************************/
+/* Function : _asn1_complete_explicit_tag             */
+/* Description: add the length coding to the EXPLICIT */
+/* tags.                                              */
+/* Parameters:                                        */
+/*   node: pointer to the tree element.               */
+/*   der: string with the DER coding of the whole tree*/
+/*   counter: number of meaningful bytes of DER       */
+/*            (der[0]..der[*counter-1]).              */
+/*   max_len: size of der vector                      */
+/* Return:                                            */
+/*   ASN1_MEM_ERROR if der vector isn't big enough,   */
+/*   otherwise ASN1_SUCCESS.                          */
+/******************************************************/
+static int
+_asn1_complete_explicit_tag (asn1_node node, unsigned char *der,
+			     int *counter, int *max_len)
+{
+  asn1_node p;
+  int is_tag_implicit, len2, len3;
+  unsigned char temp[SIZEOF_UNSIGNED_INT];
+
+  if (der == NULL && *max_len > 0)
+    return ASN1_VALUE_NOT_VALID;
+
+  is_tag_implicit = 0;
+
+  if (node->type & CONST_TAG)
+    {
+      p = node->down;
+      if (p == NULL)
+        return ASN1_DER_ERROR;
+      /* When there are nested tags we must complete them reverse to
+         the order they were created. This is because completing a tag
+         modifies all data within it, including the incomplete tags
+         which store buffer positions -- simon@josefsson.org 2002-09-06
+       */
+      while (p->right)
+	p = p->right;
+      while (p && p != node->down->left)
+	{
+	  if (type_field (p->type) == ASN1_ETYPE_TAG)
+	    {
+	      if (p->type & CONST_EXPLICIT)
+		{
+		  len2 = strtol (p->name, NULL, 10);
+		  _asn1_set_name (p, NULL);
+
+		  asn1_length_der (*counter - len2, temp, &len3);
+		  if (len3 <= (*max_len))
+		    {
+		      memmove (der + len2 + len3, der + len2,
+			       *counter - len2);
+		      memcpy (der + len2, temp, len3);
+		    }
+		  *max_len -= len3;
+		  *counter += len3;
+		  is_tag_implicit = 0;
+		}
+	      else
+		{		/* CONST_IMPLICIT */
+		  if (!is_tag_implicit)
+		    {
+		      is_tag_implicit = 1;
+		    }
+		}
+	    }
+	  p = p->left;
+	}
+    }
+
+  if (*max_len < 0)
+    return ASN1_MEM_ERROR;
+
+  return ASN1_SUCCESS;
+}
+
+const tag_and_class_st _asn1_tags[] = {
+  [ASN1_ETYPE_GENERALSTRING] =
+    {ASN1_TAG_GENERALSTRING, ASN1_CLASS_UNIVERSAL, "type:GENERALSTRING"},
+  [ASN1_ETYPE_NUMERIC_STRING] =
+    {ASN1_TAG_NUMERIC_STRING, ASN1_CLASS_UNIVERSAL, "type:NUMERIC_STR"},
+  [ASN1_ETYPE_IA5_STRING] =
+    {ASN1_TAG_IA5_STRING, ASN1_CLASS_UNIVERSAL, "type:IA5_STR"},
+  [ASN1_ETYPE_TELETEX_STRING] =
+    {ASN1_TAG_TELETEX_STRING, ASN1_CLASS_UNIVERSAL, "type:TELETEX_STR"},
+  [ASN1_ETYPE_PRINTABLE_STRING] =
+    {ASN1_TAG_PRINTABLE_STRING, ASN1_CLASS_UNIVERSAL, "type:PRINTABLE_STR"},
+  [ASN1_ETYPE_UNIVERSAL_STRING] =
+    {ASN1_TAG_UNIVERSAL_STRING, ASN1_CLASS_UNIVERSAL, "type:UNIVERSAL_STR"},
+  [ASN1_ETYPE_BMP_STRING] =
+    {ASN1_TAG_BMP_STRING, ASN1_CLASS_UNIVERSAL, "type:BMP_STR"},
+  [ASN1_ETYPE_UTF8_STRING] =
+    {ASN1_TAG_UTF8_STRING, ASN1_CLASS_UNIVERSAL, "type:UTF8_STR"},
+  [ASN1_ETYPE_VISIBLE_STRING] =
+    {ASN1_TAG_VISIBLE_STRING, ASN1_CLASS_UNIVERSAL, "type:VISIBLE_STR"},
+  [ASN1_ETYPE_OCTET_STRING] =
+    {ASN1_TAG_OCTET_STRING, ASN1_CLASS_UNIVERSAL, "type:OCT_STR"},
+  [ASN1_ETYPE_BIT_STRING] =
+    {ASN1_TAG_BIT_STRING, ASN1_CLASS_UNIVERSAL, "type:BIT_STR"},
+  [ASN1_ETYPE_OBJECT_ID] =
+    {ASN1_TAG_OBJECT_ID, ASN1_CLASS_UNIVERSAL, "type:OBJ_ID"},
+  [ASN1_ETYPE_NULL] = {ASN1_TAG_NULL, ASN1_CLASS_UNIVERSAL, "type:NULL"},
+  [ASN1_ETYPE_BOOLEAN] =
+    {ASN1_TAG_BOOLEAN, ASN1_CLASS_UNIVERSAL, "type:BOOLEAN"},
+  [ASN1_ETYPE_INTEGER] =
+    {ASN1_TAG_INTEGER, ASN1_CLASS_UNIVERSAL, "type:INTEGER"},
+  [ASN1_ETYPE_ENUMERATED] =
+    {ASN1_TAG_ENUMERATED, ASN1_CLASS_UNIVERSAL, "type:ENUMERATED"},
+  [ASN1_ETYPE_SEQUENCE] =
+    {ASN1_TAG_SEQUENCE, ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED,
+     "type:SEQUENCE"},
+  [ASN1_ETYPE_SEQUENCE_OF] =
+    {ASN1_TAG_SEQUENCE, ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED,
+     "type:SEQ_OF"},
+  [ASN1_ETYPE_SET] =
+    {ASN1_TAG_SET, ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED, "type:SET"},
+  [ASN1_ETYPE_SET_OF] =
+    {ASN1_TAG_SET, ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED,
+     "type:SET_OF"},
+  [ASN1_ETYPE_GENERALIZED_TIME] =
+    {ASN1_TAG_GENERALIZEDTime, ASN1_CLASS_UNIVERSAL, "type:GENERALIZED_TIME"},
+  [ASN1_ETYPE_UTC_TIME] =
+    {ASN1_TAG_UTCTime, ASN1_CLASS_UNIVERSAL, "type:UTC_TIME"},
+};
+
+unsigned int _asn1_tags_size = sizeof (_asn1_tags) / sizeof (_asn1_tags[0]);
+
+/******************************************************/
+/* Function : _asn1_insert_tag_der                    */
+/* Description: creates the DER coding of tags of one */
+/* NODE.                                              */
+/* Parameters:                                        */
+/*   node: pointer to the tree element.               */
+/*   der: string returned                             */
+/*   counter: number of meaningful bytes of DER       */
+/*            (counter[0]..der[*counter-1]).          */
+/*   max_len: size of der vector                      */
+/* Return:                                            */
+/*   ASN1_GENERIC_ERROR if the type is unknown,       */
+/*   ASN1_MEM_ERROR if der vector isn't big enough,   */
+/*   otherwise ASN1_SUCCESS.                          */
+/******************************************************/
+static int
+_asn1_insert_tag_der (asn1_node node, unsigned char *der, int *counter,
+		      int *max_len)
+{
+  asn1_node p;
+  int tag_len, is_tag_implicit;
+  unsigned char class, class_implicit = 0, temp[MAX(SIZEOF_UNSIGNED_INT * 3 + 1, LTOSTR_MAX_SIZE)];
+  unsigned long tag_implicit = 0;
+  unsigned char tag_der[MAX_TAG_LEN];
+
+  is_tag_implicit = 0;
+
+  if (node->type & CONST_TAG)
+    {
+      p = node->down;
+      while (p)
+	{
+	  if (type_field (p->type) == ASN1_ETYPE_TAG)
+	    {
+	      if (p->type & CONST_APPLICATION)
+		class = ASN1_CLASS_APPLICATION;
+	      else if (p->type & CONST_UNIVERSAL)
+		class = ASN1_CLASS_UNIVERSAL;
+	      else if (p->type & CONST_PRIVATE)
+		class = ASN1_CLASS_PRIVATE;
+	      else
+		class = ASN1_CLASS_CONTEXT_SPECIFIC;
+
+	      if (p->type & CONST_EXPLICIT)
+		{
+		  if (is_tag_implicit)
+		    _asn1_tag_der (class_implicit, tag_implicit, tag_der,
+				   &tag_len);
+		  else
+		    _asn1_tag_der (class | ASN1_CLASS_STRUCTURED,
+				   _asn1_strtoul (p->value, NULL, 10),
+				   tag_der, &tag_len);
+
+		  *max_len -= tag_len;
+		  if (der && *max_len >= 0)
+		    memcpy (der + *counter, tag_der, tag_len);
+		  *counter += tag_len;
+
+		  _asn1_ltostr (*counter, (char *) temp);
+		  _asn1_set_name (p, (const char *) temp);
+
+		  is_tag_implicit = 0;
+		}
+	      else
+		{		/* CONST_IMPLICIT */
+		  if (!is_tag_implicit)
+		    {
+		      if ((type_field (node->type) == ASN1_ETYPE_SEQUENCE) ||
+			  (type_field (node->type) == ASN1_ETYPE_SEQUENCE_OF)
+			  || (type_field (node->type) == ASN1_ETYPE_SET)
+			  || (type_field (node->type) == ASN1_ETYPE_SET_OF))
+			class |= ASN1_CLASS_STRUCTURED;
+		      class_implicit = class;
+		      tag_implicit = _asn1_strtoul (p->value, NULL, 10);
+		      is_tag_implicit = 1;
+		    }
+		}
+	    }
+	  p = p->right;
+	}
+    }
+
+  if (is_tag_implicit)
+    {
+      _asn1_tag_der (class_implicit, tag_implicit, tag_der, &tag_len);
+    }
+  else
+    {
+      unsigned type = type_field (node->type);
+      switch (type)
+	{
+	CASE_HANDLED_ETYPES:
+	  _asn1_tag_der (_asn1_tags[type].class, _asn1_tags[type].tag,
+			 tag_der, &tag_len);
+	  break;
+	case ASN1_ETYPE_TAG:
+	case ASN1_ETYPE_CHOICE:
+	case ASN1_ETYPE_ANY:
+	  tag_len = 0;
+	  break;
+	default:
+	  return ASN1_GENERIC_ERROR;
+	}
+    }
+
+  *max_len -= tag_len;
+  if (der && *max_len >= 0)
+    memcpy (der + *counter, tag_der, tag_len);
+  *counter += tag_len;
+
+  if (*max_len < 0)
+    return ASN1_MEM_ERROR;
+
+  return ASN1_SUCCESS;
+}
+
+/******************************************************/
+/* Function : _asn1_ordering_set                      */
+/* Description: puts the elements of a SET type in    */
+/* the correct order according to DER rules.          */
+/* Parameters:                                        */
+/*   der: string with the DER coding.                 */
+/*   node: pointer to the SET element.                */
+/* Return:                                            */
+/*    ASN1_SUCCESS if successful                      */
+/*    or an error value.                              */
+/******************************************************/
+static int
+_asn1_ordering_set (unsigned char *der, int der_len, asn1_node node)
+{
+  struct vet
+  {
+    int end;
+    unsigned long value;
+    struct vet *next, *prev;
+  };
+
+  int counter, len, len2;
+  struct vet *first, *last, *p_vet, *p2_vet;
+  asn1_node p;
+  unsigned char class, *temp;
+  unsigned long tag, t;
+  int err;
+
+  counter = 0;
+
+  if (type_field (node->type) != ASN1_ETYPE_SET)
+    return ASN1_VALUE_NOT_VALID;
+
+  p = node->down;
+  while (p && ((type_field (p->type) == ASN1_ETYPE_TAG) ||
+	 (type_field (p->type) == ASN1_ETYPE_SIZE)))
+    p = p->right;
+
+  if ((p == NULL) || (p->right == NULL))
+    return ASN1_SUCCESS;
+
+  first = last = NULL;
+  while (p)
+    {
+      p_vet = malloc (sizeof (struct vet));
+      if (p_vet == NULL)
+        {
+	  err = ASN1_MEM_ALLOC_ERROR;
+	  goto error;
+	}
+
+      p_vet->next = NULL;
+      p_vet->prev = last;
+      if (first == NULL)
+	first = p_vet;
+      else
+	last->next = p_vet;
+      last = p_vet;
+
+      /* tag value calculation */
+      err = asn1_get_tag_der (der + counter, der_len - counter, &class, &len2,
+			      &tag);
+      if (err != ASN1_SUCCESS)
+	goto error;
+
+      t = ((unsigned int)class) << 24;
+      p_vet->value = t | tag;
+      counter += len2;
+
+      /* extraction and length */
+      len2 = asn1_get_length_der (der + counter, der_len - counter, &len);
+      if (len2 < 0)
+	{
+	  err = ASN1_DER_ERROR;
+	  goto error;
+	}
+      counter += len + len2;
+
+      p_vet->end = counter;
+      p = p->right;
+    }
+
+  p_vet = first;
+
+  while (p_vet)
+    {
+      p2_vet = p_vet->next;
+      counter = 0;
+      while (p2_vet)
+	{
+	  if (p_vet->value > p2_vet->value)
+	    {
+	      /* change position */
+	      temp = malloc (p_vet->end - counter);
+	      if (temp == NULL)
+		{
+		  err = ASN1_MEM_ALLOC_ERROR;
+		  goto error;
+		}
+
+	      memcpy (temp, der + counter, p_vet->end - counter);
+	      memcpy (der + counter, der + p_vet->end,
+		      p2_vet->end - p_vet->end);
+	      memcpy (der + counter + p2_vet->end - p_vet->end, temp,
+		      p_vet->end - counter);
+	      free (temp);
+
+	      tag = p_vet->value;
+	      p_vet->value = p2_vet->value;
+	      p2_vet->value = tag;
+
+	      p_vet->end = counter + (p2_vet->end - p_vet->end);
+	    }
+	  counter = p_vet->end;
+
+	  p2_vet = p2_vet->next;
+	  p_vet = p_vet->next;
+	}
+
+      if (p_vet != first)
+	p_vet->prev->next = NULL;
+      else
+	first = NULL;
+      free (p_vet);
+      p_vet = first;
+    }
+  return ASN1_SUCCESS;
+
+error:
+  while (first != NULL)
+    {
+      p_vet = first;
+      first = first->next;
+      free(p_vet);
+    }
+  return err;
+}
+
+struct vet
+{
+  unsigned char *ptr;
+  int size;
+};
+
+static int setof_compar(const void *_e1, const void *_e2)
+{
+  unsigned length;
+  const struct vet *e1 = _e1, *e2 = _e2;
+  int rval;
+
+  /* The encodings of the component values of a set-of value shall
+   * appear in ascending order, the encodings being compared
+   * as octet strings with the shorter components being
+   * padded at their trailing end with 0-octets.
+   * The padding octets are for comparison purposes and
+   * do not appear in the encodings.
+   */
+  length = MIN(e1->size, e2->size);
+
+  rval = memcmp(e1->ptr, e2->ptr, length);
+  if (rval == 0 && e1->size != e2->size)
+    {
+      if (e1->size > e2->size)
+        rval = 1;
+      else if (e2->size > e1->size)
+        rval = -1;
+    }
+
+  return rval;
+}
+
+/******************************************************/
+/* Function : _asn1_ordering_set_of                   */
+/* Description: puts the elements of a SET OF type in */
+/* the correct order according to DER rules.          */
+/* Parameters:                                        */
+/*   der: string with the DER coding.                 */
+/*   node: pointer to the SET OF element.             */
+/* Return:                                            */
+/*    ASN1_SUCCESS if successful                      */
+/*    or an error value.                              */
+/******************************************************/
+static int
+_asn1_ordering_set_of (unsigned char *der, int der_len, asn1_node node)
+{
+  int counter, len, len2;
+  struct vet *list = NULL, *tlist;
+  unsigned list_size = 0;
+  struct vet *p_vet;
+  asn1_node p;
+  unsigned char class;
+  unsigned i;
+  unsigned char *out = NULL;
+  int err;
+
+  counter = 0;
+
+  if (type_field (node->type) != ASN1_ETYPE_SET_OF)
+    return ASN1_VALUE_NOT_VALID;
+
+  p = node->down;
+  while (p && ((type_field (p->type) == ASN1_ETYPE_TAG) ||
+	 (type_field (p->type) == ASN1_ETYPE_SIZE)))
+    p = p->right;
+  if (p == NULL)
+    return ASN1_VALUE_NOT_VALID;
+  p = p->right;
+
+  if ((p == NULL) || (p->right == NULL))
+    return ASN1_SUCCESS;
+
+  while (p)
+    {
+      list_size++;
+      tlist = realloc (list, list_size*sizeof(struct vet));
+      if (tlist == NULL)
+	{
+	  err = ASN1_MEM_ALLOC_ERROR;
+	  goto error;
+	}
+      list = tlist;
+      p_vet = &list[list_size-1];
+
+      p_vet->ptr = der+counter;
+      p_vet->size = 0;
+
+      /* extraction of tag and length */
+      if (der_len - counter > 0)
+	{
+	  err = asn1_get_tag_der (der + counter, der_len - counter, &class,
+	                          &len, NULL);
+	  if (err != ASN1_SUCCESS)
+	    goto error;
+	  counter += len;
+          p_vet->size += len;
+
+	  len2 = asn1_get_length_der (der + counter, der_len - counter, &len);
+	  if (len2 < 0)
+	    {
+	      err = ASN1_DER_ERROR;
+	      goto error;
+	    }
+	  counter += len + len2;
+          p_vet->size += len + len2;
+
+	}
+      else
+	{
+	  err = ASN1_DER_ERROR;
+	  goto error;
+	}
+      p = p->right;
+    }
+
+  if (counter > der_len)
+    {
+      err = ASN1_DER_ERROR;
+      goto error;
+    }
+
+  qsort(list, list_size, sizeof(struct vet), setof_compar);
+
+  out = malloc(der_len);
+  if (out == NULL)
+    {
+      err = ASN1_MEM_ERROR;
+      goto error;
+    }
+
+  /* the sum of p_vet->size == der_len */
+  counter = 0;
+  for (i = 0; i < list_size; i++)
+    {
+      p_vet = &list[i];
+      memcpy(out+counter, p_vet->ptr, p_vet->size);
+      counter += p_vet->size;
+    }
+  memcpy(der, out, der_len);
+  free(out);
+
+  err = ASN1_SUCCESS;
+
+error:
+  free(list);
+  return err;
+}
+
+/**
+ * asn1_der_coding:
+ * @element: pointer to an ASN1 element
+ * @name: the name of the structure you want to encode (it must be
+ *   inside *POINTER).
+ * @ider: vector that will contain the DER encoding. DER must be a
+ *   pointer to memory cells already allocated.
+ * @len: number of bytes of *@ider: @ider[0]..@ider[len-1], Initialy
+ *   holds the sizeof of der vector.
+ * @ErrorDescription: return the error description or an empty
+ *   string if success.
+ *
+ * Creates the DER encoding for the NAME structure (inside *POINTER
+ * structure).
+ *
+ * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND
+ *   if @name is not a valid element, %ASN1_VALUE_NOT_FOUND if there
+ *   is an element without a value, %ASN1_MEM_ERROR if the @ider
+ *   vector isn't big enough and in this case @len will contain the
+ *   length needed.
+ **/
+int
+asn1_der_coding (asn1_node_const element, const char *name, void *ider, int *len,
+		 char *ErrorDescription)
+{
+  asn1_node node, p, p2;
+  unsigned char temp[MAX(LTOSTR_MAX_SIZE, SIZEOF_UNSIGNED_LONG_INT * 3 + 1)];
+  int counter, counter_old, len2, len3, move, max_len, max_len_old;
+  int err;
+  unsigned char *der = ider;
+  unsigned char dummy;
+
+  if (ErrorDescription)
+    ErrorDescription[0] = 0;
+
+  node = asn1_find_node (element, name);
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  /* Node is now a locally allocated variable.
+   * That is because in some point we modify the
+   * structure, and I don't know why! --nmav
+   */
+  node = _asn1_copy_structure3 (node);
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  max_len = *len;
+
+  if (der == NULL && max_len > 0)
+    {
+      err = ASN1_VALUE_NOT_VALID;
+      goto error;
+    }
+
+  counter = 0;
+  move = DOWN;
+  p = node;
+
+  while (1)
+    {
+
+      counter_old = counter;
+      max_len_old = max_len;
+      if (move != UP)
+	{
+          p->start = counter;
+	  err = _asn1_insert_tag_der (p, der, &counter, &max_len);
+	  if (err != ASN1_SUCCESS && err != ASN1_MEM_ERROR)
+	    goto error;
+	}
+      switch (type_field (p->type))
+	{
+	case ASN1_ETYPE_NULL:
+	  max_len--;
+	  if (der != NULL && max_len >= 0)
+	    der[counter] = 0;
+	  counter++;
+	  move = RIGHT;
+	  break;
+	case ASN1_ETYPE_BOOLEAN:
+	  if ((p->type & CONST_DEFAULT) && (p->value == NULL))
+	    {
+	      counter = counter_old;
+	      max_len = max_len_old;
+	    }
+	  else
+	    {
+	      if (p->value == NULL)
+		{
+		  _asn1_error_description_value_not_found (p,
+							   ErrorDescription);
+		  err = ASN1_VALUE_NOT_FOUND;
+		  goto error;
+		}
+	      max_len -= 2;
+	      if (der != NULL && max_len >= 0)
+		{
+		  der[counter++] = 1;
+		  if (p->value[0] == 'F')
+		    der[counter++] = 0;
+		  else
+		    der[counter++] = 0xFF;
+		}
+	      else
+		counter += 2;
+	    }
+	  move = RIGHT;
+	  break;
+	case ASN1_ETYPE_INTEGER:
+	case ASN1_ETYPE_ENUMERATED:
+	  if ((p->type & CONST_DEFAULT) && (p->value == NULL))
+	    {
+	      counter = counter_old;
+	      max_len = max_len_old;
+	    }
+	  else
+	    {
+	      if (p->value == NULL)
+		{
+		  _asn1_error_description_value_not_found (p,
+							   ErrorDescription);
+		  err = ASN1_VALUE_NOT_FOUND;
+		  goto error;
+		}
+	      len2 = asn1_get_length_der (p->value, p->value_len, &len3);
+	      if (len2 < 0)
+		{
+		  err = ASN1_DER_ERROR;
+		  goto error;
+		}
+	      max_len -= len2 + len3;
+	      if (der != NULL && max_len >= 0)
+		memcpy (der + counter, p->value, len3 + len2);
+	      counter += len3 + len2;
+	    }
+	  move = RIGHT;
+	  break;
+	case ASN1_ETYPE_OBJECT_ID:
+	  if ((p->type & CONST_DEFAULT) && (p->value == NULL))
+	    {
+	      counter = counter_old;
+	      max_len = max_len_old;
+	    }
+	  else
+	    {
+	      if (p->value == NULL)
+		{
+		  _asn1_error_description_value_not_found (p,
+							   ErrorDescription);
+		  err = ASN1_VALUE_NOT_FOUND;
+		  goto error;
+		}
+	      len2 = max_len;
+	      err = _asn1_object_id_der ((char*)p->value, der ? der + counter : &dummy, &len2);
+	      if (err != ASN1_SUCCESS && err != ASN1_MEM_ERROR)
+		goto error;
+
+	      max_len -= len2;
+	      counter += len2;
+	    }
+	  move = RIGHT;
+	  break;
+	case ASN1_ETYPE_GENERALIZED_TIME:
+	case ASN1_ETYPE_UTC_TIME:
+	  if (p->value == NULL)
+	    {
+	      _asn1_error_description_value_not_found (p, ErrorDescription);
+	      err = ASN1_VALUE_NOT_FOUND;
+	      goto error;
+	    }
+	  len2 = max_len;
+	  err = _asn1_time_der (p->value, p->value_len, der ? der + counter : &dummy, &len2);
+	  if (err != ASN1_SUCCESS && err != ASN1_MEM_ERROR)
+	    goto error;
+
+	  max_len -= len2;
+	  counter += len2;
+	  move = RIGHT;
+	  break;
+	case ASN1_ETYPE_OCTET_STRING:
+	case ASN1_ETYPE_GENERALSTRING:
+	case ASN1_ETYPE_NUMERIC_STRING:
+	case ASN1_ETYPE_IA5_STRING:
+	case ASN1_ETYPE_TELETEX_STRING:
+	case ASN1_ETYPE_PRINTABLE_STRING:
+	case ASN1_ETYPE_UNIVERSAL_STRING:
+	case ASN1_ETYPE_BMP_STRING:
+	case ASN1_ETYPE_UTF8_STRING:
+	case ASN1_ETYPE_VISIBLE_STRING:
+	case ASN1_ETYPE_BIT_STRING:
+	  if (p->value == NULL)
+	    {
+	      _asn1_error_description_value_not_found (p, ErrorDescription);
+	      err = ASN1_VALUE_NOT_FOUND;
+	      goto error;
+	    }
+	  len2 = asn1_get_length_der (p->value, p->value_len, &len3);
+	  if (len2 < 0)
+	    {
+	      err = ASN1_DER_ERROR;
+	      goto error;
+	    }
+	  max_len -= len2 + len3;
+	  if (der != NULL && max_len >= 0)
+	    memcpy (der + counter, p->value, len3 + len2);
+	  counter += len3 + len2;
+	  move = RIGHT;
+	  break;
+	case ASN1_ETYPE_SEQUENCE:
+	case ASN1_ETYPE_SET:
+	  if (move != UP)
+	    {
+	      p->tmp_ival = counter;
+	      if (p->down == NULL)
+		{
+		  move = UP;
+		  continue;
+		}
+	      else
+		{
+		  p2 = p->down;
+		  while (p2 && (type_field (p2->type) == ASN1_ETYPE_TAG))
+		    p2 = p2->right;
+		  if (p2)
+		    {
+		      p = p2;
+		      move = RIGHT;
+		      continue;
+		    }
+		  move = UP;
+		  continue;
+		}
+	    }
+	  else
+	    {			/* move==UP */
+	      len2 = p->tmp_ival;
+	      p->tmp_ival = 0;
+	      if ((type_field (p->type) == ASN1_ETYPE_SET) && (max_len >= 0))
+		{
+		  err = _asn1_ordering_set (der ? der + len2 : &dummy, counter - len2, p);
+		  if (err != ASN1_SUCCESS)
+		    goto error;
+		}
+	      asn1_length_der (counter - len2, temp, &len3);
+	      max_len -= len3;
+	      if (der != NULL && max_len >= 0)
+		{
+		  memmove (der + len2 + len3, der + len2, counter - len2);
+		  memcpy (der + len2, temp, len3);
+		}
+	      counter += len3;
+	      move = RIGHT;
+	    }
+	  break;
+	case ASN1_ETYPE_SEQUENCE_OF:
+	case ASN1_ETYPE_SET_OF:
+	  if (move != UP)
+	    {
+	      p->tmp_ival = counter;
+	      p = p->down;
+	      while ((type_field (p->type) == ASN1_ETYPE_TAG)
+		     || (type_field (p->type) == ASN1_ETYPE_SIZE))
+		p = p->right;
+	      if (p->right)
+		{
+		  p = p->right;
+		  move = RIGHT;
+		  continue;
+		}
+	      else
+		p = _asn1_find_up (p);
+	      move = UP;
+	    }
+	  if (move == UP)
+	    {
+	      len2 = p->tmp_ival;
+	      p->tmp_ival = 0;
+	      if ((type_field (p->type) == ASN1_ETYPE_SET_OF)
+		  && (counter - len2 > 0) && (max_len >= 0))
+		{
+		  err = _asn1_ordering_set_of (der ? der + len2 : &dummy, counter - len2, p);
+		  if (err != ASN1_SUCCESS)
+		    goto error;
+		}
+	      asn1_length_der (counter - len2, temp, &len3);
+	      max_len -= len3;
+	      if (der != NULL && max_len >= 0)
+		{
+		  memmove (der + len2 + len3, der + len2, counter - len2);
+		  memcpy (der + len2, temp, len3);
+		}
+	      counter += len3;
+	      move = RIGHT;
+	    }
+	  break;
+	case ASN1_ETYPE_ANY:
+	  if (p->value == NULL)
+	    {
+	      _asn1_error_description_value_not_found (p, ErrorDescription);
+	      err = ASN1_VALUE_NOT_FOUND;
+	      goto error;
+	    }
+	  len2 = asn1_get_length_der (p->value, p->value_len, &len3);
+	  if (len2 < 0)
+	    {
+	      err = ASN1_DER_ERROR;
+	      goto error;
+	    }
+	  max_len -= len2;
+	  if (der != NULL && max_len >= 0)
+	    memcpy (der + counter, p->value + len3, len2);
+	  counter += len2;
+	  move = RIGHT;
+	  break;
+	default:
+	  move = (move == UP) ? RIGHT : DOWN;
+	  break;
+	}
+
+      if ((move != DOWN) && (counter != counter_old))
+	{
+          p->end = counter - 1;
+	  err = _asn1_complete_explicit_tag (p, der, &counter, &max_len);
+	  if (err != ASN1_SUCCESS && err != ASN1_MEM_ERROR)
+	    goto error;
+	}
+
+      if (p == node && move != DOWN)
+	break;
+
+      if (move == DOWN)
+	{
+	  if (p->down)
+	    p = p->down;
+	  else
+	    move = RIGHT;
+	}
+      if (move == RIGHT)
+	{
+	  if (p->right)
+	    p = p->right;
+	  else
+	    move = UP;
+	}
+      if (move == UP)
+	p = _asn1_find_up (p);
+    }
+
+  *len = counter;
+
+  if (max_len < 0)
+    {
+      err = ASN1_MEM_ERROR;
+      goto error;
+    }
+
+  err = ASN1_SUCCESS;
+
+error:
+  asn1_delete_structure (&node);
+  return err;
+}
diff --git a/lib/minitasn1/decoding.c b/lib/minitasn1/decoding.c
new file mode 100644
index 0000000..378219c
--- /dev/null
+++ b/lib/minitasn1/decoding.c
@@ -0,0 +1,2478 @@
+/*
+ * Copyright (C) 2002-2021 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * The LIBTASN1 library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA
+ */
+
+
+/*****************************************************/
+/* File: decoding.c                                  */
+/* Description: Functions to manage DER decoding     */
+/*****************************************************/
+
+#include <int.h>
+#include <parser_aux.h>
+#include <gstr.h>
+#include <structure.h>
+#include <element.h>
+#include <limits.h>
+#include <intprops.h>
+#include "c-ctype.h"
+
+#ifdef DEBUG
+# define warn() fprintf(stderr, "%s: %d\n", __func__, __LINE__)
+#else
+# define warn()
+#endif
+
+#define IS_ERR(len, flags) (len < -1 || ((flags & ASN1_DECODE_FLAG_STRICT_DER) && len < 0))
+
+#define HAVE_TWO(x) (x>=2?1:0)
+
+/* Decoding flags (dflags) used in several decoding functions.
+ *  DECODE_FLAG_HAVE_TAG: The provided buffer includes a tag
+ *  DECODE_FLAG_CONSTRUCTED: The provided buffer is of indefinite encoding (useful
+ *                           when no tags are present).
+ *  DECODE_FLAG_LEVEL1: Internal flag to indicate a level of recursion for BER strings.
+ *  DECODE_FLAG_LEVEL2: Internal flag to indicate two levels of recursion for BER strings.
+ *  DECODE_FLAG_LEVEL3: Internal flag to indicate three levels of recursion for BER strings.
+ *                      This is the maximum levels of recursion possible to prevent stack
+ *                      exhaustion.
+ */
+
+#define DECODE_FLAG_HAVE_TAG 1
+#define DECODE_FLAG_CONSTRUCTED (1<<1)
+#define DECODE_FLAG_LEVEL1 (1<<2)
+#define DECODE_FLAG_LEVEL2 (1<<3)
+#define DECODE_FLAG_LEVEL3 (1<<4)
+
+#define DECR_LEN(l, s) do { \
+	  l -= s; \
+	  if (l < 0) { \
+	    warn(); \
+	    result = ASN1_DER_ERROR; \
+	    goto cleanup; \
+	  } \
+	} while (0)
+
+static int
+_asn1_get_indefinite_length_string (const unsigned char *der, int der_len, int *len);
+
+static int
+_asn1_decode_simple_ber (unsigned int etype, const unsigned char *der,
+			unsigned int _der_len, unsigned char **str,
+			unsigned int *str_len, unsigned int *ber_len,
+			unsigned dflags);
+
+static int
+_asn1_decode_simple_der (unsigned int etype, const unsigned char *der,
+			unsigned int _der_len, const unsigned char **str,
+			unsigned int *str_len, unsigned dflags);
+
+static void
+_asn1_error_description_tag_error (asn1_node node, char *ErrorDescription)
+{
+
+  Estrcpy (ErrorDescription, ":: tag error near element '");
+  _asn1_hierarchical_name (node, ErrorDescription + strlen (ErrorDescription),
+			   ASN1_MAX_ERROR_DESCRIPTION_SIZE - 40);
+  Estrcat (ErrorDescription, "'");
+
+}
+
+/**
+ * asn1_get_length_der:
+ * @der: DER data to decode.
+ * @der_len: Length of DER data to decode.
+ * @len: Output variable containing the length of the DER length field.
+ *
+ * Extract a length field from DER data.
+ *
+ * Returns: Return the decoded length value, or -1 on indefinite
+ *   length, or -2 when the value was too big to fit in a int, or -4
+ *   when the decoded length value plus @len would exceed @der_len.
+ **/
+long
+asn1_get_length_der (const unsigned char *der, int der_len, int *len)
+{
+  unsigned int ans;
+  int k, punt, sum;
+
+  *len = 0;
+  if (der_len <= 0)
+    return 0;
+
+  if (!(der[0] & 128))
+    {
+      /* short form */
+      *len = 1;
+      ans = der[0];
+    }
+  else
+    {
+      /* Long form */
+      k = der[0] & 0x7F;
+      punt = 1;
+      if (k)
+	{ /* definite length method */
+	  ans = 0;
+	  while (punt <= k && punt < der_len)
+	    {
+	      if (INT_MULTIPLY_OVERFLOW (ans, 256))
+		return -2;
+	      ans *= 256;
+
+	      if (INT_ADD_OVERFLOW (ans, ((unsigned) der[punt])))
+		return -2;
+	      ans += der[punt];
+	      punt++;
+	    }
+	}
+      else
+	{			/* indefinite length method */
+	  *len = punt;
+	  return -1;
+	}
+
+      *len = punt;
+    }
+
+  sum = ans;
+  if (ans >= INT_MAX || INT_ADD_OVERFLOW (sum, (*len)))
+    return -2;
+  sum += *len;
+
+  if (sum > der_len)
+    return -4;
+
+  return ans;
+}
+
+/**
+ * asn1_get_tag_der:
+ * @der: DER data to decode.
+ * @der_len: Length of DER data to decode.
+ * @cls: Output variable containing decoded class.
+ * @len: Output variable containing the length of the DER TAG data.
+ * @tag: Output variable containing the decoded tag (may be %NULL).
+ *
+ * Decode the class and TAG from DER code.
+ *
+ * Returns: Returns %ASN1_SUCCESS on success, or an error.
+ **/
+int
+asn1_get_tag_der (const unsigned char *der, int der_len,
+		  unsigned char *cls, int *len, unsigned long *tag)
+{
+  unsigned int ris;
+  int punt;
+
+  if (der == NULL || der_len < 2 || len == NULL)
+    return ASN1_DER_ERROR;
+
+  *cls = der[0] & 0xE0;
+  if ((der[0] & 0x1F) != 0x1F)
+    {
+      /* short form */
+      *len = 1;
+      ris = der[0] & 0x1F;
+    }
+  else
+    {
+      /* Long form */
+      punt = 1;
+      ris = 0;
+      while (punt < der_len && der[punt] & 128)
+	{
+
+	  if (INT_MULTIPLY_OVERFLOW (ris, 128))
+	    return ASN1_DER_ERROR;
+	  ris *= 128;
+
+	  if (INT_ADD_OVERFLOW (ris, ((unsigned) (der[punt] & 0x7F))))
+	    return ASN1_DER_ERROR;
+	  ris += (der[punt] & 0x7F);
+	  punt++;
+	}
+
+      if (punt >= der_len)
+	return ASN1_DER_ERROR;
+
+      if (INT_MULTIPLY_OVERFLOW (ris, 128))
+	return ASN1_DER_ERROR;
+      ris *= 128;
+
+      if (INT_ADD_OVERFLOW (ris, ((unsigned) (der[punt] & 0x7F))))
+	return ASN1_DER_ERROR;
+      ris += (der[punt] & 0x7F);
+      punt++;
+
+      *len = punt;
+    }
+
+  if (tag)
+    *tag = ris;
+  return ASN1_SUCCESS;
+}
+
+/**
+ * asn1_get_length_ber:
+ * @ber: BER data to decode.
+ * @ber_len: Length of BER data to decode.
+ * @len: Output variable containing the length of the BER length field.
+ *
+ * Extract a length field from BER data.  The difference to
+ * asn1_get_length_der() is that this function will return a length
+ * even if the value has indefinite encoding.
+ *
+ * Returns: Return the decoded length value, or negative value when
+ *   the value was too big.
+ *
+ * Since: 2.0
+ **/
+long
+asn1_get_length_ber (const unsigned char *ber, int ber_len, int *len)
+{
+  int ret;
+  long err;
+
+  ret = asn1_get_length_der (ber, ber_len, len);
+
+  if (ret == -1 && ber_len > 1)
+    {				/* indefinite length method */
+      err = _asn1_get_indefinite_length_string (ber + 1, ber_len-1, &ret);
+      if (err != ASN1_SUCCESS)
+	return -3;
+    }
+
+  return ret;
+}
+
+/**
+ * asn1_get_octet_der:
+ * @der: DER data to decode containing the OCTET SEQUENCE.
+ * @der_len: The length of the @der data to decode.
+ * @ret_len: Output variable containing the encoded length of the DER data.
+ * @str: Pre-allocated output buffer to put decoded OCTET SEQUENCE in.
+ * @str_size: Length of pre-allocated output buffer.
+ * @str_len: Output variable containing the length of the contents of the OCTET SEQUENCE.
+ *
+ * Extract an OCTET SEQUENCE from DER data. Note that this function
+ * expects the DER data past the tag field, i.e., the length and
+ * content octets.
+ *
+ * Returns: Returns %ASN1_SUCCESS on success, or an error.
+ **/
+int
+asn1_get_octet_der (const unsigned char *der, int der_len,
+		    int *ret_len, unsigned char *str, int str_size,
+		    int *str_len)
+{
+  int len_len = 0;
+
+  if (der_len <= 0)
+    return ASN1_GENERIC_ERROR;
+
+  *str_len = asn1_get_length_der (der, der_len, &len_len);
+
+  if (*str_len < 0)
+    return ASN1_DER_ERROR;
+
+  *ret_len = *str_len + len_len;
+  if (str_size >= *str_len)
+    {
+      if (*str_len > 0 && str != NULL)
+        memcpy (str, der + len_len, *str_len);
+    }
+  else
+    {
+      return ASN1_MEM_ERROR;
+    }
+
+  return ASN1_SUCCESS;
+}
+
+
+/*-
+ * _asn1_get_time_der:
+ * @type: %ASN1_ETYPE_GENERALIZED_TIME or %ASN1_ETYPE_UTC_TIME
+ * @der: DER data to decode containing the time
+ * @der_len: Length of DER data to decode.
+ * @ret_len: Output variable containing the length of the DER data.
+ * @str: Pre-allocated output buffer to put the textual time in.
+ * @str_size: Length of pre-allocated output buffer.
+ * @flags: Zero or %ASN1_DECODE_FLAG_STRICT_DER
+ *
+ * Performs basic checks in the DER encoded time object and returns its textual form.
+ * The textual form will be in the YYYYMMDD000000Z format for GeneralizedTime
+ * and YYMMDD000000Z for UTCTime.
+ *
+ * Returns: %ASN1_SUCCESS on success, or an error.
+ -*/
+static int
+_asn1_get_time_der (unsigned type, const unsigned char *der, int der_len, int *ret_len,
+		    char *str, int str_size, unsigned flags)
+{
+  int len_len, str_len;
+  unsigned i;
+  unsigned sign_count = 0;
+  unsigned dot_count = 0;
+  const unsigned char *p;
+
+  if (der_len <= 0 || str == NULL)
+    return ASN1_DER_ERROR;
+
+  str_len = asn1_get_length_der (der, der_len, &len_len);
+  if (str_len <= 0 || str_size < str_len)
+    return ASN1_DER_ERROR;
+
+  /* perform some sanity checks on the data */
+  if (str_len < 8)
+    {
+      warn();
+      return ASN1_TIME_ENCODING_ERROR;
+    }
+
+  if ((flags & ASN1_DECODE_FLAG_STRICT_DER) && !(flags & ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME))
+    {
+      p = &der[len_len];
+      for (i=0;i<(unsigned)(str_len-1);i++)
+         {
+           if (c_isdigit(p[i]) == 0)
+             {
+               if (type == ASN1_ETYPE_GENERALIZED_TIME)
+                 {
+                   /* tolerate lax encodings */
+                   if (p[i] == '.' && dot_count == 0)
+                     {
+                       dot_count++;
+                       continue;
+                     }
+
+               /* This is not really valid DER, but there are
+                * structures using that */
+                   if (!(flags & ASN1_DECODE_FLAG_STRICT_DER) &&
+                       (p[i] == '+' || p[i] == '-') && sign_count == 0)
+                     {
+                       sign_count++;
+                       continue;
+                     }
+                 }
+
+               warn();
+               return ASN1_TIME_ENCODING_ERROR;
+             }
+         }
+
+      if (sign_count == 0 && p[str_len-1] != 'Z')
+        {
+          warn();
+          return ASN1_TIME_ENCODING_ERROR;
+        }
+    }
+  memcpy (str, der + len_len, str_len);
+  str[str_len] = 0;
+  *ret_len = str_len + len_len;
+
+  return ASN1_SUCCESS;
+}
+
+/**
+ * asn1_get_object_id_der:
+ * @der: DER data to decode containing the OBJECT IDENTIFIER
+ * @der_len: Length of DER data to decode.
+ * @ret_len: Output variable containing the length of the DER data.
+ * @str: Pre-allocated output buffer to put the textual object id in.
+ * @str_size: Length of pre-allocated output buffer.
+ *
+ * Converts a DER encoded object identifier to its textual form. This
+ * function expects the DER object identifier without the tag.
+ *
+ * Returns: %ASN1_SUCCESS on success, or an error.
+ **/
+int
+asn1_get_object_id_der (const unsigned char *der, int der_len, int *ret_len,
+			char *str, int str_size)
+{
+  int len_len, len, k;
+  int leading, parsed;
+  char temp[LTOSTR_MAX_SIZE];
+  uint64_t val, val1, val0;
+
+  *ret_len = 0;
+  if (str && str_size > 0)
+    str[0] = 0;			/* no oid */
+
+  if (str == NULL || der_len <= 0)
+    return ASN1_GENERIC_ERROR;
+
+  len = asn1_get_length_der (der, der_len, &len_len);
+
+  if (len <= 0 || len + len_len > der_len)
+    return ASN1_DER_ERROR;
+
+  /* leading octet can never be 0x80 */
+  if (der[len_len] == 0x80)
+    return ASN1_DER_ERROR;
+
+  val0 = 0;
+
+  for (k = 0; k < len; k++)
+    {
+      if (INT_LEFT_SHIFT_OVERFLOW (val0, 7))
+	return ASN1_DER_ERROR;
+
+      val0 <<= 7;
+      val0 |= der[len_len + k] & 0x7F;
+      if (!(der[len_len + k] & 0x80))
+	break;
+    }
+  parsed = ++k;
+
+  /* val0 = (X*40) + Y, X={0,1,2}, Y<=39 when X={0,1} */
+  /* X = val, Y = val1 */
+
+  /* check if X == 0  */
+  val = 0;
+  val1 = val0;
+  if (val1 > 39)
+    {
+      val = 1;
+      val1 = val0 - 40;
+      if (val1  > 39)
+        {
+          val = 2;
+          val1 = val0 - 80;
+        }
+    }
+
+  _asn1_str_cpy (str, str_size, _asn1_ltostr (val, temp));
+  _asn1_str_cat (str, str_size, ".");
+  _asn1_str_cat (str, str_size, _asn1_ltostr (val1, temp));
+
+  val = 0;
+  leading = 1;
+  for (k = parsed; k < len; k++)
+    {
+      /* X.690 mandates that the leading byte must never be 0x80
+       */
+      if (leading != 0 && der[len_len + k] == 0x80)
+	return ASN1_DER_ERROR;
+      leading = 0;
+
+      /* check for wrap around */
+      if (INT_LEFT_SHIFT_OVERFLOW (val, 7))
+	return ASN1_DER_ERROR;
+
+      val = val << 7;
+      val |= der[len_len + k] & 0x7F;
+
+      if (!(der[len_len + k] & 0x80))
+	{
+	  _asn1_str_cat (str, str_size, ".");
+	  _asn1_str_cat (str, str_size, _asn1_ltostr (val, temp));
+	  val = 0;
+	  leading = 1;
+	}
+    }
+
+  if (INT_ADD_OVERFLOW (len, len_len))
+    return ASN1_DER_ERROR;
+
+  *ret_len = len + len_len;
+
+  return ASN1_SUCCESS;
+}
+
+/**
+ * asn1_get_bit_der:
+ * @der: DER data to decode containing the BIT SEQUENCE.
+ * @der_len: Length of DER data to decode.
+ * @ret_len: Output variable containing the length of the DER data.
+ * @str: Pre-allocated output buffer to put decoded BIT SEQUENCE in.
+ * @str_size: Length of pre-allocated output buffer.
+ * @bit_len: Output variable containing the size of the BIT SEQUENCE.
+ *
+ * Extract a BIT SEQUENCE from DER data.
+ *
+ * Returns: %ASN1_SUCCESS on success, or an error.
+ **/
+int
+asn1_get_bit_der (const unsigned char *der, int der_len,
+		  int *ret_len, unsigned char *str, int str_size,
+		  int *bit_len)
+{
+  int len_len = 0, len_byte;
+
+  if (der_len <= 0)
+    return ASN1_GENERIC_ERROR;
+
+  len_byte = asn1_get_length_der (der, der_len, &len_len) - 1;
+  if (len_byte < 0)
+    return ASN1_DER_ERROR;
+
+  *ret_len = len_byte + len_len + 1;
+  *bit_len = len_byte * 8 - der[len_len];
+
+  if (*bit_len < 0)
+    return ASN1_DER_ERROR;
+
+  if (str_size >= len_byte)
+    {
+      if (len_byte > 0 && str)
+        memcpy (str, der + len_len + 1, len_byte);
+    }
+  else
+    {
+      return ASN1_MEM_ERROR;
+    }
+
+  return ASN1_SUCCESS;
+}
+
+/* tag_len: the total tag length (explicit+inner)
+ * inner_tag_len: the inner_tag length
+ */
+static int
+_asn1_extract_tag_der (asn1_node node, const unsigned char *der, int der_len,
+		       int *tag_len, int *inner_tag_len, unsigned flags)
+{
+  asn1_node p;
+  int counter, len2, len3, is_tag_implicit;
+  int result;
+  unsigned long tag, tag_implicit = 0;
+  unsigned char class, class2, class_implicit = 0;
+
+  if (der_len <= 0)
+    return ASN1_GENERIC_ERROR;
+
+  counter = is_tag_implicit = 0;
+
+  if (node->type & CONST_TAG)
+    {
+      p = node->down;
+      while (p)
+	{
+	  if (type_field (p->type) == ASN1_ETYPE_TAG)
+	    {
+	      if (p->type & CONST_APPLICATION)
+		class2 = ASN1_CLASS_APPLICATION;
+	      else if (p->type & CONST_UNIVERSAL)
+		class2 = ASN1_CLASS_UNIVERSAL;
+	      else if (p->type & CONST_PRIVATE)
+		class2 = ASN1_CLASS_PRIVATE;
+	      else
+		class2 = ASN1_CLASS_CONTEXT_SPECIFIC;
+
+	      if (p->type & CONST_EXPLICIT)
+		{
+		  if (asn1_get_tag_der
+		      (der + counter, der_len, &class, &len2,
+		       &tag) != ASN1_SUCCESS)
+		    return ASN1_DER_ERROR;
+
+                  DECR_LEN(der_len, len2);
+		  counter += len2;
+
+		  if (flags & ASN1_DECODE_FLAG_STRICT_DER)
+		    len3 =
+		      asn1_get_length_der (der + counter, der_len,
+					 &len2);
+		  else
+		    len3 =
+		      asn1_get_length_ber (der + counter, der_len,
+					 &len2);
+		  if (len3 < 0)
+		    return ASN1_DER_ERROR;
+
+                  DECR_LEN(der_len, len2);
+		  counter += len2;
+
+		  if (!is_tag_implicit)
+		    {
+		      if ((class != (class2 | ASN1_CLASS_STRUCTURED)) ||
+			  (tag != strtoul ((char *) p->value, NULL, 10)))
+			return ASN1_TAG_ERROR;
+		    }
+		  else
+		    {		/* ASN1_TAG_IMPLICIT */
+		      if ((class != class_implicit) || (tag != tag_implicit))
+			return ASN1_TAG_ERROR;
+		    }
+		  is_tag_implicit = 0;
+		}
+	      else
+		{		/* ASN1_TAG_IMPLICIT */
+		  if (!is_tag_implicit)
+		    {
+		      if ((type_field (node->type) == ASN1_ETYPE_SEQUENCE) ||
+			  (type_field (node->type) == ASN1_ETYPE_SEQUENCE_OF)
+			  || (type_field (node->type) == ASN1_ETYPE_SET)
+			  || (type_field (node->type) == ASN1_ETYPE_SET_OF))
+			class2 |= ASN1_CLASS_STRUCTURED;
+		      class_implicit = class2;
+		      tag_implicit = strtoul ((char *) p->value, NULL, 10);
+		      is_tag_implicit = 1;
+		    }
+		}
+	    }
+	  p = p->right;
+	}
+    }
+
+  if (is_tag_implicit)
+    {
+      if (asn1_get_tag_der
+	  (der + counter, der_len, &class, &len2,
+	   &tag) != ASN1_SUCCESS)
+	return ASN1_DER_ERROR;
+
+      DECR_LEN(der_len, len2);
+
+      if ((class != class_implicit) || (tag != tag_implicit))
+	{
+	  if (type_field (node->type) == ASN1_ETYPE_OCTET_STRING)
+	    {
+	      class_implicit |= ASN1_CLASS_STRUCTURED;
+	      if ((class != class_implicit) || (tag != tag_implicit))
+		return ASN1_TAG_ERROR;
+	    }
+	  else
+	    return ASN1_TAG_ERROR;
+	}
+    }
+  else
+    {
+      unsigned type = type_field (node->type);
+      if (type == ASN1_ETYPE_TAG)
+	{
+	  *tag_len = 0;
+	  if (inner_tag_len)
+	    *inner_tag_len = 0;
+	  return ASN1_SUCCESS;
+	}
+
+      if (asn1_get_tag_der
+	  (der + counter, der_len, &class, &len2,
+	   &tag) != ASN1_SUCCESS)
+	return ASN1_DER_ERROR;
+
+      DECR_LEN(der_len, len2);
+
+      switch (type)
+	{
+	case ASN1_ETYPE_NULL:
+	case ASN1_ETYPE_BOOLEAN:
+	case ASN1_ETYPE_INTEGER:
+	case ASN1_ETYPE_ENUMERATED:
+	case ASN1_ETYPE_OBJECT_ID:
+	case ASN1_ETYPE_GENERALSTRING:
+	case ASN1_ETYPE_NUMERIC_STRING:
+	case ASN1_ETYPE_IA5_STRING:
+	case ASN1_ETYPE_TELETEX_STRING:
+	case ASN1_ETYPE_PRINTABLE_STRING:
+	case ASN1_ETYPE_UNIVERSAL_STRING:
+	case ASN1_ETYPE_BMP_STRING:
+	case ASN1_ETYPE_UTF8_STRING:
+	case ASN1_ETYPE_VISIBLE_STRING:
+	case ASN1_ETYPE_BIT_STRING:
+	case ASN1_ETYPE_SEQUENCE:
+	case ASN1_ETYPE_SEQUENCE_OF:
+	case ASN1_ETYPE_SET:
+	case ASN1_ETYPE_SET_OF:
+	case ASN1_ETYPE_GENERALIZED_TIME:
+	case ASN1_ETYPE_UTC_TIME:
+	  if ((class != _asn1_tags[type].class)
+	      || (tag != _asn1_tags[type].tag))
+	    return ASN1_DER_ERROR;
+	  break;
+
+	case ASN1_ETYPE_OCTET_STRING:
+	  /* OCTET STRING is handled differently to allow
+	   * BER encodings (structured class). */
+	  if (((class != ASN1_CLASS_UNIVERSAL)
+	       && (class != (ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED)))
+	      || (tag != ASN1_TAG_OCTET_STRING))
+	    return ASN1_DER_ERROR;
+	  break;
+	case ASN1_ETYPE_ANY:
+	  counter -= len2;
+	  break;
+	case ASN1_ETYPE_CHOICE:
+	  counter -= len2;
+	  break;
+	default:
+	  return ASN1_DER_ERROR;
+	  break;
+	}
+    }
+
+  counter += len2;
+  *tag_len = counter;
+  if (inner_tag_len)
+    *inner_tag_len = len2;
+  return ASN1_SUCCESS;
+
+cleanup:
+  return result;
+}
+
+static int
+extract_tag_der_recursive(asn1_node node, const unsigned char *der, int der_len,
+		       int *ret_len, int *inner_len, unsigned flags)
+{
+asn1_node p;
+int ris = ASN1_DER_ERROR;
+
+  if (type_field (node->type) == ASN1_ETYPE_CHOICE)
+    {
+      p = node->down;
+      while (p)
+        {
+          ris = _asn1_extract_tag_der (p, der, der_len, ret_len, inner_len, flags);
+          if (ris == ASN1_SUCCESS)
+            break;
+          p = p->right;
+	}
+
+      *ret_len = 0;
+      return ris;
+    }
+  else
+    return _asn1_extract_tag_der (node, der, der_len, ret_len, inner_len, flags);
+}
+
+static int
+_asn1_delete_not_used (asn1_node node)
+{
+  asn1_node p, p2;
+
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  p = node;
+  while (p)
+    {
+      if (p->type & CONST_NOT_USED)
+	{
+	  p2 = NULL;
+	  if (p != node)
+	    {
+	      p2 = _asn1_find_left (p);
+	      if (!p2)
+		p2 = _asn1_find_up (p);
+	    }
+	  asn1_delete_structure (&p);
+	  p = p2;
+	}
+
+      if (!p)
+	break;			/* reach node */
+
+      if (p->down)
+	{
+	  p = p->down;
+	}
+      else
+	{
+	  if (p == node)
+	    p = NULL;
+	  else if (p->right)
+	    p = p->right;
+	  else
+	    {
+	      while (1)
+		{
+		  p = _asn1_find_up (p);
+		  if (p == node)
+		    {
+		      p = NULL;
+		      break;
+		    }
+		  if (p->right)
+		    {
+		      p = p->right;
+		      break;
+		    }
+		}
+	    }
+	}
+    }
+  return ASN1_SUCCESS;
+}
+
+static int
+_asn1_get_indefinite_length_string (const unsigned char *der,
+				    int der_len, int *len)
+{
+  int len2, len3, counter, indefinite;
+  int result;
+  unsigned long tag;
+  unsigned char class;
+
+  counter = indefinite = 0;
+
+  while (1)
+    {
+      if (HAVE_TWO(der_len) && (der[counter] == 0) && (der[counter + 1] == 0))
+	{
+	  counter += 2;
+	  DECR_LEN(der_len, 2);
+
+	  indefinite--;
+	  if (indefinite <= 0)
+	    break;
+	  else
+	    continue;
+	}
+
+      if (asn1_get_tag_der
+	  (der + counter, der_len, &class, &len2,
+	   &tag) != ASN1_SUCCESS)
+	return ASN1_DER_ERROR;
+
+      DECR_LEN(der_len, len2);
+      counter += len2;
+
+      len2 = asn1_get_length_der (der + counter, der_len, &len3);
+      if (len2 < -1)
+	return ASN1_DER_ERROR;
+
+      if (len2 == -1)
+	{
+	  indefinite++;
+	  counter += 1;
+          DECR_LEN(der_len, 1);
+	}
+      else
+	{
+	  counter += len2 + len3;
+          DECR_LEN(der_len, len2+len3);
+	}
+    }
+
+  *len = counter;
+  return ASN1_SUCCESS;
+
+cleanup:
+  return result;
+}
+
+static void delete_unneeded_choice_fields(asn1_node p)
+{
+  asn1_node p2;
+
+  while (p->right)
+    {
+      p2 = p->right;
+      asn1_delete_structure (&p2);
+    }
+}
+
+
+/**
+ * asn1_der_decoding2
+ * @element: pointer to an ASN1 structure.
+ * @ider: vector that contains the DER encoding.
+ * @max_ider_len: pointer to an integer giving the information about the
+ *   maximal number of bytes occupied by *@ider. The real size of the DER
+ *   encoding is returned through this pointer.
+ * @flags: flags controlling the behaviour of the function.
+ * @errorDescription: null-terminated string contains details when an
+ *   error occurred.
+ *
+ * Fill the structure *@element with values of a DER encoding string. The
+ * structure must just be created with function asn1_create_element().
+ *
+ * If %ASN1_DECODE_FLAG_ALLOW_PADDING flag is set then the function will ignore
+ * padding after the decoded DER data. Upon a successful return the value of
+ * *@max_ider_len will be set to the number of bytes decoded.
+ *
+ * If %ASN1_DECODE_FLAG_STRICT_DER flag is set then the function will
+ * not decode any BER-encoded elements.
+ *
+ * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND
+ *   if @ELEMENT is %NULL, and %ASN1_TAG_ERROR or
+ *   %ASN1_DER_ERROR if the der encoding doesn't match the structure
+ *   name (*@ELEMENT deleted).
+ **/
+int
+asn1_der_decoding2 (asn1_node *element, const void *ider, int *max_ider_len,
+		    unsigned int flags, char *errorDescription)
+{
+  asn1_node node, p, p2, p3;
+  char temp[128];
+  int counter, len2, len3, len4, move, ris, tlen;
+  struct node_tail_cache_st tcache = {NULL, NULL};
+  unsigned char class;
+  unsigned long tag;
+  int tag_len;
+  int indefinite, result, total_len = *max_ider_len, ider_len = *max_ider_len;
+  int inner_tag_len;
+  unsigned char *ptmp;
+  const unsigned char *ptag;
+  const unsigned char *der = ider;
+
+  node = *element;
+
+  if (errorDescription != NULL)
+    errorDescription[0] = 0;
+
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  if (node->type & CONST_OPTION)
+    {
+      result = ASN1_GENERIC_ERROR;
+      warn();
+      goto cleanup;
+    }
+
+  counter = 0;
+  move = DOWN;
+  p = node;
+  while (1)
+    {
+      tag_len = 0;
+      inner_tag_len = 0;
+      ris = ASN1_SUCCESS;
+      if (move != UP)
+	{
+	  if (p->type & CONST_SET)
+	    {
+	      p2 = _asn1_find_up (p);
+	      len2 = p2->tmp_ival;
+	      if (len2 == -1)
+		{
+		  if (HAVE_TWO(ider_len) && !der[counter] && !der[counter + 1])
+		    {
+		      p = p2;
+		      move = UP;
+		      counter += 2;
+		      DECR_LEN(ider_len, 2);
+		      continue;
+		    }
+		}
+	      else if (counter == len2)
+		{
+		  p = p2;
+		  move = UP;
+		  continue;
+		}
+	      else if (counter > len2)
+		{
+		  result = ASN1_DER_ERROR;
+                  warn();
+		  goto cleanup;
+		}
+	      p2 = p2->down;
+	      while (p2)
+		{
+		  if ((p2->type & CONST_SET) && (p2->type & CONST_NOT_USED))
+		    {
+		      ris =
+			  extract_tag_der_recursive (p2, der + counter,
+						     ider_len, &len2, NULL, flags);
+		      if (ris == ASN1_SUCCESS)
+			{
+			  p2->type &= ~CONST_NOT_USED;
+			  p = p2;
+			  break;
+			}
+		    }
+		  p2 = p2->right;
+		}
+	      if (p2 == NULL)
+		{
+		  result = ASN1_DER_ERROR;
+                  warn();
+		  goto cleanup;
+		}
+	    }
+
+	  /* the position in the DER structure this starts */
+	  p->start = counter;
+	  p->end = total_len - 1;
+
+	  if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT))
+	    {
+	      p2 = _asn1_find_up (p);
+	      len2 = p2->tmp_ival;
+	      if (counter == len2)
+		{
+		  if (p->right)
+		    {
+		      p2 = p->right;
+		      move = RIGHT;
+		    }
+		  else
+		    move = UP;
+
+		  if (p->type & CONST_OPTION)
+		    asn1_delete_structure (&p);
+
+		  p = p2;
+		  continue;
+		}
+	    }
+
+	  if (type_field (p->type) == ASN1_ETYPE_CHOICE)
+	    {
+	      while (p->down)
+		{
+		  ris =
+		      extract_tag_der_recursive (p->down, der + counter,
+					         ider_len, &len2, NULL, flags);
+
+		  if (ris == ASN1_SUCCESS)
+		    {
+		      delete_unneeded_choice_fields(p->down);
+		      break;
+		    }
+		  else if (ris == ASN1_ERROR_TYPE_ANY)
+		    {
+		      result = ASN1_ERROR_TYPE_ANY;
+                      warn();
+		      goto cleanup;
+		    }
+		  else
+		    {
+		      p2 = p->down;
+		      asn1_delete_structure (&p2);
+		    }
+		}
+
+	      if (p->down == NULL)
+		{
+		  if (!(p->type & CONST_OPTION))
+		    {
+		      result = ASN1_DER_ERROR;
+                      warn();
+		      goto cleanup;
+		    }
+		}
+	      else if (type_field (p->type) != ASN1_ETYPE_CHOICE)
+		p = p->down;
+
+	      p->start = counter;
+	    }
+
+	  if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT))
+	    {
+	      p2 = _asn1_find_up (p);
+	      len2 = p2->tmp_ival;
+
+	      if ((len2 != -1) && (counter > len2))
+		ris = ASN1_TAG_ERROR;
+	    }
+
+	  if (ris == ASN1_SUCCESS)
+	    ris =
+	      extract_tag_der_recursive (p, der + counter, ider_len,
+	                                 &tag_len, &inner_tag_len, flags);
+
+	  if (ris != ASN1_SUCCESS)
+	    {
+	      if (p->type & CONST_OPTION)
+		{
+		  p->type |= CONST_NOT_USED;
+		  move = RIGHT;
+		}
+	      else if (p->type & CONST_DEFAULT)
+		{
+		  _asn1_set_value (p, NULL, 0);
+		  move = RIGHT;
+		}
+	      else
+		{
+		  if (errorDescription != NULL)
+		    _asn1_error_description_tag_error (p, errorDescription);
+
+		  result = ASN1_TAG_ERROR;
+                  warn();
+		  goto cleanup;
+		}
+	    }
+	  else
+	    {
+	      DECR_LEN(ider_len, tag_len);
+	      counter += tag_len;
+	    }
+	}
+
+      if (ris == ASN1_SUCCESS)
+	{
+	  switch (type_field (p->type))
+	    {
+	    case ASN1_ETYPE_NULL:
+	      DECR_LEN(ider_len, 1);
+	      if (der[counter])
+		{
+		  result = ASN1_DER_ERROR;
+                  warn();
+		  goto cleanup;
+		}
+	      counter++;
+	      move = RIGHT;
+	      break;
+	    case ASN1_ETYPE_BOOLEAN:
+	      DECR_LEN(ider_len, 2);
+
+	      if (der[counter++] != 1)
+		{
+		  result = ASN1_DER_ERROR;
+                  warn();
+		  goto cleanup;
+		}
+	      if (der[counter++] == 0)
+		_asn1_set_value (p, "F", 1);
+	      else
+		_asn1_set_value (p, "T", 1);
+	      move = RIGHT;
+	      break;
+	    case ASN1_ETYPE_INTEGER:
+	    case ASN1_ETYPE_ENUMERATED:
+	      len2 =
+		asn1_get_length_der (der + counter, ider_len, &len3);
+	      if (len2 < 0)
+		{
+		  result = ASN1_DER_ERROR;
+                  warn();
+		  goto cleanup;
+		}
+
+	      DECR_LEN(ider_len, len3+len2);
+
+	      _asn1_set_value (p, der + counter, len3 + len2);
+	      counter += len3 + len2;
+	      move = RIGHT;
+	      break;
+	    case ASN1_ETYPE_OBJECT_ID:
+	      result =
+		asn1_get_object_id_der (der + counter, ider_len, &len2,
+					temp, sizeof (temp));
+	      if (result != ASN1_SUCCESS)
+	        {
+                  warn();
+		  goto cleanup;
+		}
+
+	      DECR_LEN(ider_len, len2);
+
+	      tlen = strlen (temp);
+	      if (tlen > 0)
+		_asn1_set_value (p, temp, tlen + 1);
+
+	      counter += len2;
+	      move = RIGHT;
+	      break;
+	    case ASN1_ETYPE_GENERALIZED_TIME:
+	    case ASN1_ETYPE_UTC_TIME:
+	      result =
+		_asn1_get_time_der (type_field (p->type), der + counter, ider_len, &len2, temp,
+				    sizeof (temp) - 1, flags);
+	      if (result != ASN1_SUCCESS)
+	        {
+                  warn();
+                  goto cleanup;
+                }
+
+	      DECR_LEN(ider_len, len2);
+
+	      tlen = strlen (temp);
+	      if (tlen > 0)
+		_asn1_set_value (p, temp, tlen);
+
+	      counter += len2;
+	      move = RIGHT;
+	      break;
+	    case ASN1_ETYPE_OCTET_STRING:
+	      if (counter < inner_tag_len)
+	        {
+		  result = ASN1_DER_ERROR;
+                  warn();
+		  goto cleanup;
+	        }
+
+              ptag = der + counter - inner_tag_len;
+              if ((flags & ASN1_DECODE_FLAG_STRICT_DER) || !(ptag[0] & ASN1_CLASS_STRUCTURED))
+                {
+	          if (ptag[0] & ASN1_CLASS_STRUCTURED)
+		    {
+		      result = ASN1_DER_ERROR;
+                      warn();
+		      goto cleanup;
+		    }
+
+	          len2 =
+		    asn1_get_length_der (der + counter, ider_len, &len3);
+	          if (len2 < 0)
+		    {
+		      result = ASN1_DER_ERROR;
+                      warn();
+		      goto cleanup;
+		    }
+
+	          DECR_LEN(ider_len, len3+len2);
+
+	          _asn1_set_value (p, der + counter, len3 + len2);
+	          counter += len3 + len2;
+                }
+              else
+                {
+                  unsigned dflags = 0, vlen, ber_len;
+
+                  if (ptag[0] & ASN1_CLASS_STRUCTURED)
+                    dflags |= DECODE_FLAG_CONSTRUCTED;
+
+                  result = _asn1_decode_simple_ber(type_field (p->type), der+counter, ider_len, &ptmp, &vlen, &ber_len, dflags);
+                  if (result != ASN1_SUCCESS)
+	            {
+                      warn();
+		      goto cleanup;
+		    }
+
+		  DECR_LEN(ider_len, ber_len);
+
+		  _asn1_set_value_lv (p, ptmp, vlen);
+
+	          counter += ber_len;
+	          free(ptmp);
+                }
+	      move = RIGHT;
+	      break;
+	    case ASN1_ETYPE_GENERALSTRING:
+	    case ASN1_ETYPE_NUMERIC_STRING:
+	    case ASN1_ETYPE_IA5_STRING:
+	    case ASN1_ETYPE_TELETEX_STRING:
+	    case ASN1_ETYPE_PRINTABLE_STRING:
+	    case ASN1_ETYPE_UNIVERSAL_STRING:
+	    case ASN1_ETYPE_BMP_STRING:
+	    case ASN1_ETYPE_UTF8_STRING:
+	    case ASN1_ETYPE_VISIBLE_STRING:
+	    case ASN1_ETYPE_BIT_STRING:
+	      len2 =
+		asn1_get_length_der (der + counter, ider_len, &len3);
+	      if (len2 < 0)
+		{
+		  result = ASN1_DER_ERROR;
+                  warn();
+		  goto cleanup;
+		}
+
+	      DECR_LEN(ider_len, len3+len2);
+
+	      _asn1_set_value (p, der + counter, len3 + len2);
+	      counter += len3 + len2;
+	      move = RIGHT;
+	      break;
+	    case ASN1_ETYPE_SEQUENCE:
+	    case ASN1_ETYPE_SET:
+	      if (move == UP)
+		{
+		  len2 = p->tmp_ival;
+		  p->tmp_ival = 0;
+		  if (len2 == -1)
+		    {		/* indefinite length method */
+		      DECR_LEN(ider_len, 2);
+		      if ((der[counter]) || der[counter + 1])
+		        {
+		          result = ASN1_DER_ERROR;
+                          warn();
+		          goto cleanup;
+			}
+		      counter += 2;
+		    }
+		  else
+		    {		/* definite length method */
+		      if (len2 != counter)
+			{
+			  result = ASN1_DER_ERROR;
+                          warn();
+			  goto cleanup;
+			}
+		    }
+		  move = RIGHT;
+		}
+	      else
+		{		/* move==DOWN || move==RIGHT */
+		  len3 =
+		    asn1_get_length_der (der + counter, ider_len, &len2);
+                  if (IS_ERR(len3, flags))
+		    {
+		      result = ASN1_DER_ERROR;
+                      warn();
+		      goto cleanup;
+		    }
+
+	          DECR_LEN(ider_len, len2);
+		  counter += len2;
+
+		  if (len3 > 0)
+		    {
+		      p->tmp_ival = counter + len3;
+		      move = DOWN;
+		    }
+		  else if (len3 == 0)
+		    {
+		      p2 = p->down;
+		      while (p2)
+			{
+			  if (type_field (p2->type) != ASN1_ETYPE_TAG)
+			    {
+			      p3 = p2->right;
+			      asn1_delete_structure (&p2);
+			      p2 = p3;
+			    }
+			  else
+			    p2 = p2->right;
+			}
+		      move = RIGHT;
+		    }
+		  else
+		    {		/* indefinite length method */
+		      p->tmp_ival = -1;
+		      move = DOWN;
+		    }
+		}
+	      break;
+	    case ASN1_ETYPE_SEQUENCE_OF:
+	    case ASN1_ETYPE_SET_OF:
+	      if (move == UP)
+		{
+		  len2 = p->tmp_ival;
+		  if (len2 == -1)
+		    {		/* indefinite length method */
+		      if (!HAVE_TWO(ider_len) || ((der[counter]) || der[counter + 1]))
+			{
+			  result = _asn1_append_sequence_set (p, &tcache);
+			  if (result != 0)
+			    {
+                              warn();
+		              goto cleanup;
+		            }
+			  p = tcache.tail;
+			  move = RIGHT;
+			  continue;
+			}
+
+		      p->tmp_ival = 0;
+		      tcache.tail = NULL; /* finished decoding this structure */
+		      tcache.head = NULL;
+		      DECR_LEN(ider_len, 2);
+		      counter += 2;
+		    }
+		  else
+		    {		/* definite length method */
+		      if (len2 > counter)
+			{
+			  result = _asn1_append_sequence_set (p, &tcache);
+			  if (result != 0)
+			    {
+                              warn();
+		              goto cleanup;
+		            }
+			  p = tcache.tail;
+			  move = RIGHT;
+			  continue;
+			}
+
+		      p->tmp_ival = 0;
+		      tcache.tail = NULL; /* finished decoding this structure */
+		      tcache.head = NULL;
+
+		      if (len2 != counter)
+			{
+			  result = ASN1_DER_ERROR;
+                          warn();
+			  goto cleanup;
+			}
+		    }
+		}
+	      else
+		{		/* move==DOWN || move==RIGHT */
+		  len3 =
+		    asn1_get_length_der (der + counter, ider_len, &len2);
+                  if (IS_ERR(len3, flags))
+		    {
+		      result = ASN1_DER_ERROR;
+                      warn();
+		      goto cleanup;
+		    }
+
+		  DECR_LEN(ider_len, len2);
+		  counter += len2;
+		  if (len3)
+		    {
+		      if (len3 > 0)
+			{	/* definite length method */
+		          p->tmp_ival = counter + len3;
+			}
+		      else
+			{	/* indefinite length method */
+		          p->tmp_ival = -1;
+			}
+
+		      p2 = p->down;
+                      if (p2 == NULL)
+		        {
+		          result = ASN1_DER_ERROR;
+                          warn();
+		          goto cleanup;
+		        }
+
+		      while ((type_field (p2->type) == ASN1_ETYPE_TAG)
+			     || (type_field (p2->type) == ASN1_ETYPE_SIZE))
+			p2 = p2->right;
+		      if (p2->right == NULL)
+		        {
+			  result = _asn1_append_sequence_set (p, &tcache);
+			  if (result != 0)
+			    {
+                              warn();
+		              goto cleanup;
+		            }
+			}
+		      p = p2;
+		    }
+		}
+	      move = RIGHT;
+	      break;
+	    case ASN1_ETYPE_ANY:
+	      /* Check indefinite lenth method in an EXPLICIT TAG */
+
+	      if (!(flags & ASN1_DECODE_FLAG_STRICT_DER) && (p->type & CONST_TAG) &&
+	          tag_len == 2 && (der[counter - 1] == 0x80))
+		indefinite = 1;
+	      else
+	        indefinite = 0;
+
+	      if (asn1_get_tag_der
+		  (der + counter, ider_len, &class, &len2,
+		   &tag) != ASN1_SUCCESS)
+		{
+		  result = ASN1_DER_ERROR;
+                  warn();
+		  goto cleanup;
+		}
+
+	      DECR_LEN(ider_len, len2);
+
+	      len4 =
+		asn1_get_length_der (der + counter + len2,
+				     ider_len, &len3);
+              if (IS_ERR(len4, flags))
+		{
+		  result = ASN1_DER_ERROR;
+                  warn();
+		  goto cleanup;
+		}
+	      if (len4 != -1) /* definite */
+		{
+		  len2 += len4;
+
+	          DECR_LEN(ider_len, len4+len3);
+		  _asn1_set_value_lv (p, der + counter, len2 + len3);
+		  counter += len2 + len3;
+		}
+	      else /* == -1 */
+		{		/* indefinite length */
+		  ider_len += len2; /* undo DECR_LEN */
+
+		  if (counter == 0)
+		    {
+		      result = ASN1_DER_ERROR;
+                      warn();
+		      goto cleanup;
+		    }
+
+		  result =
+		    _asn1_get_indefinite_length_string (der + counter, ider_len, &len2);
+		  if (result != ASN1_SUCCESS)
+		    {
+                      warn();
+                      goto cleanup;
+                    }
+
+	          DECR_LEN(ider_len, len2);
+		  _asn1_set_value_lv (p, der + counter, len2);
+		  counter += len2;
+
+		}
+
+	        /* Check if a couple of 0x00 are present due to an EXPLICIT TAG with
+	           an indefinite length method. */
+	        if (indefinite)
+		  {
+	            DECR_LEN(ider_len, 2);
+		    if (!der[counter] && !der[counter + 1])
+		      {
+		        counter += 2;
+		      }
+		    else
+		      {
+		        result = ASN1_DER_ERROR;
+                        warn();
+		        goto cleanup;
+		      }
+		  }
+
+	      move = RIGHT;
+	      break;
+	    default:
+	      move = (move == UP) ? RIGHT : DOWN;
+	      break;
+	    }
+	}
+
+      if (p)
+        {
+          p->end = counter - 1;
+        }
+
+      if (p == node && move != DOWN)
+	break;
+
+      if (move == DOWN)
+	{
+	  if (p->down)
+	    p = p->down;
+	  else
+	    move = RIGHT;
+	}
+      if ((move == RIGHT) && !(p->type & CONST_SET))
+	{
+	  if (p->right)
+	    p = p->right;
+	  else
+	    move = UP;
+	}
+      if (move == UP)
+	p = _asn1_find_up (p);
+    }
+
+  _asn1_delete_not_used (*element);
+
+  if ((ider_len < 0) ||
+      (!(flags & ASN1_DECODE_FLAG_ALLOW_PADDING) && (ider_len != 0)))
+    {
+      warn();
+      result = ASN1_DER_ERROR;
+      goto cleanup;
+    }
+
+  *max_ider_len = total_len - ider_len;
+
+  return ASN1_SUCCESS;
+
+cleanup:
+  asn1_delete_structure (element);
+  return result;
+}
+
+
+/**
+ * asn1_der_decoding:
+ * @element: pointer to an ASN1 structure.
+ * @ider: vector that contains the DER encoding.
+ * @ider_len: number of bytes of *@ider: @ider[0]..@ider[len-1].
+ * @errorDescription: null-terminated string contains details when an
+ *   error occurred.
+ *
+ * Fill the structure *@element with values of a DER encoding
+ * string. The structure must just be created with function
+ * asn1_create_element().
+ *
+ * Note that the *@element variable is provided as a pointer for
+ * historical reasons.
+ *
+ * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND
+ *   if @ELEMENT is %NULL, and %ASN1_TAG_ERROR or
+ *   %ASN1_DER_ERROR if the der encoding doesn't match the structure
+ *   name (*@ELEMENT deleted).
+ **/
+int
+asn1_der_decoding (asn1_node * element, const void *ider, int ider_len,
+		   char *errorDescription)
+{
+  return asn1_der_decoding2 (element, ider, &ider_len, 0, errorDescription);
+}
+
+/**
+ * asn1_der_decoding_element:
+ * @structure: pointer to an ASN1 structure
+ * @elementName: name of the element to fill
+ * @ider: vector that contains the DER encoding of the whole structure.
+ * @len: number of bytes of *der: der[0]..der[len-1]
+ * @errorDescription: null-terminated string contains details when an
+ *   error occurred.
+ *
+ * Fill the element named @ELEMENTNAME with values of a DER encoding
+ * string.  The structure must just be created with function
+ * asn1_create_element().  The DER vector must contain the encoding
+ * string of the whole @STRUCTURE.  If an error occurs during the
+ * decoding procedure, the *@STRUCTURE is deleted and set equal to
+ * %NULL.
+ *
+ * This function is deprecated and may just be an alias to asn1_der_decoding
+ * in future versions. Use asn1_der_decoding() instead.
+ *
+ * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND
+ *   if ELEMENT is %NULL or @elementName == NULL, and
+ *   %ASN1_TAG_ERROR or %ASN1_DER_ERROR if the der encoding doesn't
+ *   match the structure @structure (*ELEMENT deleted).
+ **/
+int
+asn1_der_decoding_element (asn1_node * structure, const char *elementName,
+			   const void *ider, int len, char *errorDescription)
+{
+  return asn1_der_decoding(structure, ider, len, errorDescription);
+}
+
+/**
+ * asn1_der_decoding_startEnd:
+ * @element: pointer to an ASN1 element
+ * @ider: vector that contains the DER encoding.
+ * @ider_len: number of bytes of *@ider: @ider[0]..@ider[len-1]
+ * @name_element: an element of NAME structure.
+ * @start: the position of the first byte of NAME_ELEMENT decoding
+ *   (@ider[*start])
+ * @end: the position of the last byte of NAME_ELEMENT decoding
+ *  (@ider[*end])
+ *
+ * Find the start and end point of an element in a DER encoding
+ * string. I mean that if you have a der encoding and you have already
+ * used the function asn1_der_decoding() to fill a structure, it may
+ * happen that you want to find the piece of string concerning an
+ * element of the structure.
+ *
+ * One example is the sequence "tbsCertificate" inside an X509
+ * certificate.
+ *
+ * Note that since libtasn1 3.7 the @ider and @ider_len parameters
+ * can be omitted, if the element is already decoded using asn1_der_decoding().
+ *
+ * Returns: %ASN1_SUCCESS if DER encoding OK, %ASN1_ELEMENT_NOT_FOUND
+ *   if ELEMENT is %asn1_node EMPTY or @name_element is not a valid
+ *   element, %ASN1_TAG_ERROR or %ASN1_DER_ERROR if the der encoding
+ *   doesn't match the structure ELEMENT.
+ **/
+int
+asn1_der_decoding_startEnd (asn1_node element, const void *ider, int ider_len,
+			    const char *name_element, int *start, int *end)
+{
+  asn1_node node, node_to_find;
+  int result = ASN1_DER_ERROR;
+
+  node = element;
+
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  node_to_find = asn1_find_node (node, name_element);
+
+  if (node_to_find == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  *start = node_to_find->start;
+  *end = node_to_find->end;
+
+  if (*start == 0 && *end == 0)
+    {
+      if (ider == NULL || ider_len == 0)
+        return ASN1_GENERIC_ERROR;
+
+      /* it seems asn1_der_decoding() wasn't called before. Do it now */
+      result = asn1_der_decoding (&node, ider, ider_len, NULL);
+      if (result != ASN1_SUCCESS)
+        {
+          warn();
+          return result;
+        }
+
+      node_to_find = asn1_find_node (node, name_element);
+      if (node_to_find == NULL)
+        return ASN1_ELEMENT_NOT_FOUND;
+
+      *start = node_to_find->start;
+      *end = node_to_find->end;
+    }
+
+  if (*end < *start)
+    return ASN1_GENERIC_ERROR;
+
+  return ASN1_SUCCESS;
+}
+
+/**
+ * asn1_expand_any_defined_by:
+ * @definitions: ASN1 definitions
+ * @element: pointer to an ASN1 structure
+ *
+ * Expands every "ANY DEFINED BY" element of a structure created from
+ * a DER decoding process (asn1_der_decoding function). The element
+ * ANY must be defined by an OBJECT IDENTIFIER. The type used to
+ * expand the element ANY is the first one following the definition of
+ * the actual value of the OBJECT IDENTIFIER.
+ *
+ * Returns: %ASN1_SUCCESS if Substitution OK, %ASN1_ERROR_TYPE_ANY if
+ *   some "ANY DEFINED BY" element couldn't be expanded due to a
+ *   problem in OBJECT_ID -> TYPE association, or other error codes
+ *   depending on DER decoding.
+ **/
+int
+asn1_expand_any_defined_by (asn1_node_const definitions, asn1_node * element)
+{
+  char name[2 * ASN1_MAX_NAME_SIZE + 2],
+    value[ASN1_MAX_NAME_SIZE];
+  int retCode = ASN1_SUCCESS, result;
+  int len, len2, len3;
+  asn1_node_const p2;
+  asn1_node p, p3, aux = NULL;
+  char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
+  const char *definitionsName;
+
+  if ((definitions == NULL) || (*element == NULL))
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  definitionsName = definitions->name;
+
+  p = *element;
+  while (p)
+    {
+
+      switch (type_field (p->type))
+	{
+	case ASN1_ETYPE_ANY:
+	  if ((p->type & CONST_DEFINED_BY) && (p->value))
+	    {
+	      /* search the "DEF_BY" element */
+	      p2 = p->down;
+	      while ((p2) && (type_field (p2->type) != ASN1_ETYPE_CONSTANT))
+		p2 = p2->right;
+
+	      if (!p2)
+		{
+		  retCode = ASN1_ERROR_TYPE_ANY;
+		  break;
+		}
+
+	      p3 = _asn1_find_up (p);
+
+	      if (!p3)
+		{
+		  retCode = ASN1_ERROR_TYPE_ANY;
+		  break;
+		}
+
+	      p3 = p3->down;
+	      while (p3)
+		{
+		  if (!(strcmp (p3->name, p2->name)))
+		    break;
+		  p3 = p3->right;
+		}
+
+	      if ((!p3) || (type_field (p3->type) != ASN1_ETYPE_OBJECT_ID) ||
+		  (p3->value == NULL))
+		{
+
+		  p3 = _asn1_find_up (p);
+		  p3 = _asn1_find_up (p3);
+
+		  if (!p3)
+		    {
+		      retCode = ASN1_ERROR_TYPE_ANY;
+		      break;
+		    }
+
+		  p3 = p3->down;
+
+		  while (p3)
+		    {
+		      if (!(strcmp (p3->name, p2->name)))
+			break;
+		      p3 = p3->right;
+		    }
+
+		  if ((!p3) || (type_field (p3->type) != ASN1_ETYPE_OBJECT_ID)
+		      || (p3->value == NULL))
+		    {
+		      retCode = ASN1_ERROR_TYPE_ANY;
+		      break;
+		    }
+		}
+
+	      /* search the OBJECT_ID into definitions */
+	      p2 = definitions->down;
+	      while (p2)
+		{
+		  if ((type_field (p2->type) == ASN1_ETYPE_OBJECT_ID) &&
+		      (p2->type & CONST_ASSIGN))
+		    {
+		      snprintf(name, sizeof(name), "%s.%s", definitionsName, p2->name);
+
+		      len = ASN1_MAX_NAME_SIZE;
+		      result =
+			asn1_read_value (definitions, name, value, &len);
+
+		      if ((result == ASN1_SUCCESS)
+			  && (!_asn1_strcmp (p3->value, value)))
+			{
+			  p2 = p2->right;	/* pointer to the structure to
+						   use for expansion */
+			  while ((p2) && (p2->type & CONST_ASSIGN))
+			    p2 = p2->right;
+
+			  if (p2)
+			    {
+			      snprintf(name, sizeof(name), "%s.%s", definitionsName, p2->name);
+
+			      result =
+				asn1_create_element (definitions, name, &aux);
+			      if (result == ASN1_SUCCESS)
+				{
+				  _asn1_cpy_name (aux, p);
+				  len2 =
+				    asn1_get_length_der (p->value,
+							 p->value_len, &len3);
+				  if (len2 < 0)
+				    return ASN1_DER_ERROR;
+
+				  result =
+				    asn1_der_decoding (&aux, p->value + len3,
+						       len2,
+						       errorDescription);
+				  if (result == ASN1_SUCCESS)
+				    {
+
+				      _asn1_set_right (aux, p->right);
+				      _asn1_set_right (p, aux);
+
+				      result = asn1_delete_structure (&p);
+				      if (result == ASN1_SUCCESS)
+					{
+					  p = aux;
+					  aux = NULL;
+					  break;
+					}
+				      else
+					{	/* error with asn1_delete_structure */
+					  asn1_delete_structure (&aux);
+					  retCode = result;
+					  break;
+					}
+				    }
+				  else
+				    {	/* error with asn1_der_decoding */
+				      retCode = result;
+				      break;
+				    }
+				}
+			      else
+				{	/* error with asn1_create_element */
+				  retCode = result;
+				  break;
+				}
+			    }
+			  else
+			    {	/* error with the pointer to the structure to exapand */
+			      retCode = ASN1_ERROR_TYPE_ANY;
+			      break;
+			    }
+			}
+		    }
+		  p2 = p2->right;
+		}		/* end while */
+
+	      if (!p2)
+		{
+		  retCode = ASN1_ERROR_TYPE_ANY;
+		  break;
+		}
+
+	    }
+	  break;
+	default:
+	  break;
+	}
+
+
+      if (p->down)
+	{
+	  p = p->down;
+	}
+      else if (p == *element)
+	{
+	  p = NULL;
+	  break;
+	}
+      else if (p->right)
+	p = p->right;
+      else
+	{
+	  while (1)
+	    {
+	      p = _asn1_find_up (p);
+	      if (p == *element)
+		{
+		  p = NULL;
+		  break;
+		}
+	      if (p->right)
+		{
+		  p = p->right;
+		  break;
+		}
+	    }
+	}
+    }
+
+  return retCode;
+}
+
+/**
+ * asn1_expand_octet_string:
+ * @definitions: ASN1 definitions
+ * @element: pointer to an ASN1 structure
+ * @octetName: name of the OCTECT STRING field to expand.
+ * @objectName: name of the OBJECT IDENTIFIER field to use to define
+ *    the type for expansion.
+ *
+ * Expands an "OCTET STRING" element of a structure created from a DER
+ * decoding process (the asn1_der_decoding() function).  The type used
+ * for expansion is the first one following the definition of the
+ * actual value of the OBJECT IDENTIFIER indicated by OBJECTNAME.
+ *
+ * Returns: %ASN1_SUCCESS if substitution OK, %ASN1_ELEMENT_NOT_FOUND
+ *   if @objectName or @octetName are not correct,
+ *   %ASN1_VALUE_NOT_VALID if it wasn't possible to find the type to
+ *   use for expansion, or other errors depending on DER decoding.
+ **/
+int
+asn1_expand_octet_string (asn1_node_const definitions, asn1_node * element,
+			  const char *octetName, const char *objectName)
+{
+  char name[2 * ASN1_MAX_NAME_SIZE + 1], value[ASN1_MAX_NAME_SIZE];
+  int retCode = ASN1_SUCCESS, result;
+  int len, len2, len3;
+  asn1_node_const p2;
+  asn1_node aux = NULL;
+  asn1_node octetNode = NULL, objectNode = NULL;
+  char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
+
+  if ((definitions == NULL) || (*element == NULL))
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  octetNode = asn1_find_node (*element, octetName);
+  if (octetNode == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+  if (type_field (octetNode->type) != ASN1_ETYPE_OCTET_STRING)
+    return ASN1_ELEMENT_NOT_FOUND;
+  if (octetNode->value == NULL)
+    return ASN1_VALUE_NOT_FOUND;
+
+  objectNode = asn1_find_node (*element, objectName);
+  if (objectNode == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  if (type_field (objectNode->type) != ASN1_ETYPE_OBJECT_ID)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  if (objectNode->value == NULL)
+    return ASN1_VALUE_NOT_FOUND;
+
+
+  /* search the OBJECT_ID into definitions */
+  p2 = definitions->down;
+  while (p2)
+    {
+      if ((type_field (p2->type) == ASN1_ETYPE_OBJECT_ID) &&
+	  (p2->type & CONST_ASSIGN))
+	{
+	  strcpy (name, definitions->name);
+	  strcat (name, ".");
+	  strcat (name, p2->name);
+
+	  len = sizeof (value);
+	  result = asn1_read_value (definitions, name, value, &len);
+
+	  if ((result == ASN1_SUCCESS)
+	      && (!_asn1_strcmp (objectNode->value, value)))
+	    {
+
+	      p2 = p2->right;	/* pointer to the structure to
+				   use for expansion */
+	      while ((p2) && (p2->type & CONST_ASSIGN))
+		p2 = p2->right;
+
+	      if (p2)
+		{
+		  strcpy (name, definitions->name);
+		  strcat (name, ".");
+		  strcat (name, p2->name);
+
+		  result = asn1_create_element (definitions, name, &aux);
+		  if (result == ASN1_SUCCESS)
+		    {
+		      _asn1_cpy_name (aux, octetNode);
+		      len2 =
+			asn1_get_length_der (octetNode->value,
+					     octetNode->value_len, &len3);
+		      if (len2 < 0)
+			return ASN1_DER_ERROR;
+
+		      result =
+			asn1_der_decoding (&aux, octetNode->value + len3,
+					   len2, errorDescription);
+		      if (result == ASN1_SUCCESS)
+			{
+
+			  _asn1_set_right (aux, octetNode->right);
+			  _asn1_set_right (octetNode, aux);
+
+			  result = asn1_delete_structure (&octetNode);
+			  if (result == ASN1_SUCCESS)
+			    {
+			      aux = NULL;
+			      break;
+			    }
+			  else
+			    {	/* error with asn1_delete_structure */
+			      asn1_delete_structure (&aux);
+			      retCode = result;
+			      break;
+			    }
+			}
+		      else
+			{	/* error with asn1_der_decoding */
+			  retCode = result;
+			  break;
+			}
+		    }
+		  else
+		    {		/* error with asn1_create_element */
+		      retCode = result;
+		      break;
+		    }
+		}
+	      else
+		{		/* error with the pointer to the structure to exapand */
+		  retCode = ASN1_VALUE_NOT_VALID;
+		  break;
+		}
+	    }
+	}
+
+      p2 = p2->right;
+
+    }
+
+  if (!p2)
+    retCode = ASN1_VALUE_NOT_VALID;
+
+  return retCode;
+}
+
+/*-
+ * _asn1_decode_simple_der:
+ * @etype: The type of the string to be encoded (ASN1_ETYPE_)
+ * @der: the encoded string
+ * @_der_len: the bytes of the encoded string
+ * @str: a pointer to the data
+ * @str_len: the length of the data
+ * @dflags: DECODE_FLAG_*
+ *
+ * Decodes a simple DER encoded type (e.g. a string, which is not constructed).
+ * The output is a pointer inside the @der.
+ *
+ * Returns: %ASN1_SUCCESS if successful or an error value.
+ -*/
+static int
+_asn1_decode_simple_der (unsigned int etype, const unsigned char *der,
+			unsigned int _der_len, const unsigned char **str,
+			unsigned int *str_len, unsigned dflags)
+{
+  int tag_len, len_len;
+  const unsigned char *p;
+  int der_len = _der_len;
+  unsigned char class;
+  unsigned long tag;
+  long ret;
+
+  if (der == NULL || der_len == 0)
+    return ASN1_VALUE_NOT_VALID;
+
+  if (ETYPE_OK (etype) == 0 || ETYPE_IS_STRING(etype) == 0)
+    return ASN1_VALUE_NOT_VALID;
+
+  /* doesn't handle constructed classes */
+  class = ETYPE_CLASS(etype);
+  if (class != ASN1_CLASS_UNIVERSAL)
+    return ASN1_VALUE_NOT_VALID;
+
+  p = der;
+
+  if (dflags & DECODE_FLAG_HAVE_TAG)
+    {
+      ret = asn1_get_tag_der (p, der_len, &class, &tag_len, &tag);
+      if (ret != ASN1_SUCCESS)
+        return ret;
+
+      if (class != ETYPE_CLASS (etype) || tag != ETYPE_TAG (etype))
+        {
+          warn();
+          return ASN1_DER_ERROR;
+        }
+
+      p += tag_len;
+      der_len -= tag_len;
+      if (der_len <= 0)
+        return ASN1_DER_ERROR;
+    }
+
+  ret = asn1_get_length_der (p, der_len, &len_len);
+  if (ret < 0)
+    return ASN1_DER_ERROR;
+
+  p += len_len;
+  der_len -= len_len;
+  if (der_len <= 0)
+    return ASN1_DER_ERROR;
+
+  *str_len = ret;
+  *str = p;
+
+  return ASN1_SUCCESS;
+}
+
+/**
+ * asn1_decode_simple_der:
+ * @etype: The type of the string to be encoded (ASN1_ETYPE_)
+ * @der: the encoded string
+ * @_der_len: the bytes of the encoded string
+ * @str: a pointer to the data
+ * @str_len: the length of the data
+ *
+ * Decodes a simple DER encoded type (e.g. a string, which is not constructed).
+ * The output is a pointer inside the @der.
+ *
+ * Returns: %ASN1_SUCCESS if successful or an error value.
+ **/
+int
+asn1_decode_simple_der (unsigned int etype, const unsigned char *der,
+			unsigned int _der_len, const unsigned char **str,
+			unsigned int *str_len)
+{
+  return _asn1_decode_simple_der(etype, der, _der_len, str, str_len, DECODE_FLAG_HAVE_TAG);
+}
+
+static int append(uint8_t **dst, unsigned *dst_size, const unsigned char *src, unsigned src_size)
+{
+  if (src_size == 0)
+    return ASN1_SUCCESS;
+
+  *dst = _asn1_realloc(*dst, *dst_size+src_size);
+  if (*dst == NULL)
+    return ASN1_MEM_ALLOC_ERROR;
+  memcpy(*dst + *dst_size, src, src_size);
+  *dst_size += src_size;
+  return ASN1_SUCCESS;
+}
+
+/*-
+ * _asn1_decode_simple_ber:
+ * @etype: The type of the string to be encoded (ASN1_ETYPE_)
+ * @der: the encoded string
+ * @_der_len: the bytes of the encoded string
+ * @str: a pointer to the data
+ * @str_len: the length of the data
+ * @ber_len: the total length occupied by BER (may be %NULL)
+ * @have_tag: whether a DER tag is included
+ *
+ * Decodes a BER encoded type. The output is an allocated value
+ * of the data. This decodes BER STRINGS only. Other types are
+ * decoded as DER.
+ *
+ * Returns: %ASN1_SUCCESS if successful or an error value.
+ -*/
+static int
+_asn1_decode_simple_ber (unsigned int etype, const unsigned char *der,
+			unsigned int _der_len, unsigned char **str,
+			unsigned int *str_len, unsigned int *ber_len,
+			unsigned dflags)
+{
+  int tag_len, len_len;
+  const unsigned char *p;
+  int der_len = _der_len;
+  uint8_t *total = NULL;
+  unsigned total_size = 0;
+  unsigned char class;
+  unsigned long tag;
+  unsigned char *out = NULL;
+  const unsigned char *cout = NULL;
+  unsigned out_len;
+  long result;
+
+  if (ber_len) *ber_len = 0;
+
+  if (der == NULL || der_len == 0)
+    {
+      warn();
+      return ASN1_VALUE_NOT_VALID;
+    }
+
+  if (ETYPE_OK (etype) == 0)
+    {
+      warn();
+      return ASN1_VALUE_NOT_VALID;
+    }
+
+  /* doesn't handle constructed + definite classes */
+  class = ETYPE_CLASS (etype);
+  if (class != ASN1_CLASS_UNIVERSAL)
+    {
+      warn();
+      return ASN1_VALUE_NOT_VALID;
+    }
+
+  p = der;
+
+  if (dflags & DECODE_FLAG_HAVE_TAG)
+    {
+      result = asn1_get_tag_der (p, der_len, &class, &tag_len, &tag);
+        if (result != ASN1_SUCCESS)
+          {
+            warn();
+            return result;
+          }
+
+        if (tag != ETYPE_TAG (etype))
+          {
+            warn();
+            return ASN1_DER_ERROR;
+          }
+
+        p += tag_len;
+
+        DECR_LEN(der_len, tag_len);
+
+        if (ber_len) *ber_len += tag_len;
+    }
+
+  /* indefinite constructed */
+  if ((((dflags & DECODE_FLAG_CONSTRUCTED) || class == ASN1_CLASS_STRUCTURED) && ETYPE_IS_STRING(etype)) &&
+      !(dflags & DECODE_FLAG_LEVEL3))
+    {
+      if (der_len == 0)
+        {
+          warn();
+          result = ASN1_DER_ERROR;
+          goto cleanup;
+        }
+
+      if (der_len > 0 && p[0] == 0x80) /* indefinite */
+        {
+          len_len = 1;
+          DECR_LEN(der_len, len_len);
+          p += len_len;
+
+          if (ber_len) *ber_len += len_len;
+
+          /* decode the available octet strings */
+          do
+            {
+              unsigned tmp_len;
+              unsigned flags = DECODE_FLAG_HAVE_TAG;
+
+              if (dflags & DECODE_FLAG_LEVEL1)
+                flags |= DECODE_FLAG_LEVEL2;
+              else if (dflags & DECODE_FLAG_LEVEL2)
+                flags |= DECODE_FLAG_LEVEL3;
+              else
+		flags |= DECODE_FLAG_LEVEL1;
+
+              result = _asn1_decode_simple_ber(etype, p, der_len, &out, &out_len, &tmp_len,
+                                               flags);
+              if (result != ASN1_SUCCESS)
+                {
+                  warn();
+                  goto cleanup;
+                }
+
+              p += tmp_len;
+              DECR_LEN(der_len, tmp_len);
+
+              if (ber_len) *ber_len += tmp_len;
+
+              DECR_LEN(der_len, 2); /* we need the EOC */
+
+              result = append(&total, &total_size, out, out_len);
+              if (result != ASN1_SUCCESS)
+                {
+                  warn();
+                  goto cleanup;
+	        }
+
+              free(out);
+              out = NULL;
+
+	      if (p[0] == 0 && p[1] == 0) /* EOC */
+	        {
+                  if (ber_len) *ber_len += 2;
+                  break;
+                }
+
+              /* no EOC */
+              der_len += 2;
+
+              if (der_len == 2)
+                {
+                  warn();
+                  result = ASN1_DER_ERROR;
+                  goto cleanup;
+                }
+            }
+          while(1);
+        }
+      else /* constructed */
+        {
+          long const_len;
+
+          result = asn1_get_length_ber(p, der_len, &len_len);
+          if (result < 0)
+            {
+              warn();
+              result = ASN1_DER_ERROR;
+              goto cleanup;
+            }
+
+          DECR_LEN(der_len, len_len);
+          p += len_len;
+
+          const_len = result;
+
+          if (ber_len) *ber_len += len_len;
+
+          /* decode the available octet strings */
+          while(const_len > 0)
+            {
+              unsigned tmp_len;
+              unsigned flags = DECODE_FLAG_HAVE_TAG;
+
+              if (dflags & DECODE_FLAG_LEVEL1)
+                flags |= DECODE_FLAG_LEVEL2;
+              else if (dflags & DECODE_FLAG_LEVEL2)
+                flags |= DECODE_FLAG_LEVEL3;
+              else
+		flags |= DECODE_FLAG_LEVEL1;
+
+              result = _asn1_decode_simple_ber(etype, p, der_len, &out, &out_len, &tmp_len,
+                                               flags);
+              if (result != ASN1_SUCCESS)
+                {
+                  warn();
+                  goto cleanup;
+                }
+
+              p += tmp_len;
+              DECR_LEN(der_len, tmp_len);
+              DECR_LEN(const_len, tmp_len);
+
+              if (ber_len) *ber_len += tmp_len;
+
+              result = append(&total, &total_size, out, out_len);
+              if (result != ASN1_SUCCESS)
+                {
+                  warn();
+                  goto cleanup;
+	        }
+
+              free(out);
+              out = NULL;
+            }
+        }
+    }
+  else if (class == ETYPE_CLASS(etype))
+    {
+      if (ber_len)
+        {
+          result = asn1_get_length_der (p, der_len, &len_len);
+          if (result < 0)
+            {
+              warn();
+              result = ASN1_DER_ERROR;
+              goto cleanup;
+            }
+          *ber_len += result + len_len;
+        }
+
+      /* non-string values are decoded as DER */
+      result = _asn1_decode_simple_der(etype, der, _der_len, &cout, &out_len, dflags);
+      if (result != ASN1_SUCCESS)
+        {
+          warn();
+          goto cleanup;
+        }
+
+      result = append(&total, &total_size, cout, out_len);
+      if (result != ASN1_SUCCESS)
+        {
+          warn();
+          goto cleanup;
+        }
+    }
+  else
+    {
+      warn();
+      result = ASN1_DER_ERROR;
+      goto cleanup;
+    }
+
+  *str = total;
+  *str_len = total_size;
+
+  return ASN1_SUCCESS;
+cleanup:
+  free(out);
+  free(total);
+  return result;
+}
+
+/**
+ * asn1_decode_simple_ber:
+ * @etype: The type of the string to be encoded (ASN1_ETYPE_)
+ * @der: the encoded string
+ * @_der_len: the bytes of the encoded string
+ * @str: a pointer to the data
+ * @str_len: the length of the data
+ * @ber_len: the total length occupied by BER (may be %NULL)
+ *
+ * Decodes a BER encoded type. The output is an allocated value
+ * of the data. This decodes BER STRINGS only. Other types are
+ * decoded as DER.
+ *
+ * Returns: %ASN1_SUCCESS if successful or an error value.
+ **/
+int
+asn1_decode_simple_ber (unsigned int etype, const unsigned char *der,
+			unsigned int _der_len, unsigned char **str,
+			unsigned int *str_len, unsigned int *ber_len)
+{
+  return _asn1_decode_simple_ber(etype, der, _der_len, str, str_len, ber_len, DECODE_FLAG_HAVE_TAG);
+}
diff --git a/lib/minitasn1/element.c b/lib/minitasn1/element.c
new file mode 100644
index 0000000..550fdb2
--- /dev/null
+++ b/lib/minitasn1/element.c
@@ -0,0 +1,1111 @@
+/*
+ * Copyright (C) 2000-2021 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * The LIBTASN1 library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA
+ */
+
+/*****************************************************/
+/* File: element.c                                   */
+/* Description: Functions with the read and write    */
+/*   functions.                                      */
+/*****************************************************/
+
+
+#include <int.h>
+#include "parser_aux.h"
+#include <gstr.h>
+#include "structure.h"
+#include "c-ctype.h"
+#include "element.h"
+
+void
+_asn1_hierarchical_name (asn1_node_const node, char *name, int name_size)
+{
+  asn1_node_const p;
+  char tmp_name[64];
+
+  p = node;
+
+  name[0] = 0;
+
+  while (p != NULL)
+    {
+      if (p->name[0] != 0)
+	{
+	  _asn1_str_cpy (tmp_name, sizeof (tmp_name), name),
+	    _asn1_str_cpy (name, name_size, p->name);
+	  _asn1_str_cat (name, name_size, ".");
+	  _asn1_str_cat (name, name_size, tmp_name);
+	}
+      p = _asn1_find_up (p);
+    }
+
+  if (name[0] == 0)
+    _asn1_str_cpy (name, name_size, "ROOT");
+}
+
+
+/******************************************************************/
+/* Function : _asn1_convert_integer                               */
+/* Description: converts an integer from a null terminated string */
+/*              to der decoding. The convertion from a null       */
+/*              terminated string to an integer is made with      */
+/*              the 'strtol' function.                            */
+/* Parameters:                                                    */
+/*   value: null terminated string to convert.                    */
+/*   value_out: convertion result (memory must be already         */
+/*              allocated).                                       */
+/*   value_out_size: number of bytes of value_out.                */
+/*   len: number of significant byte of value_out.                */
+/* Return: ASN1_MEM_ERROR or ASN1_SUCCESS                         */
+/******************************************************************/
+int
+_asn1_convert_integer (const unsigned char *value, unsigned char *value_out,
+		       int value_out_size, int *len)
+{
+  char negative;
+  unsigned char val[SIZEOF_UNSIGNED_LONG_INT];
+  long valtmp;
+  int k, k2;
+
+  valtmp = _asn1_strtol (value, NULL, 10);
+
+  for (k = 0; k < SIZEOF_UNSIGNED_LONG_INT; k++)
+    {
+      val[SIZEOF_UNSIGNED_LONG_INT - k - 1] = (valtmp >> (8 * k)) & 0xFF;
+    }
+
+  if (val[0] & 0x80)
+    negative = 1;
+  else
+    negative = 0;
+
+  for (k = 0; k < SIZEOF_UNSIGNED_LONG_INT - 1; k++)
+    {
+      if (negative && (val[k] != 0xFF))
+	break;
+      else if (!negative && val[k])
+	break;
+    }
+
+  if ((negative && !(val[k] & 0x80)) || (!negative && (val[k] & 0x80)))
+    k--;
+
+  *len = SIZEOF_UNSIGNED_LONG_INT - k;
+
+  if (SIZEOF_UNSIGNED_LONG_INT - k > value_out_size)
+    /* VALUE_OUT is too short to contain the value conversion */
+    return ASN1_MEM_ERROR;
+
+  if (value_out != NULL)
+    {
+      for (k2 = k; k2 < SIZEOF_UNSIGNED_LONG_INT; k2++)
+        value_out[k2 - k] = val[k2];
+    }
+
+#if 0
+  printf ("_asn1_convert_integer: valueIn=%s, lenOut=%d", value, *len);
+  for (k = 0; k < SIZEOF_UNSIGNED_LONG_INT; k++)
+    printf (", vOut[%d]=%d", k, value_out[k]);
+  printf ("\n");
+#endif
+
+  return ASN1_SUCCESS;
+}
+
+/* Appends a new element into the sequence (or set) defined by this
+ * node. The new element will have a name of '?number', where number
+ * is a monotonically increased serial number.
+ *
+ * The last element in the list may be provided in @pcache, to avoid
+ * traversing the list, an expensive operation in long lists.
+ *
+ * On success it returns in @pcache the added element (which is the
+ * tail in the list of added elements).
+ */
+int
+_asn1_append_sequence_set (asn1_node node, struct node_tail_cache_st *pcache)
+{
+  asn1_node p, p2;
+  char temp[LTOSTR_MAX_SIZE+1];
+  long n;
+
+  if (!node || !(node->down))
+    return ASN1_GENERIC_ERROR;
+
+  p = node->down;
+  while ((type_field (p->type) == ASN1_ETYPE_TAG)
+	 || (type_field (p->type) == ASN1_ETYPE_SIZE))
+    p = p->right;
+
+  p2 = _asn1_copy_structure3 (p);
+  if (p2 == NULL)
+    return ASN1_GENERIC_ERROR;
+
+  if (pcache == NULL || pcache->tail == NULL || pcache->head != node)
+    {
+      while (p->right)
+        {
+          p = p->right;
+        }
+    }
+  else
+    {
+      p = pcache->tail;
+    }
+
+  _asn1_set_right (p, p2);
+  if (pcache)
+    {
+      pcache->head = node;
+      pcache->tail = p2;
+    }
+
+  if (p->name[0] == 0)
+    _asn1_str_cpy (temp, sizeof (temp), "?1");
+  else
+    {
+      n = strtol (p->name + 1, NULL, 0);
+      n++;
+      temp[0] = '?';
+      _asn1_ltostr (n, temp + 1);
+    }
+  _asn1_set_name (p2, temp);
+  /*  p2->type |= CONST_OPTION; */
+
+  return ASN1_SUCCESS;
+}
+
+
+/**
+ * asn1_write_value:
+ * @node_root: pointer to a structure
+ * @name: the name of the element inside the structure that you want to set.
+ * @ivalue: vector used to specify the value to set. If len is >0,
+ *   VALUE must be a two's complement form integer.  if len=0 *VALUE
+ *   must be a null terminated string with an integer value.
+ * @len: number of bytes of *value to use to set the value:
+ *   value[0]..value[len-1] or 0 if value is a null terminated string
+ *
+ * Set the value of one element inside a structure.
+ *
+ * If an element is OPTIONAL and you want to delete it, you must use
+ * the value=NULL and len=0.  Using "pkix.asn":
+ *
+ * result=asn1_write_value(cert, "tbsCertificate.issuerUniqueID",
+ * NULL, 0);
+ *
+ * Description for each type:
+ *
+ * INTEGER: VALUE must contain a two's complement form integer.
+ *
+ *            value[0]=0xFF ,               len=1 -> integer=-1.
+ *            value[0]=0xFF value[1]=0xFF , len=2 -> integer=-1.
+ *            value[0]=0x01 ,               len=1 -> integer= 1.
+ *            value[0]=0x00 value[1]=0x01 , len=2 -> integer= 1.
+ *            value="123"                 , len=0 -> integer= 123.
+ *
+ * ENUMERATED: As INTEGER (but only with not negative numbers).
+ *
+ * BOOLEAN: VALUE must be the null terminated string "TRUE" or
+ *   "FALSE" and LEN != 0.
+ *
+ *            value="TRUE" , len=1 -> boolean=TRUE.
+ *            value="FALSE" , len=1 -> boolean=FALSE.
+ *
+ * OBJECT IDENTIFIER: VALUE must be a null terminated string with
+ *   each number separated by a dot (e.g. "1.2.3.543.1").  LEN != 0.
+ *
+ *            value="1 2 840 10040 4 3" , len=1 -> OID=dsa-with-sha.
+ *
+ * UTCTime: VALUE must be a null terminated string in one of these
+ *   formats: "YYMMDDhhmmssZ", "YYMMDDhhmmssZ",
+ *   "YYMMDDhhmmss+hh'mm'", "YYMMDDhhmmss-hh'mm'",
+ *   "YYMMDDhhmm+hh'mm'", or "YYMMDDhhmm-hh'mm'".  LEN != 0.
+ *
+ *            value="9801011200Z" , len=1 -> time=Jannuary 1st, 1998
+ *            at 12h 00m Greenwich Mean Time
+ *
+ * GeneralizedTime: VALUE must be in one of this format:
+ *   "YYYYMMDDhhmmss.sZ", "YYYYMMDDhhmmss.sZ",
+ *   "YYYYMMDDhhmmss.s+hh'mm'", "YYYYMMDDhhmmss.s-hh'mm'",
+ *   "YYYYMMDDhhmm+hh'mm'", or "YYYYMMDDhhmm-hh'mm'" where ss.s
+ *   indicates the seconds with any precision like "10.1" or "01.02".
+ *   LEN != 0
+ *
+ *            value="2001010112001.12-0700" , len=1 -> time=Jannuary
+ *            1st, 2001 at 12h 00m 01.12s Pacific Daylight Time
+ *
+ * OCTET STRING: VALUE contains the octet string and LEN is the
+ *   number of octets.
+ *
+ *            value="$\backslash$x01$\backslash$x02$\backslash$x03" ,
+ *            len=3 -> three bytes octet string
+ *
+ * GeneralString: VALUE contains the generalstring and LEN is the
+ *   number of octets.
+ *
+ *            value="$\backslash$x01$\backslash$x02$\backslash$x03" ,
+ *            len=3 -> three bytes generalstring
+ *
+ * BIT STRING: VALUE contains the bit string organized by bytes and
+ *   LEN is the number of bits.
+ *
+ *   value="$\backslash$xCF" , len=6 -> bit string="110011" (six
+ *   bits)
+ *
+ * CHOICE: if NAME indicates a choice type, VALUE must specify one of
+ *   the alternatives with a null terminated string. LEN != 0. Using
+ *   "pkix.asn"\:
+ *
+ *           result=asn1_write_value(cert,
+ *           "certificate1.tbsCertificate.subject", "rdnSequence",
+ *           1);
+ *
+ * ANY: VALUE indicates the der encoding of a structure.  LEN != 0.
+ *
+ * SEQUENCE OF: VALUE must be the null terminated string "NEW" and
+ *   LEN != 0. With this instruction another element is appended in
+ *   the sequence. The name of this element will be "?1" if it's the
+ *   first one, "?2" for the second and so on.
+ *
+ *   Using "pkix.asn"\:
+ *
+ *   result=asn1_write_value(cert,
+ *   "certificate1.tbsCertificate.subject.rdnSequence", "NEW", 1);
+ *
+ * SET OF: the same as SEQUENCE OF.  Using "pkix.asn":
+ *
+ *           result=asn1_write_value(cert,
+ *           "tbsCertificate.subject.rdnSequence.?LAST", "NEW", 1);
+ *
+ * Returns: %ASN1_SUCCESS if the value was set,
+ *   %ASN1_ELEMENT_NOT_FOUND if @name is not a valid element, and
+ *   %ASN1_VALUE_NOT_VALID if @ivalue has a wrong format.
+ **/
+int
+asn1_write_value (asn1_node node_root, const char *name,
+		  const void *ivalue, int len)
+{
+  asn1_node node, p, p2;
+  unsigned char *temp, *value_temp = NULL, *default_temp = NULL;
+  int len2, k, k2, negative;
+  size_t i;
+  const unsigned char *value = ivalue;
+  unsigned int type;
+
+  node = asn1_find_node (node_root, name);
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  if ((node->type & CONST_OPTION) && (value == NULL) && (len == 0))
+    {
+      asn1_delete_structure (&node);
+      return ASN1_SUCCESS;
+    }
+
+  type = type_field (node->type);
+
+  if ((type == ASN1_ETYPE_SEQUENCE_OF || type == ASN1_ETYPE_SET_OF) && (value == NULL) && (len == 0))
+    {
+      p = node->down;
+      while ((type_field (p->type) == ASN1_ETYPE_TAG)
+	     || (type_field (p->type) == ASN1_ETYPE_SIZE))
+	p = p->right;
+
+      while (p->right)
+	asn1_delete_structure (&p->right);
+
+      return ASN1_SUCCESS;
+    }
+
+  /* Don't allow element deletion for other types */
+  if (value == NULL)
+    {
+      return ASN1_VALUE_NOT_VALID;
+    }
+
+  switch (type)
+    {
+    case ASN1_ETYPE_BOOLEAN:
+      if (!_asn1_strcmp (value, "TRUE"))
+	{
+	  if (node->type & CONST_DEFAULT)
+	    {
+	      p = node->down;
+	      while (type_field (p->type) != ASN1_ETYPE_DEFAULT)
+		p = p->right;
+	      if (p->type & CONST_TRUE)
+		_asn1_set_value (node, NULL, 0);
+	      else
+		_asn1_set_value (node, "T", 1);
+	    }
+	  else
+	    _asn1_set_value (node, "T", 1);
+	}
+      else if (!_asn1_strcmp (value, "FALSE"))
+	{
+	  if (node->type & CONST_DEFAULT)
+	    {
+	      p = node->down;
+	      while (type_field (p->type) != ASN1_ETYPE_DEFAULT)
+		p = p->right;
+	      if (p->type & CONST_FALSE)
+		_asn1_set_value (node, NULL, 0);
+	      else
+		_asn1_set_value (node, "F", 1);
+	    }
+	  else
+	    _asn1_set_value (node, "F", 1);
+	}
+      else
+	return ASN1_VALUE_NOT_VALID;
+      break;
+    case ASN1_ETYPE_INTEGER:
+    case ASN1_ETYPE_ENUMERATED:
+      if (len == 0)
+	{
+	  if ((c_isdigit (value[0])) || (value[0] == '-'))
+	    {
+	      value_temp = malloc (SIZEOF_UNSIGNED_LONG_INT);
+	      if (value_temp == NULL)
+		return ASN1_MEM_ALLOC_ERROR;
+
+	      _asn1_convert_integer (value, value_temp,
+				     SIZEOF_UNSIGNED_LONG_INT, &len);
+	    }
+	  else
+	    {			/* is an identifier like v1 */
+	      if (!(node->type & CONST_LIST))
+		return ASN1_VALUE_NOT_VALID;
+	      p = node->down;
+	      while (p)
+		{
+		  if (type_field (p->type) == ASN1_ETYPE_CONSTANT)
+		    {
+		      if (!_asn1_strcmp (p->name, value))
+			{
+			  value_temp = malloc (SIZEOF_UNSIGNED_LONG_INT);
+			  if (value_temp == NULL)
+			    return ASN1_MEM_ALLOC_ERROR;
+
+			  _asn1_convert_integer (p->value,
+						 value_temp,
+						 SIZEOF_UNSIGNED_LONG_INT,
+						 &len);
+			  break;
+			}
+		    }
+		  p = p->right;
+		}
+	      if (p == NULL)
+		return ASN1_VALUE_NOT_VALID;
+	    }
+	}
+      else
+	{			/* len != 0 */
+	  value_temp = malloc (len);
+	  if (value_temp == NULL)
+	    return ASN1_MEM_ALLOC_ERROR;
+	  memcpy (value_temp, value, len);
+	}
+
+      if (value_temp[0] & 0x80)
+	negative = 1;
+      else
+	negative = 0;
+
+      if (negative && (type_field (node->type) == ASN1_ETYPE_ENUMERATED))
+	{
+	  free (value_temp);
+	  return ASN1_VALUE_NOT_VALID;
+	}
+
+      for (k = 0; k < len - 1; k++)
+	if (negative && (value_temp[k] != 0xFF))
+	  break;
+	else if (!negative && value_temp[k])
+	  break;
+
+      if ((negative && !(value_temp[k] & 0x80)) ||
+	  (!negative && (value_temp[k] & 0x80)))
+	k--;
+
+      _asn1_set_value_lv (node, value_temp + k, len - k);
+
+      if (node->type & CONST_DEFAULT)
+	{
+	  p = node->down;
+	  while (type_field (p->type) != ASN1_ETYPE_DEFAULT)
+	    p = p->right;
+	  if ((c_isdigit (p->value[0])) || (p->value[0] == '-'))
+	    {
+	      default_temp = malloc (SIZEOF_UNSIGNED_LONG_INT);
+	      if (default_temp == NULL)
+		{
+		  free (value_temp);
+		  return ASN1_MEM_ALLOC_ERROR;
+		}
+
+	      _asn1_convert_integer (p->value, default_temp,
+				     SIZEOF_UNSIGNED_LONG_INT, &len2);
+	    }
+	  else
+	    {			/* is an identifier like v1 */
+	      if (!(node->type & CONST_LIST))
+		{
+		  free (value_temp);
+		  return ASN1_VALUE_NOT_VALID;
+		}
+	      p2 = node->down;
+	      while (p2)
+		{
+		  if (type_field (p2->type) == ASN1_ETYPE_CONSTANT)
+		    {
+		      if (!_asn1_strcmp (p2->name, p->value))
+			{
+			  default_temp = malloc (SIZEOF_UNSIGNED_LONG_INT);
+			  if (default_temp == NULL)
+			    {
+			      free (value_temp);
+			      return ASN1_MEM_ALLOC_ERROR;
+			    }
+
+			  _asn1_convert_integer (p2->value,
+						 default_temp,
+						 SIZEOF_UNSIGNED_LONG_INT,
+						 &len2);
+			  break;
+			}
+		    }
+		  p2 = p2->right;
+		}
+	      if (p2 == NULL)
+		{
+		  free (value_temp);
+		  return ASN1_VALUE_NOT_VALID;
+		}
+	    }
+
+
+	  if ((len - k) == len2)
+	    {
+	      for (k2 = 0; k2 < len2; k2++)
+		if (value_temp[k + k2] != default_temp[k2])
+		  {
+		    break;
+		  }
+	      if (k2 == len2)
+		_asn1_set_value (node, NULL, 0);
+	    }
+	  free (default_temp);
+	}
+      free (value_temp);
+      break;
+    case ASN1_ETYPE_OBJECT_ID:
+      for (i = 0; i < _asn1_strlen (value); i++)
+	if ((!c_isdigit (value[i])) && (value[i] != '.') && (value[i] != '+'))
+	  return ASN1_VALUE_NOT_VALID;
+      if (node->type & CONST_DEFAULT)
+	{
+	  p = node->down;
+	  while (type_field (p->type) != ASN1_ETYPE_DEFAULT)
+	    p = p->right;
+	  if (!_asn1_strcmp (value, p->value))
+	    {
+	      _asn1_set_value (node, NULL, 0);
+	      break;
+	    }
+	}
+      _asn1_set_value (node, value, _asn1_strlen (value) + 1);
+      break;
+    case ASN1_ETYPE_UTC_TIME:
+      {
+	len = _asn1_strlen (value);
+	if (len < 11)
+	  return ASN1_VALUE_NOT_VALID;
+	for (k = 0; k < 10; k++)
+	  if (!c_isdigit (value[k]))
+	    return ASN1_VALUE_NOT_VALID;
+	switch (len)
+	  {
+	  case 11:
+	    if (value[10] != 'Z')
+	      return ASN1_VALUE_NOT_VALID;
+	    break;
+	  case 13:
+	    if ((!c_isdigit (value[10])) || (!c_isdigit (value[11])) ||
+		(value[12] != 'Z'))
+	      return ASN1_VALUE_NOT_VALID;
+	    break;
+	  case 15:
+	    if ((value[10] != '+') && (value[10] != '-'))
+	      return ASN1_VALUE_NOT_VALID;
+	    for (k = 11; k < 15; k++)
+	      if (!c_isdigit (value[k]))
+		return ASN1_VALUE_NOT_VALID;
+	    break;
+	  case 17:
+	    if ((!c_isdigit (value[10])) || (!c_isdigit (value[11])))
+	      return ASN1_VALUE_NOT_VALID;
+	    if ((value[12] != '+') && (value[12] != '-'))
+	      return ASN1_VALUE_NOT_VALID;
+	    for (k = 13; k < 17; k++)
+	      if (!c_isdigit (value[k]))
+		return ASN1_VALUE_NOT_VALID;
+	    break;
+	  default:
+	    return ASN1_VALUE_NOT_FOUND;
+	  }
+	_asn1_set_value (node, value, len);
+      }
+      break;
+    case ASN1_ETYPE_GENERALIZED_TIME:
+      len = _asn1_strlen (value);
+      _asn1_set_value (node, value, len);
+      break;
+    case ASN1_ETYPE_OCTET_STRING:
+    case ASN1_ETYPE_GENERALSTRING:
+    case ASN1_ETYPE_NUMERIC_STRING:
+    case ASN1_ETYPE_IA5_STRING:
+    case ASN1_ETYPE_TELETEX_STRING:
+    case ASN1_ETYPE_PRINTABLE_STRING:
+    case ASN1_ETYPE_UNIVERSAL_STRING:
+    case ASN1_ETYPE_BMP_STRING:
+    case ASN1_ETYPE_UTF8_STRING:
+    case ASN1_ETYPE_VISIBLE_STRING:
+      if (len == 0)
+	len = _asn1_strlen (value);
+      _asn1_set_value_lv (node, value, len);
+      break;
+    case ASN1_ETYPE_BIT_STRING:
+      if (len == 0)
+	len = _asn1_strlen (value);
+      asn1_length_der ((len >> 3) + 2, NULL, &len2);
+      temp = malloc ((len >> 3) + 2 + len2);
+      if (temp == NULL)
+	return ASN1_MEM_ALLOC_ERROR;
+
+      asn1_bit_der (value, len, temp, &len2);
+      _asn1_set_value_m (node, temp, len2);
+      temp = NULL;
+      break;
+    case ASN1_ETYPE_CHOICE:
+      p = node->down;
+      while (p)
+	{
+	  if (!_asn1_strcmp (p->name, value))
+	    {
+	      p2 = node->down;
+	      while (p2)
+		{
+		  if (p2 != p)
+		    {
+		      asn1_delete_structure (&p2);
+		      p2 = node->down;
+		    }
+		  else
+		    p2 = p2->right;
+		}
+	      break;
+	    }
+	  p = p->right;
+	}
+      if (!p)
+	return ASN1_ELEMENT_NOT_FOUND;
+      break;
+    case ASN1_ETYPE_ANY:
+      _asn1_set_value_lv (node, value, len);
+      break;
+    case ASN1_ETYPE_SEQUENCE_OF:
+    case ASN1_ETYPE_SET_OF:
+      if (_asn1_strcmp (value, "NEW"))
+	return ASN1_VALUE_NOT_VALID;
+      _asn1_append_sequence_set (node, NULL);
+      break;
+    default:
+      return ASN1_ELEMENT_NOT_FOUND;
+      break;
+    }
+
+  return ASN1_SUCCESS;
+}
+
+
+#define PUT_VALUE( ptr, ptr_size, data, data_size) \
+	*len = data_size; \
+	if (ptr_size < data_size) { \
+		return ASN1_MEM_ERROR; \
+	} else { \
+		if (ptr && data_size > 0) \
+		  memcpy (ptr, data, data_size); \
+	}
+
+#define PUT_STR_VALUE( ptr, ptr_size, data) \
+	*len = _asn1_strlen (data) + 1; \
+	if (ptr_size < *len) { \
+		return ASN1_MEM_ERROR; \
+	} else { \
+		/* this strcpy is checked */ \
+		if (ptr) { \
+		  _asn1_strcpy (ptr, data); \
+		} \
+	}
+
+#define PUT_AS_STR_VALUE( ptr, ptr_size, data, data_size) \
+	*len = data_size + 1; \
+	if (ptr_size < *len) { \
+		return ASN1_MEM_ERROR; \
+	} else { \
+		/* this strcpy is checked */ \
+		if (ptr) { \
+		  if (data_size > 0) \
+		    memcpy (ptr, data, data_size); \
+		  ptr[data_size] = 0; \
+		} \
+	}
+
+#define ADD_STR_VALUE( ptr, ptr_size, data) \
+        *len += _asn1_strlen(data); \
+        if (ptr_size < (int) *len) { \
+                (*len)++; \
+                return ASN1_MEM_ERROR; \
+        } else { \
+                /* this strcat is checked */ \
+                if (ptr) _asn1_strcat (ptr, data); \
+        }
+
+/**
+ * asn1_read_value:
+ * @root: pointer to a structure.
+ * @name: the name of the element inside a structure that you want to read.
+ * @ivalue: vector that will contain the element's content, must be a
+ *   pointer to memory cells already allocated (may be %NULL).
+ * @len: number of bytes of *value: value[0]..value[len-1]. Initialy
+ *   holds the sizeof value.
+ *
+ * Returns the value of one element inside a structure.
+ * If an element is OPTIONAL and this returns
+ * %ASN1_ELEMENT_NOT_FOUND, it means that this element wasn't present
+ * in the der encoding that created the structure.  The first element
+ * of a SEQUENCE_OF or SET_OF is named "?1". The second one "?2" and
+ * so on. If the @root provided is a node to specific sequence element,
+ * then the keyword "?CURRENT" is also acceptable and indicates the
+ * current sequence element of this node.
+ *
+ * Note that there can be valid values with length zero. In these case
+ * this function will succeed and @len will be zero.
+ *
+ * INTEGER: VALUE will contain a two's complement form integer.
+ *
+ *            integer=-1  -> value[0]=0xFF , len=1.
+ *            integer=1   -> value[0]=0x01 , len=1.
+ *
+ * ENUMERATED: As INTEGER (but only with not negative numbers).
+ *
+ * BOOLEAN: VALUE will be the null terminated string "TRUE" or
+ *   "FALSE" and LEN=5 or LEN=6.
+ *
+ * OBJECT IDENTIFIER: VALUE will be a null terminated string with
+ *   each number separated by a dot (i.e. "1.2.3.543.1").
+ *
+ *                      LEN = strlen(VALUE)+1
+ *
+ * UTCTime: VALUE will be a null terminated string in one of these
+ *   formats: "YYMMDDhhmmss+hh'mm'" or "YYMMDDhhmmss-hh'mm'".
+ *   LEN=strlen(VALUE)+1.
+ *
+ * GeneralizedTime: VALUE will be a null terminated string in the
+ *   same format used to set the value.
+ *
+ * OCTET STRING: VALUE will contain the octet string and LEN will be
+ *   the number of octets.
+ *
+ * GeneralString: VALUE will contain the generalstring and LEN will
+ *   be the number of octets.
+ *
+ * BIT STRING: VALUE will contain the bit string organized by bytes
+ *   and LEN will be the number of bits.
+ *
+ * CHOICE: If NAME indicates a choice type, VALUE will specify the
+ *   alternative selected.
+ *
+ * ANY: If NAME indicates an any type, VALUE will indicate the DER
+ *   encoding of the structure actually used.
+ *
+ * Returns: %ASN1_SUCCESS if value is returned,
+ *   %ASN1_ELEMENT_NOT_FOUND if @name is not a valid element,
+ *   %ASN1_VALUE_NOT_FOUND if there isn't any value for the element
+ *   selected, and %ASN1_MEM_ERROR if The value vector isn't big enough
+ *   to store the result, and in this case @len will contain the number of
+ *   bytes needed. On the occasion that the stored data are of zero-length
+ *   this function may return %ASN1_SUCCESS even if the provided @len is zero.
+ **/
+int
+asn1_read_value (asn1_node_const root, const char *name, void *ivalue, int *len)
+{
+  return asn1_read_value_type (root, name, ivalue, len, NULL);
+}
+
+/**
+ * asn1_read_value_type:
+ * @root: pointer to a structure.
+ * @name: the name of the element inside a structure that you want to read.
+ * @ivalue: vector that will contain the element's content, must be a
+ *   pointer to memory cells already allocated (may be %NULL).
+ * @len: number of bytes of *value: value[0]..value[len-1]. Initialy
+ *   holds the sizeof value.
+ * @etype: The type of the value read (ASN1_ETYPE)
+ *
+ * Returns the type and value of one element inside a structure.
+ * If an element is OPTIONAL and this returns
+ * %ASN1_ELEMENT_NOT_FOUND, it means that this element wasn't present
+ * in the der encoding that created the structure.  The first element
+ * of a SEQUENCE_OF or SET_OF is named "?1". The second one "?2" and
+ * so on. If the @root provided is a node to specific sequence element,
+ * then the keyword "?CURRENT" is also acceptable and indicates the
+ * current sequence element of this node.
+ *
+ * Note that there can be valid values with length zero. In these case
+ * this function will succeed and @len will be zero.
+ *
+ *
+ * INTEGER: VALUE will contain a two's complement form integer.
+ *
+ *            integer=-1  -> value[0]=0xFF , len=1.
+ *            integer=1   -> value[0]=0x01 , len=1.
+ *
+ * ENUMERATED: As INTEGER (but only with not negative numbers).
+ *
+ * BOOLEAN: VALUE will be the null terminated string "TRUE" or
+ *   "FALSE" and LEN=5 or LEN=6.
+ *
+ * OBJECT IDENTIFIER: VALUE will be a null terminated string with
+ *   each number separated by a dot (i.e. "1.2.3.543.1").
+ *
+ *                      LEN = strlen(VALUE)+1
+ *
+ * UTCTime: VALUE will be a null terminated string in one of these
+ *   formats: "YYMMDDhhmmss+hh'mm'" or "YYMMDDhhmmss-hh'mm'".
+ *   LEN=strlen(VALUE)+1.
+ *
+ * GeneralizedTime: VALUE will be a null terminated string in the
+ *   same format used to set the value.
+ *
+ * OCTET STRING: VALUE will contain the octet string and LEN will be
+ *   the number of octets.
+ *
+ * GeneralString: VALUE will contain the generalstring and LEN will
+ *   be the number of octets.
+ *
+ * BIT STRING: VALUE will contain the bit string organized by bytes
+ *   and LEN will be the number of bits.
+ *
+ * CHOICE: If NAME indicates a choice type, VALUE will specify the
+ *   alternative selected.
+ *
+ * ANY: If NAME indicates an any type, VALUE will indicate the DER
+ *   encoding of the structure actually used.
+ *
+ * Returns: %ASN1_SUCCESS if value is returned,
+ *   %ASN1_ELEMENT_NOT_FOUND if @name is not a valid element,
+ *   %ASN1_VALUE_NOT_FOUND if there isn't any value for the element
+ *   selected, and %ASN1_MEM_ERROR if The value vector isn't big enough
+ *   to store the result, and in this case @len will contain the number of
+ *   bytes needed. On the occasion that the stored data are of zero-length
+ *   this function may return %ASN1_SUCCESS even if the provided @len is zero.
+ **/
+int
+asn1_read_value_type (asn1_node_const root, const char *name, void *ivalue,
+		      int *len, unsigned int *etype)
+{
+  asn1_node_const node, p, p2;
+  int len2, len3, result;
+  int value_size = *len;
+  unsigned char *value = ivalue;
+  unsigned type;
+
+  node = asn1_find_node (root, name);
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  type = type_field (node->type);
+
+  if ((type != ASN1_ETYPE_NULL) &&
+      (type != ASN1_ETYPE_CHOICE) &&
+      !(node->type & CONST_DEFAULT) && !(node->type & CONST_ASSIGN) &&
+      (node->value == NULL))
+    return ASN1_VALUE_NOT_FOUND;
+
+  if (etype)
+    *etype = type;
+  switch (type)
+    {
+    case ASN1_ETYPE_NULL:
+      PUT_STR_VALUE (value, value_size, "NULL");
+      break;
+    case ASN1_ETYPE_BOOLEAN:
+      if ((node->type & CONST_DEFAULT) && (node->value == NULL))
+	{
+	  p = node->down;
+	  while (type_field (p->type) != ASN1_ETYPE_DEFAULT)
+	    p = p->right;
+	  if (p->type & CONST_TRUE)
+	    {
+	      PUT_STR_VALUE (value, value_size, "TRUE");
+	    }
+	  else
+	    {
+	      PUT_STR_VALUE (value, value_size, "FALSE");
+	    }
+	}
+      else if (node->value[0] == 'T')
+	{
+	  PUT_STR_VALUE (value, value_size, "TRUE");
+	}
+      else
+	{
+	  PUT_STR_VALUE (value, value_size, "FALSE");
+	}
+      break;
+    case ASN1_ETYPE_INTEGER:
+    case ASN1_ETYPE_ENUMERATED:
+      if ((node->type & CONST_DEFAULT) && (node->value == NULL))
+	{
+	  p = node->down;
+	  while (type_field (p->type) != ASN1_ETYPE_DEFAULT)
+	    p = p->right;
+	  if ((c_isdigit (p->value[0])) || (p->value[0] == '-')
+	      || (p->value[0] == '+'))
+	    {
+	      result = _asn1_convert_integer
+		  (p->value, value, value_size, len);
+              if (result != ASN1_SUCCESS)
+		return result;
+	    }
+	  else
+	    {			/* is an identifier like v1 */
+	      p2 = node->down;
+	      while (p2)
+		{
+		  if (type_field (p2->type) == ASN1_ETYPE_CONSTANT)
+		    {
+		      if (!_asn1_strcmp (p2->name, p->value))
+			{
+			  result = _asn1_convert_integer
+			      (p2->value, value, value_size,
+			       len);
+			  if (result != ASN1_SUCCESS)
+			    return result;
+			  break;
+			}
+		    }
+		  p2 = p2->right;
+		}
+	    }
+	}
+      else
+	{
+	  len2 = -1;
+	  result = asn1_get_octet_der
+	      (node->value, node->value_len, &len2, value, value_size,
+	       len);
+          if (result != ASN1_SUCCESS)
+	    return result;
+	}
+      break;
+    case ASN1_ETYPE_OBJECT_ID:
+      if (node->type & CONST_ASSIGN)
+	{
+	  *len = 0;
+	  if (value)
+	    value[0] = 0;
+	  p = node->down;
+	  while (p)
+	    {
+	      if (type_field (p->type) == ASN1_ETYPE_CONSTANT)
+		{
+		  ADD_STR_VALUE (value, value_size, p->value);
+		  if (p->right)
+		    {
+		      ADD_STR_VALUE (value, value_size, ".");
+		    }
+		}
+	      p = p->right;
+	    }
+	  (*len)++;
+	}
+      else if ((node->type & CONST_DEFAULT) && (node->value == NULL))
+	{
+	  p = node->down;
+	  while (type_field (p->type) != ASN1_ETYPE_DEFAULT)
+	    p = p->right;
+	  PUT_STR_VALUE (value, value_size, p->value);
+	}
+      else
+	{
+	  PUT_STR_VALUE (value, value_size, node->value);
+	}
+      break;
+    case ASN1_ETYPE_GENERALIZED_TIME:
+    case ASN1_ETYPE_UTC_TIME:
+      PUT_AS_STR_VALUE (value, value_size, node->value, node->value_len);
+      break;
+    case ASN1_ETYPE_OCTET_STRING:
+    case ASN1_ETYPE_GENERALSTRING:
+    case ASN1_ETYPE_NUMERIC_STRING:
+    case ASN1_ETYPE_IA5_STRING:
+    case ASN1_ETYPE_TELETEX_STRING:
+    case ASN1_ETYPE_PRINTABLE_STRING:
+    case ASN1_ETYPE_UNIVERSAL_STRING:
+    case ASN1_ETYPE_BMP_STRING:
+    case ASN1_ETYPE_UTF8_STRING:
+    case ASN1_ETYPE_VISIBLE_STRING:
+      len2 = -1;
+      result = asn1_get_octet_der
+	  (node->value, node->value_len, &len2, value, value_size,
+	   len);
+      if (result != ASN1_SUCCESS)
+	return result;
+      break;
+    case ASN1_ETYPE_BIT_STRING:
+      len2 = -1;
+      result = asn1_get_bit_der
+	  (node->value, node->value_len, &len2, value, value_size,
+	   len);
+      if (result != ASN1_SUCCESS)
+	return result;
+      break;
+    case ASN1_ETYPE_CHOICE:
+      PUT_STR_VALUE (value, value_size, node->down->name);
+      break;
+    case ASN1_ETYPE_ANY:
+      len3 = -1;
+      len2 = asn1_get_length_der (node->value, node->value_len, &len3);
+      if (len2 < 0)
+	return ASN1_DER_ERROR;
+      PUT_VALUE (value, value_size, node->value + len3, len2);
+      break;
+    default:
+      return ASN1_ELEMENT_NOT_FOUND;
+      break;
+    }
+  return ASN1_SUCCESS;
+}
+
+
+/**
+ * asn1_read_tag:
+ * @root: pointer to a structure
+ * @name: the name of the element inside a structure.
+ * @tagValue:  variable that will contain the TAG value.
+ * @classValue: variable that will specify the TAG type.
+ *
+ * Returns the TAG and the CLASS of one element inside a structure.
+ * CLASS can have one of these constants: %ASN1_CLASS_APPLICATION,
+ * %ASN1_CLASS_UNIVERSAL, %ASN1_CLASS_PRIVATE or
+ * %ASN1_CLASS_CONTEXT_SPECIFIC.
+ *
+ * Returns: %ASN1_SUCCESS if successful, %ASN1_ELEMENT_NOT_FOUND if
+ *   @name is not a valid element.
+ **/
+int
+asn1_read_tag (asn1_node_const root, const char *name, int *tagValue,
+	       int *classValue)
+{
+  asn1_node node, p, pTag;
+
+  node = asn1_find_node (root, name);
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  p = node->down;
+
+  /* pTag will points to the IMPLICIT TAG */
+  pTag = NULL;
+  if (node->type & CONST_TAG)
+    {
+      while (p)
+	{
+	  if (type_field (p->type) == ASN1_ETYPE_TAG)
+	    {
+	      if ((p->type & CONST_IMPLICIT) && (pTag == NULL))
+		pTag = p;
+	      else if (p->type & CONST_EXPLICIT)
+		pTag = NULL;
+	    }
+	  p = p->right;
+	}
+    }
+
+  if (pTag)
+    {
+      *tagValue = _asn1_strtoul (pTag->value, NULL, 10);
+
+      if (pTag->type & CONST_APPLICATION)
+	*classValue = ASN1_CLASS_APPLICATION;
+      else if (pTag->type & CONST_UNIVERSAL)
+	*classValue = ASN1_CLASS_UNIVERSAL;
+      else if (pTag->type & CONST_PRIVATE)
+	*classValue = ASN1_CLASS_PRIVATE;
+      else
+	*classValue = ASN1_CLASS_CONTEXT_SPECIFIC;
+    }
+  else
+    {
+      unsigned type = type_field (node->type);
+      *classValue = ASN1_CLASS_UNIVERSAL;
+
+      switch (type)
+	{
+	CASE_HANDLED_ETYPES:
+	  *tagValue = _asn1_tags[type].tag;
+	  break;
+	case ASN1_ETYPE_TAG:
+	case ASN1_ETYPE_CHOICE:
+	case ASN1_ETYPE_ANY:
+	  *tagValue = -1;
+	  break;
+	default:
+	  break;
+	}
+    }
+
+  return ASN1_SUCCESS;
+}
+
+/**
+ * asn1_read_node_value:
+ * @node: pointer to a node.
+ * @data: a point to a asn1_data_node_st
+ *
+ * Returns the value a data node inside a asn1_node structure.
+ * The data returned should be handled as constant values.
+ *
+ * Returns: %ASN1_SUCCESS if the node exists.
+ **/
+int
+asn1_read_node_value (asn1_node_const node, asn1_data_node_st * data)
+{
+  data->name = node->name;
+  data->value = node->value;
+  data->value_len = node->value_len;
+  data->type = type_field (node->type);
+
+  return ASN1_SUCCESS;
+}
diff --git a/lib/minitasn1/element.h b/lib/minitasn1/element.h
new file mode 100644
index 0000000..717bfaf
--- /dev/null
+++ b/lib/minitasn1/element.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2000-2021 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * The LIBTASN1 library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA
+ */
+
+#ifndef _ELEMENT_H
+#define _ELEMENT_H
+
+
+struct node_tail_cache_st
+{
+	asn1_node head; /* the first element of the sequence */
+	asn1_node tail;
+};
+
+int _asn1_append_sequence_set (asn1_node node, struct node_tail_cache_st *pcached);
+
+int _asn1_convert_integer (const unsigned char *value,
+			   unsigned char *value_out,
+			   int value_out_size, int *len);
+
+void _asn1_hierarchical_name (asn1_node_const node, char *name, int name_size);
+
+#endif
diff --git a/lib/minitasn1/errors.c b/lib/minitasn1/errors.c
new file mode 100644
index 0000000..a3daad4
--- /dev/null
+++ b/lib/minitasn1/errors.c
@@ -0,0 +1,100 @@
+/*
+ * Copyright (C) 2002-2021 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * The LIBTASN1 library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA
+ */
+
+#include <int.h>
+#ifdef STDC_HEADERS
+#include <stdarg.h>
+#endif
+
+#define LIBTASN1_ERROR_ENTRY(name) { #name, name }
+
+struct libtasn1_error_entry
+{
+  const char *name;
+  int number;
+};
+typedef struct libtasn1_error_entry libtasn1_error_entry;
+
+static const libtasn1_error_entry error_algorithms[] = {
+  LIBTASN1_ERROR_ENTRY (ASN1_SUCCESS),
+  LIBTASN1_ERROR_ENTRY (ASN1_FILE_NOT_FOUND),
+  LIBTASN1_ERROR_ENTRY (ASN1_ELEMENT_NOT_FOUND),
+  LIBTASN1_ERROR_ENTRY (ASN1_IDENTIFIER_NOT_FOUND),
+  LIBTASN1_ERROR_ENTRY (ASN1_DER_ERROR),
+  LIBTASN1_ERROR_ENTRY (ASN1_VALUE_NOT_FOUND),
+  LIBTASN1_ERROR_ENTRY (ASN1_GENERIC_ERROR),
+  LIBTASN1_ERROR_ENTRY (ASN1_VALUE_NOT_VALID),
+  LIBTASN1_ERROR_ENTRY (ASN1_TAG_ERROR),
+  LIBTASN1_ERROR_ENTRY (ASN1_TAG_IMPLICIT),
+  LIBTASN1_ERROR_ENTRY (ASN1_ERROR_TYPE_ANY),
+  LIBTASN1_ERROR_ENTRY (ASN1_SYNTAX_ERROR),
+  LIBTASN1_ERROR_ENTRY (ASN1_MEM_ERROR),
+  LIBTASN1_ERROR_ENTRY (ASN1_MEM_ALLOC_ERROR),
+  LIBTASN1_ERROR_ENTRY (ASN1_DER_OVERFLOW),
+  LIBTASN1_ERROR_ENTRY (ASN1_NAME_TOO_LONG),
+  LIBTASN1_ERROR_ENTRY (ASN1_ARRAY_ERROR),
+  LIBTASN1_ERROR_ENTRY (ASN1_ELEMENT_NOT_EMPTY),
+  LIBTASN1_ERROR_ENTRY (ASN1_TIME_ENCODING_ERROR),
+  LIBTASN1_ERROR_ENTRY (ASN1_RECURSION),
+  {0, 0}
+};
+
+/**
+ * asn1_perror:
+ * @error: is an error returned by a libtasn1 function.
+ *
+ * Prints a string to stderr with a description of an error.  This
+ * function is like perror().  The only difference is that it accepts
+ * an error returned by a libtasn1 function.
+ *
+ * Since: 1.6
+ **/
+void
+asn1_perror (int error)
+{
+  const char *str = asn1_strerror (error);
+  fprintf (stderr, "LIBTASN1 ERROR: %s\n", str ? str : "(null)");
+}
+
+/**
+ * asn1_strerror:
+ * @error: is an error returned by a libtasn1 function.
+ *
+ * Returns a string with a description of an error.  This function is
+ * similar to strerror.  The only difference is that it accepts an
+ * error (number) returned by a libtasn1 function.
+ *
+ * Returns: Pointer to static zero-terminated string describing error
+ *   code.
+ *
+ * Since: 1.6
+ **/
+const char *
+asn1_strerror (int error)
+{
+  const libtasn1_error_entry *p;
+
+  for (p = error_algorithms; p->name != NULL; p++)
+    if (p->number == error)
+      return p->name + sizeof ("ASN1_") - 1;
+
+  return NULL;
+}
diff --git a/lib/minitasn1/gstr.c b/lib/minitasn1/gstr.c
new file mode 100644
index 0000000..1475ed5
--- /dev/null
+++ b/lib/minitasn1/gstr.c
@@ -0,0 +1,74 @@
+/*
+ * Copyright (C) 2002-2021 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * The LIBTASN1 library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA
+ */
+
+#include <int.h>
+#include "gstr.h"
+
+/* These function are like strcat, strcpy. They only
+ * do bounds checking (they shouldn't cause buffer overruns),
+ * and they always produce null terminated strings.
+ *
+ * They should be used only with null terminated strings.
+ */
+void
+_asn1_str_cat (char *dest, size_t dest_tot_size, const char *src)
+{
+  size_t str_size = strlen (src);
+  size_t dest_size = strlen (dest);
+
+  if (dest_tot_size - dest_size > str_size)
+    {
+      strcat (dest, src);
+    }
+  else
+    {
+      if (dest_tot_size > dest_size)
+	{
+	  strncat (dest, src, (dest_tot_size - dest_size) - 1);
+	  dest[dest_tot_size - 1] = 0;
+	}
+    }
+}
+
+/* Returns the bytes copied (not including the null terminator) */
+unsigned int
+_asn1_str_cpy (char *dest, size_t dest_tot_size, const char *src)
+{
+  size_t str_size = strlen (src);
+
+  if (dest_tot_size > str_size)
+    {
+      strcpy (dest, src);
+      return str_size;
+    }
+  else
+    {
+      if (dest_tot_size > 0)
+	{
+	  str_size = dest_tot_size - 1;
+	  memcpy (dest, src, str_size);
+	  dest[str_size] = 0;
+	  return str_size;
+	}
+      else
+	return 0;
+    }
+}
diff --git a/lib/minitasn1/gstr.h b/lib/minitasn1/gstr.h
new file mode 100644
index 0000000..e549c77
--- /dev/null
+++ b/lib/minitasn1/gstr.h
@@ -0,0 +1,47 @@
+/*
+ * Copyright (C) 2002-2021 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * The LIBTASN1 library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA
+ */
+
+#ifndef GSTR_H
+# define GSTR_H
+
+unsigned int _asn1_str_cpy (char *dest, size_t dest_tot_size,
+			    const char *src);
+void _asn1_str_cat (char *dest, size_t dest_tot_size, const char *src);
+
+#define Estrcpy(x,y) _asn1_str_cpy(x,ASN1_MAX_ERROR_DESCRIPTION_SIZE,y)
+#define Estrcat(x,y) _asn1_str_cat(x,ASN1_MAX_ERROR_DESCRIPTION_SIZE,y)
+
+inline static
+void safe_memset(void *data, int c, size_t size)
+{
+	volatile unsigned volatile_zero = 0;
+	volatile char *vdata = (volatile char*)data;
+
+	/* This is based on a nice trick for safe memset,
+	 * sent by David Jacobson in the openssl-dev mailing list.
+	 */
+
+	if (size > 0) do {
+		memset(data, c, size);
+	} while(vdata[volatile_zero] != c);
+}
+
+#endif /* GSTR_H */
diff --git a/lib/minitasn1/int.h b/lib/minitasn1/int.h
new file mode 100644
index 0000000..57f1efd
--- /dev/null
+++ b/lib/minitasn1/int.h
@@ -0,0 +1,221 @@
+/*
+ * Copyright (C) 2002-2021 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * The LIBTASN1 library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA
+ */
+
+#ifndef INT_H
+#define INT_H
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <stdint.h>
+
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+
+#include <libtasn1.h>
+
+#define ASN1_SMALL_VALUE_SIZE 16
+
+/* This structure is also in libtasn1.h, but then contains less
+   fields.  You cannot make any modifications to these first fields
+   without breaking ABI.  */
+struct asn1_node_st
+{
+  /* public fields: */
+  char name[ASN1_MAX_NAME_SIZE + 1];	/* Node name */
+  unsigned int name_hash;
+  unsigned int type;		/* Node type */
+  unsigned char *value;		/* Node value */
+  int value_len;
+  asn1_node down;		/* Pointer to the son node */
+  asn1_node right;		/* Pointer to the brother node */
+  asn1_node left;		/* Pointer to the next list element */
+  /* private fields: */
+  unsigned char small_value[ASN1_SMALL_VALUE_SIZE];	/* For small values */
+
+  /* values used during decoding/coding */
+  int tmp_ival;
+  unsigned start; /* the start of the DER sequence - if decoded */
+  unsigned end; /* the end of the DER sequence - if decoded */
+};
+
+typedef struct tag_and_class_st
+{
+  unsigned tag;
+  unsigned class;
+  const char *desc;
+} tag_and_class_st;
+
+/* the types that are handled in _asn1_tags */
+#define CASE_HANDLED_ETYPES \
+	case ASN1_ETYPE_NULL: \
+	case ASN1_ETYPE_BOOLEAN: \
+	case ASN1_ETYPE_INTEGER: \
+	case ASN1_ETYPE_ENUMERATED: \
+	case ASN1_ETYPE_OBJECT_ID: \
+	case ASN1_ETYPE_OCTET_STRING: \
+	case ASN1_ETYPE_GENERALSTRING: \
+        case ASN1_ETYPE_NUMERIC_STRING: \
+        case ASN1_ETYPE_IA5_STRING: \
+        case ASN1_ETYPE_TELETEX_STRING: \
+        case ASN1_ETYPE_PRINTABLE_STRING: \
+        case ASN1_ETYPE_UNIVERSAL_STRING: \
+        case ASN1_ETYPE_BMP_STRING: \
+        case ASN1_ETYPE_UTF8_STRING: \
+        case ASN1_ETYPE_VISIBLE_STRING: \
+	case ASN1_ETYPE_BIT_STRING: \
+	case ASN1_ETYPE_SEQUENCE: \
+	case ASN1_ETYPE_SEQUENCE_OF: \
+	case ASN1_ETYPE_SET: \
+	case ASN1_ETYPE_UTC_TIME: \
+	case ASN1_ETYPE_GENERALIZED_TIME: \
+	case ASN1_ETYPE_SET_OF
+
+#define ETYPE_TAG(etype) (_asn1_tags[etype].tag)
+#define ETYPE_CLASS(etype) (_asn1_tags[etype].class)
+#define ETYPE_OK(etype) (((etype) != ASN1_ETYPE_INVALID && \
+                          (etype) <= _asn1_tags_size && \
+                          _asn1_tags[(etype)].desc != NULL)?1:0)
+
+#define ETYPE_IS_STRING(etype) ((etype == ASN1_ETYPE_GENERALSTRING || \
+	etype == ASN1_ETYPE_NUMERIC_STRING || etype == ASN1_ETYPE_IA5_STRING || \
+	etype == ASN1_ETYPE_TELETEX_STRING || etype == ASN1_ETYPE_PRINTABLE_STRING || \
+	etype == ASN1_ETYPE_UNIVERSAL_STRING || etype == ASN1_ETYPE_BMP_STRING || \
+	etype == ASN1_ETYPE_UTF8_STRING || etype == ASN1_ETYPE_VISIBLE_STRING || \
+	etype == ASN1_ETYPE_OCTET_STRING)?1:0)
+
+extern unsigned int _asn1_tags_size;
+extern const tag_and_class_st _asn1_tags[];
+
+#define _asn1_strlen(s) strlen((const char *) s)
+#define _asn1_strtol(n,e,b) strtol((const char *) n, e, b)
+#define _asn1_strtoul(n,e,b) strtoul((const char *) n, e, b)
+#define _asn1_strcmp(a,b) strcmp((const char *)a, (const char *)b)
+#define _asn1_strcpy(a,b) strcpy((char *)a, (const char *)b)
+#define _asn1_strcat(a,b) strcat((char *)a, (const char *)b)
+
+#if SIZEOF_UNSIGNED_LONG_INT == 8
+# define _asn1_strtou64(n,e,b) strtoul((const char *) n, e, b)
+#else
+# define _asn1_strtou64(n,e,b) strtoull((const char *) n, e, b)
+#endif
+
+#define MAX_LOG_SIZE 1024	/* maximum number of characters of a log message */
+
+/* Define used for visiting trees. */
+#define UP     1
+#define RIGHT  2
+#define DOWN   3
+
+/***********************************************************************/
+/* List of constants to better specify the type of typedef asn1_node_st.   */
+/***********************************************************************/
+/*  Used with TYPE_TAG  */
+#define CONST_UNIVERSAL   (1U<<8)
+#define CONST_PRIVATE     (1U<<9)
+#define CONST_APPLICATION (1U<<10)
+#define CONST_EXPLICIT    (1U<<11)
+#define CONST_IMPLICIT    (1U<<12)
+
+#define CONST_TAG         (1U<<13)	/*  Used in ASN.1 assignement  */
+#define CONST_OPTION      (1U<<14)
+#define CONST_DEFAULT     (1U<<15)
+#define CONST_TRUE        (1U<<16)
+#define CONST_FALSE       (1U<<17)
+
+#define CONST_LIST        (1U<<18)	/*  Used with TYPE_INTEGER and TYPE_BIT_STRING  */
+#define CONST_MIN_MAX     (1U<<19)
+
+#define CONST_1_PARAM     (1U<<20)
+
+#define CONST_SIZE        (1U<<21)
+
+#define CONST_DEFINED_BY  (1U<<22)
+
+/* Those two are deprecated and used for backwards compatibility */
+#define CONST_GENERALIZED (1U<<23)
+#define CONST_UTC         (1U<<24)
+
+/* #define CONST_IMPORTS     (1U<<25) */
+
+#define CONST_NOT_USED    (1U<<26)
+#define CONST_SET         (1U<<27)
+#define CONST_ASSIGN      (1U<<28)
+
+#define CONST_DOWN        (1U<<29)
+#define CONST_RIGHT       (1U<<30)
+
+
+#define ASN1_ETYPE_TIME 17
+/****************************************/
+/* Returns the first 8 bits.            */
+/* Used with the field type of asn1_node_st */
+/****************************************/
+inline static unsigned int
+type_field (unsigned int ntype)
+{
+  return (ntype & 0xff);
+}
+
+/* To convert old types from a static structure */
+inline static unsigned int
+convert_old_type (unsigned int ntype)
+{
+  unsigned int type = ntype & 0xff;
+  if (type == ASN1_ETYPE_TIME)
+    {
+      if (ntype & CONST_UTC)
+	type = ASN1_ETYPE_UTC_TIME;
+      else
+	type = ASN1_ETYPE_GENERALIZED_TIME;
+
+      ntype &= ~(CONST_UTC | CONST_GENERALIZED);
+      ntype &= 0xffffff00;
+      ntype |= type;
+
+      return ntype;
+    }
+  else
+    return ntype;
+}
+
+static inline
+void *_asn1_realloc(void *ptr, size_t size)
+{
+  void *ret;
+
+  if (size == 0)
+    return ptr;
+
+  ret = realloc(ptr, size);
+  if (ret == NULL)
+    {
+      free(ptr);
+    }
+  return ret;
+}
+
+#endif /* INT_H */
diff --git a/lib/minitasn1/libtasn1.h b/lib/minitasn1/libtasn1.h
new file mode 100644
index 0000000..c7c937f
--- /dev/null
+++ b/lib/minitasn1/libtasn1.h
@@ -0,0 +1,637 @@
+/*
+ * Copyright (C) 2002-2021 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * LIBTASN1 is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * LIBTASN1 is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with LIBTASN1; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA
+ *
+ */
+
+/**
+ * SECTION:libtasn1
+ * @short_description: GNU ASN.1 library
+ *
+ * The Libtasn1 library provides Abstract Syntax Notation One (ASN.1, as
+ * specified by the X.680 ITU-T recommendation) parsing and structures
+ * management, and Distinguished Encoding Rules (DER, as per X.690)
+ * encoding and decoding functions.
+ */
+
+
+#ifndef LIBTASN1_H
+#define LIBTASN1_H
+
+#ifndef ASN1_API
+#if defined ASN1_BUILDING && defined HAVE_VISIBILITY && HAVE_VISIBILITY
+#define ASN1_API __attribute__((__visibility__("default")))
+#elif defined ASN1_BUILDING && defined _MSC_VER && ! defined ASN1_STATIC
+#define ASN1_API __declspec(dllexport)
+#elif defined _MSC_VER && ! defined ASN1_STATIC
+#define ASN1_API __declspec(dllimport)
+#else
+#define ASN1_API
+#endif
+#endif
+
+#ifdef __GNUC__
+# define __LIBTASN1_CONST__  __attribute__((const))
+# define __LIBTASN1_PURE__  __attribute__((pure))
+#else
+# define __LIBTASN1_CONST__
+# define __LIBTASN1_PURE__
+#endif
+
+#include <sys/types.h>
+#include <time.h>
+#include <stdio.h>		/* for FILE* */
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+/**
+ * ASN1_VERSION:
+ *
+ * Version of the library as a string.
+ */
+#define ASN1_VERSION "4.17.0"
+
+/**
+ * ASN1_VERSION_MAJOR:
+ *
+ * Major version number of the library.
+ */
+#define ASN1_VERSION_MAJOR @MAJOR_VERSION@
+
+/**
+ * ASN1_VERSION_MINOR:
+ *
+ * Minor version number of the library.
+ */
+#define ASN1_VERSION_MINOR @MINOR_VERSION@
+
+/**
+ * ASN1_VERSION_PATCH:
+ *
+ * Patch version number of the library.
+ */
+#define ASN1_VERSION_PATCH @PATCH_VERSION@
+
+/**
+ * ASN1_VERSION_NUMBER:
+ *
+ * Version number of the library as a number.
+ */
+#define ASN1_VERSION_NUMBER @NUMBER_VERSION@
+
+
+#if defined __GNUC__ && !defined ASN1_INTERNAL_BUILD
+# define _ASN1_GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__)
+# if _ASN1_GCC_VERSION >= 30100
+#  define _ASN1_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__))
+# endif
+#endif
+
+#ifndef _ASN1_GCC_ATTR_DEPRECATED
+#define _ASN1_GCC_ATTR_DEPRECATED
+#endif
+
+/*****************************************/
+/* Errors returned by libtasn1 functions */
+/*****************************************/
+#define ASN1_SUCCESS			0
+#define ASN1_FILE_NOT_FOUND		1
+#define ASN1_ELEMENT_NOT_FOUND		2
+#define ASN1_IDENTIFIER_NOT_FOUND	3
+#define ASN1_DER_ERROR			4
+#define ASN1_VALUE_NOT_FOUND		5
+#define ASN1_GENERIC_ERROR		6
+#define ASN1_VALUE_NOT_VALID		7
+#define ASN1_TAG_ERROR			8
+#define ASN1_TAG_IMPLICIT		9
+#define ASN1_ERROR_TYPE_ANY		10
+#define ASN1_SYNTAX_ERROR		11
+#define ASN1_MEM_ERROR			12
+#define ASN1_MEM_ALLOC_ERROR		13
+#define ASN1_DER_OVERFLOW		14
+#define ASN1_NAME_TOO_LONG		15
+#define ASN1_ARRAY_ERROR		16
+#define ASN1_ELEMENT_NOT_EMPTY		17
+#define ASN1_TIME_ENCODING_ERROR	18
+#define ASN1_RECURSION			19
+
+/*************************************/
+/* Constants used in asn1_visit_tree */
+/*************************************/
+#define ASN1_PRINT_NAME			1
+#define ASN1_PRINT_NAME_TYPE		2
+#define ASN1_PRINT_NAME_TYPE_VALUE	3
+#define ASN1_PRINT_ALL			4
+
+/*****************************************/
+/* Constants returned by asn1_read_tag   */
+/*****************************************/
+#define ASN1_CLASS_UNIVERSAL		0x00	/* old: 1 */
+#define ASN1_CLASS_APPLICATION		0x40	/* old: 2 */
+#define ASN1_CLASS_CONTEXT_SPECIFIC	0x80	/* old: 3 */
+#define ASN1_CLASS_PRIVATE		0xC0	/* old: 4 */
+#define ASN1_CLASS_STRUCTURED		0x20
+
+/*****************************************/
+/* Constants returned by asn1_read_tag   */
+/*****************************************/
+#define ASN1_TAG_BOOLEAN		0x01
+#define ASN1_TAG_INTEGER		0x02
+#define ASN1_TAG_SEQUENCE		0x10
+#define ASN1_TAG_SET			0x11
+#define ASN1_TAG_OCTET_STRING		0x04
+#define ASN1_TAG_BIT_STRING		0x03
+#define ASN1_TAG_UTCTime		0x17
+#define ASN1_TAG_GENERALIZEDTime	0x18
+#define ASN1_TAG_OBJECT_ID		0x06
+#define ASN1_TAG_ENUMERATED		0x0A
+#define ASN1_TAG_NULL			0x05
+#define ASN1_TAG_GENERALSTRING		0x1B
+#define ASN1_TAG_NUMERIC_STRING		0x12
+#define ASN1_TAG_IA5_STRING		0x16
+#define ASN1_TAG_TELETEX_STRING		0x14
+#define ASN1_TAG_PRINTABLE_STRING	0x13
+#define ASN1_TAG_UNIVERSAL_STRING	0x1C
+#define ASN1_TAG_BMP_STRING		0x1E
+#define ASN1_TAG_UTF8_STRING		0x0C
+#define ASN1_TAG_VISIBLE_STRING		0x1A
+
+/**
+ * asn1_node:
+ *
+ * Structure definition used for the node of the tree
+ * that represents an ASN.1 DEFINITION.
+ */
+typedef struct asn1_node_st asn1_node_st;
+
+typedef asn1_node_st *asn1_node;
+typedef const asn1_node_st *asn1_node_const;
+
+/**
+ * ASN1_MAX_NAME_SIZE:
+ *
+ * Maximum number of characters of a name
+ * inside a file with ASN1 definitions.
+ */
+#define ASN1_MAX_NAME_SIZE 64
+
+
+/**
+ * asn1_static_node:
+ * @name: Node name
+ * @type: Node typ
+ * @value: Node value
+ *
+ * For the on-disk format of ASN.1 trees, created by asn1_parser2array().
+ */
+typedef struct asn1_static_node_st
+{
+  const char *name;		/* Node name */
+  unsigned int type;		/* Node type */
+  const void *value;		/* Node value */
+} asn1_static_node;
+
+/* List of constants for field type of asn1_static_node */
+#define ASN1_ETYPE_INVALID        0
+#define ASN1_ETYPE_CONSTANT       1
+#define ASN1_ETYPE_IDENTIFIER     2
+#define ASN1_ETYPE_INTEGER        3
+#define ASN1_ETYPE_BOOLEAN        4
+#define ASN1_ETYPE_SEQUENCE       5
+#define ASN1_ETYPE_BIT_STRING     6
+#define ASN1_ETYPE_OCTET_STRING   7
+#define ASN1_ETYPE_TAG            8
+#define ASN1_ETYPE_DEFAULT        9
+#define ASN1_ETYPE_SIZE          10
+#define ASN1_ETYPE_SEQUENCE_OF   11
+#define ASN1_ETYPE_OBJECT_ID     12
+#define ASN1_ETYPE_ANY           13
+#define ASN1_ETYPE_SET           14
+#define ASN1_ETYPE_SET_OF        15
+#define ASN1_ETYPE_DEFINITIONS   16
+#define ASN1_ETYPE_CHOICE        18
+#define ASN1_ETYPE_IMPORTS       19
+#define ASN1_ETYPE_NULL          20
+#define ASN1_ETYPE_ENUMERATED    21
+#define ASN1_ETYPE_GENERALSTRING 27
+#define ASN1_ETYPE_NUMERIC_STRING 28
+#define ASN1_ETYPE_IA5_STRING     29
+#define ASN1_ETYPE_TELETEX_STRING 30
+#define ASN1_ETYPE_PRINTABLE_STRING 31
+#define ASN1_ETYPE_UNIVERSAL_STRING 32
+#define ASN1_ETYPE_BMP_STRING     33
+#define ASN1_ETYPE_UTF8_STRING    34
+#define ASN1_ETYPE_VISIBLE_STRING 35
+#define ASN1_ETYPE_UTC_TIME       36
+#define ASN1_ETYPE_GENERALIZED_TIME 37
+
+/**
+ * ASN1_DELETE_FLAG_ZEROIZE:
+ *
+ * Used by: asn1_delete_structure2()
+ *
+ * Zeroize values prior to deinitialization.
+ */
+#define ASN1_DELETE_FLAG_ZEROIZE 1
+
+/**
+ * ASN1_DECODE_FLAG_ALLOW_PADDING:
+ *
+ * Used by: asn1_der_decoding2()
+ *
+ * This flag would allow arbitrary data past the DER data.
+ */
+#define ASN1_DECODE_FLAG_ALLOW_PADDING 1
+/**
+ * ASN1_DECODE_FLAG_STRICT_DER:
+ *
+ * Used by: asn1_der_decoding2()
+ *
+ * This flag would ensure that no BER decoding takes place.
+ */
+#define ASN1_DECODE_FLAG_STRICT_DER (1<<1)
+/**
+ * ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME:
+ *
+ * Used by: asn1_der_decoding2()
+ *
+ * This flag will tolerate Time encoding errors when in strict DER.
+ */
+#define ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME (1<<2)
+
+
+/**
+ * asn1_data_node_st:
+ * @name: Node name
+ * @value: Node value
+ * @value_len: Node value size
+ * @type: Node value type (ASN1_ETYPE_*)
+ *
+ * Data node inside a #asn1_node structure.
+ */
+struct asn1_data_node_st
+{
+  const char *name;		/* Node name */
+  const void *value;		/* Node value */
+  unsigned int value_len;	/* Node value size */
+  unsigned int type;		/* Node value type (ASN1_ETYPE_*) */
+};
+typedef struct asn1_data_node_st asn1_data_node_st;
+
+/***********************************/
+/*  Fixed constants                */
+/***********************************/
+
+/**
+ * ASN1_MAX_ERROR_DESCRIPTION_SIZE:
+ *
+ * Maximum number of characters
+ * of a description message
+ * (null character included).
+ */
+#define ASN1_MAX_ERROR_DESCRIPTION_SIZE 128
+
+/***********************************/
+/*  Functions definitions          */
+/***********************************/
+
+extern ASN1_API int
+  asn1_parser2tree (const char *file,
+		      asn1_node * definitions, char *error_desc);
+
+extern ASN1_API int
+  asn1_parser2array (const char *inputFileName,
+		       const char *outputFileName,
+		       const char *vectorName, char *error_desc);
+
+extern ASN1_API int
+  asn1_array2tree (const asn1_static_node * array,
+		     asn1_node * definitions, char *errorDescription);
+
+extern ASN1_API void
+  asn1_print_structure (FILE * out, asn1_node_const structure,
+			  const char *name, int mode);
+
+extern ASN1_API int
+  asn1_create_element (asn1_node_const definitions,
+			 const char *source_name, asn1_node * element);
+
+extern ASN1_API int asn1_delete_structure (asn1_node * structure);
+
+extern ASN1_API int asn1_delete_structure2 (asn1_node * structure, unsigned int flags);
+
+extern ASN1_API int
+  asn1_delete_element (asn1_node structure, const char *element_name);
+
+extern ASN1_API int
+  asn1_write_value (asn1_node node_root, const char *name,
+		      const void *ivalue, int len);
+
+extern ASN1_API int
+  asn1_read_value (asn1_node_const root, const char *name,
+		     void *ivalue, int *len);
+
+extern ASN1_API int
+  asn1_read_value_type (asn1_node_const root, const char *name,
+			  void *ivalue, int *len, unsigned int *etype);
+
+extern ASN1_API int
+  asn1_read_node_value (asn1_node_const node, asn1_data_node_st * data);
+
+extern ASN1_API int
+  asn1_number_of_elements (asn1_node_const element, const char *name, int *num);
+
+extern ASN1_API int
+  asn1_der_coding (asn1_node_const element, const char *name,
+		     void *ider, int *len, char *ErrorDescription);
+
+extern ASN1_API int
+  asn1_der_decoding2 (asn1_node *element, const void *ider,
+			int *max_ider_len, unsigned int flags,
+			char *errorDescription);
+
+extern ASN1_API int
+  asn1_der_decoding (asn1_node * element, const void *ider,
+		       int ider_len, char *errorDescription);
+
+/* Do not use. Use asn1_der_decoding() instead. */
+extern ASN1_API int
+  asn1_der_decoding_element (asn1_node * structure,
+			       const char *elementName,
+			       const void *ider, int len,
+			       char *errorDescription) _ASN1_GCC_ATTR_DEPRECATED;
+
+extern ASN1_API int
+  asn1_der_decoding_startEnd (asn1_node element,
+				const void *ider, int ider_len,
+				const char *name_element,
+				int *start, int *end);
+
+extern ASN1_API int
+  asn1_expand_any_defined_by (asn1_node_const definitions, asn1_node * element);
+
+extern ASN1_API int
+  asn1_expand_octet_string (asn1_node_const definitions,
+			      asn1_node * element,
+			      const char *octetName, const char *objectName);
+
+extern ASN1_API int
+  asn1_read_tag (asn1_node_const root, const char *name,
+		   int *tagValue, int *classValue);
+
+extern ASN1_API const char *asn1_find_structure_from_oid (asn1_node_const
+							    definitions,
+							    const char
+							    *oidValue);
+
+__LIBTASN1_PURE__
+extern ASN1_API const char *asn1_check_version (const char *req_version);
+
+__LIBTASN1_PURE__
+extern ASN1_API const char *asn1_strerror (int error);
+
+extern ASN1_API void asn1_perror (int error);
+
+#define ASN1_MAX_TAG_SIZE 4
+#define ASN1_MAX_LENGTH_SIZE 9
+#define ASN1_MAX_TL_SIZE (ASN1_MAX_TAG_SIZE+ASN1_MAX_LENGTH_SIZE)
+extern ASN1_API long
+  asn1_get_length_der (const unsigned char *der, int der_len, int *len);
+
+extern ASN1_API long
+  asn1_get_length_ber (const unsigned char *ber, int ber_len, int *len);
+
+extern ASN1_API void
+  asn1_length_der (unsigned long int len, unsigned char *der, int *der_len);
+
+/* Other utility functions. */
+
+extern ASN1_API
+  int asn1_decode_simple_der (unsigned int etype, const unsigned char *der,
+				unsigned int _der_len,
+				const unsigned char **str,
+				unsigned int *str_len);
+
+extern ASN1_API
+  int asn1_decode_simple_ber (unsigned int etype, const unsigned char *der,
+				unsigned int _der_len,
+				unsigned char **str,
+				unsigned int *str_len,
+				unsigned int *ber_len);
+
+extern ASN1_API int
+  asn1_encode_simple_der (unsigned int etype, const unsigned char *str,
+			    unsigned int str_len, unsigned char *tl,
+			    unsigned int *tl_len);
+
+extern ASN1_API asn1_node
+  asn1_find_node (asn1_node_const pointer, const char *name);
+
+extern ASN1_API int
+  asn1_copy_node (asn1_node dst, const char *dst_name,
+		    asn1_node_const src, const char *src_name);
+extern ASN1_API asn1_node
+  asn1_dup_node (asn1_node_const src, const char *src_name);
+
+/* Internal and low-level DER utility functions. */
+
+extern ASN1_API int
+  asn1_get_tag_der (const unsigned char *der, int der_len,
+		      unsigned char *cls, int *len, unsigned long *tag);
+
+extern ASN1_API void
+  asn1_octet_der (const unsigned char *str, int str_len,
+		    unsigned char *der, int *der_len);
+
+extern ASN1_API int
+  asn1_get_octet_der (const unsigned char *der, int der_len,
+			int *ret_len, unsigned char *str,
+			int str_size, int *str_len);
+
+extern ASN1_API void asn1_bit_der (const unsigned char *str, int bit_len,
+				     unsigned char *der, int *der_len);
+
+extern ASN1_API int
+  asn1_get_bit_der (const unsigned char *der, int der_len,
+		      int *ret_len, unsigned char *str,
+		      int str_size, int *bit_len);
+
+extern ASN1_API int
+  asn1_get_object_id_der (const unsigned char *der,
+                          int der_len, int *ret_len,
+                          char *str, int str_size);
+
+extern ASN1_API int
+  asn1_object_id_der (const char *str, unsigned char *der, int *der_len,
+                      unsigned flags);
+
+/* Compatibility types */
+
+/**
+ * asn1_retCode:
+ *
+ * Type formerly returned by libtasn1 functions.
+ *
+ * Deprecated: 3.0: Use int instead.
+ */
+typedef int asn1_retCode _ASN1_GCC_ATTR_DEPRECATED;
+
+/**
+ * node_asn_struct:
+ *
+ * Compat #define.
+ *
+ * Deprecated: 3.0: Use #asn1_node instead.
+ */
+#ifndef ASN1_DISABLE_DEPRECATED
+#if _ASN1_GCC_VERSION >= 30100
+#define node_asn_struct _Pragma ("GCC warning \"'node_asn_struct' macro is deprecated, use 'asn1_node' instead.\"") asn1_node_st
+#else
+#define node_asn_struct asn1_node_st
+#endif
+#endif /* !ASN1_DISABLE_DEPRECATED */
+
+/**
+ * node_asn:
+ *
+ * Compat #define.
+ *
+ * Deprecated: 3.0: Use #asn1_node instead.
+ */
+#ifndef ASN1_DISABLE_DEPRECATED
+#if _ASN1_GCC_VERSION >= 30100
+#define node_asn _Pragma ("GCC warning \"'node_asn' macro is deprecated, use 'asn1_node' instead.\"") asn1_node_st
+#else
+#define node_asn asn1_node_st
+#endif
+#endif /* !ASN1_DISABLE_DEPRECATED */
+
+/**
+ * ASN1_TYPE:
+ *
+ * Compat #define.
+ *
+ * Deprecated: 3.0: Use #asn1_node instead.
+ */
+#ifndef ASN1_DISABLE_DEPRECATED
+#if _ASN1_GCC_VERSION >= 30100
+#define ASN1_TYPE _Pragma ("GCC warning \"'ASN1_TYPE' macro is deprecated, use 'asn1_node' instead.\"") asn1_node
+#else
+#define ASN1_TYPE asn1_node
+#endif
+#endif /* !ASN1_DISABLE_DEPRECATED */
+
+/**
+ * ASN1_TYPE_EMPTY:
+ *
+ * Compat #define.
+ *
+ * Deprecated: 3.0: Use NULL instead.
+ */
+#ifndef ASN1_DISABLE_DEPRECATED
+#if _ASN1_GCC_VERSION >= 30100
+#define ASN1_TYPE_EMPTY _Pragma ("GCC warning \"'ASN1_TYPE_EMPTY' macro is deprecated, use 'NULL' instead.\"") NULL
+#else
+#define ASN1_TYPE_EMPTY NULL
+#endif
+#endif /* !ASN1_DISABLE_DEPRECATED */
+
+/**
+ * static_struct_asn:
+ *
+ * Compat #define.
+ *
+ * Deprecated: 3.0: Use #asn1_static_node instead.
+ */
+#ifndef ASN1_DISABLE_DEPRECATED
+#if _ASN1_GCC_VERSION >= 30100
+#define static_struct_asn _Pragma ("GCC warning \"'static_struct_asn' macro is deprecated, use 'asn1_static_node_st' instead.\"") asn1_static_node_st
+#else
+#define static_struct_asn asn1_static_node_st
+#endif
+#endif /* !ASN1_DISABLE_DEPRECATED */
+
+/**
+ * ASN1_ARRAY_TYPE:
+ *
+ * Compat #define.
+ *
+ * Deprecated: 3.0: Use #asn1_static_node instead.
+ */
+#ifndef ASN1_DISABLE_DEPRECATED
+#if _ASN1_GCC_VERSION >= 30100
+#define ASN1_ARRAY_TYPE _Pragma ("GCC warning \"'ASN1_ARRAY_TYPE' macro is deprecated, use 'asn1_static_node' instead.\"") asn1_static_node
+#else
+#define ASN1_ARRAY_TYPE asn1_static_node
+#endif
+#endif /* !ASN1_DISABLE_DEPRECATED */
+
+/**
+ * asn1_static_node_t:
+ *
+ * Compat #define.
+ *
+ * Deprecated: 3.0: Use #asn1_static_node instead.
+ */
+#ifndef ASN1_DISABLE_DEPRECATED
+#if _ASN1_GCC_VERSION >= 30100
+#define asn1_static_node_t _Pragma ("GCC warning \"'asn1_static_node_t' macro is deprecated, use 'asn1_static_node' instead.\"") asn1_static_node
+#else
+#define asn1_static_node_t asn1_static_node
+#endif
+#endif /* !ASN1_DISABLE_DEPRECATED */
+
+/**
+ * node_data_struct:
+ *
+ * Compat #define.
+ *
+ * Deprecated: 3.0: Use #asn1_data_node_st instead.
+ */
+#ifndef ASN1_DISABLE_DEPRECATED
+#if _ASN1_GCC_VERSION >= 30100
+#define node_data_struct _Pragma ("GCC warning \"'node_data_struct' macro is deprecated, use 'asn1_data_node_st' instead.\"") asn1_data_node_st
+#else
+#define node_data_struct asn1_data_node_st
+#endif
+#endif /* !ASN1_DISABLE_DEPRECATED */
+
+/**
+ * ASN1_DATA_NODE:
+ *
+ * Compat #define.
+ *
+ * Deprecated: 3.0: Use #asn1_data_node_st instead.
+ */
+#ifndef ASN1_DISABLE_DEPRECATED
+#if _ASN1_GCC_VERSION >= 30100
+#define ASN1_DATA_NODE _Pragma ("GCC warning \"'asn1_static_node_t' macro is deprecated, use 'asn1_static_node' instead.\"") asn1_data_node_st
+#else
+#define ASN1_DATA_NODE asn1_data_node_st
+#endif
+#endif /* !ASN1_DISABLE_DEPRECATED */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif				/* LIBTASN1_H */
diff --git a/lib/minitasn1/parser_aux.c b/lib/minitasn1/parser_aux.c
new file mode 100644
index 0000000..bb88ab9
--- /dev/null
+++ b/lib/minitasn1/parser_aux.c
@@ -0,0 +1,1173 @@
+/*
+ * Copyright (C) 2000-2021 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * The LIBTASN1 library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA
+ */
+
+#include <limits.h> // WORD_BIT
+
+#include "int.h"
+#include "parser_aux.h"
+#include "gstr.h"
+#include "structure.h"
+#include "element.h"
+#include "c-ctype.h"
+
+char _asn1_identifierMissing[ASN1_MAX_NAME_SIZE + 1];	/* identifier name not found */
+
+/* Return a hash of the N bytes of X using the method described by
+   Bruno Haible in https://www.haible.de/bruno/hashfunc.html.
+   Note that while many hash functions reduce their result via modulo
+   to a 0..table_size-1 range, this function does not do that.
+
+   This implementation has been changed from size_t -> unsigned int. */
+
+#ifdef __clang__
+__attribute__((no_sanitize("integer")))
+#endif
+_GL_ATTRIBUTE_PURE
+static unsigned int
+_asn1_hash_name (const char *x)
+{
+  const unsigned char *s = (unsigned char *) x;
+  unsigned h = 0;
+
+  while (*s)
+    h = (*s++) + ((h << 9) | (h >> (WORD_BIT - 9)));
+
+  return h;
+}
+
+/******************************************************/
+/* Function : _asn1_add_static_node                   */
+/* Description: creates a new NODE_ASN element and    */
+/* puts it in the list pointed by e_list.       */
+/* Parameters:                                        */
+/*   e_list: of type list_type; must be NULL initially */
+/*   type: type of the new element (see ASN1_ETYPE_   */
+/*         and CONST_ constants).                     */
+/* Return: pointer to the new element.                */
+/******************************************************/
+asn1_node
+_asn1_add_static_node (list_type **e_list, unsigned int type)
+{
+  list_type *p;
+  asn1_node punt;
+
+  punt = calloc (1, sizeof (struct asn1_node_st));
+  if (punt == NULL)
+    return NULL;
+
+  p = malloc (sizeof (list_type));
+  if (p == NULL)
+    {
+      free (punt);
+      return NULL;
+    }
+
+  p->node = punt;
+  p->next = *e_list;
+  *e_list = p;
+
+  punt->type = type;
+
+  return punt;
+}
+
+static
+int _asn1_add_static_node2 (list_type **e_list, asn1_node node)
+{
+  list_type *p;
+
+  p = malloc (sizeof (list_type));
+  if (p == NULL)
+    {
+      return -1;
+    }
+
+  p->node = node;
+  p->next = *e_list;
+  *e_list = p;
+
+  return 0;
+}
+
+/**
+ * asn1_find_node:
+ * @pointer: NODE_ASN element pointer.
+ * @name: null terminated string with the element's name to find.
+ *
+ * Searches for an element called @name starting from @pointer.  The
+ * name is composed by different identifiers separated by dots.  When
+ * *@pointer has a name, the first identifier must be the name of
+ * *@pointer, otherwise it must be the name of one child of *@pointer.
+ *
+ * Returns: the search result, or %NULL if not found.
+ **/
+asn1_node
+asn1_find_node (asn1_node_const pointer, const char *name)
+{
+  asn1_node_const p;
+  char *n_end, n[ASN1_MAX_NAME_SIZE + 1];
+  const char *n_start;
+  unsigned int nsize;
+  unsigned int nhash;
+
+  if (pointer == NULL)
+    return NULL;
+
+  if (name == NULL)
+    return NULL;
+
+  p = pointer;
+  n_start = name;
+
+  if (name[0] == '?' && name[1] == 'C' && p->name[0] == '?')
+    { /* ?CURRENT */
+      n_start = strchr(n_start, '.');
+      if (n_start)
+        n_start++;
+    }
+  else if (p->name[0] != 0)
+    {				/* has *pointer got a name ? */
+      n_end = strchr (n_start, '.');	/* search the first dot */
+      if (n_end)
+	{
+	  nsize = n_end - n_start;
+	  if (nsize >= sizeof(n))
+		return NULL;
+
+	  memcpy (n, n_start, nsize);
+	  n[nsize] = 0;
+	  n_start = n_end;
+	  n_start++;
+
+	  nhash = _asn1_hash_name (n);
+	}
+      else
+	{
+	  _asn1_str_cpy (n, sizeof (n), n_start);
+	  nhash = _asn1_hash_name (n);
+
+	  n_start = NULL;
+	}
+
+      while (p)
+	{
+	  if (nhash == p->name_hash && (!strcmp (p->name, n)))
+	    break;
+	  else
+	    p = p->right;
+	}			/* while */
+
+      if (p == NULL)
+	return NULL;
+    }
+  else
+    {				/* *pointer doesn't have a name */
+      if (n_start[0] == 0)
+	return (asn1_node) p;
+    }
+
+  while (n_start)
+    {				/* Has the end of NAME been reached? */
+      n_end = strchr (n_start, '.');	/* search the next dot */
+      if (n_end)
+	{
+	  nsize = n_end - n_start;
+	  if (nsize >= sizeof(n))
+		return NULL;
+
+	  memcpy (n, n_start, nsize);
+	  n[nsize] = 0;
+	  n_start = n_end;
+	  n_start++;
+
+	  nhash = _asn1_hash_name (n);
+	}
+      else
+	{
+	  _asn1_str_cpy (n, sizeof (n), n_start);
+	  nhash = _asn1_hash_name (n);
+	  n_start = NULL;
+	}
+
+      if (p->down == NULL)
+	return NULL;
+
+      p = p->down;
+      if (p == NULL)
+        return NULL;
+
+      /* The identifier "?LAST" indicates the last element
+         in the right chain. */
+      if (n[0] == '?' && n[1] == 'L') /* ?LAST */
+	{
+	  while (p->right)
+	    p = p->right;
+	}
+      else
+	{			/* no "?LAST" */
+	  while (p)
+	    {
+	      if (p->name_hash == nhash && !strcmp (p->name, n))
+		break;
+	      else
+		p = p->right;
+	    }
+	}
+      if (p == NULL)
+        return NULL;
+    }				/* while */
+
+  return (asn1_node) p;
+}
+
+
+/******************************************************************/
+/* Function : _asn1_set_value                                     */
+/* Description: sets the field VALUE in a NODE_ASN element. The   */
+/*              previous value (if exist) will be lost            */
+/* Parameters:                                                    */
+/*   node: element pointer.                                       */
+/*   value: pointer to the value that you want to set.            */
+/*   len: character number of value.                              */
+/* Return: pointer to the NODE_ASN element.                       */
+/******************************************************************/
+asn1_node
+_asn1_set_value (asn1_node node, const void *value, unsigned int len)
+{
+  if (node == NULL)
+    return node;
+  if (node->value)
+    {
+      if (node->value != node->small_value)
+	free (node->value);
+      node->value = NULL;
+      node->value_len = 0;
+    }
+
+  if (!len)
+    return node;
+
+  if (len < sizeof (node->small_value))
+    {
+      node->value = node->small_value;
+    }
+  else
+    {
+      node->value = malloc (len);
+      if (node->value == NULL)
+	return NULL;
+    }
+  node->value_len = len;
+
+  memcpy (node->value, value, len);
+  return node;
+}
+
+/******************************************************************/
+/* Function : _asn1_set_value_lv                                  */
+/* Description: sets the field VALUE in a NODE_ASN element. The   */
+/*              previous value (if exist) will be lost. The value */
+/*		given is stored as an length-value format (LV     */
+/* Parameters:                                                    */
+/*   node: element pointer.                                       */
+/*   value: pointer to the value that you want to set.            */
+/*   len: character number of value.                              */
+/* Return: pointer to the NODE_ASN element.                       */
+/******************************************************************/
+asn1_node
+_asn1_set_value_lv (asn1_node node, const void *value, unsigned int len)
+{
+  int len2;
+  void *temp;
+
+  if (node == NULL)
+    return node;
+
+  asn1_length_der (len, NULL, &len2);
+  temp = malloc (len + len2);
+  if (temp == NULL)
+    return NULL;
+
+  asn1_octet_der (value, len, temp, &len2);
+  return _asn1_set_value_m (node, temp, len2);
+}
+
+/* the same as _asn1_set_value except that it sets an already malloc'ed
+ * value.
+ */
+asn1_node
+_asn1_set_value_m (asn1_node node, void *value, unsigned int len)
+{
+  if (node == NULL)
+    return node;
+
+  if (node->value)
+    {
+      if (node->value != node->small_value)
+	free (node->value);
+      node->value = NULL;
+      node->value_len = 0;
+    }
+
+  if (!len)
+    return node;
+
+  node->value = value;
+  node->value_len = len;
+
+  return node;
+}
+
+/******************************************************************/
+/* Function : _asn1_append_value                                  */
+/* Description: appends to the field VALUE in a NODE_ASN element. */
+/*							          */
+/* Parameters:                                                    */
+/*   node: element pointer.                                       */
+/*   value: pointer to the value that you want to be appended.    */
+/*   len: character number of value.                              */
+/* Return: pointer to the NODE_ASN element.                       */
+/******************************************************************/
+asn1_node
+_asn1_append_value (asn1_node node, const void *value, unsigned int len)
+{
+  if (node == NULL)
+    return node;
+
+  if (node->value == NULL)
+    return _asn1_set_value (node, value, len);
+
+  if (len == 0)
+    return node;
+
+  if (node->value == node->small_value)
+    {
+      /* value is in node */
+      int prev_len = node->value_len;
+      node->value_len += len;
+      node->value = malloc (node->value_len);
+      if (node->value == NULL)
+	{
+	  node->value_len = 0;
+	  return NULL;
+	}
+
+      if (prev_len > 0)
+        memcpy (node->value, node->small_value, prev_len);
+
+      memcpy (&node->value[prev_len], value, len);
+
+      return node;
+    }
+  else /* if (node->value != NULL && node->value != node->small_value) */
+    {
+      /* value is allocated */
+      int prev_len = node->value_len;
+      node->value_len += len;
+
+      node->value = _asn1_realloc (node->value, node->value_len);
+      if (node->value == NULL)
+	{
+	  node->value_len = 0;
+	  return NULL;
+	}
+
+      memcpy (&node->value[prev_len], value, len);
+
+      return node;
+    }
+}
+
+/******************************************************************/
+/* Function : _asn1_set_name                                      */
+/* Description: sets the field NAME in a NODE_ASN element. The    */
+/*              previous value (if exist) will be lost            */
+/* Parameters:                                                    */
+/*   node: element pointer.                                       */
+/*   name: a null terminated string with the name that you want   */
+/*         to set.                                                */
+/* Return: pointer to the NODE_ASN element.                       */
+/******************************************************************/
+asn1_node
+_asn1_set_name (asn1_node node, const char *name)
+{
+  if (node == NULL)
+    return node;
+
+  _asn1_str_cpy (node->name, sizeof (node->name), name ? name : "");
+  node->name_hash = _asn1_hash_name (node->name);
+
+  return node;
+}
+
+/******************************************************************/
+/* Function : _asn1_cpy_name                                      */
+/* Description: copies the field NAME in a NODE_ASN element.      */
+/* Parameters:                                                    */
+/*   dst: a dest element pointer.                                 */
+/*   src: a source element pointer.                               */
+/* Return: pointer to the NODE_ASN element.                       */
+/******************************************************************/
+asn1_node
+_asn1_cpy_name (asn1_node dst, asn1_node_const src)
+{
+  if (dst == NULL)
+    return dst;
+
+  if (src == NULL)
+    {
+      dst->name[0] = 0;
+      dst->name_hash = _asn1_hash_name (dst->name);
+      return dst;
+    }
+
+  _asn1_str_cpy (dst->name, sizeof (dst->name), src->name);
+  dst->name_hash = src->name_hash;
+
+  return dst;
+}
+
+/******************************************************************/
+/* Function : _asn1_set_right                                     */
+/* Description: sets the field RIGHT in a NODE_ASN element.       */
+/* Parameters:                                                    */
+/*   node: element pointer.                                       */
+/*   right: pointer to a NODE_ASN element that you want be pointed*/
+/*          by NODE.                                              */
+/* Return: pointer to *NODE.                                      */
+/******************************************************************/
+asn1_node
+_asn1_set_right (asn1_node node, asn1_node right)
+{
+  if (node == NULL)
+    return node;
+  node->right = right;
+  if (right)
+    right->left = node;
+  return node;
+}
+
+
+/******************************************************************/
+/* Function : _asn1_get_last_right                                */
+/* Description: return the last element along the right chain.    */
+/* Parameters:                                                    */
+/*   node: starting element pointer.                              */
+/* Return: pointer to the last element along the right chain.     */
+/******************************************************************/
+asn1_node
+_asn1_get_last_right (asn1_node_const node)
+{
+  asn1_node_const p;
+
+  if (node == NULL)
+    return NULL;
+  p = node;
+  while (p->right)
+    p = p->right;
+  return (asn1_node) p;
+}
+
+/******************************************************************/
+/* Function : _asn1_remove_node                                   */
+/* Description: gets free the memory allocated for an NODE_ASN    */
+/*              element (not the elements pointed by it).         */
+/* Parameters:                                                    */
+/*   node: NODE_ASN element pointer.                              */
+/*   flags: ASN1_DELETE_FLAG_*                                    */
+/******************************************************************/
+void
+_asn1_remove_node (asn1_node node, unsigned int flags)
+{
+  if (node == NULL)
+    return;
+
+  if (node->value != NULL)
+    {
+      if (flags & ASN1_DELETE_FLAG_ZEROIZE)
+        {
+          safe_memset(node->value, 0, node->value_len);
+        }
+
+      if (node->value != node->small_value)
+        free (node->value);
+    }
+  free (node);
+}
+
+/******************************************************************/
+/* Function : _asn1_find_up                                       */
+/* Description: return the father of the NODE_ASN element.        */
+/* Parameters:                                                    */
+/*   node: NODE_ASN element pointer.                              */
+/* Return: Null if not found.                                     */
+/******************************************************************/
+asn1_node
+_asn1_find_up (asn1_node_const node)
+{
+  asn1_node_const p;
+
+  if (node == NULL)
+    return NULL;
+
+  p = node;
+
+  while ((p->left != NULL) && (p->left->right == p))
+    p = p->left;
+
+  return p->left;
+}
+
+static
+unsigned _asn1_is_up (asn1_node_const up_cand, asn1_node_const down)
+{
+  asn1_node_const d, u;
+
+  if (up_cand == NULL || down == NULL)
+    return 0;
+
+  d = down;
+
+  while ((u = _asn1_find_up(d)) != NULL && u != d)
+    {
+      if (u == up_cand)
+        return 1;
+      d = u;
+    }
+
+  return 0;
+}
+
+/******************************************************************/
+/* Function : _asn1_delete_node_from_list                         */
+/* Description: deletes the list element given                    */
+/******************************************************************/
+void
+_asn1_delete_node_from_list (list_type *list, asn1_node node)
+{
+  list_type *p = list;
+
+  while (p)
+    {
+      if (p->node == node)
+        p->node = NULL;
+      p = p->next;
+    }
+}
+
+/******************************************************************/
+/* Function : _asn1_delete_list                                   */
+/* Description: deletes the list elements (not the elements       */
+/*  pointed by them).                                             */
+/******************************************************************/
+void
+_asn1_delete_list (list_type *e_list)
+{
+  list_type *p;
+
+  while (e_list)
+    {
+      p = e_list;
+      e_list = e_list->next;
+      free (p);
+    }
+}
+
+/******************************************************************/
+/* Function : _asn1_delete_list_and nodes                         */
+/* Description: deletes the list elements and the elements        */
+/*  pointed by them.                                              */
+/******************************************************************/
+void
+_asn1_delete_list_and_nodes (list_type *e_list)
+{
+  list_type *p;
+
+  while (e_list)
+    {
+      p = e_list;
+      e_list = e_list->next;
+      _asn1_remove_node (p->node, 0);
+      free (p);
+    }
+}
+
+
+char *
+_asn1_ltostr (int64_t v, char str[LTOSTR_MAX_SIZE])
+{
+  uint64_t d, r;
+  char temp[LTOSTR_MAX_SIZE];
+  int count, k, start;
+  uint64_t val;
+
+  if (v < 0)
+    {
+      str[0] = '-';
+      start = 1;
+      val = -((uint64_t)v);
+    }
+  else
+    {
+      val = v;
+      start = 0;
+    }
+
+  count = 0;
+  do
+    {
+      d = val / 10;
+      r = val - d * 10;
+      temp[start + count] = '0' + (char) r;
+      count++;
+      val = d;
+    }
+  while (val && ((start+count) < LTOSTR_MAX_SIZE-1));
+
+  for (k = 0; k < count; k++)
+    str[k + start] = temp[start + count - k - 1];
+  str[count + start] = 0;
+  return str;
+}
+
+
+/******************************************************************/
+/* Function : _asn1_change_integer_value                          */
+/* Description: converts into DER coding the value assign to an   */
+/*   INTEGER constant.                                            */
+/* Parameters:                                                    */
+/*   node: root of an ASN1element.                                */
+/* Return:                                                        */
+/*   ASN1_ELEMENT_NOT_FOUND if NODE is NULL,                       */
+/*   otherwise ASN1_SUCCESS                                             */
+/******************************************************************/
+int
+_asn1_change_integer_value (asn1_node node)
+{
+  asn1_node p;
+  unsigned char val[SIZEOF_UNSIGNED_LONG_INT];
+  unsigned char val2[SIZEOF_UNSIGNED_LONG_INT + 1];
+  int len;
+
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  p = node;
+  while (p)
+    {
+      if ((type_field (p->type) == ASN1_ETYPE_INTEGER)
+	  && (p->type & CONST_ASSIGN))
+	{
+	  if (p->value)
+	    {
+	      _asn1_convert_integer (p->value, val, sizeof (val), &len);
+	      asn1_octet_der (val, len, val2, &len);
+	      _asn1_set_value (p, val2, len);
+	    }
+	}
+
+      if (p->down)
+	{
+	  p = p->down;
+	}
+      else
+	{
+	  if (p == node)
+	    p = NULL;
+	  else if (p->right)
+	    p = p->right;
+	  else
+	    {
+	      while (1)
+		{
+		  p = _asn1_find_up (p);
+		  if (p == node)
+		    {
+		      p = NULL;
+		      break;
+		    }
+		  if (p && p->right)
+		    {
+		      p = p->right;
+		      break;
+		    }
+		}
+	    }
+	}
+    }
+
+  return ASN1_SUCCESS;
+}
+
+#define MAX_CONSTANTS 1024
+/******************************************************************/
+/* Function : _asn1_expand_object_id                              */
+/* Description: expand the IDs of an OBJECT IDENTIFIER constant.  */
+/* Parameters:                                                    */
+/*   list: root of an object list                                 */
+/*   node: root of an ASN1 element.                               */
+/* Return:                                                        */
+/*   ASN1_ELEMENT_NOT_FOUND if NODE is NULL,                      */
+/*   otherwise ASN1_SUCCESS                                       */
+/******************************************************************/
+int
+_asn1_expand_object_id (list_type **list, asn1_node node)
+{
+  asn1_node p, p2, p3, p4, p5;
+  char name_root[ASN1_MAX_NAME_SIZE], name2[2 * ASN1_MAX_NAME_SIZE + 1];
+  int move, tlen, tries;
+  unsigned max_constants;
+
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  _asn1_str_cpy (name_root, sizeof (name_root), node->name);
+
+  p = node;
+  move = DOWN;
+  tries = 0;
+
+  while (!((p == node) && (move == UP)))
+    {
+      if (move != UP)
+	{
+	  if ((type_field (p->type) == ASN1_ETYPE_OBJECT_ID)
+	      && (p->type & CONST_ASSIGN))
+	    {
+	      p2 = p->down;
+	      if (p2 && (type_field (p2->type) == ASN1_ETYPE_CONSTANT))
+		{
+		  if (p2->value && !c_isdigit (p2->value[0]))
+		    {
+		      _asn1_str_cpy (name2, sizeof (name2), name_root);
+		      _asn1_str_cat (name2, sizeof (name2), ".");
+		      _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
+		      p3 = asn1_find_node (node, name2);
+		      if (!p3 || _asn1_is_up(p2, p3) ||
+			  (type_field (p3->type) != ASN1_ETYPE_OBJECT_ID) ||
+			  !(p3->type & CONST_ASSIGN))
+			return ASN1_ELEMENT_NOT_FOUND;
+
+		      _asn1_set_down (p, p2->right);
+		      if (p2->down)
+			_asn1_delete_structure (*list, &p2->down, 0);
+		      _asn1_delete_node_from_list(*list, p2);
+		      _asn1_remove_node (p2, 0);
+		      p2 = p;
+		      p4 = p3->down;
+		      max_constants = 0;
+		      while (p4)
+			{
+			  if (type_field (p4->type) == ASN1_ETYPE_CONSTANT)
+			    {
+			      max_constants++;
+			      if (max_constants == MAX_CONSTANTS)
+                                return ASN1_RECURSION;
+
+			      p5 =
+				_asn1_add_single_node (ASN1_ETYPE_CONSTANT);
+			      _asn1_set_name (p5, p4->name);
+			      if (p4->value)
+			        {
+			          tlen = _asn1_strlen (p4->value);
+			          if (tlen > 0)
+			            _asn1_set_value (p5, p4->value, tlen + 1);
+			        }
+			      _asn1_add_static_node2(list, p5);
+
+			      if (p2 == p)
+				{
+				  _asn1_set_right (p5, p->down);
+				  _asn1_set_down (p, p5);
+				}
+			      else
+				{
+				  _asn1_set_right (p5, p2->right);
+				  _asn1_set_right (p2, p5);
+				}
+			      p2 = p5;
+			    }
+			  p4 = p4->right;
+			}
+		      move = DOWN;
+
+		      tries++;
+                      if (tries >= EXPAND_OBJECT_ID_MAX_RECURSION)
+                        return ASN1_RECURSION;
+
+		      continue;
+		    }
+		}
+	    }
+	  move = DOWN;
+	}
+      else
+	move = RIGHT;
+
+      tries = 0;
+      if (move == DOWN)
+	{
+	  if (p->down)
+	    p = p->down;
+	  else
+	    move = RIGHT;
+	}
+
+      if (p == node)
+	{
+	  move = UP;
+	  continue;
+	}
+
+      if (move == RIGHT)
+	{
+	  if (p && p->right)
+	    p = p->right;
+	  else
+	    move = UP;
+	}
+      if (move == UP)
+	p = _asn1_find_up (p);
+    }
+
+  /*******************************/
+  /*       expand DEFAULT        */
+  /*******************************/
+  p = node;
+  move = DOWN;
+
+  while (!((p == node) && (move == UP)))
+    {
+      if (move != UP)
+	{
+	  if ((type_field (p->type) == ASN1_ETYPE_OBJECT_ID) &&
+	      (p->type & CONST_DEFAULT))
+	    {
+	      p2 = p->down;
+	      if (p2 && (type_field (p2->type) == ASN1_ETYPE_DEFAULT))
+		{
+		  _asn1_str_cpy (name2, sizeof (name2), name_root);
+		  _asn1_str_cat (name2, sizeof (name2), ".");
+		  if (p2->value)
+		    _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
+		  p3 = asn1_find_node (node, name2);
+		  if (!p3 || (type_field (p3->type) != ASN1_ETYPE_OBJECT_ID)
+		      || !(p3->type & CONST_ASSIGN))
+		    return ASN1_ELEMENT_NOT_FOUND;
+		  p4 = p3->down;
+		  name2[0] = 0;
+		  while (p4)
+		    {
+		      if (type_field (p4->type) == ASN1_ETYPE_CONSTANT)
+			{
+			  if (p4->value == NULL)
+			    return ASN1_VALUE_NOT_FOUND;
+
+			  if (name2[0])
+			    _asn1_str_cat (name2, sizeof (name2), ".");
+			  _asn1_str_cat (name2, sizeof (name2),
+					 (char *) p4->value);
+			}
+		      p4 = p4->right;
+		    }
+		  tlen = strlen (name2);
+		  if (tlen > 0)
+		    _asn1_set_value (p2, name2, tlen + 1);
+		}
+	    }
+	  move = DOWN;
+	}
+      else
+	move = RIGHT;
+
+      if (move == DOWN)
+	{
+	  if (p->down)
+	    p = p->down;
+	  else
+	    move = RIGHT;
+	}
+
+      if (p == node)
+	{
+	  move = UP;
+	  continue;
+	}
+
+      if (move == RIGHT)
+	{
+	  if (p && p->right)
+	    p = p->right;
+	  else
+	    move = UP;
+	}
+      if (move == UP)
+	p = _asn1_find_up (p);
+    }
+
+  return ASN1_SUCCESS;
+}
+
+
+/******************************************************************/
+/* Function : _asn1_type_set_config                               */
+/* Description: sets the CONST_SET and CONST_NOT_USED properties  */
+/*   in the fields of the SET elements.                           */
+/* Parameters:                                                    */
+/*   node: root of an ASN1 element.                               */
+/* Return:                                                        */
+/*   ASN1_ELEMENT_NOT_FOUND if NODE is NULL,                       */
+/*   otherwise ASN1_SUCCESS                                             */
+/******************************************************************/
+int
+_asn1_type_set_config (asn1_node node)
+{
+  asn1_node p, p2;
+  int move;
+
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  p = node;
+  move = DOWN;
+
+  while (!((p == node) && (move == UP)))
+    {
+      if (move != UP)
+	{
+	  if (type_field (p->type) == ASN1_ETYPE_SET)
+	    {
+	      p2 = p->down;
+	      while (p2)
+		{
+		  if (type_field (p2->type) != ASN1_ETYPE_TAG)
+		    p2->type |= CONST_SET | CONST_NOT_USED;
+		  p2 = p2->right;
+		}
+	    }
+	  move = DOWN;
+	}
+      else
+	move = RIGHT;
+
+      if (move == DOWN)
+	{
+	  if (p->down)
+	    p = p->down;
+	  else
+	    move = RIGHT;
+	}
+
+      if (p == node)
+	{
+	  move = UP;
+	  continue;
+	}
+
+      if (move == RIGHT)
+	{
+	  if (p && p->right)
+	    p = p->right;
+	  else
+	    move = UP;
+	}
+      if (move == UP)
+	p = _asn1_find_up (p);
+    }
+
+  return ASN1_SUCCESS;
+}
+
+
+/******************************************************************/
+/* Function : _asn1_check_identifier                              */
+/* Description: checks the definitions of all the identifiers     */
+/*   and the first element of an OBJECT_ID (e.g. {pkix 0 4}).     */
+/*   The _asn1_identifierMissing global variable is filled if     */
+/*   necessary.                                                   */
+/* Parameters:                                                    */
+/*   node: root of an ASN1 element.                               */
+/* Return:                                                        */
+/*   ASN1_ELEMENT_NOT_FOUND      if NODE is NULL,                 */
+/*   ASN1_IDENTIFIER_NOT_FOUND   if an identifier is not defined, */
+/*   otherwise ASN1_SUCCESS                                       */
+/******************************************************************/
+int
+_asn1_check_identifier (asn1_node_const node)
+{
+  asn1_node_const p, p2;
+  char name2[ASN1_MAX_NAME_SIZE * 2 + 2];
+
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  p = node;
+  while (p)
+    {
+      if (p->value && type_field (p->type) == ASN1_ETYPE_IDENTIFIER)
+	{
+	  _asn1_str_cpy (name2, sizeof (name2), node->name);
+	  _asn1_str_cat (name2, sizeof (name2), ".");
+	  _asn1_str_cat (name2, sizeof (name2), (char *) p->value);
+	  p2 = asn1_find_node (node, name2);
+	  if (p2 == NULL)
+	    {
+	      if (p->value)
+		_asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p->value);
+	      else
+		_asn1_strcpy (_asn1_identifierMissing, "(null)");
+	      return ASN1_IDENTIFIER_NOT_FOUND;
+	    }
+	}
+      else if ((type_field (p->type) == ASN1_ETYPE_OBJECT_ID) &&
+	       (p->type & CONST_DEFAULT))
+	{
+	  p2 = p->down;
+	  if (p2 && (type_field (p2->type) == ASN1_ETYPE_DEFAULT))
+	    {
+	      _asn1_str_cpy (name2, sizeof (name2), node->name);
+	      if (p2->value)
+	        {
+	          _asn1_str_cat (name2, sizeof (name2), ".");
+	          _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
+	          _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value);
+	        }
+	      else
+		_asn1_strcpy (_asn1_identifierMissing, "(null)");
+
+	      p2 = asn1_find_node (node, name2);
+	      if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) ||
+		  !(p2->type & CONST_ASSIGN))
+		return ASN1_IDENTIFIER_NOT_FOUND;
+	      else
+		_asn1_identifierMissing[0] = 0;
+	    }
+	}
+      else if ((type_field (p->type) == ASN1_ETYPE_OBJECT_ID) &&
+	       (p->type & CONST_ASSIGN))
+	{
+	  p2 = p->down;
+	  if (p2 && (type_field (p2->type) == ASN1_ETYPE_CONSTANT))
+	    {
+	      if (p2->value && !c_isdigit (p2->value[0]))
+		{
+		  _asn1_str_cpy (name2, sizeof (name2), node->name);
+		  _asn1_str_cat (name2, sizeof (name2), ".");
+		  _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
+		  _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value);
+
+		  p2 = asn1_find_node (node, name2);
+		  if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID)
+		      || !(p2->type & CONST_ASSIGN))
+		    return ASN1_IDENTIFIER_NOT_FOUND;
+		  else
+		    _asn1_identifierMissing[0] = 0;
+		}
+	    }
+	}
+
+      if (p->down)
+	{
+	  p = p->down;
+	}
+      else if (p->right)
+	p = p->right;
+      else
+	{
+	  while (p)
+	    {
+	      p = _asn1_find_up (p);
+	      if (p == node)
+		{
+		  p = NULL;
+		  break;
+		}
+	      if (p && p->right)
+		{
+		  p = p->right;
+		  break;
+		}
+	    }
+	}
+    }
+
+  return ASN1_SUCCESS;
+}
+
+
+/******************************************************************/
+/* Function : _asn1_set_default_tag                               */
+/* Description: sets the default IMPLICIT or EXPLICIT property in */
+/*   the tagged elements that don't have this declaration.        */
+/* Parameters:                                                    */
+/*   node: pointer to a DEFINITIONS element.                      */
+/* Return:                                                        */
+/*   ASN1_ELEMENT_NOT_FOUND if NODE is NULL or not a pointer to   */
+/*     a DEFINITIONS element,                                     */
+/*   otherwise ASN1_SUCCESS                                       */
+/******************************************************************/
+int
+_asn1_set_default_tag (asn1_node node)
+{
+  asn1_node p;
+
+  if ((node == NULL) || (type_field (node->type) != ASN1_ETYPE_DEFINITIONS))
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  p = node;
+  while (p)
+    {
+      if ((type_field (p->type) == ASN1_ETYPE_TAG) &&
+	  !(p->type & CONST_EXPLICIT) && !(p->type & CONST_IMPLICIT))
+	{
+	  if (node->type & CONST_EXPLICIT)
+	    p->type |= CONST_EXPLICIT;
+	  else
+	    p->type |= CONST_IMPLICIT;
+	}
+
+      if (p->down)
+	{
+	  p = p->down;
+	}
+      else if (p->right)
+	p = p->right;
+      else
+	{
+	  while (1)
+	    {
+	      p = _asn1_find_up (p);
+	      if (p == node)
+		{
+		  p = NULL;
+		  break;
+		}
+	      if (p && p->right)
+		{
+		  p = p->right;
+		  break;
+		}
+	    }
+	}
+    }
+
+  return ASN1_SUCCESS;
+}
diff --git a/lib/minitasn1/parser_aux.h b/lib/minitasn1/parser_aux.h
new file mode 100644
index 0000000..0e8621b
--- /dev/null
+++ b/lib/minitasn1/parser_aux.h
@@ -0,0 +1,172 @@
+/*
+ * Copyright (C) 2000-2021 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * The LIBTASN1 library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA
+ */
+
+#ifndef _PARSER_AUX_H
+#define _PARSER_AUX_H
+
+/***********************************************/
+/* Type: list_type                             */
+/* Description: type used in the list during   */
+/* the structure creation.                     */
+/***********************************************/
+typedef struct list_struct
+{
+  asn1_node node;
+  struct list_struct *next;
+} list_type;
+
+/***************************************/
+/*  Functions used by ASN.1 parser     */
+/***************************************/
+asn1_node _asn1_add_static_node (list_type **e_list, unsigned int type);
+
+void _asn1_delete_list (list_type *e_list);
+
+void _asn1_delete_list_and_nodes (list_type *e_list);
+
+void _asn1_delete_node_from_list (list_type *list, asn1_node node);
+
+asn1_node
+_asn1_set_value (asn1_node node, const void *value, unsigned int len);
+
+asn1_node _asn1_set_value_m (asn1_node node, void *value, unsigned int len);
+
+asn1_node
+_asn1_set_value_lv (asn1_node node, const void *value, unsigned int len);
+
+asn1_node
+_asn1_append_value (asn1_node node, const void *value, unsigned int len);
+
+asn1_node _asn1_set_name (asn1_node node, const char *name);
+
+asn1_node _asn1_cpy_name (asn1_node dst, asn1_node_const src);
+
+asn1_node _asn1_set_right (asn1_node node, asn1_node right);
+
+asn1_node _asn1_get_last_right (asn1_node_const node);
+
+void _asn1_remove_node (asn1_node node, unsigned int flags);
+
+/* Max 64-bit integer length is 20 chars + 1 for sign + 1 for null termination */
+#define LTOSTR_MAX_SIZE 22
+char *_asn1_ltostr (int64_t v, char str[LTOSTR_MAX_SIZE]);
+
+asn1_node _asn1_find_up (asn1_node_const node);
+
+int _asn1_change_integer_value (asn1_node node);
+
+#define EXPAND_OBJECT_ID_MAX_RECURSION 16
+int _asn1_expand_object_id (list_type **list, asn1_node node);
+
+int _asn1_type_set_config (asn1_node node);
+
+int _asn1_check_identifier (asn1_node_const node);
+
+int _asn1_set_default_tag (asn1_node node);
+
+/******************************************************************/
+/* Function : _asn1_get_right                                     */
+/* Description: returns the element pointed by the RIGHT field of */
+/*              a NODE_ASN element.                               */
+/* Parameters:                                                    */
+/*   node: NODE_ASN element pointer.                              */
+/* Return: field RIGHT of NODE.                                   */
+/******************************************************************/
+inline static asn1_node
+_asn1_get_right (asn1_node_const node)
+{
+  if (node == NULL)
+    return NULL;
+  return node->right;
+}
+
+/******************************************************************/
+/* Function : _asn1_set_down                                      */
+/* Description: sets the field DOWN in a NODE_ASN element.        */
+/* Parameters:                                                    */
+/*   node: element pointer.                                       */
+/*   down: pointer to a NODE_ASN element that you want be pointed */
+/*          by NODE.                                              */
+/* Return: pointer to *NODE.                                      */
+/******************************************************************/
+inline static asn1_node
+_asn1_set_down (asn1_node node, asn1_node down)
+{
+  if (node == NULL)
+    return node;
+  node->down = down;
+  if (down)
+    down->left = node;
+  return node;
+}
+
+/******************************************************************/
+/* Function : _asn1_get_down                                      */
+/* Description: returns the element pointed by the DOWN field of  */
+/*              a NODE_ASN element.                               */
+/* Parameters:                                                    */
+/*   node: NODE_ASN element pointer.                              */
+/* Return: field DOWN of NODE.                                    */
+/******************************************************************/
+inline static asn1_node
+_asn1_get_down (asn1_node_const node)
+{
+  if (node == NULL)
+    return NULL;
+  return node->down;
+}
+
+/******************************************************************/
+/* Function : _asn1_get_name                                      */
+/* Description: returns the name of a NODE_ASN element.           */
+/* Parameters:                                                    */
+/*   node: NODE_ASN element pointer.                              */
+/* Return: a null terminated string.                              */
+/******************************************************************/
+inline static char *
+_asn1_get_name (asn1_node_const node)
+{
+  if (node == NULL)
+    return NULL;
+  return (char *) node->name;
+}
+
+/******************************************************************/
+/* Function : _asn1_mod_type                                      */
+/* Description: change the field TYPE of an NODE_ASN element.     */
+/*              The new value is the old one | (bitwise or) the   */
+/*              paramener VALUE.                                  */
+/* Parameters:                                                    */
+/*   node: NODE_ASN element pointer.                              */
+/*   value: the integer value that must be or-ed with the current */
+/*          value of field TYPE.                                  */
+/* Return: NODE pointer.                                          */
+/******************************************************************/
+inline static asn1_node
+_asn1_mod_type (asn1_node node, unsigned int value)
+{
+  if (node == NULL)
+    return node;
+  node->type |= value;
+  return node;
+}
+
+#endif
diff --git a/lib/minitasn1/structure.c b/lib/minitasn1/structure.c
new file mode 100644
index 0000000..4f43335
--- /dev/null
+++ b/lib/minitasn1/structure.c
@@ -0,0 +1,1220 @@
+/*
+ * Copyright (C) 2002-2021 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * The LIBTASN1 library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA
+ */
+
+
+/*****************************************************/
+/* File: structure.c                                 */
+/* Description: Functions to create and delete an    */
+/*  ASN1 tree.                                       */
+/*****************************************************/
+
+
+#include <int.h>
+#include <structure.h>
+#include "parser_aux.h"
+#include <gstr.h>
+
+
+extern char _asn1_identifierMissing[];
+
+
+/******************************************************/
+/* Function : _asn1_add_single_node                     */
+/* Description: creates a new NODE_ASN element.       */
+/* Parameters:                                        */
+/*   type: type of the new element (see ASN1_ETYPE_         */
+/*         and CONST_ constants).                     */
+/* Return: pointer to the new element.                */
+/******************************************************/
+asn1_node
+_asn1_add_single_node (unsigned int type)
+{
+  asn1_node punt;
+
+  punt = calloc (1, sizeof (struct asn1_node_st));
+  if (punt == NULL)
+    return NULL;
+
+  punt->type = type;
+
+  return punt;
+}
+
+
+/******************************************************************/
+/* Function : _asn1_find_left                                     */
+/* Description: returns the NODE_ASN element with RIGHT field that*/
+/*              points the element NODE.                          */
+/* Parameters:                                                    */
+/*   node: NODE_ASN element pointer.                              */
+/* Return: NULL if not found.                                     */
+/******************************************************************/
+asn1_node
+_asn1_find_left (asn1_node_const node)
+{
+  if ((node == NULL) || (node->left == NULL) || (node->left->down == node))
+    return NULL;
+
+  return node->left;
+}
+
+
+int
+_asn1_create_static_structure (asn1_node_const pointer, char *output_file_name,
+			       char *vector_name)
+{
+  FILE *file;
+  asn1_node_const p;
+  unsigned long t;
+
+  file = fopen (output_file_name, "w");
+
+  if (file == NULL)
+    return ASN1_FILE_NOT_FOUND;
+
+  fprintf (file, "#if HAVE_CONFIG_H\n");
+  fprintf (file, "# include \"config.h\"\n");
+  fprintf (file, "#endif\n\n");
+
+  fprintf (file, "#include <libtasn1.h>\n\n");
+
+  fprintf (file, "const asn1_static_node %s[] = {\n", vector_name);
+
+  p = pointer;
+
+  while (p)
+    {
+      fprintf (file, "  { ");
+
+      if (p->name[0] != 0)
+	fprintf (file, "\"%s\", ", p->name);
+      else
+	fprintf (file, "NULL, ");
+
+      t = p->type;
+      if (p->down)
+	t |= CONST_DOWN;
+      if (p->right)
+	t |= CONST_RIGHT;
+
+      fprintf (file, "%lu, ", t);
+
+      if (p->value)
+	fprintf (file, "\"%s\"},\n", p->value);
+      else
+	fprintf (file, "NULL },\n");
+
+      if (p->down)
+	{
+	  p = p->down;
+	}
+      else if (p->right)
+	{
+	  p = p->right;
+	}
+      else
+	{
+	  while (1)
+	    {
+	      p = _asn1_find_up (p);
+	      if (p == pointer)
+		{
+		  p = NULL;
+		  break;
+		}
+	      if (p->right)
+		{
+		  p = p->right;
+		  break;
+		}
+	    }
+	}
+    }
+
+  fprintf (file, "  { NULL, 0, NULL }\n};\n");
+
+  fclose (file);
+
+  return ASN1_SUCCESS;
+}
+
+
+/**
+ * asn1_array2tree:
+ * @array: specify the array that contains ASN.1 declarations
+ * @definitions: return the pointer to the structure created by
+ *   *ARRAY ASN.1 declarations
+ * @errorDescription: return the error description.
+ *
+ * Creates the structures needed to manage the ASN.1 definitions.
+ * @array is a vector created by asn1_parser2array().
+ *
+ * Returns: %ASN1_SUCCESS if structure was created correctly,
+ *   %ASN1_ELEMENT_NOT_EMPTY if *@definitions not NULL,
+ *   %ASN1_IDENTIFIER_NOT_FOUND if in the file there is an identifier
+ *   that is not defined (see @errorDescription for more information),
+ *   %ASN1_ARRAY_ERROR if the array pointed by @array is wrong.
+ **/
+int
+asn1_array2tree (const asn1_static_node * array, asn1_node * definitions,
+		 char *errorDescription)
+{
+  asn1_node p, p_last = NULL;
+  unsigned long k;
+  int move;
+  int result;
+  unsigned int type;
+  list_type *e_list = NULL;
+
+  if (errorDescription)
+    errorDescription[0] = 0;
+
+  if (*definitions != NULL)
+    return ASN1_ELEMENT_NOT_EMPTY;
+
+  move = UP;
+
+  for (k = 0; array[k].value || array[k].type || array[k].name; k++)
+    {
+      type = convert_old_type (array[k].type);
+
+      p = _asn1_add_static_node (&e_list, type & (~CONST_DOWN));
+      if (array[k].name)
+	_asn1_set_name (p, array[k].name);
+      if (array[k].value)
+	_asn1_set_value (p, array[k].value, strlen (array[k].value) + 1);
+
+      if (*definitions == NULL)
+	*definitions = p;
+
+      if (move == DOWN)
+	{
+	  if (p_last && p_last->down)
+	      _asn1_delete_structure (e_list, &p_last->down, 0);
+	  _asn1_set_down (p_last, p);
+	}
+      else if (move == RIGHT)
+        {
+	  if (p_last && p_last->right)
+	      _asn1_delete_structure (e_list, &p_last->right, 0);
+	  _asn1_set_right (p_last, p);
+        }
+
+      p_last = p;
+
+      if (type & CONST_DOWN)
+	move = DOWN;
+      else if (type & CONST_RIGHT)
+	move = RIGHT;
+      else
+	{
+	  while (p_last != *definitions)
+	    {
+	      p_last = _asn1_find_up (p_last);
+
+	      if (p_last == NULL)
+		break;
+
+	      if (p_last->type & CONST_RIGHT)
+		{
+		  p_last->type &= ~CONST_RIGHT;
+		  move = RIGHT;
+		  break;
+		}
+	    }			/* while */
+	}
+    }				/* while */
+
+  if (p_last == *definitions)
+    {
+      result = _asn1_check_identifier (*definitions);
+      if (result == ASN1_SUCCESS)
+	{
+	  _asn1_change_integer_value (*definitions);
+	  result = _asn1_expand_object_id (&e_list, *definitions);
+	}
+    }
+  else
+    {
+      result = ASN1_ARRAY_ERROR;
+    }
+
+  if (errorDescription != NULL)
+    {
+      if (result == ASN1_IDENTIFIER_NOT_FOUND)
+	{
+	  Estrcpy (errorDescription, ":: identifier '");
+	  Estrcat (errorDescription, _asn1_identifierMissing);
+	  Estrcat (errorDescription, "' not found");
+	}
+      else
+	errorDescription[0] = 0;
+    }
+
+  if (result != ASN1_SUCCESS)
+    {
+      _asn1_delete_list_and_nodes (e_list);
+      *definitions = NULL;
+    }
+  else
+    _asn1_delete_list (e_list);
+
+  return result;
+}
+
+/**
+ * asn1_delete_structure:
+ * @structure: pointer to the structure that you want to delete.
+ *
+ * Deletes the structure *@structure.  At the end, *@structure is set
+ * to NULL.
+ *
+ * Returns: %ASN1_SUCCESS if successful, %ASN1_ELEMENT_NOT_FOUND if
+ *   *@structure was NULL.
+ **/
+int
+asn1_delete_structure (asn1_node * structure)
+{
+  return _asn1_delete_structure (NULL, structure, 0);
+}
+
+/**
+ * asn1_delete_structure2:
+ * @structure: pointer to the structure that you want to delete.
+ * @flags: additional flags (see %ASN1_DELETE_FLAG)
+ *
+ * Deletes the structure *@structure.  At the end, *@structure is set
+ * to NULL.
+ *
+ * Returns: %ASN1_SUCCESS if successful, %ASN1_ELEMENT_NOT_FOUND if
+ *   *@structure was NULL.
+ **/
+int
+asn1_delete_structure2 (asn1_node * structure, unsigned int flags)
+{
+  return _asn1_delete_structure (NULL, structure, flags);
+}
+
+int
+_asn1_delete_structure (list_type *e_list, asn1_node * structure, unsigned int flags)
+{
+  asn1_node p, p2, p3;
+
+  if (*structure == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  p = *structure;
+  while (p)
+    {
+      if (p->down)
+	{
+	  p = p->down;
+	}
+      else
+	{			/* no down */
+	  p2 = p->right;
+	  if (p != *structure)
+	    {
+	      p3 = _asn1_find_up (p);
+	      _asn1_set_down (p3, p2);
+	      if (e_list)
+		_asn1_delete_node_from_list (e_list, p);
+	      _asn1_remove_node (p, flags);
+	      p = p3;
+	    }
+	  else
+	    {			/* p==root */
+	      p3 = _asn1_find_left (p);
+	      if (!p3)
+		{
+		  p3 = _asn1_find_up (p);
+		  if (p3)
+		    _asn1_set_down (p3, p2);
+		  else
+		    {
+		      if (p->right)
+			p->right->left = NULL;
+		    }
+		}
+	      else
+		_asn1_set_right (p3, p2);
+	      if (e_list)
+		_asn1_delete_node_from_list (e_list, p);
+	      _asn1_remove_node (p, flags);
+	      p = NULL;
+	    }
+	}
+    }
+
+  *structure = NULL;
+  return ASN1_SUCCESS;
+}
+
+
+/**
+ * asn1_delete_element:
+ * @structure: pointer to the structure that contains the element you
+ *   want to delete.
+ * @element_name: element's name you want to delete.
+ *
+ * Deletes the element named *@element_name inside *@structure.
+ *
+ * Returns: %ASN1_SUCCESS if successful, %ASN1_ELEMENT_NOT_FOUND if
+ *   the @element_name was not found.
+ **/
+int
+asn1_delete_element (asn1_node structure, const char *element_name)
+{
+  asn1_node p2, p3, source_node;
+
+  source_node = asn1_find_node (structure, element_name);
+
+  if (source_node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  p2 = source_node->right;
+  p3 = _asn1_find_left (source_node);
+  if (!p3)
+    {
+      p3 = _asn1_find_up (source_node);
+      if (p3)
+	_asn1_set_down (p3, p2);
+      else if (source_node->right)
+	source_node->right->left = NULL;
+    }
+  else
+    _asn1_set_right (p3, p2);
+
+  return asn1_delete_structure (&source_node);
+}
+
+#ifndef __clang_analyzer__
+asn1_node
+_asn1_copy_structure3 (asn1_node_const source_node)
+{
+  asn1_node_const p_s;
+  asn1_node dest_node, p_d, p_d_prev;
+  int move;
+
+  if (source_node == NULL)
+    return NULL;
+
+  dest_node = _asn1_add_single_node (source_node->type);
+
+  p_s = source_node;
+  p_d = dest_node;
+
+  move = DOWN;
+
+  do
+    {
+      if (move != UP)
+	{
+	  if (p_s->name[0] != 0)
+	    _asn1_cpy_name (p_d, p_s);
+	  if (p_s->value)
+	    _asn1_set_value (p_d, p_s->value, p_s->value_len);
+	  if (p_s->down)
+	    {
+	      p_s = p_s->down;
+	      p_d_prev = p_d;
+	      p_d = _asn1_add_single_node (p_s->type);
+	      _asn1_set_down (p_d_prev, p_d);
+	      continue;
+	    }
+	  p_d->start = p_s->start;
+	  p_d->end = p_s->end;
+	}
+
+      if (p_s == source_node)
+	break;
+
+      if (p_s->right)
+	{
+	  move = RIGHT;
+	  p_s = p_s->right;
+	  p_d_prev = p_d;
+	  p_d = _asn1_add_single_node (p_s->type);
+	  _asn1_set_right (p_d_prev, p_d);
+	}
+      else
+	{
+	  move = UP;
+	  p_s = _asn1_find_up (p_s);
+	  p_d = _asn1_find_up (p_d);
+	}
+    }
+  while (p_s != source_node);
+  return dest_node;
+}
+#else
+
+/* Non-production code */
+asn1_node
+_asn1_copy_structure3 (asn1_node_const source_node)
+{
+  return NULL;
+}
+#endif /* __clang_analyzer__ */
+
+
+static asn1_node
+_asn1_copy_structure2 (asn1_node_const root, const char *source_name)
+{
+  asn1_node source_node;
+
+  source_node = asn1_find_node (root, source_name);
+
+  return _asn1_copy_structure3 (source_node);
+
+}
+
+
+static int
+_asn1_type_choice_config (asn1_node node)
+{
+  asn1_node p, p2, p3, p4;
+  int move, tlen;
+
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  p = node;
+  move = DOWN;
+
+  while (!((p == node) && (move == UP)))
+    {
+      if (move != UP)
+	{
+	  if ((type_field (p->type) == ASN1_ETYPE_CHOICE)
+	      && (p->type & CONST_TAG))
+	    {
+	      p2 = p->down;
+	      while (p2)
+		{
+		  if (type_field (p2->type) != ASN1_ETYPE_TAG)
+		    {
+		      p2->type |= CONST_TAG;
+		      p3 = _asn1_find_left (p2);
+		      while (p3)
+			{
+			  if (type_field (p3->type) == ASN1_ETYPE_TAG)
+			    {
+			      p4 = _asn1_add_single_node (p3->type);
+			      tlen = _asn1_strlen (p3->value);
+			      if (tlen > 0)
+				_asn1_set_value (p4, p3->value, tlen + 1);
+			      _asn1_set_right (p4, p2->down);
+			      _asn1_set_down (p2, p4);
+			    }
+			  p3 = _asn1_find_left (p3);
+			}
+		    }
+		  p2 = p2->right;
+		}
+	      p->type &= ~(CONST_TAG);
+	      p2 = p->down;
+	      while (p2)
+		{
+		  p3 = p2->right;
+		  if (type_field (p2->type) == ASN1_ETYPE_TAG)
+		    asn1_delete_structure (&p2);
+		  p2 = p3;
+		}
+	    }
+	  move = DOWN;
+	}
+      else
+	move = RIGHT;
+
+      if (move == DOWN)
+	{
+	  if (p->down)
+	    p = p->down;
+	  else
+	    move = RIGHT;
+	}
+
+      if (p == node)
+	{
+	  move = UP;
+	  continue;
+	}
+
+      if (move == RIGHT)
+	{
+	  if (p->right)
+	    p = p->right;
+	  else
+	    move = UP;
+	}
+      if (move == UP)
+	p = _asn1_find_up (p);
+    }
+
+  return ASN1_SUCCESS;
+}
+
+
+static int
+_asn1_expand_identifier (asn1_node * node, asn1_node_const root)
+{
+  asn1_node p, p2, p3;
+  char name2[ASN1_MAX_NAME_SIZE + 2];
+  int move;
+
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  p = *node;
+  move = DOWN;
+
+  while (!((p == *node) && (move == UP)))
+    {
+      if (move != UP)
+	{
+	  if (type_field (p->type) == ASN1_ETYPE_IDENTIFIER)
+	    {
+	      snprintf (name2, sizeof (name2), "%s.%s", root->name, p->value);
+	      p2 = _asn1_copy_structure2 (root, name2);
+	      if (p2 == NULL)
+		{
+		  return ASN1_IDENTIFIER_NOT_FOUND;
+		}
+	      _asn1_cpy_name (p2, p);
+	      p2->right = p->right;
+	      p2->left = p->left;
+	      if (p->right)
+		p->right->left = p2;
+	      p3 = p->down;
+	      if (p3)
+		{
+		  while (p3->right)
+		    p3 = p3->right;
+		  _asn1_set_right (p3, p2->down);
+		  _asn1_set_down (p2, p->down);
+		}
+
+	      p3 = _asn1_find_left (p);
+	      if (p3)
+		_asn1_set_right (p3, p2);
+	      else
+		{
+		  p3 = _asn1_find_up (p);
+		  if (p3)
+		    _asn1_set_down (p3, p2);
+		  else
+		    {
+		      p2->left = NULL;
+		    }
+		}
+
+	      if (p->type & CONST_SIZE)
+		p2->type |= CONST_SIZE;
+	      if (p->type & CONST_TAG)
+		p2->type |= CONST_TAG;
+	      if (p->type & CONST_OPTION)
+		p2->type |= CONST_OPTION;
+	      if (p->type & CONST_DEFAULT)
+		p2->type |= CONST_DEFAULT;
+	      if (p->type & CONST_SET)
+		p2->type |= CONST_SET;
+	      if (p->type & CONST_NOT_USED)
+		p2->type |= CONST_NOT_USED;
+
+	      if (p == *node)
+		*node = p2;
+	      _asn1_remove_node (p, 0);
+	      p = p2;
+	      move = DOWN;
+	      continue;
+	    }
+	  move = DOWN;
+	}
+      else
+	move = RIGHT;
+
+      if (move == DOWN)
+	{
+	  if (p->down)
+	    p = p->down;
+	  else
+	    move = RIGHT;
+	}
+
+      if (p == *node)
+	{
+	  move = UP;
+	  continue;
+	}
+
+      if (move == RIGHT)
+	{
+	  if (p->right)
+	    p = p->right;
+	  else
+	    move = UP;
+	}
+      if (move == UP)
+	p = _asn1_find_up (p);
+    }
+
+  return ASN1_SUCCESS;
+}
+
+
+/**
+ * asn1_create_element:
+ * @definitions: pointer to the structure returned by "parser_asn1" function
+ * @source_name: the name of the type of the new structure (must be
+ *   inside p_structure).
+ * @element: pointer to the structure created.
+ *
+ * Creates a structure of type @source_name.  Example using
+ *  "pkix.asn":
+ *
+ * rc = asn1_create_element(cert_def, "PKIX1.Certificate", certptr);
+ *
+ * Returns: %ASN1_SUCCESS if creation OK, %ASN1_ELEMENT_NOT_FOUND if
+ *   @source_name is not known.
+ **/
+int
+asn1_create_element (asn1_node_const definitions, const char *source_name,
+		     asn1_node * element)
+{
+  asn1_node dest_node;
+  int res;
+
+  dest_node = _asn1_copy_structure2 (definitions, source_name);
+
+  if (dest_node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  _asn1_set_name (dest_node, "");
+
+  res = _asn1_expand_identifier (&dest_node, definitions);
+  _asn1_type_choice_config (dest_node);
+
+  *element = dest_node;
+
+  return res;
+}
+
+
+/**
+ * asn1_print_structure:
+ * @out: pointer to the output file (e.g. stdout).
+ * @structure: pointer to the structure that you want to visit.
+ * @name: an element of the structure
+ * @mode: specify how much of the structure to print, can be
+ *   %ASN1_PRINT_NAME, %ASN1_PRINT_NAME_TYPE,
+ *   %ASN1_PRINT_NAME_TYPE_VALUE, or %ASN1_PRINT_ALL.
+ *
+ * Prints on the @out file descriptor the structure's tree starting
+ * from the @name element inside the structure @structure.
+ **/
+void
+asn1_print_structure (FILE * out, asn1_node_const structure, const char *name,
+		      int mode)
+{
+  asn1_node_const p, root;
+  int k, indent = 0, len, len2, len3;
+
+  if (out == NULL)
+    return;
+
+  root = asn1_find_node (structure, name);
+
+  if (root == NULL)
+    return;
+
+  p = root;
+  while (p)
+    {
+      if (mode == ASN1_PRINT_ALL)
+	{
+	  for (k = 0; k < indent; k++)
+	    fprintf (out, " ");
+	  fprintf (out, "name:");
+	  if (p->name[0] != 0)
+	    fprintf (out, "%s  ", p->name);
+	  else
+	    fprintf (out, "NULL  ");
+	}
+      else
+	{
+	  switch (type_field (p->type))
+	    {
+	    case ASN1_ETYPE_CONSTANT:
+	    case ASN1_ETYPE_TAG:
+	    case ASN1_ETYPE_SIZE:
+	      break;
+	    default:
+	      for (k = 0; k < indent; k++)
+		fprintf (out, " ");
+	      fprintf (out, "name:");
+	      if (p->name[0] != 0)
+		fprintf (out, "%s  ", p->name);
+	      else
+		fprintf (out, "NULL  ");
+	    }
+	}
+
+      if (mode != ASN1_PRINT_NAME)
+	{
+	  unsigned type = type_field (p->type);
+	  switch (type)
+	    {
+	    case ASN1_ETYPE_CONSTANT:
+	      if (mode == ASN1_PRINT_ALL)
+		fprintf (out, "type:CONST");
+	      break;
+	    case ASN1_ETYPE_TAG:
+	      if (mode == ASN1_PRINT_ALL)
+		fprintf (out, "type:TAG");
+	      break;
+	    case ASN1_ETYPE_SIZE:
+	      if (mode == ASN1_PRINT_ALL)
+		fprintf (out, "type:SIZE");
+	      break;
+	    case ASN1_ETYPE_DEFAULT:
+	      fprintf (out, "type:DEFAULT");
+	      break;
+	    case ASN1_ETYPE_IDENTIFIER:
+	      fprintf (out, "type:IDENTIFIER");
+	      break;
+	    case ASN1_ETYPE_ANY:
+	      fprintf (out, "type:ANY");
+	      break;
+	    case ASN1_ETYPE_CHOICE:
+	      fprintf (out, "type:CHOICE");
+	      break;
+	    case ASN1_ETYPE_DEFINITIONS:
+	      fprintf (out, "type:DEFINITIONS");
+	      break;
+	    CASE_HANDLED_ETYPES:
+	      fprintf (out, "%s", _asn1_tags[type].desc);
+	      break;
+	    default:
+	      break;
+	    }
+	}
+
+      if ((mode == ASN1_PRINT_NAME_TYPE_VALUE) || (mode == ASN1_PRINT_ALL))
+	{
+	  switch (type_field (p->type))
+	    {
+	    case ASN1_ETYPE_CONSTANT:
+	      if (mode == ASN1_PRINT_ALL)
+		if (p->value)
+		  fprintf (out, "  value:%s", p->value);
+	      break;
+	    case ASN1_ETYPE_TAG:
+	      if (mode == ASN1_PRINT_ALL)
+		if (p->value)
+		  fprintf (out, "  value:%s", p->value);
+	      break;
+	    case ASN1_ETYPE_SIZE:
+	      if (mode == ASN1_PRINT_ALL)
+		if (p->value)
+		  fprintf (out, "  value:%s", p->value);
+	      break;
+	    case ASN1_ETYPE_DEFAULT:
+	      if (p->value)
+		fprintf (out, "  value:%s", p->value);
+	      else if (p->type & CONST_TRUE)
+		fprintf (out, "  value:TRUE");
+	      else if (p->type & CONST_FALSE)
+		fprintf (out, "  value:FALSE");
+	      break;
+	    case ASN1_ETYPE_IDENTIFIER:
+	      if (p->value)
+		fprintf (out, "  value:%s", p->value);
+	      break;
+	    case ASN1_ETYPE_INTEGER:
+	      if (p->value)
+		{
+		  len2 = -1;
+		  len = asn1_get_length_der (p->value, p->value_len, &len2);
+		  fprintf (out, "  value:0x");
+		  if (len > 0)
+		    for (k = 0; k < len; k++)
+		      fprintf (out, "%02x", (unsigned) (p->value)[k + len2]);
+		}
+	      break;
+	    case ASN1_ETYPE_ENUMERATED:
+	      if (p->value)
+		{
+		  len2 = -1;
+		  len = asn1_get_length_der (p->value, p->value_len, &len2);
+		  fprintf (out, "  value:0x");
+		  if (len > 0)
+		    for (k = 0; k < len; k++)
+		      fprintf (out, "%02x", (unsigned) (p->value)[k + len2]);
+		}
+	      break;
+	    case ASN1_ETYPE_BOOLEAN:
+	      if (p->value)
+		{
+		  if (p->value[0] == 'T')
+		    fprintf (out, "  value:TRUE");
+		  else if (p->value[0] == 'F')
+		    fprintf (out, "  value:FALSE");
+		}
+	      break;
+	    case ASN1_ETYPE_BIT_STRING:
+	      if (p->value)
+		{
+		  len2 = -1;
+		  len = asn1_get_length_der (p->value, p->value_len, &len2);
+		  if (len > 0)
+		    {
+		      fprintf (out, "  value(%i):",
+			       (len - 1) * 8 - (p->value[len2]));
+		      for (k = 1; k < len; k++)
+			fprintf (out, "%02x", (unsigned) (p->value)[k + len2]);
+		    }
+		}
+	      break;
+	    case ASN1_ETYPE_GENERALIZED_TIME:
+	    case ASN1_ETYPE_UTC_TIME:
+	      if (p->value)
+		{
+		  fprintf (out, "  value:");
+		  for (k = 0; k < p->value_len; k++)
+		    fprintf (out, "%c", (p->value)[k]);
+		}
+	      break;
+	    case ASN1_ETYPE_GENERALSTRING:
+	    case ASN1_ETYPE_NUMERIC_STRING:
+	    case ASN1_ETYPE_IA5_STRING:
+	    case ASN1_ETYPE_TELETEX_STRING:
+	    case ASN1_ETYPE_PRINTABLE_STRING:
+	    case ASN1_ETYPE_UNIVERSAL_STRING:
+	    case ASN1_ETYPE_UTF8_STRING:
+	    case ASN1_ETYPE_VISIBLE_STRING:
+	      if (p->value)
+		{
+		  len2 = -1;
+		  len = asn1_get_length_der (p->value, p->value_len, &len2);
+		  fprintf (out, "  value:");
+		  if (len > 0)
+		    for (k = 0; k < len; k++)
+		      fprintf (out, "%c", (p->value)[k + len2]);
+		}
+	      break;
+	    case ASN1_ETYPE_BMP_STRING:
+	    case ASN1_ETYPE_OCTET_STRING:
+	      if (p->value)
+		{
+		  len2 = -1;
+		  len = asn1_get_length_der (p->value, p->value_len, &len2);
+		  fprintf (out, "  value:");
+		  if (len > 0)
+		    for (k = 0; k < len; k++)
+		      fprintf (out, "%02x", (unsigned) (p->value)[k + len2]);
+		}
+	      break;
+	    case ASN1_ETYPE_OBJECT_ID:
+	      if (p->value)
+		fprintf (out, "  value:%s", p->value);
+	      break;
+	    case ASN1_ETYPE_ANY:
+	      if (p->value)
+		{
+		  len3 = -1;
+		  len2 = asn1_get_length_der (p->value, p->value_len, &len3);
+		  fprintf (out, "  value:");
+		  if (len2 > 0)
+		    for (k = 0; k < len2; k++)
+		      fprintf (out, "%02x", (unsigned) (p->value)[k + len3]);
+		}
+	      break;
+	    case ASN1_ETYPE_SET:
+	    case ASN1_ETYPE_SET_OF:
+	    case ASN1_ETYPE_CHOICE:
+	    case ASN1_ETYPE_DEFINITIONS:
+	    case ASN1_ETYPE_SEQUENCE_OF:
+	    case ASN1_ETYPE_SEQUENCE:
+	    case ASN1_ETYPE_NULL:
+	      break;
+	    default:
+	      break;
+	    }
+	}
+
+      if (mode == ASN1_PRINT_ALL)
+	{
+	  if (p->type & 0x1FFFFF00)
+	    {
+	      fprintf (out, "  attr:");
+	      if (p->type & CONST_UNIVERSAL)
+		fprintf (out, "UNIVERSAL,");
+	      if (p->type & CONST_PRIVATE)
+		fprintf (out, "PRIVATE,");
+	      if (p->type & CONST_APPLICATION)
+		fprintf (out, "APPLICATION,");
+	      if (p->type & CONST_EXPLICIT)
+		fprintf (out, "EXPLICIT,");
+	      if (p->type & CONST_IMPLICIT)
+		fprintf (out, "IMPLICIT,");
+	      if (p->type & CONST_TAG)
+		fprintf (out, "TAG,");
+	      if (p->type & CONST_DEFAULT)
+		fprintf (out, "DEFAULT,");
+	      if (p->type & CONST_TRUE)
+		fprintf (out, "TRUE,");
+	      if (p->type & CONST_FALSE)
+		fprintf (out, "FALSE,");
+	      if (p->type & CONST_LIST)
+		fprintf (out, "LIST,");
+	      if (p->type & CONST_MIN_MAX)
+		fprintf (out, "MIN_MAX,");
+	      if (p->type & CONST_OPTION)
+		fprintf (out, "OPTION,");
+	      if (p->type & CONST_1_PARAM)
+		fprintf (out, "1_PARAM,");
+	      if (p->type & CONST_SIZE)
+		fprintf (out, "SIZE,");
+	      if (p->type & CONST_DEFINED_BY)
+		fprintf (out, "DEF_BY,");
+	      if (p->type & CONST_GENERALIZED)
+		fprintf (out, "GENERALIZED,");
+	      if (p->type & CONST_UTC)
+		fprintf (out, "UTC,");
+	      if (p->type & CONST_SET)
+		fprintf (out, "SET,");
+	      if (p->type & CONST_NOT_USED)
+		fprintf (out, "NOT_USED,");
+	      if (p->type & CONST_ASSIGN)
+		fprintf (out, "ASSIGNMENT,");
+	    }
+	}
+
+      if (mode == ASN1_PRINT_ALL)
+	{
+	  fprintf (out, "\n");
+	}
+      else
+	{
+	  switch (type_field (p->type))
+	    {
+	    case ASN1_ETYPE_CONSTANT:
+	    case ASN1_ETYPE_TAG:
+	    case ASN1_ETYPE_SIZE:
+	      break;
+	    default:
+	      fprintf (out, "\n");
+	    }
+	}
+
+      if (p->down)
+	{
+	  p = p->down;
+	  indent += 2;
+	}
+      else if (p == root)
+	{
+	  p = NULL;
+	  break;
+	}
+      else if (p->right)
+	p = p->right;
+      else
+	{
+	  while (1)
+	    {
+	      p = _asn1_find_up (p);
+	      if (p == root)
+		{
+		  p = NULL;
+		  break;
+		}
+	      indent -= 2;
+	      if (p->right)
+		{
+		  p = p->right;
+		  break;
+		}
+	    }
+	}
+    }
+}
+
+
+
+/**
+ * asn1_number_of_elements:
+ * @element: pointer to the root of an ASN1 structure.
+ * @name: the name of a sub-structure of ROOT.
+ * @num: pointer to an integer where the result will be stored
+ *
+ * Counts the number of elements of a sub-structure called NAME with
+ * names equal to "?1","?2", ...
+ *
+ * Returns: %ASN1_SUCCESS if successful, %ASN1_ELEMENT_NOT_FOUND if
+ *   @name is not known, %ASN1_GENERIC_ERROR if pointer @num is %NULL.
+ **/
+int
+asn1_number_of_elements (asn1_node_const element, const char *name, int *num)
+{
+  asn1_node_const node, p;
+
+  if (num == NULL)
+    return ASN1_GENERIC_ERROR;
+
+  *num = 0;
+
+  node = asn1_find_node (element, name);
+  if (node == NULL)
+    return ASN1_ELEMENT_NOT_FOUND;
+
+  p = node->down;
+
+  while (p)
+    {
+      if (p->name[0] == '?')
+	(*num)++;
+      p = p->right;
+    }
+
+  return ASN1_SUCCESS;
+}
+
+
+/**
+ * asn1_find_structure_from_oid:
+ * @definitions: ASN1 definitions
+ * @oidValue: value of the OID to search (e.g. "1.2.3.4").
+ *
+ * Search the structure that is defined just after an OID definition.
+ *
+ * Returns: %NULL when @oidValue not found, otherwise the pointer to a
+ *   constant string that contains the element name defined just after
+ *   the OID.
+ **/
+const char *
+asn1_find_structure_from_oid (asn1_node_const definitions, const char *oidValue)
+{
+  char name[2 * ASN1_MAX_NAME_SIZE + 2];
+  char value[ASN1_MAX_NAME_SIZE];
+  asn1_node p;
+  int len;
+  int result;
+  const char *definitionsName;
+
+  if ((definitions == NULL) || (oidValue == NULL))
+    return NULL;		/* ASN1_ELEMENT_NOT_FOUND; */
+
+  definitionsName = definitions->name;
+
+  /* search the OBJECT_ID into definitions */
+  p = definitions->down;
+  while (p)
+    {
+      if ((type_field (p->type) == ASN1_ETYPE_OBJECT_ID) &&
+	  (p->type & CONST_ASSIGN))
+	{
+          snprintf(name, sizeof(name), "%s.%s", definitionsName, p->name);
+
+	  len = ASN1_MAX_NAME_SIZE;
+	  result = asn1_read_value (definitions, name, value, &len);
+
+	  if ((result == ASN1_SUCCESS) && (!strcmp (oidValue, value)))
+	    {
+	      p = p->right;
+	      if (p == NULL)	/* reach the end of ASN1 definitions */
+		return NULL;	/* ASN1_ELEMENT_NOT_FOUND; */
+
+	      return p->name;
+	    }
+	}
+      p = p->right;
+    }
+
+  return NULL;			/* ASN1_ELEMENT_NOT_FOUND; */
+}
+
+/**
+ * asn1_copy_node:
+ * @dst: Destination asn1 node.
+ * @dst_name: Field name in destination node.
+ * @src: Source asn1 node.
+ * @src_name: Field name in source node.
+ *
+ * Create a deep copy of a asn1_node variable. That
+ * function requires @dst to be expanded using asn1_create_element().
+ *
+ * Returns: Return %ASN1_SUCCESS on success.
+ **/
+int
+asn1_copy_node (asn1_node dst, const char *dst_name,
+		asn1_node_const src, const char *src_name)
+{
+  int result;
+  asn1_node dst_node;
+  void *data = NULL;
+  int size = 0;
+
+  result = asn1_der_coding (src, src_name, NULL, &size, NULL);
+  if (result != ASN1_MEM_ERROR)
+    return result;
+
+  data = malloc (size);
+  if (data == NULL)
+    return ASN1_MEM_ERROR;
+
+  result = asn1_der_coding (src, src_name, data, &size, NULL);
+  if (result != ASN1_SUCCESS)
+    {
+      free (data);
+      return result;
+    }
+
+  dst_node = asn1_find_node (dst, dst_name);
+  if (dst_node == NULL)
+    {
+      free (data);
+      return ASN1_ELEMENT_NOT_FOUND;
+    }
+
+  result = asn1_der_decoding (&dst_node, data, size, NULL);
+
+  free (data);
+
+  return result;
+}
+
+/**
+ * asn1_dup_node:
+ * @src: Source asn1 node.
+ * @src_name: Field name in source node.
+ *
+ * Create a deep copy of a asn1_node variable. This function
+ * will return an exact copy of the provided structure.
+ *
+ * Returns: Return %NULL on failure.
+ **/
+asn1_node
+asn1_dup_node (asn1_node_const src, const char *src_name)
+{
+  return _asn1_copy_structure2(src, src_name);
+}
diff --git a/lib/minitasn1/structure.h b/lib/minitasn1/structure.h
new file mode 100644
index 0000000..f06298f
--- /dev/null
+++ b/lib/minitasn1/structure.h
@@ -0,0 +1,45 @@
+/*
+ * Copyright (C) 2002-2021 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * The LIBTASN1 library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA
+ */
+
+/*************************************************/
+/* File: structure.h                             */
+/* Description: list of exported object by       */
+/*   "structure.c"                               */
+/*************************************************/
+
+#ifndef _STRUCTURE_H
+#define _STRUCTURE_H
+
+#include "parser_aux.h" // list_type
+
+int _asn1_create_static_structure (asn1_node_const pointer,
+				   char *output_file_name, char *vector_name);
+
+asn1_node _asn1_copy_structure3 (asn1_node_const source_node);
+
+asn1_node _asn1_add_single_node (unsigned int type);
+
+asn1_node _asn1_find_left (asn1_node_const node);
+
+int
+_asn1_delete_structure (list_type *e_list, asn1_node *structure, unsigned int flags);
+
+#endif
diff --git a/lib/minitasn1/version.c b/lib/minitasn1/version.c
new file mode 100644
index 0000000..83e69d8
--- /dev/null
+++ b/lib/minitasn1/version.c
@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) 2000-2021 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * The LIBTASN1 library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <string.h>		/* for strverscmp */
+
+#include "libtasn1.h"
+
+/**
+ * asn1_check_version:
+ * @req_version: Required version number, or %NULL.
+ *
+ * Check that the version of the library is at minimum the
+ * requested one and return the version string; return %NULL if the
+ * condition is not satisfied.  If a %NULL is passed to this function,
+ * no check is done, but the version string is simply returned.
+ *
+ * See %ASN1_VERSION for a suitable @req_version string.
+ *
+ * Returns: Version string of run-time library, or %NULL if the
+ *   run-time library does not meet the required version number.
+ */
+const char *
+asn1_check_version (const char *req_version)
+{
+  if (!req_version || strverscmp (req_version, ASN1_VERSION) <= 0)
+    return ASN1_VERSION;
+
+  return NULL;
+}
diff --git a/lib/mpi.c b/lib/mpi.c
new file mode 100644
index 0000000..be6c29d
--- /dev/null
+++ b/lib/mpi.c
@@ -0,0 +1,484 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Here lie everything that has to do with large numbers, libgcrypt and
+ * other stuff that didn't fit anywhere else.
+ */
+
+#include "gnutls_int.h"
+#include <libtasn1.h>
+#include "errors.h"
+#include <num.h>
+#include <mpi.h>
+#include <random.h>
+#include <x509/x509_int.h>
+
+/* Functions that refer to the mpi library.
+ */
+
+/* Returns a random number r, 0 < r < p */
+bigint_t
+_gnutls_mpi_random_modp(bigint_t r, bigint_t p,
+		      gnutls_rnd_level_t level)
+{
+	size_t size;
+	int ret;
+	bigint_t tmp;
+	uint8_t tmpbuf[512];
+	uint8_t *buf;
+	int buf_release = 0;
+	
+	size = ((_gnutls_mpi_get_nbits(p)+64)/8) + 1;
+
+	if (size < sizeof(tmpbuf)) {
+		buf = tmpbuf;
+	} else {
+		buf = gnutls_malloc(size);
+		if (buf == NULL) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		buf_release = 1;
+	}
+
+	ret = gnutls_rnd(level, buf, size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	
+	ret = _gnutls_mpi_init_scan(&tmp, buf, size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	
+	ret = _gnutls_mpi_modm(tmp, tmp, p);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (_gnutls_mpi_cmp_ui(tmp, 0) == 0) {
+		ret = _gnutls_mpi_add_ui(tmp, tmp, 1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	if (buf_release != 0) {
+		gnutls_free(buf);
+	}
+
+	if (r != NULL) {
+		ret = _gnutls_mpi_set(r, tmp);
+		if (ret < 0)
+			goto cleanup;
+
+		_gnutls_mpi_release(&tmp);
+		return r;
+	}
+
+	return tmp;
+
+      cleanup:
+	if (buf_release != 0)
+		gnutls_free(buf);
+	return NULL;
+}
+
+/* returns %GNUTLS_E_SUCCESS (0) on success
+ */
+int _gnutls_mpi_init_scan(bigint_t * ret_mpi, const void *buffer, size_t nbytes)
+{
+bigint_t r;
+int ret;
+
+	ret = _gnutls_mpi_init(&r);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret =
+	    _gnutls_mpi_scan(r, buffer, nbytes);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_mpi_release(&r);
+		return ret;
+	}
+
+	*ret_mpi = r;
+
+	return 0;
+}
+
+/* returns %GNUTLS_E_SUCCESS (0) on success. Fails if the number is zero.
+ */
+int
+_gnutls_mpi_init_scan_nz(bigint_t * ret_mpi, const void *buffer, size_t nbytes)
+{
+	int ret;
+
+	ret = _gnutls_mpi_init_scan(ret_mpi, buffer, nbytes);
+	if (ret < 0)
+		return ret;
+
+	/* MPIs with 0 bits are illegal
+	 */
+	if (_gnutls_mpi_cmp_ui(*ret_mpi, 0) == 0) {
+		_gnutls_mpi_release(ret_mpi);
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	return 0;
+}
+
+int
+_gnutls_mpi_init_scan_le(bigint_t * ret_mpi, const void *buffer, size_t nbytes)
+{
+	bigint_t r;
+	int ret;
+
+	ret = _gnutls_mpi_init(&r);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_mpi_scan_le(r, buffer, nbytes);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_mpi_release(&r);
+		return ret;
+	}
+
+	*ret_mpi = r;
+
+	return 0;
+}
+
+int _gnutls_mpi_dprint_le(const bigint_t a, gnutls_datum_t * dest)
+{
+	int ret;
+	uint8_t *buf = NULL;
+	size_t bytes = 0;
+
+	if (dest == NULL || a == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	_gnutls_mpi_print_le(a, NULL, &bytes);
+	if (bytes != 0)
+		buf = gnutls_malloc(bytes);
+	if (buf == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	ret = _gnutls_mpi_print_le(a, buf, &bytes);
+	if (ret < 0) {
+		gnutls_free(buf);
+		return ret;
+	}
+
+	dest->data = buf;
+	dest->size = bytes;
+	return 0;
+}
+
+/* Always has the first bit zero */
+int _gnutls_mpi_dprint_lz(const bigint_t a, gnutls_datum_t * dest)
+{
+	int ret;
+	uint8_t *buf = NULL;
+	size_t bytes = 0;
+
+	if (dest == NULL || a == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	_gnutls_mpi_print_lz(a, NULL, &bytes);
+
+	if (bytes != 0)
+		buf = gnutls_malloc(bytes);
+	if (buf == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	ret = _gnutls_mpi_print_lz(a, buf, &bytes);
+	if (ret < 0) {
+		gnutls_free(buf);
+		return ret;
+	}
+
+	dest->data = buf;
+	dest->size = bytes;
+	return 0;
+}
+
+int _gnutls_mpi_dprint(const bigint_t a, gnutls_datum_t * dest)
+{
+	int ret;
+	uint8_t *buf = NULL;
+	size_t bytes = 0;
+
+	if (dest == NULL || a == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	_gnutls_mpi_print(a, NULL, &bytes);
+	if (bytes != 0)
+		buf = gnutls_malloc(bytes);
+	if (buf == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	ret = _gnutls_mpi_print(a, buf, &bytes);
+	if (ret < 0) {
+		gnutls_free(buf);
+		return ret;
+	}
+
+	dest->data = buf;
+	dest->size = bytes;
+	return 0;
+}
+
+/* This function will copy the mpi data into a datum,
+ * but will set minimum size to 'size'. That means that
+ * the output value is left padded with zeros.
+ */
+int
+_gnutls_mpi_dprint_size(const bigint_t a, gnutls_datum_t * dest,
+			size_t size)
+{
+	int ret;
+	uint8_t *buf = NULL;
+	size_t bytes = 0;
+	unsigned int i;
+
+	if (dest == NULL || a == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	_gnutls_mpi_print(a, NULL, &bytes);
+	if (bytes != 0)
+		buf = gnutls_malloc(MAX(size, bytes));
+	if (buf == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	if (bytes <= size) {
+		size_t diff = size - bytes;
+		for (i = 0; i < diff; i++)
+			buf[i] = 0;
+		ret = _gnutls_mpi_print(a, &buf[diff], &bytes);
+	} else {
+		ret = _gnutls_mpi_print(a, buf, &bytes);
+	}
+
+	if (ret < 0) {
+		gnutls_free(buf);
+		return ret;
+	}
+
+	dest->data = buf;
+	dest->size = MAX(size, bytes);
+	return 0;
+}
+
+/* like _gnutls_mpi_dprint_size, but prints into preallocated byte buffer */
+int
+_gnutls_mpi_bprint_size(const bigint_t a, uint8_t *buf, size_t size)
+{
+	int result;
+	size_t bytes = 0;
+
+	result = _gnutls_mpi_print(a, NULL, &bytes);
+	if (result != GNUTLS_E_SHORT_MEMORY_BUFFER)
+		return gnutls_assert_val(result);
+
+	if (bytes <= size) {
+		unsigned i;
+		size_t diff = size - bytes;
+
+		for (i = 0; i < diff; i++)
+			buf[i] = 0;
+		result = _gnutls_mpi_print(a, &buf[diff], &bytes);
+	} else {
+		result = _gnutls_mpi_print(a, buf, &bytes);
+	}
+
+	return result;
+}
+
+/* Flags for __gnutls_x509_read_int() and __gnutls_x509_write_int */
+#define GNUTLS_X509_INT_OVERWRITE	(1 << 0)
+#define GNUTLS_X509_INT_LE		(1 << 1)
+#define GNUTLS_X509_INT_LZ		(1 << 2) /* write only */
+
+/* this function reads an integer
+ * from asn1 structs. Combines the read and mpi_scan
+ * steps.
+ */
+static int
+__gnutls_x509_read_int(asn1_node node, const char *value,
+		       bigint_t * ret_mpi, unsigned int flags)
+{
+	int result;
+	uint8_t *tmpstr = NULL;
+	int tmpstr_size;
+
+	tmpstr_size = 0;
+	result = asn1_read_value(node, value, NULL, &tmpstr_size);
+	if (result != ASN1_MEM_ERROR) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	tmpstr = gnutls_malloc(tmpstr_size);
+	if (tmpstr == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	result = asn1_read_value(node, value, tmpstr, &tmpstr_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(tmpstr);
+		return _gnutls_asn2err(result);
+	}
+
+	if (flags & GNUTLS_X509_INT_LE)
+		result = _gnutls_mpi_init_scan_le(ret_mpi, tmpstr,
+						  tmpstr_size);
+	else
+		result = _gnutls_mpi_init_scan(ret_mpi, tmpstr,
+					       tmpstr_size);
+
+	if (flags & GNUTLS_X509_INT_OVERWRITE)
+		zeroize_key(tmpstr, tmpstr_size);
+	gnutls_free(tmpstr);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+int
+_gnutls_x509_read_int(asn1_node node, const char *value,
+		      bigint_t * ret_mpi)
+{
+	return __gnutls_x509_read_int(node, value, ret_mpi,
+				      0);
+}
+
+int
+_gnutls_x509_read_key_int(asn1_node node, const char *value,
+		      bigint_t * ret_mpi)
+{
+	return __gnutls_x509_read_int(node, value, ret_mpi,
+				      GNUTLS_X509_INT_OVERWRITE);
+}
+
+int
+_gnutls_x509_read_key_int_le(asn1_node node, const char *value,
+			     bigint_t * ret_mpi)
+{
+	return __gnutls_x509_read_int(node, value, ret_mpi,
+				      GNUTLS_X509_INT_OVERWRITE |
+				      GNUTLS_X509_INT_LE);
+}
+
+/* Writes the specified integer into the specified node.
+ */
+static int
+__gnutls_x509_write_int(asn1_node node, const char *value, bigint_t mpi,
+			unsigned int flags)
+{
+	uint8_t *tmpstr;
+	size_t s_len;
+	int result;
+
+	s_len = 0;
+	if (flags & GNUTLS_X509_INT_LZ)
+		result = _gnutls_mpi_print_lz(mpi, NULL, &s_len);
+	else if (GNUTLS_X509_INT_LE)
+		result = _gnutls_mpi_print_le(mpi, NULL, &s_len);
+	else
+		result = _gnutls_mpi_print(mpi, NULL, &s_len);
+
+	if (result != GNUTLS_E_SHORT_MEMORY_BUFFER) {
+		gnutls_assert();
+		return result;
+	}
+
+	tmpstr = gnutls_malloc(s_len);
+	if (tmpstr == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	if (flags & GNUTLS_X509_INT_LZ)
+		result = _gnutls_mpi_print_lz(mpi, tmpstr, &s_len);
+	else if (GNUTLS_X509_INT_LE)
+		result = _gnutls_mpi_print_le(mpi, tmpstr, &s_len);
+	else
+		result = _gnutls_mpi_print(mpi, tmpstr, &s_len);
+
+	if (result != 0) {
+		gnutls_assert();
+		gnutls_free(tmpstr);
+		return GNUTLS_E_MPI_PRINT_FAILED;
+	}
+
+	result = asn1_write_value(node, value, tmpstr, s_len);
+
+	if (flags & GNUTLS_X509_INT_OVERWRITE)
+		zeroize_key(tmpstr, s_len);
+
+	gnutls_free(tmpstr);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+int
+_gnutls_x509_write_int(asn1_node node, const char *value, bigint_t mpi,
+		       int lz)
+{
+	return __gnutls_x509_write_int(node, value, mpi,
+				       lz ? GNUTLS_X509_INT_LZ : 0);
+}
+
+int
+_gnutls_x509_write_key_int(asn1_node node, const char *value, bigint_t mpi,
+		       int lz)
+{
+	return __gnutls_x509_write_int(node, value, mpi,
+				       (lz ? GNUTLS_X509_INT_LZ : 0) |
+				       GNUTLS_X509_INT_OVERWRITE);
+}
+
+int
+_gnutls_x509_write_key_int_le(asn1_node node, const char *value, bigint_t mpi)
+{
+	return __gnutls_x509_write_int(node, value, mpi,
+				       GNUTLS_X509_INT_OVERWRITE |
+				       GNUTLS_X509_INT_LE);
+}
diff --git a/lib/mpi.h b/lib/mpi.h
new file mode 100644
index 0000000..a625094
--- /dev/null
+++ b/lib/mpi.h
@@ -0,0 +1,93 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_MPI_H
+#define GNUTLS_LIB_MPI_H
+
+#include "gnutls_int.h"
+
+#include <crypto-backend.h>
+
+extern int crypto_bigint_prio;
+extern gnutls_crypto_bigint_st _gnutls_mpi_ops;
+
+bigint_t _gnutls_mpi_random_modp(bigint_t, bigint_t p,
+			       gnutls_rnd_level_t level);
+
+#define _gnutls_mpi_init _gnutls_mpi_ops.bigint_init
+#define _gnutls_mpi_init_multi _gnutls_mpi_ops.bigint_init_multi
+#define _gnutls_mpi_clear _gnutls_mpi_ops.bigint_clear
+#define _gnutls_mpi_cmp _gnutls_mpi_ops.bigint_cmp
+#define _gnutls_mpi_cmp_ui _gnutls_mpi_ops.bigint_cmp_ui
+#define _gnutls_mpi_mod _gnutls_mpi_ops.bigint_mod
+#define _gnutls_mpi_modm _gnutls_mpi_ops.bigint_modm
+#define _gnutls_mpi_set _gnutls_mpi_ops.bigint_set
+#define _gnutls_mpi_set_ui _gnutls_mpi_ops.bigint_set_ui
+#define _gnutls_mpi_get_nbits _gnutls_mpi_ops.bigint_get_nbits
+#define _gnutls_mpi_powm _gnutls_mpi_ops.bigint_powm
+#define _gnutls_mpi_addm _gnutls_mpi_ops.bigint_addm
+#define _gnutls_mpi_subm _gnutls_mpi_ops.bigint_subm
+#define _gnutls_mpi_mulm _gnutls_mpi_ops.bigint_mulm
+#define _gnutls_mpi_add _gnutls_mpi_ops.bigint_add
+#define _gnutls_mpi_sub _gnutls_mpi_ops.bigint_sub
+#define _gnutls_mpi_mul _gnutls_mpi_ops.bigint_mul
+#define _gnutls_mpi_div _gnutls_mpi_ops.bigint_div
+#define _gnutls_mpi_add_ui _gnutls_mpi_ops.bigint_add_ui
+#define _gnutls_mpi_sub_ui _gnutls_mpi_ops.bigint_sub_ui
+#define _gnutls_mpi_mul_ui _gnutls_mpi_ops.bigint_mul_ui
+#define _gnutls_prime_check _gnutls_mpi_ops.bigint_prime_check
+#define _gnutls_mpi_print(x,y,z) _gnutls_mpi_ops.bigint_print(x,y,z,GNUTLS_MPI_FORMAT_USG)
+#define _gnutls_mpi_print_lz(x,y,z) _gnutls_mpi_ops.bigint_print(x,y,z,GNUTLS_MPI_FORMAT_STD)
+#define _gnutls_mpi_print_le(x,y,z) _gnutls_mpi_ops.bigint_print(x,y,z,GNUTLS_MPI_FORMAT_ULE)
+#define _gnutls_mpi_copy _gnutls_mpi_ops.bigint_copy
+#define _gnutls_mpi_scan(r, b, s) _gnutls_mpi_ops.bigint_scan(r, b, s, GNUTLS_MPI_FORMAT_USG)
+#define _gnutls_mpi_scan_le(r, b, s) _gnutls_mpi_ops.bigint_scan(r, b, s, GNUTLS_MPI_FORMAT_ULE)
+
+inline static
+void _gnutls_mpi_release(bigint_t * x)
+{
+	if (*x == NULL)
+		return;
+
+	_gnutls_mpi_ops.bigint_release(*x);
+	*x = NULL;
+}
+
+int _gnutls_mpi_init_scan(bigint_t * ret_mpi, const void *buffer,
+		     size_t nbytes);
+int _gnutls_mpi_init_scan_nz(bigint_t * ret_mpi, const void *buffer,
+			size_t nbytes);
+int _gnutls_mpi_init_scan_le(bigint_t * ret_mpi, const void *buffer,
+			     size_t nbytes);
+
+int _gnutls_mpi_dprint_le(const bigint_t a, gnutls_datum_t * dest);
+int _gnutls_mpi_dprint_lz(const bigint_t a, gnutls_datum_t * dest);
+int _gnutls_mpi_dprint(const bigint_t a, gnutls_datum_t * dest);
+int _gnutls_mpi_dprint_size(const bigint_t a, gnutls_datum_t * dest,
+			    size_t size);
+int _gnutls_mpi_bprint_size(const bigint_t a, uint8_t *buf, size_t size);
+
+typedef int (*mpi_dprint_func)(const bigint_t a, gnutls_datum_t * dest);
+
+#define _gnutls_mpi_generate_group( gg, bits) _gnutls_mpi_ops.bigint_generate_group( gg, bits)
+
+#endif /* GNUTLS_LIB_MPI_H */
diff --git a/lib/name_val_array.h b/lib/name_val_array.h
new file mode 100644
index 0000000..41e4df9
--- /dev/null
+++ b/lib/name_val_array.h
@@ -0,0 +1,125 @@
+/*
+ * Copyright (C) 2011-2019 Free Software Foundation, Inc.
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_NAME_VAL_ARRAY_H
+#define GNUTLS_NAME_VAL_ARRAY_H
+
+#include "gnutls_int.h"
+#include "errors.h"
+
+/* Functionality to allow an array of strings. Strings
+ * are allowed to be added to the list and matched against it.
+ */
+
+typedef struct name_val_array_st {
+	char *name;
+	unsigned name_size;
+	char *val;
+	struct name_val_array_st *next;
+} *name_val_array_t;
+
+inline static void _name_val_array_clear(name_val_array_t * head)
+{
+	name_val_array_t prev, array = *head;
+
+	while (array != NULL) {
+		prev = array;
+		array = prev->next;
+		gnutls_free(prev);
+	}
+	*head = NULL;
+}
+
+inline static const char *_name_val_array_value(name_val_array_t head,
+					        const char *name, unsigned name_size)
+{
+	name_val_array_t array = head;
+
+	while (array != NULL) {
+		if (array->name_size == name_size &&
+		    memcmp(array->name, name, name_size) == 0) {
+			return array->val;
+		}
+		array = array->next;
+	}
+
+	return NULL;
+}
+
+inline static void append(name_val_array_t array, const char *name,
+			  unsigned name_len, const char *val,
+			  unsigned val_len)
+{
+	array->name = ((char *) array) + sizeof(struct name_val_array_st);
+	memcpy(array->name, name, name_len);
+	array->name[name_len] = 0;
+	array->name_size = name_len;
+
+	array->val = ((char *) array) + name_len + 1 + sizeof(struct name_val_array_st);
+	if (val)
+		memcpy(array->val, val, val_len);
+	array->val[val_len] = 0;
+
+	array->next = NULL;
+}
+
+inline static int _name_val_array_append(name_val_array_t * head,
+					 const char *name,
+					 const char *val)
+{
+	name_val_array_t prev, array;
+	unsigned name_len = strlen(name);
+	unsigned val_len = (val==NULL)?0:strlen(val);
+
+	if (*head == NULL) {
+		*head =
+		    gnutls_malloc(val_len + name_len + 2 +
+				  sizeof(struct name_val_array_st));
+		if (*head == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		array = *head;
+		append(array, name, name_len, val, val_len);
+	} else {
+		array = *head;
+		prev = array;
+
+		while (array != NULL) {
+			prev = array;
+			array = prev->next;
+		}
+		prev->next =
+		    gnutls_malloc(name_len + val_len + 2 +
+				  sizeof(struct name_val_array_st));
+		array = prev->next;
+
+		if (array == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		append(array, name, name_len, val, val_len);
+	}
+
+	return 0;
+}
+
+#endif
diff --git a/lib/nettle/Makefile.am b/lib/nettle/Makefile.am
new file mode 100644
index 0000000..bea7c7e
--- /dev/null
+++ b/lib/nettle/Makefile.am
@@ -0,0 +1,97 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2004-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavroyanopoulos
+#
+# This file is part of GNUTLS.
+#
+# The GNUTLS library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GNUTLS library is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+include $(top_srcdir)/lib/common.mk
+
+AM_CFLAGS += $(HOGWEED_CFLAGS) $(GMP_CFLAGS)
+
+AM_CPPFLAGS = \
+	-I$(srcdir)/int		\
+	-I$(srcdir)/backport		\
+	-I$(srcdir)/../../gl		\
+	-I$(builddir)/../../gl		\
+	-I$(srcdir)/../includes		\
+	-I$(builddir)/../includes	\
+	-I$(builddir)/../../gl          \
+	-I$(srcdir)/..
+
+if ENABLE_MINITASN1
+AM_CPPFLAGS += -I$(srcdir)/../minitasn1
+endif
+
+noinst_LTLIBRARIES = libcrypto.la
+
+libcrypto_la_SOURCES = pk.c mpi.c mac.c cipher.c init.c \
+	gnettle.h rnd-common.h prf.c \
+	rnd.c int/rsa-fips.h int/rsa-keygen-fips186.c int/provable-prime.c \
+	int/dsa-fips.h int/dsa-keygen-fips186.c int/dsa-validate.c \
+	int/tls1-prf.c int/tls1-prf.h \
+	int/dsa-compute-k.c int/dsa-compute-k.h \
+	int/ecdsa-compute-k.c int/ecdsa-compute-k.h \
+	int/mpn-base256.c int/mpn-base256.h \
+	int/block8.h backport/block-internal.h \
+	int/rsa-pad.c
+
+if WINDOWS
+if HAVE_BCRYPT
+libcrypto_la_SOURCES += sysrng-bcrypt.c
+else
+libcrypto_la_SOURCES += sysrng-windows.c
+endif
+else
+if HAVE_GETENTROPY
+libcrypto_la_SOURCES += sysrng-getentropy.c
+else
+if HAVE_KERN_ARND
+libcrypto_la_SOURCES += sysrng-netbsd.c
+else
+libcrypto_la_SOURCES += sysrng-linux.c
+endif
+endif
+endif
+
+libcrypto_la_SOURCES += rnd-fuzzer.c
+
+if ENABLE_FIPS140
+libcrypto_la_SOURCES += rnd-fips.c int/drbg-aes-self-test.c \
+	int/drbg-aes.c int/drbg-aes.h
+endif
+
+if ENABLE_GOST
+libcrypto_la_SOURCES += \
+	gost/nettle-write.h gost/write-le32.c \
+	gost/gost28147.c gost/gost28147.h gost/gost-wrap.c \
+	gost/streebog.c gost/streebog.h gost/streebog-meta.c \
+	gost/hmac-streebog.c gost/hmac-gost.h
+
+libcrypto_la_SOURCES += \
+	gost/bignum-le.c gost/bignum-le.h
+
+libcrypto_la_SOURCES += \
+	gost/gostdsa-mask.c gost/gostdsa2.h
+
+libcrypto_la_SOURCES += gost_keywrap.c
+
+libcrypto_la_SOURCES += \
+	gost/magma.c gost/magma.h \
+	gost/kuznyechik.c gost/kuznyechik.h gost/kuztable.h \
+	gost/acpkm.c gost/acpkm.h \
+	gost/cmac.h gost/cmac-magma.c gost/cmac-kuznyechik.c
+endif
diff --git a/lib/nettle/Makefile.in b/lib/nettle/Makefile.in
new file mode 100644
index 0000000..5fd1486
--- /dev/null
+++ b/lib/nettle/Makefile.in
@@ -0,0 +1,2653 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2004-2012 Free Software Foundation, Inc.
+#
+# Author: Nikos Mavroyanopoulos
+#
+# This file is part of GNUTLS.
+#
+# The GNUTLS library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# The GNUTLS library is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@ENABLE_MINITASN1_TRUE@am__append_1 = -I$(srcdir)/../minitasn1
+@HAVE_BCRYPT_TRUE@@WINDOWS_TRUE@am__append_2 = sysrng-bcrypt.c
+@HAVE_BCRYPT_FALSE@@WINDOWS_TRUE@am__append_3 = sysrng-windows.c
+@HAVE_GETENTROPY_TRUE@@WINDOWS_FALSE@am__append_4 = sysrng-getentropy.c
+@HAVE_GETENTROPY_FALSE@@HAVE_KERN_ARND_TRUE@@WINDOWS_FALSE@am__append_5 = sysrng-netbsd.c
+@HAVE_GETENTROPY_FALSE@@HAVE_KERN_ARND_FALSE@@WINDOWS_FALSE@am__append_6 = sysrng-linux.c
+@ENABLE_FIPS140_TRUE@am__append_7 = rnd-fips.c int/drbg-aes-self-test.c \
+@ENABLE_FIPS140_TRUE@	int/drbg-aes.c int/drbg-aes.h
+
+@ENABLE_GOST_TRUE@am__append_8 = gost/nettle-write.h gost/write-le32.c \
+@ENABLE_GOST_TRUE@	gost/gost28147.c gost/gost28147.h \
+@ENABLE_GOST_TRUE@	gost/gost-wrap.c gost/streebog.c \
+@ENABLE_GOST_TRUE@	gost/streebog.h gost/streebog-meta.c \
+@ENABLE_GOST_TRUE@	gost/hmac-streebog.c gost/hmac-gost.h \
+@ENABLE_GOST_TRUE@	gost/bignum-le.c gost/bignum-le.h \
+@ENABLE_GOST_TRUE@	gost/gostdsa-mask.c gost/gostdsa2.h \
+@ENABLE_GOST_TRUE@	gost_keywrap.c gost/magma.c gost/magma.h \
+@ENABLE_GOST_TRUE@	gost/kuznyechik.c gost/kuznyechik.h \
+@ENABLE_GOST_TRUE@	gost/kuztable.h gost/acpkm.c gost/acpkm.h \
+@ENABLE_GOST_TRUE@	gost/cmac.h gost/cmac-magma.c \
+@ENABLE_GOST_TRUE@	gost/cmac-kuznyechik.c
+subdir = lib/nettle
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+LTLIBRARIES = $(noinst_LTLIBRARIES)
+libcrypto_la_LIBADD =
+am__libcrypto_la_SOURCES_DIST = pk.c mpi.c mac.c cipher.c init.c \
+	gnettle.h rnd-common.h prf.c rnd.c int/rsa-fips.h \
+	int/rsa-keygen-fips186.c int/provable-prime.c int/dsa-fips.h \
+	int/dsa-keygen-fips186.c int/dsa-validate.c int/tls1-prf.c \
+	int/tls1-prf.h int/dsa-compute-k.c int/dsa-compute-k.h \
+	int/ecdsa-compute-k.c int/ecdsa-compute-k.h int/mpn-base256.c \
+	int/mpn-base256.h int/block8.h backport/block-internal.h \
+	int/rsa-pad.c sysrng-bcrypt.c sysrng-windows.c \
+	sysrng-getentropy.c sysrng-netbsd.c sysrng-linux.c \
+	rnd-fuzzer.c rnd-fips.c int/drbg-aes-self-test.c \
+	int/drbg-aes.c int/drbg-aes.h gost/nettle-write.h \
+	gost/write-le32.c gost/gost28147.c gost/gost28147.h \
+	gost/gost-wrap.c gost/streebog.c gost/streebog.h \
+	gost/streebog-meta.c gost/hmac-streebog.c gost/hmac-gost.h \
+	gost/bignum-le.c gost/bignum-le.h gost/gostdsa-mask.c \
+	gost/gostdsa2.h gost_keywrap.c gost/magma.c gost/magma.h \
+	gost/kuznyechik.c gost/kuznyechik.h gost/kuztable.h \
+	gost/acpkm.c gost/acpkm.h gost/cmac.h gost/cmac-magma.c \
+	gost/cmac-kuznyechik.c
+am__dirstamp = $(am__leading_dot)dirstamp
+@HAVE_BCRYPT_TRUE@@WINDOWS_TRUE@am__objects_1 = sysrng-bcrypt.lo
+@HAVE_BCRYPT_FALSE@@WINDOWS_TRUE@am__objects_2 = sysrng-windows.lo
+@HAVE_GETENTROPY_TRUE@@WINDOWS_FALSE@am__objects_3 =  \
+@HAVE_GETENTROPY_TRUE@@WINDOWS_FALSE@	sysrng-getentropy.lo
+@HAVE_GETENTROPY_FALSE@@HAVE_KERN_ARND_TRUE@@WINDOWS_FALSE@am__objects_4 = sysrng-netbsd.lo
+@HAVE_GETENTROPY_FALSE@@HAVE_KERN_ARND_FALSE@@WINDOWS_FALSE@am__objects_5 = sysrng-linux.lo
+@ENABLE_FIPS140_TRUE@am__objects_6 = rnd-fips.lo \
+@ENABLE_FIPS140_TRUE@	int/drbg-aes-self-test.lo int/drbg-aes.lo
+@ENABLE_GOST_TRUE@am__objects_7 = gost/write-le32.lo gost/gost28147.lo \
+@ENABLE_GOST_TRUE@	gost/gost-wrap.lo gost/streebog.lo \
+@ENABLE_GOST_TRUE@	gost/streebog-meta.lo gost/hmac-streebog.lo \
+@ENABLE_GOST_TRUE@	gost/bignum-le.lo gost/gostdsa-mask.lo \
+@ENABLE_GOST_TRUE@	gost_keywrap.lo gost/magma.lo \
+@ENABLE_GOST_TRUE@	gost/kuznyechik.lo gost/acpkm.lo \
+@ENABLE_GOST_TRUE@	gost/cmac-magma.lo gost/cmac-kuznyechik.lo
+am_libcrypto_la_OBJECTS = pk.lo mpi.lo mac.lo cipher.lo init.lo prf.lo \
+	rnd.lo int/rsa-keygen-fips186.lo int/provable-prime.lo \
+	int/dsa-keygen-fips186.lo int/dsa-validate.lo int/tls1-prf.lo \
+	int/dsa-compute-k.lo int/ecdsa-compute-k.lo int/mpn-base256.lo \
+	int/rsa-pad.lo $(am__objects_1) $(am__objects_2) \
+	$(am__objects_3) $(am__objects_4) $(am__objects_5) \
+	rnd-fuzzer.lo $(am__objects_6) $(am__objects_7)
+libcrypto_la_OBJECTS = $(am_libcrypto_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/cipher.Plo \
+	./$(DEPDIR)/gost_keywrap.Plo ./$(DEPDIR)/init.Plo \
+	./$(DEPDIR)/mac.Plo ./$(DEPDIR)/mpi.Plo ./$(DEPDIR)/pk.Plo \
+	./$(DEPDIR)/prf.Plo ./$(DEPDIR)/rnd-fips.Plo \
+	./$(DEPDIR)/rnd-fuzzer.Plo ./$(DEPDIR)/rnd.Plo \
+	./$(DEPDIR)/sysrng-bcrypt.Plo \
+	./$(DEPDIR)/sysrng-getentropy.Plo ./$(DEPDIR)/sysrng-linux.Plo \
+	./$(DEPDIR)/sysrng-netbsd.Plo ./$(DEPDIR)/sysrng-windows.Plo \
+	gost/$(DEPDIR)/acpkm.Plo gost/$(DEPDIR)/bignum-le.Plo \
+	gost/$(DEPDIR)/cmac-kuznyechik.Plo \
+	gost/$(DEPDIR)/cmac-magma.Plo gost/$(DEPDIR)/gost-wrap.Plo \
+	gost/$(DEPDIR)/gost28147.Plo gost/$(DEPDIR)/gostdsa-mask.Plo \
+	gost/$(DEPDIR)/hmac-streebog.Plo gost/$(DEPDIR)/kuznyechik.Plo \
+	gost/$(DEPDIR)/magma.Plo gost/$(DEPDIR)/streebog-meta.Plo \
+	gost/$(DEPDIR)/streebog.Plo gost/$(DEPDIR)/write-le32.Plo \
+	int/$(DEPDIR)/drbg-aes-self-test.Plo \
+	int/$(DEPDIR)/drbg-aes.Plo int/$(DEPDIR)/dsa-compute-k.Plo \
+	int/$(DEPDIR)/dsa-keygen-fips186.Plo \
+	int/$(DEPDIR)/dsa-validate.Plo \
+	int/$(DEPDIR)/ecdsa-compute-k.Plo \
+	int/$(DEPDIR)/mpn-base256.Plo int/$(DEPDIR)/provable-prime.Plo \
+	int/$(DEPDIR)/rsa-keygen-fips186.Plo int/$(DEPDIR)/rsa-pad.Plo \
+	int/$(DEPDIR)/tls1-prf.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+SOURCES = $(libcrypto_la_SOURCES)
+DIST_SOURCES = $(am__libcrypto_la_SOURCES_DIST)
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in \
+	$(top_srcdir)/build-aux/depcomp $(top_srcdir)/lib/common.mk
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = @GPERF@
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+AM_CFLAGS = $(WERROR_CFLAGS) $(WSTACK_CFLAGS) $(WARN_CFLAGS) \
+	$(NETTLE_CFLAGS) $(LIBTASN1_CFLAGS) $(LIBIDN2_CFLAGS) \
+	$(P11_KIT_CFLAGS) $(LIBZSTD_CFLAGS) $(CODE_COVERAGE_CFLAGS) \
+	$(HOGWEED_CFLAGS) $(GMP_CFLAGS)
+COMMON_LINK_FLAGS = $(CODE_COVERAGE_LDFLAGS)
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
+AM_CPPFLAGS = -I$(srcdir)/int -I$(srcdir)/backport \
+	-I$(srcdir)/../../gl -I$(builddir)/../../gl \
+	-I$(srcdir)/../includes -I$(builddir)/../includes \
+	-I$(builddir)/../../gl -I$(srcdir)/.. $(am__append_1)
+noinst_LTLIBRARIES = libcrypto.la
+libcrypto_la_SOURCES = pk.c mpi.c mac.c cipher.c init.c gnettle.h \
+	rnd-common.h prf.c rnd.c int/rsa-fips.h \
+	int/rsa-keygen-fips186.c int/provable-prime.c int/dsa-fips.h \
+	int/dsa-keygen-fips186.c int/dsa-validate.c int/tls1-prf.c \
+	int/tls1-prf.h int/dsa-compute-k.c int/dsa-compute-k.h \
+	int/ecdsa-compute-k.c int/ecdsa-compute-k.h int/mpn-base256.c \
+	int/mpn-base256.h int/block8.h backport/block-internal.h \
+	int/rsa-pad.c $(am__append_2) $(am__append_3) $(am__append_4) \
+	$(am__append_5) $(am__append_6) rnd-fuzzer.c $(am__append_7) \
+	$(am__append_8)
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/lib/common.mk $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/nettle/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign lib/nettle/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+$(top_srcdir)/lib/common.mk $(am__empty):
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+	-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+	@list='$(noinst_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+int/$(am__dirstamp):
+	@$(MKDIR_P) int
+	@: > int/$(am__dirstamp)
+int/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) int/$(DEPDIR)
+	@: > int/$(DEPDIR)/$(am__dirstamp)
+int/rsa-keygen-fips186.lo: int/$(am__dirstamp) \
+	int/$(DEPDIR)/$(am__dirstamp)
+int/provable-prime.lo: int/$(am__dirstamp) \
+	int/$(DEPDIR)/$(am__dirstamp)
+int/dsa-keygen-fips186.lo: int/$(am__dirstamp) \
+	int/$(DEPDIR)/$(am__dirstamp)
+int/dsa-validate.lo: int/$(am__dirstamp) int/$(DEPDIR)/$(am__dirstamp)
+int/tls1-prf.lo: int/$(am__dirstamp) int/$(DEPDIR)/$(am__dirstamp)
+int/dsa-compute-k.lo: int/$(am__dirstamp) \
+	int/$(DEPDIR)/$(am__dirstamp)
+int/ecdsa-compute-k.lo: int/$(am__dirstamp) \
+	int/$(DEPDIR)/$(am__dirstamp)
+int/mpn-base256.lo: int/$(am__dirstamp) int/$(DEPDIR)/$(am__dirstamp)
+int/rsa-pad.lo: int/$(am__dirstamp) int/$(DEPDIR)/$(am__dirstamp)
+int/drbg-aes-self-test.lo: int/$(am__dirstamp) \
+	int/$(DEPDIR)/$(am__dirstamp)
+int/drbg-aes.lo: int/$(am__dirstamp) int/$(DEPDIR)/$(am__dirstamp)
+gost/$(am__dirstamp):
+	@$(MKDIR_P) gost
+	@: > gost/$(am__dirstamp)
+gost/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) gost/$(DEPDIR)
+	@: > gost/$(DEPDIR)/$(am__dirstamp)
+gost/write-le32.lo: gost/$(am__dirstamp) \
+	gost/$(DEPDIR)/$(am__dirstamp)
+gost/gost28147.lo: gost/$(am__dirstamp) gost/$(DEPDIR)/$(am__dirstamp)
+gost/gost-wrap.lo: gost/$(am__dirstamp) gost/$(DEPDIR)/$(am__dirstamp)
+gost/streebog.lo: gost/$(am__dirstamp) gost/$(DEPDIR)/$(am__dirstamp)
+gost/streebog-meta.lo: gost/$(am__dirstamp) \
+	gost/$(DEPDIR)/$(am__dirstamp)
+gost/hmac-streebog.lo: gost/$(am__dirstamp) \
+	gost/$(DEPDIR)/$(am__dirstamp)
+gost/bignum-le.lo: gost/$(am__dirstamp) gost/$(DEPDIR)/$(am__dirstamp)
+gost/gostdsa-mask.lo: gost/$(am__dirstamp) \
+	gost/$(DEPDIR)/$(am__dirstamp)
+gost/magma.lo: gost/$(am__dirstamp) gost/$(DEPDIR)/$(am__dirstamp)
+gost/kuznyechik.lo: gost/$(am__dirstamp) \
+	gost/$(DEPDIR)/$(am__dirstamp)
+gost/acpkm.lo: gost/$(am__dirstamp) gost/$(DEPDIR)/$(am__dirstamp)
+gost/cmac-magma.lo: gost/$(am__dirstamp) \
+	gost/$(DEPDIR)/$(am__dirstamp)
+gost/cmac-kuznyechik.lo: gost/$(am__dirstamp) \
+	gost/$(DEPDIR)/$(am__dirstamp)
+
+libcrypto.la: $(libcrypto_la_OBJECTS) $(libcrypto_la_DEPENDENCIES) $(EXTRA_libcrypto_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(LINK)  $(libcrypto_la_OBJECTS) $(libcrypto_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+	-rm -f gost/*.$(OBJEXT)
+	-rm -f gost/*.lo
+	-rm -f int/*.$(OBJEXT)
+	-rm -f int/*.lo
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cipher.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gost_keywrap.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/init.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mac.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mpi.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pk.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/prf.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rnd-fips.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rnd-fuzzer.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rnd.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sysrng-bcrypt.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sysrng-getentropy.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sysrng-linux.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sysrng-netbsd.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sysrng-windows.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@gost/$(DEPDIR)/acpkm.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@gost/$(DEPDIR)/bignum-le.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@gost/$(DEPDIR)/cmac-kuznyechik.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@gost/$(DEPDIR)/cmac-magma.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@gost/$(DEPDIR)/gost-wrap.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@gost/$(DEPDIR)/gost28147.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@gost/$(DEPDIR)/gostdsa-mask.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@gost/$(DEPDIR)/hmac-streebog.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@gost/$(DEPDIR)/kuznyechik.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@gost/$(DEPDIR)/magma.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@gost/$(DEPDIR)/streebog-meta.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@gost/$(DEPDIR)/streebog.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@gost/$(DEPDIR)/write-le32.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@int/$(DEPDIR)/drbg-aes-self-test.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@int/$(DEPDIR)/drbg-aes.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@int/$(DEPDIR)/dsa-compute-k.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@int/$(DEPDIR)/dsa-keygen-fips186.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@int/$(DEPDIR)/dsa-validate.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@int/$(DEPDIR)/ecdsa-compute-k.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@int/$(DEPDIR)/mpn-base256.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@int/$(DEPDIR)/provable-prime.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@int/$(DEPDIR)/rsa-keygen-fips186.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@int/$(DEPDIR)/rsa-pad.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@int/$(DEPDIR)/tls1-prf.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+	-rm -rf gost/.libs gost/_libs
+	-rm -rf int/.libs int/_libs
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+	-rm -f gost/$(DEPDIR)/$(am__dirstamp)
+	-rm -f gost/$(am__dirstamp)
+	-rm -f int/$(DEPDIR)/$(am__dirstamp)
+	-rm -f int/$(am__dirstamp)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	mostlyclean-am
+
+distclean: distclean-am
+		-rm -f ./$(DEPDIR)/cipher.Plo
+	-rm -f ./$(DEPDIR)/gost_keywrap.Plo
+	-rm -f ./$(DEPDIR)/init.Plo
+	-rm -f ./$(DEPDIR)/mac.Plo
+	-rm -f ./$(DEPDIR)/mpi.Plo
+	-rm -f ./$(DEPDIR)/pk.Plo
+	-rm -f ./$(DEPDIR)/prf.Plo
+	-rm -f ./$(DEPDIR)/rnd-fips.Plo
+	-rm -f ./$(DEPDIR)/rnd-fuzzer.Plo
+	-rm -f ./$(DEPDIR)/rnd.Plo
+	-rm -f ./$(DEPDIR)/sysrng-bcrypt.Plo
+	-rm -f ./$(DEPDIR)/sysrng-getentropy.Plo
+	-rm -f ./$(DEPDIR)/sysrng-linux.Plo
+	-rm -f ./$(DEPDIR)/sysrng-netbsd.Plo
+	-rm -f ./$(DEPDIR)/sysrng-windows.Plo
+	-rm -f gost/$(DEPDIR)/acpkm.Plo
+	-rm -f gost/$(DEPDIR)/bignum-le.Plo
+	-rm -f gost/$(DEPDIR)/cmac-kuznyechik.Plo
+	-rm -f gost/$(DEPDIR)/cmac-magma.Plo
+	-rm -f gost/$(DEPDIR)/gost-wrap.Plo
+	-rm -f gost/$(DEPDIR)/gost28147.Plo
+	-rm -f gost/$(DEPDIR)/gostdsa-mask.Plo
+	-rm -f gost/$(DEPDIR)/hmac-streebog.Plo
+	-rm -f gost/$(DEPDIR)/kuznyechik.Plo
+	-rm -f gost/$(DEPDIR)/magma.Plo
+	-rm -f gost/$(DEPDIR)/streebog-meta.Plo
+	-rm -f gost/$(DEPDIR)/streebog.Plo
+	-rm -f gost/$(DEPDIR)/write-le32.Plo
+	-rm -f int/$(DEPDIR)/drbg-aes-self-test.Plo
+	-rm -f int/$(DEPDIR)/drbg-aes.Plo
+	-rm -f int/$(DEPDIR)/dsa-compute-k.Plo
+	-rm -f int/$(DEPDIR)/dsa-keygen-fips186.Plo
+	-rm -f int/$(DEPDIR)/dsa-validate.Plo
+	-rm -f int/$(DEPDIR)/ecdsa-compute-k.Plo
+	-rm -f int/$(DEPDIR)/mpn-base256.Plo
+	-rm -f int/$(DEPDIR)/provable-prime.Plo
+	-rm -f int/$(DEPDIR)/rsa-keygen-fips186.Plo
+	-rm -f int/$(DEPDIR)/rsa-pad.Plo
+	-rm -f int/$(DEPDIR)/tls1-prf.Plo
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+		-rm -f ./$(DEPDIR)/cipher.Plo
+	-rm -f ./$(DEPDIR)/gost_keywrap.Plo
+	-rm -f ./$(DEPDIR)/init.Plo
+	-rm -f ./$(DEPDIR)/mac.Plo
+	-rm -f ./$(DEPDIR)/mpi.Plo
+	-rm -f ./$(DEPDIR)/pk.Plo
+	-rm -f ./$(DEPDIR)/prf.Plo
+	-rm -f ./$(DEPDIR)/rnd-fips.Plo
+	-rm -f ./$(DEPDIR)/rnd-fuzzer.Plo
+	-rm -f ./$(DEPDIR)/rnd.Plo
+	-rm -f ./$(DEPDIR)/sysrng-bcrypt.Plo
+	-rm -f ./$(DEPDIR)/sysrng-getentropy.Plo
+	-rm -f ./$(DEPDIR)/sysrng-linux.Plo
+	-rm -f ./$(DEPDIR)/sysrng-netbsd.Plo
+	-rm -f ./$(DEPDIR)/sysrng-windows.Plo
+	-rm -f gost/$(DEPDIR)/acpkm.Plo
+	-rm -f gost/$(DEPDIR)/bignum-le.Plo
+	-rm -f gost/$(DEPDIR)/cmac-kuznyechik.Plo
+	-rm -f gost/$(DEPDIR)/cmac-magma.Plo
+	-rm -f gost/$(DEPDIR)/gost-wrap.Plo
+	-rm -f gost/$(DEPDIR)/gost28147.Plo
+	-rm -f gost/$(DEPDIR)/gostdsa-mask.Plo
+	-rm -f gost/$(DEPDIR)/hmac-streebog.Plo
+	-rm -f gost/$(DEPDIR)/kuznyechik.Plo
+	-rm -f gost/$(DEPDIR)/magma.Plo
+	-rm -f gost/$(DEPDIR)/streebog-meta.Plo
+	-rm -f gost/$(DEPDIR)/streebog.Plo
+	-rm -f gost/$(DEPDIR)/write-le32.Plo
+	-rm -f int/$(DEPDIR)/drbg-aes-self-test.Plo
+	-rm -f int/$(DEPDIR)/drbg-aes.Plo
+	-rm -f int/$(DEPDIR)/dsa-compute-k.Plo
+	-rm -f int/$(DEPDIR)/dsa-keygen-fips186.Plo
+	-rm -f int/$(DEPDIR)/dsa-validate.Plo
+	-rm -f int/$(DEPDIR)/ecdsa-compute-k.Plo
+	-rm -f int/$(DEPDIR)/mpn-base256.Plo
+	-rm -f int/$(DEPDIR)/provable-prime.Plo
+	-rm -f int/$(DEPDIR)/rsa-keygen-fips186.Plo
+	-rm -f int/$(DEPDIR)/rsa-pad.Plo
+	-rm -f int/$(DEPDIR)/tls1-prf.Plo
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+	clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	cscopelist-am ctags ctags-am distclean distclean-compile \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man install-pdf \
+	install-pdf-am install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-am uninstall uninstall-am
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/lib/nettle/backport/block-internal.h b/lib/nettle/backport/block-internal.h
new file mode 100644
index 0000000..90e2f3a
--- /dev/null
+++ b/lib/nettle/backport/block-internal.h
@@ -0,0 +1,193 @@
+/* block-internal.h
+
+   Internal implementations of nettle_blockZ-related functions.
+
+   Copyright (C) 2011 Katholieke Universiteit Leuven
+   Copyright (C) 2011, 2013, 2018 Niels Möller
+   Copyright (C) 2018 Red Hat, Inc.
+   Copyright (C) 2019 Dmitry Eremin-Solenikov
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef GNUTLS_LIB_NETTLE_BACKPORT_NETTLE_BLOCK_INTERNAL_H_INCLUDED
+#define GNUTLS_LIB_NETTLE_BACKPORT_NETTLE_BLOCK_INTERNAL_H_INCLUDED
+
+
+#include <nettle/nettle-types.h>
+#include "block8.h"
+#include <nettle/memxor.h>
+
+static inline void
+block16_xor (union nettle_block16 *r,
+	     const union nettle_block16 *x)
+{
+  r->u64[0] ^= x->u64[0];
+  r->u64[1] ^= x->u64[1];
+}
+
+static inline void
+block16_xor3 (union nettle_block16 *r,
+	      const union nettle_block16 *x,
+	      const union nettle_block16 *y)
+{
+  r->u64[0] = x->u64[0] ^ y->u64[0];
+  r->u64[1] = x->u64[1] ^ y->u64[1];
+}
+
+static inline void
+block16_xor_bytes (union nettle_block16 *r,
+		   const union nettle_block16 *x,
+		   const uint8_t *bytes)
+{
+  memxor3 (r->b, x->b, bytes, 16);
+}
+
+static inline void
+block8_xor (union nettle_block8 *r,
+	    const union nettle_block8 *x)
+{
+  r->u64 ^= x->u64;
+}
+
+static inline void
+block8_xor3 (union nettle_block8 *r,
+	     const union nettle_block8 *x,
+	     const union nettle_block8 *y)
+{
+  r->u64 = x->u64 ^ y->u64;
+}
+
+static inline void
+block8_xor_bytes (union nettle_block8 *r,
+		  const union nettle_block8 *x,
+		  const uint8_t *bytes)
+{
+  memxor3 (r->b, x->b, bytes, 8);
+}
+
+/* Do a foreign-endianness shift of data */
+
+#define LSHIFT_ALIEN_UINT64(x) \
+	((((x) & UINT64_C(0x7f7f7f7f7f7f7f7f)) << 1) | \
+	 (((x) & UINT64_C(0x8080808080808080)) >> 15))
+#define RSHIFT_ALIEN_UINT64(x) \
+	((((x) & UINT64_C(0xfefefefefefefefe)) >> 1) | \
+	 (((x) & UINT64_C(0x0001010101010101)) << 15))
+
+/* Two typical defining polynoms */
+
+#define BLOCK16_POLY (UINT64_C(0x87))
+#define BLOCK8_POLY (UINT64_C(0x1b))
+#define GHASH_POLY (UINT64_C(0xE1))
+
+/* Galois multiplications by 2:
+ * functions differ in shifting right or left, big- or little- endianness
+ * and by defining polynom.
+ * r == x is allowed. */
+
+#if WORDS_BIGENDIAN
+static inline void
+block16_mulx_be (union nettle_block16 *dst,
+		 const union nettle_block16 *src)
+{
+  uint64_t carry = src->u64[0] >> 63;
+  dst->u64[0] = (src->u64[0] << 1) | (src->u64[1] >> 63);
+  dst->u64[1] = (src->u64[1] << 1) ^ (BLOCK16_POLY & -carry);
+}
+
+static inline void
+block16_mulx_le (union nettle_block16 *dst,
+		 const union nettle_block16 *src)
+{
+  uint64_t carry = (src->u64[1] & 0x80) >> 7;
+  dst->u64[1] = LSHIFT_ALIEN_UINT64(src->u64[1]) | ((src->u64[0] & 0x80) << 49);
+  dst->u64[0] = LSHIFT_ALIEN_UINT64(src->u64[0]) ^ ((BLOCK16_POLY << 56) & -carry);
+}
+
+static inline void
+block8_mulx_be (union nettle_block8 *dst,
+		const union nettle_block8 *src)
+{
+  uint64_t carry = src->u64 >> 63;
+
+  dst->u64 = (src->u64 << 1) ^ (BLOCK8_POLY & -carry);
+}
+
+static inline void
+block16_mulx_ghash (union nettle_block16 *r,
+		    const union nettle_block16 *x)
+{
+  uint64_t mask;
+
+  /* Shift uses big-endian representation. */
+  mask = - (x->u64[1] & 1);
+  r->u64[1] = (x->u64[1] >> 1) | ((x->u64[0] & 1) << 63);
+  r->u64[0] = (x->u64[0] >> 1) ^ (mask & (GHASH_POLY << 56));
+}
+#else /* !WORDS_BIGENDIAN */
+static inline void
+block16_mulx_be (union nettle_block16 *dst,
+		 const union nettle_block16 *src)
+{
+  uint64_t carry = (src->u64[0] & 0x80) >> 7;
+  dst->u64[0] = LSHIFT_ALIEN_UINT64(src->u64[0]) | ((src->u64[1] & 0x80) << 49);
+  dst->u64[1] = LSHIFT_ALIEN_UINT64(src->u64[1]) ^ ((BLOCK16_POLY << 56) & -carry);
+}
+
+static inline void
+block16_mulx_le (union nettle_block16 *dst,
+		 const union nettle_block16 *src)
+{
+  uint64_t carry = src->u64[1] >> 63;
+  dst->u64[1] = (src->u64[1] << 1) | (src->u64[0] >> 63);
+  dst->u64[0] = (src->u64[0] << 1) ^ (BLOCK16_POLY & -carry);
+}
+
+static inline void
+block8_mulx_be (union nettle_block8 *dst,
+		const union nettle_block8 *src)
+{
+  uint64_t carry = (src->u64 & 0x80) >> 7;
+
+  dst->u64 = LSHIFT_ALIEN_UINT64(src->u64) ^ ((BLOCK8_POLY << 56) & -carry);
+}
+
+static inline void
+block16_mulx_ghash (union nettle_block16 *r,
+		    const union nettle_block16 *x)
+{
+  uint64_t mask;
+
+  /* Shift uses big-endian representation. */
+  mask = - ((x->u64[1] >> 56) & 1);
+  r->u64[1] = RSHIFT_ALIEN_UINT64(x->u64[1]) | ((x->u64[0] >> 49) & 0x80);
+  r->u64[0] = RSHIFT_ALIEN_UINT64(x->u64[0]) ^ (mask & GHASH_POLY);
+}
+#endif /* ! WORDS_BIGENDIAN */
+
+#endif /* GNUTLS_LIB_NETTLE_BACKPORT_NETTLE_BLOCK_INTERNAL_H_INCLUDED */
diff --git a/lib/nettle/cipher.c b/lib/nettle/cipher.c
new file mode 100644
index 0000000..c9c59fb
--- /dev/null
+++ b/lib/nettle/cipher.c
@@ -0,0 +1,1383 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2014 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Here lie nettle's wrappers for cipher support.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <cipher_int.h>
+#include <nettle/aes.h>
+#include <nettle/camellia.h>
+#include <nettle/arcfour.h>
+#include <nettle/arctwo.h>
+#include <nettle/salsa20.h>
+#include <nettle/des.h>
+#include <nettle/version.h>
+#if ENABLE_GOST
+#ifndef HAVE_NETTLE_GOST28147_SET_KEY
+#include "gost/gost28147.h"
+#else
+#include <nettle/gost28147.h>
+#endif
+#ifndef HAVE_NETTLE_MAGMA_SET_KEY
+#include "gost/magma.h"
+#else
+#include <nettle/magma.h>
+#endif
+#ifndef HAVE_NETTLE_KUZNYECHIK_SET_KEY
+#include "gost/kuznyechik.h"
+#else
+#include <nettle/kuznyechik.h>
+#endif
+#include "gost/acpkm.h"
+#include <nettle/ctr.h>
+#endif
+#include <nettle/nettle-meta.h>
+#include <nettle/cbc.h>
+#include <nettle/gcm.h>
+#include <nettle/ccm.h>
+#include <nettle/chacha.h>
+#include <nettle/chacha-poly1305.h>
+#include <nettle/cfb.h>
+#include <nettle/xts.h>
+#include <nettle/siv-cmac.h>
+#include <fips.h>
+#include <intprops.h>
+
+struct nettle_cipher_ctx;
+
+/* Functions that refer to the nettle library.
+ */
+typedef void (*encrypt_func) (struct nettle_cipher_ctx*,
+			      size_t length, 
+			      uint8_t * dst,
+			      const uint8_t * src);
+typedef void (*decrypt_func) (struct nettle_cipher_ctx*,
+			      size_t length, uint8_t *dst,
+			      const uint8_t *src);
+
+typedef void (*aead_encrypt_func) (struct nettle_cipher_ctx*,
+			      size_t nonce_size, const void *nonce,
+			      size_t auth_size, const void *auth,
+			      size_t tag_size,
+			      size_t length, uint8_t * dst,
+			      const uint8_t * src);
+typedef int (*aead_decrypt_func) (struct nettle_cipher_ctx*,
+			      size_t nonce_size, const void *nonce,
+			      size_t auth_size, const void *auth,
+			      size_t tag_size,
+			      size_t length, uint8_t * dst,
+			      const uint8_t * src);
+
+typedef void (*setiv_func) (void *ctx, size_t length, const uint8_t *);
+typedef void (*gen_setkey_func) (void *ctx, size_t length, const uint8_t *);
+
+struct nettle_cipher_st {
+	gnutls_cipher_algorithm_t algo;
+	unsigned ctx_size;
+	nettle_cipher_func *encrypt_block;
+	nettle_cipher_func *decrypt_block;
+	unsigned block_size;
+	unsigned key_size;
+	unsigned max_iv_size;
+
+	encrypt_func encrypt;
+	decrypt_func decrypt;
+	aead_encrypt_func aead_encrypt;
+	aead_decrypt_func aead_decrypt;
+	nettle_hash_update_func* auth;
+	nettle_hash_digest_func* tag;
+	nettle_set_key_func* set_encrypt_key;
+	nettle_set_key_func* set_decrypt_key;
+	gen_setkey_func gen_set_key; /* for arcfour which has variable key size */
+	setiv_func set_iv;
+};
+
+struct nettle_cipher_ctx {
+	const struct nettle_cipher_st *cipher;
+	void *ctx_ptr; /* always 16-aligned */
+	uint8_t iv[MAX_CIPHER_BLOCK_SIZE];
+	unsigned iv_size;
+
+	bool enc;
+	size_t rekey_counter;
+};
+
+#define AES_GCM_ENCRYPT_MAX_BYTES ((1ULL << 36) - 32)
+static inline int
+record_aes_gcm_encrypt_size(size_t *counter, size_t size) {
+	size_t sum;
+
+	if (!INT_ADD_OK(*counter, size, &sum) ||
+	    sum > AES_GCM_ENCRYPT_MAX_BYTES) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+	*counter = sum;
+
+	return 0;
+}
+
+static void
+_stream_encrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+		const uint8_t * src)
+{
+	ctx->cipher->encrypt_block(ctx->ctx_ptr, length, dst, src);
+}
+
+static void
+_stream_decrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+		const uint8_t * src)
+{
+	ctx->cipher->decrypt_block(ctx->ctx_ptr, length, dst, src);
+}
+
+static void
+_cbc_encrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+		const uint8_t * src)
+{
+	cbc_encrypt(ctx->ctx_ptr, ctx->cipher->encrypt_block,
+		    ctx->iv_size, ctx->iv,
+		    length, dst, src);
+}
+
+static void
+_cbc_decrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+		const uint8_t * src)
+{
+	cbc_decrypt(ctx->ctx_ptr, ctx->cipher->decrypt_block,
+		    ctx->iv_size, ctx->iv,
+		    length, dst, src);
+}
+
+#if ENABLE_GOST
+struct magma_acpkm_ctx {
+	uint8_t iv[MAGMA_BLOCK_SIZE];
+	struct acpkm_ctx ctx;
+	struct magma_ctx cipher;
+};
+
+struct kuznyechik_acpkm_ctx {
+	uint8_t iv[KUZNYECHIK_BLOCK_SIZE];
+	struct acpkm_ctx ctx;
+	struct kuznyechik_ctx cipher;
+};
+
+static void
+_cfb_encrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+		const uint8_t * src)
+{
+	cfb_encrypt(ctx->ctx_ptr, ctx->cipher->encrypt_block,
+		    ctx->iv_size, ctx->iv,
+		    length, dst, src);
+}
+
+static void
+_cfb_decrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+		const uint8_t * src)
+{
+	cfb_decrypt(ctx->ctx_ptr, ctx->cipher->encrypt_block,
+		    ctx->iv_size, ctx->iv,
+		    length, dst, src);
+}
+
+static void
+_ctr_acpkm_crypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+	   const uint8_t * src)
+{
+	/* Use context-specific IV which comes as a first field */
+	ctr_crypt(ctx->ctx_ptr, ctx->cipher->encrypt_block,
+		  ctx->cipher->block_size, ctx->ctx_ptr,
+		  length, dst, src);
+}
+
+static void
+_gost28147_set_key_tc26z(void *ctx, const uint8_t *key)
+{
+	gost28147_set_param(ctx, &gost28147_param_TC26_Z);
+	gost28147_set_key(ctx, key);
+}
+
+static void
+_gost28147_set_key_cpa(void *ctx, const uint8_t *key)
+{
+	gost28147_set_param(ctx, &gost28147_param_CryptoPro_A);
+	gost28147_set_key(ctx, key);
+}
+
+static void
+_gost28147_set_key_cpb(void *ctx, const uint8_t *key)
+{
+	gost28147_set_param(ctx, &gost28147_param_CryptoPro_B);
+	gost28147_set_key(ctx, key);
+}
+
+static void
+_gost28147_set_key_cpc(void *ctx, const uint8_t *key)
+{
+	gost28147_set_param(ctx, &gost28147_param_CryptoPro_C);
+	gost28147_set_key(ctx, key);
+}
+
+static void
+_gost28147_set_key_cpd(void *ctx, const uint8_t *key)
+{
+	gost28147_set_param(ctx, &gost28147_param_CryptoPro_D);
+	gost28147_set_key(ctx, key);
+}
+
+static void
+_gost28147_cnt_set_key_tc26z(void *ctx, const uint8_t *key)
+{
+	gost28147_cnt_init(ctx, key, &gost28147_param_TC26_Z);
+}
+
+static void
+_gost28147_cnt_set_nonce (void *ctx, size_t length, const uint8_t *nonce)
+{
+	gost28147_cnt_set_iv (ctx, nonce);
+}
+
+static void
+_gost28147_cnt_crypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+		     const uint8_t * src)
+{
+	gost28147_cnt_crypt((void *)ctx->ctx_ptr, length, dst, src);
+}
+
+static void
+_magma_acpkm_crypt(struct magma_acpkm_ctx *ctx,
+		  size_t length, uint8_t *dst,
+		  const uint8_t *src)
+{
+  acpkm_crypt(&ctx->ctx, &ctx->cipher,
+	      (nettle_cipher_func *)magma_encrypt,
+	      (nettle_set_key_func *)magma_set_key,
+	      length, dst, src);
+}
+
+static void
+_kuznyechik_acpkm_crypt(struct kuznyechik_acpkm_ctx *ctx,
+		       size_t length, uint8_t *dst,
+		       const uint8_t *src)
+{
+  acpkm_crypt(&ctx->ctx, &ctx->cipher,
+	      (nettle_cipher_func *)kuznyechik_encrypt,
+	      (nettle_set_key_func *)kuznyechik_set_key,
+	      length, dst, src);
+}
+
+static void
+_magma_ctr_acpkm_set_key(struct magma_acpkm_ctx *ctx, const uint8_t *key)
+{
+	magma_set_key(&ctx->cipher, key);
+	ctx->ctx.pos = 0;
+	ctx->ctx.N = 1024;
+}
+
+static void
+_magma_ctr_acpkm_set_iv(struct magma_acpkm_ctx *ctx, size_t length, const uint8_t *iv)
+{
+	memcpy(ctx->iv, iv, length);
+	memset(ctx->iv + length, 0, MAGMA_BLOCK_SIZE - length);
+}
+
+static void
+_kuznyechik_ctr_acpkm_set_key(struct kuznyechik_acpkm_ctx *ctx, const uint8_t *key)
+{
+	kuznyechik_set_key(&ctx->cipher, key);
+	ctx->ctx.pos = 0;
+	ctx->ctx.N = 4096;
+}
+
+static void
+_kuznyechik_ctr_acpkm_set_iv(struct kuznyechik_acpkm_ctx *ctx, size_t length, const uint8_t *iv)
+{
+	memcpy(ctx->iv, iv, length);
+	memset(ctx->iv + length, 0, KUZNYECHIK_BLOCK_SIZE - length);
+}
+#endif
+
+static void
+_ccm_encrypt(struct nettle_cipher_ctx *ctx,
+	      size_t nonce_size, const void *nonce,
+	      size_t auth_size, const void *auth,
+	      size_t tag_size,
+	      size_t length, uint8_t * dst,
+	      const uint8_t * src)
+{
+	ccm_encrypt_message((void*)ctx->ctx_ptr, ctx->cipher->encrypt_block,
+			    nonce_size, nonce,
+			    auth_size, auth,
+			    tag_size, length, dst, src);
+}
+
+static int
+_ccm_decrypt(struct nettle_cipher_ctx *ctx,
+	      size_t nonce_size, const void *nonce,
+	      size_t auth_size, const void *auth,
+	      size_t tag_size,
+	      size_t length, uint8_t * dst,
+	      const uint8_t * src)
+{
+	return ccm_decrypt_message((void*)ctx->ctx_ptr, ctx->cipher->encrypt_block,
+				    nonce_size, nonce,
+				    auth_size, auth,
+				    tag_size, length, dst, src);
+}
+
+static void
+_siv_cmac_aes128_encrypt_message(struct nettle_cipher_ctx *ctx,
+				 size_t nonce_size, const void *nonce,
+				 size_t auth_size, const void *auth,
+				 size_t tag_size,
+				 size_t length, uint8_t * dst,
+				 const uint8_t * src)
+{
+	siv_cmac_aes128_encrypt_message((void*)ctx->ctx_ptr,
+					nonce_size, nonce,
+					auth_size, auth,
+					length, dst, src);
+}
+
+static int
+_siv_cmac_aes128_decrypt_message(struct nettle_cipher_ctx *ctx,
+				 size_t nonce_size, const void *nonce,
+				 size_t auth_size, const void *auth,
+				 size_t tag_size,
+				 size_t length, uint8_t * dst,
+				 const uint8_t * src)
+{
+	return siv_cmac_aes128_decrypt_message((void*)ctx->ctx_ptr,
+					       nonce_size, nonce,
+					       auth_size, auth,
+					       length, dst, src);
+}
+
+static void
+_siv_cmac_aes256_encrypt_message(struct nettle_cipher_ctx *ctx,
+				 size_t nonce_size, const void *nonce,
+				 size_t auth_size, const void *auth,
+				 size_t tag_size,
+				 size_t length, uint8_t * dst,
+				 const uint8_t * src)
+{
+	siv_cmac_aes256_encrypt_message((void*)ctx->ctx_ptr,
+					nonce_size, nonce,
+					auth_size, auth,
+					length, dst, src);
+}
+
+static int
+_siv_cmac_aes256_decrypt_message(struct nettle_cipher_ctx *ctx,
+				 size_t nonce_size, const void *nonce,
+				 size_t auth_size, const void *auth,
+				 size_t tag_size,
+				 size_t length, uint8_t * dst,
+				 const uint8_t * src)
+{
+	return siv_cmac_aes256_decrypt_message((void*)ctx->ctx_ptr,
+					       nonce_size, nonce,
+					       auth_size, auth,
+					       length, dst, src);
+}
+
+static void
+_chacha_set_nonce(struct chacha_ctx *ctx,
+		  size_t length, const uint8_t *nonce)
+{
+	chacha_set_nonce(ctx, nonce + CHACHA_COUNTER_SIZE);
+	chacha_set_counter(ctx, nonce);
+}
+
+static void
+_chacha_set_nonce96(struct chacha_ctx *ctx,
+		    size_t length, const uint8_t *nonce)
+{
+	chacha_set_nonce96(ctx, nonce + CHACHA_COUNTER32_SIZE);
+	chacha_set_counter32(ctx, nonce);
+}
+
+static void
+_chacha_poly1305_set_nonce (struct chacha_poly1305_ctx *ctx,
+		   size_t length, const uint8_t *nonce)
+{
+	chacha_poly1305_set_nonce(ctx, nonce);
+}
+		   
+struct gcm_cast_st { struct gcm_key key; struct gcm_ctx gcm; unsigned long xx[1]; };
+#define GCM_CTX_GET_KEY(ptr) (&((struct gcm_cast_st*)ptr)->key)
+#define GCM_CTX_GET_CTX(ptr) (&((struct gcm_cast_st*)ptr)->gcm)
+#define GCM_CTX_GET_CIPHER(ptr) ((void*)&((struct gcm_cast_st*)ptr)->xx)
+
+static void
+_gcm_encrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+		 const uint8_t * src)
+{
+	gcm_encrypt(GCM_CTX_GET_CTX(ctx->ctx_ptr), GCM_CTX_GET_KEY(ctx->ctx_ptr),
+		    GCM_CTX_GET_CIPHER(ctx->ctx_ptr), ctx->cipher->encrypt_block,
+		    length, dst, src);
+}
+
+static void
+_gcm_decrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+		 const uint8_t * src)
+{
+	gcm_decrypt(GCM_CTX_GET_CTX(ctx->ctx_ptr), GCM_CTX_GET_KEY(ctx->ctx_ptr),
+		    GCM_CTX_GET_CIPHER(ctx->ctx_ptr), ctx->cipher->encrypt_block,
+		    length, dst, src);
+}
+
+static void _des_set_key(struct des_ctx *ctx, const uint8_t *key)
+{
+	des_set_key(ctx, key);
+}
+
+static void _des3_set_key(struct des3_ctx *ctx, const uint8_t *key)
+{
+	des3_set_key(ctx, key);
+}
+
+static void
+_cfb8_encrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+	      const uint8_t * src)
+{
+	cfb8_encrypt(ctx->ctx_ptr, ctx->cipher->encrypt_block,
+		     ctx->iv_size, ctx->iv,
+		     length, dst, src);
+}
+
+static void
+_cfb8_decrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+	      const uint8_t * src)
+{
+	cfb8_decrypt(ctx->ctx_ptr, ctx->cipher->encrypt_block,
+		     ctx->iv_size, ctx->iv,
+		     length, dst, src);
+}
+
+static void
+_xts_aes128_set_encrypt_key(struct xts_aes128_key *xts_key,
+			    const uint8_t *key)
+{
+	if (_gnutls_fips_mode_enabled() &&
+	    gnutls_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0)
+		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+
+	xts_aes128_set_encrypt_key(xts_key, key);
+}
+
+static void
+_xts_aes128_set_decrypt_key(struct xts_aes128_key *xts_key,
+			    const uint8_t *key)
+{
+	if (_gnutls_fips_mode_enabled() &&
+	    gnutls_memcmp(key, key + AES128_KEY_SIZE, AES128_KEY_SIZE) == 0)
+		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+
+	xts_aes128_set_decrypt_key(xts_key, key);
+}
+
+static void
+_xts_aes256_set_encrypt_key(struct xts_aes256_key *xts_key,
+			    const uint8_t *key)
+{
+	if (_gnutls_fips_mode_enabled() &&
+	    gnutls_memcmp(key, key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0)
+		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+
+	xts_aes256_set_encrypt_key(xts_key, key);
+}
+
+static void
+_xts_aes256_set_decrypt_key(struct xts_aes256_key *xts_key,
+			    const uint8_t *key)
+{
+	if (_gnutls_fips_mode_enabled() &&
+	    gnutls_memcmp(key, key + AES256_KEY_SIZE, AES256_KEY_SIZE) == 0)
+		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+
+	xts_aes256_set_decrypt_key(xts_key, key);
+}
+
+static void
+_xts_aes128_encrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+		    const uint8_t * src)
+{
+	xts_aes128_encrypt_message(ctx->ctx_ptr, ctx->iv, length, dst, src);
+}
+
+static void
+_xts_aes128_decrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+		    const uint8_t * src)
+{
+	xts_aes128_decrypt_message(ctx->ctx_ptr, ctx->iv, length, dst, src);
+}
+
+static void
+_xts_aes256_encrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+		    const uint8_t * src)
+{
+	xts_aes256_encrypt_message(ctx->ctx_ptr, ctx->iv, length, dst, src);
+}
+
+static void
+_xts_aes256_decrypt(struct nettle_cipher_ctx *ctx, size_t length, uint8_t * dst,
+		    const uint8_t * src)
+{
+	xts_aes256_decrypt_message(ctx->ctx_ptr, ctx->iv, length, dst, src);
+}
+
+static const struct nettle_cipher_st builtin_ciphers[] = {
+	{  .algo = GNUTLS_CIPHER_AES_128_GCM,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES128_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)aes128_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)aes128_decrypt,
+
+	   .ctx_size = sizeof(struct gcm_aes128_ctx),
+	   .encrypt = _gcm_encrypt,
+	   .decrypt = _gcm_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)gcm_aes128_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)gcm_aes128_set_key,
+
+	   .tag = (nettle_hash_digest_func*)gcm_aes128_digest,
+	   .auth = (nettle_hash_update_func*)gcm_aes128_update,
+	   .set_iv = (setiv_func)gcm_aes128_set_iv,
+	   .max_iv_size = GCM_IV_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_AES_192_GCM,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES192_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)aes192_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)aes192_decrypt,
+
+	   .ctx_size = sizeof(struct gcm_aes192_ctx),
+	   .encrypt = _gcm_encrypt,
+	   .decrypt = _gcm_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)gcm_aes192_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)gcm_aes192_set_key,
+
+	   .tag = (nettle_hash_digest_func*)gcm_aes192_digest,
+	   .auth = (nettle_hash_update_func*)gcm_aes192_update,
+	   .set_iv = (setiv_func)gcm_aes192_set_iv,
+	   .max_iv_size = GCM_IV_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_AES_256_GCM,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES256_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)aes256_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)aes256_decrypt,
+
+	   .ctx_size = sizeof(struct gcm_aes256_ctx),
+	   .encrypt = _gcm_encrypt,
+	   .decrypt = _gcm_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)gcm_aes256_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)gcm_aes256_set_key,
+	   
+	   .tag = (nettle_hash_digest_func*)gcm_aes256_digest,
+	   .auth = (nettle_hash_update_func*)gcm_aes256_update,
+	   .set_iv = (setiv_func)gcm_aes256_set_iv,
+	   .max_iv_size = GCM_IV_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_AES_128_CCM,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES128_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)aes128_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)aes128_decrypt,
+
+	   .ctx_size = sizeof(struct aes128_ctx),
+	   .aead_encrypt = _ccm_encrypt,
+	   .aead_decrypt = _ccm_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)aes128_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)aes128_set_encrypt_key,
+	   .max_iv_size = CCM_MAX_NONCE_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_AES_128_CCM_8,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES128_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)aes128_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)aes128_decrypt,
+
+	   .ctx_size = sizeof(struct aes128_ctx),
+	   .aead_encrypt = _ccm_encrypt,
+	   .aead_decrypt = _ccm_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)aes128_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)aes128_set_encrypt_key,
+	   .max_iv_size = CCM_MAX_NONCE_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_AES_256_CCM,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES256_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)aes256_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)aes256_decrypt,
+
+	   .ctx_size = sizeof(struct aes256_ctx),
+	   .aead_encrypt = _ccm_encrypt,
+	   .aead_decrypt = _ccm_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)aes256_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)aes256_set_encrypt_key,
+	   .max_iv_size = CCM_MAX_NONCE_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_AES_256_CCM_8,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES256_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)aes256_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)aes256_decrypt,
+
+	   .ctx_size = sizeof(struct aes256_ctx),
+	   .aead_encrypt = _ccm_encrypt,
+	   .aead_decrypt = _ccm_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)aes256_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)aes256_set_encrypt_key,
+	   .max_iv_size = CCM_MAX_NONCE_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_CAMELLIA_128_GCM,
+	   .block_size = CAMELLIA_BLOCK_SIZE,
+	   .key_size = CAMELLIA128_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)camellia128_crypt,
+	   .decrypt_block = (nettle_cipher_func*)camellia128_crypt,
+
+	   .ctx_size = sizeof(struct gcm_camellia128_ctx),
+	   .encrypt = _gcm_encrypt,
+	   .decrypt = _gcm_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)gcm_camellia128_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)gcm_camellia128_set_key,
+	   .tag = (nettle_hash_digest_func*)gcm_camellia128_digest,
+	   .auth = (nettle_hash_update_func*)gcm_camellia128_update,
+	   .max_iv_size = GCM_IV_SIZE,
+	   .set_iv = (setiv_func)gcm_camellia128_set_iv
+	},
+	{  .algo = GNUTLS_CIPHER_CAMELLIA_256_GCM,
+	   .block_size = CAMELLIA_BLOCK_SIZE,
+	   .key_size = CAMELLIA256_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)camellia256_crypt,
+	   .decrypt_block = (nettle_cipher_func*)camellia256_crypt,
+
+	   .ctx_size = sizeof(struct gcm_camellia256_ctx),
+	   .encrypt = _gcm_encrypt,
+	   .decrypt = _gcm_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)gcm_camellia256_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)gcm_camellia256_set_key,
+	   .tag = (nettle_hash_digest_func*)gcm_camellia256_digest,
+	   .auth = (nettle_hash_update_func*)gcm_camellia256_update,
+	   .max_iv_size = GCM_IV_SIZE,
+	   .set_iv = (setiv_func)gcm_camellia256_set_iv
+	},
+	{  .algo = GNUTLS_CIPHER_AES_128_CBC,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES128_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)aes128_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)aes128_decrypt,
+
+	   .ctx_size = sizeof(struct CBC_CTX(struct aes128_ctx, AES_BLOCK_SIZE)),
+	   .encrypt = _cbc_encrypt,
+	   .decrypt = _cbc_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)aes128_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)aes128_set_decrypt_key,
+	   .max_iv_size = AES_BLOCK_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_AES_192_CBC,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES192_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)aes192_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)aes192_decrypt,
+
+	   .ctx_size = sizeof(struct CBC_CTX(struct aes192_ctx, AES_BLOCK_SIZE)),
+	   .encrypt = _cbc_encrypt,
+	   .decrypt = _cbc_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)aes192_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)aes192_set_decrypt_key,
+	   .max_iv_size = AES_BLOCK_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_AES_256_CBC,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES256_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)aes256_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)aes256_decrypt,
+
+	   .ctx_size = sizeof(struct CBC_CTX(struct aes256_ctx, AES_BLOCK_SIZE)),
+	   .encrypt = _cbc_encrypt,
+	   .decrypt = _cbc_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)aes256_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)aes256_set_decrypt_key,
+	   .max_iv_size = AES_BLOCK_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_CAMELLIA_128_CBC,
+	   .block_size = CAMELLIA_BLOCK_SIZE,
+	   .key_size = CAMELLIA128_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)camellia128_crypt,
+	   .decrypt_block = (nettle_cipher_func*)camellia128_crypt,
+
+	   .ctx_size = sizeof(struct CBC_CTX(struct camellia128_ctx, CAMELLIA_BLOCK_SIZE)),
+	   .encrypt = _cbc_encrypt,
+	   .decrypt = _cbc_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)camellia128_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)camellia128_set_decrypt_key,
+	   .max_iv_size = CAMELLIA_BLOCK_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_CAMELLIA_192_CBC,
+	   .block_size = CAMELLIA_BLOCK_SIZE,
+	   .key_size = CAMELLIA192_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)camellia192_crypt,
+	   .decrypt_block = (nettle_cipher_func*)camellia192_crypt,
+
+	   .ctx_size = sizeof(struct CBC_CTX(struct camellia192_ctx, CAMELLIA_BLOCK_SIZE)),
+	   .encrypt = _cbc_encrypt,
+	   .decrypt = _cbc_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)camellia192_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)camellia192_set_decrypt_key,
+	   .max_iv_size = CAMELLIA_BLOCK_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_CAMELLIA_256_CBC,
+	   .block_size = CAMELLIA_BLOCK_SIZE,
+	   .key_size = CAMELLIA256_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)camellia256_crypt,
+	   .decrypt_block = (nettle_cipher_func*)camellia256_crypt,
+
+	   .ctx_size = sizeof(struct CBC_CTX(struct camellia256_ctx, CAMELLIA_BLOCK_SIZE)),
+	   .encrypt = _cbc_encrypt,
+	   .decrypt = _cbc_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)camellia256_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)camellia256_set_decrypt_key,
+	   .max_iv_size = CAMELLIA_BLOCK_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_RC2_40_CBC,
+	   .block_size = ARCTWO_BLOCK_SIZE,
+	   .key_size = 5,
+	   .encrypt_block = (nettle_cipher_func*)arctwo_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)arctwo_decrypt,
+
+	   .ctx_size = sizeof(struct CBC_CTX(struct arctwo_ctx, ARCTWO_BLOCK_SIZE)),
+	   .encrypt = _cbc_encrypt,
+	   .decrypt = _cbc_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)arctwo40_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)arctwo40_set_key,
+	   .max_iv_size = ARCTWO_BLOCK_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_DES_CBC,
+	   .block_size = DES_BLOCK_SIZE,
+	   .key_size = DES_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)des_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)des_decrypt,
+
+	   .ctx_size = sizeof(struct CBC_CTX(struct des_ctx, DES_BLOCK_SIZE)),
+	   .encrypt = _cbc_encrypt,
+	   .decrypt = _cbc_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)_des_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)_des_set_key,
+	   .max_iv_size = DES_BLOCK_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_3DES_CBC,
+	   .block_size = DES3_BLOCK_SIZE,
+	   .key_size = DES3_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)des3_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)des3_decrypt,
+
+	   .ctx_size = sizeof(struct CBC_CTX(struct des3_ctx, DES3_BLOCK_SIZE)),
+	   .encrypt = _cbc_encrypt,
+	   .decrypt = _cbc_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)_des3_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)_des3_set_key,
+	   .max_iv_size = DES_BLOCK_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_ARCFOUR_128,
+	   .block_size = 1,
+	   .key_size = 0,
+	   .encrypt_block = (nettle_cipher_func*)arcfour_crypt,
+	   .decrypt_block = (nettle_cipher_func*)arcfour_crypt,
+
+	   .ctx_size = sizeof(struct arcfour_ctx),
+	   .encrypt = _stream_encrypt,
+	   .decrypt = _stream_encrypt,
+	   .gen_set_key = (gen_setkey_func)arcfour_set_key,
+	   .set_encrypt_key = (nettle_set_key_func*)arcfour128_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)arcfour128_set_key,
+	},
+	{  .algo = GNUTLS_CIPHER_SALSA20_256,
+	   .block_size = 1,
+	   .key_size = SALSA20_256_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)salsa20_crypt,
+	   .decrypt_block = (nettle_cipher_func*)salsa20_crypt,
+
+	   .ctx_size = sizeof(struct salsa20_ctx),
+	   .encrypt = _stream_encrypt,
+	   .decrypt = _stream_encrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)salsa20_256_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)salsa20_256_set_key,
+	   .max_iv_size = SALSA20_NONCE_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_ESTREAM_SALSA20_256,
+	   .block_size = 1,
+	   .key_size = SALSA20_256_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)salsa20r12_crypt,
+	   .decrypt_block = (nettle_cipher_func*)salsa20r12_crypt,
+
+	   .ctx_size = sizeof(struct salsa20_ctx),
+	   .encrypt = _stream_encrypt,
+	   .decrypt = _stream_encrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)salsa20_256_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)salsa20_256_set_key,
+	   .max_iv_size = SALSA20_NONCE_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_CHACHA20_32,
+	   .block_size = 1,
+	   .key_size = CHACHA_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)chacha_crypt32,
+	   .decrypt_block = (nettle_cipher_func*)chacha_crypt32,
+
+	   .ctx_size = sizeof(struct chacha_ctx),
+	   .encrypt = _stream_encrypt,
+	   .decrypt = _stream_encrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)chacha_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)chacha_set_key,
+	   .set_iv = (setiv_func)_chacha_set_nonce96,
+	   /* we allow setting the initial block counter as part of nonce */
+	   .max_iv_size = CHACHA_NONCE96_SIZE + CHACHA_COUNTER32_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_CHACHA20_64,
+	   .block_size = 1,
+	   .key_size = CHACHA_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)chacha_crypt,
+	   .decrypt_block = (nettle_cipher_func*)chacha_crypt,
+
+	   .ctx_size = sizeof(struct chacha_ctx),
+	   .encrypt = _stream_encrypt,
+	   .decrypt = _stream_encrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)chacha_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)chacha_set_key,
+	   .set_iv = (setiv_func)_chacha_set_nonce,
+	   /* we allow setting the initial block counter as part of nonce */
+	   .max_iv_size = CHACHA_NONCE_SIZE + CHACHA_COUNTER_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_CHACHA20_POLY1305,
+	   .block_size = CHACHA_POLY1305_BLOCK_SIZE,
+	   .key_size = CHACHA_POLY1305_KEY_SIZE,
+
+	   .ctx_size = sizeof(struct chacha_poly1305_ctx),
+	   .encrypt_block = (nettle_cipher_func*)chacha_poly1305_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)chacha_poly1305_decrypt,
+	   .encrypt = _stream_encrypt,
+	   .decrypt = _stream_decrypt,
+	   .auth = (nettle_hash_update_func*)chacha_poly1305_update,
+	   .tag = (nettle_hash_digest_func*)chacha_poly1305_digest,
+	   .set_encrypt_key = (nettle_set_key_func*)chacha_poly1305_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)chacha_poly1305_set_key,
+	   .set_iv = (setiv_func)_chacha_poly1305_set_nonce,
+	   .max_iv_size = CHACHA_POLY1305_NONCE_SIZE,
+	},
+#if ENABLE_GOST
+	{
+	   .algo = GNUTLS_CIPHER_GOST28147_TC26Z_CFB,
+	   .block_size = GOST28147_BLOCK_SIZE,
+	   .key_size = GOST28147_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)gost28147_encrypt_for_cfb,
+	   .decrypt_block = (nettle_cipher_func*)gost28147_encrypt_for_cfb,
+
+	   .ctx_size = sizeof(struct CFB_CTX(struct gost28147_ctx, GOST28147_BLOCK_SIZE)),
+	   .encrypt = _cfb_encrypt,
+	   .decrypt = _cfb_decrypt,
+	   .set_encrypt_key = _gost28147_set_key_tc26z,
+	   .set_decrypt_key = _gost28147_set_key_tc26z,
+	},
+	{
+	   .algo = GNUTLS_CIPHER_GOST28147_CPA_CFB,
+	   .block_size = GOST28147_BLOCK_SIZE,
+	   .key_size = GOST28147_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)gost28147_encrypt_for_cfb,
+	   .decrypt_block = (nettle_cipher_func*)gost28147_encrypt_for_cfb,
+
+	   .ctx_size = sizeof(struct CFB_CTX(struct gost28147_ctx, GOST28147_BLOCK_SIZE)),
+	   .encrypt = _cfb_encrypt,
+	   .decrypt = _cfb_decrypt,
+	   .set_encrypt_key = _gost28147_set_key_cpa,
+	   .set_decrypt_key = _gost28147_set_key_cpa,
+	},
+	{
+	   .algo = GNUTLS_CIPHER_GOST28147_CPB_CFB,
+	   .block_size = GOST28147_BLOCK_SIZE,
+	   .key_size = GOST28147_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)gost28147_encrypt_for_cfb,
+	   .decrypt_block = (nettle_cipher_func*)gost28147_encrypt_for_cfb,
+
+	   .ctx_size = sizeof(struct CFB_CTX(struct gost28147_ctx, GOST28147_BLOCK_SIZE)),
+	   .encrypt = _cfb_encrypt,
+	   .decrypt = _cfb_decrypt,
+	   .set_encrypt_key = _gost28147_set_key_cpb,
+	   .set_decrypt_key = _gost28147_set_key_cpb,
+	},
+	{
+	   .algo = GNUTLS_CIPHER_GOST28147_CPC_CFB,
+	   .block_size = GOST28147_BLOCK_SIZE,
+	   .key_size = GOST28147_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)gost28147_encrypt_for_cfb,
+	   .decrypt_block = (nettle_cipher_func*)gost28147_encrypt_for_cfb,
+
+	   .ctx_size = sizeof(struct CFB_CTX(struct gost28147_ctx, GOST28147_BLOCK_SIZE)),
+	   .encrypt = _cfb_encrypt,
+	   .decrypt = _cfb_decrypt,
+	   .set_encrypt_key = _gost28147_set_key_cpc,
+	   .set_decrypt_key = _gost28147_set_key_cpc,
+	},
+	{
+	   .algo = GNUTLS_CIPHER_GOST28147_CPD_CFB,
+	   .block_size = GOST28147_BLOCK_SIZE,
+	   .key_size = GOST28147_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)gost28147_encrypt_for_cfb,
+	   .decrypt_block = (nettle_cipher_func*)gost28147_encrypt_for_cfb,
+
+	   .ctx_size = sizeof(struct CFB_CTX(struct gost28147_ctx, GOST28147_BLOCK_SIZE)),
+	   .encrypt = _cfb_encrypt,
+	   .decrypt = _cfb_decrypt,
+	   .set_encrypt_key = _gost28147_set_key_cpd,
+	   .set_decrypt_key = _gost28147_set_key_cpd,
+	},
+	{
+	   .algo = GNUTLS_CIPHER_GOST28147_TC26Z_CNT,
+	   .block_size = GOST28147_BLOCK_SIZE,
+	   .key_size = GOST28147_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)gost28147_encrypt, /* unused */
+	   .decrypt_block = (nettle_cipher_func*)gost28147_decrypt, /* unused */
+
+	   .ctx_size = sizeof(struct gost28147_cnt_ctx),
+	   .encrypt = _gost28147_cnt_crypt,
+	   .decrypt = _gost28147_cnt_crypt,
+	   .set_encrypt_key = _gost28147_cnt_set_key_tc26z,
+	   .set_decrypt_key = _gost28147_cnt_set_key_tc26z,
+	   .set_iv = (setiv_func)_gost28147_cnt_set_nonce,
+	},
+	{
+	   .algo = GNUTLS_CIPHER_MAGMA_CTR_ACPKM,
+	   .block_size = MAGMA_BLOCK_SIZE,
+	   .key_size = MAGMA_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)_magma_acpkm_crypt,
+	   .decrypt_block = (nettle_cipher_func*)_magma_acpkm_crypt,
+
+	   .ctx_size = sizeof(struct magma_acpkm_ctx),
+	   .encrypt = _ctr_acpkm_crypt,
+	   .decrypt = _ctr_acpkm_crypt,
+	   .set_encrypt_key = (nettle_set_key_func*)_magma_ctr_acpkm_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)_magma_ctr_acpkm_set_key,
+	   .set_iv = (setiv_func)_magma_ctr_acpkm_set_iv,
+	},
+	{
+	   .algo = GNUTLS_CIPHER_KUZNYECHIK_CTR_ACPKM,
+	   .block_size = KUZNYECHIK_BLOCK_SIZE,
+	   .key_size = KUZNYECHIK_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)_kuznyechik_acpkm_crypt,
+	   .decrypt_block = (nettle_cipher_func*)_kuznyechik_acpkm_crypt,
+
+	   .ctx_size = sizeof(struct kuznyechik_acpkm_ctx),
+	   .encrypt = _ctr_acpkm_crypt,
+	   .decrypt = _ctr_acpkm_crypt,
+	   .set_encrypt_key = (nettle_set_key_func*)_kuznyechik_ctr_acpkm_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)_kuznyechik_ctr_acpkm_set_key,
+	   .set_iv = (setiv_func)_kuznyechik_ctr_acpkm_set_iv,
+	},
+#endif
+	{  .algo = GNUTLS_CIPHER_AES_128_CFB8,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES128_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)aes128_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)aes128_encrypt,
+
+	   .ctx_size = sizeof(struct CFB8_CTX(struct aes128_ctx, AES_BLOCK_SIZE)),
+	   .encrypt = _cfb8_encrypt,
+	   .decrypt = _cfb8_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)aes128_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)aes128_set_encrypt_key,
+	   .max_iv_size = AES_BLOCK_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_AES_192_CFB8,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES192_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)aes192_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)aes192_encrypt,
+
+	   .ctx_size = sizeof(struct CFB8_CTX(struct aes192_ctx, AES_BLOCK_SIZE)),
+	   .encrypt = _cfb8_encrypt,
+	   .decrypt = _cfb8_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)aes192_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)aes192_set_encrypt_key,
+	   .max_iv_size = AES_BLOCK_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_AES_256_CFB8,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES256_KEY_SIZE,
+	   .encrypt_block = (nettle_cipher_func*)aes256_encrypt,
+	   .decrypt_block = (nettle_cipher_func*)aes256_encrypt,
+
+	   .ctx_size = sizeof(struct CFB8_CTX(struct aes256_ctx, AES_BLOCK_SIZE)),
+	   .encrypt = _cfb8_encrypt,
+	   .decrypt = _cfb8_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)aes256_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)aes256_set_encrypt_key,
+	   .max_iv_size = AES_BLOCK_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_AES_128_XTS,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES128_KEY_SIZE * 2,
+
+	   .ctx_size = sizeof(struct xts_aes128_key),
+	   .encrypt = _xts_aes128_encrypt,
+	   .decrypt = _xts_aes128_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)_xts_aes128_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)_xts_aes128_set_decrypt_key,
+	   .max_iv_size = AES_BLOCK_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_AES_256_XTS,
+	   .block_size = AES_BLOCK_SIZE,
+	   .key_size = AES256_KEY_SIZE * 2,
+
+	   .ctx_size = sizeof(struct xts_aes256_key),
+	   .encrypt = _xts_aes256_encrypt,
+	   .decrypt = _xts_aes256_decrypt,
+	   .set_encrypt_key = (nettle_set_key_func*)_xts_aes256_set_encrypt_key,
+	   .set_decrypt_key = (nettle_set_key_func*)_xts_aes256_set_decrypt_key,
+	   .max_iv_size = AES_BLOCK_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_AES_128_SIV,
+	   .block_size = SIV_BLOCK_SIZE,
+	   .key_size = SIV_CMAC_AES128_KEY_SIZE,
+
+	   .ctx_size = sizeof(struct siv_cmac_aes128_ctx),
+	   .aead_encrypt = (aead_encrypt_func)_siv_cmac_aes128_encrypt_message,
+	   .aead_decrypt = (aead_decrypt_func)_siv_cmac_aes128_decrypt_message,
+	   .set_encrypt_key = (nettle_set_key_func*)siv_cmac_aes128_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)siv_cmac_aes128_set_key,
+	   .max_iv_size = SIV_DIGEST_SIZE,
+	},
+	{  .algo = GNUTLS_CIPHER_AES_256_SIV,
+	   .block_size = SIV_BLOCK_SIZE,
+	   .key_size = SIV_CMAC_AES256_KEY_SIZE,
+
+	   .ctx_size = sizeof(struct siv_cmac_aes256_ctx),
+	   .aead_encrypt = (aead_encrypt_func)_siv_cmac_aes256_encrypt_message,
+	   .aead_decrypt = (aead_decrypt_func)_siv_cmac_aes256_decrypt_message,
+	   .set_encrypt_key = (nettle_set_key_func*)siv_cmac_aes256_set_key,
+	   .set_decrypt_key = (nettle_set_key_func*)siv_cmac_aes256_set_key,
+	   .max_iv_size = SIV_DIGEST_SIZE,
+	},
+};
+
+static int wrap_nettle_cipher_exists(gnutls_cipher_algorithm_t algo)
+{
+	unsigned i;
+	for (i=0;i<sizeof(builtin_ciphers)/sizeof(builtin_ciphers[0]);i++) {
+		if (algo == builtin_ciphers[i].algo) {
+			return 1;
+		}
+	}
+	return 0;
+}
+
+static int
+wrap_nettle_cipher_init(gnutls_cipher_algorithm_t algo, void **_ctx,
+			int enc)
+{
+	struct nettle_cipher_ctx *ctx;
+	uintptr_t cur_alignment;
+	int idx = -1;
+	unsigned i;
+	uint8_t *ctx_ptr;
+
+	for (i=0;i<sizeof(builtin_ciphers)/sizeof(builtin_ciphers[0]);i++) {
+		if (algo == builtin_ciphers[i].algo) {
+			idx = i;
+			break;
+		}
+	}
+
+	if (idx == -1)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ctx = gnutls_calloc(1, sizeof(*ctx)+builtin_ciphers[idx].ctx_size+16);
+	if (ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ctx->enc = enc;
+	ctx_ptr = ((uint8_t*)ctx) + sizeof(*ctx);
+
+	cur_alignment = ((uintptr_t)ctx_ptr) % 16;
+	if (cur_alignment > 0)
+		ctx_ptr += 16 - cur_alignment;
+
+	ctx->ctx_ptr = ctx_ptr;
+	ctx->cipher = &builtin_ciphers[idx];
+
+	*_ctx = ctx;
+
+	return 0;
+}
+
+static int
+wrap_nettle_cipher_setkey(void *_ctx, const void *key, size_t keysize)
+{
+	struct nettle_cipher_ctx *ctx = _ctx;
+
+	if (ctx->cipher->key_size > 0 && unlikely(keysize != ctx->cipher->key_size)) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	} else if (ctx->cipher->key_size == 0) {
+		ctx->cipher->gen_set_key(ctx->ctx_ptr, keysize, key);
+		return 0;
+	}
+
+	if (ctx->enc)
+		ctx->cipher->set_encrypt_key(ctx->ctx_ptr, key);
+	else
+		ctx->cipher->set_decrypt_key(ctx->ctx_ptr, key);
+
+	switch (ctx->cipher->algo) {
+	case GNUTLS_CIPHER_AES_128_GCM:
+	case GNUTLS_CIPHER_AES_192_GCM:
+	case GNUTLS_CIPHER_AES_256_GCM:
+		ctx->rekey_counter = 0;
+		break;
+	default:
+		break;
+	}
+
+	return 0;
+}
+
+static int
+wrap_nettle_cipher_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+	struct nettle_cipher_ctx *ctx = _ctx;
+	unsigned max_iv;
+
+	switch (ctx->cipher->algo) {
+	case GNUTLS_CIPHER_AES_128_GCM:
+	case GNUTLS_CIPHER_AES_192_GCM:
+	case GNUTLS_CIPHER_AES_256_GCM:
+		FIPS_RULE(iv_size < GCM_IV_SIZE, GNUTLS_E_INVALID_REQUEST, "access to short GCM nonce size\n");
+		ctx->rekey_counter = 0;
+		break;
+	case GNUTLS_CIPHER_SALSA20_256:
+	case GNUTLS_CIPHER_ESTREAM_SALSA20_256:
+		if (iv_size != SALSA20_IV_SIZE)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		break;
+	default:
+		break;
+	}
+
+	max_iv = ctx->cipher->max_iv_size;
+	if (max_iv == 0)
+		max_iv = MAX_CIPHER_BLOCK_SIZE;
+
+	if (iv_size > max_iv)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (ctx->cipher->set_iv) {
+		ctx->cipher->set_iv(ctx->ctx_ptr, iv_size, iv);
+	} else {
+		if (iv)
+			memcpy(ctx->iv, iv, iv_size);
+		ctx->iv_size = iv_size;
+	}
+
+	return 0;
+}
+
+static int
+wrap_nettle_cipher_getiv(void *_ctx, void *iv, size_t iv_size)
+{
+	struct nettle_cipher_ctx *ctx = _ctx;
+
+	if (iv_size < ctx->iv_size)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memcpy(iv, ctx->iv, ctx->iv_size);
+
+	return (int) ctx->iv_size;
+}
+
+static int
+wrap_nettle_cipher_decrypt(void *_ctx, const void *encr, size_t encr_size,
+			   void *plain, size_t plain_size)
+{
+	struct nettle_cipher_ctx *ctx = _ctx;
+
+	if (unlikely(ctx->cipher->decrypt == NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ctx->cipher->decrypt(ctx, encr_size, plain, encr);
+
+	return 0;
+}
+
+static int
+wrap_nettle_cipher_encrypt(void *_ctx, const void *plain, size_t plain_size,
+			   void *encr, size_t encr_size)
+{
+	struct nettle_cipher_ctx *ctx = _ctx;
+	int ret;
+
+	if (unlikely(ctx->cipher->encrypt == NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	switch (ctx->cipher->algo) {
+	case GNUTLS_CIPHER_AES_128_GCM:
+	case GNUTLS_CIPHER_AES_192_GCM:
+	case GNUTLS_CIPHER_AES_256_GCM:
+		ret = record_aes_gcm_encrypt_size(&ctx->rekey_counter, plain_size);
+		if (ret < 0) {
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		}
+		break;
+	default:
+		break;
+	}
+
+	ctx->cipher->encrypt(ctx, plain_size, encr, plain);
+
+	return 0;
+}
+
+static int
+wrap_nettle_cipher_aead_encrypt(void *_ctx,
+				const void *nonce, size_t nonce_size,
+				const void *auth, size_t auth_size,
+				size_t tag_size,
+				const void *plain, size_t plain_size,
+				void *encr, size_t encr_size)
+{
+	struct nettle_cipher_ctx *ctx = _ctx;
+
+	if (ctx->cipher->aead_encrypt == NULL) {
+		/* proper AEAD cipher */
+		if (encr_size < plain_size + tag_size)
+			return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+		ctx->cipher->set_iv(ctx->ctx_ptr, nonce_size, nonce);
+		ctx->cipher->auth(ctx->ctx_ptr, auth_size, auth);
+
+		ctx->cipher->encrypt(ctx, plain_size, encr, plain);
+
+		ctx->cipher->tag(ctx->ctx_ptr, tag_size, ((uint8_t*)encr) + plain_size);
+	} else {
+		/* CCM-style cipher */
+		ctx->cipher->aead_encrypt(ctx,
+					  nonce_size, nonce,
+					  auth_size, auth,
+					  tag_size,
+					  tag_size+plain_size, encr,
+					  plain);
+	}
+	return 0;
+}
+
+static int
+wrap_nettle_cipher_aead_decrypt(void *_ctx,
+				const void *nonce, size_t nonce_size,
+				const void *auth, size_t auth_size,
+				size_t tag_size,
+				const void *encr, size_t encr_size,
+				void *plain, size_t plain_size)
+{
+	struct nettle_cipher_ctx *ctx = _ctx;
+	int ret;
+
+	if (unlikely(encr_size < tag_size))
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+	if (ctx->cipher->aead_decrypt == NULL) {
+		/* proper AEAD cipher */
+		uint8_t tag[MAX_HASH_SIZE];
+
+		ctx->cipher->set_iv(ctx->ctx_ptr, nonce_size, nonce);
+		ctx->cipher->auth(ctx->ctx_ptr, auth_size, auth);
+
+		encr_size -= tag_size;
+
+		if (unlikely(plain_size < encr_size))
+			return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+		ctx->cipher->decrypt(ctx, encr_size, plain, encr);
+
+		ctx->cipher->tag(ctx->ctx_ptr, tag_size, tag);
+
+		if (gnutls_memcmp(((uint8_t*)encr)+encr_size, tag, tag_size) != 0)
+			return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+	} else {
+		/* CCM-style cipher */
+		encr_size -= tag_size;
+
+		if (unlikely(plain_size < encr_size))
+			return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+		ret = ctx->cipher->aead_decrypt(ctx,
+						nonce_size, nonce,
+						auth_size, auth,
+						tag_size,
+						encr_size, plain,
+						encr);
+		if (unlikely(ret == 0))
+				return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+	}
+	return 0;
+}
+
+static int
+wrap_nettle_cipher_auth(void *_ctx, const void *plain, size_t plain_size)
+{
+	struct nettle_cipher_ctx *ctx = _ctx;
+
+	ctx->cipher->auth(ctx->ctx_ptr, plain_size, plain);
+
+	return 0;
+}
+
+static void wrap_nettle_cipher_tag(void *_ctx, void *tag, size_t tag_size)
+{
+	struct nettle_cipher_ctx *ctx = _ctx;
+
+	ctx->cipher->tag(ctx->ctx_ptr, tag_size, tag);
+
+}
+
+static void wrap_nettle_cipher_close(void *_ctx)
+{
+	struct nettle_cipher_ctx *ctx = _ctx;
+
+	zeroize_temp_key(ctx->ctx_ptr, ctx->cipher->ctx_size);
+	gnutls_free(ctx);
+}
+
+gnutls_crypto_cipher_st _gnutls_cipher_ops = {
+	.init = wrap_nettle_cipher_init,
+	.exists = wrap_nettle_cipher_exists,
+	.setiv = wrap_nettle_cipher_setiv,
+	.getiv = wrap_nettle_cipher_getiv,
+	.setkey = wrap_nettle_cipher_setkey,
+	.encrypt = wrap_nettle_cipher_encrypt,
+	.decrypt = wrap_nettle_cipher_decrypt,
+	.aead_encrypt = wrap_nettle_cipher_aead_encrypt,
+	.aead_decrypt = wrap_nettle_cipher_aead_decrypt,
+	.deinit = wrap_nettle_cipher_close,
+	.auth = wrap_nettle_cipher_auth,
+	.tag = wrap_nettle_cipher_tag,
+};
diff --git a/lib/nettle/gnettle.h b/lib/nettle/gnettle.h
new file mode 100644
index 0000000..f47569b
--- /dev/null
+++ b/lib/nettle/gnettle.h
@@ -0,0 +1,8 @@
+#ifndef GNUTLS_LIB_NETTLE_GNETTLE_H
+#define GNUTLS_LIB_NETTLE_GNETTLE_H
+
+#define PRIME_CHECK_PARAM 8
+#define TOMPZ(x) ((__mpz_struct*)(x))
+#define SIZEOF_MPZT sizeof(__mpz_struct)
+
+#endif /* GNUTLS_LIB_NETTLE_GNETTLE_H */
diff --git a/lib/nettle/gost/acpkm.c b/lib/nettle/gost/acpkm.c
new file mode 100644
index 0000000..8b05c7a
--- /dev/null
+++ b/lib/nettle/gost/acpkm.c
@@ -0,0 +1,83 @@
+/* acpkm.c
+
+   The R 1323565.1.017-2018 cipher function. See draft-irtf-cfrg-re-keying.
+
+   Copyright (C) 2018 Dmitry Eremin-Solenikov
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include "acpkm.h"
+
+static uint8_t acpkm_mesh_data[ACPKM_KEY_SIZE] =
+{
+  0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
+  0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
+  0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
+  0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
+};
+
+void acpkm_crypt(struct acpkm_ctx *ctx,
+		 void *cipher,
+		 nettle_cipher_func *encrypt,
+		 nettle_set_key_func *set_key,
+		 size_t length, uint8_t *dst,
+		 const uint8_t *src)
+{
+  size_t N = ctx->N;
+  size_t part;
+  uint8_t new_key[ACPKM_KEY_SIZE];
+
+  /* Less than a block, no rekeying */
+  if (ctx->pos + length < N)
+    {
+      encrypt(cipher, length, dst, src);
+      ctx->pos += length;
+      return;
+    }
+
+  for (part = N - ctx->pos; length >= part; part = N)
+    {
+      encrypt(cipher, part, dst, src);
+      src += part;
+      dst += part;
+      length -= part;
+
+      /* Rekey */
+      encrypt(cipher, ACPKM_KEY_SIZE, new_key, acpkm_mesh_data);
+      set_key(cipher, new_key);
+    }
+
+  if (length != 0)
+      encrypt(cipher, length, dst, src);
+
+  ctx->pos = length;
+}
diff --git a/lib/nettle/gost/acpkm.h b/lib/nettle/gost/acpkm.h
new file mode 100644
index 0000000..5ece09f
--- /dev/null
+++ b/lib/nettle/gost/acpkm.h
@@ -0,0 +1,68 @@
+/* acpkm.h
+
+   The R 1323565.1.017-2018 cipher function. See draft-irtf-cfrg-re-keying.
+
+   Copyright (C) 2018 Dmitry Eremin-Solenikov
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_ACPKM_H_INCLUDED
+#define NETTLE_ACPKM_H_INCLUDED
+
+#include <nettle/nettle-types.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define acpkm_crypt _gnutls_acpkm_crypt
+
+struct acpkm_ctx
+{
+  size_t N;
+  size_t pos;
+};
+
+#define ACPKM_CTX(type) \
+{ struct acpkm_ctx ctx; type cipher; }
+
+#define ACPKM_KEY_SIZE 32
+
+void acpkm_crypt(struct acpkm_ctx *ctx,
+		 void *cipher,
+		 nettle_cipher_func *encrypt,
+		 nettle_set_key_func *set_key,
+		 size_t length, uint8_t *dst,
+		 const uint8_t *src);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* NETTLE_ACPKM_H_INCLUDED */
+
diff --git a/lib/nettle/gost/bignum-le.c b/lib/nettle/gost/bignum-le.c
new file mode 100644
index 0000000..9faa282
--- /dev/null
+++ b/lib/nettle/gost/bignum-le.c
@@ -0,0 +1,78 @@
+/* bignum.c
+
+   Bignum operations that are missing from gmp.
+
+   Copyright (C) 2001 Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see https://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <gnutls_int.h>
+
+#include <string.h>
+
+#include <nettle/bignum.h>
+#include "bignum-le.h"
+
+void
+nettle_mpz_get_str_256_u_le(size_t length, uint8_t *s, const mpz_t x)
+{
+  if (!length)
+    {
+      /* x must be zero */
+      assert(!mpz_sgn(x));
+      return;
+    }
+
+  size_t count;
+
+  assert(nettle_mpz_sizeinbase_256_u(x) <= length);
+  mpz_export(s, &count, -1, 1, 0, 0, x);
+  memset(s + count, 0, length - count);
+}
+
+#define nettle_mpz_from_octets_le(x, length, s) \
+   mpz_import((x), (length), -1, 1, 0, 0, (s))
+
+void
+nettle_mpz_set_str_256_u_le(mpz_t x,
+			    size_t length, const uint8_t *s)
+{
+  nettle_mpz_from_octets_le(x, length, s);
+}
+
+void
+nettle_mpz_init_set_str_256_u_le(mpz_t x,
+				 size_t length, const uint8_t *s)
+{
+  mpz_init(x);
+  nettle_mpz_from_octets_le(x, length, s);
+}
diff --git a/lib/nettle/gost/bignum-le.h b/lib/nettle/gost/bignum-le.h
new file mode 100644
index 0000000..3672ad2
--- /dev/null
+++ b/lib/nettle/gost/bignum-le.h
@@ -0,0 +1,71 @@
+/* bignum.h
+
+   Bignum operations that are missing from gmp.
+
+   Copyright (C) 2001 Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see https://www.gnu.org/licenses/.
+*/
+ 
+#ifndef GNUTLS_LIB_NETTLE_GOST_BIGNUM_LE_H
+#define GNUTLS_LIB_NETTLE_GOST_BIGNUM_LE_H
+
+#include <nettle/nettle-meta.h>
+
+#include <nettle/nettle-types.h>
+
+#include <nettle/bignum.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define nettle_mpz_sizeinbase_256_u_le nettle_mpz_sizeinbase_256_u
+
+#define nettle_mpz_get_str_256_u_le _gnutls_mpz_get_str_256_u_le
+#define nettle_mpz_set_str_256_u_le _gnutls_mpz_set_str_256_u_le
+#define nettle_mpz_init_set_str_256_u_le _gnutls_mpz_init_set_str_256_u_le
+
+/* Writes an integer as length octets, using big endian byte order,
+ * and unsigned number format. */
+void
+nettle_mpz_get_str_256_u_le(size_t length, uint8_t *s, const mpz_t x);
+
+
+void
+nettle_mpz_set_str_256_u_le(mpz_t x,
+			    size_t length, const uint8_t *s);
+
+void
+nettle_mpz_init_set_str_256_u_le(mpz_t x,
+				 size_t length, const uint8_t *s);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* GNUTLS_LIB_NETTLE_GOST_BIGNUM_LE_H */
diff --git a/lib/nettle/gost/cmac-kuznyechik.c b/lib/nettle/gost/cmac-kuznyechik.c
new file mode 100644
index 0000000..0fd4af1
--- /dev/null
+++ b/lib/nettle/gost/cmac-kuznyechik.c
@@ -0,0 +1,54 @@
+/* cmac-kuznyechik.c - GOST R 34.12-2015 (Kuznyechik) cipher implementation
+ *
+ * Copyright: 2017 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+ * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+ * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#ifndef HAVE_NETTLE_CMAC_KUZNYECHIK_UPDATE
+
+#include <nettle/cmac.h>
+
+#include "gost/cmac.h"
+
+void
+cmac_kuznyechik_set_key(struct cmac_kuznyechik_ctx *ctx, const uint8_t *key)
+{
+  CMAC128_SET_KEY(ctx, kuznyechik_set_key, kuznyechik_encrypt, key);
+}
+
+void
+cmac_kuznyechik_update (struct cmac_kuznyechik_ctx *ctx,
+			size_t length, const uint8_t *data)
+{
+  CMAC128_UPDATE (ctx, kuznyechik_encrypt, length, data);
+}
+
+void
+cmac_kuznyechik_digest(struct cmac_kuznyechik_ctx *ctx,
+		       size_t length, uint8_t *digest)
+{
+  CMAC128_DIGEST(ctx, kuznyechik_encrypt, length, digest);
+}
+#endif
diff --git a/lib/nettle/gost/cmac-magma.c b/lib/nettle/gost/cmac-magma.c
new file mode 100644
index 0000000..9191967
--- /dev/null
+++ b/lib/nettle/gost/cmac-magma.c
@@ -0,0 +1,55 @@
+/* cmac-magma.c - GOST R 34.12-2015 (Magma) cipher implementation
+ *
+ * Copyright: 2017 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+ * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+ * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#ifndef HAVE_NETTLE_CMAC_MAGMA_UPDATE
+
+#include <nettle/cmac.h>
+
+#include "magma.h"
+#include "cmac.h"
+
+void
+cmac_magma_set_key(struct cmac_magma_ctx *ctx, const uint8_t *key)
+{
+  CMAC64_SET_KEY(ctx, magma_set_key, magma_encrypt, key);
+}
+
+void
+cmac_magma_update (struct cmac_magma_ctx *ctx,
+		   size_t length, const uint8_t *data)
+{
+  CMAC64_UPDATE (ctx, magma_encrypt, length, data);
+}
+
+void
+cmac_magma_digest(struct cmac_magma_ctx *ctx,
+		  size_t length, uint8_t *digest)
+{
+  CMAC64_DIGEST(ctx, magma_encrypt, length, digest);
+}
+#endif
diff --git a/lib/nettle/gost/cmac.h b/lib/nettle/gost/cmac.h
new file mode 100644
index 0000000..48f3b40
--- /dev/null
+++ b/lib/nettle/gost/cmac.h
@@ -0,0 +1,103 @@
+/* cmac.h
+
+   CMAC mode, as specified in RFC4493
+
+   Copyright (C) 2017 Red Hat, Inc.
+
+   Contributed by Nikos Mavrogiannopoulos
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef GOST_CMAC_H_INCLUDED
+#define GOST_CMAC_H_INCLUDED
+
+#if HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#ifndef HAVE_NETTLE_CMAC_MAGMA_UPDATE
+#include "magma.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define cmac_magma_set_key _gnutls_cmac_magma_set_key
+#define cmac_magma_update _gnutls_cmac_magma_update
+#define cmac_magma_digest _gnutls_cmac_magma_digest
+
+struct cmac_magma_ctx CMAC64_CTX(struct magma_ctx);
+
+void
+cmac_magma_set_key(struct cmac_magma_ctx *ctx, const uint8_t *key);
+
+void
+cmac_magma_update(struct cmac_magma_ctx *ctx,
+		  size_t length, const uint8_t *data);
+
+void
+cmac_magma_digest(struct cmac_magma_ctx *ctx,
+		  size_t length, uint8_t *digest);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HAVE_NETTLE_CMAC_MAGMA_UPDATE */
+
+#ifndef HAVE_NETTLE_CMAC_KUZNYECHIK_UPDATE
+#include "kuznyechik.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define cmac_kuznyechik_set_key _gnutls_cmac_kuznyechik_set_key
+#define cmac_kuznyechik_update _gnutls_cmac_kuznyechik_update
+#define cmac_kuznyechik_digest _gnutls_cmac_kuznyechik_digest
+
+struct cmac_kuznyechik_ctx CMAC128_CTX(struct kuznyechik_ctx);
+
+void
+cmac_kuznyechik_set_key(struct cmac_kuznyechik_ctx *ctx, const uint8_t *key);
+
+void
+cmac_kuznyechik_update(struct cmac_kuznyechik_ctx *ctx,
+		       size_t length, const uint8_t *data);
+
+void
+cmac_kuznyechik_digest(struct cmac_kuznyechik_ctx *ctx,
+		       size_t length, uint8_t *digest);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+#endif /* CMAC_H_INCLUDED */
diff --git a/lib/nettle/gost/gost-wrap.c b/lib/nettle/gost/gost-wrap.c
new file mode 100644
index 0000000..e4a616e
--- /dev/null
+++ b/lib/nettle/gost/gost-wrap.c
@@ -0,0 +1,130 @@
+/* GOST 28147-89 (Magma) implementation
+ *
+ * Copyright: 2015, 2016 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
+ * Copyright: 2009-2012 Aleksey Kravchenko <rhash.admin@gmail.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+ * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+ * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include <gnutls_int.h>
+
+#include <string.h>
+
+#include <nettle/macros.h>
+#include "gost28147.h"
+#include <nettle/cfb.h>
+#include <nettle/memops.h>
+
+void
+gost28147_kdf_cryptopro(const struct gost28147_param *param,
+		       const uint8_t *in,
+		       const uint8_t *ukm,
+		       uint8_t *out)
+{
+	struct gost28147_ctx ctx;
+	int i;
+
+	memcpy(out, in, GOST28147_KEY_SIZE);
+	for (i = 0; i < 8; i++) {
+		uint8_t mask;
+		uint8_t *p;
+		uint8_t iv[GOST28147_BLOCK_SIZE];
+		uint32_t block[2] = {0, 0};
+		uint32_t t;
+
+		for (p = out, mask = 1; mask; mask <<= 1) {
+			t = LE_READ_UINT32(p);
+			p += 4;
+			if (mask & ukm[i])
+				block[0] += t;
+			else
+				block[1] += t;
+		}
+
+		LE_WRITE_UINT32(iv + 0, block[0]);
+		LE_WRITE_UINT32(iv + 4, block[1]);
+
+		gost28147_set_key(&ctx, out);
+		gost28147_set_param(&ctx, param);
+		cfb_encrypt(&ctx,
+			    (nettle_cipher_func*)gost28147_encrypt_for_cfb,
+			    GOST28147_BLOCK_SIZE, iv,
+			    GOST28147_KEY_SIZE, out, out);
+	}
+}
+
+void
+gost28147_key_wrap_cryptopro(const struct gost28147_param *param,
+			     const uint8_t *kek,
+			     const uint8_t *ukm, size_t ukm_size,
+			     const uint8_t *cek,
+			     uint8_t *enc,
+			     uint8_t *imit)
+{
+	uint8_t kd[GOST28147_KEY_SIZE];
+	struct gost28147_ctx ctx;
+	struct gost28147_imit_ctx ictx;
+
+	assert(ukm_size >= GOST28147_IMIT_BLOCK_SIZE);
+
+	gost28147_kdf_cryptopro(param, kek, ukm, kd);
+	gost28147_set_key(&ctx, kd);
+	gost28147_set_param(&ctx, param);
+	gost28147_encrypt(&ctx, GOST28147_KEY_SIZE, enc, cek);
+
+	gost28147_imit_set_key(&ictx, GOST28147_KEY_SIZE, kd);
+	gost28147_imit_set_param(&ictx, param);
+	gost28147_imit_set_nonce(&ictx, ukm);
+	gost28147_imit_update(&ictx, GOST28147_KEY_SIZE, cek);
+	gost28147_imit_digest(&ictx, GOST28147_IMIT_DIGEST_SIZE, imit);
+}
+
+int
+gost28147_key_unwrap_cryptopro(const struct gost28147_param *param,
+			       const uint8_t *kek,
+			       const uint8_t *ukm, size_t ukm_size,
+			       const uint8_t *enc,
+			       const uint8_t *imit,
+			       uint8_t *cek)
+{
+	uint8_t kd[GOST28147_KEY_SIZE];
+	uint8_t mac[GOST28147_IMIT_DIGEST_SIZE];
+	struct gost28147_ctx ctx;
+	struct gost28147_imit_ctx ictx;
+
+	assert(ukm_size >= GOST28147_IMIT_BLOCK_SIZE);
+
+	gost28147_kdf_cryptopro(param, kek, ukm, kd);
+	gost28147_set_key(&ctx, kd);
+	gost28147_set_param(&ctx, param);
+	gost28147_decrypt(&ctx, GOST28147_KEY_SIZE, cek, enc);
+
+	gost28147_imit_set_key(&ictx, GOST28147_KEY_SIZE, kd);
+	gost28147_imit_set_param(&ictx, param);
+	gost28147_imit_set_nonce(&ictx, ukm);
+	gost28147_imit_update(&ictx, GOST28147_KEY_SIZE, cek);
+	gost28147_imit_digest(&ictx, GOST28147_IMIT_DIGEST_SIZE, mac);
+
+	return memeql_sec(mac, imit, GOST28147_IMIT_DIGEST_SIZE);
+}
diff --git a/lib/nettle/gost/gost28147.c b/lib/nettle/gost/gost28147.c
new file mode 100644
index 0000000..67e820f
--- /dev/null
+++ b/lib/nettle/gost/gost28147.c
@@ -0,0 +1,2547 @@
+/* gost28147.c - GOST 28147-89 (Magma) cipher implementation
+ *
+ * based on Russian standard GOST 28147-89
+ * For English description, check RFC 5830.
+ * S-Boxes are expanded from the tables defined in RFC4357:
+ *   https://tools.ietf.org/html/rfc4357
+ *
+ * Copyright: 2015-2015 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
+ * Copyright: 2009-2012 Aleksey Kravchenko <rhash.admin@gmail.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+ * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+ * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#ifndef HAVE_NETTLE_GOST28147_SET_KEY
+
+#include <gnutls_int.h>
+
+#include <string.h>
+
+#include <nettle/macros.h>
+#include "nettle-write.h"
+#include "gost28147.h"
+#include <nettle/memxor.h>
+
+/* pre-initialized GOST lookup tables based on rotated S-Box */
+const struct gost28147_param gost28147_param_test_3411 =
+{
+  0,
+  {
+    /* 0 */
+    0x00072000, 0x00075000, 0x00074800, 0x00071000,
+    0x00076800, 0x00074000, 0x00070000, 0x00077000,
+    0x00073000, 0x00075800, 0x00070800, 0x00076000,
+    0x00073800, 0x00077800, 0x00072800, 0x00071800,
+    0x0005a000, 0x0005d000, 0x0005c800, 0x00059000,
+    0x0005e800, 0x0005c000, 0x00058000, 0x0005f000,
+    0x0005b000, 0x0005d800, 0x00058800, 0x0005e000,
+    0x0005b800, 0x0005f800, 0x0005a800, 0x00059800,
+    0x00022000, 0x00025000, 0x00024800, 0x00021000,
+    0x00026800, 0x00024000, 0x00020000, 0x00027000,
+    0x00023000, 0x00025800, 0x00020800, 0x00026000,
+    0x00023800, 0x00027800, 0x00022800, 0x00021800,
+    0x00062000, 0x00065000, 0x00064800, 0x00061000,
+    0x00066800, 0x00064000, 0x00060000, 0x00067000,
+    0x00063000, 0x00065800, 0x00060800, 0x00066000,
+    0x00063800, 0x00067800, 0x00062800, 0x00061800,
+    0x00032000, 0x00035000, 0x00034800, 0x00031000,
+    0x00036800, 0x00034000, 0x00030000, 0x00037000,
+    0x00033000, 0x00035800, 0x00030800, 0x00036000,
+    0x00033800, 0x00037800, 0x00032800, 0x00031800,
+    0x0006a000, 0x0006d000, 0x0006c800, 0x00069000,
+    0x0006e800, 0x0006c000, 0x00068000, 0x0006f000,
+    0x0006b000, 0x0006d800, 0x00068800, 0x0006e000,
+    0x0006b800, 0x0006f800, 0x0006a800, 0x00069800,
+    0x0007a000, 0x0007d000, 0x0007c800, 0x00079000,
+    0x0007e800, 0x0007c000, 0x00078000, 0x0007f000,
+    0x0007b000, 0x0007d800, 0x00078800, 0x0007e000,
+    0x0007b800, 0x0007f800, 0x0007a800, 0x00079800,
+    0x00052000, 0x00055000, 0x00054800, 0x00051000,
+    0x00056800, 0x00054000, 0x00050000, 0x00057000,
+    0x00053000, 0x00055800, 0x00050800, 0x00056000,
+    0x00053800, 0x00057800, 0x00052800, 0x00051800,
+    0x00012000, 0x00015000, 0x00014800, 0x00011000,
+    0x00016800, 0x00014000, 0x00010000, 0x00017000,
+    0x00013000, 0x00015800, 0x00010800, 0x00016000,
+    0x00013800, 0x00017800, 0x00012800, 0x00011800,
+    0x0001a000, 0x0001d000, 0x0001c800, 0x00019000,
+    0x0001e800, 0x0001c000, 0x00018000, 0x0001f000,
+    0x0001b000, 0x0001d800, 0x00018800, 0x0001e000,
+    0x0001b800, 0x0001f800, 0x0001a800, 0x00019800,
+    0x00042000, 0x00045000, 0x00044800, 0x00041000,
+    0x00046800, 0x00044000, 0x00040000, 0x00047000,
+    0x00043000, 0x00045800, 0x00040800, 0x00046000,
+    0x00043800, 0x00047800, 0x00042800, 0x00041800,
+    0x0000a000, 0x0000d000, 0x0000c800, 0x00009000,
+    0x0000e800, 0x0000c000, 0x00008000, 0x0000f000,
+    0x0000b000, 0x0000d800, 0x00008800, 0x0000e000,
+    0x0000b800, 0x0000f800, 0x0000a800, 0x00009800,
+    0x00002000, 0x00005000, 0x00004800, 0x00001000,
+    0x00006800, 0x00004000, 0x00000000, 0x00007000,
+    0x00003000, 0x00005800, 0x00000800, 0x00006000,
+    0x00003800, 0x00007800, 0x00002800, 0x00001800,
+    0x0003a000, 0x0003d000, 0x0003c800, 0x00039000,
+    0x0003e800, 0x0003c000, 0x00038000, 0x0003f000,
+    0x0003b000, 0x0003d800, 0x00038800, 0x0003e000,
+    0x0003b800, 0x0003f800, 0x0003a800, 0x00039800,
+    0x0002a000, 0x0002d000, 0x0002c800, 0x00029000,
+    0x0002e800, 0x0002c000, 0x00028000, 0x0002f000,
+    0x0002b000, 0x0002d800, 0x00028800, 0x0002e000,
+    0x0002b800, 0x0002f800, 0x0002a800, 0x00029800,
+    0x0004a000, 0x0004d000, 0x0004c800, 0x00049000,
+    0x0004e800, 0x0004c000, 0x00048000, 0x0004f000,
+    0x0004b000, 0x0004d800, 0x00048800, 0x0004e000,
+    0x0004b800, 0x0004f800, 0x0004a800, 0x00049800,
+    /* 1 */
+    0x03a80000, 0x03c00000, 0x03880000, 0x03e80000,
+    0x03d00000, 0x03980000, 0x03a00000, 0x03900000,
+    0x03f00000, 0x03f80000, 0x03e00000, 0x03b80000,
+    0x03b00000, 0x03800000, 0x03c80000, 0x03d80000,
+    0x06a80000, 0x06c00000, 0x06880000, 0x06e80000,
+    0x06d00000, 0x06980000, 0x06a00000, 0x06900000,
+    0x06f00000, 0x06f80000, 0x06e00000, 0x06b80000,
+    0x06b00000, 0x06800000, 0x06c80000, 0x06d80000,
+    0x05280000, 0x05400000, 0x05080000, 0x05680000,
+    0x05500000, 0x05180000, 0x05200000, 0x05100000,
+    0x05700000, 0x05780000, 0x05600000, 0x05380000,
+    0x05300000, 0x05000000, 0x05480000, 0x05580000,
+    0x00a80000, 0x00c00000, 0x00880000, 0x00e80000,
+    0x00d00000, 0x00980000, 0x00a00000, 0x00900000,
+    0x00f00000, 0x00f80000, 0x00e00000, 0x00b80000,
+    0x00b00000, 0x00800000, 0x00c80000, 0x00d80000,
+    0x00280000, 0x00400000, 0x00080000, 0x00680000,
+    0x00500000, 0x00180000, 0x00200000, 0x00100000,
+    0x00700000, 0x00780000, 0x00600000, 0x00380000,
+    0x00300000, 0x00000000, 0x00480000, 0x00580000,
+    0x04280000, 0x04400000, 0x04080000, 0x04680000,
+    0x04500000, 0x04180000, 0x04200000, 0x04100000,
+    0x04700000, 0x04780000, 0x04600000, 0x04380000,
+    0x04300000, 0x04000000, 0x04480000, 0x04580000,
+    0x04a80000, 0x04c00000, 0x04880000, 0x04e80000,
+    0x04d00000, 0x04980000, 0x04a00000, 0x04900000,
+    0x04f00000, 0x04f80000, 0x04e00000, 0x04b80000,
+    0x04b00000, 0x04800000, 0x04c80000, 0x04d80000,
+    0x07a80000, 0x07c00000, 0x07880000, 0x07e80000,
+    0x07d00000, 0x07980000, 0x07a00000, 0x07900000,
+    0x07f00000, 0x07f80000, 0x07e00000, 0x07b80000,
+    0x07b00000, 0x07800000, 0x07c80000, 0x07d80000,
+    0x07280000, 0x07400000, 0x07080000, 0x07680000,
+    0x07500000, 0x07180000, 0x07200000, 0x07100000,
+    0x07700000, 0x07780000, 0x07600000, 0x07380000,
+    0x07300000, 0x07000000, 0x07480000, 0x07580000,
+    0x02280000, 0x02400000, 0x02080000, 0x02680000,
+    0x02500000, 0x02180000, 0x02200000, 0x02100000,
+    0x02700000, 0x02780000, 0x02600000, 0x02380000,
+    0x02300000, 0x02000000, 0x02480000, 0x02580000,
+    0x03280000, 0x03400000, 0x03080000, 0x03680000,
+    0x03500000, 0x03180000, 0x03200000, 0x03100000,
+    0x03700000, 0x03780000, 0x03600000, 0x03380000,
+    0x03300000, 0x03000000, 0x03480000, 0x03580000,
+    0x06280000, 0x06400000, 0x06080000, 0x06680000,
+    0x06500000, 0x06180000, 0x06200000, 0x06100000,
+    0x06700000, 0x06780000, 0x06600000, 0x06380000,
+    0x06300000, 0x06000000, 0x06480000, 0x06580000,
+    0x05a80000, 0x05c00000, 0x05880000, 0x05e80000,
+    0x05d00000, 0x05980000, 0x05a00000, 0x05900000,
+    0x05f00000, 0x05f80000, 0x05e00000, 0x05b80000,
+    0x05b00000, 0x05800000, 0x05c80000, 0x05d80000,
+    0x01280000, 0x01400000, 0x01080000, 0x01680000,
+    0x01500000, 0x01180000, 0x01200000, 0x01100000,
+    0x01700000, 0x01780000, 0x01600000, 0x01380000,
+    0x01300000, 0x01000000, 0x01480000, 0x01580000,
+    0x02a80000, 0x02c00000, 0x02880000, 0x02e80000,
+    0x02d00000, 0x02980000, 0x02a00000, 0x02900000,
+    0x02f00000, 0x02f80000, 0x02e00000, 0x02b80000,
+    0x02b00000, 0x02800000, 0x02c80000, 0x02d80000,
+    0x01a80000, 0x01c00000, 0x01880000, 0x01e80000,
+    0x01d00000, 0x01980000, 0x01a00000, 0x01900000,
+    0x01f00000, 0x01f80000, 0x01e00000, 0x01b80000,
+    0x01b00000, 0x01800000, 0x01c80000, 0x01d80000,
+    /* 2 */
+    0x30000002, 0x60000002, 0x38000002, 0x08000002,
+    0x28000002, 0x78000002, 0x68000002, 0x40000002,
+    0x20000002, 0x50000002, 0x48000002, 0x70000002,
+    0x00000002, 0x18000002, 0x58000002, 0x10000002,
+    0xb0000005, 0xe0000005, 0xb8000005, 0x88000005,
+    0xa8000005, 0xf8000005, 0xe8000005, 0xc0000005,
+    0xa0000005, 0xd0000005, 0xc8000005, 0xf0000005,
+    0x80000005, 0x98000005, 0xd8000005, 0x90000005,
+    0x30000005, 0x60000005, 0x38000005, 0x08000005,
+    0x28000005, 0x78000005, 0x68000005, 0x40000005,
+    0x20000005, 0x50000005, 0x48000005, 0x70000005,
+    0x00000005, 0x18000005, 0x58000005, 0x10000005,
+    0x30000000, 0x60000000, 0x38000000, 0x08000000,
+    0x28000000, 0x78000000, 0x68000000, 0x40000000,
+    0x20000000, 0x50000000, 0x48000000, 0x70000000,
+    0x00000000, 0x18000000, 0x58000000, 0x10000000,
+    0xb0000003, 0xe0000003, 0xb8000003, 0x88000003,
+    0xa8000003, 0xf8000003, 0xe8000003, 0xc0000003,
+    0xa0000003, 0xd0000003, 0xc8000003, 0xf0000003,
+    0x80000003, 0x98000003, 0xd8000003, 0x90000003,
+    0x30000001, 0x60000001, 0x38000001, 0x08000001,
+    0x28000001, 0x78000001, 0x68000001, 0x40000001,
+    0x20000001, 0x50000001, 0x48000001, 0x70000001,
+    0x00000001, 0x18000001, 0x58000001, 0x10000001,
+    0xb0000000, 0xe0000000, 0xb8000000, 0x88000000,
+    0xa8000000, 0xf8000000, 0xe8000000, 0xc0000000,
+    0xa0000000, 0xd0000000, 0xc8000000, 0xf0000000,
+    0x80000000, 0x98000000, 0xd8000000, 0x90000000,
+    0xb0000006, 0xe0000006, 0xb8000006, 0x88000006,
+    0xa8000006, 0xf8000006, 0xe8000006, 0xc0000006,
+    0xa0000006, 0xd0000006, 0xc8000006, 0xf0000006,
+    0x80000006, 0x98000006, 0xd8000006, 0x90000006,
+    0xb0000001, 0xe0000001, 0xb8000001, 0x88000001,
+    0xa8000001, 0xf8000001, 0xe8000001, 0xc0000001,
+    0xa0000001, 0xd0000001, 0xc8000001, 0xf0000001,
+    0x80000001, 0x98000001, 0xd8000001, 0x90000001,
+    0x30000003, 0x60000003, 0x38000003, 0x08000003,
+    0x28000003, 0x78000003, 0x68000003, 0x40000003,
+    0x20000003, 0x50000003, 0x48000003, 0x70000003,
+    0x00000003, 0x18000003, 0x58000003, 0x10000003,
+    0x30000004, 0x60000004, 0x38000004, 0x08000004,
+    0x28000004, 0x78000004, 0x68000004, 0x40000004,
+    0x20000004, 0x50000004, 0x48000004, 0x70000004,
+    0x00000004, 0x18000004, 0x58000004, 0x10000004,
+    0xb0000002, 0xe0000002, 0xb8000002, 0x88000002,
+    0xa8000002, 0xf8000002, 0xe8000002, 0xc0000002,
+    0xa0000002, 0xd0000002, 0xc8000002, 0xf0000002,
+    0x80000002, 0x98000002, 0xd8000002, 0x90000002,
+    0xb0000004, 0xe0000004, 0xb8000004, 0x88000004,
+    0xa8000004, 0xf8000004, 0xe8000004, 0xc0000004,
+    0xa0000004, 0xd0000004, 0xc8000004, 0xf0000004,
+    0x80000004, 0x98000004, 0xd8000004, 0x90000004,
+    0x30000006, 0x60000006, 0x38000006, 0x08000006,
+    0x28000006, 0x78000006, 0x68000006, 0x40000006,
+    0x20000006, 0x50000006, 0x48000006, 0x70000006,
+    0x00000006, 0x18000006, 0x58000006, 0x10000006,
+    0xb0000007, 0xe0000007, 0xb8000007, 0x88000007,
+    0xa8000007, 0xf8000007, 0xe8000007, 0xc0000007,
+    0xa0000007, 0xd0000007, 0xc8000007, 0xf0000007,
+    0x80000007, 0x98000007, 0xd8000007, 0x90000007,
+    0x30000007, 0x60000007, 0x38000007, 0x08000007,
+    0x28000007, 0x78000007, 0x68000007, 0x40000007,
+    0x20000007, 0x50000007, 0x48000007, 0x70000007,
+    0x00000007, 0x18000007, 0x58000007, 0x10000007,
+    /* 3 */
+    0x000000e8, 0x000000d8, 0x000000a0, 0x00000088,
+    0x00000098, 0x000000f8, 0x000000a8, 0x000000c8,
+    0x00000080, 0x000000d0, 0x000000f0, 0x000000b8,
+    0x000000b0, 0x000000c0, 0x00000090, 0x000000e0,
+    0x000007e8, 0x000007d8, 0x000007a0, 0x00000788,
+    0x00000798, 0x000007f8, 0x000007a8, 0x000007c8,
+    0x00000780, 0x000007d0, 0x000007f0, 0x000007b8,
+    0x000007b0, 0x000007c0, 0x00000790, 0x000007e0,
+    0x000006e8, 0x000006d8, 0x000006a0, 0x00000688,
+    0x00000698, 0x000006f8, 0x000006a8, 0x000006c8,
+    0x00000680, 0x000006d0, 0x000006f0, 0x000006b8,
+    0x000006b0, 0x000006c0, 0x00000690, 0x000006e0,
+    0x00000068, 0x00000058, 0x00000020, 0x00000008,
+    0x00000018, 0x00000078, 0x00000028, 0x00000048,
+    0x00000000, 0x00000050, 0x00000070, 0x00000038,
+    0x00000030, 0x00000040, 0x00000010, 0x00000060,
+    0x000002e8, 0x000002d8, 0x000002a0, 0x00000288,
+    0x00000298, 0x000002f8, 0x000002a8, 0x000002c8,
+    0x00000280, 0x000002d0, 0x000002f0, 0x000002b8,
+    0x000002b0, 0x000002c0, 0x00000290, 0x000002e0,
+    0x000003e8, 0x000003d8, 0x000003a0, 0x00000388,
+    0x00000398, 0x000003f8, 0x000003a8, 0x000003c8,
+    0x00000380, 0x000003d0, 0x000003f0, 0x000003b8,
+    0x000003b0, 0x000003c0, 0x00000390, 0x000003e0,
+    0x00000568, 0x00000558, 0x00000520, 0x00000508,
+    0x00000518, 0x00000578, 0x00000528, 0x00000548,
+    0x00000500, 0x00000550, 0x00000570, 0x00000538,
+    0x00000530, 0x00000540, 0x00000510, 0x00000560,
+    0x00000268, 0x00000258, 0x00000220, 0x00000208,
+    0x00000218, 0x00000278, 0x00000228, 0x00000248,
+    0x00000200, 0x00000250, 0x00000270, 0x00000238,
+    0x00000230, 0x00000240, 0x00000210, 0x00000260,
+    0x000004e8, 0x000004d8, 0x000004a0, 0x00000488,
+    0x00000498, 0x000004f8, 0x000004a8, 0x000004c8,
+    0x00000480, 0x000004d0, 0x000004f0, 0x000004b8,
+    0x000004b0, 0x000004c0, 0x00000490, 0x000004e0,
+    0x00000168, 0x00000158, 0x00000120, 0x00000108,
+    0x00000118, 0x00000178, 0x00000128, 0x00000148,
+    0x00000100, 0x00000150, 0x00000170, 0x00000138,
+    0x00000130, 0x00000140, 0x00000110, 0x00000160,
+    0x000001e8, 0x000001d8, 0x000001a0, 0x00000188,
+    0x00000198, 0x000001f8, 0x000001a8, 0x000001c8,
+    0x00000180, 0x000001d0, 0x000001f0, 0x000001b8,
+    0x000001b0, 0x000001c0, 0x00000190, 0x000001e0,
+    0x00000768, 0x00000758, 0x00000720, 0x00000708,
+    0x00000718, 0x00000778, 0x00000728, 0x00000748,
+    0x00000700, 0x00000750, 0x00000770, 0x00000738,
+    0x00000730, 0x00000740, 0x00000710, 0x00000760,
+    0x00000368, 0x00000358, 0x00000320, 0x00000308,
+    0x00000318, 0x00000378, 0x00000328, 0x00000348,
+    0x00000300, 0x00000350, 0x00000370, 0x00000338,
+    0x00000330, 0x00000340, 0x00000310, 0x00000360,
+    0x000005e8, 0x000005d8, 0x000005a0, 0x00000588,
+    0x00000598, 0x000005f8, 0x000005a8, 0x000005c8,
+    0x00000580, 0x000005d0, 0x000005f0, 0x000005b8,
+    0x000005b0, 0x000005c0, 0x00000590, 0x000005e0,
+    0x00000468, 0x00000458, 0x00000420, 0x00000408,
+    0x00000418, 0x00000478, 0x00000428, 0x00000448,
+    0x00000400, 0x00000450, 0x00000470, 0x00000438,
+    0x00000430, 0x00000440, 0x00000410, 0x00000460,
+    0x00000668, 0x00000658, 0x00000620, 0x00000608,
+    0x00000618, 0x00000678, 0x00000628, 0x00000648,
+    0x00000600, 0x00000650, 0x00000670, 0x00000638,
+    0x00000630, 0x00000640, 0x00000610, 0x00000660,
+  }
+};
+
+const struct gost28147_param gost28147_param_CryptoPro_3411 =
+{
+  0,
+  {
+    /* 0 */
+    0x0002d000, 0x0002a000, 0x0002a800, 0x0002b000,
+    0x0002c000, 0x00028800, 0x00029800, 0x0002b800,
+    0x0002e800, 0x0002e000, 0x0002f000, 0x00028000,
+    0x0002c800, 0x00029000, 0x0002d800, 0x0002f800,
+    0x0007d000, 0x0007a000, 0x0007a800, 0x0007b000,
+    0x0007c000, 0x00078800, 0x00079800, 0x0007b800,
+    0x0007e800, 0x0007e000, 0x0007f000, 0x00078000,
+    0x0007c800, 0x00079000, 0x0007d800, 0x0007f800,
+    0x00025000, 0x00022000, 0x00022800, 0x00023000,
+    0x00024000, 0x00020800, 0x00021800, 0x00023800,
+    0x00026800, 0x00026000, 0x00027000, 0x00020000,
+    0x00024800, 0x00021000, 0x00025800, 0x00027800,
+    0x00005000, 0x00002000, 0x00002800, 0x00003000,
+    0x00004000, 0x00000800, 0x00001800, 0x00003800,
+    0x00006800, 0x00006000, 0x00007000, 0x00000000,
+    0x00004800, 0x00001000, 0x00005800, 0x00007800,
+    0x00015000, 0x00012000, 0x00012800, 0x00013000,
+    0x00014000, 0x00010800, 0x00011800, 0x00013800,
+    0x00016800, 0x00016000, 0x00017000, 0x00010000,
+    0x00014800, 0x00011000, 0x00015800, 0x00017800,
+    0x0006d000, 0x0006a000, 0x0006a800, 0x0006b000,
+    0x0006c000, 0x00068800, 0x00069800, 0x0006b800,
+    0x0006e800, 0x0006e000, 0x0006f000, 0x00068000,
+    0x0006c800, 0x00069000, 0x0006d800, 0x0006f800,
+    0x0005d000, 0x0005a000, 0x0005a800, 0x0005b000,
+    0x0005c000, 0x00058800, 0x00059800, 0x0005b800,
+    0x0005e800, 0x0005e000, 0x0005f000, 0x00058000,
+    0x0005c800, 0x00059000, 0x0005d800, 0x0005f800,
+    0x0004d000, 0x0004a000, 0x0004a800, 0x0004b000,
+    0x0004c000, 0x00048800, 0x00049800, 0x0004b800,
+    0x0004e800, 0x0004e000, 0x0004f000, 0x00048000,
+    0x0004c800, 0x00049000, 0x0004d800, 0x0004f800,
+    0x0000d000, 0x0000a000, 0x0000a800, 0x0000b000,
+    0x0000c000, 0x00008800, 0x00009800, 0x0000b800,
+    0x0000e800, 0x0000e000, 0x0000f000, 0x00008000,
+    0x0000c800, 0x00009000, 0x0000d800, 0x0000f800,
+    0x0003d000, 0x0003a000, 0x0003a800, 0x0003b000,
+    0x0003c000, 0x00038800, 0x00039800, 0x0003b800,
+    0x0003e800, 0x0003e000, 0x0003f000, 0x00038000,
+    0x0003c800, 0x00039000, 0x0003d800, 0x0003f800,
+    0x00035000, 0x00032000, 0x00032800, 0x00033000,
+    0x00034000, 0x00030800, 0x00031800, 0x00033800,
+    0x00036800, 0x00036000, 0x00037000, 0x00030000,
+    0x00034800, 0x00031000, 0x00035800, 0x00037800,
+    0x0001d000, 0x0001a000, 0x0001a800, 0x0001b000,
+    0x0001c000, 0x00018800, 0x00019800, 0x0001b800,
+    0x0001e800, 0x0001e000, 0x0001f000, 0x00018000,
+    0x0001c800, 0x00019000, 0x0001d800, 0x0001f800,
+    0x00065000, 0x00062000, 0x00062800, 0x00063000,
+    0x00064000, 0x00060800, 0x00061800, 0x00063800,
+    0x00066800, 0x00066000, 0x00067000, 0x00060000,
+    0x00064800, 0x00061000, 0x00065800, 0x00067800,
+    0x00075000, 0x00072000, 0x00072800, 0x00073000,
+    0x00074000, 0x00070800, 0x00071800, 0x00073800,
+    0x00076800, 0x00076000, 0x00077000, 0x00070000,
+    0x00074800, 0x00071000, 0x00075800, 0x00077800,
+    0x00055000, 0x00052000, 0x00052800, 0x00053000,
+    0x00054000, 0x00050800, 0x00051800, 0x00053800,
+    0x00056800, 0x00056000, 0x00057000, 0x00050000,
+    0x00054800, 0x00051000, 0x00055800, 0x00057800,
+    0x00045000, 0x00042000, 0x00042800, 0x00043000,
+    0x00044000, 0x00040800, 0x00041800, 0x00043800,
+    0x00046800, 0x00046000, 0x00047000, 0x00040000,
+    0x00044800, 0x00041000, 0x00045800, 0x00047800,
+    /* 1 */
+    0x02380000, 0x02780000, 0x02600000, 0x02700000,
+    0x02480000, 0x02200000, 0x02080000, 0x02000000,
+    0x02180000, 0x02580000, 0x02280000, 0x02100000,
+    0x02300000, 0x02500000, 0x02400000, 0x02680000,
+    0x05380000, 0x05780000, 0x05600000, 0x05700000,
+    0x05480000, 0x05200000, 0x05080000, 0x05000000,
+    0x05180000, 0x05580000, 0x05280000, 0x05100000,
+    0x05300000, 0x05500000, 0x05400000, 0x05680000,
+    0x03b80000, 0x03f80000, 0x03e00000, 0x03f00000,
+    0x03c80000, 0x03a00000, 0x03880000, 0x03800000,
+    0x03980000, 0x03d80000, 0x03a80000, 0x03900000,
+    0x03b00000, 0x03d00000, 0x03c00000, 0x03e80000,
+    0x06380000, 0x06780000, 0x06600000, 0x06700000,
+    0x06480000, 0x06200000, 0x06080000, 0x06000000,
+    0x06180000, 0x06580000, 0x06280000, 0x06100000,
+    0x06300000, 0x06500000, 0x06400000, 0x06680000,
+    0x00380000, 0x00780000, 0x00600000, 0x00700000,
+    0x00480000, 0x00200000, 0x00080000, 0x00000000,
+    0x00180000, 0x00580000, 0x00280000, 0x00100000,
+    0x00300000, 0x00500000, 0x00400000, 0x00680000,
+    0x07b80000, 0x07f80000, 0x07e00000, 0x07f00000,
+    0x07c80000, 0x07a00000, 0x07880000, 0x07800000,
+    0x07980000, 0x07d80000, 0x07a80000, 0x07900000,
+    0x07b00000, 0x07d00000, 0x07c00000, 0x07e80000,
+    0x01380000, 0x01780000, 0x01600000, 0x01700000,
+    0x01480000, 0x01200000, 0x01080000, 0x01000000,
+    0x01180000, 0x01580000, 0x01280000, 0x01100000,
+    0x01300000, 0x01500000, 0x01400000, 0x01680000,
+    0x04380000, 0x04780000, 0x04600000, 0x04700000,
+    0x04480000, 0x04200000, 0x04080000, 0x04000000,
+    0x04180000, 0x04580000, 0x04280000, 0x04100000,
+    0x04300000, 0x04500000, 0x04400000, 0x04680000,
+    0x07380000, 0x07780000, 0x07600000, 0x07700000,
+    0x07480000, 0x07200000, 0x07080000, 0x07000000,
+    0x07180000, 0x07580000, 0x07280000, 0x07100000,
+    0x07300000, 0x07500000, 0x07400000, 0x07680000,
+    0x00b80000, 0x00f80000, 0x00e00000, 0x00f00000,
+    0x00c80000, 0x00a00000, 0x00880000, 0x00800000,
+    0x00980000, 0x00d80000, 0x00a80000, 0x00900000,
+    0x00b00000, 0x00d00000, 0x00c00000, 0x00e80000,
+    0x03380000, 0x03780000, 0x03600000, 0x03700000,
+    0x03480000, 0x03200000, 0x03080000, 0x03000000,
+    0x03180000, 0x03580000, 0x03280000, 0x03100000,
+    0x03300000, 0x03500000, 0x03400000, 0x03680000,
+    0x02b80000, 0x02f80000, 0x02e00000, 0x02f00000,
+    0x02c80000, 0x02a00000, 0x02880000, 0x02800000,
+    0x02980000, 0x02d80000, 0x02a80000, 0x02900000,
+    0x02b00000, 0x02d00000, 0x02c00000, 0x02e80000,
+    0x06b80000, 0x06f80000, 0x06e00000, 0x06f00000,
+    0x06c80000, 0x06a00000, 0x06880000, 0x06800000,
+    0x06980000, 0x06d80000, 0x06a80000, 0x06900000,
+    0x06b00000, 0x06d00000, 0x06c00000, 0x06e80000,
+    0x05b80000, 0x05f80000, 0x05e00000, 0x05f00000,
+    0x05c80000, 0x05a00000, 0x05880000, 0x05800000,
+    0x05980000, 0x05d80000, 0x05a80000, 0x05900000,
+    0x05b00000, 0x05d00000, 0x05c00000, 0x05e80000,
+    0x04b80000, 0x04f80000, 0x04e00000, 0x04f00000,
+    0x04c80000, 0x04a00000, 0x04880000, 0x04800000,
+    0x04980000, 0x04d80000, 0x04a80000, 0x04900000,
+    0x04b00000, 0x04d00000, 0x04c00000, 0x04e80000,
+    0x01b80000, 0x01f80000, 0x01e00000, 0x01f00000,
+    0x01c80000, 0x01a00000, 0x01880000, 0x01800000,
+    0x01980000, 0x01d80000, 0x01a80000, 0x01900000,
+    0x01b00000, 0x01d00000, 0x01c00000, 0x01e80000,
+    /* 2 */
+    0xb8000003, 0xb0000003, 0xa0000003, 0xd8000003,
+    0xc8000003, 0xe0000003, 0x90000003, 0xd0000003,
+    0x88000003, 0xc0000003, 0x80000003, 0xf0000003,
+    0xf8000003, 0xe8000003, 0x98000003, 0xa8000003,
+    0x38000003, 0x30000003, 0x20000003, 0x58000003,
+    0x48000003, 0x60000003, 0x10000003, 0x50000003,
+    0x08000003, 0x40000003, 0x00000003, 0x70000003,
+    0x78000003, 0x68000003, 0x18000003, 0x28000003,
+    0x38000001, 0x30000001, 0x20000001, 0x58000001,
+    0x48000001, 0x60000001, 0x10000001, 0x50000001,
+    0x08000001, 0x40000001, 0x00000001, 0x70000001,
+    0x78000001, 0x68000001, 0x18000001, 0x28000001,
+    0x38000002, 0x30000002, 0x20000002, 0x58000002,
+    0x48000002, 0x60000002, 0x10000002, 0x50000002,
+    0x08000002, 0x40000002, 0x00000002, 0x70000002,
+    0x78000002, 0x68000002, 0x18000002, 0x28000002,
+    0xb8000006, 0xb0000006, 0xa0000006, 0xd8000006,
+    0xc8000006, 0xe0000006, 0x90000006, 0xd0000006,
+    0x88000006, 0xc0000006, 0x80000006, 0xf0000006,
+    0xf8000006, 0xe8000006, 0x98000006, 0xa8000006,
+    0xb8000004, 0xb0000004, 0xa0000004, 0xd8000004,
+    0xc8000004, 0xe0000004, 0x90000004, 0xd0000004,
+    0x88000004, 0xc0000004, 0x80000004, 0xf0000004,
+    0xf8000004, 0xe8000004, 0x98000004, 0xa8000004,
+    0xb8000007, 0xb0000007, 0xa0000007, 0xd8000007,
+    0xc8000007, 0xe0000007, 0x90000007, 0xd0000007,
+    0x88000007, 0xc0000007, 0x80000007, 0xf0000007,
+    0xf8000007, 0xe8000007, 0x98000007, 0xa8000007,
+    0x38000000, 0x30000000, 0x20000000, 0x58000000,
+    0x48000000, 0x60000000, 0x10000000, 0x50000000,
+    0x08000000, 0x40000000, 0x00000000, 0x70000000,
+    0x78000000, 0x68000000, 0x18000000, 0x28000000,
+    0x38000005, 0x30000005, 0x20000005, 0x58000005,
+    0x48000005, 0x60000005, 0x10000005, 0x50000005,
+    0x08000005, 0x40000005, 0x00000005, 0x70000005,
+    0x78000005, 0x68000005, 0x18000005, 0x28000005,
+    0xb8000000, 0xb0000000, 0xa0000000, 0xd8000000,
+    0xc8000000, 0xe0000000, 0x90000000, 0xd0000000,
+    0x88000000, 0xc0000000, 0x80000000, 0xf0000000,
+    0xf8000000, 0xe8000000, 0x98000000, 0xa8000000,
+    0xb8000002, 0xb0000002, 0xa0000002, 0xd8000002,
+    0xc8000002, 0xe0000002, 0x90000002, 0xd0000002,
+    0x88000002, 0xc0000002, 0x80000002, 0xf0000002,
+    0xf8000002, 0xe8000002, 0x98000002, 0xa8000002,
+    0xb8000005, 0xb0000005, 0xa0000005, 0xd8000005,
+    0xc8000005, 0xe0000005, 0x90000005, 0xd0000005,
+    0x88000005, 0xc0000005, 0x80000005, 0xf0000005,
+    0xf8000005, 0xe8000005, 0x98000005, 0xa8000005,
+    0x38000004, 0x30000004, 0x20000004, 0x58000004,
+    0x48000004, 0x60000004, 0x10000004, 0x50000004,
+    0x08000004, 0x40000004, 0x00000004, 0x70000004,
+    0x78000004, 0x68000004, 0x18000004, 0x28000004,
+    0x38000007, 0x30000007, 0x20000007, 0x58000007,
+    0x48000007, 0x60000007, 0x10000007, 0x50000007,
+    0x08000007, 0x40000007, 0x00000007, 0x70000007,
+    0x78000007, 0x68000007, 0x18000007, 0x28000007,
+    0x38000006, 0x30000006, 0x20000006, 0x58000006,
+    0x48000006, 0x60000006, 0x10000006, 0x50000006,
+    0x08000006, 0x40000006, 0x00000006, 0x70000006,
+    0x78000006, 0x68000006, 0x18000006, 0x28000006,
+    0xb8000001, 0xb0000001, 0xa0000001, 0xd8000001,
+    0xc8000001, 0xe0000001, 0x90000001, 0xd0000001,
+    0x88000001, 0xc0000001, 0x80000001, 0xf0000001,
+    0xf8000001, 0xe8000001, 0x98000001, 0xa8000001,
+    /* 3 */
+    0x000000e8, 0x000000f0, 0x000000a0, 0x00000088,
+    0x000000b8, 0x00000080, 0x000000a8, 0x000000d0,
+    0x00000098, 0x000000e0, 0x000000c0, 0x000000f8,
+    0x000000b0, 0x00000090, 0x000000c8, 0x000000d8,
+    0x000001e8, 0x000001f0, 0x000001a0, 0x00000188,
+    0x000001b8, 0x00000180, 0x000001a8, 0x000001d0,
+    0x00000198, 0x000001e0, 0x000001c0, 0x000001f8,
+    0x000001b0, 0x00000190, 0x000001c8, 0x000001d8,
+    0x00000568, 0x00000570, 0x00000520, 0x00000508,
+    0x00000538, 0x00000500, 0x00000528, 0x00000550,
+    0x00000518, 0x00000560, 0x00000540, 0x00000578,
+    0x00000530, 0x00000510, 0x00000548, 0x00000558,
+    0x000004e8, 0x000004f0, 0x000004a0, 0x00000488,
+    0x000004b8, 0x00000480, 0x000004a8, 0x000004d0,
+    0x00000498, 0x000004e0, 0x000004c0, 0x000004f8,
+    0x000004b0, 0x00000490, 0x000004c8, 0x000004d8,
+    0x000002e8, 0x000002f0, 0x000002a0, 0x00000288,
+    0x000002b8, 0x00000280, 0x000002a8, 0x000002d0,
+    0x00000298, 0x000002e0, 0x000002c0, 0x000002f8,
+    0x000002b0, 0x00000290, 0x000002c8, 0x000002d8,
+    0x000005e8, 0x000005f0, 0x000005a0, 0x00000588,
+    0x000005b8, 0x00000580, 0x000005a8, 0x000005d0,
+    0x00000598, 0x000005e0, 0x000005c0, 0x000005f8,
+    0x000005b0, 0x00000590, 0x000005c8, 0x000005d8,
+    0x00000268, 0x00000270, 0x00000220, 0x00000208,
+    0x00000238, 0x00000200, 0x00000228, 0x00000250,
+    0x00000218, 0x00000260, 0x00000240, 0x00000278,
+    0x00000230, 0x00000210, 0x00000248, 0x00000258,
+    0x000007e8, 0x000007f0, 0x000007a0, 0x00000788,
+    0x000007b8, 0x00000780, 0x000007a8, 0x000007d0,
+    0x00000798, 0x000007e0, 0x000007c0, 0x000007f8,
+    0x000007b0, 0x00000790, 0x000007c8, 0x000007d8,
+    0x00000468, 0x00000470, 0x00000420, 0x00000408,
+    0x00000438, 0x00000400, 0x00000428, 0x00000450,
+    0x00000418, 0x00000460, 0x00000440, 0x00000478,
+    0x00000430, 0x00000410, 0x00000448, 0x00000458,
+    0x00000368, 0x00000370, 0x00000320, 0x00000308,
+    0x00000338, 0x00000300, 0x00000328, 0x00000350,
+    0x00000318, 0x00000360, 0x00000340, 0x00000378,
+    0x00000330, 0x00000310, 0x00000348, 0x00000358,
+    0x000003e8, 0x000003f0, 0x000003a0, 0x00000388,
+    0x000003b8, 0x00000380, 0x000003a8, 0x000003d0,
+    0x00000398, 0x000003e0, 0x000003c0, 0x000003f8,
+    0x000003b0, 0x00000390, 0x000003c8, 0x000003d8,
+    0x00000768, 0x00000770, 0x00000720, 0x00000708,
+    0x00000738, 0x00000700, 0x00000728, 0x00000750,
+    0x00000718, 0x00000760, 0x00000740, 0x00000778,
+    0x00000730, 0x00000710, 0x00000748, 0x00000758,
+    0x000006e8, 0x000006f0, 0x000006a0, 0x00000688,
+    0x000006b8, 0x00000680, 0x000006a8, 0x000006d0,
+    0x00000698, 0x000006e0, 0x000006c0, 0x000006f8,
+    0x000006b0, 0x00000690, 0x000006c8, 0x000006d8,
+    0x00000068, 0x00000070, 0x00000020, 0x00000008,
+    0x00000038, 0x00000000, 0x00000028, 0x00000050,
+    0x00000018, 0x00000060, 0x00000040, 0x00000078,
+    0x00000030, 0x00000010, 0x00000048, 0x00000058,
+    0x00000168, 0x00000170, 0x00000120, 0x00000108,
+    0x00000138, 0x00000100, 0x00000128, 0x00000150,
+    0x00000118, 0x00000160, 0x00000140, 0x00000178,
+    0x00000130, 0x00000110, 0x00000148, 0x00000158,
+    0x00000668, 0x00000670, 0x00000620, 0x00000608,
+    0x00000638, 0x00000600, 0x00000628, 0x00000650,
+    0x00000618, 0x00000660, 0x00000640, 0x00000678,
+    0x00000630, 0x00000610, 0x00000648, 0x00000658,
+  }
+};
+
+const struct gost28147_param gost28147_param_Test_89 =
+{
+  0,
+  {
+    /* 0 */
+    0x00062000, 0x00061000, 0x00067800, 0x00062800,
+    0x00064800, 0x00060800, 0x00060000, 0x00064000,
+    0x00067000, 0x00061800, 0x00065800, 0x00066000,
+    0x00066800, 0x00063800, 0x00065000, 0x00063000,
+    0x0004a000, 0x00049000, 0x0004f800, 0x0004a800,
+    0x0004c800, 0x00048800, 0x00048000, 0x0004c000,
+    0x0004f000, 0x00049800, 0x0004d800, 0x0004e000,
+    0x0004e800, 0x0004b800, 0x0004d000, 0x0004b000,
+    0x0007a000, 0x00079000, 0x0007f800, 0x0007a800,
+    0x0007c800, 0x00078800, 0x00078000, 0x0007c000,
+    0x0007f000, 0x00079800, 0x0007d800, 0x0007e000,
+    0x0007e800, 0x0007b800, 0x0007d000, 0x0007b000,
+    0x00072000, 0x00071000, 0x00077800, 0x00072800,
+    0x00074800, 0x00070800, 0x00070000, 0x00074000,
+    0x00077000, 0x00071800, 0x00075800, 0x00076000,
+    0x00076800, 0x00073800, 0x00075000, 0x00073000,
+    0x00042000, 0x00041000, 0x00047800, 0x00042800,
+    0x00044800, 0x00040800, 0x00040000, 0x00044000,
+    0x00047000, 0x00041800, 0x00045800, 0x00046000,
+    0x00046800, 0x00043800, 0x00045000, 0x00043000,
+    0x0000a000, 0x00009000, 0x0000f800, 0x0000a800,
+    0x0000c800, 0x00008800, 0x00008000, 0x0000c000,
+    0x0000f000, 0x00009800, 0x0000d800, 0x0000e000,
+    0x0000e800, 0x0000b800, 0x0000d000, 0x0000b000,
+    0x0001a000, 0x00019000, 0x0001f800, 0x0001a800,
+    0x0001c800, 0x00018800, 0x00018000, 0x0001c000,
+    0x0001f000, 0x00019800, 0x0001d800, 0x0001e000,
+    0x0001e800, 0x0001b800, 0x0001d000, 0x0001b000,
+    0x00052000, 0x00051000, 0x00057800, 0x00052800,
+    0x00054800, 0x00050800, 0x00050000, 0x00054000,
+    0x00057000, 0x00051800, 0x00055800, 0x00056000,
+    0x00056800, 0x00053800, 0x00055000, 0x00053000,
+    0x00012000, 0x00011000, 0x00017800, 0x00012800,
+    0x00014800, 0x00010800, 0x00010000, 0x00014000,
+    0x00017000, 0x00011800, 0x00015800, 0x00016000,
+    0x00016800, 0x00013800, 0x00015000, 0x00013000,
+    0x0003a000, 0x00039000, 0x0003f800, 0x0003a800,
+    0x0003c800, 0x00038800, 0x00038000, 0x0003c000,
+    0x0003f000, 0x00039800, 0x0003d800, 0x0003e000,
+    0x0003e800, 0x0003b800, 0x0003d000, 0x0003b000,
+    0x00022000, 0x00021000, 0x00027800, 0x00022800,
+    0x00024800, 0x00020800, 0x00020000, 0x00024000,
+    0x00027000, 0x00021800, 0x00025800, 0x00026000,
+    0x00026800, 0x00023800, 0x00025000, 0x00023000,
+    0x0006a000, 0x00069000, 0x0006f800, 0x0006a800,
+    0x0006c800, 0x00068800, 0x00068000, 0x0006c000,
+    0x0006f000, 0x00069800, 0x0006d800, 0x0006e000,
+    0x0006e800, 0x0006b800, 0x0006d000, 0x0006b000,
+    0x00032000, 0x00031000, 0x00037800, 0x00032800,
+    0x00034800, 0x00030800, 0x00030000, 0x00034000,
+    0x00037000, 0x00031800, 0x00035800, 0x00036000,
+    0x00036800, 0x00033800, 0x00035000, 0x00033000,
+    0x00002000, 0x00001000, 0x00007800, 0x00002800,
+    0x00004800, 0x00000800, 0x00000000, 0x00004000,
+    0x00007000, 0x00001800, 0x00005800, 0x00006000,
+    0x00006800, 0x00003800, 0x00005000, 0x00003000,
+    0x0005a000, 0x00059000, 0x0005f800, 0x0005a800,
+    0x0005c800, 0x00058800, 0x00058000, 0x0005c000,
+    0x0005f000, 0x00059800, 0x0005d800, 0x0005e000,
+    0x0005e800, 0x0005b800, 0x0005d000, 0x0005b000,
+    0x0002a000, 0x00029000, 0x0002f800, 0x0002a800,
+    0x0002c800, 0x00028800, 0x00028000, 0x0002c000,
+    0x0002f000, 0x00029800, 0x0002d800, 0x0002e000,
+    0x0002e800, 0x0002b800, 0x0002d000, 0x0002b000,
+    /* 1 */
+    0x07680000, 0x07400000, 0x07700000, 0x07600000,
+    0x07380000, 0x07180000, 0x07480000, 0x07500000,
+    0x07080000, 0x07280000, 0x07100000, 0x07200000,
+    0x07300000, 0x07780000, 0x07000000, 0x07580000,
+    0x04e80000, 0x04c00000, 0x04f00000, 0x04e00000,
+    0x04b80000, 0x04980000, 0x04c80000, 0x04d00000,
+    0x04880000, 0x04a80000, 0x04900000, 0x04a00000,
+    0x04b00000, 0x04f80000, 0x04800000, 0x04d80000,
+    0x05e80000, 0x05c00000, 0x05f00000, 0x05e00000,
+    0x05b80000, 0x05980000, 0x05c80000, 0x05d00000,
+    0x05880000, 0x05a80000, 0x05900000, 0x05a00000,
+    0x05b00000, 0x05f80000, 0x05800000, 0x05d80000,
+    0x01680000, 0x01400000, 0x01700000, 0x01600000,
+    0x01380000, 0x01180000, 0x01480000, 0x01500000,
+    0x01080000, 0x01280000, 0x01100000, 0x01200000,
+    0x01300000, 0x01780000, 0x01000000, 0x01580000,
+    0x02e80000, 0x02c00000, 0x02f00000, 0x02e00000,
+    0x02b80000, 0x02980000, 0x02c80000, 0x02d00000,
+    0x02880000, 0x02a80000, 0x02900000, 0x02a00000,
+    0x02b00000, 0x02f80000, 0x02800000, 0x02d80000,
+    0x07e80000, 0x07c00000, 0x07f00000, 0x07e00000,
+    0x07b80000, 0x07980000, 0x07c80000, 0x07d00000,
+    0x07880000, 0x07a80000, 0x07900000, 0x07a00000,
+    0x07b00000, 0x07f80000, 0x07800000, 0x07d80000,
+    0x03e80000, 0x03c00000, 0x03f00000, 0x03e00000,
+    0x03b80000, 0x03980000, 0x03c80000, 0x03d00000,
+    0x03880000, 0x03a80000, 0x03900000, 0x03a00000,
+    0x03b00000, 0x03f80000, 0x03800000, 0x03d80000,
+    0x00e80000, 0x00c00000, 0x00f00000, 0x00e00000,
+    0x00b80000, 0x00980000, 0x00c80000, 0x00d00000,
+    0x00880000, 0x00a80000, 0x00900000, 0x00a00000,
+    0x00b00000, 0x00f80000, 0x00800000, 0x00d80000,
+    0x00680000, 0x00400000, 0x00700000, 0x00600000,
+    0x00380000, 0x00180000, 0x00480000, 0x00500000,
+    0x00080000, 0x00280000, 0x00100000, 0x00200000,
+    0x00300000, 0x00780000, 0x00000000, 0x00580000,
+    0x06e80000, 0x06c00000, 0x06f00000, 0x06e00000,
+    0x06b80000, 0x06980000, 0x06c80000, 0x06d00000,
+    0x06880000, 0x06a80000, 0x06900000, 0x06a00000,
+    0x06b00000, 0x06f80000, 0x06800000, 0x06d80000,
+    0x06680000, 0x06400000, 0x06700000, 0x06600000,
+    0x06380000, 0x06180000, 0x06480000, 0x06500000,
+    0x06080000, 0x06280000, 0x06100000, 0x06200000,
+    0x06300000, 0x06780000, 0x06000000, 0x06580000,
+    0x03680000, 0x03400000, 0x03700000, 0x03600000,
+    0x03380000, 0x03180000, 0x03480000, 0x03500000,
+    0x03080000, 0x03280000, 0x03100000, 0x03200000,
+    0x03300000, 0x03780000, 0x03000000, 0x03580000,
+    0x05680000, 0x05400000, 0x05700000, 0x05600000,
+    0x05380000, 0x05180000, 0x05480000, 0x05500000,
+    0x05080000, 0x05280000, 0x05100000, 0x05200000,
+    0x05300000, 0x05780000, 0x05000000, 0x05580000,
+    0x02680000, 0x02400000, 0x02700000, 0x02600000,
+    0x02380000, 0x02180000, 0x02480000, 0x02500000,
+    0x02080000, 0x02280000, 0x02100000, 0x02200000,
+    0x02300000, 0x02780000, 0x02000000, 0x02580000,
+    0x01e80000, 0x01c00000, 0x01f00000, 0x01e00000,
+    0x01b80000, 0x01980000, 0x01c80000, 0x01d00000,
+    0x01880000, 0x01a80000, 0x01900000, 0x01a00000,
+    0x01b00000, 0x01f80000, 0x01800000, 0x01d80000,
+    0x04680000, 0x04400000, 0x04700000, 0x04600000,
+    0x04380000, 0x04180000, 0x04480000, 0x04500000,
+    0x04080000, 0x04280000, 0x04100000, 0x04200000,
+    0x04300000, 0x04780000, 0x04000000, 0x04580000,
+    /* 2 */
+    0x18000004, 0x70000004, 0x28000004, 0x48000004,
+    0x30000004, 0x40000004, 0x00000004, 0x68000004,
+    0x50000004, 0x58000004, 0x38000004, 0x60000004,
+    0x10000004, 0x08000004, 0x78000004, 0x20000004,
+    0x98000007, 0xf0000007, 0xa8000007, 0xc8000007,
+    0xb0000007, 0xc0000007, 0x80000007, 0xe8000007,
+    0xd0000007, 0xd8000007, 0xb8000007, 0xe0000007,
+    0x90000007, 0x88000007, 0xf8000007, 0xa0000007,
+    0x18000003, 0x70000003, 0x28000003, 0x48000003,
+    0x30000003, 0x40000003, 0x00000003, 0x68000003,
+    0x50000003, 0x58000003, 0x38000003, 0x60000003,
+    0x10000003, 0x08000003, 0x78000003, 0x20000003,
+    0x98000005, 0xf0000005, 0xa8000005, 0xc8000005,
+    0xb0000005, 0xc0000005, 0x80000005, 0xe8000005,
+    0xd0000005, 0xd8000005, 0xb8000005, 0xe0000005,
+    0x90000005, 0x88000005, 0xf8000005, 0xa0000005,
+    0x98000000, 0xf0000000, 0xa8000000, 0xc8000000,
+    0xb0000000, 0xc0000000, 0x80000000, 0xe8000000,
+    0xd0000000, 0xd8000000, 0xb8000000, 0xe0000000,
+    0x90000000, 0x88000000, 0xf8000000, 0xa0000000,
+    0x98000004, 0xf0000004, 0xa8000004, 0xc8000004,
+    0xb0000004, 0xc0000004, 0x80000004, 0xe8000004,
+    0xd0000004, 0xd8000004, 0xb8000004, 0xe0000004,
+    0x90000004, 0x88000004, 0xf8000004, 0xa0000004,
+    0x18000006, 0x70000006, 0x28000006, 0x48000006,
+    0x30000006, 0x40000006, 0x00000006, 0x68000006,
+    0x50000006, 0x58000006, 0x38000006, 0x60000006,
+    0x10000006, 0x08000006, 0x78000006, 0x20000006,
+    0x98000002, 0xf0000002, 0xa8000002, 0xc8000002,
+    0xb0000002, 0xc0000002, 0x80000002, 0xe8000002,
+    0xd0000002, 0xd8000002, 0xb8000002, 0xe0000002,
+    0x90000002, 0x88000002, 0xf8000002, 0xa0000002,
+    0x98000006, 0xf0000006, 0xa8000006, 0xc8000006,
+    0xb0000006, 0xc0000006, 0x80000006, 0xe8000006,
+    0xd0000006, 0xd8000006, 0xb8000006, 0xe0000006,
+    0x90000006, 0x88000006, 0xf8000006, 0xa0000006,
+    0x98000001, 0xf0000001, 0xa8000001, 0xc8000001,
+    0xb0000001, 0xc0000001, 0x80000001, 0xe8000001,
+    0xd0000001, 0xd8000001, 0xb8000001, 0xe0000001,
+    0x90000001, 0x88000001, 0xf8000001, 0xa0000001,
+    0x98000003, 0xf0000003, 0xa8000003, 0xc8000003,
+    0xb0000003, 0xc0000003, 0x80000003, 0xe8000003,
+    0xd0000003, 0xd8000003, 0xb8000003, 0xe0000003,
+    0x90000003, 0x88000003, 0xf8000003, 0xa0000003,
+    0x18000005, 0x70000005, 0x28000005, 0x48000005,
+    0x30000005, 0x40000005, 0x00000005, 0x68000005,
+    0x50000005, 0x58000005, 0x38000005, 0x60000005,
+    0x10000005, 0x08000005, 0x78000005, 0x20000005,
+    0x18000000, 0x70000000, 0x28000000, 0x48000000,
+    0x30000000, 0x40000000, 0x00000000, 0x68000000,
+    0x50000000, 0x58000000, 0x38000000, 0x60000000,
+    0x10000000, 0x08000000, 0x78000000, 0x20000000,
+    0x18000007, 0x70000007, 0x28000007, 0x48000007,
+    0x30000007, 0x40000007, 0x00000007, 0x68000007,
+    0x50000007, 0x58000007, 0x38000007, 0x60000007,
+    0x10000007, 0x08000007, 0x78000007, 0x20000007,
+    0x18000001, 0x70000001, 0x28000001, 0x48000001,
+    0x30000001, 0x40000001, 0x00000001, 0x68000001,
+    0x50000001, 0x58000001, 0x38000001, 0x60000001,
+    0x10000001, 0x08000001, 0x78000001, 0x20000001,
+    0x18000002, 0x70000002, 0x28000002, 0x48000002,
+    0x30000002, 0x40000002, 0x00000002, 0x68000002,
+    0x50000002, 0x58000002, 0x38000002, 0x60000002,
+    0x10000002, 0x08000002, 0x78000002, 0x20000002,
+    /* 3 */
+    0x00000648, 0x00000658, 0x00000660, 0x00000600,
+    0x00000618, 0x00000630, 0x00000638, 0x00000628,
+    0x00000620, 0x00000640, 0x00000670, 0x00000678,
+    0x00000608, 0x00000650, 0x00000610, 0x00000668,
+    0x00000348, 0x00000358, 0x00000360, 0x00000300,
+    0x00000318, 0x00000330, 0x00000338, 0x00000328,
+    0x00000320, 0x00000340, 0x00000370, 0x00000378,
+    0x00000308, 0x00000350, 0x00000310, 0x00000368,
+    0x000002c8, 0x000002d8, 0x000002e0, 0x00000280,
+    0x00000298, 0x000002b0, 0x000002b8, 0x000002a8,
+    0x000002a0, 0x000002c0, 0x000002f0, 0x000002f8,
+    0x00000288, 0x000002d0, 0x00000290, 0x000002e8,
+    0x00000148, 0x00000158, 0x00000160, 0x00000100,
+    0x00000118, 0x00000130, 0x00000138, 0x00000128,
+    0x00000120, 0x00000140, 0x00000170, 0x00000178,
+    0x00000108, 0x00000150, 0x00000110, 0x00000168,
+    0x000005c8, 0x000005d8, 0x000005e0, 0x00000580,
+    0x00000598, 0x000005b0, 0x000005b8, 0x000005a8,
+    0x000005a0, 0x000005c0, 0x000005f0, 0x000005f8,
+    0x00000588, 0x000005d0, 0x00000590, 0x000005e8,
+    0x00000048, 0x00000058, 0x00000060, 0x00000000,
+    0x00000018, 0x00000030, 0x00000038, 0x00000028,
+    0x00000020, 0x00000040, 0x00000070, 0x00000078,
+    0x00000008, 0x00000050, 0x00000010, 0x00000068,
+    0x000004c8, 0x000004d8, 0x000004e0, 0x00000480,
+    0x00000498, 0x000004b0, 0x000004b8, 0x000004a8,
+    0x000004a0, 0x000004c0, 0x000004f0, 0x000004f8,
+    0x00000488, 0x000004d0, 0x00000490, 0x000004e8,
+    0x000006c8, 0x000006d8, 0x000006e0, 0x00000680,
+    0x00000698, 0x000006b0, 0x000006b8, 0x000006a8,
+    0x000006a0, 0x000006c0, 0x000006f0, 0x000006f8,
+    0x00000688, 0x000006d0, 0x00000690, 0x000006e8,
+    0x000001c8, 0x000001d8, 0x000001e0, 0x00000180,
+    0x00000198, 0x000001b0, 0x000001b8, 0x000001a8,
+    0x000001a0, 0x000001c0, 0x000001f0, 0x000001f8,
+    0x00000188, 0x000001d0, 0x00000190, 0x000001e8,
+    0x00000748, 0x00000758, 0x00000760, 0x00000700,
+    0x00000718, 0x00000730, 0x00000738, 0x00000728,
+    0x00000720, 0x00000740, 0x00000770, 0x00000778,
+    0x00000708, 0x00000750, 0x00000710, 0x00000768,
+    0x000003c8, 0x000003d8, 0x000003e0, 0x00000380,
+    0x00000398, 0x000003b0, 0x000003b8, 0x000003a8,
+    0x000003a0, 0x000003c0, 0x000003f0, 0x000003f8,
+    0x00000388, 0x000003d0, 0x00000390, 0x000003e8,
+    0x00000548, 0x00000558, 0x00000560, 0x00000500,
+    0x00000518, 0x00000530, 0x00000538, 0x00000528,
+    0x00000520, 0x00000540, 0x00000570, 0x00000578,
+    0x00000508, 0x00000550, 0x00000510, 0x00000568,
+    0x000007c8, 0x000007d8, 0x000007e0, 0x00000780,
+    0x00000798, 0x000007b0, 0x000007b8, 0x000007a8,
+    0x000007a0, 0x000007c0, 0x000007f0, 0x000007f8,
+    0x00000788, 0x000007d0, 0x00000790, 0x000007e8,
+    0x00000248, 0x00000258, 0x00000260, 0x00000200,
+    0x00000218, 0x00000230, 0x00000238, 0x00000228,
+    0x00000220, 0x00000240, 0x00000270, 0x00000278,
+    0x00000208, 0x00000250, 0x00000210, 0x00000268,
+    0x000000c8, 0x000000d8, 0x000000e0, 0x00000080,
+    0x00000098, 0x000000b0, 0x000000b8, 0x000000a8,
+    0x000000a0, 0x000000c0, 0x000000f0, 0x000000f8,
+    0x00000088, 0x000000d0, 0x00000090, 0x000000e8,
+    0x00000448, 0x00000458, 0x00000460, 0x00000400,
+    0x00000418, 0x00000430, 0x00000438, 0x00000428,
+    0x00000420, 0x00000440, 0x00000470, 0x00000478,
+    0x00000408, 0x00000450, 0x00000410, 0x00000468,
+  }
+};
+
+const struct gost28147_param gost28147_param_CryptoPro_A =
+{
+  1,
+  {
+    /* 0 */
+    0x0001c800, 0x0001b000, 0x00019800, 0x00019000,
+    0x0001c000, 0x0001d800, 0x00018800, 0x0001b800,
+    0x0001d000, 0x0001a000, 0x0001f000, 0x0001f800,
+    0x0001e000, 0x00018000, 0x0001e800, 0x0001a800,
+    0x0003c800, 0x0003b000, 0x00039800, 0x00039000,
+    0x0003c000, 0x0003d800, 0x00038800, 0x0003b800,
+    0x0003d000, 0x0003a000, 0x0003f000, 0x0003f800,
+    0x0003e000, 0x00038000, 0x0003e800, 0x0003a800,
+    0x00074800, 0x00073000, 0x00071800, 0x00071000,
+    0x00074000, 0x00075800, 0x00070800, 0x00073800,
+    0x00075000, 0x00072000, 0x00077000, 0x00077800,
+    0x00076000, 0x00070000, 0x00076800, 0x00072800,
+    0x0004c800, 0x0004b000, 0x00049800, 0x00049000,
+    0x0004c000, 0x0004d800, 0x00048800, 0x0004b800,
+    0x0004d000, 0x0004a000, 0x0004f000, 0x0004f800,
+    0x0004e000, 0x00048000, 0x0004e800, 0x0004a800,
+    0x00044800, 0x00043000, 0x00041800, 0x00041000,
+    0x00044000, 0x00045800, 0x00040800, 0x00043800,
+    0x00045000, 0x00042000, 0x00047000, 0x00047800,
+    0x00046000, 0x00040000, 0x00046800, 0x00042800,
+    0x00054800, 0x00053000, 0x00051800, 0x00051000,
+    0x00054000, 0x00055800, 0x00050800, 0x00053800,
+    0x00055000, 0x00052000, 0x00057000, 0x00057800,
+    0x00056000, 0x00050000, 0x00056800, 0x00052800,
+    0x0007c800, 0x0007b000, 0x00079800, 0x00079000,
+    0x0007c000, 0x0007d800, 0x00078800, 0x0007b800,
+    0x0007d000, 0x0007a000, 0x0007f000, 0x0007f800,
+    0x0007e000, 0x00078000, 0x0007e800, 0x0007a800,
+    0x00004800, 0x00003000, 0x00001800, 0x00001000,
+    0x00004000, 0x00005800, 0x00000800, 0x00003800,
+    0x00005000, 0x00002000, 0x00007000, 0x00007800,
+    0x00006000, 0x00000000, 0x00006800, 0x00002800,
+    0x0002c800, 0x0002b000, 0x00029800, 0x00029000,
+    0x0002c000, 0x0002d800, 0x00028800, 0x0002b800,
+    0x0002d000, 0x0002a000, 0x0002f000, 0x0002f800,
+    0x0002e000, 0x00028000, 0x0002e800, 0x0002a800,
+    0x00014800, 0x00013000, 0x00011800, 0x00011000,
+    0x00014000, 0x00015800, 0x00010800, 0x00013800,
+    0x00015000, 0x00012000, 0x00017000, 0x00017800,
+    0x00016000, 0x00010000, 0x00016800, 0x00012800,
+    0x00034800, 0x00033000, 0x00031800, 0x00031000,
+    0x00034000, 0x00035800, 0x00030800, 0x00033800,
+    0x00035000, 0x00032000, 0x00037000, 0x00037800,
+    0x00036000, 0x00030000, 0x00036800, 0x00032800,
+    0x00064800, 0x00063000, 0x00061800, 0x00061000,
+    0x00064000, 0x00065800, 0x00060800, 0x00063800,
+    0x00065000, 0x00062000, 0x00067000, 0x00067800,
+    0x00066000, 0x00060000, 0x00066800, 0x00062800,
+    0x0005c800, 0x0005b000, 0x00059800, 0x00059000,
+    0x0005c000, 0x0005d800, 0x00058800, 0x0005b800,
+    0x0005d000, 0x0005a000, 0x0005f000, 0x0005f800,
+    0x0005e000, 0x00058000, 0x0005e800, 0x0005a800,
+    0x00024800, 0x00023000, 0x00021800, 0x00021000,
+    0x00024000, 0x00025800, 0x00020800, 0x00023800,
+    0x00025000, 0x00022000, 0x00027000, 0x00027800,
+    0x00026000, 0x00020000, 0x00026800, 0x00022800,
+    0x0006c800, 0x0006b000, 0x00069800, 0x00069000,
+    0x0006c000, 0x0006d800, 0x00068800, 0x0006b800,
+    0x0006d000, 0x0006a000, 0x0006f000, 0x0006f800,
+    0x0006e000, 0x00068000, 0x0006e800, 0x0006a800,
+    0x0000c800, 0x0000b000, 0x00009800, 0x00009000,
+    0x0000c000, 0x0000d800, 0x00008800, 0x0000b800,
+    0x0000d000, 0x0000a000, 0x0000f000, 0x0000f800,
+    0x0000e000, 0x00008000, 0x0000e800, 0x0000a800,
+    /* 1 */
+    0x07700000, 0x07200000, 0x07300000, 0x07100000,
+    0x07580000, 0x07180000, 0x07680000, 0x07400000,
+    0x07600000, 0x07780000, 0x07280000, 0x07500000,
+    0x07000000, 0x07380000, 0x07080000, 0x07480000,
+    0x03f00000, 0x03a00000, 0x03b00000, 0x03900000,
+    0x03d80000, 0x03980000, 0x03e80000, 0x03c00000,
+    0x03e00000, 0x03f80000, 0x03a80000, 0x03d00000,
+    0x03800000, 0x03b80000, 0x03880000, 0x03c80000,
+    0x05700000, 0x05200000, 0x05300000, 0x05100000,
+    0x05580000, 0x05180000, 0x05680000, 0x05400000,
+    0x05600000, 0x05780000, 0x05280000, 0x05500000,
+    0x05000000, 0x05380000, 0x05080000, 0x05480000,
+    0x06700000, 0x06200000, 0x06300000, 0x06100000,
+    0x06580000, 0x06180000, 0x06680000, 0x06400000,
+    0x06600000, 0x06780000, 0x06280000, 0x06500000,
+    0x06000000, 0x06380000, 0x06080000, 0x06480000,
+    0x06f00000, 0x06a00000, 0x06b00000, 0x06900000,
+    0x06d80000, 0x06980000, 0x06e80000, 0x06c00000,
+    0x06e00000, 0x06f80000, 0x06a80000, 0x06d00000,
+    0x06800000, 0x06b80000, 0x06880000, 0x06c80000,
+    0x00f00000, 0x00a00000, 0x00b00000, 0x00900000,
+    0x00d80000, 0x00980000, 0x00e80000, 0x00c00000,
+    0x00e00000, 0x00f80000, 0x00a80000, 0x00d00000,
+    0x00800000, 0x00b80000, 0x00880000, 0x00c80000,
+    0x01f00000, 0x01a00000, 0x01b00000, 0x01900000,
+    0x01d80000, 0x01980000, 0x01e80000, 0x01c00000,
+    0x01e00000, 0x01f80000, 0x01a80000, 0x01d00000,
+    0x01800000, 0x01b80000, 0x01880000, 0x01c80000,
+    0x04f00000, 0x04a00000, 0x04b00000, 0x04900000,
+    0x04d80000, 0x04980000, 0x04e80000, 0x04c00000,
+    0x04e00000, 0x04f80000, 0x04a80000, 0x04d00000,
+    0x04800000, 0x04b80000, 0x04880000, 0x04c80000,
+    0x00700000, 0x00200000, 0x00300000, 0x00100000,
+    0x00580000, 0x00180000, 0x00680000, 0x00400000,
+    0x00600000, 0x00780000, 0x00280000, 0x00500000,
+    0x00000000, 0x00380000, 0x00080000, 0x00480000,
+    0x01700000, 0x01200000, 0x01300000, 0x01100000,
+    0x01580000, 0x01180000, 0x01680000, 0x01400000,
+    0x01600000, 0x01780000, 0x01280000, 0x01500000,
+    0x01000000, 0x01380000, 0x01080000, 0x01480000,
+    0x05f00000, 0x05a00000, 0x05b00000, 0x05900000,
+    0x05d80000, 0x05980000, 0x05e80000, 0x05c00000,
+    0x05e00000, 0x05f80000, 0x05a80000, 0x05d00000,
+    0x05800000, 0x05b80000, 0x05880000, 0x05c80000,
+    0x02700000, 0x02200000, 0x02300000, 0x02100000,
+    0x02580000, 0x02180000, 0x02680000, 0x02400000,
+    0x02600000, 0x02780000, 0x02280000, 0x02500000,
+    0x02000000, 0x02380000, 0x02080000, 0x02480000,
+    0x07f00000, 0x07a00000, 0x07b00000, 0x07900000,
+    0x07d80000, 0x07980000, 0x07e80000, 0x07c00000,
+    0x07e00000, 0x07f80000, 0x07a80000, 0x07d00000,
+    0x07800000, 0x07b80000, 0x07880000, 0x07c80000,
+    0x04700000, 0x04200000, 0x04300000, 0x04100000,
+    0x04580000, 0x04180000, 0x04680000, 0x04400000,
+    0x04600000, 0x04780000, 0x04280000, 0x04500000,
+    0x04000000, 0x04380000, 0x04080000, 0x04480000,
+    0x02f00000, 0x02a00000, 0x02b00000, 0x02900000,
+    0x02d80000, 0x02980000, 0x02e80000, 0x02c00000,
+    0x02e00000, 0x02f80000, 0x02a80000, 0x02d00000,
+    0x02800000, 0x02b80000, 0x02880000, 0x02c80000,
+    0x03700000, 0x03200000, 0x03300000, 0x03100000,
+    0x03580000, 0x03180000, 0x03680000, 0x03400000,
+    0x03600000, 0x03780000, 0x03280000, 0x03500000,
+    0x03000000, 0x03380000, 0x03080000, 0x03480000,
+    /* 2 */
+    0xd8000001, 0xa8000001, 0x88000001, 0xc8000001,
+    0xc0000001, 0xe8000001, 0xf8000001, 0x80000001,
+    0xf0000001, 0xa0000001, 0x90000001, 0x98000001,
+    0xe0000001, 0xb8000001, 0xd0000001, 0xb0000001,
+    0x58000005, 0x28000005, 0x08000005, 0x48000005,
+    0x40000005, 0x68000005, 0x78000005, 0x00000005,
+    0x70000005, 0x20000005, 0x10000005, 0x18000005,
+    0x60000005, 0x38000005, 0x50000005, 0x30000005,
+    0xd8000006, 0xa8000006, 0x88000006, 0xc8000006,
+    0xc0000006, 0xe8000006, 0xf8000006, 0x80000006,
+    0xf0000006, 0xa0000006, 0x90000006, 0x98000006,
+    0xe0000006, 0xb8000006, 0xd0000006, 0xb0000006,
+    0x58000006, 0x28000006, 0x08000006, 0x48000006,
+    0x40000006, 0x68000006, 0x78000006, 0x00000006,
+    0x70000006, 0x20000006, 0x10000006, 0x18000006,
+    0x60000006, 0x38000006, 0x50000006, 0x30000006,
+    0xd8000000, 0xa8000000, 0x88000000, 0xc8000000,
+    0xc0000000, 0xe8000000, 0xf8000000, 0x80000000,
+    0xf0000000, 0xa0000000, 0x90000000, 0x98000000,
+    0xe0000000, 0xb8000000, 0xd0000000, 0xb0000000,
+    0x58000001, 0x28000001, 0x08000001, 0x48000001,
+    0x40000001, 0x68000001, 0x78000001, 0x00000001,
+    0x70000001, 0x20000001, 0x10000001, 0x18000001,
+    0x60000001, 0x38000001, 0x50000001, 0x30000001,
+    0x58000000, 0x28000000, 0x08000000, 0x48000000,
+    0x40000000, 0x68000000, 0x78000000, 0x00000000,
+    0x70000000, 0x20000000, 0x10000000, 0x18000000,
+    0x60000000, 0x38000000, 0x50000000, 0x30000000,
+    0xd8000005, 0xa8000005, 0x88000005, 0xc8000005,
+    0xc0000005, 0xe8000005, 0xf8000005, 0x80000005,
+    0xf0000005, 0xa0000005, 0x90000005, 0x98000005,
+    0xe0000005, 0xb8000005, 0xd0000005, 0xb0000005,
+    0xd8000003, 0xa8000003, 0x88000003, 0xc8000003,
+    0xc0000003, 0xe8000003, 0xf8000003, 0x80000003,
+    0xf0000003, 0xa0000003, 0x90000003, 0x98000003,
+    0xe0000003, 0xb8000003, 0xd0000003, 0xb0000003,
+    0xd8000002, 0xa8000002, 0x88000002, 0xc8000002,
+    0xc0000002, 0xe8000002, 0xf8000002, 0x80000002,
+    0xf0000002, 0xa0000002, 0x90000002, 0x98000002,
+    0xe0000002, 0xb8000002, 0xd0000002, 0xb0000002,
+    0xd8000004, 0xa8000004, 0x88000004, 0xc8000004,
+    0xc0000004, 0xe8000004, 0xf8000004, 0x80000004,
+    0xf0000004, 0xa0000004, 0x90000004, 0x98000004,
+    0xe0000004, 0xb8000004, 0xd0000004, 0xb0000004,
+    0x58000002, 0x28000002, 0x08000002, 0x48000002,
+    0x40000002, 0x68000002, 0x78000002, 0x00000002,
+    0x70000002, 0x20000002, 0x10000002, 0x18000002,
+    0x60000002, 0x38000002, 0x50000002, 0x30000002,
+    0x58000004, 0x28000004, 0x08000004, 0x48000004,
+    0x40000004, 0x68000004, 0x78000004, 0x00000004,
+    0x70000004, 0x20000004, 0x10000004, 0x18000004,
+    0x60000004, 0x38000004, 0x50000004, 0x30000004,
+    0xd8000007, 0xa8000007, 0x88000007, 0xc8000007,
+    0xc0000007, 0xe8000007, 0xf8000007, 0x80000007,
+    0xf0000007, 0xa0000007, 0x90000007, 0x98000007,
+    0xe0000007, 0xb8000007, 0xd0000007, 0xb0000007,
+    0x58000007, 0x28000007, 0x08000007, 0x48000007,
+    0x40000007, 0x68000007, 0x78000007, 0x00000007,
+    0x70000007, 0x20000007, 0x10000007, 0x18000007,
+    0x60000007, 0x38000007, 0x50000007, 0x30000007,
+    0x58000003, 0x28000003, 0x08000003, 0x48000003,
+    0x40000003, 0x68000003, 0x78000003, 0x00000003,
+    0x70000003, 0x20000003, 0x10000003, 0x18000003,
+    0x60000003, 0x38000003, 0x50000003, 0x30000003,
+    /* 3 */
+    0x00000588, 0x000005e8, 0x00000590, 0x000005c8,
+    0x000005b8, 0x000005d0, 0x000005b0, 0x00000580,
+    0x000005c0, 0x000005e0, 0x000005a0, 0x000005a8,
+    0x000005f8, 0x00000598, 0x000005d8, 0x000005f0,
+    0x00000508, 0x00000568, 0x00000510, 0x00000548,
+    0x00000538, 0x00000550, 0x00000530, 0x00000500,
+    0x00000540, 0x00000560, 0x00000520, 0x00000528,
+    0x00000578, 0x00000518, 0x00000558, 0x00000570,
+    0x00000788, 0x000007e8, 0x00000790, 0x000007c8,
+    0x000007b8, 0x000007d0, 0x000007b0, 0x00000780,
+    0x000007c0, 0x000007e0, 0x000007a0, 0x000007a8,
+    0x000007f8, 0x00000798, 0x000007d8, 0x000007f0,
+    0x00000288, 0x000002e8, 0x00000290, 0x000002c8,
+    0x000002b8, 0x000002d0, 0x000002b0, 0x00000280,
+    0x000002c0, 0x000002e0, 0x000002a0, 0x000002a8,
+    0x000002f8, 0x00000298, 0x000002d8, 0x000002f0,
+    0x00000008, 0x00000068, 0x00000010, 0x00000048,
+    0x00000038, 0x00000050, 0x00000030, 0x00000000,
+    0x00000040, 0x00000060, 0x00000020, 0x00000028,
+    0x00000078, 0x00000018, 0x00000058, 0x00000070,
+    0x00000608, 0x00000668, 0x00000610, 0x00000648,
+    0x00000638, 0x00000650, 0x00000630, 0x00000600,
+    0x00000640, 0x00000660, 0x00000620, 0x00000628,
+    0x00000678, 0x00000618, 0x00000658, 0x00000670,
+    0x00000708, 0x00000768, 0x00000710, 0x00000748,
+    0x00000738, 0x00000750, 0x00000730, 0x00000700,
+    0x00000740, 0x00000760, 0x00000720, 0x00000728,
+    0x00000778, 0x00000718, 0x00000758, 0x00000770,
+    0x00000408, 0x00000468, 0x00000410, 0x00000448,
+    0x00000438, 0x00000450, 0x00000430, 0x00000400,
+    0x00000440, 0x00000460, 0x00000420, 0x00000428,
+    0x00000478, 0x00000418, 0x00000458, 0x00000470,
+    0x00000308, 0x00000368, 0x00000310, 0x00000348,
+    0x00000338, 0x00000350, 0x00000330, 0x00000300,
+    0x00000340, 0x00000360, 0x00000320, 0x00000328,
+    0x00000378, 0x00000318, 0x00000358, 0x00000370,
+    0x00000108, 0x00000168, 0x00000110, 0x00000148,
+    0x00000138, 0x00000150, 0x00000130, 0x00000100,
+    0x00000140, 0x00000160, 0x00000120, 0x00000128,
+    0x00000178, 0x00000118, 0x00000158, 0x00000170,
+    0x00000188, 0x000001e8, 0x00000190, 0x000001c8,
+    0x000001b8, 0x000001d0, 0x000001b0, 0x00000180,
+    0x000001c0, 0x000001e0, 0x000001a0, 0x000001a8,
+    0x000001f8, 0x00000198, 0x000001d8, 0x000001f0,
+    0x00000488, 0x000004e8, 0x00000490, 0x000004c8,
+    0x000004b8, 0x000004d0, 0x000004b0, 0x00000480,
+    0x000004c0, 0x000004e0, 0x000004a0, 0x000004a8,
+    0x000004f8, 0x00000498, 0x000004d8, 0x000004f0,
+    0x00000088, 0x000000e8, 0x00000090, 0x000000c8,
+    0x000000b8, 0x000000d0, 0x000000b0, 0x00000080,
+    0x000000c0, 0x000000e0, 0x000000a0, 0x000000a8,
+    0x000000f8, 0x00000098, 0x000000d8, 0x000000f0,
+    0x00000388, 0x000003e8, 0x00000390, 0x000003c8,
+    0x000003b8, 0x000003d0, 0x000003b0, 0x00000380,
+    0x000003c0, 0x000003e0, 0x000003a0, 0x000003a8,
+    0x000003f8, 0x00000398, 0x000003d8, 0x000003f0,
+    0x00000688, 0x000006e8, 0x00000690, 0x000006c8,
+    0x000006b8, 0x000006d0, 0x000006b0, 0x00000680,
+    0x000006c0, 0x000006e0, 0x000006a0, 0x000006a8,
+    0x000006f8, 0x00000698, 0x000006d8, 0x000006f0,
+    0x00000208, 0x00000268, 0x00000210, 0x00000248,
+    0x00000238, 0x00000250, 0x00000230, 0x00000200,
+    0x00000240, 0x00000260, 0x00000220, 0x00000228,
+    0x00000278, 0x00000218, 0x00000258, 0x00000270,
+  }
+};
+
+const struct gost28147_param gost28147_param_CryptoPro_B =
+{
+  1,
+  {
+    /* 0 */
+    0x00004000, 0x00002000, 0x00005800, 0x00000800,
+    0x00001800, 0x00002800, 0x00000000, 0x00004800,
+    0x00001000, 0x00007000, 0x00005000, 0x00006000,
+    0x00006800, 0x00003000, 0x00003800, 0x00007800,
+    0x0000c000, 0x0000a000, 0x0000d800, 0x00008800,
+    0x00009800, 0x0000a800, 0x00008000, 0x0000c800,
+    0x00009000, 0x0000f000, 0x0000d000, 0x0000e000,
+    0x0000e800, 0x0000b000, 0x0000b800, 0x0000f800,
+    0x00014000, 0x00012000, 0x00015800, 0x00010800,
+    0x00011800, 0x00012800, 0x00010000, 0x00014800,
+    0x00011000, 0x00017000, 0x00015000, 0x00016000,
+    0x00016800, 0x00013000, 0x00013800, 0x00017800,
+    0x00054000, 0x00052000, 0x00055800, 0x00050800,
+    0x00051800, 0x00052800, 0x00050000, 0x00054800,
+    0x00051000, 0x00057000, 0x00055000, 0x00056000,
+    0x00056800, 0x00053000, 0x00053800, 0x00057800,
+    0x00024000, 0x00022000, 0x00025800, 0x00020800,
+    0x00021800, 0x00022800, 0x00020000, 0x00024800,
+    0x00021000, 0x00027000, 0x00025000, 0x00026000,
+    0x00026800, 0x00023000, 0x00023800, 0x00027800,
+    0x0006c000, 0x0006a000, 0x0006d800, 0x00068800,
+    0x00069800, 0x0006a800, 0x00068000, 0x0006c800,
+    0x00069000, 0x0006f000, 0x0006d000, 0x0006e000,
+    0x0006e800, 0x0006b000, 0x0006b800, 0x0006f800,
+    0x0002c000, 0x0002a000, 0x0002d800, 0x00028800,
+    0x00029800, 0x0002a800, 0x00028000, 0x0002c800,
+    0x00029000, 0x0002f000, 0x0002d000, 0x0002e000,
+    0x0002e800, 0x0002b000, 0x0002b800, 0x0002f800,
+    0x00064000, 0x00062000, 0x00065800, 0x00060800,
+    0x00061800, 0x00062800, 0x00060000, 0x00064800,
+    0x00061000, 0x00067000, 0x00065000, 0x00066000,
+    0x00066800, 0x00063000, 0x00063800, 0x00067800,
+    0x0004c000, 0x0004a000, 0x0004d800, 0x00048800,
+    0x00049800, 0x0004a800, 0x00048000, 0x0004c800,
+    0x00049000, 0x0004f000, 0x0004d000, 0x0004e000,
+    0x0004e800, 0x0004b000, 0x0004b800, 0x0004f800,
+    0x0003c000, 0x0003a000, 0x0003d800, 0x00038800,
+    0x00039800, 0x0003a800, 0x00038000, 0x0003c800,
+    0x00039000, 0x0003f000, 0x0003d000, 0x0003e000,
+    0x0003e800, 0x0003b000, 0x0003b800, 0x0003f800,
+    0x0001c000, 0x0001a000, 0x0001d800, 0x00018800,
+    0x00019800, 0x0001a800, 0x00018000, 0x0001c800,
+    0x00019000, 0x0001f000, 0x0001d000, 0x0001e000,
+    0x0001e800, 0x0001b000, 0x0001b800, 0x0001f800,
+    0x0007c000, 0x0007a000, 0x0007d800, 0x00078800,
+    0x00079800, 0x0007a800, 0x00078000, 0x0007c800,
+    0x00079000, 0x0007f000, 0x0007d000, 0x0007e000,
+    0x0007e800, 0x0007b000, 0x0007b800, 0x0007f800,
+    0x0005c000, 0x0005a000, 0x0005d800, 0x00058800,
+    0x00059800, 0x0005a800, 0x00058000, 0x0005c800,
+    0x00059000, 0x0005f000, 0x0005d000, 0x0005e000,
+    0x0005e800, 0x0005b000, 0x0005b800, 0x0005f800,
+    0x00044000, 0x00042000, 0x00045800, 0x00040800,
+    0x00041800, 0x00042800, 0x00040000, 0x00044800,
+    0x00041000, 0x00047000, 0x00045000, 0x00046000,
+    0x00046800, 0x00043000, 0x00043800, 0x00047800,
+    0x00034000, 0x00032000, 0x00035800, 0x00030800,
+    0x00031800, 0x00032800, 0x00030000, 0x00034800,
+    0x00031000, 0x00037000, 0x00035000, 0x00036000,
+    0x00036800, 0x00033000, 0x00033800, 0x00037800,
+    0x00074000, 0x00072000, 0x00075800, 0x00070800,
+    0x00071800, 0x00072800, 0x00070000, 0x00074800,
+    0x00071000, 0x00077000, 0x00075000, 0x00076000,
+    0x00076800, 0x00073000, 0x00073800, 0x00077800,
+    /* 1 */
+    0x03f00000, 0x03e00000, 0x03800000, 0x03d00000,
+    0x03c80000, 0x03900000, 0x03e80000, 0x03d80000,
+    0x03b80000, 0x03a80000, 0x03c00000, 0x03f80000,
+    0x03980000, 0x03b00000, 0x03880000, 0x03a00000,
+    0x02f00000, 0x02e00000, 0x02800000, 0x02d00000,
+    0x02c80000, 0x02900000, 0x02e80000, 0x02d80000,
+    0x02b80000, 0x02a80000, 0x02c00000, 0x02f80000,
+    0x02980000, 0x02b00000, 0x02880000, 0x02a00000,
+    0x00700000, 0x00600000, 0x00000000, 0x00500000,
+    0x00480000, 0x00100000, 0x00680000, 0x00580000,
+    0x00380000, 0x00280000, 0x00400000, 0x00780000,
+    0x00180000, 0x00300000, 0x00080000, 0x00200000,
+    0x06f00000, 0x06e00000, 0x06800000, 0x06d00000,
+    0x06c80000, 0x06900000, 0x06e80000, 0x06d80000,
+    0x06b80000, 0x06a80000, 0x06c00000, 0x06f80000,
+    0x06980000, 0x06b00000, 0x06880000, 0x06a00000,
+    0x05f00000, 0x05e00000, 0x05800000, 0x05d00000,
+    0x05c80000, 0x05900000, 0x05e80000, 0x05d80000,
+    0x05b80000, 0x05a80000, 0x05c00000, 0x05f80000,
+    0x05980000, 0x05b00000, 0x05880000, 0x05a00000,
+    0x03700000, 0x03600000, 0x03000000, 0x03500000,
+    0x03480000, 0x03100000, 0x03680000, 0x03580000,
+    0x03380000, 0x03280000, 0x03400000, 0x03780000,
+    0x03180000, 0x03300000, 0x03080000, 0x03200000,
+    0x00f00000, 0x00e00000, 0x00800000, 0x00d00000,
+    0x00c80000, 0x00900000, 0x00e80000, 0x00d80000,
+    0x00b80000, 0x00a80000, 0x00c00000, 0x00f80000,
+    0x00980000, 0x00b00000, 0x00880000, 0x00a00000,
+    0x01700000, 0x01600000, 0x01000000, 0x01500000,
+    0x01480000, 0x01100000, 0x01680000, 0x01580000,
+    0x01380000, 0x01280000, 0x01400000, 0x01780000,
+    0x01180000, 0x01300000, 0x01080000, 0x01200000,
+    0x01f00000, 0x01e00000, 0x01800000, 0x01d00000,
+    0x01c80000, 0x01900000, 0x01e80000, 0x01d80000,
+    0x01b80000, 0x01a80000, 0x01c00000, 0x01f80000,
+    0x01980000, 0x01b00000, 0x01880000, 0x01a00000,
+    0x05700000, 0x05600000, 0x05000000, 0x05500000,
+    0x05480000, 0x05100000, 0x05680000, 0x05580000,
+    0x05380000, 0x05280000, 0x05400000, 0x05780000,
+    0x05180000, 0x05300000, 0x05080000, 0x05200000,
+    0x06700000, 0x06600000, 0x06000000, 0x06500000,
+    0x06480000, 0x06100000, 0x06680000, 0x06580000,
+    0x06380000, 0x06280000, 0x06400000, 0x06780000,
+    0x06180000, 0x06300000, 0x06080000, 0x06200000,
+    0x07f00000, 0x07e00000, 0x07800000, 0x07d00000,
+    0x07c80000, 0x07900000, 0x07e80000, 0x07d80000,
+    0x07b80000, 0x07a80000, 0x07c00000, 0x07f80000,
+    0x07980000, 0x07b00000, 0x07880000, 0x07a00000,
+    0x02700000, 0x02600000, 0x02000000, 0x02500000,
+    0x02480000, 0x02100000, 0x02680000, 0x02580000,
+    0x02380000, 0x02280000, 0x02400000, 0x02780000,
+    0x02180000, 0x02300000, 0x02080000, 0x02200000,
+    0x07700000, 0x07600000, 0x07000000, 0x07500000,
+    0x07480000, 0x07100000, 0x07680000, 0x07580000,
+    0x07380000, 0x07280000, 0x07400000, 0x07780000,
+    0x07180000, 0x07300000, 0x07080000, 0x07200000,
+    0x04f00000, 0x04e00000, 0x04800000, 0x04d00000,
+    0x04c80000, 0x04900000, 0x04e80000, 0x04d80000,
+    0x04b80000, 0x04a80000, 0x04c00000, 0x04f80000,
+    0x04980000, 0x04b00000, 0x04880000, 0x04a00000,
+    0x04700000, 0x04600000, 0x04000000, 0x04500000,
+    0x04480000, 0x04100000, 0x04680000, 0x04580000,
+    0x04380000, 0x04280000, 0x04400000, 0x04780000,
+    0x04180000, 0x04300000, 0x04080000, 0x04200000,
+    /* 2 */
+    0x10000004, 0x38000004, 0x60000004, 0x78000004,
+    0x48000004, 0x28000004, 0x50000004, 0x58000004,
+    0x08000004, 0x20000004, 0x00000004, 0x68000004,
+    0x30000004, 0x40000004, 0x70000004, 0x18000004,
+    0x90000001, 0xb8000001, 0xe0000001, 0xf8000001,
+    0xc8000001, 0xa8000001, 0xd0000001, 0xd8000001,
+    0x88000001, 0xa0000001, 0x80000001, 0xe8000001,
+    0xb0000001, 0xc0000001, 0xf0000001, 0x98000001,
+    0x10000001, 0x38000001, 0x60000001, 0x78000001,
+    0x48000001, 0x28000001, 0x50000001, 0x58000001,
+    0x08000001, 0x20000001, 0x00000001, 0x68000001,
+    0x30000001, 0x40000001, 0x70000001, 0x18000001,
+    0x10000003, 0x38000003, 0x60000003, 0x78000003,
+    0x48000003, 0x28000003, 0x50000003, 0x58000003,
+    0x08000003, 0x20000003, 0x00000003, 0x68000003,
+    0x30000003, 0x40000003, 0x70000003, 0x18000003,
+    0x10000002, 0x38000002, 0x60000002, 0x78000002,
+    0x48000002, 0x28000002, 0x50000002, 0x58000002,
+    0x08000002, 0x20000002, 0x00000002, 0x68000002,
+    0x30000002, 0x40000002, 0x70000002, 0x18000002,
+    0x90000006, 0xb8000006, 0xe0000006, 0xf8000006,
+    0xc8000006, 0xa8000006, 0xd0000006, 0xd8000006,
+    0x88000006, 0xa0000006, 0x80000006, 0xe8000006,
+    0xb0000006, 0xc0000006, 0xf0000006, 0x98000006,
+    0x10000007, 0x38000007, 0x60000007, 0x78000007,
+    0x48000007, 0x28000007, 0x50000007, 0x58000007,
+    0x08000007, 0x20000007, 0x00000007, 0x68000007,
+    0x30000007, 0x40000007, 0x70000007, 0x18000007,
+    0x90000005, 0xb8000005, 0xe0000005, 0xf8000005,
+    0xc8000005, 0xa8000005, 0xd0000005, 0xd8000005,
+    0x88000005, 0xa0000005, 0x80000005, 0xe8000005,
+    0xb0000005, 0xc0000005, 0xf0000005, 0x98000005,
+    0x10000006, 0x38000006, 0x60000006, 0x78000006,
+    0x48000006, 0x28000006, 0x50000006, 0x58000006,
+    0x08000006, 0x20000006, 0x00000006, 0x68000006,
+    0x30000006, 0x40000006, 0x70000006, 0x18000006,
+    0x90000000, 0xb8000000, 0xe0000000, 0xf8000000,
+    0xc8000000, 0xa8000000, 0xd0000000, 0xd8000000,
+    0x88000000, 0xa0000000, 0x80000000, 0xe8000000,
+    0xb0000000, 0xc0000000, 0xf0000000, 0x98000000,
+    0x90000003, 0xb8000003, 0xe0000003, 0xf8000003,
+    0xc8000003, 0xa8000003, 0xd0000003, 0xd8000003,
+    0x88000003, 0xa0000003, 0x80000003, 0xe8000003,
+    0xb0000003, 0xc0000003, 0xf0000003, 0x98000003,
+    0x90000007, 0xb8000007, 0xe0000007, 0xf8000007,
+    0xc8000007, 0xa8000007, 0xd0000007, 0xd8000007,
+    0x88000007, 0xa0000007, 0x80000007, 0xe8000007,
+    0xb0000007, 0xc0000007, 0xf0000007, 0x98000007,
+    0x10000005, 0x38000005, 0x60000005, 0x78000005,
+    0x48000005, 0x28000005, 0x50000005, 0x58000005,
+    0x08000005, 0x20000005, 0x00000005, 0x68000005,
+    0x30000005, 0x40000005, 0x70000005, 0x18000005,
+    0x10000000, 0x38000000, 0x60000000, 0x78000000,
+    0x48000000, 0x28000000, 0x50000000, 0x58000000,
+    0x08000000, 0x20000000, 0x00000000, 0x68000000,
+    0x30000000, 0x40000000, 0x70000000, 0x18000000,
+    0x90000004, 0xb8000004, 0xe0000004, 0xf8000004,
+    0xc8000004, 0xa8000004, 0xd0000004, 0xd8000004,
+    0x88000004, 0xa0000004, 0x80000004, 0xe8000004,
+    0xb0000004, 0xc0000004, 0xf0000004, 0x98000004,
+    0x90000002, 0xb8000002, 0xe0000002, 0xf8000002,
+    0xc8000002, 0xa8000002, 0xd0000002, 0xd8000002,
+    0x88000002, 0xa0000002, 0x80000002, 0xe8000002,
+    0xb0000002, 0xc0000002, 0xf0000002, 0x98000002,
+    /* 3 */
+    0x00000028, 0x00000010, 0x00000050, 0x00000058,
+    0x00000048, 0x00000008, 0x00000060, 0x00000018,
+    0x00000038, 0x00000020, 0x00000068, 0x00000000,
+    0x00000030, 0x00000078, 0x00000040, 0x00000070,
+    0x00000228, 0x00000210, 0x00000250, 0x00000258,
+    0x00000248, 0x00000208, 0x00000260, 0x00000218,
+    0x00000238, 0x00000220, 0x00000268, 0x00000200,
+    0x00000230, 0x00000278, 0x00000240, 0x00000270,
+    0x000005a8, 0x00000590, 0x000005d0, 0x000005d8,
+    0x000005c8, 0x00000588, 0x000005e0, 0x00000598,
+    0x000005b8, 0x000005a0, 0x000005e8, 0x00000580,
+    0x000005b0, 0x000005f8, 0x000005c0, 0x000005f0,
+    0x00000728, 0x00000710, 0x00000750, 0x00000758,
+    0x00000748, 0x00000708, 0x00000760, 0x00000718,
+    0x00000738, 0x00000720, 0x00000768, 0x00000700,
+    0x00000730, 0x00000778, 0x00000740, 0x00000770,
+    0x00000428, 0x00000410, 0x00000450, 0x00000458,
+    0x00000448, 0x00000408, 0x00000460, 0x00000418,
+    0x00000438, 0x00000420, 0x00000468, 0x00000400,
+    0x00000430, 0x00000478, 0x00000440, 0x00000470,
+    0x000001a8, 0x00000190, 0x000001d0, 0x000001d8,
+    0x000001c8, 0x00000188, 0x000001e0, 0x00000198,
+    0x000001b8, 0x000001a0, 0x000001e8, 0x00000180,
+    0x000001b0, 0x000001f8, 0x000001c0, 0x000001f0,
+    0x000003a8, 0x00000390, 0x000003d0, 0x000003d8,
+    0x000003c8, 0x00000388, 0x000003e0, 0x00000398,
+    0x000003b8, 0x000003a0, 0x000003e8, 0x00000380,
+    0x000003b0, 0x000003f8, 0x000003c0, 0x000003f0,
+    0x000000a8, 0x00000090, 0x000000d0, 0x000000d8,
+    0x000000c8, 0x00000088, 0x000000e0, 0x00000098,
+    0x000000b8, 0x000000a0, 0x000000e8, 0x00000080,
+    0x000000b0, 0x000000f8, 0x000000c0, 0x000000f0,
+    0x00000528, 0x00000510, 0x00000550, 0x00000558,
+    0x00000548, 0x00000508, 0x00000560, 0x00000518,
+    0x00000538, 0x00000520, 0x00000568, 0x00000500,
+    0x00000530, 0x00000578, 0x00000540, 0x00000570,
+    0x00000128, 0x00000110, 0x00000150, 0x00000158,
+    0x00000148, 0x00000108, 0x00000160, 0x00000118,
+    0x00000138, 0x00000120, 0x00000168, 0x00000100,
+    0x00000130, 0x00000178, 0x00000140, 0x00000170,
+    0x000004a8, 0x00000490, 0x000004d0, 0x000004d8,
+    0x000004c8, 0x00000488, 0x000004e0, 0x00000498,
+    0x000004b8, 0x000004a0, 0x000004e8, 0x00000480,
+    0x000004b0, 0x000004f8, 0x000004c0, 0x000004f0,
+    0x00000328, 0x00000310, 0x00000350, 0x00000358,
+    0x00000348, 0x00000308, 0x00000360, 0x00000318,
+    0x00000338, 0x00000320, 0x00000368, 0x00000300,
+    0x00000330, 0x00000378, 0x00000340, 0x00000370,
+    0x000007a8, 0x00000790, 0x000007d0, 0x000007d8,
+    0x000007c8, 0x00000788, 0x000007e0, 0x00000798,
+    0x000007b8, 0x000007a0, 0x000007e8, 0x00000780,
+    0x000007b0, 0x000007f8, 0x000007c0, 0x000007f0,
+    0x000006a8, 0x00000690, 0x000006d0, 0x000006d8,
+    0x000006c8, 0x00000688, 0x000006e0, 0x00000698,
+    0x000006b8, 0x000006a0, 0x000006e8, 0x00000680,
+    0x000006b0, 0x000006f8, 0x000006c0, 0x000006f0,
+    0x000002a8, 0x00000290, 0x000002d0, 0x000002d8,
+    0x000002c8, 0x00000288, 0x000002e0, 0x00000298,
+    0x000002b8, 0x000002a0, 0x000002e8, 0x00000280,
+    0x000002b0, 0x000002f8, 0x000002c0, 0x000002f0,
+    0x00000628, 0x00000610, 0x00000650, 0x00000658,
+    0x00000648, 0x00000608, 0x00000660, 0x00000618,
+    0x00000638, 0x00000620, 0x00000668, 0x00000600,
+    0x00000630, 0x00000678, 0x00000640, 0x00000670,
+  }
+};
+
+const struct gost28147_param gost28147_param_CryptoPro_C =
+{
+  1,
+  {
+    /* 0 */
+    0x00000800, 0x00005800, 0x00006000, 0x00001000,
+    0x00004800, 0x00006800, 0x00000000, 0x00007800,
+    0x00002000, 0x00002800, 0x00004000, 0x00007000,
+    0x00005000, 0x00003800, 0x00003000, 0x00001800,
+    0x00008800, 0x0000d800, 0x0000e000, 0x00009000,
+    0x0000c800, 0x0000e800, 0x00008000, 0x0000f800,
+    0x0000a000, 0x0000a800, 0x0000c000, 0x0000f000,
+    0x0000d000, 0x0000b800, 0x0000b000, 0x00009800,
+    0x00038800, 0x0003d800, 0x0003e000, 0x00039000,
+    0x0003c800, 0x0003e800, 0x00038000, 0x0003f800,
+    0x0003a000, 0x0003a800, 0x0003c000, 0x0003f000,
+    0x0003d000, 0x0003b800, 0x0003b000, 0x00039800,
+    0x00068800, 0x0006d800, 0x0006e000, 0x00069000,
+    0x0006c800, 0x0006e800, 0x00068000, 0x0006f800,
+    0x0006a000, 0x0006a800, 0x0006c000, 0x0006f000,
+    0x0006d000, 0x0006b800, 0x0006b000, 0x00069800,
+    0x00058800, 0x0005d800, 0x0005e000, 0x00059000,
+    0x0005c800, 0x0005e800, 0x00058000, 0x0005f800,
+    0x0005a000, 0x0005a800, 0x0005c000, 0x0005f000,
+    0x0005d000, 0x0005b800, 0x0005b000, 0x00059800,
+    0x00020800, 0x00025800, 0x00026000, 0x00021000,
+    0x00024800, 0x00026800, 0x00020000, 0x00027800,
+    0x00022000, 0x00022800, 0x00024000, 0x00027000,
+    0x00025000, 0x00023800, 0x00023000, 0x00021800,
+    0x00028800, 0x0002d800, 0x0002e000, 0x00029000,
+    0x0002c800, 0x0002e800, 0x00028000, 0x0002f800,
+    0x0002a000, 0x0002a800, 0x0002c000, 0x0002f000,
+    0x0002d000, 0x0002b800, 0x0002b000, 0x00029800,
+    0x00010800, 0x00015800, 0x00016000, 0x00011000,
+    0x00014800, 0x00016800, 0x00010000, 0x00017800,
+    0x00012000, 0x00012800, 0x00014000, 0x00017000,
+    0x00015000, 0x00013800, 0x00013000, 0x00011800,
+    0x00040800, 0x00045800, 0x00046000, 0x00041000,
+    0x00044800, 0x00046800, 0x00040000, 0x00047800,
+    0x00042000, 0x00042800, 0x00044000, 0x00047000,
+    0x00045000, 0x00043800, 0x00043000, 0x00041800,
+    0x00070800, 0x00075800, 0x00076000, 0x00071000,
+    0x00074800, 0x00076800, 0x00070000, 0x00077800,
+    0x00072000, 0x00072800, 0x00074000, 0x00077000,
+    0x00075000, 0x00073800, 0x00073000, 0x00071800,
+    0x00078800, 0x0007d800, 0x0007e000, 0x00079000,
+    0x0007c800, 0x0007e800, 0x00078000, 0x0007f800,
+    0x0007a000, 0x0007a800, 0x0007c000, 0x0007f000,
+    0x0007d000, 0x0007b800, 0x0007b000, 0x00079800,
+    0x00060800, 0x00065800, 0x00066000, 0x00061000,
+    0x00064800, 0x00066800, 0x00060000, 0x00067800,
+    0x00062000, 0x00062800, 0x00064000, 0x00067000,
+    0x00065000, 0x00063800, 0x00063000, 0x00061800,
+    0x00048800, 0x0004d800, 0x0004e000, 0x00049000,
+    0x0004c800, 0x0004e800, 0x00048000, 0x0004f800,
+    0x0004a000, 0x0004a800, 0x0004c000, 0x0004f000,
+    0x0004d000, 0x0004b800, 0x0004b000, 0x00049800,
+    0x00050800, 0x00055800, 0x00056000, 0x00051000,
+    0x00054800, 0x00056800, 0x00050000, 0x00057800,
+    0x00052000, 0x00052800, 0x00054000, 0x00057000,
+    0x00055000, 0x00053800, 0x00053000, 0x00051800,
+    0x00030800, 0x00035800, 0x00036000, 0x00031000,
+    0x00034800, 0x00036800, 0x00030000, 0x00037800,
+    0x00032000, 0x00032800, 0x00034000, 0x00037000,
+    0x00035000, 0x00033800, 0x00033000, 0x00031800,
+    0x00018800, 0x0001d800, 0x0001e000, 0x00019000,
+    0x0001c800, 0x0001e800, 0x00018000, 0x0001f800,
+    0x0001a000, 0x0001a800, 0x0001c000, 0x0001f000,
+    0x0001d000, 0x0001b800, 0x0001b000, 0x00019800,
+    /* 1 */
+    0x01c00000, 0x01900000, 0x01a80000, 0x01800000,
+    0x01a00000, 0x01c80000, 0x01f80000, 0x01d00000,
+    0x01980000, 0x01b80000, 0x01e00000, 0x01e80000,
+    0x01b00000, 0x01f00000, 0x01880000, 0x01d80000,
+    0x03400000, 0x03100000, 0x03280000, 0x03000000,
+    0x03200000, 0x03480000, 0x03780000, 0x03500000,
+    0x03180000, 0x03380000, 0x03600000, 0x03680000,
+    0x03300000, 0x03700000, 0x03080000, 0x03580000,
+    0x00400000, 0x00100000, 0x00280000, 0x00000000,
+    0x00200000, 0x00480000, 0x00780000, 0x00500000,
+    0x00180000, 0x00380000, 0x00600000, 0x00680000,
+    0x00300000, 0x00700000, 0x00080000, 0x00580000,
+    0x00c00000, 0x00900000, 0x00a80000, 0x00800000,
+    0x00a00000, 0x00c80000, 0x00f80000, 0x00d00000,
+    0x00980000, 0x00b80000, 0x00e00000, 0x00e80000,
+    0x00b00000, 0x00f00000, 0x00880000, 0x00d80000,
+    0x02c00000, 0x02900000, 0x02a80000, 0x02800000,
+    0x02a00000, 0x02c80000, 0x02f80000, 0x02d00000,
+    0x02980000, 0x02b80000, 0x02e00000, 0x02e80000,
+    0x02b00000, 0x02f00000, 0x02880000, 0x02d80000,
+    0x06c00000, 0x06900000, 0x06a80000, 0x06800000,
+    0x06a00000, 0x06c80000, 0x06f80000, 0x06d00000,
+    0x06980000, 0x06b80000, 0x06e00000, 0x06e80000,
+    0x06b00000, 0x06f00000, 0x06880000, 0x06d80000,
+    0x05400000, 0x05100000, 0x05280000, 0x05000000,
+    0x05200000, 0x05480000, 0x05780000, 0x05500000,
+    0x05180000, 0x05380000, 0x05600000, 0x05680000,
+    0x05300000, 0x05700000, 0x05080000, 0x05580000,
+    0x04400000, 0x04100000, 0x04280000, 0x04000000,
+    0x04200000, 0x04480000, 0x04780000, 0x04500000,
+    0x04180000, 0x04380000, 0x04600000, 0x04680000,
+    0x04300000, 0x04700000, 0x04080000, 0x04580000,
+    0x05c00000, 0x05900000, 0x05a80000, 0x05800000,
+    0x05a00000, 0x05c80000, 0x05f80000, 0x05d00000,
+    0x05980000, 0x05b80000, 0x05e00000, 0x05e80000,
+    0x05b00000, 0x05f00000, 0x05880000, 0x05d80000,
+    0x01400000, 0x01100000, 0x01280000, 0x01000000,
+    0x01200000, 0x01480000, 0x01780000, 0x01500000,
+    0x01180000, 0x01380000, 0x01600000, 0x01680000,
+    0x01300000, 0x01700000, 0x01080000, 0x01580000,
+    0x04c00000, 0x04900000, 0x04a80000, 0x04800000,
+    0x04a00000, 0x04c80000, 0x04f80000, 0x04d00000,
+    0x04980000, 0x04b80000, 0x04e00000, 0x04e80000,
+    0x04b00000, 0x04f00000, 0x04880000, 0x04d80000,
+    0x03c00000, 0x03900000, 0x03a80000, 0x03800000,
+    0x03a00000, 0x03c80000, 0x03f80000, 0x03d00000,
+    0x03980000, 0x03b80000, 0x03e00000, 0x03e80000,
+    0x03b00000, 0x03f00000, 0x03880000, 0x03d80000,
+    0x07400000, 0x07100000, 0x07280000, 0x07000000,
+    0x07200000, 0x07480000, 0x07780000, 0x07500000,
+    0x07180000, 0x07380000, 0x07600000, 0x07680000,
+    0x07300000, 0x07700000, 0x07080000, 0x07580000,
+    0x07c00000, 0x07900000, 0x07a80000, 0x07800000,
+    0x07a00000, 0x07c80000, 0x07f80000, 0x07d00000,
+    0x07980000, 0x07b80000, 0x07e00000, 0x07e80000,
+    0x07b00000, 0x07f00000, 0x07880000, 0x07d80000,
+    0x06400000, 0x06100000, 0x06280000, 0x06000000,
+    0x06200000, 0x06480000, 0x06780000, 0x06500000,
+    0x06180000, 0x06380000, 0x06600000, 0x06680000,
+    0x06300000, 0x06700000, 0x06080000, 0x06580000,
+    0x02400000, 0x02100000, 0x02280000, 0x02000000,
+    0x02200000, 0x02480000, 0x02780000, 0x02500000,
+    0x02180000, 0x02380000, 0x02600000, 0x02680000,
+    0x02300000, 0x02700000, 0x02080000, 0x02580000,
+    /* 2 */
+    0x40000006, 0x68000006, 0x58000006, 0x00000006,
+    0x20000006, 0x28000006, 0x08000006, 0x10000006,
+    0x48000006, 0x18000006, 0x60000006, 0x70000006,
+    0x30000006, 0x78000006, 0x50000006, 0x38000006,
+    0xc0000004, 0xe8000004, 0xd8000004, 0x80000004,
+    0xa0000004, 0xa8000004, 0x88000004, 0x90000004,
+    0xc8000004, 0x98000004, 0xe0000004, 0xf0000004,
+    0xb0000004, 0xf8000004, 0xd0000004, 0xb8000004,
+    0xc0000005, 0xe8000005, 0xd8000005, 0x80000005,
+    0xa0000005, 0xa8000005, 0x88000005, 0x90000005,
+    0xc8000005, 0x98000005, 0xe0000005, 0xf0000005,
+    0xb0000005, 0xf8000005, 0xd0000005, 0xb8000005,
+    0xc0000000, 0xe8000000, 0xd8000000, 0x80000000,
+    0xa0000000, 0xa8000000, 0x88000000, 0x90000000,
+    0xc8000000, 0x98000000, 0xe0000000, 0xf0000000,
+    0xb0000000, 0xf8000000, 0xd0000000, 0xb8000000,
+    0x40000004, 0x68000004, 0x58000004, 0x00000004,
+    0x20000004, 0x28000004, 0x08000004, 0x10000004,
+    0x48000004, 0x18000004, 0x60000004, 0x70000004,
+    0x30000004, 0x78000004, 0x50000004, 0x38000004,
+    0x40000007, 0x68000007, 0x58000007, 0x00000007,
+    0x20000007, 0x28000007, 0x08000007, 0x10000007,
+    0x48000007, 0x18000007, 0x60000007, 0x70000007,
+    0x30000007, 0x78000007, 0x50000007, 0x38000007,
+    0x40000001, 0x68000001, 0x58000001, 0x00000001,
+    0x20000001, 0x28000001, 0x08000001, 0x10000001,
+    0x48000001, 0x18000001, 0x60000001, 0x70000001,
+    0x30000001, 0x78000001, 0x50000001, 0x38000001,
+    0x40000002, 0x68000002, 0x58000002, 0x00000002,
+    0x20000002, 0x28000002, 0x08000002, 0x10000002,
+    0x48000002, 0x18000002, 0x60000002, 0x70000002,
+    0x30000002, 0x78000002, 0x50000002, 0x38000002,
+    0xc0000003, 0xe8000003, 0xd8000003, 0x80000003,
+    0xa0000003, 0xa8000003, 0x88000003, 0x90000003,
+    0xc8000003, 0x98000003, 0xe0000003, 0xf0000003,
+    0xb0000003, 0xf8000003, 0xd0000003, 0xb8000003,
+    0xc0000001, 0xe8000001, 0xd8000001, 0x80000001,
+    0xa0000001, 0xa8000001, 0x88000001, 0x90000001,
+    0xc8000001, 0x98000001, 0xe0000001, 0xf0000001,
+    0xb0000001, 0xf8000001, 0xd0000001, 0xb8000001,
+    0x40000003, 0x68000003, 0x58000003, 0x00000003,
+    0x20000003, 0x28000003, 0x08000003, 0x10000003,
+    0x48000003, 0x18000003, 0x60000003, 0x70000003,
+    0x30000003, 0x78000003, 0x50000003, 0x38000003,
+    0xc0000002, 0xe8000002, 0xd8000002, 0x80000002,
+    0xa0000002, 0xa8000002, 0x88000002, 0x90000002,
+    0xc8000002, 0x98000002, 0xe0000002, 0xf0000002,
+    0xb0000002, 0xf8000002, 0xd0000002, 0xb8000002,
+    0x40000005, 0x68000005, 0x58000005, 0x00000005,
+    0x20000005, 0x28000005, 0x08000005, 0x10000005,
+    0x48000005, 0x18000005, 0x60000005, 0x70000005,
+    0x30000005, 0x78000005, 0x50000005, 0x38000005,
+    0x40000000, 0x68000000, 0x58000000, 0x00000000,
+    0x20000000, 0x28000000, 0x08000000, 0x10000000,
+    0x48000000, 0x18000000, 0x60000000, 0x70000000,
+    0x30000000, 0x78000000, 0x50000000, 0x38000000,
+    0xc0000007, 0xe8000007, 0xd8000007, 0x80000007,
+    0xa0000007, 0xa8000007, 0x88000007, 0x90000007,
+    0xc8000007, 0x98000007, 0xe0000007, 0xf0000007,
+    0xb0000007, 0xf8000007, 0xd0000007, 0xb8000007,
+    0xc0000006, 0xe8000006, 0xd8000006, 0x80000006,
+    0xa0000006, 0xa8000006, 0x88000006, 0x90000006,
+    0xc8000006, 0x98000006, 0xe0000006, 0xf0000006,
+    0xb0000006, 0xf8000006, 0xd0000006, 0xb8000006,
+    /* 3 */
+    0x000003d0, 0x000003c8, 0x000003b0, 0x000003c0,
+    0x000003e8, 0x000003f0, 0x00000390, 0x00000380,
+    0x000003f8, 0x00000398, 0x000003a8, 0x000003d8,
+    0x000003a0, 0x00000388, 0x000003e0, 0x000003b8,
+    0x00000250, 0x00000248, 0x00000230, 0x00000240,
+    0x00000268, 0x00000270, 0x00000210, 0x00000200,
+    0x00000278, 0x00000218, 0x00000228, 0x00000258,
+    0x00000220, 0x00000208, 0x00000260, 0x00000238,
+    0x00000050, 0x00000048, 0x00000030, 0x00000040,
+    0x00000068, 0x00000070, 0x00000010, 0x00000000,
+    0x00000078, 0x00000018, 0x00000028, 0x00000058,
+    0x00000020, 0x00000008, 0x00000060, 0x00000038,
+    0x000002d0, 0x000002c8, 0x000002b0, 0x000002c0,
+    0x000002e8, 0x000002f0, 0x00000290, 0x00000280,
+    0x000002f8, 0x00000298, 0x000002a8, 0x000002d8,
+    0x000002a0, 0x00000288, 0x000002e0, 0x000002b8,
+    0x00000550, 0x00000548, 0x00000530, 0x00000540,
+    0x00000568, 0x00000570, 0x00000510, 0x00000500,
+    0x00000578, 0x00000518, 0x00000528, 0x00000558,
+    0x00000520, 0x00000508, 0x00000560, 0x00000538,
+    0x00000150, 0x00000148, 0x00000130, 0x00000140,
+    0x00000168, 0x00000170, 0x00000110, 0x00000100,
+    0x00000178, 0x00000118, 0x00000128, 0x00000158,
+    0x00000120, 0x00000108, 0x00000160, 0x00000138,
+    0x000007d0, 0x000007c8, 0x000007b0, 0x000007c0,
+    0x000007e8, 0x000007f0, 0x00000790, 0x00000780,
+    0x000007f8, 0x00000798, 0x000007a8, 0x000007d8,
+    0x000007a0, 0x00000788, 0x000007e0, 0x000007b8,
+    0x00000750, 0x00000748, 0x00000730, 0x00000740,
+    0x00000768, 0x00000770, 0x00000710, 0x00000700,
+    0x00000778, 0x00000718, 0x00000728, 0x00000758,
+    0x00000720, 0x00000708, 0x00000760, 0x00000738,
+    0x00000650, 0x00000648, 0x00000630, 0x00000640,
+    0x00000668, 0x00000670, 0x00000610, 0x00000600,
+    0x00000678, 0x00000618, 0x00000628, 0x00000658,
+    0x00000620, 0x00000608, 0x00000660, 0x00000638,
+    0x00000350, 0x00000348, 0x00000330, 0x00000340,
+    0x00000368, 0x00000370, 0x00000310, 0x00000300,
+    0x00000378, 0x00000318, 0x00000328, 0x00000358,
+    0x00000320, 0x00000308, 0x00000360, 0x00000338,
+    0x000000d0, 0x000000c8, 0x000000b0, 0x000000c0,
+    0x000000e8, 0x000000f0, 0x00000090, 0x00000080,
+    0x000000f8, 0x00000098, 0x000000a8, 0x000000d8,
+    0x000000a0, 0x00000088, 0x000000e0, 0x000000b8,
+    0x000005d0, 0x000005c8, 0x000005b0, 0x000005c0,
+    0x000005e8, 0x000005f0, 0x00000590, 0x00000580,
+    0x000005f8, 0x00000598, 0x000005a8, 0x000005d8,
+    0x000005a0, 0x00000588, 0x000005e0, 0x000005b8,
+    0x000006d0, 0x000006c8, 0x000006b0, 0x000006c0,
+    0x000006e8, 0x000006f0, 0x00000690, 0x00000680,
+    0x000006f8, 0x00000698, 0x000006a8, 0x000006d8,
+    0x000006a0, 0x00000688, 0x000006e0, 0x000006b8,
+    0x000004d0, 0x000004c8, 0x000004b0, 0x000004c0,
+    0x000004e8, 0x000004f0, 0x00000490, 0x00000480,
+    0x000004f8, 0x00000498, 0x000004a8, 0x000004d8,
+    0x000004a0, 0x00000488, 0x000004e0, 0x000004b8,
+    0x000001d0, 0x000001c8, 0x000001b0, 0x000001c0,
+    0x000001e8, 0x000001f0, 0x00000190, 0x00000180,
+    0x000001f8, 0x00000198, 0x000001a8, 0x000001d8,
+    0x000001a0, 0x00000188, 0x000001e0, 0x000001b8,
+    0x00000450, 0x00000448, 0x00000430, 0x00000440,
+    0x00000468, 0x00000470, 0x00000410, 0x00000400,
+    0x00000478, 0x00000418, 0x00000428, 0x00000458,
+    0x00000420, 0x00000408, 0x00000460, 0x00000438,
+  }
+};
+
+const struct gost28147_param gost28147_param_CryptoPro_D =
+{
+  1,
+  {
+    /* 0 */
+    0x0005f800, 0x0005e000, 0x00059000, 0x0005d000,
+    0x0005b000, 0x0005a000, 0x0005a800, 0x00058000,
+    0x0005b800, 0x0005c800, 0x0005f000, 0x0005e800,
+    0x00058800, 0x0005d800, 0x0005c000, 0x00059800,
+    0x00037800, 0x00036000, 0x00031000, 0x00035000,
+    0x00033000, 0x00032000, 0x00032800, 0x00030000,
+    0x00033800, 0x00034800, 0x00037000, 0x00036800,
+    0x00030800, 0x00035800, 0x00034000, 0x00031800,
+    0x0001f800, 0x0001e000, 0x00019000, 0x0001d000,
+    0x0001b000, 0x0001a000, 0x0001a800, 0x00018000,
+    0x0001b800, 0x0001c800, 0x0001f000, 0x0001e800,
+    0x00018800, 0x0001d800, 0x0001c000, 0x00019800,
+    0x00027800, 0x00026000, 0x00021000, 0x00025000,
+    0x00023000, 0x00022000, 0x00022800, 0x00020000,
+    0x00023800, 0x00024800, 0x00027000, 0x00026800,
+    0x00020800, 0x00025800, 0x00024000, 0x00021800,
+    0x00067800, 0x00066000, 0x00061000, 0x00065000,
+    0x00063000, 0x00062000, 0x00062800, 0x00060000,
+    0x00063800, 0x00064800, 0x00067000, 0x00066800,
+    0x00060800, 0x00065800, 0x00064000, 0x00061800,
+    0x0007f800, 0x0007e000, 0x00079000, 0x0007d000,
+    0x0007b000, 0x0007a000, 0x0007a800, 0x00078000,
+    0x0007b800, 0x0007c800, 0x0007f000, 0x0007e800,
+    0x00078800, 0x0007d800, 0x0007c000, 0x00079800,
+    0x00077800, 0x00076000, 0x00071000, 0x00075000,
+    0x00073000, 0x00072000, 0x00072800, 0x00070000,
+    0x00073800, 0x00074800, 0x00077000, 0x00076800,
+    0x00070800, 0x00075800, 0x00074000, 0x00071800,
+    0x00017800, 0x00016000, 0x00011000, 0x00015000,
+    0x00013000, 0x00012000, 0x00012800, 0x00010000,
+    0x00013800, 0x00014800, 0x00017000, 0x00016800,
+    0x00010800, 0x00015800, 0x00014000, 0x00011800,
+    0x0003f800, 0x0003e000, 0x00039000, 0x0003d000,
+    0x0003b000, 0x0003a000, 0x0003a800, 0x00038000,
+    0x0003b800, 0x0003c800, 0x0003f000, 0x0003e800,
+    0x00038800, 0x0003d800, 0x0003c000, 0x00039800,
+    0x0006f800, 0x0006e000, 0x00069000, 0x0006d000,
+    0x0006b000, 0x0006a000, 0x0006a800, 0x00068000,
+    0x0006b800, 0x0006c800, 0x0006f000, 0x0006e800,
+    0x00068800, 0x0006d800, 0x0006c000, 0x00069800,
+    0x00047800, 0x00046000, 0x00041000, 0x00045000,
+    0x00043000, 0x00042000, 0x00042800, 0x00040000,
+    0x00043800, 0x00044800, 0x00047000, 0x00046800,
+    0x00040800, 0x00045800, 0x00044000, 0x00041800,
+    0x00007800, 0x00006000, 0x00001000, 0x00005000,
+    0x00003000, 0x00002000, 0x00002800, 0x00000000,
+    0x00003800, 0x00004800, 0x00007000, 0x00006800,
+    0x00000800, 0x00005800, 0x00004000, 0x00001800,
+    0x0002f800, 0x0002e000, 0x00029000, 0x0002d000,
+    0x0002b000, 0x0002a000, 0x0002a800, 0x00028000,
+    0x0002b800, 0x0002c800, 0x0002f000, 0x0002e800,
+    0x00028800, 0x0002d800, 0x0002c000, 0x00029800,
+    0x00057800, 0x00056000, 0x00051000, 0x00055000,
+    0x00053000, 0x00052000, 0x00052800, 0x00050000,
+    0x00053800, 0x00054800, 0x00057000, 0x00056800,
+    0x00050800, 0x00055800, 0x00054000, 0x00051800,
+    0x0004f800, 0x0004e000, 0x00049000, 0x0004d000,
+    0x0004b000, 0x0004a000, 0x0004a800, 0x00048000,
+    0x0004b800, 0x0004c800, 0x0004f000, 0x0004e800,
+    0x00048800, 0x0004d800, 0x0004c000, 0x00049800,
+    0x0000f800, 0x0000e000, 0x00009000, 0x0000d000,
+    0x0000b000, 0x0000a000, 0x0000a800, 0x00008000,
+    0x0000b800, 0x0000c800, 0x0000f000, 0x0000e800,
+    0x00008800, 0x0000d800, 0x0000c000, 0x00009800,
+    /* 1 */
+    0x00880000, 0x00e00000, 0x00d80000, 0x00800000,
+    0x00f80000, 0x00f00000, 0x00b00000, 0x00a80000,
+    0x00d00000, 0x00e80000, 0x00a00000, 0x00c00000,
+    0x00c80000, 0x00980000, 0x00b80000, 0x00900000,
+    0x02880000, 0x02e00000, 0x02d80000, 0x02800000,
+    0x02f80000, 0x02f00000, 0x02b00000, 0x02a80000,
+    0x02d00000, 0x02e80000, 0x02a00000, 0x02c00000,
+    0x02c80000, 0x02980000, 0x02b80000, 0x02900000,
+    0x07080000, 0x07600000, 0x07580000, 0x07000000,
+    0x07780000, 0x07700000, 0x07300000, 0x07280000,
+    0x07500000, 0x07680000, 0x07200000, 0x07400000,
+    0x07480000, 0x07180000, 0x07380000, 0x07100000,
+    0x06080000, 0x06600000, 0x06580000, 0x06000000,
+    0x06780000, 0x06700000, 0x06300000, 0x06280000,
+    0x06500000, 0x06680000, 0x06200000, 0x06400000,
+    0x06480000, 0x06180000, 0x06380000, 0x06100000,
+    0x05080000, 0x05600000, 0x05580000, 0x05000000,
+    0x05780000, 0x05700000, 0x05300000, 0x05280000,
+    0x05500000, 0x05680000, 0x05200000, 0x05400000,
+    0x05480000, 0x05180000, 0x05380000, 0x05100000,
+    0x03880000, 0x03e00000, 0x03d80000, 0x03800000,
+    0x03f80000, 0x03f00000, 0x03b00000, 0x03a80000,
+    0x03d00000, 0x03e80000, 0x03a00000, 0x03c00000,
+    0x03c80000, 0x03980000, 0x03b80000, 0x03900000,
+    0x00080000, 0x00600000, 0x00580000, 0x00000000,
+    0x00780000, 0x00700000, 0x00300000, 0x00280000,
+    0x00500000, 0x00680000, 0x00200000, 0x00400000,
+    0x00480000, 0x00180000, 0x00380000, 0x00100000,
+    0x06880000, 0x06e00000, 0x06d80000, 0x06800000,
+    0x06f80000, 0x06f00000, 0x06b00000, 0x06a80000,
+    0x06d00000, 0x06e80000, 0x06a00000, 0x06c00000,
+    0x06c80000, 0x06980000, 0x06b80000, 0x06900000,
+    0x03080000, 0x03600000, 0x03580000, 0x03000000,
+    0x03780000, 0x03700000, 0x03300000, 0x03280000,
+    0x03500000, 0x03680000, 0x03200000, 0x03400000,
+    0x03480000, 0x03180000, 0x03380000, 0x03100000,
+    0x01080000, 0x01600000, 0x01580000, 0x01000000,
+    0x01780000, 0x01700000, 0x01300000, 0x01280000,
+    0x01500000, 0x01680000, 0x01200000, 0x01400000,
+    0x01480000, 0x01180000, 0x01380000, 0x01100000,
+    0x05880000, 0x05e00000, 0x05d80000, 0x05800000,
+    0x05f80000, 0x05f00000, 0x05b00000, 0x05a80000,
+    0x05d00000, 0x05e80000, 0x05a00000, 0x05c00000,
+    0x05c80000, 0x05980000, 0x05b80000, 0x05900000,
+    0x02080000, 0x02600000, 0x02580000, 0x02000000,
+    0x02780000, 0x02700000, 0x02300000, 0x02280000,
+    0x02500000, 0x02680000, 0x02200000, 0x02400000,
+    0x02480000, 0x02180000, 0x02380000, 0x02100000,
+    0x04880000, 0x04e00000, 0x04d80000, 0x04800000,
+    0x04f80000, 0x04f00000, 0x04b00000, 0x04a80000,
+    0x04d00000, 0x04e80000, 0x04a00000, 0x04c00000,
+    0x04c80000, 0x04980000, 0x04b80000, 0x04900000,
+    0x01880000, 0x01e00000, 0x01d80000, 0x01800000,
+    0x01f80000, 0x01f00000, 0x01b00000, 0x01a80000,
+    0x01d00000, 0x01e80000, 0x01a00000, 0x01c00000,
+    0x01c80000, 0x01980000, 0x01b80000, 0x01900000,
+    0x07880000, 0x07e00000, 0x07d80000, 0x07800000,
+    0x07f80000, 0x07f00000, 0x07b00000, 0x07a80000,
+    0x07d00000, 0x07e80000, 0x07a00000, 0x07c00000,
+    0x07c80000, 0x07980000, 0x07b80000, 0x07900000,
+    0x04080000, 0x04600000, 0x04580000, 0x04000000,
+    0x04780000, 0x04700000, 0x04300000, 0x04280000,
+    0x04500000, 0x04680000, 0x04200000, 0x04400000,
+    0x04480000, 0x04180000, 0x04380000, 0x04100000,
+    /* 2 */
+    0x00000004, 0x60000004, 0x40000004, 0x48000004,
+    0x68000004, 0x10000004, 0x50000004, 0x58000004,
+    0x38000004, 0x18000004, 0x30000004, 0x28000004,
+    0x20000004, 0x70000004, 0x78000004, 0x08000004,
+    0x00000000, 0x60000000, 0x40000000, 0x48000000,
+    0x68000000, 0x10000000, 0x50000000, 0x58000000,
+    0x38000000, 0x18000000, 0x30000000, 0x28000000,
+    0x20000000, 0x70000000, 0x78000000, 0x08000000,
+    0x80000007, 0xe0000007, 0xc0000007, 0xc8000007,
+    0xe8000007, 0x90000007, 0xd0000007, 0xd8000007,
+    0xb8000007, 0x98000007, 0xb0000007, 0xa8000007,
+    0xa0000007, 0xf0000007, 0xf8000007, 0x88000007,
+    0x80000001, 0xe0000001, 0xc0000001, 0xc8000001,
+    0xe8000001, 0x90000001, 0xd0000001, 0xd8000001,
+    0xb8000001, 0x98000001, 0xb0000001, 0xa8000001,
+    0xa0000001, 0xf0000001, 0xf8000001, 0x88000001,
+    0x00000001, 0x60000001, 0x40000001, 0x48000001,
+    0x68000001, 0x10000001, 0x50000001, 0x58000001,
+    0x38000001, 0x18000001, 0x30000001, 0x28000001,
+    0x20000001, 0x70000001, 0x78000001, 0x08000001,
+    0x80000002, 0xe0000002, 0xc0000002, 0xc8000002,
+    0xe8000002, 0x90000002, 0xd0000002, 0xd8000002,
+    0xb8000002, 0x98000002, 0xb0000002, 0xa8000002,
+    0xa0000002, 0xf0000002, 0xf8000002, 0x88000002,
+    0x00000007, 0x60000007, 0x40000007, 0x48000007,
+    0x68000007, 0x10000007, 0x50000007, 0x58000007,
+    0x38000007, 0x18000007, 0x30000007, 0x28000007,
+    0x20000007, 0x70000007, 0x78000007, 0x08000007,
+    0x80000005, 0xe0000005, 0xc0000005, 0xc8000005,
+    0xe8000005, 0x90000005, 0xd0000005, 0xd8000005,
+    0xb8000005, 0x98000005, 0xb0000005, 0xa8000005,
+    0xa0000005, 0xf0000005, 0xf8000005, 0x88000005,
+    0x80000000, 0xe0000000, 0xc0000000, 0xc8000000,
+    0xe8000000, 0x90000000, 0xd0000000, 0xd8000000,
+    0xb8000000, 0x98000000, 0xb0000000, 0xa8000000,
+    0xa0000000, 0xf0000000, 0xf8000000, 0x88000000,
+    0x00000005, 0x60000005, 0x40000005, 0x48000005,
+    0x68000005, 0x10000005, 0x50000005, 0x58000005,
+    0x38000005, 0x18000005, 0x30000005, 0x28000005,
+    0x20000005, 0x70000005, 0x78000005, 0x08000005,
+    0x00000002, 0x60000002, 0x40000002, 0x48000002,
+    0x68000002, 0x10000002, 0x50000002, 0x58000002,
+    0x38000002, 0x18000002, 0x30000002, 0x28000002,
+    0x20000002, 0x70000002, 0x78000002, 0x08000002,
+    0x80000003, 0xe0000003, 0xc0000003, 0xc8000003,
+    0xe8000003, 0x90000003, 0xd0000003, 0xd8000003,
+    0xb8000003, 0x98000003, 0xb0000003, 0xa8000003,
+    0xa0000003, 0xf0000003, 0xf8000003, 0x88000003,
+    0x00000006, 0x60000006, 0x40000006, 0x48000006,
+    0x68000006, 0x10000006, 0x50000006, 0x58000006,
+    0x38000006, 0x18000006, 0x30000006, 0x28000006,
+    0x20000006, 0x70000006, 0x78000006, 0x08000006,
+    0x80000004, 0xe0000004, 0xc0000004, 0xc8000004,
+    0xe8000004, 0x90000004, 0xd0000004, 0xd8000004,
+    0xb8000004, 0x98000004, 0xb0000004, 0xa8000004,
+    0xa0000004, 0xf0000004, 0xf8000004, 0x88000004,
+    0x80000006, 0xe0000006, 0xc0000006, 0xc8000006,
+    0xe8000006, 0x90000006, 0xd0000006, 0xd8000006,
+    0xb8000006, 0x98000006, 0xb0000006, 0xa8000006,
+    0xa0000006, 0xf0000006, 0xf8000006, 0x88000006,
+    0x00000003, 0x60000003, 0x40000003, 0x48000003,
+    0x68000003, 0x10000003, 0x50000003, 0x58000003,
+    0x38000003, 0x18000003, 0x30000003, 0x28000003,
+    0x20000003, 0x70000003, 0x78000003, 0x08000003,
+    /* 3 */
+    0x00000098, 0x00000080, 0x000000b0, 0x000000f8,
+    0x00000088, 0x000000f0, 0x000000c8, 0x00000090,
+    0x000000e8, 0x000000c0, 0x000000e0, 0x000000a0,
+    0x000000d8, 0x000000d0, 0x000000a8, 0x000000b8,
+    0x00000518, 0x00000500, 0x00000530, 0x00000578,
+    0x00000508, 0x00000570, 0x00000548, 0x00000510,
+    0x00000568, 0x00000540, 0x00000560, 0x00000520,
+    0x00000558, 0x00000550, 0x00000528, 0x00000538,
+    0x00000318, 0x00000300, 0x00000330, 0x00000378,
+    0x00000308, 0x00000370, 0x00000348, 0x00000310,
+    0x00000368, 0x00000340, 0x00000360, 0x00000320,
+    0x00000358, 0x00000350, 0x00000328, 0x00000338,
+    0x00000418, 0x00000400, 0x00000430, 0x00000478,
+    0x00000408, 0x00000470, 0x00000448, 0x00000410,
+    0x00000468, 0x00000440, 0x00000460, 0x00000420,
+    0x00000458, 0x00000450, 0x00000428, 0x00000438,
+    0x00000798, 0x00000780, 0x000007b0, 0x000007f8,
+    0x00000788, 0x000007f0, 0x000007c8, 0x00000790,
+    0x000007e8, 0x000007c0, 0x000007e0, 0x000007a0,
+    0x000007d8, 0x000007d0, 0x000007a8, 0x000007b8,
+    0x00000598, 0x00000580, 0x000005b0, 0x000005f8,
+    0x00000588, 0x000005f0, 0x000005c8, 0x00000590,
+    0x000005e8, 0x000005c0, 0x000005e0, 0x000005a0,
+    0x000005d8, 0x000005d0, 0x000005a8, 0x000005b8,
+    0x00000018, 0x00000000, 0x00000030, 0x00000078,
+    0x00000008, 0x00000070, 0x00000048, 0x00000010,
+    0x00000068, 0x00000040, 0x00000060, 0x00000020,
+    0x00000058, 0x00000050, 0x00000028, 0x00000038,
+    0x00000218, 0x00000200, 0x00000230, 0x00000278,
+    0x00000208, 0x00000270, 0x00000248, 0x00000210,
+    0x00000268, 0x00000240, 0x00000260, 0x00000220,
+    0x00000258, 0x00000250, 0x00000228, 0x00000238,
+    0x00000618, 0x00000600, 0x00000630, 0x00000678,
+    0x00000608, 0x00000670, 0x00000648, 0x00000610,
+    0x00000668, 0x00000640, 0x00000660, 0x00000620,
+    0x00000658, 0x00000650, 0x00000628, 0x00000638,
+    0x00000198, 0x00000180, 0x000001b0, 0x000001f8,
+    0x00000188, 0x000001f0, 0x000001c8, 0x00000190,
+    0x000001e8, 0x000001c0, 0x000001e0, 0x000001a0,
+    0x000001d8, 0x000001d0, 0x000001a8, 0x000001b8,
+    0x00000298, 0x00000280, 0x000002b0, 0x000002f8,
+    0x00000288, 0x000002f0, 0x000002c8, 0x00000290,
+    0x000002e8, 0x000002c0, 0x000002e0, 0x000002a0,
+    0x000002d8, 0x000002d0, 0x000002a8, 0x000002b8,
+    0x00000498, 0x00000480, 0x000004b0, 0x000004f8,
+    0x00000488, 0x000004f0, 0x000004c8, 0x00000490,
+    0x000004e8, 0x000004c0, 0x000004e0, 0x000004a0,
+    0x000004d8, 0x000004d0, 0x000004a8, 0x000004b8,
+    0x00000398, 0x00000380, 0x000003b0, 0x000003f8,
+    0x00000388, 0x000003f0, 0x000003c8, 0x00000390,
+    0x000003e8, 0x000003c0, 0x000003e0, 0x000003a0,
+    0x000003d8, 0x000003d0, 0x000003a8, 0x000003b8,
+    0x00000698, 0x00000680, 0x000006b0, 0x000006f8,
+    0x00000688, 0x000006f0, 0x000006c8, 0x00000690,
+    0x000006e8, 0x000006c0, 0x000006e0, 0x000006a0,
+    0x000006d8, 0x000006d0, 0x000006a8, 0x000006b8,
+    0x00000118, 0x00000100, 0x00000130, 0x00000178,
+    0x00000108, 0x00000170, 0x00000148, 0x00000110,
+    0x00000168, 0x00000140, 0x00000160, 0x00000120,
+    0x00000158, 0x00000150, 0x00000128, 0x00000138,
+    0x00000718, 0x00000700, 0x00000730, 0x00000778,
+    0x00000708, 0x00000770, 0x00000748, 0x00000710,
+    0x00000768, 0x00000740, 0x00000760, 0x00000720,
+    0x00000758, 0x00000750, 0x00000728, 0x00000738,
+  }
+};
+
+const struct gost28147_param gost28147_param_TC26_Z =
+{
+  1,
+  {
+    /* 0 */
+    0x00036000, 0x00032000, 0x00033000, 0x00031000,
+    0x00035000, 0x00032800, 0x00035800, 0x00034800,
+    0x00037000, 0x00034000, 0x00036800, 0x00033800,
+    0x00030000, 0x00031800, 0x00037800, 0x00030800,
+    0x00046000, 0x00042000, 0x00043000, 0x00041000,
+    0x00045000, 0x00042800, 0x00045800, 0x00044800,
+    0x00047000, 0x00044000, 0x00046800, 0x00043800,
+    0x00040000, 0x00041800, 0x00047800, 0x00040800,
+    0x00016000, 0x00012000, 0x00013000, 0x00011000,
+    0x00015000, 0x00012800, 0x00015800, 0x00014800,
+    0x00017000, 0x00014000, 0x00016800, 0x00013800,
+    0x00010000, 0x00011800, 0x00017800, 0x00010800,
+    0x0001e000, 0x0001a000, 0x0001b000, 0x00019000,
+    0x0001d000, 0x0001a800, 0x0001d800, 0x0001c800,
+    0x0001f000, 0x0001c000, 0x0001e800, 0x0001b800,
+    0x00018000, 0x00019800, 0x0001f800, 0x00018800,
+    0x0004e000, 0x0004a000, 0x0004b000, 0x00049000,
+    0x0004d000, 0x0004a800, 0x0004d800, 0x0004c800,
+    0x0004f000, 0x0004c000, 0x0004e800, 0x0004b800,
+    0x00048000, 0x00049800, 0x0004f800, 0x00048800,
+    0x00056000, 0x00052000, 0x00053000, 0x00051000,
+    0x00055000, 0x00052800, 0x00055800, 0x00054800,
+    0x00057000, 0x00054000, 0x00056800, 0x00053800,
+    0x00050000, 0x00051800, 0x00057800, 0x00050800,
+    0x0002e000, 0x0002a000, 0x0002b000, 0x00029000,
+    0x0002d000, 0x0002a800, 0x0002d800, 0x0002c800,
+    0x0002f000, 0x0002c000, 0x0002e800, 0x0002b800,
+    0x00028000, 0x00029800, 0x0002f800, 0x00028800,
+    0x00066000, 0x00062000, 0x00063000, 0x00061000,
+    0x00065000, 0x00062800, 0x00065800, 0x00064800,
+    0x00067000, 0x00064000, 0x00066800, 0x00063800,
+    0x00060000, 0x00061800, 0x00067800, 0x00060800,
+    0x0000e000, 0x0000a000, 0x0000b000, 0x00009000,
+    0x0000d000, 0x0000a800, 0x0000d800, 0x0000c800,
+    0x0000f000, 0x0000c000, 0x0000e800, 0x0000b800,
+    0x00008000, 0x00009800, 0x0000f800, 0x00008800,
+    0x00076000, 0x00072000, 0x00073000, 0x00071000,
+    0x00075000, 0x00072800, 0x00075800, 0x00074800,
+    0x00077000, 0x00074000, 0x00076800, 0x00073800,
+    0x00070000, 0x00071800, 0x00077800, 0x00070800,
+    0x00026000, 0x00022000, 0x00023000, 0x00021000,
+    0x00025000, 0x00022800, 0x00025800, 0x00024800,
+    0x00027000, 0x00024000, 0x00026800, 0x00023800,
+    0x00020000, 0x00021800, 0x00027800, 0x00020800,
+    0x0003e000, 0x0003a000, 0x0003b000, 0x00039000,
+    0x0003d000, 0x0003a800, 0x0003d800, 0x0003c800,
+    0x0003f000, 0x0003c000, 0x0003e800, 0x0003b800,
+    0x00038000, 0x00039800, 0x0003f800, 0x00038800,
+    0x0005e000, 0x0005a000, 0x0005b000, 0x00059000,
+    0x0005d000, 0x0005a800, 0x0005d800, 0x0005c800,
+    0x0005f000, 0x0005c000, 0x0005e800, 0x0005b800,
+    0x00058000, 0x00059800, 0x0005f800, 0x00058800,
+    0x0006e000, 0x0006a000, 0x0006b000, 0x00069000,
+    0x0006d000, 0x0006a800, 0x0006d800, 0x0006c800,
+    0x0006f000, 0x0006c000, 0x0006e800, 0x0006b800,
+    0x00068000, 0x00069800, 0x0006f800, 0x00068800,
+    0x00006000, 0x00002000, 0x00003000, 0x00001000,
+    0x00005000, 0x00002800, 0x00005800, 0x00004800,
+    0x00007000, 0x00004000, 0x00006800, 0x00003800,
+    0x00000000, 0x00001800, 0x00007800, 0x00000800,
+    0x0007e000, 0x0007a000, 0x0007b000, 0x00079000,
+    0x0007d000, 0x0007a800, 0x0007d800, 0x0007c800,
+    0x0007f000, 0x0007c000, 0x0007e800, 0x0007b800,
+    0x00078000, 0x00079800, 0x0007f800, 0x00078800,
+    /* 1 */
+    0x06580000, 0x06180000, 0x06280000, 0x06400000,
+    0x06100000, 0x06780000, 0x06500000, 0x06680000,
+    0x06700000, 0x06080000, 0x06380000, 0x06200000,
+    0x06600000, 0x06480000, 0x06300000, 0x06000000,
+    0x04580000, 0x04180000, 0x04280000, 0x04400000,
+    0x04100000, 0x04780000, 0x04500000, 0x04680000,
+    0x04700000, 0x04080000, 0x04380000, 0x04200000,
+    0x04600000, 0x04480000, 0x04300000, 0x04000000,
+    0x01580000, 0x01180000, 0x01280000, 0x01400000,
+    0x01100000, 0x01780000, 0x01500000, 0x01680000,
+    0x01700000, 0x01080000, 0x01380000, 0x01200000,
+    0x01600000, 0x01480000, 0x01300000, 0x01000000,
+    0x00d80000, 0x00980000, 0x00a80000, 0x00c00000,
+    0x00900000, 0x00f80000, 0x00d00000, 0x00e80000,
+    0x00f00000, 0x00880000, 0x00b80000, 0x00a00000,
+    0x00e00000, 0x00c80000, 0x00b00000, 0x00800000,
+    0x06d80000, 0x06980000, 0x06a80000, 0x06c00000,
+    0x06900000, 0x06f80000, 0x06d00000, 0x06e80000,
+    0x06f00000, 0x06880000, 0x06b80000, 0x06a00000,
+    0x06e00000, 0x06c80000, 0x06b00000, 0x06800000,
+    0x02580000, 0x02180000, 0x02280000, 0x02400000,
+    0x02100000, 0x02780000, 0x02500000, 0x02680000,
+    0x02700000, 0x02080000, 0x02380000, 0x02200000,
+    0x02600000, 0x02480000, 0x02300000, 0x02000000,
+    0x07d80000, 0x07980000, 0x07a80000, 0x07c00000,
+    0x07900000, 0x07f80000, 0x07d00000, 0x07e80000,
+    0x07f00000, 0x07880000, 0x07b80000, 0x07a00000,
+    0x07e00000, 0x07c80000, 0x07b00000, 0x07800000,
+    0x03580000, 0x03180000, 0x03280000, 0x03400000,
+    0x03100000, 0x03780000, 0x03500000, 0x03680000,
+    0x03700000, 0x03080000, 0x03380000, 0x03200000,
+    0x03600000, 0x03480000, 0x03300000, 0x03000000,
+    0x03d80000, 0x03980000, 0x03a80000, 0x03c00000,
+    0x03900000, 0x03f80000, 0x03d00000, 0x03e80000,
+    0x03f00000, 0x03880000, 0x03b80000, 0x03a00000,
+    0x03e00000, 0x03c80000, 0x03b00000, 0x03800000,
+    0x00580000, 0x00180000, 0x00280000, 0x00400000,
+    0x00100000, 0x00780000, 0x00500000, 0x00680000,
+    0x00700000, 0x00080000, 0x00380000, 0x00200000,
+    0x00600000, 0x00480000, 0x00300000, 0x00000000,
+    0x05580000, 0x05180000, 0x05280000, 0x05400000,
+    0x05100000, 0x05780000, 0x05500000, 0x05680000,
+    0x05700000, 0x05080000, 0x05380000, 0x05200000,
+    0x05600000, 0x05480000, 0x05300000, 0x05000000,
+    0x02d80000, 0x02980000, 0x02a80000, 0x02c00000,
+    0x02900000, 0x02f80000, 0x02d00000, 0x02e80000,
+    0x02f00000, 0x02880000, 0x02b80000, 0x02a00000,
+    0x02e00000, 0x02c80000, 0x02b00000, 0x02800000,
+    0x01d80000, 0x01980000, 0x01a80000, 0x01c00000,
+    0x01900000, 0x01f80000, 0x01d00000, 0x01e80000,
+    0x01f00000, 0x01880000, 0x01b80000, 0x01a00000,
+    0x01e00000, 0x01c80000, 0x01b00000, 0x01800000,
+    0x07580000, 0x07180000, 0x07280000, 0x07400000,
+    0x07100000, 0x07780000, 0x07500000, 0x07680000,
+    0x07700000, 0x07080000, 0x07380000, 0x07200000,
+    0x07600000, 0x07480000, 0x07300000, 0x07000000,
+    0x04d80000, 0x04980000, 0x04a80000, 0x04c00000,
+    0x04900000, 0x04f80000, 0x04d00000, 0x04e80000,
+    0x04f00000, 0x04880000, 0x04b80000, 0x04a00000,
+    0x04e00000, 0x04c80000, 0x04b00000, 0x04800000,
+    0x05d80000, 0x05980000, 0x05a80000, 0x05c00000,
+    0x05900000, 0x05f80000, 0x05d00000, 0x05e80000,
+    0x05f00000, 0x05880000, 0x05b80000, 0x05a00000,
+    0x05e00000, 0x05c80000, 0x05b00000, 0x05800000,
+    /* 2 */
+    0xb8000002, 0xf8000002, 0xa8000002, 0xd0000002,
+    0xc0000002, 0x88000002, 0xb0000002, 0xe8000002,
+    0x80000002, 0xc8000002, 0x98000002, 0xf0000002,
+    0xd8000002, 0xa0000002, 0x90000002, 0xe0000002,
+    0xb8000006, 0xf8000006, 0xa8000006, 0xd0000006,
+    0xc0000006, 0x88000006, 0xb0000006, 0xe8000006,
+    0x80000006, 0xc8000006, 0x98000006, 0xf0000006,
+    0xd8000006, 0xa0000006, 0x90000006, 0xe0000006,
+    0xb8000007, 0xf8000007, 0xa8000007, 0xd0000007,
+    0xc0000007, 0x88000007, 0xb0000007, 0xe8000007,
+    0x80000007, 0xc8000007, 0x98000007, 0xf0000007,
+    0xd8000007, 0xa0000007, 0x90000007, 0xe0000007,
+    0x38000003, 0x78000003, 0x28000003, 0x50000003,
+    0x40000003, 0x08000003, 0x30000003, 0x68000003,
+    0x00000003, 0x48000003, 0x18000003, 0x70000003,
+    0x58000003, 0x20000003, 0x10000003, 0x60000003,
+    0xb8000004, 0xf8000004, 0xa8000004, 0xd0000004,
+    0xc0000004, 0x88000004, 0xb0000004, 0xe8000004,
+    0x80000004, 0xc8000004, 0x98000004, 0xf0000004,
+    0xd8000004, 0xa0000004, 0x90000004, 0xe0000004,
+    0x38000001, 0x78000001, 0x28000001, 0x50000001,
+    0x40000001, 0x08000001, 0x30000001, 0x68000001,
+    0x00000001, 0x48000001, 0x18000001, 0x70000001,
+    0x58000001, 0x20000001, 0x10000001, 0x60000001,
+    0x38000006, 0x78000006, 0x28000006, 0x50000006,
+    0x40000006, 0x08000006, 0x30000006, 0x68000006,
+    0x00000006, 0x48000006, 0x18000006, 0x70000006,
+    0x58000006, 0x20000006, 0x10000006, 0x60000006,
+    0x38000005, 0x78000005, 0x28000005, 0x50000005,
+    0x40000005, 0x08000005, 0x30000005, 0x68000005,
+    0x00000005, 0x48000005, 0x18000005, 0x70000005,
+    0x58000005, 0x20000005, 0x10000005, 0x60000005,
+    0xb8000005, 0xf8000005, 0xa8000005, 0xd0000005,
+    0xc0000005, 0x88000005, 0xb0000005, 0xe8000005,
+    0x80000005, 0xc8000005, 0x98000005, 0xf0000005,
+    0xd8000005, 0xa0000005, 0x90000005, 0xe0000005,
+    0xb8000003, 0xf8000003, 0xa8000003, 0xd0000003,
+    0xc0000003, 0x88000003, 0xb0000003, 0xe8000003,
+    0x80000003, 0xc8000003, 0x98000003, 0xf0000003,
+    0xd8000003, 0xa0000003, 0x90000003, 0xe0000003,
+    0x38000004, 0x78000004, 0x28000004, 0x50000004,
+    0x40000004, 0x08000004, 0x30000004, 0x68000004,
+    0x00000004, 0x48000004, 0x18000004, 0x70000004,
+    0x58000004, 0x20000004, 0x10000004, 0x60000004,
+    0xb8000000, 0xf8000000, 0xa8000000, 0xd0000000,
+    0xc0000000, 0x88000000, 0xb0000000, 0xe8000000,
+    0x80000000, 0xc8000000, 0x98000000, 0xf0000000,
+    0xd8000000, 0xa0000000, 0x90000000, 0xe0000000,
+    0x38000002, 0x78000002, 0x28000002, 0x50000002,
+    0x40000002, 0x08000002, 0x30000002, 0x68000002,
+    0x00000002, 0x48000002, 0x18000002, 0x70000002,
+    0x58000002, 0x20000002, 0x10000002, 0x60000002,
+    0xb8000001, 0xf8000001, 0xa8000001, 0xd0000001,
+    0xc0000001, 0x88000001, 0xb0000001, 0xe8000001,
+    0x80000001, 0xc8000001, 0x98000001, 0xf0000001,
+    0xd8000001, 0xa0000001, 0x90000001, 0xe0000001,
+    0x38000007, 0x78000007, 0x28000007, 0x50000007,
+    0x40000007, 0x08000007, 0x30000007, 0x68000007,
+    0x00000007, 0x48000007, 0x18000007, 0x70000007,
+    0x58000007, 0x20000007, 0x10000007, 0x60000007,
+    0x38000000, 0x78000000, 0x28000000, 0x50000000,
+    0x40000000, 0x08000000, 0x30000000, 0x68000000,
+    0x00000000, 0x48000000, 0x18000000, 0x70000000,
+    0x58000000, 0x20000000, 0x10000000, 0x60000000,
+    /* 3 */
+    0x000000c0, 0x000000f0, 0x00000090, 0x000000a8,
+    0x000000b0, 0x000000c8, 0x00000088, 0x000000e0,
+    0x000000f8, 0x000000a0, 0x000000d8, 0x00000080,
+    0x000000e8, 0x000000d0, 0x00000098, 0x000000b8,
+    0x000003c0, 0x000003f0, 0x00000390, 0x000003a8,
+    0x000003b0, 0x000003c8, 0x00000388, 0x000003e0,
+    0x000003f8, 0x000003a0, 0x000003d8, 0x00000380,
+    0x000003e8, 0x000003d0, 0x00000398, 0x000003b8,
+    0x00000740, 0x00000770, 0x00000710, 0x00000728,
+    0x00000730, 0x00000748, 0x00000708, 0x00000760,
+    0x00000778, 0x00000720, 0x00000758, 0x00000700,
+    0x00000768, 0x00000750, 0x00000718, 0x00000738,
+    0x000006c0, 0x000006f0, 0x00000690, 0x000006a8,
+    0x000006b0, 0x000006c8, 0x00000688, 0x000006e0,
+    0x000006f8, 0x000006a0, 0x000006d8, 0x00000680,
+    0x000006e8, 0x000006d0, 0x00000698, 0x000006b8,
+    0x00000040, 0x00000070, 0x00000010, 0x00000028,
+    0x00000030, 0x00000048, 0x00000008, 0x00000060,
+    0x00000078, 0x00000020, 0x00000058, 0x00000000,
+    0x00000068, 0x00000050, 0x00000018, 0x00000038,
+    0x000002c0, 0x000002f0, 0x00000290, 0x000002a8,
+    0x000002b0, 0x000002c8, 0x00000288, 0x000002e0,
+    0x000002f8, 0x000002a0, 0x000002d8, 0x00000280,
+    0x000002e8, 0x000002d0, 0x00000298, 0x000002b8,
+    0x00000440, 0x00000470, 0x00000410, 0x00000428,
+    0x00000430, 0x00000448, 0x00000408, 0x00000460,
+    0x00000478, 0x00000420, 0x00000458, 0x00000400,
+    0x00000468, 0x00000450, 0x00000418, 0x00000438,
+    0x000001c0, 0x000001f0, 0x00000190, 0x000001a8,
+    0x000001b0, 0x000001c8, 0x00000188, 0x000001e0,
+    0x000001f8, 0x000001a0, 0x000001d8, 0x00000180,
+    0x000001e8, 0x000001d0, 0x00000198, 0x000001b8,
+    0x00000240, 0x00000270, 0x00000210, 0x00000228,
+    0x00000230, 0x00000248, 0x00000208, 0x00000260,
+    0x00000278, 0x00000220, 0x00000258, 0x00000200,
+    0x00000268, 0x00000250, 0x00000218, 0x00000238,
+    0x000007c0, 0x000007f0, 0x00000790, 0x000007a8,
+    0x000007b0, 0x000007c8, 0x00000788, 0x000007e0,
+    0x000007f8, 0x000007a0, 0x000007d8, 0x00000780,
+    0x000007e8, 0x000007d0, 0x00000798, 0x000007b8,
+    0x00000540, 0x00000570, 0x00000510, 0x00000528,
+    0x00000530, 0x00000548, 0x00000508, 0x00000560,
+    0x00000578, 0x00000520, 0x00000558, 0x00000500,
+    0x00000568, 0x00000550, 0x00000518, 0x00000538,
+    0x00000340, 0x00000370, 0x00000310, 0x00000328,
+    0x00000330, 0x00000348, 0x00000308, 0x00000360,
+    0x00000378, 0x00000320, 0x00000358, 0x00000300,
+    0x00000368, 0x00000350, 0x00000318, 0x00000338,
+    0x000004c0, 0x000004f0, 0x00000490, 0x000004a8,
+    0x000004b0, 0x000004c8, 0x00000488, 0x000004e0,
+    0x000004f8, 0x000004a0, 0x000004d8, 0x00000480,
+    0x000004e8, 0x000004d0, 0x00000498, 0x000004b8,
+    0x00000640, 0x00000670, 0x00000610, 0x00000628,
+    0x00000630, 0x00000648, 0x00000608, 0x00000660,
+    0x00000678, 0x00000620, 0x00000658, 0x00000600,
+    0x00000668, 0x00000650, 0x00000618, 0x00000638,
+    0x000005c0, 0x000005f0, 0x00000590, 0x000005a8,
+    0x000005b0, 0x000005c8, 0x00000588, 0x000005e0,
+    0x000005f8, 0x000005a0, 0x000005d8, 0x00000580,
+    0x000005e8, 0x000005d0, 0x00000598, 0x000005b8,
+    0x00000140, 0x00000170, 0x00000110, 0x00000128,
+    0x00000130, 0x00000148, 0x00000108, 0x00000160,
+    0x00000178, 0x00000120, 0x00000158, 0x00000100,
+    0x00000168, 0x00000150, 0x00000118, 0x00000138,
+  }
+};
+
+/*
+ *  A macro that performs a full encryption round of GOST 28147-89.
+ *  Temporary variables tmp assumed and variables r and l for left and right
+ *  blocks.
+ */
+#define GOST_ENCRYPT_ROUND(key1, key2, sbox) \
+  tmp = (key1) + r; \
+  l ^= (sbox)[0*256 + (tmp & 0xff)] ^ (sbox)[1*256 + ((tmp >> 8) & 0xff)] ^ \
+    (sbox)[2*256 + ((tmp >> 16) & 0xff)] ^ (sbox)[3*256 + (tmp >> 24)]; \
+  tmp = (key2) + l; \
+  r ^= (sbox)[0*256 + (tmp & 0xff)] ^ (sbox)[1*256 + ((tmp >> 8) & 0xff)] ^ \
+    (sbox)[2*256 + ((tmp >> 16) & 0xff)] ^ (sbox)[3*256 + (tmp >> 24)];
+
+/* encrypt a block with the given key */
+void gost28147_encrypt_simple (const uint32_t *key, const uint32_t *sbox,
+                               const uint32_t *in, uint32_t *out)
+{
+  uint32_t l, r, tmp;
+
+  r = in[0], l = in[1];
+  GOST_ENCRYPT_ROUND(key[0], key[1], sbox)
+  GOST_ENCRYPT_ROUND(key[2], key[3], sbox)
+  GOST_ENCRYPT_ROUND(key[4], key[5], sbox)
+  GOST_ENCRYPT_ROUND(key[6], key[7], sbox)
+  GOST_ENCRYPT_ROUND(key[0], key[1], sbox)
+  GOST_ENCRYPT_ROUND(key[2], key[3], sbox)
+  GOST_ENCRYPT_ROUND(key[4], key[5], sbox)
+  GOST_ENCRYPT_ROUND(key[6], key[7], sbox)
+  GOST_ENCRYPT_ROUND(key[0], key[1], sbox)
+  GOST_ENCRYPT_ROUND(key[2], key[3], sbox)
+  GOST_ENCRYPT_ROUND(key[4], key[5], sbox)
+  GOST_ENCRYPT_ROUND(key[6], key[7], sbox)
+  GOST_ENCRYPT_ROUND(key[7], key[6], sbox)
+  GOST_ENCRYPT_ROUND(key[5], key[4], sbox)
+  GOST_ENCRYPT_ROUND(key[3], key[2], sbox)
+  GOST_ENCRYPT_ROUND(key[1], key[0], sbox)
+  *out = l, *(out + 1) = r;
+}
+
+void gost28147_decrypt_simple (const uint32_t *key, const uint32_t *sbox,
+                               const uint32_t *in, uint32_t *out)
+{
+  uint32_t l, r, tmp;
+
+  r = in[0], l = in[1];
+  GOST_ENCRYPT_ROUND(key[0], key[1], sbox)
+  GOST_ENCRYPT_ROUND(key[2], key[3], sbox)
+  GOST_ENCRYPT_ROUND(key[4], key[5], sbox)
+  GOST_ENCRYPT_ROUND(key[6], key[7], sbox)
+  GOST_ENCRYPT_ROUND(key[7], key[6], sbox)
+  GOST_ENCRYPT_ROUND(key[5], key[4], sbox)
+  GOST_ENCRYPT_ROUND(key[3], key[2], sbox)
+  GOST_ENCRYPT_ROUND(key[1], key[0], sbox)
+  GOST_ENCRYPT_ROUND(key[7], key[6], sbox)
+  GOST_ENCRYPT_ROUND(key[5], key[4], sbox)
+  GOST_ENCRYPT_ROUND(key[3], key[2], sbox)
+  GOST_ENCRYPT_ROUND(key[1], key[0], sbox)
+  GOST_ENCRYPT_ROUND(key[7], key[6], sbox)
+  GOST_ENCRYPT_ROUND(key[5], key[4], sbox)
+  GOST_ENCRYPT_ROUND(key[3], key[2], sbox)
+  GOST_ENCRYPT_ROUND(key[1], key[0], sbox)
+  *out = l, *(out + 1) = r;
+}
+
+static void gost28147_imit_simple (const uint32_t *key, const uint32_t *sbox,
+                                   const uint32_t *in, uint32_t *out)
+{
+  uint32_t l, r, tmp;
+
+  r = in[0], l = in[1];
+  GOST_ENCRYPT_ROUND(key[0], key[1], sbox)
+  GOST_ENCRYPT_ROUND(key[2], key[3], sbox)
+  GOST_ENCRYPT_ROUND(key[4], key[5], sbox)
+  GOST_ENCRYPT_ROUND(key[6], key[7], sbox)
+  GOST_ENCRYPT_ROUND(key[0], key[1], sbox)
+  GOST_ENCRYPT_ROUND(key[2], key[3], sbox)
+  GOST_ENCRYPT_ROUND(key[4], key[5], sbox)
+  GOST_ENCRYPT_ROUND(key[6], key[7], sbox)
+  *out = r, *(out + 1) = l;
+}
+
+static const uint32_t gost28147_key_mesh_cryptopro_data[GOST28147_KEY_SIZE / 4] = {
+  0x22720069, 0x2304c964,
+  0x96db3a8d, 0xc42ae946,
+  0x94acfe18, 0x1207ed00,
+  0xc2dc86c0, 0x2ba94cef,
+};
+
+static void gost28147_key_mesh_cryptopro(struct gost28147_ctx *ctx)
+{
+  uint32_t newkey[GOST28147_KEY_SIZE/4];
+
+  gost28147_decrypt_simple(ctx->key, ctx->sbox,
+			   &gost28147_key_mesh_cryptopro_data[0],
+			   &newkey[0]);
+
+  gost28147_decrypt_simple(ctx->key, ctx->sbox,
+			   &gost28147_key_mesh_cryptopro_data[2],
+			   &newkey[2]);
+
+  gost28147_decrypt_simple(ctx->key, ctx->sbox,
+			   &gost28147_key_mesh_cryptopro_data[4],
+			   &newkey[4]);
+
+  gost28147_decrypt_simple(ctx->key, ctx->sbox,
+			   &gost28147_key_mesh_cryptopro_data[6],
+			   &newkey[6]);
+
+  memcpy(ctx->key, newkey, sizeof(newkey));
+  ctx->key_count = 0;
+}
+
+void
+gost28147_set_key(struct gost28147_ctx *ctx, const uint8_t *key)
+{
+  unsigned i;
+
+  assert(key);
+  for (i = 0; i < 8; i++, key += 4)
+    ctx->key[i] = LE_READ_UINT32(key);
+  ctx->key_count = 0;
+}
+
+void
+gost28147_set_param(struct gost28147_ctx *ctx, const struct gost28147_param *param)
+{
+  assert(param);
+  ctx->sbox = param->sbox;
+  ctx->key_meshing = param->key_meshing;
+}
+
+void
+gost28147_encrypt(const struct gost28147_ctx *ctx,
+		  size_t length, uint8_t *dst,
+		  const uint8_t *src)
+{
+  uint32_t block[2];
+
+  assert(!(length % GOST28147_BLOCK_SIZE));
+
+  while (length)
+    {
+      block[0] = LE_READ_UINT32(src); src += 4;
+      block[1] = LE_READ_UINT32(src); src += 4;
+      gost28147_encrypt_simple(ctx->key, ctx->sbox, block, block);
+      LE_WRITE_UINT32(dst, block[0]); dst += 4;
+      LE_WRITE_UINT32(dst, block[1]); dst += 4;
+      length -= GOST28147_BLOCK_SIZE;
+    }
+}
+
+void
+gost28147_decrypt(const struct gost28147_ctx *ctx,
+		  size_t length, uint8_t *dst,
+		  const uint8_t *src)
+{
+  uint32_t block[2];
+
+  assert(!(length % GOST28147_BLOCK_SIZE));
+
+  while (length)
+    {
+      block[0] = LE_READ_UINT32(src); src += 4;
+      block[1] = LE_READ_UINT32(src); src += 4;
+      gost28147_decrypt_simple(ctx->key, ctx->sbox, block, block);
+      LE_WRITE_UINT32(dst, block[0]); dst += 4;
+      LE_WRITE_UINT32(dst, block[1]); dst += 4;
+      length -= GOST28147_BLOCK_SIZE;
+    }
+}
+
+void
+gost28147_encrypt_for_cfb(struct gost28147_ctx *ctx,
+			  size_t length, uint8_t *dst,
+			  const uint8_t *src)
+{
+  uint32_t block[2];
+
+  assert(!(length % GOST28147_BLOCK_SIZE));
+
+  while (length)
+    {
+      block[0] = LE_READ_UINT32(src); src += 4;
+      block[1] = LE_READ_UINT32(src); src += 4;
+      if (ctx->key_meshing && ctx->key_count == 1024)
+	{
+	  gost28147_key_mesh_cryptopro(ctx);
+	  gost28147_encrypt_simple(ctx->key, ctx->sbox, block, block);
+	  ctx->key_count = 0;
+	}
+      gost28147_encrypt_simple(ctx->key, ctx->sbox, block, block);
+      LE_WRITE_UINT32(dst, block[0]); dst += 4;
+      LE_WRITE_UINT32(dst, block[1]); dst += 4;
+      length -= GOST28147_BLOCK_SIZE;
+      ctx->key_count += GOST28147_BLOCK_SIZE;
+    }
+}
+
+static void
+gost28147_cnt_next_iv(struct gost28147_cnt_ctx *ctx,
+		      uint8_t *out)
+{
+  uint32_t block[2];
+  uint32_t temp;
+
+  if (ctx->ctx.key_meshing && ctx->ctx.key_count == 1024)
+    {
+      gost28147_key_mesh_cryptopro(&ctx->ctx);
+      gost28147_encrypt_simple(ctx->ctx.key, ctx->ctx.sbox, ctx->iv, ctx->iv);
+      ctx->ctx.key_count = 0;
+    }
+
+  ctx->iv[0] += 0x01010101;
+  temp = ctx->iv[1] + 0x01010104;
+  if (temp < ctx->iv[1])
+    ctx->iv[1] = temp + 1; /* Overflow */
+  else
+    ctx->iv[1] = temp;
+
+  gost28147_encrypt_simple(ctx->ctx.key, ctx->ctx.sbox, ctx->iv, block);
+
+  LE_WRITE_UINT32(out + 0, block[0]);
+  LE_WRITE_UINT32(out + 4, block[1]);
+
+  ctx->ctx.key_count += GOST28147_BLOCK_SIZE;
+}
+
+void
+gost28147_cnt_init(struct gost28147_cnt_ctx *ctx,
+		   const uint8_t *key,
+		   const struct gost28147_param *param)
+{
+  gost28147_set_param(&ctx->ctx, param);
+  gost28147_set_key(&ctx->ctx, key);
+  ctx->bytes = 0;
+}
+
+void
+gost28147_cnt_set_iv(struct gost28147_cnt_ctx *ctx,
+		     const uint8_t *iv)
+{
+  uint32_t block[2];
+
+  block[0] = LE_READ_UINT32(iv + 0);
+  block[1] = LE_READ_UINT32(iv + 4);
+
+  gost28147_encrypt_simple(ctx->ctx.key, ctx->ctx.sbox, block, ctx->iv);
+}
+
+void
+gost28147_cnt_crypt(struct gost28147_cnt_ctx *ctx,
+		    size_t length, uint8_t *dst,
+		    const uint8_t *src)
+{
+  size_t block_size = GOST28147_BLOCK_SIZE;
+
+  if (ctx->bytes)
+    {
+      size_t part = ctx->bytes < length ? ctx->bytes : length;
+      memxor3(dst, src, ctx->buffer + block_size - ctx->bytes, part);
+      dst += part;
+      src += part;
+      length -= part;
+      ctx->bytes -= part;
+      ctx->bytes %= block_size;
+    }
+  while (length >= block_size)
+    {
+      gost28147_cnt_next_iv(ctx, ctx->buffer);
+      memxor3(dst, src, ctx->buffer, block_size);
+      length -= block_size;
+      src += block_size;
+      dst += block_size;
+    }
+
+  if (length != 0)
+    {
+      gost28147_cnt_next_iv(ctx, ctx->buffer);
+      memxor3(dst, src, ctx->buffer, length);
+      ctx->bytes = block_size - length;
+    }
+}
+
+static void
+_gost28147_imit_reinit(struct gost28147_imit_ctx *ctx)
+{
+  ctx->state[0] = 0;
+  ctx->state[1] = 0;
+  ctx->index = 0;
+  ctx->count = 0;
+}
+
+void
+gost28147_imit_set_key(struct gost28147_imit_ctx *ctx,
+		       size_t length,
+		       const uint8_t *key)
+{
+  assert(length == GOST28147_IMIT_KEY_SIZE);
+  assert(key);
+
+  _gost28147_imit_reinit(ctx);
+  gost28147_set_key(&ctx->cctx, key);
+}
+
+void
+gost28147_imit_set_nonce(struct gost28147_imit_ctx *ctx, const uint8_t *nonce)
+{
+	ctx->state[0] = LE_READ_UINT32(nonce + 0);
+	ctx->state[1] = LE_READ_UINT32(nonce + 4);
+}
+
+void
+gost28147_imit_set_param(struct gost28147_imit_ctx *ctx,
+			 const struct gost28147_param *param)
+{
+  assert(param);
+  gost28147_set_param(&ctx->cctx, param);
+}
+
+static void
+gost28147_imit_compress(struct gost28147_imit_ctx *ctx,
+			const uint8_t *data)
+{
+  uint32_t block[2];
+
+  if (ctx->cctx.key_meshing && ctx->cctx.key_count == 1024)
+    gost28147_key_mesh_cryptopro(&ctx->cctx);
+
+  block[0] = LE_READ_UINT32(data + 0) ^ ctx->state[0];
+  block[1] = LE_READ_UINT32(data + 4) ^ ctx->state[1];
+  gost28147_imit_simple(ctx->cctx.key, ctx->cctx.sbox, block, ctx->state);
+  ctx->cctx.key_count += 8;
+}
+
+void
+gost28147_imit_update(struct gost28147_imit_ctx *ctx,
+		      size_t length,
+		      const uint8_t *data)
+{
+  MD_UPDATE(ctx, length, data, gost28147_imit_compress, ctx->count++);
+}
+
+void
+gost28147_imit_digest(struct gost28147_imit_ctx *ctx,
+		      size_t length,
+		      uint8_t *digest)
+{
+  assert(length <= GOST28147_IMIT_DIGEST_SIZE);
+  const uint8_t zero[GOST28147_IMIT_BLOCK_SIZE] = { 0 };
+
+  if (ctx->index)
+    {
+      assert(ctx->index < GOST28147_IMIT_BLOCK_SIZE);
+      gost28147_imit_update(ctx, GOST28147_IMIT_BLOCK_SIZE - ctx->index, zero);
+    }
+
+  if (ctx->count == 1)
+    {
+      gost28147_imit_update(ctx, GOST28147_IMIT_BLOCK_SIZE, zero);
+    }
+
+  _nettle_write_le32(length, digest, ctx->state);
+  _gost28147_imit_reinit(ctx);
+}
+#endif
diff --git a/lib/nettle/gost/gost28147.h b/lib/nettle/gost/gost28147.h
new file mode 100644
index 0000000..a514ff4
--- /dev/null
+++ b/lib/nettle/gost/gost28147.h
@@ -0,0 +1,219 @@
+/* gost28147.h
+
+   The GOST 28147-89 (MAGMA) cipher function, described in RFC 5831.
+
+   Copyright (C) 2015 Dmitry Eremin-Solenikov
+   Copyright (C) 2012 Nikos Mavrogiannopoulos, Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see https://www.gnu.org/licenses/.
+*/
+
+#ifndef GNUTLS_LIB_NETTLE_GOST_GOST28147_H
+#define GNUTLS_LIB_NETTLE_GOST_GOST28147_H
+
+#include "config.h"
+
+#ifndef HAVE_NETTLE_GOST28147_SET_KEY
+
+#include <nettle/nettle-types.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* S-Boxes & parameters */
+#define gost28147_param_test_3411 _gnutls_gost28147_param_test_3411
+#define gost28147_param_CryptoPro_3411 _gnutls_gost28147_param_CryptoPro_3411
+#define gost28147_param_Test_89 _gnutls_gost28147_param_Test_89
+#define gost28147_param_CryptoPro_A _gnutls_gost28147_param_CryptoPro_A
+#define gost28147_param_CryptoPro_B _gnutls_gost28147_param_CryptoPro_B
+#define gost28147_param_CryptoPro_C _gnutls_gost28147_param_CryptoPro_C
+#define gost28147_param_CryptoPro_D _gnutls_gost28147_param_CryptoPro_D
+#define gost28147_param_TC26_Z _gnutls_gost28147_param_TC26_Z
+
+/* Private */
+#define gost28147_encrypt_simple _gnutls_gost28147_encrypt_simple
+#define gost28147_decrypt_simple _gnutls_gost28147_decrypt_simple
+
+/* Public functions */
+#define gost28147_set_key _gnutls_gost28147_set_key
+#define gost28147_set_param _gnutls_gost28147_set_param
+#define gost28147_encrypt _gnutls_gost28147_encrypt
+#define gost28147_encrypt_for_cfb _gnutls_gost28147_encrypt_for_cfb
+#define gost28147_decrypt _gnutls_gost28147_decrypt
+
+#define gost28147_cnt_init _gnutls_gost28147_cnt_init
+#define gost28147_cnt_set_iv _gnutls_gost28147_cnt_set_iv
+#define gost28147_cnt_crypt _gnutls_gost28147_cnt_crypt
+
+#define gost28147_kdf_cryptopro _gnutls_gost28147_kdf_cryptopro
+#define gost28147_key_wrap_cryptopro _gnutls_gost28147_key_wrap_cryptopro
+#define gost28147_key_unwrap_cryptopro _gnutls_gost28147_key_unwrap_cryptopro
+
+#define gost28147_imit_set_key _gnutls_gost28147_imit_set_key
+#define gost28147_imit_set_nonce _gnutls_gost28147_imit_set_nonce
+#define gost28147_imit_set_param _gnutls_gost28147_imit_set_param
+#define gost28147_imit_update _gnutls_gost28147_imit_update
+#define gost28147_imit_digest _gnutls_gost28147_imit_digest
+
+#define GOST28147_KEY_SIZE 32
+#define GOST28147_BLOCK_SIZE 8
+
+struct gost28147_ctx
+{
+  uint32_t key[GOST28147_KEY_SIZE/4];
+  const uint32_t *sbox;
+  int key_meshing;
+  int key_count; /* Used for key meshing */
+};
+
+struct gost28147_param
+{
+  int key_meshing;
+  uint32_t sbox[4*256];
+};
+
+extern const struct gost28147_param gost28147_param_test_3411;
+extern const struct gost28147_param gost28147_param_CryptoPro_3411;
+extern const struct gost28147_param gost28147_param_Test_89;
+extern const struct gost28147_param gost28147_param_CryptoPro_A;
+extern const struct gost28147_param gost28147_param_CryptoPro_B;
+extern const struct gost28147_param gost28147_param_CryptoPro_C;
+extern const struct gost28147_param gost28147_param_CryptoPro_D;
+extern const struct gost28147_param gost28147_param_TC26_Z;
+
+/* Internal interface for use by GOST R 34.11-94 */
+void gost28147_encrypt_simple (const uint32_t *key, const uint32_t *sbox,
+                               const uint32_t *in, uint32_t *out);
+void gost28147_decrypt_simple (const uint32_t *key, const uint32_t *sbox,
+			       const uint32_t *in, uint32_t *out);
+
+void
+gost28147_set_key(struct gost28147_ctx *ctx, const uint8_t *key);
+
+void
+gost28147_set_param(struct gost28147_ctx *ctx,
+		    const struct gost28147_param *param);
+
+void
+gost28147_encrypt(const struct gost28147_ctx *ctx,
+		  size_t length, uint8_t *dst,
+		  const uint8_t *src);
+void
+gost28147_decrypt(const struct gost28147_ctx *ctx,
+		  size_t length, uint8_t *dst,
+		  const uint8_t *src);
+void
+gost28147_encrypt_for_cfb(struct gost28147_ctx *ctx,
+			  size_t length, uint8_t *dst,
+			  const uint8_t *src);
+
+struct gost28147_cnt_ctx {
+  struct gost28147_ctx ctx;
+  size_t bytes;
+  uint32_t iv[2];
+  uint8_t buffer[GOST28147_BLOCK_SIZE];
+};
+
+void
+gost28147_cnt_init(struct gost28147_cnt_ctx *ctx,
+		   const uint8_t *key,
+		   const struct gost28147_param *param);
+
+void
+gost28147_cnt_set_iv(struct gost28147_cnt_ctx *ctx,
+		     const uint8_t *iv);
+
+void
+gost28147_cnt_crypt(struct gost28147_cnt_ctx *ctx,
+		    size_t length, uint8_t *dst,
+		    const uint8_t *src);
+
+void
+gost28147_kdf_cryptopro(const struct gost28147_param *param,
+		       const uint8_t *in,
+		       const uint8_t *ukm,
+		       uint8_t *out);
+void
+gost28147_key_wrap_cryptopro(const struct gost28147_param *param,
+			     const uint8_t *kek,
+			     const uint8_t *ukm, size_t ukm_size,
+			     const uint8_t *cek,
+			     uint8_t *enc,
+			     uint8_t *imit);
+
+int
+gost28147_key_unwrap_cryptopro(const struct gost28147_param *param,
+			       const uint8_t *kek,
+			       const uint8_t *ukm, size_t ukm_size,
+			       const uint8_t *enc,
+			       const uint8_t *imit,
+			       uint8_t *cek);
+
+#define GOST28147_IMIT_DIGEST_SIZE 4
+#define GOST28147_IMIT_BLOCK_SIZE GOST28147_BLOCK_SIZE
+#define GOST28147_IMIT_KEY_SIZE GOST28147_KEY_SIZE
+
+struct gost28147_imit_ctx
+{
+  struct gost28147_ctx cctx;
+  uint64_t count;		/* Block count */
+  uint8_t block[GOST28147_IMIT_BLOCK_SIZE]; /* Block buffer */
+  unsigned index;               /* Into buffer */
+  uint32_t state[GOST28147_IMIT_BLOCK_SIZE/4];
+};
+
+void
+gost28147_imit_set_key(struct gost28147_imit_ctx *ctx,
+		       size_t length,
+		       const uint8_t *key);
+
+void
+gost28147_imit_set_nonce(struct gost28147_imit_ctx *ctx,
+		         const uint8_t *nonce);
+
+void
+gost28147_imit_set_param(struct gost28147_imit_ctx *ctx,
+			 const struct gost28147_param *param);
+
+void
+gost28147_imit_update(struct gost28147_imit_ctx *ctx,
+		      size_t length,
+		      const uint8_t *data);
+
+void
+gost28147_imit_digest(struct gost28147_imit_ctx *ctx,
+		      size_t length,
+		      uint8_t *digest);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+#endif /* GNUTLS_LIB_NETTLE_GOST_GOST28147_H */
diff --git a/lib/nettle/gost/gostdsa-mask.c b/lib/nettle/gost/gostdsa-mask.c
new file mode 100644
index 0000000..7fb2086
--- /dev/null
+++ b/lib/nettle/gost/gostdsa-mask.c
@@ -0,0 +1,94 @@
+/* gostdsa-verify.c
+
+  Copyright (C) 2018 Dmitry Eremin-Solenikov
+
+  This file is part of GNU Nettle.
+
+  GNU Nettle is free software: you can redistribute it and/or
+  modify it under the terms of either:
+
+   * the GNU Lesser General Public License as published by the Free
+    Software Foundation; either version 3 of the License, or (at your
+    option) any later version.
+
+  or
+
+   * the GNU General Public License as published by the Free
+    Software Foundation; either version 2 of the License, or (at your
+    option) any later version.
+
+  or both in parallel, as here.
+
+  GNU Nettle is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  General Public License for more details.
+
+  You should have received copies of the GNU General Public License and
+  the GNU Lesser General Public License along with this program. If
+  not, see https://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <gnutls_int.h>
+
+#include <stdlib.h>
+
+#include <nettle/ecc-curve.h>
+#include "gostdsa2.h"
+
+#define GOST_GC256B_Q "ffffffffffffffffffffffffffffffff" \
+	"6c611070995ad10045841b09b761b893"
+#define GOST_GC512A_Q "ffffffffffffffffffffffffffffffff" \
+	"ffffffffffffffffffffffffffffffff" \
+	"27e69532f48d89116ff22b8d4e056060" \
+	"9b4b38abfad2b85dcacdb1411f10b275"
+
+/* Key comes in form .... M_2 M_1 K_0,
+  unmask is K_i = K_i-1 * M_i mod Q */
+int
+gostdsa_unmask_key (const struct ecc_curve *ecc,
+		    mpz_t key)
+{
+ unsigned bits = ecc_bit_size (ecc);
+ unsigned keybits = mpz_sizeinbase (key, 2);
+ mpz_t unmasked, temp, temp2, q;
+
+ if (keybits <= bits)
+  return 0;
+
+ mpz_init (unmasked);
+ mpz_init (temp);
+ mpz_init (temp2);
+
+ if (ecc == nettle_get_gost_gc256b ())
+   mpz_init_set_str (q, GOST_GC256B_Q, 16);
+ else if (ecc == nettle_get_gost_gc512a ())
+   mpz_init_set_str (q, GOST_GC512A_Q, 16);
+ else
+   abort ();
+
+ mpz_tdiv_r_2exp (unmasked, key, bits);
+ mpz_tdiv_q_2exp (key, key, bits);
+ keybits -= bits;
+ while (keybits > bits)
+  {
+   mpz_tdiv_r_2exp (temp2, key, bits);
+   mpz_tdiv_q_2exp (key, key, bits);
+   keybits -= bits;
+   mpz_mul (temp, unmasked, temp2);
+   mpz_mod (unmasked, temp, q);
+  }
+ mpz_mul (temp, unmasked, key);
+ mpz_mod (key, temp, q);
+
+ mpz_clear (q);
+ mpz_clear (temp2);
+ mpz_clear (temp);
+ mpz_clear (unmasked);
+
+ return 0;
+}
diff --git a/lib/nettle/gost/gostdsa2.h b/lib/nettle/gost/gostdsa2.h
new file mode 100644
index 0000000..9328a8a
--- /dev/null
+++ b/lib/nettle/gost/gostdsa2.h
@@ -0,0 +1,59 @@
+/* gostdsa.h
+
+   Copyright (C) 2015 Dmity Eremin-Solenikov
+   Copyright (C) 2013 Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see https://www.gnu.org/licenses/.
+*/
+
+/* Development of Nettle's ECC support was funded by the .SE Internet Fund. */
+
+#ifndef GNUTLS_LIB_NETTLE_GOST_GOSTDSA2_H
+#define GNUTLS_LIB_NETTLE_GOST_GOSTDSA2_H
+
+#include <nettle/ecc.h>
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Name mangling */
+#define gostdsa_unmask_key _gnutls_gostdsa_unmask_key
+
+int
+gostdsa_unmask_key (const struct ecc_curve *ecc,
+		    mpz_t key);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* GNUTLS_LIB_NETTLE_GOST_GOSTDSA2_H */
diff --git a/lib/nettle/gost/hmac-gost.h b/lib/nettle/gost/hmac-gost.h
new file mode 100644
index 0000000..c8212ab
--- /dev/null
+++ b/lib/nettle/gost/hmac-gost.h
@@ -0,0 +1,91 @@
+/* hmac-gost.h
+
+   HMAC message authentication code (RFC-2104).
+
+   Copyright (C) 2001, 2002 Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see https://www.gnu.org/licenses/.
+*/
+
+#ifndef GNUTLS_LIB_NETTLE_GOST_HMAC_GOST_H
+#define GNUTLS_LIB_NETTLE_GOST_HMAC_GOST_H
+
+#include "config.h"
+
+#include <nettle/hmac.h>
+
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
+#include "streebog.h"
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Namespace mangling */
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
+#define hmac_streebog256_set_key _gnutls_hmac_streebog256_set_key
+#define hmac_streebog256_digest _gnutls_hmac_streebog256_digest
+#define hmac_streebog512_set_key _gnutls_hmac_streebog512_set_key
+#define hmac_streebog512_update _gnutls_hmac_streebog512_update
+#define hmac_streebog512_digest _gnutls_hmac_streebog512_digest
+#endif
+
+/* hmac-streebog */
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
+struct hmac_streebog512_ctx HMAC_CTX(struct streebog512_ctx);
+
+void
+hmac_streebog512_set_key(struct hmac_streebog512_ctx *ctx,
+		    size_t key_length, const uint8_t *key);
+
+void
+hmac_streebog512_update(struct hmac_streebog512_ctx *ctx,
+		   size_t length, const uint8_t *data);
+
+void
+hmac_streebog512_digest(struct hmac_streebog512_ctx *ctx,
+		   size_t length, uint8_t *digest);
+
+#define hmac_streebog256_ctx hmac_streebog512_ctx
+
+void
+hmac_streebog256_set_key(struct hmac_streebog256_ctx *ctx,
+		    size_t key_length, const uint8_t *key);
+
+#define hmac_streebog256_update hmac_streebog512_update
+
+void
+hmac_streebog256_digest(struct hmac_streebog256_ctx *ctx,
+		   size_t length, uint8_t *digest);
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* GNUTLS_LIB_NETTLE_GOST_HMAC_GOST_H */
diff --git a/lib/nettle/gost/hmac-streebog.c b/lib/nettle/gost/hmac-streebog.c
new file mode 100644
index 0000000..00fcdb9
--- /dev/null
+++ b/lib/nettle/gost/hmac-streebog.c
@@ -0,0 +1,78 @@
+/* hmac-streebog.c
+
+   HMAC-Streebog message authentication code.
+
+   Copyright (C) 2016 Dmitry Eremin-Solenikov
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see https://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
+#include <gnutls_int.h>
+
+#include <nettle/hmac.h>
+#include "hmac-gost.h"
+
+void
+hmac_streebog512_set_key(struct hmac_streebog512_ctx *ctx,
+		    size_t key_length, const uint8_t *key)
+{
+  HMAC_SET_KEY(ctx, &nettle_streebog512, key_length, key);
+}
+
+void
+hmac_streebog512_update(struct hmac_streebog512_ctx *ctx,
+		   size_t length, const uint8_t *data)
+{
+  streebog512_update(&ctx->state, length, data);
+}
+
+void
+hmac_streebog512_digest(struct hmac_streebog512_ctx *ctx,
+		   size_t length, uint8_t *digest)
+{
+  HMAC_DIGEST(ctx, &nettle_streebog512, length, digest);
+}
+
+void
+hmac_streebog256_set_key(struct hmac_streebog256_ctx *ctx,
+		    size_t key_length, const uint8_t *key)
+{
+  HMAC_SET_KEY(ctx, &nettle_streebog256, key_length, key);
+}
+
+void
+hmac_streebog256_digest(struct hmac_streebog256_ctx *ctx,
+		   size_t length, uint8_t *digest)
+{
+  HMAC_DIGEST(ctx, &nettle_streebog256, length, digest);
+}
+#endif
diff --git a/lib/nettle/gost/kuznyechik.c b/lib/nettle/gost/kuznyechik.c
new file mode 100644
index 0000000..29361d7
--- /dev/null
+++ b/lib/nettle/gost/kuznyechik.c
@@ -0,0 +1,250 @@
+/* kuznyechik.c - GOST R 34.12-2015 (Kuznyechik) cipher implementation
+
+   Copyright: 2017 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+ */
+
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#ifndef HAVE_NETTLE_KUZNYECHIK_SET_KEY
+
+#include <assert.h>
+#include <string.h>
+
+#include <nettle/macros.h>
+#include <nettle/memxor.h>
+#include "nettle-write.h"
+#include "kuznyechik.h"
+
+#include "kuztable.h"
+
+static void S(uint8_t *a, const uint8_t *b)
+{
+  a[0] = pi[b[0]];
+  a[1] = pi[b[1]];
+  a[2] = pi[b[2]];
+  a[3] = pi[b[3]];
+  a[4] = pi[b[4]];
+  a[5] = pi[b[5]];
+  a[6] = pi[b[6]];
+  a[7] = pi[b[7]];
+  a[8] = pi[b[8]];
+  a[9] = pi[b[9]];
+  a[10] = pi[b[10]];
+  a[11] = pi[b[11]];
+  a[12] = pi[b[12]];
+  a[13] = pi[b[13]];
+  a[14] = pi[b[14]];
+  a[15] = pi[b[15]];
+}
+
+static void Sinv(uint8_t *a, const uint8_t *b)
+{
+  a[0] = pi_inv[b[0]];
+  a[1] = pi_inv[b[1]];
+  a[2] = pi_inv[b[2]];
+  a[3] = pi_inv[b[3]];
+  a[4] = pi_inv[b[4]];
+  a[5] = pi_inv[b[5]];
+  a[6] = pi_inv[b[6]];
+  a[7] = pi_inv[b[7]];
+  a[8] = pi_inv[b[8]];
+  a[9] = pi_inv[b[9]];
+  a[10] = pi_inv[b[10]];
+  a[11] = pi_inv[b[11]];
+  a[12] = pi_inv[b[12]];
+  a[13] = pi_inv[b[13]];
+  a[14] = pi_inv[b[14]];
+  a[15] = pi_inv[b[15]];
+}
+
+static void Linv(uint8_t *a, const uint8_t *b)
+{
+  memcpy(a, &kuz_table_inv[0][b[0] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[1][b[1] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[2][b[2] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[3][b[3] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[4][b[4] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[5][b[5] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[6][b[6] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[7][b[7] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[8][b[8] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[9][b[9] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[10][b[10] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[11][b[11] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[12][b[12] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[13][b[13] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[14][b[14] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(a, &kuz_table_inv[15][b[15] * 16], KUZNYECHIK_BLOCK_SIZE);
+}
+
+static void LSX(uint8_t *a, const uint8_t *b, const uint8_t *c)
+{
+  uint8_t t[16];
+
+  /* https://github.com/llvm/llvm-project/issues/53518 */
+#if defined(__clang_analyzer__) && \
+	(defined(__clang_major__) && __clang_major__ == 13)
+  assert(0);
+#else
+  memcpy(t, &kuz_table[0][(b[0] ^ c[0]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table[1][(b[1] ^ c[1]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table[2][(b[2] ^ c[2]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table[3][(b[3] ^ c[3]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table[4][(b[4] ^ c[4]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table[5][(b[5] ^ c[5]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table[6][(b[6] ^ c[6]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table[7][(b[7] ^ c[7]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table[8][(b[8] ^ c[8]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table[9][(b[9] ^ c[9]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table[10][(b[10] ^ c[10]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table[11][(b[11] ^ c[11]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table[12][(b[12] ^ c[12]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table[13][(b[13] ^ c[13]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table[14][(b[14] ^ c[14]) * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor3(a, t, &kuz_table[15][(b[15] ^ c[15]) * 16], KUZNYECHIK_BLOCK_SIZE);
+#endif
+}
+
+static void XLiSi(uint8_t *a, const uint8_t *b, const uint8_t *c)
+{
+  uint8_t t[16];
+
+  memcpy(t, &kuz_table_inv_LS[0][b[0] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[1][b[1] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[2][b[2] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[3][b[3] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[4][b[4] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[5][b[5] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[6][b[6] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[7][b[7] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[8][b[8] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[9][b[9] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[10][b[10] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[11][b[11] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[12][b[12] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[13][b[13] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[14][b[14] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor(t, &kuz_table_inv_LS[15][b[15] * 16], KUZNYECHIK_BLOCK_SIZE);
+  memxor3(a, t, c, 16);
+}
+
+static void subkey(uint8_t *out, const uint8_t *key, unsigned i)
+{
+  uint8_t test[16];
+
+  LSX(test, key+0, kuz_key_table[i + 0]);
+  memxor3(out+16, test, key + 16, 16);
+  LSX(test, out+16, kuz_key_table[i + 1]);
+  memxor3(out+0, test, key + 0, 16);
+  LSX(test, out+0, kuz_key_table[i + 2]);
+  memxor(out+16, test, 16);
+  LSX(test, out+16, kuz_key_table[i + 3]);
+  memxor(out+0, test, 16);
+  LSX(test, out+0, kuz_key_table[i + 4]);
+  memxor(out+16, test, 16);
+  LSX(test, out+16, kuz_key_table[i + 5]);
+  memxor(out+0, test, 16);
+  LSX(test, out+0, kuz_key_table[i + 6]);
+  memxor(out+16, test, 16);
+  LSX(test, out+16, kuz_key_table[i + 7]);
+  memxor(out+0, test, 16);
+}
+
+void
+kuznyechik_set_key(struct kuznyechik_ctx *ctx, const uint8_t *key)
+{
+  unsigned i;
+
+  memcpy(ctx->key, key, 32);
+  subkey(ctx->key + 32, ctx->key, 0);
+  subkey(ctx->key + 64, ctx->key + 32, 8);
+  subkey(ctx->key + 96, ctx->key + 64, 16);
+  subkey(ctx->key + 128, ctx->key + 96, 24);
+  for (i = 0; i < 10; i++)
+    Linv(ctx->dekey + 16 * i, ctx->key + 16 * i);
+}
+
+void
+kuznyechik_encrypt(const struct kuznyechik_ctx *ctx,
+	      size_t length, uint8_t *dst,
+	      const uint8_t *src)
+{
+  uint8_t temp[KUZNYECHIK_BLOCK_SIZE];
+
+  assert(!(length % KUZNYECHIK_BLOCK_SIZE));
+
+  while (length)
+    {
+      LSX(temp, ctx->key + 16 * 0, src);
+      LSX(temp, ctx->key + 16 * 1, temp);
+      LSX(temp, ctx->key + 16 * 2, temp);
+      LSX(temp, ctx->key + 16 * 3, temp);
+      LSX(temp, ctx->key + 16 * 4, temp);
+      LSX(temp, ctx->key + 16 * 5, temp);
+      LSX(temp, ctx->key + 16 * 6, temp);
+      LSX(temp, ctx->key + 16 * 7, temp);
+      LSX(temp, ctx->key + 16 * 8, temp);
+      memxor3(dst, ctx->key + 16 * 9, temp, 16);
+      src += KUZNYECHIK_BLOCK_SIZE;
+      dst+= KUZNYECHIK_BLOCK_SIZE;
+      length -= KUZNYECHIK_BLOCK_SIZE;
+    }
+}
+
+void
+kuznyechik_decrypt(const struct kuznyechik_ctx *ctx,
+	      size_t length, uint8_t *dst,
+	      const uint8_t *src)
+{
+  uint8_t temp[KUZNYECHIK_BLOCK_SIZE];
+
+  assert(!(length % KUZNYECHIK_BLOCK_SIZE));
+
+  while (length)
+    {
+      S(temp, src);
+      XLiSi(temp, temp, ctx->dekey + 16 * 9);
+      XLiSi(temp, temp, ctx->dekey + 16 * 8);
+      XLiSi(temp, temp, ctx->dekey + 16 * 7);
+      XLiSi(temp, temp, ctx->dekey + 16 * 6);
+      XLiSi(temp, temp, ctx->dekey + 16 * 5);
+      XLiSi(temp, temp, ctx->dekey + 16 * 4);
+      XLiSi(temp, temp, ctx->dekey + 16 * 3);
+      XLiSi(temp, temp, ctx->dekey + 16 * 2);
+      XLiSi(temp, temp, ctx->dekey + 16 * 1);
+      Sinv(dst, temp);
+      memxor(dst, ctx->key + 16 * 0, 16);
+      src += KUZNYECHIK_BLOCK_SIZE;
+      dst+= KUZNYECHIK_BLOCK_SIZE;
+      length -= KUZNYECHIK_BLOCK_SIZE;
+    }
+}
+#endif /* HAVE_NETTLE_KUZNYECHIK_SET_KEY */
diff --git a/lib/nettle/gost/kuznyechik.h b/lib/nettle/gost/kuznyechik.h
new file mode 100644
index 0000000..5799284
--- /dev/null
+++ b/lib/nettle/gost/kuznyechik.h
@@ -0,0 +1,80 @@
+/* kuznyechik.h
+
+   The GOST R 34.12-2015 (Kuznyechik) cipher function.
+
+   Copyright (C) 2017 Dmitry Eremin-Solenikov
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef GNUTLS_LIB_NETTLE_KUZNYECHIK_H_INCLUDED
+#define GNUTLS_LIB_NETTLE_KUZNYECHIK_H_INCLUDED
+
+#include <nettle/nettle-types.h>
+
+#include "config.h"
+
+#ifndef HAVE_NETTLE_KUZNYECHIK_SET_KEY
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define kuznyechik_set_key _gnutls_kuznyechik_set_key
+#define kuznyechik_set_param _gnutls_kuznyechik_set_param
+#define kuznyechik_encrypt _gnutls_kuznyechik_encrypt
+#define kuznyechik_decrypt _gnutls_kuznyechik_decrypt
+
+#define KUZNYECHIK_KEY_SIZE 32
+#define KUZNYECHIK_SUBKEYS_SIZE (16 * 10)
+#define KUZNYECHIK_BLOCK_SIZE 16
+
+struct kuznyechik_ctx
+{
+  uint8_t key[KUZNYECHIK_SUBKEYS_SIZE];
+  uint8_t dekey[KUZNYECHIK_SUBKEYS_SIZE];
+};
+
+void
+kuznyechik_set_key(struct kuznyechik_ctx *ctx, const uint8_t *key);
+
+void
+kuznyechik_encrypt(const struct kuznyechik_ctx *ctx,
+		   size_t length, uint8_t *dst,
+		   const uint8_t *src);
+void
+kuznyechik_decrypt(const struct kuznyechik_ctx *ctx,
+		   size_t length, uint8_t *dst,
+		   const uint8_t *src);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+#endif /* GNUTLS_LIB_NETTLE_KUZNYECHIK_H_INCLUDED */
diff --git a/lib/nettle/gost/kuztable.h b/lib/nettle/gost/kuztable.h
new file mode 100644
index 0000000..a436911
--- /dev/null
+++ b/lib/nettle/gost/kuztable.h
@@ -0,0 +1,12503 @@
+static const uint8_t pi[256] =
+{
+  0xfc, 0xee, 0xdd, 0x11, 0xcf, 0x6e, 0x31, 0x16,
+  0xfb, 0xc4, 0xfa, 0xda, 0x23, 0xc5, 0x04, 0x4d,
+  0xe9, 0x77, 0xf0, 0xdb, 0x93, 0x2e, 0x99, 0xba,
+  0x17, 0x36, 0xf1, 0xbb, 0x14, 0xcd, 0x5f, 0xc1,
+  0xf9, 0x18, 0x65, 0x5a, 0xe2, 0x5c, 0xef, 0x21,
+  0x81, 0x1c, 0x3c, 0x42, 0x8b, 0x01, 0x8e, 0x4f,
+  0x05, 0x84, 0x02, 0xae, 0xe3, 0x6a, 0x8f, 0xa0,
+  0x06, 0x0b, 0xed, 0x98, 0x7f, 0xd4, 0xd3, 0x1f,
+  0xeb, 0x34, 0x2c, 0x51, 0xea, 0xc8, 0x48, 0xab,
+  0xf2, 0x2a, 0x68, 0xa2, 0xfd, 0x3a, 0xce, 0xcc,
+  0xb5, 0x70, 0x0e, 0x56, 0x08, 0x0c, 0x76, 0x12,
+  0xbf, 0x72, 0x13, 0x47, 0x9c, 0xb7, 0x5d, 0x87,
+  0x15, 0xa1, 0x96, 0x29, 0x10, 0x7b, 0x9a, 0xc7,
+  0xf3, 0x91, 0x78, 0x6f, 0x9d, 0x9e, 0xb2, 0xb1,
+  0x32, 0x75, 0x19, 0x3d, 0xff, 0x35, 0x8a, 0x7e,
+  0x6d, 0x54, 0xc6, 0x80, 0xc3, 0xbd, 0x0d, 0x57,
+  0xdf, 0xf5, 0x24, 0xa9, 0x3e, 0xa8, 0x43, 0xc9,
+  0xd7, 0x79, 0xd6, 0xf6, 0x7c, 0x22, 0xb9, 0x03,
+  0xe0, 0x0f, 0xec, 0xde, 0x7a, 0x94, 0xb0, 0xbc,
+  0xdc, 0xe8, 0x28, 0x50, 0x4e, 0x33, 0x0a, 0x4a,
+  0xa7, 0x97, 0x60, 0x73, 0x1e, 0x00, 0x62, 0x44,
+  0x1a, 0xb8, 0x38, 0x82, 0x64, 0x9f, 0x26, 0x41,
+  0xad, 0x45, 0x46, 0x92, 0x27, 0x5e, 0x55, 0x2f,
+  0x8c, 0xa3, 0xa5, 0x7d, 0x69, 0xd5, 0x95, 0x3b,
+  0x07, 0x58, 0xb3, 0x40, 0x86, 0xac, 0x1d, 0xf7,
+  0x30, 0x37, 0x6b, 0xe4, 0x88, 0xd9, 0xe7, 0x89,
+  0xe1, 0x1b, 0x83, 0x49, 0x4c, 0x3f, 0xf8, 0xfe,
+  0x8d, 0x53, 0xaa, 0x90, 0xca, 0xd8, 0x85, 0x61,
+  0x20, 0x71, 0x67, 0xa4, 0x2d, 0x2b, 0x09, 0x5b,
+  0xcb, 0x9b, 0x25, 0xd0, 0xbe, 0xe5, 0x6c, 0x52,
+  0x59, 0xa6, 0x74, 0xd2, 0xe6, 0xf4, 0xb4, 0xc0,
+  0xd1, 0x66, 0xaf, 0xc2, 0x39, 0x4b, 0x63, 0xb6,
+};
+
+static const uint8_t pi_inv[256] =
+{
+  0xa5, 0x2d, 0x32, 0x8f, 0x0e, 0x30, 0x38, 0xc0,
+  0x54, 0xe6, 0x9e, 0x39, 0x55, 0x7e, 0x52, 0x91,
+  0x64, 0x03, 0x57, 0x5a, 0x1c, 0x60, 0x07, 0x18,
+  0x21, 0x72, 0xa8, 0xd1, 0x29, 0xc6, 0xa4, 0x3f,
+  0xe0, 0x27, 0x8d, 0x0c, 0x82, 0xea, 0xae, 0xb4,
+  0x9a, 0x63, 0x49, 0xe5, 0x42, 0xe4, 0x15, 0xb7,
+  0xc8, 0x06, 0x70, 0x9d, 0x41, 0x75, 0x19, 0xc9,
+  0xaa, 0xfc, 0x4d, 0xbf, 0x2a, 0x73, 0x84, 0xd5,
+  0xc3, 0xaf, 0x2b, 0x86, 0xa7, 0xb1, 0xb2, 0x5b,
+  0x46, 0xd3, 0x9f, 0xfd, 0xd4, 0x0f, 0x9c, 0x2f,
+  0x9b, 0x43, 0xef, 0xd9, 0x79, 0xb6, 0x53, 0x7f,
+  0xc1, 0xf0, 0x23, 0xe7, 0x25, 0x5e, 0xb5, 0x1e,
+  0xa2, 0xdf, 0xa6, 0xfe, 0xac, 0x22, 0xf9, 0xe2,
+  0x4a, 0xbc, 0x35, 0xca, 0xee, 0x78, 0x05, 0x6b,
+  0x51, 0xe1, 0x59, 0xa3, 0xf2, 0x71, 0x56, 0x11,
+  0x6a, 0x89, 0x94, 0x65, 0x8c, 0xbb, 0x77, 0x3c,
+  0x7b, 0x28, 0xab, 0xd2, 0x31, 0xde, 0xc4, 0x5f,
+  0xcc, 0xcf, 0x76, 0x2c, 0xb8, 0xd8, 0x2e, 0x36,
+  0xdb, 0x69, 0xb3, 0x14, 0x95, 0xbe, 0x62, 0xa1,
+  0x3b, 0x16, 0x66, 0xe9, 0x5c, 0x6c, 0x6d, 0xad,
+  0x37, 0x61, 0x4b, 0xb9, 0xe3, 0xba, 0xf1, 0xa0,
+  0x85, 0x83, 0xda, 0x47, 0xc5, 0xb0, 0x33, 0xfa,
+  0x96, 0x6f, 0x6e, 0xc2, 0xf6, 0x50, 0xff, 0x5d,
+  0xa9, 0x8e, 0x17, 0x1b, 0x97, 0x7d, 0xec, 0x58,
+  0xf7, 0x1f, 0xfb, 0x7c, 0x09, 0x0d, 0x7a, 0x67,
+  0x45, 0x87, 0xdc, 0xe8, 0x4f, 0x1d, 0x4e, 0x04,
+  0xeb, 0xf8, 0xf3, 0x3e, 0x3d, 0xbd, 0x8a, 0x88,
+  0xdd, 0xcd, 0x0b, 0x13, 0x98, 0x02, 0x93, 0x80,
+  0x90, 0xd0, 0x24, 0x34, 0xcb, 0xed, 0xf4, 0xce,
+  0x99, 0x10, 0x44, 0x40, 0x92, 0x3a, 0x01, 0x26,
+  0x12, 0x1a, 0x48, 0x68, 0xf5, 0x81, 0x8b, 0xc7,
+  0xd6, 0x20, 0x0a, 0x08, 0x00, 0x4c, 0xd7, 0x74,
+};
+
+static const uint8_t kuz_key_table[32][16] =
+{
+  { 0x6e, 0xa2, 0x76, 0x72, 0x6c, 0x48, 0x7a, 0xb8, 0x5d, 0x27, 0xbd, 0x10, 0xdd, 0x84, 0x94, 0x01,},
+  { 0xdc, 0x87, 0xec, 0xe4, 0xd8, 0x90, 0xf4, 0xb3, 0xba, 0x4e, 0xb9, 0x20, 0x79, 0xcb, 0xeb, 0x02,},
+  { 0xb2, 0x25, 0x9a, 0x96, 0xb4, 0xd8, 0x8e, 0x0b, 0xe7, 0x69, 0x04, 0x30, 0xa4, 0x4f, 0x7f, 0x03,},
+  { 0x7b, 0xcd, 0x1b, 0x0b, 0x73, 0xe3, 0x2b, 0xa5, 0xb7, 0x9c, 0xb1, 0x40, 0xf2, 0x55, 0x15, 0x04,},
+  { 0x15, 0x6f, 0x6d, 0x79, 0x1f, 0xab, 0x51, 0x1d, 0xea, 0xbb, 0x0c, 0x50, 0x2f, 0xd1, 0x81, 0x05,},
+  { 0xa7, 0x4a, 0xf7, 0xef, 0xab, 0x73, 0xdf, 0x16, 0x0d, 0xd2, 0x08, 0x60, 0x8b, 0x9e, 0xfe, 0x06,},
+  { 0xc9, 0xe8, 0x81, 0x9d, 0xc7, 0x3b, 0xa5, 0xae, 0x50, 0xf5, 0xb5, 0x70, 0x56, 0x1a, 0x6a, 0x07,},
+  { 0xf6, 0x59, 0x36, 0x16, 0xe6, 0x05, 0x56, 0x89, 0xad, 0xfb, 0xa1, 0x80, 0x27, 0xaa, 0x2a, 0x08,},
+  { 0x98, 0xfb, 0x40, 0x64, 0x8a, 0x4d, 0x2c, 0x31, 0xf0, 0xdc, 0x1c, 0x90, 0xfa, 0x2e, 0xbe, 0x09,},
+  { 0x2a, 0xde, 0xda, 0xf2, 0x3e, 0x95, 0xa2, 0x3a, 0x17, 0xb5, 0x18, 0xa0, 0x5e, 0x61, 0xc1, 0x0a,},
+  { 0x44, 0x7c, 0xac, 0x80, 0x52, 0xdd, 0xd8, 0x82, 0x4a, 0x92, 0xa5, 0xb0, 0x83, 0xe5, 0x55, 0x0b,},
+  { 0x8d, 0x94, 0x2d, 0x1d, 0x95, 0xe6, 0x7d, 0x2c, 0x1a, 0x67, 0x10, 0xc0, 0xd5, 0xff, 0x3f, 0x0c,},
+  { 0xe3, 0x36, 0x5b, 0x6f, 0xf9, 0xae, 0x07, 0x94, 0x47, 0x40, 0xad, 0xd0, 0x08, 0x7b, 0xab, 0x0d,},
+  { 0x51, 0x13, 0xc1, 0xf9, 0x4d, 0x76, 0x89, 0x9f, 0xa0, 0x29, 0xa9, 0xe0, 0xac, 0x34, 0xd4, 0x0e,},
+  { 0x3f, 0xb1, 0xb7, 0x8b, 0x21, 0x3e, 0xf3, 0x27, 0xfd, 0x0e, 0x14, 0xf0, 0x71, 0xb0, 0x40, 0x0f,},
+  { 0x2f, 0xb2, 0x6c, 0x2c, 0x0f, 0x0a, 0xac, 0xd1, 0x99, 0x35, 0x81, 0xc3, 0x4e, 0x97, 0x54, 0x10,},
+  { 0x41, 0x10, 0x1a, 0x5e, 0x63, 0x42, 0xd6, 0x69, 0xc4, 0x12, 0x3c, 0xd3, 0x93, 0x13, 0xc0, 0x11,},
+  { 0xf3, 0x35, 0x80, 0xc8, 0xd7, 0x9a, 0x58, 0x62, 0x23, 0x7b, 0x38, 0xe3, 0x37, 0x5c, 0xbf, 0x12,},
+  { 0x9d, 0x97, 0xf6, 0xba, 0xbb, 0xd2, 0x22, 0xda, 0x7e, 0x5c, 0x85, 0xf3, 0xea, 0xd8, 0x2b, 0x13,},
+  { 0x54, 0x7f, 0x77, 0x27, 0x7c, 0xe9, 0x87, 0x74, 0x2e, 0xa9, 0x30, 0x83, 0xbc, 0xc2, 0x41, 0x14,},
+  { 0x3a, 0xdd, 0x01, 0x55, 0x10, 0xa1, 0xfd, 0xcc, 0x73, 0x8e, 0x8d, 0x93, 0x61, 0x46, 0xd5, 0x15,},
+  { 0x88, 0xf8, 0x9b, 0xc3, 0xa4, 0x79, 0x73, 0xc7, 0x94, 0xe7, 0x89, 0xa3, 0xc5, 0x09, 0xaa, 0x16,},
+  { 0xe6, 0x5a, 0xed, 0xb1, 0xc8, 0x31, 0x09, 0x7f, 0xc9, 0xc0, 0x34, 0xb3, 0x18, 0x8d, 0x3e, 0x17,},
+  { 0xd9, 0xeb, 0x5a, 0x3a, 0xe9, 0x0f, 0xfa, 0x58, 0x34, 0xce, 0x20, 0x43, 0x69, 0x3d, 0x7e, 0x18,},
+  { 0xb7, 0x49, 0x2c, 0x48, 0x85, 0x47, 0x80, 0xe0, 0x69, 0xe9, 0x9d, 0x53, 0xb4, 0xb9, 0xea, 0x19,},
+  { 0x05, 0x6c, 0xb6, 0xde, 0x31, 0x9f, 0x0e, 0xeb, 0x8e, 0x80, 0x99, 0x63, 0x10, 0xf6, 0x95, 0x1a,},
+  { 0x6b, 0xce, 0xc0, 0xac, 0x5d, 0xd7, 0x74, 0x53, 0xd3, 0xa7, 0x24, 0x73, 0xcd, 0x72, 0x01, 0x1b,},
+  { 0xa2, 0x26, 0x41, 0x31, 0x9a, 0xec, 0xd1, 0xfd, 0x83, 0x52, 0x91, 0x03, 0x9b, 0x68, 0x6b, 0x1c,},
+  { 0xcc, 0x84, 0x37, 0x43, 0xf6, 0xa4, 0xab, 0x45, 0xde, 0x75, 0x2c, 0x13, 0x46, 0xec, 0xff, 0x1d,},
+  { 0x7e, 0xa1, 0xad, 0xd5, 0x42, 0x7c, 0x25, 0x4e, 0x39, 0x1c, 0x28, 0x23, 0xe2, 0xa3, 0x80, 0x1e,},
+  { 0x10, 0x03, 0xdb, 0xa7, 0x2e, 0x34, 0x5f, 0xf6, 0x64, 0x3b, 0x95, 0x33, 0x3f, 0x27, 0x14, 0x1f,},
+  { 0x5e, 0xa7, 0xd8, 0x58, 0x1e, 0x14, 0x9b, 0x61, 0xf1, 0x6a, 0xc1, 0x45, 0x9c, 0xed, 0xa8, 0x20,},
+};
+
+static const uint8_t kuz_table[16][256 * 16] =
+{
+  { /* 0 */
+    0xe9, 0xfb, 0xd5, 0x0c, 0x7a, 0xc0, 0x80, 0x96, 0x19, 0x11, 0x87, 0x93, 0x1b, 0xc9, 0xae, 0xb5,
+    0x19, 0x08, 0xe0, 0x8c, 0xb2, 0x17, 0x1a, 0xce, 0x7b, 0x32, 0xfc, 0xab, 0xf8, 0xfe, 0xf2, 0x0a,
+    0xbf, 0xcb, 0xd0, 0xa2, 0x50, 0xb2, 0xdc, 0x77, 0xc0, 0xbd, 0xca, 0xef, 0x4e, 0x88, 0xc7, 0x89,
+    0x62, 0x41, 0x10, 0x1a, 0x5e, 0x63, 0x42, 0xd6, 0x69, 0xc4, 0x12, 0x3c, 0xd3, 0x93, 0x13, 0xc0,
+    0x4f, 0x38, 0xe5, 0x22, 0x98, 0x65, 0x46, 0x2f, 0xa2, 0x9e, 0xb1, 0xd7, 0xad, 0xbf, 0x9b, 0x36,
+    0x38, 0xb3, 0x39, 0x6a, 0x11, 0x6f, 0x4a, 0xe7, 0x3c, 0x70, 0x97, 0x29, 0x2f, 0xcb, 0xc0, 0xef,
+    0xfb, 0x1f, 0xb7, 0xc2, 0x06, 0x7d, 0x56, 0x4d, 0x08, 0x35, 0x78, 0xfd, 0x96, 0x0f, 0xfe, 0x68,
+    0x4a, 0x88, 0xf8, 0x9b, 0xc3, 0xa4, 0x79, 0x73, 0xc7, 0x94, 0xe7, 0x89, 0xa3, 0xc5, 0x09, 0xaa,
+    0xc1, 0x32, 0x3d, 0x8d, 0xe7, 0x07, 0xbb, 0x33, 0xb7, 0x41, 0x72, 0x26, 0x6b, 0x9f, 0xb4, 0xdf,
+    0x6a, 0x7c, 0x99, 0x8e, 0x18, 0x37, 0x9b, 0xf7, 0x20, 0xd4, 0x23, 0x72, 0x1d, 0x3c, 0x7e, 0x63,
+    0x0e, 0x5c, 0x9f, 0xfb, 0x95, 0x6b, 0xf3, 0x49, 0x0f, 0x1c, 0x55, 0x9b, 0x7b, 0x42, 0x30, 0x4b,
+    0x97, 0x02, 0x38, 0x23, 0xcd, 0x75, 0xe7, 0xd2, 0x6e, 0xed, 0x3f, 0x5a, 0x3e, 0xde, 0xdd, 0xe3,
+    0x0b, 0xec, 0x82, 0x42, 0xce, 0xaa, 0xcc, 0x15, 0x6a, 0x16, 0x03, 0xc5, 0x75, 0x38, 0xa2, 0xd7,
+    0xa5, 0x12, 0x3b, 0xf8, 0x6a, 0x5b, 0xd3, 0x8d, 0x98, 0x89, 0x04, 0xcf, 0x0d, 0xe1, 0xfa, 0xf7,
+    0xba, 0x7b, 0xcd, 0x1b, 0x0b, 0x73, 0xe3, 0x2b, 0xa5, 0xb7, 0x9c, 0xb1, 0x40, 0xf2, 0x55, 0x15,
+    0x33, 0x5f, 0xbb, 0x28, 0xdf, 0xc5, 0x86, 0xf2, 0x56, 0x66, 0x94, 0xec, 0x5a, 0xf3, 0x62, 0x38,
+    0x31, 0xc1, 0x08, 0x0d, 0x2f, 0xd0, 0x21, 0x6b, 0xd5, 0x62, 0x09, 0x1e, 0x88, 0xa8, 0xe8, 0x60,
+    0xed, 0x04, 0x70, 0x46, 0x59, 0xea, 0x0d, 0x67, 0xdc, 0x19, 0x7e, 0xb4, 0x7c, 0x7f, 0x79, 0x05,
+    0xe4, 0x76, 0x41, 0x21, 0x67, 0x55, 0x66, 0xeb, 0x35, 0x0b, 0xe0, 0x83, 0xdb, 0x1c, 0x51, 0x8a,
+    0x58, 0x6c, 0x9a, 0x55, 0xbf, 0x19, 0xaf, 0xa8, 0xd6, 0xb0, 0x18, 0xe7, 0x2e, 0x03, 0x59, 0x77,
+    0x1e, 0x26, 0x4e, 0x10, 0x19, 0xc3, 0x82, 0x0b, 0x9d, 0x3c, 0x37, 0x07, 0x24, 0xdf, 0xea, 0xce,
+    0xc9, 0x0f, 0xb4, 0x19, 0xa1, 0x53, 0x62, 0x12, 0xfe, 0x51, 0x43, 0x68, 0xa5, 0x30, 0xd9, 0x7c,
+    0xf4, 0x0c, 0x90, 0xca, 0xeb, 0xfd, 0x17, 0xa9, 0xa7, 0x2b, 0x82, 0x1f, 0x84, 0x81, 0x8b, 0x0f,
+    0xff, 0xe0, 0x12, 0x88, 0x25, 0x57, 0xdb, 0xbc, 0xcd, 0x3d, 0x81, 0xda, 0xf1, 0xb9, 0x29, 0xd8,
+    0x85, 0xe6, 0x5a, 0xed, 0xb1, 0xc8, 0x31, 0x09, 0x7f, 0xc9, 0xc0, 0x34, 0xb3, 0x18, 0x8d, 0x3e,
+    0xd3, 0xd6, 0x5f, 0x43, 0x9b, 0xba, 0x6d, 0xe8, 0xa6, 0x65, 0x8d, 0x48, 0xe6, 0x59, 0xe4, 0x02,
+    0x2b, 0x18, 0xe3, 0x57, 0x15, 0x39, 0x2e, 0x91, 0x8d, 0x56, 0xc7, 0x3e, 0xcb, 0xc1, 0xd5, 0x1e,
+    0x30, 0x8e, 0xb0, 0xfe, 0x57, 0x3b, 0x93, 0xc6, 0x75, 0x60, 0xa6, 0x67, 0xe1, 0x64, 0xad, 0x4c,
+    0x17, 0x54, 0x7f, 0x77, 0x27, 0x7c, 0xe9, 0x87, 0x74, 0x2e, 0xa9, 0x30, 0x83, 0xbc, 0xc2, 0x41,
+    0x12, 0xe4, 0x62, 0xce, 0x7c, 0xbd, 0xd6, 0xdb, 0x11, 0x24, 0xff, 0x6e, 0x8d, 0xc6, 0x50, 0xdd,
+    0xc3, 0xac, 0x8e, 0xa8, 0x17, 0x12, 0x1c, 0xaa, 0x34, 0x45, 0xef, 0xd4, 0xb9, 0xc4, 0x3e, 0x87,
+    0x1f, 0x69, 0xf6, 0xe3, 0x61, 0x28, 0x30, 0xa6, 0x3d, 0x3e, 0x98, 0x7e, 0x4d, 0x13, 0xaf, 0xe2,
+    0x9c, 0xee, 0xba, 0x61, 0x03, 0xdf, 0x2b, 0xc7, 0x04, 0xfb, 0x3c, 0x9f, 0x4b, 0xe6, 0x7f, 0x34,
+    0x1a, 0xd9, 0xeb, 0x5a, 0x3a, 0xe9, 0x0f, 0xfa, 0x58, 0x34, 0xce, 0x20, 0x43, 0x69, 0x3d, 0x7e,
+    0x1d, 0xf7, 0x45, 0xc6, 0x91, 0x3d, 0x97, 0x3f, 0xbe, 0x3a, 0x05, 0x8c, 0x9f, 0x48, 0x25, 0xba,
+    0xb6, 0xb9, 0xe1, 0xc5, 0x6e, 0x0d, 0xb7, 0xfb, 0x29, 0xaf, 0x54, 0xd8, 0xe9, 0xeb, 0xef, 0x06,
+    0x14, 0x85, 0x74, 0xa1, 0xaf, 0x82, 0xfc, 0xb3, 0x57, 0x28, 0x9b, 0xbb, 0x38, 0x2b, 0x0d, 0x35,
+    0x51, 0x1e, 0xab, 0x32, 0x81, 0xa6, 0xc4, 0x24, 0x3f, 0xa2, 0x86, 0xd0, 0x89, 0x60, 0x71, 0xf8,
+    0xd6, 0x66, 0x42, 0xfa, 0xc0, 0x7b, 0x52, 0xb4, 0xc3, 0x6f, 0xdb, 0x16, 0xe8, 0x23, 0x76, 0x9e,
+    0x56, 0x30, 0x05, 0xae, 0x2a, 0x72, 0x5c, 0xe1, 0xd9, 0xac, 0x4d, 0x7c, 0x55, 0x41, 0x69, 0x3c,
+    0xee, 0xd5, 0x7b, 0x90, 0xd1, 0x14, 0x18, 0x53, 0xff, 0x1f, 0x4c, 0x3f, 0xc7, 0xe8, 0xb6, 0x71,
+    0xa0, 0xa2, 0x26, 0x41, 0x31, 0x9a, 0xec, 0xd1, 0xfd, 0x83, 0x52, 0x91, 0x03, 0x9b, 0x68, 0x6b,
+    0x39, 0xfc, 0x81, 0x99, 0x69, 0x84, 0xf8, 0x4a, 0x9c, 0x72, 0x38, 0x50, 0x46, 0x07, 0x85, 0xc3,
+    0xac, 0x60, 0x0a, 0x9f, 0x54, 0xe4, 0xb8, 0x01, 0x71, 0x9b, 0x9a, 0xf8, 0xaa, 0x82, 0xd2, 0x78,
+    0x04, 0xff, 0xa5, 0x4a, 0x23, 0x2a, 0x8d, 0xf1, 0xc5, 0x08, 0xf9, 0x27, 0x67, 0xb6, 0xd7, 0xb0,
+    0xcf, 0x6e, 0xa2, 0x76, 0x72, 0x6c, 0x48, 0x7a, 0xb8, 0x5d, 0x27, 0xbd, 0x10, 0xdd, 0x84, 0x94,
+    0x71, 0xea, 0xca, 0x27, 0x5a, 0x35, 0x26, 0xa0, 0xd8, 0xe2, 0x42, 0x2b, 0x37, 0x99, 0x06, 0x31,
+    0x6e, 0x83, 0x3c, 0xc4, 0x3b, 0x1d, 0x16, 0x06, 0xe5, 0xdc, 0xda, 0x55, 0x7a, 0x8a, 0xa9, 0xd3,
+    0x75, 0x15, 0x6f, 0x6d, 0x79, 0x1f, 0xab, 0x51, 0x1d, 0xea, 0xbb, 0x0c, 0x50, 0x2f, 0xd1, 0x81,
+    0x9b, 0xc0, 0x14, 0xfd, 0xa8, 0x0b, 0xb3, 0x02, 0xe2, 0xf5, 0xf7, 0x33, 0x97, 0xc7, 0x67, 0xf0,
+    0x5d, 0xdc, 0x87, 0xec, 0xe4, 0xd8, 0x90, 0xf4, 0xb3, 0xba, 0x4e, 0xb9, 0x20, 0x79, 0xcb, 0xeb,
+    0xe8, 0xb4, 0x6d, 0xff, 0x02, 0x2b, 0x32, 0x3b, 0xb9, 0x13, 0x28, 0xea, 0x72, 0x05, 0xeb, 0x99,
+    0xdb, 0xeb, 0xd6, 0xd7, 0xdd, 0xee, 0xb4, 0xc9, 0xef, 0x75, 0xbc, 0x06, 0x28, 0xf6, 0x89, 0xa1,
+    0x82, 0xc8, 0xf4, 0x71, 0x1a, 0x1c, 0xa9, 0xcc, 0x99, 0xc7, 0x0b, 0x98, 0x6f, 0x39, 0x95, 0xfa,
+    0xbe, 0x84, 0x68, 0x51, 0x28, 0x59, 0x6e, 0xda, 0x60, 0xbf, 0x65, 0x96, 0x27, 0x44, 0x82, 0xa5,
+    0xb8, 0xe5, 0x7e, 0x3e, 0xfb, 0x66, 0x44, 0xb2, 0x26, 0xb3, 0x01, 0x43, 0x92, 0xa9, 0xdf, 0x4d,
+    0xe7, 0xa7, 0x4a, 0xf7, 0xef, 0xab, 0x73, 0xdf, 0x16, 0x0d, 0xd2, 0x08, 0x60, 0x8b, 0x9e, 0xfe,
+    0x25, 0x44, 0x7c, 0xac, 0x80, 0x52, 0xdd, 0xd8, 0x82, 0x4a, 0x92, 0xa5, 0xb0, 0x83, 0xe5, 0x55,
+    0x8b, 0xba, 0xc5, 0x16, 0x24, 0xa3, 0xc2, 0x40, 0x70, 0xd5, 0x95, 0xaf, 0xc8, 0x5a, 0xbd, 0x75,
+    0x3b, 0x62, 0x32, 0xbc, 0x99, 0x91, 0x5f, 0xd3, 0x1f, 0x76, 0xa5, 0xa2, 0x94, 0x5c, 0x0f, 0x9b,
+    0x5a, 0xf2, 0x29, 0x70, 0x4f, 0x0c, 0x08, 0x31, 0x55, 0xb4, 0x85, 0x15, 0xfc, 0x58, 0xd3, 0x2f,
+    0xc7, 0x53, 0x2b, 0xe2, 0x34, 0x38, 0x91, 0x5b, 0xf1, 0x4d, 0x16, 0xf3, 0xde, 0x72, 0xe9, 0x37,
+    0xef, 0x9a, 0xc3, 0x63, 0xa9, 0xff, 0xaa, 0xfe, 0x5f, 0x1d, 0xe3, 0x46, 0xae, 0x24, 0xf3, 0x5d,
+    0x32, 0x10, 0x03, 0xdb, 0xa7, 0x2e, 0x34, 0x5f, 0xf6, 0x64, 0x3b, 0x95, 0x33, 0x3f, 0x27, 0x14,
+    0x6c, 0x1d, 0x8f, 0xe1, 0xcb, 0x08, 0xb1, 0x9f, 0x66, 0xd8, 0x47, 0xa7, 0xa8, 0xd1, 0x23, 0x8b,
+    0x8e, 0x0a, 0xd8, 0xaf, 0x7f, 0x62, 0xfd, 0x1c, 0x15, 0xdf, 0xc3, 0xf1, 0xc6, 0x20, 0x2f, 0xe9,
+    0x94, 0xd3, 0x33, 0xf5, 0x45, 0x8b, 0xf2, 0xe6, 0x4d, 0xeb, 0x0d, 0xd1, 0x85, 0x49, 0x12, 0x97,
+    0x93, 0xfd, 0x9d, 0x69, 0xee, 0x5f, 0x6a, 0x23, 0xab, 0xe5, 0xc6, 0x7d, 0x59, 0x68, 0x0a, 0x53,
+    0xa3, 0x73, 0x2d, 0x97, 0xb9, 0x64, 0xf9, 0xe5, 0xde, 0x85, 0x60, 0x1a, 0xb8, 0x0c, 0xa7, 0x1f,
+    0x67, 0xf1, 0x0d, 0xa3, 0x05, 0xa2, 0x7d, 0x8a, 0x0c, 0xce, 0x44, 0x62, 0xdd, 0xe9, 0x81, 0x5c,
+    0x46, 0x4a, 0xd4, 0x45, 0xa6, 0xda, 0x2d, 0xa3, 0x4b, 0x8c, 0x2f, 0xe0, 0x0a, 0xdc, 0xb3, 0xb9,
+    0x9d, 0xa1, 0x02, 0x92, 0x7b, 0x34, 0x99, 0x6a, 0xa4, 0xf9, 0x93, 0xe6, 0x22, 0x2a, 0x3a, 0x18,
+    0xb9, 0xaa, 0xc6, 0xcd, 0x83, 0x8d, 0xf6, 0x1f, 0x86, 0xb1, 0xae, 0x3a, 0xfb, 0x65, 0x9a, 0x61,
+    0x73, 0x74, 0x79, 0x02, 0xaa, 0x20, 0x81, 0x39, 0x5b, 0xe6, 0xdf, 0xd9, 0xe5, 0xc2, 0x8c, 0x69,
+    0xdf, 0x14, 0x73, 0x9d, 0xfe, 0xc4, 0x39, 0x38, 0x2a, 0x7d, 0x45, 0x21, 0x4f, 0x40, 0x5e, 0x11,
+    0xe5, 0x39, 0xf9, 0xd2, 0x1f, 0xbe, 0xd4, 0x46, 0x95, 0x09, 0x4f, 0xfa, 0xb2, 0xd0, 0x14, 0xa6,
+    0x26, 0x95, 0x77, 0x7a, 0x08, 0xac, 0xc8, 0xec, 0xa1, 0x4c, 0xa0, 0x2e, 0x0b, 0x14, 0x2a, 0x21,
+    0xde, 0x5b, 0xcb, 0x6e, 0x86, 0x2f, 0x8b, 0x95, 0x8a, 0x7f, 0xea, 0x58, 0x26, 0x8c, 0x1b, 0x3d,
+    0x80, 0x56, 0x47, 0x54, 0xea, 0x09, 0x0e, 0x55, 0x1a, 0xc3, 0x96, 0x6a, 0xbd, 0x62, 0x1f, 0xa2,
+    0xdd, 0x8a, 0xc0, 0xb8, 0x0e, 0xd1, 0x9e, 0xa1, 0xa9, 0x79, 0xd8, 0xd3, 0x9d, 0x1b, 0xd4, 0x49,
+    0x60, 0xdf, 0xa3, 0x3f, 0xae, 0x76, 0xe5, 0x4f, 0xea, 0xc0, 0x8f, 0xce, 0x01, 0xc8, 0x99, 0x98,
+    0xc5, 0xcd, 0x98, 0xc7, 0xc4, 0x2d, 0x36, 0xc2, 0x72, 0x49, 0x8b, 0x01, 0x0c, 0x29, 0x63, 0x6f,
+    0x50, 0x51, 0x13, 0xc1, 0xf9, 0x4d, 0x76, 0x89, 0x9f, 0xa0, 0x29, 0xa9, 0xe0, 0xac, 0x34, 0xd4,
+    0xbb, 0x34, 0x75, 0xe8, 0x73, 0x98, 0x51, 0x86, 0x05, 0xb5, 0x33, 0xc8, 0x29, 0x3e, 0x10, 0x39,
+    0xb7, 0xf6, 0x59, 0x36, 0x16, 0xe6, 0x05, 0x56, 0x89, 0xad, 0xfb, 0xa1, 0x80, 0x27, 0xaa, 0x2a,
+    0x0d, 0x8d, 0x94, 0x2d, 0x1d, 0x95, 0xe6, 0x7d, 0x2c, 0x1a, 0x67, 0x10, 0xc0, 0xd5, 0xff, 0x3f,
+    0x22, 0x6a, 0xd2, 0x30, 0x2b, 0x86, 0x45, 0x1d, 0x64, 0x44, 0x59, 0x09, 0x6c, 0xa2, 0xfd, 0x91,
+    0xf0, 0xf3, 0x35, 0x80, 0xc8, 0xd7, 0x9a, 0x58, 0x62, 0x23, 0x7b, 0x38, 0xe3, 0x37, 0x5c, 0xbf,
+    0x8a, 0xf5, 0x7d, 0xe5, 0x5c, 0x48, 0x70, 0xed, 0xd0, 0xd7, 0x3a, 0xd6, 0xa1, 0x96, 0xf8, 0x59,
+    0x98, 0x11, 0x1f, 0x2b, 0x20, 0xf5, 0xa6, 0x36, 0xc1, 0xf3, 0xc5, 0xb8, 0x2c, 0x50, 0xa8, 0x84,
+    0x3f, 0x9d, 0x97, 0xf6, 0xba, 0xbb, 0xd2, 0x22, 0xda, 0x7e, 0x5c, 0x85, 0xf3, 0xea, 0xd8, 0x2b,
+    0xd9, 0x75, 0x65, 0xf2, 0x2d, 0xfb, 0x13, 0x50, 0x6c, 0x71, 0x21, 0xf4, 0xfa, 0xad, 0x03, 0xf9,
+    0x81, 0x19, 0xff, 0xa7, 0x92, 0xe2, 0xbc, 0xf8, 0xba, 0xc1, 0x39, 0x13, 0xd4, 0xae, 0x5a, 0x8e,
+    0x3d, 0x03, 0x24, 0xd3, 0x4a, 0xae, 0x75, 0xbb, 0x59, 0x7a, 0xc1, 0x77, 0x21, 0xb1, 0x52, 0x73,
+    0x9e, 0x70, 0x09, 0x44, 0xf3, 0xca, 0x8c, 0x5e, 0x87, 0xff, 0xa1, 0x6d, 0x99, 0xbd, 0xf5, 0x6c,
+    0x09, 0x72, 0x31, 0x67, 0x3e, 0xbf, 0x6b, 0x8c, 0xe9, 0x12, 0x9e, 0x37, 0xa7, 0x63, 0x28, 0x8f,
+    0xd8, 0x3a, 0xdd, 0x01, 0x55, 0x10, 0xa1, 0xfd, 0xcc, 0x73, 0x8e, 0x8d, 0x93, 0x61, 0x46, 0xd5,
+    0x77, 0x8b, 0xdc, 0x48, 0x89, 0x0a, 0x0c, 0xc8, 0x9e, 0xee, 0x26, 0xfe, 0x82, 0x74, 0x5b, 0xd9,
+    0x6b, 0x33, 0x21, 0x7d, 0x60, 0xdc, 0x29, 0x5a, 0x80, 0xd6, 0x8c, 0x0b, 0x74, 0xf0, 0x3b, 0x4f,
+    0xe1, 0xc6, 0x5c, 0x98, 0x3c, 0x94, 0x59, 0xb7, 0x50, 0x01, 0xb6, 0xdd, 0xd5, 0x66, 0xc3, 0x16,
+    0xad, 0x2f, 0xb2, 0x6c, 0x2c, 0x0f, 0x0a, 0xac, 0xd1, 0x99, 0x35, 0x81, 0xc3, 0x4e, 0x97, 0x54,
+    0xe0, 0x89, 0xe4, 0x6b, 0x44, 0x7f, 0xeb, 0x1a, 0xf0, 0x03, 0x19, 0xa4, 0xbc, 0xaa, 0x86, 0x3a,
+    0x66, 0xbe, 0xb5, 0x50, 0x7d, 0x49, 0xcf, 0x27, 0xac, 0xcc, 0xeb, 0x1b, 0xb4, 0x25, 0xc4, 0x70,
+    0xf8, 0xce, 0xbc, 0x14, 0x8e, 0x83, 0x43, 0x79, 0x2b, 0x33, 0x4a, 0x76, 0x2d, 0x98, 0x31, 0x1c,
+    0x76, 0xc4, 0x64, 0xbb, 0xf1, 0xe1, 0xbe, 0x65, 0x3e, 0xec, 0x89, 0x87, 0xeb, 0xb8, 0x1e, 0xf5,
+    0x43, 0xfa, 0xc9, 0xfc, 0xfd, 0x1b, 0x12, 0xff, 0x2e, 0x86, 0x79, 0xbe, 0x04, 0xa6, 0x21, 0x25,
+    0x72, 0x3b, 0xc1, 0xf1, 0xd2, 0xcb, 0x33, 0x94, 0xfb, 0xe4, 0x70, 0xa0, 0x8c, 0x0e, 0xc9, 0x45,
+    0xf7, 0xdd, 0x9b, 0x1c, 0x63, 0x03, 0x02, 0x9d, 0x84, 0x2d, 0xb0, 0x94, 0x3f, 0x16, 0x44, 0x7b,
+    0x4e, 0x77, 0x5d, 0xd1, 0xe0, 0x8e, 0xf4, 0x82, 0x02, 0x9c, 0x1e, 0xae, 0xc4, 0x73, 0xde, 0x1a,
+    0xdc, 0xc5, 0x78, 0x4b, 0x76, 0x3a, 0x2c, 0x0c, 0x09, 0x7b, 0x77, 0xaa, 0xf4, 0xd7, 0x91, 0x65,
+    0x48, 0x16, 0x4b, 0xbe, 0x33, 0xb1, 0xde, 0xea, 0x44, 0x90, 0x7a, 0x7b, 0x71, 0x9e, 0x83, 0xf2,
+    0xda, 0xa4, 0x6e, 0x24, 0xa5, 0x05, 0x06, 0x64, 0x4f, 0x77, 0x13, 0x7f, 0x41, 0x3a, 0xcc, 0x8d,
+    0x69, 0xad, 0x92, 0x58, 0x90, 0xc9, 0x8e, 0xc3, 0x03, 0xd2, 0x11, 0xf9, 0xa6, 0xab, 0xb1, 0x17,
+    0xb0, 0xd8, 0xf7, 0xaa, 0xbd, 0x32, 0x9d, 0x93, 0x6f, 0xa3, 0x30, 0x0d, 0x5c, 0x06, 0xb2, 0xee,
+    0xd5, 0xb7, 0x49, 0x2c, 0x48, 0x85, 0x47, 0x80, 0xe0, 0x69, 0xe9, 0x9d, 0x53, 0xb4, 0xb9, 0xea,
+    0xf6, 0x92, 0x23, 0xef, 0x1b, 0xe8, 0xb0, 0x30, 0x24, 0x2f, 0x1f, 0xed, 0x56, 0xda, 0x01, 0x57,
+    0x7b, 0x49, 0xf0, 0x96, 0xec, 0x74, 0x58, 0x18, 0x12, 0xf6, 0xee, 0x97, 0x2b, 0x6d, 0xe1, 0xca,
+    0x41, 0x64, 0x7a, 0xd9, 0x0d, 0x0e, 0xb5, 0x66, 0xad, 0x82, 0xe4, 0x4c, 0xd6, 0xfd, 0xab, 0x7d,
+    0xcb, 0x91, 0x07, 0x3c, 0x51, 0x46, 0xc5, 0x8b, 0x7d, 0x55, 0xde, 0x9a, 0x77, 0x6b, 0x53, 0x24,
+    0x95, 0x9c, 0x8b, 0x06, 0x3d, 0x60, 0x40, 0x4b, 0xed, 0xe9, 0xa2, 0xa8, 0xec, 0x85, 0x57, 0xbb,
+    0xaa, 0x01, 0x1c, 0xf0, 0x87, 0xdb, 0x92, 0x69, 0x37, 0x97, 0xfe, 0x2d, 0x1f, 0x6f, 0x8f, 0x90,
+    0xe6, 0xe8, 0xf2, 0x04, 0x97, 0x40, 0xc1, 0x72, 0xb6, 0x0f, 0x7d, 0x71, 0x09, 0x47, 0xdb, 0xd2,
+    0x37, 0xa0, 0x1e, 0x62, 0xfc, 0xef, 0x0b, 0x03, 0x93, 0x6e, 0x6d, 0xcb, 0x3d, 0x45, 0xb5, 0x88,
+    0x21, 0xbb, 0xd9, 0xe6, 0xa3, 0x78, 0x50, 0x29, 0x47, 0x42, 0x6b, 0x82, 0xd7, 0x35, 0x32, 0xe5,
+    0x42, 0xb5, 0x71, 0x0f, 0x85, 0xf0, 0xa0, 0x52, 0x8e, 0x84, 0xd6, 0xc7, 0x6d, 0x6a, 0x64, 0x09,
+    0xd7, 0x29, 0xfa, 0x09, 0xb8, 0x90, 0xe0, 0x19, 0x63, 0x6d, 0x74, 0x6f, 0x81, 0xef, 0x33, 0xb2,
+    0xc2, 0xe3, 0x36, 0x5b, 0x6f, 0xf9, 0xae, 0x07, 0x94, 0x47, 0x40, 0xad, 0xd0, 0x08, 0x7b, 0xab,
+    0x74, 0x5a, 0xd7, 0x9e, 0x01, 0xf4, 0x19, 0xfc, 0xbd, 0xe8, 0x14, 0x75, 0x39, 0xe3, 0x94, 0xad,
+    0xe2, 0x17, 0x57, 0x4e, 0xb4, 0x6a, 0x4c, 0x83, 0x73, 0x07, 0x84, 0x56, 0x6e, 0xf1, 0x0c, 0x62,
+    0x91, 0x63, 0x2e, 0x4c, 0x1e, 0x4a, 0xcd, 0xba, 0x28, 0xe1, 0x5b, 0x8f, 0x8b, 0x33, 0x80, 0x0b,
+    0x23, 0x25, 0x6a, 0xc3, 0x53, 0x6d, 0xf7, 0xb0, 0xc4, 0x46, 0xf6, 0x70, 0x05, 0x6e, 0xb8, 0xbd,
+    0xc0, 0x7d, 0x85, 0x7e, 0x9f, 0xec, 0x09, 0x9e, 0x17, 0x43, 0xdd, 0x5f, 0x02, 0x53, 0xf1, 0xf3,
+    0x64, 0x20, 0x06, 0x75, 0x8d, 0x5c, 0x68, 0xbe, 0x2f, 0xc8, 0x76, 0xe9, 0x66, 0x7e, 0x4e, 0x28,
+    0x0f, 0x13, 0x27, 0x08, 0xed, 0x80, 0x41, 0xe4, 0xaf, 0x1e, 0xfa, 0xe2, 0x12, 0x8e, 0x75, 0x67,
+    0x63, 0x0e, 0xa8, 0xe9, 0x26, 0x88, 0xf0, 0x7b, 0xc9, 0xc6, 0xbd, 0x45, 0xba, 0x5f, 0x56, 0xec,
+    0xa8, 0x9f, 0xaf, 0xd5, 0x77, 0xce, 0x35, 0xf0, 0xb4, 0x93, 0x63, 0xdf, 0xcd, 0x34, 0x05, 0xc8,
+    0x55, 0xe1, 0x0e, 0x78, 0xa2, 0x8c, 0x49, 0xd5, 0xfa, 0xaa, 0x7f, 0xf7, 0xee, 0xd6, 0xa6, 0x48,
+    0xbd, 0x55, 0x63, 0x87, 0xa0, 0xa7, 0x7b, 0xee, 0x43, 0xb9, 0x57, 0x1d, 0x9c, 0xd3, 0x4d, 0xd1,
+    0x9a, 0x8f, 0xac, 0x0e, 0xd0, 0xe0, 0x01, 0xaf, 0x42, 0xf7, 0x58, 0x4a, 0xfe, 0x0b, 0x22, 0xdc,
+    0x03, 0xd1, 0x0b, 0xd6, 0x88, 0xfe, 0x15, 0x34, 0x23, 0x06, 0x32, 0x8b, 0xbb, 0x97, 0xcf, 0x74,
+    0xc8, 0x40, 0x0c, 0xea, 0xd9, 0xb8, 0xd0, 0xbf, 0x5e, 0x53, 0xec, 0x11, 0xcc, 0xfc, 0x9c, 0x50,
+    0xc4, 0x82, 0x20, 0x34, 0xbc, 0xc6, 0x84, 0x6f, 0xd2, 0x4b, 0x24, 0x78, 0x65, 0xe5, 0x26, 0x43,
+    0x6d, 0x52, 0x37, 0x12, 0xb3, 0xe3, 0x03, 0x32, 0xc6, 0xda, 0xe8, 0xde, 0xc1, 0x1d, 0x66, 0xa7,
+    0x92, 0xb2, 0x25, 0x9a, 0x96, 0xb4, 0xd8, 0x8e, 0x0b, 0xe7, 0x69, 0x04, 0x30, 0xa4, 0x4f, 0x7f,
+    0x49, 0x59, 0xf3, 0x4d, 0x4b, 0x5a, 0x6c, 0x47, 0xe4, 0x92, 0xd5, 0x02, 0x18, 0x52, 0xc6, 0xde,
+    0x9f, 0x3f, 0xb1, 0xb7, 0x8b, 0x21, 0x3e, 0xf3, 0x27, 0xfd, 0x0e, 0x14, 0xf0, 0x71, 0xb0, 0x40,
+    0x44, 0xd4, 0x67, 0x60, 0x56, 0xcf, 0x8a, 0x3a, 0xc8, 0x88, 0xb2, 0x12, 0xd8, 0x87, 0x39, 0xe1,
+    0x2d, 0x79, 0xf5, 0x38, 0xc6, 0x06, 0x04, 0xf9, 0xcb, 0x5a, 0xa3, 0xeb, 0x7e, 0x2c, 0x88, 0xf6,
+    0x2f, 0xe7, 0x46, 0x1d, 0x36, 0x13, 0xa3, 0x60, 0x48, 0x5e, 0x3e, 0x19, 0xac, 0x77, 0x02, 0xae,
+    0x36, 0xef, 0xa6, 0x91, 0x84, 0x04, 0xb9, 0xae, 0x33, 0x6c, 0xc2, 0xb2, 0x54, 0x89, 0xf0, 0xa4,
+    0x15, 0xca, 0xcc, 0x52, 0xd7, 0x69, 0x4e, 0x1e, 0xf7, 0x2a, 0x34, 0xc2, 0x51, 0xe7, 0x48, 0x19,
+    0x18, 0x47, 0x58, 0x7f, 0xca, 0xfc, 0xa8, 0x63, 0xdb, 0x30, 0x53, 0xd2, 0x91, 0x32, 0xb7, 0x26,
+    0x70, 0xa5, 0x72, 0xd4, 0x22, 0xde, 0x94, 0x0d, 0x78, 0xe0, 0xed, 0x52, 0x5e, 0x55, 0x43, 0x1d,
+    0xfe, 0xaf, 0xaa, 0x7b, 0x5d, 0xbc, 0x69, 0x11, 0x6d, 0x3f, 0x2e, 0xa3, 0x98, 0x75, 0x6c, 0xf4,
+    0x2e, 0xa8, 0xfe, 0xee, 0x4e, 0xf8, 0x11, 0xcd, 0xe8, 0x5c, 0x91, 0x60, 0xc5, 0xbb, 0x47, 0x82,
+    0x5c, 0x93, 0x3f, 0x1f, 0x9c, 0x33, 0x22, 0x59, 0x13, 0xb8, 0xe1, 0xc0, 0x49, 0xb5, 0x8e, 0xc7,
+    0xa1, 0xed, 0x9e, 0xb2, 0x49, 0x71, 0x5e, 0x7c, 0x5d, 0x81, 0xfd, 0xe8, 0x6a, 0x57, 0x2d, 0x47,
+    0xa6, 0xc3, 0x30, 0x2e, 0xe2, 0xa5, 0xc6, 0xb9, 0xbb, 0x8f, 0x36, 0x44, 0xb6, 0x76, 0x35, 0x83,
+    0xea, 0x2a, 0xde, 0xda, 0xf2, 0x3e, 0x95, 0xa2, 0x3a, 0x17, 0xb5, 0x18, 0xa0, 0x5e, 0x61, 0xc1,
+    0x1b, 0x96, 0x53, 0xa9, 0x42, 0x02, 0xbd, 0x57, 0xf8, 0x36, 0x61, 0x59, 0x2a, 0xa5, 0x78, 0x52,
+    0x90, 0x2c, 0x96, 0xbf, 0x66, 0xa1, 0x7f, 0x17, 0x88, 0xe3, 0xf4, 0xf6, 0xe2, 0xff, 0xc5, 0x27,
+    0xa4, 0x5d, 0x83, 0x0b, 0x12, 0xb0, 0x61, 0x20, 0x38, 0x8b, 0xab, 0xb6, 0x64, 0x2d, 0xbf, 0xdb,
+    0x68, 0xe2, 0x2a, 0xab, 0xe8, 0x22, 0x3c, 0x6e, 0xa3, 0xd0, 0xbe, 0x80, 0xcf, 0x67, 0xf4, 0x3b,
+    0x57, 0x7f, 0xbd, 0x5d, 0x52, 0x99, 0xee, 0x4c, 0x79, 0xae, 0xe2, 0x05, 0x3c, 0x8d, 0x2c, 0x10,
+    0xfd, 0x7e, 0xa1, 0xad, 0xd5, 0x42, 0x7c, 0x25, 0x4e, 0x39, 0x1c, 0x28, 0x23, 0xe2, 0xa3, 0x80,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x35, 0x3e, 0xad, 0x47, 0x0c, 0xfa, 0xac, 0x9a, 0x10, 0x6a, 0xf0, 0x39, 0xef, 0x1e, 0x3f, 0xd0,
+    0x4b, 0xc7, 0x40, 0x68, 0xbb, 0x4f, 0xcb, 0xde, 0x67, 0x96, 0x48, 0xf0, 0xca, 0x09, 0x4c, 0x86,
+    0x47, 0x05, 0x6c, 0xb6, 0xde, 0x31, 0x9f, 0x0e, 0xeb, 0x8e, 0x80, 0x99, 0x63, 0x10, 0xf6, 0x95,
+    0xa2, 0x3c, 0x95, 0x64, 0xc1, 0x8f, 0x4b, 0x48, 0x7e, 0x87, 0xcf, 0x63, 0xd1, 0xc0, 0xe2, 0x33,
+    0x83, 0x87, 0x4c, 0x82, 0x62, 0xf7, 0x1b, 0x61, 0x39, 0xc5, 0xa4, 0xe1, 0x06, 0xf5, 0xd0, 0xd6,
+    0x7c, 0x67, 0x5e, 0x0a, 0x47, 0xa0, 0xc0, 0xdd, 0xf4, 0xf8, 0x25, 0x3b, 0xf7, 0x4c, 0xf9, 0x0e,
+    0xd2, 0x99, 0xe7, 0xb0, 0xe3, 0x51, 0xdf, 0x45, 0x06, 0x67, 0x22, 0x31, 0x8f, 0x95, 0xa1, 0x2e,
+    0x13, 0xab, 0xda, 0x3d, 0x04, 0x56, 0x64, 0x76, 0xb1, 0x26, 0x50, 0x17, 0xe4, 0x0a, 0x15, 0xf1,
+    0x7e, 0xf9, 0xed, 0x2f, 0xb7, 0xb5, 0x67, 0x44, 0x77, 0xfc, 0xb8, 0xc9, 0x25, 0x17, 0x73, 0x56,
+    0x3e, 0xd2, 0x2f, 0x05, 0xc2, 0x50, 0x60, 0x8f, 0x7a, 0x7c, 0xf3, 0xfc, 0x9a, 0x26, 0x9d, 0x07,
+    0x7a, 0x06, 0x48, 0x65, 0x94, 0x9f, 0xea, 0xb5, 0xb2, 0xf4, 0x41, 0xee, 0x42, 0xa1, 0xa4, 0xe6,
+    0x84, 0xa9, 0xe2, 0x1e, 0xc9, 0x23, 0x83, 0xa4, 0xdf, 0xcb, 0x6f, 0x4d, 0xda, 0xd4, 0xc8, 0x12,
+    0x16, 0x1b, 0xc7, 0x84, 0x5f, 0x97, 0x5b, 0x2a, 0xd4, 0x2c, 0x06, 0x49, 0xea, 0x70, 0x87, 0x6d,
+    0xd1, 0x48, 0xec, 0x66, 0x6b, 0xaf, 0xca, 0x71, 0x25, 0x61, 0x10, 0xba, 0x34, 0x02, 0x6e, 0x5a,
+    0xb1, 0x97, 0x4f, 0x59, 0xc5, 0xd9, 0x2f, 0x3e, 0xcf, 0xa1, 0x9f, 0x74, 0x35, 0xca, 0xf7, 0xc2,
+    0x0c, 0xc2, 0x2c, 0xde, 0x65, 0x7e, 0x54, 0xd0, 0x8c, 0x18, 0xc8, 0x69, 0xa9, 0x19, 0xba, 0x13,
+    0x29, 0x86, 0x50, 0x72, 0xe5, 0x2c, 0x89, 0x08, 0x0e, 0x52, 0x5a, 0xcc, 0x19, 0x9a, 0x5f, 0x46,
+    0x06, 0x61, 0x16, 0x6f, 0xd3, 0x3f, 0x2a, 0x68, 0x46, 0x0c, 0x64, 0xd5, 0xb5, 0xed, 0x5d, 0xe8,
+    0x2c, 0x36, 0x4d, 0xcb, 0xbe, 0xed, 0xb6, 0x54, 0x6b, 0x58, 0x0c, 0x92, 0x17, 0xe0, 0xcd, 0xda,
+    0x2a, 0x57, 0x5b, 0xa4, 0x6d, 0xd2, 0x9c, 0x3c, 0x2d, 0x54, 0x68, 0x47, 0xa2, 0x0d, 0x90, 0x32,
+    0xcd, 0xf0, 0x11, 0x53, 0x82, 0x79, 0xef, 0xe3, 0x3b, 0x59, 0xba, 0x4f, 0xc2, 0x86, 0x0e, 0xcc,
+    0x07, 0x2e, 0xae, 0x9c, 0xab, 0xd4, 0x98, 0xc5, 0xe6, 0x0e, 0xcb, 0xac, 0xdc, 0x21, 0x18, 0xc4,
+    0x10, 0x7a, 0xd1, 0xeb, 0x8c, 0xa8, 0x71, 0x42, 0x92, 0x20, 0x62, 0x9c, 0x5f, 0x9d, 0xda, 0x85,
+    0x08, 0x3d, 0x89, 0x94, 0x46, 0x54, 0xd9, 0x21, 0x49, 0x10, 0x31, 0x4e, 0xce, 0xaf, 0x6d, 0xa3,
+    0xf9, 0x81, 0x04, 0xe7, 0xf6, 0x68, 0xf1, 0xd4, 0x8b, 0x31, 0xe5, 0x0f, 0x44, 0x54, 0x74, 0x30,
+    0x11, 0x35, 0x69, 0x18, 0xf4, 0x43, 0xc3, 0xef, 0x32, 0x22, 0xcd, 0xe5, 0x36, 0x51, 0x9f, 0xa9,
+    0x28, 0xc9, 0xe8, 0x81, 0x9d, 0xc7, 0x3b, 0xa5, 0xae, 0x50, 0xf5, 0xb5, 0x70, 0x56, 0x1a, 0x6a,
+    0xeb, 0x65, 0x66, 0x29, 0x8a, 0xd5, 0x27, 0x0f, 0x9a, 0x15, 0x1a, 0x61, 0xc9, 0x92, 0x24, 0xed,
+    0x87, 0x78, 0xe9, 0xc8, 0x41, 0xdd, 0x96, 0x90, 0xfc, 0xcd, 0x5d, 0xc6, 0x61, 0x43, 0x07, 0x66,
+    0xf1, 0xbc, 0x8d, 0x73, 0xb0, 0x3c, 0x28, 0xf5, 0xc2, 0x21, 0xd4, 0x41, 0x8a, 0xfb, 0x19, 0x93,
+    0xc6, 0x1c, 0x93, 0x11, 0x4c, 0xd3, 0x23, 0xf6, 0x51, 0x4f, 0xb9, 0x8a, 0xb7, 0xbe, 0xac, 0x1b,
+    0xb5, 0x68, 0xea, 0x13, 0xe6, 0xf3, 0xa2, 0xcf, 0x0a, 0xa9, 0x66, 0x53, 0x52, 0x7c, 0x20, 0x72,
+    0x6f, 0xcc, 0x84, 0x37, 0x43, 0xf6, 0xa4, 0xab, 0x45, 0xde, 0x75, 0x2c, 0x13, 0x46, 0xec, 0xff,
+    0xcc, 0xbf, 0xa9, 0xa0, 0xfa, 0x92, 0x5d, 0x4e, 0x9b, 0x5b, 0x15, 0x36, 0xab, 0x4a, 0x4b, 0xe0,
+    0x34, 0x71, 0x15, 0xb4, 0x74, 0x11, 0x1e, 0x37, 0xb0, 0x68, 0x5f, 0x40, 0x86, 0xd2, 0x7a, 0xfc,
+    0x1c, 0xb8, 0xfd, 0x35, 0xe9, 0xd6, 0x25, 0x92, 0x1e, 0x38, 0xaa, 0xf5, 0xf6, 0x84, 0x60, 0x96,
+    0x4d, 0xa6, 0x56, 0x07, 0x68, 0x70, 0xe1, 0xb6, 0x21, 0x9a, 0x2c, 0x25, 0x7f, 0xe4, 0x11, 0x6e,
+    0xf3, 0x22, 0x3e, 0x56, 0x40, 0x29, 0x8f, 0x6c, 0x41, 0x25, 0x49, 0xb3, 0x58, 0xa0, 0x93, 0xcb,
+    0x96, 0x4d, 0x80, 0xd0, 0xb5, 0x9e, 0x55, 0x7f, 0xce, 0xef, 0x90, 0x23, 0x57, 0x12, 0x98, 0xcf,
+    0x05, 0xb0, 0x1d, 0xb9, 0x5b, 0xc1, 0x3f, 0x5c, 0x65, 0x0a, 0x56, 0x5e, 0x0e, 0x7a, 0x92, 0x9c,
+    0x61, 0x90, 0x1b, 0xcc, 0xd6, 0x9d, 0x57, 0xe2, 0x4a, 0xc2, 0x20, 0xb7, 0x68, 0x04, 0xdc, 0xb4,
+    0x59, 0x23, 0x22, 0xa6, 0xc7, 0xf2, 0x1d, 0x05, 0x76, 0xb2, 0xb7, 0x9e, 0x47, 0xcf, 0x1c, 0x5b,
+    0x86, 0x37, 0x51, 0x3b, 0x39, 0x36, 0x24, 0x3d, 0x5c, 0xcf, 0xf2, 0xbf, 0x08, 0x8f, 0x42, 0x4a,
+    0x88, 0x6b, 0xce, 0xc0, 0xac, 0x5d, 0xd7, 0x74, 0x53, 0xd3, 0xa7, 0x24, 0x73, 0xcd, 0x72, 0x01,
+    0xb3, 0x09, 0xfc, 0x7c, 0x35, 0xcc, 0x88, 0xa7, 0x4c, 0xa5, 0x02, 0x86, 0xe7, 0x91, 0x7d, 0x9a,
+    0x89, 0x24, 0x76, 0x33, 0xd4, 0xb6, 0x65, 0xd9, 0xf3, 0xd1, 0x08, 0x5d, 0x1a, 0x01, 0x37, 0x2d,
+    0xfc, 0x31, 0x19, 0x5e, 0xad, 0xa9, 0xce, 0x88, 0xee, 0x3b, 0xb3, 0x51, 0x4a, 0x2e, 0xe6, 0xac,
+    0xab, 0x4e, 0xa4, 0x03, 0xff, 0x30, 0x20, 0xc4, 0x97, 0x95, 0x51, 0x54, 0x76, 0xa3, 0xca, 0xbc,
+    0x53, 0x80, 0x18, 0x17, 0x71, 0xb3, 0x63, 0xbd, 0xbc, 0xa6, 0x1b, 0x22, 0x5b, 0x3b, 0xfb, 0xa0,
+    0xb4, 0x27, 0x52, 0xe0, 0x9e, 0x18, 0x10, 0x62, 0xaa, 0xab, 0xc9, 0x2a, 0x3b, 0xb0, 0x65, 0x5e,
+    0xe3, 0x58, 0xef, 0xbd, 0xcc, 0x81, 0xfe, 0x2e, 0xd3, 0x05, 0x2b, 0x2f, 0x07, 0x3d, 0x49, 0x4e,
+    0xce, 0x21, 0x1a, 0x85, 0x0a, 0x87, 0xfa, 0xd7, 0x18, 0x5f, 0x88, 0xc4, 0x79, 0x11, 0xc1, 0xb8,
+    0x52, 0xcf, 0xa0, 0xe4, 0x09, 0x58, 0xd1, 0x10, 0x1c, 0xa4, 0xb4, 0x5b, 0x32, 0xf7, 0xbe, 0x8c,
+    0x8c, 0x94, 0x6b, 0x8a, 0x8f, 0x77, 0x5a, 0x85, 0x96, 0xdb, 0x5e, 0x03, 0x14, 0x7b, 0xa5, 0xb1,
+    0x3a, 0x2d, 0x8a, 0x4f, 0xe1, 0x7a, 0xed, 0x7e, 0xbf, 0x74, 0x0a, 0xdb, 0xfd, 0x90, 0x4a, 0xb7,
+    0xca, 0xde, 0xbf, 0xcf, 0x29, 0xad, 0x77, 0x26, 0xdd, 0x57, 0x71, 0xe3, 0x1e, 0xa7, 0x16, 0x08,
+    0x54, 0xae, 0xb6, 0x8b, 0xda, 0x67, 0xfb, 0x78, 0x5a, 0xa8, 0xd0, 0x8e, 0x87, 0x1a, 0xe3, 0x64,
+    0xa7, 0x8c, 0x88, 0xdd, 0x9a, 0x4e, 0x74, 0x14, 0x1b, 0x8d, 0x99, 0x3d, 0xdf, 0xba, 0x70, 0xaf,
+    0x99, 0x5e, 0xa7, 0xd8, 0x58, 0x1e, 0x14, 0x9b, 0x61, 0xf1, 0x6a, 0xc1, 0x45, 0x9c, 0xed, 0xa8,
+    0x0a, 0xa3, 0x3a, 0xb1, 0xb6, 0x41, 0x7e, 0xb8, 0xca, 0x14, 0xac, 0xbc, 0x1c, 0xf4, 0xe7, 0xfb,
+    0x40, 0x2b, 0xc2, 0x2a, 0x75, 0xe5, 0x07, 0xcb, 0x0d, 0x80, 0x4b, 0x35, 0xbf, 0x31, 0xee, 0x51,
+    0x02, 0x9e, 0xb3, 0x25, 0xf0, 0x15, 0xa7, 0x99, 0x83, 0x04, 0x9d, 0xf2, 0xd2, 0x5b, 0x8a, 0x58,
+    0x5b, 0xbd, 0x91, 0x83, 0x37, 0xe7, 0xba, 0x9c, 0xf5, 0xb6, 0x2a, 0x6c, 0x95, 0x94, 0x96, 0x03,
+    0xbc, 0x1a, 0xdb, 0x74, 0xd8, 0x4c, 0xc9, 0x43, 0xe3, 0xbb, 0xf8, 0x64, 0xf5, 0x1f, 0x08, 0xfd,
+    0x78, 0x98, 0xfb, 0x40, 0x64, 0x8a, 0x4d, 0x2c, 0x31, 0xf0, 0xdc, 0x1c, 0x90, 0xfa, 0x2e, 0xbe,
+    0x79, 0xd7, 0x43, 0xb3, 0x1c, 0x61, 0xff, 0x81, 0x91, 0xf2, 0x73, 0x65, 0xf9, 0x36, 0x6b, 0x92,
+    0xf5, 0x43, 0x28, 0x39, 0x93, 0x16, 0xa5, 0x04, 0x07, 0x29, 0x2d, 0x66, 0xed, 0x4d, 0xce, 0x23,
+    0xa9, 0xd0, 0x17, 0x26, 0x0f, 0x25, 0x87, 0x5d, 0x14, 0x91, 0xcc, 0xa6, 0xa4, 0xf8, 0x40, 0xe4,
+    0xec, 0x4b, 0xc8, 0xb5, 0x21, 0x01, 0xbf, 0xca, 0x7c, 0x1b, 0xd1, 0xcd, 0x15, 0xb3, 0x3c, 0x29,
+    0x7d, 0x28, 0xe6, 0xf9, 0x3f, 0x4b, 0x72, 0x70, 0x54, 0xfa, 0x8a, 0x42, 0x9e, 0x80, 0xbc, 0x22,
+    0x45, 0x9b, 0xdf, 0x93, 0x2e, 0x24, 0x38, 0x97, 0x68, 0x8a, 0x1d, 0x6b, 0xb1, 0x4b, 0x7c, 0xcd,
+    0x3c, 0x4c, 0x9c, 0x20, 0x32, 0x45, 0xc7, 0x16, 0xf9, 0x78, 0x6e, 0x0e, 0x48, 0x7d, 0x17, 0x5f,
+    0x65, 0x6f, 0xbe, 0x86, 0xf5, 0xb7, 0xda, 0x13, 0x8f, 0xca, 0xd9, 0x90, 0x0f, 0xb2, 0x0b, 0x04,
+    0x01, 0x4f, 0xb8, 0xf3, 0x78, 0xeb, 0xb2, 0xad, 0xa0, 0x02, 0xaf, 0x79, 0x69, 0xcc, 0x45, 0x2c,
+    0x24, 0x0b, 0xc4, 0x5f, 0xf8, 0xb9, 0x6f, 0x75, 0x22, 0x48, 0x3d, 0xdc, 0xd9, 0x4f, 0xa0, 0x79,
+    0x5f, 0x42, 0x34, 0xc9, 0x14, 0xcd, 0x37, 0x6d, 0x30, 0xbe, 0xd3, 0x4b, 0xf2, 0x22, 0x41, 0xb3,
+    0x7f, 0xb6, 0x55, 0xdc, 0xcf, 0x5e, 0xd5, 0xe9, 0xd7, 0xfe, 0x17, 0xb0, 0x4c, 0xdb, 0x36, 0x7a,
+    0x20, 0xf4, 0x61, 0x15, 0xdb, 0x93, 0xe2, 0x84, 0xe7, 0x40, 0xc4, 0xfb, 0xbe, 0xf9, 0x77, 0xc9,
+    0xae, 0xfe, 0xb9, 0xba, 0xa4, 0xf1, 0x1f, 0x98, 0xf2, 0x9f, 0x07, 0x0a, 0x78, 0xd9, 0x58, 0x20,
+    0x5e, 0x0d, 0x8c, 0x3a, 0x6c, 0x26, 0x85, 0xc0, 0x90, 0xbc, 0x7c, 0x32, 0x9b, 0xee, 0x04, 0x9f,
+    0xaf, 0xb1, 0x01, 0x49, 0xdc, 0x1a, 0xad, 0x35, 0x52, 0x9d, 0xa8, 0x73, 0x11, 0x15, 0x1d, 0x0c,
+    0xd0, 0x07, 0x54, 0x95, 0x13, 0x44, 0x78, 0xdc, 0x85, 0x63, 0xbf, 0xc3, 0x5d, 0xce, 0x2b, 0x76,
+    0xb2, 0x46, 0x44, 0x8f, 0x4d, 0x27, 0x3a, 0x0a, 0xec, 0xa7, 0xad, 0xff, 0x8e, 0x5d, 0x38, 0xb6,
+    0x8f, 0x45, 0x60, 0x5c, 0x07, 0x89, 0x4f, 0xb1, 0xb5, 0xdd, 0x6c, 0x88, 0xaf, 0xec, 0x6a, 0xc5,
+    0x27, 0xda, 0xcf, 0x89, 0x70, 0x47, 0x7a, 0x41, 0x01, 0x4e, 0x0f, 0x57, 0x62, 0xd8, 0x6f, 0x0d,
+    0x8d, 0xdb, 0xd3, 0x79, 0xf7, 0x9c, 0xe8, 0x28, 0x36, 0xd9, 0xf1, 0x7a, 0x7d, 0xb7, 0xe0, 0x9d,
+    0x4c, 0xe9, 0xee, 0xf4, 0x10, 0x9b, 0x53, 0x1b, 0x81, 0x98, 0x83, 0x5c, 0x16, 0x28, 0x54, 0x42,
+    0xd4, 0xf8, 0xf1, 0xdf, 0x30, 0x6e, 0xf5, 0x2d, 0x40, 0x6b, 0x46, 0xe4, 0x3a, 0x78, 0xfc, 0xc6,
+    0xfa, 0x50, 0x0f, 0x31, 0x7e, 0x96, 0xe4, 0xe0, 0xa8, 0x37, 0xd7, 0x84, 0xff, 0xc3, 0xbb, 0x44,
+    0xf2, 0x6d, 0x86, 0xa5, 0x38, 0xc2, 0x3d, 0xc1, 0xe1, 0x27, 0xe6, 0xca, 0x31, 0x6c, 0xd6, 0xe7,
+  },
+  { /* 1 */
+    0x2f, 0x36, 0x58, 0xea, 0xa2, 0x0c, 0x25, 0xcf, 0x7c, 0xd9, 0x9e, 0x49, 0x92, 0xd3, 0x50, 0x36,
+    0x48, 0x33, 0xd6, 0x3a, 0x7e, 0x8c, 0x82, 0xb8, 0xf4, 0x6c, 0x87, 0xe4, 0x0b, 0xa6, 0x9f, 0x33,
+    0x5c, 0x9c, 0xe9, 0x76, 0x65, 0xa2, 0xaf, 0xd9, 0x01, 0x72, 0x0a, 0x54, 0xa8, 0x81, 0x94, 0x9c,
+    0x0c, 0x65, 0x15, 0x85, 0x09, 0x1a, 0x1b, 0x9e, 0x53, 0x0a, 0x7b, 0xd1, 0x61, 0x1d, 0xb8, 0x65,
+    0x3b, 0x99, 0x67, 0xa6, 0xb9, 0x22, 0x08, 0xae, 0x89, 0xc7, 0x13, 0xf9, 0x31, 0xf4, 0x5b, 0x99,
+    0x62, 0x5e, 0xf1, 0xc3, 0xaa, 0x6a, 0x3d, 0xfe, 0x24, 0x53, 0xab, 0x81, 0xc1, 0x0c, 0xbd, 0x5e,
+    0xe7, 0xef, 0x6c, 0x2a, 0x3c, 0xc2, 0x44, 0x6e, 0x67, 0x75, 0x70, 0x59, 0xb2, 0xd6, 0x51, 0xef,
+    0x42, 0x85, 0x28, 0x1c, 0x92, 0x9b, 0x75, 0x69, 0x6f, 0x63, 0x20, 0xbc, 0xbb, 0x54, 0x7b, 0x85,
+    0x61, 0xd6, 0x65, 0x73, 0x39, 0x8d, 0x4b, 0x38, 0x40, 0xb0, 0xc5, 0x24, 0x48, 0x9a, 0x93, 0xd6,
+    0x1a, 0x3a, 0x73, 0xa8, 0xf0, 0x8e, 0xd3, 0x7b, 0x5f, 0x17, 0x03, 0xa7, 0x8d, 0xde, 0x87, 0x3a,
+    0xf9, 0xf6, 0xad, 0x40, 0xcb, 0xfb, 0x9e, 0xde, 0x09, 0x64, 0x5a, 0xb1, 0xa1, 0x03, 0xbe, 0xf6,
+    0x12, 0x7c, 0xd4, 0xef, 0xfe, 0x23, 0xc1, 0x2e, 0x3d, 0x1b, 0x51, 0x39, 0x72, 0xc8, 0x57, 0x7c,
+    0x80, 0xea, 0xe2, 0xfa, 0xe0, 0x42, 0xe3, 0x19, 0xef, 0xc0, 0x69, 0xf4, 0x2b, 0xa3, 0x9e, 0xea,
+    0x82, 0x1a, 0xbb, 0x9b, 0x02, 0xf8, 0x06, 0x9d, 0x16, 0xc3, 0x9c, 0x32, 0x64, 0x47, 0xaa, 0x1a,
+    0x25, 0x80, 0xa6, 0xcc, 0x4e, 0x1b, 0xd2, 0x1e, 0xe7, 0xd6, 0x39, 0x11, 0x22, 0x21, 0xb4, 0x80,
+    0xe2, 0xb4, 0x13, 0x39, 0x4a, 0x28, 0xde, 0xe7, 0xcb, 0x93, 0xc2, 0x75, 0xea, 0xaf, 0x23, 0xb4,
+    0x06, 0xd3, 0xeb, 0xa3, 0xe5, 0x0d, 0xec, 0x4f, 0xc8, 0x05, 0xdc, 0x89, 0xd1, 0xef, 0x5c, 0xd3,
+    0x24, 0xf8, 0x6b, 0x1d, 0x3f, 0x46, 0x41, 0x5c, 0x7a, 0x36, 0xa2, 0x72, 0xe4, 0x53, 0xae, 0xf8,
+    0x40, 0x75, 0x71, 0x7d, 0x70, 0x21, 0x90, 0xed, 0x96, 0x60, 0xd5, 0x7a, 0xf4, 0xb0, 0x4f, 0x75,
+    0x8a, 0x5c, 0x1c, 0xdc, 0x0c, 0x55, 0x14, 0xc8, 0x74, 0xcf, 0xce, 0xac, 0x9b, 0x51, 0x7a, 0x5c,
+    0xd5, 0x48, 0x61, 0x1a, 0xfa, 0x10, 0xcd, 0xd7, 0x11, 0x5e, 0xaa, 0x5d, 0xba, 0x46, 0xc0, 0x48,
+    0x77, 0x89, 0x03, 0x5e, 0xc0, 0x19, 0x83, 0xdd, 0x4c, 0xad, 0xbd, 0x52, 0xa4, 0x59, 0xac, 0x89,
+    0x6c, 0xcb, 0xbd, 0x27, 0x41, 0xca, 0xc3, 0xe4, 0x8e, 0x5a, 0x25, 0x96, 0xef, 0xf5, 0x31, 0xcb,
+    0xec, 0x21, 0x5f, 0xdd, 0xa1, 0x88, 0x20, 0xfd, 0x61, 0x9a, 0x4c, 0x62, 0xc4, 0x56, 0xaf, 0x21,
+    0xda, 0xa5, 0xe0, 0x2f, 0x60, 0xed, 0xa0, 0x8f, 0x26, 0xb7, 0xbf, 0x29, 0x52, 0xcd, 0x56, 0xa5,
+    0xa9, 0x0f, 0x51, 0xb3, 0xa7, 0x43, 0x2a, 0x99, 0x5b, 0x1c, 0x2b, 0x34, 0x68, 0x9f, 0x92, 0x0f,
+    0xd8, 0x55, 0xb9, 0x4e, 0x82, 0x57, 0x45, 0x0b, 0xdf, 0xb4, 0x4a, 0xef, 0x1d, 0x29, 0x62, 0x55,
+    0x74, 0x01, 0x97, 0xee, 0x53, 0xfe, 0xf5, 0x1b, 0x28, 0x4e, 0xd3, 0xf7, 0x2d, 0xcf, 0x82, 0x01,
+    0xb1, 0xc5, 0x7b, 0x7a, 0xb5, 0x77, 0x1c, 0x66, 0xfd, 0x08, 0xdd, 0x55, 0xaa, 0xa5, 0x21, 0xc5,
+    0xc8, 0xd9, 0x34, 0xc0, 0x9e, 0xce, 0x61, 0xa1, 0x1b, 0xac, 0xee, 0x10, 0x20, 0x05, 0x01, 0xd9,
+    0x85, 0xb1, 0x9d, 0xe9, 0x96, 0xa8, 0x79, 0x90, 0x43, 0x26, 0xdb, 0xd8, 0x73, 0xda, 0xec, 0xb1,
+    0xa7, 0x9a, 0x1d, 0x57, 0x4c, 0xe3, 0xd4, 0x83, 0xf1, 0x15, 0xa5, 0x23, 0x46, 0x66, 0x1e, 0x9a,
+    0x92, 0x96, 0x36, 0x15, 0x1e, 0x61, 0x22, 0x37, 0xd2, 0xdb, 0x38, 0xcd, 0x59, 0x6b, 0xc9, 0x96,
+    0xde, 0x86, 0x52, 0xed, 0x67, 0x5a, 0xa9, 0x44, 0x17, 0xb1, 0x96, 0x66, 0xcc, 0xc6, 0x3e, 0x86,
+    0x43, 0xfd, 0xe5, 0xcd, 0xe3, 0xc6, 0xe6, 0x2b, 0xf2, 0x83, 0xbb, 0xdf, 0x7d, 0x26, 0x61, 0xfd,
+    0x38, 0x11, 0xf3, 0x16, 0x2a, 0xc5, 0x7e, 0x68, 0xed, 0x24, 0x7d, 0x5c, 0xb8, 0x62, 0x75, 0x11,
+    0x27, 0x70, 0xff, 0xad, 0xac, 0xa1, 0x37, 0x9a, 0x1e, 0xd5, 0xcc, 0xd7, 0x6d, 0xc5, 0x80, 0x70,
+    0xee, 0xd1, 0x06, 0xbc, 0x43, 0x32, 0xc5, 0x79, 0x98, 0x99, 0xb9, 0xa4, 0x8b, 0xb2, 0x9b, 0xd1,
+    0xd0, 0x13, 0x1e, 0x09, 0x8c, 0xfa, 0x57, 0x5e, 0xbd, 0xb8, 0x18, 0x71, 0xe2, 0x3f, 0xb2, 0x13,
+    0x73, 0xaa, 0xb1, 0x9c, 0xc7, 0xae, 0x8a, 0x16, 0x7d, 0xab, 0x94, 0x1d, 0x3a, 0x52, 0xc4, 0xaa,
+    0xb2, 0x4d, 0xef, 0xca, 0x26, 0x90, 0x6a, 0xa0, 0x99, 0xeb, 0xb3, 0xf0, 0x23, 0x33, 0x0f, 0x4d,
+    0xfb, 0x06, 0xf4, 0x21, 0x29, 0x41, 0x7b, 0x5a, 0xf0, 0x67, 0xaf, 0x77, 0xee, 0xe7, 0x8a, 0x06,
+    0x10, 0x8c, 0x8d, 0x8e, 0x1c, 0x99, 0x24, 0xaa, 0xc4, 0x18, 0xa4, 0xff, 0x3d, 0x2c, 0x63, 0x8c,
+    0xe6, 0x97, 0xa1, 0xfb, 0x4d, 0x9f, 0xd7, 0x2c, 0xfa, 0x95, 0xeb, 0x3a, 0x74, 0xa4, 0x4b, 0x97,
+    0x0b, 0xce, 0x33, 0xf7, 0x9d, 0x4a, 0x64, 0x93, 0x06, 0xef, 0x3c, 0x3b, 0x76, 0x80, 0xfe, 0xce,
+    0x98, 0x20, 0xc8, 0x33, 0xf2, 0x76, 0xd5, 0xe6, 0x49, 0xd4, 0x9f, 0x95, 0xe9, 0x99, 0x2d, 0x20,
+    0xb6, 0x6e, 0x5d, 0x08, 0x21, 0x27, 0x63, 0x6b, 0xa8, 0xed, 0x9a, 0xbf, 0xbd, 0x38, 0x67, 0x6e,
+    0x11, 0xf4, 0x40, 0x5f, 0x6d, 0xc4, 0xb7, 0xe8, 0x59, 0xf8, 0x3f, 0x9c, 0xfb, 0x5e, 0x79, 0xf4,
+    0xbd, 0xa0, 0x6e, 0xff, 0xbc, 0x6d, 0x07, 0xf8, 0xae, 0x02, 0xa6, 0x84, 0xcb, 0xb8, 0x99, 0xa0,
+    0x0f, 0xed, 0x81, 0x35, 0x9a, 0xfd, 0x6d, 0x58, 0x37, 0xe9, 0x15, 0x74, 0xe8, 0x8b, 0x96, 0xed,
+    0xf3, 0x40, 0x53, 0x66, 0x27, 0xec, 0x69, 0x0f, 0x92, 0x6b, 0xfd, 0xe9, 0x11, 0xf1, 0x5a, 0x40,
+    0x5d, 0xe4, 0x24, 0xa7, 0x14, 0xff, 0x3c, 0x9b, 0x9c, 0x92, 0x91, 0x37, 0x6e, 0xf3, 0x8e, 0xe4,
+    0xbf, 0x50, 0x37, 0x9e, 0x5e, 0xd7, 0xe2, 0x7c, 0x57, 0x01, 0x53, 0x42, 0x84, 0x5c, 0xad, 0x50,
+    0x47, 0xde, 0x57, 0x0f, 0xe4, 0x71, 0xef, 0xe0, 0xc3, 0x85, 0x92, 0x90, 0xe3, 0x2d, 0x09, 0xde,
+    0x2e, 0x4e, 0x95, 0x3b, 0xd3, 0x51, 0xb6, 0x8d, 0xe1, 0x39, 0x05, 0x2a, 0x54, 0xa1, 0x4a, 0x4e,
+    0xc1, 0xe7, 0x5e, 0x56, 0xe1, 0x3e, 0xe0, 0xb6, 0xe4, 0x40, 0x27, 0xed, 0x19, 0x61, 0xcb, 0xe7,
+    0xd6, 0xc0, 0xf5, 0xaa, 0x69, 0xf7, 0xbb, 0x11, 0x75, 0xbd, 0xc4, 0xf8, 0x33, 0xd0, 0xee, 0xc0,
+    0x21, 0xa3, 0x14, 0x0e, 0x49, 0xac, 0xdb, 0xd5, 0xd6, 0xd0, 0x10, 0x5e, 0xbc, 0x2a, 0xdc, 0xa3,
+    0x23, 0x53, 0x4d, 0x6f, 0xab, 0x16, 0x3e, 0x51, 0x2f, 0xd3, 0xe5, 0x98, 0xf3, 0xce, 0xe8, 0x53,
+    0xf4, 0xeb, 0x75, 0x14, 0xb3, 0xbc, 0x16, 0x02, 0xc7, 0x8e, 0xba, 0x03, 0x06, 0x6c, 0x1c, 0xeb,
+    0x6e, 0x3b, 0xe4, 0x46, 0xa3, 0x70, 0x26, 0x60, 0x77, 0x59, 0xd0, 0x50, 0xa0, 0x11, 0x05, 0x3b,
+    0x8e, 0x7f, 0xae, 0x1e, 0x0b, 0xe2, 0x1d, 0x03, 0x45, 0xc9, 0xe7, 0xe3, 0x05, 0x5a, 0x12, 0x7f,
+    0xc0, 0x9f, 0x93, 0x87, 0x90, 0x63, 0x73, 0xf4, 0x79, 0xa0, 0xbc, 0x8e, 0xdf, 0x13, 0xd1, 0x9f,
+    0x90, 0x66, 0x6f, 0x74, 0xfc, 0xdb, 0xc7, 0xb3, 0x2b, 0xd8, 0xcd, 0x0b, 0x16, 0x8f, 0xfd, 0x66,
+    0xf5, 0x93, 0xb8, 0xc5, 0xc2, 0xe1, 0x85, 0x40, 0x5a, 0x6e, 0x21, 0x60, 0xc0, 0x1e, 0x06, 0x93,
+    0x5a, 0x4f, 0x02, 0xd5, 0x80, 0xaf, 0x43, 0x96, 0xc9, 0x77, 0xd6, 0xdd, 0x79, 0x6e, 0xc8, 0x4f,
+    0x84, 0xc9, 0x50, 0x38, 0xe7, 0xf5, 0xea, 0xd2, 0xde, 0xc6, 0x40, 0xbb, 0xb5, 0xa8, 0xf6, 0xc9,
+    0x19, 0xb2, 0xe7, 0x18, 0x63, 0x69, 0xa5, 0xbd, 0x3b, 0xf4, 0x6d, 0x02, 0x04, 0x48, 0xa9, 0xb2,
+    0x6d, 0xb3, 0x70, 0xf6, 0x30, 0x97, 0x50, 0xa6, 0x13, 0xba, 0xbe, 0xf5, 0x29, 0x87, 0x2b, 0xb3,
+    0x75, 0x79, 0x5a, 0x3f, 0x22, 0xa3, 0x66, 0x59, 0xb5, 0xae, 0x48, 0x94, 0xeb, 0xbd, 0x98, 0x79,
+    0x5f, 0x14, 0x7d, 0xc6, 0xf6, 0x45, 0xd9, 0x1f, 0x65, 0x91, 0x64, 0xf1, 0x21, 0x17, 0xba, 0x14,
+    0xe0, 0x44, 0x4a, 0x58, 0xa8, 0x92, 0x3b, 0x63, 0x32, 0x90, 0x37, 0xb3, 0xa5, 0x4b, 0x17, 0x44,
+    0xb3, 0x35, 0x22, 0x1b, 0x57, 0xcd, 0xf9, 0xe2, 0x04, 0x0b, 0x28, 0x93, 0xe5, 0x41, 0x15, 0x35,
+    0x52, 0x09, 0xa5, 0x92, 0x8e, 0x02, 0x51, 0xc3, 0xab, 0x7b, 0x84, 0x43, 0x86, 0x78, 0x18, 0x09,
+    0xb4, 0x9e, 0x04, 0x69, 0xc3, 0x9d, 0x86, 0xef, 0x51, 0xee, 0x6f, 0x79, 0xf2, 0xdc, 0x53, 0x9e,
+    0x32, 0xa7, 0x0d, 0x30, 0xc6, 0xd2, 0x89, 0xb9, 0x76, 0x2b, 0xda, 0x04, 0x08, 0x90, 0x91, 0xa7,
+    0xb7, 0x16, 0x90, 0xd9, 0x50, 0x7a, 0xf0, 0x29, 0x35, 0x0d, 0x01, 0xdc, 0x7b, 0x4a, 0x7d, 0x16,
+    0xc6, 0x4c, 0x78, 0x24, 0x75, 0x6e, 0x9f, 0xbb, 0xb1, 0xa5, 0x60, 0x07, 0x0e, 0xfc, 0x8d, 0x4c,
+    0xa3, 0xb9, 0xaf, 0x95, 0x4b, 0x54, 0xdd, 0x48, 0xc0, 0x13, 0x8c, 0x6c, 0xd8, 0x6d, 0x76, 0xb9,
+    0x50, 0xf9, 0xfc, 0xf3, 0x6c, 0xb8, 0xb4, 0x47, 0x52, 0x78, 0x71, 0x85, 0xc9, 0x9c, 0x2c, 0xf9,
+    0xe8, 0x02, 0xed, 0x1f, 0xa6, 0x3f, 0x29, 0x36, 0x50, 0x9c, 0x65, 0x2d, 0x5a, 0x5d, 0xc7, 0x02,
+    0x6a, 0x18, 0x56, 0x84, 0xa4, 0xc7, 0x2f, 0xab, 0x46, 0x5f, 0xf9, 0x1f, 0x3e, 0x1a, 0x6d, 0x18,
+    0x9c, 0x03, 0x7a, 0xf1, 0xf5, 0xc1, 0xdc, 0x2d, 0x78, 0xd2, 0xb6, 0xda, 0x77, 0x92, 0x45, 0x03,
+    0x57, 0x52, 0xda, 0x81, 0xf8, 0xe8, 0xcb, 0x4a, 0x07, 0x9d, 0x36, 0x6f, 0xde, 0x01, 0x6a, 0x52,
+    0x4a, 0xc3, 0x8f, 0x5b, 0x9c, 0x36, 0x67, 0x3c, 0x0d, 0x6f, 0x72, 0x22, 0x44, 0x42, 0xab, 0xc3,
+    0x6f, 0x43, 0x29, 0x97, 0xd2, 0x2d, 0xb5, 0x22, 0xea, 0xb9, 0x4b, 0x33, 0x66, 0x63, 0x1f, 0x43,
+    0xbc, 0xd8, 0xa3, 0x2e, 0xcd, 0x30, 0x94, 0xba, 0x33, 0xe2, 0x3d, 0xe7, 0x0d, 0xca, 0x83, 0xd8,
+    0x67, 0x05, 0x8e, 0xd0, 0xdc, 0x80, 0xa7, 0x77, 0x88, 0xb5, 0x19, 0xad, 0x99, 0x75, 0xcf, 0x05,
+    0x51, 0x81, 0x31, 0x22, 0x1d, 0xe5, 0x27, 0x05, 0xcf, 0x98, 0xea, 0xe6, 0x0f, 0xee, 0x36, 0x81,
+    0x99, 0x58, 0x05, 0xe2, 0x83, 0x2b, 0x46, 0xa4, 0xd4, 0x34, 0x04, 0xf6, 0x2f, 0xeb, 0x37, 0x58,
+    0xff, 0x25, 0x46, 0xe3, 0x2e, 0xf6, 0x72, 0x91, 0xc1, 0x61, 0x86, 0x38, 0x70, 0xec, 0xe2, 0x25,
+    0x5b, 0x37, 0xcf, 0x04, 0xf1, 0xf2, 0xd0, 0xd4, 0x54, 0x97, 0x4d, 0xbe, 0xbf, 0x1c, 0xd2, 0x37,
+    0xd1, 0x6b, 0xd3, 0xd8, 0xfd, 0xa7, 0xc4, 0x1c, 0x20, 0x58, 0x83, 0x12, 0x24, 0x4d, 0xa8, 0x6b,
+    0x1b, 0x42, 0xbe, 0x79, 0x81, 0xd3, 0x40, 0x39, 0xc2, 0xf7, 0x98, 0xc4, 0x4b, 0xac, 0x9d, 0x42,
+    0x76, 0xf1, 0xce, 0x8f, 0xb1, 0x44, 0x10, 0x9f, 0xd1, 0x4d, 0x26, 0x31, 0x62, 0x2b, 0xb6, 0xf1,
+    0x64, 0x8d, 0x1a, 0x60, 0x4f, 0x67, 0xd1, 0xb1, 0xec, 0x56, 0x77, 0x08, 0x10, 0xe3, 0xe1, 0x8d,
+    0x29, 0xe5, 0xb3, 0x49, 0x47, 0x01, 0xc9, 0x80, 0xb4, 0xdc, 0x42, 0xc0, 0x43, 0x3c, 0x0c, 0xe5,
+    0x59, 0xc7, 0x96, 0x65, 0x13, 0x48, 0x35, 0x50, 0xad, 0x94, 0xb8, 0x78, 0xf0, 0xf8, 0xe6, 0xc7,
+    0x68, 0xe8, 0x0f, 0xe5, 0x46, 0x7d, 0xca, 0x2f, 0xbf, 0x5c, 0x0c, 0xd9, 0x71, 0xfe, 0x59, 0xe8,
+    0x39, 0x69, 0x3e, 0xc7, 0x5b, 0x98, 0xed, 0x2a, 0x70, 0xc4, 0xe6, 0x3f, 0x7e, 0x10, 0x6f, 0x69,
+    0x94, 0x45, 0xdd, 0xb6, 0xfb, 0x6c, 0xce, 0x78, 0x1a, 0xde, 0xe4, 0x44, 0x88, 0x84, 0x95, 0x45,
+    0x4b, 0xbb, 0x42, 0x8a, 0xed, 0x6b, 0xf4, 0x7e, 0x90, 0x8f, 0xe9, 0x41, 0x82, 0x30, 0xb1, 0xbb,
+    0x07, 0xab, 0x26, 0x72, 0x94, 0x50, 0x7f, 0x0d, 0x55, 0xe5, 0x47, 0xea, 0x17, 0x9d, 0x46, 0xab,
+    0x71, 0x5a, 0xe8, 0xfd, 0x25, 0x14, 0x6f, 0x92, 0x84, 0xa8, 0x61, 0xdb, 0x75, 0xb6, 0xf0, 0x5a,
+    0x2b, 0x15, 0xea, 0x28, 0xa5, 0xbb, 0x2c, 0x04, 0x4d, 0xdf, 0xb7, 0x06, 0x0c, 0xd8, 0x38, 0x15,
+    0x26, 0x08, 0x32, 0x7c, 0xdd, 0xfc, 0xa4, 0xd8, 0x83, 0x35, 0x57, 0xb4, 0xab, 0xb7, 0x9a, 0x08,
+    0x20, 0xdb, 0xd9, 0xdf, 0x38, 0xf1, 0x48, 0x97, 0x4b, 0x30, 0x8b, 0x3d, 0x7a, 0x58, 0xc6, 0xdb,
+    0xfa, 0x7e, 0x39, 0xf0, 0x58, 0x1c, 0xe8, 0x18, 0x6d, 0x87, 0x34, 0x14, 0x28, 0x95, 0x90, 0x7e,
+    0x49, 0x4b, 0x1b, 0xeb, 0x0f, 0xd1, 0x11, 0xfa, 0x69, 0x8c, 0x1c, 0x87, 0xcd, 0xd4, 0x85, 0x4b,
+    0x22, 0x2b, 0x80, 0xbe, 0xda, 0x4b, 0xad, 0x13, 0xb2, 0x33, 0x7e, 0xfb, 0x35, 0xbc, 0xf2, 0x2b,
+    0xa6, 0xe2, 0xd0, 0x86, 0x3d, 0xbe, 0x47, 0xc1, 0x6c, 0xf5, 0x3e, 0x40, 0x80, 0x14, 0x04, 0xe2,
+    0xcd, 0x82, 0x4b, 0xd3, 0xe8, 0x24, 0xfb, 0x28, 0xb7, 0x4a, 0x5c, 0x3c, 0x78, 0x7c, 0x73, 0x82,
+    0x8c, 0x8f, 0xf7, 0x7f, 0xe9, 0x58, 0xf8, 0x87, 0xbc, 0xca, 0x12, 0x25, 0x4a, 0xbe, 0x26, 0x8f,
+    0xd7, 0xb8, 0x38, 0x7b, 0x18, 0xaa, 0x28, 0x53, 0xe8, 0x5d, 0x5f, 0x9b, 0xf5, 0xa2, 0xf4, 0xb8,
+    0x46, 0xa6, 0x9a, 0xde, 0x95, 0x2c, 0x7c, 0xa2, 0x5e, 0x65, 0x09, 0xf3, 0x25, 0x5f, 0x13, 0xa6,
+    0x88, 0xac, 0x45, 0xbd, 0xee, 0xef, 0xf1, 0x4c, 0x8d, 0xcc, 0x3b, 0x6a, 0xd4, 0xb5, 0x4e, 0xac,
+    0x44, 0x56, 0xc3, 0xbf, 0x77, 0x96, 0x99, 0x26, 0xa7, 0x66, 0xfc, 0x35, 0x6a, 0xbb, 0x27, 0x56,
+    0xc2, 0x6f, 0xca, 0xe6, 0x72, 0xd9, 0x96, 0x70, 0x80, 0xa3, 0x49, 0x48, 0x90, 0xf7, 0xe5, 0x6f,
+    0x93, 0xee, 0xfb, 0xc4, 0x6f, 0x3c, 0xb1, 0x75, 0x4f, 0x3b, 0xa3, 0xae, 0x9f, 0x19, 0xd3, 0xee,
+    0xf6, 0x1b, 0x2c, 0x75, 0x51, 0x06, 0xf3, 0x86, 0x3e, 0x8d, 0x4f, 0xc5, 0x49, 0x88, 0x28, 0x1b,
+    0x09, 0x3e, 0x6a, 0x96, 0x7f, 0xf0, 0x81, 0x17, 0xff, 0xec, 0xc9, 0xfd, 0x39, 0x64, 0xca, 0x3e,
+    0xa4, 0x12, 0x89, 0xe7, 0xdf, 0x04, 0xa2, 0x45, 0x95, 0xf6, 0xcb, 0x86, 0xcf, 0xf0, 0x30, 0x12,
+    0xe9, 0x7a, 0x20, 0xce, 0xd7, 0x62, 0xba, 0x74, 0xcd, 0x7c, 0xfe, 0x4e, 0x9c, 0x2f, 0xdd, 0x7a,
+    0x2a, 0x6d, 0x27, 0xf9, 0xd4, 0xe6, 0xbf, 0x46, 0xd0, 0x3f, 0x2c, 0x65, 0xca, 0xaa, 0x22, 0x6d,
+    0x54, 0xda, 0x4e, 0x31, 0x6b, 0x0f, 0xbd, 0x8c, 0x63, 0x7e, 0x58, 0xca, 0x57, 0x97, 0x44, 0xda,
+    0xa2, 0xc1, 0x62, 0x44, 0x3a, 0x09, 0x4e, 0x0a, 0x5d, 0xf3, 0x17, 0x0f, 0x1e, 0x1f, 0x6c, 0xc1,
+    0xf7, 0x63, 0xe1, 0xa4, 0x20, 0x5b, 0x60, 0xc4, 0xa3, 0x6d, 0xd4, 0xa6, 0x8f, 0xfa, 0x32, 0x63,
+    0xcf, 0x72, 0x12, 0xb2, 0x0a, 0x9e, 0x1e, 0xac, 0x4e, 0x49, 0xa9, 0xfa, 0x37, 0x98, 0x47, 0x72,
+    0xaf, 0xdc, 0xba, 0x10, 0x42, 0x4e, 0xc6, 0xd6, 0x93, 0x19, 0xf7, 0xbd, 0xb9, 0x70, 0xce, 0xdc,
+    0xfd, 0xd5, 0x1f, 0x82, 0xcc, 0x4c, 0x97, 0x15, 0x38, 0x62, 0x73, 0xfe, 0x3f, 0x08, 0xd6, 0xd5,
+    0xce, 0x0a, 0xdf, 0x63, 0x7b, 0xc3, 0x8d, 0xee, 0xd3, 0xa9, 0x32, 0x99, 0xf1, 0xea, 0x5d, 0x0a,
+    0x13, 0x04, 0x19, 0x3e, 0x8f, 0x7e, 0x52, 0x6c, 0xa0, 0xfb, 0xca, 0x5a, 0xb4, 0xba, 0x4d, 0x04,
+    0xe3, 0xcc, 0xde, 0xe8, 0x3b, 0x75, 0x4d, 0xa5, 0x56, 0x73, 0x59, 0x16, 0x2c, 0xdd, 0x39, 0xcc,
+    0x8b, 0x24, 0xd1, 0x0d, 0x7d, 0x08, 0x87, 0x8a, 0xe9, 0x2f, 0x55, 0xcf, 0x5d, 0x23, 0x60, 0x24,
+    0x7e, 0xb7, 0x69, 0xc8, 0xbf, 0xe9, 0x02, 0xca, 0xb3, 0x41, 0x74, 0xaf, 0x9d, 0x3d, 0x66, 0xb7,
+    0xed, 0x59, 0x92, 0x0c, 0xd0, 0xd5, 0xb3, 0xbf, 0xfc, 0x7a, 0xd7, 0x01, 0x02, 0x24, 0xb5, 0x59,
+    0xe5, 0x1f, 0x35, 0x4b, 0xde, 0x78, 0xa1, 0xea, 0x9e, 0x76, 0x85, 0x9f, 0xfd, 0x32, 0x65, 0x1f,
+    0xb8, 0xfb, 0x11, 0xec, 0xca, 0x87, 0x9d, 0x71, 0x02, 0xe4, 0x14, 0xa8, 0x93, 0xc1, 0xeb, 0xfb,
+    0x7d, 0x3f, 0xfd, 0x78, 0x2c, 0x0e, 0x74, 0x0c, 0xd7, 0xa2, 0x1a, 0x0a, 0x14, 0xab, 0x48, 0x3f,
+    0x96, 0xb5, 0x84, 0xd7, 0x19, 0xd6, 0x2b, 0xfc, 0xe3, 0xdd, 0x11, 0x82, 0xc7, 0x60, 0xa1, 0xb5,
+    0x05, 0x5b, 0x7f, 0x13, 0x76, 0xea, 0x9a, 0x89, 0xac, 0xe6, 0xb2, 0x2c, 0x58, 0x79, 0x72, 0x5b,
+    0x18, 0xca, 0x2a, 0xc9, 0x12, 0x34, 0x36, 0xff, 0xa6, 0x14, 0xf6, 0x61, 0xc2, 0x3a, 0xb3, 0xca,
+    0x87, 0x41, 0xc4, 0x88, 0x74, 0x12, 0x9c, 0x14, 0xba, 0x25, 0x2e, 0x1e, 0x3c, 0x3e, 0xd8, 0x41,
+    0x6b, 0x60, 0x9b, 0x55, 0xd5, 0x9a, 0xbc, 0xe9, 0xdb, 0xbf, 0x62, 0x7c, 0xf8, 0x68, 0x77, 0x60,
+    0xd4, 0x30, 0xac, 0xcb, 0x8b, 0x4d, 0x5e, 0x95, 0x8c, 0xbe, 0x31, 0x3e, 0x7c, 0x34, 0xda, 0x30,
+    0x04, 0x23, 0xb2, 0xc2, 0x07, 0xb7, 0x09, 0xcb, 0x31, 0x06, 0x29, 0x4f, 0x9e, 0x0b, 0x68, 0x23,
+    0xbb, 0x73, 0x85, 0x5c, 0x59, 0x60, 0xeb, 0xb7, 0x66, 0x07, 0x7a, 0x0d, 0x1a, 0x57, 0xc5, 0x73,
+    0x37, 0xfc, 0x72, 0x23, 0xb0, 0x38, 0x13, 0x30, 0xda, 0xcd, 0x68, 0x28, 0x50, 0xe9, 0xe3, 0xfc,
+    0xd3, 0x9b, 0x8a, 0xb9, 0x1f, 0x1d, 0x21, 0x98, 0xd9, 0x5b, 0x76, 0xd4, 0x6b, 0xa9, 0x9c, 0x9b,
+    0x9b, 0xa8, 0x5c, 0x83, 0x61, 0x91, 0xa3, 0x20, 0x2d, 0x37, 0xf1, 0x30, 0x60, 0x0f, 0x03, 0xa8,
+    0x55, 0xa2, 0x83, 0xe0, 0x1a, 0x52, 0x2e, 0xce, 0xfe, 0x9e, 0xc3, 0xa9, 0x91, 0xe5, 0x5e, 0xa2,
+    0x3a, 0xe1, 0xaa, 0x77, 0xc8, 0x7f, 0x9b, 0xec, 0x14, 0x27, 0x88, 0x9a, 0xf7, 0x86, 0x41, 0xe1,
+    0xc4, 0xbc, 0x21, 0x45, 0x97, 0xd4, 0x7a, 0x3f, 0x48, 0xa6, 0x95, 0xc1, 0x41, 0x18, 0xb9, 0xbc,
+    0x9e, 0xf3, 0x23, 0x90, 0x17, 0x7b, 0x39, 0xa9, 0x81, 0xd1, 0x43, 0x1c, 0x38, 0x76, 0x71, 0xf3,
+    0xa1, 0x49, 0xf6, 0xf4, 0xa9, 0xee, 0x38, 0xcc, 0x39, 0x10, 0x79, 0xaa, 0x97, 0x89, 0x42, 0x49,
+    0x81, 0x92, 0x2f, 0x2b, 0x91, 0x1f, 0x70, 0x5b, 0x72, 0x20, 0xf2, 0x97, 0xed, 0xd1, 0x84, 0x92,
+    0x89, 0xd4, 0x88, 0x6c, 0x9f, 0xb2, 0x62, 0x0e, 0x10, 0x2c, 0xa0, 0x09, 0x12, 0xc7, 0x54, 0xd4,
+    0x14, 0xaf, 0x3f, 0x4c, 0x1b, 0x2e, 0x2d, 0x61, 0xf5, 0x1e, 0x8d, 0xb0, 0xa3, 0x27, 0x0b, 0xaf,
+    0xb9, 0x83, 0xdc, 0x3d, 0xbb, 0xda, 0x0e, 0x33, 0x9f, 0x04, 0x8f, 0xcb, 0x55, 0xb3, 0xf1, 0x83,
+    0xac, 0x54, 0x2e, 0xa0, 0xd1, 0xa9, 0xb0, 0x10, 0xf7, 0xfa, 0x99, 0x18, 0x30, 0xe6, 0xe0, 0x54,
+    0x8f, 0x07, 0x63, 0xcf, 0x7a, 0xbf, 0x8e, 0x41, 0xd8, 0x29, 0x7c, 0x80, 0xc3, 0x28, 0x08, 0x07,
+    0xf0, 0xc8, 0xc7, 0xd6, 0xb4, 0x0b, 0x1f, 0xc9, 0xf6, 0x88, 0x93, 0x4c, 0x98, 0x67, 0x74, 0xc8,
+    0xfe, 0x5d, 0x8b, 0x32, 0x5f, 0xab, 0xe1, 0xd3, 0x5c, 0x81, 0x1d, 0x5b, 0xb6, 0x9e, 0xf8, 0x5d,
+    0x01, 0x78, 0xcd, 0xd1, 0x71, 0x5d, 0x93, 0x42, 0x9d, 0xe0, 0x9b, 0x63, 0xc6, 0x72, 0x1a, 0x78,
+    0x08, 0x46, 0xa7, 0x47, 0x0e, 0xad, 0x12, 0x55, 0x62, 0x0c, 0x52, 0x9e, 0xff, 0x16, 0xd0, 0x46,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x0d, 0x1d, 0xd8, 0x54, 0x78, 0x47, 0x88, 0xdc, 0xce, 0xea, 0xe0, 0xb2, 0xa7, 0x6f, 0xa2, 0x1d,
+    0x30, 0x57, 0x54, 0x51, 0x24, 0x68, 0x6c, 0x3d, 0x8f, 0x28, 0x2f, 0xc2, 0x47, 0x74, 0xa5, 0x57,
+    0x2d, 0xc6, 0x01, 0x8b, 0x40, 0xb6, 0xc0, 0x4b, 0x85, 0xda, 0x6b, 0x8f, 0xdd, 0x37, 0x64, 0xc6,
+    0x1f, 0x61, 0x0c, 0xbb, 0x86, 0x64, 0x49, 0xf2, 0xf3, 0xf1, 0xb1, 0x8b, 0xd5, 0xa7, 0xf5, 0x61,
+    0x35, 0x0c, 0x2b, 0x42, 0x52, 0x82, 0xf6, 0xb4, 0x23, 0xce, 0x9d, 0xee, 0x1f, 0x0d, 0xd7, 0x0c,
+    0xd9, 0x2d, 0x74, 0x9f, 0xf3, 0x0a, 0xd6, 0x49, 0x42, 0x54, 0xd1, 0x8c, 0xdb, 0x5b, 0x78, 0x2d,
+    0xdb, 0xdd, 0x2d, 0xfe, 0x11, 0xb0, 0x33, 0xcd, 0xbb, 0x57, 0x24, 0x4a, 0x94, 0xbf, 0x4c, 0xdd,
+    0xba, 0x0b, 0x48, 0x8d, 0x28, 0x3d, 0x78, 0xf5, 0xfb, 0xe7, 0xe1, 0x6e, 0xdc, 0x25, 0xdf, 0x0b,
+    0x3d, 0x4a, 0x8c, 0x05, 0x5c, 0x2f, 0xe4, 0xe1, 0x41, 0xc2, 0xcf, 0x70, 0xe0, 0x1b, 0x07, 0x4a,
+    0x8d, 0xf7, 0x3a, 0xae, 0x98, 0x05, 0x6b, 0xc5, 0x21, 0x2a, 0x89, 0x46, 0x8c, 0xcc, 0x3c, 0xf7,
+    0x36, 0x84, 0xbf, 0xf2, 0xc1, 0x65, 0x80, 0x72, 0x47, 0x2d, 0xf3, 0x4b, 0x96, 0x9b, 0xf9, 0x84,
+    0xa8, 0x77, 0x9c, 0x62, 0xd6, 0x1e, 0xb9, 0xdb, 0xc6, 0xfc, 0xb0, 0x57, 0xae, 0xed, 0x88, 0x77,
+    0xc3, 0x17, 0x07, 0x37, 0x03, 0x84, 0x05, 0x32, 0x1d, 0x43, 0xd2, 0x2b, 0x56, 0x85, 0xff, 0x17,
+    0x4d, 0x68, 0xa9, 0x29, 0x08, 0x66, 0x18, 0x31, 0x58, 0x8a, 0x35, 0xc8, 0x53, 0xdf, 0xed, 0x68,
+    0xa5, 0x6a, 0x44, 0x36, 0xae, 0x59, 0x31, 0x07, 0x08, 0x16, 0x50, 0xe5, 0x09, 0x82, 0x2a, 0x6a,
+    0x1d, 0x91, 0x55, 0xda, 0x64, 0xde, 0xac, 0x76, 0x0a, 0xf2, 0x44, 0x4d, 0x9a, 0x43, 0xc1, 0x91,
+    0x3c, 0x32, 0x41, 0xd4, 0x2d, 0x72, 0x77, 0xa3, 0xdc, 0x22, 0x54, 0x13, 0x26, 0x69, 0x1d, 0x32,
+    0xef, 0xa9, 0xcb, 0x6d, 0x32, 0x6f, 0x56, 0x3b, 0x05, 0x79, 0x22, 0xc7, 0x4d, 0xc0, 0x81, 0xa9,
+    0x45, 0x2e, 0x0e, 0x6e, 0x06, 0xcb, 0x0a, 0x64, 0x3a, 0x86, 0x67, 0x56, 0xac, 0xc9, 0x3d, 0x2e,
+    0xaa, 0x87, 0xc5, 0x03, 0x34, 0xa4, 0x5c, 0x5f, 0x3f, 0xff, 0x45, 0x91, 0xe1, 0x09, 0xbc, 0x87,
+    0x7c, 0x47, 0x30, 0xa9, 0x5d, 0x53, 0xe7, 0x4e, 0x4a, 0x42, 0x81, 0x69, 0xd2, 0xd9, 0x52, 0x47,
+    0x9d, 0x7b, 0xb7, 0x20, 0x84, 0x9c, 0x4f, 0x6f, 0xe5, 0x32, 0x2d, 0xb9, 0xb1, 0xe0, 0x5f, 0x7b,
+    0x2c, 0xbe, 0xcc, 0x5a, 0x31, 0xeb, 0x53, 0x09, 0x18, 0x3a, 0xf0, 0xec, 0x1b, 0x45, 0x7e, 0xbe,
+    0x16, 0x5f, 0x66, 0x2d, 0xf9, 0x94, 0xc8, 0xe5, 0x0c, 0x1d, 0x78, 0x76, 0xec, 0xc3, 0x3f, 0x5f,
+    0x03, 0x88, 0x94, 0xb0, 0x93, 0xe7, 0x76, 0xc6, 0x64, 0xe3, 0x6e, 0xa5, 0x89, 0x96, 0x2e, 0x88,
+    0x5e, 0x6c, 0xb0, 0x17, 0x87, 0x18, 0x4a, 0x5d, 0xf8, 0x71, 0xff, 0x92, 0xe7, 0x65, 0xa0, 0x6c,
+    0x4e, 0xe0, 0x3d, 0x99, 0x9b, 0x81, 0x6e, 0xf7, 0x3c, 0x69, 0x5b, 0x6d, 0xda, 0x49, 0xc3, 0xe0,
+    0xcb, 0x51, 0xa0, 0x70, 0x0d, 0x29, 0x17, 0x67, 0x7f, 0x4f, 0x80, 0xb5, 0xa9, 0x93, 0x2f, 0x51,
+    0x3e, 0xc2, 0x18, 0xb5, 0xcf, 0xc8, 0x92, 0x27, 0x25, 0x21, 0xa1, 0xd5, 0x69, 0x8d, 0x29, 0xc2,
+    0x15, 0xd7, 0xf2, 0x9d, 0x6a, 0x73, 0xbe, 0x23, 0x68, 0xfe, 0x16, 0xd3, 0x65, 0x55, 0x11, 0xd7,
+    0xfc, 0xad, 0xd2, 0x53, 0xbd, 0x11, 0x04, 0x57, 0xa5, 0x82, 0xe8, 0x9d, 0xf9, 0x7a, 0xcc, 0xad,
+    0xae, 0xa4, 0x77, 0xc1, 0x33, 0x13, 0x55, 0x94, 0x0e, 0xf9, 0x6c, 0xde, 0x7f, 0x02, 0xd4, 0xa4,
+    0x63, 0x26, 0x3c, 0x12, 0xdb, 0x37, 0xae, 0xbc, 0xb9, 0xb3, 0x30, 0xe2, 0x07, 0x7e, 0xa7, 0x26,
+    0x0e, 0x95, 0x4c, 0xe4, 0xeb, 0xa0, 0xfe, 0x1a, 0xaa, 0x09, 0x8e, 0x17, 0x2e, 0xf9, 0x8c, 0x95,
+    0x7f, 0xcf, 0xa4, 0x19, 0xce, 0xb4, 0x91, 0x88, 0x2e, 0xa1, 0xef, 0xcc, 0x5b, 0x4f, 0x7c, 0xcf,
+    0x31, 0x2f, 0x99, 0x80, 0x55, 0x35, 0xff, 0x7f, 0x12, 0xc8, 0xb4, 0xa1, 0x81, 0x06, 0xbf, 0x2f,
+    0xdf, 0xfe, 0x9f, 0x3c, 0x16, 0x07, 0x3a, 0x06, 0x8a, 0x51, 0x0d, 0x05, 0x0a, 0xb4, 0x24, 0xfe,
+    0xf1, 0xb0, 0x0a, 0x07, 0xc5, 0x56, 0x8c, 0x8b, 0x6b, 0x68, 0x08, 0x2f, 0x5e, 0x15, 0x6e, 0xb0,
+    0x60, 0xae, 0xa8, 0xa2, 0x48, 0xd0, 0xd8, 0x7a, 0xdd, 0x50, 0x5e, 0x47, 0x8e, 0xe8, 0x89, 0xae,
+    0x79, 0x1c, 0x4f, 0xba, 0x2b, 0xb9, 0x7d, 0xc7, 0xe6, 0xa4, 0x33, 0x45, 0x8a, 0xa0, 0x20, 0x1c,
+    0x9a, 0xd0, 0x91, 0x52, 0x10, 0xcc, 0x30, 0x62, 0xb0, 0xd7, 0x6a, 0x53, 0xa6, 0x7d, 0x19, 0xd0,
+    0xf8, 0x8e, 0x60, 0x91, 0xba, 0xa6, 0x0d, 0x9c, 0x94, 0x84, 0xc1, 0xd2, 0x67, 0x71, 0xa4, 0x8e,
+    0x4c, 0x10, 0x64, 0xf8, 0x79, 0x3b, 0x8b, 0x73, 0xc5, 0x6a, 0xae, 0xab, 0x95, 0xad, 0xf7, 0x10,
+    0xb5, 0xe6, 0xc9, 0xb8, 0xb2, 0xc0, 0x15, 0xad, 0xcc, 0x0e, 0xf4, 0x1a, 0x34, 0xae, 0x49, 0xe6,
+    0x41, 0x0d, 0xbc, 0xac, 0x01, 0x7c, 0x03, 0xaf, 0x0b, 0x80, 0x4e, 0x19, 0x32, 0xc2, 0x55, 0x0d,
+    0xc7, 0x34, 0xb5, 0xf5, 0x04, 0x33, 0x0c, 0xf9, 0x2c, 0x45, 0xfb, 0x64, 0xc8, 0x8e, 0x97, 0x34,
+    0x7a, 0x94, 0xdb, 0x0a, 0xb8, 0x5e, 0x0b, 0x01, 0x82, 0x47, 0x5d, 0xe0, 0x03, 0x36, 0x0e, 0x94,
+    0x7b, 0xec, 0x16, 0xdb, 0xc9, 0x03, 0x98, 0x43, 0x1f, 0xa7, 0xc6, 0x83, 0xc5, 0x44, 0x14, 0xec,
+    0x0a, 0xb6, 0xfe, 0x26, 0xec, 0x17, 0xf7, 0xd1, 0x9b, 0x0f, 0xa7, 0x58, 0xb0, 0xf2, 0xe4, 0xb6,
+    0xdc, 0x76, 0x0b, 0x8c, 0x85, 0xe0, 0x4c, 0xc0, 0xee, 0xb2, 0x63, 0xa0, 0x83, 0x22, 0x0a, 0x76,
+    0xdd, 0x0e, 0xc6, 0x5d, 0xf4, 0xbd, 0xdf, 0x82, 0x73, 0x52, 0xf8, 0xc3, 0x45, 0x50, 0x10, 0x0e,
+    0xea, 0xf2, 0xb4, 0x7e, 0x44, 0x85, 0xcc, 0xb2, 0xa9, 0x9f, 0x90, 0xeb, 0x15, 0xb9, 0xf3, 0xf2,
+    0x78, 0x64, 0x82, 0x6b, 0x5a, 0xe4, 0xee, 0x85, 0x7b, 0x44, 0xa8, 0x26, 0x4c, 0xd2, 0x3a, 0x64,
+    0xbe, 0x28, 0xfa, 0x4f, 0x2f, 0x8a, 0x71, 0x3e, 0xca, 0xe1, 0xc8, 0x21, 0x42, 0x2e, 0xb7, 0x28,
+    0x86, 0x39, 0x09, 0x59, 0x05, 0x4f, 0x0f, 0x56, 0x27, 0xc5, 0xb5, 0x7d, 0xfa, 0x4c, 0xc2, 0x39,
+    0xe1, 0x3c, 0x87, 0x89, 0xd9, 0xcf, 0xa8, 0x21, 0xaf, 0x70, 0xac, 0xd0, 0x63, 0x39, 0x0d, 0x3c,
+    0x97, 0xcd, 0x49, 0x06, 0x68, 0x8b, 0xb8, 0xbe, 0x7e, 0x3d, 0x8a, 0xe1, 0x01, 0x12, 0xbb, 0xcd,
+    0x66, 0x7d, 0x43, 0x01, 0xad, 0xdd, 0x34, 0x35, 0x15, 0x55, 0x82, 0xce, 0x5f, 0x07, 0xd5, 0x7d,
+    0xeb, 0x8a, 0x79, 0xaf, 0x35, 0xd8, 0x5f, 0xf0, 0x34, 0x7f, 0x0b, 0x88, 0xd3, 0xcb, 0xe9, 0x8a,
+    0xf2, 0x38, 0x9e, 0xb7, 0x56, 0xb1, 0xfa, 0x4d, 0x0f, 0x8b, 0x66, 0x8a, 0xd7, 0x83, 0x40, 0x38,
+    0xb0, 0xbd, 0xb6, 0xab, 0xc4, 0x2a, 0x8f, 0x24, 0x60, 0xe8, 0x46, 0x36, 0x6c, 0xd7, 0x3b, 0xbd,
+    0xe4, 0x67, 0xf8, 0x9a, 0xaf, 0x25, 0x32, 0xa8, 0x03, 0x96, 0x1e, 0xfc, 0x3b, 0x40, 0x7f, 0x67,
+    0x1c, 0xe9, 0x98, 0x0b, 0x15, 0x83, 0x3f, 0x34, 0x97, 0x12, 0xdf, 0x2e, 0x5c, 0x31, 0xdb, 0xe9,
+    0xca, 0x29, 0x6d, 0xa1, 0x7c, 0x74, 0x84, 0x25, 0xe2, 0xaf, 0x1b, 0xd6, 0x6f, 0xe1, 0x35, 0x29,
+    0xd2, 0xe3, 0x47, 0x68, 0x6e, 0x40, 0xb2, 0xda, 0x44, 0xbb, 0xed, 0xb7, 0xad, 0xdb, 0x86, 0xe3,
+    0xa0, 0x31, 0x3b, 0x25, 0xd8, 0xb3, 0xab, 0x8e, 0xa4, 0xf0, 0xe2, 0xc9, 0x51, 0xfb, 0x58, 0x31,
+    0x1e, 0x19, 0xc1, 0x6a, 0xf7, 0x39, 0xda, 0xb0, 0x6e, 0x11, 0x2a, 0xe8, 0x13, 0xd5, 0xef, 0x19,
+    0x9f, 0x8b, 0xee, 0x41, 0x66, 0x26, 0xaa, 0xeb, 0x1c, 0x31, 0xd8, 0x7f, 0xfe, 0x04, 0x6b, 0x8b,
+    0x56, 0x2a, 0x17, 0x50, 0x89, 0xb5, 0x58, 0x08, 0x9a, 0x7d, 0xad, 0x0c, 0x18, 0x73, 0x70, 0x2a,
+    0xab, 0xff, 0x08, 0xd2, 0x45, 0xf9, 0xcf, 0x1d, 0xa2, 0x1f, 0xde, 0xf2, 0x27, 0x7b, 0xa6, 0xff,
+    0xc9, 0xa1, 0xf9, 0x11, 0xef, 0x93, 0xf2, 0xe3, 0x86, 0x4c, 0x75, 0x73, 0xe6, 0x77, 0x1b, 0xa1,
+    0x69, 0x90, 0xc2, 0x34, 0x37, 0x20, 0x59, 0x6d, 0x22, 0xbc, 0x97, 0xba, 0xb7, 0x8c, 0x43, 0x90,
+    0x91, 0x1e, 0xa2, 0xa5, 0x8d, 0x86, 0x54, 0xf1, 0xb6, 0x38, 0x56, 0x68, 0xd0, 0xfd, 0xe7, 0x1e,
+    0x72, 0xd2, 0x7c, 0x4d, 0xb6, 0xf3, 0x19, 0x54, 0xe0, 0x4b, 0x0f, 0x7e, 0xfc, 0x20, 0xde, 0xd2,
+    0x53, 0x71, 0x68, 0x43, 0xff, 0x5f, 0xc2, 0x81, 0x36, 0x9b, 0x1f, 0x20, 0x40, 0x0a, 0x02, 0x71,
+    0x17, 0x27, 0xab, 0xfc, 0x88, 0xc9, 0x5b, 0xa7, 0x91, 0xfd, 0xe3, 0x15, 0x2a, 0xb1, 0x25, 0x27,
+    0x4f, 0x98, 0xf0, 0x48, 0xea, 0xdc, 0xfd, 0xb5, 0xa1, 0x89, 0xc0, 0x0e, 0x1c, 0x3b, 0xd9, 0x98,
+    0x58, 0xbf, 0x5b, 0xb4, 0x62, 0x15, 0xa6, 0x12, 0x30, 0x74, 0x23, 0x1b, 0x36, 0x8a, 0xfc, 0xbf,
+    0x02, 0xf0, 0x59, 0x61, 0xe2, 0xba, 0xe5, 0x84, 0xf9, 0x03, 0xf5, 0xc6, 0x4f, 0xe4, 0x34, 0xf0,
+    0x65, 0xf5, 0xd7, 0xb1, 0x3e, 0x3a, 0x42, 0xf3, 0x71, 0xb6, 0xec, 0x6b, 0xd6, 0x91, 0xfb, 0xf5,
+    0x70, 0x22, 0x25, 0x2c, 0x54, 0x49, 0xfc, 0xd0, 0x19, 0x48, 0xfa, 0xb8, 0xb3, 0xc4, 0xea, 0x22,
+    0x3f, 0xba, 0xd5, 0x64, 0xbe, 0x95, 0x01, 0x65, 0xb8, 0xc1, 0x3a, 0xb6, 0xaf, 0xff, 0x33, 0xba,
+    0x33, 0xdf, 0xc0, 0xe1, 0xb7, 0x8f, 0x1a, 0xfb, 0xeb, 0xcb, 0x41, 0x67, 0xce, 0xe2, 0x8b, 0xdf,
+    0x28, 0x9d, 0x7e, 0x98, 0x36, 0x5c, 0x5a, 0xc2, 0x29, 0x3c, 0xd9, 0xa3, 0x85, 0x4e, 0x16, 0x9d,
+    0xc5, 0xc4, 0xec, 0x94, 0xe6, 0x89, 0xe9, 0x7d, 0xd5, 0x46, 0x0e, 0xa2, 0x87, 0x6a, 0xa3, 0xc4,
+    0xcc, 0xfa, 0x86, 0x02, 0x99, 0x79, 0x68, 0x6a, 0x2a, 0xaa, 0xc7, 0x5f, 0xbe, 0x0e, 0x69, 0xfa,
+    0xad, 0x2c, 0xe3, 0x71, 0xa0, 0xf4, 0x23, 0x52, 0x6a, 0x1a, 0x02, 0x7b, 0xf6, 0x94, 0xfa, 0x2c,
+    0x34, 0x74, 0xe6, 0x93, 0x23, 0xdf, 0x65, 0xf6, 0xbe, 0x2e, 0x06, 0x8d, 0xd9, 0x7f, 0xcd, 0x74,
+    0x95, 0x3d, 0x10, 0x67, 0x8a, 0x31, 0x5d, 0x3a, 0x87, 0x3e, 0x7f, 0x27, 0x4e, 0xf6, 0x8f, 0x3d,
+    0x83, 0x62, 0x76, 0x4a, 0x73, 0xa5, 0x95, 0xdf, 0x8b, 0x23, 0x07, 0x51, 0xa2, 0x35, 0xb0, 0x62,
+  },
+  { /* 2 */
+    0x37, 0xf9, 0x69, 0x1b, 0x71, 0x18, 0x61, 0xcd, 0x69, 0x19, 0x54, 0xd6, 0xaf, 0xcb, 0x37, 0x52,
+    0x93, 0x8b, 0x03, 0xf8, 0xd8, 0xdb, 0x4a, 0x3b, 0x03, 0x7b, 0x5a, 0xc3, 0x52, 0x7d, 0x93, 0x1c,
+    0xdb, 0x45, 0x63, 0x4e, 0xe4, 0x87, 0x1e, 0x57, 0x63, 0xc0, 0x4b, 0x19, 0x80, 0x06, 0xdb, 0x1a,
+    0x38, 0xfb, 0x20, 0xd3, 0x14, 0x34, 0x8d, 0x24, 0x20, 0x69, 0x0f, 0xf7, 0x4e, 0x29, 0x38, 0x02,
+    0x7f, 0x37, 0x09, 0xad, 0x4d, 0x44, 0x35, 0xa1, 0x09, 0xa2, 0x45, 0x0c, 0x7d, 0xb0, 0x7f, 0x54,
+    0xb6, 0xa0, 0x72, 0x2f, 0xa6, 0xd4, 0x3e, 0xed, 0x72, 0x3c, 0x9b, 0xc2, 0x28, 0xd8, 0xb6, 0xae,
+    0xa0, 0x81, 0xad, 0x96, 0xea, 0x47, 0x90, 0xf0, 0xad, 0x08, 0xae, 0x66, 0xb1, 0x91, 0xa0, 0xcf,
+    0xb7, 0xec, 0x33, 0xa3, 0xc6, 0xf5, 0x60, 0x0d, 0x33, 0xc7, 0xb3, 0xae, 0x3b, 0xa1, 0xb7, 0x1f,
+    0xb8, 0xee, 0x7a, 0x6b, 0xa3, 0xd9, 0x8c, 0xe4, 0x7a, 0xb7, 0xe8, 0x8f, 0xda, 0x43, 0xb8, 0x4f,
+    0xc5, 0x41, 0xf1, 0x1d, 0x2e, 0xdf, 0x05, 0x46, 0xf1, 0x20, 0xfd, 0x5b, 0x81, 0x01, 0xc5, 0xba,
+    0xcc, 0x28, 0xfd, 0x7b, 0xc8, 0x35, 0xee, 0xaa, 0xfd, 0x0f, 0x56, 0xd1, 0x0a, 0x36, 0xcc, 0xca,
+    0x54, 0x52, 0x70, 0x3e, 0x36, 0x46, 0xf3, 0x7e, 0x70, 0x6e, 0xf7, 0x40, 0xf5, 0x8e, 0x54, 0x07,
+    0x04, 0xf3, 0xc7, 0x75, 0x43, 0x84, 0xbb, 0x06, 0xc7, 0x6a, 0xa0, 0x73, 0x4c, 0x27, 0x04, 0x81,
+    0xb1, 0x87, 0x76, 0x0d, 0x45, 0x33, 0x67, 0x08, 0x76, 0x98, 0x43, 0x05, 0x51, 0x74, 0xb1, 0x3f,
+    0x13, 0x9e, 0x59, 0x40, 0x6f, 0x36, 0x4b, 0xfb, 0x59, 0xa5, 0xbd, 0xbb, 0xc6, 0x17, 0x13, 0x51,
+    0xb2, 0x53, 0xb5, 0x5a, 0xe5, 0x50, 0x85, 0xeb, 0xb5, 0x56, 0x3b, 0xb1, 0x64, 0xff, 0xb2, 0x2f,
+    0x1c, 0x9c, 0x10, 0x88, 0x0a, 0x1a, 0xa7, 0x12, 0x10, 0xd5, 0xe6, 0x9a, 0x27, 0xf5, 0x1c, 0x01,
+    0xa8, 0xa4, 0xe0, 0x7c, 0x6c, 0x8c, 0x25, 0xfc, 0xe0, 0xdc, 0x2d, 0x80, 0x29, 0xdf, 0xa8, 0x0e,
+    0x02, 0x98, 0x82, 0xdb, 0xc0, 0x42, 0xbc, 0x03, 0x82, 0x35, 0x50, 0xd8, 0x26, 0xf2, 0x02, 0xa1,
+    0x20, 0x94, 0xf7, 0x2e, 0x5d, 0xaa, 0x91, 0x30, 0xf7, 0xd6, 0x49, 0x1e, 0x25, 0xfb, 0x20, 0x82,
+    0xf5, 0x9f, 0x9c, 0x24, 0xbc, 0x20, 0x3d, 0x6e, 0x9c, 0x9d, 0x71, 0x4a, 0x57, 0x66, 0xf5, 0x79,
+    0x45, 0x54, 0xab, 0xa5, 0x99, 0x32, 0x04, 0x86, 0xab, 0xfe, 0x1a, 0x23, 0x15, 0x6b, 0x45, 0xf7,
+    0x3b, 0x2f, 0xe3, 0x84, 0xb4, 0x57, 0x6f, 0xc7, 0xe3, 0xa7, 0x77, 0x43, 0x7b, 0xa2, 0x3b, 0x12,
+    0x3f, 0xdc, 0x24, 0xf1, 0xf7, 0xd3, 0xd4, 0xc1, 0x24, 0xcd, 0xd7, 0x30, 0x37, 0x85, 0x3f, 0x93,
+    0xc3, 0x2a, 0xb4, 0xb3, 0xad, 0x19, 0x02, 0x43, 0xb4, 0x7f, 0x0d, 0xf0, 0xeb, 0xd4, 0xc3, 0x9a,
+    0x2f, 0x96, 0xbe, 0xe6, 0x38, 0x86, 0x7d, 0xd9, 0xbe, 0xa6, 0x12, 0x3f, 0xc4, 0x19, 0x2f, 0xd2,
+    0x76, 0x5e, 0x05, 0xcb, 0xab, 0xae, 0xde, 0x4d, 0x05, 0x8d, 0xee, 0x86, 0xf6, 0x87, 0x76, 0x24,
+    0x4b, 0x1a, 0xa3, 0xe1, 0x9c, 0x3f, 0xb6, 0x8f, 0xa3, 0x75, 0x69, 0x6e, 0xe7, 0xf0, 0x4b, 0x16,
+    0x5f, 0xa3, 0xfe, 0x83, 0x10, 0xee, 0xa4, 0x91, 0xfe, 0x74, 0x0c, 0x12, 0x58, 0x4b, 0x5f, 0xd6,
+    0x97, 0x78, 0xc4, 0x8d, 0x9b, 0x5f, 0xf1, 0x3d, 0xc4, 0x11, 0xfa, 0xb0, 0x1e, 0x5a, 0x97, 0x9d,
+    0x16, 0x21, 0xdf, 0xb9, 0x4c, 0x93, 0xae, 0x1d, 0xdf, 0x34, 0x35, 0xa4, 0x99, 0x49, 0x16, 0x61,
+    0xa2, 0x19, 0x2f, 0x4d, 0x2a, 0x05, 0x2c, 0xf3, 0x2f, 0x3d, 0xfe, 0xbe, 0x97, 0x63, 0xa2, 0x6e,
+    0x50, 0xa1, 0xb7, 0x4b, 0x75, 0xc2, 0x48, 0x78, 0xb7, 0x04, 0x57, 0x33, 0xb9, 0xa9, 0x50, 0x86,
+    0x6a, 0xc2, 0x15, 0x43, 0xa1, 0xb4, 0x79, 0x5f, 0x15, 0x58, 0x08, 0x1c, 0xd1, 0x72, 0x6a, 0x25,
+    0x0c, 0xd6, 0x8a, 0x9f, 0xc5, 0x4f, 0x0e, 0x0a, 0x8a, 0xbe, 0x23, 0x95, 0xd4, 0x69, 0x0c, 0x40,
+    0x71, 0x79, 0x01, 0xe9, 0x48, 0x49, 0x87, 0xa8, 0x01, 0x29, 0x36, 0x41, 0x8f, 0x2b, 0x71, 0xb5,
+    0xa6, 0xea, 0xe8, 0x38, 0x69, 0x81, 0x97, 0xf5, 0xe8, 0x57, 0x5e, 0xcd, 0xdb, 0x44, 0xa6, 0xef,
+    0x8a, 0xa8, 0x95, 0x89, 0xf1, 0x64, 0x08, 0xcf, 0x95, 0x3f, 0x34, 0x46, 0x2a, 0xd6, 0x8a, 0x2d,
+    0xe7, 0x4d, 0x84, 0xe8, 0xb3, 0x37, 0x28, 0x75, 0x84, 0xc3, 0xe4, 0x9d, 0x82, 0x08, 0xe7, 0x99,
+    0xec, 0xbc, 0x0a, 0x55, 0x95, 0x9f, 0x7f, 0x9a, 0x0a, 0xd9, 0x1f, 0xcf, 0x2f, 0xcd, 0xec, 0x48,
+    0x51, 0xed, 0xf6, 0xc7, 0x15, 0xe3, 0x16, 0x98, 0xf6, 0xff, 0x7f, 0x5f, 0xaa, 0xd0, 0x51, 0x37,
+    0x79, 0x5c, 0x4c, 0x03, 0xce, 0x82, 0x32, 0xa4, 0x4c, 0xfd, 0xb5, 0xa7, 0x17, 0x65, 0x79, 0x74,
+    0xe1, 0x26, 0xc1, 0x46, 0x30, 0xf1, 0x2f, 0x70, 0xc1, 0x9c, 0x14, 0x36, 0xe8, 0xdd, 0xe1, 0xb9,
+    0x1b, 0xbb, 0x14, 0xaa, 0xe9, 0xfd, 0xfe, 0xf7, 0x14, 0x71, 0x3e, 0x5d, 0x5e, 0x59, 0x1b, 0x90,
+    0x9f, 0x5d, 0x89, 0x67, 0x1d, 0x94, 0x44, 0x31, 0x89, 0xc5, 0x79, 0x56, 0x86, 0x14, 0x9f, 0x5c,
+    0x74, 0xc6, 0x87, 0x10, 0x6b, 0xec, 0x62, 0x4e, 0x87, 0xb8, 0xbe, 0x5e, 0xd0, 0x75, 0x74, 0x85,
+    0xf8, 0x05, 0x57, 0x37, 0x19, 0x4e, 0x6d, 0x84, 0x57, 0xd8, 0x7a, 0xb3, 0x90, 0x76, 0xf8, 0x88,
+    0x5a, 0x1c, 0x78, 0x7a, 0x33, 0x4b, 0x41, 0x77, 0x78, 0xe5, 0x84, 0x0d, 0x07, 0x15, 0x5a, 0xe6,
+    0x67, 0x58, 0xde, 0x50, 0x04, 0xda, 0x29, 0xb5, 0xde, 0x1d, 0x03, 0xe5, 0x16, 0x62, 0x67, 0xd4,
+    0x36, 0xb5, 0x28, 0x97, 0x11, 0x39, 0x3f, 0x2d, 0x28, 0xe2, 0x7c, 0xba, 0xbc, 0xb2, 0x36, 0xe3,
+    0xe8, 0x4f, 0xcd, 0x20, 0xd6, 0x1b, 0xc4, 0x9c, 0xcd, 0xb3, 0xbf, 0xbc, 0x63, 0xea, 0xe8, 0xc9,
+    0x60, 0x7f, 0xda, 0x72, 0xe7, 0x3d, 0x70, 0x50, 0xda, 0xb9, 0xdb, 0x22, 0x6f, 0xce, 0x60, 0x45,
+    0xd2, 0x2c, 0x6f, 0x28, 0x02, 0x6d, 0xf5, 0xbb, 0x6f, 0xef, 0xe0, 0x93, 0x0b, 0x31, 0xd2, 0x6a,
+    0xa5, 0x3e, 0x2b, 0x6f, 0xc9, 0xe2, 0x75, 0x16, 0x2b, 0x99, 0x26, 0x79, 0xee, 0xcf, 0xa5, 0xff,
+    0x8c, 0xc3, 0xd0, 0x27, 0x72, 0xa2, 0x0f, 0xca, 0xd0, 0x60, 0xc4, 0xed, 0x40, 0x03, 0x8c, 0x0d,
+    0xbd, 0x51, 0xfc, 0x92, 0x80, 0x7c, 0x69, 0x02, 0xfc, 0x26, 0x60, 0x90, 0x85, 0x1d, 0xbd, 0x7f,
+    0xfb, 0xd1, 0x94, 0x60, 0xb9, 0x2d, 0x8f, 0x67, 0x94, 0x16, 0x02, 0x07, 0xa5, 0xfd, 0xfb, 0x98,
+    0xba, 0x76, 0xf8, 0xb0, 0x63, 0x9b, 0x30, 0xe7, 0xf8, 0x82, 0xb8, 0x57, 0xfc, 0xb1, 0xba, 0xee,
+    0x0f, 0x02, 0x49, 0xc8, 0x65, 0x2c, 0xec, 0xe9, 0x49, 0x70, 0x5b, 0x21, 0xe1, 0xe2, 0x0f, 0x50,
+    0x4f, 0xe9, 0x64, 0x94, 0xdf, 0xbb, 0x0d, 0x89, 0x64, 0x1f, 0xc9, 0x1d, 0xab, 0xd7, 0x4f, 0x97,
+    0x8e, 0x5b, 0x52, 0xfc, 0xb2, 0xe0, 0xb3, 0xc9, 0x52, 0x55, 0x94, 0x35, 0x66, 0xf1, 0x8e, 0xac,
+    0x89, 0x7c, 0x56, 0xde, 0x51, 0x07, 0xea, 0x2c, 0x56, 0xf1, 0x4c, 0xf2, 0x1f, 0x5d, 0x89, 0x3d,
+    0x06, 0x6b, 0x45, 0xae, 0x83, 0xc6, 0x07, 0x05, 0x45, 0x5f, 0xf0, 0xab, 0x6a, 0xd5, 0x06, 0x20,
+    0xe5, 0xd5, 0x06, 0x33, 0x73, 0x75, 0x94, 0x76, 0x06, 0xf6, 0xb4, 0x45, 0xa4, 0xfa, 0xe5, 0x38,
+    0xf4, 0xd3, 0xdd, 0xa8, 0xdc, 0x01, 0x63, 0x8e, 0xdd, 0x66, 0x59, 0x26, 0x44, 0x1f, 0xf4, 0xc8,
+    0xc7, 0xd9, 0x73, 0xc6, 0xee, 0x9d, 0xb9, 0x45, 0x73, 0x15, 0xad, 0x83, 0xa7, 0xf3, 0xc7, 0x1b,
+    0xad, 0x1b, 0x66, 0x85, 0x4f, 0x29, 0xc0, 0x1a, 0x66, 0x4d, 0xa5, 0x9f, 0x76, 0x81, 0xad, 0x3e,
+    0xcb, 0x0f, 0xf9, 0x59, 0x2b, 0xd2, 0xb7, 0x4f, 0xf9, 0xab, 0x8e, 0x16, 0x73, 0x9a, 0xcb, 0x5b,
+    0x80, 0x15, 0x5a, 0xb8, 0xb7, 0xed, 0x01, 0xc0, 0x5a, 0xde, 0xe7, 0x78, 0x94, 0x6a, 0x80, 0x4d,
+    0xf0, 0x20, 0x1a, 0xdd, 0x9f, 0x85, 0xd8, 0x88, 0x1a, 0x0c, 0xf9, 0x55, 0x08, 0x38, 0xf0, 0x49,
+    0xd5, 0x0b, 0x6b, 0x0a, 0xe1, 0x8a, 0xac, 0x5e, 0x6b, 0x4b, 0x38, 0x54, 0x72, 0x9d, 0xd5, 0xfb,
+    0x07, 0x27, 0x04, 0x22, 0xe3, 0xe7, 0x59, 0xe5, 0x04, 0xa4, 0xd8, 0xc7, 0x79, 0xac, 0x07, 0x91,
+    0xea, 0xd7, 0x4f, 0xfb, 0x16, 0x59, 0x78, 0x9f, 0x4f, 0x86, 0xef, 0x64, 0x45, 0x18, 0xea, 0x68,
+    0x56, 0xca, 0xf2, 0xe5, 0xf6, 0x04, 0x4f, 0x7d, 0xf2, 0x5b, 0xa7, 0x98, 0xd3, 0x7c, 0x56, 0xa6,
+    0x4d, 0x71, 0xe6, 0x4f, 0x1f, 0xf9, 0xb1, 0x8a, 0xe6, 0x2a, 0x99, 0xc5, 0x8d, 0x25, 0x4d, 0x36,
+    0x55, 0x1e, 0x31, 0xb2, 0x56, 0x67, 0xad, 0x9e, 0x31, 0x95, 0xdf, 0x2c, 0xe6, 0xf7, 0x55, 0xb6,
+    0x43, 0x3f, 0xee, 0x0b, 0x1a, 0xf4, 0x03, 0x83, 0xee, 0xa1, 0xea, 0x88, 0x7f, 0xbe, 0x43, 0xd7,
+    0x1a, 0xf7, 0x55, 0x26, 0x89, 0xdc, 0xa0, 0x17, 0x55, 0x8a, 0x16, 0x31, 0x4d, 0x20, 0x1a, 0x21,
+    0x0b, 0xf1, 0x8e, 0xbd, 0x26, 0xa8, 0x57, 0xef, 0x8e, 0x1a, 0xfb, 0x52, 0xad, 0xc5, 0x0b, 0xd1,
+    0xe3, 0xbe, 0x43, 0x9d, 0xf0, 0xb3, 0x93, 0x73, 0x43, 0xa9, 0x44, 0xee, 0xce, 0x2f, 0xe3, 0x18,
+    0x96, 0x34, 0x85, 0x01, 0xfb, 0x7e, 0xaf, 0xdd, 0x85, 0xea, 0xd2, 0xdc, 0x0d, 0x23, 0x96, 0x2c,
+    0x27, 0xb3, 0xf3, 0x0c, 0xbe, 0x4d, 0xc8, 0xd5, 0xf3, 0x72, 0x91, 0xd9, 0x5c, 0x57, 0x27, 0x13,
+    0xdd, 0x2e, 0x26, 0xe0, 0x67, 0x41, 0x19, 0x52, 0x26, 0x9f, 0xbb, 0xb2, 0xea, 0xd3, 0xdd, 0x3a,
+    0x44, 0x18, 0xea, 0x29, 0xf9, 0x13, 0x5a, 0x66, 0xea, 0x05, 0x32, 0x4f, 0x06, 0x12, 0x44, 0x46,
+    0x26, 0xff, 0xb2, 0x80, 0xde, 0x6c, 0x96, 0x35, 0xb2, 0x89, 0xb9, 0xb5, 0x4f, 0x2e, 0x26, 0xa2,
+    0x35, 0x61, 0xeb, 0xc0, 0xb1, 0x5a, 0xdd, 0xce, 0xeb, 0x2c, 0x04, 0x0e, 0x89, 0x39, 0x35, 0xf3,
+    0xdc, 0x62, 0x67, 0x6c, 0x07, 0x60, 0x47, 0xb2, 0x67, 0x64, 0x93, 0xde, 0xf9, 0xaa, 0xdc, 0x8b,
+    0xa4, 0x72, 0x6a, 0xe3, 0xa9, 0xc3, 0x2b, 0xf6, 0x6a, 0x62, 0x0e, 0x15, 0xfd, 0xb6, 0xa4, 0x4e,
+    0x58, 0x84, 0xfa, 0xa1, 0xf3, 0x09, 0xfd, 0x74, 0xfa, 0xd0, 0xd4, 0xd5, 0x21, 0xe7, 0x58, 0x47,
+    0xcf, 0xfc, 0x3e, 0x2c, 0x68, 0x56, 0x0c, 0x49, 0x3e, 0xc1, 0x2e, 0x65, 0x3f, 0xbd, 0xcf, 0xda,
+    0xd0, 0xb4, 0xed, 0xf3, 0xc2, 0x2f, 0x49, 0xb8, 0xed, 0xda, 0xb0, 0x4b, 0x2d, 0xc3, 0xd0, 0xcb,
+    0x7c, 0xe3, 0xca, 0xfa, 0xed, 0x27, 0xd7, 0x42, 0xca, 0x6c, 0x3d, 0xb8, 0x48, 0x3b, 0x7c, 0x44,
+    0x5c, 0x77, 0x3d, 0xd4, 0xb0, 0x8d, 0x46, 0x72, 0x3d, 0xba, 0x74, 0xa6, 0x6d, 0xc0, 0x5c, 0xc6,
+    0x7e, 0x7b, 0x48, 0x21, 0x2d, 0x65, 0x6b, 0x41, 0x48, 0x59, 0x6d, 0x60, 0x6e, 0xc9, 0x7e, 0xe5,
+    0xfe, 0x6e, 0x12, 0x99, 0x9a, 0x88, 0x6a, 0x81, 0x12, 0x87, 0x8a, 0x18, 0xfa, 0xa3, 0xfe, 0xa8,
+    0xaa, 0x3c, 0x62, 0xa7, 0xac, 0xce, 0x99, 0xff, 0x62, 0xe9, 0x7d, 0x58, 0x0f, 0x2d, 0xaa, 0xaf,
+    0x2b, 0x65, 0x79, 0x93, 0x7b, 0x02, 0xc6, 0xdf, 0x79, 0xcc, 0xb2, 0x4c, 0x88, 0x3e, 0x2b, 0x53,
+    0xc9, 0x97, 0x7b, 0x82, 0xeb, 0x90, 0x0b, 0x4c, 0x7b, 0x9e, 0xde, 0xce, 0x55, 0x68, 0xc9, 0xfa,
+    0x92, 0xc7, 0x42, 0x74, 0xb8, 0xfa, 0x14, 0xdb, 0x42, 0x80, 0x72, 0xaf, 0x41, 0x04, 0x92, 0xad,
+    0xca, 0x43, 0xb8, 0xd5, 0x4b, 0xf3, 0xe9, 0xaf, 0xb8, 0x50, 0xa6, 0x7a, 0x60, 0xe3, 0xca, 0xea,
+    0x4c, 0x3d, 0xa7, 0xc3, 0x7f, 0xd8, 0xef, 0x6a, 0xa7, 0xd1, 0xb1, 0xa9, 0x9e, 0x5c, 0x4c, 0x87,
+    0x9d, 0xc5, 0x0b, 0xbc, 0xdd, 0xd6, 0xf8, 0x32, 0x0b, 0xf0, 0x29, 0x8e, 0xa0, 0xe6, 0x9d, 0xfd,
+    0xa7, 0xa6, 0xa9, 0xb4, 0x09, 0xa0, 0xc9, 0x15, 0xa9, 0xac, 0x76, 0xa1, 0xc8, 0x3d, 0xa7, 0x5e,
+    0x59, 0xc8, 0xbb, 0x2d, 0x93, 0x28, 0xa3, 0x94, 0xbb, 0x2b, 0xfc, 0xb9, 0x32, 0x9e, 0x59, 0xf6,
+    0x9e, 0x11, 0xc8, 0xeb, 0x7d, 0xb5, 0x1a, 0xd1, 0xc8, 0x3e, 0x51, 0x3a, 0x95, 0x6d, 0x9e, 0xed,
+    0x1d, 0xd0, 0x51, 0x04, 0x6a, 0x3b, 0xf9, 0xf2, 0x51, 0x2e, 0xce, 0xf6, 0x34, 0x8c, 0x1d, 0xb0,
+    0x01, 0x4c, 0x41, 0x8c, 0x60, 0x21, 0x5e, 0xe0, 0x41, 0xfb, 0x28, 0x6c, 0x13, 0x79, 0x01, 0xb1,
+    0xc2, 0x66, 0xf5, 0x3f, 0xcd, 0x38, 0x5c, 0xa3, 0xf5, 0x84, 0x25, 0x9c, 0xf8, 0xad, 0xc2, 0x2b,
+    0x28, 0xb1, 0xba, 0xc4, 0xdb, 0x61, 0x24, 0x3c, 0xba, 0x02, 0xca, 0xf8, 0xbd, 0xb5, 0x28, 0x43,
+    0xb4, 0x38, 0xf0, 0xf4, 0x66, 0x96, 0x82, 0xee, 0xf0, 0x09, 0xcb, 0x1a, 0x0e, 0x2a, 0xb4, 0x0f,
+    0x19, 0x23, 0x96, 0x71, 0x29, 0xbf, 0x42, 0xf4, 0x96, 0x44, 0x6e, 0x85, 0x78, 0xab, 0x19, 0x31,
+    0x85, 0xaa, 0xdc, 0x41, 0x94, 0x48, 0xe4, 0x26, 0xdc, 0x4f, 0x6f, 0x67, 0xcb, 0x34, 0x85, 0x7d,
+    0x3c, 0x08, 0xe7, 0xa6, 0x57, 0xb0, 0x36, 0x22, 0xe7, 0x03, 0xaf, 0x84, 0x02, 0x0e, 0x3c, 0x83,
+    0x40, 0xeb, 0x2d, 0x5c, 0xba, 0x97, 0xe1, 0x60, 0x2d, 0x6f, 0x92, 0x3c, 0x4a, 0x35, 0x40, 0xc7,
+    0x1e, 0x04, 0x92, 0x53, 0xca, 0x58, 0x1b, 0x11, 0x92, 0xe0, 0xb6, 0x42, 0x01, 0x07, 0x1e, 0xa0,
+    0x95, 0xe0, 0x46, 0x56, 0x5b, 0x1d, 0x4d, 0x3e, 0x46, 0x24, 0xaa, 0x68, 0x38, 0xa8, 0x95, 0x3c,
+    0xab, 0x70, 0x23, 0x2b, 0xcc, 0xef, 0xc7, 0x1f, 0x23, 0x12, 0x55, 0x34, 0x1c, 0x54, 0xab, 0x1e,
+    0xb3, 0x1f, 0xf4, 0xd6, 0x85, 0x71, 0xdb, 0x0b, 0xf4, 0xad, 0x13, 0xdd, 0x77, 0x86, 0xb3, 0x9e,
+    0xeb, 0x9b, 0x0e, 0x77, 0x76, 0x78, 0x26, 0x7f, 0x0e, 0x7d, 0xc7, 0x08, 0x56, 0x61, 0xeb, 0xd9,
+    0xfa, 0x9d, 0xd5, 0xec, 0xd9, 0x0c, 0xd1, 0x87, 0xd5, 0xed, 0x2a, 0x6b, 0xb6, 0x84, 0xfa, 0x29,
+    0x2a, 0x29, 0x38, 0x1f, 0x1b, 0x23, 0x98, 0x3f, 0x38, 0x37, 0x9a, 0x20, 0x9b, 0x47, 0x2a, 0xe2,
+    0xac, 0x57, 0x27, 0x09, 0x2f, 0x08, 0x9e, 0xfa, 0x27, 0xb6, 0x8d, 0xf3, 0x65, 0xf8, 0xac, 0x8f,
+    0x2d, 0x0e, 0x3c, 0x3d, 0xf8, 0xc4, 0xc1, 0xda, 0x3c, 0x93, 0x42, 0xe7, 0xe2, 0xeb, 0x2d, 0x73,
+    0x25, 0x2b, 0x71, 0xd7, 0x7e, 0x0f, 0x74, 0xd6, 0x71, 0x47, 0xc1, 0x01, 0x7a, 0xa5, 0x25, 0xb2,
+    0x4a, 0x56, 0xe2, 0x6d, 0xfc, 0x1e, 0xe8, 0x6f, 0xe2, 0x8e, 0x41, 0x02, 0xf4, 0x89, 0x4a, 0xa7,
+    0xb0, 0xcb, 0x37, 0x81, 0x25, 0x12, 0x39, 0xe8, 0x37, 0x63, 0x6b, 0x69, 0x42, 0x0d, 0xb0, 0x8e,
+    0x41, 0xa7, 0x6c, 0xd0, 0xda, 0xb6, 0xbf, 0x80, 0x6c, 0x94, 0xba, 0x50, 0x59, 0x4c, 0x41, 0x76,
+    0x30, 0xde, 0x6d, 0x39, 0x92, 0xff, 0x38, 0x28, 0x6d, 0xbd, 0x8c, 0x11, 0xd6, 0x67, 0x30, 0xc3,
+    0x33, 0x0a, 0xae, 0x6e, 0x32, 0x9c, 0xda, 0xcb, 0xae, 0x73, 0xf4, 0xa5, 0xe3, 0xec, 0x33, 0xd3,
+    0x65, 0xc0, 0x5c, 0x8b, 0xc4, 0x98, 0x95, 0xb6, 0x5c, 0x28, 0x53, 0x3d, 0x30, 0x90, 0x65, 0x75,
+    0x8b, 0xe4, 0xd4, 0x05, 0x91, 0x45, 0x56, 0x2f, 0xd4, 0xc4, 0x1c, 0x2a, 0x39, 0xaf, 0x8b, 0x9c,
+    0xef, 0x68, 0xc9, 0x02, 0x35, 0xfc, 0x9d, 0x79, 0xc9, 0x17, 0x67, 0x7b, 0x1a, 0x46, 0xef, 0x58,
+    0x09, 0x69, 0x0c, 0x66, 0xe6, 0xea, 0xeb, 0xec, 0x0c, 0x2f, 0xab, 0x8a, 0x8b, 0x37, 0x09, 0x70,
+    0x9b, 0xae, 0x4e, 0x12, 0x5e, 0x10, 0xff, 0x37, 0x4e, 0xaf, 0xd9, 0x25, 0xca, 0x33, 0x9b, 0xdd,
+    0x6f, 0x7d, 0x93, 0xba, 0x82, 0x11, 0x9c, 0xb9, 0x93, 0xc9, 0x80, 0x03, 0x8e, 0x2c, 0x6f, 0x15,
+    0x84, 0xe6, 0x9d, 0xcd, 0xf4, 0x69, 0xba, 0xc6, 0x9d, 0xb4, 0x47, 0x0b, 0xd8, 0x4d, 0x84, 0xcc,
+    0x15, 0xf5, 0x1c, 0xee, 0xec, 0xf0, 0x4c, 0xfe, 0x1c, 0xfa, 0x4d, 0x10, 0xac, 0xc2, 0x15, 0x71,
+    0x75, 0x8a, 0xc6, 0x9c, 0x0b, 0xcd, 0x3c, 0xae, 0xc6, 0x43, 0x96, 0x32, 0xc3, 0x0c, 0x75, 0x34,
+    0x61, 0x33, 0x9b, 0xfe, 0x87, 0x1c, 0x2e, 0xb0, 0x9b, 0x42, 0xf3, 0x4e, 0x7c, 0xb7, 0x61, 0xf4,
+    0xf9, 0x49, 0x16, 0xbb, 0x79, 0x6f, 0x33, 0x64, 0x16, 0x23, 0x52, 0xdf, 0x83, 0x0f, 0xf9, 0x39,
+    0x12, 0xd2, 0x18, 0xcc, 0x0f, 0x17, 0x15, 0x1b, 0x18, 0x5e, 0x95, 0xd7, 0xd5, 0x6e, 0x12, 0xe0,
+    0x70, 0x35, 0x40, 0x65, 0x28, 0x68, 0xd9, 0x48, 0x40, 0xd2, 0x1e, 0x2d, 0x9c, 0x52, 0x70, 0x04,
+    0xa3, 0x55, 0x6e, 0xc1, 0x4a, 0x24, 0x72, 0x13, 0x6e, 0xc6, 0xd6, 0xd2, 0x84, 0x1a, 0xa3, 0xdf,
+    0x9c, 0x89, 0x4a, 0x30, 0xbd, 0xf7, 0xa6, 0xd2, 0x4a, 0x0b, 0x01, 0xe2, 0xb3, 0x9f, 0x9c, 0x4c,
+    0x4e, 0xa5, 0x25, 0x18, 0xbf, 0x9a, 0x53, 0x69, 0x25, 0xe4, 0xe1, 0x71, 0xb8, 0xae, 0x4e, 0x26,
+    0xa9, 0xe8, 0xa1, 0xf0, 0x0c, 0xad, 0x7b, 0x1c, 0xa1, 0x27, 0x05, 0xec, 0x3a, 0xa6, 0xa9, 0xbf,
+    0x7b, 0xc4, 0xce, 0xd8, 0x0e, 0xc0, 0x8e, 0xa7, 0xce, 0xc8, 0xe5, 0x7f, 0x31, 0x97, 0x7b, 0xd5,
+    0x47, 0xcc, 0x29, 0x7e, 0x59, 0x70, 0xb8, 0x85, 0x29, 0xcb, 0x4a, 0xfb, 0x33, 0x99, 0x47, 0x56,
+    0xe9, 0x03, 0x8c, 0xac, 0xb6, 0x3a, 0x9a, 0x7c, 0x8c, 0x48, 0x97, 0xd0, 0x70, 0x93, 0xe9, 0x78,
+    0x7a, 0x88, 0x8f, 0x54, 0x6e, 0xe1, 0xd0, 0x47, 0x8f, 0x33, 0xcd, 0x13, 0x22, 0xee, 0x7a, 0x64,
+    0xf1, 0x6c, 0x5b, 0x51, 0xff, 0xa4, 0x86, 0x68, 0x5b, 0xf7, 0xd1, 0x39, 0x1b, 0x41, 0xf1, 0xf8,
+    0xc4, 0x0d, 0xb0, 0x91, 0x4e, 0xfe, 0x5b, 0xa6, 0xb0, 0xdb, 0xd5, 0x37, 0x92, 0x78, 0xc4, 0x0b,
+    0xaf, 0x83, 0xe4, 0x5e, 0x8f, 0x6b, 0x7c, 0x19, 0xe4, 0x78, 0xf5, 0x47, 0x50, 0x73, 0xaf, 0x9f,
+    0x68, 0x5a, 0x97, 0x98, 0x61, 0xf6, 0xc5, 0x5c, 0x97, 0x6d, 0x58, 0xc4, 0xf7, 0x80, 0x68, 0x84,
+    0xbe, 0x85, 0x3f, 0xc5, 0x20, 0x1f, 0x8b, 0xe1, 0x3f, 0xe8, 0x18, 0x24, 0xb0, 0x96, 0xbe, 0x6f,
+    0xbf, 0xc9, 0x7e, 0x49, 0x40, 0x3e, 0xd5, 0x01, 0x7e, 0x13, 0x30, 0x48, 0xa3, 0xef, 0xbf, 0xde,
+    0x2e, 0xda, 0xff, 0x6a, 0x58, 0xa7, 0x23, 0x39, 0xff, 0x5d, 0x3a, 0x53, 0xd7, 0x60, 0x2e, 0x63,
+    0x48, 0xce, 0x60, 0xb6, 0x3c, 0x5c, 0x54, 0x6c, 0x60, 0xbb, 0x11, 0xda, 0xd2, 0x7b, 0x48, 0x06,
+    0xce, 0xb0, 0x7f, 0xa0, 0x08, 0x77, 0x52, 0xa9, 0x7f, 0x3a, 0x06, 0x09, 0x2c, 0xc4, 0xce, 0x6b,
+    0x3d, 0x44, 0xa6, 0x2a, 0x37, 0x91, 0x68, 0xc2, 0xa6, 0xf8, 0x87, 0xe8, 0x11, 0x77, 0x3d, 0x32,
+    0x32, 0x46, 0xef, 0xe2, 0x52, 0xbd, 0x84, 0x2b, 0xef, 0x88, 0xdc, 0xc9, 0xf0, 0x95, 0x32, 0x62,
+    0xe6, 0x01, 0xc5, 0x64, 0xd3, 0x16, 0x76, 0x95, 0xc5, 0x38, 0xcc, 0xf1, 0x91, 0x71, 0xe6, 0x28,
+    0x6b, 0x8e, 0x54, 0xcf, 0xc1, 0x95, 0x27, 0xbf, 0x54, 0xa3, 0x20, 0x70, 0xc2, 0x0b, 0x6b, 0x94,
+    0xbb, 0x3a, 0xb9, 0x3c, 0x03, 0xba, 0x6e, 0x07, 0xb9, 0x79, 0x90, 0x3b, 0xef, 0xc8, 0xbb, 0x5f,
+    0x91, 0x13, 0x81, 0x23, 0x18, 0x99, 0xf6, 0x38, 0x81, 0x4e, 0x0a, 0x1b, 0x74, 0x8f, 0x91, 0xbd,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x83, 0xc1, 0x99, 0xef, 0x17, 0x8e, 0xe3, 0x23, 0x99, 0x10, 0x9f, 0xcc, 0xa1, 0xe1, 0x83, 0x5d,
+    0xe0, 0x6a, 0x80, 0xca, 0x50, 0xd0, 0x71, 0x90, 0x80, 0x67, 0x3c, 0x5a, 0xfb, 0xa4, 0xe0, 0x08,
+    0x82, 0x8d, 0xd8, 0x63, 0x77, 0xaf, 0xbd, 0xc3, 0xd8, 0xeb, 0xb7, 0xa0, 0xb2, 0x98, 0x82, 0xec,
+    0xd7, 0x93, 0xe9, 0xd1, 0x21, 0xc8, 0x10, 0x5d, 0xe9, 0x7e, 0x68, 0x8c, 0x54, 0x6f, 0xd7, 0x5a,
+    0xf2, 0xb8, 0x98, 0x06, 0x5f, 0xc7, 0x64, 0x8b, 0x98, 0x39, 0xa9, 0x8d, 0x2e, 0xca, 0xf2, 0xe8,
+    0xcd, 0x64, 0xbc, 0xf7, 0xa8, 0x14, 0xb0, 0x4a, 0xbc, 0xf4, 0x7e, 0xbd, 0x19, 0x4f, 0xcd, 0x7b,
+    0x78, 0x10, 0x0d, 0x8f, 0xae, 0xa3, 0x6c, 0x44, 0x0d, 0x06, 0x9d, 0xcb, 0x04, 0x1c, 0x78, 0xc5,
+    0xc0, 0xfe, 0x77, 0xe4, 0x0d, 0x7a, 0xe0, 0xa0, 0x77, 0xb1, 0x75, 0x44, 0xde, 0x5f, 0xc0, 0x8a,
+    0x63, 0xab, 0x19, 0x25, 0x47, 0x5e, 0x92, 0xb3, 0x19, 0x77, 0xa3, 0x96, 0x5a, 0x45, 0x63, 0x55,
+    0x87, 0x32, 0x5e, 0x9a, 0x54, 0x0a, 0x58, 0x25, 0x5e, 0x7a, 0x3f, 0xbf, 0xed, 0xc6, 0x87, 0xdc,
+    0xfc, 0xf6, 0x90, 0x42, 0x5a, 0xca, 0xd6, 0x82, 0x90, 0xb2, 0xda, 0xc0, 0xdc, 0x51, 0xfc, 0x09,
+    0x94, 0xac, 0x07, 0xda, 0x3b, 0x3c, 0x13, 0xde, 0x07, 0xdf, 0x82, 0x04, 0x2b, 0xd1, 0x94, 0x8d,
+    0x08, 0x25, 0x4d, 0xea, 0x86, 0xcb, 0xb5, 0x0c, 0x4d, 0xd4, 0x83, 0xe6, 0x98, 0x4e, 0x08, 0xc1,
+    0x81, 0x59, 0x1b, 0x34, 0xd7, 0xcc, 0x5f, 0x20, 0x1b, 0x25, 0xcf, 0x14, 0x87, 0x13, 0x81, 0xfc,
+    0x17, 0x6d, 0x9e, 0x35, 0x2c, 0xb2, 0xf0, 0xfd, 0x9e, 0xcf, 0x1d, 0xc8, 0x8a, 0x30, 0x17, 0xd0,
+    0x62, 0xe7, 0x58, 0xa9, 0x27, 0x7f, 0xcc, 0x53, 0x58, 0x8c, 0x8b, 0xfa, 0x49, 0x3c, 0x62, 0xe4,
+    0xd8, 0x91, 0xa0, 0x19, 0x44, 0xe4, 0xfc, 0xb4, 0xa0, 0x0e, 0x33, 0xad, 0xb5, 0x8d, 0xd8, 0x0a,
+    0x31, 0x92, 0x2c, 0xb5, 0xf2, 0xde, 0x66, 0xc8, 0x2c, 0x46, 0xa4, 0x7d, 0xc5, 0x1e, 0x31, 0x72,
+    0x10, 0x4a, 0x9a, 0x17, 0xcf, 0x55, 0xa9, 0x18, 0x9a, 0x6b, 0xc5, 0x0f, 0xf3, 0x9c, 0x10, 0x41,
+    0x21, 0xd8, 0xb6, 0xa2, 0x3d, 0x8b, 0xcf, 0xd0, 0xb6, 0x2d, 0x61, 0x72, 0x36, 0x82, 0x21, 0x33,
+    0xda, 0x09, 0x22, 0xc2, 0x84, 0xa6, 0x40, 0xb7, 0x22, 0x3b, 0x63, 0x75, 0x93, 0x7f, 0xda, 0xab,
+    0x66, 0x14, 0x9f, 0xdc, 0x64, 0xfb, 0x77, 0x55, 0x9f, 0xe6, 0x2b, 0x89, 0x05, 0x1b, 0x66, 0x65,
+    0x39, 0xb7, 0x61, 0x5f, 0x74, 0x15, 0xd3, 0xc4, 0x61, 0x92, 0x27, 0x9b, 0x5d, 0x50, 0x39, 0xb3,
+    0xfd, 0xba, 0xd1, 0xce, 0x3a, 0xeb, 0x88, 0x62, 0xd1, 0x49, 0xf2, 0xac, 0xcf, 0x28, 0xfd, 0xb8,
+    0x0e, 0x4e, 0x08, 0x44, 0x05, 0x0d, 0xb2, 0x09, 0x08, 0x8b, 0x73, 0x4d, 0xf2, 0x9b, 0x0e, 0xe1,
+    0x6e, 0x31, 0xd2, 0x36, 0xe2, 0x30, 0xc2, 0x59, 0xd2, 0x32, 0xa8, 0x6f, 0x9d, 0x55, 0x6e, 0xa4,
+    0x8f, 0x17, 0x13, 0x70, 0xd2, 0xc1, 0xed, 0x29, 0x13, 0xae, 0xbc, 0x59, 0x75, 0x88, 0x8f, 0x1d,
+    0x99, 0x36, 0xcc, 0xc9, 0x9e, 0x52, 0x43, 0x34, 0xcc, 0x9a, 0x89, 0xfd, 0xec, 0xc1, 0x99, 0x7c,
+    0x6d, 0xe5, 0x11, 0x61, 0x42, 0x53, 0x20, 0xba, 0x11, 0xfc, 0xd0, 0xdb, 0xa8, 0xde, 0x6d, 0xb4,
+    0xf3, 0xf4, 0xd9, 0x8a, 0x3f, 0xe6, 0x3a, 0x6b, 0xd9, 0xc2, 0x81, 0xe1, 0x3d, 0xb3, 0xf3, 0x59,
+    0xde, 0xfa, 0xe5, 0xb7, 0xc7, 0x22, 0xfb, 0xb1, 0xe5, 0x51, 0xc3, 0x06, 0xdf, 0x58, 0xde, 0x2a,
+    0x88, 0x30, 0x17, 0x52, 0x31, 0x26, 0xb4, 0xcc, 0x17, 0x0a, 0x64, 0x9e, 0x0c, 0x24, 0x88, 0x8c,
+    0x0d, 0x9a, 0xcb, 0x13, 0xa5, 0x6e, 0x50, 0xea, 0xcb, 0x45, 0x0b, 0xf9, 0xc7, 0x10, 0x0d, 0xf1,
+    0x8d, 0x8f, 0x91, 0xab, 0x12, 0x83, 0x51, 0x2a, 0x91, 0x9b, 0xec, 0x81, 0x53, 0x7a, 0x8d, 0xbc,
+    0xd4, 0x47, 0x2a, 0x86, 0x81, 0xab, 0xf2, 0xbe, 0x2a, 0xb0, 0x10, 0x38, 0x61, 0xe4, 0xd4, 0x4a,
+    0x5b, 0x50, 0x39, 0xf6, 0x53, 0x6a, 0x1f, 0x97, 0x39, 0x1e, 0xac, 0x61, 0x14, 0x6c, 0x5b, 0x57,
+    0xd1, 0xf8, 0xac, 0x7f, 0xa2, 0x0e, 0x17, 0x58, 0xac, 0x21, 0x98, 0x27, 0x3e, 0xba, 0xd1, 0x7a,
+    0x5d, 0x3b, 0x7c, 0x58, 0xd0, 0xac, 0x18, 0x92, 0x7c, 0x41, 0x5c, 0xca, 0x7e, 0xb9, 0x5d, 0x77,
+    0x03, 0xd4, 0xc3, 0x57, 0xa0, 0x63, 0xe2, 0xe3, 0xc3, 0xce, 0x78, 0xb4, 0x35, 0x8b, 0x03, 0x10,
+    0xc8, 0xdb, 0x3a, 0x0e, 0x8b, 0xb1, 0x55, 0xac, 0x3a, 0x65, 0xf6, 0xa2, 0x46, 0x11, 0xc8, 0x4b,
+    0xc1, 0xb2, 0x36, 0x68, 0x6d, 0x5b, 0xbe, 0x40, 0x36, 0x4a, 0x5d, 0x28, 0xcd, 0x26, 0xc1, 0x3b,
+    0x77, 0x12, 0x44, 0x47, 0xcb, 0x8f, 0x80, 0xad, 0x44, 0x76, 0xc6, 0xea, 0xe5, 0xfe, 0x77, 0x95,
+    0x3a, 0x63, 0xa2, 0x08, 0xd4, 0x76, 0x31, 0x27, 0xa2, 0x5c, 0x5f, 0x2f, 0x68, 0xdb, 0x3a, 0xa3,
+    0xf6, 0x4b, 0x5f, 0x73, 0x1c, 0x43, 0xdf, 0x8d, 0x5f, 0x53, 0x09, 0xfe, 0x62, 0xed, 0xf6, 0x69,
+    0xb9, 0xa2, 0x3b, 0xe7, 0xc3, 0xf8, 0xd2, 0x04, 0x3b, 0x4c, 0xc0, 0xe3, 0xc9, 0x3a, 0xb9, 0xfe,
+    0xa1, 0xcd, 0xec, 0x1a, 0x8a, 0x66, 0xce, 0x10, 0xec, 0xf3, 0x86, 0x0a, 0xa2, 0xe8, 0xa1, 0x7e,
+    0xc6, 0x95, 0x32, 0x4a, 0x8e, 0xbc, 0xe7, 0xa5, 0x32, 0xee, 0x85, 0xef, 0xb4, 0x8a, 0xc6, 0xaa,
+    0x7d, 0xaf, 0x8b, 0x76, 0x8d, 0x06, 0x89, 0xa2, 0x8b, 0x97, 0x15, 0xd4, 0x5b, 0x42, 0x7d, 0xf5,
+    0x24, 0x67, 0x30, 0x5b, 0x1e, 0x2e, 0x2a, 0x36, 0x30, 0xbc, 0xe9, 0x6d, 0x69, 0xdc, 0x24, 0x03,
+    0xdf, 0xb6, 0xa4, 0x3b, 0xa7, 0x03, 0xa5, 0x51, 0xa4, 0xaa, 0xeb, 0x6a, 0xcc, 0x21, 0xdf, 0x9b,
+    0x64, 0x8c, 0x1d, 0x07, 0xa4, 0xb9, 0xcb, 0x56, 0x1d, 0xd3, 0x7b, 0x51, 0x23, 0xe9, 0x64, 0xc4,
+    0x23, 0x40, 0x34, 0x79, 0xfd, 0xc9, 0x73, 0xd3, 0x34, 0x18, 0x31, 0xaa, 0x10, 0x70, 0x23, 0x92,
+    0x73, 0xe1, 0x83, 0x32, 0x88, 0x0b, 0x3b, 0xab, 0x83, 0x1c, 0x66, 0x99, 0xa9, 0xd9, 0x73, 0x14,
+    0x69, 0x16, 0xd6, 0x14, 0x01, 0xd7, 0x9b, 0xbc, 0xd6, 0x96, 0x70, 0xa8, 0xe4, 0xf9, 0x69, 0x35,
+    0x18, 0x6f, 0xd7, 0xfd, 0x49, 0x9e, 0x1c, 0x14, 0xd7, 0xbf, 0x46, 0xe9, 0x6b, 0xd2, 0x18, 0x80,
+    0xbc, 0x1d, 0xbd, 0x1e, 0xe0, 0x5d, 0x37, 0xe2, 0xbd, 0xdd, 0x48, 0xfc, 0x96, 0x64, 0xbc, 0xce,
+    0x42, 0x73, 0xaf, 0x87, 0x7a, 0xd5, 0x5d, 0x63, 0xaf, 0x5a, 0xc2, 0xe4, 0x6c, 0xc7, 0x42, 0x66,
+    0x1f, 0x48, 0xd3, 0xdf, 0xaa, 0x79, 0x45, 0xf1, 0xd3, 0x1b, 0x9e, 0x2e, 0x12, 0x7e, 0x1f, 0x11,
+    0x98, 0x7a, 0x8d, 0x45, 0xfe, 0x73, 0x1d, 0xd4, 0x8d, 0x61, 0xa1, 0x91, 0xff, 0xb8, 0x98, 0xcd,
+    0x53, 0x75, 0x74, 0x1c, 0xd5, 0xa1, 0xaa, 0x9b, 0x74, 0xca, 0x2f, 0x87, 0x8c, 0x22, 0x53, 0x96,
+    0xe4, 0x99, 0x47, 0xbf, 0x13, 0x54, 0xca, 0x96, 0x47, 0x0d, 0x9c, 0x29, 0xb7, 0x83, 0xe4, 0x89,
+    0xae, 0xcf, 0xa5, 0xd2, 0xef, 0x4a, 0x22, 0xf9, 0xa5, 0x83, 0xdd, 0x2b, 0x43, 0x0a, 0xae, 0x2e,
+    0xd9, 0xdd, 0xe1, 0x95, 0x24, 0xc5, 0xa2, 0x54, 0xe1, 0xf5, 0x1b, 0xc1, 0xa6, 0xf4, 0xd9, 0xbb,
+    0x22, 0x0c, 0x75, 0xf5, 0x9d, 0xe8, 0x2d, 0x33, 0x75, 0xe3, 0x19, 0xc6, 0x03, 0x09, 0x22, 0x23,
+    0x52, 0x39, 0x35, 0x90, 0xb5, 0x80, 0xf4, 0x7b, 0x35, 0x31, 0x07, 0xeb, 0x9f, 0x5b, 0x52, 0x27,
+    0x05, 0xbf, 0x86, 0xf9, 0x23, 0xa5, 0xe5, 0xe6, 0x86, 0x91, 0x88, 0x1f, 0x5f, 0x5e, 0x05, 0x30,
+    0x6c, 0xa9, 0x50, 0xed, 0x22, 0x72, 0x7e, 0x5a, 0x50, 0x07, 0xf8, 0xb7, 0xbb, 0xa7, 0x6c, 0x05,
+    0xd3, 0x60, 0x2e, 0xa4, 0x62, 0x4c, 0xab, 0x5b, 0x2e, 0x14, 0xc8, 0xff, 0x18, 0x48, 0xd3, 0xdb,
+    0xff, 0x22, 0x53, 0x15, 0xfa, 0xa9, 0x34, 0x61, 0x53, 0x7c, 0xa2, 0x74, 0xe9, 0xda, 0xff, 0x19,
+    0x9a, 0xe2, 0x0f, 0x9e, 0x3e, 0x31, 0xa1, 0xd7, 0x0f, 0x54, 0xf1, 0x49, 0xd9, 0x4a, 0x9a, 0x6c,
+    0x2c, 0x42, 0x7d, 0xb1, 0x98, 0xe5, 0x9f, 0x3a, 0x7d, 0x68, 0x6a, 0x8b, 0xf1, 0x92, 0x2c, 0xc2,
+    0x29, 0xfd, 0xfb, 0x48, 0xbb, 0x40, 0x7a, 0xdc, 0xfb, 0xf9, 0xe2, 0x94, 0xae, 0xcc, 0x29, 0xf2,
+    0x5e, 0xef, 0xbf, 0x0f, 0x70, 0xcf, 0xfa, 0x71, 0xbf, 0x8f, 0x24, 0x7e, 0x4b, 0x32, 0x5e, 0x67,
+    0x57, 0x86, 0xb3, 0x69, 0x96, 0x25, 0x11, 0x9d, 0xb3, 0xa0, 0x8f, 0xf4, 0xc0, 0x05, 0x57, 0x17,
+    0xed, 0xf0, 0x4b, 0xd9, 0xf5, 0xbe, 0x21, 0x7a, 0x4b, 0x22, 0x37, 0xa3, 0x3c, 0xb4, 0xed, 0xf9,
+    0x46, 0x80, 0x68, 0xf2, 0x39, 0x51, 0xe6, 0x65, 0x68, 0x30, 0x62, 0x97, 0x20, 0xe0, 0x46, 0xe7,
+    0x34, 0x2d, 0xaa, 0x4c, 0xd1, 0x7b, 0x83, 0x2e, 0xaa, 0xd7, 0x2c, 0x62, 0x9a, 0x40, 0x34, 0x42,
+    0x72, 0xad, 0xc2, 0xbe, 0xe8, 0x2a, 0x65, 0x4b, 0xc2, 0xe7, 0x4e, 0xf5, 0xba, 0xa0, 0x72, 0xa5,
+    0xb5, 0x74, 0xb1, 0x78, 0x06, 0xb7, 0xdc, 0x0e, 0xb1, 0xf2, 0xe3, 0x76, 0x1d, 0x53, 0xb5, 0xbe,
+    0x11, 0x06, 0xdb, 0x9b, 0xaf, 0x74, 0xf7, 0xf8, 0xdb, 0x90, 0xed, 0x63, 0xe0, 0xe5, 0x11, 0xf0,
+    0xe2, 0xf2, 0x02, 0x11, 0x90, 0x92, 0xcd, 0x93, 0x02, 0x52, 0x6c, 0x82, 0xdd, 0x56, 0xe2, 0xa9,
+    0xd6, 0xdf, 0xa8, 0x5d, 0x41, 0xe9, 0x4e, 0xbd, 0xa8, 0x85, 0x40, 0xe0, 0x47, 0x16, 0xd6, 0xeb,
+    0xee, 0x24, 0x88, 0x8e, 0x55, 0xdd, 0xc3, 0x99, 0x88, 0xec, 0x4f, 0x17, 0x09, 0x3f, 0xee, 0xe9,
+    0x90, 0x5f, 0xc0, 0xaf, 0x78, 0xb8, 0xa8, 0xd8, 0xc0, 0xb5, 0x22, 0x77, 0x67, 0xf6, 0x90, 0x0c,
+    0x14, 0xb9, 0x5d, 0x62, 0x8c, 0xd1, 0x12, 0x1e, 0x5d, 0x01, 0x65, 0x7c, 0xbf, 0xbb, 0x14, 0xc0,
+    0x3e, 0x90, 0x65, 0x7d, 0x97, 0xf2, 0x8a, 0x21, 0x65, 0x36, 0xff, 0x5c, 0x24, 0xfc, 0x3e, 0x22,
+    0x86, 0x7e, 0x1f, 0x16, 0x34, 0x2b, 0x06, 0xc5, 0x1f, 0x81, 0x17, 0xd3, 0xfe, 0xbf, 0x86, 0x6d,
+    0x49, 0x82, 0x21, 0x3a, 0x5c, 0x7d, 0x0a, 0x8c, 0x21, 0x40, 0x39, 0xb6, 0xc1, 0x02, 0x49, 0xb7,
+    0xf7, 0x07, 0x1e, 0xff, 0x7c, 0x62, 0x81, 0x6d, 0x1e, 0xa8, 0x21, 0x92, 0x71, 0x94, 0xf7, 0xd8,
+    0x0a, 0xbd, 0xcf, 0x31, 0x46, 0x89, 0x09, 0x0f, 0xcf, 0xe1, 0xd3, 0x3e, 0xbe, 0xbc, 0x0a, 0x60,
+  },
+  { /* 3 */
+    0xa8, 0x78, 0x41, 0x9a, 0x63, 0x9a, 0xaa, 0xcc, 0x6d, 0x6b, 0xb6, 0x2d, 0xbf, 0x63, 0x8e, 0x1b,
+    0xb4, 0x31, 0xad, 0x42, 0xc9, 0x42, 0x37, 0x9b, 0xc6, 0x80, 0x29, 0xcb, 0xc0, 0xc9, 0x15, 0xf8,
+    0x96, 0xde, 0x29, 0xd5, 0x90, 0xd5, 0x18, 0x10, 0xbc, 0xed, 0x40, 0xd2, 0x7a, 0x90, 0xf0, 0x4e,
+    0x1e, 0xe4, 0x7c, 0xcc, 0x37, 0xcc, 0xa4, 0x79, 0x97, 0x9a, 0x27, 0xb6, 0xd7, 0x37, 0xe2, 0xd3,
+    0x8a, 0x97, 0xc5, 0x0d, 0x3a, 0x0d, 0x85, 0x47, 0x17, 0x06, 0xdf, 0x34, 0x05, 0x3a, 0x6b, 0xad,
+    0xf5, 0x02, 0xcd, 0x8d, 0x2d, 0x8d, 0xe6, 0x05, 0x54, 0x61, 0x14, 0x71, 0xb0, 0x2d, 0x33, 0x2f,
+    0x9f, 0x98, 0x64, 0x8f, 0x0e, 0x8f, 0x01, 0xbf, 0x52, 0x33, 0xb9, 0x79, 0xcb, 0x0e, 0x0a, 0x96,
+    0xa5, 0xa7, 0xef, 0xe8, 0x04, 0xe8, 0xc1, 0x3f, 0xfb, 0x57, 0xfc, 0x26, 0x9d, 0x04, 0x86, 0xa3,
+    0x13, 0x3b, 0xd2, 0xbe, 0x50, 0xbe, 0xcf, 0x8a, 0x01, 0xa6, 0x6d, 0xbd, 0xf5, 0x50, 0xea, 0x6b,
+    0x39, 0x25, 0x53, 0x79, 0x38, 0x79, 0x04, 0xb9, 0x8b, 0xcc, 0xa1, 0x27, 0xaa, 0x38, 0x28, 0x1d,
+    0xac, 0xe1, 0xa2, 0xb2, 0x9a, 0xb2, 0xd8, 0x90, 0x15, 0x89, 0x05, 0x8d, 0x2c, 0x9a, 0x7c, 0x7b,
+    0x2d, 0x9d, 0xba, 0xf1, 0xa3, 0xf1, 0x7d, 0x56, 0xd0, 0x20, 0x9b, 0x42, 0x30, 0xa3, 0x94, 0x3e,
+    0x83, 0xd1, 0x88, 0x57, 0xa4, 0x57, 0x9c, 0xe8, 0xf9, 0xd8, 0x26, 0x9f, 0xb4, 0xa4, 0x91, 0x75,
+    0x86, 0xff, 0x23, 0x75, 0xf2, 0x75, 0x13, 0xa3, 0x9f, 0xe3, 0xc9, 0x17, 0x73, 0xf2, 0xbe, 0x0d,
+    0xb9, 0xee, 0x03, 0x30, 0xae, 0x30, 0x5c, 0x68, 0x50, 0xbc, 0x63, 0xc0, 0xe2, 0xae, 0x1d, 0x40,
+    0x76, 0xd3, 0x45, 0xda, 0x89, 0xda, 0x7a, 0xed, 0xad, 0xb9, 0x32, 0xee, 0x04, 0x89, 0xa2, 0x5a,
+    0x0f, 0x72, 0x3e, 0x66, 0xfa, 0x66, 0x52, 0xdd, 0xaa, 0x4d, 0xf2, 0x5b, 0x8a, 0xfa, 0x71, 0x88,
+    0x5a, 0xf9, 0xb7, 0x21, 0x85, 0x21, 0xfa, 0xac, 0x63, 0x40, 0xf5, 0x84, 0x60, 0x85, 0xeb, 0x7c,
+    0xa0, 0x89, 0x44, 0xca, 0x52, 0xca, 0x4e, 0x74, 0x9d, 0x6c, 0x13, 0xae, 0x5a, 0x52, 0xa9, 0xdb,
+    0x92, 0x47, 0xca, 0xfd, 0x69, 0xfd, 0x6a, 0x4c, 0xc4, 0x0f, 0xf3, 0x72, 0xe9, 0x69, 0x02, 0x2e,
+    0xe2, 0xa0, 0xfc, 0x1b, 0x84, 0x1b, 0x5b, 0xd3, 0x2d, 0x25, 0xca, 0x6c, 0xd6, 0x84, 0x2b, 0x24,
+    0x34, 0xfa, 0xfd, 0x0b, 0x5f, 0x0b, 0x6f, 0x4a, 0x1d, 0xf0, 0xeb, 0x2c, 0x88, 0x5f, 0x20, 0xa5,
+    0xee, 0xc8, 0x1a, 0x63, 0x4c, 0x63, 0xcd, 0x37, 0xa5, 0xc0, 0xdc, 0x4f, 0xa0, 0x4c, 0xfe, 0x84,
+    0x6d, 0x19, 0x92, 0x34, 0xe8, 0x34, 0x51, 0xdf, 0x5c, 0x18, 0xfa, 0xd0, 0x14, 0xe8, 0x6f, 0xf1,
+    0x1a, 0x7d, 0x9f, 0xe4, 0xce, 0xe4, 0xd6, 0x25, 0xef, 0x78, 0x94, 0x16, 0x44, 0xce, 0x10, 0xb3,
+    0x24, 0xdb, 0xf7, 0xab, 0x3d, 0xab, 0x64, 0xf9, 0x3e, 0xfe, 0x62, 0xe9, 0x81, 0x3d, 0x6e, 0xe6,
+    0x1f, 0x53, 0x34, 0xc6, 0x98, 0xc6, 0x59, 0x6e, 0x89, 0x43, 0x7b, 0x9e, 0x83, 0x98, 0x3f, 0xcb,
+    0xd2, 0xc3, 0xe2, 0x38, 0x22, 0x38, 0x46, 0xc5, 0x48, 0x37, 0x92, 0xe0, 0xcd, 0x22, 0xf9, 0xe1,
+    0x18, 0xd0, 0x0f, 0xf0, 0x53, 0xf0, 0xef, 0x0b, 0xd3, 0x09, 0x2c, 0x46, 0xec, 0x53, 0x69, 0x83,
+    0x37, 0xe0, 0x25, 0x15, 0x6d, 0x15, 0xab, 0x73, 0x3f, 0x58, 0x0f, 0x54, 0x74, 0x6d, 0x84, 0x8d,
+    0x6a, 0x9a, 0xa9, 0x02, 0x23, 0x02, 0xe7, 0xba, 0x06, 0x52, 0xad, 0x08, 0x7b, 0x23, 0x39, 0xb9,
+    0x3f, 0x11, 0x20, 0x45, 0x5c, 0x45, 0x4f, 0xcb, 0xcf, 0x5f, 0xaa, 0xd7, 0x91, 0x5c, 0xa3, 0x4d,
+    0xae, 0x4c, 0x32, 0xa6, 0x07, 0xa6, 0xe1, 0xbe, 0x29, 0xf8, 0xbd, 0xdd, 0x84, 0x07, 0x05, 0x4b,
+    0x10, 0x21, 0x0a, 0xa0, 0x62, 0xa0, 0x0b, 0xb3, 0x23, 0x0e, 0x89, 0xc5, 0x09, 0x62, 0x4e, 0x43,
+    0x46, 0xb0, 0x5b, 0xf9, 0x2f, 0xf9, 0x67, 0xfb, 0xc8, 0xab, 0x6a, 0x62, 0x1f, 0x2f, 0x70, 0x9f,
+    0x6c, 0xae, 0xda, 0x3e, 0x47, 0x3e, 0xac, 0xc8, 0x42, 0xc1, 0xa6, 0xf8, 0x40, 0x47, 0xb2, 0xe9,
+    0xbc, 0xc0, 0xa8, 0x12, 0xf8, 0x12, 0xd3, 0x23, 0x36, 0x87, 0x8c, 0x48, 0x25, 0xf8, 0x32, 0x38,
+    0x68, 0x37, 0x39, 0x16, 0xbe, 0x16, 0xde, 0x94, 0x3a, 0x23, 0x15, 0x58, 0xd3, 0xbe, 0x40, 0x89,
+    0x0b, 0xeb, 0xdd, 0x4e, 0x03, 0x4e, 0x20, 0x81, 0xd2, 0xaf, 0x41, 0xfb, 0x19, 0x03, 0x83, 0xe8,
+    0x3e, 0xa6, 0x68, 0x4f, 0xf3, 0x4f, 0xb2, 0xdc, 0xd1, 0x86, 0xf6, 0xff, 0xc5, 0xf3, 0x7e, 0x55,
+    0xfe, 0xe9, 0x10, 0xc3, 0x2e, 0xc3, 0xc6, 0x84, 0x86, 0xce, 0x55, 0x8a, 0xa9, 0x2e, 0xb0, 0xc7,
+    0xa9, 0xcf, 0x09, 0x90, 0xcc, 0x90, 0x57, 0xdb, 0x73, 0xb2, 0xea, 0x05, 0xeb, 0xcc, 0x53, 0x03,
+    0x28, 0xb3, 0x11, 0xd3, 0xf5, 0xd3, 0xf2, 0x1d, 0xb6, 0x1b, 0x74, 0xca, 0xf7, 0xf5, 0xbb, 0x46,
+    0x7c, 0x8f, 0xd0, 0x9e, 0x25, 0x9e, 0xa7, 0x7b, 0x61, 0xcf, 0x2f, 0x3d, 0x49, 0x25, 0xfc, 0xaa,
+    0xf2, 0x81, 0xf6, 0xbb, 0xe6, 0xbb, 0x50, 0x60, 0x0e, 0x2b, 0x43, 0xa9, 0xdf, 0xe6, 0x65, 0x67,
+    0xbf, 0xda, 0x70, 0x0c, 0xca, 0x0c, 0x17, 0x1a, 0x14, 0x2f, 0x68, 0x30, 0xd9, 0xca, 0x96, 0x10,
+    0xf4, 0xb5, 0x85, 0x87, 0x82, 0x87, 0x1b, 0x12, 0x4a, 0xb8, 0x48, 0x59, 0xe4, 0x82, 0xee, 0x37,
+    0xcb, 0xa4, 0xa5, 0xc2, 0xde, 0xc2, 0x54, 0xd9, 0x85, 0xe7, 0xe2, 0x8e, 0x75, 0xde, 0x4d, 0x7a,
+    0x06, 0x34, 0x73, 0x3c, 0x64, 0x3c, 0x4b, 0x72, 0x44, 0x93, 0x0b, 0xf0, 0x3b, 0x64, 0x8b, 0x50,
+    0xf8, 0xdd, 0x63, 0xff, 0x4a, 0xff, 0x8d, 0xf6, 0xc2, 0x5d, 0x5e, 0x7a, 0x92, 0x4a, 0x3b, 0x97,
+    0xbd, 0x77, 0xe0, 0x18, 0x57, 0x18, 0x2e, 0x34, 0x28, 0x5e, 0xd0, 0x60, 0x71, 0x57, 0xef, 0x20,
+    0x75, 0xc9, 0x9d, 0xc4, 0xbb, 0xc4, 0xbe, 0xd4, 0x8f, 0x11, 0xd6, 0x96, 0xf8, 0xbb, 0x06, 0x72,
+    0x03, 0x1a, 0xd8, 0x1e, 0x32, 0x1e, 0xc4, 0x39, 0x22, 0xa8, 0xe4, 0x78, 0xfc, 0x32, 0xa4, 0x28,
+    0x4c, 0xec, 0xce, 0xbd, 0x83, 0xbd, 0xba, 0x6d, 0x04, 0xdd, 0x77, 0xb1, 0x52, 0x83, 0x2e, 0x6f,
+    0x4b, 0x6f, 0xf5, 0x8b, 0x48, 0x8b, 0x0c, 0x08, 0x5e, 0x97, 0x20, 0x69, 0x3d, 0x48, 0x78, 0x27,
+    0xc0, 0x4f, 0x78, 0x8c, 0xdd, 0x8c, 0x74, 0x58, 0x57, 0x48, 0xa3, 0x75, 0x6c, 0xdd, 0xce, 0x92,
+    0x04, 0x99, 0xe3, 0x28, 0xf9, 0x28, 0x72, 0x5c, 0x78, 0xe2, 0xb3, 0xa0, 0x93, 0xf9, 0xf2, 0x60,
+    0xb3, 0xb2, 0x96, 0x74, 0x02, 0x74, 0x81, 0xfe, 0x9c, 0xca, 0x7e, 0x13, 0xaf, 0x02, 0x43, 0xb0,
+    0xb6, 0x9c, 0x3d, 0x56, 0x54, 0x56, 0x0e, 0xb5, 0xfa, 0xf1, 0x91, 0x9b, 0x68, 0x54, 0x6c, 0xc8,
+    0x51, 0x12, 0x6a, 0x6f, 0x86, 0x6f, 0xda, 0x2d, 0xb1, 0xef, 0xb4, 0x7f, 0x79, 0x86, 0x68, 0x94,
+    0xeb, 0xe6, 0xb1, 0x41, 0x1a, 0x41, 0x42, 0x7c, 0xc3, 0xfb, 0x33, 0xc7, 0x67, 0x1a, 0xd1, 0xfc,
+    0x98, 0x1b, 0x5f, 0xb9, 0xc5, 0xb9, 0xb7, 0xda, 0x08, 0x79, 0xee, 0xa1, 0xa4, 0xc5, 0x5c, 0xde,
+    0x23, 0x58, 0xcc, 0x9d, 0xf6, 0x9d, 0xd2, 0x9c, 0x64, 0xb4, 0x35, 0x31, 0xee, 0xf6, 0x38, 0xae,
+    0xab, 0x62, 0x99, 0x84, 0x51, 0x84, 0x6e, 0xf5, 0x4f, 0xc3, 0x52, 0x55, 0x43, 0x51, 0x2a, 0x33,
+    0xb2, 0x05, 0xde, 0x7e, 0xad, 0x7e, 0x7c, 0xe9, 0x82, 0x13, 0x22, 0x3b, 0xfb, 0xad, 0x9e, 0xa8,
+    0x99, 0xac, 0x17, 0xb3, 0x6a, 0xb3, 0x4a, 0xcd, 0x16, 0xa0, 0xb2, 0x89, 0xf0, 0x6a, 0x81, 0xc6,
+    0x89, 0x8d, 0x1d, 0x13, 0x08, 0x13, 0x41, 0x7e, 0x35, 0xae, 0x3b, 0x4c, 0xf9, 0x08, 0xcf, 0x85,
+    0xdf, 0x1c, 0x4c, 0x4a, 0x45, 0x4a, 0x2d, 0x36, 0xde, 0x0b, 0xd8, 0xeb, 0xef, 0x45, 0xf1, 0x59,
+    0x0d, 0xdf, 0xae, 0x72, 0x67, 0x72, 0x6b, 0xf3, 0x96, 0x3c, 0x4a, 0x0b, 0x22, 0x67, 0x08, 0xb8,
+    0x31, 0xd4, 0x56, 0x29, 0x09, 0x29, 0xe0, 0x01, 0x7b, 0xcb, 0x04, 0xa4, 0x4f, 0x09, 0x0f, 0xdd,
+    0x70, 0xe7, 0x36, 0xe6, 0xed, 0xe6, 0x31, 0x9f, 0xe9, 0x2a, 0x39, 0x1e, 0x3f, 0xed, 0x29, 0x0a,
+    0x73, 0xfd, 0xee, 0xf8, 0xdf, 0xf8, 0xf5, 0xa6, 0xcb, 0x82, 0xdd, 0x66, 0xc3, 0xdf, 0x8d, 0x22,
+    0x1d, 0xfe, 0xa4, 0xd2, 0x05, 0xd2, 0x60, 0x40, 0xb5, 0x32, 0xc3, 0xce, 0x2b, 0x05, 0x46, 0xfb,
+    0x8d, 0x14, 0xfe, 0x3b, 0xf1, 0x3b, 0x33, 0x22, 0x4d, 0x4c, 0x88, 0xec, 0x6a, 0xf1, 0x3d, 0xe5,
+    0xf1, 0x9b, 0x2e, 0xa5, 0xd4, 0xa5, 0x94, 0x59, 0x2c, 0x83, 0xa7, 0xd1, 0x23, 0xd4, 0xc1, 0x4f,
+    0x7d, 0x38, 0x98, 0x94, 0x8a, 0x94, 0x5a, 0x6c, 0x7f, 0x16, 0x73, 0x15, 0x1d, 0x8a, 0x21, 0xb2,
+    0x17, 0xa2, 0x31, 0x96, 0xa9, 0x96, 0xbd, 0xd6, 0x79, 0x44, 0xde, 0x1d, 0x66, 0xa9, 0x18, 0x0b,
+    0x2c, 0x2a, 0xf2, 0xfb, 0x0c, 0xfb, 0x80, 0x41, 0xce, 0xf9, 0xc7, 0x6a, 0x64, 0x0c, 0x49, 0x26,
+    0x35, 0x4d, 0xb5, 0x01, 0xf0, 0x01, 0x92, 0x5d, 0x03, 0x29, 0xb7, 0x04, 0xdc, 0xf0, 0xfd, 0xbd,
+    0x88, 0x3a, 0x55, 0x19, 0xa7, 0x19, 0xbc, 0x69, 0x2b, 0x77, 0x67, 0x64, 0xad, 0xa7, 0x12, 0x9d,
+    0x67, 0x45, 0x07, 0x70, 0x44, 0x70, 0x8c, 0x49, 0x90, 0x6e, 0xe7, 0x03, 0x59, 0x44, 0x31, 0x01,
+    0xe1, 0xba, 0x24, 0x05, 0xb6, 0x05, 0x9f, 0xea, 0x0f, 0x8d, 0x2e, 0x14, 0x2a, 0xb6, 0x8f, 0x0c,
+    0xb5, 0x86, 0xe5, 0x48, 0x66, 0x48, 0xca, 0x8c, 0xd8, 0x59, 0x75, 0xe3, 0x94, 0x66, 0xc8, 0xe0,
+    0x64, 0x5f, 0xdf, 0x6e, 0x76, 0x6e, 0x48, 0x70, 0xb2, 0xc6, 0x03, 0x7b, 0xa5, 0x76, 0x95, 0x29,
+    0xb1, 0x1f, 0x06, 0x60, 0x9f, 0x60, 0xb8, 0xd0, 0xa0, 0xbb, 0xc6, 0x43, 0x07, 0x9f, 0x3a, 0x80,
+    0x08, 0xf1, 0x05, 0x50, 0x31, 0x50, 0xe4, 0xb8, 0xf0, 0x07, 0xa5, 0x83, 0xe5, 0x31, 0x27, 0xc0,
+    0xe5, 0x23, 0xc7, 0x2d, 0x4f, 0x2d, 0xed, 0xb6, 0x77, 0x6f, 0x9d, 0xb4, 0xb9, 0x4f, 0x7d, 0x6c,
+    0x1c, 0x49, 0xec, 0xd8, 0xaa, 0xd8, 0x9d, 0x57, 0xab, 0xeb, 0x9f, 0xe6, 0x7f, 0xaa, 0x9b, 0xe3,
+    0x6b, 0x2d, 0xe1, 0x08, 0x8c, 0x08, 0x1a, 0xad, 0x18, 0x8b, 0xf1, 0x20, 0x2f, 0x8c, 0xe4, 0xa1,
+    0x5c, 0xcd, 0xc4, 0x1d, 0xe1, 0x1d, 0xb1, 0xde, 0x27, 0xd3, 0xfe, 0x74, 0x5b, 0xe1, 0x60, 0x2c,
+    0xa3, 0x93, 0x9c, 0xd4, 0x60, 0xd4, 0x8a, 0x4d, 0xbf, 0xc4, 0xf7, 0xd6, 0xa6, 0x60, 0x0d, 0xf3,
+    0x7a, 0xbb, 0xa3, 0xa2, 0x41, 0xa2, 0xec, 0x09, 0x25, 0x5c, 0x24, 0xcd, 0x72, 0x41, 0x77, 0xfa,
+    0xe8, 0xfc, 0x69, 0x5f, 0x28, 0x5f, 0x86, 0x45, 0xe1, 0x53, 0xd7, 0xbf, 0x9b, 0x28, 0x75, 0xd4,
+    0xda, 0x32, 0xe7, 0x68, 0x13, 0x68, 0xa2, 0x7d, 0xb8, 0x30, 0x37, 0x63, 0x28, 0x13, 0xde, 0x21,
+    0xd7, 0xed, 0x49, 0x1a, 0x74, 0x1a, 0xc9, 0x8e, 0x2e, 0x0c, 0x7d, 0x68, 0x0a, 0x74, 0xd6, 0x99,
+    0xfa, 0x70, 0xf3, 0xeb, 0xd7, 0xeb, 0xb4, 0xd8, 0xfe, 0x2c, 0xe6, 0x2a, 0x3a, 0xd7, 0x42, 0xa7,
+    0xa7, 0x0a, 0x7f, 0xfc, 0x99, 0xfc, 0xf8, 0x11, 0xc7, 0x26, 0x44, 0x76, 0x35, 0x99, 0xff, 0x93,
+    0x7f, 0x95, 0x08, 0x80, 0x17, 0x80, 0x63, 0x42, 0x43, 0x67, 0xcb, 0x45, 0xb5, 0x17, 0x58, 0x82,
+    0xe4, 0x94, 0x8f, 0x27, 0xe0, 0x27, 0x10, 0xa1, 0x69, 0xb6, 0xc1, 0x9c, 0xed, 0xe0, 0xa0, 0x74,
+    0x8f, 0xb9, 0x6e, 0x2f, 0x6c, 0x2f, 0x0a, 0x0c, 0x71, 0x3d, 0x30, 0xbc, 0xc2, 0x6c, 0x44, 0xd5,
+    0xa1, 0x3e, 0x0c, 0xc0, 0xfd, 0xc0, 0xb3, 0x63, 0x83, 0xb5, 0x4f, 0x86, 0x0e, 0xfd, 0x74, 0xc3,
+    0x52, 0x08, 0xb2, 0x71, 0xb4, 0x71, 0x1e, 0x14, 0x93, 0x47, 0x50, 0x07, 0x85, 0xb4, 0xcc, 0xbc,
+    0xec, 0x65, 0x8a, 0x77, 0xd1, 0x77, 0xf4, 0x19, 0x99, 0xb1, 0x64, 0x1f, 0x08, 0xd1, 0x87, 0xb4,
+    0x3b, 0x88, 0xc3, 0x6d, 0xa5, 0x6d, 0x3d, 0x97, 0xb7, 0xbd, 0x19, 0x77, 0x02, 0xa5, 0x51, 0x2d,
+    0xa2, 0x24, 0xd4, 0xde, 0xcf, 0xde, 0x77, 0x5a, 0xa1, 0x1d, 0xab, 0xfe, 0xf2, 0xcf, 0xd0, 0xeb,
+    0x5f, 0xd7, 0x1c, 0x03, 0xd3, 0x03, 0x75, 0xe7, 0x05, 0x7b, 0x1a, 0x0c, 0xa7, 0xd3, 0xc4, 0x04,
+    0x50, 0xa5, 0x22, 0x65, 0x29, 0x65, 0x27, 0x3a, 0xaf, 0x36, 0xe8, 0x57, 0x2d, 0x29, 0xb5, 0x8c,
+    0x4a, 0xd8, 0xbd, 0x81, 0xe7, 0x81, 0xf1, 0x1f, 0x40, 0x4e, 0x7c, 0x41, 0x69, 0xe7, 0xa5, 0x3f,
+    0x57, 0x26, 0x19, 0x53, 0xe2, 0x53, 0x91, 0x5f, 0xf5, 0x7c, 0xbf, 0x8f, 0x42, 0xe2, 0xe3, 0xc4,
+    0x55, 0x8b, 0x89, 0x47, 0x7f, 0x47, 0xa8, 0x71, 0xc9, 0x0d, 0x07, 0xdf, 0xea, 0x7f, 0x9a, 0xf4,
+    0xdc, 0x06, 0x94, 0x54, 0x77, 0x54, 0xe9, 0x0f, 0xfc, 0xa3, 0x3c, 0x93, 0x13, 0x77, 0x55, 0x71,
+    0xde, 0xab, 0x04, 0x40, 0xea, 0x40, 0xd0, 0x21, 0xc0, 0xd2, 0x84, 0xc3, 0xbb, 0xea, 0x2c, 0x41,
+    0x9d, 0x35, 0xf4, 0x9b, 0x93, 0x9b, 0x38, 0x91, 0x6e, 0x42, 0x01, 0x29, 0x63, 0x93, 0x73, 0xa6,
+    0xe7, 0x8e, 0x57, 0x39, 0xd2, 0x39, 0xd4, 0x98, 0x4b, 0x1e, 0x25, 0xe4, 0x11, 0xd2, 0x04, 0x5c,
+    0xaf, 0xfb, 0x7a, 0xac, 0xa8, 0xac, 0x1c, 0xa9, 0x37, 0x21, 0xe1, 0xf5, 0xd0, 0xa8, 0xd8, 0x53,
+    0x97, 0x69, 0x61, 0xdf, 0x3f, 0xdf, 0xe5, 0x07, 0xa2, 0x34, 0x1c, 0xfa, 0x2e, 0x3f, 0x2d, 0x56,
+    0xaa, 0xd5, 0xd1, 0x8e, 0xfe, 0x8e, 0x93, 0xe2, 0x51, 0x1a, 0x0e, 0x7d, 0x17, 0xfe, 0xf7, 0x2b,
+    0x26, 0x76, 0x67, 0xbf, 0xa0, 0xbf, 0x5d, 0xd7, 0x02, 0x8f, 0xda, 0xb9, 0x29, 0xa0, 0x17, 0xd6,
+    0x4d, 0x5b, 0x86, 0xb7, 0x2c, 0xb7, 0x47, 0x7a, 0x1a, 0x04, 0x2b, 0x99, 0x06, 0x2c, 0xf3, 0x77,
+    0x54, 0x3c, 0xc1, 0x4d, 0xd0, 0x4d, 0x55, 0x66, 0xd7, 0xd4, 0x5b, 0xf7, 0xbe, 0xd0, 0x47, 0xec,
+    0xf7, 0xaf, 0x5d, 0x99, 0xb0, 0x99, 0xdf, 0x2b, 0x68, 0x10, 0xac, 0x21, 0x18, 0xb0, 0x4a, 0x1f,
+    0xd9, 0x28, 0x3f, 0x76, 0x21, 0x76, 0x66, 0x44, 0x9a, 0x98, 0xd3, 0x1b, 0xd4, 0x21, 0x7a, 0x09,
+    0x84, 0x52, 0xb3, 0x61, 0x6f, 0x61, 0x2a, 0x8d, 0xa3, 0x92, 0x71, 0x47, 0xdb, 0x6f, 0xc7, 0x3d,
+    0x41, 0x33, 0x60, 0xcf, 0xe4, 0xcf, 0xd1, 0x9e, 0x92, 0xe1, 0x3d, 0xba, 0x70, 0xe4, 0x26, 0xd7,
+    0x82, 0x66, 0xc0, 0x5d, 0x0b, 0x5d, 0x61, 0xff, 0xe7, 0x01, 0x7a, 0xb7, 0xe0, 0x0b, 0x4c, 0x6d,
+    0xd6, 0x5a, 0x01, 0x10, 0xdb, 0x10, 0x34, 0x99, 0x30, 0xd5, 0x21, 0x40, 0x5e, 0xdb, 0x0b, 0x81,
+    0xb7, 0x2b, 0x75, 0x5c, 0xfb, 0x5c, 0xf3, 0xa2, 0xe4, 0x28, 0xcd, 0xb3, 0x3c, 0xfb, 0xb1, 0xd0,
+    0xdb, 0x85, 0xaf, 0x62, 0xbc, 0x62, 0x5f, 0x6a, 0xa6, 0xe9, 0x6b, 0x4b, 0x7c, 0xbc, 0x03, 0x39,
+    0x2b, 0xa9, 0xc9, 0xcd, 0xc7, 0xcd, 0x36, 0x24, 0x94, 0xb3, 0x90, 0xb2, 0x0b, 0xc7, 0x1f, 0x6e,
+    0xa6, 0xbd, 0x37, 0xf6, 0x36, 0xf6, 0x05, 0x06, 0xd9, 0xff, 0x18, 0x5e, 0x61, 0x36, 0x22, 0x8b,
+    0x38, 0x92, 0x1b, 0x73, 0x97, 0x73, 0xf9, 0xae, 0x95, 0x15, 0xfd, 0x0f, 0xfe, 0x97, 0xf5, 0x05,
+    0xce, 0x8a, 0x0e, 0xe0, 0x88, 0xe0, 0xdb, 0x92, 0xe3, 0xdc, 0x0d, 0x06, 0xb2, 0x88, 0x62, 0x02,
+    0x95, 0xc4, 0xf1, 0xcb, 0xa2, 0xcb, 0xdc, 0x29, 0x9e, 0x45, 0xa4, 0xaa, 0x86, 0xa2, 0x54, 0x66,
+    0x71, 0x50, 0x7e, 0xec, 0x42, 0xec, 0xcc, 0x88, 0xf7, 0xf3, 0x65, 0x36, 0x6b, 0x42, 0xf4, 0x12,
+    0xc3, 0x55, 0xa0, 0x92, 0xef, 0x92, 0xb0, 0x61, 0x75, 0xe0, 0x47, 0x0d, 0x90, 0xef, 0x6a, 0xba,
+    0x8e, 0x0e, 0x26, 0x25, 0xc3, 0x25, 0xf7, 0x1b, 0x6f, 0xe4, 0x6c, 0x94, 0x96, 0xc3, 0x99, 0xcd,
+    0x9a, 0xb6, 0xcf, 0xad, 0x58, 0xad, 0x8e, 0xf4, 0x34, 0x08, 0x56, 0xf1, 0x0c, 0x58, 0x25, 0xee,
+    0xef, 0x7f, 0x52, 0x69, 0xe3, 0x69, 0x30, 0x20, 0xbb, 0x19, 0x80, 0x67, 0xf4, 0xe3, 0x23, 0x9c,
+    0x25, 0x6c, 0xbf, 0xa1, 0x92, 0xa1, 0x99, 0xee, 0x20, 0x27, 0x3e, 0xc1, 0xd5, 0x92, 0xb3, 0xfe,
+    0xa4, 0x10, 0xa7, 0xe2, 0xab, 0xe2, 0x3c, 0x28, 0xe5, 0x8e, 0xa0, 0x0e, 0xc9, 0xab, 0x5b, 0xbb,
+    0xe9, 0x4b, 0x21, 0x55, 0x87, 0x55, 0x7b, 0x52, 0xff, 0x8a, 0x8b, 0x97, 0xcf, 0x87, 0xa8, 0xcc,
+    0x3c, 0x0b, 0xf8, 0x5b, 0x6e, 0x5b, 0x8b, 0xf2, 0xed, 0xf7, 0x4e, 0xaf, 0x6d, 0x6e, 0x07, 0x65,
+    0x6f, 0xb4, 0x02, 0x20, 0x75, 0x20, 0x68, 0xf1, 0x60, 0x69, 0x42, 0x80, 0xbc, 0x75, 0x16, 0xc1,
+    0x02, 0xad, 0x90, 0x14, 0x9d, 0x14, 0x39, 0x2e, 0x3c, 0x71, 0xb8, 0x50, 0xa8, 0x9d, 0x79, 0x30,
+    0x01, 0xb7, 0x48, 0x0a, 0xaf, 0x0a, 0xfd, 0x17, 0x1e, 0xd9, 0x5c, 0x28, 0x54, 0xaf, 0xdd, 0x18,
+    0x0a, 0x5c, 0x95, 0x44, 0xac, 0x44, 0xdd, 0x96, 0xcc, 0x76, 0x1d, 0xd3, 0x4d, 0xac, 0x5e, 0xf0,
+    0x09, 0x46, 0x4d, 0x5a, 0x9e, 0x5a, 0x19, 0xaf, 0xee, 0xde, 0xf9, 0xab, 0xb1, 0x9e, 0xfa, 0xd8,
+    0x94, 0x73, 0xb9, 0xc1, 0x0d, 0xc1, 0x21, 0x3e, 0x80, 0x9c, 0xf8, 0x82, 0xd2, 0x0d, 0x89, 0x7e,
+    0xed, 0xd2, 0xc2, 0x7d, 0x7e, 0x7d, 0x09, 0x0e, 0x87, 0x68, 0x38, 0x37, 0x5c, 0x7e, 0x5a, 0xac,
+    0x59, 0xe3, 0x6f, 0x3f, 0xb7, 0x3f, 0x3e, 0x95, 0x41, 0xe8, 0x11, 0xfc, 0x9c, 0xb7, 0x4f, 0x54,
+    0x61, 0x71, 0x74, 0x4c, 0x20, 0x4c, 0xc7, 0x3b, 0xd4, 0xfd, 0xec, 0xf3, 0x62, 0x20, 0xba, 0x51,
+    0x69, 0x80, 0x71, 0x1c, 0x11, 0x1c, 0x23, 0x83, 0x24, 0xfa, 0x49, 0x70, 0x87, 0x11, 0x9d, 0x91,
+    0x29, 0x04, 0x59, 0xd9, 0x5a, 0xd9, 0x0f, 0x0a, 0xa8, 0xc2, 0x28, 0xe2, 0xa3, 0x5a, 0x66, 0x5e,
+    0xb0, 0xa8, 0x4e, 0x6a, 0x30, 0x6a, 0x45, 0xc7, 0xbe, 0x62, 0x9a, 0x6b, 0x53, 0x30, 0xe7, 0x98,
+    0x30, 0x63, 0x1e, 0x23, 0xa6, 0x23, 0x1d, 0x16, 0x65, 0x12, 0x58, 0x8c, 0x1b, 0xa6, 0xd2, 0xc5,
+    0x60, 0xc6, 0x3c, 0x46, 0x8f, 0x46, 0x3a, 0x2c, 0xca, 0x24, 0xb0, 0xdb, 0x36, 0x8f, 0x67, 0x49,
+    0x74, 0x7e, 0xd5, 0xce, 0x14, 0xce, 0x43, 0xc3, 0x91, 0xc8, 0x8a, 0xbe, 0xac, 0x14, 0xdb, 0x6a,
+    0x22, 0xef, 0x84, 0x97, 0x59, 0x97, 0x2f, 0x8b, 0x7a, 0x6d, 0x69, 0x19, 0xba, 0x59, 0xe5, 0xb6,
+    0x0c, 0x68, 0xe6, 0x78, 0xc8, 0x78, 0x96, 0xe4, 0x88, 0xe5, 0x16, 0x23, 0x76, 0xc8, 0xd5, 0xa0,
+    0xcd, 0x90, 0xd6, 0xfe, 0xba, 0xfe, 0x1f, 0xab, 0xc1, 0x74, 0xe9, 0x7e, 0x4e, 0xba, 0xc6, 0x2a,
+    0x7b, 0x0c, 0xeb, 0xa8, 0xee, 0xa8, 0x11, 0x1e, 0x3b, 0x85, 0x78, 0xe5, 0x26, 0xee, 0xaa, 0xe2,
+    0x5b, 0x4e, 0xff, 0x2b, 0x2a, 0x2b, 0x07, 0xbb, 0x7d, 0x99, 0xa9, 0xac, 0x34, 0x2a, 0x36, 0x64,
+    0x40, 0x84, 0x28, 0xc5, 0x4b, 0xc5, 0x2c, 0x89, 0x8c, 0x38, 0x61, 0x92, 0x24, 0x4b, 0xfb, 0xcf,
+    0xe3, 0x17, 0xb4, 0x11, 0x2b, 0x11, 0xa6, 0xc4, 0x33, 0xfc, 0x96, 0x44, 0x82, 0x2b, 0xf6, 0x3c,
+    0x14, 0xb8, 0xe9, 0x88, 0x9b, 0x88, 0x79, 0xef, 0x5b, 0xec, 0x3a, 0x65, 0x9a, 0x9b, 0xbc, 0x23,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0xfd, 0xf3, 0xc8, 0xdd, 0x1c, 0xdd, 0x02, 0xbd, 0xa4, 0x66, 0xb1, 0xf2, 0x55, 0x1c, 0x14, 0xef,
+    0x78, 0x16, 0x33, 0xb6, 0xdc, 0xb6, 0xd5, 0x27, 0x19, 0x2d, 0x9c, 0x9d, 0xda, 0xdc, 0x0e, 0xca,
+    0xad, 0x56, 0xea, 0xb8, 0x35, 0xb8, 0x25, 0x87, 0x0b, 0x50, 0x59, 0xa5, 0x78, 0x35, 0xa1, 0x63,
+    0xd0, 0x6e, 0x72, 0x2c, 0xbf, 0x2c, 0x7f, 0xeb, 0x74, 0x46, 0x2a, 0xb0, 0x65, 0xbf, 0x80, 0xd1,
+    0x91, 0x5d, 0x12, 0xe3, 0x5b, 0xe3, 0xae, 0x75, 0xe6, 0xa7, 0x17, 0x0a, 0x15, 0x5b, 0xa6, 0x06,
+    0xfc, 0x44, 0x80, 0xd7, 0xb3, 0xd7, 0xff, 0xaa, 0xba, 0xbf, 0xed, 0xda, 0x01, 0xb3, 0xc9, 0xf7,
+    0xf9, 0x6a, 0x2b, 0xf5, 0xe5, 0xf5, 0x70, 0xe1, 0xdc, 0x84, 0x02, 0x52, 0xc6, 0xe5, 0xe6, 0x8f,
+    0xea, 0x51, 0xf9, 0x4b, 0xb5, 0x4b, 0xbf, 0x6b, 0xdd, 0x22, 0x6f, 0xef, 0x33, 0xb5, 0x0c, 0xe4,
+    0x85, 0xe5, 0xfb, 0x6b, 0xc0, 0x6b, 0xd7, 0x9a, 0xbd, 0x4b, 0x2d, 0x6f, 0x8f, 0xc0, 0x1a, 0x25,
+    0x7e, 0x22, 0x40, 0x8a, 0xb8, 0x8a, 0x9e, 0x55, 0x5d, 0xbe, 0x97, 0x6d, 0xe1, 0xb8, 0x85, 0x9a,
+    0x77, 0x64, 0x0d, 0xd0, 0x26, 0xd0, 0x87, 0xfa, 0xb3, 0x60, 0x6e, 0xc6, 0x50, 0x26, 0x7f, 0x42,
+    0xc7, 0xcc, 0x43, 0xba, 0x16, 0xba, 0xc2, 0x3d, 0x0d, 0x02, 0xf4, 0xad, 0x03, 0x16, 0x98, 0xda,
+    0xc5, 0x61, 0xd3, 0xae, 0x8b, 0xae, 0xfb, 0x13, 0x31, 0x73, 0x4c, 0xfd, 0xab, 0x8b, 0xe1, 0xea,
+    0x5d, 0x7a, 0x8c, 0x17, 0x4e, 0x17, 0x4c, 0xc9, 0x39, 0x0a, 0xa2, 0x5c, 0x0f, 0x4e, 0xbd, 0x34,
+    0x3a, 0x3f, 0x8b, 0x67, 0x0a, 0x67, 0xc0, 0x80, 0xa9, 0x64, 0x45, 0x5f, 0x56, 0x0a, 0x8c, 0x35,
+    0xd5, 0x40, 0xd9, 0x0e, 0xe9, 0x0e, 0xf0, 0xa0, 0x12, 0x7d, 0xc5, 0x38, 0xa2, 0xe9, 0xaf, 0xa9,
+    0x66, 0xf2, 0x4f, 0x7a, 0xeb, 0x7a, 0x71, 0x5e, 0x8e, 0xb7, 0xbb, 0x2b, 0x0d, 0xeb, 0xec, 0x19,
+    0x8b, 0x20, 0x8d, 0x07, 0x95, 0x07, 0x78, 0x50, 0x09, 0xdf, 0x83, 0x1c, 0x51, 0x95, 0xb6, 0xb5,
+    0x49, 0xc2, 0x65, 0x9f, 0xd5, 0x9f, 0x35, 0x26, 0x62, 0xe6, 0x98, 0x39, 0x95, 0xd5, 0x01, 0x17,
+    0xc2, 0xe2, 0xe8, 0x98, 0x40, 0x98, 0x4d, 0x76, 0x6b, 0x39, 0x1b, 0x25, 0xc4, 0x40, 0xb7, 0xa2,
+    0xc6, 0x7b, 0x0b, 0xb0, 0xb9, 0xb0, 0x3f, 0x2a, 0x13, 0xdb, 0xa8, 0x85, 0x57, 0xb9, 0x45, 0xc2,
+    0x56, 0x91, 0x51, 0x59, 0x4d, 0x59, 0x6c, 0x48, 0xeb, 0xa5, 0xe3, 0xa7, 0x16, 0x4d, 0x3e, 0xdc,
+    0x4e, 0x41, 0x5e, 0xa9, 0x1e, 0xa9, 0x83, 0x43, 0x38, 0xac, 0xcf, 0xe1, 0xfa, 0x1e, 0x57, 0x5f,
+    0x27, 0xc1, 0x2f, 0xb5, 0x0f, 0xb5, 0xa0, 0xc0, 0x1c, 0x56, 0x86, 0x91, 0x7d, 0x0f, 0xca, 0xce,
+    0xe6, 0x39, 0x1f, 0x33, 0x7d, 0x33, 0x29, 0x8f, 0x55, 0xc7, 0x79, 0xcc, 0x45, 0x7d, 0xd9, 0x44,
+    0x93, 0xf0, 0x82, 0xf7, 0xc6, 0xf7, 0x97, 0x5b, 0xda, 0xd6, 0xaf, 0x5a, 0xbd, 0xc6, 0xdf, 0x36,
+    0xbb, 0x43, 0x93, 0x24, 0x33, 0x24, 0x65, 0x46, 0x6c, 0xcd, 0xdb, 0x90, 0x4a, 0x33, 0x64, 0x70,
+    0xd1, 0xd9, 0x3a, 0x26, 0x10, 0x26, 0x82, 0xfc, 0x6a, 0x9f, 0x76, 0x98, 0x31, 0x10, 0x5d, 0xc9,
+    0x63, 0xdc, 0xe4, 0x58, 0xbd, 0x58, 0xfe, 0x15, 0xe8, 0x8c, 0x54, 0xa3, 0xca, 0xbd, 0xc3, 0x61,
+    0xc1, 0xf8, 0x30, 0x86, 0x72, 0x86, 0x89, 0x4f, 0x49, 0x91, 0xff, 0x5d, 0x38, 0x72, 0x13, 0x8a,
+    0x45, 0xaa, 0x83, 0xe7, 0x1d, 0xe7, 0xa3, 0xc2, 0xea, 0x03, 0x8e, 0x1a, 0xe3, 0x1d, 0xd4, 0xb7,
+    0xc8, 0xbe, 0x7d, 0xdc, 0xec, 0xdc, 0x90, 0xe0, 0xa7, 0x4f, 0x06, 0xf6, 0x89, 0xec, 0xe9, 0x52,
+    0x16, 0x15, 0x79, 0x9c, 0x06, 0x9c, 0x40, 0xc1, 0x67, 0x9d, 0x82, 0x35, 0x32, 0x06, 0xc5, 0x13,
+    0x1b, 0xca, 0xd7, 0xee, 0x61, 0xee, 0x2b, 0x32, 0xf1, 0xa1, 0xc8, 0x3e, 0x10, 0x61, 0xcd, 0xab,
+    0x20, 0x42, 0x14, 0x83, 0xc4, 0x83, 0x16, 0xa5, 0x46, 0x1c, 0xd1, 0x49, 0x12, 0xc4, 0x9c, 0x86,
+    0x9b, 0x01, 0x87, 0xa7, 0xf7, 0xa7, 0x73, 0xe3, 0x2a, 0xd1, 0x0a, 0xd9, 0x58, 0xf7, 0xf8, 0xf6,
+    0xf3, 0x36, 0xbe, 0xb1, 0x49, 0xb1, 0xad, 0x77, 0x10, 0xf2, 0x1f, 0x81, 0x8b, 0x49, 0xb8, 0x7f,
+    0xb8, 0x59, 0x4b, 0x3a, 0x01, 0x3a, 0xa1, 0x7f, 0x4e, 0x65, 0x3f, 0xe8, 0xb6, 0x01, 0xc0, 0x58,
+    0xf0, 0x2c, 0x66, 0xaf, 0x7b, 0xaf, 0x69, 0x4e, 0x32, 0x5a, 0xfb, 0xf9, 0x77, 0x7b, 0x1c, 0x57,
+    0x2f, 0x30, 0x2a, 0xe5, 0x3e, 0xe5, 0x44, 0x78, 0xec, 0x51, 0x23, 0x12, 0x98, 0x3e, 0xed, 0x0e,
+    0xba, 0xf4, 0xdb, 0x2e, 0x9c, 0x2e, 0x98, 0x51, 0x72, 0x14, 0x87, 0xb8, 0x1e, 0x9c, 0xb9, 0x68,
+    0x4f, 0xf6, 0x16, 0xa3, 0xb1, 0xa3, 0x7e, 0x54, 0x26, 0x75, 0x93, 0xc9, 0xae, 0xb1, 0x8a, 0x47,
+    0xbe, 0x6d, 0x38, 0x06, 0x65, 0x06, 0xea, 0x0d, 0x0a, 0xf6, 0x34, 0x18, 0x8d, 0x65, 0x4b, 0x08,
+    0x12, 0x8c, 0x9a, 0xb4, 0xff, 0xb4, 0x32, 0x9d, 0x1f, 0x7f, 0x31, 0x95, 0xa1, 0xff, 0x37, 0x73,
+    0x43, 0x9e, 0xf0, 0xdb, 0x79, 0xdb, 0xe8, 0xb0, 0xae, 0x90, 0x85, 0xea, 0xd8, 0x79, 0x5f, 0xe7,
+    0xcf, 0x3d, 0x46, 0xea, 0x27, 0xea, 0x26, 0x85, 0xfd, 0x05, 0x51, 0x2e, 0xe6, 0x27, 0xbf, 0x1a,
+    0xc9, 0x09, 0x35, 0xd6, 0x43, 0xd6, 0x6d, 0xf7, 0xb9, 0x96, 0x5a, 0xde, 0xdd, 0x43, 0x34, 0x4a,
+    0x2a, 0x1e, 0x81, 0xc7, 0x68, 0xc7, 0xcb, 0x33, 0x8a, 0x6a, 0xcc, 0x9a, 0x5f, 0x68, 0xc2, 0x76,
+    0x11, 0x96, 0x42, 0xaa, 0xcd, 0xaa, 0xf6, 0xa4, 0x3d, 0xd7, 0xd5, 0xed, 0x5d, 0xcd, 0x93, 0x5b,
+    0x15, 0x0f, 0xa1, 0x82, 0x34, 0x82, 0x84, 0xf8, 0x45, 0x35, 0x66, 0x4d, 0xce, 0x34, 0x61, 0x3b,
+    0xf6, 0x18, 0x15, 0x93, 0x1f, 0x93, 0x22, 0x3c, 0x76, 0xc9, 0xf0, 0x09, 0x4c, 0x1f, 0x97, 0x07,
+    0x62, 0x6b, 0xac, 0x52, 0x12, 0x52, 0x03, 0x02, 0xf6, 0x55, 0x08, 0x8b, 0x9e, 0x12, 0x1e, 0x79,
+    0xcc, 0x27, 0x9e, 0xf4, 0x15, 0xf4, 0xe2, 0xbc, 0xdf, 0xad, 0xb5, 0x56, 0x1a, 0x15, 0x1b, 0x32,
+    0xe0, 0x0d, 0x6c, 0x0f, 0x19, 0x0f, 0x62, 0xfd, 0x11, 0x54, 0x72, 0x3c, 0x7e, 0x19, 0x52, 0x14,
+    0x8c, 0xa3, 0xb6, 0x31, 0x5e, 0x31, 0xce, 0x35, 0x53, 0x95, 0xd4, 0xc4, 0x3e, 0x5e, 0xe0, 0xfd,
+    0x90, 0xea, 0x5a, 0xe9, 0xf4, 0xe9, 0x53, 0x62, 0xf8, 0x7e, 0x4b, 0x22, 0x41, 0xf4, 0x7b, 0x1e,
+    0x47, 0x07, 0x13, 0xf3, 0x80, 0xf3, 0x9a, 0xec, 0xd6, 0x72, 0x36, 0x4a, 0x4b, 0x80, 0xad, 0x87,
+    0xff, 0x5e, 0x58, 0xc9, 0x81, 0xc9, 0x3b, 0x93, 0x98, 0x17, 0x09, 0xa2, 0xfd, 0x81, 0x6d, 0xdf,
+    0x81, 0x7c, 0x18, 0x43, 0x39, 0x43, 0xa5, 0xc6, 0xc5, 0xa9, 0x9e, 0xcf, 0x1c, 0x39, 0xe8, 0x45,
+    0x5e, 0x60, 0x54, 0x09, 0x7c, 0x09, 0x88, 0xf0, 0x1b, 0xa2, 0x46, 0x24, 0xf3, 0x7c, 0x19, 0x1c,
+    0xfb, 0xc7, 0xbb, 0xe1, 0x78, 0xe1, 0x49, 0xcf, 0xe0, 0xf5, 0xba, 0x02, 0x6e, 0x78, 0x9f, 0xbf,
+    0x79, 0xa1, 0x7b, 0xbc, 0x73, 0xbc, 0x28, 0x30, 0x07, 0xf4, 0xc0, 0xb5, 0x8e, 0x73, 0xd3, 0xd2,
+    0x36, 0x57, 0x6d, 0x1f, 0xc2, 0x1f, 0x56, 0x64, 0x21, 0x81, 0x53, 0x7c, 0x20, 0xc2, 0x59, 0x95,
+    0x32, 0xce, 0x8e, 0x37, 0x3b, 0x37, 0x24, 0x38, 0x59, 0x63, 0xe0, 0xdc, 0xb3, 0x3b, 0xab, 0xf5,
+    0x0e, 0xc5, 0x76, 0x6c, 0x55, 0x6c, 0xaf, 0xca, 0xb4, 0x94, 0xae, 0x73, 0xde, 0x55, 0xac, 0x90,
+    0xd3, 0x74, 0xaa, 0x32, 0x8d, 0x32, 0xbb, 0xd2, 0x56, 0xee, 0xce, 0xc8, 0x99, 0x8d, 0x24, 0xf9,
+    0x33, 0x79, 0xc6, 0x3d, 0x94, 0x3d, 0xd9, 0x2f, 0x47, 0xba, 0xbc, 0xf4, 0xe7, 0x94, 0x76, 0xed,
+    0x53, 0xbf, 0xfa, 0x7b, 0x1b, 0x7b, 0xe3, 0x03, 0x8d, 0x9e, 0x0c, 0x2f, 0xd1, 0x1b, 0x11, 0xa4,
+    0x87, 0x48, 0x6b, 0x7f, 0x5d, 0x7f, 0xee, 0xb4, 0x81, 0x3a, 0x95, 0x3f, 0x27, 0x5d, 0x63, 0x15,
+    0x21, 0xf5, 0x5c, 0x89, 0x6b, 0x89, 0xeb, 0xb2, 0x58, 0xc5, 0x8d, 0x61, 0x46, 0x6b, 0x41, 0x9e,
+    0xd4, 0xf7, 0x91, 0x04, 0x46, 0x04, 0x0d, 0xb7, 0x0c, 0xa4, 0x99, 0x10, 0xf6, 0x46, 0x72, 0xb1,
+    0x07, 0x83, 0x3b, 0x36, 0xcb, 0x36, 0xb6, 0x65, 0x5a, 0x4a, 0x57, 0xd8, 0x6f, 0xcb, 0x56, 0x48,
+    0x48, 0x75, 0x2d, 0x95, 0x7a, 0x95, 0xc8, 0x31, 0x7c, 0x3f, 0xc4, 0x11, 0xc1, 0x7a, 0xdc, 0x0f,
+    0xdd, 0xb1, 0xdc, 0x5e, 0xd8, 0x5e, 0x14, 0x18, 0xe2, 0x7a, 0x60, 0xbb, 0x47, 0xd8, 0x88, 0x69,
+    0x6e, 0x03, 0x4a, 0x2a, 0xda, 0x2a, 0x95, 0xe6, 0x7e, 0xb0, 0x1e, 0xa8, 0xe8, 0xda, 0xcb, 0xd9,
+    0xc4, 0xd6, 0x9b, 0xa4, 0x24, 0xa4, 0x06, 0x04, 0x2f, 0xaa, 0x10, 0xd5, 0xff, 0x24, 0x3c, 0xf2,
+    0x58, 0x54, 0x27, 0x35, 0x18, 0x35, 0xc3, 0x82, 0x5f, 0x31, 0x4d, 0xd4, 0xc8, 0x18, 0x92, 0x4c,
+    0x9c, 0x82, 0xbc, 0x91, 0x3c, 0x91, 0xc5, 0x86, 0x70, 0x9b, 0x5d, 0x01, 0x37, 0x3c, 0xae, 0xbe,
+    0x05, 0x2e, 0xab, 0x22, 0x56, 0x22, 0x8f, 0x4b, 0x66, 0x3b, 0xef, 0x88, 0xc7, 0x56, 0x2f, 0x78,
+    0x19, 0x67, 0x47, 0xfa, 0xfc, 0xfa, 0x12, 0x1c, 0xcd, 0xd0, 0x70, 0x6e, 0xb8, 0xfc, 0xb4, 0x9b,
+    0xd8, 0x9f, 0x77, 0x7c, 0x8e, 0x7c, 0x9b, 0x53, 0x84, 0x41, 0x8f, 0x33, 0x80, 0x8e, 0xa7, 0x11,
+    0x80, 0xcb, 0x50, 0x49, 0x96, 0x49, 0x58, 0xd1, 0xdb, 0x70, 0xc2, 0xe7, 0x48, 0x96, 0x35, 0x5d,
+    0x9e, 0x2f, 0x2c, 0x85, 0xa1, 0x85, 0xfc, 0xa8, 0x4c, 0xea, 0xe5, 0x51, 0x9f, 0xa1, 0xd7, 0x8e,
+    0x44, 0x1d, 0xcb, 0xed, 0xb2, 0xed, 0x5e, 0xd5, 0xf4, 0xda, 0xd2, 0x32, 0xb7, 0xb2, 0x09, 0xaf,
+    0xca, 0x13, 0xed, 0xc8, 0x71, 0xc8, 0xa9, 0xce, 0x9b, 0x3e, 0xbe, 0xa6, 0x21, 0x71, 0x90, 0x62,
+    0x3d, 0xbc, 0xb0, 0x51, 0xc1, 0x51, 0x76, 0xe5, 0xf3, 0x2e, 0x12, 0x87, 0x39, 0xc1, 0xda, 0x7d,
+    0x2e, 0x87, 0x62, 0xef, 0x91, 0xef, 0xb9, 0x6f, 0xf2, 0x88, 0x7f, 0x3a, 0xcc, 0x91, 0x30, 0x16,
+    0x72, 0x4a, 0xa6, 0xf2, 0x70, 0xf2, 0x08, 0xb1, 0xd5, 0x5b, 0x81, 0x4e, 0x97, 0x70, 0x50, 0x3a,
+    0x42, 0x29, 0xb8, 0xd1, 0xd6, 0xd1, 0x15, 0xa7, 0xb0, 0x49, 0xd9, 0xc2, 0x8c, 0xd6, 0x82, 0xff,
+    0x65, 0xe8, 0x97, 0x64, 0xd9, 0x64, 0xb5, 0x67, 0xac, 0x1f, 0x5f, 0x53, 0xf1, 0xd9, 0x48, 0x31,
+  },
+  { /* 4 */
+    0x04, 0xc3, 0xb6, 0x81, 0x36, 0x3e, 0x4d, 0xde, 0x9f, 0xbe, 0xcc, 0x92, 0x5e, 0x72, 0x11, 0x8f,
+    0xc5, 0x34, 0x29, 0xba, 0x33, 0x7a, 0x21, 0x8a, 0x27, 0x60, 0x9b, 0x0b, 0x90, 0xfb, 0x32, 0xb5,
+    0xdf, 0x7b, 0x40, 0x9b, 0x9c, 0xe1, 0x8b, 0x64, 0x4d, 0x3d, 0x10, 0xa8, 0xb8, 0x2d, 0xbd, 0xb7,
+    0xb7, 0x84, 0x27, 0x1f, 0x65, 0xc8, 0x66, 0x5a, 0x26, 0x8a, 0x79, 0x61, 0x18, 0xf3, 0xc4, 0xbf,
+    0x1e, 0x8c, 0xdf, 0xa0, 0x99, 0xa5, 0xe7, 0x30, 0xf5, 0xe3, 0x47, 0x31, 0x76, 0xa4, 0x9e, 0x8d,
+    0x26, 0x94, 0x14, 0xa2, 0x5e, 0x12, 0xa7, 0x8e, 0x43, 0x58, 0x05, 0xc1, 0xc4, 0x5d, 0x70, 0xdb,
+    0xff, 0xac, 0xb9, 0x19, 0xef, 0xd2, 0xa6, 0x5b, 0x3f, 0x84, 0xbf, 0xb2, 0x0d, 0x3b, 0x35, 0x45,
+    0xc8, 0xf2, 0xfc, 0x4b, 0x85, 0xd6, 0x74, 0xfd, 0x12, 0xaf, 0x3f, 0xbb, 0x84, 0x90, 0x94, 0xb4,
+    0x7b, 0xb5, 0x6d, 0xd5, 0xd6, 0x20, 0x5f, 0x79, 0xab, 0x9b, 0x8a, 0x48, 0xc2, 0x11, 0x41, 0x84,
+    0x7a, 0xf5, 0xa1, 0x64, 0x3a, 0xce, 0xdd, 0xaf, 0xfc, 0x55, 0xb9, 0x8d, 0x34, 0xec, 0xd4, 0xd7,
+    0xe8, 0x25, 0x05, 0xc9, 0xf6, 0xe5, 0x59, 0xc2, 0x60, 0x16, 0x90, 0xa1, 0x31, 0x86, 0x1c, 0x46,
+    0xa0, 0x0d, 0x9b, 0xcf, 0x7c, 0xff, 0x99, 0xc3, 0x79, 0x18, 0x56, 0x72, 0x24, 0x4e, 0xed, 0xbc,
+    0x3e, 0x5b, 0x26, 0x22, 0xea, 0x96, 0xca, 0x0f, 0x87, 0x5a, 0xe8, 0x2b, 0xc3, 0xb2, 0x16, 0x7f,
+    0xe9, 0x65, 0xc9, 0x78, 0x1a, 0x0b, 0xdb, 0x14, 0x37, 0xd8, 0xa3, 0x64, 0xc7, 0x7b, 0x89, 0x15,
+    0x09, 0x05, 0x63, 0x70, 0x80, 0x92, 0x18, 0xa9, 0xaa, 0x71, 0x68, 0x22, 0x4a, 0x19, 0xb7, 0x8e,
+    0x18, 0xcf, 0x32, 0x80, 0xb4, 0x84, 0x6d, 0x81, 0xc4, 0x02, 0xed, 0xea, 0x07, 0xef, 0x66, 0xa4,
+    0xba, 0x42, 0xf2, 0xee, 0xd3, 0x64, 0x33, 0x2d, 0x13, 0x45, 0xdd, 0xd1, 0x0c, 0x98, 0x62, 0xbe,
+    0x83, 0x1a, 0xf5, 0x5d, 0xf8, 0x3d, 0xf1, 0x45, 0xf2, 0x30, 0xac, 0xe4, 0x48, 0x9c, 0x19, 0xbb,
+    0x1f, 0xcc, 0x13, 0x11, 0x75, 0x4b, 0x65, 0xe6, 0xa2, 0x2d, 0x74, 0xf4, 0x80, 0x59, 0x0b, 0xde,
+    0x33, 0x9d, 0xf3, 0xd3, 0x5c, 0x3a, 0x9f, 0x78, 0xb2, 0x95, 0x4c, 0x9b, 0xd7, 0xd9, 0xb0, 0x7e,
+    0xb1, 0xc7, 0xca, 0x3f, 0x48, 0xe9, 0xec, 0xeb, 0x17, 0x6b, 0xd3, 0xba, 0x69, 0xb8, 0x3c, 0x96,
+    0xb6, 0xc4, 0xeb, 0xae, 0x89, 0x26, 0xe4, 0x8c, 0x71, 0x44, 0x4a, 0xa4, 0xee, 0x0e, 0x51, 0xec,
+    0x46, 0x2e, 0xdc, 0xe7, 0xcb, 0x47, 0xd0, 0xcf, 0xd5, 0x50, 0x37, 0xef, 0xd8, 0x67, 0x2b, 0x0e,
+    0x78, 0x75, 0xfa, 0xc5, 0x21, 0xd1, 0x1a, 0xc0, 0x52, 0x0a, 0xdf, 0xc4, 0x1b, 0xd5, 0x3d, 0x71,
+    0x5b, 0x62, 0x94, 0x57, 0xa5, 0x13, 0x72, 0x46, 0xd9, 0x22, 0x25, 0x52, 0x77, 0x07, 0xc9, 0x76,
+    0x80, 0xda, 0x62, 0x4d, 0x0f, 0xcc, 0xb4, 0xfc, 0x0b, 0xa1, 0xf9, 0x68, 0x91, 0x58, 0x65, 0x4e,
+    0x8c, 0x5c, 0x7b, 0x0d, 0x55, 0x8e, 0x63, 0x5d, 0x69, 0xa0, 0x6e, 0x1d, 0x73, 0xce, 0x56, 0x1c,
+    0xeb, 0xe5, 0x92, 0xd9, 0x01, 0x14, 0x1c, 0x7b, 0x99, 0x87, 0xc5, 0x2d, 0xe8, 0x42, 0x60, 0xb3,
+    0x2d, 0x11, 0x2c, 0x73, 0xc5, 0x9f, 0x78, 0x48, 0x47, 0x76, 0x0b, 0xaa, 0xa1, 0x7d, 0x2e, 0xf3,
+    0xfb, 0x6f, 0x0f, 0x98, 0xd9, 0xec, 0xeb, 0x85, 0xa0, 0x3a, 0x73, 0x20, 0x53, 0x49, 0x24, 0xca,
+    0xd9, 0x38, 0xad, 0xbb, 0xb1, 0xc0, 0x01, 0xd5, 0x7c, 0xdc, 0xba, 0x73, 0xc9, 0x66, 0x45, 0x9e,
+    0xe0, 0x60, 0xaa, 0x08, 0x9a, 0x99, 0xc3, 0xbd, 0x9d, 0xa9, 0xcb, 0x46, 0x8d, 0x62, 0x3e, 0x9b,
+    0x9e, 0x56, 0xbd, 0xed, 0x96, 0x69, 0x53, 0xcc, 0xfe, 0x42, 0xbe, 0x59, 0xe7, 0xfc, 0xfb, 0xc3,
+    0x36, 0x1e, 0x89, 0xe3, 0x86, 0xea, 0x50, 0x70, 0x7a, 0xe5, 0xb3, 0xcc, 0x7f, 0x56, 0x34, 0xa2,
+    0x42, 0xed, 0x6a, 0x66, 0xfd, 0x79, 0x9d, 0x11, 0x4a, 0xee, 0xfb, 0x7d, 0x86, 0x15, 0x3a, 0x81,
+    0x43, 0xad, 0xa6, 0xd7, 0x11, 0x97, 0x1f, 0xc7, 0x1d, 0x20, 0xc8, 0xb8, 0x70, 0xe8, 0xaf, 0xd2,
+    0xde, 0x3b, 0x8c, 0x2a, 0x70, 0x0f, 0x09, 0xb2, 0x1a, 0xf3, 0x23, 0x6d, 0x4e, 0xd0, 0x28, 0xe4,
+    0xaf, 0x4b, 0x15, 0x9f, 0xd1, 0x4c, 0x0b, 0xdb, 0xe2, 0x88, 0x94, 0x8b, 0x1f, 0x1c, 0xa2, 0x1b,
+    0x56, 0xa4, 0x41, 0xa6, 0x13, 0xbf, 0x27, 0x31, 0xec, 0xed, 0x81, 0xe2, 0x63, 0x6c, 0x6f, 0x77,
+    0xdb, 0xb8, 0xf6, 0x1a, 0xaa, 0xdf, 0xc6, 0xba, 0xd2, 0x83, 0xdc, 0x3a, 0xe6, 0x5f, 0xac, 0x38,
+    0x70, 0x30, 0x55, 0x04, 0x4d, 0xad, 0x80, 0xbf, 0xaf, 0xb5, 0x84, 0x23, 0xa7, 0x31, 0x1f, 0xac,
+    0x3f, 0x1b, 0xea, 0x93, 0x06, 0x78, 0x48, 0xd9, 0xd0, 0x94, 0xdb, 0xee, 0x35, 0x4f, 0x83, 0x2c,
+    0x77, 0x33, 0x74, 0x95, 0x8c, 0x62, 0x88, 0xd8, 0xc9, 0x9a, 0x1d, 0x3d, 0x20, 0x87, 0x72, 0xd6,
+    0x75, 0xb3, 0x2f, 0x34, 0x97, 0x7d, 0x4f, 0xb7, 0x67, 0xc5, 0x7b, 0x74, 0x0f, 0xbe, 0x9b, 0x70,
+    0x87, 0xd9, 0x43, 0xdc, 0xce, 0x03, 0xbc, 0x9b, 0x6d, 0x8e, 0x60, 0x76, 0x16, 0xee, 0x08, 0x34,
+    0x93, 0x90, 0x68, 0x1c, 0x20, 0xc5, 0x06, 0xbb, 0xcb, 0x8d, 0x1a, 0xe9, 0xf3, 0x97, 0x5d, 0xc2,
+    0x1d, 0x4c, 0x48, 0xb0, 0x6e, 0x54, 0xa2, 0x89, 0x0c, 0x72, 0x12, 0xbd, 0xaf, 0x60, 0xe2, 0x78,
+    0xfd, 0x2c, 0xe2, 0xb8, 0xf4, 0xcd, 0x61, 0x34, 0x91, 0xdb, 0xd9, 0xfb, 0x22, 0x02, 0xdc, 0xe3,
+    0x9a, 0x95, 0x0b, 0x6c, 0xa0, 0x57, 0x1e, 0x12, 0x61, 0xfc, 0x72, 0xcb, 0xb9, 0x8e, 0xea, 0x4c,
+    0xea, 0xa5, 0x5e, 0x68, 0xed, 0xfa, 0x9e, 0xad, 0xce, 0x49, 0xf6, 0xe8, 0x1e, 0xbf, 0xf5, 0xe0,
+    0xe5, 0xe3, 0xd0, 0x38, 0x40, 0x49, 0x0c, 0xb5, 0x55, 0xd9, 0x34, 0x11, 0x25, 0xed, 0xba, 0x47,
+    0x55, 0x64, 0xd6, 0xb6, 0xe4, 0x4e, 0x62, 0x88, 0x15, 0x7c, 0xd4, 0x6e, 0xba, 0xa8, 0x13, 0x82,
+    0x4d, 0xab, 0xe4, 0x36, 0x50, 0xca, 0x0f, 0x09, 0xd1, 0x7e, 0x39, 0x84, 0xbd, 0x47, 0x75, 0x26,
+    0x2f, 0x91, 0x77, 0xd2, 0xde, 0x80, 0xbf, 0x27, 0xe9, 0x29, 0x6d, 0xe3, 0x8e, 0x44, 0xc7, 0x55,
+    0x8e, 0xdc, 0x20, 0xac, 0x4e, 0x91, 0xa4, 0x32, 0xc7, 0xff, 0x08, 0x54, 0x5c, 0xf7, 0xbf, 0xba,
+    0xab, 0x88, 0xa3, 0x1e, 0xe7, 0x72, 0x46, 0x05, 0x7d, 0x36, 0x58, 0x19, 0x41, 0x6e, 0xb3, 0x94,
+    0xec, 0xe6, 0xb3, 0x48, 0xc0, 0xdb, 0x14, 0x1c, 0xff, 0xa8, 0x5c, 0x33, 0x6f, 0xf4, 0x0d, 0xc9,
+    0x64, 0x79, 0x7e, 0xc4, 0xa3, 0x6b, 0x3a, 0x9f, 0x09, 0xb6, 0xfe, 0xbc, 0x42, 0x48, 0x4a, 0x5a,
+    0xb3, 0x47, 0x91, 0x9e, 0x53, 0xf6, 0x2b, 0x84, 0xb9, 0x34, 0xb5, 0xf3, 0x46, 0x81, 0xd5, 0x30,
+    0xd5, 0xbe, 0xb4, 0xfb, 0xeb, 0x82, 0xd6, 0x74, 0x1e, 0xdd, 0x2d, 0x06, 0x2b, 0xf0, 0x76, 0xcc,
+    0x91, 0x10, 0x33, 0xbd, 0x3b, 0xda, 0xc1, 0xd4, 0x65, 0xd2, 0x7c, 0xa0, 0xdc, 0xae, 0xb4, 0x64,
+    0x5e, 0xe1, 0xee, 0x67, 0x7f, 0xc3, 0xbd, 0x4e, 0x11, 0x52, 0xda, 0x05, 0xdf, 0x88, 0x4d, 0xaa,
+    0x21, 0x97, 0x35, 0x33, 0x9f, 0xdd, 0xaf, 0xe9, 0x25, 0x77, 0x9c, 0xdf, 0x43, 0xeb, 0x1d, 0xa1,
+    0x49, 0x68, 0x52, 0xb7, 0x66, 0xf4, 0x42, 0xd7, 0x4e, 0xc0, 0xf5, 0x16, 0xe3, 0x35, 0x64, 0xa9,
+    0x5f, 0xa1, 0x22, 0xd6, 0x93, 0x2d, 0x3f, 0x98, 0x46, 0x9c, 0xe9, 0xc0, 0x29, 0x75, 0xd8, 0xf9,
+    0x65, 0x39, 0xb2, 0x75, 0x4f, 0x85, 0xb8, 0x49, 0x5e, 0x78, 0xcd, 0x79, 0xb4, 0xb5, 0xdf, 0x09,
+    0x53, 0x27, 0x3b, 0x96, 0xc9, 0x6f, 0xe8, 0x39, 0x24, 0x9d, 0x7e, 0xb5, 0xcb, 0xe3, 0xeb, 0xab,
+    0x27, 0xd4, 0xd8, 0x13, 0xb2, 0xfc, 0x25, 0x58, 0x14, 0x96, 0x36, 0x04, 0x32, 0xa0, 0xe5, 0x88,
+    0xcc, 0x31, 0x4a, 0xca, 0xb3, 0xe8, 0x39, 0x23, 0x8d, 0x11, 0xf3, 0x29, 0xda, 0xe2, 0x85, 0x3b,
+    0x61, 0xfa, 0x04, 0xf4, 0x79, 0xbb, 0xf5, 0x97, 0xc1, 0xc6, 0x01, 0xeb, 0xea, 0xc7, 0xce, 0x86,
+    0x82, 0x5a, 0x39, 0xec, 0x14, 0xd3, 0x73, 0x93, 0xa5, 0xfe, 0x9f, 0x21, 0xbe, 0x61, 0x8c, 0xe8,
+    0xcf, 0xf1, 0xdd, 0xda, 0x44, 0x19, 0x7c, 0x9a, 0x74, 0x80, 0xa6, 0xa5, 0x03, 0x26, 0xf9, 0xce,
+    0xfa, 0x2f, 0xc3, 0x29, 0x35, 0x02, 0x69, 0x53, 0xf7, 0xf4, 0x40, 0xe5, 0xa5, 0xb4, 0xb1, 0x99,
+    0xbf, 0xc1, 0x88, 0xde, 0x09, 0xb4, 0xfc, 0x25, 0xdb, 0x35, 0x22, 0x86, 0xa4, 0x17, 0xe6, 0x62,
+    0xca, 0x72, 0xa7, 0xea, 0x9e, 0xc9, 0xb3, 0x92, 0xbc, 0xf0, 0x59, 0xf2, 0xab, 0xa9, 0x7d, 0x12,
+    0x4e, 0x6b, 0x73, 0x26, 0xa7, 0x3b, 0x4a, 0xb0, 0x28, 0xef, 0x6c, 0x08, 0x64, 0x83, 0x09, 0xd3,
+    0x97, 0x53, 0xde, 0x9d, 0x16, 0xfb, 0x4b, 0x65, 0x54, 0x33, 0xd6, 0x7b, 0xad, 0xe5, 0x4c, 0x4d,
+    0x9b, 0xd5, 0xc7, 0xdd, 0x4c, 0xb9, 0x9c, 0xc4, 0x36, 0x32, 0x41, 0x0e, 0x4f, 0x73, 0x7f, 0x1f,
+    0x8d, 0x1c, 0xb7, 0xbc, 0xb9, 0x60, 0xe1, 0x8b, 0x3e, 0x6e, 0x5d, 0xd8, 0x85, 0x33, 0xc3, 0x4f,
+    0x68, 0xff, 0x67, 0x84, 0xf9, 0x29, 0xed, 0x3e, 0x6b, 0xb7, 0x69, 0xc9, 0xa0, 0xde, 0x79, 0x08,
+    0x15, 0x09, 0xe7, 0x71, 0x02, 0x28, 0x38, 0xf6, 0xf1, 0xcd, 0x49, 0x5a, 0x13, 0x84, 0xc0, 0xa5,
+    0xfc, 0x6c, 0x2e, 0x09, 0x18, 0x23, 0xe3, 0xe2, 0xc6, 0x15, 0xea, 0x3e, 0xd4, 0xff, 0x49, 0xb0,
+    0xfe, 0xec, 0x75, 0xa8, 0x03, 0x3c, 0x24, 0x8d, 0x68, 0x4a, 0x8c, 0x77, 0xfb, 0xc6, 0xa0, 0x16,
+    0x58, 0xa2, 0x03, 0x47, 0x52, 0xe2, 0x37, 0xff, 0x20, 0xb3, 0x70, 0xde, 0xae, 0xc3, 0xb5, 0x83,
+    0x12, 0x0a, 0xc6, 0xe0, 0xc3, 0xe7, 0x30, 0x91, 0x97, 0xe2, 0xd0, 0x44, 0x94, 0x32, 0xad, 0xdf,
+    0x1b, 0x0f, 0xa5, 0x90, 0x43, 0x75, 0x28, 0x38, 0x3d, 0x93, 0xb8, 0x66, 0xde, 0x2b, 0x1a, 0x51,
+    0x10, 0x8a, 0x9d, 0x41, 0xd8, 0xf8, 0xf7, 0xfe, 0x39, 0xbd, 0xb6, 0x0d, 0xbb, 0x0b, 0x44, 0x79,
+    0xc1, 0xf7, 0x9f, 0x3b, 0x05, 0x44, 0x6c, 0x54, 0xb8, 0xde, 0x57, 0x99, 0xce, 0x89, 0x23, 0x3a,
+    0xe2, 0xe0, 0xf1, 0xa9, 0x81, 0x86, 0x04, 0xd2, 0x33, 0xf6, 0xad, 0x0f, 0xa2, 0x5b, 0xd7, 0x3d,
+    0x19, 0x8f, 0xfe, 0x31, 0x58, 0x6a, 0xef, 0x57, 0x93, 0xcc, 0xde, 0x2f, 0xf1, 0x12, 0xf3, 0xf7,
+    0x52, 0x67, 0xf7, 0x27, 0x25, 0x81, 0x6a, 0xef, 0x73, 0x53, 0x4d, 0x70, 0x3d, 0x1e, 0x7e, 0xf8,
+    0xef, 0x26, 0x24, 0x58, 0x37, 0x2a, 0x51, 0xa5, 0x06, 0x39, 0x09, 0xbf, 0xb6, 0x30, 0x71, 0x3c,
+    0xdc, 0xbb, 0xd7, 0x8b, 0x6b, 0x10, 0xce, 0xdd, 0xb4, 0xac, 0x45, 0x24, 0x61, 0xe9, 0xc1, 0x42,
+    0xf0, 0xea, 0x37, 0x49, 0x42, 0x61, 0x34, 0x43, 0xa4, 0x14, 0x7d, 0x4b, 0x36, 0x69, 0x7a, 0xe2,
+    0x3c, 0xdb, 0x7d, 0x83, 0xf1, 0x89, 0x0d, 0x60, 0x29, 0x05, 0x8e, 0x62, 0xec, 0x8b, 0xff, 0xd9,
+    0x9c, 0xd6, 0xe6, 0x4c, 0x8d, 0x76, 0x94, 0xa3, 0x50, 0x1d, 0xd8, 0x10, 0xc8, 0xc5, 0x12, 0x65,
+    0xbe, 0x81, 0x44, 0x6f, 0xe5, 0x5a, 0x7e, 0xf3, 0x8c, 0xfb, 0x11, 0x43, 0x52, 0xea, 0x73, 0x31,
+    0x38, 0x18, 0xcb, 0x02, 0xc7, 0xb7, 0x40, 0xbe, 0xb6, 0xbb, 0x42, 0xf0, 0xb2, 0xf9, 0xee, 0x56,
+    0x2b, 0x52, 0xc1, 0x53, 0xe8, 0xbe, 0xf2, 0xf9, 0x76, 0x97, 0xa1, 0x71, 0xd0, 0x36, 0xd6, 0xda,
+    0xc9, 0xb2, 0x30, 0xfa, 0x69, 0x38, 0xf6, 0x2b, 0x45, 0x61, 0x0c, 0x7e, 0x72, 0x6d, 0x01, 0xe7,
+    0x24, 0x14, 0x4f, 0x03, 0x45, 0x0d, 0x60, 0xe1, 0xed, 0x07, 0x63, 0x88, 0xeb, 0x64, 0x99, 0x7d,
+    0x98, 0x15, 0x50, 0xcd, 0xbb, 0x48, 0xd9, 0x7d, 0xcf, 0xa3, 0x14, 0x82, 0x96, 0xb7, 0x03, 0xea,
+    0x30, 0x5d, 0x64, 0xc3, 0xab, 0xcb, 0xda, 0xc1, 0x4b, 0x04, 0x19, 0x17, 0x0e, 0x1d, 0xcc, 0x8b,
+    0x0c, 0x86, 0x19, 0x40, 0x5a, 0x42, 0xd7, 0xa1, 0x62, 0x01, 0x97, 0x75, 0xe2, 0x96, 0x33, 0x52,
+    0x69, 0xbf, 0xab, 0x35, 0x15, 0xc7, 0x6f, 0xe8, 0x3c, 0x79, 0x5a, 0x0c, 0x56, 0x23, 0xec, 0x5b,
+    0x54, 0x24, 0x1a, 0x07, 0x08, 0xa0, 0xe0, 0x5e, 0x42, 0xb2, 0xe7, 0xab, 0x4c, 0x55, 0x86, 0xd1,
+    0xee, 0x66, 0xe8, 0xe9, 0xdb, 0xc4, 0xd3, 0x73, 0x51, 0xf7, 0x3a, 0x7a, 0x40, 0xcd, 0xe4, 0x6f,
+    0xb5, 0x04, 0x7c, 0xbe, 0x7e, 0xd7, 0xa1, 0x35, 0x88, 0xd5, 0x1f, 0x28, 0x37, 0xca, 0x2d, 0x19,
+    0x4f, 0x2b, 0xbf, 0x97, 0x4b, 0xd5, 0xc8, 0x66, 0x7f, 0x21, 0x5f, 0xcd, 0x92, 0x7e, 0x9c, 0x80,
+    0x39, 0x58, 0x07, 0xb3, 0x2b, 0x59, 0xc2, 0x68, 0xe1, 0x75, 0x71, 0x35, 0x44, 0x04, 0x7b, 0x05,
+    0x6a, 0x7f, 0x3c, 0x25, 0xe2, 0x36, 0x2a, 0x51, 0xc5, 0xe8, 0x0f, 0x80, 0x8f, 0xe7, 0x90, 0xae,
+    0x1c, 0x0c, 0x84, 0x01, 0x82, 0xba, 0x20, 0x5f, 0x5b, 0xbc, 0x21, 0x78, 0x59, 0x9d, 0x77, 0x2b,
+    0x89, 0xdf, 0x01, 0x3d, 0x8f, 0x5e, 0xac, 0x55, 0xa1, 0xd0, 0x91, 0x4a, 0xdb, 0x41, 0xd2, 0xc0,
+    0x66, 0xf9, 0x25, 0x65, 0xb8, 0x74, 0xfd, 0xf0, 0xa7, 0xe9, 0x98, 0xf5, 0x6d, 0x71, 0xa3, 0xfc,
+    0xa5, 0x8e, 0xe1, 0xff, 0xa6, 0x2f, 0x56, 0xcb, 0xb1, 0x68, 0xa9, 0x25, 0x8c, 0xc1, 0x69, 0x60,
+    0xe4, 0xa3, 0x1c, 0x89, 0xac, 0xa7, 0x8e, 0x63, 0x02, 0x17, 0x07, 0xd4, 0xd3, 0x10, 0x2f, 0x14,
+    0x72, 0xb0, 0x0e, 0xa5, 0x56, 0xb2, 0x47, 0xd0, 0x01, 0xea, 0xe2, 0x6a, 0x88, 0x08, 0xf6, 0x0a,
+    0xf6, 0xa9, 0xda, 0x69, 0x6f, 0x40, 0xbe, 0xf2, 0x95, 0xf5, 0xd7, 0x90, 0x47, 0x22, 0x82, 0xcb,
+    0x14, 0x49, 0x2b, 0xc0, 0xee, 0xc6, 0xba, 0x20, 0xa6, 0x03, 0x7a, 0x9f, 0xe5, 0x79, 0x55, 0xf6,
+    0x02, 0x80, 0x5b, 0xa1, 0x1b, 0x1f, 0xc7, 0x6f, 0xae, 0x5f, 0x66, 0x49, 0x2f, 0x39, 0xe9, 0xa6,
+    0x50, 0xe7, 0xac, 0x86, 0x3e, 0x9e, 0xad, 0x80, 0xdd, 0x0c, 0x2b, 0x39, 0x12, 0x27, 0x97, 0x5e,
+    0xbd, 0x41, 0xd3, 0x7f, 0x12, 0xab, 0x3b, 0x4a, 0x75, 0x6a, 0x44, 0xcf, 0x8b, 0x2e, 0x0f, 0xc4,
+    0x9f, 0x16, 0x71, 0x5c, 0x7a, 0x87, 0xd1, 0x1a, 0xa9, 0x8c, 0x8d, 0x9c, 0x11, 0x01, 0x6e, 0x90,
+    0xe3, 0xa0, 0x3d, 0x18, 0x6d, 0x68, 0x86, 0x04, 0x64, 0x38, 0x9e, 0xca, 0x54, 0xa6, 0x42, 0x6e,
+    0x05, 0x83, 0x7a, 0x30, 0xda, 0xd0, 0xcf, 0x08, 0xc8, 0x70, 0xff, 0x57, 0xa8, 0x8f, 0x84, 0xdc,
+    0x07, 0x03, 0x21, 0x91, 0xc1, 0xcf, 0x08, 0x67, 0x66, 0x2f, 0x99, 0x1e, 0x87, 0xb6, 0x6d, 0x7a,
+    0x88, 0x9f, 0xcd, 0x8c, 0x63, 0xb0, 0x2e, 0x83, 0xf6, 0x1e, 0xa2, 0x8f, 0x2d, 0xbc, 0x47, 0x93,
+    0xcb, 0x32, 0x6b, 0x5b, 0x72, 0x27, 0x31, 0x44, 0xeb, 0x3e, 0x6a, 0x37, 0x5d, 0x54, 0xe8, 0x41,
+    0x3a, 0x98, 0x90, 0xa3, 0xdc, 0xa8, 0x87, 0xd1, 0x18, 0xe4, 0x24, 0xb9, 0x9d, 0xc0, 0x07, 0xf0,
+    0x85, 0x59, 0x18, 0x7d, 0xd5, 0x1c, 0x7b, 0xf4, 0xc3, 0xd1, 0x06, 0x3f, 0x39, 0xd7, 0xe1, 0x92,
+    0x41, 0x2d, 0xfd, 0x76, 0x0a, 0x88, 0xd8, 0xa8, 0xb3, 0x7f, 0xae, 0xf1, 0x5f, 0xd1, 0x46, 0x74,
+    0x2a, 0x12, 0x0d, 0xe2, 0x04, 0x50, 0x70, 0x2f, 0x21, 0x59, 0x92, 0xb4, 0x26, 0xcb, 0x43, 0x89,
+    0x92, 0xd0, 0xa4, 0xad, 0xcc, 0x2b, 0x84, 0x6d, 0x9c, 0x43, 0x29, 0x2c, 0x05, 0x6a, 0xc8, 0x91,
+    0xb9, 0x82, 0x65, 0xfe, 0x24, 0x95, 0x76, 0x94, 0xea, 0xd4, 0x88, 0x5d, 0xd5, 0x5c, 0x1e, 0x4b,
+    0xe6, 0x23, 0x47, 0x28, 0xb7, 0xb8, 0x49, 0x0c, 0xac, 0x48, 0x61, 0x9d, 0xfc, 0x29, 0xc6, 0xb2,
+    0xf2, 0x6a, 0x6c, 0xe8, 0x59, 0x7e, 0xf3, 0x2c, 0x0a, 0x4b, 0x1b, 0x02, 0x19, 0x50, 0x93, 0x44,
+    0x28, 0x92, 0x56, 0x43, 0x1f, 0x4f, 0xb7, 0x40, 0x8f, 0x06, 0xf4, 0xfd, 0x09, 0xf2, 0xaa, 0x2f,
+    0x7d, 0xf6, 0x80, 0xf5, 0xfb, 0x01, 0xd5, 0xc8, 0x9a, 0x7a, 0x20, 0x93, 0xb3, 0x5a, 0xb9, 0xad,
+    0xbb, 0x02, 0x3e, 0x5f, 0x3f, 0x8a, 0xb1, 0xfb, 0x44, 0x8b, 0xee, 0x14, 0xfa, 0x65, 0xf7, 0xed,
+    0xf3, 0x2a, 0xa0, 0x59, 0xb5, 0x90, 0x71, 0xfa, 0x5d, 0x85, 0x28, 0xc7, 0xef, 0xad, 0x06, 0x17,
+    0xe7, 0x63, 0x8b, 0x99, 0x5b, 0x56, 0xcb, 0xda, 0xfb, 0x86, 0x52, 0x58, 0x0a, 0xd4, 0x53, 0xe1,
+    0xad, 0xcb, 0x4e, 0x3e, 0xca, 0x53, 0xcc, 0xb4, 0x4c, 0xd7, 0xf2, 0xc2, 0x30, 0x25, 0x4b, 0xbd,
+    0x0e, 0x06, 0x42, 0xe1, 0x41, 0x5d, 0x10, 0xce, 0xcc, 0x5e, 0xf1, 0x3c, 0xcd, 0xaf, 0xda, 0xf4,
+    0x76, 0x73, 0xb8, 0x24, 0x60, 0x8c, 0x0a, 0x0e, 0x9e, 0x54, 0x2e, 0xf8, 0xd6, 0x7a, 0xe7, 0x85,
+    0x3b, 0xd8, 0x5c, 0x12, 0x30, 0x46, 0x05, 0x07, 0x4f, 0x2a, 0x17, 0x7c, 0x6b, 0x3d, 0x92, 0xa3,
+    0x6d, 0x7c, 0x1d, 0xb4, 0x23, 0xf9, 0x22, 0x36, 0xa3, 0xc7, 0x96, 0x9e, 0x08, 0x51, 0xfd, 0xd4,
+    0x20, 0xd7, 0xf9, 0x82, 0x73, 0x33, 0x2d, 0x3f, 0x72, 0xb9, 0xaf, 0x1a, 0xb5, 0x16, 0x88, 0xf2,
+    0xa9, 0x08, 0xf8, 0xbf, 0xfc, 0x6d, 0x81, 0x6a, 0xd3, 0x69, 0x3e, 0x50, 0x6e, 0x57, 0x5a, 0x32,
+    0x0b, 0x85, 0x38, 0xd1, 0x9b, 0x8d, 0xdf, 0xc6, 0x04, 0x2e, 0x0e, 0x6b, 0x65, 0x20, 0x5e, 0x28,
+    0xce, 0xb1, 0x11, 0x6b, 0xa8, 0xf7, 0xfe, 0x4c, 0x23, 0x4e, 0x95, 0x60, 0xf5, 0xdb, 0x6c, 0x9d,
+    0x8f, 0x9c, 0xec, 0x1d, 0xa2, 0x7f, 0x26, 0xe4, 0x90, 0x31, 0x3b, 0x91, 0xaa, 0x0a, 0x2a, 0xe9,
+    0x94, 0x93, 0x49, 0x8d, 0xe1, 0x0a, 0x0e, 0xdc, 0xad, 0xa2, 0x83, 0xf7, 0x74, 0x21, 0x30, 0xb8,
+    0x4c, 0xeb, 0x28, 0x87, 0xbc, 0x24, 0x8d, 0xdf, 0x86, 0xb0, 0x0a, 0x41, 0x4b, 0xba, 0xe0, 0x75,
+    0x29, 0xd2, 0x9a, 0xf2, 0xf3, 0xa1, 0x35, 0x96, 0xd8, 0xc8, 0xc7, 0x38, 0xff, 0x0f, 0x3f, 0x7c,
+    0x5a, 0x22, 0x58, 0xe6, 0x49, 0xfd, 0xf0, 0x90, 0x8e, 0xec, 0x16, 0x97, 0x81, 0xfa, 0x5c, 0x25,
+    0xb4, 0x44, 0xb0, 0x0f, 0x92, 0x39, 0x23, 0xe3, 0xdf, 0x1b, 0x2c, 0xed, 0xc1, 0x37, 0xb8, 0x4a,
+    0x6e, 0xbc, 0x8a, 0xa4, 0xd4, 0x08, 0x67, 0x8f, 0x5a, 0x56, 0xc3, 0x12, 0xd1, 0x95, 0x81, 0x21,
+    0x1a, 0x4f, 0x69, 0x21, 0xaf, 0x9b, 0xaa, 0xee, 0x6a, 0x5d, 0x8b, 0xa3, 0x28, 0xd6, 0x8f, 0x02,
+    0xf7, 0xe9, 0x16, 0xd8, 0x83, 0xae, 0x3c, 0x24, 0xc2, 0x3b, 0xe4, 0x55, 0xb1, 0xdf, 0x17, 0x98,
+    0x67, 0xb9, 0xe9, 0xd4, 0x54, 0x9a, 0x7f, 0x26, 0xf0, 0x27, 0xab, 0x30, 0x9b, 0x8c, 0x36, 0xaf,
+    0xd4, 0xfe, 0x78, 0x4a, 0x07, 0x6c, 0x54, 0xa2, 0x49, 0x13, 0x1e, 0xc3, 0xdd, 0x0d, 0xe3, 0x9f,
+    0xb8, 0xc2, 0xa9, 0x4f, 0xc8, 0x7b, 0xf4, 0x42, 0xbd, 0x1a, 0xbb, 0x98, 0x23, 0xa1, 0x8b, 0x18,
+    0xd8, 0x78, 0x61, 0x0a, 0x5d, 0x2e, 0x83, 0x03, 0x2b, 0x12, 0x89, 0xb6, 0x3f, 0x9b, 0xd0, 0xcd,
+    0x8a, 0x1f, 0x96, 0x2d, 0x78, 0xaf, 0xe9, 0xec, 0x58, 0x41, 0xc4, 0xc6, 0x02, 0x85, 0xae, 0x35,
+    0xda, 0xf8, 0x3a, 0xab, 0x46, 0x31, 0x44, 0x6c, 0x85, 0x4d, 0xef, 0xff, 0x10, 0xa2, 0x39, 0x6b,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x3d, 0x9b, 0xb1, 0x32, 0x1d, 0x67, 0x8f, 0xb6, 0x7e, 0xcb, 0xbd, 0xa7, 0x1a, 0x76, 0x6a, 0x8a,
+    0x99, 0x55, 0x9c, 0x7c, 0x57, 0xa6, 0x5b, 0xab, 0x98, 0x6d, 0x27, 0x47, 0x60, 0x4a, 0x96, 0xb9,
+    0xd3, 0xfd, 0x59, 0xdb, 0xc6, 0xa3, 0x5c, 0xc5, 0x2f, 0x3c, 0x87, 0xdd, 0x5a, 0xbb, 0x8e, 0xe5,
+    0x9d, 0x96, 0x2a, 0xfd, 0x61, 0x98, 0x16, 0x75, 0x07, 0xd3, 0xeb, 0xd5, 0x3e, 0x38, 0x87, 0x36,
+    0x7e, 0x36, 0x17, 0xe5, 0x0c, 0xf0, 0x90, 0x71, 0x63, 0xeb, 0x75, 0x1f, 0x6a, 0x9e, 0xc5, 0x58,
+    0x06, 0x43, 0xed, 0x20, 0x2d, 0x21, 0x8a, 0xb1, 0x31, 0xe1, 0xaa, 0xdb, 0x71, 0x4b, 0xf8, 0x29,
+    0xd1, 0x7d, 0x02, 0x7a, 0xdd, 0xbc, 0x9b, 0xaa, 0x81, 0x63, 0xe1, 0x94, 0x75, 0x82, 0x67, 0x43,
+    0xaa, 0xc8, 0x6f, 0xaf, 0x0b, 0x9c, 0xc4, 0xd3, 0x2a, 0xf8, 0x6b, 0xdc, 0xb7, 0x93, 0x26, 0xc7,
+    0xa4, 0xce, 0x2d, 0x4e, 0x4a, 0xc1, 0xd4, 0x1d, 0xe6, 0xa6, 0x9a, 0xe0, 0x7a, 0x3c, 0xfc, 0x33,
+    0x03, 0xc0, 0x97, 0x10, 0xf7, 0xf1, 0x45, 0xb9, 0xf9, 0x91, 0x55, 0x8c, 0xd9, 0xc4, 0x7c, 0xf5,
+    0x23, 0x17, 0x6e, 0x92, 0x84, 0xc2, 0x68, 0x86, 0x8b, 0x28, 0xfa, 0x96, 0x6c, 0xd2, 0xf4, 0x07,
+    0x0a, 0xc5, 0xf4, 0x60, 0x77, 0x63, 0x5d, 0x10, 0x53, 0xe0, 0x3d, 0xae, 0x93, 0xdd, 0xcb, 0x7b,
+    0x7c, 0xb6, 0x4c, 0x44, 0x17, 0xef, 0x57, 0x1e, 0xcd, 0xb4, 0x13, 0x56, 0x45, 0xa7, 0x2c, 0xfe,
+    0x22, 0x57, 0xa2, 0x23, 0x68, 0x2c, 0xea, 0x50, 0xdc, 0xe6, 0xc9, 0x53, 0x9a, 0x2f, 0x61, 0x54,
+    0x37, 0x5e, 0x45, 0x52, 0x6a, 0x04, 0xd2, 0xa6, 0x2d, 0x2b, 0x80, 0x09, 0x89, 0xab, 0xa1, 0xf1,
+    0x4a, 0xa8, 0xc5, 0xa7, 0x91, 0x05, 0x07, 0x6e, 0xb7, 0x51, 0xa0, 0x9a, 0x3a, 0xf1, 0x18, 0x5c,
+    0x2e, 0xd1, 0xbb, 0x63, 0x32, 0x6e, 0x3d, 0xf1, 0xbe, 0xe7, 0x5e, 0x26, 0x78, 0xb9, 0x52, 0x06,
+    0x25, 0x54, 0x83, 0xb2, 0xa9, 0xe3, 0xe2, 0x37, 0xba, 0xc9, 0x50, 0x4d, 0x1d, 0x99, 0x0c, 0x2e,
+    0xf8, 0xaf, 0x98, 0x88, 0x2e, 0x1d, 0xae, 0x3c, 0x59, 0xab, 0x26, 0xac, 0x8a, 0x8d, 0x58, 0x3f,
+    0xdd, 0xfb, 0x1b, 0x3a, 0x87, 0xfe, 0x4c, 0x0b, 0xe3, 0x62, 0x76, 0xe1, 0x97, 0x14, 0x54, 0x11,
+    0x31, 0x1d, 0xa8, 0x72, 0x47, 0x25, 0x58, 0x17, 0x1c, 0xca, 0x2a, 0xd2, 0xf8, 0xe0, 0x59, 0xd8,
+    0x74, 0xf3, 0xe3, 0x85, 0x7b, 0x93, 0xcd, 0x61, 0x30, 0x0b, 0x48, 0xb1, 0xf9, 0x43, 0x0e, 0x23,
+    0x59, 0xe2, 0xcf, 0xf6, 0xbe, 0x0c, 0xb5, 0x29, 0x77, 0x7d, 0x43, 0x1b, 0x58, 0x3e, 0x20, 0xd0,
+    0xcd, 0x71, 0x86, 0x7b, 0x5f, 0x06, 0xbb, 0xf5, 0xda, 0xdf, 0xc0, 0xec, 0x2c, 0x1f, 0x10, 0x68,
+    0x5d, 0x21, 0x79, 0x77, 0x88, 0x32, 0xf8, 0xf7, 0xe8, 0xc3, 0x8f, 0x89, 0x06, 0x4c, 0x31, 0x5f,
+    0x08, 0x45, 0xaf, 0xc1, 0x6c, 0x7c, 0x9a, 0x7f, 0xfd, 0xbf, 0x5b, 0xe7, 0xbc, 0xe4, 0x22, 0xdd,
+    0x7f, 0x76, 0xdb, 0x54, 0xe0, 0x1e, 0x12, 0xa7, 0x34, 0x25, 0x46, 0xda, 0x9c, 0x63, 0x50, 0x0b,
+    0xa6, 0x4e, 0x76, 0xef, 0x51, 0xde, 0x13, 0x72, 0x48, 0xf9, 0xfc, 0xa9, 0x55, 0x05, 0x15, 0x95,
+    0xf9, 0xef, 0x54, 0x39, 0xc2, 0xf3, 0x2c, 0xea, 0x0e, 0x65, 0x15, 0x69, 0x7c, 0x70, 0xcd, 0x6c,
+    0x90, 0x50, 0xff, 0x0c, 0xd7, 0x34, 0x43, 0x02, 0x32, 0x1c, 0x4f, 0x65, 0x2a, 0x53, 0x21, 0x37,
+    0x0f, 0x46, 0x8e, 0x50, 0xad, 0xb3, 0x92, 0x18, 0x9b, 0x90, 0xc2, 0xf9, 0x3b, 0x52, 0x4f, 0xa7,
+    0xb0, 0x87, 0x06, 0x8e, 0xa4, 0x07, 0x6e, 0x3d, 0x40, 0xa5, 0xe0, 0x7f, 0x9f, 0x45, 0xa9, 0xc5,
+    0xac, 0x8b, 0x82, 0x8f, 0x26, 0xbd, 0x4e, 0x62, 0x1b, 0x19, 0xc1, 0x07, 0xc6, 0xd8, 0xde, 0xee,
+    0x60, 0xba, 0xc8, 0x45, 0x95, 0x55, 0x77, 0x41, 0x96, 0x08, 0x32, 0x2e, 0x1c, 0x3a, 0x5b, 0xd5,
+    0x6c, 0x3c, 0xd1, 0x05, 0xcf, 0x17, 0xa0, 0xe0, 0xf4, 0x09, 0xa5, 0x5b, 0xfe, 0xac, 0x68, 0x87,
+    0x13, 0x4a, 0x0a, 0x51, 0x2f, 0x09, 0xb2, 0x47, 0xc0, 0x2c, 0xe3, 0x81, 0x62, 0xcf, 0x38, 0x8c,
+    0xbc, 0x01, 0x1f, 0xce, 0xfe, 0x45, 0xb9, 0x9c, 0x22, 0xa4, 0x77, 0x0a, 0x7d, 0xd3, 0x9a, 0x97,
+    0x32, 0xdd, 0x3f, 0x62, 0xb0, 0xd4, 0x1d, 0xae, 0xe5, 0x5b, 0x7f, 0x5e, 0x21, 0x24, 0x25, 0x2d,
+    0xf1, 0xaa, 0xfb, 0xf8, 0xae, 0x8f, 0xb6, 0x95, 0xf3, 0xda, 0x4e, 0x8e, 0xc0, 0x94, 0xef, 0xb1,
+    0xd6, 0x7e, 0x23, 0xeb, 0x1c, 0x73, 0x93, 0xcd, 0xe7, 0x4c, 0x78, 0x8a, 0xf2, 0x34, 0x0a, 0x39,
+    0x44, 0xae, 0x87, 0x46, 0xd0, 0x58, 0x17, 0xa0, 0x7b, 0x0f, 0x51, 0xa6, 0xf7, 0x5e, 0xc2, 0xa8,
+    0x62, 0x3a, 0x93, 0xe4, 0x8e, 0x4a, 0xb0, 0x2e, 0x38, 0x57, 0x54, 0x67, 0x33, 0x03, 0xb2, 0x73,
+    0xa8, 0x48, 0x34, 0x0e, 0x10, 0x83, 0x03, 0xbc, 0x84, 0xa7, 0x0d, 0x95, 0x98, 0xaa, 0xcf, 0x61,
+    0x40, 0x6d, 0x31, 0xc7, 0xe6, 0x66, 0x5a, 0x7e, 0xe4, 0xb1, 0x9d, 0x34, 0xa9, 0x2c, 0xd3, 0x27,
+    0x95, 0xd3, 0x85, 0x3c, 0x0d, 0xe4, 0x8c, 0x0a, 0xfa, 0x6c, 0xb0, 0x32, 0x82, 0xdc, 0xa5, 0xeb,
+    0x11, 0xca, 0x51, 0xf0, 0x34, 0x16, 0x75, 0x28, 0x6e, 0x73, 0x85, 0xc8, 0x4d, 0xf6, 0xd1, 0x2a,
+    0x8b, 0x5f, 0x5a, 0x9c, 0x94, 0x41, 0x6b, 0x3a, 0x0f, 0x8f, 0xf7, 0x03, 0xf4, 0x78, 0x3b, 0x66,
+    0x01, 0x40, 0xcc, 0xb1, 0xec, 0xee, 0x82, 0xd6, 0x57, 0xce, 0x33, 0xc5, 0xf6, 0xfd, 0x95, 0x53,
+    0x0d, 0xc6, 0xd5, 0xf1, 0xb6, 0xac, 0x55, 0x77, 0x35, 0xcf, 0xa4, 0xb0, 0x14, 0x6b, 0xa6, 0x01,
+    0xe1, 0x20, 0x66, 0xb9, 0x76, 0x77, 0x41, 0x6b, 0xca, 0x67, 0xf8, 0x83, 0x7b, 0x9f, 0xab, 0xc8,
+    0x6b, 0x3f, 0xf0, 0x94, 0x0e, 0xd8, 0xa8, 0x87, 0x92, 0x26, 0x3c, 0x45, 0x79, 0x1a, 0x05, 0xfd,
+    0xc2, 0x37, 0x08, 0x2b, 0xf2, 0xb5, 0x29, 0xed, 0x41, 0x4f, 0x02, 0x15, 0x17, 0x4d, 0x5f, 0xcf,
+    0x5c, 0x61, 0xb5, 0xc6, 0x64, 0xdc, 0x7a, 0x21, 0xbf, 0x0d, 0xbc, 0x4c, 0xf0, 0xb1, 0xa4, 0x0c,
+    0xc7, 0xb4, 0x72, 0x1b, 0x28, 0x65, 0xe6, 0xe5, 0x89, 0x3f, 0xfd, 0x42, 0xbf, 0xc2, 0xdb, 0x13,
+    0x84, 0x19, 0xd4, 0xcc, 0x39, 0xf2, 0xf9, 0x22, 0x94, 0x1f, 0x35, 0xfa, 0xcf, 0x2a, 0x74, 0xc1,
+    0x45, 0xee, 0x4b, 0xf7, 0x3c, 0xb6, 0x95, 0x76, 0x2c, 0xc1, 0x62, 0x63, 0x01, 0xa3, 0x57, 0xfb,
+    0x79, 0x35, 0x36, 0x74, 0xcd, 0x3f, 0x98, 0x16, 0x05, 0xc4, 0xec, 0x01, 0xed, 0x28, 0xa8, 0x22,
+    0x4b, 0xe8, 0x09, 0x16, 0x7d, 0xeb, 0x85, 0xb8, 0xe0, 0x9f, 0x93, 0x5f, 0xcc, 0x0c, 0x8d, 0x0f,
+    0x48, 0x28, 0x9e, 0x06, 0x8a, 0x1a, 0xc0, 0x01, 0x19, 0x0e, 0xc6, 0xd3, 0x15, 0xc8, 0xf1, 0xfa,
+    0x6f, 0xfc, 0x46, 0x15, 0x38, 0xe6, 0xe5, 0x59, 0x0d, 0x98, 0xf0, 0xd7, 0x27, 0x68, 0x14, 0x72,
+    0xa7, 0x0e, 0xba, 0x5e, 0xbd, 0x30, 0x91, 0xa4, 0x1f, 0x37, 0xcf, 0x6c, 0xa3, 0xf8, 0x80, 0xc6,
+    0xa2, 0x8d, 0xc0, 0x6e, 0x67, 0xe0, 0x5e, 0xac, 0xd7, 0x47, 0x30, 0x3b, 0x0b, 0x77, 0x04, 0x1a,
+    0xc0, 0xb7, 0x53, 0x8a, 0xe9, 0xaa, 0xee, 0x82, 0xef, 0x10, 0x64, 0x5c, 0x38, 0x74, 0xb6, 0x69,
+    0x2c, 0x51, 0xe0, 0xc2, 0x29, 0x71, 0xfa, 0x9e, 0x10, 0xb8, 0x38, 0x6f, 0x57, 0x80, 0xbb, 0xa0,
+    0x81, 0x9a, 0xae, 0xfc, 0xe3, 0x22, 0x36, 0x2a, 0x5c, 0x6f, 0xca, 0xad, 0x67, 0xa5, 0xf0, 0x1d,
+    0xd0, 0x3d, 0xce, 0xcb, 0x31, 0x52, 0x19, 0x7c, 0xd6, 0xad, 0xd2, 0x51, 0x83, 0x7f, 0xf2, 0x10,
+    0x17, 0x89, 0xbc, 0xd0, 0x19, 0x37, 0xff, 0x99, 0x5f, 0x92, 0x2f, 0x13, 0x3c, 0xbd, 0x29, 0x03,
+    0xa3, 0xcd, 0x0c, 0xdf, 0x8b, 0x0e, 0xdc, 0x7a, 0x80, 0x89, 0x03, 0xfe, 0xfd, 0x8a, 0x91, 0x49,
+    0xd2, 0xbd, 0x95, 0x6a, 0x2a, 0x4d, 0xde, 0x13, 0x78, 0xf2, 0xb4, 0x18, 0xac, 0x46, 0x1b, 0xb6,
+    0x57, 0xe4, 0x8d, 0x17, 0xff, 0x51, 0xa5, 0xe7, 0xbb, 0x23, 0xb2, 0x27, 0x95, 0x91, 0xfa, 0x24,
+    0x71, 0x70, 0x99, 0xb5, 0xa1, 0x43, 0x02, 0x69, 0xf8, 0x7b, 0xb7, 0xe6, 0x51, 0xcc, 0x8a, 0xff,
+    0xa1, 0x4d, 0x57, 0x7e, 0x90, 0x11, 0x1b, 0x15, 0x2e, 0xd6, 0x65, 0xb7, 0xd2, 0xb3, 0x78, 0xef,
+    0xc3, 0x77, 0xc4, 0x9a, 0x1e, 0x5b, 0xab, 0x3b, 0x16, 0x81, 0x31, 0xd0, 0xe1, 0xb0, 0xca, 0x9c,
+    0x51, 0xa7, 0x60, 0x37, 0xd2, 0x70, 0x2f, 0x56, 0x8a, 0xc2, 0x18, 0xfc, 0xe4, 0xda, 0x02, 0x0d,
+    0x35, 0xde, 0x1e, 0xf3, 0x71, 0x1b, 0x15, 0xc9, 0x83, 0x74, 0xe6, 0x40, 0xa6, 0x92, 0x48, 0x57,
+    0x47, 0x6e, 0x10, 0x56, 0x27, 0xa9, 0x52, 0x19, 0x82, 0x9e, 0x04, 0x2a, 0x2e, 0x9a, 0xbe, 0x5d,
+    0xf5, 0x69, 0x4d, 0x79, 0x98, 0xb1, 0xfb, 0x4b, 0x6c, 0x64, 0x82, 0x1c, 0x9e, 0xe6, 0xfe, 0x3e,
+    0xb2, 0x07, 0x5d, 0x2f, 0xbf, 0x18, 0xa9, 0x52, 0xee, 0xfa, 0x86, 0x36, 0xb0, 0x7c, 0x40, 0x63,
+    0xd7, 0x3e, 0xef, 0x5a, 0xf0, 0x9d, 0x11, 0x1b, 0xb0, 0x82, 0x4b, 0x4f, 0x04, 0xc9, 0x9f, 0x6a,
+    0x16, 0xc9, 0x70, 0x61, 0xf5, 0xd9, 0x7d, 0x4f, 0x08, 0x5c, 0x1c, 0xd6, 0xca, 0x40, 0xbc, 0x50,
+    0x86, 0x99, 0x8f, 0x6d, 0x22, 0xed, 0x3e, 0x4d, 0x3a, 0x40, 0x53, 0xb3, 0xe0, 0x13, 0x9d, 0x67,
+    0x73, 0xf0, 0xc2, 0x14, 0xba, 0x5c, 0xc5, 0x06, 0x56, 0x24, 0xd1, 0xaf, 0x7e, 0xf5, 0x63, 0x59,
+    0xc4, 0x74, 0xe5, 0x0b, 0xdf, 0x94, 0xa3, 0x5c, 0x70, 0xae, 0xa8, 0xce, 0x66, 0x06, 0xa7, 0xe6,
+    0x34, 0x9e, 0xd2, 0x42, 0x9d, 0xf5, 0x97, 0x1f, 0xd4, 0xba, 0xd5, 0x85, 0x50, 0x6f, 0xdd, 0x04,
+    0xc6, 0xf4, 0xbe, 0xaa, 0xc4, 0x8b, 0x64, 0x33, 0xde, 0xf1, 0xce, 0x87, 0x49, 0x3f, 0x4e, 0x40,
+    0x96, 0x13, 0x12, 0x2c, 0xfa, 0x15, 0xc9, 0xb3, 0x03, 0xfd, 0xe5, 0xbe, 0x5b, 0x18, 0xd9, 0x1e,
+    0xed, 0xa6, 0x7f, 0xf9, 0x2c, 0x35, 0x96, 0xca, 0xa8, 0x66, 0x6f, 0xf6, 0x99, 0x09, 0x98, 0x9a,
+    0xf4, 0x29, 0x81, 0xc8, 0x74, 0x5f, 0x79, 0x9d, 0x3b, 0xaa, 0xb1, 0xd9, 0x68, 0x1b, 0x6b, 0x6d,
+    0xae, 0x0b, 0xd9, 0x2e, 0x3d, 0xa2, 0x89, 0x0d, 0xb5, 0x46, 0xa7, 0x4e, 0xe9, 0xe1, 0x37, 0x48,
+    0x63, 0x7a, 0x5f, 0x55, 0x62, 0xa4, 0x32, 0xf8, 0x6f, 0x99, 0x67, 0xa2, 0xc5, 0xfe, 0x27, 0x20,
+  },
+  { /* 5 */
+    0x79, 0x80, 0xab, 0xe7, 0xa9, 0x6f, 0x50, 0x97, 0xbe, 0x20, 0xdb, 0x5a, 0xb5, 0x1a, 0xf0, 0xb4,
+    0x91, 0x1a, 0x97, 0x16, 0x14, 0x45, 0x9f, 0x6e, 0x60, 0xe7, 0xef, 0x55, 0x0a, 0x58, 0x62, 0xaa,
+    0x99, 0xdc, 0x5f, 0x93, 0xd1, 0x32, 0x94, 0x30, 0x3d, 0x37, 0xfc, 0x67, 0x89, 0x09, 0x7f, 0xce,
+    0xb9, 0x42, 0xf9, 0xc2, 0x43, 0x2d, 0xb8, 0x8b, 0x8a, 0xf1, 0xb0, 0xaf, 0xc0, 0x8e, 0x0b, 0x9d,
+    0x71, 0x46, 0x63, 0x62, 0x6c, 0x18, 0x5b, 0xc9, 0xe3, 0xf0, 0xc8, 0x68, 0x36, 0x4b, 0xed, 0xd0,
+    0xea, 0x4a, 0x0e, 0x41, 0x1d, 0x47, 0xbd, 0x0f, 0x58, 0xf3, 0x40, 0xe2, 0xef, 0xc7, 0x04, 0x07,
+    0xd7, 0x56, 0x4e, 0xa7, 0xd0, 0xcc, 0x51, 0x02, 0x84, 0xf4, 0xeb, 0xf2, 0x68, 0xd9, 0xf3, 0x27,
+    0x95, 0x79, 0xf3, 0xb5, 0x97, 0x9f, 0x7b, 0x41, 0xaf, 0x8f, 0x07, 0x4c, 0xaa, 0x91, 0x8d, 0x98,
+    0x55, 0xbb, 0xa1, 0x90, 0x7d, 0xdd, 0x93, 0x5d, 0x9b, 0x5e, 0x6c, 0xb9, 0xdf, 0x05, 0x76, 0xb1,
+    0xda, 0x9b, 0xfb, 0xd9, 0xc6, 0xb6, 0x87, 0x08, 0x55, 0x56, 0x2a, 0x4e, 0x63, 0xe2, 0x4a, 0x9c,
+    0xdb, 0xf3, 0xe2, 0x81, 0x96, 0x61, 0xbe, 0x73, 0x16, 0x4c, 0x10, 0xd9, 0x4b, 0x41, 0x01, 0x71,
+    0xb5, 0xe7, 0x55, 0xe4, 0x05, 0x80, 0x57, 0xfa, 0x18, 0x49, 0x4b, 0x84, 0xe3, 0x16, 0xf9, 0xcb,
+    0x3f, 0xcc, 0x72, 0x56, 0x6d, 0xe6, 0x9e, 0xfb, 0x5a, 0x33, 0xdf, 0xfd, 0xd7, 0x9b, 0x61, 0x39,
+    0x54, 0xd3, 0xb8, 0xc8, 0x2d, 0x0a, 0xaa, 0x26, 0xd8, 0x44, 0x56, 0x2e, 0xf7, 0xa6, 0x3d, 0x5c,
+    0x7d, 0xe3, 0xcf, 0x44, 0x2a, 0xb5, 0xb4, 0xb8, 0x71, 0x48, 0x33, 0x43, 0x15, 0xd3, 0x1f, 0x86,
+    0xd5, 0x86, 0x7c, 0x17, 0x70, 0xa1, 0x23, 0xf4, 0x02, 0xc0, 0x9f, 0x1f, 0x38, 0x5c, 0x65, 0x3e,
+    0xbd, 0x21, 0x9d, 0x61, 0xc0, 0xf7, 0x5c, 0xa4, 0x45, 0x99, 0x58, 0xb6, 0x60, 0x47, 0xe4, 0xaf,
+    0xa9, 0x0d, 0xaa, 0x0b, 0x0a, 0xc3, 0xae, 0x37, 0x30, 0x92, 0x96, 0xcb, 0x05, 0x2c, 0x31, 0x55,
+    0xfe, 0x66, 0x39, 0x2b, 0xd7, 0x73, 0x4f, 0x9c, 0x2d, 0xf8, 0x8e, 0x9f, 0x8a, 0xac, 0xd1, 0xfd,
+    0x3b, 0xaf, 0x16, 0xf5, 0xee, 0x3c, 0x7a, 0xd4, 0x95, 0x5b, 0x37, 0xe4, 0x77, 0x52, 0x8e, 0x0b,
+    0x1d, 0x82, 0xe6, 0xb7, 0x5f, 0x94, 0xc0, 0xb6, 0x6b, 0xc1, 0xe7, 0xd8, 0xce, 0x99, 0x83, 0x73,
+    0x36, 0x62, 0xa3, 0x8b, 0xf8, 0x46, 0xac, 0xde, 0x44, 0xf9, 0xf6, 0x58, 0x7c, 0x69, 0x37, 0xb0,
+    0x38, 0x17, 0x3d, 0x1d, 0x1e, 0x86, 0x31, 0x59, 0x50, 0x75, 0x79, 0x9e, 0x0f, 0x74, 0x53, 0xff,
+    0x07, 0xdb, 0x4f, 0x4b, 0x73, 0x60, 0xaf, 0xa2, 0x0a, 0x46, 0xa6, 0x63, 0xd8, 0xef, 0x32, 0xc6,
+    0x1b, 0x31, 0xb0, 0xa4, 0x7c, 0x23, 0x56, 0x6f, 0x22, 0x9d, 0x7b, 0x2c, 0x3e, 0xd5, 0xfa, 0x58,
+    0xfb, 0x6d, 0x44, 0xd0, 0x04, 0x7e, 0x92, 0xc8, 0xa1, 0x8a, 0x5c, 0x11, 0x02, 0xc6, 0x75, 0x22,
+    0x70, 0x2e, 0x7a, 0x3a, 0x3c, 0xcf, 0x62, 0xb2, 0xa0, 0xea, 0xf2, 0xff, 0x1e, 0xe8, 0xa6, 0x3d,
+    0x89, 0x93, 0x0c, 0x5a, 0x98, 0xdc, 0x82, 0x8c, 0x87, 0x54, 0xda, 0x03, 0x4c, 0xab, 0x45, 0x06,
+    0x4a, 0xe9, 0x75, 0x97, 0x82, 0x24, 0x21, 0x1d, 0x76, 0xab, 0xff, 0x8c, 0x41, 0x19, 0x63, 0xdb,
+    0xae, 0xd6, 0xe5, 0x40, 0x79, 0xa3, 0x01, 0x95, 0x3a, 0xd4, 0x30, 0xa8, 0xdd, 0xc3, 0x03, 0x93,
+    0x3d, 0x1c, 0x40, 0xe6, 0xcd, 0x8b, 0xec, 0x0d, 0xdc, 0x07, 0xab, 0x10, 0x87, 0x1e, 0xf7, 0x20,
+    0x29, 0x30, 0x77, 0x8c, 0x07, 0xbf, 0x1e, 0x9e, 0xa9, 0x0c, 0x65, 0x6d, 0xe2, 0x75, 0x22, 0xda,
+    0x8a, 0x2b, 0x27, 0xb2, 0x68, 0x66, 0xc9, 0x01, 0x42, 0x7a, 0x94, 0x79, 0x34, 0x8d, 0x98, 0xf2,
+    0xcd, 0x0f, 0xe7, 0x5b, 0xfc, 0x38, 0x3e, 0x16, 0xe5, 0x73, 0xaa, 0x49, 0x7e, 0xaf, 0x42, 0x92,
+    0x41, 0x97, 0x96, 0xfa, 0xb7, 0xe9, 0x61, 0xce, 0xee, 0x55, 0xa2, 0xc4, 0xba, 0x6e, 0xa3, 0x4b,
+    0xce, 0xb7, 0xcc, 0xb3, 0x0c, 0x82, 0x75, 0x9b, 0x20, 0x5d, 0xe4, 0x33, 0x06, 0x89, 0x9f, 0x66,
+    0x16, 0xfc, 0x05, 0xda, 0x6a, 0x59, 0x80, 0x65, 0xf3, 0x3f, 0xba, 0x90, 0x35, 0xee, 0x43, 0xe3,
+    0x6c, 0xc4, 0x85, 0xd5, 0x33, 0x8c, 0x9b, 0x7f, 0x88, 0x31, 0x2f, 0xb0, 0xf8, 0xd2, 0x6e, 0xa3,
+    0x1f, 0x52, 0xd4, 0x07, 0xff, 0xf9, 0xb2, 0x40, 0xed, 0xf5, 0x93, 0x35, 0x9e, 0x1c, 0x15, 0x6a,
+    0xe0, 0x5c, 0xf4, 0x74, 0x78, 0x5d, 0xc4, 0xa7, 0x83, 0x17, 0x27, 0x3d, 0x3c, 0x13, 0x8f, 0x7a,
+    0xf5, 0x18, 0xda, 0x46, 0xe2, 0xbe, 0x0f, 0x4f, 0xb5, 0x06, 0xd3, 0xd7, 0x71, 0xdb, 0x11, 0x6d,
+    0xb0, 0xec, 0x28, 0x1f, 0xd6, 0x8d, 0x8a, 0xae, 0x94, 0x3b, 0x99, 0x0a, 0x6b, 0x7c, 0x5d, 0x14,
+    0xde, 0xf8, 0x9f, 0x7a, 0x45, 0x6c, 0x63, 0x27, 0x9a, 0x3e, 0xc2, 0x57, 0xc3, 0x2b, 0xa5, 0xae,
+    0x03, 0xb8, 0x2b, 0xe8, 0xf0, 0xba, 0x4b, 0x8d, 0xc5, 0x2e, 0x4e, 0x7a, 0x78, 0x26, 0xdd, 0xf4,
+    0xd0, 0x8d, 0x01, 0xec, 0xa3, 0xac, 0xfe, 0xa0, 0x8e, 0xb2, 0x4d, 0x91, 0xb0, 0x36, 0xc1, 0xe1,
+    0x8e, 0x48, 0x43, 0x11, 0xeb, 0xbc, 0x2d, 0x2e, 0x8d, 0x12, 0x7c, 0x60, 0x94, 0x44, 0x77, 0xc0,
+    0x23, 0x26, 0x8d, 0xb9, 0x62, 0xa5, 0x67, 0x36, 0x72, 0xe8, 0x02, 0xb2, 0x31, 0xa1, 0xa9, 0xa7,
+    0x0a, 0x16, 0xfa, 0x35, 0x65, 0x1a, 0x79, 0xa8, 0xdb, 0xe4, 0x67, 0xdf, 0xd3, 0xd4, 0x8b, 0x7d,
+    0xf3, 0xab, 0x8c, 0x55, 0xc1, 0x09, 0x99, 0x96, 0xfc, 0x5a, 0x4f, 0x23, 0x81, 0x97, 0x68, 0x46,
+    0x06, 0xb3, 0x56, 0x13, 0x23, 0xb7, 0x96, 0xd9, 0x49, 0x5c, 0x9c, 0xf4, 0xf0, 0x4c, 0x79, 0x2b,
+    0xdf, 0x90, 0x86, 0x22, 0x15, 0xbb, 0x5a, 0x5c, 0xd9, 0x24, 0xf8, 0xc0, 0xeb, 0x88, 0xee, 0x43,
+    0x4d, 0x32, 0x3a, 0xdc, 0xf1, 0x44, 0x8e, 0xbf, 0x7c, 0xed, 0x59, 0xef, 0x99, 0xf6, 0x51, 0x1d,
+    0x98, 0xb4, 0x46, 0xcb, 0x81, 0xe5, 0xad, 0x4b, 0x7e, 0x2d, 0xc6, 0xf0, 0xa1, 0xaa, 0x34, 0x23,
+    0x97, 0xa9, 0xc1, 0x05, 0x37, 0xf2, 0x09, 0xb7, 0x29, 0xbb, 0x73, 0xa1, 0xfa, 0x14, 0x1b, 0x81,
+    0xad, 0x6e, 0xce, 0xa8, 0x89, 0x19, 0x4a, 0x18, 0xff, 0xfa, 0x7e, 0xd2, 0xa5, 0xe5, 0xde, 0x67,
+    0x15, 0x44, 0x2e, 0x32, 0x9a, 0xe3, 0xcb, 0xe8, 0x36, 0x11, 0xf4, 0xea, 0x4d, 0xc8, 0x9e, 0x17,
+    0xa2, 0x73, 0x49, 0x66, 0x3f, 0x0e, 0xee, 0xe4, 0xa8, 0x6c, 0xcb, 0x83, 0xfe, 0x5b, 0xf1, 0xc5,
+    0xab, 0xdd, 0x98, 0xbb, 0xaa, 0xae, 0xdc, 0xc1, 0xb6, 0xa6, 0xe2, 0x26, 0x55, 0xa9, 0xa7, 0x4c,
+    0xc0, 0xc2, 0x52, 0x25, 0xea, 0x42, 0xe8, 0x1c, 0x34, 0xd1, 0x6b, 0xf5, 0x75, 0x94, 0xfb, 0x29,
+    0xb6, 0x5f, 0x7e, 0x0c, 0xf5, 0x3a, 0x1c, 0x77, 0xdd, 0x67, 0x05, 0xfe, 0x9b, 0x30, 0x24, 0x3f,
+    0x53, 0x08, 0xf7, 0x83, 0x5e, 0x6a, 0x05, 0x84, 0xd2, 0x02, 0xf0, 0x4d, 0x2f, 0x49, 0x0f, 0x9a,
+    0xed, 0x91, 0x41, 0x0a, 0x6e, 0x27, 0x12, 0xad, 0x52, 0xb5, 0xe6, 0x81, 0x37, 0x28, 0x36, 0xc1,
+    0xc1, 0xaa, 0x4b, 0x7d, 0xba, 0x95, 0xd1, 0x67, 0x77, 0xcb, 0x51, 0x62, 0x5d, 0x37, 0xb0, 0xc4,
+    0xe1, 0x34, 0xed, 0x2c, 0x28, 0x8a, 0xfd, 0xdc, 0xc0, 0x0d, 0x1d, 0xaa, 0x14, 0xb0, 0xc4, 0x97,
+    0x62, 0xb1, 0x1b, 0x43, 0xd5, 0x4c, 0x06, 0xf8, 0x9c, 0xbd, 0xa0, 0x76, 0x8b, 0xcf, 0x0a, 0xec,
+    0x24, 0xfd, 0xc2, 0xf2, 0x11, 0xc5, 0xc8, 0x94, 0x78, 0xae, 0xa4, 0xd1, 0xe9, 0x4e, 0x9b, 0x61,
+    0xe9, 0xf2, 0x25, 0xa9, 0xed, 0xfd, 0xf6, 0x82, 0x9d, 0xdd, 0x0e, 0x98, 0x97, 0xe1, 0xd9, 0xf3,
+    0x65, 0x6a, 0x54, 0x08, 0xa6, 0x2c, 0xa9, 0x5a, 0x96, 0xfb, 0x06, 0x15, 0x53, 0x20, 0x38, 0x2a,
+    0xec, 0xf9, 0x58, 0x52, 0x3e, 0xf0, 0x2b, 0xd6, 0x11, 0xaf, 0xdc, 0x16, 0x1f, 0x8b, 0x7d, 0x2c,
+    0x5d, 0x7d, 0x69, 0x15, 0xb8, 0xaa, 0x98, 0x03, 0xc6, 0x8e, 0x7f, 0x8b, 0x5c, 0x54, 0x6b, 0xd5,
+    0x26, 0x2d, 0xf0, 0x42, 0xb1, 0xa8, 0xba, 0x62, 0xfe, 0x9a, 0xd0, 0x3c, 0xb9, 0xcb, 0x0d, 0x78,
+    0xbe, 0x99, 0xb6, 0x89, 0x30, 0x4d, 0x17, 0x29, 0x80, 0xb7, 0x16, 0xcc, 0x18, 0x61, 0x39, 0x5b,
+    0x21, 0xf6, 0xbf, 0x09, 0xc2, 0xc8, 0x15, 0xc0, 0xf4, 0xdc, 0x76, 0x5f, 0x61, 0x24, 0x3f, 0xbe,
+    0x4b, 0x81, 0x6c, 0xcf, 0xd2, 0xf3, 0x18, 0x66, 0x35, 0xb1, 0xc5, 0x1b, 0x69, 0xba, 0x28, 0x36,
+    0x48, 0x39, 0x47, 0x27, 0x22, 0x49, 0x53, 0xeb, 0xf0, 0x9f, 0x8b, 0x61, 0x11, 0x9c, 0xf5, 0xc2,
+    0xca, 0xd4, 0xa8, 0x10, 0x8f, 0x58, 0x91, 0xb4, 0xef, 0x35, 0x0c, 0x2a, 0xa6, 0x40, 0x70, 0x54,
+    0xf7, 0xc8, 0xe8, 0xf6, 0x42, 0xd3, 0x7d, 0xb9, 0x33, 0x32, 0xa7, 0x3a, 0x21, 0x5e, 0x87, 0x74,
+    0x7c, 0x8b, 0xd6, 0x1c, 0x7a, 0x62, 0x8d, 0xc3, 0x32, 0x52, 0x09, 0xd4, 0x3d, 0x70, 0x54, 0x6b,
+    0xff, 0x0e, 0x20, 0x73, 0x87, 0xa4, 0x76, 0xe7, 0x6e, 0xe2, 0xb4, 0x08, 0xa2, 0x0f, 0x9a, 0x10,
+    0x20, 0x9e, 0xa6, 0x51, 0x92, 0x1f, 0x2c, 0xbb, 0xb7, 0xc6, 0x4c, 0xc8, 0x49, 0x87, 0x74, 0x53,
+    0xd1, 0xe5, 0x18, 0xb4, 0xf3, 0x7b, 0xc7, 0xdb, 0xcd, 0xa8, 0x77, 0x06, 0x98, 0x95, 0x8a, 0x0c,
+    0x85, 0x36, 0xa0, 0x7c, 0xde, 0x71, 0x6d, 0xfd, 0x15, 0xec, 0x21, 0x28, 0x6f, 0x33, 0xb7, 0x50,
+    0x58, 0x76, 0x14, 0xee, 0x6b, 0xa7, 0x45, 0x57, 0x4a, 0xfc, 0xad, 0x05, 0xd4, 0x3e, 0xcf, 0x0a,
+    0x49, 0x51, 0x5e, 0x7f, 0x72, 0x9e, 0x6a, 0x90, 0xb3, 0x85, 0xb1, 0xf6, 0x39, 0x3f, 0xbe, 0x2f,
+    0xfa, 0x05, 0x5d, 0x88, 0x54, 0xa9, 0xab, 0xb3, 0xe2, 0x90, 0x66, 0x86, 0x2a, 0x65, 0x3e, 0xcf,
+    0x87, 0xe6, 0x92, 0xcc, 0x7e, 0x1c, 0x1f, 0x0b, 0x93, 0xd8, 0x55, 0xc5, 0x3f, 0xb6, 0x21, 0x49,
+    0x27, 0x45, 0xe9, 0x1a, 0xe1, 0x7f, 0x83, 0x19, 0xbd, 0x80, 0xea, 0xab, 0x91, 0x68, 0x46, 0x95,
+    0xe8, 0x9a, 0x3c, 0xf1, 0xbd, 0x2a, 0xcf, 0xf9, 0xde, 0xc7, 0x34, 0x0f, 0xbf, 0x42, 0x92, 0x1e,
+    0xf4, 0x70, 0xc3, 0x1e, 0xb2, 0x69, 0x36, 0x34, 0xf6, 0x1c, 0xe9, 0x40, 0x59, 0x78, 0x5a, 0x80,
+    0x5a, 0xa6, 0x26, 0x5e, 0xcb, 0xca, 0x37, 0xa1, 0xcc, 0xc8, 0xd9, 0xe8, 0x84, 0xbb, 0x59, 0x13,
+    0x66, 0xd2, 0x7f, 0xe0, 0x56, 0x96, 0xe2, 0xd7, 0x53, 0xd5, 0x48, 0x6f, 0x2b, 0x06, 0xe5, 0xde,
+    0xf0, 0x13, 0xa7, 0xbd, 0x31, 0xb3, 0xd2, 0x1b, 0x39, 0x74, 0x01, 0x59, 0xf9, 0xb1, 0xb5, 0xb2,
+    0xcb, 0xbc, 0xb1, 0x48, 0xdf, 0x8f, 0xa8, 0xcf, 0xac, 0x2f, 0x36, 0xbd, 0x8e, 0xe3, 0x3b, 0xb9,
+    0x0e, 0x75, 0x9e, 0x96, 0xe6, 0xc0, 0x9d, 0x87, 0x14, 0x8c, 0x8f, 0xc6, 0x73, 0x1d, 0x64, 0x4f,
+    0xe2, 0x8c, 0xc6, 0xc4, 0xd8, 0x30, 0xb6, 0x51, 0x05, 0x23, 0x53, 0xd0, 0x6c, 0x96, 0x19, 0x63,
+    0x57, 0x6b, 0x93, 0x20, 0xdd, 0xb0, 0xe1, 0xab, 0x1d, 0x6a, 0x18, 0x54, 0x8f, 0x80, 0xe0, 0xa8,
+    0xc4, 0xa1, 0x36, 0x86, 0x69, 0x98, 0x0c, 0x33, 0xfb, 0xb9, 0x83, 0xec, 0xd5, 0x5d, 0x14, 0x1b,
+    0x9b, 0x0c, 0x6d, 0x23, 0x71, 0x5f, 0xe6, 0xc6, 0xbb, 0x03, 0x88, 0x8a, 0xd9, 0x8c, 0xe9, 0xd7,
+    0xee, 0x29, 0x6a, 0xe2, 0x9e, 0x9d, 0x59, 0x20, 0x97, 0x9b, 0xa8, 0xfb, 0x4f, 0x0e, 0xeb, 0x35,
+    0x1a, 0x59, 0xa9, 0xfc, 0x2c, 0xf4, 0x6f, 0x14, 0x61, 0x87, 0x41, 0xbb, 0x16, 0x76, 0xb1, 0xb5,
+    0x37, 0x0a, 0xba, 0xd3, 0xa8, 0x91, 0x95, 0xa5, 0x07, 0xe3, 0xcc, 0xcf, 0x54, 0xca, 0x7c, 0x5d,
+    0x2e, 0xeb, 0x38, 0xc7, 0x74, 0xdf, 0xb1, 0x3c, 0xa3, 0x4a, 0xc3, 0x0e, 0x3a, 0x9a, 0x10, 0x1c,
+    0x69, 0xcf, 0xf8, 0x2e, 0xe0, 0x81, 0x46, 0x2b, 0x04, 0x43, 0xfd, 0x3e, 0x70, 0xb8, 0xca, 0x7c,
+    0x8b, 0x43, 0x3e, 0xea, 0x38, 0xb1, 0xf0, 0x7a, 0x01, 0x60, 0xae, 0xee, 0x1c, 0x2e, 0xd3, 0x1f,
+    0xaf, 0xbe, 0xfc, 0x18, 0x29, 0x74, 0x38, 0xee, 0x79, 0xce, 0x0a, 0x3f, 0xf5, 0x60, 0x48, 0x7e,
+    0xc2, 0x12, 0x60, 0x95, 0x4a, 0x2f, 0x9a, 0xea, 0xb2, 0xe5, 0x1f, 0x18, 0x25, 0x11, 0x6d, 0x30,
+    0x7f, 0x33, 0xfd, 0xf4, 0x8a, 0xd8, 0xc6, 0x4e, 0xf7, 0x7c, 0x47, 0xae, 0x45, 0x56, 0x89, 0x9f,
+    0x64, 0x02, 0x4d, 0x50, 0xf6, 0xfb, 0x90, 0x21, 0xd5, 0xe1, 0x3c, 0x82, 0x7b, 0x83, 0x73, 0xc7,
+    0x45, 0xf4, 0xf2, 0x59, 0x34, 0x33, 0x85, 0xe1, 0x21, 0x3d, 0x4a, 0xdd, 0x1a, 0xa7, 0x4c, 0x79,
+    0x14, 0x2c, 0x37, 0x6a, 0xca, 0x34, 0xf2, 0x93, 0x75, 0x0b, 0xce, 0x7d, 0x65, 0x6b, 0xd5, 0xfa,
+    0xfd, 0xde, 0x12, 0xc3, 0x27, 0xc9, 0x04, 0x11, 0xe8, 0xd6, 0xc0, 0xe5, 0xf2, 0x8a, 0x0c, 0x09,
+    0xac, 0x06, 0xd7, 0xf0, 0xd9, 0xce, 0x73, 0x63, 0xbc, 0xe0, 0x44, 0x45, 0x8d, 0x46, 0x95, 0x8a,
+    0x86, 0x8e, 0x8b, 0x94, 0x2e, 0xcb, 0x26, 0x70, 0xd0, 0xc2, 0x6f, 0x52, 0x17, 0x15, 0x6a, 0xa4,
+    0x76, 0x9d, 0x2c, 0x29, 0x1f, 0x78, 0xf4, 0x6b, 0xe9, 0xb6, 0x6e, 0x0b, 0xee, 0xa4, 0xdf, 0x16,
+    0x43, 0x47, 0xa4, 0x4a, 0x17, 0x84, 0x13, 0x38, 0x68, 0x61, 0xd6, 0x29, 0xea, 0xeb, 0x35, 0x52,
+    0x50, 0xb0, 0xdc, 0x6b, 0xae, 0xd0, 0x4e, 0x09, 0x17, 0x2c, 0xbe, 0x37, 0x57, 0x6f, 0xd2, 0x6e,
+    0x28, 0x58, 0x6e, 0xd4, 0x57, 0x68, 0x27, 0xe5, 0xea, 0x16, 0x5f, 0xfa, 0xca, 0xd6, 0x69, 0x37,
+    0xaa, 0xb5, 0x81, 0xe3, 0xfa, 0x79, 0xe5, 0xba, 0xf5, 0xbc, 0xd8, 0xb1, 0x7d, 0x0a, 0xec, 0xa1,
+    0x5e, 0xc5, 0x42, 0xfd, 0x48, 0x10, 0xd3, 0x8e, 0x03, 0xa0, 0x31, 0xf1, 0x24, 0x72, 0xb6, 0x21,
+    0xdd, 0x40, 0xb4, 0x92, 0xb5, 0xd6, 0x28, 0xaa, 0x5f, 0x10, 0x8c, 0x2d, 0xbb, 0x0d, 0x78, 0x5a,
+    0xbb, 0x92, 0xcb, 0x72, 0xe3, 0x40, 0xca, 0x7d, 0x0c, 0xc5, 0xc4, 0x42, 0x90, 0x0b, 0x9d, 0x84,
+    0x96, 0xc1, 0xd8, 0x5d, 0x67, 0x25, 0x30, 0xcc, 0x6a, 0xa1, 0x49, 0x36, 0xd2, 0xb7, 0x50, 0x6c,
+    0x05, 0x0b, 0x7d, 0xfb, 0xd3, 0x0d, 0xdd, 0x54, 0x8c, 0x72, 0xd2, 0x8e, 0x88, 0x6a, 0xa4, 0xdf,
+    0x7b, 0x50, 0x99, 0x57, 0x09, 0x02, 0x22, 0x61, 0x38, 0x14, 0xaf, 0xb7, 0xe5, 0x9f, 0x66, 0xad,
+    0xf6, 0xa0, 0xf1, 0xae, 0x12, 0x04, 0x44, 0xc2, 0x70, 0x28, 0x9d, 0xad, 0x09, 0xfd, 0xcc, 0x99,
+    0x2b, 0xe0, 0x45, 0x3c, 0xa7, 0xd2, 0x6c, 0x68, 0x2f, 0x38, 0x11, 0x80, 0xb2, 0xf0, 0xb4, 0xc3,
+    0x09, 0xae, 0xd1, 0xdd, 0x95, 0xa0, 0x32, 0x25, 0x1e, 0xca, 0x29, 0xa5, 0xab, 0xf2, 0x56, 0x89,
+    0xc7, 0x19, 0x1d, 0x6e, 0x99, 0x22, 0x47, 0xbe, 0x3e, 0x97, 0xcd, 0x96, 0xad, 0x7b, 0xc9, 0xef,
+    0x46, 0x4c, 0xd9, 0xb1, 0xc4, 0x89, 0xce, 0x6c, 0xe4, 0x13, 0x04, 0xa7, 0x62, 0x81, 0x91, 0x8d,
+    0x0d, 0xcd, 0xb5, 0x7e, 0x16, 0x7a, 0xd6, 0x0a, 0xd1, 0xa2, 0xc1, 0xbc, 0x0b, 0x3b, 0xb9, 0xbb,
+    0x13, 0xf7, 0x78, 0x21, 0xb9, 0x54, 0x5d, 0x31, 0x7f, 0x4d, 0x68, 0x1e, 0xbd, 0x84, 0xe7, 0x3c,
+    0x61, 0x09, 0x30, 0xab, 0x25, 0xf6, 0x4d, 0x75, 0x59, 0x93, 0xee, 0x0c, 0xf3, 0xe9, 0xd7, 0x18,
+    0x01, 0x68, 0x19, 0x58, 0x50, 0xd7, 0x39, 0x7b, 0x43, 0x1a, 0x3a, 0x97, 0x28, 0xa3, 0x4b, 0xed,
+    0xef, 0x41, 0x73, 0xba, 0xce, 0x4a, 0x60, 0x5b, 0xd4, 0x81, 0x92, 0x6c, 0x67, 0xad, 0xa0, 0xd8,
+    0x8d, 0xf0, 0x68, 0xf9, 0x1b, 0x06, 0x66, 0xa3, 0x48, 0x3c, 0x32, 0x1a, 0xec, 0x62, 0xaa, 0x34,
+    0xd3, 0x35, 0x2a, 0x04, 0x53, 0x16, 0xb5, 0x2d, 0x4b, 0x9c, 0x03, 0xeb, 0xc8, 0x10, 0x1c, 0x15,
+    0xbc, 0x49, 0x84, 0x39, 0x90, 0x20, 0x65, 0xdf, 0x06, 0x83, 0x62, 0x21, 0x48, 0xe4, 0xaf, 0x42,
+    0xf1, 0x7b, 0xbe, 0xe5, 0x61, 0x64, 0xeb, 0x60, 0x7a, 0x6e, 0x3b, 0xce, 0xd1, 0x12, 0xfe, 0x5f,
+    0x32, 0x01, 0xc7, 0x28, 0x7b, 0x9c, 0x48, 0xf1, 0x8b, 0x91, 0x1e, 0x41, 0xdc, 0xa0, 0xd8, 0x82,
+    0x5c, 0x15, 0x70, 0x4d, 0xe8, 0x7d, 0xa1, 0x78, 0x85, 0x94, 0x45, 0x1c, 0x74, 0xf7, 0x20, 0x38,
+    0x02, 0xd0, 0x32, 0xb0, 0xa0, 0x6d, 0x72, 0xf6, 0x86, 0x34, 0x74, 0xed, 0x50, 0x85, 0x96, 0x19,
+    0xb1, 0x84, 0x31, 0x47, 0x86, 0x5a, 0xb3, 0xd5, 0xd7, 0x21, 0xa3, 0x9d, 0x43, 0xdf, 0x16, 0xf9,
+    0x56, 0x03, 0x8a, 0x78, 0x8d, 0x67, 0xd8, 0xd0, 0x5e, 0x70, 0x22, 0xc3, 0xa7, 0x23, 0xab, 0x45,
+    0x51, 0xd8, 0xc5, 0x33, 0xfe, 0x07, 0x77, 0x72, 0x54, 0x36, 0x84, 0xa0, 0x7f, 0xcc, 0x99, 0x83,
+    0xc9, 0x6c, 0x83, 0xf8, 0x7f, 0xe2, 0xda, 0x39, 0x2a, 0x1b, 0x42, 0x50, 0xde, 0x66, 0xad, 0xa0,
+    0xd6, 0x3e, 0x57, 0xff, 0x80, 0x1b, 0x68, 0x79, 0xc7, 0xee, 0xd1, 0x65, 0x40, 0x7a, 0xb8, 0xca,
+    0x4e, 0x8a, 0x11, 0x34, 0x01, 0xfe, 0xc5, 0x32, 0xb9, 0xc3, 0x17, 0x95, 0xe1, 0xd0, 0x8c, 0xe9,
+    0xc8, 0x04, 0x9a, 0xa0, 0x2f, 0x35, 0xe3, 0x42, 0x69, 0x01, 0x78, 0xc7, 0xf6, 0xc5, 0xe6, 0x4d,
+    0xa0, 0xa3, 0x7b, 0xd6, 0x9f, 0x63, 0x9c, 0x12, 0x2e, 0x58, 0xbf, 0x6e, 0xae, 0xde, 0x67, 0xdc,
+    0x31, 0xb9, 0xec, 0xc0, 0x8b, 0x26, 0x03, 0x7c, 0x4e, 0xbf, 0x50, 0x3b, 0xa4, 0x86, 0x05, 0x76,
+    0x22, 0x4e, 0x94, 0xe1, 0x32, 0x72, 0x5e, 0x4d, 0x31, 0xf2, 0x38, 0x25, 0x19, 0x02, 0xe2, 0x4a,
+    0xa5, 0xa8, 0x06, 0x2d, 0x4c, 0x6e, 0x41, 0x46, 0xa2, 0x2a, 0x6d, 0xe0, 0x26, 0xb4, 0xc3, 0x03,
+    0x17, 0x94, 0x1c, 0x82, 0x3a, 0x8e, 0xb9, 0x1e, 0xb0, 0x25, 0x80, 0x07, 0x1d, 0x4d, 0x08, 0x0e,
+    0x33, 0x69, 0xde, 0x70, 0x2b, 0x4b, 0x71, 0x8a, 0xc8, 0x8b, 0x24, 0xd6, 0xf4, 0x03, 0x93, 0x6f,
+    0x94, 0x11, 0xea, 0xed, 0xc7, 0x48, 0x42, 0x3a, 0xec, 0x95, 0x3d, 0xdb, 0x82, 0x32, 0xc6, 0x75,
+    0xeb, 0x22, 0x17, 0x19, 0x4d, 0x90, 0x84, 0x74, 0x1b, 0xe9, 0x7a, 0x75, 0xc7, 0x64, 0x4f, 0xea,
+    0x84, 0x5e, 0xb9, 0x24, 0x8e, 0xa6, 0x54, 0x86, 0x56, 0xf6, 0x1b, 0xbf, 0x47, 0x90, 0xfc, 0xbd,
+    0x08, 0xc6, 0xc8, 0x85, 0xc5, 0x77, 0x0b, 0x5e, 0x5d, 0xd0, 0x13, 0x32, 0x83, 0x51, 0x1d, 0x64,
+    0x25, 0x95, 0xdb, 0xaa, 0x41, 0x12, 0xf1, 0xef, 0x3b, 0xb4, 0x9e, 0x46, 0xc1, 0xed, 0xd0, 0x8c,
+    0xf9, 0xbd, 0x76, 0x60, 0xa4, 0x13, 0xe0, 0x3e, 0x27, 0xbe, 0x28, 0xfc, 0x52, 0x43, 0xe3, 0x3b,
+    0x39, 0x7f, 0x24, 0x45, 0x4e, 0x51, 0x08, 0x22, 0x13, 0x6f, 0x43, 0x09, 0x27, 0xd7, 0x18, 0x12,
+    0x60, 0x61, 0x29, 0xf3, 0x75, 0x21, 0x74, 0x0e, 0x1a, 0x89, 0xd4, 0x9b, 0xdb, 0x4a, 0x9c, 0xf5,
+    0xb2, 0x3c, 0x1a, 0xaf, 0x76, 0xe0, 0xf8, 0x58, 0x12, 0x0f, 0xed, 0xe7, 0x3b, 0xf9, 0xcb, 0x0d,
+    0xd4, 0xee, 0x65, 0x4f, 0x20, 0x76, 0x1a, 0x8f, 0x41, 0xda, 0xa5, 0x88, 0x10, 0xff, 0x2e, 0xd3,
+    0x6f, 0x7c, 0xae, 0x3d, 0xc3, 0x36, 0xd0, 0xf2, 0x4d, 0x1f, 0x61, 0xca, 0x80, 0xf4, 0xb3, 0x57,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x6d, 0xac, 0x9c, 0x8d, 0x63, 0x5b, 0xa2, 0x04, 0xcb, 0x2b, 0x15, 0x27, 0xd0, 0x71, 0x25, 0x4e,
+    0xa1, 0xcb, 0x62, 0x8e, 0xcf, 0xb4, 0xa5, 0x69, 0x6d, 0x42, 0x85, 0xf9, 0x86, 0x7d, 0x2c, 0x31,
+    0x12, 0x9f, 0x61, 0x79, 0xe9, 0x83, 0x64, 0x4a, 0x3c, 0x57, 0x52, 0x89, 0x95, 0x27, 0xac, 0xd1,
+    0xd8, 0x4b, 0xc9, 0x69, 0x66, 0xdb, 0xf5, 0xfe, 0xd3, 0x62, 0x5e, 0xa3, 0x33, 0x67, 0xdc, 0x85,
+    0xa3, 0x1b, 0x50, 0x3e, 0x6f, 0xd9, 0xd7, 0x9f, 0xeb, 0x76, 0xf1, 0x14, 0xd6, 0xf8, 0xba, 0x28,
+    0xa4, 0xc0, 0x1f, 0x75, 0x1c, 0xb9, 0x78, 0x3d, 0xe1, 0x30, 0x57, 0x77, 0x0e, 0x17, 0x88, 0xee,
+    0xcf, 0xdf, 0xd5, 0xeb, 0x5c, 0x55, 0x4c, 0xe0, 0x63, 0x47, 0xde, 0xa4, 0x2e, 0x2a, 0xd4, 0x8b,
+    0x9a, 0x64, 0x74, 0x7b, 0x21, 0x88, 0xdf, 0xbd, 0xf8, 0x19, 0xb2, 0x1d, 0xf1, 0x2f, 0xa2, 0x3a,
+    0xcc, 0x67, 0xfe, 0x03, 0xac, 0xef, 0x07, 0x6d, 0xa6, 0x69, 0x90, 0xde, 0x56, 0x0c, 0x09, 0x7f,
+    0x52, 0x60, 0xee, 0xdb, 0x0e, 0xbd, 0x3c, 0xff, 0x91, 0x18, 0xca, 0xda, 0x07, 0xea, 0x44, 0x77,
+    0x1c, 0xea, 0xff, 0xef, 0x0f, 0x43, 0xf9, 0xcd, 0x28, 0xdb, 0xdd, 0x4f, 0xe6, 0x3a, 0xc8, 0x9e,
+    0x2f, 0x83, 0x21, 0x9f, 0x24, 0x08, 0x88, 0x47, 0xe0, 0x50, 0xf9, 0x99, 0x12, 0x39, 0x5b, 0xf1,
+    0x7e, 0x5b, 0xe4, 0xac, 0xda, 0x0f, 0xff, 0x35, 0xb4, 0x66, 0x7d, 0x39, 0x6d, 0xf5, 0xc2, 0x72,
+    0x93, 0xca, 0xa5, 0xa6, 0xb4, 0x28, 0xed, 0x98, 0xe6, 0xd3, 0x9b, 0xb8, 0x5a, 0xdd, 0xf4, 0xb3,
+    0x42, 0x2f, 0xbd, 0x12, 0x47, 0x53, 0x2a, 0x43, 0x2b, 0x7b, 0xec, 0xbe, 0xc2, 0x48, 0x7e, 0xbf,
+    0xb3, 0x54, 0x03, 0xf7, 0x26, 0x37, 0xc1, 0x23, 0x51, 0x15, 0xd7, 0x70, 0x13, 0x5a, 0x80, 0xe0,
+    0x18, 0x89, 0x9b, 0x4c, 0x8c, 0x99, 0x1d, 0xe2, 0xe7, 0xb3, 0x35, 0x56, 0x46, 0xf3, 0x27, 0xac,
+    0xb8, 0x2a, 0xe0, 0x9a, 0x13, 0xfa, 0x81, 0xf0, 0xc9, 0xeb, 0x8a, 0x38, 0xe8, 0x2d, 0x40, 0x70,
+    0xfc, 0xb6, 0x0b, 0x9b, 0x77, 0x1e, 0x3d, 0x6a, 0xab, 0xcc, 0xfa, 0x72, 0xda, 0x29, 0x47, 0xe4,
+    0x44, 0x9c, 0xeb, 0x01, 0x64, 0xe4, 0xbc, 0x9a, 0x62, 0x27, 0x70, 0x4a, 0x32, 0x04, 0x07, 0x94,
+    0xe6, 0xef, 0xa2, 0x67, 0x5b, 0xea, 0x52, 0x7e, 0xca, 0x4b, 0xbb, 0xc9, 0xcc, 0x5f, 0xf6, 0x51,
+    0x8c, 0x98, 0x71, 0xa1, 0x4b, 0xd1, 0x5f, 0xd8, 0x0b, 0x26, 0x08, 0x8d, 0xc4, 0xc1, 0xe1, 0xd9,
+    0xc6, 0x71, 0x04, 0x36, 0xc9, 0xf5, 0x7e, 0xc5, 0x7d, 0x8d, 0xf7, 0x01, 0x85, 0xd8, 0x82, 0x02,
+    0x63, 0xd9, 0x02, 0x1b, 0x85, 0x9b, 0x3f, 0x83, 0xdf, 0xa7, 0x9a, 0xe1, 0xa3, 0x6c, 0x41, 0x01,
+    0xbf, 0xf1, 0xaf, 0xd1, 0x60, 0x9a, 0x2e, 0x52, 0xc3, 0xad, 0x2c, 0x5b, 0x30, 0xc2, 0x72, 0xb6,
+    0xf2, 0xc3, 0x95, 0x0d, 0x91, 0xde, 0xa0, 0xed, 0xbf, 0x40, 0x75, 0xb4, 0xa9, 0x34, 0x23, 0xab,
+    0x2c, 0x3b, 0x0a, 0x77, 0xd4, 0xb2, 0xc3, 0xca, 0x25, 0x7e, 0xb7, 0xe3, 0x6a, 0x1f, 0x86, 0x05,
+    0x11, 0x27, 0x4a, 0x91, 0x19, 0x39, 0x2f, 0xc7, 0xf9, 0x79, 0x1c, 0xf3, 0xed, 0x01, 0x71, 0x25,
+    0x73, 0x96, 0x51, 0xd2, 0xcc, 0x75, 0x29, 0x3f, 0x65, 0xc4, 0xbc, 0x85, 0x66, 0xce, 0x7b, 0xc9,
+    0xdc, 0x28, 0xad, 0xca, 0xe5, 0x01, 0x11, 0xd1, 0x1c, 0x0a, 0xb6, 0xba, 0x93, 0xae, 0x33, 0xb7,
+    0xd9, 0x23, 0xd0, 0x31, 0x36, 0x0c, 0xcc, 0x85, 0x90, 0x78, 0x64, 0x34, 0x1b, 0xc4, 0x97, 0x68,
+    0x92, 0xa2, 0xbc, 0xfe, 0xe4, 0xff, 0xd4, 0xe3, 0xa5, 0xc9, 0xa1, 0x2f, 0x72, 0x7e, 0xbf, 0x5e,
+    0x3e, 0xa4, 0x6b, 0x0e, 0x3d, 0x31, 0xa7, 0x80, 0x19, 0x29, 0xe5, 0x6a, 0xff, 0x38, 0x2a, 0xd4,
+    0xd2, 0x5d, 0x33, 0x5c, 0x03, 0xc1, 0x8c, 0x56, 0x08, 0x86, 0x39, 0x7c, 0xe0, 0xb3, 0x57, 0xf8,
+    0x59, 0x1e, 0x0d, 0xb6, 0x3b, 0x70, 0x7c, 0x2c, 0x09, 0xe6, 0x97, 0x92, 0xfc, 0x9d, 0x84, 0xe7,
+    0x75, 0x25, 0x07, 0xc1, 0xef, 0xc2, 0xbf, 0xe6, 0x2c, 0x98, 0x20, 0x71, 0x96, 0x82, 0x02, 0xe2,
+    0x19, 0xe1, 0x82, 0x14, 0xdc, 0x4e, 0x24, 0x99, 0xa4, 0xa9, 0x0f, 0xc1, 0x6e, 0x50, 0x6c, 0x41,
+    0xb4, 0x8f, 0x4c, 0xbc, 0x55, 0x57, 0x6e, 0x81, 0x5b, 0x53, 0x71, 0x13, 0xcb, 0xb5, 0xb2, 0x26,
+    0x81, 0x55, 0xc4, 0xdf, 0x5d, 0xab, 0x89, 0xd2, 0xda, 0x84, 0xc9, 0x31, 0xcf, 0xfa, 0x58, 0x62,
+    0xe4, 0x3f, 0x90, 0xd7, 0xfb, 0x87, 0x20, 0x88, 0x4c, 0x7f, 0xcf, 0x24, 0x9c, 0xda, 0x60, 0x48,
+    0xe5, 0x57, 0x89, 0x8f, 0xab, 0x50, 0x19, 0xf3, 0x0f, 0x65, 0xf5, 0xb3, 0xb4, 0x79, 0x2b, 0xa5,
+    0x0f, 0x1d, 0x87, 0xce, 0xb6, 0x17, 0xa4, 0xfc, 0x57, 0x96, 0xb5, 0x51, 0x5b, 0xbe, 0x2f, 0xa2,
+    0x47, 0x24, 0xc0, 0xe9, 0x94, 0x5e, 0xf7, 0x17, 0xa7, 0x09, 0x3e, 0x30, 0x4a, 0x22, 0xda, 0x60,
+    0x9c, 0xd7, 0x22, 0x68, 0x02, 0x3f, 0x49, 0x64, 0xb1, 0x45, 0x2e, 0xe9, 0x01, 0x63, 0xdb, 0x11,
+    0x2a, 0x88, 0x5c, 0x64, 0xf7, 0x05, 0x55, 0x13, 0x6c, 0x22, 0x2b, 0x17, 0x9a, 0x53, 0xff, 0x2e,
+    0xa8, 0x65, 0xb3, 0x53, 0x5a, 0x14, 0x97, 0x4c, 0x73, 0x88, 0xac, 0x5c, 0x2d, 0x8f, 0x7a, 0xb8,
+    0x5b, 0xce, 0x3f, 0x06, 0x9b, 0x1d, 0x0e, 0xda, 0x8f, 0xd2, 0xe3, 0x7f, 0xac, 0x18, 0x12, 0xfe,
+    0x8f, 0x20, 0x5a, 0x49, 0xbb, 0x6b, 0x14, 0x55, 0xce, 0x08, 0x46, 0xf7, 0xbc, 0xe7, 0x3c, 0x2d,
+    0x04, 0x63, 0x64, 0xa3, 0x83, 0xda, 0xe4, 0x2f, 0xcf, 0x68, 0xe8, 0x19, 0xa0, 0xc9, 0xef, 0x32,
+    0xa6, 0x10, 0x2d, 0xc5, 0xbc, 0xd4, 0x0a, 0xcb, 0x67, 0x04, 0x23, 0x9a, 0x5e, 0x92, 0x1e, 0xf7,
+    0x72, 0xfe, 0x48, 0x8a, 0x9c, 0xa2, 0x10, 0x44, 0x26, 0xde, 0x86, 0x12, 0x4e, 0x6d, 0x30, 0x24,
+    0xba, 0xfa, 0xd2, 0x2a, 0xb3, 0x97, 0xf3, 0x06, 0x4f, 0xdf, 0xfe, 0xd5, 0xb8, 0xa8, 0xd6, 0x69,
+    0x30, 0xd1, 0xf5, 0x98, 0xdb, 0xf1, 0x3a, 0x07, 0x0d, 0xa5, 0x6a, 0xac, 0x8c, 0x25, 0x4e, 0x9b,
+    0x4c, 0x5a, 0x23, 0x84, 0xa1, 0x93, 0xb7, 0xc4, 0x3f, 0xf7, 0x63, 0x78, 0xb1, 0x55, 0x1a, 0xf0,
+    0x82, 0xed, 0xef, 0x37, 0xad, 0x11, 0xc2, 0x5f, 0x1f, 0xaa, 0x87, 0x4b, 0xb7, 0xdc, 0x85, 0x96,
+    0x6a, 0x77, 0xd3, 0xc6, 0x10, 0x3b, 0x0d, 0xa6, 0xc1, 0x6d, 0xb3, 0x44, 0x08, 0x9e, 0x17, 0x88,
+    0x88, 0xfb, 0x15, 0x02, 0xc8, 0x0b, 0xbb, 0xf7, 0xc4, 0x4e, 0xe0, 0x94, 0x64, 0x08, 0x0e, 0xeb,
+    0x3c, 0x74, 0x59, 0xbe, 0x9d, 0x5c, 0xd5, 0x76, 0x9f, 0x1d, 0x91, 0x87, 0xaf, 0xbd, 0xbc, 0xcd,
+    0x6e, 0x14, 0xb7, 0x65, 0x93, 0xe1, 0xe9, 0x89, 0x0e, 0x05, 0x5b, 0x5d, 0xa8, 0x57, 0xf8, 0xba,
+    0x0b, 0x7e, 0xe3, 0x6d, 0x35, 0xcd, 0x40, 0xd3, 0x98, 0xfe, 0x5d, 0x48, 0xfb, 0x77, 0xc0, 0x90,
+    0x9e, 0x07, 0x10, 0xd8, 0xa2, 0x52, 0x3b, 0x92, 0x37, 0x71, 0x5a, 0x04, 0x51, 0xe6, 0x4d, 0x08,
+    0x68, 0xa7, 0xe1, 0x76, 0xb0, 0x56, 0x7f, 0x50, 0x47, 0x59, 0xc7, 0xa9, 0x58, 0x1b, 0x81, 0x91,
+    0x67, 0xba, 0x66, 0xb8, 0x06, 0x41, 0xdb, 0xac, 0x10, 0xcf, 0x72, 0xf8, 0x03, 0xa5, 0xae, 0x33,
+    0xc5, 0xc9, 0x2f, 0xde, 0x39, 0x4f, 0x35, 0x48, 0xb8, 0xa3, 0xb9, 0x7b, 0xfd, 0xfe, 0x5f, 0xf6,
+    0x74, 0x4d, 0x1e, 0x99, 0xbf, 0x15, 0x86, 0x9d, 0x6f, 0x82, 0x1a, 0xe6, 0xbe, 0x21, 0x49, 0x0f,
+    0x40, 0xff, 0x8f, 0xa2, 0xe7, 0x3e, 0x58, 0xb5, 0xad, 0x4f, 0x98, 0x53, 0x92, 0xcd, 0xe8, 0xa6,
+    0x0c, 0xa5, 0xac, 0x26, 0x46, 0xad, 0xef, 0x71, 0x92, 0xb8, 0xfb, 0x2b, 0x23, 0x98, 0xf2, 0x56,
+    0xe7, 0x87, 0xbb, 0x3f, 0x0b, 0x3d, 0x6b, 0x05, 0x89, 0x51, 0x81, 0x5e, 0xe4, 0xfc, 0xbd, 0xbc,
+    0x9d, 0xbf, 0x3b, 0x30, 0x52, 0xe8, 0x70, 0x1f, 0xf2, 0x5f, 0x14, 0x7e, 0x29, 0xc0, 0x90, 0xfc,
+    0x90, 0x72, 0x8e, 0x4e, 0x44, 0x92, 0xa6, 0x15, 0x23, 0xfd, 0xd5, 0xc2, 0x22, 0xfb, 0x29, 0x47,
+    0x7a, 0x38, 0x80, 0x0f, 0x59, 0xd5, 0x1b, 0x1a, 0x7b, 0x0e, 0x95, 0x20, 0xcd, 0x3c, 0x2d, 0x40,
+    0x3a, 0xc7, 0x0f, 0xad, 0xbe, 0xeb, 0x43, 0xaf, 0xd6, 0x41, 0x0d, 0x73, 0x5f, 0xf1, 0xc5, 0xe6,
+    0x35, 0xda, 0x88, 0x63, 0x08, 0xfc, 0xe7, 0x53, 0x81, 0xd7, 0xb8, 0x22, 0x04, 0x4f, 0xea, 0x44,
+    0x34, 0xb2, 0x91, 0x3b, 0x58, 0x2b, 0xde, 0x28, 0xc2, 0xcd, 0x82, 0xb5, 0x2c, 0xec, 0xa1, 0xa9,
+    0x9f, 0x6f, 0x09, 0x80, 0xf2, 0x85, 0x02, 0xe9, 0x74, 0x6b, 0x60, 0x93, 0x79, 0x45, 0x06, 0xe5,
+    0xb7, 0x37, 0x67, 0x54, 0xa5, 0xed, 0x25, 0x0c, 0x9e, 0x7d, 0x3f, 0x69, 0xb3, 0x93, 0x6f, 0xd2,
+    0xf8, 0xd5, 0x6f, 0x38, 0xf4, 0xc4, 0xd9, 0x45, 0x64, 0xa4, 0x12, 0x6b, 0x7a, 0xe0, 0xa8, 0xd6,
+    0x4f, 0xe2, 0x08, 0x6c, 0x51, 0x29, 0xfc, 0x49, 0xfa, 0xd9, 0x2d, 0x02, 0xc9, 0x73, 0xc7, 0x04,
+    0x6b, 0x1f, 0xca, 0x9e, 0x40, 0xec, 0x34, 0xdd, 0x82, 0x77, 0x89, 0xd3, 0x20, 0x3d, 0x5c, 0x65,
+    0x83, 0x85, 0xf6, 0x6f, 0xfd, 0xc6, 0xfb, 0x24, 0x5c, 0xb0, 0xbd, 0xdc, 0x9f, 0x7f, 0xce, 0x7b,
+    0x5f, 0xad, 0x5b, 0xa5, 0x18, 0xc7, 0xea, 0xf5, 0x40, 0xba, 0x0b, 0x66, 0x0c, 0xd1, 0xfd, 0xcc,
+    0xa7, 0x78, 0x34, 0x9d, 0xec, 0x03, 0x33, 0xb0, 0x24, 0x1e, 0x19, 0x0d, 0x76, 0x31, 0x55, 0x1a,
+    0x1e, 0x3a, 0xcd, 0x5f, 0xaf, 0x2e, 0x8b, 0x3b, 0xae, 0xef, 0xa9, 0xa2, 0xb6, 0xbf, 0x5e, 0x87,
+    0x10, 0x4f, 0x53, 0xc9, 0x49, 0xee, 0x16, 0xbc, 0xba, 0x63, 0x26, 0x64, 0xc5, 0xa2, 0x3a, 0xc8,
+    0xc3, 0x7a, 0x79, 0xcd, 0x1a, 0xf8, 0xa3, 0x91, 0xf1, 0xff, 0x25, 0x8f, 0x0d, 0xb2, 0x26, 0xdd,
+    0x78, 0xe8, 0xb2, 0xbf, 0xf9, 0xb8, 0x69, 0xec, 0xfd, 0x3a, 0xe1, 0xcd, 0x9d, 0xb9, 0xbb, 0x59,
+    0x2d, 0x53, 0x13, 0x2f, 0x84, 0x65, 0xfa, 0xb1, 0x66, 0x64, 0x8d, 0x74, 0x42, 0xbc, 0xcd, 0xe8,
+    0x77, 0xf5, 0x35, 0x71, 0x4f, 0xaf, 0xcd, 0x10, 0xaa, 0xac, 0x54, 0x9c, 0xc6, 0x07, 0x94, 0xfb,
+    0xe3, 0xe4, 0xdf, 0x9c, 0x88, 0xe7, 0x8f, 0x2a, 0x46, 0x39, 0x69, 0x47, 0x44, 0x35, 0x52, 0x8e,
+    0x80, 0x3d, 0xdd, 0x87, 0x0d, 0x7c, 0xb0, 0xa9, 0x99, 0x9e, 0xf3, 0xa6, 0xe7, 0x59, 0x13, 0x8f,
+  },
+  { /* 6 */
+    0xa2, 0xc8, 0x81, 0xe2, 0x3b, 0xb3, 0xc2, 0x65, 0xc5, 0x23, 0x88, 0xa8, 0x4b, 0xa0, 0x07, 0xfc,
+    0x7e, 0x5e, 0xba, 0x73, 0x1f, 0x4c, 0x94, 0x8f, 0x72, 0xc4, 0x53, 0xb4, 0x67, 0xfd, 0xe6, 0xee,
+    0x65, 0xcf, 0x9b, 0x0b, 0x79, 0xd8, 0x3c, 0xc1, 0x2a, 0xfe, 0xa1, 0x96, 0xda, 0xeb, 0x16, 0xdd,
+    0x09, 0xce, 0x1f, 0x28, 0x22, 0xcd, 0xd9, 0x3a, 0x89, 0x16, 0xef, 0x1e, 0x6b, 0xb3, 0x50, 0x11,
+    0xb9, 0x59, 0xa0, 0x9a, 0x5d, 0x27, 0x6a, 0x2b, 0x9d, 0x19, 0x7a, 0x8a, 0xf6, 0xb6, 0xf7, 0xcf,
+    0xaa, 0x23, 0xa2, 0x8f, 0xdc, 0xda, 0x7c, 0x18, 0xa1, 0x08, 0x06, 0xf5, 0x92, 0xb9, 0xdd, 0x6e,
+    0x3c, 0x40, 0x19, 0x17, 0x62, 0x09, 0xe3, 0x6f, 0xcd, 0x25, 0x6b, 0x9f, 0xc7, 0xa2, 0x2e, 0x31,
+    0x92, 0xf7, 0x4b, 0x4f, 0x2c, 0x06, 0xc0, 0xa8, 0x5e, 0xd9, 0x2a, 0xa5, 0xd8, 0xf6, 0x9e, 0x16,
+    0x39, 0xf1, 0xd5, 0x85, 0x35, 0x78, 0xdb, 0xf7, 0x12, 0xec, 0x4d, 0x13, 0xf8, 0xe5, 0xc9, 0xfb,
+    0xf0, 0xc3, 0x64, 0x5c, 0x4b, 0x24, 0x0a, 0x7f, 0xb2, 0x94, 0x6f, 0x39, 0x9a, 0xcd, 0xb8, 0xc4,
+    0xcb, 0x78, 0xc9, 0x53, 0x37, 0xd7, 0x1f, 0x06, 0xb9, 0x02, 0xe0, 0xac, 0xc5, 0xbf, 0xa6, 0xfa,
+    0xfe, 0xf6, 0xcf, 0x6c, 0x77, 0x13, 0x25, 0x53, 0xfd, 0x31, 0x64, 0x2d, 0x69, 0xae, 0xd8, 0xda,
+    0xe0, 0xd6, 0x22, 0x86, 0x46, 0xf6, 0xb5, 0x85, 0x7a, 0xc2, 0xb0, 0x83, 0xeb, 0xff, 0xcf, 0x23,
+    0x02, 0x4a, 0x78, 0x8a, 0x49, 0x8b, 0xce, 0x8e, 0x19, 0x7a, 0xc2, 0x86, 0xa7, 0x97, 0xd7, 0xc5,
+    0x4e, 0x61, 0x70, 0xde, 0x08, 0xf9, 0x96, 0x42, 0xe9, 0x3e, 0xf1, 0xb9, 0xf4, 0xab, 0x7f, 0x04,
+    0x4a, 0xf5, 0x80, 0x09, 0x9a, 0x2c, 0xc9, 0x9d, 0xdb, 0xca, 0xb6, 0x76, 0x79, 0x46, 0x12, 0x4d,
+    0xe5, 0x67, 0xee, 0x14, 0x11, 0x87, 0x8d, 0x1d, 0xa5, 0x0b, 0x96, 0x0f, 0xd4, 0xb8, 0x28, 0xe9,
+    0x3f, 0x2f, 0x5d, 0xd8, 0xee, 0x26, 0x4a, 0xa6, 0x39, 0x62, 0xc8, 0x5a, 0xd2, 0x9f, 0x73, 0x77,
+    0x70, 0x6b, 0x11, 0x43, 0x23, 0x7b, 0xbb, 0xa3, 0x3d, 0x61, 0x58, 0xa0, 0x94, 0x9e, 0x86, 0xf0,
+    0x0c, 0x7f, 0xd3, 0xba, 0x75, 0xbc, 0xe1, 0xa2, 0x56, 0xdf, 0xc9, 0x92, 0x54, 0xf4, 0xb7, 0xdb,
+    0xfa, 0x62, 0x3f, 0xbb, 0xe5, 0xc6, 0x7a, 0x8c, 0xcf, 0xc5, 0x23, 0xe2, 0xe4, 0x43, 0xb5, 0x93,
+    0xc0, 0xfc, 0xae, 0xf1, 0x5c, 0x91, 0x08, 0xb2, 0x29, 0x6e, 0xcd, 0x34, 0x09, 0x9b, 0x21, 0x2e,
+    0x41, 0x71, 0xe7, 0xab, 0xf1, 0x6a, 0xde, 0x29, 0x4b, 0xa6, 0x9b, 0xee, 0xb5, 0x62, 0x95, 0x99,
+    0xa1, 0xa7, 0xc5, 0x2d, 0xb7, 0x9c, 0x6b, 0xac, 0x31, 0x64, 0x2b, 0x6d, 0x5e, 0x9d, 0x5a, 0xba,
+    0x60, 0x7e, 0x57, 0x99, 0x2e, 0xa9, 0x04, 0x59, 0xf5, 0x37, 0x87, 0x1a, 0xe5, 0xac, 0xf1, 0x17,
+    0xa7, 0x79, 0x4d, 0x70, 0x6c, 0xc2, 0xfa, 0xfd, 0x1a, 0xea, 0xae, 0x24, 0x74, 0xe7, 0xe0, 0x36,
+    0x82, 0xe2, 0x0d, 0x95, 0x21, 0xd4, 0x7f, 0x52, 0x96, 0x8f, 0xf5, 0x1f, 0xa9, 0xc4, 0xe9, 0xf1,
+    0x53, 0x2e, 0xd9, 0xfb, 0xb5, 0x33, 0xaf, 0x5d, 0x9a, 0x8a, 0x86, 0xd2, 0x63, 0xc7, 0x35, 0xbb,
+    0xb5, 0x26, 0x73, 0x20, 0x28, 0x9b, 0x8b, 0x89, 0xcb, 0xc6, 0xb3, 0x18, 0xa2, 0x42, 0x40, 0x14,
+    0x9e, 0x88, 0x98, 0xf5, 0x59, 0xba, 0x21, 0x0a, 0x08, 0x06, 0xe3, 0x37, 0x8c, 0x02, 0x29, 0xcd,
+    0x96, 0x63, 0xbb, 0x98, 0xbe, 0xd3, 0x9f, 0x77, 0x6c, 0x2d, 0x6d, 0x6a, 0x55, 0x1b, 0xf3, 0x5f,
+    0x4c, 0x2b, 0x08, 0x54, 0x41, 0x72, 0x58, 0xcc, 0xf0, 0x44, 0x33, 0x3f, 0x53, 0x3c, 0xa8, 0xc1,
+    0x1e, 0x20, 0xed, 0xea, 0x31, 0xe5, 0x90, 0xd6, 0x87, 0xf3, 0xd4, 0xae, 0x82, 0x51, 0x17, 0xf9,
+    0x67, 0x85, 0xe3, 0x81, 0x30, 0x53, 0xf2, 0x4f, 0x33, 0x84, 0x63, 0x10, 0x7d, 0x7c, 0xc1, 0x18,
+    0xe3, 0xb9, 0x66, 0x49, 0xca, 0xd9, 0x1c, 0x4c, 0x8e, 0x85, 0x13, 0x46, 0xfe, 0xc2, 0x92, 0x65,
+    0x2a, 0x8b, 0xd7, 0x90, 0xb4, 0x85, 0xcd, 0xc4, 0x2e, 0xfd, 0x31, 0x6c, 0x9c, 0xea, 0xe3, 0x5a,
+    0xac, 0xfd, 0x2a, 0xd2, 0x07, 0x84, 0xed, 0x49, 0x8a, 0x86, 0x83, 0xbc, 0xb8, 0xc3, 0x67, 0xe2,
+    0x43, 0x3b, 0x9f, 0x21, 0xb8, 0xe1, 0x10, 0xa7, 0x52, 0xdc, 0x59, 0x68, 0x12, 0xf5, 0x42, 0x5c,
+    0x8c, 0xd7, 0xa6, 0xa5, 0x1d, 0xe3, 0x50, 0x7e, 0xd9, 0x2a, 0xfe, 0x0b, 0x5a, 0xa7, 0x89, 0xef,
+    0xc7, 0x07, 0x1a, 0xe9, 0x42, 0x6b, 0xfe, 0xa4, 0xef, 0xdd, 0x29, 0x3e, 0x91, 0x4b, 0x11, 0x21,
+    0x26, 0xf4, 0x04, 0x2a, 0xc1, 0x39, 0x2c, 0x66, 0x78, 0x22, 0xf8, 0xfe, 0xc8, 0x1e, 0x54, 0x81,
+    0x29, 0xe4, 0x93, 0x5f, 0x38, 0xaa, 0x64, 0x0d, 0xda, 0xba, 0x92, 0xa9, 0x89, 0xd7, 0xbe, 0x1c,
+    0x1c, 0x6a, 0x95, 0x60, 0x78, 0x6e, 0x5e, 0x58, 0x9e, 0x89, 0x16, 0x28, 0x25, 0xc6, 0xc0, 0x3c,
+    0x4d, 0x0e, 0x34, 0x11, 0x84, 0xd6, 0x3f, 0x8b, 0x1d, 0x79, 0x52, 0x7c, 0xe1, 0x96, 0x22, 0x42,
+    0x9d, 0xe7, 0xdc, 0x3a, 0xd5, 0x95, 0x88, 0xc3, 0xfc, 0x41, 0x40, 0xf2, 0x99, 0x3f, 0x74, 0x8b,
+    0xf2, 0x89, 0x1c, 0xd6, 0x02, 0xaf, 0xc4, 0xf1, 0xab, 0xee, 0xad, 0xbf, 0x3d, 0x5a, 0x6f, 0x01,
+    0x21, 0x0f, 0xb0, 0x32, 0xdf, 0xc3, 0xda, 0x70, 0xbe, 0x91, 0x1c, 0xf4, 0x50, 0xce, 0x64, 0x8e,
+    0x6d, 0x24, 0xb8, 0x66, 0x9e, 0xb1, 0x82, 0xbc, 0x4e, 0xd5, 0x2f, 0xcb, 0x03, 0xf2, 0xcc, 0x4f,
+    0xbc, 0xe8, 0x6c, 0x08, 0x0a, 0x56, 0x52, 0xb3, 0x42, 0xd0, 0x5c, 0x06, 0xc9, 0xf1, 0x10, 0x05,
+    0x9a, 0x1c, 0x68, 0x22, 0xcb, 0x6f, 0x7e, 0xd5, 0x3a, 0xf2, 0xa4, 0xf8, 0x01, 0xef, 0x44, 0x84,
+    0x27, 0xd1, 0x38, 0x6f, 0x04, 0x9d, 0x4b, 0x21, 0x95, 0x1f, 0x99, 0xbd, 0x7a, 0xb4, 0xde, 0x02,
+    0x14, 0x81, 0xb6, 0x0d, 0x9f, 0x07, 0xe0, 0x25, 0xfa, 0xa2, 0x98, 0x75, 0xfc, 0xdf, 0x1a, 0xae,
+    0x5e, 0x74, 0x36, 0x04, 0x05, 0x2b, 0x29, 0xb8, 0x21, 0x68, 0x2e, 0x03, 0x85, 0x99, 0x08, 0xe3,
+    0xe4, 0x42, 0xd2, 0x51, 0xd4, 0x23, 0xea, 0x5a, 0x48, 0x36, 0xf7, 0x4c, 0x66, 0x12, 0xa2, 0x6a,
+    0xd3, 0x86, 0xac, 0xe4, 0xdd, 0x6c, 0x1e, 0x81, 0x15, 0x7f, 0xb1, 0x4b, 0x6d, 0x94, 0x0b, 0x8f,
+    0xe1, 0xf3, 0x1e, 0xc3, 0x83, 0x52, 0xd2, 0xc2, 0x97, 0xff, 0xd1, 0xc0, 0x59, 0x55, 0x45, 0xa0,
+    0x69, 0xb0, 0x48, 0xb1, 0x0c, 0x64, 0xdd, 0x63, 0x7c, 0x21, 0x68, 0x04, 0x8e, 0x1f, 0xa1, 0x06,
+    0x49, 0x9a, 0xc4, 0xc6, 0x16, 0x03, 0x60, 0x54, 0x2f, 0x8d, 0x15, 0xb3, 0x6c, 0x7b, 0x4f, 0x0b,
+    0xab, 0x06, 0x9e, 0xca, 0x19, 0x7e, 0x1b, 0x5f, 0x4c, 0x35, 0x67, 0xb6, 0x20, 0x13, 0x57, 0xed,
+    0xb3, 0xf8, 0xfb, 0x7d, 0xf3, 0xc5, 0x1a, 0xd8, 0xe0, 0x48, 0x36, 0x51, 0x88, 0x38, 0xfa, 0x98,
+    0xa3, 0xed, 0xbd, 0xa7, 0xfe, 0x17, 0xa5, 0x22, 0x28, 0x1e, 0xe9, 0xeb, 0xf9, 0x0a, 0x8d, 0x7f,
+    0x0b, 0x84, 0x67, 0xa2, 0x6b, 0x46, 0x17, 0xb4, 0x90, 0x6c, 0x2d, 0x98, 0xcc, 0x24, 0x87, 0xd4,
+    0x90, 0xbd, 0x33, 0xc5, 0x65, 0x8d, 0x0e, 0x26, 0x47, 0xa3, 0xe8, 0x23, 0x7f, 0x61, 0x49, 0xd3,
+    0xfc, 0xbc, 0xb7, 0xe6, 0x3e, 0x98, 0xeb, 0xdd, 0xe4, 0x4b, 0xa6, 0xab, 0xce, 0x39, 0x0f, 0x1f,
+    0xc2, 0xb6, 0xd6, 0x7b, 0x15, 0x1a, 0xc6, 0x3c, 0x30, 0x14, 0x0f, 0xb2, 0xae, 0x0c, 0xf6, 0xeb,
+    0x80, 0xa8, 0x75, 0x1f, 0x68, 0x5f, 0xb1, 0xdc, 0x8f, 0xf5, 0x37, 0x99, 0x0e, 0x53, 0x3e, 0x34,
+    0xe7, 0x2d, 0x96, 0x9e, 0x58, 0x0c, 0x43, 0x93, 0xbc, 0x71, 0x54, 0x89, 0x73, 0x2f, 0xff, 0x2c,
+    0x63, 0x11, 0x13, 0x56, 0xa2, 0x86, 0xad, 0x90, 0x01, 0x70, 0x24, 0xdf, 0xf0, 0x91, 0xac, 0x51,
+    0x30, 0x3f, 0xca, 0xad, 0x17, 0xb5, 0x02, 0xcd, 0x9b, 0xfa, 0xa2, 0x0d, 0x93, 0x56, 0x99, 0xea,
+    0x22, 0x60, 0xf4, 0xfd, 0x53, 0xec, 0x73, 0xb9, 0x4a, 0xd6, 0xbf, 0x31, 0x45, 0xf3, 0x39, 0xc8,
+    0xf6, 0x1d, 0xec, 0x01, 0x90, 0x7a, 0x9b, 0x2e, 0x99, 0x1a, 0xea, 0x70, 0xb0, 0xb7, 0x02, 0x48,
+    0xa8, 0x69, 0xda, 0x05, 0x95, 0x51, 0xb2, 0x96, 0xb8, 0x72, 0xc4, 0x73, 0x35, 0x2e, 0x0a, 0xab,
+    0x57, 0xba, 0x29, 0x2c, 0x27, 0xe6, 0xf0, 0x82, 0xa8, 0x7e, 0xc1, 0x1d, 0xee, 0x2a, 0x58, 0xf2,
+    0x8e, 0x9d, 0xde, 0x2f, 0x54, 0x68, 0x9e, 0xf0, 0xc0, 0x50, 0x3c, 0x8d, 0xfd, 0x30, 0x5e, 0x2a,
+    0xc3, 0x93, 0xea, 0x3e, 0xd0, 0xbe, 0xa1, 0x7b, 0xdd, 0x29, 0x6e, 0xf1, 0x1c, 0xa6, 0x7c, 0x68,
+    0xc6, 0x22, 0x26, 0xac, 0x87, 0xcf, 0x99, 0xe3, 0x02, 0xe0, 0x48, 0x7d, 0x23, 0xe1, 0x9b, 0xa2,
+    0x50, 0x41, 0x9d, 0x34, 0x39, 0x1c, 0x06, 0x94, 0x6e, 0xcd, 0x25, 0x17, 0x76, 0xfa, 0x68, 0xfd,
+    0x75, 0xda, 0xdd, 0xd1, 0x74, 0x0a, 0x83, 0x3b, 0xe2, 0xa8, 0x7e, 0x2c, 0xab, 0xd9, 0x61, 0x3a,
+    0x4b, 0xd0, 0xbc, 0x4c, 0x5f, 0x88, 0xae, 0xda, 0x36, 0xf7, 0xd7, 0x35, 0xcb, 0xec, 0x98, 0xce,
+    0x6c, 0x01, 0x84, 0x23, 0x5b, 0x15, 0xe5, 0xfb, 0xa3, 0xe8, 0x4e, 0x88, 0xb1, 0x58, 0x46, 0xcc,
+    0xa6, 0x5c, 0x71, 0x35, 0xa9, 0x66, 0x9d, 0xba, 0xf7, 0xd7, 0xcf, 0x67, 0xc6, 0x4d, 0x6a, 0xb5,
+    0xa4, 0x16, 0x09, 0xbf, 0xe0, 0xed, 0x53, 0x34, 0xee, 0xad, 0x0d, 0xe1, 0x61, 0xda, 0xbd, 0x70,
+    0xf5, 0x72, 0xa8, 0xce, 0x1c, 0x55, 0x32, 0xe7, 0x6d, 0x5d, 0x49, 0xb5, 0xa5, 0x8a, 0x5f, 0x0e,
+    0xf8, 0x28, 0x47, 0x31, 0xac, 0x4d, 0xb4, 0x02, 0xd6, 0xbf, 0xe1, 0x64, 0x43, 0xd4, 0x62, 0x56,
+    0x9c, 0xc2, 0xe0, 0x7f, 0x10, 0x31, 0xef, 0x84, 0x11, 0x7c, 0x21, 0xb1, 0x2b, 0x95, 0xfe, 0x08,
+    0xd2, 0xa3, 0x90, 0xa1, 0x18, 0xc8, 0x79, 0xc6, 0xf8, 0x42, 0xd0, 0x08, 0xdf, 0x3e, 0x81, 0x0c,
+    0xcd, 0xa6, 0x41, 0x0e, 0xec, 0x89, 0x8e, 0x57, 0x92, 0x8c, 0x65, 0xe5, 0xef, 0xc5, 0x1c, 0x76,
+    0xdc, 0x96, 0x3b, 0x91, 0x24, 0xff, 0x56, 0xea, 0xb7, 0xe7, 0xdb, 0x1c, 0x2c, 0x5d, 0xe1, 0x12,
+    0x1d, 0x4f, 0xa9, 0x25, 0xbd, 0xca, 0x39, 0x1f, 0x73, 0xb4, 0x77, 0x6b, 0x97, 0x6c, 0x4a, 0xbf,
+    0x83, 0xc7, 0x31, 0xd0, 0xe4, 0x70, 0x18, 0x15, 0x7b, 0xb2, 0x94, 0x5c, 0x1b, 0x6e, 0x63, 0x72,
+    0x2e, 0x1f, 0x27, 0x47, 0x26, 0x50, 0x92, 0x1b, 0x1c, 0x09, 0x76, 0xa3, 0x11, 0x07, 0x8e, 0x13,
+    0xf1, 0xe6, 0x58, 0x19, 0x8e, 0x80, 0x6d, 0x38, 0x5f, 0xa9, 0x0e, 0x7a, 0x28, 0x67, 0x32, 0x47,
+    0xfd, 0x99, 0x8b, 0xa3, 0xfb, 0x3c, 0x8c, 0x9a, 0x09, 0x76, 0xc7, 0xe8, 0x7c, 0x93, 0x85, 0x9c,
+    0x81, 0x8d, 0x49, 0x5a, 0xad, 0xfb, 0xd6, 0x9b, 0x62, 0xc8, 0x56, 0xda, 0xbc, 0xf9, 0xb4, 0xb7,
+    0xb1, 0xb2, 0x83, 0xf7, 0xba, 0x4e, 0xd4, 0x56, 0xf9, 0x32, 0xf4, 0xd7, 0x2f, 0xaf, 0x2d, 0x5d,
+    0x4f, 0x44, 0x4c, 0x9b, 0xcd, 0x5d, 0xf1, 0x05, 0x04, 0x03, 0x90, 0xfa, 0x46, 0x01, 0xf5, 0x87,
+    0x47, 0xaf, 0x6f, 0xf6, 0x2a, 0x34, 0x4f, 0x78, 0x60, 0x28, 0x1e, 0xa7, 0x9f, 0x18, 0x2f, 0x15,
+    0x13, 0x7a, 0x02, 0x15, 0x81, 0xfd, 0x16, 0x33, 0x3c, 0x11, 0x7c, 0x7f, 0x64, 0x0f, 0x2a, 0xa1,
+    0x46, 0x8a, 0x53, 0xb3, 0xef, 0x90, 0x28, 0x3f, 0x8d, 0x15, 0x7f, 0xe4, 0x2d, 0xb2, 0xa5, 0x96,
+    0x5b, 0xc5, 0xfa, 0x96, 0x52, 0x5a, 0x11, 0x20, 0xfe, 0xa1, 0x08, 0x8f, 0xba, 0xde, 0xef, 0x29,
+    0xfb, 0x47, 0x03, 0xfe, 0x20, 0x62, 0x1d, 0xcb, 0x22, 0xf8, 0x42, 0xa1, 0x56, 0xe9, 0x3f, 0x10,
+    0xed, 0x8c, 0xcd, 0x79, 0xf6, 0xee, 0x33, 0x60, 0xc1, 0x20, 0x18, 0x52, 0x0d, 0xa1, 0xf2, 0x7b,
+    0x94, 0x29, 0xc3, 0x12, 0xf7, 0x58, 0x51, 0xf9, 0x75, 0x57, 0xaf, 0xec, 0xf2, 0x8c, 0x24, 0x9a,
+    0x25, 0x9b, 0x40, 0xe5, 0x4d, 0x16, 0x85, 0xaf, 0x8c, 0x65, 0x5b, 0x3b, 0xdd, 0x23, 0x09, 0xc7,
+    0xa5, 0x33, 0x35, 0xfa, 0x25, 0x49, 0x34, 0x73, 0x03, 0x90, 0x6c, 0xa2, 0xd3, 0x70, 0x37, 0xf3,
+    0xdd, 0xb3, 0x07, 0xd4, 0xe1, 0x5b, 0x31, 0xad, 0x5a, 0xda, 0xba, 0x5f, 0x9e, 0xf7, 0x6b, 0x91,
+    0x38, 0xd4, 0xe9, 0xc0, 0xf0, 0xdc, 0xbc, 0xb0, 0xff, 0xd1, 0x2c, 0x50, 0x4a, 0x4f, 0x43, 0x78,
+    0x58, 0xaa, 0xbe, 0x59, 0xde, 0x75, 0xb8, 0xe9, 0x0a, 0xe6, 0xab, 0x4a, 0xaf, 0xe3, 0xb2, 0x6f,
+    0x0f, 0x10, 0x97, 0x75, 0xf9, 0x93, 0x48, 0x6b, 0xa2, 0x98, 0x6a, 0x57, 0x41, 0xc9, 0xea, 0x9d,
+    0xda, 0x48, 0xb3, 0xcc, 0xff, 0xa1, 0xc7, 0xbb, 0x9c, 0x69, 0x5e, 0x55, 0x06, 0x27, 0x5b, 0x9e,
+    0x3d, 0x65, 0x25, 0x52, 0xa7, 0xad, 0x84, 0x28, 0x20, 0x18, 0x0a, 0xdc, 0x75, 0x08, 0xa4, 0xb2,
+    0xe8, 0x3d, 0x01, 0xeb, 0xa1, 0x9f, 0x0b, 0xf8, 0x1e, 0xe9, 0x3e, 0xde, 0x32, 0xe6, 0x15, 0xb1,
+    0xe9, 0x18, 0x3d, 0xae, 0x64, 0x3b, 0x6c, 0xbf, 0xf3, 0xd4, 0x5f, 0x9d, 0x80, 0x4c, 0x9f, 0x32,
+    0x18, 0xfe, 0x65, 0xb7, 0xea, 0xbb, 0x01, 0x87, 0xac, 0x7d, 0x51, 0xe7, 0xa8, 0x2b, 0xad, 0x75,
+    0x95, 0x0c, 0xff, 0x57, 0x32, 0xfc, 0x36, 0xbe, 0x98, 0x6a, 0xce, 0xaf, 0x40, 0x26, 0xae, 0x19,
+    0xee, 0xe3, 0x89, 0xb6, 0x7a, 0xc1, 0x9a, 0xa9, 0x35, 0x67, 0xbb, 0x97, 0x18, 0x9c, 0xaf, 0x3d,
+    0x77, 0x90, 0xa5, 0x5b, 0x3d, 0x81, 0x4d, 0xb5, 0xfb, 0xd2, 0xbc, 0xaa, 0x0c, 0x4e, 0xb6, 0xff,
+    0x72, 0x21, 0x69, 0xc9, 0x6a, 0xf0, 0x75, 0x2d, 0x24, 0x1b, 0x9a, 0x26, 0x33, 0x09, 0x51, 0x35,
+    0x6f, 0x6e, 0xc0, 0xec, 0xd7, 0x3a, 0x4c, 0x32, 0x57, 0xaf, 0xed, 0x4d, 0xa4, 0x65, 0x1b, 0x8a,
+    0x51, 0x64, 0xa1, 0x71, 0xfc, 0xb8, 0x61, 0xd3, 0x83, 0xf0, 0x44, 0x54, 0xc4, 0x50, 0xe2, 0x7e,
+    0x7f, 0x7b, 0x86, 0x36, 0xda, 0xe8, 0xf3, 0xc8, 0x9f, 0xf9, 0x32, 0xf7, 0xd5, 0x57, 0x6c, 0x6d,
+    0xdf, 0xf9, 0x7f, 0x5e, 0xa8, 0xd0, 0xff, 0x23, 0x43, 0xa0, 0x78, 0xd9, 0x39, 0x60, 0xbc, 0x54,
+    0xd7, 0x12, 0x5c, 0x33, 0x4f, 0xb9, 0x41, 0x5e, 0x27, 0x8b, 0xf6, 0x84, 0xe0, 0x79, 0x66, 0xc6,
+    0xd4, 0x7d, 0x18, 0xfc, 0xc3, 0x96, 0xe8, 0x97, 0xd3, 0xcc, 0x55, 0x41, 0xf5, 0x44, 0x3b, 0x80,
+    0x6b, 0xfa, 0x30, 0x3b, 0x45, 0xef, 0x13, 0xed, 0x65, 0x5b, 0xaa, 0x82, 0x29, 0x88, 0x76, 0xc3,
+    0x3a, 0x9e, 0x91, 0x4a, 0xb9, 0x57, 0x72, 0x3e, 0xe6, 0xab, 0xee, 0xd6, 0xed, 0xd8, 0x94, 0xbd,
+    0x20, 0x2a, 0x8c, 0x77, 0x1a, 0x67, 0xbd, 0x37, 0x53, 0xac, 0x7d, 0xb7, 0xe2, 0x64, 0xee, 0x0d,
+    0x0a, 0xa1, 0x5b, 0xe7, 0xae, 0xe2, 0x70, 0xf3, 0x7d, 0x51, 0x4c, 0xdb, 0x7e, 0x8e, 0x0d, 0x57,
+    0x42, 0x1e, 0xa3, 0x64, 0x7d, 0x45, 0x77, 0xe0, 0xbf, 0xe1, 0x38, 0x2b, 0xa0, 0x5f, 0xc8, 0xdf,
+    0xcc, 0x83, 0x7d, 0x4b, 0x29, 0x2d, 0xe9, 0x10, 0x7f, 0xb1, 0x04, 0xa6, 0x5d, 0x6f, 0x96, 0xf5,
+    0x7b, 0xef, 0x76, 0xe1, 0x48, 0x3d, 0xac, 0x17, 0xad, 0x0d, 0x75, 0x38, 0x58, 0xba, 0x01, 0x24,
+    0x8f, 0xb8, 0xe2, 0x6a, 0x91, 0xcc, 0xf9, 0xb7, 0x2d, 0x6d, 0x5d, 0xce, 0x4f, 0x9a, 0xd4, 0xa9,
+    0x3b, 0xbb, 0xad, 0x0f, 0x7c, 0xf3, 0x15, 0x79, 0x0b, 0x96, 0x8f, 0x95, 0x5f, 0x72, 0x1e, 0x3e,
+    0x7d, 0x31, 0xfe, 0xbc, 0x93, 0x63, 0x3d, 0x46, 0x86, 0x83, 0xf0, 0x71, 0x72, 0xc0, 0xbb, 0xa8,
+    0xbf, 0x87, 0x28, 0xc7, 0x86, 0x79, 0xfb, 0x7a, 0xb6, 0x97, 0xff, 0xc3, 0xdc, 0xcc, 0x4d, 0x43,
+    0xd0, 0xe9, 0xe8, 0x2b, 0x51, 0x43, 0xb7, 0x48, 0xe1, 0x38, 0x12, 0x8e, 0x78, 0xa9, 0x56, 0xc9,
+    0xde, 0xdc, 0x43, 0x1b, 0x6d, 0x74, 0x98, 0x64, 0xae, 0x9d, 0x19, 0x9a, 0x8b, 0xca, 0x36, 0xd7,
+    0xca, 0x5d, 0xf5, 0x16, 0xf2, 0x73, 0x78, 0x41, 0x54, 0x3f, 0x81, 0xef, 0x77, 0x15, 0x2c, 0x79,
+    0x2c, 0x55, 0x5f, 0xcd, 0x6f, 0xdb, 0x5c, 0x95, 0x05, 0x73, 0xb4, 0x25, 0xb6, 0x90, 0x59, 0xd6,
+    0x19, 0xdb, 0x59, 0xf2, 0x2f, 0x1f, 0x66, 0xc0, 0x41, 0x40, 0x30, 0xa4, 0x1a, 0x81, 0x27, 0xf6,
+    0x76, 0xb5, 0x99, 0x1e, 0xf8, 0x25, 0x2a, 0xf2, 0x16, 0xef, 0xdd, 0xe9, 0xbe, 0xe4, 0x3c, 0x7c,
+    0x12, 0x5f, 0x3e, 0x50, 0x44, 0x59, 0x71, 0x74, 0xd1, 0x2c, 0x1d, 0x3c, 0xd6, 0xa5, 0xa0, 0x22,
+    0x74, 0xff, 0xe1, 0x94, 0xb1, 0xae, 0xe4, 0x7c, 0x0f, 0x95, 0x1f, 0x6f, 0x19, 0x73, 0xeb, 0xb9,
+    0xd5, 0x58, 0x24, 0xb9, 0x06, 0x32, 0x8f, 0xd0, 0x3e, 0xf1, 0x34, 0x02, 0x47, 0xee, 0xb1, 0x03,
+    0x8b, 0x2c, 0x12, 0xbd, 0x03, 0x19, 0xa6, 0x68, 0x1f, 0x99, 0x1a, 0x01, 0xc2, 0x77, 0xb9, 0xe0,
+    0x07, 0xfb, 0xb4, 0x18, 0x1e, 0xfa, 0xf6, 0x16, 0xc6, 0xb3, 0xe4, 0x0a, 0x98, 0xd0, 0x30, 0x0f,
+    0x59, 0x8f, 0x82, 0x1c, 0x1b, 0xd1, 0xdf, 0xae, 0xe7, 0xdb, 0xca, 0x09, 0x1d, 0x49, 0x38, 0xec,
+    0xb0, 0x97, 0xbf, 0xb2, 0x7f, 0xea, 0xb3, 0x11, 0x14, 0x0f, 0x95, 0x94, 0x9d, 0x05, 0xa7, 0xde,
+    0x1f, 0x05, 0xd1, 0xaf, 0xf4, 0x41, 0xf7, 0x91, 0x6a, 0xce, 0xb5, 0xed, 0x30, 0xfb, 0x9d, 0x7a,
+    0x61, 0x5b, 0x6b, 0xdc, 0xeb, 0x0d, 0x63, 0x1e, 0x18, 0x0a, 0xe6, 0x59, 0x57, 0x06, 0x7b, 0x94,
+    0x1a, 0xb4, 0x1d, 0x3d, 0xa3, 0x30, 0xcf, 0x09, 0xb5, 0x07, 0x93, 0x61, 0x0f, 0xbc, 0x7a, 0xb0,
+    0xc8, 0x17, 0x8d, 0x9c, 0xbb, 0xf8, 0xb6, 0xcf, 0x4d, 0x45, 0x43, 0x69, 0xd0, 0x82, 0xfb, 0xbc,
+    0x97, 0x46, 0x87, 0xdd, 0x7b, 0x77, 0xf8, 0x30, 0x81, 0x10, 0x0c, 0x29, 0xe7, 0xb1, 0x79, 0xdc,
+    0x17, 0xee, 0xf2, 0xc2, 0x13, 0x28, 0x49, 0xec, 0x0e, 0xe5, 0x3b, 0xb0, 0xe9, 0xe2, 0x47, 0xe8,
+    0xa9, 0x4c, 0xe6, 0x40, 0x50, 0xf5, 0xd5, 0xd1, 0x55, 0x4f, 0xa5, 0x30, 0x87, 0x84, 0x80, 0x28,
+    0x91, 0x98, 0x0f, 0x80, 0xa0, 0x29, 0x69, 0x61, 0xaa, 0x9e, 0x89, 0x60, 0xcd, 0xcb, 0xc3, 0x50,
+    0x9f, 0xad, 0xa4, 0xb0, 0x9c, 0x1e, 0x46, 0x4d, 0xe5, 0x3b, 0x82, 0x74, 0x3e, 0xa8, 0xa3, 0x4e,
+    0x1b, 0x91, 0x21, 0x78, 0x66, 0x94, 0xa8, 0x4e, 0x58, 0x3a, 0xf2, 0x22, 0xbd, 0x16, 0xf0, 0x33,
+    0xbb, 0x13, 0xd8, 0x10, 0x14, 0xac, 0xa4, 0xa5, 0x84, 0x63, 0xb8, 0x0c, 0x51, 0x21, 0x20, 0x0a,
+    0xd1, 0xcc, 0xd4, 0x6e, 0x94, 0xe7, 0xd0, 0x0f, 0x0c, 0x05, 0x73, 0xcd, 0xca, 0x03, 0xdc, 0x4a,
+    0x7a, 0xca, 0x4a, 0xa4, 0x8d, 0x99, 0xcb, 0x50, 0x40, 0x30, 0x14, 0x7b, 0xea, 0x10, 0x8b, 0xa7,
+    0xb4, 0x03, 0x4f, 0x65, 0xed, 0x3f, 0xec, 0xce, 0x26, 0xfb, 0xd2, 0x5b, 0x10, 0xe8, 0xca, 0x97,
+    0x5f, 0x51, 0x0a, 0x41, 0xc0, 0x8f, 0x4e, 0xff, 0xcc, 0x55, 0x4f, 0x40, 0x37, 0x33, 0x82, 0x60,
+    0x71, 0x4e, 0x2d, 0x06, 0xe6, 0xdf, 0xdc, 0xe4, 0xd0, 0x5c, 0x39, 0xe3, 0x26, 0x34, 0x0c, 0x73,
+    0x0e, 0x35, 0xab, 0x30, 0x3c, 0x37, 0x2f, 0x2c, 0x4f, 0xa5, 0x0b, 0x14, 0xf3, 0x63, 0x60, 0x1e,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x78, 0x80, 0x32, 0x2e, 0xc4, 0x12, 0x05, 0xde, 0x59, 0x4a, 0xd6, 0xfd, 0x4d, 0x87, 0x5c, 0x62,
+    0x24, 0xbe, 0x7c, 0xa0, 0x88, 0xb2, 0xe2, 0xe8, 0x61, 0x58, 0x3a, 0x78, 0x6f, 0x89, 0x83, 0x44,
+    0x40, 0x54, 0xdb, 0xee, 0x34, 0xce, 0xb9, 0x6e, 0xa6, 0x9b, 0xfa, 0xad, 0x07, 0xc8, 0x1f, 0x1a,
+    0x86, 0x76, 0xfd, 0x42, 0xb3, 0x01, 0x20, 0x8d, 0xa4, 0x7b, 0xb2, 0xd0, 0x24, 0x29, 0x84, 0xb8,
+    0x52, 0x0b, 0xe5, 0xbe, 0x70, 0x97, 0xc8, 0x1a, 0x77, 0xb7, 0xe7, 0x91, 0xd1, 0x6d, 0xbf, 0x38,
+    0xf3, 0xac, 0x20, 0x93, 0xc7, 0x0b, 0xa3, 0xb6, 0x46, 0xd3, 0xcc, 0xfc, 0x8f, 0xf0, 0xe5, 0x82,
+    0x11, 0x30, 0x7a, 0x9f, 0xc8, 0x76, 0xd8, 0xbd, 0x25, 0x6b, 0xbe, 0xf9, 0xc3, 0x98, 0xfd, 0x64,
+    0x28, 0xc1, 0xaf, 0x1a, 0xfd, 0x0e, 0x03, 0x4a, 0x37, 0x87, 0xf3, 0xea, 0x3b, 0x7d, 0x34, 0x9f,
+    0x5c, 0x3e, 0x4e, 0x8e, 0x4c, 0xa0, 0xe7, 0x36, 0x38, 0x12, 0xec, 0x85, 0x22, 0x0e, 0xdf, 0x26,
+    0x98, 0x56, 0x10, 0xa8, 0x82, 0xe4, 0xb0, 0x5b, 0x23, 0x88, 0x66, 0x7e, 0xa6, 0x78, 0x93, 0x41,
+    0xc1, 0xd9, 0x92, 0xb4, 0x99, 0x35, 0x6f, 0xf5, 0xc4, 0x53, 0xac, 0x77, 0xbb, 0x31, 0xab, 0xad,
+    0xd6, 0x37, 0x60, 0x76, 0x8a, 0x1d, 0x26, 0x19, 0xca, 0xb6, 0x97, 0xc7, 0x52, 0xd3, 0xec, 0x45,
+    0x03, 0x6f, 0x44, 0xcf, 0x8c, 0x2f, 0xa9, 0xc9, 0xf4, 0x47, 0xa3, 0xc5, 0x15, 0x3d, 0x5d, 0x46,
+    0x08, 0xeb, 0x23, 0x6d, 0xe7, 0x69, 0xbe, 0x7d, 0x64, 0x2b, 0x8e, 0x5d, 0xd9, 0x19, 0xda, 0x92,
+    0xae, 0xb7, 0x52, 0x58, 0x4e, 0x0f, 0x23, 0xc7, 0x93, 0xfc, 0x41, 0x3a, 0x1f, 0x54, 0xb0, 0x27,
+    0x64, 0xea, 0xa7, 0x4e, 0xbc, 0x7c, 0x5b, 0x86, 0xc7, 0xc3, 0xc0, 0xd5, 0x68, 0x41, 0x9c, 0x5e,
+    0x2d, 0x70, 0x63, 0x88, 0xaa, 0x7f, 0x3b, 0xd2, 0xe8, 0x4e, 0xd5, 0x66, 0x04, 0x3a, 0xd3, 0x55,
+    0x32, 0x75, 0xb2, 0x27, 0x5e, 0x3e, 0xcc, 0x43, 0x82, 0x80, 0x60, 0x8b, 0x34, 0xc1, 0x4e, 0x2f,
+    0x06, 0xde, 0x88, 0x5d, 0xdb, 0x5e, 0x91, 0x51, 0x2b, 0x8e, 0x85, 0x49, 0x2a, 0x7a, 0xba, 0x8c,
+    0x34, 0xab, 0x3a, 0x7a, 0x85, 0x60, 0x5d, 0x12, 0xa9, 0x0e, 0xe5, 0xc2, 0x1e, 0xbb, 0xf4, 0xa3,
+    0x5d, 0x1b, 0x72, 0xcb, 0x89, 0x04, 0x80, 0x71, 0xd5, 0x2f, 0x8d, 0xc6, 0x90, 0xa4, 0x55, 0xa5,
+    0x84, 0x3c, 0x85, 0xc8, 0xfa, 0x8a, 0xee, 0x03, 0xbd, 0x01, 0x70, 0x56, 0x83, 0xbe, 0x53, 0x7d,
+    0x31, 0x1a, 0xf6, 0xe8, 0xd2, 0x11, 0x65, 0x8a, 0x76, 0xc7, 0xc3, 0x4e, 0x21, 0xfc, 0x13, 0x69,
+    0xf9, 0x0d, 0x7b, 0x74, 0x69, 0xe9, 0xd3, 0x45, 0x3b, 0x82, 0x80, 0x27, 0xf1, 0x7e, 0xe8, 0xd5,
+    0x93, 0xd2, 0x77, 0x0a, 0xe9, 0xa2, 0xa7, 0xef, 0xb3, 0xe4, 0x4b, 0xe6, 0x6a, 0x5c, 0x14, 0x95,
+    0x87, 0x53, 0xc1, 0x07, 0x76, 0xa5, 0x47, 0xca, 0x49, 0x46, 0xd3, 0x93, 0x96, 0x83, 0x0e, 0x3b,
+    0x9b, 0x39, 0x54, 0x67, 0x0e, 0xcb, 0x19, 0x92, 0xd7, 0xcf, 0xc5, 0xbb, 0xb3, 0x45, 0xce, 0x07,
+    0x0d, 0x5a, 0xef, 0xff, 0xb0, 0x18, 0x86, 0xe5, 0xbb, 0xe2, 0xa8, 0xd1, 0xe6, 0x5e, 0x3d, 0x58,
+    0xcf, 0xec, 0x39, 0x84, 0xa5, 0x02, 0x40, 0xd9, 0x8b, 0xf6, 0xa7, 0x63, 0x48, 0x52, 0xcb, 0xb3,
+    0x6a, 0xdf, 0x0c, 0x7e, 0x80, 0x4b, 0x74, 0xaa, 0x88, 0x66, 0xcb, 0xc1, 0x9b, 0x22, 0xfc, 0x40,
+    0xbd, 0xcd, 0x50, 0x4d, 0xcf, 0xf2, 0x35, 0xf4, 0xaf, 0xed, 0x3d, 0x45, 0x7b, 0x5b, 0x9a, 0x86,
+    0x33, 0x50, 0x8e, 0x62, 0x9b, 0x9a, 0xab, 0x04, 0x6f, 0xbd, 0x01, 0xc8, 0x86, 0x6b, 0xc4, 0xac,
+    0xdb, 0x6d, 0x8f, 0x89, 0x3a, 0x05, 0xa0, 0xfc, 0x71, 0x54, 0x3f, 0x16, 0xb4, 0x8d, 0xd1, 0x1d,
+    0xeb, 0x52, 0x45, 0x24, 0x2d, 0xb0, 0xa2, 0x31, 0xea, 0xae, 0x9d, 0x1b, 0x27, 0xdb, 0x48, 0xf7,
+    0xce, 0xc9, 0x05, 0xc1, 0x60, 0xa6, 0x27, 0x9e, 0x66, 0xcb, 0xc6, 0x20, 0xfa, 0xf8, 0x41, 0x30,
+    0x55, 0xf0, 0x51, 0xa6, 0x6e, 0x6d, 0x3e, 0x0c, 0xb1, 0x04, 0x03, 0x9b, 0x49, 0xbd, 0x8f, 0x37,
+    0x16, 0xcb, 0xce, 0x87, 0xd6, 0x8c, 0x2e, 0xab, 0xe3, 0xd8, 0x5a, 0xf3, 0x5b, 0x48, 0xcd, 0x6b,
+    0xc5, 0x4d, 0x62, 0x63, 0x0b, 0xe0, 0x30, 0x2a, 0xf6, 0xa7, 0xeb, 0xb8, 0x36, 0xdc, 0xc6, 0xe4,
+    0x48, 0xbf, 0xf8, 0x83, 0xd3, 0xa7, 0x07, 0x13, 0xc2, 0xb0, 0x74, 0xf0, 0xde, 0xd1, 0xc5, 0x88,
+    0x2b, 0xae, 0xeb, 0xd5, 0x71, 0x21, 0xaa, 0x83, 0xc3, 0xc0, 0x50, 0x2f, 0x2e, 0x40, 0x69, 0xd9,
+    0x10, 0x15, 0x46, 0xda, 0x0d, 0xd2, 0xbf, 0xfa, 0xc8, 0x56, 0xdf, 0xba, 0x71, 0x32, 0x77, 0xe7,
+    0xba, 0x36, 0xe4, 0x55, 0xd1, 0x08, 0xc3, 0xe2, 0x69, 0x5e, 0xd9, 0x4f, 0xe3, 0x8b, 0xaa, 0x89,
+    0x79, 0xa5, 0x0e, 0x6b, 0x01, 0xb6, 0x62, 0x99, 0xb4, 0x77, 0xb7, 0xbe, 0xff, 0x2d, 0xd6, 0xe1,
+    0xb2, 0xdd, 0xc7, 0x38, 0x36, 0x61, 0x7d, 0x9f, 0x0d, 0x75, 0x57, 0x12, 0x3a, 0x92, 0x70, 0x1b,
+    0x01, 0x25, 0x3c, 0x45, 0xc5, 0xa4, 0x67, 0x47, 0xed, 0x3d, 0x61, 0x43, 0xb2, 0xaa, 0x8a, 0x83,
+    0x04, 0x94, 0xf0, 0xd7, 0x92, 0xd5, 0x5f, 0xdf, 0x32, 0xf4, 0x47, 0xcf, 0x8d, 0xed, 0x6d, 0x49,
+    0xb8, 0x7c, 0x9c, 0xdf, 0x98, 0x83, 0x0d, 0x6c, 0x70, 0x24, 0x1b, 0xc9, 0x44, 0x1c, 0x7d, 0x4c,
+    0xc9, 0x32, 0xb1, 0xd9, 0x7e, 0x5c, 0xd1, 0x88, 0xa0, 0x78, 0x22, 0x2a, 0x62, 0x28, 0x71, 0x3f,
+    0xec, 0xa9, 0xf1, 0x3c, 0x33, 0x4a, 0x54, 0x27, 0x2c, 0x1d, 0x79, 0x11, 0xbf, 0x0b, 0x78, 0xf8,
+    0x85, 0x19, 0xb9, 0x8d, 0x3f, 0x2e, 0x89, 0x44, 0x50, 0x3c, 0x11, 0x15, 0x31, 0x14, 0xd9, 0xfe,
+    0xf4, 0x57, 0x94, 0x8b, 0xd9, 0xf1, 0x55, 0xa0, 0x80, 0x60, 0x28, 0xf6, 0x17, 0x20, 0xd5, 0x8d,
+    0x44, 0xc0, 0x2b, 0x39, 0xa6, 0x1b, 0xe6, 0xb1, 0x94, 0x6f, 0xbd, 0x62, 0x8a, 0x25, 0x72, 0x53,
+    0x5a, 0xe0, 0xc6, 0xd3, 0x97, 0xfe, 0x76, 0x67, 0x13, 0x9c, 0x69, 0xcc, 0x08, 0x74, 0x65, 0xaa,
+    0x2f, 0x3a, 0x1b, 0x02, 0xe3, 0xf4, 0xf5, 0x5c, 0xf1, 0x34, 0x17, 0xe0, 0xa3, 0xad, 0x04, 0x90,
+    0x05, 0xb1, 0xcc, 0x92, 0x57, 0x71, 0x38, 0x98, 0xdf, 0xc9, 0x26, 0x8c, 0x3f, 0x47, 0xe7, 0xca,
+    0xd9, 0x27, 0xf7, 0x03, 0x73, 0x8e, 0x6e, 0x72, 0x68, 0x2e, 0xfd, 0x90, 0x13, 0x1a, 0x06, 0xd8,
+    0x68, 0x95, 0x74, 0xf4, 0xc9, 0xc0, 0xba, 0x24, 0x91, 0x1c, 0x09, 0x47, 0x3c, 0xb5, 0x2b, 0x85,
+    0xad, 0xd8, 0x16, 0x97, 0xc2, 0x20, 0x8a, 0x0e, 0x67, 0xbb, 0xe2, 0xff, 0x0a, 0x69, 0xed, 0x61,
+    0x35, 0x8e, 0x06, 0x3f, 0x40, 0xc4, 0x3a, 0x55, 0x44, 0x33, 0x84, 0x81, 0xac, 0x11, 0x7e, 0x20,
+    0x56, 0x9f, 0x15, 0x69, 0xe2, 0x42, 0x97, 0xc5, 0x45, 0x43, 0xa0, 0x5e, 0x5c, 0x80, 0xd2, 0x71,
+    0xc4, 0x68, 0x5e, 0x26, 0xce, 0x44, 0x57, 0x6d, 0x1b, 0x9a, 0x8a, 0xfb, 0x84, 0x76, 0x4c, 0x67,
+    0xaf, 0x92, 0x6e, 0x1d, 0x8b, 0xab, 0x44, 0x80, 0x7e, 0xc1, 0x20, 0x79, 0xad, 0xfe, 0x3a, 0xa4,
+    0x15, 0xa4, 0x8a, 0x48, 0x5a, 0xa3, 0x87, 0x62, 0x17, 0x9f, 0xf9, 0x36, 0x4e, 0x75, 0x90, 0x2d,
+    0x7c, 0x14, 0xc2, 0xf9, 0x56, 0xc7, 0x5a, 0x01, 0x6b, 0xbe, 0x91, 0x32, 0xc0, 0x6a, 0x31, 0x2b,
+    0x6e, 0x4b, 0xfc, 0xa9, 0x12, 0x9e, 0x2b, 0x75, 0xba, 0x92, 0x8c, 0x0e, 0x16, 0xcf, 0x91, 0x09,
+    0xd8, 0x02, 0xcb, 0x46, 0xb6, 0x2a, 0x09, 0x35, 0x85, 0x13, 0x9c, 0xd3, 0xa1, 0xb0, 0x8c, 0x5b,
+    0xf7, 0x38, 0xd0, 0x44, 0x55, 0xde, 0xfc, 0x69, 0x74, 0x27, 0x8b, 0x33, 0x02, 0x1d, 0x88, 0xcb,
+    0x66, 0xa0, 0xdf, 0xc4, 0xf5, 0xf7, 0x95, 0x08, 0xde, 0xb9, 0x02, 0x53, 0xcf, 0xd6, 0x4b, 0x9b,
+    0x89, 0x66, 0x6a, 0x37, 0x4a, 0x92, 0x68, 0xe6, 0x06, 0xe3, 0xd8, 0x87, 0x65, 0xe0, 0x6e, 0x25,
+    0x45, 0xe5, 0x17, 0x7c, 0x63, 0xbf, 0x81, 0xf6, 0x79, 0x52, 0xdc, 0x21, 0x38, 0x8f, 0xf8, 0xd0,
+    0xef, 0xc6, 0xb5, 0xf3, 0xbf, 0x65, 0xfd, 0xee, 0xd8, 0x5a, 0xda, 0xd4, 0xaa, 0x36, 0x25, 0xbe,
+    0x37, 0xc4, 0x7e, 0xb5, 0x09, 0x4f, 0xf4, 0xdb, 0x5d, 0x49, 0x46, 0x07, 0x0b, 0x86, 0xa9, 0xe5,
+    0x8d, 0xf2, 0x9a, 0xe0, 0xd8, 0x47, 0x37, 0x39, 0x34, 0x17, 0x9f, 0x48, 0xe8, 0x0d, 0x03, 0x6c,
+    0xb6, 0x49, 0x37, 0xef, 0xa4, 0xb4, 0x22, 0x40, 0x3f, 0x81, 0x10, 0xdd, 0xb7, 0x7f, 0x1d, 0x52,
+    0xff, 0xd3, 0xf3, 0x29, 0xb2, 0xb7, 0x42, 0x14, 0x10, 0x0c, 0x05, 0x6e, 0xdb, 0x04, 0x52, 0x59,
+    0x88, 0x43, 0x56, 0x72, 0x8f, 0x36, 0x0f, 0xa1, 0xeb, 0xde, 0xb9, 0xc4, 0xd7, 0x4a, 0xe4, 0xa6,
+    0xea, 0x77, 0x79, 0x61, 0xe8, 0x14, 0xc5, 0x76, 0x07, 0x93, 0xfc, 0x58, 0x95, 0x71, 0xc2, 0x74,
+    0x62, 0x34, 0x2f, 0x13, 0x67, 0x22, 0xca, 0xd7, 0xec, 0x4d, 0x45, 0x9c, 0x42, 0x3b, 0x26, 0xd2,
+    0xe2, 0x9c, 0x5a, 0x0c, 0x0f, 0x7d, 0x7b, 0x0b, 0x63, 0xb8, 0x72, 0x05, 0x4c, 0x68, 0x18, 0xe6,
+    0x3e, 0x0a, 0x61, 0x9d, 0x2b, 0x82, 0x2d, 0xe1, 0xd4, 0x5f, 0xa9, 0x19, 0x60, 0x35, 0xf9, 0xf4,
+    0x54, 0xd5, 0x6d, 0xe3, 0xab, 0xc9, 0x59, 0x4b, 0x5c, 0x39, 0x62, 0xd8, 0xfb, 0x17, 0x05, 0xb4,
+    0xbe, 0xa2, 0x14, 0x82, 0x43, 0xdd, 0x9c, 0x3d, 0x5b, 0xaa, 0x9e, 0x80, 0x6e, 0x66, 0xc7, 0xc0,
+    0xb7, 0x6c, 0x0b, 0xaa, 0x61, 0x10, 0x45, 0x07, 0xd2, 0xbc, 0x71, 0x9e, 0x05, 0xd5, 0x97, 0xd1,
+    0x36, 0xe1, 0x42, 0xf0, 0xcc, 0xeb, 0x93, 0x9c, 0xb0, 0x74, 0x27, 0x44, 0xb9, 0x2c, 0x23, 0x66,
+    0xe6, 0x08, 0xaa, 0xdb, 0x9d, 0xa8, 0x24, 0xd4, 0x51, 0x4c, 0x35, 0xca, 0xc1, 0x85, 0x75, 0xaf,
+    0x99, 0x73, 0x2c, 0xed, 0x47, 0x40, 0xd7, 0x1c, 0xce, 0xb5, 0x07, 0x3d, 0x14, 0xd2, 0x19, 0xc2,
+    0xa0, 0x82, 0xf9, 0x68, 0x72, 0x38, 0x0c, 0xeb, 0xdc, 0x59, 0x4a, 0x2e, 0xec, 0x37, 0xd0, 0x39,
+    0x23, 0x45, 0xc8, 0xb8, 0x96, 0x48, 0x14, 0xfe, 0xa7, 0xeb, 0xde, 0x72, 0xf7, 0x59, 0xb3, 0x4b,
+    0x8a, 0x09, 0x2e, 0xf8, 0xc6, 0xbd, 0xc1, 0x2f, 0xf2, 0xa4, 0x7b, 0x42, 0x70, 0xdd, 0x33, 0x63,
+    0x73, 0x04, 0x55, 0x8c, 0xaf, 0x54, 0x12, 0x6a, 0xc9, 0x26, 0xfb, 0x65, 0x81, 0xa3, 0xdb, 0xb6,
+  },
+  { /* 7 */
+    0x5e, 0x59, 0x1d, 0x8d, 0x98, 0xfb, 0x33, 0x54, 0x7c, 0xd4, 0xa4, 0x1b, 0xb3, 0x82, 0x0e, 0xb2,
+    0x90, 0x76, 0xbe, 0x36, 0xc1, 0x08, 0x56, 0x5a, 0xf4, 0x40, 0x38, 0xf8, 0x4c, 0x99, 0x0f, 0xec,
+    0xb8, 0xae, 0x1f, 0x39, 0x5b, 0xcb, 0x04, 0x4b, 0x01, 0x97, 0x34, 0x4e, 0xd8, 0x52, 0x2c, 0x9f,
+    0x18, 0x48, 0xde, 0x05, 0x76, 0x41, 0x8f, 0x0f, 0x53, 0x4d, 0x04, 0xd3, 0xcd, 0xf8, 0xa0, 0x90,
+    0x76, 0x81, 0xbc, 0x82, 0x02, 0x38, 0x61, 0x45, 0x89, 0x03, 0xa8, 0xad, 0x27, 0x49, 0x2d, 0xc1,
+    0xc4, 0x19, 0x1a, 0xc8, 0x9e, 0xb3, 0x90, 0x9b, 0x24, 0xd1, 0x9f, 0x2f, 0xda, 0x59, 0x79, 0x32,
+    0x0d, 0x23, 0xf7, 0xdb, 0x11, 0x1f, 0x5f, 0xae, 0x67, 0xf8, 0x5d, 0x96, 0x09, 0xc8, 0x5c, 0x46,
+    0x84, 0x1a, 0x0f, 0xd0, 0x8c, 0x88, 0x7f, 0xb3, 0x6f, 0xca, 0x3e, 0xa3, 0x06, 0x1d, 0xff, 0x34,
+    0xc2, 0x0b, 0xcc, 0x58, 0x62, 0x32, 0xc3, 0xe8, 0x40, 0x53, 0x9e, 0x6b, 0x78, 0x67, 0x51, 0x16,
+    0x34, 0x8c, 0x5a, 0xea, 0x44, 0x7c, 0xbf, 0xfd, 0x5f, 0x66, 0xb7, 0x1d, 0x24, 0xa6, 0xb3, 0xdb,
+    0x31, 0x97, 0xe7, 0x32, 0xc6, 0x5c, 0x24, 0x56, 0x09, 0xa5, 0x57, 0x7b, 0xd7, 0x87, 0x8f, 0xed,
+    0x24, 0xfc, 0xce, 0xec, 0xa1, 0x02, 0xf4, 0xf7, 0x3d, 0x10, 0x0e, 0x3e, 0x13, 0xb7, 0x73, 0x3b,
+    0xc3, 0x0c, 0x54, 0x60, 0x48, 0xec, 0x3a, 0xa0, 0xef, 0x6c, 0xc1, 0x75, 0xf6, 0xd3, 0x5d, 0x18,
+    0xc7, 0x10, 0x71, 0x80, 0xe0, 0x12, 0x58, 0x43, 0x16, 0x90, 0x7e, 0x0d, 0x8b, 0x46, 0x6d, 0x20,
+    0x4a, 0x35, 0xac, 0x6b, 0xd5, 0x7b, 0x1a, 0xbd, 0xe7, 0x5e, 0xa2, 0x40, 0xf9, 0x06, 0xfe, 0x6a,
+    0x07, 0x15, 0x4e, 0xa8, 0xd6, 0x5f, 0xaa, 0x3b, 0xcb, 0xbd, 0x5e, 0x5a, 0x2c, 0x8a, 0x24, 0x2a,
+    0x0c, 0x24, 0x6f, 0xe3, 0x3b, 0xc1, 0xa6, 0xe6, 0xc8, 0xc7, 0x02, 0x88, 0x87, 0x7c, 0x50, 0x48,
+    0x48, 0x3b, 0x5f, 0x1b, 0x81, 0x04, 0x2b, 0x2d, 0x7a, 0x20, 0x1c, 0x7c, 0x26, 0xad, 0xe6, 0x76,
+    0x80, 0x06, 0x2a, 0x30, 0x24, 0x76, 0x1d, 0x50, 0x96, 0x36, 0x81, 0xdb, 0x7b, 0x88, 0xcf, 0x0c,
+    0xd7, 0x60, 0xe5, 0x86, 0x05, 0x6c, 0x13, 0x49, 0x74, 0xe6, 0xc7, 0x2e, 0xbc, 0x57, 0xad, 0xc0,
+    0x69, 0xdc, 0x2c, 0x2f, 0xa2, 0x26, 0x44, 0x71, 0x11, 0xf3, 0xf2, 0x24, 0xc6, 0x3b, 0xa9, 0x7b,
+    0xee, 0xcf, 0x48, 0xb7, 0x50, 0x0f, 0xf3, 0x1a, 0x4c, 0x78, 0x2d, 0xa5, 0x91, 0x39, 0x42, 0x5d,
+    0xd8, 0x4d, 0xe1, 0x2d, 0x40, 0x0c, 0x7d, 0x77, 0x8e, 0x60, 0x24, 0x84, 0x6a, 0x34, 0xe9, 0x9a,
+    0x1b, 0x41, 0xb5, 0x4d, 0x08, 0xe0, 0x47, 0xd7, 0x61, 0x0c, 0xe5, 0xf1, 0x9c, 0xe7, 0xb4, 0x82,
+    0x77, 0x86, 0x24, 0xba, 0x28, 0xe6, 0x98, 0x0d, 0x26, 0x3c, 0xf7, 0xb3, 0xa9, 0xfd, 0x21, 0xcf,
+    0x91, 0x71, 0x26, 0x0e, 0xeb, 0xd6, 0xaf, 0x12, 0x5b, 0x7f, 0x67, 0xe6, 0xc2, 0x2d, 0x03, 0xe2,
+    0x73, 0x9a, 0x01, 0x5a, 0x80, 0x18, 0xfa, 0xee, 0xdf, 0xc0, 0x48, 0xcb, 0xd4, 0x68, 0x11, 0xf7,
+    0xe8, 0xdd, 0x9e, 0x27, 0xac, 0x8e, 0xa0, 0x69, 0x28, 0xfa, 0x2c, 0xe1, 0x33, 0x07, 0x6a, 0x79,
+    0xa1, 0xe1, 0x59, 0x04, 0x07, 0x54, 0x72, 0x0c, 0xfd, 0xe5, 0x6f, 0x83, 0x9b, 0x1e, 0x80, 0x01,
+    0x53, 0x7a, 0xea, 0x56, 0x89, 0xe4, 0x6c, 0xfa, 0x1b, 0x2c, 0xf9, 0x8d, 0xba, 0x4a, 0x52, 0xf4,
+    0xc9, 0x3a, 0xed, 0x13, 0x8f, 0xac, 0xcf, 0x35, 0x43, 0x29, 0xc2, 0xb9, 0xd3, 0x91, 0x25, 0x74,
+    0x8d, 0x25, 0xdd, 0xeb, 0x35, 0x69, 0x42, 0xfe, 0xf1, 0xce, 0xdc, 0x4d, 0x72, 0x40, 0x93, 0x4a,
+    0xe7, 0xf0, 0x9a, 0x8c, 0xe9, 0xee, 0xce, 0x57, 0xd2, 0x7c, 0xcf, 0x4b, 0xe5, 0x64, 0x2e, 0x23,
+    0x7f, 0xbe, 0x6e, 0xb9, 0xbb, 0xd9, 0x5c, 0x08, 0x17, 0x07, 0x4a, 0x43, 0x53, 0x14, 0x41, 0xbf,
+    0x86, 0x14, 0xfc, 0xa0, 0xd8, 0xf7, 0x4e, 0x23, 0xf2, 0xb4, 0x80, 0x9f, 0xd9, 0xb6, 0xe7, 0x28,
+    0x70, 0x93, 0x6a, 0x12, 0xfe, 0xb9, 0x32, 0x36, 0xed, 0x81, 0xa9, 0xe9, 0x85, 0x77, 0x05, 0xe5,
+    0x4e, 0x29, 0x89, 0x8b, 0x7d, 0x85, 0x78, 0x5e, 0x1e, 0xa2, 0x1d, 0x38, 0x84, 0x93, 0xce, 0x52,
+    0x1f, 0x5d, 0x90, 0xad, 0xa0, 0x1e, 0x25, 0x34, 0x98, 0xf0, 0x5a, 0x89, 0xe1, 0x72, 0x84, 0xba,
+    0x63, 0xea, 0x95, 0x5c, 0x65, 0x66, 0xb1, 0xe4, 0xbd, 0xb6, 0xf1, 0xe8, 0xe3, 0x79, 0xd1, 0x17,
+    0xe6, 0xf7, 0x02, 0xb4, 0xc3, 0x30, 0x37, 0x1f, 0x7d, 0x43, 0x90, 0x55, 0x6b, 0xd0, 0x22, 0x2d,
+    0xa7, 0xf3, 0x8f, 0x94, 0xfb, 0xd5, 0x21, 0x7f, 0x99, 0x67, 0x6e, 0xc7, 0x39, 0x20, 0xa8, 0x25,
+    0x35, 0x8b, 0xc2, 0xd2, 0x6e, 0xa2, 0x46, 0xb5, 0xf0, 0x59, 0xe8, 0x03, 0xaa, 0x12, 0xbf, 0xd5,
+    0x20, 0xe0, 0xeb, 0x0c, 0x09, 0xfc, 0x96, 0x14, 0xc4, 0xec, 0xb1, 0x46, 0x6e, 0x22, 0x43, 0x03,
+    0x0f, 0x2d, 0x04, 0xab, 0x45, 0x60, 0x6e, 0x3e, 0xfa, 0x86, 0xe3, 0xaa, 0xd6, 0x63, 0x44, 0x5a,
+    0x16, 0x62, 0x42, 0x96, 0x19, 0xff, 0x18, 0x79, 0x06, 0xf4, 0xb8, 0x67, 0x95, 0x2f, 0xe8, 0xc4,
+    0xf3, 0x9c, 0x2b, 0x6a, 0xa4, 0x6e, 0xe7, 0xbe, 0x49, 0xf6, 0xc9, 0x10, 0xaf, 0xe0, 0xde, 0xfb,
+    0xaf, 0xcb, 0xc5, 0x97, 0x68, 0xea, 0xe5, 0x7a, 0xa8, 0x5c, 0xd3, 0x37, 0xc3, 0xc9, 0xc8, 0x55,
+    0x22, 0xee, 0x18, 0x7c, 0x5d, 0x83, 0xa7, 0x84, 0x59, 0x92, 0x0f, 0x7a, 0xb1, 0x89, 0x5b, 0x1f,
+    0xb9, 0xa9, 0x87, 0x01, 0x71, 0x15, 0xfd, 0x03, 0xae, 0xa8, 0x6b, 0x50, 0x56, 0xe6, 0x20, 0x91,
+    0x1e, 0x5a, 0x08, 0x95, 0x8a, 0xc0, 0xdc, 0x7c, 0x37, 0xcf, 0x05, 0x97, 0x6f, 0xc6, 0x88, 0xb4,
+    0x25, 0xfb, 0x56, 0xd4, 0x8b, 0xdc, 0x0d, 0xbf, 0x92, 0x2f, 0x51, 0x20, 0x9d, 0x03, 0x7f, 0x35,
+    0xba, 0xa0, 0xec, 0x49, 0x0f, 0xb4, 0x35, 0xdb, 0x9c, 0xe9, 0x8a, 0x72, 0x07, 0xf9, 0x34, 0x83,
+    0xbd, 0xb5, 0xa2, 0xe1, 0xd9, 0xeb, 0x9f, 0xe0, 0x57, 0x54, 0xd4, 0x28, 0x2b, 0x73, 0x10, 0xa9,
+    0x8e, 0x2c, 0xb6, 0xa3, 0x4b, 0xc8, 0x8a, 0x26, 0xc3, 0x8f, 0x3d, 0x6f, 0x23, 0x5f, 0x87, 0x58,
+    0x5c, 0x57, 0xee, 0xfd, 0xcc, 0x84, 0x02, 0xc4, 0xe1, 0xaa, 0x1a, 0x27, 0x6c, 0x29, 0x16, 0xae,
+    0x41, 0x04, 0x8d, 0x20, 0x38, 0xe5, 0x16, 0x60, 0xe4, 0x24, 0xfe, 0x92, 0x52, 0xf0, 0x8a, 0x08,
+    0x6f, 0xce, 0xfa, 0xbf, 0x5e, 0xa7, 0x17, 0x02, 0x75, 0x71, 0xf3, 0x60, 0x64, 0x05, 0x81, 0x5f,
+    0x42, 0x0d, 0xe6, 0x68, 0x46, 0x44, 0xde, 0xb8, 0xd6, 0x65, 0x1f, 0xb0, 0x03, 0xef, 0x9e, 0x1a,
+    0x46, 0x11, 0xc3, 0x88, 0xee, 0xba, 0xbc, 0x5b, 0x2f, 0x99, 0xa0, 0xc8, 0x7e, 0x7a, 0xae, 0x22,
+    0x2b, 0xd1, 0xca, 0x47, 0xe4, 0x62, 0x9a, 0xc9, 0xc7, 0x96, 0xed, 0x94, 0xc5, 0xd4, 0x37, 0x61,
+    0xdc, 0x51, 0xc4, 0xcd, 0xe8, 0xf2, 0x1f, 0x94, 0x77, 0x9c, 0x9b, 0xfc, 0x17, 0xa1, 0xd9, 0xa2,
+    0xdf, 0x58, 0xaf, 0x85, 0x96, 0x53, 0xd7, 0x4c, 0x45, 0xdd, 0x7a, 0xde, 0x46, 0xbe, 0xcd, 0xb0,
+    0x43, 0x0a, 0x7e, 0x50, 0x6c, 0x9a, 0x27, 0xf0, 0x79, 0x5a, 0x40, 0xae, 0x8d, 0x5b, 0x92, 0x14,
+    0xe3, 0xec, 0xbf, 0x6c, 0x41, 0x10, 0xac, 0xb4, 0x2b, 0x80, 0x70, 0x33, 0x98, 0xf1, 0x1e, 0x1b,
+    0x29, 0xdf, 0x39, 0x37, 0xb0, 0x1d, 0xab, 0x59, 0x5a, 0xe8, 0x53, 0xa8, 0x1a, 0x7f, 0x2f, 0x7d,
+    0xb4, 0x8a, 0x70, 0xda, 0x60, 0x0a, 0xa2, 0xad, 0xc9, 0x50, 0x36, 0xc6, 0x5f, 0x2e, 0x7c, 0xd7,
+    0xcb, 0x34, 0x1e, 0x63, 0xdb, 0xd3, 0xfe, 0xa5, 0xde, 0x57, 0x7c, 0x85, 0x0c, 0x3a, 0x3d, 0x68,
+    0x32, 0x9e, 0x8c, 0x7a, 0xb8, 0xfd, 0xec, 0x8e, 0x3b, 0xe4, 0xb6, 0x59, 0x86, 0x98, 0x9b, 0xff,
+    0xda, 0x43, 0x12, 0x5d, 0x14, 0x73, 0x4c, 0xe7, 0x13, 0x1e, 0x9a, 0xb8, 0xb5, 0x9f, 0xf1, 0x86,
+    0xea, 0xd3, 0x6d, 0x57, 0xf8, 0xf1, 0x91, 0xf9, 0xb5, 0x84, 0x92, 0xdd, 0xec, 0xac, 0x72, 0x65,
+    0xbe, 0xbc, 0xc9, 0xa9, 0xa7, 0x4a, 0x57, 0x38, 0x65, 0x15, 0x35, 0x0a, 0x7a, 0x6c, 0x04, 0xbb,
+    0x03, 0x09, 0x6b, 0x48, 0x7e, 0xa1, 0xc8, 0xd8, 0x32, 0x41, 0xe1, 0x22, 0x51, 0x1f, 0x14, 0x12,
+    0xa5, 0xfd, 0x7c, 0xe4, 0xaf, 0xaa, 0x10, 0xef, 0x04, 0x19, 0xd0, 0xfb, 0xe6, 0x8b, 0xb0, 0x39,
+    0xa4, 0xfa, 0xe4, 0xdc, 0x85, 0x74, 0xe9, 0xa7, 0xab, 0x26, 0x8f, 0xe5, 0x68, 0x3f, 0xbc, 0x37,
+    0xab, 0xd7, 0xe0, 0x77, 0xc0, 0x14, 0x87, 0x99, 0x51, 0xa0, 0x6c, 0x4f, 0xbe, 0x5c, 0xf8, 0x6d,
+    0x64, 0xff, 0xdb, 0xf4, 0xb3, 0x39, 0x1b, 0xdf, 0x76, 0x0b, 0xaf, 0xb2, 0xcf, 0xf3, 0xf5, 0x3d,
+    0xad, 0xc5, 0x36, 0xe7, 0x3c, 0x95, 0xd4, 0xea, 0x35, 0x22, 0x6d, 0x0b, 0x1c, 0x62, 0xd0, 0x49,
+    0x4f, 0x2e, 0x11, 0xb3, 0x57, 0x5b, 0x81, 0x16, 0xb1, 0x9d, 0x42, 0x26, 0x0a, 0x27, 0xc2, 0x5c,
+    0x85, 0x1d, 0x97, 0xe8, 0xa6, 0x56, 0x86, 0xfb, 0xc0, 0xf5, 0x61, 0xbd, 0x88, 0xa9, 0xf3, 0x3a,
+    0xa0, 0xe6, 0xc1, 0x3c, 0x2d, 0x8a, 0x8b, 0x44, 0x52, 0xda, 0x30, 0x9d, 0x15, 0xaa, 0x8c, 0x0f,
+    0x13, 0x79, 0xff, 0x4e, 0x9b, 0xdf, 0x83, 0xd2, 0x50, 0x37, 0x58, 0x01, 0x66, 0x0e, 0xd4, 0xf2,
+    0xd4, 0x69, 0x8e, 0xce, 0x7b, 0xcd, 0xdb, 0x91, 0x46, 0xa7, 0x26, 0x0c, 0xed, 0x48, 0xb9, 0xd2,
+    0xfb, 0xa4, 0x61, 0x69, 0x37, 0x51, 0x23, 0xbb, 0x78, 0xcd, 0x74, 0xe0, 0x55, 0x09, 0xbe, 0x8b,
+    0xae, 0xcc, 0x5d, 0xaf, 0x42, 0x34, 0x1c, 0x32, 0x07, 0x63, 0x8c, 0x29, 0x4d, 0x7d, 0xc4, 0x5b,
+    0x94, 0x6a, 0x9b, 0xd6, 0x69, 0xf6, 0x34, 0xb9, 0x0d, 0xbc, 0x87, 0x80, 0x31, 0x0c, 0x3f, 0xd4,
+    0xde, 0x5f, 0x37, 0xbd, 0xbc, 0x8d, 0x2e, 0x04, 0xea, 0xe2, 0x25, 0xc0, 0xc8, 0x0a, 0xc1, 0xbe,
+    0xbb, 0xa7, 0x74, 0x71, 0x25, 0x6a, 0xcc, 0x93, 0x33, 0xd6, 0xd5, 0x6c, 0x89, 0x4d, 0x38, 0x8d,
+    0xce, 0x2f, 0xa3, 0xbb, 0x59, 0xf3, 0x65, 0x0e, 0x88, 0x94, 0x9c, 0xe3, 0xff, 0x1b, 0x01, 0x5e,
+    0xa2, 0xe8, 0x32, 0x4c, 0x79, 0xf5, 0xba, 0xd4, 0xcf, 0xa4, 0x8e, 0xa1, 0xca, 0x01, 0x94, 0x13,
+    0xf1, 0x92, 0xd8, 0x1a, 0xf0, 0x11, 0xd6, 0x2e, 0xd4, 0x88, 0x77, 0x2c, 0x70, 0x4b, 0xc6, 0xe7,
+    0x3d, 0xb3, 0x88, 0xd1, 0xfd, 0x9d, 0x82, 0xb0, 0xc1, 0x62, 0x55, 0xf3, 0x50, 0xfb, 0xdf, 0xa5,
+    0xb6, 0x84, 0x83, 0xaa, 0x34, 0x75, 0x93, 0x3d, 0x54, 0x2e, 0x88, 0xfa, 0x80, 0x85, 0x64, 0xcb,
+    0x61, 0xe4, 0x66, 0x2c, 0x31, 0x19, 0x80, 0x74, 0x20, 0xc8, 0x4f, 0xd4, 0x3c, 0xd2, 0xc9, 0x0b,
+    0x36, 0x82, 0xa9, 0x9a, 0x10, 0x03, 0x8e, 0x6d, 0xc2, 0x18, 0x09, 0x21, 0xfb, 0x0d, 0xab, 0xc7,
+    0xec, 0xc1, 0xbb, 0xc7, 0x04, 0x70, 0xc2, 0x8a, 0xd1, 0x06, 0x93, 0x99, 0x4e, 0x92, 0x5a, 0x41,
+    0xc8, 0x3d, 0x75, 0x2b, 0xa5, 0x72, 0x36, 0x7d, 0xec, 0x16, 0x9d, 0xa7, 0x5d, 0x25, 0x29, 0x7a,
+    0x52, 0x7d, 0x72, 0x6e, 0xa3, 0x3a, 0x95, 0xb2, 0xb4, 0x13, 0xa6, 0x93, 0x34, 0xfe, 0x5e, 0xfa,
+    0xb2, 0x98, 0xa6, 0x4a, 0x9c, 0x8b, 0xf1, 0xde, 0xad, 0xd2, 0x37, 0x82, 0xfd, 0x10, 0x54, 0xf3,
+    0xd0, 0x75, 0xab, 0x2e, 0xd3, 0x33, 0xb9, 0x72, 0xbf, 0x5b, 0x99, 0x74, 0x90, 0xdd, 0x89, 0xea,
+    0x72, 0x9d, 0x99, 0x62, 0xaa, 0xc6, 0x03, 0xa6, 0x70, 0xff, 0x17, 0xd5, 0x5a, 0xdc, 0x1d, 0xf9,
+    0xeb, 0xd4, 0xf5, 0x6f, 0xd2, 0x2f, 0x68, 0xb1, 0x1a, 0xbb, 0xcd, 0xc3, 0x62, 0x18, 0x7e, 0x6b,
+    0x96, 0x64, 0x68, 0xa6, 0x3d, 0x89, 0x05, 0x29, 0x90, 0xc2, 0x39, 0xbc, 0xee, 0xa7, 0x27, 0xc8,
+    0x0e, 0x2a, 0x9c, 0x93, 0x6f, 0xbe, 0x97, 0x76, 0x55, 0xb9, 0xbc, 0xb4, 0x58, 0xd7, 0x48, 0x54,
+    0xe2, 0xeb, 0x27, 0x54, 0x6b, 0xce, 0x55, 0xfc, 0x84, 0xbf, 0x2f, 0x2d, 0x16, 0x45, 0x12, 0x15,
+    0x56, 0x61, 0x57, 0x8e, 0x0b, 0xc4, 0xf7, 0x51, 0x4d, 0xef, 0x19, 0xeb, 0x49, 0x6b, 0x6e, 0xc2,
+    0x4c, 0x27, 0x7a, 0xfb, 0x29, 0xfa, 0x49, 0xce, 0x83, 0xdc, 0xa3, 0x04, 0x5b, 0x38, 0xd6, 0x4e,
+    0x40, 0x03, 0x15, 0x18, 0x12, 0x3b, 0xef, 0x28, 0x4b, 0x1b, 0xa1, 0x8c, 0xdc, 0x44, 0x86, 0x06,
+    0x37, 0x85, 0x31, 0xa2, 0x3a, 0xdd, 0x77, 0x25, 0x6d, 0x27, 0x56, 0x3f, 0x75, 0xb9, 0xa7, 0xc9,
+    0x92, 0x78, 0x4d, 0x46, 0x95, 0x77, 0x67, 0xca, 0x69, 0x3e, 0x86, 0xc4, 0x93, 0x32, 0x17, 0xf0,
+    0x44, 0x1f, 0x30, 0xf8, 0xba, 0xc5, 0x8d, 0xcb, 0xb2, 0xe7, 0x1e, 0xf4, 0xa1, 0xd1, 0xb6, 0x3e,
+    0x8f, 0x2b, 0x2e, 0x9b, 0x61, 0x16, 0x73, 0x6e, 0x6c, 0xb0, 0x62, 0x71, 0xad, 0xeb, 0x8b, 0x56,
+    0x59, 0x4c, 0x53, 0x25, 0x4e, 0xa4, 0x99, 0x6f, 0xb7, 0x69, 0xfa, 0x41, 0x9f, 0x08, 0x2a, 0x98,
+    0xdb, 0x44, 0x8a, 0x65, 0x3e, 0xad, 0xb5, 0xaf, 0xbc, 0x21, 0xc5, 0xa6, 0x3b, 0x2b, 0xfd, 0x88,
+    0x6d, 0xc0, 0x09, 0xcf, 0x0a, 0xd8, 0x26, 0x92, 0xe8, 0x0f, 0x4d, 0x5c, 0xbb, 0xae, 0x99, 0x43,
+    0x8c, 0x22, 0x45, 0xd3, 0x1f, 0xb7, 0xbb, 0xb6, 0x5e, 0xf1, 0x83, 0x53, 0xfc, 0xf4, 0x9f, 0x44,
+    0xd3, 0x7c, 0xc0, 0x66, 0xad, 0x92, 0x71, 0xaa, 0x8d, 0x1a, 0x78, 0x56, 0xc1, 0xc2, 0x9d, 0xf8,
+    0x88, 0x3e, 0x60, 0x33, 0xb7, 0x49, 0xd9, 0x55, 0xa7, 0x0d, 0x3c, 0x2b, 0x81, 0x61, 0xaf, 0x7c,
+    0x47, 0x16, 0x5b, 0xb0, 0xc4, 0x64, 0x45, 0x13, 0x80, 0xa6, 0xff, 0xd6, 0xf0, 0xce, 0xa2, 0x2c,
+    0xe5, 0xfe, 0x69, 0xfc, 0xbd, 0x91, 0xff, 0xc7, 0x4f, 0x02, 0x71, 0x77, 0x3a, 0xcf, 0x36, 0x3f,
+    0x2f, 0xcd, 0xef, 0xa7, 0x4c, 0x9c, 0xf8, 0x2a, 0x3e, 0x6a, 0x52, 0xec, 0xb8, 0x41, 0x07, 0x59,
+    0x12, 0x7e, 0x67, 0x76, 0xb1, 0x01, 0x7a, 0x9a, 0xff, 0x08, 0x07, 0x1f, 0xe8, 0xba, 0xd8, 0xfc,
+    0x8b, 0x37, 0x0b, 0x7b, 0xc9, 0xe8, 0x11, 0x8d, 0x95, 0x4c, 0xdd, 0x09, 0xd0, 0x7e, 0xbb, 0x6e,
+    0x11, 0x77, 0x0c, 0x3e, 0xcf, 0xa0, 0xb2, 0x42, 0xcd, 0x49, 0xe6, 0x3d, 0xb9, 0xa5, 0xcc, 0xee,
+    0x54, 0x6f, 0xa4, 0xfe, 0x5f, 0xbb, 0xc6, 0xc1, 0xd0, 0x91, 0xa7, 0xd7, 0x96, 0xc0, 0x76, 0xde,
+    0xa8, 0xde, 0x8b, 0x3f, 0xbe, 0xb5, 0x4f, 0x41, 0x63, 0xe1, 0x8d, 0x6d, 0xef, 0x43, 0xec, 0x7f,
+    0x87, 0x13, 0x64, 0x98, 0xf2, 0x29, 0xb7, 0x6b, 0x5d, 0x8b, 0xdf, 0x81, 0x57, 0x02, 0xeb, 0x26,
+    0x2d, 0xc3, 0x1c, 0xd7, 0x18, 0xe3, 0xc9, 0xba, 0xa3, 0x14, 0xec, 0xd0, 0x67, 0xea, 0x1f, 0x45,
+    0x5d, 0x50, 0x76, 0xc5, 0xe6, 0x5a, 0xfb, 0x8c, 0x4e, 0x95, 0x45, 0x39, 0xe2, 0x9d, 0x1a, 0xa0,
+    0x9d, 0x55, 0x49, 0xed, 0xd0, 0x17, 0x09, 0xf4, 0x93, 0xb8, 0x65, 0x6e, 0x45, 0x51, 0x53, 0xaa,
+    0x39, 0xaf, 0xad, 0x31, 0x55, 0x63, 0xe0, 0x53, 0x38, 0x9e, 0xea, 0x8b, 0x2d, 0x6e, 0xef, 0x9d,
+    0x5f, 0x5e, 0x85, 0xb5, 0xb2, 0x25, 0xca, 0x1c, 0xd3, 0xeb, 0xfb, 0x05, 0x3d, 0x36, 0x02, 0xbc,
+    0x26, 0xf2, 0x3d, 0x9c, 0xf5, 0x7d, 0xc5, 0x67, 0xa0, 0x6e, 0xb0, 0x02, 0xcc, 0x1c, 0x6b, 0x27,
+    0x05, 0x1b, 0xbd, 0xd8, 0x82, 0x20, 0x9b, 0xab, 0x56, 0xc3, 0xe0, 0x66, 0xf3, 0x21, 0x3c, 0x36,
+    0xd5, 0x6e, 0x16, 0xf6, 0x51, 0x13, 0x22, 0xd9, 0xe9, 0x98, 0x79, 0x12, 0x63, 0xfc, 0xb5, 0xdc,
+    0xfc, 0xb1, 0x2f, 0xc1, 0xe1, 0x0e, 0x89, 0x80, 0xb3, 0x70, 0x2a, 0xba, 0x79, 0x83, 0x9a, 0xa1,
+    0x19, 0x4f, 0x46, 0x3d, 0x5c, 0x9f, 0x76, 0x47, 0xfc, 0x72, 0x5b, 0xcd, 0x43, 0x4c, 0xac, 0x9e,
+    0x09, 0x3f, 0xd2, 0x3b, 0xb9, 0xe1, 0x3d, 0x4d, 0x9e, 0x04, 0xe2, 0xee, 0x74, 0x5d, 0x6c, 0x7e,
+    0xb3, 0x9f, 0x3e, 0x72, 0xb6, 0x55, 0x08, 0x96, 0x02, 0xed, 0x68, 0x9c, 0x73, 0xa4, 0x58, 0xfd,
+    0xfa, 0xa3, 0xf9, 0x51, 0x1d, 0x8f, 0xda, 0xf3, 0xd7, 0xf2, 0x2b, 0xfe, 0xdb, 0xbd, 0xb2, 0x85,
+    0xef, 0xc8, 0xd0, 0x8f, 0x7a, 0xd1, 0x0a, 0x52, 0xe3, 0x47, 0x72, 0xbb, 0x1f, 0x8d, 0x4e, 0x53,
+    0x0a, 0x36, 0xb9, 0x73, 0xc7, 0x40, 0xf5, 0x95, 0xac, 0x45, 0x03, 0xcc, 0x25, 0x42, 0x78, 0x6c,
+    0x30, 0x90, 0x7f, 0x0a, 0xec, 0x82, 0xdd, 0x1e, 0xa6, 0x9a, 0x08, 0x65, 0x59, 0x33, 0x83, 0xe3,
+    0xcd, 0x26, 0xc8, 0xf3, 0x27, 0x52, 0xad, 0xd6, 0xba, 0xd5, 0x7d, 0xc1, 0xae, 0x04, 0x15, 0x4c,
+    0xd6, 0x67, 0x7d, 0xbe, 0x2f, 0xb2, 0xea, 0x01, 0xdb, 0xd9, 0x98, 0x30, 0x32, 0xe3, 0xa1, 0xce,
+    0x6b, 0xd2, 0xdf, 0x5f, 0xf6, 0x59, 0x75, 0xe1, 0x8c, 0x8d, 0x4c, 0x18, 0x19, 0x90, 0xb1, 0x67,
+    0x08, 0x38, 0x4a, 0x03, 0x93, 0x3f, 0xc4, 0x05, 0x31, 0x3b, 0xbd, 0xf0, 0xfa, 0xe9, 0x60, 0x70,
+    0xb5, 0x8d, 0xe8, 0xe2, 0x4a, 0xd4, 0x5b, 0xe5, 0x66, 0x6f, 0x69, 0xd8, 0xd1, 0x9a, 0x70, 0xd9,
+    0x6e, 0xc9, 0x62, 0x87, 0x74, 0x79, 0xee, 0x4a, 0xda, 0x4e, 0xac, 0x7e, 0xea, 0xb1, 0x8d, 0x51,
+    0x65, 0xf8, 0x43, 0xcc, 0x99, 0xe7, 0xe2, 0x97, 0xd9, 0x34, 0xf0, 0xac, 0x41, 0x47, 0xf9, 0x33,
+    0xf5, 0x8e, 0xfd, 0xfa, 0x58, 0xef, 0xb4, 0xcd, 0x2d, 0x74, 0xc8, 0x54, 0x0d, 0xde, 0xf6, 0xdf,
+    0xaa, 0xd0, 0x78, 0x4f, 0xea, 0xca, 0x7e, 0xd1, 0xfe, 0x9f, 0x33, 0x51, 0x30, 0xe8, 0xf4, 0x63,
+    0x74, 0x8f, 0x4f, 0xf2, 0x56, 0x47, 0x50, 0xd5, 0x14, 0x7d, 0x16, 0x91, 0xf8, 0xe2, 0x35, 0xdd,
+    0x4b, 0x32, 0x34, 0x53, 0xff, 0xa5, 0xe3, 0xf5, 0x48, 0x61, 0xfd, 0x5e, 0x77, 0xb2, 0xf2, 0x64,
+    0xff, 0xb8, 0x44, 0x89, 0x9f, 0xaf, 0x41, 0x58, 0x81, 0x31, 0xcb, 0x98, 0x28, 0x9c, 0x8e, 0xb3,
+    0x81, 0x01, 0xb2, 0x08, 0x0e, 0xa8, 0xe4, 0x18, 0x39, 0x09, 0xde, 0xc5, 0xf5, 0x3c, 0xc3, 0x02,
+    0xc1, 0x02, 0xa7, 0x10, 0x1c, 0x93, 0x0b, 0x30, 0x72, 0x12, 0x7f, 0x49, 0x29, 0x78, 0x45, 0x04,
+    0xd1, 0x72, 0x33, 0x16, 0xf9, 0xed, 0x40, 0x3a, 0x10, 0x64, 0xc6, 0x6a, 0x1e, 0x69, 0x85, 0xe4,
+    0x28, 0xd8, 0xa1, 0x0f, 0x9a, 0xc3, 0x52, 0x11, 0xf5, 0xd7, 0x0c, 0xb6, 0x94, 0xcb, 0x23, 0x73,
+    0xb1, 0x91, 0xcd, 0x02, 0xe2, 0x2a, 0x39, 0x06, 0x9f, 0x93, 0xd6, 0xa0, 0xac, 0x0f, 0x40, 0xe1,
+    0x9b, 0x47, 0x9f, 0x7d, 0x2c, 0x96, 0x5a, 0x87, 0xf7, 0x3a, 0x64, 0x2a, 0xe7, 0x6f, 0x7b, 0x8e,
+    0xdd, 0x56, 0x5c, 0xf5, 0xc2, 0x2c, 0xe6, 0xdc, 0xd8, 0xa3, 0xc4, 0xe2, 0x99, 0x15, 0xd5, 0xac,
+    0x23, 0xe9, 0x80, 0x44, 0x77, 0x5d, 0x5e, 0xcc, 0xf6, 0xad, 0x50, 0x64, 0x3f, 0x3d, 0x57, 0x11,
+    0x3f, 0xbd, 0x7b, 0xa1, 0xa9, 0xe2, 0xb3, 0x20, 0x5c, 0x1c, 0xeb, 0xcf, 0x8f, 0x50, 0xc7, 0xb9,
+    0x02, 0x0e, 0xf3, 0x70, 0x54, 0x7f, 0x31, 0x90, 0x9d, 0x7e, 0xbe, 0x3c, 0xdf, 0xab, 0x18, 0x1c,
+    0x10, 0x70, 0x94, 0x06, 0xe5, 0x7e, 0x4b, 0x0a, 0x62, 0x76, 0xb9, 0x23, 0x37, 0x11, 0xc0, 0xe0,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x1a, 0x46, 0x2d, 0x75, 0x22, 0x3e, 0xbe, 0x9f, 0xce, 0x33, 0xba, 0xef, 0x12, 0x53, 0xb8, 0x8c,
+    0x60, 0xe3, 0xfe, 0x14, 0x1b, 0xc7, 0x79, 0x3c, 0x8f, 0xf7, 0x10, 0xca, 0xb2, 0x66, 0xc5, 0x05,
+    0x5a, 0x45, 0x38, 0x6d, 0x30, 0x05, 0x51, 0xb7, 0x85, 0x28, 0x1b, 0x63, 0xce, 0x17, 0x3e, 0x8a,
+    0x3e, 0xba, 0xe3, 0x99, 0x83, 0x3c, 0x4a, 0x68, 0xf3, 0x23, 0xb4, 0xd1, 0x01, 0xe4, 0xcb, 0xb7,
+    0x6a, 0xd5, 0x47, 0x67, 0xdc, 0x87, 0x8c, 0xa9, 0x23, 0xb2, 0x13, 0x06, 0x97, 0x24, 0xbd, 0x69,
+    0x71, 0x94, 0xf2, 0x2a, 0xd4, 0x67, 0xcb, 0x7e, 0x42, 0xbe, 0xf6, 0xf7, 0x0b, 0xc3, 0x09, 0xeb,
+    0x75, 0x88, 0xd7, 0xca, 0x7c, 0x99, 0xa9, 0x9d, 0xbb, 0x42, 0x49, 0x8f, 0x76, 0x56, 0x39, 0xd3,
+    0xb7, 0x83, 0x1b, 0x92, 0x1e, 0xab, 0x6a, 0x75, 0xfb, 0x11, 0xd7, 0xe4, 0x0e, 0x31, 0x68, 0xc5,
+    0x7a, 0xa5, 0xd3, 0x61, 0x39, 0xf9, 0xc7, 0xa3, 0x41, 0xc4, 0xaa, 0x25, 0xa0, 0x35, 0x7d, 0x89,
+    0xd9, 0x4a, 0x79, 0x15, 0x6a, 0xd2, 0x84, 0x3f, 0x21, 0x5f, 0x7b, 0x9a, 0xe4, 0x80, 0xe5, 0x94,
+    0x6c, 0xc7, 0x91, 0xf7, 0x20, 0x06, 0xdf, 0xda, 0x47, 0x30, 0x12, 0x42, 0x35, 0x1a, 0x95, 0x4d,
+    0x93, 0x7f, 0xd5, 0x7e, 0xbf, 0xa9, 0x9e, 0x82, 0xc6, 0x01, 0xd9, 0xda, 0x1d, 0x86, 0x1b, 0xfe,
+    0x45, 0x18, 0xa8, 0xc0, 0x90, 0x1b, 0x74, 0x83, 0x1d, 0xd8, 0x41, 0xea, 0x2f, 0x65, 0xba, 0x30,
+    0x9a, 0x40, 0x07, 0x45, 0x06, 0x48, 0xa3, 0xcf, 0x58, 0x05, 0x3b, 0x34, 0x69, 0xdb, 0x77, 0x80,
+    0x89, 0x39, 0xf8, 0x0b, 0x9d, 0x97, 0x20, 0x1d, 0x08, 0x32, 0x63, 0x35, 0x0f, 0xd5, 0xa3, 0x72,
+    0x3a, 0xa6, 0xc6, 0x79, 0x2b, 0xc2, 0x28, 0x8b, 0x0a, 0xdf, 0x0b, 0xa9, 0x7c, 0x71, 0xfb, 0x8f,
+    0x78, 0xab, 0x20, 0x11, 0x6d, 0x86, 0xf6, 0x33, 0xdc, 0xba, 0x14, 0x19, 0x7f, 0x9e, 0x65, 0x95,
+    0x1d, 0x53, 0x63, 0xdd, 0xf4, 0x61, 0x14, 0xa4, 0x05, 0x8e, 0xe4, 0xb5, 0x3e, 0xd9, 0x9c, 0xa6,
+    0x8a, 0x30, 0x93, 0x43, 0xe3, 0x36, 0xe8, 0xc5, 0x3a, 0x73, 0x82, 0x17, 0x5e, 0xca, 0xb7, 0x60,
+    0x97, 0x63, 0xf0, 0x9e, 0x17, 0x57, 0xfc, 0x61, 0x3f, 0xfd, 0x66, 0xa2, 0x60, 0x13, 0x2b, 0xc6,
+    0xf8, 0xad, 0x0a, 0x21, 0x49, 0xf0, 0xeb, 0x63, 0x4a, 0x8c, 0x95, 0xc2, 0x04, 0x16, 0xaa, 0x99,
+    0xf9, 0xaa, 0x92, 0x19, 0x63, 0x2e, 0x12, 0x2b, 0xe5, 0xb3, 0xca, 0xdc, 0x8a, 0xa2, 0xa6, 0x97,
+    0x58, 0x4b, 0xcb, 0x1d, 0x64, 0x7a, 0x60, 0x27, 0x18, 0x56, 0xa5, 0x5f, 0x11, 0xbc, 0x26, 0x96,
+    0x2c, 0xc4, 0x84, 0xef, 0x32, 0x3d, 0x30, 0xf2, 0x0c, 0x2b, 0xb3, 0xce, 0xe9, 0x5e, 0x13, 0x4b,
+    0x06, 0x12, 0xd6, 0x90, 0xfc, 0x81, 0x53, 0x73, 0x64, 0x82, 0x01, 0x44, 0xa2, 0x3e, 0x28, 0x24,
+    0xbc, 0xb2, 0x3a, 0xd9, 0xf3, 0x35, 0x66, 0xa8, 0xf8, 0x6b, 0x8b, 0x36, 0xa5, 0xc7, 0x1c, 0xa7,
+    0x9c, 0x52, 0xd1, 0xd5, 0xfa, 0xc9, 0xf0, 0xbc, 0x3c, 0x87, 0x3a, 0x70, 0xcb, 0xe5, 0x5f, 0xa4,
+    0x55, 0x68, 0x3c, 0xc6, 0x75, 0x65, 0x3f, 0x89, 0x7f, 0xae, 0xf8, 0xc9, 0x18, 0x74, 0x7a, 0xd0,
+    0x7c, 0xb7, 0x05, 0xf1, 0xc5, 0x78, 0x94, 0xd0, 0x25, 0x46, 0xab, 0x61, 0x02, 0x0b, 0x55, 0xad,
+    0x2a, 0xd6, 0x52, 0x7f, 0xce, 0xbc, 0x63, 0x81, 0x68, 0xa9, 0xb2, 0x8a, 0x4b, 0x60, 0x3b, 0x6f,
+    0x3b, 0xa1, 0x5e, 0x41, 0x01, 0x1c, 0xd1, 0xc3, 0xa5, 0xe0, 0x54, 0xb7, 0xf2, 0xc5, 0xf7, 0x81,
+    0x9f, 0x5b, 0xba, 0x9d, 0x84, 0x68, 0x38, 0x64, 0x0e, 0xc6, 0xdb, 0x52, 0x9a, 0xfa, 0x4b, 0xb6,
+    0xc6, 0x17, 0xe9, 0xb8, 0xca, 0xcc, 0xa1, 0x0b, 0xb9, 0xaf, 0x21, 0x13, 0x05, 0xf2, 0x61, 0x2e,
+    0x1c, 0x54, 0xfb, 0xe5, 0xde, 0xbf, 0xed, 0xec, 0xaa, 0xb1, 0xbb, 0xab, 0xb0, 0x6d, 0x90, 0xa8,
+    0xfe, 0xbf, 0xdc, 0xb1, 0xb5, 0x71, 0xb8, 0x10, 0x2e, 0x0e, 0x94, 0x86, 0xa6, 0x28, 0x82, 0xbd,
+    0x62, 0xed, 0x0d, 0x64, 0x4f, 0xb8, 0x48, 0xac, 0x12, 0x89, 0xae, 0xf6, 0x6d, 0xcd, 0xdd, 0x19,
+    0x7d, 0xb0, 0x9d, 0xc9, 0xef, 0xa6, 0x6d, 0x98, 0x8a, 0x79, 0xf4, 0x7f, 0x8c, 0xbf, 0x59, 0xa3,
+    0x21, 0xe7, 0x73, 0x34, 0x23, 0x22, 0x6f, 0x5c, 0x6b, 0xd3, 0xee, 0x58, 0xe0, 0x96, 0x4f, 0x0d,
+    0xc0, 0x05, 0x3f, 0x28, 0x36, 0x4d, 0xf2, 0x78, 0xdd, 0x2d, 0x20, 0x57, 0xa7, 0xcc, 0x49, 0x0a,
+    0xf2, 0x9b, 0xb3, 0x52, 0x8e, 0xb0, 0x1e, 0xf6, 0xe6, 0xc9, 0x96, 0x0e, 0x21, 0x54, 0xd2, 0xf5,
+    0xf7, 0x80, 0x0e, 0x8a, 0x0c, 0x90, 0x85, 0x5d, 0xb0, 0x0a, 0x76, 0x68, 0xd2, 0x75, 0xee, 0xc3,
+    0x33, 0x99, 0x14, 0x42, 0x92, 0x23, 0x15, 0xc6, 0x94, 0xdb, 0xe9, 0x47, 0x08, 0x2c, 0x97, 0xf1,
+    0x98, 0x4e, 0xf4, 0x35, 0x52, 0x37, 0x92, 0x5f, 0xc5, 0x7b, 0x85, 0x08, 0xb6, 0x70, 0x6f, 0x9c,
+    0xa9, 0xd9, 0x13, 0x07, 0x94, 0x6b, 0xb6, 0x09, 0xcc, 0xde, 0xd2, 0x73, 0x61, 0xf7, 0xe0, 0x71,
+    0x82, 0x08, 0xd9, 0x40, 0x70, 0x09, 0x2c, 0xc0, 0x0b, 0x48, 0x3f, 0xe7, 0xa4, 0x23, 0xd7, 0x10,
+    0x4d, 0x20, 0xe2, 0xc3, 0x03, 0x24, 0xb0, 0x86, 0x2c, 0xe3, 0xfc, 0x1a, 0xd5, 0x8c, 0xda, 0x40,
+    0xf4, 0x89, 0x65, 0xc2, 0x72, 0x31, 0x4d, 0x85, 0x82, 0x4b, 0x97, 0x4a, 0x83, 0x6a, 0xfa, 0xd1,
+    0xf6, 0x87, 0x96, 0xb2, 0x26, 0x4e, 0x7c, 0x15, 0x1f, 0x35, 0x29, 0x76, 0x5c, 0xc1, 0xe2, 0xcd,
+    0x14, 0x6c, 0xb1, 0xe6, 0x4d, 0x80, 0x29, 0xe9, 0x9b, 0x8a, 0x06, 0x5b, 0x4a, 0x84, 0xf0, 0xd8,
+    0x7b, 0xa2, 0x4b, 0x59, 0x13, 0x27, 0x3e, 0xeb, 0xee, 0xfb, 0xf5, 0x3b, 0x2e, 0x81, 0x71, 0x87,
+    0x79, 0xac, 0xb8, 0x29, 0x47, 0x58, 0x0f, 0x7b, 0x73, 0x85, 0x4b, 0x07, 0xf1, 0x2a, 0x69, 0x9b,
+    0x17, 0x65, 0xda, 0xae, 0x33, 0x21, 0xe1, 0x31, 0xa9, 0xcb, 0xe7, 0x79, 0x1b, 0x9b, 0xe4, 0xca,
+    0xf0, 0x95, 0x40, 0x22, 0xda, 0xcf, 0x2f, 0x66, 0x7b, 0xb7, 0x28, 0x32, 0xfe, 0xff, 0xca, 0xe9,
+    0xbf, 0xbb, 0x51, 0x91, 0x8d, 0x94, 0xae, 0x70, 0xca, 0x2a, 0x6a, 0x14, 0xf4, 0xd8, 0x08, 0xb5,
+    0xcf, 0x28, 0x3b, 0x83, 0x73, 0x2d, 0x9c, 0x46, 0x27, 0xab, 0xc3, 0xfd, 0x71, 0xaf, 0x0d, 0x50,
+    0x01, 0x07, 0x98, 0x38, 0x2a, 0xde, 0xf9, 0x48, 0xaf, 0x3f, 0x5f, 0x1e, 0x8e, 0xb4, 0x0c, 0x0e,
+    0xed, 0xc6, 0x23, 0xff, 0x2e, 0xae, 0x3b, 0xc2, 0x7e, 0x39, 0xcc, 0x87, 0xc0, 0x26, 0x56, 0x4f,
+    0xcc, 0x21, 0x50, 0xcb, 0x0d, 0x8c, 0x54, 0x9e, 0x15, 0xea, 0x22, 0xdf, 0x20, 0xb0, 0x19, 0x42,
+    0x15, 0x6b, 0x29, 0xde, 0x67, 0x5e, 0xd0, 0xa1, 0x34, 0xb5, 0x59, 0x45, 0xc4, 0x30, 0xfc, 0xd6,
+    0x27, 0xf5, 0xa5, 0xa4, 0xdf, 0xa3, 0x3c, 0x2f, 0x0f, 0x51, 0xef, 0x1c, 0x42, 0xa8, 0x67, 0x29,
+    0xa3, 0xef, 0xaa, 0x74, 0x53, 0x2b, 0x43, 0x9c, 0x60, 0x9b, 0xd1, 0xbf, 0x44, 0xb5, 0x98, 0x1d,
+    0x0b, 0x31, 0x21, 0x4b, 0xed, 0x9e, 0x0c, 0xdd, 0x03, 0x7a, 0x5c, 0xd2, 0xab, 0xf6, 0x74, 0x62,
+    0x38, 0xa8, 0x35, 0x09, 0x7f, 0xbd, 0x19, 0x1b, 0x97, 0xa1, 0xb5, 0x95, 0xa3, 0xda, 0xe3, 0x93,
+    0x57, 0x66, 0xcf, 0xb6, 0x21, 0x1a, 0x0e, 0x19, 0xe2, 0xd0, 0x46, 0xf5, 0xc7, 0xdf, 0x62, 0xcc,
+    0x67, 0xf6, 0xb0, 0xbc, 0xcd, 0x98, 0xd3, 0x07, 0x44, 0x4a, 0x4e, 0x90, 0x9e, 0xec, 0xe1, 0x2f,
+    0x83, 0x0f, 0x41, 0x78, 0x5a, 0xd7, 0xd5, 0x88, 0xa4, 0x77, 0x60, 0xf9, 0x2a, 0x97, 0xdb, 0x1e,
+    0x3c, 0xb4, 0x10, 0xe9, 0xd7, 0x43, 0x7b, 0xf8, 0x6e, 0x5d, 0x0a, 0xed, 0xde, 0x4f, 0xd3, 0xab,
+    0xfd, 0xb6, 0xb7, 0xf9, 0xcb, 0xd0, 0x70, 0xc8, 0x1c, 0x4f, 0x75, 0xa4, 0xf7, 0x37, 0x96, 0xaf,
+    0xac, 0xc2, 0xae, 0xdf, 0x16, 0x4b, 0x2d, 0xa2, 0x9a, 0x1d, 0x32, 0x15, 0x92, 0xd6, 0xdc, 0x47,
+    0x95, 0x6d, 0x03, 0xee, 0x43, 0x28, 0xcd, 0xf1, 0xa2, 0x83, 0xd8, 0x9e, 0xbf, 0xb8, 0x33, 0xda,
+    0x51, 0x74, 0x19, 0x26, 0xdd, 0x9b, 0x5d, 0x6a, 0x86, 0x52, 0x47, 0xb1, 0x65, 0xe1, 0x4a, 0xe8,
+    0xd2, 0x7b, 0x58, 0x5e, 0x87, 0x4c, 0x88, 0xe2, 0x22, 0x25, 0x27, 0x48, 0x4f, 0x76, 0x91, 0xf6,
+    0xe1, 0xe2, 0x4c, 0x1c, 0x15, 0x6f, 0x9d, 0x24, 0xb6, 0xfe, 0xce, 0x0f, 0x47, 0x5a, 0x06, 0x07,
+    0xe4, 0xf9, 0xf1, 0xc4, 0x97, 0x4f, 0x06, 0x8f, 0xe0, 0x3d, 0x2e, 0x69, 0xb4, 0x7b, 0x3a, 0x31,
+    0xa6, 0xf4, 0x17, 0xac, 0xd1, 0x0b, 0xd8, 0x37, 0x36, 0x58, 0x31, 0xd9, 0xb7, 0x94, 0xa4, 0x2b,
+    0x2e, 0xca, 0x77, 0x9f, 0x66, 0x42, 0x01, 0x62, 0x91, 0x55, 0x0d, 0xf2, 0x36, 0xf5, 0x0b, 0x57,
+    0x9e, 0x5c, 0x22, 0xa5, 0xae, 0xb6, 0xc1, 0x2c, 0xa1, 0xf9, 0x84, 0x4c, 0x14, 0x4e, 0x47, 0xb8,
+    0xb0, 0x96, 0x55, 0x3a, 0xc8, 0xf4, 0xc0, 0x4e, 0x30, 0xac, 0x89, 0xbe, 0x22, 0xbb, 0x4c, 0xef,
+    0x04, 0x1c, 0x25, 0xe0, 0xa8, 0xfe, 0x62, 0xe3, 0xf9, 0xfc, 0xbf, 0x78, 0x7d, 0x95, 0x30, 0x38,
+    0xca, 0x33, 0x86, 0x5b, 0xf1, 0x0d, 0x07, 0xed, 0x71, 0x68, 0x23, 0x9b, 0x82, 0x8e, 0x31, 0x66,
+    0xe0, 0xe5, 0xd4, 0x24, 0x3f, 0xb1, 0x64, 0x6c, 0x19, 0xc1, 0x91, 0x11, 0xc9, 0xee, 0x0a, 0x09,
+    0x7e, 0xb9, 0xf6, 0x81, 0x91, 0x07, 0xa5, 0x40, 0xb8, 0x38, 0x15, 0x5d, 0xdd, 0xa0, 0x4d, 0xb1,
+    0x66, 0xf1, 0x28, 0x84, 0xe7, 0x46, 0x2a, 0x4f, 0xeb, 0x75, 0x11, 0x8e, 0x10, 0x58, 0xed, 0x21,
+    0x50, 0x73, 0x81, 0x1e, 0xf7, 0x45, 0xa4, 0x22, 0x29, 0x6d, 0x18, 0xaf, 0xeb, 0x55, 0x46, 0xe6,
+    0x49, 0x3c, 0xc7, 0x23, 0xab, 0xda, 0xd2, 0x65, 0xd5, 0x1f, 0x43, 0x62, 0xa8, 0x19, 0xea, 0x78,
+    0x5b, 0x42, 0xa0, 0x55, 0x1a, 0xdb, 0xa8, 0xff, 0x2a, 0x17, 0x44, 0x7d, 0x40, 0xa3, 0x32, 0x84,
+    0x99, 0x49, 0x6c, 0x0d, 0x78, 0xe9, 0x6b, 0x17, 0x6a, 0x44, 0xda, 0x16, 0x38, 0xc4, 0x63, 0x92,
+    0x68, 0xdb, 0xb4, 0x17, 0x88, 0xf8, 0xbd, 0x39, 0xbe, 0xcc, 0xad, 0x3a, 0x48, 0x8f, 0xa5, 0x75,
+    0xe9, 0xda, 0x06, 0x1f, 0x86, 0x50, 0x59, 0x21, 0x87, 0xc5, 0x73, 0xff, 0xbd, 0xb3, 0x66, 0x77,
+    0xc5, 0x1e, 0x82, 0xf0, 0xb4, 0x6d, 0x69, 0xd3, 0x8b, 0xee, 0xc0, 0x31, 0x54, 0xed, 0x75, 0x3c,
+  },
+  { /* 8 */
+    0xd7, 0x48, 0x12, 0xa3, 0xbe, 0x29, 0x25, 0xd9, 0x10, 0xec, 0xae, 0xdf, 0x6a, 0x2d, 0x01, 0xfc,
+    0x63, 0x44, 0x11, 0xde, 0x60, 0x0e, 0x82, 0x6c, 0x92, 0x7c, 0xf2, 0x2a, 0x20, 0xcb, 0xa0, 0xee,
+    0x5e, 0x13, 0x74, 0x22, 0x3d, 0x0d, 0xaf, 0x72, 0xfa, 0x27, 0xc7, 0x23, 0xaa, 0xd2, 0x47, 0xdd,
+    0xaa, 0x8c, 0x23, 0x54, 0x8a, 0x01, 0x1b, 0x0a, 0x99, 0x88, 0x13, 0x07, 0xc7, 0xb6, 0x5d, 0x11,
+    0xea, 0x1f, 0x77, 0x5f, 0xe3, 0x2a, 0x08, 0xc7, 0x78, 0xb7, 0x9b, 0xd6, 0xe0, 0x34, 0xe6, 0xcf,
+    0x2a, 0x69, 0x8b, 0x42, 0x58, 0x57, 0x3d, 0x53, 0x98, 0xf6, 0xc0, 0x66, 0x89, 0x71, 0xe8, 0x6e,
+    0x29, 0x16, 0xe4, 0x73, 0x84, 0x86, 0x44, 0x75, 0x7a, 0x4b, 0xfe, 0x14, 0x7c, 0x79, 0x4f, 0x31,
+    0x9c, 0x8e, 0xc2, 0xa0, 0xaf, 0xee, 0x75, 0x63, 0xa6, 0xb0, 0x09, 0xcf, 0x65, 0x26, 0x32, 0x16,
+    0xe1, 0x4a, 0xf3, 0x57, 0x9b, 0xc6, 0x4b, 0xb0, 0x2f, 0xd4, 0xb4, 0x17, 0xc8, 0xbd, 0x6e, 0xfb,
+    0xa4, 0x58, 0x16, 0x0f, 0x55, 0x5d, 0xd3, 0x17, 0x2b, 0xef, 0x7e, 0x50, 0x33, 0x27, 0xff, 0xc4,
+    0xeb, 0x8b, 0x52, 0xf1, 0x16, 0x65, 0x9e, 0x64, 0x26, 0xdc, 0x30, 0xf8, 0xb3, 0x8d, 0x3a, 0xfa,
+    0x68, 0x11, 0x95, 0xd6, 0x18, 0xe2, 0xc1, 0x1b, 0xc5, 0x1f, 0xdd, 0xeb, 0x08, 0x42, 0x28, 0xda,
+    0x9d, 0x1a, 0xe7, 0x0e, 0x5a, 0xa1, 0xe3, 0xc0, 0xf8, 0xdb, 0xa2, 0xe1, 0x36, 0x9f, 0xee, 0x23,
+    0xae, 0x99, 0xb7, 0xa9, 0xd8, 0xfe, 0x06, 0xc3, 0x22, 0xe7, 0xfa, 0xbf, 0x48, 0x17, 0xab, 0xc5,
+    0x28, 0x82, 0xc1, 0xdd, 0x71, 0xc9, 0xd2, 0xd6, 0x24, 0x20, 0x55, 0x3a, 0x2f, 0xc0, 0x93, 0x04,
+    0xb7, 0x73, 0x6c, 0x4c, 0x02, 0xf6, 0xde, 0x93, 0x60, 0x2d, 0x62, 0x87, 0xbf, 0xee, 0x06, 0x4d,
+    0x55, 0x46, 0xf0, 0x2a, 0x45, 0xe1, 0xec, 0x05, 0xad, 0x44, 0xe8, 0xe2, 0x82, 0x5b, 0xcf, 0xe9,
+    0xd0, 0x22, 0xe9, 0x6f, 0x30, 0x07, 0x41, 0x36, 0x49, 0x3e, 0x79, 0x15, 0x10, 0x84, 0x50, 0x77,
+    0xaf, 0x0d, 0x92, 0x07, 0x2d, 0xb1, 0x90, 0x60, 0x7c, 0x8c, 0x51, 0x91, 0x1b, 0xae, 0x77, 0xf0,
+    0x62, 0xd0, 0x34, 0x70, 0x95, 0x41, 0x14, 0xcf, 0xcc, 0x17, 0x59, 0x04, 0x73, 0x72, 0x7c, 0xdb,
+    0xf7, 0xe0, 0x38, 0x47, 0x6b, 0xdd, 0xcd, 0x5e, 0x81, 0x12, 0xea, 0x56, 0x98, 0x6c, 0xbd, 0x93,
+    0xef, 0x9e, 0xc6, 0x0c, 0x44, 0x9a, 0x83, 0xad, 0x9d, 0xb3, 0xd9, 0x40, 0x3c, 0x2c, 0xcc, 0x2e,
+    0xb3, 0x66, 0xf8, 0xb1, 0x50, 0x09, 0xc3, 0x5a, 0xdb, 0x42, 0x8b, 0x3f, 0x30, 0x4f, 0xf0, 0x99,
+    0x2e, 0x7c, 0x1f, 0xbf, 0x0a, 0xa8, 0x20, 0x9a, 0x23, 0x99, 0x29, 0xde, 0x06, 0xd0, 0x1e, 0xba,
+    0x96, 0x4f, 0x63, 0x06, 0x22, 0x4d, 0xa0, 0xb7, 0xaf, 0xb8, 0x8d, 0x20, 0x1e, 0x16, 0x66, 0x17,
+    0x1f, 0x14, 0x05, 0x87, 0xa1, 0x69, 0x2a, 0x1c, 0x45, 0x73, 0xe4, 0xdc, 0xde, 0xe9, 0x20, 0x36,
+    0xa5, 0xcc, 0x33, 0xa1, 0xa0, 0x12, 0x45, 0xb4, 0x75, 0x84, 0xd5, 0x7e, 0x60, 0x9e, 0x23, 0xf1,
+    0x24, 0xbd, 0xbe, 0x19, 0x87, 0x0b, 0xf5, 0x4e, 0x2a, 0x91, 0xad, 0x31, 0x7d, 0xe0, 0x4a, 0xbb,
+    0x88, 0xcf, 0x43, 0x2f, 0x76, 0x6b, 0x1c, 0x08, 0xb4, 0xa0, 0xc2, 0xd2, 0x93, 0x46, 0x9a, 0x14,
+    0xfe, 0x5e, 0xf6, 0xd0, 0x3a, 0xaf, 0x61, 0xac, 0x6a, 0xa7, 0x50, 0xcb, 0x16, 0x54, 0x4e, 0xcd,
+    0x03, 0x7f, 0x6f, 0x31, 0xdc, 0xd1, 0x79, 0x26, 0xe2, 0xbd, 0x3e, 0x72, 0xf5, 0x08, 0xa7, 0x5f,
+    0x86, 0x1b, 0x76, 0x74, 0xa9, 0x37, 0xd4, 0x15, 0x06, 0xc7, 0xaf, 0x85, 0x67, 0xd7, 0x38, 0xc1,
+    0xf5, 0x0b, 0x72, 0xd8, 0x42, 0x43, 0x22, 0xdb, 0x3d, 0xc4, 0x7f, 0x0a, 0x3e, 0xdd, 0xc6, 0xf9,
+    0xf0, 0x8a, 0xc3, 0x8b, 0xe5, 0xf3, 0xa9, 0xb1, 0xd8, 0xc0, 0x3d, 0x9c, 0xe2, 0xc5, 0xec, 0x18,
+    0x64, 0x2e, 0xea, 0x12, 0xee, 0x20, 0xe6, 0x83, 0xcb, 0xae, 0x25, 0xe0, 0x5a, 0x62, 0xf1, 0x65,
+    0x21, 0x3c, 0x0f, 0x4a, 0x20, 0xbb, 0x7e, 0x24, 0xcf, 0x95, 0xef, 0xa7, 0xa1, 0xf8, 0x60, 0x5a,
+    0x1b, 0x01, 0x91, 0x7a, 0xf3, 0x96, 0x37, 0xd5, 0xfe, 0x1c, 0x0d, 0x64, 0x51, 0x48, 0xd6, 0xe2,
+    0x1d, 0xff, 0x4f, 0x18, 0x88, 0xf7, 0xc5, 0x99, 0xf9, 0xa5, 0x71, 0x80, 0x78, 0x58, 0x5b, 0x5c,
+    0x69, 0x85, 0xb0, 0x78, 0xed, 0xad, 0x57, 0xb8, 0x9b, 0x74, 0x76, 0xc5, 0x5b, 0xfb, 0xf4, 0xef,
+    0x89, 0x5b, 0x66, 0x81, 0x83, 0x24, 0x8a, 0xab, 0xea, 0xcb, 0x69, 0xfc, 0xc0, 0xff, 0x46, 0x21,
+    0x43, 0xec, 0x3b, 0x3a, 0xb5, 0xfa, 0x6a, 0xeb, 0x03, 0x82, 0xb6, 0xa3, 0xd2, 0x8a, 0x1c, 0x81,
+    0xd8, 0x08, 0x02, 0x56, 0x94, 0x3a, 0x7b, 0x67, 0xfc, 0xe0, 0x68, 0xa6, 0xcd, 0x05, 0x7f, 0x1c,
+    0x5b, 0x92, 0xc5, 0x71, 0x9a, 0xbd, 0x24, 0x18, 0x1f, 0x23, 0x85, 0xb5, 0x76, 0xca, 0x6d, 0x3c,
+    0xd1, 0xb6, 0xcc, 0xc1, 0xc5, 0x48, 0xd7, 0x95, 0x17, 0x55, 0xd2, 0x3b, 0x43, 0x3d, 0x8c, 0x42,
+    0x07, 0x6a, 0xfb, 0xcc, 0x8e, 0x2e, 0x64, 0xef, 0x59, 0xd2, 0xd7, 0xca, 0x7a, 0xa9, 0x51, 0x8b,
+    0x0a, 0xc1, 0xa1, 0xa6, 0x8d, 0xa3, 0xd5, 0xd4, 0x09, 0x08, 0x84, 0xef, 0x7b, 0x30, 0x54, 0x01,
+    0x25, 0x29, 0x9b, 0xb7, 0x72, 0x44, 0x63, 0xed, 0x74, 0xfa, 0x06, 0x1f, 0x2e, 0x59, 0x96, 0x8e,
+    0xa3, 0x32, 0xed, 0xc3, 0xdb, 0x73, 0xb7, 0xf8, 0x72, 0x3d, 0xa9, 0x9a, 0x49, 0x8e, 0xae, 0x4f,
+    0x22, 0x43, 0x60, 0x7b, 0xfc, 0x6a, 0x07, 0x02, 0x2d, 0x28, 0xd1, 0xd5, 0x54, 0xf0, 0xc7, 0x05,
+    0x61, 0xaf, 0x5b, 0x41, 0x49, 0x90, 0x6d, 0xe9, 0x2e, 0xaa, 0x67, 0x76, 0x86, 0x7a, 0xdb, 0x84,
+    0x14, 0x41, 0x81, 0x8f, 0xd9, 0x85, 0x69, 0x6b, 0x12, 0x10, 0xcb, 0x1d, 0xf6, 0x60, 0xa8, 0x02,
+    0xa6, 0xb3, 0x5c, 0x90, 0x7c, 0xc3, 0x3c, 0x92, 0x97, 0x39, 0xeb, 0x0c, 0x95, 0x96, 0x84, 0xae,
+    0x11, 0xc0, 0x30, 0xdc, 0x7e, 0x35, 0xe2, 0x01, 0xf7, 0x14, 0x89, 0x8b, 0x2a, 0x78, 0x82, 0xe3,
+    0x02, 0xeb, 0x4a, 0x9f, 0x29, 0x9e, 0xef, 0x85, 0xbc, 0xd6, 0x95, 0x5c, 0xa6, 0xb1, 0x7b, 0x6a,
+    0x2f, 0xe8, 0x3a, 0x11, 0xff, 0xe7, 0xb6, 0x39, 0x7d, 0xf2, 0x82, 0xf0, 0x55, 0x69, 0xc2, 0x8f,
+    0xca, 0xb7, 0x5d, 0xbb, 0x36, 0xde, 0xe0, 0x40, 0xe9, 0x49, 0xdf, 0x5f, 0x12, 0x75, 0x5a, 0xa0,
+    0x3c, 0xc3, 0x40, 0x52, 0xa8, 0x4c, 0xbb, 0xbd, 0x36, 0x30, 0x9e, 0x27, 0xd9, 0xa0, 0x3b, 0x06,
+    0x4e, 0x47, 0x61, 0x50, 0xb6, 0x77, 0xdb, 0xd0, 0x53, 0x58, 0xe5, 0x86, 0xd3, 0x13, 0x19, 0x0b,
+    0x7d, 0xc4, 0x31, 0xf7, 0x34, 0x28, 0x3e, 0xd3, 0x89, 0x64, 0xbd, 0xd8, 0xad, 0x9b, 0x5c, 0xed,
+    0xb9, 0xa7, 0x59, 0x17, 0xdd, 0xaa, 0x16, 0x8e, 0xd2, 0x4a, 0x0f, 0xd0, 0x4b, 0x7f, 0xa4, 0x98,
+    0x80, 0xe5, 0xa8, 0x16, 0xd2, 0x56, 0x26, 0x59, 0x01, 0x7e, 0xd3, 0x61, 0x4e, 0xc7, 0xb5, 0x7f,
+    0x04, 0x15, 0x94, 0xfd, 0x52, 0xff, 0x1d, 0xc9, 0xbb, 0x6f, 0xe9, 0xb8, 0x8f, 0xa1, 0xf6, 0xd4,
+    0x32, 0x17, 0x75, 0x09, 0x77, 0x10, 0x73, 0xa0, 0x84, 0x57, 0xf3, 0x70, 0x2d, 0x31, 0x99, 0xd3,
+    0xc6, 0x88, 0x22, 0x7f, 0xc0, 0x1c, 0xc7, 0xd8, 0xe7, 0xf8, 0x27, 0x54, 0x40, 0x55, 0x83, 0x1f,
+    0x41, 0x07, 0x71, 0xa5, 0x9c, 0x64, 0x85, 0x6e, 0xbf, 0x54, 0x23, 0xff, 0x74, 0x3b, 0x67, 0xeb,
+    0x0b, 0x55, 0x84, 0x08, 0x78, 0xec, 0x43, 0x77, 0x57, 0x63, 0x2f, 0xc1, 0x28, 0x89, 0x88, 0x34,
+    0xfb, 0xdf, 0x47, 0x83, 0x9d, 0x1f, 0xea, 0xc6, 0x8f, 0xa3, 0x12, 0x5d, 0xca, 0x4c, 0x64, 0x2c,
+    0x6f, 0x7b, 0x6e, 0x1a, 0x96, 0xcc, 0xa5, 0xf4, 0x9c, 0xcd, 0x0a, 0x21, 0x72, 0xeb, 0x79, 0x51,
+    0x4b, 0xc6, 0xd0, 0x03, 0x11, 0xc7, 0x50, 0xba, 0xb6, 0x5c, 0xa7, 0x10, 0x0f, 0x0b, 0x33, 0xea,
+    0xdc, 0x1d, 0x96, 0xab, 0xc6, 0xc5, 0x66, 0xae, 0x47, 0x8f, 0x81, 0x1e, 0x42, 0xa4, 0x89, 0xc8,
+    0x95, 0x30, 0x0c, 0x37, 0xfe, 0x9c, 0xd9, 0x91, 0x4d, 0x05, 0xb3, 0x52, 0xeb, 0x1e, 0xc1, 0x48,
+    0x84, 0xf0, 0x3c, 0xeb, 0x80, 0xa9, 0x3b, 0x90, 0xba, 0x11, 0x3a, 0xd9, 0xc1, 0x66, 0x43, 0xab,
+    0xbb, 0x4c, 0x13, 0x88, 0xf4, 0x34, 0xf9, 0x0b, 0x6e, 0x9c, 0x9a, 0x8c, 0xed, 0xce, 0xdf, 0xf2,
+    0xc7, 0x1c, 0x07, 0xd1, 0x35, 0x53, 0x51, 0x7b, 0xb9, 0x93, 0x8c, 0x7a, 0x13, 0xec, 0x5f, 0x2a,
+    0x16, 0xaa, 0xcb, 0x10, 0xf0, 0x1b, 0x86, 0xee, 0xae, 0xc6, 0x5e, 0x41, 0x50, 0xd1, 0xd3, 0x68,
+    0xde, 0xf6, 0xdc, 0x34, 0xef, 0x5b, 0x89, 0x2b, 0xfb, 0x59, 0x14, 0x42, 0xe4, 0x15, 0xf2, 0xa2,
+    0xdd, 0x89, 0xb3, 0x05, 0x33, 0x8a, 0xf0, 0x0d, 0x19, 0xe4, 0x2a, 0x30, 0x11, 0x1d, 0x55, 0xfd,
+    0x67, 0x51, 0x85, 0x23, 0x32, 0xf1, 0x9f, 0xa5, 0x29, 0x13, 0x1b, 0x92, 0xaf, 0x6a, 0x56, 0x3a,
+    0xe0, 0xde, 0xd6, 0xf9, 0x6e, 0x89, 0xdd, 0x13, 0x71, 0xbf, 0x1f, 0x39, 0x9b, 0x04, 0xb2, 0xce,
+    0xf4, 0x9f, 0x57, 0x76, 0xb7, 0x0c, 0xb4, 0x78, 0x63, 0xaf, 0xd4, 0x24, 0x6d, 0x64, 0x1a, 0xcc,
+    0x48, 0xb9, 0xbf, 0x32, 0xcd, 0x16, 0x29, 0x9c, 0x54, 0xe1, 0x99, 0x62, 0xfa, 0x03, 0x94, 0xb5,
+    0xe6, 0x20, 0x08, 0x9b, 0x15, 0xe8, 0x2f, 0x5f, 0x76, 0x06, 0x63, 0xdd, 0xb2, 0x14, 0x3f, 0x70,
+    0x6c, 0x04, 0x01, 0x2b, 0x4a, 0x1d, 0xdc, 0xd2, 0x7e, 0x70, 0x34, 0x53, 0x87, 0xe3, 0xde, 0x0e,
+    0x59, 0x79, 0x8f, 0xee, 0xb3, 0x23, 0xcb, 0x9d, 0xa3, 0xf5, 0x10, 0xe9, 0xd0, 0x7b, 0x16, 0x56,
+    0x50, 0xc7, 0x41, 0x79, 0xe2, 0x51, 0x67, 0x6f, 0x48, 0x40, 0xaa, 0x74, 0x5e, 0x43, 0xe5, 0x08,
+    0x78, 0x45, 0x80, 0xa4, 0x93, 0x98, 0xb5, 0xb9, 0x6c, 0x60, 0xff, 0x4e, 0x71, 0x83, 0x76, 0x0c,
+    0xda, 0xe3, 0x48, 0xc9, 0xbd, 0xa4, 0x94, 0xe2, 0x40, 0x36, 0xfd, 0xfa, 0x6b, 0xb4, 0x04, 0x76,
+    0xb4, 0x0c, 0x03, 0x7d, 0xde, 0x27, 0xa7, 0xb5, 0x82, 0x90, 0x5c, 0xf5, 0x4a, 0xe6, 0xa1, 0x12,
+    0x0c, 0x3f, 0x7f, 0xc4, 0xf6, 0xc2, 0x27, 0x98, 0x0e, 0xb1, 0xf8, 0x0b, 0x52, 0x20, 0xd9, 0xbf,
+    0xf2, 0x61, 0x89, 0x14, 0xcc, 0x6d, 0x46, 0x34, 0x64, 0x16, 0xa8, 0xc0, 0x44, 0x74, 0x97, 0x72,
+    0xbe, 0xcd, 0xa2, 0xdb, 0x53, 0x84, 0x72, 0x61, 0x8b, 0x98, 0xd8, 0x1a, 0x31, 0xd6, 0xf5, 0x13,
+    0xf3, 0xf5, 0xac, 0xba, 0x39, 0x22, 0xd0, 0x97, 0x3a, 0x7d, 0x03, 0xee, 0x17, 0xcd, 0x4b, 0x47,
+    0x91, 0x25, 0x98, 0xca, 0xac, 0x63, 0xc4, 0x58, 0xf6, 0x6a, 0x5a, 0xea, 0x64, 0xbf, 0x37, 0x9c,
+    0x5c, 0xf8, 0x3e, 0xbd, 0x14, 0x93, 0x40, 0xf7, 0x46, 0xf1, 0x52, 0x7f, 0x0c, 0x63, 0x3c, 0xb7,
+    0x17, 0x3e, 0xee, 0xbe, 0x05, 0x54, 0x10, 0x4d, 0xf0, 0xad, 0xf5, 0x6f, 0x03, 0x68, 0x0f, 0x5d,
+    0x7f, 0x2f, 0x7b, 0x68, 0x1d, 0xb6, 0xd1, 0x56, 0x35, 0xb2, 0x28, 0x84, 0x0b, 0x2a, 0x27, 0x87,
+    0x82, 0x0e, 0xe2, 0x89, 0xfb, 0xc8, 0xc9, 0xdc, 0xbd, 0xa8, 0x46, 0x3d, 0xe8, 0x76, 0xce, 0x15,
+    0xc0, 0x76, 0xfc, 0x1d, 0xbb, 0x7d, 0x35, 0x94, 0xe0, 0x41, 0x5b, 0xb0, 0x69, 0x45, 0x0e, 0xa1,
+    0xd5, 0xa3, 0x58, 0x3c, 0x97, 0xb7, 0xca, 0x5c, 0xac, 0x3a, 0x3b, 0x83, 0xcc, 0x9c, 0x7a, 0x96,
+    0xd9, 0x9c, 0x27, 0xf8, 0x61, 0x75, 0xed, 0xc4, 0xa2, 0x8b, 0xc3, 0x88, 0x9e, 0xbc, 0xa3, 0x29,
+    0xa0, 0x4d, 0x82, 0xf2, 0x07, 0xa2, 0xce, 0xde, 0x90, 0x80, 0x97, 0xe8, 0xbc, 0x86, 0x09, 0x10,
+    0xa8, 0x67, 0x69, 0xcb, 0xa3, 0x9f, 0xf4, 0x8f, 0x25, 0x5e, 0x86, 0x5b, 0x61, 0x07, 0x26, 0x7b,
+    0xad, 0xe6, 0xd8, 0x98, 0x04, 0x2f, 0x7f, 0xe5, 0xc0, 0x5a, 0xc4, 0xcd, 0xbd, 0x1f, 0x0c, 0x9a,
+    0xba, 0xd8, 0x36, 0x26, 0x01, 0x7b, 0x6f, 0xa8, 0x30, 0xf7, 0x31, 0xa2, 0xbe, 0x77, 0x03, 0xc7,
+    0xb1, 0x8d, 0xb2, 0x2e, 0x79, 0x97, 0x2c, 0xdf, 0x67, 0x94, 0x1e, 0x63, 0x96, 0xfe, 0x8b, 0xf3,
+    0xe3, 0xa1, 0xb9, 0xc8, 0xb2, 0x58, 0xa4, 0x35, 0x93, 0x02, 0x21, 0x4b, 0x6e, 0x0c, 0x15, 0x91,
+    0xb6, 0xe7, 0x49, 0xe2, 0xf7, 0xb9, 0x48, 0x30, 0x3e, 0x46, 0xc9, 0xa9, 0xec, 0x57, 0xda, 0x78,
+    0x20, 0xa8, 0x2a, 0xe4, 0xd5, 0xf4, 0xe8, 0x87, 0x91, 0xfe, 0x44, 0x89, 0xf2, 0x41, 0xbc, 0x6f,
+    0x9b, 0xe4, 0x39, 0x6c, 0x21, 0xc0, 0x11, 0x8c, 0xff, 0x62, 0xde, 0x05, 0x1f, 0x8f, 0x63, 0x9d,
+    0x85, 0x64, 0x19, 0x45, 0x75, 0xe6, 0xad, 0x33, 0xe4, 0x7a, 0x91, 0xf7, 0x92, 0xdf, 0x9f, 0x9e,
+    0x7e, 0xbb, 0x5e, 0xc6, 0xe8, 0xf9, 0x47, 0xf5, 0x6b, 0xd9, 0x83, 0xaa, 0x58, 0x93, 0xfb, 0xb2,
+    0x60, 0x3b, 0x7e, 0xef, 0xbc, 0xdf, 0xfb, 0x4a, 0x70, 0xc1, 0xcc, 0x58, 0xd5, 0xc3, 0x07, 0xb1,
+    0x37, 0x96, 0xc4, 0x5a, 0xd0, 0xa0, 0xf8, 0xca, 0x61, 0x53, 0xb1, 0xe6, 0xf1, 0x29, 0xb3, 0x32,
+    0xc4, 0x63, 0x68, 0xe0, 0xe9, 0x82, 0x28, 0x5d, 0x5b, 0x2e, 0xb2, 0x08, 0xe6, 0xe4, 0xf8, 0x75,
+    0xfa, 0x4b, 0x62, 0x2d, 0x68, 0x50, 0x7c, 0x65, 0xd1, 0xc8, 0xb9, 0x73, 0x99, 0xf5, 0xb8, 0x19,
+    0x51, 0x53, 0x64, 0xd7, 0x17, 0x1e, 0xf1, 0xcc, 0x16, 0x2b, 0x01, 0x5a, 0x0d, 0xfa, 0x39, 0x3d,
+    0xc9, 0xc8, 0x32, 0x8a, 0xea, 0x0f, 0x99, 0x66, 0x0b, 0xf4, 0xe1, 0x2d, 0xe7, 0x7d, 0xfd, 0xff,
+    0x01, 0x94, 0x25, 0xae, 0xf5, 0x4f, 0x96, 0xa3, 0x5e, 0x6b, 0xab, 0x2e, 0x53, 0xb9, 0xdc, 0x35,
+    0x0d, 0xab, 0x5a, 0x6a, 0x03, 0x8d, 0xb1, 0x3b, 0x50, 0xda, 0x53, 0x25, 0x01, 0x99, 0x05, 0x8a,
+    0x8a, 0x24, 0x09, 0xb0, 0x5f, 0xf5, 0xf3, 0x8d, 0x08, 0x76, 0x57, 0x8e, 0x35, 0xf7, 0xe1, 0x7e,
+    0x34, 0xe9, 0xab, 0x6b, 0x0c, 0x71, 0x81, 0xec, 0x83, 0xee, 0x8f, 0x94, 0x04, 0x21, 0x14, 0x6d,
+    0x4d, 0x38, 0x0e, 0x61, 0x6a, 0xa6, 0xa2, 0xf6, 0xb1, 0xe5, 0xdb, 0xf4, 0x26, 0x1b, 0xbe, 0x54,
+    0xb0, 0x19, 0x97, 0x80, 0x8c, 0xd8, 0xba, 0x7c, 0x39, 0xff, 0xb5, 0x4d, 0xc5, 0x47, 0x57, 0xc6,
+    0x49, 0x2d, 0x9a, 0x9c, 0x38, 0x59, 0xbf, 0x3f, 0x0a, 0x8a, 0x32, 0x4c, 0xa9, 0xba, 0x48, 0x80,
+    0x92, 0x5a, 0xf7, 0xfb, 0x70, 0xb2, 0xbd, 0x7e, 0x14, 0xd7, 0x64, 0x98, 0x91, 0xb7, 0x90, 0xc3,
+    0x18, 0x7e, 0xfe, 0x4b, 0x2f, 0x47, 0x4e, 0xf3, 0x1c, 0xa1, 0x33, 0x16, 0xa4, 0x40, 0x71, 0xbd,
+    0x72, 0x84, 0x21, 0x02, 0x1e, 0x3b, 0x60, 0x6d, 0x65, 0x68, 0x7b, 0xa1, 0x0a, 0xb3, 0x22, 0x0d,
+    0x53, 0xb8, 0x2e, 0x48, 0x3e, 0x80, 0x1e, 0x49, 0xaa, 0xfd, 0x94, 0x06, 0xab, 0x4b, 0x42, 0x57,
+    0x4a, 0x52, 0xf5, 0xad, 0xe4, 0x88, 0xc6, 0x19, 0xe8, 0x37, 0x0c, 0x3e, 0x5c, 0xb2, 0xef, 0xdf,
+    0x8d, 0x4e, 0xf2, 0x7c, 0xd1, 0xdb, 0x97, 0x62, 0x51, 0xa4, 0x80, 0x44, 0x4f, 0x5e, 0xb0, 0xf5,
+    0xab, 0x18, 0x06, 0xfa, 0x7f, 0x4e, 0x8d, 0xa9, 0xc7, 0xe3, 0xb8, 0x29, 0x94, 0x0f, 0x81, 0x24,
+    0x90, 0xb1, 0xbd, 0x64, 0x59, 0x2c, 0x52, 0xfb, 0xa8, 0x01, 0xf1, 0xc4, 0x37, 0x06, 0xeb, 0xa9,
+    0x4f, 0xd3, 0x44, 0xfe, 0x43, 0x38, 0x4d, 0x73, 0x0d, 0x33, 0x4e, 0xa8, 0x80, 0xaa, 0xc5, 0x3e,
+    0x9a, 0x70, 0x1c, 0xc2, 0xd4, 0x8f, 0x87, 0x2f, 0xa1, 0x09, 0x75, 0x2b, 0x4c, 0x36, 0xbf, 0xa8,
+    0xdb, 0x77, 0x6d, 0x67, 0x48, 0xeb, 0x02, 0x41, 0x1e, 0x5d, 0x56, 0xd4, 0x38, 0x0d, 0xd8, 0x43,
+    0xd6, 0xdc, 0x37, 0x0d, 0x4b, 0x66, 0xb3, 0x7a, 0x4e, 0x87, 0x05, 0xf1, 0x39, 0x94, 0xdd, 0xc9,
+    0x1a, 0x95, 0xb4, 0xd4, 0x06, 0xd9, 0xa1, 0x76, 0xa0, 0x77, 0xa6, 0x4a, 0x02, 0xf1, 0x0a, 0xd7,
+    0xbc, 0x26, 0xe8, 0x44, 0x7a, 0x1a, 0x9d, 0xe4, 0x37, 0x4e, 0x4d, 0x46, 0x97, 0x67, 0x8e, 0x79,
+    0x10, 0x54, 0x15, 0x72, 0x8b, 0x7a, 0x74, 0xa2, 0xa9, 0x7f, 0x22, 0xa5, 0x79, 0xc1, 0x5e, 0xd6,
+    0x93, 0xce, 0xd2, 0x55, 0x85, 0xfd, 0x2b, 0xdd, 0x4a, 0xbc, 0xcf, 0xb6, 0xc2, 0x0e, 0x4c, 0xf6,
+    0x9e, 0x65, 0x88, 0x3f, 0x86, 0x70, 0x9a, 0xe6, 0x1a, 0x66, 0x9c, 0x93, 0xc3, 0x97, 0x49, 0x7c,
+    0x97, 0xdb, 0x46, 0xa8, 0xd7, 0x02, 0x36, 0x14, 0xf1, 0xd3, 0x26, 0x0e, 0x4d, 0xaf, 0xba, 0x22,
+    0x30, 0xfc, 0x3f, 0x96, 0x5e, 0x8e, 0x9c, 0x25, 0x38, 0x81, 0x66, 0x2c, 0x8b, 0x80, 0xe2, 0xb9,
+    0x1e, 0x80, 0x20, 0x29, 0x54, 0x26, 0xbc, 0xbf, 0x1b, 0x18, 0x4f, 0xf2, 0x8d, 0x50, 0xfc, 0x03,
+    0x0f, 0x40, 0x10, 0xf5, 0x2a, 0x13, 0x5e, 0xbe, 0xec, 0x0c, 0xc6, 0x79, 0xa7, 0x28, 0x7e, 0xe0,
+    0x66, 0xc5, 0xa0, 0x8d, 0xc7, 0xbe, 0x09, 0x06, 0x77, 0x78, 0xb0, 0xbc, 0xfc, 0xd3, 0x8a, 0x0f,
+    0x77, 0x05, 0x90, 0x51, 0xb9, 0x8b, 0xeb, 0x07, 0x80, 0x6c, 0x39, 0x37, 0xd6, 0xab, 0x08, 0xec,
+    0x40, 0x93, 0x54, 0x0b, 0x69, 0x2b, 0x13, 0xcd, 0xe1, 0x3f, 0x88, 0xd1, 0x27, 0x82, 0xbb, 0xde,
+    0xa2, 0xa6, 0xc8, 0x6d, 0x2e, 0x3c, 0x21, 0x5b, 0x2c, 0x56, 0x02, 0xb4, 0x1a, 0x37, 0x72, 0x7a,
+    0xc1, 0xe2, 0xd9, 0xb3, 0x4e, 0x32, 0xa3, 0x37, 0xbe, 0x2a, 0xf0, 0x9e, 0x3a, 0xfc, 0xd2, 0x94,
+    0x6a, 0xfa, 0xdf, 0x49, 0x31, 0x7c, 0x2e, 0x9e, 0x79, 0xc9, 0x48, 0xb7, 0xae, 0xf3, 0x53, 0xb0,
+    0x12, 0xbf, 0x5f, 0xed, 0xa2, 0xe4, 0x9b, 0x27, 0x15, 0xa9, 0xb7, 0xf9, 0xdf, 0x70, 0x25, 0xbc,
+    0x54, 0xd2, 0xd5, 0x84, 0xb0, 0xae, 0x7a, 0xa6, 0xf3, 0x2f, 0x43, 0xcc, 0xd1, 0xe2, 0x13, 0xdc,
+    0x5f, 0x87, 0x51, 0x8c, 0xc8, 0x42, 0x39, 0xd1, 0xa4, 0x4c, 0x6c, 0x0d, 0xf9, 0x6b, 0x9b, 0xe8,
+    0xd3, 0x5d, 0x86, 0x5e, 0xec, 0xd6, 0x38, 0x10, 0xab, 0x83, 0x47, 0x67, 0xe5, 0x8c, 0xf7, 0x28,
+    0x65, 0xba, 0xcf, 0xbc, 0x1b, 0x6f, 0x70, 0x20, 0x95, 0xc5, 0x8e, 0xce, 0x09, 0xdb, 0x2d, 0x50,
+    0xa9, 0xf3, 0x4c, 0x65, 0x56, 0xd0, 0x62, 0x2c, 0x7b, 0x35, 0x2d, 0x75, 0x32, 0xbe, 0xfa, 0x4e,
+    0x3d, 0x57, 0x65, 0xfc, 0x5d, 0x03, 0x2d, 0x1e, 0x68, 0x5b, 0x35, 0x09, 0x8a, 0x19, 0xe7, 0x33,
+    0x44, 0x86, 0xc0, 0xf6, 0x3b, 0xd4, 0x0e, 0x04, 0x5a, 0x50, 0x61, 0x69, 0xa8, 0x23, 0x4d, 0x0a,
+    0x81, 0x71, 0x8d, 0xb8, 0x27, 0x19, 0xb0, 0xfa, 0x5f, 0x15, 0x78, 0x4f, 0x1d, 0x7e, 0x69, 0x4a,
+    0xfc, 0xb5, 0xbc, 0x4f, 0x13, 0x31, 0x8e, 0x29, 0xd6, 0x71, 0xc5, 0x97, 0xb0, 0xe5, 0x35, 0xa7,
+    0xdf, 0x62, 0xf9, 0x9a, 0x1a, 0x14, 0x1f, 0x88, 0xa5, 0x32, 0xbf, 0x6c, 0xb7, 0xac, 0x2e, 0x97,
+    0x46, 0x6d, 0x8a, 0x69, 0x12, 0x4a, 0xe1, 0x81, 0xe6, 0x86, 0xf4, 0x35, 0x0e, 0x92, 0x36, 0x60,
+    0xf8, 0xa0, 0x28, 0xb2, 0x41, 0xce, 0x93, 0xe0, 0x6d, 0x1e, 0x2c, 0x2f, 0x3f, 0x44, 0xc3, 0x73,
+    0xcc, 0x49, 0x83, 0xd9, 0x4d, 0xbf, 0x12, 0x0c, 0xee, 0xf0, 0xa3, 0xbb, 0x3b, 0x65, 0xd7, 0x1e,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x52, 0x2c, 0x0b, 0xe6, 0xcb, 0xcf, 0x88, 0xea, 0xf4, 0x96, 0x3f, 0x28, 0xf8, 0xf2, 0x9e, 0x62,
+    0xed, 0x75, 0x8c, 0x93, 0x6d, 0x04, 0x6c, 0x28, 0x21, 0x65, 0x4c, 0x1c, 0x9a, 0x9d, 0xb7, 0x44,
+    0xe4, 0xcb, 0x42, 0x04, 0x3c, 0x76, 0xc0, 0xda, 0xca, 0xd0, 0xf6, 0x81, 0x14, 0xa5, 0x44, 0x1a,
+    0x3a, 0x3d, 0x9e, 0x30, 0xd3, 0x2d, 0x49, 0xf1, 0x31, 0x89, 0xe2, 0xc3, 0xf0, 0xb0, 0xb6, 0xb8,
+    0x73, 0x10, 0x04, 0xac, 0xeb, 0x74, 0xf6, 0xce, 0x3b, 0x03, 0xd0, 0x8f, 0x59, 0x0a, 0xfe, 0x38,
+    0x5d, 0x6c, 0x1b, 0x13, 0xe1, 0xdc, 0xd6, 0x54, 0x18, 0x9a, 0xf9, 0x51, 0x5f, 0xda, 0xe0, 0x82,
+    0x6e, 0xef, 0x4b, 0xb4, 0x63, 0x83, 0x33, 0x57, 0xc2, 0xa6, 0xa1, 0x0f, 0x21, 0x52, 0xa5, 0x64,
+    0x8f, 0xa5, 0xb8, 0xe3, 0xf8, 0x45, 0x78, 0xe7, 0xed, 0x72, 0x15, 0x18, 0xe9, 0xef, 0xcb, 0x9f,
+    0xbf, 0x59, 0x87, 0x75, 0xa6, 0xcb, 0xe4, 0xc2, 0xd5, 0xf3, 0x73, 0x34, 0x62, 0x6f, 0x29, 0x26,
+    0xcf, 0x36, 0xec, 0xe8, 0x91, 0x6e, 0x6b, 0x2a, 0x0c, 0x4d, 0x9d, 0xc9, 0xce, 0x6d, 0x70, 0x41,
+    0xb8, 0x33, 0x7c, 0xb9, 0x28, 0xe5, 0x80, 0x2d, 0x8c, 0x21, 0xa4, 0xfe, 0x18, 0xc6, 0x78, 0xad,
+    0xe7, 0xb4, 0x2d, 0x35, 0xe0, 0xa7, 0xb9, 0xfc, 0x28, 0x6d, 0xc8, 0xf3, 0xe1, 0xad, 0xe3, 0x45,
+    0xf9, 0x34, 0x0d, 0x1c, 0xb4, 0x81, 0x05, 0x43, 0x33, 0x75, 0x87, 0x01, 0x6c, 0xfd, 0x1f, 0x46,
+    0xfd, 0x21, 0x99, 0xe1, 0xe6, 0x7e, 0x18, 0x8a, 0x88, 0x1a, 0x6e, 0xb9, 0xe3, 0x5c, 0xe9, 0x92,
+    0xb5, 0x98, 0x26, 0xd3, 0x2b, 0x68, 0x31, 0x16, 0xdc, 0xfb, 0xf7, 0xdb, 0x19, 0x5f, 0x7d, 0x27,
+    0x09, 0xbe, 0xce, 0x97, 0x51, 0x72, 0xac, 0xf2, 0xeb, 0xb5, 0xba, 0x9d, 0x8e, 0x38, 0xf3, 0x5e,
+    0x47, 0xf9, 0xaf, 0xc7, 0xe7, 0x05, 0x77, 0x22, 0xb8, 0xed, 0x5f, 0x1b, 0x5d, 0x2b, 0xea, 0x55,
+    0xe5, 0x5f, 0x67, 0xaa, 0xc9, 0x39, 0x56, 0x79, 0x94, 0xbb, 0x5d, 0xaf, 0x47, 0x1c, 0x98, 0x2f,
+    0x31, 0x68, 0x1a, 0x38, 0xab, 0xc1, 0x0a, 0x86, 0x66, 0xea, 0xcd, 0x02, 0xd8, 0x39, 0x3e, 0x8c,
+    0xd4, 0x37, 0x7d, 0x92, 0x62, 0xf8, 0x5c, 0xff, 0xf2, 0x51, 0x90, 0xad, 0x9f, 0x25, 0xa6, 0xa3,
+    0xe8, 0xf4, 0x3d, 0xc0, 0xca, 0xb4, 0xe7, 0x42, 0xc4, 0x61, 0x0e, 0x8a, 0x46, 0x85, 0x9d, 0xa5,
+    0x94, 0xa4, 0x29, 0x99, 0x0b, 0xd3, 0x4f, 0x32, 0x13, 0x6e, 0x18, 0x7c, 0xb8, 0xa7, 0x1d, 0x7d,
+    0x1c, 0x6b, 0x6a, 0xb6, 0x7d, 0xb8, 0x53, 0x3a, 0xa7, 0xce, 0xda, 0xae, 0x2b, 0xe1, 0x87, 0x69,
+    0x0e, 0xd4, 0x35, 0x5b, 0xdf, 0x5c, 0xc8, 0x1d, 0xb2, 0x67, 0x6d, 0x57, 0xf4, 0x91, 0xa2, 0xd5,
+    0xcb, 0x23, 0x78, 0x15, 0xc3, 0x91, 0x76, 0xe3, 0xb7, 0x22, 0x74, 0x71, 0x41, 0xcc, 0x86, 0x95,
+    0x6d, 0x90, 0x24, 0x85, 0xbf, 0x52, 0x4a, 0x71, 0x20, 0x1b, 0x9f, 0x7d, 0xd4, 0x5a, 0x02, 0x3b,
+    0x36, 0x02, 0xe1, 0xf4, 0x25, 0xef, 0x6e, 0x69, 0x3f, 0x38, 0x1a, 0xc8, 0xa2, 0x90, 0x6f, 0x07,
+    0x35, 0x7d, 0x8e, 0xc5, 0xf9, 0x3e, 0x17, 0x4f, 0xdd, 0x85, 0x24, 0xba, 0x57, 0x98, 0xc8, 0x58,
+    0x74, 0x7a, 0xff, 0x60, 0x65, 0x5a, 0x92, 0x21, 0x62, 0xd1, 0x07, 0x45, 0x23, 0xa3, 0xaf, 0xb3,
+    0xc5, 0xf7, 0x4d, 0x4e, 0x1c, 0xcd, 0xbe, 0xfe, 0x05, 0x45, 0x19, 0x26, 0xb5, 0x5d, 0x24, 0x40,
+    0x75, 0xee, 0xda, 0xce, 0x90, 0x15, 0x04, 0x82, 0x3c, 0xba, 0xac, 0x6b, 0x70, 0x1a, 0x73, 0x86,
+    0xb2, 0xf2, 0xdd, 0x1f, 0xa5, 0x46, 0x55, 0xf9, 0x85, 0x29, 0x20, 0x11, 0x63, 0xf6, 0x2c, 0xac,
+    0xd2, 0xc9, 0xa3, 0xf0, 0x19, 0x99, 0xae, 0xb3, 0xf5, 0xe8, 0xec, 0x49, 0xb6, 0x35, 0x2b, 0x1d,
+    0x99, 0x0f, 0x73, 0xf3, 0x08, 0x5e, 0xfe, 0x09, 0x43, 0xb4, 0x4b, 0x59, 0xb9, 0x3e, 0x18, 0xf7,
+    0x23, 0xd7, 0x45, 0xd5, 0x09, 0x25, 0x91, 0xa1, 0x73, 0x43, 0x7a, 0xfb, 0x07, 0x49, 0x1b, 0x30,
+    0x15, 0xd5, 0xa4, 0x21, 0x2c, 0xca, 0xff, 0xc8, 0x4c, 0x7b, 0x60, 0x33, 0xa5, 0xd9, 0x74, 0x37,
+    0x08, 0x2a, 0xeb, 0x39, 0xa4, 0x3d, 0x3a, 0x51, 0xb5, 0xde, 0x11, 0xb3, 0xdd, 0x81, 0x2f, 0x6b,
+    0x27, 0xc2, 0xd1, 0x28, 0x5b, 0xda, 0x8c, 0x68, 0xc8, 0x2c, 0x93, 0x43, 0x88, 0xe8, 0xed, 0xe4,
+    0x19, 0xea, 0xdb, 0xe5, 0xda, 0x08, 0xd8, 0x50, 0x42, 0xca, 0x98, 0x38, 0xf7, 0xf9, 0xad, 0x88,
+    0x76, 0x91, 0xb5, 0xff, 0x4c, 0xc4, 0x7d, 0xa4, 0xde, 0x07, 0x92, 0x19, 0x85, 0x12, 0xd4, 0xd9,
+    0x39, 0x42, 0xf1, 0x01, 0x0f, 0xfc, 0x30, 0xd7, 0xd3, 0x34, 0xdc, 0xb1, 0x05, 0xb8, 0x11, 0xe7,
+    0x13, 0x2b, 0x7a, 0x43, 0x57, 0xab, 0x0d, 0x84, 0x4b, 0xc2, 0x1c, 0xd7, 0x8c, 0xc9, 0xf9, 0x89,
+    0x05, 0x81, 0xb1, 0x53, 0xa7, 0xb0, 0x8b, 0x6a, 0xe5, 0x04, 0x42, 0x96, 0xdc, 0x18, 0x2a, 0xe1,
+    0xee, 0x0a, 0xe3, 0xa2, 0xb1, 0xd5, 0x15, 0x0e, 0xc3, 0xd8, 0x72, 0x6e, 0x6f, 0x95, 0x10, 0x1b,
+    0x57, 0xad, 0xba, 0xb5, 0x6c, 0x7f, 0x03, 0x80, 0x11, 0x92, 0x7d, 0xbe, 0x24, 0xea, 0xb4, 0x83,
+    0x9f, 0xf1, 0xad, 0x91, 0x73, 0x3f, 0x0c, 0x45, 0x44, 0x0d, 0x37, 0xbd, 0x90, 0x2e, 0x95, 0x49,
+    0xbd, 0xb2, 0xcd, 0xea, 0x8f, 0x55, 0x0b, 0x47, 0x69, 0x25, 0xe6, 0x68, 0xc4, 0xde, 0x52, 0x4c,
+    0x45, 0x12, 0xe5, 0x58, 0xce, 0x9b, 0x98, 0xa7, 0x04, 0x3b, 0xca, 0x47, 0xfb, 0x9a, 0x91, 0x3f,
+    0xff, 0xca, 0xd3, 0x7e, 0xcf, 0xe0, 0xf7, 0x0f, 0x34, 0xcc, 0xfb, 0xe5, 0x45, 0xed, 0x92, 0xf8,
+    0xc3, 0x09, 0x93, 0x2c, 0x67, 0xac, 0x4c, 0xb2, 0x02, 0xfc, 0x65, 0xc2, 0x9c, 0x4d, 0xa9, 0xfe,
+    0x3b, 0xa9, 0xbb, 0x9e, 0x26, 0x62, 0xdf, 0x52, 0x6f, 0xe2, 0x49, 0xed, 0xa3, 0x09, 0x6a, 0x8d,
+    0x7b, 0x3a, 0xef, 0x95, 0x4f, 0x49, 0xcc, 0x9f, 0x8e, 0xdd, 0xc1, 0x3c, 0x84, 0x8b, 0xd1, 0x53,
+    0x8e, 0x31, 0x9d, 0x4d, 0x0d, 0x0a, 0xee, 0x44, 0xb3, 0x19, 0xbe, 0x36, 0xba, 0x56, 0x17, 0xaa,
+    0xe9, 0x60, 0x18, 0x6e, 0x3f, 0xfb, 0x71, 0xe1, 0x9a, 0x0a, 0xa5, 0xa4, 0x15, 0x3c, 0x41, 0x90,
+    0xc8, 0x5c, 0x17, 0x24, 0x1f, 0x40, 0x0f, 0xc5, 0x55, 0x9f, 0x4a, 0x03, 0xb4, 0xc4, 0x21, 0xca,
+    0x7c, 0x50, 0x14, 0x59, 0xc1, 0x67, 0xa8, 0x70, 0xd7, 0x0f, 0x16, 0xf6, 0xfe, 0x22, 0x80, 0xd8,
+    0x6b, 0x6e, 0xfa, 0xe7, 0xc4, 0x33, 0xb8, 0x3d, 0x27, 0xa2, 0xe3, 0x99, 0xfd, 0x4a, 0x8f, 0x85,
+    0x4c, 0xac, 0x2b, 0xcf, 0x9f, 0xe9, 0x34, 0x55, 0xef, 0x8e, 0x70, 0xda, 0x75, 0xa2, 0x62, 0x61,
+    0x83, 0x9a, 0xc7, 0x27, 0x0e, 0x87, 0x5f, 0x7f, 0xe3, 0xc3, 0xed, 0x13, 0xbb, 0xcf, 0x12, 0x20,
+    0xec, 0xe1, 0xa9, 0x3d, 0x98, 0x4b, 0xfa, 0x8b, 0x7f, 0x0e, 0xe7, 0x32, 0xc9, 0x24, 0x6b, 0x71,
+    0x70, 0x6f, 0x6b, 0x9d, 0x37, 0xa5, 0x8f, 0xe8, 0xd9, 0xbe, 0xee, 0xfd, 0xac, 0x02, 0x59, 0x67,
+    0xe2, 0x35, 0x9c, 0x66, 0x47, 0x17, 0x32, 0x96, 0xcd, 0x69, 0x8a, 0x65, 0x3d, 0xb5, 0xc9, 0xa4,
+    0xf1, 0x1e, 0xe6, 0x25, 0x10, 0xbc, 0x3f, 0x12, 0x86, 0xab, 0x96, 0xb2, 0xb1, 0x7c, 0x30, 0x2d,
+    0xcd, 0xdd, 0xa6, 0x77, 0xb8, 0xf0, 0x84, 0xaf, 0xb0, 0x9b, 0x08, 0x95, 0x68, 0xdc, 0x0b, 0x2b,
+    0x5a, 0x06, 0xe0, 0xdf, 0x6f, 0xf2, 0xb2, 0xbb, 0x41, 0x48, 0x2e, 0x9b, 0x25, 0x73, 0xb1, 0x09,
+    0x2b, 0xfd, 0xae, 0xec, 0xad, 0x18, 0xab, 0xf0, 0xc6, 0x9d, 0x6b, 0x48, 0xda, 0xc8, 0x34, 0x5b,
+    0xc2, 0x9d, 0xb6, 0x82, 0x92, 0xe3, 0xda, 0x11, 0x5c, 0x97, 0xce, 0xec, 0xcf, 0xf4, 0x75, 0xcb,
+    0xa7, 0x27, 0x79, 0x3e, 0x89, 0x8c, 0xaa, 0x31, 0xc9, 0x52, 0x40, 0x22, 0xc6, 0x2f, 0x58, 0x9b,
+    0xa1, 0xd9, 0xa7, 0x5c, 0xf2, 0xed, 0x58, 0x7d, 0xce, 0xeb, 0x3c, 0xc6, 0xef, 0x3f, 0xd5, 0x25,
+    0x2c, 0x97, 0x55, 0x20, 0x23, 0x36, 0xcf, 0x1f, 0x9f, 0x4f, 0xbc, 0x82, 0xa0, 0x61, 0x65, 0xd0,
+    0x06, 0xfe, 0xde, 0x62, 0x7b, 0x61, 0xf2, 0x4c, 0x07, 0xb9, 0x7c, 0xe4, 0x29, 0x10, 0x8d, 0xbe,
+    0x2d, 0x03, 0x70, 0x8e, 0xd6, 0x79, 0x59, 0xbc, 0xc1, 0x24, 0x17, 0xac, 0xf3, 0xd8, 0xb9, 0xe5,
+    0x3e, 0x28, 0x0a, 0xcd, 0x81, 0xd2, 0x54, 0x38, 0x8a, 0xe6, 0x0b, 0x7b, 0x7f, 0x11, 0x40, 0x6c,
+    0x71, 0xfb, 0x4e, 0x33, 0xc2, 0xea, 0x19, 0x4b, 0x87, 0xd5, 0x45, 0xd3, 0xff, 0xbb, 0x85, 0x52,
+    0x3f, 0xbc, 0x2f, 0x63, 0x74, 0x9d, 0xc2, 0x9b, 0xd4, 0x8d, 0xa0, 0x55, 0x2c, 0xa8, 0x9c, 0x59,
+    0xf6, 0x74, 0x1d, 0xe9, 0x9e, 0x92, 0x5b, 0xfd, 0xdf, 0x79, 0x41, 0x78, 0xcb, 0xd5, 0x61, 0xa6,
+    0xce, 0xa2, 0xc9, 0x46, 0x64, 0x21, 0xfd, 0x89, 0x52, 0x26, 0x36, 0xe7, 0x9d, 0xd4, 0xac, 0x74,
+    0x38, 0xd6, 0xd4, 0xaf, 0xfa, 0xb3, 0xa6, 0x74, 0x8d, 0x5f, 0x77, 0x9f, 0x56, 0x01, 0xcd, 0xd2,
+    0x33, 0x83, 0x50, 0xa7, 0x82, 0x5f, 0xe5, 0x03, 0xda, 0x3c, 0x58, 0x5e, 0x7e, 0x88, 0x45, 0xe6,
+    0x87, 0x8f, 0x53, 0xda, 0x5c, 0x78, 0x42, 0xb6, 0x58, 0xac, 0x04, 0xab, 0x34, 0x6e, 0xe4, 0xf4,
+    0x42, 0x78, 0x1e, 0x94, 0x40, 0xb5, 0xfc, 0x48, 0x5d, 0xe9, 0x1d, 0x8d, 0x81, 0x33, 0xc0, 0xb4,
+    0x8c, 0xda, 0xd7, 0xd2, 0x24, 0x94, 0x01, 0xc1, 0x0f, 0xcf, 0x2b, 0x6a, 0x1c, 0xe7, 0x6c, 0xc0,
+    0x26, 0x56, 0xf4, 0x86, 0xae, 0x95, 0x1a, 0xcb, 0x96, 0x47, 0x38, 0x6d, 0xdb, 0x51, 0x31, 0xd1,
+    0x7a, 0xae, 0xca, 0x3b, 0xba, 0x06, 0x5a, 0x3c, 0xd0, 0xb6, 0x6a, 0x12, 0xd7, 0x32, 0x0d, 0x66,
+    0xac, 0x72, 0xfd, 0x36, 0xf1, 0x60, 0xe9, 0x46, 0x9e, 0x31, 0x6f, 0xe3, 0xee, 0xa6, 0xd0, 0xaf,
+    0x98, 0x9b, 0x56, 0x5d, 0xfd, 0x11, 0x68, 0xaa, 0x1d, 0xdf, 0xe0, 0x77, 0xea, 0x87, 0xc4, 0xc2,
+    0x79, 0xd1, 0xa5, 0x0a, 0x66, 0xd7, 0x23, 0x1a, 0x32, 0x0b, 0x54, 0x60, 0x22, 0x3a, 0xaa, 0x39,
+    0x8b, 0xb0, 0x2c, 0x1e, 0xaa, 0xba, 0x65, 0x2e, 0x56, 0x1d, 0xfc, 0xa0, 0x66, 0x4e, 0x3d, 0x4b,
+    0x58, 0xed, 0xaa, 0x40, 0x46, 0x6c, 0x5d, 0x3e, 0xfd, 0x9e, 0xbb, 0xc7, 0x83, 0xc2, 0xca, 0x63,
+    0x56, 0x39, 0x9f, 0x1b, 0x99, 0x30, 0x95, 0x23, 0x4f, 0xf9, 0xd6, 0x90, 0x77, 0x53, 0x68, 0xb6,
+  },
+  { /* 9 */
+    0xa8, 0x2c, 0x9d, 0x1e, 0xd9, 0x7e, 0xa9, 0xb3, 0xc0, 0x01, 0x6b, 0x3d, 0xc4, 0xa3, 0x83, 0xb4,
+    0xb4, 0x6b, 0xa4, 0x9d, 0x6c, 0x77, 0x14, 0x4c, 0x17, 0xa0, 0x80, 0x59, 0xd2, 0xde, 0x39, 0xaa,
+    0x96, 0x95, 0xc3, 0xd6, 0x72, 0x8f, 0xd1, 0xd8, 0xb2, 0x47, 0xed, 0x28, 0x6d, 0x22, 0x15, 0xce,
+    0x1e, 0xeb, 0x9c, 0x39, 0x0a, 0xe9, 0x43, 0xcd, 0x63, 0x5d, 0x9a, 0x2f, 0xd4, 0x54, 0xa5, 0x9d,
+    0x8a, 0xd2, 0xfa, 0x55, 0xc7, 0x86, 0x6c, 0x27, 0x65, 0xe6, 0x06, 0x4c, 0x7b, 0x5f, 0xaf, 0xd0,
+    0xf5, 0x99, 0x50, 0xe1, 0x53, 0x37, 0x1d, 0xda, 0x6f, 0xe8, 0x61, 0xe9, 0x49, 0x42, 0xb1, 0x07,
+    0x9f, 0x36, 0xa1, 0x26, 0x75, 0xf9, 0xd0, 0x09, 0x7d, 0x4f, 0x33, 0x03, 0x82, 0x73, 0x87, 0x27,
+    0xa5, 0x14, 0x76, 0x59, 0x63, 0x0b, 0x97, 0x06, 0xa4, 0x32, 0x57, 0x80, 0x6c, 0xa0, 0x2f, 0x98,
+    0x13, 0xd3, 0x77, 0x7e, 0xb0, 0x9c, 0x7d, 0x78, 0x07, 0x6e, 0xa6, 0x92, 0x7c, 0x57, 0x09, 0xb1,
+    0x39, 0xd8, 0xc1, 0x98, 0x17, 0x62, 0xc6, 0x24, 0x37, 0xff, 0xcc, 0x0c, 0x4d, 0x0f, 0x59, 0x9c,
+    0xac, 0xb7, 0x14, 0xa9, 0x64, 0x7d, 0x96, 0xd7, 0x6b, 0x3a, 0x89, 0xab, 0x83, 0xf1, 0xbd, 0x71,
+    0x2d, 0x6a, 0x29, 0xb6, 0x1b, 0x6d, 0x05, 0x13, 0x75, 0x28, 0x20, 0x87, 0xd5, 0xd6, 0x9f, 0xcb,
+    0x83, 0x71, 0x98, 0xa5, 0xc0, 0xf0, 0x6d, 0xf6, 0xaa, 0xee, 0xd8, 0x67, 0x94, 0x0e, 0x3d, 0x39,
+    0x86, 0xbc, 0xa2, 0x4f, 0xc3, 0x83, 0x2d, 0x8b, 0x5b, 0xab, 0xe3, 0x35, 0xb2, 0xa9, 0xed, 0x5c,
+    0xb9, 0x53, 0x4f, 0xda, 0xd6, 0x02, 0x2a, 0xf9, 0x73, 0x93, 0xbc, 0xe4, 0x7a, 0xdd, 0x95, 0x86,
+    0x76, 0xe8, 0xc8, 0x44, 0x93, 0xc7, 0x70, 0x2c, 0xc5, 0x06, 0xb9, 0x8e, 0xdd, 0x4c, 0x8c, 0x3e,
+    0x0f, 0x94, 0x4e, 0xfd, 0x05, 0x95, 0xc0, 0x87, 0xd0, 0xcf, 0x4d, 0xf6, 0x6a, 0x2a, 0xb3, 0xaf,
+    0x5a, 0xd4, 0x52, 0xaf, 0x36, 0xda, 0x0a, 0x26, 0xea, 0x50, 0x40, 0xcd, 0x69, 0x6f, 0xfd, 0x55,
+    0xa0, 0xd9, 0x4c, 0xb3, 0x60, 0x78, 0xd7, 0x7b, 0x55, 0x77, 0x6c, 0xd2, 0x4a, 0x07, 0xff, 0xfd,
+    0x92, 0x0e, 0x4a, 0x61, 0xcf, 0x8c, 0xee, 0xbc, 0x19, 0x7c, 0x0f, 0xbe, 0x2a, 0x70, 0x2b, 0x0b,
+    0xe2, 0xd1, 0xae, 0x28, 0x5e, 0xa8, 0x5f, 0xc6, 0xc3, 0xbd, 0x25, 0xed, 0x72, 0x47, 0x86, 0x73,
+    0x34, 0xe0, 0x2a, 0xdf, 0xad, 0x17, 0xf8, 0x91, 0x53, 0xcc, 0xf0, 0xb1, 0xe5, 0x0c, 0xf5, 0xb0,
+    0xee, 0xbf, 0xf6, 0x32, 0x5a, 0xad, 0x1e, 0x6a, 0xfd, 0xf0, 0xc0, 0x94, 0xbb, 0xb1, 0xc4, 0xff,
+    0x6d, 0xce, 0x6e, 0x97, 0x9a, 0x5d, 0x73, 0x9c, 0x57, 0x1e, 0x18, 0xf3, 0x2f, 0xbf, 0xf9, 0xc6,
+    0x1a, 0x70, 0x15, 0x8e, 0xb7, 0xea, 0x7c, 0xa9, 0xc8, 0x66, 0x78, 0xb9, 0x93, 0x06, 0x9b, 0x58,
+    0x24, 0xc9, 0x4b, 0x46, 0x1c, 0x1b, 0x04, 0xc2, 0xba, 0x20, 0xfe, 0xac, 0x3a, 0x87, 0x0d, 0x22,
+    0x1f, 0xbd, 0x2f, 0x64, 0xb4, 0x99, 0x3c, 0xd4, 0x39, 0x23, 0x43, 0xeb, 0xb5, 0xa1, 0x4b, 0x3d,
+    0xd2, 0xaa, 0x0d, 0x40, 0x4e, 0xbc, 0x98, 0x33, 0x3b, 0x4a, 0x37, 0xca, 0xd0, 0x19, 0x4d, 0x06,
+    0x18, 0xdc, 0xb0, 0x34, 0x08, 0x0a, 0x82, 0x9b, 0x7c, 0x9a, 0x09, 0xf2, 0x51, 0x2f, 0x84, 0xdb,
+    0x37, 0x1a, 0x3c, 0x38, 0xac, 0x87, 0x79, 0xba, 0xbd, 0x4e, 0x58, 0x3e, 0x46, 0xd0, 0x04, 0x93,
+    0x6a, 0xaf, 0xf1, 0xc7, 0x26, 0xce, 0xcd, 0xd3, 0x12, 0xa7, 0x52, 0xea, 0xcb, 0x31, 0x36, 0x20,
+    0x3f, 0xef, 0xed, 0x95, 0x15, 0x81, 0x07, 0x72, 0x28, 0x38, 0x5f, 0xd1, 0xc8, 0x74, 0x78, 0xda,
+    0xae, 0x1b, 0xb1, 0x13, 0xdb, 0x9d, 0x68, 0xe5, 0xdf, 0xc6, 0xf8, 0xe0, 0x41, 0xd8, 0xa2, 0xf2,
+    0x10, 0x29, 0x61, 0x99, 0xb1, 0x0c, 0xfc, 0x53, 0xe9, 0xec, 0x0e, 0x1d, 0xdf, 0x8b, 0xf8, 0x92,
+    0x46, 0x93, 0x6b, 0x2c, 0x83, 0xd3, 0xb7, 0xd9, 0x3d, 0xf1, 0xab, 0xa9, 0x7f, 0x12, 0x47, 0x4b,
+    0x6c, 0x98, 0xdd, 0xca, 0x24, 0x2d, 0x0c, 0x85, 0x0d, 0x60, 0xc1, 0x37, 0x4e, 0x4a, 0x17, 0x66,
+    0xbc, 0x9e, 0x75, 0x30, 0xd5, 0x71, 0x6a, 0x84, 0x82, 0xd6, 0x87, 0xb6, 0x5c, 0x7a, 0x45, 0xe3,
+    0x68, 0x03, 0x54, 0x7d, 0x99, 0x2e, 0x33, 0xe1, 0xa6, 0x5b, 0x23, 0xa1, 0x09, 0x18, 0x29, 0xa3,
+    0x0b, 0x0f, 0xc7, 0x4a, 0xb8, 0x96, 0xff, 0xe3, 0x7b, 0xf4, 0xaf, 0x60, 0x2d, 0x78, 0x8d, 0x6a,
+    0x3e, 0xb9, 0x5e, 0xc8, 0xab, 0xf1, 0x78, 0x6b, 0x72, 0x46, 0x86, 0x15, 0xa9, 0x81, 0x96, 0x7a,
+    0xfe, 0x96, 0x97, 0xab, 0xeb, 0xa1, 0xe2, 0x39, 0x14, 0x1c, 0xce, 0x89, 0x64, 0x3a, 0x3c, 0x6d,
+    0xa9, 0x7a, 0x2e, 0x43, 0x67, 0x0e, 0xd6, 0xaa, 0x9a, 0x7f, 0xb2, 0xf9, 0xa5, 0x56, 0x6d, 0x14,
+    0x28, 0xa7, 0x13, 0x5c, 0x18, 0x1e, 0x45, 0x6e, 0x84, 0x6d, 0x1b, 0xd5, 0xf3, 0x71, 0x4f, 0xae,
+    0x7c, 0xb1, 0xbc, 0x53, 0x95, 0x21, 0xf0, 0xd6, 0xe4, 0x8c, 0xcf, 0x2a, 0x91, 0xc1, 0xef, 0xf4,
+    0xf2, 0xf8, 0xcf, 0xb1, 0xef, 0xa4, 0xa3, 0x95, 0x2a, 0x51, 0x2b, 0xf0, 0xad, 0xcc, 0x7e, 0xe1,
+    0xbf, 0x64, 0x63, 0xd7, 0xd4, 0xe1, 0xeb, 0xaf, 0x6c, 0x54, 0x2f, 0x39, 0xff, 0xa6, 0xb4, 0xc0,
+    0xf4, 0xcf, 0xe3, 0xbc, 0xed, 0x47, 0x62, 0xc3, 0x35, 0x96, 0xb8, 0x2d, 0x28, 0xb7, 0x5f, 0xa7,
+    0xcb, 0x20, 0x0e, 0x29, 0xf8, 0xc6, 0x65, 0xb1, 0x1d, 0xae, 0xe7, 0xfc, 0xe0, 0xc3, 0x27, 0x7d,
+    0x06, 0x37, 0x2c, 0x0d, 0x02, 0xe3, 0xc1, 0x56, 0x1f, 0xc7, 0x93, 0xdd, 0x85, 0x7b, 0x21, 0x46,
+    0xf8, 0xa1, 0xbb, 0xa6, 0xe9, 0x42, 0x23, 0x6f, 0x0b, 0xdb, 0x5d, 0x54, 0xe1, 0x41, 0x1d, 0x2b,
+    0xbd, 0xc8, 0xc6, 0x6d, 0x6b, 0x01, 0x15, 0x9d, 0xd8, 0xa8, 0x5e, 0x72, 0x3d, 0x8f, 0xab, 0x43,
+    0x75, 0x12, 0xde, 0xa3, 0x92, 0x57, 0xf1, 0x07, 0x2b, 0x84, 0x11, 0x01, 0x7e, 0x90, 0x7d, 0x1d,
+    0x03, 0xfa, 0x16, 0xe7, 0x01, 0x90, 0x81, 0x2b, 0xee, 0x82, 0xa8, 0x8f, 0xa3, 0xdc, 0xf1, 0x23,
+    0x4c, 0xca, 0x1f, 0x3b, 0x85, 0x35, 0x37, 0x23, 0x1c, 0x7b, 0xdd, 0x0d, 0x33, 0x9f, 0x24, 0x81,
+    0x4b, 0xab, 0x80, 0x6b, 0x39, 0xa6, 0x89, 0x6c, 0x59, 0xc2, 0x97, 0x14, 0xd7, 0x11, 0xeb, 0x67,
+    0xc0, 0x2f, 0xc9, 0x63, 0x40, 0x50, 0x9a, 0x52, 0x66, 0x5a, 0x48, 0x9c, 0xcd, 0xbb, 0xaa, 0x17,
+    0x04, 0x9b, 0x89, 0xb7, 0xbd, 0x03, 0x3f, 0x64, 0xab, 0x3b, 0xe2, 0x96, 0x47, 0x52, 0x3e, 0xc5,
+    0xb3, 0x0a, 0x3b, 0xcd, 0xd0, 0xe4, 0xaa, 0x03, 0x52, 0x19, 0xca, 0x40, 0x36, 0x50, 0xf6, 0x4c,
+    0xb6, 0xc7, 0x01, 0x27, 0xd3, 0x97, 0xea, 0x7e, 0xa3, 0x5c, 0xf1, 0x12, 0x10, 0xf7, 0x26, 0x29,
+    0x51, 0xdb, 0x95, 0xe5, 0x8e, 0x4c, 0xf5, 0xc5, 0x91, 0xa4, 0xef, 0xad, 0x44, 0x17, 0x70, 0x3f,
+    0xeb, 0x72, 0xcc, 0xd8, 0x59, 0xde, 0x5e, 0x17, 0x0c, 0xb5, 0xfb, 0xc6, 0x9d, 0x16, 0x14, 0x9a,
+    0x98, 0x57, 0x3e, 0x76, 0xc9, 0x6a, 0x6e, 0x46, 0x38, 0xf6, 0x79, 0x1a, 0x66, 0xfd, 0x48, 0xc1,
+    0x23, 0xa8, 0xd4, 0x16, 0xa0, 0x88, 0xba, 0x8d, 0xff, 0x99, 0xb4, 0xb5, 0xde, 0x09, 0xc2, 0xc4,
+    0xab, 0xd6, 0x8b, 0xf9, 0xd8, 0xee, 0x28, 0x98, 0x2e, 0x83, 0xc3, 0xb2, 0x67, 0x7f, 0x72, 0x97,
+    0xb2, 0x5c, 0x88, 0x90, 0x6e, 0x94, 0xd5, 0x1a, 0x08, 0x67, 0x13, 0x84, 0x57, 0xa5, 0x18, 0xec,
+    0x99, 0x01, 0x8d, 0x2b, 0x77, 0x1a, 0x11, 0x5f, 0x62, 0x88, 0xa0, 0xde, 0x07, 0x08, 0xa6, 0x61,
+    0x89, 0x28, 0xec, 0xb2, 0xc6, 0x16, 0xed, 0x0c, 0x8b, 0x64, 0xae, 0xc3, 0xd8, 0x83, 0x5e, 0xf3,
+    0xdf, 0x92, 0xe6, 0x07, 0xf4, 0xc9, 0xa6, 0x86, 0x5f, 0x79, 0x0b, 0x77, 0x78, 0x1a, 0xe1, 0x2a,
+    0x0d, 0x38, 0xeb, 0x47, 0xba, 0x75, 0x3e, 0xb5, 0x64, 0x33, 0x3c, 0xbd, 0xa8, 0x03, 0xac, 0x2c,
+    0x31, 0x2d, 0x10, 0x35, 0xae, 0x64, 0xb8, 0xec, 0xa2, 0x89, 0xcb, 0xe3, 0xc3, 0xab, 0x25, 0xd5,
+    0x70, 0xdf, 0xe4, 0x49, 0x91, 0x24, 0xb1, 0x7a, 0xda, 0xc1, 0x2a, 0x53, 0x58, 0x37, 0xad, 0x78,
+    0x73, 0x25, 0xf2, 0xae, 0x90, 0xb4, 0x30, 0x51, 0x34, 0x43, 0x82, 0xdc, 0xfb, 0xeb, 0x5c, 0x5b,
+    0x1d, 0x11, 0x8a, 0xde, 0x0b, 0x79, 0xc2, 0xe6, 0x8d, 0xdf, 0x32, 0xa0, 0x77, 0x88, 0x54, 0xbe,
+    0x8d, 0xb3, 0x65, 0x05, 0x7b, 0x15, 0xd2, 0x68, 0x20, 0x5f, 0x4c, 0x55, 0x9f, 0xd1, 0x60, 0x36,
+    0xf1, 0x02, 0xd9, 0x56, 0xee, 0x34, 0x22, 0xbe, 0xc4, 0xd3, 0x83, 0x7f, 0x0e, 0x10, 0x8f, 0xc2,
+    0x7d, 0xe7, 0x0f, 0x0e, 0x2b, 0x51, 0x8f, 0xcf, 0xbe, 0xf2, 0x16, 0xee, 0xf0, 0x34, 0x01, 0x54,
+    0x17, 0x48, 0xfe, 0xc9, 0x0d, 0x9f, 0x42, 0x1c, 0xac, 0x55, 0x44, 0x04, 0x3b, 0x05, 0x37, 0x74,
+    0x2c, 0x3c, 0x9a, 0xeb, 0xa5, 0x1d, 0x7a, 0x0a, 0x2f, 0x56, 0xf9, 0x43, 0xb4, 0x23, 0x71, 0x6b,
+    0x35, 0xb6, 0x99, 0x82, 0x13, 0x67, 0x87, 0x88, 0x09, 0xb2, 0x29, 0x75, 0x84, 0xf9, 0x1b, 0x10,
+    0x88, 0x7e, 0x5f, 0xef, 0x78, 0x66, 0x92, 0x15, 0xd1, 0x1a, 0x77, 0x07, 0xb9, 0x76, 0xb0, 0x53,
+    0x67, 0x97, 0x1a, 0x80, 0x9c, 0xbb, 0xf3, 0x66, 0x76, 0x94, 0x6e, 0x57, 0x63, 0x32, 0x9a, 0x0c,
+    0xe1, 0x2b, 0xb8, 0xcf, 0x5f, 0x38, 0xde, 0xed, 0x2d, 0x3f, 0x8d, 0x62, 0xd1, 0x9b, 0x77, 0x50,
+    0xb5, 0x3d, 0x17, 0xc0, 0xd2, 0x07, 0x6b, 0x55, 0x4d, 0xde, 0x59, 0x9d, 0xb3, 0x2b, 0xd7, 0x0a,
+    0x64, 0x6d, 0x0c, 0x67, 0x9d, 0x2b, 0x72, 0x4d, 0x98, 0x16, 0xc6, 0xd8, 0xc0, 0xee, 0x6b, 0x2f,
+    0xb1, 0xa6, 0x9e, 0x77, 0x6f, 0x04, 0x54, 0x31, 0xe6, 0xe5, 0xbb, 0x0b, 0xf4, 0x79, 0xe9, 0xcf,
+    0x08, 0xf5, 0xd1, 0xad, 0xb9, 0x06, 0x7e, 0xc8, 0x95, 0x76, 0x07, 0xef, 0x8e, 0xa4, 0x7c, 0x49,
+    0xe5, 0xb0, 0x31, 0x78, 0xe2, 0x3b, 0xe1, 0x89, 0x86, 0x04, 0x6f, 0xf4, 0x96, 0xc9, 0x49, 0x95,
+    0x1c, 0x47, 0x39, 0x83, 0xb5, 0x09, 0xbd, 0xff, 0xd7, 0xa1, 0xeb, 0x64, 0x16, 0x7d, 0xba, 0x1e,
+    0x6b, 0xf9, 0x42, 0x9a, 0x98, 0xbe, 0xb2, 0xca, 0x48, 0xd9, 0x8b, 0x2e, 0xaa, 0xc4, 0xd8, 0x80,
+    0x5c, 0xe3, 0x7e, 0xa2, 0x34, 0x39, 0xcb, 0x70, 0xf5, 0x97, 0xd3, 0x10, 0xec, 0x14, 0xdc, 0x13,
+    0xa3, 0x23, 0x5a, 0x54, 0x61, 0xe8, 0x56, 0x50, 0xbb, 0xf5, 0xc4, 0x5d, 0xe9, 0xdb, 0x0e, 0xde,
+    0x7a, 0x86, 0x90, 0x5e, 0x97, 0xc2, 0x31, 0x80, 0xfb, 0x4b, 0x5c, 0xf7, 0x14, 0xba, 0xce, 0xb2,
+    0xe8, 0x88, 0xda, 0x3f, 0x58, 0x4e, 0xdf, 0x3c, 0xe2, 0x37, 0x53, 0x49, 0x3e, 0xca, 0xe5, 0xb9,
+    0xda, 0x5f, 0xdc, 0xed, 0xf7, 0xba, 0xe6, 0xfb, 0xae, 0x3c, 0x30, 0x25, 0x5e, 0xbd, 0x31, 0x4f,
+    0xd7, 0x67, 0x37, 0xaa, 0x4d, 0xcf, 0xd8, 0x4e, 0xca, 0x0f, 0x0c, 0x98, 0xf6, 0xbe, 0x9d, 0x63,
+    0xfa, 0x0d, 0x1e, 0x1c, 0x56, 0xa2, 0xdd, 0x5d, 0xbf, 0x27, 0x2c, 0x1f, 0x23, 0x68, 0x02, 0xa8,
+    0xa7, 0xb8, 0xd3, 0xe3, 0xdc, 0xeb, 0x69, 0x34, 0x10, 0xce, 0x26, 0xcb, 0xae, 0x89, 0x30, 0x1b,
+    0x7f, 0x4b, 0xaa, 0xb4, 0x94, 0xb1, 0x71, 0xfd, 0x0a, 0x0e, 0x67, 0xa5, 0x32, 0x1d, 0x1e, 0xd7,
+    0xe4, 0xe6, 0x82, 0x25, 0x5c, 0x4b, 0x9e, 0x90, 0xdc, 0x7a, 0xb6, 0x30, 0xf7, 0x3c, 0xa7, 0x35,
+    0x8f, 0x1f, 0xc0, 0xbf, 0xc4, 0xf5, 0x2c, 0x5a, 0x94, 0xa3, 0x3d, 0x1e, 0x5d, 0xf8, 0x7f, 0xb5,
+    0xa1, 0x8f, 0xff, 0xee, 0xde, 0x08, 0xa8, 0x62, 0x0f, 0x09, 0xb5, 0x16, 0x2b, 0xf2, 0x11, 0x5d,
+    0x52, 0x21, 0x83, 0x02, 0x8f, 0xdc, 0x74, 0xee, 0x7f, 0x26, 0x47, 0x22, 0xe7, 0xcb, 0x81, 0x1c,
+    0xec, 0x13, 0x53, 0x88, 0xe5, 0x4d, 0xe0, 0x58, 0x49, 0x0c, 0xb1, 0xdf, 0x79, 0x98, 0xdb, 0x7c,
+    0x3b, 0x74, 0x64, 0x22, 0xa8, 0x82, 0x38, 0x16, 0x83, 0x03, 0xbd, 0x47, 0x8f, 0x26, 0x46, 0x1f,
+    0xa2, 0x75, 0xe9, 0x09, 0xdf, 0x98, 0x29, 0x49, 0xe1, 0x8b, 0x1d, 0x99, 0x88, 0x2e, 0xe0, 0x7e,
+    0x5f, 0x19, 0x68, 0x45, 0x35, 0xa9, 0x4a, 0x5b, 0x1b, 0x15, 0x7b, 0x9f, 0x4f, 0xc8, 0x2d, 0x30,
+    0x50, 0x8d, 0x26, 0xb8, 0x30, 0x3c, 0x8a, 0xdc, 0xcb, 0xda, 0x36, 0x69, 0x25, 0xe2, 0x9e, 0x9f,
+    0x4a, 0xfd, 0x33, 0x36, 0x87, 0xd6, 0xf6, 0x75, 0x03, 0xbc, 0x4e, 0xd0, 0xb6, 0xe4, 0x05, 0xc7,
+    0x57, 0xec, 0xb9, 0xe8, 0x8c, 0xaf, 0x34, 0x93, 0x8e, 0x63, 0x7c, 0x70, 0xc1, 0x6c, 0x51, 0x79,
+    0x55, 0x40, 0x1c, 0x52, 0x33, 0x4f, 0xca, 0xa1, 0x3a, 0x9f, 0x0d, 0x3b, 0x03, 0x45, 0x4e, 0xfa,
+    0xdc, 0x68, 0xf0, 0xe0, 0xf5, 0x59, 0x27, 0xad, 0xb1, 0xfb, 0xa3, 0xf8, 0xdb, 0xc6, 0x10, 0x09,
+    0xde, 0xc4, 0x55, 0x5a, 0x4a, 0xb9, 0xd9, 0x9f, 0x05, 0x07, 0xd2, 0xb3, 0x19, 0xef, 0x0f, 0x8a,
+    0x9d, 0x9a, 0x04, 0x9c, 0xca, 0x19, 0x2e, 0x3b, 0xc9, 0xb3, 0x42, 0x48, 0x40, 0x5a, 0x98, 0xa4,
+    0xe7, 0x1c, 0x94, 0xc2, 0x5d, 0xdb, 0x1f, 0xbb, 0x32, 0xf8, 0x1e, 0xbf, 0x54, 0xe0, 0x56, 0x16,
+    0xaf, 0x4d, 0x02, 0x4e, 0x65, 0xed, 0x17, 0xfc, 0x85, 0xb8, 0x21, 0x24, 0x20, 0x2d, 0x4c, 0x52,
+    0x97, 0xc3, 0x70, 0x8b, 0xcc, 0xff, 0xae, 0xc1, 0xe8, 0x39, 0x34, 0xec, 0x0c, 0xd7, 0xfb, 0x6e,
+    0xaa, 0x80, 0x38, 0xa4, 0x66, 0x9e, 0x57, 0x81, 0x74, 0xfd, 0x1a, 0x76, 0x06, 0x8a, 0x9c, 0x37,
+    0x26, 0x65, 0xee, 0xfc, 0xa3, 0xfb, 0xfa, 0xf0, 0x0e, 0xdc, 0x8f, 0xe7, 0xf8, 0xae, 0x12, 0xa1,
+    0x4d, 0x9c, 0xac, 0x66, 0x3b, 0x45, 0x48, 0x3a, 0x46, 0x05, 0x04, 0xc9, 0x52, 0x6a, 0xca, 0x21,
+    0x54, 0x16, 0xaf, 0x0f, 0x8d, 0x3f, 0xb5, 0xb8, 0x60, 0xe1, 0xd4, 0xff, 0x62, 0xb0, 0xa0, 0x5a,
+    0xf7, 0x35, 0xf5, 0x5b, 0xec, 0xd7, 0xe3, 0xe8, 0xdb, 0x14, 0x10, 0xa2, 0x8b, 0x6b, 0xae, 0x84,
+    0xd9, 0xa5, 0xca, 0x0a, 0xf6, 0x2a, 0x67, 0xd0, 0x40, 0xbe, 0x98, 0xaa, 0xfd, 0x61, 0xc0, 0x6c,
+    0x84, 0x10, 0x07, 0xf5, 0x7c, 0x63, 0xd3, 0xb9, 0xef, 0x57, 0x92, 0x7e, 0x70, 0x80, 0xf2, 0xdf,
+    0x41, 0xf2, 0xf4, 0x7c, 0x3f, 0x40, 0x09, 0x96, 0x78, 0x48, 0xe1, 0xb0, 0x9b, 0x9c, 0x88, 0xad,
+    0x82, 0x27, 0x2b, 0xf8, 0x7e, 0x80, 0x12, 0xef, 0xf0, 0x90, 0x01, 0xa3, 0xf5, 0xfb, 0xd3, 0x99,
+    0xd6, 0x31, 0x84, 0xf7, 0xf3, 0xbf, 0xa7, 0x57, 0x90, 0x71, 0xd5, 0x5c, 0x97, 0x4b, 0x73, 0xc3,
+    0xb7, 0x91, 0xb2, 0x7a, 0x6d, 0xe7, 0x95, 0x67, 0xf9, 0x22, 0x28, 0xd6, 0x71, 0x02, 0xc8, 0x89,
+    0xdb, 0x09, 0x6f, 0xb0, 0x49, 0xca, 0x99, 0xe2, 0xf4, 0x42, 0xe9, 0xe1, 0x3f, 0x48, 0xdf, 0xef,
+    0x2b, 0x5d, 0x05, 0xbb, 0x19, 0x8e, 0xc4, 0x45, 0x6a, 0xef, 0xb3, 0x5a, 0x50, 0xad, 0xbe, 0x8d,
+    0xa6, 0xee, 0x60, 0xbe, 0x62, 0x9b, 0x16, 0x2d, 0x4a, 0xb0, 0xff, 0x0f, 0xcf, 0x7c, 0xde, 0xbb,
+    0x38, 0x8e, 0x72, 0xc5, 0xa9, 0x12, 0xb9, 0x3d, 0x6d, 0x81, 0x15, 0xc8, 0x2c, 0xfa, 0xb7, 0x3c,
+    0xce, 0xed, 0x34, 0xc3, 0xfb, 0xb5, 0x25, 0xcc, 0xec, 0xeb, 0xdc, 0xae, 0xc6, 0x64, 0xf7, 0x18,
+    0x95, 0x6f, 0xd5, 0x31, 0x73, 0x1f, 0x50, 0xf3, 0x5c, 0xc5, 0x45, 0xa7, 0xce, 0xfe, 0xe4, 0xed,
+    0x71, 0x89, 0x57, 0x14, 0x2f, 0x54, 0xce, 0x63, 0x80, 0xbf, 0xf3, 0x97, 0x39, 0xc2, 0x43, 0xd8,
+    0xc3, 0xd5, 0xdf, 0x84, 0x41, 0xc0, 0x1b, 0x79, 0x88, 0xd8, 0xe0, 0x13, 0x6e, 0x67, 0x5b, 0x34,
+    0x8e, 0x49, 0x73, 0xe2, 0x7a, 0x85, 0x53, 0x43, 0xce, 0xdd, 0xe4, 0xda, 0x3c, 0x0d, 0x91, 0x15,
+    0x9a, 0xfb, 0x9b, 0xcc, 0x76, 0x8a, 0x90, 0x74, 0x8c, 0x0a, 0x08, 0x51, 0xa4, 0xd4, 0x57, 0x42,
+    0xef, 0xe9, 0x45, 0x6f, 0xe4, 0xdd, 0x61, 0x73, 0xa7, 0x8e, 0x19, 0x50, 0xda, 0x44, 0x2a, 0x5f,
+    0x25, 0x9f, 0xf8, 0x1b, 0xa2, 0x6b, 0x7b, 0xdb, 0xe0, 0x5e, 0x27, 0x68, 0x5b, 0x72, 0xe3, 0x82,
+    0xa4, 0x42, 0xc5, 0x04, 0xdd, 0x7b, 0xe8, 0x1f, 0xfe, 0x4c, 0x8e, 0x44, 0x0d, 0x55, 0xc1, 0x38,
+    0xe9, 0xde, 0x69, 0x62, 0xe6, 0x3e, 0xa0, 0x25, 0xb8, 0x49, 0x8a, 0x8d, 0x5f, 0x3f, 0x0b, 0x19,
+    0x3c, 0x15, 0xfb, 0x72, 0x14, 0x11, 0x86, 0x59, 0xc6, 0xba, 0xf7, 0x5e, 0x6b, 0xa8, 0x89, 0xf9,
+    0x6f, 0x62, 0xcb, 0x2d, 0x25, 0xbd, 0x8d, 0xae, 0xe3, 0xe2, 0x69, 0xb8, 0xed, 0x96, 0xe6, 0x45,
+    0x02, 0xac, 0xa5, 0xba, 0xbf, 0xe0, 0xfe, 0x32, 0xb4, 0xfc, 0x71, 0x4b, 0xc2, 0x29, 0x1f, 0x83,
+    0x01, 0x56, 0xb3, 0x5d, 0xbe, 0x70, 0x7f, 0x19, 0x5a, 0x7e, 0xd9, 0xc4, 0x61, 0xf5, 0xee, 0xa0,
+    0x0a, 0x59, 0x74, 0x17, 0x06, 0xe6, 0x80, 0xfa, 0x21, 0x8a, 0x76, 0xa4, 0x4c, 0x8d, 0x63, 0xca,
+    0x09, 0xa3, 0x62, 0xf0, 0x07, 0x76, 0x01, 0xd1, 0xcf, 0x08, 0xde, 0x2b, 0xef, 0x51, 0x92, 0xe9,
+    0x94, 0x39, 0x66, 0x6c, 0xcd, 0x6f, 0x2f, 0xea, 0x06, 0xbb, 0x9c, 0x63, 0xaf, 0x0b, 0x0a, 0x4d,
+    0xed, 0x45, 0xe0, 0xd5, 0x5b, 0x3d, 0x9f, 0x41, 0x13, 0x72, 0x68, 0x1b, 0x18, 0x6d, 0x35, 0xdc,
+    0x59, 0x2e, 0x44, 0x48, 0x37, 0x4a, 0x8b, 0x0d, 0x04, 0xd2, 0xe8, 0x42, 0xca, 0xb3, 0x0c, 0x76,
+    0x61, 0xa0, 0x36, 0x8d, 0x9e, 0x58, 0x32, 0x30, 0x69, 0x53, 0xfd, 0x8a, 0xe6, 0x49, 0xbb, 0x4a,
+    0x69, 0x55, 0xe7, 0x20, 0x27, 0x5e, 0x4c, 0xf8, 0xfc, 0x25, 0xfa, 0x65, 0x68, 0xed, 0xc7, 0x03,
+    0x29, 0xf1, 0xa0, 0x01, 0xa6, 0x6e, 0x3a, 0x77, 0xde, 0x13, 0xc2, 0x11, 0x92, 0x84, 0xa1, 0x0e,
+    0xb0, 0xf0, 0x2d, 0x2a, 0xd1, 0x74, 0x2b, 0x28, 0xbc, 0x9b, 0x62, 0xcf, 0x95, 0x8c, 0x07, 0x6f,
+    0x30, 0x7b, 0xa3, 0x68, 0x10, 0x14, 0xc7, 0xf5, 0xf8, 0xf7, 0x12, 0x27, 0xa2, 0x5e, 0xcb, 0x75,
+    0x60, 0xf6, 0x85, 0xd0, 0x20, 0x28, 0x4d, 0x29, 0x33, 0x2d, 0x24, 0x4e, 0x87, 0xbc, 0x55, 0xea,
+    0x74, 0x44, 0x6d, 0xfe, 0x2c, 0x27, 0x8e, 0x1e, 0x71, 0xfa, 0xc8, 0xc5, 0x1f, 0x65, 0x93, 0xbd,
+    0x22, 0xfe, 0x67, 0x4b, 0x1e, 0xf8, 0xc5, 0x94, 0xa5, 0xe7, 0x6d, 0x71, 0xbf, 0xfc, 0x2c, 0x64,
+    0x0c, 0x6e, 0x58, 0x1a, 0x04, 0x05, 0x41, 0xac, 0x3e, 0x4d, 0xe5, 0x79, 0xc9, 0xf6, 0x42, 0x8c,
+    0xcd, 0x17, 0x22, 0x24, 0xfa, 0x25, 0xa4, 0xe7, 0x02, 0x69, 0x74, 0x21, 0x65, 0xb8, 0x06, 0x3b,
+    0x7b, 0xd0, 0x23, 0x03, 0x29, 0xb2, 0x4e, 0x99, 0xa1, 0x35, 0x85, 0x33, 0x75, 0x4f, 0x20, 0x12,
+    0x5b, 0x82, 0xe1, 0xf2, 0x88, 0xaa, 0x75, 0x3f, 0xb0, 0x2e, 0x99, 0x09, 0x08, 0x9a, 0x13, 0xf5,
+    0x40, 0xa4, 0x47, 0x21, 0x81, 0x30, 0x76, 0x8f, 0x22, 0x36, 0x38, 0x74, 0xfa, 0x69, 0x66, 0x0d,
+    0xe3, 0x87, 0x1d, 0x75, 0xe0, 0xd8, 0x20, 0xdf, 0x99, 0xc3, 0xfc, 0x29, 0x13, 0xb2, 0x68, 0xd3,
+    0x14, 0xb2, 0xe8, 0x2e, 0x0c, 0x0f, 0xc3, 0x37, 0x42, 0xd7, 0xec, 0x8b, 0x98, 0xd9, 0xc6, 0x57,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0xfd, 0x6c, 0x81, 0x4c, 0xea, 0x31, 0x63, 0x12, 0xfa, 0x9e, 0x66, 0x06, 0xc7, 0xe6, 0xcd, 0x4e,
+    0x78, 0x2a, 0x35, 0xe4, 0x28, 0x22, 0xcf, 0xb2, 0x4f, 0xb7, 0x2d, 0xbc, 0xd6, 0x93, 0xd1, 0x31,
+    0xad, 0xe1, 0xa7, 0xf4, 0xda, 0x0d, 0xe9, 0xce, 0x31, 0x44, 0x50, 0x6f, 0xe2, 0x04, 0x53, 0xd1,
+    0xd0, 0x06, 0xa8, 0xfa, 0xf1, 0x5c, 0x66, 0x01, 0x8f, 0xb6, 0x46, 0x81, 0x12, 0x30, 0x52, 0x85,
+    0x91, 0xf4, 0x5c, 0x86, 0xce, 0x1c, 0x6f, 0x97, 0xf7, 0xfe, 0xa7, 0x31, 0x89, 0xac, 0xda, 0x28,
+    0xfc, 0x3a, 0x32, 0x11, 0x54, 0x41, 0x1c, 0x0b, 0xa0, 0xe0, 0xbf, 0xc2, 0xa6, 0x13, 0x23, 0xee,
+    0xf9, 0xf7, 0x08, 0xfb, 0x57, 0x32, 0x5c, 0x76, 0x51, 0xa5, 0x84, 0x90, 0x80, 0xb4, 0xf3, 0x8b,
+    0xea, 0x24, 0x7f, 0x85, 0xe7, 0xae, 0x21, 0x0e, 0x56, 0xcb, 0x22, 0x02, 0xfc, 0xe3, 0xfa, 0x3a,
+    0x85, 0x46, 0xb4, 0xa8, 0xc2, 0x13, 0xac, 0xa0, 0xb5, 0x29, 0x4b, 0xba, 0x11, 0x75, 0x1c, 0x7f,
+    0x7e, 0x1d, 0x19, 0xe9, 0x2a, 0xc1, 0x0e, 0xe4, 0x50, 0x70, 0xbe, 0x61, 0x53, 0xe8, 0xf0, 0x77,
+    0x77, 0xbe, 0x7b, 0x19, 0x2d, 0xb7, 0x0f, 0x35, 0x9f, 0x78, 0x60, 0x4a, 0xbc, 0xb9, 0x62, 0x9e,
+    0xc7, 0x4e, 0x56, 0x33, 0xfc, 0xc3, 0x24, 0x1d, 0x23, 0xe3, 0x02, 0x85, 0x29, 0x35, 0x65, 0xf1,
+    0xc5, 0xe2, 0xf3, 0x89, 0x43, 0x23, 0xda, 0x2f, 0x97, 0x1f, 0x73, 0xce, 0xeb, 0x1c, 0x7a, 0x72,
+    0x5d, 0xb5, 0xcd, 0xff, 0x8a, 0x49, 0xb4, 0x69, 0xaf, 0xe9, 0x0a, 0xd4, 0x8d, 0xe1, 0x32, 0xb3,
+    0x3a, 0x22, 0xd7, 0x7f, 0x16, 0xf2, 0x47, 0x0f, 0xd9, 0x7d, 0x64, 0x83, 0xee, 0xd3, 0xa8, 0xbf,
+    0xd5, 0xcb, 0x92, 0x10, 0xf2, 0x2f, 0x26, 0x7c, 0x7e, 0xf3, 0x7d, 0xd3, 0x34, 0x97, 0x82, 0xe0,
+    0x66, 0xc1, 0xa9, 0xdd, 0x22, 0xcb, 0x8c, 0x7f, 0x2c, 0xea, 0xb7, 0x93, 0x02, 0xc7, 0x74, 0xac,
+    0x8b, 0x84, 0x49, 0x08, 0x79, 0xf6, 0x13, 0x3e, 0x3f, 0x98, 0xdf, 0x88, 0x1a, 0xaa, 0x41, 0x70,
+    0x49, 0x07, 0x25, 0xd1, 0x86, 0x46, 0x77, 0x5e, 0xed, 0x3e, 0xe6, 0x5f, 0x15, 0x38, 0xf4, 0xe4,
+    0xc2, 0x83, 0x6c, 0xd9, 0xff, 0xb0, 0x64, 0x60, 0xd2, 0xa6, 0x39, 0xd7, 0x0f, 0x92, 0xb5, 0x94,
+    0xc6, 0x18, 0xe5, 0x6e, 0x42, 0xb3, 0x5b, 0x04, 0x79, 0x9d, 0xdb, 0x41, 0x48, 0xc0, 0x8b, 0x51,
+    0x56, 0xba, 0x0a, 0xb5, 0x32, 0xdf, 0x4b, 0x8a, 0xd4, 0x1d, 0xa5, 0xb4, 0xa0, 0x99, 0xbf, 0xd9,
+    0x4e, 0x66, 0xba, 0x81, 0x3a, 0xd5, 0xc9, 0x11, 0xa8, 0x87, 0xac, 0x46, 0xf1, 0xb6, 0x3b, 0x02,
+    0x27, 0x33, 0x5d, 0xa1, 0x1d, 0x8b, 0x85, 0xe9, 0x54, 0xa2, 0x56, 0x23, 0x99, 0x5b, 0xfc, 0x01,
+    0xe6, 0x4a, 0x27, 0x9f, 0xe3, 0xab, 0x60, 0xa2, 0x68, 0x86, 0xc7, 0x7b, 0x35, 0x15, 0xb8, 0xb6,
+    0x93, 0x58, 0xf9, 0x3c, 0x71, 0xfc, 0x91, 0xa5, 0x43, 0x02, 0xd6, 0x7a, 0x4b, 0x85, 0xc5, 0xab,
+    0xbb, 0xff, 0xea, 0x60, 0x69, 0xe2, 0xd4, 0xcb, 0xc7, 0x6f, 0xcd, 0xaf, 0xb8, 0xf4, 0x8a, 0x05,
+    0xd1, 0x50, 0x1b, 0xa7, 0x4f, 0x2c, 0x19, 0x18, 0xd5, 0xc8, 0x9f, 0x45, 0x73, 0xc5, 0xbc, 0x25,
+    0x63, 0x0c, 0x93, 0x37, 0x21, 0xb8, 0xcc, 0x02, 0xdd, 0xaf, 0x8c, 0xc1, 0x24, 0x60, 0xa4, 0xc9,
+    0xc1, 0x79, 0x7a, 0x3e, 0xfe, 0x20, 0xe5, 0x4b, 0x3c, 0x24, 0x91, 0x58, 0xac, 0x4e, 0x44, 0xb7,
+    0x45, 0x69, 0x7d, 0xcb, 0x82, 0x43, 0x36, 0xf2, 0xd3, 0x73, 0x03, 0x26, 0xdc, 0xce, 0xb6, 0x68,
+    0xc8, 0xda, 0x18, 0xce, 0xf9, 0x56, 0xe4, 0x9a, 0xf3, 0x2c, 0x4f, 0x73, 0x43, 0x1f, 0xd6, 0x5e,
+    0x16, 0x1e, 0x4d, 0x94, 0xb3, 0xef, 0x3d, 0x05, 0xf6, 0x2b, 0x9d, 0xc0, 0x5a, 0xf0, 0xd9, 0xd4,
+    0x1b, 0x26, 0xa6, 0xd3, 0x09, 0x9a, 0x03, 0xb0, 0x92, 0x18, 0xa1, 0x7d, 0xf2, 0xf3, 0x75, 0xf8,
+    0x20, 0x52, 0xc2, 0xf1, 0xa1, 0x18, 0x3b, 0xa6, 0x11, 0x1b, 0x1c, 0x3a, 0x7d, 0xd5, 0x33, 0xe7,
+    0x9b, 0xad, 0x28, 0x91, 0xc8, 0xfa, 0xef, 0x6d, 0xd6, 0x74, 0xd1, 0x95, 0xc5, 0x21, 0xb9, 0xe2,
+    0xf3, 0xae, 0x7c, 0xec, 0x51, 0xd4, 0xdc, 0x8c, 0x70, 0x2f, 0xf2, 0x34, 0xcc, 0x39, 0x90, 0x41,
+    0xb8, 0x05, 0xfc, 0x87, 0x68, 0x72, 0x55, 0xe0, 0x29, 0xed, 0x65, 0x20, 0x1b, 0x28, 0x7b, 0x26,
+    0xf0, 0x54, 0x6a, 0x0b, 0x50, 0x44, 0x5d, 0xa7, 0x9e, 0xad, 0x5a, 0xbb, 0x6f, 0xe5, 0x61, 0x62,
+    0x2f, 0xc6, 0x8c, 0x0c, 0xa4, 0x8d, 0xfb, 0x21, 0xc1, 0xd4, 0x51, 0xcc, 0x17, 0xff, 0x80, 0x48,
+    0xba, 0xa9, 0x59, 0x3d, 0xd7, 0x92, 0xab, 0xd2, 0x9d, 0x11, 0x14, 0x6b, 0xd9, 0x01, 0x64, 0xa5,
+    0x4f, 0x30, 0x09, 0xdc, 0x84, 0xa5, 0xb6, 0x08, 0xf2, 0xf9, 0x75, 0x82, 0x90, 0x43, 0xd5, 0xa2,
+    0xbe, 0x32, 0xd0, 0x8a, 0x6a, 0x91, 0x94, 0xb6, 0x36, 0x2a, 0xf6, 0xfd, 0x9e, 0x53, 0x5a, 0x60,
+    0x12, 0x85, 0xc4, 0x23, 0x0e, 0xec, 0x02, 0x61, 0x5d, 0x10, 0x7f, 0x56, 0x1d, 0xa2, 0xe7, 0x11,
+    0x43, 0x5e, 0x51, 0xc6, 0x80, 0xa0, 0xf7, 0xa4, 0xcc, 0xb4, 0x90, 0xfb, 0x59, 0xb5, 0x97, 0x2e,
+    0xcf, 0xbb, 0x87, 0x9e, 0x45, 0xc5, 0x5a, 0xd5, 0xb6, 0x95, 0x05, 0x6a, 0xa7, 0x91, 0x19, 0xb8,
+    0xc9, 0x8c, 0xab, 0x93, 0x47, 0x26, 0x9b, 0x83, 0xa9, 0x52, 0x96, 0xb7, 0x22, 0xea, 0x38, 0xfe,
+    0x2a, 0x0b, 0xb6, 0xe6, 0xa7, 0xfe, 0xbb, 0x5c, 0x30, 0x91, 0x6a, 0x9e, 0x31, 0x58, 0x50, 0x2d,
+    0x11, 0x7f, 0xd2, 0xc4, 0x0f, 0x7c, 0x83, 0x4a, 0xb3, 0x92, 0xd7, 0xd9, 0xbe, 0x7e, 0x16, 0x32,
+    0x15, 0xe4, 0x5b, 0x73, 0xb2, 0x7f, 0xbc, 0x2e, 0x18, 0xa9, 0x35, 0x4f, 0xf9, 0x2c, 0x28, 0xf7,
+    0xf6, 0x63, 0x46, 0x06, 0x52, 0xa7, 0x9c, 0xf1, 0x81, 0x6a, 0xc9, 0x66, 0xea, 0x9e, 0x40, 0x24,
+    0x62, 0x5a, 0x20, 0x6a, 0x9f, 0xc8, 0xb3, 0x1b, 0x87, 0xd1, 0x55, 0x05, 0x45, 0x95, 0x4a, 0x69,
+    0xcc, 0x41, 0x91, 0x79, 0x44, 0x55, 0xdb, 0xfe, 0x58, 0x17, 0xad, 0xe5, 0x04, 0x4d, 0xe8, 0x9b,
+    0xe0, 0x7d, 0x0b, 0x92, 0xe1, 0x48, 0xa1, 0xf4, 0x77, 0x41, 0x54, 0xa6, 0xb0, 0x6e, 0x99, 0xf0,
+    0x8c, 0xe5, 0xd6, 0x58, 0xc5, 0x65, 0xad, 0x71, 0x7a, 0x21, 0x95, 0x91, 0xfe, 0x24, 0x8e, 0x96,
+    0x90, 0xa2, 0xef, 0xdb, 0x70, 0x6c, 0x10, 0x8e, 0xad, 0x80, 0x7e, 0xf5, 0xe8, 0x59, 0x34, 0x88,
+    0x47, 0xc5, 0xd8, 0x71, 0x3d, 0xa3, 0xc8, 0xc0, 0x67, 0x8f, 0x72, 0x6d, 0x1e, 0xe7, 0xa9, 0xeb,
+    0xff, 0xc0, 0x24, 0xf6, 0x55, 0xd1, 0x9d, 0x20, 0x4e, 0x62, 0x17, 0x4d, 0x05, 0xcf, 0xd2, 0xcd,
+    0x81, 0xdd, 0x3d, 0x1f, 0x7f, 0x10, 0x93, 0xc4, 0x1e, 0x12, 0xa9, 0x2c, 0x56, 0x27, 0x22, 0xba,
+    0x5e, 0x4f, 0xdb, 0x18, 0x8b, 0xd9, 0x35, 0x42, 0x41, 0x6b, 0xa2, 0x5b, 0x2e, 0x3d, 0xc3, 0x90,
+    0xfb, 0x5b, 0xad, 0x41, 0xe8, 0xd2, 0xa2, 0x44, 0xe5, 0x59, 0xf5, 0xdb, 0x42, 0x9d, 0xec, 0x08,
+    0x79, 0x7c, 0x86, 0xb9, 0x96, 0x52, 0xb0, 0xab, 0x15, 0xc9, 0xf4, 0x78, 0xb7, 0x66, 0x3f, 0x91,
+    0x36, 0x4c, 0x8f, 0x65, 0x12, 0xf7, 0x06, 0xa3, 0xe7, 0x30, 0x81, 0xfa, 0x27, 0x25, 0xea, 0x33,
+    0x32, 0xd7, 0x06, 0xd2, 0xaf, 0xf4, 0x39, 0xc7, 0x4c, 0x0b, 0x63, 0x6c, 0x60, 0x77, 0xd4, 0xf6,
+    0x0e, 0xc2, 0xfd, 0xa0, 0xbb, 0xe5, 0xbf, 0x9e, 0x8a, 0xb1, 0x94, 0x32, 0x0b, 0xdf, 0x5d, 0x0f,
+    0xd3, 0xfc, 0xbe, 0x1d, 0xf0, 0xcc, 0xe7, 0x2a, 0x61, 0x34, 0xee, 0x0e, 0xb1, 0xec, 0xa3, 0xa6,
+    0x33, 0x81, 0xb5, 0x8f, 0x11, 0x84, 0x46, 0xde, 0x16, 0x75, 0xba, 0xa8, 0x01, 0x82, 0x3a, 0x56,
+    0x53, 0x77, 0x30, 0x5f, 0x31, 0xac, 0x0b, 0xf7, 0x25, 0x58, 0x9e, 0xe6, 0x86, 0x3e, 0x6f, 0xbc,
+    0x87, 0xea, 0x11, 0x12, 0x7d, 0xf3, 0x52, 0x92, 0x01, 0xd5, 0x3a, 0xf1, 0xd3, 0x5c, 0x03, 0xfc,
+    0x21, 0x04, 0x71, 0xac, 0x1f, 0x68, 0x44, 0xbf, 0x4b, 0x65, 0xc5, 0xfe, 0x1c, 0x20, 0xdd, 0x47,
+    0xd4, 0x9d, 0x21, 0x4d, 0x4c, 0x5f, 0x59, 0x65, 0x24, 0x8d, 0xa4, 0x17, 0x55, 0x62, 0x6c, 0x40,
+    0x07, 0x61, 0x9f, 0x50, 0xbc, 0x93, 0xbe, 0x4f, 0x45, 0xb9, 0x4a, 0x19, 0xe4, 0x8e, 0xcf, 0xe6,
+    0x48, 0x51, 0x96, 0x8c, 0x38, 0x36, 0x08, 0x47, 0xb7, 0x40, 0x3f, 0x9b, 0x74, 0xcd, 0x1a, 0x44,
+    0xdd, 0x3e, 0x43, 0xbd, 0x4b, 0x29, 0x58, 0xb4, 0xeb, 0x85, 0x7a, 0x3c, 0xba, 0x33, 0xfe, 0xa9,
+    0x6e, 0x34, 0x78, 0x70, 0x9b, 0xcd, 0xf2, 0xb7, 0xb9, 0x9c, 0xb0, 0x7c, 0x8c, 0x63, 0x08, 0xe5,
+    0xc4, 0xb4, 0x40, 0xd4, 0xfd, 0x53, 0xa5, 0x36, 0xcd, 0x61, 0xaa, 0x0a, 0x8a, 0xe9, 0x94, 0xd2,
+    0x58, 0x78, 0xf7, 0x15, 0x89, 0x3a, 0xf4, 0x14, 0x5e, 0xac, 0x31, 0x86, 0xab, 0x46, 0xe2, 0xd6,
+    0x9c, 0xcc, 0xb7, 0xc1, 0x74, 0x69, 0x51, 0x22, 0x93, 0xcd, 0x9b, 0x8c, 0x21, 0xaf, 0x76, 0x04,
+    0x05, 0xcd, 0x3a, 0xea, 0x03, 0x73, 0x40, 0x7d, 0xf1, 0x45, 0x3b, 0x52, 0x26, 0xa7, 0xd0, 0x65,
+    0x19, 0x8a, 0x03, 0x69, 0xb6, 0x7a, 0xfd, 0x82, 0x26, 0xe4, 0xd0, 0x36, 0x30, 0xda, 0x6a, 0x7b,
+    0xd8, 0xf3, 0x79, 0x57, 0x48, 0x5a, 0x18, 0xc9, 0x1a, 0xc0, 0x41, 0x6e, 0x9c, 0x94, 0x2e, 0xcc,
+    0x80, 0x8b, 0x8e, 0x42, 0xc1, 0x60, 0xec, 0xdd, 0x44, 0x6c, 0x70, 0xe8, 0x37, 0xd2, 0xcc, 0x1a,
+    0x9e, 0x60, 0x12, 0x7b, 0xcb, 0x89, 0xaf, 0x10, 0x27, 0x31, 0xea, 0xc7, 0xe3, 0x86, 0x69, 0x87,
+    0x44, 0x3f, 0xce, 0x96, 0x3c, 0x33, 0x49, 0xeb, 0x89, 0x0d, 0xda, 0xe2, 0xbd, 0x3b, 0x58, 0xc8,
+    0xca, 0x76, 0xbd, 0x74, 0x46, 0xb6, 0x1a, 0xa8, 0x47, 0xd0, 0x3e, 0x38, 0x81, 0x36, 0xc9, 0xdd,
+    0x3d, 0x43, 0x48, 0x2f, 0xaa, 0x61, 0xf9, 0x40, 0x9c, 0xc4, 0x2e, 0x9a, 0x0a, 0x5d, 0x67, 0x59,
+    0x2e, 0x90, 0x3f, 0x51, 0x1a, 0xfd, 0x84, 0x38, 0x9b, 0xaa, 0x88, 0x08, 0x76, 0x0a, 0x6e, 0xe8,
+    0x72, 0x73, 0x41, 0xf3, 0x2e, 0xc4, 0x4f, 0x48, 0x6e, 0x3d, 0x5b, 0x18, 0x9a, 0x1e, 0xb2, 0xfb,
+    0x42, 0x08, 0xe2, 0x9b, 0x3e, 0xd0, 0x88, 0xbd, 0x96, 0xca, 0x49, 0x3f, 0x38, 0x40, 0x79, 0x8e,
+    0x65, 0x3b, 0xbf, 0x3a, 0x23, 0x5b, 0x0d, 0x54, 0xc2, 0x68, 0x1f, 0x1c, 0xa1, 0x1b, 0x85, 0x8f,
+  },
+  { /* 10 */
+    0xd4, 0x19, 0x2d, 0xd4, 0xc2, 0xc3, 0xd3, 0x9c, 0xe1, 0x5d, 0xa9, 0x18, 0x2c, 0xd1, 0xbe, 0x8f,
+    0x40, 0x7b, 0xcb, 0x40, 0x94, 0x34, 0xa6, 0x04, 0x50, 0xb3, 0x14, 0xdb, 0x6b, 0x25, 0x60, 0xb5,
+    0x97, 0xc0, 0xd2, 0x97, 0x3c, 0x7b, 0x81, 0x84, 0xc2, 0x71, 0xd1, 0x87, 0x95, 0x0f, 0x3d, 0xb7,
+    0x4d, 0x69, 0xb6, 0x4d, 0xd9, 0x84, 0x1d, 0xc1, 0xcf, 0xff, 0x43, 0x34, 0xeb, 0xa7, 0x8a, 0xbf,
+    0x03, 0xa2, 0x34, 0x03, 0x6a, 0x8c, 0xf4, 0x1c, 0x73, 0x9f, 0x6c, 0x44, 0xd2, 0xfb, 0xe3, 0x8d,
+    0xd1, 0x3c, 0x71, 0xd1, 0x7c, 0x94, 0x0c, 0xb8, 0x74, 0x3f, 0x1d, 0xd4, 0x99, 0x1f, 0x58, 0xdb,
+    0xf8, 0x08, 0x79, 0xf8, 0xe3, 0xac, 0xd6, 0xee, 0xc6, 0xdc, 0xd0, 0x47, 0x36, 0x48, 0x84, 0x45,
+    0xca, 0xc7, 0x26, 0xca, 0xc0, 0xf2, 0x54, 0x44, 0x19, 0xd2, 0x97, 0xf5, 0x14, 0x30, 0xaf, 0xb4,
+    0x53, 0xb7, 0xbd, 0x53, 0xdb, 0xb5, 0x9a, 0x19, 0x37, 0x70, 0x7d, 0xd9, 0xd3, 0x46, 0x9b, 0x84,
+    0x66, 0x20, 0x27, 0x66, 0x0a, 0xf5, 0xde, 0x3e, 0x9e, 0xf6, 0xc6, 0xdf, 0xd8, 0xe3, 0x55, 0xd7,
+    0xa5, 0x0f, 0x8d, 0xa5, 0x1f, 0x25, 0x03, 0x2e, 0x1d, 0x7f, 0x96, 0x35, 0xb7, 0x77, 0x16, 0x46,
+    0x10, 0x6e, 0x42, 0x10, 0x25, 0x0d, 0xc8, 0x01, 0x14, 0x5c, 0x05, 0x46, 0x6a, 0x98, 0x18, 0xbc,
+    0x6c, 0x6a, 0x9f, 0x6c, 0xb5, 0x5b, 0xa3, 0x76, 0x77, 0x32, 0x6d, 0x84, 0x71, 0xbc, 0x5a, 0x7f,
+    0x90, 0x98, 0x17, 0x90, 0xce, 0x65, 0x47, 0x09, 0xb4, 0xf9, 0x2d, 0x33, 0xbc, 0xd2, 0xd8, 0x15,
+    0x5e, 0xa5, 0xc0, 0x5e, 0x96, 0x05, 0x21, 0xdc, 0xa8, 0x3c, 0x2a, 0x36, 0x53, 0xc4, 0x71, 0x8e,
+    0xbd, 0x56, 0xee, 0xbd, 0xc9, 0xcf, 0xaf, 0xce, 0x03, 0x0d, 0x70, 0x50, 0xe8, 0xa3, 0x02, 0xa4,
+    0xc7, 0xd5, 0x5b, 0xc7, 0x8d, 0x42, 0xef, 0x81, 0x86, 0x9e, 0xc0, 0x1a, 0x94, 0xb2, 0x45, 0xbe,
+    0x20, 0xdc, 0x84, 0x20, 0x4a, 0x1a, 0x53, 0x02, 0x28, 0xb8, 0x0a, 0x8c, 0xd4, 0xf3, 0x30, 0xbb,
+    0x36, 0x35, 0xae, 0x36, 0xbb, 0xcc, 0xb0, 0x3b, 0xda, 0x19, 0xd7, 0x42, 0xd9, 0x5e, 0x2d, 0xde,
+    0xe6, 0xd6, 0x72, 0xe6, 0xe1, 0x9d, 0x51, 0x36, 0x3e, 0x53, 0xee, 0xaa, 0x0e, 0xa9, 0x95, 0x7e,
+    0xf3, 0x9d, 0x6c, 0xf3, 0x7a, 0xc7, 0x46, 0x13, 0xbf, 0x6d, 0x5f, 0x20, 0xd1, 0xff, 0x6b, 0x96,
+    0x78, 0xfe, 0x2c, 0x78, 0x08, 0xc4, 0x59, 0xe6, 0x66, 0x79, 0xf8, 0x32, 0xe0, 0x02, 0x44, 0xec,
+    0x60, 0xa7, 0x4f, 0x60, 0xde, 0x2e, 0xf5, 0x06, 0x78, 0x0b, 0x1e, 0x57, 0xbf, 0xd6, 0x50, 0x0e,
+    0x0c, 0xcd, 0xd0, 0x0c, 0x6b, 0x75, 0x56, 0x70, 0x0f, 0x39, 0x73, 0xd3, 0xce, 0x6a, 0x0a, 0x71,
+    0x3c, 0x7f, 0x16, 0x3c, 0x04, 0x62, 0xcd, 0x73, 0x33, 0xdd, 0x7c, 0x19, 0x70, 0x01, 0x22, 0x76,
+    0x7f, 0xa6, 0xe9, 0x7f, 0xfa, 0xda, 0x9f, 0x6b, 0x10, 0xf1, 0x04, 0x86, 0xc9, 0xdf, 0xa1, 0x4e,
+    0xc0, 0x8d, 0x9e, 0xc0, 0x7f, 0x5c, 0x29, 0x0c, 0xf0, 0x16, 0x3c, 0xae, 0xbd, 0x6f, 0xa0, 0x1c,
+    0xfa, 0x75, 0xe0, 0xfa, 0xaf, 0xe5, 0xcf, 0x47, 0x25, 0x36, 0x98, 0x3f, 0xaa, 0x5b, 0x87, 0xb3,
+    0xe5, 0x74, 0x46, 0xe5, 0x8b, 0x11, 0xa5, 0x2a, 0x4d, 0xcc, 0x82, 0xee, 0xdc, 0x52, 0x76, 0xf3,
+    0x2c, 0x11, 0x54, 0x2c, 0x21, 0x6f, 0x05, 0x72, 0x27, 0x81, 0x79, 0x5f, 0x1a, 0x99, 0x3a, 0xca,
+    0x29, 0x34, 0x08, 0x29, 0x9f, 0x38, 0xda, 0x56, 0xb2, 0xe3, 0xcd, 0x93, 0xaf, 0x57, 0xdc, 0x9e,
+    0xce, 0x3d, 0xd7, 0xce, 0x58, 0x60, 0x66, 0xd5, 0x1c, 0xc5, 0x07, 0x05, 0xef, 0x16, 0xa9, 0x9b,
+    0x7c, 0x04, 0xdd, 0x7c, 0x90, 0x56, 0x6b, 0x77, 0x63, 0x6e, 0x68, 0xc2, 0x1b, 0x24, 0x42, 0xc3,
+    0x07, 0x58, 0xc5, 0x07, 0xf2, 0x1e, 0xc6, 0x8d, 0x76, 0x88, 0xfc, 0xb4, 0x29, 0xdd, 0xe5, 0xa2,
+    0xb4, 0xbe, 0x62, 0xb4, 0x1c, 0xed, 0x26, 0x9a, 0x99, 0x56, 0xb7, 0x4f, 0x93, 0x07, 0xee, 0x81,
+    0x81, 0x29, 0xf8, 0x81, 0xcd, 0xad, 0x62, 0xbd, 0x30, 0xd0, 0x0c, 0x49, 0x98, 0xa2, 0x20, 0xd2,
+    0xa2, 0x57, 0x48, 0xa2, 0xed, 0x3b, 0xc5, 0xa3, 0x6b, 0xf7, 0x6a, 0x81, 0x9e, 0xaa, 0xf3, 0xe4,
+    0xf0, 0x3f, 0x58, 0xf0, 0x10, 0x4b, 0xb2, 0x0f, 0xcc, 0xf2, 0x33, 0x64, 0x03, 0x04, 0x88, 0x1b,
+    0xb6, 0xc3, 0xfb, 0xb6, 0x50, 0xa4, 0x3f, 0x33, 0x7a, 0xbc, 0xff, 0x37, 0x0f, 0x14, 0xed, 0x77,
+    0x43, 0xd9, 0xff, 0x43, 0xfe, 0xb8, 0x52, 0x18, 0x23, 0x2c, 0x78, 0x9f, 0xb9, 0xde, 0x83, 0x38,
+    0x67, 0xff, 0x8a, 0x67, 0x2c, 0x30, 0x33, 0x8b, 0x0e, 0x83, 0xe2, 0xe3, 0x96, 0x0b, 0xb5, 0xac,
+    0x59, 0xfd, 0x05, 0x59, 0x64, 0x1b, 0xe7, 0x51, 0xde, 0xb4, 0xd6, 0x82, 0x7a, 0x19, 0x94, 0x2c,
+    0xec, 0x9c, 0xca, 0xec, 0x5e, 0x33, 0x2c, 0x7e, 0xd7, 0x97, 0x45, 0xf1, 0xa7, 0xf6, 0x9a, 0xd6,
+    0x86, 0x71, 0x3d, 0x86, 0x3f, 0xb3, 0xa4, 0x30, 0x46, 0x58, 0xf0, 0xfd, 0xb1, 0x7f, 0xc5, 0x70,
+    0xf4, 0xc5, 0xa9, 0xf4, 0x88, 0xd9, 0x80, 0x9e, 0xc9, 0xe5, 0xa3, 0x94, 0xf8, 0x22, 0x8e, 0x34,
+    0xf6, 0xb8, 0x30, 0xf6, 0xc4, 0x90, 0x99, 0x37, 0x2a, 0x0f, 0xeb, 0xec, 0x64, 0x31, 0x8d, 0xc2,
+    0x5c, 0xd8, 0x59, 0x5c, 0xda, 0x4c, 0x38, 0x75, 0x4b, 0xd6, 0x62, 0x4e, 0xcf, 0xd7, 0x72, 0x78,
+    0x92, 0xe5, 0x8e, 0x92, 0x82, 0x2c, 0x5e, 0xa0, 0x57, 0x13, 0x65, 0x4b, 0x20, 0xc1, 0xdb, 0xe3,
+    0xa8, 0x1d, 0xf0, 0xa8, 0x52, 0x95, 0xb8, 0xeb, 0x82, 0x33, 0xc1, 0xda, 0x37, 0xf5, 0xfc, 0x4c,
+    0xcf, 0xe2, 0x7a, 0xcf, 0x7e, 0xa5, 0x8b, 0x60, 0x8c, 0xb0, 0x23, 0x39, 0xa1, 0xfe, 0x49, 0xe0,
+    0x2f, 0xb3, 0x60, 0x2f, 0x4b, 0xe3, 0xf1, 0x6e, 0x54, 0x1e, 0x15, 0x1b, 0xc8, 0x62, 0xd9, 0x47,
+    0xe9, 0xb9, 0x96, 0xe9, 0xe0, 0x64, 0xf3, 0x5a, 0x42, 0xf5, 0xf1, 0x3d, 0x12, 0x38, 0x7c, 0x82,
+    0x54, 0xef, 0x78, 0x54, 0x29, 0xab, 0x5c, 0x94, 0x41, 0xf8, 0x81, 0x6d, 0xfa, 0x9b, 0x7e, 0x26,
+    0x8f, 0x99, 0xb1, 0x8f, 0xea, 0x91, 0x2d, 0x64, 0xdc, 0x03, 0x37, 0xe2, 0xca, 0xdb, 0x29, 0x55,
+    0xaa, 0x60, 0x69, 0xaa, 0x1e, 0xdc, 0xa1, 0x42, 0x61, 0xd9, 0x89, 0xa2, 0xab, 0xe6, 0xff, 0xba,
+    0x24, 0x26, 0x75, 0x24, 0xd2, 0x88, 0x61, 0x93, 0x2d, 0xaf, 0x9a, 0x7c, 0x2f, 0xd5, 0x36, 0x94,
+    0x71, 0x16, 0xa0, 0x71, 0xdd, 0xe6, 0xd0, 0xb2, 0xfc, 0x22, 0x3f, 0x2d, 0x9b, 0xa6, 0xa8, 0xc9,
+    0x65, 0x82, 0x13, 0x65, 0x60, 0x79, 0x2a, 0x22, 0xed, 0x69, 0xaa, 0x9b, 0x0a, 0x18, 0xb6, 0x5a,
+    0x99, 0x70, 0x9b, 0x99, 0x1b, 0x47, 0xce, 0x5d, 0x2e, 0xa2, 0xea, 0x2c, 0xc7, 0x76, 0x34, 0x30,
+    0x96, 0x1f, 0x7f, 0x96, 0x1a, 0xbe, 0x6c, 0x31, 0x52, 0x04, 0xf5, 0xbb, 0xdb, 0xe7, 0xdd, 0xcc,
+    0x9c, 0x55, 0xc7, 0x9c, 0xa5, 0x10, 0x11, 0x79, 0xbb, 0xc0, 0x5e, 0xe0, 0x72, 0xb8, 0xd2, 0x64,
+    0xdd, 0xf1, 0xa1, 0xdd, 0x17, 0xe1, 0x5a, 0xc8, 0x7b, 0x06, 0x6e, 0x07, 0x57, 0x75, 0x52, 0xaa,
+    0x5a, 0x5f, 0x31, 0x5a, 0x0e, 0x97, 0x13, 0x4d, 0xad, 0x2b, 0xba, 0xc6, 0xa8, 0xe2, 0x77, 0xa1,
+    0x80, 0xf6, 0x55, 0x80, 0xeb, 0x68, 0x8f, 0x08, 0xa0, 0xa5, 0x28, 0x75, 0xd6, 0x4a, 0xc0, 0xa9,
+    0xe8, 0x66, 0x3b, 0xe8, 0xc6, 0xa1, 0x1e, 0xef, 0xd2, 0x80, 0xd5, 0x01, 0x5c, 0xd0, 0x9c, 0xf9,
+    0x50, 0x15, 0x89, 0x50, 0xb1, 0x39, 0x6e, 0x05, 0x44, 0xef, 0x11, 0x9d, 0x01, 0xbd, 0x78, 0x09,
+    0x57, 0x4d, 0x4c, 0x57, 0x43, 0x27, 0xa8, 0x88, 0x32, 0x67, 0xed, 0x29, 0x28, 0x60, 0x9d, 0xab,
+    0xe4, 0xab, 0xeb, 0xe4, 0xad, 0xd4, 0x48, 0x9f, 0xdd, 0xb9, 0xa6, 0xd2, 0x92, 0xba, 0x96, 0x88,
+    0x1e, 0xde, 0x0b, 0x1e, 0x02, 0x31, 0x87, 0xd8, 0xf8, 0x8f, 0x3e, 0xed, 0x38, 0xe1, 0x11, 0x3b,
+    0x84, 0x0c, 0xa4, 0x84, 0x73, 0xfa, 0xbd, 0x99, 0xa5, 0xb2, 0xb8, 0x85, 0x2d, 0x6c, 0xc6, 0x86,
+    0x15, 0x4b, 0x1e, 0x15, 0x9b, 0x5a, 0x17, 0x25, 0x81, 0x3e, 0xb1, 0x8a, 0xdf, 0x56, 0xfe, 0xe8,
+    0x41, 0xa4, 0x66, 0x41, 0xb2, 0xf1, 0x4b, 0xb1, 0xc0, 0xc6, 0x30, 0xe7, 0x25, 0xcd, 0x80, 0xce,
+    0x19, 0x86, 0xce, 0x19, 0xf0, 0x2f, 0x41, 0x55, 0x8e, 0x07, 0xc2, 0x59, 0x11, 0x3c, 0xf4, 0x99,
+    0x26, 0x5b, 0xec, 0x26, 0x9e, 0xc1, 0x78, 0x3a, 0xce, 0x45, 0xd2, 0x04, 0xb3, 0xc6, 0x35, 0x62,
+    0xa0, 0x2a, 0xd1, 0xa0, 0xa1, 0x72, 0xdc, 0x0a, 0x88, 0x1d, 0x22, 0xf9, 0x02, 0xb9, 0xf0, 0x12,
+    0x0b, 0x95, 0x15, 0x0b, 0x99, 0x6b, 0x90, 0xfd, 0x79, 0xb1, 0x8f, 0x67, 0xe7, 0xb7, 0xef, 0xd3,
+    0x22, 0xa1, 0x1d, 0x22, 0x06, 0x53, 0x4a, 0xab, 0xcb, 0x52, 0x42, 0xf4, 0x48, 0xe0, 0x33, 0x4d,
+    0x9d, 0x8a, 0x6a, 0x9d, 0x83, 0xd5, 0xfc, 0xcc, 0x2b, 0xb5, 0x7a, 0xdc, 0x3c, 0x50, 0x32, 0x1f,
+    0xf5, 0x1a, 0x04, 0xf5, 0xae, 0x1c, 0x6d, 0x2b, 0x59, 0x90, 0x87, 0xa8, 0xb6, 0xca, 0x6e, 0x4f,
+    0xda, 0xa9, 0x64, 0xda, 0xe5, 0xff, 0x9c, 0x45, 0x0d, 0x8e, 0x92, 0xb3, 0x7e, 0xa8, 0xb7, 0x08,
+    0x37, 0xea, 0x03, 0x37, 0x9d, 0x09, 0x5d, 0x8e, 0x4a, 0x6c, 0xf3, 0x7e, 0x97, 0xb6, 0xcd, 0xa5,
+    0xa7, 0x72, 0x14, 0xa7, 0x53, 0x6c, 0x1a, 0x87, 0xfe, 0x95, 0xde, 0x4d, 0x2b, 0x64, 0x15, 0xb0,
+    0xcd, 0x9f, 0xe3, 0xcd, 0x32, 0xec, 0x92, 0xc9, 0x6f, 0x5a, 0x6b, 0x41, 0x3d, 0xed, 0x4a, 0x16,
+    0x63, 0x05, 0x7b, 0x63, 0xb4, 0xa2, 0x01, 0x1a, 0x0b, 0x94, 0x72, 0x13, 0x6d, 0x2d, 0xb3, 0x83,
+    0xbc, 0x89, 0x43, 0xbc, 0xef, 0x0a, 0x42, 0x7b, 0x93, 0x78, 0x54, 0x6c, 0xa6, 0x4b, 0xe2, 0xdf,
+    0xe2, 0x2c, 0x83, 0xe2, 0x79, 0x0f, 0x63, 0xa7, 0x3b, 0x44, 0x7e, 0x5a, 0xf5, 0x8f, 0x93, 0x51,
+    0xd6, 0x64, 0xb4, 0xd6, 0x8e, 0x8a, 0xca, 0x35, 0x02, 0xb7, 0xe1, 0x60, 0xb0, 0xc2, 0xbd, 0x79,
+    0x94, 0x62, 0xe6, 0x94, 0x56, 0xf7, 0x75, 0x98, 0xb1, 0xee, 0xbd, 0xc3, 0x47, 0xf4, 0xde, 0x3a,
+    0xa4, 0xd0, 0x20, 0xa4, 0x39, 0xe0, 0xee, 0x9b, 0x8d, 0x0a, 0xb2, 0x09, 0xf9, 0x9f, 0xf6, 0x3d,
+    0x88, 0xc1, 0x74, 0x88, 0x18, 0x8f, 0xeb, 0xe9, 0xaa, 0x8b, 0xcb, 0x56, 0xe3, 0x06, 0xcc, 0xf7,
+    0x62, 0xda, 0xd6, 0x62, 0x92, 0x67, 0xec, 0xaf, 0x9b, 0xe1, 0x56, 0x2f, 0x23, 0xc5, 0x53, 0xf8,
+    0x2e, 0x6c, 0xcd, 0x2e, 0x6d, 0x26, 0x1c, 0xdb, 0xc4, 0x6b, 0x31, 0x27, 0x86, 0x8a, 0x39, 0x3c,
+    0xc8, 0xba, 0xbf, 0xc8, 0x8c, 0xbb, 0x4d, 0xed, 0xfa, 0x38, 0xdf, 0x8d, 0x88, 0x23, 0xac, 0x42,
+    0x18, 0x59, 0x63, 0x18, 0xd6, 0xea, 0xac, 0xe0, 0x1e, 0x72, 0xe6, 0x65, 0x5f, 0xd4, 0x14, 0xe2,
+    0x06, 0x87, 0x68, 0x06, 0xd4, 0xdb, 0x2b, 0x38, 0xe6, 0xfd, 0xd8, 0x88, 0x67, 0x35, 0x05, 0xd9,
+    0x16, 0xe9, 0x2a, 0x16, 0xf1, 0xd6, 0xe3, 0x39, 0xf2, 0xa1, 0xdd, 0xce, 0x0d, 0xad, 0x1d, 0x65,
+    0x13, 0xcc, 0x76, 0x13, 0x4f, 0x81, 0x3c, 0x1d, 0x67, 0xc3, 0x69, 0x02, 0xb8, 0x63, 0xfb, 0x31,
+    0xd2, 0x9e, 0x45, 0xd2, 0x16, 0x18, 0xf8, 0xa4, 0x07, 0xa0, 0x71, 0x90, 0x4b, 0xe4, 0xbb, 0x56,
+    0x5b, 0x80, 0x9c, 0x5b, 0x28, 0x52, 0xfe, 0xf8, 0x3d, 0x5e, 0x9e, 0xfa, 0xe6, 0x0a, 0x97, 0xda,
+    0xff, 0x50, 0xbc, 0xff, 0x11, 0xb2, 0x10, 0x63, 0xb0, 0x54, 0x2c, 0xf3, 0x1f, 0x95, 0x61, 0xe7,
+    0xbb, 0xd1, 0x86, 0xbb, 0x1d, 0x14, 0x84, 0xf6, 0xe5, 0xf0, 0xa8, 0xd8, 0x8f, 0x96, 0x07, 0x7d,
+    0xc2, 0xf0, 0x07, 0xc2, 0x33, 0x15, 0x30, 0xa5, 0x13, 0xfc, 0x74, 0xd6, 0x21, 0x7c, 0xa3, 0xea,
+    0xb9, 0xac, 0x1f, 0xb9, 0x51, 0x5d, 0x9d, 0x5f, 0x06, 0x1a, 0xe0, 0xa0, 0x13, 0x85, 0x04, 0x8b,
+    0xbf, 0x2b, 0x77, 0xbf, 0x85, 0x86, 0xb6, 0x67, 0xe0, 0xe7, 0x38, 0x28, 0x74, 0xb0, 0x01, 0x52,
+    0xef, 0x3e, 0xfe, 0xef, 0x34, 0xbf, 0xd8, 0x62, 0xa4, 0x08, 0x29, 0xb5, 0x75, 0x0d, 0x79, 0x5b,
+    0xdc, 0x2e, 0x0c, 0xdc, 0x31, 0x24, 0xb7, 0x7d, 0xeb, 0x73, 0x4a, 0x3b, 0x19, 0x9d, 0xb2, 0xd1,
+    0x1b, 0xfb, 0x57, 0x1b, 0xbc, 0x66, 0x58, 0xfc, 0x6d, 0xed, 0x8a, 0x21, 0x8d, 0x2f, 0xf7, 0x6f,
+    0x27, 0x84, 0x41, 0x27, 0xb8, 0x04, 0x95, 0x8f, 0x5e, 0x30, 0xf6, 0x38, 0xfd, 0x2e, 0xd5, 0x19,
+    0x3e, 0x02, 0x8f, 0x3e, 0x48, 0x2b, 0xd4, 0xda, 0xd0, 0x37, 0x34, 0x61, 0xec, 0x12, 0x21, 0x80,
+    0xe7, 0x09, 0xdf, 0xe7, 0xc7, 0x58, 0xbc, 0x83, 0xae, 0x26, 0xca, 0x96, 0x40, 0x41, 0x75, 0x05,
+    0xb0, 0x44, 0x93, 0xb0, 0x84, 0x7f, 0x14, 0x0b, 0x9c, 0x41, 0x27, 0xbf, 0x68, 0x21, 0xe8, 0xae,
+    0x69, 0x4f, 0xc3, 0x69, 0x0b, 0x0c, 0x7c, 0x52, 0xe2, 0x50, 0xd9, 0x48, 0xc4, 0x72, 0xbc, 0x2b,
+    0x21, 0x03, 0x29, 0x21, 0x6c, 0xdf, 0xbe, 0xb7, 0xb8, 0xcd, 0x2e, 0xb0, 0x9a, 0x1b, 0xd0, 0xc0,
+    0x0f, 0x6f, 0xe4, 0x0f, 0x01, 0xf9, 0xa2, 0x6c, 0x7c, 0xa6, 0x1f, 0x97, 0x1c, 0x91, 0xe9, 0xfc,
+    0xf1, 0xe0, 0xf5, 0xf1, 0x36, 0x8e, 0x5f, 0xba, 0x5c, 0x87, 0x17, 0x58, 0x4d, 0xec, 0x68, 0x60,
+    0x1a, 0x24, 0xfa, 0x1a, 0x9a, 0xa3, 0xb5, 0x49, 0xfd, 0x98, 0xae, 0x1d, 0xc3, 0xc7, 0x17, 0x14,
+    0x0d, 0x12, 0x7d, 0x0d, 0x4d, 0xb0, 0xbb, 0xc5, 0x9f, 0x4c, 0x57, 0xef, 0x80, 0x82, 0xea, 0x0a,
+    0xa6, 0xad, 0xb9, 0xa6, 0x75, 0xa9, 0xf7, 0x32, 0x6e, 0xe0, 0xfa, 0x71, 0x65, 0x8c, 0xf5, 0xcb,
+    0x02, 0x7d, 0x99, 0x02, 0x4c, 0x49, 0x19, 0xa9, 0xe3, 0xea, 0x48, 0x78, 0x9c, 0x13, 0x03, 0xf6,
+    0x6a, 0xed, 0xf7, 0x6a, 0x61, 0x80, 0x88, 0x4e, 0x91, 0xcf, 0xb5, 0x0c, 0x16, 0x89, 0x5f, 0xa6,
+    0x08, 0x37, 0x21, 0x08, 0xf3, 0xe7, 0x64, 0xe1, 0x0a, 0x2e, 0xe3, 0x23, 0x35, 0x4c, 0x0c, 0x5e,
+    0x4c, 0xb6, 0x1b, 0x4c, 0xff, 0x41, 0xf0, 0x74, 0x5f, 0x8a, 0x67, 0x08, 0xa5, 0x4f, 0x6a, 0xc4,
+    0x49, 0x93, 0x47, 0x49, 0x41, 0x16, 0x2f, 0x50, 0xca, 0xe8, 0xd3, 0xc4, 0x10, 0x81, 0x8c, 0x90,
+    0x91, 0x47, 0xba, 0x91, 0xe8, 0xa0, 0xaa, 0xbc, 0x24, 0x8c, 0x09, 0x0f, 0xf2, 0x3a, 0x38, 0x6e,
+    0xe1, 0x8e, 0xb7, 0xe1, 0x13, 0x83, 0x97, 0xbb, 0x48, 0xdb, 0x12, 0x1e, 0x27, 0x74, 0x70, 0xdc,
+    0x8b, 0x63, 0x40, 0x8b, 0x72, 0x03, 0x1f, 0xf5, 0xd9, 0x14, 0xa7, 0x12, 0x31, 0xfd, 0x2f, 0x7a,
+    0x14, 0x94, 0xb3, 0x14, 0xbd, 0x9f, 0xfa, 0x90, 0x11, 0x4b, 0x95, 0xb6, 0x91, 0xbe, 0x1e, 0x93,
+    0x95, 0xbd, 0x4b, 0x95, 0x70, 0x32, 0x98, 0x2d, 0x21, 0x9b, 0x99, 0xff, 0x09, 0x1c, 0x3e, 0x41,
+    0xb8, 0x73, 0xb2, 0xb8, 0x77, 0x98, 0x70, 0xea, 0x96, 0x6f, 0xc4, 0x9c, 0x5d, 0x6d, 0xe4, 0xf0,
+    0x9e, 0x28, 0x5e, 0x9e, 0xe9, 0x59, 0x08, 0xd0, 0x58, 0x2a, 0x16, 0x98, 0xee, 0xab, 0xd1, 0x92,
+    0xeb, 0xc4, 0x0f, 0xeb, 0xac, 0x2d, 0xea, 0xf3, 0xa1, 0x1f, 0xb9, 0x45, 0x8e, 0x2b, 0x7f, 0x74,
+    0x6e, 0x17, 0x06, 0x6e, 0xf9, 0x12, 0xba, 0xdf, 0x94, 0xd8, 0x25, 0xfc, 0xed, 0xaf, 0x59, 0x89,
+    0xc3, 0x2f, 0xaa, 0xc3, 0x15, 0xd0, 0xdd, 0x10, 0x83, 0x89, 0x50, 0xea, 0x6f, 0x94, 0x43, 0x91,
+    0x98, 0xaf, 0x36, 0x98, 0x3d, 0x82, 0x23, 0xe8, 0xbe, 0xd7, 0xce, 0x10, 0x89, 0x9e, 0xd4, 0x4b,
+    0x70, 0xc9, 0x0d, 0x70, 0xfb, 0x23, 0x3d, 0x07, 0x6c, 0x57, 0x1b, 0x11, 0xd5, 0x4e, 0x48, 0xb2,
+    0x72, 0xb4, 0x94, 0x72, 0xb7, 0x6a, 0x24, 0xae, 0x8f, 0xbd, 0x53, 0x69, 0x49, 0x5d, 0x4b, 0x44,
+    0x04, 0xfa, 0xf1, 0x04, 0x98, 0x92, 0x32, 0x91, 0x05, 0x17, 0x90, 0xf0, 0xfb, 0x26, 0x06, 0x2f,
+    0xed, 0x43, 0x67, 0xed, 0x78, 0xf6, 0xc1, 0xcb, 0x47, 0xe2, 0x61, 0xcd, 0xe9, 0x1e, 0x7a, 0xad,
+    0xf2, 0x42, 0xc1, 0xf2, 0x5c, 0x02, 0xab, 0xa6, 0x2f, 0x18, 0x7b, 0x1c, 0x9f, 0x17, 0x8b, 0xed,
+    0x47, 0x23, 0x0e, 0x47, 0x66, 0x2a, 0x60, 0x89, 0x26, 0x3b, 0xe8, 0x6f, 0x42, 0xf8, 0x85, 0x17,
+    0x45, 0x5e, 0x97, 0x45, 0x2a, 0x63, 0x79, 0x20, 0xc5, 0xd1, 0xa0, 0x17, 0xde, 0xeb, 0x86, 0xe1,
+    0x9a, 0xd2, 0xaf, 0x9a, 0x71, 0xcb, 0x3a, 0x41, 0x5d, 0x3d, 0x86, 0x68, 0x15, 0x8d, 0xd7, 0xbd,
+    0xd5, 0xc6, 0x80, 0xd5, 0xe4, 0x06, 0x3e, 0x29, 0x71, 0x28, 0x8d, 0x24, 0x62, 0x39, 0x5e, 0xf4,
+    0xd9, 0x0b, 0x50, 0xd9, 0x8f, 0x73, 0x68, 0x59, 0x7e, 0x11, 0xfe, 0xf7, 0xac, 0x53, 0x54, 0x85,
+    0x8d, 0xe4, 0x28, 0x8d, 0xa6, 0xd8, 0x34, 0xcd, 0x3f, 0xe9, 0x7f, 0x9a, 0x56, 0xc8, 0x2a, 0xa3,
+    0x3b, 0x27, 0xd3, 0x3b, 0xf6, 0x7c, 0x0b, 0xfe, 0x45, 0x55, 0x80, 0xad, 0x59, 0xdc, 0xc7, 0xd4,
+    0x6f, 0xc8, 0xab, 0x6f, 0xdf, 0xd7, 0x57, 0x6a, 0x04, 0xad, 0x01, 0xc0, 0xa3, 0x47, 0xb9, 0xf2,
+    0x4e, 0xcb, 0x82, 0x4e, 0xb3, 0x08, 0xe9, 0xdd, 0xbc, 0x60, 0x2f, 0x70, 0x39, 0x5c, 0x69, 0x32,
+    0x34, 0x48, 0x37, 0x34, 0xf7, 0x85, 0xa9, 0x92, 0x39, 0xf3, 0x9f, 0x3a, 0x45, 0x4d, 0x2e, 0x28,
+    0x74, 0x33, 0xfc, 0x74, 0x63, 0xb1, 0x0f, 0x96, 0x69, 0x40, 0x8b, 0xe1, 0x2e, 0x68, 0x4e, 0x9d,
+    0x9f, 0xf7, 0xf3, 0x9f, 0xcf, 0x9c, 0xe5, 0x65, 0xc8, 0x5f, 0x32, 0xa4, 0xa0, 0x43, 0x31, 0xe9,
+    0x7d, 0xdb, 0x70, 0x7d, 0xb6, 0x93, 0x86, 0xc2, 0xf3, 0x1b, 0x4c, 0xfe, 0x55, 0xcc, 0xa2, 0xb8,
+    0x61, 0x78, 0xe2, 0x61, 0xf8, 0xeb, 0x18, 0xb3, 0xe8, 0x7e, 0x3a, 0x6b, 0xf1, 0x3e, 0xb0, 0x75,
+    0x31, 0x6d, 0x6b, 0x31, 0x49, 0xd2, 0x76, 0xb6, 0xac, 0x91, 0x2b, 0xf6, 0xf0, 0x83, 0xc8, 0x7c,
+    0x09, 0xe8, 0x8c, 0x09, 0xd5, 0x22, 0x89, 0x54, 0x9a, 0x5b, 0xc7, 0x1f, 0x7b, 0xa4, 0xec, 0x25,
+    0x12, 0x13, 0xdb, 0x12, 0x69, 0x44, 0xd1, 0xa8, 0xf7, 0xb6, 0x4d, 0x3e, 0xf6, 0x8b, 0x1b, 0x4a,
+    0x64, 0x5d, 0xbe, 0x64, 0x46, 0xbc, 0xc7, 0x97, 0x7d, 0x1c, 0x8e, 0xa7, 0x44, 0xf0, 0x56, 0x21,
+    0xd7, 0xbb, 0x19, 0xd7, 0xa8, 0x4f, 0x27, 0x80, 0x92, 0xc2, 0xc5, 0x5c, 0xfe, 0x2a, 0x5d, 0x02,
+    0x93, 0x3a, 0x23, 0x93, 0xa4, 0xe9, 0xb3, 0x15, 0xc7, 0x66, 0x41, 0x77, 0x6e, 0x29, 0x3b, 0x98,
+    0x3a, 0xf8, 0x7e, 0x3a, 0xd0, 0xb9, 0xe6, 0x4b, 0xd5, 0x20, 0xa4, 0x91, 0x17, 0x34, 0x27, 0xaf,
+    0xa3, 0x88, 0xe5, 0xa3, 0xcb, 0xfe, 0x28, 0x16, 0xfb, 0x82, 0x4e, 0xbd, 0xd0, 0x42, 0x13, 0x9f,
+    0xad, 0x38, 0xac, 0xad, 0xec, 0xc2, 0x67, 0xcf, 0x17, 0x51, 0x75, 0x16, 0x82, 0x3b, 0x1a, 0x18,
+    0x1c, 0xa3, 0x92, 0x1c, 0x4e, 0x78, 0x9e, 0x71, 0x1b, 0x65, 0x76, 0x95, 0xa4, 0xf2, 0x12, 0xcd,
+    0x7e, 0x79, 0x44, 0x7e, 0xdc, 0x1f, 0x72, 0xde, 0x80, 0x84, 0x20, 0xba, 0x87, 0x37, 0x41, 0x35,
+    0x76, 0x4e, 0x65, 0x76, 0x2f, 0xf8, 0x16, 0x3f, 0x8a, 0xaa, 0xc3, 0x99, 0xb2, 0x7b, 0x4d, 0x6b,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x33, 0x10, 0xf2, 0x33, 0x05, 0x9b, 0x6f, 0x1f, 0x4f, 0x7b, 0x63, 0x8e, 0x6c, 0x90, 0xcb, 0x8a,
+    0xf7, 0x67, 0x9d, 0xf7, 0xe2, 0x55, 0x74, 0x82, 0xba, 0x7a, 0xcf, 0xd0, 0x2a, 0xd9, 0x6d, 0xb9,
+    0x28, 0xeb, 0xa5, 0x28, 0xb9, 0xfd, 0x37, 0xe3, 0x22, 0x96, 0xe9, 0xaf, 0xe1, 0xbf, 0x3c, 0xe5,
+    0x23, 0x7e, 0xb0, 0x23, 0x20, 0x96, 0xa7, 0x1e, 0x5b, 0x27, 0x66, 0xc8, 0x06, 0x08, 0xd3, 0x36,
+    0xb2, 0x39, 0x0a, 0xb2, 0xc8, 0x36, 0x0d, 0xa2, 0x7f, 0xab, 0x6f, 0xc7, 0xf4, 0x32, 0xeb, 0x58,
+    0xbe, 0xf4, 0xda, 0xbe, 0xa3, 0x43, 0x5b, 0xd2, 0x70, 0x92, 0x1c, 0x14, 0x3a, 0x58, 0xe1, 0x29,
+    0x42, 0x06, 0x52, 0x42, 0xd8, 0x7d, 0xbf, 0xad, 0xb3, 0x59, 0x5c, 0xa3, 0xf7, 0x36, 0x63, 0x43,
+    0x11, 0xb1, 0xef, 0x11, 0x03, 0xc8, 0x25, 0xb4, 0x84, 0x29, 0x21, 0x7a, 0x24, 0x70, 0xf8, 0xc7,
+    0xc4, 0x77, 0x6f, 0xc4, 0xe7, 0xce, 0x1b, 0x9d, 0xf5, 0x01, 0xac, 0x5e, 0x46, 0x49, 0xa6, 0x33,
+    0x5f, 0x7a, 0x6d, 0x5f, 0xb0, 0xc0, 0xcc, 0x69, 0x38, 0x49, 0x0e, 0x0a, 0x1d, 0x2c, 0x91, 0xf5,
+    0x30, 0xb2, 0xc6, 0x30, 0x6f, 0x17, 0x9b, 0x03, 0x3c, 0xe4, 0x0f, 0xca, 0xbe, 0x6b, 0x28, 0x07,
+    0x01, 0xdf, 0xad, 0x01, 0x26, 0xc5, 0xed, 0xb5, 0x90, 0x75, 0x24, 0x3c, 0x4e, 0xe8, 0xe0, 0x7b,
+    0xd8, 0xd4, 0xfd, 0xd8, 0xa9, 0xb6, 0x85, 0xec, 0xee, 0x64, 0xda, 0xcb, 0xe2, 0xbb, 0xb4, 0xfe,
+    0x05, 0x25, 0x5c, 0x05, 0xbe, 0x57, 0xdf, 0x24, 0x95, 0x62, 0xb4, 0xcc, 0xb5, 0xce, 0xe6, 0x54,
+    0x32, 0xcf, 0x5f, 0x32, 0x23, 0x5e, 0x82, 0xaa, 0xdf, 0x0e, 0x47, 0xb2, 0x22, 0x78, 0x2b, 0xf1,
+    0xdf, 0x8c, 0x38, 0xdf, 0x5b, 0xa8, 0x43, 0x61, 0x98, 0xec, 0x26, 0x7f, 0xcb, 0x66, 0x51, 0x5c,
+    0xba, 0x0e, 0x2b, 0xba, 0x3b, 0xd1, 0x69, 0x43, 0x75, 0x85, 0x8c, 0xe4, 0xc1, 0x7e, 0xe7, 0x06,
+    0x8e, 0x46, 0x1c, 0x8e, 0xcc, 0x54, 0xc0, 0xd1, 0x4c, 0x76, 0x13, 0xde, 0x84, 0x33, 0xc9, 0x2e,
+    0x73, 0x6b, 0x39, 0x73, 0x91, 0xaf, 0xc9, 0x1b, 0x1f, 0xc8, 0x77, 0x55, 0x07, 0xb5, 0xab, 0x3f,
+    0xfd, 0x2d, 0x25, 0xfd, 0x5d, 0xfb, 0x09, 0xca, 0x53, 0xbe, 0x64, 0x8b, 0x83, 0x86, 0x62, 0x11,
+    0x8c, 0x3b, 0x85, 0x8c, 0x80, 0x1d, 0xd9, 0x78, 0xaf, 0x9c, 0x5b, 0xa6, 0x18, 0x20, 0xca, 0xd8,
+    0xb3, 0xe6, 0xa7, 0xb3, 0xee, 0xf3, 0xe0, 0x17, 0xef, 0xde, 0x4b, 0xfb, 0xba, 0xda, 0x0b, 0x23,
+    0x56, 0x92, 0xe1, 0x56, 0x65, 0xe2, 0x45, 0x3d, 0xa2, 0x12, 0xc9, 0x15, 0x66, 0x88, 0x7d, 0xd0,
+    0x2b, 0x49, 0x91, 0x2b, 0xd3, 0x71, 0xc3, 0xff, 0x51, 0x09, 0x85, 0xeb, 0x33, 0x44, 0xdf, 0x68,
+    0x82, 0x8b, 0xcc, 0x82, 0xa7, 0x21, 0x96, 0xa1, 0x43, 0x4f, 0x60, 0x0d, 0x4a, 0x59, 0xc3, 0x5f,
+    0x6b, 0x32, 0x5a, 0x6b, 0x47, 0x45, 0x65, 0xfb, 0x01, 0xba, 0x91, 0x30, 0x58, 0x61, 0xbf, 0xdd,
+    0x87, 0xae, 0x90, 0x87, 0x19, 0x76, 0x49, 0x85, 0xd6, 0x2d, 0xd4, 0xc1, 0xff, 0x97, 0x25, 0x0b,
+    0xae, 0x9a, 0x98, 0xae, 0x86, 0x4e, 0x93, 0xd3, 0x64, 0xce, 0x19, 0x52, 0x50, 0xc0, 0xf9, 0x95,
+    0x46, 0xfc, 0xa3, 0x46, 0x40, 0xef, 0x8d, 0x3c, 0xb6, 0x4e, 0xcc, 0x53, 0x0c, 0x10, 0x65, 0x6c,
+    0xa9, 0xc2, 0x5d, 0xa9, 0x74, 0x50, 0x55, 0x5e, 0x12, 0x46, 0xe5, 0xe6, 0x79, 0x1d, 0x1c, 0x37,
+    0xe0, 0x51, 0x1a, 0xe0, 0x35, 0x46, 0x7a, 0x0e, 0xd8, 0xae, 0x36, 0x22, 0x69, 0x9c, 0x90, 0xa7,
+    0xc6, 0x0a, 0xf6, 0xc6, 0xab, 0x87, 0x02, 0x34, 0x16, 0xeb, 0xe4, 0x26, 0xda, 0x5a, 0xa5, 0xc5,
+    0xaf, 0x45, 0x35, 0xaf, 0xa0, 0x8b, 0x7e, 0x66, 0xf4, 0xbb, 0x3d, 0x6e, 0x1e, 0x28, 0x19, 0xee,
+    0xb1, 0x9b, 0x3e, 0xb1, 0xa2, 0xba, 0xf9, 0xbe, 0x0c, 0x34, 0x03, 0x83, 0x26, 0xc9, 0x08, 0xd5,
+    0x0e, 0xb0, 0x49, 0x0e, 0x27, 0x3c, 0x4f, 0xd9, 0xec, 0xd3, 0x3b, 0xab, 0x52, 0x79, 0x09, 0x87,
+    0x89, 0x1e, 0xd9, 0x89, 0x3e, 0x4a, 0x06, 0x5c, 0x3a, 0xfe, 0xef, 0x6a, 0xad, 0xee, 0x2c, 0x8c,
+    0x79, 0x21, 0x81, 0x79, 0x2e, 0x01, 0xb4, 0x53, 0xf6, 0x0c, 0xdc, 0x0e, 0xae, 0xea, 0xa4, 0x97,
+    0xd3, 0x41, 0xe8, 0xd3, 0x30, 0xdd, 0x15, 0x11, 0x97, 0xd5, 0x55, 0xac, 0x05, 0x0c, 0x5b, 0x2d,
+    0x2d, 0xce, 0xf9, 0x2d, 0x07, 0xaa, 0xe8, 0xc7, 0xb7, 0xf4, 0x5d, 0x63, 0x54, 0x71, 0xda, 0xb1,
+    0xc9, 0x65, 0x12, 0xc9, 0xaa, 0x7e, 0xa0, 0x58, 0x6a, 0x4d, 0xfb, 0xb1, 0xc6, 0xcb, 0x4c, 0x39,
+    0x0a, 0x4a, 0xb8, 0x0a, 0xbf, 0xae, 0x7d, 0x48, 0xe9, 0xc4, 0xab, 0x5b, 0xa9, 0x5f, 0x0f, 0xa8,
+    0xdb, 0x76, 0xc9, 0xdb, 0xc3, 0x3a, 0x71, 0xf0, 0x9d, 0xfb, 0xb6, 0x8f, 0x30, 0x40, 0x57, 0x73,
+    0x7b, 0x5c, 0x18, 0x7b, 0x62, 0x48, 0xad, 0xfa, 0x15, 0xe6, 0x94, 0x76, 0x32, 0xf9, 0xa7, 0x61,
+    0xde, 0x53, 0x95, 0xde, 0x7d, 0x6d, 0xae, 0xd4, 0x08, 0x99, 0x02, 0x43, 0x85, 0x8e, 0xb1, 0x27,
+    0x48, 0x4c, 0xea, 0x48, 0x67, 0xd3, 0xc2, 0xe5, 0x5a, 0x9d, 0xf7, 0xf8, 0x5e, 0x69, 0x6c, 0xeb,
+    0xe3, 0xf3, 0x2e, 0xe3, 0x5f, 0xca, 0x8e, 0x12, 0xab, 0x31, 0x5a, 0x66, 0xbb, 0x67, 0x73, 0x2a,
+    0x4b, 0xee, 0xde, 0x4b, 0x0d, 0x5f, 0x36, 0xf9, 0x29, 0x02, 0x9b, 0xbc, 0x8c, 0x92, 0x8f, 0x66,
+    0x35, 0x97, 0x9a, 0x35, 0xd1, 0x40, 0x44, 0x27, 0xa9, 0x86, 0xbb, 0x06, 0x0b, 0xa5, 0xce, 0x53,
+    0x8a, 0xbc, 0xed, 0x8a, 0x54, 0xc6, 0xf2, 0x40, 0x49, 0x61, 0x83, 0x2e, 0x7f, 0x15, 0xcf, 0x01,
+    0xfb, 0xaa, 0x4d, 0xfb, 0x89, 0x20, 0x22, 0xf2, 0xb5, 0x43, 0xbc, 0x03, 0xe4, 0xb3, 0x67, 0xc8,
+    0x85, 0xd3, 0x09, 0x85, 0x55, 0x3f, 0x50, 0x2c, 0x35, 0xc7, 0x9c, 0xb9, 0x63, 0x84, 0x26, 0xfd,
+    0xcb, 0x18, 0x8b, 0xcb, 0xe6, 0x37, 0xb9, 0xf1, 0x89, 0xa7, 0xb3, 0xc9, 0x5a, 0xd8, 0x4f, 0xcf,
+    0xb7, 0x1c, 0x56, 0xb7, 0x76, 0x61, 0xd2, 0x86, 0xea, 0xc9, 0xdb, 0x0b, 0x41, 0xfc, 0x0d, 0x0c,
+    0x2a, 0x96, 0x3c, 0x2a, 0xf5, 0xb4, 0x2e, 0x4a, 0xc1, 0x7c, 0xa1, 0xd7, 0x7d, 0xac, 0x3f, 0x13,
+    0xab, 0xbf, 0xc4, 0xab, 0x38, 0x19, 0x4c, 0xf7, 0xf1, 0xac, 0xad, 0x9e, 0xe5, 0x0e, 0x1f, 0xc1,
+    0x3f, 0xdd, 0x22, 0x3f, 0x6e, 0xee, 0x39, 0x6f, 0x40, 0x42, 0x10, 0x5d, 0xa2, 0xfa, 0xc1, 0xfb,
+    0x39, 0x5a, 0x4a, 0x39, 0xba, 0x35, 0x12, 0x57, 0xa6, 0xbf, 0xc8, 0xd5, 0xc5, 0xcf, 0xc4, 0x22,
+    0xea, 0x1b, 0xa2, 0xea, 0x8a, 0xe8, 0x07, 0x46, 0x31, 0x6a, 0x9d, 0x79, 0xc0, 0xc3, 0x9f, 0x0f,
+    0xb5, 0x61, 0xcf, 0xb5, 0x3a, 0x28, 0xcb, 0x2f, 0x09, 0x23, 0x93, 0x73, 0xdd, 0xef, 0x0e, 0xfa,
+    0x51, 0xca, 0x24, 0x51, 0x97, 0xfc, 0x83, 0xb0, 0xd4, 0x9a, 0x35, 0xa1, 0x4f, 0x55, 0x98, 0x72,
+    0x9b, 0x0d, 0x02, 0x9b, 0x57, 0x0e, 0xd7, 0xf4, 0xcd, 0x48, 0xa2, 0x54, 0x5b, 0x65, 0x37, 0xc6,
+    0x7a, 0x83, 0xb5, 0x7a, 0x44, 0x8d, 0x40, 0x4f, 0x85, 0x93, 0xb0, 0x4a, 0x7c, 0x11, 0x47, 0x1a,
+    0xa1, 0xf5, 0x7c, 0xa1, 0x87, 0xb7, 0x31, 0xbf, 0x18, 0x68, 0x06, 0xc5, 0x4c, 0x51, 0x10, 0x69,
+    0xd0, 0xe3, 0xdc, 0xd0, 0x5a, 0x51, 0xe1, 0x0d, 0xe4, 0x4a, 0x39, 0xe8, 0xd7, 0xf7, 0xb8, 0xa0,
+    0x4a, 0x31, 0x73, 0x4a, 0x2b, 0x9a, 0xdb, 0x4c, 0xb9, 0x77, 0xbf, 0x80, 0xc2, 0x7a, 0x6f, 0x1d,
+    0x77, 0x91, 0xc8, 0x77, 0x09, 0x3d, 0xfb, 0x8a, 0x1a, 0xdf, 0xe7, 0xa5, 0xfc, 0x93, 0xad, 0x10,
+    0x5d, 0x07, 0xf4, 0x5d, 0xfc, 0x89, 0xd5, 0xc0, 0xdb, 0xa3, 0x46, 0x72, 0x81, 0x3f, 0x92, 0x03,
+    0x4f, 0x14, 0x2f, 0x4f, 0x95, 0xcd, 0x04, 0x68, 0x2c, 0x15, 0x0b, 0x4c, 0x77, 0xb4, 0x89, 0x49,
+    0x1d, 0x7c, 0x3f, 0x1d, 0x68, 0xbd, 0x73, 0xc4, 0x8b, 0x10, 0x52, 0xa9, 0xea, 0x1a, 0xf2, 0xb6,
+    0x83, 0x54, 0x61, 0x83, 0x81, 0xe4, 0x7b, 0x14, 0xd3, 0x3a, 0x44, 0x31, 0x04, 0xb1, 0x23, 0x24,
+    0x52, 0x68, 0x10, 0x52, 0xfd, 0x70, 0x77, 0xac, 0xa7, 0x05, 0x59, 0xe5, 0x9d, 0xae, 0x7b, 0xff,
+    0x25, 0xf9, 0xd8, 0x25, 0xf4, 0x4d, 0x8c, 0x26, 0xbd, 0xda, 0xbe, 0x40, 0x61, 0x3d, 0xd6, 0xef,
+    0xfe, 0x8f, 0x11, 0xfe, 0x37, 0x77, 0xfd, 0xd6, 0x20, 0x21, 0x08, 0xcf, 0x51, 0x7d, 0x81, 0x9c,
+    0x3d, 0xa0, 0xbb, 0x3d, 0x22, 0xa7, 0x20, 0xc6, 0xa3, 0xa8, 0x58, 0x25, 0x3e, 0xe9, 0xc2, 0x0d,
+    0x58, 0x22, 0xa8, 0x58, 0x42, 0xde, 0x0a, 0xe4, 0x4e, 0xc1, 0xf2, 0xbe, 0x34, 0xf1, 0x74, 0x57,
+    0x55, 0x30, 0xd5, 0x55, 0x0f, 0x6e, 0xb1, 0x21, 0xd1, 0x8d, 0xa5, 0x51, 0xb4, 0x73, 0x9e, 0x5d,
+    0xf9, 0xd7, 0xd4, 0xf9, 0xc5, 0x69, 0x3b, 0x5b, 0x56, 0xa9, 0xf4, 0x7b, 0x78, 0xa0, 0x64, 0x3e,
+    0xac, 0xe7, 0x01, 0xac, 0xca, 0x07, 0x8a, 0x7a, 0x87, 0x24, 0x51, 0x2a, 0xcc, 0xd3, 0xfa, 0x63,
+    0xfc, 0xf2, 0x88, 0xfc, 0x7b, 0x3e, 0xe4, 0x7f, 0xc3, 0xcb, 0x40, 0xb7, 0xcd, 0x6e, 0x82, 0x6a,
+    0x68, 0x90, 0x6e, 0x68, 0x2d, 0xc9, 0x91, 0xe7, 0x72, 0x25, 0xfd, 0x74, 0x8a, 0x9a, 0x5c, 0x50,
+    0xc1, 0x52, 0x33, 0xc1, 0x59, 0x99, 0xc4, 0xb9, 0x60, 0x63, 0x18, 0x92, 0xf3, 0x87, 0x40, 0x67,
+    0x38, 0x85, 0xe7, 0x38, 0x9c, 0xf0, 0xff, 0xe2, 0x36, 0xca, 0xec, 0xe9, 0x8b, 0x27, 0x24, 0x59,
+    0x75, 0xec, 0x51, 0x75, 0x45, 0x74, 0xe2, 0x23, 0xf9, 0x35, 0xaf, 0xdd, 0x60, 0x80, 0xae, 0xe6,
+    0x6d, 0xb5, 0x32, 0x6d, 0x93, 0x9e, 0x4e, 0xc3, 0xe7, 0x47, 0x49, 0xb8, 0x3f, 0x54, 0xba, 0x04,
+    0x1f, 0x01, 0xa6, 0x1f, 0x24, 0xf4, 0x6a, 0x6d, 0x68, 0xfa, 0x1a, 0xd1, 0x76, 0x09, 0xf1, 0x40,
+    0x17, 0x36, 0x87, 0x17, 0xd7, 0x13, 0x0e, 0x8c, 0x62, 0xd4, 0xf9, 0xf2, 0x43, 0x45, 0xfd, 0x1e,
+    0x44, 0x81, 0x3a, 0x44, 0x0c, 0xa6, 0x94, 0x95, 0x55, 0xa4, 0x84, 0x2b, 0x90, 0x03, 0x66, 0x9a,
+    0xcc, 0x40, 0x4e, 0xcc, 0x14, 0x29, 0x7f, 0x7c, 0xff, 0x2f, 0x4f, 0x7d, 0x73, 0x05, 0xaa, 0x6d,
+    0xc5, 0xa8, 0xc2, 0xc5, 0xc1, 0x0b, 0xf6, 0x28, 0x65, 0x74, 0x88, 0x62, 0x08, 0xa1, 0x46, 0x48,
+    0xee, 0xe1, 0x53, 0xee, 0x12, 0x7a, 0x35, 0xd7, 0x34, 0x7d, 0x0d, 0x89, 0x3b, 0xe5, 0x99, 0x20,
+  },
+  { /* 11 */
+    0xfe, 0x50, 0x71, 0x7c, 0xfc, 0x9b, 0xad, 0x09, 0xfc, 0x5e, 0x38, 0x3f, 0x3f, 0x68, 0x53, 0x1b,
+    0x6d, 0x9f, 0xd8, 0xf4, 0xee, 0xe2, 0xd1, 0xe9, 0xee, 0x90, 0x3c, 0xda, 0xda, 0xa3, 0xbc, 0xf8,
+    0x53, 0x94, 0xe4, 0x01, 0xdd, 0x92, 0x0e, 0x3a, 0xdd, 0xb8, 0xb0, 0xa6, 0xa6, 0x24, 0x5d, 0x4e,
+    0xab, 0xb8, 0x14, 0x53, 0x11, 0x91, 0xf4, 0xf0, 0x11, 0x18, 0xc5, 0x95, 0x95, 0x7d, 0x5f, 0xd3,
+    0xc0, 0x5b, 0x4d, 0x89, 0xcf, 0xeb, 0x72, 0xda, 0xcf, 0x76, 0xb4, 0x43, 0x43, 0xef, 0xb2, 0xad,
+    0x7d, 0xbd, 0xa6, 0x24, 0x6e, 0x65, 0x3b, 0xa4, 0x6e, 0xc4, 0x27, 0xfa, 0xfa, 0x9a, 0x46, 0x2f,
+    0xaf, 0x51, 0xea, 0x67, 0x31, 0xc0, 0x2f, 0x72, 0x31, 0x0d, 0xb3, 0x9d, 0x9d, 0xe2, 0x80, 0x96,
+    0x72, 0x7b, 0xc6, 0x6f, 0x16, 0xda, 0x5f, 0x61, 0x16, 0x84, 0x7a, 0xe4, 0xe4, 0x01, 0x2d, 0xa3,
+    0x27, 0x93, 0xa3, 0x40, 0xfb, 0xd0, 0x06, 0x98, 0xfb, 0xc2, 0x87, 0x4e, 0x4e, 0x14, 0x21, 0x6b,
+    0xf9, 0x87, 0x2e, 0x5f, 0xc4, 0x86, 0xbc, 0x0b, 0xc4, 0x34, 0x89, 0x31, 0x31, 0x0e, 0x45, 0x1d,
+    0x8e, 0xbe, 0xc8, 0x09, 0xfa, 0x88, 0x7e, 0x29, 0xfa, 0x31, 0x79, 0xdf, 0xdf, 0xc7, 0xf0, 0x7b,
+    0x8a, 0x57, 0x36, 0x3d, 0xda, 0xd9, 0xa5, 0xab, 0xda, 0x24, 0x0f, 0xd7, 0xd7, 0x58, 0x2f, 0x3e,
+    0x3c, 0x9e, 0x43, 0xef, 0x23, 0xb9, 0x53, 0x92, 0x23, 0xc3, 0xb7, 0x78, 0x78, 0x29, 0x6f, 0x75,
+    0x50, 0xaa, 0x45, 0x16, 0xc5, 0xde, 0xc4, 0xba, 0xc5, 0xc7, 0x77, 0xa0, 0xa0, 0xdd, 0x94, 0x0d,
+    0xe1, 0xb4, 0x6f, 0xe7, 0x04, 0xa3, 0x23, 0x81, 0x04, 0x4a, 0x7e, 0x01, 0x01, 0xca, 0xc2, 0x40,
+    0x41, 0x23, 0xe5, 0xcb, 0x4d, 0xdc, 0x68, 0x36, 0x4d, 0x07, 0x90, 0x82, 0x82, 0xb3, 0x29, 0x5a,
+    0xb4, 0x5c, 0x0a, 0xc8, 0xe9, 0xa9, 0x7a, 0x78, 0xe9, 0x0c, 0x83, 0xab, 0xab, 0xdf, 0xce, 0x88,
+    0xd7, 0xae, 0x6c, 0x7a, 0x77, 0x71, 0x89, 0x95, 0x77, 0x48, 0x1e, 0x6d, 0x6d, 0xb0, 0x5e, 0x7c,
+    0x1e, 0x4f, 0xc0, 0x96, 0xf0, 0xbd, 0xc8, 0x49, 0xf0, 0x80, 0xba, 0x3c, 0x3c, 0xf5, 0xd6, 0xdb,
+    0x23, 0x7a, 0x5d, 0x74, 0xdb, 0x81, 0xdd, 0x1a, 0xdb, 0xd7, 0xf1, 0x46, 0x46, 0x8b, 0xfe, 0x2e,
+    0x2a, 0xc0, 0xbc, 0x11, 0x93, 0xa6, 0xee, 0x1c, 0x93, 0x69, 0xe1, 0x54, 0x54, 0x21, 0xc4, 0x24,
+    0x75, 0xac, 0x99, 0x4c, 0x2e, 0xc7, 0x4e, 0x63, 0x2e, 0xee, 0xcb, 0xea, 0xea, 0x67, 0x3b, 0xa5,
+    0xba, 0x31, 0xb4, 0x8e, 0x99, 0x93, 0x58, 0x7c, 0x99, 0xd8, 0x22, 0xb7, 0xb7, 0x13, 0xe2, 0x84,
+    0x86, 0xaf, 0xf7, 0x61, 0xba, 0x2a, 0x0b, 0xee, 0xba, 0x1b, 0x95, 0xcf, 0xcf, 0x3a, 0x8d, 0xf1,
+    0xdb, 0x56, 0xad, 0x26, 0x17, 0x82, 0x27, 0xd0, 0x17, 0x77, 0x84, 0x75, 0x75, 0xd2, 0xfc, 0xb3,
+    0x76, 0x92, 0x38, 0x5b, 0x36, 0x8b, 0x84, 0xe3, 0x36, 0x91, 0x0c, 0xec, 0xec, 0x9e, 0xf2, 0xe6,
+    0xb7, 0x62, 0xab, 0xdf, 0xf1, 0xe5, 0xb0, 0xf8, 0xf1, 0x73, 0x44, 0xad, 0xad, 0x26, 0x07, 0xcb,
+    0x2f, 0x82, 0x9c, 0x28, 0xbb, 0x72, 0x73, 0x5f, 0xbb, 0xe8, 0x6b, 0x5e, 0x5e, 0xe9, 0x5c, 0xe1,
+    0xe3, 0x21, 0x10, 0xfd, 0x14, 0x6a, 0xaf, 0xc0, 0x14, 0xa1, 0x45, 0x05, 0x05, 0x64, 0x4c, 0x83,
+    0x51, 0x01, 0x9b, 0x1b, 0xcd, 0x5b, 0x82, 0x7b, 0xcd, 0x53, 0x8b, 0xa2, 0xa2, 0x8a, 0xd3, 0x8d,
+    0xd2, 0xec, 0x4c, 0x43, 0x5f, 0xa5, 0x14, 0xd6, 0x5f, 0xc9, 0x94, 0x67, 0x67, 0x78, 0xc6, 0xb9,
+    0xb1, 0x1e, 0x2a, 0xf1, 0xc1, 0x7d, 0xe7, 0x3b, 0xc1, 0x8d, 0x09, 0xa1, 0xa1, 0x17, 0x56, 0x4d,
+    0xb6, 0xc9, 0x75, 0xd2, 0xf9, 0x60, 0xf6, 0x39, 0xf9, 0xe7, 0xb8, 0xaf, 0xaf, 0x71, 0x40, 0x4b,
+    0x03, 0x3e, 0xa1, 0x17, 0x18, 0x4c, 0xca, 0x80, 0x18, 0x7f, 0xc7, 0x06, 0x06, 0xf9, 0xc9, 0x43,
+    0x44, 0x61, 0xc5, 0xf2, 0x65, 0x08, 0xf5, 0x75, 0x65, 0x86, 0x1a, 0x88, 0x88, 0x7b, 0xb1, 0x9f,
+    0x9a, 0x75, 0x48, 0xed, 0x5a, 0x5e, 0x4f, 0xe6, 0x5a, 0x70, 0x14, 0xf7, 0xf7, 0x61, 0xd5, 0xe9,
+    0x8d, 0x80, 0x69, 0x1e, 0xe2, 0xc4, 0xb4, 0xa9, 0xe2, 0x4e, 0xbe, 0xd9, 0xd9, 0x3e, 0x39, 0x38,
+    0xea, 0x9b, 0xf1, 0x98, 0x5c, 0x4d, 0x9c, 0xc6, 0x5c, 0x1f, 0x55, 0x17, 0x17, 0xce, 0x76, 0x89,
+    0xc4, 0xb2, 0xb3, 0xbd, 0xef, 0xba, 0xa9, 0x58, 0xef, 0x63, 0xc2, 0x4b, 0x4b, 0x70, 0x6d, 0xe8,
+    0xad, 0xc4, 0x95, 0x7d, 0x21, 0x09, 0xa3, 0x33, 0x21, 0xe6, 0x88, 0x99, 0x99, 0x4c, 0x0e, 0x55,
+    0xb9, 0x0f, 0x15, 0x99, 0x81, 0xdf, 0x92, 0xfc, 0x81, 0xa7, 0xe5, 0xb1, 0xb1, 0xea, 0x2b, 0xc7,
+    0xe2, 0x8a, 0xce, 0xf0, 0x1c, 0xef, 0xe9, 0x01, 0x1c, 0x35, 0xb9, 0x07, 0x07, 0x33, 0x0b, 0x03,
+    0xe6, 0x63, 0x30, 0xc4, 0x3c, 0xbe, 0x32, 0x83, 0x3c, 0x20, 0xcf, 0x0f, 0x0f, 0xac, 0xd4, 0x46,
+    0x99, 0x4b, 0xe9, 0xfa, 0x42, 0x12, 0x85, 0x66, 0x42, 0x0f, 0xd3, 0xf1, 0xf1, 0x98, 0x1c, 0xaa,
+    0x29, 0xfe, 0x1d, 0x06, 0x8b, 0xea, 0x24, 0x9c, 0x8b, 0x16, 0x26, 0x52, 0x52, 0xd8, 0x0d, 0x67,
+    0xa9, 0x2d, 0x6b, 0x49, 0x01, 0x58, 0x78, 0xb1, 0x01, 0xf3, 0xfe, 0x91, 0x91, 0xd3, 0xd1, 0x10,
+    0x61, 0x67, 0x19, 0xa8, 0x8e, 0x11, 0x7f, 0xac, 0x8e, 0xaf, 0xa6, 0xc2, 0xc2, 0xc1, 0x1e, 0x37,
+    0xd0, 0x79, 0x33, 0x59, 0x4f, 0x6c, 0x98, 0x97, 0x4f, 0x22, 0xaf, 0x63, 0x63, 0xd6, 0x48, 0x7a,
+    0x48, 0x99, 0x04, 0xae, 0x05, 0xfb, 0x5b, 0x30, 0x05, 0xb9, 0x80, 0x90, 0x90, 0x19, 0x13, 0x50,
+    0xf1, 0x96, 0x11, 0x37, 0x84, 0x24, 0xc9, 0xcc, 0x84, 0x1e, 0x65, 0x21, 0x21, 0xf3, 0x38, 0x97,
+    0x91, 0x5a, 0xd6, 0x92, 0x02, 0xb0, 0xf0, 0xa1, 0x02, 0x25, 0x3f, 0xe1, 0xe1, 0x65, 0x61, 0x20,
+    0x65, 0x8e, 0xe7, 0x9c, 0xae, 0x40, 0xa4, 0x2e, 0xae, 0xba, 0xd0, 0xca, 0xca, 0x5e, 0xc1, 0x72,
+    0x24, 0xad, 0x02, 0x57, 0xe3, 0x9c, 0xcc, 0x18, 0xe3, 0xbd, 0x40, 0x48, 0x48, 0xed, 0xe8, 0x28,
+    0x9c, 0x09, 0xc9, 0xc3, 0x6a, 0xc6, 0x18, 0x25, 0x6a, 0x8e, 0x59, 0xfb, 0xfb, 0x50, 0x84, 0x6f,
+    0xc8, 0x4a, 0x72, 0xe1, 0x8f, 0x49, 0x07, 0x1d, 0x8f, 0x5c, 0x58, 0x53, 0x53, 0x12, 0xcf, 0x27,
+    0x14, 0xcb, 0x80, 0xe4, 0xa0, 0xd6, 0x31, 0xcf, 0xa0, 0x41, 0x6d, 0x28, 0x28, 0xa6, 0x25, 0x92,
+    0x70, 0xee, 0xb9, 0x75, 0x06, 0x13, 0xd3, 0x20, 0x06, 0x6f, 0x41, 0xe0, 0xe0, 0xaf, 0xa3, 0x60,
+    0x39, 0xdc, 0x63, 0xd6, 0x0b, 0x6d, 0xce, 0xd1, 0x0b, 0x42, 0x3d, 0x72, 0x72, 0xe1, 0xf7, 0xb0,
+    0x55, 0xe8, 0x65, 0x2f, 0xed, 0x0a, 0x59, 0xf9, 0xed, 0x46, 0xfd, 0xaa, 0xaa, 0x15, 0x0c, 0xc8,
+    0x13, 0x1c, 0xdf, 0xc7, 0x98, 0xcb, 0x20, 0xcd, 0x98, 0x2b, 0xdc, 0x26, 0x26, 0xc0, 0x33, 0x94,
+    0xd6, 0x05, 0xb2, 0x77, 0x7f, 0xf4, 0xcf, 0x54, 0x7f, 0xdc, 0xe2, 0x6f, 0x6f, 0xe7, 0x19, 0xfc,
+    0xfb, 0x12, 0x51, 0x45, 0xd4, 0x4f, 0x30, 0x4a, 0xd4, 0xdf, 0xb2, 0x35, 0x35, 0xa0, 0xcb, 0xde,
+    0x22, 0xd1, 0x83, 0x79, 0xd3, 0x04, 0x9b, 0xdb, 0xd3, 0x43, 0x0d, 0x44, 0x44, 0xdc, 0xb9, 0xae,
+    0xda, 0xfd, 0x73, 0x2b, 0x1f, 0x07, 0x61, 0x11, 0x1f, 0xe3, 0x78, 0x77, 0x77, 0x85, 0xbb, 0x33,
+    0x25, 0x06, 0xdc, 0x5a, 0xeb, 0x19, 0x8a, 0xd9, 0xeb, 0x29, 0xbc, 0x4a, 0x4a, 0xba, 0xaf, 0xa8,
+    0xe7, 0xc8, 0xee, 0xc9, 0x34, 0x3b, 0x74, 0x42, 0x34, 0xb4, 0x33, 0x0d, 0x0d, 0xfb, 0x93, 0xc6,
+    0xe4, 0xf6, 0x4f, 0xde, 0x2c, 0x77, 0xbe, 0xc2, 0x2c, 0xcb, 0xf4, 0x0b, 0x0b, 0x02, 0x5a, 0x85,
+    0xa3, 0xa9, 0x2b, 0x3b, 0x51, 0x33, 0x81, 0x37, 0x51, 0x32, 0x29, 0x85, 0x85, 0x80, 0x22, 0x59,
+    0x8c, 0x2b, 0xb7, 0x13, 0xea, 0x41, 0xf2, 0x68, 0xea, 0xda, 0x42, 0xdb, 0xdb, 0x69, 0x7e, 0xb8,
+    0x19, 0x98, 0x9f, 0xb5, 0xc8, 0xa0, 0xd9, 0x4b, 0xc8, 0xea, 0x0b, 0x32, 0x32, 0x93, 0xc0, 0xdd,
+    0x09, 0xba, 0xe1, 0x65, 0x48, 0x27, 0x33, 0x06, 0x48, 0xbe, 0x10, 0x12, 0x12, 0xaa, 0x3a, 0x0a,
+    0x2d, 0x17, 0xe3, 0x32, 0xab, 0xbb, 0xff, 0x1e, 0xab, 0x03, 0x50, 0x5a, 0x5a, 0x47, 0xd2, 0x22,
+    0x8f, 0x15, 0x16, 0x04, 0xf2, 0x0d, 0x38, 0xe8, 0xf2, 0xa5, 0x85, 0xdd, 0xdd, 0x90, 0xb7, 0xfb,
+    0x94, 0x18, 0xf6, 0xab, 0x2a, 0x64, 0x6d, 0xe2, 0x2a, 0xa4, 0xb5, 0xeb, 0xeb, 0xad, 0xf9, 0xe5,
+    0x0d, 0x53, 0x1f, 0x51, 0x68, 0x76, 0xe8, 0x84, 0x68, 0xab, 0x66, 0x1a, 0x1a, 0x35, 0xe5, 0x4f,
+    0x85, 0x91, 0x56, 0x76, 0xa2, 0x66, 0xc1, 0x6e, 0xa2, 0x64, 0x52, 0xc9, 0xc9, 0xc3, 0x44, 0xb2,
+    0x57, 0x7d, 0x1a, 0x35, 0xfd, 0xc3, 0xd5, 0xb8, 0xfd, 0xad, 0xc6, 0xae, 0xae, 0xbb, 0x82, 0x0b,
+    0x96, 0x8d, 0x89, 0xb1, 0x3a, 0xad, 0xe1, 0xa3, 0x3a, 0x4f, 0x8e, 0xef, 0xef, 0x03, 0x77, 0x26,
+    0x69, 0x76, 0x26, 0xc0, 0xce, 0xb3, 0x0a, 0x6b, 0xce, 0x85, 0x4a, 0xd2, 0xd2, 0x3c, 0x63, 0xbd,
+    0xf8, 0x2c, 0xf0, 0x52, 0xcc, 0x03, 0xfa, 0xca, 0xcc, 0xa0, 0x75, 0x33, 0x33, 0x59, 0x02, 0x9d,
+    0x5e, 0xc7, 0xfb, 0x50, 0xb5, 0xe4, 0xe6, 0xbe, 0xb5, 0x13, 0xd6, 0xbc, 0xbc, 0x11, 0xb8, 0x01,
+    0x0e, 0x6d, 0xbe, 0x46, 0x70, 0x3a, 0x22, 0x04, 0x70, 0xd4, 0xa1, 0x1c, 0x1c, 0xcc, 0x2c, 0x0c,
+    0x71, 0x45, 0x67, 0x78, 0x0e, 0x96, 0x95, 0xe1, 0x0e, 0xfb, 0xbd, 0xe2, 0xe2, 0xf8, 0xe4, 0xe0,
+    0x7a, 0x6a, 0xf9, 0x07, 0x56, 0x78, 0x2a, 0xa6, 0x56, 0xae, 0x96, 0xf4, 0xf4, 0xfc, 0x50, 0x29,
+    0x01, 0xab, 0xde, 0x0d, 0x08, 0x85, 0x46, 0xc1, 0x08, 0x94, 0xfc, 0x02, 0x02, 0x57, 0x47, 0x80,
+    0xe0, 0x1f, 0xb1, 0xea, 0x0c, 0x26, 0x65, 0x40, 0x0c, 0xde, 0x82, 0x03, 0x03, 0x9d, 0x85, 0xc0,
+    0x7e, 0x83, 0x07, 0x33, 0x76, 0x29, 0xf1, 0x24, 0x76, 0xbb, 0xe0, 0xfc, 0xfc, 0x63, 0x8f, 0x6c,
+    0x93, 0xcf, 0xa9, 0x88, 0x12, 0x79, 0x7c, 0xe0, 0x12, 0xce, 0x04, 0xe5, 0xe5, 0xcb, 0xef, 0xe3,
+    0xce, 0x36, 0xf3, 0xcf, 0xbf, 0xd1, 0x50, 0xde, 0xbf, 0xa2, 0x15, 0x5f, 0x5f, 0x23, 0x9e, 0xa1,
+    0x9f, 0x37, 0x68, 0xd4, 0x72, 0x8a, 0xd2, 0xa5, 0x72, 0xf1, 0x9e, 0xfd, 0xfd, 0xa9, 0x4d, 0x2c,
+    0x3a, 0xe2, 0xc2, 0xc1, 0x13, 0x21, 0x04, 0x51, 0x13, 0x3d, 0xfa, 0x74, 0x74, 0x18, 0x3e, 0xf3,
+    0xd1, 0xd2, 0xed, 0x54, 0x47, 0xe9, 0xde, 0x56, 0x47, 0xb6, 0x53, 0x61, 0x61, 0x81, 0x0f, 0xfa,
+    0xf2, 0xa8, 0xb0, 0x20, 0x9c, 0x68, 0x03, 0x4c, 0x9c, 0x61, 0xa2, 0x27, 0x27, 0x0a, 0xf1, 0xd4,
+    0xcf, 0x9d, 0x2d, 0xc2, 0xb7, 0x54, 0x16, 0x1f, 0xb7, 0x36, 0xe9, 0x5d, 0x5d, 0x74, 0xd9, 0x21,
+    0x43, 0xb6, 0x9a, 0xd1, 0x5d, 0x15, 0xe4, 0x77, 0x5d, 0xec, 0xab, 0x86, 0x86, 0x1d, 0xa7, 0x99,
+    0xc9, 0xe1, 0xac, 0xec, 0x87, 0xcc, 0x41, 0xdc, 0x87, 0xc8, 0xa4, 0x51, 0x51, 0x45, 0x88, 0xa7,
+    0x4a, 0x0c, 0x7b, 0xb4, 0x15, 0x32, 0xd7, 0x71, 0x15, 0x52, 0xbb, 0x94, 0x94, 0xb7, 0x9d, 0x93,
+    0xbd, 0xe6, 0xeb, 0xad, 0xa1, 0x8e, 0x49, 0x7e, 0xa1, 0xb2, 0x93, 0xb9, 0xb9, 0x75, 0xf4, 0x82,
+    0x62, 0x59, 0xb8, 0xbf, 0x96, 0x5d, 0xb5, 0x2c, 0x96, 0xd0, 0x61, 0xc4, 0xc4, 0x38, 0xd7, 0x74,
+    0xac, 0x6f, 0x4b, 0x70, 0x29, 0x8c, 0xe5, 0xf2, 0x29, 0x72, 0x74, 0x9b, 0x9b, 0x1b, 0x49, 0xd5,
+    0x02, 0x95, 0x7f, 0x1a, 0x10, 0xc9, 0x8c, 0x41, 0x10, 0xeb, 0x3b, 0x04, 0x04, 0xae, 0x8e, 0xc3,
+    0x37, 0xb1, 0xdd, 0x90, 0x7b, 0x57, 0xec, 0xd5, 0x7b, 0x96, 0x9c, 0x6e, 0x6e, 0x2d, 0xdb, 0xbc,
+    0x82, 0x46, 0x09, 0x55, 0x9a, 0x7b, 0xd0, 0x6c, 0x9a, 0x0e, 0xe3, 0xc7, 0xc7, 0xa5, 0x52, 0xb4,
+    0xc1, 0xf0, 0x93, 0x84, 0xc7, 0x6e, 0x34, 0x1b, 0xc7, 0xe2, 0x48, 0x41, 0x41, 0xb8, 0xf5, 0x2d,
+    0x26, 0x38, 0x7d, 0x4d, 0xf3, 0x55, 0x40, 0x59, 0xf3, 0x56, 0x7b, 0x4c, 0x4c, 0x43, 0x66, 0xeb,
+    0xbb, 0x9a, 0x6a, 0x83, 0x91, 0x16, 0x1e, 0xbd, 0x91, 0x4c, 0xde, 0xb5, 0xb5, 0x44, 0xa5, 0x04,
+    0x0f, 0xc6, 0x60, 0x4b, 0x78, 0xbf, 0x64, 0xc5, 0x78, 0x40, 0x5d, 0x1e, 0x1e, 0x9b, 0x6b, 0x8c,
+    0xd4, 0x90, 0xcd, 0x6d, 0x6f, 0x3d, 0x43, 0x15, 0x6f, 0x37, 0xd9, 0x6b, 0x6b, 0x49, 0x97, 0x3f,
+    0x5b, 0x85, 0xdb, 0x69, 0x9d, 0x30, 0x7b, 0xfd, 0x9d, 0x92, 0x5c, 0xb6, 0xb6, 0xd9, 0x20, 0xc4,
+    0x63, 0xf2, 0x66, 0xb2, 0x9e, 0xd8, 0xf3, 0xed, 0x9e, 0x44, 0x9d, 0xc6, 0xc6, 0x6f, 0x90, 0xf4,
+    0x87, 0x04, 0x29, 0x6c, 0xb2, 0xaf, 0x4d, 0x2f, 0xb2, 0x8f, 0x69, 0xcd, 0xcd, 0x6d, 0xca, 0x71,
+    0xbf, 0x73, 0x94, 0xb7, 0xb1, 0x47, 0xc5, 0x3f, 0xb1, 0x59, 0xa8, 0xbd, 0xbd, 0xdb, 0x7a, 0x41,
+    0x97, 0x26, 0x57, 0xbc, 0x32, 0x28, 0xa7, 0x62, 0x32, 0xdb, 0x72, 0xed, 0xed, 0x54, 0x30, 0xa6,
+    0x46, 0xf4, 0xba, 0xe8, 0x75, 0xc1, 0x79, 0x34, 0x75, 0x6d, 0x21, 0x8c, 0x8c, 0xd5, 0x3f, 0x5c,
+    0xaa, 0x13, 0xca, 0x5e, 0x19, 0x14, 0xb2, 0x31, 0x19, 0x8c, 0x39, 0x97, 0x97, 0x2a, 0x18, 0x53,
+    0x4f, 0x4e, 0x5b, 0x8d, 0x3d, 0xe6, 0x4a, 0x32, 0x3d, 0xd3, 0x31, 0x9e, 0x9e, 0x7f, 0x05, 0x56,
+    0xc6, 0x27, 0xcc, 0xa7, 0xff, 0x73, 0x25, 0x19, 0xff, 0x88, 0xf9, 0x4f, 0x4f, 0xde, 0xe3, 0x2b,
+    0x4e, 0xe5, 0x85, 0x80, 0x35, 0x63, 0x0c, 0xf3, 0x35, 0x47, 0xcd, 0x9c, 0x9c, 0x28, 0x42, 0xd6,
+    0x80, 0xd3, 0x76, 0x4f, 0x8a, 0xb2, 0x5c, 0x2d, 0x8a, 0xe5, 0xd8, 0xc3, 0xc3, 0x0b, 0xdc, 0x77,
+    0x7f, 0x28, 0xd9, 0x3e, 0x7e, 0xac, 0xb7, 0xe5, 0x7e, 0x2f, 0x1c, 0xfe, 0xfe, 0x34, 0xc8, 0xec,
+    0x45, 0xca, 0x1b, 0xff, 0x6d, 0x8d, 0xb3, 0xb4, 0x6d, 0x12, 0xe6, 0x8a, 0x8a, 0x2c, 0xf6, 0x1f,
+    0xeb, 0x30, 0x2f, 0x95, 0x54, 0xc8, 0xda, 0x07, 0x54, 0x8b, 0xa9, 0x15, 0x15, 0x99, 0x31, 0x09,
+    0x68, 0xdd, 0xf8, 0xcd, 0xc6, 0x36, 0x4c, 0xaa, 0xc6, 0x11, 0xb6, 0xd0, 0xd0, 0x6b, 0x24, 0x3d,
+    0x10, 0x22, 0x7e, 0xd0, 0x80, 0x87, 0xea, 0x4d, 0x80, 0x54, 0x1b, 0x20, 0x20, 0x39, 0xfa, 0xd7,
+    0x20, 0x44, 0xfc, 0x63, 0xc3, 0xcd, 0x17, 0x9a, 0xc3, 0xa8, 0x36, 0x40, 0x40, 0x72, 0x37, 0x6d,
+    0x5f, 0x6c, 0x25, 0x5d, 0xbd, 0x61, 0xa0, 0x7f, 0xbd, 0x87, 0x2a, 0xbe, 0xbe, 0x46, 0xff, 0x81,
+    0x49, 0x32, 0xda, 0xa3, 0x0d, 0x7e, 0x1d, 0xf1, 0x0d, 0x2d, 0x7c, 0x92, 0x92, 0x4e, 0x54, 0xd0,
+    0xd3, 0x47, 0x92, 0x4e, 0x57, 0x20, 0x52, 0x17, 0x57, 0x5d, 0x68, 0x65, 0x65, 0x2f, 0x81, 0x39,
+    0xc2, 0xce, 0x32, 0x93, 0xdf, 0x22, 0xfe, 0x9b, 0xdf, 0x9d, 0x8f, 0x47, 0x47, 0x41, 0x3c, 0x6e,
+    0x56, 0xd6, 0xc4, 0x38, 0xf5, 0x46, 0x93, 0x79, 0xf5, 0x39, 0x3a, 0xac, 0xac, 0xec, 0xc5, 0x8b,
+    0xe5, 0x5d, 0x91, 0xd3, 0x24, 0xf2, 0xf8, 0x03, 0x24, 0x5f, 0x08, 0x09, 0x09, 0x55, 0x1d, 0x05,
+    0xbc, 0x4d, 0x35, 0xa0, 0xa9, 0x0b, 0x0f, 0xbf, 0xa9, 0x26, 0x6f, 0xbb, 0xbb, 0x22, 0xb3, 0x02,
+    0x77, 0x39, 0xe6, 0x56, 0x3e, 0x0e, 0xc2, 0x22, 0x3e, 0x05, 0xf0, 0xee, 0xee, 0xc9, 0xb5, 0x66,
+    0x15, 0x60, 0x5e, 0xe9, 0xa8, 0x53, 0x77, 0x0e, 0xa8, 0xd5, 0x91, 0x2a, 0x2a, 0xf1, 0x62, 0x12,
+    0x30, 0x66, 0x82, 0xb3, 0x43, 0x4a, 0xfd, 0xd7, 0x43, 0xfc, 0x2d, 0x60, 0x60, 0x4b, 0xcd, 0xba,
+    0xb0, 0xb5, 0xf4, 0xfc, 0xc9, 0xf8, 0xa1, 0xfa, 0xc9, 0x19, 0xf5, 0xa3, 0xa3, 0x40, 0x11, 0xcd,
+    0xc3, 0x65, 0xec, 0x9e, 0xd7, 0xa7, 0xb8, 0x5a, 0xd7, 0x09, 0x73, 0x45, 0x45, 0x16, 0x7b, 0xee,
+    0xa6, 0xeb, 0x0b, 0x02, 0x79, 0xe7, 0x1c, 0x74, 0x79, 0xb3, 0xa3, 0x8f, 0x8f, 0x48, 0xba, 0x9c,
+    0x6a, 0x48, 0x87, 0xd7, 0xd6, 0xff, 0xc0, 0xeb, 0xd6, 0xfa, 0x8d, 0xd4, 0xd4, 0xc5, 0xaa, 0xfe,
+    0x6e, 0xa1, 0x79, 0xe3, 0xf6, 0xae, 0x1b, 0x69, 0xf6, 0xef, 0xfb, 0xdc, 0xdc, 0x5a, 0x75, 0xbb,
+    0xee, 0x72, 0x0f, 0xac, 0x7c, 0x1c, 0x47, 0x44, 0x7c, 0x0a, 0x23, 0x1f, 0x1f, 0x51, 0xa9, 0xcc,
+    0x95, 0xb3, 0x28, 0xa6, 0x22, 0xe1, 0x2b, 0x23, 0x22, 0x30, 0x49, 0xe9, 0xe9, 0xfa, 0xbe, 0x65,
+    0xbe, 0xd8, 0x4a, 0xba, 0xb9, 0xc2, 0x83, 0xfe, 0xb9, 0xcd, 0x54, 0xbf, 0xbf, 0x8c, 0x3d, 0xc1,
+    0x38, 0x77, 0xbd, 0xdb, 0x03, 0xe8, 0x88, 0x10, 0x03, 0xd6, 0xc1, 0x70, 0x70, 0xb6, 0xb0, 0x30,
+    0x1c, 0xda, 0xbf, 0x8c, 0xe0, 0x74, 0x44, 0x08, 0xe0, 0x6b, 0x81, 0x38, 0x38, 0x5b, 0x58, 0x18,
+    0xd8, 0x68, 0x0c, 0x31, 0x0f, 0xce, 0xed, 0x50, 0x0f, 0x08, 0x43, 0x73, 0x73, 0x2b, 0x35, 0xf0,
+    0xfc, 0xc5, 0x0e, 0x66, 0xec, 0x52, 0x21, 0x48, 0xec, 0xb5, 0x03, 0x3b, 0x3b, 0xc6, 0xdd, 0xd8,
+    0x6b, 0xe3, 0x59, 0xda, 0xde, 0x7a, 0x86, 0x2a, 0xde, 0x6e, 0x71, 0xd6, 0xd6, 0x92, 0xed, 0x7e,
+    0x9e, 0x9c, 0xb6, 0xd9, 0x7a, 0x0f, 0x94, 0x64, 0x7a, 0x65, 0x62, 0xff, 0xff, 0xfe, 0x0a, 0xac,
+    0xf3, 0x03, 0x6e, 0x2d, 0x94, 0xed, 0x45, 0x8d, 0x94, 0xf5, 0x5e, 0x25, 0x25, 0x5d, 0xb6, 0x54,
+    0x16, 0x5e, 0xff, 0xfe, 0xb0, 0x1f, 0xbd, 0x8e, 0xb0, 0xaa, 0x56, 0x2c, 0x2c, 0x08, 0xab, 0x51,
+    0xf6, 0x41, 0x4e, 0x14, 0xbc, 0x39, 0xd8, 0xce, 0xbc, 0x74, 0xd4, 0x2f, 0x2f, 0x95, 0x2e, 0x91,
+    0xfa, 0xb9, 0x8f, 0x48, 0xdc, 0xca, 0x76, 0x8b, 0xdc, 0x4b, 0x4e, 0x37, 0x37, 0xf7, 0x8c, 0x5e,
+    0x1d, 0x71, 0x61, 0x81, 0xe8, 0xf1, 0x02, 0xc9, 0xe8, 0xff, 0x7d, 0x3a, 0x3a, 0x0c, 0x1f, 0x98,
+    0x05, 0x42, 0x20, 0x39, 0x28, 0xd4, 0x9d, 0x43, 0x28, 0x81, 0x8a, 0x0a, 0x0a, 0xc8, 0x98, 0xc5,
+    0x0a, 0x84, 0x40, 0x72, 0x50, 0x6b, 0xf9, 0x86, 0x50, 0xc1, 0xd7, 0x14, 0x14, 0x53, 0xf3, 0x49,
+    0x79, 0x54, 0x58, 0x10, 0x4e, 0x34, 0xe0, 0x26, 0x4e, 0xd1, 0x51, 0xf2, 0xf2, 0x05, 0x99, 0x6a,
+    0x3e, 0x0b, 0x3c, 0xf5, 0x33, 0x70, 0xdf, 0xd3, 0x33, 0x28, 0x8c, 0x7c, 0x7c, 0x87, 0xe1, 0xb6,
+    0x90, 0xf1, 0x08, 0x9f, 0x0a, 0x35, 0xb6, 0x60, 0x0a, 0xb1, 0xc3, 0xe3, 0xe3, 0x32, 0x26, 0xa0,
+    0x98, 0xe0, 0x37, 0xf7, 0x4a, 0x97, 0xc3, 0xa7, 0x4a, 0x9b, 0x2f, 0xf3, 0xf3, 0xcf, 0x5b, 0x2a,
+    0xcd, 0x08, 0x52, 0xd8, 0xa7, 0x9d, 0x9a, 0x5e, 0xa7, 0xdd, 0xd2, 0x59, 0x59, 0xda, 0x57, 0xe2,
+    0xcb, 0x74, 0xd3, 0xf6, 0x97, 0x05, 0xcd, 0x9d, 0x97, 0x23, 0x9f, 0x55, 0x55, 0xeb, 0x06, 0x64,
+    0x0c, 0xf8, 0xc1, 0x5c, 0x60, 0xf3, 0xae, 0x45, 0x60, 0x3f, 0x9a, 0x18, 0x18, 0x62, 0xa2, 0xcf,
+    0x36, 0x1a, 0x03, 0x9d, 0x73, 0xd2, 0xaa, 0x14, 0x73, 0x02, 0x60, 0x6c, 0x6c, 0x7a, 0x9c, 0x3c,
+    0x73, 0xd0, 0x18, 0x62, 0x1e, 0x5f, 0x19, 0xa0, 0x1e, 0x10, 0x86, 0xe6, 0xe6, 0x56, 0x6a, 0x23,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x9d, 0xa2, 0x17, 0xce, 0x62, 0x43, 0x5e, 0xe4, 0x62, 0x1a, 0xa5, 0xf9, 0xf9, 0x07, 0xc3, 0xef,
+    0xe9, 0xa5, 0x50, 0x8f, 0x44, 0x01, 0x56, 0x46, 0x44, 0x60, 0x92, 0x11, 0x11, 0x37, 0xbf, 0xca,
+    0x92, 0x64, 0x77, 0x85, 0x1a, 0xfc, 0x3a, 0x21, 0x1a, 0x5a, 0xf8, 0xe7, 0xe7, 0x9c, 0xa8, 0x63,
+    0x17, 0xf5, 0x21, 0xf3, 0xb8, 0x9a, 0xfb, 0x4f, 0xb8, 0x3e, 0xaa, 0x2e, 0x2e, 0x5f, 0xec, 0xd1,
+    0x07, 0xd7, 0x5f, 0x23, 0x38, 0x1d, 0x11, 0x02, 0x38, 0x6a, 0xb1, 0x0e, 0x0e, 0x66, 0x16, 0x06,
+    0x81, 0x78, 0xa8, 0x42, 0x82, 0x37, 0x1a, 0xec, 0x82, 0x71, 0x24, 0xc1, 0xc1, 0x5c, 0x9b, 0xf7,
+    0xed, 0x4c, 0xae, 0xbb, 0x64, 0x50, 0x8d, 0xc4, 0x64, 0x75, 0xe4, 0x19, 0x19, 0xa8, 0x60, 0x8f,
+    0xca, 0xdf, 0x0d, 0xfb, 0x9f, 0x80, 0x8b, 0x5c, 0x9f, 0xb7, 0x63, 0x57, 0x57, 0xbc, 0x41, 0xe4,
+    0x74, 0x07, 0x47, 0x41, 0x26, 0x42, 0x08, 0xa2, 0x26, 0x7a, 0x37, 0xe8, 0xe8, 0x30, 0x7c, 0x25,
+    0xa1, 0x3c, 0x54, 0x21, 0x41, 0xfa, 0x0d, 0x76, 0x41, 0xd9, 0x12, 0x81, 0x81, 0x2e, 0xac, 0x9a,
+    0x5d, 0xf9, 0x5a, 0x47, 0xad, 0xa8, 0x2c, 0x3e, 0xad, 0x6c, 0x11, 0xba, 0xba, 0xe8, 0x71, 0x42,
+    0x40, 0x88, 0x3b, 0xc6, 0x45, 0x59, 0x2e, 0xf7, 0x45, 0x93, 0x6c, 0x80, 0x80, 0xe4, 0x6e, 0xda,
+    0x78, 0xff, 0x86, 0x1d, 0x46, 0xb1, 0xa6, 0xe7, 0x46, 0x45, 0xad, 0xf0, 0xf0, 0x52, 0xde, 0xea,
+    0x83, 0xed, 0xd7, 0x58, 0x92, 0xfe, 0x96, 0xad, 0x92, 0x9a, 0x1f, 0xc5, 0xc5, 0xf2, 0x15, 0x34,
+    0xdd, 0x2a, 0x2c, 0x08, 0x27, 0x1a, 0x70, 0x13, 0x27, 0x89, 0xc9, 0x79, 0x79, 0xe3, 0xad, 0x35,
+    0x7b, 0xc1, 0x27, 0x0a, 0x5e, 0xfd, 0x6c, 0x67, 0x5e, 0x3a, 0x6a, 0xf6, 0xf6, 0xab, 0x17, 0xa9,
+    0x42, 0x1d, 0x44, 0xdc, 0x55, 0x90, 0xa2, 0xb6, 0x55, 0x78, 0x57, 0x84, 0x84, 0x4a, 0xe0, 0x19,
+    0xdc, 0x81, 0xf2, 0x05, 0x2f, 0x9f, 0x36, 0xd2, 0x2f, 0x1d, 0x35, 0x7b, 0x7b, 0xb4, 0xea, 0xb5,
+    0xf0, 0x3d, 0xcf, 0x3a, 0x8c, 0xa1, 0x8f, 0x0d, 0x8c, 0x8a, 0x99, 0x23, 0x23, 0xa4, 0x7f, 0x17,
+    0x2c, 0xbc, 0x3d, 0x3f, 0xa3, 0x3e, 0xb9, 0xdf, 0xa3, 0x97, 0xac, 0x58, 0x58, 0x10, 0x95, 0xa2,
+    0x5c, 0x52, 0x84, 0x4a, 0xa5, 0x2d, 0x6a, 0xff, 0xa5, 0xf8, 0xed, 0xb8, 0xb8, 0xbf, 0x36, 0xc2,
+    0x47, 0x5f, 0x64, 0xe5, 0x7d, 0x44, 0x3f, 0xf5, 0x7d, 0xf9, 0xdd, 0x8e, 0x8e, 0x82, 0x78, 0xdc,
+    0xa4, 0x7e, 0x74, 0x18, 0x69, 0x2e, 0x90, 0x35, 0x69, 0x58, 0x98, 0x8b, 0x8b, 0xe6, 0x34, 0x5f,
+    0x52, 0x3f, 0x3a, 0x0c, 0xd5, 0x17, 0x48, 0xfb, 0xd5, 0x2c, 0x4c, 0xa4, 0xa4, 0x73, 0x1a, 0xce,
+    0x5a, 0x2e, 0x05, 0x64, 0x95, 0xb5, 0x3d, 0x3c, 0x95, 0x06, 0xa0, 0xb4, 0xb4, 0x8e, 0x67, 0x44,
+    0x3f, 0xa0, 0xe2, 0xf8, 0x3b, 0xf5, 0x99, 0x12, 0x3b, 0xbc, 0x70, 0x7e, 0x7e, 0xd0, 0xa6, 0x36,
+    0xd9, 0xc3, 0xd2, 0x3c, 0x07, 0x4b, 0xab, 0x91, 0x07, 0x9c, 0xbf, 0x71, 0x71, 0x7c, 0x72, 0x70,
+    0x0b, 0x2f, 0x9e, 0x7f, 0x58, 0xee, 0xbf, 0x47, 0x58, 0x55, 0x2b, 0x16, 0x16, 0x04, 0xb4, 0xc9,
+    0x2e, 0x29, 0x42, 0x25, 0xb3, 0xf7, 0x35, 0x9e, 0xb3, 0x7c, 0x97, 0x5c, 0x5c, 0xbe, 0x1b, 0x61,
+    0x08, 0x11, 0x3f, 0x68, 0x40, 0xa2, 0x75, 0xc7, 0x40, 0x2a, 0xec, 0x10, 0x10, 0xfd, 0x7d, 0x8a,
+    0x60, 0xcc, 0xc7, 0xa5, 0x86, 0x94, 0x39, 0x6d, 0x86, 0x3b, 0x5a, 0xc0, 0xc0, 0x96, 0x59, 0xb7,
+    0xf4, 0xd4, 0x31, 0x0e, 0xac, 0xf0, 0x54, 0x8f, 0xac, 0x9f, 0xef, 0x2b, 0x2b, 0x3b, 0xa0, 0x52,
+    0x4b, 0xa7, 0xa5, 0xb9, 0x1d, 0xb7, 0x91, 0xb0, 0x1d, 0xc6, 0x47, 0x96, 0x96, 0xe0, 0xda, 0x13,
+    0xc7, 0x8c, 0x12, 0xaa, 0xf7, 0xf6, 0x63, 0xd8, 0xf7, 0x1c, 0x05, 0x4d, 0x4d, 0x89, 0xa4, 0xab,
+    0x06, 0x7c, 0x81, 0x2e, 0x30, 0x98, 0x57, 0xc3, 0x30, 0xfe, 0x4d, 0x0c, 0x0c, 0x31, 0x51, 0x86,
+    0xdf, 0xbf, 0x53, 0x12, 0x37, 0xd3, 0xfc, 0x52, 0x37, 0x62, 0xf2, 0x7d, 0x7d, 0x4d, 0x23, 0xf6,
+    0x35, 0x24, 0xa2, 0x8a, 0x6b, 0x9e, 0x60, 0x94, 0x6b, 0x7d, 0xa7, 0x6a, 0x6a, 0x83, 0x55, 0x7f,
+    0xfd, 0x6e, 0xd0, 0x6b, 0xe4, 0xd7, 0x67, 0x89, 0xe4, 0x21, 0xff, 0x39, 0x39, 0x91, 0x9a, 0x58,
+    0x11, 0x89, 0xa0, 0xdd, 0x88, 0x02, 0xac, 0x8c, 0x88, 0xc0, 0xe7, 0x22, 0x22, 0x6e, 0xbd, 0x57,
+    0xb2, 0x20, 0x8b, 0xe6, 0xd9, 0x31, 0x2d, 0xbb, 0xd9, 0xf2, 0xce, 0xa7, 0xa7, 0xee, 0x9f, 0x0e,
+    0xc5, 0x19, 0x6d, 0xb0, 0xe7, 0x3f, 0xef, 0x99, 0xe7, 0xf7, 0x3e, 0x49, 0x49, 0x27, 0x2a, 0x68,
+    0xb8, 0xa4, 0xcb, 0x94, 0x89, 0x5a, 0xd4, 0x3d, 0x89, 0x33, 0x19, 0xb3, 0xb3, 0xbd, 0x6c, 0x47,
+    0xb5, 0xf7, 0xd4, 0xc5, 0xe1, 0x2c, 0x3c, 0xb9, 0xe1, 0x98, 0x7f, 0xa9, 0xa9, 0x88, 0x89, 0x08,
+    0x3b, 0x49, 0x1c, 0xcc, 0x1b, 0xa4, 0x42, 0x90, 0x1b, 0xa9, 0x06, 0x76, 0x76, 0x4f, 0x79, 0x73,
+    0x28, 0x55, 0xc3, 0x0b, 0x83, 0x6f, 0x62, 0x5d, 0x83, 0x82, 0xda, 0x50, 0x50, 0x8f, 0x4a, 0xe7,
+    0xa0, 0x97, 0x8a, 0x2c, 0x49, 0x7f, 0x4b, 0xb7, 0x49, 0x4d, 0xee, 0x83, 0x83, 0x79, 0xeb, 0x1a,
+    0xe8, 0x0e, 0x8e, 0x82, 0x4c, 0x84, 0x10, 0x87, 0x4c, 0xf4, 0x6e, 0x13, 0x13, 0x60, 0xf8, 0x4a,
+    0xde, 0x14, 0x8d, 0x1f, 0x3f, 0x56, 0xba, 0x93, 0x3f, 0xf6, 0x0e, 0x7f, 0x7f, 0x1a, 0x64, 0x76,
+    0x1f, 0xe4, 0x1e, 0x9b, 0xf8, 0x38, 0x8e, 0x88, 0xf8, 0x14, 0x46, 0x3e, 0x3e, 0xa2, 0x91, 0x5b,
+    0x6f, 0x0a, 0xa7, 0xee, 0xfe, 0x2b, 0x5d, 0xa8, 0xfe, 0x7b, 0x07, 0xde, 0xde, 0x0d, 0x32, 0x3b,
+    0x59, 0x10, 0xa4, 0x73, 0x8d, 0xf9, 0xf7, 0xbc, 0x8d, 0x79, 0x67, 0xb2, 0xb2, 0x77, 0xae, 0x07,
+    0x32, 0xf3, 0xfd, 0xa9, 0x53, 0x83, 0x71, 0x96, 0x53, 0x17, 0x16, 0x64, 0x64, 0xe5, 0x43, 0x79,
+    0x84, 0x3a, 0x88, 0x7b, 0xaa, 0xe3, 0x87, 0xaf, 0xaa, 0xf0, 0xae, 0xcb, 0xcb, 0x94, 0x03, 0x32,
+    0x12, 0xb7, 0x01, 0xca, 0x90, 0x4e, 0x66, 0x0c, 0x90, 0xbf, 0x20, 0x24, 0x24, 0x97, 0x74, 0x14,
+    0x88, 0xc2, 0x49, 0x27, 0xca, 0x10, 0x29, 0xea, 0xca, 0xcf, 0x34, 0xd3, 0xd3, 0xf6, 0xa1, 0xfd,
+    0x1b, 0x0d, 0xe0, 0xaf, 0xd8, 0x69, 0x55, 0x0a, 0xd8, 0x01, 0x30, 0x36, 0x36, 0x3d, 0x4e, 0x1e,
+    0x58, 0xbb, 0x7a, 0x7e, 0x85, 0x7c, 0xb1, 0x7d, 0x85, 0xed, 0x9b, 0xb0, 0xb0, 0x20, 0xe9, 0x87,
+    0xa5, 0xd5, 0xaa, 0x15, 0x61, 0xab, 0xd6, 0xf4, 0x61, 0xcc, 0x64, 0x89, 0x89, 0xb1, 0x73, 0xdf,
+    0x04, 0xe9, 0xfe, 0x34, 0x20, 0x51, 0xdb, 0x82, 0x20, 0x15, 0x76, 0x08, 0x08, 0x9f, 0xdf, 0x45,
+    0xa7, 0x40, 0xd5, 0x0f, 0x71, 0x62, 0x5a, 0xb5, 0x71, 0x27, 0x5f, 0x8d, 0x8d, 0x1f, 0xfd, 0x1c,
+    0xd5, 0x3b, 0x13, 0x60, 0x67, 0xb8, 0x05, 0xd4, 0x67, 0xa3, 0x25, 0x69, 0x69, 0x1e, 0xd0, 0xbf,
+    0xf5, 0x7f, 0xef, 0x03, 0xa4, 0x75, 0x12, 0x4e, 0xa4, 0x0b, 0x13, 0x29, 0x29, 0x6c, 0xe7, 0xd2,
+    0x4d, 0xdb, 0x24, 0x97, 0x2d, 0x2f, 0xc6, 0x73, 0x2d, 0x38, 0x0a, 0x9a, 0x9a, 0xd1, 0x8b, 0x95,
+    0x3d, 0x35, 0x9d, 0xe2, 0x2b, 0x3c, 0x15, 0x53, 0x2b, 0x57, 0x4b, 0x7a, 0x7a, 0x7e, 0x28, 0xf5,
+    0xa8, 0x86, 0xb5, 0x44, 0x09, 0xdd, 0x3e, 0x70, 0x09, 0x67, 0x02, 0x93, 0x93, 0x84, 0x96, 0x90,
+    0x33, 0x58, 0x23, 0xa4, 0x5b, 0x06, 0x37, 0x57, 0x5b, 0x83, 0xea, 0x66, 0x66, 0xb2, 0x04, 0xf9,
+    0x21, 0xef, 0x22, 0x6e, 0xcb, 0x48, 0x51, 0x5b, 0xcb, 0x3c, 0xca, 0x42, 0x42, 0x25, 0x70, 0xed,
+    0x2b, 0x6b, 0x62, 0x1c, 0x9b, 0x23, 0xa8, 0xdd, 0x9b, 0xfd, 0x1d, 0x56, 0x56, 0x76, 0x83, 0xa4,
+    0x4c, 0x70, 0xfa, 0x9a, 0x25, 0xaa, 0x80, 0xb2, 0x25, 0xac, 0xf6, 0x98, 0x98, 0x86, 0xcc, 0x15,
+    0x1a, 0xa6, 0x3e, 0xa2, 0xd0, 0xec, 0x13, 0xcb, 0xd0, 0x95, 0xcc, 0x34, 0x34, 0x6a, 0x09, 0x9e,
+    0x67, 0x1b, 0x98, 0x86, 0xbe, 0x89, 0x28, 0x6f, 0xbe, 0x51, 0xeb, 0xce, 0xce, 0xf0, 0x4f, 0xb1,
+    0x54, 0x43, 0xbb, 0x22, 0xe5, 0x8f, 0x1f, 0x38, 0xe5, 0xd2, 0x01, 0xa8, 0xa8, 0x42, 0x4b, 0x48,
+    0xec, 0xe7, 0x70, 0xb6, 0x6c, 0xd5, 0xcb, 0x05, 0x6c, 0xe1, 0x18, 0x1b, 0x1b, 0xff, 0x27, 0x0f,
+    0x9b, 0xde, 0x96, 0xe0, 0x52, 0xdb, 0x09, 0x27, 0x52, 0xe4, 0xe8, 0xf5, 0xf5, 0x36, 0x92, 0x69,
+    0xa2, 0x02, 0xf5, 0x36, 0x59, 0xb6, 0xc7, 0xf6, 0x59, 0xa6, 0xd5, 0x87, 0x87, 0xd7, 0x65, 0xd9,
+    0x64, 0x25, 0x39, 0x91, 0xa6, 0xc5, 0xe2, 0xef, 0xa6, 0x2e, 0x2c, 0xc8, 0xc8, 0x09, 0x86, 0xf2,
+    0xef, 0xd9, 0xd1, 0xa1, 0x74, 0x99, 0x01, 0x85, 0x74, 0x9e, 0xdf, 0x1d, 0x1d, 0x06, 0xee, 0x4c,
+    0x8b, 0xfc, 0xe8, 0x30, 0xd2, 0x5c, 0xe3, 0x6a, 0xd2, 0xb0, 0xf3, 0xd5, 0xd5, 0x0f, 0x68, 0xbe,
+    0x6c, 0x34, 0x06, 0xf9, 0xe6, 0x67, 0x97, 0x28, 0xe6, 0x04, 0xc0, 0xd8, 0xd8, 0xf4, 0xfb, 0x78,
+    0xff, 0xfb, 0xaf, 0x71, 0xf4, 0x1e, 0xeb, 0xc8, 0xf4, 0xca, 0xc4, 0x3d, 0x3d, 0x3f, 0x14, 0x9b,
+    0xf7, 0xea, 0x90, 0x19, 0xb4, 0xbc, 0x9e, 0x0f, 0xb4, 0xe0, 0x28, 0x2d, 0x2d, 0xc2, 0x69, 0x11,
+    0x18, 0x33, 0x41, 0xb8, 0xc0, 0x25, 0x9f, 0x8a, 0xc0, 0x7e, 0xf7, 0x30, 0x30, 0xc4, 0x87, 0x5d,
+    0xb3, 0x8b, 0x55, 0xeb, 0xd1, 0xb4, 0x6b, 0x7a, 0xd1, 0x66, 0x32, 0xa5, 0xa5, 0xb9, 0xd8, 0x8e,
+    0x7c, 0x16, 0x78, 0x29, 0x66, 0xe0, 0x7d, 0x65, 0x66, 0x50, 0xdb, 0xf8, 0xf8, 0xcd, 0x01, 0xaf,
+    0xcc, 0xa3, 0x8c, 0xd5, 0xaf, 0x18, 0xdc, 0x9f, 0xaf, 0x49, 0x2e, 0x5b, 0x5b, 0x8d, 0x10, 0x62,
+    0x89, 0x69, 0x97, 0x2a, 0xc2, 0x95, 0x6f, 0x2b, 0xc2, 0x5b, 0xc8, 0xd1, 0xd1, 0xa1, 0xe6, 0x7d,
+    0xae, 0xfa, 0x34, 0x6a, 0x39, 0x45, 0x69, 0xb3, 0x39, 0x99, 0x4f, 0x9f, 0x9f, 0xb5, 0xc7, 0x16,
+    0x31, 0xcd, 0x5c, 0xbe, 0x4b, 0xcf, 0xbb, 0x16, 0x4b, 0x68, 0xd1, 0x62, 0x62, 0x1c, 0x8a, 0x3a,
+    0x34, 0x8f, 0x7c, 0x87, 0x63, 0x1b, 0x26, 0x55, 0x63, 0xe9, 0x5b, 0x68, 0x68, 0xd4, 0x12, 0xff,
+    0x66, 0xb0, 0x46, 0x8b, 0xb6, 0x0c, 0x6e, 0xae, 0xb6, 0xc5, 0x17, 0xcc, 0xcc, 0xa7, 0x08, 0x31,
+  },
+  { /* 12 */
+    0x55, 0x95, 0x9e, 0xb1, 0xd0, 0xa1, 0x4c, 0xd9, 0x5a, 0x2f, 0xf9, 0x1c, 0x4c, 0xf2, 0x1a, 0x52,
+    0xfa, 0xed, 0x87, 0xcf, 0x85, 0x5d, 0x81, 0x6c, 0x55, 0x48, 0x8b, 0x1e, 0x81, 0xe1, 0x58, 0x1c,
+    0x0c, 0xbe, 0x0a, 0x56, 0x48, 0xac, 0xcc, 0x72, 0x67, 0x5c, 0x45, 0x58, 0xcc, 0xf1, 0x09, 0x1a,
+    0x52, 0x31, 0x7b, 0x77, 0xfa, 0xee, 0x3b, 0x0a, 0xaf, 0x0c, 0xfb, 0x83, 0x3b, 0xb1, 0x8e, 0x02,
+    0xa3, 0xc6, 0x13, 0x28, 0x1d, 0x50, 0x01, 0xc7, 0x68, 0x3b, 0x37, 0x5a, 0x01, 0xe2, 0x4b, 0x54,
+    0x73, 0x1c, 0xab, 0xc9, 0xf7, 0x51, 0x4f, 0x53, 0xe2, 0x62, 0xa0, 0xf2, 0x4f, 0x17, 0xc7, 0xae,
+    0xe1, 0x9c, 0x70, 0x97, 0x07, 0xed, 0xe9, 0x75, 0xf2, 0xe7, 0x81, 0xb8, 0xe9, 0x6d, 0xd9, 0xcf,
+    0x81, 0x25, 0x20, 0x62, 0x02, 0xc4, 0x46, 0x63, 0x4c, 0x42, 0xec, 0x3d, 0x46, 0xe9, 0x91, 0x1f,
+    0x86, 0x81, 0xc5, 0xa4, 0x28, 0x8b, 0x31, 0xb0, 0xb9, 0x61, 0xee, 0xa2, 0x31, 0xaa, 0x05, 0x4f,
+    0x02, 0x35, 0x03, 0x19, 0x1c, 0x32, 0x22, 0x17, 0x4e, 0x1a, 0x41, 0xa5, 0x22, 0x77, 0xe2, 0xba,
+    0x6c, 0x07, 0x5a, 0xa3, 0x4d, 0x85, 0x63, 0x64, 0xd9, 0xf9, 0x28, 0xdd, 0x63, 0x75, 0x41, 0xca,
+    0xdf, 0xaa, 0x51, 0x43, 0xb0, 0x86, 0xb1, 0x1b, 0x84, 0x12, 0x52, 0xe6, 0xb1, 0xa9, 0x16, 0x07,
+    0x4e, 0xe4, 0x69, 0xe9, 0x52, 0x11, 0x24, 0xc0, 0xfd, 0x80, 0xf3, 0xba, 0x24, 0x7e, 0x9b, 0x81,
+    0xe8, 0xb3, 0x9c, 0x1e, 0x79, 0x3c, 0x70, 0xc3, 0x2e, 0x82, 0x87, 0xda, 0x70, 0xa8, 0xa6, 0x3f,
+    0x2e, 0x5d, 0x39, 0x1c, 0x57, 0x38, 0x8b, 0xd6, 0x43, 0x25, 0x9e, 0x3f, 0x8b, 0xfa, 0xd3, 0x51,
+    0x3d, 0xf8, 0xc2, 0x20, 0xa5, 0x40, 0x6b, 0x93, 0x1f, 0xe2, 0x53, 0x48, 0x6b, 0x69, 0x5c, 0x2f,
+    0x29, 0xf9, 0xdc, 0xda, 0x7d, 0x77, 0xfc, 0x05, 0xb6, 0x06, 0x9c, 0xa0, 0xfc, 0xb9, 0x47, 0x01,
+    0x7d, 0x97, 0xa2, 0x86, 0xa3, 0xcf, 0xa1, 0x36, 0xcb, 0x24, 0xa4, 0x0f, 0xa1, 0x91, 0x2c, 0x0e,
+    0x27, 0x72, 0xd5, 0x95, 0x29, 0xe9, 0x12, 0x60, 0x9f, 0x40, 0x98, 0x5d, 0x12, 0x3f, 0xac, 0xa1,
+    0x35, 0x2c, 0xce, 0x44, 0xd5, 0x88, 0xe3, 0xcf, 0xe4, 0x8a, 0x94, 0x99, 0xe3, 0x76, 0x52, 0x82,
+    0xcc, 0x0f, 0xaa, 0x7f, 0x42, 0xfe, 0x51, 0x5e, 0xd8, 0xd5, 0x9f, 0x91, 0x51, 0x3a, 0x99, 0x79,
+    0xd6, 0x85, 0xbd, 0xca, 0xce, 0x57, 0x28, 0xad, 0x58, 0x77, 0x54, 0x84, 0x28, 0x6c, 0x69, 0xf7,
+    0x87, 0x7a, 0x25, 0x49, 0x26, 0x92, 0x20, 0x5a, 0x9e, 0x6c, 0x2f, 0x11, 0x20, 0x70, 0x74, 0x12,
+    0xc9, 0x9e, 0x4c, 0xa0, 0x74, 0x83, 0x04, 0x9a, 0x63, 0xec, 0xdc, 0xab, 0x04, 0x0e, 0xef, 0x93,
+    0x6b, 0xa3, 0xbf, 0x65, 0x67, 0xca, 0x14, 0xb7, 0x2c, 0xda, 0x2a, 0x42, 0x14, 0x36, 0xd5, 0x9a,
+    0x32, 0x88, 0x2b, 0x82, 0xff, 0xc7, 0x94, 0x1c, 0x11, 0xa9, 0x96, 0x06, 0x94, 0x35, 0xc6, 0xd2,
+    0xcd, 0xf4, 0x4a, 0x92, 0x4c, 0xe7, 0x40, 0xb4, 0xff, 0xd8, 0x5e, 0x22, 0x40, 0xe0, 0xe8, 0x24,
+    0x23, 0x18, 0xd3, 0xa7, 0x11, 0x8d, 0x56, 0x4e, 0x03, 0x74, 0x1a, 0xd4, 0x56, 0xd1, 0xab, 0x16,
+    0x96, 0xea, 0xdd, 0x6c, 0xc8, 0xd8, 0xe2, 0x08, 0x8c, 0xb1, 0xa3, 0xc3, 0xe2, 0x94, 0x19, 0xd6,
+    0xb4, 0x09, 0xee, 0x26, 0xd7, 0x4c, 0xa5, 0xac, 0xa8, 0xc8, 0x78, 0xa4, 0xa5, 0x9f, 0xc3, 0x9d,
+    0x92, 0x80, 0xdb, 0x5e, 0xf0, 0xbc, 0xa6, 0x26, 0x10, 0x85, 0x21, 0x4a, 0xa6, 0x7a, 0x1e, 0x61,
+    0xc6, 0xee, 0xa5, 0x02, 0x2e, 0x04, 0xfb, 0x15, 0x6d, 0xa7, 0x19, 0xe5, 0xfb, 0x52, 0x75, 0x6e,
+    0x91, 0x4e, 0x38, 0xaa, 0xe2, 0x97, 0x95, 0xdb, 0x79, 0x92, 0xa1, 0x5c, 0x95, 0xd7, 0x8d, 0x86,
+    0xe4, 0x0d, 0x96, 0x48, 0x31, 0x90, 0xbc, 0xb1, 0x49, 0xde, 0xc2, 0x82, 0xbc, 0x59, 0xaf, 0x25,
+    0xd2, 0xef, 0xbb, 0xf8, 0xf6, 0x33, 0x6c, 0x83, 0xc4, 0x43, 0xd6, 0x0d, 0x6c, 0x82, 0x6e, 0x40,
+    0x56, 0x5b, 0x7d, 0x45, 0xc2, 0x8a, 0x7f, 0x24, 0x33, 0x38, 0x79, 0x0a, 0x7f, 0x5f, 0x89, 0xb5,
+    0x88, 0x0a, 0xcc, 0xeb, 0x7c, 0x15, 0xdf, 0xd5, 0x90, 0x27, 0xea, 0x5f, 0xdf, 0x2c, 0xee, 0xef,
+    0x6f, 0xc9, 0xb9, 0x57, 0x5f, 0xae, 0x50, 0x99, 0xb0, 0xee, 0xa8, 0xcb, 0x50, 0xd8, 0xd2, 0x2d,
+    0x10, 0x6b, 0x18, 0xc8, 0xe0, 0x53, 0xd3, 0xb8, 0x35, 0xd0, 0x4d, 0x61, 0xd3, 0x3e, 0x1c, 0x99,
+    0x59, 0x2b, 0x94, 0xe7, 0x98, 0x0d, 0x80, 0xab, 0x3d, 0x73, 0xbc, 0x44, 0x80, 0x03, 0x13, 0x48,
+    0x63, 0x77, 0xb3, 0x01, 0x17, 0x02, 0x9c, 0xeb, 0xd7, 0xb2, 0xed, 0x93, 0x9c, 0x29, 0xdb, 0x37,
+    0xca, 0x50, 0xaf, 0x54, 0x66, 0xa8, 0x37, 0x67, 0x0a, 0xfb, 0x5c, 0xbd, 0x37, 0xa3, 0x7c, 0x74,
+    0x79, 0xfd, 0xa4, 0xb4, 0x9b, 0xab, 0xe5, 0x18, 0x57, 0x10, 0x26, 0x86, 0xe5, 0x7f, 0x2b, 0xb9,
+    0xb2, 0x56, 0xeb, 0x0d, 0xf3, 0x1a, 0xc3, 0x95, 0x7a, 0xe6, 0xbb, 0x88, 0xc3, 0x06, 0x26, 0x90,
+    0x28, 0x02, 0x3c, 0x37, 0x73, 0x6e, 0xed, 0xef, 0x91, 0x0b, 0x5d, 0x13, 0xed, 0x63, 0x36, 0x5c,
+    0xea, 0x86, 0x9f, 0x07, 0x65, 0x0e, 0x52, 0xd4, 0x60, 0x98, 0xc6, 0x7f, 0x52, 0xdf, 0x44, 0x85,
+    0xec, 0xd9, 0x9a, 0x2c, 0x41, 0x58, 0x34, 0xed, 0xb2, 0xb6, 0x05, 0x53, 0x34, 0x46, 0xa1, 0x88,
+    0x2a, 0x37, 0x3f, 0x2e, 0x6f, 0x5c, 0xcf, 0xf8, 0xdf, 0x11, 0x1c, 0xb6, 0xcf, 0x14, 0xd4, 0xe6,
+    0xc4, 0xdb, 0xa6, 0x1b, 0x32, 0x36, 0xd9, 0x02, 0x23, 0xbd, 0x58, 0x40, 0xd9, 0x25, 0x97, 0xd4,
+    0xa7, 0xac, 0x15, 0x1a, 0x25, 0x34, 0x45, 0xe9, 0xf4, 0x0f, 0xb5, 0xd3, 0x45, 0x0c, 0x4c, 0xe3,
+    0x17, 0xcf, 0xfd, 0x0e, 0xca, 0x1c, 0xa4, 0x6b, 0xc0, 0xf3, 0x4f, 0xfe, 0xa4, 0x7d, 0x88, 0xc9,
+    0x5f, 0x74, 0x91, 0xcc, 0xbc, 0x5b, 0xe6, 0x92, 0xef, 0x5d, 0x7f, 0x68, 0xe6, 0x9a, 0xf6, 0x45,
+    0x62, 0x8c, 0x53, 0xec, 0x19, 0x1b, 0x8d, 0x01, 0xf0, 0xbf, 0x2c, 0x20, 0x8d, 0xf3, 0xaa, 0x6a,
+    0x5d, 0x41, 0x92, 0xd5, 0xa0, 0x69, 0xc4, 0x85, 0xa1, 0x47, 0x3e, 0xcd, 0xc4, 0xed, 0x14, 0xff,
+    0x06, 0x5f, 0x05, 0x2b, 0x24, 0x56, 0x66, 0x39, 0xd2, 0x2e, 0xc3, 0x2c, 0x66, 0x99, 0xe5, 0x0d,
+    0x3a, 0x5c, 0x27, 0xe6, 0x8f, 0x0f, 0x1c, 0x40, 0xea, 0xc1, 0x51, 0xd7, 0x1c, 0x2a, 0xc8, 0x7f,
+    0x39, 0x92, 0xc4, 0x12, 0x9d, 0x24, 0x2f, 0xbd, 0x83, 0xd6, 0xd1, 0xc1, 0x2f, 0x87, 0x5b, 0x98,
+    0xa1, 0xf3, 0x10, 0x31, 0x01, 0x62, 0x23, 0xd0, 0x26, 0x21, 0x76, 0xff, 0x23, 0x95, 0xa9, 0xee,
+    0x07, 0xa4, 0xe5, 0xc6, 0x2a, 0x4f, 0x77, 0xd3, 0xf5, 0x23, 0x02, 0x9f, 0x77, 0x43, 0x94, 0x50,
+    0x6d, 0xfc, 0xba, 0x4e, 0x43, 0x9c, 0x72, 0x8e, 0xfe, 0xf4, 0xe9, 0x6e, 0x72, 0xaf, 0x30, 0x97,
+    0x21, 0x2d, 0xd0, 0xbe, 0x0d, 0xbf, 0x74, 0x59, 0x4d, 0x6e, 0x5b, 0x71, 0x74, 0xa6, 0x49, 0xac,
+    0xba, 0x82, 0xe7, 0x69, 0x83, 0xd2, 0x4b, 0xc9, 0x81, 0x8e, 0x7c, 0x59, 0x4b, 0x19, 0x28, 0x3d,
+    0x69, 0x96, 0xbc, 0x7c, 0x7b, 0xf8, 0x36, 0xa0, 0x62, 0xc0, 0x6b, 0xe7, 0x36, 0x41, 0x37, 0x20,
+    0x37, 0x19, 0xcd, 0x5d, 0xc9, 0xba, 0xc1, 0xd8, 0xaa, 0x90, 0xd5, 0x3c, 0xc1, 0x01, 0xb0, 0x38,
+    0x3e, 0x36, 0x21, 0xd4, 0xb7, 0x6b, 0x58, 0x6e, 0x76, 0xf5, 0xd3, 0x5e, 0x58, 0xc4, 0xcf, 0xc8,
+    0x25, 0x47, 0xd6, 0x8c, 0x35, 0xdb, 0x30, 0x77, 0xd1, 0x5a, 0xd9, 0xf8, 0x30, 0x48, 0x4e, 0x1b,
+    0xc1, 0x4a, 0x40, 0xc4, 0x04, 0x4b, 0x8c, 0xc6, 0x98, 0x84, 0x1b, 0x7a, 0x8c, 0x11, 0xe1, 0x3e,
+    0xf7, 0xa8, 0x6d, 0x74, 0xc3, 0xe8, 0x5c, 0xf4, 0x15, 0x19, 0x0f, 0xf5, 0x5c, 0xca, 0x20, 0x5b,
+    0xd4, 0xb0, 0xbe, 0xd3, 0xd2, 0x65, 0x0a, 0xba, 0x16, 0x6d, 0x15, 0x21, 0x0a, 0x1b, 0x8b, 0x4d,
+    0x70, 0xd2, 0x48, 0x3d, 0xe5, 0x7a, 0x7c, 0xae, 0x8b, 0x75, 0x20, 0xe4, 0x7c, 0xba, 0x54, 0x49,
+    0xf9, 0x23, 0x64, 0x3b, 0x97, 0x76, 0xb2, 0x91, 0x3c, 0x5f, 0x0b, 0x08, 0xb2, 0x4c, 0xcb, 0xfb,
+    0x9b, 0xaf, 0x37, 0xd7, 0x8e, 0x6d, 0x3f, 0x90, 0xcc, 0xe0, 0x27, 0x28, 0x3f, 0xbf, 0x61, 0x91,
+    0x30, 0xbd, 0x28, 0x9b, 0xe3, 0xf5, 0xb6, 0x0b, 0x5f, 0xb3, 0xd7, 0xa3, 0xb6, 0x42, 0x24, 0x68,
+    0xf8, 0xd8, 0x84, 0xd6, 0x99, 0x6f, 0xa3, 0x7b, 0x1b, 0x52, 0xca, 0xbb, 0xa3, 0x96, 0xba, 0xa6,
+    0x4a, 0x8e, 0x6f, 0xdb, 0x6a, 0x75, 0x60, 0xee, 0x61, 0xb4, 0x71, 0x33, 0x60, 0x90, 0x9c, 0x36,
+    0x2d, 0x93, 0xda, 0xe8, 0x45, 0x13, 0xb8, 0x2b, 0x2a, 0x32, 0x1e, 0x29, 0xb8, 0x57, 0x40, 0xb6,
+    0xbf, 0x13, 0x01, 0xb6, 0xb5, 0xaf, 0x1e, 0x0d, 0x3a, 0xb7, 0x3f, 0x63, 0x1e, 0x2d, 0x5e, 0xd7,
+    0x40, 0x6f, 0x60, 0xa6, 0x06, 0x8f, 0xca, 0xa5, 0xd4, 0xc6, 0xf7, 0x47, 0xca, 0xf8, 0x70, 0x21,
+    0x49, 0x40, 0x8c, 0x2f, 0x78, 0x5e, 0x53, 0x13, 0x08, 0xa3, 0xf1, 0x25, 0x53, 0x3d, 0x0f, 0xd1,
+    0x5e, 0x8f, 0x71, 0x21, 0xb2, 0x42, 0xf7, 0x78, 0xc8, 0x50, 0xbe, 0xdb, 0xf7, 0x40, 0x87, 0x18,
+    0x46, 0x30, 0x65, 0x8d, 0x22, 0xd9, 0xac, 0x9c, 0x06, 0xe8, 0x34, 0x6b, 0xac, 0x61, 0x95, 0x2c,
+    0xae, 0x83, 0xf9, 0x93, 0x5b, 0xe5, 0xdc, 0x5f, 0x28, 0x6a, 0xb3, 0xb1, 0xdc, 0xc9, 0x33, 0x13,
+    0x65, 0x28, 0xb6, 0x2a, 0x33, 0x54, 0xfa, 0xd2, 0x05, 0x9c, 0x2e, 0xbf, 0xfa, 0xb0, 0x3e, 0x3a,
+    0x24, 0xbc, 0x36, 0x61, 0x3b, 0xc2, 0x21, 0x9d, 0xf6, 0x57, 0x18, 0x4b, 0x21, 0x92, 0x3f, 0x46,
+    0x5c, 0xba, 0x72, 0x38, 0xae, 0x70, 0xd5, 0x6f, 0x86, 0x4a, 0xff, 0x7e, 0xd5, 0x37, 0x65, 0xa2,
+    0x72, 0xe7, 0x4b, 0x24, 0xf9, 0x48, 0x5e, 0xb9, 0xc5, 0x6f, 0x61, 0x41, 0x5e, 0xcd, 0xb6, 0xf3,
+    0x97, 0x11, 0x3d, 0x81, 0xc6, 0xc1, 0xf3, 0xe2, 0xab, 0xbc, 0x62, 0x70, 0xf3, 0x4e, 0x68, 0x8b,
+    0xaf, 0x78, 0x19, 0x7e, 0x55, 0xfc, 0xcd, 0xb5, 0x0f, 0x67, 0x72, 0x02, 0xcd, 0x13, 0x42, 0x4e,
+    0x0d, 0x45, 0xea, 0xbb, 0x46, 0xb5, 0xdd, 0x98, 0x40, 0x51, 0x84, 0xeb, 0xdd, 0x2b, 0x78, 0x47,
+    0xb9, 0x4c, 0x04, 0x9d, 0x91, 0xf9, 0x78, 0x34, 0xe8, 0x99, 0xfc, 0x4f, 0x78, 0xb4, 0xbb, 0xda,
+    0x45, 0xfe, 0x86, 0x79, 0x30, 0xf2, 0x9f, 0x61, 0x6f, 0xff, 0xb4, 0x7d, 0x9f, 0xcc, 0x06, 0xcb,
+    0x76, 0x8d, 0x4d, 0x16, 0xc1, 0x2c, 0x1a, 0x97, 0x59, 0x5b, 0xe3, 0xc8, 0x1a, 0x23, 0xb1, 0x44,
+    0x43, 0xa1, 0x83, 0x52, 0x14, 0xa4, 0xf9, 0x58, 0xbd, 0xd1, 0x77, 0x51, 0xf9, 0x55, 0xe3, 0xc6,
+    0x51, 0xff, 0x98, 0x83, 0xe8, 0xc5, 0x08, 0xf7, 0xc6, 0x1b, 0x7b, 0x95, 0x08, 0x1c, 0x1d, 0xe5,
+    0x85, 0x4f, 0x26, 0x50, 0x3a, 0xa0, 0x02, 0x4d, 0xd0, 0x76, 0x6e, 0xb4, 0x02, 0x07, 0x96, 0xa8,
+    0x5a, 0xe5, 0x77, 0x13, 0x8a, 0x26, 0xb3, 0x56, 0x54, 0x64, 0x3c, 0x52, 0xb3, 0xae, 0x80, 0xaf,
+    0x7c, 0x6c, 0x42, 0x6b, 0xad, 0xd6, 0xb0, 0xdc, 0xec, 0x29, 0x65, 0xbc, 0xb0, 0x4b, 0x5d, 0x53,
+    0xd0, 0xda, 0xb8, 0xe1, 0xea, 0x01, 0x4e, 0x94, 0x8a, 0x59, 0x97, 0xa8, 0x4e, 0xf5, 0x8c, 0xfa,
+    0x08, 0xd4, 0x0c, 0x64, 0x70, 0xc8, 0x88, 0x5c, 0xfb, 0x68, 0xc7, 0xd1, 0x88, 0x1f, 0x0e, 0xad,
+    0x05, 0x91, 0xe6, 0xdf, 0x36, 0x7d, 0x55, 0xc4, 0xbb, 0x39, 0x43, 0x3a, 0x55, 0x34, 0x76, 0xea,
+    0xb8, 0xb7, 0xe4, 0x70, 0x9f, 0xe0, 0x69, 0xde, 0xcf, 0x94, 0x3d, 0xfc, 0x69, 0x6e, 0xca, 0x87,
+    0x0f, 0x70, 0xe9, 0xa2, 0x5a, 0x87, 0xff, 0x8f, 0x0e, 0x4b, 0xc5, 0x4e, 0xff, 0x5c, 0x9a, 0xfd,
+    0x7a, 0x33, 0x47, 0x40, 0x89, 0x80, 0xd6, 0xe5, 0x3e, 0x07, 0xa6, 0x90, 0xd6, 0xd2, 0xb8, 0x5e,
+    0xff, 0x7c, 0x61, 0x10, 0xb3, 0x20, 0xd4, 0xa8, 0xee, 0x71, 0xc8, 0x24, 0xd4, 0xd5, 0x2e, 0xf6,
+    0xda, 0x3b, 0xb7, 0x9c, 0x86, 0xfb, 0xe4, 0xdf, 0x3f, 0x2b, 0x11, 0xdc, 0xe4, 0x9d, 0x60, 0xed,
+    0xdb, 0xc0, 0x57, 0x71, 0x88, 0xe2, 0xf5, 0x35, 0x18, 0x26, 0xd0, 0x6f, 0xf5, 0x47, 0x11, 0xb0,
+    0xf2, 0x39, 0x8b, 0xab, 0xf5, 0x95, 0x09, 0x30, 0xae, 0x20, 0x4c, 0xcf, 0x09, 0xfe, 0x56, 0xb1,
+    0x99, 0x9a, 0x34, 0xce, 0x92, 0x5f, 0x1d, 0x87, 0x82, 0xfa, 0x66, 0x8d, 0x1d, 0xc8, 0x83, 0x2b,
+    0xa9, 0x27, 0x1c, 0x55, 0x71, 0xaa, 0xab, 0x8c, 0xdd, 0x49, 0xb1, 0x2e, 0xab, 0x8a, 0xa7, 0x43,
+    0x54, 0x6e, 0x7e, 0x5c, 0xde, 0xb8, 0x5d, 0x33, 0x7d, 0x22, 0x38, 0xaf, 0x5d, 0x28, 0x6b, 0x0f,
+    0x95, 0x24, 0x3e, 0x98, 0xda, 0xf3, 0xd1, 0xf5, 0xe5, 0xa6, 0x23, 0xd5, 0xd1, 0x39, 0x8a, 0x31,
+    0x68, 0x6d, 0x5c, 0x91, 0x75, 0xe1, 0x27, 0x4a, 0x45, 0xcd, 0xaa, 0x54, 0x27, 0x9b, 0x46, 0x7d,
+    0x1c, 0xd5, 0x12, 0x9e, 0xa8, 0xff, 0x1f, 0xca, 0x52, 0x8c, 0x08, 0x39, 0x1f, 0xcf, 0x15, 0x83,
+    0x6a, 0x58, 0x5f, 0x88, 0x69, 0xd3, 0x05, 0x5d, 0x0b, 0xd7, 0xeb, 0xf1, 0x05, 0xec, 0xa4, 0xc7,
+    0x0e, 0x8b, 0x09, 0x4f, 0x54, 0x9e, 0xee, 0x65, 0x29, 0x46, 0x04, 0xfd, 0xee, 0x86, 0xeb, 0xa0,
+    0x93, 0x7b, 0x3b, 0xb3, 0xfe, 0xa5, 0xb7, 0xcc, 0x37, 0x88, 0xe0, 0xf9, 0xb7, 0xa0, 0x6f, 0x3c,
+    0xa8, 0xdc, 0xfc, 0xb8, 0x7f, 0xb3, 0xba, 0x66, 0xfa, 0x44, 0x70, 0x9d, 0xba, 0x50, 0xd6, 0x1e,
+    0xcf, 0xc1, 0x49, 0x8b, 0x50, 0xd5, 0x62, 0xa3, 0xb1, 0xc2, 0x1f, 0x87, 0x62, 0x97, 0x0a, 0x9e,
+    0xc2, 0x84, 0xa3, 0x30, 0x16, 0x60, 0xbf, 0x3b, 0xf1, 0x93, 0x9b, 0x6c, 0xbf, 0xbc, 0x72, 0xd9,
+    0xcb, 0xab, 0x4f, 0xb9, 0x68, 0xb1, 0x26, 0x8d, 0x2d, 0xf6, 0x9d, 0x0e, 0x26, 0x79, 0x0d, 0x29,
+    0x8e, 0x55, 0xc9, 0xc0, 0x58, 0x43, 0xb9, 0xec, 0x42, 0x09, 0x29, 0x73, 0xb9, 0xb5, 0x0b, 0xe2,
+    0x33, 0x73, 0xcb, 0x6f, 0xf1, 0xde, 0x85, 0xf6, 0x36, 0xa4, 0x57, 0xb5, 0x85, 0xef, 0xb7, 0x8f,
+    0x15, 0xfa, 0xfe, 0x17, 0xd6, 0x2e, 0x86, 0x7c, 0x8e, 0xe9, 0x0e, 0x5b, 0x86, 0x0a, 0x6a, 0x73,
+    0x89, 0xf1, 0x2c, 0x06, 0x72, 0x0c, 0xce, 0x3f, 0xb7, 0x2a, 0x2b, 0xec, 0xce, 0xf6, 0x9f, 0xb2,
+    0xd1, 0x21, 0x58, 0x0c, 0xe4, 0x18, 0x5f, 0x7e, 0xad, 0x54, 0x56, 0x1b, 0x5f, 0x2f, 0xfd, 0xa7,
+    0x1a, 0x8a, 0x17, 0xb5, 0x8c, 0xa9, 0x79, 0xf3, 0x80, 0xa2, 0xcb, 0x15, 0x79, 0x56, 0xf0, 0x8e,
+    0x98, 0x61, 0xd4, 0x23, 0x9c, 0x46, 0x0c, 0x6d, 0xa5, 0xf7, 0xa7, 0x3e, 0x0c, 0x12, 0xf2, 0x76,
+    0xce, 0x3a, 0xa9, 0x66, 0x5e, 0xcc, 0x73, 0x49, 0x96, 0xcf, 0xde, 0x34, 0x73, 0x4d, 0x7b, 0xc3,
+    0x1b, 0x71, 0xf7, 0x58, 0x82, 0xb0, 0x68, 0x19, 0xa7, 0xaf, 0x0a, 0xa6, 0x68, 0x8c, 0x81, 0xd3,
+    0xe3, 0xa9, 0x73, 0x8e, 0x1b, 0xdf, 0xcb, 0x62, 0xbc, 0xfd, 0xc0, 0x1d, 0xcb, 0x1a, 0x3b, 0x75,
+    0x9d, 0xf0, 0x32, 0xfc, 0xaa, 0x3b, 0x59, 0xa9, 0x1e, 0xce, 0xe4, 0x04, 0x59, 0x26, 0x84, 0x9c,
+    0x8c, 0x60, 0xca, 0xd9, 0x44, 0x71, 0x9b, 0xfb, 0x0c, 0x13, 0x68, 0xd6, 0x9b, 0xc2, 0xe9, 0x58,
+    0x6e, 0x32, 0x59, 0xba, 0x51, 0xb7, 0x41, 0x73, 0x97, 0xe3, 0x69, 0x78, 0x41, 0x02, 0xa3, 0x70,
+    0x66, 0xe6, 0x55, 0xde, 0x21, 0x7f, 0xc9, 0x2f, 0x6c, 0x8b, 0xae, 0xa9, 0xc9, 0x1d, 0xad, 0xdd,
+    0x58, 0xd0, 0x74, 0x0a, 0x96, 0x14, 0x91, 0x41, 0x1a, 0x7e, 0x7d, 0xf7, 0x91, 0xd9, 0x62, 0x15,
+    0x9a, 0x54, 0xd7, 0x3a, 0x80, 0x74, 0x2e, 0x7a, 0xeb, 0xed, 0xe6, 0x9b, 0x2e, 0x65, 0x10, 0xcc,
+    0x47, 0xcb, 0x85, 0x60, 0x2c, 0xc0, 0xbd, 0x76, 0x21, 0xe5, 0xf5, 0xd8, 0xbd, 0xbb, 0xe4, 0x71,
+    0x18, 0xbf, 0x14, 0xac, 0x90, 0x9b, 0x5b, 0xe4, 0xce, 0xb8, 0x8a, 0xb0, 0x5b, 0x21, 0x12, 0x34,
+    0xad, 0x4d, 0x1a, 0x67, 0x49, 0xce, 0xef, 0xa2, 0x41, 0x7d, 0x33, 0xa7, 0xef, 0x64, 0xa0, 0xf4,
+    0x1e, 0xe0, 0x11, 0x87, 0xb4, 0xcd, 0x3d, 0xdd, 0x1c, 0x96, 0x49, 0x9c, 0x3d, 0xb8, 0xf7, 0x39,
+    0xdc, 0x64, 0xb2, 0xb7, 0xa2, 0xad, 0x82, 0xe6, 0xed, 0x05, 0xd2, 0xf0, 0x82, 0x04, 0x85, 0xe0,
+    0xa4, 0x62, 0xf6, 0xee, 0x37, 0x1f, 0x76, 0x14, 0x9d, 0x18, 0x35, 0xc5, 0x76, 0xa1, 0xdf, 0x04,
+    0x34, 0xd7, 0x2e, 0xa9, 0xdb, 0x91, 0xf2, 0x25, 0xc3, 0x87, 0x55, 0x2a, 0xf2, 0xac, 0x23, 0xdf,
+    0xfd, 0x49, 0x62, 0x09, 0xaf, 0x12, 0xf6, 0xbf, 0xa0, 0x6b, 0x89, 0x81, 0xf6, 0xa2, 0xcc, 0x4c,
+    0x9f, 0xc5, 0x31, 0xe5, 0xb6, 0x09, 0x7b, 0xbe, 0x50, 0xd4, 0xa5, 0xa1, 0x7b, 0x51, 0x66, 0x26,
+    0x8f, 0xae, 0x29, 0x2d, 0x56, 0x5a, 0xa8, 0x06, 0x65, 0x04, 0xe8, 0xc0, 0xa8, 0x6f, 0x7a, 0xbf,
+    0xed, 0x22, 0x7a, 0xc1, 0x4f, 0x41, 0x25, 0x07, 0x95, 0xbb, 0xc4, 0xe0, 0x25, 0x9c, 0xd0, 0xd5,
+    0xf1, 0xf7, 0x68, 0x5f, 0xe7, 0xbe, 0x3a, 0xcd, 0xc7, 0x37, 0xcc, 0xd9, 0x3a, 0x53, 0xc5, 0x56,
+    0xe5, 0xf6, 0x76, 0xa5, 0x3f, 0x89, 0xad, 0x5b, 0x6e, 0xd3, 0x03, 0x31, 0xad, 0x83, 0xde, 0x78,
+    0x1f, 0x1b, 0xf1, 0x6a, 0xba, 0xd4, 0x2c, 0x37, 0x3b, 0x9b, 0x88, 0x2f, 0x2c, 0x62, 0x86, 0x64,
+    0x82, 0xeb, 0xc3, 0x96, 0x10, 0xef, 0x75, 0x9e, 0x25, 0x55, 0x6c, 0x2b, 0x75, 0x44, 0x02, 0xf8,
+    0xf0, 0x0c, 0x88, 0xb2, 0xe9, 0xa7, 0x2b, 0x27, 0xe0, 0x3a, 0x0d, 0x6a, 0x2b, 0x89, 0xb4, 0x0b,
+    0xe6, 0x38, 0x95, 0x51, 0x2d, 0xa2, 0x9e, 0xa6, 0x07, 0xc4, 0x83, 0x27, 0x9e, 0x2e, 0x4d, 0x9f,
+    0xc3, 0x7f, 0x43, 0xdd, 0x18, 0x79, 0xae, 0xd1, 0xd6, 0x9e, 0x5a, 0xdf, 0xae, 0x66, 0x03, 0x84,
+    0xef, 0x17, 0x79, 0xd8, 0x53, 0x73, 0x07, 0x10, 0xdb, 0xa1, 0x85, 0x45, 0x07, 0xeb, 0x32, 0x6f,
+    0x1d, 0x2e, 0xf2, 0x73, 0xa6, 0xe6, 0x0e, 0x20, 0x75, 0x81, 0xc9, 0x8a, 0x0e, 0x15, 0x64, 0xde,
+    0xc0, 0xb1, 0xa0, 0x29, 0x0a, 0x52, 0x9d, 0x2c, 0xbf, 0x89, 0xda, 0xc9, 0x9d, 0xcb, 0x90, 0x63,
+    0xf6, 0x53, 0x8d, 0x99, 0xcd, 0xf1, 0x4d, 0x1e, 0x32, 0x14, 0xce, 0x46, 0x4d, 0x10, 0x51, 0x06,
+    0x4b, 0x75, 0x8f, 0x36, 0x64, 0x6c, 0x71, 0x04, 0x46, 0xb9, 0xb0, 0x80, 0x71, 0x4a, 0xed, 0x6b,
+    0xee, 0xec, 0x99, 0x35, 0x5d, 0x6a, 0x16, 0xfa, 0xfc, 0xac, 0x44, 0xf6, 0x16, 0x31, 0x43, 0x32,
+    0xe9, 0x48, 0x7c, 0xf3, 0x77, 0x25, 0x61, 0x29, 0x09, 0x8f, 0x46, 0x69, 0x61, 0x72, 0xd7, 0x62,
+    0xe2, 0x52, 0x93, 0x63, 0x15, 0xc6, 0xda, 0x88, 0x9b, 0xf0, 0x01, 0xae, 0xda, 0xc0, 0x4a, 0x28,
+    0x16, 0x34, 0x1d, 0xe3, 0xc4, 0x05, 0xb5, 0x81, 0xe7, 0xfe, 0x8e, 0x4d, 0xb5, 0xa7, 0xf9, 0x94,
+    0x53, 0xca, 0x9b, 0x9a, 0xf4, 0xf7, 0x2a, 0xe0, 0x88, 0x01, 0x3a, 0x30, 0x2a, 0x6b, 0xff, 0x5f,
+    0xdd, 0x9f, 0x52, 0x5a, 0xac, 0xb4, 0x93, 0x0c, 0xca, 0x08, 0x13, 0x43, 0x93, 0xde, 0xf4, 0xbd,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x01, 0xfb, 0xe0, 0xed, 0x0e, 0x19, 0x11, 0xea, 0x27, 0x0d, 0xc1, 0xb3, 0x11, 0xda, 0x71, 0x5d,
+    0x8b, 0xc4, 0x2f, 0x1f, 0x6e, 0x3e, 0xec, 0x28, 0xf9, 0x30, 0x6a, 0x49, 0xec, 0x81, 0x7d, 0x08,
+    0xf3, 0xc2, 0x6b, 0x46, 0xfb, 0x8c, 0x18, 0xda, 0x89, 0x2d, 0x8d, 0x7c, 0x18, 0x24, 0x27, 0xec,
+    0xde, 0x51, 0xb1, 0xae, 0xbe, 0x9f, 0xa0, 0xf1, 0xa3, 0x1f, 0x93, 0x55, 0xa0, 0x73, 0x67, 0x5a,
+    0x57, 0xa0, 0x9d, 0xa8, 0xcc, 0x93, 0x6e, 0xce, 0x14, 0x35, 0xb8, 0xb9, 0x6e, 0x85, 0xf8, 0xe8,
+    0x9e, 0x3e, 0xd1, 0x08, 0xb8, 0x10, 0x6a, 0x54, 0x77, 0xd9, 0x64, 0x12, 0x6a, 0x8b, 0x17, 0x7b,
+    0x38, 0x69, 0x24, 0xff, 0x93, 0x3d, 0x3e, 0x57, 0xa4, 0xdb, 0x10, 0x72, 0x3e, 0x5d, 0x2a, 0xc5,
+    0xbe, 0xe8, 0xe1, 0x5b, 0xbb, 0xb6, 0x0f, 0xe7, 0x1d, 0xba, 0xfe, 0xd0, 0x0f, 0xf7, 0x2f, 0x8a,
+    0x8a, 0x3f, 0xcf, 0xf2, 0x60, 0x27, 0xfd, 0xc2, 0xde, 0x3d, 0xab, 0xfa, 0xfd, 0x5b, 0x0c, 0x55,
+    0x4f, 0x1f, 0x89, 0x04, 0x5c, 0x08, 0x35, 0x2a, 0xda, 0x8d, 0x32, 0x09, 0x35, 0xa4, 0xea, 0xdc,
+    0xa2, 0x3d, 0xf3, 0xc5, 0x13, 0x49, 0x10, 0x2d, 0x4f, 0x36, 0xf6, 0xe9, 0x10, 0x38, 0x3a, 0x09,
+    0x61, 0x42, 0xb0, 0x18, 0x0b, 0x30, 0xbe, 0xfc, 0x99, 0xa8, 0xac, 0x36, 0xbe, 0x5e, 0x39, 0x8d,
+    0x9c, 0x0b, 0xd2, 0x11, 0xa4, 0x22, 0x48, 0x43, 0x39, 0xc3, 0x25, 0xb7, 0x48, 0xfc, 0xf5, 0xc1,
+    0x26, 0x89, 0x35, 0x78, 0x27, 0xf0, 0x03, 0x8a, 0xb8, 0x4d, 0x59, 0xee, 0x03, 0xe5, 0xdd, 0xfc,
+    0x60, 0xb9, 0x50, 0xf5, 0x05, 0x29, 0xaf, 0x16, 0xbe, 0xa5, 0x6d, 0x85, 0xaf, 0x84, 0x48, 0xd0,
+    0x78, 0x06, 0x44, 0x59, 0x95, 0xb2, 0xf4, 0xf2, 0x70, 0x1d, 0xe7, 0x35, 0xf4, 0xa5, 0x5a, 0xe4,
+    0xd9, 0xf5, 0x54, 0x68, 0x94, 0xd0, 0xd7, 0x22, 0x56, 0x3c, 0x91, 0xca, 0xd7, 0x30, 0xf3, 0x0a,
+    0x3c, 0x03, 0x22, 0xcd, 0xab, 0x59, 0x7a, 0x79, 0x38, 0xef, 0x92, 0xfb, 0x7a, 0xb3, 0x2d, 0x72,
+    0xfb, 0x16, 0x67, 0x22, 0x8b, 0x44, 0x90, 0x86, 0x72, 0x45, 0x4a, 0xad, 0x90, 0x3b, 0x29, 0x41,
+    0xc7, 0x15, 0x45, 0xef, 0x20, 0x1d, 0xea, 0xff, 0x4a, 0xaa, 0xd8, 0x56, 0xea, 0x88, 0x04, 0x33,
+    0xfe, 0x87, 0x81, 0xfd, 0xbd, 0x39, 0xc5, 0x42, 0xc9, 0x7c, 0x09, 0x97, 0xc5, 0x0f, 0x5f, 0xab,
+    0x36, 0xe2, 0x2d, 0xb0, 0xc7, 0xa3, 0xd0, 0x32, 0x8d, 0x9d, 0x14, 0x8f, 0xd0, 0xdb, 0xc1, 0x65,
+    0xa0, 0x08, 0xf0, 0xdc, 0x0f, 0x7b, 0x32, 0x3a, 0x01, 0x2c, 0xb7, 0x4c, 0x32, 0x4f, 0xd8, 0xb3,
+    0x50, 0x04, 0x78, 0x6e, 0xe6, 0xdc, 0x19, 0x1d, 0xe1, 0x16, 0xba, 0x26, 0x19, 0xc6, 0x6c, 0xb8,
+    0xf5, 0x9d, 0x6e, 0x6d, 0xdf, 0xda, 0x7e, 0xe3, 0x5b, 0x03, 0x4e, 0x50, 0x7e, 0xbd, 0xc2, 0xe1,
+    0xaa, 0xe9, 0xff, 0xa1, 0x63, 0x81, 0x98, 0x71, 0xb4, 0x5e, 0x31, 0x38, 0x98, 0x27, 0x34, 0xa4,
+    0xd3, 0x14, 0x5b, 0x15, 0xf8, 0x2a, 0x7d, 0x69, 0xe3, 0x4e, 0x17, 0xbe, 0x7d, 0x58, 0x1f, 0x1d,
+    0x41, 0x94, 0x80, 0x4b, 0x08, 0x96, 0xdb, 0x4f, 0xf3, 0xcb, 0x36, 0xf4, 0xdb, 0x22, 0x01, 0x7c,
+    0x7f, 0xa2, 0xa1, 0x9f, 0xbf, 0xfd, 0x83, 0x21, 0x85, 0x3e, 0xe5, 0xaa, 0x83, 0xe6, 0xce, 0xb4,
+    0xa5, 0x99, 0x16, 0x03, 0x39, 0x06, 0x67, 0xfe, 0xba, 0x15, 0xf4, 0x76, 0x67, 0x7b, 0xae, 0x59,
+    0xb0, 0x63, 0xe8, 0x14, 0xef, 0x28, 0xe1, 0x82, 0x34, 0xfc, 0xfa, 0x2d, 0xe1, 0x71, 0xc4, 0x2a,
+    0x48, 0xbb, 0x6c, 0xc2, 0x76, 0x47, 0x42, 0xf9, 0x2f, 0xae, 0x30, 0x96, 0x42, 0xe7, 0x7e, 0x8c,
+    0x20, 0xd6, 0x30, 0x53, 0x03, 0xa6, 0x65, 0xb3, 0x6a, 0x63, 0x9a, 0xc2, 0x65, 0x7c, 0x38, 0xf1,
+    0xf4, 0x66, 0x8e, 0x80, 0xd1, 0xc3, 0x6f, 0x09, 0x7c, 0x0e, 0x8f, 0xe3, 0x6f, 0x67, 0xb3, 0xbc,
+    0x0b, 0x1a, 0xef, 0x90, 0x62, 0xe3, 0xbb, 0xa1, 0x92, 0x7f, 0x47, 0xc7, 0xbb, 0xb2, 0x9d, 0x4a,
+    0xd8, 0x0e, 0xb4, 0x85, 0x9a, 0xc9, 0xc6, 0xc8, 0x71, 0x31, 0x50, 0x79, 0xc6, 0xea, 0x82, 0x57,
+    0xb7, 0xc7, 0x0d, 0xd2, 0xc5, 0x67, 0x96, 0x51, 0xc1, 0xdf, 0xf8, 0xb2, 0x96, 0x32, 0x50, 0x7a,
+    0xb1, 0x98, 0x08, 0xf9, 0xe1, 0x31, 0xf0, 0x68, 0x13, 0xf1, 0x3b, 0x9e, 0xf0, 0xab, 0xb5, 0x77,
+    0xd5, 0x4b, 0x5e, 0x3e, 0xdc, 0x7c, 0x1b, 0x50, 0x31, 0x60, 0xd4, 0x92, 0x1b, 0xc1, 0xfa, 0x10,
+    0x22, 0xe3, 0x33, 0x4a, 0x1f, 0x94, 0x47, 0xa4, 0x24, 0x79, 0xdb, 0x67, 0x47, 0x0b, 0xda, 0x4b,
+    0x4c, 0xd1, 0x6a, 0xf0, 0x4e, 0x23, 0x06, 0xd7, 0xb3, 0x9a, 0xb2, 0x1f, 0x06, 0x09, 0x79, 0x3b,
+    0x3f, 0xcd, 0xc1, 0x39, 0xb9, 0x72, 0x49, 0x84, 0x51, 0xf8, 0x12, 0xed, 0x49, 0x1e, 0xbe, 0x95,
+    0x75, 0x43, 0xae, 0xe2, 0xd3, 0x07, 0x29, 0x6a, 0x30, 0x4c, 0x63, 0xde, 0x29, 0x8e, 0x22, 0xa3,
+    0x19, 0x44, 0xf4, 0x41, 0x9e, 0x82, 0x4a, 0x0e, 0xe9, 0xb5, 0x4b, 0x03, 0x4a, 0xfb, 0x63, 0x69,
+    0x74, 0xb8, 0x4e, 0x0f, 0xdd, 0x1e, 0x38, 0x80, 0x17, 0x41, 0xa2, 0x6d, 0x38, 0x54, 0x53, 0xfe,
+    0x13, 0xa5, 0xfb, 0x3c, 0xf2, 0x78, 0xe0, 0x45, 0x5c, 0xc7, 0xcd, 0x77, 0xe0, 0x93, 0x8f, 0x7e,
+    0xd7, 0x7e, 0x5d, 0x27, 0xc0, 0x4e, 0x39, 0x47, 0x7f, 0x7a, 0x95, 0x37, 0x39, 0xb6, 0x18, 0xaa,
+    0x84, 0xb4, 0xc6, 0xbd, 0x34, 0xb9, 0x13, 0xa7, 0xf7, 0x7b, 0xaf, 0x07, 0x13, 0xdd, 0xe7, 0xf5,
+    0x7b, 0xc8, 0xa7, 0xad, 0x87, 0x99, 0xc7, 0x0f, 0x19, 0x0a, 0x67, 0x23, 0xc7, 0x08, 0xc9, 0x03,
+    0x42, 0x5a, 0x63, 0xbf, 0x1a, 0xbd, 0xe8, 0xb2, 0x9a, 0xdc, 0xb6, 0xe2, 0xe8, 0x8f, 0x92, 0x9b,
+    0x11, 0x90, 0xf8, 0x25, 0xee, 0x4a, 0xc2, 0x52, 0x12, 0xdd, 0x8c, 0xd2, 0xc2, 0xe4, 0x6d, 0xc4,
+    0xe0, 0x67, 0x90, 0x7a, 0x09, 0xf4, 0xf8, 0x9f, 0xd5, 0xea, 0x40, 0x0b, 0xf8, 0xb7, 0xa8, 0x92,
+    0x71, 0x29, 0xa8, 0xd0, 0xeb, 0x63, 0x6d, 0x44, 0xac, 0x78, 0xe1, 0x57, 0x6d, 0x60, 0x25, 0x14,
+    0x31, 0x46, 0xc8, 0x76, 0xed, 0xec, 0xa7, 0xe1, 0x78, 0xbe, 0x16, 0x10, 0xa7, 0x98, 0x55, 0x35,
+    0x67, 0x1d, 0xb5, 0x33, 0x2f, 0x66, 0xd8, 0xc5, 0x4b, 0x86, 0x6f, 0x1a, 0xd8, 0xc7, 0xdc, 0x80,
+    0xc8, 0x65, 0xac, 0x4d, 0x7a, 0x9a, 0x15, 0x70, 0x44, 0xe1, 0x1d, 0x18, 0x15, 0xd4, 0x9e, 0xce,
+    0x4d, 0x2a, 0x8a, 0x1d, 0x40, 0x3a, 0x17, 0x3d, 0x94, 0x97, 0x73, 0xac, 0x17, 0xd3, 0x08, 0x66,
+    0xfc, 0xb2, 0x82, 0xe4, 0xa1, 0x0b, 0xe7, 0x55, 0x87, 0x66, 0x48, 0x32, 0xe7, 0x78, 0xbd, 0x11,
+    0xb3, 0xad, 0x0b, 0xe0, 0xfd, 0x03, 0xd2, 0x7f, 0x5d, 0xeb, 0x7a, 0x3b, 0xd2, 0xdc, 0x57, 0xcd,
+    0x44, 0x05, 0x66, 0x94, 0x3e, 0xeb, 0x8e, 0x8b, 0x48, 0xf2, 0x75, 0xce, 0x8e, 0x16, 0x77, 0x96,
+    0xc5, 0x20, 0x46, 0xf6, 0x3c, 0x2f, 0xc8, 0xe8, 0x04, 0xb0, 0x99, 0xf3, 0xc8, 0xff, 0xe6, 0x89,
+    0x14, 0x01, 0x1e, 0xfa, 0xd8, 0x37, 0x97, 0x96, 0xa9, 0xe4, 0xcf, 0xe8, 0x97, 0xd0, 0x1b, 0x2e,
+    0x2b, 0xcc, 0xdf, 0xc3, 0x61, 0x45, 0xde, 0x12, 0xf8, 0x1c, 0xdd, 0x05, 0xde, 0xce, 0xa5, 0xbb,
+    0x12, 0x5e, 0x1b, 0xd1, 0xfc, 0x61, 0xf1, 0xaf, 0x7b, 0xca, 0x0c, 0xc4, 0xf1, 0x49, 0xfe, 0x23,
+    0xb6, 0x3c, 0xed, 0x3f, 0xcb, 0x7e, 0x87, 0xbb, 0xe6, 0xd2, 0x39, 0x01, 0x87, 0xe8, 0x21, 0x27,
+    0xbc, 0xdd, 0xe2, 0x42, 0xa7, 0x84, 0x2d, 0xf0, 0x53, 0xa0, 0xbf, 0x75, 0x2d, 0x80, 0xcd, 0x30,
+    0x8d, 0x9b, 0x2a, 0x34, 0x4a, 0x68, 0x8a, 0x11, 0x2b, 0x1e, 0xa9, 0x65, 0x8a, 0x18, 0x98, 0x05,
+    0x90, 0xb5, 0xd8, 0x47, 0xec, 0x8e, 0x84, 0x31, 0x5e, 0x9f, 0x60, 0xef, 0x84, 0x0d, 0xfc, 0xdb,
+    0x77, 0x76, 0xad, 0xfb, 0xcf, 0x35, 0x0b, 0x7d, 0x7e, 0x56, 0x22, 0x7b, 0x0b, 0xf9, 0xc0, 0x19,
+    0x94, 0xdf, 0xde, 0x75, 0xd4, 0xea, 0xc0, 0x1f, 0xc2, 0xab, 0xe2, 0x66, 0xc0, 0xe3, 0xfb, 0x6c,
+    0xe7, 0xc3, 0x75, 0xbc, 0x23, 0xbb, 0x8f, 0x4c, 0x20, 0xc9, 0x42, 0x94, 0x8f, 0xf4, 0x3c, 0xc2,
+    0x5b, 0x1e, 0x97, 0xfe, 0x84, 0x3f, 0xa2, 0xbc, 0x73, 0x69, 0xfd, 0xe1, 0xa2, 0x74, 0xf1, 0xf2,
+    0x64, 0xd3, 0x56, 0xc7, 0x3d, 0x4d, 0xeb, 0x38, 0x22, 0x91, 0xef, 0x0c, 0xeb, 0x6a, 0x4f, 0x67,
+    0x0a, 0xe1, 0x0f, 0x7d, 0x6c, 0xfa, 0xaa, 0x4b, 0xb5, 0x72, 0x86, 0x74, 0xaa, 0x68, 0xec, 0x17,
+    0xab, 0x12, 0x1f, 0x4c, 0x6d, 0x98, 0x89, 0x9b, 0x93, 0x53, 0xf0, 0x8b, 0x89, 0xfd, 0x45, 0xf9,
+    0x03, 0xce, 0xe3, 0xf4, 0x12, 0x2b, 0x33, 0xfd, 0x69, 0x17, 0x80, 0x16, 0x33, 0xad, 0x93, 0xe7,
+    0x80, 0xde, 0xc0, 0x8f, 0x0c, 0xdd, 0x57, 0x89, 0x6b, 0x4f, 0x2d, 0x8e, 0x57, 0x33, 0xe0, 0x42,
+    0x83, 0x10, 0x23, 0x7b, 0x1e, 0xf6, 0x64, 0x74, 0x02, 0x58, 0xad, 0x98, 0x64, 0x9e, 0x73, 0xa5,
+    0xa6, 0x57, 0xf5, 0xf7, 0x2b, 0x2d, 0x54, 0x03, 0xd3, 0x02, 0x74, 0x60, 0x54, 0xd6, 0x3d, 0xbe,
+    0x09, 0x2f, 0xec, 0x89, 0x7e, 0xd1, 0x99, 0xb6, 0xdc, 0x65, 0x06, 0x62, 0x99, 0xc5, 0x7f, 0xf0,
+    0xac, 0xb6, 0xfa, 0x8a, 0x47, 0xd7, 0xfe, 0x48, 0x66, 0x70, 0xf2, 0x14, 0xfe, 0xbe, 0xd1, 0xa9,
+    0x2c, 0x68, 0x3a, 0x05, 0x4b, 0x0a, 0xa9, 0xc1, 0x0d, 0x3f, 0xdf, 0x9a, 0xa9, 0x8d, 0x31, 0xeb,
+    0x7e, 0x59, 0x41, 0x72, 0xb1, 0xe4, 0x92, 0xcb, 0xa2, 0x33, 0x24, 0x19, 0x92, 0x3c, 0xbf, 0xe9,
+    0x2f, 0xa6, 0xd9, 0xf1, 0x59, 0x21, 0x9a, 0x3c, 0x64, 0x28, 0x5f, 0x8c, 0x9a, 0x20, 0xa2, 0x0c,
+    0xb5, 0xf2, 0x0e, 0xcb, 0xd9, 0x55, 0xb4, 0x46, 0x8f, 0xc5, 0xb9, 0x17, 0xb4, 0x45, 0xb2, 0xc0,
+    0x3b, 0xa7, 0xc7, 0x0b, 0x81, 0x16, 0x0d, 0xaa, 0xcd, 0xcc, 0x90, 0x64, 0x0d, 0xf0, 0xb9, 0x22,
+    0xbd, 0x26, 0x02, 0xaf, 0xa9, 0x9d, 0x3c, 0x1a, 0x74, 0xad, 0x7e, 0xc6, 0x3c, 0x5a, 0xbc, 0x6d,
+    0x04, 0x6a, 0x06, 0x32, 0x38, 0x64, 0x44, 0x2e, 0x9c, 0x34, 0x82, 0x89, 0x44, 0xee, 0x07, 0xb7,
+    0xeb, 0x7d, 0x7f, 0xea, 0x6b, 0x17, 0x43, 0x3e, 0x47, 0x95, 0x07, 0xcc, 0x43, 0x05, 0x35, 0xd8,
+    0xbb, 0x79, 0x07, 0x84, 0x8d, 0xcb, 0x5a, 0x23, 0xa6, 0x83, 0xbd, 0xea, 0x5a, 0xc3, 0x59, 0x60,
+  },
+  { /* 13 */
+    0x79, 0x1a, 0x2d, 0x6d, 0xc9, 0x3b, 0x13, 0xe1, 0x79, 0x58, 0x80, 0x80, 0x75, 0x80, 0xb7, 0x36,
+    0x91, 0x58, 0xcb, 0xc6, 0xfe, 0x1f, 0xb1, 0x50, 0x91, 0xd6, 0x1a, 0x1a, 0x1d, 0x1a, 0x89, 0x33,
+    0x99, 0x09, 0xd2, 0xbc, 0x88, 0x79, 0x33, 0xc2, 0x99, 0xe9, 0xdc, 0xdc, 0x3b, 0xdc, 0x07, 0x9c,
+    0xb9, 0x8e, 0xb6, 0x97, 0x93, 0x22, 0x7e, 0xcf, 0xb9, 0x15, 0x42, 0x42, 0xa3, 0x42, 0x7a, 0x65,
+    0x71, 0x4b, 0x34, 0x17, 0xbf, 0x5d, 0x91, 0x73, 0x71, 0x67, 0x46, 0x46, 0x53, 0x46, 0x39, 0x99,
+    0xea, 0xc7, 0x71, 0x54, 0xcb, 0xdc, 0x63, 0x74, 0xea, 0xf1, 0x4a, 0x4a, 0x80, 0x4a, 0xfc, 0x5e,
+    0xd7, 0xd9, 0x79, 0x52, 0x0f, 0x62, 0xab, 0xc6, 0xd7, 0x6c, 0x56, 0x56, 0x15, 0x56, 0xf6, 0xef,
+    0x95, 0x91, 0x26, 0xfb, 0xc5, 0x2c, 0xf0, 0x19, 0x95, 0x28, 0x79, 0x79, 0x0e, 0x79, 0xce, 0x85,
+    0x55, 0x05, 0xbd, 0x01, 0x9f, 0x35, 0x9d, 0x37, 0x55, 0x65, 0xbb, 0xbb, 0xd8, 0xbb, 0x03, 0xd6,
+    0xda, 0xe2, 0x27, 0x8b, 0x3c, 0x4b, 0xe9, 0x9e, 0xda, 0x73, 0x9b, 0x9b, 0x54, 0x9b, 0x5e, 0x3a,
+    0xdb, 0x41, 0x8d, 0x15, 0x42, 0x37, 0x68, 0x1d, 0xdb, 0xad, 0xf3, 0xf3, 0x20, 0xf3, 0x3f, 0xf6,
+    0xb5, 0x16, 0x42, 0xd0, 0xde, 0x77, 0xbd, 0x14, 0xb5, 0xd4, 0xe7, 0xe7, 0x96, 0xe7, 0xb3, 0x7c,
+    0x3f, 0x9b, 0x9f, 0xf9, 0x38, 0x46, 0x09, 0x77, 0x3f, 0xe2, 0xcc, 0xcc, 0x7d, 0xcc, 0xc8, 0xea,
+    0x54, 0xa6, 0x17, 0x9f, 0xe1, 0x49, 0x1c, 0xb4, 0x54, 0xbb, 0xd3, 0xd3, 0xac, 0xd3, 0x62, 0x1a,
+    0x7d, 0xd3, 0xc0, 0x50, 0xf2, 0x08, 0x52, 0xa8, 0x7d, 0xa6, 0xe3, 0xe3, 0x66, 0xe3, 0xf0, 0x80,
+    0xd5, 0x5c, 0xee, 0xad, 0xf3, 0x9a, 0x6a, 0x03, 0xd5, 0x13, 0x86, 0x86, 0xfd, 0x86, 0x34, 0xb4,
+    0xbd, 0x47, 0x5b, 0xaa, 0xa8, 0x11, 0x3f, 0x86, 0xbd, 0xeb, 0x21, 0x21, 0xb0, 0x21, 0x3d, 0xd3,
+    0xa9, 0x2c, 0x84, 0x63, 0x7f, 0xee, 0xb9, 0x28, 0xa9, 0x6b, 0x0d, 0x0d, 0xef, 0x0d, 0xa5, 0xf8,
+    0xfe, 0xac, 0xae, 0x9d, 0x1c, 0x23, 0xe5, 0xda, 0xfe, 0x71, 0x66, 0x66, 0xdf, 0x66, 0x64, 0x75,
+    0x3b, 0x52, 0x72, 0xc4, 0x03, 0x75, 0x48, 0x3e, 0x3b, 0x1c, 0xaf, 0xaf, 0x6e, 0xaf, 0x8f, 0x5c,
+    0x1d, 0x99, 0x6c, 0x2d, 0xdf, 0xe5, 0x85, 0xbf, 0x1d, 0x61, 0x82, 0x82, 0x0d, 0x82, 0x77, 0x48,
+    0x36, 0x69, 0x2c, 0x1d, 0x30, 0x5c, 0x0a, 0x66, 0x36, 0x03, 0x62, 0x62, 0x2f, 0x62, 0x27, 0x89,
+    0x38, 0x74, 0x4f, 0xa5, 0x81, 0xf1, 0x08, 0x78, 0x38, 0xbd, 0x17, 0x17, 0xf2, 0x17, 0x2c, 0xcb,
+    0x07, 0xef, 0xd0, 0x5c, 0xb9, 0xb7, 0x01, 0x0f, 0x07, 0x5f, 0xdb, 0xdb, 0x8f, 0xdb, 0xe4, 0x21,
+    0x1b, 0xd5, 0x16, 0xef, 0x18, 0x2e, 0x05, 0x33, 0x1b, 0xe0, 0x31, 0x31, 0xf6, 0x31, 0xf2, 0xa5,
+    0xfb, 0xc6, 0xe9, 0x3e, 0x59, 0x6c, 0x25, 0x10, 0xfb, 0x51, 0x6d, 0x6d, 0xb8, 0x6d, 0x42, 0x0f,
+    0x70, 0xe8, 0x9e, 0x89, 0xc1, 0x21, 0x10, 0xf0, 0x70, 0xb9, 0x2e, 0x2e, 0x27, 0x2e, 0x58, 0x55,
+    0x89, 0xab, 0xe0, 0x48, 0x64, 0xb5, 0xf4, 0x25, 0x89, 0x97, 0x93, 0x93, 0x77, 0x93, 0xd8, 0x01,
+    0x4a, 0x19, 0x46, 0xd3, 0xbc, 0x28, 0xd9, 0x4d, 0x4a, 0x7b, 0xe9, 0xe9, 0x3d, 0xe9, 0xb6, 0xc5,
+    0xae, 0xc3, 0x54, 0x3f, 0xc6, 0x59, 0xb8, 0x27, 0xae, 0x34, 0xd6, 0xd6, 0x60, 0xd6, 0x41, 0xd9,
+    0x3d, 0x1e, 0x08, 0x06, 0xc4, 0xbe, 0xc8, 0xb2, 0x3d, 0x9d, 0x1c, 0x1c, 0x95, 0x1c, 0x0a, 0xb1,
+    0x29, 0x75, 0xd7, 0xcf, 0x13, 0x41, 0x4e, 0x1c, 0x29, 0x1d, 0x30, 0x30, 0xca, 0x30, 0x92, 0x9a,
+    0x8a, 0x8d, 0xdd, 0x29, 0xe6, 0x31, 0xb4, 0x63, 0x8a, 0x36, 0x2b, 0x2b, 0xeb, 0x2b, 0x7b, 0x96,
+    0xcd, 0xaf, 0xc5, 0x23, 0x69, 0x30, 0x2f, 0x76, 0xcd, 0x52, 0x0f, 0x0f, 0x97, 0x0f, 0x65, 0x86,
+    0x41, 0x6e, 0x62, 0xc8, 0x48, 0xca, 0x1b, 0x99, 0x41, 0xe5, 0x97, 0x97, 0x87, 0x97, 0x9b, 0xfd,
+    0xce, 0x89, 0xf8, 0x42, 0xeb, 0xb4, 0x6f, 0x30, 0xce, 0xf3, 0xb7, 0xb7, 0x0b, 0xb7, 0xc6, 0x11,
+    0x16, 0xee, 0x48, 0x36, 0x2b, 0x07, 0x47, 0x6b, 0x16, 0xff, 0xfc, 0xfc, 0xb7, 0xfc, 0x5a, 0x70,
+    0x6c, 0xd2, 0x58, 0x3a, 0x60, 0xb8, 0x14, 0xcc, 0x6c, 0x06, 0xc4, 0xc4, 0x5e, 0xc4, 0x4e, 0xd1,
+    0x1f, 0x1c, 0xfb, 0xd2, 0x23, 0x1d, 0x44, 0x7a, 0x1f, 0x1e, 0x52, 0x52, 0xe5, 0x52, 0xb5, 0x13,
+    0xe0, 0x13, 0xff, 0xd1, 0x41, 0x42, 0x20, 0x23, 0xe0, 0xb1, 0x5c, 0x5c, 0x4e, 0x5c, 0xb0, 0xaa,
+    0xf5, 0xdb, 0x8a, 0x86, 0xe8, 0xc1, 0x27, 0x0e, 0xf5, 0xef, 0x18, 0x18, 0x65, 0x18, 0x49, 0x4d,
+    0xb0, 0x7c, 0x05, 0x73, 0x9b, 0x38, 0x7d, 0xde, 0xb0, 0xf4, 0xec, 0xec, 0xf1, 0xec, 0x95, 0x06,
+    0xde, 0x2b, 0xca, 0xb6, 0x07, 0x78, 0xa8, 0xd7, 0xde, 0x8d, 0xf8, 0xf8, 0x47, 0xf8, 0x19, 0x8c,
+    0x03, 0x26, 0x3d, 0x61, 0x82, 0x84, 0x40, 0x46, 0x03, 0xa1, 0xb8, 0xb8, 0x9c, 0xb8, 0xa3, 0x97,
+    0xd0, 0x36, 0xa9, 0x0e, 0xb6, 0xd5, 0xaa, 0xc9, 0xd0, 0x33, 0x8d, 0x8d, 0x9a, 0x8d, 0x12, 0xce,
+    0x8e, 0x44, 0x30, 0x14, 0xdd, 0x02, 0xf5, 0x2a, 0x8e, 0xc8, 0x48, 0x48, 0xf8, 0x48, 0x3c, 0x20,
+    0x23, 0xa1, 0x59, 0x4a, 0x99, 0xdf, 0x0d, 0x4b, 0x23, 0x5d, 0x26, 0x26, 0x04, 0x26, 0xde, 0x6e,
+    0x0a, 0xd4, 0x8e, 0x85, 0x8a, 0x9e, 0x43, 0x57, 0x0a, 0x40, 0x16, 0x16, 0xce, 0x16, 0x4c, 0xf4,
+    0xf3, 0x97, 0xf0, 0x44, 0x2f, 0x0a, 0xa7, 0x82, 0xf3, 0x6e, 0xab, 0xab, 0x9e, 0xab, 0xcc, 0xa0,
+    0x06, 0x4c, 0x7a, 0xc2, 0xc7, 0xcb, 0x80, 0x8c, 0x06, 0x81, 0xb3, 0xb3, 0xfb, 0xb3, 0x85, 0xed,
+    0xdf, 0x88, 0x60, 0x28, 0x79, 0x04, 0x29, 0x54, 0xdf, 0x53, 0x90, 0x90, 0x33, 0x90, 0x78, 0x40,
+    0x4d, 0xf6, 0x96, 0x8f, 0x05, 0x9f, 0xd8, 0x42, 0x4d, 0x24, 0x32, 0x32, 0xb2, 0x32, 0x52, 0xe4,
+    0x98, 0xaa, 0x78, 0x22, 0xf6, 0x05, 0xb2, 0x41, 0x98, 0x37, 0xb4, 0xb4, 0x4f, 0xb4, 0x66, 0x50,
+    0x97, 0x14, 0xb1, 0x04, 0x39, 0xd4, 0x31, 0xdc, 0x97, 0x57, 0xa9, 0xa9, 0xe6, 0xa9, 0x0c, 0xde,
+    0xad, 0xe5, 0x69, 0x5e, 0x44, 0xdd, 0xf8, 0x61, 0xad, 0x95, 0x6e, 0x6e, 0xfc, 0x6e, 0xe2, 0x4e,
+    0x15, 0xc8, 0x75, 0x57, 0xa9, 0x83, 0x07, 0x2d, 0x15, 0x5e, 0x44, 0x44, 0x2b, 0x44, 0xf9, 0xe7,
+    0xa2, 0x5b, 0xa0, 0x78, 0x8b, 0x0c, 0x7b, 0xfc, 0xa2, 0xf5, 0x73, 0x73, 0x55, 0x73, 0x88, 0xc0,
+    0xab, 0xa9, 0x13, 0x9c, 0x83, 0x16, 0x78, 0xed, 0xab, 0x14, 0xdd, 0xdd, 0x07, 0xdd, 0x67, 0xa3,
+    0xc0, 0x94, 0x9b, 0xfa, 0x5a, 0x19, 0x6d, 0x2e, 0xc0, 0x4d, 0xc2, 0xc2, 0xd6, 0xc2, 0xcd, 0x53,
+    0xb6, 0x30, 0x7f, 0xb1, 0x5c, 0xf3, 0xfd, 0x52, 0xb6, 0x75, 0x5f, 0x5f, 0x0a, 0x5f, 0x10, 0xeb,
+    0x53, 0x49, 0xc7, 0xc3, 0x58, 0xfe, 0x1d, 0xbb, 0x53, 0xe4, 0x08, 0x08, 0x23, 0x08, 0x86, 0x3b,
+    0xed, 0x28, 0xa1, 0x08, 0x72, 0x6b, 0x62, 0x7b, 0xed, 0xae, 0x91, 0x91, 0x0f, 0x91, 0x18, 0x7f,
+    0xc1, 0x37, 0x31, 0x64, 0x24, 0x65, 0xec, 0xad, 0xc1, 0x93, 0xaa, 0xaa, 0xa2, 0xaa, 0xac, 0x9f,
+    0xe1, 0xb0, 0x55, 0x4f, 0x3f, 0x3e, 0xa1, 0xa0, 0xe1, 0x6f, 0x34, 0x34, 0x3a, 0x34, 0xd1, 0x66,
+    0x62, 0xcf, 0x3b, 0x82, 0xd1, 0x15, 0x16, 0xd2, 0x62, 0xb8, 0xb1, 0xb1, 0x83, 0xb1, 0x45, 0x93,
+    0x24, 0x4e, 0x89, 0x16, 0x20, 0x68, 0x0c, 0x44, 0x24, 0x02, 0xfd, 0xfd, 0x8b, 0xfd, 0x3a, 0x4f,
+    0xe9, 0xe1, 0x4c, 0x35, 0x49, 0x58, 0x23, 0x32, 0xe9, 0x50, 0xf2, 0xf2, 0x1c, 0xf2, 0x5f, 0xc9,
+    0x65, 0x20, 0xeb, 0xde, 0x68, 0xa2, 0x17, 0xdd, 0x65, 0xe7, 0x6a, 0x6a, 0x0c, 0x6a, 0xa1, 0xb2,
+    0xec, 0x8b, 0x0b, 0x96, 0x0c, 0x17, 0xe3, 0xf8, 0xec, 0x70, 0xf9, 0xf9, 0x7b, 0xf9, 0x79, 0xb3,
+    0x5d, 0x54, 0xa4, 0x7b, 0xe9, 0x53, 0x1f, 0xa5, 0x5d, 0x5a, 0x7d, 0x7d, 0xfe, 0x7d, 0x8d, 0x79,
+    0x26, 0xcb, 0x1e, 0xe9, 0xdc, 0x90, 0xcd, 0x81, 0x26, 0x7d, 0x2d, 0x2d, 0x63, 0x2d, 0xf8, 0x14,
+    0xbe, 0x61, 0x66, 0xcb, 0x2a, 0x95, 0x7f, 0xc0, 0xbe, 0x4a, 0x99, 0x99, 0x2c, 0x99, 0x9e, 0x44,
+    0x21, 0x24, 0xce, 0xb5, 0x65, 0x27, 0xcc, 0x8e, 0x21, 0x22, 0xf6, 0xf6, 0xec, 0xf6, 0x1c, 0x35,
+    0x4b, 0xba, 0xec, 0x4d, 0xc2, 0x54, 0x58, 0xce, 0x4b, 0xa5, 0x81, 0x81, 0x49, 0x81, 0xd7, 0x09,
+    0x48, 0x9c, 0xd1, 0x2c, 0x40, 0xd0, 0x18, 0x88, 0x48, 0x04, 0x39, 0x39, 0xd5, 0x39, 0x74, 0x9e,
+    0xca, 0x40, 0x15, 0x7f, 0xd0, 0x87, 0x2e, 0x79, 0xca, 0x0d, 0xd4, 0xd4, 0x18, 0xd4, 0x81, 0xa7,
+    0xf7, 0x5e, 0x1d, 0x79, 0x14, 0x39, 0xe6, 0xcb, 0xf7, 0x90, 0xc8, 0xc8, 0x8d, 0xc8, 0x8b, 0x16,
+    0x7c, 0x70, 0x6a, 0xce, 0x8c, 0x74, 0xd3, 0x2b, 0x7c, 0x78, 0x8b, 0x8b, 0x12, 0x8b, 0x91, 0x4c,
+    0xff, 0x0f, 0x04, 0x03, 0x62, 0x5f, 0x64, 0x59, 0xff, 0xaf, 0x0e, 0x0e, 0xab, 0x0e, 0x05, 0xb9,
+    0x20, 0x87, 0x64, 0x2b, 0x1b, 0x5b, 0x4d, 0x0d, 0x20, 0xfc, 0x9e, 0x9e, 0x98, 0x9e, 0x7d, 0xf9,
+    0xd1, 0x95, 0x03, 0x90, 0xc8, 0xa9, 0x2b, 0x4a, 0xd1, 0xed, 0xe5, 0xe5, 0xee, 0xe5, 0x73, 0x02,
+    0x85, 0x33, 0x14, 0x0f, 0x29, 0xe0, 0x37, 0xfe, 0x85, 0x56, 0x36, 0x36, 0x42, 0x36, 0x11, 0x18,
+    0x58, 0x3e, 0xe3, 0xd8, 0xac, 0x1c, 0xdf, 0x6f, 0x58, 0x7a, 0x76, 0x76, 0x99, 0x76, 0xab, 0x03,
+    0x49, 0x3f, 0x7b, 0xb2, 0x3e, 0xac, 0x99, 0x0b, 0x49, 0xda, 0x51, 0x51, 0xa1, 0x51, 0x15, 0x52,
+    0xfa, 0x65, 0x43, 0xa0, 0x27, 0x10, 0xa4, 0x93, 0xfa, 0x8f, 0x05, 0x05, 0xcc, 0x05, 0x23, 0xc3,
+    0x87, 0xb6, 0x83, 0xf0, 0xd5, 0x18, 0xf6, 0x3b, 0x87, 0x29, 0xe6, 0xe6, 0xaa, 0xe6, 0xd3, 0x43,
+    0x27, 0x68, 0xb4, 0x77, 0xa2, 0xec, 0x4c, 0x02, 0x27, 0xa3, 0x45, 0x45, 0x17, 0x45, 0x99, 0xd8,
+    0xe8, 0x42, 0xe6, 0xab, 0x37, 0x24, 0xa2, 0xb1, 0xe8, 0x8e, 0x9a, 0x9a, 0x68, 0x9a, 0x3e, 0x05,
+    0xf4, 0x78, 0x20, 0x18, 0x96, 0xbd, 0xa6, 0x8d, 0xf4, 0x31, 0x70, 0x70, 0x11, 0x70, 0x28, 0x81,
+    0x5a, 0xbb, 0x74, 0x27, 0x50, 0xe4, 0x1e, 0xaa, 0x5a, 0x05, 0xa6, 0xa6, 0x71, 0xa6, 0x69, 0x58,
+    0x66, 0x06, 0xd6, 0xbf, 0xea, 0x26, 0x57, 0x9b, 0x66, 0x46, 0xd2, 0xd2, 0x90, 0xd2, 0x02, 0x25,
+    0xf0, 0xb1, 0xcd, 0x25, 0xad, 0x8e, 0xe7, 0xc4, 0xf0, 0xcf, 0x13, 0x13, 0x02, 0x13, 0x6f, 0x37,
+    0xcb, 0xe3, 0xbf, 0xe1, 0xae, 0xfb, 0xaf, 0xfa, 0xcb, 0xd3, 0xbc, 0xbc, 0x6c, 0xbc, 0xe0, 0x6b,
+    0x0e, 0x1d, 0x63, 0xb8, 0xb1, 0xad, 0x02, 0x1e, 0x0e, 0xbe, 0x75, 0x75, 0xdd, 0x75, 0x0b, 0x42,
+    0xe2, 0x96, 0x68, 0x2e, 0xbd, 0xba, 0xe1, 0xe6, 0xe2, 0xce, 0x8c, 0x8c, 0xa6, 0x8c, 0x72, 0xf1,
+    0x57, 0x80, 0x2a, 0xfe, 0x63, 0xcd, 0x5c, 0xf2, 0x57, 0x1a, 0x6b, 0x6b, 0x30, 0x6b, 0xc1, 0x8d,
+    0xc4, 0x5d, 0x76, 0xc7, 0x61, 0x2a, 0x2c, 0x67, 0xc4, 0xb3, 0xa1, 0xa1, 0xc5, 0xa1, 0x8a, 0xe5,
+    0x9b, 0x8c, 0x45, 0x43, 0x74, 0x81, 0xf2, 0x07, 0x9b, 0x96, 0x0c, 0x0c, 0xd3, 0x0c, 0xc5, 0xc7,
+    0xee, 0x0e, 0x9c, 0x69, 0xf0, 0xef, 0x22, 0x3d, 0xee, 0x0f, 0x29, 0x29, 0x93, 0x29, 0xbb, 0xe8,
+    0x1a, 0x76, 0xbc, 0x71, 0x66, 0x52, 0x84, 0xb0, 0x1a, 0x3e, 0x59, 0x59, 0x82, 0x59, 0x93, 0x69,
+    0x37, 0xca, 0x86, 0x83, 0x4e, 0x20, 0x8b, 0xe5, 0x37, 0xdd, 0x0a, 0x0a, 0x5b, 0x0a, 0x46, 0x45,
+    0x2e, 0x9a, 0x07, 0x93, 0xaa, 0xf6, 0x4f, 0x13, 0x2e, 0x42, 0xeb, 0xeb, 0x45, 0xeb, 0x76, 0xbb,
+    0x69, 0xb8, 0x1f, 0x99, 0x25, 0xf7, 0xd4, 0x06, 0x69, 0x26, 0xcf, 0xcf, 0x39, 0xcf, 0x68, 0xab,
+    0x8b, 0x2e, 0x77, 0xb7, 0x98, 0x4d, 0x35, 0xe0, 0x8b, 0xe8, 0x43, 0x43, 0x9f, 0x43, 0x1a, 0x5a,
+    0xaf, 0x60, 0xfe, 0xa1, 0xb8, 0x25, 0x39, 0xa4, 0xaf, 0xea, 0xbe, 0xbe, 0x14, 0xbe, 0x20, 0x15,
+    0xc2, 0x11, 0x0c, 0x05, 0xa6, 0xe1, 0xac, 0xeb, 0xc2, 0x32, 0x12, 0x12, 0x3e, 0x12, 0x0f, 0x08,
+    0x7f, 0x56, 0x57, 0xaf, 0x0e, 0xf0, 0x93, 0x6d, 0x7f, 0xd9, 0x33, 0x33, 0x8e, 0x33, 0x32, 0xdb,
+    0x64, 0x83, 0x41, 0x40, 0x16, 0xde, 0x96, 0x5e, 0x64, 0x39, 0x02, 0x02, 0x78, 0x02, 0xc0, 0x7e,
+    0x45, 0xa7, 0x8f, 0xf5, 0x73, 0xf9, 0x5a, 0xd0, 0x45, 0x1b, 0xf4, 0xf4, 0x94, 0xf4, 0xdc, 0x4b,
+    0x14, 0x6b, 0xdf, 0xc9, 0xd7, 0xff, 0x86, 0xae, 0x14, 0x80, 0x2c, 0x2c, 0x5f, 0x2c, 0x98, 0x2b,
+    0xfd, 0x8a, 0x93, 0xfc, 0x9e, 0xa7, 0xa5, 0x9c, 0xfd, 0xd0, 0xde, 0xde, 0x43, 0xde, 0xc7, 0xe2,
+    0xac, 0x46, 0xc3, 0xc0, 0x3a, 0xa1, 0x79, 0xe2, 0xac, 0x4b, 0x06, 0x06, 0x88, 0x06, 0x83, 0x82,
+    0x86, 0x15, 0x29, 0x6e, 0xab, 0x64, 0x77, 0xb8, 0x86, 0xf7, 0x8e, 0x8e, 0xde, 0x8e, 0xb2, 0x8f,
+    0x76, 0xa4, 0xe4, 0x4b, 0x06, 0xea, 0x90, 0x7c, 0x76, 0x38, 0x9d, 0x9d, 0xdc, 0x9d, 0xdd, 0xb8,
+    0x43, 0xeb, 0xf5, 0x37, 0xb4, 0x32, 0xda, 0x5c, 0x43, 0x9a, 0x47, 0x47, 0x6f, 0x47, 0x59, 0xa6,
+    0x50, 0x6f, 0xfa, 0xa2, 0xda, 0x7a, 0x5d, 0xfd, 0x50, 0x45, 0xb0, 0xb0, 0xbf, 0xb0, 0x25, 0xac,
+    0x28, 0xd6, 0x7d, 0x51, 0x6d, 0x3d, 0xcf, 0x9f, 0x28, 0xc3, 0x58, 0x58, 0xbe, 0x58, 0xf3, 0x56,
+    0xaa, 0x0a, 0xb9, 0x02, 0xfd, 0x6a, 0xf9, 0x6e, 0xaa, 0xca, 0xb5, 0xb5, 0x73, 0xb5, 0x06, 0x6f,
+    0x5e, 0x72, 0x99, 0x1a, 0x6b, 0xd7, 0x5f, 0xe3, 0x5e, 0xfb, 0xc5, 0xc5, 0x62, 0xc5, 0x2e, 0xee,
+    0xdd, 0x0d, 0xf7, 0xd7, 0x85, 0xfc, 0xe8, 0x91, 0xdd, 0x2c, 0x40, 0x40, 0xdb, 0x40, 0xba, 0x1b,
+    0xbb, 0x0b, 0x21, 0x68, 0x6f, 0xda, 0xbf, 0x0a, 0xbb, 0x6a, 0x92, 0x92, 0x4b, 0x92, 0xb8, 0x3e,
+    0x96, 0xb7, 0x1b, 0x9a, 0x47, 0xa8, 0xb0, 0x5f, 0x96, 0x89, 0xc1, 0xc1, 0x92, 0xc1, 0x6d, 0x12,
+    0x05, 0x6a, 0x47, 0xa3, 0x45, 0x4f, 0xc0, 0xca, 0x05, 0x20, 0x0b, 0x0b, 0x67, 0x0b, 0x26, 0x7a,
+    0x7b, 0x9f, 0xba, 0x92, 0x35, 0xc3, 0xd2, 0x24, 0x7b, 0x27, 0x50, 0x50, 0x9d, 0x50, 0x75, 0x6d,
+    0xf6, 0xfd, 0xb7, 0xe7, 0x6a, 0x45, 0x67, 0x48, 0xf6, 0x4e, 0xa0, 0xa0, 0xf9, 0xa0, 0xea, 0xda,
+    0x2b, 0xf0, 0x40, 0x30, 0xef, 0xb9, 0x8f, 0xd9, 0x2b, 0x62, 0xe0, 0xe0, 0x22, 0xe0, 0x50, 0xc1,
+    0x09, 0xf2, 0xb3, 0xe4, 0x08, 0x1a, 0x03, 0x11, 0x09, 0xe1, 0xae, 0xae, 0x52, 0xae, 0xef, 0x63,
+    0xc7, 0x7b, 0x4b, 0xa6, 0xe3, 0xae, 0x6c, 0x21, 0xc7, 0x12, 0x19, 0x19, 0x59, 0x19, 0x29, 0x72,
+    0x46, 0x81, 0xb2, 0x94, 0xf1, 0x7d, 0x1a, 0x96, 0x46, 0xba, 0x4c, 0x4c, 0x08, 0x4c, 0x7f, 0xdc,
+    0x0d, 0x3b, 0x5e, 0xd9, 0x33, 0x29, 0x42, 0x58, 0x0d, 0x1f, 0xcd, 0xcd, 0x41, 0xcd, 0xa8, 0xd5,
+    0x13, 0x84, 0x0f, 0x95, 0x6e, 0x48, 0x87, 0xa1, 0x13, 0xdf, 0xf7, 0xf7, 0xd0, 0xf7, 0x7c, 0x0a,
+    0x61, 0xe9, 0x06, 0xe3, 0x53, 0x91, 0x56, 0x94, 0x61, 0x19, 0x09, 0x09, 0x1f, 0x09, 0xe6, 0x04,
+    0x01, 0xa3, 0xaa, 0x9e, 0x7e, 0x7c, 0x81, 0x83, 0x01, 0xde, 0x68, 0x68, 0x74, 0x68, 0x61, 0xcc,
+    0xef, 0xad, 0x36, 0xf7, 0x8e, 0x93, 0xa3, 0xbe, 0xef, 0xd1, 0x41, 0x41, 0xe7, 0x41, 0xda, 0x24,
+    0x8d, 0x62, 0x0d, 0x75, 0x5f, 0x86, 0xb5, 0x6c, 0x8d, 0x69, 0xf0, 0xf0, 0x64, 0xf0, 0x9f, 0xb7,
+    0xd3, 0x10, 0x94, 0x6f, 0x34, 0x51, 0xea, 0x8f, 0xd3, 0x92, 0x35, 0x35, 0x06, 0x35, 0xb1, 0x59,
+    0xbc, 0xe4, 0xf1, 0x34, 0xd6, 0x6d, 0xbe, 0x05, 0xbc, 0x35, 0x49, 0x49, 0xc4, 0x49, 0x5c, 0x1f,
+    0xf1, 0x12, 0x67, 0xbb, 0xd3, 0xf2, 0x66, 0x47, 0xf1, 0x11, 0x7b, 0x7b, 0x76, 0x7b, 0x0e, 0xfb,
+    0x32, 0xa0, 0xc1, 0x20, 0x0b, 0x6f, 0x4b, 0x2f, 0x32, 0xfd, 0x01, 0x01, 0x3c, 0x01, 0x60, 0x3f,
+    0x5c, 0xf7, 0x0e, 0xe5, 0x97, 0x2f, 0x9e, 0x26, 0x5c, 0x84, 0x15, 0x15, 0x8a, 0x15, 0xec, 0xb5,
+    0x02, 0x85, 0x97, 0xff, 0xfc, 0xf8, 0xc1, 0xc5, 0x02, 0x7f, 0xd0, 0xd0, 0xe8, 0xd0, 0xc2, 0x5b,
+    0xb1, 0xdf, 0xaf, 0xed, 0xe5, 0x44, 0xfc, 0x5d, 0xb1, 0x2a, 0x84, 0x84, 0x85, 0x84, 0xf4, 0xca,
+    0x56, 0x23, 0x80, 0x60, 0x1d, 0xb1, 0xdd, 0x71, 0x56, 0xc4, 0x03, 0x03, 0x44, 0x03, 0xa0, 0x41,
+    0x51, 0xcc, 0x50, 0x3c, 0xa4, 0x06, 0xdc, 0x7e, 0x51, 0x9b, 0xd8, 0xd8, 0xcb, 0xd8, 0x44, 0x60,
+    0xc9, 0x66, 0x28, 0x1e, 0x52, 0x03, 0x6e, 0x3f, 0xc9, 0xac, 0x6c, 0x6c, 0x84, 0x6c, 0x22, 0x30,
+    0xd6, 0x7a, 0xd3, 0xcc, 0x71, 0x1e, 0x2a, 0x45, 0xd6, 0xb2, 0x3e, 0x3e, 0x61, 0x3e, 0x97, 0x23,
+    0x4e, 0xd0, 0xab, 0xee, 0x87, 0x1b, 0x98, 0x04, 0x4e, 0x85, 0x8a, 0x8a, 0x2e, 0x8a, 0xf1, 0x73,
+    0xc8, 0xc5, 0x82, 0x80, 0x2c, 0x7f, 0xef, 0xbc, 0xc8, 0x72, 0x04, 0x04, 0xf0, 0x04, 0x43, 0xfc,
+    0xa0, 0xde, 0x37, 0x87, 0x77, 0xf4, 0xba, 0x39, 0xa0, 0x8a, 0xa3, 0xa3, 0xbd, 0xa3, 0x4a, 0x9b,
+    0x31, 0x86, 0xfc, 0x41, 0x89, 0xeb, 0x0b, 0x69, 0x31, 0x5c, 0xb9, 0xb9, 0xa0, 0xb9, 0xc3, 0xa8,
+    0x22, 0x02, 0xf3, 0xd4, 0xe7, 0xa3, 0x8c, 0xc8, 0x22, 0x83, 0x4e, 0x4e, 0x70, 0x4e, 0xbf, 0xa2,
+    0xa5, 0xb4, 0x70, 0x24, 0x32, 0xbb, 0x7a, 0xf3, 0xa5, 0xaa, 0xa8, 0xa8, 0xda, 0xa8, 0x6c, 0xe1,
+    0x17, 0x4d, 0xe2, 0xa8, 0x55, 0x7b, 0xc6, 0xe8, 0x17, 0x21, 0x94, 0x94, 0xc3, 0x94, 0x3b, 0xbc,
+    0x33, 0x03, 0x6b, 0xbe, 0x75, 0x13, 0xca, 0xac, 0x33, 0x23, 0x69, 0x69, 0x48, 0x69, 0x01, 0xf3,
+    0x94, 0x32, 0x8c, 0x65, 0xbb, 0x50, 0x71, 0x9a, 0x94, 0xf6, 0x11, 0x11, 0x7a, 0x11, 0xaf, 0x49,
+    0xeb, 0x64, 0xdb, 0xca, 0xb5, 0xa0, 0xe2, 0xf7, 0xeb, 0x2f, 0x22, 0x22, 0xf4, 0x22, 0x9d, 0x92,
+    0x84, 0x90, 0xbe, 0x91, 0x57, 0x9c, 0xb6, 0x7d, 0x84, 0x88, 0x5e, 0x5e, 0x36, 0x5e, 0x70, 0xd4,
+    0x08, 0x51, 0x19, 0x7a, 0x76, 0x66, 0x82, 0x92, 0x08, 0x3f, 0xc6, 0xc6, 0x26, 0xc6, 0x8e, 0xaf,
+    0x25, 0xed, 0x23, 0x88, 0x5e, 0x14, 0x8d, 0xc7, 0x25, 0xdc, 0x95, 0x95, 0xff, 0x95, 0x5b, 0x83,
+    0xf9, 0x43, 0x7e, 0xc1, 0xa5, 0x94, 0xe4, 0xd5, 0xf9, 0x2e, 0xbd, 0xbd, 0x50, 0xbd, 0x80, 0x54,
+    0x39, 0xd7, 0xe5, 0x3b, 0xff, 0x8d, 0x89, 0xfb, 0x39, 0x63, 0x7f, 0x7f, 0x86, 0x7f, 0x4d, 0x07,
+    0x60, 0x4a, 0xac, 0x7d, 0x2d, 0xed, 0xd7, 0x17, 0x60, 0xc7, 0x61, 0x61, 0x6b, 0x61, 0x87, 0xc8,
+    0xb2, 0xf9, 0x92, 0x8c, 0x67, 0xc0, 0xbc, 0x1b, 0xb2, 0x8b, 0x3c, 0x3c, 0x19, 0x3c, 0x57, 0x5d,
+    0xd4, 0xff, 0x44, 0x33, 0x8d, 0xe6, 0xeb, 0x80, 0xd4, 0xcd, 0xee, 0xee, 0x89, 0xee, 0x55, 0x78,
+    0x6f, 0xf4, 0x65, 0x5b, 0xe2, 0x3c, 0x54, 0x8a, 0x6f, 0xa7, 0x7c, 0x7c, 0xc2, 0x7c, 0xed, 0x46,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x6d, 0x71, 0xf2, 0xa4, 0x1e, 0xc4, 0x95, 0x4f, 0x6d, 0xd8, 0xac, 0xac, 0x2a, 0xac, 0x2f, 0x1d,
+    0xa1, 0x7d, 0x9d, 0x19, 0x09, 0x88, 0x3b, 0xba, 0xa1, 0x54, 0xcb, 0xcb, 0xc9, 0xcb, 0x2b, 0x57,
+    0x12, 0x27, 0xa5, 0x0b, 0x10, 0x34, 0x06, 0x22, 0x12, 0x01, 0x9f, 0x9f, 0xa4, 0x9f, 0x1d, 0xc6,
+    0xd8, 0x67, 0xb0, 0x74, 0xc0, 0xb3, 0x28, 0x5b, 0xd8, 0x0c, 0x4b, 0x4b, 0xbc, 0x4b, 0x9c, 0x61,
+    0xa3, 0xf8, 0x0a, 0xe6, 0xf5, 0x70, 0xfa, 0x7f, 0xa3, 0x2b, 0x1b, 0x1b, 0x21, 0x1b, 0xe9, 0x0c,
+    0xa4, 0x17, 0xda, 0xba, 0x4c, 0xc7, 0xfb, 0x70, 0xa4, 0x74, 0xc0, 0xc0, 0xae, 0xc0, 0x0d, 0x2d,
+    0xcf, 0x2a, 0x52, 0xdc, 0x95, 0xc8, 0xee, 0xb3, 0xcf, 0x2d, 0xdf, 0xdf, 0x7f, 0xdf, 0xa7, 0xdd,
+    0x9a, 0x2f, 0xef, 0xdd, 0x0a, 0xfd, 0x73, 0x84, 0x9a, 0x48, 0x64, 0x64, 0xa7, 0x64, 0xa4, 0x0b,
+    0xcc, 0x0c, 0x6f, 0xbd, 0x17, 0x4c, 0xae, 0xf5, 0xcc, 0x8c, 0x67, 0x67, 0xe3, 0x67, 0x04, 0x4a,
+    0x52, 0xea, 0x6d, 0x5d, 0x26, 0x82, 0x9c, 0x38, 0x52, 0x3a, 0x60, 0x60, 0x57, 0x60, 0xe7, 0xf7,
+    0x1c, 0x3a, 0xc6, 0xb3, 0xa1, 0x99, 0x04, 0x3c, 0x1c, 0xbf, 0xea, 0xea, 0x79, 0xea, 0x16, 0x84,
+    0x2f, 0x39, 0xad, 0x0d, 0xd4, 0x8a, 0xce, 0x90, 0x2f, 0x9c, 0x83, 0x83, 0x31, 0x83, 0x17, 0x77,
+    0x7e, 0xf5, 0xfd, 0x31, 0x70, 0x8c, 0x12, 0xee, 0x7e, 0x07, 0x5b, 0x5b, 0xfa, 0x5b, 0x53, 0x17,
+    0x93, 0xdd, 0x5c, 0x39, 0x02, 0xe7, 0x70, 0x95, 0x93, 0xa9, 0xca, 0xca, 0xf5, 0xca, 0x4b, 0x68,
+    0x42, 0x48, 0x5f, 0xa9, 0xca, 0x4e, 0x5b, 0xdf, 0x42, 0x44, 0x2f, 0x2f, 0x1b, 0x2f, 0x38, 0x6a,
+    0xb3, 0x5a, 0x38, 0x12, 0x19, 0xbc, 0x3d, 0x98, 0xb3, 0x55, 0x54, 0x54, 0x6d, 0x54, 0x36, 0x91,
+    0x18, 0xf3, 0x2b, 0x8e, 0x9a, 0xaa, 0x45, 0x75, 0x18, 0x41, 0x89, 0x89, 0x6a, 0x89, 0x51, 0x32,
+    0xb8, 0x2d, 0x1c, 0x09, 0xed, 0x5e, 0xff, 0x4c, 0xb8, 0xcb, 0x2a, 0x2a, 0xd7, 0x2a, 0x1b, 0xa9,
+    0xfc, 0x29, 0x39, 0x62, 0xe0, 0xdb, 0x24, 0x1f, 0xfc, 0x0e, 0xb6, 0xb6, 0x37, 0xb6, 0xa6, 0x2e,
+    0x44, 0x04, 0x25, 0x6b, 0x0d, 0x85, 0xdb, 0x53, 0x44, 0xc5, 0x9c, 0x9c, 0xe0, 0x9c, 0xbd, 0x87,
+    0xe6, 0x5f, 0x85, 0x13, 0x86, 0x89, 0xa0, 0xaf, 0xe6, 0x30, 0xef, 0xef, 0xb5, 0xef, 0x35, 0x47,
+    0x8c, 0xc1, 0xa7, 0xeb, 0x21, 0xfa, 0x34, 0xef, 0x8c, 0xb7, 0x98, 0x98, 0x10, 0x98, 0xfe, 0x7b,
+    0xc6, 0xd8, 0xe1, 0x38, 0x9d, 0xd2, 0xed, 0xa2, 0xc6, 0xcc, 0x71, 0x71, 0x2d, 0x71, 0x48, 0xbe,
+    0x63, 0x6c, 0x91, 0x1c, 0xaf, 0x69, 0x97, 0x51, 0x63, 0x66, 0xd9, 0xd9, 0xf7, 0xd9, 0x24, 0x5f,
+    0xbf, 0xc2, 0xcc, 0x55, 0x54, 0xe9, 0xfe, 0x43, 0xbf, 0x94, 0xf1, 0xf1, 0x58, 0xf1, 0xff, 0x88,
+    0xf2, 0x34, 0x5a, 0xda, 0x51, 0x76, 0x26, 0x01, 0xf2, 0xb0, 0xc3, 0xc3, 0xea, 0xc3, 0xad, 0x6c,
+    0x2c, 0x1f, 0x90, 0x6c, 0x56, 0x0e, 0x8e, 0xd6, 0x2c, 0x3d, 0x3b, 0x3b, 0xad, 0x3b, 0xb4, 0xe0,
+    0x11, 0x01, 0x98, 0x6a, 0x92, 0xb0, 0x46, 0x64, 0x11, 0xa0, 0x27, 0x27, 0x38, 0x27, 0xbe, 0x51,
+    0x73, 0xce, 0xa3, 0xe8, 0x43, 0xa5, 0x50, 0xb6, 0x73, 0x18, 0x96, 0x96, 0xbb, 0x96, 0xfb, 0xc2,
+    0xdc, 0xae, 0x5d, 0x49, 0xfb, 0x80, 0x69, 0x12, 0xdc, 0xf2, 0x28, 0x28, 0xaf, 0x28, 0xdb, 0xd7,
+    0xd9, 0xc4, 0x1a, 0xea, 0xbe, 0xcf, 0xa9, 0xd8, 0xd9, 0xd2, 0x23, 0x23, 0xc8, 0x23, 0xfd, 0xad,
+    0x92, 0x7e, 0xf6, 0xa7, 0x7c, 0x9b, 0xf1, 0x16, 0x92, 0x77, 0xa2, 0xa2, 0x81, 0xa2, 0x2a, 0xa4,
+    0x3e, 0x38, 0x35, 0x67, 0x46, 0x3a, 0x88, 0xf4, 0x3e, 0x3c, 0xa4, 0xa4, 0x09, 0xa4, 0xa9, 0x26,
+    0xd2, 0xb3, 0x3e, 0xf1, 0x4a, 0x2d, 0x6b, 0x0c, 0xd2, 0x4c, 0x5d, 0x5d, 0x72, 0x5d, 0xd0, 0x95,
+    0x59, 0x9d, 0x49, 0x46, 0xd2, 0x60, 0x5e, 0xec, 0x59, 0xa4, 0x1e, 0x1e, 0xed, 0x1e, 0xca, 0xcf,
+    0x75, 0x82, 0xd9, 0x2a, 0x84, 0x6e, 0xd0, 0x3a, 0x75, 0x99, 0x25, 0x25, 0x40, 0x25, 0x7e, 0x2f,
+    0x19, 0x50, 0x81, 0x10, 0xe4, 0xd6, 0xc4, 0xf6, 0x19, 0x9f, 0xe1, 0xe1, 0x1e, 0xe1, 0x30, 0xfe,
+    0xb4, 0xb5, 0xe8, 0x4e, 0xa0, 0x0b, 0x3c, 0x97, 0xb4, 0x0a, 0x8f, 0x8f, 0xe2, 0x8f, 0xd2, 0xb0,
+    0x81, 0xfa, 0xf9, 0x32, 0x12, 0xd3, 0x76, 0xb7, 0x81, 0xa8, 0x55, 0x55, 0x51, 0x55, 0x56, 0xae,
+    0xe4, 0xda, 0x12, 0xec, 0x7a, 0x71, 0x61, 0x6a, 0xe4, 0x4f, 0x3f, 0x3f, 0x5d, 0x3f, 0xf7, 0x1c,
+    0xe5, 0x79, 0xb8, 0x72, 0x04, 0x0d, 0xe0, 0xe9, 0xe5, 0x91, 0x57, 0x57, 0x29, 0x57, 0x96, 0xd0,
+    0x0f, 0xbe, 0xc9, 0x26, 0xcf, 0xd1, 0x83, 0x9d, 0x0f, 0x60, 0x1d, 0x1d, 0xa9, 0x1d, 0x6a, 0x8e,
+    0x47, 0x22, 0x18, 0x0a, 0x8f, 0x01, 0x9b, 0x15, 0x47, 0x64, 0x24, 0x24, 0x7c, 0x24, 0x1e, 0x10,
+    0x9c, 0x63, 0x95, 0x1f, 0xcd, 0x36, 0xf3, 0x08, 0x9c, 0xc9, 0xd7, 0xd7, 0x5c, 0xd7, 0x21, 0xe6,
+    0x2a, 0x53, 0xea, 0xae, 0x91, 0xc5, 0x0e, 0x5a, 0x2a, 0xbc, 0x88, 0x88, 0x56, 0x88, 0x31, 0x0d,
+    0xa8, 0x8f, 0x2e, 0xfd, 0x01, 0x92, 0x38, 0xab, 0xa8, 0xb5, 0x65, 0x65, 0x9b, 0x65, 0xc4, 0x34,
+    0x5b, 0x18, 0xde, 0xb9, 0x2e, 0x98, 0x9f, 0x29, 0x5b, 0xdb, 0xce, 0xce, 0x05, 0xce, 0x08, 0x94,
+    0x8f, 0xe7, 0x9a, 0x8a, 0xa3, 0x7e, 0x74, 0xa9, 0x8f, 0x16, 0x20, 0x20, 0x8c, 0x20, 0x5d, 0xec,
+    0x04, 0xc9, 0xed, 0x3d, 0x3b, 0x33, 0x41, 0x49, 0x04, 0xfe, 0x63, 0x63, 0x13, 0x63, 0x47, 0xb6,
+    0xa6, 0x92, 0x4d, 0x45, 0xb0, 0x3f, 0x3a, 0xb5, 0xa6, 0x0b, 0x10, 0x10, 0x46, 0x10, 0xcf, 0x76,
+    0x72, 0x6d, 0x09, 0x76, 0x3d, 0xd9, 0xd1, 0x35, 0x72, 0xc6, 0xfe, 0xfe, 0xcf, 0xfe, 0x9a, 0x0e,
+    0xba, 0xa8, 0x8b, 0xf6, 0x11, 0xa6, 0x3e, 0x89, 0xba, 0xb4, 0xfa, 0xfa, 0x3f, 0xfa, 0xd9, 0xf2,
+    0x30, 0x25, 0x56, 0xdf, 0xf7, 0x97, 0x8a, 0xea, 0x30, 0x82, 0xd1, 0xd1, 0xd4, 0xd1, 0xa2, 0x64,
+    0x4c, 0x55, 0x3c, 0x11, 0x7b, 0xe3, 0x59, 0xc1, 0x4c, 0xfa, 0x5a, 0x5a, 0xc6, 0x5a, 0x33, 0x28,
+    0x82, 0xdc, 0xc4, 0x53, 0x90, 0x57, 0x36, 0xf1, 0x82, 0x09, 0xed, 0xed, 0xcd, 0xed, 0xf5, 0x39,
+    0x6a, 0x9e, 0x22, 0xf8, 0xa7, 0x73, 0x94, 0x40, 0x6a, 0x87, 0x77, 0x77, 0xa5, 0x77, 0xcb, 0x3c,
+    0x88, 0x08, 0x4a, 0xd6, 0x1a, 0xc9, 0x75, 0xa6, 0x88, 0x49, 0xfb, 0xfb, 0x03, 0xfb, 0xb9, 0xcd,
+    0x3c, 0xbd, 0xa2, 0x98, 0xba, 0xc2, 0x49, 0x31, 0x3c, 0x43, 0x74, 0x74, 0xe1, 0x74, 0x6b, 0x7d,
+    0x6e, 0x57, 0xcf, 0xc5, 0x9c, 0x40, 0xd5, 0x09, 0x6e, 0x79, 0x14, 0x14, 0xb6, 0x14, 0x8c, 0x8a,
+    0x0b, 0x77, 0x24, 0x1b, 0xf4, 0xe2, 0xc2, 0xd4, 0x0b, 0x9e, 0x7e, 0x7e, 0xba, 0x7e, 0x2d, 0x38,
+    0x9e, 0xe6, 0x02, 0xe0, 0x31, 0xce, 0x32, 0xcd, 0x9e, 0xb6, 0x07, 0x07, 0xb4, 0x07, 0xe3, 0xbd,
+    0x68, 0x1b, 0xb5, 0x07, 0x5b, 0x8b, 0x55, 0x85, 0x68, 0xf8, 0xa7, 0xa7, 0x4d, 0xa7, 0x09, 0x67,
+    0x67, 0xa5, 0x7c, 0x21, 0x94, 0x5a, 0xd6, 0x18, 0x67, 0x98, 0xba, 0xba, 0xe4, 0xba, 0x63, 0xe9,
+    0xc5, 0xfe, 0xdc, 0x59, 0x1f, 0x56, 0xad, 0xe4, 0xc5, 0x6d, 0xc9, 0xc9, 0xb1, 0xc9, 0xeb, 0x29,
+    0x74, 0x21, 0x73, 0xb4, 0xfa, 0x12, 0x51, 0xb9, 0x74, 0x47, 0x4d, 0x4d, 0x34, 0x4d, 0x1f, 0xe3,
+    0x40, 0xcd, 0xc8, 0x56, 0x36, 0xb6, 0x9a, 0x1a, 0x40, 0x3b, 0xff, 0xff, 0xf3, 0xff, 0xfa, 0x31,
+    0x0c, 0x98, 0xf4, 0x47, 0x4d, 0x55, 0xc3, 0xdb, 0x0c, 0xc1, 0xa5, 0xa5, 0x35, 0xa5, 0xc9, 0x19,
+    0xe7, 0xfc, 0x2f, 0x8d, 0xf8, 0xf5, 0x21, 0x2c, 0xe7, 0xee, 0x87, 0x87, 0xc1, 0x87, 0x54, 0x8b,
+    0x9d, 0xc0, 0x3f, 0x81, 0xb3, 0x4a, 0x72, 0x8b, 0x9d, 0x17, 0xbf, 0xbf, 0x28, 0xbf, 0x40, 0x2a,
+    0x90, 0xfb, 0x61, 0x58, 0x80, 0x63, 0x30, 0xd3, 0x90, 0x08, 0x72, 0x72, 0x69, 0x72, 0xe8, 0xff,
+    0x7a, 0x3c, 0x10, 0x0c, 0x4b, 0xbf, 0x53, 0xa7, 0x7a, 0xf9, 0x38, 0x38, 0xe9, 0x38, 0x14, 0xa1,
+    0x3a, 0xf1, 0xd8, 0x5a, 0x7d, 0x09, 0xc9, 0xbd, 0x3a, 0xc2, 0xc7, 0xc7, 0x1a, 0xc7, 0xee, 0x90,
+    0x35, 0x4f, 0x11, 0x7c, 0xb2, 0xd8, 0x4a, 0x20, 0x35, 0xa2, 0xda, 0xda, 0xb3, 0xda, 0x84, 0x1e,
+    0x34, 0xec, 0xbb, 0xe2, 0xcc, 0xa4, 0xcb, 0xa3, 0x34, 0x7c, 0xb2, 0xb2, 0xc7, 0xb2, 0xe5, 0xd2,
+    0x9f, 0x45, 0xa8, 0x7e, 0x4f, 0xb2, 0xb3, 0x4e, 0x9f, 0x68, 0x6f, 0x6f, 0xc0, 0x6f, 0x82, 0x71,
+    0xb7, 0x93, 0xd5, 0x2f, 0x22, 0x8f, 0x7c, 0xd1, 0xb7, 0xab, 0x37, 0x37, 0x7e, 0x37, 0x71, 0x27,
+    0xf8, 0xe0, 0xd4, 0x5f, 0xdb, 0xe8, 0x65, 0x56, 0xf8, 0xf0, 0xd5, 0xd5, 0x24, 0xd5, 0xe1, 0x98,
+    0x4f, 0x73, 0x01, 0x70, 0xf9, 0x67, 0x19, 0x87, 0x4f, 0x5b, 0xe2, 0xe2, 0x5a, 0xe2, 0x90, 0xbf,
+    0x6b, 0x3d, 0x88, 0x66, 0xd9, 0x0f, 0x15, 0xc3, 0x6b, 0x59, 0x1f, 0x1f, 0xd1, 0x1f, 0xaa, 0xf0,
+    0x83, 0x7f, 0x6e, 0xcd, 0xee, 0x2b, 0xb7, 0x72, 0x83, 0xd7, 0x85, 0x85, 0xb9, 0x85, 0x94, 0xf5,
+    0x5f, 0xd1, 0x33, 0x84, 0x15, 0xab, 0xde, 0x60, 0x5f, 0x25, 0xad, 0xad, 0x16, 0xad, 0x4f, 0x22,
+    0xa7, 0x31, 0xe7, 0xdb, 0xce, 0x43, 0xbb, 0x36, 0xa7, 0xd5, 0x78, 0x78, 0x32, 0x78, 0xae, 0xba,
+    0x1e, 0xbf, 0x51, 0x4c, 0x5d, 0x61, 0xc5, 0xf9, 0x1e, 0xc0, 0x3a, 0x3a, 0x91, 0x3a, 0xd4, 0xdf,
+    0x10, 0xa2, 0x32, 0xf4, 0xec, 0xcc, 0xc7, 0xe7, 0x10, 0x7e, 0x4f, 0x4f, 0x4c, 0x4f, 0xdf, 0x9d,
+    0xc3, 0xb2, 0xa6, 0x9b, 0xd8, 0x9d, 0x2d, 0x68, 0xc3, 0xec, 0x7a, 0x7a, 0x4a, 0x7a, 0x6e, 0xc4,
+    0x78, 0xb9, 0x87, 0xf3, 0xb7, 0x47, 0x92, 0x62, 0x78, 0x86, 0xe8, 0xe8, 0x01, 0xe8, 0xd6, 0xfa,
+    0x2d, 0xbc, 0x3a, 0xf2, 0x28, 0x72, 0x0f, 0x55, 0x2d, 0xe3, 0x53, 0x53, 0xd9, 0x53, 0xd5, 0x2c,
+    0x77, 0x07, 0x4e, 0xd5, 0x78, 0x96, 0x11, 0xff, 0x77, 0xe6, 0xf5, 0xf5, 0xa8, 0xf5, 0xbc, 0x74,
+    0xe3, 0x35, 0xc2, 0xb0, 0xc3, 0xc6, 0x60, 0x65, 0xe3, 0x10, 0xe4, 0xe4, 0xd2, 0xe4, 0x13, 0x3d,
+    0x80, 0x59, 0x53, 0xac, 0x6c, 0xaf, 0xf7, 0x34, 0x80, 0x76, 0x3d, 0x3d, 0x25, 0x3d, 0x37, 0x62,
+  },
+  { /* 14 */
+    0x0a, 0xaf, 0x45, 0x6e, 0xf6, 0x73, 0x56, 0xfb, 0x47, 0x1c, 0xd5, 0xc8, 0x66, 0x2c, 0x64, 0xb5,
+    0xca, 0x52, 0x68, 0xe5, 0x24, 0x5b, 0xd9, 0x08, 0xeb, 0x1e, 0xe0, 0x5e, 0xac, 0x6b, 0x2f, 0x0a,
+    0xf3, 0x80, 0xf6, 0x75, 0x2e, 0x6a, 0xc5, 0xcb, 0x78, 0x58, 0xd0, 0xcf, 0x08, 0x95, 0x86, 0x89,
+    0x17, 0x4e, 0xcb, 0x70, 0x06, 0xae, 0xb5, 0x41, 0x71, 0x83, 0x10, 0xce, 0xdd, 0xeb, 0x67, 0xc0,
+    0x33, 0x7d, 0xdb, 0xfe, 0xfc, 0x42, 0x4a, 0x38, 0xd4, 0x5a, 0xe5, 0x59, 0xc2, 0xd2, 0xcd, 0x36,
+    0x5f, 0x28, 0xeb, 0xaf, 0x31, 0xb5, 0x88, 0xb3, 0xf8, 0xf2, 0x39, 0x23, 0xe3, 0x99, 0xf0, 0xef,
+    0xa3, 0xb1, 0x9b, 0x83, 0x92, 0x74, 0x30, 0x1f, 0x05, 0xb8, 0xb7, 0x40, 0xbe, 0x36, 0x20, 0x68,
+    0x37, 0x3b, 0x27, 0xad, 0x21, 0xa2, 0xd7, 0x88, 0x43, 0x3d, 0xf8, 0xf7, 0xfe, 0x14, 0x9a, 0xaa,
+    0x2a, 0xda, 0xa9, 0xb3, 0xd1, 0x7f, 0x34, 0x32, 0x75, 0xa2, 0x3d, 0xf1, 0x45, 0xd3, 0x99, 0xdf,
+    0xc9, 0x81, 0x29, 0x49, 0x0d, 0x13, 0xc0, 0x7c, 0x14, 0xa5, 0x99, 0xc3, 0xbd, 0xd8, 0x80, 0x63,
+    0x67, 0x0a, 0x4a, 0x5b, 0x9d, 0xbc, 0x22, 0x5c, 0x3e, 0xdd, 0x9f, 0x78, 0x48, 0xb7, 0x3c, 0x4b,
+    0xd3, 0xf5, 0x1a, 0xa8, 0x09, 0x66, 0xa7, 0x02, 0x4a, 0xe6, 0x38, 0xf6, 0x2b, 0x6a, 0x7b, 0xe3,
+    0x63, 0x4c, 0xb6, 0x08, 0x40, 0x5c, 0xbf, 0xec, 0xa9, 0xba, 0x82, 0xd6, 0x74, 0x71, 0x6b, 0xd7,
+    0x84, 0x51, 0xca, 0xa1, 0x41, 0xd0, 0xd6, 0x12, 0x5f, 0xda, 0x3b, 0x4a, 0xb0, 0xbc, 0x25, 0xf7,
+    0xf7, 0xc6, 0x0a, 0x26, 0xf3, 0x8a, 0x58, 0x7b, 0xef, 0x3f, 0xcd, 0x61, 0x34, 0x53, 0xd1, 0x15,
+    0x3c, 0x64, 0x5d, 0xa7, 0x71, 0xe9, 0x37, 0x5f, 0x51, 0x48, 0xbb, 0xf5, 0x97, 0xe8, 0x9b, 0x38,
+    0xea, 0x27, 0x84, 0x38, 0x03, 0x57, 0xbb, 0xc1, 0xd9, 0xa0, 0x08, 0x67, 0x8f, 0x94, 0xd2, 0x60,
+    0x65, 0x29, 0x34, 0x93, 0x12, 0xcc, 0x8d, 0x04, 0x94, 0x0f, 0x70, 0x2f, 0x56, 0xd4, 0xf6, 0x05,
+    0xd0, 0x26, 0x5b, 0x04, 0x20, 0x2e, 0xbe, 0x76, 0xb5, 0x5d, 0x41, 0x6b, 0x3a, 0xd9, 0xd4, 0x8a,
+    0x9e, 0x25, 0xf9, 0x40, 0x45, 0xa5, 0xb1, 0x6c, 0x01, 0x99, 0x9a, 0x7f, 0x26, 0x0e, 0xde, 0x77,
+    0x18, 0x57, 0x4d, 0x29, 0x8b, 0x05, 0xc8, 0x26, 0xf4, 0x91, 0x4e, 0x62, 0x88, 0xd1, 0x31, 0xce,
+    0xf4, 0x15, 0x4b, 0x8a, 0xda, 0xc2, 0x41, 0x0f, 0x10, 0x84, 0xb4, 0xfc, 0x25, 0xe0, 0x7e, 0x7c,
+    0xaf, 0x7b, 0x5c, 0x76, 0x36, 0x97, 0x54, 0x0c, 0x7f, 0x11, 0x90, 0x71, 0xfa, 0xbf, 0xd9, 0x0f,
+    0xcc, 0x37, 0xea, 0x7e, 0x76, 0xcb, 0xeb, 0xe0, 0xd6, 0xab, 0x12, 0xa7, 0x8e, 0xce, 0xb2, 0xd8,
+    0x7a, 0xeb, 0xc4, 0x45, 0x6d, 0x61, 0xc1, 0xe6, 0x08, 0x42, 0x5a, 0x7e, 0xf3, 0x70, 0x3f, 0x3e,
+    0x83, 0xc4, 0x77, 0x5e, 0xb5, 0x78, 0x52, 0xd6, 0x37, 0x06, 0x5f, 0x79, 0x9d, 0xc9, 0xdd, 0x02,
+    0x9d, 0xf6, 0xb8, 0xec, 0x6c, 0xed, 0xa8, 0x18, 0xfe, 0x22, 0xe3, 0xe2, 0x37, 0xbd, 0x71, 0x1e,
+    0x81, 0xe7, 0x09, 0x96, 0x3a, 0x08, 0xfd, 0x8e, 0x9d, 0xd4, 0xb0, 0x2e, 0x83, 0xaa, 0x17, 0x4c,
+    0xad, 0x58, 0x22, 0xbe, 0xb9, 0xe7, 0xfb, 0x54, 0xd5, 0xc3, 0x7f, 0x26, 0xe4, 0xdc, 0x13, 0x41,
+    0xa9, 0x1e, 0xde, 0xed, 0x64, 0x07, 0x66, 0xe4, 0x42, 0xa4, 0x62, 0x88, 0xd8, 0x1a, 0x44, 0xdd,
+    0xfc, 0x99, 0x70, 0x2c, 0xa3, 0xc1, 0xb8, 0xac, 0xfd, 0x4a, 0x8e, 0x63, 0x5d, 0xaf, 0xd0, 0x87,
+    0x73, 0x97, 0xc0, 0x87, 0xb2, 0x5a, 0x8e, 0x69, 0xb0, 0xe5, 0xf6, 0x2b, 0x84, 0xef, 0xf4, 0xe2,
+    0xb0, 0xb9, 0xac, 0xa0, 0x49, 0x3a, 0x18, 0xee, 0xe3, 0x5c, 0xba, 0x20, 0x5f, 0x1b, 0x10, 0x34,
+    0x77, 0xd1, 0x3c, 0xd4, 0x6f, 0xba, 0x13, 0xd9, 0x27, 0x82, 0xeb, 0x85, 0xb8, 0x29, 0xa3, 0x7e,
+    0xa5, 0xd4, 0x19, 0x18, 0xc0, 0xe4, 0x02, 0xf7, 0x38, 0x0d, 0x45, 0xb9, 0x9c, 0x93, 0xbd, 0xba,
+    0x46, 0x8f, 0x99, 0xe2, 0x1c, 0x88, 0xf6, 0xb9, 0x59, 0x0a, 0xe1, 0x8b, 0x64, 0x98, 0xa4, 0x06,
+    0x10, 0xdb, 0x76, 0x8f, 0xf2, 0x06, 0x31, 0x85, 0x19, 0x5f, 0x74, 0xfd, 0xf0, 0x9e, 0x9f, 0x35,
+    0x2b, 0x2a, 0x96, 0xd7, 0x77, 0x47, 0x82, 0x1e, 0x20, 0xcb, 0xab, 0x3b, 0x4a, 0x03, 0xfc, 0xf8,
+    0x87, 0x82, 0x8b, 0x0d, 0x68, 0x98, 0xcf, 0x66, 0xa0, 0x61, 0x42, 0xd7, 0xa1, 0x0f, 0x8a, 0x9e,
+    0xf9, 0x2f, 0xb3, 0x1b, 0xd8, 0x19, 0x93, 0x30, 0x3f, 0x44, 0x05, 0x07, 0x6e, 0xb9, 0xe2, 0x3c,
+    0xd8, 0xaa, 0x60, 0xa2, 0x59, 0x2d, 0x47, 0xd5, 0x58, 0x93, 0x7b, 0xf4, 0x42, 0x96, 0x7a, 0x71,
+    0x80, 0x17, 0x36, 0xf2, 0x9c, 0x30, 0x4b, 0xa2, 0xc8, 0xbd, 0x26, 0xe4, 0x8c, 0x7a, 0x72, 0x6b,
+    0x34, 0xe8, 0x66, 0x01, 0x08, 0xea, 0xce, 0xfc, 0xbc, 0x86, 0x81, 0x6a, 0xef, 0xa7, 0x35, 0xc3,
+    0x31, 0x5e, 0xa5, 0x36, 0x73, 0x32, 0xe5, 0x60, 0x7e, 0x88, 0x0a, 0x0e, 0xdc, 0xb1, 0x07, 0x78,
+    0x6f, 0x86, 0x71, 0xfd, 0xe4, 0xbf, 0xdb, 0xff, 0xd3, 0x13, 0xa5, 0xe7, 0x30, 0xf8, 0x92, 0xb0,
+    0x4d, 0xd0, 0xe3, 0xe8, 0x4c, 0xc3, 0x16, 0x6e, 0x4b, 0x7f, 0xa2, 0x89, 0x0d, 0x64, 0xa5, 0x94,
+    0xd5, 0x90, 0x98, 0x33, 0x5b, 0xf6, 0x95, 0xea, 0x77, 0x53, 0xca, 0x0f, 0x09, 0xcf, 0xe6, 0x31,
+    0xa6, 0x07, 0x58, 0xb4, 0xe9, 0xac, 0x1b, 0x83, 0xc7, 0xb6, 0x3c, 0x24, 0x8d, 0x20, 0x12, 0xd3,
+    0xba, 0x16, 0xe9, 0xce, 0xbf, 0x49, 0x4e, 0x15, 0xa4, 0x40, 0x6f, 0xe8, 0x39, 0x37, 0x74, 0x81,
+    0x62, 0xbc, 0x89, 0x6c, 0xe6, 0x64, 0x09, 0xc0, 0xfc, 0xd3, 0x14, 0x1c, 0x7b, 0xa1, 0x0e, 0xf0,
+    0x9a, 0x63, 0x05, 0x13, 0x98, 0x45, 0x2c, 0xdc, 0x96, 0xfe, 0x87, 0xd1, 0x1a, 0xc8, 0x89, 0xeb,
+    0x61, 0x6f, 0xc8, 0xc0, 0xcf, 0x2c, 0x10, 0xb4, 0x03, 0x68, 0x6d, 0x81, 0x6a, 0x12, 0xa1, 0x99,
+    0x5d, 0x0b, 0x95, 0x67, 0xbe, 0xc5, 0x27, 0xeb, 0x52, 0x20, 0xd6, 0x74, 0xfd, 0xfa, 0x3a, 0xa1,
+    0xa8, 0xee, 0xe1, 0x89, 0xc2, 0x3f, 0xd0, 0xc8, 0x17, 0xcd, 0xf4, 0x42, 0xd7, 0xca, 0x21, 0xfa,
+    0x98, 0x40, 0x7b, 0xdb, 0x17, 0x35, 0x83, 0x84, 0x3c, 0x2c, 0x68, 0x86, 0x04, 0xab, 0x43, 0xa5,
+    0x21, 0x85, 0xd3, 0xb9, 0x81, 0x34, 0xd4, 0xe5, 0x67, 0xd7, 0x7e, 0xf3, 0x2c, 0x2f, 0x98, 0x4d,
+    0x6d, 0xa5, 0x0f, 0x35, 0x6b, 0xcf, 0x74, 0xa7, 0x79, 0xc1, 0x4a, 0xb0, 0x2e, 0x9b, 0x58, 0xfe,
+    0xfa, 0xfc, 0xf2, 0xb7, 0xf1, 0x51, 0x8a, 0x44, 0xc0, 0xff, 0x7c, 0x9a, 0x7f, 0x0a, 0x4d, 0x55,
+    0x1d, 0xe1, 0x8e, 0x1e, 0xf0, 0xdd, 0xe3, 0xba, 0x36, 0x9f, 0xc5, 0x06, 0xbb, 0xc7, 0x03, 0x75,
+    0xe2, 0xab, 0xbf, 0x9e, 0x7a, 0x54, 0x42, 0x62, 0x34, 0x6e, 0x32, 0xf8, 0xf7, 0xdb, 0x7c, 0x9b,
+    0x48, 0x66, 0x20, 0xdf, 0x37, 0x1b, 0x3d, 0xf2, 0x89, 0x71, 0x29, 0xed, 0x3e, 0x72, 0x97, 0x2f,
+    0x93, 0x1f, 0x01, 0xd1, 0x47, 0x7e, 0x63, 0x53, 0x2e, 0x59, 0x2b, 0x84, 0x6d, 0x57, 0x42, 0x37,
+    0xb3, 0x6a, 0xed, 0x0c, 0x60, 0x72, 0x01, 0x9a, 0x1c, 0xe7, 0xc3, 0xbd, 0x4e, 0xa8, 0xbf, 0x5d,
+    0x57, 0xa4, 0xd0, 0x09, 0x48, 0xb6, 0x71, 0x10, 0x15, 0x3c, 0x03, 0xbc, 0x9b, 0xd6, 0x5e, 0x14,
+    0x70, 0x44, 0x81, 0x2b, 0x9b, 0x12, 0x97, 0x1d, 0x4f, 0x5e, 0x8f, 0xb6, 0x95, 0x5c, 0x5b, 0x8b,
+    0x19, 0xa7, 0x72, 0x4d, 0x2d, 0x3d, 0x7e, 0x0a, 0xa1, 0xf8, 0xd8, 0xa8, 0x87, 0x01, 0x54, 0xe9,
+    0x6e, 0x76, 0x4e, 0x99, 0x42, 0x87, 0x6d, 0xd3, 0x86, 0x7a, 0x33, 0x2d, 0x3f, 0x28, 0xf7, 0x97,
+    0xbc, 0x73, 0x6b, 0x55, 0xed, 0xd9, 0x7c, 0xfd, 0x99, 0xf5, 0x9d, 0x11, 0x1b, 0x92, 0xe9, 0x53,
+    0x3d, 0x94, 0x62, 0xc3, 0xd7, 0xd1, 0x81, 0x73, 0x04, 0x21, 0x2d, 0x3f, 0x98, 0x38, 0xfe, 0x1f,
+    0x13, 0x08, 0x37, 0x23, 0xdb, 0x4e, 0x28, 0xf1, 0xe6, 0xe4, 0x0d, 0x60, 0xe1, 0x2d, 0x30, 0x5c,
+    0x86, 0x72, 0xb4, 0x69, 0xce, 0xa0, 0x79, 0x4a, 0xf5, 0x08, 0xd4, 0x1d, 0xae, 0xdf, 0xef, 0xb9,
+    0xdb, 0x79, 0x21, 0x0e, 0x70, 0x65, 0x5e, 0xa1, 0xa7, 0x28, 0x02, 0x69, 0x53, 0x25, 0xd5, 0x18,
+    0x4a, 0x45, 0x5e, 0x17, 0xb8, 0x6b, 0x92, 0xaa, 0x23, 0xa3, 0xc6, 0xba, 0x20, 0x11, 0x5d, 0x61,
+    0x03, 0xd3, 0x41, 0xac, 0x29, 0x48, 0x19, 0x74, 0xff, 0xbb, 0x79, 0x9d, 0x11, 0xb3, 0xaf, 0x69,
+    0x32, 0x8d, 0xe4, 0x9a, 0x5a, 0x7a, 0xfc, 0x14, 0x81, 0x33, 0x73, 0x93, 0xcd, 0x02, 0xa8, 0x11,
+    0xbb, 0xe6, 0xd6, 0xaa, 0x19, 0x71, 0xf8, 0x39, 0xf1, 0x29, 0xf9, 0x22, 0x36, 0xe7, 0x11, 0xa6,
+    0x47, 0x7f, 0xa6, 0x86, 0xba, 0xb0, 0x40, 0x95, 0x0c, 0x63, 0x77, 0x41, 0x6b, 0x48, 0xc1, 0x21,
+    0x59, 0x4d, 0x69, 0x34, 0x63, 0x25, 0xba, 0x5b, 0xc5, 0x47, 0xcb, 0xda, 0xc1, 0x3c, 0x6d, 0x3d,
+    0x7e, 0xad, 0x38, 0x16, 0xb0, 0x81, 0x5c, 0x56, 0x9f, 0x25, 0x47, 0xd0, 0xcf, 0xb6, 0x68, 0xa2,
+    0xe4, 0xce, 0x3d, 0x05, 0x28, 0xc4, 0x70, 0x8a, 0x09, 0xdb, 0xc0, 0x01, 0xd5, 0x7e, 0xe1, 0x49,
+    0xc1, 0x0d, 0x12, 0xef, 0x74, 0x10, 0x39, 0xdf, 0xf9, 0x6b, 0xa3, 0x5c, 0xc5, 0x97, 0x2e, 0x98,
+    0x45, 0x5c, 0xd8, 0x4e, 0x35, 0xc0, 0xef, 0xcd, 0xa6, 0xb1, 0x98, 0x16, 0x75, 0x2b, 0x0b, 0x6f,
+    0x40, 0xea, 0x1b, 0x79, 0x4e, 0x18, 0xc4, 0x51, 0x64, 0xbf, 0x13, 0x72, 0x46, 0x3d, 0x39, 0xd4,
+    0x9c, 0x06, 0x87, 0x88, 0xca, 0xd5, 0x1e, 0x34, 0xab, 0x4b, 0x75, 0x28, 0x38, 0x6d, 0x14, 0x39,
+    0x2d, 0x4f, 0x14, 0x4c, 0x25, 0xd7, 0xb0, 0xf6, 0x1d, 0x7e, 0x59, 0xc2, 0x68, 0xa6, 0x61, 0x2a,
+    0xda, 0x89, 0x1e, 0x6a, 0xd6, 0x5d, 0xe8, 0x8d, 0xf2, 0x41, 0x94, 0xa3, 0x5c, 0xf5, 0xb0, 0x3f,
+    0x28, 0xf9, 0xd7, 0x7b, 0x5e, 0x0f, 0x9b, 0x6a, 0xdf, 0x70, 0xd2, 0xa6, 0x5b, 0xb0, 0x53, 0x91,
+    0xc0, 0xfd, 0x2d, 0x8b, 0xd2, 0x28, 0x8f, 0xf3, 0xac, 0x02, 0x35, 0x96, 0xca, 0x47, 0x4b, 0xbf,
+    0x76, 0x21, 0x03, 0xb0, 0xc9, 0x82, 0xa5, 0xf5, 0x72, 0xeb, 0x7d, 0x4f, 0xb7, 0xf9, 0xc6, 0x59,
+    0xdf, 0x3f, 0xdd, 0x5d, 0xad, 0x85, 0xc3, 0x11, 0x30, 0x4f, 0x1f, 0xc7, 0x6f, 0xe3, 0x82, 0x84,
+    0x8d, 0x2d, 0xce, 0x63, 0x9e, 0xeb, 0x99, 0x9d, 0xe7, 0x7d, 0x97, 0x1f, 0xc7, 0x23, 0xee, 0x2b,
+    0x8b, 0x48, 0x4c, 0xf8, 0xcc, 0x7b, 0xab, 0x75, 0xda, 0xc8, 0x65, 0xe6, 0xe5, 0x86, 0x73, 0xf9,
+    0x15, 0x6d, 0xb5, 0xb8, 0x89, 0xde, 0x1a, 0x19, 0xdb, 0x51, 0xff, 0x99, 0xc3, 0x88, 0xad, 0x8e,
+    0x5b, 0x6e, 0x17, 0xfc, 0xec, 0x55, 0x15, 0x03, 0x6f, 0x95, 0x24, 0x8d, 0xdf, 0x5f, 0xa7, 0x73,
+    0x66, 0xfa, 0x75, 0x3f, 0x3b, 0x84, 0x94, 0x70, 0x6b, 0xb4, 0x09, 0xb2, 0x47, 0x67, 0x59, 0x6c,
+    0xb5, 0x0f, 0x6f, 0x97, 0x32, 0xe2, 0x33, 0x72, 0x21, 0x52, 0x31, 0x44, 0x6c, 0x0d, 0x22, 0x8f,
+    0xe0, 0x88, 0xc1, 0x56, 0xf5, 0x24, 0xed, 0x3a, 0x9e, 0xbc, 0xdd, 0xaf, 0xe9, 0xb8, 0xb6, 0xd5,
+    0x6c, 0x55, 0x30, 0x51, 0xcd, 0xf7, 0xc2, 0x8b, 0x2c, 0xa8, 0xdc, 0x7a, 0x21, 0x4b, 0x3d, 0xd9,
+    0xa2, 0x41, 0xa4, 0xe7, 0x34, 0x4c, 0x86, 0x33, 0x50, 0xd1, 0x21, 0x8a, 0xb1, 0xe6, 0x45, 0x4f,
+    0xd4, 0x60, 0xa7, 0x57, 0xfd, 0xce, 0x23, 0xc6, 0x22, 0x3a, 0x5c, 0xc5, 0x06, 0x1f, 0x83, 0x16,
+    0x5a, 0x9e, 0x28, 0x98, 0x4a, 0x6d, 0xa3, 0x2f, 0x3a, 0xfc, 0xb2, 0x47, 0xd0, 0x8f, 0xc2, 0x54,
+    0xbf, 0xa0, 0x2a, 0xf9, 0xc4, 0x91, 0x65, 0x89, 0x66, 0x4e, 0xe4, 0x8c, 0x0a, 0x21, 0x46, 0x3a,
+    0x78, 0xc8, 0xba, 0x8d, 0xe2, 0x11, 0x6e, 0xbe, 0xa2, 0x90, 0xb5, 0x29, 0xed, 0x13, 0xf5, 0x70,
+    0x1e, 0x32, 0xcf, 0xb2, 0xd9, 0x95, 0xfa, 0xce, 0xc9, 0x24, 0xbc, 0x9b, 0xaa, 0x74, 0xac, 0x1c,
+    0x07, 0x95, 0xbd, 0xff, 0xf4, 0xa8, 0x84, 0xc4, 0x68, 0xdc, 0x64, 0x33, 0x2d, 0x75, 0xf8, 0xf5,
+    0x82, 0x34, 0x48, 0x3a, 0x13, 0x40, 0xe4, 0xfa, 0x62, 0x6f, 0xc9, 0xb3, 0x92, 0x19, 0xb8, 0x25,
+    0x68, 0x13, 0xcc, 0x02, 0x10, 0x17, 0x5f, 0x3b, 0xbb, 0xcf, 0xc1, 0xd4, 0x1d, 0x8d, 0x6a, 0x45,
+    0x12, 0xf8, 0x08, 0x47, 0x7d, 0x76, 0x9e, 0xdd, 0xb3, 0x8d, 0x9b, 0xaa, 0xee, 0xfd, 0x55, 0x7b,
+    0x58, 0xbd, 0x56, 0x50, 0xc5, 0x1d, 0x0c, 0x77, 0x90, 0x2e, 0x5d, 0x10, 0xce, 0xec, 0x08, 0x1a,
+    0x8f, 0x0e, 0xb0, 0xab, 0x11, 0x9b, 0x36, 0xc5, 0x4d, 0xaf, 0x78, 0x48, 0xd9, 0x40, 0x24, 0x65,
+    0xe1, 0x78, 0xfe, 0x32, 0x53, 0x1c, 0x5b, 0x16, 0xcb, 0xd5, 0x4b, 0x65, 0xe6, 0x68, 0xd3, 0xf2,
+    0x36, 0xcb, 0x18, 0xc9, 0x87, 0x9a, 0x61, 0xa4, 0x16, 0x54, 0x6e, 0x3d, 0xf1, 0xc4, 0xff, 0x8d,
+    0x74, 0x02, 0x7d, 0x78, 0x46, 0xf2, 0x0a, 0xad, 0xd8, 0x39, 0x92, 0x18, 0xa9, 0x9a, 0x0c, 0x17,
+    0xff, 0x4a, 0x31, 0x80, 0x8a, 0x89, 0xa1, 0xd8, 0x02, 0xf1, 0xf7, 0xfe, 0x4c, 0x1c, 0x7f, 0xee,
+    0x3a, 0x01, 0xdf, 0x3c, 0x23, 0x79, 0x05, 0xb7, 0x6c, 0xfd, 0x49, 0x0c, 0xb5, 0x4d, 0x06, 0xea,
+    0x79, 0x38, 0x85, 0xe9, 0x44, 0x29, 0xd8, 0x92, 0xf7, 0xf9, 0x23, 0xe3, 0xe2, 0xc3, 0x90, 0x57,
+    0xdd, 0x1c, 0xa3, 0x95, 0x22, 0xf5, 0x6c, 0x49, 0x9a, 0x9d, 0xf0, 0x90, 0x71, 0x80, 0x48, 0xca,
+    0x54, 0x77, 0x91, 0xa5, 0x61, 0xfe, 0x68, 0x64, 0xea, 0x87, 0x7a, 0x21, 0x8a, 0x65, 0xf1, 0x7d,
+    0x22, 0x56, 0x92, 0x15, 0xa8, 0x7c, 0xcd, 0x91, 0x98, 0x6c, 0x07, 0x6e, 0x3d, 0x9c, 0x37, 0x24,
+    0x05, 0xb6, 0xc3, 0x37, 0x7b, 0xd8, 0x2b, 0x9c, 0xc2, 0x0e, 0x8b, 0x64, 0x33, 0x16, 0x32, 0xbb,
+    0x88, 0x9b, 0x0d, 0x54, 0xe5, 0x33, 0xb2, 0x01, 0x25, 0x73, 0x1c, 0x7b, 0xf4, 0x35, 0xdc, 0x90,
+    0x06, 0x65, 0x82, 0x9b, 0x52, 0x90, 0x32, 0xe8, 0x3d, 0xb5, 0xf2, 0xf9, 0x22, 0xa5, 0x9d, 0xd2,
+    0x53, 0xe2, 0x2c, 0x5a, 0x95, 0x56, 0xec, 0xa0, 0x82, 0x5b, 0x1e, 0x12, 0xa7, 0x10, 0x09, 0x88,
+    0x95, 0x7a, 0x83, 0x4a, 0x15, 0xee, 0x51, 0xbb, 0x13, 0xec, 0xd9, 0x7d, 0x4f, 0xf2, 0xdf, 0xe5,
+    0xe9, 0xf4, 0xc5, 0x94, 0x2a, 0x1f, 0xa2, 0xb5, 0x26, 0x1b, 0x71, 0xfa, 0x9e, 0x27, 0x7d, 0x09,
+    0xec, 0x42, 0x06, 0xa3, 0x51, 0xc7, 0x89, 0x29, 0xe4, 0x15, 0xfa, 0x9e, 0xad, 0x31, 0x4f, 0xb2,
+    0x97, 0x59, 0xfd, 0x82, 0x9a, 0x9e, 0xfe, 0xe3, 0xb9, 0x3e, 0x36, 0x2a, 0x51, 0x91, 0x15, 0xab,
+    0xd1, 0xd6, 0x64, 0x60, 0x86, 0x16, 0x08, 0x5a, 0xe0, 0x34, 0xd7, 0xa1, 0x35, 0x09, 0xb1, 0xad,
+    0x69, 0xe3, 0xf3, 0x66, 0xb6, 0x2f, 0xe9, 0x17, 0xee, 0xa6, 0x57, 0x1e, 0x12, 0x5d, 0x0f, 0x62,
+    0x6a, 0x30, 0xb2, 0xca, 0x9f, 0x67, 0xf0, 0x63, 0x11, 0x1d, 0x2e, 0x83, 0x03, 0xee, 0xa0, 0x0b,
+    0x43, 0x39, 0x5a, 0xd5, 0x67, 0x50, 0xdd, 0x25, 0x9b, 0x04, 0x6a, 0xef, 0x57, 0x8e, 0x96, 0xbd,
+    0x41, 0x1a, 0x24, 0x1d, 0xe8, 0x20, 0x72, 0x7d, 0x31, 0xd6, 0x85, 0xb8, 0x49, 0xed, 0x5c, 0xf3,
+    0xae, 0x8b, 0x63, 0x12, 0x90, 0xaf, 0xe2, 0x20, 0x2a, 0x78, 0x06, 0xbb, 0xf5, 0x6f, 0xbc, 0x28,
+    0x0c, 0xca, 0xc7, 0xf5, 0xa4, 0xe3, 0x64, 0x13, 0x7a, 0xa9, 0x27, 0x31, 0x44, 0x89, 0xf9, 0x67,
+    0x7c, 0x8e, 0x46, 0xde, 0x3f, 0xf1, 0xf3, 0x0e, 0x35, 0xf7, 0xa8, 0x87, 0xd1, 0xd5, 0xa2, 0xec,
+    0x5e, 0xd8, 0xd4, 0xcb, 0x97, 0x8d, 0x3e, 0x9f, 0xad, 0x9b, 0xaf, 0xe9, 0xec, 0x49, 0x95, 0xc8,
+    0x44, 0xac, 0xe7, 0x2a, 0x93, 0xf8, 0x59, 0xe1, 0xf3, 0xd8, 0x0e, 0xdc, 0x7a, 0xfb, 0x6e, 0x48,
+    0x25, 0xc3, 0x2f, 0xea, 0x5c, 0xd4, 0x49, 0x55, 0xf0, 0xb0, 0x63, 0x5d, 0x10, 0xe9, 0xcf, 0xd1,
+    0x09, 0x7c, 0x04, 0xc2, 0xdf, 0x3b, 0x4f, 0x8f, 0xb8, 0xa7, 0xac, 0x55, 0x77, 0x9f, 0xcb, 0xdc,
+    0xbd, 0x83, 0x54, 0x31, 0x4b, 0xe1, 0xca, 0xd1, 0xcc, 0x9c, 0x0b, 0xdb, 0x14, 0x42, 0x8c, 0x74,
+    0x9f, 0xd5, 0xc6, 0x24, 0xe3, 0x9d, 0x07, 0x40, 0x54, 0xf0, 0x0c, 0xb5, 0x29, 0xde, 0xbb, 0x50,
+    0x2e, 0x9c, 0x55, 0xe0, 0x0c, 0x9f, 0xa9, 0x82, 0xe2, 0xc5, 0x20, 0x5f, 0x79, 0x15, 0xce, 0x43,
+    0x1b, 0x84, 0x0c, 0x85, 0xa2, 0x4d, 0xd1, 0x52, 0x0b, 0x2a, 0x37, 0xff, 0x99, 0x62, 0x9e, 0xa7,
+    0xd7, 0xb3, 0xe6, 0xfb, 0xd4, 0x86, 0x3a, 0xb2, 0xdd, 0x81, 0x25, 0x58, 0x17, 0xac, 0x2c, 0x7f,
+    0x8a, 0xb8, 0x73, 0x9c, 0x6a, 0x43, 0x1d, 0x59, 0x8f, 0xa1, 0xf3, 0x2c, 0xea, 0x56, 0x16, 0xde,
+    0x0d, 0x3a, 0xf8, 0x91, 0x02, 0xdb, 0xd2, 0x3f, 0x2f, 0xc0, 0xb1, 0xfb, 0x4b, 0x59, 0x9c, 0x40,
+    0x50, 0x31, 0x6d, 0xf6, 0xbc, 0x1e, 0xf5, 0xd4, 0x7d, 0xe0, 0x67, 0x8f, 0xb6, 0xa3, 0xa6, 0xe1,
+    0x24, 0x33, 0x10, 0x8e, 0xfa, 0xec, 0xff, 0x79, 0xa5, 0xd9, 0xf5, 0x97, 0x1f, 0x39, 0xaa, 0xf6,
+    0xf2, 0x70, 0xc9, 0x11, 0x88, 0x52, 0x73, 0xe7, 0x2d, 0x31, 0x46, 0x05, 0x07, 0x45, 0xe3, 0xae,
+    0x38, 0x22, 0xa1, 0xf4, 0xac, 0x09, 0xaa, 0xef, 0xc6, 0x2f, 0xa6, 0x5b, 0xab, 0x2e, 0xcc, 0xa4,
+    0x7b, 0x1b, 0xfb, 0x21, 0xcb, 0x59, 0x77, 0xca, 0x5d, 0x2b, 0xcc, 0xb4, 0xfc, 0xa0, 0x5a, 0x19,
+    0xa1, 0x92, 0xe5, 0x4b, 0x1d, 0x04, 0x9f, 0x47, 0xaf, 0x6a, 0x58, 0x17, 0xa0, 0x55, 0xea, 0x26,
+    0xbe, 0x50, 0x15, 0x9d, 0x62, 0xa9, 0xd3, 0xa5, 0x33, 0x27, 0x72, 0x46, 0x05, 0xf1, 0x23, 0x1d,
+    0xa7, 0xf7, 0x67, 0xd0, 0x4f, 0x94, 0xad, 0xaf, 0x92, 0xdf, 0xaa, 0xee, 0x82, 0xf0, 0x77, 0xf4,
+    0x99, 0xb0, 0x44, 0xbf, 0xb1, 0x0d, 0x35, 0xa8, 0x69, 0x45, 0xfe, 0x4c, 0x0b, 0x7b, 0x26, 0x82,
+    0xf1, 0xa3, 0x88, 0xbd, 0xa1, 0x1a, 0x6a, 0x93, 0xd2, 0x8a, 0x3f, 0x98, 0x16, 0xf6, 0x4c, 0xc7,
+    0xeb, 0xd7, 0xbb, 0x5c, 0xa5, 0x6f, 0x0d, 0xed, 0x8c, 0xc9, 0x9e, 0xad, 0x80, 0x44, 0xb7, 0x47,
+    0x39, 0xd2, 0x9e, 0x90, 0x0a, 0x31, 0x1c, 0xc3, 0x93, 0x46, 0x30, 0x91, 0xa4, 0xfe, 0xa9, 0x83,
+    0xb7, 0x2c, 0x11, 0x5f, 0xbd, 0x92, 0x9c, 0x2a, 0x8b, 0x80, 0xde, 0x13, 0x72, 0x6e, 0xe8, 0xc1,
+    0x1c, 0x11, 0xb1, 0x7a, 0x56, 0xe5, 0x55, 0x96, 0x63, 0xf6, 0x53, 0xcc, 0xb4, 0x17, 0x66, 0x52,
+    0x01, 0xf0, 0x3f, 0x64, 0xa6, 0x38, 0xb6, 0x2c, 0x55, 0x69, 0x96, 0xca, 0x0f, 0xd0, 0x65, 0x27,
+    0xef, 0x91, 0x47, 0x0f, 0x78, 0x8f, 0x90, 0x5d, 0x1b, 0xae, 0x83, 0x03, 0xbc, 0x82, 0xe0, 0xdb,
+    0x1f, 0xc2, 0xf0, 0xd6, 0x7f, 0xad, 0x4c, 0xe2, 0x9c, 0x4d, 0x2a, 0x51, 0xa5, 0xa4, 0xc9, 0x3b,
+    0x92, 0xef, 0x3e, 0xb5, 0xe1, 0x46, 0xd5, 0x7f, 0x7b, 0x30, 0xbd, 0x4e, 0x62, 0x87, 0x27, 0x10,
+    0x1a, 0x74, 0x33, 0xe1, 0x04, 0x75, 0x67, 0x7e, 0x5e, 0x43, 0xa1, 0x35, 0x96, 0xb2, 0xfb, 0x80,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x85, 0xa1, 0xf5, 0xc5, 0xe7, 0xe8, 0x60, 0x3e, 0x0a, 0xb3, 0xad, 0x80, 0xbf, 0x6c, 0x40, 0xd0,
+    0x5c, 0xfb, 0xaa, 0x03, 0x18, 0xfd, 0x91, 0xc7, 0x07, 0x49, 0x40, 0xbe, 0xf2, 0x2a, 0x5f, 0x86,
+    0xed, 0xb2, 0x39, 0xc7, 0xf7, 0xff, 0x3f, 0x05, 0xb1, 0x7c, 0x6c, 0x54, 0xa2, 0xe1, 0x2a, 0x95,
+    0x56, 0x54, 0xef, 0x6d, 0xee, 0x8e, 0xc7, 0x3c, 0x40, 0x55, 0x95, 0x76, 0x94, 0x06, 0x3b, 0x33,
+    0xc3, 0x2e, 0x6c, 0x27, 0xfb, 0x60, 0x96, 0x87, 0x53, 0xb9, 0x4c, 0x0b, 0xdb, 0xf4, 0xe4, 0xd6,
+    0x0f, 0x19, 0x86, 0x59, 0x8d, 0xab, 0x7d, 0x67, 0x85, 0x12, 0x5e, 0xac, 0x55, 0x3a, 0x56, 0x0e,
+    0xe8, 0x04, 0xfa, 0xf0, 0x8c, 0x27, 0x14, 0x99, 0x73, 0x72, 0xe7, 0x30, 0x91, 0xf7, 0x18, 0x2e,
+    0xc2, 0xde, 0x53, 0x43, 0x5d, 0x58, 0x20, 0xab, 0x06, 0xd0, 0xda, 0xc1, 0xd4, 0x24, 0x81, 0xf1,
+    0xd9, 0x5a, 0x5f, 0xc6, 0xff, 0x15, 0xf1, 0xf9, 0x0d, 0xfa, 0xed, 0x3e, 0x4d, 0x46, 0x1f, 0x56,
+    0xe6, 0xed, 0x43, 0xcd, 0xa7, 0xb4, 0xdf, 0xd2, 0xa3, 0x09, 0x2f, 0x56, 0xcb, 0x1d, 0x2b, 0x07,
+    0xb6, 0xdc, 0x2e, 0x3b, 0x1b, 0xaa, 0x2a, 0x06, 0xde, 0xe9, 0x48, 0xd9, 0x7d, 0xbe, 0x8d, 0xe6,
+    0x11, 0x2b, 0x49, 0xeb, 0x54, 0x3e, 0x87, 0xa9, 0x4c, 0x36, 0xe2, 0x37, 0xff, 0x4e, 0xfa, 0x12,
+    0xc6, 0x98, 0xaf, 0x10, 0x80, 0xb8, 0xbd, 0x1b, 0x91, 0xb7, 0xc7, 0x6f, 0xe8, 0xe2, 0xd6, 0x6d,
+    0x55, 0x87, 0xae, 0xc1, 0xc7, 0xc6, 0xde, 0x48, 0xbf, 0xee, 0xec, 0xeb, 0x85, 0xb5, 0x94, 0x5a,
+    0x94, 0x8a, 0xbc, 0x2e, 0xb3, 0xd6, 0xe7, 0x97, 0x46, 0x85, 0x4f, 0xb7, 0x40, 0x22, 0xba, 0xc2,
+    0xb1, 0x49, 0x93, 0xc4, 0xef, 0x02, 0xae, 0xc2, 0xb6, 0x35, 0x2c, 0xea, 0x50, 0xcb, 0x75, 0x13,
+    0x4b, 0xb5, 0x61, 0x73, 0x1e, 0x53, 0x24, 0x86, 0x76, 0xca, 0x50, 0x70, 0x2f, 0xc1, 0x38, 0x46,
+    0xb9, 0xc5, 0xa8, 0x62, 0x96, 0x01, 0x57, 0x61, 0x5b, 0xfb, 0x16, 0x75, 0x28, 0x84, 0xdb, 0xe8,
+    0x4f, 0xf3, 0x9d, 0x20, 0xc3, 0xb3, 0xb9, 0x36, 0xe1, 0xad, 0x4d, 0xde, 0x13, 0x07, 0x6f, 0xda,
+    0xf6, 0x36, 0x35, 0x42, 0x55, 0xb2, 0xee, 0x57, 0xba, 0x56, 0x5b, 0xab, 0x3b, 0x83, 0xb4, 0x32,
+    0x9b, 0x93, 0x3a, 0x77, 0x3e, 0x7d, 0x9a, 0xf0, 0xc3, 0x97, 0x11, 0x1b, 0x15, 0x18, 0xec, 0xcc,
+    0xd2, 0x05, 0x25, 0xcc, 0xaf, 0x5e, 0x11, 0x2e, 0x1f, 0x8f, 0xae, 0x3c, 0x24, 0xba, 0x1e, 0xc4,
+    0x7f, 0x5d, 0x07, 0x72, 0x16, 0xb9, 0xea, 0x7a, 0xca, 0x4c, 0xd1, 0x1a, 0xc0, 0x66, 0x0d, 0x85,
+    0xde, 0xcf, 0xe2, 0x39, 0x0b, 0xbd, 0x75, 0x3d, 0x65, 0x26, 0x89, 0x0d, 0x60, 0x33, 0xe7, 0xa3,
+    0x75, 0xf2, 0x42, 0x1c, 0xe0, 0xca, 0xbc, 0x81, 0x8d, 0x50, 0x04, 0xd2, 0xa6, 0x4a, 0x69, 0x30,
+    0x14, 0x9d, 0x8a, 0xdc, 0x2f, 0xe6, 0xac, 0x35, 0x8e, 0x38, 0x69, 0x53, 0xcc, 0x58, 0xc8, 0xa9,
+    0x20, 0x75, 0xec, 0xdd, 0x27, 0x0c, 0x62, 0xc9, 0x32, 0xbe, 0xe8, 0x39, 0x23, 0xff, 0xfd, 0x6a,
+    0xdc, 0xec, 0x9c, 0xf1, 0x84, 0xcd, 0xda, 0x65, 0xcf, 0xf4, 0x66, 0x5a, 0x7e, 0x50, 0x2d, 0xed,
+    0xac, 0xa8, 0x1d, 0xda, 0x1f, 0xdf, 0x4d, 0x78, 0x80, 0xaa, 0xe9, 0xec, 0xeb, 0x0c, 0x76, 0x66,
+    0xab, 0x3d, 0xa0, 0x25, 0xeb, 0x77, 0xc9, 0xbc, 0xe8, 0x76, 0x8d, 0xdf, 0xc6, 0x79, 0x8e, 0x93,
+    0xf8, 0xdf, 0x8c, 0x7f, 0x7e, 0x21, 0x25, 0x1c, 0x6a, 0x2d, 0x93, 0xcd, 0x61, 0x69, 0x87, 0x1b,
+    0xfb, 0x0c, 0xcd, 0xd3, 0x57, 0x69, 0x3c, 0x68, 0x95, 0x96, 0xea, 0x50, 0x70, 0xda, 0x28, 0x72,
+    0xcd, 0xc7, 0xd5, 0x1a, 0xd0, 0xf3, 0x5d, 0xcc, 0x83, 0xc2, 0x84, 0x6d, 0x81, 0x1e, 0xd7, 0xff,
+    0xf0, 0x53, 0xb7, 0xd9, 0x07, 0x22, 0xdc, 0xbf, 0x87, 0xe3, 0xa9, 0x52, 0x19, 0x26, 0x29, 0xe0,
+    0xee, 0x61, 0x78, 0x6b, 0xde, 0xb7, 0x26, 0x71, 0x4e, 0xc7, 0x15, 0xc9, 0xb3, 0x52, 0x85, 0xfc,
+    0xce, 0x14, 0x94, 0xb6, 0xf9, 0xbb, 0x44, 0xb8, 0x7c, 0x79, 0xfd, 0xf0, 0x90, 0xad, 0x78, 0x96,
+    0xe5, 0x3e, 0x02, 0x61, 0x8e, 0xfc, 0xc6, 0xa6, 0x5c, 0xb2, 0x56, 0xcb, 0xda, 0xae, 0x84, 0x6e,
+    0x7d, 0x7e, 0x79, 0xba, 0x99, 0xc9, 0x45, 0x22, 0x60, 0x9e, 0x3e, 0x4d, 0xde, 0x05, 0xc7, 0xcb,
+    0xb8, 0x35, 0x97, 0x06, 0x30, 0x39, 0xe1, 0x4d, 0x0e, 0x92, 0x80, 0xbf, 0x27, 0x54, 0xbe, 0xcf,
+    0x04, 0x46, 0xfc, 0x53, 0xdd, 0xe0, 0x9d, 0xb0, 0x97, 0x67, 0x1d, 0xae, 0x3c, 0xc6, 0x57, 0x9c,
+    0xaa, 0xcd, 0x9f, 0x41, 0x4d, 0x4f, 0x7f, 0x90, 0xbd, 0x1f, 0x1b, 0x15, 0xc9, 0xa9, 0xeb, 0xb4,
+    0xf5, 0xe5, 0x74, 0xee, 0x7c, 0xfa, 0xf7, 0x23, 0x45, 0xed, 0x22, 0x36, 0x2a, 0x30, 0x1b, 0x5b,
+    0xc7, 0x68, 0x90, 0x74, 0x26, 0x80, 0x0b, 0x37, 0xc4, 0xde, 0x51, 0xa5, 0xe7, 0x32, 0xb3, 0x4a,
+    0xa0, 0x62, 0xda, 0x2f, 0xbb, 0x3c, 0x29, 0x6b, 0xfa, 0x03, 0xce, 0xdd, 0xaf, 0x85, 0x8f, 0x01,
+    0x42, 0xc9, 0x65, 0xb1, 0xc1, 0x68, 0x6b, 0x09, 0xce, 0x6d, 0xfc, 0x25, 0x58, 0x5e, 0xf3, 0x9a,
+    0xcb, 0xa2, 0x57, 0x81, 0x82, 0x63, 0x6f, 0x24, 0xbe, 0x77, 0x76, 0x94, 0xa3, 0xbb, 0x4a, 0x2d,
+    0x71, 0xb4, 0xbe, 0x4f, 0x3d, 0x2a, 0x21, 0x31, 0x1a, 0x37, 0x19, 0x7c, 0x9a, 0x8c, 0x3e, 0xac,
+    0xe3, 0x5b, 0x80, 0xfa, 0xdc, 0x6c, 0xf4, 0x4e, 0x61, 0x07, 0xa4, 0x32, 0xf8, 0x0b, 0x19, 0xbc,
+    0xfd, 0x69, 0x4f, 0x48, 0x05, 0xf9, 0x0e, 0x80, 0xa8, 0x23, 0x18, 0xa9, 0x52, 0x7f, 0xb5, 0xa0,
+    0x90, 0xcc, 0x40, 0x7d, 0x6e, 0x36, 0x7a, 0x27, 0xd1, 0xe2, 0x52, 0x19, 0x7c, 0xe4, 0xed, 0x5e,
+    0x02, 0x23, 0x7e, 0xc8, 0x8f, 0x70, 0xaf, 0x58, 0xaa, 0xd2, 0xef, 0x57, 0x1e, 0x63, 0xca, 0x4e,
+    0x26, 0x10, 0x6e, 0x46, 0x75, 0x9c, 0x50, 0x21, 0x0f, 0x0b, 0x1a, 0xc0, 0x01, 0x5a, 0x60, 0xb8,
+    0x96, 0xa9, 0xc2, 0xe6, 0x3c, 0xa6, 0x48, 0xcf, 0xec, 0x57, 0xa0, 0xe0, 0x5e, 0x41, 0x70, 0x8c,
+    0xcf, 0xe4, 0xab, 0xd2, 0x5f, 0x83, 0xf2, 0x94, 0x29, 0x10, 0x6b, 0x3a, 0x9f, 0x7d, 0x1d, 0xb1,
+    0x89, 0x6b, 0x32, 0x30, 0x43, 0x0b, 0x04, 0x2d, 0x70, 0x1a, 0x8a, 0xb1, 0xfb, 0xe5, 0xb9, 0xb7,
+    0x49, 0x96, 0x1f, 0xbb, 0x91, 0x23, 0x8b, 0xde, 0xdc, 0x18, 0xbf, 0x27, 0x31, 0xa2, 0xf2, 0x08,
+    0x2f, 0x6c, 0x6a, 0x84, 0xaa, 0xa7, 0x1f, 0xae, 0xb7, 0xac, 0xb6, 0x95, 0x76, 0xc5, 0xab, 0x64,
+    0x52, 0x12, 0x13, 0x3e, 0x33, 0x6e, 0x5a, 0x8c, 0xd7, 0x32, 0x88, 0xd8, 0xa8, 0xc0, 0x6c, 0xaf,
+    0xb4, 0xff, 0x50, 0xf3, 0x94, 0xda, 0x85, 0x5e, 0x74, 0x3b, 0xa7, 0x8e, 0x63, 0xdd, 0x47, 0xa8,
+    0x08, 0x8c, 0x3b, 0xa6, 0x79, 0x03, 0xf9, 0xa3, 0xed, 0xce, 0x3a, 0x9f, 0x78, 0x4f, 0xae, 0xfb,
+    0x3f, 0xb7, 0x1c, 0x0b, 0x58, 0xa1, 0x2e, 0x2b, 0xae, 0xf3, 0xc2, 0x68, 0x86, 0x5b, 0x34, 0x51,
+    0xd6, 0x43, 0xd9, 0x9f, 0x72, 0xbe, 0x8c, 0x9e, 0x88, 0xe8, 0xb3, 0x92, 0x18, 0x7c, 0x49, 0x58,
+    0x23, 0xa6, 0xad, 0x71, 0x0e, 0x44, 0x7b, 0xbd, 0xcd, 0x05, 0x91, 0xa4, 0x32, 0x4c, 0x52, 0x03,
+    0x4e, 0x03, 0xa2, 0x44, 0x65, 0x8b, 0x0f, 0x1a, 0xb4, 0xc4, 0xdb, 0x14, 0x1c, 0xd7, 0x0a, 0xfd,
+    0x60, 0x9f, 0xf7, 0xa4, 0x69, 0x14, 0xa6, 0x98, 0x56, 0x01, 0xfb, 0x4b, 0x65, 0xc2, 0xc4, 0xbe,
+    0x0b, 0x5f, 0x7a, 0x0a, 0x50, 0x4b, 0xe0, 0xd7, 0x12, 0x75, 0x43, 0x02, 0x69, 0xfc, 0x01, 0x92,
+    0xc4, 0xbb, 0xd1, 0xd8, 0x0f, 0xc8, 0x12, 0x43, 0x3b, 0x65, 0x28, 0x38, 0xf6, 0x81, 0x1c, 0x23,
+    0x35, 0x18, 0x59, 0x65, 0xae, 0xd2, 0x78, 0xd0, 0xe9, 0xef, 0x17, 0xa0, 0xe0, 0x77, 0x50, 0xe4,
+    0x0e, 0xe9, 0xb9, 0x3d, 0x2b, 0x93, 0xcb, 0x4b, 0xd0, 0x7b, 0xc8, 0x66, 0x5a, 0xea, 0x33, 0x29,
+    0x64, 0xd9, 0x0b, 0xf7, 0xb4, 0xf4, 0x3b, 0x28, 0xc1, 0x66, 0xe6, 0xe5, 0x59, 0x04, 0x93, 0x22,
+    0x3b, 0xf1, 0xe0, 0x58, 0x85, 0x41, 0xb3, 0x9b, 0x39, 0x94, 0xdf, 0xc6, 0xba, 0x9d, 0x63, 0xcd,
+    0x30, 0xae, 0x9a, 0x52, 0xd5, 0x0a, 0x53, 0x4c, 0x2b, 0xe1, 0x9c, 0xc4, 0xd3, 0x61, 0x62, 0x5f,
+    0xc5, 0x4b, 0xee, 0xbc, 0xa9, 0xf0, 0xa4, 0x6f, 0x6e, 0x0c, 0xbe, 0xf2, 0xf9, 0x51, 0x79, 0x04,
+    0x6b, 0xc0, 0x8d, 0xae, 0x39, 0x5f, 0x46, 0x4f, 0x44, 0x74, 0xb8, 0x49, 0x0c, 0x3e, 0xc5, 0x2c,
+    0x91, 0x3c, 0x7f, 0x19, 0xc8, 0x0e, 0xcc, 0x0b, 0x84, 0x8b, 0xc4, 0xd3, 0x73, 0x34, 0x88, 0x79,
+    0x4c, 0x20, 0xdc, 0x8c, 0xea, 0xfb, 0xa0, 0x42, 0x1e, 0x16, 0x34, 0x43, 0x02, 0xb4, 0xc0, 0xb3,
+    0xb2, 0x9a, 0xd2, 0x68, 0xc6, 0x4a, 0xb7, 0xb6, 0x49, 0x8e, 0x55, 0x77, 0x41, 0x78, 0xda, 0x7a,
+    0xfe, 0xba, 0x0e, 0xe4, 0x2c, 0xb1, 0x17, 0xf4, 0x57, 0x98, 0x61, 0x34, 0x43, 0xcc, 0x1a, 0xc9,
+    0xe7, 0x1d, 0x7c, 0xa9, 0x01, 0x8c, 0x69, 0xfe, 0xf6, 0x60, 0xb9, 0x9c, 0xc4, 0xcd, 0x4e, 0x20,
+    0x27, 0xe0, 0x51, 0x22, 0xd3, 0xa4, 0xe6, 0x0d, 0x5a, 0x62, 0x8c, 0x0a, 0x0e, 0x8a, 0x05, 0x9f,
+    0x8c, 0xdd, 0xf1, 0x07, 0x38, 0xd3, 0x2f, 0xb1, 0xb2, 0x14, 0x01, 0xd5, 0xc8, 0xf3, 0x8b, 0x0c,
+    0x3e, 0x47, 0x23, 0x6f, 0xfe, 0x99, 0x98, 0x07, 0xfb, 0x9a, 0x54, 0xa2, 0x89, 0x8b, 0x51, 0x76,
+    0x29, 0x09, 0xe8, 0x1f, 0xf8, 0x37, 0x2d, 0x46, 0x8a, 0x19, 0x44, 0x6c, 0x54, 0x60, 0x36, 0xb6,
+    0x72, 0x67, 0xff, 0xe3, 0x14, 0x62, 0x38, 0x45, 0xe5, 0x8c, 0x60, 0xe1, 0x8b, 0x3f, 0x91, 0xc5,
+    0x2c, 0xbf, 0x2b, 0x28, 0x83, 0xef, 0x06, 0xda, 0x48, 0x17, 0xcf, 0x08, 0x67, 0x76, 0x04, 0x0d,
+    0xa4, 0x24, 0x26, 0x7c, 0x66, 0xdc, 0xb4, 0xdb, 0x6d, 0x64, 0xd3, 0x73, 0x93, 0x43, 0xd8, 0x9d,
+    0x8e, 0xfe, 0x8f, 0xcf, 0xb7, 0xa3, 0x80, 0xe9, 0x18, 0xc6, 0xee, 0x82, 0xd6, 0x90, 0x41, 0x42,
+    0x51, 0xc1, 0x52, 0x92, 0x1a, 0x26, 0x43, 0xf8, 0x28, 0x89, 0xf1, 0x45, 0xb9, 0x73, 0xc3, 0xc6,
+    0xc8, 0x71, 0x16, 0x2d, 0xab, 0x2b, 0x76, 0x50, 0x41, 0xcc, 0x0f, 0x09, 0xb2, 0x08, 0xe5, 0x44,
+    0x16, 0xbe, 0xf4, 0x14, 0xa0, 0x96, 0x03, 0x6d, 0x24, 0xea, 0x86, 0x04, 0xd2, 0x3b, 0x02, 0xe7,
+  },
+  { /* 15 */
+    0xfb, 0xd5, 0x0c, 0x7a, 0xc0, 0x80, 0x96, 0x19, 0x11, 0x87, 0x93, 0x1b, 0xc9, 0xae, 0xb5, 0xfc,
+    0x08, 0xe0, 0x8c, 0xb2, 0x17, 0x1a, 0xce, 0x7b, 0x32, 0xfc, 0xab, 0xf8, 0xfe, 0xf2, 0x0a, 0xee,
+    0xcb, 0xd0, 0xa2, 0x50, 0xb2, 0xdc, 0x77, 0xc0, 0xbd, 0xca, 0xef, 0x4e, 0x88, 0xc7, 0x89, 0xdd,
+    0x41, 0x10, 0x1a, 0x5e, 0x63, 0x42, 0xd6, 0x69, 0xc4, 0x12, 0x3c, 0xd3, 0x93, 0x13, 0xc0, 0x11,
+    0x38, 0xe5, 0x22, 0x98, 0x65, 0x46, 0x2f, 0xa2, 0x9e, 0xb1, 0xd7, 0xad, 0xbf, 0x9b, 0x36, 0xcf,
+    0xb3, 0x39, 0x6a, 0x11, 0x6f, 0x4a, 0xe7, 0x3c, 0x70, 0x97, 0x29, 0x2f, 0xcb, 0xc0, 0xef, 0x6e,
+    0x1f, 0xb7, 0xc2, 0x06, 0x7d, 0x56, 0x4d, 0x08, 0x35, 0x78, 0xfd, 0x96, 0x0f, 0xfe, 0x68, 0x31,
+    0x88, 0xf8, 0x9b, 0xc3, 0xa4, 0x79, 0x73, 0xc7, 0x94, 0xe7, 0x89, 0xa3, 0xc5, 0x09, 0xaa, 0x16,
+    0x32, 0x3d, 0x8d, 0xe7, 0x07, 0xbb, 0x33, 0xb7, 0x41, 0x72, 0x26, 0x6b, 0x9f, 0xb4, 0xdf, 0xfb,
+    0x7c, 0x99, 0x8e, 0x18, 0x37, 0x9b, 0xf7, 0x20, 0xd4, 0x23, 0x72, 0x1d, 0x3c, 0x7e, 0x63, 0xc4,
+    0x5c, 0x9f, 0xfb, 0x95, 0x6b, 0xf3, 0x49, 0x0f, 0x1c, 0x55, 0x9b, 0x7b, 0x42, 0x30, 0x4b, 0xfa,
+    0x02, 0x38, 0x23, 0xcd, 0x75, 0xe7, 0xd2, 0x6e, 0xed, 0x3f, 0x5a, 0x3e, 0xde, 0xdd, 0xe3, 0xda,
+    0xec, 0x82, 0x42, 0xce, 0xaa, 0xcc, 0x15, 0x6a, 0x16, 0x03, 0xc5, 0x75, 0x38, 0xa2, 0xd7, 0x23,
+    0x12, 0x3b, 0xf8, 0x6a, 0x5b, 0xd3, 0x8d, 0x98, 0x89, 0x04, 0xcf, 0x0d, 0xe1, 0xfa, 0xf7, 0xc5,
+    0x7b, 0xcd, 0x1b, 0x0b, 0x73, 0xe3, 0x2b, 0xa5, 0xb7, 0x9c, 0xb1, 0x40, 0xf2, 0x55, 0x15, 0x04,
+    0x5f, 0xbb, 0x28, 0xdf, 0xc5, 0x86, 0xf2, 0x56, 0x66, 0x94, 0xec, 0x5a, 0xf3, 0x62, 0x38, 0x4d,
+    0xc1, 0x08, 0x0d, 0x2f, 0xd0, 0x21, 0x6b, 0xd5, 0x62, 0x09, 0x1e, 0x88, 0xa8, 0xe8, 0x60, 0xe9,
+    0x04, 0x70, 0x46, 0x59, 0xea, 0x0d, 0x67, 0xdc, 0x19, 0x7e, 0xb4, 0x7c, 0x7f, 0x79, 0x05, 0x77,
+    0x76, 0x41, 0x21, 0x67, 0x55, 0x66, 0xeb, 0x35, 0x0b, 0xe0, 0x83, 0xdb, 0x1c, 0x51, 0x8a, 0xf0,
+    0x6c, 0x9a, 0x55, 0xbf, 0x19, 0xaf, 0xa8, 0xd6, 0xb0, 0x18, 0xe7, 0x2e, 0x03, 0x59, 0x77, 0xdb,
+    0x26, 0x4e, 0x10, 0x19, 0xc3, 0x82, 0x0b, 0x9d, 0x3c, 0x37, 0x07, 0x24, 0xdf, 0xea, 0xce, 0x93,
+    0x0f, 0xb4, 0x19, 0xa1, 0x53, 0x62, 0x12, 0xfe, 0x51, 0x43, 0x68, 0xa5, 0x30, 0xd9, 0x7c, 0x2e,
+    0x0c, 0x90, 0xca, 0xeb, 0xfd, 0x17, 0xa9, 0xa7, 0x2b, 0x82, 0x1f, 0x84, 0x81, 0x8b, 0x0f, 0x99,
+    0xe0, 0x12, 0x88, 0x25, 0x57, 0xdb, 0xbc, 0xcd, 0x3d, 0x81, 0xda, 0xf1, 0xb9, 0x29, 0xd8, 0xba,
+    0xe6, 0x5a, 0xed, 0xb1, 0xc8, 0x31, 0x09, 0x7f, 0xc9, 0xc0, 0x34, 0xb3, 0x18, 0x8d, 0x3e, 0x17,
+    0xd6, 0x5f, 0x43, 0x9b, 0xba, 0x6d, 0xe8, 0xa6, 0x65, 0x8d, 0x48, 0xe6, 0x59, 0xe4, 0x02, 0x36,
+    0x18, 0xe3, 0x57, 0x15, 0x39, 0x2e, 0x91, 0x8d, 0x56, 0xc7, 0x3e, 0xcb, 0xc1, 0xd5, 0x1e, 0xf1,
+    0x8e, 0xb0, 0xfe, 0x57, 0x3b, 0x93, 0xc6, 0x75, 0x60, 0xa6, 0x67, 0xe1, 0x64, 0xad, 0x4c, 0xbb,
+    0x54, 0x7f, 0x77, 0x27, 0x7c, 0xe9, 0x87, 0x74, 0x2e, 0xa9, 0x30, 0x83, 0xbc, 0xc2, 0x41, 0x14,
+    0xe4, 0x62, 0xce, 0x7c, 0xbd, 0xd6, 0xdb, 0x11, 0x24, 0xff, 0x6e, 0x8d, 0xc6, 0x50, 0xdd, 0xcd,
+    0xac, 0x8e, 0xa8, 0x17, 0x12, 0x1c, 0xaa, 0x34, 0x45, 0xef, 0xd4, 0xb9, 0xc4, 0x3e, 0x87, 0x5f,
+    0x69, 0xf6, 0xe3, 0x61, 0x28, 0x30, 0xa6, 0x3d, 0x3e, 0x98, 0x7e, 0x4d, 0x13, 0xaf, 0xe2, 0xc1,
+    0xee, 0xba, 0x61, 0x03, 0xdf, 0x2b, 0xc7, 0x04, 0xfb, 0x3c, 0x9f, 0x4b, 0xe6, 0x7f, 0x34, 0xf9,
+    0xd9, 0xeb, 0x5a, 0x3a, 0xe9, 0x0f, 0xfa, 0x58, 0x34, 0xce, 0x20, 0x43, 0x69, 0x3d, 0x7e, 0x18,
+    0xf7, 0x45, 0xc6, 0x91, 0x3d, 0x97, 0x3f, 0xbe, 0x3a, 0x05, 0x8c, 0x9f, 0x48, 0x25, 0xba, 0x65,
+    0xb9, 0xe1, 0xc5, 0x6e, 0x0d, 0xb7, 0xfb, 0x29, 0xaf, 0x54, 0xd8, 0xe9, 0xeb, 0xef, 0x06, 0x5a,
+    0x85, 0x74, 0xa1, 0xaf, 0x82, 0xfc, 0xb3, 0x57, 0x28, 0x9b, 0xbb, 0x38, 0x2b, 0x0d, 0x35, 0xe2,
+    0x1e, 0xab, 0x32, 0x81, 0xa6, 0xc4, 0x24, 0x3f, 0xa2, 0x86, 0xd0, 0x89, 0x60, 0x71, 0xf8, 0x5c,
+    0x66, 0x42, 0xfa, 0xc0, 0x7b, 0x52, 0xb4, 0xc3, 0x6f, 0xdb, 0x16, 0xe8, 0x23, 0x76, 0x9e, 0xef,
+    0x30, 0x05, 0xae, 0x2a, 0x72, 0x5c, 0xe1, 0xd9, 0xac, 0x4d, 0x7c, 0x55, 0x41, 0x69, 0x3c, 0x21,
+    0xd5, 0x7b, 0x90, 0xd1, 0x14, 0x18, 0x53, 0xff, 0x1f, 0x4c, 0x3f, 0xc7, 0xe8, 0xb6, 0x71, 0x81,
+    0xa2, 0x26, 0x41, 0x31, 0x9a, 0xec, 0xd1, 0xfd, 0x83, 0x52, 0x91, 0x03, 0x9b, 0x68, 0x6b, 0x1c,
+    0xfc, 0x81, 0x99, 0x69, 0x84, 0xf8, 0x4a, 0x9c, 0x72, 0x38, 0x50, 0x46, 0x07, 0x85, 0xc3, 0x3c,
+    0x60, 0x0a, 0x9f, 0x54, 0xe4, 0xb8, 0x01, 0x71, 0x9b, 0x9a, 0xf8, 0xaa, 0x82, 0xd2, 0x78, 0x42,
+    0xff, 0xa5, 0x4a, 0x23, 0x2a, 0x8d, 0xf1, 0xc5, 0x08, 0xf9, 0x27, 0x67, 0xb6, 0xd7, 0xb0, 0x8b,
+    0x6e, 0xa2, 0x76, 0x72, 0x6c, 0x48, 0x7a, 0xb8, 0x5d, 0x27, 0xbd, 0x10, 0xdd, 0x84, 0x94, 0x01,
+    0xea, 0xca, 0x27, 0x5a, 0x35, 0x26, 0xa0, 0xd8, 0xe2, 0x42, 0x2b, 0x37, 0x99, 0x06, 0x31, 0x8e,
+    0x83, 0x3c, 0xc4, 0x3b, 0x1d, 0x16, 0x06, 0xe5, 0xdc, 0xda, 0x55, 0x7a, 0x8a, 0xa9, 0xd3, 0x4f,
+    0x15, 0x6f, 0x6d, 0x79, 0x1f, 0xab, 0x51, 0x1d, 0xea, 0xbb, 0x0c, 0x50, 0x2f, 0xd1, 0x81, 0x05,
+    0xc0, 0x14, 0xfd, 0xa8, 0x0b, 0xb3, 0x02, 0xe2, 0xf5, 0xf7, 0x33, 0x97, 0xc7, 0x67, 0xf0, 0x84,
+    0xdc, 0x87, 0xec, 0xe4, 0xd8, 0x90, 0xf4, 0xb3, 0xba, 0x4e, 0xb9, 0x20, 0x79, 0xcb, 0xeb, 0x02,
+    0xb4, 0x6d, 0xff, 0x02, 0x2b, 0x32, 0x3b, 0xb9, 0x13, 0x28, 0xea, 0x72, 0x05, 0xeb, 0x99, 0xae,
+    0xeb, 0xd6, 0xd7, 0xdd, 0xee, 0xb4, 0xc9, 0xef, 0x75, 0xbc, 0x06, 0x28, 0xf6, 0x89, 0xa1, 0xe3,
+    0xc8, 0xf4, 0x71, 0x1a, 0x1c, 0xa9, 0xcc, 0x99, 0xc7, 0x0b, 0x98, 0x6f, 0x39, 0x95, 0xfa, 0x6a,
+    0x84, 0x68, 0x51, 0x28, 0x59, 0x6e, 0xda, 0x60, 0xbf, 0x65, 0x96, 0x27, 0x44, 0x82, 0xa5, 0x8f,
+    0xe5, 0x7e, 0x3e, 0xfb, 0x66, 0x44, 0xb2, 0x26, 0xb3, 0x01, 0x43, 0x92, 0xa9, 0xdf, 0x4d, 0xa0,
+    0xa7, 0x4a, 0xf7, 0xef, 0xab, 0x73, 0xdf, 0x16, 0x0d, 0xd2, 0x08, 0x60, 0x8b, 0x9e, 0xfe, 0x06,
+    0x44, 0x7c, 0xac, 0x80, 0x52, 0xdd, 0xd8, 0x82, 0x4a, 0x92, 0xa5, 0xb0, 0x83, 0xe5, 0x55, 0x0b,
+    0xba, 0xc5, 0x16, 0x24, 0xa3, 0xc2, 0x40, 0x70, 0xd5, 0x95, 0xaf, 0xc8, 0x5a, 0xbd, 0x75, 0xed,
+    0x62, 0x32, 0xbc, 0x99, 0x91, 0x5f, 0xd3, 0x1f, 0x76, 0xa5, 0xa2, 0x94, 0x5c, 0x0f, 0x9b, 0x98,
+    0xf2, 0x29, 0x70, 0x4f, 0x0c, 0x08, 0x31, 0x55, 0xb4, 0x85, 0x15, 0xfc, 0x58, 0xd3, 0x2f, 0x7f,
+    0x53, 0x2b, 0xe2, 0x34, 0x38, 0x91, 0x5b, 0xf1, 0x4d, 0x16, 0xf3, 0xde, 0x72, 0xe9, 0x37, 0xd4,
+    0x9a, 0xc3, 0x63, 0xa9, 0xff, 0xaa, 0xfe, 0x5f, 0x1d, 0xe3, 0x46, 0xae, 0x24, 0xf3, 0x5d, 0xd3,
+    0x10, 0x03, 0xdb, 0xa7, 0x2e, 0x34, 0x5f, 0xf6, 0x64, 0x3b, 0x95, 0x33, 0x3f, 0x27, 0x14, 0x1f,
+    0x1d, 0x8f, 0xe1, 0xcb, 0x08, 0xb1, 0x9f, 0x66, 0xd8, 0x47, 0xa7, 0xa8, 0xd1, 0x23, 0x8b, 0xeb,
+    0x0a, 0xd8, 0xaf, 0x7f, 0x62, 0xfd, 0x1c, 0x15, 0xdf, 0xc3, 0xf1, 0xc6, 0x20, 0x2f, 0xe9, 0x34,
+    0xd3, 0x33, 0xf5, 0x45, 0x8b, 0xf2, 0xe6, 0x4d, 0xeb, 0x0d, 0xd1, 0x85, 0x49, 0x12, 0x97, 0x2c,
+    0xfd, 0x9d, 0x69, 0xee, 0x5f, 0x6a, 0x23, 0xab, 0xe5, 0xc6, 0x7d, 0x59, 0x68, 0x0a, 0x53, 0x51,
+    0x73, 0x2d, 0x97, 0xb9, 0x64, 0xf9, 0xe5, 0xde, 0x85, 0x60, 0x1a, 0xb8, 0x0c, 0xa7, 0x1f, 0xea,
+    0xf1, 0x0d, 0xa3, 0x05, 0xa2, 0x7d, 0x8a, 0x0c, 0xce, 0x44, 0x62, 0xdd, 0xe9, 0x81, 0x5c, 0xc8,
+    0x4a, 0xd4, 0x45, 0xa6, 0xda, 0x2d, 0xa3, 0x4b, 0x8c, 0x2f, 0xe0, 0x0a, 0xdc, 0xb3, 0xb9, 0x48,
+    0xa1, 0x02, 0x92, 0x7b, 0x34, 0x99, 0x6a, 0xa4, 0xf9, 0x93, 0xe6, 0x22, 0x2a, 0x3a, 0x18, 0xab,
+    0xaa, 0xc6, 0xcd, 0x83, 0x8d, 0xf6, 0x1f, 0x86, 0xb1, 0xae, 0x3a, 0xfb, 0x65, 0x9a, 0x61, 0xf2,
+    0x74, 0x79, 0x02, 0xaa, 0x20, 0x81, 0x39, 0x5b, 0xe6, 0xdf, 0xd9, 0xe5, 0xc2, 0x8c, 0x69, 0x2a,
+    0x14, 0x73, 0x9d, 0xfe, 0xc4, 0x39, 0x38, 0x2a, 0x7d, 0x45, 0x21, 0x4f, 0x40, 0x5e, 0x11, 0x68,
+    0x39, 0xf9, 0xd2, 0x1f, 0xbe, 0xd4, 0x46, 0x95, 0x09, 0x4f, 0xfa, 0xb2, 0xd0, 0x14, 0xa6, 0xa2,
+    0x95, 0x77, 0x7a, 0x08, 0xac, 0xc8, 0xec, 0xa1, 0x4c, 0xa0, 0x2e, 0x0b, 0x14, 0x2a, 0x21, 0xfd,
+    0x5b, 0xcb, 0x6e, 0x86, 0x2f, 0x8b, 0x95, 0x8a, 0x7f, 0xea, 0x58, 0x26, 0x8c, 0x1b, 0x3d, 0x3a,
+    0x56, 0x47, 0x54, 0xea, 0x09, 0x0e, 0x55, 0x1a, 0xc3, 0x96, 0x6a, 0xbd, 0x62, 0x1f, 0xa2, 0xce,
+    0x8a, 0xc0, 0xb8, 0x0e, 0xd1, 0x9e, 0xa1, 0xa9, 0x79, 0xd8, 0xd3, 0x9d, 0x1b, 0xd4, 0x49, 0xcc,
+    0xdf, 0xa3, 0x3f, 0xae, 0x76, 0xe5, 0x4f, 0xea, 0xc0, 0x8f, 0xce, 0x01, 0xc8, 0x99, 0x98, 0xb5,
+    0xcd, 0x98, 0xc7, 0xc4, 0x2d, 0x36, 0xc2, 0x72, 0x49, 0x8b, 0x01, 0x0c, 0x29, 0x63, 0x6f, 0x70,
+    0x51, 0x13, 0xc1, 0xf9, 0x4d, 0x76, 0x89, 0x9f, 0xa0, 0x29, 0xa9, 0xe0, 0xac, 0x34, 0xd4, 0x0e,
+    0x34, 0x75, 0xe8, 0x73, 0x98, 0x51, 0x86, 0x05, 0xb5, 0x33, 0xc8, 0x29, 0x3e, 0x10, 0x39, 0x56,
+    0xf6, 0x59, 0x36, 0x16, 0xe6, 0x05, 0x56, 0x89, 0xad, 0xfb, 0xa1, 0x80, 0x27, 0xaa, 0x2a, 0x08,
+    0x8d, 0x94, 0x2d, 0x1d, 0x95, 0xe6, 0x7d, 0x2c, 0x1a, 0x67, 0x10, 0xc0, 0xd5, 0xff, 0x3f, 0x0c,
+    0x6a, 0xd2, 0x30, 0x2b, 0x86, 0x45, 0x1d, 0x64, 0x44, 0x59, 0x09, 0x6c, 0xa2, 0xfd, 0x91, 0x76,
+    0xf3, 0x35, 0x80, 0xc8, 0xd7, 0x9a, 0x58, 0x62, 0x23, 0x7b, 0x38, 0xe3, 0x37, 0x5c, 0xbf, 0x12,
+    0xf5, 0x7d, 0xe5, 0x5c, 0x48, 0x70, 0xed, 0xd0, 0xd7, 0x3a, 0xd6, 0xa1, 0x96, 0xf8, 0x59, 0xbf,
+    0x11, 0x1f, 0x2b, 0x20, 0xf5, 0xa6, 0x36, 0xc1, 0xf3, 0xc5, 0xb8, 0x2c, 0x50, 0xa8, 0x84, 0x72,
+    0x9d, 0x97, 0xf6, 0xba, 0xbb, 0xd2, 0x22, 0xda, 0x7e, 0x5c, 0x85, 0xf3, 0xea, 0xd8, 0x2b, 0x13,
+    0x75, 0x65, 0xf2, 0x2d, 0xfb, 0x13, 0x50, 0x6c, 0x71, 0x21, 0xf4, 0xfa, 0xad, 0x03, 0xf9, 0x47,
+    0x19, 0xff, 0xa7, 0x92, 0xe2, 0xbc, 0xf8, 0xba, 0xc1, 0x39, 0x13, 0xd4, 0xae, 0x5a, 0x8e, 0x9c,
+    0x03, 0x24, 0xd3, 0x4a, 0xae, 0x75, 0xbb, 0x59, 0x7a, 0xc1, 0x77, 0x21, 0xb1, 0x52, 0x73, 0xb7,
+    0x70, 0x09, 0x44, 0xf3, 0xca, 0x8c, 0x5e, 0x87, 0xff, 0xa1, 0x6d, 0x99, 0xbd, 0xf5, 0x6c, 0x5d,
+    0x72, 0x31, 0x67, 0x3e, 0xbf, 0x6b, 0x8c, 0xe9, 0x12, 0x9e, 0x37, 0xa7, 0x63, 0x28, 0x8f, 0x87,
+    0x3a, 0xdd, 0x01, 0x55, 0x10, 0xa1, 0xfd, 0xcc, 0x73, 0x8e, 0x8d, 0x93, 0x61, 0x46, 0xd5, 0x15,
+    0x8b, 0xdc, 0x48, 0x89, 0x0a, 0x0c, 0xc8, 0x9e, 0xee, 0x26, 0xfe, 0x82, 0x74, 0x5b, 0xd9, 0xa1,
+    0x33, 0x21, 0x7d, 0x60, 0xdc, 0x29, 0x5a, 0x80, 0xd6, 0x8c, 0x0b, 0x74, 0xf0, 0x3b, 0x4f, 0x96,
+    0xc6, 0x5c, 0x98, 0x3c, 0x94, 0x59, 0xb7, 0x50, 0x01, 0xb6, 0xdd, 0xd5, 0x66, 0xc3, 0x16, 0x29,
+    0x2f, 0xb2, 0x6c, 0x2c, 0x0f, 0x0a, 0xac, 0xd1, 0x99, 0x35, 0x81, 0xc3, 0x4e, 0x97, 0x54, 0x10,
+    0x89, 0xe4, 0x6b, 0x44, 0x7f, 0xeb, 0x1a, 0xf0, 0x03, 0x19, 0xa4, 0xbc, 0xaa, 0x86, 0x3a, 0x7b,
+    0xbe, 0xb5, 0x50, 0x7d, 0x49, 0xcf, 0x27, 0xac, 0xcc, 0xeb, 0x1b, 0xb4, 0x25, 0xc4, 0x70, 0x9a,
+    0xce, 0xbc, 0x14, 0x8e, 0x83, 0x43, 0x79, 0x2b, 0x33, 0x4a, 0x76, 0x2d, 0x98, 0x31, 0x1c, 0xc7,
+    0xc4, 0x64, 0xbb, 0xf1, 0xe1, 0xbe, 0x65, 0x3e, 0xec, 0x89, 0x87, 0xeb, 0xb8, 0x1e, 0xf5, 0xf3,
+    0xfa, 0xc9, 0xfc, 0xfd, 0x1b, 0x12, 0xff, 0x2e, 0x86, 0x79, 0xbe, 0x04, 0xa6, 0x21, 0x25, 0x91,
+    0x3b, 0xc1, 0xf1, 0xd2, 0xcb, 0x33, 0x94, 0xfb, 0xe4, 0x70, 0xa0, 0x8c, 0x0e, 0xc9, 0x45, 0x78,
+    0xdd, 0x9b, 0x1c, 0x63, 0x03, 0x02, 0x9d, 0x84, 0x2d, 0xb0, 0x94, 0x3f, 0x16, 0x44, 0x7b, 0x6f,
+    0x77, 0x5d, 0xd1, 0xe0, 0x8e, 0xf4, 0x82, 0x02, 0x9c, 0x1e, 0xae, 0xc4, 0x73, 0xde, 0x1a, 0x9d,
+    0xc5, 0x78, 0x4b, 0x76, 0x3a, 0x2c, 0x0c, 0x09, 0x7b, 0x77, 0xaa, 0xf4, 0xd7, 0x91, 0x65, 0x9e,
+    0x16, 0x4b, 0xbe, 0x33, 0xb1, 0xde, 0xea, 0x44, 0x90, 0x7a, 0x7b, 0x71, 0x9e, 0x83, 0xf2, 0xb2,
+    0xa4, 0x6e, 0x24, 0xa5, 0x05, 0x06, 0x64, 0x4f, 0x77, 0x13, 0x7f, 0x41, 0x3a, 0xcc, 0x8d, 0xb1,
+    0xad, 0x92, 0x58, 0x90, 0xc9, 0x8e, 0xc3, 0x03, 0xd2, 0x11, 0xf9, 0xa6, 0xab, 0xb1, 0x17, 0x32,
+    0xd8, 0xf7, 0xaa, 0xbd, 0x32, 0x9d, 0x93, 0x6f, 0xa3, 0x30, 0x0d, 0x5c, 0x06, 0xb2, 0xee, 0x75,
+    0xb7, 0x49, 0x2c, 0x48, 0x85, 0x47, 0x80, 0xe0, 0x69, 0xe9, 0x9d, 0x53, 0xb4, 0xb9, 0xea, 0x19,
+    0x92, 0x23, 0xef, 0x1b, 0xe8, 0xb0, 0x30, 0x24, 0x2f, 0x1f, 0xed, 0x56, 0xda, 0x01, 0x57, 0x3d,
+    0x49, 0xf0, 0x96, 0xec, 0x74, 0x58, 0x18, 0x12, 0xf6, 0xee, 0x97, 0x2b, 0x6d, 0xe1, 0xca, 0xff,
+    0x64, 0x7a, 0xd9, 0x0d, 0x0e, 0xb5, 0x66, 0xad, 0x82, 0xe4, 0x4c, 0xd6, 0xfd, 0xab, 0x7d, 0x35,
+    0x91, 0x07, 0x3c, 0x51, 0x46, 0xc5, 0x8b, 0x7d, 0x55, 0xde, 0x9a, 0x77, 0x6b, 0x53, 0x24, 0x8a,
+    0x9c, 0x8b, 0x06, 0x3d, 0x60, 0x40, 0x4b, 0xed, 0xe9, 0xa2, 0xa8, 0xec, 0x85, 0x57, 0xbb, 0x7e,
+    0x01, 0x1c, 0xf0, 0x87, 0xdb, 0x92, 0x69, 0x37, 0x97, 0xfe, 0x2d, 0x1f, 0x6f, 0x8f, 0x90, 0x6d,
+    0xe8, 0xf2, 0x04, 0x97, 0x40, 0xc1, 0x72, 0xb6, 0x0f, 0x7d, 0x71, 0x09, 0x47, 0xdb, 0xd2, 0x54,
+    0xa0, 0x1e, 0x62, 0xfc, 0xef, 0x0b, 0x03, 0x93, 0x6e, 0x6d, 0xcb, 0x3d, 0x45, 0xb5, 0x88, 0xc6,
+    0xbb, 0xd9, 0xe6, 0xa3, 0x78, 0x50, 0x29, 0x47, 0x42, 0x6b, 0x82, 0xd7, 0x35, 0x32, 0xe5, 0x80,
+    0xb5, 0x71, 0x0f, 0x85, 0xf0, 0xa0, 0x52, 0x8e, 0x84, 0xd6, 0xc7, 0x6d, 0x6a, 0x64, 0x09, 0xc3,
+    0x29, 0xfa, 0x09, 0xb8, 0x90, 0xe0, 0x19, 0x63, 0x6d, 0x74, 0x6f, 0x81, 0xef, 0x33, 0xb2, 0xbd,
+    0xe3, 0x36, 0x5b, 0x6f, 0xf9, 0xae, 0x07, 0x94, 0x47, 0x40, 0xad, 0xd0, 0x08, 0x7b, 0xab, 0x0d,
+    0x5a, 0xd7, 0x9e, 0x01, 0xf4, 0x19, 0xfc, 0xbd, 0xe8, 0x14, 0x75, 0x39, 0xe3, 0x94, 0xad, 0x57,
+    0x17, 0x57, 0x4e, 0xb4, 0x6a, 0x4c, 0x83, 0x73, 0x07, 0x84, 0x56, 0x6e, 0xf1, 0x0c, 0x62, 0xdf,
+    0x63, 0x2e, 0x4c, 0x1e, 0x4a, 0xcd, 0xba, 0x28, 0xe1, 0x5b, 0x8f, 0x8b, 0x33, 0x80, 0x0b, 0xf5,
+    0x25, 0x6a, 0xc3, 0x53, 0x6d, 0xf7, 0xb0, 0xc4, 0x46, 0xf6, 0x70, 0x05, 0x6e, 0xb8, 0xbd, 0x24,
+    0x7d, 0x85, 0x7e, 0x9f, 0xec, 0x09, 0x9e, 0x17, 0x43, 0xdd, 0x5f, 0x02, 0x53, 0xf1, 0xf3, 0xa9,
+    0x20, 0x06, 0x75, 0x8d, 0x5c, 0x68, 0xbe, 0x2f, 0xc8, 0x76, 0xe9, 0x66, 0x7e, 0x4e, 0x28, 0x3e,
+    0x13, 0x27, 0x08, 0xed, 0x80, 0x41, 0xe4, 0xaf, 0x1e, 0xfa, 0xe2, 0x12, 0x8e, 0x75, 0x67, 0xa8,
+    0x0e, 0xa8, 0xe9, 0x26, 0x88, 0xf0, 0x7b, 0xc9, 0xc6, 0xbd, 0x45, 0xba, 0x5f, 0x56, 0xec, 0x43,
+    0x9f, 0xaf, 0xd5, 0x77, 0xce, 0x35, 0xf0, 0xb4, 0x93, 0x63, 0xdf, 0xcd, 0x34, 0x05, 0xc8, 0xc9,
+    0xe1, 0x0e, 0x78, 0xa2, 0x8c, 0x49, 0xd5, 0xfa, 0xaa, 0x7f, 0xf7, 0xee, 0xd6, 0xa6, 0x48, 0xd7,
+    0x55, 0x63, 0x87, 0xa0, 0xa7, 0x7b, 0xee, 0x43, 0xb9, 0x57, 0x1d, 0x9c, 0xd3, 0x4d, 0xd1, 0x79,
+    0x8f, 0xac, 0x0e, 0xd0, 0xe0, 0x01, 0xaf, 0x42, 0xf7, 0x58, 0x4a, 0xfe, 0x0b, 0x22, 0xdc, 0xd6,
+    0xd1, 0x0b, 0xd6, 0x88, 0xfe, 0x15, 0x34, 0x23, 0x06, 0x32, 0x8b, 0xbb, 0x97, 0xcf, 0x74, 0xf6,
+    0x40, 0x0c, 0xea, 0xd9, 0xb8, 0xd0, 0xbf, 0x5e, 0x53, 0xec, 0x11, 0xcc, 0xfc, 0x9c, 0x50, 0x7c,
+    0x82, 0x20, 0x34, 0xbc, 0xc6, 0x84, 0x6f, 0xd2, 0x4b, 0x24, 0x78, 0x65, 0xe5, 0x26, 0x43, 0x22,
+    0x52, 0x37, 0x12, 0xb3, 0xe3, 0x03, 0x32, 0xc6, 0xda, 0xe8, 0xde, 0xc1, 0x1d, 0x66, 0xa7, 0xb9,
+    0xb2, 0x25, 0x9a, 0x96, 0xb4, 0xd8, 0x8e, 0x0b, 0xe7, 0x69, 0x04, 0x30, 0xa4, 0x4f, 0x7f, 0x03,
+    0x59, 0xf3, 0x4d, 0x4b, 0x5a, 0x6c, 0x47, 0xe4, 0x92, 0xd5, 0x02, 0x18, 0x52, 0xc6, 0xde, 0xe0,
+    0x3f, 0xb1, 0xb7, 0x8b, 0x21, 0x3e, 0xf3, 0x27, 0xfd, 0x0e, 0x14, 0xf0, 0x71, 0xb0, 0x40, 0x0f,
+    0xd4, 0x67, 0x60, 0x56, 0xcf, 0x8a, 0x3a, 0xc8, 0x88, 0xb2, 0x12, 0xd8, 0x87, 0x39, 0xe1, 0xec,
+    0x79, 0xf5, 0x38, 0xc6, 0x06, 0x04, 0xf9, 0xcb, 0x5a, 0xa3, 0xeb, 0x7e, 0x2c, 0x88, 0xf6, 0xde,
+    0xe7, 0x46, 0x1d, 0x36, 0x13, 0xa3, 0x60, 0x48, 0x5e, 0x3e, 0x19, 0xac, 0x77, 0x02, 0xae, 0x7a,
+    0xef, 0xa6, 0x91, 0x84, 0x04, 0xb9, 0xae, 0x33, 0x6c, 0xc2, 0xb2, 0x54, 0x89, 0xf0, 0xa4, 0x94,
+    0xca, 0xcc, 0x52, 0xd7, 0x69, 0x4e, 0x1e, 0xf7, 0x2a, 0x34, 0xc2, 0x51, 0xe7, 0x48, 0x19, 0xb0,
+    0x47, 0x58, 0x7f, 0xca, 0xfc, 0xa8, 0x63, 0xdb, 0x30, 0x53, 0xd2, 0x91, 0x32, 0xb7, 0x26, 0xbc,
+    0xa5, 0x72, 0xd4, 0x22, 0xde, 0x94, 0x0d, 0x78, 0xe0, 0xed, 0x52, 0x5e, 0x55, 0x43, 0x1d, 0xdc,
+    0xaf, 0xaa, 0x7b, 0x5d, 0xbc, 0x69, 0x11, 0x6d, 0x3f, 0x2e, 0xa3, 0x98, 0x75, 0x6c, 0xf4, 0xe8,
+    0xa8, 0xfe, 0xee, 0x4e, 0xf8, 0x11, 0xcd, 0xe8, 0x5c, 0x91, 0x60, 0xc5, 0xbb, 0x47, 0x82, 0x28,
+    0x93, 0x3f, 0x1f, 0x9c, 0x33, 0x22, 0x59, 0x13, 0xb8, 0xe1, 0xc0, 0x49, 0xb5, 0x8e, 0xc7, 0x50,
+    0xed, 0x9e, 0xb2, 0x49, 0x71, 0x5e, 0x7c, 0x5d, 0x81, 0xfd, 0xe8, 0x6a, 0x57, 0x2d, 0x47, 0x4e,
+    0xc3, 0x30, 0x2e, 0xe2, 0xa5, 0xc6, 0xb9, 0xbb, 0x8f, 0x36, 0x44, 0xb6, 0x76, 0x35, 0x83, 0x33,
+    0x2a, 0xde, 0xda, 0xf2, 0x3e, 0x95, 0xa2, 0x3a, 0x17, 0xb5, 0x18, 0xa0, 0x5e, 0x61, 0xc1, 0x0a,
+    0x96, 0x53, 0xa9, 0x42, 0x02, 0xbd, 0x57, 0xf8, 0x36, 0x61, 0x59, 0x2a, 0xa5, 0x78, 0x52, 0x4a,
+    0x2c, 0x96, 0xbf, 0x66, 0xa1, 0x7f, 0x17, 0x88, 0xe3, 0xf4, 0xf6, 0xe2, 0xff, 0xc5, 0x27, 0xa7,
+    0x5d, 0x83, 0x0b, 0x12, 0xb0, 0x61, 0x20, 0x38, 0x8b, 0xab, 0xb6, 0x64, 0x2d, 0xbf, 0xdb, 0x97,
+    0xe2, 0x2a, 0xab, 0xe8, 0x22, 0x3c, 0x6e, 0xa3, 0xd0, 0xbe, 0x80, 0xcf, 0x67, 0xf4, 0x3b, 0x60,
+    0x7f, 0xbd, 0x5d, 0x52, 0x99, 0xee, 0x4c, 0x79, 0xae, 0xe2, 0x05, 0x3c, 0x8d, 0x2c, 0x10, 0x73,
+    0x7e, 0xa1, 0xad, 0xd5, 0x42, 0x7c, 0x25, 0x4e, 0x39, 0x1c, 0x28, 0x23, 0xe2, 0xa3, 0x80, 0x1e,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x3e, 0xad, 0x47, 0x0c, 0xfa, 0xac, 0x9a, 0x10, 0x6a, 0xf0, 0x39, 0xef, 0x1e, 0x3f, 0xd0, 0x62,
+    0xc7, 0x40, 0x68, 0xbb, 0x4f, 0xcb, 0xde, 0x67, 0x96, 0x48, 0xf0, 0xca, 0x09, 0x4c, 0x86, 0x44,
+    0x05, 0x6c, 0xb6, 0xde, 0x31, 0x9f, 0x0e, 0xeb, 0x8e, 0x80, 0x99, 0x63, 0x10, 0xf6, 0x95, 0x1a,
+    0x3c, 0x95, 0x64, 0xc1, 0x8f, 0x4b, 0x48, 0x7e, 0x87, 0xcf, 0x63, 0xd1, 0xc0, 0xe2, 0x33, 0xb8,
+    0x87, 0x4c, 0x82, 0x62, 0xf7, 0x1b, 0x61, 0x39, 0xc5, 0xa4, 0xe1, 0x06, 0xf5, 0xd0, 0xd6, 0x38,
+    0x67, 0x5e, 0x0a, 0x47, 0xa0, 0xc0, 0xdd, 0xf4, 0xf8, 0x25, 0x3b, 0xf7, 0x4c, 0xf9, 0x0e, 0x82,
+    0x99, 0xe7, 0xb0, 0xe3, 0x51, 0xdf, 0x45, 0x06, 0x67, 0x22, 0x31, 0x8f, 0x95, 0xa1, 0x2e, 0x64,
+    0xab, 0xda, 0x3d, 0x04, 0x56, 0x64, 0x76, 0xb1, 0x26, 0x50, 0x17, 0xe4, 0x0a, 0x15, 0xf1, 0x9f,
+    0xf9, 0xed, 0x2f, 0xb7, 0xb5, 0x67, 0x44, 0x77, 0xfc, 0xb8, 0xc9, 0x25, 0x17, 0x73, 0x56, 0x26,
+    0xd2, 0x2f, 0x05, 0xc2, 0x50, 0x60, 0x8f, 0x7a, 0x7c, 0xf3, 0xfc, 0x9a, 0x26, 0x9d, 0x07, 0x41,
+    0x06, 0x48, 0x65, 0x94, 0x9f, 0xea, 0xb5, 0xb2, 0xf4, 0x41, 0xee, 0x42, 0xa1, 0xa4, 0xe6, 0xad,
+    0xa9, 0xe2, 0x1e, 0xc9, 0x23, 0x83, 0xa4, 0xdf, 0xcb, 0x6f, 0x4d, 0xda, 0xd4, 0xc8, 0x12, 0x45,
+    0x1b, 0xc7, 0x84, 0x5f, 0x97, 0x5b, 0x2a, 0xd4, 0x2c, 0x06, 0x49, 0xea, 0x70, 0x87, 0x6d, 0x46,
+    0x48, 0xec, 0x66, 0x6b, 0xaf, 0xca, 0x71, 0x25, 0x61, 0x10, 0xba, 0x34, 0x02, 0x6e, 0x5a, 0x92,
+    0x97, 0x4f, 0x59, 0xc5, 0xd9, 0x2f, 0x3e, 0xcf, 0xa1, 0x9f, 0x74, 0x35, 0xca, 0xf7, 0xc2, 0x27,
+    0xc2, 0x2c, 0xde, 0x65, 0x7e, 0x54, 0xd0, 0x8c, 0x18, 0xc8, 0x69, 0xa9, 0x19, 0xba, 0x13, 0x5e,
+    0x86, 0x50, 0x72, 0xe5, 0x2c, 0x89, 0x08, 0x0e, 0x52, 0x5a, 0xcc, 0x19, 0x9a, 0x5f, 0x46, 0x55,
+    0x61, 0x16, 0x6f, 0xd3, 0x3f, 0x2a, 0x68, 0x46, 0x0c, 0x64, 0xd5, 0xb5, 0xed, 0x5d, 0xe8, 0x2f,
+    0x36, 0x4d, 0xcb, 0xbe, 0xed, 0xb6, 0x54, 0x6b, 0x58, 0x0c, 0x92, 0x17, 0xe0, 0xcd, 0xda, 0x8c,
+    0x57, 0x5b, 0xa4, 0x6d, 0xd2, 0x9c, 0x3c, 0x2d, 0x54, 0x68, 0x47, 0xa2, 0x0d, 0x90, 0x32, 0xa3,
+    0xf0, 0x11, 0x53, 0x82, 0x79, 0xef, 0xe3, 0x3b, 0x59, 0xba, 0x4f, 0xc2, 0x86, 0x0e, 0xcc, 0xa5,
+    0x2e, 0xae, 0x9c, 0xab, 0xd4, 0x98, 0xc5, 0xe6, 0x0e, 0xcb, 0xac, 0xdc, 0x21, 0x18, 0xc4, 0x7d,
+    0x7a, 0xd1, 0xeb, 0x8c, 0xa8, 0x71, 0x42, 0x92, 0x20, 0x62, 0x9c, 0x5f, 0x9d, 0xda, 0x85, 0x69,
+    0x3d, 0x89, 0x94, 0x46, 0x54, 0xd9, 0x21, 0x49, 0x10, 0x31, 0x4e, 0xce, 0xaf, 0x6d, 0xa3, 0xd5,
+    0x81, 0x04, 0xe7, 0xf6, 0x68, 0xf1, 0xd4, 0x8b, 0x31, 0xe5, 0x0f, 0x44, 0x54, 0x74, 0x30, 0x95,
+    0x35, 0x69, 0x18, 0xf4, 0x43, 0xc3, 0xef, 0x32, 0x22, 0xcd, 0xe5, 0x36, 0x51, 0x9f, 0xa9, 0x3b,
+    0xc9, 0xe8, 0x81, 0x9d, 0xc7, 0x3b, 0xa5, 0xae, 0x50, 0xf5, 0xb5, 0x70, 0x56, 0x1a, 0x6a, 0x07,
+    0x65, 0x66, 0x29, 0x8a, 0xd5, 0x27, 0x0f, 0x9a, 0x15, 0x1a, 0x61, 0xc9, 0x92, 0x24, 0xed, 0x58,
+    0x78, 0xe9, 0xc8, 0x41, 0xdd, 0x96, 0x90, 0xfc, 0xcd, 0x5d, 0xc6, 0x61, 0x43, 0x07, 0x66, 0xb3,
+    0xbc, 0x8d, 0x73, 0xb0, 0x3c, 0x28, 0xf5, 0xc2, 0x21, 0xd4, 0x41, 0x8a, 0xfb, 0x19, 0x93, 0x40,
+    0x1c, 0x93, 0x11, 0x4c, 0xd3, 0x23, 0xf6, 0x51, 0x4f, 0xb9, 0x8a, 0xb7, 0xbe, 0xac, 0x1b, 0x86,
+    0x68, 0xea, 0x13, 0xe6, 0xf3, 0xa2, 0xcf, 0x0a, 0xa9, 0x66, 0x53, 0x52, 0x7c, 0x20, 0x72, 0xac,
+    0xcc, 0x84, 0x37, 0x43, 0xf6, 0xa4, 0xab, 0x45, 0xde, 0x75, 0x2c, 0x13, 0x46, 0xec, 0xff, 0x1d,
+    0xbf, 0xa9, 0xa0, 0xfa, 0x92, 0x5d, 0x4e, 0x9b, 0x5b, 0x15, 0x36, 0xab, 0x4a, 0x4b, 0xe0, 0xf7,
+    0x71, 0x15, 0xb4, 0x74, 0x11, 0x1e, 0x37, 0xb0, 0x68, 0x5f, 0x40, 0x86, 0xd2, 0x7a, 0xfc, 0x30,
+    0xb8, 0xfd, 0x35, 0xe9, 0xd6, 0x25, 0x92, 0x1e, 0x38, 0xaa, 0xf5, 0xf6, 0x84, 0x60, 0x96, 0x37,
+    0xa6, 0x56, 0x07, 0x68, 0x70, 0xe1, 0xb6, 0x21, 0x9a, 0x2c, 0x25, 0x7f, 0xe4, 0x11, 0x6e, 0x6b,
+    0x22, 0x3e, 0x56, 0x40, 0x29, 0x8f, 0x6c, 0x41, 0x25, 0x49, 0xb3, 0x58, 0xa0, 0x93, 0xcb, 0xe4,
+    0x4d, 0x80, 0xd0, 0xb5, 0x9e, 0x55, 0x7f, 0xce, 0xef, 0x90, 0x23, 0x57, 0x12, 0x98, 0xcf, 0x88,
+    0xb0, 0x1d, 0xb9, 0x5b, 0xc1, 0x3f, 0x5c, 0x65, 0x0a, 0x56, 0x5e, 0x0e, 0x7a, 0x92, 0x9c, 0xd9,
+    0x90, 0x1b, 0xcc, 0xd6, 0x9d, 0x57, 0xe2, 0x4a, 0xc2, 0x20, 0xb7, 0x68, 0x04, 0xdc, 0xb4, 0xe7,
+    0x23, 0x22, 0xa6, 0xc7, 0xf2, 0x1d, 0x05, 0x76, 0xb2, 0xb7, 0x9e, 0x47, 0xcf, 0x1c, 0x5b, 0x89,
+    0x37, 0x51, 0x3b, 0x39, 0x36, 0x24, 0x3d, 0x5c, 0xcf, 0xf2, 0xbf, 0x08, 0x8f, 0x42, 0x4a, 0xe1,
+    0x6b, 0xce, 0xc0, 0xac, 0x5d, 0xd7, 0x74, 0x53, 0xd3, 0xa7, 0x24, 0x73, 0xcd, 0x72, 0x01, 0x1b,
+    0x09, 0xfc, 0x7c, 0x35, 0xcc, 0x88, 0xa7, 0x4c, 0xa5, 0x02, 0x86, 0xe7, 0x91, 0x7d, 0x9a, 0x83,
+    0x24, 0x76, 0x33, 0xd4, 0xb6, 0x65, 0xd9, 0xf3, 0xd1, 0x08, 0x5d, 0x1a, 0x01, 0x37, 0x2d, 0x49,
+    0x31, 0x19, 0x5e, 0xad, 0xa9, 0xce, 0x88, 0xee, 0x3b, 0xb3, 0x51, 0x4a, 0x2e, 0xe6, 0xac, 0x4c,
+    0x4e, 0xa4, 0x03, 0xff, 0x30, 0x20, 0xc4, 0x97, 0x95, 0x51, 0x54, 0x76, 0xa3, 0xca, 0xbc, 0x3f,
+    0x80, 0x18, 0x17, 0x71, 0xb3, 0x63, 0xbd, 0xbc, 0xa6, 0x1b, 0x22, 0x5b, 0x3b, 0xfb, 0xa0, 0xf8,
+    0x27, 0x52, 0xe0, 0x9e, 0x18, 0x10, 0x62, 0xaa, 0xab, 0xc9, 0x2a, 0x3b, 0xb0, 0x65, 0x5e, 0xfe,
+    0x58, 0xef, 0xbd, 0xcc, 0x81, 0xfe, 0x2e, 0xd3, 0x05, 0x2b, 0x2f, 0x07, 0x3d, 0x49, 0x4e, 0x8d,
+    0x21, 0x1a, 0x85, 0x0a, 0x87, 0xfa, 0xd7, 0x18, 0x5f, 0x88, 0xc4, 0x79, 0x11, 0xc1, 0xb8, 0x53,
+    0xcf, 0xa0, 0xe4, 0x09, 0x58, 0xd1, 0x10, 0x1c, 0xa4, 0xb4, 0x5b, 0x32, 0xf7, 0xbe, 0x8c, 0xaa,
+    0x94, 0x6b, 0x8a, 0x8f, 0x77, 0x5a, 0x85, 0x96, 0xdb, 0x5e, 0x03, 0x14, 0x7b, 0xa5, 0xb1, 0x90,
+    0x2d, 0x8a, 0x4f, 0xe1, 0x7a, 0xed, 0x7e, 0xbf, 0x74, 0x0a, 0xdb, 0xfd, 0x90, 0x4a, 0xb7, 0xca,
+    0xde, 0xbf, 0xcf, 0x29, 0xad, 0x77, 0x26, 0xdd, 0x57, 0x71, 0xe3, 0x1e, 0xa7, 0x16, 0x08, 0xd8,
+    0xae, 0xb6, 0x8b, 0xda, 0x67, 0xfb, 0x78, 0x5a, 0xa8, 0xd0, 0x8e, 0x87, 0x1a, 0xe3, 0x64, 0x85,
+    0x8c, 0x88, 0xdd, 0x9a, 0x4e, 0x74, 0x14, 0x1b, 0x8d, 0x99, 0x3d, 0xdf, 0xba, 0x70, 0xaf, 0x61,
+    0x5e, 0xa7, 0xd8, 0x58, 0x1e, 0x14, 0x9b, 0x61, 0xf1, 0x6a, 0xc1, 0x45, 0x9c, 0xed, 0xa8, 0x20,
+    0xa3, 0x3a, 0xb1, 0xb6, 0x41, 0x7e, 0xb8, 0xca, 0x14, 0xac, 0xbc, 0x1c, 0xf4, 0xe7, 0xfb, 0x71,
+    0x2b, 0xc2, 0x2a, 0x75, 0xe5, 0x07, 0xcb, 0x0d, 0x80, 0x4b, 0x35, 0xbf, 0x31, 0xee, 0x51, 0x67,
+    0x9e, 0xb3, 0x25, 0xf0, 0x15, 0xa7, 0x99, 0x83, 0x04, 0x9d, 0xf2, 0xd2, 0x5b, 0x8a, 0x58, 0xa4,
+    0xbd, 0x91, 0x83, 0x37, 0xe7, 0xba, 0x9c, 0xf5, 0xb6, 0x2a, 0x6c, 0x95, 0x94, 0x96, 0x03, 0x2d,
+    0x1a, 0xdb, 0x74, 0xd8, 0x4c, 0xc9, 0x43, 0xe3, 0xbb, 0xf8, 0x64, 0xf5, 0x1f, 0x08, 0xfd, 0x2b,
+    0x98, 0xfb, 0x40, 0x64, 0x8a, 0x4d, 0x2c, 0x31, 0xf0, 0xdc, 0x1c, 0x90, 0xfa, 0x2e, 0xbe, 0x09,
+    0xd7, 0x43, 0xb3, 0x1c, 0x61, 0xff, 0x81, 0x91, 0xf2, 0x73, 0x65, 0xf9, 0x36, 0x6b, 0x92, 0x5b,
+    0x43, 0x28, 0x39, 0x93, 0x16, 0xa5, 0x04, 0x07, 0x29, 0x2d, 0x66, 0xed, 0x4d, 0xce, 0x23, 0xcb,
+    0xd0, 0x17, 0x26, 0x0f, 0x25, 0x87, 0x5d, 0x14, 0x91, 0xcc, 0xa6, 0xa4, 0xf8, 0x40, 0xe4, 0x9b,
+    0x4b, 0xc8, 0xb5, 0x21, 0x01, 0xbf, 0xca, 0x7c, 0x1b, 0xd1, 0xcd, 0x15, 0xb3, 0x3c, 0x29, 0x25,
+    0x28, 0xe6, 0xf9, 0x3f, 0x4b, 0x72, 0x70, 0x54, 0xfa, 0x8a, 0x42, 0x9e, 0x80, 0xbc, 0x22, 0xd0,
+    0x9b, 0xdf, 0x93, 0x2e, 0x24, 0x38, 0x97, 0x68, 0x8a, 0x1d, 0x6b, 0xb1, 0x4b, 0x7c, 0xcd, 0xbe,
+    0x4c, 0x9c, 0x20, 0x32, 0x45, 0xc7, 0x16, 0xf9, 0x78, 0x6e, 0x0e, 0x48, 0x7d, 0x17, 0x5f, 0xe5,
+    0x6f, 0xbe, 0x86, 0xf5, 0xb7, 0xda, 0x13, 0x8f, 0xca, 0xd9, 0x90, 0x0f, 0xb2, 0x0b, 0x04, 0x6c,
+    0x4f, 0xb8, 0xf3, 0x78, 0xeb, 0xb2, 0xad, 0xa0, 0x02, 0xaf, 0x79, 0x69, 0xcc, 0x45, 0x2c, 0x52,
+    0x0b, 0xc4, 0x5f, 0xf8, 0xb9, 0x6f, 0x75, 0x22, 0x48, 0x3d, 0xdc, 0xd9, 0x4f, 0xa0, 0x79, 0x59,
+    0x42, 0x34, 0xc9, 0x14, 0xcd, 0x37, 0x6d, 0x30, 0xbe, 0xd3, 0x4b, 0xf2, 0x22, 0x41, 0xb3, 0xa6,
+    0xb6, 0x55, 0xdc, 0xcf, 0x5e, 0xd5, 0xe9, 0xd7, 0xfe, 0x17, 0xb0, 0x4c, 0xdb, 0x36, 0x7a, 0x74,
+    0xf4, 0x61, 0x15, 0xdb, 0x93, 0xe2, 0x84, 0xe7, 0x40, 0xc4, 0xfb, 0xbe, 0xf9, 0x77, 0xc9, 0xd2,
+    0xfe, 0xb9, 0xba, 0xa4, 0xf1, 0x1f, 0x98, 0xf2, 0x9f, 0x07, 0x0a, 0x78, 0xd9, 0x58, 0x20, 0xe6,
+    0x0d, 0x8c, 0x3a, 0x6c, 0x26, 0x85, 0xc0, 0x90, 0xbc, 0x7c, 0x32, 0x9b, 0xee, 0x04, 0x9f, 0xf4,
+    0xb1, 0x01, 0x49, 0xdc, 0x1a, 0xad, 0x35, 0x52, 0x9d, 0xa8, 0x73, 0x11, 0x15, 0x1d, 0x0c, 0xb4,
+    0x07, 0x54, 0x95, 0x13, 0x44, 0x78, 0xdc, 0x85, 0x63, 0xbf, 0xc3, 0x5d, 0xce, 0x2b, 0x76, 0xc0,
+    0x46, 0x44, 0x8f, 0x4d, 0x27, 0x3a, 0x0a, 0xec, 0xa7, 0xad, 0xff, 0x8e, 0x5d, 0x38, 0xb6, 0xd1,
+    0x45, 0x60, 0x5c, 0x07, 0x89, 0x4f, 0xb1, 0xb5, 0xdd, 0x6c, 0x88, 0xaf, 0xec, 0x6a, 0xc5, 0x66,
+    0xda, 0xcf, 0x89, 0x70, 0x47, 0x7a, 0x41, 0x01, 0x4e, 0x0f, 0x57, 0x62, 0xd8, 0x6f, 0x0d, 0xaf,
+    0xdb, 0xd3, 0x79, 0xf7, 0x9c, 0xe8, 0x28, 0x36, 0xd9, 0xf1, 0x7a, 0x7d, 0xb7, 0xe0, 0x9d, 0xc2,
+    0xe9, 0xee, 0xf4, 0x10, 0x9b, 0x53, 0x1b, 0x81, 0x98, 0x83, 0x5c, 0x16, 0x28, 0x54, 0x42, 0x39,
+    0xf8, 0xf1, 0xdf, 0x30, 0x6e, 0xf5, 0x2d, 0x40, 0x6b, 0x46, 0xe4, 0x3a, 0x78, 0xfc, 0xc6, 0x4b,
+    0x50, 0x0f, 0x31, 0x7e, 0x96, 0xe4, 0xe0, 0xa8, 0x37, 0xd7, 0x84, 0xff, 0xc3, 0xbb, 0x44, 0x63,
+    0x6d, 0x86, 0xa5, 0x38, 0xc2, 0x3d, 0xc1, 0xe1, 0x27, 0xe6, 0xca, 0x31, 0x6c, 0xd6, 0xe7, 0xb6,
+  },
+};
+
+static const uint8_t kuz_table_inv[16][256 * 16] =
+{
+  { /* 0 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x01, 0x94, 0x84, 0xdd, 0x10, 0xbd, 0x27, 0x5d, 0xb8, 0x7a, 0x48, 0x6c, 0x72, 0x76, 0xa2, 0x6e,
+    0x02, 0xeb, 0xcb, 0x79, 0x20, 0xb9, 0x4e, 0xba, 0xb3, 0xf4, 0x90, 0xd8, 0xe4, 0xec, 0x87, 0xdc,
+    0x03, 0x7f, 0x4f, 0xa4, 0x30, 0x04, 0x69, 0xe7, 0x0b, 0x8e, 0xd8, 0xb4, 0x96, 0x9a, 0x25, 0xb2,
+    0x04, 0x15, 0x55, 0xf2, 0x40, 0xb1, 0x9c, 0xb7, 0xa5, 0x2b, 0xe3, 0x73, 0x0b, 0x1b, 0xcd, 0x7b,
+    0x05, 0x81, 0xd1, 0x2f, 0x50, 0x0c, 0xbb, 0xea, 0x1d, 0x51, 0xab, 0x1f, 0x79, 0x6d, 0x6f, 0x15,
+    0x06, 0xfe, 0x9e, 0x8b, 0x60, 0x08, 0xd2, 0x0d, 0x16, 0xdf, 0x73, 0xab, 0xef, 0xf7, 0x4a, 0xa7,
+    0x07, 0x6a, 0x1a, 0x56, 0x70, 0xb5, 0xf5, 0x50, 0xae, 0xa5, 0x3b, 0xc7, 0x9d, 0x81, 0xe8, 0xc9,
+    0x08, 0x2a, 0xaa, 0x27, 0x80, 0xa1, 0xfb, 0xad, 0x89, 0x56, 0x05, 0xe6, 0x16, 0x36, 0x59, 0xf6,
+    0x09, 0xbe, 0x2e, 0xfa, 0x90, 0x1c, 0xdc, 0xf0, 0x31, 0x2c, 0x4d, 0x8a, 0x64, 0x40, 0xfb, 0x98,
+    0x0a, 0xc1, 0x61, 0x5e, 0xa0, 0x18, 0xb5, 0x17, 0x3a, 0xa2, 0x95, 0x3e, 0xf2, 0xda, 0xde, 0x2a,
+    0x0b, 0x55, 0xe5, 0x83, 0xb0, 0xa5, 0x92, 0x4a, 0x82, 0xd8, 0xdd, 0x52, 0x80, 0xac, 0x7c, 0x44,
+    0x0c, 0x3f, 0xff, 0xd5, 0xc0, 0x10, 0x67, 0x1a, 0x2c, 0x7d, 0xe6, 0x95, 0x1d, 0x2d, 0x94, 0x8d,
+    0x0d, 0xab, 0x7b, 0x08, 0xd0, 0xad, 0x40, 0x47, 0x94, 0x07, 0xae, 0xf9, 0x6f, 0x5b, 0x36, 0xe3,
+    0x0e, 0xd4, 0x34, 0xac, 0xe0, 0xa9, 0x29, 0xa0, 0x9f, 0x89, 0x76, 0x4d, 0xf9, 0xc1, 0x13, 0x51,
+    0x0f, 0x40, 0xb0, 0x71, 0xf0, 0x14, 0x0e, 0xfd, 0x27, 0xf3, 0x3e, 0x21, 0x8b, 0xb7, 0xb1, 0x3f,
+    0x10, 0x54, 0x97, 0x4e, 0xc3, 0x81, 0x35, 0x99, 0xd1, 0xac, 0x0a, 0x0f, 0x2c, 0x6c, 0xb2, 0x2f,
+    0x11, 0xc0, 0x13, 0x93, 0xd3, 0x3c, 0x12, 0xc4, 0x69, 0xd6, 0x42, 0x63, 0x5e, 0x1a, 0x10, 0x41,
+    0x12, 0xbf, 0x5c, 0x37, 0xe3, 0x38, 0x7b, 0x23, 0x62, 0x58, 0x9a, 0xd7, 0xc8, 0x80, 0x35, 0xf3,
+    0x13, 0x2b, 0xd8, 0xea, 0xf3, 0x85, 0x5c, 0x7e, 0xda, 0x22, 0xd2, 0xbb, 0xba, 0xf6, 0x97, 0x9d,
+    0x14, 0x41, 0xc2, 0xbc, 0x83, 0x30, 0xa9, 0x2e, 0x74, 0x87, 0xe9, 0x7c, 0x27, 0x77, 0x7f, 0x54,
+    0x15, 0xd5, 0x46, 0x61, 0x93, 0x8d, 0x8e, 0x73, 0xcc, 0xfd, 0xa1, 0x10, 0x55, 0x01, 0xdd, 0x3a,
+    0x16, 0xaa, 0x09, 0xc5, 0xa3, 0x89, 0xe7, 0x94, 0xc7, 0x73, 0x79, 0xa4, 0xc3, 0x9b, 0xf8, 0x88,
+    0x17, 0x3e, 0x8d, 0x18, 0xb3, 0x34, 0xc0, 0xc9, 0x7f, 0x09, 0x31, 0xc8, 0xb1, 0xed, 0x5a, 0xe6,
+    0x18, 0x7e, 0x3d, 0x69, 0x43, 0x20, 0xce, 0x34, 0x58, 0xfa, 0x0f, 0xe9, 0x3a, 0x5a, 0xeb, 0xd9,
+    0x19, 0xea, 0xb9, 0xb4, 0x53, 0x9d, 0xe9, 0x69, 0xe0, 0x80, 0x47, 0x85, 0x48, 0x2c, 0x49, 0xb7,
+    0x1a, 0x95, 0xf6, 0x10, 0x63, 0x99, 0x80, 0x8e, 0xeb, 0x0e, 0x9f, 0x31, 0xde, 0xb6, 0x6c, 0x05,
+    0x1b, 0x01, 0x72, 0xcd, 0x73, 0x24, 0xa7, 0xd3, 0x53, 0x74, 0xd7, 0x5d, 0xac, 0xc0, 0xce, 0x6b,
+    0x1c, 0x6b, 0x68, 0x9b, 0x03, 0x91, 0x52, 0x83, 0xfd, 0xd1, 0xec, 0x9a, 0x31, 0x41, 0x26, 0xa2,
+    0x1d, 0xff, 0xec, 0x46, 0x13, 0x2c, 0x75, 0xde, 0x45, 0xab, 0xa4, 0xf6, 0x43, 0x37, 0x84, 0xcc,
+    0x1e, 0x80, 0xa3, 0xe2, 0x23, 0x28, 0x1c, 0x39, 0x4e, 0x25, 0x7c, 0x42, 0xd5, 0xad, 0xa1, 0x7e,
+    0x1f, 0x14, 0x27, 0x3f, 0x33, 0x95, 0x3b, 0x64, 0xf6, 0x5f, 0x34, 0x2e, 0xa7, 0xdb, 0x03, 0x10,
+    0x20, 0xa8, 0xed, 0x9c, 0x45, 0xc1, 0x6a, 0xf1, 0x61, 0x9b, 0x14, 0x1e, 0x58, 0xd8, 0xa7, 0x5e,
+    0x21, 0x3c, 0x69, 0x41, 0x55, 0x7c, 0x4d, 0xac, 0xd9, 0xe1, 0x5c, 0x72, 0x2a, 0xae, 0x05, 0x30,
+    0x22, 0x43, 0x26, 0xe5, 0x65, 0x78, 0x24, 0x4b, 0xd2, 0x6f, 0x84, 0xc6, 0xbc, 0x34, 0x20, 0x82,
+    0x23, 0xd7, 0xa2, 0x38, 0x75, 0xc5, 0x03, 0x16, 0x6a, 0x15, 0xcc, 0xaa, 0xce, 0x42, 0x82, 0xec,
+    0x24, 0xbd, 0xb8, 0x6e, 0x05, 0x70, 0xf6, 0x46, 0xc4, 0xb0, 0xf7, 0x6d, 0x53, 0xc3, 0x6a, 0x25,
+    0x25, 0x29, 0x3c, 0xb3, 0x15, 0xcd, 0xd1, 0x1b, 0x7c, 0xca, 0xbf, 0x01, 0x21, 0xb5, 0xc8, 0x4b,
+    0x26, 0x56, 0x73, 0x17, 0x25, 0xc9, 0xb8, 0xfc, 0x77, 0x44, 0x67, 0xb5, 0xb7, 0x2f, 0xed, 0xf9,
+    0x27, 0xc2, 0xf7, 0xca, 0x35, 0x74, 0x9f, 0xa1, 0xcf, 0x3e, 0x2f, 0xd9, 0xc5, 0x59, 0x4f, 0x97,
+    0x28, 0x82, 0x47, 0xbb, 0xc5, 0x60, 0x91, 0x5c, 0xe8, 0xcd, 0x11, 0xf8, 0x4e, 0xee, 0xfe, 0xa8,
+    0x29, 0x16, 0xc3, 0x66, 0xd5, 0xdd, 0xb6, 0x01, 0x50, 0xb7, 0x59, 0x94, 0x3c, 0x98, 0x5c, 0xc6,
+    0x2a, 0x69, 0x8c, 0xc2, 0xe5, 0xd9, 0xdf, 0xe6, 0x5b, 0x39, 0x81, 0x20, 0xaa, 0x02, 0x79, 0x74,
+    0x2b, 0xfd, 0x08, 0x1f, 0xf5, 0x64, 0xf8, 0xbb, 0xe3, 0x43, 0xc9, 0x4c, 0xd8, 0x74, 0xdb, 0x1a,
+    0x2c, 0x97, 0x12, 0x49, 0x85, 0xd1, 0x0d, 0xeb, 0x4d, 0xe6, 0xf2, 0x8b, 0x45, 0xf5, 0x33, 0xd3,
+    0x2d, 0x03, 0x96, 0x94, 0x95, 0x6c, 0x2a, 0xb6, 0xf5, 0x9c, 0xba, 0xe7, 0x37, 0x83, 0x91, 0xbd,
+    0x2e, 0x7c, 0xd9, 0x30, 0xa5, 0x68, 0x43, 0x51, 0xfe, 0x12, 0x62, 0x53, 0xa1, 0x19, 0xb4, 0x0f,
+    0x2f, 0xe8, 0x5d, 0xed, 0xb5, 0xd5, 0x64, 0x0c, 0x46, 0x68, 0x2a, 0x3f, 0xd3, 0x6f, 0x16, 0x61,
+    0x30, 0xfc, 0x7a, 0xd2, 0x86, 0x40, 0x5f, 0x68, 0xb0, 0x37, 0x1e, 0x11, 0x74, 0xb4, 0x15, 0x71,
+    0x31, 0x68, 0xfe, 0x0f, 0x96, 0xfd, 0x78, 0x35, 0x08, 0x4d, 0x56, 0x7d, 0x06, 0xc2, 0xb7, 0x1f,
+    0x32, 0x17, 0xb1, 0xab, 0xa6, 0xf9, 0x11, 0xd2, 0x03, 0xc3, 0x8e, 0xc9, 0x90, 0x58, 0x92, 0xad,
+    0x33, 0x83, 0x35, 0x76, 0xb6, 0x44, 0x36, 0x8f, 0xbb, 0xb9, 0xc6, 0xa5, 0xe2, 0x2e, 0x30, 0xc3,
+    0x34, 0xe9, 0x2f, 0x20, 0xc6, 0xf1, 0xc3, 0xdf, 0x15, 0x1c, 0xfd, 0x62, 0x7f, 0xaf, 0xd8, 0x0a,
+    0x35, 0x7d, 0xab, 0xfd, 0xd6, 0x4c, 0xe4, 0x82, 0xad, 0x66, 0xb5, 0x0e, 0x0d, 0xd9, 0x7a, 0x64,
+    0x36, 0x02, 0xe4, 0x59, 0xe6, 0x48, 0x8d, 0x65, 0xa6, 0xe8, 0x6d, 0xba, 0x9b, 0x43, 0x5f, 0xd6,
+    0x37, 0x96, 0x60, 0x84, 0xf6, 0xf5, 0xaa, 0x38, 0x1e, 0x92, 0x25, 0xd6, 0xe9, 0x35, 0xfd, 0xb8,
+    0x38, 0xd6, 0xd0, 0xf5, 0x06, 0xe1, 0xa4, 0xc5, 0x39, 0x61, 0x1b, 0xf7, 0x62, 0x82, 0x4c, 0x87,
+    0x39, 0x42, 0x54, 0x28, 0x16, 0x5c, 0x83, 0x98, 0x81, 0x1b, 0x53, 0x9b, 0x10, 0xf4, 0xee, 0xe9,
+    0x3a, 0x3d, 0x1b, 0x8c, 0x26, 0x58, 0xea, 0x7f, 0x8a, 0x95, 0x8b, 0x2f, 0x86, 0x6e, 0xcb, 0x5b,
+    0x3b, 0xa9, 0x9f, 0x51, 0x36, 0xe5, 0xcd, 0x22, 0x32, 0xef, 0xc3, 0x43, 0xf4, 0x18, 0x69, 0x35,
+    0x3c, 0xc3, 0x85, 0x07, 0x46, 0x50, 0x38, 0x72, 0x9c, 0x4a, 0xf8, 0x84, 0x69, 0x99, 0x81, 0xfc,
+    0x3d, 0x57, 0x01, 0xda, 0x56, 0xed, 0x1f, 0x2f, 0x24, 0x30, 0xb0, 0xe8, 0x1b, 0xef, 0x23, 0x92,
+    0x3e, 0x28, 0x4e, 0x7e, 0x66, 0xe9, 0x76, 0xc8, 0x2f, 0xbe, 0x68, 0x5c, 0x8d, 0x75, 0x06, 0x20,
+    0x3f, 0xbc, 0xca, 0xa3, 0x76, 0x54, 0x51, 0x95, 0x97, 0xc4, 0x20, 0x30, 0xff, 0x03, 0xa4, 0x4e,
+    0x40, 0x93, 0x19, 0xfb, 0x8a, 0x41, 0xd4, 0x21, 0xc2, 0xf5, 0x28, 0x3c, 0xb0, 0x73, 0x8d, 0xbc,
+    0x41, 0x07, 0x9d, 0x26, 0x9a, 0xfc, 0xf3, 0x7c, 0x7a, 0x8f, 0x60, 0x50, 0xc2, 0x05, 0x2f, 0xd2,
+    0x42, 0x78, 0xd2, 0x82, 0xaa, 0xf8, 0x9a, 0x9b, 0x71, 0x01, 0xb8, 0xe4, 0x54, 0x9f, 0x0a, 0x60,
+    0x43, 0xec, 0x56, 0x5f, 0xba, 0x45, 0xbd, 0xc6, 0xc9, 0x7b, 0xf0, 0x88, 0x26, 0xe9, 0xa8, 0x0e,
+    0x44, 0x86, 0x4c, 0x09, 0xca, 0xf0, 0x48, 0x96, 0x67, 0xde, 0xcb, 0x4f, 0xbb, 0x68, 0x40, 0xc7,
+    0x45, 0x12, 0xc8, 0xd4, 0xda, 0x4d, 0x6f, 0xcb, 0xdf, 0xa4, 0x83, 0x23, 0xc9, 0x1e, 0xe2, 0xa9,
+    0x46, 0x6d, 0x87, 0x70, 0xea, 0x49, 0x06, 0x2c, 0xd4, 0x2a, 0x5b, 0x97, 0x5f, 0x84, 0xc7, 0x1b,
+    0x47, 0xf9, 0x03, 0xad, 0xfa, 0xf4, 0x21, 0x71, 0x6c, 0x50, 0x13, 0xfb, 0x2d, 0xf2, 0x65, 0x75,
+    0x48, 0xb9, 0xb3, 0xdc, 0x0a, 0xe0, 0x2f, 0x8c, 0x4b, 0xa3, 0x2d, 0xda, 0xa6, 0x45, 0xd4, 0x4a,
+    0x49, 0x2d, 0x37, 0x01, 0x1a, 0x5d, 0x08, 0xd1, 0xf3, 0xd9, 0x65, 0xb6, 0xd4, 0x33, 0x76, 0x24,
+    0x4a, 0x52, 0x78, 0xa5, 0x2a, 0x59, 0x61, 0x36, 0xf8, 0x57, 0xbd, 0x02, 0x42, 0xa9, 0x53, 0x96,
+    0x4b, 0xc6, 0xfc, 0x78, 0x3a, 0xe4, 0x46, 0x6b, 0x40, 0x2d, 0xf5, 0x6e, 0x30, 0xdf, 0xf1, 0xf8,
+    0x4c, 0xac, 0xe6, 0x2e, 0x4a, 0x51, 0xb3, 0x3b, 0xee, 0x88, 0xce, 0xa9, 0xad, 0x5e, 0x19, 0x31,
+    0x4d, 0x38, 0x62, 0xf3, 0x5a, 0xec, 0x94, 0x66, 0x56, 0xf2, 0x86, 0xc5, 0xdf, 0x28, 0xbb, 0x5f,
+    0x4e, 0x47, 0x2d, 0x57, 0x6a, 0xe8, 0xfd, 0x81, 0x5d, 0x7c, 0x5e, 0x71, 0x49, 0xb2, 0x9e, 0xed,
+    0x4f, 0xd3, 0xa9, 0x8a, 0x7a, 0x55, 0xda, 0xdc, 0xe5, 0x06, 0x16, 0x1d, 0x3b, 0xc4, 0x3c, 0x83,
+    0x50, 0xc7, 0x8e, 0xb5, 0x49, 0xc0, 0xe1, 0xb8, 0x13, 0x59, 0x22, 0x33, 0x9c, 0x1f, 0x3f, 0x93,
+    0x51, 0x53, 0x0a, 0x68, 0x59, 0x7d, 0xc6, 0xe5, 0xab, 0x23, 0x6a, 0x5f, 0xee, 0x69, 0x9d, 0xfd,
+    0x52, 0x2c, 0x45, 0xcc, 0x69, 0x79, 0xaf, 0x02, 0xa0, 0xad, 0xb2, 0xeb, 0x78, 0xf3, 0xb8, 0x4f,
+    0x53, 0xb8, 0xc1, 0x11, 0x79, 0xc4, 0x88, 0x5f, 0x18, 0xd7, 0xfa, 0x87, 0x0a, 0x85, 0x1a, 0x21,
+    0x54, 0xd2, 0xdb, 0x47, 0x09, 0x71, 0x7d, 0x0f, 0xb6, 0x72, 0xc1, 0x40, 0x97, 0x04, 0xf2, 0xe8,
+    0x55, 0x46, 0x5f, 0x9a, 0x19, 0xcc, 0x5a, 0x52, 0x0e, 0x08, 0x89, 0x2c, 0xe5, 0x72, 0x50, 0x86,
+    0x56, 0x39, 0x10, 0x3e, 0x29, 0xc8, 0x33, 0xb5, 0x05, 0x86, 0x51, 0x98, 0x73, 0xe8, 0x75, 0x34,
+    0x57, 0xad, 0x94, 0xe3, 0x39, 0x75, 0x14, 0xe8, 0xbd, 0xfc, 0x19, 0xf4, 0x01, 0x9e, 0xd7, 0x5a,
+    0x58, 0xed, 0x24, 0x92, 0xc9, 0x61, 0x1a, 0x15, 0x9a, 0x0f, 0x27, 0xd5, 0x8a, 0x29, 0x66, 0x65,
+    0x59, 0x79, 0xa0, 0x4f, 0xd9, 0xdc, 0x3d, 0x48, 0x22, 0x75, 0x6f, 0xb9, 0xf8, 0x5f, 0xc4, 0x0b,
+    0x5a, 0x06, 0xef, 0xeb, 0xe9, 0xd8, 0x54, 0xaf, 0x29, 0xfb, 0xb7, 0x0d, 0x6e, 0xc5, 0xe1, 0xb9,
+    0x5b, 0x92, 0x6b, 0x36, 0xf9, 0x65, 0x73, 0xf2, 0x91, 0x81, 0xff, 0x61, 0x1c, 0xb3, 0x43, 0xd7,
+    0x5c, 0xf8, 0x71, 0x60, 0x89, 0xd0, 0x86, 0xa2, 0x3f, 0x24, 0xc4, 0xa6, 0x81, 0x32, 0xab, 0x1e,
+    0x5d, 0x6c, 0xf5, 0xbd, 0x99, 0x6d, 0xa1, 0xff, 0x87, 0x5e, 0x8c, 0xca, 0xf3, 0x44, 0x09, 0x70,
+    0x5e, 0x13, 0xba, 0x19, 0xa9, 0x69, 0xc8, 0x18, 0x8c, 0xd0, 0x54, 0x7e, 0x65, 0xde, 0x2c, 0xc2,
+    0x5f, 0x87, 0x3e, 0xc4, 0xb9, 0xd4, 0xef, 0x45, 0x34, 0xaa, 0x1c, 0x12, 0x17, 0xa8, 0x8e, 0xac,
+    0x60, 0x3b, 0xf4, 0x67, 0xcf, 0x80, 0xbe, 0xd0, 0xa3, 0x6e, 0x3c, 0x22, 0xe8, 0xab, 0x2a, 0xe2,
+    0x61, 0xaf, 0x70, 0xba, 0xdf, 0x3d, 0x99, 0x8d, 0x1b, 0x14, 0x74, 0x4e, 0x9a, 0xdd, 0x88, 0x8c,
+    0x62, 0xd0, 0x3f, 0x1e, 0xef, 0x39, 0xf0, 0x6a, 0x10, 0x9a, 0xac, 0xfa, 0x0c, 0x47, 0xad, 0x3e,
+    0x63, 0x44, 0xbb, 0xc3, 0xff, 0x84, 0xd7, 0x37, 0xa8, 0xe0, 0xe4, 0x96, 0x7e, 0x31, 0x0f, 0x50,
+    0x64, 0x2e, 0xa1, 0x95, 0x8f, 0x31, 0x22, 0x67, 0x06, 0x45, 0xdf, 0x51, 0xe3, 0xb0, 0xe7, 0x99,
+    0x65, 0xba, 0x25, 0x48, 0x9f, 0x8c, 0x05, 0x3a, 0xbe, 0x3f, 0x97, 0x3d, 0x91, 0xc6, 0x45, 0xf7,
+    0x66, 0xc5, 0x6a, 0xec, 0xaf, 0x88, 0x6c, 0xdd, 0xb5, 0xb1, 0x4f, 0x89, 0x07, 0x5c, 0x60, 0x45,
+    0x67, 0x51, 0xee, 0x31, 0xbf, 0x35, 0x4b, 0x80, 0x0d, 0xcb, 0x07, 0xe5, 0x75, 0x2a, 0xc2, 0x2b,
+    0x68, 0x11, 0x5e, 0x40, 0x4f, 0x21, 0x45, 0x7d, 0x2a, 0x38, 0x39, 0xc4, 0xfe, 0x9d, 0x73, 0x14,
+    0x69, 0x85, 0xda, 0x9d, 0x5f, 0x9c, 0x62, 0x20, 0x92, 0x42, 0x71, 0xa8, 0x8c, 0xeb, 0xd1, 0x7a,
+    0x6a, 0xfa, 0x95, 0x39, 0x6f, 0x98, 0x0b, 0xc7, 0x99, 0xcc, 0xa9, 0x1c, 0x1a, 0x71, 0xf4, 0xc8,
+    0x6b, 0x6e, 0x11, 0xe4, 0x7f, 0x25, 0x2c, 0x9a, 0x21, 0xb6, 0xe1, 0x70, 0x68, 0x07, 0x56, 0xa6,
+    0x6c, 0x04, 0x0b, 0xb2, 0x0f, 0x90, 0xd9, 0xca, 0x8f, 0x13, 0xda, 0xb7, 0xf5, 0x86, 0xbe, 0x6f,
+    0x6d, 0x90, 0x8f, 0x6f, 0x1f, 0x2d, 0xfe, 0x97, 0x37, 0x69, 0x92, 0xdb, 0x87, 0xf0, 0x1c, 0x01,
+    0x6e, 0xef, 0xc0, 0xcb, 0x2f, 0x29, 0x97, 0x70, 0x3c, 0xe7, 0x4a, 0x6f, 0x11, 0x6a, 0x39, 0xb3,
+    0x6f, 0x7b, 0x44, 0x16, 0x3f, 0x94, 0xb0, 0x2d, 0x84, 0x9d, 0x02, 0x03, 0x63, 0x1c, 0x9b, 0xdd,
+    0x70, 0x6f, 0x63, 0x29, 0x0c, 0x01, 0x8b, 0x49, 0x72, 0xc2, 0x36, 0x2d, 0xc4, 0xc7, 0x98, 0xcd,
+    0x71, 0xfb, 0xe7, 0xf4, 0x1c, 0xbc, 0xac, 0x14, 0xca, 0xb8, 0x7e, 0x41, 0xb6, 0xb1, 0x3a, 0xa3,
+    0x72, 0x84, 0xa8, 0x50, 0x2c, 0xb8, 0xc5, 0xf3, 0xc1, 0x36, 0xa6, 0xf5, 0x20, 0x2b, 0x1f, 0x11,
+    0x73, 0x10, 0x2c, 0x8d, 0x3c, 0x05, 0xe2, 0xae, 0x79, 0x4c, 0xee, 0x99, 0x52, 0x5d, 0xbd, 0x7f,
+    0x74, 0x7a, 0x36, 0xdb, 0x4c, 0xb0, 0x17, 0xfe, 0xd7, 0xe9, 0xd5, 0x5e, 0xcf, 0xdc, 0x55, 0xb6,
+    0x75, 0xee, 0xb2, 0x06, 0x5c, 0x0d, 0x30, 0xa3, 0x6f, 0x93, 0x9d, 0x32, 0xbd, 0xaa, 0xf7, 0xd8,
+    0x76, 0x91, 0xfd, 0xa2, 0x6c, 0x09, 0x59, 0x44, 0x64, 0x1d, 0x45, 0x86, 0x2b, 0x30, 0xd2, 0x6a,
+    0x77, 0x05, 0x79, 0x7f, 0x7c, 0xb4, 0x7e, 0x19, 0xdc, 0x67, 0x0d, 0xea, 0x59, 0x46, 0x70, 0x04,
+    0x78, 0x45, 0xc9, 0x0e, 0x8c, 0xa0, 0x70, 0xe4, 0xfb, 0x94, 0x33, 0xcb, 0xd2, 0xf1, 0xc1, 0x3b,
+    0x79, 0xd1, 0x4d, 0xd3, 0x9c, 0x1d, 0x57, 0xb9, 0x43, 0xee, 0x7b, 0xa7, 0xa0, 0x87, 0x63, 0x55,
+    0x7a, 0xae, 0x02, 0x77, 0xac, 0x19, 0x3e, 0x5e, 0x48, 0x60, 0xa3, 0x13, 0x36, 0x1d, 0x46, 0xe7,
+    0x7b, 0x3a, 0x86, 0xaa, 0xbc, 0xa4, 0x19, 0x03, 0xf0, 0x1a, 0xeb, 0x7f, 0x44, 0x6b, 0xe4, 0x89,
+    0x7c, 0x50, 0x9c, 0xfc, 0xcc, 0x11, 0xec, 0x53, 0x5e, 0xbf, 0xd0, 0xb8, 0xd9, 0xea, 0x0c, 0x40,
+    0x7d, 0xc4, 0x18, 0x21, 0xdc, 0xac, 0xcb, 0x0e, 0xe6, 0xc5, 0x98, 0xd4, 0xab, 0x9c, 0xae, 0x2e,
+    0x7e, 0xbb, 0x57, 0x85, 0xec, 0xa8, 0xa2, 0xe9, 0xed, 0x4b, 0x40, 0x60, 0x3d, 0x06, 0x8b, 0x9c,
+    0x7f, 0x2f, 0xd3, 0x58, 0xfc, 0x15, 0x85, 0xb4, 0x55, 0x31, 0x08, 0x0c, 0x4f, 0x70, 0x29, 0xf2,
+    0x80, 0xe5, 0x32, 0x35, 0xd7, 0x82, 0x6b, 0x42, 0x47, 0x29, 0x50, 0x78, 0xa3, 0xe6, 0xd9, 0xbb,
+    0x81, 0x71, 0xb6, 0xe8, 0xc7, 0x3f, 0x4c, 0x1f, 0xff, 0x53, 0x18, 0x14, 0xd1, 0x90, 0x7b, 0xd5,
+    0x82, 0x0e, 0xf9, 0x4c, 0xf7, 0x3b, 0x25, 0xf8, 0xf4, 0xdd, 0xc0, 0xa0, 0x47, 0x0a, 0x5e, 0x67,
+    0x83, 0x9a, 0x7d, 0x91, 0xe7, 0x86, 0x02, 0xa5, 0x4c, 0xa7, 0x88, 0xcc, 0x35, 0x7c, 0xfc, 0x09,
+    0x84, 0xf0, 0x67, 0xc7, 0x97, 0x33, 0xf7, 0xf5, 0xe2, 0x02, 0xb3, 0x0b, 0xa8, 0xfd, 0x14, 0xc0,
+    0x85, 0x64, 0xe3, 0x1a, 0x87, 0x8e, 0xd0, 0xa8, 0x5a, 0x78, 0xfb, 0x67, 0xda, 0x8b, 0xb6, 0xae,
+    0x86, 0x1b, 0xac, 0xbe, 0xb7, 0x8a, 0xb9, 0x4f, 0x51, 0xf6, 0x23, 0xd3, 0x4c, 0x11, 0x93, 0x1c,
+    0x87, 0x8f, 0x28, 0x63, 0xa7, 0x37, 0x9e, 0x12, 0xe9, 0x8c, 0x6b, 0xbf, 0x3e, 0x67, 0x31, 0x72,
+    0x88, 0xcf, 0x98, 0x12, 0x57, 0x23, 0x90, 0xef, 0xce, 0x7f, 0x55, 0x9e, 0xb5, 0xd0, 0x80, 0x4d,
+    0x89, 0x5b, 0x1c, 0xcf, 0x47, 0x9e, 0xb7, 0xb2, 0x76, 0x05, 0x1d, 0xf2, 0xc7, 0xa6, 0x22, 0x23,
+    0x8a, 0x24, 0x53, 0x6b, 0x77, 0x9a, 0xde, 0x55, 0x7d, 0x8b, 0xc5, 0x46, 0x51, 0x3c, 0x07, 0x91,
+    0x8b, 0xb0, 0xd7, 0xb6, 0x67, 0x27, 0xf9, 0x08, 0xc5, 0xf1, 0x8d, 0x2a, 0x23, 0x4a, 0xa5, 0xff,
+    0x8c, 0xda, 0xcd, 0xe0, 0x17, 0x92, 0x0c, 0x58, 0x6b, 0x54, 0xb6, 0xed, 0xbe, 0xcb, 0x4d, 0x36,
+    0x8d, 0x4e, 0x49, 0x3d, 0x07, 0x2f, 0x2b, 0x05, 0xd3, 0x2e, 0xfe, 0x81, 0xcc, 0xbd, 0xef, 0x58,
+    0x8e, 0x31, 0x06, 0x99, 0x37, 0x2b, 0x42, 0xe2, 0xd8, 0xa0, 0x26, 0x35, 0x5a, 0x27, 0xca, 0xea,
+    0x8f, 0xa5, 0x82, 0x44, 0x27, 0x96, 0x65, 0xbf, 0x60, 0xda, 0x6e, 0x59, 0x28, 0x51, 0x68, 0x84,
+    0x90, 0xb1, 0xa5, 0x7b, 0x14, 0x03, 0x5e, 0xdb, 0x96, 0x85, 0x5a, 0x77, 0x8f, 0x8a, 0x6b, 0x94,
+    0x91, 0x25, 0x21, 0xa6, 0x04, 0xbe, 0x79, 0x86, 0x2e, 0xff, 0x12, 0x1b, 0xfd, 0xfc, 0xc9, 0xfa,
+    0x92, 0x5a, 0x6e, 0x02, 0x34, 0xba, 0x10, 0x61, 0x25, 0x71, 0xca, 0xaf, 0x6b, 0x66, 0xec, 0x48,
+    0x93, 0xce, 0xea, 0xdf, 0x24, 0x07, 0x37, 0x3c, 0x9d, 0x0b, 0x82, 0xc3, 0x19, 0x10, 0x4e, 0x26,
+    0x94, 0xa4, 0xf0, 0x89, 0x54, 0xb2, 0xc2, 0x6c, 0x33, 0xae, 0xb9, 0x04, 0x84, 0x91, 0xa6, 0xef,
+    0x95, 0x30, 0x74, 0x54, 0x44, 0x0f, 0xe5, 0x31, 0x8b, 0xd4, 0xf1, 0x68, 0xf6, 0xe7, 0x04, 0x81,
+    0x96, 0x4f, 0x3b, 0xf0, 0x74, 0x0b, 0x8c, 0xd6, 0x80, 0x5a, 0x29, 0xdc, 0x60, 0x7d, 0x21, 0x33,
+    0x97, 0xdb, 0xbf, 0x2d, 0x64, 0xb6, 0xab, 0x8b, 0x38, 0x20, 0x61, 0xb0, 0x12, 0x0b, 0x83, 0x5d,
+    0x98, 0x9b, 0x0f, 0x5c, 0x94, 0xa2, 0xa5, 0x76, 0x1f, 0xd3, 0x5f, 0x91, 0x99, 0xbc, 0x32, 0x62,
+    0x99, 0x0f, 0x8b, 0x81, 0x84, 0x1f, 0x82, 0x2b, 0xa7, 0xa9, 0x17, 0xfd, 0xeb, 0xca, 0x90, 0x0c,
+    0x9a, 0x70, 0xc4, 0x25, 0xb4, 0x1b, 0xeb, 0xcc, 0xac, 0x27, 0xcf, 0x49, 0x7d, 0x50, 0xb5, 0xbe,
+    0x9b, 0xe4, 0x40, 0xf8, 0xa4, 0xa6, 0xcc, 0x91, 0x14, 0x5d, 0x87, 0x25, 0x0f, 0x26, 0x17, 0xd0,
+    0x9c, 0x8e, 0x5a, 0xae, 0xd4, 0x13, 0x39, 0xc1, 0xba, 0xf8, 0xbc, 0xe2, 0x92, 0xa7, 0xff, 0x19,
+    0x9d, 0x1a, 0xde, 0x73, 0xc4, 0xae, 0x1e, 0x9c, 0x02, 0x82, 0xf4, 0x8e, 0xe0, 0xd1, 0x5d, 0x77,
+    0x9e, 0x65, 0x91, 0xd7, 0xf4, 0xaa, 0x77, 0x7b, 0x09, 0x0c, 0x2c, 0x3a, 0x76, 0x4b, 0x78, 0xc5,
+    0x9f, 0xf1, 0x15, 0x0a, 0xe4, 0x17, 0x50, 0x26, 0xb1, 0x76, 0x64, 0x56, 0x04, 0x3d, 0xda, 0xab,
+    0xa0, 0x4d, 0xdf, 0xa9, 0x92, 0x43, 0x01, 0xb3, 0x26, 0xb2, 0x44, 0x66, 0xfb, 0x3e, 0x7e, 0xe5,
+    0xa1, 0xd9, 0x5b, 0x74, 0x82, 0xfe, 0x26, 0xee, 0x9e, 0xc8, 0x0c, 0x0a, 0x89, 0x48, 0xdc, 0x8b,
+    0xa2, 0xa6, 0x14, 0xd0, 0xb2, 0xfa, 0x4f, 0x09, 0x95, 0x46, 0xd4, 0xbe, 0x1f, 0xd2, 0xf9, 0x39,
+    0xa3, 0x32, 0x90, 0x0d, 0xa2, 0x47, 0x68, 0x54, 0x2d, 0x3c, 0x9c, 0xd2, 0x6d, 0xa4, 0x5b, 0x57,
+    0xa4, 0x58, 0x8a, 0x5b, 0xd2, 0xf2, 0x9d, 0x04, 0x83, 0x99, 0xa7, 0x15, 0xf0, 0x25, 0xb3, 0x9e,
+    0xa5, 0xcc, 0x0e, 0x86, 0xc2, 0x4f, 0xba, 0x59, 0x3b, 0xe3, 0xef, 0x79, 0x82, 0x53, 0x11, 0xf0,
+    0xa6, 0xb3, 0x41, 0x22, 0xf2, 0x4b, 0xd3, 0xbe, 0x30, 0x6d, 0x37, 0xcd, 0x14, 0xc9, 0x34, 0x42,
+    0xa7, 0x27, 0xc5, 0xff, 0xe2, 0xf6, 0xf4, 0xe3, 0x88, 0x17, 0x7f, 0xa1, 0x66, 0xbf, 0x96, 0x2c,
+    0xa8, 0x67, 0x75, 0x8e, 0x12, 0xe2, 0xfa, 0x1e, 0xaf, 0xe4, 0x41, 0x80, 0xed, 0x08, 0x27, 0x13,
+    0xa9, 0xf3, 0xf1, 0x53, 0x02, 0x5f, 0xdd, 0x43, 0x17, 0x9e, 0x09, 0xec, 0x9f, 0x7e, 0x85, 0x7d,
+    0xaa, 0x8c, 0xbe, 0xf7, 0x32, 0x5b, 0xb4, 0xa4, 0x1c, 0x10, 0xd1, 0x58, 0x09, 0xe4, 0xa0, 0xcf,
+    0xab, 0x18, 0x3a, 0x2a, 0x22, 0xe6, 0x93, 0xf9, 0xa4, 0x6a, 0x99, 0x34, 0x7b, 0x92, 0x02, 0xa1,
+    0xac, 0x72, 0x20, 0x7c, 0x52, 0x53, 0x66, 0xa9, 0x0a, 0xcf, 0xa2, 0xf3, 0xe6, 0x13, 0xea, 0x68,
+    0xad, 0xe6, 0xa4, 0xa1, 0x42, 0xee, 0x41, 0xf4, 0xb2, 0xb5, 0xea, 0x9f, 0x94, 0x65, 0x48, 0x06,
+    0xae, 0x99, 0xeb, 0x05, 0x72, 0xea, 0x28, 0x13, 0xb9, 0x3b, 0x32, 0x2b, 0x02, 0xff, 0x6d, 0xb4,
+    0xaf, 0x0d, 0x6f, 0xd8, 0x62, 0x57, 0x0f, 0x4e, 0x01, 0x41, 0x7a, 0x47, 0x70, 0x89, 0xcf, 0xda,
+    0xb0, 0x19, 0x48, 0xe7, 0x51, 0xc2, 0x34, 0x2a, 0xf7, 0x1e, 0x4e, 0x69, 0xd7, 0x52, 0xcc, 0xca,
+    0xb1, 0x8d, 0xcc, 0x3a, 0x41, 0x7f, 0x13, 0x77, 0x4f, 0x64, 0x06, 0x05, 0xa5, 0x24, 0x6e, 0xa4,
+    0xb2, 0xf2, 0x83, 0x9e, 0x71, 0x7b, 0x7a, 0x90, 0x44, 0xea, 0xde, 0xb1, 0x33, 0xbe, 0x4b, 0x16,
+    0xb3, 0x66, 0x07, 0x43, 0x61, 0xc6, 0x5d, 0xcd, 0xfc, 0x90, 0x96, 0xdd, 0x41, 0xc8, 0xe9, 0x78,
+    0xb4, 0x0c, 0x1d, 0x15, 0x11, 0x73, 0xa8, 0x9d, 0x52, 0x35, 0xad, 0x1a, 0xdc, 0x49, 0x01, 0xb1,
+    0xb5, 0x98, 0x99, 0xc8, 0x01, 0xce, 0x8f, 0xc0, 0xea, 0x4f, 0xe5, 0x76, 0xae, 0x3f, 0xa3, 0xdf,
+    0xb6, 0xe7, 0xd6, 0x6c, 0x31, 0xca, 0xe6, 0x27, 0xe1, 0xc1, 0x3d, 0xc2, 0x38, 0xa5, 0x86, 0x6d,
+    0xb7, 0x73, 0x52, 0xb1, 0x21, 0x77, 0xc1, 0x7a, 0x59, 0xbb, 0x75, 0xae, 0x4a, 0xd3, 0x24, 0x03,
+    0xb8, 0x33, 0xe2, 0xc0, 0xd1, 0x63, 0xcf, 0x87, 0x7e, 0x48, 0x4b, 0x8f, 0xc1, 0x64, 0x95, 0x3c,
+    0xb9, 0xa7, 0x66, 0x1d, 0xc1, 0xde, 0xe8, 0xda, 0xc6, 0x32, 0x03, 0xe3, 0xb3, 0x12, 0x37, 0x52,
+    0xba, 0xd8, 0x29, 0xb9, 0xf1, 0xda, 0x81, 0x3d, 0xcd, 0xbc, 0xdb, 0x57, 0x25, 0x88, 0x12, 0xe0,
+    0xbb, 0x4c, 0xad, 0x64, 0xe1, 0x67, 0xa6, 0x60, 0x75, 0xc6, 0x93, 0x3b, 0x57, 0xfe, 0xb0, 0x8e,
+    0xbc, 0x26, 0xb7, 0x32, 0x91, 0xd2, 0x53, 0x30, 0xdb, 0x63, 0xa8, 0xfc, 0xca, 0x7f, 0x58, 0x47,
+    0xbd, 0xb2, 0x33, 0xef, 0x81, 0x6f, 0x74, 0x6d, 0x63, 0x19, 0xe0, 0x90, 0xb8, 0x09, 0xfa, 0x29,
+    0xbe, 0xcd, 0x7c, 0x4b, 0xb1, 0x6b, 0x1d, 0x8a, 0x68, 0x97, 0x38, 0x24, 0x2e, 0x93, 0xdf, 0x9b,
+    0xbf, 0x59, 0xf8, 0x96, 0xa1, 0xd6, 0x3a, 0xd7, 0xd0, 0xed, 0x70, 0x48, 0x5c, 0xe5, 0x7d, 0xf5,
+    0xc0, 0x76, 0x2b, 0xce, 0x5d, 0xc3, 0xbf, 0x63, 0x85, 0xdc, 0x78, 0x44, 0x13, 0x95, 0x54, 0x07,
+    0xc1, 0xe2, 0xaf, 0x13, 0x4d, 0x7e, 0x98, 0x3e, 0x3d, 0xa6, 0x30, 0x28, 0x61, 0xe3, 0xf6, 0x69,
+    0xc2, 0x9d, 0xe0, 0xb7, 0x7d, 0x7a, 0xf1, 0xd9, 0x36, 0x28, 0xe8, 0x9c, 0xf7, 0x79, 0xd3, 0xdb,
+    0xc3, 0x09, 0x64, 0x6a, 0x6d, 0xc7, 0xd6, 0x84, 0x8e, 0x52, 0xa0, 0xf0, 0x85, 0x0f, 0x71, 0xb5,
+    0xc4, 0x63, 0x7e, 0x3c, 0x1d, 0x72, 0x23, 0xd4, 0x20, 0xf7, 0x9b, 0x37, 0x18, 0x8e, 0x99, 0x7c,
+    0xc5, 0xf7, 0xfa, 0xe1, 0x0d, 0xcf, 0x04, 0x89, 0x98, 0x8d, 0xd3, 0x5b, 0x6a, 0xf8, 0x3b, 0x12,
+    0xc6, 0x88, 0xb5, 0x45, 0x3d, 0xcb, 0x6d, 0x6e, 0x93, 0x03, 0x0b, 0xef, 0xfc, 0x62, 0x1e, 0xa0,
+    0xc7, 0x1c, 0x31, 0x98, 0x2d, 0x76, 0x4a, 0x33, 0x2b, 0x79, 0x43, 0x83, 0x8e, 0x14, 0xbc, 0xce,
+    0xc8, 0x5c, 0x81, 0xe9, 0xdd, 0x62, 0x44, 0xce, 0x0c, 0x8a, 0x7d, 0xa2, 0x05, 0xa3, 0x0d, 0xf1,
+    0xc9, 0xc8, 0x05, 0x34, 0xcd, 0xdf, 0x63, 0x93, 0xb4, 0xf0, 0x35, 0xce, 0x77, 0xd5, 0xaf, 0x9f,
+    0xca, 0xb7, 0x4a, 0x90, 0xfd, 0xdb, 0x0a, 0x74, 0xbf, 0x7e, 0xed, 0x7a, 0xe1, 0x4f, 0x8a, 0x2d,
+    0xcb, 0x23, 0xce, 0x4d, 0xed, 0x66, 0x2d, 0x29, 0x07, 0x04, 0xa5, 0x16, 0x93, 0x39, 0x28, 0x43,
+    0xcc, 0x49, 0xd4, 0x1b, 0x9d, 0xd3, 0xd8, 0x79, 0xa9, 0xa1, 0x9e, 0xd1, 0x0e, 0xb8, 0xc0, 0x8a,
+    0xcd, 0xdd, 0x50, 0xc6, 0x8d, 0x6e, 0xff, 0x24, 0x11, 0xdb, 0xd6, 0xbd, 0x7c, 0xce, 0x62, 0xe4,
+    0xce, 0xa2, 0x1f, 0x62, 0xbd, 0x6a, 0x96, 0xc3, 0x1a, 0x55, 0x0e, 0x09, 0xea, 0x54, 0x47, 0x56,
+    0xcf, 0x36, 0x9b, 0xbf, 0xad, 0xd7, 0xb1, 0x9e, 0xa2, 0x2f, 0x46, 0x65, 0x98, 0x22, 0xe5, 0x38,
+    0xd0, 0x22, 0xbc, 0x80, 0x9e, 0x42, 0x8a, 0xfa, 0x54, 0x70, 0x72, 0x4b, 0x3f, 0xf9, 0xe6, 0x28,
+    0xd1, 0xb6, 0x38, 0x5d, 0x8e, 0xff, 0xad, 0xa7, 0xec, 0x0a, 0x3a, 0x27, 0x4d, 0x8f, 0x44, 0x46,
+    0xd2, 0xc9, 0x77, 0xf9, 0xbe, 0xfb, 0xc4, 0x40, 0xe7, 0x84, 0xe2, 0x93, 0xdb, 0x15, 0x61, 0xf4,
+    0xd3, 0x5d, 0xf3, 0x24, 0xae, 0x46, 0xe3, 0x1d, 0x5f, 0xfe, 0xaa, 0xff, 0xa9, 0x63, 0xc3, 0x9a,
+    0xd4, 0x37, 0xe9, 0x72, 0xde, 0xf3, 0x16, 0x4d, 0xf1, 0x5b, 0x91, 0x38, 0x34, 0xe2, 0x2b, 0x53,
+    0xd5, 0xa3, 0x6d, 0xaf, 0xce, 0x4e, 0x31, 0x10, 0x49, 0x21, 0xd9, 0x54, 0x46, 0x94, 0x89, 0x3d,
+    0xd6, 0xdc, 0x22, 0x0b, 0xfe, 0x4a, 0x58, 0xf7, 0x42, 0xaf, 0x01, 0xe0, 0xd0, 0x0e, 0xac, 0x8f,
+    0xd7, 0x48, 0xa6, 0xd6, 0xee, 0xf7, 0x7f, 0xaa, 0xfa, 0xd5, 0x49, 0x8c, 0xa2, 0x78, 0x0e, 0xe1,
+    0xd8, 0x08, 0x16, 0xa7, 0x1e, 0xe3, 0x71, 0x57, 0xdd, 0x26, 0x77, 0xad, 0x29, 0xcf, 0xbf, 0xde,
+    0xd9, 0x9c, 0x92, 0x7a, 0x0e, 0x5e, 0x56, 0x0a, 0x65, 0x5c, 0x3f, 0xc1, 0x5b, 0xb9, 0x1d, 0xb0,
+    0xda, 0xe3, 0xdd, 0xde, 0x3e, 0x5a, 0x3f, 0xed, 0x6e, 0xd2, 0xe7, 0x75, 0xcd, 0x23, 0x38, 0x02,
+    0xdb, 0x77, 0x59, 0x03, 0x2e, 0xe7, 0x18, 0xb0, 0xd6, 0xa8, 0xaf, 0x19, 0xbf, 0x55, 0x9a, 0x6c,
+    0xdc, 0x1d, 0x43, 0x55, 0x5e, 0x52, 0xed, 0xe0, 0x78, 0x0d, 0x94, 0xde, 0x22, 0xd4, 0x72, 0xa5,
+    0xdd, 0x89, 0xc7, 0x88, 0x4e, 0xef, 0xca, 0xbd, 0xc0, 0x77, 0xdc, 0xb2, 0x50, 0xa2, 0xd0, 0xcb,
+    0xde, 0xf6, 0x88, 0x2c, 0x7e, 0xeb, 0xa3, 0x5a, 0xcb, 0xf9, 0x04, 0x06, 0xc6, 0x38, 0xf5, 0x79,
+    0xdf, 0x62, 0x0c, 0xf1, 0x6e, 0x56, 0x84, 0x07, 0x73, 0x83, 0x4c, 0x6a, 0xb4, 0x4e, 0x57, 0x17,
+    0xe0, 0xde, 0xc6, 0x52, 0x18, 0x02, 0xd5, 0x92, 0xe4, 0x47, 0x6c, 0x5a, 0x4b, 0x4d, 0xf3, 0x59,
+    0xe1, 0x4a, 0x42, 0x8f, 0x08, 0xbf, 0xf2, 0xcf, 0x5c, 0x3d, 0x24, 0x36, 0x39, 0x3b, 0x51, 0x37,
+    0xe2, 0x35, 0x0d, 0x2b, 0x38, 0xbb, 0x9b, 0x28, 0x57, 0xb3, 0xfc, 0x82, 0xaf, 0xa1, 0x74, 0x85,
+    0xe3, 0xa1, 0x89, 0xf6, 0x28, 0x06, 0xbc, 0x75, 0xef, 0xc9, 0xb4, 0xee, 0xdd, 0xd7, 0xd6, 0xeb,
+    0xe4, 0xcb, 0x93, 0xa0, 0x58, 0xb3, 0x49, 0x25, 0x41, 0x6c, 0x8f, 0x29, 0x40, 0x56, 0x3e, 0x22,
+    0xe5, 0x5f, 0x17, 0x7d, 0x48, 0x0e, 0x6e, 0x78, 0xf9, 0x16, 0xc7, 0x45, 0x32, 0x20, 0x9c, 0x4c,
+    0xe6, 0x20, 0x58, 0xd9, 0x78, 0x0a, 0x07, 0x9f, 0xf2, 0x98, 0x1f, 0xf1, 0xa4, 0xba, 0xb9, 0xfe,
+    0xe7, 0xb4, 0xdc, 0x04, 0x68, 0xb7, 0x20, 0xc2, 0x4a, 0xe2, 0x57, 0x9d, 0xd6, 0xcc, 0x1b, 0x90,
+    0xe8, 0xf4, 0x6c, 0x75, 0x98, 0xa3, 0x2e, 0x3f, 0x6d, 0x11, 0x69, 0xbc, 0x5d, 0x7b, 0xaa, 0xaf,
+    0xe9, 0x60, 0xe8, 0xa8, 0x88, 0x1e, 0x09, 0x62, 0xd5, 0x6b, 0x21, 0xd0, 0x2f, 0x0d, 0x08, 0xc1,
+    0xea, 0x1f, 0xa7, 0x0c, 0xb8, 0x1a, 0x60, 0x85, 0xde, 0xe5, 0xf9, 0x64, 0xb9, 0x97, 0x2d, 0x73,
+    0xeb, 0x8b, 0x23, 0xd1, 0xa8, 0xa7, 0x47, 0xd8, 0x66, 0x9f, 0xb1, 0x08, 0xcb, 0xe1, 0x8f, 0x1d,
+    0xec, 0xe1, 0x39, 0x87, 0xd8, 0x12, 0xb2, 0x88, 0xc8, 0x3a, 0x8a, 0xcf, 0x56, 0x60, 0x67, 0xd4,
+    0xed, 0x75, 0xbd, 0x5a, 0xc8, 0xaf, 0x95, 0xd5, 0x70, 0x40, 0xc2, 0xa3, 0x24, 0x16, 0xc5, 0xba,
+    0xee, 0x0a, 0xf2, 0xfe, 0xf8, 0xab, 0xfc, 0x32, 0x7b, 0xce, 0x1a, 0x17, 0xb2, 0x8c, 0xe0, 0x08,
+    0xef, 0x9e, 0x76, 0x23, 0xe8, 0x16, 0xdb, 0x6f, 0xc3, 0xb4, 0x52, 0x7b, 0xc0, 0xfa, 0x42, 0x66,
+    0xf0, 0x8a, 0x51, 0x1c, 0xdb, 0x83, 0xe0, 0x0b, 0x35, 0xeb, 0x66, 0x55, 0x67, 0x21, 0x41, 0x76,
+    0xf1, 0x1e, 0xd5, 0xc1, 0xcb, 0x3e, 0xc7, 0x56, 0x8d, 0x91, 0x2e, 0x39, 0x15, 0x57, 0xe3, 0x18,
+    0xf2, 0x61, 0x9a, 0x65, 0xfb, 0x3a, 0xae, 0xb1, 0x86, 0x1f, 0xf6, 0x8d, 0x83, 0xcd, 0xc6, 0xaa,
+    0xf3, 0xf5, 0x1e, 0xb8, 0xeb, 0x87, 0x89, 0xec, 0x3e, 0x65, 0xbe, 0xe1, 0xf1, 0xbb, 0x64, 0xc4,
+    0xf4, 0x9f, 0x04, 0xee, 0x9b, 0x32, 0x7c, 0xbc, 0x90, 0xc0, 0x85, 0x26, 0x6c, 0x3a, 0x8c, 0x0d,
+    0xf5, 0x0b, 0x80, 0x33, 0x8b, 0x8f, 0x5b, 0xe1, 0x28, 0xba, 0xcd, 0x4a, 0x1e, 0x4c, 0x2e, 0x63,
+    0xf6, 0x74, 0xcf, 0x97, 0xbb, 0x8b, 0x32, 0x06, 0x23, 0x34, 0x15, 0xfe, 0x88, 0xd6, 0x0b, 0xd1,
+    0xf7, 0xe0, 0x4b, 0x4a, 0xab, 0x36, 0x15, 0x5b, 0x9b, 0x4e, 0x5d, 0x92, 0xfa, 0xa0, 0xa9, 0xbf,
+    0xf8, 0xa0, 0xfb, 0x3b, 0x5b, 0x22, 0x1b, 0xa6, 0xbc, 0xbd, 0x63, 0xb3, 0x71, 0x17, 0x18, 0x80,
+    0xf9, 0x34, 0x7f, 0xe6, 0x4b, 0x9f, 0x3c, 0xfb, 0x04, 0xc7, 0x2b, 0xdf, 0x03, 0x61, 0xba, 0xee,
+    0xfa, 0x4b, 0x30, 0x42, 0x7b, 0x9b, 0x55, 0x1c, 0x0f, 0x49, 0xf3, 0x6b, 0x95, 0xfb, 0x9f, 0x5c,
+    0xfb, 0xdf, 0xb4, 0x9f, 0x6b, 0x26, 0x72, 0x41, 0xb7, 0x33, 0xbb, 0x07, 0xe7, 0x8d, 0x3d, 0x32,
+    0xfc, 0xb5, 0xae, 0xc9, 0x1b, 0x93, 0x87, 0x11, 0x19, 0x96, 0x80, 0xc0, 0x7a, 0x0c, 0xd5, 0xfb,
+    0xfd, 0x21, 0x2a, 0x14, 0x0b, 0x2e, 0xa0, 0x4c, 0xa1, 0xec, 0xc8, 0xac, 0x08, 0x7a, 0x77, 0x95,
+    0xfe, 0x5e, 0x65, 0xb0, 0x3b, 0x2a, 0xc9, 0xab, 0xaa, 0x62, 0x10, 0x18, 0x9e, 0xe0, 0x52, 0x27,
+    0xff, 0xca, 0xe1, 0x6d, 0x2b, 0x97, 0xee, 0xf6, 0x12, 0x18, 0x58, 0x74, 0xec, 0x96, 0xf0, 0x49,
+  },
+  { /* 1 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x94, 0xa5, 0x64, 0x0d, 0x89, 0xa2, 0x7f, 0x4b, 0x6e, 0x16, 0xc3, 0x4c, 0xe8, 0xe3, 0xd0, 0x4d,
+    0xeb, 0x89, 0xc8, 0x1a, 0xd1, 0x87, 0xfe, 0x96, 0xdc, 0x2c, 0x45, 0x98, 0x13, 0x05, 0x63, 0x9a,
+    0x7f, 0x2c, 0xac, 0x17, 0x58, 0x25, 0x81, 0xdd, 0xb2, 0x3a, 0x86, 0xd4, 0xfb, 0xe6, 0xb3, 0xd7,
+    0x15, 0xd1, 0x53, 0x34, 0x61, 0xcd, 0x3f, 0xef, 0x7b, 0x58, 0x8a, 0xf3, 0x26, 0x0a, 0xc6, 0xf7,
+    0x81, 0x74, 0x37, 0x39, 0xe8, 0x6f, 0x40, 0xa4, 0x15, 0x4e, 0x49, 0xbf, 0xce, 0xe9, 0x16, 0xba,
+    0xfe, 0x58, 0x9b, 0x2e, 0xb0, 0x4a, 0xc1, 0x79, 0xa7, 0x74, 0xcf, 0x6b, 0x35, 0x0f, 0xa5, 0x6d,
+    0x6a, 0xfd, 0xff, 0x23, 0x39, 0xe8, 0xbe, 0x32, 0xc9, 0x62, 0x0c, 0x27, 0xdd, 0xec, 0x75, 0x20,
+    0x2a, 0x61, 0xa6, 0x68, 0xc2, 0x59, 0x7e, 0x1d, 0xf6, 0xb0, 0xd7, 0x25, 0x4c, 0x14, 0x4f, 0x2d,
+    0xbe, 0xc4, 0xc2, 0x65, 0x4b, 0xfb, 0x01, 0x56, 0x98, 0xa6, 0x14, 0x69, 0xa4, 0xf7, 0x9f, 0x60,
+    0xc1, 0xe8, 0x6e, 0x72, 0x13, 0xde, 0x80, 0x8b, 0x2a, 0x9c, 0x92, 0xbd, 0x5f, 0x11, 0x2c, 0xb7,
+    0x55, 0x4d, 0x0a, 0x7f, 0x9a, 0x7c, 0xff, 0xc0, 0x44, 0x8a, 0x51, 0xf1, 0xb7, 0xf2, 0xfc, 0xfa,
+    0x3f, 0xb0, 0xf5, 0x5c, 0xa3, 0x94, 0x41, 0xf2, 0x8d, 0xe8, 0x5d, 0xd6, 0x6a, 0x1e, 0x89, 0xda,
+    0xab, 0x15, 0x91, 0x51, 0x2a, 0x36, 0x3e, 0xb9, 0xe3, 0xfe, 0x9e, 0x9a, 0x82, 0xfd, 0x59, 0x97,
+    0xd4, 0x39, 0x3d, 0x46, 0x72, 0x13, 0xbf, 0x64, 0x51, 0xc4, 0x18, 0x4e, 0x79, 0x1b, 0xea, 0x40,
+    0x40, 0x9c, 0x59, 0x4b, 0xfb, 0xb1, 0xc0, 0x2f, 0x3f, 0xd2, 0xdb, 0x02, 0x91, 0xf8, 0x3a, 0x0d,
+    0x54, 0xc2, 0x8f, 0xd0, 0x47, 0xb2, 0xfc, 0x3a, 0x2f, 0xa3, 0x6d, 0x4a, 0x98, 0x28, 0x9e, 0x5a,
+    0xc0, 0x67, 0xeb, 0xdd, 0xce, 0x10, 0x83, 0x71, 0x41, 0xb5, 0xae, 0x06, 0x70, 0xcb, 0x4e, 0x17,
+    0xbf, 0x4b, 0x47, 0xca, 0x96, 0x35, 0x02, 0xac, 0xf3, 0x8f, 0x28, 0xd2, 0x8b, 0x2d, 0xfd, 0xc0,
+    0x2b, 0xee, 0x23, 0xc7, 0x1f, 0x97, 0x7d, 0xe7, 0x9d, 0x99, 0xeb, 0x9e, 0x63, 0xce, 0x2d, 0x8d,
+    0x41, 0x13, 0xdc, 0xe4, 0x26, 0x7f, 0xc3, 0xd5, 0x54, 0xfb, 0xe7, 0xb9, 0xbe, 0x22, 0x58, 0xad,
+    0xd5, 0xb6, 0xb8, 0xe9, 0xaf, 0xdd, 0xbc, 0x9e, 0x3a, 0xed, 0x24, 0xf5, 0x56, 0xc1, 0x88, 0xe0,
+    0xaa, 0x9a, 0x14, 0xfe, 0xf7, 0xf8, 0x3d, 0x43, 0x88, 0xd7, 0xa2, 0x21, 0xad, 0x27, 0x3b, 0x37,
+    0x3e, 0x3f, 0x70, 0xf3, 0x7e, 0x5a, 0x42, 0x08, 0xe6, 0xc1, 0x61, 0x6d, 0x45, 0xc4, 0xeb, 0x7a,
+    0x7e, 0xa3, 0x29, 0xb8, 0x85, 0xeb, 0x82, 0x27, 0xd9, 0x13, 0xba, 0x6f, 0xd4, 0x3c, 0xd1, 0x77,
+    0xea, 0x06, 0x4d, 0xb5, 0x0c, 0x49, 0xfd, 0x6c, 0xb7, 0x05, 0x79, 0x23, 0x3c, 0xdf, 0x01, 0x3a,
+    0x95, 0x2a, 0xe1, 0xa2, 0x54, 0x6c, 0x7c, 0xb1, 0x05, 0x3f, 0xff, 0xf7, 0xc7, 0x39, 0xb2, 0xed,
+    0x01, 0x8f, 0x85, 0xaf, 0xdd, 0xce, 0x03, 0xfa, 0x6b, 0x29, 0x3c, 0xbb, 0x2f, 0xda, 0x62, 0xa0,
+    0x6b, 0x72, 0x7a, 0x8c, 0xe4, 0x26, 0xbd, 0xc8, 0xa2, 0x4b, 0x30, 0x9c, 0xf2, 0x36, 0x17, 0x80,
+    0xff, 0xd7, 0x1e, 0x81, 0x6d, 0x84, 0xc2, 0x83, 0xcc, 0x5d, 0xf3, 0xd0, 0x1a, 0xd5, 0xc7, 0xcd,
+    0x80, 0xfb, 0xb2, 0x96, 0x35, 0xa1, 0x43, 0x5e, 0x7e, 0x67, 0x75, 0x04, 0xe1, 0x33, 0x74, 0x1a,
+    0x14, 0x5e, 0xd6, 0x9b, 0xbc, 0x03, 0x3c, 0x15, 0x10, 0x71, 0xb6, 0x48, 0x09, 0xd0, 0xa4, 0x57,
+    0xa8, 0x47, 0xdd, 0x63, 0x8e, 0xa7, 0x3b, 0x74, 0x5e, 0x85, 0xda, 0x94, 0xf3, 0x50, 0xff, 0xb4,
+    0x3c, 0xe2, 0xb9, 0x6e, 0x07, 0x05, 0x44, 0x3f, 0x30, 0x93, 0x19, 0xd8, 0x1b, 0xb3, 0x2f, 0xf9,
+    0x43, 0xce, 0x15, 0x79, 0x5f, 0x20, 0xc5, 0xe2, 0x82, 0xa9, 0x9f, 0x0c, 0xe0, 0x55, 0x9c, 0x2e,
+    0xd7, 0x6b, 0x71, 0x74, 0xd6, 0x82, 0xba, 0xa9, 0xec, 0xbf, 0x5c, 0x40, 0x08, 0xb6, 0x4c, 0x63,
+    0xbd, 0x96, 0x8e, 0x57, 0xef, 0x6a, 0x04, 0x9b, 0x25, 0xdd, 0x50, 0x67, 0xd5, 0x5a, 0x39, 0x43,
+    0x29, 0x33, 0xea, 0x5a, 0x66, 0xc8, 0x7b, 0xd0, 0x4b, 0xcb, 0x93, 0x2b, 0x3d, 0xb9, 0xe9, 0x0e,
+    0x56, 0x1f, 0x46, 0x4d, 0x3e, 0xed, 0xfa, 0x0d, 0xf9, 0xf1, 0x15, 0xff, 0xc6, 0x5f, 0x5a, 0xd9,
+    0xc2, 0xba, 0x22, 0x40, 0xb7, 0x4f, 0x85, 0x46, 0x97, 0xe7, 0xd6, 0xb3, 0x2e, 0xbc, 0x8a, 0x94,
+    0x82, 0x26, 0x7b, 0x0b, 0x4c, 0xfe, 0x45, 0x69, 0xa8, 0x35, 0x0d, 0xb1, 0xbf, 0x44, 0xb0, 0x99,
+    0x16, 0x83, 0x1f, 0x06, 0xc5, 0x5c, 0x3a, 0x22, 0xc6, 0x23, 0xce, 0xfd, 0x57, 0xa7, 0x60, 0xd4,
+    0x69, 0xaf, 0xb3, 0x11, 0x9d, 0x79, 0xbb, 0xff, 0x74, 0x19, 0x48, 0x29, 0xac, 0x41, 0xd3, 0x03,
+    0xfd, 0x0a, 0xd7, 0x1c, 0x14, 0xdb, 0xc4, 0xb4, 0x1a, 0x0f, 0x8b, 0x65, 0x44, 0xa2, 0x03, 0x4e,
+    0x97, 0xf7, 0x28, 0x3f, 0x2d, 0x33, 0x7a, 0x86, 0xd3, 0x6d, 0x87, 0x42, 0x99, 0x4e, 0x76, 0x6e,
+    0x03, 0x52, 0x4c, 0x32, 0xa4, 0x91, 0x05, 0xcd, 0xbd, 0x7b, 0x44, 0x0e, 0x71, 0xad, 0xa6, 0x23,
+    0x7c, 0x7e, 0xe0, 0x25, 0xfc, 0xb4, 0x84, 0x10, 0x0f, 0x41, 0xc2, 0xda, 0x8a, 0x4b, 0x15, 0xf4,
+    0xe8, 0xdb, 0x84, 0x28, 0x75, 0x16, 0xfb, 0x5b, 0x61, 0x57, 0x01, 0x96, 0x62, 0xa8, 0xc5, 0xb9,
+    0xfc, 0x85, 0x52, 0xb3, 0xc9, 0x15, 0xc7, 0x4e, 0x71, 0x26, 0xb7, 0xde, 0x6b, 0x78, 0x61, 0xee,
+    0x68, 0x20, 0x36, 0xbe, 0x40, 0xb7, 0xb8, 0x05, 0x1f, 0x30, 0x74, 0x92, 0x83, 0x9b, 0xb1, 0xa3,
+    0x17, 0x0c, 0x9a, 0xa9, 0x18, 0x92, 0x39, 0xd8, 0xad, 0x0a, 0xf2, 0x46, 0x78, 0x7d, 0x02, 0x74,
+    0x83, 0xa9, 0xfe, 0xa4, 0x91, 0x30, 0x46, 0x93, 0xc3, 0x1c, 0x31, 0x0a, 0x90, 0x9e, 0xd2, 0x39,
+    0xe9, 0x54, 0x01, 0x87, 0xa8, 0xd8, 0xf8, 0xa1, 0x0a, 0x7e, 0x3d, 0x2d, 0x4d, 0x72, 0xa7, 0x19,
+    0x7d, 0xf1, 0x65, 0x8a, 0x21, 0x7a, 0x87, 0xea, 0x64, 0x68, 0xfe, 0x61, 0xa5, 0x91, 0x77, 0x54,
+    0x02, 0xdd, 0xc9, 0x9d, 0x79, 0x5f, 0x06, 0x37, 0xd6, 0x52, 0x78, 0xb5, 0x5e, 0x77, 0xc4, 0x83,
+    0x96, 0x78, 0xad, 0x90, 0xf0, 0xfd, 0x79, 0x7c, 0xb8, 0x44, 0xbb, 0xf9, 0xb6, 0x94, 0x14, 0xce,
+    0xd6, 0xe4, 0xf4, 0xdb, 0x0b, 0x4c, 0xb9, 0x53, 0x87, 0x96, 0x60, 0xfb, 0x27, 0x6c, 0x2e, 0xc3,
+    0x42, 0x41, 0x90, 0xd6, 0x82, 0xee, 0xc6, 0x18, 0xe9, 0x80, 0xa3, 0xb7, 0xcf, 0x8f, 0xfe, 0x8e,
+    0x3d, 0x6d, 0x3c, 0xc1, 0xda, 0xcb, 0x47, 0xc5, 0x5b, 0xba, 0x25, 0x63, 0x34, 0x69, 0x4d, 0x59,
+    0xa9, 0xc8, 0x58, 0xcc, 0x53, 0x69, 0x38, 0x8e, 0x35, 0xac, 0xe6, 0x2f, 0xdc, 0x8a, 0x9d, 0x14,
+    0xc3, 0x35, 0xa7, 0xef, 0x6a, 0x81, 0x86, 0xbc, 0xfc, 0xce, 0xea, 0x08, 0x01, 0x66, 0xe8, 0x34,
+    0x57, 0x90, 0xc3, 0xe2, 0xe3, 0x23, 0xf9, 0xf7, 0x92, 0xd8, 0x29, 0x44, 0xe9, 0x85, 0x38, 0x79,
+    0x28, 0xbc, 0x6f, 0xf5, 0xbb, 0x06, 0x78, 0x2a, 0x20, 0xe2, 0xaf, 0x90, 0x12, 0x63, 0x8b, 0xae,
+    0xbc, 0x19, 0x0b, 0xf8, 0x32, 0xa4, 0x07, 0x61, 0x4e, 0xf4, 0x6c, 0xdc, 0xfa, 0x80, 0x5b, 0xe3,
+    0x93, 0x8e, 0x79, 0xc6, 0xdf, 0x8d, 0x76, 0xe8, 0xbc, 0xc9, 0x77, 0xeb, 0x25, 0xa0, 0x3d, 0xab,
+    0x07, 0x2b, 0x1d, 0xcb, 0x56, 0x2f, 0x09, 0xa3, 0xd2, 0xdf, 0xb4, 0xa7, 0xcd, 0x43, 0xed, 0xe6,
+    0x78, 0x07, 0xb1, 0xdc, 0x0e, 0x0a, 0x88, 0x7e, 0x60, 0xe5, 0x32, 0x73, 0x36, 0xa5, 0x5e, 0x31,
+    0xec, 0xa2, 0xd5, 0xd1, 0x87, 0xa8, 0xf7, 0x35, 0x0e, 0xf3, 0xf1, 0x3f, 0xde, 0x46, 0x8e, 0x7c,
+    0x86, 0x5f, 0x2a, 0xf2, 0xbe, 0x40, 0x49, 0x07, 0xc7, 0x91, 0xfd, 0x18, 0x03, 0xaa, 0xfb, 0x5c,
+    0x12, 0xfa, 0x4e, 0xff, 0x37, 0xe2, 0x36, 0x4c, 0xa9, 0x87, 0x3e, 0x54, 0xeb, 0x49, 0x2b, 0x11,
+    0x6d, 0xd6, 0xe2, 0xe8, 0x6f, 0xc7, 0xb7, 0x91, 0x1b, 0xbd, 0xb8, 0x80, 0x10, 0xaf, 0x98, 0xc6,
+    0xf9, 0x73, 0x86, 0xe5, 0xe6, 0x65, 0xc8, 0xda, 0x75, 0xab, 0x7b, 0xcc, 0xf8, 0x4c, 0x48, 0x8b,
+    0xb9, 0xef, 0xdf, 0xae, 0x1d, 0xd4, 0x08, 0xf5, 0x4a, 0x79, 0xa0, 0xce, 0x69, 0xb4, 0x72, 0x86,
+    0x2d, 0x4a, 0xbb, 0xa3, 0x94, 0x76, 0x77, 0xbe, 0x24, 0x6f, 0x63, 0x82, 0x81, 0x57, 0xa2, 0xcb,
+    0x52, 0x66, 0x17, 0xb4, 0xcc, 0x53, 0xf6, 0x63, 0x96, 0x55, 0xe5, 0x56, 0x7a, 0xb1, 0x11, 0x1c,
+    0xc6, 0xc3, 0x73, 0xb9, 0x45, 0xf1, 0x89, 0x28, 0xf8, 0x43, 0x26, 0x1a, 0x92, 0x52, 0xc1, 0x51,
+    0xac, 0x3e, 0x8c, 0x9a, 0x7c, 0x19, 0x37, 0x1a, 0x31, 0x21, 0x2a, 0x3d, 0x4f, 0xbe, 0xb4, 0x71,
+    0x38, 0x9b, 0xe8, 0x97, 0xf5, 0xbb, 0x48, 0x51, 0x5f, 0x37, 0xe9, 0x71, 0xa7, 0x5d, 0x64, 0x3c,
+    0x47, 0xb7, 0x44, 0x80, 0xad, 0x9e, 0xc9, 0x8c, 0xed, 0x0d, 0x6f, 0xa5, 0x5c, 0xbb, 0xd7, 0xeb,
+    0xd3, 0x12, 0x20, 0x8d, 0x24, 0x3c, 0xb6, 0xc7, 0x83, 0x1b, 0xac, 0xe9, 0xb4, 0x58, 0x07, 0xa6,
+    0xc7, 0x4c, 0xf6, 0x16, 0x98, 0x3f, 0x8a, 0xd2, 0x93, 0x6a, 0x1a, 0xa1, 0xbd, 0x88, 0xa3, 0xf1,
+    0x53, 0xe9, 0x92, 0x1b, 0x11, 0x9d, 0xf5, 0x99, 0xfd, 0x7c, 0xd9, 0xed, 0x55, 0x6b, 0x73, 0xbc,
+    0x2c, 0xc5, 0x3e, 0x0c, 0x49, 0xb8, 0x74, 0x44, 0x4f, 0x46, 0x5f, 0x39, 0xae, 0x8d, 0xc0, 0x6b,
+    0xb8, 0x60, 0x5a, 0x01, 0xc0, 0x1a, 0x0b, 0x0f, 0x21, 0x50, 0x9c, 0x75, 0x46, 0x6e, 0x10, 0x26,
+    0xd2, 0x9d, 0xa5, 0x22, 0xf9, 0xf2, 0xb5, 0x3d, 0xe8, 0x32, 0x90, 0x52, 0x9b, 0x82, 0x65, 0x06,
+    0x46, 0x38, 0xc1, 0x2f, 0x70, 0x50, 0xca, 0x76, 0x86, 0x24, 0x53, 0x1e, 0x73, 0x61, 0xb5, 0x4b,
+    0x39, 0x14, 0x6d, 0x38, 0x28, 0x75, 0x4b, 0xab, 0x34, 0x1e, 0xd5, 0xca, 0x88, 0x87, 0x06, 0x9c,
+    0xad, 0xb1, 0x09, 0x35, 0xa1, 0xd7, 0x34, 0xe0, 0x5a, 0x08, 0x16, 0x86, 0x60, 0x64, 0xd6, 0xd1,
+    0xed, 0x2d, 0x50, 0x7e, 0x5a, 0x66, 0xf4, 0xcf, 0x65, 0xda, 0xcd, 0x84, 0xf1, 0x9c, 0xec, 0xdc,
+    0x79, 0x88, 0x34, 0x73, 0xd3, 0xc4, 0x8b, 0x84, 0x0b, 0xcc, 0x0e, 0xc8, 0x19, 0x7f, 0x3c, 0x91,
+    0x06, 0xa4, 0x98, 0x64, 0x8b, 0xe1, 0x0a, 0x59, 0xb9, 0xf6, 0x88, 0x1c, 0xe2, 0x99, 0x8f, 0x46,
+    0x92, 0x01, 0xfc, 0x69, 0x02, 0x43, 0x75, 0x12, 0xd7, 0xe0, 0x4b, 0x50, 0x0a, 0x7a, 0x5f, 0x0b,
+    0xf8, 0xfc, 0x03, 0x4a, 0x3b, 0xab, 0xcb, 0x20, 0x1e, 0x82, 0x47, 0x77, 0xd7, 0x96, 0x2a, 0x2b,
+    0x6c, 0x59, 0x67, 0x47, 0xb2, 0x09, 0xb4, 0x6b, 0x70, 0x94, 0x84, 0x3b, 0x3f, 0x75, 0xfa, 0x66,
+    0x13, 0x75, 0xcb, 0x50, 0xea, 0x2c, 0x35, 0xb6, 0xc2, 0xae, 0x02, 0xef, 0xc4, 0x93, 0x49, 0xb1,
+    0x87, 0xd0, 0xaf, 0x5d, 0x63, 0x8e, 0x4a, 0xfd, 0xac, 0xb8, 0xc1, 0xa3, 0x2c, 0x70, 0x99, 0xfc,
+    0x3b, 0xc9, 0xa4, 0xa5, 0x51, 0x2a, 0x4d, 0x9c, 0xe2, 0x4c, 0xad, 0x7f, 0xd6, 0xf0, 0xc2, 0x1f,
+    0xaf, 0x6c, 0xc0, 0xa8, 0xd8, 0x88, 0x32, 0xd7, 0x8c, 0x5a, 0x6e, 0x33, 0x3e, 0x13, 0x12, 0x52,
+    0xd0, 0x40, 0x6c, 0xbf, 0x80, 0xad, 0xb3, 0x0a, 0x3e, 0x60, 0xe8, 0xe7, 0xc5, 0xf5, 0xa1, 0x85,
+    0x44, 0xe5, 0x08, 0xb2, 0x09, 0x0f, 0xcc, 0x41, 0x50, 0x76, 0x2b, 0xab, 0x2d, 0x16, 0x71, 0xc8,
+    0x2e, 0x18, 0xf7, 0x91, 0x30, 0xe7, 0x72, 0x73, 0x99, 0x14, 0x27, 0x8c, 0xf0, 0xfa, 0x04, 0xe8,
+    0xba, 0xbd, 0x93, 0x9c, 0xb9, 0x45, 0x0d, 0x38, 0xf7, 0x02, 0xe4, 0xc0, 0x18, 0x19, 0xd4, 0xa5,
+    0xc5, 0x91, 0x3f, 0x8b, 0xe1, 0x60, 0x8c, 0xe5, 0x45, 0x38, 0x62, 0x14, 0xe3, 0xff, 0x67, 0x72,
+    0x51, 0x34, 0x5b, 0x86, 0x68, 0xc2, 0xf3, 0xae, 0x2b, 0x2e, 0xa1, 0x58, 0x0b, 0x1c, 0xb7, 0x3f,
+    0x11, 0xa8, 0x02, 0xcd, 0x93, 0x73, 0x33, 0x81, 0x14, 0xfc, 0x7a, 0x5a, 0x9a, 0xe4, 0x8d, 0x32,
+    0x85, 0x0d, 0x66, 0xc0, 0x1a, 0xd1, 0x4c, 0xca, 0x7a, 0xea, 0xb9, 0x16, 0x72, 0x07, 0x5d, 0x7f,
+    0xfa, 0x21, 0xca, 0xd7, 0x42, 0xf4, 0xcd, 0x17, 0xc8, 0xd0, 0x3f, 0xc2, 0x89, 0xe1, 0xee, 0xa8,
+    0x6e, 0x84, 0xae, 0xda, 0xcb, 0x56, 0xb2, 0x5c, 0xa6, 0xc6, 0xfc, 0x8e, 0x61, 0x02, 0x3e, 0xe5,
+    0x04, 0x79, 0x51, 0xf9, 0xf2, 0xbe, 0x0c, 0x6e, 0x6f, 0xa4, 0xf0, 0xa9, 0xbc, 0xee, 0x4b, 0xc5,
+    0x90, 0xdc, 0x35, 0xf4, 0x7b, 0x1c, 0x73, 0x25, 0x01, 0xb2, 0x33, 0xe5, 0x54, 0x0d, 0x9b, 0x88,
+    0xef, 0xf0, 0x99, 0xe3, 0x23, 0x39, 0xf2, 0xf8, 0xb3, 0x88, 0xb5, 0x31, 0xaf, 0xeb, 0x28, 0x5f,
+    0x7b, 0x55, 0xfd, 0xee, 0xaa, 0x9b, 0x8d, 0xb3, 0xdd, 0x9e, 0x76, 0x7d, 0x47, 0x08, 0xf8, 0x12,
+    0x6f, 0x0b, 0x2b, 0x75, 0x16, 0x98, 0xb1, 0xa6, 0xcd, 0xef, 0xc0, 0x35, 0x4e, 0xd8, 0x5c, 0x45,
+    0xfb, 0xae, 0x4f, 0x78, 0x9f, 0x3a, 0xce, 0xed, 0xa3, 0xf9, 0x03, 0x79, 0xa6, 0x3b, 0x8c, 0x08,
+    0x84, 0x82, 0xe3, 0x6f, 0xc7, 0x1f, 0x4f, 0x30, 0x11, 0xc3, 0x85, 0xad, 0x5d, 0xdd, 0x3f, 0xdf,
+    0x10, 0x27, 0x87, 0x62, 0x4e, 0xbd, 0x30, 0x7b, 0x7f, 0xd5, 0x46, 0xe1, 0xb5, 0x3e, 0xef, 0x92,
+    0x7a, 0xda, 0x78, 0x41, 0x77, 0x55, 0x8e, 0x49, 0xb6, 0xb7, 0x4a, 0xc6, 0x68, 0xd2, 0x9a, 0xb2,
+    0xee, 0x7f, 0x1c, 0x4c, 0xfe, 0xf7, 0xf1, 0x02, 0xd8, 0xa1, 0x89, 0x8a, 0x80, 0x31, 0x4a, 0xff,
+    0x91, 0x53, 0xb0, 0x5b, 0xa6, 0xd2, 0x70, 0xdf, 0x6a, 0x9b, 0x0f, 0x5e, 0x7b, 0xd7, 0xf9, 0x28,
+    0x05, 0xf6, 0xd4, 0x56, 0x2f, 0x70, 0x0f, 0x94, 0x04, 0x8d, 0xcc, 0x12, 0x93, 0x34, 0x29, 0x65,
+    0x45, 0x6a, 0x8d, 0x1d, 0xd4, 0xc1, 0xcf, 0xbb, 0x3b, 0x5f, 0x17, 0x10, 0x02, 0xcc, 0x13, 0x68,
+    0xd1, 0xcf, 0xe9, 0x10, 0x5d, 0x63, 0xb0, 0xf0, 0x55, 0x49, 0xd4, 0x5c, 0xea, 0x2f, 0xc3, 0x25,
+    0xae, 0xe3, 0x45, 0x07, 0x05, 0x46, 0x31, 0x2d, 0xe7, 0x73, 0x52, 0x88, 0x11, 0xc9, 0x70, 0xf2,
+    0x3a, 0x46, 0x21, 0x0a, 0x8c, 0xe4, 0x4e, 0x66, 0x89, 0x65, 0x91, 0xc4, 0xf9, 0x2a, 0xa0, 0xbf,
+    0x50, 0xbb, 0xde, 0x29, 0xb5, 0x0c, 0xf0, 0x54, 0x40, 0x07, 0x9d, 0xe3, 0x24, 0xc6, 0xd5, 0x9f,
+    0xc4, 0x1e, 0xba, 0x24, 0x3c, 0xae, 0x8f, 0x1f, 0x2e, 0x11, 0x5e, 0xaf, 0xcc, 0x25, 0x05, 0xd2,
+    0xbb, 0x32, 0x16, 0x33, 0x64, 0x8b, 0x0e, 0xc2, 0x9c, 0x2b, 0xd8, 0x7b, 0x37, 0xc3, 0xb6, 0x05,
+    0x2f, 0x97, 0x72, 0x3e, 0xed, 0x29, 0x71, 0x89, 0xf2, 0x3d, 0x1b, 0x37, 0xdf, 0x20, 0x66, 0x48,
+    0xe5, 0xdf, 0xf2, 0x4f, 0x7d, 0xd9, 0xec, 0x13, 0xbb, 0x51, 0xee, 0x15, 0x4a, 0x83, 0x7a, 0x95,
+    0x71, 0x7a, 0x96, 0x42, 0xf4, 0x7b, 0x93, 0x58, 0xd5, 0x47, 0x2d, 0x59, 0xa2, 0x60, 0xaa, 0xd8,
+    0x0e, 0x56, 0x3a, 0x55, 0xac, 0x5e, 0x12, 0x85, 0x67, 0x7d, 0xab, 0x8d, 0x59, 0x86, 0x19, 0x0f,
+    0x9a, 0xf3, 0x5e, 0x58, 0x25, 0xfc, 0x6d, 0xce, 0x09, 0x6b, 0x68, 0xc1, 0xb1, 0x65, 0xc9, 0x42,
+    0xf0, 0x0e, 0xa1, 0x7b, 0x1c, 0x14, 0xd3, 0xfc, 0xc0, 0x09, 0x64, 0xe6, 0x6c, 0x89, 0xbc, 0x62,
+    0x64, 0xab, 0xc5, 0x76, 0x95, 0xb6, 0xac, 0xb7, 0xae, 0x1f, 0xa7, 0xaa, 0x84, 0x6a, 0x6c, 0x2f,
+    0x1b, 0x87, 0x69, 0x61, 0xcd, 0x93, 0x2d, 0x6a, 0x1c, 0x25, 0x21, 0x7e, 0x7f, 0x8c, 0xdf, 0xf8,
+    0x8f, 0x22, 0x0d, 0x6c, 0x44, 0x31, 0x52, 0x21, 0x72, 0x33, 0xe2, 0x32, 0x97, 0x6f, 0x0f, 0xb5,
+    0xcf, 0xbe, 0x54, 0x27, 0xbf, 0x80, 0x92, 0x0e, 0x4d, 0xe1, 0x39, 0x30, 0x06, 0x97, 0x35, 0xb8,
+    0x5b, 0x1b, 0x30, 0x2a, 0x36, 0x22, 0xed, 0x45, 0x23, 0xf7, 0xfa, 0x7c, 0xee, 0x74, 0xe5, 0xf5,
+    0x24, 0x37, 0x9c, 0x3d, 0x6e, 0x07, 0x6c, 0x98, 0x91, 0xcd, 0x7c, 0xa8, 0x15, 0x92, 0x56, 0x22,
+    0xb0, 0x92, 0xf8, 0x30, 0xe7, 0xa5, 0x13, 0xd3, 0xff, 0xdb, 0xbf, 0xe4, 0xfd, 0x71, 0x86, 0x6f,
+    0xda, 0x6f, 0x07, 0x13, 0xde, 0x4d, 0xad, 0xe1, 0x36, 0xb9, 0xb3, 0xc3, 0x20, 0x9d, 0xf3, 0x4f,
+    0x4e, 0xca, 0x63, 0x1e, 0x57, 0xef, 0xd2, 0xaa, 0x58, 0xaf, 0x70, 0x8f, 0xc8, 0x7e, 0x23, 0x02,
+    0x31, 0xe6, 0xcf, 0x09, 0x0f, 0xca, 0x53, 0x77, 0xea, 0x95, 0xf6, 0x5b, 0x33, 0x98, 0x90, 0xd5,
+    0xa5, 0x43, 0xab, 0x04, 0x86, 0x68, 0x2c, 0x3c, 0x84, 0x83, 0x35, 0x17, 0xdb, 0x7b, 0x40, 0x98,
+    0xb1, 0x1d, 0x7d, 0x9f, 0x3a, 0x6b, 0x10, 0x29, 0x94, 0xf2, 0x83, 0x5f, 0xd2, 0xab, 0xe4, 0xcf,
+    0x25, 0xb8, 0x19, 0x92, 0xb3, 0xc9, 0x6f, 0x62, 0xfa, 0xe4, 0x40, 0x13, 0x3a, 0x48, 0x34, 0x82,
+    0x5a, 0x94, 0xb5, 0x85, 0xeb, 0xec, 0xee, 0xbf, 0x48, 0xde, 0xc6, 0xc7, 0xc1, 0xae, 0x87, 0x55,
+    0xce, 0x31, 0xd1, 0x88, 0x62, 0x4e, 0x91, 0xf4, 0x26, 0xc8, 0x05, 0x8b, 0x29, 0x4d, 0x57, 0x18,
+    0xa4, 0xcc, 0x2e, 0xab, 0x5b, 0xa6, 0x2f, 0xc6, 0xef, 0xaa, 0x09, 0xac, 0xf4, 0xa1, 0x22, 0x38,
+    0x30, 0x69, 0x4a, 0xa6, 0xd2, 0x04, 0x50, 0x8d, 0x81, 0xbc, 0xca, 0xe0, 0x1c, 0x42, 0xf2, 0x75,
+    0x4f, 0x45, 0xe6, 0xb1, 0x8a, 0x21, 0xd1, 0x50, 0x33, 0x86, 0x4c, 0x34, 0xe7, 0xa4, 0x41, 0xa2,
+    0xdb, 0xe0, 0x82, 0xbc, 0x03, 0x83, 0xae, 0x1b, 0x5d, 0x90, 0x8f, 0x78, 0x0f, 0x47, 0x91, 0xef,
+    0x9b, 0x7c, 0xdb, 0xf7, 0xf8, 0x32, 0x6e, 0x34, 0x62, 0x42, 0x54, 0x7a, 0x9e, 0xbf, 0xab, 0xe2,
+    0x0f, 0xd9, 0xbf, 0xfa, 0x71, 0x90, 0x11, 0x7f, 0x0c, 0x54, 0x97, 0x36, 0x76, 0x5c, 0x7b, 0xaf,
+    0x70, 0xf5, 0x13, 0xed, 0x29, 0xb5, 0x90, 0xa2, 0xbe, 0x6e, 0x11, 0xe2, 0x8d, 0xba, 0xc8, 0x78,
+    0xe4, 0x50, 0x77, 0xe0, 0xa0, 0x17, 0xef, 0xe9, 0xd0, 0x78, 0xd2, 0xae, 0x65, 0x59, 0x18, 0x35,
+    0x8e, 0xad, 0x88, 0xc3, 0x99, 0xff, 0x51, 0xdb, 0x19, 0x1a, 0xde, 0x89, 0xb8, 0xb5, 0x6d, 0x15,
+    0x1a, 0x08, 0xec, 0xce, 0x10, 0x5d, 0x2e, 0x90, 0x77, 0x0c, 0x1d, 0xc5, 0x50, 0x56, 0xbd, 0x58,
+    0x65, 0x24, 0x40, 0xd9, 0x48, 0x78, 0xaf, 0x4d, 0xc5, 0x36, 0x9b, 0x11, 0xab, 0xb0, 0x0e, 0x8f,
+    0xf1, 0x81, 0x24, 0xd4, 0xc1, 0xda, 0xd0, 0x06, 0xab, 0x20, 0x58, 0x5d, 0x43, 0x53, 0xde, 0xc2,
+    0x4d, 0x98, 0x2f, 0x2c, 0xf3, 0x7e, 0xd7, 0x67, 0xe5, 0xd4, 0x34, 0x81, 0xb9, 0xd3, 0x85, 0x21,
+    0xd9, 0x3d, 0x4b, 0x21, 0x7a, 0xdc, 0xa8, 0x2c, 0x8b, 0xc2, 0xf7, 0xcd, 0x51, 0x30, 0x55, 0x6c,
+    0xa6, 0x11, 0xe7, 0x36, 0x22, 0xf9, 0x29, 0xf1, 0x39, 0xf8, 0x71, 0x19, 0xaa, 0xd6, 0xe6, 0xbb,
+    0x32, 0xb4, 0x83, 0x3b, 0xab, 0x5b, 0x56, 0xba, 0x57, 0xee, 0xb2, 0x55, 0x42, 0x35, 0x36, 0xf6,
+    0x58, 0x49, 0x7c, 0x18, 0x92, 0xb3, 0xe8, 0x88, 0x9e, 0x8c, 0xbe, 0x72, 0x9f, 0xd9, 0x43, 0xd6,
+    0xcc, 0xec, 0x18, 0x15, 0x1b, 0x11, 0x97, 0xc3, 0xf0, 0x9a, 0x7d, 0x3e, 0x77, 0x3a, 0x93, 0x9b,
+    0xb3, 0xc0, 0xb4, 0x02, 0x43, 0x34, 0x16, 0x1e, 0x42, 0xa0, 0xfb, 0xea, 0x8c, 0xdc, 0x20, 0x4c,
+    0x27, 0x65, 0xd0, 0x0f, 0xca, 0x96, 0x69, 0x55, 0x2c, 0xb6, 0x38, 0xa6, 0x64, 0x3f, 0xf0, 0x01,
+    0x67, 0xf9, 0x89, 0x44, 0x31, 0x27, 0xa9, 0x7a, 0x13, 0x64, 0xe3, 0xa4, 0xf5, 0xc7, 0xca, 0x0c,
+    0xf3, 0x5c, 0xed, 0x49, 0xb8, 0x85, 0xd6, 0x31, 0x7d, 0x72, 0x20, 0xe8, 0x1d, 0x24, 0x1a, 0x41,
+    0x8c, 0x70, 0x41, 0x5e, 0xe0, 0xa0, 0x57, 0xec, 0xcf, 0x48, 0xa6, 0x3c, 0xe6, 0xc2, 0xa9, 0x96,
+    0x18, 0xd5, 0x25, 0x53, 0x69, 0x02, 0x28, 0xa7, 0xa1, 0x5e, 0x65, 0x70, 0x0e, 0x21, 0x79, 0xdb,
+    0x72, 0x28, 0xda, 0x70, 0x50, 0xea, 0x96, 0x95, 0x68, 0x3c, 0x69, 0x57, 0xd3, 0xcd, 0x0c, 0xfb,
+    0xe6, 0x8d, 0xbe, 0x7d, 0xd9, 0x48, 0xe9, 0xde, 0x06, 0x2a, 0xaa, 0x1b, 0x3b, 0x2e, 0xdc, 0xb6,
+    0x99, 0xa1, 0x12, 0x6a, 0x81, 0x6d, 0x68, 0x03, 0xb4, 0x10, 0x2c, 0xcf, 0xc0, 0xc8, 0x6f, 0x61,
+    0x0d, 0x04, 0x76, 0x67, 0x08, 0xcf, 0x17, 0x48, 0xda, 0x06, 0xef, 0x83, 0x28, 0x2b, 0xbf, 0x2c,
+    0x19, 0x5a, 0xa0, 0xfc, 0xb4, 0xcc, 0x2b, 0x5d, 0xca, 0x77, 0x59, 0xcb, 0x21, 0xfb, 0x1b, 0x7b,
+    0x8d, 0xff, 0xc4, 0xf1, 0x3d, 0x6e, 0x54, 0x16, 0xa4, 0x61, 0x9a, 0x87, 0xc9, 0x18, 0xcb, 0x36,
+    0xf2, 0xd3, 0x68, 0xe6, 0x65, 0x4b, 0xd5, 0xcb, 0x16, 0x5b, 0x1c, 0x53, 0x32, 0xfe, 0x78, 0xe1,
+    0x66, 0x76, 0x0c, 0xeb, 0xec, 0xe9, 0xaa, 0x80, 0x78, 0x4d, 0xdf, 0x1f, 0xda, 0x1d, 0xa8, 0xac,
+    0x0c, 0x8b, 0xf3, 0xc8, 0xd5, 0x01, 0x14, 0xb2, 0xb1, 0x2f, 0xd3, 0x38, 0x07, 0xf1, 0xdd, 0x8c,
+    0x98, 0x2e, 0x97, 0xc5, 0x5c, 0xa3, 0x6b, 0xf9, 0xdf, 0x39, 0x10, 0x74, 0xef, 0x12, 0x0d, 0xc1,
+    0xe7, 0x02, 0x3b, 0xd2, 0x04, 0x86, 0xea, 0x24, 0x6d, 0x03, 0x96, 0xa0, 0x14, 0xf4, 0xbe, 0x16,
+    0x73, 0xa7, 0x5f, 0xdf, 0x8d, 0x24, 0x95, 0x6f, 0x03, 0x15, 0x55, 0xec, 0xfc, 0x17, 0x6e, 0x5b,
+    0x33, 0x3b, 0x06, 0x94, 0x76, 0x95, 0x55, 0x40, 0x3c, 0xc7, 0x8e, 0xee, 0x6d, 0xef, 0x54, 0x56,
+    0xa7, 0x9e, 0x62, 0x99, 0xff, 0x37, 0x2a, 0x0b, 0x52, 0xd1, 0x4d, 0xa2, 0x85, 0x0c, 0x84, 0x1b,
+    0xd8, 0xb2, 0xce, 0x8e, 0xa7, 0x12, 0xab, 0xd6, 0xe0, 0xeb, 0xcb, 0x76, 0x7e, 0xea, 0x37, 0xcc,
+    0x4c, 0x17, 0xaa, 0x83, 0x2e, 0xb0, 0xd4, 0x9d, 0x8e, 0xfd, 0x08, 0x3a, 0x96, 0x09, 0xe7, 0x81,
+    0x26, 0xea, 0x55, 0xa0, 0x17, 0x58, 0x6a, 0xaf, 0x47, 0x9f, 0x04, 0x1d, 0x4b, 0xe5, 0x92, 0xa1,
+    0xb2, 0x4f, 0x31, 0xad, 0x9e, 0xfa, 0x15, 0xe4, 0x29, 0x89, 0xc7, 0x51, 0xa3, 0x06, 0x42, 0xec,
+    0xcd, 0x63, 0x9d, 0xba, 0xc6, 0xdf, 0x94, 0x39, 0x9b, 0xb3, 0x41, 0x85, 0x58, 0xe0, 0xf1, 0x3b,
+    0x59, 0xc6, 0xf9, 0xb7, 0x4f, 0x7d, 0xeb, 0x72, 0xf5, 0xa5, 0x82, 0xc9, 0xb0, 0x03, 0x21, 0x76,
+    0x76, 0x51, 0x8b, 0x89, 0xa2, 0x54, 0x9a, 0xfb, 0x07, 0x98, 0x99, 0xfe, 0x6f, 0x23, 0x47, 0x3e,
+    0xe2, 0xf4, 0xef, 0x84, 0x2b, 0xf6, 0xe5, 0xb0, 0x69, 0x8e, 0x5a, 0xb2, 0x87, 0xc0, 0x97, 0x73,
+    0x9d, 0xd8, 0x43, 0x93, 0x73, 0xd3, 0x64, 0x6d, 0xdb, 0xb4, 0xdc, 0x66, 0x7c, 0x26, 0x24, 0xa4,
+    0x09, 0x7d, 0x27, 0x9e, 0xfa, 0x71, 0x1b, 0x26, 0xb5, 0xa2, 0x1f, 0x2a, 0x94, 0xc5, 0xf4, 0xe9,
+    0x63, 0x80, 0xd8, 0xbd, 0xc3, 0x99, 0xa5, 0x14, 0x7c, 0xc0, 0x13, 0x0d, 0x49, 0x29, 0x81, 0xc9,
+    0xf7, 0x25, 0xbc, 0xb0, 0x4a, 0x3b, 0xda, 0x5f, 0x12, 0xd6, 0xd0, 0x41, 0xa1, 0xca, 0x51, 0x84,
+    0x88, 0x09, 0x10, 0xa7, 0x12, 0x1e, 0x5b, 0x82, 0xa0, 0xec, 0x56, 0x95, 0x5a, 0x2c, 0xe2, 0x53,
+    0x1c, 0xac, 0x74, 0xaa, 0x9b, 0xbc, 0x24, 0xc9, 0xce, 0xfa, 0x95, 0xd9, 0xb2, 0xcf, 0x32, 0x1e,
+    0x5c, 0x30, 0x2d, 0xe1, 0x60, 0x0d, 0xe4, 0xe6, 0xf1, 0x28, 0x4e, 0xdb, 0x23, 0x37, 0x08, 0x13,
+    0xc8, 0x95, 0x49, 0xec, 0xe9, 0xaf, 0x9b, 0xad, 0x9f, 0x3e, 0x8d, 0x97, 0xcb, 0xd4, 0xd8, 0x5e,
+    0xb7, 0xb9, 0xe5, 0xfb, 0xb1, 0x8a, 0x1a, 0x70, 0x2d, 0x04, 0x0b, 0x43, 0x30, 0x32, 0x6b, 0x89,
+    0x23, 0x1c, 0x81, 0xf6, 0x38, 0x28, 0x65, 0x3b, 0x43, 0x12, 0xc8, 0x0f, 0xd8, 0xd1, 0xbb, 0xc4,
+    0x49, 0xe1, 0x7e, 0xd5, 0x01, 0xc0, 0xdb, 0x09, 0x8a, 0x70, 0xc4, 0x28, 0x05, 0x3d, 0xce, 0xe4,
+    0xdd, 0x44, 0x1a, 0xd8, 0x88, 0x62, 0xa4, 0x42, 0xe4, 0x66, 0x07, 0x64, 0xed, 0xde, 0x1e, 0xa9,
+    0xa2, 0x68, 0xb6, 0xcf, 0xd0, 0x47, 0x25, 0x9f, 0x56, 0x5c, 0x81, 0xb0, 0x16, 0x38, 0xad, 0x7e,
+    0x36, 0xcd, 0xd2, 0xc2, 0x59, 0xe5, 0x5a, 0xd4, 0x38, 0x4a, 0x42, 0xfc, 0xfe, 0xdb, 0x7d, 0x33,
+    0x22, 0x93, 0x04, 0x59, 0xe5, 0xe6, 0x66, 0xc1, 0x28, 0x3b, 0xf4, 0xb4, 0xf7, 0x0b, 0xd9, 0x64,
+    0xb6, 0x36, 0x60, 0x54, 0x6c, 0x44, 0x19, 0x8a, 0x46, 0x2d, 0x37, 0xf8, 0x1f, 0xe8, 0x09, 0x29,
+    0xc9, 0x1a, 0xcc, 0x43, 0x34, 0x61, 0x98, 0x57, 0xf4, 0x17, 0xb1, 0x2c, 0xe4, 0x0e, 0xba, 0xfe,
+    0x5d, 0xbf, 0xa8, 0x4e, 0xbd, 0xc3, 0xe7, 0x1c, 0x9a, 0x01, 0x72, 0x60, 0x0c, 0xed, 0x6a, 0xb3,
+    0x37, 0x42, 0x57, 0x6d, 0x84, 0x2b, 0x59, 0x2e, 0x53, 0x63, 0x7e, 0x47, 0xd1, 0x01, 0x1f, 0x93,
+    0xa3, 0xe7, 0x33, 0x60, 0x0d, 0x89, 0x26, 0x65, 0x3d, 0x75, 0xbd, 0x0b, 0x39, 0xe2, 0xcf, 0xde,
+    0xdc, 0xcb, 0x9f, 0x77, 0x55, 0xac, 0xa7, 0xb8, 0x8f, 0x4f, 0x3b, 0xdf, 0xc2, 0x04, 0x7c, 0x09,
+    0x48, 0x6e, 0xfb, 0x7a, 0xdc, 0x0e, 0xd8, 0xf3, 0xe1, 0x59, 0xf8, 0x93, 0x2a, 0xe7, 0xac, 0x44,
+    0x08, 0xf2, 0xa2, 0x31, 0x27, 0xbf, 0x18, 0xdc, 0xde, 0x8b, 0x23, 0x91, 0xbb, 0x1f, 0x96, 0x49,
+    0x9c, 0x57, 0xc6, 0x3c, 0xae, 0x1d, 0x67, 0x97, 0xb0, 0x9d, 0xe0, 0xdd, 0x53, 0xfc, 0x46, 0x04,
+    0xe3, 0x7b, 0x6a, 0x2b, 0xf6, 0x38, 0xe6, 0x4a, 0x02, 0xa7, 0x66, 0x09, 0xa8, 0x1a, 0xf5, 0xd3,
+    0x77, 0xde, 0x0e, 0x26, 0x7f, 0x9a, 0x99, 0x01, 0x6c, 0xb1, 0xa5, 0x45, 0x40, 0xf9, 0x25, 0x9e,
+    0x1d, 0x23, 0xf1, 0x05, 0x46, 0x72, 0x27, 0x33, 0xa5, 0xd3, 0xa9, 0x62, 0x9d, 0x15, 0x50, 0xbe,
+    0x89, 0x86, 0x95, 0x08, 0xcf, 0xd0, 0x58, 0x78, 0xcb, 0xc5, 0x6a, 0x2e, 0x75, 0xf6, 0x80, 0xf3,
+    0xf6, 0xaa, 0x39, 0x1f, 0x97, 0xf5, 0xd9, 0xa5, 0x79, 0xff, 0xec, 0xfa, 0x8e, 0x10, 0x33, 0x24,
+    0x62, 0x0f, 0x5d, 0x12, 0x1e, 0x57, 0xa6, 0xee, 0x17, 0xe9, 0x2f, 0xb6, 0x66, 0xf3, 0xe3, 0x69,
+    0xde, 0x16, 0x56, 0xea, 0x2c, 0xf3, 0xa1, 0x8f, 0x59, 0x1d, 0x43, 0x6a, 0x9c, 0x73, 0xb8, 0x8a,
+    0x4a, 0xb3, 0x32, 0xe7, 0xa5, 0x51, 0xde, 0xc4, 0x37, 0x0b, 0x80, 0x26, 0x74, 0x90, 0x68, 0xc7,
+    0x35, 0x9f, 0x9e, 0xf0, 0xfd, 0x74, 0x5f, 0x19, 0x85, 0x31, 0x06, 0xf2, 0x8f, 0x76, 0xdb, 0x10,
+    0xa1, 0x3a, 0xfa, 0xfd, 0x74, 0xd6, 0x20, 0x52, 0xeb, 0x27, 0xc5, 0xbe, 0x67, 0x95, 0x0b, 0x5d,
+    0xcb, 0xc7, 0x05, 0xde, 0x4d, 0x3e, 0x9e, 0x60, 0x22, 0x45, 0xc9, 0x99, 0xba, 0x79, 0x7e, 0x7d,
+    0x5f, 0x62, 0x61, 0xd3, 0xc4, 0x9c, 0xe1, 0x2b, 0x4c, 0x53, 0x0a, 0xd5, 0x52, 0x9a, 0xae, 0x30,
+    0x20, 0x4e, 0xcd, 0xc4, 0x9c, 0xb9, 0x60, 0xf6, 0xfe, 0x69, 0x8c, 0x01, 0xa9, 0x7c, 0x1d, 0xe7,
+    0xb4, 0xeb, 0xa9, 0xc9, 0x15, 0x1b, 0x1f, 0xbd, 0x90, 0x7f, 0x4f, 0x4d, 0x41, 0x9f, 0xcd, 0xaa,
+    0xf4, 0x77, 0xf0, 0x82, 0xee, 0xaa, 0xdf, 0x92, 0xaf, 0xad, 0x94, 0x4f, 0xd0, 0x67, 0xf7, 0xa7,
+    0x60, 0xd2, 0x94, 0x8f, 0x67, 0x08, 0xa0, 0xd9, 0xc1, 0xbb, 0x57, 0x03, 0x38, 0x84, 0x27, 0xea,
+    0x1f, 0xfe, 0x38, 0x98, 0x3f, 0x2d, 0x21, 0x04, 0x73, 0x81, 0xd1, 0xd7, 0xc3, 0x62, 0x94, 0x3d,
+    0x8b, 0x5b, 0x5c, 0x95, 0xb6, 0x8f, 0x5e, 0x4f, 0x1d, 0x97, 0x12, 0x9b, 0x2b, 0x81, 0x44, 0x70,
+    0xe1, 0xa6, 0xa3, 0xb6, 0x8f, 0x67, 0xe0, 0x7d, 0xd4, 0xf5, 0x1e, 0xbc, 0xf6, 0x6d, 0x31, 0x50,
+    0x75, 0x03, 0xc7, 0xbb, 0x06, 0xc5, 0x9f, 0x36, 0xba, 0xe3, 0xdd, 0xf0, 0x1e, 0x8e, 0xe1, 0x1d,
+    0x0a, 0x2f, 0x6b, 0xac, 0x5e, 0xe0, 0x1e, 0xeb, 0x08, 0xd9, 0x5b, 0x24, 0xe5, 0x68, 0x52, 0xca,
+    0x9e, 0x8a, 0x0f, 0xa1, 0xd7, 0x42, 0x61, 0xa0, 0x66, 0xcf, 0x98, 0x68, 0x0d, 0x8b, 0x82, 0x87,
+    0x8a, 0xd4, 0xd9, 0x3a, 0x6b, 0x41, 0x5d, 0xb5, 0x76, 0xbe, 0x2e, 0x20, 0x04, 0x5b, 0x26, 0xd0,
+    0x1e, 0x71, 0xbd, 0x37, 0xe2, 0xe3, 0x22, 0xfe, 0x18, 0xa8, 0xed, 0x6c, 0xec, 0xb8, 0xf6, 0x9d,
+    0x61, 0x5d, 0x11, 0x20, 0xba, 0xc6, 0xa3, 0x23, 0xaa, 0x92, 0x6b, 0xb8, 0x17, 0x5e, 0x45, 0x4a,
+    0xf5, 0xf8, 0x75, 0x2d, 0x33, 0x64, 0xdc, 0x68, 0xc4, 0x84, 0xa8, 0xf4, 0xff, 0xbd, 0x95, 0x07,
+    0x9f, 0x05, 0x8a, 0x0e, 0x0a, 0x8c, 0x62, 0x5a, 0x0d, 0xe6, 0xa4, 0xd3, 0x22, 0x51, 0xe0, 0x27,
+    0x0b, 0xa0, 0xee, 0x03, 0x83, 0x2e, 0x1d, 0x11, 0x63, 0xf0, 0x67, 0x9f, 0xca, 0xb2, 0x30, 0x6a,
+    0x74, 0x8c, 0x42, 0x14, 0xdb, 0x0b, 0x9c, 0xcc, 0xd1, 0xca, 0xe1, 0x4b, 0x31, 0x54, 0x83, 0xbd,
+    0xe0, 0x29, 0x26, 0x19, 0x52, 0xa9, 0xe3, 0x87, 0xbf, 0xdc, 0x22, 0x07, 0xd9, 0xb7, 0x53, 0xf0,
+    0xa0, 0xb5, 0x7f, 0x52, 0xa9, 0x18, 0x23, 0xa8, 0x80, 0x0e, 0xf9, 0x05, 0x48, 0x4f, 0x69, 0xfd,
+    0x34, 0x10, 0x1b, 0x5f, 0x20, 0xba, 0x5c, 0xe3, 0xee, 0x18, 0x3a, 0x49, 0xa0, 0xac, 0xb9, 0xb0,
+    0x4b, 0x3c, 0xb7, 0x48, 0x78, 0x9f, 0xdd, 0x3e, 0x5c, 0x22, 0xbc, 0x9d, 0x5b, 0x4a, 0x0a, 0x67,
+    0xdf, 0x99, 0xd3, 0x45, 0xf1, 0x3d, 0xa2, 0x75, 0x32, 0x34, 0x7f, 0xd1, 0xb3, 0xa9, 0xda, 0x2a,
+    0xb5, 0x64, 0x2c, 0x66, 0xc8, 0xd5, 0x1c, 0x47, 0xfb, 0x56, 0x73, 0xf6, 0x6e, 0x45, 0xaf, 0x0a,
+    0x21, 0xc1, 0x48, 0x6b, 0x41, 0x77, 0x63, 0x0c, 0x95, 0x40, 0xb0, 0xba, 0x86, 0xa6, 0x7f, 0x47,
+    0x5e, 0xed, 0xe4, 0x7c, 0x19, 0x52, 0xe2, 0xd1, 0x27, 0x7a, 0x36, 0x6e, 0x7d, 0x40, 0xcc, 0x90,
+    0xca, 0x48, 0x80, 0x71, 0x90, 0xf0, 0x9d, 0x9a, 0x49, 0x6c, 0xf5, 0x22, 0x95, 0xa3, 0x1c, 0xdd,
+  },
+  { /* 2 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x20, 0x3c, 0x48, 0xf8, 0x48, 0x48, 0xc8, 0x8e, 0x2a, 0xf5, 0x02, 0xdd, 0x14, 0x30, 0x44, 0x8e,
+    0x40, 0x78, 0x90, 0x33, 0x90, 0x90, 0x53, 0xdf, 0x54, 0x29, 0x04, 0x79, 0x28, 0x60, 0x88, 0xdf,
+    0x60, 0x44, 0xd8, 0xcb, 0xd8, 0xd8, 0x9b, 0x51, 0x7e, 0xdc, 0x06, 0xa4, 0x3c, 0x50, 0xcc, 0x51,
+    0x80, 0xf0, 0xe3, 0x66, 0xe3, 0xe3, 0xa6, 0x7d, 0xa8, 0x52, 0x08, 0xf2, 0x50, 0xc0, 0xd3, 0x7d,
+    0xa0, 0xcc, 0xab, 0x9e, 0xab, 0xab, 0x6e, 0xf3, 0x82, 0xa7, 0x0a, 0x2f, 0x44, 0xf0, 0x97, 0xf3,
+    0xc0, 0x88, 0x73, 0x55, 0x73, 0x73, 0xf5, 0xa2, 0xfc, 0x7b, 0x0c, 0x8b, 0x78, 0xa0, 0x5b, 0xa2,
+    0xe0, 0xb4, 0x3b, 0xad, 0x3b, 0x3b, 0x3d, 0x2c, 0xd6, 0x8e, 0x0e, 0x56, 0x6c, 0x90, 0x1f, 0x2c,
+    0xc3, 0x23, 0x05, 0xcc, 0x05, 0x05, 0x8f, 0xfa, 0x93, 0xa4, 0x10, 0x27, 0xa0, 0x43, 0x65, 0xfa,
+    0xe3, 0x1f, 0x4d, 0x34, 0x4d, 0x4d, 0x47, 0x74, 0xb9, 0x51, 0x12, 0xfa, 0xb4, 0x73, 0x21, 0x74,
+    0x83, 0x5b, 0x95, 0xff, 0x95, 0x95, 0xdc, 0x25, 0xc7, 0x8d, 0x14, 0x5e, 0x88, 0x23, 0xed, 0x25,
+    0xa3, 0x67, 0xdd, 0x07, 0xdd, 0xdd, 0x14, 0xab, 0xed, 0x78, 0x16, 0x83, 0x9c, 0x13, 0xa9, 0xab,
+    0x43, 0xd3, 0xe6, 0xaa, 0xe6, 0xe6, 0x29, 0x87, 0x3b, 0xf6, 0x18, 0xd5, 0xf0, 0x83, 0xb6, 0x87,
+    0x63, 0xef, 0xae, 0x52, 0xae, 0xae, 0xe1, 0x09, 0x11, 0x03, 0x1a, 0x08, 0xe4, 0xb3, 0xf2, 0x09,
+    0x03, 0xab, 0x76, 0x99, 0x76, 0x76, 0x7a, 0x58, 0x6f, 0xdf, 0x1c, 0xac, 0xd8, 0xe3, 0x3e, 0x58,
+    0x23, 0x97, 0x3e, 0x61, 0x3e, 0x3e, 0xb2, 0xd6, 0x45, 0x2a, 0x1e, 0x71, 0xcc, 0xd3, 0x7a, 0xd6,
+    0x45, 0x46, 0x0a, 0x5b, 0x0a, 0x0a, 0xdd, 0x37, 0xe5, 0x8b, 0x20, 0x4e, 0x83, 0x86, 0xca, 0x37,
+    0x65, 0x7a, 0x42, 0xa3, 0x42, 0x42, 0x15, 0xb9, 0xcf, 0x7e, 0x22, 0x93, 0x97, 0xb6, 0x8e, 0xb9,
+    0x05, 0x3e, 0x9a, 0x68, 0x9a, 0x9a, 0x8e, 0xe8, 0xb1, 0xa2, 0x24, 0x37, 0xab, 0xe6, 0x42, 0xe8,
+    0x25, 0x02, 0xd2, 0x90, 0xd2, 0xd2, 0x46, 0x66, 0x9b, 0x57, 0x26, 0xea, 0xbf, 0xd6, 0x06, 0x66,
+    0xc5, 0xb6, 0xe9, 0x3d, 0xe9, 0xe9, 0x7b, 0x4a, 0x4d, 0xd9, 0x28, 0xbc, 0xd3, 0x46, 0x19, 0x4a,
+    0xe5, 0x8a, 0xa1, 0xc5, 0xa1, 0xa1, 0xb3, 0xc4, 0x67, 0x2c, 0x2a, 0x61, 0xc7, 0x76, 0x5d, 0xc4,
+    0x85, 0xce, 0x79, 0x0e, 0x79, 0x79, 0x28, 0x95, 0x19, 0xf0, 0x2c, 0xc5, 0xfb, 0x26, 0x91, 0x95,
+    0xa5, 0xf2, 0x31, 0xf6, 0x31, 0x31, 0xe0, 0x1b, 0x33, 0x05, 0x2e, 0x18, 0xef, 0x16, 0xd5, 0x1b,
+    0x86, 0x65, 0x0f, 0x97, 0x0f, 0x0f, 0x52, 0xcd, 0x76, 0x2f, 0x30, 0x69, 0x23, 0xc5, 0xaf, 0xcd,
+    0xa6, 0x59, 0x47, 0x6f, 0x47, 0x47, 0x9a, 0x43, 0x5c, 0xda, 0x32, 0xb4, 0x37, 0xf5, 0xeb, 0x43,
+    0xc6, 0x1d, 0x9f, 0xa4, 0x9f, 0x9f, 0x01, 0x12, 0x22, 0x06, 0x34, 0x10, 0x0b, 0xa5, 0x27, 0x12,
+    0xe6, 0x21, 0xd7, 0x5c, 0xd7, 0xd7, 0xc9, 0x9c, 0x08, 0xf3, 0x36, 0xcd, 0x1f, 0x95, 0x63, 0x9c,
+    0x06, 0x95, 0xec, 0xf1, 0xec, 0xec, 0xf4, 0xb0, 0xde, 0x7d, 0x38, 0x9b, 0x73, 0x05, 0x7c, 0xb0,
+    0x26, 0xa9, 0xa4, 0x09, 0xa4, 0xa4, 0x3c, 0x3e, 0xf4, 0x88, 0x3a, 0x46, 0x67, 0x35, 0x38, 0x3e,
+    0x46, 0xed, 0x7c, 0xc2, 0x7c, 0x7c, 0xa7, 0x6f, 0x8a, 0x54, 0x3c, 0xe2, 0x5b, 0x65, 0xf4, 0x6f,
+    0x66, 0xd1, 0x34, 0x3a, 0x34, 0x34, 0x6f, 0xe1, 0xa0, 0xa1, 0x3e, 0x3f, 0x4f, 0x55, 0xb0, 0xe1,
+    0x8a, 0x8c, 0x14, 0xb6, 0x14, 0x14, 0x79, 0x6e, 0x09, 0xd5, 0x40, 0x9c, 0xc5, 0xcf, 0x57, 0x6e,
+    0xaa, 0xb0, 0x5c, 0x4e, 0x5c, 0x5c, 0xb1, 0xe0, 0x23, 0x20, 0x42, 0x41, 0xd1, 0xff, 0x13, 0xe0,
+    0xca, 0xf4, 0x84, 0x85, 0x84, 0x84, 0x2a, 0xb1, 0x5d, 0xfc, 0x44, 0xe5, 0xed, 0xaf, 0xdf, 0xb1,
+    0xea, 0xc8, 0xcc, 0x7d, 0xcc, 0xcc, 0xe2, 0x3f, 0x77, 0x09, 0x46, 0x38, 0xf9, 0x9f, 0x9b, 0x3f,
+    0x0a, 0x7c, 0xf7, 0xd0, 0xf7, 0xf7, 0xdf, 0x13, 0xa1, 0x87, 0x48, 0x6e, 0x95, 0x0f, 0x84, 0x13,
+    0x2a, 0x40, 0xbf, 0x28, 0xbf, 0xbf, 0x17, 0x9d, 0x8b, 0x72, 0x4a, 0xb3, 0x81, 0x3f, 0xc0, 0x9d,
+    0x4a, 0x04, 0x67, 0xe3, 0x67, 0x67, 0x8c, 0xcc, 0xf5, 0xae, 0x4c, 0x17, 0xbd, 0x6f, 0x0c, 0xcc,
+    0x6a, 0x38, 0x2f, 0x1b, 0x2f, 0x2f, 0x44, 0x42, 0xdf, 0x5b, 0x4e, 0xca, 0xa9, 0x5f, 0x48, 0x42,
+    0x49, 0xaf, 0x11, 0x7a, 0x11, 0x11, 0xf6, 0x94, 0x9a, 0x71, 0x50, 0xbb, 0x65, 0x8c, 0x32, 0x94,
+    0x69, 0x93, 0x59, 0x82, 0x59, 0x59, 0x3e, 0x1a, 0xb0, 0x84, 0x52, 0x66, 0x71, 0xbc, 0x76, 0x1a,
+    0x09, 0xd7, 0x81, 0x49, 0x81, 0x81, 0xa5, 0x4b, 0xce, 0x58, 0x54, 0xc2, 0x4d, 0xec, 0xba, 0x4b,
+    0x29, 0xeb, 0xc9, 0xb1, 0xc9, 0xc9, 0x6d, 0xc5, 0xe4, 0xad, 0x56, 0x1f, 0x59, 0xdc, 0xfe, 0xc5,
+    0xc9, 0x5f, 0xf2, 0x1c, 0xf2, 0xf2, 0x50, 0xe9, 0x32, 0x23, 0x58, 0x49, 0x35, 0x4c, 0xe1, 0xe9,
+    0xe9, 0x63, 0xba, 0xe4, 0xba, 0xba, 0x98, 0x67, 0x18, 0xd6, 0x5a, 0x94, 0x21, 0x7c, 0xa5, 0x67,
+    0x89, 0x27, 0x62, 0x2f, 0x62, 0x62, 0x03, 0x36, 0x66, 0x0a, 0x5c, 0x30, 0x1d, 0x2c, 0x69, 0x36,
+    0xa9, 0x1b, 0x2a, 0xd7, 0x2a, 0x2a, 0xcb, 0xb8, 0x4c, 0xff, 0x5e, 0xed, 0x09, 0x1c, 0x2d, 0xb8,
+    0xcf, 0xca, 0x1e, 0xed, 0x1e, 0x1e, 0xa4, 0x59, 0xec, 0x5e, 0x60, 0xd2, 0x46, 0x49, 0x9d, 0x59,
+    0xef, 0xf6, 0x56, 0x15, 0x56, 0x56, 0x6c, 0xd7, 0xc6, 0xab, 0x62, 0x0f, 0x52, 0x79, 0xd9, 0xd7,
+    0x8f, 0xb2, 0x8e, 0xde, 0x8e, 0x8e, 0xf7, 0x86, 0xb8, 0x77, 0x64, 0xab, 0x6e, 0x29, 0x15, 0x86,
+    0xaf, 0x8e, 0xc6, 0x26, 0xc6, 0xc6, 0x3f, 0x08, 0x92, 0x82, 0x66, 0x76, 0x7a, 0x19, 0x51, 0x08,
+    0x4f, 0x3a, 0xfd, 0x8b, 0xfd, 0xfd, 0x02, 0x24, 0x44, 0x0c, 0x68, 0x20, 0x16, 0x89, 0x4e, 0x24,
+    0x6f, 0x06, 0xb5, 0x73, 0xb5, 0xb5, 0xca, 0xaa, 0x6e, 0xf9, 0x6a, 0xfd, 0x02, 0xb9, 0x0a, 0xaa,
+    0x0f, 0x42, 0x6d, 0xb8, 0x6d, 0x6d, 0x51, 0xfb, 0x10, 0x25, 0x6c, 0x59, 0x3e, 0xe9, 0xc6, 0xfb,
+    0x2f, 0x7e, 0x25, 0x40, 0x25, 0x25, 0x99, 0x75, 0x3a, 0xd0, 0x6e, 0x84, 0x2a, 0xd9, 0x82, 0x75,
+    0x0c, 0xe9, 0x1b, 0x21, 0x1b, 0x1b, 0x2b, 0xa3, 0x7f, 0xfa, 0x70, 0xf5, 0xe6, 0x0a, 0xf8, 0xa3,
+    0x2c, 0xd5, 0x53, 0xd9, 0x53, 0x53, 0xe3, 0x2d, 0x55, 0x0f, 0x72, 0x28, 0xf2, 0x3a, 0xbc, 0x2d,
+    0x4c, 0x91, 0x8b, 0x12, 0x8b, 0x8b, 0x78, 0x7c, 0x2b, 0xd3, 0x74, 0x8c, 0xce, 0x6a, 0x70, 0x7c,
+    0x6c, 0xad, 0xc3, 0xea, 0xc3, 0xc3, 0xb0, 0xf2, 0x01, 0x26, 0x76, 0x51, 0xda, 0x5a, 0x34, 0xf2,
+    0x8c, 0x19, 0xf8, 0x47, 0xf8, 0xf8, 0x8d, 0xde, 0xd7, 0xa8, 0x78, 0x07, 0xb6, 0xca, 0x2b, 0xde,
+    0xac, 0x25, 0xb0, 0xbf, 0xb0, 0xb0, 0x45, 0x50, 0xfd, 0x5d, 0x7a, 0xda, 0xa2, 0xfa, 0x6f, 0x50,
+    0xcc, 0x61, 0x68, 0x74, 0x68, 0x68, 0xde, 0x01, 0x83, 0x81, 0x7c, 0x7e, 0x9e, 0xaa, 0xa3, 0x01,
+    0xec, 0x5d, 0x20, 0x8c, 0x20, 0x20, 0x16, 0x8f, 0xa9, 0x74, 0x7e, 0xa3, 0x8a, 0x9a, 0xe7, 0x8f,
+    0xd7, 0xdb, 0x28, 0xaf, 0x28, 0x28, 0xf2, 0xdc, 0x12, 0x69, 0x80, 0xfb, 0x49, 0x5d, 0xae, 0xdc,
+    0xf7, 0xe7, 0x60, 0x57, 0x60, 0x60, 0x3a, 0x52, 0x38, 0x9c, 0x82, 0x26, 0x5d, 0x6d, 0xea, 0x52,
+    0x97, 0xa3, 0xb8, 0x9c, 0xb8, 0xb8, 0xa1, 0x03, 0x46, 0x40, 0x84, 0x82, 0x61, 0x3d, 0x26, 0x03,
+    0xb7, 0x9f, 0xf0, 0x64, 0xf0, 0xf0, 0x69, 0x8d, 0x6c, 0xb5, 0x86, 0x5f, 0x75, 0x0d, 0x62, 0x8d,
+    0x57, 0x2b, 0xcb, 0xc9, 0xcb, 0xcb, 0x54, 0xa1, 0xba, 0x3b, 0x88, 0x09, 0x19, 0x9d, 0x7d, 0xa1,
+    0x77, 0x17, 0x83, 0x31, 0x83, 0x83, 0x9c, 0x2f, 0x90, 0xce, 0x8a, 0xd4, 0x0d, 0xad, 0x39, 0x2f,
+    0x17, 0x53, 0x5b, 0xfa, 0x5b, 0x5b, 0x07, 0x7e, 0xee, 0x12, 0x8c, 0x70, 0x31, 0xfd, 0xf5, 0x7e,
+    0x37, 0x6f, 0x13, 0x02, 0x13, 0x13, 0xcf, 0xf0, 0xc4, 0xe7, 0x8e, 0xad, 0x25, 0xcd, 0xb1, 0xf0,
+    0x14, 0xf8, 0x2d, 0x63, 0x2d, 0x2d, 0x7d, 0x26, 0x81, 0xcd, 0x90, 0xdc, 0xe9, 0x1e, 0xcb, 0x26,
+    0x34, 0xc4, 0x65, 0x9b, 0x65, 0x65, 0xb5, 0xa8, 0xab, 0x38, 0x92, 0x01, 0xfd, 0x2e, 0x8f, 0xa8,
+    0x54, 0x80, 0xbd, 0x50, 0xbd, 0xbd, 0x2e, 0xf9, 0xd5, 0xe4, 0x94, 0xa5, 0xc1, 0x7e, 0x43, 0xf9,
+    0x74, 0xbc, 0xf5, 0xa8, 0xf5, 0xf5, 0xe6, 0x77, 0xff, 0x11, 0x96, 0x78, 0xd5, 0x4e, 0x07, 0x77,
+    0x94, 0x08, 0xce, 0x05, 0xce, 0xce, 0xdb, 0x5b, 0x29, 0x9f, 0x98, 0x2e, 0xb9, 0xde, 0x18, 0x5b,
+    0xb4, 0x34, 0x86, 0xfd, 0x86, 0x86, 0x13, 0xd5, 0x03, 0x6a, 0x9a, 0xf3, 0xad, 0xee, 0x5c, 0xd5,
+    0xd4, 0x70, 0x5e, 0x36, 0x5e, 0x5e, 0x88, 0x84, 0x7d, 0xb6, 0x9c, 0x57, 0x91, 0xbe, 0x90, 0x84,
+    0xf4, 0x4c, 0x16, 0xce, 0x16, 0x16, 0x40, 0x0a, 0x57, 0x43, 0x9e, 0x8a, 0x85, 0x8e, 0xd4, 0x0a,
+    0x92, 0x9d, 0x22, 0xf4, 0x22, 0x22, 0x2f, 0xeb, 0xf7, 0xe2, 0xa0, 0xb5, 0xca, 0xdb, 0x64, 0xeb,
+    0xb2, 0xa1, 0x6a, 0x0c, 0x6a, 0x6a, 0xe7, 0x65, 0xdd, 0x17, 0xa2, 0x68, 0xde, 0xeb, 0x20, 0x65,
+    0xd2, 0xe5, 0xb2, 0xc7, 0xb2, 0xb2, 0x7c, 0x34, 0xa3, 0xcb, 0xa4, 0xcc, 0xe2, 0xbb, 0xec, 0x34,
+    0xf2, 0xd9, 0xfa, 0x3f, 0xfa, 0xfa, 0xb4, 0xba, 0x89, 0x3e, 0xa6, 0x11, 0xf6, 0x8b, 0xa8, 0xba,
+    0x12, 0x6d, 0xc1, 0x92, 0xc1, 0xc1, 0x89, 0x96, 0x5f, 0xb0, 0xa8, 0x47, 0x9a, 0x1b, 0xb7, 0x96,
+    0x32, 0x51, 0x89, 0x6a, 0x89, 0x89, 0x41, 0x18, 0x75, 0x45, 0xaa, 0x9a, 0x8e, 0x2b, 0xf3, 0x18,
+    0x52, 0x15, 0x51, 0xa1, 0x51, 0x51, 0xda, 0x49, 0x0b, 0x99, 0xac, 0x3e, 0xb2, 0x7b, 0x3f, 0x49,
+    0x72, 0x29, 0x19, 0x59, 0x19, 0x19, 0x12, 0xc7, 0x21, 0x6c, 0xae, 0xe3, 0xa6, 0x4b, 0x7b, 0xc7,
+    0x51, 0xbe, 0x27, 0x38, 0x27, 0x27, 0xa0, 0x11, 0x64, 0x46, 0xb0, 0x92, 0x6a, 0x98, 0x01, 0x11,
+    0x71, 0x82, 0x6f, 0xc0, 0x6f, 0x6f, 0x68, 0x9f, 0x4e, 0xb3, 0xb2, 0x4f, 0x7e, 0xa8, 0x45, 0x9f,
+    0x11, 0xc6, 0xb7, 0x0b, 0xb7, 0xb7, 0xf3, 0xce, 0x30, 0x6f, 0xb4, 0xeb, 0x42, 0xf8, 0x89, 0xce,
+    0x31, 0xfa, 0xff, 0xf3, 0xff, 0xff, 0x3b, 0x40, 0x1a, 0x9a, 0xb6, 0x36, 0x56, 0xc8, 0xcd, 0x40,
+    0xd1, 0x4e, 0xc4, 0x5e, 0xc4, 0xc4, 0x06, 0x6c, 0xcc, 0x14, 0xb8, 0x60, 0x3a, 0x58, 0xd2, 0x6c,
+    0xf1, 0x72, 0x8c, 0xa6, 0x8c, 0x8c, 0xce, 0xe2, 0xe6, 0xe1, 0xba, 0xbd, 0x2e, 0x68, 0x96, 0xe2,
+    0x91, 0x36, 0x54, 0x6d, 0x54, 0x54, 0x55, 0xb3, 0x98, 0x3d, 0xbc, 0x19, 0x12, 0x38, 0x5a, 0xb3,
+    0xb1, 0x0a, 0x1c, 0x95, 0x1c, 0x1c, 0x9d, 0x3d, 0xb2, 0xc8, 0xbe, 0xc4, 0x06, 0x08, 0x1e, 0x3d,
+    0x5d, 0x57, 0x3c, 0x19, 0x3c, 0x3c, 0x8b, 0xb2, 0x1b, 0xbc, 0xc0, 0x67, 0x8c, 0x92, 0xf9, 0xb2,
+    0x7d, 0x6b, 0x74, 0xe1, 0x74, 0x74, 0x43, 0x3c, 0x31, 0x49, 0xc2, 0xba, 0x98, 0xa2, 0xbd, 0x3c,
+    0x1d, 0x2f, 0xac, 0x2a, 0xac, 0xac, 0xd8, 0x6d, 0x4f, 0x95, 0xc4, 0x1e, 0xa4, 0xf2, 0x71, 0x6d,
+    0x3d, 0x13, 0xe4, 0xd2, 0xe4, 0xe4, 0x10, 0xe3, 0x65, 0x60, 0xc6, 0xc3, 0xb0, 0xc2, 0x35, 0xe3,
+    0xdd, 0xa7, 0xdf, 0x7f, 0xdf, 0xdf, 0x2d, 0xcf, 0xb3, 0xee, 0xc8, 0x95, 0xdc, 0x52, 0x2a, 0xcf,
+    0xfd, 0x9b, 0x97, 0x87, 0x97, 0x97, 0xe5, 0x41, 0x99, 0x1b, 0xca, 0x48, 0xc8, 0x62, 0x6e, 0x41,
+    0x9d, 0xdf, 0x4f, 0x4c, 0x4f, 0x4f, 0x7e, 0x10, 0xe7, 0xc7, 0xcc, 0xec, 0xf4, 0x32, 0xa2, 0x10,
+    0xbd, 0xe3, 0x07, 0xb4, 0x07, 0x07, 0xb6, 0x9e, 0xcd, 0x32, 0xce, 0x31, 0xe0, 0x02, 0xe6, 0x9e,
+    0x9e, 0x74, 0x39, 0xd5, 0x39, 0x39, 0x04, 0x48, 0x88, 0x18, 0xd0, 0x40, 0x2c, 0xd1, 0x9c, 0x48,
+    0xbe, 0x48, 0x71, 0x2d, 0x71, 0x71, 0xcc, 0xc6, 0xa2, 0xed, 0xd2, 0x9d, 0x38, 0xe1, 0xd8, 0xc6,
+    0xde, 0x0c, 0xa9, 0xe6, 0xa9, 0xa9, 0x57, 0x97, 0xdc, 0x31, 0xd4, 0x39, 0x04, 0xb1, 0x14, 0x97,
+    0xfe, 0x30, 0xe1, 0x1e, 0xe1, 0xe1, 0x9f, 0x19, 0xf6, 0xc4, 0xd6, 0xe4, 0x10, 0x81, 0x50, 0x19,
+    0x1e, 0x84, 0xda, 0xb3, 0xda, 0xda, 0xa2, 0x35, 0x20, 0x4a, 0xd8, 0xb2, 0x7c, 0x11, 0x4f, 0x35,
+    0x3e, 0xb8, 0x92, 0x4b, 0x92, 0x92, 0x6a, 0xbb, 0x0a, 0xbf, 0xda, 0x6f, 0x68, 0x21, 0x0b, 0xbb,
+    0x5e, 0xfc, 0x4a, 0x80, 0x4a, 0x4a, 0xf1, 0xea, 0x74, 0x63, 0xdc, 0xcb, 0x54, 0x71, 0xc7, 0xea,
+    0x7e, 0xc0, 0x02, 0x78, 0x02, 0x02, 0x39, 0x64, 0x5e, 0x96, 0xde, 0x16, 0x40, 0x41, 0x83, 0x64,
+    0x18, 0x11, 0x36, 0x42, 0x36, 0x36, 0x56, 0x85, 0xfe, 0x37, 0xe0, 0x29, 0x0f, 0x14, 0x33, 0x85,
+    0x38, 0x2d, 0x7e, 0xba, 0x7e, 0x7e, 0x9e, 0x0b, 0xd4, 0xc2, 0xe2, 0xf4, 0x1b, 0x24, 0x77, 0x0b,
+    0x58, 0x69, 0xa6, 0x71, 0xa6, 0xa6, 0x05, 0x5a, 0xaa, 0x1e, 0xe4, 0x50, 0x27, 0x74, 0xbb, 0x5a,
+    0x78, 0x55, 0xee, 0x89, 0xee, 0xee, 0xcd, 0xd4, 0x80, 0xeb, 0xe6, 0x8d, 0x33, 0x44, 0xff, 0xd4,
+    0x98, 0xe1, 0xd5, 0x24, 0xd5, 0xd5, 0xf0, 0xf8, 0x56, 0x65, 0xe8, 0xdb, 0x5f, 0xd4, 0xe0, 0xf8,
+    0xb8, 0xdd, 0x9d, 0xdc, 0x9d, 0x9d, 0x38, 0x76, 0x7c, 0x90, 0xea, 0x06, 0x4b, 0xe4, 0xa4, 0x76,
+    0xd8, 0x99, 0x45, 0x17, 0x45, 0x45, 0xa3, 0x27, 0x02, 0x4c, 0xec, 0xa2, 0x77, 0xb4, 0x68, 0x27,
+    0xf8, 0xa5, 0x0d, 0xef, 0x0d, 0x0d, 0x6b, 0xa9, 0x28, 0xb9, 0xee, 0x7f, 0x63, 0x84, 0x2c, 0xa9,
+    0xdb, 0x32, 0x33, 0x8e, 0x33, 0x33, 0xd9, 0x7f, 0x6d, 0x93, 0xf0, 0x0e, 0xaf, 0x57, 0x56, 0x7f,
+    0xfb, 0x0e, 0x7b, 0x76, 0x7b, 0x7b, 0x11, 0xf1, 0x47, 0x66, 0xf2, 0xd3, 0xbb, 0x67, 0x12, 0xf1,
+    0x9b, 0x4a, 0xa3, 0xbd, 0xa3, 0xa3, 0x8a, 0xa0, 0x39, 0xba, 0xf4, 0x77, 0x87, 0x37, 0xde, 0xa0,
+    0xbb, 0x76, 0xeb, 0x45, 0xeb, 0xeb, 0x42, 0x2e, 0x13, 0x4f, 0xf6, 0xaa, 0x93, 0x07, 0x9a, 0x2e,
+    0x5b, 0xc2, 0xd0, 0xe8, 0xd0, 0xd0, 0x7f, 0x02, 0xc5, 0xc1, 0xf8, 0xfc, 0xff, 0x97, 0x85, 0x02,
+    0x7b, 0xfe, 0x98, 0x10, 0x98, 0x98, 0xb7, 0x8c, 0xef, 0x34, 0xfa, 0x21, 0xeb, 0xa7, 0xc1, 0x8c,
+    0x1b, 0xba, 0x40, 0xdb, 0x40, 0x40, 0x2c, 0xdd, 0x91, 0xe8, 0xfc, 0x85, 0xd7, 0xf7, 0x0d, 0xdd,
+    0x3b, 0x86, 0x08, 0x23, 0x08, 0x08, 0xe4, 0x53, 0xbb, 0x1d, 0xfe, 0x58, 0xc3, 0xc7, 0x49, 0x53,
+    0x6d, 0x75, 0x50, 0x9d, 0x50, 0x50, 0x27, 0x7b, 0x24, 0xd2, 0xc3, 0x35, 0x92, 0xba, 0x9f, 0x7b,
+    0x4d, 0x49, 0x18, 0x65, 0x18, 0x18, 0xef, 0xf5, 0x0e, 0x27, 0xc1, 0xe8, 0x86, 0x8a, 0xdb, 0xf5,
+    0x2d, 0x0d, 0xc0, 0xae, 0xc0, 0xc0, 0x74, 0xa4, 0x70, 0xfb, 0xc7, 0x4c, 0xba, 0xda, 0x17, 0xa4,
+    0x0d, 0x31, 0x88, 0x56, 0x88, 0x88, 0xbc, 0x2a, 0x5a, 0x0e, 0xc5, 0x91, 0xae, 0xea, 0x53, 0x2a,
+    0xed, 0x85, 0xb3, 0xfb, 0xb3, 0xb3, 0x81, 0x06, 0x8c, 0x80, 0xcb, 0xc7, 0xc2, 0x7a, 0x4c, 0x06,
+    0xcd, 0xb9, 0xfb, 0x03, 0xfb, 0xfb, 0x49, 0x88, 0xa6, 0x75, 0xc9, 0x1a, 0xd6, 0x4a, 0x08, 0x88,
+    0xad, 0xfd, 0x23, 0xc8, 0x23, 0x23, 0xd2, 0xd9, 0xd8, 0xa9, 0xcf, 0xbe, 0xea, 0x1a, 0xc4, 0xd9,
+    0x8d, 0xc1, 0x6b, 0x30, 0x6b, 0x6b, 0x1a, 0x57, 0xf2, 0x5c, 0xcd, 0x63, 0xfe, 0x2a, 0x80, 0x57,
+    0xae, 0x56, 0x55, 0x51, 0x55, 0x55, 0xa8, 0x81, 0xb7, 0x76, 0xd3, 0x12, 0x32, 0xf9, 0xfa, 0x81,
+    0x8e, 0x6a, 0x1d, 0xa9, 0x1d, 0x1d, 0x60, 0x0f, 0x9d, 0x83, 0xd1, 0xcf, 0x26, 0xc9, 0xbe, 0x0f,
+    0xee, 0x2e, 0xc5, 0x62, 0xc5, 0xc5, 0xfb, 0x5e, 0xe3, 0x5f, 0xd7, 0x6b, 0x1a, 0x99, 0x72, 0x5e,
+    0xce, 0x12, 0x8d, 0x9a, 0x8d, 0x8d, 0x33, 0xd0, 0xc9, 0xaa, 0xd5, 0xb6, 0x0e, 0xa9, 0x36, 0xd0,
+    0x2e, 0xa6, 0xb6, 0x37, 0xb6, 0xb6, 0x0e, 0xfc, 0x1f, 0x24, 0xdb, 0xe0, 0x62, 0x39, 0x29, 0xfc,
+    0x0e, 0x9a, 0xfe, 0xcf, 0xfe, 0xfe, 0xc6, 0x72, 0x35, 0xd1, 0xd9, 0x3d, 0x76, 0x09, 0x6d, 0x72,
+    0x6e, 0xde, 0x26, 0x04, 0x26, 0x26, 0x5d, 0x23, 0x4b, 0x0d, 0xdf, 0x99, 0x4a, 0x59, 0xa1, 0x23,
+    0x4e, 0xe2, 0x6e, 0xfc, 0x6e, 0x6e, 0x95, 0xad, 0x61, 0xf8, 0xdd, 0x44, 0x5e, 0x69, 0xe5, 0xad,
+    0x28, 0x33, 0x5a, 0xc6, 0x5a, 0x5a, 0xfa, 0x4c, 0xc1, 0x59, 0xe3, 0x7b, 0x11, 0x3c, 0x55, 0x4c,
+    0x08, 0x0f, 0x12, 0x3e, 0x12, 0x12, 0x32, 0xc2, 0xeb, 0xac, 0xe1, 0xa6, 0x05, 0x0c, 0x11, 0xc2,
+    0x68, 0x4b, 0xca, 0xf5, 0xca, 0xca, 0xa9, 0x93, 0x95, 0x70, 0xe7, 0x02, 0x39, 0x5c, 0xdd, 0x93,
+    0x48, 0x77, 0x82, 0x0d, 0x82, 0x82, 0x61, 0x1d, 0xbf, 0x85, 0xe5, 0xdf, 0x2d, 0x6c, 0x99, 0x1d,
+    0xa8, 0xc3, 0xb9, 0xa0, 0xb9, 0xb9, 0x5c, 0x31, 0x69, 0x0b, 0xeb, 0x89, 0x41, 0xfc, 0x86, 0x31,
+    0x88, 0xff, 0xf1, 0x58, 0xf1, 0xf1, 0x94, 0xbf, 0x43, 0xfe, 0xe9, 0x54, 0x55, 0xcc, 0xc2, 0xbf,
+    0xe8, 0xbb, 0x29, 0x93, 0x29, 0x29, 0x0f, 0xee, 0x3d, 0x22, 0xef, 0xf0, 0x69, 0x9c, 0x0e, 0xee,
+    0xc8, 0x87, 0x61, 0x6b, 0x61, 0x61, 0xc7, 0x60, 0x17, 0xd7, 0xed, 0x2d, 0x7d, 0xac, 0x4a, 0x60,
+    0xeb, 0x10, 0x5f, 0x0a, 0x5f, 0x5f, 0x75, 0xb6, 0x52, 0xfd, 0xf3, 0x5c, 0xb1, 0x7f, 0x30, 0xb6,
+    0xcb, 0x2c, 0x17, 0xf2, 0x17, 0x17, 0xbd, 0x38, 0x78, 0x08, 0xf1, 0x81, 0xa5, 0x4f, 0x74, 0x38,
+    0xab, 0x68, 0xcf, 0x39, 0xcf, 0xcf, 0x26, 0x69, 0x06, 0xd4, 0xf7, 0x25, 0x99, 0x1f, 0xb8, 0x69,
+    0x8b, 0x54, 0x87, 0xc1, 0x87, 0x87, 0xee, 0xe7, 0x2c, 0x21, 0xf5, 0xf8, 0x8d, 0x2f, 0xfc, 0xe7,
+    0x6b, 0xe0, 0xbc, 0x6c, 0xbc, 0xbc, 0xd3, 0xcb, 0xfa, 0xaf, 0xfb, 0xae, 0xe1, 0xbf, 0xe3, 0xcb,
+    0x4b, 0xdc, 0xf4, 0x94, 0xf4, 0xf4, 0x1b, 0x45, 0xd0, 0x5a, 0xf9, 0x73, 0xf5, 0x8f, 0xa7, 0x45,
+    0x2b, 0x98, 0x2c, 0x5f, 0x2c, 0x2c, 0x80, 0x14, 0xae, 0x86, 0xff, 0xd7, 0xc9, 0xdf, 0x6b, 0x14,
+    0x0b, 0xa4, 0x64, 0xa7, 0x64, 0x64, 0x48, 0x9a, 0x84, 0x73, 0xfd, 0x0a, 0xdd, 0xef, 0x2f, 0x9a,
+    0xe7, 0xf9, 0x44, 0x2b, 0x44, 0x44, 0x5e, 0x15, 0x2d, 0x07, 0x83, 0xa9, 0x57, 0x75, 0xc8, 0x15,
+    0xc7, 0xc5, 0x0c, 0xd3, 0x0c, 0x0c, 0x96, 0x9b, 0x07, 0xf2, 0x81, 0x74, 0x43, 0x45, 0x8c, 0x9b,
+    0xa7, 0x81, 0xd4, 0x18, 0xd4, 0xd4, 0x0d, 0xca, 0x79, 0x2e, 0x87, 0xd0, 0x7f, 0x15, 0x40, 0xca,
+    0x87, 0xbd, 0x9c, 0xe0, 0x9c, 0x9c, 0xc5, 0x44, 0x53, 0xdb, 0x85, 0x0d, 0x6b, 0x25, 0x04, 0x44,
+    0x67, 0x09, 0xa7, 0x4d, 0xa7, 0xa7, 0xf8, 0x68, 0x85, 0x55, 0x8b, 0x5b, 0x07, 0xb5, 0x1b, 0x68,
+    0x47, 0x35, 0xef, 0xb5, 0xef, 0xef, 0x30, 0xe6, 0xaf, 0xa0, 0x89, 0x86, 0x13, 0x85, 0x5f, 0xe6,
+    0x27, 0x71, 0x37, 0x7e, 0x37, 0x37, 0xab, 0xb7, 0xd1, 0x7c, 0x8f, 0x22, 0x2f, 0xd5, 0x93, 0xb7,
+    0x07, 0x4d, 0x7f, 0x86, 0x7f, 0x7f, 0x63, 0x39, 0xfb, 0x89, 0x8d, 0xff, 0x3b, 0xe5, 0xd7, 0x39,
+    0x24, 0xda, 0x41, 0xe7, 0x41, 0x41, 0xd1, 0xef, 0xbe, 0xa3, 0x93, 0x8e, 0xf7, 0x36, 0xad, 0xef,
+    0x04, 0xe6, 0x09, 0x1f, 0x09, 0x09, 0x19, 0x61, 0x94, 0x56, 0x91, 0x53, 0xe3, 0x06, 0xe9, 0x61,
+    0x64, 0xa2, 0xd1, 0xd4, 0xd1, 0xd1, 0x82, 0x30, 0xea, 0x8a, 0x97, 0xf7, 0xdf, 0x56, 0x25, 0x30,
+    0x44, 0x9e, 0x99, 0x2c, 0x99, 0x99, 0x4a, 0xbe, 0xc0, 0x7f, 0x95, 0x2a, 0xcb, 0x66, 0x61, 0xbe,
+    0xa4, 0x2a, 0xa2, 0x81, 0xa2, 0xa2, 0x77, 0x92, 0x16, 0xf1, 0x9b, 0x7c, 0xa7, 0xf6, 0x7e, 0x92,
+    0x84, 0x16, 0xea, 0x79, 0xea, 0xea, 0xbf, 0x1c, 0x3c, 0x04, 0x99, 0xa1, 0xb3, 0xc6, 0x3a, 0x1c,
+    0xe4, 0x52, 0x32, 0xb2, 0x32, 0x32, 0x24, 0x4d, 0x42, 0xd8, 0x9f, 0x05, 0x8f, 0x96, 0xf6, 0x4d,
+    0xc4, 0x6e, 0x7a, 0x4a, 0x7a, 0x7a, 0xec, 0xc3, 0x68, 0x2d, 0x9d, 0xd8, 0x9b, 0xa6, 0xb2, 0xc3,
+    0xa2, 0xbf, 0x4e, 0x70, 0x4e, 0x4e, 0x83, 0x22, 0xc8, 0x8c, 0xa3, 0xe7, 0xd4, 0xf3, 0x02, 0x22,
+    0x82, 0x83, 0x06, 0x88, 0x06, 0x06, 0x4b, 0xac, 0xe2, 0x79, 0xa1, 0x3a, 0xc0, 0xc3, 0x46, 0xac,
+    0xe2, 0xc7, 0xde, 0x43, 0xde, 0xde, 0xd0, 0xfd, 0x9c, 0xa5, 0xa7, 0x9e, 0xfc, 0x93, 0x8a, 0xfd,
+    0xc2, 0xfb, 0x96, 0xbb, 0x96, 0x96, 0x18, 0x73, 0xb6, 0x50, 0xa5, 0x43, 0xe8, 0xa3, 0xce, 0x73,
+    0x22, 0x4f, 0xad, 0x16, 0xad, 0xad, 0x25, 0x5f, 0x60, 0xde, 0xab, 0x15, 0x84, 0x33, 0xd1, 0x5f,
+    0x02, 0x73, 0xe5, 0xee, 0xe5, 0xe5, 0xed, 0xd1, 0x4a, 0x2b, 0xa9, 0xc8, 0x90, 0x03, 0x95, 0xd1,
+    0x62, 0x37, 0x3d, 0x25, 0x3d, 0x3d, 0x76, 0x80, 0x34, 0xf7, 0xaf, 0x6c, 0xac, 0x53, 0x59, 0x80,
+    0x42, 0x0b, 0x75, 0xdd, 0x75, 0x75, 0xbe, 0x0e, 0x1e, 0x02, 0xad, 0xb1, 0xb8, 0x63, 0x1d, 0x0e,
+    0x61, 0x9c, 0x4b, 0xbc, 0x4b, 0x4b, 0x0c, 0xd8, 0x5b, 0x28, 0xb3, 0xc0, 0x74, 0xb0, 0x67, 0xd8,
+    0x41, 0xa0, 0x03, 0x44, 0x03, 0x03, 0xc4, 0x56, 0x71, 0xdd, 0xb1, 0x1d, 0x60, 0x80, 0x23, 0x56,
+    0x21, 0xe4, 0xdb, 0x8f, 0xdb, 0xdb, 0x5f, 0x07, 0x0f, 0x01, 0xb7, 0xb9, 0x5c, 0xd0, 0xef, 0x07,
+    0x01, 0xd8, 0x93, 0x77, 0x93, 0x93, 0x97, 0x89, 0x25, 0xf4, 0xb5, 0x64, 0x48, 0xe0, 0xab, 0x89,
+    0xe1, 0x6c, 0xa8, 0xda, 0xa8, 0xa8, 0xaa, 0xa5, 0xf3, 0x7a, 0xbb, 0x32, 0x24, 0x70, 0xb4, 0xa5,
+    0xc1, 0x50, 0xe0, 0x22, 0xe0, 0xe0, 0x62, 0x2b, 0xd9, 0x8f, 0xb9, 0xef, 0x30, 0x40, 0xf0, 0x2b,
+    0xa1, 0x14, 0x38, 0xe9, 0x38, 0x38, 0xf9, 0x7a, 0xa7, 0x53, 0xbf, 0x4b, 0x0c, 0x10, 0x3c, 0x7a,
+    0x81, 0x28, 0x70, 0x11, 0x70, 0x70, 0x31, 0xf4, 0x8d, 0xa6, 0xbd, 0x96, 0x18, 0x20, 0x78, 0xf4,
+    0xba, 0xae, 0x78, 0x32, 0x78, 0x78, 0xd5, 0xa7, 0x36, 0xbb, 0x43, 0xce, 0xdb, 0xe7, 0x31, 0xa7,
+    0x9a, 0x92, 0x30, 0xca, 0x30, 0x30, 0x1d, 0x29, 0x1c, 0x4e, 0x41, 0x13, 0xcf, 0xd7, 0x75, 0x29,
+    0xfa, 0xd6, 0xe8, 0x01, 0xe8, 0xe8, 0x86, 0x78, 0x62, 0x92, 0x47, 0xb7, 0xf3, 0x87, 0xb9, 0x78,
+    0xda, 0xea, 0xa0, 0xf9, 0xa0, 0xa0, 0x4e, 0xf6, 0x48, 0x67, 0x45, 0x6a, 0xe7, 0xb7, 0xfd, 0xf6,
+    0x3a, 0x5e, 0x9b, 0x54, 0x9b, 0x9b, 0x73, 0xda, 0x9e, 0xe9, 0x4b, 0x3c, 0x8b, 0x27, 0xe2, 0xda,
+    0x1a, 0x62, 0xd3, 0xac, 0xd3, 0xd3, 0xbb, 0x54, 0xb4, 0x1c, 0x49, 0xe1, 0x9f, 0x17, 0xa6, 0x54,
+    0x7a, 0x26, 0x0b, 0x67, 0x0b, 0x0b, 0x20, 0x05, 0xca, 0xc0, 0x4f, 0x45, 0xa3, 0x47, 0x6a, 0x05,
+    0x5a, 0x1a, 0x43, 0x9f, 0x43, 0x43, 0xe8, 0x8b, 0xe0, 0x35, 0x4d, 0x98, 0xb7, 0x77, 0x2e, 0x8b,
+    0x79, 0x8d, 0x7d, 0xfe, 0x7d, 0x7d, 0x5a, 0x5d, 0xa5, 0x1f, 0x53, 0xe9, 0x7b, 0xa4, 0x54, 0x5d,
+    0x59, 0xb1, 0x35, 0x06, 0x35, 0x35, 0x92, 0xd3, 0x8f, 0xea, 0x51, 0x34, 0x6f, 0x94, 0x10, 0xd3,
+    0x39, 0xf5, 0xed, 0xcd, 0xed, 0xed, 0x09, 0x82, 0xf1, 0x36, 0x57, 0x90, 0x53, 0xc4, 0xdc, 0x82,
+    0x19, 0xc9, 0xa5, 0x35, 0xa5, 0xa5, 0xc1, 0x0c, 0xdb, 0xc3, 0x55, 0x4d, 0x47, 0xf4, 0x98, 0x0c,
+    0xf9, 0x7d, 0x9e, 0x98, 0x9e, 0x9e, 0xfc, 0x20, 0x0d, 0x4d, 0x5b, 0x1b, 0x2b, 0x64, 0x87, 0x20,
+    0xd9, 0x41, 0xd6, 0x60, 0xd6, 0xd6, 0x34, 0xae, 0x27, 0xb8, 0x59, 0xc6, 0x3f, 0x54, 0xc3, 0xae,
+    0xb9, 0x05, 0x0e, 0xab, 0x0e, 0x0e, 0xaf, 0xff, 0x59, 0x64, 0x5f, 0x62, 0x03, 0x04, 0x0f, 0xff,
+    0x99, 0x39, 0x46, 0x53, 0x46, 0x46, 0x67, 0x71, 0x73, 0x91, 0x5d, 0xbf, 0x17, 0x34, 0x4b, 0x71,
+    0xff, 0xe8, 0x72, 0x69, 0x72, 0x72, 0x08, 0x90, 0xd3, 0x30, 0x63, 0x80, 0x58, 0x61, 0xfb, 0x90,
+    0xdf, 0xd4, 0x3a, 0x91, 0x3a, 0x3a, 0xc0, 0x1e, 0xf9, 0xc5, 0x61, 0x5d, 0x4c, 0x51, 0xbf, 0x1e,
+    0xbf, 0x90, 0xe2, 0x5a, 0xe2, 0xe2, 0x5b, 0x4f, 0x87, 0x19, 0x67, 0xf9, 0x70, 0x01, 0x73, 0x4f,
+    0x9f, 0xac, 0xaa, 0xa2, 0xaa, 0xaa, 0x93, 0xc1, 0xad, 0xec, 0x65, 0x24, 0x64, 0x31, 0x37, 0xc1,
+    0x7f, 0x18, 0x91, 0x0f, 0x91, 0x91, 0xae, 0xed, 0x7b, 0x62, 0x6b, 0x72, 0x08, 0xa1, 0x28, 0xed,
+    0x5f, 0x24, 0xd9, 0xf7, 0xd9, 0xd9, 0x66, 0x63, 0x51, 0x97, 0x69, 0xaf, 0x1c, 0x91, 0x6c, 0x63,
+    0x3f, 0x60, 0x01, 0x3c, 0x01, 0x01, 0xfd, 0x32, 0x2f, 0x4b, 0x6f, 0x0b, 0x20, 0xc1, 0xa0, 0x32,
+    0x1f, 0x5c, 0x49, 0xc4, 0x49, 0x49, 0x35, 0xbc, 0x05, 0xbe, 0x6d, 0xd6, 0x34, 0xf1, 0xe4, 0xbc,
+    0x3c, 0xcb, 0x77, 0xa5, 0x77, 0x77, 0x87, 0x6a, 0x40, 0x94, 0x73, 0xa7, 0xf8, 0x22, 0x9e, 0x6a,
+    0x1c, 0xf7, 0x3f, 0x5d, 0x3f, 0x3f, 0x4f, 0xe4, 0x6a, 0x61, 0x71, 0x7a, 0xec, 0x12, 0xda, 0xe4,
+    0x7c, 0xb3, 0xe7, 0x96, 0xe7, 0xe7, 0xd4, 0xb5, 0x14, 0xbd, 0x77, 0xde, 0xd0, 0x42, 0x16, 0xb5,
+    0x5c, 0x8f, 0xaf, 0x6e, 0xaf, 0xaf, 0x1c, 0x3b, 0x3e, 0x48, 0x75, 0x03, 0xc4, 0x72, 0x52, 0x3b,
+    0xbc, 0x3b, 0x94, 0xc3, 0x94, 0x94, 0x21, 0x17, 0xe8, 0xc6, 0x7b, 0x55, 0xa8, 0xe2, 0x4d, 0x17,
+    0x9c, 0x07, 0xdc, 0x3b, 0xdc, 0xdc, 0xe9, 0x99, 0xc2, 0x33, 0x79, 0x88, 0xbc, 0xd2, 0x09, 0x99,
+    0xfc, 0x43, 0x04, 0xf0, 0x04, 0x04, 0x72, 0xc8, 0xbc, 0xef, 0x7f, 0x2c, 0x80, 0x82, 0xc5, 0xc8,
+    0xdc, 0x7f, 0x4c, 0x08, 0x4c, 0x4c, 0xba, 0x46, 0x96, 0x1a, 0x7d, 0xf1, 0x94, 0xb2, 0x81, 0x46,
+    0x30, 0x22, 0x6c, 0x84, 0x6c, 0x6c, 0xac, 0xc9, 0x3f, 0x6e, 0x03, 0x52, 0x1e, 0x28, 0x66, 0xc9,
+    0x10, 0x1e, 0x24, 0x7c, 0x24, 0x24, 0x64, 0x47, 0x15, 0x9b, 0x01, 0x8f, 0x0a, 0x18, 0x22, 0x47,
+    0x70, 0x5a, 0xfc, 0xb7, 0xfc, 0xfc, 0xff, 0x16, 0x6b, 0x47, 0x07, 0x2b, 0x36, 0x48, 0xee, 0x16,
+    0x50, 0x66, 0xb4, 0x4f, 0xb4, 0xb4, 0x37, 0x98, 0x41, 0xb2, 0x05, 0xf6, 0x22, 0x78, 0xaa, 0x98,
+    0xb0, 0xd2, 0x8f, 0xe2, 0x8f, 0x8f, 0x0a, 0xb4, 0x97, 0x3c, 0x0b, 0xa0, 0x4e, 0xe8, 0xb5, 0xb4,
+    0x90, 0xee, 0xc7, 0x1a, 0xc7, 0xc7, 0xc2, 0x3a, 0xbd, 0xc9, 0x09, 0x7d, 0x5a, 0xd8, 0xf1, 0x3a,
+    0xf0, 0xaa, 0x1f, 0xd1, 0x1f, 0x1f, 0x59, 0x6b, 0xc3, 0x15, 0x0f, 0xd9, 0x66, 0x88, 0x3d, 0x6b,
+    0xd0, 0x96, 0x57, 0x29, 0x57, 0x57, 0x91, 0xe5, 0xe9, 0xe0, 0x0d, 0x04, 0x72, 0xb8, 0x79, 0xe5,
+    0xf3, 0x01, 0x69, 0x48, 0x69, 0x69, 0x23, 0x33, 0xac, 0xca, 0x13, 0x75, 0xbe, 0x6b, 0x03, 0x33,
+    0xd3, 0x3d, 0x21, 0xb0, 0x21, 0x21, 0xeb, 0xbd, 0x86, 0x3f, 0x11, 0xa8, 0xaa, 0x5b, 0x47, 0xbd,
+    0xb3, 0x79, 0xf9, 0x7b, 0xf9, 0xf9, 0x70, 0xec, 0xf8, 0xe3, 0x17, 0x0c, 0x96, 0x0b, 0x8b, 0xec,
+    0x93, 0x45, 0xb1, 0x83, 0xb1, 0xb1, 0xb8, 0x62, 0xd2, 0x16, 0x15, 0xd1, 0x82, 0x3b, 0xcf, 0x62,
+    0x73, 0xf1, 0x8a, 0x2e, 0x8a, 0x8a, 0x85, 0x4e, 0x04, 0x98, 0x1b, 0x87, 0xee, 0xab, 0xd0, 0x4e,
+    0x53, 0xcd, 0xc2, 0xd6, 0xc2, 0xc2, 0x4d, 0xc0, 0x2e, 0x6d, 0x19, 0x5a, 0xfa, 0x9b, 0x94, 0xc0,
+    0x33, 0x89, 0x1a, 0x1d, 0x1a, 0x1a, 0xd6, 0x91, 0x50, 0xb1, 0x1f, 0xfe, 0xc6, 0xcb, 0x58, 0x91,
+    0x13, 0xb5, 0x52, 0xe5, 0x52, 0x52, 0x1e, 0x1f, 0x7a, 0x44, 0x1d, 0x23, 0xd2, 0xfb, 0x1c, 0x1f,
+    0x75, 0x64, 0x66, 0xdf, 0x66, 0x66, 0x71, 0xfe, 0xda, 0xe5, 0x23, 0x1c, 0x9d, 0xae, 0xac, 0xfe,
+    0x55, 0x58, 0x2e, 0x27, 0x2e, 0x2e, 0xb9, 0x70, 0xf0, 0x10, 0x21, 0xc1, 0x89, 0x9e, 0xe8, 0x70,
+    0x35, 0x1c, 0xf6, 0xec, 0xf6, 0xf6, 0x22, 0x21, 0x8e, 0xcc, 0x27, 0x65, 0xb5, 0xce, 0x24, 0x21,
+    0x15, 0x20, 0xbe, 0x14, 0xbe, 0xbe, 0xea, 0xaf, 0xa4, 0x39, 0x25, 0xb8, 0xa1, 0xfe, 0x60, 0xaf,
+    0xf5, 0x94, 0x85, 0xb9, 0x85, 0x85, 0xd7, 0x83, 0x72, 0xb7, 0x2b, 0xee, 0xcd, 0x6e, 0x7f, 0x83,
+    0xd5, 0xa8, 0xcd, 0x41, 0xcd, 0xcd, 0x1f, 0x0d, 0x58, 0x42, 0x29, 0x33, 0xd9, 0x5e, 0x3b, 0x0d,
+    0xb5, 0xec, 0x15, 0x8a, 0x15, 0x15, 0x84, 0x5c, 0x26, 0x9e, 0x2f, 0x97, 0xe5, 0x0e, 0xf7, 0x5c,
+    0x95, 0xd0, 0x5d, 0x72, 0x5d, 0x5d, 0x4c, 0xd2, 0x0c, 0x6b, 0x2d, 0x4a, 0xf1, 0x3e, 0xb3, 0xd2,
+    0xb6, 0x47, 0x63, 0x13, 0x63, 0x63, 0xfe, 0x04, 0x49, 0x41, 0x33, 0x3b, 0x3d, 0xed, 0xc9, 0x04,
+    0x96, 0x7b, 0x2b, 0xeb, 0x2b, 0x2b, 0x36, 0x8a, 0x63, 0xb4, 0x31, 0xe6, 0x29, 0xdd, 0x8d, 0x8a,
+    0xf6, 0x3f, 0xf3, 0x20, 0xf3, 0xf3, 0xad, 0xdb, 0x1d, 0x68, 0x37, 0x42, 0x15, 0x8d, 0x41, 0xdb,
+    0xd6, 0x03, 0xbb, 0xd8, 0xbb, 0xbb, 0x65, 0x55, 0x37, 0x9d, 0x35, 0x9f, 0x01, 0xbd, 0x05, 0x55,
+    0x36, 0xb7, 0x80, 0x75, 0x80, 0x80, 0x58, 0x79, 0xe1, 0x13, 0x3b, 0xc9, 0x6d, 0x2d, 0x1a, 0x79,
+    0x16, 0x8b, 0xc8, 0x8d, 0xc8, 0xc8, 0x90, 0xf7, 0xcb, 0xe6, 0x39, 0x14, 0x79, 0x1d, 0x5e, 0xf7,
+    0x76, 0xcf, 0x10, 0x46, 0x10, 0x10, 0x0b, 0xa6, 0xb5, 0x3a, 0x3f, 0xb0, 0x45, 0x4d, 0x92, 0xa6,
+    0x56, 0xf3, 0x58, 0xbe, 0x58, 0x58, 0xc3, 0x28, 0x9f, 0xcf, 0x3d, 0x6d, 0x51, 0x7d, 0xd6, 0x28,
+  },
+  { /* 3 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x85, 0x44, 0xdf, 0x52, 0x7f, 0xc6, 0x98, 0x60, 0xd4, 0x52, 0x0e, 0x65, 0x07, 0x9f, 0x86, 0xea,
+    0xc9, 0x88, 0x7d, 0xa4, 0xfe, 0x4f, 0xf3, 0xc0, 0x6b, 0xa4, 0x1c, 0xca, 0x0e, 0xfd, 0xcf, 0x17,
+    0x4c, 0xcc, 0xa2, 0xf6, 0x81, 0x89, 0x6b, 0xa0, 0xbf, 0xf6, 0x12, 0xaf, 0x09, 0x62, 0x49, 0xfd,
+    0x51, 0xd3, 0xfa, 0x8b, 0x3f, 0x9e, 0x25, 0x43, 0xd6, 0x8b, 0x38, 0x57, 0x1c, 0x39, 0x5d, 0x2e,
+    0xd4, 0x97, 0x25, 0xd9, 0x40, 0x58, 0xbd, 0x23, 0x02, 0xd9, 0x36, 0x32, 0x1b, 0xa6, 0xdb, 0xc4,
+    0x98, 0x5b, 0x87, 0x2f, 0xc1, 0xd1, 0xd6, 0x83, 0xbd, 0x2f, 0x24, 0x9d, 0x12, 0xc4, 0x92, 0x39,
+    0x1d, 0x1f, 0x58, 0x7d, 0xbe, 0x17, 0x4e, 0xe3, 0x69, 0x7d, 0x2a, 0xf8, 0x15, 0x5b, 0x14, 0xd3,
+    0xa2, 0x65, 0x37, 0xd5, 0x7e, 0xff, 0x4a, 0x86, 0x6f, 0xd5, 0x70, 0xae, 0x38, 0x72, 0xba, 0x5c,
+    0x27, 0x21, 0xe8, 0x87, 0x01, 0x39, 0xd2, 0xe6, 0xbb, 0x87, 0x7e, 0xcb, 0x3f, 0xed, 0x3c, 0xb6,
+    0x6b, 0xed, 0x4a, 0x71, 0x80, 0xb0, 0xb9, 0x46, 0x04, 0x71, 0x6c, 0x64, 0x36, 0x8f, 0x75, 0x4b,
+    0xee, 0xa9, 0x95, 0x23, 0xff, 0x76, 0x21, 0x26, 0xd0, 0x23, 0x62, 0x01, 0x31, 0x10, 0xf3, 0xa1,
+    0xf3, 0xb6, 0xcd, 0x5e, 0x41, 0x61, 0x6f, 0xc5, 0xb9, 0x5e, 0x48, 0xf9, 0x24, 0x4b, 0xe7, 0x72,
+    0x76, 0xf2, 0x12, 0x0c, 0x3e, 0xa7, 0xf7, 0xa5, 0x6d, 0x0c, 0x46, 0x9c, 0x23, 0xd4, 0x61, 0x98,
+    0x3a, 0x3e, 0xb0, 0xfa, 0xbf, 0x2e, 0x9c, 0x05, 0xd2, 0xfa, 0x54, 0x33, 0x2a, 0xb6, 0x28, 0x65,
+    0xbf, 0x7a, 0x6f, 0xa8, 0xc0, 0xe8, 0x04, 0x65, 0x06, 0xa8, 0x5a, 0x56, 0x2d, 0x29, 0xae, 0x8f,
+    0x87, 0xca, 0x6e, 0x69, 0xfc, 0x3d, 0x94, 0xcf, 0xde, 0x69, 0xe0, 0x9f, 0x70, 0xe4, 0xb7, 0xb8,
+    0x02, 0x8e, 0xb1, 0x3b, 0x83, 0xfb, 0x0c, 0xaf, 0x0a, 0x3b, 0xee, 0xfa, 0x77, 0x7b, 0x31, 0x52,
+    0x4e, 0x42, 0x13, 0xcd, 0x02, 0x72, 0x67, 0x0f, 0xb5, 0xcd, 0xfc, 0x55, 0x7e, 0x19, 0x78, 0xaf,
+    0xcb, 0x06, 0xcc, 0x9f, 0x7d, 0xb4, 0xff, 0x6f, 0x61, 0x9f, 0xf2, 0x30, 0x79, 0x86, 0xfe, 0x45,
+    0xd6, 0x19, 0x94, 0xe2, 0xc3, 0xa3, 0xb1, 0x8c, 0x08, 0xe2, 0xd8, 0xc8, 0x6c, 0xdd, 0xea, 0x96,
+    0x53, 0x5d, 0x4b, 0xb0, 0xbc, 0x65, 0x29, 0xec, 0xdc, 0xb0, 0xd6, 0xad, 0x6b, 0x42, 0x6c, 0x7c,
+    0x1f, 0x91, 0xe9, 0x46, 0x3d, 0xec, 0x42, 0x4c, 0x63, 0x46, 0xc4, 0x02, 0x62, 0x20, 0x25, 0x81,
+    0x9a, 0xd5, 0x36, 0x14, 0x42, 0x2a, 0xda, 0x2c, 0xb7, 0x14, 0xca, 0x67, 0x65, 0xbf, 0xa3, 0x6b,
+    0x25, 0xaf, 0x59, 0xbc, 0x82, 0xc2, 0xde, 0x49, 0xb1, 0xbc, 0x90, 0x31, 0x48, 0x96, 0x0d, 0xe4,
+    0xa0, 0xeb, 0x86, 0xee, 0xfd, 0x04, 0x46, 0x29, 0x65, 0xee, 0x9e, 0x54, 0x4f, 0x09, 0x8b, 0x0e,
+    0xec, 0x27, 0x24, 0x18, 0x7c, 0x8d, 0x2d, 0x89, 0xda, 0x18, 0x8c, 0xfb, 0x46, 0x6b, 0xc2, 0xf3,
+    0x69, 0x63, 0xfb, 0x4a, 0x03, 0x4b, 0xb5, 0xe9, 0x0e, 0x4a, 0x82, 0x9e, 0x41, 0xf4, 0x44, 0x19,
+    0x74, 0x7c, 0xa3, 0x37, 0xbd, 0x5c, 0xfb, 0x0a, 0x67, 0x37, 0xa8, 0x66, 0x54, 0xaf, 0x50, 0xca,
+    0xf1, 0x38, 0x7c, 0x65, 0xc2, 0x9a, 0x63, 0x6a, 0xb3, 0x65, 0xa6, 0x03, 0x53, 0x30, 0xd6, 0x20,
+    0xbd, 0xf4, 0xde, 0x93, 0x43, 0x13, 0x08, 0xca, 0x0c, 0x93, 0xb4, 0xac, 0x5a, 0x52, 0x9f, 0xdd,
+    0x38, 0xb0, 0x01, 0xc1, 0x3c, 0xd5, 0x90, 0xaa, 0xd8, 0xc1, 0xba, 0xc9, 0x5d, 0xcd, 0x19, 0x37,
+    0xcd, 0x57, 0xdc, 0xd2, 0x3b, 0x7a, 0xeb, 0x5d, 0x7f, 0xd2, 0x03, 0xfd, 0xe0, 0x0b, 0xad, 0xb3,
+    0x48, 0x13, 0x03, 0x80, 0x44, 0xbc, 0x73, 0x3d, 0xab, 0x80, 0x0d, 0x98, 0xe7, 0x94, 0x2b, 0x59,
+    0x04, 0xdf, 0xa1, 0x76, 0xc5, 0x35, 0x18, 0x9d, 0x14, 0x76, 0x1f, 0x37, 0xee, 0xf6, 0x62, 0xa4,
+    0x81, 0x9b, 0x7e, 0x24, 0xba, 0xf3, 0x80, 0xfd, 0xc0, 0x24, 0x11, 0x52, 0xe9, 0x69, 0xe4, 0x4e,
+    0x9c, 0x84, 0x26, 0x59, 0x04, 0xe4, 0xce, 0x1e, 0xa9, 0x59, 0x3b, 0xaa, 0xfc, 0x32, 0xf0, 0x9d,
+    0x19, 0xc0, 0xf9, 0x0b, 0x7b, 0x22, 0x56, 0x7e, 0x7d, 0x0b, 0x35, 0xcf, 0xfb, 0xad, 0x76, 0x77,
+    0x55, 0x0c, 0x5b, 0xfd, 0xfa, 0xab, 0x3d, 0xde, 0xc2, 0xfd, 0x27, 0x60, 0xf2, 0xcf, 0x3f, 0x8a,
+    0xd0, 0x48, 0x84, 0xaf, 0x85, 0x6d, 0xa5, 0xbe, 0x16, 0xaf, 0x29, 0x05, 0xf5, 0x50, 0xb9, 0x60,
+    0x6f, 0x32, 0xeb, 0x07, 0x45, 0x85, 0xa1, 0xdb, 0x10, 0x07, 0x73, 0x53, 0xd8, 0x79, 0x17, 0xef,
+    0xea, 0x76, 0x34, 0x55, 0x3a, 0x43, 0x39, 0xbb, 0xc4, 0x55, 0x7d, 0x36, 0xdf, 0xe6, 0x91, 0x05,
+    0xa6, 0xba, 0x96, 0xa3, 0xbb, 0xca, 0x52, 0x1b, 0x7b, 0xa3, 0x6f, 0x99, 0xd6, 0x84, 0xd8, 0xf8,
+    0x23, 0xfe, 0x49, 0xf1, 0xc4, 0x0c, 0xca, 0x7b, 0xaf, 0xf1, 0x61, 0xfc, 0xd1, 0x1b, 0x5e, 0x12,
+    0x3e, 0xe1, 0x11, 0x8c, 0x7a, 0x1b, 0x84, 0x98, 0xc6, 0x8c, 0x4b, 0x04, 0xc4, 0x40, 0x4a, 0xc1,
+    0xbb, 0xa5, 0xce, 0xde, 0x05, 0xdd, 0x1c, 0xf8, 0x12, 0xde, 0x45, 0x61, 0xc3, 0xdf, 0xcc, 0x2b,
+    0xf7, 0x69, 0x6c, 0x28, 0x84, 0x54, 0x77, 0x58, 0xad, 0x28, 0x57, 0xce, 0xca, 0xbd, 0x85, 0xd6,
+    0x72, 0x2d, 0xb3, 0x7a, 0xfb, 0x92, 0xef, 0x38, 0x79, 0x7a, 0x59, 0xab, 0xcd, 0x22, 0x03, 0x3c,
+    0x4a, 0x9d, 0xb2, 0xbb, 0xc7, 0x47, 0x7f, 0x92, 0xa1, 0xbb, 0xe3, 0x62, 0x90, 0xef, 0x1a, 0x0b,
+    0xcf, 0xd9, 0x6d, 0xe9, 0xb8, 0x81, 0xe7, 0xf2, 0x75, 0xe9, 0xed, 0x07, 0x97, 0x70, 0x9c, 0xe1,
+    0x83, 0x15, 0xcf, 0x1f, 0x39, 0x08, 0x8c, 0x52, 0xca, 0x1f, 0xff, 0xa8, 0x9e, 0x12, 0xd5, 0x1c,
+    0x06, 0x51, 0x10, 0x4d, 0x46, 0xce, 0x14, 0x32, 0x1e, 0x4d, 0xf1, 0xcd, 0x99, 0x8d, 0x53, 0xf6,
+    0x1b, 0x4e, 0x48, 0x30, 0xf8, 0xd9, 0x5a, 0xd1, 0x77, 0x30, 0xdb, 0x35, 0x8c, 0xd6, 0x47, 0x25,
+    0x9e, 0x0a, 0x97, 0x62, 0x87, 0x1f, 0xc2, 0xb1, 0xa3, 0x62, 0xd5, 0x50, 0x8b, 0x49, 0xc1, 0xcf,
+    0xd2, 0xc6, 0x35, 0x94, 0x06, 0x96, 0xa9, 0x11, 0x1c, 0x94, 0xc7, 0xff, 0x82, 0x2b, 0x88, 0x32,
+    0x57, 0x82, 0xea, 0xc6, 0x79, 0x50, 0x31, 0x71, 0xc8, 0xc6, 0xc9, 0x9a, 0x85, 0xb4, 0x0e, 0xd8,
+    0xe8, 0xf8, 0x85, 0x6e, 0xb9, 0xb8, 0x35, 0x14, 0xce, 0x6e, 0x93, 0xcc, 0xa8, 0x9d, 0xa0, 0x57,
+    0x6d, 0xbc, 0x5a, 0x3c, 0xc6, 0x7e, 0xad, 0x74, 0x1a, 0x3c, 0x9d, 0xa9, 0xaf, 0x02, 0x26, 0xbd,
+    0x21, 0x70, 0xf8, 0xca, 0x47, 0xf7, 0xc6, 0xd4, 0xa5, 0xca, 0x8f, 0x06, 0xa6, 0x60, 0x6f, 0x40,
+    0xa4, 0x34, 0x27, 0x98, 0x38, 0x31, 0x5e, 0xb4, 0x71, 0x98, 0x81, 0x63, 0xa1, 0xff, 0xe9, 0xaa,
+    0xb9, 0x2b, 0x7f, 0xe5, 0x86, 0x26, 0x10, 0x57, 0x18, 0xe5, 0xab, 0x9b, 0xb4, 0xa4, 0xfd, 0x79,
+    0x3c, 0x6f, 0xa0, 0xb7, 0xf9, 0xe0, 0x88, 0x37, 0xcc, 0xb7, 0xa5, 0xfe, 0xb3, 0x3b, 0x7b, 0x93,
+    0x70, 0xa3, 0x02, 0x41, 0x78, 0x69, 0xe3, 0x97, 0x73, 0x41, 0xb7, 0x51, 0xba, 0x59, 0x32, 0x6e,
+    0xf5, 0xe7, 0xdd, 0x13, 0x07, 0xaf, 0x7b, 0xf7, 0xa7, 0x13, 0xb9, 0x34, 0xbd, 0xc6, 0xb4, 0x84,
+    0x59, 0xae, 0x7b, 0x67, 0x76, 0xf4, 0x15, 0xba, 0xfe, 0x67, 0x06, 0x39, 0x03, 0x16, 0x99, 0xa5,
+    0xdc, 0xea, 0xa4, 0x35, 0x09, 0x32, 0x8d, 0xda, 0x2a, 0x35, 0x08, 0x5c, 0x04, 0x89, 0x1f, 0x4f,
+    0x90, 0x26, 0x06, 0xc3, 0x88, 0xbb, 0xe6, 0x7a, 0x95, 0xc3, 0x1a, 0xf3, 0x0d, 0xeb, 0x56, 0xb2,
+    0x15, 0x62, 0xd9, 0x91, 0xf7, 0x7d, 0x7e, 0x1a, 0x41, 0x91, 0x14, 0x96, 0x0a, 0x74, 0xd0, 0x58,
+    0x08, 0x7d, 0x81, 0xec, 0x49, 0x6a, 0x30, 0xf9, 0x28, 0xec, 0x3e, 0x6e, 0x1f, 0x2f, 0xc4, 0x8b,
+    0x8d, 0x39, 0x5e, 0xbe, 0x36, 0xac, 0xa8, 0x99, 0xfc, 0xbe, 0x30, 0x0b, 0x18, 0xb0, 0x42, 0x61,
+    0xc1, 0xf5, 0xfc, 0x48, 0xb7, 0x25, 0xc3, 0x39, 0x43, 0x48, 0x22, 0xa4, 0x11, 0xd2, 0x0b, 0x9c,
+    0x44, 0xb1, 0x23, 0x1a, 0xc8, 0xe3, 0x5b, 0x59, 0x97, 0x1a, 0x2c, 0xc1, 0x16, 0x4d, 0x8d, 0x76,
+    0xfb, 0xcb, 0x4c, 0xb2, 0x08, 0x0b, 0x5f, 0x3c, 0x91, 0xb2, 0x76, 0x97, 0x3b, 0x64, 0x23, 0xf9,
+    0x7e, 0x8f, 0x93, 0xe0, 0x77, 0xcd, 0xc7, 0x5c, 0x45, 0xe0, 0x78, 0xf2, 0x3c, 0xfb, 0xa5, 0x13,
+    0x32, 0x43, 0x31, 0x16, 0xf6, 0x44, 0xac, 0xfc, 0xfa, 0x16, 0x6a, 0x5d, 0x35, 0x99, 0xec, 0xee,
+    0xb7, 0x07, 0xee, 0x44, 0x89, 0x82, 0x34, 0x9c, 0x2e, 0x44, 0x64, 0x38, 0x32, 0x06, 0x6a, 0x04,
+    0xaa, 0x18, 0xb6, 0x39, 0x37, 0x95, 0x7a, 0x7f, 0x47, 0x39, 0x4e, 0xc0, 0x27, 0x5d, 0x7e, 0xd7,
+    0x2f, 0x5c, 0x69, 0x6b, 0x48, 0x53, 0xe2, 0x1f, 0x93, 0x6b, 0x40, 0xa5, 0x20, 0xc2, 0xf8, 0x3d,
+    0x63, 0x90, 0xcb, 0x9d, 0xc9, 0xda, 0x89, 0xbf, 0x2c, 0x9d, 0x52, 0x0a, 0x29, 0xa0, 0xb1, 0xc0,
+    0xe6, 0xd4, 0x14, 0xcf, 0xb6, 0x1c, 0x11, 0xdf, 0xf8, 0xcf, 0x5c, 0x6f, 0x2e, 0x3f, 0x37, 0x2a,
+    0xde, 0x64, 0x15, 0x0e, 0x8a, 0xc9, 0x81, 0x75, 0x20, 0x0e, 0xe6, 0xa6, 0x73, 0xf2, 0x2e, 0x1d,
+    0x5b, 0x20, 0xca, 0x5c, 0xf5, 0x0f, 0x19, 0x15, 0xf4, 0x5c, 0xe8, 0xc3, 0x74, 0x6d, 0xa8, 0xf7,
+    0x17, 0xec, 0x68, 0xaa, 0x74, 0x86, 0x72, 0xb5, 0x4b, 0xaa, 0xfa, 0x6c, 0x7d, 0x0f, 0xe1, 0x0a,
+    0x92, 0xa8, 0xb7, 0xf8, 0x0b, 0x40, 0xea, 0xd5, 0x9f, 0xf8, 0xf4, 0x09, 0x7a, 0x90, 0x67, 0xe0,
+    0x8f, 0xb7, 0xef, 0x85, 0xb5, 0x57, 0xa4, 0x36, 0xf6, 0x85, 0xde, 0xf1, 0x6f, 0xcb, 0x73, 0x33,
+    0x0a, 0xf3, 0x30, 0xd7, 0xca, 0x91, 0x3c, 0x56, 0x22, 0xd7, 0xd0, 0x94, 0x68, 0x54, 0xf5, 0xd9,
+    0x46, 0x3f, 0x92, 0x21, 0x4b, 0x18, 0x57, 0xf6, 0x9d, 0x21, 0xc2, 0x3b, 0x61, 0x36, 0xbc, 0x24,
+    0xc3, 0x7b, 0x4d, 0x73, 0x34, 0xde, 0xcf, 0x96, 0x49, 0x73, 0xcc, 0x5e, 0x66, 0xa9, 0x3a, 0xce,
+    0x7c, 0x01, 0x22, 0xdb, 0xf4, 0x36, 0xcb, 0xf3, 0x4f, 0xdb, 0x96, 0x08, 0x4b, 0x80, 0x94, 0x41,
+    0xf9, 0x45, 0xfd, 0x89, 0x8b, 0xf0, 0x53, 0x93, 0x9b, 0x89, 0x98, 0x6d, 0x4c, 0x1f, 0x12, 0xab,
+    0xb5, 0x89, 0x5f, 0x7f, 0x0a, 0x79, 0x38, 0x33, 0x24, 0x7f, 0x8a, 0xc2, 0x45, 0x7d, 0x5b, 0x56,
+    0x30, 0xcd, 0x80, 0x2d, 0x75, 0xbf, 0xa0, 0x53, 0xf0, 0x2d, 0x84, 0xa7, 0x42, 0xe2, 0xdd, 0xbc,
+    0x2d, 0xd2, 0xd8, 0x50, 0xcb, 0xa8, 0xee, 0xb0, 0x99, 0x50, 0xae, 0x5f, 0x57, 0xb9, 0xc9, 0x6f,
+    0xa8, 0x96, 0x07, 0x02, 0xb4, 0x6e, 0x76, 0xd0, 0x4d, 0x02, 0xa0, 0x3a, 0x50, 0x26, 0x4f, 0x85,
+    0xe4, 0x5a, 0xa5, 0xf4, 0x35, 0xe7, 0x1d, 0x70, 0xf2, 0xf4, 0xb2, 0x95, 0x59, 0x44, 0x06, 0x78,
+    0x61, 0x1e, 0x7a, 0xa6, 0x4a, 0x21, 0x85, 0x10, 0x26, 0xa6, 0xbc, 0xf0, 0x5e, 0xdb, 0x80, 0x92,
+    0x94, 0xf9, 0xa7, 0xb5, 0x4d, 0x8e, 0xfe, 0xe7, 0x81, 0xb5, 0x05, 0xc4, 0xe3, 0x1d, 0x34, 0x16,
+    0x11, 0xbd, 0x78, 0xe7, 0x32, 0x48, 0x66, 0x87, 0x55, 0xe7, 0x0b, 0xa1, 0xe4, 0x82, 0xb2, 0xfc,
+    0x5d, 0x71, 0xda, 0x11, 0xb3, 0xc1, 0x0d, 0x27, 0xea, 0x11, 0x19, 0x0e, 0xed, 0xe0, 0xfb, 0x01,
+    0xd8, 0x35, 0x05, 0x43, 0xcc, 0x07, 0x95, 0x47, 0x3e, 0x43, 0x17, 0x6b, 0xea, 0x7f, 0x7d, 0xeb,
+    0xc5, 0x2a, 0x5d, 0x3e, 0x72, 0x10, 0xdb, 0xa4, 0x57, 0x3e, 0x3d, 0x93, 0xff, 0x24, 0x69, 0x38,
+    0x40, 0x6e, 0x82, 0x6c, 0x0d, 0xd6, 0x43, 0xc4, 0x83, 0x6c, 0x33, 0xf6, 0xf8, 0xbb, 0xef, 0xd2,
+    0x0c, 0xa2, 0x20, 0x9a, 0x8c, 0x5f, 0x28, 0x64, 0x3c, 0x9a, 0x21, 0x59, 0xf1, 0xd9, 0xa6, 0x2f,
+    0x89, 0xe6, 0xff, 0xc8, 0xf3, 0x99, 0xb0, 0x04, 0xe8, 0xc8, 0x2f, 0x3c, 0xf6, 0x46, 0x20, 0xc5,
+    0x36, 0x9c, 0x90, 0x60, 0x33, 0x71, 0xb4, 0x61, 0xee, 0x60, 0x75, 0x6a, 0xdb, 0x6f, 0x8e, 0x4a,
+    0xb3, 0xd8, 0x4f, 0x32, 0x4c, 0xb7, 0x2c, 0x01, 0x3a, 0x32, 0x7b, 0x0f, 0xdc, 0xf0, 0x08, 0xa0,
+    0xff, 0x14, 0xed, 0xc4, 0xcd, 0x3e, 0x47, 0xa1, 0x85, 0xc4, 0x69, 0xa0, 0xd5, 0x92, 0x41, 0x5d,
+    0x7a, 0x50, 0x32, 0x96, 0xb2, 0xf8, 0xdf, 0xc1, 0x51, 0x96, 0x67, 0xc5, 0xd2, 0x0d, 0xc7, 0xb7,
+    0x67, 0x4f, 0x6a, 0xeb, 0x0c, 0xef, 0x91, 0x22, 0x38, 0xeb, 0x4d, 0x3d, 0xc7, 0x56, 0xd3, 0x64,
+    0xe2, 0x0b, 0xb5, 0xb9, 0x73, 0x29, 0x09, 0x42, 0xec, 0xb9, 0x43, 0x58, 0xc0, 0xc9, 0x55, 0x8e,
+    0xae, 0xc7, 0x17, 0x4f, 0xf2, 0xa0, 0x62, 0xe2, 0x53, 0x4f, 0x51, 0xf7, 0xc9, 0xab, 0x1c, 0x73,
+    0x2b, 0x83, 0xc8, 0x1d, 0x8d, 0x66, 0xfa, 0x82, 0x87, 0x1d, 0x5f, 0x92, 0xce, 0x34, 0x9a, 0x99,
+    0x13, 0x33, 0xc9, 0xdc, 0xb1, 0xb3, 0x6a, 0x28, 0x5f, 0xdc, 0xe5, 0x5b, 0x93, 0xf9, 0x83, 0xae,
+    0x96, 0x77, 0x16, 0x8e, 0xce, 0x75, 0xf2, 0x48, 0x8b, 0x8e, 0xeb, 0x3e, 0x94, 0x66, 0x05, 0x44,
+    0xda, 0xbb, 0xb4, 0x78, 0x4f, 0xfc, 0x99, 0xe8, 0x34, 0x78, 0xf9, 0x91, 0x9d, 0x04, 0x4c, 0xb9,
+    0x5f, 0xff, 0x6b, 0x2a, 0x30, 0x3a, 0x01, 0x88, 0xe0, 0x2a, 0xf7, 0xf4, 0x9a, 0x9b, 0xca, 0x53,
+    0x42, 0xe0, 0x33, 0x57, 0x8e, 0x2d, 0x4f, 0x6b, 0x89, 0x57, 0xdd, 0x0c, 0x8f, 0xc0, 0xde, 0x80,
+    0xc7, 0xa4, 0xec, 0x05, 0xf1, 0xeb, 0xd7, 0x0b, 0x5d, 0x05, 0xd3, 0x69, 0x88, 0x5f, 0x58, 0x6a,
+    0x8b, 0x68, 0x4e, 0xf3, 0x70, 0x62, 0xbc, 0xab, 0xe2, 0xf3, 0xc1, 0xc6, 0x81, 0x3d, 0x11, 0x97,
+    0x0e, 0x2c, 0x91, 0xa1, 0x0f, 0xa4, 0x24, 0xcb, 0x36, 0xa1, 0xcf, 0xa3, 0x86, 0xa2, 0x97, 0x7d,
+    0xb1, 0x56, 0xfe, 0x09, 0xcf, 0x4c, 0x20, 0xae, 0x30, 0x09, 0x95, 0xf5, 0xab, 0x8b, 0x39, 0xf2,
+    0x34, 0x12, 0x21, 0x5b, 0xb0, 0x8a, 0xb8, 0xce, 0xe4, 0x5b, 0x9b, 0x90, 0xac, 0x14, 0xbf, 0x18,
+    0x78, 0xde, 0x83, 0xad, 0x31, 0x03, 0xd3, 0x6e, 0x5b, 0xad, 0x89, 0x3f, 0xa5, 0x76, 0xf6, 0xe5,
+    0xfd, 0x9a, 0x5c, 0xff, 0x4e, 0xc5, 0x4b, 0x0e, 0x8f, 0xff, 0x87, 0x5a, 0xa2, 0xe9, 0x70, 0x0f,
+    0xe0, 0x85, 0x04, 0x82, 0xf0, 0xd2, 0x05, 0xed, 0xe6, 0x82, 0xad, 0xa2, 0xb7, 0xb2, 0x64, 0xdc,
+    0x65, 0xc1, 0xdb, 0xd0, 0x8f, 0x14, 0x9d, 0x8d, 0x32, 0xd0, 0xa3, 0xc7, 0xb0, 0x2d, 0xe2, 0x36,
+    0x29, 0x0d, 0x79, 0x26, 0x0e, 0x9d, 0xf6, 0x2d, 0x8d, 0x26, 0xb1, 0x68, 0xb9, 0x4f, 0xab, 0xcb,
+    0xac, 0x49, 0xa6, 0x74, 0x71, 0x5b, 0x6e, 0x4d, 0x59, 0x74, 0xbf, 0x0d, 0xbe, 0xd0, 0x2d, 0x21,
+    0xb2, 0x9f, 0xf6, 0xce, 0xec, 0x2b, 0x2a, 0xb7, 0x3f, 0xce, 0x0c, 0x72, 0x06, 0x2c, 0xf1, 0x89,
+    0x37, 0xdb, 0x29, 0x9c, 0x93, 0xed, 0xb2, 0xd7, 0xeb, 0x9c, 0x02, 0x17, 0x01, 0xb3, 0x77, 0x63,
+    0x7b, 0x17, 0x8b, 0x6a, 0x12, 0x64, 0xd9, 0x77, 0x54, 0x6a, 0x10, 0xb8, 0x08, 0xd1, 0x3e, 0x9e,
+    0xfe, 0x53, 0x54, 0x38, 0x6d, 0xa2, 0x41, 0x17, 0x80, 0x38, 0x1e, 0xdd, 0x0f, 0x4e, 0xb8, 0x74,
+    0xe3, 0x4c, 0x0c, 0x45, 0xd3, 0xb5, 0x0f, 0xf4, 0xe9, 0x45, 0x34, 0x25, 0x1a, 0x15, 0xac, 0xa7,
+    0x66, 0x08, 0xd3, 0x17, 0xac, 0x73, 0x97, 0x94, 0x3d, 0x17, 0x3a, 0x40, 0x1d, 0x8a, 0x2a, 0x4d,
+    0x2a, 0xc4, 0x71, 0xe1, 0x2d, 0xfa, 0xfc, 0x34, 0x82, 0xe1, 0x28, 0xef, 0x14, 0xe8, 0x63, 0xb0,
+    0xaf, 0x80, 0xae, 0xb3, 0x52, 0x3c, 0x64, 0x54, 0x56, 0xb3, 0x26, 0x8a, 0x13, 0x77, 0xe5, 0x5a,
+    0x10, 0xfa, 0xc1, 0x1b, 0x92, 0xd4, 0x60, 0x31, 0x50, 0x1b, 0x7c, 0xdc, 0x3e, 0x5e, 0x4b, 0xd5,
+    0x95, 0xbe, 0x1e, 0x49, 0xed, 0x12, 0xf8, 0x51, 0x84, 0x49, 0x72, 0xb9, 0x39, 0xc1, 0xcd, 0x3f,
+    0xd9, 0x72, 0xbc, 0xbf, 0x6c, 0x9b, 0x93, 0xf1, 0x3b, 0xbf, 0x60, 0x16, 0x30, 0xa3, 0x84, 0xc2,
+    0x5c, 0x36, 0x63, 0xed, 0x13, 0x5d, 0x0b, 0x91, 0xef, 0xed, 0x6e, 0x73, 0x37, 0x3c, 0x02, 0x28,
+    0x41, 0x29, 0x3b, 0x90, 0xad, 0x4a, 0x45, 0x72, 0x86, 0x90, 0x44, 0x8b, 0x22, 0x67, 0x16, 0xfb,
+    0xc4, 0x6d, 0xe4, 0xc2, 0xd2, 0x8c, 0xdd, 0x12, 0x52, 0xc2, 0x4a, 0xee, 0x25, 0xf8, 0x90, 0x11,
+    0x88, 0xa1, 0x46, 0x34, 0x53, 0x05, 0xb6, 0xb2, 0xed, 0x34, 0x58, 0x41, 0x2c, 0x9a, 0xd9, 0xec,
+    0x0d, 0xe5, 0x99, 0x66, 0x2c, 0xc3, 0x2e, 0xd2, 0x39, 0x66, 0x56, 0x24, 0x2b, 0x05, 0x5f, 0x06,
+    0x35, 0x55, 0x98, 0xa7, 0x10, 0x16, 0xbe, 0x78, 0xe1, 0xa7, 0xec, 0xed, 0x76, 0xc8, 0x46, 0x31,
+    0xb0, 0x11, 0x47, 0xf5, 0x6f, 0xd0, 0x26, 0x18, 0x35, 0xf5, 0xe2, 0x88, 0x71, 0x57, 0xc0, 0xdb,
+    0xfc, 0xdd, 0xe5, 0x03, 0xee, 0x59, 0x4d, 0xb8, 0x8a, 0x03, 0xf0, 0x27, 0x78, 0x35, 0x89, 0x26,
+    0x79, 0x99, 0x3a, 0x51, 0x91, 0x9f, 0xd5, 0xd8, 0x5e, 0x51, 0xfe, 0x42, 0x7f, 0xaa, 0x0f, 0xcc,
+    0x64, 0x86, 0x62, 0x2c, 0x2f, 0x88, 0x9b, 0x3b, 0x37, 0x2c, 0xd4, 0xba, 0x6a, 0xf1, 0x1b, 0x1f,
+    0xe1, 0xc2, 0xbd, 0x7e, 0x50, 0x4e, 0x03, 0x5b, 0xe3, 0x7e, 0xda, 0xdf, 0x6d, 0x6e, 0x9d, 0xf5,
+    0xad, 0x0e, 0x1f, 0x88, 0xd1, 0xc7, 0x68, 0xfb, 0x5c, 0x88, 0xc8, 0x70, 0x64, 0x0c, 0xd4, 0x08,
+    0x28, 0x4a, 0xc0, 0xda, 0xae, 0x01, 0xf0, 0x9b, 0x88, 0xda, 0xc6, 0x15, 0x63, 0x93, 0x52, 0xe2,
+    0x97, 0x30, 0xaf, 0x72, 0x6e, 0xe9, 0xf4, 0xfe, 0x8e, 0x72, 0x9c, 0x43, 0x4e, 0xba, 0xfc, 0x6d,
+    0x12, 0x74, 0x70, 0x20, 0x11, 0x2f, 0x6c, 0x9e, 0x5a, 0x20, 0x92, 0x26, 0x49, 0x25, 0x7a, 0x87,
+    0x5e, 0xb8, 0xd2, 0xd6, 0x90, 0xa6, 0x07, 0x3e, 0xe5, 0xd6, 0x80, 0x89, 0x40, 0x47, 0x33, 0x7a,
+    0xdb, 0xfc, 0x0d, 0x84, 0xef, 0x60, 0x9f, 0x5e, 0x31, 0x84, 0x8e, 0xec, 0x47, 0xd8, 0xb5, 0x90,
+    0xc6, 0xe3, 0x55, 0xf9, 0x51, 0x77, 0xd1, 0xbd, 0x58, 0xf9, 0xa4, 0x14, 0x52, 0x83, 0xa1, 0x43,
+    0x43, 0xa7, 0x8a, 0xab, 0x2e, 0xb1, 0x49, 0xdd, 0x8c, 0xab, 0xaa, 0x71, 0x55, 0x1c, 0x27, 0xa9,
+    0x0f, 0x6b, 0x28, 0x5d, 0xaf, 0x38, 0x22, 0x7d, 0x33, 0x5d, 0xb8, 0xde, 0x5c, 0x7e, 0x6e, 0x54,
+    0x8a, 0x2f, 0xf7, 0x0f, 0xd0, 0xfe, 0xba, 0x1d, 0xe7, 0x0f, 0xb6, 0xbb, 0x5b, 0xe1, 0xe8, 0xbe,
+    0x7f, 0xc8, 0x2a, 0x1c, 0xd7, 0x51, 0xc1, 0xea, 0x40, 0x1c, 0x0f, 0x8f, 0xe6, 0x27, 0x5c, 0x3a,
+    0xfa, 0x8c, 0xf5, 0x4e, 0xa8, 0x97, 0x59, 0x8a, 0x94, 0x4e, 0x01, 0xea, 0xe1, 0xb8, 0xda, 0xd0,
+    0xb6, 0x40, 0x57, 0xb8, 0x29, 0x1e, 0x32, 0x2a, 0x2b, 0xb8, 0x13, 0x45, 0xe8, 0xda, 0x93, 0x2d,
+    0x33, 0x04, 0x88, 0xea, 0x56, 0xd8, 0xaa, 0x4a, 0xff, 0xea, 0x1d, 0x20, 0xef, 0x45, 0x15, 0xc7,
+    0x2e, 0x1b, 0xd0, 0x97, 0xe8, 0xcf, 0xe4, 0xa9, 0x96, 0x97, 0x37, 0xd8, 0xfa, 0x1e, 0x01, 0x14,
+    0xab, 0x5f, 0x0f, 0xc5, 0x97, 0x09, 0x7c, 0xc9, 0x42, 0xc5, 0x39, 0xbd, 0xfd, 0x81, 0x87, 0xfe,
+    0xe7, 0x93, 0xad, 0x33, 0x16, 0x80, 0x17, 0x69, 0xfd, 0x33, 0x2b, 0x12, 0xf4, 0xe3, 0xce, 0x03,
+    0x62, 0xd7, 0x72, 0x61, 0x69, 0x46, 0x8f, 0x09, 0x29, 0x61, 0x25, 0x77, 0xf3, 0x7c, 0x48, 0xe9,
+    0xdd, 0xad, 0x1d, 0xc9, 0xa9, 0xae, 0x8b, 0x6c, 0x2f, 0xc9, 0x7f, 0x21, 0xde, 0x55, 0xe6, 0x66,
+    0x58, 0xe9, 0xc2, 0x9b, 0xd6, 0x68, 0x13, 0x0c, 0xfb, 0x9b, 0x71, 0x44, 0xd9, 0xca, 0x60, 0x8c,
+    0x14, 0x25, 0x60, 0x6d, 0x57, 0xe1, 0x78, 0xac, 0x44, 0x6d, 0x63, 0xeb, 0xd0, 0xa8, 0x29, 0x71,
+    0x91, 0x61, 0xbf, 0x3f, 0x28, 0x27, 0xe0, 0xcc, 0x90, 0x3f, 0x6d, 0x8e, 0xd7, 0x37, 0xaf, 0x9b,
+    0x8c, 0x7e, 0xe7, 0x42, 0x96, 0x30, 0xae, 0x2f, 0xf9, 0x42, 0x47, 0x76, 0xc2, 0x6c, 0xbb, 0x48,
+    0x09, 0x3a, 0x38, 0x10, 0xe9, 0xf6, 0x36, 0x4f, 0x2d, 0x10, 0x49, 0x13, 0xc5, 0xf3, 0x3d, 0xa2,
+    0x45, 0xf6, 0x9a, 0xe6, 0x68, 0x7f, 0x5d, 0xef, 0x92, 0xe6, 0x5b, 0xbc, 0xcc, 0x91, 0x74, 0x5f,
+    0xc0, 0xb2, 0x45, 0xb4, 0x17, 0xb9, 0xc5, 0x8f, 0x46, 0xb4, 0x55, 0xd9, 0xcb, 0x0e, 0xf2, 0xb5,
+    0xf8, 0x02, 0x44, 0x75, 0x2b, 0x6c, 0x55, 0x25, 0x9e, 0x75, 0xef, 0x10, 0x96, 0xc3, 0xeb, 0x82,
+    0x7d, 0x46, 0x9b, 0x27, 0x54, 0xaa, 0xcd, 0x45, 0x4a, 0x27, 0xe1, 0x75, 0x91, 0x5c, 0x6d, 0x68,
+    0x31, 0x8a, 0x39, 0xd1, 0xd5, 0x23, 0xa6, 0xe5, 0xf5, 0xd1, 0xf3, 0xda, 0x98, 0x3e, 0x24, 0x95,
+    0xb4, 0xce, 0xe6, 0x83, 0xaa, 0xe5, 0x3e, 0x85, 0x21, 0x83, 0xfd, 0xbf, 0x9f, 0xa1, 0xa2, 0x7f,
+    0xa9, 0xd1, 0xbe, 0xfe, 0x14, 0xf2, 0x70, 0x66, 0x48, 0xfe, 0xd7, 0x47, 0x8a, 0xfa, 0xb6, 0xac,
+    0x2c, 0x95, 0x61, 0xac, 0x6b, 0x34, 0xe8, 0x06, 0x9c, 0xac, 0xd9, 0x22, 0x8d, 0x65, 0x30, 0x46,
+    0x60, 0x59, 0xc3, 0x5a, 0xea, 0xbd, 0x83, 0xa6, 0x23, 0x5a, 0xcb, 0x8d, 0x84, 0x07, 0x79, 0xbb,
+    0xe5, 0x1d, 0x1c, 0x08, 0x95, 0x7b, 0x1b, 0xc6, 0xf7, 0x08, 0xc5, 0xe8, 0x83, 0x98, 0xff, 0x51,
+    0x5a, 0x67, 0x73, 0xa0, 0x55, 0x93, 0x1f, 0xa3, 0xf1, 0xa0, 0x9f, 0xbe, 0xae, 0xb1, 0x51, 0xde,
+    0xdf, 0x23, 0xac, 0xf2, 0x2a, 0x55, 0x87, 0xc3, 0x25, 0xf2, 0x91, 0xdb, 0xa9, 0x2e, 0xd7, 0x34,
+    0x93, 0xef, 0x0e, 0x04, 0xab, 0xdc, 0xec, 0x63, 0x9a, 0x04, 0x83, 0x74, 0xa0, 0x4c, 0x9e, 0xc9,
+    0x16, 0xab, 0xd1, 0x56, 0xd4, 0x1a, 0x74, 0x03, 0x4e, 0x56, 0x8d, 0x11, 0xa7, 0xd3, 0x18, 0x23,
+    0x0b, 0xb4, 0x89, 0x2b, 0x6a, 0x0d, 0x3a, 0xe0, 0x27, 0x2b, 0xa7, 0xe9, 0xb2, 0x88, 0x0c, 0xf0,
+    0x8e, 0xf0, 0x56, 0x79, 0x15, 0xcb, 0xa2, 0x80, 0xf3, 0x79, 0xa9, 0x8c, 0xb5, 0x17, 0x8a, 0x1a,
+    0xc2, 0x3c, 0xf4, 0x8f, 0x94, 0x42, 0xc9, 0x20, 0x4c, 0x8f, 0xbb, 0x23, 0xbc, 0x75, 0xc3, 0xe7,
+    0x47, 0x78, 0x2b, 0xdd, 0xeb, 0x84, 0x51, 0x40, 0x98, 0xdd, 0xb5, 0x46, 0xbb, 0xea, 0x45, 0x0d,
+    0xeb, 0x31, 0x8d, 0xa9, 0x9a, 0xdf, 0x3f, 0x0d, 0xc1, 0xa9, 0x0a, 0x4b, 0x05, 0x3a, 0x68, 0x2c,
+    0x6e, 0x75, 0x52, 0xfb, 0xe5, 0x19, 0xa7, 0x6d, 0x15, 0xfb, 0x04, 0x2e, 0x02, 0xa5, 0xee, 0xc6,
+    0x22, 0xb9, 0xf0, 0x0d, 0x64, 0x90, 0xcc, 0xcd, 0xaa, 0x0d, 0x16, 0x81, 0x0b, 0xc7, 0xa7, 0x3b,
+    0xa7, 0xfd, 0x2f, 0x5f, 0x1b, 0x56, 0x54, 0xad, 0x7e, 0x5f, 0x18, 0xe4, 0x0c, 0x58, 0x21, 0xd1,
+    0xba, 0xe2, 0x77, 0x22, 0xa5, 0x41, 0x1a, 0x4e, 0x17, 0x22, 0x32, 0x1c, 0x19, 0x03, 0x35, 0x02,
+    0x3f, 0xa6, 0xa8, 0x70, 0xda, 0x87, 0x82, 0x2e, 0xc3, 0x70, 0x3c, 0x79, 0x1e, 0x9c, 0xb3, 0xe8,
+    0x73, 0x6a, 0x0a, 0x86, 0x5b, 0x0e, 0xe9, 0x8e, 0x7c, 0x86, 0x2e, 0xd6, 0x17, 0xfe, 0xfa, 0x15,
+    0xf6, 0x2e, 0xd5, 0xd4, 0x24, 0xc8, 0x71, 0xee, 0xa8, 0xd4, 0x20, 0xb3, 0x10, 0x61, 0x7c, 0xff,
+    0x49, 0x54, 0xba, 0x7c, 0xe4, 0x20, 0x75, 0x8b, 0xae, 0x7c, 0x7a, 0xe5, 0x3d, 0x48, 0xd2, 0x70,
+    0xcc, 0x10, 0x65, 0x2e, 0x9b, 0xe6, 0xed, 0xeb, 0x7a, 0x2e, 0x74, 0x80, 0x3a, 0xd7, 0x54, 0x9a,
+    0x80, 0xdc, 0xc7, 0xd8, 0x1a, 0x6f, 0x86, 0x4b, 0xc5, 0xd8, 0x66, 0x2f, 0x33, 0xb5, 0x1d, 0x67,
+    0x05, 0x98, 0x18, 0x8a, 0x65, 0xa9, 0x1e, 0x2b, 0x11, 0x8a, 0x68, 0x4a, 0x34, 0x2a, 0x9b, 0x8d,
+    0x18, 0x87, 0x40, 0xf7, 0xdb, 0xbe, 0x50, 0xc8, 0x78, 0xf7, 0x42, 0xb2, 0x21, 0x71, 0x8f, 0x5e,
+    0x9d, 0xc3, 0x9f, 0xa5, 0xa4, 0x78, 0xc8, 0xa8, 0xac, 0xa5, 0x4c, 0xd7, 0x26, 0xee, 0x09, 0xb4,
+    0xd1, 0x0f, 0x3d, 0x53, 0x25, 0xf1, 0xa3, 0x08, 0x13, 0x53, 0x5e, 0x78, 0x2f, 0x8c, 0x40, 0x49,
+    0x54, 0x4b, 0xe2, 0x01, 0x5a, 0x37, 0x3b, 0x68, 0xc7, 0x01, 0x50, 0x1d, 0x28, 0x13, 0xc6, 0xa3,
+    0x6c, 0xfb, 0xe3, 0xc0, 0x66, 0xe2, 0xab, 0xc2, 0x1f, 0xc0, 0xea, 0xd4, 0x75, 0xde, 0xdf, 0x94,
+    0xe9, 0xbf, 0x3c, 0x92, 0x19, 0x24, 0x33, 0xa2, 0xcb, 0x92, 0xe4, 0xb1, 0x72, 0x41, 0x59, 0x7e,
+    0xa5, 0x73, 0x9e, 0x64, 0x98, 0xad, 0x58, 0x02, 0x74, 0x64, 0xf6, 0x1e, 0x7b, 0x23, 0x10, 0x83,
+    0x20, 0x37, 0x41, 0x36, 0xe7, 0x6b, 0xc0, 0x62, 0xa0, 0x36, 0xf8, 0x7b, 0x7c, 0xbc, 0x96, 0x69,
+    0x3d, 0x28, 0x19, 0x4b, 0x59, 0x7c, 0x8e, 0x81, 0xc9, 0x4b, 0xd2, 0x83, 0x69, 0xe7, 0x82, 0xba,
+    0xb8, 0x6c, 0xc6, 0x19, 0x26, 0xba, 0x16, 0xe1, 0x1d, 0x19, 0xdc, 0xe6, 0x6e, 0x78, 0x04, 0x50,
+    0xf4, 0xa0, 0x64, 0xef, 0xa7, 0x33, 0x7d, 0x41, 0xa2, 0xef, 0xce, 0x49, 0x67, 0x1a, 0x4d, 0xad,
+    0x71, 0xe4, 0xbb, 0xbd, 0xd8, 0xf5, 0xe5, 0x21, 0x76, 0xbd, 0xc0, 0x2c, 0x60, 0x85, 0xcb, 0x47,
+    0xce, 0x9e, 0xd4, 0x15, 0x18, 0x1d, 0xe1, 0x44, 0x70, 0x15, 0x9a, 0x7a, 0x4d, 0xac, 0x65, 0xc8,
+    0x4b, 0xda, 0x0b, 0x47, 0x67, 0xdb, 0x79, 0x24, 0xa4, 0x47, 0x94, 0x1f, 0x4a, 0x33, 0xe3, 0x22,
+    0x07, 0x16, 0xa9, 0xb1, 0xe6, 0x52, 0x12, 0x84, 0x1b, 0xb1, 0x86, 0xb0, 0x43, 0x51, 0xaa, 0xdf,
+    0x82, 0x52, 0x76, 0xe3, 0x99, 0x94, 0x8a, 0xe4, 0xcf, 0xe3, 0x88, 0xd5, 0x44, 0xce, 0x2c, 0x35,
+    0x9f, 0x4d, 0x2e, 0x9e, 0x27, 0x83, 0xc4, 0x07, 0xa6, 0x9e, 0xa2, 0x2d, 0x51, 0x95, 0x38, 0xe6,
+    0x1a, 0x09, 0xf1, 0xcc, 0x58, 0x45, 0x5c, 0x67, 0x72, 0xcc, 0xac, 0x48, 0x56, 0x0a, 0xbe, 0x0c,
+    0x56, 0xc5, 0x53, 0x3a, 0xd9, 0xcc, 0x37, 0xc7, 0xcd, 0x3a, 0xbe, 0xe7, 0x5f, 0x68, 0xf7, 0xf1,
+    0xd3, 0x81, 0x8c, 0x68, 0xa6, 0x0a, 0xaf, 0xa7, 0x19, 0x68, 0xb0, 0x82, 0x58, 0xf7, 0x71, 0x1b,
+    0x26, 0x66, 0x51, 0x7b, 0xa1, 0xa5, 0xd4, 0x50, 0xbe, 0x7b, 0x09, 0xb6, 0xe5, 0x31, 0xc5, 0x9f,
+    0xa3, 0x22, 0x8e, 0x29, 0xde, 0x63, 0x4c, 0x30, 0x6a, 0x29, 0x07, 0xd3, 0xe2, 0xae, 0x43, 0x75,
+    0xef, 0xee, 0x2c, 0xdf, 0x5f, 0xea, 0x27, 0x90, 0xd5, 0xdf, 0x15, 0x7c, 0xeb, 0xcc, 0x0a, 0x88,
+    0x6a, 0xaa, 0xf3, 0x8d, 0x20, 0x2c, 0xbf, 0xf0, 0x01, 0x8d, 0x1b, 0x19, 0xec, 0x53, 0x8c, 0x62,
+    0x77, 0xb5, 0xab, 0xf0, 0x9e, 0x3b, 0xf1, 0x13, 0x68, 0xf0, 0x31, 0xe1, 0xf9, 0x08, 0x98, 0xb1,
+    0xf2, 0xf1, 0x74, 0xa2, 0xe1, 0xfd, 0x69, 0x73, 0xbc, 0xa2, 0x3f, 0x84, 0xfe, 0x97, 0x1e, 0x5b,
+    0xbe, 0x3d, 0xd6, 0x54, 0x60, 0x74, 0x02, 0xd3, 0x03, 0x54, 0x2d, 0x2b, 0xf7, 0xf5, 0x57, 0xa6,
+    0x3b, 0x79, 0x09, 0x06, 0x1f, 0xb2, 0x9a, 0xb3, 0xd7, 0x06, 0x23, 0x4e, 0xf0, 0x6a, 0xd1, 0x4c,
+    0x84, 0x03, 0x66, 0xae, 0xdf, 0x5a, 0x9e, 0xd6, 0xd1, 0xae, 0x79, 0x18, 0xdd, 0x43, 0x7f, 0xc3,
+    0x01, 0x47, 0xb9, 0xfc, 0xa0, 0x9c, 0x06, 0xb6, 0x05, 0xfc, 0x77, 0x7d, 0xda, 0xdc, 0xf9, 0x29,
+    0x4d, 0x8b, 0x1b, 0x0a, 0x21, 0x15, 0x6d, 0x16, 0xba, 0x0a, 0x65, 0xd2, 0xd3, 0xbe, 0xb0, 0xd4,
+    0xc8, 0xcf, 0xc4, 0x58, 0x5e, 0xd3, 0xf5, 0x76, 0x6e, 0x58, 0x6b, 0xb7, 0xd4, 0x21, 0x36, 0x3e,
+    0xd5, 0xd0, 0x9c, 0x25, 0xe0, 0xc4, 0xbb, 0x95, 0x07, 0x25, 0x41, 0x4f, 0xc1, 0x7a, 0x22, 0xed,
+    0x50, 0x94, 0x43, 0x77, 0x9f, 0x02, 0x23, 0xf5, 0xd3, 0x77, 0x4f, 0x2a, 0xc6, 0xe5, 0xa4, 0x07,
+    0x1c, 0x58, 0xe1, 0x81, 0x1e, 0x8b, 0x48, 0x55, 0x6c, 0x81, 0x5d, 0x85, 0xcf, 0x87, 0xed, 0xfa,
+    0x99, 0x1c, 0x3e, 0xd3, 0x61, 0x4d, 0xd0, 0x35, 0xb8, 0xd3, 0x53, 0xe0, 0xc8, 0x18, 0x6b, 0x10,
+    0xa1, 0xac, 0x3f, 0x12, 0x5d, 0x98, 0x40, 0x9f, 0x60, 0x12, 0xe9, 0x29, 0x95, 0xd5, 0x72, 0x27,
+    0x24, 0xe8, 0xe0, 0x40, 0x22, 0x5e, 0xd8, 0xff, 0xb4, 0x40, 0xe7, 0x4c, 0x92, 0x4a, 0xf4, 0xcd,
+    0x68, 0x24, 0x42, 0xb6, 0xa3, 0xd7, 0xb3, 0x5f, 0x0b, 0xb6, 0xf5, 0xe3, 0x9b, 0x28, 0xbd, 0x30,
+    0xed, 0x60, 0x9d, 0xe4, 0xdc, 0x11, 0x2b, 0x3f, 0xdf, 0xe4, 0xfb, 0x86, 0x9c, 0xb7, 0x3b, 0xda,
+    0xf0, 0x7f, 0xc5, 0x99, 0x62, 0x06, 0x65, 0xdc, 0xb6, 0x99, 0xd1, 0x7e, 0x89, 0xec, 0x2f, 0x09,
+    0x75, 0x3b, 0x1a, 0xcb, 0x1d, 0xc0, 0xfd, 0xbc, 0x62, 0xcb, 0xdf, 0x1b, 0x8e, 0x73, 0xa9, 0xe3,
+    0x39, 0xf7, 0xb8, 0x3d, 0x9c, 0x49, 0x96, 0x1c, 0xdd, 0x3d, 0xcd, 0xb4, 0x87, 0x11, 0xe0, 0x1e,
+    0xbc, 0xb3, 0x67, 0x6f, 0xe3, 0x8f, 0x0e, 0x7c, 0x09, 0x6f, 0xc3, 0xd1, 0x80, 0x8e, 0x66, 0xf4,
+    0x03, 0xc9, 0x08, 0xc7, 0x23, 0x67, 0x0a, 0x19, 0x0f, 0xc7, 0x99, 0x87, 0xad, 0xa7, 0xc8, 0x7b,
+    0x86, 0x8d, 0xd7, 0x95, 0x5c, 0xa1, 0x92, 0x79, 0xdb, 0x95, 0x97, 0xe2, 0xaa, 0x38, 0x4e, 0x91,
+    0xca, 0x41, 0x75, 0x63, 0xdd, 0x28, 0xf9, 0xd9, 0x64, 0x63, 0x85, 0x4d, 0xa3, 0x5a, 0x07, 0x6c,
+    0x4f, 0x05, 0xaa, 0x31, 0xa2, 0xee, 0x61, 0xb9, 0xb0, 0x31, 0x8b, 0x28, 0xa4, 0xc5, 0x81, 0x86,
+    0x52, 0x1a, 0xf2, 0x4c, 0x1c, 0xf9, 0x2f, 0x5a, 0xd9, 0x4c, 0xa1, 0xd0, 0xb1, 0x9e, 0x95, 0x55,
+    0xd7, 0x5e, 0x2d, 0x1e, 0x63, 0x3f, 0xb7, 0x3a, 0x0d, 0x1e, 0xaf, 0xb5, 0xb6, 0x01, 0x13, 0xbf,
+    0x9b, 0x92, 0x8f, 0xe8, 0xe2, 0xb6, 0xdc, 0x9a, 0xb2, 0xe8, 0xbd, 0x1a, 0xbf, 0x63, 0x5a, 0x42,
+    0x1e, 0xd6, 0x50, 0xba, 0x9d, 0x70, 0x44, 0xfa, 0x66, 0xba, 0xb3, 0x7f, 0xb8, 0xfc, 0xdc, 0xa8,
+  },
+  { /* 4 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x10, 0xd1, 0xd3, 0x91, 0x91, 0xfe, 0xf3, 0x01, 0xb1, 0x78, 0x58, 0x01, 0x49, 0x6b, 0x2d, 0xa9,
+    0x20, 0x61, 0x65, 0xe1, 0xe1, 0x3f, 0x25, 0x02, 0xa1, 0xf0, 0xb0, 0x02, 0x92, 0xd6, 0x5a, 0x91,
+    0x30, 0xb0, 0xb6, 0x70, 0x70, 0xc1, 0xd6, 0x03, 0x10, 0x88, 0xe8, 0x03, 0xdb, 0xbd, 0x77, 0x38,
+    0x40, 0xc2, 0xca, 0x01, 0x01, 0x7e, 0x4a, 0x04, 0x81, 0x23, 0xa3, 0x04, 0xe7, 0x6f, 0xb4, 0xe1,
+    0x50, 0x13, 0x19, 0x90, 0x90, 0x80, 0xb9, 0x05, 0x30, 0x5b, 0xfb, 0x05, 0xae, 0x04, 0x99, 0x48,
+    0x60, 0xa3, 0xaf, 0xe0, 0xe0, 0x41, 0x6f, 0x06, 0x20, 0xd3, 0x13, 0x06, 0x75, 0xb9, 0xee, 0x70,
+    0x70, 0x72, 0x7c, 0x71, 0x71, 0xbf, 0x9c, 0x07, 0x91, 0xab, 0x4b, 0x07, 0x3c, 0xd2, 0xc3, 0xd9,
+    0x80, 0x47, 0x57, 0x02, 0x02, 0xfc, 0x94, 0x08, 0xc1, 0x46, 0x85, 0x08, 0x0d, 0xde, 0xab, 0x01,
+    0x90, 0x96, 0x84, 0x93, 0x93, 0x02, 0x67, 0x09, 0x70, 0x3e, 0xdd, 0x09, 0x44, 0xb5, 0x86, 0xa8,
+    0xa0, 0x26, 0x32, 0xe3, 0xe3, 0xc3, 0xb1, 0x0a, 0x60, 0xb6, 0x35, 0x0a, 0x9f, 0x08, 0xf1, 0x90,
+    0xb0, 0xf7, 0xe1, 0x72, 0x72, 0x3d, 0x42, 0x0b, 0xd1, 0xce, 0x6d, 0x0b, 0xd6, 0x63, 0xdc, 0x39,
+    0xc0, 0x85, 0x9d, 0x03, 0x03, 0x82, 0xde, 0x0c, 0x40, 0x65, 0x26, 0x0c, 0xea, 0xb1, 0x1f, 0xe0,
+    0xd0, 0x54, 0x4e, 0x92, 0x92, 0x7c, 0x2d, 0x0d, 0xf1, 0x1d, 0x7e, 0x0d, 0xa3, 0xda, 0x32, 0x49,
+    0xe0, 0xe4, 0xf8, 0xe2, 0xe2, 0xbd, 0xfb, 0x0e, 0xe1, 0x95, 0x96, 0x0e, 0x78, 0x67, 0x45, 0x71,
+    0xf0, 0x35, 0x2b, 0x73, 0x73, 0x43, 0x08, 0x0f, 0x50, 0xed, 0xce, 0x0f, 0x31, 0x0c, 0x68, 0xd8,
+    0xc3, 0x8e, 0xae, 0x04, 0x04, 0x3b, 0xeb, 0x10, 0x41, 0x8c, 0xc9, 0x10, 0x1a, 0x7f, 0x95, 0x02,
+    0xd3, 0x5f, 0x7d, 0x95, 0x95, 0xc5, 0x18, 0x11, 0xf0, 0xf4, 0x91, 0x11, 0x53, 0x14, 0xb8, 0xab,
+    0xe3, 0xef, 0xcb, 0xe5, 0xe5, 0x04, 0xce, 0x12, 0xe0, 0x7c, 0x79, 0x12, 0x88, 0xa9, 0xcf, 0x93,
+    0xf3, 0x3e, 0x18, 0x74, 0x74, 0xfa, 0x3d, 0x13, 0x51, 0x04, 0x21, 0x13, 0xc1, 0xc2, 0xe2, 0x3a,
+    0x83, 0x4c, 0x64, 0x05, 0x05, 0x45, 0xa1, 0x14, 0xc0, 0xaf, 0x6a, 0x14, 0xfd, 0x10, 0x21, 0xe3,
+    0x93, 0x9d, 0xb7, 0x94, 0x94, 0xbb, 0x52, 0x15, 0x71, 0xd7, 0x32, 0x15, 0xb4, 0x7b, 0x0c, 0x4a,
+    0xa3, 0x2d, 0x01, 0xe4, 0xe4, 0x7a, 0x84, 0x16, 0x61, 0x5f, 0xda, 0x16, 0x6f, 0xc6, 0x7b, 0x72,
+    0xb3, 0xfc, 0xd2, 0x75, 0x75, 0x84, 0x77, 0x17, 0xd0, 0x27, 0x82, 0x17, 0x26, 0xad, 0x56, 0xdb,
+    0x43, 0xc9, 0xf9, 0x06, 0x06, 0xc7, 0x7f, 0x18, 0x80, 0xca, 0x4c, 0x18, 0x17, 0xa1, 0x3e, 0x03,
+    0x53, 0x18, 0x2a, 0x97, 0x97, 0x39, 0x8c, 0x19, 0x31, 0xb2, 0x14, 0x19, 0x5e, 0xca, 0x13, 0xaa,
+    0x63, 0xa8, 0x9c, 0xe7, 0xe7, 0xf8, 0x5a, 0x1a, 0x21, 0x3a, 0xfc, 0x1a, 0x85, 0x77, 0x64, 0x92,
+    0x73, 0x79, 0x4f, 0x76, 0x76, 0x06, 0xa9, 0x1b, 0x90, 0x42, 0xa4, 0x1b, 0xcc, 0x1c, 0x49, 0x3b,
+    0x03, 0x0b, 0x33, 0x07, 0x07, 0xb9, 0x35, 0x1c, 0x01, 0xe9, 0xef, 0x1c, 0xf0, 0xce, 0x8a, 0xe2,
+    0x13, 0xda, 0xe0, 0x96, 0x96, 0x47, 0xc6, 0x1d, 0xb0, 0x91, 0xb7, 0x1d, 0xb9, 0xa5, 0xa7, 0x4b,
+    0x23, 0x6a, 0x56, 0xe6, 0xe6, 0x86, 0x10, 0x1e, 0xa0, 0x19, 0x5f, 0x1e, 0x62, 0x18, 0xd0, 0x73,
+    0x33, 0xbb, 0x85, 0x77, 0x77, 0x78, 0xe3, 0x1f, 0x11, 0x61, 0x07, 0x1f, 0x2b, 0x73, 0xfd, 0xda,
+    0x45, 0xdf, 0x9f, 0x08, 0x08, 0x76, 0x15, 0x20, 0x82, 0xdb, 0x51, 0x20, 0x34, 0xfe, 0xe9, 0x04,
+    0x55, 0x0e, 0x4c, 0x99, 0x99, 0x88, 0xe6, 0x21, 0x33, 0xa3, 0x09, 0x21, 0x7d, 0x95, 0xc4, 0xad,
+    0x65, 0xbe, 0xfa, 0xe9, 0xe9, 0x49, 0x30, 0x22, 0x23, 0x2b, 0xe1, 0x22, 0xa6, 0x28, 0xb3, 0x95,
+    0x75, 0x6f, 0x29, 0x78, 0x78, 0xb7, 0xc3, 0x23, 0x92, 0x53, 0xb9, 0x23, 0xef, 0x43, 0x9e, 0x3c,
+    0x05, 0x1d, 0x55, 0x09, 0x09, 0x08, 0x5f, 0x24, 0x03, 0xf8, 0xf2, 0x24, 0xd3, 0x91, 0x5d, 0xe5,
+    0x15, 0xcc, 0x86, 0x98, 0x98, 0xf6, 0xac, 0x25, 0xb2, 0x80, 0xaa, 0x25, 0x9a, 0xfa, 0x70, 0x4c,
+    0x25, 0x7c, 0x30, 0xe8, 0xe8, 0x37, 0x7a, 0x26, 0xa2, 0x08, 0x42, 0x26, 0x41, 0x47, 0x07, 0x74,
+    0x35, 0xad, 0xe3, 0x79, 0x79, 0xc9, 0x89, 0x27, 0x13, 0x70, 0x1a, 0x27, 0x08, 0x2c, 0x2a, 0xdd,
+    0xc5, 0x98, 0xc8, 0x0a, 0x0a, 0x8a, 0x81, 0x28, 0x43, 0x9d, 0xd4, 0x28, 0x39, 0x20, 0x42, 0x05,
+    0xd5, 0x49, 0x1b, 0x9b, 0x9b, 0x74, 0x72, 0x29, 0xf2, 0xe5, 0x8c, 0x29, 0x70, 0x4b, 0x6f, 0xac,
+    0xe5, 0xf9, 0xad, 0xeb, 0xeb, 0xb5, 0xa4, 0x2a, 0xe2, 0x6d, 0x64, 0x2a, 0xab, 0xf6, 0x18, 0x94,
+    0xf5, 0x28, 0x7e, 0x7a, 0x7a, 0x4b, 0x57, 0x2b, 0x53, 0x15, 0x3c, 0x2b, 0xe2, 0x9d, 0x35, 0x3d,
+    0x85, 0x5a, 0x02, 0x0b, 0x0b, 0xf4, 0xcb, 0x2c, 0xc2, 0xbe, 0x77, 0x2c, 0xde, 0x4f, 0xf6, 0xe4,
+    0x95, 0x8b, 0xd1, 0x9a, 0x9a, 0x0a, 0x38, 0x2d, 0x73, 0xc6, 0x2f, 0x2d, 0x97, 0x24, 0xdb, 0x4d,
+    0xa5, 0x3b, 0x67, 0xea, 0xea, 0xcb, 0xee, 0x2e, 0x63, 0x4e, 0xc7, 0x2e, 0x4c, 0x99, 0xac, 0x75,
+    0xb5, 0xea, 0xb4, 0x7b, 0x7b, 0x35, 0x1d, 0x2f, 0xd2, 0x36, 0x9f, 0x2f, 0x05, 0xf2, 0x81, 0xdc,
+    0x86, 0x51, 0x31, 0x0c, 0x0c, 0x4d, 0xfe, 0x30, 0xc3, 0x57, 0x98, 0x30, 0x2e, 0x81, 0x7c, 0x06,
+    0x96, 0x80, 0xe2, 0x9d, 0x9d, 0xb3, 0x0d, 0x31, 0x72, 0x2f, 0xc0, 0x31, 0x67, 0xea, 0x51, 0xaf,
+    0xa6, 0x30, 0x54, 0xed, 0xed, 0x72, 0xdb, 0x32, 0x62, 0xa7, 0x28, 0x32, 0xbc, 0x57, 0x26, 0x97,
+    0xb6, 0xe1, 0x87, 0x7c, 0x7c, 0x8c, 0x28, 0x33, 0xd3, 0xdf, 0x70, 0x33, 0xf5, 0x3c, 0x0b, 0x3e,
+    0xc6, 0x93, 0xfb, 0x0d, 0x0d, 0x33, 0xb4, 0x34, 0x42, 0x74, 0x3b, 0x34, 0xc9, 0xee, 0xc8, 0xe7,
+    0xd6, 0x42, 0x28, 0x9c, 0x9c, 0xcd, 0x47, 0x35, 0xf3, 0x0c, 0x63, 0x35, 0x80, 0x85, 0xe5, 0x4e,
+    0xe6, 0xf2, 0x9e, 0xec, 0xec, 0x0c, 0x91, 0x36, 0xe3, 0x84, 0x8b, 0x36, 0x5b, 0x38, 0x92, 0x76,
+    0xf6, 0x23, 0x4d, 0x7d, 0x7d, 0xf2, 0x62, 0x37, 0x52, 0xfc, 0xd3, 0x37, 0x12, 0x53, 0xbf, 0xdf,
+    0x06, 0x16, 0x66, 0x0e, 0x0e, 0xb1, 0x6a, 0x38, 0x02, 0x11, 0x1d, 0x38, 0x23, 0x5f, 0xd7, 0x07,
+    0x16, 0xc7, 0xb5, 0x9f, 0x9f, 0x4f, 0x99, 0x39, 0xb3, 0x69, 0x45, 0x39, 0x6a, 0x34, 0xfa, 0xae,
+    0x26, 0x77, 0x03, 0xef, 0xef, 0x8e, 0x4f, 0x3a, 0xa3, 0xe1, 0xad, 0x3a, 0xb1, 0x89, 0x8d, 0x96,
+    0x36, 0xa6, 0xd0, 0x7e, 0x7e, 0x70, 0xbc, 0x3b, 0x12, 0x99, 0xf5, 0x3b, 0xf8, 0xe2, 0xa0, 0x3f,
+    0x46, 0xd4, 0xac, 0x0f, 0x0f, 0xcf, 0x20, 0x3c, 0x83, 0x32, 0xbe, 0x3c, 0xc4, 0x30, 0x63, 0xe6,
+    0x56, 0x05, 0x7f, 0x9e, 0x9e, 0x31, 0xd3, 0x3d, 0x32, 0x4a, 0xe6, 0x3d, 0x8d, 0x5b, 0x4e, 0x4f,
+    0x66, 0xb5, 0xc9, 0xee, 0xee, 0xf0, 0x05, 0x3e, 0x22, 0xc2, 0x0e, 0x3e, 0x56, 0xe6, 0x39, 0x77,
+    0x76, 0x64, 0x1a, 0x7f, 0x7f, 0x0e, 0xf6, 0x3f, 0x93, 0xba, 0x56, 0x3f, 0x1f, 0x8d, 0x14, 0xde,
+    0x8a, 0x7d, 0xfd, 0x10, 0x10, 0xec, 0x2a, 0x40, 0xc7, 0x75, 0xa2, 0x40, 0x68, 0x3f, 0x11, 0x08,
+    0x9a, 0xac, 0x2e, 0x81, 0x81, 0x12, 0xd9, 0x41, 0x76, 0x0d, 0xfa, 0x41, 0x21, 0x54, 0x3c, 0xa1,
+    0xaa, 0x1c, 0x98, 0xf1, 0xf1, 0xd3, 0x0f, 0x42, 0x66, 0x85, 0x12, 0x42, 0xfa, 0xe9, 0x4b, 0x99,
+    0xba, 0xcd, 0x4b, 0x60, 0x60, 0x2d, 0xfc, 0x43, 0xd7, 0xfd, 0x4a, 0x43, 0xb3, 0x82, 0x66, 0x30,
+    0xca, 0xbf, 0x37, 0x11, 0x11, 0x92, 0x60, 0x44, 0x46, 0x56, 0x01, 0x44, 0x8f, 0x50, 0xa5, 0xe9,
+    0xda, 0x6e, 0xe4, 0x80, 0x80, 0x6c, 0x93, 0x45, 0xf7, 0x2e, 0x59, 0x45, 0xc6, 0x3b, 0x88, 0x40,
+    0xea, 0xde, 0x52, 0xf0, 0xf0, 0xad, 0x45, 0x46, 0xe7, 0xa6, 0xb1, 0x46, 0x1d, 0x86, 0xff, 0x78,
+    0xfa, 0x0f, 0x81, 0x61, 0x61, 0x53, 0xb6, 0x47, 0x56, 0xde, 0xe9, 0x47, 0x54, 0xed, 0xd2, 0xd1,
+    0x0a, 0x3a, 0xaa, 0x12, 0x12, 0x10, 0xbe, 0x48, 0x06, 0x33, 0x27, 0x48, 0x65, 0xe1, 0xba, 0x09,
+    0x1a, 0xeb, 0x79, 0x83, 0x83, 0xee, 0x4d, 0x49, 0xb7, 0x4b, 0x7f, 0x49, 0x2c, 0x8a, 0x97, 0xa0,
+    0x2a, 0x5b, 0xcf, 0xf3, 0xf3, 0x2f, 0x9b, 0x4a, 0xa7, 0xc3, 0x97, 0x4a, 0xf7, 0x37, 0xe0, 0x98,
+    0x3a, 0x8a, 0x1c, 0x62, 0x62, 0xd1, 0x68, 0x4b, 0x16, 0xbb, 0xcf, 0x4b, 0xbe, 0x5c, 0xcd, 0x31,
+    0x4a, 0xf8, 0x60, 0x13, 0x13, 0x6e, 0xf4, 0x4c, 0x87, 0x10, 0x84, 0x4c, 0x82, 0x8e, 0x0e, 0xe8,
+    0x5a, 0x29, 0xb3, 0x82, 0x82, 0x90, 0x07, 0x4d, 0x36, 0x68, 0xdc, 0x4d, 0xcb, 0xe5, 0x23, 0x41,
+    0x6a, 0x99, 0x05, 0xf2, 0xf2, 0x51, 0xd1, 0x4e, 0x26, 0xe0, 0x34, 0x4e, 0x10, 0x58, 0x54, 0x79,
+    0x7a, 0x48, 0xd6, 0x63, 0x63, 0xaf, 0x22, 0x4f, 0x97, 0x98, 0x6c, 0x4f, 0x59, 0x33, 0x79, 0xd0,
+    0x49, 0xf3, 0x53, 0x14, 0x14, 0xd7, 0xc1, 0x50, 0x86, 0xf9, 0x6b, 0x50, 0x72, 0x40, 0x84, 0x0a,
+    0x59, 0x22, 0x80, 0x85, 0x85, 0x29, 0x32, 0x51, 0x37, 0x81, 0x33, 0x51, 0x3b, 0x2b, 0xa9, 0xa3,
+    0x69, 0x92, 0x36, 0xf5, 0xf5, 0xe8, 0xe4, 0x52, 0x27, 0x09, 0xdb, 0x52, 0xe0, 0x96, 0xde, 0x9b,
+    0x79, 0x43, 0xe5, 0x64, 0x64, 0x16, 0x17, 0x53, 0x96, 0x71, 0x83, 0x53, 0xa9, 0xfd, 0xf3, 0x32,
+    0x09, 0x31, 0x99, 0x15, 0x15, 0xa9, 0x8b, 0x54, 0x07, 0xda, 0xc8, 0x54, 0x95, 0x2f, 0x30, 0xeb,
+    0x19, 0xe0, 0x4a, 0x84, 0x84, 0x57, 0x78, 0x55, 0xb6, 0xa2, 0x90, 0x55, 0xdc, 0x44, 0x1d, 0x42,
+    0x29, 0x50, 0xfc, 0xf4, 0xf4, 0x96, 0xae, 0x56, 0xa6, 0x2a, 0x78, 0x56, 0x07, 0xf9, 0x6a, 0x7a,
+    0x39, 0x81, 0x2f, 0x65, 0x65, 0x68, 0x5d, 0x57, 0x17, 0x52, 0x20, 0x57, 0x4e, 0x92, 0x47, 0xd3,
+    0xc9, 0xb4, 0x04, 0x16, 0x16, 0x2b, 0x55, 0x58, 0x47, 0xbf, 0xee, 0x58, 0x7f, 0x9e, 0x2f, 0x0b,
+    0xd9, 0x65, 0xd7, 0x87, 0x87, 0xd5, 0xa6, 0x59, 0xf6, 0xc7, 0xb6, 0x59, 0x36, 0xf5, 0x02, 0xa2,
+    0xe9, 0xd5, 0x61, 0xf7, 0xf7, 0x14, 0x70, 0x5a, 0xe6, 0x4f, 0x5e, 0x5a, 0xed, 0x48, 0x75, 0x9a,
+    0xf9, 0x04, 0xb2, 0x66, 0x66, 0xea, 0x83, 0x5b, 0x57, 0x37, 0x06, 0x5b, 0xa4, 0x23, 0x58, 0x33,
+    0x89, 0x76, 0xce, 0x17, 0x17, 0x55, 0x1f, 0x5c, 0xc6, 0x9c, 0x4d, 0x5c, 0x98, 0xf1, 0x9b, 0xea,
+    0x99, 0xa7, 0x1d, 0x86, 0x86, 0xab, 0xec, 0x5d, 0x77, 0xe4, 0x15, 0x5d, 0xd1, 0x9a, 0xb6, 0x43,
+    0xa9, 0x17, 0xab, 0xf6, 0xf6, 0x6a, 0x3a, 0x5e, 0x67, 0x6c, 0xfd, 0x5e, 0x0a, 0x27, 0xc1, 0x7b,
+    0xb9, 0xc6, 0x78, 0x67, 0x67, 0x94, 0xc9, 0x5f, 0xd6, 0x14, 0xa5, 0x5f, 0x43, 0x4c, 0xec, 0xd2,
+    0xcf, 0xa2, 0x62, 0x18, 0x18, 0x9a, 0x3f, 0x60, 0x45, 0xae, 0xf3, 0x60, 0x5c, 0xc1, 0xf8, 0x0c,
+    0xdf, 0x73, 0xb1, 0x89, 0x89, 0x64, 0xcc, 0x61, 0xf4, 0xd6, 0xab, 0x61, 0x15, 0xaa, 0xd5, 0xa5,
+    0xef, 0xc3, 0x07, 0xf9, 0xf9, 0xa5, 0x1a, 0x62, 0xe4, 0x5e, 0x43, 0x62, 0xce, 0x17, 0xa2, 0x9d,
+    0xff, 0x12, 0xd4, 0x68, 0x68, 0x5b, 0xe9, 0x63, 0x55, 0x26, 0x1b, 0x63, 0x87, 0x7c, 0x8f, 0x34,
+    0x8f, 0x60, 0xa8, 0x19, 0x19, 0xe4, 0x75, 0x64, 0xc4, 0x8d, 0x50, 0x64, 0xbb, 0xae, 0x4c, 0xed,
+    0x9f, 0xb1, 0x7b, 0x88, 0x88, 0x1a, 0x86, 0x65, 0x75, 0xf5, 0x08, 0x65, 0xf2, 0xc5, 0x61, 0x44,
+    0xaf, 0x01, 0xcd, 0xf8, 0xf8, 0xdb, 0x50, 0x66, 0x65, 0x7d, 0xe0, 0x66, 0x29, 0x78, 0x16, 0x7c,
+    0xbf, 0xd0, 0x1e, 0x69, 0x69, 0x25, 0xa3, 0x67, 0xd4, 0x05, 0xb8, 0x67, 0x60, 0x13, 0x3b, 0xd5,
+    0x4f, 0xe5, 0x35, 0x1a, 0x1a, 0x66, 0xab, 0x68, 0x84, 0xe8, 0x76, 0x68, 0x51, 0x1f, 0x53, 0x0d,
+    0x5f, 0x34, 0xe6, 0x8b, 0x8b, 0x98, 0x58, 0x69, 0x35, 0x90, 0x2e, 0x69, 0x18, 0x74, 0x7e, 0xa4,
+    0x6f, 0x84, 0x50, 0xfb, 0xfb, 0x59, 0x8e, 0x6a, 0x25, 0x18, 0xc6, 0x6a, 0xc3, 0xc9, 0x09, 0x9c,
+    0x7f, 0x55, 0x83, 0x6a, 0x6a, 0xa7, 0x7d, 0x6b, 0x94, 0x60, 0x9e, 0x6b, 0x8a, 0xa2, 0x24, 0x35,
+    0x0f, 0x27, 0xff, 0x1b, 0x1b, 0x18, 0xe1, 0x6c, 0x05, 0xcb, 0xd5, 0x6c, 0xb6, 0x70, 0xe7, 0xec,
+    0x1f, 0xf6, 0x2c, 0x8a, 0x8a, 0xe6, 0x12, 0x6d, 0xb4, 0xb3, 0x8d, 0x6d, 0xff, 0x1b, 0xca, 0x45,
+    0x2f, 0x46, 0x9a, 0xfa, 0xfa, 0x27, 0xc4, 0x6e, 0xa4, 0x3b, 0x65, 0x6e, 0x24, 0xa6, 0xbd, 0x7d,
+    0x3f, 0x97, 0x49, 0x6b, 0x6b, 0xd9, 0x37, 0x6f, 0x15, 0x43, 0x3d, 0x6f, 0x6d, 0xcd, 0x90, 0xd4,
+    0x0c, 0x2c, 0xcc, 0x1c, 0x1c, 0xa1, 0xd4, 0x70, 0x04, 0x22, 0x3a, 0x70, 0x46, 0xbe, 0x6d, 0x0e,
+    0x1c, 0xfd, 0x1f, 0x8d, 0x8d, 0x5f, 0x27, 0x71, 0xb5, 0x5a, 0x62, 0x71, 0x0f, 0xd5, 0x40, 0xa7,
+    0x2c, 0x4d, 0xa9, 0xfd, 0xfd, 0x9e, 0xf1, 0x72, 0xa5, 0xd2, 0x8a, 0x72, 0xd4, 0x68, 0x37, 0x9f,
+    0x3c, 0x9c, 0x7a, 0x6c, 0x6c, 0x60, 0x02, 0x73, 0x14, 0xaa, 0xd2, 0x73, 0x9d, 0x03, 0x1a, 0x36,
+    0x4c, 0xee, 0x06, 0x1d, 0x1d, 0xdf, 0x9e, 0x74, 0x85, 0x01, 0x99, 0x74, 0xa1, 0xd1, 0xd9, 0xef,
+    0x5c, 0x3f, 0xd5, 0x8c, 0x8c, 0x21, 0x6d, 0x75, 0x34, 0x79, 0xc1, 0x75, 0xe8, 0xba, 0xf4, 0x46,
+    0x6c, 0x8f, 0x63, 0xfc, 0xfc, 0xe0, 0xbb, 0x76, 0x24, 0xf1, 0x29, 0x76, 0x33, 0x07, 0x83, 0x7e,
+    0x7c, 0x5e, 0xb0, 0x6d, 0x6d, 0x1e, 0x48, 0x77, 0x95, 0x89, 0x71, 0x77, 0x7a, 0x6c, 0xae, 0xd7,
+    0x8c, 0x6b, 0x9b, 0x1e, 0x1e, 0x5d, 0x40, 0x78, 0xc5, 0x64, 0xbf, 0x78, 0x4b, 0x60, 0xc6, 0x0f,
+    0x9c, 0xba, 0x48, 0x8f, 0x8f, 0xa3, 0xb3, 0x79, 0x74, 0x1c, 0xe7, 0x79, 0x02, 0x0b, 0xeb, 0xa6,
+    0xac, 0x0a, 0xfe, 0xff, 0xff, 0x62, 0x65, 0x7a, 0x64, 0x94, 0x0f, 0x7a, 0xd9, 0xb6, 0x9c, 0x9e,
+    0xbc, 0xdb, 0x2d, 0x6e, 0x6e, 0x9c, 0x96, 0x7b, 0xd5, 0xec, 0x57, 0x7b, 0x90, 0xdd, 0xb1, 0x37,
+    0xcc, 0xa9, 0x51, 0x1f, 0x1f, 0x23, 0x0a, 0x7c, 0x44, 0x47, 0x1c, 0x7c, 0xac, 0x0f, 0x72, 0xee,
+    0xdc, 0x78, 0x82, 0x8e, 0x8e, 0xdd, 0xf9, 0x7d, 0xf5, 0x3f, 0x44, 0x7d, 0xe5, 0x64, 0x5f, 0x47,
+    0xec, 0xc8, 0x34, 0xfe, 0xfe, 0x1c, 0x2f, 0x7e, 0xe5, 0xb7, 0xac, 0x7e, 0x3e, 0xd9, 0x28, 0x7f,
+    0xfc, 0x19, 0xe7, 0x6f, 0x6f, 0xe2, 0xdc, 0x7f, 0x54, 0xcf, 0xf4, 0x7f, 0x77, 0xb2, 0x05, 0xd6,
+    0xd7, 0xfa, 0x39, 0x20, 0x20, 0x1b, 0x54, 0x80, 0x4d, 0xea, 0x87, 0x80, 0xd0, 0x7e, 0x22, 0x10,
+    0xc7, 0x2b, 0xea, 0xb1, 0xb1, 0xe5, 0xa7, 0x81, 0xfc, 0x92, 0xdf, 0x81, 0x99, 0x15, 0x0f, 0xb9,
+    0xf7, 0x9b, 0x5c, 0xc1, 0xc1, 0x24, 0x71, 0x82, 0xec, 0x1a, 0x37, 0x82, 0x42, 0xa8, 0x78, 0x81,
+    0xe7, 0x4a, 0x8f, 0x50, 0x50, 0xda, 0x82, 0x83, 0x5d, 0x62, 0x6f, 0x83, 0x0b, 0xc3, 0x55, 0x28,
+    0x97, 0x38, 0xf3, 0x21, 0x21, 0x65, 0x1e, 0x84, 0xcc, 0xc9, 0x24, 0x84, 0x37, 0x11, 0x96, 0xf1,
+    0x87, 0xe9, 0x20, 0xb0, 0xb0, 0x9b, 0xed, 0x85, 0x7d, 0xb1, 0x7c, 0x85, 0x7e, 0x7a, 0xbb, 0x58,
+    0xb7, 0x59, 0x96, 0xc0, 0xc0, 0x5a, 0x3b, 0x86, 0x6d, 0x39, 0x94, 0x86, 0xa5, 0xc7, 0xcc, 0x60,
+    0xa7, 0x88, 0x45, 0x51, 0x51, 0xa4, 0xc8, 0x87, 0xdc, 0x41, 0xcc, 0x87, 0xec, 0xac, 0xe1, 0xc9,
+    0x57, 0xbd, 0x6e, 0x22, 0x22, 0xe7, 0xc0, 0x88, 0x8c, 0xac, 0x02, 0x88, 0xdd, 0xa0, 0x89, 0x11,
+    0x47, 0x6c, 0xbd, 0xb3, 0xb3, 0x19, 0x33, 0x89, 0x3d, 0xd4, 0x5a, 0x89, 0x94, 0xcb, 0xa4, 0xb8,
+    0x77, 0xdc, 0x0b, 0xc3, 0xc3, 0xd8, 0xe5, 0x8a, 0x2d, 0x5c, 0xb2, 0x8a, 0x4f, 0x76, 0xd3, 0x80,
+    0x67, 0x0d, 0xd8, 0x52, 0x52, 0x26, 0x16, 0x8b, 0x9c, 0x24, 0xea, 0x8b, 0x06, 0x1d, 0xfe, 0x29,
+    0x17, 0x7f, 0xa4, 0x23, 0x23, 0x99, 0x8a, 0x8c, 0x0d, 0x8f, 0xa1, 0x8c, 0x3a, 0xcf, 0x3d, 0xf0,
+    0x07, 0xae, 0x77, 0xb2, 0xb2, 0x67, 0x79, 0x8d, 0xbc, 0xf7, 0xf9, 0x8d, 0x73, 0xa4, 0x10, 0x59,
+    0x37, 0x1e, 0xc1, 0xc2, 0xc2, 0xa6, 0xaf, 0x8e, 0xac, 0x7f, 0x11, 0x8e, 0xa8, 0x19, 0x67, 0x61,
+    0x27, 0xcf, 0x12, 0x53, 0x53, 0x58, 0x5c, 0x8f, 0x1d, 0x07, 0x49, 0x8f, 0xe1, 0x72, 0x4a, 0xc8,
+    0x14, 0x74, 0x97, 0x24, 0x24, 0x20, 0xbf, 0x90, 0x0c, 0x66, 0x4e, 0x90, 0xca, 0x01, 0xb7, 0x12,
+    0x04, 0xa5, 0x44, 0xb5, 0xb5, 0xde, 0x4c, 0x91, 0xbd, 0x1e, 0x16, 0x91, 0x83, 0x6a, 0x9a, 0xbb,
+    0x34, 0x15, 0xf2, 0xc5, 0xc5, 0x1f, 0x9a, 0x92, 0xad, 0x96, 0xfe, 0x92, 0x58, 0xd7, 0xed, 0x83,
+    0x24, 0xc4, 0x21, 0x54, 0x54, 0xe1, 0x69, 0x93, 0x1c, 0xee, 0xa6, 0x93, 0x11, 0xbc, 0xc0, 0x2a,
+    0x54, 0xb6, 0x5d, 0x25, 0x25, 0x5e, 0xf5, 0x94, 0x8d, 0x45, 0xed, 0x94, 0x2d, 0x6e, 0x03, 0xf3,
+    0x44, 0x67, 0x8e, 0xb4, 0xb4, 0xa0, 0x06, 0x95, 0x3c, 0x3d, 0xb5, 0x95, 0x64, 0x05, 0x2e, 0x5a,
+    0x74, 0xd7, 0x38, 0xc4, 0xc4, 0x61, 0xd0, 0x96, 0x2c, 0xb5, 0x5d, 0x96, 0xbf, 0xb8, 0x59, 0x62,
+    0x64, 0x06, 0xeb, 0x55, 0x55, 0x9f, 0x23, 0x97, 0x9d, 0xcd, 0x05, 0x97, 0xf6, 0xd3, 0x74, 0xcb,
+    0x94, 0x33, 0xc0, 0x26, 0x26, 0xdc, 0x2b, 0x98, 0xcd, 0x20, 0xcb, 0x98, 0xc7, 0xdf, 0x1c, 0x13,
+    0x84, 0xe2, 0x13, 0xb7, 0xb7, 0x22, 0xd8, 0x99, 0x7c, 0x58, 0x93, 0x99, 0x8e, 0xb4, 0x31, 0xba,
+    0xb4, 0x52, 0xa5, 0xc7, 0xc7, 0xe3, 0x0e, 0x9a, 0x6c, 0xd0, 0x7b, 0x9a, 0x55, 0x09, 0x46, 0x82,
+    0xa4, 0x83, 0x76, 0x56, 0x56, 0x1d, 0xfd, 0x9b, 0xdd, 0xa8, 0x23, 0x9b, 0x1c, 0x62, 0x6b, 0x2b,
+    0xd4, 0xf1, 0x0a, 0x27, 0x27, 0xa2, 0x61, 0x9c, 0x4c, 0x03, 0x68, 0x9c, 0x20, 0xb0, 0xa8, 0xf2,
+    0xc4, 0x20, 0xd9, 0xb6, 0xb6, 0x5c, 0x92, 0x9d, 0xfd, 0x7b, 0x30, 0x9d, 0x69, 0xdb, 0x85, 0x5b,
+    0xf4, 0x90, 0x6f, 0xc6, 0xc6, 0x9d, 0x44, 0x9e, 0xed, 0xf3, 0xd8, 0x9e, 0xb2, 0x66, 0xf2, 0x63,
+    0xe4, 0x41, 0xbc, 0x57, 0x57, 0x63, 0xb7, 0x9f, 0x5c, 0x8b, 0x80, 0x9f, 0xfb, 0x0d, 0xdf, 0xca,
+    0x92, 0x25, 0xa6, 0x28, 0x28, 0x6d, 0x41, 0xa0, 0xcf, 0x31, 0xd6, 0xa0, 0xe4, 0x80, 0xcb, 0x14,
+    0x82, 0xf4, 0x75, 0xb9, 0xb9, 0x93, 0xb2, 0xa1, 0x7e, 0x49, 0x8e, 0xa1, 0xad, 0xeb, 0xe6, 0xbd,
+    0xb2, 0x44, 0xc3, 0xc9, 0xc9, 0x52, 0x64, 0xa2, 0x6e, 0xc1, 0x66, 0xa2, 0x76, 0x56, 0x91, 0x85,
+    0xa2, 0x95, 0x10, 0x58, 0x58, 0xac, 0x97, 0xa3, 0xdf, 0xb9, 0x3e, 0xa3, 0x3f, 0x3d, 0xbc, 0x2c,
+    0xd2, 0xe7, 0x6c, 0x29, 0x29, 0x13, 0x0b, 0xa4, 0x4e, 0x12, 0x75, 0xa4, 0x03, 0xef, 0x7f, 0xf5,
+    0xc2, 0x36, 0xbf, 0xb8, 0xb8, 0xed, 0xf8, 0xa5, 0xff, 0x6a, 0x2d, 0xa5, 0x4a, 0x84, 0x52, 0x5c,
+    0xf2, 0x86, 0x09, 0xc8, 0xc8, 0x2c, 0x2e, 0xa6, 0xef, 0xe2, 0xc5, 0xa6, 0x91, 0x39, 0x25, 0x64,
+    0xe2, 0x57, 0xda, 0x59, 0x59, 0xd2, 0xdd, 0xa7, 0x5e, 0x9a, 0x9d, 0xa7, 0xd8, 0x52, 0x08, 0xcd,
+    0x12, 0x62, 0xf1, 0x2a, 0x2a, 0x91, 0xd5, 0xa8, 0x0e, 0x77, 0x53, 0xa8, 0xe9, 0x5e, 0x60, 0x15,
+    0x02, 0xb3, 0x22, 0xbb, 0xbb, 0x6f, 0x26, 0xa9, 0xbf, 0x0f, 0x0b, 0xa9, 0xa0, 0x35, 0x4d, 0xbc,
+    0x32, 0x03, 0x94, 0xcb, 0xcb, 0xae, 0xf0, 0xaa, 0xaf, 0x87, 0xe3, 0xaa, 0x7b, 0x88, 0x3a, 0x84,
+    0x22, 0xd2, 0x47, 0x5a, 0x5a, 0x50, 0x03, 0xab, 0x1e, 0xff, 0xbb, 0xab, 0x32, 0xe3, 0x17, 0x2d,
+    0x52, 0xa0, 0x3b, 0x2b, 0x2b, 0xef, 0x9f, 0xac, 0x8f, 0x54, 0xf0, 0xac, 0x0e, 0x31, 0xd4, 0xf4,
+    0x42, 0x71, 0xe8, 0xba, 0xba, 0x11, 0x6c, 0xad, 0x3e, 0x2c, 0xa8, 0xad, 0x47, 0x5a, 0xf9, 0x5d,
+    0x72, 0xc1, 0x5e, 0xca, 0xca, 0xd0, 0xba, 0xae, 0x2e, 0xa4, 0x40, 0xae, 0x9c, 0xe7, 0x8e, 0x65,
+    0x62, 0x10, 0x8d, 0x5b, 0x5b, 0x2e, 0x49, 0xaf, 0x9f, 0xdc, 0x18, 0xaf, 0xd5, 0x8c, 0xa3, 0xcc,
+    0x51, 0xab, 0x08, 0x2c, 0x2c, 0x56, 0xaa, 0xb0, 0x8e, 0xbd, 0x1f, 0xb0, 0xfe, 0xff, 0x5e, 0x16,
+    0x41, 0x7a, 0xdb, 0xbd, 0xbd, 0xa8, 0x59, 0xb1, 0x3f, 0xc5, 0x47, 0xb1, 0xb7, 0x94, 0x73, 0xbf,
+    0x71, 0xca, 0x6d, 0xcd, 0xcd, 0x69, 0x8f, 0xb2, 0x2f, 0x4d, 0xaf, 0xb2, 0x6c, 0x29, 0x04, 0x87,
+    0x61, 0x1b, 0xbe, 0x5c, 0x5c, 0x97, 0x7c, 0xb3, 0x9e, 0x35, 0xf7, 0xb3, 0x25, 0x42, 0x29, 0x2e,
+    0x11, 0x69, 0xc2, 0x2d, 0x2d, 0x28, 0xe0, 0xb4, 0x0f, 0x9e, 0xbc, 0xb4, 0x19, 0x90, 0xea, 0xf7,
+    0x01, 0xb8, 0x11, 0xbc, 0xbc, 0xd6, 0x13, 0xb5, 0xbe, 0xe6, 0xe4, 0xb5, 0x50, 0xfb, 0xc7, 0x5e,
+    0x31, 0x08, 0xa7, 0xcc, 0xcc, 0x17, 0xc5, 0xb6, 0xae, 0x6e, 0x0c, 0xb6, 0x8b, 0x46, 0xb0, 0x66,
+    0x21, 0xd9, 0x74, 0x5d, 0x5d, 0xe9, 0x36, 0xb7, 0x1f, 0x16, 0x54, 0xb7, 0xc2, 0x2d, 0x9d, 0xcf,
+    0xd1, 0xec, 0x5f, 0x2e, 0x2e, 0xaa, 0x3e, 0xb8, 0x4f, 0xfb, 0x9a, 0xb8, 0xf3, 0x21, 0xf5, 0x17,
+    0xc1, 0x3d, 0x8c, 0xbf, 0xbf, 0x54, 0xcd, 0xb9, 0xfe, 0x83, 0xc2, 0xb9, 0xba, 0x4a, 0xd8, 0xbe,
+    0xf1, 0x8d, 0x3a, 0xcf, 0xcf, 0x95, 0x1b, 0xba, 0xee, 0x0b, 0x2a, 0xba, 0x61, 0xf7, 0xaf, 0x86,
+    0xe1, 0x5c, 0xe9, 0x5e, 0x5e, 0x6b, 0xe8, 0xbb, 0x5f, 0x73, 0x72, 0xbb, 0x28, 0x9c, 0x82, 0x2f,
+    0x91, 0x2e, 0x95, 0x2f, 0x2f, 0xd4, 0x74, 0xbc, 0xce, 0xd8, 0x39, 0xbc, 0x14, 0x4e, 0x41, 0xf6,
+    0x81, 0xff, 0x46, 0xbe, 0xbe, 0x2a, 0x87, 0xbd, 0x7f, 0xa0, 0x61, 0xbd, 0x5d, 0x25, 0x6c, 0x5f,
+    0xb1, 0x4f, 0xf0, 0xce, 0xce, 0xeb, 0x51, 0xbe, 0x6f, 0x28, 0x89, 0xbe, 0x86, 0x98, 0x1b, 0x67,
+    0xa1, 0x9e, 0x23, 0x5f, 0x5f, 0x15, 0xa2, 0xbf, 0xde, 0x50, 0xd1, 0xbf, 0xcf, 0xf3, 0x36, 0xce,
+    0x5d, 0x87, 0xc4, 0x30, 0x30, 0xf7, 0x7e, 0xc0, 0x8a, 0x9f, 0x25, 0xc0, 0xb8, 0x41, 0x33, 0x18,
+    0x4d, 0x56, 0x17, 0xa1, 0xa1, 0x09, 0x8d, 0xc1, 0x3b, 0xe7, 0x7d, 0xc1, 0xf1, 0x2a, 0x1e, 0xb1,
+    0x7d, 0xe6, 0xa1, 0xd1, 0xd1, 0xc8, 0x5b, 0xc2, 0x2b, 0x6f, 0x95, 0xc2, 0x2a, 0x97, 0x69, 0x89,
+    0x6d, 0x37, 0x72, 0x40, 0x40, 0x36, 0xa8, 0xc3, 0x9a, 0x17, 0xcd, 0xc3, 0x63, 0xfc, 0x44, 0x20,
+    0x1d, 0x45, 0x0e, 0x31, 0x31, 0x89, 0x34, 0xc4, 0x0b, 0xbc, 0x86, 0xc4, 0x5f, 0x2e, 0x87, 0xf9,
+    0x0d, 0x94, 0xdd, 0xa0, 0xa0, 0x77, 0xc7, 0xc5, 0xba, 0xc4, 0xde, 0xc5, 0x16, 0x45, 0xaa, 0x50,
+    0x3d, 0x24, 0x6b, 0xd0, 0xd0, 0xb6, 0x11, 0xc6, 0xaa, 0x4c, 0x36, 0xc6, 0xcd, 0xf8, 0xdd, 0x68,
+    0x2d, 0xf5, 0xb8, 0x41, 0x41, 0x48, 0xe2, 0xc7, 0x1b, 0x34, 0x6e, 0xc7, 0x84, 0x93, 0xf0, 0xc1,
+    0xdd, 0xc0, 0x93, 0x32, 0x32, 0x0b, 0xea, 0xc8, 0x4b, 0xd9, 0xa0, 0xc8, 0xb5, 0x9f, 0x98, 0x19,
+    0xcd, 0x11, 0x40, 0xa3, 0xa3, 0xf5, 0x19, 0xc9, 0xfa, 0xa1, 0xf8, 0xc9, 0xfc, 0xf4, 0xb5, 0xb0,
+    0xfd, 0xa1, 0xf6, 0xd3, 0xd3, 0x34, 0xcf, 0xca, 0xea, 0x29, 0x10, 0xca, 0x27, 0x49, 0xc2, 0x88,
+    0xed, 0x70, 0x25, 0x42, 0x42, 0xca, 0x3c, 0xcb, 0x5b, 0x51, 0x48, 0xcb, 0x6e, 0x22, 0xef, 0x21,
+    0x9d, 0x02, 0x59, 0x33, 0x33, 0x75, 0xa0, 0xcc, 0xca, 0xfa, 0x03, 0xcc, 0x52, 0xf0, 0x2c, 0xf8,
+    0x8d, 0xd3, 0x8a, 0xa2, 0xa2, 0x8b, 0x53, 0xcd, 0x7b, 0x82, 0x5b, 0xcd, 0x1b, 0x9b, 0x01, 0x51,
+    0xbd, 0x63, 0x3c, 0xd2, 0xd2, 0x4a, 0x85, 0xce, 0x6b, 0x0a, 0xb3, 0xce, 0xc0, 0x26, 0x76, 0x69,
+    0xad, 0xb2, 0xef, 0x43, 0x43, 0xb4, 0x76, 0xcf, 0xda, 0x72, 0xeb, 0xcf, 0x89, 0x4d, 0x5b, 0xc0,
+    0x9e, 0x09, 0x6a, 0x34, 0x34, 0xcc, 0x95, 0xd0, 0xcb, 0x13, 0xec, 0xd0, 0xa2, 0x3e, 0xa6, 0x1a,
+    0x8e, 0xd8, 0xb9, 0xa5, 0xa5, 0x32, 0x66, 0xd1, 0x7a, 0x6b, 0xb4, 0xd1, 0xeb, 0x55, 0x8b, 0xb3,
+    0xbe, 0x68, 0x0f, 0xd5, 0xd5, 0xf3, 0xb0, 0xd2, 0x6a, 0xe3, 0x5c, 0xd2, 0x30, 0xe8, 0xfc, 0x8b,
+    0xae, 0xb9, 0xdc, 0x44, 0x44, 0x0d, 0x43, 0xd3, 0xdb, 0x9b, 0x04, 0xd3, 0x79, 0x83, 0xd1, 0x22,
+    0xde, 0xcb, 0xa0, 0x35, 0x35, 0xb2, 0xdf, 0xd4, 0x4a, 0x30, 0x4f, 0xd4, 0x45, 0x51, 0x12, 0xfb,
+    0xce, 0x1a, 0x73, 0xa4, 0xa4, 0x4c, 0x2c, 0xd5, 0xfb, 0x48, 0x17, 0xd5, 0x0c, 0x3a, 0x3f, 0x52,
+    0xfe, 0xaa, 0xc5, 0xd4, 0xd4, 0x8d, 0xfa, 0xd6, 0xeb, 0xc0, 0xff, 0xd6, 0xd7, 0x87, 0x48, 0x6a,
+    0xee, 0x7b, 0x16, 0x45, 0x45, 0x73, 0x09, 0xd7, 0x5a, 0xb8, 0xa7, 0xd7, 0x9e, 0xec, 0x65, 0xc3,
+    0x1e, 0x4e, 0x3d, 0x36, 0x36, 0x30, 0x01, 0xd8, 0x0a, 0x55, 0x69, 0xd8, 0xaf, 0xe0, 0x0d, 0x1b,
+    0x0e, 0x9f, 0xee, 0xa7, 0xa7, 0xce, 0xf2, 0xd9, 0xbb, 0x2d, 0x31, 0xd9, 0xe6, 0x8b, 0x20, 0xb2,
+    0x3e, 0x2f, 0x58, 0xd7, 0xd7, 0x0f, 0x24, 0xda, 0xab, 0xa5, 0xd9, 0xda, 0x3d, 0x36, 0x57, 0x8a,
+    0x2e, 0xfe, 0x8b, 0x46, 0x46, 0xf1, 0xd7, 0xdb, 0x1a, 0xdd, 0x81, 0xdb, 0x74, 0x5d, 0x7a, 0x23,
+    0x5e, 0x8c, 0xf7, 0x37, 0x37, 0x4e, 0x4b, 0xdc, 0x8b, 0x76, 0xca, 0xdc, 0x48, 0x8f, 0xb9, 0xfa,
+    0x4e, 0x5d, 0x24, 0xa6, 0xa6, 0xb0, 0xb8, 0xdd, 0x3a, 0x0e, 0x92, 0xdd, 0x01, 0xe4, 0x94, 0x53,
+    0x7e, 0xed, 0x92, 0xd6, 0xd6, 0x71, 0x6e, 0xde, 0x2a, 0x86, 0x7a, 0xde, 0xda, 0x59, 0xe3, 0x6b,
+    0x6e, 0x3c, 0x41, 0x47, 0x47, 0x8f, 0x9d, 0xdf, 0x9b, 0xfe, 0x22, 0xdf, 0x93, 0x32, 0xce, 0xc2,
+    0x18, 0x58, 0x5b, 0x38, 0x38, 0x81, 0x6b, 0xe0, 0x08, 0x44, 0x74, 0xe0, 0x8c, 0xbf, 0xda, 0x1c,
+    0x08, 0x89, 0x88, 0xa9, 0xa9, 0x7f, 0x98, 0xe1, 0xb9, 0x3c, 0x2c, 0xe1, 0xc5, 0xd4, 0xf7, 0xb5,
+    0x38, 0x39, 0x3e, 0xd9, 0xd9, 0xbe, 0x4e, 0xe2, 0xa9, 0xb4, 0xc4, 0xe2, 0x1e, 0x69, 0x80, 0x8d,
+    0x28, 0xe8, 0xed, 0x48, 0x48, 0x40, 0xbd, 0xe3, 0x18, 0xcc, 0x9c, 0xe3, 0x57, 0x02, 0xad, 0x24,
+    0x58, 0x9a, 0x91, 0x39, 0x39, 0xff, 0x21, 0xe4, 0x89, 0x67, 0xd7, 0xe4, 0x6b, 0xd0, 0x6e, 0xfd,
+    0x48, 0x4b, 0x42, 0xa8, 0xa8, 0x01, 0xd2, 0xe5, 0x38, 0x1f, 0x8f, 0xe5, 0x22, 0xbb, 0x43, 0x54,
+    0x78, 0xfb, 0xf4, 0xd8, 0xd8, 0xc0, 0x04, 0xe6, 0x28, 0x97, 0x67, 0xe6, 0xf9, 0x06, 0x34, 0x6c,
+    0x68, 0x2a, 0x27, 0x49, 0x49, 0x3e, 0xf7, 0xe7, 0x99, 0xef, 0x3f, 0xe7, 0xb0, 0x6d, 0x19, 0xc5,
+    0x98, 0x1f, 0x0c, 0x3a, 0x3a, 0x7d, 0xff, 0xe8, 0xc9, 0x02, 0xf1, 0xe8, 0x81, 0x61, 0x71, 0x1d,
+    0x88, 0xce, 0xdf, 0xab, 0xab, 0x83, 0x0c, 0xe9, 0x78, 0x7a, 0xa9, 0xe9, 0xc8, 0x0a, 0x5c, 0xb4,
+    0xb8, 0x7e, 0x69, 0xdb, 0xdb, 0x42, 0xda, 0xea, 0x68, 0xf2, 0x41, 0xea, 0x13, 0xb7, 0x2b, 0x8c,
+    0xa8, 0xaf, 0xba, 0x4a, 0x4a, 0xbc, 0x29, 0xeb, 0xd9, 0x8a, 0x19, 0xeb, 0x5a, 0xdc, 0x06, 0x25,
+    0xd8, 0xdd, 0xc6, 0x3b, 0x3b, 0x03, 0xb5, 0xec, 0x48, 0x21, 0x52, 0xec, 0x66, 0x0e, 0xc5, 0xfc,
+    0xc8, 0x0c, 0x15, 0xaa, 0xaa, 0xfd, 0x46, 0xed, 0xf9, 0x59, 0x0a, 0xed, 0x2f, 0x65, 0xe8, 0x55,
+    0xf8, 0xbc, 0xa3, 0xda, 0xda, 0x3c, 0x90, 0xee, 0xe9, 0xd1, 0xe2, 0xee, 0xf4, 0xd8, 0x9f, 0x6d,
+    0xe8, 0x6d, 0x70, 0x4b, 0x4b, 0xc2, 0x63, 0xef, 0x58, 0xa9, 0xba, 0xef, 0xbd, 0xb3, 0xb2, 0xc4,
+    0xdb, 0xd6, 0xf5, 0x3c, 0x3c, 0xba, 0x80, 0xf0, 0x49, 0xc8, 0xbd, 0xf0, 0x96, 0xc0, 0x4f, 0x1e,
+    0xcb, 0x07, 0x26, 0xad, 0xad, 0x44, 0x73, 0xf1, 0xf8, 0xb0, 0xe5, 0xf1, 0xdf, 0xab, 0x62, 0xb7,
+    0xfb, 0xb7, 0x90, 0xdd, 0xdd, 0x85, 0xa5, 0xf2, 0xe8, 0x38, 0x0d, 0xf2, 0x04, 0x16, 0x15, 0x8f,
+    0xeb, 0x66, 0x43, 0x4c, 0x4c, 0x7b, 0x56, 0xf3, 0x59, 0x40, 0x55, 0xf3, 0x4d, 0x7d, 0x38, 0x26,
+    0x9b, 0x14, 0x3f, 0x3d, 0x3d, 0xc4, 0xca, 0xf4, 0xc8, 0xeb, 0x1e, 0xf4, 0x71, 0xaf, 0xfb, 0xff,
+    0x8b, 0xc5, 0xec, 0xac, 0xac, 0x3a, 0x39, 0xf5, 0x79, 0x93, 0x46, 0xf5, 0x38, 0xc4, 0xd6, 0x56,
+    0xbb, 0x75, 0x5a, 0xdc, 0xdc, 0xfb, 0xef, 0xf6, 0x69, 0x1b, 0xae, 0xf6, 0xe3, 0x79, 0xa1, 0x6e,
+    0xab, 0xa4, 0x89, 0x4d, 0x4d, 0x05, 0x1c, 0xf7, 0xd8, 0x63, 0xf6, 0xf7, 0xaa, 0x12, 0x8c, 0xc7,
+    0x5b, 0x91, 0xa2, 0x3e, 0x3e, 0x46, 0x14, 0xf8, 0x88, 0x8e, 0x38, 0xf8, 0x9b, 0x1e, 0xe4, 0x1f,
+    0x4b, 0x40, 0x71, 0xaf, 0xaf, 0xb8, 0xe7, 0xf9, 0x39, 0xf6, 0x60, 0xf9, 0xd2, 0x75, 0xc9, 0xb6,
+    0x7b, 0xf0, 0xc7, 0xdf, 0xdf, 0x79, 0x31, 0xfa, 0x29, 0x7e, 0x88, 0xfa, 0x09, 0xc8, 0xbe, 0x8e,
+    0x6b, 0x21, 0x14, 0x4e, 0x4e, 0x87, 0xc2, 0xfb, 0x98, 0x06, 0xd0, 0xfb, 0x40, 0xa3, 0x93, 0x27,
+    0x1b, 0x53, 0x68, 0x3f, 0x3f, 0x38, 0x5e, 0xfc, 0x09, 0xad, 0x9b, 0xfc, 0x7c, 0x71, 0x50, 0xfe,
+    0x0b, 0x82, 0xbb, 0xae, 0xae, 0xc6, 0xad, 0xfd, 0xb8, 0xd5, 0xc3, 0xfd, 0x35, 0x1a, 0x7d, 0x57,
+    0x3b, 0x32, 0x0d, 0xde, 0xde, 0x07, 0x7b, 0xfe, 0xa8, 0x5d, 0x2b, 0xfe, 0xee, 0xa7, 0x0a, 0x6f,
+    0x2b, 0xe3, 0xde, 0x4f, 0x4f, 0xf9, 0x88, 0xff, 0x19, 0x25, 0x73, 0xff, 0xa7, 0xcc, 0x27, 0xc6,
+  },
+  { /* 5 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0xc2, 0x8d, 0x31, 0x64, 0xec, 0xeb, 0x0f, 0x2a, 0x37, 0x99, 0x90, 0xc4, 0xf6, 0x30, 0xb8, 0xf6,
+    0x47, 0xd9, 0x62, 0xc8, 0x1b, 0x15, 0x1e, 0x54, 0x6e, 0xf1, 0xe3, 0x4b, 0x2f, 0x60, 0xb3, 0x2f,
+    0x85, 0x54, 0x53, 0xac, 0xf7, 0xfe, 0x11, 0x7e, 0x59, 0x68, 0x73, 0x8f, 0xd9, 0x50, 0x0b, 0xd9,
+    0x8e, 0x71, 0xc4, 0x53, 0x36, 0x2a, 0x3c, 0xa8, 0xdc, 0x21, 0x05, 0x96, 0x5e, 0xc0, 0xa5, 0x5e,
+    0x4c, 0xfc, 0xf5, 0x37, 0xda, 0xc1, 0x33, 0x82, 0xeb, 0xb8, 0x95, 0x52, 0xa8, 0xf0, 0x1d, 0xa8,
+    0xc9, 0xa8, 0xa6, 0x9b, 0x2d, 0x3f, 0x22, 0xfc, 0xb2, 0xd0, 0xe6, 0xdd, 0x71, 0xa0, 0x16, 0x71,
+    0x0b, 0x25, 0x97, 0xff, 0xc1, 0xd4, 0x2d, 0xd6, 0x85, 0x49, 0x76, 0x19, 0x87, 0x90, 0xae, 0x87,
+    0xdf, 0xe2, 0x4b, 0xa6, 0x6c, 0x54, 0x78, 0x93, 0x7b, 0x42, 0x0a, 0xef, 0xbc, 0x43, 0x89, 0xbc,
+    0x1d, 0x6f, 0x7a, 0xc2, 0x80, 0xbf, 0x77, 0xb9, 0x4c, 0xdb, 0x9a, 0x2b, 0x4a, 0x73, 0x31, 0x4a,
+    0x98, 0x3b, 0x29, 0x6e, 0x77, 0x41, 0x66, 0xc7, 0x15, 0xb3, 0xe9, 0xa4, 0x93, 0x23, 0x3a, 0x93,
+    0x5a, 0xb6, 0x18, 0x0a, 0x9b, 0xaa, 0x69, 0xed, 0x22, 0x2a, 0x79, 0x60, 0x65, 0x13, 0x82, 0x65,
+    0x51, 0x93, 0x8f, 0xf5, 0x5a, 0x7e, 0x44, 0x3b, 0xa7, 0x63, 0x0f, 0x79, 0xe2, 0x83, 0x2c, 0xe2,
+    0x93, 0x1e, 0xbe, 0x91, 0xb6, 0x95, 0x4b, 0x11, 0x90, 0xfa, 0x9f, 0xbd, 0x14, 0xb3, 0x94, 0x14,
+    0x16, 0x4a, 0xed, 0x3d, 0x41, 0x6b, 0x5a, 0x6f, 0xc9, 0x92, 0xec, 0x32, 0xcd, 0xe3, 0x9f, 0xcd,
+    0xd4, 0xc7, 0xdc, 0x59, 0xad, 0x80, 0x55, 0x45, 0xfe, 0x0b, 0x7c, 0xf6, 0x3b, 0xd3, 0x27, 0x3b,
+    0x7d, 0x07, 0x96, 0x8f, 0xd8, 0xa8, 0xf0, 0xe5, 0xf6, 0x84, 0x14, 0x1d, 0xbb, 0x86, 0xd1, 0xbb,
+    0xbf, 0x8a, 0xa7, 0xeb, 0x34, 0x43, 0xff, 0xcf, 0xc1, 0x1d, 0x84, 0xd9, 0x4d, 0xb6, 0x69, 0x4d,
+    0x3a, 0xde, 0xf4, 0x47, 0xc3, 0xbd, 0xee, 0xb1, 0x98, 0x75, 0xf7, 0x56, 0x94, 0xe6, 0x62, 0x94,
+    0xf8, 0x53, 0xc5, 0x23, 0x2f, 0x56, 0xe1, 0x9b, 0xaf, 0xec, 0x67, 0x92, 0x62, 0xd6, 0xda, 0x62,
+    0xf3, 0x76, 0x52, 0xdc, 0xee, 0x82, 0xcc, 0x4d, 0x2a, 0xa5, 0x11, 0x8b, 0xe5, 0x46, 0x74, 0xe5,
+    0x31, 0xfb, 0x63, 0xb8, 0x02, 0x69, 0xc3, 0x67, 0x1d, 0x3c, 0x81, 0x4f, 0x13, 0x76, 0xcc, 0x13,
+    0xb4, 0xaf, 0x30, 0x14, 0xf5, 0x97, 0xd2, 0x19, 0x44, 0x54, 0xf2, 0xc0, 0xca, 0x26, 0xc7, 0xca,
+    0x76, 0x22, 0x01, 0x70, 0x19, 0x7c, 0xdd, 0x33, 0x73, 0xcd, 0x62, 0x04, 0x3c, 0x16, 0x7f, 0x3c,
+    0xa2, 0xe5, 0xdd, 0x29, 0xb4, 0xfc, 0x88, 0x76, 0x8d, 0xc6, 0x1e, 0xf2, 0x07, 0xc5, 0x58, 0x07,
+    0x60, 0x68, 0xec, 0x4d, 0x58, 0x17, 0x87, 0x5c, 0xba, 0x5f, 0x8e, 0x36, 0xf1, 0xf5, 0xe0, 0xf1,
+    0xe5, 0x3c, 0xbf, 0xe1, 0xaf, 0xe9, 0x96, 0x22, 0xe3, 0x37, 0xfd, 0xb9, 0x28, 0xa5, 0xeb, 0x28,
+    0x27, 0xb1, 0x8e, 0x85, 0x43, 0x02, 0x99, 0x08, 0xd4, 0xae, 0x6d, 0x7d, 0xde, 0x95, 0x53, 0xde,
+    0x2c, 0x94, 0x19, 0x7a, 0x82, 0xd6, 0xb4, 0xde, 0x51, 0xe7, 0x1b, 0x64, 0x59, 0x05, 0xfd, 0x59,
+    0xee, 0x19, 0x28, 0x1e, 0x6e, 0x3d, 0xbb, 0xf4, 0x66, 0x7e, 0x8b, 0xa0, 0xaf, 0x35, 0x45, 0xaf,
+    0x6b, 0x4d, 0x7b, 0xb2, 0x99, 0xc3, 0xaa, 0x8a, 0x3f, 0x16, 0xf8, 0x2f, 0x76, 0x65, 0x4e, 0x76,
+    0xa9, 0xc0, 0x4a, 0xd6, 0x75, 0x28, 0xa5, 0xa0, 0x08, 0x8f, 0x68, 0xeb, 0x80, 0x55, 0xf6, 0x80,
+    0xfa, 0x0e, 0xef, 0xdd, 0x73, 0x93, 0x23, 0x09, 0x2f, 0xcb, 0x28, 0x3a, 0xb5, 0xcf, 0x61, 0xb5,
+    0x38, 0x83, 0xde, 0xb9, 0x9f, 0x78, 0x2c, 0x23, 0x18, 0x52, 0xb8, 0xfe, 0x43, 0xff, 0xd9, 0x43,
+    0xbd, 0xd7, 0x8d, 0x15, 0x68, 0x86, 0x3d, 0x5d, 0x41, 0x3a, 0xcb, 0x71, 0x9a, 0xaf, 0xd2, 0x9a,
+    0x7f, 0x5a, 0xbc, 0x71, 0x84, 0x6d, 0x32, 0x77, 0x76, 0xa3, 0x5b, 0xb5, 0x6c, 0x9f, 0x6a, 0x6c,
+    0x74, 0x7f, 0x2b, 0x8e, 0x45, 0xb9, 0x1f, 0xa1, 0xf3, 0xea, 0x2d, 0xac, 0xeb, 0x0f, 0xc4, 0xeb,
+    0xb6, 0xf2, 0x1a, 0xea, 0xa9, 0x52, 0x10, 0x8b, 0xc4, 0x73, 0xbd, 0x68, 0x1d, 0x3f, 0x7c, 0x1d,
+    0x33, 0xa6, 0x49, 0x46, 0x5e, 0xac, 0x01, 0xf5, 0x9d, 0x1b, 0xce, 0xe7, 0xc4, 0x6f, 0x77, 0xc4,
+    0xf1, 0x2b, 0x78, 0x22, 0xb2, 0x47, 0x0e, 0xdf, 0xaa, 0x82, 0x5e, 0x23, 0x32, 0x5f, 0xcf, 0x32,
+    0x25, 0xec, 0xa4, 0x7b, 0x1f, 0xc7, 0x5b, 0x9a, 0x54, 0x89, 0x22, 0xd5, 0x09, 0x8c, 0xe8, 0x09,
+    0xe7, 0x61, 0x95, 0x1f, 0xf3, 0x2c, 0x54, 0xb0, 0x63, 0x10, 0xb2, 0x11, 0xff, 0xbc, 0x50, 0xff,
+    0x62, 0x35, 0xc6, 0xb3, 0x04, 0xd2, 0x45, 0xce, 0x3a, 0x78, 0xc1, 0x9e, 0x26, 0xec, 0x5b, 0x26,
+    0xa0, 0xb8, 0xf7, 0xd7, 0xe8, 0x39, 0x4a, 0xe4, 0x0d, 0xe1, 0x51, 0x5a, 0xd0, 0xdc, 0xe3, 0xd0,
+    0xab, 0x9d, 0x60, 0x28, 0x29, 0xed, 0x67, 0x32, 0x88, 0xa8, 0x27, 0x43, 0x57, 0x4c, 0x4d, 0x57,
+    0x69, 0x10, 0x51, 0x4c, 0xc5, 0x06, 0x68, 0x18, 0xbf, 0x31, 0xb7, 0x87, 0xa1, 0x7c, 0xf5, 0xa1,
+    0xec, 0x44, 0x02, 0xe0, 0x32, 0xf8, 0x79, 0x66, 0xe6, 0x59, 0xc4, 0x08, 0x78, 0x2c, 0xfe, 0x78,
+    0x2e, 0xc9, 0x33, 0x84, 0xde, 0x13, 0x76, 0x4c, 0xd1, 0xc0, 0x54, 0xcc, 0x8e, 0x1c, 0x46, 0x8e,
+    0x87, 0x09, 0x79, 0x52, 0xab, 0x3b, 0xd3, 0xec, 0xd9, 0x4f, 0x3c, 0x27, 0x0e, 0x49, 0xb0, 0x0e,
+    0x45, 0x84, 0x48, 0x36, 0x47, 0xd0, 0xdc, 0xc6, 0xee, 0xd6, 0xac, 0xe3, 0xf8, 0x79, 0x08, 0xf8,
+    0xc0, 0xd0, 0x1b, 0x9a, 0xb0, 0x2e, 0xcd, 0xb8, 0xb7, 0xbe, 0xdf, 0x6c, 0x21, 0x29, 0x03, 0x21,
+    0x02, 0x5d, 0x2a, 0xfe, 0x5c, 0xc5, 0xc2, 0x92, 0x80, 0x27, 0x4f, 0xa8, 0xd7, 0x19, 0xbb, 0xd7,
+    0x09, 0x78, 0xbd, 0x01, 0x9d, 0x11, 0xef, 0x44, 0x05, 0x6e, 0x39, 0xb1, 0x50, 0x89, 0x15, 0x50,
+    0xcb, 0xf5, 0x8c, 0x65, 0x71, 0xfa, 0xe0, 0x6e, 0x32, 0xf7, 0xa9, 0x75, 0xa6, 0xb9, 0xad, 0xa6,
+    0x4e, 0xa1, 0xdf, 0xc9, 0x86, 0x04, 0xf1, 0x10, 0x6b, 0x9f, 0xda, 0xfa, 0x7f, 0xe9, 0xa6, 0x7f,
+    0x8c, 0x2c, 0xee, 0xad, 0x6a, 0xef, 0xfe, 0x3a, 0x5c, 0x06, 0x4a, 0x3e, 0x89, 0xd9, 0x1e, 0x89,
+    0x58, 0xeb, 0x32, 0xf4, 0xc7, 0x6f, 0xab, 0x7f, 0xa2, 0x0d, 0x36, 0xc8, 0xb2, 0x0a, 0x39, 0xb2,
+    0x9a, 0x66, 0x03, 0x90, 0x2b, 0x84, 0xa4, 0x55, 0x95, 0x94, 0xa6, 0x0c, 0x44, 0x3a, 0x81, 0x44,
+    0x1f, 0x32, 0x50, 0x3c, 0xdc, 0x7a, 0xb5, 0x2b, 0xcc, 0xfc, 0xd5, 0x83, 0x9d, 0x6a, 0x8a, 0x9d,
+    0xdd, 0xbf, 0x61, 0x58, 0x30, 0x91, 0xba, 0x01, 0xfb, 0x65, 0x45, 0x47, 0x6b, 0x5a, 0x32, 0x6b,
+    0xd6, 0x9a, 0xf6, 0xa7, 0xf1, 0x45, 0x97, 0xd7, 0x7e, 0x2c, 0x33, 0x5e, 0xec, 0xca, 0x9c, 0xec,
+    0x14, 0x17, 0xc7, 0xc3, 0x1d, 0xae, 0x98, 0xfd, 0x49, 0xb5, 0xa3, 0x9a, 0x1a, 0xfa, 0x24, 0x1a,
+    0x91, 0x43, 0x94, 0x6f, 0xea, 0x50, 0x89, 0x83, 0x10, 0xdd, 0xd0, 0x15, 0xc3, 0xaa, 0x2f, 0xc3,
+    0x53, 0xce, 0xa5, 0x0b, 0x06, 0xbb, 0x86, 0xa9, 0x27, 0x44, 0x40, 0xd1, 0x35, 0x9a, 0x97, 0x35,
+    0x37, 0x1c, 0x1d, 0x79, 0xe6, 0xe5, 0x46, 0x12, 0x5e, 0x55, 0x50, 0x74, 0xa9, 0x5d, 0xc2, 0xa9,
+    0xf5, 0x91, 0x2c, 0x1d, 0x0a, 0x0e, 0x49, 0x38, 0x69, 0xcc, 0xc0, 0xb0, 0x5f, 0x6d, 0x7a, 0x5f,
+    0x70, 0xc5, 0x7f, 0xb1, 0xfd, 0xf0, 0x58, 0x46, 0x30, 0xa4, 0xb3, 0x3f, 0x86, 0x3d, 0x71, 0x86,
+    0xb2, 0x48, 0x4e, 0xd5, 0x11, 0x1b, 0x57, 0x6c, 0x07, 0x3d, 0x23, 0xfb, 0x70, 0x0d, 0xc9, 0x70,
+    0xb9, 0x6d, 0xd9, 0x2a, 0xd0, 0xcf, 0x7a, 0xba, 0x82, 0x74, 0x55, 0xe2, 0xf7, 0x9d, 0x67, 0xf7,
+    0x7b, 0xe0, 0xe8, 0x4e, 0x3c, 0x24, 0x75, 0x90, 0xb5, 0xed, 0xc5, 0x26, 0x01, 0xad, 0xdf, 0x01,
+    0xfe, 0xb4, 0xbb, 0xe2, 0xcb, 0xda, 0x64, 0xee, 0xec, 0x85, 0xb6, 0xa9, 0xd8, 0xfd, 0xd4, 0xd8,
+    0x3c, 0x39, 0x8a, 0x86, 0x27, 0x31, 0x6b, 0xc4, 0xdb, 0x1c, 0x26, 0x6d, 0x2e, 0xcd, 0x6c, 0x2e,
+    0xe8, 0xfe, 0x56, 0xdf, 0x8a, 0xb1, 0x3e, 0x81, 0x25, 0x17, 0x5a, 0x9b, 0x15, 0x1e, 0x4b, 0x15,
+    0x2a, 0x73, 0x67, 0xbb, 0x66, 0x5a, 0x31, 0xab, 0x12, 0x8e, 0xca, 0x5f, 0xe3, 0x2e, 0xf3, 0xe3,
+    0xaf, 0x27, 0x34, 0x17, 0x91, 0xa4, 0x20, 0xd5, 0x4b, 0xe6, 0xb9, 0xd0, 0x3a, 0x7e, 0xf8, 0x3a,
+    0x6d, 0xaa, 0x05, 0x73, 0x7d, 0x4f, 0x2f, 0xff, 0x7c, 0x7f, 0x29, 0x14, 0xcc, 0x4e, 0x40, 0xcc,
+    0x66, 0x8f, 0x92, 0x8c, 0xbc, 0x9b, 0x02, 0x29, 0xf9, 0x36, 0x5f, 0x0d, 0x4b, 0xde, 0xee, 0x4b,
+    0xa4, 0x02, 0xa3, 0xe8, 0x50, 0x70, 0x0d, 0x03, 0xce, 0xaf, 0xcf, 0xc9, 0xbd, 0xee, 0x56, 0xbd,
+    0x21, 0x56, 0xf0, 0x44, 0xa7, 0x8e, 0x1c, 0x7d, 0x97, 0xc7, 0xbc, 0x46, 0x64, 0xbe, 0x5d, 0x64,
+    0xe3, 0xdb, 0xc1, 0x20, 0x4b, 0x65, 0x13, 0x57, 0xa0, 0x5e, 0x2c, 0x82, 0x92, 0x8e, 0xe5, 0x92,
+    0x4a, 0x1b, 0x8b, 0xf6, 0x3e, 0x4d, 0xb6, 0xf7, 0xa8, 0xd1, 0x44, 0x69, 0x12, 0xdb, 0x13, 0x12,
+    0x88, 0x96, 0xba, 0x92, 0xd2, 0xa6, 0xb9, 0xdd, 0x9f, 0x48, 0xd4, 0xad, 0xe4, 0xeb, 0xab, 0xe4,
+    0x0d, 0xc2, 0xe9, 0x3e, 0x25, 0x58, 0xa8, 0xa3, 0xc6, 0x20, 0xa7, 0x22, 0x3d, 0xbb, 0xa0, 0x3d,
+    0xcf, 0x4f, 0xd8, 0x5a, 0xc9, 0xb3, 0xa7, 0x89, 0xf1, 0xb9, 0x37, 0xe6, 0xcb, 0x8b, 0x18, 0xcb,
+    0xc4, 0x6a, 0x4f, 0xa5, 0x08, 0x67, 0x8a, 0x5f, 0x74, 0xf0, 0x41, 0xff, 0x4c, 0x1b, 0xb6, 0x4c,
+    0x06, 0xe7, 0x7e, 0xc1, 0xe4, 0x8c, 0x85, 0x75, 0x43, 0x69, 0xd1, 0x3b, 0xba, 0x2b, 0x0e, 0xba,
+    0x83, 0xb3, 0x2d, 0x6d, 0x13, 0x72, 0x94, 0x0b, 0x1a, 0x01, 0xa2, 0xb4, 0x63, 0x7b, 0x05, 0x63,
+    0x41, 0x3e, 0x1c, 0x09, 0xff, 0x99, 0x9b, 0x21, 0x2d, 0x98, 0x32, 0x70, 0x95, 0x4b, 0xbd, 0x95,
+    0x95, 0xf9, 0xc0, 0x50, 0x52, 0x19, 0xce, 0x64, 0xd3, 0x93, 0x4e, 0x86, 0xae, 0x98, 0x9a, 0xae,
+    0x57, 0x74, 0xf1, 0x34, 0xbe, 0xf2, 0xc1, 0x4e, 0xe4, 0x0a, 0xde, 0x42, 0x58, 0xa8, 0x22, 0x58,
+    0xd2, 0x20, 0xa2, 0x98, 0x49, 0x0c, 0xd0, 0x30, 0xbd, 0x62, 0xad, 0xcd, 0x81, 0xf8, 0x29, 0x81,
+    0x10, 0xad, 0x93, 0xfc, 0xa5, 0xe7, 0xdf, 0x1a, 0x8a, 0xfb, 0x3d, 0x09, 0x77, 0xc8, 0x91, 0x77,
+    0x1b, 0x88, 0x04, 0x03, 0x64, 0x33, 0xf2, 0xcc, 0x0f, 0xb2, 0x4b, 0x10, 0xf0, 0x58, 0x3f, 0xf0,
+    0xd9, 0x05, 0x35, 0x67, 0x88, 0xd8, 0xfd, 0xe6, 0x38, 0x2b, 0xdb, 0xd4, 0x06, 0x68, 0x87, 0x06,
+    0x5c, 0x51, 0x66, 0xcb, 0x7f, 0x26, 0xec, 0x98, 0x61, 0x43, 0xa8, 0x5b, 0xdf, 0x38, 0x8c, 0xdf,
+    0x9e, 0xdc, 0x57, 0xaf, 0x93, 0xcd, 0xe3, 0xb2, 0x56, 0xda, 0x38, 0x9f, 0x29, 0x08, 0x34, 0x29,
+    0xcd, 0x12, 0xf2, 0xa4, 0x95, 0x76, 0x65, 0x1b, 0x71, 0x9e, 0x78, 0x4e, 0x1c, 0x92, 0xa3, 0x1c,
+    0x0f, 0x9f, 0xc3, 0xc0, 0x79, 0x9d, 0x6a, 0x31, 0x46, 0x07, 0xe8, 0x8a, 0xea, 0xa2, 0x1b, 0xea,
+    0x8a, 0xcb, 0x90, 0x6c, 0x8e, 0x63, 0x7b, 0x4f, 0x1f, 0x6f, 0x9b, 0x05, 0x33, 0xf2, 0x10, 0x33,
+    0x48, 0x46, 0xa1, 0x08, 0x62, 0x88, 0x74, 0x65, 0x28, 0xf6, 0x0b, 0xc1, 0xc5, 0xc2, 0xa8, 0xc5,
+    0x43, 0x63, 0x36, 0xf7, 0xa3, 0x5c, 0x59, 0xb3, 0xad, 0xbf, 0x7d, 0xd8, 0x42, 0x52, 0x06, 0x42,
+    0x81, 0xee, 0x07, 0x93, 0x4f, 0xb7, 0x56, 0x99, 0x9a, 0x26, 0xed, 0x1c, 0xb4, 0x62, 0xbe, 0xb4,
+    0x04, 0xba, 0x54, 0x3f, 0xb8, 0x49, 0x47, 0xe7, 0xc3, 0x4e, 0x9e, 0x93, 0x6d, 0x32, 0xb5, 0x6d,
+    0xc6, 0x37, 0x65, 0x5b, 0x54, 0xa2, 0x48, 0xcd, 0xf4, 0xd7, 0x0e, 0x57, 0x9b, 0x02, 0x0d, 0x9b,
+    0x12, 0xf0, 0xb9, 0x02, 0xf9, 0x22, 0x1d, 0x88, 0x0a, 0xdc, 0x72, 0xa1, 0xa0, 0xd1, 0x2a, 0xa0,
+    0xd0, 0x7d, 0x88, 0x66, 0x15, 0xc9, 0x12, 0xa2, 0x3d, 0x45, 0xe2, 0x65, 0x56, 0xe1, 0x92, 0x56,
+    0x55, 0x29, 0xdb, 0xca, 0xe2, 0x37, 0x03, 0xdc, 0x64, 0x2d, 0x91, 0xea, 0x8f, 0xb1, 0x99, 0x8f,
+    0x97, 0xa4, 0xea, 0xae, 0x0e, 0xdc, 0x0c, 0xf6, 0x53, 0xb4, 0x01, 0x2e, 0x79, 0x81, 0x21, 0x79,
+    0x9c, 0x81, 0x7d, 0x51, 0xcf, 0x08, 0x21, 0x20, 0xd6, 0xfd, 0x77, 0x37, 0xfe, 0x11, 0x8f, 0xfe,
+    0x5e, 0x0c, 0x4c, 0x35, 0x23, 0xe3, 0x2e, 0x0a, 0xe1, 0x64, 0xe7, 0xf3, 0x08, 0x21, 0x37, 0x08,
+    0xdb, 0x58, 0x1f, 0x99, 0xd4, 0x1d, 0x3f, 0x74, 0xb8, 0x0c, 0x94, 0x7c, 0xd1, 0x71, 0x3c, 0xd1,
+    0x19, 0xd5, 0x2e, 0xfd, 0x38, 0xf6, 0x30, 0x5e, 0x8f, 0x95, 0x04, 0xb8, 0x27, 0x41, 0x84, 0x27,
+    0xb0, 0x15, 0x64, 0x2b, 0x4d, 0xde, 0x95, 0xfe, 0x87, 0x1a, 0x6c, 0x53, 0xa7, 0x14, 0x72, 0xa7,
+    0x72, 0x98, 0x55, 0x4f, 0xa1, 0x35, 0x9a, 0xd4, 0xb0, 0x83, 0xfc, 0x97, 0x51, 0x24, 0xca, 0x51,
+    0xf7, 0xcc, 0x06, 0xe3, 0x56, 0xcb, 0x8b, 0xaa, 0xe9, 0xeb, 0x8f, 0x18, 0x88, 0x74, 0xc1, 0x88,
+    0x35, 0x41, 0x37, 0x87, 0xba, 0x20, 0x84, 0x80, 0xde, 0x72, 0x1f, 0xdc, 0x7e, 0x44, 0x79, 0x7e,
+    0x3e, 0x64, 0xa0, 0x78, 0x7b, 0xf4, 0xa9, 0x56, 0x5b, 0x3b, 0x69, 0xc5, 0xf9, 0xd4, 0xd7, 0xf9,
+    0xfc, 0xe9, 0x91, 0x1c, 0x97, 0x1f, 0xa6, 0x7c, 0x6c, 0xa2, 0xf9, 0x01, 0x0f, 0xe4, 0x6f, 0x0f,
+    0x79, 0xbd, 0xc2, 0xb0, 0x60, 0xe1, 0xb7, 0x02, 0x35, 0xca, 0x8a, 0x8e, 0xd6, 0xb4, 0x64, 0xd6,
+    0xbb, 0x30, 0xf3, 0xd4, 0x8c, 0x0a, 0xb8, 0x28, 0x02, 0x53, 0x1a, 0x4a, 0x20, 0x84, 0xdc, 0x20,
+    0x6f, 0xf7, 0x2f, 0x8d, 0x21, 0x8a, 0xed, 0x6d, 0xfc, 0x58, 0x66, 0xbc, 0x1b, 0x57, 0xfb, 0x1b,
+    0xad, 0x7a, 0x1e, 0xe9, 0xcd, 0x61, 0xe2, 0x47, 0xcb, 0xc1, 0xf6, 0x78, 0xed, 0x67, 0x43, 0xed,
+    0x28, 0x2e, 0x4d, 0x45, 0x3a, 0x9f, 0xf3, 0x39, 0x92, 0xa9, 0x85, 0xf7, 0x34, 0x37, 0x48, 0x34,
+    0xea, 0xa3, 0x7c, 0x21, 0xd6, 0x74, 0xfc, 0x13, 0xa5, 0x30, 0x15, 0x33, 0xc2, 0x07, 0xf0, 0xc2,
+    0xe1, 0x86, 0xeb, 0xde, 0x17, 0xa0, 0xd1, 0xc5, 0x20, 0x79, 0x63, 0x2a, 0x45, 0x97, 0x5e, 0x45,
+    0x23, 0x0b, 0xda, 0xba, 0xfb, 0x4b, 0xde, 0xef, 0x17, 0xe0, 0xf3, 0xee, 0xb3, 0xa7, 0xe6, 0xb3,
+    0xa6, 0x5f, 0x89, 0x16, 0x0c, 0xb5, 0xcf, 0x91, 0x4e, 0x88, 0x80, 0x61, 0x6a, 0xf7, 0xed, 0x6a,
+    0x64, 0xd2, 0xb8, 0x72, 0xe0, 0x5e, 0xc0, 0xbb, 0x79, 0x11, 0x10, 0xa5, 0x9c, 0xc7, 0x55, 0x9c,
+    0x6e, 0x38, 0x3a, 0xf2, 0x0f, 0x09, 0x8c, 0x24, 0xbc, 0xaa, 0xa0, 0xe8, 0x91, 0xba, 0x47, 0x91,
+    0xac, 0xb5, 0x0b, 0x96, 0xe3, 0xe2, 0x83, 0x0e, 0x8b, 0x33, 0x30, 0x2c, 0x67, 0x8a, 0xff, 0x67,
+    0x29, 0xe1, 0x58, 0x3a, 0x14, 0x1c, 0x92, 0x70, 0xd2, 0x5b, 0x43, 0xa3, 0xbe, 0xda, 0xf4, 0xbe,
+    0xeb, 0x6c, 0x69, 0x5e, 0xf8, 0xf7, 0x9d, 0x5a, 0xe5, 0xc2, 0xd3, 0x67, 0x48, 0xea, 0x4c, 0x48,
+    0xe0, 0x49, 0xfe, 0xa1, 0x39, 0x23, 0xb0, 0x8c, 0x60, 0x8b, 0xa5, 0x7e, 0xcf, 0x7a, 0xe2, 0xcf,
+    0x22, 0xc4, 0xcf, 0xc5, 0xd5, 0xc8, 0xbf, 0xa6, 0x57, 0x12, 0x35, 0xba, 0x39, 0x4a, 0x5a, 0x39,
+    0xa7, 0x90, 0x9c, 0x69, 0x22, 0x36, 0xae, 0xd8, 0x0e, 0x7a, 0x46, 0x35, 0xe0, 0x1a, 0x51, 0xe0,
+    0x65, 0x1d, 0xad, 0x0d, 0xce, 0xdd, 0xa1, 0xf2, 0x39, 0xe3, 0xd6, 0xf1, 0x16, 0x2a, 0xe9, 0x16,
+    0xb1, 0xda, 0x71, 0x54, 0x63, 0x5d, 0xf4, 0xb7, 0xc7, 0xe8, 0xaa, 0x07, 0x2d, 0xf9, 0xce, 0x2d,
+    0x73, 0x57, 0x40, 0x30, 0x8f, 0xb6, 0xfb, 0x9d, 0xf0, 0x71, 0x3a, 0xc3, 0xdb, 0xc9, 0x76, 0xdb,
+    0xf6, 0x03, 0x13, 0x9c, 0x78, 0x48, 0xea, 0xe3, 0xa9, 0x19, 0x49, 0x4c, 0x02, 0x99, 0x7d, 0x02,
+    0x34, 0x8e, 0x22, 0xf8, 0x94, 0xa3, 0xe5, 0xc9, 0x9e, 0x80, 0xd9, 0x88, 0xf4, 0xa9, 0xc5, 0xf4,
+    0x3f, 0xab, 0xb5, 0x07, 0x55, 0x77, 0xc8, 0x1f, 0x1b, 0xc9, 0xaf, 0x91, 0x73, 0x39, 0x6b, 0x73,
+    0xfd, 0x26, 0x84, 0x63, 0xb9, 0x9c, 0xc7, 0x35, 0x2c, 0x50, 0x3f, 0x55, 0x85, 0x09, 0xd3, 0x85,
+    0x78, 0x72, 0xd7, 0xcf, 0x4e, 0x62, 0xd6, 0x4b, 0x75, 0x38, 0x4c, 0xda, 0x5c, 0x59, 0xd8, 0x5c,
+    0xba, 0xff, 0xe6, 0xab, 0xa2, 0x89, 0xd9, 0x61, 0x42, 0xa1, 0xdc, 0x1e, 0xaa, 0x69, 0x60, 0xaa,
+    0x13, 0x3f, 0xac, 0x7d, 0xd7, 0xa1, 0x7c, 0xc1, 0x4a, 0x2e, 0xb4, 0xf5, 0x2a, 0x3c, 0x96, 0x2a,
+    0xd1, 0xb2, 0x9d, 0x19, 0x3b, 0x4a, 0x73, 0xeb, 0x7d, 0xb7, 0x24, 0x31, 0xdc, 0x0c, 0x2e, 0xdc,
+    0x54, 0xe6, 0xce, 0xb5, 0xcc, 0xb4, 0x62, 0x95, 0x24, 0xdf, 0x57, 0xbe, 0x05, 0x5c, 0x25, 0x05,
+    0x96, 0x6b, 0xff, 0xd1, 0x20, 0x5f, 0x6d, 0xbf, 0x13, 0x46, 0xc7, 0x7a, 0xf3, 0x6c, 0x9d, 0xf3,
+    0x9d, 0x4e, 0x68, 0x2e, 0xe1, 0x8b, 0x40, 0x69, 0x96, 0x0f, 0xb1, 0x63, 0x74, 0xfc, 0x33, 0x74,
+    0x5f, 0xc3, 0x59, 0x4a, 0x0d, 0x60, 0x4f, 0x43, 0xa1, 0x96, 0x21, 0xa7, 0x82, 0xcc, 0x8b, 0x82,
+    0xda, 0x97, 0x0a, 0xe6, 0xfa, 0x9e, 0x5e, 0x3d, 0xf8, 0xfe, 0x52, 0x28, 0x5b, 0x9c, 0x80, 0x5b,
+    0x18, 0x1a, 0x3b, 0x82, 0x16, 0x75, 0x51, 0x17, 0xcf, 0x67, 0xc2, 0xec, 0xad, 0xac, 0x38, 0xad,
+    0xcc, 0xdd, 0xe7, 0xdb, 0xbb, 0xf5, 0x04, 0x52, 0x31, 0x6c, 0xbe, 0x1a, 0x96, 0x7f, 0x1f, 0x96,
+    0x0e, 0x50, 0xd6, 0xbf, 0x57, 0x1e, 0x0b, 0x78, 0x06, 0xf5, 0x2e, 0xde, 0x60, 0x4f, 0xa7, 0x60,
+    0x8b, 0x04, 0x85, 0x13, 0xa0, 0xe0, 0x1a, 0x06, 0x5f, 0x9d, 0x5d, 0x51, 0xb9, 0x1f, 0xac, 0xb9,
+    0x49, 0x89, 0xb4, 0x77, 0x4c, 0x0b, 0x15, 0x2c, 0x68, 0x04, 0xcd, 0x95, 0x4f, 0x2f, 0x14, 0x4f,
+    0x42, 0xac, 0x23, 0x88, 0x8d, 0xdf, 0x38, 0xfa, 0xed, 0x4d, 0xbb, 0x8c, 0xc8, 0xbf, 0xba, 0xc8,
+    0x80, 0x21, 0x12, 0xec, 0x61, 0x34, 0x37, 0xd0, 0xda, 0xd4, 0x2b, 0x48, 0x3e, 0x8f, 0x02, 0x3e,
+    0x05, 0x75, 0x41, 0x40, 0x96, 0xca, 0x26, 0xae, 0x83, 0xbc, 0x58, 0xc7, 0xe7, 0xdf, 0x09, 0xe7,
+    0xc7, 0xf8, 0x70, 0x24, 0x7a, 0x21, 0x29, 0x84, 0xb4, 0x25, 0xc8, 0x03, 0x11, 0xef, 0xb1, 0x11,
+    0x94, 0x36, 0xd5, 0x2f, 0x7c, 0x9a, 0xaf, 0x2d, 0x93, 0x61, 0x88, 0xd2, 0x24, 0x75, 0x26, 0x24,
+    0x56, 0xbb, 0xe4, 0x4b, 0x90, 0x71, 0xa0, 0x07, 0xa4, 0xf8, 0x18, 0x16, 0xd2, 0x45, 0x9e, 0xd2,
+    0xd3, 0xef, 0xb7, 0xe7, 0x67, 0x8f, 0xb1, 0x79, 0xfd, 0x90, 0x6b, 0x99, 0x0b, 0x15, 0x95, 0x0b,
+    0x11, 0x62, 0x86, 0x83, 0x8b, 0x64, 0xbe, 0x53, 0xca, 0x09, 0xfb, 0x5d, 0xfd, 0x25, 0x2d, 0xfd,
+    0x1a, 0x47, 0x11, 0x7c, 0x4a, 0xb0, 0x93, 0x85, 0x4f, 0x40, 0x8d, 0x44, 0x7a, 0xb5, 0x83, 0x7a,
+    0xd8, 0xca, 0x20, 0x18, 0xa6, 0x5b, 0x9c, 0xaf, 0x78, 0xd9, 0x1d, 0x80, 0x8c, 0x85, 0x3b, 0x8c,
+    0x5d, 0x9e, 0x73, 0xb4, 0x51, 0xa5, 0x8d, 0xd1, 0x21, 0xb1, 0x6e, 0x0f, 0x55, 0xd5, 0x30, 0x55,
+    0x9f, 0x13, 0x42, 0xd0, 0xbd, 0x4e, 0x82, 0xfb, 0x16, 0x28, 0xfe, 0xcb, 0xa3, 0xe5, 0x88, 0xa3,
+    0x4b, 0xd4, 0x9e, 0x89, 0x10, 0xce, 0xd7, 0xbe, 0xe8, 0x23, 0x82, 0x3d, 0x98, 0x36, 0xaf, 0x98,
+    0x89, 0x59, 0xaf, 0xed, 0xfc, 0x25, 0xd8, 0x94, 0xdf, 0xba, 0x12, 0xf9, 0x6e, 0x06, 0x17, 0x6e,
+    0x0c, 0x0d, 0xfc, 0x41, 0x0b, 0xdb, 0xc9, 0xea, 0x86, 0xd2, 0x61, 0x76, 0xb7, 0x56, 0x1c, 0xb7,
+    0xce, 0x80, 0xcd, 0x25, 0xe7, 0x30, 0xc6, 0xc0, 0xb1, 0x4b, 0xf1, 0xb2, 0x41, 0x66, 0xa4, 0x41,
+    0xc5, 0xa5, 0x5a, 0xda, 0x26, 0xe4, 0xeb, 0x16, 0x34, 0x02, 0x87, 0xab, 0xc6, 0xf6, 0x0a, 0xc6,
+    0x07, 0x28, 0x6b, 0xbe, 0xca, 0x0f, 0xe4, 0x3c, 0x03, 0x9b, 0x17, 0x6f, 0x30, 0xc6, 0xb2, 0x30,
+    0x82, 0x7c, 0x38, 0x12, 0x3d, 0xf1, 0xf5, 0x42, 0x5a, 0xf3, 0x64, 0xe0, 0xe9, 0x96, 0xb9, 0xe9,
+    0x40, 0xf1, 0x09, 0x76, 0xd1, 0x1a, 0xfa, 0x68, 0x6d, 0x6a, 0xf4, 0x24, 0x1f, 0xa6, 0x01, 0x1f,
+    0xe9, 0x31, 0x43, 0xa0, 0xa4, 0x32, 0x5f, 0xc8, 0x65, 0xe5, 0x9c, 0xcf, 0x9f, 0xf3, 0xf7, 0x9f,
+    0x2b, 0xbc, 0x72, 0xc4, 0x48, 0xd9, 0x50, 0xe2, 0x52, 0x7c, 0x0c, 0x0b, 0x69, 0xc3, 0x4f, 0x69,
+    0xae, 0xe8, 0x21, 0x68, 0xbf, 0x27, 0x41, 0x9c, 0x0b, 0x14, 0x7f, 0x84, 0xb0, 0x93, 0x44, 0xb0,
+    0x6c, 0x65, 0x10, 0x0c, 0x53, 0xcc, 0x4e, 0xb6, 0x3c, 0x8d, 0xef, 0x40, 0x46, 0xa3, 0xfc, 0x46,
+    0x67, 0x40, 0x87, 0xf3, 0x92, 0x18, 0x63, 0x60, 0xb9, 0xc4, 0x99, 0x59, 0xc1, 0x33, 0x52, 0xc1,
+    0xa5, 0xcd, 0xb6, 0x97, 0x7e, 0xf3, 0x6c, 0x4a, 0x8e, 0x5d, 0x09, 0x9d, 0x37, 0x03, 0xea, 0x37,
+    0x20, 0x99, 0xe5, 0x3b, 0x89, 0x0d, 0x7d, 0x34, 0xd7, 0x35, 0x7a, 0x12, 0xee, 0x53, 0xe1, 0xee,
+    0xe2, 0x14, 0xd4, 0x5f, 0x65, 0xe6, 0x72, 0x1e, 0xe0, 0xac, 0xea, 0xd6, 0x18, 0x63, 0x59, 0x18,
+    0x36, 0xd3, 0x08, 0x06, 0xc8, 0x66, 0x27, 0x5b, 0x1e, 0xa7, 0x96, 0x20, 0x23, 0xb0, 0x7e, 0x23,
+    0xf4, 0x5e, 0x39, 0x62, 0x24, 0x8d, 0x28, 0x71, 0x29, 0x3e, 0x06, 0xe4, 0xd5, 0x80, 0xc6, 0xd5,
+    0x71, 0x0a, 0x6a, 0xce, 0xd3, 0x73, 0x39, 0x0f, 0x70, 0x56, 0x75, 0x6b, 0x0c, 0xd0, 0xcd, 0x0c,
+    0xb3, 0x87, 0x5b, 0xaa, 0x3f, 0x98, 0x36, 0x25, 0x47, 0xcf, 0xe5, 0xaf, 0xfa, 0xe0, 0x75, 0xfa,
+    0xb8, 0xa2, 0xcc, 0x55, 0xfe, 0x4c, 0x1b, 0xf3, 0xc2, 0x86, 0x93, 0xb6, 0x7d, 0x70, 0xdb, 0x7d,
+    0x7a, 0x2f, 0xfd, 0x31, 0x12, 0xa7, 0x14, 0xd9, 0xf5, 0x1f, 0x03, 0x72, 0x8b, 0x40, 0x63, 0x8b,
+    0xff, 0x7b, 0xae, 0x9d, 0xe5, 0x59, 0x05, 0xa7, 0xac, 0x77, 0x70, 0xfd, 0x52, 0x10, 0x68, 0x52,
+    0x3d, 0xf6, 0x9f, 0xf9, 0x09, 0xb2, 0x0a, 0x8d, 0x9b, 0xee, 0xe0, 0x39, 0xa4, 0x20, 0xd0, 0xa4,
+    0x59, 0x24, 0x27, 0x8b, 0xe9, 0xec, 0xca, 0x36, 0xe2, 0xff, 0xf0, 0x9c, 0x38, 0xe7, 0x85, 0x38,
+    0x9b, 0xa9, 0x16, 0xef, 0x05, 0x07, 0xc5, 0x1c, 0xd5, 0x66, 0x60, 0x58, 0xce, 0xd7, 0x3d, 0xce,
+    0x1e, 0xfd, 0x45, 0x43, 0xf2, 0xf9, 0xd4, 0x62, 0x8c, 0x0e, 0x13, 0xd7, 0x17, 0x87, 0x36, 0x17,
+    0xdc, 0x70, 0x74, 0x27, 0x1e, 0x12, 0xdb, 0x48, 0xbb, 0x97, 0x83, 0x13, 0xe1, 0xb7, 0x8e, 0xe1,
+    0xd7, 0x55, 0xe3, 0xd8, 0xdf, 0xc6, 0xf6, 0x9e, 0x3e, 0xde, 0xf5, 0x0a, 0x66, 0x27, 0x20, 0x66,
+    0x15, 0xd8, 0xd2, 0xbc, 0x33, 0x2d, 0xf9, 0xb4, 0x09, 0x47, 0x65, 0xce, 0x90, 0x17, 0x98, 0x90,
+    0x90, 0x8c, 0x81, 0x10, 0xc4, 0xd3, 0xe8, 0xca, 0x50, 0x2f, 0x16, 0x41, 0x49, 0x47, 0x93, 0x49,
+    0x52, 0x01, 0xb0, 0x74, 0x28, 0x38, 0xe7, 0xe0, 0x67, 0xb6, 0x86, 0x85, 0xbf, 0x77, 0x2b, 0xbf,
+    0x86, 0xc6, 0x6c, 0x2d, 0x85, 0xb8, 0xb2, 0xa5, 0x99, 0xbd, 0xfa, 0x73, 0x84, 0xa4, 0x0c, 0x84,
+    0x44, 0x4b, 0x5d, 0x49, 0x69, 0x53, 0xbd, 0x8f, 0xae, 0x24, 0x6a, 0xb7, 0x72, 0x94, 0xb4, 0x72,
+    0xc1, 0x1f, 0x0e, 0xe5, 0x9e, 0xad, 0xac, 0xf1, 0xf7, 0x4c, 0x19, 0x38, 0xab, 0xc4, 0xbf, 0xab,
+    0x03, 0x92, 0x3f, 0x81, 0x72, 0x46, 0xa3, 0xdb, 0xc0, 0xd5, 0x89, 0xfc, 0x5d, 0xf4, 0x07, 0x5d,
+    0x08, 0xb7, 0xa8, 0x7e, 0xb3, 0x92, 0x8e, 0x0d, 0x45, 0x9c, 0xff, 0xe5, 0xda, 0x64, 0xa9, 0xda,
+    0xca, 0x3a, 0x99, 0x1a, 0x5f, 0x79, 0x81, 0x27, 0x72, 0x05, 0x6f, 0x21, 0x2c, 0x54, 0x11, 0x2c,
+    0x4f, 0x6e, 0xca, 0xb6, 0xa8, 0x87, 0x90, 0x59, 0x2b, 0x6d, 0x1c, 0xae, 0xf5, 0x04, 0x1a, 0xf5,
+    0x8d, 0xe3, 0xfb, 0xd2, 0x44, 0x6c, 0x9f, 0x73, 0x1c, 0xf4, 0x8c, 0x6a, 0x03, 0x34, 0xa2, 0x03,
+    0x24, 0x23, 0xb1, 0x04, 0x31, 0x44, 0x3a, 0xd3, 0x14, 0x7b, 0xe4, 0x81, 0x83, 0x61, 0x54, 0x83,
+    0xe6, 0xae, 0x80, 0x60, 0xdd, 0xaf, 0x35, 0xf9, 0x23, 0xe2, 0x74, 0x45, 0x75, 0x51, 0xec, 0x75,
+    0x63, 0xfa, 0xd3, 0xcc, 0x2a, 0x51, 0x24, 0x87, 0x7a, 0x8a, 0x07, 0xca, 0xac, 0x01, 0xe7, 0xac,
+    0xa1, 0x77, 0xe2, 0xa8, 0xc6, 0xba, 0x2b, 0xad, 0x4d, 0x13, 0x97, 0x0e, 0x5a, 0x31, 0x5f, 0x5a,
+    0xaa, 0x52, 0x75, 0x57, 0x07, 0x6e, 0x06, 0x7b, 0xc8, 0x5a, 0xe1, 0x17, 0xdd, 0xa1, 0xf1, 0xdd,
+    0x68, 0xdf, 0x44, 0x33, 0xeb, 0x85, 0x09, 0x51, 0xff, 0xc3, 0x71, 0xd3, 0x2b, 0x91, 0x49, 0x2b,
+    0xed, 0x8b, 0x17, 0x9f, 0x1c, 0x7b, 0x18, 0x2f, 0xa6, 0xab, 0x02, 0x5c, 0xf2, 0xc1, 0x42, 0xf2,
+    0x2f, 0x06, 0x26, 0xfb, 0xf0, 0x90, 0x17, 0x05, 0x91, 0x32, 0x92, 0x98, 0x04, 0xf1, 0xfa, 0x04,
+    0xfb, 0xc1, 0xfa, 0xa2, 0x5d, 0x10, 0x42, 0x40, 0x6f, 0x39, 0xee, 0x6e, 0x3f, 0x22, 0xdd, 0x3f,
+    0x39, 0x4c, 0xcb, 0xc6, 0xb1, 0xfb, 0x4d, 0x6a, 0x58, 0xa0, 0x7e, 0xaa, 0xc9, 0x12, 0x65, 0xc9,
+    0xbc, 0x18, 0x98, 0x6a, 0x46, 0x05, 0x5c, 0x14, 0x01, 0xc8, 0x0d, 0x25, 0x10, 0x42, 0x6e, 0x10,
+    0x7e, 0x95, 0xa9, 0x0e, 0xaa, 0xee, 0x53, 0x3e, 0x36, 0x51, 0x9d, 0xe1, 0xe6, 0x72, 0xd6, 0xe6,
+    0x75, 0xb0, 0x3e, 0xf1, 0x6b, 0x3a, 0x7e, 0xe8, 0xb3, 0x18, 0xeb, 0xf8, 0x61, 0xe2, 0x78, 0x61,
+    0xb7, 0x3d, 0x0f, 0x95, 0x87, 0xd1, 0x71, 0xc2, 0x84, 0x81, 0x7b, 0x3c, 0x97, 0xd2, 0xc0, 0x97,
+    0x32, 0x69, 0x5c, 0x39, 0x70, 0x2f, 0x60, 0xbc, 0xdd, 0xe9, 0x08, 0xb3, 0x4e, 0x82, 0xcb, 0x4e,
+    0xf0, 0xe4, 0x6d, 0x5d, 0x9c, 0xc4, 0x6f, 0x96, 0xea, 0x70, 0x98, 0x77, 0xb8, 0xb2, 0x73, 0xb8,
+    0xa3, 0x2a, 0xc8, 0x56, 0x9a, 0x7f, 0xe9, 0x3f, 0xcd, 0x34, 0xd8, 0xa6, 0x8d, 0x28, 0xe4, 0x8d,
+    0x61, 0xa7, 0xf9, 0x32, 0x76, 0x94, 0xe6, 0x15, 0xfa, 0xad, 0x48, 0x62, 0x7b, 0x18, 0x5c, 0x7b,
+    0xe4, 0xf3, 0xaa, 0x9e, 0x81, 0x6a, 0xf7, 0x6b, 0xa3, 0xc5, 0x3b, 0xed, 0xa2, 0x48, 0x57, 0xa2,
+    0x26, 0x7e, 0x9b, 0xfa, 0x6d, 0x81, 0xf8, 0x41, 0x94, 0x5c, 0xab, 0x29, 0x54, 0x78, 0xef, 0x54,
+    0x2d, 0x5b, 0x0c, 0x05, 0xac, 0x55, 0xd5, 0x97, 0x11, 0x15, 0xdd, 0x30, 0xd3, 0xe8, 0x41, 0xd3,
+    0xef, 0xd6, 0x3d, 0x61, 0x40, 0xbe, 0xda, 0xbd, 0x26, 0x8c, 0x4d, 0xf4, 0x25, 0xd8, 0xf9, 0x25,
+    0x6a, 0x82, 0x6e, 0xcd, 0xb7, 0x40, 0xcb, 0xc3, 0x7f, 0xe4, 0x3e, 0x7b, 0xfc, 0x88, 0xf2, 0xfc,
+    0xa8, 0x0f, 0x5f, 0xa9, 0x5b, 0xab, 0xc4, 0xe9, 0x48, 0x7d, 0xae, 0xbf, 0x0a, 0xb8, 0x4a, 0x0a,
+    0x7c, 0xc8, 0x83, 0xf0, 0xf6, 0x2b, 0x91, 0xac, 0xb6, 0x76, 0xd2, 0x49, 0x31, 0x6b, 0x6d, 0x31,
+    0xbe, 0x45, 0xb2, 0x94, 0x1a, 0xc0, 0x9e, 0x86, 0x81, 0xef, 0x42, 0x8d, 0xc7, 0x5b, 0xd5, 0xc7,
+    0x3b, 0x11, 0xe1, 0x38, 0xed, 0x3e, 0x8f, 0xf8, 0xd8, 0x87, 0x31, 0x02, 0x1e, 0x0b, 0xde, 0x1e,
+    0xf9, 0x9c, 0xd0, 0x5c, 0x01, 0xd5, 0x80, 0xd2, 0xef, 0x1e, 0xa1, 0xc6, 0xe8, 0x3b, 0x66, 0xe8,
+    0xf2, 0xb9, 0x47, 0xa3, 0xc0, 0x01, 0xad, 0x04, 0x6a, 0x57, 0xd7, 0xdf, 0x6f, 0xab, 0xc8, 0x6f,
+    0x30, 0x34, 0x76, 0xc7, 0x2c, 0xea, 0xa2, 0x2e, 0x5d, 0xce, 0x47, 0x1b, 0x99, 0x9b, 0x70, 0x99,
+    0xb5, 0x60, 0x25, 0x6b, 0xdb, 0x14, 0xb3, 0x50, 0x04, 0xa6, 0x34, 0x94, 0x40, 0xcb, 0x7b, 0x40,
+    0x77, 0xed, 0x14, 0x0f, 0x37, 0xff, 0xbc, 0x7a, 0x33, 0x3f, 0xa4, 0x50, 0xb6, 0xfb, 0xc3, 0xb6,
+    0xde, 0x2d, 0x5e, 0xd9, 0x42, 0xd7, 0x19, 0xda, 0x3b, 0xb0, 0xcc, 0xbb, 0x36, 0xae, 0x35, 0x36,
+    0x1c, 0xa0, 0x6f, 0xbd, 0xae, 0x3c, 0x16, 0xf0, 0x0c, 0x29, 0x5c, 0x7f, 0xc0, 0x9e, 0x8d, 0xc0,
+    0x99, 0xf4, 0x3c, 0x11, 0x59, 0xc2, 0x07, 0x8e, 0x55, 0x41, 0x2f, 0xf0, 0x19, 0xce, 0x86, 0x19,
+    0x5b, 0x79, 0x0d, 0x75, 0xb5, 0x29, 0x08, 0xa4, 0x62, 0xd8, 0xbf, 0x34, 0xef, 0xfe, 0x3e, 0xef,
+    0x50, 0x5c, 0x9a, 0x8a, 0x74, 0xfd, 0x25, 0x72, 0xe7, 0x91, 0xc9, 0x2d, 0x68, 0x6e, 0x90, 0x68,
+    0x92, 0xd1, 0xab, 0xee, 0x98, 0x16, 0x2a, 0x58, 0xd0, 0x08, 0x59, 0xe9, 0x9e, 0x5e, 0x28, 0x9e,
+    0x17, 0x85, 0xf8, 0x42, 0x6f, 0xe8, 0x3b, 0x26, 0x89, 0x60, 0x2a, 0x66, 0x47, 0x0e, 0x23, 0x47,
+    0xd5, 0x08, 0xc9, 0x26, 0x83, 0x03, 0x34, 0x0c, 0xbe, 0xf9, 0xba, 0xa2, 0xb1, 0x3e, 0x9b, 0xb1,
+    0x01, 0xcf, 0x15, 0x7f, 0x2e, 0x83, 0x61, 0x49, 0x40, 0xf2, 0xc6, 0x54, 0x8a, 0xed, 0xbc, 0x8a,
+    0xc3, 0x42, 0x24, 0x1b, 0xc2, 0x68, 0x6e, 0x63, 0x77, 0x6b, 0x56, 0x90, 0x7c, 0xdd, 0x04, 0x7c,
+    0x46, 0x16, 0x77, 0xb7, 0x35, 0x96, 0x7f, 0x1d, 0x2e, 0x03, 0x25, 0x1f, 0xa5, 0x8d, 0x0f, 0xa5,
+    0x84, 0x9b, 0x46, 0xd3, 0xd9, 0x7d, 0x70, 0x37, 0x19, 0x9a, 0xb5, 0xdb, 0x53, 0xbd, 0xb7, 0x53,
+    0x8f, 0xbe, 0xd1, 0x2c, 0x18, 0xa9, 0x5d, 0xe1, 0x9c, 0xd3, 0xc3, 0xc2, 0xd4, 0x2d, 0x19, 0xd4,
+    0x4d, 0x33, 0xe0, 0x48, 0xf4, 0x42, 0x52, 0xcb, 0xab, 0x4a, 0x53, 0x06, 0x22, 0x1d, 0xa1, 0x22,
+    0xc8, 0x67, 0xb3, 0xe4, 0x03, 0xbc, 0x43, 0xb5, 0xf2, 0x22, 0x20, 0x89, 0xfb, 0x4d, 0xaa, 0xfb,
+    0x0a, 0xea, 0x82, 0x80, 0xef, 0x57, 0x4c, 0x9f, 0xc5, 0xbb, 0xb0, 0x4d, 0x0d, 0x7d, 0x12, 0x0d,
+  },
+  { /* 6 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0xc0, 0xb4, 0xa6, 0xff, 0x39, 0x2f, 0x54, 0x6c, 0xaf, 0xeb, 0xe1, 0xd4, 0xd7, 0x63, 0x64, 0xbf,
+    0x43, 0xab, 0x8f, 0x3d, 0x72, 0x5e, 0xa8, 0xd8, 0x9d, 0x15, 0x01, 0x6b, 0x6d, 0xc6, 0xc8, 0xbd,
+    0x83, 0x1f, 0x29, 0xc2, 0x4b, 0x71, 0xfc, 0xb4, 0x32, 0xfe, 0xe0, 0xbf, 0xba, 0xa5, 0xac, 0x02,
+    0x86, 0x95, 0xdd, 0x7a, 0xe4, 0xbc, 0x93, 0x73, 0xf9, 0x2a, 0x02, 0xd6, 0xda, 0x4f, 0x53, 0xb9,
+    0x46, 0x21, 0x7b, 0x85, 0xdd, 0x93, 0xc7, 0x1f, 0x56, 0xc1, 0xe3, 0x02, 0x0d, 0x2c, 0x37, 0x06,
+    0xc5, 0x3e, 0x52, 0x47, 0x96, 0xe2, 0x3b, 0xab, 0x64, 0x3f, 0x03, 0xbd, 0xb7, 0x89, 0x9b, 0x04,
+    0x05, 0x8a, 0xf4, 0xb8, 0xaf, 0xcd, 0x6f, 0xc7, 0xcb, 0xd4, 0xe2, 0x69, 0x60, 0xea, 0xff, 0xbb,
+    0xcf, 0xe9, 0x79, 0xf4, 0x0b, 0xbb, 0xe5, 0xe6, 0x31, 0x54, 0x04, 0x6f, 0x77, 0x9e, 0xa6, 0xb1,
+    0x0f, 0x5d, 0xdf, 0x0b, 0x32, 0x94, 0xb1, 0x8a, 0x9e, 0xbf, 0xe5, 0xbb, 0xa0, 0xfd, 0xc2, 0x0e,
+    0x8c, 0x42, 0xf6, 0xc9, 0x79, 0xe5, 0x4d, 0x3e, 0xac, 0x41, 0x05, 0x04, 0x1a, 0x58, 0x6e, 0x0c,
+    0x4c, 0xf6, 0x50, 0x36, 0x40, 0xca, 0x19, 0x52, 0x03, 0xaa, 0xe4, 0xd0, 0xcd, 0x3b, 0x0a, 0xb3,
+    0x49, 0x7c, 0xa4, 0x8e, 0xef, 0x07, 0x76, 0x95, 0xc8, 0x7e, 0x06, 0xb9, 0xad, 0xd1, 0xf5, 0x08,
+    0x89, 0xc8, 0x02, 0x71, 0xd6, 0x28, 0x22, 0xf9, 0x67, 0x95, 0xe7, 0x6d, 0x7a, 0xb2, 0x91, 0xb7,
+    0x0a, 0xd7, 0x2b, 0xb3, 0x9d, 0x59, 0xde, 0x4d, 0x55, 0x6b, 0x07, 0xd2, 0xc0, 0x17, 0x3d, 0xb5,
+    0xca, 0x63, 0x8d, 0x4c, 0xa4, 0x76, 0x8a, 0x21, 0xfa, 0x80, 0xe6, 0x06, 0x17, 0x74, 0x59, 0x0a,
+    0x5d, 0x11, 0xf2, 0x2b, 0x16, 0xb5, 0x09, 0x0f, 0x62, 0xa8, 0x08, 0xde, 0xee, 0xff, 0x8f, 0xa1,
+    0x9d, 0xa5, 0x54, 0xd4, 0x2f, 0x9a, 0x5d, 0x63, 0xcd, 0x43, 0xe9, 0x0a, 0x39, 0x9c, 0xeb, 0x1e,
+    0x1e, 0xba, 0x7d, 0x16, 0x64, 0xeb, 0xa1, 0xd7, 0xff, 0xbd, 0x09, 0xb5, 0x83, 0x39, 0x47, 0x1c,
+    0xde, 0x0e, 0xdb, 0xe9, 0x5d, 0xc4, 0xf5, 0xbb, 0x50, 0x56, 0xe8, 0x61, 0x54, 0x5a, 0x23, 0xa3,
+    0xdb, 0x84, 0x2f, 0x51, 0xf2, 0x09, 0x9a, 0x7c, 0x9b, 0x82, 0x0a, 0x08, 0x34, 0xb0, 0xdc, 0x18,
+    0x1b, 0x30, 0x89, 0xae, 0xcb, 0x26, 0xce, 0x10, 0x34, 0x69, 0xeb, 0xdc, 0xe3, 0xd3, 0xb8, 0xa7,
+    0x98, 0x2f, 0xa0, 0x6c, 0x80, 0x57, 0x32, 0xa4, 0x06, 0x97, 0x0b, 0x63, 0x59, 0x76, 0x14, 0xa5,
+    0x58, 0x9b, 0x06, 0x93, 0xb9, 0x78, 0x66, 0xc8, 0xa9, 0x7c, 0xea, 0xb7, 0x8e, 0x15, 0x70, 0x1a,
+    0x92, 0xf8, 0x8b, 0xdf, 0x1d, 0x0e, 0xec, 0xe9, 0x53, 0xfc, 0x0c, 0xb1, 0x99, 0x61, 0x29, 0x10,
+    0x52, 0x4c, 0x2d, 0x20, 0x24, 0x21, 0xb8, 0x85, 0xfc, 0x17, 0xed, 0x65, 0x4e, 0x02, 0x4d, 0xaf,
+    0xd1, 0x53, 0x04, 0xe2, 0x6f, 0x50, 0x44, 0x31, 0xce, 0xe9, 0x0d, 0xda, 0xf4, 0xa7, 0xe1, 0xad,
+    0x11, 0xe7, 0xa2, 0x1d, 0x56, 0x7f, 0x10, 0x5d, 0x61, 0x02, 0xec, 0x0e, 0x23, 0xc4, 0x85, 0x12,
+    0x14, 0x6d, 0x56, 0xa5, 0xf9, 0xb2, 0x7f, 0x9a, 0xaa, 0xd6, 0x0e, 0x67, 0x43, 0x2e, 0x7a, 0xa9,
+    0xd4, 0xd9, 0xf0, 0x5a, 0xc0, 0x9d, 0x2b, 0xf6, 0x05, 0x3d, 0xef, 0xb3, 0x94, 0x4d, 0x1e, 0x16,
+    0x57, 0xc6, 0xd9, 0x98, 0x8b, 0xec, 0xd7, 0x42, 0x37, 0xc3, 0x0f, 0x0c, 0x2e, 0xe8, 0xb2, 0x14,
+    0x97, 0x72, 0x7f, 0x67, 0xb2, 0xc3, 0x83, 0x2e, 0x98, 0x28, 0xee, 0xd8, 0xf9, 0x8b, 0xd6, 0xab,
+    0xba, 0x22, 0x27, 0x56, 0x2c, 0xa9, 0x12, 0x1e, 0xc4, 0x93, 0x10, 0x7f, 0x1f, 0x3d, 0xdd, 0x81,
+    0x7a, 0x96, 0x81, 0xa9, 0x15, 0x86, 0x46, 0x72, 0x6b, 0x78, 0xf1, 0xab, 0xc8, 0x5e, 0xb9, 0x3e,
+    0xf9, 0x89, 0xa8, 0x6b, 0x5e, 0xf7, 0xba, 0xc6, 0x59, 0x86, 0x11, 0x14, 0x72, 0xfb, 0x15, 0x3c,
+    0x39, 0x3d, 0x0e, 0x94, 0x67, 0xd8, 0xee, 0xaa, 0xf6, 0x6d, 0xf0, 0xc0, 0xa5, 0x98, 0x71, 0x83,
+    0x3c, 0xb7, 0xfa, 0x2c, 0xc8, 0x15, 0x81, 0x6d, 0x3d, 0xb9, 0x12, 0xa9, 0xc5, 0x72, 0x8e, 0x38,
+    0xfc, 0x03, 0x5c, 0xd3, 0xf1, 0x3a, 0xd5, 0x01, 0x92, 0x52, 0xf3, 0x7d, 0x12, 0x11, 0xea, 0x87,
+    0x7f, 0x1c, 0x75, 0x11, 0xba, 0x4b, 0x29, 0xb5, 0xa0, 0xac, 0x13, 0xc2, 0xa8, 0xb4, 0x46, 0x85,
+    0xbf, 0xa8, 0xd3, 0xee, 0x83, 0x64, 0x7d, 0xd9, 0x0f, 0x47, 0xf2, 0x16, 0x7f, 0xd7, 0x22, 0x3a,
+    0x75, 0xcb, 0x5e, 0xa2, 0x27, 0x12, 0xf7, 0xf8, 0xf5, 0xc7, 0x14, 0x10, 0x68, 0xa3, 0x7b, 0x30,
+    0xb5, 0x7f, 0xf8, 0x5d, 0x1e, 0x3d, 0xa3, 0x94, 0x5a, 0x2c, 0xf5, 0xc4, 0xbf, 0xc0, 0x1f, 0x8f,
+    0x36, 0x60, 0xd1, 0x9f, 0x55, 0x4c, 0x5f, 0x20, 0x68, 0xd2, 0x15, 0x7b, 0x05, 0x65, 0xb3, 0x8d,
+    0xf6, 0xd4, 0x77, 0x60, 0x6c, 0x63, 0x0b, 0x4c, 0xc7, 0x39, 0xf4, 0xaf, 0xd2, 0x06, 0xd7, 0x32,
+    0xf3, 0x5e, 0x83, 0xd8, 0xc3, 0xae, 0x64, 0x8b, 0x0c, 0xed, 0x16, 0xc6, 0xb2, 0xec, 0x28, 0x89,
+    0x33, 0xea, 0x25, 0x27, 0xfa, 0x81, 0x30, 0xe7, 0xa3, 0x06, 0xf7, 0x12, 0x65, 0x8f, 0x4c, 0x36,
+    0xb0, 0xf5, 0x0c, 0xe5, 0xb1, 0xf0, 0xcc, 0x53, 0x91, 0xf8, 0x17, 0xad, 0xdf, 0x2a, 0xe0, 0x34,
+    0x70, 0x41, 0xaa, 0x1a, 0x88, 0xdf, 0x98, 0x3f, 0x3e, 0x13, 0xf6, 0x79, 0x08, 0x49, 0x84, 0x8b,
+    0xe7, 0x33, 0xd5, 0x7d, 0x3a, 0x1c, 0x1b, 0x11, 0xa6, 0x3b, 0x18, 0xa1, 0xf1, 0xc2, 0x52, 0x20,
+    0x27, 0x87, 0x73, 0x82, 0x03, 0x33, 0x4f, 0x7d, 0x09, 0xd0, 0xf9, 0x75, 0x26, 0xa1, 0x36, 0x9f,
+    0xa4, 0x98, 0x5a, 0x40, 0x48, 0x42, 0xb3, 0xc9, 0x3b, 0x2e, 0x19, 0xca, 0x9c, 0x04, 0x9a, 0x9d,
+    0x64, 0x2c, 0xfc, 0xbf, 0x71, 0x6d, 0xe7, 0xa5, 0x94, 0xc5, 0xf8, 0x1e, 0x4b, 0x67, 0xfe, 0x22,
+    0x61, 0xa6, 0x08, 0x07, 0xde, 0xa0, 0x88, 0x62, 0x5f, 0x11, 0x1a, 0x77, 0x2b, 0x8d, 0x01, 0x99,
+    0xa1, 0x12, 0xae, 0xf8, 0xe7, 0x8f, 0xdc, 0x0e, 0xf0, 0xfa, 0xfb, 0xa3, 0xfc, 0xee, 0x65, 0x26,
+    0x22, 0x0d, 0x87, 0x3a, 0xac, 0xfe, 0x20, 0xba, 0xc2, 0x04, 0x1b, 0x1c, 0x46, 0x4b, 0xc9, 0x24,
+    0xe2, 0xb9, 0x21, 0xc5, 0x95, 0xd1, 0x74, 0xd6, 0x6d, 0xef, 0xfa, 0xc8, 0x91, 0x28, 0xad, 0x9b,
+    0x28, 0xda, 0xac, 0x89, 0x31, 0xa7, 0xfe, 0xf7, 0x97, 0x6f, 0x1c, 0xce, 0x86, 0x5c, 0xf4, 0x91,
+    0xe8, 0x6e, 0x0a, 0x76, 0x08, 0x88, 0xaa, 0x9b, 0x38, 0x84, 0xfd, 0x1a, 0x51, 0x3f, 0x90, 0x2e,
+    0x6b, 0x71, 0x23, 0xb4, 0x43, 0xf9, 0x56, 0x2f, 0x0a, 0x7a, 0x1d, 0xa5, 0xeb, 0x9a, 0x3c, 0x2c,
+    0xab, 0xc5, 0x85, 0x4b, 0x7a, 0xd6, 0x02, 0x43, 0xa5, 0x91, 0xfc, 0x71, 0x3c, 0xf9, 0x58, 0x93,
+    0xae, 0x4f, 0x71, 0xf3, 0xd5, 0x1b, 0x6d, 0x84, 0x6e, 0x45, 0x1e, 0x18, 0x5c, 0x13, 0xa7, 0x28,
+    0x6e, 0xfb, 0xd7, 0x0c, 0xec, 0x34, 0x39, 0xe8, 0xc1, 0xae, 0xff, 0xcc, 0x8b, 0x70, 0xc3, 0x97,
+    0xed, 0xe4, 0xfe, 0xce, 0xa7, 0x45, 0xc5, 0x5c, 0xf3, 0x50, 0x1f, 0x73, 0x31, 0xd5, 0x6f, 0x95,
+    0x2d, 0x50, 0x58, 0x31, 0x9e, 0x6a, 0x91, 0x30, 0x5c, 0xbb, 0xfe, 0xa7, 0xe6, 0xb6, 0x0b, 0x2a,
+    0xb7, 0x44, 0x4e, 0xac, 0x58, 0x91, 0x24, 0x3c, 0x4b, 0xe5, 0x20, 0xfe, 0x3e, 0x7a, 0x79, 0xc1,
+    0x77, 0xf0, 0xe8, 0x53, 0x61, 0xbe, 0x70, 0x50, 0xe4, 0x0e, 0xc1, 0x2a, 0xe9, 0x19, 0x1d, 0x7e,
+    0xf4, 0xef, 0xc1, 0x91, 0x2a, 0xcf, 0x8c, 0xe4, 0xd6, 0xf0, 0x21, 0x95, 0x53, 0xbc, 0xb1, 0x7c,
+    0x34, 0x5b, 0x67, 0x6e, 0x13, 0xe0, 0xd8, 0x88, 0x79, 0x1b, 0xc0, 0x41, 0x84, 0xdf, 0xd5, 0xc3,
+    0x31, 0xd1, 0x93, 0xd6, 0xbc, 0x2d, 0xb7, 0x4f, 0xb2, 0xcf, 0x22, 0x28, 0xe4, 0x35, 0x2a, 0x78,
+    0xf1, 0x65, 0x35, 0x29, 0x85, 0x02, 0xe3, 0x23, 0x1d, 0x24, 0xc3, 0xfc, 0x33, 0x56, 0x4e, 0xc7,
+    0x72, 0x7a, 0x1c, 0xeb, 0xce, 0x73, 0x1f, 0x97, 0x2f, 0xda, 0x23, 0x43, 0x89, 0xf3, 0xe2, 0xc5,
+    0xb2, 0xce, 0xba, 0x14, 0xf7, 0x5c, 0x4b, 0xfb, 0x80, 0x31, 0xc2, 0x97, 0x5e, 0x90, 0x86, 0x7a,
+    0x78, 0xad, 0x37, 0x58, 0x53, 0x2a, 0xc1, 0xda, 0x7a, 0xb1, 0x24, 0x91, 0x49, 0xe4, 0xdf, 0x70,
+    0xb8, 0x19, 0x91, 0xa7, 0x6a, 0x05, 0x95, 0xb6, 0xd5, 0x5a, 0xc5, 0x45, 0x9e, 0x87, 0xbb, 0xcf,
+    0x3b, 0x06, 0xb8, 0x65, 0x21, 0x74, 0x69, 0x02, 0xe7, 0xa4, 0x25, 0xfa, 0x24, 0x22, 0x17, 0xcd,
+    0xfb, 0xb2, 0x1e, 0x9a, 0x18, 0x5b, 0x3d, 0x6e, 0x48, 0x4f, 0xc4, 0x2e, 0xf3, 0x41, 0x73, 0x72,
+    0xfe, 0x38, 0xea, 0x22, 0xb7, 0x96, 0x52, 0xa9, 0x83, 0x9b, 0x26, 0x47, 0x93, 0xab, 0x8c, 0xc9,
+    0x3e, 0x8c, 0x4c, 0xdd, 0x8e, 0xb9, 0x06, 0xc5, 0x2c, 0x70, 0xc7, 0x93, 0x44, 0xc8, 0xe8, 0x76,
+    0xbd, 0x93, 0x65, 0x1f, 0xc5, 0xc8, 0xfa, 0x71, 0x1e, 0x8e, 0x27, 0x2c, 0xfe, 0x6d, 0x44, 0x74,
+    0x7d, 0x27, 0xc3, 0xe0, 0xfc, 0xe7, 0xae, 0x1d, 0xb1, 0x65, 0xc6, 0xf8, 0x29, 0x0e, 0x20, 0xcb,
+    0xea, 0x55, 0xbc, 0x87, 0x4e, 0x24, 0x2d, 0x33, 0x29, 0x4d, 0x28, 0x20, 0xd0, 0x85, 0xf6, 0x60,
+    0x2a, 0xe1, 0x1a, 0x78, 0x77, 0x0b, 0x79, 0x5f, 0x86, 0xa6, 0xc9, 0xf4, 0x07, 0xe6, 0x92, 0xdf,
+    0xa9, 0xfe, 0x33, 0xba, 0x3c, 0x7a, 0x85, 0xeb, 0xb4, 0x58, 0x29, 0x4b, 0xbd, 0x43, 0x3e, 0xdd,
+    0x69, 0x4a, 0x95, 0x45, 0x05, 0x55, 0xd1, 0x87, 0x1b, 0xb3, 0xc8, 0x9f, 0x6a, 0x20, 0x5a, 0x62,
+    0x6c, 0xc0, 0x61, 0xfd, 0xaa, 0x98, 0xbe, 0x40, 0xd0, 0x67, 0x2a, 0xf6, 0x0a, 0xca, 0xa5, 0xd9,
+    0xac, 0x74, 0xc7, 0x02, 0x93, 0xb7, 0xea, 0x2c, 0x7f, 0x8c, 0xcb, 0x22, 0xdd, 0xa9, 0xc1, 0x66,
+    0x2f, 0x6b, 0xee, 0xc0, 0xd8, 0xc6, 0x16, 0x98, 0x4d, 0x72, 0x2b, 0x9d, 0x67, 0x0c, 0x6d, 0x64,
+    0xef, 0xdf, 0x48, 0x3f, 0xe1, 0xe9, 0x42, 0xf4, 0xe2, 0x99, 0xca, 0x49, 0xb0, 0x6f, 0x09, 0xdb,
+    0x25, 0xbc, 0xc5, 0x73, 0x45, 0x9f, 0xc8, 0xd5, 0x18, 0x19, 0x2c, 0x4f, 0xa7, 0x1b, 0x50, 0xd1,
+    0xe5, 0x08, 0x63, 0x8c, 0x7c, 0xb0, 0x9c, 0xb9, 0xb7, 0xf2, 0xcd, 0x9b, 0x70, 0x78, 0x34, 0x6e,
+    0x66, 0x17, 0x4a, 0x4e, 0x37, 0xc1, 0x60, 0x0d, 0x85, 0x0c, 0x2d, 0x24, 0xca, 0xdd, 0x98, 0x6c,
+    0xa6, 0xa3, 0xec, 0xb1, 0x0e, 0xee, 0x34, 0x61, 0x2a, 0xe7, 0xcc, 0xf0, 0x1d, 0xbe, 0xfc, 0xd3,
+    0xa3, 0x29, 0x18, 0x09, 0xa1, 0x23, 0x5b, 0xa6, 0xe1, 0x33, 0x2e, 0x99, 0x7d, 0x54, 0x03, 0x68,
+    0x63, 0x9d, 0xbe, 0xf6, 0x98, 0x0c, 0x0f, 0xca, 0x4e, 0xd8, 0xcf, 0x4d, 0xaa, 0x37, 0x67, 0xd7,
+    0xe0, 0x82, 0x97, 0x34, 0xd3, 0x7d, 0xf3, 0x7e, 0x7c, 0x26, 0x2f, 0xf2, 0x10, 0x92, 0xcb, 0xd5,
+    0x20, 0x36, 0x31, 0xcb, 0xea, 0x52, 0xa7, 0x12, 0xd3, 0xcd, 0xce, 0x26, 0xc7, 0xf1, 0xaf, 0x6a,
+    0x0d, 0x66, 0x69, 0xfa, 0x74, 0x38, 0x36, 0x22, 0x8f, 0x76, 0x30, 0x81, 0x21, 0x47, 0xa4, 0x40,
+    0xcd, 0xd2, 0xcf, 0x05, 0x4d, 0x17, 0x62, 0x4e, 0x20, 0x9d, 0xd1, 0x55, 0xf6, 0x24, 0xc0, 0xff,
+    0x4e, 0xcd, 0xe6, 0xc7, 0x06, 0x66, 0x9e, 0xfa, 0x12, 0x63, 0x31, 0xea, 0x4c, 0x81, 0x6c, 0xfd,
+    0x8e, 0x79, 0x40, 0x38, 0x3f, 0x49, 0xca, 0x96, 0xbd, 0x88, 0xd0, 0x3e, 0x9b, 0xe2, 0x08, 0x42,
+    0x8b, 0xf3, 0xb4, 0x80, 0x90, 0x84, 0xa5, 0x51, 0x76, 0x5c, 0x32, 0x57, 0xfb, 0x08, 0xf7, 0xf9,
+    0x4b, 0x47, 0x12, 0x7f, 0xa9, 0xab, 0xf1, 0x3d, 0xd9, 0xb7, 0xd3, 0x83, 0x2c, 0x6b, 0x93, 0x46,
+    0xc8, 0x58, 0x3b, 0xbd, 0xe2, 0xda, 0x0d, 0x89, 0xeb, 0x49, 0x33, 0x3c, 0x96, 0xce, 0x3f, 0x44,
+    0x08, 0xec, 0x9d, 0x42, 0xdb, 0xf5, 0x59, 0xe5, 0x44, 0xa2, 0xd2, 0xe8, 0x41, 0xad, 0x5b, 0xfb,
+    0xc2, 0x8f, 0x10, 0x0e, 0x7f, 0x83, 0xd3, 0xc4, 0xbe, 0x22, 0x34, 0xee, 0x56, 0xd9, 0x02, 0xf1,
+    0x02, 0x3b, 0xb6, 0xf1, 0x46, 0xac, 0x87, 0xa8, 0x11, 0xc9, 0xd5, 0x3a, 0x81, 0xba, 0x66, 0x4e,
+    0x81, 0x24, 0x9f, 0x33, 0x0d, 0xdd, 0x7b, 0x1c, 0x23, 0x37, 0x35, 0x85, 0x3b, 0x1f, 0xca, 0x4c,
+    0x41, 0x90, 0x39, 0xcc, 0x34, 0xf2, 0x2f, 0x70, 0x8c, 0xdc, 0xd4, 0x51, 0xec, 0x7c, 0xae, 0xf3,
+    0x44, 0x1a, 0xcd, 0x74, 0x9b, 0x3f, 0x40, 0xb7, 0x47, 0x08, 0x36, 0x38, 0x8c, 0x96, 0x51, 0x48,
+    0x84, 0xae, 0x6b, 0x8b, 0xa2, 0x10, 0x14, 0xdb, 0xe8, 0xe3, 0xd7, 0xec, 0x5b, 0xf5, 0x35, 0xf7,
+    0x07, 0xb1, 0x42, 0x49, 0xe9, 0x61, 0xe8, 0x6f, 0xda, 0x1d, 0x37, 0x53, 0xe1, 0x50, 0x99, 0xf5,
+    0xc7, 0x05, 0xe4, 0xb6, 0xd0, 0x4e, 0xbc, 0x03, 0x75, 0xf6, 0xd6, 0x87, 0x36, 0x33, 0xfd, 0x4a,
+    0x50, 0x77, 0x9b, 0xd1, 0x62, 0x8d, 0x3f, 0x2d, 0xed, 0xde, 0x38, 0x5f, 0xcf, 0xb8, 0x2b, 0xe1,
+    0x90, 0xc3, 0x3d, 0x2e, 0x5b, 0xa2, 0x6b, 0x41, 0x42, 0x35, 0xd9, 0x8b, 0x18, 0xdb, 0x4f, 0x5e,
+    0x13, 0xdc, 0x14, 0xec, 0x10, 0xd3, 0x97, 0xf5, 0x70, 0xcb, 0x39, 0x34, 0xa2, 0x7e, 0xe3, 0x5c,
+    0xd3, 0x68, 0xb2, 0x13, 0x29, 0xfc, 0xc3, 0x99, 0xdf, 0x20, 0xd8, 0xe0, 0x75, 0x1d, 0x87, 0xe3,
+    0xd6, 0xe2, 0x46, 0xab, 0x86, 0x31, 0xac, 0x5e, 0x14, 0xf4, 0x3a, 0x89, 0x15, 0xf7, 0x78, 0x58,
+    0x16, 0x56, 0xe0, 0x54, 0xbf, 0x1e, 0xf8, 0x32, 0xbb, 0x1f, 0xdb, 0x5d, 0xc2, 0x94, 0x1c, 0xe7,
+    0x95, 0x49, 0xc9, 0x96, 0xf4, 0x6f, 0x04, 0x86, 0x89, 0xe1, 0x3b, 0xe2, 0x78, 0x31, 0xb0, 0xe5,
+    0x55, 0xfd, 0x6f, 0x69, 0xcd, 0x40, 0x50, 0xea, 0x26, 0x0a, 0xda, 0x36, 0xaf, 0x52, 0xd4, 0x5a,
+    0x9f, 0x9e, 0xe2, 0x25, 0x69, 0x36, 0xda, 0xcb, 0xdc, 0x8a, 0x3c, 0x30, 0xb8, 0x26, 0x8d, 0x50,
+    0x5f, 0x2a, 0x44, 0xda, 0x50, 0x19, 0x8e, 0xa7, 0x73, 0x61, 0xdd, 0xe4, 0x6f, 0x45, 0xe9, 0xef,
+    0xdc, 0x35, 0x6d, 0x18, 0x1b, 0x68, 0x72, 0x13, 0x41, 0x9f, 0x3d, 0x5b, 0xd5, 0xe0, 0x45, 0xed,
+    0x1c, 0x81, 0xcb, 0xe7, 0x22, 0x47, 0x26, 0x7f, 0xee, 0x74, 0xdc, 0x8f, 0x02, 0x83, 0x21, 0x52,
+    0x19, 0x0b, 0x3f, 0x5f, 0x8d, 0x8a, 0x49, 0xb8, 0x25, 0xa0, 0x3e, 0xe6, 0x62, 0x69, 0xde, 0xe9,
+    0xd9, 0xbf, 0x99, 0xa0, 0xb4, 0xa5, 0x1d, 0xd4, 0x8a, 0x4b, 0xdf, 0x32, 0xb5, 0x0a, 0xba, 0x56,
+    0x5a, 0xa0, 0xb0, 0x62, 0xff, 0xd4, 0xe1, 0x60, 0xb8, 0xb5, 0x3f, 0x8d, 0x0f, 0xaf, 0x16, 0x54,
+    0x9a, 0x14, 0x16, 0x9d, 0xc6, 0xfb, 0xb5, 0x0c, 0x17, 0x5e, 0xde, 0x59, 0xd8, 0xcc, 0x72, 0xeb,
+    0xad, 0x88, 0x9c, 0x9b, 0xb0, 0xe1, 0x48, 0x78, 0x96, 0x09, 0x40, 0x3f, 0x7c, 0xf4, 0xf2, 0x41,
+    0x6d, 0x3c, 0x3a, 0x64, 0x89, 0xce, 0x1c, 0x14, 0x39, 0xe2, 0xa1, 0xeb, 0xab, 0x97, 0x96, 0xfe,
+    0xee, 0x23, 0x13, 0xa6, 0xc2, 0xbf, 0xe0, 0xa0, 0x0b, 0x1c, 0x41, 0x54, 0x11, 0x32, 0x3a, 0xfc,
+    0x2e, 0x97, 0xb5, 0x59, 0xfb, 0x90, 0xb4, 0xcc, 0xa4, 0xf7, 0xa0, 0x80, 0xc6, 0x51, 0x5e, 0x43,
+    0x2b, 0x1d, 0x41, 0xe1, 0x54, 0x5d, 0xdb, 0x0b, 0x6f, 0x23, 0x42, 0xe9, 0xa6, 0xbb, 0xa1, 0xf8,
+    0xeb, 0xa9, 0xe7, 0x1e, 0x6d, 0x72, 0x8f, 0x67, 0xc0, 0xc8, 0xa3, 0x3d, 0x71, 0xd8, 0xc5, 0x47,
+    0x68, 0xb6, 0xce, 0xdc, 0x26, 0x03, 0x73, 0xd3, 0xf2, 0x36, 0x43, 0x82, 0xcb, 0x7d, 0x69, 0x45,
+    0xa8, 0x02, 0x68, 0x23, 0x1f, 0x2c, 0x27, 0xbf, 0x5d, 0xdd, 0xa2, 0x56, 0x1c, 0x1e, 0x0d, 0xfa,
+    0x62, 0x61, 0xe5, 0x6f, 0xbb, 0x5a, 0xad, 0x9e, 0xa7, 0x5d, 0x44, 0x50, 0x0b, 0x6a, 0x54, 0xf0,
+    0xa2, 0xd5, 0x43, 0x90, 0x82, 0x75, 0xf9, 0xf2, 0x08, 0xb6, 0xa5, 0x84, 0xdc, 0x09, 0x30, 0x4f,
+    0x21, 0xca, 0x6a, 0x52, 0xc9, 0x04, 0x05, 0x46, 0x3a, 0x48, 0x45, 0x3b, 0x66, 0xac, 0x9c, 0x4d,
+    0xe1, 0x7e, 0xcc, 0xad, 0xf0, 0x2b, 0x51, 0x2a, 0x95, 0xa3, 0xa4, 0xef, 0xb1, 0xcf, 0xf8, 0xf2,
+    0xe4, 0xf4, 0x38, 0x15, 0x5f, 0xe6, 0x3e, 0xed, 0x5e, 0x77, 0x46, 0x86, 0xd1, 0x25, 0x07, 0x49,
+    0x24, 0x40, 0x9e, 0xea, 0x66, 0xc9, 0x6a, 0x81, 0xf1, 0x9c, 0xa7, 0x52, 0x06, 0x46, 0x63, 0xf6,
+    0xa7, 0x5f, 0xb7, 0x28, 0x2d, 0xb8, 0x96, 0x35, 0xc3, 0x62, 0x47, 0xed, 0xbc, 0xe3, 0xcf, 0xf4,
+    0x67, 0xeb, 0x11, 0xd7, 0x14, 0x97, 0xc2, 0x59, 0x6c, 0x89, 0xa6, 0x39, 0x6b, 0x80, 0xab, 0x4b,
+    0xf0, 0x99, 0x6e, 0xb0, 0xa6, 0x54, 0x41, 0x77, 0xf4, 0xa1, 0x48, 0xe1, 0x92, 0x0b, 0x7d, 0xe0,
+    0x30, 0x2d, 0xc8, 0x4f, 0x9f, 0x7b, 0x15, 0x1b, 0x5b, 0x4a, 0xa9, 0x35, 0x45, 0x68, 0x19, 0x5f,
+    0xb3, 0x32, 0xe1, 0x8d, 0xd4, 0x0a, 0xe9, 0xaf, 0x69, 0xb4, 0x49, 0x8a, 0xff, 0xcd, 0xb5, 0x5d,
+    0x73, 0x86, 0x47, 0x72, 0xed, 0x25, 0xbd, 0xc3, 0xc6, 0x5f, 0xa8, 0x5e, 0x28, 0xae, 0xd1, 0xe2,
+    0x76, 0x0c, 0xb3, 0xca, 0x42, 0xe8, 0xd2, 0x04, 0x0d, 0x8b, 0x4a, 0x37, 0x48, 0x44, 0x2e, 0x59,
+    0xb6, 0xb8, 0x15, 0x35, 0x7b, 0xc7, 0x86, 0x68, 0xa2, 0x60, 0xab, 0xe3, 0x9f, 0x27, 0x4a, 0xe6,
+    0x35, 0xa7, 0x3c, 0xf7, 0x30, 0xb6, 0x7a, 0xdc, 0x90, 0x9e, 0x4b, 0x5c, 0x25, 0x82, 0xe6, 0xe4,
+    0xf5, 0x13, 0x9a, 0x08, 0x09, 0x99, 0x2e, 0xb0, 0x3f, 0x75, 0xaa, 0x88, 0xf2, 0xe1, 0x82, 0x5b,
+    0x3f, 0x70, 0x17, 0x44, 0xad, 0xef, 0xa4, 0x91, 0xc5, 0xf5, 0x4c, 0x8e, 0xe5, 0x95, 0xdb, 0x51,
+    0xff, 0xc4, 0xb1, 0xbb, 0x94, 0xc0, 0xf0, 0xfd, 0x6a, 0x1e, 0xad, 0x5a, 0x32, 0xf6, 0xbf, 0xee,
+    0x7c, 0xdb, 0x98, 0x79, 0xdf, 0xb1, 0x0c, 0x49, 0x58, 0xe0, 0x4d, 0xe5, 0x88, 0x53, 0x13, 0xec,
+    0xbc, 0x6f, 0x3e, 0x86, 0xe6, 0x9e, 0x58, 0x25, 0xf7, 0x0b, 0xac, 0x31, 0x5f, 0x30, 0x77, 0x53,
+    0xb9, 0xe5, 0xca, 0x3e, 0x49, 0x53, 0x37, 0xe2, 0x3c, 0xdf, 0x4e, 0x58, 0x3f, 0xda, 0x88, 0xe8,
+    0x79, 0x51, 0x6c, 0xc1, 0x70, 0x7c, 0x63, 0x8e, 0x93, 0x34, 0xaf, 0x8c, 0xe8, 0xb9, 0xec, 0x57,
+    0xfa, 0x4e, 0x45, 0x03, 0x3b, 0x0d, 0x9f, 0x3a, 0xa1, 0xca, 0x4f, 0x33, 0x52, 0x1c, 0x40, 0x55,
+    0x3a, 0xfa, 0xe3, 0xfc, 0x02, 0x22, 0xcb, 0x56, 0x0e, 0x21, 0xae, 0xe7, 0x85, 0x7f, 0x24, 0xea,
+    0x17, 0xaa, 0xbb, 0xcd, 0x9c, 0x48, 0x5a, 0x66, 0x52, 0x9a, 0x50, 0x40, 0x63, 0xc9, 0x2f, 0xc0,
+    0xd7, 0x1e, 0x1d, 0x32, 0xa5, 0x67, 0x0e, 0x0a, 0xfd, 0x71, 0xb1, 0x94, 0xb4, 0xaa, 0x4b, 0x7f,
+    0x54, 0x01, 0x34, 0xf0, 0xee, 0x16, 0xf2, 0xbe, 0xcf, 0x8f, 0x51, 0x2b, 0x0e, 0x0f, 0xe7, 0x7d,
+    0x94, 0xb5, 0x92, 0x0f, 0xd7, 0x39, 0xa6, 0xd2, 0x60, 0x64, 0xb0, 0xff, 0xd9, 0x6c, 0x83, 0xc2,
+    0x91, 0x3f, 0x66, 0xb7, 0x78, 0xf4, 0xc9, 0x15, 0xab, 0xb0, 0x52, 0x96, 0xb9, 0x86, 0x7c, 0x79,
+    0x51, 0x8b, 0xc0, 0x48, 0x41, 0xdb, 0x9d, 0x79, 0x04, 0x5b, 0xb3, 0x42, 0x6e, 0xe5, 0x18, 0xc6,
+    0xd2, 0x94, 0xe9, 0x8a, 0x0a, 0xaa, 0x61, 0xcd, 0x36, 0xa5, 0x53, 0xfd, 0xd4, 0x40, 0xb4, 0xc4,
+    0x12, 0x20, 0x4f, 0x75, 0x33, 0x85, 0x35, 0xa1, 0x99, 0x4e, 0xb2, 0x29, 0x03, 0x23, 0xd0, 0x7b,
+    0xd8, 0x43, 0xc2, 0x39, 0x97, 0xf3, 0xbf, 0x80, 0x63, 0xce, 0x54, 0x2f, 0x14, 0x57, 0x89, 0x71,
+    0x18, 0xf7, 0x64, 0xc6, 0xae, 0xdc, 0xeb, 0xec, 0xcc, 0x25, 0xb5, 0xfb, 0xc3, 0x34, 0xed, 0xce,
+    0x9b, 0xe8, 0x4d, 0x04, 0xe5, 0xad, 0x17, 0x58, 0xfe, 0xdb, 0x55, 0x44, 0x79, 0x91, 0x41, 0xcc,
+    0x5b, 0x5c, 0xeb, 0xfb, 0xdc, 0x82, 0x43, 0x34, 0x51, 0x30, 0xb4, 0x90, 0xae, 0xf2, 0x25, 0x73,
+    0x5e, 0xd6, 0x1f, 0x43, 0x73, 0x4f, 0x2c, 0xf3, 0x9a, 0xe4, 0x56, 0xf9, 0xce, 0x18, 0xda, 0xc8,
+    0x9e, 0x62, 0xb9, 0xbc, 0x4a, 0x60, 0x78, 0x9f, 0x35, 0x0f, 0xb7, 0x2d, 0x19, 0x7b, 0xbe, 0x77,
+    0x1d, 0x7d, 0x90, 0x7e, 0x01, 0x11, 0x84, 0x2b, 0x07, 0xf1, 0x57, 0x92, 0xa3, 0xde, 0x12, 0x75,
+    0xdd, 0xc9, 0x36, 0x81, 0x38, 0x3e, 0xd0, 0x47, 0xa8, 0x1a, 0xb6, 0x46, 0x74, 0xbd, 0x76, 0xca,
+    0x4a, 0xbb, 0x49, 0xe6, 0x8a, 0xfd, 0x53, 0x69, 0x30, 0x32, 0x58, 0x9e, 0x8d, 0x36, 0xa0, 0x61,
+    0x8a, 0x0f, 0xef, 0x19, 0xb3, 0xd2, 0x07, 0x05, 0x9f, 0xd9, 0xb9, 0x4a, 0x5a, 0x55, 0xc4, 0xde,
+    0x09, 0x10, 0xc6, 0xdb, 0xf8, 0xa3, 0xfb, 0xb1, 0xad, 0x27, 0x59, 0xf5, 0xe0, 0xf0, 0x68, 0xdc,
+    0xc9, 0xa4, 0x60, 0x24, 0xc1, 0x8c, 0xaf, 0xdd, 0x02, 0xcc, 0xb8, 0x21, 0x37, 0x93, 0x0c, 0x63,
+    0xcc, 0x2e, 0x94, 0x9c, 0x6e, 0x41, 0xc0, 0x1a, 0xc9, 0x18, 0x5a, 0x48, 0x57, 0x79, 0xf3, 0xd8,
+    0x0c, 0x9a, 0x32, 0x63, 0x57, 0x6e, 0x94, 0x76, 0x66, 0xf3, 0xbb, 0x9c, 0x80, 0x1a, 0x97, 0x67,
+    0x8f, 0x85, 0x1b, 0xa1, 0x1c, 0x1f, 0x68, 0xc2, 0x54, 0x0d, 0x5b, 0x23, 0x3a, 0xbf, 0x3b, 0x65,
+    0x4f, 0x31, 0xbd, 0x5e, 0x25, 0x30, 0x3c, 0xae, 0xfb, 0xe6, 0xba, 0xf7, 0xed, 0xdc, 0x5f, 0xda,
+    0x85, 0x52, 0x30, 0x12, 0x81, 0x46, 0xb6, 0x8f, 0x01, 0x66, 0x5c, 0xf1, 0xfa, 0xa8, 0x06, 0xd0,
+    0x45, 0xe6, 0x96, 0xed, 0xb8, 0x69, 0xe2, 0xe3, 0xae, 0x8d, 0xbd, 0x25, 0x2d, 0xcb, 0x62, 0x6f,
+    0xc6, 0xf9, 0xbf, 0x2f, 0xf3, 0x18, 0x1e, 0x57, 0x9c, 0x73, 0x5d, 0x9a, 0x97, 0x6e, 0xce, 0x6d,
+    0x06, 0x4d, 0x19, 0xd0, 0xca, 0x37, 0x4a, 0x3b, 0x33, 0x98, 0xbc, 0x4e, 0x40, 0x0d, 0xaa, 0xd2,
+    0x03, 0xc7, 0xed, 0x68, 0x65, 0xfa, 0x25, 0xfc, 0xf8, 0x4c, 0x5e, 0x27, 0x20, 0xe7, 0x55, 0x69,
+    0xc3, 0x73, 0x4b, 0x97, 0x5c, 0xd5, 0x71, 0x90, 0x57, 0xa7, 0xbf, 0xf3, 0xf7, 0x84, 0x31, 0xd6,
+    0x40, 0x6c, 0x62, 0x55, 0x17, 0xa4, 0x8d, 0x24, 0x65, 0x59, 0x5f, 0x4c, 0x4d, 0x21, 0x9d, 0xd4,
+    0x80, 0xd8, 0xc4, 0xaa, 0x2e, 0x8b, 0xd9, 0x48, 0xca, 0xb2, 0xbe, 0x98, 0x9a, 0x42, 0xf9, 0x6b,
+    0x1a, 0xcc, 0xd2, 0x37, 0xe8, 0x70, 0x6c, 0x44, 0xdd, 0xec, 0x60, 0xc1, 0x42, 0x8e, 0x8b, 0x80,
+    0xda, 0x78, 0x74, 0xc8, 0xd1, 0x5f, 0x38, 0x28, 0x72, 0x07, 0x81, 0x15, 0x95, 0xed, 0xef, 0x3f,
+    0x59, 0x67, 0x5d, 0x0a, 0x9a, 0x2e, 0xc4, 0x9c, 0x40, 0xf9, 0x61, 0xaa, 0x2f, 0x48, 0x43, 0x3d,
+    0x99, 0xd3, 0xfb, 0xf5, 0xa3, 0x01, 0x90, 0xf0, 0xef, 0x12, 0x80, 0x7e, 0xf8, 0x2b, 0x27, 0x82,
+    0x9c, 0x59, 0x0f, 0x4d, 0x0c, 0xcc, 0xff, 0x37, 0x24, 0xc6, 0x62, 0x17, 0x98, 0xc1, 0xd8, 0x39,
+    0x5c, 0xed, 0xa9, 0xb2, 0x35, 0xe3, 0xab, 0x5b, 0x8b, 0x2d, 0x83, 0xc3, 0x4f, 0xa2, 0xbc, 0x86,
+    0xdf, 0xf2, 0x80, 0x70, 0x7e, 0x92, 0x57, 0xef, 0xb9, 0xd3, 0x63, 0x7c, 0xf5, 0x07, 0x10, 0x84,
+    0x1f, 0x46, 0x26, 0x8f, 0x47, 0xbd, 0x03, 0x83, 0x16, 0x38, 0x82, 0xa8, 0x22, 0x64, 0x74, 0x3b,
+    0xd5, 0x25, 0xab, 0xc3, 0xe3, 0xcb, 0x89, 0xa2, 0xec, 0xb8, 0x64, 0xae, 0x35, 0x10, 0x2d, 0x31,
+    0x15, 0x91, 0x0d, 0x3c, 0xda, 0xe4, 0xdd, 0xce, 0x43, 0x53, 0x85, 0x7a, 0xe2, 0x73, 0x49, 0x8e,
+    0x96, 0x8e, 0x24, 0xfe, 0x91, 0x95, 0x21, 0x7a, 0x71, 0xad, 0x65, 0xc5, 0x58, 0xd6, 0xe5, 0x8c,
+    0x56, 0x3a, 0x82, 0x01, 0xa8, 0xba, 0x75, 0x16, 0xde, 0x46, 0x84, 0x11, 0x8f, 0xb5, 0x81, 0x33,
+    0x53, 0xb0, 0x76, 0xb9, 0x07, 0x77, 0x1a, 0xd1, 0x15, 0x92, 0x66, 0x78, 0xef, 0x5f, 0x7e, 0x88,
+    0x93, 0x04, 0xd0, 0x46, 0x3e, 0x58, 0x4e, 0xbd, 0xba, 0x79, 0x87, 0xac, 0x38, 0x3c, 0x1a, 0x37,
+    0x10, 0x1b, 0xf9, 0x84, 0x75, 0x29, 0xb2, 0x09, 0x88, 0x87, 0x67, 0x13, 0x82, 0x99, 0xb6, 0x35,
+    0xd0, 0xaf, 0x5f, 0x7b, 0x4c, 0x06, 0xe6, 0x65, 0x27, 0x6c, 0x86, 0xc7, 0x55, 0xfa, 0xd2, 0x8a,
+    0x47, 0xdd, 0x20, 0x1c, 0xfe, 0xc5, 0x65, 0x4b, 0xbf, 0x44, 0x68, 0x1f, 0xac, 0x71, 0x04, 0x21,
+    0x87, 0x69, 0x86, 0xe3, 0xc7, 0xea, 0x31, 0x27, 0x10, 0xaf, 0x89, 0xcb, 0x7b, 0x12, 0x60, 0x9e,
+    0x04, 0x76, 0xaf, 0x21, 0x8c, 0x9b, 0xcd, 0x93, 0x22, 0x51, 0x69, 0x74, 0xc1, 0xb7, 0xcc, 0x9c,
+    0xc4, 0xc2, 0x09, 0xde, 0xb5, 0xb4, 0x99, 0xff, 0x8d, 0xba, 0x88, 0xa0, 0x16, 0xd4, 0xa8, 0x23,
+    0xc1, 0x48, 0xfd, 0x66, 0x1a, 0x79, 0xf6, 0x38, 0x46, 0x6e, 0x6a, 0xc9, 0x76, 0x3e, 0x57, 0x98,
+    0x01, 0xfc, 0x5b, 0x99, 0x23, 0x56, 0xa2, 0x54, 0xe9, 0x85, 0x8b, 0x1d, 0xa1, 0x5d, 0x33, 0x27,
+    0x82, 0xe3, 0x72, 0x5b, 0x68, 0x27, 0x5e, 0xe0, 0xdb, 0x7b, 0x6b, 0xa2, 0x1b, 0xf8, 0x9f, 0x25,
+    0x42, 0x57, 0xd4, 0xa4, 0x51, 0x08, 0x0a, 0x8c, 0x74, 0x90, 0x8a, 0x76, 0xcc, 0x9b, 0xfb, 0x9a,
+    0x88, 0x34, 0x59, 0xe8, 0xf5, 0x7e, 0x80, 0xad, 0x8e, 0x10, 0x6c, 0x70, 0xdb, 0xef, 0xa2, 0x90,
+    0x48, 0x80, 0xff, 0x17, 0xcc, 0x51, 0xd4, 0xc1, 0x21, 0xfb, 0x8d, 0xa4, 0x0c, 0x8c, 0xc6, 0x2f,
+    0xcb, 0x9f, 0xd6, 0xd5, 0x87, 0x20, 0x28, 0x75, 0x13, 0x05, 0x6d, 0x1b, 0xb6, 0x29, 0x6a, 0x2d,
+    0x0b, 0x2b, 0x70, 0x2a, 0xbe, 0x0f, 0x7c, 0x19, 0xbc, 0xee, 0x8c, 0xcf, 0x61, 0x4a, 0x0e, 0x92,
+    0x0e, 0xa1, 0x84, 0x92, 0x11, 0xc2, 0x13, 0xde, 0x77, 0x3a, 0x6e, 0xa6, 0x01, 0xa0, 0xf1, 0x29,
+    0xce, 0x15, 0x22, 0x6d, 0x28, 0xed, 0x47, 0xb2, 0xd8, 0xd1, 0x8f, 0x72, 0xd6, 0xc3, 0x95, 0x96,
+    0x4d, 0x0a, 0x0b, 0xaf, 0x63, 0x9c, 0xbb, 0x06, 0xea, 0x2f, 0x6f, 0xcd, 0x6c, 0x66, 0x39, 0x94,
+    0x8d, 0xbe, 0xad, 0x50, 0x5a, 0xb3, 0xef, 0x6a, 0x45, 0xc4, 0x8e, 0x19, 0xbb, 0x05, 0x5d, 0x2b,
+    0xa0, 0xee, 0xf5, 0x61, 0xc4, 0xd9, 0x7e, 0x5a, 0x19, 0x7f, 0x70, 0xbe, 0x5d, 0xb3, 0x56, 0x01,
+    0x60, 0x5a, 0x53, 0x9e, 0xfd, 0xf6, 0x2a, 0x36, 0xb6, 0x94, 0x91, 0x6a, 0x8a, 0xd0, 0x32, 0xbe,
+    0xe3, 0x45, 0x7a, 0x5c, 0xb6, 0x87, 0xd6, 0x82, 0x84, 0x6a, 0x71, 0xd5, 0x30, 0x75, 0x9e, 0xbc,
+    0x23, 0xf1, 0xdc, 0xa3, 0x8f, 0xa8, 0x82, 0xee, 0x2b, 0x81, 0x90, 0x01, 0xe7, 0x16, 0xfa, 0x03,
+    0x26, 0x7b, 0x28, 0x1b, 0x20, 0x65, 0xed, 0x29, 0xe0, 0x55, 0x72, 0x68, 0x87, 0xfc, 0x05, 0xb8,
+    0xe6, 0xcf, 0x8e, 0xe4, 0x19, 0x4a, 0xb9, 0x45, 0x4f, 0xbe, 0x93, 0xbc, 0x50, 0x9f, 0x61, 0x07,
+    0x65, 0xd0, 0xa7, 0x26, 0x52, 0x3b, 0x45, 0xf1, 0x7d, 0x40, 0x73, 0x03, 0xea, 0x3a, 0xcd, 0x05,
+    0xa5, 0x64, 0x01, 0xd9, 0x6b, 0x14, 0x11, 0x9d, 0xd2, 0xab, 0x92, 0xd7, 0x3d, 0x59, 0xa9, 0xba,
+    0x6f, 0x07, 0x8c, 0x95, 0xcf, 0x62, 0x9b, 0xbc, 0x28, 0x2b, 0x74, 0xd1, 0x2a, 0x2d, 0xf0, 0xb0,
+    0xaf, 0xb3, 0x2a, 0x6a, 0xf6, 0x4d, 0xcf, 0xd0, 0x87, 0xc0, 0x95, 0x05, 0xfd, 0x4e, 0x94, 0x0f,
+    0x2c, 0xac, 0x03, 0xa8, 0xbd, 0x3c, 0x33, 0x64, 0xb5, 0x3e, 0x75, 0xba, 0x47, 0xeb, 0x38, 0x0d,
+    0xec, 0x18, 0xa5, 0x57, 0x84, 0x13, 0x67, 0x08, 0x1a, 0xd5, 0x94, 0x6e, 0x90, 0x88, 0x5c, 0xb2,
+    0xe9, 0x92, 0x51, 0xef, 0x2b, 0xde, 0x08, 0xcf, 0xd1, 0x01, 0x76, 0x07, 0xf0, 0x62, 0xa3, 0x09,
+    0x29, 0x26, 0xf7, 0x10, 0x12, 0xf1, 0x5c, 0xa3, 0x7e, 0xea, 0x97, 0xd3, 0x27, 0x01, 0xc7, 0xb6,
+    0xaa, 0x39, 0xde, 0xd2, 0x59, 0x80, 0xa0, 0x17, 0x4c, 0x14, 0x77, 0x6c, 0x9d, 0xa4, 0x6b, 0xb4,
+    0x6a, 0x8d, 0x78, 0x2d, 0x60, 0xaf, 0xf4, 0x7b, 0xe3, 0xff, 0x96, 0xb8, 0x4a, 0xc7, 0x0f, 0x0b,
+    0xfd, 0xff, 0x07, 0x4a, 0xd2, 0x6c, 0x77, 0x55, 0x7b, 0xd7, 0x78, 0x60, 0xb3, 0x4c, 0xd9, 0xa0,
+    0x3d, 0x4b, 0xa1, 0xb5, 0xeb, 0x43, 0x23, 0x39, 0xd4, 0x3c, 0x99, 0xb4, 0x64, 0x2f, 0xbd, 0x1f,
+    0xbe, 0x54, 0x88, 0x77, 0xa0, 0x32, 0xdf, 0x8d, 0xe6, 0xc2, 0x79, 0x0b, 0xde, 0x8a, 0x11, 0x1d,
+    0x7e, 0xe0, 0x2e, 0x88, 0x99, 0x1d, 0x8b, 0xe1, 0x49, 0x29, 0x98, 0xdf, 0x09, 0xe9, 0x75, 0xa2,
+    0x7b, 0x6a, 0xda, 0x30, 0x36, 0xd0, 0xe4, 0x26, 0x82, 0xfd, 0x7a, 0xb6, 0x69, 0x03, 0x8a, 0x19,
+    0xbb, 0xde, 0x7c, 0xcf, 0x0f, 0xff, 0xb0, 0x4a, 0x2d, 0x16, 0x9b, 0x62, 0xbe, 0x60, 0xee, 0xa6,
+    0x38, 0xc1, 0x55, 0x0d, 0x44, 0x8e, 0x4c, 0xfe, 0x1f, 0xe8, 0x7b, 0xdd, 0x04, 0xc5, 0x42, 0xa4,
+    0xf8, 0x75, 0xf3, 0xf2, 0x7d, 0xa1, 0x18, 0x92, 0xb0, 0x03, 0x9a, 0x09, 0xd3, 0xa6, 0x26, 0x1b,
+    0x32, 0x16, 0x7e, 0xbe, 0xd9, 0xd7, 0x92, 0xb3, 0x4a, 0x83, 0x7c, 0x0f, 0xc4, 0xd2, 0x7f, 0x11,
+    0xf2, 0xa2, 0xd8, 0x41, 0xe0, 0xf8, 0xc6, 0xdf, 0xe5, 0x68, 0x9d, 0xdb, 0x13, 0xb1, 0x1b, 0xae,
+    0x71, 0xbd, 0xf1, 0x83, 0xab, 0x89, 0x3a, 0x6b, 0xd7, 0x96, 0x7d, 0x64, 0xa9, 0x14, 0xb7, 0xac,
+    0xb1, 0x09, 0x57, 0x7c, 0x92, 0xa6, 0x6e, 0x07, 0x78, 0x7d, 0x9c, 0xb0, 0x7e, 0x77, 0xd3, 0x13,
+    0xb4, 0x83, 0xa3, 0xc4, 0x3d, 0x6b, 0x01, 0xc0, 0xb3, 0xa9, 0x7e, 0xd9, 0x1e, 0x9d, 0x2c, 0xa8,
+    0x74, 0x37, 0x05, 0x3b, 0x04, 0x44, 0x55, 0xac, 0x1c, 0x42, 0x9f, 0x0d, 0xc9, 0xfe, 0x48, 0x17,
+    0xf7, 0x28, 0x2c, 0xf9, 0x4f, 0x35, 0xa9, 0x18, 0x2e, 0xbc, 0x7f, 0xb2, 0x73, 0x5b, 0xe4, 0x15,
+    0x37, 0x9c, 0x8a, 0x06, 0x76, 0x1a, 0xfd, 0x74, 0x81, 0x57, 0x9e, 0x66, 0xa4, 0x38, 0x80, 0xaa,
+  },
+  { /* 7 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x01, 0x54, 0x30, 0x7b, 0xef, 0x84, 0x08, 0x09, 0xd4, 0xd5, 0xa3, 0x8d, 0xa6, 0xa1, 0xc1, 0x0a,
+    0x02, 0xa8, 0x60, 0xf6, 0x1d, 0xcb, 0x10, 0x12, 0x6b, 0x69, 0x85, 0xd9, 0x8f, 0x81, 0x41, 0x14,
+    0x03, 0xfc, 0x50, 0x8d, 0xf2, 0x4f, 0x18, 0x1b, 0xbf, 0xbc, 0x26, 0x54, 0x29, 0x20, 0x80, 0x1e,
+    0x04, 0x93, 0xc0, 0x2f, 0x3a, 0x55, 0x20, 0x24, 0xd6, 0xd2, 0xc9, 0x71, 0xdd, 0xc1, 0x82, 0x28,
+    0x05, 0xc7, 0xf0, 0x54, 0xd5, 0xd1, 0x28, 0x2d, 0x02, 0x07, 0x6a, 0xfc, 0x7b, 0x60, 0x43, 0x22,
+    0x06, 0x3b, 0xa0, 0xd9, 0x27, 0x9e, 0x30, 0x36, 0xbd, 0xbb, 0x4c, 0xa8, 0x52, 0x40, 0xc3, 0x3c,
+    0x07, 0x6f, 0x90, 0xa2, 0xc8, 0x1a, 0x38, 0x3f, 0x69, 0x6e, 0xef, 0x25, 0xf4, 0xe1, 0x02, 0x36,
+    0x08, 0xe5, 0x43, 0x5e, 0x74, 0xaa, 0x40, 0x48, 0x6f, 0x67, 0x51, 0xe2, 0x79, 0x41, 0xc7, 0x50,
+    0x09, 0xb1, 0x73, 0x25, 0x9b, 0x2e, 0x48, 0x41, 0xbb, 0xb2, 0xf2, 0x6f, 0xdf, 0xe0, 0x06, 0x5a,
+    0x0a, 0x4d, 0x23, 0xa8, 0x69, 0x61, 0x50, 0x5a, 0x04, 0x0e, 0xd4, 0x3b, 0xf6, 0xc0, 0x86, 0x44,
+    0x0b, 0x19, 0x13, 0xd3, 0x86, 0xe5, 0x58, 0x53, 0xd0, 0xdb, 0x77, 0xb6, 0x50, 0x61, 0x47, 0x4e,
+    0x0c, 0x76, 0x83, 0x71, 0x4e, 0xff, 0x60, 0x6c, 0xb9, 0xb5, 0x98, 0x93, 0xa4, 0x80, 0x45, 0x78,
+    0x0d, 0x22, 0xb3, 0x0a, 0xa1, 0x7b, 0x68, 0x65, 0x6d, 0x60, 0x3b, 0x1e, 0x02, 0x21, 0x84, 0x72,
+    0x0e, 0xde, 0xe3, 0x87, 0x53, 0x34, 0x70, 0x7e, 0xd2, 0xdc, 0x1d, 0x4a, 0x2b, 0x01, 0x04, 0x6c,
+    0x0f, 0x8a, 0xd3, 0xfc, 0xbc, 0xb0, 0x78, 0x77, 0x06, 0x09, 0xbe, 0xc7, 0x8d, 0xa0, 0xc5, 0x66,
+    0x10, 0x09, 0x86, 0xbc, 0xe8, 0x97, 0x80, 0x90, 0xde, 0xce, 0xa2, 0x07, 0xf2, 0x82, 0x4d, 0xa0,
+    0x11, 0x5d, 0xb6, 0xc7, 0x07, 0x13, 0x88, 0x99, 0x0a, 0x1b, 0x01, 0x8a, 0x54, 0x23, 0x8c, 0xaa,
+    0x12, 0xa1, 0xe6, 0x4a, 0xf5, 0x5c, 0x90, 0x82, 0xb5, 0xa7, 0x27, 0xde, 0x7d, 0x03, 0x0c, 0xb4,
+    0x13, 0xf5, 0xd6, 0x31, 0x1a, 0xd8, 0x98, 0x8b, 0x61, 0x72, 0x84, 0x53, 0xdb, 0xa2, 0xcd, 0xbe,
+    0x14, 0x9a, 0x46, 0x93, 0xd2, 0xc2, 0xa0, 0xb4, 0x08, 0x1c, 0x6b, 0x76, 0x2f, 0x43, 0xcf, 0x88,
+    0x15, 0xce, 0x76, 0xe8, 0x3d, 0x46, 0xa8, 0xbd, 0xdc, 0xc9, 0xc8, 0xfb, 0x89, 0xe2, 0x0e, 0x82,
+    0x16, 0x32, 0x26, 0x65, 0xcf, 0x09, 0xb0, 0xa6, 0x63, 0x75, 0xee, 0xaf, 0xa0, 0xc2, 0x8e, 0x9c,
+    0x17, 0x66, 0x16, 0x1e, 0x20, 0x8d, 0xb8, 0xaf, 0xb7, 0xa0, 0x4d, 0x22, 0x06, 0x63, 0x4f, 0x96,
+    0x18, 0xec, 0xc5, 0xe2, 0x9c, 0x3d, 0xc0, 0xd8, 0xb1, 0xa9, 0xf3, 0xe5, 0x8b, 0xc3, 0x8a, 0xf0,
+    0x19, 0xb8, 0xf5, 0x99, 0x73, 0xb9, 0xc8, 0xd1, 0x65, 0x7c, 0x50, 0x68, 0x2d, 0x62, 0x4b, 0xfa,
+    0x1a, 0x44, 0xa5, 0x14, 0x81, 0xf6, 0xd0, 0xca, 0xda, 0xc0, 0x76, 0x3c, 0x04, 0x42, 0xcb, 0xe4,
+    0x1b, 0x10, 0x95, 0x6f, 0x6e, 0x72, 0xd8, 0xc3, 0x0e, 0x15, 0xd5, 0xb1, 0xa2, 0xe3, 0x0a, 0xee,
+    0x1c, 0x7f, 0x05, 0xcd, 0xa6, 0x68, 0xe0, 0xfc, 0x67, 0x7b, 0x3a, 0x94, 0x56, 0x02, 0x08, 0xd8,
+    0x1d, 0x2b, 0x35, 0xb6, 0x49, 0xec, 0xe8, 0xf5, 0xb3, 0xae, 0x99, 0x19, 0xf0, 0xa3, 0xc9, 0xd2,
+    0x1e, 0xd7, 0x65, 0x3b, 0xbb, 0xa3, 0xf0, 0xee, 0x0c, 0x12, 0xbf, 0x4d, 0xd9, 0x83, 0x49, 0xcc,
+    0x1f, 0x83, 0x55, 0x40, 0x54, 0x27, 0xf8, 0xe7, 0xd8, 0xc7, 0x1c, 0xc0, 0x7f, 0x22, 0x88, 0xc6,
+    0x20, 0x12, 0xcf, 0xbb, 0x13, 0xed, 0xc3, 0xe3, 0x7f, 0x5f, 0x87, 0x0e, 0x27, 0xc7, 0x9a, 0x83,
+    0x21, 0x46, 0xff, 0xc0, 0xfc, 0x69, 0xcb, 0xea, 0xab, 0x8a, 0x24, 0x83, 0x81, 0x66, 0x5b, 0x89,
+    0x22, 0xba, 0xaf, 0x4d, 0x0e, 0x26, 0xd3, 0xf1, 0x14, 0x36, 0x02, 0xd7, 0xa8, 0x46, 0xdb, 0x97,
+    0x23, 0xee, 0x9f, 0x36, 0xe1, 0xa2, 0xdb, 0xf8, 0xc0, 0xe3, 0xa1, 0x5a, 0x0e, 0xe7, 0x1a, 0x9d,
+    0x24, 0x81, 0x0f, 0x94, 0x29, 0xb8, 0xe3, 0xc7, 0xa9, 0x8d, 0x4e, 0x7f, 0xfa, 0x06, 0x18, 0xab,
+    0x25, 0xd5, 0x3f, 0xef, 0xc6, 0x3c, 0xeb, 0xce, 0x7d, 0x58, 0xed, 0xf2, 0x5c, 0xa7, 0xd9, 0xa1,
+    0x26, 0x29, 0x6f, 0x62, 0x34, 0x73, 0xf3, 0xd5, 0xc2, 0xe4, 0xcb, 0xa6, 0x75, 0x87, 0x59, 0xbf,
+    0x27, 0x7d, 0x5f, 0x19, 0xdb, 0xf7, 0xfb, 0xdc, 0x16, 0x31, 0x68, 0x2b, 0xd3, 0x26, 0x98, 0xb5,
+    0x28, 0xf7, 0x8c, 0xe5, 0x67, 0x47, 0x83, 0xab, 0x10, 0x38, 0xd6, 0xec, 0x5e, 0x86, 0x5d, 0xd3,
+    0x29, 0xa3, 0xbc, 0x9e, 0x88, 0xc3, 0x8b, 0xa2, 0xc4, 0xed, 0x75, 0x61, 0xf8, 0x27, 0x9c, 0xd9,
+    0x2a, 0x5f, 0xec, 0x13, 0x7a, 0x8c, 0x93, 0xb9, 0x7b, 0x51, 0x53, 0x35, 0xd1, 0x07, 0x1c, 0xc7,
+    0x2b, 0x0b, 0xdc, 0x68, 0x95, 0x08, 0x9b, 0xb0, 0xaf, 0x84, 0xf0, 0xb8, 0x77, 0xa6, 0xdd, 0xcd,
+    0x2c, 0x64, 0x4c, 0xca, 0x5d, 0x12, 0xa3, 0x8f, 0xc6, 0xea, 0x1f, 0x9d, 0x83, 0x47, 0xdf, 0xfb,
+    0x2d, 0x30, 0x7c, 0xb1, 0xb2, 0x96, 0xab, 0x86, 0x12, 0x3f, 0xbc, 0x10, 0x25, 0xe6, 0x1e, 0xf1,
+    0x2e, 0xcc, 0x2c, 0x3c, 0x40, 0xd9, 0xb3, 0x9d, 0xad, 0x83, 0x9a, 0x44, 0x0c, 0xc6, 0x9e, 0xef,
+    0x2f, 0x98, 0x1c, 0x47, 0xaf, 0x5d, 0xbb, 0x94, 0x79, 0x56, 0x39, 0xc9, 0xaa, 0x67, 0x5f, 0xe5,
+    0x30, 0x1b, 0x49, 0x07, 0xfb, 0x7a, 0x43, 0x73, 0xa1, 0x91, 0x25, 0x09, 0xd5, 0x45, 0xd7, 0x23,
+    0x31, 0x4f, 0x79, 0x7c, 0x14, 0xfe, 0x4b, 0x7a, 0x75, 0x44, 0x86, 0x84, 0x73, 0xe4, 0x16, 0x29,
+    0x32, 0xb3, 0x29, 0xf1, 0xe6, 0xb1, 0x53, 0x61, 0xca, 0xf8, 0xa0, 0xd0, 0x5a, 0xc4, 0x96, 0x37,
+    0x33, 0xe7, 0x19, 0x8a, 0x09, 0x35, 0x5b, 0x68, 0x1e, 0x2d, 0x03, 0x5d, 0xfc, 0x65, 0x57, 0x3d,
+    0x34, 0x88, 0x89, 0x28, 0xc1, 0x2f, 0x63, 0x57, 0x77, 0x43, 0xec, 0x78, 0x08, 0x84, 0x55, 0x0b,
+    0x35, 0xdc, 0xb9, 0x53, 0x2e, 0xab, 0x6b, 0x5e, 0xa3, 0x96, 0x4f, 0xf5, 0xae, 0x25, 0x94, 0x01,
+    0x36, 0x20, 0xe9, 0xde, 0xdc, 0xe4, 0x73, 0x45, 0x1c, 0x2a, 0x69, 0xa1, 0x87, 0x05, 0x14, 0x1f,
+    0x37, 0x74, 0xd9, 0xa5, 0x33, 0x60, 0x7b, 0x4c, 0xc8, 0xff, 0xca, 0x2c, 0x21, 0xa4, 0xd5, 0x15,
+    0x38, 0xfe, 0x0a, 0x59, 0x8f, 0xd0, 0x03, 0x3b, 0xce, 0xf6, 0x74, 0xeb, 0xac, 0x04, 0x10, 0x73,
+    0x39, 0xaa, 0x3a, 0x22, 0x60, 0x54, 0x0b, 0x32, 0x1a, 0x23, 0xd7, 0x66, 0x0a, 0xa5, 0xd1, 0x79,
+    0x3a, 0x56, 0x6a, 0xaf, 0x92, 0x1b, 0x13, 0x29, 0xa5, 0x9f, 0xf1, 0x32, 0x23, 0x85, 0x51, 0x67,
+    0x3b, 0x02, 0x5a, 0xd4, 0x7d, 0x9f, 0x1b, 0x20, 0x71, 0x4a, 0x52, 0xbf, 0x85, 0x24, 0x90, 0x6d,
+    0x3c, 0x6d, 0xca, 0x76, 0xb5, 0x85, 0x23, 0x1f, 0x18, 0x24, 0xbd, 0x9a, 0x71, 0xc5, 0x92, 0x5b,
+    0x3d, 0x39, 0xfa, 0x0d, 0x5a, 0x01, 0x2b, 0x16, 0xcc, 0xf1, 0x1e, 0x17, 0xd7, 0x64, 0x53, 0x51,
+    0x3e, 0xc5, 0xaa, 0x80, 0xa8, 0x4e, 0x33, 0x0d, 0x73, 0x4d, 0x38, 0x43, 0xfe, 0x44, 0xd3, 0x4f,
+    0x3f, 0x91, 0x9a, 0xfb, 0x47, 0xca, 0x3b, 0x04, 0xa7, 0x98, 0x9b, 0xce, 0x58, 0xe5, 0x12, 0x45,
+    0x40, 0x24, 0x5d, 0xb5, 0x26, 0x19, 0x45, 0x05, 0xfe, 0xbe, 0xcd, 0x1c, 0x4e, 0x4d, 0xf7, 0xc5,
+    0x41, 0x70, 0x6d, 0xce, 0xc9, 0x9d, 0x4d, 0x0c, 0x2a, 0x6b, 0x6e, 0x91, 0xe8, 0xec, 0x36, 0xcf,
+    0x42, 0x8c, 0x3d, 0x43, 0x3b, 0xd2, 0x55, 0x17, 0x95, 0xd7, 0x48, 0xc5, 0xc1, 0xcc, 0xb6, 0xd1,
+    0x43, 0xd8, 0x0d, 0x38, 0xd4, 0x56, 0x5d, 0x1e, 0x41, 0x02, 0xeb, 0x48, 0x67, 0x6d, 0x77, 0xdb,
+    0x44, 0xb7, 0x9d, 0x9a, 0x1c, 0x4c, 0x65, 0x21, 0x28, 0x6c, 0x04, 0x6d, 0x93, 0x8c, 0x75, 0xed,
+    0x45, 0xe3, 0xad, 0xe1, 0xf3, 0xc8, 0x6d, 0x28, 0xfc, 0xb9, 0xa7, 0xe0, 0x35, 0x2d, 0xb4, 0xe7,
+    0x46, 0x1f, 0xfd, 0x6c, 0x01, 0x87, 0x75, 0x33, 0x43, 0x05, 0x81, 0xb4, 0x1c, 0x0d, 0x34, 0xf9,
+    0x47, 0x4b, 0xcd, 0x17, 0xee, 0x03, 0x7d, 0x3a, 0x97, 0xd0, 0x22, 0x39, 0xba, 0xac, 0xf5, 0xf3,
+    0x48, 0xc1, 0x1e, 0xeb, 0x52, 0xb3, 0x05, 0x4d, 0x91, 0xd9, 0x9c, 0xfe, 0x37, 0x0c, 0x30, 0x95,
+    0x49, 0x95, 0x2e, 0x90, 0xbd, 0x37, 0x0d, 0x44, 0x45, 0x0c, 0x3f, 0x73, 0x91, 0xad, 0xf1, 0x9f,
+    0x4a, 0x69, 0x7e, 0x1d, 0x4f, 0x78, 0x15, 0x5f, 0xfa, 0xb0, 0x19, 0x27, 0xb8, 0x8d, 0x71, 0x81,
+    0x4b, 0x3d, 0x4e, 0x66, 0xa0, 0xfc, 0x1d, 0x56, 0x2e, 0x65, 0xba, 0xaa, 0x1e, 0x2c, 0xb0, 0x8b,
+    0x4c, 0x52, 0xde, 0xc4, 0x68, 0xe6, 0x25, 0x69, 0x47, 0x0b, 0x55, 0x8f, 0xea, 0xcd, 0xb2, 0xbd,
+    0x4d, 0x06, 0xee, 0xbf, 0x87, 0x62, 0x2d, 0x60, 0x93, 0xde, 0xf6, 0x02, 0x4c, 0x6c, 0x73, 0xb7,
+    0x4e, 0xfa, 0xbe, 0x32, 0x75, 0x2d, 0x35, 0x7b, 0x2c, 0x62, 0xd0, 0x56, 0x65, 0x4c, 0xf3, 0xa9,
+    0x4f, 0xae, 0x8e, 0x49, 0x9a, 0xa9, 0x3d, 0x72, 0xf8, 0xb7, 0x73, 0xdb, 0xc3, 0xed, 0x32, 0xa3,
+    0x50, 0x2d, 0xdb, 0x09, 0xce, 0x8e, 0xc5, 0x95, 0x20, 0x70, 0x6f, 0x1b, 0xbc, 0xcf, 0xba, 0x65,
+    0x51, 0x79, 0xeb, 0x72, 0x21, 0x0a, 0xcd, 0x9c, 0xf4, 0xa5, 0xcc, 0x96, 0x1a, 0x6e, 0x7b, 0x6f,
+    0x52, 0x85, 0xbb, 0xff, 0xd3, 0x45, 0xd5, 0x87, 0x4b, 0x19, 0xea, 0xc2, 0x33, 0x4e, 0xfb, 0x71,
+    0x53, 0xd1, 0x8b, 0x84, 0x3c, 0xc1, 0xdd, 0x8e, 0x9f, 0xcc, 0x49, 0x4f, 0x95, 0xef, 0x3a, 0x7b,
+    0x54, 0xbe, 0x1b, 0x26, 0xf4, 0xdb, 0xe5, 0xb1, 0xf6, 0xa2, 0xa6, 0x6a, 0x61, 0x0e, 0x38, 0x4d,
+    0x55, 0xea, 0x2b, 0x5d, 0x1b, 0x5f, 0xed, 0xb8, 0x22, 0x77, 0x05, 0xe7, 0xc7, 0xaf, 0xf9, 0x47,
+    0x56, 0x16, 0x7b, 0xd0, 0xe9, 0x10, 0xf5, 0xa3, 0x9d, 0xcb, 0x23, 0xb3, 0xee, 0x8f, 0x79, 0x59,
+    0x57, 0x42, 0x4b, 0xab, 0x06, 0x94, 0xfd, 0xaa, 0x49, 0x1e, 0x80, 0x3e, 0x48, 0x2e, 0xb8, 0x53,
+    0x58, 0xc8, 0x98, 0x57, 0xba, 0x24, 0x85, 0xdd, 0x4f, 0x17, 0x3e, 0xf9, 0xc5, 0x8e, 0x7d, 0x35,
+    0x59, 0x9c, 0xa8, 0x2c, 0x55, 0xa0, 0x8d, 0xd4, 0x9b, 0xc2, 0x9d, 0x74, 0x63, 0x2f, 0xbc, 0x3f,
+    0x5a, 0x60, 0xf8, 0xa1, 0xa7, 0xef, 0x95, 0xcf, 0x24, 0x7e, 0xbb, 0x20, 0x4a, 0x0f, 0x3c, 0x21,
+    0x5b, 0x34, 0xc8, 0xda, 0x48, 0x6b, 0x9d, 0xc6, 0xf0, 0xab, 0x18, 0xad, 0xec, 0xae, 0xfd, 0x2b,
+    0x5c, 0x5b, 0x58, 0x78, 0x80, 0x71, 0xa5, 0xf9, 0x99, 0xc5, 0xf7, 0x88, 0x18, 0x4f, 0xff, 0x1d,
+    0x5d, 0x0f, 0x68, 0x03, 0x6f, 0xf5, 0xad, 0xf0, 0x4d, 0x10, 0x54, 0x05, 0xbe, 0xee, 0x3e, 0x17,
+    0x5e, 0xf3, 0x38, 0x8e, 0x9d, 0xba, 0xb5, 0xeb, 0xf2, 0xac, 0x72, 0x51, 0x97, 0xce, 0xbe, 0x09,
+    0x5f, 0xa7, 0x08, 0xf5, 0x72, 0x3e, 0xbd, 0xe2, 0x26, 0x79, 0xd1, 0xdc, 0x31, 0x6f, 0x7f, 0x03,
+    0x60, 0x36, 0x92, 0x0e, 0x35, 0xf4, 0x86, 0xe6, 0x81, 0xe1, 0x4a, 0x12, 0x69, 0x8a, 0x6d, 0x46,
+    0x61, 0x62, 0xa2, 0x75, 0xda, 0x70, 0x8e, 0xef, 0x55, 0x34, 0xe9, 0x9f, 0xcf, 0x2b, 0xac, 0x4c,
+    0x62, 0x9e, 0xf2, 0xf8, 0x28, 0x3f, 0x96, 0xf4, 0xea, 0x88, 0xcf, 0xcb, 0xe6, 0x0b, 0x2c, 0x52,
+    0x63, 0xca, 0xc2, 0x83, 0xc7, 0xbb, 0x9e, 0xfd, 0x3e, 0x5d, 0x6c, 0x46, 0x40, 0xaa, 0xed, 0x58,
+    0x64, 0xa5, 0x52, 0x21, 0x0f, 0xa1, 0xa6, 0xc2, 0x57, 0x33, 0x83, 0x63, 0xb4, 0x4b, 0xef, 0x6e,
+    0x65, 0xf1, 0x62, 0x5a, 0xe0, 0x25, 0xae, 0xcb, 0x83, 0xe6, 0x20, 0xee, 0x12, 0xea, 0x2e, 0x64,
+    0x66, 0x0d, 0x32, 0xd7, 0x12, 0x6a, 0xb6, 0xd0, 0x3c, 0x5a, 0x06, 0xba, 0x3b, 0xca, 0xae, 0x7a,
+    0x67, 0x59, 0x02, 0xac, 0xfd, 0xee, 0xbe, 0xd9, 0xe8, 0x8f, 0xa5, 0x37, 0x9d, 0x6b, 0x6f, 0x70,
+    0x68, 0xd3, 0xd1, 0x50, 0x41, 0x5e, 0xc6, 0xae, 0xee, 0x86, 0x1b, 0xf0, 0x10, 0xcb, 0xaa, 0x16,
+    0x69, 0x87, 0xe1, 0x2b, 0xae, 0xda, 0xce, 0xa7, 0x3a, 0x53, 0xb8, 0x7d, 0xb6, 0x6a, 0x6b, 0x1c,
+    0x6a, 0x7b, 0xb1, 0xa6, 0x5c, 0x95, 0xd6, 0xbc, 0x85, 0xef, 0x9e, 0x29, 0x9f, 0x4a, 0xeb, 0x02,
+    0x6b, 0x2f, 0x81, 0xdd, 0xb3, 0x11, 0xde, 0xb5, 0x51, 0x3a, 0x3d, 0xa4, 0x39, 0xeb, 0x2a, 0x08,
+    0x6c, 0x40, 0x11, 0x7f, 0x7b, 0x0b, 0xe6, 0x8a, 0x38, 0x54, 0xd2, 0x81, 0xcd, 0x0a, 0x28, 0x3e,
+    0x6d, 0x14, 0x21, 0x04, 0x94, 0x8f, 0xee, 0x83, 0xec, 0x81, 0x71, 0x0c, 0x6b, 0xab, 0xe9, 0x34,
+    0x6e, 0xe8, 0x71, 0x89, 0x66, 0xc0, 0xf6, 0x98, 0x53, 0x3d, 0x57, 0x58, 0x42, 0x8b, 0x69, 0x2a,
+    0x6f, 0xbc, 0x41, 0xf2, 0x89, 0x44, 0xfe, 0x91, 0x87, 0xe8, 0xf4, 0xd5, 0xe4, 0x2a, 0xa8, 0x20,
+    0x70, 0x3f, 0x14, 0xb2, 0xdd, 0x63, 0x06, 0x76, 0x5f, 0x2f, 0xe8, 0x15, 0x9b, 0x08, 0x20, 0xe6,
+    0x71, 0x6b, 0x24, 0xc9, 0x32, 0xe7, 0x0e, 0x7f, 0x8b, 0xfa, 0x4b, 0x98, 0x3d, 0xa9, 0xe1, 0xec,
+    0x72, 0x97, 0x74, 0x44, 0xc0, 0xa8, 0x16, 0x64, 0x34, 0x46, 0x6d, 0xcc, 0x14, 0x89, 0x61, 0xf2,
+    0x73, 0xc3, 0x44, 0x3f, 0x2f, 0x2c, 0x1e, 0x6d, 0xe0, 0x93, 0xce, 0x41, 0xb2, 0x28, 0xa0, 0xf8,
+    0x74, 0xac, 0xd4, 0x9d, 0xe7, 0x36, 0x26, 0x52, 0x89, 0xfd, 0x21, 0x64, 0x46, 0xc9, 0xa2, 0xce,
+    0x75, 0xf8, 0xe4, 0xe6, 0x08, 0xb2, 0x2e, 0x5b, 0x5d, 0x28, 0x82, 0xe9, 0xe0, 0x68, 0x63, 0xc4,
+    0x76, 0x04, 0xb4, 0x6b, 0xfa, 0xfd, 0x36, 0x40, 0xe2, 0x94, 0xa4, 0xbd, 0xc9, 0x48, 0xe3, 0xda,
+    0x77, 0x50, 0x84, 0x10, 0x15, 0x79, 0x3e, 0x49, 0x36, 0x41, 0x07, 0x30, 0x6f, 0xe9, 0x22, 0xd0,
+    0x78, 0xda, 0x57, 0xec, 0xa9, 0xc9, 0x46, 0x3e, 0x30, 0x48, 0xb9, 0xf7, 0xe2, 0x49, 0xe7, 0xb6,
+    0x79, 0x8e, 0x67, 0x97, 0x46, 0x4d, 0x4e, 0x37, 0xe4, 0x9d, 0x1a, 0x7a, 0x44, 0xe8, 0x26, 0xbc,
+    0x7a, 0x72, 0x37, 0x1a, 0xb4, 0x02, 0x56, 0x2c, 0x5b, 0x21, 0x3c, 0x2e, 0x6d, 0xc8, 0xa6, 0xa2,
+    0x7b, 0x26, 0x07, 0x61, 0x5b, 0x86, 0x5e, 0x25, 0x8f, 0xf4, 0x9f, 0xa3, 0xcb, 0x69, 0x67, 0xa8,
+    0x7c, 0x49, 0x97, 0xc3, 0x93, 0x9c, 0x66, 0x1a, 0xe6, 0x9a, 0x70, 0x86, 0x3f, 0x88, 0x65, 0x9e,
+    0x7d, 0x1d, 0xa7, 0xb8, 0x7c, 0x18, 0x6e, 0x13, 0x32, 0x4f, 0xd3, 0x0b, 0x99, 0x29, 0xa4, 0x94,
+    0x7e, 0xe1, 0xf7, 0x35, 0x8e, 0x57, 0x76, 0x08, 0x8d, 0xf3, 0xf5, 0x5f, 0xb0, 0x09, 0x24, 0x8a,
+    0x7f, 0xb5, 0xc7, 0x4e, 0x61, 0xd3, 0x7e, 0x01, 0x59, 0x26, 0x56, 0xd2, 0x16, 0xa8, 0xe5, 0x80,
+    0x80, 0x48, 0xba, 0xa9, 0x4c, 0x32, 0x8a, 0x0a, 0x3f, 0xbf, 0x59, 0x38, 0x9c, 0x9a, 0x2d, 0x49,
+    0x81, 0x1c, 0x8a, 0xd2, 0xa3, 0xb6, 0x82, 0x03, 0xeb, 0x6a, 0xfa, 0xb5, 0x3a, 0x3b, 0xec, 0x43,
+    0x82, 0xe0, 0xda, 0x5f, 0x51, 0xf9, 0x9a, 0x18, 0x54, 0xd6, 0xdc, 0xe1, 0x13, 0x1b, 0x6c, 0x5d,
+    0x83, 0xb4, 0xea, 0x24, 0xbe, 0x7d, 0x92, 0x11, 0x80, 0x03, 0x7f, 0x6c, 0xb5, 0xba, 0xad, 0x57,
+    0x84, 0xdb, 0x7a, 0x86, 0x76, 0x67, 0xaa, 0x2e, 0xe9, 0x6d, 0x90, 0x49, 0x41, 0x5b, 0xaf, 0x61,
+    0x85, 0x8f, 0x4a, 0xfd, 0x99, 0xe3, 0xa2, 0x27, 0x3d, 0xb8, 0x33, 0xc4, 0xe7, 0xfa, 0x6e, 0x6b,
+    0x86, 0x73, 0x1a, 0x70, 0x6b, 0xac, 0xba, 0x3c, 0x82, 0x04, 0x15, 0x90, 0xce, 0xda, 0xee, 0x75,
+    0x87, 0x27, 0x2a, 0x0b, 0x84, 0x28, 0xb2, 0x35, 0x56, 0xd1, 0xb6, 0x1d, 0x68, 0x7b, 0x2f, 0x7f,
+    0x88, 0xad, 0xf9, 0xf7, 0x38, 0x98, 0xca, 0x42, 0x50, 0xd8, 0x08, 0xda, 0xe5, 0xdb, 0xea, 0x19,
+    0x89, 0xf9, 0xc9, 0x8c, 0xd7, 0x1c, 0xc2, 0x4b, 0x84, 0x0d, 0xab, 0x57, 0x43, 0x7a, 0x2b, 0x13,
+    0x8a, 0x05, 0x99, 0x01, 0x25, 0x53, 0xda, 0x50, 0x3b, 0xb1, 0x8d, 0x03, 0x6a, 0x5a, 0xab, 0x0d,
+    0x8b, 0x51, 0xa9, 0x7a, 0xca, 0xd7, 0xd2, 0x59, 0xef, 0x64, 0x2e, 0x8e, 0xcc, 0xfb, 0x6a, 0x07,
+    0x8c, 0x3e, 0x39, 0xd8, 0x02, 0xcd, 0xea, 0x66, 0x86, 0x0a, 0xc1, 0xab, 0x38, 0x1a, 0x68, 0x31,
+    0x8d, 0x6a, 0x09, 0xa3, 0xed, 0x49, 0xe2, 0x6f, 0x52, 0xdf, 0x62, 0x26, 0x9e, 0xbb, 0xa9, 0x3b,
+    0x8e, 0x96, 0x59, 0x2e, 0x1f, 0x06, 0xfa, 0x74, 0xed, 0x63, 0x44, 0x72, 0xb7, 0x9b, 0x29, 0x25,
+    0x8f, 0xc2, 0x69, 0x55, 0xf0, 0x82, 0xf2, 0x7d, 0x39, 0xb6, 0xe7, 0xff, 0x11, 0x3a, 0xe8, 0x2f,
+    0x90, 0x41, 0x3c, 0x15, 0xa4, 0xa5, 0x0a, 0x9a, 0xe1, 0x71, 0xfb, 0x3f, 0x6e, 0x18, 0x60, 0xe9,
+    0x91, 0x15, 0x0c, 0x6e, 0x4b, 0x21, 0x02, 0x93, 0x35, 0xa4, 0x58, 0xb2, 0xc8, 0xb9, 0xa1, 0xe3,
+    0x92, 0xe9, 0x5c, 0xe3, 0xb9, 0x6e, 0x1a, 0x88, 0x8a, 0x18, 0x7e, 0xe6, 0xe1, 0x99, 0x21, 0xfd,
+    0x93, 0xbd, 0x6c, 0x98, 0x56, 0xea, 0x12, 0x81, 0x5e, 0xcd, 0xdd, 0x6b, 0x47, 0x38, 0xe0, 0xf7,
+    0x94, 0xd2, 0xfc, 0x3a, 0x9e, 0xf0, 0x2a, 0xbe, 0x37, 0xa3, 0x32, 0x4e, 0xb3, 0xd9, 0xe2, 0xc1,
+    0x95, 0x86, 0xcc, 0x41, 0x71, 0x74, 0x22, 0xb7, 0xe3, 0x76, 0x91, 0xc3, 0x15, 0x78, 0x23, 0xcb,
+    0x96, 0x7a, 0x9c, 0xcc, 0x83, 0x3b, 0x3a, 0xac, 0x5c, 0xca, 0xb7, 0x97, 0x3c, 0x58, 0xa3, 0xd5,
+    0x97, 0x2e, 0xac, 0xb7, 0x6c, 0xbf, 0x32, 0xa5, 0x88, 0x1f, 0x14, 0x1a, 0x9a, 0xf9, 0x62, 0xdf,
+    0x98, 0xa4, 0x7f, 0x4b, 0xd0, 0x0f, 0x4a, 0xd2, 0x8e, 0x16, 0xaa, 0xdd, 0x17, 0x59, 0xa7, 0xb9,
+    0x99, 0xf0, 0x4f, 0x30, 0x3f, 0x8b, 0x42, 0xdb, 0x5a, 0xc3, 0x09, 0x50, 0xb1, 0xf8, 0x66, 0xb3,
+    0x9a, 0x0c, 0x1f, 0xbd, 0xcd, 0xc4, 0x5a, 0xc0, 0xe5, 0x7f, 0x2f, 0x04, 0x98, 0xd8, 0xe6, 0xad,
+    0x9b, 0x58, 0x2f, 0xc6, 0x22, 0x40, 0x52, 0xc9, 0x31, 0xaa, 0x8c, 0x89, 0x3e, 0x79, 0x27, 0xa7,
+    0x9c, 0x37, 0xbf, 0x64, 0xea, 0x5a, 0x6a, 0xf6, 0x58, 0xc4, 0x63, 0xac, 0xca, 0x98, 0x25, 0x91,
+    0x9d, 0x63, 0x8f, 0x1f, 0x05, 0xde, 0x62, 0xff, 0x8c, 0x11, 0xc0, 0x21, 0x6c, 0x39, 0xe4, 0x9b,
+    0x9e, 0x9f, 0xdf, 0x92, 0xf7, 0x91, 0x7a, 0xe4, 0x33, 0xad, 0xe6, 0x75, 0x45, 0x19, 0x64, 0x85,
+    0x9f, 0xcb, 0xef, 0xe9, 0x18, 0x15, 0x72, 0xed, 0xe7, 0x78, 0x45, 0xf8, 0xe3, 0xb8, 0xa5, 0x8f,
+    0xa0, 0x5a, 0x75, 0x12, 0x5f, 0xdf, 0x49, 0xe9, 0x40, 0xe0, 0xde, 0x36, 0xbb, 0x5d, 0xb7, 0xca,
+    0xa1, 0x0e, 0x45, 0x69, 0xb0, 0x5b, 0x41, 0xe0, 0x94, 0x35, 0x7d, 0xbb, 0x1d, 0xfc, 0x76, 0xc0,
+    0xa2, 0xf2, 0x15, 0xe4, 0x42, 0x14, 0x59, 0xfb, 0x2b, 0x89, 0x5b, 0xef, 0x34, 0xdc, 0xf6, 0xde,
+    0xa3, 0xa6, 0x25, 0x9f, 0xad, 0x90, 0x51, 0xf2, 0xff, 0x5c, 0xf8, 0x62, 0x92, 0x7d, 0x37, 0xd4,
+    0xa4, 0xc9, 0xb5, 0x3d, 0x65, 0x8a, 0x69, 0xcd, 0x96, 0x32, 0x17, 0x47, 0x66, 0x9c, 0x35, 0xe2,
+    0xa5, 0x9d, 0x85, 0x46, 0x8a, 0x0e, 0x61, 0xc4, 0x42, 0xe7, 0xb4, 0xca, 0xc0, 0x3d, 0xf4, 0xe8,
+    0xa6, 0x61, 0xd5, 0xcb, 0x78, 0x41, 0x79, 0xdf, 0xfd, 0x5b, 0x92, 0x9e, 0xe9, 0x1d, 0x74, 0xf6,
+    0xa7, 0x35, 0xe5, 0xb0, 0x97, 0xc5, 0x71, 0xd6, 0x29, 0x8e, 0x31, 0x13, 0x4f, 0xbc, 0xb5, 0xfc,
+    0xa8, 0xbf, 0x36, 0x4c, 0x2b, 0x75, 0x09, 0xa1, 0x2f, 0x87, 0x8f, 0xd4, 0xc2, 0x1c, 0x70, 0x9a,
+    0xa9, 0xeb, 0x06, 0x37, 0xc4, 0xf1, 0x01, 0xa8, 0xfb, 0x52, 0x2c, 0x59, 0x64, 0xbd, 0xb1, 0x90,
+    0xaa, 0x17, 0x56, 0xba, 0x36, 0xbe, 0x19, 0xb3, 0x44, 0xee, 0x0a, 0x0d, 0x4d, 0x9d, 0x31, 0x8e,
+    0xab, 0x43, 0x66, 0xc1, 0xd9, 0x3a, 0x11, 0xba, 0x90, 0x3b, 0xa9, 0x80, 0xeb, 0x3c, 0xf0, 0x84,
+    0xac, 0x2c, 0xf6, 0x63, 0x11, 0x20, 0x29, 0x85, 0xf9, 0x55, 0x46, 0xa5, 0x1f, 0xdd, 0xf2, 0xb2,
+    0xad, 0x78, 0xc6, 0x18, 0xfe, 0xa4, 0x21, 0x8c, 0x2d, 0x80, 0xe5, 0x28, 0xb9, 0x7c, 0x33, 0xb8,
+    0xae, 0x84, 0x96, 0x95, 0x0c, 0xeb, 0x39, 0x97, 0x92, 0x3c, 0xc3, 0x7c, 0x90, 0x5c, 0xb3, 0xa6,
+    0xaf, 0xd0, 0xa6, 0xee, 0xe3, 0x6f, 0x31, 0x9e, 0x46, 0xe9, 0x60, 0xf1, 0x36, 0xfd, 0x72, 0xac,
+    0xb0, 0x53, 0xf3, 0xae, 0xb7, 0x48, 0xc9, 0x79, 0x9e, 0x2e, 0x7c, 0x31, 0x49, 0xdf, 0xfa, 0x6a,
+    0xb1, 0x07, 0xc3, 0xd5, 0x58, 0xcc, 0xc1, 0x70, 0x4a, 0xfb, 0xdf, 0xbc, 0xef, 0x7e, 0x3b, 0x60,
+    0xb2, 0xfb, 0x93, 0x58, 0xaa, 0x83, 0xd9, 0x6b, 0xf5, 0x47, 0xf9, 0xe8, 0xc6, 0x5e, 0xbb, 0x7e,
+    0xb3, 0xaf, 0xa3, 0x23, 0x45, 0x07, 0xd1, 0x62, 0x21, 0x92, 0x5a, 0x65, 0x60, 0xff, 0x7a, 0x74,
+    0xb4, 0xc0, 0x33, 0x81, 0x8d, 0x1d, 0xe9, 0x5d, 0x48, 0xfc, 0xb5, 0x40, 0x94, 0x1e, 0x78, 0x42,
+    0xb5, 0x94, 0x03, 0xfa, 0x62, 0x99, 0xe1, 0x54, 0x9c, 0x29, 0x16, 0xcd, 0x32, 0xbf, 0xb9, 0x48,
+    0xb6, 0x68, 0x53, 0x77, 0x90, 0xd6, 0xf9, 0x4f, 0x23, 0x95, 0x30, 0x99, 0x1b, 0x9f, 0x39, 0x56,
+    0xb7, 0x3c, 0x63, 0x0c, 0x7f, 0x52, 0xf1, 0x46, 0xf7, 0x40, 0x93, 0x14, 0xbd, 0x3e, 0xf8, 0x5c,
+    0xb8, 0xb6, 0xb0, 0xf0, 0xc3, 0xe2, 0x89, 0x31, 0xf1, 0x49, 0x2d, 0xd3, 0x30, 0x9e, 0x3d, 0x3a,
+    0xb9, 0xe2, 0x80, 0x8b, 0x2c, 0x66, 0x81, 0x38, 0x25, 0x9c, 0x8e, 0x5e, 0x96, 0x3f, 0xfc, 0x30,
+    0xba, 0x1e, 0xd0, 0x06, 0xde, 0x29, 0x99, 0x23, 0x9a, 0x20, 0xa8, 0x0a, 0xbf, 0x1f, 0x7c, 0x2e,
+    0xbb, 0x4a, 0xe0, 0x7d, 0x31, 0xad, 0x91, 0x2a, 0x4e, 0xf5, 0x0b, 0x87, 0x19, 0xbe, 0xbd, 0x24,
+    0xbc, 0x25, 0x70, 0xdf, 0xf9, 0xb7, 0xa9, 0x15, 0x27, 0x9b, 0xe4, 0xa2, 0xed, 0x5f, 0xbf, 0x12,
+    0xbd, 0x71, 0x40, 0xa4, 0x16, 0x33, 0xa1, 0x1c, 0xf3, 0x4e, 0x47, 0x2f, 0x4b, 0xfe, 0x7e, 0x18,
+    0xbe, 0x8d, 0x10, 0x29, 0xe4, 0x7c, 0xb9, 0x07, 0x4c, 0xf2, 0x61, 0x7b, 0x62, 0xde, 0xfe, 0x06,
+    0xbf, 0xd9, 0x20, 0x52, 0x0b, 0xf8, 0xb1, 0x0e, 0x98, 0x27, 0xc2, 0xf6, 0xc4, 0x7f, 0x3f, 0x0c,
+    0xc0, 0x6c, 0xe7, 0x1c, 0x6a, 0x2b, 0xcf, 0x0f, 0xc1, 0x01, 0x94, 0x24, 0xd2, 0xd7, 0xda, 0x8c,
+    0xc1, 0x38, 0xd7, 0x67, 0x85, 0xaf, 0xc7, 0x06, 0x15, 0xd4, 0x37, 0xa9, 0x74, 0x76, 0x1b, 0x86,
+    0xc2, 0xc4, 0x87, 0xea, 0x77, 0xe0, 0xdf, 0x1d, 0xaa, 0x68, 0x11, 0xfd, 0x5d, 0x56, 0x9b, 0x98,
+    0xc3, 0x90, 0xb7, 0x91, 0x98, 0x64, 0xd7, 0x14, 0x7e, 0xbd, 0xb2, 0x70, 0xfb, 0xf7, 0x5a, 0x92,
+    0xc4, 0xff, 0x27, 0x33, 0x50, 0x7e, 0xef, 0x2b, 0x17, 0xd3, 0x5d, 0x55, 0x0f, 0x16, 0x58, 0xa4,
+    0xc5, 0xab, 0x17, 0x48, 0xbf, 0xfa, 0xe7, 0x22, 0xc3, 0x06, 0xfe, 0xd8, 0xa9, 0xb7, 0x99, 0xae,
+    0xc6, 0x57, 0x47, 0xc5, 0x4d, 0xb5, 0xff, 0x39, 0x7c, 0xba, 0xd8, 0x8c, 0x80, 0x97, 0x19, 0xb0,
+    0xc7, 0x03, 0x77, 0xbe, 0xa2, 0x31, 0xf7, 0x30, 0xa8, 0x6f, 0x7b, 0x01, 0x26, 0x36, 0xd8, 0xba,
+    0xc8, 0x89, 0xa4, 0x42, 0x1e, 0x81, 0x8f, 0x47, 0xae, 0x66, 0xc5, 0xc6, 0xab, 0x96, 0x1d, 0xdc,
+    0xc9, 0xdd, 0x94, 0x39, 0xf1, 0x05, 0x87, 0x4e, 0x7a, 0xb3, 0x66, 0x4b, 0x0d, 0x37, 0xdc, 0xd6,
+    0xca, 0x21, 0xc4, 0xb4, 0x03, 0x4a, 0x9f, 0x55, 0xc5, 0x0f, 0x40, 0x1f, 0x24, 0x17, 0x5c, 0xc8,
+    0xcb, 0x75, 0xf4, 0xcf, 0xec, 0xce, 0x97, 0x5c, 0x11, 0xda, 0xe3, 0x92, 0x82, 0xb6, 0x9d, 0xc2,
+    0xcc, 0x1a, 0x64, 0x6d, 0x24, 0xd4, 0xaf, 0x63, 0x78, 0xb4, 0x0c, 0xb7, 0x76, 0x57, 0x9f, 0xf4,
+    0xcd, 0x4e, 0x54, 0x16, 0xcb, 0x50, 0xa7, 0x6a, 0xac, 0x61, 0xaf, 0x3a, 0xd0, 0xf6, 0x5e, 0xfe,
+    0xce, 0xb2, 0x04, 0x9b, 0x39, 0x1f, 0xbf, 0x71, 0x13, 0xdd, 0x89, 0x6e, 0xf9, 0xd6, 0xde, 0xe0,
+    0xcf, 0xe6, 0x34, 0xe0, 0xd6, 0x9b, 0xb7, 0x78, 0xc7, 0x08, 0x2a, 0xe3, 0x5f, 0x77, 0x1f, 0xea,
+    0xd0, 0x65, 0x61, 0xa0, 0x82, 0xbc, 0x4f, 0x9f, 0x1f, 0xcf, 0x36, 0x23, 0x20, 0x55, 0x97, 0x2c,
+    0xd1, 0x31, 0x51, 0xdb, 0x6d, 0x38, 0x47, 0x96, 0xcb, 0x1a, 0x95, 0xae, 0x86, 0xf4, 0x56, 0x26,
+    0xd2, 0xcd, 0x01, 0x56, 0x9f, 0x77, 0x5f, 0x8d, 0x74, 0xa6, 0xb3, 0xfa, 0xaf, 0xd4, 0xd6, 0x38,
+    0xd3, 0x99, 0x31, 0x2d, 0x70, 0xf3, 0x57, 0x84, 0xa0, 0x73, 0x10, 0x77, 0x09, 0x75, 0x17, 0x32,
+    0xd4, 0xf6, 0xa1, 0x8f, 0xb8, 0xe9, 0x6f, 0xbb, 0xc9, 0x1d, 0xff, 0x52, 0xfd, 0x94, 0x15, 0x04,
+    0xd5, 0xa2, 0x91, 0xf4, 0x57, 0x6d, 0x67, 0xb2, 0x1d, 0xc8, 0x5c, 0xdf, 0x5b, 0x35, 0xd4, 0x0e,
+    0xd6, 0x5e, 0xc1, 0x79, 0xa5, 0x22, 0x7f, 0xa9, 0xa2, 0x74, 0x7a, 0x8b, 0x72, 0x15, 0x54, 0x10,
+    0xd7, 0x0a, 0xf1, 0x02, 0x4a, 0xa6, 0x77, 0xa0, 0x76, 0xa1, 0xd9, 0x06, 0xd4, 0xb4, 0x95, 0x1a,
+    0xd8, 0x80, 0x22, 0xfe, 0xf6, 0x16, 0x0f, 0xd7, 0x70, 0xa8, 0x67, 0xc1, 0x59, 0x14, 0x50, 0x7c,
+    0xd9, 0xd4, 0x12, 0x85, 0x19, 0x92, 0x07, 0xde, 0xa4, 0x7d, 0xc4, 0x4c, 0xff, 0xb5, 0x91, 0x76,
+    0xda, 0x28, 0x42, 0x08, 0xeb, 0xdd, 0x1f, 0xc5, 0x1b, 0xc1, 0xe2, 0x18, 0xd6, 0x95, 0x11, 0x68,
+    0xdb, 0x7c, 0x72, 0x73, 0x04, 0x59, 0x17, 0xcc, 0xcf, 0x14, 0x41, 0x95, 0x70, 0x34, 0xd0, 0x62,
+    0xdc, 0x13, 0xe2, 0xd1, 0xcc, 0x43, 0x2f, 0xf3, 0xa6, 0x7a, 0xae, 0xb0, 0x84, 0xd5, 0xd2, 0x54,
+    0xdd, 0x47, 0xd2, 0xaa, 0x23, 0xc7, 0x27, 0xfa, 0x72, 0xaf, 0x0d, 0x3d, 0x22, 0x74, 0x13, 0x5e,
+    0xde, 0xbb, 0x82, 0x27, 0xd1, 0x88, 0x3f, 0xe1, 0xcd, 0x13, 0x2b, 0x69, 0x0b, 0x54, 0x93, 0x40,
+    0xdf, 0xef, 0xb2, 0x5c, 0x3e, 0x0c, 0x37, 0xe8, 0x19, 0xc6, 0x88, 0xe4, 0xad, 0xf5, 0x52, 0x4a,
+    0xe0, 0x7e, 0x28, 0xa7, 0x79, 0xc6, 0x0c, 0xec, 0xbe, 0x5e, 0x13, 0x2a, 0xf5, 0x10, 0x40, 0x0f,
+    0xe1, 0x2a, 0x18, 0xdc, 0x96, 0x42, 0x04, 0xe5, 0x6a, 0x8b, 0xb0, 0xa7, 0x53, 0xb1, 0x81, 0x05,
+    0xe2, 0xd6, 0x48, 0x51, 0x64, 0x0d, 0x1c, 0xfe, 0xd5, 0x37, 0x96, 0xf3, 0x7a, 0x91, 0x01, 0x1b,
+    0xe3, 0x82, 0x78, 0x2a, 0x8b, 0x89, 0x14, 0xf7, 0x01, 0xe2, 0x35, 0x7e, 0xdc, 0x30, 0xc0, 0x11,
+    0xe4, 0xed, 0xe8, 0x88, 0x43, 0x93, 0x2c, 0xc8, 0x68, 0x8c, 0xda, 0x5b, 0x28, 0xd1, 0xc2, 0x27,
+    0xe5, 0xb9, 0xd8, 0xf3, 0xac, 0x17, 0x24, 0xc1, 0xbc, 0x59, 0x79, 0xd6, 0x8e, 0x70, 0x03, 0x2d,
+    0xe6, 0x45, 0x88, 0x7e, 0x5e, 0x58, 0x3c, 0xda, 0x03, 0xe5, 0x5f, 0x82, 0xa7, 0x50, 0x83, 0x33,
+    0xe7, 0x11, 0xb8, 0x05, 0xb1, 0xdc, 0x34, 0xd3, 0xd7, 0x30, 0xfc, 0x0f, 0x01, 0xf1, 0x42, 0x39,
+    0xe8, 0x9b, 0x6b, 0xf9, 0x0d, 0x6c, 0x4c, 0xa4, 0xd1, 0x39, 0x42, 0xc8, 0x8c, 0x51, 0x87, 0x5f,
+    0xe9, 0xcf, 0x5b, 0x82, 0xe2, 0xe8, 0x44, 0xad, 0x05, 0xec, 0xe1, 0x45, 0x2a, 0xf0, 0x46, 0x55,
+    0xea, 0x33, 0x0b, 0x0f, 0x10, 0xa7, 0x5c, 0xb6, 0xba, 0x50, 0xc7, 0x11, 0x03, 0xd0, 0xc6, 0x4b,
+    0xeb, 0x67, 0x3b, 0x74, 0xff, 0x23, 0x54, 0xbf, 0x6e, 0x85, 0x64, 0x9c, 0xa5, 0x71, 0x07, 0x41,
+    0xec, 0x08, 0xab, 0xd6, 0x37, 0x39, 0x6c, 0x80, 0x07, 0xeb, 0x8b, 0xb9, 0x51, 0x90, 0x05, 0x77,
+    0xed, 0x5c, 0x9b, 0xad, 0xd8, 0xbd, 0x64, 0x89, 0xd3, 0x3e, 0x28, 0x34, 0xf7, 0x31, 0xc4, 0x7d,
+    0xee, 0xa0, 0xcb, 0x20, 0x2a, 0xf2, 0x7c, 0x92, 0x6c, 0x82, 0x0e, 0x60, 0xde, 0x11, 0x44, 0x63,
+    0xef, 0xf4, 0xfb, 0x5b, 0xc5, 0x76, 0x74, 0x9b, 0xb8, 0x57, 0xad, 0xed, 0x78, 0xb0, 0x85, 0x69,
+    0xf0, 0x77, 0xae, 0x1b, 0x91, 0x51, 0x8c, 0x7c, 0x60, 0x90, 0xb1, 0x2d, 0x07, 0x92, 0x0d, 0xaf,
+    0xf1, 0x23, 0x9e, 0x60, 0x7e, 0xd5, 0x84, 0x75, 0xb4, 0x45, 0x12, 0xa0, 0xa1, 0x33, 0xcc, 0xa5,
+    0xf2, 0xdf, 0xce, 0xed, 0x8c, 0x9a, 0x9c, 0x6e, 0x0b, 0xf9, 0x34, 0xf4, 0x88, 0x13, 0x4c, 0xbb,
+    0xf3, 0x8b, 0xfe, 0x96, 0x63, 0x1e, 0x94, 0x67, 0xdf, 0x2c, 0x97, 0x79, 0x2e, 0xb2, 0x8d, 0xb1,
+    0xf4, 0xe4, 0x6e, 0x34, 0xab, 0x04, 0xac, 0x58, 0xb6, 0x42, 0x78, 0x5c, 0xda, 0x53, 0x8f, 0x87,
+    0xf5, 0xb0, 0x5e, 0x4f, 0x44, 0x80, 0xa4, 0x51, 0x62, 0x97, 0xdb, 0xd1, 0x7c, 0xf2, 0x4e, 0x8d,
+    0xf6, 0x4c, 0x0e, 0xc2, 0xb6, 0xcf, 0xbc, 0x4a, 0xdd, 0x2b, 0xfd, 0x85, 0x55, 0xd2, 0xce, 0x93,
+    0xf7, 0x18, 0x3e, 0xb9, 0x59, 0x4b, 0xb4, 0x43, 0x09, 0xfe, 0x5e, 0x08, 0xf3, 0x73, 0x0f, 0x99,
+    0xf8, 0x92, 0xed, 0x45, 0xe5, 0xfb, 0xcc, 0x34, 0x0f, 0xf7, 0xe0, 0xcf, 0x7e, 0xd3, 0xca, 0xff,
+    0xf9, 0xc6, 0xdd, 0x3e, 0x0a, 0x7f, 0xc4, 0x3d, 0xdb, 0x22, 0x43, 0x42, 0xd8, 0x72, 0x0b, 0xf5,
+    0xfa, 0x3a, 0x8d, 0xb3, 0xf8, 0x30, 0xdc, 0x26, 0x64, 0x9e, 0x65, 0x16, 0xf1, 0x52, 0x8b, 0xeb,
+    0xfb, 0x6e, 0xbd, 0xc8, 0x17, 0xb4, 0xd4, 0x2f, 0xb0, 0x4b, 0xc6, 0x9b, 0x57, 0xf3, 0x4a, 0xe1,
+    0xfc, 0x01, 0x2d, 0x6a, 0xdf, 0xae, 0xec, 0x10, 0xd9, 0x25, 0x29, 0xbe, 0xa3, 0x12, 0x48, 0xd7,
+    0xfd, 0x55, 0x1d, 0x11, 0x30, 0x2a, 0xe4, 0x19, 0x0d, 0xf0, 0x8a, 0x33, 0x05, 0xb3, 0x89, 0xdd,
+    0xfe, 0xa9, 0x4d, 0x9c, 0xc2, 0x65, 0xfc, 0x02, 0xb2, 0x4c, 0xac, 0x67, 0x2c, 0x93, 0x09, 0xc3,
+    0xff, 0xfd, 0x7d, 0xe7, 0x2d, 0xe1, 0xf4, 0x0b, 0x66, 0x99, 0x0f, 0xea, 0x8a, 0x32, 0xc8, 0xc9,
+  },
+  { /* 8 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0xfb, 0xde, 0xe0, 0xaf, 0x10, 0xc9, 0xf6, 0x49, 0xbe, 0xe7, 0x6e, 0xa4, 0x6a, 0x2b, 0x9c, 0xf3,
+    0x35, 0x7f, 0x03, 0x9d, 0x20, 0x51, 0x2f, 0x92, 0xbf, 0x0d, 0xdc, 0x8b, 0xd4, 0x56, 0xfb, 0x25,
+    0xce, 0xa1, 0xe3, 0x32, 0x30, 0x98, 0xd9, 0xdb, 0x01, 0xea, 0xb2, 0x2f, 0xbe, 0x7d, 0x67, 0xd6,
+    0x6a, 0xfe, 0x06, 0xf9, 0x40, 0xa2, 0x5e, 0xe7, 0xbd, 0x1a, 0x7b, 0xd5, 0x6b, 0xac, 0x35, 0x4a,
+    0x91, 0x20, 0xe6, 0x56, 0x50, 0x6b, 0xa8, 0xae, 0x03, 0xfd, 0x15, 0x71, 0x01, 0x87, 0xa9, 0xb9,
+    0x5f, 0x81, 0x05, 0x64, 0x60, 0xf3, 0x71, 0x75, 0x02, 0x17, 0xa7, 0x5e, 0xbf, 0xfa, 0xce, 0x6f,
+    0xa4, 0x5f, 0xe5, 0xcb, 0x70, 0x3a, 0x87, 0x3c, 0xbc, 0xf0, 0xc9, 0xfa, 0xd5, 0xd1, 0x52, 0x9c,
+    0xd4, 0x3f, 0x0c, 0x31, 0x80, 0x87, 0xbc, 0x0d, 0xb9, 0x34, 0xf6, 0x69, 0xd6, 0x9b, 0x6a, 0x94,
+    0x2f, 0xe1, 0xec, 0x9e, 0x90, 0x4e, 0x4a, 0x44, 0x07, 0xd3, 0x98, 0xcd, 0xbc, 0xb0, 0xf6, 0x67,
+    0xe1, 0x40, 0x0f, 0xac, 0xa0, 0xd6, 0x93, 0x9f, 0x06, 0x39, 0x2a, 0xe2, 0x02, 0xcd, 0x91, 0xb1,
+    0x1a, 0x9e, 0xef, 0x03, 0xb0, 0x1f, 0x65, 0xd6, 0xb8, 0xde, 0x44, 0x46, 0x68, 0xe6, 0x0d, 0x42,
+    0xbe, 0xc1, 0x0a, 0xc8, 0xc0, 0x25, 0xe2, 0xea, 0x04, 0x2e, 0x8d, 0xbc, 0xbd, 0x37, 0x5f, 0xde,
+    0x45, 0x1f, 0xea, 0x67, 0xd0, 0xec, 0x14, 0xa3, 0xba, 0xc9, 0xe3, 0x18, 0xd7, 0x1c, 0xc3, 0x2d,
+    0x8b, 0xbe, 0x09, 0x55, 0xe0, 0x74, 0xcd, 0x78, 0xbb, 0x23, 0x51, 0x37, 0x69, 0x61, 0xa4, 0xfb,
+    0x70, 0x60, 0xe9, 0xfa, 0xf0, 0xbd, 0x3b, 0x31, 0x05, 0xc4, 0x3f, 0x93, 0x03, 0x4a, 0x38, 0x08,
+    0x6b, 0x7e, 0x18, 0x62, 0xc3, 0xcd, 0xbb, 0x1a, 0xb1, 0x68, 0x2f, 0xd2, 0x6f, 0xf5, 0xd4, 0xeb,
+    0x90, 0xa0, 0xf8, 0xcd, 0xd3, 0x04, 0x4d, 0x53, 0x0f, 0x8f, 0x41, 0x76, 0x05, 0xde, 0x48, 0x18,
+    0x5e, 0x01, 0x1b, 0xff, 0xe3, 0x9c, 0x94, 0x88, 0x0e, 0x65, 0xf3, 0x59, 0xbb, 0xa3, 0x2f, 0xce,
+    0xa5, 0xdf, 0xfb, 0x50, 0xf3, 0x55, 0x62, 0xc1, 0xb0, 0x82, 0x9d, 0xfd, 0xd1, 0x88, 0xb3, 0x3d,
+    0x01, 0x80, 0x1e, 0x9b, 0x83, 0x6f, 0xe5, 0xfd, 0x0c, 0x72, 0x54, 0x07, 0x04, 0x59, 0xe1, 0xa1,
+    0xfa, 0x5e, 0xfe, 0x34, 0x93, 0xa6, 0x13, 0xb4, 0xb2, 0x95, 0x3a, 0xa3, 0x6e, 0x72, 0x7d, 0x52,
+    0x34, 0xff, 0x1d, 0x06, 0xa3, 0x3e, 0xca, 0x6f, 0xb3, 0x7f, 0x88, 0x8c, 0xd0, 0x0f, 0x1a, 0x84,
+    0xcf, 0x21, 0xfd, 0xa9, 0xb3, 0xf7, 0x3c, 0x26, 0x0d, 0x98, 0xe6, 0x28, 0xba, 0x24, 0x86, 0x77,
+    0xbf, 0x41, 0x14, 0x53, 0x43, 0x4a, 0x07, 0x17, 0x08, 0x5c, 0xd9, 0xbb, 0xb9, 0x6e, 0xbe, 0x7f,
+    0x44, 0x9f, 0xf4, 0xfc, 0x53, 0x83, 0xf1, 0x5e, 0xb6, 0xbb, 0xb7, 0x1f, 0xd3, 0x45, 0x22, 0x8c,
+    0x8a, 0x3e, 0x17, 0xce, 0x63, 0x1b, 0x28, 0x85, 0xb7, 0x51, 0x05, 0x30, 0x6d, 0x38, 0x45, 0x5a,
+    0x71, 0xe0, 0xf7, 0x61, 0x73, 0xd2, 0xde, 0xcc, 0x09, 0xb6, 0x6b, 0x94, 0x07, 0x13, 0xd9, 0xa9,
+    0xd5, 0xbf, 0x12, 0xaa, 0x03, 0xe8, 0x59, 0xf0, 0xb5, 0x46, 0xa2, 0x6e, 0xd2, 0xc2, 0x8b, 0x35,
+    0x2e, 0x61, 0xf2, 0x05, 0x13, 0x21, 0xaf, 0xb9, 0x0b, 0xa1, 0xcc, 0xca, 0xb8, 0xe9, 0x17, 0xc6,
+    0xe0, 0xc0, 0x11, 0x37, 0x23, 0xb9, 0x76, 0x62, 0x0a, 0x4b, 0x7e, 0xe5, 0x06, 0x94, 0x70, 0x10,
+    0x1b, 0x1e, 0xf1, 0x98, 0x33, 0x70, 0x80, 0x2b, 0xb4, 0xac, 0x10, 0x41, 0x6c, 0xbf, 0xec, 0xe3,
+    0xd6, 0xfc, 0x30, 0xc4, 0x45, 0x59, 0xb5, 0x34, 0xa1, 0xd0, 0x5e, 0x67, 0xde, 0x29, 0x6b, 0x15,
+    0x2d, 0x22, 0xd0, 0x6b, 0x55, 0x90, 0x43, 0x7d, 0x1f, 0x37, 0x30, 0xc3, 0xb4, 0x02, 0xf7, 0xe6,
+    0xe3, 0x83, 0x33, 0x59, 0x65, 0x08, 0x9a, 0xa6, 0x1e, 0xdd, 0x82, 0xec, 0x0a, 0x7f, 0x90, 0x30,
+    0x18, 0x5d, 0xd3, 0xf6, 0x75, 0xc1, 0x6c, 0xef, 0xa0, 0x3a, 0xec, 0x48, 0x60, 0x54, 0x0c, 0xc3,
+    0xbc, 0x02, 0x36, 0x3d, 0x05, 0xfb, 0xeb, 0xd3, 0x1c, 0xca, 0x25, 0xb2, 0xb5, 0x85, 0x5e, 0x5f,
+    0x47, 0xdc, 0xd6, 0x92, 0x15, 0x32, 0x1d, 0x9a, 0xa2, 0x2d, 0x4b, 0x16, 0xdf, 0xae, 0xc2, 0xac,
+    0x89, 0x7d, 0x35, 0xa0, 0x25, 0xaa, 0xc4, 0x41, 0xa3, 0xc7, 0xf9, 0x39, 0x61, 0xd3, 0xa5, 0x7a,
+    0x72, 0xa3, 0xd5, 0x0f, 0x35, 0x63, 0x32, 0x08, 0x1d, 0x20, 0x97, 0x9d, 0x0b, 0xf8, 0x39, 0x89,
+    0x02, 0xc3, 0x3c, 0xf5, 0xc5, 0xde, 0x09, 0x39, 0x18, 0xe4, 0xa8, 0x0e, 0x08, 0xb2, 0x01, 0x81,
+    0xf9, 0x1d, 0xdc, 0x5a, 0xd5, 0x17, 0xff, 0x70, 0xa6, 0x03, 0xc6, 0xaa, 0x62, 0x99, 0x9d, 0x72,
+    0x37, 0xbc, 0x3f, 0x68, 0xe5, 0x8f, 0x26, 0xab, 0xa7, 0xe9, 0x74, 0x85, 0xdc, 0xe4, 0xfa, 0xa4,
+    0xcc, 0x62, 0xdf, 0xc7, 0xf5, 0x46, 0xd0, 0xe2, 0x19, 0x0e, 0x1a, 0x21, 0xb6, 0xcf, 0x66, 0x57,
+    0x68, 0x3d, 0x3a, 0x0c, 0x85, 0x7c, 0x57, 0xde, 0xa5, 0xfe, 0xd3, 0xdb, 0x63, 0x1e, 0x34, 0xcb,
+    0x93, 0xe3, 0xda, 0xa3, 0x95, 0xb5, 0xa1, 0x97, 0x1b, 0x19, 0xbd, 0x7f, 0x09, 0x35, 0xa8, 0x38,
+    0x5d, 0x42, 0x39, 0x91, 0xa5, 0x2d, 0x78, 0x4c, 0x1a, 0xf3, 0x0f, 0x50, 0xb7, 0x48, 0xcf, 0xee,
+    0xa6, 0x9c, 0xd9, 0x3e, 0xb5, 0xe4, 0x8e, 0x05, 0xa4, 0x14, 0x61, 0xf4, 0xdd, 0x63, 0x53, 0x1d,
+    0xbd, 0x82, 0x28, 0xa6, 0x86, 0x94, 0x0e, 0x2e, 0x10, 0xb8, 0x71, 0xb5, 0xb1, 0xdc, 0xbf, 0xfe,
+    0x46, 0x5c, 0xc8, 0x09, 0x96, 0x5d, 0xf8, 0x67, 0xae, 0x5f, 0x1f, 0x11, 0xdb, 0xf7, 0x23, 0x0d,
+    0x88, 0xfd, 0x2b, 0x3b, 0xa6, 0xc5, 0x21, 0xbc, 0xaf, 0xb5, 0xad, 0x3e, 0x65, 0x8a, 0x44, 0xdb,
+    0x73, 0x23, 0xcb, 0x94, 0xb6, 0x0c, 0xd7, 0xf5, 0x11, 0x52, 0xc3, 0x9a, 0x0f, 0xa1, 0xd8, 0x28,
+    0xd7, 0x7c, 0x2e, 0x5f, 0xc6, 0x36, 0x50, 0xc9, 0xad, 0xa2, 0x0a, 0x60, 0xda, 0x70, 0x8a, 0xb4,
+    0x2c, 0xa2, 0xce, 0xf0, 0xd6, 0xff, 0xa6, 0x80, 0x13, 0x45, 0x64, 0xc4, 0xb0, 0x5b, 0x16, 0x47,
+    0xe2, 0x03, 0x2d, 0xc2, 0xe6, 0x67, 0x7f, 0x5b, 0x12, 0xaf, 0xd6, 0xeb, 0x0e, 0x26, 0x71, 0x91,
+    0x19, 0xdd, 0xcd, 0x6d, 0xf6, 0xae, 0x89, 0x12, 0xac, 0x48, 0xb8, 0x4f, 0x64, 0x0d, 0xed, 0x62,
+    0x69, 0xbd, 0x24, 0x97, 0x06, 0x13, 0xb2, 0x23, 0xa9, 0x8c, 0x87, 0xdc, 0x67, 0x47, 0xd5, 0x6a,
+    0x92, 0x63, 0xc4, 0x38, 0x16, 0xda, 0x44, 0x6a, 0x17, 0x6b, 0xe9, 0x78, 0x0d, 0x6c, 0x49, 0x99,
+    0x5c, 0xc2, 0x27, 0x0a, 0x26, 0x42, 0x9d, 0xb1, 0x16, 0x81, 0x5b, 0x57, 0xb3, 0x11, 0x2e, 0x4f,
+    0xa7, 0x1c, 0xc7, 0xa5, 0x36, 0x8b, 0x6b, 0xf8, 0xa8, 0x66, 0x35, 0xf3, 0xd9, 0x3a, 0xb2, 0xbc,
+    0x03, 0x43, 0x22, 0x6e, 0x46, 0xb1, 0xec, 0xc4, 0x14, 0x96, 0xfc, 0x09, 0x0c, 0xeb, 0xe0, 0x20,
+    0xf8, 0x9d, 0xc2, 0xc1, 0x56, 0x78, 0x1a, 0x8d, 0xaa, 0x71, 0x92, 0xad, 0x66, 0xc0, 0x7c, 0xd3,
+    0x36, 0x3c, 0x21, 0xf3, 0x66, 0xe0, 0xc3, 0x56, 0xab, 0x9b, 0x20, 0x82, 0xd8, 0xbd, 0x1b, 0x05,
+    0xcd, 0xe2, 0xc1, 0x5c, 0x76, 0x29, 0x35, 0x1f, 0x15, 0x7c, 0x4e, 0x26, 0xb2, 0x96, 0x87, 0xf6,
+    0x6f, 0x3b, 0x60, 0x4b, 0x8a, 0xb2, 0xa9, 0x68, 0x81, 0x63, 0xbc, 0xce, 0x7f, 0x52, 0xd6, 0x2a,
+    0x94, 0xe5, 0x80, 0xe4, 0x9a, 0x7b, 0x5f, 0x21, 0x3f, 0x84, 0xd2, 0x6a, 0x15, 0x79, 0x4a, 0xd9,
+    0x5a, 0x44, 0x63, 0xd6, 0xaa, 0xe3, 0x86, 0xfa, 0x3e, 0x6e, 0x60, 0x45, 0xab, 0x04, 0x2d, 0x0f,
+    0xa1, 0x9a, 0x83, 0x79, 0xba, 0x2a, 0x70, 0xb3, 0x80, 0x89, 0x0e, 0xe1, 0xc1, 0x2f, 0xb1, 0xfc,
+    0x05, 0xc5, 0x66, 0xb2, 0xca, 0x10, 0xf7, 0x8f, 0x3c, 0x79, 0xc7, 0x1b, 0x14, 0xfe, 0xe3, 0x60,
+    0xfe, 0x1b, 0x86, 0x1d, 0xda, 0xd9, 0x01, 0xc6, 0x82, 0x9e, 0xa9, 0xbf, 0x7e, 0xd5, 0x7f, 0x93,
+    0x30, 0xba, 0x65, 0x2f, 0xea, 0x41, 0xd8, 0x1d, 0x83, 0x74, 0x1b, 0x90, 0xc0, 0xa8, 0x18, 0x45,
+    0xcb, 0x64, 0x85, 0x80, 0xfa, 0x88, 0x2e, 0x54, 0x3d, 0x93, 0x75, 0x34, 0xaa, 0x83, 0x84, 0xb6,
+    0xbb, 0x04, 0x6c, 0x7a, 0x0a, 0x35, 0x15, 0x65, 0x38, 0x57, 0x4a, 0xa7, 0xa9, 0xc9, 0xbc, 0xbe,
+    0x40, 0xda, 0x8c, 0xd5, 0x1a, 0xfc, 0xe3, 0x2c, 0x86, 0xb0, 0x24, 0x03, 0xc3, 0xe2, 0x20, 0x4d,
+    0x8e, 0x7b, 0x6f, 0xe7, 0x2a, 0x64, 0x3a, 0xf7, 0x87, 0x5a, 0x96, 0x2c, 0x7d, 0x9f, 0x47, 0x9b,
+    0x75, 0xa5, 0x8f, 0x48, 0x3a, 0xad, 0xcc, 0xbe, 0x39, 0xbd, 0xf8, 0x88, 0x17, 0xb4, 0xdb, 0x68,
+    0xd1, 0xfa, 0x6a, 0x83, 0x4a, 0x97, 0x4b, 0x82, 0x85, 0x4d, 0x31, 0x72, 0xc2, 0x65, 0x89, 0xf4,
+    0x2a, 0x24, 0x8a, 0x2c, 0x5a, 0x5e, 0xbd, 0xcb, 0x3b, 0xaa, 0x5f, 0xd6, 0xa8, 0x4e, 0x15, 0x07,
+    0xe4, 0x85, 0x69, 0x1e, 0x6a, 0xc6, 0x64, 0x10, 0x3a, 0x40, 0xed, 0xf9, 0x16, 0x33, 0x72, 0xd1,
+    0x1f, 0x5b, 0x89, 0xb1, 0x7a, 0x0f, 0x92, 0x59, 0x84, 0xa7, 0x83, 0x5d, 0x7c, 0x18, 0xee, 0x22,
+    0x04, 0x45, 0x78, 0x29, 0x49, 0x7f, 0x12, 0x72, 0x30, 0x0b, 0x93, 0x1c, 0x10, 0xa7, 0x02, 0xc1,
+    0xff, 0x9b, 0x98, 0x86, 0x59, 0xb6, 0xe4, 0x3b, 0x8e, 0xec, 0xfd, 0xb8, 0x7a, 0x8c, 0x9e, 0x32,
+    0x31, 0x3a, 0x7b, 0xb4, 0x69, 0x2e, 0x3d, 0xe0, 0x8f, 0x06, 0x4f, 0x97, 0xc4, 0xf1, 0xf9, 0xe4,
+    0xca, 0xe4, 0x9b, 0x1b, 0x79, 0xe7, 0xcb, 0xa9, 0x31, 0xe1, 0x21, 0x33, 0xae, 0xda, 0x65, 0x17,
+    0x6e, 0xbb, 0x7e, 0xd0, 0x09, 0xdd, 0x4c, 0x95, 0x8d, 0x11, 0xe8, 0xc9, 0x7b, 0x0b, 0x37, 0x8b,
+    0x95, 0x65, 0x9e, 0x7f, 0x19, 0x14, 0xba, 0xdc, 0x33, 0xf6, 0x86, 0x6d, 0x11, 0x20, 0xab, 0x78,
+    0x5b, 0xc4, 0x7d, 0x4d, 0x29, 0x8c, 0x63, 0x07, 0x32, 0x1c, 0x34, 0x42, 0xaf, 0x5d, 0xcc, 0xae,
+    0xa0, 0x1a, 0x9d, 0xe2, 0x39, 0x45, 0x95, 0x4e, 0x8c, 0xfb, 0x5a, 0xe6, 0xc5, 0x76, 0x50, 0x5d,
+    0xd0, 0x7a, 0x74, 0x18, 0xc9, 0xf8, 0xae, 0x7f, 0x89, 0x3f, 0x65, 0x75, 0xc6, 0x3c, 0x68, 0x55,
+    0x2b, 0xa4, 0x94, 0xb7, 0xd9, 0x31, 0x58, 0x36, 0x37, 0xd8, 0x0b, 0xd1, 0xac, 0x17, 0xf4, 0xa6,
+    0xe5, 0x05, 0x77, 0x85, 0xe9, 0xa9, 0x81, 0xed, 0x36, 0x32, 0xb9, 0xfe, 0x12, 0x6a, 0x93, 0x70,
+    0x1e, 0xdb, 0x97, 0x2a, 0xf9, 0x60, 0x77, 0xa4, 0x88, 0xd5, 0xd7, 0x5a, 0x78, 0x41, 0x0f, 0x83,
+    0xba, 0x84, 0x72, 0xe1, 0x89, 0x5a, 0xf0, 0x98, 0x34, 0x25, 0x1e, 0xa0, 0xad, 0x90, 0x5d, 0x1f,
+    0x41, 0x5a, 0x92, 0x4e, 0x99, 0x93, 0x06, 0xd1, 0x8a, 0xc2, 0x70, 0x04, 0xc7, 0xbb, 0xc1, 0xec,
+    0x8f, 0xfb, 0x71, 0x7c, 0xa9, 0x0b, 0xdf, 0x0a, 0x8b, 0x28, 0xc2, 0x2b, 0x79, 0xc6, 0xa6, 0x3a,
+    0x74, 0x25, 0x91, 0xd3, 0xb9, 0xc2, 0x29, 0x43, 0x35, 0xcf, 0xac, 0x8f, 0x13, 0xed, 0x3a, 0xc9,
+    0xb9, 0xc7, 0x50, 0x8f, 0xcf, 0xeb, 0x1c, 0x5c, 0x20, 0xb3, 0xe2, 0xa9, 0xa1, 0x7b, 0xbd, 0x3f,
+    0x42, 0x19, 0xb0, 0x20, 0xdf, 0x22, 0xea, 0x15, 0x9e, 0x54, 0x8c, 0x0d, 0xcb, 0x50, 0x21, 0xcc,
+    0x8c, 0xb8, 0x53, 0x12, 0xef, 0xba, 0x33, 0xce, 0x9f, 0xbe, 0x3e, 0x22, 0x75, 0x2d, 0x46, 0x1a,
+    0x77, 0x66, 0xb3, 0xbd, 0xff, 0x73, 0xc5, 0x87, 0x21, 0x59, 0x50, 0x86, 0x1f, 0x06, 0xda, 0xe9,
+    0xd3, 0x39, 0x56, 0x76, 0x8f, 0x49, 0x42, 0xbb, 0x9d, 0xa9, 0x99, 0x7c, 0xca, 0xd7, 0x88, 0x75,
+    0x28, 0xe7, 0xb6, 0xd9, 0x9f, 0x80, 0xb4, 0xf2, 0x23, 0x4e, 0xf7, 0xd8, 0xa0, 0xfc, 0x14, 0x86,
+    0xe6, 0x46, 0x55, 0xeb, 0xaf, 0x18, 0x6d, 0x29, 0x22, 0xa4, 0x45, 0xf7, 0x1e, 0x81, 0x73, 0x50,
+    0x1d, 0x98, 0xb5, 0x44, 0xbf, 0xd1, 0x9b, 0x60, 0x9c, 0x43, 0x2b, 0x53, 0x74, 0xaa, 0xef, 0xa3,
+    0x6d, 0xf8, 0x5c, 0xbe, 0x4f, 0x6c, 0xa0, 0x51, 0x99, 0x87, 0x14, 0xc0, 0x77, 0xe0, 0xd7, 0xab,
+    0x96, 0x26, 0xbc, 0x11, 0x5f, 0xa5, 0x56, 0x18, 0x27, 0x60, 0x7a, 0x64, 0x1d, 0xcb, 0x4b, 0x58,
+    0x58, 0x87, 0x5f, 0x23, 0x6f, 0x3d, 0x8f, 0xc3, 0x26, 0x8a, 0xc8, 0x4b, 0xa3, 0xb6, 0x2c, 0x8e,
+    0xa3, 0x59, 0xbf, 0x8c, 0x7f, 0xf4, 0x79, 0x8a, 0x98, 0x6d, 0xa6, 0xef, 0xc9, 0x9d, 0xb0, 0x7d,
+    0x07, 0x06, 0x5a, 0x47, 0x0f, 0xce, 0xfe, 0xb6, 0x24, 0x9d, 0x6f, 0x15, 0x1c, 0x4c, 0xe2, 0xe1,
+    0xfc, 0xd8, 0xba, 0xe8, 0x1f, 0x07, 0x08, 0xff, 0x9a, 0x7a, 0x01, 0xb1, 0x76, 0x67, 0x7e, 0x12,
+    0x32, 0x79, 0x59, 0xda, 0x2f, 0x9f, 0xd1, 0x24, 0x9b, 0x90, 0xb3, 0x9e, 0xc8, 0x1a, 0x19, 0xc4,
+    0xc9, 0xa7, 0xb9, 0x75, 0x3f, 0x56, 0x27, 0x6d, 0x25, 0x77, 0xdd, 0x3a, 0xa2, 0x31, 0x85, 0x37,
+    0xd2, 0xb9, 0x48, 0xed, 0x0c, 0x26, 0xa7, 0x46, 0x91, 0xdb, 0xcd, 0x7b, 0xce, 0x8e, 0x69, 0xd4,
+    0x29, 0x67, 0xa8, 0x42, 0x1c, 0xef, 0x51, 0x0f, 0x2f, 0x3c, 0xa3, 0xdf, 0xa4, 0xa5, 0xf5, 0x27,
+    0xe7, 0xc6, 0x4b, 0x70, 0x2c, 0x77, 0x88, 0xd4, 0x2e, 0xd6, 0x11, 0xf0, 0x1a, 0xd8, 0x92, 0xf1,
+    0x1c, 0x18, 0xab, 0xdf, 0x3c, 0xbe, 0x7e, 0x9d, 0x90, 0x31, 0x7f, 0x54, 0x70, 0xf3, 0x0e, 0x02,
+    0xb8, 0x47, 0x4e, 0x14, 0x4c, 0x84, 0xf9, 0xa1, 0x2c, 0xc1, 0xb6, 0xae, 0xa5, 0x22, 0x5c, 0x9e,
+    0x43, 0x99, 0xae, 0xbb, 0x5c, 0x4d, 0x0f, 0xe8, 0x92, 0x26, 0xd8, 0x0a, 0xcf, 0x09, 0xc0, 0x6d,
+    0x8d, 0x38, 0x4d, 0x89, 0x6c, 0xd5, 0xd6, 0x33, 0x93, 0xcc, 0x6a, 0x25, 0x71, 0x74, 0xa7, 0xbb,
+    0x76, 0xe6, 0xad, 0x26, 0x7c, 0x1c, 0x20, 0x7a, 0x2d, 0x2b, 0x04, 0x81, 0x1b, 0x5f, 0x3b, 0x48,
+    0x06, 0x86, 0x44, 0xdc, 0x8c, 0xa1, 0x1b, 0x4b, 0x28, 0xef, 0x3b, 0x12, 0x18, 0x15, 0x03, 0x40,
+    0xfd, 0x58, 0xa4, 0x73, 0x9c, 0x68, 0xed, 0x02, 0x96, 0x08, 0x55, 0xb6, 0x72, 0x3e, 0x9f, 0xb3,
+    0x33, 0xf9, 0x47, 0x41, 0xac, 0xf0, 0x34, 0xd9, 0x97, 0xe2, 0xe7, 0x99, 0xcc, 0x43, 0xf8, 0x65,
+    0xc8, 0x27, 0xa7, 0xee, 0xbc, 0x39, 0xc2, 0x90, 0x29, 0x05, 0x89, 0x3d, 0xa6, 0x68, 0x64, 0x96,
+    0x6c, 0x78, 0x42, 0x25, 0xcc, 0x03, 0x45, 0xac, 0x95, 0xf5, 0x40, 0xc7, 0x73, 0xb9, 0x36, 0x0a,
+    0x97, 0xa6, 0xa2, 0x8a, 0xdc, 0xca, 0xb3, 0xe5, 0x2b, 0x12, 0x2e, 0x63, 0x19, 0x92, 0xaa, 0xf9,
+    0x59, 0x07, 0x41, 0xb8, 0xec, 0x52, 0x6a, 0x3e, 0x2a, 0xf8, 0x9c, 0x4c, 0xa7, 0xef, 0xcd, 0x2f,
+    0xa2, 0xd9, 0xa1, 0x17, 0xfc, 0x9b, 0x9c, 0x77, 0x94, 0x1f, 0xf2, 0xe8, 0xcd, 0xc4, 0x51, 0xdc,
+    0xde, 0x76, 0xc0, 0x96, 0xd7, 0xa7, 0x91, 0xd0, 0xc1, 0xc6, 0xbb, 0x5f, 0xfe, 0xa4, 0x6f, 0x54,
+    0x25, 0xa8, 0x20, 0x39, 0xc7, 0x6e, 0x67, 0x99, 0x7f, 0x21, 0xd5, 0xfb, 0x94, 0x8f, 0xf3, 0xa7,
+    0xeb, 0x09, 0xc3, 0x0b, 0xf7, 0xf6, 0xbe, 0x42, 0x7e, 0xcb, 0x67, 0xd4, 0x2a, 0xf2, 0x94, 0x71,
+    0x10, 0xd7, 0x23, 0xa4, 0xe7, 0x3f, 0x48, 0x0b, 0xc0, 0x2c, 0x09, 0x70, 0x40, 0xd9, 0x08, 0x82,
+    0xb4, 0x88, 0xc6, 0x6f, 0x97, 0x05, 0xcf, 0x37, 0x7c, 0xdc, 0xc0, 0x8a, 0x95, 0x08, 0x5a, 0x1e,
+    0x4f, 0x56, 0x26, 0xc0, 0x87, 0xcc, 0x39, 0x7e, 0xc2, 0x3b, 0xae, 0x2e, 0xff, 0x23, 0xc6, 0xed,
+    0x81, 0xf7, 0xc5, 0xf2, 0xb7, 0x54, 0xe0, 0xa5, 0xc3, 0xd1, 0x1c, 0x01, 0x41, 0x5e, 0xa1, 0x3b,
+    0x7a, 0x29, 0x25, 0x5d, 0xa7, 0x9d, 0x16, 0xec, 0x7d, 0x36, 0x72, 0xa5, 0x2b, 0x75, 0x3d, 0xc8,
+    0x0a, 0x49, 0xcc, 0xa7, 0x57, 0x20, 0x2d, 0xdd, 0x78, 0xf2, 0x4d, 0x36, 0x28, 0x3f, 0x05, 0xc0,
+    0xf1, 0x97, 0x2c, 0x08, 0x47, 0xe9, 0xdb, 0x94, 0xc6, 0x15, 0x23, 0x92, 0x42, 0x14, 0x99, 0x33,
+    0x3f, 0x36, 0xcf, 0x3a, 0x77, 0x71, 0x02, 0x4f, 0xc7, 0xff, 0x91, 0xbd, 0xfc, 0x69, 0xfe, 0xe5,
+    0xc4, 0xe8, 0x2f, 0x95, 0x67, 0xb8, 0xf4, 0x06, 0x79, 0x18, 0xff, 0x19, 0x96, 0x42, 0x62, 0x16,
+    0x60, 0xb7, 0xca, 0x5e, 0x17, 0x82, 0x73, 0x3a, 0xc5, 0xe8, 0x36, 0xe3, 0x43, 0x93, 0x30, 0x8a,
+    0x9b, 0x69, 0x2a, 0xf1, 0x07, 0x4b, 0x85, 0x73, 0x7b, 0x0f, 0x58, 0x47, 0x29, 0xb8, 0xac, 0x79,
+    0x55, 0xc8, 0xc9, 0xc3, 0x37, 0xd3, 0x5c, 0xa8, 0x7a, 0xe5, 0xea, 0x68, 0x97, 0xc5, 0xcb, 0xaf,
+    0xae, 0x16, 0x29, 0x6c, 0x27, 0x1a, 0xaa, 0xe1, 0xc4, 0x02, 0x84, 0xcc, 0xfd, 0xee, 0x57, 0x5c,
+    0xb5, 0x08, 0xd8, 0xf4, 0x14, 0x6a, 0x2a, 0xca, 0x70, 0xae, 0x94, 0x8d, 0x91, 0x51, 0xbb, 0xbf,
+    0x4e, 0xd6, 0x38, 0x5b, 0x04, 0xa3, 0xdc, 0x83, 0xce, 0x49, 0xfa, 0x29, 0xfb, 0x7a, 0x27, 0x4c,
+    0x80, 0x77, 0xdb, 0x69, 0x34, 0x3b, 0x05, 0x58, 0xcf, 0xa3, 0x48, 0x06, 0x45, 0x07, 0x40, 0x9a,
+    0x7b, 0xa9, 0x3b, 0xc6, 0x24, 0xf2, 0xf3, 0x11, 0x71, 0x44, 0x26, 0xa2, 0x2f, 0x2c, 0xdc, 0x69,
+    0xdf, 0xf6, 0xde, 0x0d, 0x54, 0xc8, 0x74, 0x2d, 0xcd, 0xb4, 0xef, 0x58, 0xfa, 0xfd, 0x8e, 0xf5,
+    0x24, 0x28, 0x3e, 0xa2, 0x44, 0x01, 0x82, 0x64, 0x73, 0x53, 0x81, 0xfc, 0x90, 0xd6, 0x12, 0x06,
+    0xea, 0x89, 0xdd, 0x90, 0x74, 0x99, 0x5b, 0xbf, 0x72, 0xb9, 0x33, 0xd3, 0x2e, 0xab, 0x75, 0xd0,
+    0x11, 0x57, 0x3d, 0x3f, 0x64, 0x50, 0xad, 0xf6, 0xcc, 0x5e, 0x5d, 0x77, 0x44, 0x80, 0xe9, 0x23,
+    0x61, 0x37, 0xd4, 0xc5, 0x94, 0xed, 0x96, 0xc7, 0xc9, 0x9a, 0x62, 0xe4, 0x47, 0xca, 0xd1, 0x2b,
+    0x9a, 0xe9, 0x34, 0x6a, 0x84, 0x24, 0x60, 0x8e, 0x77, 0x7d, 0x0c, 0x40, 0x2d, 0xe1, 0x4d, 0xd8,
+    0x54, 0x48, 0xd7, 0x58, 0xb4, 0xbc, 0xb9, 0x55, 0x76, 0x97, 0xbe, 0x6f, 0x93, 0x9c, 0x2a, 0x0e,
+    0xaf, 0x96, 0x37, 0xf7, 0xa4, 0x75, 0x4f, 0x1c, 0xc8, 0x70, 0xd0, 0xcb, 0xf9, 0xb7, 0xb6, 0xfd,
+    0x0b, 0xc9, 0xd2, 0x3c, 0xd4, 0x4f, 0xc8, 0x20, 0x74, 0x80, 0x19, 0x31, 0x2c, 0x66, 0xe4, 0x61,
+    0xf0, 0x17, 0x32, 0x93, 0xc4, 0x86, 0x3e, 0x69, 0xca, 0x67, 0x77, 0x95, 0x46, 0x4d, 0x78, 0x92,
+    0x3e, 0xb6, 0xd1, 0xa1, 0xf4, 0x1e, 0xe7, 0xb2, 0xcb, 0x8d, 0xc5, 0xba, 0xf8, 0x30, 0x1f, 0x44,
+    0xc5, 0x68, 0x31, 0x0e, 0xe4, 0xd7, 0x11, 0xfb, 0x75, 0x6a, 0xab, 0x1e, 0x92, 0x1b, 0x83, 0xb7,
+    0x08, 0x8a, 0xf0, 0x52, 0x92, 0xfe, 0x24, 0xe4, 0x60, 0x16, 0xe5, 0x38, 0x20, 0x8d, 0x04, 0x41,
+    0xf3, 0x54, 0x10, 0xfd, 0x82, 0x37, 0xd2, 0xad, 0xde, 0xf1, 0x8b, 0x9c, 0x4a, 0xa6, 0x98, 0xb2,
+    0x3d, 0xf5, 0xf3, 0xcf, 0xb2, 0xaf, 0x0b, 0x76, 0xdf, 0x1b, 0x39, 0xb3, 0xf4, 0xdb, 0xff, 0x64,
+    0xc6, 0x2b, 0x13, 0x60, 0xa2, 0x66, 0xfd, 0x3f, 0x61, 0xfc, 0x57, 0x17, 0x9e, 0xf0, 0x63, 0x97,
+    0x62, 0x74, 0xf6, 0xab, 0xd2, 0x5c, 0x7a, 0x03, 0xdd, 0x0c, 0x9e, 0xed, 0x4b, 0x21, 0x31, 0x0b,
+    0x99, 0xaa, 0x16, 0x04, 0xc2, 0x95, 0x8c, 0x4a, 0x63, 0xeb, 0xf0, 0x49, 0x21, 0x0a, 0xad, 0xf8,
+    0x57, 0x0b, 0xf5, 0x36, 0xf2, 0x0d, 0x55, 0x91, 0x62, 0x01, 0x42, 0x66, 0x9f, 0x77, 0xca, 0x2e,
+    0xac, 0xd5, 0x15, 0x99, 0xe2, 0xc4, 0xa3, 0xd8, 0xdc, 0xe6, 0x2c, 0xc2, 0xf5, 0x5c, 0x56, 0xdd,
+    0xdc, 0xb5, 0xfc, 0x63, 0x12, 0x79, 0x98, 0xe9, 0xd9, 0x22, 0x13, 0x51, 0xf6, 0x16, 0x6e, 0xd5,
+    0x27, 0x6b, 0x1c, 0xcc, 0x02, 0xb0, 0x6e, 0xa0, 0x67, 0xc5, 0x7d, 0xf5, 0x9c, 0x3d, 0xf2, 0x26,
+    0xe9, 0xca, 0xff, 0xfe, 0x32, 0x28, 0xb7, 0x7b, 0x66, 0x2f, 0xcf, 0xda, 0x22, 0x40, 0x95, 0xf0,
+    0x12, 0x14, 0x1f, 0x51, 0x22, 0xe1, 0x41, 0x32, 0xd8, 0xc8, 0xa1, 0x7e, 0x48, 0x6b, 0x09, 0x03,
+    0xb6, 0x4b, 0xfa, 0x9a, 0x52, 0xdb, 0xc6, 0x0e, 0x64, 0x38, 0x68, 0x84, 0x9d, 0xba, 0x5b, 0x9f,
+    0x4d, 0x95, 0x1a, 0x35, 0x42, 0x12, 0x30, 0x47, 0xda, 0xdf, 0x06, 0x20, 0xf7, 0x91, 0xc7, 0x6c,
+    0x83, 0x34, 0xf9, 0x07, 0x72, 0x8a, 0xe9, 0x9c, 0xdb, 0x35, 0xb4, 0x0f, 0x49, 0xec, 0xa0, 0xba,
+    0x78, 0xea, 0x19, 0xa8, 0x62, 0x43, 0x1f, 0xd5, 0x65, 0xd2, 0xda, 0xab, 0x23, 0xc7, 0x3c, 0x49,
+    0x63, 0xf4, 0xe8, 0x30, 0x51, 0x33, 0x9f, 0xfe, 0xd1, 0x7e, 0xca, 0xea, 0x4f, 0x78, 0xd0, 0xaa,
+    0x98, 0x2a, 0x08, 0x9f, 0x41, 0xfa, 0x69, 0xb7, 0x6f, 0x99, 0xa4, 0x4e, 0x25, 0x53, 0x4c, 0x59,
+    0x56, 0x8b, 0xeb, 0xad, 0x71, 0x62, 0xb0, 0x6c, 0x6e, 0x73, 0x16, 0x61, 0x9b, 0x2e, 0x2b, 0x8f,
+    0xad, 0x55, 0x0b, 0x02, 0x61, 0xab, 0x46, 0x25, 0xd0, 0x94, 0x78, 0xc5, 0xf1, 0x05, 0xb7, 0x7c,
+    0x09, 0x0a, 0xee, 0xc9, 0x11, 0x91, 0xc1, 0x19, 0x6c, 0x64, 0xb1, 0x3f, 0x24, 0xd4, 0xe5, 0xe0,
+    0xf2, 0xd4, 0x0e, 0x66, 0x01, 0x58, 0x37, 0x50, 0xd2, 0x83, 0xdf, 0x9b, 0x4e, 0xff, 0x79, 0x13,
+    0x3c, 0x75, 0xed, 0x54, 0x31, 0xc0, 0xee, 0x8b, 0xd3, 0x69, 0x6d, 0xb4, 0xf0, 0x82, 0x1e, 0xc5,
+    0xc7, 0xab, 0x0d, 0xfb, 0x21, 0x09, 0x18, 0xc2, 0x6d, 0x8e, 0x03, 0x10, 0x9a, 0xa9, 0x82, 0x36,
+    0xb7, 0xcb, 0xe4, 0x01, 0xd1, 0xb4, 0x23, 0xf3, 0x68, 0x4a, 0x3c, 0x83, 0x99, 0xe3, 0xba, 0x3e,
+    0x4c, 0x15, 0x04, 0xae, 0xc1, 0x7d, 0xd5, 0xba, 0xd6, 0xad, 0x52, 0x27, 0xf3, 0xc8, 0x26, 0xcd,
+    0x82, 0xb4, 0xe7, 0x9c, 0xf1, 0xe5, 0x0c, 0x61, 0xd7, 0x47, 0xe0, 0x08, 0x4d, 0xb5, 0x41, 0x1b,
+    0x79, 0x6a, 0x07, 0x33, 0xe1, 0x2c, 0xfa, 0x28, 0x69, 0xa0, 0x8e, 0xac, 0x27, 0x9e, 0xdd, 0xe8,
+    0xdd, 0x35, 0xe2, 0xf8, 0x91, 0x16, 0x7d, 0x14, 0xd5, 0x50, 0x47, 0x56, 0xf2, 0x4f, 0x8f, 0x74,
+    0x26, 0xeb, 0x02, 0x57, 0x81, 0xdf, 0x8b, 0x5d, 0x6b, 0xb7, 0x29, 0xf2, 0x98, 0x64, 0x13, 0x87,
+    0xe8, 0x4a, 0xe1, 0x65, 0xb1, 0x47, 0x52, 0x86, 0x6a, 0x5d, 0x9b, 0xdd, 0x26, 0x19, 0x74, 0x51,
+    0x13, 0x94, 0x01, 0xca, 0xa1, 0x8e, 0xa4, 0xcf, 0xd4, 0xba, 0xf5, 0x79, 0x4c, 0x32, 0xe8, 0xa2,
+    0xb1, 0x4d, 0xa0, 0xdd, 0x5d, 0x15, 0x38, 0xb8, 0x40, 0xa5, 0x07, 0x91, 0x81, 0xf6, 0xb9, 0x7e,
+    0x4a, 0x93, 0x40, 0x72, 0x4d, 0xdc, 0xce, 0xf1, 0xfe, 0x42, 0x69, 0x35, 0xeb, 0xdd, 0x25, 0x8d,
+    0x84, 0x32, 0xa3, 0x40, 0x7d, 0x44, 0x17, 0x2a, 0xff, 0xa8, 0xdb, 0x1a, 0x55, 0xa0, 0x42, 0x5b,
+    0x7f, 0xec, 0x43, 0xef, 0x6d, 0x8d, 0xe1, 0x63, 0x41, 0x4f, 0xb5, 0xbe, 0x3f, 0x8b, 0xde, 0xa8,
+    0xdb, 0xb3, 0xa6, 0x24, 0x1d, 0xb7, 0x66, 0x5f, 0xfd, 0xbf, 0x7c, 0x44, 0xea, 0x5a, 0x8c, 0x34,
+    0x20, 0x6d, 0x46, 0x8b, 0x0d, 0x7e, 0x90, 0x16, 0x43, 0x58, 0x12, 0xe0, 0x80, 0x71, 0x10, 0xc7,
+    0xee, 0xcc, 0xa5, 0xb9, 0x3d, 0xe6, 0x49, 0xcd, 0x42, 0xb2, 0xa0, 0xcf, 0x3e, 0x0c, 0x77, 0x11,
+    0x15, 0x12, 0x45, 0x16, 0x2d, 0x2f, 0xbf, 0x84, 0xfc, 0x55, 0xce, 0x6b, 0x54, 0x27, 0xeb, 0xe2,
+    0x65, 0x72, 0xac, 0xec, 0xdd, 0x92, 0x84, 0xb5, 0xf9, 0x91, 0xf1, 0xf8, 0x57, 0x6d, 0xd3, 0xea,
+    0x9e, 0xac, 0x4c, 0x43, 0xcd, 0x5b, 0x72, 0xfc, 0x47, 0x76, 0x9f, 0x5c, 0x3d, 0x46, 0x4f, 0x19,
+    0x50, 0x0d, 0xaf, 0x71, 0xfd, 0xc3, 0xab, 0x27, 0x46, 0x9c, 0x2d, 0x73, 0x83, 0x3b, 0x28, 0xcf,
+    0xab, 0xd3, 0x4f, 0xde, 0xed, 0x0a, 0x5d, 0x6e, 0xf8, 0x7b, 0x43, 0xd7, 0xe9, 0x10, 0xb4, 0x3c,
+    0x0f, 0x8c, 0xaa, 0x15, 0x9d, 0x30, 0xda, 0x52, 0x44, 0x8b, 0x8a, 0x2d, 0x3c, 0xc1, 0xe6, 0xa0,
+    0xf4, 0x52, 0x4a, 0xba, 0x8d, 0xf9, 0x2c, 0x1b, 0xfa, 0x6c, 0xe4, 0x89, 0x56, 0xea, 0x7a, 0x53,
+    0x3a, 0xf3, 0xa9, 0x88, 0xbd, 0x61, 0xf5, 0xc0, 0xfb, 0x86, 0x56, 0xa6, 0xe8, 0x97, 0x1d, 0x85,
+    0xc1, 0x2d, 0x49, 0x27, 0xad, 0xa8, 0x03, 0x89, 0x45, 0x61, 0x38, 0x02, 0x82, 0xbc, 0x81, 0x76,
+    0xda, 0x33, 0xb8, 0xbf, 0x9e, 0xd8, 0x83, 0xa2, 0xf1, 0xcd, 0x28, 0x43, 0xee, 0x03, 0x6d, 0x95,
+    0x21, 0xed, 0x58, 0x10, 0x8e, 0x11, 0x75, 0xeb, 0x4f, 0x2a, 0x46, 0xe7, 0x84, 0x28, 0xf1, 0x66,
+    0xef, 0x4c, 0xbb, 0x22, 0xbe, 0x89, 0xac, 0x30, 0x4e, 0xc0, 0xf4, 0xc8, 0x3a, 0x55, 0x96, 0xb0,
+    0x14, 0x92, 0x5b, 0x8d, 0xae, 0x40, 0x5a, 0x79, 0xf0, 0x27, 0x9a, 0x6c, 0x50, 0x7e, 0x0a, 0x43,
+    0xb0, 0xcd, 0xbe, 0x46, 0xde, 0x7a, 0xdd, 0x45, 0x4c, 0xd7, 0x53, 0x96, 0x85, 0xaf, 0x58, 0xdf,
+    0x4b, 0x13, 0x5e, 0xe9, 0xce, 0xb3, 0x2b, 0x0c, 0xf2, 0x30, 0x3d, 0x32, 0xef, 0x84, 0xc4, 0x2c,
+    0x85, 0xb2, 0xbd, 0xdb, 0xfe, 0x2b, 0xf2, 0xd7, 0xf3, 0xda, 0x8f, 0x1d, 0x51, 0xf9, 0xa3, 0xfa,
+    0x7e, 0x6c, 0x5d, 0x74, 0xee, 0xe2, 0x04, 0x9e, 0x4d, 0x3d, 0xe1, 0xb9, 0x3b, 0xd2, 0x3f, 0x09,
+    0x0e, 0x0c, 0xb4, 0x8e, 0x1e, 0x5f, 0x3f, 0xaf, 0x48, 0xf9, 0xde, 0x2a, 0x38, 0x98, 0x07, 0x01,
+    0xf5, 0xd2, 0x54, 0x21, 0x0e, 0x96, 0xc9, 0xe6, 0xf6, 0x1e, 0xb0, 0x8e, 0x52, 0xb3, 0x9b, 0xf2,
+    0x3b, 0x73, 0xb7, 0x13, 0x3e, 0x0e, 0x10, 0x3d, 0xf7, 0xf4, 0x02, 0xa1, 0xec, 0xce, 0xfc, 0x24,
+    0xc0, 0xad, 0x57, 0xbc, 0x2e, 0xc7, 0xe6, 0x74, 0x49, 0x13, 0x6c, 0x05, 0x86, 0xe5, 0x60, 0xd7,
+    0x64, 0xf2, 0xb2, 0x77, 0x5e, 0xfd, 0x61, 0x48, 0xf5, 0xe3, 0xa5, 0xff, 0x53, 0x34, 0x32, 0x4b,
+    0x9f, 0x2c, 0x52, 0xd8, 0x4e, 0x34, 0x97, 0x01, 0x4b, 0x04, 0xcb, 0x5b, 0x39, 0x1f, 0xae, 0xb8,
+    0x51, 0x8d, 0xb1, 0xea, 0x7e, 0xac, 0x4e, 0xda, 0x4a, 0xee, 0x79, 0x74, 0x87, 0x62, 0xc9, 0x6e,
+    0xaa, 0x53, 0x51, 0x45, 0x6e, 0x65, 0xb8, 0x93, 0xf4, 0x09, 0x17, 0xd0, 0xed, 0x49, 0x55, 0x9d,
+    0x67, 0xb1, 0x90, 0x19, 0x18, 0x4c, 0x8d, 0x8c, 0xe1, 0x75, 0x59, 0xf6, 0x5f, 0xdf, 0xd2, 0x6b,
+    0x9c, 0x6f, 0x70, 0xb6, 0x08, 0x85, 0x7b, 0xc5, 0x5f, 0x92, 0x37, 0x52, 0x35, 0xf4, 0x4e, 0x98,
+    0x52, 0xce, 0x93, 0x84, 0x38, 0x1d, 0xa2, 0x1e, 0x5e, 0x78, 0x85, 0x7d, 0x8b, 0x89, 0x29, 0x4e,
+    0xa9, 0x10, 0x73, 0x2b, 0x28, 0xd4, 0x54, 0x57, 0xe0, 0x9f, 0xeb, 0xd9, 0xe1, 0xa2, 0xb5, 0xbd,
+    0x0d, 0x4f, 0x96, 0xe0, 0x58, 0xee, 0xd3, 0x6b, 0x5c, 0x6f, 0x22, 0x23, 0x34, 0x73, 0xe7, 0x21,
+    0xf6, 0x91, 0x76, 0x4f, 0x48, 0x27, 0x25, 0x22, 0xe2, 0x88, 0x4c, 0x87, 0x5e, 0x58, 0x7b, 0xd2,
+    0x38, 0x30, 0x95, 0x7d, 0x78, 0xbf, 0xfc, 0xf9, 0xe3, 0x62, 0xfe, 0xa8, 0xe0, 0x25, 0x1c, 0x04,
+    0xc3, 0xee, 0x75, 0xd2, 0x68, 0x76, 0x0a, 0xb0, 0x5d, 0x85, 0x90, 0x0c, 0x8a, 0x0e, 0x80, 0xf7,
+    0xb3, 0x8e, 0x9c, 0x28, 0x98, 0xcb, 0x31, 0x81, 0x58, 0x41, 0xaf, 0x9f, 0x89, 0x44, 0xb8, 0xff,
+    0x48, 0x50, 0x7c, 0x87, 0x88, 0x02, 0xc7, 0xc8, 0xe6, 0xa6, 0xc1, 0x3b, 0xe3, 0x6f, 0x24, 0x0c,
+    0x86, 0xf1, 0x9f, 0xb5, 0xb8, 0x9a, 0x1e, 0x13, 0xe7, 0x4c, 0x73, 0x14, 0x5d, 0x12, 0x43, 0xda,
+    0x7d, 0x2f, 0x7f, 0x1a, 0xa8, 0x53, 0xe8, 0x5a, 0x59, 0xab, 0x1d, 0xb0, 0x37, 0x39, 0xdf, 0x29,
+    0xd9, 0x70, 0x9a, 0xd1, 0xd8, 0x69, 0x6f, 0x66, 0xe5, 0x5b, 0xd4, 0x4a, 0xe2, 0xe8, 0x8d, 0xb5,
+    0x22, 0xae, 0x7a, 0x7e, 0xc8, 0xa0, 0x99, 0x2f, 0x5b, 0xbc, 0xba, 0xee, 0x88, 0xc3, 0x11, 0x46,
+    0xec, 0x0f, 0x99, 0x4c, 0xf8, 0x38, 0x40, 0xf4, 0x5a, 0x56, 0x08, 0xc1, 0x36, 0xbe, 0x76, 0x90,
+    0x17, 0xd1, 0x79, 0xe3, 0xe8, 0xf1, 0xb6, 0xbd, 0xe4, 0xb1, 0x66, 0x65, 0x5c, 0x95, 0xea, 0x63,
+    0x0c, 0xcf, 0x88, 0x7b, 0xdb, 0x81, 0x36, 0x96, 0x50, 0x1d, 0x76, 0x24, 0x30, 0x2a, 0x06, 0x80,
+    0xf7, 0x11, 0x68, 0xd4, 0xcb, 0x48, 0xc0, 0xdf, 0xee, 0xfa, 0x18, 0x80, 0x5a, 0x01, 0x9a, 0x73,
+    0x39, 0xb0, 0x8b, 0xe6, 0xfb, 0xd0, 0x19, 0x04, 0xef, 0x10, 0xaa, 0xaf, 0xe4, 0x7c, 0xfd, 0xa5,
+    0xc2, 0x6e, 0x6b, 0x49, 0xeb, 0x19, 0xef, 0x4d, 0x51, 0xf7, 0xc4, 0x0b, 0x8e, 0x57, 0x61, 0x56,
+    0x66, 0x31, 0x8e, 0x82, 0x9b, 0x23, 0x68, 0x71, 0xed, 0x07, 0x0d, 0xf1, 0x5b, 0x86, 0x33, 0xca,
+    0x9d, 0xef, 0x6e, 0x2d, 0x8b, 0xea, 0x9e, 0x38, 0x53, 0xe0, 0x63, 0x55, 0x31, 0xad, 0xaf, 0x39,
+    0x53, 0x4e, 0x8d, 0x1f, 0xbb, 0x72, 0x47, 0xe3, 0x52, 0x0a, 0xd1, 0x7a, 0x8f, 0xd0, 0xc8, 0xef,
+    0xa8, 0x90, 0x6d, 0xb0, 0xab, 0xbb, 0xb1, 0xaa, 0xec, 0xed, 0xbf, 0xde, 0xe5, 0xfb, 0x54, 0x1c,
+    0xd8, 0xf0, 0x84, 0x4a, 0x5b, 0x06, 0x8a, 0x9b, 0xe9, 0x29, 0x80, 0x4d, 0xe6, 0xb1, 0x6c, 0x14,
+    0x23, 0x2e, 0x64, 0xe5, 0x4b, 0xcf, 0x7c, 0xd2, 0x57, 0xce, 0xee, 0xe9, 0x8c, 0x9a, 0xf0, 0xe7,
+    0xed, 0x8f, 0x87, 0xd7, 0x7b, 0x57, 0xa5, 0x09, 0x56, 0x24, 0x5c, 0xc6, 0x32, 0xe7, 0x97, 0x31,
+    0x16, 0x51, 0x67, 0x78, 0x6b, 0x9e, 0x53, 0x40, 0xe8, 0xc3, 0x32, 0x62, 0x58, 0xcc, 0x0b, 0xc2,
+    0xb2, 0x0e, 0x82, 0xb3, 0x1b, 0xa4, 0xd4, 0x7c, 0x54, 0x33, 0xfb, 0x98, 0x8d, 0x1d, 0x59, 0x5e,
+    0x49, 0xd0, 0x62, 0x1c, 0x0b, 0x6d, 0x22, 0x35, 0xea, 0xd4, 0x95, 0x3c, 0xe7, 0x36, 0xc5, 0xad,
+    0x87, 0x71, 0x81, 0x2e, 0x3b, 0xf5, 0xfb, 0xee, 0xeb, 0x3e, 0x27, 0x13, 0x59, 0x4b, 0xa2, 0x7b,
+    0x7c, 0xaf, 0x61, 0x81, 0x2b, 0x3c, 0x0d, 0xa7, 0x55, 0xd9, 0x49, 0xb7, 0x33, 0x60, 0x3e, 0x88,
+  },
+  { /* 9 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x01, 0x6f, 0x5a, 0x3d, 0xbf, 0xad, 0xee, 0xab, 0xf1, 0xc4, 0xaf, 0x02, 0xd6, 0x1c, 0x89, 0xf2,
+    0x02, 0xde, 0xb4, 0x7a, 0xbd, 0x99, 0x1f, 0x95, 0x21, 0x4b, 0x9d, 0x04, 0x6f, 0x38, 0xd1, 0x27,
+    0x03, 0xb1, 0xee, 0x47, 0x02, 0x34, 0xf1, 0x3e, 0xd0, 0x8f, 0x32, 0x06, 0xb9, 0x24, 0x58, 0xd5,
+    0x04, 0x7f, 0xab, 0xf4, 0xb9, 0xf1, 0x3e, 0xe9, 0x42, 0x96, 0xf9, 0x08, 0xde, 0x70, 0x61, 0x4e,
+    0x05, 0x10, 0xf1, 0xc9, 0x06, 0x5c, 0xd0, 0x42, 0xb3, 0x52, 0x56, 0x0a, 0x08, 0x6c, 0xe8, 0xbc,
+    0x06, 0xa1, 0x1f, 0x8e, 0x04, 0x68, 0x21, 0x7c, 0x63, 0xdd, 0x64, 0x0c, 0xb1, 0x48, 0xb0, 0x69,
+    0x07, 0xce, 0x45, 0xb3, 0xbb, 0xc5, 0xcf, 0xd7, 0x92, 0x19, 0xcb, 0x0e, 0x67, 0x54, 0x39, 0x9b,
+    0x08, 0xfe, 0x95, 0x2b, 0xb1, 0x21, 0x7c, 0x11, 0x84, 0xef, 0x31, 0x10, 0x7f, 0xe0, 0xc2, 0x9c,
+    0x09, 0x91, 0xcf, 0x16, 0x0e, 0x8c, 0x92, 0xba, 0x75, 0x2b, 0x9e, 0x12, 0xa9, 0xfc, 0x4b, 0x6e,
+    0x0a, 0x20, 0x21, 0x51, 0x0c, 0xb8, 0x63, 0x84, 0xa5, 0xa4, 0xac, 0x14, 0x10, 0xd8, 0x13, 0xbb,
+    0x0b, 0x4f, 0x7b, 0x6c, 0xb3, 0x15, 0x8d, 0x2f, 0x54, 0x60, 0x03, 0x16, 0xc6, 0xc4, 0x9a, 0x49,
+    0x0c, 0x81, 0x3e, 0xdf, 0x08, 0xd0, 0x42, 0xf8, 0xc6, 0x79, 0xc8, 0x18, 0xa1, 0x90, 0xa3, 0xd2,
+    0x0d, 0xee, 0x64, 0xe2, 0xb7, 0x7d, 0xac, 0x53, 0x37, 0xbd, 0x67, 0x1a, 0x77, 0x8c, 0x2a, 0x20,
+    0x0e, 0x5f, 0x8a, 0xa5, 0xb5, 0x49, 0x5d, 0x6d, 0xe7, 0x32, 0x55, 0x1c, 0xce, 0xa8, 0x72, 0xf5,
+    0x0f, 0x30, 0xd0, 0x98, 0x0a, 0xe4, 0xb3, 0xc6, 0x16, 0xf6, 0xfa, 0x1e, 0x18, 0xb4, 0xfb, 0x07,
+    0x10, 0x3f, 0xe9, 0x56, 0xa1, 0x42, 0xf8, 0x22, 0xcb, 0x1d, 0x62, 0x20, 0xfe, 0x03, 0x47, 0xfb,
+    0x11, 0x50, 0xb3, 0x6b, 0x1e, 0xef, 0x16, 0x89, 0x3a, 0xd9, 0xcd, 0x22, 0x28, 0x1f, 0xce, 0x09,
+    0x12, 0xe1, 0x5d, 0x2c, 0x1c, 0xdb, 0xe7, 0xb7, 0xea, 0x56, 0xff, 0x24, 0x91, 0x3b, 0x96, 0xdc,
+    0x13, 0x8e, 0x07, 0x11, 0xa3, 0x76, 0x09, 0x1c, 0x1b, 0x92, 0x50, 0x26, 0x47, 0x27, 0x1f, 0x2e,
+    0x14, 0x40, 0x42, 0xa2, 0x18, 0xb3, 0xc6, 0xcb, 0x89, 0x8b, 0x9b, 0x28, 0x20, 0x73, 0x26, 0xb5,
+    0x15, 0x2f, 0x18, 0x9f, 0xa7, 0x1e, 0x28, 0x60, 0x78, 0x4f, 0x34, 0x2a, 0xf6, 0x6f, 0xaf, 0x47,
+    0x16, 0x9e, 0xf6, 0xd8, 0xa5, 0x2a, 0xd9, 0x5e, 0xa8, 0xc0, 0x06, 0x2c, 0x4f, 0x4b, 0xf7, 0x92,
+    0x17, 0xf1, 0xac, 0xe5, 0x1a, 0x87, 0x37, 0xf5, 0x59, 0x04, 0xa9, 0x2e, 0x99, 0x57, 0x7e, 0x60,
+    0x18, 0xc1, 0x7c, 0x7d, 0x10, 0x63, 0x84, 0x33, 0x4f, 0xf2, 0x53, 0x30, 0x81, 0xe3, 0x85, 0x67,
+    0x19, 0xae, 0x26, 0x40, 0xaf, 0xce, 0x6a, 0x98, 0xbe, 0x36, 0xfc, 0x32, 0x57, 0xff, 0x0c, 0x95,
+    0x1a, 0x1f, 0xc8, 0x07, 0xad, 0xfa, 0x9b, 0xa6, 0x6e, 0xb9, 0xce, 0x34, 0xee, 0xdb, 0x54, 0x40,
+    0x1b, 0x70, 0x92, 0x3a, 0x12, 0x57, 0x75, 0x0d, 0x9f, 0x7d, 0x61, 0x36, 0x38, 0xc7, 0xdd, 0xb2,
+    0x1c, 0xbe, 0xd7, 0x89, 0xa9, 0x92, 0xba, 0xda, 0x0d, 0x64, 0xaa, 0x38, 0x5f, 0x93, 0xe4, 0x29,
+    0x1d, 0xd1, 0x8d, 0xb4, 0x16, 0x3f, 0x54, 0x71, 0xfc, 0xa0, 0x05, 0x3a, 0x89, 0x8f, 0x6d, 0xdb,
+    0x1e, 0x60, 0x63, 0xf3, 0x14, 0x0b, 0xa5, 0x4f, 0x2c, 0x2f, 0x37, 0x3c, 0x30, 0xab, 0x35, 0x0e,
+    0x1f, 0x0f, 0x39, 0xce, 0xab, 0xa6, 0x4b, 0xe4, 0xdd, 0xeb, 0x98, 0x3e, 0xe6, 0xb7, 0xbc, 0xfc,
+    0x20, 0x7e, 0x11, 0xac, 0x81, 0x84, 0x33, 0x44, 0x55, 0x3a, 0xc4, 0x40, 0x3f, 0x06, 0x8e, 0x35,
+    0x21, 0x11, 0x4b, 0x91, 0x3e, 0x29, 0xdd, 0xef, 0xa4, 0xfe, 0x6b, 0x42, 0xe9, 0x1a, 0x07, 0xc7,
+    0x22, 0xa0, 0xa5, 0xd6, 0x3c, 0x1d, 0x2c, 0xd1, 0x74, 0x71, 0x59, 0x44, 0x50, 0x3e, 0x5f, 0x12,
+    0x23, 0xcf, 0xff, 0xeb, 0x83, 0xb0, 0xc2, 0x7a, 0x85, 0xb5, 0xf6, 0x46, 0x86, 0x22, 0xd6, 0xe0,
+    0x24, 0x01, 0xba, 0x58, 0x38, 0x75, 0x0d, 0xad, 0x17, 0xac, 0x3d, 0x48, 0xe1, 0x76, 0xef, 0x7b,
+    0x25, 0x6e, 0xe0, 0x65, 0x87, 0xd8, 0xe3, 0x06, 0xe6, 0x68, 0x92, 0x4a, 0x37, 0x6a, 0x66, 0x89,
+    0x26, 0xdf, 0x0e, 0x22, 0x85, 0xec, 0x12, 0x38, 0x36, 0xe7, 0xa0, 0x4c, 0x8e, 0x4e, 0x3e, 0x5c,
+    0x27, 0xb0, 0x54, 0x1f, 0x3a, 0x41, 0xfc, 0x93, 0xc7, 0x23, 0x0f, 0x4e, 0x58, 0x52, 0xb7, 0xae,
+    0x28, 0x80, 0x84, 0x87, 0x30, 0xa5, 0x4f, 0x55, 0xd1, 0xd5, 0xf5, 0x50, 0x40, 0xe6, 0x4c, 0xa9,
+    0x29, 0xef, 0xde, 0xba, 0x8f, 0x08, 0xa1, 0xfe, 0x20, 0x11, 0x5a, 0x52, 0x96, 0xfa, 0xc5, 0x5b,
+    0x2a, 0x5e, 0x30, 0xfd, 0x8d, 0x3c, 0x50, 0xc0, 0xf0, 0x9e, 0x68, 0x54, 0x2f, 0xde, 0x9d, 0x8e,
+    0x2b, 0x31, 0x6a, 0xc0, 0x32, 0x91, 0xbe, 0x6b, 0x01, 0x5a, 0xc7, 0x56, 0xf9, 0xc2, 0x14, 0x7c,
+    0x2c, 0xff, 0x2f, 0x73, 0x89, 0x54, 0x71, 0xbc, 0x93, 0x43, 0x0c, 0x58, 0x9e, 0x96, 0x2d, 0xe7,
+    0x2d, 0x90, 0x75, 0x4e, 0x36, 0xf9, 0x9f, 0x17, 0x62, 0x87, 0xa3, 0x5a, 0x48, 0x8a, 0xa4, 0x15,
+    0x2e, 0x21, 0x9b, 0x09, 0x34, 0xcd, 0x6e, 0x29, 0xb2, 0x08, 0x91, 0x5c, 0xf1, 0xae, 0xfc, 0xc0,
+    0x2f, 0x4e, 0xc1, 0x34, 0x8b, 0x60, 0x80, 0x82, 0x43, 0xcc, 0x3e, 0x5e, 0x27, 0xb2, 0x75, 0x32,
+    0x30, 0x41, 0xf8, 0xfa, 0x20, 0xc6, 0xcb, 0x66, 0x9e, 0x27, 0xa6, 0x60, 0xc1, 0x05, 0xc9, 0xce,
+    0x31, 0x2e, 0xa2, 0xc7, 0x9f, 0x6b, 0x25, 0xcd, 0x6f, 0xe3, 0x09, 0x62, 0x17, 0x19, 0x40, 0x3c,
+    0x32, 0x9f, 0x4c, 0x80, 0x9d, 0x5f, 0xd4, 0xf3, 0xbf, 0x6c, 0x3b, 0x64, 0xae, 0x3d, 0x18, 0xe9,
+    0x33, 0xf0, 0x16, 0xbd, 0x22, 0xf2, 0x3a, 0x58, 0x4e, 0xa8, 0x94, 0x66, 0x78, 0x21, 0x91, 0x1b,
+    0x34, 0x3e, 0x53, 0x0e, 0x99, 0x37, 0xf5, 0x8f, 0xdc, 0xb1, 0x5f, 0x68, 0x1f, 0x75, 0xa8, 0x80,
+    0x35, 0x51, 0x09, 0x33, 0x26, 0x9a, 0x1b, 0x24, 0x2d, 0x75, 0xf0, 0x6a, 0xc9, 0x69, 0x21, 0x72,
+    0x36, 0xe0, 0xe7, 0x74, 0x24, 0xae, 0xea, 0x1a, 0xfd, 0xfa, 0xc2, 0x6c, 0x70, 0x4d, 0x79, 0xa7,
+    0x37, 0x8f, 0xbd, 0x49, 0x9b, 0x03, 0x04, 0xb1, 0x0c, 0x3e, 0x6d, 0x6e, 0xa6, 0x51, 0xf0, 0x55,
+    0x38, 0xbf, 0x6d, 0xd1, 0x91, 0xe7, 0xb7, 0x77, 0x1a, 0xc8, 0x97, 0x70, 0xbe, 0xe5, 0x0b, 0x52,
+    0x39, 0xd0, 0x37, 0xec, 0x2e, 0x4a, 0x59, 0xdc, 0xeb, 0x0c, 0x38, 0x72, 0x68, 0xf9, 0x82, 0xa0,
+    0x3a, 0x61, 0xd9, 0xab, 0x2c, 0x7e, 0xa8, 0xe2, 0x3b, 0x83, 0x0a, 0x74, 0xd1, 0xdd, 0xda, 0x75,
+    0x3b, 0x0e, 0x83, 0x96, 0x93, 0xd3, 0x46, 0x49, 0xca, 0x47, 0xa5, 0x76, 0x07, 0xc1, 0x53, 0x87,
+    0x3c, 0xc0, 0xc6, 0x25, 0x28, 0x16, 0x89, 0x9e, 0x58, 0x5e, 0x6e, 0x78, 0x60, 0x95, 0x6a, 0x1c,
+    0x3d, 0xaf, 0x9c, 0x18, 0x97, 0xbb, 0x67, 0x35, 0xa9, 0x9a, 0xc1, 0x7a, 0xb6, 0x89, 0xe3, 0xee,
+    0x3e, 0x1e, 0x72, 0x5f, 0x95, 0x8f, 0x96, 0x0b, 0x79, 0x15, 0xf3, 0x7c, 0x0f, 0xad, 0xbb, 0x3b,
+    0x3f, 0x71, 0x28, 0x62, 0x2a, 0x22, 0x78, 0xa0, 0x88, 0xd1, 0x5c, 0x7e, 0xd9, 0xb1, 0x32, 0xc9,
+    0x40, 0xfc, 0x22, 0x9b, 0xc1, 0xcb, 0x66, 0x88, 0xaa, 0x74, 0x4b, 0x80, 0x7e, 0x0c, 0xdf, 0x6a,
+    0x41, 0x93, 0x78, 0xa6, 0x7e, 0x66, 0x88, 0x23, 0x5b, 0xb0, 0xe4, 0x82, 0xa8, 0x10, 0x56, 0x98,
+    0x42, 0x22, 0x96, 0xe1, 0x7c, 0x52, 0x79, 0x1d, 0x8b, 0x3f, 0xd6, 0x84, 0x11, 0x34, 0x0e, 0x4d,
+    0x43, 0x4d, 0xcc, 0xdc, 0xc3, 0xff, 0x97, 0xb6, 0x7a, 0xfb, 0x79, 0x86, 0xc7, 0x28, 0x87, 0xbf,
+    0x44, 0x83, 0x89, 0x6f, 0x78, 0x3a, 0x58, 0x61, 0xe8, 0xe2, 0xb2, 0x88, 0xa0, 0x7c, 0xbe, 0x24,
+    0x45, 0xec, 0xd3, 0x52, 0xc7, 0x97, 0xb6, 0xca, 0x19, 0x26, 0x1d, 0x8a, 0x76, 0x60, 0x37, 0xd6,
+    0x46, 0x5d, 0x3d, 0x15, 0xc5, 0xa3, 0x47, 0xf4, 0xc9, 0xa9, 0x2f, 0x8c, 0xcf, 0x44, 0x6f, 0x03,
+    0x47, 0x32, 0x67, 0x28, 0x7a, 0x0e, 0xa9, 0x5f, 0x38, 0x6d, 0x80, 0x8e, 0x19, 0x58, 0xe6, 0xf1,
+    0x48, 0x02, 0xb7, 0xb0, 0x70, 0xea, 0x1a, 0x99, 0x2e, 0x9b, 0x7a, 0x90, 0x01, 0xec, 0x1d, 0xf6,
+    0x49, 0x6d, 0xed, 0x8d, 0xcf, 0x47, 0xf4, 0x32, 0xdf, 0x5f, 0xd5, 0x92, 0xd7, 0xf0, 0x94, 0x04,
+    0x4a, 0xdc, 0x03, 0xca, 0xcd, 0x73, 0x05, 0x0c, 0x0f, 0xd0, 0xe7, 0x94, 0x6e, 0xd4, 0xcc, 0xd1,
+    0x4b, 0xb3, 0x59, 0xf7, 0x72, 0xde, 0xeb, 0xa7, 0xfe, 0x14, 0x48, 0x96, 0xb8, 0xc8, 0x45, 0x23,
+    0x4c, 0x7d, 0x1c, 0x44, 0xc9, 0x1b, 0x24, 0x70, 0x6c, 0x0d, 0x83, 0x98, 0xdf, 0x9c, 0x7c, 0xb8,
+    0x4d, 0x12, 0x46, 0x79, 0x76, 0xb6, 0xca, 0xdb, 0x9d, 0xc9, 0x2c, 0x9a, 0x09, 0x80, 0xf5, 0x4a,
+    0x4e, 0xa3, 0xa8, 0x3e, 0x74, 0x82, 0x3b, 0xe5, 0x4d, 0x46, 0x1e, 0x9c, 0xb0, 0xa4, 0xad, 0x9f,
+    0x4f, 0xcc, 0xf2, 0x03, 0xcb, 0x2f, 0xd5, 0x4e, 0xbc, 0x82, 0xb1, 0x9e, 0x66, 0xb8, 0x24, 0x6d,
+    0x50, 0xc3, 0xcb, 0xcd, 0x60, 0x89, 0x9e, 0xaa, 0x61, 0x69, 0x29, 0xa0, 0x80, 0x0f, 0x98, 0x91,
+    0x51, 0xac, 0x91, 0xf0, 0xdf, 0x24, 0x70, 0x01, 0x90, 0xad, 0x86, 0xa2, 0x56, 0x13, 0x11, 0x63,
+    0x52, 0x1d, 0x7f, 0xb7, 0xdd, 0x10, 0x81, 0x3f, 0x40, 0x22, 0xb4, 0xa4, 0xef, 0x37, 0x49, 0xb6,
+    0x53, 0x72, 0x25, 0x8a, 0x62, 0xbd, 0x6f, 0x94, 0xb1, 0xe6, 0x1b, 0xa6, 0x39, 0x2b, 0xc0, 0x44,
+    0x54, 0xbc, 0x60, 0x39, 0xd9, 0x78, 0xa0, 0x43, 0x23, 0xff, 0xd0, 0xa8, 0x5e, 0x7f, 0xf9, 0xdf,
+    0x55, 0xd3, 0x3a, 0x04, 0x66, 0xd5, 0x4e, 0xe8, 0xd2, 0x3b, 0x7f, 0xaa, 0x88, 0x63, 0x70, 0x2d,
+    0x56, 0x62, 0xd4, 0x43, 0x64, 0xe1, 0xbf, 0xd6, 0x02, 0xb4, 0x4d, 0xac, 0x31, 0x47, 0x28, 0xf8,
+    0x57, 0x0d, 0x8e, 0x7e, 0xdb, 0x4c, 0x51, 0x7d, 0xf3, 0x70, 0xe2, 0xae, 0xe7, 0x5b, 0xa1, 0x0a,
+    0x58, 0x3d, 0x5e, 0xe6, 0xd1, 0xa8, 0xe2, 0xbb, 0xe5, 0x86, 0x18, 0xb0, 0xff, 0xef, 0x5a, 0x0d,
+    0x59, 0x52, 0x04, 0xdb, 0x6e, 0x05, 0x0c, 0x10, 0x14, 0x42, 0xb7, 0xb2, 0x29, 0xf3, 0xd3, 0xff,
+    0x5a, 0xe3, 0xea, 0x9c, 0x6c, 0x31, 0xfd, 0x2e, 0xc4, 0xcd, 0x85, 0xb4, 0x90, 0xd7, 0x8b, 0x2a,
+    0x5b, 0x8c, 0xb0, 0xa1, 0xd3, 0x9c, 0x13, 0x85, 0x35, 0x09, 0x2a, 0xb6, 0x46, 0xcb, 0x02, 0xd8,
+    0x5c, 0x42, 0xf5, 0x12, 0x68, 0x59, 0xdc, 0x52, 0xa7, 0x10, 0xe1, 0xb8, 0x21, 0x9f, 0x3b, 0x43,
+    0x5d, 0x2d, 0xaf, 0x2f, 0xd7, 0xf4, 0x32, 0xf9, 0x56, 0xd4, 0x4e, 0xba, 0xf7, 0x83, 0xb2, 0xb1,
+    0x5e, 0x9c, 0x41, 0x68, 0xd5, 0xc0, 0xc3, 0xc7, 0x86, 0x5b, 0x7c, 0xbc, 0x4e, 0xa7, 0xea, 0x64,
+    0x5f, 0xf3, 0x1b, 0x55, 0x6a, 0x6d, 0x2d, 0x6c, 0x77, 0x9f, 0xd3, 0xbe, 0x98, 0xbb, 0x63, 0x96,
+    0x60, 0x82, 0x33, 0x37, 0x40, 0x4f, 0x55, 0xcc, 0xff, 0x4e, 0x8f, 0xc0, 0x41, 0x0a, 0x51, 0x5f,
+    0x61, 0xed, 0x69, 0x0a, 0xff, 0xe2, 0xbb, 0x67, 0x0e, 0x8a, 0x20, 0xc2, 0x97, 0x16, 0xd8, 0xad,
+    0x62, 0x5c, 0x87, 0x4d, 0xfd, 0xd6, 0x4a, 0x59, 0xde, 0x05, 0x12, 0xc4, 0x2e, 0x32, 0x80, 0x78,
+    0x63, 0x33, 0xdd, 0x70, 0x42, 0x7b, 0xa4, 0xf2, 0x2f, 0xc1, 0xbd, 0xc6, 0xf8, 0x2e, 0x09, 0x8a,
+    0x64, 0xfd, 0x98, 0xc3, 0xf9, 0xbe, 0x6b, 0x25, 0xbd, 0xd8, 0x76, 0xc8, 0x9f, 0x7a, 0x30, 0x11,
+    0x65, 0x92, 0xc2, 0xfe, 0x46, 0x13, 0x85, 0x8e, 0x4c, 0x1c, 0xd9, 0xca, 0x49, 0x66, 0xb9, 0xe3,
+    0x66, 0x23, 0x2c, 0xb9, 0x44, 0x27, 0x74, 0xb0, 0x9c, 0x93, 0xeb, 0xcc, 0xf0, 0x42, 0xe1, 0x36,
+    0x67, 0x4c, 0x76, 0x84, 0xfb, 0x8a, 0x9a, 0x1b, 0x6d, 0x57, 0x44, 0xce, 0x26, 0x5e, 0x68, 0xc4,
+    0x68, 0x7c, 0xa6, 0x1c, 0xf1, 0x6e, 0x29, 0xdd, 0x7b, 0xa1, 0xbe, 0xd0, 0x3e, 0xea, 0x93, 0xc3,
+    0x69, 0x13, 0xfc, 0x21, 0x4e, 0xc3, 0xc7, 0x76, 0x8a, 0x65, 0x11, 0xd2, 0xe8, 0xf6, 0x1a, 0x31,
+    0x6a, 0xa2, 0x12, 0x66, 0x4c, 0xf7, 0x36, 0x48, 0x5a, 0xea, 0x23, 0xd4, 0x51, 0xd2, 0x42, 0xe4,
+    0x6b, 0xcd, 0x48, 0x5b, 0xf3, 0x5a, 0xd8, 0xe3, 0xab, 0x2e, 0x8c, 0xd6, 0x87, 0xce, 0xcb, 0x16,
+    0x6c, 0x03, 0x0d, 0xe8, 0x48, 0x9f, 0x17, 0x34, 0x39, 0x37, 0x47, 0xd8, 0xe0, 0x9a, 0xf2, 0x8d,
+    0x6d, 0x6c, 0x57, 0xd5, 0xf7, 0x32, 0xf9, 0x9f, 0xc8, 0xf3, 0xe8, 0xda, 0x36, 0x86, 0x7b, 0x7f,
+    0x6e, 0xdd, 0xb9, 0x92, 0xf5, 0x06, 0x08, 0xa1, 0x18, 0x7c, 0xda, 0xdc, 0x8f, 0xa2, 0x23, 0xaa,
+    0x6f, 0xb2, 0xe3, 0xaf, 0x4a, 0xab, 0xe6, 0x0a, 0xe9, 0xb8, 0x75, 0xde, 0x59, 0xbe, 0xaa, 0x58,
+    0x70, 0xbd, 0xda, 0x61, 0xe1, 0x0d, 0xad, 0xee, 0x34, 0x53, 0xed, 0xe0, 0xbf, 0x09, 0x16, 0xa4,
+    0x71, 0xd2, 0x80, 0x5c, 0x5e, 0xa0, 0x43, 0x45, 0xc5, 0x97, 0x42, 0xe2, 0x69, 0x15, 0x9f, 0x56,
+    0x72, 0x63, 0x6e, 0x1b, 0x5c, 0x94, 0xb2, 0x7b, 0x15, 0x18, 0x70, 0xe4, 0xd0, 0x31, 0xc7, 0x83,
+    0x73, 0x0c, 0x34, 0x26, 0xe3, 0x39, 0x5c, 0xd0, 0xe4, 0xdc, 0xdf, 0xe6, 0x06, 0x2d, 0x4e, 0x71,
+    0x74, 0xc2, 0x71, 0x95, 0x58, 0xfc, 0x93, 0x07, 0x76, 0xc5, 0x14, 0xe8, 0x61, 0x79, 0x77, 0xea,
+    0x75, 0xad, 0x2b, 0xa8, 0xe7, 0x51, 0x7d, 0xac, 0x87, 0x01, 0xbb, 0xea, 0xb7, 0x65, 0xfe, 0x18,
+    0x76, 0x1c, 0xc5, 0xef, 0xe5, 0x65, 0x8c, 0x92, 0x57, 0x8e, 0x89, 0xec, 0x0e, 0x41, 0xa6, 0xcd,
+    0x77, 0x73, 0x9f, 0xd2, 0x5a, 0xc8, 0x62, 0x39, 0xa6, 0x4a, 0x26, 0xee, 0xd8, 0x5d, 0x2f, 0x3f,
+    0x78, 0x43, 0x4f, 0x4a, 0x50, 0x2c, 0xd1, 0xff, 0xb0, 0xbc, 0xdc, 0xf0, 0xc0, 0xe9, 0xd4, 0x38,
+    0x79, 0x2c, 0x15, 0x77, 0xef, 0x81, 0x3f, 0x54, 0x41, 0x78, 0x73, 0xf2, 0x16, 0xf5, 0x5d, 0xca,
+    0x7a, 0x9d, 0xfb, 0x30, 0xed, 0xb5, 0xce, 0x6a, 0x91, 0xf7, 0x41, 0xf4, 0xaf, 0xd1, 0x05, 0x1f,
+    0x7b, 0xf2, 0xa1, 0x0d, 0x52, 0x18, 0x20, 0xc1, 0x60, 0x33, 0xee, 0xf6, 0x79, 0xcd, 0x8c, 0xed,
+    0x7c, 0x3c, 0xe4, 0xbe, 0xe9, 0xdd, 0xef, 0x16, 0xf2, 0x2a, 0x25, 0xf8, 0x1e, 0x99, 0xb5, 0x76,
+    0x7d, 0x53, 0xbe, 0x83, 0x56, 0x70, 0x01, 0xbd, 0x03, 0xee, 0x8a, 0xfa, 0xc8, 0x85, 0x3c, 0x84,
+    0x7e, 0xe2, 0x50, 0xc4, 0x54, 0x44, 0xf0, 0x83, 0xd3, 0x61, 0xb8, 0xfc, 0x71, 0xa1, 0x64, 0x51,
+    0x7f, 0x8d, 0x0a, 0xf9, 0xeb, 0xe9, 0x1e, 0x28, 0x22, 0xa5, 0x17, 0xfe, 0xa7, 0xbd, 0xed, 0xa3,
+    0x80, 0x3b, 0x44, 0xf5, 0x41, 0x55, 0xcc, 0xd3, 0x97, 0xe8, 0x96, 0xc3, 0xfc, 0x18, 0x7d, 0xd4,
+    0x81, 0x54, 0x1e, 0xc8, 0xfe, 0xf8, 0x22, 0x78, 0x66, 0x2c, 0x39, 0xc1, 0x2a, 0x04, 0xf4, 0x26,
+    0x82, 0xe5, 0xf0, 0x8f, 0xfc, 0xcc, 0xd3, 0x46, 0xb6, 0xa3, 0x0b, 0xc7, 0x93, 0x20, 0xac, 0xf3,
+    0x83, 0x8a, 0xaa, 0xb2, 0x43, 0x61, 0x3d, 0xed, 0x47, 0x67, 0xa4, 0xc5, 0x45, 0x3c, 0x25, 0x01,
+    0x84, 0x44, 0xef, 0x01, 0xf8, 0xa4, 0xf2, 0x3a, 0xd5, 0x7e, 0x6f, 0xcb, 0x22, 0x68, 0x1c, 0x9a,
+    0x85, 0x2b, 0xb5, 0x3c, 0x47, 0x09, 0x1c, 0x91, 0x24, 0xba, 0xc0, 0xc9, 0xf4, 0x74, 0x95, 0x68,
+    0x86, 0x9a, 0x5b, 0x7b, 0x45, 0x3d, 0xed, 0xaf, 0xf4, 0x35, 0xf2, 0xcf, 0x4d, 0x50, 0xcd, 0xbd,
+    0x87, 0xf5, 0x01, 0x46, 0xfa, 0x90, 0x03, 0x04, 0x05, 0xf1, 0x5d, 0xcd, 0x9b, 0x4c, 0x44, 0x4f,
+    0x88, 0xc5, 0xd1, 0xde, 0xf0, 0x74, 0xb0, 0xc2, 0x13, 0x07, 0xa7, 0xd3, 0x83, 0xf8, 0xbf, 0x48,
+    0x89, 0xaa, 0x8b, 0xe3, 0x4f, 0xd9, 0x5e, 0x69, 0xe2, 0xc3, 0x08, 0xd1, 0x55, 0xe4, 0x36, 0xba,
+    0x8a, 0x1b, 0x65, 0xa4, 0x4d, 0xed, 0xaf, 0x57, 0x32, 0x4c, 0x3a, 0xd7, 0xec, 0xc0, 0x6e, 0x6f,
+    0x8b, 0x74, 0x3f, 0x99, 0xf2, 0x40, 0x41, 0xfc, 0xc3, 0x88, 0x95, 0xd5, 0x3a, 0xdc, 0xe7, 0x9d,
+    0x8c, 0xba, 0x7a, 0x2a, 0x49, 0x85, 0x8e, 0x2b, 0x51, 0x91, 0x5e, 0xdb, 0x5d, 0x88, 0xde, 0x06,
+    0x8d, 0xd5, 0x20, 0x17, 0xf6, 0x28, 0x60, 0x80, 0xa0, 0x55, 0xf1, 0xd9, 0x8b, 0x94, 0x57, 0xf4,
+    0x8e, 0x64, 0xce, 0x50, 0xf4, 0x1c, 0x91, 0xbe, 0x70, 0xda, 0xc3, 0xdf, 0x32, 0xb0, 0x0f, 0x21,
+    0x8f, 0x0b, 0x94, 0x6d, 0x4b, 0xb1, 0x7f, 0x15, 0x81, 0x1e, 0x6c, 0xdd, 0xe4, 0xac, 0x86, 0xd3,
+    0x90, 0x04, 0xad, 0xa3, 0xe0, 0x17, 0x34, 0xf1, 0x5c, 0xf5, 0xf4, 0xe3, 0x02, 0x1b, 0x3a, 0x2f,
+    0x91, 0x6b, 0xf7, 0x9e, 0x5f, 0xba, 0xda, 0x5a, 0xad, 0x31, 0x5b, 0xe1, 0xd4, 0x07, 0xb3, 0xdd,
+    0x92, 0xda, 0x19, 0xd9, 0x5d, 0x8e, 0x2b, 0x64, 0x7d, 0xbe, 0x69, 0xe7, 0x6d, 0x23, 0xeb, 0x08,
+    0x93, 0xb5, 0x43, 0xe4, 0xe2, 0x23, 0xc5, 0xcf, 0x8c, 0x7a, 0xc6, 0xe5, 0xbb, 0x3f, 0x62, 0xfa,
+    0x94, 0x7b, 0x06, 0x57, 0x59, 0xe6, 0x0a, 0x18, 0x1e, 0x63, 0x0d, 0xeb, 0xdc, 0x6b, 0x5b, 0x61,
+    0x95, 0x14, 0x5c, 0x6a, 0xe6, 0x4b, 0xe4, 0xb3, 0xef, 0xa7, 0xa2, 0xe9, 0x0a, 0x77, 0xd2, 0x93,
+    0x96, 0xa5, 0xb2, 0x2d, 0xe4, 0x7f, 0x15, 0x8d, 0x3f, 0x28, 0x90, 0xef, 0xb3, 0x53, 0x8a, 0x46,
+    0x97, 0xca, 0xe8, 0x10, 0x5b, 0xd2, 0xfb, 0x26, 0xce, 0xec, 0x3f, 0xed, 0x65, 0x4f, 0x03, 0xb4,
+    0x98, 0xfa, 0x38, 0x88, 0x51, 0x36, 0x48, 0xe0, 0xd8, 0x1a, 0xc5, 0xf3, 0x7d, 0xfb, 0xf8, 0xb3,
+    0x99, 0x95, 0x62, 0xb5, 0xee, 0x9b, 0xa6, 0x4b, 0x29, 0xde, 0x6a, 0xf1, 0xab, 0xe7, 0x71, 0x41,
+    0x9a, 0x24, 0x8c, 0xf2, 0xec, 0xaf, 0x57, 0x75, 0xf9, 0x51, 0x58, 0xf7, 0x12, 0xc3, 0x29, 0x94,
+    0x9b, 0x4b, 0xd6, 0xcf, 0x53, 0x02, 0xb9, 0xde, 0x08, 0x95, 0xf7, 0xf5, 0xc4, 0xdf, 0xa0, 0x66,
+    0x9c, 0x85, 0x93, 0x7c, 0xe8, 0xc7, 0x76, 0x09, 0x9a, 0x8c, 0x3c, 0xfb, 0xa3, 0x8b, 0x99, 0xfd,
+    0x9d, 0xea, 0xc9, 0x41, 0x57, 0x6a, 0x98, 0xa2, 0x6b, 0x48, 0x93, 0xf9, 0x75, 0x97, 0x10, 0x0f,
+    0x9e, 0x5b, 0x27, 0x06, 0x55, 0x5e, 0x69, 0x9c, 0xbb, 0xc7, 0xa1, 0xff, 0xcc, 0xb3, 0x48, 0xda,
+    0x9f, 0x34, 0x7d, 0x3b, 0xea, 0xf3, 0x87, 0x37, 0x4a, 0x03, 0x0e, 0xfd, 0x1a, 0xaf, 0xc1, 0x28,
+    0xa0, 0x45, 0x55, 0x59, 0xc0, 0xd1, 0xff, 0x97, 0xc2, 0xd2, 0x52, 0x83, 0xc3, 0x1e, 0xf3, 0xe1,
+    0xa1, 0x2a, 0x0f, 0x64, 0x7f, 0x7c, 0x11, 0x3c, 0x33, 0x16, 0xfd, 0x81, 0x15, 0x02, 0x7a, 0x13,
+    0xa2, 0x9b, 0xe1, 0x23, 0x7d, 0x48, 0xe0, 0x02, 0xe3, 0x99, 0xcf, 0x87, 0xac, 0x26, 0x22, 0xc6,
+    0xa3, 0xf4, 0xbb, 0x1e, 0xc2, 0xe5, 0x0e, 0xa9, 0x12, 0x5d, 0x60, 0x85, 0x7a, 0x3a, 0xab, 0x34,
+    0xa4, 0x3a, 0xfe, 0xad, 0x79, 0x20, 0xc1, 0x7e, 0x80, 0x44, 0xab, 0x8b, 0x1d, 0x6e, 0x92, 0xaf,
+    0xa5, 0x55, 0xa4, 0x90, 0xc6, 0x8d, 0x2f, 0xd5, 0x71, 0x80, 0x04, 0x89, 0xcb, 0x72, 0x1b, 0x5d,
+    0xa6, 0xe4, 0x4a, 0xd7, 0xc4, 0xb9, 0xde, 0xeb, 0xa1, 0x0f, 0x36, 0x8f, 0x72, 0x56, 0x43, 0x88,
+    0xa7, 0x8b, 0x10, 0xea, 0x7b, 0x14, 0x30, 0x40, 0x50, 0xcb, 0x99, 0x8d, 0xa4, 0x4a, 0xca, 0x7a,
+    0xa8, 0xbb, 0xc0, 0x72, 0x71, 0xf0, 0x83, 0x86, 0x46, 0x3d, 0x63, 0x93, 0xbc, 0xfe, 0x31, 0x7d,
+    0xa9, 0xd4, 0x9a, 0x4f, 0xce, 0x5d, 0x6d, 0x2d, 0xb7, 0xf9, 0xcc, 0x91, 0x6a, 0xe2, 0xb8, 0x8f,
+    0xaa, 0x65, 0x74, 0x08, 0xcc, 0x69, 0x9c, 0x13, 0x67, 0x76, 0xfe, 0x97, 0xd3, 0xc6, 0xe0, 0x5a,
+    0xab, 0x0a, 0x2e, 0x35, 0x73, 0xc4, 0x72, 0xb8, 0x96, 0xb2, 0x51, 0x95, 0x05, 0xda, 0x69, 0xa8,
+    0xac, 0xc4, 0x6b, 0x86, 0xc8, 0x01, 0xbd, 0x6f, 0x04, 0xab, 0x9a, 0x9b, 0x62, 0x8e, 0x50, 0x33,
+    0xad, 0xab, 0x31, 0xbb, 0x77, 0xac, 0x53, 0xc4, 0xf5, 0x6f, 0x35, 0x99, 0xb4, 0x92, 0xd9, 0xc1,
+    0xae, 0x1a, 0xdf, 0xfc, 0x75, 0x98, 0xa2, 0xfa, 0x25, 0xe0, 0x07, 0x9f, 0x0d, 0xb6, 0x81, 0x14,
+    0xaf, 0x75, 0x85, 0xc1, 0xca, 0x35, 0x4c, 0x51, 0xd4, 0x24, 0xa8, 0x9d, 0xdb, 0xaa, 0x08, 0xe6,
+    0xb0, 0x7a, 0xbc, 0x0f, 0x61, 0x93, 0x07, 0xb5, 0x09, 0xcf, 0x30, 0xa3, 0x3d, 0x1d, 0xb4, 0x1a,
+    0xb1, 0x15, 0xe6, 0x32, 0xde, 0x3e, 0xe9, 0x1e, 0xf8, 0x0b, 0x9f, 0xa1, 0xeb, 0x01, 0x3d, 0xe8,
+    0xb2, 0xa4, 0x08, 0x75, 0xdc, 0x0a, 0x18, 0x20, 0x28, 0x84, 0xad, 0xa7, 0x52, 0x25, 0x65, 0x3d,
+    0xb3, 0xcb, 0x52, 0x48, 0x63, 0xa7, 0xf6, 0x8b, 0xd9, 0x40, 0x02, 0xa5, 0x84, 0x39, 0xec, 0xcf,
+    0xb4, 0x05, 0x17, 0xfb, 0xd8, 0x62, 0x39, 0x5c, 0x4b, 0x59, 0xc9, 0xab, 0xe3, 0x6d, 0xd5, 0x54,
+    0xb5, 0x6a, 0x4d, 0xc6, 0x67, 0xcf, 0xd7, 0xf7, 0xba, 0x9d, 0x66, 0xa9, 0x35, 0x71, 0x5c, 0xa6,
+    0xb6, 0xdb, 0xa3, 0x81, 0x65, 0xfb, 0x26, 0xc9, 0x6a, 0x12, 0x54, 0xaf, 0x8c, 0x55, 0x04, 0x73,
+    0xb7, 0xb4, 0xf9, 0xbc, 0xda, 0x56, 0xc8, 0x62, 0x9b, 0xd6, 0xfb, 0xad, 0x5a, 0x49, 0x8d, 0x81,
+    0xb8, 0x84, 0x29, 0x24, 0xd0, 0xb2, 0x7b, 0xa4, 0x8d, 0x20, 0x01, 0xb3, 0x42, 0xfd, 0x76, 0x86,
+    0xb9, 0xeb, 0x73, 0x19, 0x6f, 0x1f, 0x95, 0x0f, 0x7c, 0xe4, 0xae, 0xb1, 0x94, 0xe1, 0xff, 0x74,
+    0xba, 0x5a, 0x9d, 0x5e, 0x6d, 0x2b, 0x64, 0x31, 0xac, 0x6b, 0x9c, 0xb7, 0x2d, 0xc5, 0xa7, 0xa1,
+    0xbb, 0x35, 0xc7, 0x63, 0xd2, 0x86, 0x8a, 0x9a, 0x5d, 0xaf, 0x33, 0xb5, 0xfb, 0xd9, 0x2e, 0x53,
+    0xbc, 0xfb, 0x82, 0xd0, 0x69, 0x43, 0x45, 0x4d, 0xcf, 0xb6, 0xf8, 0xbb, 0x9c, 0x8d, 0x17, 0xc8,
+    0xbd, 0x94, 0xd8, 0xed, 0xd6, 0xee, 0xab, 0xe6, 0x3e, 0x72, 0x57, 0xb9, 0x4a, 0x91, 0x9e, 0x3a,
+    0xbe, 0x25, 0x36, 0xaa, 0xd4, 0xda, 0x5a, 0xd8, 0xee, 0xfd, 0x65, 0xbf, 0xf3, 0xb5, 0xc6, 0xef,
+    0xbf, 0x4a, 0x6c, 0x97, 0x6b, 0x77, 0xb4, 0x73, 0x1f, 0x39, 0xca, 0xbd, 0x25, 0xa9, 0x4f, 0x1d,
+    0xc0, 0xc7, 0x66, 0x6e, 0x80, 0x9e, 0xaa, 0x5b, 0x3d, 0x9c, 0xdd, 0x43, 0x82, 0x14, 0xa2, 0xbe,
+    0xc1, 0xa8, 0x3c, 0x53, 0x3f, 0x33, 0x44, 0xf0, 0xcc, 0x58, 0x72, 0x41, 0x54, 0x08, 0x2b, 0x4c,
+    0xc2, 0x19, 0xd2, 0x14, 0x3d, 0x07, 0xb5, 0xce, 0x1c, 0xd7, 0x40, 0x47, 0xed, 0x2c, 0x73, 0x99,
+    0xc3, 0x76, 0x88, 0x29, 0x82, 0xaa, 0x5b, 0x65, 0xed, 0x13, 0xef, 0x45, 0x3b, 0x30, 0xfa, 0x6b,
+    0xc4, 0xb8, 0xcd, 0x9a, 0x39, 0x6f, 0x94, 0xb2, 0x7f, 0x0a, 0x24, 0x4b, 0x5c, 0x64, 0xc3, 0xf0,
+    0xc5, 0xd7, 0x97, 0xa7, 0x86, 0xc2, 0x7a, 0x19, 0x8e, 0xce, 0x8b, 0x49, 0x8a, 0x78, 0x4a, 0x02,
+    0xc6, 0x66, 0x79, 0xe0, 0x84, 0xf6, 0x8b, 0x27, 0x5e, 0x41, 0xb9, 0x4f, 0x33, 0x5c, 0x12, 0xd7,
+    0xc7, 0x09, 0x23, 0xdd, 0x3b, 0x5b, 0x65, 0x8c, 0xaf, 0x85, 0x16, 0x4d, 0xe5, 0x40, 0x9b, 0x25,
+    0xc8, 0x39, 0xf3, 0x45, 0x31, 0xbf, 0xd6, 0x4a, 0xb9, 0x73, 0xec, 0x53, 0xfd, 0xf4, 0x60, 0x22,
+    0xc9, 0x56, 0xa9, 0x78, 0x8e, 0x12, 0x38, 0xe1, 0x48, 0xb7, 0x43, 0x51, 0x2b, 0xe8, 0xe9, 0xd0,
+    0xca, 0xe7, 0x47, 0x3f, 0x8c, 0x26, 0xc9, 0xdf, 0x98, 0x38, 0x71, 0x57, 0x92, 0xcc, 0xb1, 0x05,
+    0xcb, 0x88, 0x1d, 0x02, 0x33, 0x8b, 0x27, 0x74, 0x69, 0xfc, 0xde, 0x55, 0x44, 0xd0, 0x38, 0xf7,
+    0xcc, 0x46, 0x58, 0xb1, 0x88, 0x4e, 0xe8, 0xa3, 0xfb, 0xe5, 0x15, 0x5b, 0x23, 0x84, 0x01, 0x6c,
+    0xcd, 0x29, 0x02, 0x8c, 0x37, 0xe3, 0x06, 0x08, 0x0a, 0x21, 0xba, 0x59, 0xf5, 0x98, 0x88, 0x9e,
+    0xce, 0x98, 0xec, 0xcb, 0x35, 0xd7, 0xf7, 0x36, 0xda, 0xae, 0x88, 0x5f, 0x4c, 0xbc, 0xd0, 0x4b,
+    0xcf, 0xf7, 0xb6, 0xf6, 0x8a, 0x7a, 0x19, 0x9d, 0x2b, 0x6a, 0x27, 0x5d, 0x9a, 0xa0, 0x59, 0xb9,
+    0xd0, 0xf8, 0x8f, 0x38, 0x21, 0xdc, 0x52, 0x79, 0xf6, 0x81, 0xbf, 0x63, 0x7c, 0x17, 0xe5, 0x45,
+    0xd1, 0x97, 0xd5, 0x05, 0x9e, 0x71, 0xbc, 0xd2, 0x07, 0x45, 0x10, 0x61, 0xaa, 0x0b, 0x6c, 0xb7,
+    0xd2, 0x26, 0x3b, 0x42, 0x9c, 0x45, 0x4d, 0xec, 0xd7, 0xca, 0x22, 0x67, 0x13, 0x2f, 0x34, 0x62,
+    0xd3, 0x49, 0x61, 0x7f, 0x23, 0xe8, 0xa3, 0x47, 0x26, 0x0e, 0x8d, 0x65, 0xc5, 0x33, 0xbd, 0x90,
+    0xd4, 0x87, 0x24, 0xcc, 0x98, 0x2d, 0x6c, 0x90, 0xb4, 0x17, 0x46, 0x6b, 0xa2, 0x67, 0x84, 0x0b,
+    0xd5, 0xe8, 0x7e, 0xf1, 0x27, 0x80, 0x82, 0x3b, 0x45, 0xd3, 0xe9, 0x69, 0x74, 0x7b, 0x0d, 0xf9,
+    0xd6, 0x59, 0x90, 0xb6, 0x25, 0xb4, 0x73, 0x05, 0x95, 0x5c, 0xdb, 0x6f, 0xcd, 0x5f, 0x55, 0x2c,
+    0xd7, 0x36, 0xca, 0x8b, 0x9a, 0x19, 0x9d, 0xae, 0x64, 0x98, 0x74, 0x6d, 0x1b, 0x43, 0xdc, 0xde,
+    0xd8, 0x06, 0x1a, 0x13, 0x90, 0xfd, 0x2e, 0x68, 0x72, 0x6e, 0x8e, 0x73, 0x03, 0xf7, 0x27, 0xd9,
+    0xd9, 0x69, 0x40, 0x2e, 0x2f, 0x50, 0xc0, 0xc3, 0x83, 0xaa, 0x21, 0x71, 0xd5, 0xeb, 0xae, 0x2b,
+    0xda, 0xd8, 0xae, 0x69, 0x2d, 0x64, 0x31, 0xfd, 0x53, 0x25, 0x13, 0x77, 0x6c, 0xcf, 0xf6, 0xfe,
+    0xdb, 0xb7, 0xf4, 0x54, 0x92, 0xc9, 0xdf, 0x56, 0xa2, 0xe1, 0xbc, 0x75, 0xba, 0xd3, 0x7f, 0x0c,
+    0xdc, 0x79, 0xb1, 0xe7, 0x29, 0x0c, 0x10, 0x81, 0x30, 0xf8, 0x77, 0x7b, 0xdd, 0x87, 0x46, 0x97,
+    0xdd, 0x16, 0xeb, 0xda, 0x96, 0xa1, 0xfe, 0x2a, 0xc1, 0x3c, 0xd8, 0x79, 0x0b, 0x9b, 0xcf, 0x65,
+    0xde, 0xa7, 0x05, 0x9d, 0x94, 0x95, 0x0f, 0x14, 0x11, 0xb3, 0xea, 0x7f, 0xb2, 0xbf, 0x97, 0xb0,
+    0xdf, 0xc8, 0x5f, 0xa0, 0x2b, 0x38, 0xe1, 0xbf, 0xe0, 0x77, 0x45, 0x7d, 0x64, 0xa3, 0x1e, 0x42,
+    0xe0, 0xb9, 0x77, 0xc2, 0x01, 0x1a, 0x99, 0x1f, 0x68, 0xa6, 0x19, 0x03, 0xbd, 0x12, 0x2c, 0x8b,
+    0xe1, 0xd6, 0x2d, 0xff, 0xbe, 0xb7, 0x77, 0xb4, 0x99, 0x62, 0xb6, 0x01, 0x6b, 0x0e, 0xa5, 0x79,
+    0xe2, 0x67, 0xc3, 0xb8, 0xbc, 0x83, 0x86, 0x8a, 0x49, 0xed, 0x84, 0x07, 0xd2, 0x2a, 0xfd, 0xac,
+    0xe3, 0x08, 0x99, 0x85, 0x03, 0x2e, 0x68, 0x21, 0xb8, 0x29, 0x2b, 0x05, 0x04, 0x36, 0x74, 0x5e,
+    0xe4, 0xc6, 0xdc, 0x36, 0xb8, 0xeb, 0xa7, 0xf6, 0x2a, 0x30, 0xe0, 0x0b, 0x63, 0x62, 0x4d, 0xc5,
+    0xe5, 0xa9, 0x86, 0x0b, 0x07, 0x46, 0x49, 0x5d, 0xdb, 0xf4, 0x4f, 0x09, 0xb5, 0x7e, 0xc4, 0x37,
+    0xe6, 0x18, 0x68, 0x4c, 0x05, 0x72, 0xb8, 0x63, 0x0b, 0x7b, 0x7d, 0x0f, 0x0c, 0x5a, 0x9c, 0xe2,
+    0xe7, 0x77, 0x32, 0x71, 0xba, 0xdf, 0x56, 0xc8, 0xfa, 0xbf, 0xd2, 0x0d, 0xda, 0x46, 0x15, 0x10,
+    0xe8, 0x47, 0xe2, 0xe9, 0xb0, 0x3b, 0xe5, 0x0e, 0xec, 0x49, 0x28, 0x13, 0xc2, 0xf2, 0xee, 0x17,
+    0xe9, 0x28, 0xb8, 0xd4, 0x0f, 0x96, 0x0b, 0xa5, 0x1d, 0x8d, 0x87, 0x11, 0x14, 0xee, 0x67, 0xe5,
+    0xea, 0x99, 0x56, 0x93, 0x0d, 0xa2, 0xfa, 0x9b, 0xcd, 0x02, 0xb5, 0x17, 0xad, 0xca, 0x3f, 0x30,
+    0xeb, 0xf6, 0x0c, 0xae, 0xb2, 0x0f, 0x14, 0x30, 0x3c, 0xc6, 0x1a, 0x15, 0x7b, 0xd6, 0xb6, 0xc2,
+    0xec, 0x38, 0x49, 0x1d, 0x09, 0xca, 0xdb, 0xe7, 0xae, 0xdf, 0xd1, 0x1b, 0x1c, 0x82, 0x8f, 0x59,
+    0xed, 0x57, 0x13, 0x20, 0xb6, 0x67, 0x35, 0x4c, 0x5f, 0x1b, 0x7e, 0x19, 0xca, 0x9e, 0x06, 0xab,
+    0xee, 0xe6, 0xfd, 0x67, 0xb4, 0x53, 0xc4, 0x72, 0x8f, 0x94, 0x4c, 0x1f, 0x73, 0xba, 0x5e, 0x7e,
+    0xef, 0x89, 0xa7, 0x5a, 0x0b, 0xfe, 0x2a, 0xd9, 0x7e, 0x50, 0xe3, 0x1d, 0xa5, 0xa6, 0xd7, 0x8c,
+    0xf0, 0x86, 0x9e, 0x94, 0xa0, 0x58, 0x61, 0x3d, 0xa3, 0xbb, 0x7b, 0x23, 0x43, 0x11, 0x6b, 0x70,
+    0xf1, 0xe9, 0xc4, 0xa9, 0x1f, 0xf5, 0x8f, 0x96, 0x52, 0x7f, 0xd4, 0x21, 0x95, 0x0d, 0xe2, 0x82,
+    0xf2, 0x58, 0x2a, 0xee, 0x1d, 0xc1, 0x7e, 0xa8, 0x82, 0xf0, 0xe6, 0x27, 0x2c, 0x29, 0xba, 0x57,
+    0xf3, 0x37, 0x70, 0xd3, 0xa2, 0x6c, 0x90, 0x03, 0x73, 0x34, 0x49, 0x25, 0xfa, 0x35, 0x33, 0xa5,
+    0xf4, 0xf9, 0x35, 0x60, 0x19, 0xa9, 0x5f, 0xd4, 0xe1, 0x2d, 0x82, 0x2b, 0x9d, 0x61, 0x0a, 0x3e,
+    0xf5, 0x96, 0x6f, 0x5d, 0xa6, 0x04, 0xb1, 0x7f, 0x10, 0xe9, 0x2d, 0x29, 0x4b, 0x7d, 0x83, 0xcc,
+    0xf6, 0x27, 0x81, 0x1a, 0xa4, 0x30, 0x40, 0x41, 0xc0, 0x66, 0x1f, 0x2f, 0xf2, 0x59, 0xdb, 0x19,
+    0xf7, 0x48, 0xdb, 0x27, 0x1b, 0x9d, 0xae, 0xea, 0x31, 0xa2, 0xb0, 0x2d, 0x24, 0x45, 0x52, 0xeb,
+    0xf8, 0x78, 0x0b, 0xbf, 0x11, 0x79, 0x1d, 0x2c, 0x27, 0x54, 0x4a, 0x33, 0x3c, 0xf1, 0xa9, 0xec,
+    0xf9, 0x17, 0x51, 0x82, 0xae, 0xd4, 0xf3, 0x87, 0xd6, 0x90, 0xe5, 0x31, 0xea, 0xed, 0x20, 0x1e,
+    0xfa, 0xa6, 0xbf, 0xc5, 0xac, 0xe0, 0x02, 0xb9, 0x06, 0x1f, 0xd7, 0x37, 0x53, 0xc9, 0x78, 0xcb,
+    0xfb, 0xc9, 0xe5, 0xf8, 0x13, 0x4d, 0xec, 0x12, 0xf7, 0xdb, 0x78, 0x35, 0x85, 0xd5, 0xf1, 0x39,
+    0xfc, 0x07, 0xa0, 0x4b, 0xa8, 0x88, 0x23, 0xc5, 0x65, 0xc2, 0xb3, 0x3b, 0xe2, 0x81, 0xc8, 0xa2,
+    0xfd, 0x68, 0xfa, 0x76, 0x17, 0x25, 0xcd, 0x6e, 0x94, 0x06, 0x1c, 0x39, 0x34, 0x9d, 0x41, 0x50,
+    0xfe, 0xd9, 0x14, 0x31, 0x15, 0x11, 0x3c, 0x50, 0x44, 0x89, 0x2e, 0x3f, 0x8d, 0xb9, 0x19, 0x85,
+    0xff, 0xb6, 0x4e, 0x0c, 0xaa, 0xbc, 0xd2, 0xfb, 0xb5, 0x4d, 0x81, 0x3d, 0x5b, 0xa5, 0x90, 0x77,
+  },
+  { /* 10 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0xc0, 0x77, 0x44, 0x94, 0x60, 0x7c, 0x12, 0x8d, 0x2e, 0x2d, 0xbc, 0xeb, 0x11, 0x43, 0x48, 0x8e,
+    0x43, 0xee, 0x88, 0xeb, 0xc0, 0xf8, 0x24, 0xd9, 0x5c, 0x5a, 0xbb, 0x15, 0x22, 0x86, 0x90, 0xdf,
+    0x83, 0x99, 0xcc, 0x7f, 0xa0, 0x84, 0x36, 0x54, 0x72, 0x77, 0x07, 0xfe, 0x33, 0xc5, 0xd8, 0x51,
+    0x86, 0x1f, 0xd3, 0x15, 0x43, 0x33, 0x48, 0x71, 0xb8, 0xb4, 0xb5, 0x2a, 0x44, 0xcf, 0xe3, 0x7d,
+    0x46, 0x68, 0x97, 0x81, 0x23, 0x4f, 0x5a, 0xfc, 0x96, 0x99, 0x09, 0xc1, 0x55, 0x8c, 0xab, 0xf3,
+    0xc5, 0xf1, 0x5b, 0xfe, 0x83, 0xcb, 0x6c, 0xa8, 0xe4, 0xee, 0x0e, 0x3f, 0x66, 0x49, 0x73, 0xa2,
+    0x05, 0x86, 0x1f, 0x6a, 0xe3, 0xb7, 0x7e, 0x25, 0xca, 0xc3, 0xb2, 0xd4, 0x77, 0x0a, 0x3b, 0x2c,
+    0xcf, 0x3e, 0x65, 0x2a, 0x86, 0x66, 0x90, 0xe2, 0xb3, 0xab, 0xa9, 0x54, 0x88, 0x5d, 0x05, 0xfa,
+    0x0f, 0x49, 0x21, 0xbe, 0xe6, 0x1a, 0x82, 0x6f, 0x9d, 0x86, 0x15, 0xbf, 0x99, 0x1e, 0x4d, 0x74,
+    0x8c, 0xd0, 0xed, 0xc1, 0x46, 0x9e, 0xb4, 0x3b, 0xef, 0xf1, 0x12, 0x41, 0xaa, 0xdb, 0x95, 0x25,
+    0x4c, 0xa7, 0xa9, 0x55, 0x26, 0xe2, 0xa6, 0xb6, 0xc1, 0xdc, 0xae, 0xaa, 0xbb, 0x98, 0xdd, 0xab,
+    0x49, 0x21, 0xb6, 0x3f, 0xc5, 0x55, 0xd8, 0x93, 0x0b, 0x1f, 0x1c, 0x7e, 0xcc, 0x92, 0xe6, 0x87,
+    0x89, 0x56, 0xf2, 0xab, 0xa5, 0x29, 0xca, 0x1e, 0x25, 0x32, 0xa0, 0x95, 0xdd, 0xd1, 0xae, 0x09,
+    0x0a, 0xcf, 0x3e, 0xd4, 0x05, 0xad, 0xfc, 0x4a, 0x57, 0x45, 0xa7, 0x6b, 0xee, 0x14, 0x76, 0x58,
+    0xca, 0xb8, 0x7a, 0x40, 0x65, 0xd1, 0xee, 0xc7, 0x79, 0x68, 0x1b, 0x80, 0xff, 0x57, 0x3e, 0xd6,
+    0x5d, 0x7c, 0xca, 0x54, 0xcf, 0xcc, 0xe3, 0x07, 0xa5, 0x95, 0x91, 0xa8, 0xd3, 0xba, 0x0a, 0x37,
+    0x9d, 0x0b, 0x8e, 0xc0, 0xaf, 0xb0, 0xf1, 0x8a, 0x8b, 0xb8, 0x2d, 0x43, 0xc2, 0xf9, 0x42, 0xb9,
+    0x1e, 0x92, 0x42, 0xbf, 0x0f, 0x34, 0xc7, 0xde, 0xf9, 0xcf, 0x2a, 0xbd, 0xf1, 0x3c, 0x9a, 0xe8,
+    0xde, 0xe5, 0x06, 0x2b, 0x6f, 0x48, 0xd5, 0x53, 0xd7, 0xe2, 0x96, 0x56, 0xe0, 0x7f, 0xd2, 0x66,
+    0xdb, 0x63, 0x19, 0x41, 0x8c, 0xff, 0xab, 0x76, 0x1d, 0x21, 0x24, 0x82, 0x97, 0x75, 0xe9, 0x4a,
+    0x1b, 0x14, 0x5d, 0xd5, 0xec, 0x83, 0xb9, 0xfb, 0x33, 0x0c, 0x98, 0x69, 0x86, 0x36, 0xa1, 0xc4,
+    0x98, 0x8d, 0x91, 0xaa, 0x4c, 0x07, 0x8f, 0xaf, 0x41, 0x7b, 0x9f, 0x97, 0xb5, 0xf3, 0x79, 0x95,
+    0x58, 0xfa, 0xd5, 0x3e, 0x2c, 0x7b, 0x9d, 0x22, 0x6f, 0x56, 0x23, 0x7c, 0xa4, 0xb0, 0x31, 0x1b,
+    0x92, 0x42, 0xaf, 0x7e, 0x49, 0xaa, 0x73, 0xe5, 0x16, 0x3e, 0x38, 0xfc, 0x5b, 0xe7, 0x0f, 0xcd,
+    0x52, 0x35, 0xeb, 0xea, 0x29, 0xd6, 0x61, 0x68, 0x38, 0x13, 0x84, 0x17, 0x4a, 0xa4, 0x47, 0x43,
+    0xd1, 0xac, 0x27, 0x95, 0x89, 0x52, 0x57, 0x3c, 0x4a, 0x64, 0x83, 0xe9, 0x79, 0x61, 0x9f, 0x12,
+    0x11, 0xdb, 0x63, 0x01, 0xe9, 0x2e, 0x45, 0xb1, 0x64, 0x49, 0x3f, 0x02, 0x68, 0x22, 0xd7, 0x9c,
+    0x14, 0x5d, 0x7c, 0x6b, 0x0a, 0x99, 0x3b, 0x94, 0xae, 0x8a, 0x8d, 0xd6, 0x1f, 0x28, 0xec, 0xb0,
+    0xd4, 0x2a, 0x38, 0xff, 0x6a, 0xe5, 0x29, 0x19, 0x80, 0xa7, 0x31, 0x3d, 0x0e, 0x6b, 0xa4, 0x3e,
+    0x57, 0xb3, 0xf4, 0x80, 0xca, 0x61, 0x1f, 0x4d, 0xf2, 0xd0, 0x36, 0xc3, 0x3d, 0xae, 0x7c, 0x6f,
+    0x97, 0xc4, 0xb0, 0x14, 0xaa, 0x1d, 0x0d, 0xc0, 0xdc, 0xfd, 0x8a, 0x28, 0x2c, 0xed, 0x34, 0xe1,
+    0xba, 0xf8, 0x57, 0xa8, 0x5d, 0x5b, 0x05, 0x0e, 0x89, 0xe9, 0xe1, 0x93, 0x65, 0xb7, 0x14, 0x6e,
+    0x7a, 0x8f, 0x13, 0x3c, 0x3d, 0x27, 0x17, 0x83, 0xa7, 0xc4, 0x5d, 0x78, 0x74, 0xf4, 0x5c, 0xe0,
+    0xf9, 0x16, 0xdf, 0x43, 0x9d, 0xa3, 0x21, 0xd7, 0xd5, 0xb3, 0x5a, 0x86, 0x47, 0x31, 0x84, 0xb1,
+    0x39, 0x61, 0x9b, 0xd7, 0xfd, 0xdf, 0x33, 0x5a, 0xfb, 0x9e, 0xe6, 0x6d, 0x56, 0x72, 0xcc, 0x3f,
+    0x3c, 0xe7, 0x84, 0xbd, 0x1e, 0x68, 0x4d, 0x7f, 0x31, 0x5d, 0x54, 0xb9, 0x21, 0x78, 0xf7, 0x13,
+    0xfc, 0x90, 0xc0, 0x29, 0x7e, 0x14, 0x5f, 0xf2, 0x1f, 0x70, 0xe8, 0x52, 0x30, 0x3b, 0xbf, 0x9d,
+    0x7f, 0x09, 0x0c, 0x56, 0xde, 0x90, 0x69, 0xa6, 0x6d, 0x07, 0xef, 0xac, 0x03, 0xfe, 0x67, 0xcc,
+    0xbf, 0x7e, 0x48, 0xc2, 0xbe, 0xec, 0x7b, 0x2b, 0x43, 0x2a, 0x53, 0x47, 0x12, 0xbd, 0x2f, 0x42,
+    0x75, 0xc6, 0x32, 0x82, 0xdb, 0x3d, 0x95, 0xec, 0x3a, 0x42, 0x48, 0xc7, 0xed, 0xea, 0x11, 0x94,
+    0xb5, 0xb1, 0x76, 0x16, 0xbb, 0x41, 0x87, 0x61, 0x14, 0x6f, 0xf4, 0x2c, 0xfc, 0xa9, 0x59, 0x1a,
+    0x36, 0x28, 0xba, 0x69, 0x1b, 0xc5, 0xb1, 0x35, 0x66, 0x18, 0xf3, 0xd2, 0xcf, 0x6c, 0x81, 0x4b,
+    0xf6, 0x5f, 0xfe, 0xfd, 0x7b, 0xb9, 0xa3, 0xb8, 0x48, 0x35, 0x4f, 0x39, 0xde, 0x2f, 0xc9, 0xc5,
+    0xf3, 0xd9, 0xe1, 0x97, 0x98, 0x0e, 0xdd, 0x9d, 0x82, 0xf6, 0xfd, 0xed, 0xa9, 0x25, 0xf2, 0xe9,
+    0x33, 0xae, 0xa5, 0x03, 0xf8, 0x72, 0xcf, 0x10, 0xac, 0xdb, 0x41, 0x06, 0xb8, 0x66, 0xba, 0x67,
+    0xb0, 0x37, 0x69, 0x7c, 0x58, 0xf6, 0xf9, 0x44, 0xde, 0xac, 0x46, 0xf8, 0x8b, 0xa3, 0x62, 0x36,
+    0x70, 0x40, 0x2d, 0xe8, 0x38, 0x8a, 0xeb, 0xc9, 0xf0, 0x81, 0xfa, 0x13, 0x9a, 0xe0, 0x2a, 0xb8,
+    0xe7, 0x84, 0x9d, 0xfc, 0x92, 0x97, 0xe6, 0x09, 0x2c, 0x7c, 0x70, 0x3b, 0xb6, 0x0d, 0x1e, 0x59,
+    0x27, 0xf3, 0xd9, 0x68, 0xf2, 0xeb, 0xf4, 0x84, 0x02, 0x51, 0xcc, 0xd0, 0xa7, 0x4e, 0x56, 0xd7,
+    0xa4, 0x6a, 0x15, 0x17, 0x52, 0x6f, 0xc2, 0xd0, 0x70, 0x26, 0xcb, 0x2e, 0x94, 0x8b, 0x8e, 0x86,
+    0x64, 0x1d, 0x51, 0x83, 0x32, 0x13, 0xd0, 0x5d, 0x5e, 0x0b, 0x77, 0xc5, 0x85, 0xc8, 0xc6, 0x08,
+    0x61, 0x9b, 0x4e, 0xe9, 0xd1, 0xa4, 0xae, 0x78, 0x94, 0xc8, 0xc5, 0x11, 0xf2, 0xc2, 0xfd, 0x24,
+    0xa1, 0xec, 0x0a, 0x7d, 0xb1, 0xd8, 0xbc, 0xf5, 0xba, 0xe5, 0x79, 0xfa, 0xe3, 0x81, 0xb5, 0xaa,
+    0x22, 0x75, 0xc6, 0x02, 0x11, 0x5c, 0x8a, 0xa1, 0xc8, 0x92, 0x7e, 0x04, 0xd0, 0x44, 0x6d, 0xfb,
+    0xe2, 0x02, 0x82, 0x96, 0x71, 0x20, 0x98, 0x2c, 0xe6, 0xbf, 0xc2, 0xef, 0xc1, 0x07, 0x25, 0x75,
+    0x28, 0xba, 0xf8, 0xd6, 0x14, 0xf1, 0x76, 0xeb, 0x9f, 0xd7, 0xd9, 0x6f, 0x3e, 0x50, 0x1b, 0xa3,
+    0xe8, 0xcd, 0xbc, 0x42, 0x74, 0x8d, 0x64, 0x66, 0xb1, 0xfa, 0x65, 0x84, 0x2f, 0x13, 0x53, 0x2d,
+    0x6b, 0x54, 0x70, 0x3d, 0xd4, 0x09, 0x52, 0x32, 0xc3, 0x8d, 0x62, 0x7a, 0x1c, 0xd6, 0x8b, 0x7c,
+    0xab, 0x23, 0x34, 0xa9, 0xb4, 0x75, 0x40, 0xbf, 0xed, 0xa0, 0xde, 0x91, 0x0d, 0x95, 0xc3, 0xf2,
+    0xae, 0xa5, 0x2b, 0xc3, 0x57, 0xc2, 0x3e, 0x9a, 0x27, 0x63, 0x6c, 0x45, 0x7a, 0x9f, 0xf8, 0xde,
+    0x6e, 0xd2, 0x6f, 0x57, 0x37, 0xbe, 0x2c, 0x17, 0x09, 0x4e, 0xd0, 0xae, 0x6b, 0xdc, 0xb0, 0x50,
+    0xed, 0x4b, 0xa3, 0x28, 0x97, 0x3a, 0x1a, 0x43, 0x7b, 0x39, 0xd7, 0x50, 0x58, 0x19, 0x68, 0x01,
+    0x2d, 0x3c, 0xe7, 0xbc, 0xf7, 0x46, 0x08, 0xce, 0x55, 0x14, 0x6b, 0xbb, 0x49, 0x5a, 0x20, 0x8f,
+    0xb7, 0x33, 0xae, 0x93, 0xba, 0xb6, 0x0a, 0x1c, 0xd1, 0x11, 0x01, 0xe5, 0xca, 0xad, 0x28, 0xdc,
+    0x77, 0x44, 0xea, 0x07, 0xda, 0xca, 0x18, 0x91, 0xff, 0x3c, 0xbd, 0x0e, 0xdb, 0xee, 0x60, 0x52,
+    0xf4, 0xdd, 0x26, 0x78, 0x7a, 0x4e, 0x2e, 0xc5, 0x8d, 0x4b, 0xba, 0xf0, 0xe8, 0x2b, 0xb8, 0x03,
+    0x34, 0xaa, 0x62, 0xec, 0x1a, 0x32, 0x3c, 0x48, 0xa3, 0x66, 0x06, 0x1b, 0xf9, 0x68, 0xf0, 0x8d,
+    0x31, 0x2c, 0x7d, 0x86, 0xf9, 0x85, 0x42, 0x6d, 0x69, 0xa5, 0xb4, 0xcf, 0x8e, 0x62, 0xcb, 0xa1,
+    0xf1, 0x5b, 0x39, 0x12, 0x99, 0xf9, 0x50, 0xe0, 0x47, 0x88, 0x08, 0x24, 0x9f, 0x21, 0x83, 0x2f,
+    0x72, 0xc2, 0xf5, 0x6d, 0x39, 0x7d, 0x66, 0xb4, 0x35, 0xff, 0x0f, 0xda, 0xac, 0xe4, 0x5b, 0x7e,
+    0xb2, 0xb5, 0xb1, 0xf9, 0x59, 0x01, 0x74, 0x39, 0x1b, 0xd2, 0xb3, 0x31, 0xbd, 0xa7, 0x13, 0xf0,
+    0x78, 0x0d, 0xcb, 0xb9, 0x3c, 0xd0, 0x9a, 0xfe, 0x62, 0xba, 0xa8, 0xb1, 0x42, 0xf0, 0x2d, 0x26,
+    0xb8, 0x7a, 0x8f, 0x2d, 0x5c, 0xac, 0x88, 0x73, 0x4c, 0x97, 0x14, 0x5a, 0x53, 0xb3, 0x65, 0xa8,
+    0x3b, 0xe3, 0x43, 0x52, 0xfc, 0x28, 0xbe, 0x27, 0x3e, 0xe0, 0x13, 0xa4, 0x60, 0x76, 0xbd, 0xf9,
+    0xfb, 0x94, 0x07, 0xc6, 0x9c, 0x54, 0xac, 0xaa, 0x10, 0xcd, 0xaf, 0x4f, 0x71, 0x35, 0xf5, 0x77,
+    0xfe, 0x12, 0x18, 0xac, 0x7f, 0xe3, 0xd2, 0x8f, 0xda, 0x0e, 0x1d, 0x9b, 0x06, 0x3f, 0xce, 0x5b,
+    0x3e, 0x65, 0x5c, 0x38, 0x1f, 0x9f, 0xc0, 0x02, 0xf4, 0x23, 0xa1, 0x70, 0x17, 0x7c, 0x86, 0xd5,
+    0xbd, 0xfc, 0x90, 0x47, 0xbf, 0x1b, 0xf6, 0x56, 0x86, 0x54, 0xa6, 0x8e, 0x24, 0xb9, 0x5e, 0x84,
+    0x7d, 0x8b, 0xd4, 0xd3, 0xdf, 0x67, 0xe4, 0xdb, 0xa8, 0x79, 0x1a, 0x65, 0x35, 0xfa, 0x16, 0x0a,
+    0xea, 0x4f, 0x64, 0xc7, 0x75, 0x7a, 0xe9, 0x1b, 0x74, 0x84, 0x90, 0x4d, 0x19, 0x17, 0x22, 0xeb,
+    0x2a, 0x38, 0x20, 0x53, 0x15, 0x06, 0xfb, 0x96, 0x5a, 0xa9, 0x2c, 0xa6, 0x08, 0x54, 0x6a, 0x65,
+    0xa9, 0xa1, 0xec, 0x2c, 0xb5, 0x82, 0xcd, 0xc2, 0x28, 0xde, 0x2b, 0x58, 0x3b, 0x91, 0xb2, 0x34,
+    0x69, 0xd6, 0xa8, 0xb8, 0xd5, 0xfe, 0xdf, 0x4f, 0x06, 0xf3, 0x97, 0xb3, 0x2a, 0xd2, 0xfa, 0xba,
+    0x6c, 0x50, 0xb7, 0xd2, 0x36, 0x49, 0xa1, 0x6a, 0xcc, 0x30, 0x25, 0x67, 0x5d, 0xd8, 0xc1, 0x96,
+    0xac, 0x27, 0xf3, 0x46, 0x56, 0x35, 0xb3, 0xe7, 0xe2, 0x1d, 0x99, 0x8c, 0x4c, 0x9b, 0x89, 0x18,
+    0x2f, 0xbe, 0x3f, 0x39, 0xf6, 0xb1, 0x85, 0xb3, 0x90, 0x6a, 0x9e, 0x72, 0x7f, 0x5e, 0x51, 0x49,
+    0xef, 0xc9, 0x7b, 0xad, 0x96, 0xcd, 0x97, 0x3e, 0xbe, 0x47, 0x22, 0x99, 0x6e, 0x1d, 0x19, 0xc7,
+    0x25, 0x71, 0x01, 0xed, 0xf3, 0x1c, 0x79, 0xf9, 0xc7, 0x2f, 0x39, 0x19, 0x91, 0x4a, 0x27, 0x11,
+    0xe5, 0x06, 0x45, 0x79, 0x93, 0x60, 0x6b, 0x74, 0xe9, 0x02, 0x85, 0xf2, 0x80, 0x09, 0x6f, 0x9f,
+    0x66, 0x9f, 0x89, 0x06, 0x33, 0xe4, 0x5d, 0x20, 0x9b, 0x75, 0x82, 0x0c, 0xb3, 0xcc, 0xb7, 0xce,
+    0xa6, 0xe8, 0xcd, 0x92, 0x53, 0x98, 0x4f, 0xad, 0xb5, 0x58, 0x3e, 0xe7, 0xa2, 0x8f, 0xff, 0x40,
+    0xa3, 0x6e, 0xd2, 0xf8, 0xb0, 0x2f, 0x31, 0x88, 0x7f, 0x9b, 0x8c, 0x33, 0xd5, 0x85, 0xc4, 0x6c,
+    0x63, 0x19, 0x96, 0x6c, 0xd0, 0x53, 0x23, 0x05, 0x51, 0xb6, 0x30, 0xd8, 0xc4, 0xc6, 0x8c, 0xe2,
+    0xe0, 0x80, 0x5a, 0x13, 0x70, 0xd7, 0x15, 0x51, 0x23, 0xc1, 0x37, 0x26, 0xf7, 0x03, 0x54, 0xb3,
+    0x20, 0xf7, 0x1e, 0x87, 0x10, 0xab, 0x07, 0xdc, 0x0d, 0xec, 0x8b, 0xcd, 0xe6, 0x40, 0x1c, 0x3d,
+    0x0d, 0xcb, 0xf9, 0x3b, 0xe7, 0xed, 0x0f, 0x12, 0x58, 0xf8, 0xe0, 0x76, 0xaf, 0x1a, 0x3c, 0xb2,
+    0xcd, 0xbc, 0xbd, 0xaf, 0x87, 0x91, 0x1d, 0x9f, 0x76, 0xd5, 0x5c, 0x9d, 0xbe, 0x59, 0x74, 0x3c,
+    0x4e, 0x25, 0x71, 0xd0, 0x27, 0x15, 0x2b, 0xcb, 0x04, 0xa2, 0x5b, 0x63, 0x8d, 0x9c, 0xac, 0x6d,
+    0x8e, 0x52, 0x35, 0x44, 0x47, 0x69, 0x39, 0x46, 0x2a, 0x8f, 0xe7, 0x88, 0x9c, 0xdf, 0xe4, 0xe3,
+    0x8b, 0xd4, 0x2a, 0x2e, 0xa4, 0xde, 0x47, 0x63, 0xe0, 0x4c, 0x55, 0x5c, 0xeb, 0xd5, 0xdf, 0xcf,
+    0x4b, 0xa3, 0x6e, 0xba, 0xc4, 0xa2, 0x55, 0xee, 0xce, 0x61, 0xe9, 0xb7, 0xfa, 0x96, 0x97, 0x41,
+    0xc8, 0x3a, 0xa2, 0xc5, 0x64, 0x26, 0x63, 0xba, 0xbc, 0x16, 0xee, 0x49, 0xc9, 0x53, 0x4f, 0x10,
+    0x08, 0x4d, 0xe6, 0x51, 0x04, 0x5a, 0x71, 0x37, 0x92, 0x3b, 0x52, 0xa2, 0xd8, 0x10, 0x07, 0x9e,
+    0xc2, 0xf5, 0x9c, 0x11, 0x61, 0x8b, 0x9f, 0xf0, 0xeb, 0x53, 0x49, 0x22, 0x27, 0x47, 0x39, 0x48,
+    0x02, 0x82, 0xd8, 0x85, 0x01, 0xf7, 0x8d, 0x7d, 0xc5, 0x7e, 0xf5, 0xc9, 0x36, 0x04, 0x71, 0xc6,
+    0x81, 0x1b, 0x14, 0xfa, 0xa1, 0x73, 0xbb, 0x29, 0xb7, 0x09, 0xf2, 0x37, 0x05, 0xc1, 0xa9, 0x97,
+    0x41, 0x6c, 0x50, 0x6e, 0xc1, 0x0f, 0xa9, 0xa4, 0x99, 0x24, 0x4e, 0xdc, 0x14, 0x82, 0xe1, 0x19,
+    0x44, 0xea, 0x4f, 0x04, 0x22, 0xb8, 0xd7, 0x81, 0x53, 0xe7, 0xfc, 0x08, 0x63, 0x88, 0xda, 0x35,
+    0x84, 0x9d, 0x0b, 0x90, 0x42, 0xc4, 0xc5, 0x0c, 0x7d, 0xca, 0x40, 0xe3, 0x72, 0xcb, 0x92, 0xbb,
+    0x07, 0x04, 0xc7, 0xef, 0xe2, 0x40, 0xf3, 0x58, 0x0f, 0xbd, 0x47, 0x1d, 0x41, 0x0e, 0x4a, 0xea,
+    0xc7, 0x73, 0x83, 0x7b, 0x82, 0x3c, 0xe1, 0xd5, 0x21, 0x90, 0xfb, 0xf6, 0x50, 0x4d, 0x02, 0x64,
+    0x50, 0xb7, 0x33, 0x6f, 0x28, 0x21, 0xec, 0x15, 0xfd, 0x6d, 0x71, 0xde, 0x7c, 0xa0, 0x36, 0x85,
+    0x90, 0xc0, 0x77, 0xfb, 0x48, 0x5d, 0xfe, 0x98, 0xd3, 0x40, 0xcd, 0x35, 0x6d, 0xe3, 0x7e, 0x0b,
+    0x13, 0x59, 0xbb, 0x84, 0xe8, 0xd9, 0xc8, 0xcc, 0xa1, 0x37, 0xca, 0xcb, 0x5e, 0x26, 0xa6, 0x5a,
+    0xd3, 0x2e, 0xff, 0x10, 0x88, 0xa5, 0xda, 0x41, 0x8f, 0x1a, 0x76, 0x20, 0x4f, 0x65, 0xee, 0xd4,
+    0xd6, 0xa8, 0xe0, 0x7a, 0x6b, 0x12, 0xa4, 0x64, 0x45, 0xd9, 0xc4, 0xf4, 0x38, 0x6f, 0xd5, 0xf8,
+    0x16, 0xdf, 0xa4, 0xee, 0x0b, 0x6e, 0xb6, 0xe9, 0x6b, 0xf4, 0x78, 0x1f, 0x29, 0x2c, 0x9d, 0x76,
+    0x95, 0x46, 0x68, 0x91, 0xab, 0xea, 0x80, 0xbd, 0x19, 0x83, 0x7f, 0xe1, 0x1a, 0xe9, 0x45, 0x27,
+    0x55, 0x31, 0x2c, 0x05, 0xcb, 0x96, 0x92, 0x30, 0x37, 0xae, 0xc3, 0x0a, 0x0b, 0xaa, 0x0d, 0xa9,
+    0x9f, 0x89, 0x56, 0x45, 0xae, 0x47, 0x7c, 0xf7, 0x4e, 0xc6, 0xd8, 0x8a, 0xf4, 0xfd, 0x33, 0x7f,
+    0x5f, 0xfe, 0x12, 0xd1, 0xce, 0x3b, 0x6e, 0x7a, 0x60, 0xeb, 0x64, 0x61, 0xe5, 0xbe, 0x7b, 0xf1,
+    0xdc, 0x67, 0xde, 0xae, 0x6e, 0xbf, 0x58, 0x2e, 0x12, 0x9c, 0x63, 0x9f, 0xd6, 0x7b, 0xa3, 0xa0,
+    0x1c, 0x10, 0x9a, 0x3a, 0x0e, 0xc3, 0x4a, 0xa3, 0x3c, 0xb1, 0xdf, 0x74, 0xc7, 0x38, 0xeb, 0x2e,
+    0x19, 0x96, 0x85, 0x50, 0xed, 0x74, 0x34, 0x86, 0xf6, 0x72, 0x6d, 0xa0, 0xb0, 0x32, 0xd0, 0x02,
+    0xd9, 0xe1, 0xc1, 0xc4, 0x8d, 0x08, 0x26, 0x0b, 0xd8, 0x5f, 0xd1, 0x4b, 0xa1, 0x71, 0x98, 0x8c,
+    0x5a, 0x78, 0x0d, 0xbb, 0x2d, 0x8c, 0x10, 0x5f, 0xaa, 0x28, 0xd6, 0xb5, 0x92, 0xb4, 0x40, 0xdd,
+    0x9a, 0x0f, 0x49, 0x2f, 0x4d, 0xf0, 0x02, 0xd2, 0x84, 0x05, 0x6a, 0x5e, 0x83, 0xf7, 0x08, 0x53,
+    0xad, 0x66, 0x9f, 0xe5, 0xb7, 0xaf, 0x14, 0x38, 0x61, 0x22, 0x02, 0x09, 0x57, 0x99, 0x50, 0x7b,
+    0x6d, 0x11, 0xdb, 0x71, 0xd7, 0xd3, 0x06, 0xb5, 0x4f, 0x0f, 0xbe, 0xe2, 0x46, 0xda, 0x18, 0xf5,
+    0xee, 0x88, 0x17, 0x0e, 0x77, 0x57, 0x30, 0xe1, 0x3d, 0x78, 0xb9, 0x1c, 0x75, 0x1f, 0xc0, 0xa4,
+    0x2e, 0xff, 0x53, 0x9a, 0x17, 0x2b, 0x22, 0x6c, 0x13, 0x55, 0x05, 0xf7, 0x64, 0x5c, 0x88, 0x2a,
+    0x2b, 0x79, 0x4c, 0xf0, 0xf4, 0x9c, 0x5c, 0x49, 0xd9, 0x96, 0xb7, 0x23, 0x13, 0x56, 0xb3, 0x06,
+    0xeb, 0x0e, 0x08, 0x64, 0x94, 0xe0, 0x4e, 0xc4, 0xf7, 0xbb, 0x0b, 0xc8, 0x02, 0x15, 0xfb, 0x88,
+    0x68, 0x97, 0xc4, 0x1b, 0x34, 0x64, 0x78, 0x90, 0x85, 0xcc, 0x0c, 0x36, 0x31, 0xd0, 0x23, 0xd9,
+    0xa8, 0xe0, 0x80, 0x8f, 0x54, 0x18, 0x6a, 0x1d, 0xab, 0xe1, 0xb0, 0xdd, 0x20, 0x93, 0x6b, 0x57,
+    0x62, 0x58, 0xfa, 0xcf, 0x31, 0xc9, 0x84, 0xda, 0xd2, 0x89, 0xab, 0x5d, 0xdf, 0xc4, 0x55, 0x81,
+    0xa2, 0x2f, 0xbe, 0x5b, 0x51, 0xb5, 0x96, 0x57, 0xfc, 0xa4, 0x17, 0xb6, 0xce, 0x87, 0x1d, 0x0f,
+    0x21, 0xb6, 0x72, 0x24, 0xf1, 0x31, 0xa0, 0x03, 0x8e, 0xd3, 0x10, 0x48, 0xfd, 0x42, 0xc5, 0x5e,
+    0xe1, 0xc1, 0x36, 0xb0, 0x91, 0x4d, 0xb2, 0x8e, 0xa0, 0xfe, 0xac, 0xa3, 0xec, 0x01, 0x8d, 0xd0,
+    0xe4, 0x47, 0x29, 0xda, 0x72, 0xfa, 0xcc, 0xab, 0x6a, 0x3d, 0x1e, 0x77, 0x9b, 0x0b, 0xb6, 0xfc,
+    0x24, 0x30, 0x6d, 0x4e, 0x12, 0x86, 0xde, 0x26, 0x44, 0x10, 0xa2, 0x9c, 0x8a, 0x48, 0xfe, 0x72,
+    0xa7, 0xa9, 0xa1, 0x31, 0xb2, 0x02, 0xe8, 0x72, 0x36, 0x67, 0xa5, 0x62, 0xb9, 0x8d, 0x26, 0x23,
+    0x67, 0xde, 0xe5, 0xa5, 0xd2, 0x7e, 0xfa, 0xff, 0x18, 0x4a, 0x19, 0x89, 0xa8, 0xce, 0x6e, 0xad,
+    0xf0, 0x1a, 0x55, 0xb1, 0x78, 0x63, 0xf7, 0x3f, 0xc4, 0xb7, 0x93, 0xa1, 0x84, 0x23, 0x5a, 0x4c,
+    0x30, 0x6d, 0x11, 0x25, 0x18, 0x1f, 0xe5, 0xb2, 0xea, 0x9a, 0x2f, 0x4a, 0x95, 0x60, 0x12, 0xc2,
+    0xb3, 0xf4, 0xdd, 0x5a, 0xb8, 0x9b, 0xd3, 0xe6, 0x98, 0xed, 0x28, 0xb4, 0xa6, 0xa5, 0xca, 0x93,
+    0x73, 0x83, 0x99, 0xce, 0xd8, 0xe7, 0xc1, 0x6b, 0xb6, 0xc0, 0x94, 0x5f, 0xb7, 0xe6, 0x82, 0x1d,
+    0x76, 0x05, 0x86, 0xa4, 0x3b, 0x50, 0xbf, 0x4e, 0x7c, 0x03, 0x26, 0x8b, 0xc0, 0xec, 0xb9, 0x31,
+    0xb6, 0x72, 0xc2, 0x30, 0x5b, 0x2c, 0xad, 0xc3, 0x52, 0x2e, 0x9a, 0x60, 0xd1, 0xaf, 0xf1, 0xbf,
+    0x35, 0xeb, 0x0e, 0x4f, 0xfb, 0xa8, 0x9b, 0x97, 0x20, 0x59, 0x9d, 0x9e, 0xe2, 0x6a, 0x29, 0xee,
+    0xf5, 0x9c, 0x4a, 0xdb, 0x9b, 0xd4, 0x89, 0x1a, 0x0e, 0x74, 0x21, 0x75, 0xf3, 0x29, 0x61, 0x60,
+    0x3f, 0x24, 0x30, 0x9b, 0xfe, 0x05, 0x67, 0xdd, 0x77, 0x1c, 0x3a, 0xf5, 0x0c, 0x7e, 0x5f, 0xb6,
+    0xff, 0x53, 0x74, 0x0f, 0x9e, 0x79, 0x75, 0x50, 0x59, 0x31, 0x86, 0x1e, 0x1d, 0x3d, 0x17, 0x38,
+    0x7c, 0xca, 0xb8, 0x70, 0x3e, 0xfd, 0x43, 0x04, 0x2b, 0x46, 0x81, 0xe0, 0x2e, 0xf8, 0xcf, 0x69,
+    0xbc, 0xbd, 0xfc, 0xe4, 0x5e, 0x81, 0x51, 0x89, 0x05, 0x6b, 0x3d, 0x0b, 0x3f, 0xbb, 0x87, 0xe7,
+    0xb9, 0x3b, 0xe3, 0x8e, 0xbd, 0x36, 0x2f, 0xac, 0xcf, 0xa8, 0x8f, 0xdf, 0x48, 0xb1, 0xbc, 0xcb,
+    0x79, 0x4c, 0xa7, 0x1a, 0xdd, 0x4a, 0x3d, 0x21, 0xe1, 0x85, 0x33, 0x34, 0x59, 0xf2, 0xf4, 0x45,
+    0xfa, 0xd5, 0x6b, 0x65, 0x7d, 0xce, 0x0b, 0x75, 0x93, 0xf2, 0x34, 0xca, 0x6a, 0x37, 0x2c, 0x14,
+    0x3a, 0xa2, 0x2f, 0xf1, 0x1d, 0xb2, 0x19, 0xf8, 0xbd, 0xdf, 0x88, 0x21, 0x7b, 0x74, 0x64, 0x9a,
+    0x17, 0x9e, 0xc8, 0x4d, 0xea, 0xf4, 0x11, 0x36, 0xe8, 0xcb, 0xe3, 0x9a, 0x32, 0x2e, 0x44, 0x15,
+    0xd7, 0xe9, 0x8c, 0xd9, 0x8a, 0x88, 0x03, 0xbb, 0xc6, 0xe6, 0x5f, 0x71, 0x23, 0x6d, 0x0c, 0x9b,
+    0x54, 0x70, 0x40, 0xa6, 0x2a, 0x0c, 0x35, 0xef, 0xb4, 0x91, 0x58, 0x8f, 0x10, 0xa8, 0xd4, 0xca,
+    0x94, 0x07, 0x04, 0x32, 0x4a, 0x70, 0x27, 0x62, 0x9a, 0xbc, 0xe4, 0x64, 0x01, 0xeb, 0x9c, 0x44,
+    0x91, 0x81, 0x1b, 0x58, 0xa9, 0xc7, 0x59, 0x47, 0x50, 0x7f, 0x56, 0xb0, 0x76, 0xe1, 0xa7, 0x68,
+    0x51, 0xf6, 0x5f, 0xcc, 0xc9, 0xbb, 0x4b, 0xca, 0x7e, 0x52, 0xea, 0x5b, 0x67, 0xa2, 0xef, 0xe6,
+    0xd2, 0x6f, 0x93, 0xb3, 0x69, 0x3f, 0x7d, 0x9e, 0x0c, 0x25, 0xed, 0xa5, 0x54, 0x67, 0x37, 0xb7,
+    0x12, 0x18, 0xd7, 0x27, 0x09, 0x43, 0x6f, 0x13, 0x22, 0x08, 0x51, 0x4e, 0x45, 0x24, 0x7f, 0x39,
+    0xd8, 0xa0, 0xad, 0x67, 0x6c, 0x92, 0x81, 0xd4, 0x5b, 0x60, 0x4a, 0xce, 0xba, 0x73, 0x41, 0xef,
+    0x18, 0xd7, 0xe9, 0xf3, 0x0c, 0xee, 0x93, 0x59, 0x75, 0x4d, 0xf6, 0x25, 0xab, 0x30, 0x09, 0x61,
+    0x9b, 0x4e, 0x25, 0x8c, 0xac, 0x6a, 0xa5, 0x0d, 0x07, 0x3a, 0xf1, 0xdb, 0x98, 0xf5, 0xd1, 0x30,
+    0x5b, 0x39, 0x61, 0x18, 0xcc, 0x16, 0xb7, 0x80, 0x29, 0x17, 0x4d, 0x30, 0x89, 0xb6, 0x99, 0xbe,
+    0x5e, 0xbf, 0x7e, 0x72, 0x2f, 0xa1, 0xc9, 0xa5, 0xe3, 0xd4, 0xff, 0xe4, 0xfe, 0xbc, 0xa2, 0x92,
+    0x9e, 0xc8, 0x3a, 0xe6, 0x4f, 0xdd, 0xdb, 0x28, 0xcd, 0xf9, 0x43, 0x0f, 0xef, 0xff, 0xea, 0x1c,
+    0x1d, 0x51, 0xf6, 0x99, 0xef, 0x59, 0xed, 0x7c, 0xbf, 0x8e, 0x44, 0xf1, 0xdc, 0x3a, 0x32, 0x4d,
+    0xdd, 0x26, 0xb2, 0x0d, 0x8f, 0x25, 0xff, 0xf1, 0x91, 0xa3, 0xf8, 0x1a, 0xcd, 0x79, 0x7a, 0xc3,
+    0x4a, 0xe2, 0x02, 0x19, 0x25, 0x38, 0xf2, 0x31, 0x4d, 0x5e, 0x72, 0x32, 0xe1, 0x94, 0x4e, 0x22,
+    0x8a, 0x95, 0x46, 0x8d, 0x45, 0x44, 0xe0, 0xbc, 0x63, 0x73, 0xce, 0xd9, 0xf0, 0xd7, 0x06, 0xac,
+    0x09, 0x0c, 0x8a, 0xf2, 0xe5, 0xc0, 0xd6, 0xe8, 0x11, 0x04, 0xc9, 0x27, 0xc3, 0x12, 0xde, 0xfd,
+    0xc9, 0x7b, 0xce, 0x66, 0x85, 0xbc, 0xc4, 0x65, 0x3f, 0x29, 0x75, 0xcc, 0xd2, 0x51, 0x96, 0x73,
+    0xcc, 0xfd, 0xd1, 0x0c, 0x66, 0x0b, 0xba, 0x40, 0xf5, 0xea, 0xc7, 0x18, 0xa5, 0x5b, 0xad, 0x5f,
+    0x0c, 0x8a, 0x95, 0x98, 0x06, 0x77, 0xa8, 0xcd, 0xdb, 0xc7, 0x7b, 0xf3, 0xb4, 0x18, 0xe5, 0xd1,
+    0x8f, 0x13, 0x59, 0xe7, 0xa6, 0xf3, 0x9e, 0x99, 0xa9, 0xb0, 0x7c, 0x0d, 0x87, 0xdd, 0x3d, 0x80,
+    0x4f, 0x64, 0x1d, 0x73, 0xc6, 0x8f, 0x8c, 0x14, 0x87, 0x9d, 0xc0, 0xe6, 0x96, 0x9e, 0x75, 0x0e,
+    0x85, 0xdc, 0x67, 0x33, 0xa3, 0x5e, 0x62, 0xd3, 0xfe, 0xf5, 0xdb, 0x66, 0x69, 0xc9, 0x4b, 0xd8,
+    0x45, 0xab, 0x23, 0xa7, 0xc3, 0x22, 0x70, 0x5e, 0xd0, 0xd8, 0x67, 0x8d, 0x78, 0x8a, 0x03, 0x56,
+    0xc6, 0x32, 0xef, 0xd8, 0x63, 0xa6, 0x46, 0x0a, 0xa2, 0xaf, 0x60, 0x73, 0x4b, 0x4f, 0xdb, 0x07,
+    0x06, 0x45, 0xab, 0x4c, 0x03, 0xda, 0x54, 0x87, 0x8c, 0x82, 0xdc, 0x98, 0x5a, 0x0c, 0x93, 0x89,
+    0x03, 0xc3, 0xb4, 0x26, 0xe0, 0x6d, 0x2a, 0xa2, 0x46, 0x41, 0x6e, 0x4c, 0x2d, 0x06, 0xa8, 0xa5,
+    0xc3, 0xb4, 0xf0, 0xb2, 0x80, 0x11, 0x38, 0x2f, 0x68, 0x6c, 0xd2, 0xa7, 0x3c, 0x45, 0xe0, 0x2b,
+    0x40, 0x2d, 0x3c, 0xcd, 0x20, 0x95, 0x0e, 0x7b, 0x1a, 0x1b, 0xd5, 0x59, 0x0f, 0x80, 0x38, 0x7a,
+    0x80, 0x5a, 0x78, 0x59, 0x40, 0xe9, 0x1c, 0xf6, 0x34, 0x36, 0x69, 0xb2, 0x1e, 0xc3, 0x70, 0xf4,
+    0x1a, 0x55, 0x31, 0x76, 0x0d, 0x19, 0x1e, 0x24, 0xb0, 0x33, 0x03, 0xec, 0x9d, 0x34, 0x78, 0xa7,
+    0xda, 0x22, 0x75, 0xe2, 0x6d, 0x65, 0x0c, 0xa9, 0x9e, 0x1e, 0xbf, 0x07, 0x8c, 0x77, 0x30, 0x29,
+    0x59, 0xbb, 0xb9, 0x9d, 0xcd, 0xe1, 0x3a, 0xfd, 0xec, 0x69, 0xb8, 0xf9, 0xbf, 0xb2, 0xe8, 0x78,
+    0x99, 0xcc, 0xfd, 0x09, 0xad, 0x9d, 0x28, 0x70, 0xc2, 0x44, 0x04, 0x12, 0xae, 0xf1, 0xa0, 0xf6,
+    0x9c, 0x4a, 0xe2, 0x63, 0x4e, 0x2a, 0x56, 0x55, 0x08, 0x87, 0xb6, 0xc6, 0xd9, 0xfb, 0x9b, 0xda,
+    0x5c, 0x3d, 0xa6, 0xf7, 0x2e, 0x56, 0x44, 0xd8, 0x26, 0xaa, 0x0a, 0x2d, 0xc8, 0xb8, 0xd3, 0x54,
+    0xdf, 0xa4, 0x6a, 0x88, 0x8e, 0xd2, 0x72, 0x8c, 0x54, 0xdd, 0x0d, 0xd3, 0xfb, 0x7d, 0x0b, 0x05,
+    0x1f, 0xd3, 0x2e, 0x1c, 0xee, 0xae, 0x60, 0x01, 0x7a, 0xf0, 0xb1, 0x38, 0xea, 0x3e, 0x43, 0x8b,
+    0xd5, 0x6b, 0x54, 0x5c, 0x8b, 0x7f, 0x8e, 0xc6, 0x03, 0x98, 0xaa, 0xb8, 0x15, 0x69, 0x7d, 0x5d,
+    0x15, 0x1c, 0x10, 0xc8, 0xeb, 0x03, 0x9c, 0x4b, 0x2d, 0xb5, 0x16, 0x53, 0x04, 0x2a, 0x35, 0xd3,
+    0x96, 0x85, 0xdc, 0xb7, 0x4b, 0x87, 0xaa, 0x1f, 0x5f, 0xc2, 0x11, 0xad, 0x37, 0xef, 0xed, 0x82,
+    0x56, 0xf2, 0x98, 0x23, 0x2b, 0xfb, 0xb8, 0x92, 0x71, 0xef, 0xad, 0x46, 0x26, 0xac, 0xa5, 0x0c,
+    0x53, 0x74, 0x87, 0x49, 0xc8, 0x4c, 0xc6, 0xb7, 0xbb, 0x2c, 0x1f, 0x92, 0x51, 0xa6, 0x9e, 0x20,
+    0x93, 0x03, 0xc3, 0xdd, 0xa8, 0x30, 0xd4, 0x3a, 0x95, 0x01, 0xa3, 0x79, 0x40, 0xe5, 0xd6, 0xae,
+    0x10, 0x9a, 0x0f, 0xa2, 0x08, 0xb4, 0xe2, 0x6e, 0xe7, 0x76, 0xa4, 0x87, 0x73, 0x20, 0x0e, 0xff,
+    0xd0, 0xed, 0x4b, 0x36, 0x68, 0xc8, 0xf0, 0xe3, 0xc9, 0x5b, 0x18, 0x6c, 0x62, 0x63, 0x46, 0x71,
+    0x47, 0x29, 0xfb, 0x22, 0xc2, 0xd5, 0xfd, 0x23, 0x15, 0xa6, 0x92, 0x44, 0x4e, 0x8e, 0x72, 0x90,
+    0x87, 0x5e, 0xbf, 0xb6, 0xa2, 0xa9, 0xef, 0xae, 0x3b, 0x8b, 0x2e, 0xaf, 0x5f, 0xcd, 0x3a, 0x1e,
+    0x04, 0xc7, 0x73, 0xc9, 0x02, 0x2d, 0xd9, 0xfa, 0x49, 0xfc, 0x29, 0x51, 0x6c, 0x08, 0xe2, 0x4f,
+    0xc4, 0xb0, 0x37, 0x5d, 0x62, 0x51, 0xcb, 0x77, 0x67, 0xd1, 0x95, 0xba, 0x7d, 0x4b, 0xaa, 0xc1,
+    0xc1, 0x36, 0x28, 0x37, 0x81, 0xe6, 0xb5, 0x52, 0xad, 0x12, 0x27, 0x6e, 0x0a, 0x41, 0x91, 0xed,
+    0x01, 0x41, 0x6c, 0xa3, 0xe1, 0x9a, 0xa7, 0xdf, 0x83, 0x3f, 0x9b, 0x85, 0x1b, 0x02, 0xd9, 0x63,
+    0x82, 0xd8, 0xa0, 0xdc, 0x41, 0x1e, 0x91, 0x8b, 0xf1, 0x48, 0x9c, 0x7b, 0x28, 0xc7, 0x01, 0x32,
+    0x42, 0xaf, 0xe4, 0x48, 0x21, 0x62, 0x83, 0x06, 0xdf, 0x65, 0x20, 0x90, 0x39, 0x84, 0x49, 0xbc,
+    0x88, 0x17, 0x9e, 0x08, 0x44, 0xb3, 0x6d, 0xc1, 0xa6, 0x0d, 0x3b, 0x10, 0xc6, 0xd3, 0x77, 0x6a,
+    0x48, 0x60, 0xda, 0x9c, 0x24, 0xcf, 0x7f, 0x4c, 0x88, 0x20, 0x87, 0xfb, 0xd7, 0x90, 0x3f, 0xe4,
+    0xcb, 0xf9, 0x16, 0xe3, 0x84, 0x4b, 0x49, 0x18, 0xfa, 0x57, 0x80, 0x05, 0xe4, 0x55, 0xe7, 0xb5,
+    0x0b, 0x8e, 0x52, 0x77, 0xe4, 0x37, 0x5b, 0x95, 0xd4, 0x7a, 0x3c, 0xee, 0xf5, 0x16, 0xaf, 0x3b,
+    0x0e, 0x08, 0x4d, 0x1d, 0x07, 0x80, 0x25, 0xb0, 0x1e, 0xb9, 0x8e, 0x3a, 0x82, 0x1c, 0x94, 0x17,
+    0xce, 0x7f, 0x09, 0x89, 0x67, 0xfc, 0x37, 0x3d, 0x30, 0x94, 0x32, 0xd1, 0x93, 0x5f, 0xdc, 0x99,
+    0x4d, 0xe6, 0xc5, 0xf6, 0xc7, 0x78, 0x01, 0x69, 0x42, 0xe3, 0x35, 0x2f, 0xa0, 0x9a, 0x04, 0xc8,
+    0x8d, 0x91, 0x81, 0x62, 0xa7, 0x04, 0x13, 0xe4, 0x6c, 0xce, 0x89, 0xc4, 0xb1, 0xd9, 0x4c, 0x46,
+    0xa0, 0xad, 0x66, 0xde, 0x50, 0x42, 0x1b, 0x2a, 0x39, 0xda, 0xe2, 0x7f, 0xf8, 0x83, 0x6c, 0xc9,
+    0x60, 0xda, 0x22, 0x4a, 0x30, 0x3e, 0x09, 0xa7, 0x17, 0xf7, 0x5e, 0x94, 0xe9, 0xc0, 0x24, 0x47,
+    0xe3, 0x43, 0xee, 0x35, 0x90, 0xba, 0x3f, 0xf3, 0x65, 0x80, 0x59, 0x6a, 0xda, 0x05, 0xfc, 0x16,
+    0x23, 0x34, 0xaa, 0xa1, 0xf0, 0xc6, 0x2d, 0x7e, 0x4b, 0xad, 0xe5, 0x81, 0xcb, 0x46, 0xb4, 0x98,
+    0x26, 0xb2, 0xb5, 0xcb, 0x13, 0x71, 0x53, 0x5b, 0x81, 0x6e, 0x57, 0x55, 0xbc, 0x4c, 0x8f, 0xb4,
+    0xe6, 0xc5, 0xf1, 0x5f, 0x73, 0x0d, 0x41, 0xd6, 0xaf, 0x43, 0xeb, 0xbe, 0xad, 0x0f, 0xc7, 0x3a,
+    0x65, 0x5c, 0x3d, 0x20, 0xd3, 0x89, 0x77, 0x82, 0xdd, 0x34, 0xec, 0x40, 0x9e, 0xca, 0x1f, 0x6b,
+    0xa5, 0x2b, 0x79, 0xb4, 0xb3, 0xf5, 0x65, 0x0f, 0xf3, 0x19, 0x50, 0xab, 0x8f, 0x89, 0x57, 0xe5,
+    0x6f, 0x93, 0x03, 0xf4, 0xd6, 0x24, 0x8b, 0xc8, 0x8a, 0x71, 0x4b, 0x2b, 0x70, 0xde, 0x69, 0x33,
+    0xaf, 0xe4, 0x47, 0x60, 0xb6, 0x58, 0x99, 0x45, 0xa4, 0x5c, 0xf7, 0xc0, 0x61, 0x9d, 0x21, 0xbd,
+    0x2c, 0x7d, 0x8b, 0x1f, 0x16, 0xdc, 0xaf, 0x11, 0xd6, 0x2b, 0xf0, 0x3e, 0x52, 0x58, 0xf9, 0xec,
+    0xec, 0x0a, 0xcf, 0x8b, 0x76, 0xa0, 0xbd, 0x9c, 0xf8, 0x06, 0x4c, 0xd5, 0x43, 0x1b, 0xb1, 0x62,
+    0xe9, 0x8c, 0xd0, 0xe1, 0x95, 0x17, 0xc3, 0xb9, 0x32, 0xc5, 0xfe, 0x01, 0x34, 0x11, 0x8a, 0x4e,
+    0x29, 0xfb, 0x94, 0x75, 0xf5, 0x6b, 0xd1, 0x34, 0x1c, 0xe8, 0x42, 0xea, 0x25, 0x52, 0xc2, 0xc0,
+    0xaa, 0x62, 0x58, 0x0a, 0x55, 0xef, 0xe7, 0x60, 0x6e, 0x9f, 0x45, 0x14, 0x16, 0x97, 0x1a, 0x91,
+    0x6a, 0x15, 0x1c, 0x9e, 0x35, 0x93, 0xf5, 0xed, 0x40, 0xb2, 0xf9, 0xff, 0x07, 0xd4, 0x52, 0x1f,
+    0xfd, 0xd1, 0xac, 0x8a, 0x9f, 0x8e, 0xf8, 0x2d, 0x9c, 0x4f, 0x73, 0xd7, 0x2b, 0x39, 0x66, 0xfe,
+    0x3d, 0xa6, 0xe8, 0x1e, 0xff, 0xf2, 0xea, 0xa0, 0xb2, 0x62, 0xcf, 0x3c, 0x3a, 0x7a, 0x2e, 0x70,
+    0xbe, 0x3f, 0x24, 0x61, 0x5f, 0x76, 0xdc, 0xf4, 0xc0, 0x15, 0xc8, 0xc2, 0x09, 0xbf, 0xf6, 0x21,
+    0x7e, 0x48, 0x60, 0xf5, 0x3f, 0x0a, 0xce, 0x79, 0xee, 0x38, 0x74, 0x29, 0x18, 0xfc, 0xbe, 0xaf,
+    0x7b, 0xce, 0x7f, 0x9f, 0xdc, 0xbd, 0xb0, 0x5c, 0x24, 0xfb, 0xc6, 0xfd, 0x6f, 0xf6, 0x85, 0x83,
+    0xbb, 0xb9, 0x3b, 0x0b, 0xbc, 0xc1, 0xa2, 0xd1, 0x0a, 0xd6, 0x7a, 0x16, 0x7e, 0xb5, 0xcd, 0x0d,
+    0x38, 0x20, 0xf7, 0x74, 0x1c, 0x45, 0x94, 0x85, 0x78, 0xa1, 0x7d, 0xe8, 0x4d, 0x70, 0x15, 0x5c,
+    0xf8, 0x57, 0xb3, 0xe0, 0x7c, 0x39, 0x86, 0x08, 0x56, 0x8c, 0xc1, 0x03, 0x5c, 0x33, 0x5d, 0xd2,
+    0x32, 0xef, 0xc9, 0xa0, 0x19, 0xe8, 0x68, 0xcf, 0x2f, 0xe4, 0xda, 0x83, 0xa3, 0x64, 0x63, 0x04,
+    0xf2, 0x98, 0x8d, 0x34, 0x79, 0x94, 0x7a, 0x42, 0x01, 0xc9, 0x66, 0x68, 0xb2, 0x27, 0x2b, 0x8a,
+    0x71, 0x01, 0x41, 0x4b, 0xd9, 0x10, 0x4c, 0x16, 0x73, 0xbe, 0x61, 0x96, 0x81, 0xe2, 0xf3, 0xdb,
+    0xb1, 0x76, 0x05, 0xdf, 0xb9, 0x6c, 0x5e, 0x9b, 0x5d, 0x93, 0xdd, 0x7d, 0x90, 0xa1, 0xbb, 0x55,
+    0xb4, 0xf0, 0x1a, 0xb5, 0x5a, 0xdb, 0x20, 0xbe, 0x97, 0x50, 0x6f, 0xa9, 0xe7, 0xab, 0x80, 0x79,
+    0x74, 0x87, 0x5e, 0x21, 0x3a, 0xa7, 0x32, 0x33, 0xb9, 0x7d, 0xd3, 0x42, 0xf6, 0xe8, 0xc8, 0xf7,
+    0xf7, 0x1e, 0x92, 0x5e, 0x9a, 0x23, 0x04, 0x67, 0xcb, 0x0a, 0xd4, 0xbc, 0xc5, 0x2d, 0x10, 0xa6,
+    0x37, 0x69, 0xd6, 0xca, 0xfa, 0x5f, 0x16, 0xea, 0xe5, 0x27, 0x68, 0x57, 0xd4, 0x6e, 0x58, 0x28,
+  },
+  { /* 11 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0xc2, 0x5d, 0x97, 0xf3, 0xe9, 0x1a, 0x8d, 0xcb, 0xbb, 0x06, 0xc5, 0x20, 0x1c, 0x68, 0x90, 0x93,
+    0x47, 0xba, 0xed, 0x25, 0x11, 0x34, 0xd9, 0x55, 0xb5, 0x0c, 0x49, 0x40, 0x38, 0xd0, 0xe3, 0xe5,
+    0x85, 0xe7, 0x7a, 0xd6, 0xf8, 0x2e, 0x54, 0x9e, 0x0e, 0x0a, 0x8c, 0x60, 0x24, 0xb8, 0x73, 0x76,
+    0x8e, 0xb7, 0x19, 0x4a, 0x22, 0x68, 0x71, 0xaa, 0xa9, 0x18, 0x92, 0x80, 0x70, 0x63, 0x05, 0x09,
+    0x4c, 0xea, 0x8e, 0xb9, 0xcb, 0x72, 0xfc, 0x61, 0x12, 0x1e, 0x57, 0xa0, 0x6c, 0x0b, 0x95, 0x9a,
+    0xc9, 0x0d, 0xf4, 0x6f, 0x33, 0x5c, 0xa8, 0xff, 0x1c, 0x14, 0xdb, 0xc0, 0x48, 0xb3, 0xe6, 0xec,
+    0x0b, 0x50, 0x63, 0x9c, 0xda, 0x46, 0x25, 0x34, 0xa7, 0x12, 0x1e, 0xe0, 0x54, 0xdb, 0x76, 0x7f,
+    0xdf, 0xad, 0x32, 0x94, 0x44, 0xd0, 0xe2, 0x97, 0x91, 0x30, 0xe7, 0xc3, 0xe0, 0xc6, 0x0a, 0x12,
+    0x1d, 0xf0, 0xa5, 0x67, 0xad, 0xca, 0x6f, 0x5c, 0x2a, 0x36, 0x22, 0xe3, 0xfc, 0xae, 0x9a, 0x81,
+    0x98, 0x17, 0xdf, 0xb1, 0x55, 0xe4, 0x3b, 0xc2, 0x24, 0x3c, 0xae, 0x83, 0xd8, 0x16, 0xe9, 0xf7,
+    0x5a, 0x4a, 0x48, 0x42, 0xbc, 0xfe, 0xb6, 0x09, 0x9f, 0x3a, 0x6b, 0xa3, 0xc4, 0x7e, 0x79, 0x64,
+    0x51, 0x1a, 0x2b, 0xde, 0x66, 0xb8, 0x93, 0x3d, 0x38, 0x28, 0x75, 0x43, 0x90, 0xa5, 0x0f, 0x1b,
+    0x93, 0x47, 0xbc, 0x2d, 0x8f, 0xa2, 0x1e, 0xf6, 0x83, 0x2e, 0xb0, 0x63, 0x8c, 0xcd, 0x9f, 0x88,
+    0x16, 0xa0, 0xc6, 0xfb, 0x77, 0x8c, 0x4a, 0x68, 0x8d, 0x24, 0x3c, 0x03, 0xa8, 0x75, 0xec, 0xfe,
+    0xd4, 0xfd, 0x51, 0x08, 0x9e, 0x96, 0xc7, 0xa3, 0x36, 0x22, 0xf9, 0x23, 0xb4, 0x1d, 0x7c, 0x6d,
+    0x7d, 0x99, 0x64, 0xeb, 0x88, 0x63, 0x07, 0xed, 0xe1, 0x60, 0x0d, 0x45, 0x03, 0x4f, 0x14, 0x24,
+    0xbf, 0xc4, 0xf3, 0x18, 0x61, 0x79, 0x8a, 0x26, 0x5a, 0x66, 0xc8, 0x65, 0x1f, 0x27, 0x84, 0xb7,
+    0x3a, 0x23, 0x89, 0xce, 0x99, 0x57, 0xde, 0xb8, 0x54, 0x6c, 0x44, 0x05, 0x3b, 0x9f, 0xf7, 0xc1,
+    0xf8, 0x7e, 0x1e, 0x3d, 0x70, 0x4d, 0x53, 0x73, 0xef, 0x6a, 0x81, 0x25, 0x27, 0xf7, 0x67, 0x52,
+    0xf3, 0x2e, 0x7d, 0xa1, 0xaa, 0x0b, 0x76, 0x47, 0x48, 0x78, 0x9f, 0xc5, 0x73, 0x2c, 0x11, 0x2d,
+    0x31, 0x73, 0xea, 0x52, 0x43, 0x11, 0xfb, 0x8c, 0xf3, 0x7e, 0x5a, 0xe5, 0x6f, 0x44, 0x81, 0xbe,
+    0xb4, 0x94, 0x90, 0x84, 0xbb, 0x3f, 0xaf, 0x12, 0xfd, 0x74, 0xd6, 0x85, 0x4b, 0xfc, 0xf2, 0xc8,
+    0x76, 0xc9, 0x07, 0x77, 0x52, 0x25, 0x22, 0xd9, 0x46, 0x72, 0x13, 0xa5, 0x57, 0x94, 0x62, 0x5b,
+    0xa2, 0x34, 0x56, 0x7f, 0xcc, 0xb3, 0xe5, 0x7a, 0x70, 0x50, 0xea, 0x86, 0xe3, 0x89, 0x1e, 0x36,
+    0x60, 0x69, 0xc1, 0x8c, 0x25, 0xa9, 0x68, 0xb1, 0xcb, 0x56, 0x2f, 0xa6, 0xff, 0xe1, 0x8e, 0xa5,
+    0xe5, 0x8e, 0xbb, 0x5a, 0xdd, 0x87, 0x3c, 0x2f, 0xc5, 0x5c, 0xa3, 0xc6, 0xdb, 0x59, 0xfd, 0xd3,
+    0x27, 0xd3, 0x2c, 0xa9, 0x34, 0x9d, 0xb1, 0xe4, 0x7e, 0x5a, 0x66, 0xe6, 0xc7, 0x31, 0x6d, 0x40,
+    0x2c, 0x83, 0x4f, 0x35, 0xee, 0xdb, 0x94, 0xd0, 0xd9, 0x48, 0x78, 0x06, 0x93, 0xea, 0x1b, 0x3f,
+    0xee, 0xde, 0xd8, 0xc6, 0x07, 0xc1, 0x19, 0x1b, 0x62, 0x4e, 0xbd, 0x26, 0x8f, 0x82, 0x8b, 0xac,
+    0x6b, 0x39, 0xa2, 0x10, 0xff, 0xef, 0x4d, 0x85, 0x6c, 0x44, 0x31, 0x46, 0xab, 0x3a, 0xf8, 0xda,
+    0xa9, 0x64, 0x35, 0xe3, 0x16, 0xf5, 0xc0, 0x4e, 0xd7, 0x42, 0xf4, 0x66, 0xb7, 0x52, 0x68, 0x49,
+    0xfa, 0xf1, 0xc8, 0x15, 0xd3, 0xc6, 0x0e, 0x19, 0x01, 0xc0, 0x1a, 0x8a, 0x06, 0x9e, 0x28, 0x48,
+    0x38, 0xac, 0x5f, 0xe6, 0x3a, 0xdc, 0x83, 0xd2, 0xba, 0xc6, 0xdf, 0xaa, 0x1a, 0xf6, 0xb8, 0xdb,
+    0xbd, 0x4b, 0x25, 0x30, 0xc2, 0xf2, 0xd7, 0x4c, 0xb4, 0xcc, 0x53, 0xca, 0x3e, 0x4e, 0xcb, 0xad,
+    0x7f, 0x16, 0xb2, 0xc3, 0x2b, 0xe8, 0x5a, 0x87, 0x0f, 0xca, 0x96, 0xea, 0x22, 0x26, 0x5b, 0x3e,
+    0x74, 0x46, 0xd1, 0x5f, 0xf1, 0xae, 0x7f, 0xb3, 0xa8, 0xd8, 0x88, 0x0a, 0x76, 0xfd, 0x2d, 0x41,
+    0xb6, 0x1b, 0x46, 0xac, 0x18, 0xb4, 0xf2, 0x78, 0x13, 0xde, 0x4d, 0x2a, 0x6a, 0x95, 0xbd, 0xd2,
+    0x33, 0xfc, 0x3c, 0x7a, 0xe0, 0x9a, 0xa6, 0xe6, 0x1d, 0xd4, 0xc1, 0x4a, 0x4e, 0x2d, 0xce, 0xa4,
+    0xf1, 0xa1, 0xab, 0x89, 0x09, 0x80, 0x2b, 0x2d, 0xa6, 0xd2, 0x04, 0x6a, 0x52, 0x45, 0x5e, 0x37,
+    0x25, 0x5c, 0xfa, 0x81, 0x97, 0x16, 0xec, 0x8e, 0x90, 0xf0, 0xfd, 0x49, 0xe6, 0x58, 0x22, 0x5a,
+    0xe7, 0x01, 0x6d, 0x72, 0x7e, 0x0c, 0x61, 0x45, 0x2b, 0xf6, 0x38, 0x69, 0xfa, 0x30, 0xb2, 0xc9,
+    0x62, 0xe6, 0x17, 0xa4, 0x86, 0x22, 0x35, 0xdb, 0x25, 0xfc, 0xb4, 0x09, 0xde, 0x88, 0xc1, 0xbf,
+    0xa0, 0xbb, 0x80, 0x57, 0x6f, 0x38, 0xb8, 0x10, 0x9e, 0xfa, 0x71, 0x29, 0xc2, 0xe0, 0x51, 0x2c,
+    0xab, 0xeb, 0xe3, 0xcb, 0xb5, 0x7e, 0x9d, 0x24, 0x39, 0xe8, 0x6f, 0xc9, 0x96, 0x3b, 0x27, 0x53,
+    0x69, 0xb6, 0x74, 0x38, 0x5c, 0x64, 0x10, 0xef, 0x82, 0xee, 0xaa, 0xe9, 0x8a, 0x53, 0xb7, 0xc0,
+    0xec, 0x51, 0x0e, 0xee, 0xa4, 0x4a, 0x44, 0x71, 0x8c, 0xe4, 0x26, 0x89, 0xae, 0xeb, 0xc4, 0xb6,
+    0x2e, 0x0c, 0x99, 0x1d, 0x4d, 0x50, 0xc9, 0xba, 0x37, 0xe2, 0xe3, 0xa9, 0xb2, 0x83, 0x54, 0x25,
+    0x87, 0x68, 0xac, 0xfe, 0x5b, 0xa5, 0x09, 0xf4, 0xe0, 0xa0, 0x17, 0xcf, 0x05, 0xd1, 0x3c, 0x6c,
+    0x45, 0x35, 0x3b, 0x0d, 0xb2, 0xbf, 0x84, 0x3f, 0x5b, 0xa6, 0xd2, 0xef, 0x19, 0xb9, 0xac, 0xff,
+    0xc0, 0xd2, 0x41, 0xdb, 0x4a, 0x91, 0xd0, 0xa1, 0x55, 0xac, 0x5e, 0x8f, 0x3d, 0x01, 0xdf, 0x89,
+    0x02, 0x8f, 0xd6, 0x28, 0xa3, 0x8b, 0x5d, 0x6a, 0xee, 0xaa, 0x9b, 0xaf, 0x21, 0x69, 0x4f, 0x1a,
+    0x09, 0xdf, 0xb5, 0xb4, 0x79, 0xcd, 0x78, 0x5e, 0x49, 0xb8, 0x85, 0x4f, 0x75, 0xb2, 0x39, 0x65,
+    0xcb, 0x82, 0x22, 0x47, 0x90, 0xd7, 0xf5, 0x95, 0xf2, 0xbe, 0x40, 0x6f, 0x69, 0xda, 0xa9, 0xf6,
+    0x4e, 0x65, 0x58, 0x91, 0x68, 0xf9, 0xa1, 0x0b, 0xfc, 0xb4, 0xcc, 0x0f, 0x4d, 0x62, 0xda, 0x80,
+    0x8c, 0x38, 0xcf, 0x62, 0x81, 0xe3, 0x2c, 0xc0, 0x47, 0xb2, 0x09, 0x2f, 0x51, 0x0a, 0x4a, 0x13,
+    0x58, 0xc5, 0x9e, 0x6a, 0x1f, 0x75, 0xeb, 0x63, 0x71, 0x90, 0xf0, 0x0c, 0xe5, 0x17, 0x36, 0x7e,
+    0x9a, 0x98, 0x09, 0x99, 0xf6, 0x6f, 0x66, 0xa8, 0xca, 0x96, 0x35, 0x2c, 0xf9, 0x7f, 0xa6, 0xed,
+    0x1f, 0x7f, 0x73, 0x4f, 0x0e, 0x41, 0x32, 0x36, 0xc4, 0x9c, 0xb9, 0x4c, 0xdd, 0xc7, 0xd5, 0x9b,
+    0xdd, 0x22, 0xe4, 0xbc, 0xe7, 0x5b, 0xbf, 0xfd, 0x7f, 0x9a, 0x7c, 0x6c, 0xc1, 0xaf, 0x45, 0x08,
+    0xd6, 0x72, 0x87, 0x20, 0x3d, 0x1d, 0x9a, 0xc9, 0xd8, 0x88, 0x62, 0x8c, 0x95, 0x74, 0x33, 0x77,
+    0x14, 0x2f, 0x10, 0xd3, 0xd4, 0x07, 0x17, 0x02, 0x63, 0x8e, 0xa7, 0xac, 0x89, 0x1c, 0xa3, 0xe4,
+    0x91, 0xc8, 0x6a, 0x05, 0x2c, 0x29, 0x43, 0x9c, 0x6d, 0x84, 0x2b, 0xcc, 0xad, 0xa4, 0xd0, 0x92,
+    0x53, 0x95, 0xfd, 0xf6, 0xc5, 0x33, 0xce, 0x57, 0xd6, 0x82, 0xee, 0xec, 0xb1, 0xcc, 0x40, 0x01,
+    0x37, 0x21, 0x53, 0x2a, 0x65, 0x4f, 0x1c, 0x32, 0x02, 0x43, 0x34, 0xd7, 0x0c, 0xff, 0x50, 0x90,
+    0xf5, 0x7c, 0xc4, 0xd9, 0x8c, 0x55, 0x91, 0xf9, 0xb9, 0x45, 0xf1, 0xf7, 0x10, 0x97, 0xc0, 0x03,
+    0x70, 0x9b, 0xbe, 0x0f, 0x74, 0x7b, 0xc5, 0x67, 0xb7, 0x4f, 0x7d, 0x97, 0x34, 0x2f, 0xb3, 0x75,
+    0xb2, 0xc6, 0x29, 0xfc, 0x9d, 0x61, 0x48, 0xac, 0x0c, 0x49, 0xb8, 0xb7, 0x28, 0x47, 0x23, 0xe6,
+    0xb9, 0x96, 0x4a, 0x60, 0x47, 0x27, 0x6d, 0x98, 0xab, 0x5b, 0xa6, 0x57, 0x7c, 0x9c, 0x55, 0x99,
+    0x7b, 0xcb, 0xdd, 0x93, 0xae, 0x3d, 0xe0, 0x53, 0x10, 0x5d, 0x63, 0x77, 0x60, 0xf4, 0xc5, 0x0a,
+    0xfe, 0x2c, 0xa7, 0x45, 0x56, 0x13, 0xb4, 0xcd, 0x1e, 0x57, 0xef, 0x17, 0x44, 0x4c, 0xb6, 0x7c,
+    0x3c, 0x71, 0x30, 0xb6, 0xbf, 0x09, 0x39, 0x06, 0xa5, 0x51, 0x2a, 0x37, 0x58, 0x24, 0x26, 0xef,
+    0xe8, 0x8c, 0x61, 0xbe, 0x21, 0x9f, 0xfe, 0xa5, 0x93, 0x73, 0xd3, 0x14, 0xec, 0x39, 0x5a, 0x82,
+    0x2a, 0xd1, 0xf6, 0x4d, 0xc8, 0x85, 0x73, 0x6e, 0x28, 0x75, 0x16, 0x34, 0xf0, 0x51, 0xca, 0x11,
+    0xaf, 0x36, 0x8c, 0x9b, 0x30, 0xab, 0x27, 0xf0, 0x26, 0x7f, 0x9a, 0x54, 0xd4, 0xe9, 0xb9, 0x67,
+    0x6d, 0x6b, 0x1b, 0x68, 0xd9, 0xb1, 0xaa, 0x3b, 0x9d, 0x79, 0x5f, 0x74, 0xc8, 0x81, 0x29, 0xf4,
+    0x66, 0x3b, 0x78, 0xf4, 0x03, 0xf7, 0x8f, 0x0f, 0x3a, 0x6b, 0x41, 0x94, 0x9c, 0x5a, 0x5f, 0x8b,
+    0xa4, 0x66, 0xef, 0x07, 0xea, 0xed, 0x02, 0xc4, 0x81, 0x6d, 0x84, 0xb4, 0x80, 0x32, 0xcf, 0x18,
+    0x21, 0x81, 0x95, 0xd1, 0x12, 0xc3, 0x56, 0x5a, 0x8f, 0x67, 0x08, 0xd4, 0xa4, 0x8a, 0xbc, 0x6e,
+    0xe3, 0xdc, 0x02, 0x22, 0xfb, 0xd9, 0xdb, 0x91, 0x34, 0x61, 0xcd, 0xf4, 0xb8, 0xe2, 0x2c, 0xfd,
+    0x4a, 0xb8, 0x37, 0xc1, 0xed, 0x2c, 0x1b, 0xdf, 0xe3, 0x23, 0x39, 0x92, 0x0f, 0xb0, 0x44, 0xb4,
+    0x88, 0xe5, 0xa0, 0x32, 0x04, 0x36, 0x96, 0x14, 0x58, 0x25, 0xfc, 0xb2, 0x13, 0xd8, 0xd4, 0x27,
+    0x0d, 0x02, 0xda, 0xe4, 0xfc, 0x18, 0xc2, 0x8a, 0x56, 0x2f, 0x70, 0xd2, 0x37, 0x60, 0xa7, 0x51,
+    0xcf, 0x5f, 0x4d, 0x17, 0x15, 0x02, 0x4f, 0x41, 0xed, 0x29, 0xb5, 0xf2, 0x2b, 0x08, 0x37, 0xc2,
+    0xc4, 0x0f, 0x2e, 0x8b, 0xcf, 0x44, 0x6a, 0x75, 0x4a, 0x3b, 0xab, 0x12, 0x7f, 0xd3, 0x41, 0xbd,
+    0x06, 0x52, 0xb9, 0x78, 0x26, 0x5e, 0xe7, 0xbe, 0xf1, 0x3d, 0x6e, 0x32, 0x63, 0xbb, 0xd1, 0x2e,
+    0x83, 0xb5, 0xc3, 0xae, 0xde, 0x70, 0xb3, 0x20, 0xff, 0x37, 0xe2, 0x52, 0x47, 0x03, 0xa2, 0x58,
+    0x41, 0xe8, 0x54, 0x5d, 0x37, 0x6a, 0x3e, 0xeb, 0x44, 0x31, 0x27, 0x72, 0x5b, 0x6b, 0x32, 0xcb,
+    0x95, 0x15, 0x05, 0x55, 0xa9, 0xfc, 0xf9, 0x48, 0x72, 0x13, 0xde, 0x51, 0xef, 0x76, 0x4e, 0xa6,
+    0x57, 0x48, 0x92, 0xa6, 0x40, 0xe6, 0x74, 0x83, 0xc9, 0x15, 0x1b, 0x71, 0xf3, 0x1e, 0xde, 0x35,
+    0xd2, 0xaf, 0xe8, 0x70, 0xb8, 0xc8, 0x20, 0x1d, 0xc7, 0x1f, 0x97, 0x11, 0xd7, 0xa6, 0xad, 0x43,
+    0x10, 0xf2, 0x7f, 0x83, 0x51, 0xd2, 0xad, 0xd6, 0x7c, 0x19, 0x52, 0x31, 0xcb, 0xce, 0x3d, 0xd0,
+    0x1b, 0xa2, 0x1c, 0x1f, 0x8b, 0x94, 0x88, 0xe2, 0xdb, 0x0b, 0x4c, 0xd1, 0x9f, 0x15, 0x4b, 0xaf,
+    0xd9, 0xff, 0x8b, 0xec, 0x62, 0x8e, 0x05, 0x29, 0x60, 0x0d, 0x89, 0xf1, 0x83, 0x7d, 0xdb, 0x3c,
+    0x5c, 0x18, 0xf1, 0x3a, 0x9a, 0xa0, 0x51, 0xb7, 0x6e, 0x07, 0x05, 0x91, 0xa7, 0xc5, 0xa8, 0x4a,
+    0x9e, 0x45, 0x66, 0xc9, 0x73, 0xba, 0xdc, 0x7c, 0xd5, 0x01, 0xc0, 0xb1, 0xbb, 0xad, 0x38, 0xd9,
+    0xcd, 0xd0, 0x9b, 0x3f, 0xb6, 0x89, 0x12, 0x2b, 0x03, 0x83, 0x2e, 0x5d, 0x0a, 0x61, 0x78, 0xd8,
+    0x0f, 0x8d, 0x0c, 0xcc, 0x5f, 0x93, 0x9f, 0xe0, 0xb8, 0x85, 0xeb, 0x7d, 0x16, 0x09, 0xe8, 0x4b,
+    0x8a, 0x6a, 0x76, 0x1a, 0xa7, 0xbd, 0xcb, 0x7e, 0xb6, 0x8f, 0x67, 0x1d, 0x32, 0xb1, 0x9b, 0x3d,
+    0x48, 0x37, 0xe1, 0xe9, 0x4e, 0xa7, 0x46, 0xb5, 0x0d, 0x89, 0xa2, 0x3d, 0x2e, 0xd9, 0x0b, 0xae,
+    0x43, 0x67, 0x82, 0x75, 0x94, 0xe1, 0x63, 0x81, 0xaa, 0x9b, 0xbc, 0xdd, 0x7a, 0x02, 0x7d, 0xd1,
+    0x81, 0x3a, 0x15, 0x86, 0x7d, 0xfb, 0xee, 0x4a, 0x11, 0x9d, 0x79, 0xfd, 0x66, 0x6a, 0xed, 0x42,
+    0x04, 0xdd, 0x6f, 0x50, 0x85, 0xd5, 0xba, 0xd4, 0x1f, 0x97, 0xf5, 0x9d, 0x42, 0xd2, 0x9e, 0x34,
+    0xc6, 0x80, 0xf8, 0xa3, 0x6c, 0xcf, 0x37, 0x1f, 0xa4, 0x91, 0x30, 0xbd, 0x5e, 0xba, 0x0e, 0xa7,
+    0x12, 0x7d, 0xa9, 0xab, 0xf2, 0x59, 0xf0, 0xbc, 0x92, 0xb3, 0xc9, 0x9e, 0xea, 0xa7, 0x72, 0xca,
+    0xd0, 0x20, 0x3e, 0x58, 0x1b, 0x43, 0x7d, 0x77, 0x29, 0xb5, 0x0c, 0xbe, 0xf6, 0xcf, 0xe2, 0x59,
+    0x55, 0xc7, 0x44, 0x8e, 0xe3, 0x6d, 0x29, 0xe9, 0x27, 0xbf, 0x80, 0xde, 0xd2, 0x77, 0x91, 0x2f,
+    0x97, 0x9a, 0xd3, 0x7d, 0x0a, 0x77, 0xa4, 0x22, 0x9c, 0xb9, 0x45, 0xfe, 0xce, 0x1f, 0x01, 0xbc,
+    0x9c, 0xca, 0xb0, 0xe1, 0xd0, 0x31, 0x81, 0x16, 0x3b, 0xab, 0x5b, 0x1e, 0x9a, 0xc4, 0x77, 0xc3,
+    0x5e, 0x97, 0x27, 0x12, 0x39, 0x2b, 0x0c, 0xdd, 0x80, 0xad, 0x9e, 0x3e, 0x86, 0xac, 0xe7, 0x50,
+    0xdb, 0x70, 0x5d, 0xc4, 0xc1, 0x05, 0x58, 0x43, 0x8e, 0xa7, 0x12, 0x5e, 0xa2, 0x14, 0x94, 0x26,
+    0x19, 0x2d, 0xca, 0x37, 0x28, 0x1f, 0xd5, 0x88, 0x35, 0xa1, 0xd7, 0x7e, 0xbe, 0x7c, 0x04, 0xb5,
+    0xb0, 0x49, 0xff, 0xd4, 0x3e, 0xea, 0x15, 0xc6, 0xe2, 0xe3, 0x23, 0x18, 0x09, 0x2e, 0x6c, 0xfc,
+    0x72, 0x14, 0x68, 0x27, 0xd7, 0xf0, 0x98, 0x0d, 0x59, 0xe5, 0xe6, 0x38, 0x15, 0x46, 0xfc, 0x6f,
+    0xf7, 0xf3, 0x12, 0xf1, 0x2f, 0xde, 0xcc, 0x93, 0x57, 0xef, 0x6a, 0x58, 0x31, 0xfe, 0x8f, 0x19,
+    0x35, 0xae, 0x85, 0x02, 0xc6, 0xc4, 0x41, 0x58, 0xec, 0xe9, 0xaf, 0x78, 0x2d, 0x96, 0x1f, 0x8a,
+    0x3e, 0xfe, 0xe6, 0x9e, 0x1c, 0x82, 0x64, 0x6c, 0x4b, 0xfb, 0xb1, 0x98, 0x79, 0x4d, 0x69, 0xf5,
+    0xfc, 0xa3, 0x71, 0x6d, 0xf5, 0x98, 0xe9, 0xa7, 0xf0, 0xfd, 0x74, 0xb8, 0x65, 0x25, 0xf9, 0x66,
+    0x79, 0x44, 0x0b, 0xbb, 0x0d, 0xb6, 0xbd, 0x39, 0xfe, 0xf7, 0xf8, 0xd8, 0x41, 0x9d, 0x8a, 0x10,
+    0xbb, 0x19, 0x9c, 0x48, 0xe4, 0xac, 0x30, 0xf2, 0x45, 0xf1, 0x3d, 0xf8, 0x5d, 0xf5, 0x1a, 0x83,
+    0x6f, 0xe4, 0xcd, 0x40, 0x7a, 0x3a, 0xf7, 0x51, 0x73, 0xd3, 0xc4, 0xdb, 0xe9, 0xe8, 0x66, 0xee,
+    0xad, 0xb9, 0x5a, 0xb3, 0x93, 0x20, 0x7a, 0x9a, 0xc8, 0xd5, 0x01, 0xfb, 0xf5, 0x80, 0xf6, 0x7d,
+    0x28, 0x5e, 0x20, 0x65, 0x6b, 0x0e, 0x2e, 0x04, 0xc6, 0xdf, 0x8d, 0x9b, 0xd1, 0x38, 0x85, 0x0b,
+    0xea, 0x03, 0xb7, 0x96, 0x82, 0x14, 0xa3, 0xcf, 0x7d, 0xd9, 0x48, 0xbb, 0xcd, 0x50, 0x15, 0x98,
+    0xe1, 0x53, 0xd4, 0x0a, 0x58, 0x52, 0x86, 0xfb, 0xda, 0xcb, 0x56, 0x5b, 0x99, 0x8b, 0x63, 0xe7,
+    0x23, 0x0e, 0x43, 0xf9, 0xb1, 0x48, 0x0b, 0x30, 0x61, 0xcd, 0x93, 0x7b, 0x85, 0xe3, 0xf3, 0x74,
+    0xa6, 0xe9, 0x39, 0x2f, 0x49, 0x66, 0x5f, 0xae, 0x6f, 0xc7, 0x1f, 0x1b, 0xa1, 0x5b, 0x80, 0x02,
+    0x64, 0xb4, 0xae, 0xdc, 0xa0, 0x7c, 0xd2, 0x65, 0xd4, 0xc1, 0xda, 0x3b, 0xbd, 0x33, 0x10, 0x91,
+    0x6e, 0x42, 0xa6, 0x54, 0xca, 0x9e, 0x38, 0x64, 0x04, 0x86, 0x68, 0x6d, 0x18, 0x3d, 0xa0, 0xe3,
+    0xac, 0x1f, 0x31, 0xa7, 0x23, 0x84, 0xb5, 0xaf, 0xbf, 0x80, 0xad, 0x4d, 0x04, 0x55, 0x30, 0x70,
+    0x29, 0xf8, 0x4b, 0x71, 0xdb, 0xaa, 0xe1, 0x31, 0xb1, 0x8a, 0x21, 0x2d, 0x20, 0xed, 0x43, 0x06,
+    0xeb, 0xa5, 0xdc, 0x82, 0x32, 0xb0, 0x6c, 0xfa, 0x0a, 0x8c, 0xe4, 0x0d, 0x3c, 0x85, 0xd3, 0x95,
+    0xe0, 0xf5, 0xbf, 0x1e, 0xe8, 0xf6, 0x49, 0xce, 0xad, 0x9e, 0xfa, 0xed, 0x68, 0x5e, 0xa5, 0xea,
+    0x22, 0xa8, 0x28, 0xed, 0x01, 0xec, 0xc4, 0x05, 0x16, 0x98, 0x3f, 0xcd, 0x74, 0x36, 0x35, 0x79,
+    0xa7, 0x4f, 0x52, 0x3b, 0xf9, 0xc2, 0x90, 0x9b, 0x18, 0x92, 0xb3, 0xad, 0x50, 0x8e, 0x46, 0x0f,
+    0x65, 0x12, 0xc5, 0xc8, 0x10, 0xd8, 0x1d, 0x50, 0xa3, 0x94, 0x76, 0x8d, 0x4c, 0xe6, 0xd6, 0x9c,
+    0xb1, 0xef, 0x94, 0xc0, 0x8e, 0x4e, 0xda, 0xf3, 0x95, 0xb6, 0x8f, 0xae, 0xf8, 0xfb, 0xaa, 0xf1,
+    0x73, 0xb2, 0x03, 0x33, 0x67, 0x54, 0x57, 0x38, 0x2e, 0xb0, 0x4a, 0x8e, 0xe4, 0x93, 0x3a, 0x62,
+    0xf6, 0x55, 0x79, 0xe5, 0x9f, 0x7a, 0x03, 0xa6, 0x20, 0xba, 0xc6, 0xee, 0xc0, 0x2b, 0x49, 0x14,
+    0x34, 0x08, 0xee, 0x16, 0x76, 0x60, 0x8e, 0x6d, 0x9b, 0xbc, 0x03, 0xce, 0xdc, 0x43, 0xd9, 0x87,
+    0x3f, 0x58, 0x8d, 0x8a, 0xac, 0x26, 0xab, 0x59, 0x3c, 0xae, 0x1d, 0x2e, 0x88, 0x98, 0xaf, 0xf8,
+    0xfd, 0x05, 0x1a, 0x79, 0x45, 0x3c, 0x26, 0x92, 0x87, 0xa8, 0xd8, 0x0e, 0x94, 0xf0, 0x3f, 0x6b,
+    0x78, 0xe2, 0x60, 0xaf, 0xbd, 0x12, 0x72, 0x0c, 0x89, 0xa2, 0x54, 0x6e, 0xb0, 0x48, 0x4c, 0x1d,
+    0xba, 0xbf, 0xf7, 0x5c, 0x54, 0x08, 0xff, 0xc7, 0x32, 0xa4, 0x91, 0x4e, 0xac, 0x20, 0xdc, 0x8e,
+    0x13, 0xdb, 0xc2, 0xbf, 0x42, 0xfd, 0x3f, 0x89, 0xe5, 0xe6, 0x65, 0x28, 0x1b, 0x72, 0xb4, 0xc7,
+    0xd1, 0x86, 0x55, 0x4c, 0xab, 0xe7, 0xb2, 0x42, 0x5e, 0xe0, 0xa0, 0x08, 0x07, 0x1a, 0x24, 0x54,
+    0x54, 0x61, 0x2f, 0x9a, 0x53, 0xc9, 0xe6, 0xdc, 0x50, 0xea, 0x2c, 0x68, 0x23, 0xa2, 0x57, 0x22,
+    0x96, 0x3c, 0xb8, 0x69, 0xba, 0xd3, 0x6b, 0x17, 0xeb, 0xec, 0xe9, 0x48, 0x3f, 0xca, 0xc7, 0xb1,
+    0x9d, 0x6c, 0xdb, 0xf5, 0x60, 0x95, 0x4e, 0x23, 0x4c, 0xfe, 0xf7, 0xa8, 0x6b, 0x11, 0xb1, 0xce,
+    0x5f, 0x31, 0x4c, 0x06, 0x89, 0x8f, 0xc3, 0xe8, 0xf7, 0xf8, 0x32, 0x88, 0x77, 0x79, 0x21, 0x5d,
+    0xda, 0xd6, 0x36, 0xd0, 0x71, 0xa1, 0x97, 0x76, 0xf9, 0xf2, 0xbe, 0xe8, 0x53, 0xc1, 0x52, 0x2b,
+    0x18, 0x8b, 0xa1, 0x23, 0x98, 0xbb, 0x1a, 0xbd, 0x42, 0xf4, 0x7b, 0xc8, 0x4f, 0xa9, 0xc2, 0xb8,
+    0xcc, 0x76, 0xf0, 0x2b, 0x06, 0x2d, 0xdd, 0x1e, 0x74, 0xd6, 0x82, 0xeb, 0xfb, 0xb4, 0xbe, 0xd5,
+    0x0e, 0x2b, 0x67, 0xd8, 0xef, 0x37, 0x50, 0xd5, 0xcf, 0xd0, 0x47, 0xcb, 0xe7, 0xdc, 0x2e, 0x46,
+    0x8b, 0xcc, 0x1d, 0x0e, 0x17, 0x19, 0x04, 0x4b, 0xc1, 0xda, 0xcb, 0xab, 0xc3, 0x64, 0x5d, 0x30,
+    0x49, 0x91, 0x8a, 0xfd, 0xfe, 0x03, 0x89, 0x80, 0x7a, 0xdc, 0x0e, 0x8b, 0xdf, 0x0c, 0xcd, 0xa3,
+    0x42, 0xc1, 0xe9, 0x61, 0x24, 0x45, 0xac, 0xb4, 0xdd, 0xce, 0x10, 0x6b, 0x8b, 0xd7, 0xbb, 0xdc,
+    0x80, 0x9c, 0x7e, 0x92, 0xcd, 0x5f, 0x21, 0x7f, 0x66, 0xc8, 0xd5, 0x4b, 0x97, 0xbf, 0x2b, 0x4f,
+    0x05, 0x7b, 0x04, 0x44, 0x35, 0x71, 0x75, 0xe1, 0x68, 0xc2, 0x59, 0x2b, 0xb3, 0x07, 0x58, 0x39,
+    0xc7, 0x26, 0x93, 0xb7, 0xdc, 0x6b, 0xf8, 0x2a, 0xd3, 0xc4, 0x9c, 0x0b, 0xaf, 0x6f, 0xc8, 0xaa,
+    0x94, 0xb3, 0x6e, 0x41, 0x19, 0x58, 0x36, 0x7d, 0x05, 0x46, 0x72, 0xe7, 0x1e, 0xa3, 0x88, 0xab,
+    0x56, 0xee, 0xf9, 0xb2, 0xf0, 0x42, 0xbb, 0xb6, 0xbe, 0x40, 0xb7, 0xc7, 0x02, 0xcb, 0x18, 0x38,
+    0xd3, 0x09, 0x83, 0x64, 0x08, 0x6c, 0xef, 0x28, 0xb0, 0x4a, 0x3b, 0xa7, 0x26, 0x73, 0x6b, 0x4e,
+    0x11, 0x54, 0x14, 0x97, 0xe1, 0x76, 0x62, 0xe3, 0x0b, 0x4c, 0xfe, 0x87, 0x3a, 0x1b, 0xfb, 0xdd,
+    0x1a, 0x04, 0x77, 0x0b, 0x3b, 0x30, 0x47, 0xd7, 0xac, 0x5e, 0xe0, 0x67, 0x6e, 0xc0, 0x8d, 0xa2,
+    0xd8, 0x59, 0xe0, 0xf8, 0xd2, 0x2a, 0xca, 0x1c, 0x17, 0x58, 0x25, 0x47, 0x72, 0xa8, 0x1d, 0x31,
+    0x5d, 0xbe, 0x9a, 0x2e, 0x2a, 0x04, 0x9e, 0x82, 0x19, 0x52, 0xa9, 0x27, 0x56, 0x10, 0x6e, 0x47,
+    0x9f, 0xe3, 0x0d, 0xdd, 0xc3, 0x1e, 0x13, 0x49, 0xa2, 0x54, 0x6c, 0x07, 0x4a, 0x78, 0xfe, 0xd4,
+    0x4b, 0x1e, 0x5c, 0xd5, 0x5d, 0x88, 0xd4, 0xea, 0x94, 0x76, 0x95, 0x24, 0xfe, 0x65, 0x82, 0xb9,
+    0x89, 0x43, 0xcb, 0x26, 0xb4, 0x92, 0x59, 0x21, 0x2f, 0x70, 0x50, 0x04, 0xe2, 0x0d, 0x12, 0x2a,
+    0x0c, 0xa4, 0xb1, 0xf0, 0x4c, 0xbc, 0x0d, 0xbf, 0x21, 0x7a, 0xdc, 0x64, 0xc6, 0xb5, 0x61, 0x5c,
+    0xce, 0xf9, 0x26, 0x03, 0xa5, 0xa6, 0x80, 0x74, 0x9a, 0x7c, 0x19, 0x44, 0xda, 0xdd, 0xf1, 0xcf,
+    0xc5, 0xa9, 0x45, 0x9f, 0x7f, 0xe0, 0xa5, 0x40, 0x3d, 0x6e, 0x07, 0xa4, 0x8e, 0x06, 0x87, 0xb0,
+    0x07, 0xf4, 0xd2, 0x6c, 0x96, 0xfa, 0x28, 0x8b, 0x86, 0x68, 0xc2, 0x84, 0x92, 0x6e, 0x17, 0x23,
+    0x82, 0x13, 0xa8, 0xba, 0x6e, 0xd4, 0x7c, 0x15, 0x88, 0x62, 0x4e, 0xe4, 0xb6, 0xd6, 0x64, 0x55,
+    0x40, 0x4e, 0x3f, 0x49, 0x87, 0xce, 0xf1, 0xde, 0x33, 0x64, 0x8b, 0xc4, 0xaa, 0xbe, 0xf4, 0xc6,
+    0xe9, 0x2a, 0x0a, 0xaa, 0x91, 0x3b, 0x31, 0x90, 0xe4, 0x26, 0x7f, 0xa2, 0x1d, 0xec, 0x9c, 0x8f,
+    0x2b, 0x77, 0x9d, 0x59, 0x78, 0x21, 0xbc, 0x5b, 0x5f, 0x20, 0xba, 0x82, 0x01, 0x84, 0x0c, 0x1c,
+    0xae, 0x90, 0xe7, 0x8f, 0x80, 0x0f, 0xe8, 0xc5, 0x51, 0x2a, 0x36, 0xe2, 0x25, 0x3c, 0x7f, 0x6a,
+    0x6c, 0xcd, 0x70, 0x7c, 0x69, 0x15, 0x65, 0x0e, 0xea, 0x2c, 0xf3, 0xc2, 0x39, 0x54, 0xef, 0xf9,
+    0x67, 0x9d, 0x13, 0xe0, 0xb3, 0x53, 0x40, 0x3a, 0x4d, 0x3e, 0xed, 0x22, 0x6d, 0x8f, 0x99, 0x86,
+    0xa5, 0xc0, 0x84, 0x13, 0x5a, 0x49, 0xcd, 0xf1, 0xf6, 0x38, 0x28, 0x02, 0x71, 0xe7, 0x09, 0x15,
+    0x20, 0x27, 0xfe, 0xc5, 0xa2, 0x67, 0x99, 0x6f, 0xf8, 0x32, 0xa4, 0x62, 0x55, 0x5f, 0x7a, 0x63,
+    0xe2, 0x7a, 0x69, 0x36, 0x4b, 0x7d, 0x14, 0xa4, 0x43, 0x34, 0x61, 0x42, 0x49, 0x37, 0xea, 0xf0,
+    0x36, 0x87, 0x38, 0x3e, 0xd5, 0xeb, 0xd3, 0x07, 0x75, 0x16, 0x98, 0x61, 0xfd, 0x2a, 0x96, 0x9d,
+    0xf4, 0xda, 0xaf, 0xcd, 0x3c, 0xf1, 0x5e, 0xcc, 0xce, 0x10, 0x5d, 0x41, 0xe1, 0x42, 0x06, 0x0e,
+    0x71, 0x3d, 0xd5, 0x1b, 0xc4, 0xdf, 0x0a, 0x52, 0xc0, 0x1a, 0xd1, 0x21, 0xc5, 0xfa, 0x75, 0x78,
+    0xb3, 0x60, 0x42, 0xe8, 0x2d, 0xc5, 0x87, 0x99, 0x7b, 0x1c, 0x14, 0x01, 0xd9, 0x92, 0xe5, 0xeb,
+    0xb8, 0x30, 0x21, 0x74, 0xf7, 0x83, 0xa2, 0xad, 0xdc, 0x0e, 0x0a, 0xe1, 0x8d, 0x49, 0x93, 0x94,
+    0x7a, 0x6d, 0xb6, 0x87, 0x1e, 0x99, 0x2f, 0x66, 0x67, 0x08, 0xcf, 0xc1, 0x91, 0x21, 0x03, 0x07,
+    0xff, 0x8a, 0xcc, 0x51, 0xe6, 0xb7, 0x7b, 0xf8, 0x69, 0x02, 0x43, 0xa1, 0xb5, 0x99, 0x70, 0x71,
+    0x3d, 0xd7, 0x5b, 0xa2, 0x0f, 0xad, 0xf6, 0x33, 0xd2, 0x04, 0x86, 0x81, 0xa9, 0xf1, 0xe0, 0xe2,
+    0x59, 0x63, 0xf5, 0x7e, 0xaf, 0xd1, 0x24, 0x56, 0x06, 0xc5, 0x5c, 0xba, 0x14, 0xc2, 0xf0, 0x73,
+    0x9b, 0x3e, 0x62, 0x8d, 0x46, 0xcb, 0xa9, 0x9d, 0xbd, 0xc3, 0x99, 0x9a, 0x08, 0xaa, 0x60, 0xe0,
+    0x1e, 0xd9, 0x18, 0x5b, 0xbe, 0xe5, 0xfd, 0x03, 0xb3, 0xc9, 0x15, 0xfa, 0x2c, 0x12, 0x13, 0x96,
+    0xdc, 0x84, 0x8f, 0xa8, 0x57, 0xff, 0x70, 0xc8, 0x08, 0xcf, 0xd0, 0xda, 0x30, 0x7a, 0x83, 0x05,
+    0xd7, 0xd4, 0xec, 0x34, 0x8d, 0xb9, 0x55, 0xfc, 0xaf, 0xdd, 0xce, 0x3a, 0x64, 0xa1, 0xf5, 0x7a,
+    0x15, 0x89, 0x7b, 0xc7, 0x64, 0xa3, 0xd8, 0x37, 0x14, 0xdb, 0x0b, 0x1a, 0x78, 0xc9, 0x65, 0xe9,
+    0x90, 0x6e, 0x01, 0x11, 0x9c, 0x8d, 0x8c, 0xa9, 0x1a, 0xd1, 0x87, 0x7a, 0x5c, 0x71, 0x16, 0x9f,
+    0x52, 0x33, 0x96, 0xe2, 0x75, 0x97, 0x01, 0x62, 0xa1, 0xd7, 0x42, 0x5a, 0x40, 0x19, 0x86, 0x0c,
+    0x86, 0xce, 0xc7, 0xea, 0xeb, 0x01, 0xc6, 0xc1, 0x97, 0xf5, 0xbb, 0x79, 0xf4, 0x04, 0xfa, 0x61,
+    0x44, 0x93, 0x50, 0x19, 0x02, 0x1b, 0x4b, 0x0a, 0x2c, 0xf3, 0x7e, 0x59, 0xe8, 0x6c, 0x6a, 0xf2,
+    0xc1, 0x74, 0x2a, 0xcf, 0xfa, 0x35, 0x1f, 0x94, 0x22, 0xf9, 0xf2, 0x39, 0xcc, 0xd4, 0x19, 0x84,
+    0x03, 0x29, 0xbd, 0x3c, 0x13, 0x2f, 0x92, 0x5f, 0x99, 0xff, 0x37, 0x19, 0xd0, 0xbc, 0x89, 0x17,
+    0x08, 0x79, 0xde, 0xa0, 0xc9, 0x69, 0xb7, 0x6b, 0x3e, 0xed, 0x29, 0xf9, 0x84, 0x67, 0xff, 0x68,
+    0xca, 0x24, 0x49, 0x53, 0x20, 0x73, 0x3a, 0xa0, 0x85, 0xeb, 0xec, 0xd9, 0x98, 0x0f, 0x6f, 0xfb,
+    0x4f, 0xc3, 0x33, 0x85, 0xd8, 0x5d, 0x6e, 0x3e, 0x8b, 0xe1, 0x60, 0xb9, 0xbc, 0xb7, 0x1c, 0x8d,
+    0x8d, 0x9e, 0xa4, 0x76, 0x31, 0x47, 0xe3, 0xf5, 0x30, 0xe7, 0xa5, 0x99, 0xa0, 0xdf, 0x8c, 0x1e,
+    0x24, 0xfa, 0x91, 0x95, 0x27, 0xb2, 0x23, 0xbb, 0xe7, 0xa5, 0x51, 0xff, 0x17, 0x8d, 0xe4, 0x57,
+    0xe6, 0xa7, 0x06, 0x66, 0xce, 0xa8, 0xae, 0x70, 0x5c, 0xa3, 0x94, 0xdf, 0x0b, 0xe5, 0x74, 0xc4,
+    0x63, 0x40, 0x7c, 0xb0, 0x36, 0x86, 0xfa, 0xee, 0x52, 0xa9, 0x18, 0xbf, 0x2f, 0x5d, 0x07, 0xb2,
+    0xa1, 0x1d, 0xeb, 0x43, 0xdf, 0x9c, 0x77, 0x25, 0xe9, 0xaf, 0xdd, 0x9f, 0x33, 0x35, 0x97, 0x21,
+    0xaa, 0x4d, 0x88, 0xdf, 0x05, 0xda, 0x52, 0x11, 0x4e, 0xbd, 0xc3, 0x7f, 0x67, 0xee, 0xe1, 0x5e,
+    0x68, 0x10, 0x1f, 0x2c, 0xec, 0xc0, 0xdf, 0xda, 0xf5, 0xbb, 0x06, 0x5f, 0x7b, 0x86, 0x71, 0xcd,
+    0xed, 0xf7, 0x65, 0xfa, 0x14, 0xee, 0x8b, 0x44, 0xfb, 0xb1, 0x8a, 0x3f, 0x5f, 0x3e, 0x02, 0xbb,
+    0x2f, 0xaa, 0xf2, 0x09, 0xfd, 0xf4, 0x06, 0x8f, 0x40, 0xb7, 0x4f, 0x1f, 0x43, 0x56, 0x92, 0x28,
+    0xfb, 0x57, 0xa3, 0x01, 0x63, 0x62, 0xc1, 0x2c, 0x76, 0x95, 0xb6, 0x3c, 0xf7, 0x4b, 0xee, 0x45,
+    0x39, 0x0a, 0x34, 0xf2, 0x8a, 0x78, 0x4c, 0xe7, 0xcd, 0x93, 0x73, 0x1c, 0xeb, 0x23, 0x7e, 0xd6,
+    0xbc, 0xed, 0x4e, 0x24, 0x72, 0x56, 0x18, 0x79, 0xc3, 0x99, 0xff, 0x7c, 0xcf, 0x9b, 0x0d, 0xa0,
+    0x7e, 0xb0, 0xd9, 0xd7, 0x9b, 0x4c, 0x95, 0xb2, 0x78, 0x9f, 0x3a, 0x5c, 0xd3, 0xf3, 0x9d, 0x33,
+    0x75, 0xe0, 0xba, 0x4b, 0x41, 0x0a, 0xb0, 0x86, 0xdf, 0x8d, 0x24, 0xbc, 0x87, 0x28, 0xeb, 0x4c,
+    0xb7, 0xbd, 0x2d, 0xb8, 0xa8, 0x10, 0x3d, 0x4d, 0x64, 0x8b, 0xe1, 0x9c, 0x9b, 0x40, 0x7b, 0xdf,
+    0x32, 0x5a, 0x57, 0x6e, 0x50, 0x3e, 0x69, 0xd3, 0x6a, 0x81, 0x6d, 0xfc, 0xbf, 0xf8, 0x08, 0xa9,
+    0xf0, 0x07, 0xc0, 0x9d, 0xb9, 0x24, 0xe4, 0x18, 0xd1, 0x87, 0xa8, 0xdc, 0xa3, 0x90, 0x98, 0x3a,
+    0xa3, 0x92, 0x3d, 0x6b, 0x7c, 0x17, 0x2a, 0x4f, 0x07, 0x05, 0x46, 0x30, 0x12, 0x5c, 0xd8, 0x3b,
+    0x61, 0xcf, 0xaa, 0x98, 0x95, 0x0d, 0xa7, 0x84, 0xbc, 0x03, 0x83, 0x10, 0x0e, 0x34, 0x48, 0xa8,
+    0xe4, 0x28, 0xd0, 0x4e, 0x6d, 0x23, 0xf3, 0x1a, 0xb2, 0x09, 0x0f, 0x70, 0x2a, 0x8c, 0x3b, 0xde,
+    0x26, 0x75, 0x47, 0xbd, 0x84, 0x39, 0x7e, 0xd1, 0x09, 0x0f, 0xca, 0x50, 0x36, 0xe4, 0xab, 0x4d,
+    0x2d, 0x25, 0x24, 0x21, 0x5e, 0x7f, 0x5b, 0xe5, 0xae, 0x1d, 0xd4, 0xb0, 0x62, 0x3f, 0xdd, 0x32,
+    0xef, 0x78, 0xb3, 0xd2, 0xb7, 0x65, 0xd6, 0x2e, 0x15, 0x1b, 0x11, 0x90, 0x7e, 0x57, 0x4d, 0xa1,
+    0x6a, 0x9f, 0xc9, 0x04, 0x4f, 0x4b, 0x82, 0xb0, 0x1b, 0x11, 0x9d, 0xf0, 0x5a, 0xef, 0x3e, 0xd7,
+    0xa8, 0xc2, 0x5e, 0xf7, 0xa6, 0x51, 0x0f, 0x7b, 0xa0, 0x17, 0x58, 0xd0, 0x46, 0x87, 0xae, 0x44,
+    0x7c, 0x3f, 0x0f, 0xff, 0x38, 0xc7, 0xc8, 0xd8, 0x96, 0x35, 0xa1, 0xf3, 0xf2, 0x9a, 0xd2, 0x29,
+    0xbe, 0x62, 0x98, 0x0c, 0xd1, 0xdd, 0x45, 0x13, 0x2d, 0x33, 0x64, 0xd3, 0xee, 0xf2, 0x42, 0xba,
+    0x3b, 0x85, 0xe2, 0xda, 0x29, 0xf3, 0x11, 0x8d, 0x23, 0x39, 0xe8, 0xb3, 0xca, 0x4a, 0x31, 0xcc,
+    0xf9, 0xd8, 0x75, 0x29, 0xc0, 0xe9, 0x9c, 0x46, 0x98, 0x3f, 0x2d, 0x93, 0xd6, 0x22, 0xa1, 0x5f,
+    0xf2, 0x88, 0x16, 0xb5, 0x1a, 0xaf, 0xb9, 0x72, 0x3f, 0x2d, 0x33, 0x73, 0x82, 0xf9, 0xd7, 0x20,
+    0x30, 0xd5, 0x81, 0x46, 0xf3, 0xb5, 0x34, 0xb9, 0x84, 0x2b, 0xf6, 0x53, 0x9e, 0x91, 0x47, 0xb3,
+    0xb5, 0x32, 0xfb, 0x90, 0x0b, 0x9b, 0x60, 0x27, 0x8a, 0x21, 0x7a, 0x33, 0xba, 0x29, 0x34, 0xc5,
+    0x77, 0x6f, 0x6c, 0x63, 0xe2, 0x81, 0xed, 0xec, 0x31, 0x27, 0xbf, 0x13, 0xa6, 0x41, 0xa4, 0x56,
+    0xde, 0x0b, 0x59, 0x80, 0xf4, 0x74, 0x2d, 0xa2, 0xe6, 0x65, 0x4b, 0x75, 0x11, 0x13, 0xcc, 0x1f,
+    0x1c, 0x56, 0xce, 0x73, 0x1d, 0x6e, 0xa0, 0x69, 0x5d, 0x63, 0x8e, 0x55, 0x0d, 0x7b, 0x5c, 0x8c,
+    0x99, 0xb1, 0xb4, 0xa5, 0xe5, 0x40, 0xf4, 0xf7, 0x53, 0x69, 0x02, 0x35, 0x29, 0xc3, 0x2f, 0xfa,
+    0x5b, 0xec, 0x23, 0x56, 0x0c, 0x5a, 0x79, 0x3c, 0xe8, 0x6f, 0xc7, 0x15, 0x35, 0xab, 0xbf, 0x69,
+    0x50, 0xbc, 0x40, 0xca, 0xd6, 0x1c, 0x5c, 0x08, 0x4f, 0x7d, 0xd9, 0xf5, 0x61, 0x70, 0xc9, 0x16,
+    0x92, 0xe1, 0xd7, 0x39, 0x3f, 0x06, 0xd1, 0xc3, 0xf4, 0x7b, 0x1c, 0xd5, 0x7d, 0x18, 0x59, 0x85,
+    0x17, 0x06, 0xad, 0xef, 0xc7, 0x28, 0x85, 0x5d, 0xfa, 0x71, 0x90, 0xb5, 0x59, 0xa0, 0x2a, 0xf3,
+    0xd5, 0x5b, 0x3a, 0x1c, 0x2e, 0x32, 0x08, 0x96, 0x41, 0x77, 0x55, 0x95, 0x45, 0xc8, 0xba, 0x60,
+    0x01, 0xa6, 0x6b, 0x14, 0xb0, 0xa4, 0xcf, 0x35, 0x77, 0x55, 0xac, 0xb6, 0xf1, 0xd5, 0xc6, 0x0d,
+    0xc3, 0xfb, 0xfc, 0xe7, 0x59, 0xbe, 0x42, 0xfe, 0xcc, 0x53, 0x69, 0x96, 0xed, 0xbd, 0x56, 0x9e,
+    0x46, 0x1c, 0x86, 0x31, 0xa1, 0x90, 0x16, 0x60, 0xc2, 0x59, 0xe5, 0xf6, 0xc9, 0x05, 0x25, 0xe8,
+    0x84, 0x41, 0x11, 0xc2, 0x48, 0x8a, 0x9b, 0xab, 0x79, 0x5f, 0x20, 0xd6, 0xd5, 0x6d, 0xb5, 0x7b,
+    0x8f, 0x11, 0x72, 0x5e, 0x92, 0xcc, 0xbe, 0x9f, 0xde, 0x4d, 0x3e, 0x36, 0x81, 0xb6, 0xc3, 0x04,
+    0x4d, 0x4c, 0xe5, 0xad, 0x7b, 0xd6, 0x33, 0x54, 0x65, 0x4b, 0xfb, 0x16, 0x9d, 0xde, 0x53, 0x97,
+    0xc8, 0xab, 0x9f, 0x7b, 0x83, 0xf8, 0x67, 0xca, 0x6b, 0x41, 0x77, 0x76, 0xb9, 0x66, 0x20, 0xe1,
+    0x0a, 0xf6, 0x08, 0x88, 0x6a, 0xe2, 0xea, 0x01, 0xd0, 0x47, 0xb2, 0x56, 0xa5, 0x0e, 0xb0, 0x72,
+  },
+  { /* 12 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x10, 0x96, 0xca, 0xd9, 0x30, 0x68, 0x2f, 0x14, 0x1a, 0x17, 0x0c, 0xca, 0x0c, 0x70, 0xda, 0xbf,
+    0x20, 0xef, 0x57, 0x71, 0x60, 0xd0, 0x5e, 0x28, 0x34, 0x2e, 0x18, 0x57, 0x18, 0xe0, 0x77, 0xbd,
+    0x30, 0x79, 0x9d, 0xa8, 0x50, 0xb8, 0x71, 0x3c, 0x2e, 0x39, 0x14, 0x9d, 0x14, 0x90, 0xad, 0x02,
+    0x40, 0x1d, 0xae, 0xe2, 0xc0, 0x63, 0xbc, 0x50, 0x68, 0x5c, 0x30, 0xae, 0x30, 0x03, 0xee, 0xb9,
+    0x50, 0x8b, 0x64, 0x3b, 0xf0, 0x0b, 0x93, 0x44, 0x72, 0x4b, 0x3c, 0x64, 0x3c, 0x73, 0x34, 0x06,
+    0x60, 0xf2, 0xf9, 0x93, 0xa0, 0xb3, 0xe2, 0x78, 0x5c, 0x72, 0x28, 0xf9, 0x28, 0xe3, 0x99, 0x04,
+    0x70, 0x64, 0x33, 0x4a, 0x90, 0xdb, 0xcd, 0x6c, 0x46, 0x65, 0x24, 0x33, 0x24, 0x93, 0x43, 0xbb,
+    0x80, 0x3a, 0x9f, 0x07, 0x43, 0xc6, 0xbb, 0xa0, 0xd0, 0xb8, 0x60, 0x9f, 0x60, 0x06, 0x1f, 0xb1,
+    0x90, 0xac, 0x55, 0xde, 0x73, 0xae, 0x94, 0xb4, 0xca, 0xaf, 0x6c, 0x55, 0x6c, 0x76, 0xc5, 0x0e,
+    0xa0, 0xd5, 0xc8, 0x76, 0x23, 0x16, 0xe5, 0x88, 0xe4, 0x96, 0x78, 0xc8, 0x78, 0xe6, 0x68, 0x0c,
+    0xb0, 0x43, 0x02, 0xaf, 0x13, 0x7e, 0xca, 0x9c, 0xfe, 0x81, 0x74, 0x02, 0x74, 0x96, 0xb2, 0xb3,
+    0xc0, 0x27, 0x31, 0xe5, 0x83, 0xa5, 0x07, 0xf0, 0xb8, 0xe4, 0x50, 0x31, 0x50, 0x05, 0xf1, 0x08,
+    0xd0, 0xb1, 0xfb, 0x3c, 0xb3, 0xcd, 0x28, 0xe4, 0xa2, 0xf3, 0x5c, 0xfb, 0x5c, 0x75, 0x2b, 0xb7,
+    0xe0, 0xc8, 0x66, 0x94, 0xe3, 0x75, 0x59, 0xd8, 0x8c, 0xca, 0x48, 0x66, 0x48, 0xe5, 0x86, 0xb5,
+    0xf0, 0x5e, 0xac, 0x4d, 0xd3, 0x1d, 0x76, 0xcc, 0x96, 0xdd, 0x44, 0xac, 0x44, 0x95, 0x5c, 0x0a,
+    0xc3, 0x74, 0xfd, 0x0e, 0x86, 0x4f, 0xb5, 0x83, 0x63, 0xb3, 0xc0, 0xfd, 0xc0, 0x0c, 0x3e, 0xa1,
+    0xd3, 0xe2, 0x37, 0xd7, 0xb6, 0x27, 0x9a, 0x97, 0x79, 0xa4, 0xcc, 0x37, 0xcc, 0x7c, 0xe4, 0x1e,
+    0xe3, 0x9b, 0xaa, 0x7f, 0xe6, 0x9f, 0xeb, 0xab, 0x57, 0x9d, 0xd8, 0xaa, 0xd8, 0xec, 0x49, 0x1c,
+    0xf3, 0x0d, 0x60, 0xa6, 0xd6, 0xf7, 0xc4, 0xbf, 0x4d, 0x8a, 0xd4, 0x60, 0xd4, 0x9c, 0x93, 0xa3,
+    0x83, 0x69, 0x53, 0xec, 0x46, 0x2c, 0x09, 0xd3, 0x0b, 0xef, 0xf0, 0x53, 0xf0, 0x0f, 0xd0, 0x18,
+    0x93, 0xff, 0x99, 0x35, 0x76, 0x44, 0x26, 0xc7, 0x11, 0xf8, 0xfc, 0x99, 0xfc, 0x7f, 0x0a, 0xa7,
+    0xa3, 0x86, 0x04, 0x9d, 0x26, 0xfc, 0x57, 0xfb, 0x3f, 0xc1, 0xe8, 0x04, 0xe8, 0xef, 0xa7, 0xa5,
+    0xb3, 0x10, 0xce, 0x44, 0x16, 0x94, 0x78, 0xef, 0x25, 0xd6, 0xe4, 0xce, 0xe4, 0x9f, 0x7d, 0x1a,
+    0x43, 0x4e, 0x62, 0x09, 0xc5, 0x89, 0x0e, 0x23, 0xb3, 0x0b, 0xa0, 0x62, 0xa0, 0x0a, 0x21, 0x10,
+    0x53, 0xd8, 0xa8, 0xd0, 0xf5, 0xe1, 0x21, 0x37, 0xa9, 0x1c, 0xac, 0xa8, 0xac, 0x7a, 0xfb, 0xaf,
+    0x63, 0xa1, 0x35, 0x78, 0xa5, 0x59, 0x50, 0x0b, 0x87, 0x25, 0xb8, 0x35, 0xb8, 0xea, 0x56, 0xad,
+    0x73, 0x37, 0xff, 0xa1, 0x95, 0x31, 0x7f, 0x1f, 0x9d, 0x32, 0xb4, 0xff, 0xb4, 0x9a, 0x8c, 0x12,
+    0x03, 0x53, 0xcc, 0xeb, 0x05, 0xea, 0xb2, 0x73, 0xdb, 0x57, 0x90, 0xcc, 0x90, 0x09, 0xcf, 0xa9,
+    0x13, 0xc5, 0x06, 0x32, 0x35, 0x82, 0x9d, 0x67, 0xc1, 0x40, 0x9c, 0x06, 0x9c, 0x79, 0x15, 0x16,
+    0x23, 0xbc, 0x9b, 0x9a, 0x65, 0x3a, 0xec, 0x5b, 0xef, 0x79, 0x88, 0x9b, 0x88, 0xe9, 0xb8, 0x14,
+    0x33, 0x2a, 0x51, 0x43, 0x55, 0x52, 0xc3, 0x4f, 0xf5, 0x6e, 0x84, 0x51, 0x84, 0x99, 0x62, 0xab,
+    0x45, 0xe8, 0x39, 0x1c, 0xcf, 0x9e, 0xa9, 0xc5, 0xc6, 0xa5, 0x43, 0x39, 0x43, 0x18, 0x7c, 0x81,
+    0x55, 0x7e, 0xf3, 0xc5, 0xff, 0xf6, 0x86, 0xd1, 0xdc, 0xb2, 0x4f, 0xf3, 0x4f, 0x68, 0xa6, 0x3e,
+    0x65, 0x07, 0x6e, 0x6d, 0xaf, 0x4e, 0xf7, 0xed, 0xf2, 0x8b, 0x5b, 0x6e, 0x5b, 0xf8, 0x0b, 0x3c,
+    0x75, 0x91, 0xa4, 0xb4, 0x9f, 0x26, 0xd8, 0xf9, 0xe8, 0x9c, 0x57, 0xa4, 0x57, 0x88, 0xd1, 0x83,
+    0x05, 0xf5, 0x97, 0xfe, 0x0f, 0xfd, 0x15, 0x95, 0xae, 0xf9, 0x73, 0x97, 0x73, 0x1b, 0x92, 0x38,
+    0x15, 0x63, 0x5d, 0x27, 0x3f, 0x95, 0x3a, 0x81, 0xb4, 0xee, 0x7f, 0x5d, 0x7f, 0x6b, 0x48, 0x87,
+    0x25, 0x1a, 0xc0, 0x8f, 0x6f, 0x2d, 0x4b, 0xbd, 0x9a, 0xd7, 0x6b, 0xc0, 0x6b, 0xfb, 0xe5, 0x85,
+    0x35, 0x8c, 0x0a, 0x56, 0x5f, 0x45, 0x64, 0xa9, 0x80, 0xc0, 0x67, 0x0a, 0x67, 0x8b, 0x3f, 0x3a,
+    0xc5, 0xd2, 0xa6, 0x1b, 0x8c, 0x58, 0x12, 0x65, 0x16, 0x1d, 0x23, 0xa6, 0x23, 0x1e, 0x63, 0x30,
+    0xd5, 0x44, 0x6c, 0xc2, 0xbc, 0x30, 0x3d, 0x71, 0x0c, 0x0a, 0x2f, 0x6c, 0x2f, 0x6e, 0xb9, 0x8f,
+    0xe5, 0x3d, 0xf1, 0x6a, 0xec, 0x88, 0x4c, 0x4d, 0x22, 0x33, 0x3b, 0xf1, 0x3b, 0xfe, 0x14, 0x8d,
+    0xf5, 0xab, 0x3b, 0xb3, 0xdc, 0xe0, 0x63, 0x59, 0x38, 0x24, 0x37, 0x3b, 0x37, 0x8e, 0xce, 0x32,
+    0x85, 0xcf, 0x08, 0xf9, 0x4c, 0x3b, 0xae, 0x35, 0x7e, 0x41, 0x13, 0x08, 0x13, 0x1d, 0x8d, 0x89,
+    0x95, 0x59, 0xc2, 0x20, 0x7c, 0x53, 0x81, 0x21, 0x64, 0x56, 0x1f, 0xc2, 0x1f, 0x6d, 0x57, 0x36,
+    0xa5, 0x20, 0x5f, 0x88, 0x2c, 0xeb, 0xf0, 0x1d, 0x4a, 0x6f, 0x0b, 0x5f, 0x0b, 0xfd, 0xfa, 0x34,
+    0xb5, 0xb6, 0x95, 0x51, 0x1c, 0x83, 0xdf, 0x09, 0x50, 0x78, 0x07, 0x95, 0x07, 0x8d, 0x20, 0x8b,
+    0x86, 0x9c, 0xc4, 0x12, 0x49, 0xd1, 0x1c, 0x46, 0xa5, 0x16, 0x83, 0xc4, 0x83, 0x14, 0x42, 0x20,
+    0x96, 0x0a, 0x0e, 0xcb, 0x79, 0xb9, 0x33, 0x52, 0xbf, 0x01, 0x8f, 0x0e, 0x8f, 0x64, 0x98, 0x9f,
+    0xa6, 0x73, 0x93, 0x63, 0x29, 0x01, 0x42, 0x6e, 0x91, 0x38, 0x9b, 0x93, 0x9b, 0xf4, 0x35, 0x9d,
+    0xb6, 0xe5, 0x59, 0xba, 0x19, 0x69, 0x6d, 0x7a, 0x8b, 0x2f, 0x97, 0x59, 0x97, 0x84, 0xef, 0x22,
+    0xc6, 0x81, 0x6a, 0xf0, 0x89, 0xb2, 0xa0, 0x16, 0xcd, 0x4a, 0xb3, 0x6a, 0xb3, 0x17, 0xac, 0x99,
+    0xd6, 0x17, 0xa0, 0x29, 0xb9, 0xda, 0x8f, 0x02, 0xd7, 0x5d, 0xbf, 0xa0, 0xbf, 0x67, 0x76, 0x26,
+    0xe6, 0x6e, 0x3d, 0x81, 0xe9, 0x62, 0xfe, 0x3e, 0xf9, 0x64, 0xab, 0x3d, 0xab, 0xf7, 0xdb, 0x24,
+    0xf6, 0xf8, 0xf7, 0x58, 0xd9, 0x0a, 0xd1, 0x2a, 0xe3, 0x73, 0xa7, 0xf7, 0xa7, 0x87, 0x01, 0x9b,
+    0x06, 0xa6, 0x5b, 0x15, 0x0a, 0x17, 0xa7, 0xe6, 0x75, 0xae, 0xe3, 0x5b, 0xe3, 0x12, 0x5d, 0x91,
+    0x16, 0x30, 0x91, 0xcc, 0x3a, 0x7f, 0x88, 0xf2, 0x6f, 0xb9, 0xef, 0x91, 0xef, 0x62, 0x87, 0x2e,
+    0x26, 0x49, 0x0c, 0x64, 0x6a, 0xc7, 0xf9, 0xce, 0x41, 0x80, 0xfb, 0x0c, 0xfb, 0xf2, 0x2a, 0x2c,
+    0x36, 0xdf, 0xc6, 0xbd, 0x5a, 0xaf, 0xd6, 0xda, 0x5b, 0x97, 0xf7, 0xc6, 0xf7, 0x82, 0xf0, 0x93,
+    0x46, 0xbb, 0xf5, 0xf7, 0xca, 0x74, 0x1b, 0xb6, 0x1d, 0xf2, 0xd3, 0xf5, 0xd3, 0x11, 0xb3, 0x28,
+    0x56, 0x2d, 0x3f, 0x2e, 0xfa, 0x1c, 0x34, 0xa2, 0x07, 0xe5, 0xdf, 0x3f, 0xdf, 0x61, 0x69, 0x97,
+    0x66, 0x54, 0xa2, 0x86, 0xaa, 0xa4, 0x45, 0x9e, 0x29, 0xdc, 0xcb, 0xa2, 0xcb, 0xf1, 0xc4, 0x95,
+    0x76, 0xc2, 0x68, 0x5f, 0x9a, 0xcc, 0x6a, 0x8a, 0x33, 0xcb, 0xc7, 0x68, 0xc7, 0x81, 0x1e, 0x2a,
+    0x8a, 0x13, 0x72, 0x38, 0x5d, 0xff, 0x91, 0x49, 0x4f, 0x89, 0x86, 0x72, 0x86, 0x30, 0xf8, 0xc1,
+    0x9a, 0x85, 0xb8, 0xe1, 0x6d, 0x97, 0xbe, 0x5d, 0x55, 0x9e, 0x8a, 0xb8, 0x8a, 0x40, 0x22, 0x7e,
+    0xaa, 0xfc, 0x25, 0x49, 0x3d, 0x2f, 0xcf, 0x61, 0x7b, 0xa7, 0x9e, 0x25, 0x9e, 0xd0, 0x8f, 0x7c,
+    0xba, 0x6a, 0xef, 0x90, 0x0d, 0x47, 0xe0, 0x75, 0x61, 0xb0, 0x92, 0xef, 0x92, 0xa0, 0x55, 0xc3,
+    0xca, 0x0e, 0xdc, 0xda, 0x9d, 0x9c, 0x2d, 0x19, 0x27, 0xd5, 0xb6, 0xdc, 0xb6, 0x33, 0x16, 0x78,
+    0xda, 0x98, 0x16, 0x03, 0xad, 0xf4, 0x02, 0x0d, 0x3d, 0xc2, 0xba, 0x16, 0xba, 0x43, 0xcc, 0xc7,
+    0xea, 0xe1, 0x8b, 0xab, 0xfd, 0x4c, 0x73, 0x31, 0x13, 0xfb, 0xae, 0x8b, 0xae, 0xd3, 0x61, 0xc5,
+    0xfa, 0x77, 0x41, 0x72, 0xcd, 0x24, 0x5c, 0x25, 0x09, 0xec, 0xa2, 0x41, 0xa2, 0xa3, 0xbb, 0x7a,
+    0x0a, 0x29, 0xed, 0x3f, 0x1e, 0x39, 0x2a, 0xe9, 0x9f, 0x31, 0xe6, 0xed, 0xe6, 0x36, 0xe7, 0x70,
+    0x1a, 0xbf, 0x27, 0xe6, 0x2e, 0x51, 0x05, 0xfd, 0x85, 0x26, 0xea, 0x27, 0xea, 0x46, 0x3d, 0xcf,
+    0x2a, 0xc6, 0xba, 0x4e, 0x7e, 0xe9, 0x74, 0xc1, 0xab, 0x1f, 0xfe, 0xba, 0xfe, 0xd6, 0x90, 0xcd,
+    0x3a, 0x50, 0x70, 0x97, 0x4e, 0x81, 0x5b, 0xd5, 0xb1, 0x08, 0xf2, 0x70, 0xf2, 0xa6, 0x4a, 0x72,
+    0x4a, 0x34, 0x43, 0xdd, 0xde, 0x5a, 0x96, 0xb9, 0xf7, 0x6d, 0xd6, 0x43, 0xd6, 0x35, 0x09, 0xc9,
+    0x5a, 0xa2, 0x89, 0x04, 0xee, 0x32, 0xb9, 0xad, 0xed, 0x7a, 0xda, 0x89, 0xda, 0x45, 0xd3, 0x76,
+    0x6a, 0xdb, 0x14, 0xac, 0xbe, 0x8a, 0xc8, 0x91, 0xc3, 0x43, 0xce, 0x14, 0xce, 0xd5, 0x7e, 0x74,
+    0x7a, 0x4d, 0xde, 0x75, 0x8e, 0xe2, 0xe7, 0x85, 0xd9, 0x54, 0xc2, 0xde, 0xc2, 0xa5, 0xa4, 0xcb,
+    0x49, 0x67, 0x8f, 0x36, 0xdb, 0xb0, 0x24, 0xca, 0x2c, 0x3a, 0x46, 0x8f, 0x46, 0x3c, 0xc6, 0x60,
+    0x59, 0xf1, 0x45, 0xef, 0xeb, 0xd8, 0x0b, 0xde, 0x36, 0x2d, 0x4a, 0x45, 0x4a, 0x4c, 0x1c, 0xdf,
+    0x69, 0x88, 0xd8, 0x47, 0xbb, 0x60, 0x7a, 0xe2, 0x18, 0x14, 0x5e, 0xd8, 0x5e, 0xdc, 0xb1, 0xdd,
+    0x79, 0x1e, 0x12, 0x9e, 0x8b, 0x08, 0x55, 0xf6, 0x02, 0x03, 0x52, 0x12, 0x52, 0xac, 0x6b, 0x62,
+    0x09, 0x7a, 0x21, 0xd4, 0x1b, 0xd3, 0x98, 0x9a, 0x44, 0x66, 0x76, 0x21, 0x76, 0x3f, 0x28, 0xd9,
+    0x19, 0xec, 0xeb, 0x0d, 0x2b, 0xbb, 0xb7, 0x8e, 0x5e, 0x71, 0x7a, 0xeb, 0x7a, 0x4f, 0xf2, 0x66,
+    0x29, 0x95, 0x76, 0xa5, 0x7b, 0x03, 0xc6, 0xb2, 0x70, 0x48, 0x6e, 0x76, 0x6e, 0xdf, 0x5f, 0x64,
+    0x39, 0x03, 0xbc, 0x7c, 0x4b, 0x6b, 0xe9, 0xa6, 0x6a, 0x5f, 0x62, 0xbc, 0x62, 0xaf, 0x85, 0xdb,
+    0xc9, 0x5d, 0x10, 0x31, 0x98, 0x76, 0x9f, 0x6a, 0xfc, 0x82, 0x26, 0x10, 0x26, 0x3a, 0xd9, 0xd1,
+    0xd9, 0xcb, 0xda, 0xe8, 0xa8, 0x1e, 0xb0, 0x7e, 0xe6, 0x95, 0x2a, 0xda, 0x2a, 0x4a, 0x03, 0x6e,
+    0xe9, 0xb2, 0x47, 0x40, 0xf8, 0xa6, 0xc1, 0x42, 0xc8, 0xac, 0x3e, 0x47, 0x3e, 0xda, 0xae, 0x6c,
+    0xf9, 0x24, 0x8d, 0x99, 0xc8, 0xce, 0xee, 0x56, 0xd2, 0xbb, 0x32, 0x8d, 0x32, 0xaa, 0x74, 0xd3,
+    0x89, 0x40, 0xbe, 0xd3, 0x58, 0x15, 0x23, 0x3a, 0x94, 0xde, 0x16, 0xbe, 0x16, 0x39, 0x37, 0x68,
+    0x99, 0xd6, 0x74, 0x0a, 0x68, 0x7d, 0x0c, 0x2e, 0x8e, 0xc9, 0x1a, 0x74, 0x1a, 0x49, 0xed, 0xd7,
+    0xa9, 0xaf, 0xe9, 0xa2, 0x38, 0xc5, 0x7d, 0x12, 0xa0, 0xf0, 0x0e, 0xe9, 0x0e, 0xd9, 0x40, 0xd5,
+    0xb9, 0x39, 0x23, 0x7b, 0x08, 0xad, 0x52, 0x06, 0xba, 0xe7, 0x02, 0x23, 0x02, 0xa9, 0x9a, 0x6a,
+    0xcf, 0xfb, 0x4b, 0x24, 0x92, 0x61, 0x38, 0x8c, 0x89, 0x2c, 0xc5, 0x4b, 0xc5, 0x28, 0x84, 0x40,
+    0xdf, 0x6d, 0x81, 0xfd, 0xa2, 0x09, 0x17, 0x98, 0x93, 0x3b, 0xc9, 0x81, 0xc9, 0x58, 0x5e, 0xff,
+    0xef, 0x14, 0x1c, 0x55, 0xf2, 0xb1, 0x66, 0xa4, 0xbd, 0x02, 0xdd, 0x1c, 0xdd, 0xc8, 0xf3, 0xfd,
+    0xff, 0x82, 0xd6, 0x8c, 0xc2, 0xd9, 0x49, 0xb0, 0xa7, 0x15, 0xd1, 0xd6, 0xd1, 0xb8, 0x29, 0x42,
+    0x8f, 0xe6, 0xe5, 0xc6, 0x52, 0x02, 0x84, 0xdc, 0xe1, 0x70, 0xf5, 0xe5, 0xf5, 0x2b, 0x6a, 0xf9,
+    0x9f, 0x70, 0x2f, 0x1f, 0x62, 0x6a, 0xab, 0xc8, 0xfb, 0x67, 0xf9, 0x2f, 0xf9, 0x5b, 0xb0, 0x46,
+    0xaf, 0x09, 0xb2, 0xb7, 0x32, 0xd2, 0xda, 0xf4, 0xd5, 0x5e, 0xed, 0xb2, 0xed, 0xcb, 0x1d, 0x44,
+    0xbf, 0x9f, 0x78, 0x6e, 0x02, 0xba, 0xf5, 0xe0, 0xcf, 0x49, 0xe1, 0x78, 0xe1, 0xbb, 0xc7, 0xfb,
+    0x4f, 0xc1, 0xd4, 0x23, 0xd1, 0xa7, 0x83, 0x2c, 0x59, 0x94, 0xa5, 0xd4, 0xa5, 0x2e, 0x9b, 0xf1,
+    0x5f, 0x57, 0x1e, 0xfa, 0xe1, 0xcf, 0xac, 0x38, 0x43, 0x83, 0xa9, 0x1e, 0xa9, 0x5e, 0x41, 0x4e,
+    0x6f, 0x2e, 0x83, 0x52, 0xb1, 0x77, 0xdd, 0x04, 0x6d, 0xba, 0xbd, 0x83, 0xbd, 0xce, 0xec, 0x4c,
+    0x7f, 0xb8, 0x49, 0x8b, 0x81, 0x1f, 0xf2, 0x10, 0x77, 0xad, 0xb1, 0x49, 0xb1, 0xbe, 0x36, 0xf3,
+    0x0f, 0xdc, 0x7a, 0xc1, 0x11, 0xc4, 0x3f, 0x7c, 0x31, 0xc8, 0x95, 0x7a, 0x95, 0x2d, 0x75, 0x48,
+    0x1f, 0x4a, 0xb0, 0x18, 0x21, 0xac, 0x10, 0x68, 0x2b, 0xdf, 0x99, 0xb0, 0x99, 0x5d, 0xaf, 0xf7,
+    0x2f, 0x33, 0x2d, 0xb0, 0x71, 0x14, 0x61, 0x54, 0x05, 0xe6, 0x8d, 0x2d, 0x8d, 0xcd, 0x02, 0xf5,
+    0x3f, 0xa5, 0xe7, 0x69, 0x41, 0x7c, 0x4e, 0x40, 0x1f, 0xf1, 0x81, 0xe7, 0x81, 0xbd, 0xd8, 0x4a,
+    0x0c, 0x8f, 0xb6, 0x2a, 0x14, 0x2e, 0x8d, 0x0f, 0xea, 0x9f, 0x05, 0xb6, 0x05, 0x24, 0xba, 0xe1,
+    0x1c, 0x19, 0x7c, 0xf3, 0x24, 0x46, 0xa2, 0x1b, 0xf0, 0x88, 0x09, 0x7c, 0x09, 0x54, 0x60, 0x5e,
+    0x2c, 0x60, 0xe1, 0x5b, 0x74, 0xfe, 0xd3, 0x27, 0xde, 0xb1, 0x1d, 0xe1, 0x1d, 0xc4, 0xcd, 0x5c,
+    0x3c, 0xf6, 0x2b, 0x82, 0x44, 0x96, 0xfc, 0x33, 0xc4, 0xa6, 0x11, 0x2b, 0x11, 0xb4, 0x17, 0xe3,
+    0x4c, 0x92, 0x18, 0xc8, 0xd4, 0x4d, 0x31, 0x5f, 0x82, 0xc3, 0x35, 0x18, 0x35, 0x27, 0x54, 0x58,
+    0x5c, 0x04, 0xd2, 0x11, 0xe4, 0x25, 0x1e, 0x4b, 0x98, 0xd4, 0x39, 0xd2, 0x39, 0x57, 0x8e, 0xe7,
+    0x6c, 0x7d, 0x4f, 0xb9, 0xb4, 0x9d, 0x6f, 0x77, 0xb6, 0xed, 0x2d, 0x4f, 0x2d, 0xc7, 0x23, 0xe5,
+    0x7c, 0xeb, 0x85, 0x60, 0x84, 0xf5, 0x40, 0x63, 0xac, 0xfa, 0x21, 0x85, 0x21, 0xb7, 0xf9, 0x5a,
+    0x8c, 0xb5, 0x29, 0x2d, 0x57, 0xe8, 0x36, 0xaf, 0x3a, 0x27, 0x65, 0x29, 0x65, 0x22, 0xa5, 0x50,
+    0x9c, 0x23, 0xe3, 0xf4, 0x67, 0x80, 0x19, 0xbb, 0x20, 0x30, 0x69, 0xe3, 0x69, 0x52, 0x7f, 0xef,
+    0xac, 0x5a, 0x7e, 0x5c, 0x37, 0x38, 0x68, 0x87, 0x0e, 0x09, 0x7d, 0x7e, 0x7d, 0xc2, 0xd2, 0xed,
+    0xbc, 0xcc, 0xb4, 0x85, 0x07, 0x50, 0x47, 0x93, 0x14, 0x1e, 0x71, 0xb4, 0x71, 0xb2, 0x08, 0x52,
+    0xcc, 0xa8, 0x87, 0xcf, 0x97, 0x8b, 0x8a, 0xff, 0x52, 0x7b, 0x55, 0x87, 0x55, 0x21, 0x4b, 0xe9,
+    0xdc, 0x3e, 0x4d, 0x16, 0xa7, 0xe3, 0xa5, 0xeb, 0x48, 0x6c, 0x59, 0x4d, 0x59, 0x51, 0x91, 0x56,
+    0xec, 0x47, 0xd0, 0xbe, 0xf7, 0x5b, 0xd4, 0xd7, 0x66, 0x55, 0x4d, 0xd0, 0x4d, 0xc1, 0x3c, 0x54,
+    0xfc, 0xd1, 0x1a, 0x67, 0xc7, 0x33, 0xfb, 0xc3, 0x7c, 0x42, 0x41, 0x1a, 0x41, 0xb1, 0xe6, 0xeb,
+    0xd7, 0x26, 0xe4, 0x70, 0xba, 0x3d, 0xe1, 0x92, 0x9e, 0xd1, 0xcf, 0xe4, 0xcf, 0x60, 0x33, 0x41,
+    0xc7, 0xb0, 0x2e, 0xa9, 0x8a, 0x55, 0xce, 0x86, 0x84, 0xc6, 0xc3, 0x2e, 0xc3, 0x10, 0xe9, 0xfe,
+    0xf7, 0xc9, 0xb3, 0x01, 0xda, 0xed, 0xbf, 0xba, 0xaa, 0xff, 0xd7, 0xb3, 0xd7, 0x80, 0x44, 0xfc,
+    0xe7, 0x5f, 0x79, 0xd8, 0xea, 0x85, 0x90, 0xae, 0xb0, 0xe8, 0xdb, 0x79, 0xdb, 0xf0, 0x9e, 0x43,
+    0x97, 0x3b, 0x4a, 0x92, 0x7a, 0x5e, 0x5d, 0xc2, 0xf6, 0x8d, 0xff, 0x4a, 0xff, 0x63, 0xdd, 0xf8,
+    0x87, 0xad, 0x80, 0x4b, 0x4a, 0x36, 0x72, 0xd6, 0xec, 0x9a, 0xf3, 0x80, 0xf3, 0x13, 0x07, 0x47,
+    0xb7, 0xd4, 0x1d, 0xe3, 0x1a, 0x8e, 0x03, 0xea, 0xc2, 0xa3, 0xe7, 0x1d, 0xe7, 0x83, 0xaa, 0x45,
+    0xa7, 0x42, 0xd7, 0x3a, 0x2a, 0xe6, 0x2c, 0xfe, 0xd8, 0xb4, 0xeb, 0xd7, 0xeb, 0xf3, 0x70, 0xfa,
+    0x57, 0x1c, 0x7b, 0x77, 0xf9, 0xfb, 0x5a, 0x32, 0x4e, 0x69, 0xaf, 0x7b, 0xaf, 0x66, 0x2c, 0xf0,
+    0x47, 0x8a, 0xb1, 0xae, 0xc9, 0x93, 0x75, 0x26, 0x54, 0x7e, 0xa3, 0xb1, 0xa3, 0x16, 0xf6, 0x4f,
+    0x77, 0xf3, 0x2c, 0x06, 0x99, 0x2b, 0x04, 0x1a, 0x7a, 0x47, 0xb7, 0x2c, 0xb7, 0x86, 0x5b, 0x4d,
+    0x67, 0x65, 0xe6, 0xdf, 0xa9, 0x43, 0x2b, 0x0e, 0x60, 0x50, 0xbb, 0xe6, 0xbb, 0xf6, 0x81, 0xf2,
+    0x17, 0x01, 0xd5, 0x95, 0x39, 0x98, 0xe6, 0x62, 0x26, 0x35, 0x9f, 0xd5, 0x9f, 0x65, 0xc2, 0x49,
+    0x07, 0x97, 0x1f, 0x4c, 0x09, 0xf0, 0xc9, 0x76, 0x3c, 0x22, 0x93, 0x1f, 0x93, 0x15, 0x18, 0xf6,
+    0x37, 0xee, 0x82, 0xe4, 0x59, 0x48, 0xb8, 0x4a, 0x12, 0x1b, 0x87, 0x82, 0x87, 0x85, 0xb5, 0xf4,
+    0x27, 0x78, 0x48, 0x3d, 0x69, 0x20, 0x97, 0x5e, 0x08, 0x0c, 0x8b, 0x48, 0x8b, 0xf5, 0x6f, 0x4b,
+    0x14, 0x52, 0x19, 0x7e, 0x3c, 0x72, 0x54, 0x11, 0xfd, 0x62, 0x0f, 0x19, 0x0f, 0x6c, 0x0d, 0xe0,
+    0x04, 0xc4, 0xd3, 0xa7, 0x0c, 0x1a, 0x7b, 0x05, 0xe7, 0x75, 0x03, 0xd3, 0x03, 0x1c, 0xd7, 0x5f,
+    0x34, 0xbd, 0x4e, 0x0f, 0x5c, 0xa2, 0x0a, 0x39, 0xc9, 0x4c, 0x17, 0x4e, 0x17, 0x8c, 0x7a, 0x5d,
+    0x24, 0x2b, 0x84, 0xd6, 0x6c, 0xca, 0x25, 0x2d, 0xd3, 0x5b, 0x1b, 0x84, 0x1b, 0xfc, 0xa0, 0xe2,
+    0x54, 0x4f, 0xb7, 0x9c, 0xfc, 0x11, 0xe8, 0x41, 0x95, 0x3e, 0x3f, 0xb7, 0x3f, 0x6f, 0xe3, 0x59,
+    0x44, 0xd9, 0x7d, 0x45, 0xcc, 0x79, 0xc7, 0x55, 0x8f, 0x29, 0x33, 0x7d, 0x33, 0x1f, 0x39, 0xe6,
+    0x74, 0xa0, 0xe0, 0xed, 0x9c, 0xc1, 0xb6, 0x69, 0xa1, 0x10, 0x27, 0xe0, 0x27, 0x8f, 0x94, 0xe4,
+    0x64, 0x36, 0x2a, 0x34, 0xac, 0xa9, 0x99, 0x7d, 0xbb, 0x07, 0x2b, 0x2a, 0x2b, 0xff, 0x4e, 0x5b,
+    0x94, 0x68, 0x86, 0x79, 0x7f, 0xb4, 0xef, 0xb1, 0x2d, 0xda, 0x6f, 0x86, 0x6f, 0x6a, 0x12, 0x51,
+    0x84, 0xfe, 0x4c, 0xa0, 0x4f, 0xdc, 0xc0, 0xa5, 0x37, 0xcd, 0x63, 0x4c, 0x63, 0x1a, 0xc8, 0xee,
+    0xb4, 0x87, 0xd1, 0x08, 0x1f, 0x64, 0xb1, 0x99, 0x19, 0xf4, 0x77, 0xd1, 0x77, 0x8a, 0x65, 0xec,
+    0xa4, 0x11, 0x1b, 0xd1, 0x2f, 0x0c, 0x9e, 0x8d, 0x03, 0xe3, 0x7b, 0x1b, 0x7b, 0xfa, 0xbf, 0x53,
+    0xd4, 0x75, 0x28, 0x9b, 0xbf, 0xd7, 0x53, 0xe1, 0x45, 0x86, 0x5f, 0x28, 0x5f, 0x69, 0xfc, 0xe8,
+    0xc4, 0xe3, 0xe2, 0x42, 0x8f, 0xbf, 0x7c, 0xf5, 0x5f, 0x91, 0x53, 0xe2, 0x53, 0x19, 0x26, 0x57,
+    0xf4, 0x9a, 0x7f, 0xea, 0xdf, 0x07, 0x0d, 0xc9, 0x71, 0xa8, 0x47, 0x7f, 0x47, 0x89, 0x8b, 0x55,
+    0xe4, 0x0c, 0xb5, 0x33, 0xef, 0x6f, 0x22, 0xdd, 0x6b, 0xbf, 0x4b, 0xb5, 0x4b, 0xf9, 0x51, 0xea,
+    0x92, 0xce, 0xdd, 0x6c, 0x75, 0xa3, 0x48, 0x57, 0x58, 0x74, 0x8c, 0xdd, 0x8c, 0x78, 0x4f, 0xc0,
+    0x82, 0x58, 0x17, 0xb5, 0x45, 0xcb, 0x67, 0x43, 0x42, 0x63, 0x80, 0x17, 0x80, 0x08, 0x95, 0x7f,
+    0xb2, 0x21, 0x8a, 0x1d, 0x15, 0x73, 0x16, 0x7f, 0x6c, 0x5a, 0x94, 0x8a, 0x94, 0x98, 0x38, 0x7d,
+    0xa2, 0xb7, 0x40, 0xc4, 0x25, 0x1b, 0x39, 0x6b, 0x76, 0x4d, 0x98, 0x40, 0x98, 0xe8, 0xe2, 0xc2,
+    0xd2, 0xd3, 0x73, 0x8e, 0xb5, 0xc0, 0xf4, 0x07, 0x30, 0x28, 0xbc, 0x73, 0xbc, 0x7b, 0xa1, 0x79,
+    0xc2, 0x45, 0xb9, 0x57, 0x85, 0xa8, 0xdb, 0x13, 0x2a, 0x3f, 0xb0, 0xb9, 0xb0, 0x0b, 0x7b, 0xc6,
+    0xf2, 0x3c, 0x24, 0xff, 0xd5, 0x10, 0xaa, 0x2f, 0x04, 0x06, 0xa4, 0x24, 0xa4, 0x9b, 0xd6, 0xc4,
+    0xe2, 0xaa, 0xee, 0x26, 0xe5, 0x78, 0x85, 0x3b, 0x1e, 0x11, 0xa8, 0xee, 0xa8, 0xeb, 0x0c, 0x7b,
+    0x12, 0xf4, 0x42, 0x6b, 0x36, 0x65, 0xf3, 0xf7, 0x88, 0xcc, 0xec, 0x42, 0xec, 0x7e, 0x50, 0x71,
+    0x02, 0x62, 0x88, 0xb2, 0x06, 0x0d, 0xdc, 0xe3, 0x92, 0xdb, 0xe0, 0x88, 0xe0, 0x0e, 0x8a, 0xce,
+    0x32, 0x1b, 0x15, 0x1a, 0x56, 0xb5, 0xad, 0xdf, 0xbc, 0xe2, 0xf4, 0x15, 0xf4, 0x9e, 0x27, 0xcc,
+    0x22, 0x8d, 0xdf, 0xc3, 0x66, 0xdd, 0x82, 0xcb, 0xa6, 0xf5, 0xf8, 0xdf, 0xf8, 0xee, 0xfd, 0x73,
+    0x52, 0xe9, 0xec, 0x89, 0xf6, 0x06, 0x4f, 0xa7, 0xe0, 0x90, 0xdc, 0xec, 0xdc, 0x7d, 0xbe, 0xc8,
+    0x42, 0x7f, 0x26, 0x50, 0xc6, 0x6e, 0x60, 0xb3, 0xfa, 0x87, 0xd0, 0x26, 0xd0, 0x0d, 0x64, 0x77,
+    0x72, 0x06, 0xbb, 0xf8, 0x96, 0xd6, 0x11, 0x8f, 0xd4, 0xbe, 0xc4, 0xbb, 0xc4, 0x9d, 0xc9, 0x75,
+    0x62, 0x90, 0x71, 0x21, 0xa6, 0xbe, 0x3e, 0x9b, 0xce, 0xa9, 0xc8, 0x71, 0xc8, 0xed, 0x13, 0xca,
+    0x51, 0xba, 0x20, 0x62, 0xf3, 0xec, 0xfd, 0xd4, 0x3b, 0xc7, 0x4c, 0x20, 0x4c, 0x74, 0x71, 0x61,
+    0x41, 0x2c, 0xea, 0xbb, 0xc3, 0x84, 0xd2, 0xc0, 0x21, 0xd0, 0x40, 0xea, 0x40, 0x04, 0xab, 0xde,
+    0x71, 0x55, 0x77, 0x13, 0x93, 0x3c, 0xa3, 0xfc, 0x0f, 0xe9, 0x54, 0x77, 0x54, 0x94, 0x06, 0xdc,
+    0x61, 0xc3, 0xbd, 0xca, 0xa3, 0x54, 0x8c, 0xe8, 0x15, 0xfe, 0x58, 0xbd, 0x58, 0xe4, 0xdc, 0x63,
+    0x11, 0xa7, 0x8e, 0x80, 0x33, 0x8f, 0x41, 0x84, 0x53, 0x9b, 0x7c, 0x8e, 0x7c, 0x77, 0x9f, 0xd8,
+    0x01, 0x31, 0x44, 0x59, 0x03, 0xe7, 0x6e, 0x90, 0x49, 0x8c, 0x70, 0x44, 0x70, 0x07, 0x45, 0x67,
+    0x31, 0x48, 0xd9, 0xf1, 0x53, 0x5f, 0x1f, 0xac, 0x67, 0xb5, 0x64, 0xd9, 0x64, 0x97, 0xe8, 0x65,
+    0x21, 0xde, 0x13, 0x28, 0x63, 0x37, 0x30, 0xb8, 0x7d, 0xa2, 0x68, 0x13, 0x68, 0xe7, 0x32, 0xda,
+    0xd1, 0x80, 0xbf, 0x65, 0xb0, 0x2a, 0x46, 0x74, 0xeb, 0x7f, 0x2c, 0xbf, 0x2c, 0x72, 0x6e, 0xd0,
+    0xc1, 0x16, 0x75, 0xbc, 0x80, 0x42, 0x69, 0x60, 0xf1, 0x68, 0x20, 0x75, 0x20, 0x02, 0xb4, 0x6f,
+    0xf1, 0x6f, 0xe8, 0x14, 0xd0, 0xfa, 0x18, 0x5c, 0xdf, 0x51, 0x34, 0xe8, 0x34, 0x92, 0x19, 0x6d,
+    0xe1, 0xf9, 0x22, 0xcd, 0xe0, 0x92, 0x37, 0x48, 0xc5, 0x46, 0x38, 0x22, 0x38, 0xe2, 0xc3, 0xd2,
+    0x91, 0x9d, 0x11, 0x87, 0x70, 0x49, 0xfa, 0x24, 0x83, 0x23, 0x1c, 0x11, 0x1c, 0x71, 0x80, 0x69,
+    0x81, 0x0b, 0xdb, 0x5e, 0x40, 0x21, 0xd5, 0x30, 0x99, 0x34, 0x10, 0xdb, 0x10, 0x01, 0x5a, 0xd6,
+    0xb1, 0x72, 0x46, 0xf6, 0x10, 0x99, 0xa4, 0x0c, 0xb7, 0x0d, 0x04, 0x46, 0x04, 0x91, 0xf7, 0xd4,
+    0xa1, 0xe4, 0x8c, 0x2f, 0x20, 0xf1, 0x8b, 0x18, 0xad, 0x1a, 0x08, 0x8c, 0x08, 0xe1, 0x2d, 0x6b,
+    0x5d, 0x35, 0x96, 0x48, 0xe7, 0xc2, 0x70, 0xdb, 0xd1, 0x58, 0x49, 0x96, 0x49, 0x50, 0xcb, 0x80,
+    0x4d, 0xa3, 0x5c, 0x91, 0xd7, 0xaa, 0x5f, 0xcf, 0xcb, 0x4f, 0x45, 0x5c, 0x45, 0x20, 0x11, 0x3f,
+    0x7d, 0xda, 0xc1, 0x39, 0x87, 0x12, 0x2e, 0xf3, 0xe5, 0x76, 0x51, 0xc1, 0x51, 0xb0, 0xbc, 0x3d,
+    0x6d, 0x4c, 0x0b, 0xe0, 0xb7, 0x7a, 0x01, 0xe7, 0xff, 0x61, 0x5d, 0x0b, 0x5d, 0xc0, 0x66, 0x82,
+    0x1d, 0x28, 0x38, 0xaa, 0x27, 0xa1, 0xcc, 0x8b, 0xb9, 0x04, 0x79, 0x38, 0x79, 0x53, 0x25, 0x39,
+    0x0d, 0xbe, 0xf2, 0x73, 0x17, 0xc9, 0xe3, 0x9f, 0xa3, 0x13, 0x75, 0xf2, 0x75, 0x23, 0xff, 0x86,
+    0x3d, 0xc7, 0x6f, 0xdb, 0x47, 0x71, 0x92, 0xa3, 0x8d, 0x2a, 0x61, 0x6f, 0x61, 0xb3, 0x52, 0x84,
+    0x2d, 0x51, 0xa5, 0x02, 0x77, 0x19, 0xbd, 0xb7, 0x97, 0x3d, 0x6d, 0xa5, 0x6d, 0xc3, 0x88, 0x3b,
+    0xdd, 0x0f, 0x09, 0x4f, 0xa4, 0x04, 0xcb, 0x7b, 0x01, 0xe0, 0x29, 0x09, 0x29, 0x56, 0xd4, 0x31,
+    0xcd, 0x99, 0xc3, 0x96, 0x94, 0x6c, 0xe4, 0x6f, 0x1b, 0xf7, 0x25, 0xc3, 0x25, 0x26, 0x0e, 0x8e,
+    0xfd, 0xe0, 0x5e, 0x3e, 0xc4, 0xd4, 0x95, 0x53, 0x35, 0xce, 0x31, 0x5e, 0x31, 0xb6, 0xa3, 0x8c,
+    0xed, 0x76, 0x94, 0xe7, 0xf4, 0xbc, 0xba, 0x47, 0x2f, 0xd9, 0x3d, 0x94, 0x3d, 0xc6, 0x79, 0x33,
+    0x9d, 0x12, 0xa7, 0xad, 0x64, 0x67, 0x77, 0x2b, 0x69, 0xbc, 0x19, 0xa7, 0x19, 0x55, 0x3a, 0x88,
+    0x8d, 0x84, 0x6d, 0x74, 0x54, 0x0f, 0x58, 0x3f, 0x73, 0xab, 0x15, 0x6d, 0x15, 0x25, 0xe0, 0x37,
+    0xbd, 0xfd, 0xf0, 0xdc, 0x04, 0xb7, 0x29, 0x03, 0x5d, 0x92, 0x01, 0xf0, 0x01, 0xb5, 0x4d, 0x35,
+    0xad, 0x6b, 0x3a, 0x05, 0x34, 0xdf, 0x06, 0x17, 0x47, 0x85, 0x0d, 0x3a, 0x0d, 0xc5, 0x97, 0x8a,
+    0x9e, 0x41, 0x6b, 0x46, 0x61, 0x8d, 0xc5, 0x58, 0xb2, 0xeb, 0x89, 0x6b, 0x89, 0x5c, 0xf5, 0x21,
+    0x8e, 0xd7, 0xa1, 0x9f, 0x51, 0xe5, 0xea, 0x4c, 0xa8, 0xfc, 0x85, 0xa1, 0x85, 0x2c, 0x2f, 0x9e,
+    0xbe, 0xae, 0x3c, 0x37, 0x01, 0x5d, 0x9b, 0x70, 0x86, 0xc5, 0x91, 0x3c, 0x91, 0xbc, 0x82, 0x9c,
+    0xae, 0x38, 0xf6, 0xee, 0x31, 0x35, 0xb4, 0x64, 0x9c, 0xd2, 0x9d, 0xf6, 0x9d, 0xcc, 0x58, 0x23,
+    0xde, 0x5c, 0xc5, 0xa4, 0xa1, 0xee, 0x79, 0x08, 0xda, 0xb7, 0xb9, 0xc5, 0xb9, 0x5f, 0x1b, 0x98,
+    0xce, 0xca, 0x0f, 0x7d, 0x91, 0x86, 0x56, 0x1c, 0xc0, 0xa0, 0xb5, 0x0f, 0xb5, 0x2f, 0xc1, 0x27,
+    0xfe, 0xb3, 0x92, 0xd5, 0xc1, 0x3e, 0x27, 0x20, 0xee, 0x99, 0xa1, 0x92, 0xa1, 0xbf, 0x6c, 0x25,
+    0xee, 0x25, 0x58, 0x0c, 0xf1, 0x56, 0x08, 0x34, 0xf4, 0x8e, 0xad, 0x58, 0xad, 0xcf, 0xb6, 0x9a,
+    0x1e, 0x7b, 0xf4, 0x41, 0x22, 0x4b, 0x7e, 0xf8, 0x62, 0x53, 0xe9, 0xf4, 0xe9, 0x5a, 0xea, 0x90,
+    0x0e, 0xed, 0x3e, 0x98, 0x12, 0x23, 0x51, 0xec, 0x78, 0x44, 0xe5, 0x3e, 0xe5, 0x2a, 0x30, 0x2f,
+    0x3e, 0x94, 0xa3, 0x30, 0x42, 0x9b, 0x20, 0xd0, 0x56, 0x7d, 0xf1, 0xa3, 0xf1, 0xba, 0x9d, 0x2d,
+    0x2e, 0x02, 0x69, 0xe9, 0x72, 0xf3, 0x0f, 0xc4, 0x4c, 0x6a, 0xfd, 0x69, 0xfd, 0xca, 0x47, 0x92,
+    0x5e, 0x66, 0x5a, 0xa3, 0xe2, 0x28, 0xc2, 0xa8, 0x0a, 0x0f, 0xd9, 0x5a, 0xd9, 0x59, 0x04, 0x29,
+    0x4e, 0xf0, 0x90, 0x7a, 0xd2, 0x40, 0xed, 0xbc, 0x10, 0x18, 0xd5, 0x90, 0xd5, 0x29, 0xde, 0x96,
+    0x7e, 0x89, 0x0d, 0xd2, 0x82, 0xf8, 0x9c, 0x80, 0x3e, 0x21, 0xc1, 0x0d, 0xc1, 0xb9, 0x73, 0x94,
+    0x6e, 0x1f, 0xc7, 0x0b, 0xb2, 0x90, 0xb3, 0x94, 0x24, 0x36, 0xcd, 0xc7, 0xcd, 0xc9, 0xa9, 0x2b,
+    0x18, 0xdd, 0xaf, 0x54, 0x28, 0x5c, 0xd9, 0x1e, 0x17, 0xfd, 0x0a, 0xaf, 0x0a, 0x48, 0xb7, 0x01,
+    0x08, 0x4b, 0x65, 0x8d, 0x18, 0x34, 0xf6, 0x0a, 0x0d, 0xea, 0x06, 0x65, 0x06, 0x38, 0x6d, 0xbe,
+    0x38, 0x32, 0xf8, 0x25, 0x48, 0x8c, 0x87, 0x36, 0x23, 0xd3, 0x12, 0xf8, 0x12, 0xa8, 0xc0, 0xbc,
+    0x28, 0xa4, 0x32, 0xfc, 0x78, 0xe4, 0xa8, 0x22, 0x39, 0xc4, 0x1e, 0x32, 0x1e, 0xd8, 0x1a, 0x03,
+    0x58, 0xc0, 0x01, 0xb6, 0xe8, 0x3f, 0x65, 0x4e, 0x7f, 0xa1, 0x3a, 0x01, 0x3a, 0x4b, 0x59, 0xb8,
+    0x48, 0x56, 0xcb, 0x6f, 0xd8, 0x57, 0x4a, 0x5a, 0x65, 0xb6, 0x36, 0xcb, 0x36, 0x3b, 0x83, 0x07,
+    0x78, 0x2f, 0x56, 0xc7, 0x88, 0xef, 0x3b, 0x66, 0x4b, 0x8f, 0x22, 0x56, 0x22, 0xab, 0x2e, 0x05,
+    0x68, 0xb9, 0x9c, 0x1e, 0xb8, 0x87, 0x14, 0x72, 0x51, 0x98, 0x2e, 0x9c, 0x2e, 0xdb, 0xf4, 0xba,
+    0x98, 0xe7, 0x30, 0x53, 0x6b, 0x9a, 0x62, 0xbe, 0xc7, 0x45, 0x6a, 0x30, 0x6a, 0x4e, 0xa8, 0xb0,
+    0x88, 0x71, 0xfa, 0x8a, 0x5b, 0xf2, 0x4d, 0xaa, 0xdd, 0x52, 0x66, 0xfa, 0x66, 0x3e, 0x72, 0x0f,
+    0xb8, 0x08, 0x67, 0x22, 0x0b, 0x4a, 0x3c, 0x96, 0xf3, 0x6b, 0x72, 0x67, 0x72, 0xae, 0xdf, 0x0d,
+    0xa8, 0x9e, 0xad, 0xfb, 0x3b, 0x22, 0x13, 0x82, 0xe9, 0x7c, 0x7e, 0xad, 0x7e, 0xde, 0x05, 0xb2,
+    0xd8, 0xfa, 0x9e, 0xb1, 0xab, 0xf9, 0xde, 0xee, 0xaf, 0x19, 0x5a, 0x9e, 0x5a, 0x4d, 0x46, 0x09,
+    0xc8, 0x6c, 0x54, 0x68, 0x9b, 0x91, 0xf1, 0xfa, 0xb5, 0x0e, 0x56, 0x54, 0x56, 0x3d, 0x9c, 0xb6,
+    0xf8, 0x15, 0xc9, 0xc0, 0xcb, 0x29, 0x80, 0xc6, 0x9b, 0x37, 0x42, 0xc9, 0x42, 0xad, 0x31, 0xb4,
+    0xe8, 0x83, 0x03, 0x19, 0xfb, 0x41, 0xaf, 0xd2, 0x81, 0x20, 0x4e, 0x03, 0x4e, 0xdd, 0xeb, 0x0b,
+    0xdb, 0xa9, 0x52, 0x5a, 0xae, 0x13, 0x6c, 0x9d, 0x74, 0x4e, 0xca, 0x52, 0xca, 0x44, 0x89, 0xa0,
+    0xcb, 0x3f, 0x98, 0x83, 0x9e, 0x7b, 0x43, 0x89, 0x6e, 0x59, 0xc6, 0x98, 0xc6, 0x34, 0x53, 0x1f,
+    0xfb, 0x46, 0x05, 0x2b, 0xce, 0xc3, 0x32, 0xb5, 0x40, 0x60, 0xd2, 0x05, 0xd2, 0xa4, 0xfe, 0x1d,
+    0xeb, 0xd0, 0xcf, 0xf2, 0xfe, 0xab, 0x1d, 0xa1, 0x5a, 0x77, 0xde, 0xcf, 0xde, 0xd4, 0x24, 0xa2,
+    0x9b, 0xb4, 0xfc, 0xb8, 0x6e, 0x70, 0xd0, 0xcd, 0x1c, 0x12, 0xfa, 0xfc, 0xfa, 0x47, 0x67, 0x19,
+    0x8b, 0x22, 0x36, 0x61, 0x5e, 0x18, 0xff, 0xd9, 0x06, 0x05, 0xf6, 0x36, 0xf6, 0x37, 0xbd, 0xa6,
+    0xbb, 0x5b, 0xab, 0xc9, 0x0e, 0xa0, 0x8e, 0xe5, 0x28, 0x3c, 0xe2, 0xab, 0xe2, 0xa7, 0x10, 0xa4,
+    0xab, 0xcd, 0x61, 0x10, 0x3e, 0xc8, 0xa1, 0xf1, 0x32, 0x2b, 0xee, 0x61, 0xee, 0xd7, 0xca, 0x1b,
+    0x5b, 0x93, 0xcd, 0x5d, 0xed, 0xd5, 0xd7, 0x3d, 0xa4, 0xf6, 0xaa, 0xcd, 0xaa, 0x42, 0x96, 0x11,
+    0x4b, 0x05, 0x07, 0x84, 0xdd, 0xbd, 0xf8, 0x29, 0xbe, 0xe1, 0xa6, 0x07, 0xa6, 0x32, 0x4c, 0xae,
+    0x7b, 0x7c, 0x9a, 0x2c, 0x8d, 0x05, 0x89, 0x15, 0x90, 0xd8, 0xb2, 0x9a, 0xb2, 0xa2, 0xe1, 0xac,
+    0x6b, 0xea, 0x50, 0xf5, 0xbd, 0x6d, 0xa6, 0x01, 0x8a, 0xcf, 0xbe, 0x50, 0xbe, 0xd2, 0x3b, 0x13,
+    0x1b, 0x8e, 0x63, 0xbf, 0x2d, 0xb6, 0x6b, 0x6d, 0xcc, 0xaa, 0x9a, 0x63, 0x9a, 0x41, 0x78, 0xa8,
+    0x0b, 0x18, 0xa9, 0x66, 0x1d, 0xde, 0x44, 0x79, 0xd6, 0xbd, 0x96, 0xa9, 0x96, 0x31, 0xa2, 0x17,
+    0x3b, 0x61, 0x34, 0xce, 0x4d, 0x66, 0x35, 0x45, 0xf8, 0x84, 0x82, 0x34, 0x82, 0xa1, 0x0f, 0x15,
+    0x2b, 0xf7, 0xfe, 0x17, 0x7d, 0x0e, 0x1a, 0x51, 0xe2, 0x93, 0x8e, 0xfe, 0x8e, 0xd1, 0xd5, 0xaa,
+  },
+  { /* 13 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x85, 0x74, 0x75, 0xd0, 0x5e, 0xbe, 0xb8, 0x87, 0x4e, 0x62, 0xec, 0x6b, 0x10, 0x87, 0xc6, 0x74,
+    0xc9, 0xe8, 0xea, 0x63, 0xbc, 0xbf, 0xb3, 0xcd, 0x9c, 0xc4, 0x1b, 0xd6, 0x20, 0xcd, 0x4f, 0xe8,
+    0x4c, 0x9c, 0x9f, 0xb3, 0xe2, 0x01, 0x0b, 0x4a, 0xd2, 0xa6, 0xf7, 0xbd, 0x30, 0x4a, 0x89, 0x9c,
+    0x51, 0x13, 0x17, 0xc6, 0xbb, 0xbd, 0xa5, 0x59, 0xfb, 0x4b, 0x36, 0x6f, 0x40, 0x59, 0x9e, 0x13,
+    0xd4, 0x67, 0x62, 0x16, 0xe5, 0x03, 0x1d, 0xde, 0xb5, 0x29, 0xda, 0x04, 0x50, 0xde, 0x58, 0x67,
+    0x98, 0xfb, 0xfd, 0xa5, 0x07, 0x02, 0x16, 0x94, 0x67, 0x8f, 0x2d, 0xb9, 0x60, 0x94, 0xd1, 0xfb,
+    0x1d, 0x8f, 0x88, 0x75, 0x59, 0xbc, 0xae, 0x13, 0x29, 0xed, 0xc1, 0xd2, 0x70, 0x13, 0x17, 0x8f,
+    0xa2, 0x26, 0x2e, 0x4f, 0xb5, 0xb9, 0x89, 0xb2, 0x35, 0x96, 0x6c, 0xde, 0x80, 0xb2, 0xff, 0x26,
+    0x27, 0x52, 0x5b, 0x9f, 0xeb, 0x07, 0x31, 0x35, 0x7b, 0xf4, 0x80, 0xb5, 0x90, 0x35, 0x39, 0x52,
+    0x6b, 0xce, 0xc4, 0x2c, 0x09, 0x06, 0x3a, 0x7f, 0xa9, 0x52, 0x77, 0x08, 0xa0, 0x7f, 0xb0, 0xce,
+    0xee, 0xba, 0xb1, 0xfc, 0x57, 0xb8, 0x82, 0xf8, 0xe7, 0x30, 0x9b, 0x63, 0xb0, 0xf8, 0x76, 0xba,
+    0xf3, 0x35, 0x39, 0x89, 0x0e, 0x04, 0x2c, 0xeb, 0xce, 0xdd, 0x5a, 0xb1, 0xc0, 0xeb, 0x61, 0x35,
+    0x76, 0x41, 0x4c, 0x59, 0x50, 0xba, 0x94, 0x6c, 0x80, 0xbf, 0xb6, 0xda, 0xd0, 0x6c, 0xa7, 0x41,
+    0x3a, 0xdd, 0xd3, 0xea, 0xb2, 0xbb, 0x9f, 0x26, 0x52, 0x19, 0x41, 0x67, 0xe0, 0x26, 0x2e, 0xdd,
+    0xbf, 0xa9, 0xa6, 0x3a, 0xec, 0x05, 0x27, 0xa1, 0x1c, 0x7b, 0xad, 0x0c, 0xf0, 0xa1, 0xe8, 0xa9,
+    0x87, 0x4c, 0x5c, 0x9e, 0xa9, 0xb1, 0xd1, 0xa7, 0x6a, 0xef, 0xd8, 0x7f, 0xc3, 0xa7, 0x3d, 0x4c,
+    0x02, 0x38, 0x29, 0x4e, 0xf7, 0x0f, 0x69, 0x20, 0x24, 0x8d, 0x34, 0x14, 0xd3, 0x20, 0xfb, 0x38,
+    0x4e, 0xa4, 0xb6, 0xfd, 0x15, 0x0e, 0x62, 0x6a, 0xf6, 0x2b, 0xc3, 0xa9, 0xe3, 0x6a, 0x72, 0xa4,
+    0xcb, 0xd0, 0xc3, 0x2d, 0x4b, 0xb0, 0xda, 0xed, 0xb8, 0x49, 0x2f, 0xc2, 0xf3, 0xed, 0xb4, 0xd0,
+    0xd6, 0x5f, 0x4b, 0x58, 0x12, 0x0c, 0x74, 0xfe, 0x91, 0xa4, 0xee, 0x10, 0x83, 0xfe, 0xa3, 0x5f,
+    0x53, 0x2b, 0x3e, 0x88, 0x4c, 0xb2, 0xcc, 0x79, 0xdf, 0xc6, 0x02, 0x7b, 0x93, 0x79, 0x65, 0x2b,
+    0x1f, 0xb7, 0xa1, 0x3b, 0xae, 0xb3, 0xc7, 0x33, 0x0d, 0x60, 0xf5, 0xc6, 0xa3, 0x33, 0xec, 0xb7,
+    0x9a, 0xc3, 0xd4, 0xeb, 0xf0, 0x0d, 0x7f, 0xb4, 0x43, 0x02, 0x19, 0xad, 0xb3, 0xb4, 0x2a, 0xc3,
+    0x25, 0x6a, 0x72, 0xd1, 0x1c, 0x08, 0x58, 0x15, 0x5f, 0x79, 0xb4, 0xa1, 0x43, 0x15, 0xc2, 0x6a,
+    0xa0, 0x1e, 0x07, 0x01, 0x42, 0xb6, 0xe0, 0x92, 0x11, 0x1b, 0x58, 0xca, 0x53, 0x92, 0x04, 0x1e,
+    0xec, 0x82, 0x98, 0xb2, 0xa0, 0xb7, 0xeb, 0xd8, 0xc3, 0xbd, 0xaf, 0x77, 0x63, 0xd8, 0x8d, 0x82,
+    0x69, 0xf6, 0xed, 0x62, 0xfe, 0x09, 0x53, 0x5f, 0x8d, 0xdf, 0x43, 0x1c, 0x73, 0x5f, 0x4b, 0xf6,
+    0x74, 0x79, 0x65, 0x17, 0xa7, 0xb5, 0xfd, 0x4c, 0xa4, 0x32, 0x82, 0xce, 0x03, 0x4c, 0x5c, 0x79,
+    0xf1, 0x0d, 0x10, 0xc7, 0xf9, 0x0b, 0x45, 0xcb, 0xea, 0x50, 0x6e, 0xa5, 0x13, 0xcb, 0x9a, 0x0d,
+    0xbd, 0x91, 0x8f, 0x74, 0x1b, 0x0a, 0x4e, 0x81, 0x38, 0xf6, 0x99, 0x18, 0x23, 0x81, 0x13, 0x91,
+    0x38, 0xe5, 0xfa, 0xa4, 0x45, 0xb4, 0xf6, 0x06, 0x76, 0x94, 0x75, 0x73, 0x33, 0x06, 0xd5, 0xe5,
+    0xcd, 0x98, 0xb8, 0xff, 0x91, 0xa1, 0x61, 0x8d, 0xd4, 0x1d, 0x73, 0xfe, 0x45, 0x8d, 0x7a, 0x98,
+    0x48, 0xec, 0xcd, 0x2f, 0xcf, 0x1f, 0xd9, 0x0a, 0x9a, 0x7f, 0x9f, 0x95, 0x55, 0x0a, 0xbc, 0xec,
+    0x04, 0x70, 0x52, 0x9c, 0x2d, 0x1e, 0xd2, 0x40, 0x48, 0xd9, 0x68, 0x28, 0x65, 0x40, 0x35, 0x70,
+    0x81, 0x04, 0x27, 0x4c, 0x73, 0xa0, 0x6a, 0xc7, 0x06, 0xbb, 0x84, 0x43, 0x75, 0xc7, 0xf3, 0x04,
+    0x9c, 0x8b, 0xaf, 0x39, 0x2a, 0x1c, 0xc4, 0xd4, 0x2f, 0x56, 0x45, 0x91, 0x05, 0xd4, 0xe4, 0x8b,
+    0x19, 0xff, 0xda, 0xe9, 0x74, 0xa2, 0x7c, 0x53, 0x61, 0x34, 0xa9, 0xfa, 0x15, 0x53, 0x22, 0xff,
+    0x55, 0x63, 0x45, 0x5a, 0x96, 0xa3, 0x77, 0x19, 0xb3, 0x92, 0x5e, 0x47, 0x25, 0x19, 0xab, 0x63,
+    0xd0, 0x17, 0x30, 0x8a, 0xc8, 0x1d, 0xcf, 0x9e, 0xfd, 0xf0, 0xb2, 0x2c, 0x35, 0x9e, 0x6d, 0x17,
+    0x6f, 0xbe, 0x96, 0xb0, 0x24, 0x18, 0xe8, 0x3f, 0xe1, 0x8b, 0x1f, 0x20, 0xc5, 0x3f, 0x85, 0xbe,
+    0xea, 0xca, 0xe3, 0x60, 0x7a, 0xa6, 0x50, 0xb8, 0xaf, 0xe9, 0xf3, 0x4b, 0xd5, 0xb8, 0x43, 0xca,
+    0xa6, 0x56, 0x7c, 0xd3, 0x98, 0xa7, 0x5b, 0xf2, 0x7d, 0x4f, 0x04, 0xf6, 0xe5, 0xf2, 0xca, 0x56,
+    0x23, 0x22, 0x09, 0x03, 0xc6, 0x19, 0xe3, 0x75, 0x33, 0x2d, 0xe8, 0x9d, 0xf5, 0x75, 0x0c, 0x22,
+    0x3e, 0xad, 0x81, 0x76, 0x9f, 0xa5, 0x4d, 0x66, 0x1a, 0xc0, 0x29, 0x4f, 0x85, 0x66, 0x1b, 0xad,
+    0xbb, 0xd9, 0xf4, 0xa6, 0xc1, 0x1b, 0xf5, 0xe1, 0x54, 0xa2, 0xc5, 0x24, 0x95, 0xe1, 0xdd, 0xd9,
+    0xf7, 0x45, 0x6b, 0x15, 0x23, 0x1a, 0xfe, 0xab, 0x86, 0x04, 0x32, 0x99, 0xa5, 0xab, 0x54, 0x45,
+    0x72, 0x31, 0x1e, 0xc5, 0x7d, 0xa4, 0x46, 0x2c, 0xc8, 0x66, 0xde, 0xf2, 0xb5, 0x2c, 0x92, 0x31,
+    0x4a, 0xd4, 0xe4, 0x61, 0x38, 0x10, 0xb0, 0x2a, 0xbe, 0xf2, 0xab, 0x81, 0x86, 0x2a, 0x47, 0xd4,
+    0xcf, 0xa0, 0x91, 0xb1, 0x66, 0xae, 0x08, 0xad, 0xf0, 0x90, 0x47, 0xea, 0x96, 0xad, 0x81, 0xa0,
+    0x83, 0x3c, 0x0e, 0x02, 0x84, 0xaf, 0x03, 0xe7, 0x22, 0x36, 0xb0, 0x57, 0xa6, 0xe7, 0x08, 0x3c,
+    0x06, 0x48, 0x7b, 0xd2, 0xda, 0x11, 0xbb, 0x60, 0x6c, 0x54, 0x5c, 0x3c, 0xb6, 0x60, 0xce, 0x48,
+    0x1b, 0xc7, 0xf3, 0xa7, 0x83, 0xad, 0x15, 0x73, 0x45, 0xb9, 0x9d, 0xee, 0xc6, 0x73, 0xd9, 0xc7,
+    0x9e, 0xb3, 0x86, 0x77, 0xdd, 0x13, 0xad, 0xf4, 0x0b, 0xdb, 0x71, 0x85, 0xd6, 0xf4, 0x1f, 0xb3,
+    0xd2, 0x2f, 0x19, 0xc4, 0x3f, 0x12, 0xa6, 0xbe, 0xd9, 0x7d, 0x86, 0x38, 0xe6, 0xbe, 0x96, 0x2f,
+    0x57, 0x5b, 0x6c, 0x14, 0x61, 0xac, 0x1e, 0x39, 0x97, 0x1f, 0x6a, 0x53, 0xf6, 0x39, 0x50, 0x5b,
+    0xe8, 0xf2, 0xca, 0x2e, 0x8d, 0xa9, 0x39, 0x98, 0x8b, 0x64, 0xc7, 0x5f, 0x06, 0x98, 0xb8, 0xf2,
+    0x6d, 0x86, 0xbf, 0xfe, 0xd3, 0x17, 0x81, 0x1f, 0xc5, 0x06, 0x2b, 0x34, 0x16, 0x1f, 0x7e, 0x86,
+    0x21, 0x1a, 0x20, 0x4d, 0x31, 0x16, 0x8a, 0x55, 0x17, 0xa0, 0xdc, 0x89, 0x26, 0x55, 0xf7, 0x1a,
+    0xa4, 0x6e, 0x55, 0x9d, 0x6f, 0xa8, 0x32, 0xd2, 0x59, 0xc2, 0x30, 0xe2, 0x36, 0xd2, 0x31, 0x6e,
+    0xb9, 0xe1, 0xdd, 0xe8, 0x36, 0x14, 0x9c, 0xc1, 0x70, 0x2f, 0xf1, 0x30, 0x46, 0xc1, 0x26, 0xe1,
+    0x3c, 0x95, 0xa8, 0x38, 0x68, 0xaa, 0x24, 0x46, 0x3e, 0x4d, 0x1d, 0x5b, 0x56, 0x46, 0xe0, 0x95,
+    0x70, 0x09, 0x37, 0x8b, 0x8a, 0xab, 0x2f, 0x0c, 0xec, 0xeb, 0xea, 0xe6, 0x66, 0x0c, 0x69, 0x09,
+    0xf5, 0x7d, 0x42, 0x5b, 0xd4, 0x15, 0x97, 0x8b, 0xa2, 0x89, 0x06, 0x8d, 0x76, 0x8b, 0xaf, 0x7d,
+    0x59, 0xf3, 0xb3, 0x3d, 0xe1, 0x81, 0xc2, 0xd9, 0x6b, 0x3a, 0xe6, 0x3f, 0x8a, 0xd9, 0xf4, 0xf3,
+    0xdc, 0x87, 0xc6, 0xed, 0xbf, 0x3f, 0x7a, 0x5e, 0x25, 0x58, 0x0a, 0x54, 0x9a, 0x5e, 0x32, 0x87,
+    0x90, 0x1b, 0x59, 0x5e, 0x5d, 0x3e, 0x71, 0x14, 0xf7, 0xfe, 0xfd, 0xe9, 0xaa, 0x14, 0xbb, 0x1b,
+    0x15, 0x6f, 0x2c, 0x8e, 0x03, 0x80, 0xc9, 0x93, 0xb9, 0x9c, 0x11, 0x82, 0xba, 0x93, 0x7d, 0x6f,
+    0x08, 0xe0, 0xa4, 0xfb, 0x5a, 0x3c, 0x67, 0x80, 0x90, 0x71, 0xd0, 0x50, 0xca, 0x80, 0x6a, 0xe0,
+    0x8d, 0x94, 0xd1, 0x2b, 0x04, 0x82, 0xdf, 0x07, 0xde, 0x13, 0x3c, 0x3b, 0xda, 0x07, 0xac, 0x94,
+    0xc1, 0x08, 0x4e, 0x98, 0xe6, 0x83, 0xd4, 0x4d, 0x0c, 0xb5, 0xcb, 0x86, 0xea, 0x4d, 0x25, 0x08,
+    0x44, 0x7c, 0x3b, 0x48, 0xb8, 0x3d, 0x6c, 0xca, 0x42, 0xd7, 0x27, 0xed, 0xfa, 0xca, 0xe3, 0x7c,
+    0xfb, 0xd5, 0x9d, 0x72, 0x54, 0x38, 0x4b, 0x6b, 0x5e, 0xac, 0x8a, 0xe1, 0x0a, 0x6b, 0x0b, 0xd5,
+    0x7e, 0xa1, 0xe8, 0xa2, 0x0a, 0x86, 0xf3, 0xec, 0x10, 0xce, 0x66, 0x8a, 0x1a, 0xec, 0xcd, 0xa1,
+    0x32, 0x3d, 0x77, 0x11, 0xe8, 0x87, 0xf8, 0xa6, 0xc2, 0x68, 0x91, 0x37, 0x2a, 0xa6, 0x44, 0x3d,
+    0xb7, 0x49, 0x02, 0xc1, 0xb6, 0x39, 0x40, 0x21, 0x8c, 0x0a, 0x7d, 0x5c, 0x3a, 0x21, 0x82, 0x49,
+    0xaa, 0xc6, 0x8a, 0xb4, 0xef, 0x85, 0xee, 0x32, 0xa5, 0xe7, 0xbc, 0x8e, 0x4a, 0x32, 0x95, 0xc6,
+    0x2f, 0xb2, 0xff, 0x64, 0xb1, 0x3b, 0x56, 0xb5, 0xeb, 0x85, 0x50, 0xe5, 0x5a, 0xb5, 0x53, 0xb2,
+    0x63, 0x2e, 0x60, 0xd7, 0x53, 0x3a, 0x5d, 0xff, 0x39, 0x23, 0xa7, 0x58, 0x6a, 0xff, 0xda, 0x2e,
+    0xe6, 0x5a, 0x15, 0x07, 0x0d, 0x84, 0xe5, 0x78, 0x77, 0x41, 0x4b, 0x33, 0x7a, 0x78, 0x1c, 0x5a,
+    0xde, 0xbf, 0xef, 0xa3, 0x48, 0x30, 0x13, 0x7e, 0x01, 0xd5, 0x3e, 0x40, 0x49, 0x7e, 0xc9, 0xbf,
+    0x5b, 0xcb, 0x9a, 0x73, 0x16, 0x8e, 0xab, 0xf9, 0x4f, 0xb7, 0xd2, 0x2b, 0x59, 0xf9, 0x0f, 0xcb,
+    0x17, 0x57, 0x05, 0xc0, 0xf4, 0x8f, 0xa0, 0xb3, 0x9d, 0x11, 0x25, 0x96, 0x69, 0xb3, 0x86, 0x57,
+    0x92, 0x23, 0x70, 0x10, 0xaa, 0x31, 0x18, 0x34, 0xd3, 0x73, 0xc9, 0xfd, 0x79, 0x34, 0x40, 0x23,
+    0x8f, 0xac, 0xf8, 0x65, 0xf3, 0x8d, 0xb6, 0x27, 0xfa, 0x9e, 0x08, 0x2f, 0x09, 0x27, 0x57, 0xac,
+    0x0a, 0xd8, 0x8d, 0xb5, 0xad, 0x33, 0x0e, 0xa0, 0xb4, 0xfc, 0xe4, 0x44, 0x19, 0xa0, 0x91, 0xd8,
+    0x46, 0x44, 0x12, 0x06, 0x4f, 0x32, 0x05, 0xea, 0x66, 0x5a, 0x13, 0xf9, 0x29, 0xea, 0x18, 0x44,
+    0xc3, 0x30, 0x67, 0xd6, 0x11, 0x8c, 0xbd, 0x6d, 0x28, 0x38, 0xff, 0x92, 0x39, 0x6d, 0xde, 0x30,
+    0x7c, 0x99, 0xc1, 0xec, 0xfd, 0x89, 0x9a, 0xcc, 0x34, 0x43, 0x52, 0x9e, 0xc9, 0xcc, 0x36, 0x99,
+    0xf9, 0xed, 0xb4, 0x3c, 0xa3, 0x37, 0x22, 0x4b, 0x7a, 0x21, 0xbe, 0xf5, 0xd9, 0x4b, 0xf0, 0xed,
+    0xb5, 0x71, 0x2b, 0x8f, 0x41, 0x36, 0x29, 0x01, 0xa8, 0x87, 0x49, 0x48, 0xe9, 0x01, 0x79, 0x71,
+    0x30, 0x05, 0x5e, 0x5f, 0x1f, 0x88, 0x91, 0x86, 0xe6, 0xe5, 0xa5, 0x23, 0xf9, 0x86, 0xbf, 0x05,
+    0x2d, 0x8a, 0xd6, 0x2a, 0x46, 0x34, 0x3f, 0x95, 0xcf, 0x08, 0x64, 0xf1, 0x89, 0x95, 0xa8, 0x8a,
+    0xa8, 0xfe, 0xa3, 0xfa, 0x18, 0x8a, 0x87, 0x12, 0x81, 0x6a, 0x88, 0x9a, 0x99, 0x12, 0x6e, 0xfe,
+    0xe4, 0x62, 0x3c, 0x49, 0xfa, 0x8b, 0x8c, 0x58, 0x53, 0xcc, 0x7f, 0x27, 0xa9, 0x58, 0xe7, 0x62,
+    0x61, 0x16, 0x49, 0x99, 0xa4, 0x35, 0x34, 0xdf, 0x1d, 0xae, 0x93, 0x4c, 0xb9, 0xdf, 0x21, 0x16,
+    0x94, 0x6b, 0x0b, 0xc2, 0x70, 0x20, 0xa3, 0x54, 0xbf, 0x27, 0x95, 0xc1, 0xcf, 0x54, 0x8e, 0x6b,
+    0x11, 0x1f, 0x7e, 0x12, 0x2e, 0x9e, 0x1b, 0xd3, 0xf1, 0x45, 0x79, 0xaa, 0xdf, 0xd3, 0x48, 0x1f,
+    0x5d, 0x83, 0xe1, 0xa1, 0xcc, 0x9f, 0x10, 0x99, 0x23, 0xe3, 0x8e, 0x17, 0xef, 0x99, 0xc1, 0x83,
+    0xd8, 0xf7, 0x94, 0x71, 0x92, 0x21, 0xa8, 0x1e, 0x6d, 0x81, 0x62, 0x7c, 0xff, 0x1e, 0x07, 0xf7,
+    0xc5, 0x78, 0x1c, 0x04, 0xcb, 0x9d, 0x06, 0x0d, 0x44, 0x6c, 0xa3, 0xae, 0x8f, 0x0d, 0x10, 0x78,
+    0x40, 0x0c, 0x69, 0xd4, 0x95, 0x23, 0xbe, 0x8a, 0x0a, 0x0e, 0x4f, 0xc5, 0x9f, 0x8a, 0xd6, 0x0c,
+    0x0c, 0x90, 0xf6, 0x67, 0x77, 0x22, 0xb5, 0xc0, 0xd8, 0xa8, 0xb8, 0x78, 0xaf, 0xc0, 0x5f, 0x90,
+    0x89, 0xe4, 0x83, 0xb7, 0x29, 0x9c, 0x0d, 0x47, 0x96, 0xca, 0x54, 0x13, 0xbf, 0x47, 0x99, 0xe4,
+    0x36, 0x4d, 0x25, 0x8d, 0xc5, 0x99, 0x2a, 0xe6, 0x8a, 0xb1, 0xf9, 0x1f, 0x4f, 0xe6, 0x71, 0x4d,
+    0xb3, 0x39, 0x50, 0x5d, 0x9b, 0x27, 0x92, 0x61, 0xc4, 0xd3, 0x15, 0x74, 0x5f, 0x61, 0xb7, 0x39,
+    0xff, 0xa5, 0xcf, 0xee, 0x79, 0x26, 0x99, 0x2b, 0x16, 0x75, 0xe2, 0xc9, 0x6f, 0x2b, 0x3e, 0xa5,
+    0x7a, 0xd1, 0xba, 0x3e, 0x27, 0x98, 0x21, 0xac, 0x58, 0x17, 0x0e, 0xa2, 0x7f, 0xac, 0xf8, 0xd1,
+    0x67, 0x5e, 0x32, 0x4b, 0x7e, 0x24, 0x8f, 0xbf, 0x71, 0xfa, 0xcf, 0x70, 0x0f, 0xbf, 0xef, 0x5e,
+    0xe2, 0x2a, 0x47, 0x9b, 0x20, 0x9a, 0x37, 0x38, 0x3f, 0x98, 0x23, 0x1b, 0x1f, 0x38, 0x29, 0x2a,
+    0xae, 0xb6, 0xd8, 0x28, 0xc2, 0x9b, 0x3c, 0x72, 0xed, 0x3e, 0xd4, 0xa6, 0x2f, 0x72, 0xa0, 0xb6,
+    0x2b, 0xc2, 0xad, 0xf8, 0x9c, 0x25, 0x84, 0xf5, 0xa3, 0x5c, 0x38, 0xcd, 0x3f, 0xf5, 0x66, 0xc2,
+    0x13, 0x27, 0x57, 0x5c, 0xd9, 0x91, 0x72, 0xf3, 0xd5, 0xc8, 0x4d, 0xbe, 0x0c, 0xf3, 0xb3, 0x27,
+    0x96, 0x53, 0x22, 0x8c, 0x87, 0x2f, 0xca, 0x74, 0x9b, 0xaa, 0xa1, 0xd5, 0x1c, 0x74, 0x75, 0x53,
+    0xda, 0xcf, 0xbd, 0x3f, 0x65, 0x2e, 0xc1, 0x3e, 0x49, 0x0c, 0x56, 0x68, 0x2c, 0x3e, 0xfc, 0xcf,
+    0x5f, 0xbb, 0xc8, 0xef, 0x3b, 0x90, 0x79, 0xb9, 0x07, 0x6e, 0xba, 0x03, 0x3c, 0xb9, 0x3a, 0xbb,
+    0x42, 0x34, 0x40, 0x9a, 0x62, 0x2c, 0xd7, 0xaa, 0x2e, 0x83, 0x7b, 0xd1, 0x4c, 0xaa, 0x2d, 0x34,
+    0xc7, 0x40, 0x35, 0x4a, 0x3c, 0x92, 0x6f, 0x2d, 0x60, 0xe1, 0x97, 0xba, 0x5c, 0x2d, 0xeb, 0x40,
+    0x8b, 0xdc, 0xaa, 0xf9, 0xde, 0x93, 0x64, 0x67, 0xb2, 0x47, 0x60, 0x07, 0x6c, 0x67, 0x62, 0xdc,
+    0x0e, 0xa8, 0xdf, 0x29, 0x80, 0x2d, 0xdc, 0xe0, 0xfc, 0x25, 0x8c, 0x6c, 0x7c, 0xe0, 0xa4, 0xa8,
+    0xb1, 0x01, 0x79, 0x13, 0x6c, 0x28, 0xfb, 0x41, 0xe0, 0x5e, 0x21, 0x60, 0x8c, 0x41, 0x4c, 0x01,
+    0x34, 0x75, 0x0c, 0xc3, 0x32, 0x96, 0x43, 0xc6, 0xae, 0x3c, 0xcd, 0x0b, 0x9c, 0xc6, 0x8a, 0x75,
+    0x78, 0xe9, 0x93, 0x70, 0xd0, 0x97, 0x48, 0x8c, 0x7c, 0x9a, 0x3a, 0xb6, 0xac, 0x8c, 0x03, 0xe9,
+    0xfd, 0x9d, 0xe6, 0xa0, 0x8e, 0x29, 0xf0, 0x0b, 0x32, 0xf8, 0xd6, 0xdd, 0xbc, 0x0b, 0xc5, 0x9d,
+    0xe0, 0x12, 0x6e, 0xd5, 0xd7, 0x95, 0x5e, 0x18, 0x1b, 0x15, 0x17, 0x0f, 0xcc, 0x18, 0xd2, 0x12,
+    0x65, 0x66, 0x1b, 0x05, 0x89, 0x2b, 0xe6, 0x9f, 0x55, 0x77, 0xfb, 0x64, 0xdc, 0x9f, 0x14, 0x66,
+    0x29, 0xfa, 0x84, 0xb6, 0x6b, 0x2a, 0xed, 0xd5, 0x87, 0xd1, 0x0c, 0xd9, 0xec, 0xd5, 0x9d, 0xfa,
+    0xac, 0x8e, 0xf1, 0x66, 0x35, 0x94, 0x55, 0x52, 0xc9, 0xb3, 0xe0, 0xb2, 0xfc, 0x52, 0x5b, 0x8e,
+    0xb2, 0x25, 0xa5, 0x7a, 0x01, 0xc1, 0x47, 0x71, 0xd6, 0x74, 0x0f, 0x7e, 0xd7, 0x71, 0x2b, 0x25,
+    0x37, 0x51, 0xd0, 0xaa, 0x5f, 0x7f, 0xff, 0xf6, 0x98, 0x16, 0xe3, 0x15, 0xc7, 0xf6, 0xed, 0x51,
+    0x7b, 0xcd, 0x4f, 0x19, 0xbd, 0x7e, 0xf4, 0xbc, 0x4a, 0xb0, 0x14, 0xa8, 0xf7, 0xbc, 0x64, 0xcd,
+    0xfe, 0xb9, 0x3a, 0xc9, 0xe3, 0xc0, 0x4c, 0x3b, 0x04, 0xd2, 0xf8, 0xc3, 0xe7, 0x3b, 0xa2, 0xb9,
+    0xe3, 0x36, 0xb2, 0xbc, 0xba, 0x7c, 0xe2, 0x28, 0x2d, 0x3f, 0x39, 0x11, 0x97, 0x28, 0xb5, 0x36,
+    0x66, 0x42, 0xc7, 0x6c, 0xe4, 0xc2, 0x5a, 0xaf, 0x63, 0x5d, 0xd5, 0x7a, 0x87, 0xaf, 0x73, 0x42,
+    0x2a, 0xde, 0x58, 0xdf, 0x06, 0xc3, 0x51, 0xe5, 0xb1, 0xfb, 0x22, 0xc7, 0xb7, 0xe5, 0xfa, 0xde,
+    0xaf, 0xaa, 0x2d, 0x0f, 0x58, 0x7d, 0xe9, 0x62, 0xff, 0x99, 0xce, 0xac, 0xa7, 0x62, 0x3c, 0xaa,
+    0x10, 0x03, 0x8b, 0x35, 0xb4, 0x78, 0xce, 0xc3, 0xe3, 0xe2, 0x63, 0xa0, 0x57, 0xc3, 0xd4, 0x03,
+    0x95, 0x77, 0xfe, 0xe5, 0xea, 0xc6, 0x76, 0x44, 0xad, 0x80, 0x8f, 0xcb, 0x47, 0x44, 0x12, 0x77,
+    0xd9, 0xeb, 0x61, 0x56, 0x08, 0xc7, 0x7d, 0x0e, 0x7f, 0x26, 0x78, 0x76, 0x77, 0x0e, 0x9b, 0xeb,
+    0x5c, 0x9f, 0x14, 0x86, 0x56, 0x79, 0xc5, 0x89, 0x31, 0x44, 0x94, 0x1d, 0x67, 0x89, 0x5d, 0x9f,
+    0x41, 0x10, 0x9c, 0xf3, 0x0f, 0xc5, 0x6b, 0x9a, 0x18, 0xa9, 0x55, 0xcf, 0x17, 0x9a, 0x4a, 0x10,
+    0xc4, 0x64, 0xe9, 0x23, 0x51, 0x7b, 0xd3, 0x1d, 0x56, 0xcb, 0xb9, 0xa4, 0x07, 0x1d, 0x8c, 0x64,
+    0x88, 0xf8, 0x76, 0x90, 0xb3, 0x7a, 0xd8, 0x57, 0x84, 0x6d, 0x4e, 0x19, 0x37, 0x57, 0x05, 0xf8,
+    0x0d, 0x8c, 0x03, 0x40, 0xed, 0xc4, 0x60, 0xd0, 0xca, 0x0f, 0xa2, 0x72, 0x27, 0xd0, 0xc3, 0x8c,
+    0x35, 0x69, 0xf9, 0xe4, 0xa8, 0x70, 0x96, 0xd6, 0xbc, 0x9b, 0xd7, 0x01, 0x14, 0xd6, 0x16, 0x69,
+    0xb0, 0x1d, 0x8c, 0x34, 0xf6, 0xce, 0x2e, 0x51, 0xf2, 0xf9, 0x3b, 0x6a, 0x04, 0x51, 0xd0, 0x1d,
+    0xfc, 0x81, 0x13, 0x87, 0x14, 0xcf, 0x25, 0x1b, 0x20, 0x5f, 0xcc, 0xd7, 0x34, 0x1b, 0x59, 0x81,
+    0x79, 0xf5, 0x66, 0x57, 0x4a, 0x71, 0x9d, 0x9c, 0x6e, 0x3d, 0x20, 0xbc, 0x24, 0x9c, 0x9f, 0xf5,
+    0x64, 0x7a, 0xee, 0x22, 0x13, 0xcd, 0x33, 0x8f, 0x47, 0xd0, 0xe1, 0x6e, 0x54, 0x8f, 0x88, 0x7a,
+    0xe1, 0x0e, 0x9b, 0xf2, 0x4d, 0x73, 0x8b, 0x08, 0x09, 0xb2, 0x0d, 0x05, 0x44, 0x08, 0x4e, 0x0e,
+    0xad, 0x92, 0x04, 0x41, 0xaf, 0x72, 0x80, 0x42, 0xdb, 0x14, 0xfa, 0xb8, 0x74, 0x42, 0xc7, 0x92,
+    0x28, 0xe6, 0x71, 0x91, 0xf1, 0xcc, 0x38, 0xc5, 0x95, 0x76, 0x16, 0xd3, 0x64, 0xc5, 0x01, 0xe6,
+    0x97, 0x4f, 0xd7, 0xab, 0x1d, 0xc9, 0x1f, 0x64, 0x89, 0x0d, 0xbb, 0xdf, 0x94, 0x64, 0xe9, 0x4f,
+    0x12, 0x3b, 0xa2, 0x7b, 0x43, 0x77, 0xa7, 0xe3, 0xc7, 0x6f, 0x57, 0xb4, 0x84, 0xe3, 0x2f, 0x3b,
+    0x5e, 0xa7, 0x3d, 0xc8, 0xa1, 0x76, 0xac, 0xa9, 0x15, 0xc9, 0xa0, 0x09, 0xb4, 0xa9, 0xa6, 0xa7,
+    0xdb, 0xd3, 0x48, 0x18, 0xff, 0xc8, 0x14, 0x2e, 0x5b, 0xab, 0x4c, 0x62, 0xa4, 0x2e, 0x60, 0xd3,
+    0xc6, 0x5c, 0xc0, 0x6d, 0xa6, 0x74, 0xba, 0x3d, 0x72, 0x46, 0x8d, 0xb0, 0xd4, 0x3d, 0x77, 0x5c,
+    0x43, 0x28, 0xb5, 0xbd, 0xf8, 0xca, 0x02, 0xba, 0x3c, 0x24, 0x61, 0xdb, 0xc4, 0xba, 0xb1, 0x28,
+    0x0f, 0xb4, 0x2a, 0x0e, 0x1a, 0xcb, 0x09, 0xf0, 0xee, 0x82, 0x96, 0x66, 0xf4, 0xf0, 0x38, 0xb4,
+    0x8a, 0xc0, 0x5f, 0xde, 0x44, 0x75, 0xb1, 0x77, 0xa0, 0xe0, 0x7a, 0x0d, 0xe4, 0x77, 0xfe, 0xc0,
+    0x7f, 0xbd, 0x1d, 0x85, 0x90, 0x60, 0x26, 0xfc, 0x02, 0x69, 0x7c, 0x80, 0x92, 0xfc, 0x51, 0xbd,
+    0xfa, 0xc9, 0x68, 0x55, 0xce, 0xde, 0x9e, 0x7b, 0x4c, 0x0b, 0x90, 0xeb, 0x82, 0x7b, 0x97, 0xc9,
+    0xb6, 0x55, 0xf7, 0xe6, 0x2c, 0xdf, 0x95, 0x31, 0x9e, 0xad, 0x67, 0x56, 0xb2, 0x31, 0x1e, 0x55,
+    0x33, 0x21, 0x82, 0x36, 0x72, 0x61, 0x2d, 0xb6, 0xd0, 0xcf, 0x8b, 0x3d, 0xa2, 0xb6, 0xd8, 0x21,
+    0x2e, 0xae, 0x0a, 0x43, 0x2b, 0xdd, 0x83, 0xa5, 0xf9, 0x22, 0x4a, 0xef, 0xd2, 0xa5, 0xcf, 0xae,
+    0xab, 0xda, 0x7f, 0x93, 0x75, 0x63, 0x3b, 0x22, 0xb7, 0x40, 0xa6, 0x84, 0xc2, 0x22, 0x09, 0xda,
+    0xe7, 0x46, 0xe0, 0x20, 0x97, 0x62, 0x30, 0x68, 0x65, 0xe6, 0x51, 0x39, 0xf2, 0x68, 0x80, 0x46,
+    0x62, 0x32, 0x95, 0xf0, 0xc9, 0xdc, 0x88, 0xef, 0x2b, 0x84, 0xbd, 0x52, 0xe2, 0xef, 0x46, 0x32,
+    0xdd, 0x9b, 0x33, 0xca, 0x25, 0xd9, 0xaf, 0x4e, 0x37, 0xff, 0x10, 0x5e, 0x12, 0x4e, 0xae, 0x9b,
+    0x58, 0xef, 0x46, 0x1a, 0x7b, 0x67, 0x17, 0xc9, 0x79, 0x9d, 0xfc, 0x35, 0x02, 0xc9, 0x68, 0xef,
+    0x14, 0x73, 0xd9, 0xa9, 0x99, 0x66, 0x1c, 0x83, 0xab, 0x3b, 0x0b, 0x88, 0x32, 0x83, 0xe1, 0x73,
+    0x91, 0x07, 0xac, 0x79, 0xc7, 0xd8, 0xa4, 0x04, 0xe5, 0x59, 0xe7, 0xe3, 0x22, 0x04, 0x27, 0x07,
+    0x8c, 0x88, 0x24, 0x0c, 0x9e, 0x64, 0x0a, 0x17, 0xcc, 0xb4, 0x26, 0x31, 0x52, 0x17, 0x30, 0x88,
+    0x09, 0xfc, 0x51, 0xdc, 0xc0, 0xda, 0xb2, 0x90, 0x82, 0xd6, 0xca, 0x5a, 0x42, 0x90, 0xf6, 0xfc,
+    0x45, 0x60, 0xce, 0x6f, 0x22, 0xdb, 0xb9, 0xda, 0x50, 0x70, 0x3d, 0xe7, 0x72, 0xda, 0x7f, 0x60,
+    0xc0, 0x14, 0xbb, 0xbf, 0x7c, 0x65, 0x01, 0x5d, 0x1e, 0x12, 0xd1, 0x8c, 0x62, 0x5d, 0xb9, 0x14,
+    0xf8, 0xf1, 0x41, 0x1b, 0x39, 0xd1, 0xf7, 0x5b, 0x68, 0x86, 0xa4, 0xff, 0x51, 0x5b, 0x6c, 0xf1,
+    0x7d, 0x85, 0x34, 0xcb, 0x67, 0x6f, 0x4f, 0xdc, 0x26, 0xe4, 0x48, 0x94, 0x41, 0xdc, 0xaa, 0x85,
+    0x31, 0x19, 0xab, 0x78, 0x85, 0x6e, 0x44, 0x96, 0xf4, 0x42, 0xbf, 0x29, 0x71, 0x96, 0x23, 0x19,
+    0xb4, 0x6d, 0xde, 0xa8, 0xdb, 0xd0, 0xfc, 0x11, 0xba, 0x20, 0x53, 0x42, 0x61, 0x11, 0xe5, 0x6d,
+    0xa9, 0xe2, 0x56, 0xdd, 0x82, 0x6c, 0x52, 0x02, 0x93, 0xcd, 0x92, 0x90, 0x11, 0x02, 0xf2, 0xe2,
+    0x2c, 0x96, 0x23, 0x0d, 0xdc, 0xd2, 0xea, 0x85, 0xdd, 0xaf, 0x7e, 0xfb, 0x01, 0x85, 0x34, 0x96,
+    0x60, 0x0a, 0xbc, 0xbe, 0x3e, 0xd3, 0xe1, 0xcf, 0x0f, 0x09, 0x89, 0x46, 0x31, 0xcf, 0xbd, 0x0a,
+    0xe5, 0x7e, 0xc9, 0x6e, 0x60, 0x6d, 0x59, 0x48, 0x41, 0x6b, 0x65, 0x2d, 0x21, 0x48, 0x7b, 0x7e,
+    0x5a, 0xd7, 0x6f, 0x54, 0x8c, 0x68, 0x7e, 0xe9, 0x5d, 0x10, 0xc8, 0x21, 0xd1, 0xe9, 0x93, 0xd7,
+    0xdf, 0xa3, 0x1a, 0x84, 0xd2, 0xd6, 0xc6, 0x6e, 0x13, 0x72, 0x24, 0x4a, 0xc1, 0x6e, 0x55, 0xa3,
+    0x93, 0x3f, 0x85, 0x37, 0x30, 0xd7, 0xcd, 0x24, 0xc1, 0xd4, 0xd3, 0xf7, 0xf1, 0x24, 0xdc, 0x3f,
+    0x16, 0x4b, 0xf0, 0xe7, 0x6e, 0x69, 0x75, 0xa3, 0x8f, 0xb6, 0x3f, 0x9c, 0xe1, 0xa3, 0x1a, 0x4b,
+    0x0b, 0xc4, 0x78, 0x92, 0x37, 0xd5, 0xdb, 0xb0, 0xa6, 0x5b, 0xfe, 0x4e, 0x91, 0xb0, 0x0d, 0xc4,
+    0x8e, 0xb0, 0x0d, 0x42, 0x69, 0x6b, 0x63, 0x37, 0xe8, 0x39, 0x12, 0x25, 0x81, 0x37, 0xcb, 0xb0,
+    0xc2, 0x2c, 0x92, 0xf1, 0x8b, 0x6a, 0x68, 0x7d, 0x3a, 0x9f, 0xe5, 0x98, 0xb1, 0x7d, 0x42, 0x2c,
+    0x47, 0x58, 0xe7, 0x21, 0xd5, 0xd4, 0xd0, 0xfa, 0x74, 0xfd, 0x09, 0xf3, 0xa1, 0xfa, 0x84, 0x58,
+    0xeb, 0xd6, 0x16, 0x47, 0xe0, 0x40, 0x85, 0xa8, 0xbd, 0x4e, 0xe9, 0x41, 0x5d, 0xa8, 0xdf, 0xd6,
+    0x6e, 0xa2, 0x63, 0x97, 0xbe, 0xfe, 0x3d, 0x2f, 0xf3, 0x2c, 0x05, 0x2a, 0x4d, 0x2f, 0x19, 0xa2,
+    0x22, 0x3e, 0xfc, 0x24, 0x5c, 0xff, 0x36, 0x65, 0x21, 0x8a, 0xf2, 0x97, 0x7d, 0x65, 0x90, 0x3e,
+    0xa7, 0x4a, 0x89, 0xf4, 0x02, 0x41, 0x8e, 0xe2, 0x6f, 0xe8, 0x1e, 0xfc, 0x6d, 0xe2, 0x56, 0x4a,
+    0xba, 0xc5, 0x01, 0x81, 0x5b, 0xfd, 0x20, 0xf1, 0x46, 0x05, 0xdf, 0x2e, 0x1d, 0xf1, 0x41, 0xc5,
+    0x3f, 0xb1, 0x74, 0x51, 0x05, 0x43, 0x98, 0x76, 0x08, 0x67, 0x33, 0x45, 0x0d, 0x76, 0x87, 0xb1,
+    0x73, 0x2d, 0xeb, 0xe2, 0xe7, 0x42, 0x93, 0x3c, 0xda, 0xc1, 0xc4, 0xf8, 0x3d, 0x3c, 0x0e, 0x2d,
+    0xf6, 0x59, 0x9e, 0x32, 0xb9, 0xfc, 0x2b, 0xbb, 0x94, 0xa3, 0x28, 0x93, 0x2d, 0xbb, 0xc8, 0x59,
+    0x49, 0xf0, 0x38, 0x08, 0x55, 0xf9, 0x0c, 0x1a, 0x88, 0xd8, 0x85, 0x9f, 0xdd, 0x1a, 0x20, 0xf0,
+    0xcc, 0x84, 0x4d, 0xd8, 0x0b, 0x47, 0xb4, 0x9d, 0xc6, 0xba, 0x69, 0xf4, 0xcd, 0x9d, 0xe6, 0x84,
+    0x80, 0x18, 0xd2, 0x6b, 0xe9, 0x46, 0xbf, 0xd7, 0x14, 0x1c, 0x9e, 0x49, 0xfd, 0xd7, 0x6f, 0x18,
+    0x05, 0x6c, 0xa7, 0xbb, 0xb7, 0xf8, 0x07, 0x50, 0x5a, 0x7e, 0x72, 0x22, 0xed, 0x50, 0xa9, 0x6c,
+    0x18, 0xe3, 0x2f, 0xce, 0xee, 0x44, 0xa9, 0x43, 0x73, 0x93, 0xb3, 0xf0, 0x9d, 0x43, 0xbe, 0xe3,
+    0x9d, 0x97, 0x5a, 0x1e, 0xb0, 0xfa, 0x11, 0xc4, 0x3d, 0xf1, 0x5f, 0x9b, 0x8d, 0xc4, 0x78, 0x97,
+    0xd1, 0x0b, 0xc5, 0xad, 0x52, 0xfb, 0x1a, 0x8e, 0xef, 0x57, 0xa8, 0x26, 0xbd, 0x8e, 0xf1, 0x0b,
+    0x54, 0x7f, 0xb0, 0x7d, 0x0c, 0x45, 0xa2, 0x09, 0xa1, 0x35, 0x44, 0x4d, 0xad, 0x09, 0x37, 0x7f,
+    0x6c, 0x9a, 0x4a, 0xd9, 0x49, 0xf1, 0x54, 0x0f, 0xd7, 0xa1, 0x31, 0x3e, 0x9e, 0x0f, 0xe2, 0x9a,
+    0xe9, 0xee, 0x3f, 0x09, 0x17, 0x4f, 0xec, 0x88, 0x99, 0xc3, 0xdd, 0x55, 0x8e, 0x88, 0x24, 0xee,
+    0xa5, 0x72, 0xa0, 0xba, 0xf5, 0x4e, 0xe7, 0xc2, 0x4b, 0x65, 0x2a, 0xe8, 0xbe, 0xc2, 0xad, 0x72,
+    0x20, 0x06, 0xd5, 0x6a, 0xab, 0xf0, 0x5f, 0x45, 0x05, 0x07, 0xc6, 0x83, 0xae, 0x45, 0x6b, 0x06,
+    0x3d, 0x89, 0x5d, 0x1f, 0xf2, 0x4c, 0xf1, 0x56, 0x2c, 0xea, 0x07, 0x51, 0xde, 0x56, 0x7c, 0x89,
+    0xb8, 0xfd, 0x28, 0xcf, 0xac, 0xf2, 0x49, 0xd1, 0x62, 0x88, 0xeb, 0x3a, 0xce, 0xd1, 0xba, 0xfd,
+    0xf4, 0x61, 0xb7, 0x7c, 0x4e, 0xf3, 0x42, 0x9b, 0xb0, 0x2e, 0x1c, 0x87, 0xfe, 0x9b, 0x33, 0x61,
+    0x71, 0x15, 0xc2, 0xac, 0x10, 0x4d, 0xfa, 0x1c, 0xfe, 0x4c, 0xf0, 0xec, 0xee, 0x1c, 0xf5, 0x15,
+    0xce, 0xbc, 0x64, 0x96, 0xfc, 0x48, 0xdd, 0xbd, 0xe2, 0x37, 0x5d, 0xe0, 0x1e, 0xbd, 0x1d, 0xbc,
+    0x4b, 0xc8, 0x11, 0x46, 0xa2, 0xf6, 0x65, 0x3a, 0xac, 0x55, 0xb1, 0x8b, 0x0e, 0x3a, 0xdb, 0xc8,
+    0x07, 0x54, 0x8e, 0xf5, 0x40, 0xf7, 0x6e, 0x70, 0x7e, 0xf3, 0x46, 0x36, 0x3e, 0x70, 0x52, 0x54,
+    0x82, 0x20, 0xfb, 0x25, 0x1e, 0x49, 0xd6, 0xf7, 0x30, 0x91, 0xaa, 0x5d, 0x2e, 0xf7, 0x94, 0x20,
+    0x9f, 0xaf, 0x73, 0x50, 0x47, 0xf5, 0x78, 0xe4, 0x19, 0x7c, 0x6b, 0x8f, 0x5e, 0xe4, 0x83, 0xaf,
+    0x1a, 0xdb, 0x06, 0x80, 0x19, 0x4b, 0xc0, 0x63, 0x57, 0x1e, 0x87, 0xe4, 0x4e, 0x63, 0x45, 0xdb,
+    0x56, 0x47, 0x99, 0x33, 0xfb, 0x4a, 0xcb, 0x29, 0x85, 0xb8, 0x70, 0x59, 0x7e, 0x29, 0xcc, 0x47,
+    0xd3, 0x33, 0xec, 0xe3, 0xa5, 0xf4, 0x73, 0xae, 0xcb, 0xda, 0x9c, 0x32, 0x6e, 0xae, 0x0a, 0x33,
+    0x26, 0x4e, 0xae, 0xb8, 0x71, 0xe1, 0xe4, 0x25, 0x69, 0x53, 0x9a, 0xbf, 0x18, 0x25, 0xa5, 0x4e,
+    0xa3, 0x3a, 0xdb, 0x68, 0x2f, 0x5f, 0x5c, 0xa2, 0x27, 0x31, 0x76, 0xd4, 0x08, 0xa2, 0x63, 0x3a,
+    0xef, 0xa6, 0x44, 0xdb, 0xcd, 0x5e, 0x57, 0xe8, 0xf5, 0x97, 0x81, 0x69, 0x38, 0xe8, 0xea, 0xa6,
+    0x6a, 0xd2, 0x31, 0x0b, 0x93, 0xe0, 0xef, 0x6f, 0xbb, 0xf5, 0x6d, 0x02, 0x28, 0x6f, 0x2c, 0xd2,
+    0x77, 0x5d, 0xb9, 0x7e, 0xca, 0x5c, 0x41, 0x7c, 0x92, 0x18, 0xac, 0xd0, 0x58, 0x7c, 0x3b, 0x5d,
+    0xf2, 0x29, 0xcc, 0xae, 0x94, 0xe2, 0xf9, 0xfb, 0xdc, 0x7a, 0x40, 0xbb, 0x48, 0xfb, 0xfd, 0x29,
+    0xbe, 0xb5, 0x53, 0x1d, 0x76, 0xe3, 0xf2, 0xb1, 0x0e, 0xdc, 0xb7, 0x06, 0x78, 0xb1, 0x74, 0xb5,
+    0x3b, 0xc1, 0x26, 0xcd, 0x28, 0x5d, 0x4a, 0x36, 0x40, 0xbe, 0x5b, 0x6d, 0x68, 0x36, 0xb2, 0xc1,
+    0x84, 0x68, 0x80, 0xf7, 0xc4, 0x58, 0x6d, 0x97, 0x5c, 0xc5, 0xf6, 0x61, 0x98, 0x97, 0x5a, 0x68,
+    0x01, 0x1c, 0xf5, 0x27, 0x9a, 0xe6, 0xd5, 0x10, 0x12, 0xa7, 0x1a, 0x0a, 0x88, 0x10, 0x9c, 0x1c,
+    0x4d, 0x80, 0x6a, 0x94, 0x78, 0xe7, 0xde, 0x5a, 0xc0, 0x01, 0xed, 0xb7, 0xb8, 0x5a, 0x15, 0x80,
+    0xc8, 0xf4, 0x1f, 0x44, 0x26, 0x59, 0x66, 0xdd, 0x8e, 0x63, 0x01, 0xdc, 0xa8, 0xdd, 0xd3, 0xf4,
+    0xd5, 0x7b, 0x97, 0x31, 0x7f, 0xe5, 0xc8, 0xce, 0xa7, 0x8e, 0xc0, 0x0e, 0xd8, 0xce, 0xc4, 0x7b,
+    0x50, 0x0f, 0xe2, 0xe1, 0x21, 0x5b, 0x70, 0x49, 0xe9, 0xec, 0x2c, 0x65, 0xc8, 0x49, 0x02, 0x0f,
+    0x1c, 0x93, 0x7d, 0x52, 0xc3, 0x5a, 0x7b, 0x03, 0x3b, 0x4a, 0xdb, 0xd8, 0xf8, 0x03, 0x8b, 0x93,
+    0x99, 0xe7, 0x08, 0x82, 0x9d, 0xe4, 0xc3, 0x84, 0x75, 0x28, 0x37, 0xb3, 0xe8, 0x84, 0x4d, 0xe7,
+    0xa1, 0x02, 0xf2, 0x26, 0xd8, 0x50, 0x35, 0x82, 0x03, 0xbc, 0x42, 0xc0, 0xdb, 0x82, 0x98, 0x02,
+    0x24, 0x76, 0x87, 0xf6, 0x86, 0xee, 0x8d, 0x05, 0x4d, 0xde, 0xae, 0xab, 0xcb, 0x05, 0x5e, 0x76,
+    0x68, 0xea, 0x18, 0x45, 0x64, 0xef, 0x86, 0x4f, 0x9f, 0x78, 0x59, 0x16, 0xfb, 0x4f, 0xd7, 0xea,
+    0xed, 0x9e, 0x6d, 0x95, 0x3a, 0x51, 0x3e, 0xc8, 0xd1, 0x1a, 0xb5, 0x7d, 0xeb, 0xc8, 0x11, 0x9e,
+    0xf0, 0x11, 0xe5, 0xe0, 0x63, 0xed, 0x90, 0xdb, 0xf8, 0xf7, 0x74, 0xaf, 0x9b, 0xdb, 0x06, 0x11,
+    0x75, 0x65, 0x90, 0x30, 0x3d, 0x53, 0x28, 0x5c, 0xb6, 0x95, 0x98, 0xc4, 0x8b, 0x5c, 0xc0, 0x65,
+    0x39, 0xf9, 0x0f, 0x83, 0xdf, 0x52, 0x23, 0x16, 0x64, 0x33, 0x6f, 0x79, 0xbb, 0x16, 0x49, 0xf9,
+    0xbc, 0x8d, 0x7a, 0x53, 0x81, 0xec, 0x9b, 0x91, 0x2a, 0x51, 0x83, 0x12, 0xab, 0x91, 0x8f, 0x8d,
+    0x03, 0x24, 0xdc, 0x69, 0x6d, 0xe9, 0xbc, 0x30, 0x36, 0x2a, 0x2e, 0x1e, 0x5b, 0x30, 0x67, 0x24,
+    0x86, 0x50, 0xa9, 0xb9, 0x33, 0x57, 0x04, 0xb7, 0x78, 0x48, 0xc2, 0x75, 0x4b, 0xb7, 0xa1, 0x50,
+    0xca, 0xcc, 0x36, 0x0a, 0xd1, 0x56, 0x0f, 0xfd, 0xaa, 0xee, 0x35, 0xc8, 0x7b, 0xfd, 0x28, 0xcc,
+    0x4f, 0xb8, 0x43, 0xda, 0x8f, 0xe8, 0xb7, 0x7a, 0xe4, 0x8c, 0xd9, 0xa3, 0x6b, 0x7a, 0xee, 0xb8,
+    0x52, 0x37, 0xcb, 0xaf, 0xd6, 0x54, 0x19, 0x69, 0xcd, 0x61, 0x18, 0x71, 0x1b, 0x69, 0xf9, 0x37,
+    0xd7, 0x43, 0xbe, 0x7f, 0x88, 0xea, 0xa1, 0xee, 0x83, 0x03, 0xf4, 0x1a, 0x0b, 0xee, 0x3f, 0x43,
+    0x9b, 0xdf, 0x21, 0xcc, 0x6a, 0xeb, 0xaa, 0xa4, 0x51, 0xa5, 0x03, 0xa7, 0x3b, 0xa4, 0xb6, 0xdf,
+    0x1e, 0xab, 0x54, 0x1c, 0x34, 0x55, 0x12, 0x23, 0x1f, 0xc7, 0xef, 0xcc, 0x2b, 0x23, 0x70, 0xab,
+  },
+  { /* 14 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x20, 0x2d, 0x99, 0xe9, 0x95, 0x9f, 0xd4, 0x49, 0xe6, 0xd5, 0x76, 0xf2, 0x33, 0xc8, 0x20, 0x98,
+    0x40, 0x5a, 0xf1, 0x11, 0xe9, 0xfd, 0x6b, 0x92, 0x0f, 0x69, 0xec, 0x27, 0x66, 0x53, 0x40, 0xf3,
+    0x60, 0x77, 0x68, 0xf8, 0x7c, 0x62, 0xbf, 0xdb, 0xe9, 0xbc, 0x9a, 0xd5, 0x55, 0x9b, 0x60, 0x6b,
+    0x80, 0xb4, 0x21, 0x22, 0x11, 0x39, 0xd6, 0xe7, 0x1e, 0xd2, 0x1b, 0x4e, 0xcc, 0xa6, 0x80, 0x25,
+    0xa0, 0x99, 0xb8, 0xcb, 0x84, 0xa6, 0x02, 0xae, 0xf8, 0x07, 0x6d, 0xbc, 0xff, 0x6e, 0xa0, 0xbd,
+    0xc0, 0xee, 0xd0, 0x33, 0xf8, 0xc4, 0xbd, 0x75, 0x11, 0xbb, 0xf7, 0x69, 0xaa, 0xf5, 0xc0, 0xd6,
+    0xe0, 0xc3, 0x49, 0xda, 0x6d, 0x5b, 0x69, 0x3c, 0xf7, 0x6e, 0x81, 0x9b, 0x99, 0x3d, 0xe0, 0x4e,
+    0xc3, 0xab, 0x42, 0x44, 0x22, 0x72, 0x6f, 0x0d, 0x3c, 0x67, 0x36, 0x9c, 0x5b, 0x8f, 0xc3, 0x4a,
+    0xe3, 0x86, 0xdb, 0xad, 0xb7, 0xed, 0xbb, 0x44, 0xda, 0xb2, 0x40, 0x6e, 0x68, 0x47, 0xe3, 0xd2,
+    0x83, 0xf1, 0xb3, 0x55, 0xcb, 0x8f, 0x04, 0x9f, 0x33, 0x0e, 0xda, 0xbb, 0x3d, 0xdc, 0x83, 0xb9,
+    0xa3, 0xdc, 0x2a, 0xbc, 0x5e, 0x10, 0xd0, 0xd6, 0xd5, 0xdb, 0xac, 0x49, 0x0e, 0x14, 0xa3, 0x21,
+    0x43, 0x1f, 0x63, 0x66, 0x33, 0x4b, 0xb9, 0xea, 0x22, 0xb5, 0x2d, 0xd2, 0x97, 0x29, 0x43, 0x6f,
+    0x63, 0x32, 0xfa, 0x8f, 0xa6, 0xd4, 0x6d, 0xa3, 0xc4, 0x60, 0x5b, 0x20, 0xa4, 0xe1, 0x63, 0xf7,
+    0x03, 0x45, 0x92, 0x77, 0xda, 0xb6, 0xd2, 0x78, 0x2d, 0xdc, 0xc1, 0xf5, 0xf1, 0x7a, 0x03, 0x9c,
+    0x23, 0x68, 0x0b, 0x9e, 0x4f, 0x29, 0x06, 0x31, 0xcb, 0x09, 0xb7, 0x07, 0xc2, 0xb2, 0x23, 0x04,
+    0x45, 0x95, 0x84, 0x88, 0x44, 0xe4, 0xde, 0x1a, 0x78, 0xce, 0x6c, 0xfb, 0xb6, 0xdd, 0x45, 0x94,
+    0x65, 0xb8, 0x1d, 0x61, 0xd1, 0x7b, 0x0a, 0x53, 0x9e, 0x1b, 0x1a, 0x09, 0x85, 0x15, 0x65, 0x0c,
+    0x05, 0xcf, 0x75, 0x99, 0xad, 0x19, 0xb5, 0x88, 0x77, 0xa7, 0x80, 0xdc, 0xd0, 0x8e, 0x05, 0x67,
+    0x25, 0xe2, 0xec, 0x70, 0x38, 0x86, 0x61, 0xc1, 0x91, 0x72, 0xf6, 0x2e, 0xe3, 0x46, 0x25, 0xff,
+    0xc5, 0x21, 0xa5, 0xaa, 0x55, 0xdd, 0x08, 0xfd, 0x66, 0x1c, 0x77, 0xb5, 0x7a, 0x7b, 0xc5, 0xb1,
+    0xe5, 0x0c, 0x3c, 0x43, 0xc0, 0x42, 0xdc, 0xb4, 0x80, 0xc9, 0x01, 0x47, 0x49, 0xb3, 0xe5, 0x29,
+    0x85, 0x7b, 0x54, 0xbb, 0xbc, 0x20, 0x63, 0x6f, 0x69, 0x75, 0x9b, 0x92, 0x1c, 0x28, 0x85, 0x42,
+    0xa5, 0x56, 0xcd, 0x52, 0x29, 0xbf, 0xb7, 0x26, 0x8f, 0xa0, 0xed, 0x60, 0x2f, 0xe0, 0xa5, 0xda,
+    0x86, 0x3e, 0xc6, 0xcc, 0x66, 0x96, 0xb1, 0x17, 0x44, 0xa9, 0x5a, 0x67, 0xed, 0x52, 0x86, 0xde,
+    0xa6, 0x13, 0x5f, 0x25, 0xf3, 0x09, 0x65, 0x5e, 0xa2, 0x7c, 0x2c, 0x95, 0xde, 0x9a, 0xa6, 0x46,
+    0xc6, 0x64, 0x37, 0xdd, 0x8f, 0x6b, 0xda, 0x85, 0x4b, 0xc0, 0xb6, 0x40, 0x8b, 0x01, 0xc6, 0x2d,
+    0xe6, 0x49, 0xae, 0x34, 0x1a, 0xf4, 0x0e, 0xcc, 0xad, 0x15, 0xc0, 0xb2, 0xb8, 0xc9, 0xe6, 0xb5,
+    0x06, 0x8a, 0xe7, 0xee, 0x77, 0xaf, 0x67, 0xf0, 0x5a, 0x7b, 0x41, 0x29, 0x21, 0xf4, 0x06, 0xfb,
+    0x26, 0xa7, 0x7e, 0x07, 0xe2, 0x30, 0xb3, 0xb9, 0xbc, 0xae, 0x37, 0xdb, 0x12, 0x3c, 0x26, 0x63,
+    0x46, 0xd0, 0x16, 0xff, 0x9e, 0x52, 0x0c, 0x62, 0x55, 0x12, 0xad, 0x0e, 0x47, 0xa7, 0x46, 0x08,
+    0x66, 0xfd, 0x8f, 0x16, 0x0b, 0xcd, 0xd8, 0x2b, 0xb3, 0xc7, 0xdb, 0xfc, 0x74, 0x6f, 0x66, 0x90,
+    0x8a, 0xe9, 0xcb, 0xd3, 0x88, 0x0b, 0x7f, 0x34, 0xf0, 0x5f, 0xd8, 0x35, 0xaf, 0x79, 0x8a, 0xeb,
+    0xaa, 0xc4, 0x52, 0x3a, 0x1d, 0x94, 0xab, 0x7d, 0x16, 0x8a, 0xae, 0xc7, 0x9c, 0xb1, 0xaa, 0x73,
+    0xca, 0xb3, 0x3a, 0xc2, 0x61, 0xf6, 0x14, 0xa6, 0xff, 0x36, 0x34, 0x12, 0xc9, 0x2a, 0xca, 0x18,
+    0xea, 0x9e, 0xa3, 0x2b, 0xf4, 0x69, 0xc0, 0xef, 0x19, 0xe3, 0x42, 0xe0, 0xfa, 0xe2, 0xea, 0x80,
+    0x0a, 0x5d, 0xea, 0xf1, 0x99, 0x32, 0xa9, 0xd3, 0xee, 0x8d, 0xc3, 0x7b, 0x63, 0xdf, 0x0a, 0xce,
+    0x2a, 0x70, 0x73, 0x18, 0x0c, 0xad, 0x7d, 0x9a, 0x08, 0x58, 0xb5, 0x89, 0x50, 0x17, 0x2a, 0x56,
+    0x4a, 0x07, 0x1b, 0xe0, 0x70, 0xcf, 0xc2, 0x41, 0xe1, 0xe4, 0x2f, 0x5c, 0x05, 0x8c, 0x4a, 0x3d,
+    0x6a, 0x2a, 0x82, 0x09, 0xe5, 0x50, 0x16, 0x08, 0x07, 0x31, 0x59, 0xae, 0x36, 0x44, 0x6a, 0xa5,
+    0x49, 0x42, 0x89, 0x97, 0xaa, 0x79, 0x10, 0x39, 0xcc, 0x38, 0xee, 0xa9, 0xf4, 0xf6, 0x49, 0xa1,
+    0x69, 0x6f, 0x10, 0x7e, 0x3f, 0xe6, 0xc4, 0x70, 0x2a, 0xed, 0x98, 0x5b, 0xc7, 0x3e, 0x69, 0x39,
+    0x09, 0x18, 0x78, 0x86, 0x43, 0x84, 0x7b, 0xab, 0xc3, 0x51, 0x02, 0x8e, 0x92, 0xa5, 0x09, 0x52,
+    0x29, 0x35, 0xe1, 0x6f, 0xd6, 0x1b, 0xaf, 0xe2, 0x25, 0x84, 0x74, 0x7c, 0xa1, 0x6d, 0x29, 0xca,
+    0xc9, 0xf6, 0xa8, 0xb5, 0xbb, 0x40, 0xc6, 0xde, 0xd2, 0xea, 0xf5, 0xe7, 0x38, 0x50, 0xc9, 0x84,
+    0xe9, 0xdb, 0x31, 0x5c, 0x2e, 0xdf, 0x12, 0x97, 0x34, 0x3f, 0x83, 0x15, 0x0b, 0x98, 0xe9, 0x1c,
+    0x89, 0xac, 0x59, 0xa4, 0x52, 0xbd, 0xad, 0x4c, 0xdd, 0x83, 0x19, 0xc0, 0x5e, 0x03, 0x89, 0x77,
+    0xa9, 0x81, 0xc0, 0x4d, 0xc7, 0x22, 0x79, 0x05, 0x3b, 0x56, 0x6f, 0x32, 0x6d, 0xcb, 0xa9, 0xef,
+    0xcf, 0x7c, 0x4f, 0x5b, 0xcc, 0xef, 0xa1, 0x2e, 0x88, 0x91, 0xb4, 0xce, 0x19, 0xa4, 0xcf, 0x7f,
+    0xef, 0x51, 0xd6, 0xb2, 0x59, 0x70, 0x75, 0x67, 0x6e, 0x44, 0xc2, 0x3c, 0x2a, 0x6c, 0xef, 0xe7,
+    0x8f, 0x26, 0xbe, 0x4a, 0x25, 0x12, 0xca, 0xbc, 0x87, 0xf8, 0x58, 0xe9, 0x7f, 0xf7, 0x8f, 0x8c,
+    0xaf, 0x0b, 0x27, 0xa3, 0xb0, 0x8d, 0x1e, 0xf5, 0x61, 0x2d, 0x2e, 0x1b, 0x4c, 0x3f, 0xaf, 0x14,
+    0x4f, 0xc8, 0x6e, 0x79, 0xdd, 0xd6, 0x77, 0xc9, 0x96, 0x43, 0xaf, 0x80, 0xd5, 0x02, 0x4f, 0x5a,
+    0x6f, 0xe5, 0xf7, 0x90, 0x48, 0x49, 0xa3, 0x80, 0x70, 0x96, 0xd9, 0x72, 0xe6, 0xca, 0x6f, 0xc2,
+    0x0f, 0x92, 0x9f, 0x68, 0x34, 0x2b, 0x1c, 0x5b, 0x99, 0x2a, 0x43, 0xa7, 0xb3, 0x51, 0x0f, 0xa9,
+    0x2f, 0xbf, 0x06, 0x81, 0xa1, 0xb4, 0xc8, 0x12, 0x7f, 0xff, 0x35, 0x55, 0x80, 0x99, 0x2f, 0x31,
+    0x0c, 0xd7, 0x0d, 0x1f, 0xee, 0x9d, 0xce, 0x23, 0xb4, 0xf6, 0x82, 0x52, 0x42, 0x2b, 0x0c, 0x35,
+    0x2c, 0xfa, 0x94, 0xf6, 0x7b, 0x02, 0x1a, 0x6a, 0x52, 0x23, 0xf4, 0xa0, 0x71, 0xe3, 0x2c, 0xad,
+    0x4c, 0x8d, 0xfc, 0x0e, 0x07, 0x60, 0xa5, 0xb1, 0xbb, 0x9f, 0x6e, 0x75, 0x24, 0x78, 0x4c, 0xc6,
+    0x6c, 0xa0, 0x65, 0xe7, 0x92, 0xff, 0x71, 0xf8, 0x5d, 0x4a, 0x18, 0x87, 0x17, 0xb0, 0x6c, 0x5e,
+    0x8c, 0x63, 0x2c, 0x3d, 0xff, 0xa4, 0x18, 0xc4, 0xaa, 0x24, 0x99, 0x1c, 0x8e, 0x8d, 0x8c, 0x10,
+    0xac, 0x4e, 0xb5, 0xd4, 0x6a, 0x3b, 0xcc, 0x8d, 0x4c, 0xf1, 0xef, 0xee, 0xbd, 0x45, 0xac, 0x88,
+    0xcc, 0x39, 0xdd, 0x2c, 0x16, 0x59, 0x73, 0x56, 0xa5, 0x4d, 0x75, 0x3b, 0xe8, 0xde, 0xcc, 0xe3,
+    0xec, 0x14, 0x44, 0xc5, 0x83, 0xc6, 0xa7, 0x1f, 0x43, 0x98, 0x03, 0xc9, 0xdb, 0x16, 0xec, 0x7b,
+    0xd7, 0x11, 0x55, 0x65, 0xd3, 0x16, 0xfe, 0x68, 0x23, 0xbe, 0x73, 0x6a, 0x9d, 0xf2, 0xd7, 0x15,
+    0xf7, 0x3c, 0xcc, 0x8c, 0x46, 0x89, 0x2a, 0x21, 0xc5, 0x6b, 0x05, 0x98, 0xae, 0x3a, 0xf7, 0x8d,
+    0x97, 0x4b, 0xa4, 0x74, 0x3a, 0xeb, 0x95, 0xfa, 0x2c, 0xd7, 0x9f, 0x4d, 0xfb, 0xa1, 0x97, 0xe6,
+    0xb7, 0x66, 0x3d, 0x9d, 0xaf, 0x74, 0x41, 0xb3, 0xca, 0x02, 0xe9, 0xbf, 0xc8, 0x69, 0xb7, 0x7e,
+    0x57, 0xa5, 0x74, 0x47, 0xc2, 0x2f, 0x28, 0x8f, 0x3d, 0x6c, 0x68, 0x24, 0x51, 0x54, 0x57, 0x30,
+    0x77, 0x88, 0xed, 0xae, 0x57, 0xb0, 0xfc, 0xc6, 0xdb, 0xb9, 0x1e, 0xd6, 0x62, 0x9c, 0x77, 0xa8,
+    0x17, 0xff, 0x85, 0x56, 0x2b, 0xd2, 0x43, 0x1d, 0x32, 0x05, 0x84, 0x03, 0x37, 0x07, 0x17, 0xc3,
+    0x37, 0xd2, 0x1c, 0xbf, 0xbe, 0x4d, 0x97, 0x54, 0xd4, 0xd0, 0xf2, 0xf1, 0x04, 0xcf, 0x37, 0x5b,
+    0x14, 0xba, 0x17, 0x21, 0xf1, 0x64, 0x91, 0x65, 0x1f, 0xd9, 0x45, 0xf6, 0xc6, 0x7d, 0x14, 0x5f,
+    0x34, 0x97, 0x8e, 0xc8, 0x64, 0xfb, 0x45, 0x2c, 0xf9, 0x0c, 0x33, 0x04, 0xf5, 0xb5, 0x34, 0xc7,
+    0x54, 0xe0, 0xe6, 0x30, 0x18, 0x99, 0xfa, 0xf7, 0x10, 0xb0, 0xa9, 0xd1, 0xa0, 0x2e, 0x54, 0xac,
+    0x74, 0xcd, 0x7f, 0xd9, 0x8d, 0x06, 0x2e, 0xbe, 0xf6, 0x65, 0xdf, 0x23, 0x93, 0xe6, 0x74, 0x34,
+    0x94, 0x0e, 0x36, 0x03, 0xe0, 0x5d, 0x47, 0x82, 0x01, 0x0b, 0x5e, 0xb8, 0x0a, 0xdb, 0x94, 0x7a,
+    0xb4, 0x23, 0xaf, 0xea, 0x75, 0xc2, 0x93, 0xcb, 0xe7, 0xde, 0x28, 0x4a, 0x39, 0x13, 0xb4, 0xe2,
+    0xd4, 0x54, 0xc7, 0x12, 0x09, 0xa0, 0x2c, 0x10, 0x0e, 0x62, 0xb2, 0x9f, 0x6c, 0x88, 0xd4, 0x89,
+    0xf4, 0x79, 0x5e, 0xfb, 0x9c, 0x3f, 0xf8, 0x59, 0xe8, 0xb7, 0xc4, 0x6d, 0x5f, 0x40, 0xf4, 0x11,
+    0x92, 0x84, 0xd1, 0xed, 0x97, 0xf2, 0x20, 0x72, 0x5b, 0x70, 0x1f, 0x91, 0x2b, 0x2f, 0x92, 0x81,
+    0xb2, 0xa9, 0x48, 0x04, 0x02, 0x6d, 0xf4, 0x3b, 0xbd, 0xa5, 0x69, 0x63, 0x18, 0xe7, 0xb2, 0x19,
+    0xd2, 0xde, 0x20, 0xfc, 0x7e, 0x0f, 0x4b, 0xe0, 0x54, 0x19, 0xf3, 0xb6, 0x4d, 0x7c, 0xd2, 0x72,
+    0xf2, 0xf3, 0xb9, 0x15, 0xeb, 0x90, 0x9f, 0xa9, 0xb2, 0xcc, 0x85, 0x44, 0x7e, 0xb4, 0xf2, 0xea,
+    0x12, 0x30, 0xf0, 0xcf, 0x86, 0xcb, 0xf6, 0x95, 0x45, 0xa2, 0x04, 0xdf, 0xe7, 0x89, 0x12, 0xa4,
+    0x32, 0x1d, 0x69, 0x26, 0x13, 0x54, 0x22, 0xdc, 0xa3, 0x77, 0x72, 0x2d, 0xd4, 0x41, 0x32, 0x3c,
+    0x52, 0x6a, 0x01, 0xde, 0x6f, 0x36, 0x9d, 0x07, 0x4a, 0xcb, 0xe8, 0xf8, 0x81, 0xda, 0x52, 0x57,
+    0x72, 0x47, 0x98, 0x37, 0xfa, 0xa9, 0x49, 0x4e, 0xac, 0x1e, 0x9e, 0x0a, 0xb2, 0x12, 0x72, 0xcf,
+    0x51, 0x2f, 0x93, 0xa9, 0xb5, 0x80, 0x4f, 0x7f, 0x67, 0x17, 0x29, 0x0d, 0x70, 0xa0, 0x51, 0xcb,
+    0x71, 0x02, 0x0a, 0x40, 0x20, 0x1f, 0x9b, 0x36, 0x81, 0xc2, 0x5f, 0xff, 0x43, 0x68, 0x71, 0x53,
+    0x11, 0x75, 0x62, 0xb8, 0x5c, 0x7d, 0x24, 0xed, 0x68, 0x7e, 0xc5, 0x2a, 0x16, 0xf3, 0x11, 0x38,
+    0x31, 0x58, 0xfb, 0x51, 0xc9, 0xe2, 0xf0, 0xa4, 0x8e, 0xab, 0xb3, 0xd8, 0x25, 0x3b, 0x31, 0xa0,
+    0xd1, 0x9b, 0xb2, 0x8b, 0xa4, 0xb9, 0x99, 0x98, 0x79, 0xc5, 0x32, 0x43, 0xbc, 0x06, 0xd1, 0xee,
+    0xf1, 0xb6, 0x2b, 0x62, 0x31, 0x26, 0x4d, 0xd1, 0x9f, 0x10, 0x44, 0xb1, 0x8f, 0xce, 0xf1, 0x76,
+    0x91, 0xc1, 0x43, 0x9a, 0x4d, 0x44, 0xf2, 0x0a, 0x76, 0xac, 0xde, 0x64, 0xda, 0x55, 0x91, 0x1d,
+    0xb1, 0xec, 0xda, 0x73, 0xd8, 0xdb, 0x26, 0x43, 0x90, 0x79, 0xa8, 0x96, 0xe9, 0x9d, 0xb1, 0x85,
+    0x5d, 0xf8, 0x9e, 0xb6, 0x5b, 0x1d, 0x81, 0x5c, 0xd3, 0xe1, 0xab, 0x5f, 0x32, 0x8b, 0x5d, 0xfe,
+    0x7d, 0xd5, 0x07, 0x5f, 0xce, 0x82, 0x55, 0x15, 0x35, 0x34, 0xdd, 0xad, 0x01, 0x43, 0x7d, 0x66,
+    0x1d, 0xa2, 0x6f, 0xa7, 0xb2, 0xe0, 0xea, 0xce, 0xdc, 0x88, 0x47, 0x78, 0x54, 0xd8, 0x1d, 0x0d,
+    0x3d, 0x8f, 0xf6, 0x4e, 0x27, 0x7f, 0x3e, 0x87, 0x3a, 0x5d, 0x31, 0x8a, 0x67, 0x10, 0x3d, 0x95,
+    0xdd, 0x4c, 0xbf, 0x94, 0x4a, 0x24, 0x57, 0xbb, 0xcd, 0x33, 0xb0, 0x11, 0xfe, 0x2d, 0xdd, 0xdb,
+    0xfd, 0x61, 0x26, 0x7d, 0xdf, 0xbb, 0x83, 0xf2, 0x2b, 0xe6, 0xc6, 0xe3, 0xcd, 0xe5, 0xfd, 0x43,
+    0x9d, 0x16, 0x4e, 0x85, 0xa3, 0xd9, 0x3c, 0x29, 0xc2, 0x5a, 0x5c, 0x36, 0x98, 0x7e, 0x9d, 0x28,
+    0xbd, 0x3b, 0xd7, 0x6c, 0x36, 0x46, 0xe8, 0x60, 0x24, 0x8f, 0x2a, 0xc4, 0xab, 0xb6, 0xbd, 0xb0,
+    0x9e, 0x53, 0xdc, 0xf2, 0x79, 0x6f, 0xee, 0x51, 0xef, 0x86, 0x9d, 0xc3, 0x69, 0x04, 0x9e, 0xb4,
+    0xbe, 0x7e, 0x45, 0x1b, 0xec, 0xf0, 0x3a, 0x18, 0x09, 0x53, 0xeb, 0x31, 0x5a, 0xcc, 0xbe, 0x2c,
+    0xde, 0x09, 0x2d, 0xe3, 0x90, 0x92, 0x85, 0xc3, 0xe0, 0xef, 0x71, 0xe4, 0x0f, 0x57, 0xde, 0x47,
+    0xfe, 0x24, 0xb4, 0x0a, 0x05, 0x0d, 0x51, 0x8a, 0x06, 0x3a, 0x07, 0x16, 0x3c, 0x9f, 0xfe, 0xdf,
+    0x1e, 0xe7, 0xfd, 0xd0, 0x68, 0x56, 0x38, 0xb6, 0xf1, 0x54, 0x86, 0x8d, 0xa5, 0xa2, 0x1e, 0x91,
+    0x3e, 0xca, 0x64, 0x39, 0xfd, 0xc9, 0xec, 0xff, 0x17, 0x81, 0xf0, 0x7f, 0x96, 0x6a, 0x3e, 0x09,
+    0x5e, 0xbd, 0x0c, 0xc1, 0x81, 0xab, 0x53, 0x24, 0xfe, 0x3d, 0x6a, 0xaa, 0xc3, 0xf1, 0x5e, 0x62,
+    0x7e, 0x90, 0x95, 0x28, 0x14, 0x34, 0x87, 0x6d, 0x18, 0xe8, 0x1c, 0x58, 0xf0, 0x39, 0x7e, 0xfa,
+    0x18, 0x6d, 0x1a, 0x3e, 0x1f, 0xf9, 0x5f, 0x46, 0xab, 0x2f, 0xc7, 0xa4, 0x84, 0x56, 0x18, 0x6a,
+    0x38, 0x40, 0x83, 0xd7, 0x8a, 0x66, 0x8b, 0x0f, 0x4d, 0xfa, 0xb1, 0x56, 0xb7, 0x9e, 0x38, 0xf2,
+    0x58, 0x37, 0xeb, 0x2f, 0xf6, 0x04, 0x34, 0xd4, 0xa4, 0x46, 0x2b, 0x83, 0xe2, 0x05, 0x58, 0x99,
+    0x78, 0x1a, 0x72, 0xc6, 0x63, 0x9b, 0xe0, 0x9d, 0x42, 0x93, 0x5d, 0x71, 0xd1, 0xcd, 0x78, 0x01,
+    0x98, 0xd9, 0x3b, 0x1c, 0x0e, 0xc0, 0x89, 0xa1, 0xb5, 0xfd, 0xdc, 0xea, 0x48, 0xf0, 0x98, 0x4f,
+    0xb8, 0xf4, 0xa2, 0xf5, 0x9b, 0x5f, 0x5d, 0xe8, 0x53, 0x28, 0xaa, 0x18, 0x7b, 0x38, 0xb8, 0xd7,
+    0xd8, 0x83, 0xca, 0x0d, 0xe7, 0x3d, 0xe2, 0x33, 0xba, 0x94, 0x30, 0xcd, 0x2e, 0xa3, 0xd8, 0xbc,
+    0xf8, 0xae, 0x53, 0xe4, 0x72, 0xa2, 0x36, 0x7a, 0x5c, 0x41, 0x46, 0x3f, 0x1d, 0x6b, 0xf8, 0x24,
+    0xdb, 0xc6, 0x58, 0x7a, 0x3d, 0x8b, 0x30, 0x4b, 0x97, 0x48, 0xf1, 0x38, 0xdf, 0xd9, 0xdb, 0x20,
+    0xfb, 0xeb, 0xc1, 0x93, 0xa8, 0x14, 0xe4, 0x02, 0x71, 0x9d, 0x87, 0xca, 0xec, 0x11, 0xfb, 0xb8,
+    0x9b, 0x9c, 0xa9, 0x6b, 0xd4, 0x76, 0x5b, 0xd9, 0x98, 0x21, 0x1d, 0x1f, 0xb9, 0x8a, 0x9b, 0xd3,
+    0xbb, 0xb1, 0x30, 0x82, 0x41, 0xe9, 0x8f, 0x90, 0x7e, 0xf4, 0x6b, 0xed, 0x8a, 0x42, 0xbb, 0x4b,
+    0x5b, 0x72, 0x79, 0x58, 0x2c, 0xb2, 0xe6, 0xac, 0x89, 0x9a, 0xea, 0x76, 0x13, 0x7f, 0x5b, 0x05,
+    0x7b, 0x5f, 0xe0, 0xb1, 0xb9, 0x2d, 0x32, 0xe5, 0x6f, 0x4f, 0x9c, 0x84, 0x20, 0xb7, 0x7b, 0x9d,
+    0x1b, 0x28, 0x88, 0x49, 0xc5, 0x4f, 0x8d, 0x3e, 0x86, 0xf3, 0x06, 0x51, 0x75, 0x2c, 0x1b, 0xf6,
+    0x3b, 0x05, 0x11, 0xa0, 0x50, 0xd0, 0x59, 0x77, 0x60, 0x26, 0x70, 0xa3, 0x46, 0xe4, 0x3b, 0x6e,
+    0x6d, 0x22, 0xaa, 0xca, 0x65, 0x2c, 0x3f, 0xd0, 0x46, 0xbf, 0xe6, 0xd4, 0xf9, 0x27, 0x6d, 0x2a,
+    0x4d, 0x0f, 0x33, 0x23, 0xf0, 0xb3, 0xeb, 0x99, 0xa0, 0x6a, 0x90, 0x26, 0xca, 0xef, 0x4d, 0xb2,
+    0x2d, 0x78, 0x5b, 0xdb, 0x8c, 0xd1, 0x54, 0x42, 0x49, 0xd6, 0x0a, 0xf3, 0x9f, 0x74, 0x2d, 0xd9,
+    0x0d, 0x55, 0xc2, 0x32, 0x19, 0x4e, 0x80, 0x0b, 0xaf, 0x03, 0x7c, 0x01, 0xac, 0xbc, 0x0d, 0x41,
+    0xed, 0x96, 0x8b, 0xe8, 0x74, 0x15, 0xe9, 0x37, 0x58, 0x6d, 0xfd, 0x9a, 0x35, 0x81, 0xed, 0x0f,
+    0xcd, 0xbb, 0x12, 0x01, 0xe1, 0x8a, 0x3d, 0x7e, 0xbe, 0xb8, 0x8b, 0x68, 0x06, 0x49, 0xcd, 0x97,
+    0xad, 0xcc, 0x7a, 0xf9, 0x9d, 0xe8, 0x82, 0xa5, 0x57, 0x04, 0x11, 0xbd, 0x53, 0xd2, 0xad, 0xfc,
+    0x8d, 0xe1, 0xe3, 0x10, 0x08, 0x77, 0x56, 0xec, 0xb1, 0xd1, 0x67, 0x4f, 0x60, 0x1a, 0x8d, 0x64,
+    0xae, 0x89, 0xe8, 0x8e, 0x47, 0x5e, 0x50, 0xdd, 0x7a, 0xd8, 0xd0, 0x48, 0xa2, 0xa8, 0xae, 0x60,
+    0x8e, 0xa4, 0x71, 0x67, 0xd2, 0xc1, 0x84, 0x94, 0x9c, 0x0d, 0xa6, 0xba, 0x91, 0x60, 0x8e, 0xf8,
+    0xee, 0xd3, 0x19, 0x9f, 0xae, 0xa3, 0x3b, 0x4f, 0x75, 0xb1, 0x3c, 0x6f, 0xc4, 0xfb, 0xee, 0x93,
+    0xce, 0xfe, 0x80, 0x76, 0x3b, 0x3c, 0xef, 0x06, 0x93, 0x64, 0x4a, 0x9d, 0xf7, 0x33, 0xce, 0x0b,
+    0x2e, 0x3d, 0xc9, 0xac, 0x56, 0x67, 0x86, 0x3a, 0x64, 0x0a, 0xcb, 0x06, 0x6e, 0x0e, 0x2e, 0x45,
+    0x0e, 0x10, 0x50, 0x45, 0xc3, 0xf8, 0x52, 0x73, 0x82, 0xdf, 0xbd, 0xf4, 0x5d, 0xc6, 0x0e, 0xdd,
+    0x6e, 0x67, 0x38, 0xbd, 0xbf, 0x9a, 0xed, 0xa8, 0x6b, 0x63, 0x27, 0x21, 0x08, 0x5d, 0x6e, 0xb6,
+    0x4e, 0x4a, 0xa1, 0x54, 0x2a, 0x05, 0x39, 0xe1, 0x8d, 0xb6, 0x51, 0xd3, 0x3b, 0x95, 0x4e, 0x2e,
+    0x28, 0xb7, 0x2e, 0x42, 0x21, 0xc8, 0xe1, 0xca, 0x3e, 0x71, 0x8a, 0x2f, 0x4f, 0xfa, 0x28, 0xbe,
+    0x08, 0x9a, 0xb7, 0xab, 0xb4, 0x57, 0x35, 0x83, 0xd8, 0xa4, 0xfc, 0xdd, 0x7c, 0x32, 0x08, 0x26,
+    0x68, 0xed, 0xdf, 0x53, 0xc8, 0x35, 0x8a, 0x58, 0x31, 0x18, 0x66, 0x08, 0x29, 0xa9, 0x68, 0x4d,
+    0x48, 0xc0, 0x46, 0xba, 0x5d, 0xaa, 0x5e, 0x11, 0xd7, 0xcd, 0x10, 0xfa, 0x1a, 0x61, 0x48, 0xd5,
+    0xa8, 0x03, 0x0f, 0x60, 0x30, 0xf1, 0x37, 0x2d, 0x20, 0xa3, 0x91, 0x61, 0x83, 0x5c, 0xa8, 0x9b,
+    0x88, 0x2e, 0x96, 0x89, 0xa5, 0x6e, 0xe3, 0x64, 0xc6, 0x76, 0xe7, 0x93, 0xb0, 0x94, 0x88, 0x03,
+    0xe8, 0x59, 0xfe, 0x71, 0xd9, 0x0c, 0x5c, 0xbf, 0x2f, 0xca, 0x7d, 0x46, 0xe5, 0x0f, 0xe8, 0x68,
+    0xc8, 0x74, 0x67, 0x98, 0x4c, 0x93, 0x88, 0xf6, 0xc9, 0x1f, 0x0b, 0xb4, 0xd6, 0xc7, 0xc8, 0xf0,
+    0xeb, 0x1c, 0x6c, 0x06, 0x03, 0xba, 0x8e, 0xc7, 0x02, 0x16, 0xbc, 0xb3, 0x14, 0x75, 0xeb, 0xf4,
+    0xcb, 0x31, 0xf5, 0xef, 0x96, 0x25, 0x5a, 0x8e, 0xe4, 0xc3, 0xca, 0x41, 0x27, 0xbd, 0xcb, 0x6c,
+    0xab, 0x46, 0x9d, 0x17, 0xea, 0x47, 0xe5, 0x55, 0x0d, 0x7f, 0x50, 0x94, 0x72, 0x26, 0xab, 0x07,
+    0x8b, 0x6b, 0x04, 0xfe, 0x7f, 0xd8, 0x31, 0x1c, 0xeb, 0xaa, 0x26, 0x66, 0x41, 0xee, 0x8b, 0x9f,
+    0x6b, 0xa8, 0x4d, 0x24, 0x12, 0x83, 0x58, 0x20, 0x1c, 0xc4, 0xa7, 0xfd, 0xd8, 0xd3, 0x6b, 0xd1,
+    0x4b, 0x85, 0xd4, 0xcd, 0x87, 0x1c, 0x8c, 0x69, 0xfa, 0x11, 0xd1, 0x0f, 0xeb, 0x1b, 0x4b, 0x49,
+    0x2b, 0xf2, 0xbc, 0x35, 0xfb, 0x7e, 0x33, 0xb2, 0x13, 0xad, 0x4b, 0xda, 0xbe, 0x80, 0x2b, 0x22,
+    0x0b, 0xdf, 0x25, 0xdc, 0x6e, 0xe1, 0xe7, 0xfb, 0xf5, 0x78, 0x3d, 0x28, 0x8d, 0x48, 0x0b, 0xba,
+    0xe7, 0xcb, 0x61, 0x19, 0xed, 0x27, 0x40, 0xe4, 0xb6, 0xe0, 0x3e, 0xe1, 0x56, 0x5e, 0xe7, 0xc1,
+    0xc7, 0xe6, 0xf8, 0xf0, 0x78, 0xb8, 0x94, 0xad, 0x50, 0x35, 0x48, 0x13, 0x65, 0x96, 0xc7, 0x59,
+    0xa7, 0x91, 0x90, 0x08, 0x04, 0xda, 0x2b, 0x76, 0xb9, 0x89, 0xd2, 0xc6, 0x30, 0x0d, 0xa7, 0x32,
+    0x87, 0xbc, 0x09, 0xe1, 0x91, 0x45, 0xff, 0x3f, 0x5f, 0x5c, 0xa4, 0x34, 0x03, 0xc5, 0x87, 0xaa,
+    0x67, 0x7f, 0x40, 0x3b, 0xfc, 0x1e, 0x96, 0x03, 0xa8, 0x32, 0x25, 0xaf, 0x9a, 0xf8, 0x67, 0xe4,
+    0x47, 0x52, 0xd9, 0xd2, 0x69, 0x81, 0x42, 0x4a, 0x4e, 0xe7, 0x53, 0x5d, 0xa9, 0x30, 0x47, 0x7c,
+    0x27, 0x25, 0xb1, 0x2a, 0x15, 0xe3, 0xfd, 0x91, 0xa7, 0x5b, 0xc9, 0x88, 0xfc, 0xab, 0x27, 0x17,
+    0x07, 0x08, 0x28, 0xc3, 0x80, 0x7c, 0x29, 0xd8, 0x41, 0x8e, 0xbf, 0x7a, 0xcf, 0x63, 0x07, 0x8f,
+    0x24, 0x60, 0x23, 0x5d, 0xcf, 0x55, 0x2f, 0xe9, 0x8a, 0x87, 0x08, 0x7d, 0x0d, 0xd1, 0x24, 0x8b,
+    0x04, 0x4d, 0xba, 0xb4, 0x5a, 0xca, 0xfb, 0xa0, 0x6c, 0x52, 0x7e, 0x8f, 0x3e, 0x19, 0x04, 0x13,
+    0x64, 0x3a, 0xd2, 0x4c, 0x26, 0xa8, 0x44, 0x7b, 0x85, 0xee, 0xe4, 0x5a, 0x6b, 0x82, 0x64, 0x78,
+    0x44, 0x17, 0x4b, 0xa5, 0xb3, 0x37, 0x90, 0x32, 0x63, 0x3b, 0x92, 0xa8, 0x58, 0x4a, 0x44, 0xe0,
+    0xa4, 0xd4, 0x02, 0x7f, 0xde, 0x6c, 0xf9, 0x0e, 0x94, 0x55, 0x13, 0x33, 0xc1, 0x77, 0xa4, 0xae,
+    0x84, 0xf9, 0x9b, 0x96, 0x4b, 0xf3, 0x2d, 0x47, 0x72, 0x80, 0x65, 0xc1, 0xf2, 0xbf, 0x84, 0x36,
+    0xe4, 0x8e, 0xf3, 0x6e, 0x37, 0x91, 0x92, 0x9c, 0x9b, 0x3c, 0xff, 0x14, 0xa7, 0x24, 0xe4, 0x5d,
+    0xc4, 0xa3, 0x6a, 0x87, 0xa2, 0x0e, 0x46, 0xd5, 0x7d, 0xe9, 0x89, 0xe6, 0x94, 0xec, 0xc4, 0xc5,
+    0xa2, 0x5e, 0xe5, 0x91, 0xa9, 0xc3, 0x9e, 0xfe, 0xce, 0x2e, 0x52, 0x1a, 0xe0, 0x83, 0xa2, 0x55,
+    0x82, 0x73, 0x7c, 0x78, 0x3c, 0x5c, 0x4a, 0xb7, 0x28, 0xfb, 0x24, 0xe8, 0xd3, 0x4b, 0x82, 0xcd,
+    0xe2, 0x04, 0x14, 0x80, 0x40, 0x3e, 0xf5, 0x6c, 0xc1, 0x47, 0xbe, 0x3d, 0x86, 0xd0, 0xe2, 0xa6,
+    0xc2, 0x29, 0x8d, 0x69, 0xd5, 0xa1, 0x21, 0x25, 0x27, 0x92, 0xc8, 0xcf, 0xb5, 0x18, 0xc2, 0x3e,
+    0x22, 0xea, 0xc4, 0xb3, 0xb8, 0xfa, 0x48, 0x19, 0xd0, 0xfc, 0x49, 0x54, 0x2c, 0x25, 0x22, 0x70,
+    0x02, 0xc7, 0x5d, 0x5a, 0x2d, 0x65, 0x9c, 0x50, 0x36, 0x29, 0x3f, 0xa6, 0x1f, 0xed, 0x02, 0xe8,
+    0x62, 0xb0, 0x35, 0xa2, 0x51, 0x07, 0x23, 0x8b, 0xdf, 0x95, 0xa5, 0x73, 0x4a, 0x76, 0x62, 0x83,
+    0x42, 0x9d, 0xac, 0x4b, 0xc4, 0x98, 0xf7, 0xc2, 0x39, 0x40, 0xd3, 0x81, 0x79, 0xbe, 0x42, 0x1b,
+    0x61, 0xf5, 0xa7, 0xd5, 0x8b, 0xb1, 0xf1, 0xf3, 0xf2, 0x49, 0x64, 0x86, 0xbb, 0x0c, 0x61, 0x1f,
+    0x41, 0xd8, 0x3e, 0x3c, 0x1e, 0x2e, 0x25, 0xba, 0x14, 0x9c, 0x12, 0x74, 0x88, 0xc4, 0x41, 0x87,
+    0x21, 0xaf, 0x56, 0xc4, 0x62, 0x4c, 0x9a, 0x61, 0xfd, 0x20, 0x88, 0xa1, 0xdd, 0x5f, 0x21, 0xec,
+    0x01, 0x82, 0xcf, 0x2d, 0xf7, 0xd3, 0x4e, 0x28, 0x1b, 0xf5, 0xfe, 0x53, 0xee, 0x97, 0x01, 0x74,
+    0xe1, 0x41, 0x86, 0xf7, 0x9a, 0x88, 0x27, 0x14, 0xec, 0x9b, 0x7f, 0xc8, 0x77, 0xaa, 0xe1, 0x3a,
+    0xc1, 0x6c, 0x1f, 0x1e, 0x0f, 0x17, 0xf3, 0x5d, 0x0a, 0x4e, 0x09, 0x3a, 0x44, 0x62, 0xc1, 0xa2,
+    0xa1, 0x1b, 0x77, 0xe6, 0x73, 0x75, 0x4c, 0x86, 0xe3, 0xf2, 0x93, 0xef, 0x11, 0xf9, 0xa1, 0xc9,
+    0x81, 0x36, 0xee, 0x0f, 0xe6, 0xea, 0x98, 0xcf, 0x05, 0x27, 0xe5, 0x1d, 0x22, 0x31, 0x81, 0x51,
+    0xba, 0x33, 0xff, 0xaf, 0xb6, 0x3a, 0xc1, 0xb8, 0x65, 0x01, 0x95, 0xbe, 0x64, 0xd5, 0xba, 0x3f,
+    0x9a, 0x1e, 0x66, 0x46, 0x23, 0xa5, 0x15, 0xf1, 0x83, 0xd4, 0xe3, 0x4c, 0x57, 0x1d, 0x9a, 0xa7,
+    0xfa, 0x69, 0x0e, 0xbe, 0x5f, 0xc7, 0xaa, 0x2a, 0x6a, 0x68, 0x79, 0x99, 0x02, 0x86, 0xfa, 0xcc,
+    0xda, 0x44, 0x97, 0x57, 0xca, 0x58, 0x7e, 0x63, 0x8c, 0xbd, 0x0f, 0x6b, 0x31, 0x4e, 0xda, 0x54,
+    0x3a, 0x87, 0xde, 0x8d, 0xa7, 0x03, 0x17, 0x5f, 0x7b, 0xd3, 0x8e, 0xf0, 0xa8, 0x73, 0x3a, 0x1a,
+    0x1a, 0xaa, 0x47, 0x64, 0x32, 0x9c, 0xc3, 0x16, 0x9d, 0x06, 0xf8, 0x02, 0x9b, 0xbb, 0x1a, 0x82,
+    0x7a, 0xdd, 0x2f, 0x9c, 0x4e, 0xfe, 0x7c, 0xcd, 0x74, 0xba, 0x62, 0xd7, 0xce, 0x20, 0x7a, 0xe9,
+    0x5a, 0xf0, 0xb6, 0x75, 0xdb, 0x61, 0xa8, 0x84, 0x92, 0x6f, 0x14, 0x25, 0xfd, 0xe8, 0x5a, 0x71,
+    0x79, 0x98, 0xbd, 0xeb, 0x94, 0x48, 0xae, 0xb5, 0x59, 0x66, 0xa3, 0x22, 0x3f, 0x5a, 0x79, 0x75,
+    0x59, 0xb5, 0x24, 0x02, 0x01, 0xd7, 0x7a, 0xfc, 0xbf, 0xb3, 0xd5, 0xd0, 0x0c, 0x92, 0x59, 0xed,
+    0x39, 0xc2, 0x4c, 0xfa, 0x7d, 0xb5, 0xc5, 0x27, 0x56, 0x0f, 0x4f, 0x05, 0x59, 0x09, 0x39, 0x86,
+    0x19, 0xef, 0xd5, 0x13, 0xe8, 0x2a, 0x11, 0x6e, 0xb0, 0xda, 0x39, 0xf7, 0x6a, 0xc1, 0x19, 0x1e,
+    0xf9, 0x2c, 0x9c, 0xc9, 0x85, 0x71, 0x78, 0x52, 0x47, 0xb4, 0xb8, 0x6c, 0xf3, 0xfc, 0xf9, 0x50,
+    0xd9, 0x01, 0x05, 0x20, 0x10, 0xee, 0xac, 0x1b, 0xa1, 0x61, 0xce, 0x9e, 0xc0, 0x34, 0xd9, 0xc8,
+    0xb9, 0x76, 0x6d, 0xd8, 0x6c, 0x8c, 0x13, 0xc0, 0x48, 0xdd, 0x54, 0x4b, 0x95, 0xaf, 0xb9, 0xa3,
+    0x99, 0x5b, 0xf4, 0x31, 0xf9, 0x13, 0xc7, 0x89, 0xae, 0x08, 0x22, 0xb9, 0xa6, 0x67, 0x99, 0x3b,
+    0xff, 0xa6, 0x7b, 0x27, 0xf2, 0xde, 0x1f, 0xa2, 0x1d, 0xcf, 0xf9, 0x45, 0xd2, 0x08, 0xff, 0xab,
+    0xdf, 0x8b, 0xe2, 0xce, 0x67, 0x41, 0xcb, 0xeb, 0xfb, 0x1a, 0x8f, 0xb7, 0xe1, 0xc0, 0xdf, 0x33,
+    0xbf, 0xfc, 0x8a, 0x36, 0x1b, 0x23, 0x74, 0x30, 0x12, 0xa6, 0x15, 0x62, 0xb4, 0x5b, 0xbf, 0x58,
+    0x9f, 0xd1, 0x13, 0xdf, 0x8e, 0xbc, 0xa0, 0x79, 0xf4, 0x73, 0x63, 0x90, 0x87, 0x93, 0x9f, 0xc0,
+    0x7f, 0x12, 0x5a, 0x05, 0xe3, 0xe7, 0xc9, 0x45, 0x03, 0x1d, 0xe2, 0x0b, 0x1e, 0xae, 0x7f, 0x8e,
+    0x5f, 0x3f, 0xc3, 0xec, 0x76, 0x78, 0x1d, 0x0c, 0xe5, 0xc8, 0x94, 0xf9, 0x2d, 0x66, 0x5f, 0x16,
+    0x3f, 0x48, 0xab, 0x14, 0x0a, 0x1a, 0xa2, 0xd7, 0x0c, 0x74, 0x0e, 0x2c, 0x78, 0xfd, 0x3f, 0x7d,
+    0x1f, 0x65, 0x32, 0xfd, 0x9f, 0x85, 0x76, 0x9e, 0xea, 0xa1, 0x78, 0xde, 0x4b, 0x35, 0x1f, 0xe5,
+    0x3c, 0x0d, 0x39, 0x63, 0xd0, 0xac, 0x70, 0xaf, 0x21, 0xa8, 0xcf, 0xd9, 0x89, 0x87, 0x3c, 0xe1,
+    0x1c, 0x20, 0xa0, 0x8a, 0x45, 0x33, 0xa4, 0xe6, 0xc7, 0x7d, 0xb9, 0x2b, 0xba, 0x4f, 0x1c, 0x79,
+    0x7c, 0x57, 0xc8, 0x72, 0x39, 0x51, 0x1b, 0x3d, 0x2e, 0xc1, 0x23, 0xfe, 0xef, 0xd4, 0x7c, 0x12,
+    0x5c, 0x7a, 0x51, 0x9b, 0xac, 0xce, 0xcf, 0x74, 0xc8, 0x14, 0x55, 0x0c, 0xdc, 0x1c, 0x5c, 0x8a,
+    0xbc, 0xb9, 0x18, 0x41, 0xc1, 0x95, 0xa6, 0x48, 0x3f, 0x7a, 0xd4, 0x97, 0x45, 0x21, 0xbc, 0xc4,
+    0x9c, 0x94, 0x81, 0xa8, 0x54, 0x0a, 0x72, 0x01, 0xd9, 0xaf, 0xa2, 0x65, 0x76, 0xe9, 0x9c, 0x5c,
+    0xfc, 0xe3, 0xe9, 0x50, 0x28, 0x68, 0xcd, 0xda, 0x30, 0x13, 0x38, 0xb0, 0x23, 0x72, 0xfc, 0x37,
+    0xdc, 0xce, 0x70, 0xb9, 0xbd, 0xf7, 0x19, 0x93, 0xd6, 0xc6, 0x4e, 0x42, 0x10, 0xba, 0xdc, 0xaf,
+    0x30, 0xda, 0x34, 0x7c, 0x3e, 0x31, 0xbe, 0x8c, 0x95, 0x5e, 0x4d, 0x8b, 0xcb, 0xac, 0x30, 0xd4,
+    0x10, 0xf7, 0xad, 0x95, 0xab, 0xae, 0x6a, 0xc5, 0x73, 0x8b, 0x3b, 0x79, 0xf8, 0x64, 0x10, 0x4c,
+    0x70, 0x80, 0xc5, 0x6d, 0xd7, 0xcc, 0xd5, 0x1e, 0x9a, 0x37, 0xa1, 0xac, 0xad, 0xff, 0x70, 0x27,
+    0x50, 0xad, 0x5c, 0x84, 0x42, 0x53, 0x01, 0x57, 0x7c, 0xe2, 0xd7, 0x5e, 0x9e, 0x37, 0x50, 0xbf,
+    0xb0, 0x6e, 0x15, 0x5e, 0x2f, 0x08, 0x68, 0x6b, 0x8b, 0x8c, 0x56, 0xc5, 0x07, 0x0a, 0xb0, 0xf1,
+    0x90, 0x43, 0x8c, 0xb7, 0xba, 0x97, 0xbc, 0x22, 0x6d, 0x59, 0x20, 0x37, 0x34, 0xc2, 0x90, 0x69,
+    0xf0, 0x34, 0xe4, 0x4f, 0xc6, 0xf5, 0x03, 0xf9, 0x84, 0xe5, 0xba, 0xe2, 0x61, 0x59, 0xf0, 0x02,
+    0xd0, 0x19, 0x7d, 0xa6, 0x53, 0x6a, 0xd7, 0xb0, 0x62, 0x30, 0xcc, 0x10, 0x52, 0x91, 0xd0, 0x9a,
+    0xf3, 0x71, 0x76, 0x38, 0x1c, 0x43, 0xd1, 0x81, 0xa9, 0x39, 0x7b, 0x17, 0x90, 0x23, 0xf3, 0x9e,
+    0xd3, 0x5c, 0xef, 0xd1, 0x89, 0xdc, 0x05, 0xc8, 0x4f, 0xec, 0x0d, 0xe5, 0xa3, 0xeb, 0xd3, 0x06,
+    0xb3, 0x2b, 0x87, 0x29, 0xf5, 0xbe, 0xba, 0x13, 0xa6, 0x50, 0x97, 0x30, 0xf6, 0x70, 0xb3, 0x6d,
+    0x93, 0x06, 0x1e, 0xc0, 0x60, 0x21, 0x6e, 0x5a, 0x40, 0x85, 0xe1, 0xc2, 0xc5, 0xb8, 0x93, 0xf5,
+    0x73, 0xc5, 0x57, 0x1a, 0x0d, 0x7a, 0x07, 0x66, 0xb7, 0xeb, 0x60, 0x59, 0x5c, 0x85, 0x73, 0xbb,
+    0x53, 0xe8, 0xce, 0xf3, 0x98, 0xe5, 0xd3, 0x2f, 0x51, 0x3e, 0x16, 0xab, 0x6f, 0x4d, 0x53, 0x23,
+    0x33, 0x9f, 0xa6, 0x0b, 0xe4, 0x87, 0x6c, 0xf4, 0xb8, 0x82, 0x8c, 0x7e, 0x3a, 0xd6, 0x33, 0x48,
+    0x13, 0xb2, 0x3f, 0xe2, 0x71, 0x18, 0xb8, 0xbd, 0x5e, 0x57, 0xfa, 0x8c, 0x09, 0x1e, 0x13, 0xd0,
+    0x75, 0x4f, 0xb0, 0xf4, 0x7a, 0xd5, 0x60, 0x96, 0xed, 0x90, 0x21, 0x70, 0x7d, 0x71, 0x75, 0x40,
+    0x55, 0x62, 0x29, 0x1d, 0xef, 0x4a, 0xb4, 0xdf, 0x0b, 0x45, 0x57, 0x82, 0x4e, 0xb9, 0x55, 0xd8,
+    0x35, 0x15, 0x41, 0xe5, 0x93, 0x28, 0x0b, 0x04, 0xe2, 0xf9, 0xcd, 0x57, 0x1b, 0x22, 0x35, 0xb3,
+    0x15, 0x38, 0xd8, 0x0c, 0x06, 0xb7, 0xdf, 0x4d, 0x04, 0x2c, 0xbb, 0xa5, 0x28, 0xea, 0x15, 0x2b,
+    0xf5, 0xfb, 0x91, 0xd6, 0x6b, 0xec, 0xb6, 0x71, 0xf3, 0x42, 0x3a, 0x3e, 0xb1, 0xd7, 0xf5, 0x65,
+    0xd5, 0xd6, 0x08, 0x3f, 0xfe, 0x73, 0x62, 0x38, 0x15, 0x97, 0x4c, 0xcc, 0x82, 0x1f, 0xd5, 0xfd,
+    0xb5, 0xa1, 0x60, 0xc7, 0x82, 0x11, 0xdd, 0xe3, 0xfc, 0x2b, 0xd6, 0x19, 0xd7, 0x84, 0xb5, 0x96,
+    0x95, 0x8c, 0xf9, 0x2e, 0x17, 0x8e, 0x09, 0xaa, 0x1a, 0xfe, 0xa0, 0xeb, 0xe4, 0x4c, 0x95, 0x0e,
+    0xb6, 0xe4, 0xf2, 0xb0, 0x58, 0xa7, 0x0f, 0x9b, 0xd1, 0xf7, 0x17, 0xec, 0x26, 0xfe, 0xb6, 0x0a,
+    0x96, 0xc9, 0x6b, 0x59, 0xcd, 0x38, 0xdb, 0xd2, 0x37, 0x22, 0x61, 0x1e, 0x15, 0x36, 0x96, 0x92,
+    0xf6, 0xbe, 0x03, 0xa1, 0xb1, 0x5a, 0x64, 0x09, 0xde, 0x9e, 0xfb, 0xcb, 0x40, 0xad, 0xf6, 0xf9,
+    0xd6, 0x93, 0x9a, 0x48, 0x24, 0xc5, 0xb0, 0x40, 0x38, 0x4b, 0x8d, 0x39, 0x73, 0x65, 0xd6, 0x61,
+    0x36, 0x50, 0xd3, 0x92, 0x49, 0x9e, 0xd9, 0x7c, 0xcf, 0x25, 0x0c, 0xa2, 0xea, 0x58, 0x36, 0x2f,
+    0x16, 0x7d, 0x4a, 0x7b, 0xdc, 0x01, 0x0d, 0x35, 0x29, 0xf0, 0x7a, 0x50, 0xd9, 0x90, 0x16, 0xb7,
+    0x76, 0x0a, 0x22, 0x83, 0xa0, 0x63, 0xb2, 0xee, 0xc0, 0x4c, 0xe0, 0x85, 0x8c, 0x0b, 0x76, 0xdc,
+    0x56, 0x27, 0xbb, 0x6a, 0x35, 0xfc, 0x66, 0xa7, 0x26, 0x99, 0x96, 0x77, 0xbf, 0xc3, 0x56, 0x44,
+  },
+  { /* 15 */
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x94, 0x84, 0xdd, 0x10, 0xbd, 0x27, 0x5d, 0xb8, 0x7a, 0x48, 0x6c, 0x72, 0x76, 0xa2, 0x6e, 0xcf,
+    0xeb, 0xcb, 0x79, 0x20, 0xb9, 0x4e, 0xba, 0xb3, 0xf4, 0x90, 0xd8, 0xe4, 0xec, 0x87, 0xdc, 0x5d,
+    0x7f, 0x4f, 0xa4, 0x30, 0x04, 0x69, 0xe7, 0x0b, 0x8e, 0xd8, 0xb4, 0x96, 0x9a, 0x25, 0xb2, 0x92,
+    0x15, 0x55, 0xf2, 0x40, 0xb1, 0x9c, 0xb7, 0xa5, 0x2b, 0xe3, 0x73, 0x0b, 0x1b, 0xcd, 0x7b, 0xba,
+    0x81, 0xd1, 0x2f, 0x50, 0x0c, 0xbb, 0xea, 0x1d, 0x51, 0xab, 0x1f, 0x79, 0x6d, 0x6f, 0x15, 0x75,
+    0xfe, 0x9e, 0x8b, 0x60, 0x08, 0xd2, 0x0d, 0x16, 0xdf, 0x73, 0xab, 0xef, 0xf7, 0x4a, 0xa7, 0xe7,
+    0x6a, 0x1a, 0x56, 0x70, 0xb5, 0xf5, 0x50, 0xae, 0xa5, 0x3b, 0xc7, 0x9d, 0x81, 0xe8, 0xc9, 0x28,
+    0x2a, 0xaa, 0x27, 0x80, 0xa1, 0xfb, 0xad, 0x89, 0x56, 0x05, 0xe6, 0x16, 0x36, 0x59, 0xf6, 0xb7,
+    0xbe, 0x2e, 0xfa, 0x90, 0x1c, 0xdc, 0xf0, 0x31, 0x2c, 0x4d, 0x8a, 0x64, 0x40, 0xfb, 0x98, 0x78,
+    0xc1, 0x61, 0x5e, 0xa0, 0x18, 0xb5, 0x17, 0x3a, 0xa2, 0x95, 0x3e, 0xf2, 0xda, 0xde, 0x2a, 0xea,
+    0x55, 0xe5, 0x83, 0xb0, 0xa5, 0x92, 0x4a, 0x82, 0xd8, 0xdd, 0x52, 0x80, 0xac, 0x7c, 0x44, 0x25,
+    0x3f, 0xff, 0xd5, 0xc0, 0x10, 0x67, 0x1a, 0x2c, 0x7d, 0xe6, 0x95, 0x1d, 0x2d, 0x94, 0x8d, 0x0d,
+    0xab, 0x7b, 0x08, 0xd0, 0xad, 0x40, 0x47, 0x94, 0x07, 0xae, 0xf9, 0x6f, 0x5b, 0x36, 0xe3, 0xc2,
+    0xd4, 0x34, 0xac, 0xe0, 0xa9, 0x29, 0xa0, 0x9f, 0x89, 0x76, 0x4d, 0xf9, 0xc1, 0x13, 0x51, 0x50,
+    0x40, 0xb0, 0x71, 0xf0, 0x14, 0x0e, 0xfd, 0x27, 0xf3, 0x3e, 0x21, 0x8b, 0xb7, 0xb1, 0x3f, 0x9f,
+    0x54, 0x97, 0x4e, 0xc3, 0x81, 0x35, 0x99, 0xd1, 0xac, 0x0a, 0x0f, 0x2c, 0x6c, 0xb2, 0x2f, 0xad,
+    0xc0, 0x13, 0x93, 0xd3, 0x3c, 0x12, 0xc4, 0x69, 0xd6, 0x42, 0x63, 0x5e, 0x1a, 0x10, 0x41, 0x62,
+    0xbf, 0x5c, 0x37, 0xe3, 0x38, 0x7b, 0x23, 0x62, 0x58, 0x9a, 0xd7, 0xc8, 0x80, 0x35, 0xf3, 0xf0,
+    0x2b, 0xd8, 0xea, 0xf3, 0x85, 0x5c, 0x7e, 0xda, 0x22, 0xd2, 0xbb, 0xba, 0xf6, 0x97, 0x9d, 0x3f,
+    0x41, 0xc2, 0xbc, 0x83, 0x30, 0xa9, 0x2e, 0x74, 0x87, 0xe9, 0x7c, 0x27, 0x77, 0x7f, 0x54, 0x17,
+    0xd5, 0x46, 0x61, 0x93, 0x8d, 0x8e, 0x73, 0xcc, 0xfd, 0xa1, 0x10, 0x55, 0x01, 0xdd, 0x3a, 0xd8,
+    0xaa, 0x09, 0xc5, 0xa3, 0x89, 0xe7, 0x94, 0xc7, 0x73, 0x79, 0xa4, 0xc3, 0x9b, 0xf8, 0x88, 0x4a,
+    0x3e, 0x8d, 0x18, 0xb3, 0x34, 0xc0, 0xc9, 0x7f, 0x09, 0x31, 0xc8, 0xb1, 0xed, 0x5a, 0xe6, 0x85,
+    0x7e, 0x3d, 0x69, 0x43, 0x20, 0xce, 0x34, 0x58, 0xfa, 0x0f, 0xe9, 0x3a, 0x5a, 0xeb, 0xd9, 0x1a,
+    0xea, 0xb9, 0xb4, 0x53, 0x9d, 0xe9, 0x69, 0xe0, 0x80, 0x47, 0x85, 0x48, 0x2c, 0x49, 0xb7, 0xd5,
+    0x95, 0xf6, 0x10, 0x63, 0x99, 0x80, 0x8e, 0xeb, 0x0e, 0x9f, 0x31, 0xde, 0xb6, 0x6c, 0x05, 0x47,
+    0x01, 0x72, 0xcd, 0x73, 0x24, 0xa7, 0xd3, 0x53, 0x74, 0xd7, 0x5d, 0xac, 0xc0, 0xce, 0x6b, 0x88,
+    0x6b, 0x68, 0x9b, 0x03, 0x91, 0x52, 0x83, 0xfd, 0xd1, 0xec, 0x9a, 0x31, 0x41, 0x26, 0xa2, 0xa0,
+    0xff, 0xec, 0x46, 0x13, 0x2c, 0x75, 0xde, 0x45, 0xab, 0xa4, 0xf6, 0x43, 0x37, 0x84, 0xcc, 0x6f,
+    0x80, 0xa3, 0xe2, 0x23, 0x28, 0x1c, 0x39, 0x4e, 0x25, 0x7c, 0x42, 0xd5, 0xad, 0xa1, 0x7e, 0xfd,
+    0x14, 0x27, 0x3f, 0x33, 0x95, 0x3b, 0x64, 0xf6, 0x5f, 0x34, 0x2e, 0xa7, 0xdb, 0x03, 0x10, 0x32,
+    0xa8, 0xed, 0x9c, 0x45, 0xc1, 0x6a, 0xf1, 0x61, 0x9b, 0x14, 0x1e, 0x58, 0xd8, 0xa7, 0x5e, 0x99,
+    0x3c, 0x69, 0x41, 0x55, 0x7c, 0x4d, 0xac, 0xd9, 0xe1, 0x5c, 0x72, 0x2a, 0xae, 0x05, 0x30, 0x56,
+    0x43, 0x26, 0xe5, 0x65, 0x78, 0x24, 0x4b, 0xd2, 0x6f, 0x84, 0xc6, 0xbc, 0x34, 0x20, 0x82, 0xc4,
+    0xd7, 0xa2, 0x38, 0x75, 0xc5, 0x03, 0x16, 0x6a, 0x15, 0xcc, 0xaa, 0xce, 0x42, 0x82, 0xec, 0x0b,
+    0xbd, 0xb8, 0x6e, 0x05, 0x70, 0xf6, 0x46, 0xc4, 0xb0, 0xf7, 0x6d, 0x53, 0xc3, 0x6a, 0x25, 0x23,
+    0x29, 0x3c, 0xb3, 0x15, 0xcd, 0xd1, 0x1b, 0x7c, 0xca, 0xbf, 0x01, 0x21, 0xb5, 0xc8, 0x4b, 0xec,
+    0x56, 0x73, 0x17, 0x25, 0xc9, 0xb8, 0xfc, 0x77, 0x44, 0x67, 0xb5, 0xb7, 0x2f, 0xed, 0xf9, 0x7e,
+    0xc2, 0xf7, 0xca, 0x35, 0x74, 0x9f, 0xa1, 0xcf, 0x3e, 0x2f, 0xd9, 0xc5, 0x59, 0x4f, 0x97, 0xb1,
+    0x82, 0x47, 0xbb, 0xc5, 0x60, 0x91, 0x5c, 0xe8, 0xcd, 0x11, 0xf8, 0x4e, 0xee, 0xfe, 0xa8, 0x2e,
+    0x16, 0xc3, 0x66, 0xd5, 0xdd, 0xb6, 0x01, 0x50, 0xb7, 0x59, 0x94, 0x3c, 0x98, 0x5c, 0xc6, 0xe1,
+    0x69, 0x8c, 0xc2, 0xe5, 0xd9, 0xdf, 0xe6, 0x5b, 0x39, 0x81, 0x20, 0xaa, 0x02, 0x79, 0x74, 0x73,
+    0xfd, 0x08, 0x1f, 0xf5, 0x64, 0xf8, 0xbb, 0xe3, 0x43, 0xc9, 0x4c, 0xd8, 0x74, 0xdb, 0x1a, 0xbc,
+    0x97, 0x12, 0x49, 0x85, 0xd1, 0x0d, 0xeb, 0x4d, 0xe6, 0xf2, 0x8b, 0x45, 0xf5, 0x33, 0xd3, 0x94,
+    0x03, 0x96, 0x94, 0x95, 0x6c, 0x2a, 0xb6, 0xf5, 0x9c, 0xba, 0xe7, 0x37, 0x83, 0x91, 0xbd, 0x5b,
+    0x7c, 0xd9, 0x30, 0xa5, 0x68, 0x43, 0x51, 0xfe, 0x12, 0x62, 0x53, 0xa1, 0x19, 0xb4, 0x0f, 0xc9,
+    0xe8, 0x5d, 0xed, 0xb5, 0xd5, 0x64, 0x0c, 0x46, 0x68, 0x2a, 0x3f, 0xd3, 0x6f, 0x16, 0x61, 0x06,
+    0xfc, 0x7a, 0xd2, 0x86, 0x40, 0x5f, 0x68, 0xb0, 0x37, 0x1e, 0x11, 0x74, 0xb4, 0x15, 0x71, 0x34,
+    0x68, 0xfe, 0x0f, 0x96, 0xfd, 0x78, 0x35, 0x08, 0x4d, 0x56, 0x7d, 0x06, 0xc2, 0xb7, 0x1f, 0xfb,
+    0x17, 0xb1, 0xab, 0xa6, 0xf9, 0x11, 0xd2, 0x03, 0xc3, 0x8e, 0xc9, 0x90, 0x58, 0x92, 0xad, 0x69,
+    0x83, 0x35, 0x76, 0xb6, 0x44, 0x36, 0x8f, 0xbb, 0xb9, 0xc6, 0xa5, 0xe2, 0x2e, 0x30, 0xc3, 0xa6,
+    0xe9, 0x2f, 0x20, 0xc6, 0xf1, 0xc3, 0xdf, 0x15, 0x1c, 0xfd, 0x62, 0x7f, 0xaf, 0xd8, 0x0a, 0x8e,
+    0x7d, 0xab, 0xfd, 0xd6, 0x4c, 0xe4, 0x82, 0xad, 0x66, 0xb5, 0x0e, 0x0d, 0xd9, 0x7a, 0x64, 0x41,
+    0x02, 0xe4, 0x59, 0xe6, 0x48, 0x8d, 0x65, 0xa6, 0xe8, 0x6d, 0xba, 0x9b, 0x43, 0x5f, 0xd6, 0xd3,
+    0x96, 0x60, 0x84, 0xf6, 0xf5, 0xaa, 0x38, 0x1e, 0x92, 0x25, 0xd6, 0xe9, 0x35, 0xfd, 0xb8, 0x1c,
+    0xd6, 0xd0, 0xf5, 0x06, 0xe1, 0xa4, 0xc5, 0x39, 0x61, 0x1b, 0xf7, 0x62, 0x82, 0x4c, 0x87, 0x83,
+    0x42, 0x54, 0x28, 0x16, 0x5c, 0x83, 0x98, 0x81, 0x1b, 0x53, 0x9b, 0x10, 0xf4, 0xee, 0xe9, 0x4c,
+    0x3d, 0x1b, 0x8c, 0x26, 0x58, 0xea, 0x7f, 0x8a, 0x95, 0x8b, 0x2f, 0x86, 0x6e, 0xcb, 0x5b, 0xde,
+    0xa9, 0x9f, 0x51, 0x36, 0xe5, 0xcd, 0x22, 0x32, 0xef, 0xc3, 0x43, 0xf4, 0x18, 0x69, 0x35, 0x11,
+    0xc3, 0x85, 0x07, 0x46, 0x50, 0x38, 0x72, 0x9c, 0x4a, 0xf8, 0x84, 0x69, 0x99, 0x81, 0xfc, 0x39,
+    0x57, 0x01, 0xda, 0x56, 0xed, 0x1f, 0x2f, 0x24, 0x30, 0xb0, 0xe8, 0x1b, 0xef, 0x23, 0x92, 0xf6,
+    0x28, 0x4e, 0x7e, 0x66, 0xe9, 0x76, 0xc8, 0x2f, 0xbe, 0x68, 0x5c, 0x8d, 0x75, 0x06, 0x20, 0x64,
+    0xbc, 0xca, 0xa3, 0x76, 0x54, 0x51, 0x95, 0x97, 0xc4, 0x20, 0x30, 0xff, 0x03, 0xa4, 0x4e, 0xab,
+    0x93, 0x19, 0xfb, 0x8a, 0x41, 0xd4, 0x21, 0xc2, 0xf5, 0x28, 0x3c, 0xb0, 0x73, 0x8d, 0xbc, 0xf1,
+    0x07, 0x9d, 0x26, 0x9a, 0xfc, 0xf3, 0x7c, 0x7a, 0x8f, 0x60, 0x50, 0xc2, 0x05, 0x2f, 0xd2, 0x3e,
+    0x78, 0xd2, 0x82, 0xaa, 0xf8, 0x9a, 0x9b, 0x71, 0x01, 0xb8, 0xe4, 0x54, 0x9f, 0x0a, 0x60, 0xac,
+    0xec, 0x56, 0x5f, 0xba, 0x45, 0xbd, 0xc6, 0xc9, 0x7b, 0xf0, 0x88, 0x26, 0xe9, 0xa8, 0x0e, 0x63,
+    0x86, 0x4c, 0x09, 0xca, 0xf0, 0x48, 0x96, 0x67, 0xde, 0xcb, 0x4f, 0xbb, 0x68, 0x40, 0xc7, 0x4b,
+    0x12, 0xc8, 0xd4, 0xda, 0x4d, 0x6f, 0xcb, 0xdf, 0xa4, 0x83, 0x23, 0xc9, 0x1e, 0xe2, 0xa9, 0x84,
+    0x6d, 0x87, 0x70, 0xea, 0x49, 0x06, 0x2c, 0xd4, 0x2a, 0x5b, 0x97, 0x5f, 0x84, 0xc7, 0x1b, 0x16,
+    0xf9, 0x03, 0xad, 0xfa, 0xf4, 0x21, 0x71, 0x6c, 0x50, 0x13, 0xfb, 0x2d, 0xf2, 0x65, 0x75, 0xd9,
+    0xb9, 0xb3, 0xdc, 0x0a, 0xe0, 0x2f, 0x8c, 0x4b, 0xa3, 0x2d, 0xda, 0xa6, 0x45, 0xd4, 0x4a, 0x46,
+    0x2d, 0x37, 0x01, 0x1a, 0x5d, 0x08, 0xd1, 0xf3, 0xd9, 0x65, 0xb6, 0xd4, 0x33, 0x76, 0x24, 0x89,
+    0x52, 0x78, 0xa5, 0x2a, 0x59, 0x61, 0x36, 0xf8, 0x57, 0xbd, 0x02, 0x42, 0xa9, 0x53, 0x96, 0x1b,
+    0xc6, 0xfc, 0x78, 0x3a, 0xe4, 0x46, 0x6b, 0x40, 0x2d, 0xf5, 0x6e, 0x30, 0xdf, 0xf1, 0xf8, 0xd4,
+    0xac, 0xe6, 0x2e, 0x4a, 0x51, 0xb3, 0x3b, 0xee, 0x88, 0xce, 0xa9, 0xad, 0x5e, 0x19, 0x31, 0xfc,
+    0x38, 0x62, 0xf3, 0x5a, 0xec, 0x94, 0x66, 0x56, 0xf2, 0x86, 0xc5, 0xdf, 0x28, 0xbb, 0x5f, 0x33,
+    0x47, 0x2d, 0x57, 0x6a, 0xe8, 0xfd, 0x81, 0x5d, 0x7c, 0x5e, 0x71, 0x49, 0xb2, 0x9e, 0xed, 0xa1,
+    0xd3, 0xa9, 0x8a, 0x7a, 0x55, 0xda, 0xdc, 0xe5, 0x06, 0x16, 0x1d, 0x3b, 0xc4, 0x3c, 0x83, 0x6e,
+    0xc7, 0x8e, 0xb5, 0x49, 0xc0, 0xe1, 0xb8, 0x13, 0x59, 0x22, 0x33, 0x9c, 0x1f, 0x3f, 0x93, 0x5c,
+    0x53, 0x0a, 0x68, 0x59, 0x7d, 0xc6, 0xe5, 0xab, 0x23, 0x6a, 0x5f, 0xee, 0x69, 0x9d, 0xfd, 0x93,
+    0x2c, 0x45, 0xcc, 0x69, 0x79, 0xaf, 0x02, 0xa0, 0xad, 0xb2, 0xeb, 0x78, 0xf3, 0xb8, 0x4f, 0x01,
+    0xb8, 0xc1, 0x11, 0x79, 0xc4, 0x88, 0x5f, 0x18, 0xd7, 0xfa, 0x87, 0x0a, 0x85, 0x1a, 0x21, 0xce,
+    0xd2, 0xdb, 0x47, 0x09, 0x71, 0x7d, 0x0f, 0xb6, 0x72, 0xc1, 0x40, 0x97, 0x04, 0xf2, 0xe8, 0xe6,
+    0x46, 0x5f, 0x9a, 0x19, 0xcc, 0x5a, 0x52, 0x0e, 0x08, 0x89, 0x2c, 0xe5, 0x72, 0x50, 0x86, 0x29,
+    0x39, 0x10, 0x3e, 0x29, 0xc8, 0x33, 0xb5, 0x05, 0x86, 0x51, 0x98, 0x73, 0xe8, 0x75, 0x34, 0xbb,
+    0xad, 0x94, 0xe3, 0x39, 0x75, 0x14, 0xe8, 0xbd, 0xfc, 0x19, 0xf4, 0x01, 0x9e, 0xd7, 0x5a, 0x74,
+    0xed, 0x24, 0x92, 0xc9, 0x61, 0x1a, 0x15, 0x9a, 0x0f, 0x27, 0xd5, 0x8a, 0x29, 0x66, 0x65, 0xeb,
+    0x79, 0xa0, 0x4f, 0xd9, 0xdc, 0x3d, 0x48, 0x22, 0x75, 0x6f, 0xb9, 0xf8, 0x5f, 0xc4, 0x0b, 0x24,
+    0x06, 0xef, 0xeb, 0xe9, 0xd8, 0x54, 0xaf, 0x29, 0xfb, 0xb7, 0x0d, 0x6e, 0xc5, 0xe1, 0xb9, 0xb6,
+    0x92, 0x6b, 0x36, 0xf9, 0x65, 0x73, 0xf2, 0x91, 0x81, 0xff, 0x61, 0x1c, 0xb3, 0x43, 0xd7, 0x79,
+    0xf8, 0x71, 0x60, 0x89, 0xd0, 0x86, 0xa2, 0x3f, 0x24, 0xc4, 0xa6, 0x81, 0x32, 0xab, 0x1e, 0x51,
+    0x6c, 0xf5, 0xbd, 0x99, 0x6d, 0xa1, 0xff, 0x87, 0x5e, 0x8c, 0xca, 0xf3, 0x44, 0x09, 0x70, 0x9e,
+    0x13, 0xba, 0x19, 0xa9, 0x69, 0xc8, 0x18, 0x8c, 0xd0, 0x54, 0x7e, 0x65, 0xde, 0x2c, 0xc2, 0x0c,
+    0x87, 0x3e, 0xc4, 0xb9, 0xd4, 0xef, 0x45, 0x34, 0xaa, 0x1c, 0x12, 0x17, 0xa8, 0x8e, 0xac, 0xc3,
+    0x3b, 0xf4, 0x67, 0xcf, 0x80, 0xbe, 0xd0, 0xa3, 0x6e, 0x3c, 0x22, 0xe8, 0xab, 0x2a, 0xe2, 0x68,
+    0xaf, 0x70, 0xba, 0xdf, 0x3d, 0x99, 0x8d, 0x1b, 0x14, 0x74, 0x4e, 0x9a, 0xdd, 0x88, 0x8c, 0xa7,
+    0xd0, 0x3f, 0x1e, 0xef, 0x39, 0xf0, 0x6a, 0x10, 0x9a, 0xac, 0xfa, 0x0c, 0x47, 0xad, 0x3e, 0x35,
+    0x44, 0xbb, 0xc3, 0xff, 0x84, 0xd7, 0x37, 0xa8, 0xe0, 0xe4, 0x96, 0x7e, 0x31, 0x0f, 0x50, 0xfa,
+    0x2e, 0xa1, 0x95, 0x8f, 0x31, 0x22, 0x67, 0x06, 0x45, 0xdf, 0x51, 0xe3, 0xb0, 0xe7, 0x99, 0xd2,
+    0xba, 0x25, 0x48, 0x9f, 0x8c, 0x05, 0x3a, 0xbe, 0x3f, 0x97, 0x3d, 0x91, 0xc6, 0x45, 0xf7, 0x1d,
+    0xc5, 0x6a, 0xec, 0xaf, 0x88, 0x6c, 0xdd, 0xb5, 0xb1, 0x4f, 0x89, 0x07, 0x5c, 0x60, 0x45, 0x8f,
+    0x51, 0xee, 0x31, 0xbf, 0x35, 0x4b, 0x80, 0x0d, 0xcb, 0x07, 0xe5, 0x75, 0x2a, 0xc2, 0x2b, 0x40,
+    0x11, 0x5e, 0x40, 0x4f, 0x21, 0x45, 0x7d, 0x2a, 0x38, 0x39, 0xc4, 0xfe, 0x9d, 0x73, 0x14, 0xdf,
+    0x85, 0xda, 0x9d, 0x5f, 0x9c, 0x62, 0x20, 0x92, 0x42, 0x71, 0xa8, 0x8c, 0xeb, 0xd1, 0x7a, 0x10,
+    0xfa, 0x95, 0x39, 0x6f, 0x98, 0x0b, 0xc7, 0x99, 0xcc, 0xa9, 0x1c, 0x1a, 0x71, 0xf4, 0xc8, 0x82,
+    0x6e, 0x11, 0xe4, 0x7f, 0x25, 0x2c, 0x9a, 0x21, 0xb6, 0xe1, 0x70, 0x68, 0x07, 0x56, 0xa6, 0x4d,
+    0x04, 0x0b, 0xb2, 0x0f, 0x90, 0xd9, 0xca, 0x8f, 0x13, 0xda, 0xb7, 0xf5, 0x86, 0xbe, 0x6f, 0x65,
+    0x90, 0x8f, 0x6f, 0x1f, 0x2d, 0xfe, 0x97, 0x37, 0x69, 0x92, 0xdb, 0x87, 0xf0, 0x1c, 0x01, 0xaa,
+    0xef, 0xc0, 0xcb, 0x2f, 0x29, 0x97, 0x70, 0x3c, 0xe7, 0x4a, 0x6f, 0x11, 0x6a, 0x39, 0xb3, 0x38,
+    0x7b, 0x44, 0x16, 0x3f, 0x94, 0xb0, 0x2d, 0x84, 0x9d, 0x02, 0x03, 0x63, 0x1c, 0x9b, 0xdd, 0xf7,
+    0x6f, 0x63, 0x29, 0x0c, 0x01, 0x8b, 0x49, 0x72, 0xc2, 0x36, 0x2d, 0xc4, 0xc7, 0x98, 0xcd, 0xc5,
+    0xfb, 0xe7, 0xf4, 0x1c, 0xbc, 0xac, 0x14, 0xca, 0xb8, 0x7e, 0x41, 0xb6, 0xb1, 0x3a, 0xa3, 0x0a,
+    0x84, 0xa8, 0x50, 0x2c, 0xb8, 0xc5, 0xf3, 0xc1, 0x36, 0xa6, 0xf5, 0x20, 0x2b, 0x1f, 0x11, 0x98,
+    0x10, 0x2c, 0x8d, 0x3c, 0x05, 0xe2, 0xae, 0x79, 0x4c, 0xee, 0x99, 0x52, 0x5d, 0xbd, 0x7f, 0x57,
+    0x7a, 0x36, 0xdb, 0x4c, 0xb0, 0x17, 0xfe, 0xd7, 0xe9, 0xd5, 0x5e, 0xcf, 0xdc, 0x55, 0xb6, 0x7f,
+    0xee, 0xb2, 0x06, 0x5c, 0x0d, 0x30, 0xa3, 0x6f, 0x93, 0x9d, 0x32, 0xbd, 0xaa, 0xf7, 0xd8, 0xb0,
+    0x91, 0xfd, 0xa2, 0x6c, 0x09, 0x59, 0x44, 0x64, 0x1d, 0x45, 0x86, 0x2b, 0x30, 0xd2, 0x6a, 0x22,
+    0x05, 0x79, 0x7f, 0x7c, 0xb4, 0x7e, 0x19, 0xdc, 0x67, 0x0d, 0xea, 0x59, 0x46, 0x70, 0x04, 0xed,
+    0x45, 0xc9, 0x0e, 0x8c, 0xa0, 0x70, 0xe4, 0xfb, 0x94, 0x33, 0xcb, 0xd2, 0xf1, 0xc1, 0x3b, 0x72,
+    0xd1, 0x4d, 0xd3, 0x9c, 0x1d, 0x57, 0xb9, 0x43, 0xee, 0x7b, 0xa7, 0xa0, 0x87, 0x63, 0x55, 0xbd,
+    0xae, 0x02, 0x77, 0xac, 0x19, 0x3e, 0x5e, 0x48, 0x60, 0xa3, 0x13, 0x36, 0x1d, 0x46, 0xe7, 0x2f,
+    0x3a, 0x86, 0xaa, 0xbc, 0xa4, 0x19, 0x03, 0xf0, 0x1a, 0xeb, 0x7f, 0x44, 0x6b, 0xe4, 0x89, 0xe0,
+    0x50, 0x9c, 0xfc, 0xcc, 0x11, 0xec, 0x53, 0x5e, 0xbf, 0xd0, 0xb8, 0xd9, 0xea, 0x0c, 0x40, 0xc8,
+    0xc4, 0x18, 0x21, 0xdc, 0xac, 0xcb, 0x0e, 0xe6, 0xc5, 0x98, 0xd4, 0xab, 0x9c, 0xae, 0x2e, 0x07,
+    0xbb, 0x57, 0x85, 0xec, 0xa8, 0xa2, 0xe9, 0xed, 0x4b, 0x40, 0x60, 0x3d, 0x06, 0x8b, 0x9c, 0x95,
+    0x2f, 0xd3, 0x58, 0xfc, 0x15, 0x85, 0xb4, 0x55, 0x31, 0x08, 0x0c, 0x4f, 0x70, 0x29, 0xf2, 0x5a,
+    0xe5, 0x32, 0x35, 0xd7, 0x82, 0x6b, 0x42, 0x47, 0x29, 0x50, 0x78, 0xa3, 0xe6, 0xd9, 0xbb, 0x21,
+    0x71, 0xb6, 0xe8, 0xc7, 0x3f, 0x4c, 0x1f, 0xff, 0x53, 0x18, 0x14, 0xd1, 0x90, 0x7b, 0xd5, 0xee,
+    0x0e, 0xf9, 0x4c, 0xf7, 0x3b, 0x25, 0xf8, 0xf4, 0xdd, 0xc0, 0xa0, 0x47, 0x0a, 0x5e, 0x67, 0x7c,
+    0x9a, 0x7d, 0x91, 0xe7, 0x86, 0x02, 0xa5, 0x4c, 0xa7, 0x88, 0xcc, 0x35, 0x7c, 0xfc, 0x09, 0xb3,
+    0xf0, 0x67, 0xc7, 0x97, 0x33, 0xf7, 0xf5, 0xe2, 0x02, 0xb3, 0x0b, 0xa8, 0xfd, 0x14, 0xc0, 0x9b,
+    0x64, 0xe3, 0x1a, 0x87, 0x8e, 0xd0, 0xa8, 0x5a, 0x78, 0xfb, 0x67, 0xda, 0x8b, 0xb6, 0xae, 0x54,
+    0x1b, 0xac, 0xbe, 0xb7, 0x8a, 0xb9, 0x4f, 0x51, 0xf6, 0x23, 0xd3, 0x4c, 0x11, 0x93, 0x1c, 0xc6,
+    0x8f, 0x28, 0x63, 0xa7, 0x37, 0x9e, 0x12, 0xe9, 0x8c, 0x6b, 0xbf, 0x3e, 0x67, 0x31, 0x72, 0x09,
+    0xcf, 0x98, 0x12, 0x57, 0x23, 0x90, 0xef, 0xce, 0x7f, 0x55, 0x9e, 0xb5, 0xd0, 0x80, 0x4d, 0x96,
+    0x5b, 0x1c, 0xcf, 0x47, 0x9e, 0xb7, 0xb2, 0x76, 0x05, 0x1d, 0xf2, 0xc7, 0xa6, 0x22, 0x23, 0x59,
+    0x24, 0x53, 0x6b, 0x77, 0x9a, 0xde, 0x55, 0x7d, 0x8b, 0xc5, 0x46, 0x51, 0x3c, 0x07, 0x91, 0xcb,
+    0xb0, 0xd7, 0xb6, 0x67, 0x27, 0xf9, 0x08, 0xc5, 0xf1, 0x8d, 0x2a, 0x23, 0x4a, 0xa5, 0xff, 0x04,
+    0xda, 0xcd, 0xe0, 0x17, 0x92, 0x0c, 0x58, 0x6b, 0x54, 0xb6, 0xed, 0xbe, 0xcb, 0x4d, 0x36, 0x2c,
+    0x4e, 0x49, 0x3d, 0x07, 0x2f, 0x2b, 0x05, 0xd3, 0x2e, 0xfe, 0x81, 0xcc, 0xbd, 0xef, 0x58, 0xe3,
+    0x31, 0x06, 0x99, 0x37, 0x2b, 0x42, 0xe2, 0xd8, 0xa0, 0x26, 0x35, 0x5a, 0x27, 0xca, 0xea, 0x71,
+    0xa5, 0x82, 0x44, 0x27, 0x96, 0x65, 0xbf, 0x60, 0xda, 0x6e, 0x59, 0x28, 0x51, 0x68, 0x84, 0xbe,
+    0xb1, 0xa5, 0x7b, 0x14, 0x03, 0x5e, 0xdb, 0x96, 0x85, 0x5a, 0x77, 0x8f, 0x8a, 0x6b, 0x94, 0x8c,
+    0x25, 0x21, 0xa6, 0x04, 0xbe, 0x79, 0x86, 0x2e, 0xff, 0x12, 0x1b, 0xfd, 0xfc, 0xc9, 0xfa, 0x43,
+    0x5a, 0x6e, 0x02, 0x34, 0xba, 0x10, 0x61, 0x25, 0x71, 0xca, 0xaf, 0x6b, 0x66, 0xec, 0x48, 0xd1,
+    0xce, 0xea, 0xdf, 0x24, 0x07, 0x37, 0x3c, 0x9d, 0x0b, 0x82, 0xc3, 0x19, 0x10, 0x4e, 0x26, 0x1e,
+    0xa4, 0xf0, 0x89, 0x54, 0xb2, 0xc2, 0x6c, 0x33, 0xae, 0xb9, 0x04, 0x84, 0x91, 0xa6, 0xef, 0x36,
+    0x30, 0x74, 0x54, 0x44, 0x0f, 0xe5, 0x31, 0x8b, 0xd4, 0xf1, 0x68, 0xf6, 0xe7, 0x04, 0x81, 0xf9,
+    0x4f, 0x3b, 0xf0, 0x74, 0x0b, 0x8c, 0xd6, 0x80, 0x5a, 0x29, 0xdc, 0x60, 0x7d, 0x21, 0x33, 0x6b,
+    0xdb, 0xbf, 0x2d, 0x64, 0xb6, 0xab, 0x8b, 0x38, 0x20, 0x61, 0xb0, 0x12, 0x0b, 0x83, 0x5d, 0xa4,
+    0x9b, 0x0f, 0x5c, 0x94, 0xa2, 0xa5, 0x76, 0x1f, 0xd3, 0x5f, 0x91, 0x99, 0xbc, 0x32, 0x62, 0x3b,
+    0x0f, 0x8b, 0x81, 0x84, 0x1f, 0x82, 0x2b, 0xa7, 0xa9, 0x17, 0xfd, 0xeb, 0xca, 0x90, 0x0c, 0xf4,
+    0x70, 0xc4, 0x25, 0xb4, 0x1b, 0xeb, 0xcc, 0xac, 0x27, 0xcf, 0x49, 0x7d, 0x50, 0xb5, 0xbe, 0x66,
+    0xe4, 0x40, 0xf8, 0xa4, 0xa6, 0xcc, 0x91, 0x14, 0x5d, 0x87, 0x25, 0x0f, 0x26, 0x17, 0xd0, 0xa9,
+    0x8e, 0x5a, 0xae, 0xd4, 0x13, 0x39, 0xc1, 0xba, 0xf8, 0xbc, 0xe2, 0x92, 0xa7, 0xff, 0x19, 0x81,
+    0x1a, 0xde, 0x73, 0xc4, 0xae, 0x1e, 0x9c, 0x02, 0x82, 0xf4, 0x8e, 0xe0, 0xd1, 0x5d, 0x77, 0x4e,
+    0x65, 0x91, 0xd7, 0xf4, 0xaa, 0x77, 0x7b, 0x09, 0x0c, 0x2c, 0x3a, 0x76, 0x4b, 0x78, 0xc5, 0xdc,
+    0xf1, 0x15, 0x0a, 0xe4, 0x17, 0x50, 0x26, 0xb1, 0x76, 0x64, 0x56, 0x04, 0x3d, 0xda, 0xab, 0x13,
+    0x4d, 0xdf, 0xa9, 0x92, 0x43, 0x01, 0xb3, 0x26, 0xb2, 0x44, 0x66, 0xfb, 0x3e, 0x7e, 0xe5, 0xb8,
+    0xd9, 0x5b, 0x74, 0x82, 0xfe, 0x26, 0xee, 0x9e, 0xc8, 0x0c, 0x0a, 0x89, 0x48, 0xdc, 0x8b, 0x77,
+    0xa6, 0x14, 0xd0, 0xb2, 0xfa, 0x4f, 0x09, 0x95, 0x46, 0xd4, 0xbe, 0x1f, 0xd2, 0xf9, 0x39, 0xe5,
+    0x32, 0x90, 0x0d, 0xa2, 0x47, 0x68, 0x54, 0x2d, 0x3c, 0x9c, 0xd2, 0x6d, 0xa4, 0x5b, 0x57, 0x2a,
+    0x58, 0x8a, 0x5b, 0xd2, 0xf2, 0x9d, 0x04, 0x83, 0x99, 0xa7, 0x15, 0xf0, 0x25, 0xb3, 0x9e, 0x02,
+    0xcc, 0x0e, 0x86, 0xc2, 0x4f, 0xba, 0x59, 0x3b, 0xe3, 0xef, 0x79, 0x82, 0x53, 0x11, 0xf0, 0xcd,
+    0xb3, 0x41, 0x22, 0xf2, 0x4b, 0xd3, 0xbe, 0x30, 0x6d, 0x37, 0xcd, 0x14, 0xc9, 0x34, 0x42, 0x5f,
+    0x27, 0xc5, 0xff, 0xe2, 0xf6, 0xf4, 0xe3, 0x88, 0x17, 0x7f, 0xa1, 0x66, 0xbf, 0x96, 0x2c, 0x90,
+    0x67, 0x75, 0x8e, 0x12, 0xe2, 0xfa, 0x1e, 0xaf, 0xe4, 0x41, 0x80, 0xed, 0x08, 0x27, 0x13, 0x0f,
+    0xf3, 0xf1, 0x53, 0x02, 0x5f, 0xdd, 0x43, 0x17, 0x9e, 0x09, 0xec, 0x9f, 0x7e, 0x85, 0x7d, 0xc0,
+    0x8c, 0xbe, 0xf7, 0x32, 0x5b, 0xb4, 0xa4, 0x1c, 0x10, 0xd1, 0x58, 0x09, 0xe4, 0xa0, 0xcf, 0x52,
+    0x18, 0x3a, 0x2a, 0x22, 0xe6, 0x93, 0xf9, 0xa4, 0x6a, 0x99, 0x34, 0x7b, 0x92, 0x02, 0xa1, 0x9d,
+    0x72, 0x20, 0x7c, 0x52, 0x53, 0x66, 0xa9, 0x0a, 0xcf, 0xa2, 0xf3, 0xe6, 0x13, 0xea, 0x68, 0xb5,
+    0xe6, 0xa4, 0xa1, 0x42, 0xee, 0x41, 0xf4, 0xb2, 0xb5, 0xea, 0x9f, 0x94, 0x65, 0x48, 0x06, 0x7a,
+    0x99, 0xeb, 0x05, 0x72, 0xea, 0x28, 0x13, 0xb9, 0x3b, 0x32, 0x2b, 0x02, 0xff, 0x6d, 0xb4, 0xe8,
+    0x0d, 0x6f, 0xd8, 0x62, 0x57, 0x0f, 0x4e, 0x01, 0x41, 0x7a, 0x47, 0x70, 0x89, 0xcf, 0xda, 0x27,
+    0x19, 0x48, 0xe7, 0x51, 0xc2, 0x34, 0x2a, 0xf7, 0x1e, 0x4e, 0x69, 0xd7, 0x52, 0xcc, 0xca, 0x15,
+    0x8d, 0xcc, 0x3a, 0x41, 0x7f, 0x13, 0x77, 0x4f, 0x64, 0x06, 0x05, 0xa5, 0x24, 0x6e, 0xa4, 0xda,
+    0xf2, 0x83, 0x9e, 0x71, 0x7b, 0x7a, 0x90, 0x44, 0xea, 0xde, 0xb1, 0x33, 0xbe, 0x4b, 0x16, 0x48,
+    0x66, 0x07, 0x43, 0x61, 0xc6, 0x5d, 0xcd, 0xfc, 0x90, 0x96, 0xdd, 0x41, 0xc8, 0xe9, 0x78, 0x87,
+    0x0c, 0x1d, 0x15, 0x11, 0x73, 0xa8, 0x9d, 0x52, 0x35, 0xad, 0x1a, 0xdc, 0x49, 0x01, 0xb1, 0xaf,
+    0x98, 0x99, 0xc8, 0x01, 0xce, 0x8f, 0xc0, 0xea, 0x4f, 0xe5, 0x76, 0xae, 0x3f, 0xa3, 0xdf, 0x60,
+    0xe7, 0xd6, 0x6c, 0x31, 0xca, 0xe6, 0x27, 0xe1, 0xc1, 0x3d, 0xc2, 0x38, 0xa5, 0x86, 0x6d, 0xf2,
+    0x73, 0x52, 0xb1, 0x21, 0x77, 0xc1, 0x7a, 0x59, 0xbb, 0x75, 0xae, 0x4a, 0xd3, 0x24, 0x03, 0x3d,
+    0x33, 0xe2, 0xc0, 0xd1, 0x63, 0xcf, 0x87, 0x7e, 0x48, 0x4b, 0x8f, 0xc1, 0x64, 0x95, 0x3c, 0xa2,
+    0xa7, 0x66, 0x1d, 0xc1, 0xde, 0xe8, 0xda, 0xc6, 0x32, 0x03, 0xe3, 0xb3, 0x12, 0x37, 0x52, 0x6d,
+    0xd8, 0x29, 0xb9, 0xf1, 0xda, 0x81, 0x3d, 0xcd, 0xbc, 0xdb, 0x57, 0x25, 0x88, 0x12, 0xe0, 0xff,
+    0x4c, 0xad, 0x64, 0xe1, 0x67, 0xa6, 0x60, 0x75, 0xc6, 0x93, 0x3b, 0x57, 0xfe, 0xb0, 0x8e, 0x30,
+    0x26, 0xb7, 0x32, 0x91, 0xd2, 0x53, 0x30, 0xdb, 0x63, 0xa8, 0xfc, 0xca, 0x7f, 0x58, 0x47, 0x18,
+    0xb2, 0x33, 0xef, 0x81, 0x6f, 0x74, 0x6d, 0x63, 0x19, 0xe0, 0x90, 0xb8, 0x09, 0xfa, 0x29, 0xd7,
+    0xcd, 0x7c, 0x4b, 0xb1, 0x6b, 0x1d, 0x8a, 0x68, 0x97, 0x38, 0x24, 0x2e, 0x93, 0xdf, 0x9b, 0x45,
+    0x59, 0xf8, 0x96, 0xa1, 0xd6, 0x3a, 0xd7, 0xd0, 0xed, 0x70, 0x48, 0x5c, 0xe5, 0x7d, 0xf5, 0x8a,
+    0x76, 0x2b, 0xce, 0x5d, 0xc3, 0xbf, 0x63, 0x85, 0xdc, 0x78, 0x44, 0x13, 0x95, 0x54, 0x07, 0xd0,
+    0xe2, 0xaf, 0x13, 0x4d, 0x7e, 0x98, 0x3e, 0x3d, 0xa6, 0x30, 0x28, 0x61, 0xe3, 0xf6, 0x69, 0x1f,
+    0x9d, 0xe0, 0xb7, 0x7d, 0x7a, 0xf1, 0xd9, 0x36, 0x28, 0xe8, 0x9c, 0xf7, 0x79, 0xd3, 0xdb, 0x8d,
+    0x09, 0x64, 0x6a, 0x6d, 0xc7, 0xd6, 0x84, 0x8e, 0x52, 0xa0, 0xf0, 0x85, 0x0f, 0x71, 0xb5, 0x42,
+    0x63, 0x7e, 0x3c, 0x1d, 0x72, 0x23, 0xd4, 0x20, 0xf7, 0x9b, 0x37, 0x18, 0x8e, 0x99, 0x7c, 0x6a,
+    0xf7, 0xfa, 0xe1, 0x0d, 0xcf, 0x04, 0x89, 0x98, 0x8d, 0xd3, 0x5b, 0x6a, 0xf8, 0x3b, 0x12, 0xa5,
+    0x88, 0xb5, 0x45, 0x3d, 0xcb, 0x6d, 0x6e, 0x93, 0x03, 0x0b, 0xef, 0xfc, 0x62, 0x1e, 0xa0, 0x37,
+    0x1c, 0x31, 0x98, 0x2d, 0x76, 0x4a, 0x33, 0x2b, 0x79, 0x43, 0x83, 0x8e, 0x14, 0xbc, 0xce, 0xf8,
+    0x5c, 0x81, 0xe9, 0xdd, 0x62, 0x44, 0xce, 0x0c, 0x8a, 0x7d, 0xa2, 0x05, 0xa3, 0x0d, 0xf1, 0x67,
+    0xc8, 0x05, 0x34, 0xcd, 0xdf, 0x63, 0x93, 0xb4, 0xf0, 0x35, 0xce, 0x77, 0xd5, 0xaf, 0x9f, 0xa8,
+    0xb7, 0x4a, 0x90, 0xfd, 0xdb, 0x0a, 0x74, 0xbf, 0x7e, 0xed, 0x7a, 0xe1, 0x4f, 0x8a, 0x2d, 0x3a,
+    0x23, 0xce, 0x4d, 0xed, 0x66, 0x2d, 0x29, 0x07, 0x04, 0xa5, 0x16, 0x93, 0x39, 0x28, 0x43, 0xf5,
+    0x49, 0xd4, 0x1b, 0x9d, 0xd3, 0xd8, 0x79, 0xa9, 0xa1, 0x9e, 0xd1, 0x0e, 0xb8, 0xc0, 0x8a, 0xdd,
+    0xdd, 0x50, 0xc6, 0x8d, 0x6e, 0xff, 0x24, 0x11, 0xdb, 0xd6, 0xbd, 0x7c, 0xce, 0x62, 0xe4, 0x12,
+    0xa2, 0x1f, 0x62, 0xbd, 0x6a, 0x96, 0xc3, 0x1a, 0x55, 0x0e, 0x09, 0xea, 0x54, 0x47, 0x56, 0x80,
+    0x36, 0x9b, 0xbf, 0xad, 0xd7, 0xb1, 0x9e, 0xa2, 0x2f, 0x46, 0x65, 0x98, 0x22, 0xe5, 0x38, 0x4f,
+    0x22, 0xbc, 0x80, 0x9e, 0x42, 0x8a, 0xfa, 0x54, 0x70, 0x72, 0x4b, 0x3f, 0xf9, 0xe6, 0x28, 0x7d,
+    0xb6, 0x38, 0x5d, 0x8e, 0xff, 0xad, 0xa7, 0xec, 0x0a, 0x3a, 0x27, 0x4d, 0x8f, 0x44, 0x46, 0xb2,
+    0xc9, 0x77, 0xf9, 0xbe, 0xfb, 0xc4, 0x40, 0xe7, 0x84, 0xe2, 0x93, 0xdb, 0x15, 0x61, 0xf4, 0x20,
+    0x5d, 0xf3, 0x24, 0xae, 0x46, 0xe3, 0x1d, 0x5f, 0xfe, 0xaa, 0xff, 0xa9, 0x63, 0xc3, 0x9a, 0xef,
+    0x37, 0xe9, 0x72, 0xde, 0xf3, 0x16, 0x4d, 0xf1, 0x5b, 0x91, 0x38, 0x34, 0xe2, 0x2b, 0x53, 0xc7,
+    0xa3, 0x6d, 0xaf, 0xce, 0x4e, 0x31, 0x10, 0x49, 0x21, 0xd9, 0x54, 0x46, 0x94, 0x89, 0x3d, 0x08,
+    0xdc, 0x22, 0x0b, 0xfe, 0x4a, 0x58, 0xf7, 0x42, 0xaf, 0x01, 0xe0, 0xd0, 0x0e, 0xac, 0x8f, 0x9a,
+    0x48, 0xa6, 0xd6, 0xee, 0xf7, 0x7f, 0xaa, 0xfa, 0xd5, 0x49, 0x8c, 0xa2, 0x78, 0x0e, 0xe1, 0x55,
+    0x08, 0x16, 0xa7, 0x1e, 0xe3, 0x71, 0x57, 0xdd, 0x26, 0x77, 0xad, 0x29, 0xcf, 0xbf, 0xde, 0xca,
+    0x9c, 0x92, 0x7a, 0x0e, 0x5e, 0x56, 0x0a, 0x65, 0x5c, 0x3f, 0xc1, 0x5b, 0xb9, 0x1d, 0xb0, 0x05,
+    0xe3, 0xdd, 0xde, 0x3e, 0x5a, 0x3f, 0xed, 0x6e, 0xd2, 0xe7, 0x75, 0xcd, 0x23, 0x38, 0x02, 0x97,
+    0x77, 0x59, 0x03, 0x2e, 0xe7, 0x18, 0xb0, 0xd6, 0xa8, 0xaf, 0x19, 0xbf, 0x55, 0x9a, 0x6c, 0x58,
+    0x1d, 0x43, 0x55, 0x5e, 0x52, 0xed, 0xe0, 0x78, 0x0d, 0x94, 0xde, 0x22, 0xd4, 0x72, 0xa5, 0x70,
+    0x89, 0xc7, 0x88, 0x4e, 0xef, 0xca, 0xbd, 0xc0, 0x77, 0xdc, 0xb2, 0x50, 0xa2, 0xd0, 0xcb, 0xbf,
+    0xf6, 0x88, 0x2c, 0x7e, 0xeb, 0xa3, 0x5a, 0xcb, 0xf9, 0x04, 0x06, 0xc6, 0x38, 0xf5, 0x79, 0x2d,
+    0x62, 0x0c, 0xf1, 0x6e, 0x56, 0x84, 0x07, 0x73, 0x83, 0x4c, 0x6a, 0xb4, 0x4e, 0x57, 0x17, 0xe2,
+    0xde, 0xc6, 0x52, 0x18, 0x02, 0xd5, 0x92, 0xe4, 0x47, 0x6c, 0x5a, 0x4b, 0x4d, 0xf3, 0x59, 0x49,
+    0x4a, 0x42, 0x8f, 0x08, 0xbf, 0xf2, 0xcf, 0x5c, 0x3d, 0x24, 0x36, 0x39, 0x3b, 0x51, 0x37, 0x86,
+    0x35, 0x0d, 0x2b, 0x38, 0xbb, 0x9b, 0x28, 0x57, 0xb3, 0xfc, 0x82, 0xaf, 0xa1, 0x74, 0x85, 0x14,
+    0xa1, 0x89, 0xf6, 0x28, 0x06, 0xbc, 0x75, 0xef, 0xc9, 0xb4, 0xee, 0xdd, 0xd7, 0xd6, 0xeb, 0xdb,
+    0xcb, 0x93, 0xa0, 0x58, 0xb3, 0x49, 0x25, 0x41, 0x6c, 0x8f, 0x29, 0x40, 0x56, 0x3e, 0x22, 0xf3,
+    0x5f, 0x17, 0x7d, 0x48, 0x0e, 0x6e, 0x78, 0xf9, 0x16, 0xc7, 0x45, 0x32, 0x20, 0x9c, 0x4c, 0x3c,
+    0x20, 0x58, 0xd9, 0x78, 0x0a, 0x07, 0x9f, 0xf2, 0x98, 0x1f, 0xf1, 0xa4, 0xba, 0xb9, 0xfe, 0xae,
+    0xb4, 0xdc, 0x04, 0x68, 0xb7, 0x20, 0xc2, 0x4a, 0xe2, 0x57, 0x9d, 0xd6, 0xcc, 0x1b, 0x90, 0x61,
+    0xf4, 0x6c, 0x75, 0x98, 0xa3, 0x2e, 0x3f, 0x6d, 0x11, 0x69, 0xbc, 0x5d, 0x7b, 0xaa, 0xaf, 0xfe,
+    0x60, 0xe8, 0xa8, 0x88, 0x1e, 0x09, 0x62, 0xd5, 0x6b, 0x21, 0xd0, 0x2f, 0x0d, 0x08, 0xc1, 0x31,
+    0x1f, 0xa7, 0x0c, 0xb8, 0x1a, 0x60, 0x85, 0xde, 0xe5, 0xf9, 0x64, 0xb9, 0x97, 0x2d, 0x73, 0xa3,
+    0x8b, 0x23, 0xd1, 0xa8, 0xa7, 0x47, 0xd8, 0x66, 0x9f, 0xb1, 0x08, 0xcb, 0xe1, 0x8f, 0x1d, 0x6c,
+    0xe1, 0x39, 0x87, 0xd8, 0x12, 0xb2, 0x88, 0xc8, 0x3a, 0x8a, 0xcf, 0x56, 0x60, 0x67, 0xd4, 0x44,
+    0x75, 0xbd, 0x5a, 0xc8, 0xaf, 0x95, 0xd5, 0x70, 0x40, 0xc2, 0xa3, 0x24, 0x16, 0xc5, 0xba, 0x8b,
+    0x0a, 0xf2, 0xfe, 0xf8, 0xab, 0xfc, 0x32, 0x7b, 0xce, 0x1a, 0x17, 0xb2, 0x8c, 0xe0, 0x08, 0x19,
+    0x9e, 0x76, 0x23, 0xe8, 0x16, 0xdb, 0x6f, 0xc3, 0xb4, 0x52, 0x7b, 0xc0, 0xfa, 0x42, 0x66, 0xd6,
+    0x8a, 0x51, 0x1c, 0xdb, 0x83, 0xe0, 0x0b, 0x35, 0xeb, 0x66, 0x55, 0x67, 0x21, 0x41, 0x76, 0xe4,
+    0x1e, 0xd5, 0xc1, 0xcb, 0x3e, 0xc7, 0x56, 0x8d, 0x91, 0x2e, 0x39, 0x15, 0x57, 0xe3, 0x18, 0x2b,
+    0x61, 0x9a, 0x65, 0xfb, 0x3a, 0xae, 0xb1, 0x86, 0x1f, 0xf6, 0x8d, 0x83, 0xcd, 0xc6, 0xaa, 0xb9,
+    0xf5, 0x1e, 0xb8, 0xeb, 0x87, 0x89, 0xec, 0x3e, 0x65, 0xbe, 0xe1, 0xf1, 0xbb, 0x64, 0xc4, 0x76,
+    0x9f, 0x04, 0xee, 0x9b, 0x32, 0x7c, 0xbc, 0x90, 0xc0, 0x85, 0x26, 0x6c, 0x3a, 0x8c, 0x0d, 0x5e,
+    0x0b, 0x80, 0x33, 0x8b, 0x8f, 0x5b, 0xe1, 0x28, 0xba, 0xcd, 0x4a, 0x1e, 0x4c, 0x2e, 0x63, 0x91,
+    0x74, 0xcf, 0x97, 0xbb, 0x8b, 0x32, 0x06, 0x23, 0x34, 0x15, 0xfe, 0x88, 0xd6, 0x0b, 0xd1, 0x03,
+    0xe0, 0x4b, 0x4a, 0xab, 0x36, 0x15, 0x5b, 0x9b, 0x4e, 0x5d, 0x92, 0xfa, 0xa0, 0xa9, 0xbf, 0xcc,
+    0xa0, 0xfb, 0x3b, 0x5b, 0x22, 0x1b, 0xa6, 0xbc, 0xbd, 0x63, 0xb3, 0x71, 0x17, 0x18, 0x80, 0x53,
+    0x34, 0x7f, 0xe6, 0x4b, 0x9f, 0x3c, 0xfb, 0x04, 0xc7, 0x2b, 0xdf, 0x03, 0x61, 0xba, 0xee, 0x9c,
+    0x4b, 0x30, 0x42, 0x7b, 0x9b, 0x55, 0x1c, 0x0f, 0x49, 0xf3, 0x6b, 0x95, 0xfb, 0x9f, 0x5c, 0x0e,
+    0xdf, 0xb4, 0x9f, 0x6b, 0x26, 0x72, 0x41, 0xb7, 0x33, 0xbb, 0x07, 0xe7, 0x8d, 0x3d, 0x32, 0xc1,
+    0xb5, 0xae, 0xc9, 0x1b, 0x93, 0x87, 0x11, 0x19, 0x96, 0x80, 0xc0, 0x7a, 0x0c, 0xd5, 0xfb, 0xe9,
+    0x21, 0x2a, 0x14, 0x0b, 0x2e, 0xa0, 0x4c, 0xa1, 0xec, 0xc8, 0xac, 0x08, 0x7a, 0x77, 0x95, 0x26,
+    0x5e, 0x65, 0xb0, 0x3b, 0x2a, 0xc9, 0xab, 0xaa, 0x62, 0x10, 0x18, 0x9e, 0xe0, 0x52, 0x27, 0xb4,
+    0xca, 0xe1, 0x6d, 0x2b, 0x97, 0xee, 0xf6, 0x12, 0x18, 0x58, 0x74, 0xec, 0x96, 0xf0, 0x49, 0x7b,
+  },
+};
+
+static const uint8_t kuz_table_inv_LS[16][256 * 16] =
+{
+  { /* 0 */
+    0xa5, 0xcc, 0x0e, 0x86, 0xc2, 0x4f, 0xba, 0x59, 0x3b, 0xe3, 0xef, 0x79, 0x82, 0x53, 0x11, 0xf0,
+    0x2d, 0x03, 0x96, 0x94, 0x95, 0x6c, 0x2a, 0xb6, 0xf5, 0x9c, 0xba, 0xe7, 0x37, 0x83, 0x91, 0xbd,
+    0x32, 0x17, 0xb1, 0xab, 0xa6, 0xf9, 0x11, 0xd2, 0x03, 0xc3, 0x8e, 0xc9, 0x90, 0x58, 0x92, 0xad,
+    0x8f, 0xa5, 0x82, 0x44, 0x27, 0x96, 0x65, 0xbf, 0x60, 0xda, 0x6e, 0x59, 0x28, 0x51, 0x68, 0x84,
+    0x0e, 0xd4, 0x34, 0xac, 0xe0, 0xa9, 0x29, 0xa0, 0x9f, 0x89, 0x76, 0x4d, 0xf9, 0xc1, 0x13, 0x51,
+    0x30, 0xfc, 0x7a, 0xd2, 0x86, 0x40, 0x5f, 0x68, 0xb0, 0x37, 0x1e, 0x11, 0x74, 0xb4, 0x15, 0x71,
+    0x38, 0xd6, 0xd0, 0xf5, 0x06, 0xe1, 0xa4, 0xc5, 0x39, 0x61, 0x1b, 0xf7, 0x62, 0x82, 0x4c, 0x87,
+    0xc0, 0x76, 0x2b, 0xce, 0x5d, 0xc3, 0xbf, 0x63, 0x85, 0xdc, 0x78, 0x44, 0x13, 0x95, 0x54, 0x07,
+    0x54, 0xd2, 0xdb, 0x47, 0x09, 0x71, 0x7d, 0x0f, 0xb6, 0x72, 0xc1, 0x40, 0x97, 0x04, 0xf2, 0xe8,
+    0xe6, 0x20, 0x58, 0xd9, 0x78, 0x0a, 0x07, 0x9f, 0xf2, 0x98, 0x1f, 0xf1, 0xa4, 0xba, 0xb9, 0xfe,
+    0x9e, 0x65, 0x91, 0xd7, 0xf4, 0xaa, 0x77, 0x7b, 0x09, 0x0c, 0x2c, 0x3a, 0x76, 0x4b, 0x78, 0xc5,
+    0x39, 0x42, 0x54, 0x28, 0x16, 0x5c, 0x83, 0x98, 0x81, 0x1b, 0x53, 0x9b, 0x10, 0xf4, 0xee, 0xe9,
+    0x55, 0x46, 0x5f, 0x9a, 0x19, 0xcc, 0x5a, 0x52, 0x0e, 0x08, 0x89, 0x2c, 0xe5, 0x72, 0x50, 0x86,
+    0x7e, 0xbb, 0x57, 0x85, 0xec, 0xa8, 0xa2, 0xe9, 0xed, 0x4b, 0x40, 0x60, 0x3d, 0x06, 0x8b, 0x9c,
+    0x52, 0x2c, 0x45, 0xcc, 0x69, 0x79, 0xaf, 0x02, 0xa0, 0xad, 0xb2, 0xeb, 0x78, 0xf3, 0xb8, 0x4f,
+    0x91, 0x25, 0x21, 0xa6, 0x04, 0xbe, 0x79, 0x86, 0x2e, 0xff, 0x12, 0x1b, 0xfd, 0xfc, 0xc9, 0xfa,
+    0x64, 0x2e, 0xa1, 0x95, 0x8f, 0x31, 0x22, 0x67, 0x06, 0x45, 0xdf, 0x51, 0xe3, 0xb0, 0xe7, 0x99,
+    0x03, 0x7f, 0x4f, 0xa4, 0x30, 0x04, 0x69, 0xe7, 0x0b, 0x8e, 0xd8, 0xb4, 0x96, 0x9a, 0x25, 0xb2,
+    0x57, 0xad, 0x94, 0xe3, 0x39, 0x75, 0x14, 0xe8, 0xbd, 0xfc, 0x19, 0xf4, 0x01, 0x9e, 0xd7, 0x5a,
+    0x5a, 0x06, 0xef, 0xeb, 0xe9, 0xd8, 0x54, 0xaf, 0x29, 0xfb, 0xb7, 0x0d, 0x6e, 0xc5, 0xe1, 0xb9,
+    0x1c, 0x6b, 0x68, 0x9b, 0x03, 0x91, 0x52, 0x83, 0xfd, 0xd1, 0xec, 0x9a, 0x31, 0x41, 0x26, 0xa2,
+    0x60, 0x3b, 0xf4, 0x67, 0xcf, 0x80, 0xbe, 0xd0, 0xa3, 0x6e, 0x3c, 0x22, 0xe8, 0xab, 0x2a, 0xe2,
+    0x07, 0x6a, 0x1a, 0x56, 0x70, 0xb5, 0xf5, 0x50, 0xae, 0xa5, 0x3b, 0xc7, 0x9d, 0x81, 0xe8, 0xc9,
+    0x18, 0x7e, 0x3d, 0x69, 0x43, 0x20, 0xce, 0x34, 0x58, 0xfa, 0x0f, 0xe9, 0x3a, 0x5a, 0xeb, 0xd9,
+    0x21, 0x3c, 0x69, 0x41, 0x55, 0x7c, 0x4d, 0xac, 0xd9, 0xe1, 0x5c, 0x72, 0x2a, 0xae, 0x05, 0x30,
+    0x72, 0x84, 0xa8, 0x50, 0x2c, 0xb8, 0xc5, 0xf3, 0xc1, 0x36, 0xa6, 0xf5, 0x20, 0x2b, 0x1f, 0x11,
+    0xa8, 0x67, 0x75, 0x8e, 0x12, 0xe2, 0xfa, 0x1e, 0xaf, 0xe4, 0x41, 0x80, 0xed, 0x08, 0x27, 0x13,
+    0xd1, 0xb6, 0x38, 0x5d, 0x8e, 0xff, 0xad, 0xa7, 0xec, 0x0a, 0x3a, 0x27, 0x4d, 0x8f, 0x44, 0x46,
+    0x29, 0x16, 0xc3, 0x66, 0xd5, 0xdd, 0xb6, 0x01, 0x50, 0xb7, 0x59, 0x94, 0x3c, 0x98, 0x5c, 0xc6,
+    0xc6, 0x88, 0xb5, 0x45, 0x3d, 0xcb, 0x6d, 0x6e, 0x93, 0x03, 0x0b, 0xef, 0xfc, 0x62, 0x1e, 0xa0,
+    0xa4, 0x58, 0x8a, 0x5b, 0xd2, 0xf2, 0x9d, 0x04, 0x83, 0x99, 0xa7, 0x15, 0xf0, 0x25, 0xb3, 0x9e,
+    0x3f, 0xbc, 0xca, 0xa3, 0x76, 0x54, 0x51, 0x95, 0x97, 0xc4, 0x20, 0x30, 0xff, 0x03, 0xa4, 0x4e,
+    0xe0, 0xde, 0xc6, 0x52, 0x18, 0x02, 0xd5, 0x92, 0xe4, 0x47, 0x6c, 0x5a, 0x4b, 0x4d, 0xf3, 0x59,
+    0x27, 0xc2, 0xf7, 0xca, 0x35, 0x74, 0x9f, 0xa1, 0xcf, 0x3e, 0x2f, 0xd9, 0xc5, 0x59, 0x4f, 0x97,
+    0x8d, 0x4e, 0x49, 0x3d, 0x07, 0x2f, 0x2b, 0x05, 0xd3, 0x2e, 0xfe, 0x81, 0xcc, 0xbd, 0xef, 0x58,
+    0x0c, 0x3f, 0xff, 0xd5, 0xc0, 0x10, 0x67, 0x1a, 0x2c, 0x7d, 0xe6, 0x95, 0x1d, 0x2d, 0x94, 0x8d,
+    0x82, 0x0e, 0xf9, 0x4c, 0xf7, 0x3b, 0x25, 0xf8, 0xf4, 0xdd, 0xc0, 0xa0, 0x47, 0x0a, 0x5e, 0x67,
+    0xea, 0x1f, 0xa7, 0x0c, 0xb8, 0x1a, 0x60, 0x85, 0xde, 0xe5, 0xf9, 0x64, 0xb9, 0x97, 0x2d, 0x73,
+    0xae, 0x99, 0xeb, 0x05, 0x72, 0xea, 0x28, 0x13, 0xb9, 0x3b, 0x32, 0x2b, 0x02, 0xff, 0x6d, 0xb4,
+    0xb4, 0x0c, 0x1d, 0x15, 0x11, 0x73, 0xa8, 0x9d, 0x52, 0x35, 0xad, 0x1a, 0xdc, 0x49, 0x01, 0xb1,
+    0x9a, 0x70, 0xc4, 0x25, 0xb4, 0x1b, 0xeb, 0xcc, 0xac, 0x27, 0xcf, 0x49, 0x7d, 0x50, 0xb5, 0xbe,
+    0x63, 0x44, 0xbb, 0xc3, 0xff, 0x84, 0xd7, 0x37, 0xa8, 0xe0, 0xe4, 0x96, 0x7e, 0x31, 0x0f, 0x50,
+    0x49, 0x2d, 0x37, 0x01, 0x1a, 0x5d, 0x08, 0xd1, 0xf3, 0xd9, 0x65, 0xb6, 0xd4, 0x33, 0x76, 0x24,
+    0xe5, 0x5f, 0x17, 0x7d, 0x48, 0x0e, 0x6e, 0x78, 0xf9, 0x16, 0xc7, 0x45, 0x32, 0x20, 0x9c, 0x4c,
+    0x42, 0x78, 0xd2, 0x82, 0xaa, 0xf8, 0x9a, 0x9b, 0x71, 0x01, 0xb8, 0xe4, 0x54, 0x9f, 0x0a, 0x60,
+    0xe4, 0xcb, 0x93, 0xa0, 0x58, 0xb3, 0x49, 0x25, 0x41, 0x6c, 0x8f, 0x29, 0x40, 0x56, 0x3e, 0x22,
+    0x15, 0xd5, 0x46, 0x61, 0x93, 0x8d, 0x8e, 0x73, 0xcc, 0xfd, 0xa1, 0x10, 0x55, 0x01, 0xdd, 0x3a,
+    0xb7, 0x73, 0x52, 0xb1, 0x21, 0x77, 0xc1, 0x7a, 0x59, 0xbb, 0x75, 0xae, 0x4a, 0xd3, 0x24, 0x03,
+    0xc8, 0x5c, 0x81, 0xe9, 0xdd, 0x62, 0x44, 0xce, 0x0c, 0x8a, 0x7d, 0xa2, 0x05, 0xa3, 0x0d, 0xf1,
+    0x06, 0xfe, 0x9e, 0x8b, 0x60, 0x08, 0xd2, 0x0d, 0x16, 0xdf, 0x73, 0xab, 0xef, 0xf7, 0x4a, 0xa7,
+    0x70, 0x6f, 0x63, 0x29, 0x0c, 0x01, 0x8b, 0x49, 0x72, 0xc2, 0x36, 0x2d, 0xc4, 0xc7, 0x98, 0xcd,
+    0x9d, 0x1a, 0xde, 0x73, 0xc4, 0xae, 0x1e, 0x9c, 0x02, 0x82, 0xf4, 0x8e, 0xe0, 0xd1, 0x5d, 0x77,
+    0x41, 0x07, 0x9d, 0x26, 0x9a, 0xfc, 0xf3, 0x7c, 0x7a, 0x8f, 0x60, 0x50, 0xc2, 0x05, 0x2f, 0xd2,
+    0x75, 0xee, 0xb2, 0x06, 0x5c, 0x0d, 0x30, 0xa3, 0x6f, 0x93, 0x9d, 0x32, 0xbd, 0xaa, 0xf7, 0xd8,
+    0x19, 0xea, 0xb9, 0xb4, 0x53, 0x9d, 0xe9, 0x69, 0xe0, 0x80, 0x47, 0x85, 0x48, 0x2c, 0x49, 0xb7,
+    0xc9, 0xc8, 0x05, 0x34, 0xcd, 0xdf, 0x63, 0x93, 0xb4, 0xf0, 0x35, 0xce, 0x77, 0xd5, 0xaf, 0x9f,
+    0xaa, 0x8c, 0xbe, 0xf7, 0x32, 0x5b, 0xb4, 0xa4, 0x1c, 0x10, 0xd1, 0x58, 0x09, 0xe4, 0xa0, 0xcf,
+    0xfc, 0xb5, 0xae, 0xc9, 0x1b, 0x93, 0x87, 0x11, 0x19, 0x96, 0x80, 0xc0, 0x7a, 0x0c, 0xd5, 0xfb,
+    0x4d, 0x38, 0x62, 0xf3, 0x5a, 0xec, 0x94, 0x66, 0x56, 0xf2, 0x86, 0xc5, 0xdf, 0x28, 0xbb, 0x5f,
+    0xbf, 0x59, 0xf8, 0x96, 0xa1, 0xd6, 0x3a, 0xd7, 0xd0, 0xed, 0x70, 0x48, 0x5c, 0xe5, 0x7d, 0xf5,
+    0x2a, 0x69, 0x8c, 0xc2, 0xe5, 0xd9, 0xdf, 0xe6, 0x5b, 0x39, 0x81, 0x20, 0xaa, 0x02, 0x79, 0x74,
+    0x73, 0x10, 0x2c, 0x8d, 0x3c, 0x05, 0xe2, 0xae, 0x79, 0x4c, 0xee, 0x99, 0x52, 0x5d, 0xbd, 0x7f,
+    0x84, 0xf0, 0x67, 0xc7, 0x97, 0x33, 0xf7, 0xf5, 0xe2, 0x02, 0xb3, 0x0b, 0xa8, 0xfd, 0x14, 0xc0,
+    0xd5, 0xa3, 0x6d, 0xaf, 0xce, 0x4e, 0x31, 0x10, 0x49, 0x21, 0xd9, 0x54, 0x46, 0x94, 0x89, 0x3d,
+    0xc3, 0x09, 0x64, 0x6a, 0x6d, 0xc7, 0xd6, 0x84, 0x8e, 0x52, 0xa0, 0xf0, 0x85, 0x0f, 0x71, 0xb5,
+    0xaf, 0x0d, 0x6f, 0xd8, 0x62, 0x57, 0x0f, 0x4e, 0x01, 0x41, 0x7a, 0x47, 0x70, 0x89, 0xcf, 0xda,
+    0x2b, 0xfd, 0x08, 0x1f, 0xf5, 0x64, 0xf8, 0xbb, 0xe3, 0x43, 0xc9, 0x4c, 0xd8, 0x74, 0xdb, 0x1a,
+    0x86, 0x1b, 0xac, 0xbe, 0xb7, 0x8a, 0xb9, 0x4f, 0x51, 0xf6, 0x23, 0xd3, 0x4c, 0x11, 0x93, 0x1c,
+    0xa7, 0x27, 0xc5, 0xff, 0xe2, 0xf6, 0xf4, 0xe3, 0x88, 0x17, 0x7f, 0xa1, 0x66, 0xbf, 0x96, 0x2c,
+    0xb1, 0x8d, 0xcc, 0x3a, 0x41, 0x7f, 0x13, 0x77, 0x4f, 0x64, 0x06, 0x05, 0xa5, 0x24, 0x6e, 0xa4,
+    0xb2, 0xf2, 0x83, 0x9e, 0x71, 0x7b, 0x7a, 0x90, 0x44, 0xea, 0xde, 0xb1, 0x33, 0xbe, 0x4b, 0x16,
+    0x5b, 0x92, 0x6b, 0x36, 0xf9, 0x65, 0x73, 0xf2, 0x91, 0x81, 0xff, 0x61, 0x1c, 0xb3, 0x43, 0xd7,
+    0x46, 0x6d, 0x87, 0x70, 0xea, 0x49, 0x06, 0x2c, 0xd4, 0x2a, 0x5b, 0x97, 0x5f, 0x84, 0xc7, 0x1b,
+    0xd3, 0x5d, 0xf3, 0x24, 0xae, 0x46, 0xe3, 0x1d, 0x5f, 0xfe, 0xaa, 0xff, 0xa9, 0x63, 0xc3, 0x9a,
+    0x9f, 0xf1, 0x15, 0x0a, 0xe4, 0x17, 0x50, 0x26, 0xb1, 0x76, 0x64, 0x56, 0x04, 0x3d, 0xda, 0xab,
+    0xfd, 0x21, 0x2a, 0x14, 0x0b, 0x2e, 0xa0, 0x4c, 0xa1, 0xec, 0xc8, 0xac, 0x08, 0x7a, 0x77, 0x95,
+    0xd4, 0x37, 0xe9, 0x72, 0xde, 0xf3, 0x16, 0x4d, 0xf1, 0x5b, 0x91, 0x38, 0x34, 0xe2, 0x2b, 0x53,
+    0x0f, 0x40, 0xb0, 0x71, 0xf0, 0x14, 0x0e, 0xfd, 0x27, 0xf3, 0x3e, 0x21, 0x8b, 0xb7, 0xb1, 0x3f,
+    0x9c, 0x8e, 0x5a, 0xae, 0xd4, 0x13, 0x39, 0xc1, 0xba, 0xf8, 0xbc, 0xe2, 0x92, 0xa7, 0xff, 0x19,
+    0x2f, 0xe8, 0x5d, 0xed, 0xb5, 0xd5, 0x64, 0x0c, 0x46, 0x68, 0x2a, 0x3f, 0xd3, 0x6f, 0x16, 0x61,
+    0x9b, 0xe4, 0x40, 0xf8, 0xa4, 0xa6, 0xcc, 0x91, 0x14, 0x5d, 0x87, 0x25, 0x0f, 0x26, 0x17, 0xd0,
+    0x43, 0xec, 0x56, 0x5f, 0xba, 0x45, 0xbd, 0xc6, 0xc9, 0x7b, 0xf0, 0x88, 0x26, 0xe9, 0xa8, 0x0e,
+    0xef, 0x9e, 0x76, 0x23, 0xe8, 0x16, 0xdb, 0x6f, 0xc3, 0xb4, 0x52, 0x7b, 0xc0, 0xfa, 0x42, 0x66,
+    0xd9, 0x9c, 0x92, 0x7a, 0x0e, 0x5e, 0x56, 0x0a, 0x65, 0x5c, 0x3f, 0xc1, 0x5b, 0xb9, 0x1d, 0xb0,
+    0x79, 0xd1, 0x4d, 0xd3, 0x9c, 0x1d, 0x57, 0xb9, 0x43, 0xee, 0x7b, 0xa7, 0xa0, 0x87, 0x63, 0x55,
+    0xb6, 0xe7, 0xd6, 0x6c, 0x31, 0xca, 0xe6, 0x27, 0xe1, 0xc1, 0x3d, 0xc2, 0x38, 0xa5, 0x86, 0x6d,
+    0x53, 0xb8, 0xc1, 0x11, 0x79, 0xc4, 0x88, 0x5f, 0x18, 0xd7, 0xfa, 0x87, 0x0a, 0x85, 0x1a, 0x21,
+    0x7f, 0x2f, 0xd3, 0x58, 0xfc, 0x15, 0x85, 0xb4, 0x55, 0x31, 0x08, 0x0c, 0x4f, 0x70, 0x29, 0xf2,
+    0xc1, 0xe2, 0xaf, 0x13, 0x4d, 0x7e, 0x98, 0x3e, 0x3d, 0xa6, 0x30, 0x28, 0x61, 0xe3, 0xf6, 0x69,
+    0xf0, 0x8a, 0x51, 0x1c, 0xdb, 0x83, 0xe0, 0x0b, 0x35, 0xeb, 0x66, 0x55, 0x67, 0x21, 0x41, 0x76,
+    0x23, 0xd7, 0xa2, 0x38, 0x75, 0xc5, 0x03, 0x16, 0x6a, 0x15, 0xcc, 0xaa, 0xce, 0x42, 0x82, 0xec,
+    0xe7, 0xb4, 0xdc, 0x04, 0x68, 0xb7, 0x20, 0xc2, 0x4a, 0xe2, 0x57, 0x9d, 0xd6, 0xcc, 0x1b, 0x90,
+    0x25, 0x29, 0x3c, 0xb3, 0x15, 0xcd, 0xd1, 0x1b, 0x7c, 0xca, 0xbf, 0x01, 0x21, 0xb5, 0xc8, 0x4b,
+    0x5e, 0x13, 0xba, 0x19, 0xa9, 0x69, 0xc8, 0x18, 0x8c, 0xd0, 0x54, 0x7e, 0x65, 0xde, 0x2c, 0xc2,
+    0xb5, 0x98, 0x99, 0xc8, 0x01, 0xce, 0x8f, 0xc0, 0xea, 0x4f, 0xe5, 0x76, 0xae, 0x3f, 0xa3, 0xdf,
+    0x1e, 0x80, 0xa3, 0xe2, 0x23, 0x28, 0x1c, 0x39, 0x4e, 0x25, 0x7c, 0x42, 0xd5, 0xad, 0xa1, 0x7e,
+    0xa2, 0xa6, 0x14, 0xd0, 0xb2, 0xfa, 0x4f, 0x09, 0x95, 0x46, 0xd4, 0xbe, 0x1f, 0xd2, 0xf9, 0x39,
+    0xdf, 0x62, 0x0c, 0xf1, 0x6e, 0x56, 0x84, 0x07, 0x73, 0x83, 0x4c, 0x6a, 0xb4, 0x4e, 0x57, 0x17,
+    0xa6, 0xb3, 0x41, 0x22, 0xf2, 0x4b, 0xd3, 0xbe, 0x30, 0x6d, 0x37, 0xcd, 0x14, 0xc9, 0x34, 0x42,
+    0xfe, 0x5e, 0x65, 0xb0, 0x3b, 0x2a, 0xc9, 0xab, 0xaa, 0x62, 0x10, 0x18, 0x9e, 0xe0, 0x52, 0x27,
+    0xac, 0x72, 0x20, 0x7c, 0x52, 0x53, 0x66, 0xa9, 0x0a, 0xcf, 0xa2, 0xf3, 0xe6, 0x13, 0xea, 0x68,
+    0x22, 0x43, 0x26, 0xe5, 0x65, 0x78, 0x24, 0x4b, 0xd2, 0x6f, 0x84, 0xc6, 0xbc, 0x34, 0x20, 0x82,
+    0xf9, 0x34, 0x7f, 0xe6, 0x4b, 0x9f, 0x3c, 0xfb, 0x04, 0xc7, 0x2b, 0xdf, 0x03, 0x61, 0xba, 0xee,
+    0xe2, 0x35, 0x0d, 0x2b, 0x38, 0xbb, 0x9b, 0x28, 0x57, 0xb3, 0xfc, 0x82, 0xaf, 0xa1, 0x74, 0x85,
+    0x4a, 0x52, 0x78, 0xa5, 0x2a, 0x59, 0x61, 0x36, 0xf8, 0x57, 0xbd, 0x02, 0x42, 0xa9, 0x53, 0x96,
+    0xbc, 0x26, 0xb7, 0x32, 0x91, 0xd2, 0x53, 0x30, 0xdb, 0x63, 0xa8, 0xfc, 0xca, 0x7f, 0x58, 0x47,
+    0x35, 0x7d, 0xab, 0xfd, 0xd6, 0x4c, 0xe4, 0x82, 0xad, 0x66, 0xb5, 0x0e, 0x0d, 0xd9, 0x7a, 0x64,
+    0xca, 0xb7, 0x4a, 0x90, 0xfd, 0xdb, 0x0a, 0x74, 0xbf, 0x7e, 0xed, 0x7a, 0xe1, 0x4f, 0x8a, 0x2d,
+    0xee, 0x0a, 0xf2, 0xfe, 0xf8, 0xab, 0xfc, 0x32, 0x7b, 0xce, 0x1a, 0x17, 0xb2, 0x8c, 0xe0, 0x08,
+    0x78, 0x45, 0xc9, 0x0e, 0x8c, 0xa0, 0x70, 0xe4, 0xfb, 0x94, 0x33, 0xcb, 0xd2, 0xf1, 0xc1, 0x3b,
+    0x05, 0x81, 0xd1, 0x2f, 0x50, 0x0c, 0xbb, 0xea, 0x1d, 0x51, 0xab, 0x1f, 0x79, 0x6d, 0x6f, 0x15,
+    0x6b, 0x6e, 0x11, 0xe4, 0x7f, 0x25, 0x2c, 0x9a, 0x21, 0xb6, 0xe1, 0x70, 0x68, 0x07, 0x56, 0xa6,
+    0x51, 0x53, 0x0a, 0x68, 0x59, 0x7d, 0xc6, 0xe5, 0xab, 0x23, 0x6a, 0x5f, 0xee, 0x69, 0x9d, 0xfd,
+    0xe1, 0x4a, 0x42, 0x8f, 0x08, 0xbf, 0xf2, 0xcf, 0x5c, 0x3d, 0x24, 0x36, 0x39, 0x3b, 0x51, 0x37,
+    0x59, 0x79, 0xa0, 0x4f, 0xd9, 0xdc, 0x3d, 0x48, 0x22, 0x75, 0x6f, 0xb9, 0xf8, 0x5f, 0xc4, 0x0b,
+    0xa3, 0x32, 0x90, 0x0d, 0xa2, 0x47, 0x68, 0x54, 0x2d, 0x3c, 0x9c, 0xd2, 0x6d, 0xa4, 0x5b, 0x57,
+    0xf2, 0x61, 0x9a, 0x65, 0xfb, 0x3a, 0xae, 0xb1, 0x86, 0x1f, 0xf6, 0x8d, 0x83, 0xcd, 0xc6, 0xaa,
+    0x71, 0xfb, 0xe7, 0xf4, 0x1c, 0xbc, 0xac, 0x14, 0xca, 0xb8, 0x7e, 0x41, 0xb6, 0xb1, 0x3a, 0xa3,
+    0x56, 0x39, 0x10, 0x3e, 0x29, 0xc8, 0x33, 0xb5, 0x05, 0x86, 0x51, 0x98, 0x73, 0xe8, 0x75, 0x34,
+    0x11, 0xc0, 0x13, 0x93, 0xd3, 0x3c, 0x12, 0xc4, 0x69, 0xd6, 0x42, 0x63, 0x5e, 0x1a, 0x10, 0x41,
+    0x6a, 0xfa, 0x95, 0x39, 0x6f, 0x98, 0x0b, 0xc7, 0x99, 0xcc, 0xa9, 0x1c, 0x1a, 0x71, 0xf4, 0xc8,
+    0x89, 0x5b, 0x1c, 0xcf, 0x47, 0x9e, 0xb7, 0xb2, 0x76, 0x05, 0x1d, 0xf2, 0xc7, 0xa6, 0x22, 0x23,
+    0x94, 0xa4, 0xf0, 0x89, 0x54, 0xb2, 0xc2, 0x6c, 0x33, 0xae, 0xb9, 0x04, 0x84, 0x91, 0xa6, 0xef,
+    0x65, 0xba, 0x25, 0x48, 0x9f, 0x8c, 0x05, 0x3a, 0xbe, 0x3f, 0x97, 0x3d, 0x91, 0xc6, 0x45, 0xf7,
+    0x8c, 0xda, 0xcd, 0xe0, 0x17, 0x92, 0x0c, 0x58, 0x6b, 0x54, 0xb6, 0xed, 0xbe, 0xcb, 0x4d, 0x36,
+    0xbb, 0x4c, 0xad, 0x64, 0xe1, 0x67, 0xa6, 0x60, 0x75, 0xc6, 0x93, 0x3b, 0x57, 0xfe, 0xb0, 0x8e,
+    0x77, 0x05, 0x79, 0x7f, 0x7c, 0xb4, 0x7e, 0x19, 0xdc, 0x67, 0x0d, 0xea, 0x59, 0x46, 0x70, 0x04,
+    0x3c, 0xc3, 0x85, 0x07, 0x46, 0x50, 0x38, 0x72, 0x9c, 0x4a, 0xf8, 0x84, 0x69, 0x99, 0x81, 0xfc,
+    0x7b, 0x3a, 0x86, 0xaa, 0xbc, 0xa4, 0x19, 0x03, 0xf0, 0x1a, 0xeb, 0x7f, 0x44, 0x6b, 0xe4, 0x89,
+    0x28, 0x82, 0x47, 0xbb, 0xc5, 0x60, 0x91, 0x5c, 0xe8, 0xcd, 0x11, 0xf8, 0x4e, 0xee, 0xfe, 0xa8,
+    0xab, 0x18, 0x3a, 0x2a, 0x22, 0xe6, 0x93, 0xf9, 0xa4, 0x6a, 0x99, 0x34, 0x7b, 0x92, 0x02, 0xa1,
+    0xd2, 0xc9, 0x77, 0xf9, 0xbe, 0xfb, 0xc4, 0x40, 0xe7, 0x84, 0xe2, 0x93, 0xdb, 0x15, 0x61, 0xf4,
+    0x31, 0x68, 0xfe, 0x0f, 0x96, 0xfd, 0x78, 0x35, 0x08, 0x4d, 0x56, 0x7d, 0x06, 0xc2, 0xb7, 0x1f,
+    0xde, 0xf6, 0x88, 0x2c, 0x7e, 0xeb, 0xa3, 0x5a, 0xcb, 0xf9, 0x04, 0x06, 0xc6, 0x38, 0xf5, 0x79,
+    0xc4, 0x63, 0x7e, 0x3c, 0x1d, 0x72, 0x23, 0xd4, 0x20, 0xf7, 0x9b, 0x37, 0x18, 0x8e, 0x99, 0x7c,
+    0x5f, 0x87, 0x3e, 0xc4, 0xb9, 0xd4, 0xef, 0x45, 0x34, 0xaa, 0x1c, 0x12, 0x17, 0xa8, 0x8e, 0xac,
+    0xcc, 0x49, 0xd4, 0x1b, 0x9d, 0xd3, 0xd8, 0x79, 0xa9, 0xa1, 0x9e, 0xd1, 0x0e, 0xb8, 0xc0, 0x8a,
+    0xcf, 0x36, 0x9b, 0xbf, 0xad, 0xd7, 0xb1, 0x9e, 0xa2, 0x2f, 0x46, 0x65, 0x98, 0x22, 0xe5, 0x38,
+    0x76, 0x91, 0xfd, 0xa2, 0x6c, 0x09, 0x59, 0x44, 0x64, 0x1d, 0x45, 0x86, 0x2b, 0x30, 0xd2, 0x6a,
+    0x2c, 0x97, 0x12, 0x49, 0x85, 0xd1, 0x0d, 0xeb, 0x4d, 0xe6, 0xf2, 0x8b, 0x45, 0xf5, 0x33, 0xd3,
+    0xb8, 0x33, 0xe2, 0xc0, 0xd1, 0x63, 0xcf, 0x87, 0x7e, 0x48, 0x4b, 0x8f, 0xc1, 0x64, 0x95, 0x3c,
+    0xd8, 0x08, 0x16, 0xa7, 0x1e, 0xe3, 0x71, 0x57, 0xdd, 0x26, 0x77, 0xad, 0x29, 0xcf, 0xbf, 0xde,
+    0x2e, 0x7c, 0xd9, 0x30, 0xa5, 0x68, 0x43, 0x51, 0xfe, 0x12, 0x62, 0x53, 0xa1, 0x19, 0xb4, 0x0f,
+    0x36, 0x02, 0xe4, 0x59, 0xe6, 0x48, 0x8d, 0x65, 0xa6, 0xe8, 0x6d, 0xba, 0x9b, 0x43, 0x5f, 0xd6,
+    0xdb, 0x77, 0x59, 0x03, 0x2e, 0xe7, 0x18, 0xb0, 0xd6, 0xa8, 0xaf, 0x19, 0xbf, 0x55, 0x9a, 0x6c,
+    0x69, 0x85, 0xda, 0x9d, 0x5f, 0x9c, 0x62, 0x20, 0x92, 0x42, 0x71, 0xa8, 0x8c, 0xeb, 0xd1, 0x7a,
+    0xb3, 0x66, 0x07, 0x43, 0x61, 0xc6, 0x5d, 0xcd, 0xfc, 0x90, 0x96, 0xdd, 0x41, 0xc8, 0xe9, 0x78,
+    0x14, 0x41, 0xc2, 0xbc, 0x83, 0x30, 0xa9, 0x2e, 0x74, 0x87, 0xe9, 0x7c, 0x27, 0x77, 0x7f, 0x54,
+    0x95, 0x30, 0x74, 0x54, 0x44, 0x0f, 0xe5, 0x31, 0x8b, 0xd4, 0xf1, 0x68, 0xf6, 0xe7, 0x04, 0x81,
+    0xbe, 0xcd, 0x7c, 0x4b, 0xb1, 0x6b, 0x1d, 0x8a, 0x68, 0x97, 0x38, 0x24, 0x2e, 0x93, 0xdf, 0x9b,
+    0x62, 0xd0, 0x3f, 0x1e, 0xef, 0x39, 0xf0, 0x6a, 0x10, 0x9a, 0xac, 0xfa, 0x0c, 0x47, 0xad, 0x3e,
+    0xa1, 0xd9, 0x5b, 0x74, 0x82, 0xfe, 0x26, 0xee, 0x9e, 0xc8, 0x0c, 0x0a, 0x89, 0x48, 0xdc, 0x8b,
+    0x3b, 0xa9, 0x9f, 0x51, 0x36, 0xe5, 0xcd, 0x22, 0x32, 0xef, 0xc3, 0x43, 0xf4, 0x18, 0x69, 0x35,
+    0x16, 0xaa, 0x09, 0xc5, 0xa3, 0x89, 0xe7, 0x94, 0xc7, 0x73, 0x79, 0xa4, 0xc3, 0x9b, 0xf8, 0x88,
+    0x66, 0xc5, 0x6a, 0xec, 0xaf, 0x88, 0x6c, 0xdd, 0xb5, 0xb1, 0x4f, 0x89, 0x07, 0x5c, 0x60, 0x45,
+    0xe9, 0x60, 0xe8, 0xa8, 0x88, 0x1e, 0x09, 0x62, 0xd5, 0x6b, 0x21, 0xd0, 0x2f, 0x0d, 0x08, 0xc1,
+    0x5c, 0xf8, 0x71, 0x60, 0x89, 0xd0, 0x86, 0xa2, 0x3f, 0x24, 0xc4, 0xa6, 0x81, 0x32, 0xab, 0x1e,
+    0x6c, 0x04, 0x0b, 0xb2, 0x0f, 0x90, 0xd9, 0xca, 0x8f, 0x13, 0xda, 0xb7, 0xf5, 0x86, 0xbe, 0x6f,
+    0x6d, 0x90, 0x8f, 0x6f, 0x1f, 0x2d, 0xfe, 0x97, 0x37, 0x69, 0x92, 0xdb, 0x87, 0xf0, 0x1c, 0x01,
+    0xad, 0xe6, 0xa4, 0xa1, 0x42, 0xee, 0x41, 0xf4, 0xb2, 0xb5, 0xea, 0x9f, 0x94, 0x65, 0x48, 0x06,
+    0x37, 0x96, 0x60, 0x84, 0xf6, 0xf5, 0xaa, 0x38, 0x1e, 0x92, 0x25, 0xd6, 0xe9, 0x35, 0xfd, 0xb8,
+    0x61, 0xaf, 0x70, 0xba, 0xdf, 0x3d, 0x99, 0x8d, 0x1b, 0x14, 0x74, 0x4e, 0x9a, 0xdd, 0x88, 0x8c,
+    0x4b, 0xc6, 0xfc, 0x78, 0x3a, 0xe4, 0x46, 0x6b, 0x40, 0x2d, 0xf5, 0x6e, 0x30, 0xdf, 0xf1, 0xf8,
+    0xb9, 0xa7, 0x66, 0x1d, 0xc1, 0xde, 0xe8, 0xda, 0xc6, 0x32, 0x03, 0xe3, 0xb3, 0x12, 0x37, 0x52,
+    0xe3, 0xa1, 0x89, 0xf6, 0x28, 0x06, 0xbc, 0x75, 0xef, 0xc9, 0xb4, 0xee, 0xdd, 0xd7, 0xd6, 0xeb,
+    0xba, 0xd8, 0x29, 0xb9, 0xf1, 0xda, 0x81, 0x3d, 0xcd, 0xbc, 0xdb, 0x57, 0x25, 0x88, 0x12, 0xe0,
+    0xf1, 0x1e, 0xd5, 0xc1, 0xcb, 0x3e, 0xc7, 0x56, 0x8d, 0x91, 0x2e, 0x39, 0x15, 0x57, 0xe3, 0x18,
+    0xa0, 0x4d, 0xdf, 0xa9, 0x92, 0x43, 0x01, 0xb3, 0x26, 0xb2, 0x44, 0x66, 0xfb, 0x3e, 0x7e, 0xe5,
+    0x85, 0x64, 0xe3, 0x1a, 0x87, 0x8e, 0xd0, 0xa8, 0x5a, 0x78, 0xfb, 0x67, 0xda, 0x8b, 0xb6, 0xae,
+    0x83, 0x9a, 0x7d, 0x91, 0xe7, 0x86, 0x02, 0xa5, 0x4c, 0xa7, 0x88, 0xcc, 0x35, 0x7c, 0xfc, 0x09,
+    0xda, 0xe3, 0xdd, 0xde, 0x3e, 0x5a, 0x3f, 0xed, 0x6e, 0xd2, 0xe7, 0x75, 0xcd, 0x23, 0x38, 0x02,
+    0x47, 0xf9, 0x03, 0xad, 0xfa, 0xf4, 0x21, 0x71, 0x6c, 0x50, 0x13, 0xfb, 0x2d, 0xf2, 0x65, 0x75,
+    0xc5, 0xf7, 0xfa, 0xe1, 0x0d, 0xcf, 0x04, 0x89, 0x98, 0x8d, 0xd3, 0x5b, 0x6a, 0xf8, 0x3b, 0x12,
+    0xb0, 0x19, 0x48, 0xe7, 0x51, 0xc2, 0x34, 0x2a, 0xf7, 0x1e, 0x4e, 0x69, 0xd7, 0x52, 0xcc, 0xca,
+    0x33, 0x83, 0x35, 0x76, 0xb6, 0x44, 0x36, 0x8f, 0xbb, 0xb9, 0xc6, 0xa5, 0xe2, 0x2e, 0x30, 0xc3,
+    0xfa, 0x4b, 0x30, 0x42, 0x7b, 0x9b, 0x55, 0x1c, 0x0f, 0x49, 0xf3, 0x6b, 0x95, 0xfb, 0x9f, 0x5c,
+    0x96, 0x4f, 0x3b, 0xf0, 0x74, 0x0b, 0x8c, 0xd6, 0x80, 0x5a, 0x29, 0xdc, 0x60, 0x7d, 0x21, 0x33,
+    0x6f, 0x7b, 0x44, 0x16, 0x3f, 0x94, 0xb0, 0x2d, 0x84, 0x9d, 0x02, 0x03, 0x63, 0x1c, 0x9b, 0xdd,
+    0x6e, 0xef, 0xc0, 0xcb, 0x2f, 0x29, 0x97, 0x70, 0x3c, 0xe7, 0x4a, 0x6f, 0x11, 0x6a, 0x39, 0xb3,
+    0xc2, 0x9d, 0xe0, 0xb7, 0x7d, 0x7a, 0xf1, 0xd9, 0x36, 0x28, 0xe8, 0x9c, 0xf7, 0x79, 0xd3, 0xdb,
+    0xf6, 0x74, 0xcf, 0x97, 0xbb, 0x8b, 0x32, 0x06, 0x23, 0x34, 0x15, 0xfe, 0x88, 0xd6, 0x0b, 0xd1,
+    0x50, 0xc7, 0x8e, 0xb5, 0x49, 0xc0, 0xe1, 0xb8, 0x13, 0x59, 0x22, 0x33, 0x9c, 0x1f, 0x3f, 0x93,
+    0xff, 0xca, 0xe1, 0x6d, 0x2b, 0x97, 0xee, 0xf6, 0x12, 0x18, 0x58, 0x74, 0xec, 0x96, 0xf0, 0x49,
+    0x5d, 0x6c, 0xf5, 0xbd, 0x99, 0x6d, 0xa1, 0xff, 0x87, 0x5e, 0x8c, 0xca, 0xf3, 0x44, 0x09, 0x70,
+    0xa9, 0xf3, 0xf1, 0x53, 0x02, 0x5f, 0xdd, 0x43, 0x17, 0x9e, 0x09, 0xec, 0x9f, 0x7e, 0x85, 0x7d,
+    0x8e, 0x31, 0x06, 0x99, 0x37, 0x2b, 0x42, 0xe2, 0xd8, 0xa0, 0x26, 0x35, 0x5a, 0x27, 0xca, 0xea,
+    0x17, 0x3e, 0x8d, 0x18, 0xb3, 0x34, 0xc0, 0xc9, 0x7f, 0x09, 0x31, 0xc8, 0xb1, 0xed, 0x5a, 0xe6,
+    0x1b, 0x01, 0x72, 0xcd, 0x73, 0x24, 0xa7, 0xd3, 0x53, 0x74, 0xd7, 0x5d, 0xac, 0xc0, 0xce, 0x6b,
+    0x97, 0xdb, 0xbf, 0x2d, 0x64, 0xb6, 0xab, 0x8b, 0x38, 0x20, 0x61, 0xb0, 0x12, 0x0b, 0x83, 0x5d,
+    0x7d, 0xc4, 0x18, 0x21, 0xdc, 0xac, 0xcb, 0x0e, 0xe6, 0xc5, 0x98, 0xd4, 0xab, 0x9c, 0xae, 0x2e,
+    0xec, 0xe1, 0x39, 0x87, 0xd8, 0x12, 0xb2, 0x88, 0xc8, 0x3a, 0x8a, 0xcf, 0x56, 0x60, 0x67, 0xd4,
+    0x58, 0xed, 0x24, 0x92, 0xc9, 0x61, 0x1a, 0x15, 0x9a, 0x0f, 0x27, 0xd5, 0x8a, 0x29, 0x66, 0x65,
+    0xf7, 0xe0, 0x4b, 0x4a, 0xab, 0x36, 0x15, 0x5b, 0x9b, 0x4e, 0x5d, 0x92, 0xfa, 0xa0, 0xa9, 0xbf,
+    0x1f, 0x14, 0x27, 0x3f, 0x33, 0x95, 0x3b, 0x64, 0xf6, 0x5f, 0x34, 0x2e, 0xa7, 0xdb, 0x03, 0x10,
+    0xfb, 0xdf, 0xb4, 0x9f, 0x6b, 0x26, 0x72, 0x41, 0xb7, 0x33, 0xbb, 0x07, 0xe7, 0x8d, 0x3d, 0x32,
+    0x7c, 0x50, 0x9c, 0xfc, 0xcc, 0x11, 0xec, 0x53, 0x5e, 0xbf, 0xd0, 0xb8, 0xd9, 0xea, 0x0c, 0x40,
+    0x09, 0xbe, 0x2e, 0xfa, 0x90, 0x1c, 0xdc, 0xf0, 0x31, 0x2c, 0x4d, 0x8a, 0x64, 0x40, 0xfb, 0x98,
+    0x0d, 0xab, 0x7b, 0x08, 0xd0, 0xad, 0x40, 0x47, 0x94, 0x07, 0xae, 0xf9, 0x6f, 0x5b, 0x36, 0xe3,
+    0x7a, 0xae, 0x02, 0x77, 0xac, 0x19, 0x3e, 0x5e, 0x48, 0x60, 0xa3, 0x13, 0x36, 0x1d, 0x46, 0xe7,
+    0x67, 0x51, 0xee, 0x31, 0xbf, 0x35, 0x4b, 0x80, 0x0d, 0xcb, 0x07, 0xe5, 0x75, 0x2a, 0xc2, 0x2b,
+    0x45, 0x12, 0xc8, 0xd4, 0xda, 0x4d, 0x6f, 0xcb, 0xdf, 0xa4, 0x83, 0x23, 0xc9, 0x1e, 0xe2, 0xa9,
+    0x87, 0x8f, 0x28, 0x63, 0xa7, 0x37, 0x9e, 0x12, 0xe9, 0x8c, 0x6b, 0xbf, 0x3e, 0x67, 0x31, 0x72,
+    0xdc, 0x1d, 0x43, 0x55, 0x5e, 0x52, 0xed, 0xe0, 0x78, 0x0d, 0x94, 0xde, 0x22, 0xd4, 0x72, 0xa5,
+    0xe8, 0xf4, 0x6c, 0x75, 0x98, 0xa3, 0x2e, 0x3f, 0x6d, 0x11, 0x69, 0xbc, 0x5d, 0x7b, 0xaa, 0xaf,
+    0x4f, 0xd3, 0xa9, 0x8a, 0x7a, 0x55, 0xda, 0xdc, 0xe5, 0x06, 0x16, 0x1d, 0x3b, 0xc4, 0x3c, 0x83,
+    0x1d, 0xff, 0xec, 0x46, 0x13, 0x2c, 0x75, 0xde, 0x45, 0xab, 0xa4, 0xf6, 0x43, 0x37, 0x84, 0xcc,
+    0x4e, 0x47, 0x2d, 0x57, 0x6a, 0xe8, 0xfd, 0x81, 0x5d, 0x7c, 0x5e, 0x71, 0x49, 0xb2, 0x9e, 0xed,
+    0x04, 0x15, 0x55, 0xf2, 0x40, 0xb1, 0x9c, 0xb7, 0xa5, 0x2b, 0xe3, 0x73, 0x0b, 0x1b, 0xcd, 0x7b,
+    0xeb, 0x8b, 0x23, 0xd1, 0xa8, 0xa7, 0x47, 0xd8, 0x66, 0x9f, 0xb1, 0x08, 0xcb, 0xe1, 0x8f, 0x1d,
+    0xf8, 0xa0, 0xfb, 0x3b, 0x5b, 0x22, 0x1b, 0xa6, 0xbc, 0xbd, 0x63, 0xb3, 0x71, 0x17, 0x18, 0x80,
+    0xf3, 0xf5, 0x1e, 0xb8, 0xeb, 0x87, 0x89, 0xec, 0x3e, 0x65, 0xbe, 0xe1, 0xf1, 0xbb, 0x64, 0xc4,
+    0x3e, 0x28, 0x4e, 0x7e, 0x66, 0xe9, 0x76, 0xc8, 0x2f, 0xbe, 0x68, 0x5c, 0x8d, 0x75, 0x06, 0x20,
+    0x3d, 0x57, 0x01, 0xda, 0x56, 0xed, 0x1f, 0x2f, 0x24, 0x30, 0xb0, 0xe8, 0x1b, 0xef, 0x23, 0x92,
+    0xbd, 0xb2, 0x33, 0xef, 0x81, 0x6f, 0x74, 0x6d, 0x63, 0x19, 0xe0, 0x90, 0xb8, 0x09, 0xfa, 0x29,
+    0x8a, 0x24, 0x53, 0x6b, 0x77, 0x9a, 0xde, 0x55, 0x7d, 0x8b, 0xc5, 0x46, 0x51, 0x3c, 0x07, 0x91,
+    0x88, 0xcf, 0x98, 0x12, 0x57, 0x23, 0x90, 0xef, 0xce, 0x7f, 0x55, 0x9e, 0xb5, 0xd0, 0x80, 0x4d,
+    0xdd, 0x89, 0xc7, 0x88, 0x4e, 0xef, 0xca, 0xbd, 0xc0, 0x77, 0xdc, 0xb2, 0x50, 0xa2, 0xd0, 0xcb,
+    0xcd, 0xdd, 0x50, 0xc6, 0x8d, 0x6e, 0xff, 0x24, 0x11, 0xdb, 0xd6, 0xbd, 0x7c, 0xce, 0x62, 0xe4,
+    0x0b, 0x55, 0xe5, 0x83, 0xb0, 0xa5, 0x92, 0x4a, 0x82, 0xd8, 0xdd, 0x52, 0x80, 0xac, 0x7c, 0x44,
+    0x13, 0x2b, 0xd8, 0xea, 0xf3, 0x85, 0x5c, 0x7e, 0xda, 0x22, 0xd2, 0xbb, 0xba, 0xf6, 0x97, 0x9d,
+    0x98, 0x9b, 0x0f, 0x5c, 0x94, 0xa2, 0xa5, 0x76, 0x1f, 0xd3, 0x5f, 0x91, 0x99, 0xbc, 0x32, 0x62,
+    0x02, 0xeb, 0xcb, 0x79, 0x20, 0xb9, 0x4e, 0xba, 0xb3, 0xf4, 0x90, 0xd8, 0xe4, 0xec, 0x87, 0xdc,
+    0x93, 0xce, 0xea, 0xdf, 0x24, 0x07, 0x37, 0x3c, 0x9d, 0x0b, 0x82, 0xc3, 0x19, 0x10, 0x4e, 0x26,
+    0x80, 0xe5, 0x32, 0x35, 0xd7, 0x82, 0x6b, 0x42, 0x47, 0x29, 0x50, 0x78, 0xa3, 0xe6, 0xd9, 0xbb,
+    0x90, 0xb1, 0xa5, 0x7b, 0x14, 0x03, 0x5e, 0xdb, 0x96, 0x85, 0x5a, 0x77, 0x8f, 0x8a, 0x6b, 0x94,
+    0xd0, 0x22, 0xbc, 0x80, 0x9e, 0x42, 0x8a, 0xfa, 0x54, 0x70, 0x72, 0x4b, 0x3f, 0xf9, 0xe6, 0x28,
+    0x24, 0xbd, 0xb8, 0x6e, 0x05, 0x70, 0xf6, 0x46, 0xc4, 0xb0, 0xf7, 0x6d, 0x53, 0xc3, 0x6a, 0x25,
+    0x34, 0xe9, 0x2f, 0x20, 0xc6, 0xf1, 0xc3, 0xdf, 0x15, 0x1c, 0xfd, 0x62, 0x7f, 0xaf, 0xd8, 0x0a,
+    0xcb, 0x23, 0xce, 0x4d, 0xed, 0x66, 0x2d, 0x29, 0x07, 0x04, 0xa5, 0x16, 0x93, 0x39, 0x28, 0x43,
+    0xed, 0x75, 0xbd, 0x5a, 0xc8, 0xaf, 0x95, 0xd5, 0x70, 0x40, 0xc2, 0xa3, 0x24, 0x16, 0xc5, 0xba,
+    0xf4, 0x9f, 0x04, 0xee, 0x9b, 0x32, 0x7c, 0xbc, 0x90, 0xc0, 0x85, 0x26, 0x6c, 0x3a, 0x8c, 0x0d,
+    0xce, 0xa2, 0x1f, 0x62, 0xbd, 0x6a, 0x96, 0xc3, 0x1a, 0x55, 0x0e, 0x09, 0xea, 0x54, 0x47, 0x56,
+    0x99, 0x0f, 0x8b, 0x81, 0x84, 0x1f, 0x82, 0x2b, 0xa7, 0xa9, 0x17, 0xfd, 0xeb, 0xca, 0x90, 0x0c,
+    0x10, 0x54, 0x97, 0x4e, 0xc3, 0x81, 0x35, 0x99, 0xd1, 0xac, 0x0a, 0x0f, 0x2c, 0x6c, 0xb2, 0x2f,
+    0x44, 0x86, 0x4c, 0x09, 0xca, 0xf0, 0x48, 0x96, 0x67, 0xde, 0xcb, 0x4f, 0xbb, 0x68, 0x40, 0xc7,
+    0x40, 0x93, 0x19, 0xfb, 0x8a, 0x41, 0xd4, 0x21, 0xc2, 0xf5, 0x28, 0x3c, 0xb0, 0x73, 0x8d, 0xbc,
+    0x92, 0x5a, 0x6e, 0x02, 0x34, 0xba, 0x10, 0x61, 0x25, 0x71, 0xca, 0xaf, 0x6b, 0x66, 0xec, 0x48,
+    0x3a, 0x3d, 0x1b, 0x8c, 0x26, 0x58, 0xea, 0x7f, 0x8a, 0x95, 0x8b, 0x2f, 0x86, 0x6e, 0xcb, 0x5b,
+    0x01, 0x94, 0x84, 0xdd, 0x10, 0xbd, 0x27, 0x5d, 0xb8, 0x7a, 0x48, 0x6c, 0x72, 0x76, 0xa2, 0x6e,
+    0x26, 0x56, 0x73, 0x17, 0x25, 0xc9, 0xb8, 0xfc, 0x77, 0x44, 0x67, 0xb5, 0xb7, 0x2f, 0xed, 0xf9,
+    0x12, 0xbf, 0x5c, 0x37, 0xe3, 0x38, 0x7b, 0x23, 0x62, 0x58, 0x9a, 0xd7, 0xc8, 0x80, 0x35, 0xf3,
+    0x1a, 0x95, 0xf6, 0x10, 0x63, 0x99, 0x80, 0x8e, 0xeb, 0x0e, 0x9f, 0x31, 0xde, 0xb6, 0x6c, 0x05,
+    0x48, 0xb9, 0xb3, 0xdc, 0x0a, 0xe0, 0x2f, 0x8c, 0x4b, 0xa3, 0x2d, 0xda, 0xa6, 0x45, 0xd4, 0x4a,
+    0x68, 0x11, 0x5e, 0x40, 0x4f, 0x21, 0x45, 0x7d, 0x2a, 0x38, 0x39, 0xc4, 0xfe, 0x9d, 0x73, 0x14,
+    0xf5, 0x0b, 0x80, 0x33, 0x8b, 0x8f, 0x5b, 0xe1, 0x28, 0xba, 0xcd, 0x4a, 0x1e, 0x4c, 0x2e, 0x63,
+    0x81, 0x71, 0xb6, 0xe8, 0xc7, 0x3f, 0x4c, 0x1f, 0xff, 0x53, 0x18, 0x14, 0xd1, 0x90, 0x7b, 0xd5,
+    0x8b, 0xb0, 0xd7, 0xb6, 0x67, 0x27, 0xf9, 0x08, 0xc5, 0xf1, 0x8d, 0x2a, 0x23, 0x4a, 0xa5, 0xff,
+    0xc7, 0x1c, 0x31, 0x98, 0x2d, 0x76, 0x4a, 0x33, 0x2b, 0x79, 0x43, 0x83, 0x8e, 0x14, 0xbc, 0xce,
+    0xd6, 0xdc, 0x22, 0x0b, 0xfe, 0x4a, 0x58, 0xf7, 0x42, 0xaf, 0x01, 0xe0, 0xd0, 0x0e, 0xac, 0x8f,
+    0x20, 0xa8, 0xed, 0x9c, 0x45, 0xc1, 0x6a, 0xf1, 0x61, 0x9b, 0x14, 0x1e, 0x58, 0xd8, 0xa7, 0x5e,
+    0x0a, 0xc1, 0x61, 0x5e, 0xa0, 0x18, 0xb5, 0x17, 0x3a, 0xa2, 0x95, 0x3e, 0xf2, 0xda, 0xde, 0x2a,
+    0x08, 0x2a, 0xaa, 0x27, 0x80, 0xa1, 0xfb, 0xad, 0x89, 0x56, 0x05, 0xe6, 0x16, 0x36, 0x59, 0xf6,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x4c, 0xac, 0xe6, 0x2e, 0x4a, 0x51, 0xb3, 0x3b, 0xee, 0x88, 0xce, 0xa9, 0xad, 0x5e, 0x19, 0x31,
+    0xd7, 0x48, 0xa6, 0xd6, 0xee, 0xf7, 0x7f, 0xaa, 0xfa, 0xd5, 0x49, 0x8c, 0xa2, 0x78, 0x0e, 0xe1,
+    0x74, 0x7a, 0x36, 0xdb, 0x4c, 0xb0, 0x17, 0xfe, 0xd7, 0xe9, 0xd5, 0x5e, 0xcf, 0xdc, 0x55, 0xb6,
+  },
+  { /* 1 */
+    0xcc, 0xec, 0x18, 0x15, 0x1b, 0x11, 0x97, 0xc3, 0xf0, 0x9a, 0x7d, 0x3e, 0x77, 0x3a, 0x93, 0x9b,
+    0x03, 0x52, 0x4c, 0x32, 0xa4, 0x91, 0x05, 0xcd, 0xbd, 0x7b, 0x44, 0x0e, 0x71, 0xad, 0xa6, 0x23,
+    0x17, 0x0c, 0x9a, 0xa9, 0x18, 0x92, 0x39, 0xd8, 0xad, 0x0a, 0xf2, 0x46, 0x78, 0x7d, 0x02, 0x74,
+    0xa5, 0x43, 0xab, 0x04, 0x86, 0x68, 0x2c, 0x3c, 0x84, 0x83, 0x35, 0x17, 0xdb, 0x7b, 0x40, 0x98,
+    0xd4, 0x39, 0x3d, 0x46, 0x72, 0x13, 0xbf, 0x64, 0x51, 0xc4, 0x18, 0x4e, 0x79, 0x1b, 0xea, 0x40,
+    0xfc, 0x85, 0x52, 0xb3, 0xc9, 0x15, 0xc7, 0x4e, 0x71, 0x26, 0xb7, 0xde, 0x6b, 0x78, 0x61, 0xee,
+    0xd6, 0xe4, 0xf4, 0xdb, 0x0b, 0x4c, 0xb9, 0x53, 0x87, 0x96, 0x60, 0xfb, 0x27, 0x6c, 0x2e, 0xc3,
+    0x76, 0x51, 0x8b, 0x89, 0xa2, 0x54, 0x9a, 0xfb, 0x07, 0x98, 0x99, 0xfe, 0x6f, 0x23, 0x47, 0x3e,
+    0xd2, 0x9d, 0xa5, 0x22, 0xf9, 0xf2, 0xb5, 0x3d, 0xe8, 0x32, 0x90, 0x52, 0x9b, 0x82, 0x65, 0x06,
+    0x20, 0x4e, 0xcd, 0xc4, 0x9c, 0xb9, 0x60, 0xf6, 0xfe, 0x69, 0x8c, 0x01, 0xa9, 0x7c, 0x1d, 0xe7,
+    0x65, 0x24, 0x40, 0xd9, 0x48, 0x78, 0xaf, 0x4d, 0xc5, 0x36, 0x9b, 0x11, 0xab, 0xb0, 0x0e, 0x8f,
+    0x42, 0x41, 0x90, 0xd6, 0x82, 0xee, 0xc6, 0x18, 0xe9, 0x80, 0xa3, 0xb7, 0xcf, 0x8f, 0xfe, 0x8e,
+    0x46, 0x38, 0xc1, 0x2f, 0x70, 0x50, 0xca, 0x76, 0x86, 0x24, 0x53, 0x1e, 0x73, 0x61, 0xb5, 0x4b,
+    0xbb, 0x32, 0x16, 0x33, 0x64, 0x8b, 0x0e, 0xc2, 0x9c, 0x2b, 0xd8, 0x7b, 0x37, 0xc3, 0xb6, 0x05,
+    0x2c, 0xc5, 0x3e, 0x0c, 0x49, 0xb8, 0x74, 0x44, 0x4f, 0x46, 0x5f, 0x39, 0xae, 0x8d, 0xc0, 0x6b,
+    0x25, 0xb8, 0x19, 0x92, 0xb3, 0xc9, 0x6f, 0x62, 0xfa, 0xe4, 0x40, 0x13, 0x3a, 0x48, 0x34, 0x82,
+    0x2e, 0x18, 0xf7, 0x91, 0x30, 0xe7, 0x72, 0x73, 0x99, 0x14, 0x27, 0x8c, 0xf0, 0xfa, 0x04, 0xe8,
+    0x7f, 0x2c, 0xac, 0x17, 0x58, 0x25, 0x81, 0xdd, 0xb2, 0x3a, 0x86, 0xd4, 0xfb, 0xe6, 0xb3, 0xd7,
+    0xad, 0xb1, 0x09, 0x35, 0xa1, 0xd7, 0x34, 0xe0, 0x5a, 0x08, 0x16, 0x86, 0x60, 0x64, 0xd6, 0xd1,
+    0x06, 0xa4, 0x98, 0x64, 0x8b, 0xe1, 0x0a, 0x59, 0xb9, 0xf6, 0x88, 0x1c, 0xe2, 0x99, 0x8f, 0x46,
+    0x6b, 0x72, 0x7a, 0x8c, 0xe4, 0x26, 0xbd, 0xc8, 0xa2, 0x4b, 0x30, 0x9c, 0xf2, 0x36, 0x17, 0x80,
+    0x3b, 0xc9, 0xa4, 0xa5, 0x51, 0x2a, 0x4d, 0x9c, 0xe2, 0x4c, 0xad, 0x7f, 0xd6, 0xf0, 0xc2, 0x1f,
+    0x6a, 0xfd, 0xff, 0x23, 0x39, 0xe8, 0xbe, 0x32, 0xc9, 0x62, 0x0c, 0x27, 0xdd, 0xec, 0x75, 0x20,
+    0x7e, 0xa3, 0x29, 0xb8, 0x85, 0xeb, 0x82, 0x27, 0xd9, 0x13, 0xba, 0x6f, 0xd4, 0x3c, 0xd1, 0x77,
+    0x3c, 0xe2, 0xb9, 0x6e, 0x07, 0x05, 0x44, 0x3f, 0x30, 0x93, 0x19, 0xd8, 0x1b, 0xb3, 0x2f, 0xf9,
+    0x84, 0x82, 0xe3, 0x6f, 0xc7, 0x1f, 0x4f, 0x30, 0x11, 0xc3, 0x85, 0xad, 0x5d, 0xdd, 0x3f, 0xdf,
+    0x67, 0xf9, 0x89, 0x44, 0x31, 0x27, 0xa9, 0x7a, 0x13, 0x64, 0xe3, 0xa4, 0xf5, 0xc7, 0xca, 0x0c,
+    0xb6, 0x36, 0x60, 0x54, 0x6c, 0x44, 0x19, 0x8a, 0x46, 0x2d, 0x37, 0xf8, 0x1f, 0xe8, 0x09, 0x29,
+    0x16, 0x83, 0x1f, 0x06, 0xc5, 0x5c, 0x3a, 0x22, 0xc6, 0x23, 0xce, 0xfd, 0x57, 0xa7, 0x60, 0xd4,
+    0x88, 0x09, 0x10, 0xa7, 0x12, 0x1e, 0x5b, 0x82, 0xa0, 0xec, 0x56, 0x95, 0x5a, 0x2c, 0xe2, 0x53,
+    0x58, 0x49, 0x7c, 0x18, 0x92, 0xb3, 0xe8, 0x88, 0x9e, 0x8c, 0xbe, 0x72, 0x9f, 0xd9, 0x43, 0xd6,
+    0xbc, 0x19, 0x0b, 0xf8, 0x32, 0xa4, 0x07, 0x61, 0x4e, 0xf4, 0x6c, 0xdc, 0xfa, 0x80, 0x5b, 0xe3,
+    0xde, 0x16, 0x56, 0xea, 0x2c, 0xf3, 0xa1, 0x8f, 0x59, 0x1d, 0x43, 0x6a, 0x9c, 0x73, 0xb8, 0x8a,
+    0xc2, 0xba, 0x22, 0x40, 0xb7, 0x4f, 0x85, 0x46, 0x97, 0xe7, 0xd6, 0xb3, 0x2e, 0xbc, 0x8a, 0x94,
+    0x4e, 0xca, 0x63, 0x1e, 0x57, 0xef, 0xd2, 0xaa, 0x58, 0xaf, 0x70, 0x8f, 0xc8, 0x7e, 0x23, 0x02,
+    0x3f, 0xb0, 0xf5, 0x5c, 0xa3, 0x94, 0x41, 0xf2, 0x8d, 0xe8, 0x5d, 0xd6, 0x6a, 0x1e, 0x89, 0xda,
+    0x0e, 0x56, 0x3a, 0x55, 0xac, 0x5e, 0x12, 0x85, 0x67, 0x7d, 0xab, 0x8d, 0x59, 0x86, 0x19, 0x0f,
+    0x1f, 0xfe, 0x38, 0x98, 0x3f, 0x2d, 0x21, 0x04, 0x73, 0x81, 0xd1, 0xd7, 0xc3, 0x62, 0x94, 0x3d,
+    0x99, 0xa1, 0x12, 0x6a, 0x81, 0x6d, 0x68, 0x03, 0xb4, 0x10, 0x2c, 0xcf, 0xc0, 0xc8, 0x6f, 0x61,
+    0x0c, 0x8b, 0xf3, 0xc8, 0xd5, 0x01, 0x14, 0xb2, 0xb1, 0x2f, 0xd3, 0x38, 0x07, 0xf1, 0xdd, 0x8c,
+    0x70, 0xf5, 0x13, 0xed, 0x29, 0xb5, 0x90, 0xa2, 0xbe, 0x6e, 0x11, 0xe2, 0x8d, 0xba, 0xc8, 0x78,
+    0x44, 0xe5, 0x08, 0xb2, 0x09, 0x0f, 0xcc, 0x41, 0x50, 0x76, 0x2b, 0xab, 0x2d, 0x16, 0x71, 0xc8,
+    0x2d, 0x4a, 0xbb, 0xa3, 0x94, 0x76, 0x77, 0xbe, 0x24, 0x6f, 0x63, 0x82, 0x81, 0x57, 0xa2, 0xcb,
+    0x5f, 0x62, 0x61, 0xd3, 0xc4, 0x9c, 0xe1, 0x2b, 0x4c, 0x53, 0x0a, 0xd5, 0x52, 0x9a, 0xae, 0x30,
+    0x78, 0x07, 0xb1, 0xdc, 0x0e, 0x0a, 0x88, 0x7e, 0x60, 0xe5, 0x32, 0x73, 0x36, 0xa5, 0x5e, 0x31,
+    0xcb, 0xc7, 0x05, 0xde, 0x4d, 0x3e, 0x9e, 0x60, 0x22, 0x45, 0xc9, 0x99, 0xba, 0x79, 0x7e, 0x7d,
+    0xd5, 0xb6, 0xb8, 0xe9, 0xaf, 0xdd, 0xbc, 0x9e, 0x3a, 0xed, 0x24, 0xf5, 0x56, 0xc1, 0x88, 0xe0,
+    0x73, 0xa7, 0x5f, 0xdf, 0x8d, 0x24, 0x95, 0x6f, 0x03, 0x15, 0x55, 0xec, 0xfc, 0x17, 0x6e, 0x5b,
+    0x5c, 0x30, 0x2d, 0xe1, 0x60, 0x0d, 0xe4, 0xe6, 0xf1, 0x28, 0x4e, 0xdb, 0x23, 0x37, 0x08, 0x13,
+    0xfe, 0x58, 0x9b, 0x2e, 0xb0, 0x4a, 0xc1, 0x79, 0xa7, 0x74, 0xcf, 0x6b, 0x35, 0x0f, 0xa5, 0x6d,
+    0x6f, 0x0b, 0x2b, 0x75, 0x16, 0x98, 0xb1, 0xa6, 0xcd, 0xef, 0xc0, 0x35, 0x4e, 0xd8, 0x5c, 0x45,
+    0x1a, 0x08, 0xec, 0xce, 0x10, 0x5d, 0x2e, 0x90, 0x77, 0x0c, 0x1d, 0xc5, 0x50, 0x56, 0xbd, 0x58,
+    0x07, 0x2b, 0x1d, 0xcb, 0x56, 0x2f, 0x09, 0xa3, 0xd2, 0xdf, 0xb4, 0xa7, 0xcd, 0x43, 0xed, 0xe6,
+    0xee, 0x7f, 0x1c, 0x4c, 0xfe, 0xf7, 0xf1, 0x02, 0xd8, 0xa1, 0x89, 0x8a, 0x80, 0x31, 0x4a, 0xff,
+    0xea, 0x06, 0x4d, 0xb5, 0x0c, 0x49, 0xfd, 0x6c, 0xb7, 0x05, 0x79, 0x23, 0x3c, 0xdf, 0x01, 0x3a,
+    0xc8, 0x95, 0x49, 0xec, 0xe9, 0xaf, 0x9b, 0xad, 0x9f, 0x3e, 0x8d, 0x97, 0xcb, 0xd4, 0xd8, 0x5e,
+    0x8c, 0x70, 0x41, 0x5e, 0xe0, 0xa0, 0x57, 0xec, 0xcf, 0x48, 0xa6, 0x3c, 0xe6, 0xc2, 0xa9, 0x96,
+    0xb5, 0x64, 0x2c, 0x66, 0xc8, 0xd5, 0x1c, 0x47, 0xfb, 0x56, 0x73, 0xf6, 0x6e, 0x45, 0xaf, 0x0a,
+    0x38, 0x9b, 0xe8, 0x97, 0xf5, 0xbb, 0x48, 0x51, 0x5f, 0x37, 0xe9, 0x71, 0xa7, 0x5d, 0x64, 0x3c,
+    0x59, 0xc6, 0xf9, 0xb7, 0x4f, 0x7d, 0xeb, 0x72, 0xf5, 0xa5, 0x82, 0xc9, 0xb0, 0x03, 0x21, 0x76,
+    0x69, 0xaf, 0xb3, 0x11, 0x9d, 0x79, 0xbb, 0xff, 0x74, 0x19, 0x48, 0x29, 0xac, 0x41, 0xd3, 0x03,
+    0x10, 0x27, 0x87, 0x62, 0x4e, 0xbd, 0x30, 0x7b, 0x7f, 0xd5, 0x46, 0xe1, 0xb5, 0x3e, 0xef, 0x92,
+    0xf0, 0x0e, 0xa1, 0x7b, 0x1c, 0x14, 0xd3, 0xfc, 0xc0, 0x09, 0x64, 0xe6, 0x6c, 0x89, 0xbc, 0x62,
+    0xa3, 0xe7, 0x33, 0x60, 0x0d, 0x89, 0x26, 0x65, 0x3d, 0x75, 0xbd, 0x0b, 0x39, 0xe2, 0xcf, 0xde,
+    0x09, 0x7d, 0x27, 0x9e, 0xfa, 0x71, 0x1b, 0x26, 0xb5, 0xa2, 0x1f, 0x2a, 0x94, 0xc5, 0xf4, 0xe9,
+    0x0d, 0x04, 0x76, 0x67, 0x08, 0xcf, 0x17, 0x48, 0xda, 0x06, 0xef, 0x83, 0x28, 0x2b, 0xbf, 0x2c,
+    0xfd, 0x0a, 0xd7, 0x1c, 0x14, 0xdb, 0xc4, 0xb4, 0x1a, 0x0f, 0x8b, 0x65, 0x44, 0xa2, 0x03, 0x4e,
+    0x1b, 0x87, 0x69, 0x61, 0xcd, 0x93, 0x2d, 0x6a, 0x1c, 0x25, 0x21, 0x7e, 0x7f, 0x8c, 0xdf, 0xf8,
+    0x27, 0x65, 0xd0, 0x0f, 0xca, 0x96, 0x69, 0x55, 0x2c, 0xb6, 0x38, 0xa6, 0x64, 0x3f, 0xf0, 0x01,
+    0x8d, 0xff, 0xc4, 0xf1, 0x3d, 0x6e, 0x54, 0x16, 0xa4, 0x61, 0x9a, 0x87, 0xc9, 0x18, 0xcb, 0x36,
+    0xf2, 0xd3, 0x68, 0xe6, 0x65, 0x4b, 0xd5, 0xcb, 0x16, 0x5b, 0x1c, 0x53, 0x32, 0xfe, 0x78, 0xe1,
+    0x92, 0x01, 0xfc, 0x69, 0x02, 0x43, 0x75, 0x12, 0xd7, 0xe0, 0x4b, 0x50, 0x0a, 0x7a, 0x5f, 0x0b,
+    0x6d, 0xd6, 0xe2, 0xe8, 0x6f, 0xc7, 0xb7, 0x91, 0x1b, 0xbd, 0xb8, 0x80, 0x10, 0xaf, 0x98, 0xc6,
+    0x5d, 0xbf, 0xa8, 0x4e, 0xbd, 0xc3, 0xe7, 0x1c, 0x9a, 0x01, 0x72, 0x60, 0x0c, 0xed, 0x6a, 0xb3,
+    0xf1, 0x81, 0x24, 0xd4, 0xc1, 0xda, 0xd0, 0x06, 0xab, 0x20, 0x58, 0x5d, 0x43, 0x53, 0xde, 0xc2,
+    0x21, 0xc1, 0x48, 0x6b, 0x41, 0x77, 0x63, 0x0c, 0x95, 0x40, 0xb0, 0xba, 0x86, 0xa6, 0x7f, 0x47,
+    0x37, 0x42, 0x57, 0x6d, 0x84, 0x2b, 0x59, 0x2e, 0x53, 0x63, 0x7e, 0x47, 0xd1, 0x01, 0x1f, 0x93,
+    0x40, 0x9c, 0x59, 0x4b, 0xfb, 0xb1, 0xc0, 0x2f, 0x3f, 0xd2, 0xdb, 0x02, 0x91, 0xf8, 0x3a, 0x0d,
+    0x8e, 0xad, 0x88, 0xc3, 0x99, 0xff, 0x51, 0xdb, 0x19, 0x1a, 0xde, 0x89, 0xb8, 0xb5, 0x6d, 0x15,
+    0xe8, 0xdb, 0x84, 0x28, 0x75, 0x16, 0xfb, 0x5b, 0x61, 0x57, 0x01, 0x96, 0x62, 0xa8, 0xc5, 0xb9,
+    0xe4, 0x50, 0x77, 0xe0, 0xa0, 0x17, 0xef, 0xe9, 0xd0, 0x78, 0xd2, 0xae, 0x65, 0x59, 0x18, 0x35,
+    0xec, 0xa2, 0xd5, 0xd1, 0x87, 0xa8, 0xf7, 0x35, 0x0e, 0xf3, 0xf1, 0x3f, 0xde, 0x46, 0x8e, 0x7c,
+    0x9e, 0x8a, 0x0f, 0xa1, 0xd7, 0x42, 0x61, 0xa0, 0x66, 0xcf, 0x98, 0x68, 0x0d, 0x8b, 0x82, 0x87,
+    0x9c, 0x57, 0xc6, 0x3c, 0xae, 0x1d, 0x67, 0x97, 0xb0, 0x9d, 0xe0, 0xdd, 0x53, 0xfc, 0x46, 0x04,
+    0xd1, 0xcf, 0xe9, 0x10, 0x5d, 0x63, 0xb0, 0xf0, 0x55, 0x49, 0xd4, 0x5c, 0xea, 0x2f, 0xc3, 0x25,
+    0xe7, 0x02, 0x3b, 0xd2, 0x04, 0x86, 0xea, 0x24, 0x6d, 0x03, 0x96, 0xa0, 0x14, 0xf4, 0xbe, 0x16,
+    0xb8, 0x60, 0x5a, 0x01, 0xc0, 0x1a, 0x0b, 0x0f, 0x21, 0x50, 0x9c, 0x75, 0x46, 0x6e, 0x10, 0x26,
+    0x2f, 0x97, 0x72, 0x3e, 0xed, 0x29, 0x71, 0x89, 0xf2, 0x3d, 0x1b, 0x37, 0xdf, 0x20, 0x66, 0x48,
+    0xe2, 0xf4, 0xef, 0x84, 0x2b, 0xf6, 0xe5, 0xb0, 0x69, 0x8e, 0x5a, 0xb2, 0x87, 0xc0, 0x97, 0x73,
+    0x8a, 0xd4, 0xd9, 0x3a, 0x6b, 0x41, 0x5d, 0xb5, 0x76, 0xbe, 0x2e, 0x20, 0x04, 0x5b, 0x26, 0xd0,
+    0xd7, 0x6b, 0x71, 0x74, 0xd6, 0x82, 0xba, 0xa9, 0xec, 0xbf, 0x5c, 0x40, 0x08, 0xb6, 0x4c, 0x63,
+    0xb4, 0xeb, 0xa9, 0xc9, 0x15, 0x1b, 0x1f, 0xbd, 0x90, 0x7f, 0x4f, 0x4d, 0x41, 0x9f, 0xcd, 0xaa,
+    0x29, 0x33, 0xea, 0x5a, 0x66, 0xc8, 0x7b, 0xd0, 0x4b, 0xcb, 0x93, 0x2b, 0x3d, 0xb9, 0xe9, 0x0e,
+    0x13, 0x75, 0xcb, 0x50, 0xea, 0x2c, 0x35, 0xb6, 0xc2, 0xae, 0x02, 0xef, 0xc4, 0x93, 0x49, 0xb1,
+    0x98, 0x2e, 0x97, 0xc5, 0x5c, 0xa3, 0x6b, 0xf9, 0xdf, 0x39, 0x10, 0x74, 0xef, 0x12, 0x0d, 0xc1,
+    0x80, 0xfb, 0xb2, 0x96, 0x35, 0xa1, 0x43, 0x5e, 0x7e, 0x67, 0x75, 0x04, 0xe1, 0x33, 0x74, 0x1a,
+    0xa6, 0x11, 0xe7, 0x36, 0x22, 0xf9, 0x29, 0xf1, 0x39, 0xf8, 0x71, 0x19, 0xaa, 0xd6, 0xe6, 0xbb,
+    0x62, 0x0f, 0x5d, 0x12, 0x1e, 0x57, 0xa6, 0xee, 0x17, 0xe9, 0x2f, 0xb6, 0x66, 0xf3, 0xe3, 0x69,
+    0xb3, 0xc0, 0xb4, 0x02, 0x43, 0x34, 0x16, 0x1e, 0x42, 0xa0, 0xfb, 0xea, 0x8c, 0xdc, 0x20, 0x4c,
+    0x5e, 0xed, 0xe4, 0x7c, 0x19, 0x52, 0xe2, 0xd1, 0x27, 0x7a, 0x36, 0x6e, 0x7d, 0x40, 0xcc, 0x90,
+    0x72, 0x28, 0xda, 0x70, 0x50, 0xea, 0x96, 0x95, 0x68, 0x3c, 0x69, 0x57, 0xd3, 0xcd, 0x0c, 0xfb,
+    0x43, 0xce, 0x15, 0x79, 0x5f, 0x20, 0xc5, 0xe2, 0x82, 0xa9, 0x9f, 0x0c, 0xe0, 0x55, 0x9c, 0x2e,
+    0x34, 0x10, 0x1b, 0x5f, 0x20, 0xba, 0x5c, 0xe3, 0xee, 0x18, 0x3a, 0x49, 0xa0, 0xac, 0xb9, 0xb0,
+    0x35, 0x9f, 0x9e, 0xf0, 0xfd, 0x74, 0x5f, 0x19, 0x85, 0x31, 0x06, 0xf2, 0x8f, 0x76, 0xdb, 0x10,
+    0x52, 0x66, 0x17, 0xb4, 0xcc, 0x53, 0xf6, 0x63, 0x96, 0x55, 0xe5, 0x56, 0x7a, 0xb1, 0x11, 0x1c,
+    0x26, 0xea, 0x55, 0xa0, 0x17, 0x58, 0x6a, 0xaf, 0x47, 0x9f, 0x04, 0x1d, 0x4b, 0xe5, 0x92, 0xa1,
+    0x7d, 0xf1, 0x65, 0x8a, 0x21, 0x7a, 0x87, 0xea, 0x64, 0x68, 0xfe, 0x61, 0xa5, 0x91, 0x77, 0x54,
+    0xb7, 0xb9, 0xe5, 0xfb, 0xb1, 0x8a, 0x1a, 0x70, 0x2d, 0x04, 0x0b, 0x43, 0x30, 0x32, 0x6b, 0x89,
+    0x0a, 0x2f, 0x6b, 0xac, 0x5e, 0xe0, 0x1e, 0xeb, 0x08, 0xd9, 0x5b, 0x24, 0xe5, 0x68, 0x52, 0xca,
+    0x45, 0x6a, 0x8d, 0x1d, 0xd4, 0xc1, 0xcf, 0xbb, 0x3b, 0x5f, 0x17, 0x10, 0x02, 0xcc, 0x13, 0x68,
+    0x81, 0x74, 0x37, 0x39, 0xe8, 0x6f, 0x40, 0xa4, 0x15, 0x4e, 0x49, 0xbf, 0xce, 0xe9, 0x16, 0xba,
+    0x6e, 0x84, 0xae, 0xda, 0xcb, 0x56, 0xb2, 0x5c, 0xa6, 0xc6, 0xfc, 0x8e, 0x61, 0x02, 0x3e, 0xe5,
+    0x53, 0xe9, 0x92, 0x1b, 0x11, 0x9d, 0xf5, 0x99, 0xfd, 0x7c, 0xd9, 0xed, 0x55, 0x6b, 0x73, 0xbc,
+    0x4a, 0xb3, 0x32, 0xe7, 0xa5, 0x51, 0xde, 0xc4, 0x37, 0x0b, 0x80, 0x26, 0x74, 0x90, 0x68, 0xc7,
+    0x79, 0x88, 0x34, 0x73, 0xd3, 0xc4, 0x8b, 0x84, 0x0b, 0xcc, 0x0e, 0xc8, 0x19, 0x7f, 0x3c, 0x91,
+    0x32, 0xb4, 0x83, 0x3b, 0xab, 0x5b, 0x56, 0xba, 0x57, 0xee, 0xb2, 0x55, 0x42, 0x35, 0x36, 0xf6,
+    0x61, 0x5d, 0x11, 0x20, 0xba, 0xc6, 0xa3, 0x23, 0xaa, 0x92, 0x6b, 0xb8, 0x17, 0x5e, 0x45, 0x4a,
+    0xfb, 0xae, 0x4f, 0x78, 0x9f, 0x3a, 0xce, 0xed, 0xa3, 0xf9, 0x03, 0x79, 0xa6, 0x3b, 0x8c, 0x08,
+    0x39, 0x14, 0x6d, 0x38, 0x28, 0x75, 0x4b, 0xab, 0x34, 0x1e, 0xd5, 0xca, 0x88, 0x87, 0x06, 0x9c,
+    0xc0, 0x67, 0xeb, 0xdd, 0xce, 0x10, 0x83, 0x71, 0x41, 0xb5, 0xae, 0x06, 0x70, 0xcb, 0x4e, 0x17,
+    0xfa, 0x21, 0xca, 0xd7, 0x42, 0xf4, 0xcd, 0x17, 0xc8, 0xd0, 0x3f, 0xc2, 0x89, 0xe1, 0xee, 0xa8,
+    0x5b, 0x1b, 0x30, 0x2a, 0x36, 0x22, 0xed, 0x45, 0x23, 0xf7, 0xfa, 0x7c, 0xee, 0x74, 0xe5, 0xf5,
+    0xa4, 0xcc, 0x2e, 0xab, 0x5b, 0xa6, 0x2f, 0xc6, 0xef, 0xaa, 0x09, 0xac, 0xf4, 0xa1, 0x22, 0x38,
+    0xba, 0xbd, 0x93, 0x9c, 0xb9, 0x45, 0x0d, 0x38, 0xf7, 0x02, 0xe4, 0xc0, 0x18, 0x19, 0xd4, 0xa5,
+    0xda, 0x6f, 0x07, 0x13, 0xde, 0x4d, 0xad, 0xe1, 0x36, 0xb9, 0xb3, 0xc3, 0x20, 0x9d, 0xf3, 0x4f,
+    0x4c, 0x17, 0xaa, 0x83, 0x2e, 0xb0, 0xd4, 0x9d, 0x8e, 0xfd, 0x08, 0x3a, 0x96, 0x09, 0xe7, 0x81,
+    0x05, 0xf6, 0xd4, 0x56, 0x2f, 0x70, 0x0f, 0x94, 0x04, 0x8d, 0xcc, 0x12, 0x93, 0x34, 0x29, 0x65,
+    0xc3, 0x35, 0xa7, 0xef, 0x6a, 0x81, 0x86, 0xbc, 0xfc, 0xce, 0xea, 0x08, 0x01, 0x66, 0xe8, 0x34,
+    0x3a, 0x46, 0x21, 0x0a, 0x8c, 0xe4, 0x4e, 0x66, 0x89, 0x65, 0x91, 0xc4, 0xf9, 0x2a, 0xa0, 0xbf,
+    0x82, 0x26, 0x7b, 0x0b, 0x4c, 0xfe, 0x45, 0x69, 0xa8, 0x35, 0x0d, 0xb1, 0xbf, 0x44, 0xb0, 0x99,
+    0x18, 0xd5, 0x25, 0x53, 0x69, 0x02, 0x28, 0xa7, 0xa1, 0x5e, 0x65, 0x70, 0x0e, 0x21, 0x79, 0xdb,
+    0xc9, 0x1a, 0xcc, 0x43, 0x34, 0x61, 0x98, 0x57, 0xf4, 0x17, 0xb1, 0x2c, 0xe4, 0x0e, 0xba, 0xfe,
+    0x68, 0x20, 0x36, 0xbe, 0x40, 0xb7, 0xb8, 0x05, 0x1f, 0x30, 0x74, 0x92, 0x83, 0x9b, 0xb1, 0xa3,
+    0xf6, 0xaa, 0x39, 0x1f, 0x97, 0xf5, 0xd9, 0xa5, 0x79, 0xff, 0xec, 0xfa, 0x8e, 0x10, 0x33, 0x24,
+    0x63, 0x80, 0xd8, 0xbd, 0xc3, 0x99, 0xa5, 0x14, 0x7c, 0xc0, 0x13, 0x0d, 0x49, 0x29, 0x81, 0xc9,
+    0x87, 0xd0, 0xaf, 0x5d, 0x63, 0x8e, 0x4a, 0xfd, 0xac, 0xb8, 0xc1, 0xa3, 0x2c, 0x70, 0x99, 0xfc,
+    0x49, 0xe1, 0x7e, 0xd5, 0x01, 0xc0, 0xdb, 0x09, 0x8a, 0x70, 0xc4, 0x28, 0x05, 0x3d, 0xce, 0xe4,
+    0x36, 0xcd, 0xd2, 0xc2, 0x59, 0xe5, 0x5a, 0xd4, 0x38, 0x4a, 0x42, 0xfc, 0xfe, 0xdb, 0x7d, 0x33,
+    0x91, 0x53, 0xb0, 0x5b, 0xa6, 0xd2, 0x70, 0xdf, 0x6a, 0x9b, 0x0f, 0x5e, 0x7b, 0xd7, 0xf9, 0x28,
+    0x97, 0xf7, 0x28, 0x3f, 0x2d, 0x33, 0x7a, 0x86, 0xd3, 0x6d, 0x87, 0x42, 0x99, 0x4e, 0x76, 0x6e,
+    0x33, 0x3b, 0x06, 0x94, 0x76, 0x95, 0x55, 0x40, 0x3c, 0xc7, 0x8e, 0xee, 0x6d, 0xef, 0x54, 0x56,
+    0x08, 0xf2, 0xa2, 0x31, 0x27, 0xbf, 0x18, 0xdc, 0xde, 0x8b, 0x23, 0x91, 0xbb, 0x1f, 0x96, 0x49,
+    0x7c, 0x7e, 0xe0, 0x25, 0xfc, 0xb4, 0x84, 0x10, 0x0f, 0x41, 0xc2, 0xda, 0x8a, 0x4b, 0x15, 0xf4,
+    0x02, 0xdd, 0xc9, 0x9d, 0x79, 0x5f, 0x06, 0x37, 0xd6, 0x52, 0x78, 0xb5, 0x5e, 0x77, 0xc4, 0x83,
+    0x77, 0xde, 0x0e, 0x26, 0x7f, 0x9a, 0x99, 0x01, 0x6c, 0xb1, 0xa5, 0x45, 0x40, 0xf9, 0x25, 0x9e,
+    0x85, 0x0d, 0x66, 0xc0, 0x1a, 0xd1, 0x4c, 0xca, 0x7a, 0xea, 0xb9, 0x16, 0x72, 0x07, 0x5d, 0x7f,
+    0x66, 0x76, 0x0c, 0xeb, 0xec, 0xe9, 0xaa, 0x80, 0x78, 0x4d, 0xdf, 0x1f, 0xda, 0x1d, 0xa8, 0xac,
+    0x41, 0x13, 0xdc, 0xe4, 0x26, 0x7f, 0xc3, 0xd5, 0x54, 0xfb, 0xe7, 0xb9, 0xbe, 0x22, 0x58, 0xad,
+    0x30, 0x69, 0x4a, 0xa6, 0xd2, 0x04, 0x50, 0x8d, 0x81, 0xbc, 0xca, 0xe0, 0x1c, 0x42, 0xf2, 0x75,
+    0xcd, 0x63, 0x9d, 0xba, 0xc6, 0xdf, 0x94, 0x39, 0x9b, 0xb3, 0x41, 0x85, 0x58, 0xe0, 0xf1, 0x3b,
+    0xd0, 0x40, 0x6c, 0xbf, 0x80, 0xad, 0xb3, 0x0a, 0x3e, 0x60, 0xe8, 0xe7, 0xc5, 0xf5, 0xa1, 0x85,
+    0xd9, 0x3d, 0x4b, 0x21, 0x7a, 0xdc, 0xa8, 0x2c, 0x8b, 0xc2, 0xf7, 0xcd, 0x51, 0x30, 0x55, 0x6c,
+    0xa9, 0xc8, 0x58, 0xcc, 0x53, 0x69, 0x38, 0x8e, 0x35, 0xac, 0xe6, 0x2f, 0xdc, 0x8a, 0x9d, 0x14,
+    0xaa, 0x9a, 0x14, 0xfe, 0xf7, 0xf8, 0x3d, 0x43, 0x88, 0xd7, 0xa2, 0x21, 0xad, 0x27, 0x3b, 0x37,
+    0xc5, 0x91, 0x3f, 0x8b, 0xe1, 0x60, 0x8c, 0xe5, 0x45, 0x38, 0x62, 0x14, 0xe3, 0xff, 0x67, 0x72,
+    0x60, 0xd2, 0x94, 0x8f, 0x67, 0x08, 0xa0, 0xd9, 0xc1, 0xbb, 0x57, 0x03, 0x38, 0x84, 0x27, 0xea,
+    0xf8, 0xfc, 0x03, 0x4a, 0x3b, 0xab, 0xcb, 0x20, 0x1e, 0x82, 0x47, 0x77, 0xd7, 0x96, 0x2a, 0x2b,
+    0x04, 0x79, 0x51, 0xf9, 0xf2, 0xbe, 0x0c, 0x6e, 0x6f, 0xa4, 0xf0, 0xa9, 0xbc, 0xee, 0x4b, 0xc5,
+    0x90, 0xdc, 0x35, 0xf4, 0x7b, 0x1c, 0x73, 0x25, 0x01, 0xb2, 0x33, 0xe5, 0x54, 0x0d, 0x9b, 0x88,
+    0xe6, 0x8d, 0xbe, 0x7d, 0xd9, 0x48, 0xe9, 0xde, 0x06, 0x2a, 0xaa, 0x1b, 0x3b, 0x2e, 0xdc, 0xb6,
+    0x96, 0x78, 0xad, 0x90, 0xf0, 0xfd, 0x79, 0x7c, 0xb8, 0x44, 0xbb, 0xf9, 0xb6, 0x94, 0x14, 0xce,
+    0xaf, 0x6c, 0xc0, 0xa8, 0xd8, 0x88, 0x32, 0xd7, 0x8c, 0x5a, 0x6e, 0x33, 0x3e, 0x13, 0x12, 0x52,
+    0xc6, 0xc3, 0x73, 0xb9, 0x45, 0xf1, 0x89, 0x28, 0xf8, 0x43, 0x26, 0x1a, 0x92, 0x52, 0xc1, 0x51,
+    0xa7, 0x9e, 0x62, 0x99, 0xff, 0x37, 0x2a, 0x0b, 0x52, 0xd1, 0x4d, 0xa2, 0x85, 0x0c, 0x84, 0x1b,
+    0xa1, 0x3a, 0xfa, 0xfd, 0x74, 0xd6, 0x20, 0x52, 0xeb, 0x27, 0xc5, 0xbe, 0x67, 0x95, 0x0b, 0x5d,
+    0xd8, 0xb2, 0xce, 0x8e, 0xa7, 0x12, 0xab, 0xd6, 0xe0, 0xeb, 0xcb, 0x76, 0x7e, 0xea, 0x37, 0xcc,
+    0x1e, 0x71, 0xbd, 0x37, 0xe2, 0xe3, 0x22, 0xfe, 0x18, 0xa8, 0xed, 0x6c, 0xec, 0xb8, 0xf6, 0x9d,
+    0x4d, 0x98, 0x2f, 0x2c, 0xf3, 0x7e, 0xd7, 0x67, 0xe5, 0xd4, 0x34, 0x81, 0xb9, 0xd3, 0x85, 0x21,
+    0x64, 0xab, 0xc5, 0x76, 0x95, 0xb6, 0xac, 0xb7, 0xae, 0x1f, 0xa7, 0xaa, 0x84, 0x6a, 0x6c, 0x2f,
+    0x9a, 0xf3, 0x5e, 0x58, 0x25, 0xfc, 0x6d, 0xce, 0x09, 0x6b, 0x68, 0xc1, 0xb1, 0x65, 0xc9, 0x42,
+    0xe3, 0x7b, 0x6a, 0x2b, 0xf6, 0x38, 0xe6, 0x4a, 0x02, 0xa7, 0x66, 0x09, 0xa8, 0x1a, 0xf5, 0xd3,
+    0xf9, 0x73, 0x86, 0xe5, 0xe6, 0x65, 0xc8, 0xda, 0x75, 0xab, 0x7b, 0xcc, 0xf8, 0x4c, 0x48, 0x8b,
+    0xf7, 0x25, 0xbc, 0xb0, 0x4a, 0x3b, 0xda, 0x5f, 0x12, 0xd6, 0xd0, 0x41, 0xa1, 0xca, 0x51, 0x84,
+    0x19, 0x5a, 0xa0, 0xfc, 0xb4, 0xcc, 0x2b, 0x5d, 0xca, 0x77, 0x59, 0xcb, 0x21, 0xfb, 0x1b, 0x7b,
+    0x83, 0xa9, 0xfe, 0xa4, 0x91, 0x30, 0x46, 0x93, 0xc3, 0x1c, 0x31, 0x0a, 0x90, 0x9e, 0xd2, 0x39,
+    0x4b, 0x3c, 0xb7, 0x48, 0x78, 0x9f, 0xdd, 0x3e, 0x5c, 0x22, 0xbc, 0x9d, 0x5b, 0x4a, 0x0a, 0x67,
+    0x4f, 0x45, 0xe6, 0xb1, 0x8a, 0x21, 0xd1, 0x50, 0x33, 0x86, 0x4c, 0x34, 0xe7, 0xa4, 0x41, 0xa2,
+    0x7b, 0x55, 0xfd, 0xee, 0xaa, 0x9b, 0x8d, 0xb3, 0xdd, 0x9e, 0x76, 0x7d, 0x47, 0x08, 0xf8, 0x12,
+    0xef, 0xf0, 0x99, 0xe3, 0x23, 0x39, 0xf2, 0xf8, 0xb3, 0x88, 0xb5, 0x31, 0xaf, 0xeb, 0x28, 0x5f,
+    0x9d, 0xd8, 0x43, 0x93, 0x73, 0xd3, 0x64, 0x6d, 0xdb, 0xb4, 0xdc, 0x66, 0x7c, 0x26, 0x24, 0xa4,
+    0x74, 0x8c, 0x42, 0x14, 0xdb, 0x0b, 0x9c, 0xcc, 0xd1, 0xca, 0xe1, 0x4b, 0x31, 0x54, 0x83, 0xbd,
+    0xc7, 0x4c, 0xf6, 0x16, 0x98, 0x3f, 0x8a, 0xd2, 0x93, 0x6a, 0x1a, 0xa1, 0xbd, 0x88, 0xa3, 0xf1,
+    0xca, 0x48, 0x80, 0x71, 0x90, 0xf0, 0x9d, 0x9a, 0x49, 0x6c, 0xf5, 0x22, 0x95, 0xa3, 0x1c, 0xdd,
+    0x6c, 0x59, 0x67, 0x47, 0xb2, 0x09, 0xb4, 0x6b, 0x70, 0x94, 0x84, 0x3b, 0x3f, 0x75, 0xfa, 0x66,
+    0xf3, 0x5c, 0xed, 0x49, 0xb8, 0x85, 0xd6, 0x31, 0x7d, 0x72, 0x20, 0xe8, 0x1d, 0x24, 0x1a, 0x41,
+    0x31, 0xe6, 0xcf, 0x09, 0x0f, 0xca, 0x53, 0x77, 0xea, 0x95, 0xf6, 0x5b, 0x33, 0x98, 0x90, 0xd5,
+    0x3e, 0x3f, 0x70, 0xf3, 0x7e, 0x5a, 0x42, 0x08, 0xe6, 0xc1, 0x61, 0x6d, 0x45, 0xc4, 0xeb, 0x7a,
+    0x01, 0x8f, 0x85, 0xaf, 0xdd, 0xce, 0x03, 0xfa, 0x6b, 0x29, 0x3c, 0xbb, 0x2f, 0xda, 0x62, 0xa0,
+    0xdb, 0xe0, 0x82, 0xbc, 0x03, 0x83, 0xae, 0x1b, 0x5d, 0x90, 0x8f, 0x78, 0x0f, 0x47, 0x91, 0xef,
+    0xc4, 0x1e, 0xba, 0x24, 0x3c, 0xae, 0x8f, 0x1f, 0x2e, 0x11, 0x5e, 0xaf, 0xcc, 0x25, 0x05, 0xd2,
+    0xe1, 0xa6, 0xa3, 0xb6, 0x8f, 0x67, 0xe0, 0x7d, 0xd4, 0xf5, 0x1e, 0xbc, 0xf6, 0x6d, 0x31, 0x50,
+    0xed, 0x2d, 0x50, 0x7e, 0x5a, 0x66, 0xf4, 0xcf, 0x65, 0xda, 0xcd, 0x84, 0xf1, 0x9c, 0xec, 0xdc,
+    0xe0, 0x29, 0x26, 0x19, 0x52, 0xa9, 0xe3, 0x87, 0xbf, 0xdc, 0x22, 0x07, 0xd9, 0xb7, 0x53, 0xf0,
+    0x14, 0x5e, 0xd6, 0x9b, 0xbc, 0x03, 0x3c, 0x15, 0x10, 0x71, 0xb6, 0x48, 0x09, 0xd0, 0xa4, 0x57,
+    0xdf, 0x99, 0xd3, 0x45, 0xf1, 0x3d, 0xa2, 0x75, 0x32, 0x34, 0x7f, 0xd1, 0xb3, 0xa9, 0xda, 0x2a,
+    0x50, 0xbb, 0xde, 0x29, 0xb5, 0x0c, 0xf0, 0x54, 0x40, 0x07, 0x9d, 0xe3, 0x24, 0xc6, 0xd5, 0x9f,
+    0xbe, 0xc4, 0xc2, 0x65, 0x4b, 0xfb, 0x01, 0x56, 0x98, 0xa6, 0x14, 0x69, 0xa4, 0xf7, 0x9f, 0x60,
+    0xab, 0x15, 0x91, 0x51, 0x2a, 0x36, 0x3e, 0xb9, 0xe3, 0xfe, 0x9e, 0x9a, 0x82, 0xfd, 0x59, 0x97,
+    0xae, 0xe3, 0x45, 0x07, 0x05, 0x46, 0x31, 0x2d, 0xe7, 0x73, 0x52, 0x88, 0x11, 0xc9, 0x70, 0xf2,
+    0x51, 0x34, 0x5b, 0x86, 0x68, 0xc2, 0xf3, 0xae, 0x2b, 0x2e, 0xa1, 0x58, 0x0b, 0x1c, 0xb7, 0x3f,
+    0x12, 0xfa, 0x4e, 0xff, 0x37, 0xe2, 0x36, 0x4c, 0xa9, 0x87, 0x3e, 0x54, 0xeb, 0x49, 0x2b, 0x11,
+    0x8f, 0x22, 0x0d, 0x6c, 0x44, 0x31, 0x52, 0x21, 0x72, 0x33, 0xe2, 0x32, 0x97, 0x6f, 0x0f, 0xb5,
+    0x1d, 0x23, 0xf1, 0x05, 0x46, 0x72, 0x27, 0x33, 0xa5, 0xd3, 0xa9, 0x62, 0x9d, 0x15, 0x50, 0xbe,
+    0xf4, 0x77, 0xf0, 0x82, 0xee, 0xaa, 0xdf, 0x92, 0xaf, 0xad, 0x94, 0x4f, 0xd0, 0x67, 0xf7, 0xa7,
+    0xd3, 0x12, 0x20, 0x8d, 0x24, 0x3c, 0xb6, 0xc7, 0x83, 0x1b, 0xac, 0xe9, 0xb4, 0x58, 0x07, 0xa6,
+    0xff, 0xd7, 0x1e, 0x81, 0x6d, 0x84, 0xc2, 0x83, 0xcc, 0x5d, 0xf3, 0xd0, 0x1a, 0xd5, 0xc7, 0xcd,
+    0x47, 0xb7, 0x44, 0x80, 0xad, 0x9e, 0xc9, 0x8c, 0xed, 0x0d, 0x6f, 0xa5, 0x5c, 0xbb, 0xd7, 0xeb,
+    0x15, 0xd1, 0x53, 0x34, 0x61, 0xcd, 0x3f, 0xef, 0x7b, 0x58, 0x8a, 0xf3, 0x26, 0x0a, 0xc6, 0xf7,
+    0x8b, 0x5b, 0x5c, 0x95, 0xb6, 0x8f, 0x5e, 0x4f, 0x1d, 0x97, 0x12, 0x9b, 0x2b, 0x81, 0x44, 0x70,
+    0xa0, 0xb5, 0x7f, 0x52, 0xa9, 0x18, 0x23, 0xa8, 0x80, 0x0e, 0xf9, 0x05, 0x48, 0x4f, 0x69, 0xfd,
+    0xf5, 0xf8, 0x75, 0x2d, 0x33, 0x64, 0xdc, 0x68, 0xc4, 0x84, 0xa8, 0xf4, 0xff, 0xbd, 0x95, 0x07,
+    0x28, 0xbc, 0x6f, 0xf5, 0xbb, 0x06, 0x78, 0x2a, 0x20, 0xe2, 0xaf, 0x90, 0x12, 0x63, 0x8b, 0xae,
+    0x57, 0x90, 0xc3, 0xe2, 0xe3, 0x23, 0xf9, 0xf7, 0x92, 0xd8, 0x29, 0x44, 0xe9, 0x85, 0x38, 0x79,
+    0xb2, 0x4f, 0x31, 0xad, 0x9e, 0xfa, 0x15, 0xe4, 0x29, 0x89, 0xc7, 0x51, 0xa3, 0x06, 0x42, 0xec,
+    0x24, 0x37, 0x9c, 0x3d, 0x6e, 0x07, 0x6c, 0x98, 0x91, 0xcd, 0x7c, 0xa8, 0x15, 0x92, 0x56, 0x22,
+    0xcf, 0xbe, 0x54, 0x27, 0xbf, 0x80, 0x92, 0x0e, 0x4d, 0xe1, 0x39, 0x30, 0x06, 0x97, 0x35, 0xb8,
+    0x89, 0x86, 0x95, 0x08, 0xcf, 0xd0, 0x58, 0x78, 0xcb, 0xc5, 0x6a, 0x2e, 0x75, 0xf6, 0x80, 0xf3,
+    0xdd, 0x44, 0x1a, 0xd8, 0x88, 0x62, 0xa4, 0x42, 0xe4, 0x66, 0x07, 0x64, 0xed, 0xde, 0x1e, 0xa9,
+    0x55, 0x4d, 0x0a, 0x7f, 0x9a, 0x7c, 0xff, 0xc0, 0x44, 0x8a, 0x51, 0xf1, 0xb7, 0xf2, 0xfc, 0xfa,
+    0x2b, 0xee, 0x23, 0xc7, 0x1f, 0x97, 0x7d, 0xe7, 0x9d, 0x99, 0xeb, 0x9e, 0x63, 0xce, 0x2d, 0x8d,
+    0x9b, 0x7c, 0xdb, 0xf7, 0xf8, 0x32, 0x6e, 0x34, 0x62, 0x42, 0x54, 0x7a, 0x9e, 0xbf, 0xab, 0xe2,
+    0xeb, 0x89, 0xc8, 0x1a, 0xd1, 0x87, 0xfe, 0x96, 0xdc, 0x2c, 0x45, 0x98, 0x13, 0x05, 0x63, 0x9a,
+    0xce, 0x31, 0xd1, 0x88, 0x62, 0x4e, 0x91, 0xf4, 0x26, 0xc8, 0x05, 0x8b, 0x29, 0x4d, 0x57, 0x18,
+    0xe5, 0xdf, 0xf2, 0x4f, 0x7d, 0xd9, 0xec, 0x13, 0xbb, 0x51, 0xee, 0x15, 0x4a, 0x83, 0x7a, 0x95,
+    0xb1, 0x1d, 0x7d, 0x9f, 0x3a, 0x6b, 0x10, 0x29, 0x94, 0xf2, 0x83, 0x5f, 0xd2, 0xab, 0xe4, 0xcf,
+    0x22, 0x93, 0x04, 0x59, 0xe5, 0xe6, 0x66, 0xc1, 0x28, 0x3b, 0xf4, 0xb4, 0xf7, 0x0b, 0xd9, 0x64,
+    0xbd, 0x96, 0x8e, 0x57, 0xef, 0x6a, 0x04, 0x9b, 0x25, 0xdd, 0x50, 0x67, 0xd5, 0x5a, 0x39, 0x43,
+    0xe9, 0x54, 0x01, 0x87, 0xa8, 0xd8, 0xf8, 0xa1, 0x0a, 0x7e, 0x3d, 0x2d, 0x4d, 0x72, 0xa7, 0x19,
+    0x23, 0x1c, 0x81, 0xf6, 0x38, 0x28, 0x65, 0x3b, 0x43, 0x12, 0xc8, 0x0f, 0xd8, 0xd1, 0xbb, 0xc4,
+    0x75, 0x03, 0xc7, 0xbb, 0x06, 0xc5, 0x9f, 0x36, 0xba, 0xe3, 0xdd, 0xf0, 0x1e, 0x8e, 0xe1, 0x1d,
+    0x9f, 0x05, 0x8a, 0x0e, 0x0a, 0x8c, 0x62, 0x5a, 0x0d, 0xe6, 0xa4, 0xd3, 0x22, 0x51, 0xe0, 0x27,
+    0xa2, 0x68, 0xb6, 0xcf, 0xd0, 0x47, 0x25, 0x9f, 0x56, 0x5c, 0x81, 0xb0, 0x16, 0x38, 0xad, 0x7e,
+    0x0f, 0xd9, 0xbf, 0xfa, 0x71, 0x90, 0x11, 0x7f, 0x0c, 0x54, 0x97, 0x36, 0x76, 0x5c, 0x7b, 0xaf,
+    0x54, 0xc2, 0x8f, 0xd0, 0x47, 0xb2, 0xfc, 0x3a, 0x2f, 0xa3, 0x6d, 0x4a, 0x98, 0x28, 0x9e, 0x5a,
+    0x86, 0x5f, 0x2a, 0xf2, 0xbe, 0x40, 0x49, 0x07, 0xc7, 0x91, 0xfd, 0x18, 0x03, 0xaa, 0xfb, 0x5c,
+    0x93, 0x8e, 0x79, 0xc6, 0xdf, 0x8d, 0x76, 0xe8, 0xbc, 0xc9, 0x77, 0xeb, 0x25, 0xa0, 0x3d, 0xab,
+    0x5a, 0x94, 0xb5, 0x85, 0xeb, 0xec, 0xee, 0xbf, 0x48, 0xde, 0xc6, 0xc7, 0xc1, 0xae, 0x87, 0x55,
+    0x3d, 0x6d, 0x3c, 0xc1, 0xda, 0xcb, 0x47, 0xc5, 0x5b, 0xba, 0x25, 0x63, 0x34, 0x69, 0x4d, 0x59,
+    0x94, 0xa5, 0x64, 0x0d, 0x89, 0xa2, 0x7f, 0x4b, 0x6e, 0x16, 0xc3, 0x4c, 0xe8, 0xe3, 0xd0, 0x4d,
+    0x56, 0x1f, 0x46, 0x4d, 0x3e, 0xed, 0xfa, 0x0d, 0xf9, 0xf1, 0x15, 0xff, 0xc6, 0x5f, 0x5a, 0xd9,
+    0xbf, 0x4b, 0x47, 0xca, 0x96, 0x35, 0x02, 0xac, 0xf3, 0x8f, 0x28, 0xd2, 0x8b, 0x2d, 0xfd, 0xc0,
+    0x95, 0x2a, 0xe1, 0xa2, 0x54, 0x6c, 0x7c, 0xb1, 0x05, 0x3f, 0xff, 0xf7, 0xc7, 0x39, 0xb2, 0xed,
+    0xb9, 0xef, 0xdf, 0xae, 0x1d, 0xd4, 0x08, 0xf5, 0x4a, 0x79, 0xa0, 0xce, 0x69, 0xb4, 0x72, 0x86,
+    0x11, 0xa8, 0x02, 0xcd, 0x93, 0x73, 0x33, 0x81, 0x14, 0xfc, 0x7a, 0x5a, 0x9a, 0xe4, 0x8d, 0x32,
+    0x0b, 0xa0, 0xee, 0x03, 0x83, 0x2e, 0x1d, 0x11, 0x63, 0xf0, 0x67, 0x9f, 0xca, 0xb2, 0x30, 0x6a,
+    0x71, 0x7a, 0x96, 0x42, 0xf4, 0x7b, 0x93, 0x58, 0xd5, 0x47, 0x2d, 0x59, 0xa2, 0x60, 0xaa, 0xd8,
+    0xb0, 0x92, 0xf8, 0x30, 0xe7, 0xa5, 0x13, 0xd3, 0xff, 0xdb, 0xbf, 0xe4, 0xfd, 0x71, 0x86, 0x6f,
+    0x1c, 0xac, 0x74, 0xaa, 0x9b, 0xbc, 0x24, 0xc9, 0xce, 0xfa, 0x95, 0xd9, 0xb2, 0xcf, 0x32, 0x1e,
+    0xdc, 0xcb, 0x9f, 0x77, 0x55, 0xac, 0xa7, 0xb8, 0x8f, 0x4f, 0x3b, 0xdf, 0xc2, 0x04, 0x7c, 0x09,
+    0xa8, 0x47, 0xdd, 0x63, 0x8e, 0xa7, 0x3b, 0x74, 0x5e, 0x85, 0xda, 0x94, 0xf3, 0x50, 0xff, 0xb4,
+    0xc1, 0xe8, 0x6e, 0x72, 0x13, 0xde, 0x80, 0x8b, 0x2a, 0x9c, 0x92, 0xbd, 0x5f, 0x11, 0x2c, 0xb7,
+    0x2a, 0x61, 0xa6, 0x68, 0xc2, 0x59, 0x7e, 0x1d, 0xf6, 0xb0, 0xd7, 0x25, 0x4c, 0x14, 0x4f, 0x2d,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0xac, 0x3e, 0x8c, 0x9a, 0x7c, 0x19, 0x37, 0x1a, 0x31, 0x21, 0x2a, 0x3d, 0x4f, 0xbe, 0xb4, 0x71,
+    0x48, 0x6e, 0xfb, 0x7a, 0xdc, 0x0e, 0xd8, 0xf3, 0xe1, 0x59, 0xf8, 0x93, 0x2a, 0xe7, 0xac, 0x44,
+    0x7a, 0xda, 0x78, 0x41, 0x77, 0x55, 0x8e, 0x49, 0xb6, 0xb7, 0x4a, 0xc6, 0x68, 0xd2, 0x9a, 0xb2,
+  },
+  { /* 2 */
+    0x47, 0x35, 0xef, 0xb5, 0xef, 0xef, 0x30, 0xe6, 0xaf, 0xa0, 0x89, 0x86, 0x13, 0x85, 0x5f, 0xe6,
+    0xe9, 0x63, 0xba, 0xe4, 0xba, 0xba, 0x98, 0x67, 0x18, 0xd6, 0x5a, 0x94, 0x21, 0x7c, 0xa5, 0x67,
+    0x8f, 0xb2, 0x8e, 0xde, 0x8e, 0x8e, 0xf7, 0x86, 0xb8, 0x77, 0x64, 0xab, 0x6e, 0x29, 0x15, 0x86,
+    0x4e, 0xe2, 0x6e, 0xfc, 0x6e, 0x6e, 0x95, 0xad, 0x61, 0xf8, 0xdd, 0x44, 0x5e, 0x69, 0xe5, 0xad,
+    0x03, 0xab, 0x76, 0x99, 0x76, 0x76, 0x7a, 0x58, 0x6f, 0xdf, 0x1c, 0xac, 0xd8, 0xe3, 0x3e, 0x58,
+    0xcf, 0xca, 0x1e, 0xed, 0x1e, 0x1e, 0xa4, 0x59, 0xec, 0x5e, 0x60, 0xd2, 0x46, 0x49, 0x9d, 0x59,
+    0x0c, 0xe9, 0x1b, 0x21, 0x1b, 0x1b, 0x2b, 0xa3, 0x7f, 0xfa, 0x70, 0xf5, 0xe6, 0x0a, 0xf8, 0xa3,
+    0xba, 0xae, 0x78, 0x32, 0x78, 0x78, 0xd5, 0xa7, 0x36, 0xbb, 0x43, 0xce, 0xdb, 0xe7, 0x31, 0xa7,
+    0x12, 0x6d, 0xc1, 0x92, 0xc1, 0xc1, 0x89, 0x96, 0x5f, 0xb0, 0xa8, 0x47, 0x9a, 0x1b, 0xb7, 0x96,
+    0xf0, 0xaa, 0x1f, 0xd1, 0x1f, 0x1f, 0x59, 0x6b, 0xc3, 0x15, 0x0f, 0xd9, 0x66, 0x88, 0x3d, 0x6b,
+    0x2b, 0x98, 0x2c, 0x5f, 0x2c, 0x2c, 0x80, 0x14, 0xae, 0x86, 0xff, 0xd7, 0xc9, 0xdf, 0x6b, 0x14,
+    0x2c, 0xd5, 0x53, 0xd9, 0x53, 0x53, 0xe3, 0x2d, 0x55, 0x0f, 0x72, 0x28, 0xf2, 0x3a, 0xbc, 0x2d,
+    0x32, 0x51, 0x89, 0x6a, 0x89, 0x89, 0x41, 0x18, 0x75, 0x45, 0xaa, 0x9a, 0x8e, 0x2b, 0xf3, 0x18,
+    0x1b, 0xba, 0x40, 0xdb, 0x40, 0x40, 0x2c, 0xdd, 0x91, 0xe8, 0xfc, 0x85, 0xd7, 0xf7, 0x0d, 0xdd,
+    0xd2, 0xe5, 0xb2, 0xc7, 0xb2, 0xb2, 0x7c, 0x34, 0xa3, 0xcb, 0xa4, 0xcc, 0xe2, 0xbb, 0xec, 0x34,
+    0x08, 0x0f, 0x12, 0x3e, 0x12, 0x12, 0x32, 0xc2, 0xeb, 0xac, 0xe1, 0xa6, 0x05, 0x0c, 0x11, 0xc2,
+    0xdd, 0xa7, 0xdf, 0x7f, 0xdf, 0xdf, 0x2d, 0xcf, 0xb3, 0xee, 0xc8, 0x95, 0xdc, 0x52, 0x2a, 0xcf,
+    0x60, 0x44, 0xd8, 0xcb, 0xd8, 0xd8, 0x9b, 0x51, 0x7e, 0xdc, 0x06, 0xa4, 0x3c, 0x50, 0xcc, 0x51,
+    0x72, 0x29, 0x19, 0x59, 0x19, 0x19, 0x12, 0xc7, 0x21, 0x6c, 0xae, 0xe3, 0xa6, 0x4b, 0x7b, 0xc7,
+    0x11, 0xc6, 0xb7, 0x0b, 0xb7, 0xb7, 0xf3, 0xce, 0x30, 0x6f, 0xb4, 0xeb, 0x42, 0xf8, 0x89, 0xce,
+    0x06, 0x95, 0xec, 0xf1, 0xec, 0xec, 0xf4, 0xb0, 0xde, 0x7d, 0x38, 0x9b, 0x73, 0x05, 0x7c, 0xb0,
+    0x5d, 0x57, 0x3c, 0x19, 0x3c, 0x3c, 0x8b, 0xb2, 0x1b, 0xbc, 0xc0, 0x67, 0x8c, 0x92, 0xf9, 0xb2,
+    0xe0, 0xb4, 0x3b, 0xad, 0x3b, 0x3b, 0x3d, 0x2c, 0xd6, 0x8e, 0x0e, 0x56, 0x6c, 0x90, 0x1f, 0x2c,
+    0x86, 0x65, 0x0f, 0x97, 0x0f, 0x0f, 0x52, 0xcd, 0x76, 0x2f, 0x30, 0x69, 0x23, 0xc5, 0xaf, 0xcd,
+    0xaa, 0xb0, 0x5c, 0x4e, 0x5c, 0x5c, 0xb1, 0xe0, 0x23, 0x20, 0x42, 0x41, 0xd1, 0xff, 0x13, 0xe0,
+    0x58, 0x69, 0xa6, 0x71, 0xa6, 0xa6, 0x05, 0x5a, 0xaa, 0x1e, 0xe4, 0x50, 0x27, 0x74, 0xbb, 0x5a,
+    0x24, 0xda, 0x41, 0xe7, 0x41, 0x41, 0xd1, 0xef, 0xbe, 0xa3, 0x93, 0x8e, 0xf7, 0x36, 0xad, 0xef,
+    0xdf, 0xd4, 0x3a, 0x91, 0x3a, 0x3a, 0xc0, 0x1e, 0xf9, 0xc5, 0x61, 0x5d, 0x4c, 0x51, 0xbf, 0x1e,
+    0x69, 0x93, 0x59, 0x82, 0x59, 0x59, 0x3e, 0x1a, 0xb0, 0x84, 0x52, 0x66, 0x71, 0xbc, 0x76, 0x1a,
+    0x7a, 0x26, 0x0b, 0x67, 0x0b, 0x0b, 0x20, 0x05, 0xca, 0xc0, 0x4f, 0x45, 0xa3, 0x47, 0x6a, 0x05,
+    0x67, 0x09, 0xa7, 0x4d, 0xa7, 0xa7, 0xf8, 0x68, 0x85, 0x55, 0x8b, 0x5b, 0x07, 0xb5, 0x1b, 0x68,
+    0xec, 0x5d, 0x20, 0x8c, 0x20, 0x20, 0x16, 0x8f, 0xa9, 0x74, 0x7e, 0xa3, 0x8a, 0x9a, 0xe7, 0x8f,
+    0x30, 0x22, 0x6c, 0x84, 0x6c, 0x6c, 0xac, 0xc9, 0x3f, 0x6e, 0x03, 0x52, 0x1e, 0x28, 0x66, 0xc9,
+    0x6a, 0x38, 0x2f, 0x1b, 0x2f, 0x2f, 0x44, 0x42, 0xdf, 0x5b, 0x4e, 0xca, 0xa9, 0x5f, 0x48, 0x42,
+    0x0e, 0x9a, 0xfe, 0xcf, 0xfe, 0xfe, 0xc6, 0x72, 0x35, 0xd1, 0xd9, 0x3d, 0x76, 0x09, 0x6d, 0x72,
+    0x43, 0xd3, 0xe6, 0xaa, 0xe6, 0xe6, 0x29, 0x87, 0x3b, 0xf6, 0x18, 0xd5, 0xf0, 0x83, 0xb6, 0x87,
+    0x2d, 0x0d, 0xc0, 0xae, 0xc0, 0xc0, 0x74, 0xa4, 0x70, 0xfb, 0xc7, 0x4c, 0xba, 0xda, 0x17, 0xa4,
+    0xb3, 0x79, 0xf9, 0x7b, 0xf9, 0xf9, 0x70, 0xec, 0xf8, 0xe3, 0x17, 0x0c, 0x96, 0x0b, 0x8b, 0xec,
+    0xe4, 0x52, 0x32, 0xb2, 0x32, 0x32, 0x24, 0x4d, 0x42, 0xd8, 0x9f, 0x05, 0x8f, 0x96, 0xf6, 0x4d,
+    0x22, 0x4f, 0xad, 0x16, 0xad, 0xad, 0x25, 0x5f, 0x60, 0xde, 0xab, 0x15, 0x84, 0x33, 0xd1, 0x5f,
+    0xab, 0x68, 0xcf, 0x39, 0xcf, 0xcf, 0x26, 0x69, 0x06, 0xd4, 0xf7, 0x25, 0x99, 0x1f, 0xb8, 0x69,
+    0x3d, 0x13, 0xe4, 0xd2, 0xe4, 0xe4, 0x10, 0xe3, 0x65, 0x60, 0xc6, 0xc3, 0xb0, 0xc2, 0x35, 0xe3,
+    0x34, 0xc4, 0x65, 0x9b, 0x65, 0x65, 0xb5, 0xa8, 0xab, 0x38, 0x92, 0x01, 0xfd, 0x2e, 0x8f, 0xa8,
+    0x90, 0xee, 0xc7, 0x1a, 0xc7, 0xc7, 0xc2, 0x3a, 0xbd, 0xc9, 0x09, 0x7d, 0x5a, 0xd8, 0xf1, 0x3a,
+    0x97, 0xa3, 0xb8, 0x9c, 0xb8, 0xb8, 0xa1, 0x03, 0x46, 0x40, 0x84, 0x82, 0x61, 0x3d, 0x26, 0x03,
+    0xb0, 0xd2, 0x8f, 0xe2, 0x8f, 0x8f, 0x0a, 0xb4, 0x97, 0x3c, 0x0b, 0xa0, 0x4e, 0xe8, 0xb5, 0xb4,
+    0xe5, 0x8a, 0xa1, 0xc5, 0xa1, 0xa1, 0xb3, 0xc4, 0x67, 0x2c, 0x2a, 0x61, 0xc7, 0x76, 0x5d, 0xc4,
+    0x42, 0x0b, 0x75, 0xdd, 0x75, 0x75, 0xbe, 0x0e, 0x1e, 0x02, 0xad, 0xb1, 0xb8, 0x63, 0x1d, 0x0e,
+    0x79, 0x8d, 0x7d, 0xfe, 0x7d, 0x7d, 0x5a, 0x5d, 0xa5, 0x1f, 0x53, 0xe9, 0x7b, 0xa4, 0x54, 0x5d,
+    0xc0, 0x88, 0x73, 0x55, 0x73, 0x73, 0xf5, 0xa2, 0xfc, 0x7b, 0x0c, 0x8b, 0x78, 0xa0, 0x5b, 0xa2,
+    0x18, 0x11, 0x36, 0x42, 0x36, 0x36, 0x56, 0x85, 0xfe, 0x37, 0xe0, 0x29, 0x0f, 0x14, 0x33, 0x85,
+    0x4b, 0xdc, 0xf4, 0x94, 0xf4, 0xf4, 0x1b, 0x45, 0xd0, 0x5a, 0xf9, 0x73, 0xf5, 0x8f, 0xa7, 0x45,
+    0xf7, 0xe7, 0x60, 0x57, 0x60, 0x60, 0x3a, 0x52, 0x38, 0x9c, 0x82, 0x26, 0x5d, 0x6d, 0xea, 0x52,
+    0xb8, 0xdd, 0x9d, 0xdc, 0x9d, 0x9d, 0x38, 0x76, 0x7c, 0x90, 0xea, 0x06, 0x4b, 0xe4, 0xa4, 0x76,
+    0xa6, 0x59, 0x47, 0x6f, 0x47, 0x47, 0x9a, 0x43, 0x5c, 0xda, 0x32, 0xb4, 0x37, 0xf5, 0xeb, 0x43,
+    0x59, 0xb1, 0x35, 0x06, 0x35, 0x35, 0x92, 0xd3, 0x8f, 0xea, 0x51, 0x34, 0x6f, 0x94, 0x10, 0xd3,
+    0x64, 0xa2, 0xd1, 0xd4, 0xd1, 0xd1, 0x82, 0x30, 0xea, 0x8a, 0x97, 0xf7, 0xdf, 0x56, 0x25, 0x30,
+    0x36, 0xb7, 0x80, 0x75, 0x80, 0x80, 0x58, 0x79, 0xe1, 0x13, 0x3b, 0xc9, 0x6d, 0x2d, 0x1a, 0x79,
+    0xb4, 0x34, 0x86, 0xfd, 0x86, 0x86, 0x13, 0xd5, 0x03, 0x6a, 0x9a, 0xf3, 0xad, 0xee, 0x5c, 0xd5,
+    0x81, 0x28, 0x70, 0x11, 0x70, 0x70, 0x31, 0xf4, 0x8d, 0xa6, 0xbd, 0x96, 0x18, 0x20, 0x78, 0xf4,
+    0x09, 0xd7, 0x81, 0x49, 0x81, 0x81, 0xa5, 0x4b, 0xce, 0x58, 0x54, 0xc2, 0x4d, 0xec, 0xba, 0x4b,
+    0x78, 0x55, 0xee, 0x89, 0xee, 0xee, 0xcd, 0xd4, 0x80, 0xeb, 0xe6, 0x8d, 0x33, 0x44, 0xff, 0xd4,
+    0xed, 0x85, 0xb3, 0xfb, 0xb3, 0xb3, 0x81, 0x06, 0x8c, 0x80, 0xcb, 0xc7, 0xc2, 0x7a, 0x4c, 0x06,
+    0x5f, 0x24, 0xd9, 0xf7, 0xd9, 0xd9, 0x66, 0x63, 0x51, 0x97, 0x69, 0xaf, 0x1c, 0x91, 0x6c, 0x63,
+    0xda, 0xea, 0xa0, 0xf9, 0xa0, 0xa0, 0x4e, 0xf6, 0x48, 0x67, 0x45, 0x6a, 0xe7, 0xb7, 0xfd, 0xf6,
+    0xc4, 0x6e, 0x7a, 0x4a, 0x7a, 0x7a, 0xec, 0xc3, 0x68, 0x2d, 0x9d, 0xd8, 0x9b, 0xa6, 0xb2, 0xc3,
+    0x29, 0xeb, 0xc9, 0xb1, 0xc9, 0xc9, 0x6d, 0xc5, 0xe4, 0xad, 0x56, 0x1f, 0x59, 0xdc, 0xfe, 0xc5,
+    0xad, 0xfd, 0x23, 0xc8, 0x23, 0x23, 0xd2, 0xd9, 0xd8, 0xa9, 0xcf, 0xbe, 0xea, 0x1a, 0xc4, 0xd9,
+    0x07, 0x4d, 0x7f, 0x86, 0x7f, 0x7f, 0x63, 0x39, 0xfb, 0x89, 0x8d, 0xff, 0x3b, 0xe5, 0xd7, 0x39,
+    0x82, 0x83, 0x06, 0x88, 0x06, 0x06, 0x4b, 0xac, 0xe2, 0x79, 0xa1, 0x3a, 0xc0, 0xc3, 0x46, 0xac,
+    0xe2, 0xc7, 0xde, 0x43, 0xde, 0xde, 0xd0, 0xfd, 0x9c, 0xa5, 0xa7, 0x9e, 0xfc, 0x93, 0x8a, 0xfd,
+    0x31, 0xfa, 0xff, 0xf3, 0xff, 0xff, 0x3b, 0x40, 0x1a, 0x9a, 0xb6, 0x36, 0x56, 0xc8, 0xcd, 0x40,
+    0x17, 0x53, 0x5b, 0xfa, 0x5b, 0x5b, 0x07, 0x7e, 0xee, 0x12, 0x8c, 0x70, 0x31, 0xfd, 0xf5, 0x7e,
+    0x9f, 0xac, 0xaa, 0xa2, 0xaa, 0xaa, 0x93, 0xc1, 0xad, 0xec, 0x65, 0x24, 0x64, 0x31, 0x37, 0xc1,
+    0x0b, 0xa4, 0x64, 0xa7, 0x64, 0x64, 0x48, 0x9a, 0x84, 0x73, 0xfd, 0x0a, 0xdd, 0xef, 0x2f, 0x9a,
+    0x16, 0x8b, 0xc8, 0x8d, 0xc8, 0xc8, 0x90, 0xf7, 0xcb, 0xe6, 0x39, 0x14, 0x79, 0x1d, 0x5e, 0xf7,
+    0x7f, 0x18, 0x91, 0x0f, 0x91, 0x91, 0xae, 0xed, 0x7b, 0x62, 0x6b, 0x72, 0x08, 0xa1, 0x28, 0xed,
+    0x23, 0x97, 0x3e, 0x61, 0x3e, 0x3e, 0xb2, 0xd6, 0x45, 0x2a, 0x1e, 0x71, 0xcc, 0xd3, 0x7a, 0xd6,
+    0x6b, 0xe0, 0xbc, 0x6c, 0xbc, 0xbc, 0xd3, 0xcb, 0xfa, 0xaf, 0xfb, 0xae, 0xe1, 0xbf, 0xe3, 0xcb,
+    0xa9, 0x1b, 0x2a, 0xd7, 0x2a, 0x2a, 0xcb, 0xb8, 0x4c, 0xff, 0x5e, 0xed, 0x09, 0x1c, 0x2d, 0xb8,
+    0x8b, 0x54, 0x87, 0xc1, 0x87, 0x87, 0xee, 0xe7, 0x2c, 0x21, 0xf5, 0xf8, 0x8d, 0x2f, 0xfc, 0xe7,
+    0xb7, 0x9f, 0xf0, 0x64, 0xf0, 0xf0, 0x69, 0x8d, 0x6c, 0xb5, 0x86, 0x5f, 0x75, 0x0d, 0x62, 0x8d,
+    0x13, 0xb5, 0x52, 0xe5, 0x52, 0x52, 0x1e, 0x1f, 0x7a, 0x44, 0x1d, 0x23, 0xd2, 0xfb, 0x1c, 0x1f,
+    0x1c, 0xf7, 0x3f, 0x5d, 0x3f, 0x3f, 0x4f, 0xe4, 0x6a, 0x61, 0x71, 0x7a, 0xec, 0x12, 0xda, 0xe4,
+    0xfb, 0x0e, 0x7b, 0x76, 0x7b, 0x7b, 0x11, 0xf1, 0x47, 0x66, 0xf2, 0xd3, 0xbb, 0x67, 0x12, 0xf1,
+    0x62, 0x37, 0x3d, 0x25, 0x3d, 0x3d, 0x76, 0x80, 0x34, 0xf7, 0xaf, 0x6c, 0xac, 0x53, 0x59, 0x80,
+    0xf2, 0xd9, 0xfa, 0x3f, 0xfa, 0xfa, 0xb4, 0xba, 0x89, 0x3e, 0xa6, 0x11, 0xf6, 0x8b, 0xa8, 0xba,
+    0x3b, 0x86, 0x08, 0x23, 0x08, 0x08, 0xe4, 0x53, 0xbb, 0x1d, 0xfe, 0x58, 0xc3, 0xc7, 0x49, 0x53,
+    0x9a, 0x92, 0x30, 0xca, 0x30, 0x30, 0x1d, 0x29, 0x1c, 0x4e, 0x41, 0x13, 0xcf, 0xd7, 0x75, 0x29,
+    0x75, 0x64, 0x66, 0xdf, 0x66, 0x66, 0x71, 0xfe, 0xda, 0xe5, 0x23, 0x1c, 0x9d, 0xae, 0xac, 0xfe,
+    0xea, 0xc8, 0xcc, 0x7d, 0xcc, 0xcc, 0xe2, 0x3f, 0x77, 0x09, 0x46, 0x38, 0xf9, 0x9f, 0x9b, 0x3f,
+    0xd0, 0x96, 0x57, 0x29, 0x57, 0x57, 0x91, 0xe5, 0xe9, 0xe0, 0x0d, 0x04, 0x72, 0xb8, 0x79, 0xe5,
+    0x2a, 0x40, 0xbf, 0x28, 0xbf, 0xbf, 0x17, 0x9d, 0x8b, 0x72, 0x4a, 0xb3, 0x81, 0x3f, 0xc0, 0x9d,
+    0x91, 0x36, 0x54, 0x6d, 0x54, 0x54, 0x55, 0xb3, 0x98, 0x3d, 0xbc, 0x19, 0x12, 0x38, 0x5a, 0xb3,
+    0x02, 0x73, 0xe5, 0xee, 0xe5, 0xe5, 0xed, 0xd1, 0x4a, 0x2b, 0xa9, 0xc8, 0x90, 0x03, 0x95, 0xd1,
+    0x46, 0xed, 0x7c, 0xc2, 0x7c, 0x7c, 0xa7, 0x6f, 0x8a, 0x54, 0x3c, 0xe2, 0x5b, 0x65, 0xf4, 0x6f,
+    0xa7, 0x81, 0xd4, 0x18, 0xd4, 0xd4, 0x0d, 0xca, 0x79, 0x2e, 0x87, 0xd0, 0x7f, 0x15, 0x40, 0xca,
+    0xdc, 0x7f, 0x4c, 0x08, 0x4c, 0x4c, 0xba, 0x46, 0x96, 0x1a, 0x7d, 0xf1, 0x94, 0xb2, 0x81, 0x46,
+    0x27, 0x71, 0x37, 0x7e, 0x37, 0x37, 0xab, 0xb7, 0xd1, 0x7c, 0x8f, 0x22, 0x2f, 0xd5, 0x93, 0xb7,
+    0x76, 0xcf, 0x10, 0x46, 0x10, 0x10, 0x0b, 0xa6, 0xb5, 0x3a, 0x3f, 0xb0, 0x45, 0x4d, 0x92, 0xa6,
+    0xa4, 0x2a, 0xa2, 0x81, 0xa2, 0xa2, 0x77, 0x92, 0x16, 0xf1, 0x9b, 0x7c, 0xa7, 0xf6, 0x7e, 0x92,
+    0xca, 0xf4, 0x84, 0x85, 0x84, 0x84, 0x2a, 0xb1, 0x5d, 0xfc, 0x44, 0xe5, 0xed, 0xaf, 0xdf, 0xb1,
+    0x96, 0x7b, 0x2b, 0xeb, 0x2b, 0x2b, 0x36, 0x8a, 0x63, 0xb4, 0x31, 0xe6, 0x29, 0xdd, 0x8d, 0x8a,
+    0x70, 0x5a, 0xfc, 0xb7, 0xfc, 0xfc, 0xff, 0x16, 0x6b, 0x47, 0x07, 0x2b, 0x36, 0x48, 0xee, 0x16,
+    0x54, 0x80, 0xbd, 0x50, 0xbd, 0xbd, 0x2e, 0xf9, 0xd5, 0xe4, 0x94, 0xa5, 0xc1, 0x7e, 0x43, 0xf9,
+    0xe1, 0x6c, 0xa8, 0xda, 0xa8, 0xa8, 0xaa, 0xa5, 0xf3, 0x7a, 0xbb, 0x32, 0x24, 0x70, 0xb4, 0xa5,
+    0x6f, 0x06, 0xb5, 0x73, 0xb5, 0xb5, 0xca, 0xaa, 0x6e, 0xf9, 0x6a, 0xfd, 0x02, 0xb9, 0x0a, 0xaa,
+    0x39, 0xf5, 0xed, 0xcd, 0xed, 0xed, 0x09, 0x82, 0xf1, 0x36, 0x57, 0x90, 0x53, 0xc4, 0xdc, 0x82,
+    0x33, 0x89, 0x1a, 0x1d, 0x1a, 0x1a, 0xd6, 0x91, 0x50, 0xb1, 0x1f, 0xfe, 0xc6, 0xcb, 0x58, 0x91,
+    0xdb, 0x32, 0x33, 0x8e, 0x33, 0x33, 0xd9, 0x7f, 0x6d, 0x93, 0xf0, 0x0e, 0xaf, 0x57, 0x56, 0x7f,
+    0xa0, 0xcc, 0xab, 0x9e, 0xab, 0xab, 0x6e, 0xf3, 0x82, 0xa7, 0x0a, 0x2f, 0x44, 0xf0, 0x97, 0xf3,
+    0xfe, 0x30, 0xe1, 0x1e, 0xe1, 0xe1, 0x9f, 0x19, 0xf6, 0xc4, 0xd6, 0xe4, 0x10, 0x81, 0x50, 0x19,
+    0xb2, 0xa1, 0x6a, 0x0c, 0x6a, 0x6a, 0xe7, 0x65, 0xdd, 0x17, 0xa2, 0x68, 0xde, 0xeb, 0x20, 0x65,
+    0x10, 0x1e, 0x24, 0x7c, 0x24, 0x24, 0x64, 0x47, 0x15, 0x9b, 0x01, 0x8f, 0x0a, 0x18, 0x22, 0x47,
+    0x71, 0x82, 0x6f, 0xc0, 0x6f, 0x6f, 0x68, 0x9f, 0x4e, 0xb3, 0xb2, 0x4f, 0x7e, 0xa8, 0x45, 0x9f,
+    0x87, 0xbd, 0x9c, 0xe0, 0x9c, 0x9c, 0xc5, 0x44, 0x53, 0xdb, 0x85, 0x0d, 0x6b, 0x25, 0x04, 0x44,
+    0x35, 0x1c, 0xf6, 0xec, 0xf6, 0xf6, 0x22, 0x21, 0x8e, 0xcc, 0x27, 0x65, 0xb5, 0xce, 0x24, 0x21,
+    0x38, 0x2d, 0x7e, 0xba, 0x7e, 0x7e, 0x9e, 0x0b, 0xd4, 0xc2, 0xe2, 0xf4, 0x1b, 0x24, 0x77, 0x0b,
+    0x52, 0x15, 0x51, 0xa1, 0x51, 0x51, 0xda, 0x49, 0x0b, 0x99, 0xac, 0x3e, 0xb2, 0x7b, 0x3f, 0x49,
+    0x65, 0x7a, 0x42, 0xa3, 0x42, 0x42, 0x15, 0xb9, 0xcf, 0x7e, 0x22, 0x93, 0x97, 0xb6, 0x8e, 0xb9,
+    0xde, 0x0c, 0xa9, 0xe6, 0xa9, 0xa9, 0x57, 0x97, 0xdc, 0x31, 0xd4, 0x39, 0x04, 0xb1, 0x14, 0x97,
+    0x8e, 0x6a, 0x1d, 0xa9, 0x1d, 0x1d, 0x60, 0x0f, 0x9d, 0x83, 0xd1, 0xcf, 0x26, 0xc9, 0xbe, 0x0f,
+    0xa8, 0xc3, 0xb9, 0xa0, 0xb9, 0xb9, 0x5c, 0x31, 0x69, 0x0b, 0xeb, 0x89, 0x41, 0xfc, 0x86, 0x31,
+    0xfd, 0x9b, 0x97, 0x87, 0x97, 0x97, 0xe5, 0x41, 0x99, 0x1b, 0xca, 0x48, 0xc8, 0x62, 0x6e, 0x41,
+    0x2e, 0xa6, 0xb6, 0x37, 0xb6, 0xb6, 0x0e, 0xfc, 0x1f, 0x24, 0xdb, 0xe0, 0x62, 0x39, 0x29, 0xfc,
+    0x01, 0xd8, 0x93, 0x77, 0x93, 0x93, 0x97, 0x89, 0x25, 0xf4, 0xb5, 0x64, 0x48, 0xe0, 0xab, 0x89,
+    0xf8, 0xa5, 0x0d, 0xef, 0x0d, 0x0d, 0x6b, 0xa9, 0x28, 0xb9, 0xee, 0x7f, 0x63, 0x84, 0x2c, 0xa9,
+    0x8c, 0x19, 0xf8, 0x47, 0xf8, 0xf8, 0x8d, 0xde, 0xd7, 0xa8, 0x78, 0x07, 0xb6, 0xca, 0x2b, 0xde,
+    0xbb, 0x76, 0xeb, 0x45, 0xeb, 0xeb, 0x42, 0x2e, 0x13, 0x4f, 0xf6, 0xaa, 0x93, 0x07, 0x9a, 0x2e,
+    0x49, 0xaf, 0x11, 0x7a, 0x11, 0x11, 0xf6, 0x94, 0x9a, 0x71, 0x50, 0xbb, 0x65, 0x8c, 0x32, 0x94,
+    0x44, 0x9e, 0x99, 0x2c, 0x99, 0x99, 0x4a, 0xbe, 0xc0, 0x7f, 0x95, 0x2a, 0xcb, 0x66, 0x61, 0xbe,
+    0xbf, 0x90, 0xe2, 0x5a, 0xe2, 0xe2, 0x5b, 0x4f, 0x87, 0x19, 0x67, 0xf9, 0x70, 0x01, 0x73, 0x4f,
+    0xef, 0xf6, 0x56, 0x15, 0x56, 0x56, 0x6c, 0xd7, 0xc6, 0xab, 0x62, 0x0f, 0x52, 0x79, 0xd9, 0xd7,
+    0xfc, 0x43, 0x04, 0xf0, 0x04, 0x04, 0x72, 0xc8, 0xbc, 0xef, 0x7f, 0x2c, 0x80, 0x82, 0xc5, 0xc8,
+    0x3a, 0x5e, 0x9b, 0x54, 0x9b, 0x9b, 0x73, 0xda, 0x9e, 0xe9, 0x4b, 0x3c, 0x8b, 0x27, 0xe2, 0xda,
+    0xb1, 0x0a, 0x1c, 0x95, 0x1c, 0x1c, 0x9d, 0x3d, 0xb2, 0xc8, 0xbe, 0xc4, 0x06, 0x08, 0x1e, 0x3d,
+    0xf9, 0x7d, 0x9e, 0x98, 0x9e, 0x9e, 0xfc, 0x20, 0x0d, 0x4d, 0x5b, 0x1b, 0x2b, 0x64, 0x87, 0x20,
+    0x99, 0x39, 0x46, 0x53, 0x46, 0x46, 0x67, 0x71, 0x73, 0x91, 0x5d, 0xbf, 0x17, 0x34, 0x4b, 0x71,
+    0xd8, 0x99, 0x45, 0x17, 0x45, 0x45, 0xa3, 0x27, 0x02, 0x4c, 0xec, 0xa2, 0x77, 0xb4, 0x68, 0x27,
+    0xc9, 0x5f, 0xf2, 0x1c, 0xf2, 0xf2, 0x50, 0xe9, 0x32, 0x23, 0x58, 0x49, 0x35, 0x4c, 0xe1, 0xe9,
+    0x61, 0x9c, 0x4b, 0xbc, 0x4b, 0x4b, 0x0c, 0xd8, 0x5b, 0x28, 0xb3, 0xc0, 0x74, 0xb0, 0x67, 0xd8,
+    0x3c, 0xcb, 0x77, 0xa5, 0x77, 0x77, 0x87, 0x6a, 0x40, 0x94, 0x73, 0xa7, 0xf8, 0x22, 0x9e, 0x6a,
+    0x89, 0x27, 0x62, 0x2f, 0x62, 0x62, 0x03, 0x36, 0x66, 0x0a, 0x5c, 0x30, 0x1d, 0x2c, 0x69, 0x36,
+    0x0f, 0x42, 0x6d, 0xb8, 0x6d, 0x6d, 0x51, 0xfb, 0x10, 0x25, 0x6c, 0x59, 0x3e, 0xe9, 0xc6, 0xfb,
+    0x5c, 0x8f, 0xaf, 0x6e, 0xaf, 0xaf, 0x1c, 0x3b, 0x3e, 0x48, 0x75, 0x03, 0xc4, 0x72, 0x52, 0x3b,
+    0xbe, 0x48, 0x71, 0x2d, 0x71, 0x71, 0xcc, 0xc6, 0xa2, 0xed, 0xd2, 0x9d, 0x38, 0xe1, 0xd8, 0xc6,
+    0xc2, 0xfb, 0x96, 0xbb, 0x96, 0x96, 0x18, 0x73, 0xb6, 0x50, 0xa5, 0x43, 0xe8, 0xa3, 0xce, 0x73,
+    0xc5, 0xb6, 0xe9, 0x3d, 0xe9, 0xe9, 0x7b, 0x4a, 0x4d, 0xd9, 0x28, 0xbc, 0xd3, 0x46, 0x19, 0x4a,
+    0x88, 0xff, 0xf1, 0x58, 0xf1, 0xf1, 0x94, 0xbf, 0x43, 0xfe, 0xe9, 0x54, 0x55, 0xcc, 0xc2, 0xbf,
+    0xa1, 0x14, 0x38, 0xe9, 0x38, 0x38, 0xf9, 0x7a, 0xa7, 0x53, 0xbf, 0x4b, 0x0c, 0x10, 0x3c, 0x7a,
+    0x1d, 0x2f, 0xac, 0x2a, 0xac, 0xac, 0xd8, 0x6d, 0x4f, 0x95, 0xc4, 0x1e, 0xa4, 0xf2, 0x71, 0x6d,
+    0xc7, 0xc5, 0x0c, 0xd3, 0x0c, 0x0c, 0x96, 0x9b, 0x07, 0xf2, 0x81, 0x74, 0x43, 0x45, 0x8c, 0x9b,
+    0x6c, 0xad, 0xc3, 0xea, 0xc3, 0xc3, 0xb0, 0xf2, 0x01, 0x26, 0x76, 0x51, 0xda, 0x5a, 0x34, 0xf2,
+    0x85, 0xce, 0x79, 0x0e, 0x79, 0x79, 0x28, 0x95, 0x19, 0xf0, 0x2c, 0xc5, 0xfb, 0x26, 0x91, 0x95,
+    0x9d, 0xdf, 0x4f, 0x4c, 0x4f, 0x4f, 0x7e, 0x10, 0xe7, 0xc7, 0xcc, 0xec, 0xf4, 0x32, 0xa2, 0x10,
+    0xd3, 0x3d, 0x21, 0xb0, 0x21, 0x21, 0xeb, 0xbd, 0x86, 0x3f, 0x11, 0xa8, 0xaa, 0x5b, 0x47, 0xbd,
+    0xd1, 0x4e, 0xc4, 0x5e, 0xc4, 0xc4, 0x06, 0x6c, 0xcc, 0x14, 0xb8, 0x60, 0x3a, 0x58, 0xd2, 0x6c,
+    0x1e, 0x84, 0xda, 0xb3, 0xda, 0xda, 0xa2, 0x35, 0x20, 0x4a, 0xd8, 0xb2, 0x7c, 0x11, 0x4f, 0x35,
+    0x3e, 0xb8, 0x92, 0x4b, 0x92, 0x92, 0x6a, 0xbb, 0x0a, 0xbf, 0xda, 0x6f, 0x68, 0x21, 0x0b, 0xbb,
+    0x84, 0x16, 0xea, 0x79, 0xea, 0xea, 0xbf, 0x1c, 0x3c, 0x04, 0x99, 0xa1, 0xb3, 0xc6, 0x3a, 0x1c,
+    0x2f, 0x7e, 0x25, 0x40, 0x25, 0x25, 0x99, 0x75, 0x3a, 0xd0, 0x6e, 0x84, 0x2a, 0xd9, 0x82, 0x75,
+    0x7d, 0x6b, 0x74, 0xe1, 0x74, 0x74, 0x43, 0x3c, 0x31, 0x49, 0xc2, 0xba, 0x98, 0xa2, 0xbd, 0x3c,
+    0x74, 0xbc, 0xf5, 0xa8, 0xf5, 0xf5, 0xe6, 0x77, 0xff, 0x11, 0x96, 0x78, 0xd5, 0x4e, 0x07, 0x77,
+    0x41, 0xa0, 0x03, 0x44, 0x03, 0x03, 0xc4, 0x56, 0x71, 0xdd, 0xb1, 0x1d, 0x60, 0x80, 0x23, 0x56,
+    0x50, 0x66, 0xb4, 0x4f, 0xb4, 0xb4, 0x37, 0x98, 0x41, 0xb2, 0x05, 0xf6, 0x22, 0x78, 0xaa, 0x98,
+    0x21, 0xe4, 0xdb, 0x8f, 0xdb, 0xdb, 0x5f, 0x07, 0x0f, 0x01, 0xb7, 0xb9, 0x5c, 0xd0, 0xef, 0x07,
+    0x55, 0x58, 0x2e, 0x27, 0x2e, 0x2e, 0xb9, 0x70, 0xf0, 0x10, 0x21, 0xc1, 0x89, 0x9e, 0xe8, 0x70,
+    0xe7, 0xf9, 0x44, 0x2b, 0x44, 0x44, 0x5e, 0x15, 0x2d, 0x07, 0x83, 0xa9, 0x57, 0x75, 0xc8, 0x15,
+    0xcd, 0xb9, 0xfb, 0x03, 0xfb, 0xfb, 0x49, 0x88, 0xa6, 0x75, 0xc9, 0x1a, 0xd6, 0x4a, 0x08, 0x88,
+    0x0d, 0x31, 0x88, 0x56, 0x88, 0x88, 0xbc, 0x2a, 0x5a, 0x0e, 0xc5, 0x91, 0xae, 0xea, 0x53, 0x2a,
+    0x7c, 0xb3, 0xe7, 0x96, 0xe7, 0xe7, 0xd4, 0xb5, 0x14, 0xbd, 0x77, 0xde, 0xd0, 0x42, 0x16, 0xb5,
+    0x37, 0x6f, 0x13, 0x02, 0x13, 0x13, 0xcf, 0xf0, 0xc4, 0xe7, 0x8e, 0xad, 0x25, 0xcd, 0xb1, 0xf0,
+    0x1a, 0x62, 0xd3, 0xac, 0xd3, 0xd3, 0xbb, 0x54, 0xb4, 0x1c, 0x49, 0xe1, 0x9f, 0x17, 0xa6, 0x54,
+    0xa2, 0xbf, 0x4e, 0x70, 0x4e, 0x4e, 0x83, 0x22, 0xc8, 0x8c, 0xa3, 0xe7, 0xd4, 0xf3, 0x02, 0x22,
+    0xaf, 0x8e, 0xc6, 0x26, 0xc6, 0xc6, 0x3f, 0x08, 0x92, 0x82, 0x66, 0x76, 0x7a, 0x19, 0x51, 0x08,
+    0xf6, 0x3f, 0xf3, 0x20, 0xf3, 0xf3, 0xad, 0xdb, 0x1d, 0x68, 0x37, 0x42, 0x15, 0x8d, 0x41, 0xdb,
+    0xe8, 0xbb, 0x29, 0x93, 0x29, 0x29, 0x0f, 0xee, 0x3d, 0x22, 0xef, 0xf0, 0x69, 0x9c, 0x0e, 0xee,
+    0x7e, 0xc0, 0x02, 0x78, 0x02, 0x02, 0x39, 0x64, 0x5e, 0x96, 0xde, 0x16, 0x40, 0x41, 0x83, 0x64,
+    0x5e, 0xfc, 0x4a, 0x80, 0x4a, 0x4a, 0xf1, 0xea, 0x74, 0x63, 0xdc, 0xcb, 0x54, 0x71, 0xc7, 0xea,
+    0xfa, 0xd6, 0xe8, 0x01, 0xe8, 0xe8, 0x86, 0x78, 0x62, 0x92, 0x47, 0xb7, 0xf3, 0x87, 0xb9, 0x78,
+    0xb5, 0xec, 0x15, 0x8a, 0x15, 0x15, 0x84, 0x5c, 0x26, 0x9e, 0x2f, 0x97, 0xe5, 0x0e, 0xf7, 0x5c,
+    0x92, 0x9d, 0x22, 0xf4, 0x22, 0x22, 0x2f, 0xeb, 0xf7, 0xe2, 0xa0, 0xb5, 0xca, 0xdb, 0x64, 0xeb,
+    0x56, 0xf3, 0x58, 0xbe, 0x58, 0x58, 0xc3, 0x28, 0x9f, 0xcf, 0x3d, 0x6d, 0x51, 0x7d, 0xd6, 0x28,
+    0xf1, 0x72, 0x8c, 0xa6, 0x8c, 0x8c, 0xce, 0xe2, 0xe6, 0xe1, 0xba, 0xbd, 0x2e, 0x68, 0x96, 0xe2,
+    0x04, 0xe6, 0x09, 0x1f, 0x09, 0x09, 0x19, 0x61, 0x94, 0x56, 0x91, 0x53, 0xe3, 0x06, 0xe9, 0x61,
+    0x6e, 0xde, 0x26, 0x04, 0x26, 0x26, 0x5d, 0x23, 0x4b, 0x0d, 0xdf, 0x99, 0x4a, 0x59, 0xa1, 0x23,
+    0xa5, 0xf2, 0x31, 0xf6, 0x31, 0x31, 0xe0, 0x1b, 0x33, 0x05, 0x2e, 0x18, 0xef, 0x16, 0xd5, 0x1b,
+    0xe6, 0x21, 0xd7, 0x5c, 0xd7, 0xd7, 0xc9, 0x9c, 0x08, 0xf3, 0x36, 0xcd, 0x1f, 0x95, 0x63, 0x9c,
+    0xc8, 0x87, 0x61, 0x6b, 0x61, 0x61, 0xc7, 0x60, 0x17, 0xd7, 0xed, 0x2d, 0x7d, 0xac, 0x4a, 0x60,
+    0x7b, 0xfe, 0x98, 0x10, 0x98, 0x98, 0xb7, 0x8c, 0xef, 0x34, 0xfa, 0x21, 0xeb, 0xa7, 0xc1, 0x8c,
+    0x73, 0xf1, 0x8a, 0x2e, 0x8a, 0x8a, 0x85, 0x4e, 0x04, 0x98, 0x1b, 0x87, 0xee, 0xab, 0xd0, 0x4e,
+    0x51, 0xbe, 0x27, 0x38, 0x27, 0x27, 0xa0, 0x11, 0x64, 0x46, 0xb0, 0x92, 0x6a, 0x98, 0x01, 0x11,
+    0x95, 0xd0, 0x5d, 0x72, 0x5d, 0x5d, 0x4c, 0xd2, 0x0c, 0x6b, 0x2d, 0x4a, 0xf1, 0x3e, 0xb3, 0xd2,
+    0x66, 0xd1, 0x34, 0x3a, 0x34, 0x34, 0x6f, 0xe1, 0xa0, 0xa1, 0x3e, 0x3f, 0x4f, 0x55, 0xb0, 0xe1,
+    0xd6, 0x03, 0xbb, 0xd8, 0xbb, 0xbb, 0x65, 0x55, 0x37, 0x9d, 0x35, 0x9f, 0x01, 0xbd, 0x05, 0x55,
+    0x5b, 0xc2, 0xd0, 0xe8, 0xd0, 0xd0, 0x7f, 0x02, 0xc5, 0xc1, 0xf8, 0xfc, 0xff, 0x97, 0x85, 0x02,
+    0xe3, 0x1f, 0x4d, 0x34, 0x4d, 0x4d, 0x47, 0x74, 0xb9, 0x51, 0x12, 0xfa, 0xb4, 0x73, 0x21, 0x74,
+    0x63, 0xef, 0xae, 0x52, 0xae, 0xae, 0xe1, 0x09, 0x11, 0x03, 0x1a, 0x08, 0xe4, 0xb3, 0xf2, 0x09,
+    0x9b, 0x4a, 0xa3, 0xbd, 0xa3, 0xa3, 0x8a, 0xa0, 0x39, 0xba, 0xf4, 0x77, 0x87, 0x37, 0xde, 0xa0,
+    0xbd, 0xe3, 0x07, 0xb4, 0x07, 0x07, 0xb6, 0x9e, 0xcd, 0x32, 0xce, 0x31, 0xe0, 0x02, 0xe6, 0x9e,
+    0x77, 0x17, 0x83, 0x31, 0x83, 0x83, 0x9c, 0x2f, 0x90, 0xce, 0x8a, 0xd4, 0x0d, 0xad, 0x39, 0x2f,
+    0x8d, 0xc1, 0x6b, 0x30, 0x6b, 0x6b, 0x1a, 0x57, 0xf2, 0x5c, 0xcd, 0x63, 0xfe, 0x2a, 0x80, 0x57,
+    0xbc, 0x3b, 0x94, 0xc3, 0x94, 0x94, 0x21, 0x17, 0xe8, 0xc6, 0x7b, 0x55, 0xa8, 0xe2, 0x4d, 0x17,
+    0xf3, 0x01, 0x69, 0x48, 0x69, 0x69, 0x23, 0x33, 0xac, 0xca, 0x13, 0x75, 0xbe, 0x6b, 0x03, 0x33,
+    0xf4, 0x4c, 0x16, 0xce, 0x16, 0x16, 0x40, 0x0a, 0x57, 0x43, 0x9e, 0x8a, 0x85, 0x8e, 0xd4, 0x0a,
+    0x26, 0xa9, 0xa4, 0x09, 0xa4, 0xa4, 0x3c, 0x3e, 0xf4, 0x88, 0x3a, 0x46, 0x67, 0x35, 0x38, 0x3e,
+    0xd4, 0x70, 0x5e, 0x36, 0x5e, 0x5e, 0x88, 0x84, 0x7d, 0xb6, 0x9c, 0x57, 0x91, 0xbe, 0x90, 0x84,
+    0x80, 0xf0, 0xe3, 0x66, 0xe3, 0xe3, 0xa6, 0x7d, 0xa8, 0x52, 0x08, 0xf2, 0x50, 0xc0, 0xd3, 0x7d,
+    0x93, 0x45, 0xb1, 0x83, 0xb1, 0xb1, 0xb8, 0x62, 0xd2, 0x16, 0x15, 0xd1, 0x82, 0x3b, 0xcf, 0x62,
+    0xb6, 0x47, 0x63, 0x13, 0x63, 0x63, 0xfe, 0x04, 0x49, 0x41, 0x33, 0x3b, 0x3d, 0xed, 0xc9, 0x04,
+    0x15, 0x20, 0xbe, 0x14, 0xbe, 0xbe, 0xea, 0xaf, 0xa4, 0x39, 0x25, 0xb8, 0xa1, 0xfe, 0x60, 0xaf,
+    0xcc, 0x61, 0x68, 0x74, 0x68, 0x68, 0xde, 0x01, 0x83, 0x81, 0x7c, 0x7e, 0x9e, 0xaa, 0xa3, 0x01,
+    0xac, 0x25, 0xb0, 0xbf, 0xb0, 0xb0, 0x45, 0x50, 0xfd, 0x5d, 0x7a, 0xda, 0xa2, 0xfa, 0x6f, 0x50,
+    0xc1, 0x50, 0xe0, 0x22, 0xe0, 0xe0, 0x62, 0x2b, 0xd9, 0x8f, 0xb9, 0xef, 0x30, 0x40, 0xf0, 0x2b,
+    0xee, 0x2e, 0xc5, 0x62, 0xc5, 0xc5, 0xfb, 0x5e, 0xe3, 0x5f, 0xd7, 0x6b, 0x1a, 0x99, 0x72, 0x5e,
+    0xae, 0x56, 0x55, 0x51, 0x55, 0x55, 0xa8, 0x81, 0xb7, 0x76, 0xd3, 0x12, 0x32, 0xf9, 0xfa, 0x81,
+    0x9c, 0x07, 0xdc, 0x3b, 0xdc, 0xdc, 0xe9, 0x99, 0xc2, 0x33, 0x79, 0x88, 0xbc, 0xd2, 0x09, 0x99,
+    0xd9, 0x41, 0xd6, 0x60, 0xd6, 0xd6, 0x34, 0xae, 0x27, 0xb8, 0x59, 0xc6, 0x3f, 0x54, 0xc3, 0xae,
+    0xa3, 0x67, 0xdd, 0x07, 0xdd, 0xdd, 0x14, 0xab, 0xed, 0x78, 0x16, 0x83, 0x9c, 0x13, 0xa9, 0xab,
+    0x25, 0x02, 0xd2, 0x90, 0xd2, 0xd2, 0x46, 0x66, 0x9b, 0x57, 0x26, 0xea, 0xbf, 0xd6, 0x06, 0x66,
+    0xeb, 0x10, 0x5f, 0x0a, 0x5f, 0x5f, 0x75, 0xb6, 0x52, 0xfd, 0xf3, 0x5c, 0xb1, 0x7f, 0x30, 0xb6,
+    0x40, 0x78, 0x90, 0x33, 0x90, 0x90, 0x53, 0xdf, 0x54, 0x29, 0x04, 0x79, 0x28, 0x60, 0x88, 0xdf,
+    0x48, 0x77, 0x82, 0x0d, 0x82, 0x82, 0x61, 0x1d, 0xbf, 0x85, 0xe5, 0xdf, 0x2d, 0x6c, 0x99, 0x1d,
+    0x6d, 0x75, 0x50, 0x9d, 0x50, 0x50, 0x27, 0x7b, 0x24, 0xd2, 0xc3, 0x35, 0x92, 0xba, 0x9f, 0x7b,
+    0x28, 0x33, 0x5a, 0xc6, 0x5a, 0x5a, 0xfa, 0x4c, 0xc1, 0x59, 0xe3, 0x7b, 0x11, 0x3c, 0x55, 0x4c,
+    0xff, 0xe8, 0x72, 0x69, 0x72, 0x72, 0x08, 0x90, 0xd3, 0x30, 0x63, 0x80, 0x58, 0x61, 0xfb, 0x90,
+    0x0a, 0x7c, 0xf7, 0xd0, 0xf7, 0xf7, 0xdf, 0x13, 0xa1, 0x87, 0x48, 0x6e, 0x95, 0x0f, 0x84, 0x13,
+    0x4f, 0x3a, 0xfd, 0x8b, 0xfd, 0xfd, 0x02, 0x24, 0x44, 0x0c, 0x68, 0x20, 0x16, 0x89, 0x4e, 0x24,
+    0x19, 0xc9, 0xa5, 0x35, 0xa5, 0xa5, 0xc1, 0x0c, 0xdb, 0xc3, 0x55, 0x4d, 0x47, 0xf4, 0x98, 0x0c,
+    0x53, 0xcd, 0xc2, 0xd6, 0xc2, 0xc2, 0x4d, 0xc0, 0x2e, 0x6d, 0x19, 0x5a, 0xfa, 0x9b, 0x94, 0xc0,
+    0xf5, 0x94, 0x85, 0xb9, 0x85, 0x85, 0xd7, 0x83, 0x72, 0xb7, 0x2b, 0xee, 0xcd, 0x6e, 0x7f, 0x83,
+    0xb9, 0x05, 0x0e, 0xab, 0x0e, 0x0e, 0xaf, 0xff, 0x59, 0x64, 0x5f, 0x62, 0x03, 0x04, 0x0f, 0xff,
+    0xcb, 0x2c, 0x17, 0xf2, 0x17, 0x17, 0xbd, 0x38, 0x78, 0x08, 0xf1, 0x81, 0xa5, 0x4f, 0x74, 0x38,
+    0x45, 0x46, 0x0a, 0x5b, 0x0a, 0x0a, 0xdd, 0x37, 0xe5, 0x8b, 0x20, 0x4e, 0x83, 0x86, 0xca, 0x37,
+    0x57, 0x2b, 0xcb, 0xc9, 0xcb, 0xcb, 0x54, 0xa1, 0xba, 0x3b, 0x88, 0x09, 0x19, 0x9d, 0x7d, 0xa1,
+    0xd7, 0xdb, 0x28, 0xaf, 0x28, 0x28, 0xf2, 0xdc, 0x12, 0x69, 0x80, 0xfb, 0x49, 0x5d, 0xae, 0xdc,
+    0x68, 0x4b, 0xca, 0xf5, 0xca, 0xca, 0xa9, 0x93, 0x95, 0x70, 0xe7, 0x02, 0x39, 0x5c, 0xdd, 0x93,
+    0x4c, 0x91, 0x8b, 0x12, 0x8b, 0x8b, 0x78, 0x7c, 0x2b, 0xd3, 0x74, 0x8c, 0xce, 0x6a, 0x70, 0x7c,
+    0x20, 0x3c, 0x48, 0xf8, 0x48, 0x48, 0xc8, 0x8e, 0x2a, 0xf5, 0x02, 0xdd, 0x14, 0x30, 0x44, 0x8e,
+    0x4a, 0x04, 0x67, 0xe3, 0x67, 0x67, 0x8c, 0xcc, 0xf5, 0xae, 0x4c, 0x17, 0xbd, 0x6f, 0x0c, 0xcc,
+    0x05, 0x3e, 0x9a, 0x68, 0x9a, 0x9a, 0x8e, 0xe8, 0xb1, 0xa2, 0x24, 0x37, 0xab, 0xe6, 0x42, 0xe8,
+    0xc6, 0x1d, 0x9f, 0xa4, 0x9f, 0x9f, 0x01, 0x12, 0x22, 0x06, 0x34, 0x10, 0x0b, 0xa5, 0x27, 0x12,
+    0x14, 0xf8, 0x2d, 0x63, 0x2d, 0x2d, 0x7d, 0x26, 0x81, 0xcd, 0x90, 0xdc, 0xe9, 0x1e, 0xcb, 0x26,
+    0x9e, 0x74, 0x39, 0xd5, 0x39, 0x39, 0x04, 0x48, 0x88, 0x18, 0xd0, 0x40, 0x2c, 0xd1, 0x9c, 0x48,
+    0xd5, 0xa8, 0xcd, 0x41, 0xcd, 0xcd, 0x1f, 0x0d, 0x58, 0x42, 0x29, 0x33, 0xd9, 0x5e, 0x3b, 0x0d,
+    0x4d, 0x49, 0x18, 0x65, 0x18, 0x18, 0xef, 0xf5, 0x0e, 0x27, 0xc1, 0xe8, 0x86, 0x8a, 0xdb, 0xf5,
+    0xce, 0x12, 0x8d, 0x9a, 0x8d, 0x8d, 0x33, 0xd0, 0xc9, 0xaa, 0xd5, 0xb6, 0x0e, 0xa9, 0x36, 0xd0,
+    0x5a, 0x1a, 0x43, 0x9f, 0x43, 0x43, 0xe8, 0x8b, 0xe0, 0x35, 0x4d, 0x98, 0xb7, 0x77, 0x2e, 0x8b,
+    0x3f, 0x60, 0x01, 0x3c, 0x01, 0x01, 0xfd, 0x32, 0x2f, 0x4b, 0x6f, 0x0b, 0x20, 0xc1, 0xa0, 0x32,
+    0x8a, 0x8c, 0x14, 0xb6, 0x14, 0x14, 0x79, 0x6e, 0x09, 0xd5, 0x40, 0x9c, 0xc5, 0xcf, 0x57, 0x6e,
+    0x83, 0x5b, 0x95, 0xff, 0x95, 0x95, 0xdc, 0x25, 0xc7, 0x8d, 0x14, 0x5e, 0x88, 0x23, 0xed, 0x25,
+    0xc3, 0x23, 0x05, 0xcc, 0x05, 0x05, 0x8f, 0xfa, 0x93, 0xa4, 0x10, 0x27, 0xa0, 0x43, 0x65, 0xfa,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x94, 0x08, 0xce, 0x05, 0xce, 0xce, 0xdb, 0x5b, 0x29, 0x9f, 0x98, 0x2e, 0xb9, 0xde, 0x18, 0x5b,
+    0x1f, 0x5c, 0x49, 0xc4, 0x49, 0x49, 0x35, 0xbc, 0x05, 0xbe, 0x6d, 0xd6, 0x34, 0xf1, 0xe4, 0xbc,
+    0x98, 0xe1, 0xd5, 0x24, 0xd5, 0xd5, 0xf0, 0xf8, 0x56, 0x65, 0xe8, 0xdb, 0x5f, 0xd4, 0xe0, 0xf8,
+  },
+  { /* 3 */
+    0xab, 0x5f, 0x0f, 0xc5, 0x97, 0x09, 0x7c, 0xc9, 0x42, 0xc5, 0x39, 0xbd, 0xfd, 0x81, 0x87, 0xfe,
+    0xbb, 0xa5, 0xce, 0xde, 0x05, 0xdd, 0x1c, 0xf8, 0x12, 0xde, 0x45, 0x61, 0xc3, 0xdf, 0xcc, 0x2b,
+    0x83, 0x15, 0xcf, 0x1f, 0x39, 0x08, 0x8c, 0x52, 0xca, 0x1f, 0xff, 0xa8, 0x9e, 0x12, 0xd5, 0x1c,
+    0x0d, 0xe5, 0x99, 0x66, 0x2c, 0xc3, 0x2e, 0xd2, 0x39, 0x66, 0x56, 0x24, 0x2b, 0x05, 0x5f, 0x06,
+    0x3a, 0x3e, 0xb0, 0xfa, 0xbf, 0x2e, 0x9c, 0x05, 0xd2, 0xfa, 0x54, 0x33, 0x2a, 0xb6, 0x28, 0x65,
+    0x4a, 0x9d, 0xb2, 0xbb, 0xc7, 0x47, 0x7f, 0x92, 0xa1, 0xbb, 0xe3, 0x62, 0x90, 0xef, 0x1a, 0x0b,
+    0xe8, 0xf8, 0x85, 0x6e, 0xb9, 0xb8, 0x35, 0x14, 0xce, 0x6e, 0x93, 0xcc, 0xa8, 0x9d, 0xa0, 0x57,
+    0xeb, 0x31, 0x8d, 0xa9, 0x9a, 0xdf, 0x3f, 0x0d, 0xc1, 0xa9, 0x0a, 0x4b, 0x05, 0x3a, 0x68, 0x2c,
+    0x8f, 0xb7, 0xef, 0x85, 0xb5, 0x57, 0xa4, 0x36, 0xf6, 0x85, 0xde, 0xf1, 0x6f, 0xcb, 0x73, 0x33,
+    0xbe, 0x3d, 0xd6, 0x54, 0x60, 0x74, 0x02, 0xd3, 0x03, 0x54, 0x2d, 0x2b, 0xf7, 0xf5, 0x57, 0xa6,
+    0x0f, 0x6b, 0x28, 0x5d, 0xaf, 0x38, 0x22, 0x7d, 0x33, 0x5d, 0xb8, 0xde, 0x5c, 0x7e, 0x6e, 0x54,
+    0x6d, 0xbc, 0x5a, 0x3c, 0xc6, 0x7e, 0xad, 0x74, 0x1a, 0x3c, 0x9d, 0xa9, 0xaf, 0x02, 0x26, 0xbd,
+    0x0a, 0xf3, 0x30, 0xd7, 0xca, 0x91, 0x3c, 0x56, 0x22, 0xd7, 0xd0, 0x94, 0x68, 0x54, 0xf5, 0xd9,
+    0x29, 0x0d, 0x79, 0x26, 0x0e, 0x9d, 0xf6, 0x2d, 0x8d, 0x26, 0xb1, 0x68, 0xb9, 0x4f, 0xab, 0xcb,
+    0x17, 0xec, 0x68, 0xaa, 0x74, 0x86, 0x72, 0xb5, 0x4b, 0xaa, 0xfa, 0x6c, 0x7d, 0x0f, 0xe1, 0x0a,
+    0xb0, 0x11, 0x47, 0xf5, 0x6f, 0xd0, 0x26, 0x18, 0x35, 0xf5, 0xe2, 0x88, 0x71, 0x57, 0xc0, 0xdb,
+    0xc5, 0x2a, 0x5d, 0x3e, 0x72, 0x10, 0xdb, 0xa4, 0x57, 0x3e, 0x3d, 0x93, 0xff, 0x24, 0x69, 0x38,
+    0x4c, 0xcc, 0xa2, 0xf6, 0x81, 0x89, 0x6b, 0xa0, 0xbf, 0xf6, 0x12, 0xaf, 0x09, 0x62, 0x49, 0xfd,
+    0xc3, 0x7b, 0x4d, 0x73, 0x34, 0xde, 0xcf, 0x96, 0x49, 0x73, 0xcc, 0x5e, 0x66, 0xa9, 0x3a, 0xce,
+    0xb5, 0x89, 0x5f, 0x7f, 0x0a, 0x79, 0x38, 0x33, 0x24, 0x7f, 0x8a, 0xc2, 0x45, 0x7d, 0x5b, 0x56,
+    0x74, 0x7c, 0xa3, 0x37, 0xbd, 0x5c, 0xfb, 0x0a, 0x67, 0x37, 0xa8, 0x66, 0x54, 0xaf, 0x50, 0xca,
+    0x94, 0xf9, 0xa7, 0xb5, 0x4d, 0x8e, 0xfe, 0xe7, 0x81, 0xb5, 0x05, 0xc4, 0xe3, 0x1d, 0x34, 0x16,
+    0x1d, 0x1f, 0x58, 0x7d, 0xbe, 0x17, 0x4e, 0xe3, 0x69, 0x7d, 0x2a, 0xf8, 0x15, 0x5b, 0x14, 0xd3,
+    0x25, 0xaf, 0x59, 0xbc, 0x82, 0xc2, 0xde, 0x49, 0xb1, 0xbc, 0x90, 0x31, 0x48, 0x96, 0x0d, 0xe4,
+    0x48, 0x13, 0x03, 0x80, 0x44, 0xbc, 0x73, 0x3d, 0xab, 0x80, 0x0d, 0x98, 0xe7, 0x94, 0x2b, 0x59,
+    0xda, 0xbb, 0xb4, 0x78, 0x4f, 0xfc, 0x99, 0xe8, 0x34, 0x78, 0xf9, 0x91, 0x9d, 0x04, 0x4c, 0xb9,
+    0xdd, 0xad, 0x1d, 0xc9, 0xa9, 0xae, 0x8b, 0x6c, 0x2f, 0xc9, 0x7f, 0x21, 0xde, 0x55, 0xe6, 0x66,
+    0xe9, 0xbf, 0x3c, 0x92, 0x19, 0x24, 0x33, 0xa2, 0xcb, 0x92, 0xe4, 0xb1, 0x72, 0x41, 0x59, 0x7e,
+    0xea, 0x76, 0x34, 0x55, 0x3a, 0x43, 0x39, 0xbb, 0xc4, 0x55, 0x7d, 0x36, 0xdf, 0xe6, 0x91, 0x05,
+    0x73, 0x6a, 0x0a, 0x86, 0x5b, 0x0e, 0xe9, 0x8e, 0x7c, 0x86, 0x2e, 0xd6, 0x17, 0xfe, 0xfa, 0x15,
+    0x2e, 0x1b, 0xd0, 0x97, 0xe8, 0xcf, 0xe4, 0xa9, 0x96, 0x97, 0x37, 0xd8, 0xfa, 0x1e, 0x01, 0x14,
+    0xf5, 0xe7, 0xdd, 0x13, 0x07, 0xaf, 0x7b, 0xf7, 0xa7, 0x13, 0xb9, 0x34, 0xbd, 0xc6, 0xb4, 0x84,
+    0x26, 0x66, 0x51, 0x7b, 0xa1, 0xa5, 0xd4, 0x50, 0xbe, 0x7b, 0x09, 0xb6, 0xe5, 0x31, 0xc5, 0x9f,
+    0xd0, 0x48, 0x84, 0xaf, 0x85, 0x6d, 0xa5, 0xbe, 0x16, 0xaf, 0x29, 0x05, 0xf5, 0x50, 0xb9, 0x60,
+    0xc4, 0x6d, 0xe4, 0xc2, 0xd2, 0x8c, 0xdd, 0x12, 0x52, 0xc2, 0x4a, 0xee, 0x25, 0xf8, 0x90, 0x11,
+    0xf3, 0xb6, 0xcd, 0x5e, 0x41, 0x61, 0x6f, 0xc5, 0xb9, 0x5e, 0x48, 0xf9, 0x24, 0x4b, 0xe7, 0x72,
+    0x7b, 0x17, 0x8b, 0x6a, 0x12, 0x64, 0xd9, 0x77, 0x54, 0x6a, 0x10, 0xb8, 0x08, 0xd1, 0x3e, 0x9e,
+    0x4d, 0x8b, 0x1b, 0x0a, 0x21, 0x15, 0x6d, 0x16, 0xba, 0x0a, 0x65, 0xd2, 0xd3, 0xbe, 0xb0, 0xd4,
+    0x45, 0xf6, 0x9a, 0xe6, 0x68, 0x7f, 0x5d, 0xef, 0x92, 0xe6, 0x5b, 0xbc, 0xcc, 0x91, 0x74, 0x5f,
+    0xa9, 0xd1, 0xbe, 0xfe, 0x14, 0xf2, 0x70, 0x66, 0x48, 0xfe, 0xd7, 0x47, 0x8a, 0xfa, 0xb6, 0xac,
+    0x5e, 0xb8, 0xd2, 0xd6, 0x90, 0xa6, 0x07, 0x3e, 0xe5, 0xd6, 0x80, 0x89, 0x40, 0x47, 0x33, 0x7a,
+    0xd8, 0x35, 0x05, 0x43, 0xcc, 0x07, 0x95, 0x47, 0x3e, 0x43, 0x17, 0x6b, 0xea, 0x7f, 0x7d, 0xeb,
+    0x7e, 0x8f, 0x93, 0xe0, 0x77, 0xcd, 0xc7, 0x5c, 0x45, 0xe0, 0x78, 0xf2, 0x3c, 0xfb, 0xa5, 0x13,
+    0xf2, 0xf1, 0x74, 0xa2, 0xe1, 0xfd, 0x69, 0x73, 0xbc, 0xa2, 0x3f, 0x84, 0xfe, 0x97, 0x1e, 0x5b,
+    0x90, 0x26, 0x06, 0xc3, 0x88, 0xbb, 0xe6, 0x7a, 0x95, 0xc3, 0x1a, 0xf3, 0x0d, 0xeb, 0x56, 0xb2,
+    0x77, 0xb5, 0xab, 0xf0, 0x9e, 0x3b, 0xf1, 0x13, 0x68, 0xf0, 0x31, 0xe1, 0xf9, 0x08, 0x98, 0xb1,
+    0x53, 0x5d, 0x4b, 0xb0, 0xbc, 0x65, 0x29, 0xec, 0xdc, 0xb0, 0xd6, 0xad, 0x6b, 0x42, 0x6c, 0x7c,
+    0xe5, 0x1d, 0x1c, 0x08, 0x95, 0x7b, 0x1b, 0xc6, 0xf7, 0x08, 0xc5, 0xe8, 0x83, 0x98, 0xff, 0x51,
+    0x49, 0x54, 0xba, 0x7c, 0xe4, 0x20, 0x75, 0x8b, 0xae, 0x7c, 0x7a, 0xe5, 0x3d, 0x48, 0xd2, 0x70,
+    0x98, 0x5b, 0x87, 0x2f, 0xc1, 0xd1, 0xd6, 0x83, 0xbd, 0x2f, 0x24, 0x9d, 0x12, 0xc4, 0x92, 0x39,
+    0x13, 0x33, 0xc9, 0xdc, 0xb1, 0xb3, 0x6a, 0x28, 0x5f, 0xdc, 0xe5, 0x5b, 0x93, 0xf9, 0x83, 0xae,
+    0x43, 0xa7, 0x8a, 0xab, 0x2e, 0xb1, 0x49, 0xdd, 0x8c, 0xab, 0xaa, 0x71, 0x55, 0x1c, 0x27, 0xa9,
+    0xdc, 0xea, 0xa4, 0x35, 0x09, 0x32, 0x8d, 0xda, 0x2a, 0x35, 0x08, 0x5c, 0x04, 0x89, 0x1f, 0x4f,
+    0xc7, 0xa4, 0xec, 0x05, 0xf1, 0xeb, 0xd7, 0x0b, 0x5d, 0x05, 0xd3, 0x69, 0x88, 0x5f, 0x58, 0x6a,
+    0xa0, 0xeb, 0x86, 0xee, 0xfd, 0x04, 0x46, 0x29, 0x65, 0xee, 0x9e, 0x54, 0x4f, 0x09, 0x8b, 0x0e,
+    0xcc, 0x10, 0x65, 0x2e, 0x9b, 0xe6, 0xed, 0xeb, 0x7a, 0x2e, 0x74, 0x80, 0x3a, 0xd7, 0x54, 0x9a,
+    0x14, 0x25, 0x60, 0x6d, 0x57, 0xe1, 0x78, 0xac, 0x44, 0x6d, 0x63, 0xeb, 0xd0, 0xa8, 0x29, 0x71,
+    0x52, 0x1a, 0xf2, 0x4c, 0x1c, 0xf9, 0x2f, 0x5a, 0xd9, 0x4c, 0xa1, 0xd0, 0xb1, 0x9e, 0x95, 0x55,
+    0x2f, 0x5c, 0x69, 0x6b, 0x48, 0x53, 0xe2, 0x1f, 0x93, 0x6b, 0x40, 0xa5, 0x20, 0xc2, 0xf8, 0x3d,
+    0x47, 0x78, 0x2b, 0xdd, 0xeb, 0x84, 0x51, 0x40, 0x98, 0xdd, 0xb5, 0x46, 0xbb, 0xea, 0x45, 0x0d,
+    0xa6, 0xba, 0x96, 0xa3, 0xbb, 0xca, 0x52, 0x1b, 0x7b, 0xa3, 0x6f, 0x99, 0xd6, 0x84, 0xd8, 0xf8,
+    0x5f, 0xff, 0x6b, 0x2a, 0x30, 0x3a, 0x01, 0x88, 0xe0, 0x2a, 0xf7, 0xf4, 0x9a, 0x9b, 0xca, 0x53,
+    0xe3, 0x4c, 0x0c, 0x45, 0xd3, 0xb5, 0x0f, 0xf4, 0xe9, 0x45, 0x34, 0x25, 0x1a, 0x15, 0xac, 0xa7,
+    0xb8, 0x6c, 0xc6, 0x19, 0x26, 0xba, 0x16, 0xe1, 0x1d, 0x19, 0xdc, 0xe6, 0x6e, 0x78, 0x04, 0x50,
+    0xa7, 0xfd, 0x2f, 0x5f, 0x1b, 0x56, 0x54, 0xad, 0x7e, 0x5f, 0x18, 0xe4, 0x0c, 0x58, 0x21, 0xd1,
+    0xc0, 0xb2, 0x45, 0xb4, 0x17, 0xb9, 0xc5, 0x8f, 0x46, 0xb4, 0x55, 0xd9, 0xcb, 0x0e, 0xf2, 0xb5,
+    0x23, 0xfe, 0x49, 0xf1, 0xc4, 0x0c, 0xca, 0x7b, 0xaf, 0xf1, 0x61, 0xfc, 0xd1, 0x1b, 0x5e, 0x12,
+    0x2a, 0xc4, 0x71, 0xe1, 0x2d, 0xfa, 0xfc, 0x34, 0x82, 0xe1, 0x28, 0xef, 0x14, 0xe8, 0x63, 0xb0,
+    0x62, 0xd7, 0x72, 0x61, 0x69, 0x46, 0x8f, 0x09, 0x29, 0x61, 0x25, 0x77, 0xf3, 0x7c, 0x48, 0xe9,
+    0x7d, 0x46, 0x9b, 0x27, 0x54, 0xaa, 0xcd, 0x45, 0x4a, 0x27, 0xe1, 0x75, 0x91, 0x5c, 0x6d, 0x68,
+    0x31, 0x8a, 0x39, 0xd1, 0xd5, 0x23, 0xa6, 0xe5, 0xf5, 0xd1, 0xf3, 0xda, 0x98, 0x3e, 0x24, 0x95,
+    0x30, 0xcd, 0x80, 0x2d, 0x75, 0xbf, 0xa0, 0x53, 0xf0, 0x2d, 0x84, 0xa7, 0x42, 0xe2, 0xdd, 0xbc,
+    0xc1, 0xf5, 0xfc, 0x48, 0xb7, 0x25, 0xc3, 0x39, 0x43, 0x48, 0x22, 0xa4, 0x11, 0xd2, 0x0b, 0x9c,
+    0x20, 0x37, 0x41, 0x36, 0xe7, 0x6b, 0xc0, 0x62, 0xa0, 0x36, 0xf8, 0x7b, 0x7c, 0xbc, 0x96, 0x69,
+    0x8a, 0x2f, 0xf7, 0x0f, 0xd0, 0xfe, 0xba, 0x1d, 0xe7, 0x0f, 0xb6, 0xbb, 0x5b, 0xe1, 0xe8, 0xbe,
+    0xd7, 0x5e, 0x2d, 0x1e, 0x63, 0x3f, 0xb7, 0x3a, 0x0d, 0x1e, 0xaf, 0xb5, 0xb6, 0x01, 0x13, 0xbf,
+    0x3d, 0x28, 0x19, 0x4b, 0x59, 0x7c, 0x8e, 0x81, 0xc9, 0x4b, 0xd2, 0x83, 0x69, 0xe7, 0x82, 0xba,
+    0xbf, 0x7a, 0x6f, 0xa8, 0xc0, 0xe8, 0x04, 0x65, 0x06, 0xa8, 0x5a, 0x56, 0x2d, 0x29, 0xae, 0x8f,
+    0xc6, 0xe3, 0x55, 0xf9, 0x51, 0x77, 0xd1, 0xbd, 0x58, 0xf9, 0xa4, 0x14, 0x52, 0x83, 0xa1, 0x43,
+    0x72, 0x2d, 0xb3, 0x7a, 0xfb, 0x92, 0xef, 0x38, 0x79, 0x7a, 0x59, 0xab, 0xcd, 0x22, 0x03, 0x3c,
+    0xdb, 0xfc, 0x0d, 0x84, 0xef, 0x60, 0x9f, 0x5e, 0x31, 0x84, 0x8e, 0xec, 0x47, 0xd8, 0xb5, 0x90,
+    0x15, 0x62, 0xd9, 0x91, 0xf7, 0x7d, 0x7e, 0x1a, 0x41, 0x91, 0x14, 0x96, 0x0a, 0x74, 0xd0, 0x58,
+    0x99, 0x1c, 0x3e, 0xd3, 0x61, 0x4d, 0xd0, 0x35, 0xb8, 0xd3, 0x53, 0xe0, 0xc8, 0x18, 0x6b, 0x10,
+    0x4b, 0xda, 0x0b, 0x47, 0x67, 0xdb, 0x79, 0x24, 0xa4, 0x47, 0x94, 0x1f, 0x4a, 0x33, 0xe3, 0x22,
+    0x34, 0x12, 0x21, 0x5b, 0xb0, 0x8a, 0xb8, 0xce, 0xe4, 0x5b, 0x9b, 0x90, 0xac, 0x14, 0xbf, 0x18,
+    0x60, 0x59, 0xc3, 0x5a, 0xea, 0xbd, 0x83, 0xa6, 0x23, 0x5a, 0xcb, 0x8d, 0x84, 0x07, 0x79, 0xbb,
+    0x92, 0xa8, 0xb7, 0xf8, 0x0b, 0x40, 0xea, 0xd5, 0x9f, 0xf8, 0xf4, 0x09, 0x7a, 0x90, 0x67, 0xe0,
+    0xac, 0x49, 0xa6, 0x74, 0x71, 0x5b, 0x6e, 0x4d, 0x59, 0x74, 0xbf, 0x0d, 0xbe, 0xd0, 0x2d, 0x21,
+    0x6e, 0x75, 0x52, 0xfb, 0xe5, 0x19, 0xa7, 0x6d, 0x15, 0xfb, 0x04, 0x2e, 0x02, 0xa5, 0xee, 0xc6,
+    0xa1, 0xac, 0x3f, 0x12, 0x5d, 0x98, 0x40, 0x9f, 0x60, 0x12, 0xe9, 0x29, 0x95, 0xd5, 0x72, 0x27,
+    0x81, 0x9b, 0x7e, 0x24, 0xba, 0xf3, 0x80, 0xfd, 0xc0, 0x24, 0x11, 0x52, 0xe9, 0x69, 0xe4, 0x4e,
+    0x3b, 0x79, 0x09, 0x06, 0x1f, 0xb2, 0x9a, 0xb3, 0xd7, 0x06, 0x23, 0x4e, 0xf0, 0x6a, 0xd1, 0x4c,
+    0x19, 0xc0, 0xf9, 0x0b, 0x7b, 0x22, 0x56, 0x7e, 0x7d, 0x0b, 0x35, 0xcf, 0xfb, 0xad, 0x76, 0x77,
+    0xe4, 0x5a, 0xa5, 0xf4, 0x35, 0xe7, 0x1d, 0x70, 0xf2, 0xf4, 0xb2, 0x95, 0x59, 0x44, 0x06, 0x78,
+    0x2c, 0x95, 0x61, 0xac, 0x6b, 0x34, 0xe8, 0x06, 0x9c, 0xac, 0xd9, 0x22, 0x8d, 0x65, 0x30, 0x46,
+    0xbd, 0xf4, 0xde, 0x93, 0x43, 0x13, 0x08, 0xca, 0x0c, 0x93, 0xb4, 0xac, 0x5a, 0x52, 0x9f, 0xdd,
+    0xb6, 0x40, 0x57, 0xb8, 0x29, 0x1e, 0x32, 0x2a, 0x2b, 0xb8, 0x13, 0x45, 0xe8, 0xda, 0x93, 0x2d,
+    0xd3, 0x81, 0x8c, 0x68, 0xa6, 0x0a, 0xaf, 0xa7, 0x19, 0x68, 0xb0, 0x82, 0x58, 0xf7, 0x71, 0x1b,
+    0xe7, 0x93, 0xad, 0x33, 0x16, 0x80, 0x17, 0x69, 0xfd, 0x33, 0x2b, 0x12, 0xf4, 0xe3, 0xce, 0x03,
+    0x9b, 0x92, 0x8f, 0xe8, 0xe2, 0xb6, 0xdc, 0x9a, 0xb2, 0xe8, 0xbd, 0x1a, 0xbf, 0x63, 0x5a, 0x42,
+    0x8c, 0x7e, 0xe7, 0x42, 0x96, 0x30, 0xae, 0x2f, 0xf9, 0x42, 0x47, 0x76, 0xc2, 0x6c, 0xbb, 0x48,
+    0x04, 0xdf, 0xa1, 0x76, 0xc5, 0x35, 0x18, 0x9d, 0x14, 0x76, 0x1f, 0x37, 0xee, 0xf6, 0x62, 0xa4,
+    0x86, 0x8d, 0xd7, 0x95, 0x5c, 0xa1, 0x92, 0x79, 0xdb, 0x95, 0x97, 0xe2, 0xaa, 0x38, 0x4e, 0x91,
+    0xef, 0xee, 0x2c, 0xdf, 0x5f, 0xea, 0x27, 0x90, 0xd5, 0xdf, 0x15, 0x7c, 0xeb, 0xcc, 0x0a, 0x88,
+    0x32, 0x43, 0x31, 0x16, 0xf6, 0x44, 0xac, 0xfc, 0xfa, 0x16, 0x6a, 0x5d, 0x35, 0x99, 0xec, 0xee,
+    0x0b, 0xb4, 0x89, 0x2b, 0x6a, 0x0d, 0x3a, 0xe0, 0x27, 0x2b, 0xa7, 0xe9, 0xb2, 0x88, 0x0c, 0xf0,
+    0x9e, 0x0a, 0x97, 0x62, 0x87, 0x1f, 0xc2, 0xb1, 0xa3, 0x62, 0xd5, 0x50, 0x8b, 0x49, 0xc1, 0xcf,
+    0x80, 0xdc, 0xc7, 0xd8, 0x1a, 0x6f, 0x86, 0x4b, 0xc5, 0xd8, 0x66, 0x2f, 0x33, 0xb5, 0x1d, 0x67,
+    0x1c, 0x58, 0xe1, 0x81, 0x1e, 0x8b, 0x48, 0x55, 0x6c, 0x81, 0x5d, 0x85, 0xcf, 0x87, 0xed, 0xfa,
+    0xb1, 0x56, 0xfe, 0x09, 0xcf, 0x4c, 0x20, 0xae, 0x30, 0x09, 0x95, 0xf5, 0xab, 0x8b, 0x39, 0xf2,
+    0xd4, 0x97, 0x25, 0xd9, 0x40, 0x58, 0xbd, 0x23, 0x02, 0xd9, 0x36, 0x32, 0x1b, 0xa6, 0xdb, 0xc4,
+    0x7a, 0x50, 0x32, 0x96, 0xb2, 0xf8, 0xdf, 0xc1, 0x51, 0x96, 0x67, 0xc5, 0xd2, 0x0d, 0xc7, 0xb7,
+    0x5b, 0x20, 0xca, 0x5c, 0xf5, 0x0f, 0x19, 0x15, 0xf4, 0x5c, 0xe8, 0xc3, 0x74, 0x6d, 0xa8, 0xf7,
+    0xa3, 0x22, 0x8e, 0x29, 0xde, 0x63, 0x4c, 0x30, 0x6a, 0x29, 0x07, 0xd3, 0xe2, 0xae, 0x43, 0x75,
+    0xf9, 0x45, 0xfd, 0x89, 0x8b, 0xf0, 0x53, 0x93, 0x9b, 0x89, 0x98, 0x6d, 0x4c, 0x1f, 0x12, 0xab,
+    0x33, 0x04, 0x88, 0xea, 0x56, 0xd8, 0xaa, 0x4a, 0xff, 0xea, 0x1d, 0x20, 0xef, 0x45, 0x15, 0xc7,
+    0x68, 0x24, 0x42, 0xb6, 0xa3, 0xd7, 0xb3, 0x5f, 0x0b, 0xb6, 0xf5, 0xe3, 0x9b, 0x28, 0xbd, 0x30,
+    0x96, 0x77, 0x16, 0x8e, 0xce, 0x75, 0xf2, 0x48, 0x8b, 0x8e, 0xeb, 0x3e, 0x94, 0x66, 0x05, 0x44,
+    0x46, 0x3f, 0x92, 0x21, 0x4b, 0x18, 0x57, 0xf6, 0x9d, 0x21, 0xc2, 0x3b, 0x61, 0x36, 0xbc, 0x24,
+    0x02, 0x8e, 0xb1, 0x3b, 0x83, 0xfb, 0x0c, 0xaf, 0x0a, 0x3b, 0xee, 0xfa, 0x77, 0x7b, 0x31, 0x52,
+    0xff, 0x14, 0xed, 0xc4, 0xcd, 0x3e, 0x47, 0xa1, 0x85, 0xc4, 0x69, 0xa0, 0xd5, 0x92, 0x41, 0x5d,
+    0x95, 0xbe, 0x1e, 0x49, 0xed, 0x12, 0xf8, 0x51, 0x84, 0x49, 0x72, 0xb9, 0x39, 0xc1, 0xcd, 0x3f,
+    0x64, 0x86, 0x62, 0x2c, 0x2f, 0x88, 0x9b, 0x3b, 0x37, 0x2c, 0xd4, 0xba, 0x6a, 0xf1, 0x1b, 0x1f,
+    0x40, 0x6e, 0x82, 0x6c, 0x0d, 0xd6, 0x43, 0xc4, 0x83, 0x6c, 0x33, 0xf6, 0xf8, 0xbb, 0xef, 0xd2,
+    0x41, 0x29, 0x3b, 0x90, 0xad, 0x4a, 0x45, 0x72, 0x86, 0x90, 0x44, 0x8b, 0x22, 0x67, 0x16, 0xfb,
+    0x16, 0xab, 0xd1, 0x56, 0xd4, 0x1a, 0x74, 0x03, 0x4e, 0x56, 0x8d, 0x11, 0xa7, 0xd3, 0x18, 0x23,
+    0x0e, 0x2c, 0x91, 0xa1, 0x0f, 0xa4, 0x24, 0xcb, 0x36, 0xa1, 0xcf, 0xa3, 0x86, 0xa2, 0x97, 0x7d,
+    0xb9, 0x2b, 0x7f, 0xe5, 0x86, 0x26, 0x10, 0x57, 0x18, 0xe5, 0xab, 0x9b, 0xb4, 0xa4, 0xfd, 0x79,
+    0xfd, 0x9a, 0x5c, 0xff, 0x4e, 0xc5, 0x4b, 0x0e, 0x8f, 0xff, 0x87, 0x5a, 0xa2, 0xe9, 0x70, 0x0f,
+    0x6f, 0x32, 0xeb, 0x07, 0x45, 0x85, 0xa1, 0xdb, 0x10, 0x07, 0x73, 0x53, 0xd8, 0x79, 0x17, 0xef,
+    0x91, 0x61, 0xbf, 0x3f, 0x28, 0x27, 0xe0, 0xcc, 0x90, 0x3f, 0x6d, 0x8e, 0xd7, 0x37, 0xaf, 0x9b,
+    0xa5, 0x73, 0x9e, 0x64, 0x98, 0xad, 0x58, 0x02, 0x74, 0x64, 0xf6, 0x1e, 0x7b, 0x23, 0x10, 0x83,
+    0xcf, 0xd9, 0x6d, 0xe9, 0xb8, 0x81, 0xe7, 0xf2, 0x75, 0xe9, 0xed, 0x07, 0x97, 0x70, 0x9c, 0xe1,
+    0x56, 0xc5, 0x53, 0x3a, 0xd9, 0xcc, 0x37, 0xc7, 0xcd, 0x3a, 0xbe, 0xe7, 0x5f, 0x68, 0xf7, 0xf1,
+    0xba, 0xe2, 0x77, 0x22, 0xa5, 0x41, 0x1a, 0x4e, 0x17, 0x22, 0x32, 0x1c, 0x19, 0x03, 0x35, 0x02,
+    0x61, 0x1e, 0x7a, 0xa6, 0x4a, 0x21, 0x85, 0x10, 0x26, 0xa6, 0xbc, 0xf0, 0x5e, 0xdb, 0x80, 0x92,
+    0x18, 0x87, 0x40, 0xf7, 0xdb, 0xbe, 0x50, 0xc8, 0x78, 0xf7, 0x42, 0xb2, 0x21, 0x71, 0x8f, 0x5e,
+    0x54, 0x4b, 0xe2, 0x01, 0x5a, 0x37, 0x3b, 0x68, 0xc7, 0x01, 0x50, 0x1d, 0x28, 0x13, 0xc6, 0xa3,
+    0x8b, 0x68, 0x4e, 0xf3, 0x70, 0x62, 0xbc, 0xab, 0xe2, 0xf3, 0xc1, 0xc6, 0x81, 0x3d, 0x11, 0x97,
+    0x3e, 0xe1, 0x11, 0x8c, 0x7a, 0x1b, 0x84, 0x98, 0xc6, 0x8c, 0x4b, 0x04, 0xc4, 0x40, 0x4a, 0xc1,
+    0x5a, 0x67, 0x73, 0xa0, 0x55, 0x93, 0x1f, 0xa3, 0xf1, 0xa0, 0x9f, 0xbe, 0xae, 0xb1, 0x51, 0xde,
+    0xce, 0x9e, 0xd4, 0x15, 0x18, 0x1d, 0xe1, 0x44, 0x70, 0x15, 0x9a, 0x7a, 0x4d, 0xac, 0x65, 0xc8,
+    0xf7, 0x69, 0x6c, 0x28, 0x84, 0x54, 0x77, 0x58, 0xad, 0x28, 0x57, 0xce, 0xca, 0xbd, 0x85, 0xd6,
+    0xd2, 0xc6, 0x35, 0x94, 0x06, 0x96, 0xa9, 0x11, 0x1c, 0x94, 0xc7, 0xff, 0x82, 0x2b, 0x88, 0x32,
+    0x82, 0x52, 0x76, 0xe3, 0x99, 0x94, 0x8a, 0xe4, 0xcf, 0xe3, 0x88, 0xd5, 0x44, 0xce, 0x2c, 0x35,
+    0xb3, 0xd8, 0x4f, 0x32, 0x4c, 0xb7, 0x2c, 0x01, 0x3a, 0x32, 0x7b, 0x0f, 0xdc, 0xf0, 0x08, 0xa0,
+    0xb4, 0xce, 0xe6, 0x83, 0xaa, 0xe5, 0x3e, 0x85, 0x21, 0x83, 0xfd, 0xbf, 0x9f, 0xa1, 0xa2, 0x7f,
+    0xd6, 0x19, 0x94, 0xe2, 0xc3, 0xa3, 0xb1, 0x8c, 0x08, 0xe2, 0xd8, 0xc8, 0x6c, 0xdd, 0xea, 0x96,
+    0xe1, 0xc2, 0xbd, 0x7e, 0x50, 0x4e, 0x03, 0x5b, 0xe3, 0x7e, 0xda, 0xdf, 0x6d, 0x6e, 0x9d, 0xf5,
+    0xc2, 0x3c, 0xf4, 0x8f, 0x94, 0x42, 0xc9, 0x20, 0x4c, 0x8f, 0xbb, 0x23, 0xbc, 0x75, 0xc3, 0xe7,
+    0x5d, 0x71, 0xda, 0x11, 0xb3, 0xc1, 0x0d, 0x27, 0xea, 0x11, 0x19, 0x0e, 0xed, 0xe0, 0xfb, 0x01,
+    0xfa, 0x8c, 0xf5, 0x4e, 0xa8, 0x97, 0x59, 0x8a, 0x94, 0x4e, 0x01, 0xea, 0xe1, 0xb8, 0xda, 0xd0,
+    0xa4, 0x34, 0x27, 0x98, 0x38, 0x31, 0x5e, 0xb4, 0x71, 0x98, 0x81, 0x63, 0xa1, 0xff, 0xe9, 0xaa,
+    0x1f, 0x91, 0xe9, 0x46, 0x3d, 0xec, 0x42, 0x4c, 0x63, 0x46, 0xc4, 0x02, 0x62, 0x20, 0x25, 0x81,
+    0x0c, 0xa2, 0x20, 0x9a, 0x8c, 0x5f, 0x28, 0x64, 0x3c, 0x9a, 0x21, 0x59, 0xf1, 0xd9, 0xa6, 0x2f,
+    0x01, 0x47, 0xb9, 0xfc, 0xa0, 0x9c, 0x06, 0xb6, 0x05, 0xfc, 0x77, 0x7d, 0xda, 0xdc, 0xf9, 0x29,
+    0x2d, 0xd2, 0xd8, 0x50, 0xcb, 0xa8, 0xee, 0xb0, 0x99, 0x50, 0xae, 0x5f, 0x57, 0xb9, 0xc9, 0x6f,
+    0x67, 0x4f, 0x6a, 0xeb, 0x0c, 0xef, 0x91, 0x22, 0x38, 0xeb, 0x4d, 0x3d, 0xc7, 0x56, 0xd3, 0x64,
+    0xe2, 0x0b, 0xb5, 0xb9, 0x73, 0x29, 0x09, 0x42, 0xec, 0xb9, 0x43, 0x58, 0xc0, 0xc9, 0x55, 0x8e,
+    0x09, 0x3a, 0x38, 0x10, 0xe9, 0xf6, 0x36, 0x4f, 0x2d, 0x10, 0x49, 0x13, 0xc5, 0xf3, 0x3d, 0xa2,
+    0x57, 0x82, 0xea, 0xc6, 0x79, 0x50, 0x31, 0x71, 0xc8, 0xc6, 0xc9, 0x9a, 0x85, 0xb4, 0x0e, 0xd8,
+    0x11, 0xbd, 0x78, 0xe7, 0x32, 0x48, 0x66, 0x87, 0x55, 0xe7, 0x0b, 0xa1, 0xe4, 0x82, 0xb2, 0xfc,
+    0xb7, 0x07, 0xee, 0x44, 0x89, 0x82, 0x34, 0x9c, 0x2e, 0x44, 0x64, 0x38, 0x32, 0x06, 0x6a, 0x04,
+    0xdf, 0x23, 0xac, 0xf2, 0x2a, 0x55, 0x87, 0xc3, 0x25, 0xf2, 0x91, 0xdb, 0xa9, 0x2e, 0xd7, 0x34,
+    0x6a, 0xaa, 0xf3, 0x8d, 0x20, 0x2c, 0xbf, 0xf0, 0x01, 0x8d, 0x1b, 0x19, 0xec, 0x53, 0x8c, 0x62,
+    0x93, 0xef, 0x0e, 0x04, 0xab, 0xdc, 0xec, 0x63, 0x9a, 0x04, 0x83, 0x74, 0xa0, 0x4c, 0x9e, 0xc9,
+    0x24, 0xe8, 0xe0, 0x40, 0x22, 0x5e, 0xd8, 0xff, 0xb4, 0x40, 0xe7, 0x4c, 0x92, 0x4a, 0xf4, 0xcd,
+    0x7f, 0xc8, 0x2a, 0x1c, 0xd7, 0x51, 0xc1, 0xea, 0x40, 0x1c, 0x0f, 0x8f, 0xe6, 0x27, 0x5c, 0x3a,
+    0x66, 0x08, 0xd3, 0x17, 0xac, 0x73, 0x97, 0x94, 0x3d, 0x17, 0x3a, 0x40, 0x1d, 0x8a, 0x2a, 0x4d,
+    0xfe, 0x53, 0x54, 0x38, 0x6d, 0xa2, 0x41, 0x17, 0x80, 0x38, 0x1e, 0xdd, 0x0f, 0x4e, 0xb8, 0x74,
+    0x07, 0x16, 0xa9, 0xb1, 0xe6, 0x52, 0x12, 0x84, 0x1b, 0xb1, 0x86, 0xb0, 0x43, 0x51, 0xaa, 0xdf,
+    0x44, 0xb1, 0x23, 0x1a, 0xc8, 0xe3, 0x5b, 0x59, 0x97, 0x1a, 0x2c, 0xc1, 0x16, 0x4d, 0x8d, 0x76,
+    0x3f, 0xa6, 0xa8, 0x70, 0xda, 0x87, 0x82, 0x2e, 0xc3, 0x70, 0x3c, 0x79, 0x1e, 0x9c, 0xb3, 0xe8,
+    0xf8, 0x02, 0x44, 0x75, 0x2b, 0x6c, 0x55, 0x25, 0x9e, 0x75, 0xef, 0x10, 0x96, 0xc3, 0xeb, 0x82,
+    0x06, 0x51, 0x10, 0x4d, 0x46, 0xce, 0x14, 0x32, 0x1e, 0x4d, 0xf1, 0xcd, 0x99, 0x8d, 0x53, 0xf6,
+    0xca, 0x41, 0x75, 0x63, 0xdd, 0x28, 0xf9, 0xd9, 0x64, 0x63, 0x85, 0x4d, 0xa3, 0x5a, 0x07, 0x6c,
+    0xad, 0x0e, 0x1f, 0x88, 0xd1, 0xc7, 0x68, 0xfb, 0x5c, 0x88, 0xc8, 0x70, 0x64, 0x0c, 0xd4, 0x08,
+    0x2b, 0x83, 0xc8, 0x1d, 0x8d, 0x66, 0xfa, 0x82, 0x87, 0x1d, 0x5f, 0x92, 0xce, 0x34, 0x9a, 0x99,
+    0xae, 0xc7, 0x17, 0x4f, 0xf2, 0xa0, 0x62, 0xe2, 0x53, 0x4f, 0x51, 0xf7, 0xc9, 0xab, 0x1c, 0x73,
+    0x22, 0xb9, 0xf0, 0x0d, 0x64, 0x90, 0xcc, 0xcd, 0xaa, 0x0d, 0x16, 0x81, 0x0b, 0xc7, 0xa7, 0x3b,
+    0x39, 0xf7, 0xb8, 0x3d, 0x9c, 0x49, 0x96, 0x1c, 0xdd, 0x3d, 0xcd, 0xb4, 0x87, 0x11, 0xe0, 0x1e,
+    0xde, 0x64, 0x15, 0x0e, 0x8a, 0xc9, 0x81, 0x75, 0x20, 0x0e, 0xe6, 0xa6, 0x73, 0xf2, 0x2e, 0x1d,
+    0x1e, 0xd6, 0x50, 0xba, 0x9d, 0x70, 0x44, 0xfa, 0x66, 0xba, 0xb3, 0x7f, 0xb8, 0xfc, 0xdc, 0xa8,
+    0xa8, 0x96, 0x07, 0x02, 0xb4, 0x6e, 0x76, 0xd0, 0x4d, 0x02, 0xa0, 0x3a, 0x50, 0x26, 0x4f, 0x85,
+    0x58, 0xe9, 0xc2, 0x9b, 0xd6, 0x68, 0x13, 0x0c, 0xfb, 0x9b, 0x71, 0x44, 0xd9, 0xca, 0x60, 0x8c,
+    0x88, 0xa1, 0x46, 0x34, 0x53, 0x05, 0xb6, 0xb2, 0xed, 0x34, 0x58, 0x41, 0x2c, 0x9a, 0xd9, 0xec,
+    0x9a, 0xd5, 0x36, 0x14, 0x42, 0x2a, 0xda, 0x2c, 0xb7, 0x14, 0xca, 0x67, 0x65, 0xbf, 0xa3, 0x6b,
+    0x69, 0x63, 0xfb, 0x4a, 0x03, 0x4b, 0xb5, 0xe9, 0x0e, 0x4a, 0x82, 0x9e, 0x41, 0xf4, 0x44, 0x19,
+    0x28, 0x4a, 0xc0, 0xda, 0xae, 0x01, 0xf0, 0x9b, 0x88, 0xda, 0xc6, 0x15, 0x63, 0x93, 0x52, 0xe2,
+    0x65, 0xc1, 0xdb, 0xd0, 0x8f, 0x14, 0x9d, 0x8d, 0x32, 0xd0, 0xa3, 0xc7, 0xb0, 0x2d, 0xe2, 0x36,
+    0xd5, 0xd0, 0x9c, 0x25, 0xe0, 0xc4, 0xbb, 0x95, 0x07, 0x25, 0x41, 0x4f, 0xc1, 0x7a, 0x22, 0xed,
+    0x7c, 0x01, 0x22, 0xdb, 0xf4, 0x36, 0xcb, 0xf3, 0x4f, 0xdb, 0x96, 0x08, 0x4b, 0x80, 0x94, 0x41,
+    0xbc, 0xb3, 0x67, 0x6f, 0xe3, 0x8f, 0x0e, 0x7c, 0x09, 0x6f, 0xc3, 0xd1, 0x80, 0x8e, 0x66, 0xf4,
+    0x38, 0xb0, 0x01, 0xc1, 0x3c, 0xd5, 0x90, 0xaa, 0xd8, 0xc1, 0xba, 0xc9, 0x5d, 0xcd, 0x19, 0x37,
+    0x4f, 0x05, 0xaa, 0x31, 0xa2, 0xee, 0x61, 0xb9, 0xb0, 0x31, 0x8b, 0x28, 0xa4, 0xc5, 0x81, 0x86,
+    0xe0, 0x85, 0x04, 0x82, 0xf0, 0xd2, 0x05, 0xed, 0xe6, 0x82, 0xad, 0xa2, 0xb7, 0xb2, 0x64, 0xdc,
+    0x27, 0x21, 0xe8, 0x87, 0x01, 0x39, 0xd2, 0xe6, 0xbb, 0x87, 0x7e, 0xcb, 0x3f, 0xed, 0x3c, 0xb6,
+    0x76, 0xf2, 0x12, 0x0c, 0x3e, 0xa7, 0xf7, 0xa5, 0x6d, 0x0c, 0x46, 0x9c, 0x23, 0xd4, 0x61, 0x98,
+    0x78, 0xde, 0x83, 0xad, 0x31, 0x03, 0xd3, 0x6e, 0x5b, 0xad, 0x89, 0x3f, 0xa5, 0x76, 0xf6, 0xe5,
+    0x89, 0xe6, 0xff, 0xc8, 0xf3, 0x99, 0xb0, 0x04, 0xe8, 0xc8, 0x2f, 0x3c, 0xf6, 0x46, 0x20, 0xc5,
+    0x8d, 0x39, 0x5e, 0xbe, 0x36, 0xac, 0xa8, 0x99, 0xfc, 0xbe, 0x30, 0x0b, 0x18, 0xb0, 0x42, 0x61,
+    0xaf, 0x80, 0xae, 0xb3, 0x52, 0x3c, 0x64, 0x54, 0x56, 0xb3, 0x26, 0x8a, 0x13, 0x77, 0xe5, 0x5a,
+    0x9f, 0x4d, 0x2e, 0x9e, 0x27, 0x83, 0xc4, 0x07, 0xa6, 0x9e, 0xa2, 0x2d, 0x51, 0x95, 0x38, 0xe6,
+    0x84, 0x03, 0x66, 0xae, 0xdf, 0x5a, 0x9e, 0xd6, 0xd1, 0xae, 0x79, 0x18, 0xdd, 0x43, 0x7f, 0xc3,
+    0xe6, 0xd4, 0x14, 0xcf, 0xb6, 0x1c, 0x11, 0xdf, 0xf8, 0xcf, 0x5c, 0x6f, 0x2e, 0x3f, 0x37, 0x2a,
+    0xf1, 0x38, 0x7c, 0x65, 0xc2, 0x9a, 0x63, 0x6a, 0xb3, 0x65, 0xa6, 0x03, 0x53, 0x30, 0xd6, 0x20,
+    0x63, 0x90, 0xcb, 0x9d, 0xc9, 0xda, 0x89, 0xbf, 0x2c, 0x9d, 0x52, 0x0a, 0x29, 0xa0, 0xb1, 0xc0,
+    0x51, 0xd3, 0xfa, 0x8b, 0x3f, 0x9e, 0x25, 0x43, 0xd6, 0x8b, 0x38, 0x57, 0x1c, 0x39, 0x5d, 0x2e,
+    0xc8, 0xcf, 0xc4, 0x58, 0x5e, 0xd3, 0xf5, 0x76, 0x6e, 0x58, 0x6b, 0xb7, 0xd4, 0x21, 0x36, 0x3e,
+    0x03, 0xc9, 0x08, 0xc7, 0x23, 0x67, 0x0a, 0x19, 0x0f, 0xc7, 0x99, 0x87, 0xad, 0xa7, 0xc8, 0x7b,
+    0xed, 0x60, 0x9d, 0xe4, 0xdc, 0x11, 0x2b, 0x3f, 0xdf, 0xe4, 0xfb, 0x86, 0x9c, 0xb7, 0x3b, 0xda,
+    0x70, 0xa3, 0x02, 0x41, 0x78, 0x69, 0xe3, 0x97, 0x73, 0x41, 0xb7, 0x51, 0xba, 0x59, 0x32, 0x6e,
+    0x3c, 0x6f, 0xa0, 0xb7, 0xf9, 0xe0, 0x88, 0x37, 0xcc, 0xb7, 0xa5, 0xfe, 0xb3, 0x3b, 0x7b, 0x93,
+    0x8e, 0xf0, 0x56, 0x79, 0x15, 0xcb, 0xa2, 0x80, 0xf3, 0x79, 0xa9, 0x8c, 0xb5, 0x17, 0x8a, 0x1a,
+    0xd9, 0x72, 0xbc, 0xbf, 0x6c, 0x9b, 0x93, 0xf1, 0x3b, 0xbf, 0x60, 0x16, 0x30, 0xa3, 0x84, 0xc2,
+    0x10, 0xfa, 0xc1, 0x1b, 0x92, 0xd4, 0x60, 0x31, 0x50, 0x1b, 0x7c, 0xdc, 0x3e, 0x5e, 0x4b, 0xd5,
+    0x1a, 0x09, 0xf1, 0xcc, 0x58, 0x45, 0x5c, 0x67, 0x72, 0xcc, 0xac, 0x48, 0x56, 0x0a, 0xbe, 0x0c,
+    0x9d, 0xc3, 0x9f, 0xa5, 0xa4, 0x78, 0xc8, 0xa8, 0xac, 0xa5, 0x4c, 0xd7, 0x26, 0xee, 0x09, 0xb4,
+    0xee, 0xa9, 0x95, 0x23, 0xff, 0x76, 0x21, 0x26, 0xd0, 0x23, 0x62, 0x01, 0x31, 0x10, 0xf3, 0xa1,
+    0xcb, 0x06, 0xcc, 0x9f, 0x7d, 0xb4, 0xff, 0x6f, 0x61, 0x9f, 0xf2, 0x30, 0x79, 0x86, 0xfe, 0x45,
+    0x97, 0x30, 0xaf, 0x72, 0x6e, 0xe9, 0xf4, 0xfe, 0x8e, 0x72, 0x9c, 0x43, 0x4e, 0xba, 0xfc, 0x6d,
+    0xc9, 0x88, 0x7d, 0xa4, 0xfe, 0x4f, 0xf3, 0xc0, 0x6b, 0xa4, 0x1c, 0xca, 0x0e, 0xfd, 0xcf, 0x17,
+    0x79, 0x99, 0x3a, 0x51, 0x91, 0x9f, 0xd5, 0xd8, 0x5e, 0x51, 0xfe, 0x42, 0x7f, 0xaa, 0x0f, 0xcc,
+    0xb2, 0x9f, 0xf6, 0xce, 0xec, 0x2b, 0x2a, 0xb7, 0x3f, 0xce, 0x0c, 0x72, 0x06, 0x2c, 0xf1, 0x89,
+    0x35, 0x55, 0x98, 0xa7, 0x10, 0x16, 0xbe, 0x78, 0xe1, 0xa7, 0xec, 0xed, 0x76, 0xc8, 0x46, 0x31,
+    0x6c, 0xfb, 0xe3, 0xc0, 0x66, 0xe2, 0xab, 0xc2, 0x1f, 0xc0, 0xea, 0xd4, 0x75, 0xde, 0xdf, 0x94,
+    0x9c, 0x84, 0x26, 0x59, 0x04, 0xe4, 0xce, 0x1e, 0xa9, 0x59, 0x3b, 0xaa, 0xfc, 0x32, 0xf0, 0x9d,
+    0x1b, 0x4e, 0x48, 0x30, 0xf8, 0xd9, 0x5a, 0xd1, 0x77, 0x30, 0xdb, 0x35, 0x8c, 0xd6, 0x47, 0x25,
+    0x05, 0x98, 0x18, 0x8a, 0x65, 0xa9, 0x1e, 0x2b, 0x11, 0x8a, 0x68, 0x4a, 0x34, 0x2a, 0x9b, 0x8d,
+    0x50, 0x94, 0x43, 0x77, 0x9f, 0x02, 0x23, 0xf5, 0xd3, 0x77, 0x4f, 0x2a, 0xc6, 0xe5, 0xa4, 0x07,
+    0xf0, 0x7f, 0xc5, 0x99, 0x62, 0x06, 0x65, 0xdc, 0xb6, 0x99, 0xd1, 0x7e, 0x89, 0xec, 0x2f, 0x09,
+    0xd1, 0x0f, 0x3d, 0x53, 0x25, 0xf1, 0xa3, 0x08, 0x13, 0x53, 0x5e, 0x78, 0x2f, 0x8c, 0x40, 0x49,
+    0x12, 0x74, 0x70, 0x20, 0x11, 0x2f, 0x6c, 0x9e, 0x5a, 0x20, 0x92, 0x26, 0x49, 0x25, 0x7a, 0x87,
+    0x87, 0xca, 0x6e, 0x69, 0xfc, 0x3d, 0x94, 0xcf, 0xde, 0x69, 0xe0, 0x9f, 0x70, 0xe4, 0xb7, 0xb8,
+    0x08, 0x7d, 0x81, 0xec, 0x49, 0x6a, 0x30, 0xf9, 0x28, 0xec, 0x3e, 0x6e, 0x1f, 0x2f, 0xc4, 0x8b,
+    0x59, 0xae, 0x7b, 0x67, 0x76, 0xf4, 0x15, 0xba, 0xfe, 0x67, 0x06, 0x39, 0x03, 0x16, 0x99, 0xa5,
+    0xfc, 0xdd, 0xe5, 0x03, 0xee, 0x59, 0x4d, 0xb8, 0x8a, 0x03, 0xf0, 0x27, 0x78, 0x35, 0x89, 0x26,
+    0x21, 0x70, 0xf8, 0xca, 0x47, 0xf7, 0xc6, 0xd4, 0xa5, 0xca, 0x8f, 0x06, 0xa6, 0x60, 0x6f, 0x40,
+    0x85, 0x44, 0xdf, 0x52, 0x7f, 0xc6, 0x98, 0x60, 0xd4, 0x52, 0x0e, 0x65, 0x07, 0x9f, 0x86, 0xea,
+    0x55, 0x0c, 0x5b, 0xfd, 0xfa, 0xab, 0x3d, 0xde, 0xc2, 0xfd, 0x27, 0x60, 0xf2, 0xcf, 0x3f, 0x8a,
+    0x4e, 0x42, 0x13, 0xcd, 0x02, 0x72, 0x67, 0x0f, 0xb5, 0xcd, 0xfc, 0x55, 0x7e, 0x19, 0x78, 0xaf,
+    0xec, 0x27, 0x24, 0x18, 0x7c, 0x8d, 0x2d, 0x89, 0xda, 0x18, 0x8c, 0xfb, 0x46, 0x6b, 0xc2, 0xf3,
+    0xfb, 0xcb, 0x4c, 0xb2, 0x08, 0x0b, 0x5f, 0x3c, 0x91, 0xb2, 0x76, 0x97, 0x3b, 0x64, 0x23, 0xf9,
+    0x36, 0x9c, 0x90, 0x60, 0x33, 0x71, 0xb4, 0x61, 0xee, 0x60, 0x75, 0x6a, 0xdb, 0x6f, 0x8e, 0x4a,
+    0x75, 0x3b, 0x1a, 0xcb, 0x1d, 0xc0, 0xfd, 0xbc, 0x62, 0xcb, 0xdf, 0x1b, 0x8e, 0x73, 0xa9, 0xe3,
+    0x37, 0xdb, 0x29, 0x9c, 0x93, 0xed, 0xb2, 0xd7, 0xeb, 0x9c, 0x02, 0x17, 0x01, 0xb3, 0x77, 0x63,
+    0x5c, 0x36, 0x63, 0xed, 0x13, 0x5d, 0x0b, 0x91, 0xef, 0xed, 0x6e, 0x73, 0x37, 0x3c, 0x02, 0x28,
+    0xf6, 0x2e, 0xd5, 0xd4, 0x24, 0xc8, 0x71, 0xee, 0xa8, 0xd4, 0x20, 0xb3, 0x10, 0x61, 0x7c, 0xff,
+    0xf4, 0xa0, 0x64, 0xef, 0xa7, 0x33, 0x7d, 0x41, 0xa2, 0xef, 0xce, 0x49, 0x67, 0x1a, 0x4d, 0xad,
+    0xcd, 0x57, 0xdc, 0xd2, 0x3b, 0x7a, 0xeb, 0x5d, 0x7f, 0xd2, 0x03, 0xfd, 0xe0, 0x0b, 0xad, 0xb3,
+    0x6b, 0xed, 0x4a, 0x71, 0x80, 0xb0, 0xb9, 0x46, 0x04, 0x71, 0x6c, 0x64, 0x36, 0x8f, 0x75, 0x4b,
+    0xa2, 0x65, 0x37, 0xd5, 0x7e, 0xff, 0x4a, 0x86, 0x6f, 0xd5, 0x70, 0xae, 0x38, 0x72, 0xba, 0x5c,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0xaa, 0x18, 0xb6, 0x39, 0x37, 0x95, 0x7a, 0x7f, 0x47, 0x39, 0x4e, 0xc0, 0x27, 0x5d, 0x7e, 0xd7,
+    0x71, 0xe4, 0xbb, 0xbd, 0xd8, 0xf5, 0xe5, 0x21, 0x76, 0xbd, 0xc0, 0x2c, 0x60, 0x85, 0xcb, 0x47,
+    0x42, 0xe0, 0x33, 0x57, 0x8e, 0x2d, 0x4f, 0x6b, 0x89, 0x57, 0xdd, 0x0c, 0x8f, 0xc0, 0xde, 0x80,
+  },
+  { /* 4 */
+    0xc2, 0x36, 0xbf, 0xb8, 0xb8, 0xed, 0xf8, 0xa5, 0xff, 0x6a, 0x2d, 0xa5, 0x4a, 0x84, 0x52, 0x5c,
+    0x95, 0x8b, 0xd1, 0x9a, 0x9a, 0x0a, 0x38, 0x2d, 0x73, 0xc6, 0x2f, 0x2d, 0x97, 0x24, 0xdb, 0x4d,
+    0xa6, 0x30, 0x54, 0xed, 0xed, 0x72, 0xdb, 0x32, 0x62, 0xa7, 0x28, 0x32, 0xbc, 0x57, 0x26, 0x97,
+    0x27, 0xcf, 0x12, 0x53, 0x53, 0x58, 0x5c, 0x8f, 0x1d, 0x07, 0x49, 0x8f, 0xe1, 0x72, 0x4a, 0xc8,
+    0xe0, 0xe4, 0xf8, 0xe2, 0xe2, 0xbd, 0xfb, 0x0e, 0xe1, 0x95, 0x96, 0x0e, 0x78, 0x67, 0x45, 0x71,
+    0x86, 0x51, 0x31, 0x0c, 0x0c, 0x4d, 0xfe, 0x30, 0xc3, 0x57, 0x98, 0x30, 0x2e, 0x81, 0x7c, 0x06,
+    0x06, 0x16, 0x66, 0x0e, 0x0e, 0xb1, 0x6a, 0x38, 0x02, 0x11, 0x1d, 0x38, 0x23, 0x5f, 0xd7, 0x07,
+    0x5d, 0x87, 0xc4, 0x30, 0x30, 0xf7, 0x7e, 0xc0, 0x8a, 0x9f, 0x25, 0xc0, 0xb8, 0x41, 0x33, 0x18,
+    0x09, 0x31, 0x99, 0x15, 0x15, 0xa9, 0x8b, 0x54, 0x07, 0xda, 0xc8, 0x54, 0x95, 0x2f, 0x30, 0xeb,
+    0x78, 0xfb, 0xf4, 0xd8, 0xd8, 0xc0, 0x04, 0xe6, 0x28, 0x97, 0x67, 0xe6, 0xf9, 0x06, 0x34, 0x6c,
+    0xf4, 0x90, 0x6f, 0xc6, 0xc6, 0x9d, 0x44, 0x9e, 0xed, 0xf3, 0xd8, 0x9e, 0xb2, 0x66, 0xf2, 0x63,
+    0x16, 0xc7, 0xb5, 0x9f, 0x9f, 0x4f, 0x99, 0x39, 0xb3, 0x69, 0x45, 0x39, 0x6a, 0x34, 0xfa, 0xae,
+    0x19, 0xe0, 0x4a, 0x84, 0x84, 0x57, 0x78, 0x55, 0xb6, 0xa2, 0x90, 0x55, 0xdc, 0x44, 0x1d, 0x42,
+    0xec, 0xc8, 0x34, 0xfe, 0xfe, 0x1c, 0x2f, 0x7e, 0xe5, 0xb7, 0xac, 0x7e, 0x3e, 0xd9, 0x28, 0x7f,
+    0x69, 0x92, 0x36, 0xf5, 0xf5, 0xe8, 0xe4, 0x52, 0x27, 0x09, 0xdb, 0x52, 0xe0, 0x96, 0xde, 0x9b,
+    0x04, 0xa5, 0x44, 0xb5, 0xb5, 0xde, 0x4c, 0x91, 0xbd, 0x1e, 0x16, 0x91, 0x83, 0x6a, 0x9a, 0xbb,
+    0x8f, 0x60, 0xa8, 0x19, 0x19, 0xe4, 0x75, 0x64, 0xc4, 0x8d, 0x50, 0x64, 0xbb, 0xae, 0x4c, 0xed,
+    0x30, 0xb0, 0xb6, 0x70, 0x70, 0xc1, 0xd6, 0x03, 0x10, 0x88, 0xe8, 0x03, 0xdb, 0xbd, 0x77, 0x38,
+    0x39, 0x81, 0x2f, 0x65, 0x65, 0x68, 0x5d, 0x57, 0x17, 0x52, 0x20, 0x57, 0x4e, 0x92, 0x47, 0xd3,
+    0xe9, 0xd5, 0x61, 0xf7, 0xf7, 0x14, 0x70, 0x5a, 0xe6, 0x4f, 0x5e, 0x5a, 0xed, 0x48, 0x75, 0x9a,
+    0x03, 0x0b, 0x33, 0x07, 0x07, 0xb9, 0x35, 0x1c, 0x01, 0xe9, 0xef, 0x1c, 0xf0, 0xce, 0x8a, 0xe2,
+    0xcf, 0xa2, 0x62, 0x18, 0x18, 0x9a, 0x3f, 0x60, 0x45, 0xae, 0xf3, 0x60, 0x5c, 0xc1, 0xf8, 0x0c,
+    0x70, 0x72, 0x7c, 0x71, 0x71, 0xbf, 0x9c, 0x07, 0x91, 0xab, 0x4b, 0x07, 0x3c, 0xd2, 0xc3, 0xd9,
+    0x43, 0xc9, 0xf9, 0x06, 0x06, 0xc7, 0x7f, 0x18, 0x80, 0xca, 0x4c, 0x18, 0x17, 0xa1, 0x3e, 0x03,
+    0x55, 0x0e, 0x4c, 0x99, 0x99, 0x88, 0xe6, 0x21, 0x33, 0xa3, 0x09, 0x21, 0x7d, 0x95, 0xc4, 0xad,
+    0x2c, 0x4d, 0xa9, 0xfd, 0xfd, 0x9e, 0xf1, 0x72, 0xa5, 0xd2, 0x8a, 0x72, 0xd4, 0x68, 0x37, 0x9f,
+    0x12, 0x62, 0xf1, 0x2a, 0x2a, 0x91, 0xd5, 0xa8, 0x0e, 0x77, 0x53, 0xa8, 0xe9, 0x5e, 0x60, 0x15,
+    0x8e, 0xd8, 0xb9, 0xa5, 0xa5, 0x32, 0x66, 0xd1, 0x7a, 0x6b, 0xb4, 0xd1, 0xeb, 0x55, 0x8b, 0xb3,
+    0xd5, 0x49, 0x1b, 0x9b, 0x9b, 0x74, 0x72, 0x29, 0xf2, 0xe5, 0x8c, 0x29, 0x70, 0x4b, 0x6f, 0xac,
+    0x3d, 0x24, 0x6b, 0xd0, 0xd0, 0xb6, 0x11, 0xc6, 0xaa, 0x4c, 0x36, 0xc6, 0xcd, 0xf8, 0xdd, 0x68,
+    0xd2, 0xe7, 0x6c, 0x29, 0x29, 0x13, 0x0b, 0xa4, 0x4e, 0x12, 0x75, 0xa4, 0x03, 0xef, 0x7f, 0xf5,
+    0x76, 0x64, 0x1a, 0x7f, 0x7f, 0x0e, 0xf6, 0x3f, 0x93, 0xba, 0x56, 0x3f, 0x1f, 0x8d, 0x14, 0xde,
+    0x18, 0x58, 0x5b, 0x38, 0x38, 0x81, 0x6b, 0xe0, 0x08, 0x44, 0x74, 0xe0, 0x8c, 0xbf, 0xda, 0x1c,
+    0x35, 0xad, 0xe3, 0x79, 0x79, 0xc9, 0x89, 0x27, 0x13, 0x70, 0x1a, 0x27, 0x08, 0x2c, 0x2a, 0xdd,
+    0x07, 0xae, 0x77, 0xb2, 0xb2, 0x67, 0x79, 0x8d, 0xbc, 0xf7, 0xf9, 0x8d, 0x73, 0xa4, 0x10, 0x59,
+    0xc0, 0x85, 0x9d, 0x03, 0x03, 0x82, 0xde, 0x0c, 0x40, 0x65, 0x26, 0x0c, 0xea, 0xb1, 0x1f, 0xe0,
+    0xf7, 0x9b, 0x5c, 0xc1, 0xc1, 0x24, 0x71, 0x82, 0xec, 0x1a, 0x37, 0x82, 0x42, 0xa8, 0x78, 0x81,
+    0xb8, 0x7e, 0x69, 0xdb, 0xdb, 0x42, 0xda, 0xea, 0x68, 0xf2, 0x41, 0xea, 0x13, 0xb7, 0x2b, 0x8c,
+    0x72, 0xc1, 0x5e, 0xca, 0xca, 0xd0, 0xba, 0xae, 0x2e, 0xa4, 0x40, 0xae, 0x9c, 0xe7, 0x8e, 0x65,
+    0x11, 0x69, 0xc2, 0x2d, 0x2d, 0x28, 0xe0, 0xb4, 0x0f, 0x9e, 0xbc, 0xb4, 0x19, 0x90, 0xea, 0xf7,
+    0xb4, 0x52, 0xa5, 0xc7, 0xc7, 0xe3, 0x0e, 0x9a, 0x6c, 0xd0, 0x7b, 0x9a, 0x55, 0x09, 0x46, 0x82,
+    0xff, 0x12, 0xd4, 0x68, 0x68, 0x5b, 0xe9, 0x63, 0x55, 0x26, 0x1b, 0x63, 0x87, 0x7c, 0x8f, 0x34,
+    0x1a, 0xeb, 0x79, 0x83, 0x83, 0xee, 0x4d, 0x49, 0xb7, 0x4b, 0x7f, 0x49, 0x2c, 0x8a, 0x97, 0xa0,
+    0x48, 0x4b, 0x42, 0xa8, 0xa8, 0x01, 0xd2, 0xe5, 0x38, 0x1f, 0x8f, 0xe5, 0x22, 0xbb, 0x43, 0x54,
+    0xaa, 0x1c, 0x98, 0xf1, 0xf1, 0xd3, 0x0f, 0x42, 0x66, 0x85, 0x12, 0x42, 0xfa, 0xe9, 0x4b, 0x99,
+    0x58, 0x9a, 0x91, 0x39, 0x39, 0xff, 0x21, 0xe4, 0x89, 0x67, 0xd7, 0xe4, 0x6b, 0xd0, 0x6e, 0xfd,
+    0x93, 0x9d, 0xb7, 0x94, 0x94, 0xbb, 0x52, 0x15, 0x71, 0xd7, 0x32, 0x15, 0xb4, 0x7b, 0x0c, 0x4a,
+    0x21, 0xd9, 0x74, 0x5d, 0x5d, 0xe9, 0x36, 0xb7, 0x1f, 0x16, 0x54, 0xb7, 0xc2, 0x2d, 0x9d, 0xcf,
+    0xdd, 0xc0, 0x93, 0x32, 0x32, 0x0b, 0xea, 0xc8, 0x4b, 0xd9, 0xa0, 0xc8, 0xb5, 0x9f, 0x98, 0x19,
+    0x60, 0xa3, 0xaf, 0xe0, 0xe0, 0x41, 0x6f, 0x06, 0x20, 0xd3, 0x13, 0x06, 0x75, 0xb9, 0xee, 0x70,
+    0x0c, 0x2c, 0xcc, 0x1c, 0x1c, 0xa1, 0xd4, 0x70, 0x04, 0x22, 0x3a, 0x70, 0x46, 0xbe, 0x6d, 0x0e,
+    0xc4, 0x20, 0xd9, 0xb6, 0xb6, 0x5c, 0x92, 0x9d, 0xfd, 0x7b, 0x30, 0x9d, 0x69, 0xdb, 0x85, 0x5b,
+    0x9a, 0xac, 0x2e, 0x81, 0x81, 0x12, 0xd9, 0x41, 0x76, 0x0d, 0xfa, 0x41, 0x21, 0x54, 0x3c, 0xa1,
+    0x5c, 0x3f, 0xd5, 0x8c, 0x8c, 0x21, 0x6d, 0x75, 0x34, 0x79, 0xc1, 0x75, 0xe8, 0xba, 0xf4, 0x46,
+    0x53, 0x18, 0x2a, 0x97, 0x97, 0x39, 0x8c, 0x19, 0x31, 0xb2, 0x14, 0x19, 0x5e, 0xca, 0x13, 0xaa,
+    0xcd, 0x11, 0x40, 0xa3, 0xa3, 0xf5, 0x19, 0xc9, 0xfa, 0xa1, 0xf8, 0xc9, 0xfc, 0xf4, 0xb5, 0xb0,
+    0x32, 0x03, 0x94, 0xcb, 0xcb, 0xae, 0xf0, 0xaa, 0xaf, 0x87, 0xe3, 0xaa, 0x7b, 0x88, 0x3a, 0x84,
+    0x1b, 0x53, 0x68, 0x3f, 0x3f, 0x38, 0x5e, 0xfc, 0x09, 0xad, 0x9b, 0xfc, 0x7c, 0x71, 0x50, 0xfe,
+    0x5a, 0x29, 0xb3, 0x82, 0x82, 0x90, 0x07, 0x4d, 0x36, 0x68, 0xdc, 0x4d, 0xcb, 0xe5, 0x23, 0x41,
+    0xa1, 0x9e, 0x23, 0x5f, 0x5f, 0x15, 0xa2, 0xbf, 0xde, 0x50, 0xd1, 0xbf, 0xcf, 0xf3, 0x36, 0xce,
+    0xe5, 0xf9, 0xad, 0xeb, 0xeb, 0xb5, 0xa4, 0x2a, 0xe2, 0x6d, 0x64, 0x2a, 0xab, 0xf6, 0x18, 0x94,
+    0x3c, 0x9c, 0x7a, 0x6c, 0x6c, 0x60, 0x02, 0x73, 0x14, 0xaa, 0xd2, 0x73, 0x9d, 0x03, 0x1a, 0x36,
+    0x97, 0x38, 0xf3, 0x21, 0x21, 0x65, 0x1e, 0x84, 0xcc, 0xc9, 0x24, 0x84, 0x37, 0x11, 0x96, 0xf1,
+    0xce, 0x1a, 0x73, 0xa4, 0xa4, 0x4c, 0x2c, 0xd5, 0xfb, 0x48, 0x17, 0xd5, 0x0c, 0x3a, 0x3f, 0x52,
+    0x6d, 0x37, 0x72, 0x40, 0x40, 0x36, 0xa8, 0xc3, 0x9a, 0x17, 0xcd, 0xc3, 0x63, 0xfc, 0x44, 0x20,
+    0x62, 0x10, 0x8d, 0x5b, 0x5b, 0x2e, 0x49, 0xaf, 0x9f, 0xdc, 0x18, 0xaf, 0xd5, 0x8c, 0xa3, 0xcc,
+    0xf5, 0x28, 0x7e, 0x7a, 0x7a, 0x4b, 0x57, 0x2b, 0x53, 0x15, 0x3c, 0x2b, 0xe2, 0x9d, 0x35, 0x3d,
+    0xb7, 0x59, 0x96, 0xc0, 0xc0, 0x5a, 0x3b, 0x86, 0x6d, 0x39, 0x94, 0x86, 0xa5, 0xc7, 0xcc, 0x60,
+    0xe2, 0x57, 0xda, 0x59, 0x59, 0xd2, 0xdd, 0xa7, 0x5e, 0x9a, 0x9d, 0xa7, 0xd8, 0x52, 0x08, 0xcd,
+    0x41, 0x7a, 0xdb, 0xbd, 0xbd, 0xa8, 0x59, 0xb1, 0x3f, 0xc5, 0x47, 0xb1, 0xb7, 0x94, 0x73, 0xbf,
+    0x71, 0xca, 0x6d, 0xcd, 0xcd, 0x69, 0x8f, 0xb2, 0x2f, 0x4d, 0xaf, 0xb2, 0x6c, 0x29, 0x04, 0x87,
+    0xf9, 0x04, 0xb2, 0x66, 0x66, 0xea, 0x83, 0x5b, 0x57, 0x37, 0x06, 0x5b, 0xa4, 0x23, 0x58, 0x33,
+    0xea, 0xde, 0x52, 0xf0, 0xf0, 0xad, 0x45, 0x46, 0xe7, 0xa6, 0xb1, 0x46, 0x1d, 0x86, 0xff, 0x78,
+    0xae, 0xb9, 0xdc, 0x44, 0x44, 0x0d, 0x43, 0xd3, 0xdb, 0x9b, 0x04, 0xd3, 0x79, 0x83, 0xd1, 0x22,
+    0xe4, 0x41, 0xbc, 0x57, 0x57, 0x63, 0xb7, 0x9f, 0x5c, 0x8b, 0x80, 0x9f, 0xfb, 0x0d, 0xdf, 0xca,
+    0x0b, 0x82, 0xbb, 0xae, 0xae, 0xc6, 0xad, 0xfd, 0xb8, 0xd5, 0xc3, 0xfd, 0x35, 0x1a, 0x7d, 0x57,
+    0xde, 0xcb, 0xa0, 0x35, 0x35, 0xb2, 0xdf, 0xd4, 0x4a, 0x30, 0x4f, 0xd4, 0x45, 0x51, 0x12, 0xfb,
+    0xf0, 0x35, 0x2b, 0x73, 0x73, 0x43, 0x08, 0x0f, 0x50, 0xed, 0xce, 0x0f, 0x31, 0x0c, 0x68, 0xd8,
+    0xd4, 0xf1, 0x0a, 0x27, 0x27, 0xa2, 0x61, 0x9c, 0x4c, 0x03, 0x68, 0x9c, 0x20, 0xb0, 0xa8, 0xf2,
+    0xb5, 0xea, 0xb4, 0x7b, 0x7b, 0x35, 0x1d, 0x2f, 0xd2, 0x36, 0x9f, 0x2f, 0x05, 0xf2, 0x81, 0xdc,
+    0xa4, 0x83, 0x76, 0x56, 0x56, 0x1d, 0xfd, 0x9b, 0xdd, 0xa8, 0x23, 0x9b, 0x1c, 0x62, 0x6b, 0x2b,
+    0xba, 0xcd, 0x4b, 0x60, 0x60, 0x2d, 0xfc, 0x43, 0xd7, 0xfd, 0x4a, 0x43, 0xb3, 0x82, 0x66, 0x30,
+    0xe8, 0x6d, 0x70, 0x4b, 0x4b, 0xc2, 0x63, 0xef, 0x58, 0xa9, 0xba, 0xef, 0xbd, 0xb3, 0xb2, 0xc4,
+    0x0e, 0x9f, 0xee, 0xa7, 0xa7, 0xce, 0xf2, 0xd9, 0xbb, 0x2d, 0x31, 0xd9, 0xe6, 0x8b, 0x20, 0xb2,
+    0x9c, 0xba, 0x48, 0x8f, 0x8f, 0xa3, 0xb3, 0x79, 0x74, 0x1c, 0xe7, 0x79, 0x02, 0x0b, 0xeb, 0xa6,
+    0x31, 0x08, 0xa7, 0xcc, 0xcc, 0x17, 0xc5, 0xb6, 0xae, 0x6e, 0x0c, 0xb6, 0x8b, 0x46, 0xb0, 0x66,
+    0x79, 0x43, 0xe5, 0x64, 0x64, 0x16, 0x17, 0x53, 0x96, 0x71, 0x83, 0x53, 0xa9, 0xfd, 0xf3, 0x32,
+    0xfc, 0x19, 0xe7, 0x6f, 0x6f, 0xe2, 0xdc, 0x7f, 0x54, 0xcf, 0xf4, 0x7f, 0x77, 0xb2, 0x05, 0xd6,
+    0x4d, 0x56, 0x17, 0xa1, 0xa1, 0x09, 0x8d, 0xc1, 0x3b, 0xe7, 0x7d, 0xc1, 0xf1, 0x2a, 0x1e, 0xb1,
+    0xdb, 0xd6, 0xf5, 0x3c, 0x3c, 0xba, 0x80, 0xf0, 0x49, 0xc8, 0xbd, 0xf0, 0x96, 0xc0, 0x4f, 0x1e,
+    0x75, 0x6f, 0x29, 0x78, 0x78, 0xb7, 0xc3, 0x23, 0x92, 0x53, 0xb9, 0x23, 0xef, 0x43, 0x9e, 0x3c,
+    0x68, 0x2a, 0x27, 0x49, 0x49, 0x3e, 0xf7, 0xe7, 0x99, 0xef, 0x3f, 0xe7, 0xb0, 0x6d, 0x19, 0xc5,
+    0x15, 0xcc, 0x86, 0x98, 0x98, 0xf6, 0xac, 0x25, 0xb2, 0x80, 0xaa, 0x25, 0x9a, 0xfa, 0x70, 0x4c,
+    0xa9, 0x17, 0xab, 0xf6, 0xf6, 0x6a, 0x3a, 0x5e, 0x67, 0x6c, 0xfd, 0x5e, 0x0a, 0x27, 0xc1, 0x7b,
+    0x01, 0xb8, 0x11, 0xbc, 0xbc, 0xd6, 0x13, 0xb5, 0xbe, 0xe6, 0xe4, 0xb5, 0x50, 0xfb, 0xc7, 0x5e,
+    0x23, 0x6a, 0x56, 0xe6, 0xe6, 0x86, 0x10, 0x1e, 0xa0, 0x19, 0x5f, 0x1e, 0x62, 0x18, 0xd0, 0x73,
+    0xb2, 0x44, 0xc3, 0xc9, 0xc9, 0x52, 0x64, 0xa2, 0x6e, 0xc1, 0x66, 0xa2, 0x76, 0x56, 0x91, 0x85,
+    0x6e, 0x3c, 0x41, 0x47, 0x47, 0x8f, 0x9d, 0xdf, 0x9b, 0xfe, 0x22, 0xdf, 0x93, 0x32, 0xce, 0xc2,
+    0xf2, 0x86, 0x09, 0xc8, 0xc8, 0x2c, 0x2e, 0xa6, 0xef, 0xe2, 0xc5, 0xa6, 0x91, 0x39, 0x25, 0x64,
+    0x3b, 0x32, 0x0d, 0xde, 0xde, 0x07, 0x7b, 0xfe, 0xa8, 0x5d, 0x2b, 0xfe, 0xee, 0xa7, 0x0a, 0x6f,
+    0x52, 0xa0, 0x3b, 0x2b, 0x2b, 0xef, 0x9f, 0xac, 0x8f, 0x54, 0xf0, 0xac, 0x0e, 0x31, 0xd4, 0xf4,
+    0x65, 0xbe, 0xfa, 0xe9, 0xe9, 0x49, 0x30, 0x22, 0x23, 0x2b, 0xe1, 0x22, 0xa6, 0x28, 0xb3, 0x95,
+    0x4b, 0x40, 0x71, 0xaf, 0xaf, 0xb8, 0xe7, 0xf9, 0x39, 0xf6, 0x60, 0xf9, 0xd2, 0x75, 0xc9, 0xb6,
+    0x38, 0x39, 0x3e, 0xd9, 0xd9, 0xbe, 0x4e, 0xe2, 0xa9, 0xb4, 0xc4, 0xe2, 0x1e, 0x69, 0x80, 0x8d,
+    0x2a, 0x5b, 0xcf, 0xf3, 0xf3, 0x2f, 0x9b, 0x4a, 0xa7, 0xc3, 0x97, 0x4a, 0xf7, 0x37, 0xe0, 0x98,
+    0x91, 0x2e, 0x95, 0x2f, 0x2f, 0xd4, 0x74, 0xbc, 0xce, 0xd8, 0x39, 0xbc, 0x14, 0x4e, 0x41, 0xf6,
+    0xd6, 0x42, 0x28, 0x9c, 0x9c, 0xcd, 0x47, 0x35, 0xf3, 0x0c, 0x63, 0x35, 0x80, 0x85, 0xe5, 0x4e,
+    0xfd, 0xa1, 0xf6, 0xd3, 0xd3, 0x34, 0xcf, 0xca, 0xea, 0x29, 0x10, 0xca, 0x27, 0x49, 0xc2, 0x88,
+    0xf8, 0xbc, 0xa3, 0xda, 0xda, 0x3c, 0x90, 0xee, 0xe9, 0xd1, 0xe2, 0xee, 0xf4, 0xd8, 0x9f, 0x6d,
+    0x8c, 0x6b, 0x9b, 0x1e, 0x1e, 0x5d, 0x40, 0x78, 0xc5, 0x64, 0xbf, 0x78, 0x4b, 0x60, 0xc6, 0x0f,
+    0x50, 0x13, 0x19, 0x90, 0x90, 0x80, 0xb9, 0x05, 0x30, 0x5b, 0xfb, 0x05, 0xae, 0x04, 0x99, 0x48,
+    0x7f, 0x55, 0x83, 0x6a, 0x6a, 0xa7, 0x7d, 0x6b, 0x94, 0x60, 0x9e, 0x6b, 0x8a, 0xa2, 0x24, 0x35,
+    0x59, 0x22, 0x80, 0x85, 0x85, 0x29, 0x32, 0x51, 0x37, 0x81, 0x33, 0x51, 0x3b, 0x2b, 0xa9, 0xa3,
+    0x08, 0x89, 0x88, 0xa9, 0xa9, 0x7f, 0x98, 0xe1, 0xb9, 0x3c, 0x2c, 0xe1, 0xc5, 0xd4, 0xf7, 0xb5,
+    0xd9, 0x65, 0xd7, 0x87, 0x87, 0xd5, 0xa6, 0x59, 0xf6, 0xc7, 0xb6, 0x59, 0x36, 0xf5, 0x02, 0xa2,
+    0xa2, 0x95, 0x10, 0x58, 0x58, 0xac, 0x97, 0xa3, 0xdf, 0xb9, 0x3e, 0xa3, 0x3f, 0x3d, 0xbc, 0x2c,
+    0xfb, 0xb7, 0x90, 0xdd, 0xdd, 0x85, 0xa5, 0xf2, 0xe8, 0x38, 0x0d, 0xf2, 0x04, 0x16, 0x15, 0x8f,
+    0x1c, 0xfd, 0x1f, 0x8d, 0x8d, 0x5f, 0x27, 0x71, 0xb5, 0x5a, 0x62, 0x71, 0x0f, 0xd5, 0x40, 0xa7,
+    0x29, 0x50, 0xfc, 0xf4, 0xf4, 0x96, 0xae, 0x56, 0xa6, 0x2a, 0x78, 0x56, 0x07, 0xf9, 0x6a, 0x7a,
+    0xd3, 0x5f, 0x7d, 0x95, 0x95, 0xc5, 0x18, 0x11, 0xf0, 0xf4, 0x91, 0x11, 0x53, 0x14, 0xb8, 0xab,
+    0x6f, 0x84, 0x50, 0xfb, 0xfb, 0x59, 0x8e, 0x6a, 0x25, 0x18, 0xc6, 0x6a, 0xc3, 0xc9, 0x09, 0x9c,
+    0x47, 0x6c, 0xbd, 0xb3, 0xb3, 0x19, 0x33, 0x89, 0x3d, 0xd4, 0x5a, 0x89, 0x94, 0xcb, 0xa4, 0xb8,
+    0x54, 0xb6, 0x5d, 0x25, 0x25, 0x5e, 0xf5, 0x94, 0x8d, 0x45, 0xed, 0x94, 0x2d, 0x6e, 0x03, 0xf3,
+    0x9f, 0xb1, 0x7b, 0x88, 0x88, 0x1a, 0x86, 0x65, 0x75, 0xf5, 0x08, 0x65, 0xf2, 0xc5, 0x61, 0x44,
+    0x17, 0x7f, 0xa4, 0x23, 0x23, 0x99, 0x8a, 0x8c, 0x0d, 0x8f, 0xa1, 0x8c, 0x3a, 0xcf, 0x3d, 0xf0,
+    0xe1, 0x5c, 0xe9, 0x5e, 0x5e, 0x6b, 0xe8, 0xbb, 0x5f, 0x73, 0x72, 0xbb, 0x28, 0x9c, 0x82, 0x2f,
+    0x7c, 0x5e, 0xb0, 0x6d, 0x6d, 0x1e, 0x48, 0x77, 0x95, 0x89, 0x71, 0x77, 0x7a, 0x6c, 0xae, 0xd7,
+    0x46, 0xd4, 0xac, 0x0f, 0x0f, 0xcf, 0x20, 0x3c, 0x83, 0x32, 0xbe, 0x3c, 0xc4, 0x30, 0x63, 0xe6,
+    0xbc, 0xdb, 0x2d, 0x6e, 0x6e, 0x9c, 0x96, 0x7b, 0xd5, 0xec, 0x57, 0x7b, 0x90, 0xdd, 0xb1, 0x37,
+    0xc5, 0x98, 0xc8, 0x0a, 0x0a, 0x8a, 0x81, 0x28, 0x43, 0x9d, 0xd4, 0x28, 0x39, 0x20, 0x42, 0x05,
+    0x22, 0xd2, 0x47, 0x5a, 0x5a, 0x50, 0x03, 0xab, 0x1e, 0xff, 0xbb, 0xab, 0x32, 0xe3, 0x17, 0x2d,
+    0xbe, 0x68, 0x0f, 0xd5, 0xd5, 0xf3, 0xb0, 0xd2, 0x6a, 0xe3, 0x5c, 0xd2, 0x30, 0xe8, 0xfc, 0x8b,
+    0x96, 0x80, 0xe2, 0x9d, 0x9d, 0xb3, 0x0d, 0x31, 0x72, 0x2f, 0xc0, 0x31, 0x67, 0xea, 0x51, 0xaf,
+    0x7e, 0xed, 0x92, 0xd6, 0xd6, 0x71, 0x6e, 0xde, 0x2a, 0x86, 0x7a, 0xde, 0xda, 0x59, 0xe3, 0x6b,
+    0x1d, 0x45, 0x0e, 0x31, 0x31, 0x89, 0x34, 0xc4, 0x0b, 0xbc, 0x86, 0xc4, 0x5f, 0x2e, 0x87, 0xf9,
+    0xb9, 0xc6, 0x78, 0x67, 0x67, 0x94, 0xc9, 0x5f, 0xd6, 0x14, 0xa5, 0x5f, 0x43, 0x4c, 0xec, 0xd2,
+    0x9d, 0x02, 0x59, 0x33, 0x33, 0x75, 0xa0, 0xcc, 0xca, 0xfa, 0x03, 0xcc, 0x52, 0xf0, 0x2c, 0xf8,
+    0xad, 0xb2, 0xef, 0x43, 0x43, 0xb4, 0x76, 0xcf, 0xda, 0x72, 0xeb, 0xcf, 0x89, 0x4d, 0x5b, 0xc0,
+    0x6c, 0x8f, 0x63, 0xfc, 0xfc, 0xe0, 0xbb, 0x76, 0x24, 0xf1, 0x29, 0x76, 0x33, 0x07, 0x83, 0x7e,
+    0x85, 0x5a, 0x02, 0x0b, 0x0b, 0xf4, 0xcb, 0x2c, 0xc2, 0xbe, 0x77, 0x2c, 0xde, 0x4f, 0xf6, 0xe4,
+    0xd1, 0xec, 0x5f, 0x2e, 0x2e, 0xaa, 0x3e, 0xb8, 0x4f, 0xfb, 0x9a, 0xb8, 0xf3, 0x21, 0xf5, 0x17,
+    0x1e, 0x4e, 0x3d, 0x36, 0x36, 0x30, 0x01, 0xd8, 0x0a, 0x55, 0x69, 0xd8, 0xaf, 0xe0, 0x0d, 0x1b,
+    0xa5, 0x3b, 0x67, 0xea, 0xea, 0xcb, 0xee, 0x2e, 0x63, 0x4e, 0xc7, 0x2e, 0x4c, 0x99, 0xac, 0x75,
+    0xe6, 0xf2, 0x9e, 0xec, 0xec, 0x0c, 0x91, 0x36, 0xe3, 0x84, 0x8b, 0x36, 0x5b, 0x38, 0x92, 0x76,
+    0x2e, 0xfe, 0x8b, 0x46, 0x46, 0xf1, 0xd7, 0xdb, 0x1a, 0xdd, 0x81, 0xdb, 0x74, 0x5d, 0x7a, 0x23,
+    0x5f, 0x34, 0xe6, 0x8b, 0x8b, 0x98, 0x58, 0x69, 0x35, 0x90, 0x2e, 0x69, 0x18, 0x74, 0x7e, 0xa4,
+    0x61, 0x1b, 0xbe, 0x5c, 0x5c, 0x97, 0x7c, 0xb3, 0x9e, 0x35, 0xf7, 0xb3, 0x25, 0x42, 0x29, 0x2e,
+    0x83, 0x4c, 0x64, 0x05, 0x05, 0x45, 0xa1, 0x14, 0xc0, 0xaf, 0x6a, 0x14, 0xfd, 0x10, 0x21, 0xe3,
+    0x44, 0x67, 0x8e, 0xb4, 0xb4, 0xa0, 0x06, 0x95, 0x3c, 0x3d, 0xb5, 0x95, 0x64, 0x05, 0x2e, 0x5a,
+    0xb1, 0x4f, 0xf0, 0xce, 0xce, 0xeb, 0x51, 0xbe, 0x6f, 0x28, 0x89, 0xbe, 0x86, 0x98, 0x1b, 0x67,
+    0xef, 0xc3, 0x07, 0xf9, 0xf9, 0xa5, 0x1a, 0x62, 0xe4, 0x5e, 0x43, 0x62, 0xce, 0x17, 0xa2, 0x9d,
+    0x82, 0xf4, 0x75, 0xb9, 0xb9, 0x93, 0xb2, 0xa1, 0x7e, 0x49, 0x8e, 0xa1, 0xad, 0xeb, 0xe6, 0xbd,
+    0x36, 0xa6, 0xd0, 0x7e, 0x7e, 0x70, 0xbc, 0x3b, 0x12, 0x99, 0xf5, 0x3b, 0xf8, 0xe2, 0xa0, 0x3f,
+    0xa3, 0x2d, 0x01, 0xe4, 0xe4, 0x7a, 0x84, 0x16, 0x61, 0x5f, 0xda, 0x16, 0x6f, 0xc6, 0x7b, 0x72,
+    0xaf, 0x01, 0xcd, 0xf8, 0xf8, 0xdb, 0x50, 0x66, 0x65, 0x7d, 0xe0, 0x66, 0x29, 0x78, 0x16, 0x7c,
+    0x88, 0xce, 0xdf, 0xab, 0xab, 0x83, 0x0c, 0xe9, 0x78, 0x7a, 0xa9, 0xe9, 0xc8, 0x0a, 0x5c, 0xb4,
+    0x89, 0x76, 0xce, 0x17, 0x17, 0x55, 0x1f, 0x5c, 0xc6, 0x9c, 0x4d, 0x5c, 0x98, 0xf1, 0x9b, 0xea,
+    0x0f, 0x27, 0xff, 0x1b, 0x1b, 0x18, 0xe1, 0x6c, 0x05, 0xcb, 0xd5, 0x6c, 0xb6, 0x70, 0xe7, 0xec,
+    0x1f, 0xf6, 0x2c, 0x8a, 0x8a, 0xe6, 0x12, 0x6d, 0xb4, 0xb3, 0x8d, 0x6d, 0xff, 0x1b, 0xca, 0x45,
+    0x42, 0x71, 0xe8, 0xba, 0xba, 0x11, 0x6c, 0xad, 0x3e, 0x2c, 0xa8, 0xad, 0x47, 0x5a, 0xf9, 0x5d,
+    0xf6, 0x23, 0x4d, 0x7d, 0x7d, 0xf2, 0x62, 0x37, 0x52, 0xfc, 0xd3, 0x37, 0x12, 0x53, 0xbf, 0xdf,
+    0xdf, 0x73, 0xb1, 0x89, 0x89, 0x64, 0xcc, 0x61, 0xf4, 0xd6, 0xab, 0x61, 0x15, 0xaa, 0xd5, 0xa5,
+    0x3a, 0x8a, 0x1c, 0x62, 0x62, 0xd1, 0x68, 0x4b, 0x16, 0xbb, 0xcf, 0x4b, 0xbe, 0x5c, 0xcd, 0x31,
+    0xc1, 0x3d, 0x8c, 0xbf, 0xbf, 0x54, 0xcd, 0xb9, 0xfe, 0x83, 0xc2, 0xb9, 0xba, 0x4a, 0xd8, 0xbe,
+    0x28, 0xe8, 0xed, 0x48, 0x48, 0x40, 0xbd, 0xe3, 0x18, 0xcc, 0x9c, 0xe3, 0x57, 0x02, 0xad, 0x24,
+    0xf1, 0x8d, 0x3a, 0xcf, 0xcf, 0x95, 0x1b, 0xba, 0xee, 0x0b, 0x2a, 0xba, 0x61, 0xf7, 0xaf, 0x86,
+    0xcb, 0x07, 0x26, 0xad, 0xad, 0x44, 0x73, 0xf1, 0xf8, 0xb0, 0xe5, 0xf1, 0xdf, 0xab, 0x62, 0xb7,
+    0x92, 0x25, 0xa6, 0x28, 0x28, 0x6d, 0x41, 0xa0, 0xcf, 0x31, 0xd6, 0xa0, 0xe4, 0x80, 0xcb, 0x14,
+    0x87, 0xe9, 0x20, 0xb0, 0xb0, 0x9b, 0xed, 0x85, 0x7d, 0xb1, 0x7c, 0x85, 0x7e, 0x7a, 0xbb, 0x58,
+    0xe7, 0x4a, 0x8f, 0x50, 0x50, 0xda, 0x82, 0x83, 0x5d, 0x62, 0x6f, 0x83, 0x0b, 0xc3, 0x55, 0x28,
+    0x3e, 0x2f, 0x58, 0xd7, 0xd7, 0x0f, 0x24, 0xda, 0xab, 0xa5, 0xd9, 0xda, 0x3d, 0x36, 0x57, 0x8a,
+    0xfa, 0x0f, 0x81, 0x61, 0x61, 0x53, 0xb6, 0x47, 0x56, 0xde, 0xe9, 0x47, 0x54, 0xed, 0xd2, 0xd1,
+    0x0d, 0x94, 0xdd, 0xa0, 0xa0, 0x77, 0xc7, 0xc5, 0xba, 0xc4, 0xde, 0xc5, 0x16, 0x45, 0xaa, 0x50,
+    0x51, 0xab, 0x08, 0x2c, 0x2c, 0x56, 0xaa, 0xb0, 0x8e, 0xbd, 0x1f, 0xb0, 0xfe, 0xff, 0x5e, 0x16,
+    0xb6, 0xe1, 0x87, 0x7c, 0x7c, 0x8c, 0x28, 0x33, 0xd3, 0xdf, 0x70, 0x33, 0xf5, 0x3c, 0x0b, 0x3e,
+    0x7b, 0xf0, 0xc7, 0xdf, 0xdf, 0x79, 0x31, 0xfa, 0x29, 0x7e, 0x88, 0xfa, 0x09, 0xc8, 0xbe, 0x8e,
+    0x74, 0xd7, 0x38, 0xc4, 0xc4, 0x61, 0xd0, 0x96, 0x2c, 0xb5, 0x5d, 0x96, 0xbf, 0xb8, 0x59, 0x62,
+    0x3f, 0x97, 0x49, 0x6b, 0x6b, 0xd9, 0x37, 0x6f, 0x15, 0x43, 0x3d, 0x6f, 0x6d, 0xcd, 0x90, 0xd4,
+    0x2f, 0x46, 0x9a, 0xfa, 0xfa, 0x27, 0xc4, 0x6e, 0xa4, 0x3b, 0x65, 0x6e, 0x24, 0xa6, 0xbd, 0x7d,
+    0x7d, 0xe6, 0xa1, 0xd1, 0xd1, 0xc8, 0x5b, 0xc2, 0x2b, 0x6f, 0x95, 0xc2, 0x2a, 0x97, 0x69, 0x89,
+    0xbb, 0x75, 0x5a, 0xdc, 0xdc, 0xfb, 0xef, 0xf6, 0x69, 0x1b, 0xae, 0xf6, 0xe3, 0x79, 0xa1, 0x6e,
+    0x49, 0xf3, 0x53, 0x14, 0x14, 0xd7, 0xc1, 0x50, 0x86, 0xf9, 0x6b, 0x50, 0x72, 0x40, 0x84, 0x0a,
+    0x2b, 0xe3, 0xde, 0x4f, 0x4f, 0xf9, 0x88, 0xff, 0x19, 0x25, 0x73, 0xff, 0xa7, 0xcc, 0x27, 0xc6,
+    0x99, 0xa7, 0x1d, 0x86, 0x86, 0xab, 0xec, 0x5d, 0x77, 0xe4, 0x15, 0x5d, 0xd1, 0x9a, 0xb6, 0x43,
+    0x02, 0xb3, 0x22, 0xbb, 0xbb, 0x6f, 0x26, 0xa9, 0xbf, 0x0f, 0x0b, 0xa9, 0xa0, 0x35, 0x4d, 0xbc,
+    0x37, 0x1e, 0xc1, 0xc2, 0xc2, 0xa6, 0xaf, 0x8e, 0xac, 0x7f, 0x11, 0x8e, 0xa8, 0x19, 0x67, 0x61,
+    0xb3, 0xfc, 0xd2, 0x75, 0x75, 0x84, 0x77, 0x17, 0xd0, 0x27, 0x82, 0x17, 0x26, 0xad, 0x56, 0xdb,
+    0x73, 0x79, 0x4f, 0x76, 0x76, 0x06, 0xa9, 0x1b, 0x90, 0x42, 0xa4, 0x1b, 0xcc, 0x1c, 0x49, 0x3b,
+    0x64, 0x06, 0xeb, 0x55, 0x55, 0x9f, 0x23, 0x97, 0x9d, 0xcd, 0x05, 0x97, 0xf6, 0xd3, 0x74, 0xcb,
+    0xdc, 0x78, 0x82, 0x8e, 0x8e, 0xdd, 0xf9, 0x7d, 0xf5, 0x3f, 0x44, 0x7d, 0xe5, 0x64, 0x5f, 0x47,
+    0xd8, 0xdd, 0xc6, 0x3b, 0x3b, 0x03, 0xb5, 0xec, 0x48, 0x21, 0x52, 0xec, 0x66, 0x0e, 0xc5, 0xfc,
+    0xc9, 0xb4, 0x04, 0x16, 0x16, 0x2b, 0x55, 0x58, 0x47, 0xbf, 0xee, 0x58, 0x7f, 0x9e, 0x2f, 0x0b,
+    0xab, 0xa4, 0x89, 0x4d, 0x4d, 0x05, 0x1c, 0xf7, 0xd8, 0x63, 0xf6, 0xf7, 0xaa, 0x12, 0x8c, 0xc7,
+    0x33, 0xbb, 0x85, 0x77, 0x77, 0x78, 0xe3, 0x1f, 0x11, 0x61, 0x07, 0x1f, 0x2b, 0x73, 0xfd, 0xda,
+    0x6b, 0x21, 0x14, 0x4e, 0x4e, 0x87, 0xc2, 0xfb, 0x98, 0x06, 0xd0, 0xfb, 0x40, 0xa3, 0x93, 0x27,
+    0xcc, 0xa9, 0x51, 0x1f, 0x1f, 0x23, 0x0a, 0x7c, 0x44, 0x47, 0x1c, 0x7c, 0xac, 0x0f, 0x72, 0xee,
+    0x90, 0x96, 0x84, 0x93, 0x93, 0x02, 0x67, 0x09, 0x70, 0x3e, 0xdd, 0x09, 0x44, 0xb5, 0x86, 0xa8,
+    0xd0, 0x54, 0x4e, 0x92, 0x92, 0x7c, 0x2d, 0x0d, 0xf1, 0x1d, 0x7e, 0x0d, 0xa3, 0xda, 0x32, 0x49,
+    0xac, 0x0a, 0xfe, 0xff, 0xff, 0x62, 0x65, 0x7a, 0x64, 0x94, 0x0f, 0x7a, 0xd9, 0xb6, 0x9c, 0x9e,
+    0xbf, 0xd0, 0x1e, 0x69, 0x69, 0x25, 0xa3, 0x67, 0xd4, 0x05, 0xb8, 0x67, 0x60, 0x13, 0x3b, 0xd5,
+    0xda, 0x6e, 0xe4, 0x80, 0x80, 0x6c, 0x93, 0x45, 0xf7, 0x2e, 0x59, 0x45, 0xc6, 0x3b, 0x88, 0x40,
+    0xa7, 0x88, 0x45, 0x51, 0x51, 0xa4, 0xc8, 0x87, 0xdc, 0x41, 0xcc, 0x87, 0xec, 0xac, 0xe1, 0xc9,
+    0x5e, 0x8c, 0xf7, 0x37, 0x37, 0x4e, 0x4b, 0xdc, 0x8b, 0x76, 0xca, 0xdc, 0x48, 0x8f, 0xb9, 0xfa,
+    0x98, 0x1f, 0x0c, 0x3a, 0x3a, 0x7d, 0xff, 0xe8, 0xc9, 0x02, 0xf1, 0xe8, 0x81, 0x61, 0x71, 0x1d,
+    0x7a, 0x48, 0xd6, 0x63, 0x63, 0xaf, 0x22, 0x4f, 0x97, 0x98, 0x6c, 0x4f, 0x59, 0x33, 0x79, 0xd0,
+    0x13, 0xda, 0xe0, 0x96, 0x96, 0x47, 0xc6, 0x1d, 0xb0, 0x91, 0xb7, 0x1d, 0xb9, 0xa5, 0xa7, 0x4b,
+    0x6a, 0x99, 0x05, 0xf2, 0xf2, 0x51, 0xd1, 0x4e, 0x26, 0xe0, 0x34, 0x4e, 0x10, 0x58, 0x54, 0x79,
+    0x40, 0xc2, 0xca, 0x01, 0x01, 0x7e, 0x4a, 0x04, 0x81, 0x23, 0xa3, 0x04, 0xe7, 0x6f, 0xb4, 0xe1,
+    0xa8, 0xaf, 0xba, 0x4a, 0x4a, 0xbc, 0x29, 0xeb, 0xd9, 0x8a, 0x19, 0xeb, 0x5a, 0xdc, 0x06, 0x25,
+    0x5b, 0x91, 0xa2, 0x3e, 0x3e, 0x46, 0x14, 0xf8, 0x88, 0x8e, 0x38, 0xf8, 0x9b, 0x1e, 0xe4, 0x1f,
+    0xeb, 0x66, 0x43, 0x4c, 0x4c, 0x7b, 0x56, 0xf3, 0x59, 0x40, 0x55, 0xf3, 0x4d, 0x7d, 0x38, 0x26,
+    0x66, 0xb5, 0xc9, 0xee, 0xee, 0xf0, 0x05, 0x3e, 0x22, 0xc2, 0x0e, 0x3e, 0x56, 0xe6, 0x39, 0x77,
+    0x56, 0x05, 0x7f, 0x9e, 0x9e, 0x31, 0xd3, 0x3d, 0x32, 0x4a, 0xe6, 0x3d, 0x8d, 0x5b, 0x4e, 0x4f,
+    0x81, 0xff, 0x46, 0xbe, 0xbe, 0x2a, 0x87, 0xbd, 0x7f, 0xa0, 0x61, 0xbd, 0x5d, 0x25, 0x6c, 0x5f,
+    0x77, 0xdc, 0x0b, 0xc3, 0xc3, 0xd8, 0xe5, 0x8a, 0x2d, 0x5c, 0xb2, 0x8a, 0x4f, 0x76, 0xd3, 0x80,
+    0x57, 0xbd, 0x6e, 0x22, 0x22, 0xe7, 0xc0, 0x88, 0x8c, 0xac, 0x02, 0x88, 0xdd, 0xa0, 0x89, 0x11,
+    0x4e, 0x5d, 0x24, 0xa6, 0xa6, 0xb0, 0xb8, 0xdd, 0x3a, 0x0e, 0x92, 0xdd, 0x01, 0xe4, 0x94, 0x53,
+    0x8d, 0xd3, 0x8a, 0xa2, 0xa2, 0x8b, 0x53, 0xcd, 0x7b, 0x82, 0x5b, 0xcd, 0x1b, 0x9b, 0x01, 0x51,
+    0xb0, 0xf7, 0xe1, 0x72, 0x72, 0x3d, 0x42, 0x0b, 0xd1, 0xce, 0x6d, 0x0b, 0xd6, 0x63, 0xdc, 0x39,
+    0xf3, 0x3e, 0x18, 0x74, 0x74, 0xfa, 0x3d, 0x13, 0x51, 0x04, 0x21, 0x13, 0xc1, 0xc2, 0xe2, 0x3a,
+    0x94, 0x33, 0xc0, 0x26, 0x26, 0xdc, 0x2b, 0x98, 0xcd, 0x20, 0xcb, 0x98, 0xc7, 0xdf, 0x1c, 0x13,
+    0x20, 0x61, 0x65, 0xe1, 0xe1, 0x3f, 0x25, 0x02, 0xa1, 0xf0, 0xb0, 0x02, 0x92, 0xd6, 0x5a, 0x91,
+    0x24, 0xc4, 0x21, 0x54, 0x54, 0xe1, 0x69, 0x93, 0x1c, 0xee, 0xa6, 0x93, 0x11, 0xbc, 0xc0, 0x2a,
+    0xd7, 0xfa, 0x39, 0x20, 0x20, 0x1b, 0x54, 0x80, 0x4d, 0xea, 0x87, 0x80, 0xd0, 0x7e, 0x22, 0x10,
+    0x14, 0x74, 0x97, 0x24, 0x24, 0x20, 0xbf, 0x90, 0x0c, 0x66, 0x4e, 0x90, 0xca, 0x01, 0xb7, 0x12,
+    0x9e, 0x09, 0x6a, 0x34, 0x34, 0xcc, 0x95, 0xd0, 0xcb, 0x13, 0xec, 0xd0, 0xa2, 0x3e, 0xa6, 0x1a,
+    0x05, 0x1d, 0x55, 0x09, 0x09, 0x08, 0x5f, 0x24, 0x03, 0xf8, 0xf2, 0x24, 0xd3, 0x91, 0x5d, 0xe5,
+    0xc6, 0x93, 0xfb, 0x0d, 0x0d, 0x33, 0xb4, 0x34, 0x42, 0x74, 0x3b, 0x34, 0xc9, 0xee, 0xc8, 0xe7,
+    0xed, 0x70, 0x25, 0x42, 0x42, 0xca, 0x3c, 0xcb, 0x5b, 0x51, 0x48, 0xcb, 0x6e, 0x22, 0xef, 0x21,
+    0xc8, 0x0c, 0x15, 0xaa, 0xaa, 0xfd, 0x46, 0xed, 0xf9, 0x59, 0x0a, 0xed, 0x2f, 0x65, 0xe8, 0x55,
+    0x9b, 0x14, 0x3f, 0x3d, 0x3d, 0xc4, 0xca, 0xf4, 0xc8, 0xeb, 0x1e, 0xf4, 0x71, 0xaf, 0xfb, 0xff,
+    0xbd, 0x63, 0x3c, 0xd2, 0xd2, 0x4a, 0x85, 0xce, 0x6b, 0x0a, 0xb3, 0xce, 0xc0, 0x26, 0x76, 0x69,
+    0x84, 0xe2, 0x13, 0xb7, 0xb7, 0x22, 0xd8, 0x99, 0x7c, 0x58, 0x93, 0x99, 0x8e, 0xb4, 0x31, 0xba,
+    0xc3, 0x8e, 0xae, 0x04, 0x04, 0x3b, 0xeb, 0x10, 0x41, 0x8c, 0xc9, 0x10, 0x1a, 0x7f, 0x95, 0x02,
+    0xca, 0xbf, 0x37, 0x11, 0x11, 0x92, 0x60, 0x44, 0x46, 0x56, 0x01, 0x44, 0x8f, 0x50, 0xa5, 0xe9,
+    0x8a, 0x7d, 0xfd, 0x10, 0x10, 0xec, 0x2a, 0x40, 0xc7, 0x75, 0xa2, 0x40, 0x68, 0x3f, 0x11, 0x08,
+    0x34, 0x15, 0xf2, 0xc5, 0xc5, 0x1f, 0x9a, 0x92, 0xad, 0x96, 0xfe, 0x92, 0x58, 0xd7, 0xed, 0x83,
+    0x26, 0x77, 0x03, 0xef, 0xef, 0x8e, 0x4f, 0x3a, 0xa3, 0xe1, 0xad, 0x3a, 0xb1, 0x89, 0x8d, 0x96,
+    0x10, 0xd1, 0xd3, 0x91, 0x91, 0xfe, 0xf3, 0x01, 0xb1, 0x78, 0x58, 0x01, 0x49, 0x6b, 0x2d, 0xa9,
+    0x25, 0x7c, 0x30, 0xe8, 0xe8, 0x37, 0x7a, 0x26, 0xa2, 0x08, 0x42, 0x26, 0x41, 0x47, 0x07, 0x74,
+    0xe3, 0xef, 0xcb, 0xe5, 0xe5, 0x04, 0xce, 0x12, 0xe0, 0x7c, 0x79, 0x12, 0x88, 0xa9, 0xcf, 0x93,
+    0x63, 0xa8, 0x9c, 0xe7, 0xe7, 0xf8, 0x5a, 0x1a, 0x21, 0x3a, 0xfc, 0x1a, 0x85, 0x77, 0x64, 0x92,
+    0x0a, 0x3a, 0xaa, 0x12, 0x12, 0x10, 0xbe, 0x48, 0x06, 0x33, 0x27, 0x48, 0x65, 0xe1, 0xba, 0x09,
+    0x4f, 0xe5, 0x35, 0x1a, 0x1a, 0x66, 0xab, 0x68, 0x84, 0xe8, 0x76, 0x68, 0x51, 0x1f, 0x53, 0x0d,
+    0x8b, 0xc5, 0xec, 0xac, 0xac, 0x3a, 0x39, 0xf5, 0x79, 0x93, 0x46, 0xf5, 0x38, 0xc4, 0xd6, 0x56,
+    0xc7, 0x2b, 0xea, 0xb1, 0xb1, 0xe5, 0xa7, 0x81, 0xfc, 0x92, 0xdf, 0x81, 0x99, 0x15, 0x0f, 0xb9,
+    0x67, 0x0d, 0xd8, 0x52, 0x52, 0x26, 0x16, 0x8b, 0x9c, 0x24, 0xea, 0x8b, 0x06, 0x1d, 0xfe, 0x29,
+    0x2d, 0xf5, 0xb8, 0x41, 0x41, 0x48, 0xe2, 0xc7, 0x1b, 0x34, 0x6e, 0xc7, 0x84, 0x93, 0xf0, 0xc1,
+    0xfe, 0xaa, 0xc5, 0xd4, 0xd4, 0x8d, 0xfa, 0xd6, 0xeb, 0xc0, 0xff, 0xd6, 0xd7, 0x87, 0x48, 0x6a,
+    0x45, 0xdf, 0x9f, 0x08, 0x08, 0x76, 0x15, 0x20, 0x82, 0xdb, 0x51, 0x20, 0x34, 0xfe, 0xe9, 0x04,
+    0xa0, 0x26, 0x32, 0xe3, 0xe3, 0xc3, 0xb1, 0x0a, 0x60, 0xb6, 0x35, 0x0a, 0x9f, 0x08, 0xf1, 0x90,
+    0x80, 0x47, 0x57, 0x02, 0x02, 0xfc, 0x94, 0x08, 0xc1, 0x46, 0x85, 0x08, 0x0d, 0xde, 0xab, 0x01,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x4a, 0xf8, 0x60, 0x13, 0x13, 0x6e, 0xf4, 0x4c, 0x87, 0x10, 0x84, 0x4c, 0x82, 0x8e, 0x0e, 0xe8,
+    0xee, 0x7b, 0x16, 0x45, 0x45, 0x73, 0x09, 0xd7, 0x5a, 0xb8, 0xa7, 0xd7, 0x9e, 0xec, 0x65, 0xc3,
+    0x4c, 0xee, 0x06, 0x1d, 0x1d, 0xdf, 0x9e, 0x74, 0x85, 0x01, 0x99, 0x74, 0xa1, 0xd1, 0xd9, 0xef,
+  },
+  { /* 5 */
+    0xd8, 0xca, 0x20, 0x18, 0xa6, 0x5b, 0x9c, 0xaf, 0x78, 0xd9, 0x1d, 0x80, 0x8c, 0x85, 0x3b, 0x8c,
+    0x69, 0x10, 0x51, 0x4c, 0xc5, 0x06, 0x68, 0x18, 0xbf, 0x31, 0xb7, 0x87, 0xa1, 0x7c, 0xf5, 0xa1,
+    0xc0, 0xd0, 0x1b, 0x9a, 0xb0, 0x2e, 0xcd, 0xb8, 0xb7, 0xbe, 0xdf, 0x6c, 0x21, 0x29, 0x03, 0x21,
+    0xba, 0xff, 0xe6, 0xab, 0xa2, 0x89, 0xd9, 0x61, 0x42, 0xa1, 0xdc, 0x1e, 0xaa, 0x69, 0x60, 0xaa,
+    0x16, 0x4a, 0xed, 0x3d, 0x41, 0x6b, 0x5a, 0x6f, 0xc9, 0x92, 0xec, 0x32, 0xcd, 0xe3, 0x9f, 0xcd,
+    0x87, 0x09, 0x79, 0x52, 0xab, 0x3b, 0xd3, 0xec, 0xd9, 0x4f, 0x3c, 0x27, 0x0e, 0x49, 0xb0, 0x0e,
+    0x58, 0xeb, 0x32, 0xf4, 0xc7, 0x6f, 0xab, 0x7f, 0xa2, 0x0d, 0x36, 0xc8, 0xb2, 0x0a, 0x39, 0xb2,
+    0x59, 0x24, 0x27, 0x8b, 0xe9, 0xec, 0xca, 0x36, 0xe2, 0xff, 0xf0, 0x9c, 0x38, 0xe7, 0x85, 0x38,
+    0xc4, 0x6a, 0x4f, 0xa5, 0x08, 0x67, 0x8a, 0x5f, 0x74, 0xf0, 0x41, 0xff, 0x4c, 0x1b, 0xb6, 0x4c,
+    0x6a, 0x82, 0x6e, 0xcd, 0xb7, 0x40, 0xcb, 0xc3, 0x7f, 0xe4, 0x3e, 0x7b, 0xfc, 0x88, 0xf2, 0xfc,
+    0x05, 0x75, 0x41, 0x40, 0x96, 0xca, 0x26, 0xae, 0x83, 0xbc, 0x58, 0xc7, 0xe7, 0xdf, 0x09, 0xe7,
+    0x9a, 0x66, 0x03, 0x90, 0x2b, 0x84, 0xa4, 0x55, 0x95, 0x94, 0xa6, 0x0c, 0x44, 0x3a, 0x81, 0x44,
+    0x06, 0xe7, 0x7e, 0xc1, 0xe4, 0x8c, 0x85, 0x75, 0x43, 0x69, 0xd1, 0x3b, 0xba, 0x2b, 0x0e, 0xba,
+    0xa6, 0x5f, 0x89, 0x16, 0x0c, 0xb5, 0xcf, 0x91, 0x4e, 0x88, 0x80, 0x61, 0x6a, 0xf7, 0xed, 0x6a,
+    0x0d, 0xc2, 0xe9, 0x3e, 0x25, 0x58, 0xa8, 0xa3, 0xc6, 0x20, 0xa7, 0x22, 0x3d, 0xbb, 0xa0, 0x3d,
+    0xd1, 0xb2, 0x9d, 0x19, 0x3b, 0x4a, 0x73, 0xeb, 0x7d, 0xb7, 0x24, 0x31, 0xdc, 0x0c, 0x2e, 0xdc,
+    0x43, 0x63, 0x36, 0xf7, 0xa3, 0x5c, 0x59, 0xb3, 0xad, 0xbf, 0x7d, 0xd8, 0x42, 0x52, 0x06, 0x42,
+    0x85, 0x54, 0x53, 0xac, 0xf7, 0xfe, 0x11, 0x7e, 0x59, 0x68, 0x73, 0x8f, 0xd9, 0x50, 0x0b, 0xd9,
+    0x41, 0x3e, 0x1c, 0x09, 0xff, 0x99, 0x9b, 0x21, 0x2d, 0x98, 0x32, 0x70, 0x95, 0x4b, 0xbd, 0x95,
+    0xd2, 0x20, 0xa2, 0x98, 0x49, 0x0c, 0xd0, 0x30, 0xbd, 0x62, 0xad, 0xcd, 0x81, 0xf8, 0x29, 0x81,
+    0x2c, 0x94, 0x19, 0x7a, 0x82, 0xd6, 0xb4, 0xde, 0x51, 0xe7, 0x1b, 0x64, 0x59, 0x05, 0xfd, 0x59,
+    0xcd, 0x12, 0xf2, 0xa4, 0x95, 0x76, 0x65, 0x1b, 0x71, 0x9e, 0x78, 0x4e, 0x1c, 0x92, 0xa3, 0x1c,
+    0x0b, 0x25, 0x97, 0xff, 0xc1, 0xd4, 0x2d, 0xd6, 0x85, 0x49, 0x76, 0x19, 0x87, 0x90, 0xae, 0x87,
+    0xa2, 0xe5, 0xdd, 0x29, 0xb4, 0xfc, 0x88, 0x76, 0x8d, 0xc6, 0x1e, 0xf2, 0x07, 0xc5, 0x58, 0x07,
+    0x38, 0x83, 0xde, 0xb9, 0x9f, 0x78, 0x2c, 0x23, 0x18, 0x52, 0xb8, 0xfe, 0x43, 0xff, 0xd9, 0x43,
+    0xf7, 0xcc, 0x06, 0xe3, 0x56, 0xcb, 0x8b, 0xaa, 0xe9, 0xeb, 0x8f, 0x18, 0x88, 0x74, 0xc1, 0x88,
+    0x4b, 0xd4, 0x9e, 0x89, 0x10, 0xce, 0xd7, 0xbe, 0xe8, 0x23, 0x82, 0x3d, 0x98, 0x36, 0xaf, 0x98,
+    0xe6, 0xae, 0x80, 0x60, 0xdd, 0xaf, 0x35, 0xf9, 0x23, 0xe2, 0x74, 0x45, 0x75, 0x51, 0xec, 0x75,
+    0xe7, 0x61, 0x95, 0x1f, 0xf3, 0x2c, 0x54, 0xb0, 0x63, 0x10, 0xb2, 0x11, 0xff, 0xbc, 0x50, 0xff,
+    0x90, 0x8c, 0x81, 0x10, 0xc4, 0xd3, 0xe8, 0xca, 0x50, 0x2f, 0x16, 0x41, 0x49, 0x47, 0x93, 0x49,
+    0x1a, 0x47, 0x11, 0x7c, 0x4a, 0xb0, 0x93, 0x85, 0x4f, 0x40, 0x8d, 0x44, 0x7a, 0xb5, 0x83, 0x7a,
+    0x53, 0xce, 0xa5, 0x0b, 0x06, 0xbb, 0x86, 0xa9, 0x27, 0x44, 0x40, 0xd1, 0x35, 0x9a, 0x97, 0x35,
+    0xa3, 0x2a, 0xc8, 0x56, 0x9a, 0x7f, 0xe9, 0x3f, 0xcd, 0x34, 0xd8, 0xa6, 0x8d, 0x28, 0xe4, 0x8d,
+    0xf1, 0x2b, 0x78, 0x22, 0xb2, 0x47, 0x0e, 0xdf, 0xaa, 0x82, 0x5e, 0x23, 0x32, 0x5f, 0xcf, 0x32,
+    0xfd, 0x26, 0x84, 0x63, 0xb9, 0x9c, 0xc7, 0x35, 0x2c, 0x50, 0x3f, 0x55, 0x85, 0x09, 0xd3, 0x85,
+    0x51, 0x93, 0x8f, 0xf5, 0x5a, 0x7e, 0x44, 0x3b, 0xa7, 0x63, 0x0f, 0x79, 0xe2, 0x83, 0x2c, 0xe2,
+    0x29, 0xe1, 0x58, 0x3a, 0x14, 0x1c, 0x92, 0x70, 0xd2, 0x5b, 0x43, 0xa3, 0xbe, 0xda, 0xf4, 0xbe,
+    0x3b, 0x11, 0xe1, 0x38, 0xed, 0x3e, 0x8f, 0xf8, 0xd8, 0x87, 0x31, 0x02, 0x1e, 0x0b, 0xde, 0x1e,
+    0x82, 0x7c, 0x38, 0x12, 0x3d, 0xf1, 0xf5, 0x42, 0x5a, 0xf3, 0x64, 0xe0, 0xe9, 0x96, 0xb9, 0xe9,
+    0x67, 0x40, 0x87, 0xf3, 0x92, 0x18, 0x63, 0x60, 0xb9, 0xc4, 0x99, 0x59, 0xc1, 0x33, 0x52, 0xc1,
+    0x8b, 0x04, 0x85, 0x13, 0xa0, 0xe0, 0x1a, 0x06, 0x5f, 0x9d, 0x5d, 0x51, 0xb9, 0x1f, 0xac, 0xb9,
+    0x48, 0x46, 0xa1, 0x08, 0x62, 0x88, 0x74, 0x65, 0x28, 0xf6, 0x0b, 0xc1, 0xc5, 0xc2, 0xa8, 0xc5,
+    0x2a, 0x73, 0x67, 0xbb, 0x66, 0x5a, 0x31, 0xab, 0x12, 0x8e, 0xca, 0x5f, 0xe3, 0x2e, 0xf3, 0xe3,
+    0xef, 0xd6, 0x3d, 0x61, 0x40, 0xbe, 0xda, 0xbd, 0x26, 0x8c, 0x4d, 0xf4, 0x25, 0xd8, 0xf9, 0x25,
+    0x70, 0xc5, 0x7f, 0xb1, 0xfd, 0xf0, 0x58, 0x46, 0x30, 0xa4, 0xb3, 0x3f, 0x86, 0x3d, 0x71, 0x86,
+    0x2d, 0x5b, 0x0c, 0x05, 0xac, 0x55, 0xd5, 0x97, 0x11, 0x15, 0xdd, 0x30, 0xd3, 0xe8, 0x41, 0xd3,
+    0x31, 0xfb, 0x63, 0xb8, 0x02, 0x69, 0xc3, 0x67, 0x1d, 0x3c, 0x81, 0x4f, 0x13, 0x76, 0xcc, 0x13,
+    0xe2, 0x14, 0xd4, 0x5f, 0x65, 0xe6, 0x72, 0x1e, 0xe0, 0xac, 0xea, 0xd6, 0x18, 0x63, 0x59, 0x18,
+    0x86, 0xc6, 0x6c, 0x2d, 0x85, 0xb8, 0xb2, 0xa5, 0x99, 0xbd, 0xfa, 0x73, 0x84, 0xa4, 0x0c, 0x84,
+    0xc9, 0xa8, 0xa6, 0x9b, 0x2d, 0x3f, 0x22, 0xfc, 0xb2, 0xd0, 0xe6, 0xdd, 0x71, 0xa0, 0x16, 0x71,
+    0xb0, 0x15, 0x64, 0x2b, 0x4d, 0xde, 0x95, 0xfe, 0x87, 0x1a, 0x6c, 0x53, 0xa7, 0x14, 0x72, 0xa7,
+    0x80, 0x21, 0x12, 0xec, 0x61, 0x34, 0x37, 0xd0, 0xda, 0xd4, 0x2b, 0x48, 0x3e, 0x8f, 0x02, 0x3e,
+    0xf5, 0x91, 0x2c, 0x1d, 0x0a, 0x0e, 0x49, 0x38, 0x69, 0xcc, 0xc0, 0xb0, 0x5f, 0x6d, 0x7a, 0x5f,
+    0xfc, 0xe9, 0x91, 0x1c, 0x97, 0x1f, 0xa6, 0x7c, 0x6c, 0xa2, 0xf9, 0x01, 0x0f, 0xe4, 0x6f, 0x0f,
+    0x60, 0x68, 0xec, 0x4d, 0x58, 0x17, 0x87, 0x5c, 0xba, 0x5f, 0x8e, 0x36, 0xf1, 0xf5, 0xe0, 0xf1,
+    0x44, 0x4b, 0x5d, 0x49, 0x69, 0x53, 0xbd, 0x8f, 0xae, 0x24, 0x6a, 0xb7, 0x72, 0x94, 0xb4, 0x72,
+    0x0c, 0x0d, 0xfc, 0x41, 0x0b, 0xdb, 0xc9, 0xea, 0x86, 0xd2, 0x61, 0x76, 0xb7, 0x56, 0x1c, 0xb7,
+    0x8f, 0xbe, 0xd1, 0x2c, 0x18, 0xa9, 0x5d, 0xe1, 0x9c, 0xd3, 0xc3, 0xc2, 0xd4, 0x2d, 0x19, 0xd4,
+    0xa4, 0x02, 0xa3, 0xe8, 0x50, 0x70, 0x0d, 0x03, 0xce, 0xaf, 0xcf, 0xc9, 0xbd, 0xee, 0x56, 0xbd,
+    0x3d, 0xf6, 0x9f, 0xf9, 0x09, 0xb2, 0x0a, 0x8d, 0x9b, 0xee, 0xe0, 0x39, 0xa4, 0x20, 0xd0, 0xa4,
+    0x62, 0x35, 0xc6, 0xb3, 0x04, 0xd2, 0x45, 0xce, 0x3a, 0x78, 0xc1, 0x9e, 0x26, 0xec, 0x5b, 0x26,
+    0x35, 0x41, 0x37, 0x87, 0xba, 0x20, 0x84, 0x80, 0xde, 0x72, 0x1f, 0xdc, 0x7e, 0x44, 0x79, 0x7e,
+    0xe0, 0x49, 0xfe, 0xa1, 0x39, 0x23, 0xb0, 0x8c, 0x60, 0x8b, 0xa5, 0x7e, 0xcf, 0x7a, 0xe2, 0xcf,
+    0x68, 0xdf, 0x44, 0x33, 0xeb, 0x85, 0x09, 0x51, 0xff, 0xc3, 0x71, 0xd3, 0x2b, 0x91, 0x49, 0x2b,
+    0xdc, 0x70, 0x74, 0x27, 0x1e, 0x12, 0xdb, 0x48, 0xbb, 0x97, 0x83, 0x13, 0xe1, 0xb7, 0x8e, 0xe1,
+    0x40, 0xf1, 0x09, 0x76, 0xd1, 0x1a, 0xfa, 0x68, 0x6d, 0x6a, 0xf4, 0x24, 0x1f, 0xa6, 0x01, 0x1f,
+    0xa0, 0xb8, 0xf7, 0xd7, 0xe8, 0x39, 0x4a, 0xe4, 0x0d, 0xe1, 0x51, 0x5a, 0xd0, 0xdc, 0xe3, 0xd0,
+    0xa7, 0x90, 0x9c, 0x69, 0x22, 0x36, 0xae, 0xd8, 0x0e, 0x7a, 0x46, 0x35, 0xe0, 0x1a, 0x51, 0xe0,
+    0x9f, 0x13, 0x42, 0xd0, 0xbd, 0x4e, 0x82, 0xfb, 0x16, 0x28, 0xfe, 0xcb, 0xa3, 0xe5, 0x88, 0xa3,
+    0x2b, 0xbc, 0x72, 0xc4, 0x48, 0xd9, 0x50, 0xe2, 0x52, 0x7c, 0x0c, 0x0b, 0x69, 0xc3, 0x4f, 0x69,
+    0xae, 0xe8, 0x21, 0x68, 0xbf, 0x27, 0x41, 0x9c, 0x0b, 0x14, 0x7f, 0x84, 0xb0, 0x93, 0x44, 0xb0,
+    0x10, 0xad, 0x93, 0xfc, 0xa5, 0xe7, 0xdf, 0x1a, 0x8a, 0xfb, 0x3d, 0x09, 0x77, 0xc8, 0x91, 0x77,
+    0xfe, 0xb4, 0xbb, 0xe2, 0xcb, 0xda, 0x64, 0xee, 0xec, 0x85, 0xb6, 0xa9, 0xd8, 0xfd, 0xd4, 0xd8,
+    0xa1, 0x77, 0xe2, 0xa8, 0xc6, 0xba, 0x2b, 0xad, 0x4d, 0x13, 0x97, 0x0e, 0x5a, 0x31, 0x5f, 0x5a,
+    0xc7, 0xf8, 0x70, 0x24, 0x7a, 0x21, 0x29, 0x84, 0xb4, 0x25, 0xc8, 0x03, 0x11, 0xef, 0xb1, 0x11,
+    0x4d, 0x33, 0xe0, 0x48, 0xf4, 0x42, 0x52, 0xcb, 0xab, 0x4a, 0x53, 0x06, 0x22, 0x1d, 0xa1, 0x22,
+    0xaa, 0x52, 0x75, 0x57, 0x07, 0x6e, 0x06, 0x7b, 0xc8, 0x5a, 0xe1, 0x17, 0xdd, 0xa1, 0xf1, 0xdd,
+    0xd4, 0xc7, 0xdc, 0x59, 0xad, 0x80, 0x55, 0x45, 0xfe, 0x0b, 0x7c, 0xf6, 0x3b, 0xd3, 0x27, 0x3b,
+    0x42, 0xac, 0x23, 0x88, 0x8d, 0xdf, 0x38, 0xfa, 0xed, 0x4d, 0xbb, 0x8c, 0xc8, 0xbf, 0xba, 0xc8,
+    0x2e, 0xc9, 0x33, 0x84, 0xde, 0x13, 0x76, 0x4c, 0xd1, 0xc0, 0x54, 0xcc, 0x8e, 0x1c, 0x46, 0x8e,
+    0x49, 0x89, 0xb4, 0x77, 0x4c, 0x0b, 0x15, 0x2c, 0x68, 0x04, 0xcd, 0x95, 0x4f, 0x2f, 0x14, 0x4f,
+    0xb2, 0x48, 0x4e, 0xd5, 0x11, 0x1b, 0x57, 0x6c, 0x07, 0x3d, 0x23, 0xfb, 0x70, 0x0d, 0xc9, 0x70,
+    0x77, 0xed, 0x14, 0x0f, 0x37, 0xff, 0xbc, 0x7a, 0x33, 0x3f, 0xa4, 0x50, 0xb6, 0xfb, 0xc3, 0xb6,
+    0x39, 0x4c, 0xcb, 0xc6, 0xb1, 0xfb, 0x4d, 0x6a, 0x58, 0xa0, 0x7e, 0xaa, 0xc9, 0x12, 0x65, 0xc9,
+    0xad, 0x7a, 0x1e, 0xe9, 0xcd, 0x61, 0xe2, 0x47, 0xcb, 0xc1, 0xf6, 0x78, 0xed, 0x67, 0x43, 0xed,
+    0x20, 0x99, 0xe5, 0x3b, 0x89, 0x0d, 0x7d, 0x34, 0xd7, 0x35, 0x7a, 0x12, 0xee, 0x53, 0xe1, 0xee,
+    0xcf, 0x4f, 0xd8, 0x5a, 0xc9, 0xb3, 0xa7, 0x89, 0xf1, 0xb9, 0x37, 0xe6, 0xcb, 0x8b, 0x18, 0xcb,
+    0x64, 0xd2, 0xb8, 0x72, 0xe0, 0x5e, 0xc0, 0xbb, 0x79, 0x11, 0x10, 0xa5, 0x9c, 0xc7, 0x55, 0x9c,
+    0x9b, 0xa9, 0x16, 0xef, 0x05, 0x07, 0xc5, 0x1c, 0xd5, 0x66, 0x60, 0x58, 0xce, 0xd7, 0x3d, 0xce,
+    0xde, 0x2d, 0x5e, 0xd9, 0x42, 0xd7, 0x19, 0xda, 0x3b, 0xb0, 0xcc, 0xbb, 0x36, 0xae, 0x35, 0x36,
+    0x7f, 0x5a, 0xbc, 0x71, 0x84, 0x6d, 0x32, 0x77, 0x76, 0xa3, 0x5b, 0xb5, 0x6c, 0x9f, 0x6a, 0x6c,
+    0xa8, 0x0f, 0x5f, 0xa9, 0x5b, 0xab, 0xc4, 0xe9, 0x48, 0x7d, 0xae, 0xbf, 0x0a, 0xb8, 0x4a, 0x0a,
+    0xb6, 0xf2, 0x1a, 0xea, 0xa9, 0x52, 0x10, 0x8b, 0xc4, 0x73, 0xbd, 0x68, 0x1d, 0x3f, 0x7c, 0x1d,
+    0x5c, 0x51, 0x66, 0xcb, 0x7f, 0x26, 0xec, 0x98, 0x61, 0x43, 0xa8, 0x5b, 0xdf, 0x38, 0x8c, 0xdf,
+    0xa5, 0xcd, 0xb6, 0x97, 0x7e, 0xf3, 0x6c, 0x4a, 0x8e, 0x5d, 0x09, 0x9d, 0x37, 0x03, 0xea, 0x37,
+    0x6b, 0x4d, 0x7b, 0xb2, 0x99, 0xc3, 0xaa, 0x8a, 0x3f, 0x16, 0xf8, 0x2f, 0x76, 0x65, 0x4e, 0x76,
+    0xd3, 0xef, 0xb7, 0xe7, 0x67, 0x8f, 0xb1, 0x79, 0xfd, 0x90, 0x6b, 0x99, 0x0b, 0x15, 0x95, 0x0b,
+    0xf0, 0xe4, 0x6d, 0x5d, 0x9c, 0xc4, 0x6f, 0x96, 0xea, 0x70, 0x98, 0x77, 0xb8, 0xb2, 0x73, 0xb8,
+    0x5d, 0x9e, 0x73, 0xb4, 0x51, 0xa5, 0x8d, 0xd1, 0x21, 0xb1, 0x6e, 0x0f, 0x55, 0xd5, 0x30, 0x55,
+    0xc8, 0x67, 0xb3, 0xe4, 0x03, 0xbc, 0x43, 0xb5, 0xf2, 0x22, 0x20, 0x89, 0xfb, 0x4d, 0xaa, 0xfb,
+    0xc5, 0xa5, 0x5a, 0xda, 0x26, 0xe4, 0xeb, 0x16, 0x34, 0x02, 0x87, 0xab, 0xc6, 0xf6, 0x0a, 0xc6,
+    0xbd, 0xd7, 0x8d, 0x15, 0x68, 0x86, 0x3d, 0x5d, 0x41, 0x3a, 0xcb, 0x71, 0x9a, 0xaf, 0xd2, 0x9a,
+    0xc3, 0x42, 0x24, 0x1b, 0xc2, 0x68, 0x6e, 0x63, 0x77, 0x6b, 0x56, 0x90, 0x7c, 0xdd, 0x04, 0x7c,
+    0xe4, 0xf3, 0xaa, 0x9e, 0x81, 0x6a, 0xf7, 0x6b, 0xa3, 0xc5, 0x3b, 0xed, 0xa2, 0x48, 0x57, 0xa2,
+    0xaf, 0x27, 0x34, 0x17, 0x91, 0xa4, 0x20, 0xd5, 0x4b, 0xe6, 0xb9, 0xd0, 0x3a, 0x7e, 0xf8, 0x3a,
+    0xb8, 0xa2, 0xcc, 0x55, 0xfe, 0x4c, 0x1b, 0xf3, 0xc2, 0x86, 0x93, 0xb6, 0x7d, 0x70, 0xdb, 0x7d,
+    0xcb, 0xf5, 0x8c, 0x65, 0x71, 0xfa, 0xe0, 0x6e, 0x32, 0xf7, 0xa9, 0x75, 0xa6, 0xb9, 0xad, 0xa6,
+    0xc1, 0x1f, 0x0e, 0xe5, 0x9e, 0xad, 0xac, 0xf1, 0xf7, 0x4c, 0x19, 0x38, 0xab, 0xc4, 0xbf, 0xab,
+    0xb5, 0x60, 0x25, 0x6b, 0xdb, 0x14, 0xb3, 0x50, 0x04, 0xa6, 0x34, 0x94, 0x40, 0xcb, 0x7b, 0x40,
+    0x6f, 0xf7, 0x2f, 0x8d, 0x21, 0x8a, 0xed, 0x6d, 0xfc, 0x58, 0x66, 0xbc, 0x1b, 0x57, 0xfb, 0x1b,
+    0x4c, 0xfc, 0xf5, 0x37, 0xda, 0xc1, 0x33, 0x82, 0xeb, 0xb8, 0x95, 0x52, 0xa8, 0xf0, 0x1d, 0xa8,
+    0x97, 0xa4, 0xea, 0xae, 0x0e, 0xdc, 0x0c, 0xf6, 0x53, 0xb4, 0x01, 0x2e, 0x79, 0x81, 0x21, 0x79,
+    0x88, 0x96, 0xba, 0x92, 0xd2, 0xa6, 0xb9, 0xdd, 0x9f, 0x48, 0xd4, 0xad, 0xe4, 0xeb, 0xab, 0xe4,
+    0x61, 0xa7, 0xf9, 0x32, 0x76, 0x94, 0xe6, 0x15, 0xfa, 0xad, 0x48, 0x62, 0x7b, 0x18, 0x5c, 0x7b,
+    0x57, 0x74, 0xf1, 0x34, 0xbe, 0xf2, 0xc1, 0x4e, 0xe4, 0x0a, 0xde, 0x42, 0x58, 0xa8, 0x22, 0x58,
+    0x11, 0x62, 0x86, 0x83, 0x8b, 0x64, 0xbe, 0x53, 0xca, 0x09, 0xfb, 0x5d, 0xfd, 0x25, 0x2d, 0xfd,
+    0x99, 0xf4, 0x3c, 0x11, 0x59, 0xc2, 0x07, 0x8e, 0x55, 0x41, 0x2f, 0xf0, 0x19, 0xce, 0x86, 0x19,
+    0x72, 0x98, 0x55, 0x4f, 0xa1, 0x35, 0x9a, 0xd4, 0xb0, 0x83, 0xfc, 0x97, 0x51, 0x24, 0xca, 0x51,
+    0x83, 0xb3, 0x2d, 0x6d, 0x13, 0x72, 0x94, 0x0b, 0x1a, 0x01, 0xa2, 0xb4, 0x63, 0x7b, 0x05, 0x63,
+    0xbf, 0x8a, 0xa7, 0xeb, 0x34, 0x43, 0xff, 0xcf, 0xc1, 0x1d, 0x84, 0xd9, 0x4d, 0xb6, 0x69, 0x4d,
+    0x55, 0x29, 0xdb, 0xca, 0xe2, 0x37, 0x03, 0xdc, 0x64, 0x2d, 0x91, 0xea, 0x8f, 0xb1, 0x99, 0x8f,
+    0x73, 0x57, 0x40, 0x30, 0x8f, 0xb6, 0xfb, 0x9d, 0xf0, 0x71, 0x3a, 0xc3, 0xdb, 0xc9, 0x76, 0xdb,
+    0x9d, 0x4e, 0x68, 0x2e, 0xe1, 0x8b, 0x40, 0x69, 0x96, 0x0f, 0xb1, 0x63, 0x74, 0xfc, 0x33, 0x74,
+    0x81, 0xee, 0x07, 0x93, 0x4f, 0xb7, 0x56, 0x99, 0x9a, 0x26, 0xed, 0x1c, 0xb4, 0x62, 0xbe, 0xb4,
+    0x3f, 0xab, 0xb5, 0x07, 0x55, 0x77, 0xc8, 0x1f, 0x1b, 0xc9, 0xaf, 0x91, 0x73, 0x39, 0x6b, 0x73,
+    0xb3, 0x87, 0x5b, 0xaa, 0x3f, 0x98, 0x36, 0x25, 0x47, 0xcf, 0xe5, 0xaf, 0xfa, 0xe0, 0x75, 0xfa,
+    0xbb, 0x30, 0xf3, 0xd4, 0x8c, 0x0a, 0xb8, 0x28, 0x02, 0x53, 0x1a, 0x4a, 0x20, 0x84, 0xdc, 0x20,
+    0xd6, 0x9a, 0xf6, 0xa7, 0xf1, 0x45, 0x97, 0xd7, 0x7e, 0x2c, 0x33, 0x5e, 0xec, 0xca, 0x9c, 0xec,
+    0xea, 0xa3, 0x7c, 0x21, 0xd6, 0x74, 0xfc, 0x13, 0xa5, 0x30, 0x15, 0x33, 0xc2, 0x07, 0xf0, 0xc2,
+    0x25, 0xec, 0xa4, 0x7b, 0x1f, 0xc7, 0x5b, 0x9a, 0x54, 0x89, 0x22, 0xd5, 0x09, 0x8c, 0xe8, 0x09,
+    0xce, 0x80, 0xcd, 0x25, 0xe7, 0x30, 0xc6, 0xc0, 0xb1, 0x4b, 0xf1, 0xb2, 0x41, 0x66, 0xa4, 0x41,
+    0x63, 0xfa, 0xd3, 0xcc, 0x2a, 0x51, 0x24, 0x87, 0x7a, 0x8a, 0x07, 0xca, 0xac, 0x01, 0xe7, 0xac,
+    0x45, 0x84, 0x48, 0x36, 0x47, 0xd0, 0xdc, 0xc6, 0xee, 0xd6, 0xac, 0xe3, 0xf8, 0x79, 0x08, 0xf8,
+    0x32, 0x69, 0x5c, 0x39, 0x70, 0x2f, 0x60, 0xbc, 0xdd, 0xe9, 0x08, 0xb3, 0x4e, 0x82, 0xcb, 0x4e,
+    0xd7, 0x55, 0xe3, 0xd8, 0xdf, 0xc6, 0xf6, 0x9e, 0x3e, 0xde, 0xf5, 0x0a, 0x66, 0x27, 0x20, 0x66,
+    0x9e, 0xdc, 0x57, 0xaf, 0x93, 0xcd, 0xe3, 0xb2, 0x56, 0xda, 0x38, 0x9f, 0x29, 0x08, 0x34, 0x29,
+    0x08, 0xb7, 0xa8, 0x7e, 0xb3, 0x92, 0x8e, 0x0d, 0x45, 0x9c, 0xff, 0xe5, 0xda, 0x64, 0xa9, 0xda,
+    0x8d, 0xe3, 0xfb, 0xd2, 0x44, 0x6c, 0x9f, 0x73, 0x1c, 0xf4, 0x8c, 0x6a, 0x03, 0x34, 0xa2, 0x03,
+    0x79, 0xbd, 0xc2, 0xb0, 0x60, 0xe1, 0xb7, 0x02, 0x35, 0xca, 0x8a, 0x8e, 0xd6, 0xb4, 0x64, 0xd6,
+    0xab, 0x9d, 0x60, 0x28, 0x29, 0xed, 0x67, 0x32, 0x88, 0xa8, 0x27, 0x43, 0x57, 0x4c, 0x4d, 0x57,
+    0x36, 0xd3, 0x08, 0x06, 0xc8, 0x66, 0x27, 0x5b, 0x1e, 0xa7, 0x96, 0x20, 0x23, 0xb0, 0x7e, 0x23,
+    0xfb, 0xc1, 0xfa, 0xa2, 0x5d, 0x10, 0x42, 0x40, 0x6f, 0x39, 0xee, 0x6e, 0x3f, 0x22, 0xdd, 0x3f,
+    0xec, 0x44, 0x02, 0xe0, 0x32, 0xf8, 0x79, 0x66, 0xe6, 0x59, 0xc4, 0x08, 0x78, 0x2c, 0xfe, 0x78,
+    0x4e, 0xa1, 0xdf, 0xc9, 0x86, 0x04, 0xf1, 0x10, 0x6b, 0x9f, 0xda, 0xfa, 0x7f, 0xe9, 0xa6, 0x7f,
+    0x7e, 0x95, 0xa9, 0x0e, 0xaa, 0xee, 0x53, 0x3e, 0x36, 0x51, 0x9d, 0xe1, 0xe6, 0x72, 0xd6, 0xe6,
+    0xd0, 0x7d, 0x88, 0x66, 0x15, 0xc9, 0x12, 0xa2, 0x3d, 0x45, 0xe2, 0x65, 0x56, 0xe1, 0x92, 0x56,
+    0x6c, 0x65, 0x10, 0x0c, 0x53, 0xcc, 0x4e, 0xb6, 0x3c, 0x8d, 0xef, 0x40, 0x46, 0xa3, 0xfc, 0x46,
+    0xf3, 0x76, 0x52, 0xdc, 0xee, 0x82, 0xcc, 0x4d, 0x2a, 0xa5, 0x11, 0x8b, 0xe5, 0x46, 0x74, 0xe5,
+    0x5f, 0xc3, 0x59, 0x4a, 0x0d, 0x60, 0x4f, 0x43, 0xa1, 0x96, 0x21, 0xa7, 0x82, 0xcc, 0x8b, 0x82,
+    0xff, 0x7b, 0xae, 0x9d, 0xe5, 0x59, 0x05, 0xa7, 0xac, 0x77, 0x70, 0xfd, 0x52, 0x10, 0x68, 0x52,
+    0x8a, 0xcb, 0x90, 0x6c, 0x8e, 0x63, 0x7b, 0x4f, 0x1f, 0x6f, 0x9b, 0x05, 0x33, 0xf2, 0x10, 0x33,
+    0x56, 0xbb, 0xe4, 0x4b, 0x90, 0x71, 0xa0, 0x07, 0xa4, 0xf8, 0x18, 0x16, 0xd2, 0x45, 0x9e, 0xd2,
+    0xdd, 0xbf, 0x61, 0x58, 0x30, 0x91, 0xba, 0x01, 0xfb, 0x65, 0x45, 0x47, 0x6b, 0x5a, 0x32, 0x6b,
+    0xb4, 0xaf, 0x30, 0x14, 0xf5, 0x97, 0xd2, 0x19, 0x44, 0x54, 0xf2, 0xc0, 0xca, 0x26, 0xc7, 0xca,
+    0x04, 0xba, 0x54, 0x3f, 0xb8, 0x49, 0x47, 0xe7, 0xc3, 0x4e, 0x9e, 0x93, 0x6d, 0x32, 0xb5, 0x6d,
+    0xbe, 0x45, 0xb2, 0x94, 0x1a, 0xc0, 0x9e, 0x86, 0x81, 0xef, 0x42, 0x8d, 0xc7, 0x5b, 0xd5, 0xc7,
+    0x1b, 0x88, 0x04, 0x03, 0x64, 0x33, 0xf2, 0xcc, 0x0f, 0xb2, 0x4b, 0x10, 0xf0, 0x58, 0x3f, 0xf0,
+    0x9c, 0x81, 0x7d, 0x51, 0xcf, 0x08, 0x21, 0x20, 0xd6, 0xfd, 0x77, 0x37, 0xfe, 0x11, 0x8f, 0xfe,
+    0x5e, 0x0c, 0x4c, 0x35, 0x23, 0xe3, 0x2e, 0x0a, 0xe1, 0x64, 0xe7, 0xf3, 0x08, 0x21, 0x37, 0x08,
+    0x07, 0x28, 0x6b, 0xbe, 0xca, 0x0f, 0xe4, 0x3c, 0x03, 0x9b, 0x17, 0x6f, 0x30, 0xc6, 0xb2, 0x30,
+    0x8c, 0x2c, 0xee, 0xad, 0x6a, 0xef, 0xfe, 0x3a, 0x5c, 0x06, 0x4a, 0x3e, 0x89, 0xd9, 0x1e, 0x89,
+    0x0f, 0x9f, 0xc3, 0xc0, 0x79, 0x9d, 0x6a, 0x31, 0x46, 0x07, 0xe8, 0x8a, 0xea, 0xa2, 0x1b, 0xea,
+    0x6d, 0xaa, 0x05, 0x73, 0x7d, 0x4f, 0x2f, 0xff, 0x7c, 0x7f, 0x29, 0x14, 0xcc, 0x4e, 0x40, 0xcc,
+    0xf4, 0x5e, 0x39, 0x62, 0x24, 0x8d, 0x28, 0x71, 0x29, 0x3e, 0x06, 0xe4, 0xd5, 0x80, 0xc6, 0xd5,
+    0x26, 0x7e, 0x9b, 0xfa, 0x6d, 0x81, 0xf8, 0x41, 0x94, 0x5c, 0xab, 0x29, 0x54, 0x78, 0xef, 0x54,
+    0x71, 0x0a, 0x6a, 0xce, 0xd3, 0x73, 0x39, 0x0f, 0x70, 0x56, 0x75, 0x6b, 0x0c, 0xd0, 0xcd, 0x0c,
+    0x1c, 0xa0, 0x6f, 0xbd, 0xae, 0x3c, 0x16, 0xf0, 0x0c, 0x29, 0x5c, 0x7f, 0xc0, 0x9e, 0x8d, 0xc0,
+    0x94, 0x36, 0xd5, 0x2f, 0x7c, 0x9a, 0xaf, 0x2d, 0x93, 0x61, 0x88, 0xd2, 0x24, 0x75, 0x26, 0x24,
+    0x22, 0xc4, 0xcf, 0xc5, 0xd5, 0xc8, 0xbf, 0xa6, 0x57, 0x12, 0x35, 0xba, 0x39, 0x4a, 0x5a, 0x39,
+    0xeb, 0x6c, 0x69, 0x5e, 0xf8, 0xf7, 0x9d, 0x5a, 0xe5, 0xc2, 0xd3, 0x67, 0x48, 0xea, 0x4c, 0x48,
+    0xbc, 0x18, 0x98, 0x6a, 0x46, 0x05, 0x5c, 0x14, 0x01, 0xc8, 0x0d, 0x25, 0x10, 0x42, 0x6e, 0x10,
+    0x3c, 0x39, 0x8a, 0x86, 0x27, 0x31, 0x6b, 0xc4, 0xdb, 0x1c, 0x26, 0x6d, 0x2e, 0xcd, 0x6c, 0x2e,
+    0x15, 0xd8, 0xd2, 0xbc, 0x33, 0x2d, 0xf9, 0xb4, 0x09, 0x47, 0x65, 0xce, 0x90, 0x17, 0x98, 0x90,
+    0xe9, 0x31, 0x43, 0xa0, 0xa4, 0x32, 0x5f, 0xc8, 0x65, 0xe5, 0x9c, 0xcf, 0x9f, 0xf3, 0xf7, 0x9f,
+    0x02, 0x5d, 0x2a, 0xfe, 0x5c, 0xc5, 0xc2, 0x92, 0x80, 0x27, 0x4f, 0xa8, 0xd7, 0x19, 0xbb, 0xd7,
+    0x46, 0x16, 0x77, 0xb7, 0x35, 0x96, 0x7f, 0x1d, 0x2e, 0x03, 0x25, 0x1f, 0xa5, 0x8d, 0x0f, 0xa5,
+    0xda, 0x97, 0x0a, 0xe6, 0xfa, 0x9e, 0x5e, 0x3d, 0xf8, 0xfe, 0x52, 0x28, 0x5b, 0x9c, 0x80, 0x5b,
+    0x19, 0xd5, 0x2e, 0xfd, 0x38, 0xf6, 0x30, 0x5e, 0x8f, 0x95, 0x04, 0xb8, 0x27, 0x41, 0x84, 0x27,
+    0xdb, 0x58, 0x1f, 0x99, 0xd4, 0x1d, 0x3f, 0x74, 0xb8, 0x0c, 0x94, 0x7c, 0xd1, 0x71, 0x3c, 0xd1,
+    0x1e, 0xfd, 0x45, 0x43, 0xf2, 0xf9, 0xd4, 0x62, 0x8c, 0x0e, 0x13, 0xd7, 0x17, 0x87, 0x36, 0x17,
+    0x17, 0x85, 0xf8, 0x42, 0x6f, 0xe8, 0x3b, 0x26, 0x89, 0x60, 0x2a, 0x66, 0x47, 0x0e, 0x23, 0x47,
+    0x4a, 0x1b, 0x8b, 0xf6, 0x3e, 0x4d, 0xb6, 0xf7, 0xa8, 0xd1, 0x44, 0x69, 0x12, 0xdb, 0x13, 0x12,
+    0x0a, 0xea, 0x82, 0x80, 0xef, 0x57, 0x4c, 0x9f, 0xc5, 0xbb, 0xb0, 0x4d, 0x0d, 0x7d, 0x12, 0x0d,
+    0xd9, 0x05, 0x35, 0x67, 0x88, 0xd8, 0xfd, 0xe6, 0x38, 0x2b, 0xdb, 0xd4, 0x06, 0x68, 0x87, 0x06,
+    0x89, 0x59, 0xaf, 0xed, 0xfc, 0x25, 0xd8, 0x94, 0xdf, 0xba, 0x12, 0xf9, 0x6e, 0x06, 0x17, 0x6e,
+    0x78, 0x72, 0xd7, 0xcf, 0x4e, 0x62, 0xd6, 0x4b, 0x75, 0x38, 0x4c, 0xda, 0x5c, 0x59, 0xd8, 0x5c,
+    0x76, 0x22, 0x01, 0x70, 0x19, 0x7c, 0xdd, 0x33, 0x73, 0xcd, 0x62, 0x04, 0x3c, 0x16, 0x7f, 0x3c,
+    0x27, 0xb1, 0x8e, 0x85, 0x43, 0x02, 0x99, 0x08, 0xd4, 0xae, 0x6d, 0x7d, 0xde, 0x95, 0x53, 0xde,
+    0x18, 0x1a, 0x3b, 0x82, 0x16, 0x75, 0x51, 0x17, 0xcf, 0x67, 0xc2, 0xec, 0xad, 0xac, 0x38, 0xad,
+    0x23, 0x0b, 0xda, 0xba, 0xfb, 0x4b, 0xde, 0xef, 0x17, 0xe0, 0xf3, 0xee, 0xb3, 0xa7, 0xe6, 0xb3,
+    0xf2, 0xb9, 0x47, 0xa3, 0xc0, 0x01, 0xad, 0x04, 0x6a, 0x57, 0xd7, 0xdf, 0x6f, 0xab, 0xc8, 0x6f,
+    0x95, 0xf9, 0xc0, 0x50, 0x52, 0x19, 0xce, 0x64, 0xd3, 0x93, 0x4e, 0x86, 0xae, 0x98, 0x9a, 0xae,
+    0xd5, 0x08, 0xc9, 0x26, 0x83, 0x03, 0x34, 0x0c, 0xbe, 0xf9, 0xba, 0xa2, 0xb1, 0x3e, 0x9b, 0xb1,
+    0xa9, 0xc0, 0x4a, 0xd6, 0x75, 0x28, 0xa5, 0xa0, 0x08, 0x8f, 0x68, 0xeb, 0x80, 0x55, 0xf6, 0x80,
+    0x84, 0x9b, 0x46, 0xd3, 0xd9, 0x7d, 0x70, 0x37, 0x19, 0x9a, 0xb5, 0xdb, 0x53, 0xbd, 0xb7, 0x53,
+    0xe1, 0x86, 0xeb, 0xde, 0x17, 0xa0, 0xd1, 0xc5, 0x20, 0x79, 0x63, 0x2a, 0x45, 0x97, 0x5e, 0x45,
+    0x1d, 0x6f, 0x7a, 0xc2, 0x80, 0xbf, 0x77, 0xb9, 0x4c, 0xdb, 0x9a, 0x2b, 0x4a, 0x73, 0x31, 0x4a,
+    0x93, 0x1e, 0xbe, 0x91, 0xb6, 0x95, 0x4b, 0x11, 0x90, 0xfa, 0x9f, 0xbd, 0x14, 0xb3, 0x94, 0x14,
+    0x28, 0x2e, 0x4d, 0x45, 0x3a, 0x9f, 0xf3, 0x39, 0x92, 0xa9, 0x85, 0xf7, 0x34, 0x37, 0x48, 0x34,
+    0xc6, 0x37, 0x65, 0x5b, 0x54, 0xa2, 0x48, 0xcd, 0xf4, 0xd7, 0x0e, 0x57, 0x9b, 0x02, 0x0d, 0x9b,
+    0x7b, 0xe0, 0xe8, 0x4e, 0x3c, 0x24, 0x75, 0x90, 0xb5, 0xed, 0xc5, 0x26, 0x01, 0xad, 0xdf, 0x01,
+    0x65, 0x1d, 0xad, 0x0d, 0xce, 0xdd, 0xa1, 0xf2, 0x39, 0xe3, 0xd6, 0xf1, 0x16, 0x2a, 0xe9, 0x16,
+    0x75, 0xb0, 0x3e, 0xf1, 0x6b, 0x3a, 0x7e, 0xe8, 0xb3, 0x18, 0xeb, 0xf8, 0x61, 0xe2, 0x78, 0x61,
+    0x7c, 0xc8, 0x83, 0xf0, 0xf6, 0x2b, 0x91, 0xac, 0xb6, 0x76, 0xd2, 0x49, 0x31, 0x6b, 0x6d, 0x31,
+    0xe3, 0xdb, 0xc1, 0x20, 0x4b, 0x65, 0x13, 0x57, 0xa0, 0x5e, 0x2c, 0x82, 0x92, 0x8e, 0xe5, 0x92,
+    0xee, 0x19, 0x28, 0x1e, 0x6e, 0x3d, 0xbb, 0xf4, 0x66, 0x7e, 0x8b, 0xa0, 0xaf, 0x35, 0x45, 0xaf,
+    0x21, 0x56, 0xf0, 0x44, 0xa7, 0x8e, 0x1c, 0x7d, 0x97, 0xc7, 0xbc, 0x46, 0x64, 0xbe, 0x5d, 0x64,
+    0x8e, 0x71, 0xc4, 0x53, 0x36, 0x2a, 0x3c, 0xa8, 0xdc, 0x21, 0x05, 0x96, 0x5e, 0xc0, 0xa5, 0x5e,
+    0xf9, 0x9c, 0xd0, 0x5c, 0x01, 0xd5, 0x80, 0xd2, 0xef, 0x1e, 0xa1, 0xc6, 0xe8, 0x3b, 0x66, 0xe8,
+    0x01, 0xcf, 0x15, 0x7f, 0x2e, 0x83, 0x61, 0x49, 0x40, 0xf2, 0xc6, 0x54, 0x8a, 0xed, 0xbc, 0x8a,
+    0x5b, 0x79, 0x0d, 0x75, 0xb5, 0x29, 0x08, 0xa4, 0x62, 0xd8, 0xbf, 0x34, 0xef, 0xfe, 0x3e, 0xef,
+    0x91, 0x43, 0x94, 0x6f, 0xea, 0x50, 0x89, 0x83, 0x10, 0xdd, 0xd0, 0x15, 0xc3, 0xaa, 0x2f, 0xc3,
+    0x14, 0x17, 0xc7, 0xc3, 0x1d, 0xae, 0x98, 0xfd, 0x49, 0xb5, 0xa3, 0x9a, 0x1a, 0xfa, 0x24, 0x1a,
+    0x7a, 0x2f, 0xfd, 0x31, 0x12, 0xa7, 0x14, 0xd9, 0xf5, 0x1f, 0x03, 0x72, 0x8b, 0x40, 0x63, 0x8b,
+    0xf6, 0x03, 0x13, 0x9c, 0x78, 0x48, 0xea, 0xe3, 0xa9, 0x19, 0x49, 0x4c, 0x02, 0x99, 0x7d, 0x02,
+    0xb1, 0xda, 0x71, 0x54, 0x63, 0x5d, 0xf4, 0xb7, 0xc7, 0xe8, 0xaa, 0x07, 0x2d, 0xf9, 0xce, 0x2d,
+    0xb7, 0x3d, 0x0f, 0x95, 0x87, 0xd1, 0x71, 0xc2, 0x84, 0x81, 0x7b, 0x3c, 0x97, 0xd2, 0xc0, 0x97,
+    0xca, 0x3a, 0x99, 0x1a, 0x5f, 0x79, 0x81, 0x27, 0x72, 0x05, 0x6f, 0x21, 0x2c, 0x54, 0x11, 0x2c,
+    0x5a, 0xb6, 0x18, 0x0a, 0x9b, 0xaa, 0x69, 0xed, 0x22, 0x2a, 0x79, 0x60, 0x65, 0x13, 0x82, 0x65,
+    0xf8, 0x53, 0xc5, 0x23, 0x2f, 0x56, 0xe1, 0x9b, 0xaf, 0xec, 0x67, 0x92, 0x62, 0xd6, 0xda, 0x62,
+    0xcc, 0xdd, 0xe7, 0xdb, 0xbb, 0xf5, 0x04, 0x52, 0x31, 0x6c, 0xbe, 0x1a, 0x96, 0x7f, 0x1f, 0x96,
+    0x47, 0xd9, 0x62, 0xc8, 0x1b, 0x15, 0x1e, 0x54, 0x6e, 0xf1, 0xe3, 0x4b, 0x2f, 0x60, 0xb3, 0x2f,
+    0x96, 0x6b, 0xff, 0xd1, 0x20, 0x5f, 0x6d, 0xbf, 0x13, 0x46, 0xc7, 0x7a, 0xf3, 0x6c, 0x9d, 0xf3,
+    0x6e, 0x38, 0x3a, 0xf2, 0x0f, 0x09, 0x8c, 0x24, 0xbc, 0xaa, 0xa0, 0xe8, 0x91, 0xba, 0x47, 0x91,
+    0x13, 0x3f, 0xac, 0x7d, 0xd7, 0xa1, 0x7c, 0xc1, 0x4a, 0x2e, 0xb4, 0xf5, 0x2a, 0x3c, 0x96, 0x2a,
+    0x24, 0x23, 0xb1, 0x04, 0x31, 0x44, 0x3a, 0xd3, 0x14, 0x7b, 0xe4, 0x81, 0x83, 0x61, 0x54, 0x83,
+    0x74, 0x7f, 0x2b, 0x8e, 0x45, 0xb9, 0x1f, 0xa1, 0xf3, 0xea, 0x2d, 0xac, 0xeb, 0x0f, 0xc4, 0xeb,
+    0x09, 0x78, 0xbd, 0x01, 0x9d, 0x11, 0xef, 0x44, 0x05, 0x6e, 0x39, 0xb1, 0x50, 0x89, 0x15, 0x50,
+    0x03, 0x92, 0x3f, 0x81, 0x72, 0x46, 0xa3, 0xdb, 0xc0, 0xd5, 0x89, 0xfc, 0x5d, 0xf4, 0x07, 0x5d,
+    0x30, 0x34, 0x76, 0xc7, 0x2c, 0xea, 0xa2, 0x2e, 0x5d, 0xce, 0x47, 0x1b, 0x99, 0x9b, 0x70, 0x99,
+    0x50, 0x5c, 0x9a, 0x8a, 0x74, 0xfd, 0x25, 0x72, 0xe7, 0x91, 0xc9, 0x2d, 0x68, 0x6e, 0x90, 0x68,
+    0x4f, 0x6e, 0xca, 0xb6, 0xa8, 0x87, 0x90, 0x59, 0x2b, 0x6d, 0x1c, 0xae, 0xf5, 0x04, 0x1a, 0xf5,
+    0x0e, 0x50, 0xd6, 0xbf, 0x57, 0x1e, 0x0b, 0x78, 0x06, 0xf5, 0x2e, 0xde, 0x60, 0x4f, 0xa7, 0x60,
+    0x7d, 0x07, 0x96, 0x8f, 0xd8, 0xa8, 0xf0, 0xe5, 0xf6, 0x84, 0x14, 0x1d, 0xbb, 0x86, 0xd1, 0xbb,
+    0xb9, 0x6d, 0xd9, 0x2a, 0xd0, 0xcf, 0x7a, 0xba, 0x82, 0x74, 0x55, 0xe2, 0xf7, 0x9d, 0x67, 0xf7,
+    0x37, 0x1c, 0x1d, 0x79, 0xe6, 0xe5, 0x46, 0x12, 0x5e, 0x55, 0x50, 0x74, 0xa9, 0x5d, 0xc2, 0xa9,
+    0x54, 0xe6, 0xce, 0xb5, 0xcc, 0xb4, 0x62, 0x95, 0x24, 0xdf, 0x57, 0xbe, 0x05, 0x5c, 0x25, 0x05,
+    0x1f, 0x32, 0x50, 0x3c, 0xdc, 0x7a, 0xb5, 0x2b, 0xcc, 0xfc, 0xd5, 0x83, 0x9d, 0x6a, 0x8a, 0x9d,
+    0xc2, 0x8d, 0x31, 0x64, 0xec, 0xeb, 0x0f, 0x2a, 0x37, 0x99, 0x90, 0xc4, 0xf6, 0x30, 0xb8, 0xf6,
+    0x33, 0xa6, 0x49, 0x46, 0x5e, 0xac, 0x01, 0xf5, 0x9d, 0x1b, 0xce, 0xe7, 0xc4, 0x6f, 0x77, 0xc4,
+    0x3a, 0xde, 0xf4, 0x47, 0xc3, 0xbd, 0xee, 0xb1, 0x98, 0x75, 0xf7, 0x56, 0x94, 0xe6, 0x62, 0x94,
+    0xe5, 0x3c, 0xbf, 0xe1, 0xaf, 0xe9, 0x96, 0x22, 0xe3, 0x37, 0xfd, 0xb9, 0x28, 0xa5, 0xeb, 0x28,
+    0xe8, 0xfe, 0x56, 0xdf, 0x8a, 0xb1, 0x3e, 0x81, 0x25, 0x17, 0x5a, 0x9b, 0x15, 0x1e, 0x4b, 0x15,
+    0x12, 0xf0, 0xb9, 0x02, 0xf9, 0x22, 0x1d, 0x88, 0x0a, 0xdc, 0x72, 0xa1, 0xa0, 0xd1, 0x2a, 0xa0,
+    0x92, 0xd1, 0xab, 0xee, 0x98, 0x16, 0x2a, 0x58, 0xd0, 0x08, 0x59, 0xe9, 0x9e, 0x5e, 0x28, 0x9e,
+    0xac, 0xb5, 0x0b, 0x96, 0xe3, 0xe2, 0x83, 0x0e, 0x8b, 0x33, 0x30, 0x2c, 0x67, 0x8a, 0xff, 0x67,
+    0x34, 0x8e, 0x22, 0xf8, 0x94, 0xa3, 0xe5, 0xc9, 0x9e, 0x80, 0xd9, 0x88, 0xf4, 0xa9, 0xc5, 0xf4,
+    0x52, 0x01, 0xb0, 0x74, 0x28, 0x38, 0xe7, 0xe0, 0x67, 0xb6, 0x86, 0x85, 0xbf, 0x77, 0x2b, 0xbf,
+    0xed, 0x8b, 0x17, 0x9f, 0x1c, 0x7b, 0x18, 0x2f, 0xa6, 0xab, 0x02, 0x5c, 0xf2, 0xc1, 0x42, 0xf2,
+    0xfa, 0x0e, 0xef, 0xdd, 0x73, 0x93, 0x23, 0x09, 0x2f, 0xcb, 0x28, 0x3a, 0xb5, 0xcf, 0x61, 0xb5,
+    0x98, 0x3b, 0x29, 0x6e, 0x77, 0x41, 0x66, 0xc7, 0x15, 0xb3, 0xe9, 0xa4, 0x93, 0x23, 0x3a, 0x93,
+    0xdf, 0xe2, 0x4b, 0xa6, 0x6c, 0x54, 0x78, 0x93, 0x7b, 0x42, 0x0a, 0xef, 0xbc, 0x43, 0x89, 0xbc,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x66, 0x8f, 0x92, 0x8c, 0xbc, 0x9b, 0x02, 0x29, 0xf9, 0x36, 0x5f, 0x0d, 0x4b, 0xde, 0xee, 0x4b,
+    0x2f, 0x06, 0x26, 0xfb, 0xf0, 0x90, 0x17, 0x05, 0x91, 0x32, 0x92, 0x98, 0x04, 0xf1, 0xfa, 0x04,
+    0x3e, 0x64, 0xa0, 0x78, 0x7b, 0xf4, 0xa9, 0x56, 0x5b, 0x3b, 0x69, 0xc5, 0xf9, 0xd4, 0xd7, 0xf9,
+  },
+  { /* 6 */
+    0x51, 0x8b, 0xc0, 0x48, 0x41, 0xdb, 0x9d, 0x79, 0x04, 0x5b, 0xb3, 0x42, 0x6e, 0xe5, 0x18, 0xc6,
+    0x33, 0xea, 0x25, 0x27, 0xfa, 0x81, 0x30, 0xe7, 0xa3, 0x06, 0xf7, 0x12, 0x65, 0x8f, 0x4c, 0x36,
+    0xa4, 0x98, 0x5a, 0x40, 0x48, 0x42, 0xb3, 0xc9, 0x3b, 0x2e, 0x19, 0xca, 0x9c, 0x04, 0x9a, 0x9d,
+    0x67, 0xeb, 0x11, 0xd7, 0x14, 0x97, 0xc2, 0x59, 0x6c, 0x89, 0xa6, 0x39, 0x6b, 0x80, 0xab, 0x4b,
+    0x0a, 0xd7, 0x2b, 0xb3, 0x9d, 0x59, 0xde, 0x4d, 0x55, 0x6b, 0x07, 0xd2, 0xc0, 0x17, 0x3d, 0xb5,
+    0xe7, 0x33, 0xd5, 0x7d, 0x3a, 0x1c, 0x1b, 0x11, 0xa6, 0x3b, 0x18, 0xa1, 0xf1, 0xc2, 0x52, 0x20,
+    0x28, 0xda, 0xac, 0x89, 0x31, 0xa7, 0xfe, 0xf7, 0x97, 0x6f, 0x1c, 0xce, 0x86, 0x5c, 0xf4, 0x91,
+    0x1a, 0xcc, 0xd2, 0x37, 0xe8, 0x70, 0x6c, 0x44, 0xdd, 0xec, 0x60, 0xc1, 0x42, 0x8e, 0x8b, 0x80,
+    0x6c, 0xc0, 0x61, 0xfd, 0xaa, 0x98, 0xbe, 0x40, 0xd0, 0x67, 0x2a, 0xf6, 0x0a, 0xca, 0xa5, 0xd9,
+    0x65, 0xd0, 0xa7, 0x26, 0x52, 0x3b, 0x45, 0xf1, 0x7d, 0x40, 0x73, 0x03, 0xea, 0x3a, 0xcd, 0x05,
+    0xfa, 0x4e, 0x45, 0x03, 0x3b, 0x0d, 0x9f, 0x3a, 0xa1, 0xca, 0x4f, 0x33, 0x52, 0x1c, 0x40, 0x55,
+    0xe8, 0x6e, 0x0a, 0x76, 0x08, 0x88, 0xaa, 0x9b, 0x38, 0x84, 0xfd, 0x1a, 0x51, 0x3f, 0x90, 0x2e,
+    0xac, 0x74, 0xc7, 0x02, 0x93, 0xb7, 0xea, 0x2c, 0x7f, 0x8c, 0xcb, 0x22, 0xdd, 0xa9, 0xc1, 0x66,
+    0x5a, 0xa0, 0xb0, 0x62, 0xff, 0xd4, 0xe1, 0x60, 0xb8, 0xb5, 0x3f, 0x8d, 0x0f, 0xaf, 0x16, 0x54,
+    0xa9, 0xfe, 0x33, 0xba, 0x3c, 0x7a, 0x85, 0xeb, 0xb4, 0x58, 0x29, 0x4b, 0xbd, 0x43, 0x3e, 0xdd,
+    0x30, 0x2d, 0xc8, 0x4f, 0x9f, 0x7b, 0x15, 0x1b, 0x5b, 0x4a, 0xa9, 0x35, 0x45, 0x68, 0x19, 0x5f,
+    0x8b, 0xf3, 0xb4, 0x80, 0x90, 0x84, 0xa5, 0x51, 0x76, 0x5c, 0x32, 0x57, 0xfb, 0x08, 0xf7, 0xf9,
+    0x83, 0x1f, 0x29, 0xc2, 0x4b, 0x71, 0xfc, 0xb4, 0x32, 0xfe, 0xe0, 0xbf, 0xba, 0xa5, 0xac, 0x02,
+    0xef, 0xdf, 0x48, 0x3f, 0xe1, 0xe9, 0x42, 0xf4, 0xe2, 0x99, 0xca, 0x49, 0xb0, 0x6f, 0x09, 0xdb,
+    0x66, 0x17, 0x4a, 0x4e, 0x37, 0xc1, 0x60, 0x0d, 0x85, 0x0c, 0x2d, 0x24, 0xca, 0xdd, 0x98, 0x6c,
+    0x14, 0x6d, 0x56, 0xa5, 0xf9, 0xb2, 0x7f, 0x9a, 0xaa, 0xd6, 0x0e, 0x67, 0x43, 0x2e, 0x7a, 0xa9,
+    0x0d, 0x66, 0x69, 0xfa, 0x74, 0x38, 0x36, 0x22, 0x8f, 0x76, 0x30, 0x81, 0x21, 0x47, 0xa4, 0x40,
+    0x05, 0x8a, 0xf4, 0xb8, 0xaf, 0xcd, 0x6f, 0xc7, 0xcb, 0xd4, 0xe2, 0x69, 0x60, 0xea, 0xff, 0xbb,
+    0x92, 0xf8, 0x8b, 0xdf, 0x1d, 0x0e, 0xec, 0xe9, 0x53, 0xfc, 0x0c, 0xb1, 0x99, 0x61, 0x29, 0x10,
+    0x7a, 0x96, 0x81, 0xa9, 0x15, 0x86, 0x46, 0x72, 0x6b, 0x78, 0xf1, 0xab, 0xc8, 0x5e, 0xb9, 0x3e,
+    0x13, 0xdc, 0x14, 0xec, 0x10, 0xd3, 0x97, 0xf5, 0x70, 0xcb, 0x39, 0x34, 0xa2, 0x7e, 0xe3, 0x5c,
+    0xd8, 0x43, 0xc2, 0x39, 0x97, 0xf3, 0xbf, 0x80, 0x63, 0xce, 0x54, 0x2f, 0x14, 0x57, 0x89, 0x71,
+    0x87, 0x69, 0x86, 0xe3, 0xc7, 0xea, 0x31, 0x27, 0x10, 0xaf, 0x89, 0xcb, 0x7b, 0x12, 0x60, 0x9e,
+    0xb5, 0x7f, 0xf8, 0x5d, 0x1e, 0x3d, 0xa3, 0x94, 0x5a, 0x2c, 0xf5, 0xc4, 0xbf, 0xc0, 0x1f, 0x8f,
+    0xdf, 0xf2, 0x80, 0x70, 0x7e, 0x92, 0x57, 0xef, 0xb9, 0xd3, 0x63, 0x7c, 0xf5, 0x07, 0x10, 0x84,
+    0x91, 0x3f, 0x66, 0xb7, 0x78, 0xf4, 0xc9, 0x15, 0xab, 0xb0, 0x52, 0x96, 0xb9, 0x86, 0x7c, 0x79,
+    0x2d, 0x50, 0x58, 0x31, 0x9e, 0x6a, 0x91, 0x30, 0x5c, 0xbb, 0xfe, 0xa7, 0xe6, 0xb6, 0x0b, 0x2a,
+    0xa0, 0xee, 0xf5, 0x61, 0xc4, 0xd9, 0x7e, 0x5a, 0x19, 0x7f, 0x70, 0xbe, 0x5d, 0xb3, 0x56, 0x01,
+    0xbf, 0xa8, 0xd3, 0xee, 0x83, 0x64, 0x7d, 0xd9, 0x0f, 0x47, 0xf2, 0x16, 0x7f, 0xd7, 0x22, 0x3a,
+    0x24, 0x40, 0x9e, 0xea, 0x66, 0xc9, 0x6a, 0x81, 0xf1, 0x9c, 0xa7, 0x52, 0x06, 0x46, 0x63, 0xf6,
+    0x49, 0x7c, 0xa4, 0x8e, 0xef, 0x07, 0x76, 0x95, 0xc8, 0x7e, 0x06, 0xb9, 0xad, 0xd1, 0xf5, 0x08,
+    0xee, 0x23, 0x13, 0xa6, 0xc2, 0xbf, 0xe0, 0xa0, 0x0b, 0x1c, 0x41, 0x54, 0x11, 0x32, 0x3a, 0xfc,
+    0x2c, 0xac, 0x03, 0xa8, 0xbd, 0x3c, 0x33, 0x64, 0xb5, 0x3e, 0x75, 0xba, 0x47, 0xeb, 0x38, 0x0d,
+    0x1d, 0x7d, 0x90, 0x7e, 0x01, 0x11, 0x84, 0x2b, 0x07, 0xf1, 0x57, 0x92, 0xa3, 0xde, 0x12, 0x75,
+    0xcc, 0x2e, 0x94, 0x9c, 0x6e, 0x41, 0xc0, 0x1a, 0xc9, 0x18, 0x5a, 0x48, 0x57, 0x79, 0xf3, 0xd8,
+    0x7c, 0xdb, 0x98, 0x79, 0xdf, 0xb1, 0x0c, 0x49, 0x58, 0xe0, 0x4d, 0xe5, 0x88, 0x53, 0x13, 0xec,
+    0x8e, 0x79, 0x40, 0x38, 0x3f, 0x49, 0xca, 0x96, 0xbd, 0x88, 0xd0, 0x3e, 0x9b, 0xe2, 0x08, 0x42,
+    0xb8, 0x19, 0x91, 0xa7, 0x6a, 0x05, 0x95, 0xb6, 0xd5, 0x5a, 0xc5, 0x45, 0x9e, 0x87, 0xbb, 0xcf,
+    0xe6, 0xcf, 0x8e, 0xe4, 0x19, 0x4a, 0xb9, 0x45, 0x4f, 0xbe, 0x93, 0xbc, 0x50, 0x9f, 0x61, 0x07,
+    0xf4, 0xef, 0xc1, 0x91, 0x2a, 0xcf, 0x8c, 0xe4, 0xd6, 0xf0, 0x21, 0x95, 0x53, 0xbc, 0xb1, 0x7c,
+    0x26, 0x7b, 0x28, 0x1b, 0x20, 0x65, 0xed, 0x29, 0xe0, 0x55, 0x72, 0x68, 0x87, 0xfc, 0x05, 0xb8,
+    0x1b, 0x30, 0x89, 0xae, 0xcb, 0x26, 0xce, 0x10, 0x34, 0x69, 0xeb, 0xdc, 0xe3, 0xd3, 0xb8, 0xa7,
+    0x4f, 0x31, 0xbd, 0x5e, 0x25, 0x30, 0x3c, 0xae, 0xfb, 0xe6, 0xba, 0xf7, 0xed, 0xdc, 0x5f, 0xda,
+    0xd5, 0x25, 0xab, 0xc3, 0xe3, 0xcb, 0x89, 0xa2, 0xec, 0xb8, 0x64, 0xae, 0x35, 0x10, 0x2d, 0x31,
+    0xc5, 0x3e, 0x52, 0x47, 0x96, 0xe2, 0x3b, 0xab, 0x64, 0x3f, 0x03, 0xbd, 0xb7, 0x89, 0x9b, 0x04,
+    0x50, 0x77, 0x9b, 0xd1, 0x62, 0x8d, 0x3f, 0x2d, 0xed, 0xde, 0x38, 0x5f, 0xcf, 0xb8, 0x2b, 0xe1,
+    0x79, 0x51, 0x6c, 0xc1, 0x70, 0x7c, 0x63, 0x8e, 0x93, 0x34, 0xaf, 0x8c, 0xe8, 0xb9, 0xec, 0x57,
+    0x77, 0xf0, 0xe8, 0x53, 0x61, 0xbe, 0x70, 0x50, 0xe4, 0x0e, 0xc1, 0x2a, 0xe9, 0x19, 0x1d, 0x7e,
+    0x16, 0x56, 0xe0, 0x54, 0xbf, 0x1e, 0xf8, 0x32, 0xbb, 0x1f, 0xdb, 0x5d, 0xc2, 0x94, 0x1c, 0xe7,
+    0x52, 0x4c, 0x2d, 0x20, 0x24, 0x21, 0xb8, 0x85, 0xfc, 0x17, 0xed, 0x65, 0x4e, 0x02, 0x4d, 0xaf,
+    0x15, 0x91, 0x0d, 0x3c, 0xda, 0xe4, 0xdd, 0xce, 0x43, 0x53, 0x85, 0x7a, 0xe2, 0x73, 0x49, 0x8e,
+    0x9b, 0xe8, 0x4d, 0x04, 0xe5, 0xad, 0x17, 0x58, 0xfe, 0xdb, 0x55, 0x44, 0x79, 0x91, 0x41, 0xcc,
+    0xb4, 0x83, 0xa3, 0xc4, 0x3d, 0x6b, 0x01, 0xc0, 0xb3, 0xa9, 0x7e, 0xd9, 0x1e, 0x9d, 0x2c, 0xa8,
+    0x3e, 0x8c, 0x4c, 0xdd, 0x8e, 0xb9, 0x06, 0xc5, 0x2c, 0x70, 0xc7, 0x93, 0x44, 0xc8, 0xe8, 0x76,
+    0x80, 0xd8, 0xc4, 0xaa, 0x2e, 0x8b, 0xd9, 0x48, 0xca, 0xb2, 0xbe, 0x98, 0x9a, 0x42, 0xf9, 0x6b,
+    0x36, 0x60, 0xd1, 0x9f, 0x55, 0x4c, 0x5f, 0x20, 0x68, 0xd2, 0x15, 0x7b, 0x05, 0x65, 0xb3, 0x8d,
+    0xd3, 0x68, 0xb2, 0x13, 0x29, 0xfc, 0xc3, 0x99, 0xdf, 0x20, 0xd8, 0xe0, 0x75, 0x1d, 0x87, 0xe3,
+    0x2b, 0x1d, 0x41, 0xe1, 0x54, 0x5d, 0xdb, 0x0b, 0x6f, 0x23, 0x42, 0xe9, 0xa6, 0xbb, 0xa1, 0xf8,
+    0x01, 0xfc, 0x5b, 0x99, 0x23, 0x56, 0xa2, 0x54, 0xe9, 0x85, 0x8b, 0x1d, 0xa1, 0x5d, 0x33, 0x27,
+    0x99, 0xd3, 0xfb, 0xf5, 0xa3, 0x01, 0x90, 0xf0, 0xef, 0x12, 0x80, 0x7e, 0xf8, 0x2b, 0x27, 0x82,
+    0xdd, 0xc9, 0x36, 0x81, 0x38, 0x3e, 0xd0, 0x47, 0xa8, 0x1a, 0xb6, 0x46, 0x74, 0xbd, 0x76, 0xca,
+    0xf6, 0xd4, 0x77, 0x60, 0x6c, 0x63, 0x0b, 0x4c, 0xc7, 0x39, 0xf4, 0xaf, 0xd2, 0x06, 0xd7, 0x32,
+    0x68, 0xb6, 0xce, 0xdc, 0x26, 0x03, 0x73, 0xd3, 0xf2, 0x36, 0x43, 0x82, 0xcb, 0x7d, 0x69, 0x45,
+    0x12, 0x20, 0x4f, 0x75, 0x33, 0x85, 0x35, 0xa1, 0x99, 0x4e, 0xb2, 0x29, 0x03, 0x23, 0xd0, 0x7b,
+    0x8a, 0x0f, 0xef, 0x19, 0xb3, 0xd2, 0x07, 0x05, 0x9f, 0xd9, 0xb9, 0x4a, 0x5a, 0x55, 0xc4, 0xde,
+    0x09, 0x10, 0xc6, 0xdb, 0xf8, 0xa3, 0xfb, 0xb1, 0xad, 0x27, 0x59, 0xf5, 0xe0, 0xf0, 0x68, 0xdc,
+    0xa6, 0xa3, 0xec, 0xb1, 0x0e, 0xee, 0x34, 0x61, 0x2a, 0xe7, 0xcc, 0xf0, 0x1d, 0xbe, 0xfc, 0xd3,
+    0x72, 0x7a, 0x1c, 0xeb, 0xce, 0x73, 0x1f, 0x97, 0x2f, 0xda, 0x23, 0x43, 0x89, 0xf3, 0xe2, 0xc5,
+    0xc4, 0xc2, 0x09, 0xde, 0xb5, 0xb4, 0x99, 0xff, 0x8d, 0xba, 0x88, 0xa0, 0x16, 0xd4, 0xa8, 0x23,
+    0x3a, 0xfa, 0xe3, 0xfc, 0x02, 0x22, 0xcb, 0x56, 0x0e, 0x21, 0xae, 0xe7, 0x85, 0x7f, 0x24, 0xea,
+    0x74, 0x37, 0x05, 0x3b, 0x04, 0x44, 0x55, 0xac, 0x1c, 0x42, 0x9f, 0x0d, 0xc9, 0xfe, 0x48, 0x17,
+    0xc1, 0x48, 0xfd, 0x66, 0x1a, 0x79, 0xf6, 0x38, 0x46, 0x6e, 0x6a, 0xc9, 0x76, 0x3e, 0x57, 0x98,
+    0xca, 0x63, 0x8d, 0x4c, 0xa4, 0x76, 0x8a, 0x21, 0xfa, 0x80, 0xe6, 0x06, 0x17, 0x74, 0x59, 0x0a,
+    0xb9, 0xe5, 0xca, 0x3e, 0x49, 0x53, 0x37, 0xe2, 0x3c, 0xdf, 0x4e, 0x58, 0x3f, 0xda, 0x88, 0xe8,
+    0x70, 0x41, 0xaa, 0x1a, 0x88, 0xdf, 0x98, 0x3f, 0x3e, 0x13, 0xf6, 0x79, 0x08, 0x49, 0x84, 0x8b,
+    0xbc, 0x6f, 0x3e, 0x86, 0xe6, 0x9e, 0x58, 0x25, 0xf7, 0x0b, 0xac, 0x31, 0x5f, 0x30, 0x77, 0x53,
+    0x34, 0x5b, 0x67, 0x6e, 0x13, 0xe0, 0xd8, 0x88, 0x79, 0x1b, 0xc0, 0x41, 0x84, 0xdf, 0xd5, 0xc3,
+    0x6a, 0x8d, 0x78, 0x2d, 0x60, 0xaf, 0xf4, 0x7b, 0xe3, 0xff, 0x96, 0xb8, 0x4a, 0xc7, 0x0f, 0x0b,
+    0x48, 0x80, 0xff, 0x17, 0xcc, 0x51, 0xd4, 0xc1, 0x21, 0xfb, 0x8d, 0xa4, 0x0c, 0x8c, 0xc6, 0x2f,
+    0x5f, 0x2a, 0x44, 0xda, 0x50, 0x19, 0x8e, 0xa7, 0x73, 0x61, 0xdd, 0xe4, 0x6f, 0x45, 0xe9, 0xef,
+    0x8f, 0x85, 0x1b, 0xa1, 0x1c, 0x1f, 0x68, 0xc2, 0x54, 0x0d, 0x5b, 0x23, 0x3a, 0xbf, 0x3b, 0x65,
+    0x69, 0x4a, 0x95, 0x45, 0x05, 0x55, 0xd1, 0x87, 0x1b, 0xb3, 0xc8, 0x9f, 0x6a, 0x20, 0x5a, 0x62,
+    0x9a, 0x14, 0x16, 0x9d, 0xc6, 0xfb, 0xb5, 0x0c, 0x17, 0x5e, 0xde, 0x59, 0xd8, 0xcc, 0x72, 0xeb,
+    0xda, 0x78, 0x74, 0xc8, 0xd1, 0x5f, 0x38, 0x28, 0x72, 0x07, 0x81, 0x15, 0x95, 0xed, 0xef, 0x3f,
+    0xfd, 0xff, 0x07, 0x4a, 0xd2, 0x6c, 0x77, 0x55, 0x7b, 0xd7, 0x78, 0x60, 0xb3, 0x4c, 0xd9, 0xa0,
+    0x39, 0x3d, 0x0e, 0x94, 0x67, 0xd8, 0xee, 0xaa, 0xf6, 0x6d, 0xf0, 0xc0, 0xa5, 0x98, 0x71, 0x83,
+    0xa5, 0x64, 0x01, 0xd9, 0x6b, 0x14, 0x11, 0x9d, 0xd2, 0xab, 0x92, 0xd7, 0x3d, 0x59, 0xa9, 0xba,
+    0xfc, 0x03, 0x5c, 0xd3, 0xf1, 0x3a, 0xd5, 0x01, 0x92, 0x52, 0xf3, 0x7d, 0x12, 0x11, 0xea, 0x87,
+    0xe0, 0x82, 0x97, 0x34, 0xd3, 0x7d, 0xf3, 0x7e, 0x7c, 0x26, 0x2f, 0xf2, 0x10, 0x92, 0xcb, 0xd5,
+    0x0c, 0x9a, 0x32, 0x63, 0x57, 0x6e, 0x94, 0x76, 0x66, 0xf3, 0xbb, 0x9c, 0x80, 0x1a, 0x97, 0x67,
+    0x57, 0xc6, 0xd9, 0x98, 0x8b, 0xec, 0xd7, 0x42, 0x37, 0xc3, 0x0f, 0x0c, 0x2e, 0xe8, 0xb2, 0x14,
+    0x54, 0x01, 0x34, 0xf0, 0xee, 0x16, 0xf2, 0xbe, 0xcf, 0x8f, 0x51, 0x2b, 0x0e, 0x0f, 0xe7, 0x7d,
+    0x8d, 0xbe, 0xad, 0x50, 0x5a, 0xb3, 0xef, 0x6a, 0x45, 0xc4, 0x8e, 0x19, 0xbb, 0x05, 0x5d, 0x2b,
+    0xd2, 0x94, 0xe9, 0x8a, 0x0a, 0xaa, 0x61, 0xcd, 0x36, 0xa5, 0x53, 0xfd, 0xd4, 0x40, 0xb4, 0xc4,
+    0xf7, 0x28, 0x2c, 0xf9, 0x4f, 0x35, 0xa9, 0x18, 0x2e, 0xbc, 0x7f, 0xb2, 0x73, 0x5b, 0xe4, 0x15,
+    0x5e, 0xd6, 0x1f, 0x43, 0x73, 0x4f, 0x2c, 0xf3, 0x9a, 0xe4, 0x56, 0xf9, 0xce, 0x18, 0xda, 0xc8,
+    0xf9, 0x89, 0xa8, 0x6b, 0x5e, 0xf7, 0xba, 0xc6, 0x59, 0x86, 0x11, 0x14, 0x72, 0xfb, 0x15, 0x3c,
+    0xf2, 0xa2, 0xd8, 0x41, 0xe0, 0xf8, 0xc6, 0xdf, 0xe5, 0x68, 0x9d, 0xdb, 0x13, 0xb1, 0x1b, 0xae,
+    0xe3, 0x45, 0x7a, 0x5c, 0xb6, 0x87, 0xd6, 0x82, 0x84, 0x6a, 0x71, 0xd5, 0x30, 0x75, 0x9e, 0xbc,
+    0x3b, 0x06, 0xb8, 0x65, 0x21, 0x74, 0x69, 0x02, 0xe7, 0xa4, 0x25, 0xfa, 0x24, 0x22, 0x17, 0xcd,
+    0x03, 0xc7, 0xed, 0x68, 0x65, 0xfa, 0x25, 0xfc, 0xf8, 0x4c, 0x5e, 0x27, 0x20, 0xe7, 0x55, 0x69,
+    0xa1, 0x12, 0xae, 0xf8, 0xe7, 0x8f, 0xdc, 0x0e, 0xf0, 0xfa, 0xfb, 0xa3, 0xfc, 0xee, 0x65, 0x26,
+    0x96, 0x8e, 0x24, 0xfe, 0x91, 0x95, 0x21, 0x7a, 0x71, 0xad, 0x65, 0xc5, 0x58, 0xd6, 0xe5, 0x8c,
+    0xaa, 0x39, 0xde, 0xd2, 0x59, 0x80, 0xa0, 0x17, 0x4c, 0x14, 0x77, 0x6c, 0x9d, 0xa4, 0x6b, 0xb4,
+    0x9f, 0x9e, 0xe2, 0x25, 0x69, 0x36, 0xda, 0xcb, 0xdc, 0x8a, 0x3c, 0x30, 0xb8, 0x26, 0x8d, 0x50,
+    0x46, 0x21, 0x7b, 0x85, 0xdd, 0x93, 0xc7, 0x1f, 0x56, 0xc1, 0xe3, 0x02, 0x0d, 0x2c, 0x37, 0x06,
+    0x41, 0x90, 0x39, 0xcc, 0x34, 0xf2, 0x2f, 0x70, 0x8c, 0xdc, 0xd4, 0x51, 0xec, 0x7c, 0xae, 0xf3,
+    0x2a, 0xe1, 0x1a, 0x78, 0x77, 0x0b, 0x79, 0x5f, 0x86, 0xa6, 0xc9, 0xf4, 0x07, 0xe6, 0x92, 0xdf,
+    0x60, 0x5a, 0x53, 0x9e, 0xfd, 0xf6, 0x2a, 0x36, 0xb6, 0x94, 0x91, 0x6a, 0x8a, 0xd0, 0x32, 0xbe,
+    0xe5, 0x08, 0x63, 0x8c, 0x7c, 0xb0, 0x9c, 0xb9, 0xb7, 0xf2, 0xcd, 0x9b, 0x70, 0x78, 0x34, 0x6e,
+    0x94, 0xb5, 0x92, 0x0f, 0xd7, 0x39, 0xa6, 0xd2, 0x60, 0x64, 0xb0, 0xff, 0xd9, 0x6c, 0x83, 0xc2,
+    0xbe, 0x54, 0x88, 0x77, 0xa0, 0x32, 0xdf, 0x8d, 0xe6, 0xc2, 0x79, 0x0b, 0xde, 0x8a, 0x11, 0x1d,
+    0x90, 0xc3, 0x3d, 0x2e, 0x5b, 0xa2, 0x6b, 0x41, 0x42, 0x35, 0xd9, 0x8b, 0x18, 0xdb, 0x4f, 0x5e,
+    0x2f, 0x6b, 0xee, 0xc0, 0xd8, 0xc6, 0x16, 0x98, 0x4d, 0x72, 0x2b, 0x9d, 0x67, 0x0c, 0x6d, 0x64,
+    0x9d, 0xa5, 0x54, 0xd4, 0x2f, 0x9a, 0x5d, 0x63, 0xcd, 0x43, 0xe9, 0x0a, 0x39, 0x9c, 0xeb, 0x1e,
+    0x81, 0x24, 0x9f, 0x33, 0x0d, 0xdd, 0x7b, 0x1c, 0x23, 0x37, 0x35, 0x85, 0x3b, 0x1f, 0xca, 0x4c,
+    0xa2, 0xd5, 0x43, 0x90, 0x82, 0x75, 0xf9, 0xf2, 0x08, 0xb6, 0xa5, 0x84, 0xdc, 0x09, 0x30, 0x4f,
+    0x76, 0x0c, 0xb3, 0xca, 0x42, 0xe8, 0xd2, 0x04, 0x0d, 0x8b, 0x4a, 0x37, 0x48, 0x44, 0x2e, 0x59,
+    0x4b, 0x47, 0x12, 0x7f, 0xa9, 0xab, 0xf1, 0x3d, 0xd9, 0xb7, 0xd3, 0x83, 0x2c, 0x6b, 0x93, 0x46,
+    0xe4, 0xf4, 0x38, 0x15, 0x5f, 0xe6, 0x3e, 0xed, 0x5e, 0x77, 0x46, 0x86, 0xd1, 0x25, 0x07, 0x49,
+    0x06, 0x4d, 0x19, 0xd0, 0xca, 0x37, 0x4a, 0x3b, 0x33, 0x98, 0xbc, 0x4e, 0x40, 0x0d, 0xaa, 0xd2,
+    0x55, 0xfd, 0x6f, 0x69, 0xcd, 0x40, 0x50, 0xea, 0x26, 0x0a, 0xda, 0x36, 0xaf, 0x52, 0xd4, 0x5a,
+    0xae, 0x4f, 0x71, 0xf3, 0xd5, 0x1b, 0x6d, 0x84, 0x6e, 0x45, 0x1e, 0x18, 0x5c, 0x13, 0xa7, 0x28,
+    0x1c, 0x81, 0xcb, 0xe7, 0x22, 0x47, 0x26, 0x7f, 0xee, 0x74, 0xdc, 0x8f, 0x02, 0x83, 0x21, 0x52,
+    0x75, 0xcb, 0x5e, 0xa2, 0x27, 0x12, 0xf7, 0xf8, 0xf5, 0xc7, 0x14, 0x10, 0x68, 0xa3, 0x7b, 0x30,
+    0x5b, 0x5c, 0xeb, 0xfb, 0xdc, 0x82, 0x43, 0x34, 0x51, 0x30, 0xb4, 0x90, 0xae, 0xf2, 0x25, 0x73,
+    0x04, 0x76, 0xaf, 0x21, 0x8c, 0x9b, 0xcd, 0x93, 0x22, 0x51, 0x69, 0x74, 0xc1, 0xb7, 0xcc, 0x9c,
+    0x27, 0x87, 0x73, 0x82, 0x03, 0x33, 0x4f, 0x7d, 0x09, 0xd0, 0xf9, 0x75, 0x26, 0xa1, 0x36, 0x9f,
+    0x4d, 0x0a, 0x0b, 0xaf, 0x63, 0x9c, 0xbb, 0x06, 0xea, 0x2f, 0x6f, 0xcd, 0x6c, 0x66, 0x39, 0x94,
+    0x9c, 0x59, 0x0f, 0x4d, 0x0c, 0xcc, 0xff, 0x37, 0x24, 0xc6, 0x62, 0x17, 0x98, 0xc1, 0xd8, 0x39,
+    0x20, 0x36, 0x31, 0xcb, 0xea, 0x52, 0xa7, 0x12, 0xd3, 0xcd, 0xce, 0x26, 0xc7, 0xf1, 0xaf, 0x6a,
+    0x53, 0xb0, 0x76, 0xb9, 0x07, 0x77, 0x1a, 0xd1, 0x15, 0x92, 0x66, 0x78, 0xef, 0x5f, 0x7e, 0x88,
+    0xd0, 0xaf, 0x5f, 0x7b, 0x4c, 0x06, 0xe6, 0x65, 0x27, 0x6c, 0x86, 0xc7, 0x55, 0xfa, 0xd2, 0x8a,
+    0x95, 0x49, 0xc9, 0x96, 0xf4, 0x6f, 0x04, 0x86, 0x89, 0xe1, 0x3b, 0xe2, 0x78, 0x31, 0xb0, 0xe5,
+    0xf3, 0x5e, 0x83, 0xd8, 0xc3, 0xae, 0x64, 0x8b, 0x0c, 0xed, 0x16, 0xc6, 0xb2, 0xec, 0x28, 0x89,
+    0x85, 0x52, 0x30, 0x12, 0x81, 0x46, 0xb6, 0x8f, 0x01, 0x66, 0x5c, 0xf1, 0xfa, 0xa8, 0x06, 0xd0,
+    0x88, 0x34, 0x59, 0xe8, 0xf5, 0x7e, 0x80, 0xad, 0x8e, 0x10, 0x6c, 0x70, 0xdb, 0xef, 0xa2, 0x90,
+    0xb0, 0xf5, 0x0c, 0xe5, 0xb1, 0xf0, 0xcc, 0x53, 0x91, 0xf8, 0x17, 0xad, 0xdf, 0x2a, 0xe0, 0x34,
+    0x22, 0x0d, 0x87, 0x3a, 0xac, 0xfe, 0x20, 0xba, 0xc2, 0x04, 0x1b, 0x1c, 0x46, 0x4b, 0xc9, 0x24,
+    0x0b, 0x2b, 0x70, 0x2a, 0xbe, 0x0f, 0x7c, 0x19, 0xbc, 0xee, 0x8c, 0xcf, 0x61, 0x4a, 0x0e, 0x92,
+    0x02, 0x3b, 0xb6, 0xf1, 0x46, 0xac, 0x87, 0xa8, 0x11, 0xc9, 0xd5, 0x3a, 0x81, 0xba, 0x66, 0x4e,
+    0xc9, 0xa4, 0x60, 0x24, 0xc1, 0x8c, 0xaf, 0xdd, 0x02, 0xcc, 0xb8, 0x21, 0x37, 0x93, 0x0c, 0x63,
+    0xdb, 0x84, 0x2f, 0x51, 0xf2, 0x09, 0x9a, 0x7c, 0x9b, 0x82, 0x0a, 0x08, 0x34, 0xb0, 0xdc, 0x18,
+    0xb6, 0xb8, 0x15, 0x35, 0x7b, 0xc7, 0x86, 0x68, 0xa2, 0x60, 0xab, 0xe3, 0x9f, 0x27, 0x4a, 0xe6,
+    0x40, 0x6c, 0x62, 0x55, 0x17, 0xa4, 0x8d, 0x24, 0x65, 0x59, 0x5f, 0x4c, 0x4d, 0x21, 0x9d, 0xd4,
+    0x4e, 0xcd, 0xe6, 0xc7, 0x06, 0x66, 0x9e, 0xfa, 0x12, 0x63, 0x31, 0xea, 0x4c, 0x81, 0x6c, 0xfd,
+    0xd7, 0x1e, 0x1d, 0x32, 0xa5, 0x67, 0x0e, 0x0a, 0xfd, 0x71, 0xb1, 0x94, 0xb4, 0xaa, 0x4b, 0x7f,
+    0xab, 0xc5, 0x85, 0x4b, 0x7a, 0xd6, 0x02, 0x43, 0xa5, 0x91, 0xfc, 0x71, 0x3c, 0xf9, 0x58, 0x93,
+    0x98, 0x2f, 0xa0, 0x6c, 0x80, 0x57, 0x32, 0xa4, 0x06, 0x97, 0x0b, 0x63, 0x59, 0x76, 0x14, 0xa5,
+    0xc8, 0x58, 0x3b, 0xbd, 0xe2, 0xda, 0x0d, 0x89, 0xeb, 0x49, 0x33, 0x3c, 0x96, 0xce, 0x3f, 0x44,
+    0xaf, 0xb3, 0x2a, 0x6a, 0xf6, 0x4d, 0xcf, 0xd0, 0x87, 0xc0, 0x95, 0x05, 0xfd, 0x4e, 0x94, 0x0f,
+    0xa3, 0x29, 0x18, 0x09, 0xa1, 0x23, 0x5b, 0xa6, 0xe1, 0x33, 0x2e, 0x99, 0x7d, 0x54, 0x03, 0x68,
+    0x44, 0x1a, 0xcd, 0x74, 0x9b, 0x3f, 0x40, 0xb7, 0x47, 0x08, 0x36, 0x38, 0x8c, 0x96, 0x51, 0x48,
+    0x84, 0xae, 0x6b, 0x8b, 0xa2, 0x10, 0x14, 0xdb, 0xe8, 0xe3, 0xd7, 0xec, 0x5b, 0xf5, 0x35, 0xf7,
+    0x9e, 0x62, 0xb9, 0xbc, 0x4a, 0x60, 0x78, 0x9f, 0x35, 0x0f, 0xb7, 0x2d, 0x19, 0x7b, 0xbe, 0x77,
+    0xe2, 0xb9, 0x21, 0xc5, 0x95, 0xd1, 0x74, 0xd6, 0x6d, 0xef, 0xfa, 0xc8, 0x91, 0x28, 0xad, 0x9b,
+    0xcd, 0xd2, 0xcf, 0x05, 0x4d, 0x17, 0x62, 0x4e, 0x20, 0x9d, 0xd1, 0x55, 0xf6, 0x24, 0xc0, 0xff,
+    0xfb, 0xb2, 0x1e, 0x9a, 0x18, 0x5b, 0x3d, 0x6e, 0x48, 0x4f, 0xc4, 0x2e, 0xf3, 0x41, 0x73, 0x72,
+    0x45, 0xe6, 0x96, 0xed, 0xb8, 0x69, 0xe2, 0xe3, 0xae, 0x8d, 0xbd, 0x25, 0x2d, 0xcb, 0x62, 0x6f,
+    0x23, 0xf1, 0xdc, 0xa3, 0x8f, 0xa8, 0x82, 0xee, 0x2b, 0x81, 0x90, 0x01, 0xe7, 0x16, 0xfa, 0x03,
+    0xc6, 0xf9, 0xbf, 0x2f, 0xf3, 0x18, 0x1e, 0x57, 0x9c, 0x73, 0x5d, 0x9a, 0x97, 0x6e, 0xce, 0x6d,
+    0x3d, 0x4b, 0xa1, 0xb5, 0xeb, 0x43, 0x23, 0x39, 0xd4, 0x3c, 0x99, 0xb4, 0x64, 0x2f, 0xbd, 0x1f,
+    0x17, 0xaa, 0xbb, 0xcd, 0x9c, 0x48, 0x5a, 0x66, 0x52, 0x9a, 0x50, 0x40, 0x63, 0xc9, 0x2f, 0xc0,
+    0xeb, 0xa9, 0xe7, 0x1e, 0x6d, 0x72, 0x8f, 0x67, 0xc0, 0xc8, 0xa3, 0x3d, 0x71, 0xd8, 0xc5, 0x47,
+    0x2e, 0x97, 0xb5, 0x59, 0xfb, 0x90, 0xb4, 0xcc, 0xa4, 0xf7, 0xa0, 0x80, 0xc6, 0x51, 0x5e, 0x43,
+    0xcb, 0x9f, 0xd6, 0xd5, 0x87, 0x20, 0x28, 0x75, 0x13, 0x05, 0x6d, 0x1b, 0xb6, 0x29, 0x6a, 0x2d,
+    0xb2, 0xce, 0xba, 0x14, 0xf7, 0x5c, 0x4b, 0xfb, 0x80, 0x31, 0xc2, 0x97, 0x5e, 0x90, 0x86, 0x7a,
+    0x5c, 0xed, 0xa9, 0xb2, 0x35, 0xe3, 0xab, 0x5b, 0x8b, 0x2d, 0x83, 0xc3, 0x4f, 0xa2, 0xbc, 0x86,
+    0x4a, 0xbb, 0x49, 0xe6, 0x8a, 0xfd, 0x53, 0x69, 0x30, 0x32, 0x58, 0x9e, 0x8d, 0x36, 0xa0, 0x61,
+    0x64, 0x2c, 0xfc, 0xbf, 0x71, 0x6d, 0xe7, 0xa5, 0x94, 0xc5, 0xf8, 0x1e, 0x4b, 0x67, 0xfe, 0x22,
+    0x71, 0xbd, 0xf1, 0x83, 0xab, 0x89, 0x3a, 0x6b, 0xd7, 0x96, 0x7d, 0x64, 0xa9, 0x14, 0xb7, 0xac,
+    0x35, 0xa7, 0x3c, 0xf7, 0x30, 0xb6, 0x7a, 0xdc, 0x90, 0x9e, 0x4b, 0x5c, 0x25, 0x82, 0xe6, 0xe4,
+    0xc7, 0x05, 0xe4, 0xb6, 0xd0, 0x4e, 0xbc, 0x03, 0x75, 0xf6, 0xd6, 0x87, 0x36, 0x33, 0xfd, 0x4a,
+    0x07, 0xb1, 0x42, 0x49, 0xe9, 0x61, 0xe8, 0x6f, 0xda, 0x1d, 0x37, 0x53, 0xe1, 0x50, 0x99, 0xf5,
+    0x59, 0x67, 0x5d, 0x0a, 0x9a, 0x2e, 0xc4, 0x9c, 0x40, 0xf9, 0x61, 0xaa, 0x2f, 0x48, 0x43, 0x3d,
+    0x38, 0xc1, 0x55, 0x0d, 0x44, 0x8e, 0x4c, 0xfe, 0x1f, 0xe8, 0x7b, 0xdd, 0x04, 0xc5, 0x42, 0xa4,
+    0xea, 0x55, 0xbc, 0x87, 0x4e, 0x24, 0x2d, 0x33, 0x29, 0x4d, 0x28, 0x20, 0xd0, 0x85, 0xf6, 0x60,
+    0x37, 0x9c, 0x8a, 0x06, 0x76, 0x1a, 0xfd, 0x74, 0x81, 0x57, 0x9e, 0x66, 0xa4, 0x38, 0x80, 0xaa,
+    0x63, 0x9d, 0xbe, 0xf6, 0x98, 0x0c, 0x0f, 0xca, 0x4e, 0xd8, 0xcf, 0x4d, 0xaa, 0x37, 0x67, 0xd7,
+    0x18, 0xf7, 0x64, 0xc6, 0xae, 0xdc, 0xeb, 0xec, 0xcc, 0x25, 0xb5, 0xfb, 0xc3, 0x34, 0xed, 0xce,
+    0xa7, 0x5f, 0xb7, 0x28, 0x2d, 0xb8, 0x96, 0x35, 0xc3, 0x62, 0x47, 0xed, 0xbc, 0xe3, 0xcf, 0xf4,
+    0x58, 0x9b, 0x06, 0x93, 0xb9, 0x78, 0x66, 0xc8, 0xa9, 0x7c, 0xea, 0xb7, 0x8e, 0x15, 0x70, 0x1a,
+    0x11, 0xe7, 0xa2, 0x1d, 0x56, 0x7f, 0x10, 0x5d, 0x61, 0x02, 0xec, 0x0e, 0x23, 0xc4, 0x85, 0x12,
+    0xf5, 0x13, 0x9a, 0x08, 0x09, 0x99, 0x2e, 0xb0, 0x3f, 0x75, 0xaa, 0x88, 0xf2, 0xe1, 0x82, 0x5b,
+    0xd9, 0xbf, 0x99, 0xa0, 0xb4, 0xa5, 0x1d, 0xd4, 0x8a, 0x4b, 0xdf, 0x32, 0xb5, 0x0a, 0xba, 0x56,
+    0xe9, 0x92, 0x51, 0xef, 0x2b, 0xde, 0x08, 0xcf, 0xd1, 0x01, 0x76, 0x07, 0xf0, 0x62, 0xa3, 0x09,
+    0x25, 0xbc, 0xc5, 0x73, 0x45, 0x9f, 0xc8, 0xd5, 0x18, 0x19, 0x2c, 0x4f, 0xa7, 0x1b, 0x50, 0xd1,
+    0xf8, 0x75, 0xf3, 0xf2, 0x7d, 0xa1, 0x18, 0x92, 0xb0, 0x03, 0x9a, 0x09, 0xd3, 0xa6, 0x26, 0x1b,
+    0x97, 0x72, 0x7f, 0x67, 0xb2, 0xc3, 0x83, 0x2e, 0x98, 0x28, 0xee, 0xd8, 0xf9, 0x8b, 0xd6, 0xab,
+    0xb1, 0x09, 0x57, 0x7c, 0x92, 0xa6, 0x6e, 0x07, 0x78, 0x7d, 0x9c, 0xb0, 0x7e, 0x77, 0xd3, 0x13,
+    0x19, 0x0b, 0x3f, 0x5f, 0x8d, 0x8a, 0x49, 0xb8, 0x25, 0xa0, 0x3e, 0xe6, 0x62, 0x69, 0xde, 0xe9,
+    0x0f, 0x5d, 0xdf, 0x0b, 0x32, 0x94, 0xb1, 0x8a, 0x9e, 0xbf, 0xe5, 0xbb, 0xa0, 0xfd, 0xc2, 0x0e,
+    0x89, 0xc8, 0x02, 0x71, 0xd6, 0x28, 0x22, 0xf9, 0x67, 0x95, 0xe7, 0x6d, 0x7a, 0xb2, 0x91, 0xb7,
+    0xdc, 0x35, 0x6d, 0x18, 0x1b, 0x68, 0x72, 0x13, 0x41, 0x9f, 0x3d, 0x5b, 0xd5, 0xe0, 0x45, 0xed,
+    0x08, 0xec, 0x9d, 0x42, 0xdb, 0xf5, 0x59, 0xe5, 0x44, 0xa2, 0xd2, 0xe8, 0x41, 0xad, 0x5b, 0xfb,
+    0xf1, 0x65, 0x35, 0x29, 0x85, 0x02, 0xe3, 0x23, 0x1d, 0x24, 0xc3, 0xfc, 0x33, 0x56, 0x4e, 0xc7,
+    0xa8, 0x02, 0x68, 0x23, 0x1f, 0x2c, 0x27, 0xbf, 0x5d, 0xdd, 0xa2, 0x56, 0x1c, 0x1e, 0x0d, 0xfa,
+    0x0e, 0xa1, 0x84, 0x92, 0x11, 0xc2, 0x13, 0xde, 0x77, 0x3a, 0x6e, 0xa6, 0x01, 0xa0, 0xf1, 0x29,
+    0x6f, 0x07, 0x8c, 0x95, 0xcf, 0x62, 0x9b, 0xbc, 0x28, 0x2b, 0x74, 0xd1, 0x2a, 0x2d, 0xf0, 0xb0,
+    0x7d, 0x27, 0xc3, 0xe0, 0xfc, 0xe7, 0xae, 0x1d, 0xb1, 0x65, 0xc6, 0xf8, 0x29, 0x0e, 0x20, 0xcb,
+    0xd4, 0xd9, 0xf0, 0x5a, 0xc0, 0x9d, 0x2b, 0xf6, 0x05, 0x3d, 0xef, 0xb3, 0x94, 0x4d, 0x1e, 0x16,
+    0xbd, 0x93, 0x65, 0x1f, 0xc5, 0xc8, 0xfa, 0x71, 0x1e, 0x8e, 0x27, 0x2c, 0xfe, 0x6d, 0x44, 0x74,
+    0x86, 0x95, 0xdd, 0x7a, 0xe4, 0xbc, 0x93, 0x73, 0xf9, 0x2a, 0x02, 0xd6, 0xda, 0x4f, 0x53, 0xb9,
+    0xec, 0x18, 0xa5, 0x57, 0x84, 0x13, 0x67, 0x08, 0x1a, 0xd5, 0x94, 0x6e, 0x90, 0x88, 0x5c, 0xb2,
+    0x32, 0x16, 0x7e, 0xbe, 0xd9, 0xd7, 0x92, 0xb3, 0x4a, 0x83, 0x7c, 0x0f, 0xc4, 0xd2, 0x7f, 0x11,
+    0x7e, 0xe0, 0x2e, 0x88, 0x99, 0x1d, 0x8b, 0xe1, 0x49, 0x29, 0x98, 0xdf, 0x09, 0xe9, 0x75, 0xa2,
+    0xed, 0xe4, 0xfe, 0xce, 0xa7, 0x45, 0xc5, 0x5c, 0xf3, 0x50, 0x1f, 0x73, 0x31, 0xd5, 0x6f, 0x95,
+    0x6e, 0xfb, 0xd7, 0x0c, 0xec, 0x34, 0x39, 0xe8, 0xc1, 0xae, 0xff, 0xcc, 0x8b, 0x70, 0xc3, 0x97,
+    0xc3, 0x73, 0x4b, 0x97, 0x5c, 0xd5, 0x71, 0x90, 0x57, 0xa7, 0xbf, 0xf3, 0xf7, 0x84, 0x31, 0xd6,
+    0x21, 0xca, 0x6a, 0x52, 0xc9, 0x04, 0x05, 0x46, 0x3a, 0x48, 0x45, 0x3b, 0x66, 0xac, 0x9c, 0x4d,
+    0x62, 0x61, 0xe5, 0x6f, 0xbb, 0x5a, 0xad, 0x9e, 0xa7, 0x5d, 0x44, 0x50, 0x0b, 0x6a, 0x54, 0xf0,
+    0xce, 0x15, 0x22, 0x6d, 0x28, 0xed, 0x47, 0xb2, 0xd8, 0xd1, 0x8f, 0x72, 0xd6, 0xc3, 0x95, 0x96,
+    0x93, 0x04, 0xd0, 0x46, 0x3e, 0x58, 0x4e, 0xbd, 0xba, 0x79, 0x87, 0xac, 0x38, 0x3c, 0x1a, 0x37,
+    0x4c, 0xf6, 0x50, 0x36, 0x40, 0xca, 0x19, 0x52, 0x03, 0xaa, 0xe4, 0xd0, 0xcd, 0x3b, 0x0a, 0xb3,
+    0xde, 0x0e, 0xdb, 0xe9, 0x5d, 0xc4, 0xf5, 0xbb, 0x50, 0x56, 0xe8, 0x61, 0x54, 0x5a, 0x23, 0xa3,
+    0x3f, 0x70, 0x17, 0x44, 0xad, 0xef, 0xa4, 0x91, 0xc5, 0xf5, 0x4c, 0x8e, 0xe5, 0x95, 0xdb, 0x51,
+    0x43, 0xab, 0x8f, 0x3d, 0x72, 0x5e, 0xa8, 0xd8, 0x9d, 0x15, 0x01, 0x6b, 0x6d, 0xc6, 0xc8, 0xbd,
+    0x73, 0x86, 0x47, 0x72, 0xed, 0x25, 0xbd, 0xc3, 0xc6, 0x5f, 0xa8, 0x5e, 0x28, 0xae, 0xd1, 0xe2,
+    0xad, 0x88, 0x9c, 0x9b, 0xb0, 0xe1, 0x48, 0x78, 0x96, 0x09, 0x40, 0x3f, 0x7c, 0xf4, 0xf2, 0x41,
+    0xf0, 0x99, 0x6e, 0xb0, 0xa6, 0x54, 0x41, 0x77, 0xf4, 0xa1, 0x48, 0xe1, 0x92, 0x0b, 0x7d, 0xe0,
+    0x47, 0xdd, 0x20, 0x1c, 0xfe, 0xc5, 0x65, 0x4b, 0xbf, 0x44, 0x68, 0x1f, 0xac, 0x71, 0x04, 0x21,
+    0x3c, 0xb7, 0xfa, 0x2c, 0xc8, 0x15, 0x81, 0x6d, 0x3d, 0xb9, 0x12, 0xa9, 0xc5, 0x72, 0x8e, 0x38,
+    0x61, 0xa6, 0x08, 0x07, 0xde, 0xa0, 0x88, 0x62, 0x5f, 0x11, 0x1a, 0x77, 0x2b, 0x8d, 0x01, 0x99,
+    0x56, 0x3a, 0x82, 0x01, 0xa8, 0xba, 0x75, 0x16, 0xde, 0x46, 0x84, 0x11, 0x8f, 0xb5, 0x81, 0x33,
+    0x29, 0x26, 0xf7, 0x10, 0x12, 0xf1, 0x5c, 0xa3, 0x7e, 0xea, 0x97, 0xd3, 0x27, 0x01, 0xc7, 0xb6,
+    0x7b, 0x6a, 0xda, 0x30, 0x36, 0xd0, 0xe4, 0x26, 0x82, 0xfd, 0x7a, 0xb6, 0x69, 0x03, 0x8a, 0x19,
+    0x10, 0x1b, 0xf9, 0x84, 0x75, 0x29, 0xb2, 0x09, 0x88, 0x87, 0x67, 0x13, 0x82, 0x99, 0xb6, 0x35,
+    0xff, 0xc4, 0xb1, 0xbb, 0x94, 0xc0, 0xf0, 0xfd, 0x6a, 0x1e, 0xad, 0x5a, 0x32, 0xf6, 0xbf, 0xee,
+    0x5d, 0x11, 0xf2, 0x2b, 0x16, 0xb5, 0x09, 0x0f, 0x62, 0xa8, 0x08, 0xde, 0xee, 0xff, 0x8f, 0xa1,
+    0x31, 0xd1, 0x93, 0xd6, 0xbc, 0x2d, 0xb7, 0x4f, 0xb2, 0xcf, 0x22, 0x28, 0xe4, 0x35, 0x2a, 0x78,
+    0xb7, 0x44, 0x4e, 0xac, 0x58, 0x91, 0x24, 0x3c, 0x4b, 0xe5, 0x20, 0xfe, 0x3e, 0x7a, 0x79, 0xc1,
+    0xb3, 0x32, 0xe1, 0x8d, 0xd4, 0x0a, 0xe9, 0xaf, 0x69, 0xb4, 0x49, 0x8a, 0xff, 0xcd, 0xb5, 0x5d,
+    0x6b, 0x71, 0x23, 0xb4, 0x43, 0xf9, 0x56, 0x2f, 0x0a, 0x7a, 0x1d, 0xa5, 0xeb, 0x9a, 0x3c, 0x2c,
+    0xc0, 0xb4, 0xa6, 0xff, 0x39, 0x2f, 0x54, 0x6c, 0xaf, 0xeb, 0xe1, 0xd4, 0xd7, 0x63, 0x64, 0xbf,
+    0x7f, 0x1c, 0x75, 0x11, 0xba, 0x4b, 0x29, 0xb5, 0xa0, 0xac, 0x13, 0xc2, 0xa8, 0xb4, 0x46, 0x85,
+    0x1e, 0xba, 0x7d, 0x16, 0x64, 0xeb, 0xa1, 0xd7, 0xff, 0xbd, 0x09, 0xb5, 0x83, 0x39, 0x47, 0x1c,
+    0xd1, 0x53, 0x04, 0xe2, 0x6f, 0x50, 0x44, 0x31, 0xce, 0xe9, 0x0d, 0xda, 0xf4, 0xa7, 0xe1, 0xad,
+    0x78, 0xad, 0x37, 0x58, 0x53, 0x2a, 0xc1, 0xda, 0x7a, 0xb1, 0x24, 0x91, 0x49, 0xe4, 0xdf, 0x70,
+    0xc2, 0x8f, 0x10, 0x0e, 0x7f, 0x83, 0xd3, 0xc4, 0xbe, 0x22, 0x34, 0xee, 0x56, 0xd9, 0x02, 0xf1,
+    0xbb, 0xde, 0x7c, 0xcf, 0x0f, 0xff, 0xb0, 0x4a, 0x2d, 0x16, 0x9b, 0x62, 0xbe, 0x60, 0xee, 0xa6,
+    0x6d, 0x3c, 0x3a, 0x64, 0x89, 0xce, 0x1c, 0x14, 0x39, 0xe2, 0xa1, 0xeb, 0xab, 0x97, 0x96, 0xfe,
+    0xe1, 0x7e, 0xcc, 0xad, 0xf0, 0x2b, 0x51, 0x2a, 0x95, 0xa3, 0xa4, 0xef, 0xb1, 0xcf, 0xf8, 0xf2,
+    0x1f, 0x46, 0x26, 0x8f, 0x47, 0xbd, 0x03, 0x83, 0x16, 0x38, 0x82, 0xa8, 0x22, 0x64, 0x74, 0x3b,
+    0x82, 0xe3, 0x72, 0x5b, 0x68, 0x27, 0x5e, 0xe0, 0xdb, 0x7b, 0x6b, 0xa2, 0x1b, 0xf8, 0x9f, 0x25,
+    0xba, 0x22, 0x27, 0x56, 0x2c, 0xa9, 0x12, 0x1e, 0xc4, 0x93, 0x10, 0x7f, 0x1f, 0x3d, 0xdd, 0x81,
+    0x8c, 0x42, 0xf6, 0xc9, 0x79, 0xe5, 0x4d, 0x3e, 0xac, 0x41, 0x05, 0x04, 0x1a, 0x58, 0x6e, 0x0c,
+    0xcf, 0xe9, 0x79, 0xf4, 0x0b, 0xbb, 0xe5, 0xe6, 0x31, 0x54, 0x04, 0x6f, 0x77, 0x9e, 0xa6, 0xb1,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0xfe, 0x38, 0xea, 0x22, 0xb7, 0x96, 0x52, 0xa9, 0x83, 0x9b, 0x26, 0x47, 0x93, 0xab, 0x8c, 0xc9,
+    0x42, 0x57, 0xd4, 0xa4, 0x51, 0x08, 0x0a, 0x8c, 0x74, 0x90, 0x8a, 0x76, 0xcc, 0x9b, 0xfb, 0x9a,
+    0xd6, 0xe2, 0x46, 0xab, 0x86, 0x31, 0xac, 0x5e, 0x14, 0xf4, 0x3a, 0x89, 0x15, 0xf7, 0x78, 0x58,
+  },
+  { /* 7 */
+    0xa5, 0x9d, 0x85, 0x46, 0x8a, 0x0e, 0x61, 0xc4, 0x42, 0xe7, 0xb4, 0xca, 0xc0, 0x3d, 0xf4, 0xe8,
+    0x2d, 0x30, 0x7c, 0xb1, 0xb2, 0x96, 0xab, 0x86, 0x12, 0x3f, 0xbc, 0x10, 0x25, 0xe6, 0x1e, 0xf1,
+    0x32, 0xb3, 0x29, 0xf1, 0xe6, 0xb1, 0x53, 0x61, 0xca, 0xf8, 0xa0, 0xd0, 0x5a, 0xc4, 0x96, 0x37,
+    0x8f, 0xc2, 0x69, 0x55, 0xf0, 0x82, 0xf2, 0x7d, 0x39, 0xb6, 0xe7, 0xff, 0x11, 0x3a, 0xe8, 0x2f,
+    0x0e, 0xde, 0xe3, 0x87, 0x53, 0x34, 0x70, 0x7e, 0xd2, 0xdc, 0x1d, 0x4a, 0x2b, 0x01, 0x04, 0x6c,
+    0x30, 0x1b, 0x49, 0x07, 0xfb, 0x7a, 0x43, 0x73, 0xa1, 0x91, 0x25, 0x09, 0xd5, 0x45, 0xd7, 0x23,
+    0x38, 0xfe, 0x0a, 0x59, 0x8f, 0xd0, 0x03, 0x3b, 0xce, 0xf6, 0x74, 0xeb, 0xac, 0x04, 0x10, 0x73,
+    0xc0, 0x6c, 0xe7, 0x1c, 0x6a, 0x2b, 0xcf, 0x0f, 0xc1, 0x01, 0x94, 0x24, 0xd2, 0xd7, 0xda, 0x8c,
+    0x54, 0xbe, 0x1b, 0x26, 0xf4, 0xdb, 0xe5, 0xb1, 0xf6, 0xa2, 0xa6, 0x6a, 0x61, 0x0e, 0x38, 0x4d,
+    0xe6, 0x45, 0x88, 0x7e, 0x5e, 0x58, 0x3c, 0xda, 0x03, 0xe5, 0x5f, 0x82, 0xa7, 0x50, 0x83, 0x33,
+    0x9e, 0x9f, 0xdf, 0x92, 0xf7, 0x91, 0x7a, 0xe4, 0x33, 0xad, 0xe6, 0x75, 0x45, 0x19, 0x64, 0x85,
+    0x39, 0xaa, 0x3a, 0x22, 0x60, 0x54, 0x0b, 0x32, 0x1a, 0x23, 0xd7, 0x66, 0x0a, 0xa5, 0xd1, 0x79,
+    0x55, 0xea, 0x2b, 0x5d, 0x1b, 0x5f, 0xed, 0xb8, 0x22, 0x77, 0x05, 0xe7, 0xc7, 0xaf, 0xf9, 0x47,
+    0x7e, 0xe1, 0xf7, 0x35, 0x8e, 0x57, 0x76, 0x08, 0x8d, 0xf3, 0xf5, 0x5f, 0xb0, 0x09, 0x24, 0x8a,
+    0x52, 0x85, 0xbb, 0xff, 0xd3, 0x45, 0xd5, 0x87, 0x4b, 0x19, 0xea, 0xc2, 0x33, 0x4e, 0xfb, 0x71,
+    0x91, 0x15, 0x0c, 0x6e, 0x4b, 0x21, 0x02, 0x93, 0x35, 0xa4, 0x58, 0xb2, 0xc8, 0xb9, 0xa1, 0xe3,
+    0x64, 0xa5, 0x52, 0x21, 0x0f, 0xa1, 0xa6, 0xc2, 0x57, 0x33, 0x83, 0x63, 0xb4, 0x4b, 0xef, 0x6e,
+    0x03, 0xfc, 0x50, 0x8d, 0xf2, 0x4f, 0x18, 0x1b, 0xbf, 0xbc, 0x26, 0x54, 0x29, 0x20, 0x80, 0x1e,
+    0x57, 0x42, 0x4b, 0xab, 0x06, 0x94, 0xfd, 0xaa, 0x49, 0x1e, 0x80, 0x3e, 0x48, 0x2e, 0xb8, 0x53,
+    0x5a, 0x60, 0xf8, 0xa1, 0xa7, 0xef, 0x95, 0xcf, 0x24, 0x7e, 0xbb, 0x20, 0x4a, 0x0f, 0x3c, 0x21,
+    0x1c, 0x7f, 0x05, 0xcd, 0xa6, 0x68, 0xe0, 0xfc, 0x67, 0x7b, 0x3a, 0x94, 0x56, 0x02, 0x08, 0xd8,
+    0x60, 0x36, 0x92, 0x0e, 0x35, 0xf4, 0x86, 0xe6, 0x81, 0xe1, 0x4a, 0x12, 0x69, 0x8a, 0x6d, 0x46,
+    0x07, 0x6f, 0x90, 0xa2, 0xc8, 0x1a, 0x38, 0x3f, 0x69, 0x6e, 0xef, 0x25, 0xf4, 0xe1, 0x02, 0x36,
+    0x18, 0xec, 0xc5, 0xe2, 0x9c, 0x3d, 0xc0, 0xd8, 0xb1, 0xa9, 0xf3, 0xe5, 0x8b, 0xc3, 0x8a, 0xf0,
+    0x21, 0x46, 0xff, 0xc0, 0xfc, 0x69, 0xcb, 0xea, 0xab, 0x8a, 0x24, 0x83, 0x81, 0x66, 0x5b, 0x89,
+    0x72, 0x97, 0x74, 0x44, 0xc0, 0xa8, 0x16, 0x64, 0x34, 0x46, 0x6d, 0xcc, 0x14, 0x89, 0x61, 0xf2,
+    0xa8, 0xbf, 0x36, 0x4c, 0x2b, 0x75, 0x09, 0xa1, 0x2f, 0x87, 0x8f, 0xd4, 0xc2, 0x1c, 0x70, 0x9a,
+    0xd1, 0x31, 0x51, 0xdb, 0x6d, 0x38, 0x47, 0x96, 0xcb, 0x1a, 0x95, 0xae, 0x86, 0xf4, 0x56, 0x26,
+    0x29, 0xa3, 0xbc, 0x9e, 0x88, 0xc3, 0x8b, 0xa2, 0xc4, 0xed, 0x75, 0x61, 0xf8, 0x27, 0x9c, 0xd9,
+    0xc6, 0x57, 0x47, 0xc5, 0x4d, 0xb5, 0xff, 0x39, 0x7c, 0xba, 0xd8, 0x8c, 0x80, 0x97, 0x19, 0xb0,
+    0xa4, 0xc9, 0xb5, 0x3d, 0x65, 0x8a, 0x69, 0xcd, 0x96, 0x32, 0x17, 0x47, 0x66, 0x9c, 0x35, 0xe2,
+    0x3f, 0x91, 0x9a, 0xfb, 0x47, 0xca, 0x3b, 0x04, 0xa7, 0x98, 0x9b, 0xce, 0x58, 0xe5, 0x12, 0x45,
+    0xe0, 0x7e, 0x28, 0xa7, 0x79, 0xc6, 0x0c, 0xec, 0xbe, 0x5e, 0x13, 0x2a, 0xf5, 0x10, 0x40, 0x0f,
+    0x27, 0x7d, 0x5f, 0x19, 0xdb, 0xf7, 0xfb, 0xdc, 0x16, 0x31, 0x68, 0x2b, 0xd3, 0x26, 0x98, 0xb5,
+    0x8d, 0x6a, 0x09, 0xa3, 0xed, 0x49, 0xe2, 0x6f, 0x52, 0xdf, 0x62, 0x26, 0x9e, 0xbb, 0xa9, 0x3b,
+    0x0c, 0x76, 0x83, 0x71, 0x4e, 0xff, 0x60, 0x6c, 0xb9, 0xb5, 0x98, 0x93, 0xa4, 0x80, 0x45, 0x78,
+    0x82, 0xe0, 0xda, 0x5f, 0x51, 0xf9, 0x9a, 0x18, 0x54, 0xd6, 0xdc, 0xe1, 0x13, 0x1b, 0x6c, 0x5d,
+    0xea, 0x33, 0x0b, 0x0f, 0x10, 0xa7, 0x5c, 0xb6, 0xba, 0x50, 0xc7, 0x11, 0x03, 0xd0, 0xc6, 0x4b,
+    0xae, 0x84, 0x96, 0x95, 0x0c, 0xeb, 0x39, 0x97, 0x92, 0x3c, 0xc3, 0x7c, 0x90, 0x5c, 0xb3, 0xa6,
+    0xb4, 0xc0, 0x33, 0x81, 0x8d, 0x1d, 0xe9, 0x5d, 0x48, 0xfc, 0xb5, 0x40, 0x94, 0x1e, 0x78, 0x42,
+    0x9a, 0x0c, 0x1f, 0xbd, 0xcd, 0xc4, 0x5a, 0xc0, 0xe5, 0x7f, 0x2f, 0x04, 0x98, 0xd8, 0xe6, 0xad,
+    0x63, 0xca, 0xc2, 0x83, 0xc7, 0xbb, 0x9e, 0xfd, 0x3e, 0x5d, 0x6c, 0x46, 0x40, 0xaa, 0xed, 0x58,
+    0x49, 0x95, 0x2e, 0x90, 0xbd, 0x37, 0x0d, 0x44, 0x45, 0x0c, 0x3f, 0x73, 0x91, 0xad, 0xf1, 0x9f,
+    0xe5, 0xb9, 0xd8, 0xf3, 0xac, 0x17, 0x24, 0xc1, 0xbc, 0x59, 0x79, 0xd6, 0x8e, 0x70, 0x03, 0x2d,
+    0x42, 0x8c, 0x3d, 0x43, 0x3b, 0xd2, 0x55, 0x17, 0x95, 0xd7, 0x48, 0xc5, 0xc1, 0xcc, 0xb6, 0xd1,
+    0xe4, 0xed, 0xe8, 0x88, 0x43, 0x93, 0x2c, 0xc8, 0x68, 0x8c, 0xda, 0x5b, 0x28, 0xd1, 0xc2, 0x27,
+    0x15, 0xce, 0x76, 0xe8, 0x3d, 0x46, 0xa8, 0xbd, 0xdc, 0xc9, 0xc8, 0xfb, 0x89, 0xe2, 0x0e, 0x82,
+    0xb7, 0x3c, 0x63, 0x0c, 0x7f, 0x52, 0xf1, 0x46, 0xf7, 0x40, 0x93, 0x14, 0xbd, 0x3e, 0xf8, 0x5c,
+    0xc8, 0x89, 0xa4, 0x42, 0x1e, 0x81, 0x8f, 0x47, 0xae, 0x66, 0xc5, 0xc6, 0xab, 0x96, 0x1d, 0xdc,
+    0x06, 0x3b, 0xa0, 0xd9, 0x27, 0x9e, 0x30, 0x36, 0xbd, 0xbb, 0x4c, 0xa8, 0x52, 0x40, 0xc3, 0x3c,
+    0x70, 0x3f, 0x14, 0xb2, 0xdd, 0x63, 0x06, 0x76, 0x5f, 0x2f, 0xe8, 0x15, 0x9b, 0x08, 0x20, 0xe6,
+    0x9d, 0x63, 0x8f, 0x1f, 0x05, 0xde, 0x62, 0xff, 0x8c, 0x11, 0xc0, 0x21, 0x6c, 0x39, 0xe4, 0x9b,
+    0x41, 0x70, 0x6d, 0xce, 0xc9, 0x9d, 0x4d, 0x0c, 0x2a, 0x6b, 0x6e, 0x91, 0xe8, 0xec, 0x36, 0xcf,
+    0x75, 0xf8, 0xe4, 0xe6, 0x08, 0xb2, 0x2e, 0x5b, 0x5d, 0x28, 0x82, 0xe9, 0xe0, 0x68, 0x63, 0xc4,
+    0x19, 0xb8, 0xf5, 0x99, 0x73, 0xb9, 0xc8, 0xd1, 0x65, 0x7c, 0x50, 0x68, 0x2d, 0x62, 0x4b, 0xfa,
+    0xc9, 0xdd, 0x94, 0x39, 0xf1, 0x05, 0x87, 0x4e, 0x7a, 0xb3, 0x66, 0x4b, 0x0d, 0x37, 0xdc, 0xd6,
+    0xaa, 0x17, 0x56, 0xba, 0x36, 0xbe, 0x19, 0xb3, 0x44, 0xee, 0x0a, 0x0d, 0x4d, 0x9d, 0x31, 0x8e,
+    0xfc, 0x01, 0x2d, 0x6a, 0xdf, 0xae, 0xec, 0x10, 0xd9, 0x25, 0x29, 0xbe, 0xa3, 0x12, 0x48, 0xd7,
+    0x4d, 0x06, 0xee, 0xbf, 0x87, 0x62, 0x2d, 0x60, 0x93, 0xde, 0xf6, 0x02, 0x4c, 0x6c, 0x73, 0xb7,
+    0xbf, 0xd9, 0x20, 0x52, 0x0b, 0xf8, 0xb1, 0x0e, 0x98, 0x27, 0xc2, 0xf6, 0xc4, 0x7f, 0x3f, 0x0c,
+    0x2a, 0x5f, 0xec, 0x13, 0x7a, 0x8c, 0x93, 0xb9, 0x7b, 0x51, 0x53, 0x35, 0xd1, 0x07, 0x1c, 0xc7,
+    0x73, 0xc3, 0x44, 0x3f, 0x2f, 0x2c, 0x1e, 0x6d, 0xe0, 0x93, 0xce, 0x41, 0xb2, 0x28, 0xa0, 0xf8,
+    0x84, 0xdb, 0x7a, 0x86, 0x76, 0x67, 0xaa, 0x2e, 0xe9, 0x6d, 0x90, 0x49, 0x41, 0x5b, 0xaf, 0x61,
+    0xd5, 0xa2, 0x91, 0xf4, 0x57, 0x6d, 0x67, 0xb2, 0x1d, 0xc8, 0x5c, 0xdf, 0x5b, 0x35, 0xd4, 0x0e,
+    0xc3, 0x90, 0xb7, 0x91, 0x98, 0x64, 0xd7, 0x14, 0x7e, 0xbd, 0xb2, 0x70, 0xfb, 0xf7, 0x5a, 0x92,
+    0xaf, 0xd0, 0xa6, 0xee, 0xe3, 0x6f, 0x31, 0x9e, 0x46, 0xe9, 0x60, 0xf1, 0x36, 0xfd, 0x72, 0xac,
+    0x2b, 0x0b, 0xdc, 0x68, 0x95, 0x08, 0x9b, 0xb0, 0xaf, 0x84, 0xf0, 0xb8, 0x77, 0xa6, 0xdd, 0xcd,
+    0x86, 0x73, 0x1a, 0x70, 0x6b, 0xac, 0xba, 0x3c, 0x82, 0x04, 0x15, 0x90, 0xce, 0xda, 0xee, 0x75,
+    0xa7, 0x35, 0xe5, 0xb0, 0x97, 0xc5, 0x71, 0xd6, 0x29, 0x8e, 0x31, 0x13, 0x4f, 0xbc, 0xb5, 0xfc,
+    0xb1, 0x07, 0xc3, 0xd5, 0x58, 0xcc, 0xc1, 0x70, 0x4a, 0xfb, 0xdf, 0xbc, 0xef, 0x7e, 0x3b, 0x60,
+    0xb2, 0xfb, 0x93, 0x58, 0xaa, 0x83, 0xd9, 0x6b, 0xf5, 0x47, 0xf9, 0xe8, 0xc6, 0x5e, 0xbb, 0x7e,
+    0x5b, 0x34, 0xc8, 0xda, 0x48, 0x6b, 0x9d, 0xc6, 0xf0, 0xab, 0x18, 0xad, 0xec, 0xae, 0xfd, 0x2b,
+    0x46, 0x1f, 0xfd, 0x6c, 0x01, 0x87, 0x75, 0x33, 0x43, 0x05, 0x81, 0xb4, 0x1c, 0x0d, 0x34, 0xf9,
+    0xd3, 0x99, 0x31, 0x2d, 0x70, 0xf3, 0x57, 0x84, 0xa0, 0x73, 0x10, 0x77, 0x09, 0x75, 0x17, 0x32,
+    0x9f, 0xcb, 0xef, 0xe9, 0x18, 0x15, 0x72, 0xed, 0xe7, 0x78, 0x45, 0xf8, 0xe3, 0xb8, 0xa5, 0x8f,
+    0xfd, 0x55, 0x1d, 0x11, 0x30, 0x2a, 0xe4, 0x19, 0x0d, 0xf0, 0x8a, 0x33, 0x05, 0xb3, 0x89, 0xdd,
+    0xd4, 0xf6, 0xa1, 0x8f, 0xb8, 0xe9, 0x6f, 0xbb, 0xc9, 0x1d, 0xff, 0x52, 0xfd, 0x94, 0x15, 0x04,
+    0x0f, 0x8a, 0xd3, 0xfc, 0xbc, 0xb0, 0x78, 0x77, 0x06, 0x09, 0xbe, 0xc7, 0x8d, 0xa0, 0xc5, 0x66,
+    0x9c, 0x37, 0xbf, 0x64, 0xea, 0x5a, 0x6a, 0xf6, 0x58, 0xc4, 0x63, 0xac, 0xca, 0x98, 0x25, 0x91,
+    0x2f, 0x98, 0x1c, 0x47, 0xaf, 0x5d, 0xbb, 0x94, 0x79, 0x56, 0x39, 0xc9, 0xaa, 0x67, 0x5f, 0xe5,
+    0x9b, 0x58, 0x2f, 0xc6, 0x22, 0x40, 0x52, 0xc9, 0x31, 0xaa, 0x8c, 0x89, 0x3e, 0x79, 0x27, 0xa7,
+    0x43, 0xd8, 0x0d, 0x38, 0xd4, 0x56, 0x5d, 0x1e, 0x41, 0x02, 0xeb, 0x48, 0x67, 0x6d, 0x77, 0xdb,
+    0xef, 0xf4, 0xfb, 0x5b, 0xc5, 0x76, 0x74, 0x9b, 0xb8, 0x57, 0xad, 0xed, 0x78, 0xb0, 0x85, 0x69,
+    0xd9, 0xd4, 0x12, 0x85, 0x19, 0x92, 0x07, 0xde, 0xa4, 0x7d, 0xc4, 0x4c, 0xff, 0xb5, 0x91, 0x76,
+    0x79, 0x8e, 0x67, 0x97, 0x46, 0x4d, 0x4e, 0x37, 0xe4, 0x9d, 0x1a, 0x7a, 0x44, 0xe8, 0x26, 0xbc,
+    0xb6, 0x68, 0x53, 0x77, 0x90, 0xd6, 0xf9, 0x4f, 0x23, 0x95, 0x30, 0x99, 0x1b, 0x9f, 0x39, 0x56,
+    0x53, 0xd1, 0x8b, 0x84, 0x3c, 0xc1, 0xdd, 0x8e, 0x9f, 0xcc, 0x49, 0x4f, 0x95, 0xef, 0x3a, 0x7b,
+    0x7f, 0xb5, 0xc7, 0x4e, 0x61, 0xd3, 0x7e, 0x01, 0x59, 0x26, 0x56, 0xd2, 0x16, 0xa8, 0xe5, 0x80,
+    0xc1, 0x38, 0xd7, 0x67, 0x85, 0xaf, 0xc7, 0x06, 0x15, 0xd4, 0x37, 0xa9, 0x74, 0x76, 0x1b, 0x86,
+    0xf0, 0x77, 0xae, 0x1b, 0x91, 0x51, 0x8c, 0x7c, 0x60, 0x90, 0xb1, 0x2d, 0x07, 0x92, 0x0d, 0xaf,
+    0x23, 0xee, 0x9f, 0x36, 0xe1, 0xa2, 0xdb, 0xf8, 0xc0, 0xe3, 0xa1, 0x5a, 0x0e, 0xe7, 0x1a, 0x9d,
+    0xe7, 0x11, 0xb8, 0x05, 0xb1, 0xdc, 0x34, 0xd3, 0xd7, 0x30, 0xfc, 0x0f, 0x01, 0xf1, 0x42, 0x39,
+    0x25, 0xd5, 0x3f, 0xef, 0xc6, 0x3c, 0xeb, 0xce, 0x7d, 0x58, 0xed, 0xf2, 0x5c, 0xa7, 0xd9, 0xa1,
+    0x5e, 0xf3, 0x38, 0x8e, 0x9d, 0xba, 0xb5, 0xeb, 0xf2, 0xac, 0x72, 0x51, 0x97, 0xce, 0xbe, 0x09,
+    0xb5, 0x94, 0x03, 0xfa, 0x62, 0x99, 0xe1, 0x54, 0x9c, 0x29, 0x16, 0xcd, 0x32, 0xbf, 0xb9, 0x48,
+    0x1e, 0xd7, 0x65, 0x3b, 0xbb, 0xa3, 0xf0, 0xee, 0x0c, 0x12, 0xbf, 0x4d, 0xd9, 0x83, 0x49, 0xcc,
+    0xa2, 0xf2, 0x15, 0xe4, 0x42, 0x14, 0x59, 0xfb, 0x2b, 0x89, 0x5b, 0xef, 0x34, 0xdc, 0xf6, 0xde,
+    0xdf, 0xef, 0xb2, 0x5c, 0x3e, 0x0c, 0x37, 0xe8, 0x19, 0xc6, 0x88, 0xe4, 0xad, 0xf5, 0x52, 0x4a,
+    0xa6, 0x61, 0xd5, 0xcb, 0x78, 0x41, 0x79, 0xdf, 0xfd, 0x5b, 0x92, 0x9e, 0xe9, 0x1d, 0x74, 0xf6,
+    0xfe, 0xa9, 0x4d, 0x9c, 0xc2, 0x65, 0xfc, 0x02, 0xb2, 0x4c, 0xac, 0x67, 0x2c, 0x93, 0x09, 0xc3,
+    0xac, 0x2c, 0xf6, 0x63, 0x11, 0x20, 0x29, 0x85, 0xf9, 0x55, 0x46, 0xa5, 0x1f, 0xdd, 0xf2, 0xb2,
+    0x22, 0xba, 0xaf, 0x4d, 0x0e, 0x26, 0xd3, 0xf1, 0x14, 0x36, 0x02, 0xd7, 0xa8, 0x46, 0xdb, 0x97,
+    0xf9, 0xc6, 0xdd, 0x3e, 0x0a, 0x7f, 0xc4, 0x3d, 0xdb, 0x22, 0x43, 0x42, 0xd8, 0x72, 0x0b, 0xf5,
+    0xe2, 0xd6, 0x48, 0x51, 0x64, 0x0d, 0x1c, 0xfe, 0xd5, 0x37, 0x96, 0xf3, 0x7a, 0x91, 0x01, 0x1b,
+    0x4a, 0x69, 0x7e, 0x1d, 0x4f, 0x78, 0x15, 0x5f, 0xfa, 0xb0, 0x19, 0x27, 0xb8, 0x8d, 0x71, 0x81,
+    0xbc, 0x25, 0x70, 0xdf, 0xf9, 0xb7, 0xa9, 0x15, 0x27, 0x9b, 0xe4, 0xa2, 0xed, 0x5f, 0xbf, 0x12,
+    0x35, 0xdc, 0xb9, 0x53, 0x2e, 0xab, 0x6b, 0x5e, 0xa3, 0x96, 0x4f, 0xf5, 0xae, 0x25, 0x94, 0x01,
+    0xca, 0x21, 0xc4, 0xb4, 0x03, 0x4a, 0x9f, 0x55, 0xc5, 0x0f, 0x40, 0x1f, 0x24, 0x17, 0x5c, 0xc8,
+    0xee, 0xa0, 0xcb, 0x20, 0x2a, 0xf2, 0x7c, 0x92, 0x6c, 0x82, 0x0e, 0x60, 0xde, 0x11, 0x44, 0x63,
+    0x78, 0xda, 0x57, 0xec, 0xa9, 0xc9, 0x46, 0x3e, 0x30, 0x48, 0xb9, 0xf7, 0xe2, 0x49, 0xe7, 0xb6,
+    0x05, 0xc7, 0xf0, 0x54, 0xd5, 0xd1, 0x28, 0x2d, 0x02, 0x07, 0x6a, 0xfc, 0x7b, 0x60, 0x43, 0x22,
+    0x6b, 0x2f, 0x81, 0xdd, 0xb3, 0x11, 0xde, 0xb5, 0x51, 0x3a, 0x3d, 0xa4, 0x39, 0xeb, 0x2a, 0x08,
+    0x51, 0x79, 0xeb, 0x72, 0x21, 0x0a, 0xcd, 0x9c, 0xf4, 0xa5, 0xcc, 0x96, 0x1a, 0x6e, 0x7b, 0x6f,
+    0xe1, 0x2a, 0x18, 0xdc, 0x96, 0x42, 0x04, 0xe5, 0x6a, 0x8b, 0xb0, 0xa7, 0x53, 0xb1, 0x81, 0x05,
+    0x59, 0x9c, 0xa8, 0x2c, 0x55, 0xa0, 0x8d, 0xd4, 0x9b, 0xc2, 0x9d, 0x74, 0x63, 0x2f, 0xbc, 0x3f,
+    0xa3, 0xa6, 0x25, 0x9f, 0xad, 0x90, 0x51, 0xf2, 0xff, 0x5c, 0xf8, 0x62, 0x92, 0x7d, 0x37, 0xd4,
+    0xf2, 0xdf, 0xce, 0xed, 0x8c, 0x9a, 0x9c, 0x6e, 0x0b, 0xf9, 0x34, 0xf4, 0x88, 0x13, 0x4c, 0xbb,
+    0x71, 0x6b, 0x24, 0xc9, 0x32, 0xe7, 0x0e, 0x7f, 0x8b, 0xfa, 0x4b, 0x98, 0x3d, 0xa9, 0xe1, 0xec,
+    0x56, 0x16, 0x7b, 0xd0, 0xe9, 0x10, 0xf5, 0xa3, 0x9d, 0xcb, 0x23, 0xb3, 0xee, 0x8f, 0x79, 0x59,
+    0x11, 0x5d, 0xb6, 0xc7, 0x07, 0x13, 0x88, 0x99, 0x0a, 0x1b, 0x01, 0x8a, 0x54, 0x23, 0x8c, 0xaa,
+    0x6a, 0x7b, 0xb1, 0xa6, 0x5c, 0x95, 0xd6, 0xbc, 0x85, 0xef, 0x9e, 0x29, 0x9f, 0x4a, 0xeb, 0x02,
+    0x89, 0xf9, 0xc9, 0x8c, 0xd7, 0x1c, 0xc2, 0x4b, 0x84, 0x0d, 0xab, 0x57, 0x43, 0x7a, 0x2b, 0x13,
+    0x94, 0xd2, 0xfc, 0x3a, 0x9e, 0xf0, 0x2a, 0xbe, 0x37, 0xa3, 0x32, 0x4e, 0xb3, 0xd9, 0xe2, 0xc1,
+    0x65, 0xf1, 0x62, 0x5a, 0xe0, 0x25, 0xae, 0xcb, 0x83, 0xe6, 0x20, 0xee, 0x12, 0xea, 0x2e, 0x64,
+    0x8c, 0x3e, 0x39, 0xd8, 0x02, 0xcd, 0xea, 0x66, 0x86, 0x0a, 0xc1, 0xab, 0x38, 0x1a, 0x68, 0x31,
+    0xbb, 0x4a, 0xe0, 0x7d, 0x31, 0xad, 0x91, 0x2a, 0x4e, 0xf5, 0x0b, 0x87, 0x19, 0xbe, 0xbd, 0x24,
+    0x77, 0x50, 0x84, 0x10, 0x15, 0x79, 0x3e, 0x49, 0x36, 0x41, 0x07, 0x30, 0x6f, 0xe9, 0x22, 0xd0,
+    0x3c, 0x6d, 0xca, 0x76, 0xb5, 0x85, 0x23, 0x1f, 0x18, 0x24, 0xbd, 0x9a, 0x71, 0xc5, 0x92, 0x5b,
+    0x7b, 0x26, 0x07, 0x61, 0x5b, 0x86, 0x5e, 0x25, 0x8f, 0xf4, 0x9f, 0xa3, 0xcb, 0x69, 0x67, 0xa8,
+    0x28, 0xf7, 0x8c, 0xe5, 0x67, 0x47, 0x83, 0xab, 0x10, 0x38, 0xd6, 0xec, 0x5e, 0x86, 0x5d, 0xd3,
+    0xab, 0x43, 0x66, 0xc1, 0xd9, 0x3a, 0x11, 0xba, 0x90, 0x3b, 0xa9, 0x80, 0xeb, 0x3c, 0xf0, 0x84,
+    0xd2, 0xcd, 0x01, 0x56, 0x9f, 0x77, 0x5f, 0x8d, 0x74, 0xa6, 0xb3, 0xfa, 0xaf, 0xd4, 0xd6, 0x38,
+    0x31, 0x4f, 0x79, 0x7c, 0x14, 0xfe, 0x4b, 0x7a, 0x75, 0x44, 0x86, 0x84, 0x73, 0xe4, 0x16, 0x29,
+    0xde, 0xbb, 0x82, 0x27, 0xd1, 0x88, 0x3f, 0xe1, 0xcd, 0x13, 0x2b, 0x69, 0x0b, 0x54, 0x93, 0x40,
+    0xc4, 0xff, 0x27, 0x33, 0x50, 0x7e, 0xef, 0x2b, 0x17, 0xd3, 0x5d, 0x55, 0x0f, 0x16, 0x58, 0xa4,
+    0x5f, 0xa7, 0x08, 0xf5, 0x72, 0x3e, 0xbd, 0xe2, 0x26, 0x79, 0xd1, 0xdc, 0x31, 0x6f, 0x7f, 0x03,
+    0xcc, 0x1a, 0x64, 0x6d, 0x24, 0xd4, 0xaf, 0x63, 0x78, 0xb4, 0x0c, 0xb7, 0x76, 0x57, 0x9f, 0xf4,
+    0xcf, 0xe6, 0x34, 0xe0, 0xd6, 0x9b, 0xb7, 0x78, 0xc7, 0x08, 0x2a, 0xe3, 0x5f, 0x77, 0x1f, 0xea,
+    0x76, 0x04, 0xb4, 0x6b, 0xfa, 0xfd, 0x36, 0x40, 0xe2, 0x94, 0xa4, 0xbd, 0xc9, 0x48, 0xe3, 0xda,
+    0x2c, 0x64, 0x4c, 0xca, 0x5d, 0x12, 0xa3, 0x8f, 0xc6, 0xea, 0x1f, 0x9d, 0x83, 0x47, 0xdf, 0xfb,
+    0xb8, 0xb6, 0xb0, 0xf0, 0xc3, 0xe2, 0x89, 0x31, 0xf1, 0x49, 0x2d, 0xd3, 0x30, 0x9e, 0x3d, 0x3a,
+    0xd8, 0x80, 0x22, 0xfe, 0xf6, 0x16, 0x0f, 0xd7, 0x70, 0xa8, 0x67, 0xc1, 0x59, 0x14, 0x50, 0x7c,
+    0x2e, 0xcc, 0x2c, 0x3c, 0x40, 0xd9, 0xb3, 0x9d, 0xad, 0x83, 0x9a, 0x44, 0x0c, 0xc6, 0x9e, 0xef,
+    0x36, 0x20, 0xe9, 0xde, 0xdc, 0xe4, 0x73, 0x45, 0x1c, 0x2a, 0x69, 0xa1, 0x87, 0x05, 0x14, 0x1f,
+    0xdb, 0x7c, 0x72, 0x73, 0x04, 0x59, 0x17, 0xcc, 0xcf, 0x14, 0x41, 0x95, 0x70, 0x34, 0xd0, 0x62,
+    0x69, 0x87, 0xe1, 0x2b, 0xae, 0xda, 0xce, 0xa7, 0x3a, 0x53, 0xb8, 0x7d, 0xb6, 0x6a, 0x6b, 0x1c,
+    0xb3, 0xaf, 0xa3, 0x23, 0x45, 0x07, 0xd1, 0x62, 0x21, 0x92, 0x5a, 0x65, 0x60, 0xff, 0x7a, 0x74,
+    0x14, 0x9a, 0x46, 0x93, 0xd2, 0xc2, 0xa0, 0xb4, 0x08, 0x1c, 0x6b, 0x76, 0x2f, 0x43, 0xcf, 0x88,
+    0x95, 0x86, 0xcc, 0x41, 0x71, 0x74, 0x22, 0xb7, 0xe3, 0x76, 0x91, 0xc3, 0x15, 0x78, 0x23, 0xcb,
+    0xbe, 0x8d, 0x10, 0x29, 0xe4, 0x7c, 0xb9, 0x07, 0x4c, 0xf2, 0x61, 0x7b, 0x62, 0xde, 0xfe, 0x06,
+    0x62, 0x9e, 0xf2, 0xf8, 0x28, 0x3f, 0x96, 0xf4, 0xea, 0x88, 0xcf, 0xcb, 0xe6, 0x0b, 0x2c, 0x52,
+    0xa1, 0x0e, 0x45, 0x69, 0xb0, 0x5b, 0x41, 0xe0, 0x94, 0x35, 0x7d, 0xbb, 0x1d, 0xfc, 0x76, 0xc0,
+    0x3b, 0x02, 0x5a, 0xd4, 0x7d, 0x9f, 0x1b, 0x20, 0x71, 0x4a, 0x52, 0xbf, 0x85, 0x24, 0x90, 0x6d,
+    0x16, 0x32, 0x26, 0x65, 0xcf, 0x09, 0xb0, 0xa6, 0x63, 0x75, 0xee, 0xaf, 0xa0, 0xc2, 0x8e, 0x9c,
+    0x66, 0x0d, 0x32, 0xd7, 0x12, 0x6a, 0xb6, 0xd0, 0x3c, 0x5a, 0x06, 0xba, 0x3b, 0xca, 0xae, 0x7a,
+    0xe9, 0xcf, 0x5b, 0x82, 0xe2, 0xe8, 0x44, 0xad, 0x05, 0xec, 0xe1, 0x45, 0x2a, 0xf0, 0x46, 0x55,
+    0x5c, 0x5b, 0x58, 0x78, 0x80, 0x71, 0xa5, 0xf9, 0x99, 0xc5, 0xf7, 0x88, 0x18, 0x4f, 0xff, 0x1d,
+    0x6c, 0x40, 0x11, 0x7f, 0x7b, 0x0b, 0xe6, 0x8a, 0x38, 0x54, 0xd2, 0x81, 0xcd, 0x0a, 0x28, 0x3e,
+    0x6d, 0x14, 0x21, 0x04, 0x94, 0x8f, 0xee, 0x83, 0xec, 0x81, 0x71, 0x0c, 0x6b, 0xab, 0xe9, 0x34,
+    0xad, 0x78, 0xc6, 0x18, 0xfe, 0xa4, 0x21, 0x8c, 0x2d, 0x80, 0xe5, 0x28, 0xb9, 0x7c, 0x33, 0xb8,
+    0x37, 0x74, 0xd9, 0xa5, 0x33, 0x60, 0x7b, 0x4c, 0xc8, 0xff, 0xca, 0x2c, 0x21, 0xa4, 0xd5, 0x15,
+    0x61, 0x62, 0xa2, 0x75, 0xda, 0x70, 0x8e, 0xef, 0x55, 0x34, 0xe9, 0x9f, 0xcf, 0x2b, 0xac, 0x4c,
+    0x4b, 0x3d, 0x4e, 0x66, 0xa0, 0xfc, 0x1d, 0x56, 0x2e, 0x65, 0xba, 0xaa, 0x1e, 0x2c, 0xb0, 0x8b,
+    0xb9, 0xe2, 0x80, 0x8b, 0x2c, 0x66, 0x81, 0x38, 0x25, 0x9c, 0x8e, 0x5e, 0x96, 0x3f, 0xfc, 0x30,
+    0xe3, 0x82, 0x78, 0x2a, 0x8b, 0x89, 0x14, 0xf7, 0x01, 0xe2, 0x35, 0x7e, 0xdc, 0x30, 0xc0, 0x11,
+    0xba, 0x1e, 0xd0, 0x06, 0xde, 0x29, 0x99, 0x23, 0x9a, 0x20, 0xa8, 0x0a, 0xbf, 0x1f, 0x7c, 0x2e,
+    0xf1, 0x23, 0x9e, 0x60, 0x7e, 0xd5, 0x84, 0x75, 0xb4, 0x45, 0x12, 0xa0, 0xa1, 0x33, 0xcc, 0xa5,
+    0xa0, 0x5a, 0x75, 0x12, 0x5f, 0xdf, 0x49, 0xe9, 0x40, 0xe0, 0xde, 0x36, 0xbb, 0x5d, 0xb7, 0xca,
+    0x85, 0x8f, 0x4a, 0xfd, 0x99, 0xe3, 0xa2, 0x27, 0x3d, 0xb8, 0x33, 0xc4, 0xe7, 0xfa, 0x6e, 0x6b,
+    0x83, 0xb4, 0xea, 0x24, 0xbe, 0x7d, 0x92, 0x11, 0x80, 0x03, 0x7f, 0x6c, 0xb5, 0xba, 0xad, 0x57,
+    0xda, 0x28, 0x42, 0x08, 0xeb, 0xdd, 0x1f, 0xc5, 0x1b, 0xc1, 0xe2, 0x18, 0xd6, 0x95, 0x11, 0x68,
+    0x47, 0x4b, 0xcd, 0x17, 0xee, 0x03, 0x7d, 0x3a, 0x97, 0xd0, 0x22, 0x39, 0xba, 0xac, 0xf5, 0xf3,
+    0xc5, 0xab, 0x17, 0x48, 0xbf, 0xfa, 0xe7, 0x22, 0xc3, 0x06, 0xfe, 0xd8, 0xa9, 0xb7, 0x99, 0xae,
+    0xb0, 0x53, 0xf3, 0xae, 0xb7, 0x48, 0xc9, 0x79, 0x9e, 0x2e, 0x7c, 0x31, 0x49, 0xdf, 0xfa, 0x6a,
+    0x33, 0xe7, 0x19, 0x8a, 0x09, 0x35, 0x5b, 0x68, 0x1e, 0x2d, 0x03, 0x5d, 0xfc, 0x65, 0x57, 0x3d,
+    0xfa, 0x3a, 0x8d, 0xb3, 0xf8, 0x30, 0xdc, 0x26, 0x64, 0x9e, 0x65, 0x16, 0xf1, 0x52, 0x8b, 0xeb,
+    0x96, 0x7a, 0x9c, 0xcc, 0x83, 0x3b, 0x3a, 0xac, 0x5c, 0xca, 0xb7, 0x97, 0x3c, 0x58, 0xa3, 0xd5,
+    0x6f, 0xbc, 0x41, 0xf2, 0x89, 0x44, 0xfe, 0x91, 0x87, 0xe8, 0xf4, 0xd5, 0xe4, 0x2a, 0xa8, 0x20,
+    0x6e, 0xe8, 0x71, 0x89, 0x66, 0xc0, 0xf6, 0x98, 0x53, 0x3d, 0x57, 0x58, 0x42, 0x8b, 0x69, 0x2a,
+    0xc2, 0xc4, 0x87, 0xea, 0x77, 0xe0, 0xdf, 0x1d, 0xaa, 0x68, 0x11, 0xfd, 0x5d, 0x56, 0x9b, 0x98,
+    0xf6, 0x4c, 0x0e, 0xc2, 0xb6, 0xcf, 0xbc, 0x4a, 0xdd, 0x2b, 0xfd, 0x85, 0x55, 0xd2, 0xce, 0x93,
+    0x50, 0x2d, 0xdb, 0x09, 0xce, 0x8e, 0xc5, 0x95, 0x20, 0x70, 0x6f, 0x1b, 0xbc, 0xcf, 0xba, 0x65,
+    0xff, 0xfd, 0x7d, 0xe7, 0x2d, 0xe1, 0xf4, 0x0b, 0x66, 0x99, 0x0f, 0xea, 0x8a, 0x32, 0xc8, 0xc9,
+    0x5d, 0x0f, 0x68, 0x03, 0x6f, 0xf5, 0xad, 0xf0, 0x4d, 0x10, 0x54, 0x05, 0xbe, 0xee, 0x3e, 0x17,
+    0xa9, 0xeb, 0x06, 0x37, 0xc4, 0xf1, 0x01, 0xa8, 0xfb, 0x52, 0x2c, 0x59, 0x64, 0xbd, 0xb1, 0x90,
+    0x8e, 0x96, 0x59, 0x2e, 0x1f, 0x06, 0xfa, 0x74, 0xed, 0x63, 0x44, 0x72, 0xb7, 0x9b, 0x29, 0x25,
+    0x17, 0x66, 0x16, 0x1e, 0x20, 0x8d, 0xb8, 0xaf, 0xb7, 0xa0, 0x4d, 0x22, 0x06, 0x63, 0x4f, 0x96,
+    0x1b, 0x10, 0x95, 0x6f, 0x6e, 0x72, 0xd8, 0xc3, 0x0e, 0x15, 0xd5, 0xb1, 0xa2, 0xe3, 0x0a, 0xee,
+    0x97, 0x2e, 0xac, 0xb7, 0x6c, 0xbf, 0x32, 0xa5, 0x88, 0x1f, 0x14, 0x1a, 0x9a, 0xf9, 0x62, 0xdf,
+    0x7d, 0x1d, 0xa7, 0xb8, 0x7c, 0x18, 0x6e, 0x13, 0x32, 0x4f, 0xd3, 0x0b, 0x99, 0x29, 0xa4, 0x94,
+    0xec, 0x08, 0xab, 0xd6, 0x37, 0x39, 0x6c, 0x80, 0x07, 0xeb, 0x8b, 0xb9, 0x51, 0x90, 0x05, 0x77,
+    0x58, 0xc8, 0x98, 0x57, 0xba, 0x24, 0x85, 0xdd, 0x4f, 0x17, 0x3e, 0xf9, 0xc5, 0x8e, 0x7d, 0x35,
+    0xf7, 0x18, 0x3e, 0xb9, 0x59, 0x4b, 0xb4, 0x43, 0x09, 0xfe, 0x5e, 0x08, 0xf3, 0x73, 0x0f, 0x99,
+    0x1f, 0x83, 0x55, 0x40, 0x54, 0x27, 0xf8, 0xe7, 0xd8, 0xc7, 0x1c, 0xc0, 0x7f, 0x22, 0x88, 0xc6,
+    0xfb, 0x6e, 0xbd, 0xc8, 0x17, 0xb4, 0xd4, 0x2f, 0xb0, 0x4b, 0xc6, 0x9b, 0x57, 0xf3, 0x4a, 0xe1,
+    0x7c, 0x49, 0x97, 0xc3, 0x93, 0x9c, 0x66, 0x1a, 0xe6, 0x9a, 0x70, 0x86, 0x3f, 0x88, 0x65, 0x9e,
+    0x09, 0xb1, 0x73, 0x25, 0x9b, 0x2e, 0x48, 0x41, 0xbb, 0xb2, 0xf2, 0x6f, 0xdf, 0xe0, 0x06, 0x5a,
+    0x0d, 0x22, 0xb3, 0x0a, 0xa1, 0x7b, 0x68, 0x65, 0x6d, 0x60, 0x3b, 0x1e, 0x02, 0x21, 0x84, 0x72,
+    0x7a, 0x72, 0x37, 0x1a, 0xb4, 0x02, 0x56, 0x2c, 0x5b, 0x21, 0x3c, 0x2e, 0x6d, 0xc8, 0xa6, 0xa2,
+    0x67, 0x59, 0x02, 0xac, 0xfd, 0xee, 0xbe, 0xd9, 0xe8, 0x8f, 0xa5, 0x37, 0x9d, 0x6b, 0x6f, 0x70,
+    0x45, 0xe3, 0xad, 0xe1, 0xf3, 0xc8, 0x6d, 0x28, 0xfc, 0xb9, 0xa7, 0xe0, 0x35, 0x2d, 0xb4, 0xe7,
+    0x87, 0x27, 0x2a, 0x0b, 0x84, 0x28, 0xb2, 0x35, 0x56, 0xd1, 0xb6, 0x1d, 0x68, 0x7b, 0x2f, 0x7f,
+    0xdc, 0x13, 0xe2, 0xd1, 0xcc, 0x43, 0x2f, 0xf3, 0xa6, 0x7a, 0xae, 0xb0, 0x84, 0xd5, 0xd2, 0x54,
+    0xe8, 0x9b, 0x6b, 0xf9, 0x0d, 0x6c, 0x4c, 0xa4, 0xd1, 0x39, 0x42, 0xc8, 0x8c, 0x51, 0x87, 0x5f,
+    0x4f, 0xae, 0x8e, 0x49, 0x9a, 0xa9, 0x3d, 0x72, 0xf8, 0xb7, 0x73, 0xdb, 0xc3, 0xed, 0x32, 0xa3,
+    0x1d, 0x2b, 0x35, 0xb6, 0x49, 0xec, 0xe8, 0xf5, 0xb3, 0xae, 0x99, 0x19, 0xf0, 0xa3, 0xc9, 0xd2,
+    0x4e, 0xfa, 0xbe, 0x32, 0x75, 0x2d, 0x35, 0x7b, 0x2c, 0x62, 0xd0, 0x56, 0x65, 0x4c, 0xf3, 0xa9,
+    0x04, 0x93, 0xc0, 0x2f, 0x3a, 0x55, 0x20, 0x24, 0xd6, 0xd2, 0xc9, 0x71, 0xdd, 0xc1, 0x82, 0x28,
+    0xeb, 0x67, 0x3b, 0x74, 0xff, 0x23, 0x54, 0xbf, 0x6e, 0x85, 0x64, 0x9c, 0xa5, 0x71, 0x07, 0x41,
+    0xf8, 0x92, 0xed, 0x45, 0xe5, 0xfb, 0xcc, 0x34, 0x0f, 0xf7, 0xe0, 0xcf, 0x7e, 0xd3, 0xca, 0xff,
+    0xf3, 0x8b, 0xfe, 0x96, 0x63, 0x1e, 0x94, 0x67, 0xdf, 0x2c, 0x97, 0x79, 0x2e, 0xb2, 0x8d, 0xb1,
+    0x3e, 0xc5, 0xaa, 0x80, 0xa8, 0x4e, 0x33, 0x0d, 0x73, 0x4d, 0x38, 0x43, 0xfe, 0x44, 0xd3, 0x4f,
+    0x3d, 0x39, 0xfa, 0x0d, 0x5a, 0x01, 0x2b, 0x16, 0xcc, 0xf1, 0x1e, 0x17, 0xd7, 0x64, 0x53, 0x51,
+    0xbd, 0x71, 0x40, 0xa4, 0x16, 0x33, 0xa1, 0x1c, 0xf3, 0x4e, 0x47, 0x2f, 0x4b, 0xfe, 0x7e, 0x18,
+    0x8a, 0x05, 0x99, 0x01, 0x25, 0x53, 0xda, 0x50, 0x3b, 0xb1, 0x8d, 0x03, 0x6a, 0x5a, 0xab, 0x0d,
+    0x88, 0xad, 0xf9, 0xf7, 0x38, 0x98, 0xca, 0x42, 0x50, 0xd8, 0x08, 0xda, 0xe5, 0xdb, 0xea, 0x19,
+    0xdd, 0x47, 0xd2, 0xaa, 0x23, 0xc7, 0x27, 0xfa, 0x72, 0xaf, 0x0d, 0x3d, 0x22, 0x74, 0x13, 0x5e,
+    0xcd, 0x4e, 0x54, 0x16, 0xcb, 0x50, 0xa7, 0x6a, 0xac, 0x61, 0xaf, 0x3a, 0xd0, 0xf6, 0x5e, 0xfe,
+    0x0b, 0x19, 0x13, 0xd3, 0x86, 0xe5, 0x58, 0x53, 0xd0, 0xdb, 0x77, 0xb6, 0x50, 0x61, 0x47, 0x4e,
+    0x13, 0xf5, 0xd6, 0x31, 0x1a, 0xd8, 0x98, 0x8b, 0x61, 0x72, 0x84, 0x53, 0xdb, 0xa2, 0xcd, 0xbe,
+    0x98, 0xa4, 0x7f, 0x4b, 0xd0, 0x0f, 0x4a, 0xd2, 0x8e, 0x16, 0xaa, 0xdd, 0x17, 0x59, 0xa7, 0xb9,
+    0x02, 0xa8, 0x60, 0xf6, 0x1d, 0xcb, 0x10, 0x12, 0x6b, 0x69, 0x85, 0xd9, 0x8f, 0x81, 0x41, 0x14,
+    0x93, 0xbd, 0x6c, 0x98, 0x56, 0xea, 0x12, 0x81, 0x5e, 0xcd, 0xdd, 0x6b, 0x47, 0x38, 0xe0, 0xf7,
+    0x80, 0x48, 0xba, 0xa9, 0x4c, 0x32, 0x8a, 0x0a, 0x3f, 0xbf, 0x59, 0x38, 0x9c, 0x9a, 0x2d, 0x49,
+    0x90, 0x41, 0x3c, 0x15, 0xa4, 0xa5, 0x0a, 0x9a, 0xe1, 0x71, 0xfb, 0x3f, 0x6e, 0x18, 0x60, 0xe9,
+    0xd0, 0x65, 0x61, 0xa0, 0x82, 0xbc, 0x4f, 0x9f, 0x1f, 0xcf, 0x36, 0x23, 0x20, 0x55, 0x97, 0x2c,
+    0x24, 0x81, 0x0f, 0x94, 0x29, 0xb8, 0xe3, 0xc7, 0xa9, 0x8d, 0x4e, 0x7f, 0xfa, 0x06, 0x18, 0xab,
+    0x34, 0x88, 0x89, 0x28, 0xc1, 0x2f, 0x63, 0x57, 0x77, 0x43, 0xec, 0x78, 0x08, 0x84, 0x55, 0x0b,
+    0xcb, 0x75, 0xf4, 0xcf, 0xec, 0xce, 0x97, 0x5c, 0x11, 0xda, 0xe3, 0x92, 0x82, 0xb6, 0x9d, 0xc2,
+    0xed, 0x5c, 0x9b, 0xad, 0xd8, 0xbd, 0x64, 0x89, 0xd3, 0x3e, 0x28, 0x34, 0xf7, 0x31, 0xc4, 0x7d,
+    0xf4, 0xe4, 0x6e, 0x34, 0xab, 0x04, 0xac, 0x58, 0xb6, 0x42, 0x78, 0x5c, 0xda, 0x53, 0x8f, 0x87,
+    0xce, 0xb2, 0x04, 0x9b, 0x39, 0x1f, 0xbf, 0x71, 0x13, 0xdd, 0x89, 0x6e, 0xf9, 0xd6, 0xde, 0xe0,
+    0x99, 0xf0, 0x4f, 0x30, 0x3f, 0x8b, 0x42, 0xdb, 0x5a, 0xc3, 0x09, 0x50, 0xb1, 0xf8, 0x66, 0xb3,
+    0x10, 0x09, 0x86, 0xbc, 0xe8, 0x97, 0x80, 0x90, 0xde, 0xce, 0xa2, 0x07, 0xf2, 0x82, 0x4d, 0xa0,
+    0x44, 0xb7, 0x9d, 0x9a, 0x1c, 0x4c, 0x65, 0x21, 0x28, 0x6c, 0x04, 0x6d, 0x93, 0x8c, 0x75, 0xed,
+    0x40, 0x24, 0x5d, 0xb5, 0x26, 0x19, 0x45, 0x05, 0xfe, 0xbe, 0xcd, 0x1c, 0x4e, 0x4d, 0xf7, 0xc5,
+    0x92, 0xe9, 0x5c, 0xe3, 0xb9, 0x6e, 0x1a, 0x88, 0x8a, 0x18, 0x7e, 0xe6, 0xe1, 0x99, 0x21, 0xfd,
+    0x3a, 0x56, 0x6a, 0xaf, 0x92, 0x1b, 0x13, 0x29, 0xa5, 0x9f, 0xf1, 0x32, 0x23, 0x85, 0x51, 0x67,
+    0x01, 0x54, 0x30, 0x7b, 0xef, 0x84, 0x08, 0x09, 0xd4, 0xd5, 0xa3, 0x8d, 0xa6, 0xa1, 0xc1, 0x0a,
+    0x26, 0x29, 0x6f, 0x62, 0x34, 0x73, 0xf3, 0xd5, 0xc2, 0xe4, 0xcb, 0xa6, 0x75, 0x87, 0x59, 0xbf,
+    0x12, 0xa1, 0xe6, 0x4a, 0xf5, 0x5c, 0x90, 0x82, 0xb5, 0xa7, 0x27, 0xde, 0x7d, 0x03, 0x0c, 0xb4,
+    0x1a, 0x44, 0xa5, 0x14, 0x81, 0xf6, 0xd0, 0xca, 0xda, 0xc0, 0x76, 0x3c, 0x04, 0x42, 0xcb, 0xe4,
+    0x48, 0xc1, 0x1e, 0xeb, 0x52, 0xb3, 0x05, 0x4d, 0x91, 0xd9, 0x9c, 0xfe, 0x37, 0x0c, 0x30, 0x95,
+    0x68, 0xd3, 0xd1, 0x50, 0x41, 0x5e, 0xc6, 0xae, 0xee, 0x86, 0x1b, 0xf0, 0x10, 0xcb, 0xaa, 0x16,
+    0xf5, 0xb0, 0x5e, 0x4f, 0x44, 0x80, 0xa4, 0x51, 0x62, 0x97, 0xdb, 0xd1, 0x7c, 0xf2, 0x4e, 0x8d,
+    0x81, 0x1c, 0x8a, 0xd2, 0xa3, 0xb6, 0x82, 0x03, 0xeb, 0x6a, 0xfa, 0xb5, 0x3a, 0x3b, 0xec, 0x43,
+    0x8b, 0x51, 0xa9, 0x7a, 0xca, 0xd7, 0xd2, 0x59, 0xef, 0x64, 0x2e, 0x8e, 0xcc, 0xfb, 0x6a, 0x07,
+    0xc7, 0x03, 0x77, 0xbe, 0xa2, 0x31, 0xf7, 0x30, 0xa8, 0x6f, 0x7b, 0x01, 0x26, 0x36, 0xd8, 0xba,
+    0xd6, 0x5e, 0xc1, 0x79, 0xa5, 0x22, 0x7f, 0xa9, 0xa2, 0x74, 0x7a, 0x8b, 0x72, 0x15, 0x54, 0x10,
+    0x20, 0x12, 0xcf, 0xbb, 0x13, 0xed, 0xc3, 0xe3, 0x7f, 0x5f, 0x87, 0x0e, 0x27, 0xc7, 0x9a, 0x83,
+    0x0a, 0x4d, 0x23, 0xa8, 0x69, 0x61, 0x50, 0x5a, 0x04, 0x0e, 0xd4, 0x3b, 0xf6, 0xc0, 0x86, 0x44,
+    0x08, 0xe5, 0x43, 0x5e, 0x74, 0xaa, 0x40, 0x48, 0x6f, 0x67, 0x51, 0xe2, 0x79, 0x41, 0xc7, 0x50,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x4c, 0x52, 0xde, 0xc4, 0x68, 0xe6, 0x25, 0x69, 0x47, 0x0b, 0x55, 0x8f, 0xea, 0xcd, 0xb2, 0xbd,
+    0xd7, 0x0a, 0xf1, 0x02, 0x4a, 0xa6, 0x77, 0xa0, 0x76, 0xa1, 0xd9, 0x06, 0xd4, 0xb4, 0x95, 0x1a,
+    0x74, 0xac, 0xd4, 0x9d, 0xe7, 0x36, 0x26, 0x52, 0x89, 0xfd, 0x21, 0x64, 0x46, 0xc9, 0xa2, 0xce,
+  },
+  { /* 8 */
+    0x99, 0xaa, 0x16, 0x04, 0xc2, 0x95, 0x8c, 0x4a, 0x63, 0xeb, 0xf0, 0x49, 0x21, 0x0a, 0xad, 0xf8,
+    0x93, 0xe3, 0xda, 0xa3, 0x95, 0xb5, 0xa1, 0x97, 0x1b, 0x19, 0xbd, 0x7f, 0x09, 0x35, 0xa8, 0x38,
+    0x88, 0xfd, 0x2b, 0x3b, 0xa6, 0xc5, 0x21, 0xbc, 0xaf, 0xb5, 0xad, 0x3e, 0x65, 0x8a, 0x44, 0xdb,
+    0xae, 0x16, 0x29, 0x6c, 0x27, 0x1a, 0xaa, 0xe1, 0xc4, 0x02, 0x84, 0xcc, 0xfd, 0xee, 0x57, 0x5c,
+    0x8b, 0xbe, 0x09, 0x55, 0xe0, 0x74, 0xcd, 0x78, 0xbb, 0x23, 0x51, 0x37, 0x69, 0x61, 0xa4, 0xfb,
+    0xbd, 0x82, 0x28, 0xa6, 0x86, 0x94, 0x0e, 0x2e, 0x10, 0xb8, 0x71, 0xb5, 0xb1, 0xdc, 0xbf, 0xfe,
+    0x69, 0xbd, 0x24, 0x97, 0x06, 0x13, 0xb2, 0x23, 0xa9, 0x8c, 0x87, 0xdc, 0x67, 0x47, 0xd5, 0x6a,
+    0xb1, 0x4d, 0xa0, 0xdd, 0x5d, 0x15, 0x38, 0xb8, 0x40, 0xa5, 0x07, 0x91, 0x81, 0xf6, 0xb9, 0x7e,
+    0x6e, 0xbb, 0x7e, 0xd0, 0x09, 0xdd, 0x4c, 0x95, 0x8d, 0x11, 0xe8, 0xc9, 0x7b, 0x0b, 0x37, 0x8b,
+    0x38, 0x30, 0x95, 0x7d, 0x78, 0xbf, 0xfc, 0xf9, 0xe3, 0x62, 0xfe, 0xa8, 0xe0, 0x25, 0x1c, 0x04,
+    0x3e, 0xb6, 0xd1, 0xa1, 0xf4, 0x1e, 0xe7, 0xb2, 0xcb, 0x8d, 0xc5, 0xba, 0xf8, 0x30, 0x1f, 0x44,
+    0x92, 0x63, 0xc4, 0x38, 0x16, 0xda, 0x44, 0x6a, 0x17, 0x6b, 0xe9, 0x78, 0x0d, 0x6c, 0x49, 0x99,
+    0x95, 0x65, 0x9e, 0x7f, 0x19, 0x14, 0xba, 0xdc, 0x33, 0xf6, 0x86, 0x6d, 0x11, 0x20, 0xab, 0x78,
+    0x59, 0x07, 0x41, 0xb8, 0xec, 0x52, 0x6a, 0x3e, 0x2a, 0xf8, 0x9c, 0x4c, 0xa7, 0xef, 0xcd, 0x2f,
+    0x31, 0x3a, 0x7b, 0xb4, 0x69, 0x2e, 0x3d, 0xe0, 0x8f, 0x06, 0x4f, 0x97, 0xc4, 0xf1, 0xf9, 0xe4,
+    0x4e, 0xd6, 0x38, 0x5b, 0x04, 0xa3, 0xdc, 0x83, 0xce, 0x49, 0xfa, 0x29, 0xfb, 0x7a, 0x27, 0x4c,
+    0xd3, 0x39, 0x56, 0x76, 0x8f, 0x49, 0x42, 0xbb, 0x9d, 0xa9, 0x99, 0x7c, 0xca, 0xd7, 0x88, 0x75,
+    0xce, 0xa1, 0xe3, 0x32, 0x30, 0x98, 0xd9, 0xdb, 0x01, 0xea, 0xb2, 0x2f, 0xbe, 0x7d, 0x67, 0xd6,
+    0xa0, 0x1a, 0x9d, 0xe2, 0x39, 0x45, 0x95, 0x4e, 0x8c, 0xfb, 0x5a, 0xe6, 0xc5, 0x76, 0x50, 0x5d,
+    0xe5, 0x05, 0x77, 0x85, 0xe9, 0xa9, 0x81, 0xed, 0x36, 0x32, 0xb9, 0xfe, 0x12, 0x6a, 0x93, 0x70,
+    0xd5, 0xbf, 0x12, 0xaa, 0x03, 0xe8, 0x59, 0xf0, 0xb5, 0x46, 0xa2, 0x6e, 0xd2, 0xc2, 0x8b, 0x35,
+    0xb9, 0xc7, 0x50, 0x8f, 0xcf, 0xeb, 0x1c, 0x5c, 0x20, 0xb3, 0xe2, 0xa9, 0xa1, 0x7b, 0xbd, 0x3f,
+    0xa4, 0x5f, 0xe5, 0xcb, 0x70, 0x3a, 0x87, 0x3c, 0xbc, 0xf0, 0xc9, 0xfa, 0xd5, 0xd1, 0x52, 0x9c,
+    0xbf, 0x41, 0x14, 0x53, 0x43, 0x4a, 0x07, 0x17, 0x08, 0x5c, 0xd9, 0xbb, 0xb9, 0x6e, 0xbe, 0x7f,
+    0x2d, 0x22, 0xd0, 0x6b, 0x55, 0x90, 0x43, 0x7d, 0x1f, 0x37, 0x30, 0xc3, 0xb4, 0x02, 0xf7, 0xe6,
+    0xe7, 0xc6, 0x4b, 0x70, 0x2c, 0x77, 0x88, 0xd4, 0x2e, 0xd6, 0x11, 0xf0, 0x1a, 0xd8, 0x92, 0xf1,
+    0xdc, 0xb5, 0xfc, 0x63, 0x12, 0x79, 0x98, 0xe9, 0xd9, 0x22, 0x13, 0x51, 0xf6, 0x16, 0x6e, 0xd5,
+    0x21, 0xed, 0x58, 0x10, 0x8e, 0x11, 0x75, 0xeb, 0x4f, 0x2a, 0x46, 0xe7, 0x84, 0x28, 0xf1, 0x66,
+    0xf9, 0x1d, 0xdc, 0x5a, 0xd5, 0x17, 0xff, 0x70, 0xa6, 0x03, 0xc6, 0xaa, 0x62, 0x99, 0x9d, 0x72,
+    0xee, 0xcc, 0xa5, 0xb9, 0x3d, 0xe6, 0x49, 0xcd, 0x42, 0xb2, 0xa0, 0xcf, 0x3e, 0x0c, 0x77, 0x11,
+    0x62, 0x74, 0xf6, 0xab, 0xd2, 0x5c, 0x7a, 0x03, 0xdd, 0x0c, 0x9e, 0xed, 0x4b, 0x21, 0x31, 0x0b,
+    0xcd, 0xe2, 0xc1, 0x5c, 0x76, 0x29, 0x35, 0x1f, 0x15, 0x7c, 0x4e, 0x26, 0xb2, 0x96, 0x87, 0xf6,
+    0x67, 0xb1, 0x90, 0x19, 0x18, 0x4c, 0x8d, 0x8c, 0xe1, 0x75, 0x59, 0xf6, 0x5f, 0xdf, 0xd2, 0x6b,
+    0x72, 0xa3, 0xd5, 0x0f, 0x35, 0x63, 0x32, 0x08, 0x1d, 0x20, 0x97, 0x9d, 0x0b, 0xf8, 0x39, 0x89,
+    0x9b, 0x69, 0x2a, 0xf1, 0x07, 0x4b, 0x85, 0x73, 0x7b, 0x0f, 0x58, 0x47, 0x29, 0xb8, 0xac, 0x79,
+    0xbe, 0xc1, 0x0a, 0xc8, 0xc0, 0x25, 0xe2, 0xea, 0x04, 0x2e, 0x8d, 0xbc, 0xbd, 0x37, 0x5f, 0xde,
+    0xeb, 0x09, 0xc3, 0x0b, 0xf7, 0xf6, 0xbe, 0x42, 0x7e, 0xcb, 0x67, 0xd4, 0x2a, 0xf2, 0x94, 0x71,
+    0x86, 0xf1, 0x9f, 0xb5, 0xb8, 0x9a, 0x1e, 0x13, 0xe7, 0x4c, 0x73, 0x14, 0x5d, 0x12, 0x43, 0xda,
+    0x83, 0x34, 0xf9, 0x07, 0x72, 0x8a, 0xe9, 0x9c, 0xdb, 0x35, 0xb4, 0x0f, 0x49, 0xec, 0xa0, 0xba,
+    0x09, 0x0a, 0xee, 0xc9, 0x11, 0x91, 0xc1, 0x19, 0x6c, 0x64, 0xb1, 0x3f, 0x24, 0xd4, 0xe5, 0xe0,
+    0x54, 0x48, 0xd7, 0x58, 0xb4, 0xbc, 0xb9, 0x55, 0x76, 0x97, 0xbe, 0x6f, 0x93, 0x9c, 0x2a, 0x0e,
+    0x77, 0x66, 0xb3, 0xbd, 0xff, 0x73, 0xc5, 0x87, 0x21, 0x59, 0x50, 0x86, 0x1f, 0x06, 0xda, 0xe9,
+    0x40, 0xda, 0x8c, 0xd5, 0x1a, 0xfc, 0xe3, 0x2c, 0x86, 0xb0, 0x24, 0x03, 0xc3, 0xe2, 0x20, 0x4d,
+    0xf6, 0x91, 0x76, 0x4f, 0x48, 0x27, 0x25, 0x22, 0xe2, 0x88, 0x4c, 0x87, 0x5e, 0x58, 0x7b, 0xd2,
+    0x5a, 0x44, 0x63, 0xd6, 0xaa, 0xe3, 0x86, 0xfa, 0x3e, 0x6e, 0x60, 0x45, 0xab, 0x04, 0x2d, 0x0f,
+    0x0d, 0x4f, 0x96, 0xe0, 0x58, 0xee, 0xd3, 0x6b, 0x5c, 0x6f, 0x22, 0x23, 0x34, 0x73, 0xe7, 0x21,
+    0xfa, 0x5e, 0xfe, 0x34, 0x93, 0xa6, 0x13, 0xb4, 0xb2, 0x95, 0x3a, 0xa3, 0x6e, 0x72, 0x7d, 0x52,
+    0xc7, 0xab, 0x0d, 0xfb, 0x21, 0x09, 0x18, 0xc2, 0x6d, 0x8e, 0x03, 0x10, 0x9a, 0xa9, 0x82, 0x36,
+    0x65, 0x72, 0xac, 0xec, 0xdd, 0x92, 0x84, 0xb5, 0xf9, 0x91, 0xf1, 0xf8, 0x57, 0x6d, 0xd3, 0xea,
+    0x5f, 0x81, 0x05, 0x64, 0x60, 0xf3, 0x71, 0x75, 0x02, 0x17, 0xa7, 0x5e, 0xbf, 0xfa, 0xce, 0x6f,
+    0xd2, 0xb9, 0x48, 0xed, 0x0c, 0x26, 0xa7, 0x46, 0x91, 0xdb, 0xcd, 0x7b, 0xce, 0x8e, 0x69, 0xd4,
+    0xf0, 0x17, 0x32, 0x93, 0xc4, 0x86, 0x3e, 0x69, 0xca, 0x67, 0x77, 0x95, 0x46, 0x4d, 0x78, 0x92,
+    0x94, 0xe5, 0x80, 0xe4, 0x9a, 0x7b, 0x5f, 0x21, 0x3f, 0x84, 0xd2, 0x6a, 0x15, 0x79, 0x4a, 0xd9,
+    0x43, 0x99, 0xae, 0xbb, 0x5c, 0x4d, 0x0f, 0xe8, 0x92, 0x26, 0xd8, 0x0a, 0xcf, 0x09, 0xc0, 0x6d,
+    0x44, 0x9f, 0xf4, 0xfc, 0x53, 0x83, 0xf1, 0x5e, 0xb6, 0xbb, 0xb7, 0x1f, 0xd3, 0x45, 0x22, 0x8c,
+    0x9e, 0xac, 0x4c, 0x43, 0xcd, 0x5b, 0x72, 0xfc, 0x47, 0x76, 0x9f, 0x5c, 0x3d, 0x46, 0x4f, 0x19,
+    0xe9, 0xca, 0xff, 0xfe, 0x32, 0x28, 0xb7, 0x7b, 0x66, 0x2f, 0xcf, 0xda, 0x22, 0x40, 0x95, 0xf0,
+    0xb2, 0x0e, 0x82, 0xb3, 0x1b, 0xa4, 0xd4, 0x7c, 0x54, 0x33, 0xfb, 0x98, 0x8d, 0x1d, 0x59, 0x5e,
+    0x2a, 0x24, 0x8a, 0x2c, 0x5a, 0x5e, 0xbd, 0xcb, 0x3b, 0xaa, 0x5f, 0xd6, 0xa8, 0x4e, 0x15, 0x07,
+    0x13, 0x94, 0x01, 0xca, 0xa1, 0x8e, 0xa4, 0xcf, 0xd4, 0xba, 0xf5, 0x79, 0x4c, 0x32, 0xe8, 0xa2,
+    0x37, 0xbc, 0x3f, 0x68, 0xe5, 0x8f, 0x26, 0xab, 0xa7, 0xe9, 0x74, 0x85, 0xdc, 0xe4, 0xfa, 0xa4,
+    0x1c, 0x18, 0xab, 0xdf, 0x3c, 0xbe, 0x7e, 0x9d, 0x90, 0x31, 0x7f, 0x54, 0x70, 0xf3, 0x0e, 0x02,
+    0xb4, 0x88, 0xc6, 0x6f, 0x97, 0x05, 0xcf, 0x37, 0x7c, 0xdc, 0xc0, 0x8a, 0x95, 0x08, 0x5a, 0x1e,
+    0x4b, 0x13, 0x5e, 0xe9, 0xce, 0xb3, 0x2b, 0x0c, 0xf2, 0x30, 0x3d, 0x32, 0xef, 0x84, 0xc4, 0x2c,
+    0x7f, 0xec, 0x43, 0xef, 0x6d, 0x8d, 0xe1, 0x63, 0x41, 0x4f, 0xb5, 0xbe, 0x3f, 0x8b, 0xde, 0xa8,
+    0x78, 0xea, 0x19, 0xa8, 0x62, 0x43, 0x1f, 0xd5, 0x65, 0xd2, 0xda, 0xab, 0x23, 0xc7, 0x3c, 0x49,
+    0xcc, 0x62, 0xdf, 0xc7, 0xf5, 0x46, 0xd0, 0xe2, 0x19, 0x0e, 0x1a, 0x21, 0xb6, 0xcf, 0x66, 0x57,
+    0x81, 0xf7, 0xc5, 0xf2, 0xb7, 0x54, 0xe0, 0xa5, 0xc3, 0xd1, 0x1c, 0x01, 0x41, 0x5e, 0xa1, 0x3b,
+    0xac, 0xd5, 0x15, 0x99, 0xe2, 0xc4, 0xa3, 0xd8, 0xdc, 0xe6, 0x2c, 0xc2, 0xf5, 0x5c, 0x56, 0xdd,
+    0x98, 0x2a, 0x08, 0x9f, 0x41, 0xfa, 0x69, 0xb7, 0x6f, 0x99, 0xa4, 0x4e, 0x25, 0x53, 0x4c, 0x59,
+    0x56, 0x8b, 0xeb, 0xad, 0x71, 0x62, 0xb0, 0x6c, 0x6e, 0x73, 0x16, 0x61, 0x9b, 0x2e, 0x2b, 0x8f,
+    0x1e, 0xdb, 0x97, 0x2a, 0xf9, 0x60, 0x77, 0xa4, 0x88, 0xd5, 0xd7, 0x5a, 0x78, 0x41, 0x0f, 0x83,
+    0x30, 0xba, 0x65, 0x2f, 0xea, 0x41, 0xd8, 0x1d, 0x83, 0x74, 0x1b, 0x90, 0xc0, 0xa8, 0x18, 0x45,
+    0x14, 0x92, 0x5b, 0x8d, 0xae, 0x40, 0x5a, 0x79, 0xf0, 0x27, 0x9a, 0x6c, 0x50, 0x7e, 0x0a, 0x43,
+    0xc5, 0x68, 0x31, 0x0e, 0xe4, 0xd7, 0x11, 0xfb, 0x75, 0x6a, 0xab, 0x1e, 0x92, 0x1b, 0x83, 0xb7,
+    0x49, 0xd0, 0x62, 0x1c, 0x0b, 0x6d, 0x22, 0x35, 0xea, 0xd4, 0x95, 0x3c, 0xe7, 0x36, 0xc5, 0xad,
+    0xb0, 0xcd, 0xbe, 0x46, 0xde, 0x7a, 0xdd, 0x45, 0x4c, 0xd7, 0x53, 0x96, 0x85, 0xaf, 0x58, 0xdf,
+    0x70, 0x60, 0xe9, 0xfa, 0xf0, 0xbd, 0x3b, 0x31, 0x05, 0xc4, 0x3f, 0x93, 0x03, 0x4a, 0x38, 0x08,
+    0x0b, 0xc9, 0xd2, 0x3c, 0xd4, 0x4f, 0xc8, 0x20, 0x74, 0x80, 0x19, 0x31, 0x2c, 0x66, 0xe4, 0x61,
+    0xa6, 0x9c, 0xd9, 0x3e, 0xb5, 0xe4, 0x8e, 0x05, 0xa4, 0x14, 0x61, 0xf4, 0xdd, 0x63, 0x53, 0x1d,
+    0xaf, 0x96, 0x37, 0xf7, 0xa4, 0x75, 0x4f, 0x1c, 0xc8, 0x70, 0xd0, 0xcb, 0xf9, 0xb7, 0xb6, 0xfd,
+    0xa1, 0x9a, 0x83, 0x79, 0xba, 0x2a, 0x70, 0xb3, 0x80, 0x89, 0x0e, 0xe1, 0xc1, 0x2f, 0xb1, 0xfc,
+    0x17, 0xd1, 0x79, 0xe3, 0xe8, 0xf1, 0xb6, 0xbd, 0xe4, 0xb1, 0x66, 0x65, 0x5c, 0x95, 0xea, 0x63,
+    0xf5, 0xd2, 0x54, 0x21, 0x0e, 0x96, 0xc9, 0xe6, 0xf6, 0x1e, 0xb0, 0x8e, 0x52, 0xb3, 0x9b, 0xf2,
+    0xfd, 0x58, 0xa4, 0x73, 0x9c, 0x68, 0xed, 0x02, 0x96, 0x08, 0x55, 0xb6, 0x72, 0x3e, 0x9f, 0xb3,
+    0x3c, 0x75, 0xed, 0x54, 0x31, 0xc0, 0xee, 0x8b, 0xd3, 0x69, 0x6d, 0xb4, 0xf0, 0x82, 0x1e, 0xc5,
+    0xca, 0xe4, 0x9b, 0x1b, 0x79, 0xe7, 0xcb, 0xa9, 0x31, 0xe1, 0x21, 0x33, 0xae, 0xda, 0x65, 0x17,
+    0xa2, 0xd9, 0xa1, 0x17, 0xfc, 0x9b, 0x9c, 0x77, 0x94, 0x1f, 0xf2, 0xe8, 0xcd, 0xc4, 0x51, 0xdc,
+    0x4a, 0x93, 0x40, 0x72, 0x4d, 0xdc, 0xce, 0xf1, 0xfe, 0x42, 0x69, 0x35, 0xeb, 0xdd, 0x25, 0x8d,
+    0x0c, 0xcf, 0x88, 0x7b, 0xdb, 0x81, 0x36, 0x96, 0x50, 0x1d, 0x76, 0x24, 0x30, 0x2a, 0x06, 0x80,
+    0x18, 0x5d, 0xd3, 0xf6, 0x75, 0xc1, 0x6c, 0xef, 0xa0, 0x3a, 0xec, 0x48, 0x60, 0x54, 0x0c, 0xc3,
+    0xc3, 0xee, 0x75, 0xd2, 0x68, 0x76, 0x0a, 0xb0, 0x5d, 0x85, 0x90, 0x0c, 0x8a, 0x0e, 0x80, 0xf7,
+    0x47, 0xdc, 0xd6, 0x92, 0x15, 0x32, 0x1d, 0x9a, 0xa2, 0x2d, 0x4b, 0x16, 0xdf, 0xae, 0xc2, 0xac,
+    0x8f, 0xfb, 0x71, 0x7c, 0xa9, 0x0b, 0xdf, 0x0a, 0x8b, 0x28, 0xc2, 0x2b, 0x79, 0xc6, 0xa6, 0x3a,
+    0xf2, 0xd4, 0x0e, 0x66, 0x01, 0x58, 0x37, 0x50, 0xd2, 0x83, 0xdf, 0x9b, 0x4e, 0xff, 0x79, 0x13,
+    0xe0, 0xc0, 0x11, 0x37, 0x23, 0xb9, 0x76, 0x62, 0x0a, 0x4b, 0x7e, 0xe5, 0x06, 0x94, 0x70, 0x10,
+    0x3d, 0xf5, 0xf3, 0xcf, 0xb2, 0xaf, 0x0b, 0x76, 0xdf, 0x1b, 0x39, 0xb3, 0xf4, 0xdb, 0xff, 0x64,
+    0xaa, 0x53, 0x51, 0x45, 0x6e, 0x65, 0xb8, 0x93, 0xf4, 0x09, 0x17, 0xd0, 0xed, 0x49, 0x55, 0x9d,
+    0x57, 0x0b, 0xf5, 0x36, 0xf2, 0x0d, 0x55, 0x91, 0x62, 0x01, 0x42, 0x66, 0x9f, 0x77, 0xca, 0x2e,
+    0x87, 0x71, 0x81, 0x2e, 0x3b, 0xf5, 0xfb, 0xee, 0xeb, 0x3e, 0x27, 0x13, 0x59, 0x4b, 0xa2, 0x7b,
+    0xb6, 0x4b, 0xfa, 0x9a, 0x52, 0xdb, 0xc6, 0x0e, 0x64, 0x38, 0x68, 0x84, 0x9d, 0xba, 0x5b, 0x9f,
+    0xe3, 0x83, 0x33, 0x59, 0x65, 0x08, 0x9a, 0xa6, 0x1e, 0xdd, 0x82, 0xec, 0x0a, 0x7f, 0x90, 0x30,
+    0x23, 0x2e, 0x64, 0xe5, 0x4b, 0xcf, 0x7c, 0xd2, 0x57, 0xce, 0xee, 0xe9, 0x8c, 0x9a, 0xf0, 0xe7,
+    0x52, 0xce, 0x93, 0x84, 0x38, 0x1d, 0xa2, 0x1e, 0x5e, 0x78, 0x85, 0x7d, 0x8b, 0x89, 0x29, 0x4e,
+    0x8e, 0x7b, 0x6f, 0xe7, 0x2a, 0x64, 0x3a, 0xf7, 0x87, 0x5a, 0x96, 0x2c, 0x7d, 0x9f, 0x47, 0x9b,
+    0xdd, 0x35, 0xe2, 0xf8, 0x91, 0x16, 0x7d, 0x14, 0xd5, 0x50, 0x47, 0x56, 0xf2, 0x4f, 0x8f, 0x74,
+    0x2c, 0xa2, 0xce, 0xf0, 0xd6, 0xff, 0xa6, 0x80, 0x13, 0x45, 0x64, 0xc4, 0xb0, 0x5b, 0x16, 0x47,
+    0x50, 0x0d, 0xaf, 0x71, 0xfd, 0xc3, 0xab, 0x27, 0x46, 0x9c, 0x2d, 0x73, 0x83, 0x3b, 0x28, 0xcf,
+    0xec, 0x0f, 0x99, 0x4c, 0xf8, 0x38, 0x40, 0xf4, 0x5a, 0x56, 0x08, 0xc1, 0x36, 0xbe, 0x76, 0x90,
+    0x06, 0x86, 0x44, 0xdc, 0x8c, 0xa1, 0x1b, 0x4b, 0x28, 0xef, 0x3b, 0x12, 0x18, 0x15, 0x03, 0x40,
+    0x91, 0x20, 0xe6, 0x56, 0x50, 0x6b, 0xa8, 0xae, 0x03, 0xfd, 0x15, 0x71, 0x01, 0x87, 0xa9, 0xb9,
+    0xa3, 0x59, 0xbf, 0x8c, 0x7f, 0xf4, 0x79, 0x8a, 0x98, 0x6d, 0xa6, 0xef, 0xc9, 0x9d, 0xb0, 0x7d,
+    0xff, 0x9b, 0x98, 0x86, 0x59, 0xb6, 0xe4, 0x3b, 0x8e, 0xec, 0xfd, 0xb8, 0x7a, 0x8c, 0x9e, 0x32,
+    0x9c, 0x6f, 0x70, 0xb6, 0x08, 0x85, 0x7b, 0xc5, 0x5f, 0x92, 0x37, 0x52, 0x35, 0xf4, 0x4e, 0x98,
+    0x2b, 0xa4, 0x94, 0xb7, 0xd9, 0x31, 0x58, 0x36, 0x37, 0xd8, 0x0b, 0xd1, 0xac, 0x17, 0xf4, 0xa6,
+    0xc6, 0x2b, 0x13, 0x60, 0xa2, 0x66, 0xfd, 0x3f, 0x61, 0xfc, 0x57, 0x17, 0x9e, 0xf0, 0x63, 0x97,
+    0x39, 0xb0, 0x8b, 0xe6, 0xfb, 0xd0, 0x19, 0x04, 0xef, 0x10, 0xaa, 0xaf, 0xe4, 0x7c, 0xfd, 0xa5,
+    0x29, 0x67, 0xa8, 0x42, 0x1c, 0xef, 0x51, 0x0f, 0x2f, 0x3c, 0xa3, 0xdf, 0xa4, 0xa5, 0xf5, 0x27,
+    0x5b, 0xc4, 0x7d, 0x4d, 0x29, 0x8c, 0x63, 0x07, 0x32, 0x1c, 0x34, 0x42, 0xaf, 0x5d, 0xcc, 0xae,
+    0x90, 0xa0, 0xf8, 0xcd, 0xd3, 0x04, 0x4d, 0x53, 0x0f, 0x8f, 0x41, 0x76, 0x05, 0xde, 0x48, 0x18,
+    0x58, 0x87, 0x5f, 0x23, 0x6f, 0x3d, 0x8f, 0xc3, 0x26, 0x8a, 0xc8, 0x4b, 0xa3, 0xb6, 0x2c, 0x8e,
+    0xf1, 0x97, 0x2c, 0x08, 0x47, 0xe9, 0xdb, 0x94, 0xc6, 0x15, 0x23, 0x92, 0x42, 0x14, 0x99, 0x33,
+    0xdf, 0xf6, 0xde, 0x0d, 0x54, 0xc8, 0x74, 0x2d, 0xcd, 0xb4, 0xef, 0x58, 0xfa, 0xfd, 0x8e, 0xf5,
+    0x28, 0xe7, 0xb6, 0xd9, 0x9f, 0x80, 0xb4, 0xf2, 0x23, 0x4e, 0xf7, 0xd8, 0xa0, 0xfc, 0x14, 0x86,
+    0x60, 0xb7, 0xca, 0x5e, 0x17, 0x82, 0x73, 0x3a, 0xc5, 0xe8, 0x36, 0xe3, 0x43, 0x93, 0x30, 0x8a,
+    0x79, 0x6a, 0x07, 0x33, 0xe1, 0x2c, 0xfa, 0x28, 0x69, 0xa0, 0x8e, 0xac, 0x27, 0x9e, 0xdd, 0xe8,
+    0x76, 0xe6, 0xad, 0x26, 0x7c, 0x1c, 0x20, 0x7a, 0x2d, 0x2b, 0x04, 0x81, 0x1b, 0x5f, 0x3b, 0x48,
+    0x03, 0x43, 0x22, 0x6e, 0x46, 0xb1, 0xec, 0xc4, 0x14, 0x96, 0xfc, 0x09, 0x0c, 0xeb, 0xe0, 0x20,
+    0xc8, 0x27, 0xa7, 0xee, 0xbc, 0x39, 0xc2, 0x90, 0x29, 0x05, 0x89, 0x3d, 0xa6, 0x68, 0x64, 0x96,
+    0x02, 0xc3, 0x3c, 0xf5, 0xc5, 0xde, 0x09, 0x39, 0x18, 0xe4, 0xa8, 0x0e, 0x08, 0xb2, 0x01, 0x81,
+    0x12, 0x14, 0x1f, 0x51, 0x22, 0xe1, 0x41, 0x32, 0xd8, 0xc8, 0xa1, 0x7e, 0x48, 0x6b, 0x09, 0x03,
+    0xef, 0x4c, 0xbb, 0x22, 0xbe, 0x89, 0xac, 0x30, 0x4e, 0xc0, 0xf4, 0xc8, 0x3a, 0x55, 0x96, 0xb0,
+    0x46, 0x5c, 0xc8, 0x09, 0x96, 0x5d, 0xf8, 0x67, 0xae, 0x5f, 0x1f, 0x11, 0xdb, 0xf7, 0x23, 0x0d,
+    0x51, 0x8d, 0xb1, 0xea, 0x7e, 0xac, 0x4e, 0xda, 0x4a, 0xee, 0x79, 0x74, 0x87, 0x62, 0xc9, 0x6e,
+    0xdb, 0xb3, 0xa6, 0x24, 0x1d, 0xb7, 0x66, 0x5f, 0xfd, 0xbf, 0x7c, 0x44, 0xea, 0x5a, 0x8c, 0x34,
+    0x74, 0x25, 0x91, 0xd3, 0xb9, 0xc2, 0x29, 0x43, 0x35, 0xcf, 0xac, 0x8f, 0x13, 0xed, 0x3a, 0xc9,
+    0x0f, 0x8c, 0xaa, 0x15, 0x9d, 0x30, 0xda, 0x52, 0x44, 0x8b, 0x8a, 0x2d, 0x3c, 0xc1, 0xe6, 0xa0,
+    0xc1, 0x2d, 0x49, 0x27, 0xad, 0xa8, 0x03, 0x89, 0x45, 0x61, 0x38, 0x02, 0x82, 0xbc, 0x81, 0x76,
+    0x8d, 0x38, 0x4d, 0x89, 0x6c, 0xd5, 0xd6, 0x33, 0x93, 0xcc, 0x6a, 0x25, 0x71, 0x74, 0xa7, 0xbb,
+    0x68, 0x3d, 0x3a, 0x0c, 0x85, 0x7c, 0x57, 0xde, 0xa5, 0xfe, 0xd3, 0xdb, 0x63, 0x1e, 0x34, 0xcb,
+    0xb7, 0xcb, 0xe4, 0x01, 0xd1, 0xb4, 0x23, 0xf3, 0x68, 0x4a, 0x3c, 0x83, 0x99, 0xe3, 0xba, 0x3e,
+    0x0e, 0x0c, 0xb4, 0x8e, 0x1e, 0x5f, 0x3f, 0xaf, 0x48, 0xf9, 0xde, 0x2a, 0x38, 0x98, 0x07, 0x01,
+    0x5d, 0x42, 0x39, 0x91, 0xa5, 0x2d, 0x78, 0x4c, 0x1a, 0xf3, 0x0f, 0x50, 0xb7, 0x48, 0xcf, 0xee,
+    0xe2, 0x03, 0x2d, 0xc2, 0xe6, 0x67, 0x7f, 0x5b, 0x12, 0xaf, 0xd6, 0xeb, 0x0e, 0x26, 0x71, 0x91,
+    0xc0, 0xad, 0x57, 0xbc, 0x2e, 0xc7, 0xe6, 0x74, 0x49, 0x13, 0x6c, 0x05, 0x86, 0xe5, 0x60, 0xd7,
+    0x96, 0x26, 0xbc, 0x11, 0x5f, 0xa5, 0x56, 0x18, 0x27, 0x60, 0x7a, 0x64, 0x1d, 0xcb, 0x4b, 0x58,
+    0xad, 0x55, 0x0b, 0x02, 0x61, 0xab, 0x46, 0x25, 0xd0, 0x94, 0x78, 0xc5, 0xf1, 0x05, 0xb7, 0x7c,
+    0x01, 0x80, 0x1e, 0x9b, 0x83, 0x6f, 0xe5, 0xfd, 0x0c, 0x72, 0x54, 0x07, 0x04, 0x59, 0xe1, 0xa1,
+    0x24, 0x28, 0x3e, 0xa2, 0x44, 0x01, 0x82, 0x64, 0x73, 0x53, 0x81, 0xfc, 0x90, 0xd6, 0x12, 0x06,
+    0xe8, 0x4a, 0xe1, 0x65, 0xb1, 0x47, 0x52, 0x86, 0x6a, 0x5d, 0x9b, 0xdd, 0x26, 0x19, 0x74, 0x51,
+    0x8c, 0xb8, 0x53, 0x12, 0xef, 0xba, 0x33, 0xce, 0x9f, 0xbe, 0x3e, 0x22, 0x75, 0x2d, 0x46, 0x1a,
+    0xf3, 0x54, 0x10, 0xfd, 0x82, 0x37, 0xd2, 0xad, 0xde, 0xf1, 0x8b, 0x9c, 0x4a, 0xa6, 0x98, 0xb2,
+    0xa7, 0x1c, 0xc7, 0xa5, 0x36, 0x8b, 0x6b, 0xf8, 0xa8, 0x66, 0x35, 0xf3, 0xd9, 0x3a, 0xb2, 0xbc,
+    0x34, 0xff, 0x1d, 0x06, 0xa3, 0x3e, 0xca, 0x6f, 0xb3, 0x7f, 0x88, 0x8c, 0xd0, 0x0f, 0x1a, 0x84,
+    0xe6, 0x46, 0x55, 0xeb, 0xaf, 0x18, 0x6d, 0x29, 0x22, 0xa4, 0x45, 0xf7, 0x1e, 0x81, 0x73, 0x50,
+    0x48, 0x50, 0x7c, 0x87, 0x88, 0x02, 0xc7, 0xc8, 0xe6, 0xa6, 0xc1, 0x3b, 0xe3, 0x6f, 0x24, 0x0c,
+    0xba, 0x84, 0x72, 0xe1, 0x89, 0x5a, 0xf0, 0x98, 0x34, 0x25, 0x1e, 0xa0, 0xad, 0x90, 0x5d, 0x1f,
+    0x07, 0x06, 0x5a, 0x47, 0x0f, 0xce, 0xfe, 0xb6, 0x24, 0x9d, 0x6f, 0x15, 0x1c, 0x4c, 0xe2, 0xe1,
+    0xfc, 0xd8, 0xba, 0xe8, 0x1f, 0x07, 0x08, 0xff, 0x9a, 0x7a, 0x01, 0xb1, 0x76, 0x67, 0x7e, 0x12,
+    0x4d, 0x95, 0x1a, 0x35, 0x42, 0x12, 0x30, 0x47, 0xda, 0xdf, 0x06, 0x20, 0xf7, 0x91, 0xc7, 0x6c,
+    0x19, 0xdd, 0xcd, 0x6d, 0xf6, 0xae, 0x89, 0x12, 0xac, 0x48, 0xb8, 0x4f, 0x64, 0x0d, 0xed, 0x62,
+    0x42, 0x19, 0xb0, 0x20, 0xdf, 0x22, 0xea, 0x15, 0x9e, 0x54, 0x8c, 0x0d, 0xcb, 0x50, 0x21, 0xcc,
+    0x75, 0xa5, 0x8f, 0x48, 0x3a, 0xad, 0xcc, 0xbe, 0x39, 0xbd, 0xf8, 0x88, 0x17, 0xb4, 0xdb, 0x68,
+    0x4c, 0x15, 0x04, 0xae, 0xc1, 0x7d, 0xd5, 0xba, 0xd6, 0xad, 0x52, 0x27, 0xf3, 0xc8, 0x26, 0xcd,
+    0xa9, 0x10, 0x73, 0x2b, 0x28, 0xd4, 0x54, 0x57, 0xe0, 0x9f, 0xeb, 0xd9, 0xe1, 0xa2, 0xb5, 0xbd,
+    0x82, 0xb4, 0xe7, 0x9c, 0xf1, 0xe5, 0x0c, 0x61, 0xd7, 0x47, 0xe0, 0x08, 0x4d, 0xb5, 0x41, 0x1b,
+    0xf7, 0x11, 0x68, 0xd4, 0xcb, 0x48, 0xc0, 0xdf, 0xee, 0xfa, 0x18, 0x80, 0x5a, 0x01, 0x9a, 0x73,
+    0x08, 0x8a, 0xf0, 0x52, 0x92, 0xfe, 0x24, 0xe4, 0x60, 0x16, 0xe5, 0x38, 0x20, 0x8d, 0x04, 0x41,
+    0x4f, 0x56, 0x26, 0xc0, 0x87, 0xcc, 0x39, 0x7e, 0xc2, 0x3b, 0xae, 0x2e, 0xff, 0x23, 0xc6, 0xed,
+    0x10, 0xd7, 0x23, 0xa4, 0xe7, 0x3f, 0x48, 0x0b, 0xc0, 0x2c, 0x09, 0x70, 0x40, 0xd9, 0x08, 0x82,
+    0x3b, 0x73, 0xb7, 0x13, 0x3e, 0x0e, 0x10, 0x3d, 0xf7, 0xf4, 0x02, 0xa1, 0xec, 0xce, 0xfc, 0x24,
+    0xcb, 0x64, 0x85, 0x80, 0xfa, 0x88, 0x2e, 0x54, 0x3d, 0x93, 0x75, 0x34, 0xaa, 0x83, 0x84, 0xb6,
+    0x20, 0x6d, 0x46, 0x8b, 0x0d, 0x7e, 0x90, 0x16, 0x43, 0x58, 0x12, 0xe0, 0x80, 0x71, 0x10, 0xc7,
+    0x63, 0xf4, 0xe8, 0x30, 0x51, 0x33, 0x9f, 0xfe, 0xd1, 0x7e, 0xca, 0xea, 0x4f, 0x78, 0xd0, 0xaa,
+    0x73, 0x23, 0xcb, 0x94, 0xb6, 0x0c, 0xd7, 0xf5, 0x11, 0x52, 0xc3, 0x9a, 0x0f, 0xa1, 0xd8, 0x28,
+    0xed, 0x8f, 0x87, 0xd7, 0x7b, 0x57, 0xa5, 0x09, 0x56, 0x24, 0x5c, 0xc6, 0x32, 0xe7, 0x97, 0x31,
+    0xea, 0x89, 0xdd, 0x90, 0x74, 0x99, 0x5b, 0xbf, 0x72, 0xb9, 0x33, 0xd3, 0x2e, 0xab, 0x75, 0xd0,
+    0xc9, 0xa7, 0xb9, 0x75, 0x3f, 0x56, 0x27, 0x6d, 0x25, 0x77, 0xdd, 0x3a, 0xa2, 0x31, 0x85, 0x37,
+    0x32, 0x79, 0x59, 0xda, 0x2f, 0x9f, 0xd1, 0x24, 0x9b, 0x90, 0xb3, 0x9e, 0xc8, 0x1a, 0x19, 0xc4,
+    0x84, 0x32, 0xa3, 0x40, 0x7d, 0x44, 0x17, 0x2a, 0xff, 0xa8, 0xdb, 0x1a, 0x55, 0xa0, 0x42, 0x5b,
+    0x53, 0x4e, 0x8d, 0x1f, 0xbb, 0x72, 0x47, 0xe3, 0x52, 0x0a, 0xd1, 0x7a, 0x8f, 0xd0, 0xc8, 0xef,
+    0x04, 0x45, 0x78, 0x29, 0x49, 0x7f, 0x12, 0x72, 0x30, 0x0b, 0x93, 0x1c, 0x10, 0xa7, 0x02, 0xc1,
+    0x7c, 0xaf, 0x61, 0x81, 0x2b, 0x3c, 0x0d, 0xa7, 0x55, 0xd9, 0x49, 0xb7, 0x33, 0x60, 0x3e, 0x88,
+    0x41, 0x5a, 0x92, 0x4e, 0x99, 0x93, 0x06, 0xd1, 0x8a, 0xc2, 0x70, 0x04, 0xc7, 0xbb, 0xc1, 0xec,
+    0x27, 0x6b, 0x1c, 0xcc, 0x02, 0xb0, 0x6e, 0xa0, 0x67, 0xc5, 0x7d, 0xf5, 0x9c, 0x3d, 0xf2, 0x26,
+    0x55, 0xc8, 0xc9, 0xc3, 0x37, 0xd3, 0x5c, 0xa8, 0x7a, 0xe5, 0xea, 0x68, 0x97, 0xc5, 0xcb, 0xaf,
+    0xcf, 0x21, 0xfd, 0xa9, 0xb3, 0xf7, 0x3c, 0x26, 0x0d, 0x98, 0xe6, 0x28, 0xba, 0x24, 0x86, 0x77,
+    0x71, 0xe0, 0xf7, 0x61, 0x73, 0xd2, 0xde, 0xcc, 0x09, 0xb6, 0x6b, 0x94, 0x07, 0x13, 0xd9, 0xa9,
+    0x11, 0x57, 0x3d, 0x3f, 0x64, 0x50, 0xad, 0xf6, 0xcc, 0x5e, 0x5d, 0x77, 0x44, 0x80, 0xe9, 0x23,
+    0x97, 0xa6, 0xa2, 0x8a, 0xdc, 0xca, 0xb3, 0xe5, 0x2b, 0x12, 0x2e, 0x63, 0x19, 0x92, 0xaa, 0xf9,
+    0xd9, 0x70, 0x9a, 0xd1, 0xd8, 0x69, 0x6f, 0x66, 0xe5, 0x5b, 0xd4, 0x4a, 0xe2, 0xe8, 0x8d, 0xb5,
+    0xd0, 0x7a, 0x74, 0x18, 0xc9, 0xf8, 0xae, 0x7f, 0x89, 0x3f, 0x65, 0x75, 0xc6, 0x3c, 0x68, 0x55,
+    0xa8, 0x90, 0x6d, 0xb0, 0xab, 0xbb, 0xb1, 0xaa, 0xec, 0xed, 0xbf, 0xde, 0xe5, 0xfb, 0x54, 0x1c,
+    0x1b, 0x1e, 0xf1, 0x98, 0x33, 0x70, 0x80, 0x2b, 0xb4, 0xac, 0x10, 0x41, 0x6c, 0xbf, 0xec, 0xe3,
+    0x16, 0x51, 0x67, 0x78, 0x6b, 0x9e, 0x53, 0x40, 0xe8, 0xc3, 0x32, 0x62, 0x58, 0xcc, 0x0b, 0xc2,
+    0x6c, 0x78, 0x42, 0x25, 0xcc, 0x03, 0x45, 0xac, 0x95, 0xf5, 0x40, 0xc7, 0x73, 0xb9, 0x36, 0x0a,
+    0x2f, 0xe1, 0xec, 0x9e, 0x90, 0x4e, 0x4a, 0x44, 0x07, 0xd3, 0x98, 0xcd, 0xbc, 0xb0, 0xf6, 0x67,
+    0x45, 0x1f, 0xea, 0x67, 0xd0, 0xec, 0x14, 0xa3, 0xba, 0xc9, 0xe3, 0x18, 0xd7, 0x1c, 0xc3, 0x2d,
+    0x33, 0xf9, 0x47, 0x41, 0xac, 0xf0, 0x34, 0xd9, 0x97, 0xe2, 0xe7, 0x99, 0xcc, 0x43, 0xf8, 0x65,
+    0x1d, 0x98, 0xb5, 0x44, 0xbf, 0xd1, 0x9b, 0x60, 0x9c, 0x43, 0x2b, 0x53, 0x74, 0xaa, 0xef, 0xa3,
+    0xfe, 0x1b, 0x86, 0x1d, 0xda, 0xd9, 0x01, 0xc6, 0x82, 0x9e, 0xa9, 0xbf, 0x7e, 0xd5, 0x7f, 0x93,
+    0x7a, 0x29, 0x25, 0x5d, 0xa7, 0x9d, 0x16, 0xec, 0x7d, 0x36, 0x72, 0xa5, 0x2b, 0x75, 0x3d, 0xc8,
+    0x64, 0xf2, 0xb2, 0x77, 0x5e, 0xfd, 0x61, 0x48, 0xf5, 0xe3, 0xa5, 0xff, 0x53, 0x34, 0x32, 0x4b,
+    0xb3, 0x8e, 0x9c, 0x28, 0x98, 0xcb, 0x31, 0x81, 0x58, 0x41, 0xaf, 0x9f, 0x89, 0x44, 0xb8, 0xff,
+    0x1f, 0x5b, 0x89, 0xb1, 0x7a, 0x0f, 0x92, 0x59, 0x84, 0xa7, 0x83, 0x5d, 0x7c, 0x18, 0xee, 0x22,
+    0x2e, 0x61, 0xf2, 0x05, 0x13, 0x21, 0xaf, 0xb9, 0x0b, 0xa1, 0xcc, 0xca, 0xb8, 0xe9, 0x17, 0xc6,
+    0xe4, 0x85, 0x69, 0x1e, 0x6a, 0xc6, 0x64, 0x10, 0x3a, 0x40, 0xed, 0xf9, 0x16, 0x33, 0x72, 0xd1,
+    0x6a, 0xfe, 0x06, 0xf9, 0x40, 0xa2, 0x5e, 0xe7, 0xbd, 0x1a, 0x7b, 0xd5, 0x6b, 0xac, 0x35, 0x4a,
+    0x7d, 0x2f, 0x7f, 0x1a, 0xa8, 0x53, 0xe8, 0x5a, 0x59, 0xab, 0x1d, 0xb0, 0x37, 0x39, 0xdf, 0x29,
+    0xd8, 0xf0, 0x84, 0x4a, 0x5b, 0x06, 0x8a, 0x9b, 0xe9, 0x29, 0x80, 0x4d, 0xe6, 0xb1, 0x6c, 0x14,
+    0xc2, 0x6e, 0x6b, 0x49, 0xeb, 0x19, 0xef, 0x4d, 0x51, 0xf7, 0xc4, 0x0b, 0x8e, 0x57, 0x61, 0x56,
+    0x36, 0x3c, 0x21, 0xf3, 0x66, 0xe0, 0xc3, 0x56, 0xab, 0x9b, 0x20, 0x82, 0xd8, 0xbd, 0x1b, 0x05,
+    0xf8, 0x9d, 0xc2, 0xc1, 0x56, 0x78, 0x1a, 0x8d, 0xaa, 0x71, 0x92, 0xad, 0x66, 0xc0, 0x7c, 0xd3,
+    0x26, 0xeb, 0x02, 0x57, 0x81, 0xdf, 0x8b, 0x5d, 0x6b, 0xb7, 0x29, 0xf2, 0x98, 0x64, 0x13, 0x87,
+    0x3f, 0x36, 0xcf, 0x3a, 0x77, 0x71, 0x02, 0x4f, 0xc7, 0xff, 0x91, 0xbd, 0xfc, 0x69, 0xfe, 0xe5,
+    0x0a, 0x49, 0xcc, 0xa7, 0x57, 0x20, 0x2d, 0xdd, 0x78, 0xf2, 0x4d, 0x36, 0x28, 0x3f, 0x05, 0xc0,
+    0x9f, 0x2c, 0x52, 0xd8, 0x4e, 0x34, 0x97, 0x01, 0x4b, 0x04, 0xcb, 0x5b, 0x39, 0x1f, 0xae, 0xb8,
+    0xf4, 0x52, 0x4a, 0xba, 0x8d, 0xf9, 0x2c, 0x1b, 0xfa, 0x6c, 0xe4, 0x89, 0x56, 0xea, 0x7a, 0x53,
+    0x1a, 0x9e, 0xef, 0x03, 0xb0, 0x1f, 0x65, 0xd6, 0xb8, 0xde, 0x44, 0x46, 0x68, 0xe6, 0x0d, 0x42,
+    0xa5, 0xdf, 0xfb, 0x50, 0xf3, 0x55, 0x62, 0xc1, 0xb0, 0x82, 0x9d, 0xfd, 0xd1, 0x88, 0xb3, 0x3d,
+    0x61, 0x37, 0xd4, 0xc5, 0x94, 0xed, 0x96, 0xc7, 0xc9, 0x9a, 0x62, 0xe4, 0x47, 0xca, 0xd1, 0x2b,
+    0x35, 0x7f, 0x03, 0x9d, 0x20, 0x51, 0x2f, 0x92, 0xbf, 0x0d, 0xdc, 0x8b, 0xd4, 0x56, 0xfb, 0x25,
+    0x7b, 0xa9, 0x3b, 0xc6, 0x24, 0xf2, 0xf3, 0x11, 0x71, 0x44, 0x26, 0xa2, 0x2f, 0x2c, 0xdc, 0x69,
+    0xde, 0x76, 0xc0, 0x96, 0xd7, 0xa7, 0x91, 0xd0, 0xc1, 0xc6, 0xbb, 0x5f, 0xfe, 0xa4, 0x6f, 0x54,
+    0xb5, 0x08, 0xd8, 0xf4, 0x14, 0x6a, 0x2a, 0xca, 0x70, 0xae, 0x94, 0x8d, 0x91, 0x51, 0xbb, 0xbf,
+    0xda, 0x33, 0xb8, 0xbf, 0x9e, 0xd8, 0x83, 0xa2, 0xf1, 0xcd, 0x28, 0x43, 0xee, 0x03, 0x6d, 0x95,
+    0xbc, 0x02, 0x36, 0x3d, 0x05, 0xfb, 0xeb, 0xd3, 0x1c, 0xca, 0x25, 0xb2, 0xb5, 0x85, 0x5e, 0x5f,
+    0xd7, 0x7c, 0x2e, 0x5f, 0xc6, 0x36, 0x50, 0xc9, 0xad, 0xa2, 0x0a, 0x60, 0xda, 0x70, 0x8a, 0xb4,
+    0xab, 0xd3, 0x4f, 0xde, 0xed, 0x0a, 0x5d, 0x6e, 0xf8, 0x7b, 0x43, 0xd7, 0xe9, 0x10, 0xb4, 0x3c,
+    0x22, 0xae, 0x7a, 0x7e, 0xc8, 0xa0, 0x99, 0x2f, 0x5b, 0xbc, 0xba, 0xee, 0x88, 0xc3, 0x11, 0x46,
+    0x66, 0x31, 0x8e, 0x82, 0x9b, 0x23, 0x68, 0x71, 0xed, 0x07, 0x0d, 0xf1, 0x5b, 0x86, 0x33, 0xca,
+    0x3a, 0xf3, 0xa9, 0x88, 0xbd, 0x61, 0xf5, 0xc0, 0xfb, 0x86, 0x56, 0xa6, 0xe8, 0x97, 0x1d, 0x85,
+    0x9a, 0xe9, 0x34, 0x6a, 0x84, 0x24, 0x60, 0x8e, 0x77, 0x7d, 0x0c, 0x40, 0x2d, 0xe1, 0x4d, 0xd8,
+    0x6b, 0x7e, 0x18, 0x62, 0xc3, 0xcd, 0xbb, 0x1a, 0xb1, 0x68, 0x2f, 0xd2, 0x6f, 0xf5, 0xd4, 0xeb,
+    0x05, 0xc5, 0x66, 0xb2, 0xca, 0x10, 0xf7, 0x8f, 0x3c, 0x79, 0xc7, 0x1b, 0x14, 0xfe, 0xe3, 0x60,
+    0x6f, 0x3b, 0x60, 0x4b, 0x8a, 0xb2, 0xa9, 0x68, 0x81, 0x63, 0xbc, 0xce, 0x7f, 0x52, 0xd6, 0x2a,
+    0x80, 0x77, 0xdb, 0x69, 0x34, 0x3b, 0x05, 0x58, 0xcf, 0xa3, 0x48, 0x06, 0x45, 0x07, 0x40, 0x9a,
+    0x5c, 0xc2, 0x27, 0x0a, 0x26, 0x42, 0x9d, 0xb1, 0x16, 0x81, 0x5b, 0x57, 0xb3, 0x11, 0x2e, 0x4f,
+    0xfb, 0xde, 0xe0, 0xaf, 0x10, 0xc9, 0xf6, 0x49, 0xbe, 0xe7, 0x6e, 0xa4, 0x6a, 0x2b, 0x9c, 0xf3,
+    0x89, 0x7d, 0x35, 0xa0, 0x25, 0xaa, 0xc4, 0x41, 0xa3, 0xc7, 0xf9, 0x39, 0x61, 0xd3, 0xa5, 0x7a,
+    0x5e, 0x01, 0x1b, 0xff, 0xe3, 0x9c, 0x94, 0x88, 0x0e, 0x65, 0xf3, 0x59, 0xbb, 0xa3, 0x2f, 0xce,
+    0x8a, 0x3e, 0x17, 0xce, 0x63, 0x1b, 0x28, 0x85, 0xb7, 0x51, 0x05, 0x30, 0x6d, 0x38, 0x45, 0x5a,
+    0xbb, 0x04, 0x6c, 0x7a, 0x0a, 0x35, 0x15, 0x65, 0x38, 0x57, 0x4a, 0xa7, 0xa9, 0xc9, 0xbc, 0xbe,
+    0x6d, 0xf8, 0x5c, 0xbe, 0x4f, 0x6c, 0xa0, 0x51, 0x99, 0x87, 0x14, 0xc0, 0x77, 0xe0, 0xd7, 0xab,
+    0x9d, 0xef, 0x6e, 0x2d, 0x8b, 0xea, 0x9e, 0x38, 0x53, 0xe0, 0x63, 0x55, 0x31, 0xad, 0xaf, 0x39,
+    0x25, 0xa8, 0x20, 0x39, 0xc7, 0x6e, 0x67, 0x99, 0x7f, 0x21, 0xd5, 0xfb, 0x94, 0x8f, 0xf3, 0xa7,
+    0xc4, 0xe8, 0x2f, 0x95, 0x67, 0xb8, 0xf4, 0x06, 0x79, 0x18, 0xff, 0x19, 0x96, 0x42, 0x62, 0x16,
+    0x15, 0x12, 0x45, 0x16, 0x2d, 0x2f, 0xbf, 0x84, 0xfc, 0x55, 0xce, 0x6b, 0x54, 0x27, 0xeb, 0xe2,
+    0x85, 0xb2, 0xbd, 0xdb, 0xfe, 0x2b, 0xf2, 0xd7, 0xf3, 0xda, 0x8f, 0x1d, 0x51, 0xf9, 0xa3, 0xfa,
+    0xd6, 0xfc, 0x30, 0xc4, 0x45, 0x59, 0xb5, 0x34, 0xa1, 0xd0, 0x5e, 0x67, 0xde, 0x29, 0x6b, 0x15,
+    0xe1, 0x40, 0x0f, 0xac, 0xa0, 0xd6, 0x93, 0x9f, 0x06, 0x39, 0x2a, 0xe2, 0x02, 0xcd, 0x91, 0xb1,
+    0xd4, 0x3f, 0x0c, 0x31, 0x80, 0x87, 0xbc, 0x0d, 0xb9, 0x34, 0xf6, 0x69, 0xd6, 0x9b, 0x6a, 0x94,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0xd1, 0xfa, 0x6a, 0x83, 0x4a, 0x97, 0x4b, 0x82, 0x85, 0x4d, 0x31, 0x72, 0xc2, 0x65, 0x89, 0xf4,
+    0x7e, 0x6c, 0x5d, 0x74, 0xee, 0xe2, 0x04, 0x9e, 0x4d, 0x3d, 0xe1, 0xb9, 0x3b, 0xd2, 0x3f, 0x09,
+    0xb8, 0x47, 0x4e, 0x14, 0x4c, 0x84, 0xf9, 0xa1, 0x2c, 0xc1, 0xb6, 0xae, 0xa5, 0x22, 0x5c, 0x9e,
+  },
+  { /* 9 */
+    0xa5, 0x55, 0xa4, 0x90, 0xc6, 0x8d, 0x2f, 0xd5, 0x71, 0x80, 0x04, 0x89, 0xcb, 0x72, 0x1b, 0x5d,
+    0x2d, 0x90, 0x75, 0x4e, 0x36, 0xf9, 0x9f, 0x17, 0x62, 0x87, 0xa3, 0x5a, 0x48, 0x8a, 0xa4, 0x15,
+    0x32, 0x9f, 0x4c, 0x80, 0x9d, 0x5f, 0xd4, 0xf3, 0xbf, 0x6c, 0x3b, 0x64, 0xae, 0x3d, 0x18, 0xe9,
+    0x8f, 0x0b, 0x94, 0x6d, 0x4b, 0xb1, 0x7f, 0x15, 0x81, 0x1e, 0x6c, 0xdd, 0xe4, 0xac, 0x86, 0xd3,
+    0x0e, 0x5f, 0x8a, 0xa5, 0xb5, 0x49, 0x5d, 0x6d, 0xe7, 0x32, 0x55, 0x1c, 0xce, 0xa8, 0x72, 0xf5,
+    0x30, 0x41, 0xf8, 0xfa, 0x20, 0xc6, 0xcb, 0x66, 0x9e, 0x27, 0xa6, 0x60, 0xc1, 0x05, 0xc9, 0xce,
+    0x38, 0xbf, 0x6d, 0xd1, 0x91, 0xe7, 0xb7, 0x77, 0x1a, 0xc8, 0x97, 0x70, 0xbe, 0xe5, 0x0b, 0x52,
+    0xc0, 0xc7, 0x66, 0x6e, 0x80, 0x9e, 0xaa, 0x5b, 0x3d, 0x9c, 0xdd, 0x43, 0x82, 0x14, 0xa2, 0xbe,
+    0x54, 0xbc, 0x60, 0x39, 0xd9, 0x78, 0xa0, 0x43, 0x23, 0xff, 0xd0, 0xa8, 0x5e, 0x7f, 0xf9, 0xdf,
+    0xe6, 0x18, 0x68, 0x4c, 0x05, 0x72, 0xb8, 0x63, 0x0b, 0x7b, 0x7d, 0x0f, 0x0c, 0x5a, 0x9c, 0xe2,
+    0x9e, 0x5b, 0x27, 0x06, 0x55, 0x5e, 0x69, 0x9c, 0xbb, 0xc7, 0xa1, 0xff, 0xcc, 0xb3, 0x48, 0xda,
+    0x39, 0xd0, 0x37, 0xec, 0x2e, 0x4a, 0x59, 0xdc, 0xeb, 0x0c, 0x38, 0x72, 0x68, 0xf9, 0x82, 0xa0,
+    0x55, 0xd3, 0x3a, 0x04, 0x66, 0xd5, 0x4e, 0xe8, 0xd2, 0x3b, 0x7f, 0xaa, 0x88, 0x63, 0x70, 0x2d,
+    0x7e, 0xe2, 0x50, 0xc4, 0x54, 0x44, 0xf0, 0x83, 0xd3, 0x61, 0xb8, 0xfc, 0x71, 0xa1, 0x64, 0x51,
+    0x52, 0x1d, 0x7f, 0xb7, 0xdd, 0x10, 0x81, 0x3f, 0x40, 0x22, 0xb4, 0xa4, 0xef, 0x37, 0x49, 0xb6,
+    0x91, 0x6b, 0xf7, 0x9e, 0x5f, 0xba, 0xda, 0x5a, 0xad, 0x31, 0x5b, 0xe1, 0xd4, 0x07, 0xb3, 0xdd,
+    0x64, 0xfd, 0x98, 0xc3, 0xf9, 0xbe, 0x6b, 0x25, 0xbd, 0xd8, 0x76, 0xc8, 0x9f, 0x7a, 0x30, 0x11,
+    0x03, 0xb1, 0xee, 0x47, 0x02, 0x34, 0xf1, 0x3e, 0xd0, 0x8f, 0x32, 0x06, 0xb9, 0x24, 0x58, 0xd5,
+    0x57, 0x0d, 0x8e, 0x7e, 0xdb, 0x4c, 0x51, 0x7d, 0xf3, 0x70, 0xe2, 0xae, 0xe7, 0x5b, 0xa1, 0x0a,
+    0x5a, 0xe3, 0xea, 0x9c, 0x6c, 0x31, 0xfd, 0x2e, 0xc4, 0xcd, 0x85, 0xb4, 0x90, 0xd7, 0x8b, 0x2a,
+    0x1c, 0xbe, 0xd7, 0x89, 0xa9, 0x92, 0xba, 0xda, 0x0d, 0x64, 0xaa, 0x38, 0x5f, 0x93, 0xe4, 0x29,
+    0x60, 0x82, 0x33, 0x37, 0x40, 0x4f, 0x55, 0xcc, 0xff, 0x4e, 0x8f, 0xc0, 0x41, 0x0a, 0x51, 0x5f,
+    0x07, 0xce, 0x45, 0xb3, 0xbb, 0xc5, 0xcf, 0xd7, 0x92, 0x19, 0xcb, 0x0e, 0x67, 0x54, 0x39, 0x9b,
+    0x18, 0xc1, 0x7c, 0x7d, 0x10, 0x63, 0x84, 0x33, 0x4f, 0xf2, 0x53, 0x30, 0x81, 0xe3, 0x85, 0x67,
+    0x21, 0x11, 0x4b, 0x91, 0x3e, 0x29, 0xdd, 0xef, 0xa4, 0xfe, 0x6b, 0x42, 0xe9, 0x1a, 0x07, 0xc7,
+    0x72, 0x63, 0x6e, 0x1b, 0x5c, 0x94, 0xb2, 0x7b, 0x15, 0x18, 0x70, 0xe4, 0xd0, 0x31, 0xc7, 0x83,
+    0xa8, 0xbb, 0xc0, 0x72, 0x71, 0xf0, 0x83, 0x86, 0x46, 0x3d, 0x63, 0x93, 0xbc, 0xfe, 0x31, 0x7d,
+    0xd1, 0x97, 0xd5, 0x05, 0x9e, 0x71, 0xbc, 0xd2, 0x07, 0x45, 0x10, 0x61, 0xaa, 0x0b, 0x6c, 0xb7,
+    0x29, 0xef, 0xde, 0xba, 0x8f, 0x08, 0xa1, 0xfe, 0x20, 0x11, 0x5a, 0x52, 0x96, 0xfa, 0xc5, 0x5b,
+    0xc6, 0x66, 0x79, 0xe0, 0x84, 0xf6, 0x8b, 0x27, 0x5e, 0x41, 0xb9, 0x4f, 0x33, 0x5c, 0x12, 0xd7,
+    0xa4, 0x3a, 0xfe, 0xad, 0x79, 0x20, 0xc1, 0x7e, 0x80, 0x44, 0xab, 0x8b, 0x1d, 0x6e, 0x92, 0xaf,
+    0x3f, 0x71, 0x28, 0x62, 0x2a, 0x22, 0x78, 0xa0, 0x88, 0xd1, 0x5c, 0x7e, 0xd9, 0xb1, 0x32, 0xc9,
+    0xe0, 0xb9, 0x77, 0xc2, 0x01, 0x1a, 0x99, 0x1f, 0x68, 0xa6, 0x19, 0x03, 0xbd, 0x12, 0x2c, 0x8b,
+    0x27, 0xb0, 0x54, 0x1f, 0x3a, 0x41, 0xfc, 0x93, 0xc7, 0x23, 0x0f, 0x4e, 0x58, 0x52, 0xb7, 0xae,
+    0x8d, 0xd5, 0x20, 0x17, 0xf6, 0x28, 0x60, 0x80, 0xa0, 0x55, 0xf1, 0xd9, 0x8b, 0x94, 0x57, 0xf4,
+    0x0c, 0x81, 0x3e, 0xdf, 0x08, 0xd0, 0x42, 0xf8, 0xc6, 0x79, 0xc8, 0x18, 0xa1, 0x90, 0xa3, 0xd2,
+    0x82, 0xe5, 0xf0, 0x8f, 0xfc, 0xcc, 0xd3, 0x46, 0xb6, 0xa3, 0x0b, 0xc7, 0x93, 0x20, 0xac, 0xf3,
+    0xea, 0x99, 0x56, 0x93, 0x0d, 0xa2, 0xfa, 0x9b, 0xcd, 0x02, 0xb5, 0x17, 0xad, 0xca, 0x3f, 0x30,
+    0xae, 0x1a, 0xdf, 0xfc, 0x75, 0x98, 0xa2, 0xfa, 0x25, 0xe0, 0x07, 0x9f, 0x0d, 0xb6, 0x81, 0x14,
+    0xb4, 0x05, 0x17, 0xfb, 0xd8, 0x62, 0x39, 0x5c, 0x4b, 0x59, 0xc9, 0xab, 0xe3, 0x6d, 0xd5, 0x54,
+    0x9a, 0x24, 0x8c, 0xf2, 0xec, 0xaf, 0x57, 0x75, 0xf9, 0x51, 0x58, 0xf7, 0x12, 0xc3, 0x29, 0x94,
+    0x63, 0x33, 0xdd, 0x70, 0x42, 0x7b, 0xa4, 0xf2, 0x2f, 0xc1, 0xbd, 0xc6, 0xf8, 0x2e, 0x09, 0x8a,
+    0x49, 0x6d, 0xed, 0x8d, 0xcf, 0x47, 0xf4, 0x32, 0xdf, 0x5f, 0xd5, 0x92, 0xd7, 0xf0, 0x94, 0x04,
+    0xe5, 0xa9, 0x86, 0x0b, 0x07, 0x46, 0x49, 0x5d, 0xdb, 0xf4, 0x4f, 0x09, 0xb5, 0x7e, 0xc4, 0x37,
+    0x42, 0x22, 0x96, 0xe1, 0x7c, 0x52, 0x79, 0x1d, 0x8b, 0x3f, 0xd6, 0x84, 0x11, 0x34, 0x0e, 0x4d,
+    0xe4, 0xc6, 0xdc, 0x36, 0xb8, 0xeb, 0xa7, 0xf6, 0x2a, 0x30, 0xe0, 0x0b, 0x63, 0x62, 0x4d, 0xc5,
+    0x15, 0x2f, 0x18, 0x9f, 0xa7, 0x1e, 0x28, 0x60, 0x78, 0x4f, 0x34, 0x2a, 0xf6, 0x6f, 0xaf, 0x47,
+    0xb7, 0xb4, 0xf9, 0xbc, 0xda, 0x56, 0xc8, 0x62, 0x9b, 0xd6, 0xfb, 0xad, 0x5a, 0x49, 0x8d, 0x81,
+    0xc8, 0x39, 0xf3, 0x45, 0x31, 0xbf, 0xd6, 0x4a, 0xb9, 0x73, 0xec, 0x53, 0xfd, 0xf4, 0x60, 0x22,
+    0x06, 0xa1, 0x1f, 0x8e, 0x04, 0x68, 0x21, 0x7c, 0x63, 0xdd, 0x64, 0x0c, 0xb1, 0x48, 0xb0, 0x69,
+    0x70, 0xbd, 0xda, 0x61, 0xe1, 0x0d, 0xad, 0xee, 0x34, 0x53, 0xed, 0xe0, 0xbf, 0x09, 0x16, 0xa4,
+    0x9d, 0xea, 0xc9, 0x41, 0x57, 0x6a, 0x98, 0xa2, 0x6b, 0x48, 0x93, 0xf9, 0x75, 0x97, 0x10, 0x0f,
+    0x41, 0x93, 0x78, 0xa6, 0x7e, 0x66, 0x88, 0x23, 0x5b, 0xb0, 0xe4, 0x82, 0xa8, 0x10, 0x56, 0x98,
+    0x75, 0xad, 0x2b, 0xa8, 0xe7, 0x51, 0x7d, 0xac, 0x87, 0x01, 0xbb, 0xea, 0xb7, 0x65, 0xfe, 0x18,
+    0x19, 0xae, 0x26, 0x40, 0xaf, 0xce, 0x6a, 0x98, 0xbe, 0x36, 0xfc, 0x32, 0x57, 0xff, 0x0c, 0x95,
+    0xc9, 0x56, 0xa9, 0x78, 0x8e, 0x12, 0x38, 0xe1, 0x48, 0xb7, 0x43, 0x51, 0x2b, 0xe8, 0xe9, 0xd0,
+    0xaa, 0x65, 0x74, 0x08, 0xcc, 0x69, 0x9c, 0x13, 0x67, 0x76, 0xfe, 0x97, 0xd3, 0xc6, 0xe0, 0x5a,
+    0xfc, 0x07, 0xa0, 0x4b, 0xa8, 0x88, 0x23, 0xc5, 0x65, 0xc2, 0xb3, 0x3b, 0xe2, 0x81, 0xc8, 0xa2,
+    0x4d, 0x12, 0x46, 0x79, 0x76, 0xb6, 0xca, 0xdb, 0x9d, 0xc9, 0x2c, 0x9a, 0x09, 0x80, 0xf5, 0x4a,
+    0xbf, 0x4a, 0x6c, 0x97, 0x6b, 0x77, 0xb4, 0x73, 0x1f, 0x39, 0xca, 0xbd, 0x25, 0xa9, 0x4f, 0x1d,
+    0x2a, 0x5e, 0x30, 0xfd, 0x8d, 0x3c, 0x50, 0xc0, 0xf0, 0x9e, 0x68, 0x54, 0x2f, 0xde, 0x9d, 0x8e,
+    0x73, 0x0c, 0x34, 0x26, 0xe3, 0x39, 0x5c, 0xd0, 0xe4, 0xdc, 0xdf, 0xe6, 0x06, 0x2d, 0x4e, 0x71,
+    0x84, 0x44, 0xef, 0x01, 0xf8, 0xa4, 0xf2, 0x3a, 0xd5, 0x7e, 0x6f, 0xcb, 0x22, 0x68, 0x1c, 0x9a,
+    0xd5, 0xe8, 0x7e, 0xf1, 0x27, 0x80, 0x82, 0x3b, 0x45, 0xd3, 0xe9, 0x69, 0x74, 0x7b, 0x0d, 0xf9,
+    0xc3, 0x76, 0x88, 0x29, 0x82, 0xaa, 0x5b, 0x65, 0xed, 0x13, 0xef, 0x45, 0x3b, 0x30, 0xfa, 0x6b,
+    0xaf, 0x75, 0x85, 0xc1, 0xca, 0x35, 0x4c, 0x51, 0xd4, 0x24, 0xa8, 0x9d, 0xdb, 0xaa, 0x08, 0xe6,
+    0x2b, 0x31, 0x6a, 0xc0, 0x32, 0x91, 0xbe, 0x6b, 0x01, 0x5a, 0xc7, 0x56, 0xf9, 0xc2, 0x14, 0x7c,
+    0x86, 0x9a, 0x5b, 0x7b, 0x45, 0x3d, 0xed, 0xaf, 0xf4, 0x35, 0xf2, 0xcf, 0x4d, 0x50, 0xcd, 0xbd,
+    0xa7, 0x8b, 0x10, 0xea, 0x7b, 0x14, 0x30, 0x40, 0x50, 0xcb, 0x99, 0x8d, 0xa4, 0x4a, 0xca, 0x7a,
+    0xb1, 0x15, 0xe6, 0x32, 0xde, 0x3e, 0xe9, 0x1e, 0xf8, 0x0b, 0x9f, 0xa1, 0xeb, 0x01, 0x3d, 0xe8,
+    0xb2, 0xa4, 0x08, 0x75, 0xdc, 0x0a, 0x18, 0x20, 0x28, 0x84, 0xad, 0xa7, 0x52, 0x25, 0x65, 0x3d,
+    0x5b, 0x8c, 0xb0, 0xa1, 0xd3, 0x9c, 0x13, 0x85, 0x35, 0x09, 0x2a, 0xb6, 0x46, 0xcb, 0x02, 0xd8,
+    0x46, 0x5d, 0x3d, 0x15, 0xc5, 0xa3, 0x47, 0xf4, 0xc9, 0xa9, 0x2f, 0x8c, 0xcf, 0x44, 0x6f, 0x03,
+    0xd3, 0x49, 0x61, 0x7f, 0x23, 0xe8, 0xa3, 0x47, 0x26, 0x0e, 0x8d, 0x65, 0xc5, 0x33, 0xbd, 0x90,
+    0x9f, 0x34, 0x7d, 0x3b, 0xea, 0xf3, 0x87, 0x37, 0x4a, 0x03, 0x0e, 0xfd, 0x1a, 0xaf, 0xc1, 0x28,
+    0xfd, 0x68, 0xfa, 0x76, 0x17, 0x25, 0xcd, 0x6e, 0x94, 0x06, 0x1c, 0x39, 0x34, 0x9d, 0x41, 0x50,
+    0xd4, 0x87, 0x24, 0xcc, 0x98, 0x2d, 0x6c, 0x90, 0xb4, 0x17, 0x46, 0x6b, 0xa2, 0x67, 0x84, 0x0b,
+    0x0f, 0x30, 0xd0, 0x98, 0x0a, 0xe4, 0xb3, 0xc6, 0x16, 0xf6, 0xfa, 0x1e, 0x18, 0xb4, 0xfb, 0x07,
+    0x9c, 0x85, 0x93, 0x7c, 0xe8, 0xc7, 0x76, 0x09, 0x9a, 0x8c, 0x3c, 0xfb, 0xa3, 0x8b, 0x99, 0xfd,
+    0x2f, 0x4e, 0xc1, 0x34, 0x8b, 0x60, 0x80, 0x82, 0x43, 0xcc, 0x3e, 0x5e, 0x27, 0xb2, 0x75, 0x32,
+    0x9b, 0x4b, 0xd6, 0xcf, 0x53, 0x02, 0xb9, 0xde, 0x08, 0x95, 0xf7, 0xf5, 0xc4, 0xdf, 0xa0, 0x66,
+    0x43, 0x4d, 0xcc, 0xdc, 0xc3, 0xff, 0x97, 0xb6, 0x7a, 0xfb, 0x79, 0x86, 0xc7, 0x28, 0x87, 0xbf,
+    0xef, 0x89, 0xa7, 0x5a, 0x0b, 0xfe, 0x2a, 0xd9, 0x7e, 0x50, 0xe3, 0x1d, 0xa5, 0xa6, 0xd7, 0x8c,
+    0xd9, 0x69, 0x40, 0x2e, 0x2f, 0x50, 0xc0, 0xc3, 0x83, 0xaa, 0x21, 0x71, 0xd5, 0xeb, 0xae, 0x2b,
+    0x79, 0x2c, 0x15, 0x77, 0xef, 0x81, 0x3f, 0x54, 0x41, 0x78, 0x73, 0xf2, 0x16, 0xf5, 0x5d, 0xca,
+    0xb6, 0xdb, 0xa3, 0x81, 0x65, 0xfb, 0x26, 0xc9, 0x6a, 0x12, 0x54, 0xaf, 0x8c, 0x55, 0x04, 0x73,
+    0x53, 0x72, 0x25, 0x8a, 0x62, 0xbd, 0x6f, 0x94, 0xb1, 0xe6, 0x1b, 0xa6, 0x39, 0x2b, 0xc0, 0x44,
+    0x7f, 0x8d, 0x0a, 0xf9, 0xeb, 0xe9, 0x1e, 0x28, 0x22, 0xa5, 0x17, 0xfe, 0xa7, 0xbd, 0xed, 0xa3,
+    0xc1, 0xa8, 0x3c, 0x53, 0x3f, 0x33, 0x44, 0xf0, 0xcc, 0x58, 0x72, 0x41, 0x54, 0x08, 0x2b, 0x4c,
+    0xf0, 0x86, 0x9e, 0x94, 0xa0, 0x58, 0x61, 0x3d, 0xa3, 0xbb, 0x7b, 0x23, 0x43, 0x11, 0x6b, 0x70,
+    0x23, 0xcf, 0xff, 0xeb, 0x83, 0xb0, 0xc2, 0x7a, 0x85, 0xb5, 0xf6, 0x46, 0x86, 0x22, 0xd6, 0xe0,
+    0xe7, 0x77, 0x32, 0x71, 0xba, 0xdf, 0x56, 0xc8, 0xfa, 0xbf, 0xd2, 0x0d, 0xda, 0x46, 0x15, 0x10,
+    0x25, 0x6e, 0xe0, 0x65, 0x87, 0xd8, 0xe3, 0x06, 0xe6, 0x68, 0x92, 0x4a, 0x37, 0x6a, 0x66, 0x89,
+    0x5e, 0x9c, 0x41, 0x68, 0xd5, 0xc0, 0xc3, 0xc7, 0x86, 0x5b, 0x7c, 0xbc, 0x4e, 0xa7, 0xea, 0x64,
+    0xb5, 0x6a, 0x4d, 0xc6, 0x67, 0xcf, 0xd7, 0xf7, 0xba, 0x9d, 0x66, 0xa9, 0x35, 0x71, 0x5c, 0xa6,
+    0x1e, 0x60, 0x63, 0xf3, 0x14, 0x0b, 0xa5, 0x4f, 0x2c, 0x2f, 0x37, 0x3c, 0x30, 0xab, 0x35, 0x0e,
+    0xa2, 0x9b, 0xe1, 0x23, 0x7d, 0x48, 0xe0, 0x02, 0xe3, 0x99, 0xcf, 0x87, 0xac, 0x26, 0x22, 0xc6,
+    0xdf, 0xc8, 0x5f, 0xa0, 0x2b, 0x38, 0xe1, 0xbf, 0xe0, 0x77, 0x45, 0x7d, 0x64, 0xa3, 0x1e, 0x42,
+    0xa6, 0xe4, 0x4a, 0xd7, 0xc4, 0xb9, 0xde, 0xeb, 0xa1, 0x0f, 0x36, 0x8f, 0x72, 0x56, 0x43, 0x88,
+    0xfe, 0xd9, 0x14, 0x31, 0x15, 0x11, 0x3c, 0x50, 0x44, 0x89, 0x2e, 0x3f, 0x8d, 0xb9, 0x19, 0x85,
+    0xac, 0xc4, 0x6b, 0x86, 0xc8, 0x01, 0xbd, 0x6f, 0x04, 0xab, 0x9a, 0x9b, 0x62, 0x8e, 0x50, 0x33,
+    0x22, 0xa0, 0xa5, 0xd6, 0x3c, 0x1d, 0x2c, 0xd1, 0x74, 0x71, 0x59, 0x44, 0x50, 0x3e, 0x5f, 0x12,
+    0xf9, 0x17, 0x51, 0x82, 0xae, 0xd4, 0xf3, 0x87, 0xd6, 0x90, 0xe5, 0x31, 0xea, 0xed, 0x20, 0x1e,
+    0xe2, 0x67, 0xc3, 0xb8, 0xbc, 0x83, 0x86, 0x8a, 0x49, 0xed, 0x84, 0x07, 0xd2, 0x2a, 0xfd, 0xac,
+    0x4a, 0xdc, 0x03, 0xca, 0xcd, 0x73, 0x05, 0x0c, 0x0f, 0xd0, 0xe7, 0x94, 0x6e, 0xd4, 0xcc, 0xd1,
+    0xbc, 0xfb, 0x82, 0xd0, 0x69, 0x43, 0x45, 0x4d, 0xcf, 0xb6, 0xf8, 0xbb, 0x9c, 0x8d, 0x17, 0xc8,
+    0x35, 0x51, 0x09, 0x33, 0x26, 0x9a, 0x1b, 0x24, 0x2d, 0x75, 0xf0, 0x6a, 0xc9, 0x69, 0x21, 0x72,
+    0xca, 0xe7, 0x47, 0x3f, 0x8c, 0x26, 0xc9, 0xdf, 0x98, 0x38, 0x71, 0x57, 0x92, 0xcc, 0xb1, 0x05,
+    0xee, 0xe6, 0xfd, 0x67, 0xb4, 0x53, 0xc4, 0x72, 0x8f, 0x94, 0x4c, 0x1f, 0x73, 0xba, 0x5e, 0x7e,
+    0x78, 0x43, 0x4f, 0x4a, 0x50, 0x2c, 0xd1, 0xff, 0xb0, 0xbc, 0xdc, 0xf0, 0xc0, 0xe9, 0xd4, 0x38,
+    0x05, 0x10, 0xf1, 0xc9, 0x06, 0x5c, 0xd0, 0x42, 0xb3, 0x52, 0x56, 0x0a, 0x08, 0x6c, 0xe8, 0xbc,
+    0x6b, 0xcd, 0x48, 0x5b, 0xf3, 0x5a, 0xd8, 0xe3, 0xab, 0x2e, 0x8c, 0xd6, 0x87, 0xce, 0xcb, 0x16,
+    0x51, 0xac, 0x91, 0xf0, 0xdf, 0x24, 0x70, 0x01, 0x90, 0xad, 0x86, 0xa2, 0x56, 0x13, 0x11, 0x63,
+    0xe1, 0xd6, 0x2d, 0xff, 0xbe, 0xb7, 0x77, 0xb4, 0x99, 0x62, 0xb6, 0x01, 0x6b, 0x0e, 0xa5, 0x79,
+    0x59, 0x52, 0x04, 0xdb, 0x6e, 0x05, 0x0c, 0x10, 0x14, 0x42, 0xb7, 0xb2, 0x29, 0xf3, 0xd3, 0xff,
+    0xa3, 0xf4, 0xbb, 0x1e, 0xc2, 0xe5, 0x0e, 0xa9, 0x12, 0x5d, 0x60, 0x85, 0x7a, 0x3a, 0xab, 0x34,
+    0xf2, 0x58, 0x2a, 0xee, 0x1d, 0xc1, 0x7e, 0xa8, 0x82, 0xf0, 0xe6, 0x27, 0x2c, 0x29, 0xba, 0x57,
+    0x71, 0xd2, 0x80, 0x5c, 0x5e, 0xa0, 0x43, 0x45, 0xc5, 0x97, 0x42, 0xe2, 0x69, 0x15, 0x9f, 0x56,
+    0x56, 0x62, 0xd4, 0x43, 0x64, 0xe1, 0xbf, 0xd6, 0x02, 0xb4, 0x4d, 0xac, 0x31, 0x47, 0x28, 0xf8,
+    0x11, 0x50, 0xb3, 0x6b, 0x1e, 0xef, 0x16, 0x89, 0x3a, 0xd9, 0xcd, 0x22, 0x28, 0x1f, 0xce, 0x09,
+    0x6a, 0xa2, 0x12, 0x66, 0x4c, 0xf7, 0x36, 0x48, 0x5a, 0xea, 0x23, 0xd4, 0x51, 0xd2, 0x42, 0xe4,
+    0x89, 0xaa, 0x8b, 0xe3, 0x4f, 0xd9, 0x5e, 0x69, 0xe2, 0xc3, 0x08, 0xd1, 0x55, 0xe4, 0x36, 0xba,
+    0x94, 0x7b, 0x06, 0x57, 0x59, 0xe6, 0x0a, 0x18, 0x1e, 0x63, 0x0d, 0xeb, 0xdc, 0x6b, 0x5b, 0x61,
+    0x65, 0x92, 0xc2, 0xfe, 0x46, 0x13, 0x85, 0x8e, 0x4c, 0x1c, 0xd9, 0xca, 0x49, 0x66, 0xb9, 0xe3,
+    0x8c, 0xba, 0x7a, 0x2a, 0x49, 0x85, 0x8e, 0x2b, 0x51, 0x91, 0x5e, 0xdb, 0x5d, 0x88, 0xde, 0x06,
+    0xbb, 0x35, 0xc7, 0x63, 0xd2, 0x86, 0x8a, 0x9a, 0x5d, 0xaf, 0x33, 0xb5, 0xfb, 0xd9, 0x2e, 0x53,
+    0x77, 0x73, 0x9f, 0xd2, 0x5a, 0xc8, 0x62, 0x39, 0xa6, 0x4a, 0x26, 0xee, 0xd8, 0x5d, 0x2f, 0x3f,
+    0x3c, 0xc0, 0xc6, 0x25, 0x28, 0x16, 0x89, 0x9e, 0x58, 0x5e, 0x6e, 0x78, 0x60, 0x95, 0x6a, 0x1c,
+    0x7b, 0xf2, 0xa1, 0x0d, 0x52, 0x18, 0x20, 0xc1, 0x60, 0x33, 0xee, 0xf6, 0x79, 0xcd, 0x8c, 0xed,
+    0x28, 0x80, 0x84, 0x87, 0x30, 0xa5, 0x4f, 0x55, 0xd1, 0xd5, 0xf5, 0x50, 0x40, 0xe6, 0x4c, 0xa9,
+    0xab, 0x0a, 0x2e, 0x35, 0x73, 0xc4, 0x72, 0xb8, 0x96, 0xb2, 0x51, 0x95, 0x05, 0xda, 0x69, 0xa8,
+    0xd2, 0x26, 0x3b, 0x42, 0x9c, 0x45, 0x4d, 0xec, 0xd7, 0xca, 0x22, 0x67, 0x13, 0x2f, 0x34, 0x62,
+    0x31, 0x2e, 0xa2, 0xc7, 0x9f, 0x6b, 0x25, 0xcd, 0x6f, 0xe3, 0x09, 0x62, 0x17, 0x19, 0x40, 0x3c,
+    0xde, 0xa7, 0x05, 0x9d, 0x94, 0x95, 0x0f, 0x14, 0x11, 0xb3, 0xea, 0x7f, 0xb2, 0xbf, 0x97, 0xb0,
+    0xc4, 0xb8, 0xcd, 0x9a, 0x39, 0x6f, 0x94, 0xb2, 0x7f, 0x0a, 0x24, 0x4b, 0x5c, 0x64, 0xc3, 0xf0,
+    0x5f, 0xf3, 0x1b, 0x55, 0x6a, 0x6d, 0x2d, 0x6c, 0x77, 0x9f, 0xd3, 0xbe, 0x98, 0xbb, 0x63, 0x96,
+    0xcc, 0x46, 0x58, 0xb1, 0x88, 0x4e, 0xe8, 0xa3, 0xfb, 0xe5, 0x15, 0x5b, 0x23, 0x84, 0x01, 0x6c,
+    0xcf, 0xf7, 0xb6, 0xf6, 0x8a, 0x7a, 0x19, 0x9d, 0x2b, 0x6a, 0x27, 0x5d, 0x9a, 0xa0, 0x59, 0xb9,
+    0x76, 0x1c, 0xc5, 0xef, 0xe5, 0x65, 0x8c, 0x92, 0x57, 0x8e, 0x89, 0xec, 0x0e, 0x41, 0xa6, 0xcd,
+    0x2c, 0xff, 0x2f, 0x73, 0x89, 0x54, 0x71, 0xbc, 0x93, 0x43, 0x0c, 0x58, 0x9e, 0x96, 0x2d, 0xe7,
+    0xb8, 0x84, 0x29, 0x24, 0xd0, 0xb2, 0x7b, 0xa4, 0x8d, 0x20, 0x01, 0xb3, 0x42, 0xfd, 0x76, 0x86,
+    0xd8, 0x06, 0x1a, 0x13, 0x90, 0xfd, 0x2e, 0x68, 0x72, 0x6e, 0x8e, 0x73, 0x03, 0xf7, 0x27, 0xd9,
+    0x2e, 0x21, 0x9b, 0x09, 0x34, 0xcd, 0x6e, 0x29, 0xb2, 0x08, 0x91, 0x5c, 0xf1, 0xae, 0xfc, 0xc0,
+    0x36, 0xe0, 0xe7, 0x74, 0x24, 0xae, 0xea, 0x1a, 0xfd, 0xfa, 0xc2, 0x6c, 0x70, 0x4d, 0x79, 0xa7,
+    0xdb, 0xb7, 0xf4, 0x54, 0x92, 0xc9, 0xdf, 0x56, 0xa2, 0xe1, 0xbc, 0x75, 0xba, 0xd3, 0x7f, 0x0c,
+    0x69, 0x13, 0xfc, 0x21, 0x4e, 0xc3, 0xc7, 0x76, 0x8a, 0x65, 0x11, 0xd2, 0xe8, 0xf6, 0x1a, 0x31,
+    0xb3, 0xcb, 0x52, 0x48, 0x63, 0xa7, 0xf6, 0x8b, 0xd9, 0x40, 0x02, 0xa5, 0x84, 0x39, 0xec, 0xcf,
+    0x14, 0x40, 0x42, 0xa2, 0x18, 0xb3, 0xc6, 0xcb, 0x89, 0x8b, 0x9b, 0x28, 0x20, 0x73, 0x26, 0xb5,
+    0x95, 0x14, 0x5c, 0x6a, 0xe6, 0x4b, 0xe4, 0xb3, 0xef, 0xa7, 0xa2, 0xe9, 0x0a, 0x77, 0xd2, 0x93,
+    0xbe, 0x25, 0x36, 0xaa, 0xd4, 0xda, 0x5a, 0xd8, 0xee, 0xfd, 0x65, 0xbf, 0xf3, 0xb5, 0xc6, 0xef,
+    0x62, 0x5c, 0x87, 0x4d, 0xfd, 0xd6, 0x4a, 0x59, 0xde, 0x05, 0x12, 0xc4, 0x2e, 0x32, 0x80, 0x78,
+    0xa1, 0x2a, 0x0f, 0x64, 0x7f, 0x7c, 0x11, 0x3c, 0x33, 0x16, 0xfd, 0x81, 0x15, 0x02, 0x7a, 0x13,
+    0x3b, 0x0e, 0x83, 0x96, 0x93, 0xd3, 0x46, 0x49, 0xca, 0x47, 0xa5, 0x76, 0x07, 0xc1, 0x53, 0x87,
+    0x16, 0x9e, 0xf6, 0xd8, 0xa5, 0x2a, 0xd9, 0x5e, 0xa8, 0xc0, 0x06, 0x2c, 0x4f, 0x4b, 0xf7, 0x92,
+    0x66, 0x23, 0x2c, 0xb9, 0x44, 0x27, 0x74, 0xb0, 0x9c, 0x93, 0xeb, 0xcc, 0xf0, 0x42, 0xe1, 0x36,
+    0xe9, 0x28, 0xb8, 0xd4, 0x0f, 0x96, 0x0b, 0xa5, 0x1d, 0x8d, 0x87, 0x11, 0x14, 0xee, 0x67, 0xe5,
+    0x5c, 0x42, 0xf5, 0x12, 0x68, 0x59, 0xdc, 0x52, 0xa7, 0x10, 0xe1, 0xb8, 0x21, 0x9f, 0x3b, 0x43,
+    0x6c, 0x03, 0x0d, 0xe8, 0x48, 0x9f, 0x17, 0x34, 0x39, 0x37, 0x47, 0xd8, 0xe0, 0x9a, 0xf2, 0x8d,
+    0x6d, 0x6c, 0x57, 0xd5, 0xf7, 0x32, 0xf9, 0x9f, 0xc8, 0xf3, 0xe8, 0xda, 0x36, 0x86, 0x7b, 0x7f,
+    0xad, 0xab, 0x31, 0xbb, 0x77, 0xac, 0x53, 0xc4, 0xf5, 0x6f, 0x35, 0x99, 0xb4, 0x92, 0xd9, 0xc1,
+    0x37, 0x8f, 0xbd, 0x49, 0x9b, 0x03, 0x04, 0xb1, 0x0c, 0x3e, 0x6d, 0x6e, 0xa6, 0x51, 0xf0, 0x55,
+    0x61, 0xed, 0x69, 0x0a, 0xff, 0xe2, 0xbb, 0x67, 0x0e, 0x8a, 0x20, 0xc2, 0x97, 0x16, 0xd8, 0xad,
+    0x4b, 0xb3, 0x59, 0xf7, 0x72, 0xde, 0xeb, 0xa7, 0xfe, 0x14, 0x48, 0x96, 0xb8, 0xc8, 0x45, 0x23,
+    0xb9, 0xeb, 0x73, 0x19, 0x6f, 0x1f, 0x95, 0x0f, 0x7c, 0xe4, 0xae, 0xb1, 0x94, 0xe1, 0xff, 0x74,
+    0xe3, 0x08, 0x99, 0x85, 0x03, 0x2e, 0x68, 0x21, 0xb8, 0x29, 0x2b, 0x05, 0x04, 0x36, 0x74, 0x5e,
+    0xba, 0x5a, 0x9d, 0x5e, 0x6d, 0x2b, 0x64, 0x31, 0xac, 0x6b, 0x9c, 0xb7, 0x2d, 0xc5, 0xa7, 0xa1,
+    0xf1, 0xe9, 0xc4, 0xa9, 0x1f, 0xf5, 0x8f, 0x96, 0x52, 0x7f, 0xd4, 0x21, 0x95, 0x0d, 0xe2, 0x82,
+    0xa0, 0x45, 0x55, 0x59, 0xc0, 0xd1, 0xff, 0x97, 0xc2, 0xd2, 0x52, 0x83, 0xc3, 0x1e, 0xf3, 0xe1,
+    0x85, 0x2b, 0xb5, 0x3c, 0x47, 0x09, 0x1c, 0x91, 0x24, 0xba, 0xc0, 0xc9, 0xf4, 0x74, 0x95, 0x68,
+    0x83, 0x8a, 0xaa, 0xb2, 0x43, 0x61, 0x3d, 0xed, 0x47, 0x67, 0xa4, 0xc5, 0x45, 0x3c, 0x25, 0x01,
+    0xda, 0xd8, 0xae, 0x69, 0x2d, 0x64, 0x31, 0xfd, 0x53, 0x25, 0x13, 0x77, 0x6c, 0xcf, 0xf6, 0xfe,
+    0x47, 0x32, 0x67, 0x28, 0x7a, 0x0e, 0xa9, 0x5f, 0x38, 0x6d, 0x80, 0x8e, 0x19, 0x58, 0xe6, 0xf1,
+    0xc5, 0xd7, 0x97, 0xa7, 0x86, 0xc2, 0x7a, 0x19, 0x8e, 0xce, 0x8b, 0x49, 0x8a, 0x78, 0x4a, 0x02,
+    0xb0, 0x7a, 0xbc, 0x0f, 0x61, 0x93, 0x07, 0xb5, 0x09, 0xcf, 0x30, 0xa3, 0x3d, 0x1d, 0xb4, 0x1a,
+    0x33, 0xf0, 0x16, 0xbd, 0x22, 0xf2, 0x3a, 0x58, 0x4e, 0xa8, 0x94, 0x66, 0x78, 0x21, 0x91, 0x1b,
+    0xfa, 0xa6, 0xbf, 0xc5, 0xac, 0xe0, 0x02, 0xb9, 0x06, 0x1f, 0xd7, 0x37, 0x53, 0xc9, 0x78, 0xcb,
+    0x96, 0xa5, 0xb2, 0x2d, 0xe4, 0x7f, 0x15, 0x8d, 0x3f, 0x28, 0x90, 0xef, 0xb3, 0x53, 0x8a, 0x46,
+    0x6f, 0xb2, 0xe3, 0xaf, 0x4a, 0xab, 0xe6, 0x0a, 0xe9, 0xb8, 0x75, 0xde, 0x59, 0xbe, 0xaa, 0x58,
+    0x6e, 0xdd, 0xb9, 0x92, 0xf5, 0x06, 0x08, 0xa1, 0x18, 0x7c, 0xda, 0xdc, 0x8f, 0xa2, 0x23, 0xaa,
+    0xc2, 0x19, 0xd2, 0x14, 0x3d, 0x07, 0xb5, 0xce, 0x1c, 0xd7, 0x40, 0x47, 0xed, 0x2c, 0x73, 0x99,
+    0xf6, 0x27, 0x81, 0x1a, 0xa4, 0x30, 0x40, 0x41, 0xc0, 0x66, 0x1f, 0x2f, 0xf2, 0x59, 0xdb, 0x19,
+    0x50, 0xc3, 0xcb, 0xcd, 0x60, 0x89, 0x9e, 0xaa, 0x61, 0x69, 0x29, 0xa0, 0x80, 0x0f, 0x98, 0x91,
+    0xff, 0xb6, 0x4e, 0x0c, 0xaa, 0xbc, 0xd2, 0xfb, 0xb5, 0x4d, 0x81, 0x3d, 0x5b, 0xa5, 0x90, 0x77,
+    0x5d, 0x2d, 0xaf, 0x2f, 0xd7, 0xf4, 0x32, 0xf9, 0x56, 0xd4, 0x4e, 0xba, 0xf7, 0x83, 0xb2, 0xb1,
+    0xa9, 0xd4, 0x9a, 0x4f, 0xce, 0x5d, 0x6d, 0x2d, 0xb7, 0xf9, 0xcc, 0x91, 0x6a, 0xe2, 0xb8, 0x8f,
+    0x8e, 0x64, 0xce, 0x50, 0xf4, 0x1c, 0x91, 0xbe, 0x70, 0xda, 0xc3, 0xdf, 0x32, 0xb0, 0x0f, 0x21,
+    0x17, 0xf1, 0xac, 0xe5, 0x1a, 0x87, 0x37, 0xf5, 0x59, 0x04, 0xa9, 0x2e, 0x99, 0x57, 0x7e, 0x60,
+    0x1b, 0x70, 0x92, 0x3a, 0x12, 0x57, 0x75, 0x0d, 0x9f, 0x7d, 0x61, 0x36, 0x38, 0xc7, 0xdd, 0xb2,
+    0x97, 0xca, 0xe8, 0x10, 0x5b, 0xd2, 0xfb, 0x26, 0xce, 0xec, 0x3f, 0xed, 0x65, 0x4f, 0x03, 0xb4,
+    0x7d, 0x53, 0xbe, 0x83, 0x56, 0x70, 0x01, 0xbd, 0x03, 0xee, 0x8a, 0xfa, 0xc8, 0x85, 0x3c, 0x84,
+    0xec, 0x38, 0x49, 0x1d, 0x09, 0xca, 0xdb, 0xe7, 0xae, 0xdf, 0xd1, 0x1b, 0x1c, 0x82, 0x8f, 0x59,
+    0x58, 0x3d, 0x5e, 0xe6, 0xd1, 0xa8, 0xe2, 0xbb, 0xe5, 0x86, 0x18, 0xb0, 0xff, 0xef, 0x5a, 0x0d,
+    0xf7, 0x48, 0xdb, 0x27, 0x1b, 0x9d, 0xae, 0xea, 0x31, 0xa2, 0xb0, 0x2d, 0x24, 0x45, 0x52, 0xeb,
+    0x1f, 0x0f, 0x39, 0xce, 0xab, 0xa6, 0x4b, 0xe4, 0xdd, 0xeb, 0x98, 0x3e, 0xe6, 0xb7, 0xbc, 0xfc,
+    0xfb, 0xc9, 0xe5, 0xf8, 0x13, 0x4d, 0xec, 0x12, 0xf7, 0xdb, 0x78, 0x35, 0x85, 0xd5, 0xf1, 0x39,
+    0x7c, 0x3c, 0xe4, 0xbe, 0xe9, 0xdd, 0xef, 0x16, 0xf2, 0x2a, 0x25, 0xf8, 0x1e, 0x99, 0xb5, 0x76,
+    0x09, 0x91, 0xcf, 0x16, 0x0e, 0x8c, 0x92, 0xba, 0x75, 0x2b, 0x9e, 0x12, 0xa9, 0xfc, 0x4b, 0x6e,
+    0x0d, 0xee, 0x64, 0xe2, 0xb7, 0x7d, 0xac, 0x53, 0x37, 0xbd, 0x67, 0x1a, 0x77, 0x8c, 0x2a, 0x20,
+    0x7a, 0x9d, 0xfb, 0x30, 0xed, 0xb5, 0xce, 0x6a, 0x91, 0xf7, 0x41, 0xf4, 0xaf, 0xd1, 0x05, 0x1f,
+    0x67, 0x4c, 0x76, 0x84, 0xfb, 0x8a, 0x9a, 0x1b, 0x6d, 0x57, 0x44, 0xce, 0x26, 0x5e, 0x68, 0xc4,
+    0x45, 0xec, 0xd3, 0x52, 0xc7, 0x97, 0xb6, 0xca, 0x19, 0x26, 0x1d, 0x8a, 0x76, 0x60, 0x37, 0xd6,
+    0x87, 0xf5, 0x01, 0x46, 0xfa, 0x90, 0x03, 0x04, 0x05, 0xf1, 0x5d, 0xcd, 0x9b, 0x4c, 0x44, 0x4f,
+    0xdc, 0x79, 0xb1, 0xe7, 0x29, 0x0c, 0x10, 0x81, 0x30, 0xf8, 0x77, 0x7b, 0xdd, 0x87, 0x46, 0x97,
+    0xe8, 0x47, 0xe2, 0xe9, 0xb0, 0x3b, 0xe5, 0x0e, 0xec, 0x49, 0x28, 0x13, 0xc2, 0xf2, 0xee, 0x17,
+    0x4f, 0xcc, 0xf2, 0x03, 0xcb, 0x2f, 0xd5, 0x4e, 0xbc, 0x82, 0xb1, 0x9e, 0x66, 0xb8, 0x24, 0x6d,
+    0x1d, 0xd1, 0x8d, 0xb4, 0x16, 0x3f, 0x54, 0x71, 0xfc, 0xa0, 0x05, 0x3a, 0x89, 0x8f, 0x6d, 0xdb,
+    0x4e, 0xa3, 0xa8, 0x3e, 0x74, 0x82, 0x3b, 0xe5, 0x4d, 0x46, 0x1e, 0x9c, 0xb0, 0xa4, 0xad, 0x9f,
+    0x04, 0x7f, 0xab, 0xf4, 0xb9, 0xf1, 0x3e, 0xe9, 0x42, 0x96, 0xf9, 0x08, 0xde, 0x70, 0x61, 0x4e,
+    0xeb, 0xf6, 0x0c, 0xae, 0xb2, 0x0f, 0x14, 0x30, 0x3c, 0xc6, 0x1a, 0x15, 0x7b, 0xd6, 0xb6, 0xc2,
+    0xf8, 0x78, 0x0b, 0xbf, 0x11, 0x79, 0x1d, 0x2c, 0x27, 0x54, 0x4a, 0x33, 0x3c, 0xf1, 0xa9, 0xec,
+    0xf3, 0x37, 0x70, 0xd3, 0xa2, 0x6c, 0x90, 0x03, 0x73, 0x34, 0x49, 0x25, 0xfa, 0x35, 0x33, 0xa5,
+    0x3e, 0x1e, 0x72, 0x5f, 0x95, 0x8f, 0x96, 0x0b, 0x79, 0x15, 0xf3, 0x7c, 0x0f, 0xad, 0xbb, 0x3b,
+    0x3d, 0xaf, 0x9c, 0x18, 0x97, 0xbb, 0x67, 0x35, 0xa9, 0x9a, 0xc1, 0x7a, 0xb6, 0x89, 0xe3, 0xee,
+    0xbd, 0x94, 0xd8, 0xed, 0xd6, 0xee, 0xab, 0xe6, 0x3e, 0x72, 0x57, 0xb9, 0x4a, 0x91, 0x9e, 0x3a,
+    0x8a, 0x1b, 0x65, 0xa4, 0x4d, 0xed, 0xaf, 0x57, 0x32, 0x4c, 0x3a, 0xd7, 0xec, 0xc0, 0x6e, 0x6f,
+    0x88, 0xc5, 0xd1, 0xde, 0xf0, 0x74, 0xb0, 0xc2, 0x13, 0x07, 0xa7, 0xd3, 0x83, 0xf8, 0xbf, 0x48,
+    0xdd, 0x16, 0xeb, 0xda, 0x96, 0xa1, 0xfe, 0x2a, 0xc1, 0x3c, 0xd8, 0x79, 0x0b, 0x9b, 0xcf, 0x65,
+    0xcd, 0x29, 0x02, 0x8c, 0x37, 0xe3, 0x06, 0x08, 0x0a, 0x21, 0xba, 0x59, 0xf5, 0x98, 0x88, 0x9e,
+    0x0b, 0x4f, 0x7b, 0x6c, 0xb3, 0x15, 0x8d, 0x2f, 0x54, 0x60, 0x03, 0x16, 0xc6, 0xc4, 0x9a, 0x49,
+    0x13, 0x8e, 0x07, 0x11, 0xa3, 0x76, 0x09, 0x1c, 0x1b, 0x92, 0x50, 0x26, 0x47, 0x27, 0x1f, 0x2e,
+    0x98, 0xfa, 0x38, 0x88, 0x51, 0x36, 0x48, 0xe0, 0xd8, 0x1a, 0xc5, 0xf3, 0x7d, 0xfb, 0xf8, 0xb3,
+    0x02, 0xde, 0xb4, 0x7a, 0xbd, 0x99, 0x1f, 0x95, 0x21, 0x4b, 0x9d, 0x04, 0x6f, 0x38, 0xd1, 0x27,
+    0x93, 0xb5, 0x43, 0xe4, 0xe2, 0x23, 0xc5, 0xcf, 0x8c, 0x7a, 0xc6, 0xe5, 0xbb, 0x3f, 0x62, 0xfa,
+    0x80, 0x3b, 0x44, 0xf5, 0x41, 0x55, 0xcc, 0xd3, 0x97, 0xe8, 0x96, 0xc3, 0xfc, 0x18, 0x7d, 0xd4,
+    0x90, 0x04, 0xad, 0xa3, 0xe0, 0x17, 0x34, 0xf1, 0x5c, 0xf5, 0xf4, 0xe3, 0x02, 0x1b, 0x3a, 0x2f,
+    0xd0, 0xf8, 0x8f, 0x38, 0x21, 0xdc, 0x52, 0x79, 0xf6, 0x81, 0xbf, 0x63, 0x7c, 0x17, 0xe5, 0x45,
+    0x24, 0x01, 0xba, 0x58, 0x38, 0x75, 0x0d, 0xad, 0x17, 0xac, 0x3d, 0x48, 0xe1, 0x76, 0xef, 0x7b,
+    0x34, 0x3e, 0x53, 0x0e, 0x99, 0x37, 0xf5, 0x8f, 0xdc, 0xb1, 0x5f, 0x68, 0x1f, 0x75, 0xa8, 0x80,
+    0xcb, 0x88, 0x1d, 0x02, 0x33, 0x8b, 0x27, 0x74, 0x69, 0xfc, 0xde, 0x55, 0x44, 0xd0, 0x38, 0xf7,
+    0xed, 0x57, 0x13, 0x20, 0xb6, 0x67, 0x35, 0x4c, 0x5f, 0x1b, 0x7e, 0x19, 0xca, 0x9e, 0x06, 0xab,
+    0xf4, 0xf9, 0x35, 0x60, 0x19, 0xa9, 0x5f, 0xd4, 0xe1, 0x2d, 0x82, 0x2b, 0x9d, 0x61, 0x0a, 0x3e,
+    0xce, 0x98, 0xec, 0xcb, 0x35, 0xd7, 0xf7, 0x36, 0xda, 0xae, 0x88, 0x5f, 0x4c, 0xbc, 0xd0, 0x4b,
+    0x99, 0x95, 0x62, 0xb5, 0xee, 0x9b, 0xa6, 0x4b, 0x29, 0xde, 0x6a, 0xf1, 0xab, 0xe7, 0x71, 0x41,
+    0x10, 0x3f, 0xe9, 0x56, 0xa1, 0x42, 0xf8, 0x22, 0xcb, 0x1d, 0x62, 0x20, 0xfe, 0x03, 0x47, 0xfb,
+    0x44, 0x83, 0x89, 0x6f, 0x78, 0x3a, 0x58, 0x61, 0xe8, 0xe2, 0xb2, 0x88, 0xa0, 0x7c, 0xbe, 0x24,
+    0x40, 0xfc, 0x22, 0x9b, 0xc1, 0xcb, 0x66, 0x88, 0xaa, 0x74, 0x4b, 0x80, 0x7e, 0x0c, 0xdf, 0x6a,
+    0x92, 0xda, 0x19, 0xd9, 0x5d, 0x8e, 0x2b, 0x64, 0x7d, 0xbe, 0x69, 0xe7, 0x6d, 0x23, 0xeb, 0x08,
+    0x3a, 0x61, 0xd9, 0xab, 0x2c, 0x7e, 0xa8, 0xe2, 0x3b, 0x83, 0x0a, 0x74, 0xd1, 0xdd, 0xda, 0x75,
+    0x01, 0x6f, 0x5a, 0x3d, 0xbf, 0xad, 0xee, 0xab, 0xf1, 0xc4, 0xaf, 0x02, 0xd6, 0x1c, 0x89, 0xf2,
+    0x26, 0xdf, 0x0e, 0x22, 0x85, 0xec, 0x12, 0x38, 0x36, 0xe7, 0xa0, 0x4c, 0x8e, 0x4e, 0x3e, 0x5c,
+    0x12, 0xe1, 0x5d, 0x2c, 0x1c, 0xdb, 0xe7, 0xb7, 0xea, 0x56, 0xff, 0x24, 0x91, 0x3b, 0x96, 0xdc,
+    0x1a, 0x1f, 0xc8, 0x07, 0xad, 0xfa, 0x9b, 0xa6, 0x6e, 0xb9, 0xce, 0x34, 0xee, 0xdb, 0x54, 0x40,
+    0x48, 0x02, 0xb7, 0xb0, 0x70, 0xea, 0x1a, 0x99, 0x2e, 0x9b, 0x7a, 0x90, 0x01, 0xec, 0x1d, 0xf6,
+    0x68, 0x7c, 0xa6, 0x1c, 0xf1, 0x6e, 0x29, 0xdd, 0x7b, 0xa1, 0xbe, 0xd0, 0x3e, 0xea, 0x93, 0xc3,
+    0xf5, 0x96, 0x6f, 0x5d, 0xa6, 0x04, 0xb1, 0x7f, 0x10, 0xe9, 0x2d, 0x29, 0x4b, 0x7d, 0x83, 0xcc,
+    0x81, 0x54, 0x1e, 0xc8, 0xfe, 0xf8, 0x22, 0x78, 0x66, 0x2c, 0x39, 0xc1, 0x2a, 0x04, 0xf4, 0x26,
+    0x8b, 0x74, 0x3f, 0x99, 0xf2, 0x40, 0x41, 0xfc, 0xc3, 0x88, 0x95, 0xd5, 0x3a, 0xdc, 0xe7, 0x9d,
+    0xc7, 0x09, 0x23, 0xdd, 0x3b, 0x5b, 0x65, 0x8c, 0xaf, 0x85, 0x16, 0x4d, 0xe5, 0x40, 0x9b, 0x25,
+    0xd6, 0x59, 0x90, 0xb6, 0x25, 0xb4, 0x73, 0x05, 0x95, 0x5c, 0xdb, 0x6f, 0xcd, 0x5f, 0x55, 0x2c,
+    0x20, 0x7e, 0x11, 0xac, 0x81, 0x84, 0x33, 0x44, 0x55, 0x3a, 0xc4, 0x40, 0x3f, 0x06, 0x8e, 0x35,
+    0x0a, 0x20, 0x21, 0x51, 0x0c, 0xb8, 0x63, 0x84, 0xa5, 0xa4, 0xac, 0x14, 0x10, 0xd8, 0x13, 0xbb,
+    0x08, 0xfe, 0x95, 0x2b, 0xb1, 0x21, 0x7c, 0x11, 0x84, 0xef, 0x31, 0x10, 0x7f, 0xe0, 0xc2, 0x9c,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x4c, 0x7d, 0x1c, 0x44, 0xc9, 0x1b, 0x24, 0x70, 0x6c, 0x0d, 0x83, 0x98, 0xdf, 0x9c, 0x7c, 0xb8,
+    0xd7, 0x36, 0xca, 0x8b, 0x9a, 0x19, 0x9d, 0xae, 0x64, 0x98, 0x74, 0x6d, 0x1b, 0x43, 0xdc, 0xde,
+    0x74, 0xc2, 0x71, 0x95, 0x58, 0xfc, 0x93, 0x07, 0x76, 0xc5, 0x14, 0xe8, 0x61, 0x79, 0x77, 0xea,
+  },
+  { /* 10 */
+    0x51, 0xf6, 0x5f, 0xcc, 0xc9, 0xbb, 0x4b, 0xca, 0x7e, 0x52, 0xea, 0x5b, 0x67, 0xa2, 0xef, 0xe6,
+    0x33, 0xae, 0xa5, 0x03, 0xf8, 0x72, 0xcf, 0x10, 0xac, 0xdb, 0x41, 0x06, 0xb8, 0x66, 0xba, 0x67,
+    0xa4, 0x6a, 0x15, 0x17, 0x52, 0x6f, 0xc2, 0xd0, 0x70, 0x26, 0xcb, 0x2e, 0x94, 0x8b, 0x8e, 0x86,
+    0x67, 0xde, 0xe5, 0xa5, 0xd2, 0x7e, 0xfa, 0xff, 0x18, 0x4a, 0x19, 0x89, 0xa8, 0xce, 0x6e, 0xad,
+    0x0a, 0xcf, 0x3e, 0xd4, 0x05, 0xad, 0xfc, 0x4a, 0x57, 0x45, 0xa7, 0x6b, 0xee, 0x14, 0x76, 0x58,
+    0xe7, 0x84, 0x9d, 0xfc, 0x92, 0x97, 0xe6, 0x09, 0x2c, 0x7c, 0x70, 0x3b, 0xb6, 0x0d, 0x1e, 0x59,
+    0x28, 0xba, 0xf8, 0xd6, 0x14, 0xf1, 0x76, 0xeb, 0x9f, 0xd7, 0xd9, 0x6f, 0x3e, 0x50, 0x1b, 0xa3,
+    0x1a, 0x55, 0x31, 0x76, 0x0d, 0x19, 0x1e, 0x24, 0xb0, 0x33, 0x03, 0xec, 0x9d, 0x34, 0x78, 0xa7,
+    0x6c, 0x50, 0xb7, 0xd2, 0x36, 0x49, 0xa1, 0x6a, 0xcc, 0x30, 0x25, 0x67, 0x5d, 0xd8, 0xc1, 0x96,
+    0x65, 0x5c, 0x3d, 0x20, 0xd3, 0x89, 0x77, 0x82, 0xdd, 0x34, 0xec, 0x40, 0x9e, 0xca, 0x1f, 0x6b,
+    0xfa, 0xd5, 0x6b, 0x65, 0x7d, 0xce, 0x0b, 0x75, 0x93, 0xf2, 0x34, 0xca, 0x6a, 0x37, 0x2c, 0x14,
+    0xe8, 0xcd, 0xbc, 0x42, 0x74, 0x8d, 0x64, 0x66, 0xb1, 0xfa, 0x65, 0x84, 0x2f, 0x13, 0x53, 0x2d,
+    0xac, 0x27, 0xf3, 0x46, 0x56, 0x35, 0xb3, 0xe7, 0xe2, 0x1d, 0x99, 0x8c, 0x4c, 0x9b, 0x89, 0x18,
+    0x5a, 0x78, 0x0d, 0xbb, 0x2d, 0x8c, 0x10, 0x5f, 0xaa, 0x28, 0xd6, 0xb5, 0x92, 0xb4, 0x40, 0xdd,
+    0xa9, 0xa1, 0xec, 0x2c, 0xb5, 0x82, 0xcd, 0xc2, 0x28, 0xde, 0x2b, 0x58, 0x3b, 0x91, 0xb2, 0x34,
+    0x30, 0x6d, 0x11, 0x25, 0x18, 0x1f, 0xe5, 0xb2, 0xea, 0x9a, 0x2f, 0x4a, 0x95, 0x60, 0x12, 0xc2,
+    0x8b, 0xd4, 0x2a, 0x2e, 0xa4, 0xde, 0x47, 0x63, 0xe0, 0x4c, 0x55, 0x5c, 0xeb, 0xd5, 0xdf, 0xcf,
+    0x83, 0x99, 0xcc, 0x7f, 0xa0, 0x84, 0x36, 0x54, 0x72, 0x77, 0x07, 0xfe, 0x33, 0xc5, 0xd8, 0x51,
+    0xef, 0xc9, 0x7b, 0xad, 0x96, 0xcd, 0x97, 0x3e, 0xbe, 0x47, 0x22, 0x99, 0x6e, 0x1d, 0x19, 0xc7,
+    0x66, 0x9f, 0x89, 0x06, 0x33, 0xe4, 0x5d, 0x20, 0x9b, 0x75, 0x82, 0x0c, 0xb3, 0xcc, 0xb7, 0xce,
+    0x14, 0x5d, 0x7c, 0x6b, 0x0a, 0x99, 0x3b, 0x94, 0xae, 0x8a, 0x8d, 0xd6, 0x1f, 0x28, 0xec, 0xb0,
+    0x0d, 0xcb, 0xf9, 0x3b, 0xe7, 0xed, 0x0f, 0x12, 0x58, 0xf8, 0xe0, 0x76, 0xaf, 0x1a, 0x3c, 0xb2,
+    0x05, 0x86, 0x1f, 0x6a, 0xe3, 0xb7, 0x7e, 0x25, 0xca, 0xc3, 0xb2, 0xd4, 0x77, 0x0a, 0x3b, 0x2c,
+    0x92, 0x42, 0xaf, 0x7e, 0x49, 0xaa, 0x73, 0xe5, 0x16, 0x3e, 0x38, 0xfc, 0x5b, 0xe7, 0x0f, 0xcd,
+    0x7a, 0x8f, 0x13, 0x3c, 0x3d, 0x27, 0x17, 0x83, 0xa7, 0xc4, 0x5d, 0x78, 0x74, 0xf4, 0x5c, 0xe0,
+    0x13, 0x59, 0xbb, 0x84, 0xe8, 0xd9, 0xc8, 0xcc, 0xa1, 0x37, 0xca, 0xcb, 0x5e, 0x26, 0xa6, 0x5a,
+    0xd8, 0xa0, 0xad, 0x67, 0x6c, 0x92, 0x81, 0xd4, 0x5b, 0x60, 0x4a, 0xce, 0xba, 0x73, 0x41, 0xef,
+    0x87, 0x5e, 0xbf, 0xb6, 0xa2, 0xa9, 0xef, 0xae, 0x3b, 0x8b, 0x2e, 0xaf, 0x5f, 0xcd, 0x3a, 0x1e,
+    0xb5, 0xb1, 0x76, 0x16, 0xbb, 0x41, 0x87, 0x61, 0x14, 0x6f, 0xf4, 0x2c, 0xfc, 0xa9, 0x59, 0x1a,
+    0xdf, 0xa4, 0x6a, 0x88, 0x8e, 0xd2, 0x72, 0x8c, 0x54, 0xdd, 0x0d, 0xd3, 0xfb, 0x7d, 0x0b, 0x05,
+    0x91, 0x81, 0x1b, 0x58, 0xa9, 0xc7, 0x59, 0x47, 0x50, 0x7f, 0x56, 0xb0, 0x76, 0xe1, 0xa7, 0x68,
+    0x2d, 0x3c, 0xe7, 0xbc, 0xf7, 0x46, 0x08, 0xce, 0x55, 0x14, 0x6b, 0xbb, 0x49, 0x5a, 0x20, 0x8f,
+    0xa0, 0xad, 0x66, 0xde, 0x50, 0x42, 0x1b, 0x2a, 0x39, 0xda, 0xe2, 0x7f, 0xf8, 0x83, 0x6c, 0xc9,
+    0xbf, 0x7e, 0x48, 0xc2, 0xbe, 0xec, 0x7b, 0x2b, 0x43, 0x2a, 0x53, 0x47, 0x12, 0xbd, 0x2f, 0x42,
+    0x24, 0x30, 0x6d, 0x4e, 0x12, 0x86, 0xde, 0x26, 0x44, 0x10, 0xa2, 0x9c, 0x8a, 0x48, 0xfe, 0x72,
+    0x49, 0x21, 0xb6, 0x3f, 0xc5, 0x55, 0xd8, 0x93, 0x0b, 0x1f, 0x1c, 0x7e, 0xcc, 0x92, 0xe6, 0x87,
+    0xee, 0x88, 0x17, 0x0e, 0x77, 0x57, 0x30, 0xe1, 0x3d, 0x78, 0xb9, 0x1c, 0x75, 0x1f, 0xc0, 0xa4,
+    0x2c, 0x7d, 0x8b, 0x1f, 0x16, 0xdc, 0xaf, 0x11, 0xd6, 0x2b, 0xf0, 0x3e, 0x52, 0x58, 0xf9, 0xec,
+    0x1d, 0x51, 0xf6, 0x99, 0xef, 0x59, 0xed, 0x7c, 0xbf, 0x8e, 0x44, 0xf1, 0xdc, 0x3a, 0x32, 0x4d,
+    0xcc, 0xfd, 0xd1, 0x0c, 0x66, 0x0b, 0xba, 0x40, 0xf5, 0xea, 0xc7, 0x18, 0xa5, 0x5b, 0xad, 0x5f,
+    0x7c, 0xca, 0xb8, 0x70, 0x3e, 0xfd, 0x43, 0x04, 0x2b, 0x46, 0x81, 0xe0, 0x2e, 0xf8, 0xcf, 0x69,
+    0x8e, 0x52, 0x35, 0x44, 0x47, 0x69, 0x39, 0x46, 0x2a, 0x8f, 0xe7, 0x88, 0x9c, 0xdf, 0xe4, 0xe3,
+    0xb8, 0x7a, 0x8f, 0x2d, 0x5c, 0xac, 0x88, 0x73, 0x4c, 0x97, 0x14, 0x5a, 0x53, 0xb3, 0x65, 0xa8,
+    0xe6, 0xc5, 0xf1, 0x5f, 0x73, 0x0d, 0x41, 0xd6, 0xaf, 0x43, 0xeb, 0xbe, 0xad, 0x0f, 0xc7, 0x3a,
+    0xf4, 0xdd, 0x26, 0x78, 0x7a, 0x4e, 0x2e, 0xc5, 0x8d, 0x4b, 0xba, 0xf0, 0xe8, 0x2b, 0xb8, 0x03,
+    0x26, 0xb2, 0xb5, 0xcb, 0x13, 0x71, 0x53, 0x5b, 0x81, 0x6e, 0x57, 0x55, 0xbc, 0x4c, 0x8f, 0xb4,
+    0x1b, 0x14, 0x5d, 0xd5, 0xec, 0x83, 0xb9, 0xfb, 0x33, 0x0c, 0x98, 0x69, 0x86, 0x36, 0xa1, 0xc4,
+    0x4f, 0x64, 0x1d, 0x73, 0xc6, 0x8f, 0x8c, 0x14, 0x87, 0x9d, 0xc0, 0xe6, 0x96, 0x9e, 0x75, 0x0e,
+    0xd5, 0x6b, 0x54, 0x5c, 0x8b, 0x7f, 0x8e, 0xc6, 0x03, 0x98, 0xaa, 0xb8, 0x15, 0x69, 0x7d, 0x5d,
+    0xc5, 0xf1, 0x5b, 0xfe, 0x83, 0xcb, 0x6c, 0xa8, 0xe4, 0xee, 0x0e, 0x3f, 0x66, 0x49, 0x73, 0xa2,
+    0x50, 0xb7, 0x33, 0x6f, 0x28, 0x21, 0xec, 0x15, 0xfd, 0x6d, 0x71, 0xde, 0x7c, 0xa0, 0x36, 0x85,
+    0x79, 0x4c, 0xa7, 0x1a, 0xdd, 0x4a, 0x3d, 0x21, 0xe1, 0x85, 0x33, 0x34, 0x59, 0xf2, 0xf4, 0x45,
+    0x77, 0x44, 0xea, 0x07, 0xda, 0xca, 0x18, 0x91, 0xff, 0x3c, 0xbd, 0x0e, 0xdb, 0xee, 0x60, 0x52,
+    0x16, 0xdf, 0xa4, 0xee, 0x0b, 0x6e, 0xb6, 0xe9, 0x6b, 0xf4, 0x78, 0x1f, 0x29, 0x2c, 0x9d, 0x76,
+    0x52, 0x35, 0xeb, 0xea, 0x29, 0xd6, 0x61, 0x68, 0x38, 0x13, 0x84, 0x17, 0x4a, 0xa4, 0x47, 0x43,
+    0x15, 0x1c, 0x10, 0xc8, 0xeb, 0x03, 0x9c, 0x4b, 0x2d, 0xb5, 0x16, 0x53, 0x04, 0x2a, 0x35, 0xd3,
+    0x9b, 0x4e, 0x25, 0x8c, 0xac, 0x6a, 0xa5, 0x0d, 0x07, 0x3a, 0xf1, 0xdb, 0x98, 0xf5, 0xd1, 0x30,
+    0xb4, 0xf0, 0x1a, 0xb5, 0x5a, 0xdb, 0x20, 0xbe, 0x97, 0x50, 0x6f, 0xa9, 0xe7, 0xab, 0x80, 0x79,
+    0x3e, 0x65, 0x5c, 0x38, 0x1f, 0x9f, 0xc0, 0x02, 0xf4, 0x23, 0xa1, 0x70, 0x17, 0x7c, 0x86, 0xd5,
+    0x80, 0x5a, 0x78, 0x59, 0x40, 0xe9, 0x1c, 0xf6, 0x34, 0x36, 0x69, 0xb2, 0x1e, 0xc3, 0x70, 0xf4,
+    0x36, 0x28, 0xba, 0x69, 0x1b, 0xc5, 0xb1, 0x35, 0x66, 0x18, 0xf3, 0xd2, 0xcf, 0x6c, 0x81, 0x4b,
+    0xd3, 0x2e, 0xff, 0x10, 0x88, 0xa5, 0xda, 0x41, 0x8f, 0x1a, 0x76, 0x20, 0x4f, 0x65, 0xee, 0xd4,
+    0x2b, 0x79, 0x4c, 0xf0, 0xf4, 0x9c, 0x5c, 0x49, 0xd9, 0x96, 0xb7, 0x23, 0x13, 0x56, 0xb3, 0x06,
+    0x01, 0x41, 0x6c, 0xa3, 0xe1, 0x9a, 0xa7, 0xdf, 0x83, 0x3f, 0x9b, 0x85, 0x1b, 0x02, 0xd9, 0x63,
+    0x99, 0xcc, 0xfd, 0x09, 0xad, 0x9d, 0x28, 0x70, 0xc2, 0x44, 0x04, 0x12, 0xae, 0xf1, 0xa0, 0xf6,
+    0xdd, 0x26, 0xb2, 0x0d, 0x8f, 0x25, 0xff, 0xf1, 0x91, 0xa3, 0xf8, 0x1a, 0xcd, 0x79, 0x7a, 0xc3,
+    0xf6, 0x5f, 0xfe, 0xfd, 0x7b, 0xb9, 0xa3, 0xb8, 0x48, 0x35, 0x4f, 0x39, 0xde, 0x2f, 0xc9, 0xc5,
+    0x68, 0x97, 0xc4, 0x1b, 0x34, 0x64, 0x78, 0x90, 0x85, 0xcc, 0x0c, 0x36, 0x31, 0xd0, 0x23, 0xd9,
+    0x12, 0x18, 0xd7, 0x27, 0x09, 0x43, 0x6f, 0x13, 0x22, 0x08, 0x51, 0x4e, 0x45, 0x24, 0x7f, 0x39,
+    0x8a, 0x95, 0x46, 0x8d, 0x45, 0x44, 0xe0, 0xbc, 0x63, 0x73, 0xce, 0xd9, 0xf0, 0xd7, 0x06, 0xac,
+    0x09, 0x0c, 0x8a, 0xf2, 0xe5, 0xc0, 0xd6, 0xe8, 0x11, 0x04, 0xc9, 0x27, 0xc3, 0x12, 0xde, 0xfd,
+    0xa6, 0xe8, 0xcd, 0x92, 0x53, 0x98, 0x4f, 0xad, 0xb5, 0x58, 0x3e, 0xe7, 0xa2, 0x8f, 0xff, 0x40,
+    0x72, 0xc2, 0xf5, 0x6d, 0x39, 0x7d, 0x66, 0xb4, 0x35, 0xff, 0x0f, 0xda, 0xac, 0xe4, 0x5b, 0x7e,
+    0xc4, 0xb0, 0x37, 0x5d, 0x62, 0x51, 0xcb, 0x77, 0x67, 0xd1, 0x95, 0xba, 0x7d, 0x4b, 0xaa, 0xc1,
+    0x3a, 0xa2, 0x2f, 0xf1, 0x1d, 0xb2, 0x19, 0xf8, 0xbd, 0xdf, 0x88, 0x21, 0x7b, 0x74, 0x64, 0x9a,
+    0x74, 0x87, 0x5e, 0x21, 0x3a, 0xa7, 0x32, 0x33, 0xb9, 0x7d, 0xd3, 0x42, 0xf6, 0xe8, 0xc8, 0xf7,
+    0xc1, 0x36, 0x28, 0x37, 0x81, 0xe6, 0xb5, 0x52, 0xad, 0x12, 0x27, 0x6e, 0x0a, 0x41, 0x91, 0xed,
+    0xca, 0xb8, 0x7a, 0x40, 0x65, 0xd1, 0xee, 0xc7, 0x79, 0x68, 0x1b, 0x80, 0xff, 0x57, 0x3e, 0xd6,
+    0xb9, 0x3b, 0xe3, 0x8e, 0xbd, 0x36, 0x2f, 0xac, 0xcf, 0xa8, 0x8f, 0xdf, 0x48, 0xb1, 0xbc, 0xcb,
+    0x70, 0x40, 0x2d, 0xe8, 0x38, 0x8a, 0xeb, 0xc9, 0xf0, 0x81, 0xfa, 0x13, 0x9a, 0xe0, 0x2a, 0xb8,
+    0xbc, 0xbd, 0xfc, 0xe4, 0x5e, 0x81, 0x51, 0x89, 0x05, 0x6b, 0x3d, 0x0b, 0x3f, 0xbb, 0x87, 0xe7,
+    0x34, 0xaa, 0x62, 0xec, 0x1a, 0x32, 0x3c, 0x48, 0xa3, 0x66, 0x06, 0x1b, 0xf9, 0x68, 0xf0, 0x8d,
+    0x6a, 0x15, 0x1c, 0x9e, 0x35, 0x93, 0xf5, 0xed, 0x40, 0xb2, 0xf9, 0xff, 0x07, 0xd4, 0x52, 0x1f,
+    0x48, 0x60, 0xda, 0x9c, 0x24, 0xcf, 0x7f, 0x4c, 0x88, 0x20, 0x87, 0xfb, 0xd7, 0x90, 0x3f, 0xe4,
+    0x5f, 0xfe, 0x12, 0xd1, 0xce, 0x3b, 0x6e, 0x7a, 0x60, 0xeb, 0x64, 0x61, 0xe5, 0xbe, 0x7b, 0xf1,
+    0x8f, 0x13, 0x59, 0xe7, 0xa6, 0xf3, 0x9e, 0x99, 0xa9, 0xb0, 0x7c, 0x0d, 0x87, 0xdd, 0x3d, 0x80,
+    0x69, 0xd6, 0xa8, 0xb8, 0xd5, 0xfe, 0xdf, 0x4f, 0x06, 0xf3, 0x97, 0xb3, 0x2a, 0xd2, 0xfa, 0xba,
+    0x9a, 0x0f, 0x49, 0x2f, 0x4d, 0xf0, 0x02, 0xd2, 0x84, 0x05, 0x6a, 0x5e, 0x83, 0xf7, 0x08, 0x53,
+    0xda, 0x22, 0x75, 0xe2, 0x6d, 0x65, 0x0c, 0xa9, 0x9e, 0x1e, 0xbf, 0x07, 0x8c, 0x77, 0x30, 0x29,
+    0xfd, 0xd1, 0xac, 0x8a, 0x9f, 0x8e, 0xf8, 0x2d, 0x9c, 0x4f, 0x73, 0xd7, 0x2b, 0x39, 0x66, 0xfe,
+    0x39, 0x61, 0x9b, 0xd7, 0xfd, 0xdf, 0x33, 0x5a, 0xfb, 0x9e, 0xe6, 0x6d, 0x56, 0x72, 0xcc, 0x3f,
+    0xa5, 0x2b, 0x79, 0xb4, 0xb3, 0xf5, 0x65, 0x0f, 0xf3, 0x19, 0x50, 0xab, 0x8f, 0x89, 0x57, 0xe5,
+    0xfc, 0x90, 0xc0, 0x29, 0x7e, 0x14, 0x5f, 0xf2, 0x1f, 0x70, 0xe8, 0x52, 0x30, 0x3b, 0xbf, 0x9d,
+    0xe0, 0x80, 0x5a, 0x13, 0x70, 0xd7, 0x15, 0x51, 0x23, 0xc1, 0x37, 0x26, 0xf7, 0x03, 0x54, 0xb3,
+    0x0c, 0x8a, 0x95, 0x98, 0x06, 0x77, 0xa8, 0xcd, 0xdb, 0xc7, 0x7b, 0xf3, 0xb4, 0x18, 0xe5, 0xd1,
+    0x57, 0xb3, 0xf4, 0x80, 0xca, 0x61, 0x1f, 0x4d, 0xf2, 0xd0, 0x36, 0xc3, 0x3d, 0xae, 0x7c, 0x6f,
+    0x54, 0x70, 0x40, 0xa6, 0x2a, 0x0c, 0x35, 0xef, 0xb4, 0x91, 0x58, 0x8f, 0x10, 0xa8, 0xd4, 0xca,
+    0x8d, 0x91, 0x81, 0x62, 0xa7, 0x04, 0x13, 0xe4, 0x6c, 0xce, 0x89, 0xc4, 0xb1, 0xd9, 0x4c, 0x46,
+    0xd2, 0x6f, 0x93, 0xb3, 0x69, 0x3f, 0x7d, 0x9e, 0x0c, 0x25, 0xed, 0xa5, 0x54, 0x67, 0x37, 0xb7,
+    0xf7, 0x1e, 0x92, 0x5e, 0x9a, 0x23, 0x04, 0x67, 0xcb, 0x0a, 0xd4, 0xbc, 0xc5, 0x2d, 0x10, 0xa6,
+    0x5e, 0xbf, 0x7e, 0x72, 0x2f, 0xa1, 0xc9, 0xa5, 0xe3, 0xd4, 0xff, 0xe4, 0xfe, 0xbc, 0xa2, 0x92,
+    0xf9, 0x16, 0xdf, 0x43, 0x9d, 0xa3, 0x21, 0xd7, 0xd5, 0xb3, 0x5a, 0x86, 0x47, 0x31, 0x84, 0xb1,
+    0xf2, 0x98, 0x8d, 0x34, 0x79, 0x94, 0x7a, 0x42, 0x01, 0xc9, 0x66, 0x68, 0xb2, 0x27, 0x2b, 0x8a,
+    0xe3, 0x43, 0xee, 0x35, 0x90, 0xba, 0x3f, 0xf3, 0x65, 0x80, 0x59, 0x6a, 0xda, 0x05, 0xfc, 0x16,
+    0x3b, 0xe3, 0x43, 0x52, 0xfc, 0x28, 0xbe, 0x27, 0x3e, 0xe0, 0x13, 0xa4, 0x60, 0x76, 0xbd, 0xf9,
+    0x03, 0xc3, 0xb4, 0x26, 0xe0, 0x6d, 0x2a, 0xa2, 0x46, 0x41, 0x6e, 0x4c, 0x2d, 0x06, 0xa8, 0xa5,
+    0xa1, 0xec, 0x0a, 0x7d, 0xb1, 0xd8, 0xbc, 0xf5, 0xba, 0xe5, 0x79, 0xfa, 0xe3, 0x81, 0xb5, 0xaa,
+    0x96, 0x85, 0xdc, 0xb7, 0x4b, 0x87, 0xaa, 0x1f, 0x5f, 0xc2, 0x11, 0xad, 0x37, 0xef, 0xed, 0x82,
+    0xaa, 0x62, 0x58, 0x0a, 0x55, 0xef, 0xe7, 0x60, 0x6e, 0x9f, 0x45, 0x14, 0x16, 0x97, 0x1a, 0x91,
+    0x9f, 0x89, 0x56, 0x45, 0xae, 0x47, 0x7c, 0xf7, 0x4e, 0xc6, 0xd8, 0x8a, 0xf4, 0xfd, 0x33, 0x7f,
+    0x46, 0x68, 0x97, 0x81, 0x23, 0x4f, 0x5a, 0xfc, 0x96, 0x99, 0x09, 0xc1, 0x55, 0x8c, 0xab, 0xf3,
+    0x41, 0x6c, 0x50, 0x6e, 0xc1, 0x0f, 0xa9, 0xa4, 0x99, 0x24, 0x4e, 0xdc, 0x14, 0x82, 0xe1, 0x19,
+    0x2a, 0x38, 0x20, 0x53, 0x15, 0x06, 0xfb, 0x96, 0x5a, 0xa9, 0x2c, 0xa6, 0x08, 0x54, 0x6a, 0x65,
+    0x60, 0xda, 0x22, 0x4a, 0x30, 0x3e, 0x09, 0xa7, 0x17, 0xf7, 0x5e, 0x94, 0xe9, 0xc0, 0x24, 0x47,
+    0xe5, 0x06, 0x45, 0x79, 0x93, 0x60, 0x6b, 0x74, 0xe9, 0x02, 0x85, 0xf2, 0x80, 0x09, 0x6f, 0x9f,
+    0x94, 0x07, 0x04, 0x32, 0x4a, 0x70, 0x27, 0x62, 0x9a, 0xbc, 0xe4, 0x64, 0x01, 0xeb, 0x9c, 0x44,
+    0xbe, 0x3f, 0x24, 0x61, 0x5f, 0x76, 0xdc, 0xf4, 0xc0, 0x15, 0xc8, 0xc2, 0x09, 0xbf, 0xf6, 0x21,
+    0x90, 0xc0, 0x77, 0xfb, 0x48, 0x5d, 0xfe, 0x98, 0xd3, 0x40, 0xcd, 0x35, 0x6d, 0xe3, 0x7e, 0x0b,
+    0x2f, 0xbe, 0x3f, 0x39, 0xf6, 0xb1, 0x85, 0xb3, 0x90, 0x6a, 0x9e, 0x72, 0x7f, 0x5e, 0x51, 0x49,
+    0x9d, 0x0b, 0x8e, 0xc0, 0xaf, 0xb0, 0xf1, 0x8a, 0x8b, 0xb8, 0x2d, 0x43, 0xc2, 0xf9, 0x42, 0xb9,
+    0x81, 0x1b, 0x14, 0xfa, 0xa1, 0x73, 0xbb, 0x29, 0xb7, 0x09, 0xf2, 0x37, 0x05, 0xc1, 0xa9, 0x97,
+    0xa2, 0x2f, 0xbe, 0x5b, 0x51, 0xb5, 0x96, 0x57, 0xfc, 0xa4, 0x17, 0xb6, 0xce, 0x87, 0x1d, 0x0f,
+    0x76, 0x05, 0x86, 0xa4, 0x3b, 0x50, 0xbf, 0x4e, 0x7c, 0x03, 0x26, 0x8b, 0xc0, 0xec, 0xb9, 0x31,
+    0x4b, 0xa3, 0x6e, 0xba, 0xc4, 0xa2, 0x55, 0xee, 0xce, 0x61, 0xe9, 0xb7, 0xfa, 0x96, 0x97, 0x41,
+    0xe4, 0x47, 0x29, 0xda, 0x72, 0xfa, 0xcc, 0xab, 0x6a, 0x3d, 0x1e, 0x77, 0x9b, 0x0b, 0xb6, 0xfc,
+    0x06, 0x45, 0xab, 0x4c, 0x03, 0xda, 0x54, 0x87, 0x8c, 0x82, 0xdc, 0x98, 0x5a, 0x0c, 0x93, 0x89,
+    0x55, 0x31, 0x2c, 0x05, 0xcb, 0x96, 0x92, 0x30, 0x37, 0xae, 0xc3, 0x0a, 0x0b, 0xaa, 0x0d, 0xa9,
+    0xae, 0xa5, 0x2b, 0xc3, 0x57, 0xc2, 0x3e, 0x9a, 0x27, 0x63, 0x6c, 0x45, 0x7a, 0x9f, 0xf8, 0xde,
+    0x1c, 0x10, 0x9a, 0x3a, 0x0e, 0xc3, 0x4a, 0xa3, 0x3c, 0xb1, 0xdf, 0x74, 0xc7, 0x38, 0xeb, 0x2e,
+    0x75, 0xc6, 0x32, 0x82, 0xdb, 0x3d, 0x95, 0xec, 0x3a, 0x42, 0x48, 0xc7, 0xed, 0xea, 0x11, 0x94,
+    0x5b, 0x39, 0x61, 0x18, 0xcc, 0x16, 0xb7, 0x80, 0x29, 0x17, 0x4d, 0x30, 0x89, 0xb6, 0x99, 0xbe,
+    0x04, 0xc7, 0x73, 0xc9, 0x02, 0x2d, 0xd9, 0xfa, 0x49, 0xfc, 0x29, 0x51, 0x6c, 0x08, 0xe2, 0x4f,
+    0x27, 0xf3, 0xd9, 0x68, 0xf2, 0xeb, 0xf4, 0x84, 0x02, 0x51, 0xcc, 0xd0, 0xa7, 0x4e, 0x56, 0xd7,
+    0x4d, 0xe6, 0xc5, 0xf6, 0xc7, 0x78, 0x01, 0x69, 0x42, 0xe3, 0x35, 0x2f, 0xa0, 0x9a, 0x04, 0xc8,
+    0x9c, 0x4a, 0xe2, 0x63, 0x4e, 0x2a, 0x56, 0x55, 0x08, 0x87, 0xb6, 0xc6, 0xd9, 0xfb, 0x9b, 0xda,
+    0x20, 0xf7, 0x1e, 0x87, 0x10, 0xab, 0x07, 0xdc, 0x0d, 0xec, 0x8b, 0xcd, 0xe6, 0x40, 0x1c, 0x3d,
+    0x53, 0x74, 0x87, 0x49, 0xc8, 0x4c, 0xc6, 0xb7, 0xbb, 0x2c, 0x1f, 0x92, 0x51, 0xa6, 0x9e, 0x20,
+    0xd0, 0xed, 0x4b, 0x36, 0x68, 0xc8, 0xf0, 0xe3, 0xc9, 0x5b, 0x18, 0x6c, 0x62, 0x63, 0x46, 0x71,
+    0x95, 0x46, 0x68, 0x91, 0xab, 0xea, 0x80, 0xbd, 0x19, 0x83, 0x7f, 0xe1, 0x1a, 0xe9, 0x45, 0x27,
+    0xf3, 0xd9, 0xe1, 0x97, 0x98, 0x0e, 0xdd, 0x9d, 0x82, 0xf6, 0xfd, 0xed, 0xa9, 0x25, 0xf2, 0xe9,
+    0x85, 0xdc, 0x67, 0x33, 0xa3, 0x5e, 0x62, 0xd3, 0xfe, 0xf5, 0xdb, 0x66, 0x69, 0xc9, 0x4b, 0xd8,
+    0x88, 0x17, 0x9e, 0x08, 0x44, 0xb3, 0x6d, 0xc1, 0xa6, 0x0d, 0x3b, 0x10, 0xc6, 0xd3, 0x77, 0x6a,
+    0xb0, 0x37, 0x69, 0x7c, 0x58, 0xf6, 0xf9, 0x44, 0xde, 0xac, 0x46, 0xf8, 0x8b, 0xa3, 0x62, 0x36,
+    0x22, 0x75, 0xc6, 0x02, 0x11, 0x5c, 0x8a, 0xa1, 0xc8, 0x92, 0x7e, 0x04, 0xd0, 0x44, 0x6d, 0xfb,
+    0x0b, 0x8e, 0x52, 0x77, 0xe4, 0x37, 0x5b, 0x95, 0xd4, 0x7a, 0x3c, 0xee, 0xf5, 0x16, 0xaf, 0x3b,
+    0x02, 0x82, 0xd8, 0x85, 0x01, 0xf7, 0x8d, 0x7d, 0xc5, 0x7e, 0xf5, 0xc9, 0x36, 0x04, 0x71, 0xc6,
+    0xc9, 0x7b, 0xce, 0x66, 0x85, 0xbc, 0xc4, 0x65, 0x3f, 0x29, 0x75, 0xcc, 0xd2, 0x51, 0x96, 0x73,
+    0xdb, 0x63, 0x19, 0x41, 0x8c, 0xff, 0xab, 0x76, 0x1d, 0x21, 0x24, 0x82, 0x97, 0x75, 0xe9, 0x4a,
+    0xb6, 0x72, 0xc2, 0x30, 0x5b, 0x2c, 0xad, 0xc3, 0x52, 0x2e, 0x9a, 0x60, 0xd1, 0xaf, 0xf1, 0xbf,
+    0x40, 0x2d, 0x3c, 0xcd, 0x20, 0x95, 0x0e, 0x7b, 0x1a, 0x1b, 0xd5, 0x59, 0x0f, 0x80, 0x38, 0x7a,
+    0x4e, 0x25, 0x71, 0xd0, 0x27, 0x15, 0x2b, 0xcb, 0x04, 0xa2, 0x5b, 0x63, 0x8d, 0x9c, 0xac, 0x6d,
+    0xd7, 0xe9, 0x8c, 0xd9, 0x8a, 0x88, 0x03, 0xbb, 0xc6, 0xe6, 0x5f, 0x71, 0x23, 0x6d, 0x0c, 0x9b,
+    0xab, 0x23, 0x34, 0xa9, 0xb4, 0x75, 0x40, 0xbf, 0xed, 0xa0, 0xde, 0x91, 0x0d, 0x95, 0xc3, 0xf2,
+    0x98, 0x8d, 0x91, 0xaa, 0x4c, 0x07, 0x8f, 0xaf, 0x41, 0x7b, 0x9f, 0x97, 0xb5, 0xf3, 0x79, 0x95,
+    0xc8, 0x3a, 0xa2, 0xc5, 0x64, 0x26, 0x63, 0xba, 0xbc, 0x16, 0xee, 0x49, 0xc9, 0x53, 0x4f, 0x10,
+    0xaf, 0xe4, 0x47, 0x60, 0xb6, 0x58, 0x99, 0x45, 0xa4, 0x5c, 0xf7, 0xc0, 0x61, 0x9d, 0x21, 0xbd,
+    0xa3, 0x6e, 0xd2, 0xf8, 0xb0, 0x2f, 0x31, 0x88, 0x7f, 0x9b, 0x8c, 0x33, 0xd5, 0x85, 0xc4, 0x6c,
+    0x44, 0xea, 0x4f, 0x04, 0x22, 0xb8, 0xd7, 0x81, 0x53, 0xe7, 0xfc, 0x08, 0x63, 0x88, 0xda, 0x35,
+    0x84, 0x9d, 0x0b, 0x90, 0x42, 0xc4, 0xc5, 0x0c, 0x7d, 0xca, 0x40, 0xe3, 0x72, 0xcb, 0x92, 0xbb,
+    0x9e, 0xc8, 0x3a, 0xe6, 0x4f, 0xdd, 0xdb, 0x28, 0xcd, 0xf9, 0x43, 0x0f, 0xef, 0xff, 0xea, 0x1c,
+    0xe2, 0x02, 0x82, 0x96, 0x71, 0x20, 0x98, 0x2c, 0xe6, 0xbf, 0xc2, 0xef, 0xc1, 0x07, 0x25, 0x75,
+    0xcd, 0xbc, 0xbd, 0xaf, 0x87, 0x91, 0x1d, 0x9f, 0x76, 0xd5, 0x5c, 0x9d, 0xbe, 0x59, 0x74, 0x3c,
+    0xfb, 0x94, 0x07, 0xc6, 0x9c, 0x54, 0xac, 0xaa, 0x10, 0xcd, 0xaf, 0x4f, 0x71, 0x35, 0xf5, 0x77,
+    0x45, 0xab, 0x23, 0xa7, 0xc3, 0x22, 0x70, 0x5e, 0xd0, 0xd8, 0x67, 0x8d, 0x78, 0x8a, 0x03, 0x56,
+    0x23, 0x34, 0xaa, 0xa1, 0xf0, 0xc6, 0x2d, 0x7e, 0x4b, 0xad, 0xe5, 0x81, 0xcb, 0x46, 0xb4, 0x98,
+    0xc6, 0x32, 0xef, 0xd8, 0x63, 0xa6, 0x46, 0x0a, 0xa2, 0xaf, 0x60, 0x73, 0x4b, 0x4f, 0xdb, 0x07,
+    0x3d, 0xa6, 0xe8, 0x1e, 0xff, 0xf2, 0xea, 0xa0, 0xb2, 0x62, 0xcf, 0x3c, 0x3a, 0x7a, 0x2e, 0x70,
+    0x17, 0x9e, 0xc8, 0x4d, 0xea, 0xf4, 0x11, 0x36, 0xe8, 0xcb, 0xe3, 0x9a, 0x32, 0x2e, 0x44, 0x15,
+    0xeb, 0x0e, 0x08, 0x64, 0x94, 0xe0, 0x4e, 0xc4, 0xf7, 0xbb, 0x0b, 0xc8, 0x02, 0x15, 0xfb, 0x88,
+    0x2e, 0xff, 0x53, 0x9a, 0x17, 0x2b, 0x22, 0x6c, 0x13, 0x55, 0x05, 0xf7, 0x64, 0x5c, 0x88, 0x2a,
+    0xcb, 0xf9, 0x16, 0xe3, 0x84, 0x4b, 0x49, 0x18, 0xfa, 0x57, 0x80, 0x05, 0xe4, 0x55, 0xe7, 0xb5,
+    0xb2, 0xb5, 0xb1, 0xf9, 0x59, 0x01, 0x74, 0x39, 0x1b, 0xd2, 0xb3, 0x31, 0xbd, 0xa7, 0x13, 0xf0,
+    0x5c, 0x3d, 0xa6, 0xf7, 0x2e, 0x56, 0x44, 0xd8, 0x26, 0xaa, 0x0a, 0x2d, 0xc8, 0xb8, 0xd3, 0x54,
+    0x4a, 0xe2, 0x02, 0x19, 0x25, 0x38, 0xf2, 0x31, 0x4d, 0x5e, 0x72, 0x32, 0xe1, 0x94, 0x4e, 0x22,
+    0x64, 0x1d, 0x51, 0x83, 0x32, 0x13, 0xd0, 0x5d, 0x5e, 0x0b, 0x77, 0xc5, 0x85, 0xc8, 0xc6, 0x08,
+    0x71, 0x01, 0x41, 0x4b, 0xd9, 0x10, 0x4c, 0x16, 0x73, 0xbe, 0x61, 0x96, 0x81, 0xe2, 0xf3, 0xdb,
+    0x35, 0xeb, 0x0e, 0x4f, 0xfb, 0xa8, 0x9b, 0x97, 0x20, 0x59, 0x9d, 0x9e, 0xe2, 0x6a, 0x29, 0xee,
+    0xc7, 0x73, 0x83, 0x7b, 0x82, 0x3c, 0xe1, 0xd5, 0x21, 0x90, 0xfb, 0xf6, 0x50, 0x4d, 0x02, 0x64,
+    0x07, 0x04, 0xc7, 0xef, 0xe2, 0x40, 0xf3, 0x58, 0x0f, 0xbd, 0x47, 0x1d, 0x41, 0x0e, 0x4a, 0xea,
+    0x59, 0xbb, 0xb9, 0x9d, 0xcd, 0xe1, 0x3a, 0xfd, 0xec, 0x69, 0xb8, 0xf9, 0xbf, 0xb2, 0xe8, 0x78,
+    0x38, 0x20, 0xf7, 0x74, 0x1c, 0x45, 0x94, 0x85, 0x78, 0xa1, 0x7d, 0xe8, 0x4d, 0x70, 0x15, 0x5c,
+    0xea, 0x4f, 0x64, 0xc7, 0x75, 0x7a, 0xe9, 0x1b, 0x74, 0x84, 0x90, 0x4d, 0x19, 0x17, 0x22, 0xeb,
+    0x37, 0x69, 0xd6, 0xca, 0xfa, 0x5f, 0x16, 0xea, 0xe5, 0x27, 0x68, 0x57, 0xd4, 0x6e, 0x58, 0x28,
+    0x63, 0x19, 0x96, 0x6c, 0xd0, 0x53, 0x23, 0x05, 0x51, 0xb6, 0x30, 0xd8, 0xc4, 0xc6, 0x8c, 0xe2,
+    0x18, 0xd7, 0xe9, 0xf3, 0x0c, 0xee, 0x93, 0x59, 0x75, 0x4d, 0xf6, 0x25, 0xab, 0x30, 0x09, 0x61,
+    0xa7, 0xa9, 0xa1, 0x31, 0xb2, 0x02, 0xe8, 0x72, 0x36, 0x67, 0xa5, 0x62, 0xb9, 0x8d, 0x26, 0x23,
+    0x58, 0xfa, 0xd5, 0x3e, 0x2c, 0x7b, 0x9d, 0x22, 0x6f, 0x56, 0x23, 0x7c, 0xa4, 0xb0, 0x31, 0x1b,
+    0x11, 0xdb, 0x63, 0x01, 0xe9, 0x2e, 0x45, 0xb1, 0x64, 0x49, 0x3f, 0x02, 0x68, 0x22, 0xd7, 0x9c,
+    0xf5, 0x9c, 0x4a, 0xdb, 0x9b, 0xd4, 0x89, 0x1a, 0x0e, 0x74, 0x21, 0x75, 0xf3, 0x29, 0x61, 0x60,
+    0xd9, 0xe1, 0xc1, 0xc4, 0x8d, 0x08, 0x26, 0x0b, 0xd8, 0x5f, 0xd1, 0x4b, 0xa1, 0x71, 0x98, 0x8c,
+    0xe9, 0x8c, 0xd0, 0xe1, 0x95, 0x17, 0xc3, 0xb9, 0x32, 0xc5, 0xfe, 0x01, 0x34, 0x11, 0x8a, 0x4e,
+    0x25, 0x71, 0x01, 0xed, 0xf3, 0x1c, 0x79, 0xf9, 0xc7, 0x2f, 0x39, 0x19, 0x91, 0x4a, 0x27, 0x11,
+    0xf8, 0x57, 0xb3, 0xe0, 0x7c, 0x39, 0x86, 0x08, 0x56, 0x8c, 0xc1, 0x03, 0x5c, 0x33, 0x5d, 0xd2,
+    0x97, 0xc4, 0xb0, 0x14, 0xaa, 0x1d, 0x0d, 0xc0, 0xdc, 0xfd, 0x8a, 0x28, 0x2c, 0xed, 0x34, 0xe1,
+    0xb1, 0x76, 0x05, 0xdf, 0xb9, 0x6c, 0x5e, 0x9b, 0x5d, 0x93, 0xdd, 0x7d, 0x90, 0xa1, 0xbb, 0x55,
+    0x19, 0x96, 0x85, 0x50, 0xed, 0x74, 0x34, 0x86, 0xf6, 0x72, 0x6d, 0xa0, 0xb0, 0x32, 0xd0, 0x02,
+    0x0f, 0x49, 0x21, 0xbe, 0xe6, 0x1a, 0x82, 0x6f, 0x9d, 0x86, 0x15, 0xbf, 0x99, 0x1e, 0x4d, 0x74,
+    0x89, 0x56, 0xf2, 0xab, 0xa5, 0x29, 0xca, 0x1e, 0x25, 0x32, 0xa0, 0x95, 0xdd, 0xd1, 0xae, 0x09,
+    0xdc, 0x67, 0xde, 0xae, 0x6e, 0xbf, 0x58, 0x2e, 0x12, 0x9c, 0x63, 0x9f, 0xd6, 0x7b, 0xa3, 0xa0,
+    0x08, 0x4d, 0xe6, 0x51, 0x04, 0x5a, 0x71, 0x37, 0x92, 0x3b, 0x52, 0xa2, 0xd8, 0x10, 0x07, 0x9e,
+    0xf1, 0x5b, 0x39, 0x12, 0x99, 0xf9, 0x50, 0xe0, 0x47, 0x88, 0x08, 0x24, 0x9f, 0x21, 0x83, 0x2f,
+    0xa8, 0xe0, 0x80, 0x8f, 0x54, 0x18, 0x6a, 0x1d, 0xab, 0xe1, 0xb0, 0xdd, 0x20, 0x93, 0x6b, 0x57,
+    0x0e, 0x08, 0x4d, 0x1d, 0x07, 0x80, 0x25, 0xb0, 0x1e, 0xb9, 0x8e, 0x3a, 0x82, 0x1c, 0x94, 0x17,
+    0x6f, 0x93, 0x03, 0xf4, 0xd6, 0x24, 0x8b, 0xc8, 0x8a, 0x71, 0x4b, 0x2b, 0x70, 0xde, 0x69, 0x33,
+    0x7d, 0x8b, 0xd4, 0xd3, 0xdf, 0x67, 0xe4, 0xdb, 0xa8, 0x79, 0x1a, 0x65, 0x35, 0xfa, 0x16, 0x0a,
+    0xd4, 0x2a, 0x38, 0xff, 0x6a, 0xe5, 0x29, 0x19, 0x80, 0xa7, 0x31, 0x3d, 0x0e, 0x6b, 0xa4, 0x3e,
+    0xbd, 0xfc, 0x90, 0x47, 0xbf, 0x1b, 0xf6, 0x56, 0x86, 0x54, 0xa6, 0x8e, 0x24, 0xb9, 0x5e, 0x84,
+    0x86, 0x1f, 0xd3, 0x15, 0x43, 0x33, 0x48, 0x71, 0xb8, 0xb4, 0xb5, 0x2a, 0x44, 0xcf, 0xe3, 0x7d,
+    0xec, 0x0a, 0xcf, 0x8b, 0x76, 0xa0, 0xbd, 0x9c, 0xf8, 0x06, 0x4c, 0xd5, 0x43, 0x1b, 0xb1, 0x62,
+    0x32, 0xef, 0xc9, 0xa0, 0x19, 0xe8, 0x68, 0xcf, 0x2f, 0xe4, 0xda, 0x83, 0xa3, 0x64, 0x63, 0x04,
+    0x7e, 0x48, 0x60, 0xf5, 0x3f, 0x0a, 0xce, 0x79, 0xee, 0x38, 0x74, 0x29, 0x18, 0xfc, 0xbe, 0xaf,
+    0xed, 0x4b, 0xa3, 0x28, 0x97, 0x3a, 0x1a, 0x43, 0x7b, 0x39, 0xd7, 0x50, 0x58, 0x19, 0x68, 0x01,
+    0x6e, 0xd2, 0x6f, 0x57, 0x37, 0xbe, 0x2c, 0x17, 0x09, 0x4e, 0xd0, 0xae, 0x6b, 0xdc, 0xb0, 0x50,
+    0xc3, 0xb4, 0xf0, 0xb2, 0x80, 0x11, 0x38, 0x2f, 0x68, 0x6c, 0xd2, 0xa7, 0x3c, 0x45, 0xe0, 0x2b,
+    0x21, 0xb6, 0x72, 0x24, 0xf1, 0x31, 0xa0, 0x03, 0x8e, 0xd3, 0x10, 0x48, 0xfd, 0x42, 0xc5, 0x5e,
+    0x62, 0x58, 0xfa, 0xcf, 0x31, 0xc9, 0x84, 0xda, 0xd2, 0x89, 0xab, 0x5d, 0xdf, 0xc4, 0x55, 0x81,
+    0xce, 0x7f, 0x09, 0x89, 0x67, 0xfc, 0x37, 0x3d, 0x30, 0x94, 0x32, 0xd1, 0x93, 0x5f, 0xdc, 0x99,
+    0x93, 0x03, 0xc3, 0xdd, 0xa8, 0x30, 0xd4, 0x3a, 0x95, 0x01, 0xa3, 0x79, 0x40, 0xe5, 0xd6, 0xae,
+    0x4c, 0xa7, 0xa9, 0x55, 0x26, 0xe2, 0xa6, 0xb6, 0xc1, 0xdc, 0xae, 0xaa, 0xbb, 0x98, 0xdd, 0xab,
+    0xde, 0xe5, 0x06, 0x2b, 0x6f, 0x48, 0xd5, 0x53, 0xd7, 0xe2, 0x96, 0x56, 0xe0, 0x7f, 0xd2, 0x66,
+    0x3f, 0x24, 0x30, 0x9b, 0xfe, 0x05, 0x67, 0xdd, 0x77, 0x1c, 0x3a, 0xf5, 0x0c, 0x7e, 0x5f, 0xb6,
+    0x43, 0xee, 0x88, 0xeb, 0xc0, 0xf8, 0x24, 0xd9, 0x5c, 0x5a, 0xbb, 0x15, 0x22, 0x86, 0x90, 0xdf,
+    0x73, 0x83, 0x99, 0xce, 0xd8, 0xe7, 0xc1, 0x6b, 0xb6, 0xc0, 0x94, 0x5f, 0xb7, 0xe6, 0x82, 0x1d,
+    0xad, 0x66, 0x9f, 0xe5, 0xb7, 0xaf, 0x14, 0x38, 0x61, 0x22, 0x02, 0x09, 0x57, 0x99, 0x50, 0x7b,
+    0xf0, 0x1a, 0x55, 0xb1, 0x78, 0x63, 0xf7, 0x3f, 0xc4, 0xb7, 0x93, 0xa1, 0x84, 0x23, 0x5a, 0x4c,
+    0x47, 0x29, 0xfb, 0x22, 0xc2, 0xd5, 0xfd, 0x23, 0x15, 0xa6, 0x92, 0x44, 0x4e, 0x8e, 0x72, 0x90,
+    0x3c, 0xe7, 0x84, 0xbd, 0x1e, 0x68, 0x4d, 0x7f, 0x31, 0x5d, 0x54, 0xb9, 0x21, 0x78, 0xf7, 0x13,
+    0x61, 0x9b, 0x4e, 0xe9, 0xd1, 0xa4, 0xae, 0x78, 0x94, 0xc8, 0xc5, 0x11, 0xf2, 0xc2, 0xfd, 0x24,
+    0x56, 0xf2, 0x98, 0x23, 0x2b, 0xfb, 0xb8, 0x92, 0x71, 0xef, 0xad, 0x46, 0x26, 0xac, 0xa5, 0x0c,
+    0x29, 0xfb, 0x94, 0x75, 0xf5, 0x6b, 0xd1, 0x34, 0x1c, 0xe8, 0x42, 0xea, 0x25, 0x52, 0xc2, 0xc0,
+    0x7b, 0xce, 0x7f, 0x9f, 0xdc, 0xbd, 0xb0, 0x5c, 0x24, 0xfb, 0xc6, 0xfd, 0x6f, 0xf6, 0x85, 0x83,
+    0x10, 0x9a, 0x0f, 0xa2, 0x08, 0xb4, 0xe2, 0x6e, 0xe7, 0x76, 0xa4, 0x87, 0x73, 0x20, 0x0e, 0xff,
+    0xff, 0x53, 0x74, 0x0f, 0x9e, 0x79, 0x75, 0x50, 0x59, 0x31, 0x86, 0x1e, 0x1d, 0x3d, 0x17, 0x38,
+    0x5d, 0x7c, 0xca, 0x54, 0xcf, 0xcc, 0xe3, 0x07, 0xa5, 0x95, 0x91, 0xa8, 0xd3, 0xba, 0x0a, 0x37,
+    0x31, 0x2c, 0x7d, 0x86, 0xf9, 0x85, 0x42, 0x6d, 0x69, 0xa5, 0xb4, 0xcf, 0x8e, 0x62, 0xcb, 0xa1,
+    0xb7, 0x33, 0xae, 0x93, 0xba, 0xb6, 0x0a, 0x1c, 0xd1, 0x11, 0x01, 0xe5, 0xca, 0xad, 0x28, 0xdc,
+    0xb3, 0xf4, 0xdd, 0x5a, 0xb8, 0x9b, 0xd3, 0xe6, 0x98, 0xed, 0x28, 0xb4, 0xa6, 0xa5, 0xca, 0x93,
+    0x6b, 0x54, 0x70, 0x3d, 0xd4, 0x09, 0x52, 0x32, 0xc3, 0x8d, 0x62, 0x7a, 0x1c, 0xd6, 0x8b, 0x7c,
+    0xc0, 0x77, 0x44, 0x94, 0x60, 0x7c, 0x12, 0x8d, 0x2e, 0x2d, 0xbc, 0xeb, 0x11, 0x43, 0x48, 0x8e,
+    0x7f, 0x09, 0x0c, 0x56, 0xde, 0x90, 0x69, 0xa6, 0x6d, 0x07, 0xef, 0xac, 0x03, 0xfe, 0x67, 0xcc,
+    0x1e, 0x92, 0x42, 0xbf, 0x0f, 0x34, 0xc7, 0xde, 0xf9, 0xcf, 0x2a, 0xbd, 0xf1, 0x3c, 0x9a, 0xe8,
+    0xd1, 0xac, 0x27, 0x95, 0x89, 0x52, 0x57, 0x3c, 0x4a, 0x64, 0x83, 0xe9, 0x79, 0x61, 0x9f, 0x12,
+    0x78, 0x0d, 0xcb, 0xb9, 0x3c, 0xd0, 0x9a, 0xfe, 0x62, 0xba, 0xa8, 0xb1, 0x42, 0xf0, 0x2d, 0x26,
+    0xc2, 0xf5, 0x9c, 0x11, 0x61, 0x8b, 0x9f, 0xf0, 0xeb, 0x53, 0x49, 0x22, 0x27, 0x47, 0x39, 0x48,
+    0xbb, 0xb9, 0x3b, 0x0b, 0xbc, 0xc1, 0xa2, 0xd1, 0x0a, 0xd6, 0x7a, 0x16, 0x7e, 0xb5, 0xcd, 0x0d,
+    0x6d, 0x11, 0xdb, 0x71, 0xd7, 0xd3, 0x06, 0xb5, 0x4f, 0x0f, 0xbe, 0xe2, 0x46, 0xda, 0x18, 0xf5,
+    0xe1, 0xc1, 0x36, 0xb0, 0x91, 0x4d, 0xb2, 0x8e, 0xa0, 0xfe, 0xac, 0xa3, 0xec, 0x01, 0x8d, 0xd0,
+    0x1f, 0xd3, 0x2e, 0x1c, 0xee, 0xae, 0x60, 0x01, 0x7a, 0xf0, 0xb1, 0x38, 0xea, 0x3e, 0x43, 0x8b,
+    0x82, 0xd8, 0xa0, 0xdc, 0x41, 0x1e, 0x91, 0x8b, 0xf1, 0x48, 0x9c, 0x7b, 0x28, 0xc7, 0x01, 0x32,
+    0xba, 0xf8, 0x57, 0xa8, 0x5d, 0x5b, 0x05, 0x0e, 0x89, 0xe9, 0xe1, 0x93, 0x65, 0xb7, 0x14, 0x6e,
+    0x8c, 0xd0, 0xed, 0xc1, 0x46, 0x9e, 0xb4, 0x3b, 0xef, 0xf1, 0x12, 0x41, 0xaa, 0xdb, 0x95, 0x25,
+    0xcf, 0x3e, 0x65, 0x2a, 0x86, 0x66, 0x90, 0xe2, 0xb3, 0xab, 0xa9, 0x54, 0x88, 0x5d, 0x05, 0xfa,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0xfe, 0x12, 0x18, 0xac, 0x7f, 0xe3, 0xd2, 0x8f, 0xda, 0x0e, 0x1d, 0x9b, 0x06, 0x3f, 0xce, 0x5b,
+    0x42, 0xaf, 0xe4, 0x48, 0x21, 0x62, 0x83, 0x06, 0xdf, 0x65, 0x20, 0x90, 0x39, 0x84, 0x49, 0xbc,
+    0xd6, 0xa8, 0xe0, 0x7a, 0x6b, 0x12, 0xa4, 0x64, 0x45, 0xd9, 0xc4, 0xf4, 0x38, 0x6f, 0xd5, 0xf8,
+  },
+  { /* 11 */
+    0xd8, 0x59, 0xe0, 0xf8, 0xd2, 0x2a, 0xca, 0x1c, 0x17, 0x58, 0x25, 0x47, 0x72, 0xa8, 0x1d, 0x31,
+    0x69, 0xb6, 0x74, 0x38, 0x5c, 0x64, 0x10, 0xef, 0x82, 0xee, 0xaa, 0xe9, 0x8a, 0x53, 0xb7, 0xc0,
+    0xc0, 0xd2, 0x41, 0xdb, 0x4a, 0x91, 0xd0, 0xa1, 0x55, 0xac, 0x5e, 0x8f, 0x3d, 0x01, 0xdf, 0x89,
+    0xba, 0xbf, 0xf7, 0x5c, 0x54, 0x08, 0xff, 0xc7, 0x32, 0xa4, 0x91, 0x4e, 0xac, 0x20, 0xdc, 0x8e,
+    0x16, 0xa0, 0xc6, 0xfb, 0x77, 0x8c, 0x4a, 0x68, 0x8d, 0x24, 0x3c, 0x03, 0xa8, 0x75, 0xec, 0xfe,
+    0x87, 0x68, 0xac, 0xfe, 0x5b, 0xa5, 0x09, 0xf4, 0xe0, 0xa0, 0x17, 0xcf, 0x05, 0xd1, 0x3c, 0x6c,
+    0x58, 0xc5, 0x9e, 0x6a, 0x1f, 0x75, 0xeb, 0x63, 0x71, 0x90, 0xf0, 0x0c, 0xe5, 0x17, 0x36, 0x7e,
+    0x59, 0x63, 0xf5, 0x7e, 0xaf, 0xd1, 0x24, 0x56, 0x06, 0xc5, 0x5c, 0xba, 0x14, 0xc2, 0xf0, 0x73,
+    0xc4, 0x0f, 0x2e, 0x8b, 0xcf, 0x44, 0x6a, 0x75, 0x4a, 0x3b, 0xab, 0x12, 0x7f, 0xd3, 0x41, 0xbd,
+    0x6a, 0x9f, 0xc9, 0x04, 0x4f, 0x4b, 0x82, 0xb0, 0x1b, 0x11, 0x9d, 0xf0, 0x5a, 0xef, 0x3e, 0xd7,
+    0x05, 0x7b, 0x04, 0x44, 0x35, 0x71, 0x75, 0xe1, 0x68, 0xc2, 0x59, 0x2b, 0xb3, 0x07, 0x58, 0x39,
+    0x9a, 0x98, 0x09, 0x99, 0xf6, 0x6f, 0x66, 0xa8, 0xca, 0x96, 0x35, 0x2c, 0xf9, 0x7f, 0xa6, 0xed,
+    0x06, 0x52, 0xb9, 0x78, 0x26, 0x5e, 0xe7, 0xbe, 0xf1, 0x3d, 0x6e, 0x32, 0x63, 0xbb, 0xd1, 0x2e,
+    0xa6, 0xe9, 0x39, 0x2f, 0x49, 0x66, 0x5f, 0xae, 0x6f, 0xc7, 0x1f, 0x1b, 0xa1, 0x5b, 0x80, 0x02,
+    0x0d, 0x02, 0xda, 0xe4, 0xfc, 0x18, 0xc2, 0x8a, 0x56, 0x2f, 0x70, 0xd2, 0x37, 0x60, 0xa7, 0x51,
+    0xd1, 0x86, 0x55, 0x4c, 0xab, 0xe7, 0xb2, 0x42, 0x5e, 0xe0, 0xa0, 0x08, 0x07, 0x1a, 0x24, 0x54,
+    0x43, 0x67, 0x82, 0x75, 0x94, 0xe1, 0x63, 0x81, 0xaa, 0x9b, 0xbc, 0xdd, 0x7a, 0x02, 0x7d, 0xd1,
+    0x85, 0xe7, 0x7a, 0xd6, 0xf8, 0x2e, 0x54, 0x9e, 0x0e, 0x0a, 0x8c, 0x60, 0x24, 0xb8, 0x73, 0x76,
+    0x41, 0xe8, 0x54, 0x5d, 0x37, 0x6a, 0x3e, 0xeb, 0x44, 0x31, 0x27, 0x72, 0x5b, 0x6b, 0x32, 0xcb,
+    0xd2, 0xaf, 0xe8, 0x70, 0xb8, 0xc8, 0x20, 0x1d, 0xc7, 0x1f, 0x97, 0x11, 0xd7, 0xa6, 0xad, 0x43,
+    0x2c, 0x83, 0x4f, 0x35, 0xee, 0xdb, 0x94, 0xd0, 0xd9, 0x48, 0x78, 0x06, 0x93, 0xea, 0x1b, 0x3f,
+    0xcd, 0xd0, 0x9b, 0x3f, 0xb6, 0x89, 0x12, 0x2b, 0x03, 0x83, 0x2e, 0x5d, 0x0a, 0x61, 0x78, 0xd8,
+    0x0b, 0x50, 0x63, 0x9c, 0xda, 0x46, 0x25, 0x34, 0xa7, 0x12, 0x1e, 0xe0, 0x54, 0xdb, 0x76, 0x7f,
+    0xa2, 0x34, 0x56, 0x7f, 0xcc, 0xb3, 0xe5, 0x7a, 0x70, 0x50, 0xea, 0x86, 0xe3, 0x89, 0x1e, 0x36,
+    0x38, 0xac, 0x5f, 0xe6, 0x3a, 0xdc, 0x83, 0xd2, 0xba, 0xc6, 0xdf, 0xaa, 0x1a, 0xf6, 0xb8, 0xdb,
+    0xf7, 0xf3, 0x12, 0xf1, 0x2f, 0xde, 0xcc, 0x93, 0x57, 0xef, 0x6a, 0x58, 0x31, 0xfe, 0x8f, 0x19,
+    0x4b, 0x1e, 0x5c, 0xd5, 0x5d, 0x88, 0xd4, 0xea, 0x94, 0x76, 0x95, 0x24, 0xfe, 0x65, 0x82, 0xb9,
+    0xe6, 0xa7, 0x06, 0x66, 0xce, 0xa8, 0xae, 0x70, 0x5c, 0xa3, 0x94, 0xdf, 0x0b, 0xe5, 0x74, 0xc4,
+    0xe7, 0x01, 0x6d, 0x72, 0x7e, 0x0c, 0x61, 0x45, 0x2b, 0xf6, 0x38, 0x69, 0xfa, 0x30, 0xb2, 0xc9,
+    0x90, 0x6e, 0x01, 0x11, 0x9c, 0x8d, 0x8c, 0xa9, 0x1a, 0xd1, 0x87, 0x7a, 0x5c, 0x71, 0x16, 0x9f,
+    0x1a, 0x04, 0x77, 0x0b, 0x3b, 0x30, 0x47, 0xd7, 0xac, 0x5e, 0xe0, 0x67, 0x6e, 0xc0, 0x8d, 0xa2,
+    0x53, 0x95, 0xfd, 0xf6, 0xc5, 0x33, 0xce, 0x57, 0xd6, 0x82, 0xee, 0xec, 0xb1, 0xcc, 0x40, 0x01,
+    0xa3, 0x92, 0x3d, 0x6b, 0x7c, 0x17, 0x2a, 0x4f, 0x07, 0x05, 0x46, 0x30, 0x12, 0x5c, 0xd8, 0x3b,
+    0xf1, 0xa1, 0xab, 0x89, 0x09, 0x80, 0x2b, 0x2d, 0xa6, 0xd2, 0x04, 0x6a, 0x52, 0x45, 0x5e, 0x37,
+    0xfd, 0x05, 0x1a, 0x79, 0x45, 0x3c, 0x26, 0x92, 0x87, 0xa8, 0xd8, 0x0e, 0x94, 0xf0, 0x3f, 0x6b,
+    0x51, 0x1a, 0x2b, 0xde, 0x66, 0xb8, 0x93, 0x3d, 0x38, 0x28, 0x75, 0x43, 0x90, 0xa5, 0x0f, 0x1b,
+    0x29, 0xf8, 0x4b, 0x71, 0xdb, 0xaa, 0xe1, 0x31, 0xb1, 0x8a, 0x21, 0x2d, 0x20, 0xed, 0x43, 0x06,
+    0x3b, 0x85, 0xe2, 0xda, 0x29, 0xf3, 0x11, 0x8d, 0x23, 0x39, 0xe8, 0xb3, 0xca, 0x4a, 0x31, 0xcc,
+    0x82, 0x13, 0xa8, 0xba, 0x6e, 0xd4, 0x7c, 0x15, 0x88, 0x62, 0x4e, 0xe4, 0xb6, 0xd6, 0x64, 0x55,
+    0x67, 0x9d, 0x13, 0xe0, 0xb3, 0x53, 0x40, 0x3a, 0x4d, 0x3e, 0xed, 0x22, 0x6d, 0x8f, 0x99, 0x86,
+    0x8b, 0xcc, 0x1d, 0x0e, 0x17, 0x19, 0x04, 0x4b, 0xc1, 0xda, 0xcb, 0xab, 0xc3, 0x64, 0x5d, 0x30,
+    0x48, 0x37, 0xe1, 0xe9, 0x4e, 0xa7, 0x46, 0xb5, 0x0d, 0x89, 0xa2, 0x3d, 0x2e, 0xd9, 0x0b, 0xae,
+    0x2a, 0xd1, 0xf6, 0x4d, 0xc8, 0x85, 0x73, 0x6e, 0x28, 0x75, 0x16, 0x34, 0xf0, 0x51, 0xca, 0x11,
+    0xef, 0x78, 0xb3, 0xd2, 0xb7, 0x65, 0xd6, 0x2e, 0x15, 0x1b, 0x11, 0x90, 0x7e, 0x57, 0x4d, 0xa1,
+    0x70, 0x9b, 0xbe, 0x0f, 0x74, 0x7b, 0xc5, 0x67, 0xb7, 0x4f, 0x7d, 0x97, 0x34, 0x2f, 0xb3, 0x75,
+    0x2d, 0x25, 0x24, 0x21, 0x5e, 0x7f, 0x5b, 0xe5, 0xae, 0x1d, 0xd4, 0xb0, 0x62, 0x3f, 0xdd, 0x32,
+    0x31, 0x73, 0xea, 0x52, 0x43, 0x11, 0xfb, 0x8c, 0xf3, 0x7e, 0x5a, 0xe5, 0x6f, 0x44, 0x81, 0xbe,
+    0xe2, 0x7a, 0x69, 0x36, 0x4b, 0x7d, 0x14, 0xa4, 0x43, 0x34, 0x61, 0x42, 0x49, 0x37, 0xea, 0xf0,
+    0x86, 0xce, 0xc7, 0xea, 0xeb, 0x01, 0xc6, 0xc1, 0x97, 0xf5, 0xbb, 0x79, 0xf4, 0x04, 0xfa, 0x61,
+    0xc9, 0x0d, 0xf4, 0x6f, 0x33, 0x5c, 0xa8, 0xff, 0x1c, 0x14, 0xdb, 0xc0, 0x48, 0xb3, 0xe6, 0xec,
+    0xb0, 0x49, 0xff, 0xd4, 0x3e, 0xea, 0x15, 0xc6, 0xe2, 0xe3, 0x23, 0x18, 0x09, 0x2e, 0x6c, 0xfc,
+    0x80, 0x9c, 0x7e, 0x92, 0xcd, 0x5f, 0x21, 0x7f, 0x66, 0xc8, 0xd5, 0x4b, 0x97, 0xbf, 0x2b, 0x4f,
+    0xf5, 0x7c, 0xc4, 0xd9, 0x8c, 0x55, 0x91, 0xf9, 0xb9, 0x45, 0xf1, 0xf7, 0x10, 0x97, 0xc0, 0x03,
+    0xfc, 0xa3, 0x71, 0x6d, 0xf5, 0x98, 0xe9, 0xa7, 0xf0, 0xfd, 0x74, 0xb8, 0x65, 0x25, 0xf9, 0x66,
+    0x60, 0x69, 0xc1, 0x8c, 0x25, 0xa9, 0x68, 0xb1, 0xcb, 0x56, 0x2f, 0xa6, 0xff, 0xe1, 0x8e, 0xa5,
+    0x44, 0x93, 0x50, 0x19, 0x02, 0x1b, 0x4b, 0x0a, 0x2c, 0xf3, 0x7e, 0x59, 0xe8, 0x6c, 0x6a, 0xf2,
+    0x0c, 0xa4, 0xb1, 0xf0, 0x4c, 0xbc, 0x0d, 0xbf, 0x21, 0x7a, 0xdc, 0x64, 0xc6, 0xb5, 0x61, 0x5c,
+    0x8f, 0x11, 0x72, 0x5e, 0x92, 0xcc, 0xbe, 0x9f, 0xde, 0x4d, 0x3e, 0x36, 0x81, 0xb6, 0xc3, 0x04,
+    0xa4, 0x66, 0xef, 0x07, 0xea, 0xed, 0x02, 0xc4, 0x81, 0x6d, 0x84, 0xb4, 0x80, 0x32, 0xcf, 0x18,
+    0x3d, 0xd7, 0x5b, 0xa2, 0x0f, 0xad, 0xf6, 0x33, 0xd2, 0x04, 0x86, 0x81, 0xa9, 0xf1, 0xe0, 0xe2,
+    0x62, 0xe6, 0x17, 0xa4, 0x86, 0x22, 0x35, 0xdb, 0x25, 0xfc, 0xb4, 0x09, 0xde, 0x88, 0xc1, 0xbf,
+    0x35, 0xae, 0x85, 0x02, 0xc6, 0xc4, 0x41, 0x58, 0xec, 0xe9, 0xaf, 0x78, 0x2d, 0x96, 0x1f, 0x8a,
+    0xe0, 0xf5, 0xbf, 0x1e, 0xe8, 0xf6, 0x49, 0xce, 0xad, 0x9e, 0xfa, 0xed, 0x68, 0x5e, 0xa5, 0xea,
+    0x68, 0x10, 0x1f, 0x2c, 0xec, 0xc0, 0xdf, 0xda, 0xf5, 0xbb, 0x06, 0x5f, 0x7b, 0x86, 0x71, 0xcd,
+    0xdc, 0x84, 0x8f, 0xa8, 0x57, 0xff, 0x70, 0xc8, 0x08, 0xcf, 0xd0, 0xda, 0x30, 0x7a, 0x83, 0x05,
+    0x40, 0x4e, 0x3f, 0x49, 0x87, 0xce, 0xf1, 0xde, 0x33, 0x64, 0x8b, 0xc4, 0xaa, 0xbe, 0xf4, 0xc6,
+    0xa0, 0xbb, 0x80, 0x57, 0x6f, 0x38, 0xb8, 0x10, 0x9e, 0xfa, 0x71, 0x29, 0xc2, 0xe0, 0x51, 0x2c,
+    0xa7, 0x4f, 0x52, 0x3b, 0xf9, 0xc2, 0x90, 0x9b, 0x18, 0x92, 0xb3, 0xad, 0x50, 0x8e, 0x46, 0x0f,
+    0x9f, 0xe3, 0x0d, 0xdd, 0xc3, 0x1e, 0x13, 0x49, 0xa2, 0x54, 0x6c, 0x07, 0x4a, 0x78, 0xfe, 0xd4,
+    0x2b, 0x77, 0x9d, 0x59, 0x78, 0x21, 0xbc, 0x5b, 0x5f, 0x20, 0xba, 0x82, 0x01, 0x84, 0x0c, 0x1c,
+    0xae, 0x90, 0xe7, 0x8f, 0x80, 0x0f, 0xe8, 0xc5, 0x51, 0x2a, 0x36, 0xe2, 0x25, 0x3c, 0x7f, 0x6a,
+    0x10, 0xf2, 0x7f, 0x83, 0x51, 0xd2, 0xad, 0xd6, 0x7c, 0x19, 0x52, 0x31, 0xcb, 0xce, 0x3d, 0xd0,
+    0xfe, 0x2c, 0xa7, 0x45, 0x56, 0x13, 0xb4, 0xcd, 0x1e, 0x57, 0xef, 0x17, 0x44, 0x4c, 0xb6, 0x7c,
+    0xa1, 0x1d, 0xeb, 0x43, 0xdf, 0x9c, 0x77, 0x25, 0xe9, 0xaf, 0xdd, 0x9f, 0x33, 0x35, 0x97, 0x21,
+    0xc7, 0x26, 0x93, 0xb7, 0xdc, 0x6b, 0xf8, 0x2a, 0xd3, 0xc4, 0x9c, 0x0b, 0xaf, 0x6f, 0xc8, 0xaa,
+    0x4d, 0x4c, 0xe5, 0xad, 0x7b, 0xd6, 0x33, 0x54, 0x65, 0x4b, 0xfb, 0x16, 0x9d, 0xde, 0x53, 0x97,
+    0xaa, 0x4d, 0x88, 0xdf, 0x05, 0xda, 0x52, 0x11, 0x4e, 0xbd, 0xc3, 0x7f, 0x67, 0xee, 0xe1, 0x5e,
+    0xd4, 0xfd, 0x51, 0x08, 0x9e, 0x96, 0xc7, 0xa3, 0x36, 0x22, 0xf9, 0x23, 0xb4, 0x1d, 0x7c, 0x6d,
+    0x42, 0xc1, 0xe9, 0x61, 0x24, 0x45, 0xac, 0xb4, 0xdd, 0xce, 0x10, 0x6b, 0x8b, 0xd7, 0xbb, 0xdc,
+    0x2e, 0x0c, 0x99, 0x1d, 0x4d, 0x50, 0xc9, 0xba, 0x37, 0xe2, 0xe3, 0xa9, 0xb2, 0x83, 0x54, 0x25,
+    0x49, 0x91, 0x8a, 0xfd, 0xfe, 0x03, 0x89, 0x80, 0x7a, 0xdc, 0x0e, 0x8b, 0xdf, 0x0c, 0xcd, 0xa3,
+    0xb2, 0xc6, 0x29, 0xfc, 0x9d, 0x61, 0x48, 0xac, 0x0c, 0x49, 0xb8, 0xb7, 0x28, 0x47, 0x23, 0xe6,
+    0x77, 0x6f, 0x6c, 0x63, 0xe2, 0x81, 0xed, 0xec, 0x31, 0x27, 0xbf, 0x13, 0xa6, 0x41, 0xa4, 0x56,
+    0x39, 0x0a, 0x34, 0xf2, 0x8a, 0x78, 0x4c, 0xe7, 0xcd, 0x93, 0x73, 0x1c, 0xeb, 0x23, 0x7e, 0xd6,
+    0xad, 0xb9, 0x5a, 0xb3, 0x93, 0x20, 0x7a, 0x9a, 0xc8, 0xd5, 0x01, 0xfb, 0xf5, 0x80, 0xf6, 0x7d,
+    0x20, 0x27, 0xfe, 0xc5, 0xa2, 0x67, 0x99, 0x6f, 0xf8, 0x32, 0xa4, 0x62, 0x55, 0x5f, 0x7a, 0x63,
+    0xcf, 0x5f, 0x4d, 0x17, 0x15, 0x02, 0x4f, 0x41, 0xed, 0x29, 0xb5, 0xf2, 0x2b, 0x08, 0x37, 0xc2,
+    0x64, 0xb4, 0xae, 0xdc, 0xa0, 0x7c, 0xd2, 0x65, 0xd4, 0xc1, 0xda, 0x3b, 0xbd, 0x33, 0x10, 0x91,
+    0x9b, 0x3e, 0x62, 0x8d, 0x46, 0xcb, 0xa9, 0x9d, 0xbd, 0xc3, 0x99, 0x9a, 0x08, 0xaa, 0x60, 0xe0,
+    0xde, 0x0b, 0x59, 0x80, 0xf4, 0x74, 0x2d, 0xa2, 0xe6, 0x65, 0x4b, 0x75, 0x11, 0x13, 0xcc, 0x1f,
+    0x7f, 0x16, 0xb2, 0xc3, 0x2b, 0xe8, 0x5a, 0x87, 0x0f, 0xca, 0x96, 0xea, 0x22, 0x26, 0x5b, 0x3e,
+    0xa8, 0xc2, 0x5e, 0xf7, 0xa6, 0x51, 0x0f, 0x7b, 0xa0, 0x17, 0x58, 0xd0, 0x46, 0x87, 0xae, 0x44,
+    0xb6, 0x1b, 0x46, 0xac, 0x18, 0xb4, 0xf2, 0x78, 0x13, 0xde, 0x4d, 0x2a, 0x6a, 0x95, 0xbd, 0xd2,
+    0x5c, 0x18, 0xf1, 0x3a, 0x9a, 0xa0, 0x51, 0xb7, 0x6e, 0x07, 0x05, 0x91, 0xa7, 0xc5, 0xa8, 0x4a,
+    0xa5, 0xc0, 0x84, 0x13, 0x5a, 0x49, 0xcd, 0xf1, 0xf6, 0x38, 0x28, 0x02, 0x71, 0xe7, 0x09, 0x15,
+    0x6b, 0x39, 0xa2, 0x10, 0xff, 0xef, 0x4d, 0x85, 0x6c, 0x44, 0x31, 0x46, 0xab, 0x3a, 0xf8, 0xda,
+    0xd3, 0x09, 0x83, 0x64, 0x08, 0x6c, 0xef, 0x28, 0xb0, 0x4a, 0x3b, 0xa7, 0x26, 0x73, 0x6b, 0x4e,
+    0xf0, 0x07, 0xc0, 0x9d, 0xb9, 0x24, 0xe4, 0x18, 0xd1, 0x87, 0xa8, 0xdc, 0xa3, 0x90, 0x98, 0x3a,
+    0x5d, 0xbe, 0x9a, 0x2e, 0x2a, 0x04, 0x9e, 0x82, 0x19, 0x52, 0xa9, 0x27, 0x56, 0x10, 0x6e, 0x47,
+    0xc8, 0xab, 0x9f, 0x7b, 0x83, 0xf8, 0x67, 0xca, 0x6b, 0x41, 0x77, 0x76, 0xb9, 0x66, 0x20, 0xe1,
+    0xc5, 0xa9, 0x45, 0x9f, 0x7f, 0xe0, 0xa5, 0x40, 0x3d, 0x6e, 0x07, 0xa4, 0x8e, 0x06, 0x87, 0xb0,
+    0xbd, 0x4b, 0x25, 0x30, 0xc2, 0xf2, 0xd7, 0x4c, 0xb4, 0xcc, 0x53, 0xca, 0x3e, 0x4e, 0xcb, 0xad,
+    0xc3, 0xfb, 0xfc, 0xe7, 0x59, 0xbe, 0x42, 0xfe, 0xcc, 0x53, 0x69, 0x96, 0xed, 0xbd, 0x56, 0x9e,
+    0xe4, 0x28, 0xd0, 0x4e, 0x6d, 0x23, 0xf3, 0x1a, 0xb2, 0x09, 0x0f, 0x70, 0x2a, 0x8c, 0x3b, 0xde,
+    0xaf, 0x36, 0x8c, 0x9b, 0x30, 0xab, 0x27, 0xf0, 0x26, 0x7f, 0x9a, 0x54, 0xd4, 0xe9, 0xb9, 0x67,
+    0xb8, 0x30, 0x21, 0x74, 0xf7, 0x83, 0xa2, 0xad, 0xdc, 0x0e, 0x0a, 0xe1, 0x8d, 0x49, 0x93, 0x94,
+    0xcb, 0x82, 0x22, 0x47, 0x90, 0xd7, 0xf5, 0x95, 0xf2, 0xbe, 0x40, 0x6f, 0x69, 0xda, 0xa9, 0xf6,
+    0xc1, 0x74, 0x2a, 0xcf, 0xfa, 0x35, 0x1f, 0x94, 0x22, 0xf9, 0xf2, 0x39, 0xcc, 0xd4, 0x19, 0x84,
+    0xb5, 0x32, 0xfb, 0x90, 0x0b, 0x9b, 0x60, 0x27, 0x8a, 0x21, 0x7a, 0x33, 0xba, 0x29, 0x34, 0xc5,
+    0x6f, 0xe4, 0xcd, 0x40, 0x7a, 0x3a, 0xf7, 0x51, 0x73, 0xd3, 0xc4, 0xdb, 0xe9, 0xe8, 0x66, 0xee,
+    0x4c, 0xea, 0x8e, 0xb9, 0xcb, 0x72, 0xfc, 0x61, 0x12, 0x1e, 0x57, 0xa0, 0x6c, 0x0b, 0x95, 0x9a,
+    0x97, 0x9a, 0xd3, 0x7d, 0x0a, 0x77, 0xa4, 0x22, 0x9c, 0xb9, 0x45, 0xfe, 0xce, 0x1f, 0x01, 0xbc,
+    0x88, 0xe5, 0xa0, 0x32, 0x04, 0x36, 0x96, 0x14, 0x58, 0x25, 0xfc, 0xb2, 0x13, 0xd8, 0xd4, 0x27,
+    0x61, 0xcf, 0xaa, 0x98, 0x95, 0x0d, 0xa7, 0x84, 0xbc, 0x03, 0x83, 0x10, 0x0e, 0x34, 0x48, 0xa8,
+    0x57, 0x48, 0x92, 0xa6, 0x40, 0xe6, 0x74, 0x83, 0xc9, 0x15, 0x1b, 0x71, 0xf3, 0x1e, 0xde, 0x35,
+    0x11, 0x54, 0x14, 0x97, 0xe1, 0x76, 0x62, 0xe3, 0x0b, 0x4c, 0xfe, 0x87, 0x3a, 0x1b, 0xfb, 0xdd,
+    0x99, 0xb1, 0xb4, 0xa5, 0xe5, 0x40, 0xf4, 0xf7, 0x53, 0x69, 0x02, 0x35, 0x29, 0xc3, 0x2f, 0xfa,
+    0x72, 0x14, 0x68, 0x27, 0xd7, 0xf0, 0x98, 0x0d, 0x59, 0xe5, 0xe6, 0x38, 0x15, 0x46, 0xfc, 0x6f,
+    0x83, 0xb5, 0xc3, 0xae, 0xde, 0x70, 0xb3, 0x20, 0xff, 0x37, 0xe2, 0x52, 0x47, 0x03, 0xa2, 0x58,
+    0xbf, 0xc4, 0xf3, 0x18, 0x61, 0x79, 0x8a, 0x26, 0x5a, 0x66, 0xc8, 0x65, 0x1f, 0x27, 0x84, 0xb7,
+    0x55, 0xc7, 0x44, 0x8e, 0xe3, 0x6d, 0x29, 0xe9, 0x27, 0xbf, 0x80, 0xde, 0xd2, 0x77, 0x91, 0x2f,
+    0x73, 0xb2, 0x03, 0x33, 0x67, 0x54, 0x57, 0x38, 0x2e, 0xb0, 0x4a, 0x8e, 0xe4, 0x93, 0x3a, 0x62,
+    0x9d, 0x6c, 0xdb, 0xf5, 0x60, 0x95, 0x4e, 0x23, 0x4c, 0xfe, 0xf7, 0xa8, 0x6b, 0x11, 0xb1, 0xce,
+    0x81, 0x3a, 0x15, 0x86, 0x7d, 0xfb, 0xee, 0x4a, 0x11, 0x9d, 0x79, 0xfd, 0x66, 0x6a, 0xed, 0x42,
+    0x3f, 0x58, 0x8d, 0x8a, 0xac, 0x26, 0xab, 0x59, 0x3c, 0xae, 0x1d, 0x2e, 0x88, 0x98, 0xaf, 0xf8,
+    0xb3, 0x60, 0x42, 0xe8, 0x2d, 0xc5, 0x87, 0x99, 0x7b, 0x1c, 0x14, 0x01, 0xd9, 0x92, 0xe5, 0xeb,
+    0xbb, 0x19, 0x9c, 0x48, 0xe4, 0xac, 0x30, 0xf2, 0x45, 0xf1, 0x3d, 0xf8, 0x5d, 0xf5, 0x1a, 0x83,
+    0xd6, 0x72, 0x87, 0x20, 0x3d, 0x1d, 0x9a, 0xc9, 0xd8, 0x88, 0x62, 0x8c, 0x95, 0x74, 0x33, 0x77,
+    0xea, 0x03, 0xb7, 0x96, 0x82, 0x14, 0xa3, 0xcf, 0x7d, 0xd9, 0x48, 0xbb, 0xcd, 0x50, 0x15, 0x98,
+    0x25, 0x5c, 0xfa, 0x81, 0x97, 0x16, 0xec, 0x8e, 0x90, 0xf0, 0xfd, 0x49, 0xe6, 0x58, 0x22, 0x5a,
+    0xce, 0xf9, 0x26, 0x03, 0xa5, 0xa6, 0x80, 0x74, 0x9a, 0x7c, 0x19, 0x44, 0xda, 0xdd, 0xf1, 0xcf,
+    0x63, 0x40, 0x7c, 0xb0, 0x36, 0x86, 0xfa, 0xee, 0x52, 0xa9, 0x18, 0xbf, 0x2f, 0x5d, 0x07, 0xb2,
+    0x45, 0x35, 0x3b, 0x0d, 0xb2, 0xbf, 0x84, 0x3f, 0x5b, 0xa6, 0xd2, 0xef, 0x19, 0xb9, 0xac, 0xff,
+    0x32, 0x5a, 0x57, 0x6e, 0x50, 0x3e, 0x69, 0xd3, 0x6a, 0x81, 0x6d, 0xfc, 0xbf, 0xf8, 0x08, 0xa9,
+    0xd7, 0xd4, 0xec, 0x34, 0x8d, 0xb9, 0x55, 0xfc, 0xaf, 0xdd, 0xce, 0x3a, 0x64, 0xa1, 0xf5, 0x7a,
+    0x9e, 0x45, 0x66, 0xc9, 0x73, 0xba, 0xdc, 0x7c, 0xd5, 0x01, 0xc0, 0xb1, 0xbb, 0xad, 0x38, 0xd9,
+    0x08, 0x79, 0xde, 0xa0, 0xc9, 0x69, 0xb7, 0x6b, 0x3e, 0xed, 0x29, 0xf9, 0x84, 0x67, 0xff, 0x68,
+    0x8d, 0x9e, 0xa4, 0x76, 0x31, 0x47, 0xe3, 0xf5, 0x30, 0xe7, 0xa5, 0x99, 0xa0, 0xdf, 0x8c, 0x1e,
+    0x79, 0x44, 0x0b, 0xbb, 0x0d, 0xb6, 0xbd, 0x39, 0xfe, 0xf7, 0xf8, 0xd8, 0x41, 0x9d, 0x8a, 0x10,
+    0xab, 0xeb, 0xe3, 0xcb, 0xb5, 0x7e, 0x9d, 0x24, 0x39, 0xe8, 0x6f, 0xc9, 0x96, 0x3b, 0x27, 0x53,
+    0x36, 0x87, 0x38, 0x3e, 0xd5, 0xeb, 0xd3, 0x07, 0x75, 0x16, 0x98, 0x61, 0xfd, 0x2a, 0x96, 0x9d,
+    0xfb, 0x57, 0xa3, 0x01, 0x63, 0x62, 0xc1, 0x2c, 0x76, 0x95, 0xb6, 0x3c, 0xf7, 0x4b, 0xee, 0x45,
+    0xec, 0x51, 0x0e, 0xee, 0xa4, 0x4a, 0x44, 0x71, 0x8c, 0xe4, 0x26, 0x89, 0xae, 0xeb, 0xc4, 0xb6,
+    0x4e, 0x65, 0x58, 0x91, 0x68, 0xf9, 0xa1, 0x0b, 0xfc, 0xb4, 0xcc, 0x0f, 0x4d, 0x62, 0xda, 0x80,
+    0x7e, 0xb0, 0xd9, 0xd7, 0x9b, 0x4c, 0x95, 0xb2, 0x78, 0x9f, 0x3a, 0x5c, 0xd3, 0xf3, 0x9d, 0x33,
+    0xd0, 0x20, 0x3e, 0x58, 0x1b, 0x43, 0x7d, 0x77, 0x29, 0xb5, 0x0c, 0xbe, 0xf6, 0xcf, 0xe2, 0x59,
+    0x6c, 0xcd, 0x70, 0x7c, 0x69, 0x15, 0x65, 0x0e, 0xea, 0x2c, 0xf3, 0xc2, 0x39, 0x54, 0xef, 0xf9,
+    0xf3, 0x2e, 0x7d, 0xa1, 0xaa, 0x0b, 0x76, 0x47, 0x48, 0x78, 0x9f, 0xc5, 0x73, 0x2c, 0x11, 0x2d,
+    0x5f, 0x31, 0x4c, 0x06, 0x89, 0x8f, 0xc3, 0xe8, 0xf7, 0xf8, 0x32, 0x88, 0x77, 0x79, 0x21, 0x5d,
+    0xff, 0x8a, 0xcc, 0x51, 0xe6, 0xb7, 0x7b, 0xf8, 0x69, 0x02, 0x43, 0xa1, 0xb5, 0x99, 0x70, 0x71,
+    0x8a, 0x6a, 0x76, 0x1a, 0xa7, 0xbd, 0xcb, 0x7e, 0xb6, 0x8f, 0x67, 0x1d, 0x32, 0xb1, 0x9b, 0x3d,
+    0x56, 0xee, 0xf9, 0xb2, 0xf0, 0x42, 0xbb, 0xb6, 0xbe, 0x40, 0xb7, 0xc7, 0x02, 0xcb, 0x18, 0x38,
+    0xdd, 0x22, 0xe4, 0xbc, 0xe7, 0x5b, 0xbf, 0xfd, 0x7f, 0x9a, 0x7c, 0x6c, 0xc1, 0xaf, 0x45, 0x08,
+    0xb4, 0x94, 0x90, 0x84, 0xbb, 0x3f, 0xaf, 0x12, 0xfd, 0x74, 0xd6, 0x85, 0x4b, 0xfc, 0xf2, 0xc8,
+    0x04, 0xdd, 0x6f, 0x50, 0x85, 0xd5, 0xba, 0xd4, 0x1f, 0x97, 0xf5, 0x9d, 0x42, 0xd2, 0x9e, 0x34,
+    0xbe, 0x62, 0x98, 0x0c, 0xd1, 0xdd, 0x45, 0x13, 0x2d, 0x33, 0x64, 0xd3, 0xee, 0xf2, 0x42, 0xba,
+    0x1b, 0xa2, 0x1c, 0x1f, 0x8b, 0x94, 0x88, 0xe2, 0xdb, 0x0b, 0x4c, 0xd1, 0x9f, 0x15, 0x4b, 0xaf,
+    0x9c, 0xca, 0xb0, 0xe1, 0xd0, 0x31, 0x81, 0x16, 0x3b, 0xab, 0x5b, 0x1e, 0x9a, 0xc4, 0x77, 0xc3,
+    0x5e, 0x97, 0x27, 0x12, 0x39, 0x2b, 0x0c, 0xdd, 0x80, 0xad, 0x9e, 0x3e, 0x86, 0xac, 0xe7, 0x50,
+    0x07, 0xf4, 0xd2, 0x6c, 0x96, 0xfa, 0x28, 0x8b, 0x86, 0x68, 0xc2, 0x84, 0x92, 0x6e, 0x17, 0x23,
+    0x8c, 0x38, 0xcf, 0x62, 0x81, 0xe3, 0x2c, 0xc0, 0x47, 0xb2, 0x09, 0x2f, 0x51, 0x0a, 0x4a, 0x13,
+    0x0f, 0x8d, 0x0c, 0xcc, 0x5f, 0x93, 0x9f, 0xe0, 0xb8, 0x85, 0xeb, 0x7d, 0x16, 0x09, 0xe8, 0x4b,
+    0x6d, 0x6b, 0x1b, 0x68, 0xd9, 0xb1, 0xaa, 0x3b, 0x9d, 0x79, 0x5f, 0x74, 0xc8, 0x81, 0x29, 0xf4,
+    0xf4, 0xda, 0xaf, 0xcd, 0x3c, 0xf1, 0x5e, 0xcc, 0xce, 0x10, 0x5d, 0x41, 0xe1, 0x42, 0x06, 0x0e,
+    0x26, 0x75, 0x47, 0xbd, 0x84, 0x39, 0x7e, 0xd1, 0x09, 0x0f, 0xca, 0x50, 0x36, 0xe4, 0xab, 0x4d,
+    0x71, 0x3d, 0xd5, 0x1b, 0xc4, 0xdf, 0x0a, 0x52, 0xc0, 0x1a, 0xd1, 0x21, 0xc5, 0xfa, 0x75, 0x78,
+    0x1c, 0x56, 0xce, 0x73, 0x1d, 0x6e, 0xa0, 0x69, 0x5d, 0x63, 0x8e, 0x55, 0x0d, 0x7b, 0x5c, 0x8c,
+    0x94, 0xb3, 0x6e, 0x41, 0x19, 0x58, 0x36, 0x7d, 0x05, 0x46, 0x72, 0xe7, 0x1e, 0xa3, 0x88, 0xab,
+    0x22, 0xa8, 0x28, 0xed, 0x01, 0xec, 0xc4, 0x05, 0x16, 0x98, 0x3f, 0xcd, 0x74, 0x36, 0x35, 0x79,
+    0xeb, 0xa5, 0xdc, 0x82, 0x32, 0xb0, 0x6c, 0xfa, 0x0a, 0x8c, 0xe4, 0x0d, 0x3c, 0x85, 0xd3, 0x95,
+    0xbc, 0xed, 0x4e, 0x24, 0x72, 0x56, 0x18, 0x79, 0xc3, 0x99, 0xff, 0x7c, 0xcf, 0x9b, 0x0d, 0xa0,
+    0x3c, 0x71, 0x30, 0xb6, 0xbf, 0x09, 0x39, 0x06, 0xa5, 0x51, 0x2a, 0x37, 0x58, 0x24, 0x26, 0xef,
+    0x15, 0x89, 0x7b, 0xc7, 0x64, 0xa3, 0xd8, 0x37, 0x14, 0xdb, 0x0b, 0x1a, 0x78, 0xc9, 0x65, 0xe9,
+    0xe9, 0x2a, 0x0a, 0xaa, 0x91, 0x3b, 0x31, 0x90, 0xe4, 0x26, 0x7f, 0xa2, 0x1d, 0xec, 0x9c, 0x8f,
+    0x02, 0x8f, 0xd6, 0x28, 0xa3, 0x8b, 0x5d, 0x6a, 0xee, 0xaa, 0x9b, 0xaf, 0x21, 0x69, 0x4f, 0x1a,
+    0x46, 0x1c, 0x86, 0x31, 0xa1, 0x90, 0x16, 0x60, 0xc2, 0x59, 0xe5, 0xf6, 0xc9, 0x05, 0x25, 0xe8,
+    0xda, 0xd6, 0x36, 0xd0, 0x71, 0xa1, 0x97, 0x76, 0xf9, 0xf2, 0xbe, 0xe8, 0x53, 0xc1, 0x52, 0x2b,
+    0x19, 0x2d, 0xca, 0x37, 0x28, 0x1f, 0xd5, 0x88, 0x35, 0xa1, 0xd7, 0x7e, 0xbe, 0x7c, 0x04, 0xb5,
+    0xdb, 0x70, 0x5d, 0xc4, 0xc1, 0x05, 0x58, 0x43, 0x8e, 0xa7, 0x12, 0x5e, 0xa2, 0x14, 0x94, 0x26,
+    0x1e, 0xd9, 0x18, 0x5b, 0xbe, 0xe5, 0xfd, 0x03, 0xb3, 0xc9, 0x15, 0xfa, 0x2c, 0x12, 0x13, 0x96,
+    0x17, 0x06, 0xad, 0xef, 0xc7, 0x28, 0x85, 0x5d, 0xfa, 0x71, 0x90, 0xb5, 0x59, 0xa0, 0x2a, 0xf3,
+    0x4a, 0xb8, 0x37, 0xc1, 0xed, 0x2c, 0x1b, 0xdf, 0xe3, 0x23, 0x39, 0x92, 0x0f, 0xb0, 0x44, 0xb4,
+    0x0a, 0xf6, 0x08, 0x88, 0x6a, 0xe2, 0xea, 0x01, 0xd0, 0x47, 0xb2, 0x56, 0xa5, 0x0e, 0xb0, 0x72,
+    0xd9, 0xff, 0x8b, 0xec, 0x62, 0x8e, 0x05, 0x29, 0x60, 0x0d, 0x89, 0xf1, 0x83, 0x7d, 0xdb, 0x3c,
+    0x89, 0x43, 0xcb, 0x26, 0xb4, 0x92, 0x59, 0x21, 0x2f, 0x70, 0x50, 0x04, 0xe2, 0x0d, 0x12, 0x2a,
+    0x78, 0xe2, 0x60, 0xaf, 0xbd, 0x12, 0x72, 0x0c, 0x89, 0xa2, 0x54, 0x6e, 0xb0, 0x48, 0x4c, 0x1d,
+    0x76, 0xc9, 0x07, 0x77, 0x52, 0x25, 0x22, 0xd9, 0x46, 0x72, 0x13, 0xa5, 0x57, 0x94, 0x62, 0x5b,
+    0x27, 0xd3, 0x2c, 0xa9, 0x34, 0x9d, 0xb1, 0xe4, 0x7e, 0x5a, 0x66, 0xe6, 0xc7, 0x31, 0x6d, 0x40,
+    0x18, 0x8b, 0xa1, 0x23, 0x98, 0xbb, 0x1a, 0xbd, 0x42, 0xf4, 0x7b, 0xc8, 0x4f, 0xa9, 0xc2, 0xb8,
+    0x23, 0x0e, 0x43, 0xf9, 0xb1, 0x48, 0x0b, 0x30, 0x61, 0xcd, 0x93, 0x7b, 0x85, 0xe3, 0xf3, 0x74,
+    0xf2, 0x88, 0x16, 0xb5, 0x1a, 0xaf, 0xb9, 0x72, 0x3f, 0x2d, 0x33, 0x73, 0x82, 0xf9, 0xd7, 0x20,
+    0x95, 0x15, 0x05, 0x55, 0xa9, 0xfc, 0xf9, 0x48, 0x72, 0x13, 0xde, 0x51, 0xef, 0x76, 0x4e, 0xa6,
+    0xd5, 0x5b, 0x3a, 0x1c, 0x2e, 0x32, 0x08, 0x96, 0x41, 0x77, 0x55, 0x95, 0x45, 0xc8, 0xba, 0x60,
+    0xa9, 0x64, 0x35, 0xe3, 0x16, 0xf5, 0xc0, 0x4e, 0xd7, 0x42, 0xf4, 0x66, 0xb7, 0x52, 0x68, 0x49,
+    0x84, 0x41, 0x11, 0xc2, 0x48, 0x8a, 0x9b, 0xab, 0x79, 0x5f, 0x20, 0xd6, 0xd5, 0x6d, 0xb5, 0x7b,
+    0xe1, 0x53, 0xd4, 0x0a, 0x58, 0x52, 0x86, 0xfb, 0xda, 0xcb, 0x56, 0x5b, 0x99, 0x8b, 0x63, 0xe7,
+    0x1d, 0xf0, 0xa5, 0x67, 0xad, 0xca, 0x6f, 0x5c, 0x2a, 0x36, 0x22, 0xe3, 0xfc, 0xae, 0x9a, 0x81,
+    0x93, 0x47, 0xbc, 0x2d, 0x8f, 0xa2, 0x1e, 0xf6, 0x83, 0x2e, 0xb0, 0x63, 0x8c, 0xcd, 0x9f, 0x88,
+    0x28, 0x5e, 0x20, 0x65, 0x6b, 0x0e, 0x2e, 0x04, 0xc6, 0xdf, 0x8d, 0x9b, 0xd1, 0x38, 0x85, 0x0b,
+    0xc6, 0x80, 0xf8, 0xa3, 0x6c, 0xcf, 0x37, 0x1f, 0xa4, 0x91, 0x30, 0xbd, 0x5e, 0xba, 0x0e, 0xa7,
+    0x7b, 0xcb, 0xdd, 0x93, 0xae, 0x3d, 0xe0, 0x53, 0x10, 0x5d, 0x63, 0x77, 0x60, 0xf4, 0xc5, 0x0a,
+    0x65, 0x12, 0xc5, 0xc8, 0x10, 0xd8, 0x1d, 0x50, 0xa3, 0x94, 0x76, 0x8d, 0x4c, 0xe6, 0xd6, 0x9c,
+    0x75, 0xe0, 0xba, 0x4b, 0x41, 0x0a, 0xb0, 0x86, 0xdf, 0x8d, 0x24, 0xbc, 0x87, 0x28, 0xeb, 0x4c,
+    0x7c, 0x3f, 0x0f, 0xff, 0x38, 0xc7, 0xc8, 0xd8, 0x96, 0x35, 0xa1, 0xf3, 0xf2, 0x9a, 0xd2, 0x29,
+    0xe3, 0xdc, 0x02, 0x22, 0xfb, 0xd9, 0xdb, 0x91, 0x34, 0x61, 0xcd, 0xf4, 0xb8, 0xe2, 0x2c, 0xfd,
+    0xee, 0xde, 0xd8, 0xc6, 0x07, 0xc1, 0x19, 0x1b, 0x62, 0x4e, 0xbd, 0x26, 0x8f, 0x82, 0x8b, 0xac,
+    0x21, 0x81, 0x95, 0xd1, 0x12, 0xc3, 0x56, 0x5a, 0x8f, 0x67, 0x08, 0xd4, 0xa4, 0x8a, 0xbc, 0x6e,
+    0x8e, 0xb7, 0x19, 0x4a, 0x22, 0x68, 0x71, 0xaa, 0xa9, 0x18, 0x92, 0x80, 0x70, 0x63, 0x05, 0x09,
+    0xf9, 0xd8, 0x75, 0x29, 0xc0, 0xe9, 0x9c, 0x46, 0x98, 0x3f, 0x2d, 0x93, 0xd6, 0x22, 0xa1, 0x5f,
+    0x01, 0xa6, 0x6b, 0x14, 0xb0, 0xa4, 0xcf, 0x35, 0x77, 0x55, 0xac, 0xb6, 0xf1, 0xd5, 0xc6, 0x0d,
+    0x5b, 0xec, 0x23, 0x56, 0x0c, 0x5a, 0x79, 0x3c, 0xe8, 0x6f, 0xc7, 0x15, 0x35, 0xab, 0xbf, 0x69,
+    0x91, 0xc8, 0x6a, 0x05, 0x2c, 0x29, 0x43, 0x9c, 0x6d, 0x84, 0x2b, 0xcc, 0xad, 0xa4, 0xd0, 0x92,
+    0x14, 0x2f, 0x10, 0xd3, 0xd4, 0x07, 0x17, 0x02, 0x63, 0x8e, 0xa7, 0xac, 0x89, 0x1c, 0xa3, 0xe4,
+    0x7a, 0x6d, 0xb6, 0x87, 0x1e, 0x99, 0x2f, 0x66, 0x67, 0x08, 0xcf, 0xc1, 0x91, 0x21, 0x03, 0x07,
+    0xf6, 0x55, 0x79, 0xe5, 0x9f, 0x7a, 0x03, 0xa6, 0x20, 0xba, 0xc6, 0xee, 0xc0, 0x2b, 0x49, 0x14,
+    0xb1, 0xef, 0x94, 0xc0, 0x8e, 0x4e, 0xda, 0xf3, 0x95, 0xb6, 0x8f, 0xae, 0xf8, 0xfb, 0xaa, 0xf1,
+    0xb7, 0xbd, 0x2d, 0xb8, 0xa8, 0x10, 0x3d, 0x4d, 0x64, 0x8b, 0xe1, 0x9c, 0x9b, 0x40, 0x7b, 0xdf,
+    0xca, 0x24, 0x49, 0x53, 0x20, 0x73, 0x3a, 0xa0, 0x85, 0xeb, 0xec, 0xd9, 0x98, 0x0f, 0x6f, 0xfb,
+    0x5a, 0x4a, 0x48, 0x42, 0xbc, 0xfe, 0xb6, 0x09, 0x9f, 0x3a, 0x6b, 0xa3, 0xc4, 0x7e, 0x79, 0x64,
+    0xf8, 0x7e, 0x1e, 0x3d, 0x70, 0x4d, 0x53, 0x73, 0xef, 0x6a, 0x81, 0x25, 0x27, 0xf7, 0x67, 0x52,
+    0xcc, 0x76, 0xf0, 0x2b, 0x06, 0x2d, 0xdd, 0x1e, 0x74, 0xd6, 0x82, 0xeb, 0xfb, 0xb4, 0xbe, 0xd5,
+    0x47, 0xba, 0xed, 0x25, 0x11, 0x34, 0xd9, 0x55, 0xb5, 0x0c, 0x49, 0x40, 0x38, 0xd0, 0xe3, 0xe5,
+    0x96, 0x3c, 0xb8, 0x69, 0xba, 0xd3, 0x6b, 0x17, 0xeb, 0xec, 0xe9, 0x48, 0x3f, 0xca, 0xc7, 0xb1,
+    0x6e, 0x42, 0xa6, 0x54, 0xca, 0x9e, 0x38, 0x64, 0x04, 0x86, 0x68, 0x6d, 0x18, 0x3d, 0xa0, 0xe3,
+    0x13, 0xdb, 0xc2, 0xbf, 0x42, 0xfd, 0x3f, 0x89, 0xe5, 0xe6, 0x65, 0x28, 0x1b, 0x72, 0xb4, 0xc7,
+    0x24, 0xfa, 0x91, 0x95, 0x27, 0xb2, 0x23, 0xbb, 0xe7, 0xa5, 0x51, 0xff, 0x17, 0x8d, 0xe4, 0x57,
+    0x74, 0x46, 0xd1, 0x5f, 0xf1, 0xae, 0x7f, 0xb3, 0xa8, 0xd8, 0x88, 0x0a, 0x76, 0xfd, 0x2d, 0x41,
+    0x09, 0xdf, 0xb5, 0xb4, 0x79, 0xcd, 0x78, 0x5e, 0x49, 0xb8, 0x85, 0x4f, 0x75, 0xb2, 0x39, 0x65,
+    0x03, 0x29, 0xbd, 0x3c, 0x13, 0x2f, 0x92, 0x5f, 0x99, 0xff, 0x37, 0x19, 0xd0, 0xbc, 0x89, 0x17,
+    0x30, 0xd5, 0x81, 0x46, 0xf3, 0xb5, 0x34, 0xb9, 0x84, 0x2b, 0xf6, 0x53, 0x9e, 0x91, 0x47, 0xb3,
+    0x50, 0xbc, 0x40, 0xca, 0xd6, 0x1c, 0x5c, 0x08, 0x4f, 0x7d, 0xd9, 0xf5, 0x61, 0x70, 0xc9, 0x16,
+    0x4f, 0xc3, 0x33, 0x85, 0xd8, 0x5d, 0x6e, 0x3e, 0x8b, 0xe1, 0x60, 0xb9, 0xbc, 0xb7, 0x1c, 0x8d,
+    0x0e, 0x2b, 0x67, 0xd8, 0xef, 0x37, 0x50, 0xd5, 0xcf, 0xd0, 0x47, 0xcb, 0xe7, 0xdc, 0x2e, 0x46,
+    0x7d, 0x99, 0x64, 0xeb, 0x88, 0x63, 0x07, 0xed, 0xe1, 0x60, 0x0d, 0x45, 0x03, 0x4f, 0x14, 0x24,
+    0xb9, 0x96, 0x4a, 0x60, 0x47, 0x27, 0x6d, 0x98, 0xab, 0x5b, 0xa6, 0x57, 0x7c, 0x9c, 0x55, 0x99,
+    0x37, 0x21, 0x53, 0x2a, 0x65, 0x4f, 0x1c, 0x32, 0x02, 0x43, 0x34, 0xd7, 0x0c, 0xff, 0x50, 0x90,
+    0x54, 0x61, 0x2f, 0x9a, 0x53, 0xc9, 0xe6, 0xdc, 0x50, 0xea, 0x2c, 0x68, 0x23, 0xa2, 0x57, 0x22,
+    0x1f, 0x7f, 0x73, 0x4f, 0x0e, 0x41, 0x32, 0x36, 0xc4, 0x9c, 0xb9, 0x4c, 0xdd, 0xc7, 0xd5, 0x9b,
+    0xc2, 0x5d, 0x97, 0xf3, 0xe9, 0x1a, 0x8d, 0xcb, 0xbb, 0x06, 0xc5, 0x20, 0x1c, 0x68, 0x90, 0x93,
+    0x33, 0xfc, 0x3c, 0x7a, 0xe0, 0x9a, 0xa6, 0xe6, 0x1d, 0xd4, 0xc1, 0x4a, 0x4e, 0x2d, 0xce, 0xa4,
+    0x3a, 0x23, 0x89, 0xce, 0x99, 0x57, 0xde, 0xb8, 0x54, 0x6c, 0x44, 0x05, 0x3b, 0x9f, 0xf7, 0xc1,
+    0xe5, 0x8e, 0xbb, 0x5a, 0xdd, 0x87, 0x3c, 0x2f, 0xc5, 0x5c, 0xa3, 0xc6, 0xdb, 0x59, 0xfd, 0xd3,
+    0xe8, 0x8c, 0x61, 0xbe, 0x21, 0x9f, 0xfe, 0xa5, 0x93, 0x73, 0xd3, 0x14, 0xec, 0x39, 0x5a, 0x82,
+    0x12, 0x7d, 0xa9, 0xab, 0xf2, 0x59, 0xf0, 0xbc, 0x92, 0xb3, 0xc9, 0x9e, 0xea, 0xa7, 0x72, 0xca,
+    0x92, 0xe1, 0xd7, 0x39, 0x3f, 0x06, 0xd1, 0xc3, 0xf4, 0x7b, 0x1c, 0xd5, 0x7d, 0x18, 0x59, 0x85,
+    0xac, 0x1f, 0x31, 0xa7, 0x23, 0x84, 0xb5, 0xaf, 0xbf, 0x80, 0xad, 0x4d, 0x04, 0x55, 0x30, 0x70,
+    0x34, 0x08, 0xee, 0x16, 0x76, 0x60, 0x8e, 0x6d, 0x9b, 0xbc, 0x03, 0xce, 0xdc, 0x43, 0xd9, 0x87,
+    0x52, 0x33, 0x96, 0xe2, 0x75, 0x97, 0x01, 0x62, 0xa1, 0xd7, 0x42, 0x5a, 0x40, 0x19, 0x86, 0x0c,
+    0xed, 0xf7, 0x65, 0xfa, 0x14, 0xee, 0x8b, 0x44, 0xfb, 0xb1, 0x8a, 0x3f, 0x5f, 0x3e, 0x02, 0xbb,
+    0xfa, 0xf1, 0xc8, 0x15, 0xd3, 0xc6, 0x0e, 0x19, 0x01, 0xc0, 0x1a, 0x8a, 0x06, 0x9e, 0x28, 0x48,
+    0x98, 0x17, 0xdf, 0xb1, 0x55, 0xe4, 0x3b, 0xc2, 0x24, 0x3c, 0xae, 0x83, 0xd8, 0x16, 0xe9, 0xf7,
+    0xdf, 0xad, 0x32, 0x94, 0x44, 0xd0, 0xe2, 0x97, 0x91, 0x30, 0xe7, 0xc3, 0xe0, 0xc6, 0x0a, 0x12,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x66, 0x3b, 0x78, 0xf4, 0x03, 0xf7, 0x8f, 0x0f, 0x3a, 0x6b, 0x41, 0x94, 0x9c, 0x5a, 0x5f, 0x8b,
+    0x2f, 0xaa, 0xf2, 0x09, 0xfd, 0xf4, 0x06, 0x8f, 0x40, 0xb7, 0x4f, 0x1f, 0x43, 0x56, 0x92, 0x28,
+    0x3e, 0xfe, 0xe6, 0x9e, 0x1c, 0x82, 0x64, 0x6c, 0x4b, 0xfb, 0xb1, 0x98, 0x79, 0x4d, 0x69, 0xf5,
+  },
+  { /* 12 */
+    0xc2, 0x45, 0xb9, 0x57, 0x85, 0xa8, 0xdb, 0x13, 0x2a, 0x3f, 0xb0, 0xb9, 0xb0, 0x0b, 0x7b, 0xc6,
+    0x95, 0x59, 0xc2, 0x20, 0x7c, 0x53, 0x81, 0x21, 0x64, 0x56, 0x1f, 0xc2, 0x1f, 0x6d, 0x57, 0x36,
+    0xa6, 0x73, 0x93, 0x63, 0x29, 0x01, 0x42, 0x6e, 0x91, 0x38, 0x9b, 0x93, 0x9b, 0xf4, 0x35, 0x9d,
+    0x27, 0x78, 0x48, 0x3d, 0x69, 0x20, 0x97, 0x5e, 0x08, 0x0c, 0x8b, 0x48, 0x8b, 0xf5, 0x6f, 0x4b,
+    0xe0, 0xc8, 0x66, 0x94, 0xe3, 0x75, 0x59, 0xd8, 0x8c, 0xca, 0x48, 0x66, 0x48, 0xe5, 0x86, 0xb5,
+    0x86, 0x9c, 0xc4, 0x12, 0x49, 0xd1, 0x1c, 0x46, 0xa5, 0x16, 0x83, 0xc4, 0x83, 0x14, 0x42, 0x20,
+    0x06, 0xa6, 0x5b, 0x15, 0x0a, 0x17, 0xa7, 0xe6, 0x75, 0xae, 0xe3, 0x5b, 0xe3, 0x12, 0x5d, 0x91,
+    0x5d, 0x35, 0x96, 0x48, 0xe7, 0xc2, 0x70, 0xdb, 0xd1, 0x58, 0x49, 0x96, 0x49, 0x50, 0xcb, 0x80,
+    0x09, 0x7a, 0x21, 0xd4, 0x1b, 0xd3, 0x98, 0x9a, 0x44, 0x66, 0x76, 0x21, 0x76, 0x3f, 0x28, 0xd9,
+    0x78, 0x2f, 0x56, 0xc7, 0x88, 0xef, 0x3b, 0x66, 0x4b, 0x8f, 0x22, 0x56, 0x22, 0xab, 0x2e, 0x05,
+    0xf4, 0x9a, 0x7f, 0xea, 0xdf, 0x07, 0x0d, 0xc9, 0x71, 0xa8, 0x47, 0x7f, 0x47, 0x89, 0x8b, 0x55,
+    0x16, 0x30, 0x91, 0xcc, 0x3a, 0x7f, 0x88, 0xf2, 0x6f, 0xb9, 0xef, 0x91, 0xef, 0x62, 0x87, 0x2e,
+    0x19, 0xec, 0xeb, 0x0d, 0x2b, 0xbb, 0xb7, 0x8e, 0x5e, 0x71, 0x7a, 0xeb, 0x7a, 0x4f, 0xf2, 0x66,
+    0xec, 0x47, 0xd0, 0xbe, 0xf7, 0x5b, 0xd4, 0xd7, 0x66, 0x55, 0x4d, 0xd0, 0x4d, 0xc1, 0x3c, 0x54,
+    0x69, 0x88, 0xd8, 0x47, 0xbb, 0x60, 0x7a, 0xe2, 0x18, 0x14, 0x5e, 0xd8, 0x5e, 0xdc, 0xb1, 0xdd,
+    0x04, 0xc4, 0xd3, 0xa7, 0x0c, 0x1a, 0x7b, 0x05, 0xe7, 0x75, 0x03, 0xd3, 0x03, 0x1c, 0xd7, 0x5f,
+    0x8f, 0xe6, 0xe5, 0xc6, 0x52, 0x02, 0x84, 0xdc, 0xe1, 0x70, 0xf5, 0xe5, 0xf5, 0x2b, 0x6a, 0xf9,
+    0x30, 0x79, 0x9d, 0xa8, 0x50, 0xb8, 0x71, 0x3c, 0x2e, 0x39, 0x14, 0x9d, 0x14, 0x90, 0xad, 0x02,
+    0x39, 0x03, 0xbc, 0x7c, 0x4b, 0x6b, 0xe9, 0xa6, 0x6a, 0x5f, 0x62, 0xbc, 0x62, 0xaf, 0x85, 0xdb,
+    0xe9, 0xb2, 0x47, 0x40, 0xf8, 0xa6, 0xc1, 0x42, 0xc8, 0xac, 0x3e, 0x47, 0x3e, 0xda, 0xae, 0x6c,
+    0x03, 0x53, 0xcc, 0xeb, 0x05, 0xea, 0xb2, 0x73, 0xdb, 0x57, 0x90, 0xcc, 0x90, 0x09, 0xcf, 0xa9,
+    0xcf, 0xfb, 0x4b, 0x24, 0x92, 0x61, 0x38, 0x8c, 0x89, 0x2c, 0xc5, 0x4b, 0xc5, 0x28, 0x84, 0x40,
+    0x70, 0x64, 0x33, 0x4a, 0x90, 0xdb, 0xcd, 0x6c, 0x46, 0x65, 0x24, 0x33, 0x24, 0x93, 0x43, 0xbb,
+    0x43, 0x4e, 0x62, 0x09, 0xc5, 0x89, 0x0e, 0x23, 0xb3, 0x0b, 0xa0, 0x62, 0xa0, 0x0a, 0x21, 0x10,
+    0x55, 0x7e, 0xf3, 0xc5, 0xff, 0xf6, 0x86, 0xd1, 0xdc, 0xb2, 0x4f, 0xf3, 0x4f, 0x68, 0xa6, 0x3e,
+    0x2c, 0x60, 0xe1, 0x5b, 0x74, 0xfe, 0xd3, 0x27, 0xde, 0xb1, 0x1d, 0xe1, 0x1d, 0xc4, 0xcd, 0x5c,
+    0x12, 0xf4, 0x42, 0x6b, 0x36, 0x65, 0xf3, 0xf7, 0x88, 0xcc, 0xec, 0x42, 0xec, 0x7e, 0x50, 0x71,
+    0x8e, 0xd7, 0xa1, 0x9f, 0x51, 0xe5, 0xea, 0x4c, 0xa8, 0xfc, 0x85, 0xa1, 0x85, 0x2c, 0x2f, 0x9e,
+    0xd5, 0x44, 0x6c, 0xc2, 0xbc, 0x30, 0x3d, 0x71, 0x0c, 0x0a, 0x2f, 0x6c, 0x2f, 0x6e, 0xb9, 0x8f,
+    0x3d, 0xc7, 0x6f, 0xdb, 0x47, 0x71, 0x92, 0xa3, 0x8d, 0x2a, 0x61, 0x6f, 0x61, 0xb3, 0x52, 0x84,
+    0xd2, 0xd3, 0x73, 0x8e, 0xb5, 0xc0, 0xf4, 0x07, 0x30, 0x28, 0xbc, 0x73, 0xbc, 0x7b, 0xa1, 0x79,
+    0x76, 0xc2, 0x68, 0x5f, 0x9a, 0xcc, 0x6a, 0x8a, 0x33, 0xcb, 0xc7, 0x68, 0xc7, 0x81, 0x1e, 0x2a,
+    0x18, 0xdd, 0xaf, 0x54, 0x28, 0x5c, 0xd9, 0x1e, 0x17, 0xfd, 0x0a, 0xaf, 0x0a, 0x48, 0xb7, 0x01,
+    0x35, 0x8c, 0x0a, 0x56, 0x5f, 0x45, 0x64, 0xa9, 0x80, 0xc0, 0x67, 0x0a, 0x67, 0x8b, 0x3f, 0x3a,
+    0x07, 0x97, 0x1f, 0x4c, 0x09, 0xf0, 0xc9, 0x76, 0x3c, 0x22, 0x93, 0x1f, 0x93, 0x15, 0x18, 0xf6,
+    0xc0, 0x27, 0x31, 0xe5, 0x83, 0xa5, 0x07, 0xf0, 0xb8, 0xe4, 0x50, 0x31, 0x50, 0x05, 0xf1, 0x08,
+    0xf7, 0xc9, 0xb3, 0x01, 0xda, 0xed, 0xbf, 0xba, 0xaa, 0xff, 0xd7, 0xb3, 0xd7, 0x80, 0x44, 0xfc,
+    0xb8, 0x08, 0x67, 0x22, 0x0b, 0x4a, 0x3c, 0x96, 0xf3, 0x6b, 0x72, 0x67, 0x72, 0xae, 0xdf, 0x0d,
+    0x72, 0x06, 0xbb, 0xf8, 0x96, 0xd6, 0x11, 0x8f, 0xd4, 0xbe, 0xc4, 0xbb, 0xc4, 0x9d, 0xc9, 0x75,
+    0x11, 0xa7, 0x8e, 0x80, 0x33, 0x8f, 0x41, 0x84, 0x53, 0x9b, 0x7c, 0x8e, 0x7c, 0x77, 0x9f, 0xd8,
+    0xb4, 0x87, 0xd1, 0x08, 0x1f, 0x64, 0xb1, 0x99, 0x19, 0xf4, 0x77, 0xd1, 0x77, 0x8a, 0x65, 0xec,
+    0xff, 0x82, 0xd6, 0x8c, 0xc2, 0xd9, 0x49, 0xb0, 0xa7, 0x15, 0xd1, 0xd6, 0xd1, 0xb8, 0x29, 0x42,
+    0x1a, 0xbf, 0x27, 0xe6, 0x2e, 0x51, 0x05, 0xfd, 0x85, 0x26, 0xea, 0x27, 0xea, 0x46, 0x3d, 0xcf,
+    0x48, 0x56, 0xcb, 0x6f, 0xd8, 0x57, 0x4a, 0x5a, 0x65, 0xb6, 0x36, 0xcb, 0x36, 0x3b, 0x83, 0x07,
+    0xaa, 0xfc, 0x25, 0x49, 0x3d, 0x2f, 0xcf, 0x61, 0x7b, 0xa7, 0x9e, 0x25, 0x9e, 0xd0, 0x8f, 0x7c,
+    0x58, 0xc0, 0x01, 0xb6, 0xe8, 0x3f, 0x65, 0x4e, 0x7f, 0xa1, 0x3a, 0x01, 0x3a, 0x4b, 0x59, 0xb8,
+    0x93, 0xff, 0x99, 0x35, 0x76, 0x44, 0x26, 0xc7, 0x11, 0xf8, 0xfc, 0x99, 0xfc, 0x7f, 0x0a, 0xa7,
+    0x21, 0xde, 0x13, 0x28, 0x63, 0x37, 0x30, 0xb8, 0x7d, 0xa2, 0x68, 0x13, 0x68, 0xe7, 0x32, 0xda,
+    0xdd, 0x0f, 0x09, 0x4f, 0xa4, 0x04, 0xcb, 0x7b, 0x01, 0xe0, 0x29, 0x09, 0x29, 0x56, 0xd4, 0x31,
+    0x60, 0xf2, 0xf9, 0x93, 0xa0, 0xb3, 0xe2, 0x78, 0x5c, 0x72, 0x28, 0xf9, 0x28, 0xe3, 0x99, 0x04,
+    0x0c, 0x8f, 0xb6, 0x2a, 0x14, 0x2e, 0x8d, 0x0f, 0xea, 0x9f, 0x05, 0xb6, 0x05, 0x24, 0xba, 0xe1,
+    0xc4, 0xe3, 0xe2, 0x42, 0x8f, 0xbf, 0x7c, 0xf5, 0x5f, 0x91, 0x53, 0xe2, 0x53, 0x19, 0x26, 0x57,
+    0x9a, 0x85, 0xb8, 0xe1, 0x6d, 0x97, 0xbe, 0x5d, 0x55, 0x9e, 0x8a, 0xb8, 0x8a, 0x40, 0x22, 0x7e,
+    0x5c, 0x04, 0xd2, 0x11, 0xe4, 0x25, 0x1e, 0x4b, 0x98, 0xd4, 0x39, 0xd2, 0x39, 0x57, 0x8e, 0xe7,
+    0x53, 0xd8, 0xa8, 0xd0, 0xf5, 0xe1, 0x21, 0x37, 0xa9, 0x1c, 0xac, 0xa8, 0xac, 0x7a, 0xfb, 0xaf,
+    0xcd, 0x99, 0xc3, 0x96, 0x94, 0x6c, 0xe4, 0x6f, 0x1b, 0xf7, 0x25, 0xc3, 0x25, 0x26, 0x0e, 0x8e,
+    0x32, 0x1b, 0x15, 0x1a, 0x56, 0xb5, 0xad, 0xdf, 0xbc, 0xe2, 0xf4, 0x15, 0xf4, 0x9e, 0x27, 0xcc,
+    0x1b, 0x8e, 0x63, 0xbf, 0x2d, 0xb6, 0x6b, 0x6d, 0xcc, 0xaa, 0x9a, 0x63, 0x9a, 0x41, 0x78, 0xa8,
+    0x5a, 0xa2, 0x89, 0x04, 0xee, 0x32, 0xb9, 0xad, 0xed, 0x7a, 0xda, 0x89, 0xda, 0x45, 0xd3, 0x76,
+    0xa1, 0xe4, 0x8c, 0x2f, 0x20, 0xf1, 0x8b, 0x18, 0xad, 0x1a, 0x08, 0x8c, 0x08, 0xe1, 0x2d, 0x6b,
+    0xe5, 0x3d, 0xf1, 0x6a, 0xec, 0x88, 0x4c, 0x4d, 0x22, 0x33, 0x3b, 0xf1, 0x3b, 0xfe, 0x14, 0x8d,
+    0x3c, 0xf6, 0x2b, 0x82, 0x44, 0x96, 0xfc, 0x33, 0xc4, 0xa6, 0x11, 0x2b, 0x11, 0xb4, 0x17, 0xe3,
+    0x97, 0x3b, 0x4a, 0x92, 0x7a, 0x5e, 0x5d, 0xc2, 0xf6, 0x8d, 0xff, 0x4a, 0xff, 0x63, 0xdd, 0xf8,
+    0xce, 0xca, 0x0f, 0x7d, 0x91, 0x86, 0x56, 0x1c, 0xc0, 0xa0, 0xb5, 0x0f, 0xb5, 0x2f, 0xc1, 0x27,
+    0x6d, 0x4c, 0x0b, 0xe0, 0xb7, 0x7a, 0x01, 0xe7, 0xff, 0x61, 0x5d, 0x0b, 0x5d, 0xc0, 0x66, 0x82,
+    0x62, 0x90, 0x71, 0x21, 0xa6, 0xbe, 0x3e, 0x9b, 0xce, 0xa9, 0xc8, 0x71, 0xc8, 0xed, 0x13, 0xca,
+    0xf5, 0xab, 0x3b, 0xb3, 0xdc, 0xe0, 0x63, 0x59, 0x38, 0x24, 0x37, 0x3b, 0x37, 0x8e, 0xce, 0x32,
+    0xb7, 0xd4, 0x1d, 0xe3, 0x1a, 0x8e, 0x03, 0xea, 0xc2, 0xa3, 0xe7, 0x1d, 0xe7, 0x83, 0xaa, 0x45,
+    0xe2, 0xaa, 0xee, 0x26, 0xe5, 0x78, 0x85, 0x3b, 0x1e, 0x11, 0xa8, 0xee, 0xa8, 0xeb, 0x0c, 0x7b,
+    0x41, 0x2c, 0xea, 0xbb, 0xc3, 0x84, 0xd2, 0xc0, 0x21, 0xd0, 0x40, 0xea, 0x40, 0x04, 0xab, 0xde,
+    0x71, 0x55, 0x77, 0x13, 0x93, 0x3c, 0xa3, 0xfc, 0x0f, 0xe9, 0x54, 0x77, 0x54, 0x94, 0x06, 0xdc,
+    0xf9, 0x24, 0x8d, 0x99, 0xc8, 0xce, 0xee, 0x56, 0xd2, 0xbb, 0x32, 0x8d, 0x32, 0xaa, 0x74, 0xd3,
+    0xea, 0xe1, 0x8b, 0xab, 0xfd, 0x4c, 0x73, 0x31, 0x13, 0xfb, 0xae, 0x8b, 0xae, 0xd3, 0x61, 0xc5,
+    0xae, 0x38, 0xf6, 0xee, 0x31, 0x35, 0xb4, 0x64, 0x9c, 0xd2, 0x9d, 0xf6, 0x9d, 0xcc, 0x58, 0x23,
+    0xe4, 0x0c, 0xb5, 0x33, 0xef, 0x6f, 0x22, 0xdd, 0x6b, 0xbf, 0x4b, 0xb5, 0x4b, 0xf9, 0x51, 0xea,
+    0x0b, 0x18, 0xa9, 0x66, 0x1d, 0xde, 0x44, 0x79, 0xd6, 0xbd, 0x96, 0xa9, 0x96, 0x31, 0xa2, 0x17,
+    0xde, 0x5c, 0xc5, 0xa4, 0xa1, 0xee, 0x79, 0x08, 0xda, 0xb7, 0xb9, 0xc5, 0xb9, 0x5f, 0x1b, 0x98,
+    0xf0, 0x5e, 0xac, 0x4d, 0xd3, 0x1d, 0x76, 0xcc, 0x96, 0xdd, 0x44, 0xac, 0x44, 0x95, 0x5c, 0x0a,
+    0xd4, 0x75, 0x28, 0x9b, 0xbf, 0xd7, 0x53, 0xe1, 0x45, 0x86, 0x5f, 0x28, 0x5f, 0x69, 0xfc, 0xe8,
+    0xb5, 0xb6, 0x95, 0x51, 0x1c, 0x83, 0xdf, 0x09, 0x50, 0x78, 0x07, 0x95, 0x07, 0x8d, 0x20, 0x8b,
+    0xa4, 0x11, 0x1b, 0xd1, 0x2f, 0x0c, 0x9e, 0x8d, 0x03, 0xe3, 0x7b, 0x1b, 0x7b, 0xfa, 0xbf, 0x53,
+    0xba, 0x6a, 0xef, 0x90, 0x0d, 0x47, 0xe0, 0x75, 0x61, 0xb0, 0x92, 0xef, 0x92, 0xa0, 0x55, 0xc3,
+    0xe8, 0x83, 0x03, 0x19, 0xfb, 0x41, 0xaf, 0xd2, 0x81, 0x20, 0x4e, 0x03, 0x4e, 0xdd, 0xeb, 0x0b,
+    0x0e, 0xed, 0x3e, 0x98, 0x12, 0x23, 0x51, 0xec, 0x78, 0x44, 0xe5, 0x3e, 0xe5, 0x2a, 0x30, 0x2f,
+    0x9c, 0x23, 0xe3, 0xf4, 0x67, 0x80, 0x19, 0xbb, 0x20, 0x30, 0x69, 0xe3, 0x69, 0x52, 0x7f, 0xef,
+    0x31, 0x48, 0xd9, 0xf1, 0x53, 0x5f, 0x1f, 0xac, 0x67, 0xb5, 0x64, 0xd9, 0x64, 0x97, 0xe8, 0x65,
+    0x79, 0x1e, 0x12, 0x9e, 0x8b, 0x08, 0x55, 0xf6, 0x02, 0x03, 0x52, 0x12, 0x52, 0xac, 0x6b, 0x62,
+    0xfc, 0xd1, 0x1a, 0x67, 0xc7, 0x33, 0xfb, 0xc3, 0x7c, 0x42, 0x41, 0x1a, 0x41, 0xb1, 0xe6, 0xeb,
+    0x4d, 0xa3, 0x5c, 0x91, 0xd7, 0xaa, 0x5f, 0xcf, 0xcb, 0x4f, 0x45, 0x5c, 0x45, 0x20, 0x11, 0x3f,
+    0xdb, 0xa9, 0x52, 0x5a, 0xae, 0x13, 0x6c, 0x9d, 0x74, 0x4e, 0xca, 0x52, 0xca, 0x44, 0x89, 0xa0,
+    0x75, 0x91, 0xa4, 0xb4, 0x9f, 0x26, 0xd8, 0xf9, 0xe8, 0x9c, 0x57, 0xa4, 0x57, 0x88, 0xd1, 0x83,
+    0x68, 0xb9, 0x9c, 0x1e, 0xb8, 0x87, 0x14, 0x72, 0x51, 0x98, 0x2e, 0x9c, 0x2e, 0xdb, 0xf4, 0xba,
+    0x15, 0x63, 0x5d, 0x27, 0x3f, 0x95, 0x3a, 0x81, 0xb4, 0xee, 0x7f, 0x5d, 0x7f, 0x6b, 0x48, 0x87,
+    0xa9, 0xaf, 0xe9, 0xa2, 0x38, 0xc5, 0x7d, 0x12, 0xa0, 0xf0, 0x0e, 0xe9, 0x0e, 0xd9, 0x40, 0xd5,
+    0x01, 0x31, 0x44, 0x59, 0x03, 0xe7, 0x6e, 0x90, 0x49, 0x8c, 0x70, 0x44, 0x70, 0x07, 0x45, 0x67,
+    0x23, 0xbc, 0x9b, 0x9a, 0x65, 0x3a, 0xec, 0x5b, 0xef, 0x79, 0x88, 0x9b, 0x88, 0xe9, 0xb8, 0x14,
+    0xb2, 0x21, 0x8a, 0x1d, 0x15, 0x73, 0x16, 0x7f, 0x6c, 0x5a, 0x94, 0x8a, 0x94, 0x98, 0x38, 0x7d,
+    0x6e, 0x1f, 0xc7, 0x0b, 0xb2, 0x90, 0xb3, 0x94, 0x24, 0x36, 0xcd, 0xc7, 0xcd, 0xc9, 0xa9, 0x2b,
+    0xf2, 0x3c, 0x24, 0xff, 0xd5, 0x10, 0xaa, 0x2f, 0x04, 0x06, 0xa4, 0x24, 0xa4, 0x9b, 0xd6, 0xc4,
+    0x3b, 0x61, 0x34, 0xce, 0x4d, 0x66, 0x35, 0x45, 0xf8, 0x84, 0x82, 0x34, 0x82, 0xa1, 0x0f, 0x15,
+    0x52, 0xe9, 0xec, 0x89, 0xf6, 0x06, 0x4f, 0xa7, 0xe0, 0x90, 0xdc, 0xec, 0xdc, 0x7d, 0xbe, 0xc8,
+    0x65, 0x07, 0x6e, 0x6d, 0xaf, 0x4e, 0xf7, 0xed, 0xf2, 0x8b, 0x5b, 0x6e, 0x5b, 0xf8, 0x0b, 0x3c,
+    0x4b, 0x05, 0x07, 0x84, 0xdd, 0xbd, 0xf8, 0x29, 0xbe, 0xe1, 0xa6, 0x07, 0xa6, 0x32, 0x4c, 0xae,
+    0x38, 0x32, 0xf8, 0x25, 0x48, 0x8c, 0x87, 0x36, 0x23, 0xd3, 0x12, 0xf8, 0x12, 0xa8, 0xc0, 0xbc,
+    0x2a, 0xc6, 0xba, 0x4e, 0x7e, 0xe9, 0x74, 0xc1, 0xab, 0x1f, 0xfe, 0xba, 0xfe, 0xd6, 0x90, 0xcd,
+    0x91, 0x9d, 0x11, 0x87, 0x70, 0x49, 0xfa, 0x24, 0x83, 0x23, 0x1c, 0x11, 0x1c, 0x71, 0x80, 0x69,
+    0xd6, 0x17, 0xa0, 0x29, 0xb9, 0xda, 0x8f, 0x02, 0xd7, 0x5d, 0xbf, 0xa0, 0xbf, 0x67, 0x76, 0x26,
+    0xfd, 0xe0, 0x5e, 0x3e, 0xc4, 0xd4, 0x95, 0x53, 0x35, 0xce, 0x31, 0x5e, 0x31, 0xb6, 0xa3, 0x8c,
+    0xf8, 0x15, 0xc9, 0xc0, 0xcb, 0x29, 0x80, 0xc6, 0x9b, 0x37, 0x42, 0xc9, 0x42, 0xad, 0x31, 0xb4,
+    0x8c, 0xb5, 0x29, 0x2d, 0x57, 0xe8, 0x36, 0xaf, 0x3a, 0x27, 0x65, 0x29, 0x65, 0x22, 0xa5, 0x50,
+    0x50, 0x8b, 0x64, 0x3b, 0xf0, 0x0b, 0x93, 0x44, 0x72, 0x4b, 0x3c, 0x64, 0x3c, 0x73, 0x34, 0x06,
+    0x7f, 0xb8, 0x49, 0x8b, 0x81, 0x1f, 0xf2, 0x10, 0x77, 0xad, 0xb1, 0x49, 0xb1, 0xbe, 0x36, 0xf3,
+    0x59, 0xf1, 0x45, 0xef, 0xeb, 0xd8, 0x0b, 0xde, 0x36, 0x2d, 0x4a, 0x45, 0x4a, 0x4c, 0x1c, 0xdf,
+    0x08, 0x4b, 0x65, 0x8d, 0x18, 0x34, 0xf6, 0x0a, 0x0d, 0xea, 0x06, 0x65, 0x06, 0x38, 0x6d, 0xbe,
+    0xd9, 0xcb, 0xda, 0xe8, 0xa8, 0x1e, 0xb0, 0x7e, 0xe6, 0x95, 0x2a, 0xda, 0x2a, 0x4a, 0x03, 0x6e,
+    0xa2, 0xb7, 0x40, 0xc4, 0x25, 0x1b, 0x39, 0x6b, 0x76, 0x4d, 0x98, 0x40, 0x98, 0xe8, 0xe2, 0xc2,
+    0xfb, 0x46, 0x05, 0x2b, 0xce, 0xc3, 0x32, 0xb5, 0x40, 0x60, 0xd2, 0x05, 0xd2, 0xa4, 0xfe, 0x1d,
+    0x1c, 0x19, 0x7c, 0xf3, 0x24, 0x46, 0xa2, 0x1b, 0xf0, 0x88, 0x09, 0x7c, 0x09, 0x54, 0x60, 0x5e,
+    0x29, 0x95, 0x76, 0xa5, 0x7b, 0x03, 0xc6, 0xb2, 0x70, 0x48, 0x6e, 0x76, 0x6e, 0xdf, 0x5f, 0x64,
+    0xd3, 0xe2, 0x37, 0xd7, 0xb6, 0x27, 0x9a, 0x97, 0x79, 0xa4, 0xcc, 0x37, 0xcc, 0x7c, 0xe4, 0x1e,
+    0x6f, 0x2e, 0x83, 0x52, 0xb1, 0x77, 0xdd, 0x04, 0x6d, 0xba, 0xbd, 0x83, 0xbd, 0xce, 0xec, 0x4c,
+    0x47, 0x8a, 0xb1, 0xae, 0xc9, 0x93, 0x75, 0x26, 0x54, 0x7e, 0xa3, 0xb1, 0xa3, 0x16, 0xf6, 0x4f,
+    0x54, 0x4f, 0xb7, 0x9c, 0xfc, 0x11, 0xe8, 0x41, 0x95, 0x3e, 0x3f, 0xb7, 0x3f, 0x6f, 0xe3, 0x59,
+    0x9f, 0x70, 0x2f, 0x1f, 0x62, 0x6a, 0xab, 0xc8, 0xfb, 0x67, 0xf9, 0x2f, 0xf9, 0x5b, 0xb0, 0x46,
+    0x17, 0x01, 0xd5, 0x95, 0x39, 0x98, 0xe6, 0x62, 0x26, 0x35, 0x9f, 0xd5, 0x9f, 0x65, 0xc2, 0x49,
+    0xe1, 0xf9, 0x22, 0xcd, 0xe0, 0x92, 0x37, 0x48, 0xc5, 0x46, 0x38, 0x22, 0x38, 0xe2, 0xc3, 0xd2,
+    0x7c, 0xeb, 0x85, 0x60, 0x84, 0xf5, 0x40, 0x63, 0xac, 0xfa, 0x21, 0x85, 0x21, 0xb7, 0xf9, 0x5a,
+    0x46, 0xbb, 0xf5, 0xf7, 0xca, 0x74, 0x1b, 0xb6, 0x1d, 0xf2, 0xd3, 0xf5, 0xd3, 0x11, 0xb3, 0x28,
+    0xbc, 0xcc, 0xb4, 0x85, 0x07, 0x50, 0x47, 0x93, 0x14, 0x1e, 0x71, 0xb4, 0x71, 0xb2, 0x08, 0x52,
+    0xc5, 0xd2, 0xa6, 0x1b, 0x8c, 0x58, 0x12, 0x65, 0x16, 0x1d, 0x23, 0xa6, 0x23, 0x1e, 0x63, 0x30,
+    0x22, 0x8d, 0xdf, 0xc3, 0x66, 0xdd, 0x82, 0xcb, 0xa6, 0xf5, 0xf8, 0xdf, 0xf8, 0xee, 0xfd, 0x73,
+    0xbe, 0xae, 0x3c, 0x37, 0x01, 0x5d, 0x9b, 0x70, 0x86, 0xc5, 0x91, 0x3c, 0x91, 0xbc, 0x82, 0x9c,
+    0x96, 0x0a, 0x0e, 0xcb, 0x79, 0xb9, 0x33, 0x52, 0xbf, 0x01, 0x8f, 0x0e, 0x8f, 0x64, 0x98, 0x9f,
+    0x7e, 0x89, 0x0d, 0xd2, 0x82, 0xf8, 0x9c, 0x80, 0x3e, 0x21, 0xc1, 0x0d, 0xc1, 0xb9, 0x73, 0x94,
+    0x1d, 0x28, 0x38, 0xaa, 0x27, 0xa1, 0xcc, 0x8b, 0xb9, 0x04, 0x79, 0x38, 0x79, 0x53, 0x25, 0x39,
+    0xb9, 0x39, 0x23, 0x7b, 0x08, 0xad, 0x52, 0x06, 0xba, 0xe7, 0x02, 0x23, 0x02, 0xa9, 0x9a, 0x6a,
+    0x9d, 0x12, 0xa7, 0xad, 0x64, 0x67, 0x77, 0x2b, 0x69, 0xbc, 0x19, 0xa7, 0x19, 0x55, 0x3a, 0x88,
+    0xad, 0x6b, 0x3a, 0x05, 0x34, 0xdf, 0x06, 0x17, 0x47, 0x85, 0x0d, 0x3a, 0x0d, 0xc5, 0x97, 0x8a,
+    0x6c, 0x7d, 0x4f, 0xb9, 0xb4, 0x9d, 0x6f, 0x77, 0xb6, 0xed, 0x2d, 0x4f, 0x2d, 0xc7, 0x23, 0xe5,
+    0x85, 0xcf, 0x08, 0xf9, 0x4c, 0x3b, 0xae, 0x35, 0x7e, 0x41, 0x13, 0x08, 0x13, 0x1d, 0x8d, 0x89,
+    0xd1, 0x80, 0xbf, 0x65, 0xb0, 0x2a, 0x46, 0x74, 0xeb, 0x7f, 0x2c, 0xbf, 0x2c, 0x72, 0x6e, 0xd0,
+    0x1e, 0x7b, 0xf4, 0x41, 0x22, 0x4b, 0x7e, 0xf8, 0x62, 0x53, 0xe9, 0xf4, 0xe9, 0x5a, 0xea, 0x90,
+    0xa5, 0x20, 0x5f, 0x88, 0x2c, 0xeb, 0xf0, 0x1d, 0x4a, 0x6f, 0x0b, 0x5f, 0x0b, 0xfd, 0xfa, 0x34,
+    0xe6, 0x6e, 0x3d, 0x81, 0xe9, 0x62, 0xfe, 0x3e, 0xf9, 0x64, 0xab, 0x3d, 0xab, 0xf7, 0xdb, 0x24,
+    0x2e, 0x02, 0x69, 0xe9, 0x72, 0xf3, 0x0f, 0xc4, 0x4c, 0x6a, 0xfd, 0x69, 0xfd, 0xca, 0x47, 0x92,
+    0x5f, 0x57, 0x1e, 0xfa, 0xe1, 0xcf, 0xac, 0x38, 0x43, 0x83, 0xa9, 0x1e, 0xa9, 0x5e, 0x41, 0x4e,
+    0x61, 0xc3, 0xbd, 0xca, 0xa3, 0x54, 0x8c, 0xe8, 0x15, 0xfe, 0x58, 0xbd, 0x58, 0xe4, 0xdc, 0x63,
+    0x83, 0x69, 0x53, 0xec, 0x46, 0x2c, 0x09, 0xd3, 0x0b, 0xef, 0xf0, 0x53, 0xf0, 0x0f, 0xd0, 0x18,
+    0x44, 0xd9, 0x7d, 0x45, 0xcc, 0x79, 0xc7, 0x55, 0x8f, 0x29, 0x33, 0x7d, 0x33, 0x1f, 0x39, 0xe6,
+    0xb1, 0x72, 0x46, 0xf6, 0x10, 0x99, 0xa4, 0x0c, 0xb7, 0x0d, 0x04, 0x46, 0x04, 0x91, 0xf7, 0xd4,
+    0xef, 0x14, 0x1c, 0x55, 0xf2, 0xb1, 0x66, 0xa4, 0xbd, 0x02, 0xdd, 0x1c, 0xdd, 0xc8, 0xf3, 0xfd,
+    0x82, 0x58, 0x17, 0xb5, 0x45, 0xcb, 0x67, 0x43, 0x42, 0x63, 0x80, 0x17, 0x80, 0x08, 0x95, 0x7f,
+    0x36, 0xdf, 0xc6, 0xbd, 0x5a, 0xaf, 0xd6, 0xda, 0x5b, 0x97, 0xf7, 0xc6, 0xf7, 0x82, 0xf0, 0x93,
+    0xa3, 0x86, 0x04, 0x9d, 0x26, 0xfc, 0x57, 0xfb, 0x3f, 0xc1, 0xe8, 0x04, 0xe8, 0xef, 0xa7, 0xa5,
+    0xaf, 0x09, 0xb2, 0xb7, 0x32, 0xd2, 0xda, 0xf4, 0xd5, 0x5e, 0xed, 0xb2, 0xed, 0xcb, 0x1d, 0x44,
+    0x88, 0x71, 0xfa, 0x8a, 0x5b, 0xf2, 0x4d, 0xaa, 0xdd, 0x52, 0x66, 0xfa, 0x66, 0x3e, 0x72, 0x0f,
+    0x89, 0x40, 0xbe, 0xd3, 0x58, 0x15, 0x23, 0x3a, 0x94, 0xde, 0x16, 0xbe, 0x16, 0x39, 0x37, 0x68,
+    0x0f, 0xdc, 0x7a, 0xc1, 0x11, 0xc4, 0x3f, 0x7c, 0x31, 0xc8, 0x95, 0x7a, 0x95, 0x2d, 0x75, 0x48,
+    0x1f, 0x4a, 0xb0, 0x18, 0x21, 0xac, 0x10, 0x68, 0x2b, 0xdf, 0x99, 0xb0, 0x99, 0x5d, 0xaf, 0xf7,
+    0x42, 0x7f, 0x26, 0x50, 0xc6, 0x6e, 0x60, 0xb3, 0xfa, 0x87, 0xd0, 0x26, 0xd0, 0x0d, 0x64, 0x77,
+    0xf6, 0xf8, 0xf7, 0x58, 0xd9, 0x0a, 0xd1, 0x2a, 0xe3, 0x73, 0xa7, 0xf7, 0xa7, 0x87, 0x01, 0x9b,
+    0xdf, 0x6d, 0x81, 0xfd, 0xa2, 0x09, 0x17, 0x98, 0x93, 0x3b, 0xc9, 0x81, 0xc9, 0x58, 0x5e, 0xff,
+    0x3a, 0x50, 0x70, 0x97, 0x4e, 0x81, 0x5b, 0xd5, 0xb1, 0x08, 0xf2, 0x70, 0xf2, 0xa6, 0x4a, 0x72,
+    0xc1, 0x16, 0x75, 0xbc, 0x80, 0x42, 0x69, 0x60, 0xf1, 0x68, 0x20, 0x75, 0x20, 0x02, 0xb4, 0x6f,
+    0x28, 0xa4, 0x32, 0xfc, 0x78, 0xe4, 0xa8, 0x22, 0x39, 0xc4, 0x1e, 0x32, 0x1e, 0xd8, 0x1a, 0x03,
+    0xf1, 0x6f, 0xe8, 0x14, 0xd0, 0xfa, 0x18, 0x5c, 0xdf, 0x51, 0x34, 0xe8, 0x34, 0x92, 0x19, 0x6d,
+    0xcb, 0x3f, 0x98, 0x83, 0x9e, 0x7b, 0x43, 0x89, 0x6e, 0x59, 0xc6, 0x98, 0xc6, 0x34, 0x53, 0x1f,
+    0x92, 0xce, 0xdd, 0x6c, 0x75, 0xa3, 0x48, 0x57, 0x58, 0x74, 0x8c, 0xdd, 0x8c, 0x78, 0x4f, 0xc0,
+    0x87, 0xad, 0x80, 0x4b, 0x4a, 0x36, 0x72, 0xd6, 0xec, 0x9a, 0xf3, 0x80, 0xf3, 0x13, 0x07, 0x47,
+    0xe7, 0x5f, 0x79, 0xd8, 0xea, 0x85, 0x90, 0xae, 0xb0, 0xe8, 0xdb, 0x79, 0xdb, 0xf0, 0x9e, 0x43,
+    0x3e, 0x94, 0xa3, 0x30, 0x42, 0x9b, 0x20, 0xd0, 0x56, 0x7d, 0xf1, 0xa3, 0xf1, 0xba, 0x9d, 0x2d,
+    0xfa, 0x77, 0x41, 0x72, 0xcd, 0x24, 0x5c, 0x25, 0x09, 0xec, 0xa2, 0x41, 0xa2, 0xa3, 0xbb, 0x7a,
+    0x0d, 0xbe, 0xf2, 0x73, 0x17, 0xc9, 0xe3, 0x9f, 0xa3, 0x13, 0x75, 0xf2, 0x75, 0x23, 0xff, 0x86,
+    0x51, 0xba, 0x20, 0x62, 0xf3, 0xec, 0xfd, 0xd4, 0x3b, 0xc7, 0x4c, 0x20, 0x4c, 0x74, 0x71, 0x61,
+    0xb6, 0xe5, 0x59, 0xba, 0x19, 0x69, 0x6d, 0x7a, 0x8b, 0x2f, 0x97, 0x59, 0x97, 0x84, 0xef, 0x22,
+    0x7b, 0x7c, 0x9a, 0x2c, 0x8d, 0x05, 0x89, 0x15, 0x90, 0xd8, 0xb2, 0x9a, 0xb2, 0xa2, 0xe1, 0xac,
+    0x74, 0xa0, 0xe0, 0xed, 0x9c, 0xc1, 0xb6, 0x69, 0xa1, 0x10, 0x27, 0xe0, 0x27, 0x8f, 0x94, 0xe4,
+    0x3f, 0xa5, 0xe7, 0x69, 0x41, 0x7c, 0x4e, 0x40, 0x1f, 0xf1, 0x81, 0xe7, 0x81, 0xbd, 0xd8, 0x4a,
+    0x2f, 0x33, 0x2d, 0xb0, 0x71, 0x14, 0x61, 0x54, 0x05, 0xe6, 0x8d, 0x2d, 0x8d, 0xcd, 0x02, 0xf5,
+    0x7d, 0xda, 0xc1, 0x39, 0x87, 0x12, 0x2e, 0xf3, 0xe5, 0x76, 0x51, 0xc1, 0x51, 0xb0, 0xbc, 0x3d,
+    0xbb, 0x5b, 0xab, 0xc9, 0x0e, 0xa0, 0x8e, 0xe5, 0x28, 0x3c, 0xe2, 0xab, 0xe2, 0xa7, 0x10, 0xa4,
+    0x49, 0x67, 0x8f, 0x36, 0xdb, 0xb0, 0x24, 0xca, 0x2c, 0x3a, 0x46, 0x8f, 0x46, 0x3c, 0xc6, 0x60,
+    0x2b, 0xf7, 0xfe, 0x17, 0x7d, 0x0e, 0x1a, 0x51, 0xe2, 0x93, 0x8e, 0xfe, 0x8e, 0xd1, 0xd5, 0xaa,
+    0x99, 0xd6, 0x74, 0x0a, 0x68, 0x7d, 0x0c, 0x2e, 0x8e, 0xc9, 0x1a, 0x74, 0x1a, 0x49, 0xed, 0xd7,
+    0x02, 0x62, 0x88, 0xb2, 0x06, 0x0d, 0xdc, 0xe3, 0x92, 0xdb, 0xe0, 0x88, 0xe0, 0x0e, 0x8a, 0xce,
+    0x37, 0xee, 0x82, 0xe4, 0x59, 0x48, 0xb8, 0x4a, 0x12, 0x1b, 0x87, 0x82, 0x87, 0x85, 0xb5, 0xf4,
+    0xb3, 0x10, 0xce, 0x44, 0x16, 0x94, 0x78, 0xef, 0x25, 0xd6, 0xe4, 0xce, 0xe4, 0x9f, 0x7d, 0x1a,
+    0x73, 0x37, 0xff, 0xa1, 0x95, 0x31, 0x7f, 0x1f, 0x9d, 0x32, 0xb4, 0xff, 0xb4, 0x9a, 0x8c, 0x12,
+    0x64, 0x36, 0x2a, 0x34, 0xac, 0xa9, 0x99, 0x7d, 0xbb, 0x07, 0x2b, 0x2a, 0x2b, 0xff, 0x4e, 0x5b,
+    0xdc, 0x3e, 0x4d, 0x16, 0xa7, 0xe3, 0xa5, 0xeb, 0x48, 0x6c, 0x59, 0x4d, 0x59, 0x51, 0x91, 0x56,
+    0xd8, 0xfa, 0x9e, 0xb1, 0xab, 0xf9, 0xde, 0xee, 0xaf, 0x19, 0x5a, 0x9e, 0x5a, 0x4d, 0x46, 0x09,
+    0xc9, 0x5d, 0x10, 0x31, 0x98, 0x76, 0x9f, 0x6a, 0xfc, 0x82, 0x26, 0x10, 0x26, 0x3a, 0xd9, 0xd1,
+    0xab, 0xcd, 0x61, 0x10, 0x3e, 0xc8, 0xa1, 0xf1, 0x32, 0x2b, 0xee, 0x61, 0xee, 0xd7, 0xca, 0x1b,
+    0x33, 0x2a, 0x51, 0x43, 0x55, 0x52, 0xc3, 0x4f, 0xf5, 0x6e, 0x84, 0x51, 0x84, 0x99, 0x62, 0xab,
+    0x6b, 0xea, 0x50, 0xf5, 0xbd, 0x6d, 0xa6, 0x01, 0x8a, 0xcf, 0xbe, 0x50, 0xbe, 0xd2, 0x3b, 0x13,
+    0xcc, 0xa8, 0x87, 0xcf, 0x97, 0x8b, 0x8a, 0xff, 0x52, 0x7b, 0x55, 0x87, 0x55, 0x21, 0x4b, 0xe9,
+    0x90, 0xac, 0x55, 0xde, 0x73, 0xae, 0x94, 0xb4, 0xca, 0xaf, 0x6c, 0x55, 0x6c, 0x76, 0xc5, 0x0e,
+    0xd0, 0xb1, 0xfb, 0x3c, 0xb3, 0xcd, 0x28, 0xe4, 0xa2, 0xf3, 0x5c, 0xfb, 0x5c, 0x75, 0x2b, 0xb7,
+    0xac, 0x5a, 0x7e, 0x5c, 0x37, 0x38, 0x68, 0x87, 0x0e, 0x09, 0x7d, 0x7e, 0x7d, 0xc2, 0xd2, 0xed,
+    0xbf, 0x9f, 0x78, 0x6e, 0x02, 0xba, 0xf5, 0xe0, 0xcf, 0x49, 0xe1, 0x78, 0xe1, 0xbb, 0xc7, 0xfb,
+    0xda, 0x98, 0x16, 0x03, 0xad, 0xf4, 0x02, 0x0d, 0x3d, 0xc2, 0xba, 0x16, 0xba, 0x43, 0xcc, 0xc7,
+    0xa7, 0x42, 0xd7, 0x3a, 0x2a, 0xe6, 0x2c, 0xfe, 0xd8, 0xb4, 0xeb, 0xd7, 0xeb, 0xf3, 0x70, 0xfa,
+    0x5e, 0x66, 0x5a, 0xa3, 0xe2, 0x28, 0xc2, 0xa8, 0x0a, 0x0f, 0xd9, 0x5a, 0xd9, 0x59, 0x04, 0x29,
+    0x98, 0xe7, 0x30, 0x53, 0x6b, 0x9a, 0x62, 0xbe, 0xc7, 0x45, 0x6a, 0x30, 0x6a, 0x4e, 0xa8, 0xb0,
+    0x7a, 0x4d, 0xde, 0x75, 0x8e, 0xe2, 0xe7, 0x85, 0xd9, 0x54, 0xc2, 0xde, 0xc2, 0xa5, 0xa4, 0xcb,
+    0x13, 0xc5, 0x06, 0x32, 0x35, 0x82, 0x9d, 0x67, 0xc1, 0x40, 0x9c, 0x06, 0x9c, 0x79, 0x15, 0x16,
+    0x6a, 0xdb, 0x14, 0xac, 0xbe, 0x8a, 0xc8, 0x91, 0xc3, 0x43, 0xce, 0x14, 0xce, 0xd5, 0x7e, 0x74,
+    0x40, 0x1d, 0xae, 0xe2, 0xc0, 0x63, 0xbc, 0x50, 0x68, 0x5c, 0x30, 0xae, 0x30, 0x03, 0xee, 0xb9,
+    0xa8, 0x9e, 0xad, 0xfb, 0x3b, 0x22, 0x13, 0x82, 0xe9, 0x7c, 0x7e, 0xad, 0x7e, 0xde, 0x05, 0xb2,
+    0x5b, 0x93, 0xcd, 0x5d, 0xed, 0xd5, 0xd7, 0x3d, 0xa4, 0xf6, 0xaa, 0xcd, 0xaa, 0x42, 0x96, 0x11,
+    0xeb, 0xd0, 0xcf, 0xf2, 0xfe, 0xab, 0x1d, 0xa1, 0x5a, 0x77, 0xde, 0xcf, 0xde, 0xd4, 0x24, 0xa2,
+    0x66, 0x54, 0xa2, 0x86, 0xaa, 0xa4, 0x45, 0x9e, 0x29, 0xdc, 0xcb, 0xa2, 0xcb, 0xf1, 0xc4, 0x95,
+    0x56, 0x2d, 0x3f, 0x2e, 0xfa, 0x1c, 0x34, 0xa2, 0x07, 0xe5, 0xdf, 0x3f, 0xdf, 0x61, 0x69, 0x97,
+    0x81, 0x0b, 0xdb, 0x5e, 0x40, 0x21, 0xd5, 0x30, 0x99, 0x34, 0x10, 0xdb, 0x10, 0x01, 0x5a, 0xd6,
+    0x77, 0xf3, 0x2c, 0x06, 0x99, 0x2b, 0x04, 0x1a, 0x7a, 0x47, 0xb7, 0x2c, 0xb7, 0x86, 0x5b, 0x4d,
+    0x57, 0x1c, 0x7b, 0x77, 0xf9, 0xfb, 0x5a, 0x32, 0x4e, 0x69, 0xaf, 0x7b, 0xaf, 0x66, 0x2c, 0xf0,
+    0x4e, 0xf0, 0x90, 0x7a, 0xd2, 0x40, 0xed, 0xbc, 0x10, 0x18, 0xd5, 0x90, 0xd5, 0x29, 0xde, 0x96,
+    0x8d, 0x84, 0x6d, 0x74, 0x54, 0x0f, 0x58, 0x3f, 0x73, 0xab, 0x15, 0x6d, 0x15, 0x25, 0xe0, 0x37,
+    0xb0, 0x43, 0x02, 0xaf, 0x13, 0x7e, 0xca, 0x9c, 0xfe, 0x81, 0x74, 0x02, 0x74, 0x96, 0xb2, 0xb3,
+    0xf3, 0x0d, 0x60, 0xa6, 0xd6, 0xf7, 0xc4, 0xbf, 0x4d, 0x8a, 0xd4, 0x60, 0xd4, 0x9c, 0x93, 0xa3,
+    0x94, 0x68, 0x86, 0x79, 0x7f, 0xb4, 0xef, 0xb1, 0x2d, 0xda, 0x6f, 0x86, 0x6f, 0x6a, 0x12, 0x51,
+    0x20, 0xef, 0x57, 0x71, 0x60, 0xd0, 0x5e, 0x28, 0x34, 0x2e, 0x18, 0x57, 0x18, 0xe0, 0x77, 0xbd,
+    0x24, 0x2b, 0x84, 0xd6, 0x6c, 0xca, 0x25, 0x2d, 0xd3, 0x5b, 0x1b, 0x84, 0x1b, 0xfc, 0xa0, 0xe2,
+    0xd7, 0x26, 0xe4, 0x70, 0xba, 0x3d, 0xe1, 0x92, 0x9e, 0xd1, 0xcf, 0xe4, 0xcf, 0x60, 0x33, 0x41,
+    0x14, 0x52, 0x19, 0x7e, 0x3c, 0x72, 0x54, 0x11, 0xfd, 0x62, 0x0f, 0x19, 0x0f, 0x6c, 0x0d, 0xe0,
+    0x9e, 0x41, 0x6b, 0x46, 0x61, 0x8d, 0xc5, 0x58, 0xb2, 0xeb, 0x89, 0x6b, 0x89, 0x5c, 0xf5, 0x21,
+    0x05, 0xf5, 0x97, 0xfe, 0x0f, 0xfd, 0x15, 0x95, 0xae, 0xf9, 0x73, 0x97, 0x73, 0x1b, 0x92, 0x38,
+    0xc6, 0x81, 0x6a, 0xf0, 0x89, 0xb2, 0xa0, 0x16, 0xcd, 0x4a, 0xb3, 0x6a, 0xb3, 0x17, 0xac, 0x99,
+    0xed, 0x76, 0x94, 0xe7, 0xf4, 0xbc, 0xba, 0x47, 0x2f, 0xd9, 0x3d, 0x94, 0x3d, 0xc6, 0x79, 0x33,
+    0xc8, 0x6c, 0x54, 0x68, 0x9b, 0x91, 0xf1, 0xfa, 0xb5, 0x0e, 0x56, 0x54, 0x56, 0x3d, 0x9c, 0xb6,
+    0x9b, 0xb4, 0xfc, 0xb8, 0x6e, 0x70, 0xd0, 0xcd, 0x1c, 0x12, 0xfa, 0xfc, 0xfa, 0x47, 0x67, 0x19,
+    0xbd, 0xfd, 0xf0, 0xdc, 0x04, 0xb7, 0x29, 0x03, 0x5d, 0x92, 0x01, 0xf0, 0x01, 0xb5, 0x4d, 0x35,
+    0x84, 0xfe, 0x4c, 0xa0, 0x4f, 0xdc, 0xc0, 0xa5, 0x37, 0xcd, 0x63, 0x4c, 0x63, 0x1a, 0xc8, 0xee,
+    0xc3, 0x74, 0xfd, 0x0e, 0x86, 0x4f, 0xb5, 0x83, 0x63, 0xb3, 0xc0, 0xfd, 0xc0, 0x0c, 0x3e, 0xa1,
+    0xca, 0x0e, 0xdc, 0xda, 0x9d, 0x9c, 0x2d, 0x19, 0x27, 0xd5, 0xb6, 0xdc, 0xb6, 0x33, 0x16, 0x78,
+    0x8a, 0x13, 0x72, 0x38, 0x5d, 0xff, 0x91, 0x49, 0x4f, 0x89, 0x86, 0x72, 0x86, 0x30, 0xf8, 0xc1,
+    0x34, 0xbd, 0x4e, 0x0f, 0x5c, 0xa2, 0x0a, 0x39, 0xc9, 0x4c, 0x17, 0x4e, 0x17, 0x8c, 0x7a, 0x5d,
+    0x26, 0x49, 0x0c, 0x64, 0x6a, 0xc7, 0xf9, 0xce, 0x41, 0x80, 0xfb, 0x0c, 0xfb, 0xf2, 0x2a, 0x2c,
+    0x10, 0x96, 0xca, 0xd9, 0x30, 0x68, 0x2f, 0x14, 0x1a, 0x17, 0x0c, 0xca, 0x0c, 0x70, 0xda, 0xbf,
+    0x25, 0x1a, 0xc0, 0x8f, 0x6f, 0x2d, 0x4b, 0xbd, 0x9a, 0xd7, 0x6b, 0xc0, 0x6b, 0xfb, 0xe5, 0x85,
+    0xe3, 0x9b, 0xaa, 0x7f, 0xe6, 0x9f, 0xeb, 0xab, 0x57, 0x9d, 0xd8, 0xaa, 0xd8, 0xec, 0x49, 0x1c,
+    0x63, 0xa1, 0x35, 0x78, 0xa5, 0x59, 0x50, 0x0b, 0x87, 0x25, 0xb8, 0x35, 0xb8, 0xea, 0x56, 0xad,
+    0x0a, 0x29, 0xed, 0x3f, 0x1e, 0x39, 0x2a, 0xe9, 0x9f, 0x31, 0xe6, 0xed, 0xe6, 0x36, 0xe7, 0x70,
+    0x4f, 0xc1, 0xd4, 0x23, 0xd1, 0xa7, 0x83, 0x2c, 0x59, 0x94, 0xa5, 0xd4, 0xa5, 0x2e, 0x9b, 0xf1,
+    0x8b, 0x22, 0x36, 0x61, 0x5e, 0x18, 0xff, 0xd9, 0x06, 0x05, 0xf6, 0x36, 0xf6, 0x37, 0xbd, 0xa6,
+    0xc7, 0xb0, 0x2e, 0xa9, 0x8a, 0x55, 0xce, 0x86, 0x84, 0xc6, 0xc3, 0x2e, 0xc3, 0x10, 0xe9, 0xfe,
+    0x67, 0x65, 0xe6, 0xdf, 0xa9, 0x43, 0x2b, 0x0e, 0x60, 0x50, 0xbb, 0xe6, 0xbb, 0xf6, 0x81, 0xf2,
+    0x2d, 0x51, 0xa5, 0x02, 0x77, 0x19, 0xbd, 0xb7, 0x97, 0x3d, 0x6d, 0xa5, 0x6d, 0xc3, 0x88, 0x3b,
+    0xfe, 0xb3, 0x92, 0xd5, 0xc1, 0x3e, 0x27, 0x20, 0xee, 0x99, 0xa1, 0x92, 0xa1, 0xbf, 0x6c, 0x25,
+    0x45, 0xe8, 0x39, 0x1c, 0xcf, 0x9e, 0xa9, 0xc5, 0xc6, 0xa5, 0x43, 0x39, 0x43, 0x18, 0x7c, 0x81,
+    0xa0, 0xd5, 0xc8, 0x76, 0x23, 0x16, 0xe5, 0x88, 0xe4, 0x96, 0x78, 0xc8, 0x78, 0xe6, 0x68, 0x0c,
+    0x80, 0x3a, 0x9f, 0x07, 0x43, 0xc6, 0xbb, 0xa0, 0xd0, 0xb8, 0x60, 0x9f, 0x60, 0x06, 0x1f, 0xb1,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x4a, 0x34, 0x43, 0xdd, 0xde, 0x5a, 0x96, 0xb9, 0xf7, 0x6d, 0xd6, 0x43, 0xd6, 0x35, 0x09, 0xc9,
+    0xee, 0x25, 0x58, 0x0c, 0xf1, 0x56, 0x08, 0x34, 0xf4, 0x8e, 0xad, 0x58, 0xad, 0xcf, 0xb6, 0x9a,
+    0x4c, 0x92, 0x18, 0xc8, 0xd4, 0x4d, 0x31, 0x5f, 0x82, 0xc3, 0x35, 0x18, 0x35, 0x27, 0x54, 0x58,
+  },
+  { /* 13 */
+    0xab, 0xda, 0x7f, 0x93, 0x75, 0x63, 0x3b, 0x22, 0xb7, 0x40, 0xa6, 0x84, 0xc2, 0x22, 0x09, 0xda,
+    0xbb, 0xd9, 0xf4, 0xa6, 0xc1, 0x1b, 0xf5, 0xe1, 0x54, 0xa2, 0xc5, 0x24, 0x95, 0xe1, 0xdd, 0xd9,
+    0x83, 0x3c, 0x0e, 0x02, 0x84, 0xaf, 0x03, 0xe7, 0x22, 0x36, 0xb0, 0x57, 0xa6, 0xe7, 0x08, 0x3c,
+    0x0d, 0x8c, 0x03, 0x40, 0xed, 0xc4, 0x60, 0xd0, 0xca, 0x0f, 0xa2, 0x72, 0x27, 0xd0, 0xc3, 0x8c,
+    0x3a, 0xdd, 0xd3, 0xea, 0xb2, 0xbb, 0x9f, 0x26, 0x52, 0x19, 0x41, 0x67, 0xe0, 0x26, 0x2e, 0xdd,
+    0x4a, 0xd4, 0xe4, 0x61, 0x38, 0x10, 0xb0, 0x2a, 0xbe, 0xf2, 0xab, 0x81, 0x86, 0x2a, 0x47, 0xd4,
+    0xe8, 0xf2, 0xca, 0x2e, 0x8d, 0xa9, 0x39, 0x98, 0x8b, 0x64, 0xc7, 0x5f, 0x06, 0x98, 0xb8, 0xf2,
+    0xeb, 0xd6, 0x16, 0x47, 0xe0, 0x40, 0x85, 0xa8, 0xbd, 0x4e, 0xe9, 0x41, 0x5d, 0xa8, 0xdf, 0xd6,
+    0x8f, 0xac, 0xf8, 0x65, 0xf3, 0x8d, 0xb6, 0x27, 0xfa, 0x9e, 0x08, 0x2f, 0x09, 0x27, 0x57, 0xac,
+    0xbe, 0xb5, 0x53, 0x1d, 0x76, 0xe3, 0xf2, 0xb1, 0x0e, 0xdc, 0xb7, 0x06, 0x78, 0xb1, 0x74, 0xb5,
+    0x0f, 0xb4, 0x2a, 0x0e, 0x1a, 0xcb, 0x09, 0xf0, 0xee, 0x82, 0x96, 0x66, 0xf4, 0xf0, 0x38, 0xb4,
+    0x6d, 0x86, 0xbf, 0xfe, 0xd3, 0x17, 0x81, 0x1f, 0xc5, 0x06, 0x2b, 0x34, 0x16, 0x1f, 0x7e, 0x86,
+    0x0a, 0xd8, 0x8d, 0xb5, 0xad, 0x33, 0x0e, 0xa0, 0xb4, 0xfc, 0xe4, 0x44, 0x19, 0xa0, 0x91, 0xd8,
+    0x29, 0xfa, 0x84, 0xb6, 0x6b, 0x2a, 0xed, 0xd5, 0x87, 0xd1, 0x0c, 0xd9, 0xec, 0xd5, 0x9d, 0xfa,
+    0x17, 0x57, 0x05, 0xc0, 0xf4, 0x8f, 0xa0, 0xb3, 0x9d, 0x11, 0x25, 0x96, 0x69, 0xb3, 0x86, 0x57,
+    0xb0, 0x1d, 0x8c, 0x34, 0xf6, 0xce, 0x2e, 0x51, 0xf2, 0xf9, 0x3b, 0x6a, 0x04, 0x51, 0xd0, 0x1d,
+    0xc5, 0x78, 0x1c, 0x04, 0xcb, 0x9d, 0x06, 0x0d, 0x44, 0x6c, 0xa3, 0xae, 0x8f, 0x0d, 0x10, 0x78,
+    0x4c, 0x9c, 0x9f, 0xb3, 0xe2, 0x01, 0x0b, 0x4a, 0xd2, 0xa6, 0xf7, 0xbd, 0x30, 0x4a, 0x89, 0x9c,
+    0xc3, 0x30, 0x67, 0xd6, 0x11, 0x8c, 0xbd, 0x6d, 0x28, 0x38, 0xff, 0x92, 0x39, 0x6d, 0xde, 0x30,
+    0xb5, 0x71, 0x2b, 0x8f, 0x41, 0x36, 0x29, 0x01, 0xa8, 0x87, 0x49, 0x48, 0xe9, 0x01, 0x79, 0x71,
+    0x74, 0x79, 0x65, 0x17, 0xa7, 0xb5, 0xfd, 0x4c, 0xa4, 0x32, 0x82, 0xce, 0x03, 0x4c, 0x5c, 0x79,
+    0x94, 0x6b, 0x0b, 0xc2, 0x70, 0x20, 0xa3, 0x54, 0xbf, 0x27, 0x95, 0xc1, 0xcf, 0x54, 0x8e, 0x6b,
+    0x1d, 0x8f, 0x88, 0x75, 0x59, 0xbc, 0xae, 0x13, 0x29, 0xed, 0xc1, 0xd2, 0x70, 0x13, 0x17, 0x8f,
+    0x25, 0x6a, 0x72, 0xd1, 0x1c, 0x08, 0x58, 0x15, 0x5f, 0x79, 0xb4, 0xa1, 0x43, 0x15, 0xc2, 0x6a,
+    0x48, 0xec, 0xcd, 0x2f, 0xcf, 0x1f, 0xd9, 0x0a, 0x9a, 0x7f, 0x9f, 0x95, 0x55, 0x0a, 0xbc, 0xec,
+    0xda, 0xcf, 0xbd, 0x3f, 0x65, 0x2e, 0xc1, 0x3e, 0x49, 0x0c, 0x56, 0x68, 0x2c, 0x3e, 0xfc, 0xcf,
+    0xdd, 0x9b, 0x33, 0xca, 0x25, 0xd9, 0xaf, 0x4e, 0x37, 0xff, 0x10, 0x5e, 0x12, 0x4e, 0xae, 0x9b,
+    0xe9, 0xee, 0x3f, 0x09, 0x17, 0x4f, 0xec, 0x88, 0x99, 0xc3, 0xdd, 0x55, 0x8e, 0x88, 0x24, 0xee,
+    0xea, 0xca, 0xe3, 0x60, 0x7a, 0xa6, 0x50, 0xb8, 0xaf, 0xe9, 0xf3, 0x4b, 0xd5, 0xb8, 0x43, 0xca,
+    0x73, 0x2d, 0xeb, 0xe2, 0xe7, 0x42, 0x93, 0x3c, 0xda, 0xc1, 0xc4, 0xf8, 0x3d, 0x3c, 0x0e, 0x2d,
+    0x2e, 0xae, 0x0a, 0x43, 0x2b, 0xdd, 0x83, 0xa5, 0xf9, 0x22, 0x4a, 0xef, 0xd2, 0xa5, 0xcf, 0xae,
+    0xf5, 0x7d, 0x42, 0x5b, 0xd4, 0x15, 0x97, 0x8b, 0xa2, 0x89, 0x06, 0x8d, 0x76, 0x8b, 0xaf, 0x7d,
+    0x26, 0x4e, 0xae, 0xb8, 0x71, 0xe1, 0xe4, 0x25, 0x69, 0x53, 0x9a, 0xbf, 0x18, 0x25, 0xa5, 0x4e,
+    0xd0, 0x17, 0x30, 0x8a, 0xc8, 0x1d, 0xcf, 0x9e, 0xfd, 0xf0, 0xb2, 0x2c, 0x35, 0x9e, 0x6d, 0x17,
+    0xc4, 0x64, 0xe9, 0x23, 0x51, 0x7b, 0xd3, 0x1d, 0x56, 0xcb, 0xb9, 0xa4, 0x07, 0x1d, 0x8c, 0x64,
+    0xf3, 0x35, 0x39, 0x89, 0x0e, 0x04, 0x2c, 0xeb, 0xce, 0xdd, 0x5a, 0xb1, 0xc0, 0xeb, 0x61, 0x35,
+    0x7b, 0xcd, 0x4f, 0x19, 0xbd, 0x7e, 0xf4, 0xbc, 0x4a, 0xb0, 0x14, 0xa8, 0xf7, 0xbc, 0x64, 0xcd,
+    0x4d, 0x80, 0x6a, 0x94, 0x78, 0xe7, 0xde, 0x5a, 0xc0, 0x01, 0xed, 0xb7, 0xb8, 0x5a, 0x15, 0x80,
+    0x45, 0x60, 0xce, 0x6f, 0x22, 0xdb, 0xb9, 0xda, 0x50, 0x70, 0x3d, 0xe7, 0x72, 0xda, 0x7f, 0x60,
+    0xa9, 0xe2, 0x56, 0xdd, 0x82, 0x6c, 0x52, 0x02, 0x93, 0xcd, 0x92, 0x90, 0x11, 0x02, 0xf2, 0xe2,
+    0x5e, 0xa7, 0x3d, 0xc8, 0xa1, 0x76, 0xac, 0xa9, 0x15, 0xc9, 0xa0, 0x09, 0xb4, 0xa9, 0xa6, 0xa7,
+    0xd8, 0xf7, 0x94, 0x71, 0x92, 0x21, 0xa8, 0x1e, 0x6d, 0x81, 0x62, 0x7c, 0xff, 0x1e, 0x07, 0xf7,
+    0x7e, 0xa1, 0xe8, 0xa2, 0x0a, 0x86, 0xf3, 0xec, 0x10, 0xce, 0x66, 0x8a, 0x1a, 0xec, 0xcd, 0xa1,
+    0xf2, 0x29, 0xcc, 0xae, 0x94, 0xe2, 0xf9, 0xfb, 0xdc, 0x7a, 0x40, 0xbb, 0x48, 0xfb, 0xfd, 0x29,
+    0x90, 0x1b, 0x59, 0x5e, 0x5d, 0x3e, 0x71, 0x14, 0xf7, 0xfe, 0xfd, 0xe9, 0xaa, 0x14, 0xbb, 0x1b,
+    0x77, 0x5d, 0xb9, 0x7e, 0xca, 0x5c, 0x41, 0x7c, 0x92, 0x18, 0xac, 0xd0, 0x58, 0x7c, 0x3b, 0x5d,
+    0x53, 0x2b, 0x3e, 0x88, 0x4c, 0xb2, 0xcc, 0x79, 0xdf, 0xc6, 0x02, 0x7b, 0x93, 0x79, 0x65, 0x2b,
+    0xe5, 0x7e, 0xc9, 0x6e, 0x60, 0x6d, 0x59, 0x48, 0x41, 0x6b, 0x65, 0x2d, 0x21, 0x48, 0x7b, 0x7e,
+    0x49, 0xf0, 0x38, 0x08, 0x55, 0xf9, 0x0c, 0x1a, 0x88, 0xd8, 0x85, 0x9f, 0xdd, 0x1a, 0x20, 0xf0,
+    0x98, 0xfb, 0xfd, 0xa5, 0x07, 0x02, 0x16, 0x94, 0x67, 0x8f, 0x2d, 0xb9, 0x60, 0x94, 0xd1, 0xfb,
+    0x13, 0x27, 0x57, 0x5c, 0xd9, 0x91, 0x72, 0xf3, 0xd5, 0xc8, 0x4d, 0xbe, 0x0c, 0xf3, 0xb3, 0x27,
+    0x43, 0x28, 0xb5, 0xbd, 0xf8, 0xca, 0x02, 0xba, 0x3c, 0x24, 0x61, 0xdb, 0xc4, 0xba, 0xb1, 0x28,
+    0xdc, 0x87, 0xc6, 0xed, 0xbf, 0x3f, 0x7a, 0x5e, 0x25, 0x58, 0x0a, 0x54, 0x9a, 0x5e, 0x32, 0x87,
+    0xc7, 0x40, 0x35, 0x4a, 0x3c, 0x92, 0x6f, 0x2d, 0x60, 0xe1, 0x97, 0xba, 0x5c, 0x2d, 0xeb, 0x40,
+    0xa0, 0x1e, 0x07, 0x01, 0x42, 0xb6, 0xe0, 0x92, 0x11, 0x1b, 0x58, 0xca, 0x53, 0x92, 0x04, 0x1e,
+    0xcc, 0x84, 0x4d, 0xd8, 0x0b, 0x47, 0xb4, 0x9d, 0xc6, 0xba, 0x69, 0xf4, 0xcd, 0x9d, 0xe6, 0x84,
+    0x14, 0x73, 0xd9, 0xa9, 0x99, 0x66, 0x1c, 0x83, 0xab, 0x3b, 0x0b, 0x88, 0x32, 0x83, 0xe1, 0x73,
+    0x52, 0x37, 0xcb, 0xaf, 0xd6, 0x54, 0x19, 0x69, 0xcd, 0x61, 0x18, 0x71, 0x1b, 0x69, 0xf9, 0x37,
+    0x2f, 0xb2, 0xff, 0x64, 0xb1, 0x3b, 0x56, 0xb5, 0xeb, 0x85, 0x50, 0xe5, 0x5a, 0xb5, 0x53, 0xb2,
+    0x47, 0x58, 0xe7, 0x21, 0xd5, 0xd4, 0xd0, 0xfa, 0x74, 0xfd, 0x09, 0xf3, 0xa1, 0xfa, 0x84, 0x58,
+    0xa6, 0x56, 0x7c, 0xd3, 0x98, 0xa7, 0x5b, 0xf2, 0x7d, 0x4f, 0x04, 0xf6, 0xe5, 0xf2, 0xca, 0x56,
+    0x5f, 0xbb, 0xc8, 0xef, 0x3b, 0x90, 0x79, 0xb9, 0x07, 0x6e, 0xba, 0x03, 0x3c, 0xb9, 0x3a, 0xbb,
+    0xe3, 0x36, 0xb2, 0xbc, 0xba, 0x7c, 0xe2, 0x28, 0x2d, 0x3f, 0x39, 0x11, 0x97, 0x28, 0xb5, 0x36,
+    0xb8, 0xfd, 0x28, 0xcf, 0xac, 0xf2, 0x49, 0xd1, 0x62, 0x88, 0xeb, 0x3a, 0xce, 0xd1, 0xba, 0xfd,
+    0xa7, 0x4a, 0x89, 0xf4, 0x02, 0x41, 0x8e, 0xe2, 0x6f, 0xe8, 0x1e, 0xfc, 0x6d, 0xe2, 0x56, 0x4a,
+    0xc0, 0x14, 0xbb, 0xbf, 0x7c, 0x65, 0x01, 0x5d, 0x1e, 0x12, 0xd1, 0x8c, 0x62, 0x5d, 0xb9, 0x14,
+    0x23, 0x22, 0x09, 0x03, 0xc6, 0x19, 0xe3, 0x75, 0x33, 0x2d, 0xe8, 0x9d, 0xf5, 0x75, 0x0c, 0x22,
+    0x2a, 0xde, 0x58, 0xdf, 0x06, 0xc3, 0x51, 0xe5, 0xb1, 0xfb, 0x22, 0xc7, 0xb7, 0xe5, 0xfa, 0xde,
+    0x62, 0x32, 0x95, 0xf0, 0xc9, 0xdc, 0x88, 0xef, 0x2b, 0x84, 0xbd, 0x52, 0xe2, 0xef, 0x46, 0x32,
+    0x7d, 0x85, 0x34, 0xcb, 0x67, 0x6f, 0x4f, 0xdc, 0x26, 0xe4, 0x48, 0x94, 0x41, 0xdc, 0xaa, 0x85,
+    0x31, 0x19, 0xab, 0x78, 0x85, 0x6e, 0x44, 0x96, 0xf4, 0x42, 0xbf, 0x29, 0x71, 0x96, 0x23, 0x19,
+    0x30, 0x05, 0x5e, 0x5f, 0x1f, 0x88, 0x91, 0x86, 0xe6, 0xe5, 0xa5, 0x23, 0xf9, 0x86, 0xbf, 0x05,
+    0xc1, 0x08, 0x4e, 0x98, 0xe6, 0x83, 0xd4, 0x4d, 0x0c, 0xb5, 0xcb, 0x86, 0xea, 0x4d, 0x25, 0x08,
+    0x20, 0x06, 0xd5, 0x6a, 0xab, 0xf0, 0x5f, 0x45, 0x05, 0x07, 0xc6, 0x83, 0xae, 0x45, 0x6b, 0x06,
+    0x8a, 0xc0, 0x5f, 0xde, 0x44, 0x75, 0xb1, 0x77, 0xa0, 0xe0, 0x7a, 0x0d, 0xe4, 0x77, 0xfe, 0xc0,
+    0xd7, 0x43, 0xbe, 0x7f, 0x88, 0xea, 0xa1, 0xee, 0x83, 0x03, 0xf4, 0x1a, 0x0b, 0xee, 0x3f, 0x43,
+    0x3d, 0x89, 0x5d, 0x1f, 0xf2, 0x4c, 0xf1, 0x56, 0x2c, 0xea, 0x07, 0x51, 0xde, 0x56, 0x7c, 0x89,
+    0xbf, 0xa9, 0xa6, 0x3a, 0xec, 0x05, 0x27, 0xa1, 0x1c, 0x7b, 0xad, 0x0c, 0xf0, 0xa1, 0xe8, 0xa9,
+    0xc6, 0x5c, 0xc0, 0x6d, 0xa6, 0x74, 0xba, 0x3d, 0x72, 0x46, 0x8d, 0xb0, 0xd4, 0x3d, 0x77, 0x5c,
+    0x72, 0x31, 0x1e, 0xc5, 0x7d, 0xa4, 0x46, 0x2c, 0xc8, 0x66, 0xde, 0xf2, 0xb5, 0x2c, 0x92, 0x31,
+    0xdb, 0xd3, 0x48, 0x18, 0xff, 0xc8, 0x14, 0x2e, 0x5b, 0xab, 0x4c, 0x62, 0xa4, 0x2e, 0x60, 0xd3,
+    0x15, 0x6f, 0x2c, 0x8e, 0x03, 0x80, 0xc9, 0x93, 0xb9, 0x9c, 0x11, 0x82, 0xba, 0x93, 0x7d, 0x6f,
+    0x99, 0xe7, 0x08, 0x82, 0x9d, 0xe4, 0xc3, 0x84, 0x75, 0x28, 0x37, 0xb3, 0xe8, 0x84, 0x4d, 0xe7,
+    0x4b, 0xc8, 0x11, 0x46, 0xa2, 0xf6, 0x65, 0x3a, 0xac, 0x55, 0xb1, 0x8b, 0x0e, 0x3a, 0xdb, 0xc8,
+    0x34, 0x75, 0x0c, 0xc3, 0x32, 0x96, 0x43, 0xc6, 0xae, 0x3c, 0xcd, 0x0b, 0x9c, 0xc6, 0x8a, 0x75,
+    0x60, 0x0a, 0xbc, 0xbe, 0x3e, 0xd3, 0xe1, 0xcf, 0x0f, 0x09, 0x89, 0x46, 0x31, 0xcf, 0xbd, 0x0a,
+    0x92, 0x23, 0x70, 0x10, 0xaa, 0x31, 0x18, 0x34, 0xd3, 0x73, 0xc9, 0xfd, 0x79, 0x34, 0x40, 0x23,
+    0xac, 0x8e, 0xf1, 0x66, 0x35, 0x94, 0x55, 0x52, 0xc9, 0xb3, 0xe0, 0xb2, 0xfc, 0x52, 0x5b, 0x8e,
+    0x6e, 0xa2, 0x63, 0x97, 0xbe, 0xfe, 0x3d, 0x2f, 0xf3, 0x2c, 0x05, 0x2a, 0x4d, 0x2f, 0x19, 0xa2,
+    0xa1, 0x02, 0xf2, 0x26, 0xd8, 0x50, 0x35, 0x82, 0x03, 0xbc, 0x42, 0xc0, 0xdb, 0x82, 0x98, 0x02,
+    0x81, 0x04, 0x27, 0x4c, 0x73, 0xa0, 0x6a, 0xc7, 0x06, 0xbb, 0x84, 0x43, 0x75, 0xc7, 0xf3, 0x04,
+    0x3b, 0xc1, 0x26, 0xcd, 0x28, 0x5d, 0x4a, 0x36, 0x40, 0xbe, 0x5b, 0x6d, 0x68, 0x36, 0xb2, 0xc1,
+    0x19, 0xff, 0xda, 0xe9, 0x74, 0xa2, 0x7c, 0x53, 0x61, 0x34, 0xa9, 0xfa, 0x15, 0x53, 0x22, 0xff,
+    0xe4, 0x62, 0x3c, 0x49, 0xfa, 0x8b, 0x8c, 0x58, 0x53, 0xcc, 0x7f, 0x27, 0xa9, 0x58, 0xe7, 0x62,
+    0x2c, 0x96, 0x23, 0x0d, 0xdc, 0xd2, 0xea, 0x85, 0xdd, 0xaf, 0x7e, 0xfb, 0x01, 0x85, 0x34, 0x96,
+    0xbd, 0x91, 0x8f, 0x74, 0x1b, 0x0a, 0x4e, 0x81, 0x38, 0xf6, 0x99, 0x18, 0x23, 0x81, 0x13, 0x91,
+    0xb6, 0x55, 0xf7, 0xe6, 0x2c, 0xdf, 0x95, 0x31, 0x9e, 0xad, 0x67, 0x56, 0xb2, 0x31, 0x1e, 0x55,
+    0xd3, 0x33, 0xec, 0xe3, 0xa5, 0xf4, 0x73, 0xae, 0xcb, 0xda, 0x9c, 0x32, 0x6e, 0xae, 0x0a, 0x33,
+    0xe7, 0x46, 0xe0, 0x20, 0x97, 0x62, 0x30, 0x68, 0x65, 0xe6, 0x51, 0x39, 0xf2, 0x68, 0x80, 0x46,
+    0x9b, 0xdf, 0x21, 0xcc, 0x6a, 0xeb, 0xaa, 0xa4, 0x51, 0xa5, 0x03, 0xa7, 0x3b, 0xa4, 0xb6, 0xdf,
+    0x8c, 0x88, 0x24, 0x0c, 0x9e, 0x64, 0x0a, 0x17, 0xcc, 0xb4, 0x26, 0x31, 0x52, 0x17, 0x30, 0x88,
+    0x04, 0x70, 0x52, 0x9c, 0x2d, 0x1e, 0xd2, 0x40, 0x48, 0xd9, 0x68, 0x28, 0x65, 0x40, 0x35, 0x70,
+    0x86, 0x50, 0xa9, 0xb9, 0x33, 0x57, 0x04, 0xb7, 0x78, 0x48, 0xc2, 0x75, 0x4b, 0xb7, 0xa1, 0x50,
+    0xef, 0xa6, 0x44, 0xdb, 0xcd, 0x5e, 0x57, 0xe8, 0xf5, 0x97, 0x81, 0x69, 0x38, 0xe8, 0xea, 0xa6,
+    0x32, 0x3d, 0x77, 0x11, 0xe8, 0x87, 0xf8, 0xa6, 0xc2, 0x68, 0x91, 0x37, 0x2a, 0xa6, 0x44, 0x3d,
+    0x0b, 0xc4, 0x78, 0x92, 0x37, 0xd5, 0xdb, 0xb0, 0xa6, 0x5b, 0xfe, 0x4e, 0x91, 0xb0, 0x0d, 0xc4,
+    0x9e, 0xb3, 0x86, 0x77, 0xdd, 0x13, 0xad, 0xf4, 0x0b, 0xdb, 0x71, 0x85, 0xd6, 0xf4, 0x1f, 0xb3,
+    0x80, 0x18, 0xd2, 0x6b, 0xe9, 0x46, 0xbf, 0xd7, 0x14, 0x1c, 0x9e, 0x49, 0xfd, 0xd7, 0x6f, 0x18,
+    0x1c, 0x93, 0x7d, 0x52, 0xc3, 0x5a, 0x7b, 0x03, 0x3b, 0x4a, 0xdb, 0xd8, 0xf8, 0x03, 0x8b, 0x93,
+    0xb1, 0x01, 0x79, 0x13, 0x6c, 0x28, 0xfb, 0x41, 0xe0, 0x5e, 0x21, 0x60, 0x8c, 0x41, 0x4c, 0x01,
+    0xd4, 0x67, 0x62, 0x16, 0xe5, 0x03, 0x1d, 0xde, 0xb5, 0x29, 0xda, 0x04, 0x50, 0xde, 0x58, 0x67,
+    0x7a, 0xd1, 0xba, 0x3e, 0x27, 0x98, 0x21, 0xac, 0x58, 0x17, 0x0e, 0xa2, 0x7f, 0xac, 0xf8, 0xd1,
+    0x5b, 0xcb, 0x9a, 0x73, 0x16, 0x8e, 0xab, 0xf9, 0x4f, 0xb7, 0xd2, 0x2b, 0x59, 0xf9, 0x0f, 0xcb,
+    0xa3, 0x3a, 0xdb, 0x68, 0x2f, 0x5f, 0x5c, 0xa2, 0x27, 0x31, 0x76, 0xd4, 0x08, 0xa2, 0x63, 0x3a,
+    0xf9, 0xed, 0xb4, 0x3c, 0xa3, 0x37, 0x22, 0x4b, 0x7a, 0x21, 0xbe, 0xf5, 0xd9, 0x4b, 0xf0, 0xed,
+    0x33, 0x21, 0x82, 0x36, 0x72, 0x61, 0x2d, 0xb6, 0xd0, 0xcf, 0x8b, 0x3d, 0xa2, 0xb6, 0xd8, 0x21,
+    0x68, 0xea, 0x18, 0x45, 0x64, 0xef, 0x86, 0x4f, 0x9f, 0x78, 0x59, 0x16, 0xfb, 0x4f, 0xd7, 0xea,
+    0x96, 0x53, 0x22, 0x8c, 0x87, 0x2f, 0xca, 0x74, 0x9b, 0xaa, 0xa1, 0xd5, 0x1c, 0x74, 0x75, 0x53,
+    0x46, 0x44, 0x12, 0x06, 0x4f, 0x32, 0x05, 0xea, 0x66, 0x5a, 0x13, 0xf9, 0x29, 0xea, 0x18, 0x44,
+    0x02, 0x38, 0x29, 0x4e, 0xf7, 0x0f, 0x69, 0x20, 0x24, 0x8d, 0x34, 0x14, 0xd3, 0x20, 0xfb, 0x38,
+    0xff, 0xa5, 0xcf, 0xee, 0x79, 0x26, 0x99, 0x2b, 0x16, 0x75, 0xe2, 0xc9, 0x6f, 0x2b, 0x3e, 0xa5,
+    0x95, 0x77, 0xfe, 0xe5, 0xea, 0xc6, 0x76, 0x44, 0xad, 0x80, 0x8f, 0xcb, 0x47, 0x44, 0x12, 0x77,
+    0x64, 0x7a, 0xee, 0x22, 0x13, 0xcd, 0x33, 0x8f, 0x47, 0xd0, 0xe1, 0x6e, 0x54, 0x8f, 0x88, 0x7a,
+    0x40, 0x0c, 0x69, 0xd4, 0x95, 0x23, 0xbe, 0x8a, 0x0a, 0x0e, 0x4f, 0xc5, 0x9f, 0x8a, 0xd6, 0x0c,
+    0x41, 0x10, 0x9c, 0xf3, 0x0f, 0xc5, 0x6b, 0x9a, 0x18, 0xa9, 0x55, 0xcf, 0x17, 0x9a, 0x4a, 0x10,
+    0x16, 0x4b, 0xf0, 0xe7, 0x6e, 0x69, 0x75, 0xa3, 0x8f, 0xb6, 0x3f, 0x9c, 0xe1, 0xa3, 0x1a, 0x4b,
+    0x0e, 0xa8, 0xdf, 0x29, 0x80, 0x2d, 0xdc, 0xe0, 0xfc, 0x25, 0x8c, 0x6c, 0x7c, 0xe0, 0xa4, 0xa8,
+    0xb9, 0xe1, 0xdd, 0xe8, 0x36, 0x14, 0x9c, 0xc1, 0x70, 0x2f, 0xf1, 0x30, 0x46, 0xc1, 0x26, 0xe1,
+    0xfd, 0x9d, 0xe6, 0xa0, 0x8e, 0x29, 0xf0, 0x0b, 0x32, 0xf8, 0xd6, 0xdd, 0xbc, 0x0b, 0xc5, 0x9d,
+    0x6f, 0xbe, 0x96, 0xb0, 0x24, 0x18, 0xe8, 0x3f, 0xe1, 0x8b, 0x1f, 0x20, 0xc5, 0x3f, 0x85, 0xbe,
+    0x91, 0x07, 0xac, 0x79, 0xc7, 0xd8, 0xa4, 0x04, 0xe5, 0x59, 0xe7, 0xe3, 0x22, 0x04, 0x27, 0x07,
+    0xa5, 0x72, 0xa0, 0xba, 0xf5, 0x4e, 0xe7, 0xc2, 0x4b, 0x65, 0x2a, 0xe8, 0xbe, 0xc2, 0xad, 0x72,
+    0xcf, 0xa0, 0x91, 0xb1, 0x66, 0xae, 0x08, 0xad, 0xf0, 0x90, 0x47, 0xea, 0x96, 0xad, 0x81, 0xa0,
+    0x56, 0x47, 0x99, 0x33, 0xfb, 0x4a, 0xcb, 0x29, 0x85, 0xb8, 0x70, 0x59, 0x7e, 0x29, 0xcc, 0x47,
+    0xba, 0xc5, 0x01, 0x81, 0x5b, 0xfd, 0x20, 0xf1, 0x46, 0x05, 0xdf, 0x2e, 0x1d, 0xf1, 0x41, 0xc5,
+    0x61, 0x16, 0x49, 0x99, 0xa4, 0x35, 0x34, 0xdf, 0x1d, 0xae, 0x93, 0x4c, 0xb9, 0xdf, 0x21, 0x16,
+    0x18, 0xe3, 0x2f, 0xce, 0xee, 0x44, 0xa9, 0x43, 0x73, 0x93, 0xb3, 0xf0, 0x9d, 0x43, 0xbe, 0xe3,
+    0x54, 0x7f, 0xb0, 0x7d, 0x0c, 0x45, 0xa2, 0x09, 0xa1, 0x35, 0x44, 0x4d, 0xad, 0x09, 0x37, 0x7f,
+    0x8b, 0xdc, 0xaa, 0xf9, 0xde, 0x93, 0x64, 0x67, 0xb2, 0x47, 0x60, 0x07, 0x6c, 0x67, 0x62, 0xdc,
+    0x3e, 0xad, 0x81, 0x76, 0x9f, 0xa5, 0x4d, 0x66, 0x1a, 0xc0, 0x29, 0x4f, 0x85, 0x66, 0x1b, 0xad,
+    0x5a, 0xd7, 0x6f, 0x54, 0x8c, 0x68, 0x7e, 0xe9, 0x5d, 0x10, 0xc8, 0x21, 0xd1, 0xe9, 0x93, 0xd7,
+    0xce, 0xbc, 0x64, 0x96, 0xfc, 0x48, 0xdd, 0xbd, 0xe2, 0x37, 0x5d, 0xe0, 0x1e, 0xbd, 0x1d, 0xbc,
+    0xf7, 0x45, 0x6b, 0x15, 0x23, 0x1a, 0xfe, 0xab, 0x86, 0x04, 0x32, 0x99, 0xa5, 0xab, 0x54, 0x45,
+    0xd2, 0x2f, 0x19, 0xc4, 0x3f, 0x12, 0xa6, 0xbe, 0xd9, 0x7d, 0x86, 0x38, 0xe6, 0xbe, 0x96, 0x2f,
+    0x82, 0x20, 0xfb, 0x25, 0x1e, 0x49, 0xd6, 0xf7, 0x30, 0x91, 0xaa, 0x5d, 0x2e, 0xf7, 0x94, 0x20,
+    0xb3, 0x39, 0x50, 0x5d, 0x9b, 0x27, 0x92, 0x61, 0xc4, 0xd3, 0x15, 0x74, 0x5f, 0x61, 0xb7, 0x39,
+    0xb4, 0x6d, 0xde, 0xa8, 0xdb, 0xd0, 0xfc, 0x11, 0xba, 0x20, 0x53, 0x42, 0x61, 0x11, 0xe5, 0x6d,
+    0xd6, 0x5f, 0x4b, 0x58, 0x12, 0x0c, 0x74, 0xfe, 0x91, 0xa4, 0xee, 0x10, 0x83, 0xfe, 0xa3, 0x5f,
+    0xe1, 0x0e, 0x9b, 0xf2, 0x4d, 0x73, 0x8b, 0x08, 0x09, 0xb2, 0x0d, 0x05, 0x44, 0x08, 0x4e, 0x0e,
+    0xc2, 0x2c, 0x92, 0xf1, 0x8b, 0x6a, 0x68, 0x7d, 0x3a, 0x9f, 0xe5, 0x98, 0xb1, 0x7d, 0x42, 0x2c,
+    0x5d, 0x83, 0xe1, 0xa1, 0xcc, 0x9f, 0x10, 0x99, 0x23, 0xe3, 0x8e, 0x17, 0xef, 0x99, 0xc1, 0x83,
+    0xfa, 0xc9, 0x68, 0x55, 0xce, 0xde, 0x9e, 0x7b, 0x4c, 0x0b, 0x90, 0xeb, 0x82, 0x7b, 0x97, 0xc9,
+    0xa4, 0x6e, 0x55, 0x9d, 0x6f, 0xa8, 0x32, 0xd2, 0x59, 0xc2, 0x30, 0xe2, 0x36, 0xd2, 0x31, 0x6e,
+    0x1f, 0xb7, 0xa1, 0x3b, 0xae, 0xb3, 0xc7, 0x33, 0x0d, 0x60, 0xf5, 0xc6, 0xa3, 0x33, 0xec, 0xb7,
+    0x0c, 0x90, 0xf6, 0x67, 0x77, 0x22, 0xb5, 0xc0, 0xd8, 0xa8, 0xb8, 0x78, 0xaf, 0xc0, 0x5f, 0x90,
+    0x01, 0x1c, 0xf5, 0x27, 0x9a, 0xe6, 0xd5, 0x10, 0x12, 0xa7, 0x1a, 0x0a, 0x88, 0x10, 0x9c, 0x1c,
+    0x2d, 0x8a, 0xd6, 0x2a, 0x46, 0x34, 0x3f, 0x95, 0xcf, 0x08, 0x64, 0xf1, 0x89, 0x95, 0xa8, 0x8a,
+    0x67, 0x5e, 0x32, 0x4b, 0x7e, 0x24, 0x8f, 0xbf, 0x71, 0xfa, 0xcf, 0x70, 0x0f, 0xbf, 0xef, 0x5e,
+    0xe2, 0x2a, 0x47, 0x9b, 0x20, 0x9a, 0x37, 0x38, 0x3f, 0x98, 0x23, 0x1b, 0x1f, 0x38, 0x29, 0x2a,
+    0x09, 0xfc, 0x51, 0xdc, 0xc0, 0xda, 0xb2, 0x90, 0x82, 0xd6, 0xca, 0x5a, 0x42, 0x90, 0xf6, 0xfc,
+    0x57, 0x5b, 0x6c, 0x14, 0x61, 0xac, 0x1e, 0x39, 0x97, 0x1f, 0x6a, 0x53, 0xf6, 0x39, 0x50, 0x5b,
+    0x11, 0x1f, 0x7e, 0x12, 0x2e, 0x9e, 0x1b, 0xd3, 0xf1, 0x45, 0x79, 0xaa, 0xdf, 0xd3, 0x48, 0x1f,
+    0xb7, 0x49, 0x02, 0xc1, 0xb6, 0x39, 0x40, 0x21, 0x8c, 0x0a, 0x7d, 0x5c, 0x3a, 0x21, 0x82, 0x49,
+    0xdf, 0xa3, 0x1a, 0x84, 0xd2, 0xd6, 0xc6, 0x6e, 0x13, 0x72, 0x24, 0x4a, 0xc1, 0x6e, 0x55, 0xa3,
+    0x6a, 0xd2, 0x31, 0x0b, 0x93, 0xe0, 0xef, 0x6f, 0xbb, 0xf5, 0x6d, 0x02, 0x28, 0x6f, 0x2c, 0xd2,
+    0x93, 0x3f, 0x85, 0x37, 0x30, 0xd7, 0xcd, 0x24, 0xc1, 0xd4, 0xd3, 0xf7, 0xf1, 0x24, 0xdc, 0x3f,
+    0x24, 0x76, 0x87, 0xf6, 0x86, 0xee, 0x8d, 0x05, 0x4d, 0xde, 0xae, 0xab, 0xcb, 0x05, 0x5e, 0x76,
+    0x7f, 0xbd, 0x1d, 0x85, 0x90, 0x60, 0x26, 0xfc, 0x02, 0x69, 0x7c, 0x80, 0x92, 0xfc, 0x51, 0xbd,
+    0x66, 0x42, 0xc7, 0x6c, 0xe4, 0xc2, 0x5a, 0xaf, 0x63, 0x5d, 0xd5, 0x7a, 0x87, 0xaf, 0x73, 0x42,
+    0xfe, 0xb9, 0x3a, 0xc9, 0xe3, 0xc0, 0x4c, 0x3b, 0x04, 0xd2, 0xf8, 0xc3, 0xe7, 0x3b, 0xa2, 0xb9,
+    0x07, 0x54, 0x8e, 0xf5, 0x40, 0xf7, 0x6e, 0x70, 0x7e, 0xf3, 0x46, 0x36, 0x3e, 0x70, 0x52, 0x54,
+    0x44, 0x7c, 0x3b, 0x48, 0xb8, 0x3d, 0x6c, 0xca, 0x42, 0xd7, 0x27, 0xed, 0xfa, 0xca, 0xe3, 0x7c,
+    0x3f, 0xb1, 0x74, 0x51, 0x05, 0x43, 0x98, 0x76, 0x08, 0x67, 0x33, 0x45, 0x0d, 0x76, 0x87, 0xb1,
+    0xf8, 0xf1, 0x41, 0x1b, 0x39, 0xd1, 0xf7, 0x5b, 0x68, 0x86, 0xa4, 0xff, 0x51, 0x5b, 0x6c, 0xf1,
+    0x06, 0x48, 0x7b, 0xd2, 0xda, 0x11, 0xbb, 0x60, 0x6c, 0x54, 0x5c, 0x3c, 0xb6, 0x60, 0xce, 0x48,
+    0xca, 0xcc, 0x36, 0x0a, 0xd1, 0x56, 0x0f, 0xfd, 0xaa, 0xee, 0x35, 0xc8, 0x7b, 0xfd, 0x28, 0xcc,
+    0xad, 0x92, 0x04, 0x41, 0xaf, 0x72, 0x80, 0x42, 0xdb, 0x14, 0xfa, 0xb8, 0x74, 0x42, 0xc7, 0x92,
+    0x2b, 0xc2, 0xad, 0xf8, 0x9c, 0x25, 0x84, 0xf5, 0xa3, 0x5c, 0x38, 0xcd, 0x3f, 0xf5, 0x66, 0xc2,
+    0xae, 0xb6, 0xd8, 0x28, 0xc2, 0x9b, 0x3c, 0x72, 0xed, 0x3e, 0xd4, 0xa6, 0x2f, 0x72, 0xa0, 0xb6,
+    0x22, 0x3e, 0xfc, 0x24, 0x5c, 0xff, 0x36, 0x65, 0x21, 0x8a, 0xf2, 0x97, 0x7d, 0x65, 0x90, 0x3e,
+    0x39, 0xf9, 0x0f, 0x83, 0xdf, 0x52, 0x23, 0x16, 0x64, 0x33, 0x6f, 0x79, 0xbb, 0x16, 0x49, 0xf9,
+    0xde, 0xbf, 0xef, 0xa3, 0x48, 0x30, 0x13, 0x7e, 0x01, 0xd5, 0x3e, 0x40, 0x49, 0x7e, 0xc9, 0xbf,
+    0x1e, 0xab, 0x54, 0x1c, 0x34, 0x55, 0x12, 0x23, 0x1f, 0xc7, 0xef, 0xcc, 0x2b, 0x23, 0x70, 0xab,
+    0xa8, 0xfe, 0xa3, 0xfa, 0x18, 0x8a, 0x87, 0x12, 0x81, 0x6a, 0x88, 0x9a, 0x99, 0x12, 0x6e, 0xfe,
+    0x58, 0xef, 0x46, 0x1a, 0x7b, 0x67, 0x17, 0xc9, 0x79, 0x9d, 0xfc, 0x35, 0x02, 0xc9, 0x68, 0xef,
+    0x88, 0xf8, 0x76, 0x90, 0xb3, 0x7a, 0xd8, 0x57, 0x84, 0x6d, 0x4e, 0x19, 0x37, 0x57, 0x05, 0xf8,
+    0x9a, 0xc3, 0xd4, 0xeb, 0xf0, 0x0d, 0x7f, 0xb4, 0x43, 0x02, 0x19, 0xad, 0xb3, 0xb4, 0x2a, 0xc3,
+    0x69, 0xf6, 0xed, 0x62, 0xfe, 0x09, 0x53, 0x5f, 0x8d, 0xdf, 0x43, 0x1c, 0x73, 0x5f, 0x4b, 0xf6,
+    0x28, 0xe6, 0x71, 0x91, 0xf1, 0xcc, 0x38, 0xc5, 0x95, 0x76, 0x16, 0xd3, 0x64, 0xc5, 0x01, 0xe6,
+    0x65, 0x66, 0x1b, 0x05, 0x89, 0x2b, 0xe6, 0x9f, 0x55, 0x77, 0xfb, 0x64, 0xdc, 0x9f, 0x14, 0x66,
+    0xd5, 0x7b, 0x97, 0x31, 0x7f, 0xe5, 0xc8, 0xce, 0xa7, 0x8e, 0xc0, 0x0e, 0xd8, 0xce, 0xc4, 0x7b,
+    0x7c, 0x99, 0xc1, 0xec, 0xfd, 0x89, 0x9a, 0xcc, 0x34, 0x43, 0x52, 0x9e, 0xc9, 0xcc, 0x36, 0x99,
+    0xbc, 0x8d, 0x7a, 0x53, 0x81, 0xec, 0x9b, 0x91, 0x2a, 0x51, 0x83, 0x12, 0xab, 0x91, 0x8f, 0x8d,
+    0x38, 0xe5, 0xfa, 0xa4, 0x45, 0xb4, 0xf6, 0x06, 0x76, 0x94, 0x75, 0x73, 0x33, 0x06, 0xd5, 0xe5,
+    0x4f, 0xb8, 0x43, 0xda, 0x8f, 0xe8, 0xb7, 0x7a, 0xe4, 0x8c, 0xd9, 0xa3, 0x6b, 0x7a, 0xee, 0xb8,
+    0xe0, 0x12, 0x6e, 0xd5, 0xd7, 0x95, 0x5e, 0x18, 0x1b, 0x15, 0x17, 0x0f, 0xcc, 0x18, 0xd2, 0x12,
+    0x27, 0x52, 0x5b, 0x9f, 0xeb, 0x07, 0x31, 0x35, 0x7b, 0xf4, 0x80, 0xb5, 0x90, 0x35, 0x39, 0x52,
+    0x76, 0x41, 0x4c, 0x59, 0x50, 0xba, 0x94, 0x6c, 0x80, 0xbf, 0xb6, 0xda, 0xd0, 0x6c, 0xa7, 0x41,
+    0x78, 0xe9, 0x93, 0x70, 0xd0, 0x97, 0x48, 0x8c, 0x7c, 0x9a, 0x3a, 0xb6, 0xac, 0x8c, 0x03, 0xe9,
+    0x89, 0xe4, 0x83, 0xb7, 0x29, 0x9c, 0x0d, 0x47, 0x96, 0xca, 0x54, 0x13, 0xbf, 0x47, 0x99, 0xe4,
+    0x8d, 0x94, 0xd1, 0x2b, 0x04, 0x82, 0xdf, 0x07, 0xde, 0x13, 0x3c, 0x3b, 0xda, 0x07, 0xac, 0x94,
+    0xaf, 0xaa, 0x2d, 0x0f, 0x58, 0x7d, 0xe9, 0x62, 0xff, 0x99, 0xce, 0xac, 0xa7, 0x62, 0x3c, 0xaa,
+    0x9f, 0xaf, 0x73, 0x50, 0x47, 0xf5, 0x78, 0xe4, 0x19, 0x7c, 0x6b, 0x8f, 0x5e, 0xe4, 0x83, 0xaf,
+    0x84, 0x68, 0x80, 0xf7, 0xc4, 0x58, 0x6d, 0x97, 0x5c, 0xc5, 0xf6, 0x61, 0x98, 0x97, 0x5a, 0x68,
+    0xe6, 0x5a, 0x15, 0x07, 0x0d, 0x84, 0xe5, 0x78, 0x77, 0x41, 0x4b, 0x33, 0x7a, 0x78, 0x1c, 0x5a,
+    0xf1, 0x0d, 0x10, 0xc7, 0xf9, 0x0b, 0x45, 0xcb, 0xea, 0x50, 0x6e, 0xa5, 0x13, 0xcb, 0x9a, 0x0d,
+    0x63, 0x2e, 0x60, 0xd7, 0x53, 0x3a, 0x5d, 0xff, 0x39, 0x23, 0xa7, 0x58, 0x6a, 0xff, 0xda, 0x2e,
+    0x51, 0x13, 0x17, 0xc6, 0xbb, 0xbd, 0xa5, 0x59, 0xfb, 0x4b, 0x36, 0x6f, 0x40, 0x59, 0x9e, 0x13,
+    0xc8, 0xf4, 0x1f, 0x44, 0x26, 0x59, 0x66, 0xdd, 0x8e, 0x63, 0x01, 0xdc, 0xa8, 0xdd, 0xd3, 0xf4,
+    0x03, 0x24, 0xdc, 0x69, 0x6d, 0xe9, 0xbc, 0x30, 0x36, 0x2a, 0x2e, 0x1e, 0x5b, 0x30, 0x67, 0x24,
+    0xed, 0x9e, 0x6d, 0x95, 0x3a, 0x51, 0x3e, 0xc8, 0xd1, 0x1a, 0xb5, 0x7d, 0xeb, 0xc8, 0x11, 0x9e,
+    0x70, 0x09, 0x37, 0x8b, 0x8a, 0xab, 0x2f, 0x0c, 0xec, 0xeb, 0xea, 0xe6, 0x66, 0x0c, 0x69, 0x09,
+    0x3c, 0x95, 0xa8, 0x38, 0x68, 0xaa, 0x24, 0x46, 0x3e, 0x4d, 0x1d, 0x5b, 0x56, 0x46, 0xe0, 0x95,
+    0x8e, 0xb0, 0x0d, 0x42, 0x69, 0x6b, 0x63, 0x37, 0xe8, 0x39, 0x12, 0x25, 0x81, 0x37, 0xcb, 0xb0,
+    0xd9, 0xeb, 0x61, 0x56, 0x08, 0xc7, 0x7d, 0x0e, 0x7f, 0x26, 0x78, 0x76, 0x77, 0x0e, 0x9b, 0xeb,
+    0x10, 0x03, 0x8b, 0x35, 0xb4, 0x78, 0xce, 0xc3, 0xe3, 0xe2, 0x63, 0xa0, 0x57, 0xc3, 0xd4, 0x03,
+    0x1a, 0xdb, 0x06, 0x80, 0x19, 0x4b, 0xc0, 0x63, 0x57, 0x1e, 0x87, 0xe4, 0x4e, 0x63, 0x45, 0xdb,
+    0x9d, 0x97, 0x5a, 0x1e, 0xb0, 0xfa, 0x11, 0xc4, 0x3d, 0xf1, 0x5f, 0x9b, 0x8d, 0xc4, 0x78, 0x97,
+    0xee, 0xba, 0xb1, 0xfc, 0x57, 0xb8, 0x82, 0xf8, 0xe7, 0x30, 0x9b, 0x63, 0xb0, 0xf8, 0x76, 0xba,
+    0xcb, 0xd0, 0xc3, 0x2d, 0x4b, 0xb0, 0xda, 0xed, 0xb8, 0x49, 0x2f, 0xc2, 0xf3, 0xed, 0xb4, 0xd0,
+    0x97, 0x4f, 0xd7, 0xab, 0x1d, 0xc9, 0x1f, 0x64, 0x89, 0x0d, 0xbb, 0xdf, 0x94, 0x64, 0xe9, 0x4f,
+    0xc9, 0xe8, 0xea, 0x63, 0xbc, 0xbf, 0xb3, 0xcd, 0x9c, 0xc4, 0x1b, 0xd6, 0x20, 0xcd, 0x4f, 0xe8,
+    0x79, 0xf5, 0x66, 0x57, 0x4a, 0x71, 0x9d, 0x9c, 0x6e, 0x3d, 0x20, 0xbc, 0x24, 0x9c, 0x9f, 0xf5,
+    0xb2, 0x25, 0xa5, 0x7a, 0x01, 0xc1, 0x47, 0x71, 0xd6, 0x74, 0x0f, 0x7e, 0xd7, 0x71, 0x2b, 0x25,
+    0x35, 0x69, 0xf9, 0xe4, 0xa8, 0x70, 0x96, 0xd6, 0xbc, 0x9b, 0xd7, 0x01, 0x14, 0xd6, 0x16, 0x69,
+    0x6c, 0x9a, 0x4a, 0xd9, 0x49, 0xf1, 0x54, 0x0f, 0xd7, 0xa1, 0x31, 0x3e, 0x9e, 0x0f, 0xe2, 0x9a,
+    0x9c, 0x8b, 0xaf, 0x39, 0x2a, 0x1c, 0xc4, 0xd4, 0x2f, 0x56, 0x45, 0x91, 0x05, 0xd4, 0xe4, 0x8b,
+    0x1b, 0xc7, 0xf3, 0xa7, 0x83, 0xad, 0x15, 0x73, 0x45, 0xb9, 0x9d, 0xee, 0xc6, 0x73, 0xd9, 0xc7,
+    0x05, 0x6c, 0xa7, 0xbb, 0xb7, 0xf8, 0x07, 0x50, 0x5a, 0x7e, 0x72, 0x22, 0xed, 0x50, 0xa9, 0x6c,
+    0x50, 0x0f, 0xe2, 0xe1, 0x21, 0x5b, 0x70, 0x49, 0xe9, 0xec, 0x2c, 0x65, 0xc8, 0x49, 0x02, 0x0f,
+    0xf0, 0x11, 0xe5, 0xe0, 0x63, 0xed, 0x90, 0xdb, 0xf8, 0xf7, 0x74, 0xaf, 0x9b, 0xdb, 0x06, 0x11,
+    0xd1, 0x0b, 0xc5, 0xad, 0x52, 0xfb, 0x1a, 0x8e, 0xef, 0x57, 0xa8, 0x26, 0xbd, 0x8e, 0xf1, 0x0b,
+    0x12, 0x3b, 0xa2, 0x7b, 0x43, 0x77, 0xa7, 0xe3, 0xc7, 0x6f, 0x57, 0xb4, 0x84, 0xe3, 0x2f, 0x3b,
+    0x87, 0x4c, 0x5c, 0x9e, 0xa9, 0xb1, 0xd1, 0xa7, 0x6a, 0xef, 0xd8, 0x7f, 0xc3, 0xa7, 0x3d, 0x4c,
+    0x08, 0xe0, 0xa4, 0xfb, 0x5a, 0x3c, 0x67, 0x80, 0x90, 0x71, 0xd0, 0x50, 0xca, 0x80, 0x6a, 0xe0,
+    0x59, 0xf3, 0xb3, 0x3d, 0xe1, 0x81, 0xc2, 0xd9, 0x6b, 0x3a, 0xe6, 0x3f, 0x8a, 0xd9, 0xf4, 0xf3,
+    0xfc, 0x81, 0x13, 0x87, 0x14, 0xcf, 0x25, 0x1b, 0x20, 0x5f, 0xcc, 0xd7, 0x34, 0x1b, 0x59, 0x81,
+    0x21, 0x1a, 0x20, 0x4d, 0x31, 0x16, 0x8a, 0x55, 0x17, 0xa0, 0xdc, 0x89, 0x26, 0x55, 0xf7, 0x1a,
+    0x85, 0x74, 0x75, 0xd0, 0x5e, 0xbe, 0xb8, 0x87, 0x4e, 0x62, 0xec, 0x6b, 0x10, 0x87, 0xc6, 0x74,
+    0x55, 0x63, 0x45, 0x5a, 0x96, 0xa3, 0x77, 0x19, 0xb3, 0x92, 0x5e, 0x47, 0x25, 0x19, 0xab, 0x63,
+    0x4e, 0xa4, 0xb6, 0xfd, 0x15, 0x0e, 0x62, 0x6a, 0xf6, 0x2b, 0xc3, 0xa9, 0xe3, 0x6a, 0x72, 0xa4,
+    0xec, 0x82, 0x98, 0xb2, 0xa0, 0xb7, 0xeb, 0xd8, 0xc3, 0xbd, 0xaf, 0x77, 0x63, 0xd8, 0x8d, 0x82,
+    0xfb, 0xd5, 0x9d, 0x72, 0x54, 0x38, 0x4b, 0x6b, 0x5e, 0xac, 0x8a, 0xe1, 0x0a, 0x6b, 0x0b, 0xd5,
+    0x36, 0x4d, 0x25, 0x8d, 0xc5, 0x99, 0x2a, 0xe6, 0x8a, 0xb1, 0xf9, 0x1f, 0x4f, 0xe6, 0x71, 0x4d,
+    0x75, 0x65, 0x90, 0x30, 0x3d, 0x53, 0x28, 0x5c, 0xb6, 0x95, 0x98, 0xc4, 0x8b, 0x5c, 0xc0, 0x65,
+    0x37, 0x51, 0xd0, 0xaa, 0x5f, 0x7f, 0xff, 0xf6, 0x98, 0x16, 0xe3, 0x15, 0xc7, 0xf6, 0xed, 0x51,
+    0x5c, 0x9f, 0x14, 0x86, 0x56, 0x79, 0xc5, 0x89, 0x31, 0x44, 0x94, 0x1d, 0x67, 0x89, 0x5d, 0x9f,
+    0xf6, 0x59, 0x9e, 0x32, 0xb9, 0xfc, 0x2b, 0xbb, 0x94, 0xa3, 0x28, 0x93, 0x2d, 0xbb, 0xc8, 0x59,
+    0xf4, 0x61, 0xb7, 0x7c, 0x4e, 0xf3, 0x42, 0x9b, 0xb0, 0x2e, 0x1c, 0x87, 0xfe, 0x9b, 0x33, 0x61,
+    0xcd, 0x98, 0xb8, 0xff, 0x91, 0xa1, 0x61, 0x8d, 0xd4, 0x1d, 0x73, 0xfe, 0x45, 0x8d, 0x7a, 0x98,
+    0x6b, 0xce, 0xc4, 0x2c, 0x09, 0x06, 0x3a, 0x7f, 0xa9, 0x52, 0x77, 0x08, 0xa0, 0x7f, 0xb0, 0xce,
+    0xa2, 0x26, 0x2e, 0x4f, 0xb5, 0xb9, 0x89, 0xb2, 0x35, 0x96, 0x6c, 0xde, 0x80, 0xb2, 0xff, 0x26,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0xaa, 0xc6, 0x8a, 0xb4, 0xef, 0x85, 0xee, 0x32, 0xa5, 0xe7, 0xbc, 0x8e, 0x4a, 0x32, 0x95, 0xc6,
+    0x71, 0x15, 0xc2, 0xac, 0x10, 0x4d, 0xfa, 0x1c, 0xfe, 0x4c, 0xf0, 0xec, 0xee, 0x1c, 0xf5, 0x15,
+    0x42, 0x34, 0x40, 0x9a, 0x62, 0x2c, 0xd7, 0xaa, 0x2e, 0x83, 0x7b, 0xd1, 0x4c, 0xaa, 0x2d, 0x34,
+  },
+  { /* 14 */
+    0x47, 0x52, 0xd9, 0xd2, 0x69, 0x81, 0x42, 0x4a, 0x4e, 0xe7, 0x53, 0x5d, 0xa9, 0x30, 0x47, 0x7c,
+    0xe9, 0xdb, 0x31, 0x5c, 0x2e, 0xdf, 0x12, 0x97, 0x34, 0x3f, 0x83, 0x15, 0x0b, 0x98, 0xe9, 0x1c,
+    0x8f, 0x26, 0xbe, 0x4a, 0x25, 0x12, 0xca, 0xbc, 0x87, 0xf8, 0x58, 0xe9, 0x7f, 0xf7, 0x8f, 0x8c,
+    0x4e, 0x4a, 0xa1, 0x54, 0x2a, 0x05, 0x39, 0xe1, 0x8d, 0xb6, 0x51, 0xd3, 0x3b, 0x95, 0x4e, 0x2e,
+    0x03, 0x45, 0x92, 0x77, 0xda, 0xb6, 0xd2, 0x78, 0x2d, 0xdc, 0xc1, 0xf5, 0xf1, 0x7a, 0x03, 0x9c,
+    0xcf, 0x7c, 0x4f, 0x5b, 0xcc, 0xef, 0xa1, 0x2e, 0x88, 0x91, 0xb4, 0xce, 0x19, 0xa4, 0xcf, 0x7f,
+    0x0c, 0xd7, 0x0d, 0x1f, 0xee, 0x9d, 0xce, 0x23, 0xb4, 0xf6, 0x82, 0x52, 0x42, 0x2b, 0x0c, 0x35,
+    0xba, 0x33, 0xff, 0xaf, 0xb6, 0x3a, 0xc1, 0xb8, 0x65, 0x01, 0x95, 0xbe, 0x64, 0xd5, 0xba, 0x3f,
+    0x12, 0x30, 0xf0, 0xcf, 0x86, 0xcb, 0xf6, 0x95, 0x45, 0xa2, 0x04, 0xdf, 0xe7, 0x89, 0x12, 0xa4,
+    0xf0, 0x34, 0xe4, 0x4f, 0xc6, 0xf5, 0x03, 0xf9, 0x84, 0xe5, 0xba, 0xe2, 0x61, 0x59, 0xf0, 0x02,
+    0x2b, 0xf2, 0xbc, 0x35, 0xfb, 0x7e, 0x33, 0xb2, 0x13, 0xad, 0x4b, 0xda, 0xbe, 0x80, 0x2b, 0x22,
+    0x2c, 0xfa, 0x94, 0xf6, 0x7b, 0x02, 0x1a, 0x6a, 0x52, 0x23, 0xf4, 0xa0, 0x71, 0xe3, 0x2c, 0xad,
+    0x32, 0x1d, 0x69, 0x26, 0x13, 0x54, 0x22, 0xdc, 0xa3, 0x77, 0x72, 0x2d, 0xd4, 0x41, 0x32, 0x3c,
+    0x1b, 0x28, 0x88, 0x49, 0xc5, 0x4f, 0x8d, 0x3e, 0x86, 0xf3, 0x06, 0x51, 0x75, 0x2c, 0x1b, 0xf6,
+    0xd2, 0xde, 0x20, 0xfc, 0x7e, 0x0f, 0x4b, 0xe0, 0x54, 0x19, 0xf3, 0xb6, 0x4d, 0x7c, 0xd2, 0x72,
+    0x08, 0x9a, 0xb7, 0xab, 0xb4, 0x57, 0x35, 0x83, 0xd8, 0xa4, 0xfc, 0xdd, 0x7c, 0x32, 0x08, 0x26,
+    0xdd, 0x4c, 0xbf, 0x94, 0x4a, 0x24, 0x57, 0xbb, 0xcd, 0x33, 0xb0, 0x11, 0xfe, 0x2d, 0xdd, 0xdb,
+    0x60, 0x77, 0x68, 0xf8, 0x7c, 0x62, 0xbf, 0xdb, 0xe9, 0xbc, 0x9a, 0xd5, 0x55, 0x9b, 0x60, 0x6b,
+    0x72, 0x47, 0x98, 0x37, 0xfa, 0xa9, 0x49, 0x4e, 0xac, 0x1e, 0x9e, 0x0a, 0xb2, 0x12, 0x72, 0xcf,
+    0x11, 0x75, 0x62, 0xb8, 0x5c, 0x7d, 0x24, 0xed, 0x68, 0x7e, 0xc5, 0x2a, 0x16, 0xf3, 0x11, 0x38,
+    0x06, 0x8a, 0xe7, 0xee, 0x77, 0xaf, 0x67, 0xf0, 0x5a, 0x7b, 0x41, 0x29, 0x21, 0xf4, 0x06, 0xfb,
+    0x5d, 0xf8, 0x9e, 0xb6, 0x5b, 0x1d, 0x81, 0x5c, 0xd3, 0xe1, 0xab, 0x5f, 0x32, 0x8b, 0x5d, 0xfe,
+    0xe0, 0xc3, 0x49, 0xda, 0x6d, 0x5b, 0x69, 0x3c, 0xf7, 0x6e, 0x81, 0x9b, 0x99, 0x3d, 0xe0, 0x4e,
+    0x86, 0x3e, 0xc6, 0xcc, 0x66, 0x96, 0xb1, 0x17, 0x44, 0xa9, 0x5a, 0x67, 0xed, 0x52, 0x86, 0xde,
+    0xaa, 0xc4, 0x52, 0x3a, 0x1d, 0x94, 0xab, 0x7d, 0x16, 0x8a, 0xae, 0xc7, 0x9c, 0xb1, 0xaa, 0x73,
+    0x58, 0x37, 0xeb, 0x2f, 0xf6, 0x04, 0x34, 0xd4, 0xa4, 0x46, 0x2b, 0x83, 0xe2, 0x05, 0x58, 0x99,
+    0x24, 0x60, 0x23, 0x5d, 0xcf, 0x55, 0x2f, 0xe9, 0x8a, 0x87, 0x08, 0x7d, 0x0d, 0xd1, 0x24, 0x8b,
+    0xdf, 0x8b, 0xe2, 0xce, 0x67, 0x41, 0xcb, 0xeb, 0xfb, 0x1a, 0x8f, 0xb7, 0xe1, 0xc0, 0xdf, 0x33,
+    0x69, 0x6f, 0x10, 0x7e, 0x3f, 0xe6, 0xc4, 0x70, 0x2a, 0xed, 0x98, 0x5b, 0xc7, 0x3e, 0x69, 0x39,
+    0x7a, 0xdd, 0x2f, 0x9c, 0x4e, 0xfe, 0x7c, 0xcd, 0x74, 0xba, 0x62, 0xd7, 0xce, 0x20, 0x7a, 0xe9,
+    0x67, 0x7f, 0x40, 0x3b, 0xfc, 0x1e, 0x96, 0x03, 0xa8, 0x32, 0x25, 0xaf, 0x9a, 0xf8, 0x67, 0xe4,
+    0xec, 0x14, 0x44, 0xc5, 0x83, 0xc6, 0xa7, 0x1f, 0x43, 0x98, 0x03, 0xc9, 0xdb, 0x16, 0xec, 0x7b,
+    0x30, 0xda, 0x34, 0x7c, 0x3e, 0x31, 0xbe, 0x8c, 0x95, 0x5e, 0x4d, 0x8b, 0xcb, 0xac, 0x30, 0xd4,
+    0x6a, 0x2a, 0x82, 0x09, 0xe5, 0x50, 0x16, 0x08, 0x07, 0x31, 0x59, 0xae, 0x36, 0x44, 0x6a, 0xa5,
+    0x0e, 0x10, 0x50, 0x45, 0xc3, 0xf8, 0x52, 0x73, 0x82, 0xdf, 0xbd, 0xf4, 0x5d, 0xc6, 0x0e, 0xdd,
+    0x43, 0x1f, 0x63, 0x66, 0x33, 0x4b, 0xb9, 0xea, 0x22, 0xb5, 0x2d, 0xd2, 0x97, 0x29, 0x43, 0x6f,
+    0x2d, 0x78, 0x5b, 0xdb, 0x8c, 0xd1, 0x54, 0x42, 0x49, 0xd6, 0x0a, 0xf3, 0x9f, 0x74, 0x2d, 0xd9,
+    0xb3, 0x2b, 0x87, 0x29, 0xf5, 0xbe, 0xba, 0x13, 0xa6, 0x50, 0x97, 0x30, 0xf6, 0x70, 0xb3, 0x6d,
+    0xe4, 0x8e, 0xf3, 0x6e, 0x37, 0x91, 0x92, 0x9c, 0x9b, 0x3c, 0xff, 0x14, 0xa7, 0x24, 0xe4, 0x5d,
+    0x22, 0xea, 0xc4, 0xb3, 0xb8, 0xfa, 0x48, 0x19, 0xd0, 0xfc, 0x49, 0x54, 0x2c, 0x25, 0x22, 0x70,
+    0xab, 0x46, 0x9d, 0x17, 0xea, 0x47, 0xe5, 0x55, 0x0d, 0x7f, 0x50, 0x94, 0x72, 0x26, 0xab, 0x07,
+    0x3d, 0x8f, 0xf6, 0x4e, 0x27, 0x7f, 0x3e, 0x87, 0x3a, 0x5d, 0x31, 0x8a, 0x67, 0x10, 0x3d, 0x95,
+    0x34, 0x97, 0x8e, 0xc8, 0x64, 0xfb, 0x45, 0x2c, 0xf9, 0x0c, 0x33, 0x04, 0xf5, 0xb5, 0x34, 0xc7,
+    0x90, 0x43, 0x8c, 0xb7, 0xba, 0x97, 0xbc, 0x22, 0x6d, 0x59, 0x20, 0x37, 0x34, 0xc2, 0x90, 0x69,
+    0x97, 0x4b, 0xa4, 0x74, 0x3a, 0xeb, 0x95, 0xfa, 0x2c, 0xd7, 0x9f, 0x4d, 0xfb, 0xa1, 0x97, 0xe6,
+    0xb0, 0x6e, 0x15, 0x5e, 0x2f, 0x08, 0x68, 0x6b, 0x8b, 0x8c, 0x56, 0xc5, 0x07, 0x0a, 0xb0, 0xf1,
+    0xe5, 0x0c, 0x3c, 0x43, 0xc0, 0x42, 0xdc, 0xb4, 0x80, 0xc9, 0x01, 0x47, 0x49, 0xb3, 0xe5, 0x29,
+    0x42, 0x9d, 0xac, 0x4b, 0xc4, 0x98, 0xf7, 0xc2, 0x39, 0x40, 0xd3, 0x81, 0x79, 0xbe, 0x42, 0x1b,
+    0x79, 0x98, 0xbd, 0xeb, 0x94, 0x48, 0xae, 0xb5, 0x59, 0x66, 0xa3, 0x22, 0x3f, 0x5a, 0x79, 0x75,
+    0xc0, 0xee, 0xd0, 0x33, 0xf8, 0xc4, 0xbd, 0x75, 0x11, 0xbb, 0xf7, 0x69, 0xaa, 0xf5, 0xc0, 0xd6,
+    0x18, 0x6d, 0x1a, 0x3e, 0x1f, 0xf9, 0x5f, 0x46, 0xab, 0x2f, 0xc7, 0xa4, 0x84, 0x56, 0x18, 0x6a,
+    0x4b, 0x85, 0xd4, 0xcd, 0x87, 0x1c, 0x8c, 0x69, 0xfa, 0x11, 0xd1, 0x0f, 0xeb, 0x1b, 0x4b, 0x49,
+    0xf7, 0x3c, 0xcc, 0x8c, 0x46, 0x89, 0x2a, 0x21, 0xc5, 0x6b, 0x05, 0x98, 0xae, 0x3a, 0xf7, 0x8d,
+    0xb8, 0xf4, 0xa2, 0xf5, 0x9b, 0x5f, 0x5d, 0xe8, 0x53, 0x28, 0xaa, 0x18, 0x7b, 0x38, 0xb8, 0xd7,
+    0xa6, 0x13, 0x5f, 0x25, 0xf3, 0x09, 0x65, 0x5e, 0xa2, 0x7c, 0x2c, 0x95, 0xde, 0x9a, 0xa6, 0x46,
+    0x59, 0xb5, 0x24, 0x02, 0x01, 0xd7, 0x7a, 0xfc, 0xbf, 0xb3, 0xd5, 0xd0, 0x0c, 0x92, 0x59, 0xed,
+    0x64, 0x3a, 0xd2, 0x4c, 0x26, 0xa8, 0x44, 0x7b, 0x85, 0xee, 0xe4, 0x5a, 0x6b, 0x82, 0x64, 0x78,
+    0x36, 0x50, 0xd3, 0x92, 0x49, 0x9e, 0xd9, 0x7c, 0xcf, 0x25, 0x0c, 0xa2, 0xea, 0x58, 0x36, 0x2f,
+    0xb4, 0x23, 0xaf, 0xea, 0x75, 0xc2, 0x93, 0xcb, 0xe7, 0xde, 0x28, 0x4a, 0x39, 0x13, 0xb4, 0xe2,
+    0x81, 0x36, 0xee, 0x0f, 0xe6, 0xea, 0x98, 0xcf, 0x05, 0x27, 0xe5, 0x1d, 0x22, 0x31, 0x81, 0x51,
+    0x09, 0x18, 0x78, 0x86, 0x43, 0x84, 0x7b, 0xab, 0xc3, 0x51, 0x02, 0x8e, 0x92, 0xa5, 0x09, 0x52,
+    0x78, 0x1a, 0x72, 0xc6, 0x63, 0x9b, 0xe0, 0x9d, 0x42, 0x93, 0x5d, 0x71, 0xd1, 0xcd, 0x78, 0x01,
+    0xed, 0x96, 0x8b, 0xe8, 0x74, 0x15, 0xe9, 0x37, 0x58, 0x6d, 0xfd, 0x9a, 0x35, 0x81, 0xed, 0x0f,
+    0x5f, 0x3f, 0xc3, 0xec, 0x76, 0x78, 0x1d, 0x0c, 0xe5, 0xc8, 0x94, 0xf9, 0x2d, 0x66, 0x5f, 0x16,
+    0xda, 0x44, 0x97, 0x57, 0xca, 0x58, 0x7e, 0x63, 0x8c, 0xbd, 0x0f, 0x6b, 0x31, 0x4e, 0xda, 0x54,
+    0xc4, 0xa3, 0x6a, 0x87, 0xa2, 0x0e, 0x46, 0xd5, 0x7d, 0xe9, 0x89, 0xe6, 0x94, 0xec, 0xc4, 0xc5,
+    0x29, 0x35, 0xe1, 0x6f, 0xd6, 0x1b, 0xaf, 0xe2, 0x25, 0x84, 0x74, 0x7c, 0xa1, 0x6d, 0x29, 0xca,
+    0xad, 0xcc, 0x7a, 0xf9, 0x9d, 0xe8, 0x82, 0xa5, 0x57, 0x04, 0x11, 0xbd, 0x53, 0xd2, 0xad, 0xfc,
+    0x07, 0x08, 0x28, 0xc3, 0x80, 0x7c, 0x29, 0xd8, 0x41, 0x8e, 0xbf, 0x7a, 0xcf, 0x63, 0x07, 0x8f,
+    0x82, 0x73, 0x7c, 0x78, 0x3c, 0x5c, 0x4a, 0xb7, 0x28, 0xfb, 0x24, 0xe8, 0xd3, 0x4b, 0x82, 0xcd,
+    0xe2, 0x04, 0x14, 0x80, 0x40, 0x3e, 0xf5, 0x6c, 0xc1, 0x47, 0xbe, 0x3d, 0x86, 0xd0, 0xe2, 0xa6,
+    0x31, 0x58, 0xfb, 0x51, 0xc9, 0xe2, 0xf0, 0xa4, 0x8e, 0xab, 0xb3, 0xd8, 0x25, 0x3b, 0x31, 0xa0,
+    0x17, 0xff, 0x85, 0x56, 0x2b, 0xd2, 0x43, 0x1d, 0x32, 0x05, 0x84, 0x03, 0x37, 0x07, 0x17, 0xc3,
+    0x9f, 0xd1, 0x13, 0xdf, 0x8e, 0xbc, 0xa0, 0x79, 0xf4, 0x73, 0x63, 0x90, 0x87, 0x93, 0x9f, 0xc0,
+    0x0b, 0xdf, 0x25, 0xdc, 0x6e, 0xe1, 0xe7, 0xfb, 0xf5, 0x78, 0x3d, 0x28, 0x8d, 0x48, 0x0b, 0xba,
+    0x16, 0x7d, 0x4a, 0x7b, 0xdc, 0x01, 0x0d, 0x35, 0x29, 0xf0, 0x7a, 0x50, 0xd9, 0x90, 0x16, 0xb7,
+    0x7f, 0x12, 0x5a, 0x05, 0xe3, 0xe7, 0xc9, 0x45, 0x03, 0x1d, 0xe2, 0x0b, 0x1e, 0xae, 0x7f, 0x8e,
+    0x23, 0x68, 0x0b, 0x9e, 0x4f, 0x29, 0x06, 0x31, 0xcb, 0x09, 0xb7, 0x07, 0xc2, 0xb2, 0x23, 0x04,
+    0x6b, 0xa8, 0x4d, 0x24, 0x12, 0x83, 0x58, 0x20, 0x1c, 0xc4, 0xa7, 0xfd, 0xd8, 0xd3, 0x6b, 0xd1,
+    0xa9, 0x81, 0xc0, 0x4d, 0xc7, 0x22, 0x79, 0x05, 0x3b, 0x56, 0x6f, 0x32, 0x6d, 0xcb, 0xa9, 0xef,
+    0x8b, 0x6b, 0x04, 0xfe, 0x7f, 0xd8, 0x31, 0x1c, 0xeb, 0xaa, 0x26, 0x66, 0x41, 0xee, 0x8b, 0x9f,
+    0xb7, 0x66, 0x3d, 0x9d, 0xaf, 0x74, 0x41, 0xb3, 0xca, 0x02, 0xe9, 0xbf, 0xc8, 0x69, 0xb7, 0x7e,
+    0x13, 0xb2, 0x3f, 0xe2, 0x71, 0x18, 0xb8, 0xbd, 0x5e, 0x57, 0xfa, 0x8c, 0x09, 0x1e, 0x13, 0xd0,
+    0x1c, 0x20, 0xa0, 0x8a, 0x45, 0x33, 0xa4, 0xe6, 0xc7, 0x7d, 0xb9, 0x2b, 0xba, 0x4f, 0x1c, 0x79,
+    0xfb, 0xeb, 0xc1, 0x93, 0xa8, 0x14, 0xe4, 0x02, 0x71, 0x9d, 0x87, 0xca, 0xec, 0x11, 0xfb, 0xb8,
+    0x62, 0xb0, 0x35, 0xa2, 0x51, 0x07, 0x23, 0x8b, 0xdf, 0x95, 0xa5, 0x73, 0x4a, 0x76, 0x62, 0x83,
+    0xf2, 0xf3, 0xb9, 0x15, 0xeb, 0x90, 0x9f, 0xa9, 0xb2, 0xcc, 0x85, 0x44, 0x7e, 0xb4, 0xf2, 0xea,
+    0x3b, 0x05, 0x11, 0xa0, 0x50, 0xd0, 0x59, 0x77, 0x60, 0x26, 0x70, 0xa3, 0x46, 0xe4, 0x3b, 0x6e,
+    0x9a, 0x1e, 0x66, 0x46, 0x23, 0xa5, 0x15, 0xf1, 0x83, 0xd4, 0xe3, 0x4c, 0x57, 0x1d, 0x9a, 0xa7,
+    0x75, 0x4f, 0xb0, 0xf4, 0x7a, 0xd5, 0x60, 0x96, 0xed, 0x90, 0x21, 0x70, 0x7d, 0x71, 0x75, 0x40,
+    0xea, 0x9e, 0xa3, 0x2b, 0xf4, 0x69, 0xc0, 0xef, 0x19, 0xe3, 0x42, 0xe0, 0xfa, 0xe2, 0xea, 0x80,
+    0xd0, 0x19, 0x7d, 0xa6, 0x53, 0x6a, 0xd7, 0xb0, 0x62, 0x30, 0xcc, 0x10, 0x52, 0x91, 0xd0, 0x9a,
+    0x2a, 0x70, 0x73, 0x18, 0x0c, 0xad, 0x7d, 0x9a, 0x08, 0x58, 0xb5, 0x89, 0x50, 0x17, 0x2a, 0x56,
+    0x91, 0xc1, 0x43, 0x9a, 0x4d, 0x44, 0xf2, 0x0a, 0x76, 0xac, 0xde, 0x64, 0xda, 0x55, 0x91, 0x1d,
+    0x02, 0xc7, 0x5d, 0x5a, 0x2d, 0x65, 0x9c, 0x50, 0x36, 0x29, 0x3f, 0xa6, 0x1f, 0xed, 0x02, 0xe8,
+    0x46, 0xd0, 0x16, 0xff, 0x9e, 0x52, 0x0c, 0x62, 0x55, 0x12, 0xad, 0x0e, 0x47, 0xa7, 0x46, 0x08,
+    0xa7, 0x91, 0x90, 0x08, 0x04, 0xda, 0x2b, 0x76, 0xb9, 0x89, 0xd2, 0xc6, 0x30, 0x0d, 0xa7, 0x32,
+    0xdc, 0xce, 0x70, 0xb9, 0xbd, 0xf7, 0x19, 0x93, 0xd6, 0xc6, 0x4e, 0x42, 0x10, 0xba, 0xdc, 0xaf,
+    0x27, 0x25, 0xb1, 0x2a, 0x15, 0xe3, 0xfd, 0x91, 0xa7, 0x5b, 0xc9, 0x88, 0xfc, 0xab, 0x27, 0x17,
+    0x76, 0x0a, 0x22, 0x83, 0xa0, 0x63, 0xb2, 0xee, 0xc0, 0x4c, 0xe0, 0x85, 0x8c, 0x0b, 0x76, 0xdc,
+    0xa4, 0xd4, 0x02, 0x7f, 0xde, 0x6c, 0xf9, 0x0e, 0x94, 0x55, 0x13, 0x33, 0xc1, 0x77, 0xa4, 0xae,
+    0xca, 0xb3, 0x3a, 0xc2, 0x61, 0xf6, 0x14, 0xa6, 0xff, 0x36, 0x34, 0x12, 0xc9, 0x2a, 0xca, 0x18,
+    0x96, 0xc9, 0x6b, 0x59, 0xcd, 0x38, 0xdb, 0xd2, 0x37, 0x22, 0x61, 0x1e, 0x15, 0x36, 0x96, 0x92,
+    0x70, 0x80, 0xc5, 0x6d, 0xd7, 0xcc, 0xd5, 0x1e, 0x9a, 0x37, 0xa1, 0xac, 0xad, 0xff, 0x70, 0x27,
+    0x54, 0xe0, 0xe6, 0x30, 0x18, 0x99, 0xfa, 0xf7, 0x10, 0xb0, 0xa9, 0xd1, 0xa0, 0x2e, 0x54, 0xac,
+    0xe1, 0x41, 0x86, 0xf7, 0x9a, 0x88, 0x27, 0x14, 0xec, 0x9b, 0x7f, 0xc8, 0x77, 0xaa, 0xe1, 0x3a,
+    0x6f, 0xe5, 0xf7, 0x90, 0x48, 0x49, 0xa3, 0x80, 0x70, 0x96, 0xd9, 0x72, 0xe6, 0xca, 0x6f, 0xc2,
+    0x39, 0xc2, 0x4c, 0xfa, 0x7d, 0xb5, 0xc5, 0x27, 0x56, 0x0f, 0x4f, 0x05, 0x59, 0x09, 0x39, 0x86,
+    0x33, 0x9f, 0xa6, 0x0b, 0xe4, 0x87, 0x6c, 0xf4, 0xb8, 0x82, 0x8c, 0x7e, 0x3a, 0xd6, 0x33, 0x48,
+    0xdb, 0xc6, 0x58, 0x7a, 0x3d, 0x8b, 0x30, 0x4b, 0x97, 0x48, 0xf1, 0x38, 0xdf, 0xd9, 0xdb, 0x20,
+    0xa0, 0x99, 0xb8, 0xcb, 0x84, 0xa6, 0x02, 0xae, 0xf8, 0x07, 0x6d, 0xbc, 0xff, 0x6e, 0xa0, 0xbd,
+    0xfe, 0x24, 0xb4, 0x0a, 0x05, 0x0d, 0x51, 0x8a, 0x06, 0x3a, 0x07, 0x16, 0x3c, 0x9f, 0xfe, 0xdf,
+    0xb2, 0xa9, 0x48, 0x04, 0x02, 0x6d, 0xf4, 0x3b, 0xbd, 0xa5, 0x69, 0x63, 0x18, 0xe7, 0xb2, 0x19,
+    0x10, 0xf7, 0xad, 0x95, 0xab, 0xae, 0x6a, 0xc5, 0x73, 0x8b, 0x3b, 0x79, 0xf8, 0x64, 0x10, 0x4c,
+    0x71, 0x02, 0x0a, 0x40, 0x20, 0x1f, 0x9b, 0x36, 0x81, 0xc2, 0x5f, 0xff, 0x43, 0x68, 0x71, 0x53,
+    0x87, 0xbc, 0x09, 0xe1, 0x91, 0x45, 0xff, 0x3f, 0x5f, 0x5c, 0xa4, 0x34, 0x03, 0xc5, 0x87, 0xaa,
+    0x35, 0x15, 0x41, 0xe5, 0x93, 0x28, 0x0b, 0x04, 0xe2, 0xf9, 0xcd, 0x57, 0x1b, 0x22, 0x35, 0xb3,
+    0x38, 0x40, 0x83, 0xd7, 0x8a, 0x66, 0x8b, 0x0f, 0x4d, 0xfa, 0xb1, 0x56, 0xb7, 0x9e, 0x38, 0xf2,
+    0x52, 0x6a, 0x01, 0xde, 0x6f, 0x36, 0x9d, 0x07, 0x4a, 0xcb, 0xe8, 0xf8, 0x81, 0xda, 0x52, 0x57,
+    0x65, 0xb8, 0x1d, 0x61, 0xd1, 0x7b, 0x0a, 0x53, 0x9e, 0x1b, 0x1a, 0x09, 0x85, 0x15, 0x65, 0x0c,
+    0xde, 0x09, 0x2d, 0xe3, 0x90, 0x92, 0x85, 0xc3, 0xe0, 0xef, 0x71, 0xe4, 0x0f, 0x57, 0xde, 0x47,
+    0x8e, 0xa4, 0x71, 0x67, 0xd2, 0xc1, 0x84, 0x94, 0x9c, 0x0d, 0xa6, 0xba, 0x91, 0x60, 0x8e, 0xf8,
+    0xa8, 0x03, 0x0f, 0x60, 0x30, 0xf1, 0x37, 0x2d, 0x20, 0xa3, 0x91, 0x61, 0x83, 0x5c, 0xa8, 0x9b,
+    0xfd, 0x61, 0x26, 0x7d, 0xdf, 0xbb, 0x83, 0xf2, 0x2b, 0xe6, 0xc6, 0xe3, 0xcd, 0xe5, 0xfd, 0x43,
+    0x2e, 0x3d, 0xc9, 0xac, 0x56, 0x67, 0x86, 0x3a, 0x64, 0x0a, 0xcb, 0x06, 0x6e, 0x0e, 0x2e, 0x45,
+    0x01, 0x82, 0xcf, 0x2d, 0xf7, 0xd3, 0x4e, 0x28, 0x1b, 0xf5, 0xfe, 0x53, 0xee, 0x97, 0x01, 0x74,
+    0xf8, 0xae, 0x53, 0xe4, 0x72, 0xa2, 0x36, 0x7a, 0x5c, 0x41, 0x46, 0x3f, 0x1d, 0x6b, 0xf8, 0x24,
+    0x8c, 0x63, 0x2c, 0x3d, 0xff, 0xa4, 0x18, 0xc4, 0xaa, 0x24, 0x99, 0x1c, 0x8e, 0x8d, 0x8c, 0x10,
+    0xbb, 0xb1, 0x30, 0x82, 0x41, 0xe9, 0x8f, 0x90, 0x7e, 0xf4, 0x6b, 0xed, 0x8a, 0x42, 0xbb, 0x4b,
+    0x49, 0x42, 0x89, 0x97, 0xaa, 0x79, 0x10, 0x39, 0xcc, 0x38, 0xee, 0xa9, 0xf4, 0xf6, 0x49, 0xa1,
+    0x44, 0x17, 0x4b, 0xa5, 0xb3, 0x37, 0x90, 0x32, 0x63, 0x3b, 0x92, 0xa8, 0x58, 0x4a, 0x44, 0xe0,
+    0xbf, 0xfc, 0x8a, 0x36, 0x1b, 0x23, 0x74, 0x30, 0x12, 0xa6, 0x15, 0x62, 0xb4, 0x5b, 0xbf, 0x58,
+    0xef, 0x51, 0xd6, 0xb2, 0x59, 0x70, 0x75, 0x67, 0x6e, 0x44, 0xc2, 0x3c, 0x2a, 0x6c, 0xef, 0xe7,
+    0xfc, 0xe3, 0xe9, 0x50, 0x28, 0x68, 0xcd, 0xda, 0x30, 0x13, 0x38, 0xb0, 0x23, 0x72, 0xfc, 0x37,
+    0x3a, 0x87, 0xde, 0x8d, 0xa7, 0x03, 0x17, 0x5f, 0x7b, 0xd3, 0x8e, 0xf0, 0xa8, 0x73, 0x3a, 0x1a,
+    0xb1, 0xec, 0xda, 0x73, 0xd8, 0xdb, 0x26, 0x43, 0x90, 0x79, 0xa8, 0x96, 0xe9, 0x9d, 0xb1, 0x85,
+    0xf9, 0x2c, 0x9c, 0xc9, 0x85, 0x71, 0x78, 0x52, 0x47, 0xb4, 0xb8, 0x6c, 0xf3, 0xfc, 0xf9, 0x50,
+    0x99, 0x5b, 0xf4, 0x31, 0xf9, 0x13, 0xc7, 0x89, 0xae, 0x08, 0x22, 0xb9, 0xa6, 0x67, 0x99, 0x3b,
+    0xd8, 0x83, 0xca, 0x0d, 0xe7, 0x3d, 0xe2, 0x33, 0xba, 0x94, 0x30, 0xcd, 0x2e, 0xa3, 0xd8, 0xbc,
+    0xc9, 0xf6, 0xa8, 0xb5, 0xbb, 0x40, 0xc6, 0xde, 0xd2, 0xea, 0xf5, 0xe7, 0x38, 0x50, 0xc9, 0x84,
+    0x61, 0xf5, 0xa7, 0xd5, 0x8b, 0xb1, 0xf1, 0xf3, 0xf2, 0x49, 0x64, 0x86, 0xbb, 0x0c, 0x61, 0x1f,
+    0x3c, 0x0d, 0x39, 0x63, 0xd0, 0xac, 0x70, 0xaf, 0x21, 0xa8, 0xcf, 0xd9, 0x89, 0x87, 0x3c, 0xe1,
+    0x89, 0xac, 0x59, 0xa4, 0x52, 0xbd, 0xad, 0x4c, 0xdd, 0x83, 0x19, 0xc0, 0x5e, 0x03, 0x89, 0x77,
+    0x0f, 0x92, 0x9f, 0x68, 0x34, 0x2b, 0x1c, 0x5b, 0x99, 0x2a, 0x43, 0xa7, 0xb3, 0x51, 0x0f, 0xa9,
+    0x5c, 0x7a, 0x51, 0x9b, 0xac, 0xce, 0xcf, 0x74, 0xc8, 0x14, 0x55, 0x0c, 0xdc, 0x1c, 0x5c, 0x8a,
+    0xbe, 0x7e, 0x45, 0x1b, 0xec, 0xf0, 0x3a, 0x18, 0x09, 0x53, 0xeb, 0x31, 0x5a, 0xcc, 0xbe, 0x2c,
+    0xc2, 0x29, 0x8d, 0x69, 0xd5, 0xa1, 0x21, 0x25, 0x27, 0x92, 0xc8, 0xcf, 0xb5, 0x18, 0xc2, 0x3e,
+    0xc5, 0x21, 0xa5, 0xaa, 0x55, 0xdd, 0x08, 0xfd, 0x66, 0x1c, 0x77, 0xb5, 0x7a, 0x7b, 0xc5, 0xb1,
+    0x88, 0x2e, 0x96, 0x89, 0xa5, 0x6e, 0xe3, 0x64, 0xc6, 0x76, 0xe7, 0x93, 0xb0, 0x94, 0x88, 0x03,
+    0xa1, 0x1b, 0x77, 0xe6, 0x73, 0x75, 0x4c, 0x86, 0xe3, 0xf2, 0x93, 0xef, 0x11, 0xf9, 0xa1, 0xc9,
+    0x1d, 0xa2, 0x6f, 0xa7, 0xb2, 0xe0, 0xea, 0xce, 0xdc, 0x88, 0x47, 0x78, 0x54, 0xd8, 0x1d, 0x0d,
+    0xc7, 0xe6, 0xf8, 0xf0, 0x78, 0xb8, 0x94, 0xad, 0x50, 0x35, 0x48, 0x13, 0x65, 0x96, 0xc7, 0x59,
+    0x6c, 0xa0, 0x65, 0xe7, 0x92, 0xff, 0x71, 0xf8, 0x5d, 0x4a, 0x18, 0x87, 0x17, 0xb0, 0x6c, 0x5e,
+    0x85, 0x7b, 0x54, 0xbb, 0xbc, 0x20, 0x63, 0x6f, 0x69, 0x75, 0x9b, 0x92, 0x1c, 0x28, 0x85, 0x42,
+    0x9d, 0x16, 0x4e, 0x85, 0xa3, 0xd9, 0x3c, 0x29, 0xc2, 0x5a, 0x5c, 0x36, 0x98, 0x7e, 0x9d, 0x28,
+    0xd3, 0x5c, 0xef, 0xd1, 0x89, 0xdc, 0x05, 0xc8, 0x4f, 0xec, 0x0d, 0xe5, 0xa3, 0xeb, 0xd3, 0x06,
+    0xd1, 0x9b, 0xb2, 0x8b, 0xa4, 0xb9, 0x99, 0x98, 0x79, 0xc5, 0x32, 0x43, 0xbc, 0x06, 0xd1, 0xee,
+    0x1e, 0xe7, 0xfd, 0xd0, 0x68, 0x56, 0x38, 0xb6, 0xf1, 0x54, 0x86, 0x8d, 0xa5, 0xa2, 0x1e, 0x91,
+    0x3e, 0xca, 0x64, 0x39, 0xfd, 0xc9, 0xec, 0xff, 0x17, 0x81, 0xf0, 0x7f, 0x96, 0x6a, 0x3e, 0x09,
+    0x84, 0xf9, 0x9b, 0x96, 0x4b, 0xf3, 0x2d, 0x47, 0x72, 0x80, 0x65, 0xc1, 0xf2, 0xbf, 0x84, 0x36,
+    0x2f, 0xbf, 0x06, 0x81, 0xa1, 0xb4, 0xc8, 0x12, 0x7f, 0xff, 0x35, 0x55, 0x80, 0x99, 0x2f, 0x31,
+    0x7d, 0xd5, 0x07, 0x5f, 0xce, 0x82, 0x55, 0x15, 0x35, 0x34, 0xdd, 0xad, 0x01, 0x43, 0x7d, 0x66,
+    0x74, 0xcd, 0x7f, 0xd9, 0x8d, 0x06, 0x2e, 0xbe, 0xf6, 0x65, 0xdf, 0x23, 0x93, 0xe6, 0x74, 0x34,
+    0x41, 0xd8, 0x3e, 0x3c, 0x1e, 0x2e, 0x25, 0xba, 0x14, 0x9c, 0x12, 0x74, 0x88, 0xc4, 0x41, 0x87,
+    0x50, 0xad, 0x5c, 0x84, 0x42, 0x53, 0x01, 0x57, 0x7c, 0xe2, 0xd7, 0x5e, 0x9e, 0x37, 0x50, 0xbf,
+    0x21, 0xaf, 0x56, 0xc4, 0x62, 0x4c, 0x9a, 0x61, 0xfd, 0x20, 0x88, 0xa1, 0xdd, 0x5f, 0x21, 0xec,
+    0x55, 0x62, 0x29, 0x1d, 0xef, 0x4a, 0xb4, 0xdf, 0x0b, 0x45, 0x57, 0x82, 0x4e, 0xb9, 0x55, 0xd8,
+    0xe7, 0xcb, 0x61, 0x19, 0xed, 0x27, 0x40, 0xe4, 0xb6, 0xe0, 0x3e, 0xe1, 0x56, 0x5e, 0xe7, 0xc1,
+    0xcd, 0xbb, 0x12, 0x01, 0xe1, 0x8a, 0x3d, 0x7e, 0xbe, 0xb8, 0x8b, 0x68, 0x06, 0x49, 0xcd, 0x97,
+    0x0d, 0x55, 0xc2, 0x32, 0x19, 0x4e, 0x80, 0x0b, 0xaf, 0x03, 0x7c, 0x01, 0xac, 0xbc, 0x0d, 0x41,
+    0x7c, 0x57, 0xc8, 0x72, 0x39, 0x51, 0x1b, 0x3d, 0x2e, 0xc1, 0x23, 0xfe, 0xef, 0xd4, 0x7c, 0x12,
+    0x37, 0xd2, 0x1c, 0xbf, 0xbe, 0x4d, 0x97, 0x54, 0xd4, 0xd0, 0xf2, 0xf1, 0x04, 0xcf, 0x37, 0x5b,
+    0x1a, 0xaa, 0x47, 0x64, 0x32, 0x9c, 0xc3, 0x16, 0x9d, 0x06, 0xf8, 0x02, 0x9b, 0xbb, 0x1a, 0x82,
+    0xa2, 0x5e, 0xe5, 0x91, 0xa9, 0xc3, 0x9e, 0xfe, 0xce, 0x2e, 0x52, 0x1a, 0xe0, 0x83, 0xa2, 0x55,
+    0xaf, 0x0b, 0x27, 0xa3, 0xb0, 0x8d, 0x1e, 0xf5, 0x61, 0x2d, 0x2e, 0x1b, 0x4c, 0x3f, 0xaf, 0x14,
+    0xf6, 0xbe, 0x03, 0xa1, 0xb1, 0x5a, 0x64, 0x09, 0xde, 0x9e, 0xfb, 0xcb, 0x40, 0xad, 0xf6, 0xf9,
+    0xe8, 0x59, 0xfe, 0x71, 0xd9, 0x0c, 0x5c, 0xbf, 0x2f, 0xca, 0x7d, 0x46, 0xe5, 0x0f, 0xe8, 0x68,
+    0x7e, 0x90, 0x95, 0x28, 0x14, 0x34, 0x87, 0x6d, 0x18, 0xe8, 0x1c, 0x58, 0xf0, 0x39, 0x7e, 0xfa,
+    0x5e, 0xbd, 0x0c, 0xc1, 0x81, 0xab, 0x53, 0x24, 0xfe, 0x3d, 0x6a, 0xaa, 0xc3, 0xf1, 0x5e, 0x62,
+    0xfa, 0x69, 0x0e, 0xbe, 0x5f, 0xc7, 0xaa, 0x2a, 0x6a, 0x68, 0x79, 0x99, 0x02, 0x86, 0xfa, 0xcc,
+    0xb5, 0xa1, 0x60, 0xc7, 0x82, 0x11, 0xdd, 0xe3, 0xfc, 0x2b, 0xd6, 0x19, 0xd7, 0x84, 0xb5, 0x96,
+    0x92, 0x84, 0xd1, 0xed, 0x97, 0xf2, 0x20, 0x72, 0x5b, 0x70, 0x1f, 0x91, 0x2b, 0x2f, 0x92, 0x81,
+    0x56, 0x27, 0xbb, 0x6a, 0x35, 0xfc, 0x66, 0xa7, 0x26, 0x99, 0x96, 0x77, 0xbf, 0xc3, 0x56, 0x44,
+    0xf1, 0xb6, 0x2b, 0x62, 0x31, 0x26, 0x4d, 0xd1, 0x9f, 0x10, 0x44, 0xb1, 0x8f, 0xce, 0xf1, 0x76,
+    0x04, 0x4d, 0xba, 0xb4, 0x5a, 0xca, 0xfb, 0xa0, 0x6c, 0x52, 0x7e, 0x8f, 0x3e, 0x19, 0x04, 0x13,
+    0x6e, 0x67, 0x38, 0xbd, 0xbf, 0x9a, 0xed, 0xa8, 0x6b, 0x63, 0x27, 0x21, 0x08, 0x5d, 0x6e, 0xb6,
+    0xa5, 0x56, 0xcd, 0x52, 0x29, 0xbf, 0xb7, 0x26, 0x8f, 0xa0, 0xed, 0x60, 0x2f, 0xe0, 0xa5, 0xda,
+    0xe6, 0x49, 0xae, 0x34, 0x1a, 0xf4, 0x0e, 0xcc, 0xad, 0x15, 0xc0, 0xb2, 0xb8, 0xc9, 0xe6, 0xb5,
+    0xc8, 0x74, 0x67, 0x98, 0x4c, 0x93, 0x88, 0xf6, 0xc9, 0x1f, 0x0b, 0xb4, 0xd6, 0xc7, 0xc8, 0xf0,
+    0x7b, 0x5f, 0xe0, 0xb1, 0xb9, 0x2d, 0x32, 0xe5, 0x6f, 0x4f, 0x9c, 0x84, 0x20, 0xb7, 0x7b, 0x9d,
+    0x73, 0xc5, 0x57, 0x1a, 0x0d, 0x7a, 0x07, 0x66, 0xb7, 0xeb, 0x60, 0x59, 0x5c, 0x85, 0x73, 0xbb,
+    0x51, 0x2f, 0x93, 0xa9, 0xb5, 0x80, 0x4f, 0x7f, 0x67, 0x17, 0x29, 0x0d, 0x70, 0xa0, 0x51, 0xcb,
+    0x95, 0x8c, 0xf9, 0x2e, 0x17, 0x8e, 0x09, 0xaa, 0x1a, 0xfe, 0xa0, 0xeb, 0xe4, 0x4c, 0x95, 0x0e,
+    0x66, 0xfd, 0x8f, 0x16, 0x0b, 0xcd, 0xd8, 0x2b, 0xb3, 0xc7, 0xdb, 0xfc, 0x74, 0x6f, 0x66, 0x90,
+    0xd6, 0x93, 0x9a, 0x48, 0x24, 0xc5, 0xb0, 0x40, 0x38, 0x4b, 0x8d, 0x39, 0x73, 0x65, 0xd6, 0x61,
+    0x5b, 0x72, 0x79, 0x58, 0x2c, 0xb2, 0xe6, 0xac, 0x89, 0x9a, 0xea, 0x76, 0x13, 0x7f, 0x5b, 0x05,
+    0xe3, 0x86, 0xdb, 0xad, 0xb7, 0xed, 0xbb, 0x44, 0xda, 0xb2, 0x40, 0x6e, 0x68, 0x47, 0xe3, 0xd2,
+    0x63, 0x32, 0xfa, 0x8f, 0xa6, 0xd4, 0x6d, 0xa3, 0xc4, 0x60, 0x5b, 0x20, 0xa4, 0xe1, 0x63, 0xf7,
+    0x9b, 0x9c, 0xa9, 0x6b, 0xd4, 0x76, 0x5b, 0xd9, 0x98, 0x21, 0x1d, 0x1f, 0xb9, 0x8a, 0x9b, 0xd3,
+    0xbd, 0x3b, 0xd7, 0x6c, 0x36, 0x46, 0xe8, 0x60, 0x24, 0x8f, 0x2a, 0xc4, 0xab, 0xb6, 0xbd, 0xb0,
+    0x77, 0x88, 0xed, 0xae, 0x57, 0xb0, 0xfc, 0xc6, 0xdb, 0xb9, 0x1e, 0xd6, 0x62, 0x9c, 0x77, 0xa8,
+    0x8d, 0xe1, 0xe3, 0x10, 0x08, 0x77, 0x56, 0xec, 0xb1, 0xd1, 0x67, 0x4f, 0x60, 0x1a, 0x8d, 0x64,
+    0xbc, 0xb9, 0x18, 0x41, 0xc1, 0x95, 0xa6, 0x48, 0x3f, 0x7a, 0xd4, 0x97, 0x45, 0x21, 0xbc, 0xc4,
+    0xf3, 0x71, 0x76, 0x38, 0x1c, 0x43, 0xd1, 0x81, 0xa9, 0x39, 0x7b, 0x17, 0x90, 0x23, 0xf3, 0x9e,
+    0xf4, 0x79, 0x5e, 0xfb, 0x9c, 0x3f, 0xf8, 0x59, 0xe8, 0xb7, 0xc4, 0x6d, 0x5f, 0x40, 0xf4, 0x11,
+    0x26, 0xa7, 0x7e, 0x07, 0xe2, 0x30, 0xb3, 0xb9, 0xbc, 0xae, 0x37, 0xdb, 0x12, 0x3c, 0x26, 0x63,
+    0xd4, 0x54, 0xc7, 0x12, 0x09, 0xa0, 0x2c, 0x10, 0x0e, 0x62, 0xb2, 0x9f, 0x6c, 0x88, 0xd4, 0x89,
+    0x80, 0xb4, 0x21, 0x22, 0x11, 0x39, 0xd6, 0xe7, 0x1e, 0xd2, 0x1b, 0x4e, 0xcc, 0xa6, 0x80, 0x25,
+    0x93, 0x06, 0x1e, 0xc0, 0x60, 0x21, 0x6e, 0x5a, 0x40, 0x85, 0xe1, 0xc2, 0xc5, 0xb8, 0x93, 0xf5,
+    0xb6, 0xe4, 0xf2, 0xb0, 0x58, 0xa7, 0x0f, 0x9b, 0xd1, 0xf7, 0x17, 0xec, 0x26, 0xfe, 0xb6, 0x0a,
+    0x15, 0x38, 0xd8, 0x0c, 0x06, 0xb7, 0xdf, 0x4d, 0x04, 0x2c, 0xbb, 0xa5, 0x28, 0xea, 0x15, 0x2b,
+    0xcc, 0x39, 0xdd, 0x2c, 0x16, 0x59, 0x73, 0x56, 0xa5, 0x4d, 0x75, 0x3b, 0xe8, 0xde, 0xcc, 0xe3,
+    0xac, 0x4e, 0xb5, 0xd4, 0x6a, 0x3b, 0xcc, 0x8d, 0x4c, 0xf1, 0xef, 0xee, 0xbd, 0x45, 0xac, 0x88,
+    0xc1, 0x6c, 0x1f, 0x1e, 0x0f, 0x17, 0xf3, 0x5d, 0x0a, 0x4e, 0x09, 0x3a, 0x44, 0x62, 0xc1, 0xa2,
+    0xee, 0xd3, 0x19, 0x9f, 0xae, 0xa3, 0x3b, 0x4f, 0x75, 0xb1, 0x3c, 0x6f, 0xc4, 0xfb, 0xee, 0x93,
+    0xae, 0x89, 0xe8, 0x8e, 0x47, 0x5e, 0x50, 0xdd, 0x7a, 0xd8, 0xd0, 0x48, 0xa2, 0xa8, 0xae, 0x60,
+    0x9c, 0x94, 0x81, 0xa8, 0x54, 0x0a, 0x72, 0x01, 0xd9, 0xaf, 0xa2, 0x65, 0x76, 0xe9, 0x9c, 0x5c,
+    0xd9, 0x01, 0x05, 0x20, 0x10, 0xee, 0xac, 0x1b, 0xa1, 0x61, 0xce, 0x9e, 0xc0, 0x34, 0xd9, 0xc8,
+    0xa3, 0xdc, 0x2a, 0xbc, 0x5e, 0x10, 0xd0, 0xd6, 0xd5, 0xdb, 0xac, 0x49, 0x0e, 0x14, 0xa3, 0x21,
+    0x25, 0xe2, 0xec, 0x70, 0x38, 0x86, 0x61, 0xc1, 0x91, 0x72, 0xf6, 0x2e, 0xe3, 0x46, 0x25, 0xff,
+    0xeb, 0x1c, 0x6c, 0x06, 0x03, 0xba, 0x8e, 0xc7, 0x02, 0x16, 0xbc, 0xb3, 0x14, 0x75, 0xeb, 0xf4,
+    0x40, 0x5a, 0xf1, 0x11, 0xe9, 0xfd, 0x6b, 0x92, 0x0f, 0x69, 0xec, 0x27, 0x66, 0x53, 0x40, 0xf3,
+    0x48, 0xc0, 0x46, 0xba, 0x5d, 0xaa, 0x5e, 0x11, 0xd7, 0xcd, 0x10, 0xfa, 0x1a, 0x61, 0x48, 0xd5,
+    0x6d, 0x22, 0xaa, 0xca, 0x65, 0x2c, 0x3f, 0xd0, 0x46, 0xbf, 0xe6, 0xd4, 0xf9, 0x27, 0x6d, 0x2a,
+    0x28, 0xb7, 0x2e, 0x42, 0x21, 0xc8, 0xe1, 0xca, 0x3e, 0x71, 0x8a, 0x2f, 0x4f, 0xfa, 0x28, 0xbe,
+    0xff, 0xa6, 0x7b, 0x27, 0xf2, 0xde, 0x1f, 0xa2, 0x1d, 0xcf, 0xf9, 0x45, 0xd2, 0x08, 0xff, 0xab,
+    0x0a, 0x5d, 0xea, 0xf1, 0x99, 0x32, 0xa9, 0xd3, 0xee, 0x8d, 0xc3, 0x7b, 0x63, 0xdf, 0x0a, 0xce,
+    0x4f, 0xc8, 0x6e, 0x79, 0xdd, 0xd6, 0x77, 0xc9, 0x96, 0x43, 0xaf, 0x80, 0xd5, 0x02, 0x4f, 0x5a,
+    0x19, 0xef, 0xd5, 0x13, 0xe8, 0x2a, 0x11, 0x6e, 0xb0, 0xda, 0x39, 0xf7, 0x6a, 0xc1, 0x19, 0x1e,
+    0x53, 0xe8, 0xce, 0xf3, 0x98, 0xe5, 0xd3, 0x2f, 0x51, 0x3e, 0x16, 0xab, 0x6f, 0x4d, 0x53, 0x23,
+    0xf5, 0xfb, 0x91, 0xd6, 0x6b, 0xec, 0xb6, 0x71, 0xf3, 0x42, 0x3a, 0x3e, 0xb1, 0xd7, 0xf5, 0x65,
+    0xb9, 0x76, 0x6d, 0xd8, 0x6c, 0x8c, 0x13, 0xc0, 0x48, 0xdd, 0x54, 0x4b, 0x95, 0xaf, 0xb9, 0xa3,
+    0xcb, 0x31, 0xf5, 0xef, 0x96, 0x25, 0x5a, 0x8e, 0xe4, 0xc3, 0xca, 0x41, 0x27, 0xbd, 0xcb, 0x6c,
+    0x45, 0x95, 0x84, 0x88, 0x44, 0xe4, 0xde, 0x1a, 0x78, 0xce, 0x6c, 0xfb, 0xb6, 0xdd, 0x45, 0x94,
+    0x57, 0xa5, 0x74, 0x47, 0xc2, 0x2f, 0x28, 0x8f, 0x3d, 0x6c, 0x68, 0x24, 0x51, 0x54, 0x57, 0x30,
+    0xd7, 0x11, 0x55, 0x65, 0xd3, 0x16, 0xfe, 0x68, 0x23, 0xbe, 0x73, 0x6a, 0x9d, 0xf2, 0xd7, 0x15,
+    0x68, 0xed, 0xdf, 0x53, 0xc8, 0x35, 0x8a, 0x58, 0x31, 0x18, 0x66, 0x08, 0x29, 0xa9, 0x68, 0x4d,
+    0x4c, 0x8d, 0xfc, 0x0e, 0x07, 0x60, 0xa5, 0xb1, 0xbb, 0x9f, 0x6e, 0x75, 0x24, 0x78, 0x4c, 0xc6,
+    0x20, 0x2d, 0x99, 0xe9, 0x95, 0x9f, 0xd4, 0x49, 0xe6, 0xd5, 0x76, 0xf2, 0x33, 0xc8, 0x20, 0x98,
+    0x4a, 0x07, 0x1b, 0xe0, 0x70, 0xcf, 0xc2, 0x41, 0xe1, 0xe4, 0x2f, 0x5c, 0x05, 0x8c, 0x4a, 0x3d,
+    0x05, 0xcf, 0x75, 0x99, 0xad, 0x19, 0xb5, 0x88, 0x77, 0xa7, 0x80, 0xdc, 0xd0, 0x8e, 0x05, 0x67,
+    0xc6, 0x64, 0x37, 0xdd, 0x8f, 0x6b, 0xda, 0x85, 0x4b, 0xc0, 0xb6, 0x40, 0x8b, 0x01, 0xc6, 0x2d,
+    0x14, 0xba, 0x17, 0x21, 0xf1, 0x64, 0x91, 0x65, 0x1f, 0xd9, 0x45, 0xf6, 0xc6, 0x7d, 0x14, 0x5f,
+    0x9e, 0x53, 0xdc, 0xf2, 0x79, 0x6f, 0xee, 0x51, 0xef, 0x86, 0x9d, 0xc3, 0x69, 0x04, 0x9e, 0xb4,
+    0xd5, 0xd6, 0x08, 0x3f, 0xfe, 0x73, 0x62, 0x38, 0x15, 0x97, 0x4c, 0xcc, 0x82, 0x1f, 0xd5, 0xfd,
+    0x4d, 0x0f, 0x33, 0x23, 0xf0, 0xb3, 0xeb, 0x99, 0xa0, 0x6a, 0x90, 0x26, 0xca, 0xef, 0x4d, 0xb2,
+    0xce, 0xfe, 0x80, 0x76, 0x3b, 0x3c, 0xef, 0x06, 0x93, 0x64, 0x4a, 0x9d, 0xf7, 0x33, 0xce, 0x0b,
+    0x5a, 0xf0, 0xb6, 0x75, 0xdb, 0x61, 0xa8, 0x84, 0x92, 0x6f, 0x14, 0x25, 0xfd, 0xe8, 0x5a, 0x71,
+    0x3f, 0x48, 0xab, 0x14, 0x0a, 0x1a, 0xa2, 0xd7, 0x0c, 0x74, 0x0e, 0x2c, 0x78, 0xfd, 0x3f, 0x7d,
+    0x8a, 0xe9, 0xcb, 0xd3, 0x88, 0x0b, 0x7f, 0x34, 0xf0, 0x5f, 0xd8, 0x35, 0xaf, 0x79, 0x8a, 0xeb,
+    0x83, 0xf1, 0xb3, 0x55, 0xcb, 0x8f, 0x04, 0x9f, 0x33, 0x0e, 0xda, 0xbb, 0x3d, 0xdc, 0x83, 0xb9,
+    0xc3, 0xab, 0x42, 0x44, 0x22, 0x72, 0x6f, 0x0d, 0x3c, 0x67, 0x36, 0x9c, 0x5b, 0x8f, 0xc3, 0x4a,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x94, 0x0e, 0x36, 0x03, 0xe0, 0x5d, 0x47, 0x82, 0x01, 0x0b, 0x5e, 0xb8, 0x0a, 0xdb, 0x94, 0x7a,
+    0x1f, 0x65, 0x32, 0xfd, 0x9f, 0x85, 0x76, 0x9e, 0xea, 0xa1, 0x78, 0xde, 0x4b, 0x35, 0x1f, 0xe5,
+    0x98, 0xd9, 0x3b, 0x1c, 0x0e, 0xc0, 0x89, 0xa1, 0xb5, 0xfd, 0xdc, 0xea, 0x48, 0xf0, 0x98, 0x4f,
+  },
+  { /* 15 */
+    0xcc, 0x0e, 0x86, 0xc2, 0x4f, 0xba, 0x59, 0x3b, 0xe3, 0xef, 0x79, 0x82, 0x53, 0x11, 0xf0, 0xcd,
+    0x03, 0x96, 0x94, 0x95, 0x6c, 0x2a, 0xb6, 0xf5, 0x9c, 0xba, 0xe7, 0x37, 0x83, 0x91, 0xbd, 0x5b,
+    0x17, 0xb1, 0xab, 0xa6, 0xf9, 0x11, 0xd2, 0x03, 0xc3, 0x8e, 0xc9, 0x90, 0x58, 0x92, 0xad, 0x69,
+    0xa5, 0x82, 0x44, 0x27, 0x96, 0x65, 0xbf, 0x60, 0xda, 0x6e, 0x59, 0x28, 0x51, 0x68, 0x84, 0xbe,
+    0xd4, 0x34, 0xac, 0xe0, 0xa9, 0x29, 0xa0, 0x9f, 0x89, 0x76, 0x4d, 0xf9, 0xc1, 0x13, 0x51, 0x50,
+    0xfc, 0x7a, 0xd2, 0x86, 0x40, 0x5f, 0x68, 0xb0, 0x37, 0x1e, 0x11, 0x74, 0xb4, 0x15, 0x71, 0x34,
+    0xd6, 0xd0, 0xf5, 0x06, 0xe1, 0xa4, 0xc5, 0x39, 0x61, 0x1b, 0xf7, 0x62, 0x82, 0x4c, 0x87, 0x83,
+    0x76, 0x2b, 0xce, 0x5d, 0xc3, 0xbf, 0x63, 0x85, 0xdc, 0x78, 0x44, 0x13, 0x95, 0x54, 0x07, 0xd0,
+    0xd2, 0xdb, 0x47, 0x09, 0x71, 0x7d, 0x0f, 0xb6, 0x72, 0xc1, 0x40, 0x97, 0x04, 0xf2, 0xe8, 0xe6,
+    0x20, 0x58, 0xd9, 0x78, 0x0a, 0x07, 0x9f, 0xf2, 0x98, 0x1f, 0xf1, 0xa4, 0xba, 0xb9, 0xfe, 0xae,
+    0x65, 0x91, 0xd7, 0xf4, 0xaa, 0x77, 0x7b, 0x09, 0x0c, 0x2c, 0x3a, 0x76, 0x4b, 0x78, 0xc5, 0xdc,
+    0x42, 0x54, 0x28, 0x16, 0x5c, 0x83, 0x98, 0x81, 0x1b, 0x53, 0x9b, 0x10, 0xf4, 0xee, 0xe9, 0x4c,
+    0x46, 0x5f, 0x9a, 0x19, 0xcc, 0x5a, 0x52, 0x0e, 0x08, 0x89, 0x2c, 0xe5, 0x72, 0x50, 0x86, 0x29,
+    0xbb, 0x57, 0x85, 0xec, 0xa8, 0xa2, 0xe9, 0xed, 0x4b, 0x40, 0x60, 0x3d, 0x06, 0x8b, 0x9c, 0x95,
+    0x2c, 0x45, 0xcc, 0x69, 0x79, 0xaf, 0x02, 0xa0, 0xad, 0xb2, 0xeb, 0x78, 0xf3, 0xb8, 0x4f, 0x01,
+    0x25, 0x21, 0xa6, 0x04, 0xbe, 0x79, 0x86, 0x2e, 0xff, 0x12, 0x1b, 0xfd, 0xfc, 0xc9, 0xfa, 0x43,
+    0x2e, 0xa1, 0x95, 0x8f, 0x31, 0x22, 0x67, 0x06, 0x45, 0xdf, 0x51, 0xe3, 0xb0, 0xe7, 0x99, 0xd2,
+    0x7f, 0x4f, 0xa4, 0x30, 0x04, 0x69, 0xe7, 0x0b, 0x8e, 0xd8, 0xb4, 0x96, 0x9a, 0x25, 0xb2, 0x92,
+    0xad, 0x94, 0xe3, 0x39, 0x75, 0x14, 0xe8, 0xbd, 0xfc, 0x19, 0xf4, 0x01, 0x9e, 0xd7, 0x5a, 0x74,
+    0x06, 0xef, 0xeb, 0xe9, 0xd8, 0x54, 0xaf, 0x29, 0xfb, 0xb7, 0x0d, 0x6e, 0xc5, 0xe1, 0xb9, 0xb6,
+    0x6b, 0x68, 0x9b, 0x03, 0x91, 0x52, 0x83, 0xfd, 0xd1, 0xec, 0x9a, 0x31, 0x41, 0x26, 0xa2, 0xa0,
+    0x3b, 0xf4, 0x67, 0xcf, 0x80, 0xbe, 0xd0, 0xa3, 0x6e, 0x3c, 0x22, 0xe8, 0xab, 0x2a, 0xe2, 0x68,
+    0x6a, 0x1a, 0x56, 0x70, 0xb5, 0xf5, 0x50, 0xae, 0xa5, 0x3b, 0xc7, 0x9d, 0x81, 0xe8, 0xc9, 0x28,
+    0x7e, 0x3d, 0x69, 0x43, 0x20, 0xce, 0x34, 0x58, 0xfa, 0x0f, 0xe9, 0x3a, 0x5a, 0xeb, 0xd9, 0x1a,
+    0x3c, 0x69, 0x41, 0x55, 0x7c, 0x4d, 0xac, 0xd9, 0xe1, 0x5c, 0x72, 0x2a, 0xae, 0x05, 0x30, 0x56,
+    0x84, 0xa8, 0x50, 0x2c, 0xb8, 0xc5, 0xf3, 0xc1, 0x36, 0xa6, 0xf5, 0x20, 0x2b, 0x1f, 0x11, 0x98,
+    0x67, 0x75, 0x8e, 0x12, 0xe2, 0xfa, 0x1e, 0xaf, 0xe4, 0x41, 0x80, 0xed, 0x08, 0x27, 0x13, 0x0f,
+    0xb6, 0x38, 0x5d, 0x8e, 0xff, 0xad, 0xa7, 0xec, 0x0a, 0x3a, 0x27, 0x4d, 0x8f, 0x44, 0x46, 0xb2,
+    0x16, 0xc3, 0x66, 0xd5, 0xdd, 0xb6, 0x01, 0x50, 0xb7, 0x59, 0x94, 0x3c, 0x98, 0x5c, 0xc6, 0xe1,
+    0x88, 0xb5, 0x45, 0x3d, 0xcb, 0x6d, 0x6e, 0x93, 0x03, 0x0b, 0xef, 0xfc, 0x62, 0x1e, 0xa0, 0x37,
+    0x58, 0x8a, 0x5b, 0xd2, 0xf2, 0x9d, 0x04, 0x83, 0x99, 0xa7, 0x15, 0xf0, 0x25, 0xb3, 0x9e, 0x02,
+    0xbc, 0xca, 0xa3, 0x76, 0x54, 0x51, 0x95, 0x97, 0xc4, 0x20, 0x30, 0xff, 0x03, 0xa4, 0x4e, 0xab,
+    0xde, 0xc6, 0x52, 0x18, 0x02, 0xd5, 0x92, 0xe4, 0x47, 0x6c, 0x5a, 0x4b, 0x4d, 0xf3, 0x59, 0x49,
+    0xc2, 0xf7, 0xca, 0x35, 0x74, 0x9f, 0xa1, 0xcf, 0x3e, 0x2f, 0xd9, 0xc5, 0x59, 0x4f, 0x97, 0xb1,
+    0x4e, 0x49, 0x3d, 0x07, 0x2f, 0x2b, 0x05, 0xd3, 0x2e, 0xfe, 0x81, 0xcc, 0xbd, 0xef, 0x58, 0xe3,
+    0x3f, 0xff, 0xd5, 0xc0, 0x10, 0x67, 0x1a, 0x2c, 0x7d, 0xe6, 0x95, 0x1d, 0x2d, 0x94, 0x8d, 0x0d,
+    0x0e, 0xf9, 0x4c, 0xf7, 0x3b, 0x25, 0xf8, 0xf4, 0xdd, 0xc0, 0xa0, 0x47, 0x0a, 0x5e, 0x67, 0x7c,
+    0x1f, 0xa7, 0x0c, 0xb8, 0x1a, 0x60, 0x85, 0xde, 0xe5, 0xf9, 0x64, 0xb9, 0x97, 0x2d, 0x73, 0xa3,
+    0x99, 0xeb, 0x05, 0x72, 0xea, 0x28, 0x13, 0xb9, 0x3b, 0x32, 0x2b, 0x02, 0xff, 0x6d, 0xb4, 0xe8,
+    0x0c, 0x1d, 0x15, 0x11, 0x73, 0xa8, 0x9d, 0x52, 0x35, 0xad, 0x1a, 0xdc, 0x49, 0x01, 0xb1, 0xaf,
+    0x70, 0xc4, 0x25, 0xb4, 0x1b, 0xeb, 0xcc, 0xac, 0x27, 0xcf, 0x49, 0x7d, 0x50, 0xb5, 0xbe, 0x66,
+    0x44, 0xbb, 0xc3, 0xff, 0x84, 0xd7, 0x37, 0xa8, 0xe0, 0xe4, 0x96, 0x7e, 0x31, 0x0f, 0x50, 0xfa,
+    0x2d, 0x37, 0x01, 0x1a, 0x5d, 0x08, 0xd1, 0xf3, 0xd9, 0x65, 0xb6, 0xd4, 0x33, 0x76, 0x24, 0x89,
+    0x5f, 0x17, 0x7d, 0x48, 0x0e, 0x6e, 0x78, 0xf9, 0x16, 0xc7, 0x45, 0x32, 0x20, 0x9c, 0x4c, 0x3c,
+    0x78, 0xd2, 0x82, 0xaa, 0xf8, 0x9a, 0x9b, 0x71, 0x01, 0xb8, 0xe4, 0x54, 0x9f, 0x0a, 0x60, 0xac,
+    0xcb, 0x93, 0xa0, 0x58, 0xb3, 0x49, 0x25, 0x41, 0x6c, 0x8f, 0x29, 0x40, 0x56, 0x3e, 0x22, 0xf3,
+    0xd5, 0x46, 0x61, 0x93, 0x8d, 0x8e, 0x73, 0xcc, 0xfd, 0xa1, 0x10, 0x55, 0x01, 0xdd, 0x3a, 0xd8,
+    0x73, 0x52, 0xb1, 0x21, 0x77, 0xc1, 0x7a, 0x59, 0xbb, 0x75, 0xae, 0x4a, 0xd3, 0x24, 0x03, 0x3d,
+    0x5c, 0x81, 0xe9, 0xdd, 0x62, 0x44, 0xce, 0x0c, 0x8a, 0x7d, 0xa2, 0x05, 0xa3, 0x0d, 0xf1, 0x67,
+    0xfe, 0x9e, 0x8b, 0x60, 0x08, 0xd2, 0x0d, 0x16, 0xdf, 0x73, 0xab, 0xef, 0xf7, 0x4a, 0xa7, 0xe7,
+    0x6f, 0x63, 0x29, 0x0c, 0x01, 0x8b, 0x49, 0x72, 0xc2, 0x36, 0x2d, 0xc4, 0xc7, 0x98, 0xcd, 0xc5,
+    0x1a, 0xde, 0x73, 0xc4, 0xae, 0x1e, 0x9c, 0x02, 0x82, 0xf4, 0x8e, 0xe0, 0xd1, 0x5d, 0x77, 0x4e,
+    0x07, 0x9d, 0x26, 0x9a, 0xfc, 0xf3, 0x7c, 0x7a, 0x8f, 0x60, 0x50, 0xc2, 0x05, 0x2f, 0xd2, 0x3e,
+    0xee, 0xb2, 0x06, 0x5c, 0x0d, 0x30, 0xa3, 0x6f, 0x93, 0x9d, 0x32, 0xbd, 0xaa, 0xf7, 0xd8, 0xb0,
+    0xea, 0xb9, 0xb4, 0x53, 0x9d, 0xe9, 0x69, 0xe0, 0x80, 0x47, 0x85, 0x48, 0x2c, 0x49, 0xb7, 0xd5,
+    0xc8, 0x05, 0x34, 0xcd, 0xdf, 0x63, 0x93, 0xb4, 0xf0, 0x35, 0xce, 0x77, 0xd5, 0xaf, 0x9f, 0xa8,
+    0x8c, 0xbe, 0xf7, 0x32, 0x5b, 0xb4, 0xa4, 0x1c, 0x10, 0xd1, 0x58, 0x09, 0xe4, 0xa0, 0xcf, 0x52,
+    0xb5, 0xae, 0xc9, 0x1b, 0x93, 0x87, 0x11, 0x19, 0x96, 0x80, 0xc0, 0x7a, 0x0c, 0xd5, 0xfb, 0xe9,
+    0x38, 0x62, 0xf3, 0x5a, 0xec, 0x94, 0x66, 0x56, 0xf2, 0x86, 0xc5, 0xdf, 0x28, 0xbb, 0x5f, 0x33,
+    0x59, 0xf8, 0x96, 0xa1, 0xd6, 0x3a, 0xd7, 0xd0, 0xed, 0x70, 0x48, 0x5c, 0xe5, 0x7d, 0xf5, 0x8a,
+    0x69, 0x8c, 0xc2, 0xe5, 0xd9, 0xdf, 0xe6, 0x5b, 0x39, 0x81, 0x20, 0xaa, 0x02, 0x79, 0x74, 0x73,
+    0x10, 0x2c, 0x8d, 0x3c, 0x05, 0xe2, 0xae, 0x79, 0x4c, 0xee, 0x99, 0x52, 0x5d, 0xbd, 0x7f, 0x57,
+    0xf0, 0x67, 0xc7, 0x97, 0x33, 0xf7, 0xf5, 0xe2, 0x02, 0xb3, 0x0b, 0xa8, 0xfd, 0x14, 0xc0, 0x9b,
+    0xa3, 0x6d, 0xaf, 0xce, 0x4e, 0x31, 0x10, 0x49, 0x21, 0xd9, 0x54, 0x46, 0x94, 0x89, 0x3d, 0x08,
+    0x09, 0x64, 0x6a, 0x6d, 0xc7, 0xd6, 0x84, 0x8e, 0x52, 0xa0, 0xf0, 0x85, 0x0f, 0x71, 0xb5, 0x42,
+    0x0d, 0x6f, 0xd8, 0x62, 0x57, 0x0f, 0x4e, 0x01, 0x41, 0x7a, 0x47, 0x70, 0x89, 0xcf, 0xda, 0x27,
+    0xfd, 0x08, 0x1f, 0xf5, 0x64, 0xf8, 0xbb, 0xe3, 0x43, 0xc9, 0x4c, 0xd8, 0x74, 0xdb, 0x1a, 0xbc,
+    0x1b, 0xac, 0xbe, 0xb7, 0x8a, 0xb9, 0x4f, 0x51, 0xf6, 0x23, 0xd3, 0x4c, 0x11, 0x93, 0x1c, 0xc6,
+    0x27, 0xc5, 0xff, 0xe2, 0xf6, 0xf4, 0xe3, 0x88, 0x17, 0x7f, 0xa1, 0x66, 0xbf, 0x96, 0x2c, 0x90,
+    0x8d, 0xcc, 0x3a, 0x41, 0x7f, 0x13, 0x77, 0x4f, 0x64, 0x06, 0x05, 0xa5, 0x24, 0x6e, 0xa4, 0xda,
+    0xf2, 0x83, 0x9e, 0x71, 0x7b, 0x7a, 0x90, 0x44, 0xea, 0xde, 0xb1, 0x33, 0xbe, 0x4b, 0x16, 0x48,
+    0x92, 0x6b, 0x36, 0xf9, 0x65, 0x73, 0xf2, 0x91, 0x81, 0xff, 0x61, 0x1c, 0xb3, 0x43, 0xd7, 0x79,
+    0x6d, 0x87, 0x70, 0xea, 0x49, 0x06, 0x2c, 0xd4, 0x2a, 0x5b, 0x97, 0x5f, 0x84, 0xc7, 0x1b, 0x16,
+    0x5d, 0xf3, 0x24, 0xae, 0x46, 0xe3, 0x1d, 0x5f, 0xfe, 0xaa, 0xff, 0xa9, 0x63, 0xc3, 0x9a, 0xef,
+    0xf1, 0x15, 0x0a, 0xe4, 0x17, 0x50, 0x26, 0xb1, 0x76, 0x64, 0x56, 0x04, 0x3d, 0xda, 0xab, 0x13,
+    0x21, 0x2a, 0x14, 0x0b, 0x2e, 0xa0, 0x4c, 0xa1, 0xec, 0xc8, 0xac, 0x08, 0x7a, 0x77, 0x95, 0x26,
+    0x37, 0xe9, 0x72, 0xde, 0xf3, 0x16, 0x4d, 0xf1, 0x5b, 0x91, 0x38, 0x34, 0xe2, 0x2b, 0x53, 0xc7,
+    0x40, 0xb0, 0x71, 0xf0, 0x14, 0x0e, 0xfd, 0x27, 0xf3, 0x3e, 0x21, 0x8b, 0xb7, 0xb1, 0x3f, 0x9f,
+    0x8e, 0x5a, 0xae, 0xd4, 0x13, 0x39, 0xc1, 0xba, 0xf8, 0xbc, 0xe2, 0x92, 0xa7, 0xff, 0x19, 0x81,
+    0xe8, 0x5d, 0xed, 0xb5, 0xd5, 0x64, 0x0c, 0x46, 0x68, 0x2a, 0x3f, 0xd3, 0x6f, 0x16, 0x61, 0x06,
+    0xe4, 0x40, 0xf8, 0xa4, 0xa6, 0xcc, 0x91, 0x14, 0x5d, 0x87, 0x25, 0x0f, 0x26, 0x17, 0xd0, 0xa9,
+    0xec, 0x56, 0x5f, 0xba, 0x45, 0xbd, 0xc6, 0xc9, 0x7b, 0xf0, 0x88, 0x26, 0xe9, 0xa8, 0x0e, 0x63,
+    0x9e, 0x76, 0x23, 0xe8, 0x16, 0xdb, 0x6f, 0xc3, 0xb4, 0x52, 0x7b, 0xc0, 0xfa, 0x42, 0x66, 0xd6,
+    0x9c, 0x92, 0x7a, 0x0e, 0x5e, 0x56, 0x0a, 0x65, 0x5c, 0x3f, 0xc1, 0x5b, 0xb9, 0x1d, 0xb0, 0x05,
+    0xd1, 0x4d, 0xd3, 0x9c, 0x1d, 0x57, 0xb9, 0x43, 0xee, 0x7b, 0xa7, 0xa0, 0x87, 0x63, 0x55, 0xbd,
+    0xe7, 0xd6, 0x6c, 0x31, 0xca, 0xe6, 0x27, 0xe1, 0xc1, 0x3d, 0xc2, 0x38, 0xa5, 0x86, 0x6d, 0xf2,
+    0xb8, 0xc1, 0x11, 0x79, 0xc4, 0x88, 0x5f, 0x18, 0xd7, 0xfa, 0x87, 0x0a, 0x85, 0x1a, 0x21, 0xce,
+    0x2f, 0xd3, 0x58, 0xfc, 0x15, 0x85, 0xb4, 0x55, 0x31, 0x08, 0x0c, 0x4f, 0x70, 0x29, 0xf2, 0x5a,
+    0xe2, 0xaf, 0x13, 0x4d, 0x7e, 0x98, 0x3e, 0x3d, 0xa6, 0x30, 0x28, 0x61, 0xe3, 0xf6, 0x69, 0x1f,
+    0x8a, 0x51, 0x1c, 0xdb, 0x83, 0xe0, 0x0b, 0x35, 0xeb, 0x66, 0x55, 0x67, 0x21, 0x41, 0x76, 0xe4,
+    0xd7, 0xa2, 0x38, 0x75, 0xc5, 0x03, 0x16, 0x6a, 0x15, 0xcc, 0xaa, 0xce, 0x42, 0x82, 0xec, 0x0b,
+    0xb4, 0xdc, 0x04, 0x68, 0xb7, 0x20, 0xc2, 0x4a, 0xe2, 0x57, 0x9d, 0xd6, 0xcc, 0x1b, 0x90, 0x61,
+    0x29, 0x3c, 0xb3, 0x15, 0xcd, 0xd1, 0x1b, 0x7c, 0xca, 0xbf, 0x01, 0x21, 0xb5, 0xc8, 0x4b, 0xec,
+    0x13, 0xba, 0x19, 0xa9, 0x69, 0xc8, 0x18, 0x8c, 0xd0, 0x54, 0x7e, 0x65, 0xde, 0x2c, 0xc2, 0x0c,
+    0x98, 0x99, 0xc8, 0x01, 0xce, 0x8f, 0xc0, 0xea, 0x4f, 0xe5, 0x76, 0xae, 0x3f, 0xa3, 0xdf, 0x60,
+    0x80, 0xa3, 0xe2, 0x23, 0x28, 0x1c, 0x39, 0x4e, 0x25, 0x7c, 0x42, 0xd5, 0xad, 0xa1, 0x7e, 0xfd,
+    0xa6, 0x14, 0xd0, 0xb2, 0xfa, 0x4f, 0x09, 0x95, 0x46, 0xd4, 0xbe, 0x1f, 0xd2, 0xf9, 0x39, 0xe5,
+    0x62, 0x0c, 0xf1, 0x6e, 0x56, 0x84, 0x07, 0x73, 0x83, 0x4c, 0x6a, 0xb4, 0x4e, 0x57, 0x17, 0xe2,
+    0xb3, 0x41, 0x22, 0xf2, 0x4b, 0xd3, 0xbe, 0x30, 0x6d, 0x37, 0xcd, 0x14, 0xc9, 0x34, 0x42, 0x5f,
+    0x5e, 0x65, 0xb0, 0x3b, 0x2a, 0xc9, 0xab, 0xaa, 0x62, 0x10, 0x18, 0x9e, 0xe0, 0x52, 0x27, 0xb4,
+    0x72, 0x20, 0x7c, 0x52, 0x53, 0x66, 0xa9, 0x0a, 0xcf, 0xa2, 0xf3, 0xe6, 0x13, 0xea, 0x68, 0xb5,
+    0x43, 0x26, 0xe5, 0x65, 0x78, 0x24, 0x4b, 0xd2, 0x6f, 0x84, 0xc6, 0xbc, 0x34, 0x20, 0x82, 0xc4,
+    0x34, 0x7f, 0xe6, 0x4b, 0x9f, 0x3c, 0xfb, 0x04, 0xc7, 0x2b, 0xdf, 0x03, 0x61, 0xba, 0xee, 0x9c,
+    0x35, 0x0d, 0x2b, 0x38, 0xbb, 0x9b, 0x28, 0x57, 0xb3, 0xfc, 0x82, 0xaf, 0xa1, 0x74, 0x85, 0x14,
+    0x52, 0x78, 0xa5, 0x2a, 0x59, 0x61, 0x36, 0xf8, 0x57, 0xbd, 0x02, 0x42, 0xa9, 0x53, 0x96, 0x1b,
+    0x26, 0xb7, 0x32, 0x91, 0xd2, 0x53, 0x30, 0xdb, 0x63, 0xa8, 0xfc, 0xca, 0x7f, 0x58, 0x47, 0x18,
+    0x7d, 0xab, 0xfd, 0xd6, 0x4c, 0xe4, 0x82, 0xad, 0x66, 0xb5, 0x0e, 0x0d, 0xd9, 0x7a, 0x64, 0x41,
+    0xb7, 0x4a, 0x90, 0xfd, 0xdb, 0x0a, 0x74, 0xbf, 0x7e, 0xed, 0x7a, 0xe1, 0x4f, 0x8a, 0x2d, 0x3a,
+    0x0a, 0xf2, 0xfe, 0xf8, 0xab, 0xfc, 0x32, 0x7b, 0xce, 0x1a, 0x17, 0xb2, 0x8c, 0xe0, 0x08, 0x19,
+    0x45, 0xc9, 0x0e, 0x8c, 0xa0, 0x70, 0xe4, 0xfb, 0x94, 0x33, 0xcb, 0xd2, 0xf1, 0xc1, 0x3b, 0x72,
+    0x81, 0xd1, 0x2f, 0x50, 0x0c, 0xbb, 0xea, 0x1d, 0x51, 0xab, 0x1f, 0x79, 0x6d, 0x6f, 0x15, 0x75,
+    0x6e, 0x11, 0xe4, 0x7f, 0x25, 0x2c, 0x9a, 0x21, 0xb6, 0xe1, 0x70, 0x68, 0x07, 0x56, 0xa6, 0x4d,
+    0x53, 0x0a, 0x68, 0x59, 0x7d, 0xc6, 0xe5, 0xab, 0x23, 0x6a, 0x5f, 0xee, 0x69, 0x9d, 0xfd, 0x93,
+    0x4a, 0x42, 0x8f, 0x08, 0xbf, 0xf2, 0xcf, 0x5c, 0x3d, 0x24, 0x36, 0x39, 0x3b, 0x51, 0x37, 0x86,
+    0x79, 0xa0, 0x4f, 0xd9, 0xdc, 0x3d, 0x48, 0x22, 0x75, 0x6f, 0xb9, 0xf8, 0x5f, 0xc4, 0x0b, 0x24,
+    0x32, 0x90, 0x0d, 0xa2, 0x47, 0x68, 0x54, 0x2d, 0x3c, 0x9c, 0xd2, 0x6d, 0xa4, 0x5b, 0x57, 0x2a,
+    0x61, 0x9a, 0x65, 0xfb, 0x3a, 0xae, 0xb1, 0x86, 0x1f, 0xf6, 0x8d, 0x83, 0xcd, 0xc6, 0xaa, 0xb9,
+    0xfb, 0xe7, 0xf4, 0x1c, 0xbc, 0xac, 0x14, 0xca, 0xb8, 0x7e, 0x41, 0xb6, 0xb1, 0x3a, 0xa3, 0x0a,
+    0x39, 0x10, 0x3e, 0x29, 0xc8, 0x33, 0xb5, 0x05, 0x86, 0x51, 0x98, 0x73, 0xe8, 0x75, 0x34, 0xbb,
+    0xc0, 0x13, 0x93, 0xd3, 0x3c, 0x12, 0xc4, 0x69, 0xd6, 0x42, 0x63, 0x5e, 0x1a, 0x10, 0x41, 0x62,
+    0xfa, 0x95, 0x39, 0x6f, 0x98, 0x0b, 0xc7, 0x99, 0xcc, 0xa9, 0x1c, 0x1a, 0x71, 0xf4, 0xc8, 0x82,
+    0x5b, 0x1c, 0xcf, 0x47, 0x9e, 0xb7, 0xb2, 0x76, 0x05, 0x1d, 0xf2, 0xc7, 0xa6, 0x22, 0x23, 0x59,
+    0xa4, 0xf0, 0x89, 0x54, 0xb2, 0xc2, 0x6c, 0x33, 0xae, 0xb9, 0x04, 0x84, 0x91, 0xa6, 0xef, 0x36,
+    0xba, 0x25, 0x48, 0x9f, 0x8c, 0x05, 0x3a, 0xbe, 0x3f, 0x97, 0x3d, 0x91, 0xc6, 0x45, 0xf7, 0x1d,
+    0xda, 0xcd, 0xe0, 0x17, 0x92, 0x0c, 0x58, 0x6b, 0x54, 0xb6, 0xed, 0xbe, 0xcb, 0x4d, 0x36, 0x2c,
+    0x4c, 0xad, 0x64, 0xe1, 0x67, 0xa6, 0x60, 0x75, 0xc6, 0x93, 0x3b, 0x57, 0xfe, 0xb0, 0x8e, 0x30,
+    0x05, 0x79, 0x7f, 0x7c, 0xb4, 0x7e, 0x19, 0xdc, 0x67, 0x0d, 0xea, 0x59, 0x46, 0x70, 0x04, 0xed,
+    0xc3, 0x85, 0x07, 0x46, 0x50, 0x38, 0x72, 0x9c, 0x4a, 0xf8, 0x84, 0x69, 0x99, 0x81, 0xfc, 0x39,
+    0x3a, 0x86, 0xaa, 0xbc, 0xa4, 0x19, 0x03, 0xf0, 0x1a, 0xeb, 0x7f, 0x44, 0x6b, 0xe4, 0x89, 0xe0,
+    0x82, 0x47, 0xbb, 0xc5, 0x60, 0x91, 0x5c, 0xe8, 0xcd, 0x11, 0xf8, 0x4e, 0xee, 0xfe, 0xa8, 0x2e,
+    0x18, 0x3a, 0x2a, 0x22, 0xe6, 0x93, 0xf9, 0xa4, 0x6a, 0x99, 0x34, 0x7b, 0x92, 0x02, 0xa1, 0x9d,
+    0xc9, 0x77, 0xf9, 0xbe, 0xfb, 0xc4, 0x40, 0xe7, 0x84, 0xe2, 0x93, 0xdb, 0x15, 0x61, 0xf4, 0x20,
+    0x68, 0xfe, 0x0f, 0x96, 0xfd, 0x78, 0x35, 0x08, 0x4d, 0x56, 0x7d, 0x06, 0xc2, 0xb7, 0x1f, 0xfb,
+    0xf6, 0x88, 0x2c, 0x7e, 0xeb, 0xa3, 0x5a, 0xcb, 0xf9, 0x04, 0x06, 0xc6, 0x38, 0xf5, 0x79, 0x2d,
+    0x63, 0x7e, 0x3c, 0x1d, 0x72, 0x23, 0xd4, 0x20, 0xf7, 0x9b, 0x37, 0x18, 0x8e, 0x99, 0x7c, 0x6a,
+    0x87, 0x3e, 0xc4, 0xb9, 0xd4, 0xef, 0x45, 0x34, 0xaa, 0x1c, 0x12, 0x17, 0xa8, 0x8e, 0xac, 0xc3,
+    0x49, 0xd4, 0x1b, 0x9d, 0xd3, 0xd8, 0x79, 0xa9, 0xa1, 0x9e, 0xd1, 0x0e, 0xb8, 0xc0, 0x8a, 0xdd,
+    0x36, 0x9b, 0xbf, 0xad, 0xd7, 0xb1, 0x9e, 0xa2, 0x2f, 0x46, 0x65, 0x98, 0x22, 0xe5, 0x38, 0x4f,
+    0x91, 0xfd, 0xa2, 0x6c, 0x09, 0x59, 0x44, 0x64, 0x1d, 0x45, 0x86, 0x2b, 0x30, 0xd2, 0x6a, 0x22,
+    0x97, 0x12, 0x49, 0x85, 0xd1, 0x0d, 0xeb, 0x4d, 0xe6, 0xf2, 0x8b, 0x45, 0xf5, 0x33, 0xd3, 0x94,
+    0x33, 0xe2, 0xc0, 0xd1, 0x63, 0xcf, 0x87, 0x7e, 0x48, 0x4b, 0x8f, 0xc1, 0x64, 0x95, 0x3c, 0xa2,
+    0x08, 0x16, 0xa7, 0x1e, 0xe3, 0x71, 0x57, 0xdd, 0x26, 0x77, 0xad, 0x29, 0xcf, 0xbf, 0xde, 0xca,
+    0x7c, 0xd9, 0x30, 0xa5, 0x68, 0x43, 0x51, 0xfe, 0x12, 0x62, 0x53, 0xa1, 0x19, 0xb4, 0x0f, 0xc9,
+    0x02, 0xe4, 0x59, 0xe6, 0x48, 0x8d, 0x65, 0xa6, 0xe8, 0x6d, 0xba, 0x9b, 0x43, 0x5f, 0xd6, 0xd3,
+    0x77, 0x59, 0x03, 0x2e, 0xe7, 0x18, 0xb0, 0xd6, 0xa8, 0xaf, 0x19, 0xbf, 0x55, 0x9a, 0x6c, 0x58,
+    0x85, 0xda, 0x9d, 0x5f, 0x9c, 0x62, 0x20, 0x92, 0x42, 0x71, 0xa8, 0x8c, 0xeb, 0xd1, 0x7a, 0x10,
+    0x66, 0x07, 0x43, 0x61, 0xc6, 0x5d, 0xcd, 0xfc, 0x90, 0x96, 0xdd, 0x41, 0xc8, 0xe9, 0x78, 0x87,
+    0x41, 0xc2, 0xbc, 0x83, 0x30, 0xa9, 0x2e, 0x74, 0x87, 0xe9, 0x7c, 0x27, 0x77, 0x7f, 0x54, 0x17,
+    0x30, 0x74, 0x54, 0x44, 0x0f, 0xe5, 0x31, 0x8b, 0xd4, 0xf1, 0x68, 0xf6, 0xe7, 0x04, 0x81, 0xf9,
+    0xcd, 0x7c, 0x4b, 0xb1, 0x6b, 0x1d, 0x8a, 0x68, 0x97, 0x38, 0x24, 0x2e, 0x93, 0xdf, 0x9b, 0x45,
+    0xd0, 0x3f, 0x1e, 0xef, 0x39, 0xf0, 0x6a, 0x10, 0x9a, 0xac, 0xfa, 0x0c, 0x47, 0xad, 0x3e, 0x35,
+    0xd9, 0x5b, 0x74, 0x82, 0xfe, 0x26, 0xee, 0x9e, 0xc8, 0x0c, 0x0a, 0x89, 0x48, 0xdc, 0x8b, 0x77,
+    0xa9, 0x9f, 0x51, 0x36, 0xe5, 0xcd, 0x22, 0x32, 0xef, 0xc3, 0x43, 0xf4, 0x18, 0x69, 0x35, 0x11,
+    0xaa, 0x09, 0xc5, 0xa3, 0x89, 0xe7, 0x94, 0xc7, 0x73, 0x79, 0xa4, 0xc3, 0x9b, 0xf8, 0x88, 0x4a,
+    0xc5, 0x6a, 0xec, 0xaf, 0x88, 0x6c, 0xdd, 0xb5, 0xb1, 0x4f, 0x89, 0x07, 0x5c, 0x60, 0x45, 0x8f,
+    0x60, 0xe8, 0xa8, 0x88, 0x1e, 0x09, 0x62, 0xd5, 0x6b, 0x21, 0xd0, 0x2f, 0x0d, 0x08, 0xc1, 0x31,
+    0xf8, 0x71, 0x60, 0x89, 0xd0, 0x86, 0xa2, 0x3f, 0x24, 0xc4, 0xa6, 0x81, 0x32, 0xab, 0x1e, 0x51,
+    0x04, 0x0b, 0xb2, 0x0f, 0x90, 0xd9, 0xca, 0x8f, 0x13, 0xda, 0xb7, 0xf5, 0x86, 0xbe, 0x6f, 0x65,
+    0x90, 0x8f, 0x6f, 0x1f, 0x2d, 0xfe, 0x97, 0x37, 0x69, 0x92, 0xdb, 0x87, 0xf0, 0x1c, 0x01, 0xaa,
+    0xe6, 0xa4, 0xa1, 0x42, 0xee, 0x41, 0xf4, 0xb2, 0xb5, 0xea, 0x9f, 0x94, 0x65, 0x48, 0x06, 0x7a,
+    0x96, 0x60, 0x84, 0xf6, 0xf5, 0xaa, 0x38, 0x1e, 0x92, 0x25, 0xd6, 0xe9, 0x35, 0xfd, 0xb8, 0x1c,
+    0xaf, 0x70, 0xba, 0xdf, 0x3d, 0x99, 0x8d, 0x1b, 0x14, 0x74, 0x4e, 0x9a, 0xdd, 0x88, 0x8c, 0xa7,
+    0xc6, 0xfc, 0x78, 0x3a, 0xe4, 0x46, 0x6b, 0x40, 0x2d, 0xf5, 0x6e, 0x30, 0xdf, 0xf1, 0xf8, 0xd4,
+    0xa7, 0x66, 0x1d, 0xc1, 0xde, 0xe8, 0xda, 0xc6, 0x32, 0x03, 0xe3, 0xb3, 0x12, 0x37, 0x52, 0x6d,
+    0xa1, 0x89, 0xf6, 0x28, 0x06, 0xbc, 0x75, 0xef, 0xc9, 0xb4, 0xee, 0xdd, 0xd7, 0xd6, 0xeb, 0xdb,
+    0xd8, 0x29, 0xb9, 0xf1, 0xda, 0x81, 0x3d, 0xcd, 0xbc, 0xdb, 0x57, 0x25, 0x88, 0x12, 0xe0, 0xff,
+    0x1e, 0xd5, 0xc1, 0xcb, 0x3e, 0xc7, 0x56, 0x8d, 0x91, 0x2e, 0x39, 0x15, 0x57, 0xe3, 0x18, 0x2b,
+    0x4d, 0xdf, 0xa9, 0x92, 0x43, 0x01, 0xb3, 0x26, 0xb2, 0x44, 0x66, 0xfb, 0x3e, 0x7e, 0xe5, 0xb8,
+    0x64, 0xe3, 0x1a, 0x87, 0x8e, 0xd0, 0xa8, 0x5a, 0x78, 0xfb, 0x67, 0xda, 0x8b, 0xb6, 0xae, 0x54,
+    0x9a, 0x7d, 0x91, 0xe7, 0x86, 0x02, 0xa5, 0x4c, 0xa7, 0x88, 0xcc, 0x35, 0x7c, 0xfc, 0x09, 0xb3,
+    0xe3, 0xdd, 0xde, 0x3e, 0x5a, 0x3f, 0xed, 0x6e, 0xd2, 0xe7, 0x75, 0xcd, 0x23, 0x38, 0x02, 0x97,
+    0xf9, 0x03, 0xad, 0xfa, 0xf4, 0x21, 0x71, 0x6c, 0x50, 0x13, 0xfb, 0x2d, 0xf2, 0x65, 0x75, 0xd9,
+    0xf7, 0xfa, 0xe1, 0x0d, 0xcf, 0x04, 0x89, 0x98, 0x8d, 0xd3, 0x5b, 0x6a, 0xf8, 0x3b, 0x12, 0xa5,
+    0x19, 0x48, 0xe7, 0x51, 0xc2, 0x34, 0x2a, 0xf7, 0x1e, 0x4e, 0x69, 0xd7, 0x52, 0xcc, 0xca, 0x15,
+    0x83, 0x35, 0x76, 0xb6, 0x44, 0x36, 0x8f, 0xbb, 0xb9, 0xc6, 0xa5, 0xe2, 0x2e, 0x30, 0xc3, 0xa6,
+    0x4b, 0x30, 0x42, 0x7b, 0x9b, 0x55, 0x1c, 0x0f, 0x49, 0xf3, 0x6b, 0x95, 0xfb, 0x9f, 0x5c, 0x0e,
+    0x4f, 0x3b, 0xf0, 0x74, 0x0b, 0x8c, 0xd6, 0x80, 0x5a, 0x29, 0xdc, 0x60, 0x7d, 0x21, 0x33, 0x6b,
+    0x7b, 0x44, 0x16, 0x3f, 0x94, 0xb0, 0x2d, 0x84, 0x9d, 0x02, 0x03, 0x63, 0x1c, 0x9b, 0xdd, 0xf7,
+    0xef, 0xc0, 0xcb, 0x2f, 0x29, 0x97, 0x70, 0x3c, 0xe7, 0x4a, 0x6f, 0x11, 0x6a, 0x39, 0xb3, 0x38,
+    0x9d, 0xe0, 0xb7, 0x7d, 0x7a, 0xf1, 0xd9, 0x36, 0x28, 0xe8, 0x9c, 0xf7, 0x79, 0xd3, 0xdb, 0x8d,
+    0x74, 0xcf, 0x97, 0xbb, 0x8b, 0x32, 0x06, 0x23, 0x34, 0x15, 0xfe, 0x88, 0xd6, 0x0b, 0xd1, 0x03,
+    0xc7, 0x8e, 0xb5, 0x49, 0xc0, 0xe1, 0xb8, 0x13, 0x59, 0x22, 0x33, 0x9c, 0x1f, 0x3f, 0x93, 0x5c,
+    0xca, 0xe1, 0x6d, 0x2b, 0x97, 0xee, 0xf6, 0x12, 0x18, 0x58, 0x74, 0xec, 0x96, 0xf0, 0x49, 0x7b,
+    0x6c, 0xf5, 0xbd, 0x99, 0x6d, 0xa1, 0xff, 0x87, 0x5e, 0x8c, 0xca, 0xf3, 0x44, 0x09, 0x70, 0x9e,
+    0xf3, 0xf1, 0x53, 0x02, 0x5f, 0xdd, 0x43, 0x17, 0x9e, 0x09, 0xec, 0x9f, 0x7e, 0x85, 0x7d, 0xc0,
+    0x31, 0x06, 0x99, 0x37, 0x2b, 0x42, 0xe2, 0xd8, 0xa0, 0x26, 0x35, 0x5a, 0x27, 0xca, 0xea, 0x71,
+    0x3e, 0x8d, 0x18, 0xb3, 0x34, 0xc0, 0xc9, 0x7f, 0x09, 0x31, 0xc8, 0xb1, 0xed, 0x5a, 0xe6, 0x85,
+    0x01, 0x72, 0xcd, 0x73, 0x24, 0xa7, 0xd3, 0x53, 0x74, 0xd7, 0x5d, 0xac, 0xc0, 0xce, 0x6b, 0x88,
+    0xdb, 0xbf, 0x2d, 0x64, 0xb6, 0xab, 0x8b, 0x38, 0x20, 0x61, 0xb0, 0x12, 0x0b, 0x83, 0x5d, 0xa4,
+    0xc4, 0x18, 0x21, 0xdc, 0xac, 0xcb, 0x0e, 0xe6, 0xc5, 0x98, 0xd4, 0xab, 0x9c, 0xae, 0x2e, 0x07,
+    0xe1, 0x39, 0x87, 0xd8, 0x12, 0xb2, 0x88, 0xc8, 0x3a, 0x8a, 0xcf, 0x56, 0x60, 0x67, 0xd4, 0x44,
+    0xed, 0x24, 0x92, 0xc9, 0x61, 0x1a, 0x15, 0x9a, 0x0f, 0x27, 0xd5, 0x8a, 0x29, 0x66, 0x65, 0xeb,
+    0xe0, 0x4b, 0x4a, 0xab, 0x36, 0x15, 0x5b, 0x9b, 0x4e, 0x5d, 0x92, 0xfa, 0xa0, 0xa9, 0xbf, 0xcc,
+    0x14, 0x27, 0x3f, 0x33, 0x95, 0x3b, 0x64, 0xf6, 0x5f, 0x34, 0x2e, 0xa7, 0xdb, 0x03, 0x10, 0x32,
+    0xdf, 0xb4, 0x9f, 0x6b, 0x26, 0x72, 0x41, 0xb7, 0x33, 0xbb, 0x07, 0xe7, 0x8d, 0x3d, 0x32, 0xc1,
+    0x50, 0x9c, 0xfc, 0xcc, 0x11, 0xec, 0x53, 0x5e, 0xbf, 0xd0, 0xb8, 0xd9, 0xea, 0x0c, 0x40, 0xc8,
+    0xbe, 0x2e, 0xfa, 0x90, 0x1c, 0xdc, 0xf0, 0x31, 0x2c, 0x4d, 0x8a, 0x64, 0x40, 0xfb, 0x98, 0x78,
+    0xab, 0x7b, 0x08, 0xd0, 0xad, 0x40, 0x47, 0x94, 0x07, 0xae, 0xf9, 0x6f, 0x5b, 0x36, 0xe3, 0xc2,
+    0xae, 0x02, 0x77, 0xac, 0x19, 0x3e, 0x5e, 0x48, 0x60, 0xa3, 0x13, 0x36, 0x1d, 0x46, 0xe7, 0x2f,
+    0x51, 0xee, 0x31, 0xbf, 0x35, 0x4b, 0x80, 0x0d, 0xcb, 0x07, 0xe5, 0x75, 0x2a, 0xc2, 0x2b, 0x40,
+    0x12, 0xc8, 0xd4, 0xda, 0x4d, 0x6f, 0xcb, 0xdf, 0xa4, 0x83, 0x23, 0xc9, 0x1e, 0xe2, 0xa9, 0x84,
+    0x8f, 0x28, 0x63, 0xa7, 0x37, 0x9e, 0x12, 0xe9, 0x8c, 0x6b, 0xbf, 0x3e, 0x67, 0x31, 0x72, 0x09,
+    0x1d, 0x43, 0x55, 0x5e, 0x52, 0xed, 0xe0, 0x78, 0x0d, 0x94, 0xde, 0x22, 0xd4, 0x72, 0xa5, 0x70,
+    0xf4, 0x6c, 0x75, 0x98, 0xa3, 0x2e, 0x3f, 0x6d, 0x11, 0x69, 0xbc, 0x5d, 0x7b, 0xaa, 0xaf, 0xfe,
+    0xd3, 0xa9, 0x8a, 0x7a, 0x55, 0xda, 0xdc, 0xe5, 0x06, 0x16, 0x1d, 0x3b, 0xc4, 0x3c, 0x83, 0x6e,
+    0xff, 0xec, 0x46, 0x13, 0x2c, 0x75, 0xde, 0x45, 0xab, 0xa4, 0xf6, 0x43, 0x37, 0x84, 0xcc, 0x6f,
+    0x47, 0x2d, 0x57, 0x6a, 0xe8, 0xfd, 0x81, 0x5d, 0x7c, 0x5e, 0x71, 0x49, 0xb2, 0x9e, 0xed, 0xa1,
+    0x15, 0x55, 0xf2, 0x40, 0xb1, 0x9c, 0xb7, 0xa5, 0x2b, 0xe3, 0x73, 0x0b, 0x1b, 0xcd, 0x7b, 0xba,
+    0x8b, 0x23, 0xd1, 0xa8, 0xa7, 0x47, 0xd8, 0x66, 0x9f, 0xb1, 0x08, 0xcb, 0xe1, 0x8f, 0x1d, 0x6c,
+    0xa0, 0xfb, 0x3b, 0x5b, 0x22, 0x1b, 0xa6, 0xbc, 0xbd, 0x63, 0xb3, 0x71, 0x17, 0x18, 0x80, 0x53,
+    0xf5, 0x1e, 0xb8, 0xeb, 0x87, 0x89, 0xec, 0x3e, 0x65, 0xbe, 0xe1, 0xf1, 0xbb, 0x64, 0xc4, 0x76,
+    0x28, 0x4e, 0x7e, 0x66, 0xe9, 0x76, 0xc8, 0x2f, 0xbe, 0x68, 0x5c, 0x8d, 0x75, 0x06, 0x20, 0x64,
+    0x57, 0x01, 0xda, 0x56, 0xed, 0x1f, 0x2f, 0x24, 0x30, 0xb0, 0xe8, 0x1b, 0xef, 0x23, 0x92, 0xf6,
+    0xb2, 0x33, 0xef, 0x81, 0x6f, 0x74, 0x6d, 0x63, 0x19, 0xe0, 0x90, 0xb8, 0x09, 0xfa, 0x29, 0xd7,
+    0x24, 0x53, 0x6b, 0x77, 0x9a, 0xde, 0x55, 0x7d, 0x8b, 0xc5, 0x46, 0x51, 0x3c, 0x07, 0x91, 0xcb,
+    0xcf, 0x98, 0x12, 0x57, 0x23, 0x90, 0xef, 0xce, 0x7f, 0x55, 0x9e, 0xb5, 0xd0, 0x80, 0x4d, 0x96,
+    0x89, 0xc7, 0x88, 0x4e, 0xef, 0xca, 0xbd, 0xc0, 0x77, 0xdc, 0xb2, 0x50, 0xa2, 0xd0, 0xcb, 0xbf,
+    0xdd, 0x50, 0xc6, 0x8d, 0x6e, 0xff, 0x24, 0x11, 0xdb, 0xd6, 0xbd, 0x7c, 0xce, 0x62, 0xe4, 0x12,
+    0x55, 0xe5, 0x83, 0xb0, 0xa5, 0x92, 0x4a, 0x82, 0xd8, 0xdd, 0x52, 0x80, 0xac, 0x7c, 0x44, 0x25,
+    0x2b, 0xd8, 0xea, 0xf3, 0x85, 0x5c, 0x7e, 0xda, 0x22, 0xd2, 0xbb, 0xba, 0xf6, 0x97, 0x9d, 0x3f,
+    0x9b, 0x0f, 0x5c, 0x94, 0xa2, 0xa5, 0x76, 0x1f, 0xd3, 0x5f, 0x91, 0x99, 0xbc, 0x32, 0x62, 0x3b,
+    0xeb, 0xcb, 0x79, 0x20, 0xb9, 0x4e, 0xba, 0xb3, 0xf4, 0x90, 0xd8, 0xe4, 0xec, 0x87, 0xdc, 0x5d,
+    0xce, 0xea, 0xdf, 0x24, 0x07, 0x37, 0x3c, 0x9d, 0x0b, 0x82, 0xc3, 0x19, 0x10, 0x4e, 0x26, 0x1e,
+    0xe5, 0x32, 0x35, 0xd7, 0x82, 0x6b, 0x42, 0x47, 0x29, 0x50, 0x78, 0xa3, 0xe6, 0xd9, 0xbb, 0x21,
+    0xb1, 0xa5, 0x7b, 0x14, 0x03, 0x5e, 0xdb, 0x96, 0x85, 0x5a, 0x77, 0x8f, 0x8a, 0x6b, 0x94, 0x8c,
+    0x22, 0xbc, 0x80, 0x9e, 0x42, 0x8a, 0xfa, 0x54, 0x70, 0x72, 0x4b, 0x3f, 0xf9, 0xe6, 0x28, 0x7d,
+    0xbd, 0xb8, 0x6e, 0x05, 0x70, 0xf6, 0x46, 0xc4, 0xb0, 0xf7, 0x6d, 0x53, 0xc3, 0x6a, 0x25, 0x23,
+    0xe9, 0x2f, 0x20, 0xc6, 0xf1, 0xc3, 0xdf, 0x15, 0x1c, 0xfd, 0x62, 0x7f, 0xaf, 0xd8, 0x0a, 0x8e,
+    0x23, 0xce, 0x4d, 0xed, 0x66, 0x2d, 0x29, 0x07, 0x04, 0xa5, 0x16, 0x93, 0x39, 0x28, 0x43, 0xf5,
+    0x75, 0xbd, 0x5a, 0xc8, 0xaf, 0x95, 0xd5, 0x70, 0x40, 0xc2, 0xa3, 0x24, 0x16, 0xc5, 0xba, 0x8b,
+    0x9f, 0x04, 0xee, 0x9b, 0x32, 0x7c, 0xbc, 0x90, 0xc0, 0x85, 0x26, 0x6c, 0x3a, 0x8c, 0x0d, 0x5e,
+    0xa2, 0x1f, 0x62, 0xbd, 0x6a, 0x96, 0xc3, 0x1a, 0x55, 0x0e, 0x09, 0xea, 0x54, 0x47, 0x56, 0x80,
+    0x0f, 0x8b, 0x81, 0x84, 0x1f, 0x82, 0x2b, 0xa7, 0xa9, 0x17, 0xfd, 0xeb, 0xca, 0x90, 0x0c, 0xf4,
+    0x54, 0x97, 0x4e, 0xc3, 0x81, 0x35, 0x99, 0xd1, 0xac, 0x0a, 0x0f, 0x2c, 0x6c, 0xb2, 0x2f, 0xad,
+    0x86, 0x4c, 0x09, 0xca, 0xf0, 0x48, 0x96, 0x67, 0xde, 0xcb, 0x4f, 0xbb, 0x68, 0x40, 0xc7, 0x4b,
+    0x93, 0x19, 0xfb, 0x8a, 0x41, 0xd4, 0x21, 0xc2, 0xf5, 0x28, 0x3c, 0xb0, 0x73, 0x8d, 0xbc, 0xf1,
+    0x5a, 0x6e, 0x02, 0x34, 0xba, 0x10, 0x61, 0x25, 0x71, 0xca, 0xaf, 0x6b, 0x66, 0xec, 0x48, 0xd1,
+    0x3d, 0x1b, 0x8c, 0x26, 0x58, 0xea, 0x7f, 0x8a, 0x95, 0x8b, 0x2f, 0x86, 0x6e, 0xcb, 0x5b, 0xde,
+    0x94, 0x84, 0xdd, 0x10, 0xbd, 0x27, 0x5d, 0xb8, 0x7a, 0x48, 0x6c, 0x72, 0x76, 0xa2, 0x6e, 0xcf,
+    0x56, 0x73, 0x17, 0x25, 0xc9, 0xb8, 0xfc, 0x77, 0x44, 0x67, 0xb5, 0xb7, 0x2f, 0xed, 0xf9, 0x7e,
+    0xbf, 0x5c, 0x37, 0xe3, 0x38, 0x7b, 0x23, 0x62, 0x58, 0x9a, 0xd7, 0xc8, 0x80, 0x35, 0xf3, 0xf0,
+    0x95, 0xf6, 0x10, 0x63, 0x99, 0x80, 0x8e, 0xeb, 0x0e, 0x9f, 0x31, 0xde, 0xb6, 0x6c, 0x05, 0x47,
+    0xb9, 0xb3, 0xdc, 0x0a, 0xe0, 0x2f, 0x8c, 0x4b, 0xa3, 0x2d, 0xda, 0xa6, 0x45, 0xd4, 0x4a, 0x46,
+    0x11, 0x5e, 0x40, 0x4f, 0x21, 0x45, 0x7d, 0x2a, 0x38, 0x39, 0xc4, 0xfe, 0x9d, 0x73, 0x14, 0xdf,
+    0x0b, 0x80, 0x33, 0x8b, 0x8f, 0x5b, 0xe1, 0x28, 0xba, 0xcd, 0x4a, 0x1e, 0x4c, 0x2e, 0x63, 0x91,
+    0x71, 0xb6, 0xe8, 0xc7, 0x3f, 0x4c, 0x1f, 0xff, 0x53, 0x18, 0x14, 0xd1, 0x90, 0x7b, 0xd5, 0xee,
+    0xb0, 0xd7, 0xb6, 0x67, 0x27, 0xf9, 0x08, 0xc5, 0xf1, 0x8d, 0x2a, 0x23, 0x4a, 0xa5, 0xff, 0x04,
+    0x1c, 0x31, 0x98, 0x2d, 0x76, 0x4a, 0x33, 0x2b, 0x79, 0x43, 0x83, 0x8e, 0x14, 0xbc, 0xce, 0xf8,
+    0xdc, 0x22, 0x0b, 0xfe, 0x4a, 0x58, 0xf7, 0x42, 0xaf, 0x01, 0xe0, 0xd0, 0x0e, 0xac, 0x8f, 0x9a,
+    0xa8, 0xed, 0x9c, 0x45, 0xc1, 0x6a, 0xf1, 0x61, 0x9b, 0x14, 0x1e, 0x58, 0xd8, 0xa7, 0x5e, 0x99,
+    0xc1, 0x61, 0x5e, 0xa0, 0x18, 0xb5, 0x17, 0x3a, 0xa2, 0x95, 0x3e, 0xf2, 0xda, 0xde, 0x2a, 0xea,
+    0x2a, 0xaa, 0x27, 0x80, 0xa1, 0xfb, 0xad, 0x89, 0x56, 0x05, 0xe6, 0x16, 0x36, 0x59, 0xf6, 0xb7,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0xac, 0xe6, 0x2e, 0x4a, 0x51, 0xb3, 0x3b, 0xee, 0x88, 0xce, 0xa9, 0xad, 0x5e, 0x19, 0x31, 0xfc,
+    0x48, 0xa6, 0xd6, 0xee, 0xf7, 0x7f, 0xaa, 0xfa, 0xd5, 0x49, 0x8c, 0xa2, 0x78, 0x0e, 0xe1, 0x55,
+    0x7a, 0x36, 0xdb, 0x4c, 0xb0, 0x17, 0xfe, 0xd7, 0xe9, 0xd5, 0x5e, 0xcf, 0xdc, 0x55, 0xb6, 0x7f,
+  },
+};
diff --git a/lib/nettle/gost/magma.c b/lib/nettle/gost/magma.c
new file mode 100644
index 0000000..60d3e44
--- /dev/null
+++ b/lib/nettle/gost/magma.c
@@ -0,0 +1,92 @@
+/* magma.c - GOST R 34.12-2015 (Magma) cipher implementation
+ *
+ * Copyright: 2017 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+ * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+ * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#ifndef HAVE_NETTLE_MAGMA_SET_KEY
+
+#include <assert.h>
+
+#include <nettle/macros.h>
+#include "nettle-write.h"
+#include "magma.h"
+#ifndef HAVE_NETTLE_GOST28147_SET_KEY
+#include "gost28147.h"
+#else
+#include <nettle/gost28147.h>
+#endif
+
+void
+magma_set_key(struct magma_ctx *ctx, const uint8_t *key)
+{
+  unsigned i;
+
+  for (i = 0; i < 8; i++, key += 4)
+    ctx->key[i] = READ_UINT32(key);
+}
+
+void
+magma_encrypt(const struct magma_ctx *ctx,
+	      size_t length, uint8_t *dst,
+	      const uint8_t *src)
+{
+  uint32_t block[2];
+
+  assert(!(length % MAGMA_BLOCK_SIZE));
+
+  while (length)
+    {
+      block[1] = READ_UINT32(src); src += 4;
+      block[0] = READ_UINT32(src); src += 4;
+      gost28147_encrypt_simple(ctx->key, gost28147_param_TC26_Z.sbox,
+			       block, block);
+      WRITE_UINT32(dst, block[1]); dst += 4;
+      WRITE_UINT32(dst, block[0]); dst += 4;
+      length -= MAGMA_BLOCK_SIZE;
+    }
+}
+
+void
+magma_decrypt(const struct magma_ctx *ctx,
+	      size_t length, uint8_t *dst,
+	      const uint8_t *src)
+{
+  uint32_t block[2];
+
+  assert(!(length % MAGMA_BLOCK_SIZE));
+
+  while (length)
+    {
+      block[1] = READ_UINT32(src); src += 4;
+      block[0] = READ_UINT32(src); src += 4;
+      gost28147_decrypt_simple(ctx->key, gost28147_param_TC26_Z.sbox,
+			       block, block);
+      WRITE_UINT32(dst, block[1]); dst += 4;
+      WRITE_UINT32(dst, block[0]); dst += 4;
+      length -= MAGMA_BLOCK_SIZE;
+    }
+}
+#endif /* HAVE_NETTLE_MAGMA_SET_KEY */
diff --git a/lib/nettle/gost/magma.h b/lib/nettle/gost/magma.h
new file mode 100644
index 0000000..31c6b26
--- /dev/null
+++ b/lib/nettle/gost/magma.h
@@ -0,0 +1,78 @@
+/* magma.h
+
+   The GOST R 34.12-2015 (MAGMA) cipher function.
+
+   Copyright (C) 2017 Dmitry Eremin-Solenikov
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef GNUTLS_LIB_NETTLE_MAGMA_H_INCLUDED
+#define GNUTLS_LIB_NETTLE_MAGMA_H_INCLUDED
+
+#include "config.h"
+
+#ifndef HAVE_NETTLE_MAGMA_SET_KEY
+
+#include <nettle/nettle-types.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define magma_set_key _gnutls_magma_set_key
+#define magma_set_param _gnutls_magma_set_param
+#define magma_encrypt _gnutls_magma_encrypt
+#define magma_decrypt _gnutls_magma_decrypt
+
+#define MAGMA_KEY_SIZE 32
+#define MAGMA_BLOCK_SIZE 8
+
+struct magma_ctx
+{
+  uint32_t key[MAGMA_KEY_SIZE/4];
+};
+
+void
+magma_set_key(struct magma_ctx *ctx, const uint8_t *key);
+
+void
+magma_encrypt(const struct magma_ctx *ctx,
+	      size_t length, uint8_t *dst,
+	      const uint8_t *src);
+void
+magma_decrypt(const struct magma_ctx *ctx,
+	      size_t length, uint8_t *dst,
+	      const uint8_t *src);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+#endif /* GNUTLS_LIB_NETTLE_MAGMA_H_INCLUDED */
diff --git a/lib/nettle/gost/nettle-write.h b/lib/nettle/gost/nettle-write.h
new file mode 100644
index 0000000..ca0c084
--- /dev/null
+++ b/lib/nettle/gost/nettle-write.h
@@ -0,0 +1,61 @@
+/* nettle-write.h
+
+   Internal functions to write out word-sized data to byte arrays.
+
+   Copyright (C) 2010 Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see https://www.gnu.org/licenses/.
+*/
+
+#ifndef GNUTLS_LIB_NETTLE_GOST_NETTLE_WRITE_H
+#define GNUTLS_LIB_NETTLE_GOST_NETTLE_WRITE_H
+
+/* For size_t */
+#include <stddef.h>
+
+#include <stdint.h>
+
+/* Write the word array at SRC to the byte array at DST, using little
+   endian (le) or big endian (be) byte order, and truncating the
+   result to LENGTH bytes. */
+
+/* FIXME: Use a macro shortcut to memcpy for native endianness. */
+void
+#define _nettle_write_be32 _gnutls_nettle_ecc_write_be32
+_nettle_write_be32(size_t length, uint8_t *dst,
+		   const uint32_t *src);
+void
+#define _nettle_write_le32 _gnutls_nettle_ecc_write_le32
+_nettle_write_le32(size_t length, uint8_t *dst,
+		   const uint32_t *src);
+
+void
+#define _nettle_write_le64 _gnutls_nettle_ecc_write_le64
+_nettle_write_le64(size_t length, uint8_t *dst,
+		   const uint64_t *src);
+
+#endif /* GNUTLS_LIB_NETTLE_GOST_NETTLE_WRITE_H */
diff --git a/lib/nettle/gost/streebog-meta.c b/lib/nettle/gost/streebog-meta.c
new file mode 100644
index 0000000..c64fa00
--- /dev/null
+++ b/lib/nettle/gost/streebog-meta.c
@@ -0,0 +1,48 @@
+/* streebog-meta.c
+
+   Copyright (C) 2012 Nikos Mavrogiannopoulos, Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see https://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
+#include <gnutls_int.h>
+
+#include <nettle/nettle-meta.h>
+
+#include "streebog.h"
+
+const struct nettle_hash nettle_streebog512
+= _NETTLE_HASH(streebog512, STREEBOG512);
+
+const struct nettle_hash nettle_streebog256
+= _NETTLE_HASH(streebog256, STREEBOG256);
+#endif
diff --git a/lib/nettle/gost/streebog.c b/lib/nettle/gost/streebog.c
new file mode 100644
index 0000000..2799e9e
--- /dev/null
+++ b/lib/nettle/gost/streebog.c
@@ -0,0 +1,1337 @@
+/* streebog.c - GOST R 34.11-2012 (Streebog) hash function
+
+   Copyright (C) 2013-2015 Dmitry Eremin-Solenikov
+
+   Based on my code in libgcrypt.
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see https://www.gnu.org/licenses/.
+ */
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
+#include <gnutls_int.h>
+
+#include <stdlib.h>
+#include <string.h>
+
+#include "streebog.h"
+
+#include <nettle/macros.h>
+#include "nettle-write.h"
+
+
+/* Pre-computed results of multiplication of bytes on A and reordered with
+   Pi[]. */
+static const uint64_t streebog_table[8][256] =
+{
+  /* 0 */
+  { 0xd01f715b5c7ef8e6ULL, 0x16fa240980778325ULL,
+    0xa8a42e857ee049c8ULL, 0x6ac1068fa186465bULL,
+    0x6e417bd7a2e9320bULL, 0x665c8167a437daabULL,
+    0x7666681aa89617f6ULL, 0x4b959163700bdcf5ULL,
+    0xf14be6b78df36248ULL, 0xc585bd689a625cffULL,
+    0x9557d7fca67d82cbULL, 0x89f0b969af6dd366ULL,
+    0xb0833d48749f6c35ULL, 0xa1998c23b1ecbc7cULL,
+    0x8d70c431ac02a736ULL, 0xd6dfbc2fd0a8b69eULL,
+    0x37aeb3e551fa198bULL, 0x0b7d128a40b5cf9cULL,
+    0x5a8f2008b5780cbcULL, 0xedec882284e333e5ULL,
+    0xd25fc177d3c7c2ceULL, 0x5e0f5d50b61778ecULL,
+    0x1d873683c0c24cb9ULL, 0xad040bcbb45d208cULL,
+    0x2f89a0285b853c76ULL, 0x5732fff6791b8d58ULL,
+    0x3e9311439ef6ec3fULL, 0xc9183a809fd3c00fULL,
+    0x83adf3f5260a01eeULL, 0xa6791941f4e8ef10ULL,
+    0x103ae97d0ca1cd5dULL, 0x2ce948121dee1b4aULL,
+    0x39738421dbf2bf53ULL, 0x093da2a6cf0cf5b4ULL,
+    0xcd9847d89cbcb45fULL, 0xf9561c078b2d8ae8ULL,
+    0x9c6a755a6971777fULL, 0xbc1ebaa0712ef0c5ULL,
+    0x72e61542abf963a6ULL, 0x78bb5fde229eb12eULL,
+    0x14ba94250fceb90dULL, 0x844d6697630e5282ULL,
+    0x98ea08026a1e032fULL, 0xf06bbea144217f5cULL,
+    0xdb6263d11ccb377aULL, 0x641c314b2b8ee083ULL,
+    0x320e96ab9b4770cfULL, 0x1ee7deb986a96b85ULL,
+    0xe96cf57a878c47b5ULL, 0xfdd6615f8842feb8ULL,
+    0xc83862965601dd1bULL, 0x2ea9f83e92572162ULL,
+    0xf876441142ff97fcULL, 0xeb2c455608357d9dULL,
+    0x5612a7e0b0c9904cULL, 0x6c01cbfb2d500823ULL,
+    0x4548a6a7fa037a2dULL, 0xabc4c6bf388b6ef4ULL,
+    0xbade77d4fdf8bebdULL, 0x799b07c8eb4cac3aULL,
+    0x0c9d87e805b19cf0ULL, 0xcb588aac106afa27ULL,
+    0xea0c1d40c1e76089ULL, 0x2869354a1e816f1aULL,
+    0xff96d17307fbc490ULL, 0x9f0a9d602f1a5043ULL,
+    0x96373fc6e016a5f7ULL, 0x5292dab8b3a6e41cULL,
+    0x9b8ae0382c752413ULL, 0x4f15ec3b7364a8a5ULL,
+    0x3fb349555724f12bULL, 0xc7c50d4415db66d7ULL,
+    0x92b7429ee379d1a7ULL, 0xd37f99611a15dfdaULL,
+    0x231427c05e34a086ULL, 0xa439a96d7b51d538ULL,
+    0xb403401077f01865ULL, 0xdda2aea5901d7902ULL,
+    0x0a5d4a9c8967d288ULL, 0xc265280adf660f93ULL,
+    0x8bb0094520d4e94eULL, 0x2a29856691385532ULL,
+    0x42a833c5bf072941ULL, 0x73c64d54622b7eb2ULL,
+    0x07e095624504536cULL, 0x8a905153e906f45aULL,
+    0x6f6123c16b3b2f1fULL, 0xc6e55552dc097bc3ULL,
+    0x4468feb133d16739ULL, 0xe211e7f0c7398829ULL,
+    0xa2f96419f7879b40ULL, 0x19074bdbc3ad38e9ULL,
+    0xf4ebc3f9474e0b0cULL, 0x43886bd376d53455ULL,
+    0xd8028beb5aa01046ULL, 0x51f23282f5cdc320ULL,
+    0xe7b1c2be0d84e16dULL, 0x081dfab006dee8a0ULL,
+    0x3b33340d544b857bULL, 0x7f5bcabc679ae242ULL,
+    0x0edd37c48a08a6d8ULL, 0x81ed43d9a9b33bc6ULL,
+    0xb1a3655ebd4d7121ULL, 0x69a1eeb5e7ed6167ULL,
+    0xf6ab73d5c8f73124ULL, 0x1a67a3e185c61fd5ULL,
+    0x2dc91004d43c065eULL, 0x0240b02c8fb93a28ULL,
+    0x90f7f2b26cc0eb8fULL, 0x3cd3a16f114fd617ULL,
+    0xaae49ea9f15973e0ULL, 0x06c0cd748cd64e78ULL,
+    0xda423bc7d5192a6eULL, 0xc345701c16b41287ULL,
+    0x6d2193ede4821537ULL, 0xfcf639494190e3acULL,
+    0x7c3b228621f1c57eULL, 0xfb16ac2b0494b0c0ULL,
+    0xbf7e529a3745d7f9ULL, 0x6881b6a32e3f7c73ULL,
+    0xca78d2bad9b8e733ULL, 0xbbfe2fc2342aa3a9ULL,
+    0x0dbddffecc6381e4ULL, 0x70a6a56e2440598eULL,
+    0xe4d12a844befc651ULL, 0x8c509c2765d0ba22ULL,
+    0xee8c6018c28814d9ULL, 0x17da7c1f49a59e31ULL,
+    0x609c4c1328e194d3ULL, 0xb3e3d57232f44b09ULL,
+    0x91d7aaa4a512f69bULL, 0x0ffd6fd243dabbccULL,
+    0x50d26a943c1fde34ULL, 0x6be15e9968545b4fULL,
+    0x94778fea6faf9fdfULL, 0x2b09dd7058ea4826ULL,
+    0x677cd9716de5c7bfULL, 0x49d5214fffb2e6ddULL,
+    0x0360e83a466b273cULL, 0x1fc786af4f7b7691ULL,
+    0xa0b9d435783ea168ULL, 0xd49f0c035f118cb6ULL,
+    0x01205816c9d21d14ULL, 0xac2453dd7d8f3d98ULL,
+    0x545217cc3f70aa64ULL, 0x26b4028e9489c9c2ULL,
+    0xdec2469fd6765e3eULL, 0x04807d58036f7450ULL,
+    0xe5f17292823ddb45ULL, 0xf30b569b024a5860ULL,
+    0x62dcfc3fa758aefbULL, 0xe84cad6c4e5e5aa1ULL,
+    0xccb81fce556ea94bULL, 0x53b282ae7a74f908ULL,
+    0x1b47fbf74c1402c1ULL, 0x368eebf39828049fULL,
+    0x7afbeff2ad278b06ULL, 0xbe5e0a8cfe97caedULL,
+    0xcfd8f7f413058e77ULL, 0xf78b2bc301252c30ULL,
+    0x4d555c17fcdd928dULL, 0x5f2f05467fc565f8ULL,
+    0x24f4b2a21b30f3eaULL, 0x860dd6bbecb768aaULL,
+    0x4c750401350f8f99ULL, 0x0000000000000000ULL,
+    0xecccd0344d312ef1ULL, 0xb5231806be220571ULL,
+    0xc105c030990d28afULL, 0x653c695de25cfd97ULL,
+    0x159acc33c61ca419ULL, 0xb89ec7f872418495ULL,
+    0xa9847693b73254dcULL, 0x58cf90243ac13694ULL,
+    0x59efc832f3132b80ULL, 0x5c4fed7c39ae42c4ULL,
+    0x828dabe3efd81cfaULL, 0xd13f294d95ace5f2ULL,
+    0x7d1b7a90e823d86aULL, 0xb643f03cf849224dULL,
+    0x3df3f979d89dcb03ULL, 0x7426d836272f2ddeULL,
+    0xdfe21e891fa4432aULL, 0x3a136c1b9d99986fULL,
+    0xfa36f43dcd46add4ULL, 0xc025982650df35bbULL,
+    0x856d3e81aadc4f96ULL, 0xc4a5e57e53b041ebULL,
+    0x4708168b75ba4005ULL, 0xaf44bbe73be41aa4ULL,
+    0x971767d029c4b8e3ULL, 0xb9be9feebb939981ULL,
+    0x215497ecd18d9aaeULL, 0x316e7e91dd2c57f3ULL,
+    0xcef8afe2dad79363ULL, 0x3853dc371220a247ULL,
+    0x35ee03c9de4323a3ULL, 0xe6919aa8c456fc79ULL,
+    0xe05157dc4880b201ULL, 0x7bdbb7e464f59612ULL,
+    0x127a59518318f775ULL, 0x332ecebd52956ddbULL,
+    0x8f30741d23bb9d1eULL, 0xd922d3fd93720d52ULL,
+    0x7746300c61440ae2ULL, 0x25d4eab4d2e2eefeULL,
+    0x75068020eefd30caULL, 0x135a01474acaea61ULL,
+    0x304e268714fe4ae7ULL, 0xa519f17bb283c82cULL,
+    0xdc82f6b359cf6416ULL, 0x5baf781e7caa11a8ULL,
+    0xb2c38d64fb26561dULL, 0x34ce5bdf17913eb7ULL,
+    0x5d6fb56af07c5fd0ULL, 0x182713cd0a7f25fdULL,
+    0x9e2ac576e6c84d57ULL, 0x9aaab82ee5a73907ULL,
+    0xa3d93c0f3e558654ULL, 0x7e7b92aaae48ff56ULL,
+    0x872d8ead256575beULL, 0x41c8dbfff96c0e7dULL,
+    0x99ca5014a3cc1e3bULL, 0x40e883e930be1369ULL,
+    0x1ca76e95091051adULL, 0x4e35b42dbab6b5b1ULL,
+    0x05a0254ecabd6944ULL, 0xe1710fca8152af15ULL,
+    0xf22b0e8dcb984574ULL, 0xb763a82a319b3f59ULL,
+    0x63fca4296e8ab3efULL, 0x9d4a2d4ca0a36a6bULL,
+    0xe331bfe60eeb953dULL, 0xd5bf541596c391a2ULL,
+    0xf5cb9bef8e9c1618ULL, 0x46284e9dbc685d11ULL,
+    0x2074cffa185f87baULL, 0xbd3ee2b6b8fcedd1ULL,
+    0xae64e3f1f23607b0ULL, 0xfeb68965ce29d984ULL,
+    0x55724fdaf6a2b770ULL, 0x29496d5cd753720eULL,
+    0xa75941573d3af204ULL, 0x8e102c0bea69800aULL,
+    0x111ab16bc573d049ULL, 0xd7ffe439197aab8aULL,
+    0xefac380e0b5a09cdULL, 0x48f579593660fbc9ULL,
+    0x22347fd697e6bd92ULL, 0x61bc1405e13389c7ULL,
+    0x4ab5c975b9d9c1e1ULL, 0x80cd1bcf606126d2ULL,
+    0x7186fd78ed92449aULL, 0x93971a882aabccb3ULL,
+    0x88d0e17f66bfce72ULL, 0x27945a985d5bd4d6ULL },
+  /* 1 */
+  { 0xde553f8c05a811c8ULL, 0x1906b59631b4f565ULL,
+    0x436e70d6b1964ff7ULL, 0x36d343cb8b1e9d85ULL,
+    0x843dfacc858aab5aULL, 0xfdfc95c299bfc7f9ULL,
+    0x0f634bdea1d51fa2ULL, 0x6d458b3b76efb3cdULL,
+    0x85c3f77cf8593f80ULL, 0x3c91315fbe737cb2ULL,
+    0x2148b03366ace398ULL, 0x18f8b8264c6761bfULL,
+    0xc830c1c495c9fb0fULL, 0x981a76102086a0aaULL,
+    0xaa16012142f35760ULL, 0x35cc54060c763cf6ULL,
+    0x42907d66cc45db2dULL, 0x8203d44b965af4bcULL,
+    0x3d6f3cefc3a0e868ULL, 0xbc73ff69d292bda7ULL,
+    0x8722ed0102e20a29ULL, 0x8f8185e8cd34deb7ULL,
+    0x9b0561dda7ee01d9ULL, 0x5335a0193227fad6ULL,
+    0xc9cecc74e81a6fd5ULL, 0x54f5832e5c2431eaULL,
+    0x99e47ba05d553470ULL, 0xf7bee756acd226ceULL,
+    0x384e05a5571816fdULL, 0xd1367452a47d0e6aULL,
+    0xf29fde1c386ad85bULL, 0x320c77316275f7caULL,
+    0xd0c879e2d9ae9ab0ULL, 0xdb7406c69110ef5dULL,
+    0x45505e51a2461011ULL, 0xfc029872e46c5323ULL,
+    0xfa3cb6f5f7bc0cc5ULL, 0x031f17cd8768a173ULL,
+    0xbd8df2d9af41297dULL, 0x9d3b4f5ab43e5e3fULL,
+    0x4071671b36feee84ULL, 0x716207e7d3e3b83dULL,
+    0x48d20ff2f9283a1aULL, 0x27769eb4757cbc7eULL,
+    0x5c56ebc793f2e574ULL, 0xa48b474f9ef5dc18ULL,
+    0x52cbada94ff46e0cULL, 0x60c7da982d8199c6ULL,
+    0x0e9d466edc068b78ULL, 0x4eec2175eaf865fcULL,
+    0x550b8e9e21f7a530ULL, 0x6b7ba5bc653fec2bULL,
+    0x5eb7f1ba6949d0ddULL, 0x57ea94e3db4c9099ULL,
+    0xf640eae6d101b214ULL, 0xdd4a284182c0b0bbULL,
+    0xff1d8fbf6304f250ULL, 0xb8accb933bf9d7e8ULL,
+    0xe8867c478eb68c4dULL, 0x3f8e2692391bddc1ULL,
+    0xcb2fd60912a15a7cULL, 0xaec935dbab983d2fULL,
+    0xf55ffd2b56691367ULL, 0x80e2ce366ce1c115ULL,
+    0x179bf3f8edb27e1dULL, 0x01fe0db07dd394daULL,
+    0xda8a0b76ecc37b87ULL, 0x44ae53e1df9584cbULL,
+    0xb310b4b77347a205ULL, 0xdfab323c787b8512ULL,
+    0x3b511268d070b78eULL, 0x65e6e3d2b9396753ULL,
+    0x6864b271e2574d58ULL, 0x259784c98fc789d7ULL,
+    0x02e11a7dfabb35a9ULL, 0x8841a6dfa337158bULL,
+    0x7ade78c39b5dcdd0ULL, 0xb7cf804d9a2cc84aULL,
+    0x20b6bd831b7f7742ULL, 0x75bd331d3a88d272ULL,
+    0x418f6aab4b2d7a5eULL, 0xd9951cbb6babdaf4ULL,
+    0xb6318dfde7ff5c90ULL, 0x1f389b112264aa83ULL,
+    0x492c024284fbaec0ULL, 0xe33a0363c608f9a0ULL,
+    0x2688930408af28a4ULL, 0xc7538a1a341ce4adULL,
+    0x5da8e677ee2171aeULL, 0x8c9e92254a5c7fc4ULL,
+    0x63d8cd55aae938b5ULL, 0x29ebd8daa97a3706ULL,
+    0x959827b37be88aa1ULL, 0x1484e4356adadf6eULL,
+    0xa7945082199d7d6bULL, 0xbf6ce8a455fa1cd4ULL,
+    0x9cc542eac9edcae5ULL, 0x79c16f0e1c356ca3ULL,
+    0x89bfab6fdee48151ULL, 0xd4174d1830c5f0ffULL,
+    0x9258048415eb419dULL, 0x6139d72850520d1cULL,
+    0x6a85a80c18ec78f1ULL, 0xcd11f88e0171059aULL,
+    0xcceff53e7ca29140ULL, 0xd229639f2315af19ULL,
+    0x90b91ef9ef507434ULL, 0x5977d28d074a1be1ULL,
+    0x311360fce51d56b9ULL, 0xc093a92d5a1f2f91ULL,
+    0x1a19a25bb6dc5416ULL, 0xeb996b8a09de2d3eULL,
+    0xfee3820f1ed7668aULL, 0xd7085ad5b7ad518cULL,
+    0x7fff41890fe53345ULL, 0xec5948bd67dde602ULL,
+    0x2fd5f65dbaaa68e0ULL, 0xa5754affe32648c2ULL,
+    0xf8ddac880d07396cULL, 0x6fa491468c548664ULL,
+    0x0c7c5c1326bdbed1ULL, 0x4a33158f03930fb3ULL,
+    0x699abfc19f84d982ULL, 0xe4fa2054a80b329cULL,
+    0x6707f9af438252faULL, 0x08a368e9cfd6d49eULL,
+    0x47b1442c58fd25b8ULL, 0xbbb3dc5ebc91769bULL,
+    0x1665fe489061eac7ULL, 0x33f27a811fa66310ULL,
+    0x93a609346838d547ULL, 0x30ed6d4c98cec263ULL,
+    0x1dd9816cd8df9f2aULL, 0x94662a03063b1e7bULL,
+    0x83fdd9fbeb896066ULL, 0x7b207573e68e590aULL,
+    0x5f49fc0a149a4407ULL, 0x343259b671a5a82cULL,
+    0xfbc2bb458a6f981fULL, 0xc272b350a0a41a38ULL,
+    0x3aaf1fd8ada32354ULL, 0x6cbb868b0b3c2717ULL,
+    0xa2b569c88d2583feULL, 0xf180c9d1bf027928ULL,
+    0xaf37386bd64ba9f5ULL, 0x12bacab2790a8088ULL,
+    0x4c0d3b0810435055ULL, 0xb2eeb9070e9436dfULL,
+    0xc5b29067cea7d104ULL, 0xdcb425f1ff132461ULL,
+    0x4f122cc5972bf126ULL, 0xac282fa651230886ULL,
+    0xe7e537992f6393efULL, 0xe61b3a2952b00735ULL,
+    0x709c0a57ae302ce7ULL, 0xe02514ae416058d3ULL,
+    0xc44c9dd7b37445deULL, 0x5a68c5408022ba92ULL,
+    0x1c278cdca50c0bf0ULL, 0x6e5a9cf6f18712beULL,
+    0x86dce0b17f319ef3ULL, 0x2d34ec2040115d49ULL,
+    0x4bcd183f7e409b69ULL, 0x2815d56ad4a9a3dcULL,
+    0x24698979f2141d0dULL, 0x0000000000000000ULL,
+    0x1ec696a15fb73e59ULL, 0xd86b110b16784e2eULL,
+    0x8e7f8858b0e74a6dULL, 0x063e2e8713d05fe6ULL,
+    0xe2c40ed3bbdb6d7aULL, 0xb1f1aeca89fc97acULL,
+    0xe1db191e3cb3cc09ULL, 0x6418ee62c4eaf389ULL,
+    0xc6ad87aa49cf7077ULL, 0xd6f65765ca7ec556ULL,
+    0x9afb6c6dda3d9503ULL, 0x7ce05644888d9236ULL,
+    0x8d609f95378feb1eULL, 0x23a9aa4e9c17d631ULL,
+    0x6226c0e5d73aac6fULL, 0x56149953a69f0443ULL,
+    0xeeb852c09d66d3abULL, 0x2b0ac2a753c102afULL,
+    0x07c023376e03cb3cULL, 0x2ccae1903dc2c993ULL,
+    0xd3d76e2f5ec63bc3ULL, 0x9e2458973356ff4cULL,
+    0xa66a5d32644ee9b1ULL, 0x0a427294356de137ULL,
+    0x783f62be61e6f879ULL, 0x1344c70204d91452ULL,
+    0x5b96c8f0fdf12e48ULL, 0xa90916ecc59bf613ULL,
+    0xbe92e5142829880eULL, 0x727d102a548b194eULL,
+    0x1be7afebcb0fc0ccULL, 0x3e702b2244c8491bULL,
+    0xd5e940a84d166425ULL, 0x66f9f41f3e51c620ULL,
+    0xabe80c913f20c3baULL, 0xf07ec461c2d1edf2ULL,
+    0xf361d3ac45b94c81ULL, 0x0521394a94b8fe95ULL,
+    0xadd622162cf09c5cULL, 0xe97871f7f3651897ULL,
+    0xf4a1f09b2bba87bdULL, 0x095d6559b2054044ULL,
+    0x0bbc7f2448be75edULL, 0x2af4cf172e129675ULL,
+    0x157ae98517094bb4ULL, 0x9fda55274e856b96ULL,
+    0x914713499283e0eeULL, 0xb952c623462a4332ULL,
+    0x74433ead475b46a8ULL, 0x8b5eb112245fb4f8ULL,
+    0xa34b6478f0f61724ULL, 0x11a5dd7ffe6221fbULL,
+    0xc16da49d27ccbb4bULL, 0x76a224d0bde07301ULL,
+    0x8aa0bca2598c2022ULL, 0x4df336b86d90c48fULL,
+    0xea67663a740db9e4ULL, 0xef465f70e0b54771ULL,
+    0x39b008152acb8227ULL, 0x7d1e5bf4f55e06ecULL,
+    0x105bd0cf83b1b521ULL, 0x775c2960c033e7dbULL,
+    0x7e014c397236a79fULL, 0x811cc386113255cfULL,
+    0xeda7450d1a0e72d8ULL, 0x5889df3d7a998f3bULL,
+    0x2e2bfbedc779fc3aULL, 0xce0eef438619a4e9ULL,
+    0x372d4e7bf6cd095fULL, 0x04df34fae96b6a4fULL,
+    0xf923a13870d4adb6ULL, 0xa1aa7e050a4d228dULL,
+    0xa8f71b5cb84862c9ULL, 0xb52e9a306097fde3ULL,
+    0x0d8251a35b6e2a0bULL, 0x2257a7fee1c442ebULL,
+    0x73831d9a29588d94ULL, 0x51d4ba64c89ccf7fULL,
+    0x502ab7d4b54f5ba5ULL, 0x97793dce8153bf08ULL,
+    0xe5042de4d5d8a646ULL, 0x9687307efc802bd2ULL,
+    0xa05473b5779eb657ULL, 0xb4d097801d446939ULL,
+    0xcff0e2f3fbca3033ULL, 0xc38cbee0dd778ee2ULL,
+    0x464f499c252eb162ULL, 0xcad1dbb96f72cea6ULL,
+    0xba4dd1eec142e241ULL, 0xb00fa37af42f0376ULL },
+  /* 2 */
+  { 0xcce4cd3aa968b245ULL, 0x089d5484e80b7fafULL,
+    0x638246c1b3548304ULL, 0xd2fe0ec8c2355492ULL,
+    0xa7fbdf7ff2374eeeULL, 0x4df1600c92337a16ULL,
+    0x84e503ea523b12fbULL, 0x0790bbfd53ab0c4aULL,
+    0x198a780f38f6ea9dULL, 0x2ab30c8f55ec48cbULL,
+    0xe0f7fed6b2c49db5ULL, 0xb6ecf3f422cadbdcULL,
+    0x409c9a541358df11ULL, 0xd3ce8a56dfde3fe3ULL,
+    0xc3e9224312c8c1a0ULL, 0x0d6dfa58816ba507ULL,
+    0xddf3e1b179952777ULL, 0x04c02a42748bb1d9ULL,
+    0x94c2abff9f2decb8ULL, 0x4f91752da8f8acf4ULL,
+    0x78682befb169bf7bULL, 0xe1c77a48af2ff6c4ULL,
+    0x0c5d7ec69c80ce76ULL, 0x4cc1e4928fd81167ULL,
+    0xfeed3d24d9997b62ULL, 0x518bb6dfc3a54a23ULL,
+    0x6dbf2d26151f9b90ULL, 0xb5bc624b05ea664fULL,
+    0xe86aaa525acfe21aULL, 0x4801ced0fb53a0beULL,
+    0xc91463e6c00868edULL, 0x1027a815cd16fe43ULL,
+    0xf67069a0319204cdULL, 0xb04ccc976c8abce7ULL,
+    0xc0b9b3fc35e87c33ULL, 0xf380c77c58f2de65ULL,
+    0x50bb3241de4e2152ULL, 0xdf93f490435ef195ULL,
+    0xf1e0d25d62390887ULL, 0xaf668bfb1a3c3141ULL,
+    0xbc11b251f00a7291ULL, 0x73a5eed47e427d47ULL,
+    0x25bee3f6ee4c3b2eULL, 0x43cc0beb34786282ULL,
+    0xc824e778dde3039cULL, 0xf97d86d98a327728ULL,
+    0xf2b043e24519b514ULL, 0xe297ebf7880f4b57ULL,
+    0x3a94a49a98fab688ULL, 0x868516cb68f0c419ULL,
+    0xeffa11af0964ee50ULL, 0xa4ab4ec0d517f37dULL,
+    0xa9c6b498547c567aULL, 0x8e18424f80fbbbb6ULL,
+    0x0bcdc53bcf2bc23cULL, 0x137739aaea3643d0ULL,
+    0x2c1333ec1bac2ff0ULL, 0x8d48d3f0a7db0625ULL,
+    0x1e1ac3f26b5de6d7ULL, 0xf520f81f16b2b95eULL,
+    0x9f0f6ec450062e84ULL, 0x0130849e1deb6b71ULL,
+    0xd45e31ab8c7533a9ULL, 0x652279a2fd14e43fULL,
+    0x3209f01e70f1c927ULL, 0xbe71a770cac1a473ULL,
+    0x0e3d6be7a64b1894ULL, 0x7ec8148cff29d840ULL,
+    0xcb7476c7fac3be0fULL, 0x72956a4a63a91636ULL,
+    0x37f95ec21991138fULL, 0x9e3fea5a4ded45f5ULL,
+    0x7b38ba50964902e8ULL, 0x222e580bbde73764ULL,
+    0x61e253e0899f55e6ULL, 0xfc8d2805e352ad80ULL,
+    0x35994be3235ac56dULL, 0x09add01af5e014deULL,
+    0x5e8659a6780539c6ULL, 0xb17c48097161d796ULL,
+    0x026015213acbd6e2ULL, 0xd1ae9f77e515e901ULL,
+    0xb7dc776a3f21b0adULL, 0xaba6a1b96eb78098ULL,
+    0x9bcf4486248d9f5dULL, 0x582666c536455efdULL,
+    0xfdbdac9bfeb9c6f1ULL, 0xc47999be4163cdeaULL,
+    0x765540081722a7efULL, 0x3e548ed8ec710751ULL,
+    0x3d041f67cb51bac2ULL, 0x7958af71ac82d40aULL,
+    0x36c9da5c047a78feULL, 0xed9a048e33af38b2ULL,
+    0x26ee7249c96c86bdULL, 0x900281bdeba65d61ULL,
+    0x11172c8bd0fd9532ULL, 0xea0abf73600434f8ULL,
+    0x42fc8f75299309f3ULL, 0x34a9cf7d3eb1ae1cULL,
+    0x2b838811480723baULL, 0x5ce64c8742ceef24ULL,
+    0x1adae9b01fd6570eULL, 0x3c349bf9d6bad1b3ULL,
+    0x82453c891c7b75c0ULL, 0x97923a40b80d512bULL,
+    0x4a61dbf1c198765cULL, 0xb48ce6d518010d3eULL,
+    0xcfb45c858e480fd6ULL, 0xd933cbf30d1e96aeULL,
+    0xd70ea014ab558e3aULL, 0xc189376228031742ULL,
+    0x9262949cd16d8b83ULL, 0xeb3a3bed7def5f89ULL,
+    0x49314a4ee6b8cbcfULL, 0xdcc3652f647e4c06ULL,
+    0xda635a4c2a3e2b3dULL, 0x470c21a940f3d35bULL,
+    0x315961a157d174b4ULL, 0x6672e81dda3459acULL,
+    0x5b76f77a1165e36eULL, 0x445cb01667d36ec8ULL,
+    0xc5491d205c88a69bULL, 0x456c34887a3805b9ULL,
+    0xffddb9bac4721013ULL, 0x99af51a71e4649bfULL,
+    0xa15be01cbc7729d5ULL, 0x52db2760e485f7b0ULL,
+    0x8c78576eba306d54ULL, 0xae560f6507d75a30ULL,
+    0x95f22f6182c687c9ULL, 0x71c5fbf54489aba5ULL,
+    0xca44f259e728d57eULL, 0x88b87d2ccebbdc8dULL,
+    0xbab18d32be4a15aaULL, 0x8be8ec93e99b611eULL,
+    0x17b713e89ebdf209ULL, 0xb31c5d284baa0174ULL,
+    0xeeca9531148f8521ULL, 0xb8d198138481c348ULL,
+    0x8988f9b2d350b7fcULL, 0xb9e11c8d996aa839ULL,
+    0x5a4673e40c8e881fULL, 0x1687977683569978ULL,
+    0xbf4123eed72acf02ULL, 0x4ea1f1b3b513c785ULL,
+    0xe767452be16f91ffULL, 0x7505d1b730021a7cULL,
+    0xa59bca5ec8fc980cULL, 0xad069eda20f7e7a3ULL,
+    0x38f4b1bba231606aULL, 0x60d2d77e94743e97ULL,
+    0x9affc0183966f42cULL, 0x248e6768f3a7505fULL,
+    0xcdd449a4b483d934ULL, 0x87b59255751baf68ULL,
+    0x1bea6d2e023d3c7fULL, 0x6b1f12455b5ffcabULL,
+    0x743555292de9710dULL, 0xd8034f6d10f5fddfULL,
+    0xc6198c9f7ba81b08ULL, 0xbb8109aca3a17edbULL,
+    0xfa2d1766ad12cabbULL, 0xc729080166437079ULL,
+    0x9c5fff7b77269317ULL, 0x0000000000000000ULL,
+    0x15d706c9a47624ebULL, 0x6fdf38072fd44d72ULL,
+    0x5fb6dd3865ee52b7ULL, 0xa33bf53d86bcff37ULL,
+    0xe657c1b5fc84fa8eULL, 0xaa962527735cebe9ULL,
+    0x39c43525bfda0b1bULL, 0x204e4d2a872ce186ULL,
+    0x7a083ece8ba26999ULL, 0x554b9c9db72efbfaULL,
+    0xb22cd9b656416a05ULL, 0x96a2bedea5e63a5aULL,
+    0x802529a826b0a322ULL, 0x8115ad363b5bc853ULL,
+    0x8375b81701901eb1ULL, 0x3069e53f4a3a1fc5ULL,
+    0xbd2136cfede119e0ULL, 0x18bafc91251d81ecULL,
+    0x1d4a524d4c7d5b44ULL, 0x05f0aedc6960daa8ULL,
+    0x29e39d3072ccf558ULL, 0x70f57f6b5962c0d4ULL,
+    0x989fd53903ad22ceULL, 0xf84d024797d91c59ULL,
+    0x547b1803aac5908bULL, 0xf0d056c37fd263f6ULL,
+    0xd56eb535919e58d8ULL, 0x1c7ad6d351963035ULL,
+    0x2e7326cd2167f912ULL, 0xac361a443d1c8cd2ULL,
+    0x697f076461942a49ULL, 0x4b515f6fdc731d2dULL,
+    0x8ad8680df4700a6fULL, 0x41ac1eca0eb3b460ULL,
+    0x7d988533d80965d3ULL, 0xa8f6300649973d0bULL,
+    0x7765c4960ac9cc9eULL, 0x7ca801adc5e20ea2ULL,
+    0xdea3700e5eb59ae4ULL, 0xa06b6482a19c42a4ULL,
+    0x6a2f96db46b497daULL, 0x27def6d7d487edccULL,
+    0x463ca5375d18b82aULL, 0xa6cb5be1efdc259fULL,
+    0x53eba3fef96e9cc1ULL, 0xce84d81b93a364a7ULL,
+    0xf4107c810b59d22fULL, 0x333974806d1aa256ULL,
+    0x0f0def79bba073e5ULL, 0x231edc95a00c5c15ULL,
+    0xe437d494c64f2c6cULL, 0x91320523f64d3610ULL,
+    0x67426c83c7df32ddULL, 0x6eefbc99323f2603ULL,
+    0x9d6f7be56acdf866ULL, 0x5916e25b2bae358cULL,
+    0x7ff89012e2c2b331ULL, 0x035091bf2720bd93ULL,
+    0x561b0d22900e4669ULL, 0x28d319ae6f279e29ULL,
+    0x2f43a2533c8c9263ULL, 0xd09e1be9f8fe8270ULL,
+    0xf740ed3e2c796fbcULL, 0xdb53ded237d5404cULL,
+    0x62b2c25faebfe875ULL, 0x0afd41a5d2c0a94dULL,
+    0x6412fd3ce0ff8f4eULL, 0xe3a76f6995e42026ULL,
+    0x6c8fa9b808f4f0e1ULL, 0xc2d9a6dd0f23aad1ULL,
+    0x8f28c6d19d10d0c7ULL, 0x85d587744fd0798aULL,
+    0xa20b71a39b579446ULL, 0x684f83fa7c7f4138ULL,
+    0xe507500adba4471dULL, 0x3f640a46f19a6c20ULL,
+    0x1247bd34f7dd28a1ULL, 0x2d23b77206474481ULL,
+    0x93521002cc86e0f2ULL, 0x572b89bc8de52d18ULL,
+    0xfb1d93f8b0f9a1caULL, 0xe95a2ecc4724896bULL,
+    0x3ba420048511ddf9ULL, 0xd63e248ab6bee54bULL,
+    0x5dd6c8195f258455ULL, 0x06a03f634e40673bULL,
+    0x1f2a476c76b68da6ULL, 0x217ec9b49ac78af7ULL,
+    0xecaa80102e4453c3ULL, 0x14e78257b99d4f9aULL },
+  /* 3 */
+  { 0x20329b2cc87bba05ULL, 0x4f5eb6f86546a531ULL,
+    0xd4f44775f751b6b1ULL, 0x8266a47b850dfa8bULL,
+    0xbb986aa15a6ca985ULL, 0xc979eb08f9ae0f99ULL,
+    0x2da6f447a2375ea1ULL, 0x1e74275dcd7d8576ULL,
+    0xbc20180a800bc5f8ULL, 0xb4a2f701b2dc65beULL,
+    0xe726946f981b6d66ULL, 0x48e6c453bf21c94cULL,
+    0x42cad9930f0a4195ULL, 0xefa47b64aacccd20ULL,
+    0x71180a8960409a42ULL, 0x8bb3329bf6a44e0cULL,
+    0xd34c35de2d36daccULL, 0xa92f5b7cbc23dc96ULL,
+    0xb31a85aa68bb09c3ULL, 0x13e04836a73161d2ULL,
+    0xb24dfc4129c51d02ULL, 0x8ae44b70b7da5acdULL,
+    0xe671ed84d96579a7ULL, 0xa4bb3417d66f3832ULL,
+    0x4572ab38d56d2de8ULL, 0xb1b47761ea47215cULL,
+    0xe81c09cf70aba15dULL, 0xffbdb872ce7f90acULL,
+    0xa8782297fd5dc857ULL, 0x0d946f6b6a4ce4a4ULL,
+    0xe4df1f4f5b995138ULL, 0x9ebc71edca8c5762ULL,
+    0x0a2c1dc0b02b88d9ULL, 0x3b503c115d9d7b91ULL,
+    0xc64376a8111ec3a2ULL, 0xcec199a323c963e4ULL,
+    0xdc76a87ec58616f7ULL, 0x09d596e073a9b487ULL,
+    0x14583a9d7d560dafULL, 0xf4c6dc593f2a0cb4ULL,
+    0xdd21d19584f80236ULL, 0x4a4836983ddde1d3ULL,
+    0xe58866a41ae745f9ULL, 0xf591a5b27e541875ULL,
+    0x891dc05074586693ULL, 0x5b068c651810a89eULL,
+    0xa30346bc0c08544fULL, 0x3dbf3751c684032dULL,
+    0x2a1e86ec785032dcULL, 0xf73f5779fca830eaULL,
+    0xb60c05ca30204d21ULL, 0x0cc316802b32f065ULL,
+    0x8770241bdd96be69ULL, 0xb861e18199ee95dbULL,
+    0xf805cad91418fcd1ULL, 0x29e70dccbbd20e82ULL,
+    0xc7140f435060d763ULL, 0x0f3a9da0e8b0cc3bULL,
+    0xa2543f574d76408eULL, 0xbd7761e1c175d139ULL,
+    0x4b1f4f737ca3f512ULL, 0x6dc2df1f2fc137abULL,
+    0xf1d05c3967b14856ULL, 0xa742bf3715ed046cULL,
+    0x654030141d1697edULL, 0x07b872abda676c7dULL,
+    0x3ce84eba87fa17ecULL, 0xc1fb0403cb79afdfULL,
+    0x3e46bc7105063f73ULL, 0x278ae987121cd678ULL,
+    0xa1adb4778ef47cd0ULL, 0x26dd906c5362c2b9ULL,
+    0x05168060589b44e2ULL, 0xfbfc41f9d79ac08fULL,
+    0x0e6de44ba9ced8faULL, 0x9feb08068bf243a3ULL,
+    0x7b341749d06b129bULL, 0x229c69e74a87929aULL,
+    0xe09ee6c4427c011bULL, 0x5692e30e725c4c3aULL,
+    0xda99a33e5e9f6e4bULL, 0x353dd85af453a36bULL,
+    0x25241b4c90e0fee7ULL, 0x5de987258309d022ULL,
+    0xe230140fc0802984ULL, 0x93281e86a0c0b3c6ULL,
+    0xf229d719a4337408ULL, 0x6f6c2dd4ad3d1f34ULL,
+    0x8ea5b2fbae3f0aeeULL, 0x8331dd90c473ee4aULL,
+    0x346aa1b1b52db7aaULL, 0xdf8f235e06042aa9ULL,
+    0xcc6f6b68a1354b7bULL, 0x6c95a6f46ebf236aULL,
+    0x52d31a856bb91c19ULL, 0x1a35ded6d498d555ULL,
+    0xf37eaef2e54d60c9ULL, 0x72e181a9a3c2a61cULL,
+    0x98537aad51952fdeULL, 0x16f6c856ffaa2530ULL,
+    0xd960281e9d1d5215ULL, 0x3a0745fa1ce36f50ULL,
+    0x0b7b642bf1559c18ULL, 0x59a87eae9aec8001ULL,
+    0x5e100c05408bec7cULL, 0x0441f98b19e55023ULL,
+    0xd70dcc5534d38aefULL, 0x927f676de1bea707ULL,
+    0x9769e70db925e3e5ULL, 0x7a636ea29115065aULL,
+    0x468b201816ef11b6ULL, 0xab81a9b73edff409ULL,
+    0xc0ac7de88a07bb1eULL, 0x1f235eb68c0391b7ULL,
+    0x6056b074458dd30fULL, 0xbe8eeac102f7ed67ULL,
+    0xcd381283e04b5fbaULL, 0x5cbefecec277c4e3ULL,
+    0xd21b4c356c48ce0dULL, 0x1019c31664b35d8cULL,
+    0x247362a7d19eea26ULL, 0xebe582efb3299d03ULL,
+    0x02aef2cb82fc289fULL, 0x86275df09ce8aaa8ULL,
+    0x28b07427faac1a43ULL, 0x38a9b7319e1f47cfULL,
+    0xc82e92e3b8d01b58ULL, 0x06ef0b409b1978bcULL,
+    0x62f842bfc771fb90ULL, 0x9904034610eb3b1fULL,
+    0xded85ab5477a3e68ULL, 0x90d195a663428f98ULL,
+    0x5384636e2ac708d8ULL, 0xcbd719c37b522706ULL,
+    0xae9729d76644b0ebULL, 0x7c8c65e20a0c7ee6ULL,
+    0x80c856b007f1d214ULL, 0x8c0b40302cc32271ULL,
+    0xdbcedad51fe17a8aULL, 0x740e8ae938dbdea0ULL,
+    0xa615c6dc549310adULL, 0x19cc55f6171ae90bULL,
+    0x49b1bdb8fe5fdd8dULL, 0xed0a89af2830e5bfULL,
+    0x6a7aadb4f5a65bd6ULL, 0x7e22972988f05679ULL,
+    0xf952b3325566e810ULL, 0x39fecedadf61530eULL,
+    0x6101c99f04f3c7ceULL, 0x2e5f7f6761b562ffULL,
+    0xf08725d226cf5c97ULL, 0x63af3b54860fef51ULL,
+    0x8ff2cb10ef411e2fULL, 0x884ab9bb35267252ULL,
+    0x4df04433e7ba8daeULL, 0x9afd8866d3690741ULL,
+    0x66b9bb34de94abb3ULL, 0x9baaf18d92171380ULL,
+    0x543c11c5f0a064a5ULL, 0x17a1b1bdbed431f1ULL,
+    0xb5f58eeaf3a2717fULL, 0xc355f6c849858740ULL,
+    0xec5df044694ef17eULL, 0xd83751f5dc6346d4ULL,
+    0xfc4433520dfdacf2ULL, 0x0000000000000000ULL,
+    0x5a51f58e596ebc5fULL, 0x3285aaf12e34cf16ULL,
+    0x8d5c39db6dbd36b0ULL, 0x12b731dde64f7513ULL,
+    0x94906c2d7aa7dfbbULL, 0x302b583aacc8e789ULL,
+    0x9d45facd090e6b3cULL, 0x2165e2c78905aec4ULL,
+    0x68d45f7f775a7349ULL, 0x189b2c1d5664fdcaULL,
+    0xe1c99f2f030215daULL, 0x6983269436246788ULL,
+    0x8489af3b1e148237ULL, 0xe94b702431d5b59cULL,
+    0x33d2d31a6f4adbd7ULL, 0xbfd9932a4389f9a6ULL,
+    0xb0e30e8aab39359dULL, 0xd1e2c715afcaf253ULL,
+    0x150f43763c28196eULL, 0xc4ed846393e2eb3dULL,
+    0x03f98b20c3823c5eULL, 0xfd134ab94c83b833ULL,
+    0x556b682eb1de7064ULL, 0x36c4537a37d19f35ULL,
+    0x7559f30279a5ca61ULL, 0x799ae58252973a04ULL,
+    0x9c12832648707ffdULL, 0x78cd9c6913e92ec5ULL,
+    0x1d8dac7d0effb928ULL, 0x439da0784e745554ULL,
+    0x413352b3cc887dcbULL, 0xbacf134a1b12bd44ULL,
+    0x114ebafd25cd494dULL, 0x2f08068c20cb763eULL,
+    0x76a07822ba27f63fULL, 0xeab2fb04f25789c2ULL,
+    0xe3676de481fe3d45ULL, 0x1b62a73d95e6c194ULL,
+    0x641749ff5c68832cULL, 0xa5ec4dfc97112cf3ULL,
+    0xf6682e92bdd6242bULL, 0x3f11c59a44782bb2ULL,
+    0x317c21d1edb6f348ULL, 0xd65ab5be75ad9e2eULL,
+    0x6b2dd45fb4d84f17ULL, 0xfaab381296e4d44eULL,
+    0xd0b5befeeeb4e692ULL, 0x0882ef0b32d7a046ULL,
+    0x512a91a5a83b2047ULL, 0x963e9ee6f85bf724ULL,
+    0x4e09cf132438b1f0ULL, 0x77f701c9fb59e2feULL,
+    0x7ddb1c094b726a27ULL, 0x5f4775ee01f5f8bdULL,
+    0x9186ec4d223c9b59ULL, 0xfeeac1998f01846dULL,
+    0xac39db1ce4b89874ULL, 0xb75b7c21715e59e0ULL,
+    0xafc0503c273aa42aULL, 0x6e3b543fec430bf5ULL,
+    0x704f7362213e8e83ULL, 0x58ff0745db9294c0ULL,
+    0x67eec2df9feabf72ULL, 0xa0facd9ccf8a6811ULL,
+    0xb936986ad890811aULL, 0x95c715c63bd9cb7aULL,
+    0xca8060283a2c33c7ULL, 0x507de84ee9453486ULL,
+    0x85ded6d05f6a96f6ULL, 0x1cdad5964f81ade9ULL,
+    0xd5a33e9eb62fa270ULL, 0x40642b588df6690aULL,
+    0x7f75eec2c98e42b8ULL, 0x2cf18dace3494a60ULL,
+    0x23cb100c0bf9865bULL, 0xeef3028febb2d9e1ULL,
+    0x4425d2d394133929ULL, 0xaad6d05c7fa1e0c8ULL,
+    0xad6ea2f7a5c68cb5ULL, 0xc2028f2308fb9381ULL,
+    0x819f2f5b468fc6d5ULL, 0xc5bafd88d29cfffcULL,
+    0x47dc59f357910577ULL, 0x2b49ff07392e261dULL,
+    0x57c59ae5332258fbULL, 0x73b6f842e2bcb2ddULL,
+    0xcf96e04862b77725ULL, 0x4ca73dd8a6c4996fULL,
+    0x015779eb417e14c1ULL, 0x37932a9176af8bf4ULL },
+  /* 4 */
+  { 0x190a2c9b249df23eULL, 0x2f62f8b62263e1e9ULL,
+    0x7a7f754740993655ULL, 0x330b7ba4d5564d9fULL,
+    0x4c17a16a46672582ULL, 0xb22f08eb7d05f5b8ULL,
+    0x535f47f40bc148ccULL, 0x3aec5d27d4883037ULL,
+    0x10ed0a1825438f96ULL, 0x516101f72c233d17ULL,
+    0x13cc6f949fd04eaeULL, 0x739853c441474bfdULL,
+    0x653793d90d3f5b1bULL, 0x5240647b96b0fc2fULL,
+    0x0c84890ad27623e0ULL, 0xd7189b32703aaea3ULL,
+    0x2685de3523bd9c41ULL, 0x99317c5b11bffefaULL,
+    0x0d9baa854f079703ULL, 0x70b93648fbd48ac5ULL,
+    0xa80441fce30bc6beULL, 0x7287704bdc36ff1eULL,
+    0xb65384ed33dc1f13ULL, 0xd36417343ee34408ULL,
+    0x39cd38ab6e1bf10fULL, 0x5ab861770a1f3564ULL,
+    0x0ebacf09f594563bULL, 0xd04572b884708530ULL,
+    0x3cae9722bdb3af47ULL, 0x4a556b6f2f5cbaf2ULL,
+    0xe1704f1f76c4bd74ULL, 0x5ec4ed7144c6dfcfULL,
+    0x16afc01d4c7810e6ULL, 0x283f113cd629ca7aULL,
+    0xaf59a8761741ed2dULL, 0xeed5a3991e215facULL,
+    0x3bf37ea849f984d4ULL, 0xe413e096a56ce33cULL,
+    0x2c439d3a98f020d1ULL, 0x637559dc6404c46bULL,
+    0x9e6c95d1e5f5d569ULL, 0x24bb9836045fe99aULL,
+    0x44efa466dac8ecc9ULL, 0xc6eab2a5c80895d6ULL,
+    0x803b50c035220cc4ULL, 0x0321658cba93c138ULL,
+    0x8f9ebc465dc7ee1cULL, 0xd15a5137190131d3ULL,
+    0x0fa5ec8668e5e2d8ULL, 0x91c979578d1037b1ULL,
+    0x0642ca05693b9f70ULL, 0xefca80168350eb4fULL,
+    0x38d21b24f36a45ecULL, 0xbeab81e1af73d658ULL,
+    0x8cbfd9cae7542f24ULL, 0xfd19cc0d81f11102ULL,
+    0x0ac6430fbb4dbc90ULL, 0x1d76a09d6a441895ULL,
+    0x2a01573ff1cbbfa1ULL, 0xb572e161894fde2bULL,
+    0x8124734fa853b827ULL, 0x614b1fdf43e6b1b0ULL,
+    0x68ac395c4238cc18ULL, 0x21d837bfd7f7b7d2ULL,
+    0x20c714304a860331ULL, 0x5cfaab726324aa14ULL,
+    0x74c5ba4eb50d606eULL, 0xf3a3030474654739ULL,
+    0x23e671bcf015c209ULL, 0x45f087e947b9582aULL,
+    0xd8bd77b418df4c7bULL, 0xe06f6c90ebb50997ULL,
+    0x0bd96080263c0873ULL, 0x7e03f9410e40dcfeULL,
+    0xb8e94be4c6484928ULL, 0xfb5b0608e8ca8e72ULL,
+    0x1a2b49179e0e3306ULL, 0x4e29e76961855059ULL,
+    0x4f36c4e6fcf4e4baULL, 0x49740ee395cf7bcaULL,
+    0xc2963ea386d17f7dULL, 0x90d65ad810618352ULL,
+    0x12d34c1b02a1fa4dULL, 0xfa44258775bb3a91ULL,
+    0x18150f14b9ec46ddULL, 0x1491861e6b9a653dULL,
+    0x9a1019d7ab2c3fc2ULL, 0x3668d42d06fe13d7ULL,
+    0xdcc1fbb25606a6d0ULL, 0x969490dd795a1c22ULL,
+    0x3549b1a1bc6dd2efULL, 0xc94f5e23a0ed770eULL,
+    0xb9f6686b5b39fdcbULL, 0xc4d4f4a6efeae00dULL,
+    0xe732851a1fff2204ULL, 0x94aad6de5eb869f9ULL,
+    0x3f8ff2ae07206e7fULL, 0xfe38a9813b62d03aULL,
+    0xa7a1ad7a8bee2466ULL, 0x7b6056c8dde882b6ULL,
+    0x302a1e286fc58ca7ULL, 0x8da0fa457a259bc7ULL,
+    0xb3302b64e074415bULL, 0x5402ae7eff8b635fULL,
+    0x08f8050c9cafc94bULL, 0xae468bf98a3059ceULL,
+    0x88c355cca98dc58fULL, 0xb10e6d67c7963480ULL,
+    0xbad70de7e1aa3cf3ULL, 0xbfb4a26e320262bbULL,
+    0xcb711820870f02d5ULL, 0xce12b7a954a75c9dULL,
+    0x563ce87dd8691684ULL, 0x9f73b65e7884618aULL,
+    0x2b1e74b06cba0b42ULL, 0x47cec1ea605b2df1ULL,
+    0x1c698312f735ac76ULL, 0x5fdbcefed9b76b2cULL,
+    0x831a354c8fb1cdfcULL, 0x820516c312c0791fULL,
+    0xb74ca762aeadabf0ULL, 0xfc06ef821c80a5e1ULL,
+    0x5723cbf24518a267ULL, 0x9d4df05d5f661451ULL,
+    0x588627742dfd40bfULL, 0xda8331b73f3d39a0ULL,
+    0x17b0e392d109a405ULL, 0xf965400bcf28fba9ULL,
+    0x7c3dbf4229a2a925ULL, 0x023e460327e275dbULL,
+    0x6cd0b55a0ce126b3ULL, 0xe62da695828e96e7ULL,
+    0x42ad6e63b3f373b9ULL, 0xe50cc319381d57dfULL,
+    0xc5cbd729729b54eeULL, 0x46d1e265fd2a9912ULL,
+    0x6428b056904eeff8ULL, 0x8be23040131e04b7ULL,
+    0x6709d5da2add2ec0ULL, 0x075de98af44a2b93ULL,
+    0x8447dcc67bfbe66fULL, 0x6616f655b7ac9a23ULL,
+    0xd607b8bded4b1a40ULL, 0x0563af89d3a85e48ULL,
+    0x3db1b4ad20c21ba4ULL, 0x11f22997b8323b75ULL,
+    0x292032b34b587e99ULL, 0x7f1cdace9331681dULL,
+    0x8e819fc9c0b65affULL, 0xa1e3677fe2d5bb16ULL,
+    0xcd33d225ee349da5ULL, 0xd9a2543b85aef898ULL,
+    0x795e10cbfa0af76dULL, 0x25a4bbb9992e5d79ULL,
+    0x78413344677b438eULL, 0xf0826688cef68601ULL,
+    0xd27b34bba392f0ebULL, 0x551d8df162fad7bcULL,
+    0x1e57c511d0d7d9adULL, 0xdeffbdb171e4d30bULL,
+    0xf4feea8e802f6caaULL, 0xa480c8f6317de55eULL,
+    0xa0fc44f07fa40ff5ULL, 0x95b5f551c3c9dd1aULL,
+    0x22f952336d6476eaULL, 0x0000000000000000ULL,
+    0xa6be8ef5169f9085ULL, 0xcc2cf1aa73452946ULL,
+    0x2e7ddb39bf12550aULL, 0xd526dd3157d8db78ULL,
+    0x486b2d6c08becf29ULL, 0x9b0f3a58365d8b21ULL,
+    0xac78cdfaadd22c15ULL, 0xbc95c7e28891a383ULL,
+    0x6a927f5f65dab9c3ULL, 0xc3891d2c1ba0cb9eULL,
+    0xeaa92f9f50f8b507ULL, 0xcf0d9426c9d6e87eULL,
+    0xca6e3baf1a7eb636ULL, 0xab25247059980786ULL,
+    0x69b31ad3df4978fbULL, 0xe2512a93cc577c4cULL,
+    0xff278a0ea61364d9ULL, 0x71a615c766a53e26ULL,
+    0x89dc764334fc716cULL, 0xf87a638452594f4aULL,
+    0xf2bc208be914f3daULL, 0x8766b94ac1682757ULL,
+    0xbbc82e687cdb8810ULL, 0x626a7a53f9757088ULL,
+    0xa2c202f358467a2eULL, 0x4d0882e5db169161ULL,
+    0x09e7268301de7da8ULL, 0xe897699c771ac0dcULL,
+    0xc8507dac3d9cc3edULL, 0xc0a878a0a1330aa6ULL,
+    0x978bb352e42ba8c1ULL, 0xe9884a13ea6b743fULL,
+    0x279afdbabecc28a2ULL, 0x047c8c064ed9eaabULL,
+    0x507e2278b15289f4ULL, 0x599904fbb08cf45cULL,
+    0xbd8ae46d15e01760ULL, 0x31353da7f2b43844ULL,
+    0x8558ff49e68a528cULL, 0x76fbfc4d92ef15b5ULL,
+    0x3456922e211c660cULL, 0x86799ac55c1993b4ULL,
+    0x3e90d1219a51da9cULL, 0x2d5cbeb505819432ULL,
+    0x982e5fd48cce4a19ULL, 0xdb9c1238a24c8d43ULL,
+    0xd439febecaa96f9bULL, 0x418c0bef0960b281ULL,
+    0x158ea591f6ebd1deULL, 0x1f48e69e4da66d4eULL,
+    0x8afd13cf8e6fb054ULL, 0xf5e1c9011d5ed849ULL,
+    0xe34e091c5126c8afULL, 0xad67ee7530a398f6ULL,
+    0x43b24dec2e82c75aULL, 0x75da99c1287cd48dULL,
+    0x92e81cdb3783f689ULL, 0xa3dd217cc537cecdULL,
+    0x60543c50de970553ULL, 0x93f73f54aaf2426aULL,
+    0xa91b62737e7a725dULL, 0xf19d4507538732e2ULL,
+    0x77e4dfc20f9ea156ULL, 0x7d229ccdb4d31dc6ULL,
+    0x1b346a98037f87e5ULL, 0xedf4c615a4b29e94ULL,
+    0x4093286094110662ULL, 0xb0114ee85ae78063ULL,
+    0x6ff1d0d6b672e78bULL, 0x6dcf96d591909250ULL,
+    0xdfe09e3eec9567e8ULL, 0x3214582b4827f97cULL,
+    0xb46dc2ee143e6ac8ULL, 0xf6c0ac8da7cd1971ULL,
+    0xebb60c10cd8901e4ULL, 0xf7df8f023abcad92ULL,
+    0x9c52d3d2c217a0b2ULL, 0x6b8d5cd0f8ab0d20ULL,
+    0x3777f7a29b8fa734ULL, 0x011f238f9d71b4e3ULL,
+    0xc1b75b2f3c42be45ULL, 0x5de588fdfe551ef7ULL,
+    0x6eeef3592b035368ULL, 0xaa3a07ffc4e9b365ULL,
+    0xecebe59a39c32a77ULL, 0x5ba742f8976e8187ULL,
+    0x4b4a48e0b22d0e11ULL, 0xddded83dcb771233ULL,
+    0xa59feb79ac0c51bdULL, 0xc7f5912a55792135ULL },
+  /* 5 */
+  { 0x6d6ae04668a9b08aULL, 0x3ab3f04b0be8c743ULL,
+    0xe51e166b54b3c908ULL, 0xbe90a9eb35c2f139ULL,
+    0xb2c7066637f2bec1ULL, 0xaa6945613392202cULL,
+    0x9a28c36f3b5201ebULL, 0xddce5a93ab536994ULL,
+    0x0e34133ef6382827ULL, 0x52a02ba1ec55048bULL,
+    0xa2f88f97c4b2a177ULL, 0x8640e513ca2251a5ULL,
+    0xcdf1d36258137622ULL, 0xfe6cb708dedf8ddbULL,
+    0x8a174a9ec8121e5dULL, 0x679896036b81560eULL,
+    0x59ed033395795feeULL, 0x1dd778ab8b74edafULL,
+    0xee533ef92d9f926dULL, 0x2a8c79baf8a8d8f5ULL,
+    0x6bcf398e69b119f6ULL, 0xe20491742fafdd95ULL,
+    0x276488e0809c2aecULL, 0xea955b82d88f5cceULL,
+    0x7102c63a99d9e0c4ULL, 0xf9763017a5c39946ULL,
+    0x429fa2501f151b3dULL, 0x4659c72bea05d59eULL,
+    0x984b7fdccf5a6634ULL, 0xf742232953fbb161ULL,
+    0x3041860e08c021c7ULL, 0x747bfd9616cd9386ULL,
+    0x4bb1367192312787ULL, 0x1b72a1638a6c44d3ULL,
+    0x4a0e68a6e8359a66ULL, 0x169a5039f258b6caULL,
+    0xb98a2ef44edee5a4ULL, 0xd9083fe85e43a737ULL,
+    0x967f6ce239624e13ULL, 0x8874f62d3c1a7982ULL,
+    0x3c1629830af06e3fULL, 0x9165ebfd427e5a8eULL,
+    0xb5dd81794ceeaa5cULL, 0x0de8f15a7834f219ULL,
+    0x70bd98ede3dd5d25ULL, 0xaccc9ca9328a8950ULL,
+    0x56664eda1945ca28ULL, 0x221db34c0f8859aeULL,
+    0x26dbd637fa98970dULL, 0x1acdffb4f068f932ULL,
+    0x4585254f64090fa0ULL, 0x72de245e17d53afaULL,
+    0x1546b25d7c546cf4ULL, 0x207e0ffffb803e71ULL,
+    0xfaaad2732bcf4378ULL, 0xb462dfae36ea17bdULL,
+    0xcf926fd1ac1b11fdULL, 0xe0672dc7dba7ba4aULL,
+    0xd3fa49ad5d6b41b3ULL, 0x8ba81449b216a3bcULL,
+    0x14f9ec8a0650d115ULL, 0x40fc1ee3eb1d7ce2ULL,
+    0x23a2ed9b758ce44fULL, 0x782c521b14fddc7eULL,
+    0x1c68267cf170504eULL, 0xbcf31558c1ca96e6ULL,
+    0xa781b43b4ba6d235ULL, 0xf6fd7dfe29ff0c80ULL,
+    0xb0a4bad5c3fad91eULL, 0xd199f51ea963266cULL,
+    0x414340349119c103ULL, 0x5405f269ed4dadf7ULL,
+    0xabd61bb649969dcdULL, 0x6813dbeae7bdc3c8ULL,
+    0x65fb2ab09f8931d1ULL, 0xf1e7fae152e3181dULL,
+    0xc1a67cef5a2339daULL, 0x7a4feea8e0f5bba1ULL,
+    0x1e0b9acf05783791ULL, 0x5b8ebf8061713831ULL,
+    0x80e53cdbcb3af8d9ULL, 0x7e898bd315e57502ULL,
+    0xc6bcfbf0213f2d47ULL, 0x95a38e86b76e942dULL,
+    0x092e94218d243cbaULL, 0x8339debf453622e7ULL,
+    0xb11be402b9fe64ffULL, 0x57d9100d634177c9ULL,
+    0xcc4e8db52217cbc3ULL, 0x3b0cae9c71ec7aa2ULL,
+    0xfb158ca451cbfe99ULL, 0x2b33276d82ac6514ULL,
+    0x01bf5ed77a04bde1ULL, 0xc5601994af33f779ULL,
+    0x75c4a3416cc92e67ULL, 0xf3844652a6eb7fc2ULL,
+    0x3487e375fdd0ef64ULL, 0x18ae430704609eedULL,
+    0x4d14efb993298efbULL, 0x815a620cb13e4538ULL,
+    0x125c354207487869ULL, 0x9eeea614ce42cf48ULL,
+    0xce2d3106d61fac1cULL, 0xbbe99247bad6827bULL,
+    0x071a871f7b1c149dULL, 0x2e4a1cc10db81656ULL,
+    0x77a71ff298c149b8ULL, 0x06a5d9c80118a97cULL,
+    0xad73c27e488e34b1ULL, 0x443a7b981e0db241ULL,
+    0xe3bbcfa355ab6074ULL, 0x0af276450328e684ULL,
+    0x73617a896dd1871bULL, 0x58525de4ef7de20fULL,
+    0xb7be3dcab8e6cd83ULL, 0x19111dd07e64230cULL,
+    0x842359a03e2a367aULL, 0x103f89f1f3401fb6ULL,
+    0xdc710444d157d475ULL, 0xb835702334da5845ULL,
+    0x4320fc876511a6dcULL, 0xd026abc9d3679b8dULL,
+    0x17250eee885c0b2bULL, 0x90dab52a387ae76fULL,
+    0x31fed8d972c49c26ULL, 0x89cba8fa461ec463ULL,
+    0x2ff5421677bcabb7ULL, 0x396f122f85e41d7dULL,
+    0xa09b332430bac6a8ULL, 0xc888e8ced7070560ULL,
+    0xaeaf201ac682ee8fULL, 0x1180d7268944a257ULL,
+    0xf058a43628e7a5fcULL, 0xbd4c4b8fbbce2b07ULL,
+    0xa1246df34abe7b49ULL, 0x7d5569b79be9af3cULL,
+    0xa9b5a705bd9efa12ULL, 0xdb6b835baa4bc0e8ULL,
+    0x05793bac8f147342ULL, 0x21c1512881848390ULL,
+    0xfdb0556c50d357e5ULL, 0x613d4fcb6a99ff72ULL,
+    0x03dce2648e0cda3eULL, 0xe949b9e6568386f0ULL,
+    0xfc0f0bbb2ad7ea04ULL, 0x6a70675913b5a417ULL,
+    0x7f36d5046fe1c8e3ULL, 0x0c57af8d02304ff8ULL,
+    0x32223abdfcc84618ULL, 0x0891caf6f720815bULL,
+    0xa63eeaec31a26fd4ULL, 0x2507345374944d33ULL,
+    0x49d28ac266394058ULL, 0xf5219f9aa7f3d6beULL,
+    0x2d96fea583b4cc68ULL, 0x5a31e1571b7585d0ULL,
+    0x8ed12fe53d02d0feULL, 0xdfade6205f5b0e4bULL,
+    0x4cabb16ee92d331aULL, 0x04c6657bf510cea3ULL,
+    0xd73c2cd6a87b8f10ULL, 0xe1d87310a1a307abULL,
+    0x6cd5be9112ad0d6bULL, 0x97c032354366f3f2ULL,
+    0xd4e0ceb22677552eULL, 0x0000000000000000ULL,
+    0x29509bde76a402cbULL, 0xc27a9e8bd42fe3e4ULL,
+    0x5ef7842cee654b73ULL, 0xaf107ecdbc86536eULL,
+    0x3fcacbe784fcb401ULL, 0xd55f90655c73e8cfULL,
+    0xe6c2f40fdabf1336ULL, 0xe8f6e7312c873b11ULL,
+    0xeb2a0555a28be12fULL, 0xe4a148bc2eb774e9ULL,
+    0x9b979db84156bc0aULL, 0x6eb60222e6a56ab4ULL,
+    0x87ffbbc4b026ec44ULL, 0xc703a5275b3b90a6ULL,
+    0x47e699fc9001687fULL, 0x9c8d1aa73a4aa897ULL,
+    0x7cea3760e1ed12ddULL, 0x4ec80ddd1d2554c5ULL,
+    0x13e36b957d4cc588ULL, 0x5d2b66486069914dULL,
+    0x92b90999cc7280b0ULL, 0x517cc9c56259deb5ULL,
+    0xc937b619ad03b881ULL, 0xec30824ad997f5b2ULL,
+    0xa45d565fc5aa080bULL, 0xd6837201d27f32f1ULL,
+    0x635ef3789e9198adULL, 0x531f75769651b96aULL,
+    0x4f77530a6721e924ULL, 0x486dd4151c3dfdb9ULL,
+    0x5f48dafb9461f692ULL, 0x375b011173dc355aULL,
+    0x3da9775470f4d3deULL, 0x8d0dcd81b30e0ac0ULL,
+    0x36e45fc609d888bbULL, 0x55baacbe97491016ULL,
+    0x8cb29356c90ab721ULL, 0x76184125e2c5f459ULL,
+    0x99f4210bb55edbd5ULL, 0x6f095cf59ca1d755ULL,
+    0x9f51f8c3b44672a9ULL, 0x3538bda287d45285ULL,
+    0x50c39712185d6354ULL, 0xf23b1885dcefc223ULL,
+    0x79930ccc6ef9619fULL, 0xed8fdc9da3934853ULL,
+    0xcb540aaa590bdf5eULL, 0x5c94389f1a6d2cacULL,
+    0xe77daad8a0bbaed7ULL, 0x28efc5090ca0bf2aULL,
+    0xbf2ff73c4fc64cd8ULL, 0xb37858b14df60320ULL,
+    0xf8c96ec0dfc724a7ULL, 0x828680683f329f06ULL,
+    0x941cd051cd6a29ccULL, 0xc3c5c05cae2b5e05ULL,
+    0xb601631dc2e27062ULL, 0xc01922382027843bULL,
+    0x24b86a840e90f0d2ULL, 0xd245177a276ffc52ULL,
+    0x0f8b4de98c3c95c6ULL, 0x3e759530fef809e0ULL,
+    0x0b4d2892792c5b65ULL, 0xc4df4743d5374a98ULL,
+    0xa5e20888bfaeb5eaULL, 0xba56cc90c0d23f9aULL,
+    0x38d04cf8ffe0a09cULL, 0x62e1adafe495254cULL,
+    0x0263bcb3f40867dfULL, 0xcaeb547d230f62bfULL,
+    0x6082111c109d4293ULL, 0xdad4dd8cd04f7d09ULL,
+    0xefec602e579b2f8cULL, 0x1fb4c4187f7c8a70ULL,
+    0xffd3e9dfa4db303aULL, 0x7bf0b07f9af10640ULL,
+    0xf49ec14dddf76b5fULL, 0x8f6e713247066d1fULL,
+    0x339d646a86ccfbf9ULL, 0x64447467e58d8c30ULL,
+    0x2c29a072f9b07189ULL, 0xd8b7613f24471ad6ULL,
+    0x6627c8d41185ebefULL, 0xa347d140beb61c96ULL,
+    0xde12b8f7255fb3aaULL, 0x9d324470404e1576ULL,
+    0x9306574eb6763d51ULL, 0xa80af9d2c79a47f3ULL,
+    0x859c0777442e8b9bULL, 0x69ac853d9db97e29ULL },
+  /* 6 */
+  { 0xc3407dfc2de6377eULL, 0x5b9e93eea4256f77ULL,
+    0xadb58fdd50c845e0ULL, 0x5219ff11a75bed86ULL,
+    0x356b61cfd90b1de9ULL, 0xfb8f406e25abe037ULL,
+    0x7a5a0231c0f60796ULL, 0x9d3cd216e1f5020bULL,
+    0x0c6550fb6b48d8f3ULL, 0xf57508c427ff1c62ULL,
+    0x4ad35ffa71cb407dULL, 0x6290a2da1666aa6dULL,
+    0xe284ec2349355f9fULL, 0xb3c307c53d7c84ecULL,
+    0x05e23c0468365a02ULL, 0x190bac4d6c9ebfa8ULL,
+    0x94bbbee9e28b80faULL, 0xa34fc777529cb9b5ULL,
+    0xcc7b39f095bcd978ULL, 0x2426addb0ce532e3ULL,
+    0x7e79329312ce4fc7ULL, 0xab09a72eebec2917ULL,
+    0xf8d15499f6b9d6c2ULL, 0x1a55b8babf8c895dULL,
+    0xdb8add17fb769a85ULL, 0xb57f2f368658e81bULL,
+    0x8acd36f18f3f41f6ULL, 0x5ce3b7bba50f11d3ULL,
+    0x114dcc14d5ee2f0aULL, 0xb91a7fcded1030e8ULL,
+    0x81d5425fe55de7a1ULL, 0xb6213bc1554adeeeULL,
+    0x80144ef95f53f5f2ULL, 0x1e7688186db4c10cULL,
+    0x3b912965db5fe1bcULL, 0xc281715a97e8252dULL,
+    0x54a5d7e21c7f8171ULL, 0x4b12535ccbc5522eULL,
+    0x1d289cefbea6f7f9ULL, 0x6ef5f2217d2e729eULL,
+    0xe6a7dc819b0d17ceULL, 0x1b94b41c05829b0eULL,
+    0x33d7493c622f711eULL, 0xdcf7f942fa5ce421ULL,
+    0x600fba8b7f7a8ecbULL, 0x46b60f011a83988eULL,
+    0x235b898e0dcf4c47ULL, 0x957ab24f588592a9ULL,
+    0x4354330572b5c28cULL, 0xa5f3ef84e9b8d542ULL,
+    0x8c711e02341b2d01ULL, 0x0b1874ae6a62a657ULL,
+    0x1213d8e306fc19ffULL, 0xfe6d7c6a4d9dba35ULL,
+    0x65ed868f174cd4c9ULL, 0x88522ea0e6236550ULL,
+    0x899322065c2d7703ULL, 0xc01e690bfef4018bULL,
+    0x915982ed8abddaf8ULL, 0xbe675b98ec3a4e4cULL,
+    0xa996bf7f82f00db1ULL, 0xe1daf8d49a27696aULL,
+    0x2effd5d3dc8986e7ULL, 0xd153a51f2b1a2e81ULL,
+    0x18caa0ebd690adfbULL, 0x390e3134b243c51aULL,
+    0x2778b92cdff70416ULL, 0x029f1851691c24a6ULL,
+    0x5e7cafeacc133575ULL, 0xfa4e4cc89fa5f264ULL,
+    0x5a5f9f481e2b7d24ULL, 0x484c47ab18d764dbULL,
+    0x400a27f2a1a7f479ULL, 0xaeeb9b2a83da7315ULL,
+    0x721c626879869734ULL, 0x042330a2d2384851ULL,
+    0x85f672fd3765aff0ULL, 0xba446b3a3e02061dULL,
+    0x73dd6ecec3888567ULL, 0xffac70ccf793a866ULL,
+    0xdfa9edb5294ed2d4ULL, 0x6c6aea7014325638ULL,
+    0x834a5a0e8c41c307ULL, 0xcdba35562fb2cb2bULL,
+    0x0ad97808d06cb404ULL, 0x0f3b440cb85aee06ULL,
+    0xe5f9c876481f213bULL, 0x98deee1289c35809ULL,
+    0x59018bbfcd394bd1ULL, 0xe01bf47220297b39ULL,
+    0xde68e1139340c087ULL, 0x9fa3ca4788e926adULL,
+    0xbb85679c840c144eULL, 0x53d8f3b71d55ffd5ULL,
+    0x0da45c5dd146caa0ULL, 0x6f34fe87c72060cdULL,
+    0x57fbc315cf6db784ULL, 0xcee421a1fca0fddeULL,
+    0x3d2d0196607b8d4bULL, 0x642c8a29ad42c69aULL,
+    0x14aff010bdd87508ULL, 0xac74837beac657b3ULL,
+    0x3216459ad821634dULL, 0x3fb219c70967a9edULL,
+    0x06bc28f3bb246cf7ULL, 0xf2082c9126d562c6ULL,
+    0x66b39278c45ee23cULL, 0xbd394f6f3f2878b9ULL,
+    0xfd33689d9e8f8cc0ULL, 0x37f4799eb017394fULL,
+    0x108cc0b26fe03d59ULL, 0xda4bd1b1417888d6ULL,
+    0xb09d1332ee6eb219ULL, 0x2f3ed975668794b4ULL,
+    0x58c0871977375982ULL, 0x7561463d78ace990ULL,
+    0x09876cff037e82f1ULL, 0x7fb83e35a8c05d94ULL,
+    0x26b9b58a65f91645ULL, 0xef20b07e9873953fULL,
+    0x3148516d0b3355b8ULL, 0x41cb2b541ba9e62aULL,
+    0x790416c613e43163ULL, 0xa011d380818e8f40ULL,
+    0x3a5025c36151f3efULL, 0xd57095bdf92266d0ULL,
+    0x498d4b0da2d97688ULL, 0x8b0c3a57353153a5ULL,
+    0x21c491df64d368e1ULL, 0x8f2f0af5e7091bf4ULL,
+    0x2da1c1240f9bb012ULL, 0xc43d59a92ccc49daULL,
+    0xbfa6573e56345c1fULL, 0x828b56a8364fd154ULL,
+    0x9a41f643e0df7cafULL, 0xbcf843c985266aeaULL,
+    0x2b1de9d7b4bfdce5ULL, 0x20059d79dedd7ab2ULL,
+    0x6dabe6d6ae3c446bULL, 0x45e81bf6c991ae7bULL,
+    0x6351ae7cac68b83eULL, 0xa432e32253b6c711ULL,
+    0xd092a9b991143cd2ULL, 0xcac711032e98b58fULL,
+    0xd8d4c9e02864ac70ULL, 0xc5fc550f96c25b89ULL,
+    0xd7ef8dec903e4276ULL, 0x67729ede7e50f06fULL,
+    0xeac28c7af045cf3dULL, 0xb15c1f945460a04aULL,
+    0x9cfddeb05bfb1058ULL, 0x93c69abce3a1fe5eULL,
+    0xeb0380dc4a4bdd6eULL, 0xd20db1e8f8081874ULL,
+    0x229a8528b7c15e14ULL, 0x44291750739fbc28ULL,
+    0xd3ccbd4e42060a27ULL, 0xf62b1c33f4ed2a97ULL,
+    0x86a8660ae4779905ULL, 0xd62e814a2a305025ULL,
+    0x477703a7a08d8addULL, 0x7b9b0e977af815c5ULL,
+    0x78c51a60a9ea2330ULL, 0xa6adfb733aaae3b7ULL,
+    0x97e5aa1e3199b60fULL, 0x0000000000000000ULL,
+    0xf4b404629df10e31ULL, 0x5564db44a6719322ULL,
+    0x9207961a59afec0dULL, 0x9624a6b88b97a45cULL,
+    0x363575380a192b1cULL, 0x2c60cd82b595a241ULL,
+    0x7d272664c1dc7932ULL, 0x7142769faa94a1c1ULL,
+    0xa1d0df263b809d13ULL, 0x1630e841d4c451aeULL,
+    0xc1df65ad44fa13d8ULL, 0x13d2d445bcf20bacULL,
+    0xd915c546926abe23ULL, 0x38cf3d92084dd749ULL,
+    0xe766d0272103059dULL, 0xc7634d5effde7f2fULL,
+    0x077d2455012a7ea4ULL, 0xedbfa82ff16fb199ULL,
+    0xaf2a978c39d46146ULL, 0x42953fa3c8bbd0dfULL,
+    0xcb061da59496a7dcULL, 0x25e7a17db6eb20b0ULL,
+    0x34aa6d6963050fbaULL, 0xa76cf7d580a4f1e4ULL,
+    0xf7ea10954ee338c4ULL, 0xfcf2643b24819e93ULL,
+    0xcf252d0746aeef8dULL, 0x4ef06f58a3f3082cULL,
+    0x563acfb37563a5d7ULL, 0x5086e740ce47c920ULL,
+    0x2982f186dda3f843ULL, 0x87696aac5e798b56ULL,
+    0x5d22bb1d1f010380ULL, 0x035e14f7d31236f5ULL,
+    0x3cec0d30da759f18ULL, 0xf3c920379cdb7095ULL,
+    0xb8db736b571e22bbULL, 0xdd36f5e44052f672ULL,
+    0xaac8ab8851e23b44ULL, 0xa857b3d938fe1fe2ULL,
+    0x17f1e4e76eca43fdULL, 0xec7ea4894b61a3caULL,
+    0x9e62c6e132e734feULL, 0xd4b1991b432c7483ULL,
+    0x6ad6c283af163acfULL, 0x1ce9904904a8e5aaULL,
+    0x5fbda34c761d2726ULL, 0xf910583f4cb7c491ULL,
+    0xc6a241f845d06d7cULL, 0x4f3163fe19fd1a7fULL,
+    0xe99c988d2357f9c8ULL, 0x8eee06535d0709a7ULL,
+    0x0efa48aa0254fc55ULL, 0xb4be23903c56fa48ULL,
+    0x763f52caabbedf65ULL, 0xeee1bcd8227d876cULL,
+    0xe345e085f33b4dccULL, 0x3e731561b369bbbeULL,
+    0x2843fd2067adea10ULL, 0x2adce5710eb1ceb6ULL,
+    0xb7e03767ef44ccbdULL, 0x8db012a48e153f52ULL,
+    0x61ceb62dc5749c98ULL, 0xe85d942b9959eb9bULL,
+    0x4c6f7709caef2c8aULL, 0x84377e5b8d6bbda3ULL,
+    0x30895dcbb13d47ebULL, 0x74a04a9bc2a2fbc3ULL,
+    0x6b17ce251518289cULL, 0xe438c4d0f2113368ULL,
+    0x1fb784bed7bad35fULL, 0x9b80fae55ad16efcULL,
+    0x77fe5e6c11b0cd36ULL, 0xc858095247849129ULL,
+    0x08466059b97090a2ULL, 0x01c10ca6ba0e1253ULL,
+    0x6988d6747c040c3aULL, 0x6849dad2c60a1e69ULL,
+    0x5147ebe67449db73ULL, 0xc99905f4fd8a837aULL,
+    0x991fe2b433cd4a5aULL, 0xf09734c04fc94660ULL,
+    0xa28ecbd1e892abe6ULL, 0xf1563866f5c75433ULL,
+    0x4dae7baf70e13ed9ULL, 0x7ce62ac27bd26b61ULL,
+    0x70837a39109ab392ULL, 0x90988e4b30b3c8abULL,
+    0xb2020b63877296bfULL, 0x156efcb607d6675bULL },
+  /* 7 */
+  { 0xe63f55ce97c331d0ULL, 0x25b506b0015bba16ULL,
+    0xc8706e29e6ad9ba8ULL, 0x5b43d3775d521f6aULL,
+    0x0bfa3d577035106eULL, 0xab95fc172afb0e66ULL,
+    0xf64b63979e7a3276ULL, 0xf58b4562649dad4bULL,
+    0x48f7c3dbae0c83f1ULL, 0xff31916642f5c8c5ULL,
+    0xcbb048dc1c4a0495ULL, 0x66b8f83cdf622989ULL,
+    0x35c130e908e2b9b0ULL, 0x7c761a61f0b34fa1ULL,
+    0x3601161cf205268dULL, 0x9e54ccfe2219b7d6ULL,
+    0x8b7d90a538940837ULL, 0x9cd403588ea35d0bULL,
+    0xbc3c6fea9ccc5b5aULL, 0xe5ff733b6d24aeedULL,
+    0xceed22de0f7eb8d2ULL, 0xec8581cab1ab545eULL,
+    0xb96105e88ff8e71dULL, 0x8ca03501871a5eadULL,
+    0x76ccce65d6db2a2fULL, 0x5883f582a7b58057ULL,
+    0x3f7be4ed2e8adc3eULL, 0x0fe7be06355cd9c9ULL,
+    0xee054e6c1d11be83ULL, 0x1074365909b903a6ULL,
+    0x5dde9f80b4813c10ULL, 0x4a770c7d02b6692cULL,
+    0x5379c8d5d7809039ULL, 0xb4067448161ed409ULL,
+    0x5f5e5026183bd6cdULL, 0xe898029bf4c29df9ULL,
+    0x7fb63c940a54d09cULL, 0xc5171f897f4ba8bcULL,
+    0xa6f28db7b31d3d72ULL, 0x2e4f3be7716eaa78ULL,
+    0x0d6771a099e63314ULL, 0x82076254e41bf284ULL,
+    0x2f0fd2b42733df98ULL, 0x5c9e76d3e2dc49f0ULL,
+    0x7aeb569619606cdbULL, 0x83478b07b2468764ULL,
+    0xcfadcb8d5923cd32ULL, 0x85dac7f05b95a41eULL,
+    0xb5469d1b4043a1e9ULL, 0xb821ecbbd9a592fdULL,
+    0x1b8e0b0e798c13c8ULL, 0x62a57b6d9a0be02eULL,
+    0xfcf1b793b81257f8ULL, 0x9d94ea0bd8fe28ebULL,
+    0x4cea408aeb654a56ULL, 0x23284a47e888996cULL,
+    0x2d8f1d128b893545ULL, 0xf4cbac3132c0d8abULL,
+    0xbd7c86b9ca912ebaULL, 0x3a268eef3dbe6079ULL,
+    0xf0d62f6077a9110cULL, 0x2735c916ade150cbULL,
+    0x89fd5f03942ee2eaULL, 0x1acee25d2fd16628ULL,
+    0x90f39bab41181bffULL, 0x430dfe8cde39939fULL,
+    0xf70b8ac4c8274796ULL, 0x1c53aeaac6024552ULL,
+    0x13b410acf35e9c9bULL, 0xa532ab4249faa24fULL,
+    0x2b1251e5625a163fULL, 0xd7e3e676da4841c7ULL,
+    0xa7b264e4e5404892ULL, 0xda8497d643ae72d3ULL,
+    0x861ae105a1723b23ULL, 0x38a6414991048aa4ULL,
+    0x6578dec92585b6b4ULL, 0x0280cfa6acbaeaddULL,
+    0x88bdb650c273970aULL, 0x9333bd5ebbff84c2ULL,
+    0x4e6a8f2c47dfa08bULL, 0x321c954db76cef2aULL,
+    0x418d312a72837942ULL, 0xb29b38bfffcdf773ULL,
+    0x6c022c38f90a4c07ULL, 0x5a033a240b0f6a8aULL,
+    0x1f93885f3ce5da6fULL, 0xc38a537e96988bc6ULL,
+    0x39e6a81ac759ff44ULL, 0x29929e43cee0fce2ULL,
+    0x40cdd87924de0ca2ULL, 0xe9d8ebc8a29fe819ULL,
+    0x0c2798f3cfbb46f4ULL, 0x55e484223e53b343ULL,
+    0x4650948ecd0d2fd8ULL, 0x20e86cb2126f0651ULL,
+    0x6d42c56baf5739e7ULL, 0xa06fc1405ace1e08ULL,
+    0x7babbfc54f3d193bULL, 0x424d17df8864e67fULL,
+    0xd8045870ef14980eULL, 0xc6d7397c85ac3781ULL,
+    0x21a885e1443273b1ULL, 0x67f8116f893f5c69ULL,
+    0x24f5efe35706cff6ULL, 0xd56329d076f2ab1aULL,
+    0x5e1eb9754e66a32dULL, 0x28d2771098bd8902ULL,
+    0x8f6013f47dfdc190ULL, 0x17a993fdb637553cULL,
+    0xe0a219397e1012aaULL, 0x786b9930b5da8606ULL,
+    0x6e82e39e55b0a6daULL, 0x875a0856f72f4ec3ULL,
+    0x3741ff4fa458536dULL, 0xac4859b3957558fcULL,
+    0x7ef6d5c75c09a57cULL, 0xc04a758b6c7f14fbULL,
+    0xf9acdd91ab26ebbfULL, 0x7391a467c5ef9668ULL,
+    0x335c7c1ee1319acaULL, 0xa91533b18641e4bbULL,
+    0xe4bf9a683b79db0dULL, 0x8e20faa72ba0b470ULL,
+    0x51f907737b3a7ae4ULL, 0x2268a314bed5ec8cULL,
+    0xd944b123b949edeeULL, 0x31dcb3b84d8b7017ULL,
+    0xd3fe65279f218860ULL, 0x097af2f1dc8ffab3ULL,
+    0x9b09a6fc312d0b91ULL, 0xcc6ded78a3c4520fULL,
+    0x3481d9ba5ebfcc50ULL, 0x4f2a667f1182d56bULL,
+    0xdfd9fdd4509ace94ULL, 0x26752045fbbc252bULL,
+    0xbffc491f662bc467ULL, 0xdd593272fc202449ULL,
+    0x3cbbc218d46d4303ULL, 0x91b372f817456e1fULL,
+    0x681faf69bc6385a0ULL, 0xb686bbeebaa43ed4ULL,
+    0x1469b5084cd0ca01ULL, 0x98c98009cbca94acULL,
+    0x6438379a73d8c354ULL, 0xc2caba2dc0c5fe26ULL,
+    0x3e3b0dbe78d7a9deULL, 0x50b9ee202d670f04ULL,
+    0x4590b27b37eab0e5ULL, 0x6025b4cb36b10af3ULL,
+    0xfb2c1237079c0162ULL, 0xa12f28130c936be8ULL,
+    0x4b37e52e54eb1cccULL, 0x083a1ba28ad28f53ULL,
+    0xc10a9cd83a22611bULL, 0x9f1425ad7444c236ULL,
+    0x069d4cf7e9d3237aULL, 0xedc56899e7f621beULL,
+    0x778c273680865fcfULL, 0x309c5aeb1bd605f7ULL,
+    0x8de0dc52d1472b4dULL, 0xf8ec34c2fd7b9e5fULL,
+    0xea18cd3d58787724ULL, 0xaad515447ca67b86ULL,
+    0x9989695a9d97e14cULL, 0x0000000000000000ULL,
+    0xf196c63321f464ecULL, 0x71116bc169557cb5ULL,
+    0xaf887f466f92c7c1ULL, 0x972e3e0ffe964d65ULL,
+    0x190ec4a8d536f915ULL, 0x95aef1a9522ca7b8ULL,
+    0xdc19db21aa7d51a9ULL, 0x94ee18fa0471d258ULL,
+    0x8087adf248a11859ULL, 0xc457f6da2916dd5cULL,
+    0xfa6cfb6451c17482ULL, 0xf256e0c6db13fbd1ULL,
+    0x6a9f60cf10d96f7dULL, 0x4daaa9d9bd383fb6ULL,
+    0x03c026f5fae79f3dULL, 0xde99148706c7bb74ULL,
+    0x2a52b8b6340763dfULL, 0x6fc20acd03edd33aULL,
+    0xd423c08320afdefaULL, 0xbbe1ca4e23420dc0ULL,
+    0x966ed75ca8cb3885ULL, 0xeb58246e0e2502c4ULL,
+    0x055d6a021334bc47ULL, 0xa47242111fa7d7afULL,
+    0xe3623fcc84f78d97ULL, 0x81c744a11efc6db9ULL,
+    0xaec8961539cfb221ULL, 0xf31609958d4e8e31ULL,
+    0x63e5923ecc5695ceULL, 0x47107ddd9b505a38ULL,
+    0xa3afe7b5a0298135ULL, 0x792b7063e387f3e6ULL,
+    0x0140e953565d75e0ULL, 0x12f4f9ffa503e97bULL,
+    0x750ce8902c3cb512ULL, 0xdbc47e8515f30733ULL,
+    0x1ed3610c6ab8af8fULL, 0x5239218681dde5d9ULL,
+    0xe222d69fd2aaf877ULL, 0xfe71783514a8bd25ULL,
+    0xcaf0a18f4a177175ULL, 0x61655d9860ec7f13ULL,
+    0xe77fbc9dc19e4430ULL, 0x2ccff441ddd440a5ULL,
+    0x16e97aaee06a20dcULL, 0xa855dae2d01c915bULL,
+    0x1d1347f9905f30b2ULL, 0xb7c652bdecf94b34ULL,
+    0xd03e43d265c6175dULL, 0xfdb15ec0ee4f2218ULL,
+    0x57644b8492e9599eULL, 0x07dda5a4bf8e569aULL,
+    0x54a46d71680ec6a3ULL, 0x5624a2d7c4b42c7eULL,
+    0xbebca04c3076b187ULL, 0x7d36f332a6ee3a41ULL,
+    0x3b6667bc6be31599ULL, 0x695f463aea3ef040ULL,
+    0xad08b0e0c3282d1cULL, 0xb15b1e4a052a684eULL,
+    0x44d05b2861b7c505ULL, 0x15295c5b1a8dbfe1ULL,
+    0x744c01c37a61c0f2ULL, 0x59c31cd1f1e8f5b7ULL,
+    0xef45a73f4b4ccb63ULL, 0x6bdf899c46841a9dULL,
+    0x3dfb2b4b823036e3ULL, 0xa2ef0ee6f674f4d5ULL,
+    0x184e2dfb836b8cf5ULL, 0x1134df0a5fe47646ULL,
+    0xbaa1231d751f7820ULL, 0xd17eaa81339b62bdULL,
+    0xb01bf71953771daeULL, 0x849a2ea30dc8d1feULL,
+    0x705182923f080955ULL, 0x0ea757556301ac29ULL,
+    0x041d83514569c9a7ULL, 0x0abad4042668658eULL,
+    0x49b72a88f851f611ULL, 0x8a3d79f66ec97dd7ULL,
+    0xcd2d042bf59927efULL, 0xc930877ab0f0ee48ULL,
+    0x9273540deda2f122ULL, 0xc797d02fd3f14261ULL,
+    0xe1e2f06a284d674aULL, 0xd2be8c74c97cfd80ULL,
+    0x9a494faf67707e71ULL, 0xb3dbd1eca9908293ULL,
+    0x72d14d3493b2e388ULL, 0xd6a30f258c153427ULL },
+};
+
+static const uint64_t C16[12][8] =
+{
+  { 0xdd806559f2a64507ULL, 0x05767436cc744d23ULL,
+    0xa2422a08a460d315ULL, 0x4b7ce09192676901ULL,
+    0x714eb88d7585c4fcULL, 0x2f6a76432e45d016ULL,
+    0xebcb2f81c0657c1fULL, 0xb1085bda1ecadae9ULL },
+  { 0xe679047021b19bb7ULL, 0x55dda21bd7cbcd56ULL,
+    0x5cb561c2db0aa7caULL, 0x9ab5176b12d69958ULL,
+    0x61d55e0f16b50131ULL, 0xf3feea720a232b98ULL,
+    0x4fe39d460f70b5d7ULL, 0x6fa3b58aa99d2f1aULL },
+  { 0x991e96f50aba0ab2ULL, 0xc2b6f443867adb31ULL,
+    0xc1c93a376062db09ULL, 0xd3e20fe490359eb1ULL,
+    0xf2ea7514b1297b7bULL, 0x06f15e5f529c1f8bULL,
+    0x0a39fc286a3d8435ULL, 0xf574dcac2bce2fc7ULL },
+  { 0x220cbebc84e3d12eULL, 0x3453eaa193e837f1ULL,
+    0xd8b71333935203beULL, 0xa9d72c82ed03d675ULL,
+    0x9d721cad685e353fULL, 0x488e857e335c3c7dULL,
+    0xf948e1a05d71e4ddULL, 0xef1fdfb3e81566d2ULL },
+  { 0x601758fd7c6cfe57ULL, 0x7a56a27ea9ea63f5ULL,
+    0xdfff00b723271a16ULL, 0xbfcd1747253af5a3ULL,
+    0x359e35d7800fffbdULL, 0x7f151c1f1686104aULL,
+    0x9a3f410c6ca92363ULL, 0x4bea6bacad474799ULL },
+  { 0xfa68407a46647d6eULL, 0xbf71c57236904f35ULL,
+    0x0af21f66c2bec6b6ULL, 0xcffaa6b71c9ab7b4ULL,
+    0x187f9ab49af08ec6ULL, 0x2d66c4f95142a46cULL,
+    0x6fa4c33b7a3039c0ULL, 0xae4faeae1d3ad3d9ULL },
+  { 0x8886564d3a14d493ULL, 0x3517454ca23c4af3ULL,
+    0x06476983284a0504ULL, 0x0992abc52d822c37ULL,
+    0xd3473e33197a93c9ULL, 0x399ec6c7e6bf87c9ULL,
+    0x51ac86febf240954ULL, 0xf4c70e16eeaac5ecULL },
+  { 0xa47f0dd4bf02e71eULL, 0x36acc2355951a8d9ULL,
+    0x69d18d2bd1a5c42fULL, 0xf4892bcb929b0690ULL,
+    0x89b4443b4ddbc49aULL, 0x4eb7f8719c36de1eULL,
+    0x03e7aa020c6e4141ULL, 0x9b1f5b424d93c9a7ULL },
+  { 0x7261445183235adbULL, 0x0e38dc92cb1f2a60ULL,
+    0x7b2b8a9aa6079c54ULL, 0x800a440bdbb2ceb1ULL,
+    0x3cd955b7e00d0984ULL, 0x3a7d3a1b25894224ULL,
+    0x944c9ad8ec165fdeULL, 0x378f5a541631229bULL },
+  { 0x74b4c7fb98459cedULL, 0x3698fad1153bb6c3ULL,
+    0x7a1e6c303b7652f4ULL, 0x9fe76702af69334bULL,
+    0x1fffe18a1b336103ULL, 0x8941e71cff8a78dbULL,
+    0x382ae548b2e4f3f3ULL, 0xabbedea680056f52ULL },
+  { 0x6bcaa4cd81f32d1bULL, 0xdea2594ac06fd85dULL,
+    0xefbacd1d7d476e98ULL, 0x8a1d71efea48b9caULL,
+    0x2001802114846679ULL, 0xd8fa6bbbebab0761ULL,
+    0x3002c6cd635afe94ULL, 0x7bcd9ed0efc889fbULL },
+  { 0x48bc924af11bd720ULL, 0xfaf417d5d9b21b99ULL,
+    0xe71da4aa88e12852ULL, 0x5d80ef9d1891cc86ULL,
+    0xf82012d430219f9bULL, 0xcda43c32bcdf1d77ULL,
+    0xd21380b00449b17aULL, 0x378ee767f11631baULL },
+};
+
+#define strido(out, temp, i) do { \
+	uint64_t t; \
+	t  = streebog_table[0][(temp[0] >> (i * 8)) & 0xff]; \
+	t ^= streebog_table[1][(temp[1] >> (i * 8)) & 0xff]; \
+	t ^= streebog_table[2][(temp[2] >> (i * 8)) & 0xff]; \
+	t ^= streebog_table[3][(temp[3] >> (i * 8)) & 0xff]; \
+	t ^= streebog_table[4][(temp[4] >> (i * 8)) & 0xff]; \
+	t ^= streebog_table[5][(temp[5] >> (i * 8)) & 0xff]; \
+	t ^= streebog_table[6][(temp[6] >> (i * 8)) & 0xff]; \
+	t ^= streebog_table[7][(temp[7] >> (i * 8)) & 0xff]; \
+	out[i] = t; } while(0)
+
+static void LPSX (uint64_t *out, const uint64_t *a, const uint64_t *b)
+{
+  uint64_t temp[8];
+  temp[0] = a[0] ^ b[0];
+  temp[1] = a[1] ^ b[1];
+  temp[2] = a[2] ^ b[2];
+  temp[3] = a[3] ^ b[3];
+  temp[4] = a[4] ^ b[4];
+  temp[5] = a[5] ^ b[5];
+  temp[6] = a[6] ^ b[6];
+  temp[7] = a[7] ^ b[7];
+  strido (out, temp, 0);
+  strido (out, temp, 1);
+  strido (out, temp, 2);
+  strido (out, temp, 3);
+  strido (out, temp, 4);
+  strido (out, temp, 5);
+  strido (out, temp, 6);
+  strido (out, temp, 7);
+}
+
+static inline void g (uint64_t *h, uint64_t *m, uint64_t *N)
+{
+  uint64_t K[8];
+  uint64_t T[8];
+  int i;
+
+  LPSX (K, h, N);
+
+  LPSX (T, K, m);
+  LPSX (K, K, C16[0]);
+  for (i = 1; i < 12; i++)
+    {
+      LPSX (T, K, T);
+      LPSX (K, K, C16[i]);
+    }
+
+  h[0] ^= T[0] ^ K[0] ^ m[0];
+  h[1] ^= T[1] ^ K[1] ^ m[1];
+  h[2] ^= T[2] ^ K[2] ^ m[2];
+  h[3] ^= T[3] ^ K[3] ^ m[3];
+  h[4] ^= T[4] ^ K[4] ^ m[4];
+  h[5] ^= T[5] ^ K[5] ^ m[5];
+  h[6] ^= T[6] ^ K[6] ^ m[6];
+  h[7] ^= T[7] ^ K[7] ^ m[7];
+}
+
+
+static void
+streebog512_compress (struct streebog512_ctx *ctx, const uint8_t *input, size_t count)
+{
+  uint64_t M[8];
+  uint64_t l, cf;
+  int i;
+
+  for (i = 0; i < 8; i++, input += 8)
+    M[i] = LE_READ_UINT64(input);
+
+  g (ctx->state, M, ctx->count);
+  l = ctx->count[0];
+  ctx->count[0] += count;
+  if (ctx->count[0] < l)
+    { /* overflow */
+      for (i = 1; i < 8; i++)
+        {
+          ctx->count[i]++;
+          if (ctx->count[i] != 0)
+            break;
+        }
+    }
+
+  cf = 0;
+  ctx->sigma[0] += M[0];
+  for (i = 1; i < 8; i++)
+    {
+      if (ctx->sigma[i-1] != M[i-1])
+	cf = (ctx->sigma[i-1] < M[i-1]);
+      ctx->sigma[i] += M[i] + cf;
+    }
+}
+
+static void
+streebog_final (struct streebog512_ctx *ctx)
+{
+  uint64_t Z[8] = {};
+  unsigned int i;
+
+  /* PAD. It does not count towards message length */
+  i = ctx->index;
+  /* We have at least one byte free) */
+  ctx->block[i++] = 1;
+  while (i < 64)
+    ctx->block[i++] = 0;
+  streebog512_compress (ctx, ctx->block, ctx->index * 8);
+
+  g (ctx->state, ctx->count, Z);
+  g (ctx->state, ctx->sigma, Z);
+}
+
+#define COMPRESS(ctx, data) (streebog512_compress((ctx), (data), 64 * 8))
+
+void
+streebog512_init(struct streebog512_ctx *ctx)
+{
+  memset(ctx->state, 0, sizeof(ctx->state));
+  memset(ctx->count, 0, sizeof(ctx->count));
+  memset(ctx->sigma, 0, sizeof(ctx->sigma));
+
+  /* Initialize buffer */
+  ctx->index = 0;
+}
+
+void
+streebog512_update(struct streebog512_ctx *ctx,
+                   size_t length, const uint8_t *data)
+{
+  MD_UPDATE (ctx, length, data, COMPRESS, (void)0);
+}
+
+static void
+streebog512_write_digest(struct streebog512_ctx *ctx,
+                         size_t offset, size_t length,
+                         uint8_t *digest)
+{
+  unsigned i;
+  unsigned words;
+  unsigned leftover;
+
+  assert(offset + length <= STREEBOG512_DIGEST_SIZE);
+
+  streebog_final(ctx);
+
+  words = length / 8;
+  leftover = length % 8;
+
+  for (i = 0; i < words; i++, digest += 8)
+    LE_WRITE_UINT64(digest, ctx->state[offset + i]);
+
+  if (leftover)
+    {
+      /* Truncate to the right size */
+      uint64_t word = ctx->state[offset + i] << (8*(8 - leftover));
+
+      do {
+	digest[--leftover] = (word >> 56) & 0xff;
+	word <<= 8;
+      } while (leftover);
+    }
+}
+
+void
+streebog512_digest(struct streebog512_ctx *ctx,
+	      size_t length,
+	      uint8_t *digest)
+{
+  assert(length <= STREEBOG512_DIGEST_SIZE);
+
+  streebog512_write_digest(ctx, 0, length, digest);
+  streebog512_init(ctx);
+}
+
+void
+streebog256_init(struct streebog256_ctx *ctx)
+{
+  memset(ctx->state, 1, sizeof(ctx->state));
+  memset(ctx->count, 0, sizeof(ctx->count));
+  memset(ctx->sigma, 0, sizeof(ctx->sigma));
+
+  /* Initialize buffer */
+  ctx->index = 0;
+}
+
+void
+streebog256_digest(struct streebog256_ctx *ctx,
+                   size_t length,
+                   uint8_t *digest)
+{
+  assert(length <= STREEBOG256_DIGEST_SIZE);
+
+  streebog512_write_digest(ctx,
+      4,
+      length,
+      digest);
+  streebog256_init(ctx);
+}
+#endif
diff --git a/lib/nettle/gost/streebog.h b/lib/nettle/gost/streebog.h
new file mode 100644
index 0000000..e2348bb
--- /dev/null
+++ b/lib/nettle/gost/streebog.h
@@ -0,0 +1,109 @@
+/* streebog.h
+
+   The Streebog family of hash functions.
+
+   Copyright (C) 2015 Dmitry Eremin-Solenikov
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see https://www.gnu.org/licenses/.
+*/
+ 
+#ifndef GNUTLS_LIB_NETTLE_GOST_STREEBOG_H
+#define GNUTLS_LIB_NETTLE_GOST_STREEBOG_H
+
+#include "config.h"
+
+#include <nettle/nettle-types.h>
+#include <nettle/nettle-meta.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifndef HAVE_NETTLE_STREEBOG512_UPDATE
+/* Name mangling */
+#define streebog256_init _gnutls_streebog256_init
+#define streebog256_digest _gnutls_streebog256_digest
+#define streebog512_init _gnutls_streebog512_init
+#define streebog512_update _gnutls_streebog512_update
+#define streebog512_digest _gnutls_streebog512_digest
+
+/* STREEBOG512 */
+
+#define STREEBOG512_DIGEST_SIZE 64
+#define STREEBOG512_BLOCK_SIZE 64
+
+/* Digest is kept internally as 8 64-bit words. */
+#define _STREEBOG512_DIGEST_LENGTH 8
+
+struct streebog512_ctx
+{
+  uint64_t state[_STREEBOG512_DIGEST_LENGTH];    /* State variables */
+  uint64_t count[_STREEBOG512_DIGEST_LENGTH];
+  uint64_t sigma[_STREEBOG512_DIGEST_LENGTH];
+  uint8_t block[STREEBOG512_BLOCK_SIZE];          /* STREEBOG512 data buffer */
+  unsigned int index;                       /* index into buffer */
+};
+
+void
+streebog512_init(struct streebog512_ctx *ctx);
+
+void
+streebog512_update(struct streebog512_ctx *ctx,
+	      size_t length,
+	      const uint8_t *data);
+
+void
+streebog512_digest(struct streebog512_ctx *ctx,
+	      size_t length,
+	      uint8_t *digest);
+
+
+#define STREEBOG256_DIGEST_SIZE 32
+#define STREEBOG256_BLOCK_SIZE STREEBOG512_BLOCK_SIZE
+#define streebog256_ctx streebog512_ctx
+
+void
+streebog256_init(struct streebog256_ctx *ctx);
+
+#define streebog256_update _gnutls_streebog512_update
+
+void
+streebog256_digest(struct streebog256_ctx *ctx,
+		  size_t length,
+		  uint8_t *digest);
+
+#define nettle_streebog256 _gnutls_streebog256
+#define nettle_streebog512 _gnutls_streebog512
+extern const struct nettle_hash _gnutls_streebog256;
+extern const struct nettle_hash _gnutls_streebog512;
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* GNUTLS_LIB_NETTLE_GOST_STREEBOG_H */
diff --git a/lib/nettle/gost/write-le32.c b/lib/nettle/gost/write-le32.c
new file mode 100644
index 0000000..d9d0482
--- /dev/null
+++ b/lib/nettle/gost/write-le32.c
@@ -0,0 +1,69 @@
+/* write-le32.c
+
+   Copyright (C) 2001, 2011 Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <stdlib.h>
+
+#include "nettle-write.h"
+
+#include <nettle/macros.h>
+
+void
+_nettle_write_le32(size_t length, uint8_t *dst,
+		   const uint32_t *src)
+{
+  size_t i;
+  size_t words;
+  unsigned leftover;
+  
+  words = length / 4;
+  leftover = length % 4;
+
+  for (i = 0; i < words; i++, dst += 4)
+    LE_WRITE_UINT32(dst, src[i]);
+
+  if (leftover)
+    {
+      uint32_t word;
+      
+      word = src[i];
+
+      do
+	{
+	  *dst++ = word & 0xff;
+	  word >>= 8;
+	}
+      while (--leftover);
+    }
+}
diff --git a/lib/nettle/gost_keywrap.c b/lib/nettle/gost_keywrap.c
new file mode 100644
index 0000000..ca18670
--- /dev/null
+++ b/lib/nettle/gost_keywrap.c
@@ -0,0 +1,121 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Dmitry Eremin-Solenikov
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ */
+
+#include "gnutls_int.h"
+#include "gost/gost28147.h"
+
+static const struct gost28147_param *
+_gnutls_gost_get_param(gnutls_gost_paramset_t param)
+{
+	if (param == GNUTLS_GOST_PARAMSET_TC26_Z)
+		return &gost28147_param_TC26_Z;
+	else if (param == GNUTLS_GOST_PARAMSET_CP_A)
+		return &gost28147_param_CryptoPro_A;
+	else if (param == GNUTLS_GOST_PARAMSET_CP_B)
+		return &gost28147_param_CryptoPro_B;
+	else if (param == GNUTLS_GOST_PARAMSET_CP_C)
+		return &gost28147_param_CryptoPro_C;
+	else if (param == GNUTLS_GOST_PARAMSET_CP_D)
+		return &gost28147_param_CryptoPro_D;
+
+	gnutls_assert();
+
+	return NULL;
+}
+
+int _gnutls_gost_key_wrap(gnutls_gost_paramset_t gost_params,
+			  const gnutls_datum_t *kek,
+			  const gnutls_datum_t *ukm,
+			  const gnutls_datum_t *cek,
+			  gnutls_datum_t *enc,
+			  gnutls_datum_t *imit)
+{
+	const struct gost28147_param *gp;
+
+	gp = _gnutls_gost_get_param(gost_params);
+	if (gp == NULL) {
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+	}
+
+	if (kek->size != GOST28147_KEY_SIZE ||
+	    cek->size != GOST28147_KEY_SIZE ||
+	    ukm->size < GOST28147_IMIT_BLOCK_SIZE) {
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+	}
+
+	enc->size = GOST28147_KEY_SIZE;
+	enc->data = gnutls_malloc(enc->size);
+	if (enc->data == NULL) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	imit->size = GOST28147_IMIT_DIGEST_SIZE;
+	imit->data = gnutls_malloc(imit->size);
+	if (imit->data == NULL) {
+		_gnutls_free_datum(enc);
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	gost28147_key_wrap_cryptopro(gp, kek->data, ukm->data, ukm->size,
+				     cek->data, enc->data, imit->data);
+
+	return 0;
+}
+
+int _gnutls_gost_key_unwrap(gnutls_gost_paramset_t gost_params,
+			    const gnutls_datum_t *kek,
+			    const gnutls_datum_t *ukm,
+			    const gnutls_datum_t *enc,
+			    const gnutls_datum_t *imit,
+			    gnutls_datum_t *cek)
+{
+	const struct gost28147_param *gp;
+	int ret;
+
+	gp = _gnutls_gost_get_param(gost_params);
+	if (gp == NULL) {
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+	}
+
+	if (kek->size != GOST28147_KEY_SIZE ||
+	    enc->size != GOST28147_KEY_SIZE ||
+	    imit->size != GOST28147_IMIT_DIGEST_SIZE ||
+	    ukm->size < GOST28147_IMIT_BLOCK_SIZE) {
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+	}
+
+	cek->size = GOST28147_KEY_SIZE;
+	cek->data = gnutls_malloc(cek->size);
+	if (cek->data == NULL) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	ret = gost28147_key_unwrap_cryptopro(gp, kek->data,
+					     ukm->data, ukm->size,
+					     enc->data, imit->data,
+					     cek->data);
+	if (ret == 0) {
+		gnutls_assert();
+		_gnutls_free_temp_key_datum(cek);
+		return GNUTLS_E_DECRYPTION_FAILED;
+	}
+
+	return 0;
+}
diff --git a/lib/nettle/init.c b/lib/nettle/init.c
new file mode 100644
index 0000000..9cd6b14
--- /dev/null
+++ b/lib/nettle/init.c
@@ -0,0 +1,127 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2022 Tobias Heider <tobias.heider@canonical.com>
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <num.h>
+#include <mpi.h>
+#include <nettle/bignum.h> /* includes gmp.h */
+
+static void gnutls_free_zero(void *data, size_t size);
+static void *gnutls_realloc_zero(void *data, size_t old_size, size_t new_size);
+
+static void *(*allocfunc) (size_t);
+static void *(*reallocfunc) (void *, size_t, size_t);
+static void (*freefunc) (void *, size_t);
+
+/* Functions that refer to the initialization of the nettle library.
+ */
+
+int gnutls_crypto_init(void)
+{
+	void *(*defallocfunc) (size_t);
+	void *(*defreallocfunc) (void *, size_t, size_t);
+	void (*deffreefunc) (void *, size_t);
+
+	/* Check if non-default allocators are being used.
+	 * Some applications like guile override GMP allocators
+	 * with GC capable alternatives. Do nothing if this is
+	 * the case.
+	 */
+	mp_get_memory_functions(&allocfunc, &reallocfunc, &freefunc);
+	mp_set_memory_functions(NULL, NULL, NULL);
+	mp_get_memory_functions(&defallocfunc, &defreallocfunc, &deffreefunc);
+	if (reallocfunc != defreallocfunc || freefunc != deffreefunc) {
+		mp_set_memory_functions(allocfunc, reallocfunc, freefunc);
+		return (0);
+	}
+
+	/* Overload GMP allocators with safe alternatives */
+	mp_set_memory_functions(NULL, gnutls_realloc_zero, gnutls_free_zero);
+	return 0;
+}
+
+/* Functions that refer to the deinitialization of the nettle library.
+ */
+
+void gnutls_crypto_deinit(void)
+{
+	mp_set_memory_functions(allocfunc, reallocfunc, freefunc);
+}
+
+/*-
+ * gnutls_free_zero:
+ * @data: the memory to free
+ * @size: the size of memory
+ *
+ * This function will operate similarly to free(), but will safely
+ * zeroize the memory pointed to by data before freeing.
+ *
+ -*/
+static void gnutls_free_zero(void *data, size_t size)
+{
+	explicit_bzero(data, size);
+	free(data);
+}
+
+/*-
+ * gnutls_realloc_zero:
+ * @data: the memory to free
+ * @old_size: the size of memory before reallocation
+ * @new_size: the size of memory after reallocation
+ *
+ * This function will operate similarly to realloc(), but will safely
+ * zeroize discarded memory.
+ *
+ -*/
+static void *gnutls_realloc_zero(void *data, size_t old_size, size_t new_size)
+{
+	void *p;
+
+	if (data == NULL || old_size == 0) {
+		p = realloc(data, new_size);
+		if (p == NULL)
+			abort();
+		return p;
+	}
+
+	if (new_size == 0) {
+		explicit_bzero(data, old_size);
+		free(data);
+		return NULL;
+	}
+
+	if (old_size == new_size)
+		return data;
+
+	p = malloc(new_size);
+	if (p == NULL) {
+		explicit_bzero(data, old_size);
+		abort();
+	}
+	memcpy(p, data, MIN(old_size, new_size));
+	explicit_bzero(data, old_size);
+	free(data);
+
+	return p;
+}
diff --git a/lib/nettle/int/block8.h b/lib/nettle/int/block8.h
new file mode 100644
index 0000000..a1f6efe
--- /dev/null
+++ b/lib/nettle/int/block8.h
@@ -0,0 +1,61 @@
+/* nettle-types.h
+
+   Copyright (C) 2005, 2014 Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef GNUTLS_LIB_NETTLE_BLOCK8_H
+#define GNUTLS_LIB_NETTLE_BLOCK8_H
+
+#include "config.h"
+
+#ifndef HAVE_UNION_NETTLE_BLOCK8
+
+/* An aligned 16-byte block. */
+union gnutls_nettle_backport_nettle_block16
+{
+  uint8_t b[16];
+  unsigned long w[16 / sizeof(unsigned long)];
+  uint64_t u64[2];
+};
+
+union gnutls_nettle_backport_nettle_block8
+{
+  uint8_t b[8];
+  uint64_t u64;
+};
+
+#undef nettle_block16
+#undef nettle_block8
+
+#define nettle_block16 gnutls_nettle_backport_nettle_block16
+#define nettle_block8 gnutls_nettle_backport_nettle_block8
+
+#endif
+
+#endif /* GNUTLS_LIB_NETTLE_BLOCK8_H */
diff --git a/lib/nettle/int/drbg-aes-self-test.c b/lib/nettle/int/drbg-aes-self-test.c
new file mode 100644
index 0000000..0ac1c19
--- /dev/null
+++ b/lib/nettle/int/drbg-aes-self-test.c
@@ -0,0 +1,225 @@
+/* nettle, low-level cryptographics library
+ *
+ * Copyright (C) 2013 Red Hat
+ * Copyright (C) 2008  Free Software Foundation, Inc.
+ *  
+ * The nettle library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * Libgcrypt is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, see <https://www.gnu.org/licenses/>.
+ */
+
+/* This is a known-answer test for the DRBG-CTR-AES. 
+ */
+
+#include <config.h>
+#include "errors.h"
+#include <drbg-aes.h>
+#include <string.h>
+#include <stdio.h>
+
+struct self_test_st {
+	const uint8_t entropy[DRBG_AES_SEED_SIZE];
+	const uint8_t pstring[32];
+	const uint8_t reseed[DRBG_AES_SEED_SIZE];
+	const uint8_t addtl[3][32];
+	const uint8_t res[64];
+};
+
+struct priv_st {
+	struct drbg_aes_ctx *ctx;
+};
+
+/* Run a Know-Answer-Test using a dedicated test context. */
+int drbg_aes_self_test(void)
+{
+	static const struct self_test_st tv[] = {
+		/*
+		 * Test vector from NIST ACVP test framework that was
+		 * successfully validated by ACVP server.
+		 */
+		{
+		 .entropy = { 0xBE, 0x36, 0xDA, 0x22, 0xC5, 0xEE, 0xC2, 0x46,
+			      0x88, 0xAF, 0xD5, 0xFB, 0xC7, 0x12, 0x98, 0x58,
+			      0x32, 0xD0, 0x35, 0x89, 0x33, 0xF0, 0xFA, 0x2B,
+			      0x1B, 0x0D, 0x02, 0xE9, 0x3A, 0x28, 0x5F, 0x06,
+			      0x04, 0x3B, 0x97, 0x5F, 0xED, 0xD6, 0x2D, 0xC5,
+			      0xD9, 0x76, 0x42, 0x06, 0xEC, 0x80, 0x55, 0xFB },
+		 .pstring = { 0x50, 0xF9, 0x47, 0x14, 0x27, 0xF4, 0xA0, 0xAF,
+			      0x30, 0x08, 0x74, 0x85, 0xC7, 0x94, 0xA3, 0x5D,
+			      0x8F, 0x4F, 0x43, 0x52, 0x0C, 0xC0, 0x64, 0x47,
+			      0xF8, 0xAD, 0xC7, 0xB2, 0x6C, 0x7F, 0x26, 0x6E },
+		 .reseed = {  0x64, 0xDB, 0x9E, 0xC3, 0x45, 0x88, 0xED, 0x33,
+			      0xC8, 0x4C, 0xE2, 0x87, 0x12, 0x9C, 0xCA, 0x02,
+			      0x16, 0x41, 0xB5, 0x3B, 0xCB, 0x5F, 0x01, 0xAE,
+			      0xA0, 0x01, 0xBB, 0x16, 0x44, 0x1B, 0x99, 0x82,
+			      0x97, 0x84, 0x5B, 0x16, 0x58, 0xF3, 0xBD, 0xBE,
+			      0x9A, 0xAB, 0x9F, 0xB7, 0xB2, 0x93, 0xBE, 0xA5 },
+		 .addtl = {
+			   {  0x10, 0xDD, 0xBC, 0x33, 0x29, 0x10, 0x53, 0x4C,
+			      0xA0, 0x10, 0x72, 0xBF, 0x4C, 0x55, 0xDD, 0x7C,
+			      0x08, 0x5F, 0xDF, 0x40, 0xB6, 0x03, 0xF2, 0xBC,
+			      0xEA, 0xAE, 0x08, 0x46, 0x61, 0x68, 0x91, 0xC9 },
+			   {  0x00, 0xB6, 0x84, 0xF7, 0xF3, 0x14, 0xC7, 0x80,
+			      0x57, 0xA4, 0x8F, 0x48, 0xE5, 0xC9, 0x7F, 0x8D,
+			      0x54, 0x88, 0x96, 0xDF, 0x94, 0x55, 0xB1, 0x1C,
+			      0xFA, 0xCF, 0xE0, 0x4D, 0xAA, 0x01, 0xFA, 0x25 },
+			   {  0x97, 0x02, 0xDB, 0xCB, 0x85, 0x2A, 0xAA, 0x55,
+			      0x96, 0xC7, 0xF8, 0xF3, 0xB3, 0x9B, 0xBC, 0xCA,
+			      0xB5, 0xC1, 0x7C, 0x1C, 0x0D, 0x2F, 0x5B, 0x0E,
+			      0x9B, 0xBA, 0xB4, 0xDD, 0x45, 0x90, 0xF2, 0x14 },
+			  },
+		 .res = {     0xfe, 0x78, 0x3c, 0x64, 0x98, 0xb8, 0x69, 0x1d,
+			      0xb7, 0xd4, 0xfb, 0x71, 0xdb, 0x58, 0xd2, 0xee,
+			      0x32, 0x63, 0xfd, 0xed, 0x78, 0xe7, 0x93, 0x13,
+			      0x65, 0xd7, 0xf8, 0x6b, 0x71, 0x90, 0xfc, 0xf4,
+			      0xa3, 0x29, 0xae, 0x0b, 0xca, 0x40, 0x23, 0x61,
+			      0x6c, 0xa3, 0xf8, 0xc6, 0x75, 0x15, 0x38, 0x36,
+			      0x11, 0x5c, 0xc0, 0x87, 0x8a, 0x9b, 0x91, 0xdb,
+			      0x56, 0xb9, 0x06, 0x98, 0xc5, 0x78, 0x1a, 0x3a }
+		 },
+	};
+	unsigned i, j;
+	struct drbg_aes_ctx test_ctx;
+	struct drbg_aes_ctx test_ctx2;
+	struct priv_st priv;
+	int ret, saved;
+	uint8_t *tmp;
+	unsigned char result[64];
+
+	memset(&priv, 0, sizeof(priv));
+	priv.ctx = &test_ctx;
+
+	/* Test the error handling of drbg_aes_init */
+	ret =
+	    drbg_aes_init(&test_ctx, DRBG_AES_SEED_SIZE, tv[0].entropy,
+			  DRBG_AES_SEED_SIZE*2, (void*)tv);
+	if (ret != 0) {
+		gnutls_assert();
+		return 0;
+	}
+
+	tmp = gnutls_malloc(MAX_DRBG_AES_GENERATE_SIZE+1);
+	if (tmp == NULL) {
+		gnutls_assert();
+		return 0;
+	}
+
+	for (i = 0; i < sizeof(tv) / sizeof(tv[0]); i++) {
+		/* CAVP test step 1: initialization with perso string */
+		ret = drbg_aes_init(&test_ctx,
+				    sizeof(tv[i].entropy), tv[i].entropy,
+				    sizeof(tv[i].pstring), tv[i].pstring);
+		if (ret == 0)
+			goto fail;
+
+		if (drbg_aes_is_seeded(&test_ctx) == 0)
+			goto fail;
+
+		/* CAVP test step 2: reseed with addtl information */
+		ret = drbg_aes_reseed(&test_ctx,
+				      sizeof(tv[i].reseed), tv[i].reseed,
+				      sizeof(tv[i].addtl[0]), tv[i].addtl[0]);
+		if (ret == 0)
+			goto fail;
+
+		/* CAVP test step 3: generate with addtl info, discard result */
+		if (drbg_aes_generate(&test_ctx, sizeof(result), result,
+				      sizeof(tv[i].addtl[1]),
+				      tv[i].addtl[1]) == 0)
+			goto fail;
+
+		/* CAVP test step 4: generate with addtl info */
+		if (drbg_aes_generate(&test_ctx, sizeof(result), result,
+				      sizeof(tv[i].addtl[2]),
+				      tv[i].addtl[2]) == 0)
+			goto fail;
+
+		if (memcmp(result, tv[i].res, sizeof(result)) != 0) {
+			goto fail;
+		}
+
+		/* test the error handling of drbg_aes_random() */
+		saved = test_ctx.reseed_counter;
+		test_ctx.reseed_counter = DRBG_AES_RESEED_TIME+1;
+		if (drbg_aes_random(&test_ctx, 16, result) != 0) {
+			gnutls_assert();
+			goto fail;
+		}
+		test_ctx.reseed_counter = saved;
+
+		ret = drbg_aes_random(&test_ctx, MAX_DRBG_AES_GENERATE_SIZE+1, tmp);
+		if (ret == 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		/* test the low-level function */
+		ret = drbg_aes_generate(&test_ctx, MAX_DRBG_AES_GENERATE_SIZE+1, tmp, 0, NULL);
+		if (ret != 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		/* Test of the reseed function for error handling */
+		ret =
+		    drbg_aes_reseed(&test_ctx, DRBG_AES_SEED_SIZE*2,
+				    (uint8_t*)tv, 0, NULL);
+		if (ret != 0)
+			goto fail;
+
+		ret =
+		    drbg_aes_reseed(&test_ctx, DRBG_AES_SEED_SIZE,
+				    tv[i].entropy, DRBG_AES_SEED_SIZE*2, (uint8_t*)tv);
+		if (ret != 0)
+			goto fail;
+
+		/* check whether reseed detection works */
+		if (i==0) {
+			ret =
+			    drbg_aes_reseed(&test_ctx, DRBG_AES_SEED_SIZE,
+					    tv[i].entropy, 0, NULL);
+			if (ret == 0)
+				goto fail;
+
+			saved = test_ctx.reseed_counter;
+			test_ctx.reseed_counter = DRBG_AES_RESEED_TIME-4;
+			for (j=0;j<5;j++) {
+				if (drbg_aes_random(&test_ctx, 1, result) == 0) {
+					gnutls_assert();
+					goto fail;
+				}
+			}
+			/* that should fail */
+			if (drbg_aes_random(&test_ctx, 1, result) != 0) {
+				gnutls_assert();
+				goto fail;
+			}
+			test_ctx.reseed_counter = saved;
+		}
+
+		/* test deinit, which is zeroize_key() */
+		memcpy(&test_ctx2, &test_ctx, sizeof(test_ctx));
+		zeroize_key(&test_ctx, sizeof(test_ctx));
+		if (memcmp(&test_ctx, &test_ctx2, sizeof(test_ctx)) == 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+
+	}
+
+	gnutls_free(tmp);
+	return 1;
+ fail:
+	free(tmp);
+	return 0;
+}
diff --git a/lib/nettle/int/drbg-aes.c b/lib/nettle/int/drbg-aes.c
new file mode 100644
index 0000000..af8b347
--- /dev/null
+++ b/lib/nettle/int/drbg-aes.c
@@ -0,0 +1,171 @@
+/* drbg-aes.c */
+
+/* Copyright (C) 2013-2018 Red Hat
+ *
+ * This file is part of GnuTLS.
+ *  
+ * The GnuTLS library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ * 
+ * The nettle library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+
+#include <config.h>
+#include <drbg-aes.h>
+#include <nettle/memxor.h>
+#include <nettle/aes.h>
+#include <minmax.h>
+#include <string.h>
+#include <stdio.h>
+#include <fips.h>
+#include <assert.h>
+
+int
+drbg_aes_init(struct drbg_aes_ctx *ctx,
+	      unsigned entropy_size, const uint8_t * entropy,
+	      unsigned pstring_size, const uint8_t * pstring)
+{
+	uint8_t tmp[AES256_KEY_SIZE];
+
+	assert(AES256_KEY_SIZE == DRBG_AES_KEY_SIZE);
+	memset(ctx, 0, sizeof(*ctx));
+	memset(tmp, 0, sizeof(tmp));
+
+	aes256_set_encrypt_key(&ctx->key, tmp);
+
+	return drbg_aes_reseed(ctx, entropy_size, entropy,
+			       pstring_size, pstring);
+}
+
+/* Sets V and key based on pdata */
+static void
+drbg_aes_update(struct drbg_aes_ctx *ctx,
+		const uint8_t pdata[DRBG_AES_SEED_SIZE])
+{
+	unsigned len = 0;
+	uint8_t tmp[DRBG_AES_SEED_SIZE];
+	uint8_t *t = tmp;
+
+	while (len < DRBG_AES_SEED_SIZE) {
+		INCREMENT(sizeof(ctx->v), ctx->v);
+		aes256_encrypt(&ctx->key, AES_BLOCK_SIZE, t, ctx->v);
+		t += AES_BLOCK_SIZE;
+		len += AES_BLOCK_SIZE;
+	}
+
+	memxor(tmp, pdata, DRBG_AES_SEED_SIZE);
+
+	aes256_set_encrypt_key(&ctx->key, tmp);
+
+	memcpy(ctx->v, &tmp[DRBG_AES_KEY_SIZE], AES_BLOCK_SIZE);
+
+	ctx->seeded = 1;
+}
+
+int
+drbg_aes_reseed(struct drbg_aes_ctx *ctx,
+		unsigned entropy_size, const uint8_t * entropy,
+		unsigned add_size, const uint8_t * add)
+{
+	uint8_t tmp[DRBG_AES_SEED_SIZE];
+	unsigned len = 0;
+
+	if (add_size > DRBG_AES_SEED_SIZE || entropy_size != DRBG_AES_SEED_SIZE)
+		return 0;
+
+	if (add_size <= DRBG_AES_SEED_SIZE && add_size > 0) {
+		memcpy(tmp, add, add_size);
+		len = add_size;
+	}
+
+	if (len != DRBG_AES_SEED_SIZE)
+		memset(&tmp[len], 0, DRBG_AES_SEED_SIZE - len);
+
+	memxor(tmp, entropy, entropy_size);
+
+	drbg_aes_update(ctx, tmp);
+	ctx->reseed_counter = 1;
+
+	return 1;
+}
+
+int drbg_aes_random(struct drbg_aes_ctx *ctx, unsigned length, uint8_t * dst)
+{
+	unsigned p_len;
+	int left = length;
+	uint8_t *p = dst;
+	int ret;
+
+	while(left > 0) {
+		p_len = MIN(MAX_DRBG_AES_GENERATE_SIZE, left);
+		ret = drbg_aes_generate(ctx, p_len, p, 0, 0);
+		if (ret == 0)
+			return ret;
+
+		p += p_len;
+		left -= p_len;
+	}
+
+	return 1;
+}
+
+/* we don't use additional input */
+int drbg_aes_generate(struct drbg_aes_ctx *ctx, unsigned length, uint8_t * dst,
+			unsigned add_size, const uint8_t *add)
+{
+	uint8_t tmp[AES_BLOCK_SIZE];
+	uint8_t seed[DRBG_AES_SEED_SIZE];
+	unsigned left;
+
+	if (ctx->seeded == 0)
+		return gnutls_assert_val(0);
+
+	if (length > MAX_DRBG_AES_GENERATE_SIZE)
+		return gnutls_assert_val(0);
+
+	if (add_size > 0) {
+		if (add_size > DRBG_AES_SEED_SIZE)
+			return gnutls_assert_val(0);
+		memcpy(seed, add, add_size);
+		if (add_size != DRBG_AES_SEED_SIZE)
+			memset(&seed[add_size], 0, DRBG_AES_SEED_SIZE - add_size);
+
+		drbg_aes_update(ctx, seed);
+	} else {
+		memset(seed, 0, DRBG_AES_SEED_SIZE);
+	}
+
+	/* Perform the actual encryption */
+	for (left = length; left >= AES_BLOCK_SIZE;
+	     left -= AES_BLOCK_SIZE, dst += AES_BLOCK_SIZE) {
+		INCREMENT(sizeof(ctx->v), ctx->v);
+		aes256_encrypt(&ctx->key, AES_BLOCK_SIZE, dst, ctx->v);
+	}
+
+	if (left > 0) {		/* partial fill */
+		INCREMENT(sizeof(ctx->v), ctx->v);
+		aes256_encrypt(&ctx->key, AES_BLOCK_SIZE, tmp, ctx->v);
+		memcpy(dst, tmp, left);
+	}
+
+	if (ctx->reseed_counter > DRBG_AES_RESEED_TIME)
+		return gnutls_assert_val(0);
+	ctx->reseed_counter++;
+
+	drbg_aes_update(ctx, seed);
+
+	return 1;
+}
+
+int drbg_aes_is_seeded(struct drbg_aes_ctx *ctx)
+{
+	return ctx->seeded;
+}
diff --git a/lib/nettle/int/drbg-aes.h b/lib/nettle/int/drbg-aes.h
new file mode 100644
index 0000000..ac2b858
--- /dev/null
+++ b/lib/nettle/int/drbg-aes.h
@@ -0,0 +1,93 @@
+/* drbg-aes.h
+ *
+ * The CTR-AES-256-based random-number generator from SP800-90A.
+ */
+
+/* Copyright (C) 2013 Red Hat
+ *  
+ * The nettle library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ * 
+ * The nettle library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the nettle library; see the file COPYING.LIB.  If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02111-1301, USA.
+ */
+
+#ifndef GNUTLS_LIB_NETTLE_INT_DRBG_AES_H
+#define GNUTLS_LIB_NETTLE_INT_DRBG_AES_H
+
+#include <config.h>
+#include <nettle/aes.h>
+
+/* This is nettle's increment macro */
+/* Requires that size > 0 */
+#define INCREMENT(size, ctr)                    \
+  do {                                          \
+    unsigned increment_i = (size) - 1;          \
+    if (++(ctr)[increment_i] == 0)              \
+      while (increment_i > 0                    \
+             && ++(ctr)[--increment_i] == 0 )   \
+        ;                                       \
+  } while (0)
+
+#define DRBG_AES_KEY_SIZE AES256_KEY_SIZE
+#define DRBG_AES_SEED_SIZE (AES_BLOCK_SIZE+DRBG_AES_KEY_SIZE)
+
+/* This is the CTR-AES-256-based random-number generator from SP800-90A.
+ */
+struct drbg_aes_ctx {
+	unsigned seeded;
+	/* The current key */
+	struct aes256_ctx key;
+
+	uint8_t v[AES_BLOCK_SIZE];
+
+	unsigned reseed_counter;
+};
+
+/* max_number_of_bits_per_request */
+#define MAX_DRBG_AES_GENERATE_SIZE 65536 /* 2^19 */
+
+/* This DRBG should be reseeded if reseed_counter exceeds
+ * that number. Otherwise drbg_aes_random() will fail.
+ */
+#define DRBG_AES_RESEED_TIME 16777216
+
+/* The entropy provided in these functions should be of
+ * size DRBG_AES_SEED_SIZE. Additional data and pers.
+ * string may be <= DRBG_AES_SEED_SIZE.
+ */
+int
+drbg_aes_init(struct drbg_aes_ctx *ctx, 
+	unsigned entropy_size, const uint8_t *entropy, 
+	unsigned pstring_size, const uint8_t* pstring);
+
+int
+drbg_aes_reseed(struct drbg_aes_ctx *ctx, 
+	unsigned entropy_size, const uint8_t *entropy, 
+	unsigned add_size, const uint8_t* add);
+
+/* our wrapper for the low-level drbg_aes_generate */
+int
+drbg_aes_random(struct drbg_aes_ctx *ctx, unsigned length,
+		uint8_t * dst);
+
+int
+drbg_aes_generate(struct drbg_aes_ctx *ctx, unsigned length,
+		uint8_t * dst, unsigned add_size, const uint8_t* add);
+
+/* For deinitialization use zeroize_key() on the context */
+
+int drbg_aes_is_seeded(struct drbg_aes_ctx *ctx);
+
+int drbg_aes_self_test(void);
+
+#endif /* GNUTLS_LIB_NETTLE_INT_DRBG_AES_H */
diff --git a/lib/nettle/int/dsa-compute-k.c b/lib/nettle/int/dsa-compute-k.c
new file mode 100644
index 0000000..3f5105a
--- /dev/null
+++ b/lib/nettle/int/dsa-compute-k.c
@@ -0,0 +1,209 @@
+/*
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include "dsa-compute-k.h"
+
+#include "gnutls_int.h"
+#include "mem.h"
+#include "mpn-base256.h"
+#include <string.h>
+
+#define BITS_TO_LIMBS(bits) (((bits) + GMP_NUMB_BITS - 1) / GMP_NUMB_BITS)
+
+/* The maximum size of q, chosen from the fact that we support
+ * 521-bit elliptic curve generator and 512-bit DSA subgroup at
+ * maximum. */
+#define MAX_Q_BITS 521
+#define MAX_Q_SIZE ((MAX_Q_BITS + 7) / 8)
+#define MAX_Q_LIMBS BITS_TO_LIMBS(MAX_Q_BITS)
+
+#define MAX_HASH_BITS (MAX_HASH_SIZE * 8)
+#define MAX_HASH_LIMBS BITS_TO_LIMBS(MAX_HASH_BITS)
+
+int
+_gnutls_dsa_compute_k(mpz_t k,
+		      const mpz_t q,
+		      const mpz_t x,
+		      gnutls_mac_algorithm_t mac,
+		      const uint8_t *digest,
+		      size_t length)
+{
+	uint8_t V[MAX_HASH_SIZE];
+	uint8_t K[MAX_HASH_SIZE];
+	uint8_t xp[MAX_Q_SIZE];
+	uint8_t tp[MAX_Q_SIZE];
+	mp_limb_t h[MAX(MAX_Q_LIMBS, MAX_HASH_LIMBS)];
+	mp_bitcnt_t q_bits = mpz_sizeinbase (q, 2);
+	mp_size_t qn = mpz_size(q);
+	mp_bitcnt_t h_bits = length * 8;
+	mp_size_t hn = BITS_TO_LIMBS(h_bits);
+	size_t nbytes = (q_bits + 7) / 8;
+	const uint8_t c0 = 0x00;
+	const uint8_t c1 = 0x01;
+	mp_limb_t cy;
+	gnutls_hmac_hd_t hd;
+	int ret = 0;
+
+	if (unlikely(q_bits > MAX_Q_BITS))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	if (unlikely(length > MAX_HASH_SIZE))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	/* int2octets(x) */
+	mpn_get_base256(xp, nbytes, mpz_limbs_read(x), qn);
+
+	/* bits2octets(h) */
+	mpn_set_base256(h, hn, digest, length);
+
+	if (hn < qn)
+		/* qlen > blen: add zero bits to the left */
+		mpn_zero(&h[hn], qn - hn);
+	else if (h_bits > q_bits) {
+		/* qlen < blen: keep the leftmost qlen bits.  We do this in 2
+		 * steps because mpn_rshift only accepts shift count in the
+		 * range 1 to mp_bits_per_limb-1.
+		 */
+		mp_bitcnt_t shift = h_bits - q_bits;
+
+		if (shift / GMP_NUMB_BITS > 0) {
+			mpn_copyi(h, &h[shift / GMP_NUMB_BITS], qn);
+			hn -= shift / GMP_NUMB_BITS;
+		}
+
+		if (shift % GMP_NUMB_BITS > 0)
+			mpn_rshift(h, h, hn, shift % GMP_NUMB_BITS);
+	}
+
+	cy = mpn_sub_n(h, h, mpz_limbs_read(q), qn);
+	/* Fall back to addmul_1, if nettle is linked with mini-gmp. */
+#ifdef mpn_cnd_add_n
+	mpn_cnd_add_n(cy, h, h, mpz_limbs_read(q), qn);
+#else
+	mpn_addmul_1(h, mpz_limbs_read(q), qn, cy != 0);
+#endif
+	mpn_get_base256(tp, nbytes, h, qn);
+
+	/* Step b */
+	memset(V, c1, length);
+
+	/* Step c */
+	memset(K, c0, length);
+
+	/* Step d */
+	ret = gnutls_hmac_init(&hd, mac, K, length);
+	if (ret < 0)
+		goto out;
+	ret = gnutls_hmac(hd, V, length);
+	if (ret < 0)
+		goto out;
+	ret = gnutls_hmac(hd, &c0, 1);
+	if (ret < 0)
+		goto out;
+	ret = gnutls_hmac(hd, xp, nbytes);
+	if (ret < 0)
+		goto out;
+	ret = gnutls_hmac(hd, tp, nbytes);
+	if (ret < 0)
+		goto out;
+	gnutls_hmac_deinit(hd, K);
+
+	/* Step e */
+	ret = gnutls_hmac_fast(mac, K, length, V, length, V);
+	if (ret < 0)
+		goto out;
+
+	/* Step f */
+	ret = gnutls_hmac_init(&hd, mac, K, length);
+	if (ret < 0)
+		goto out;
+	ret = gnutls_hmac(hd, V, length);
+	if (ret < 0)
+		goto out;
+	ret = gnutls_hmac(hd, &c1, 1);
+	if (ret < 0)
+		goto out;
+	ret = gnutls_hmac(hd, xp, nbytes);
+	if (ret < 0)
+		goto out;
+	ret = gnutls_hmac(hd, tp, nbytes);
+	if (ret < 0)
+		goto out;
+	gnutls_hmac_deinit(hd, K);
+
+	/* Step g */
+	ret = gnutls_hmac_fast(mac, K, length, V, length, V);
+	if (ret < 0)
+		goto out;
+
+	/* Step h */
+	for (;;) {
+		/* Step 1 */
+		size_t tlen = 0;
+
+		/* Step 2 */
+		while (tlen < nbytes) {
+			size_t remaining = MIN(nbytes - tlen, length);
+			ret = gnutls_hmac_fast(mac, K, length, V, length, V);
+			if (ret < 0)
+				goto out;
+			memcpy (&tp[tlen], V, remaining);
+			tlen += remaining;
+		}
+
+		/* Step 3 */
+		mpn_set_base256 (h, qn, tp, tlen);
+		if (tlen * 8 > q_bits)
+			mpn_rshift (h, h, qn, tlen * 8 - q_bits);
+		/* Check if k is in [1,q-1] */
+		if (!mpn_zero_p (h, qn) &&
+		    mpn_cmp (h, mpz_limbs_read(q), qn) < 0) {
+			mpn_copyi(mpz_limbs_write(k, qn), h, qn);
+			mpz_limbs_finish(k, qn);
+			break;
+		}
+
+		ret = gnutls_hmac_init(&hd, mac, K, length);
+		if (ret < 0)
+			goto out;
+		ret = gnutls_hmac(hd, V, length);
+		if (ret < 0)
+			goto out;
+		ret = gnutls_hmac(hd, &c0, 1);
+		if (ret < 0)
+			goto out;
+		gnutls_hmac_deinit(hd, K);
+
+		ret = gnutls_hmac_fast(mac, K, length, V, length, V);
+		if (ret < 0)
+			goto out;
+	}
+
+ out:
+	zeroize_key(xp, sizeof(xp));
+	zeroize_key(tp, sizeof(tp));
+
+	return ret;
+}
diff --git a/lib/nettle/int/dsa-compute-k.h b/lib/nettle/int/dsa-compute-k.h
new file mode 100644
index 0000000..64e90e0
--- /dev/null
+++ b/lib/nettle/int/dsa-compute-k.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_NETTLE_INT_DSA_COMPUTE_K_H
+#define GNUTLS_LIB_NETTLE_INT_DSA_COMPUTE_K_H
+
+#include <gnutls/gnutls.h>
+#include <nettle/bignum.h> /* includes gmp.h */
+
+int
+_gnutls_dsa_compute_k(mpz_t k,
+		      const mpz_t q,
+		      const mpz_t x,
+		      gnutls_mac_algorithm_t mac,
+		      const uint8_t *digest,
+		      size_t length);
+
+#endif /* GNUTLS_LIB_NETTLE_INT_DSA_COMPUTE_K_H */
diff --git a/lib/nettle/int/dsa-fips.h b/lib/nettle/int/dsa-fips.h
new file mode 100644
index 0000000..351e856
--- /dev/null
+++ b/lib/nettle/int/dsa-fips.h
@@ -0,0 +1,128 @@
+/* dsa.h
+ *
+ * The DSA publickey algorithm.
+ */
+
+/* Copyright (C) 2013 Red Hat
+ *  
+ * The gnutls library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ * 
+ * The nettle library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the nettle library; see the file COPYING.LIB.  If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02111-1301, USA.
+ */
+ 
+#ifndef GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H
+#define GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H
+
+#include <nettle/bignum.h> /* includes gmp.h */
+#include <nettle/dsa.h>
+#include <nettle/sha2.h>
+#include <fips.h>
+
+#define div_ceil(x,y) ((x+(y)-1)/(y))
+
+struct dss_params_validation_seeds {
+	unsigned seed_length; /* first seed */
+	uint8_t seed[MAX_PVP_SEED_SIZE+1];
+	
+	unsigned pseed_length;
+	uint8_t pseed[MAX_PVP_SEED_SIZE+1];
+	unsigned qseed_length;
+	uint8_t qseed[MAX_PVP_SEED_SIZE+1];
+	unsigned pgen_counter;
+	unsigned qgen_counter;
+};
+
+int
+st_provable_prime (mpz_t p,
+			  unsigned *prime_seed_length, void *prime_seed,
+			  unsigned *prime_gen_counter,
+			  unsigned bits,
+			  unsigned seed_length, const void *seed,
+			  void *progress_ctx, nettle_progress_func * progress);
+
+int
+dsa_generate_dss_pqg(struct dsa_params *params,
+		     struct dss_params_validation_seeds* cert,
+		     unsigned index,
+		     void *random_ctx, nettle_random_func *random,
+		     void *progress_ctx, nettle_progress_func *progress,
+		     unsigned p_bits /* = L */, unsigned q_bits /* = N */);
+
+int
+_dsa_generate_dss_pqg(struct dsa_params *params,
+			 struct dss_params_validation_seeds *cert,
+			 unsigned index,
+			 unsigned seed_size, void *seed,
+			 void *progress_ctx, nettle_progress_func * progress,
+			 unsigned p_bits /* = L */ , unsigned q_bits /* = N */ );
+
+int
+dsa_generate_dss_keypair(struct dsa_params *params,
+		     mpz_t y,
+		     mpz_t x,
+		     void *random_ctx, nettle_random_func *random,
+		     void *progress_ctx, nettle_progress_func *progress);
+
+int
+dsa_validate_dss_pqg(struct dsa_params *pub,
+		     struct dss_params_validation_seeds* cert,
+		     unsigned index);
+
+int
+_dsa_validate_dss_pq(struct dsa_params *pub,
+		     struct dss_params_validation_seeds* cert);
+
+int
+_dsa_validate_dss_g(struct dsa_params *pub,
+		    unsigned domain_seed_size, const uint8_t *domain_seed, unsigned index);
+
+unsigned _dsa_check_qp_sizes(unsigned q_bits, unsigned p_bits, unsigned generate);
+
+/* The following low-level functions can be used for DH key exchange as well 
+ */
+int
+_dsa_generate_dss_pq(struct dsa_params *pub,
+		     struct dss_params_validation_seeds* cert,
+		     unsigned seed_length, void* seed,
+		     void *progress_ctx, nettle_progress_func *progress,
+		     unsigned p_bits, unsigned q_bits);
+
+int
+_dsa_generate_dss_g(struct dsa_params *pub,
+		    unsigned domain_seed_size, const uint8_t* domain_seed,
+		    void *progress_ctx, nettle_progress_func * progress,
+		    unsigned index);
+
+void
+_dsa_generate_dss_xy(struct dsa_params *pub,
+		     mpz_t y,
+		     mpz_t x,
+		     void *random_ctx, nettle_random_func *random);
+
+#define DIGEST_SIZE SHA384_DIGEST_SIZE
+inline static void
+hash (uint8_t digest[DIGEST_SIZE], unsigned length, void *data)
+{
+  struct sha384_ctx ctx;
+
+  sha384_init (&ctx);
+  sha384_update (&ctx, length, data);
+  sha384_digest (&ctx, DIGEST_SIZE, digest);
+
+  return;
+}
+
+unsigned mpz_seed_sizeinbase_256_u(mpz_t s, unsigned nominal);
+
+#endif /* GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H */
diff --git a/lib/nettle/int/dsa-keygen-fips186.c b/lib/nettle/int/dsa-keygen-fips186.c
new file mode 100644
index 0000000..69f7f8c
--- /dev/null
+++ b/lib/nettle/int/dsa-keygen-fips186.c
@@ -0,0 +1,466 @@
+/* dsa-keygen.c
+ *
+ * Generation of DSA keypairs
+ */
+
+/* nettle, low-level cryptographics library
+ *
+ * Copyright (C) 2013, 2014 Red Hat
+ *  
+ * The nettle library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ * 
+ * The nettle library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the nettle library; see the file COPYING.LIB.  If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02111-1301, USA.
+ */
+
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <nettle/dsa.h>
+#include <dsa-fips.h>
+
+#include <nettle/bignum.h>
+
+unsigned _dsa_check_qp_sizes(unsigned q_bits, unsigned p_bits, unsigned generate)
+{
+	switch (q_bits) {
+	case 160:
+		FIPS_RULE(generate != 0, 0, "DSA 160-bit generation\n");
+
+		if (p_bits != 1024)
+			return 0;
+		break;
+	case 224:
+		if (p_bits != 2048)
+			return 0;
+		break;
+	case 256:
+		if (p_bits != 2048 && p_bits != 3072)
+			return 0;
+		break;
+	default:
+		return 0;
+	}
+	return 1;
+}
+
+/* This generates p,q params using the A.1.2.1 algorithm in FIPS 186-4.
+ * 
+ * The hash function used is SHA384.
+ */
+int
+_dsa_generate_dss_pq(struct dsa_params *params,
+		     struct dss_params_validation_seeds *cert,
+		     unsigned seed_length, void *seed,
+		     void *progress_ctx, nettle_progress_func * progress,
+		     unsigned p_bits /* = L */ , unsigned q_bits /* = N */ )
+{
+	mpz_t r, p0, t, z, s, tmp, dp0;
+	int ret;
+	unsigned iterations, old_counter, i;
+	uint8_t *storage = NULL;
+	unsigned storage_length = 0;
+
+	ret = _dsa_check_qp_sizes(q_bits, p_bits, 1);
+	if (ret == 0) {
+		return 0;
+	}
+
+	if (seed_length < q_bits / 8) {
+		_gnutls_debug_log("Seed length must be larger than %d bytes (it is %d)\n", q_bits/8, seed_length);
+		return 0;
+	}
+
+	mpz_init(p0);
+	mpz_init(dp0);
+	mpz_init(r);
+	mpz_init(t);
+	mpz_init(z);
+	mpz_init(s);
+	mpz_init(tmp);
+
+	/* firstseed < 2^(N-1) */
+	mpz_set_ui(r, 1);
+	mpz_mul_2exp(r, r, q_bits - 1);
+
+	nettle_mpz_set_str_256_u(s, seed_length, seed);
+	if (mpz_cmp(s, r) < 0) {
+		goto fail;
+	}
+
+	cert->qseed_length = sizeof(cert->qseed);
+	cert->pseed_length = sizeof(cert->pseed);
+
+	ret = st_provable_prime(params->q,
+				&cert->qseed_length, cert->qseed,
+				&cert->qgen_counter,
+				q_bits,
+				seed_length, seed, progress_ctx, progress);
+	if (ret == 0) {
+		goto fail;
+	}
+
+	if (progress)
+		progress(progress_ctx, 'q');
+
+	ret = st_provable_prime(p0,
+				&cert->pseed_length, cert->pseed,
+				&cert->pgen_counter,
+				1 + div_ceil(p_bits, 2),
+				cert->qseed_length, cert->qseed,
+				progress_ctx, progress);
+	if (ret == 0) {
+		goto fail;
+	}
+
+	iterations = div_ceil(p_bits, DIGEST_SIZE*8);
+	old_counter = cert->pgen_counter;
+
+	if (iterations > 0) {
+		storage_length = iterations * DIGEST_SIZE;
+		storage = malloc(storage_length);
+		if (storage == NULL) {
+			goto fail;
+		}
+
+		nettle_mpz_set_str_256_u(s, cert->pseed_length, cert->pseed);
+		for (i = 0; i < iterations; i++) {
+			cert->pseed_length = nettle_mpz_sizeinbase_256_u(s);
+			nettle_mpz_get_str_256(cert->pseed_length, cert->pseed, s);
+
+			hash(&storage[(iterations - i - 1) * DIGEST_SIZE],
+			     cert->pseed_length, cert->pseed);
+			mpz_add_ui(s, s, 1);
+		}
+
+		/* x = 2^(p_bits-1) + (x mod 2^(p_bits-1)) */
+		nettle_mpz_set_str_256_u(tmp, storage_length, storage);
+	}
+
+	mpz_set_ui(r, 1);
+	mpz_mul_2exp(r, r, p_bits - 1);
+
+	mpz_fdiv_r_2exp(tmp, tmp, p_bits - 1);
+	mpz_add(tmp, tmp, r);
+
+	/* Generate candidate prime p in [2^(bits-1), 2^bits] */
+
+	/* t = u[x/2c0] */
+	mpz_mul_2exp(dp0, p0, 1);	/* dp0 = 2*p0 */
+	mpz_mul(dp0, dp0, params->q);	/* dp0 = 2*p0*q */
+
+	mpz_cdiv_q(t, tmp, dp0);
+
+ retry:
+	/* c = 2p0*q*t + 1 */
+	mpz_mul(params->p, dp0, t);
+	mpz_add_ui(params->p, params->p, 1);
+
+	if (mpz_sizeinbase(params->p, 2) > p_bits) {
+		/* t = 2^(bits-1)/2qp0 */
+		mpz_set_ui(tmp, 1);
+		mpz_mul_2exp(tmp, tmp, p_bits - 1);
+		mpz_cdiv_q(t, tmp, dp0);
+
+		/* p = t* 2tq p0 + 1 */
+		mpz_mul(params->p, dp0, t);
+		mpz_add_ui(params->p, params->p, 1);
+	}
+
+	cert->pgen_counter++;
+
+	mpz_set_ui(r, 0);
+
+	if (iterations > 0) {
+		for (i = 0; i < iterations; i++) {
+			cert->pseed_length = nettle_mpz_sizeinbase_256_u(s);
+			nettle_mpz_get_str_256(cert->pseed_length, cert->pseed, s);
+
+			hash(&storage[(iterations - i - 1) * DIGEST_SIZE],
+			     cert->pseed_length, cert->pseed);
+			mpz_add_ui(s, s, 1);
+		}
+
+		/* r = a */
+		nettle_mpz_set_str_256_u(r, storage_length, storage);
+	}
+
+	cert->pseed_length = nettle_mpz_sizeinbase_256_u(s);
+	nettle_mpz_get_str_256(cert->pseed_length, cert->pseed, s);
+
+	/* a = 2 + (a mod (p-3)) */
+	mpz_sub_ui(tmp, params->p, 3);	/* c is too large to worry about negatives */
+	mpz_mod(r, r, tmp);
+	mpz_add_ui(r, r, 2);
+
+	/* z = a^(2tq) mod p */
+	mpz_mul_2exp(tmp, t, 1);	/* tmp = 2t */
+	mpz_mul(tmp, tmp, params->q);	/* tmp = 2tq */
+	mpz_powm(z, r, tmp, params->p);
+
+	mpz_sub_ui(tmp, z, 1);
+
+	mpz_gcd(tmp, tmp, params->p);
+	if (mpz_cmp_ui(tmp, 1) == 0) {
+		mpz_powm(tmp, z, p0, params->p);
+		if (mpz_cmp_ui(tmp, 1) == 0) {
+			goto success;
+		}
+	}
+
+	if (progress)
+		progress(progress_ctx, 'x');
+
+	if (cert->pgen_counter >= (4 * p_bits + old_counter))
+		return 0;
+
+	mpz_add_ui(t, t, 1);
+	goto retry;
+
+ success:
+	if (progress)
+		progress(progress_ctx, 'p');
+
+	ret = 1;
+	goto finish;
+
+ fail:
+	ret = 0;
+
+ finish:
+	mpz_clear(dp0);
+	mpz_clear(p0);
+	mpz_clear(tmp);
+	mpz_clear(t);
+	mpz_clear(z);
+	mpz_clear(s);
+	mpz_clear(r);
+	free(storage);
+	return ret;
+}
+
+int
+_dsa_generate_dss_g(struct dsa_params *params,
+		    unsigned domain_seed_size, const uint8_t* domain_seed,
+		    void *progress_ctx, nettle_progress_func * progress,
+		    unsigned index)
+{
+	mpz_t e, w;
+	uint16_t count;
+	uint8_t *dseed = NULL;
+	unsigned dseed_size;
+	unsigned pos;
+	uint8_t digest[DIGEST_SIZE];
+	int ret;
+
+	if (index > 255 || domain_seed_size == 0)
+		return 0;
+
+	dseed_size = domain_seed_size + 4 + 1 + 2;
+	dseed = malloc(dseed_size);
+	if (dseed == NULL)
+		return 0;
+
+	mpz_init(e);
+	mpz_init(w);
+
+	memcpy(dseed, domain_seed, domain_seed_size);
+	pos = domain_seed_size;
+
+	memcpy(dseed + pos, "\x67\x67\x65\x6e", 4);
+	pos += 4;
+
+	*(dseed + pos) = (uint8_t) index;
+	pos += 1;
+
+	mpz_sub_ui(e, params->p, 1);
+	mpz_fdiv_q(e, e, params->q);
+
+	for (count = 1; count < 65535; count++) {
+		*(dseed + pos) = (count >> 8) & 0xff;
+		*(dseed + pos + 1) = count & 0xff;
+
+		hash(digest, dseed_size, dseed);
+
+		nettle_mpz_set_str_256_u(w, DIGEST_SIZE, digest);
+
+		mpz_powm(params->g, w, e, params->p);
+
+		if (mpz_cmp_ui(params->g, 2) >= 0) {
+			/* found */
+			goto success;
+		}
+		if (progress)
+			progress(progress_ctx, 'x');
+	}
+
+	/* if we're here we failed */
+	if (progress)
+		progress(progress_ctx, 'X');
+	ret = 0;
+	goto finish;
+
+ success:
+	if (progress)
+		progress(progress_ctx, 'g');
+
+	ret = 1;
+
+ finish:
+	free(dseed);
+	mpz_clear(e);
+	mpz_clear(w);
+	return ret;
+
+}
+
+/* Generates the public and private DSA (or DH) keys
+ */
+void
+_dsa_generate_dss_xy(struct dsa_params *params,
+		     mpz_t y, mpz_t x,
+		     void *random_ctx, nettle_random_func * random)
+{
+	mpz_t r;
+
+	mpz_init(r);
+	mpz_set(r, params->q);
+	mpz_sub_ui(r, r, 2);
+	nettle_mpz_random(x, random_ctx, random, r);
+	mpz_add_ui(x, x, 1);
+
+	mpz_powm(y, params->g, x, params->p);
+
+	mpz_clear(r);
+}
+
+/* This generates p, q, g params using the algorithms from FIPS 186-4.
+ * For p, q, the Shawe-Taylor algorithm is used.
+ * For g, the verifiable canonical generation of the generator is used.
+ * 
+ * The hash function used is SHA384.
+ * 
+ * pub: The output public key
+ * key: The output private key
+ * cert: A certificate that can be used to verify the generated parameters
+ * index: 1 for digital signatures (DSA), 2 for key establishment (DH)
+ * p_bits: The requested size of p
+ * q_bits: The requested size of q
+ * 
+ */
+int
+dsa_generate_dss_pqg(struct dsa_params *params,
+			 struct dss_params_validation_seeds *cert,
+			 unsigned index,
+			 void *random_ctx, nettle_random_func * random,
+			 void *progress_ctx, nettle_progress_func * progress,
+			 unsigned p_bits /* = L */ , unsigned q_bits /* = N */ )
+{
+	int ret;
+	uint8_t domain_seed[MAX_PVP_SEED_SIZE*3];
+	unsigned domain_seed_size = 0;
+
+	ret = _dsa_check_qp_sizes(q_bits, p_bits, 1);
+	if (ret == 0)
+		return 0;
+
+	cert->seed_length = 2 * (q_bits / 8) + 1;
+
+	if (cert->seed_length > sizeof(cert->seed))
+		return 0;
+
+	random(random_ctx, cert->seed_length, cert->seed);
+
+	ret = _dsa_generate_dss_pq(params, cert, cert->seed_length, cert->seed,
+				   progress_ctx, progress, p_bits, q_bits);
+	if (ret == 0)
+		return 0;
+
+	domain_seed_size = cert->seed_length + cert->qseed_length + cert->pseed_length;
+	memcpy(domain_seed, cert->seed, cert->seed_length);
+	memcpy(&domain_seed[cert->seed_length], cert->pseed, cert->pseed_length);
+	memcpy(&domain_seed[cert->seed_length+cert->pseed_length], cert->qseed, cert->qseed_length);
+	ret = _dsa_generate_dss_g(params, domain_seed_size, domain_seed,
+				  progress_ctx, progress, index);
+	if (ret == 0)
+		return 0;
+
+	return 1;
+}
+
+int
+_dsa_generate_dss_pqg(struct dsa_params *params,
+			 struct dss_params_validation_seeds *cert,
+			 unsigned index,
+			 unsigned seed_size, void *seed,
+			 void *progress_ctx, nettle_progress_func * progress,
+			 unsigned p_bits /* = L */ , unsigned q_bits /* = N */ )
+{
+	int ret;
+	uint8_t domain_seed[MAX_PVP_SEED_SIZE*3];
+	unsigned domain_seed_size = 0;
+
+	ret = _dsa_check_qp_sizes(q_bits, p_bits, 1);
+	if (ret == 0)
+		return 0;
+
+	if (_gnutls_fips_mode_enabled() != 0) {
+		cert->seed_length = 2 * (q_bits / 8) + 1;
+
+		FIPS_RULE(cert->seed_length != seed_size, 0, "unsupported DSA seed length (is %d, should be %d)\n", seed_size, cert->seed_length);
+	} else {
+		cert->seed_length = seed_size;
+	}
+
+	if (cert->seed_length > sizeof(cert->seed))
+		return 0;
+
+
+	memcpy(cert->seed, seed, cert->seed_length);
+
+	ret = _dsa_generate_dss_pq(params, cert, cert->seed_length, cert->seed,
+				   progress_ctx, progress, p_bits, q_bits);
+	if (ret == 0)
+		return 0;
+
+	domain_seed_size = cert->seed_length + cert->qseed_length + cert->pseed_length;
+	memcpy(domain_seed, cert->seed, cert->seed_length);
+	memcpy(&domain_seed[cert->seed_length], cert->pseed, cert->pseed_length);
+	memcpy(&domain_seed[cert->seed_length+cert->pseed_length], cert->qseed, cert->qseed_length);
+	ret = _dsa_generate_dss_g(params, domain_seed_size, domain_seed,
+				  progress_ctx, progress, index);
+	if (ret == 0)
+		return 0;
+
+	return 1;
+}
+
+int
+dsa_generate_dss_keypair(struct dsa_params *params,
+			 mpz_t y,
+			 mpz_t x,
+			 void *random_ctx, nettle_random_func * random,
+			 void *progress_ctx, nettle_progress_func * progress)
+{
+	_dsa_generate_dss_xy(params, y, x, random_ctx, random);
+
+	if (progress)
+		progress(progress_ctx, '\n');
+
+	return 1;
+
+}
diff --git a/lib/nettle/int/dsa-validate.c b/lib/nettle/int/dsa-validate.c
new file mode 100644
index 0000000..6930705
--- /dev/null
+++ b/lib/nettle/int/dsa-validate.c
@@ -0,0 +1,242 @@
+/* dsa-keygen.c
+ *
+ * Generation of DSA keypairs
+ */
+
+/* nettle, low-level cryptographics library
+ *
+ * Copyright (C) 2013 Red Hat
+ *  
+ * The nettle library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ * 
+ * The nettle library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the nettle library; see the file COPYING.LIB.  If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02111-1301, USA.
+ */
+
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <nettle/dsa.h>
+#include <dsa-fips.h>
+
+#include <nettle/bignum.h>
+
+/* This validates the given p, q, g params using the provided
+ * dss_params_validation_seeds.
+ * 
+ * The hash function used is SHA384.
+ * 
+ * pub: The output public key
+ * key: The output private key
+ * cert: A certificate that can be used to verify the generated parameters
+ * index: 1 for digital signatures (DSA), 2 for key establishment (DH)
+ * 
+ */
+int
+dsa_validate_dss_pqg(struct dsa_params *pub,
+		     struct dss_params_validation_seeds *cert, unsigned index)
+{
+	int ret;
+	uint8_t domain_seed[MAX_PVP_SEED_SIZE*3];
+	unsigned domain_seed_size = 0;
+
+	ret = _dsa_validate_dss_pq(pub, cert);
+	if (ret == 0)
+		return 0;
+
+	domain_seed_size = cert->seed_length + cert->qseed_length + cert->pseed_length;
+	memcpy(domain_seed, cert->seed, cert->seed_length);
+	memcpy(&domain_seed[cert->seed_length], cert->pseed, cert->pseed_length);
+	memcpy(&domain_seed[cert->seed_length+cert->pseed_length], cert->qseed, cert->qseed_length);
+
+	ret = _dsa_validate_dss_g(pub, domain_seed_size, domain_seed, index);
+	if (ret == 0)
+		return 0;
+
+	return 1;
+}
+
+int
+_dsa_validate_dss_g(struct dsa_params *pub,
+		    unsigned domain_seed_size, const uint8_t *domain_seed, unsigned index)
+{
+	int ret;
+	unsigned p_bits, q_bits;
+	struct dsa_params pub2;
+	mpz_t r;
+
+	p_bits = mpz_sizeinbase(pub->p, 2);
+	q_bits = mpz_sizeinbase(pub->q, 2);
+
+	ret = _dsa_check_qp_sizes(q_bits, p_bits, 0);
+	if (ret == 0) {
+		return 0;
+	}
+
+	mpz_init(r);
+	dsa_params_init(&pub2);
+
+	mpz_set(pub2.p, pub->p);
+	mpz_set(pub2.q, pub->q);
+
+	/* verify g */
+	if (index > 255) {
+		goto fail;
+	}
+
+	/* 2<= g <= p-1 */
+	mpz_set(r, pub->p);
+	mpz_sub_ui(r, r, 1);
+	if (mpz_cmp_ui(pub->g, 2) < 0 || mpz_cmp(pub->g, r) >= 0) {
+		goto fail;
+	}
+
+	/* g^q == 1 mod p */
+	mpz_powm(r, pub->g, pub->q, pub->p);
+	if (mpz_cmp_ui(r, 1) != 0) {
+		goto fail;
+	}
+
+	/* repeat g generation */
+	ret = _dsa_generate_dss_g(&pub2,
+				  domain_seed_size, domain_seed,
+				  NULL, NULL, index);
+	if (ret == 0) {
+		goto fail;
+	}
+
+	if (mpz_cmp(pub->g, pub2.g) != 0) {
+		goto fail;
+	}
+
+	/* everything looks ok */
+	ret = 1;
+	goto finish;
+
+ fail:
+	ret = 0;
+
+ finish:
+	dsa_params_clear(&pub2);
+	mpz_clear(r);
+
+	return ret;
+}
+
+int
+_dsa_validate_dss_pq(struct dsa_params *pub,
+		     struct dss_params_validation_seeds *cert)
+{
+	int ret;
+	unsigned p_bits, q_bits;
+	struct dsa_params pub2;
+	struct dss_params_validation_seeds cert2;
+	mpz_t r, s;
+
+	p_bits = mpz_sizeinbase(pub->p, 2);
+	q_bits = mpz_sizeinbase(pub->q, 2);
+
+	ret = _dsa_check_qp_sizes(q_bits, p_bits, 0);
+	if (ret == 0) {
+		return 0;
+	}
+
+	mpz_init(r);
+	mpz_init(s);
+	dsa_params_init(&pub2);
+
+	nettle_mpz_set_str_256_u(s, cert->seed_length, cert->seed);
+
+	/* firstseed < 2^(N-1) */
+	mpz_set_ui(r, 1);
+	mpz_mul_2exp(r, r, q_bits - 1);
+
+	if (mpz_cmp(s, r) < 0) {
+		goto fail;
+	}
+
+	/* 2^N <= q */
+	mpz_set_ui(r, 1);
+	mpz_mul_2exp(r, r, q_bits);
+
+	if (mpz_cmp(r, pub->q) <= 0) {
+		goto fail;
+	}
+
+	/* 2^L <= p */
+	mpz_set_ui(r, 1);
+	mpz_mul_2exp(r, r, p_bits);
+
+	if (mpz_cmp(r, pub->p) <= 0) {
+		goto fail;
+	}
+
+	/* p-1 mod q != 0 */
+	mpz_set(r, pub->p);
+	mpz_sub_ui(r, r, 1);
+
+	mpz_mod(r, r, pub->q);
+	if (mpz_cmp_ui(r, 0) != 0) {
+		goto fail;
+	}
+
+	/* replay the construction */
+	ret = _dsa_generate_dss_pq(&pub2, &cert2, cert->seed_length, cert->seed,
+				   NULL, NULL, p_bits, q_bits);
+	if (ret == 0) {
+		goto fail;
+	}
+
+	if ((cert->pseed_length > 0 && cert->pseed_length != cert2.pseed_length)
+	    || (cert->qseed_length > 0
+		&& cert->qseed_length != cert2.qseed_length)
+	    || (cert->pgen_counter > 0
+		&& cert->pgen_counter != cert2.pgen_counter)
+	    || (cert->qgen_counter > 0
+		&& cert->qgen_counter != cert2.qgen_counter)
+	    || (cert->qseed_length > 0
+		&& memcmp(cert->qseed, cert2.qseed, cert2.qseed_length) != 0)
+	    || (cert->pseed_length > 0
+		&& memcmp(cert->pseed, cert2.pseed, cert2.pseed_length) != 0)) {
+		goto fail;
+	}
+
+	if (mpz_cmp(pub->q, pub2.q) != 0) {
+		goto fail;
+	}
+
+	if (mpz_cmp(pub->p, pub2.p) != 0) {
+		goto fail;
+	}
+
+	if (mpz_sizeinbase(s, 2) < q_bits - 1) {
+		goto fail;
+	}
+
+	ret = 1;
+	goto finish;
+
+ fail:
+	ret = 0;
+
+ finish:
+	dsa_params_clear(&pub2);
+	mpz_clear(r);
+	mpz_clear(s);
+
+	return ret;
+}
diff --git a/lib/nettle/int/ecdsa-compute-k.c b/lib/nettle/int/ecdsa-compute-k.c
new file mode 100644
index 0000000..94914eb
--- /dev/null
+++ b/lib/nettle/int/ecdsa-compute-k.c
@@ -0,0 +1,95 @@
+/*
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include "ecdsa-compute-k.h"
+
+#include "dsa-compute-k.h"
+#include "gnutls_int.h"
+
+static inline int
+_gnutls_ecc_curve_to_dsa_q(mpz_t *q, gnutls_ecc_curve_t curve)
+{
+	switch (curve) {
+#ifdef ENABLE_NON_SUITEB_CURVES
+	case GNUTLS_ECC_CURVE_SECP192R1:
+		mpz_init_set_str(*q,
+				 "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836"
+				 "146BC9B1B4D22831",
+				 16);
+		return 0;
+	case GNUTLS_ECC_CURVE_SECP224R1:
+		mpz_init_set_str(*q,
+				 "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2"
+				 "E0B8F03E13DD29455C5C2A3D",
+				 16);
+		return 0;
+#endif
+	case GNUTLS_ECC_CURVE_SECP256R1:
+		mpz_init_set_str(*q,
+				 "FFFFFFFF00000000FFFFFFFFFFFFFFFF"
+				 "BCE6FAADA7179E84F3B9CAC2FC632551",
+				 16);
+		return 0;
+	case GNUTLS_ECC_CURVE_SECP384R1:
+		mpz_init_set_str(*q,
+				 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+				 "FFFFFFFFFFFFFFFFC7634D81F4372DDF"
+				 "581A0DB248B0A77AECEC196ACCC52973",
+				 16);
+		return 0;
+	case GNUTLS_ECC_CURVE_SECP521R1:
+		mpz_init_set_str(*q,
+				 "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+				 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+				 "FFA51868783BF2F966B7FCC0148F709A"
+				 "5D03BB5C9B8899C47AEBB6FB71E91386"
+				 "409",
+				 16);
+		return 0;
+	default:
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM);
+	}
+}
+
+int
+_gnutls_ecdsa_compute_k (mpz_t k,
+			 gnutls_ecc_curve_t curve,
+			 const mpz_t x,
+			 gnutls_mac_algorithm_t mac,
+			 const uint8_t *digest,
+			 size_t length)
+{
+	mpz_t q;
+	int ret;
+
+	ret = _gnutls_ecc_curve_to_dsa_q(&q, curve);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_dsa_compute_k (k, q, x, mac, digest, length);
+	mpz_clear(q);
+	return ret;
+}
diff --git a/lib/nettle/int/ecdsa-compute-k.h b/lib/nettle/int/ecdsa-compute-k.h
new file mode 100644
index 0000000..7ca401d
--- /dev/null
+++ b/lib/nettle/int/ecdsa-compute-k.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_NETTLE_INT_ECDSA_COMPUTE_K_H
+#define GNUTLS_LIB_NETTLE_INT_ECDSA_COMPUTE_K_H
+
+#include <gnutls/gnutls.h>
+#include <nettle/bignum.h> /* includes gmp.h */
+
+int
+_gnutls_ecdsa_compute_k (mpz_t k,
+			 gnutls_ecc_curve_t curve,
+			 const mpz_t x,
+			 gnutls_mac_algorithm_t mac,
+			 const uint8_t *digest,
+			 size_t length);
+
+#endif /* GNUTLS_LIB_NETTLE_INT_ECDSA_COMPUTE_K_H */
diff --git a/lib/nettle/int/mpn-base256.c b/lib/nettle/int/mpn-base256.c
new file mode 100644
index 0000000..88dd00b
--- /dev/null
+++ b/lib/nettle/int/mpn-base256.c
@@ -0,0 +1,97 @@
+/* gmp-glue.c
+
+   Copyright (C) 2013 Niels Möller
+   Copyright (C) 2013 Red Hat
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include "mpn-base256.h"
+
+void
+mpn_set_base256 (mp_limb_t *rp, mp_size_t rn,
+		 const uint8_t *xp, size_t xn)
+{
+  size_t xi;
+  mp_limb_t out;
+  unsigned bits;
+  for (xi = xn, out = bits = 0; xi > 0 && rn > 0; )
+    {
+      mp_limb_t in = xp[--xi];
+      out |= (in << bits) & GMP_NUMB_MASK;
+      bits += 8;
+      if (bits >= GMP_NUMB_BITS)
+	{
+	  *rp++ = out;
+	  rn--;
+
+	  bits -= GMP_NUMB_BITS;
+	  out = in >> (8 - bits);
+	}
+    }
+  if (rn > 0)
+    {
+      *rp++ = out;
+      if (--rn > 0)
+	mpn_zero (rp, rn);
+    }
+}
+
+void
+mpn_get_base256 (uint8_t *rp, size_t rn,
+		 const mp_limb_t *xp, mp_size_t xn)
+{
+  unsigned bits;
+  mp_limb_t in;
+  for (bits = in = 0; xn > 0 && rn > 0; )
+    {
+      if (bits >= 8)
+	{
+	  rp[--rn] = in;
+	  in >>= 8;
+	  bits -= 8;
+	}
+      else
+	{
+	  uint8_t old = in;
+	  in = *xp++;
+	  xn--;
+	  rp[--rn] = old | (in << bits);
+	  in >>= (8 - bits);
+	  bits += GMP_NUMB_BITS - 8;
+	}
+    }
+  while (rn > 0)
+    {
+      rp[--rn] = in;
+      in >>= 8;
+    }
+}
diff --git a/lib/nettle/int/mpn-base256.h b/lib/nettle/int/mpn-base256.h
new file mode 100644
index 0000000..b5ca4af
--- /dev/null
+++ b/lib/nettle/int/mpn-base256.h
@@ -0,0 +1,48 @@
+/* gmp-glue.h
+
+   Copyright (C) 2013 Niels Möller
+   Copyright (C) 2013 Red Hat
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef NETTLE_GMP_GLUE_H_INCLUDED
+#define NETTLE_GMP_GLUE_H_INCLUDED
+
+#include <nettle/bignum.h>
+
+/* Like mpn_set_str, but always writes rn limbs. If input is larger,
+   higher bits are ignored. */
+void
+mpn_set_base256 (mp_limb_t *rp, mp_size_t rn,
+		 const uint8_t *xp, size_t xn);
+
+void
+mpn_get_base256 (uint8_t *rp, size_t rn,
+	         const mp_limb_t *xp, mp_size_t xn);
+
+#endif /* NETTLE_GMP_GLUE_H_INCLUDED */
diff --git a/lib/nettle/int/provable-prime.c b/lib/nettle/int/provable-prime.c
new file mode 100644
index 0000000..585cd03
--- /dev/null
+++ b/lib/nettle/int/provable-prime.c
@@ -0,0 +1,1313 @@
+/* bignum-random-prime.c
+ *
+ * Generation of random provable primes.
+ */
+
+/* Copyright (C) 2013 Red Hat
+ *
+ * The nettle library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ *
+ * The nettle library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the nettle library; see the file COPYING.LIB.  If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02111-1301, USA.
+ */
+
+#if HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <assert.h>
+#include <stdlib.h>
+#include <nettle/memxor.h>
+#include <nettle/bignum.h>
+#include <dsa-fips.h>
+
+#include <nettle/macros.h>
+
+static const uint16_t primes[] = {
+	3, 5, 7, 11, 13, 17, 19,
+	23, 29, 31, 37, 41, 43, 47,
+	53, 59, 61, 67, 71, 73, 79,
+	83, 89, 97, 101, 103, 107, 109,
+	113, 127, 131, 137, 139, 149, 151,
+	157, 163, 167, 173, 179, 181, 191,
+	193, 197, 199, 211, 223, 227, 229,
+	233, 239, 241, 251, 257, 263, 269,
+	271, 277, 281, 283, 293, 307, 311,
+	313, 317, 331, 337, 347, 349, 353,
+	359, 367, 373, 379, 383, 389, 397,
+	401, 409, 419, 421, 431, 433, 439,
+	443, 449, 457, 461, 463, 467, 479,
+	487, 491, 499, 503, 509, 521, 523,
+	541, 547, 557, 563, 569, 571, 577,
+	587, 593, 599, 601, 607, 613, 617,
+	619, 631, 641, 643, 647, 653, 659,
+	661, 673, 677, 683, 691, 701, 709,
+	719, 727, 733, 739, 743, 751, 757,
+	761, 769, 773, 787, 797, 809, 811,
+	821, 823, 827, 829, 839, 853, 857,
+	859, 863, 877, 881, 883, 887, 907,
+	911, 919, 929, 937, 941, 947, 953,
+	967, 971, 977, 983, 991, 997, 1009,
+	1013, 1019, 1021, 1031, 1033, 1039, 1049,
+	1051, 1061, 1063, 1069, 1087, 1091, 1093,
+	1097, 1103, 1109, 1117, 1123, 1129, 1151,
+	1153, 1163, 1171, 1181, 1187, 1193, 1201,
+	1213, 1217, 1223, 1229, 1231, 1237, 1249,
+	1259, 1277, 1279, 1283, 1289, 1291, 1297,
+	1301, 1303, 1307, 1319, 1321, 1327, 1361,
+	1367, 1373, 1381, 1399, 1409, 1423, 1427,
+	1429, 1433, 1439, 1447, 1451, 1453, 1459,
+	1471, 1481, 1483, 1487, 1489, 1493, 1499,
+	1511, 1523, 1531, 1543, 1549, 1553, 1559,
+	1567, 1571, 1579, 1583, 1597, 1601, 1607,
+	1609, 1613, 1619, 1621, 1627, 1637, 1657,
+	1663, 1667, 1669, 1693, 1697, 1699, 1709,
+	1721, 1723, 1733, 1741, 1747, 1753, 1759,
+	1777, 1783, 1787, 1789, 1801, 1811, 1823,
+	1831, 1847, 1861, 1867, 1871, 1873, 1877,
+	1879, 1889, 1901, 1907, 1913, 1931, 1933,
+	1949, 1951, 1973, 1979, 1987, 1993, 1997,
+	1999, 2003, 2011, 2017, 2027, 2029, 2039,
+	2053, 2063, 2069, 2081, 2083, 2087, 2089,
+	2099, 2111, 2113, 2129, 2131, 2137, 2141,
+	2143, 2153, 2161, 2179, 2203, 2207, 2213,
+	2221, 2237, 2239, 2243, 2251, 2267, 2269,
+	2273, 2281, 2287, 2293, 2297, 2309, 2311,
+	2333, 2339, 2341, 2347, 2351, 2357, 2371,
+	2377, 2381, 2383, 2389, 2393, 2399, 2411,
+	2417, 2423, 2437, 2441, 2447, 2459, 2467,
+	2473, 2477, 2503, 2521, 2531, 2539, 2543,
+	2549, 2551, 2557, 2579, 2591, 2593, 2609,
+	2617, 2621, 2633, 2647, 2657, 2659, 2663,
+	2671, 2677, 2683, 2687, 2689, 2693, 2699,
+	2707, 2711, 2713, 2719, 2729, 2731, 2741,
+	2749, 2753, 2767, 2777, 2789, 2791, 2797,
+	2801, 2803, 2819, 2833, 2837, 2843, 2851,
+	2857, 2861, 2879, 2887, 2897, 2903, 2909,
+	2917, 2927, 2939, 2953, 2957, 2963, 2969,
+	2971, 2999, 3001, 3011, 3019, 3023, 3037,
+	3041, 3049, 3061, 3067, 3079, 3083, 3089,
+	3109, 3119, 3121, 3137, 3163, 3167, 3169,
+	3181, 3187, 3191, 3203, 3209, 3217, 3221,
+	3229, 3251, 3253, 3257, 3259, 3271, 3299,
+	3301, 3307, 3313, 3319, 3323, 3329, 3331,
+	3343, 3347, 3359, 3361, 3371, 3373, 3389,
+	3391, 3407, 3413, 3433, 3449, 3457, 3461,
+	3463, 3467, 3469, 3491, 3499, 3511, 3517,
+	3527, 3529, 3533, 3539, 3541, 3547, 3557,
+	3559, 3571, 3581, 3583, 3593, 3607, 3613,
+	3617, 3623, 3631, 3637, 3643, 3659, 3671,
+	3673, 3677, 3691, 3697, 3701, 3709, 3719,
+	3727, 3733, 3739, 3761, 3767, 3769, 3779,
+	3793, 3797, 3803, 3821, 3823, 3833, 3847,
+	3851, 3853, 3863, 3877, 3881, 3889, 3907,
+	3911, 3917, 3919, 3923, 3929, 3931, 3943,
+	3947, 3967, 3989, 4001, 4003, 4007, 4013,
+	4019, 4021, 4027, 4049, 4051, 4057, 4073,
+	4079, 4091, 4093, 4099, 4111, 4127, 4129,
+	4133, 4139, 4153, 4157, 4159, 4177, 4201,
+	4211, 4217, 4219, 4229, 4231, 4241, 4243,
+	4253, 4259, 4261, 4271, 4273, 4283, 4289,
+	4297, 4327, 4337, 4339, 4349, 4357, 4363,
+	4373, 4391, 4397, 4409, 4421, 4423, 4441,
+	4447, 4451, 4457, 4463, 4481, 4483, 4493,
+	4507, 4513, 4517, 4519, 4523, 4547, 4549,
+	4561, 4567, 4583, 4591, 4597, 4603, 4621,
+	4637, 4639, 4643, 4649, 4651, 4657, 4663,
+	4673, 4679, 4691, 4703, 4721, 4723, 4729,
+	4733, 4751, 4759, 4783, 4787, 4789, 4793,
+	4799, 4801, 4813, 4817, 4831, 4861, 4871,
+	4877, 4889, 4903, 4909, 4919, 4931, 4933,
+	4937, 4943, 4951, 4957, 4967, 4969, 4973,
+	4987, 4993, 4999, 5003, 5009, 5011, 5021,
+	5023, 5039, 5051, 5059, 5077, 5081, 5087,
+	5099, 5101, 5107, 5113, 5119, 5147, 5153,
+	5167, 5171, 5179, 5189, 5197, 5209, 5227,
+	5231, 5233, 5237, 5261, 5273, 5279, 5281,
+	5297, 5303, 5309, 5323, 5333, 5347, 5351,
+	5381, 5387, 5393, 5399, 5407, 5413, 5417,
+	5419, 5431, 5437, 5441, 5443, 5449, 5471,
+	5477, 5479, 5483, 5501, 5503, 5507, 5519,
+	5521, 5527, 5531, 5557, 5563, 5569, 5573,
+	5581, 5591, 5623, 5639, 5641, 5647, 5651,
+	5653, 5657, 5659, 5669, 5683, 5689, 5693,
+	5701, 5711, 5717, 5737, 5741, 5743, 5749,
+	5779, 5783, 5791, 5801, 5807, 5813, 5821,
+	5827, 5839, 5843, 5849, 5851, 5857, 5861,
+	5867, 5869, 5879, 5881, 5897, 5903, 5923,
+	5927, 5939, 5953, 5981, 5987, 6007, 6011,
+	6029, 6037, 6043, 6047, 6053, 6067, 6073,
+	6079, 6089, 6091, 6101, 6113, 6121, 6131,
+	6133, 6143, 6151, 6163, 6173, 6197, 6199,
+	6203, 6211, 6217, 6221, 6229, 6247, 6257,
+	6263, 6269, 6271, 6277, 6287, 6299, 6301,
+	6311, 6317, 6323, 6329, 6337, 6343, 6353,
+	6359, 6361, 6367, 6373, 6379, 6389, 6397,
+	6421, 6427, 6449, 6451, 6469, 6473, 6481,
+	6491, 6521, 6529, 6547, 6551, 6553, 6563,
+	6569, 6571, 6577, 6581, 6599, 6607, 6619,
+	6637, 6653, 6659, 6661, 6673, 6679, 6689,
+	6691, 6701, 6703, 6709, 6719, 6733, 6737,
+	6761, 6763, 6779, 6781, 6791, 6793, 6803,
+	6823, 6827, 6829, 6833, 6841, 6857, 6863,
+	6869, 6871, 6883, 6899, 6907, 6911, 6917,
+	6947, 6949, 6959, 6961, 6967, 6971, 6977,
+	6983, 6991, 6997, 7001, 7013, 7019, 7027,
+	7039, 7043, 7057, 7069, 7079, 7103, 7109,
+	7121, 7127, 7129, 7151, 7159, 7177, 7187,
+	7193, 7207, 7211, 7213, 7219, 7229, 7237,
+	7243, 7247, 7253, 7283, 7297, 7307, 7309,
+	7321, 7331, 7333, 7349, 7351, 7369, 7393,
+	7411, 7417, 7433, 7451, 7457, 7459, 7477,
+	7481, 7487, 7489, 7499, 7507, 7517, 7523,
+	7529, 7537, 7541, 7547, 7549, 7559, 7561,
+	7573, 7577, 7583, 7589, 7591, 7603, 7607,
+	7621, 7639, 7643, 7649, 7669, 7673, 7681,
+	7687, 7691, 7699, 7703, 7717, 7723, 7727,
+	7741, 7753, 7757, 7759, 7789, 7793, 7817,
+	7823, 7829, 7841, 7853, 7867, 7873, 7877,
+	7879, 7883, 7901, 7907, 7919, 7927, 7933,
+	7937, 7949, 7951, 7963, 7993, 8009, 8011,
+	8017, 8039, 8053, 8059, 8069, 8081, 8087,
+	8089, 8093, 8101, 8111, 8117, 8123, 8147,
+	8161, 8167, 8171, 8179, 8191, 8209, 8219,
+	8221, 8231, 8233, 8237, 8243, 8263, 8269,
+	8273, 8287, 8291, 8293, 8297, 8311, 8317,
+	8329, 8353, 8363, 8369, 8377, 8387, 8389,
+	8419, 8423, 8429, 8431, 8443, 8447, 8461,
+	8467, 8501, 8513, 8521, 8527, 8537, 8539,
+	8543, 8563, 8573, 8581, 8597, 8599, 8609,
+	8623, 8627, 8629, 8641, 8647, 8663, 8669,
+	8677, 8681, 8689, 8693, 8699, 8707, 8713,
+	8719, 8731, 8737, 8741, 8747, 8753, 8761,
+	8779, 8783, 8803, 8807, 8819, 8821, 8831,
+	8837, 8839, 8849, 8861, 8863, 8867, 8887,
+	8893, 8923, 8929, 8933, 8941, 8951, 8963,
+	8969, 8971, 8999, 9001, 9007, 9011, 9013,
+	9029, 9041, 9043, 9049, 9059, 9067, 9091,
+	9103, 9109, 9127, 9133, 9137, 9151, 9157,
+	9161, 9173, 9181, 9187, 9199, 9203, 9209,
+	9221, 9227, 9239, 9241, 9257, 9277, 9281,
+	9283, 9293, 9311, 9319, 9323, 9337, 9341,
+	9343, 9349, 9371, 9377, 9391, 9397, 9403,
+	9413, 9419, 9421, 9431, 9433, 9437, 9439,
+	9461, 9463, 9467, 9473, 9479, 9491, 9497,
+	9511, 9521, 9533, 9539, 9547, 9551, 9587,
+	9601, 9613, 9619, 9623, 9629, 9631, 9643,
+	9649, 9661, 9677, 9679, 9689, 9697, 9719,
+	9721, 9733, 9739, 9743, 9749, 9767, 9769,
+	9781, 9787, 9791, 9803, 9811, 9817, 9829,
+	9833, 9839, 9851, 9857, 9859, 9871, 9883,
+	9887, 9901, 9907, 9923, 9929, 9931, 9941,
+	9949, 9967, 9973, 10007, 10009, 10037, 10039,
+	10061, 10067, 10069, 10079, 10091, 10093, 10099,
+	10103, 10111, 10133, 10139, 10141, 10151, 10159,
+	10163, 10169, 10177, 10181, 10193, 10211, 10223,
+	10243, 10247, 10253, 10259, 10267, 10271, 10273,
+	10289, 10301, 10303, 10313, 10321, 10331, 10333,
+	10337, 10343, 10357, 10369, 10391, 10399, 10427,
+	10429, 10433, 10453, 10457, 10459, 10463, 10477,
+	10487, 10499, 10501, 10513, 10529, 10531, 10559,
+	10567, 10589, 10597, 10601, 10607, 10613, 10627,
+	10631, 10639, 10651, 10657, 10663, 10667, 10687,
+	10691, 10709, 10711, 10723, 10729, 10733, 10739,
+	10753, 10771, 10781, 10789, 10799, 10831, 10837,
+	10847, 10853, 10859, 10861, 10867, 10883, 10889,
+	10891, 10903, 10909, 10937, 10939, 10949, 10957,
+	10973, 10979, 10987, 10993, 11003, 11027, 11047,
+	11057, 11059, 11069, 11071, 11083, 11087, 11093,
+	11113, 11117, 11119, 11131, 11149, 11159, 11161,
+	11171, 11173, 11177, 11197, 11213, 11239, 11243,
+	11251, 11257, 11261, 11273, 11279, 11287, 11299,
+	11311, 11317, 11321, 11329, 11351, 11353, 11369,
+	11383, 11393, 11399, 11411, 11423, 11437, 11443,
+	11447, 11467, 11471, 11483, 11489, 11491, 11497,
+	11503, 11519, 11527, 11549, 11551, 11579, 11587,
+	11593, 11597, 11617, 11621, 11633, 11657, 11677,
+	11681, 11689, 11699, 11701, 11717, 11719, 11731,
+	11743, 11777, 11779, 11783, 11789, 11801, 11807,
+	11813, 11821, 11827, 11831, 11833, 11839, 11863,
+	11867, 11887, 11897, 11903, 11909, 11923, 11927,
+	11933, 11939, 11941, 11953, 11959, 11969, 11971,
+	11981, 11987, 12007, 12011, 12037, 12041, 12043,
+	12049, 12071, 12073, 12097, 12101, 12107, 12109,
+	12113, 12119, 12143, 12149, 12157, 12161, 12163,
+	12197, 12203, 12211, 12227, 12239, 12241, 12251,
+	12253, 12263, 12269, 12277, 12281, 12289, 12301,
+	12323, 12329, 12343, 12347, 12373, 12377, 12379,
+	12391, 12401, 12409, 12413, 12421, 12433, 12437,
+	12451, 12457, 12473, 12479, 12487, 12491, 12497,
+	12503, 12511, 12517, 12527, 12539, 12541, 12547,
+	12553, 12569, 12577, 12583, 12589, 12601, 12611,
+	12613, 12619, 12637, 12641, 12647, 12653, 12659,
+	12671, 12689, 12697, 12703, 12713, 12721, 12739,
+	12743, 12757, 12763, 12781, 12791, 12799, 12809,
+	12821, 12823, 12829, 12841, 12853, 12889, 12893,
+	12899, 12907, 12911, 12917, 12919, 12923, 12941,
+	12953, 12959, 12967, 12973, 12979, 12983, 13001,
+	13003, 13007, 13009, 13033, 13037, 13043, 13049,
+	13063, 13093, 13099, 13103, 13109, 13121, 13127,
+	13147, 13151, 13159, 13163, 13171, 13177, 13183,
+	13187, 13217, 13219, 13229, 13241, 13249, 13259,
+	13267, 13291, 13297, 13309, 13313, 13327, 13331,
+	13337, 13339, 13367, 13381, 13397, 13399, 13411,
+	13417, 13421, 13441, 13451, 13457, 13463, 13469,
+	13477, 13487, 13499, 13513, 13523, 13537, 13553,
+	13567, 13577, 13591, 13597, 13613, 13619, 13627,
+	13633, 13649, 13669, 13679, 13681, 13687, 13691,
+	13693, 13697, 13709, 13711, 13721, 13723, 13729,
+	13751, 13757, 13759, 13763, 13781, 13789, 13799,
+	13807, 13829, 13831, 13841, 13859, 13873, 13877,
+	13879, 13883, 13901, 13903, 13907, 13913, 13921,
+	13931, 13933, 13963, 13967, 13997, 13999, 14009,
+	14011, 14029, 14033, 14051, 14057, 14071, 14081,
+	14083, 14087, 14107, 14143, 14149, 14153, 14159,
+	14173, 14177, 14197, 14207, 14221, 14243, 14249,
+	14251, 14281, 14293, 14303, 14321, 14323, 14327,
+	14341, 14347, 14369, 14387, 14389, 14401, 14407,
+	14411, 14419, 14423, 14431, 14437, 14447, 14449,
+	14461, 14479, 14489, 14503, 14519, 14533, 14537,
+	14543, 14549, 14551, 14557, 14561, 14563, 14591,
+	14593, 14621, 14627, 14629, 14633, 14639, 14653,
+	14657, 14669, 14683, 14699, 14713, 14717, 14723,
+	14731, 14737, 14741, 14747, 14753, 14759, 14767,
+	14771, 14779, 14783, 14797, 14813, 14821, 14827,
+	14831, 14843, 14851, 14867, 14869, 14879, 14887,
+	14891, 14897, 14923, 14929, 14939, 14947, 14951,
+	14957, 14969, 14983, 15013, 15017, 15031, 15053,
+	15061, 15073, 15077, 15083, 15091, 15101, 15107,
+	15121, 15131, 15137, 15139, 15149, 15161, 15173,
+	15187, 15193, 15199, 15217, 15227, 15233, 15241,
+	15259, 15263, 15269, 15271, 15277, 15287, 15289,
+	15299, 15307, 15313, 15319, 15329, 15331, 15349,
+	15359, 15361, 15373, 15377, 15383, 15391, 15401,
+	15413, 15427, 15439, 15443, 15451, 15461, 15467,
+	15473, 15493, 15497, 15511, 15527, 15541, 15551,
+	15559, 15569, 15581, 15583, 15601, 15607, 15619,
+	15629, 15641, 15643, 15647, 15649, 15661, 15667,
+	15671, 15679, 15683, 15727, 15731, 15733, 15737,
+	15739, 15749, 15761, 15767, 15773, 15787, 15791,
+	15797, 15803, 15809, 15817, 15823, 15859, 15877,
+	15881, 15887, 15889, 15901, 15907, 15913, 15919,
+	15923, 15937, 15959, 15971, 15973, 15991, 16001,
+	16007, 16033, 16057, 16061, 16063, 16067, 16069,
+	16073, 16087, 16091, 16097, 16103, 16111, 16127,
+	16139, 16141, 16183, 16187, 16189, 16193, 16217,
+	16223, 16229, 16231, 16249, 16253, 16267, 16273,
+	16301, 16319, 16333, 16339, 16349, 16361, 16363,
+	16369, 16381, 16411, 16417, 16421, 16427, 16433,
+	16447, 16451, 16453, 16477, 16481, 16487, 16493,
+	16519, 16529, 16547, 16553, 16561, 16567, 16573,
+	16603, 16607, 16619, 16631, 16633, 16649, 16651,
+	16657, 16661, 16673, 16691, 16693, 16699, 16703,
+	16729, 16741, 16747, 16759, 16763, 16787, 16811,
+	16823, 16829, 16831, 16843, 16871, 16879, 16883,
+	16889, 16901, 16903, 16921, 16927, 16931, 16937,
+	16943, 16963, 16979, 16981, 16987, 16993, 17011,
+	17021, 17027, 17029, 17033, 17041, 17047, 17053,
+	17077, 17093, 17099, 17107, 17117, 17123, 17137,
+	17159, 17167, 17183, 17189, 17191, 17203, 17207,
+	17209, 17231, 17239, 17257, 17291, 17293, 17299,
+	17317, 17321, 17327, 17333, 17341, 17351, 17359,
+	17377, 17383, 17387, 17389, 17393, 17401, 17417,
+	17419, 17431, 17443, 17449, 17467, 17471, 17477,
+	17483, 17489, 17491, 17497, 17509, 17519, 17539,
+	17551, 17569, 17573, 17579, 17581, 17597, 17599,
+	17609, 17623, 17627, 17657, 17659, 17669, 17681,
+	17683, 17707, 17713, 17729, 17737, 17747, 17749,
+	17761, 17783, 17789, 17791, 17807, 17827, 17837,
+	17839, 17851, 17863, 17881, 17891, 17903, 17909,
+	17911, 17921, 17923, 17929, 17939, 17957, 17959,
+	17971, 17977, 17981, 17987, 17989, 18013, 18041,
+	18043, 18047, 18049, 18059, 18061, 18077, 18089,
+	18097, 18119, 18121, 18127, 18131, 18133, 18143,
+	18149, 18169, 18181, 18191, 18199, 18211, 18217,
+	18223, 18229, 18233, 18251, 18253, 18257, 18269,
+	18287, 18289, 18301, 18307, 18311, 18313, 18329,
+	18341, 18353, 18367, 18371, 18379, 18397, 18401,
+	18413, 18427, 18433, 18439, 18443, 18451, 18457,
+	18461, 18481, 18493, 18503, 18517, 18521, 18523,
+	18539, 18541, 18553, 18583, 18587, 18593, 18617,
+	18637, 18661, 18671, 18679, 18691, 18701, 18713,
+	18719, 18731, 18743, 18749, 18757, 18773, 18787,
+	18793, 18797, 18803, 18839, 18859, 18869, 18899,
+	18911, 18913, 18917, 18919, 18947, 18959, 18973,
+	18979, 19001, 19009, 19013, 19031, 19037, 19051,
+	19069, 19073, 19079, 19081, 19087, 19121, 19139,
+	19141, 19157, 19163, 19181, 19183, 19207, 19211,
+	19213, 19219, 19231, 19237, 19249, 19259, 19267,
+	19273, 19289, 19301, 19309, 19319, 19333, 19373,
+	19379, 19381, 19387, 19391, 19403, 19417, 19421,
+	19423, 19427, 19429, 19433, 19441, 19447, 19457,
+	19463, 19469, 19471, 19477, 19483, 19489, 19501,
+	19507, 19531, 19541, 19543, 19553, 19559, 19571,
+	19577, 19583, 19597, 19603, 19609, 19661, 19681,
+	19687, 19697, 19699, 19709, 19717, 19727, 19739,
+	19751, 19753, 19759, 19763, 19777, 19793, 19801,
+	19813, 19819, 19841, 19843, 19853, 19861, 19867,
+	19889, 19891, 19913, 19919, 19927, 19937, 19949,
+	19961, 19963, 19973, 19979, 19991, 19993, 19997,
+	20011, 20021, 20023, 20029, 20047, 20051, 20063,
+	20071, 20089, 20101, 20107, 20113, 20117, 20123,
+	20129, 20143, 20147, 20149, 20161, 20173, 20177,
+	20183, 20201, 20219, 20231, 20233, 20249, 20261,
+	20269, 20287, 20297, 20323, 20327, 20333, 20341,
+	20347, 20353, 20357, 20359, 20369, 20389, 20393,
+	20399, 20407, 20411, 20431, 20441, 20443, 20477,
+	20479, 20483, 20507, 20509, 20521, 20533, 20543,
+	20549, 20551, 20563, 20593, 20599, 20611, 20627,
+	20639, 20641, 20663, 20681, 20693, 20707, 20717,
+	20719, 20731, 20743, 20747, 20749, 20753, 20759,
+	20771, 20773, 20789, 20807, 20809, 20849, 20857,
+	20873, 20879, 20887, 20897, 20899, 20903, 20921,
+	20929, 20939, 20947, 20959, 20963, 20981, 20983,
+	21001, 21011, 21013, 21017, 21019, 21023, 21031,
+	21059, 21061, 21067, 21089, 21101, 21107, 21121,
+	21139, 21143, 21149, 21157, 21163, 21169, 21179,
+	21187, 21191, 21193, 21211, 21221, 21227, 21247,
+	21269, 21277, 21283, 21313, 21317, 21319, 21323,
+	21341, 21347, 21377, 21379, 21383, 21391, 21397,
+	21401, 21407, 21419, 21433, 21467, 21481, 21487,
+	21491, 21493, 21499, 21503, 21517, 21521, 21523,
+	21529, 21557, 21559, 21563, 21569, 21577, 21587,
+	21589, 21599, 21601, 21611, 21613, 21617, 21647,
+	21649, 21661, 21673, 21683, 21701, 21713, 21727,
+	21737, 21739, 21751, 21757, 21767, 21773, 21787,
+	21799, 21803, 21817, 21821, 21839, 21841, 21851,
+	21859, 21863, 21871, 21881, 21893, 21911, 21929,
+	21937, 21943, 21961, 21977, 21991, 21997, 22003,
+	22013, 22027, 22031, 22037, 22039, 22051, 22063,
+	22067, 22073, 22079, 22091, 22093, 22109, 22111,
+	22123, 22129, 22133, 22147, 22153, 22157, 22159,
+	22171, 22189, 22193, 22229, 22247, 22259, 22271,
+	22273, 22277, 22279, 22283, 22291, 22303, 22307,
+	22343, 22349, 22367, 22369, 22381, 22391, 22397,
+	22409, 22433, 22441, 22447, 22453, 22469, 22481,
+	22483, 22501, 22511, 22531, 22541, 22543, 22549,
+	22567, 22571, 22573, 22613, 22619, 22621, 22637,
+	22639, 22643, 22651, 22669, 22679, 22691, 22697,
+	22699, 22709, 22717, 22721, 22727, 22739, 22741,
+	22751, 22769, 22777, 22783, 22787, 22807, 22811,
+	22817, 22853, 22859, 22861, 22871, 22877, 22901,
+	22907, 22921, 22937, 22943, 22961, 22963, 22973,
+	22993, 23003, 23011, 23017, 23021, 23027, 23029,
+	23039, 23041, 23053, 23057, 23059, 23063, 23071,
+	23081, 23087, 23099, 23117, 23131, 23143, 23159,
+	23167, 23173, 23189, 23197, 23201, 23203, 23209,
+	23227, 23251, 23269, 23279, 23291, 23293, 23297,
+	23311, 23321, 23327, 23333, 23339, 23357, 23369,
+	23371, 23399, 23417, 23431, 23447, 23459, 23473,
+	23497, 23509, 23531, 23537, 23539, 23549, 23557,
+	23561, 23563, 23567, 23581, 23593, 23599, 23603,
+	23609, 23623, 23627, 23629, 23633, 23663, 23669,
+	23671, 23677, 23687, 23689, 23719, 23741, 23743,
+	23747, 23753, 23761, 23767, 23773, 23789, 23801,
+	23813, 23819, 23827, 23831, 23833, 23857, 23869,
+	23873, 23879, 23887, 23893, 23899, 23909, 23911,
+	23917, 23929, 23957, 23971, 23977, 23981, 23993,
+	24001, 24007, 24019, 24023, 24029, 24043, 24049,
+	24061, 24071, 24077, 24083, 24091, 24097, 24103,
+	24107, 24109, 24113, 24121, 24133, 24137, 24151,
+	24169, 24179, 24181, 24197, 24203, 24223, 24229,
+	24239, 24247, 24251, 24281, 24317, 24329, 24337,
+	24359, 24371, 24373, 24379, 24391, 24407, 24413,
+	24419, 24421, 24439, 24443, 24469, 24473, 24481,
+	24499, 24509, 24517, 24527, 24533, 24547, 24551,
+	24571, 24593, 24611, 24623, 24631, 24659, 24671,
+	24677, 24683, 24691, 24697, 24709, 24733, 24749,
+	24763, 24767, 24781, 24793, 24799, 24809, 24821,
+	24841, 24847, 24851, 24859, 24877, 24889, 24907,
+	24917, 24919, 24923, 24943, 24953, 24967, 24971,
+	24977, 24979, 24989, 25013, 25031, 25033, 25037,
+	25057, 25073, 25087, 25097, 25111, 25117, 25121,
+	25127, 25147, 25153, 25163, 25169, 25171, 25183,
+	25189, 25219, 25229, 25237, 25243, 25247, 25253,
+	25261, 25301, 25303, 25307, 25309, 25321, 25339,
+	25343, 25349, 25357, 25367, 25373, 25391, 25409,
+	25411, 25423, 25439, 25447, 25453, 25457, 25463,
+	25469, 25471, 25523, 25537, 25541, 25561, 25577,
+	25579, 25583, 25589, 25601, 25603, 25609, 25621,
+	25633, 25639, 25643, 25657, 25667, 25673, 25679,
+	25693, 25703, 25717, 25733, 25741, 25747, 25759,
+	25763, 25771, 25793, 25799, 25801, 25819, 25841,
+	25847, 25849, 25867, 25873, 25889, 25903, 25913,
+	25919, 25931, 25933, 25939, 25943, 25951, 25969,
+	25981, 25997, 25999, 26003, 26017, 26021, 26029,
+	26041, 26053, 26083, 26099, 26107, 26111, 26113,
+	26119, 26141, 26153, 26161, 26171, 26177, 26183,
+	26189, 26203, 26209, 26227, 26237, 26249, 26251,
+	26261, 26263, 26267, 26293, 26297, 26309, 26317,
+	26321, 26339, 26347, 26357, 26371, 26387, 26393,
+	26399, 26407, 26417, 26423, 26431, 26437, 26449,
+	26459, 26479, 26489, 26497, 26501, 26513, 26539,
+	26557, 26561, 26573, 26591, 26597, 26627, 26633,
+	26641, 26647, 26669, 26681, 26683, 26687, 26693,
+	26699, 26701, 26711, 26713, 26717, 26723, 26729,
+	26731, 26737, 26759, 26777, 26783, 26801, 26813,
+	26821, 26833, 26839, 26849, 26861, 26863, 26879,
+	26881, 26891, 26893, 26903, 26921, 26927, 26947,
+	26951, 26953, 26959, 26981, 26987, 26993, 27011,
+	27017, 27031, 27043, 27059, 27061, 27067, 27073,
+	27077, 27091, 27103, 27107, 27109, 27127, 27143,
+	27179, 27191, 27197, 27211, 27239, 27241, 27253,
+	27259, 27271, 27277, 27281, 27283, 27299, 27329,
+	27337, 27361, 27367, 27397, 27407, 27409, 27427,
+	27431, 27437, 27449, 27457, 27479, 27481, 27487,
+	27509, 27527, 27529, 27539, 27541, 27551, 27581,
+	27583, 27611, 27617, 27631, 27647, 27653, 27673,
+	27689, 27691, 27697, 27701, 27733, 27737, 27739,
+	27743, 27749, 27751, 27763, 27767, 27773, 27779,
+	27791, 27793, 27799, 27803, 27809, 27817, 27823,
+	27827, 27847, 27851, 27883, 27893, 27901, 27917,
+	27919, 27941, 27943, 27947, 27953, 27961, 27967,
+	27983, 27997, 28001, 28019, 28027, 28031, 28051,
+	28057, 28069, 28081, 28087, 28097, 28099, 28109,
+	28111, 28123, 28151, 28163, 28181, 28183, 28201,
+	28211, 28219, 28229, 28277, 28279, 28283, 28289,
+	28297, 28307, 28309, 28319, 28349, 28351, 28387,
+	28393, 28403, 28409, 28411, 28429, 28433, 28439,
+	28447, 28463, 28477, 28493, 28499, 28513, 28517,
+	28537, 28541, 28547, 28549, 28559, 28571, 28573,
+	28579, 28591, 28597, 28603, 28607, 28619, 28621,
+	28627, 28631, 28643, 28649, 28657, 28661, 28663,
+	28669, 28687, 28697, 28703, 28711, 28723, 28729,
+	28751, 28753, 28759, 28771, 28789, 28793, 28807,
+	28813, 28817, 28837, 28843, 28859, 28867, 28871,
+	28879, 28901, 28909, 28921, 28927, 28933, 28949,
+	28961, 28979, 29009, 29017, 29021, 29023, 29027,
+	29033, 29059, 29063, 29077, 29101, 29123, 29129,
+	29131, 29137, 29147, 29153, 29167, 29173, 29179,
+	29191, 29201, 29207, 29209, 29221, 29231, 29243,
+	29251, 29269, 29287, 29297, 29303, 29311, 29327,
+	29333, 29339, 29347, 29363, 29383, 29387, 29389,
+	29399, 29401, 29411, 29423, 29429, 29437, 29443,
+	29453, 29473, 29483, 29501, 29527, 29531, 29537,
+	29567, 29569, 29573, 29581, 29587, 29599, 29611,
+	29629, 29633, 29641, 29663, 29669, 29671, 29683,
+	29717, 29723, 29741, 29753, 29759, 29761, 29789,
+	29803, 29819, 29833, 29837, 29851, 29863, 29867,
+	29873, 29879, 29881, 29917, 29921, 29927, 29947,
+	29959, 29983, 29989, 30011, 30013, 30029, 30047,
+	30059, 30071, 30089, 30091, 30097, 30103, 30109,
+	30113, 30119, 30133, 30137, 30139, 30161, 30169,
+	30181, 30187, 30197, 30203, 30211, 30223, 30241,
+	30253, 30259, 30269, 30271, 30293, 30307, 30313,
+	30319, 30323, 30341, 30347, 30367, 30389, 30391,
+	30403, 30427, 30431, 30449, 30467, 30469, 30491,
+	30493, 30497, 30509, 30517, 30529, 30539, 30553,
+	30557, 30559, 30577, 30593, 30631, 30637, 30643,
+	30649, 30661, 30671, 30677, 30689, 30697, 30703,
+	30707, 30713, 30727, 30757, 30763, 30773, 30781,
+	30803, 30809, 30817, 30829, 30839, 30841, 30851,
+	30853, 30859, 30869, 30871, 30881, 30893, 30911,
+	30931, 30937, 30941, 30949, 30971, 30977, 30983,
+	31013, 31019, 31033, 31039, 31051, 31063, 31069,
+	31079, 31081, 31091, 31121, 31123, 31139, 31147,
+	31151, 31153, 31159, 31177, 31181, 31183, 31189,
+	31193, 31219, 31223, 31231, 31237, 31247, 31249,
+	31253, 31259, 31267, 31271, 31277, 31307, 31319,
+	31321, 31327, 31333, 31337, 31357, 31379, 31387,
+	31391, 31393, 31397, 31469, 31477, 31481, 31489,
+	31511, 31513, 31517, 31531, 31541, 31543, 31547,
+	31567, 31573, 31583, 31601, 31607, 31627, 31643,
+	31649, 31657, 31663, 31667, 31687, 31699, 31721,
+	31723, 31727, 31729, 31741, 31751, 31769, 31771,
+	31793, 31799, 31817, 31847, 31849, 31859, 31873,
+	31883, 31891, 31907, 31957, 31963, 31973, 31981,
+	31991, 32003, 32009, 32027, 32029, 32051, 32057,
+	32059, 32063, 32069, 32077, 32083, 32089, 32099,
+	32117, 32119, 32141, 32143, 32159, 32173, 32183,
+	32189, 32191, 32203, 32213, 32233, 32237, 32251,
+	32257, 32261, 32297, 32299, 32303, 32309, 32321,
+	32323, 32327, 32341, 32353, 32359, 32363, 32369,
+	32371, 32377, 32381, 32401, 32411, 32413, 32423,
+	32429, 32441, 32443, 32467, 32479, 32491, 32497,
+	32503, 32507, 32531, 32533, 32537, 32561, 32563,
+	32569, 32573, 32579, 32587, 32603, 32609, 32611,
+	32621, 32633, 32647, 32653, 32687, 32693, 32707,
+	32713, 32717, 32719, 32749, 32771, 32779, 32783,
+	32789, 32797, 32801, 32803, 32831, 32833, 32839,
+	32843, 32869, 32887, 32909, 32911, 32917, 32933,
+	32939, 32941, 32957, 32969, 32971, 32983, 32987,
+	32993, 32999, 33013, 33023, 33029, 33037, 33049,
+	33053, 33071, 33073, 33083, 33091, 33107, 33113,
+	33119, 33149, 33151, 33161, 33179, 33181, 33191,
+	33199, 33203, 33211, 33223, 33247, 33287, 33289,
+	33301, 33311, 33317, 33329, 33331, 33343, 33347,
+	33349, 33353, 33359, 33377, 33391, 33403, 33409,
+	33413, 33427, 33457, 33461, 33469, 33479, 33487,
+	33493, 33503, 33521, 33529, 33533, 33547, 33563,
+	33569, 33577, 33581, 33587, 33589, 33599, 33601,
+	33613, 33617, 33619, 33623, 33629, 33637, 33641,
+	33647, 33679, 33703, 33713, 33721, 33739, 33749,
+	33751, 33757, 33767, 33769, 33773, 33791, 33797,
+	33809, 33811, 33827, 33829, 33851, 33857, 33863,
+	33871, 33889, 33893, 33911, 33923, 33931, 33937,
+	33941, 33961, 33967, 33997, 34019, 34031, 34033,
+	34039, 34057, 34061, 34123, 34127, 34129, 34141,
+	34147, 34157, 34159, 34171, 34183, 34211, 34213,
+	34217, 34231, 34253, 34259, 34261, 34267, 34273,
+	34283, 34297, 34301, 34303, 34313, 34319, 34327,
+	34337, 34351, 34361, 34367, 34369, 34381, 34403,
+	34421, 34429, 34439, 34457, 34469, 34471, 34483,
+	34487, 34499, 34501, 34511, 34513, 34519, 34537,
+	34543, 34549, 34583, 34589, 34591, 34603, 34607,
+	34613, 34631, 34649, 34651, 34667, 34673, 34679,
+	34687, 34693, 34703, 34721, 34729, 34739, 34747,
+	34757, 34759, 34763, 34781, 34807, 34819, 34841,
+	34843, 34847, 34849, 34871, 34877, 34883, 34897,
+	34913, 34919, 34939, 34949, 34961, 34963, 34981,
+	35023, 35027, 35051, 35053, 35059, 35069, 35081,
+	35083, 35089, 35099, 35107, 35111, 35117, 35129,
+	35141, 35149, 35153, 35159, 35171, 35201, 35221,
+	35227, 35251, 35257, 35267, 35279, 35281, 35291,
+	35311, 35317, 35323, 35327, 35339, 35353, 35363,
+	35381, 35393, 35401, 35407, 35419, 35423, 35437,
+	35447, 35449, 35461, 35491, 35507, 35509, 35521,
+	35527, 35531, 35533, 35537, 35543, 35569, 35573,
+	35591, 35593, 35597, 35603, 35617, 35671, 35677,
+	35729, 35731, 35747, 35753, 35759, 35771, 35797,
+	35801, 35803, 35809, 35831, 35837, 35839, 35851,
+	35863, 35869, 35879, 35897, 35899, 35911, 35923,
+	35933, 35951, 35963, 35969, 35977, 35983, 35993,
+	35999, 36007, 36011, 36013, 36017, 36037, 36061,
+	36067, 36073, 36083, 36097, 36107, 36109, 36131,
+	36137, 36151, 36161, 36187, 36191, 36209, 36217,
+	36229, 36241, 36251, 36263, 36269, 36277, 36293,
+	36299, 36307, 36313, 36319, 36341, 36343, 36353,
+	36373, 36383, 36389, 36433, 36451, 36457, 36467,
+	36469, 36473, 36479, 36493, 36497, 36523, 36527,
+	36529, 36541, 36551, 36559, 36563, 36571, 36583,
+	36587, 36599, 36607, 36629, 36637, 36643, 36653,
+	36671, 36677, 36683, 36691, 36697, 36709, 36713,
+	36721, 36739, 36749, 36761, 36767, 36779, 36781,
+	36787, 36791, 36793, 36809, 36821, 36833, 36847,
+	36857, 36871, 36877, 36887, 36899, 36901, 36913,
+	36919, 36923, 36929, 36931, 36943, 36947, 36973,
+	36979, 36997, 37003, 37013, 37019, 37021, 37039,
+	37049, 37057, 37061, 37087, 37097, 37117, 37123,
+	37139, 37159, 37171, 37181, 37189, 37199, 37201,
+	37217, 37223, 37243, 37253, 37273, 37277, 37307,
+	37309, 37313, 37321, 37337, 37339, 37357, 37361,
+	37363, 37369, 37379, 37397, 37409, 37423, 37441,
+	37447, 37463, 37483, 37489, 37493, 37501, 37507,
+	37511, 37517, 37529, 37537, 37547, 37549, 37561,
+	37567, 37571, 37573, 37579, 37589, 37591, 37607,
+	37619, 37633, 37643, 37649, 37657, 37663, 37691,
+	37693, 37699, 37717, 37747, 37781, 37783, 37799,
+	37811, 37813, 37831, 37847, 37853, 37861, 37871,
+	37879, 37889, 37897, 37907, 37951, 37957, 37963,
+	37967, 37987, 37991, 37993, 37997, 38011, 38039,
+	38047, 38053, 38069, 38083, 38113, 38119, 38149,
+	38153, 38167, 38177, 38183, 38189, 38197, 38201,
+	38219, 38231, 38237, 38239, 38261, 38273, 38281,
+	38287, 38299, 38303, 38317, 38321, 38327, 38329,
+	38333, 38351, 38371, 38377, 38393, 38431, 38447,
+	38449, 38453, 38459, 38461, 38501, 38543, 38557,
+	38561, 38567, 38569, 38593, 38603, 38609, 38611,
+	38629, 38639, 38651, 38653, 38669, 38671, 38677,
+	38693, 38699, 38707, 38711, 38713, 38723, 38729,
+	38737, 38747, 38749, 38767, 38783, 38791, 38803,
+	38821, 38833, 38839, 38851, 38861, 38867, 38873,
+	38891, 38903, 38917, 38921, 38923, 38933, 38953,
+	38959, 38971, 38977, 38993, 39019, 39023, 39041,
+	39043, 39047, 39079, 39089, 39097, 39103, 39107,
+	39113, 39119, 39133, 39139, 39157, 39161, 39163,
+	39181, 39191, 39199, 39209, 39217, 39227, 39229,
+	39233, 39239, 39241, 39251, 39293, 39301, 39313,
+	39317, 39323, 39341, 39343, 39359, 39367, 39371,
+	39373, 39383, 39397, 39409, 39419, 39439, 39443,
+	39451, 39461, 39499, 39503, 39509, 39511, 39521,
+	39541, 39551, 39563, 39569, 39581, 39607, 39619,
+	39623, 39631, 39659, 39667, 39671, 39679, 39703,
+	39709, 39719, 39727, 39733, 39749, 39761, 39769,
+	39779, 39791, 39799, 39821, 39827, 39829, 39839,
+	39841, 39847, 39857, 39863, 39869, 39877, 39883,
+	39887, 39901, 39929, 39937, 39953, 39971, 39979,
+	39983, 39989, 40009, 40013, 40031, 40037, 40039,
+	40063, 40087, 40093, 40099, 40111, 40123, 40127,
+	40129, 40151, 40153, 40163, 40169, 40177, 40189,
+	40193, 40213, 40231, 40237, 40241, 40253, 40277,
+	40283, 40289, 40343, 40351, 40357, 40361, 40387,
+	40423, 40427, 40429, 40433, 40459, 40471, 40483,
+	40487, 40493, 40499, 40507, 40519, 40529, 40531,
+	40543, 40559, 40577, 40583, 40591, 40597, 40609,
+	40627, 40637, 40639, 40693, 40697, 40699, 40709,
+	40739, 40751, 40759, 40763, 40771, 40787, 40801,
+	40813, 40819, 40823, 40829, 40841, 40847, 40849,
+	40853, 40867, 40879, 40883, 40897, 40903, 40927,
+	40933, 40939, 40949, 40961, 40973, 40993, 41011,
+	41017, 41023, 41039, 41047, 41051, 41057, 41077,
+	41081, 41113, 41117, 41131, 41141, 41143, 41149,
+	41161, 41177, 41179, 41183, 41189, 41201, 41203,
+	41213, 41221, 41227, 41231, 41233, 41243, 41257,
+	41263, 41269, 41281, 41299, 41333, 41341, 41351,
+	41357, 41381, 41387, 41389, 41399, 41411, 41413,
+	41443, 41453, 41467, 41479, 41491, 41507, 41513,
+	41519, 41521, 41539, 41543, 41549, 41579, 41593,
+	41597, 41603, 41609, 41611, 41617, 41621, 41627,
+	41641, 41647, 41651, 41659, 41669, 41681, 41687,
+	41719, 41729, 41737, 41759, 41761, 41771, 41777,
+	41801, 41809, 41813, 41843, 41849, 41851, 41863,
+	41879, 41887, 41893, 41897, 41903, 41911, 41927,
+	41941, 41947, 41953, 41957, 41959, 41969, 41981,
+	41983, 41999, 42013, 42017, 42019, 42023, 42043,
+	42061, 42071, 42073, 42083, 42089, 42101, 42131,
+	42139, 42157, 42169, 42179, 42181, 42187, 42193,
+	42197, 42209, 42221, 42223, 42227, 42239, 42257,
+	42281, 42283, 42293, 42299, 42307, 42323, 42331,
+	42337, 42349, 42359, 42373, 42379, 42391, 42397,
+	42403, 42407, 42409, 42433, 42437, 42443, 42451,
+	42457, 42461, 42463, 42467, 42473, 42487, 42491,
+	42499, 42509, 42533, 42557, 42569, 42571, 42577,
+	42589, 42611, 42641, 42643, 42649, 42667, 42677,
+	42683, 42689, 42697, 42701, 42703, 42709, 42719,
+	42727, 42737, 42743, 42751, 42767, 42773, 42787,
+	42793, 42797, 42821, 42829, 42839, 42841, 42853,
+	42859, 42863, 42899, 42901, 42923, 42929, 42937,
+	42943, 42953, 42961, 42967, 42979, 42989, 43003,
+	43013, 43019, 43037, 43049, 43051, 43063, 43067,
+	43093, 43103, 43117, 43133, 43151, 43159, 43177,
+	43189, 43201, 43207, 43223, 43237, 43261, 43271,
+	43283, 43291, 43313, 43319, 43321, 43331, 43391,
+	43397, 43399, 43403, 43411, 43427, 43441, 43451,
+	43457, 43481, 43487, 43499, 43517, 43541, 43543,
+	43573, 43577, 43579, 43591, 43597, 43607, 43609,
+	43613, 43627, 43633, 43649, 43651, 43661, 43669,
+	43691, 43711, 43717, 43721, 43753, 43759, 43777,
+	43781, 43783, 43787, 43789, 43793, 43801, 43853,
+	43867, 43889, 43891, 43913, 43933, 43943, 43951,
+	43961, 43963, 43969, 43973, 43987, 43991, 43997,
+	44017, 44021, 44027, 44029, 44041, 44053, 44059,
+	44071, 44087, 44089, 44101, 44111, 44119, 44123,
+	44129, 44131, 44159, 44171, 44179, 44189, 44201,
+	44203, 44207, 44221, 44249, 44257, 44263, 44267,
+	44269, 44273, 44279, 44281, 44293, 44351, 44357,
+	44371, 44381, 44383, 44389, 44417, 44449, 44453,
+	44483, 44491, 44497, 44501, 44507, 44519, 44531,
+	44533, 44537, 44543, 44549, 44563, 44579, 44587,
+	44617, 44621, 44623, 44633, 44641, 44647, 44651,
+	44657, 44683, 44687, 44699, 44701, 44711, 44729,
+	44741, 44753, 44771, 44773, 44777, 44789, 44797,
+	44809, 44819, 44839, 44843, 44851, 44867, 44879,
+	44887, 44893, 44909, 44917, 44927, 44939, 44953,
+	44959, 44963, 44971, 44983, 44987, 45007, 45013,
+	45053, 45061, 45077, 45083, 45119, 45121, 45127,
+	45131, 45137, 45139, 45161, 45179, 45181, 45191,
+	45197, 45233, 45247, 45259, 45263, 45281, 45289,
+	45293, 45307, 45317, 45319, 45329, 45337, 45341,
+	45343, 45361, 45377, 45389, 45403, 45413, 45427,
+	45433, 45439, 45481, 45491, 45497, 45503, 45523,
+	45533, 45541, 45553, 45557, 45569, 45587, 45589,
+	45599, 45613, 45631, 45641, 45659, 45667, 45673,
+	45677, 45691, 45697, 45707, 45737, 45751, 45757,
+	45763, 45767, 45779, 45817, 45821, 45823, 45827,
+	45833, 45841, 45853, 45863, 45869, 45887, 45893,
+	45943, 45949, 45953, 45959, 45971, 45979, 45989,
+	46021, 46027, 46049, 46051, 46061, 46073, 46091,
+	46093, 46099, 46103, 46133, 46141, 46147, 46153,
+	46171, 46181, 46183, 46187, 46199, 46219, 46229,
+	46237, 46261, 46271, 46273, 46279, 46301, 46307,
+	46309, 46327, 46337, 46349, 46351, 46381, 46399,
+	46411, 46439, 46441, 46447, 46451, 46457, 46471,
+	46477, 46489, 46499, 46507, 46511, 46523, 46549,
+	46559, 46567, 46573, 46589, 46591, 46601, 46619,
+	46633, 46639, 46643, 46649, 46663, 46679, 46681,
+	46687, 46691, 46703, 46723, 46727, 46747, 46751,
+	46757, 46769, 46771, 46807, 46811, 46817, 46819,
+	46829, 46831, 46853, 46861, 46867, 46877, 46889,
+	46901, 46919, 46933, 46957, 46993, 46997, 47017,
+	47041, 47051, 47057, 47059, 47087, 47093, 47111,
+	47119, 47123, 47129, 47137, 47143, 47147, 47149,
+	47161, 47189, 47207, 47221, 47237, 47251, 47269,
+	47279, 47287, 47293, 47297, 47303, 47309, 47317,
+	47339, 47351, 47353, 47363, 47381, 47387, 47389,
+	47407, 47417, 47419, 47431, 47441, 47459, 47491,
+	47497, 47501, 47507, 47513, 47521, 47527, 47533,
+	47543, 47563, 47569, 47581, 47591, 47599, 47609,
+	47623, 47629, 47639, 47653, 47657, 47659, 47681,
+	47699, 47701, 47711, 47713, 47717, 47737, 47741,
+	47743, 47777, 47779, 47791, 47797, 47807, 47809,
+	47819, 47837, 47843, 47857, 47869, 47881, 47903,
+	47911, 47917, 47933, 47939, 47947, 47951, 47963,
+	47969, 47977, 47981, 48017, 48023, 48029, 48049,
+	48073, 48079, 48091, 48109, 48119, 48121, 48131,
+	48157, 48163, 48179, 48187, 48193, 48197, 48221,
+	48239, 48247, 48259, 48271, 48281, 48299, 48311,
+	48313, 48337, 48341, 48353, 48371, 48383, 48397,
+	48407, 48409, 48413, 48437, 48449, 48463, 48473,
+	48479, 48481, 48487, 48491, 48497, 48523, 48527,
+	48533, 48539, 48541, 48563, 48571, 48589, 48593,
+	48611, 48619, 48623, 48647, 48649, 48661, 48673,
+	48677, 48679, 48731, 48733, 48751, 48757, 48761,
+	48767, 48779, 48781, 48787, 48799, 48809, 48817,
+	48821, 48823, 48847, 48857, 48859, 48869, 48871,
+	48883, 48889, 48907, 48947, 48953, 48973, 48989,
+	48991, 49003, 49009, 49019, 49031, 49033, 49037,
+	49043, 49057, 49069, 49081, 49103, 49109, 49117,
+	49121, 49123, 49139, 49157, 49169, 49171, 49177,
+	49193, 49199, 49201, 49207, 49211, 49223, 49253,
+	49261, 49277, 49279, 49297, 49307, 49331, 49333,
+	49339, 49363, 49367, 49369, 49391, 49393, 49409,
+	49411, 49417, 49429, 49433, 49451, 49459, 49463,
+	49477, 49481, 49499, 49523, 49529, 49531, 49537,
+	49547, 49549, 49559, 49597, 49603, 49613, 49627,
+	49633, 49639, 49663, 49667, 49669, 49681, 49697,
+	49711, 49727, 49739, 49741, 49747, 49757, 49783,
+	49787, 49789, 49801, 49807, 49811, 49823, 49831,
+	49843, 49853, 49871, 49877, 49891, 49919, 49921,
+	49927, 49937, 49939, 49943, 49957, 49991, 49993,
+	49999, 50021, 50023, 50033, 50047, 50051, 50053,
+	50069, 50077, 50087, 50093, 50101, 50111, 50119,
+	50123, 50129, 50131, 50147, 50153, 50159, 50177,
+	50207, 50221, 50227, 50231, 50261, 50263, 50273,
+	50287, 50291, 50311, 50321, 50329, 50333, 50341,
+	50359, 50363, 50377, 50383, 50387, 50411, 50417,
+	50423, 50441, 50459, 50461, 50497, 50503, 50513,
+	50527, 50539, 50543, 50549, 50551, 50581, 50587,
+	50591, 50593, 50599, 50627, 50647, 50651, 50671,
+	50683, 50707, 50723, 50741, 50753, 50767, 50773,
+	50777, 50789, 50821, 50833, 50839, 50849, 50857,
+	50867, 50873, 50891, 50893, 50909, 50923, 50929,
+	50951, 50957, 50969, 50971, 50989, 50993, 51001,
+	51031, 51043, 51047, 51059, 51061, 51071, 51109,
+	51131, 51133, 51137, 51151, 51157, 51169, 51193,
+	51197, 51199, 51203, 51217, 51229, 51239, 51241,
+	51257, 51263, 51283, 51287, 51307, 51329, 51341,
+	51343, 51347, 51349, 51361, 51383, 51407, 51413,
+	51419, 51421, 51427, 51431, 51437, 51439, 51449,
+	51461, 51473, 51479, 51481, 51487, 51503, 51511,
+	51517, 51521, 51539, 51551, 51563, 51577, 51581,
+	51593, 51599, 51607, 51613, 51631, 51637, 51647,
+	51659, 51673, 51679, 51683, 51691, 51713, 51719,
+	51721, 51749, 51767, 51769, 51787, 51797, 51803,
+	51817, 51827, 51829, 51839, 51853, 51859, 51869,
+	51871, 51893, 51899, 51907, 51913, 51929, 51941,
+	51949, 51971, 51973, 51977, 51991, 52009, 52021,
+	52027, 52051, 52057, 52067, 52069, 52081, 52103,
+	52121, 52127, 52147, 52153, 52163, 52177, 52181,
+	52183, 52189, 52201, 52223, 52237, 52249, 52253,
+	52259, 52267, 52289, 52291, 52301, 52313, 52321,
+	52361, 52363, 52369, 52379, 52387, 52391, 52433,
+	52453, 52457, 52489, 52501, 52511, 52517, 52529,
+	52541, 52543, 52553, 52561, 52567, 52571, 52579,
+	52583, 52609, 52627, 52631, 52639, 52667, 52673,
+	52691, 52697, 52709, 52711, 52721, 52727, 52733,
+	52747, 52757, 52769, 52783, 52807, 52813, 52817,
+	52837, 52859, 52861, 52879, 52883, 52889, 52901,
+	52903, 52919, 52937, 52951, 52957, 52963, 52967,
+	52973, 52981, 52999, 53003, 53017, 53047, 53051,
+	53069, 53077, 53087, 53089, 53093, 53101, 53113,
+	53117, 53129, 53147, 53149, 53161, 53171, 53173,
+	53189, 53197, 53201, 53231, 53233, 53239, 53267,
+	53269, 53279, 53281, 53299, 53309, 53323, 53327,
+	53353, 53359, 53377, 53381, 53401, 53407, 53411,
+	53419, 53437, 53441, 53453, 53479, 53503, 53507,
+	53527, 53549, 53551, 53569, 53591, 53593, 53597,
+	53609, 53611, 53617, 53623, 53629, 53633, 53639,
+	53653, 53657, 53681, 53693, 53699, 53717, 53719,
+	53731, 53759, 53773, 53777, 53783, 53791, 53813,
+	53819, 53831, 53849, 53857, 53861, 53881, 53887,
+	53891, 53897, 53899, 53917, 53923, 53927, 53939,
+	53951, 53959, 53987, 53993, 54001, 54011, 54013,
+	54037, 54049, 54059, 54083, 54091, 54101, 54121,
+	54133, 54139, 54151, 54163, 54167, 54181, 54193,
+	54217, 54251, 54269, 54277, 54287, 54293, 54311,
+	54319, 54323, 54331, 54347, 54361, 54367, 54371,
+	54377, 54401, 54403, 54409, 54413, 54419, 54421,
+	54437, 54443, 54449, 54469, 54493, 54497, 54499,
+	54503, 54517, 54521, 54539, 54541, 54547, 54559,
+	54563, 54577, 54581, 54583, 54601, 54617, 54623,
+	54629, 54631, 54647, 54667, 54673, 54679, 54709,
+	54713, 54721, 54727, 54751, 54767, 54773, 54779,
+	54787, 54799, 54829, 54833, 54851, 54869, 54877,
+	54881, 54907, 54917, 54919, 54941, 54949, 54959,
+	54973, 54979, 54983, 55001, 55009, 55021, 55049,
+	55051, 55057, 55061, 55073, 55079, 55103, 55109,
+	55117, 55127, 55147, 55163, 55171, 55201, 55207,
+	55213, 55217, 55219, 55229, 55243, 55249, 55259,
+	55291, 55313, 55331, 55333, 55337, 55339, 55343,
+	55351, 55373, 55381, 55399, 55411, 55439, 55441,
+	55457, 55469, 55487, 55501, 55511, 55529, 55541,
+	55547, 55579, 55589, 55603, 55609, 55619, 55621,
+	55631, 55633, 55639, 55661, 55663, 55667, 55673,
+	55681, 55691, 55697, 55711, 55717, 55721, 55733,
+	55763, 55787, 55793, 55799, 55807, 55813, 55817,
+	55819, 55823, 55829, 55837, 55843, 55849, 55871,
+	55889, 55897, 55901, 55903, 55921, 55927, 55931,
+	55933, 55949, 55967, 55987, 55997, 56003, 56009,
+	56039, 56041, 56053, 56081, 56087, 56093, 56099,
+	56101, 56113, 56123, 56131, 56149, 56167, 56171,
+	56179, 56197, 56207, 56209, 56237, 56239, 56249,
+	56263, 56267, 56269, 56299, 56311, 56333, 56359,
+	56369, 56377, 56383, 56393, 56401, 56417, 56431,
+	56437, 56443, 56453, 56467, 56473, 56477, 56479,
+	56489, 56501, 56503, 56509, 56519, 56527, 56531,
+	56533, 56543, 56569, 56591, 56597, 56599, 56611,
+	56629, 56633, 56659, 56663, 56671, 56681, 56687,
+	56701, 56711, 56713, 56731, 56737, 56747, 56767,
+	56773, 56779, 56783, 56807, 56809, 56813, 56821,
+	56827, 56843, 56857, 56873, 56891, 56893, 56897,
+	56909, 56911, 56921, 56923, 56929, 56941, 56951,
+	56957, 56963, 56983, 56989, 56993, 56999, 57037,
+	57041, 57047, 57059, 57073, 57077, 57089, 57097,
+	57107, 57119, 57131, 57139, 57143, 57149, 57163,
+	57173, 57179, 57191, 57193, 57203, 57221, 57223,
+	57241, 57251, 57259, 57269, 57271, 57283, 57287,
+	57301, 57329, 57331, 57347, 57349, 57367, 57373,
+	57383, 57389, 57397, 57413, 57427, 57457, 57467,
+	57487, 57493, 57503, 57527, 57529, 57557, 57559,
+	57571, 57587, 57593, 57601, 57637, 57641, 57649,
+	57653, 57667, 57679, 57689, 57697, 57709, 57713,
+	57719, 57727, 57731, 57737, 57751, 57773, 57781,
+	57787, 57791, 57793, 57803, 57809, 57829, 57839,
+	57847, 57853, 57859, 57881, 57899, 57901, 57917,
+	57923, 57943, 57947, 57973, 57977, 57991, 58013,
+	58027, 58031, 58043, 58049, 58057, 58061, 58067,
+	58073, 58099, 58109, 58111, 58129, 58147, 58151,
+	58153, 58169, 58171, 58189, 58193, 58199, 58207,
+	58211, 58217, 58229, 58231, 58237, 58243, 58271,
+	58309, 58313, 58321, 58337, 58363, 58367, 58369,
+	58379, 58391, 58393, 58403, 58411, 58417, 58427,
+	58439, 58441, 58451, 58453, 58477, 58481, 58511,
+	58537, 58543, 58549, 58567, 58573, 58579, 58601,
+	58603, 58613, 58631, 58657, 58661, 58679, 58687,
+	58693, 58699, 58711, 58727, 58733, 58741, 58757,
+	58763, 58771, 58787, 58789, 58831, 58889, 58897,
+	58901, 58907, 58909, 58913, 58921, 58937, 58943,
+	58963, 58967, 58979, 58991, 58997, 59009, 59011,
+	59021, 59023, 59029, 59051, 59053, 59063, 59069,
+	59077, 59083, 59093, 59107, 59113, 59119, 59123,
+	59141, 59149, 59159, 59167, 59183, 59197, 59207,
+	59209, 59219, 59221, 59233, 59239, 59243, 59263,
+	59273, 59281, 59333, 59341, 59351, 59357, 59359,
+	59369, 59377, 59387, 59393, 59399, 59407, 59417,
+	59419, 59441, 59443, 59447, 59453, 59467, 59471,
+	59473, 59497, 59509, 59513, 59539, 59557, 59561,
+	59567, 59581, 59611, 59617, 59621, 59627, 59629,
+	59651, 59659, 59663, 59669, 59671, 59693, 59699,
+	59707, 59723, 59729, 59743, 59747, 59753, 59771,
+	59779, 59791, 59797, 59809, 59833, 59863, 59879,
+	59887, 59921, 59929, 59951, 59957, 59971, 59981,
+	59999, 60013, 60017, 60029, 60037, 60041, 60077,
+	60083, 60089, 60091, 60101, 60103, 60107, 60127,
+	60133, 60139, 60149, 60161, 60167, 60169, 60209,
+	60217, 60223, 60251, 60257, 60259, 60271, 60289,
+	60293, 60317, 60331, 60337, 60343, 60353, 60373,
+	60383, 60397, 60413, 60427, 60443, 60449, 60457,
+	60493, 60497, 60509, 60521, 60527, 60539, 60589,
+	60601, 60607, 60611, 60617, 60623, 60631, 60637,
+	60647, 60649, 60659, 60661, 60679, 60689, 60703,
+	60719, 60727, 60733, 60737, 60757, 60761, 60763,
+	60773, 60779, 60793, 60811, 60821, 60859, 60869,
+	60887, 60889, 60899, 60901, 60913, 60917, 60919,
+	60923, 60937, 60943, 60953, 60961, 61001, 61007,
+	61027, 61031, 61043, 61051, 61057, 61091, 61099,
+	61121, 61129, 61141, 61151, 61153, 61169, 61211,
+	61223, 61231, 61253, 61261, 61283, 61291, 61297,
+	61331, 61333, 61339, 61343, 61357, 61363, 61379,
+	61381, 61403, 61409, 61417, 61441, 61463, 61469,
+	61471, 61483, 61487, 61493, 61507, 61511, 61519,
+	61543, 61547, 61553, 61559, 61561, 61583, 61603,
+	61609, 61613, 61627, 61631, 61637, 61643, 61651,
+	61657, 61667, 61673, 61681, 61687, 61703, 61717,
+	61723, 61729, 61751, 61757, 61781, 61813, 61819,
+	61837, 61843, 61861, 61871, 61879, 61909, 61927,
+	61933, 61949, 61961, 61967, 61979, 61981, 61987,
+	61991, 62003, 62011, 62017, 62039, 62047, 62053,
+	62057, 62071, 62081, 62099, 62119, 62129, 62131,
+	62137, 62141, 62143, 62171, 62189, 62191, 62201,
+	62207, 62213, 62219, 62233, 62273, 62297, 62299,
+	62303, 62311, 62323, 62327, 62347, 62351, 62383,
+	62401, 62417, 62423, 62459, 62467, 62473, 62477,
+	62483, 62497, 62501, 62507, 62533, 62539, 62549,
+	62563, 62581, 62591, 62597, 62603, 62617, 62627,
+	62633, 62639, 62653, 62659, 62683, 62687, 62701,
+	62723, 62731, 62743, 62753, 62761, 62773, 62791,
+	62801, 62819, 62827, 62851, 62861, 62869, 62873,
+	62897, 62903, 62921, 62927, 62929, 62939, 62969,
+	62971, 62981, 62983, 62987, 62989, 63029, 63031,
+	63059, 63067, 63073, 63079, 63097, 63103, 63113,
+	63127, 63131, 63149, 63179, 63197, 63199, 63211,
+	63241, 63247, 63277, 63281, 63299, 63311, 63313,
+	63317, 63331, 63337, 63347, 63353, 63361, 63367,
+	63377, 63389, 63391, 63397, 63409, 63419, 63421,
+	63439, 63443, 63463, 63467, 63473, 63487, 63493,
+	63499, 63521, 63527, 63533, 63541, 63559, 63577,
+	63587, 63589, 63599, 63601, 63607, 63611, 63617,
+	63629, 63647, 63649, 63659, 63667, 63671, 63689,
+	63691, 63697, 63703, 63709, 63719, 63727, 63737,
+	63743, 63761, 63773, 63781, 63793, 63799, 63803,
+	63809, 63823, 63839, 63841, 63853, 63857, 63863,
+	63901, 63907, 63913, 63929, 63949, 63977, 63997,
+	64007, 64013, 64019, 64033, 64037, 64063, 64067,
+	64081, 64091, 64109, 64123, 64151, 64153, 64157,
+	64171, 64187, 64189, 64217, 64223, 64231, 64237,
+	64271, 64279, 64283, 64301, 64303, 64319, 64327,
+	64333, 64373, 64381, 64399, 64403, 64433, 64439,
+	64451, 64453, 64483, 64489, 64499, 64513, 64553,
+	64567, 64577, 64579, 64591, 64601, 64609, 64613,
+	64621, 64627, 64633, 64661, 64663, 64667, 64679,
+	64693, 64709, 64717, 64747, 64763, 64781, 64783,
+	64793, 64811, 64817, 64849, 64853, 64871, 64877,
+	64879, 64891, 64901, 64919, 64921, 64927, 64937,
+	64951, 64969, 64997, 65003, 65011, 65027, 65029,
+	65033, 65053, 65063, 65071, 65089, 65099, 65101,
+	65111, 65119, 65123, 65129, 65141, 65147, 65167,
+	65171, 65173, 65179, 65183, 65203, 65213, 65239,
+	65257, 65267, 65269, 65287, 65293, 65309, 65323,
+	65327, 65353, 65357, 65371, 65381, 65393, 65407,
+	65413, 65419, 65423, 65437, 65447, 65449, 65479,
+	65497, 65519, 65521, 0
+};
+
+/* Tests if the (small) number provided is a prime.
+ */
+static unsigned small_prime_check(unsigned x)
+{
+	unsigned j, t, square, prime;
+
+	for (j = 0; primes[j] > 0; j++) {
+		prime = primes[j];
+		square = prime * prime;
+
+		if (square > x)
+			break;
+
+		t = x / prime;
+		if (t * prime == x)
+			return 0;
+	}
+
+	return 1;
+}
+
+/* The seed in FIPS186-3 is used either as an integer or blob,
+ * but when used as an integer it must not be trunacated below
+ * the "nominal" seed size. This function returns the size
+ * that way. */
+unsigned mpz_seed_sizeinbase_256_u(mpz_t s, unsigned nominal)
+{
+	unsigned ret = nettle_mpz_sizeinbase_256_u(s);
+	if (ret < nominal)
+		return nominal;
+	return ret;
+}
+
+static int st_provable_prime_small(mpz_t p,
+				   unsigned *prime_seed_length,
+				   void *prime_seed,
+				   unsigned *prime_gen_counter, unsigned bits,
+				   unsigned seed_length, const void *seed,
+				   void *progress_ctx,
+				   nettle_progress_func * progress)
+{
+	unsigned gen_counter = 0;
+	unsigned tseed_length;
+	uint8_t tseed[MAX_PVP_SEED_SIZE+1];
+	uint8_t h1[DIGEST_SIZE];
+	uint8_t h2[DIGEST_SIZE];
+	uint32_t c;
+	mpz_t s;
+	unsigned highbit;
+
+	assert(bits >= 2 && bits <= 32);
+
+	mpz_init(s);
+
+	/* seed is handled as mpz_t instead of simply using INCREMENT
+	 * for the few (unlikely) cases where seed overflows. */
+	nettle_mpz_set_str_256_u(s, seed_length, seed);
+
+ retry:
+	tseed_length = mpz_seed_sizeinbase_256_u(s, seed_length);
+	if (tseed_length > sizeof(tseed)) {
+		goto fail;
+	}
+
+	/* c = Hash(seed) XOR Hash(seed+1) */
+	nettle_mpz_get_str_256(tseed_length, tseed, s);
+
+	hash(h1, tseed_length, tseed);
+
+	mpz_add_ui(s, s, 1);
+
+	tseed_length = mpz_seed_sizeinbase_256_u(s, seed_length);
+	if (tseed_length > sizeof(tseed))
+		goto fail;
+
+	nettle_mpz_get_str_256(tseed_length, tseed, s);
+
+	hash(h2, tseed_length, tseed);
+
+	memxor(h1, h2, DIGEST_SIZE);
+
+	/* c = 2^(bits-1) + (c mod 2^(bits-1)) */
+	highbit = 1L << (bits - 1);
+
+	c = READ_UINT32(&h1[DIGEST_SIZE - 4]);
+
+	c &= highbit - 1;
+
+	/* Make sure c is odd and high bit is set */
+	c |= highbit | 1;
+
+	gen_counter++;
+
+	/* seed++ */
+	mpz_add_ui(s, s, 1);
+
+	/* deterministic primality check on c */
+	if (small_prime_check(c) == 0) {
+		/* not a prime */
+		if (gen_counter >= 4 * bits)
+			goto fail;	/* failed */
+
+		if (progress)
+			progress(progress_ctx, 'x');
+
+		goto retry;
+	}
+
+	/* success */
+	mpz_set_ui(p, c);
+
+	if (prime_seed != NULL) {
+		tseed_length = mpz_seed_sizeinbase_256_u(s, tseed_length);
+		if (*prime_seed_length < tseed_length)
+			goto fail;
+
+		nettle_mpz_get_str_256(tseed_length, prime_seed, s);
+		*prime_seed_length = tseed_length;
+	}
+
+	if (prime_gen_counter)
+		*prime_gen_counter = gen_counter;
+
+	mpz_clear(s);
+	return 1;
+
+ fail:
+	mpz_clear(s);
+	return 0;
+}
+
+/* The Shawe-Taylor algorithm described in FIPS 186-4.
+ *
+ * p: (output) the prime
+ * prime_seed_length: (output) the length of prime_seed. Initially
+ *   must hold the maximum size of prime_seed. The size should be a
+ *   byte more than seed_length.
+ * prime_seed: (output) the prime_seed (may be NULL)
+ * prime_gen_counter: A counter determined during the prime generation
+ * bits: The requested number of bits for prime
+ * seed_length: The length of seed. It is limited by MAX_PVP_SEED_SIZE.
+ * seed: The initial seed
+ *
+ * Returns non zero on success.
+ */
+int
+st_provable_prime(mpz_t p,
+		  unsigned *prime_seed_length, void *prime_seed,
+		  unsigned *prime_gen_counter,
+		  unsigned bits,
+		  unsigned seed_length, const void *seed,
+		  void *progress_ctx, nettle_progress_func * progress)
+{
+	unsigned gen_counter;
+	unsigned tseed_length;
+	uint8_t tseed[MAX_PVP_SEED_SIZE+1];
+	int ret;
+	unsigned pseed_length, iterations;
+	uint8_t *pseed;
+	unsigned old_counter, i;
+	mpz_t s, tmp, r, dc0, c0, c, t, z;
+	uint8_t *storage = NULL;
+	unsigned storage_length = 0;
+
+	if (bits < 33) {
+		return st_provable_prime_small(p, prime_seed_length, prime_seed,
+					       prime_gen_counter, bits,
+					       seed_length, seed, progress_ctx,
+					       progress);
+	}
+
+	mpz_init(s);
+	mpz_init(tmp);
+	mpz_init(r);
+	mpz_init(c);
+	mpz_init(z);
+	mpz_init(t);
+	mpz_init(c0);
+	mpz_init(dc0);
+
+	pseed_length = seed_length + 2;
+
+	pseed = gnutls_malloc(pseed_length);
+	if (pseed == NULL)
+		goto fail;
+
+	ret = st_provable_prime(c0, &pseed_length, pseed, &gen_counter,
+				1+div_ceil(bits, 2), seed_length, seed,
+				progress_ctx, progress);
+	if (ret == 0)
+		goto fail;
+
+	nettle_mpz_set_str_256_u(s, pseed_length, pseed);
+
+	/* the spec says to remove 1 here */
+	iterations = div_ceil(bits, DIGEST_SIZE * 8);
+	old_counter = gen_counter;
+
+	mpz_set_ui(tmp, 0);	/* x = 0 */
+	if (iterations > 0) {
+		storage_length = iterations * DIGEST_SIZE;
+
+		storage = malloc(storage_length);
+		if (storage == NULL)
+			goto fail;
+
+		for (i = 0; i < iterations; i++) {
+			tseed_length = mpz_seed_sizeinbase_256_u(s, pseed_length);
+			if (tseed_length > sizeof(tseed))
+				goto fail;
+			nettle_mpz_get_str_256(tseed_length, tseed, s);
+
+			hash(&storage
+			     [(iterations - i - 1) * DIGEST_SIZE],
+			     tseed_length, tseed);
+			mpz_add_ui(s, s, 1);
+		}
+
+		nettle_mpz_set_str_256_u(tmp, storage_length, storage);
+	}
+
+	/* tmp = 2^(bits-1) + (tmp mod 2^(bits-1)) */
+	mpz_set_ui(r, 1);
+	mpz_mul_2exp(r, r, bits - 1);	/* r = 2^(bits-1) */
+
+	mpz_fdiv_r_2exp(tmp, tmp, bits - 1);
+	mpz_add(tmp, tmp, r);	/* tmp = x */
+
+	/* Generate candidate prime c in [2^(bits-1), 2^bits] */
+
+	/* t = u[x/2c0] */
+	mpz_mul_2exp(dc0, c0, 1);	/* dc0 = 2*c0 */
+	mpz_cdiv_q(t, tmp, dc0);
+
+ retry:
+	/* c = t*(2c0) + 1 */
+	mpz_mul(c, dc0, t);
+	mpz_add_ui(c, c, 1);
+
+	mpz_set_ui(r, 1);
+	mpz_mul_2exp(r, r, bits);	/* r = 2^(bits) */
+
+	/* if 2tc0+1 > 2^bits */
+	if (mpz_cmp(c, r) > 0) {
+		/* t = 2^(bits-1)/2c0 */
+
+		mpz_fdiv_q_2exp(r, r, 1); /* r = 2^(bits-1) */
+		mpz_cdiv_q(t, r, dc0);
+
+		/* c = t* 2c0 + 1 */
+		mpz_mul(c, dc0, t);
+		mpz_add_ui(c, c, 1);
+	}
+
+	gen_counter++;
+
+	mpz_set_ui(r, 0); /* a = 0 */
+	if (iterations > 0) {
+		for (i = 0; i < iterations; i++) {
+			tseed_length = mpz_seed_sizeinbase_256_u(s, pseed_length);
+			if (tseed_length > sizeof(tseed))
+				goto fail;
+
+			nettle_mpz_get_str_256(tseed_length, tseed, s);
+
+			hash(&storage
+			     [(iterations - i - 1) * DIGEST_SIZE],
+			     tseed_length, tseed);
+			mpz_add_ui(s, s, 1);
+		}
+
+		/* r = a */
+		nettle_mpz_set_str_256_u(r, storage_length, storage);
+	}
+
+	/* a = 2 + (a mod (c-3)) */
+	mpz_sub_ui(tmp, c, 3);	/* c is too large to worry about negatives */
+	mpz_mod(r, r, tmp);
+	mpz_add_ui(r, r, 2);
+
+	/* z = a^(2t) mod c */
+	mpz_mul_2exp(tmp, t, 1); /* tmp = 2t */
+	mpz_powm(z, r, tmp, c);
+
+	mpz_sub_ui(tmp, z, 1);
+
+	mpz_gcd(r, tmp, c);
+
+	if (mpz_cmp_ui(r, 1) == 0) {
+		mpz_powm(tmp, z, c0, c);
+		if (mpz_cmp_ui(tmp, 1) == 0) {
+			mpz_set(p, c);
+
+			if (prime_seed != NULL) {
+				tseed_length = mpz_seed_sizeinbase_256_u(s, pseed_length);
+				if (*prime_seed_length < tseed_length)
+					goto fail;
+
+				nettle_mpz_get_str_256(tseed_length,
+						       prime_seed, s);
+				*prime_seed_length = tseed_length;
+			}
+
+			if (prime_gen_counter)
+				*prime_gen_counter = gen_counter;
+
+			goto success;
+		}
+	}
+
+	if (progress)
+		progress(progress_ctx, 'x');
+
+	if (gen_counter >= (4 * bits + old_counter)) {
+		goto fail;
+	}
+
+	mpz_add_ui(t, t, 1);
+	goto retry;
+
+ success:
+	ret = 1;
+	goto finish;
+
+ fail:
+	ret = 0;
+
+ finish:
+	mpz_clear(c0);
+	mpz_clear(dc0);
+	mpz_clear(r);
+	mpz_clear(s);
+	mpz_clear(z);
+	mpz_clear(t);
+	mpz_clear(tmp);
+	mpz_clear(c);
+	free(pseed);
+	free(storage);
+	return ret;
+}
diff --git a/lib/nettle/int/rsa-fips.h b/lib/nettle/int/rsa-fips.h
new file mode 100644
index 0000000..a2a418a
--- /dev/null
+++ b/lib/nettle/int/rsa-fips.h
@@ -0,0 +1,49 @@
+/* rsa-fips.h
+ *
+ * The RSA publickey algorithm.
+ */
+
+/* Copyright (C) 2014 Red Hat
+ *  
+ * The gnutls library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ * 
+ * The nettle library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the nettle library; see the file COPYING.LIB.  If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02111-1301, USA.
+ */
+
+#ifndef GNUTLS_LIB_NETTLE_INT_RSA_FIPS_H
+#define GNUTLS_LIB_NETTLE_INT_RSA_FIPS_H
+
+#include <nettle/rsa.h>
+
+int
+_rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
+				struct rsa_private_key *key,
+				unsigned seed_length, uint8_t * seed,
+				void *progress_ctx,
+				nettle_progress_func * progress,
+				/* Desired size of modulo, in bits */
+				unsigned n_size);
+
+int
+rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
+			       struct rsa_private_key *key,
+			       void *random_ctx, nettle_random_func * random,
+			       void *progress_ctx,
+			       nettle_progress_func * progress,
+			       unsigned *rseed_size,
+			       void *rseed,
+			       /* Desired size of modulo, in bits */
+			       unsigned n_size);
+
+#endif /* GNUTLS_LIB_NETTLE_INT_RSA_FIPS_H */
diff --git a/lib/nettle/int/rsa-keygen-fips186.c b/lib/nettle/int/rsa-keygen-fips186.c
new file mode 100644
index 0000000..c6f7e67
--- /dev/null
+++ b/lib/nettle/int/rsa-keygen-fips186.c
@@ -0,0 +1,457 @@
+/*
+ * Generation of RSA keypairs.
+ */
+
+/* nettle, low-level cryptographics library
+ *
+ * Copyright (C) 2002 Niels Möller
+ * Copyright (C) 2014 Red Hat
+ *  
+ * The nettle library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ * 
+ * The nettle library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the nettle library; see the file COPYING.LIB.  If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02111-1301, USA.
+ */
+
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include <assert.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <nettle/rsa.h>
+#include <dsa-fips.h>
+#include <rsa-fips.h>
+
+#include <nettle/bignum.h>
+
+static int
+rsa_provable_prime (mpz_t p,
+			  unsigned *prime_seed_length, void *prime_seed,
+			  unsigned bits,
+			  unsigned seed_length, const void *seed,
+			  mpz_t e,
+			  void *progress_ctx, nettle_progress_func * progress)
+{
+mpz_t x, t, s, r1, r2, p0, sq;
+int ret;
+unsigned pcounter = 0;
+unsigned iterations;
+unsigned storage_length = 0, i;
+uint8_t *storage = NULL;
+uint8_t pseed[MAX_PVP_SEED_SIZE+1];
+unsigned pseed_length = sizeof(pseed), tseed_length;
+unsigned max = bits*5;
+
+	mpz_init(p0);
+	mpz_init(sq);
+	mpz_init(x);
+	mpz_init(t);
+	mpz_init(s);
+	mpz_init(r1);
+	mpz_init(r2);
+
+	/* p1 = p2 = 1 */
+
+	ret = st_provable_prime(p0, &pseed_length, pseed,
+				NULL, 1+div_ceil(bits,2), seed_length,
+				seed, progress_ctx, progress);
+	if (ret == 0) {
+		goto cleanup;
+	}
+
+	iterations = div_ceil(bits, DIGEST_SIZE*8);
+	mpz_set_ui(x, 0);
+
+	if (iterations > 0) {
+		storage_length = iterations * DIGEST_SIZE;
+		storage = malloc(storage_length);
+		if (storage == NULL) {
+			goto fail;
+		}
+
+		nettle_mpz_set_str_256_u(s, pseed_length, pseed);
+		for (i = 0; i < iterations; i++) {
+			tseed_length = mpz_seed_sizeinbase_256_u(s, pseed_length);
+			if (tseed_length > sizeof(pseed))
+				goto fail;
+			nettle_mpz_get_str_256(tseed_length, pseed, s);
+
+			hash(&storage[(iterations - i - 1) * DIGEST_SIZE],
+			     tseed_length, pseed);
+			mpz_add_ui(s, s, 1);
+		}
+
+		nettle_mpz_set_str_256_u(x, storage_length, storage);
+	}
+
+	/* x = sqrt(2)*2^(bits-1) + (x mod 2^(bits) - sqrt(2)*2(bits-1)) */
+
+	/* sq = sqrt(2)*2^(bits-1) */
+	mpz_set_ui(r1, 1);
+	mpz_mul_2exp(r1, r1, 2*bits-1);
+	mpz_sqrt(sq, r1);
+
+	/* r2 = 2^bits - sq */
+	mpz_set_ui(r2, 1);
+	mpz_mul_2exp(r2, r2, bits);
+	mpz_sub(r2, r2, sq);
+
+	/* x =  sqrt(2)*2^(bits-1) + (x mod (2^L - sqrt(2)*2^(bits-1)) */
+	mpz_mod(x, x, r2);
+	mpz_add(x, x, sq);
+
+	/* y = p2 = p1 = 1 */
+
+	/* r1 = (2 y p0 p1) */
+	mpz_mul_2exp(r1, p0, 1);
+
+	/* r2 = 2 p0 p1 p2 (p2=y=1) */
+	mpz_set(r2, r1);
+
+	/* r1 = (2 y p0 p1) + x */
+	mpz_add(r1, r1, x);
+
+	/* t = ((2 y p0 p1) + x) / (2 p0 p1 p2) */
+	mpz_cdiv_q(t, r1, r2);
+
+ retry:
+	/* p = t p2 - y = t - 1 */
+	mpz_sub_ui(p, t, 1);
+
+	/* p = 2(tp2-y)p0p1 */
+	mpz_mul(p, p, p0);
+	mpz_mul_2exp(p, p, 1);
+
+	/* p = 2(tp2-y)p0p1 + 1*/
+	mpz_add_ui(p, p, 1);
+
+	mpz_set_ui(r2, 1);
+	mpz_mul_2exp(r2, r2, bits);
+
+	if (mpz_cmp(p, r2) > 0) {
+		/* t = (2 y p0 p1) + sqrt(2)*2^(bits-1) / (2p0p1p2) */
+		mpz_set(r1, p0);
+		/* r1 = (2 y p0 p1) */
+		mpz_mul_2exp(r1, r1, 1);
+
+		/* sq =  sqrt(2)*2^(bits-1) */
+
+		/* r1 = (2 y p0 p1) + sq */
+		mpz_add(r1, r1, sq);
+
+		/* r2 = 2 p0 p1 p2 */
+		mpz_mul_2exp(r2, p0, 1);
+
+		/* t = ((2 y p0 p1) + sq) / (2 p0 p1 p2) */
+		mpz_cdiv_q(t, r1, r2);
+	}
+
+	pcounter++;
+
+	/* r2 = p - 1 */
+	mpz_sub_ui(r2, p, 1);
+
+	/* r1 = GCD(p1, e) */
+	mpz_gcd(r1, e, r2);
+
+	if (mpz_cmp_ui(r1, 1) == 0) {
+		mpz_set_ui(x, 0); /* a = 0 */
+		if (iterations > 0) {
+			for (i = 0; i < iterations; i++) {
+				tseed_length = mpz_seed_sizeinbase_256_u(s, pseed_length);
+				if (tseed_length > sizeof(pseed))
+					goto fail;
+				nettle_mpz_get_str_256(tseed_length, pseed, s);
+
+				hash(&storage[(iterations - i - 1) * DIGEST_SIZE],
+				     tseed_length, pseed);
+				mpz_add_ui(s, s, 1);
+			}
+
+			nettle_mpz_set_str_256_u(x, storage_length, storage);
+		}
+
+		/* a = 2 + a mod p-3 */
+		mpz_sub_ui(r1, p, 3);	/* p is too large to worry about negatives */
+		mpz_mod(x, x, r1);
+		mpz_add_ui(x, x, 2);
+
+		/* z = a^(2(tp2-y)p1) mod p */
+
+		/* r1 = (tp2-y) */
+		mpz_sub_ui(r1, t, 1);
+		/* r1 = 2(tp2-y)p1 */
+		mpz_mul_2exp(r1, r1, 1);
+
+		/* z = r2 = a^r1 mod p */
+		mpz_powm(r2, x, r1, p);
+
+		mpz_sub_ui(r1, r2, 1);
+		mpz_gcd(x, r1, p);
+
+		if (mpz_cmp_ui(x, 1) == 0) {
+			mpz_powm(r1, r2, p0, p);
+			if (mpz_cmp_ui(r1, 1) == 0) {
+				if (prime_seed_length != NULL) {
+					tseed_length = mpz_seed_sizeinbase_256_u(s, pseed_length);
+					if (tseed_length > sizeof(pseed))
+						goto fail;
+
+					nettle_mpz_get_str_256(tseed_length, pseed, s);
+
+					if (*prime_seed_length < tseed_length) {
+						*prime_seed_length = tseed_length;
+						goto fail;
+					}
+					*prime_seed_length = tseed_length;
+					if (prime_seed != NULL)
+						memcpy(prime_seed, pseed, tseed_length);
+				}
+				ret = 1;
+				goto cleanup;
+			}
+		}
+	}
+
+	if (pcounter >= max) {
+		goto fail;
+	}
+
+	mpz_add_ui(t, t, 1);
+	goto retry;
+
+fail:
+	ret = 0;
+cleanup:
+	free(storage);
+	mpz_clear(p0);
+	mpz_clear(sq);
+	mpz_clear(r1);
+	mpz_clear(r2);
+	mpz_clear(x);
+	mpz_clear(t);
+	mpz_clear(s);
+
+	return ret;
+}
+
+/* Return the pre-defined seed length for modulus size, or 0 when the
+ * modulus size is unsupported.
+ */
+static inline unsigned
+seed_length_for_modulus_size(unsigned modulus_size)
+{
+	switch (modulus_size) {
+	case 2048:      /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */
+		return 14 * 2;
+	case 3072:      /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */
+		return 16 * 2;
+	case 4096:      /* SP 800-56B rev 2 Appendix D */
+		return 19 * 2;
+	case 6144:      /* SP 800-56B rev 2 Appendix D */
+		return 22 * 2;
+	case 7680:      /* FIPS 140-2 IG 7.5 */
+		return 24 * 2;
+	case 8192:      /* SP 800-56B rev 2 Appendix D */
+		return 25 * 2;
+	case 15360:     /* FIPS 140-2 IG 7.5 */
+		return 32 * 2;
+	default:
+		return 0;
+	}
+
+}
+
+/* This generates p,q params using the B.3.2.2 algorithm in FIPS 186-4.
+ * 
+ * The hash function used is SHA384.
+ * The exponent e used is the value in pub->e.
+ */
+int
+_rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
+				struct rsa_private_key *key,
+				unsigned seed_length, uint8_t * seed,
+				void *progress_ctx,
+				nettle_progress_func * progress,
+				/* Desired size of modulo, in bits */
+				unsigned n_size)
+{
+	mpz_t t, r, p1, q1, lcm;
+	int ret;
+	struct dss_params_validation_seeds cert;
+	unsigned l = n_size / 2;
+	unsigned s = seed_length_for_modulus_size(n_size);
+
+	if (!s) {
+		FIPS_RULE(false, 0, "unsupported modulus size\n");
+	}
+
+	FIPS_RULE(seed_length != s, 0,
+		  "seed length other than %u bytes\n", s);
+
+	if (!mpz_tstbit(pub->e, 0)) {
+		_gnutls_debug_log("Unacceptable e (it is even)\n");
+		return 0;
+	}
+
+	if (mpz_cmp_ui(pub->e, 65536) <= 0) {
+		_gnutls_debug_log("Unacceptable e\n");
+		return 0;
+	}
+
+	mpz_init(p1);
+	mpz_init(q1);
+	mpz_init(lcm);
+	mpz_init(t);
+	mpz_init(r);
+
+	mpz_set_ui(t, 1);
+	mpz_mul_2exp(t, t, 256);
+
+	if (mpz_cmp(pub->e, t) >= 0) {
+		ret = 0;
+		goto cleanup;
+	}
+
+	cert.pseed_length = sizeof(cert.pseed);
+	ret = rsa_provable_prime(key->p, &cert.pseed_length, cert.pseed,
+				l, seed_length,
+				seed, pub->e, progress_ctx, progress);
+	if (ret == 0) {
+		goto cleanup;
+	}
+
+	mpz_set_ui(r, 1);
+	mpz_mul_2exp(r, r, (l) - 100);
+
+	do {
+		cert.qseed_length = sizeof(cert.qseed);
+		ret = rsa_provable_prime(key->q, &cert.qseed_length, cert.qseed,
+					l, cert.pseed_length, cert.pseed,
+					pub->e,
+					progress_ctx, progress);
+		if (ret == 0) {
+			goto cleanup;
+		}
+
+
+		cert.pseed_length = cert.qseed_length;
+		memcpy(cert.pseed, cert.qseed, cert.qseed_length);
+
+
+		if (mpz_cmp(key->p, key->q) > 0)
+			mpz_sub(t, key->p, key->q);
+		else
+			mpz_sub(t, key->q, key->p);
+	} while (mpz_cmp(t, r) <= 0);
+
+	memset(&cert, 0, sizeof(cert));
+
+	mpz_mul(pub->n, key->p, key->q);
+
+	if (mpz_sizeinbase(pub->n, 2) != n_size) {
+		ret = 0;
+		goto cleanup;
+	}
+
+	/* c = q^{-1} (mod p) */
+	if (mpz_invert(key->c, key->q, key->p) == 0) {
+		ret = 0;
+		goto cleanup;
+	}
+
+	mpz_sub_ui(p1, key->p, 1);
+	mpz_sub_ui(q1, key->q, 1);
+
+	mpz_lcm(lcm, p1, q1);
+
+	if (mpz_invert(key->d, pub->e, lcm) == 0) {
+		ret = 0;
+		goto cleanup;
+	}
+
+	/* check whether d > 2^(nlen/2) -- FIPS186-4 5.3.1 */
+	if (mpz_sizeinbase(key->d, 2) < n_size/2) {
+		ret = 0;
+		goto cleanup;
+	}
+
+	/* Done! Almost, we must compute the auxiliary private values. */
+	/* a = d % (p-1) */
+	mpz_fdiv_r(key->a, key->d, p1);
+
+	/* b = d % (q-1) */
+	mpz_fdiv_r(key->b, key->d, q1);
+
+	/* c was computed earlier */
+
+	pub->size = key->size = (n_size + 7) / 8;
+	if (pub->size < RSA_MINIMUM_N_OCTETS) {
+		ret = 0;
+		goto cleanup;
+	}
+
+	ret = 1;
+ cleanup:
+	mpz_clear(p1);
+	mpz_clear(q1);
+	mpz_clear(lcm);
+	mpz_clear(t);
+	mpz_clear(r);
+	return ret;
+}
+
+/* This generates p,q params using the B.3.2.2 algorithm in FIPS 186-4.
+ * 
+ * The hash function used is SHA384.
+ * The exponent e used is the value in pub->e.
+ */
+int
+rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
+			       struct rsa_private_key *key,
+			       void *random_ctx, nettle_random_func * random,
+			       void *progress_ctx,
+			       nettle_progress_func * progress,
+			       unsigned *rseed_size,
+			       void *rseed,
+			       /* Desired size of modulo, in bits */
+			       unsigned n_size)
+{
+	uint8_t seed[128];
+	unsigned seed_length;
+	int ret;
+
+	seed_length = seed_length_for_modulus_size(n_size);
+	FIPS_RULE(!seed_length, 0, "unsupported modulus size\n");
+
+	assert(seed_length <= sizeof(seed));
+
+	random(random_ctx, seed_length, seed);
+
+	if (rseed && rseed_size) {
+		if (*rseed_size < seed_length) {
+			return 0;
+		}
+		memcpy(rseed, seed, seed_length);
+		*rseed_size = seed_length;
+	}
+
+	ret = _rsa_generate_fips186_4_keypair(pub, key, seed_length, seed,
+					       progress_ctx, progress, n_size);
+	gnutls_memset(seed, 0, seed_length);
+	return ret;
+}
diff --git a/lib/nettle/int/rsa-pad.c b/lib/nettle/int/rsa-pad.c
new file mode 100644
index 0000000..401bad3
--- /dev/null
+++ b/lib/nettle/int/rsa-pad.c
@@ -0,0 +1,123 @@
+/*
+ * Copyright (C) 2021 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include "gnutls_int.h"
+
+#include <nettle/pkcs1.h>
+#include <nettle/pss.h>
+#include <nettle/sha2.h>
+
+/* These are helper functions to perform RSA padding before signing, only used
+ * for the crypto backends that do not support RSA-PKCS1/PSS natively for the
+ * use with TLS (such as TPM2); not recommended for general usage.
+ */
+
+int
+_gnutls_rsa_pkcs1_sign_pad(size_t key_bits,
+			   const gnutls_datum_t *data,
+			   unsigned char *buffer, size_t buffer_size)
+{
+	size_t key_size = (key_bits + 7) / 8;
+	size_t size;
+	mpz_t m;
+	int ret = 0;
+
+	mpz_init(m);
+	if (!pkcs1_rsa_digest_encode(m, key_size, data->size, data->data)) {
+		ret = gnutls_assert_val(GNUTLS_E_PK_SIGN_FAILED);
+		goto out;
+	}
+
+	size = nettle_mpz_sizeinbase_256_u(m);
+	if (size > buffer_size) {
+		ret = gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+		goto out;
+	}
+	nettle_mpz_get_str_256(buffer_size, buffer, m);
+
+ out:
+	mpz_clear(m);
+	return ret;
+}
+
+int
+_gnutls_rsa_pss_sign_pad(gnutls_x509_spki_st *params,
+			 size_t key_bits,
+			 const gnutls_datum_t *data,
+			 unsigned char *buffer, size_t buffer_size)
+{
+	mpz_t m;
+	int ret = 0;
+	const struct nettle_hash *hash;
+	uint8_t salt[SHA512_DIGEST_SIZE];
+	size_t size;
+
+	mpz_init(m);
+
+	switch (params->rsa_pss_dig) {
+	case GNUTLS_DIG_SHA256:
+		hash = &nettle_sha256;
+		break;
+	case GNUTLS_DIG_SHA384:
+		hash = &nettle_sha384;
+		break;
+	case GNUTLS_DIG_SHA512:
+		hash = &nettle_sha512;
+		break;
+	default:
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto out;
+	}
+
+	if (data->size != hash->digest_size) {
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto out;
+	}
+
+	ret = gnutls_rnd(GNUTLS_RND_NONCE, salt, params->salt_size);
+	if (ret < 0) {
+		goto out;
+	}
+
+	/* The emBits for EMSA-PSS encoding is actually one *fewer*
+	 * bit than the RSA modulus. */
+	if (!pss_encode_mgf1(m, key_bits - 1, hash, params->salt_size, salt,
+			     data->data)) {
+		ret = gnutls_assert_val(GNUTLS_E_PK_SIGN_FAILED);
+		goto out;
+	}
+
+	size = nettle_mpz_sizeinbase_256_u(m);
+	if (size > buffer_size) {
+		ret = gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+		goto out;
+	}
+	nettle_mpz_get_str_256(buffer_size, buffer, m);
+
+ out:
+	mpz_clear(m);
+	return ret;
+}
diff --git a/lib/nettle/int/tls1-prf.c b/lib/nettle/int/tls1-prf.c
new file mode 100644
index 0000000..19ca5d3
--- /dev/null
+++ b/lib/nettle/int/tls1-prf.c
@@ -0,0 +1,159 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions for the TLS PRF handling.
+ */
+
+#if HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <gnutls_int.h>
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <nettle/hmac.h>
+#include <nettle/memxor.h>
+#include "int/tls1-prf.h"
+#include <nettle/sha1.h>
+#include <nettle/md5.h>
+
+
+/* The RFC2246 P_hash() function. The mac_ctx is expected to
+ * be initialized and key set to be the secret key.
+ */
+static void
+P_hash( void *mac_ctx,
+	nettle_hash_update_func *update,
+	nettle_hash_digest_func *digest,
+	size_t digest_size,
+	size_t seed_size, const uint8_t *seed,
+	size_t label_size, const char *label,
+	size_t dst_length,
+	uint8_t *dst)
+{
+	uint8_t Atmp[MAX_HASH_SIZE];
+	ssize_t left;
+	unsigned started = 0;
+
+	/* round up */
+	left = dst_length;
+
+	while(left > 0) {
+		if (started == 0) { /* A(0) */
+		        update(mac_ctx, label_size, (const uint8_t *)label); /* hash label */
+			update(mac_ctx, seed_size, seed);
+			started = 1;
+		} else {
+			update(mac_ctx, digest_size, Atmp);
+		}
+		digest(mac_ctx, digest_size, Atmp); /* store A(i) */
+
+		update(mac_ctx, digest_size, Atmp); /* hash A(i) */
+		update(mac_ctx, label_size, (const uint8_t *)label); /* hash label */
+		update(mac_ctx, seed_size, seed); /* hash seed */
+
+		if (left < (ssize_t)digest_size)
+			digest_size = left;
+
+		digest(mac_ctx, digest_size, dst);
+
+		left -= digest_size;
+		dst += digest_size;
+	}
+
+	return;
+}
+
+int
+tls10_prf(size_t secret_size, const uint8_t *secret,
+	  size_t label_size, const char *label,
+	  size_t seed_size, const uint8_t *seed,
+	  size_t length, uint8_t *dst)
+{
+	int l_s;
+	const uint8_t *s1, *s2;
+	struct hmac_md5_ctx md5_ctx;
+	struct hmac_sha1_ctx sha1_ctx;
+	uint8_t o1[MAX_PRF_BYTES];
+
+	if (length > MAX_PRF_BYTES)
+		return 0;
+
+	l_s = secret_size / 2;
+	s1 = &secret[0];
+	s2 = &secret[l_s];
+	if (secret_size % 2 != 0) {
+		l_s++;
+	}
+
+	hmac_md5_set_key(&md5_ctx, l_s, s1);
+
+	P_hash(&md5_ctx, (nettle_hash_update_func*)hmac_md5_update,
+		(nettle_hash_digest_func*)hmac_md5_digest,
+		MD5_DIGEST_SIZE,
+		seed_size, seed, label_size, label, length, o1);
+
+	hmac_sha1_set_key(&sha1_ctx, l_s, s2);
+
+	P_hash(&sha1_ctx, (nettle_hash_update_func*)hmac_sha1_update,
+		(nettle_hash_digest_func*)hmac_sha1_digest,
+		SHA1_DIGEST_SIZE,
+		seed_size, seed, label_size, label, length, dst);
+
+	memxor(dst, o1, length);
+
+	return 1;
+}
+
+/*-
+ * tls12_prf:
+ * @mac_ctx: a MAC context initialized with key being the secret
+ * @update: a MAC update function
+ * @digest: a MAC digest function
+ * @digest_size: the MAC output size
+ * @label_size: the size of the label
+ * @label: the label to apply
+ * @seed_size: the seed size
+ * @seed: the seed
+ * @length: size of desired PRF output
+ * @dst: the location to store output
+ *
+ * The TLS 1.2 Pseudo-Random-Function (PRF).
+ *
+ * Returns: zero on failure, non zero on success.
+ -*/
+int
+tls12_prf(void *mac_ctx,
+	  nettle_hash_update_func *update,
+	  nettle_hash_digest_func *digest,
+	  size_t digest_size,
+	  size_t label_size, const char *label,
+	  size_t seed_size, const uint8_t *seed,
+	  size_t length, uint8_t *dst)
+{
+	P_hash(mac_ctx, update, digest, digest_size,
+		seed_size, seed, label_size, label, length, dst);
+
+	return 1;
+}
diff --git a/lib/nettle/int/tls1-prf.h b/lib/nettle/int/tls1-prf.h
new file mode 100644
index 0000000..e79d1c8
--- /dev/null
+++ b/lib/nettle/int/tls1-prf.h
@@ -0,0 +1,49 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_NETTLE_INT_TLS1_PRF_H
+#define GNUTLS_LIB_NETTLE_INT_TLS1_PRF_H
+
+#include <nettle/nettle-meta.h>
+
+#define MAX_PRF_BYTES 200
+
+/* Namespace mangling */
+#define tls10_prf nettle_tls10_prf
+#define tls12_prf nettle_tls12_prf
+
+int
+tls10_prf(size_t secret_size, const uint8_t *secret,
+	  size_t label_size, const char *label,
+	  size_t seed_size, const uint8_t *seed,
+	  size_t length, uint8_t *dst);
+
+int
+tls12_prf(void *mac_ctx,
+	  nettle_hash_update_func *update,
+	  nettle_hash_digest_func *digest,
+	  size_t digest_size,
+	  size_t label_size, const char *label,
+	  size_t seed_size, const uint8_t *seed,
+	  size_t length, uint8_t *dst);
+
+#endif /* GNUTLS_LIB_NETTLE_INT_TLS1_PRF_H */
diff --git a/lib/nettle/mac.c b/lib/nettle/mac.c
new file mode 100644
index 0000000..c891c8d
--- /dev/null
+++ b/lib/nettle/mac.c
@@ -0,0 +1,958 @@
+/*
+ * Copyright (C) 2008-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file provides the backend hash/mac API for nettle.
+ */
+
+#include "gnutls_int.h"
+#include <hash_int.h>
+#include "errors.h"
+#include <nettle/md5.h>
+#include <nettle/md2.h>
+#include <nettle/sha.h>
+#include <nettle/sha3.h>
+#include <nettle/hmac.h>
+#include <nettle/umac.h>
+#include <nettle/hkdf.h>
+#include <nettle/pbkdf2.h>
+#include <nettle/cmac.h>
+#if ENABLE_GOST
+#include "gost/hmac-gost.h"
+#ifndef HAVE_NETTLE_GOST28147_SET_KEY
+#include "gost/gost28147.h"
+#endif
+#include "gost/cmac.h"
+#endif
+#include <nettle/gcm.h>
+
+typedef void (*update_func) (void *, size_t, const uint8_t *);
+typedef void (*digest_func) (void *, size_t, uint8_t *);
+typedef void (*set_key_func) (void *, size_t, const uint8_t *);
+typedef void (*set_nonce_func) (void *, size_t, const uint8_t *);
+
+static int wrap_nettle_hash_init(gnutls_digest_algorithm_t algo,
+				 void **_ctx);
+
+struct md5_sha1_ctx {
+	struct md5_ctx md5;
+	struct sha1_ctx sha1;
+};
+
+struct gmac_ctx {
+	unsigned int pos;
+	uint8_t buffer[GCM_BLOCK_SIZE];
+	struct gcm_key key;
+	struct gcm_ctx ctx;
+	nettle_cipher_func *encrypt;
+	union {
+		struct aes128_ctx aes128;
+		struct aes192_ctx aes192;
+		struct aes256_ctx aes256;
+	} cipher;
+};
+
+struct nettle_hash_ctx {
+	union {
+		struct md5_ctx md5;
+		struct sha224_ctx sha224;
+		struct sha256_ctx sha256;
+		struct sha384_ctx sha384;
+		struct sha512_ctx sha512;
+		struct sha3_224_ctx sha3_224;
+		struct sha3_256_ctx sha3_256;
+		struct sha3_384_ctx sha3_384;
+		struct sha3_512_ctx sha3_512;
+		struct sha1_ctx sha1;
+		struct md2_ctx md2;
+		struct md5_sha1_ctx md5_sha1;
+#if ENABLE_GOST
+		struct gosthash94cp_ctx gosthash94cp;
+		struct streebog256_ctx streebog256;
+		struct streebog512_ctx streebog512;
+#endif
+	} ctx;
+	void *ctx_ptr;
+	gnutls_digest_algorithm_t algo;
+	size_t length;
+	update_func update;
+	digest_func digest;
+};
+
+struct nettle_mac_ctx {
+	union {
+		struct hmac_md5_ctx md5;
+		struct hmac_sha224_ctx sha224;
+		struct hmac_sha256_ctx sha256;
+		struct hmac_sha384_ctx sha384;
+		struct hmac_sha512_ctx sha512;
+		struct hmac_sha1_ctx sha1;
+#if ENABLE_GOST
+		struct hmac_gosthash94cp_ctx gosthash94cp;
+		struct hmac_streebog256_ctx streebog256;
+		struct hmac_streebog512_ctx streebog512;
+		struct gost28147_imit_ctx gost28147_imit;
+		struct cmac_magma_ctx magma;
+		struct cmac_kuznyechik_ctx kuznyechik;
+#endif
+		struct umac96_ctx umac96;
+		struct umac128_ctx umac128;
+                struct cmac_aes128_ctx cmac128;
+                struct cmac_aes256_ctx cmac256;
+		struct gmac_ctx gmac;
+	} ctx;
+
+	void *ctx_ptr;
+	gnutls_mac_algorithm_t algo;
+	size_t length;
+	update_func update;
+	digest_func digest;
+	set_key_func set_key;
+	set_nonce_func set_nonce;
+};
+
+#if ENABLE_GOST
+static void
+_wrap_gost28147_imit_set_key_tc26z(void *ctx, size_t len, const uint8_t * key)
+{
+	gost28147_imit_set_param(ctx, &gost28147_param_TC26_Z);
+	gost28147_imit_set_key(ctx, len, key);
+}
+
+static void
+_wrap_cmac_magma_set_key(void *ctx, size_t len, const uint8_t * key)
+{
+	cmac_magma_set_key(ctx, key);
+}
+
+static void
+_wrap_cmac_kuznyechik_set_key(void *ctx, size_t len, const uint8_t * key)
+{
+	cmac_kuznyechik_set_key(ctx, key);
+}
+#endif
+
+static void
+_wrap_umac96_set_key(void *ctx, size_t len, const uint8_t * key)
+{
+	if (unlikely(len != 16))
+		abort();
+	umac96_set_key(ctx, key);
+}
+
+static void
+_wrap_umac128_set_key(void *ctx, size_t len, const uint8_t * key)
+{
+	if (unlikely(len != 16))
+		abort();
+	umac128_set_key(ctx, key);
+}
+
+static void
+_wrap_cmac128_set_key(void *ctx, size_t len, const uint8_t * key)
+{
+	if (unlikely(len != 16))
+		abort();
+	cmac_aes128_set_key(ctx, key);
+}
+
+static void
+_wrap_cmac256_set_key(void *ctx, size_t len, const uint8_t * key)
+{
+	if (unlikely(len != 32))
+		abort();
+	cmac_aes256_set_key(ctx, key);
+}
+
+static void
+_wrap_gmac_aes128_set_key(void *_ctx, size_t len, const uint8_t * key)
+{
+	struct gmac_ctx *ctx = _ctx;
+
+	if (unlikely(len != 16))
+		abort();
+	aes128_set_encrypt_key(&ctx->cipher.aes128, key);
+	gcm_set_key(&ctx->key, &ctx->cipher, ctx->encrypt);
+	ctx->pos = 0;
+}
+
+static void
+_wrap_gmac_aes192_set_key(void *_ctx, size_t len, const uint8_t * key)
+{
+	struct gmac_ctx *ctx = _ctx;
+
+	if (unlikely(len != 24))
+		abort();
+	aes192_set_encrypt_key(&ctx->cipher.aes192, key);
+	gcm_set_key(&ctx->key, &ctx->cipher, ctx->encrypt);
+	ctx->pos = 0;
+}
+
+static void
+_wrap_gmac_aes256_set_key(void *_ctx, size_t len, const uint8_t * key)
+{
+	struct gmac_ctx *ctx = _ctx;
+
+	if (unlikely(len != 32))
+		abort();
+	aes256_set_encrypt_key(&ctx->cipher.aes256, key);
+	gcm_set_key(&ctx->key, &ctx->cipher, ctx->encrypt);
+	ctx->pos = 0;
+}
+
+static void _wrap_gmac_set_nonce(void *_ctx, size_t nonce_length, const uint8_t *nonce)
+{
+	struct gmac_ctx *ctx = _ctx;
+
+	gcm_set_iv(&ctx->ctx, &ctx->key, nonce_length, nonce);
+}
+
+static void _wrap_gmac_update(void *_ctx, size_t length, const uint8_t *data)
+{
+	struct gmac_ctx *ctx = _ctx;
+
+	if (ctx->pos + length < GCM_BLOCK_SIZE) {
+		memcpy(&ctx->buffer[ctx->pos], data, length);
+		ctx->pos += length;
+		return;
+	}
+
+	if (ctx->pos) {
+		memcpy(&ctx->buffer[ctx->pos], data, GCM_BLOCK_SIZE - ctx->pos);
+		gcm_update(&ctx->ctx, &ctx->key, GCM_BLOCK_SIZE, ctx->buffer);
+		data += GCM_BLOCK_SIZE - ctx->pos;
+		length -= GCM_BLOCK_SIZE - ctx->pos;
+	}
+
+	if (length >= GCM_BLOCK_SIZE) {
+		gcm_update(&ctx->ctx, &ctx->key,
+			   length / GCM_BLOCK_SIZE * GCM_BLOCK_SIZE,
+			   data);
+		data += length / GCM_BLOCK_SIZE * GCM_BLOCK_SIZE;
+		length %= GCM_BLOCK_SIZE;
+	}
+
+	memcpy(ctx->buffer, data, length);
+	ctx->pos = length;
+}
+
+static void _wrap_gmac_digest(void *_ctx, size_t length, uint8_t *digest)
+{
+	struct gmac_ctx *ctx = _ctx;
+
+	if (ctx->pos)
+		gcm_update(&ctx->ctx, &ctx->key, ctx->pos, ctx->buffer);
+	gcm_digest(&ctx->ctx, &ctx->key, &ctx->cipher, ctx->encrypt, length, digest);
+	ctx->pos = 0;
+}
+
+static int _mac_ctx_init(gnutls_mac_algorithm_t algo,
+			 struct nettle_mac_ctx *ctx)
+{
+	/* Any FIPS140-2 related enforcement is performed on
+	 * gnutls_hash_init() and gnutls_hmac_init() */
+
+	ctx->set_nonce = NULL;
+	switch (algo) {
+	case GNUTLS_MAC_MD5:
+		ctx->update = (update_func) hmac_md5_update;
+		ctx->digest = (digest_func) hmac_md5_digest;
+		ctx->set_key = (set_key_func) hmac_md5_set_key;
+		ctx->ctx_ptr = &ctx->ctx.md5;
+		ctx->length = MD5_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA1:
+		ctx->update = (update_func) hmac_sha1_update;
+		ctx->digest = (digest_func) hmac_sha1_digest;
+		ctx->set_key = (set_key_func) hmac_sha1_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha1;
+		ctx->length = SHA1_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA224:
+		ctx->update = (update_func) hmac_sha224_update;
+		ctx->digest = (digest_func) hmac_sha224_digest;
+		ctx->set_key = (set_key_func) hmac_sha224_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha224;
+		ctx->length = SHA224_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA256:
+		ctx->update = (update_func) hmac_sha256_update;
+		ctx->digest = (digest_func) hmac_sha256_digest;
+		ctx->set_key = (set_key_func) hmac_sha256_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha256;
+		ctx->length = SHA256_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA384:
+		ctx->update = (update_func) hmac_sha384_update;
+		ctx->digest = (digest_func) hmac_sha384_digest;
+		ctx->set_key = (set_key_func) hmac_sha384_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha384;
+		ctx->length = SHA384_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_SHA512:
+		ctx->update = (update_func) hmac_sha512_update;
+		ctx->digest = (digest_func) hmac_sha512_digest;
+		ctx->set_key = (set_key_func) hmac_sha512_set_key;
+		ctx->ctx_ptr = &ctx->ctx.sha512;
+		ctx->length = SHA512_DIGEST_SIZE;
+		break;
+#if ENABLE_GOST
+	case GNUTLS_MAC_GOSTR_94:
+		ctx->update = (update_func) hmac_gosthash94cp_update;
+		ctx->digest = (digest_func) hmac_gosthash94cp_digest;
+		ctx->set_key = (set_key_func) hmac_gosthash94cp_set_key;
+		ctx->ctx_ptr = &ctx->ctx.gosthash94cp;
+		ctx->length = GOSTHASH94CP_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_STREEBOG_256:
+		ctx->update = (update_func) hmac_streebog256_update;
+		ctx->digest = (digest_func) hmac_streebog256_digest;
+		ctx->set_key = (set_key_func) hmac_streebog256_set_key;
+		ctx->ctx_ptr = &ctx->ctx.streebog256;
+		ctx->length = STREEBOG256_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_STREEBOG_512:
+		ctx->update = (update_func) hmac_streebog512_update;
+		ctx->digest = (digest_func) hmac_streebog512_digest;
+		ctx->set_key = (set_key_func) hmac_streebog512_set_key;
+		ctx->ctx_ptr = &ctx->ctx.streebog512;
+		ctx->length = STREEBOG512_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_GOST28147_TC26Z_IMIT:
+		ctx->update = (update_func) gost28147_imit_update;
+		ctx->digest = (digest_func) gost28147_imit_digest;
+		ctx->set_key = _wrap_gost28147_imit_set_key_tc26z;
+		ctx->ctx_ptr = &ctx->ctx.gost28147_imit;
+		ctx->length = GOST28147_IMIT_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_MAGMA_OMAC:
+		ctx->update = (update_func) cmac_magma_update;
+		ctx->digest = (digest_func) cmac_magma_digest;
+		ctx->set_key = _wrap_cmac_magma_set_key;
+		ctx->ctx_ptr = &ctx->ctx.magma;
+		ctx->length = CMAC64_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_KUZNYECHIK_OMAC:
+		ctx->update = (update_func) cmac_kuznyechik_update;
+		ctx->digest = (digest_func) cmac_kuznyechik_digest;
+		ctx->set_key = _wrap_cmac_kuznyechik_set_key;
+		ctx->ctx_ptr = &ctx->ctx.kuznyechik;
+		ctx->length = CMAC128_DIGEST_SIZE;
+		break;
+#endif
+	case GNUTLS_MAC_UMAC_96:
+		ctx->update = (update_func) umac96_update;
+		ctx->digest = (digest_func) umac96_digest;
+		ctx->set_key = _wrap_umac96_set_key;
+		ctx->set_nonce = (set_nonce_func) umac96_set_nonce;
+		ctx->ctx_ptr = &ctx->ctx.umac96;
+		ctx->length = 12;
+		break;
+	case GNUTLS_MAC_UMAC_128:
+		ctx->update = (update_func) umac128_update;
+		ctx->digest = (digest_func) umac128_digest;
+		ctx->set_key = _wrap_umac128_set_key;
+		ctx->set_nonce = (set_nonce_func) umac128_set_nonce;
+		ctx->ctx_ptr = &ctx->ctx.umac128;
+		ctx->length = 16;
+		break;
+	case GNUTLS_MAC_AES_CMAC_128:
+		ctx->update = (update_func) cmac_aes128_update;
+		ctx->digest = (digest_func) cmac_aes128_digest;
+		ctx->set_key = _wrap_cmac128_set_key;
+		ctx->ctx_ptr = &ctx->ctx.cmac128;
+		ctx->length = CMAC128_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_AES_CMAC_256:
+		ctx->update = (update_func) cmac_aes256_update;
+		ctx->digest = (digest_func) cmac_aes256_digest;
+		ctx->set_key = _wrap_cmac256_set_key;
+		ctx->ctx_ptr = &ctx->ctx.cmac256;
+		ctx->length = CMAC128_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_AES_GMAC_128:
+		ctx->set_key = _wrap_gmac_aes128_set_key;
+		ctx->set_nonce = _wrap_gmac_set_nonce;
+		ctx->update = _wrap_gmac_update;
+		ctx->digest = _wrap_gmac_digest;
+		ctx->ctx_ptr = &ctx->ctx.gmac;
+		ctx->length = GCM_DIGEST_SIZE;
+		ctx->ctx.gmac.encrypt = (nettle_cipher_func *)aes128_encrypt;
+		break;
+	case GNUTLS_MAC_AES_GMAC_192:
+		ctx->set_key = _wrap_gmac_aes192_set_key;
+		ctx->set_nonce = _wrap_gmac_set_nonce;
+		ctx->update = _wrap_gmac_update;
+		ctx->digest = _wrap_gmac_digest;
+		ctx->ctx_ptr = &ctx->ctx.gmac;
+		ctx->length = GCM_DIGEST_SIZE;
+		ctx->ctx.gmac.encrypt = (nettle_cipher_func *)aes192_encrypt;
+		break;
+	case GNUTLS_MAC_AES_GMAC_256:
+		ctx->set_key = _wrap_gmac_aes256_set_key;
+		ctx->set_nonce = _wrap_gmac_set_nonce;
+		ctx->update = _wrap_gmac_update;
+		ctx->digest = _wrap_gmac_digest;
+		ctx->ctx_ptr = &ctx->ctx.gmac;
+		ctx->length = GCM_DIGEST_SIZE;
+		ctx->ctx.gmac.encrypt = (nettle_cipher_func *)aes256_encrypt;
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return 0;
+}
+
+static int wrap_nettle_mac_fast(gnutls_mac_algorithm_t algo,
+				const void *nonce, size_t nonce_size,
+				const void *key, size_t key_size,
+				const void *text, size_t text_size,
+				void *digest)
+{
+	struct nettle_mac_ctx ctx;
+	int ret;
+
+	ret = _mac_ctx_init(algo, &ctx);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ctx.set_key(&ctx, key_size, key);
+	if (ctx.set_nonce) {
+		if (nonce == NULL || nonce_size == 0)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		ctx.set_nonce(&ctx, nonce_size, nonce);
+	}
+	ctx.update(&ctx, text_size, text);
+	ctx.digest(&ctx, ctx.length, digest);
+	
+	zeroize_temp_key(&ctx, sizeof(ctx));
+
+	return 0;
+}
+
+static int wrap_nettle_mac_exists(gnutls_mac_algorithm_t algo)
+{
+	switch (algo) {
+	case GNUTLS_MAC_MD5:
+	case GNUTLS_MAC_SHA1:
+	case GNUTLS_MAC_SHA224:
+	case GNUTLS_MAC_SHA256:
+	case GNUTLS_MAC_SHA384:
+	case GNUTLS_MAC_SHA512:
+	case GNUTLS_MAC_UMAC_96:
+	case GNUTLS_MAC_UMAC_128:
+	case GNUTLS_MAC_AES_CMAC_128:
+	case GNUTLS_MAC_AES_CMAC_256:
+	case GNUTLS_MAC_AES_GMAC_128:
+	case GNUTLS_MAC_AES_GMAC_192:
+	case GNUTLS_MAC_AES_GMAC_256:
+#if ENABLE_GOST
+	case GNUTLS_MAC_GOSTR_94:
+	case GNUTLS_MAC_STREEBOG_256:
+	case GNUTLS_MAC_STREEBOG_512:
+	case GNUTLS_MAC_GOST28147_TC26Z_IMIT:
+	case GNUTLS_MAC_MAGMA_OMAC:
+	case GNUTLS_MAC_KUZNYECHIK_OMAC:
+#endif
+		return 1;
+	default:
+		return 0;
+	}
+}
+
+static int wrap_nettle_mac_init(gnutls_mac_algorithm_t algo, void **_ctx)
+{
+	struct nettle_mac_ctx *ctx;
+	int ret;
+
+	ctx = gnutls_calloc(1, sizeof(struct nettle_mac_ctx));
+	if (ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ctx->algo = algo;
+
+	ret = _mac_ctx_init(algo, ctx);
+	if (ret < 0) {
+		gnutls_free(ctx);
+		return gnutls_assert_val(ret);
+	}
+
+	*_ctx = ctx;
+
+	return 0;
+}
+
+static void *wrap_nettle_mac_copy(const void *_ctx)
+{
+	const struct nettle_mac_ctx *ctx = _ctx;
+	struct nettle_mac_ctx *new_ctx;
+	ptrdiff_t off = (uint8_t *)ctx->ctx_ptr - (uint8_t *)(&ctx->ctx);
+
+	new_ctx = gnutls_calloc(1, sizeof(struct nettle_mac_ctx));
+	if (new_ctx == NULL)
+		return NULL;
+
+	memcpy(new_ctx, ctx, sizeof(*ctx));
+	new_ctx->ctx_ptr = (uint8_t *)&new_ctx->ctx + off;
+
+	return new_ctx;
+}
+
+static int
+wrap_nettle_mac_set_key(void *_ctx, const void *key, size_t keylen)
+{
+	struct nettle_mac_ctx *ctx = _ctx;
+
+	ctx->set_key(ctx->ctx_ptr, keylen, key);
+	return 0;
+}
+
+static int
+wrap_nettle_mac_set_nonce(void *_ctx, const void *nonce, size_t noncelen)
+{
+	struct nettle_mac_ctx *ctx = _ctx;
+
+	if (ctx->set_nonce == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (nonce == NULL || noncelen == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ctx->set_nonce(ctx->ctx_ptr, noncelen, nonce);
+
+	return GNUTLS_E_SUCCESS;
+}
+
+static int
+wrap_nettle_mac_update(void *_ctx, const void *text, size_t textsize)
+{
+	struct nettle_mac_ctx *ctx = _ctx;
+
+	ctx->update(ctx->ctx_ptr, textsize, text);
+
+	return GNUTLS_E_SUCCESS;
+}
+
+static int
+wrap_nettle_mac_output(void *src_ctx, void *digest, size_t digestsize)
+{
+	struct nettle_mac_ctx *ctx;
+	ctx = src_ctx;
+
+	if (digestsize < ctx->length) {
+		gnutls_assert();
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	ctx->digest(ctx->ctx_ptr, digestsize, digest);
+
+	return 0;
+}
+
+static void wrap_nettle_mac_deinit(void *hd)
+{
+	struct nettle_mac_ctx *ctx = hd;
+	
+	zeroize_temp_key(ctx, sizeof(*ctx));
+	gnutls_free(ctx);
+}
+
+/* Hash functions 
+ */
+static int
+wrap_nettle_hash_update(void *_ctx, const void *text, size_t textsize)
+{
+	struct nettle_hash_ctx *ctx = _ctx;
+
+	ctx->update(ctx->ctx_ptr, textsize, text);
+
+	return GNUTLS_E_SUCCESS;
+}
+
+static void wrap_nettle_hash_deinit(void *hd)
+{
+	gnutls_free(hd);
+}
+
+static int wrap_nettle_hash_exists(gnutls_digest_algorithm_t algo)
+{
+	switch (algo) {
+	case GNUTLS_DIG_MD5:
+	case GNUTLS_DIG_SHA1:
+	case GNUTLS_DIG_MD5_SHA1:
+
+	case GNUTLS_DIG_SHA224:
+	case GNUTLS_DIG_SHA256:
+	case GNUTLS_DIG_SHA384:
+	case GNUTLS_DIG_SHA512:
+
+#ifdef NETTLE_SHA3_FIPS202
+	case GNUTLS_DIG_SHA3_224:
+	case GNUTLS_DIG_SHA3_256:
+	case GNUTLS_DIG_SHA3_384:
+	case GNUTLS_DIG_SHA3_512:
+#endif
+
+	case GNUTLS_DIG_SHAKE_128:
+	case GNUTLS_DIG_SHAKE_256:
+
+	case GNUTLS_DIG_MD2:
+	case GNUTLS_DIG_RMD160:
+
+#if ENABLE_GOST
+	case GNUTLS_DIG_GOSTR_94:
+	case GNUTLS_DIG_STREEBOG_256:
+	case GNUTLS_DIG_STREEBOG_512:
+#endif
+		return 1;
+	default:
+		return 0;
+	}
+}
+
+static void _md5_sha1_update(void *_ctx, size_t len, const uint8_t *data)
+{
+	struct md5_sha1_ctx *ctx = _ctx;
+
+	md5_update(&ctx->md5, len, data);
+	sha1_update(&ctx->sha1, len, data);
+}
+
+static void _md5_sha1_digest(void *_ctx, size_t len, uint8_t *digest)
+{
+	struct md5_sha1_ctx *ctx = _ctx;
+
+	md5_digest(&ctx->md5, len <= MD5_DIGEST_SIZE ? len : MD5_DIGEST_SIZE,
+		   digest);
+
+	if (len > MD5_DIGEST_SIZE)
+		sha1_digest(&ctx->sha1, len - MD5_DIGEST_SIZE,
+			    digest + MD5_DIGEST_SIZE);
+}
+
+static int _ctx_init(gnutls_digest_algorithm_t algo,
+		     struct nettle_hash_ctx *ctx)
+{
+	/* Any FIPS140-2 related enforcement is performed on
+	 * gnutls_hash_init() and gnutls_hmac_init() */
+	switch (algo) {
+	case GNUTLS_DIG_MD5:
+		md5_init(&ctx->ctx.md5);
+		ctx->update = (update_func) md5_update;
+		ctx->digest = (digest_func) md5_digest;
+		ctx->ctx_ptr = &ctx->ctx.md5;
+		ctx->length = MD5_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA1:
+		sha1_init(&ctx->ctx.sha1);
+		ctx->update = (update_func) sha1_update;
+		ctx->digest = (digest_func) sha1_digest;
+		ctx->ctx_ptr = &ctx->ctx.sha1;
+		ctx->length = SHA1_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_MD5_SHA1:
+		md5_init(&ctx->ctx.md5_sha1.md5);
+		sha1_init(&ctx->ctx.md5_sha1.sha1);
+		ctx->update = (update_func) _md5_sha1_update;
+		ctx->digest = (digest_func) _md5_sha1_digest;
+		ctx->ctx_ptr = &ctx->ctx.md5_sha1;
+		ctx->length = MD5_DIGEST_SIZE + SHA1_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA224:
+		sha224_init(&ctx->ctx.sha224);
+		ctx->update = (update_func) sha224_update;
+		ctx->digest = (digest_func) sha224_digest;
+		ctx->ctx_ptr = &ctx->ctx.sha224;
+		ctx->length = SHA224_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA256:
+		sha256_init(&ctx->ctx.sha256);
+		ctx->update = (update_func) sha256_update;
+		ctx->digest = (digest_func) sha256_digest;
+		ctx->ctx_ptr = &ctx->ctx.sha256;
+		ctx->length = SHA256_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA384:
+		sha384_init(&ctx->ctx.sha384);
+		ctx->update = (update_func) sha384_update;
+		ctx->digest = (digest_func) sha384_digest;
+		ctx->ctx_ptr = &ctx->ctx.sha384;
+		ctx->length = SHA384_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA512:
+		sha512_init(&ctx->ctx.sha512);
+		ctx->update = (update_func) sha512_update;
+		ctx->digest = (digest_func) sha512_digest;
+		ctx->ctx_ptr = &ctx->ctx.sha512;
+		ctx->length = SHA512_DIGEST_SIZE;
+		break;
+#ifdef NETTLE_SHA3_FIPS202
+	case GNUTLS_DIG_SHA3_224:
+		sha3_224_init(&ctx->ctx.sha3_224);
+		ctx->update = (update_func) sha3_224_update;
+		ctx->digest = (digest_func) sha3_224_digest;
+		ctx->ctx_ptr = &ctx->ctx.sha3_224;
+		ctx->length = SHA3_224_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA3_256:
+		sha3_256_init(&ctx->ctx.sha3_256);
+		ctx->update = (update_func) sha3_256_update;
+		ctx->digest = (digest_func) sha3_256_digest;
+		ctx->ctx_ptr = &ctx->ctx.sha3_256;
+		ctx->length = SHA3_256_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA3_384:
+		sha3_384_init(&ctx->ctx.sha3_384);
+		ctx->update = (update_func) sha3_384_update;
+		ctx->digest = (digest_func) sha3_384_digest;
+		ctx->ctx_ptr = &ctx->ctx.sha3_384;
+		ctx->length = SHA3_384_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_SHA3_512:
+		sha3_512_init(&ctx->ctx.sha3_512);
+		ctx->update = (update_func) sha3_512_update;
+		ctx->digest = (digest_func) sha3_512_digest;
+		ctx->ctx_ptr = &ctx->ctx.sha3_512;
+		ctx->length = SHA3_512_DIGEST_SIZE;
+		break;
+#endif
+	case GNUTLS_DIG_MD2:
+		md2_init(&ctx->ctx.md2);
+		ctx->update = (update_func) md2_update;
+		ctx->digest = (digest_func) md2_digest;
+		ctx->ctx_ptr = &ctx->ctx.md2;
+		ctx->length = MD2_DIGEST_SIZE;
+		break;
+#if ENABLE_GOST
+	case GNUTLS_DIG_GOSTR_94:
+		gosthash94cp_init(&ctx->ctx.gosthash94cp);
+		ctx->update = (update_func) gosthash94cp_update;
+		ctx->digest = (digest_func) gosthash94cp_digest;
+		ctx->ctx_ptr = &ctx->ctx.gosthash94cp;
+		ctx->length = GOSTHASH94_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_STREEBOG_256:
+		streebog256_init(&ctx->ctx.streebog256);
+		ctx->update = (update_func) streebog256_update;
+		ctx->digest = (digest_func) streebog256_digest;
+		ctx->ctx_ptr = &ctx->ctx.streebog256;
+		ctx->length = STREEBOG256_DIGEST_SIZE;
+		break;
+	case GNUTLS_DIG_STREEBOG_512:
+		streebog512_init(&ctx->ctx.streebog512);
+		ctx->update = (update_func) streebog512_update;
+		ctx->digest = (digest_func) streebog512_digest;
+		ctx->ctx_ptr = &ctx->ctx.streebog512;
+		ctx->length = STREEBOG512_DIGEST_SIZE;
+		break;
+#endif
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return 0;
+}
+
+static int wrap_nettle_hash_fast(gnutls_digest_algorithm_t algo,
+				 const void *text, size_t text_size,
+				 void *digest)
+{
+	struct nettle_hash_ctx ctx;
+	int ret;
+
+	ret = _ctx_init(algo, &ctx);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (text_size > 0) {
+		ctx.update(&ctx, text_size, text);
+	}
+	ctx.digest(&ctx, ctx.length, digest);
+	zeroize_temp_key(&ctx, sizeof(ctx));
+
+	return 0;
+}
+
+static int
+wrap_nettle_hash_init(gnutls_digest_algorithm_t algo, void **_ctx)
+{
+	struct nettle_hash_ctx *ctx;
+	int ret;
+
+	ctx = gnutls_malloc(sizeof(struct nettle_hash_ctx));
+	if (ctx == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ctx->algo = algo;
+
+	if ((ret = _ctx_init(algo, ctx)) < 0) {
+		gnutls_assert();
+		gnutls_free(ctx);
+		return ret;
+	}
+
+	*_ctx = ctx;
+
+	return 0;
+}
+
+static void *wrap_nettle_hash_copy(const void *_ctx)
+{
+	const struct nettle_hash_ctx *ctx = _ctx;
+	struct nettle_hash_ctx *new_ctx;
+	ptrdiff_t off = (uint8_t *)ctx->ctx_ptr - (uint8_t *)(&ctx->ctx);
+
+	new_ctx = gnutls_calloc(1, sizeof(struct nettle_hash_ctx));
+	if (new_ctx == NULL)
+		return NULL;
+
+	memcpy(new_ctx, ctx, sizeof(*ctx));
+	new_ctx->ctx_ptr = (uint8_t *)&new_ctx->ctx + off;
+
+	return new_ctx;
+}
+
+static int
+wrap_nettle_hash_output(void *src_ctx, void *digest, size_t digestsize)
+{
+	struct nettle_hash_ctx *ctx;
+	ctx = src_ctx;
+
+	if (digestsize < ctx->length) {
+		gnutls_assert();
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	ctx->digest(ctx->ctx_ptr, digestsize, digest);
+
+	return 0;
+}
+
+/* KDF functions based on MAC
+ */
+static int
+wrap_nettle_hkdf_extract (gnutls_mac_algorithm_t mac,
+			  const void *key, size_t keysize,
+			  const void *salt, size_t saltsize,
+			  void *output)
+{
+	struct nettle_mac_ctx ctx;
+	int ret;
+
+	ret = _mac_ctx_init(mac, &ctx);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ctx.set_key(&ctx, saltsize, salt);
+	hkdf_extract(&ctx.ctx, ctx.update, ctx.digest, ctx.length,
+		     keysize, key, output);
+
+	zeroize_temp_key(&ctx, sizeof(ctx));
+	return 0;
+}
+
+static int
+wrap_nettle_hkdf_expand (gnutls_mac_algorithm_t mac,
+			 const void *key, size_t keysize,
+			 const void *info, size_t infosize,
+			 void *output, size_t length)
+{
+	struct nettle_mac_ctx ctx;
+	int ret;
+
+	ret = _mac_ctx_init(mac, &ctx);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* RFC 5869 2.3: L must be <= 255 * HashLen */
+	if (length > ctx.length * 255) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	ctx.set_key(&ctx, keysize, key);
+	hkdf_expand(&ctx.ctx, ctx.update, ctx.digest, ctx.length,
+		    infosize, info, length, output);
+	zeroize_temp_key(&ctx, sizeof(ctx));
+
+	return 0;
+}
+
+static int
+wrap_nettle_pbkdf2 (gnutls_mac_algorithm_t mac,
+		    const void *key, size_t keysize,
+		    const void *salt, size_t saltsize,
+		    unsigned iter_count,
+		    void *output, size_t length)
+{
+	struct nettle_mac_ctx ctx;
+	int ret;
+
+	ret = _mac_ctx_init(mac, &ctx);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ctx.set_key(&ctx, keysize, key);
+	pbkdf2(&ctx.ctx, ctx.update, ctx.digest, ctx.length,
+	       iter_count, saltsize, salt, length, output);
+	zeroize_temp_key(&ctx, sizeof(ctx));
+
+	return 0;
+}
+
+gnutls_crypto_mac_st _gnutls_mac_ops = {
+	.init = wrap_nettle_mac_init,
+	.setkey = wrap_nettle_mac_set_key,
+	.setnonce = wrap_nettle_mac_set_nonce,
+	.hash = wrap_nettle_mac_update,
+	.output = wrap_nettle_mac_output,
+	.deinit = wrap_nettle_mac_deinit,
+	.fast = wrap_nettle_mac_fast,
+	.exists = wrap_nettle_mac_exists,
+	.copy = wrap_nettle_mac_copy,
+};
+
+gnutls_crypto_digest_st _gnutls_digest_ops = {
+	.init = wrap_nettle_hash_init,
+	.hash = wrap_nettle_hash_update,
+	.output = wrap_nettle_hash_output,
+	.deinit = wrap_nettle_hash_deinit,
+	.fast = wrap_nettle_hash_fast,
+	.exists = wrap_nettle_hash_exists,
+	.copy = wrap_nettle_hash_copy,
+};
+
+/* These names are clashing with nettle's name mangling. */
+#undef hkdf_extract
+#undef hkdf_expand
+#undef pbkdf2
+gnutls_crypto_kdf_st _gnutls_kdf_ops = {
+	.hkdf_extract = wrap_nettle_hkdf_extract,
+	.hkdf_expand = wrap_nettle_hkdf_expand,
+	.pbkdf2 = wrap_nettle_pbkdf2,
+};
diff --git a/lib/nettle/mpi.c b/lib/nettle/mpi.c
new file mode 100644
index 0000000..55086de
--- /dev/null
+++ b/lib/nettle/mpi.c
@@ -0,0 +1,370 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Here lie everything that has to do with large numbers, gmp.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <algorithms.h>
+#include <num.h>
+#include <mpi.h>
+#include <nettle/bignum.h> /* includes gmp.h */
+#if ENABLE_GOST
+#include "gost/bignum-le.h"
+#endif
+#include <gnettle.h>
+#include <random.h>
+
+static int
+wrap_nettle_mpi_print(const bigint_t a, void *buffer, size_t * nbytes,
+		      gnutls_bigint_format_t format)
+{
+	unsigned int size;
+	mpz_t *p = (void *) a;
+
+	if (format == GNUTLS_MPI_FORMAT_USG) {
+		size = nettle_mpz_sizeinbase_256_u(*p);
+	} else if (format == GNUTLS_MPI_FORMAT_STD) {
+		size = nettle_mpz_sizeinbase_256_s(*p);
+#if ENABLE_GOST
+	} else if (format == GNUTLS_MPI_FORMAT_ULE) {
+		size = nettle_mpz_sizeinbase_256_u_le(*p);
+#endif
+	} else {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (buffer == NULL || size > *nbytes) {
+		*nbytes = size;
+		gnutls_assert();
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+#if ENABLE_GOST
+	if (format == GNUTLS_MPI_FORMAT_ULE)
+		nettle_mpz_get_str_256_u_le(size, buffer, *p);
+	else
+#endif
+		nettle_mpz_get_str_256(size, buffer, *p);
+	*nbytes = size;
+
+	return 0;
+}
+
+static int wrap_nettle_mpi_init(bigint_t *w)
+{
+bigint_t r;
+
+	r = gnutls_malloc(SIZEOF_MPZT);
+	if (r == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	mpz_init(TOMPZ(r));
+	*w = r;
+
+	return 0;
+}
+
+static int wrap_nettle_mpi_init_multi(bigint_t *w, ...)
+{
+	va_list args;
+	bigint_t *next;
+	int ret;
+	bigint_t* last_failed = NULL;
+
+	ret = wrap_nettle_mpi_init(w);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	va_start(args, w);
+	
+	do {
+		next = va_arg(args, bigint_t*);
+		if (next != NULL) {
+			ret = wrap_nettle_mpi_init(next);
+			if (ret < 0) {
+				gnutls_assert();
+				va_end(args);
+				last_failed = next;
+				goto fail;
+			}
+		}
+	} while(next != 0);
+	
+	va_end(args);
+
+	return 0;
+fail:
+	mpz_clear(TOMPZ(*w));
+	gnutls_free(*w);
+
+	va_start(args, w);
+	
+	do {
+		next = va_arg(args, bigint_t*);
+		if (next != last_failed) {
+			mpz_clear(TOMPZ(*next));
+			gnutls_free(*next);
+		}
+	} while(next != last_failed);
+	
+	va_end(args);
+	
+	return GNUTLS_E_MEMORY_ERROR;
+}
+
+static int
+wrap_nettle_mpi_scan(bigint_t r, const void *buffer, size_t nbytes,
+		     gnutls_bigint_format_t format)
+{
+	if (format == GNUTLS_MPI_FORMAT_USG) {
+		nettle_mpz_set_str_256_u(TOMPZ(r), nbytes, buffer);
+	} else if (format == GNUTLS_MPI_FORMAT_STD) {
+		nettle_mpz_set_str_256_s(TOMPZ(r), nbytes, buffer);
+#if ENABLE_GOST
+	} else if (format == GNUTLS_MPI_FORMAT_ULE) {
+		nettle_mpz_set_str_256_u_le(TOMPZ(r), nbytes, buffer);
+#endif
+	} else {
+		gnutls_assert();
+		goto fail;
+	}
+
+	return 0;
+ fail:
+	return GNUTLS_E_MPI_SCAN_FAILED;
+}
+
+static int wrap_nettle_mpi_cmp(const bigint_t u, const bigint_t v)
+{
+	mpz_t *i1 = u, *i2 = v;
+
+	return mpz_cmp(*i1, *i2);
+}
+
+static int wrap_nettle_mpi_cmp_ui(const bigint_t u, unsigned long v)
+{
+	mpz_t *i1 = u;
+
+	return mpz_cmp_ui(*i1, v);
+}
+
+static int wrap_nettle_mpi_set(bigint_t w, const bigint_t u)
+{
+	mpz_set(TOMPZ(w), TOMPZ(u));
+
+	return 0;
+}
+
+static bigint_t wrap_nettle_mpi_copy(const bigint_t u)
+{
+	int ret;
+	bigint_t w;
+
+	ret = wrap_nettle_mpi_init(&w);
+	if (ret < 0)
+		return NULL;
+
+	mpz_set(TOMPZ(w), u);
+
+	return w;
+}
+
+static int wrap_nettle_mpi_set_ui(bigint_t w, unsigned long u)
+{
+	mpz_set_ui(TOMPZ(w), u);
+
+	return 0;
+}
+
+static unsigned int wrap_nettle_mpi_get_nbits(bigint_t a)
+{
+	return mpz_sizeinbase(TOMPZ(a), 2);
+}
+
+static void wrap_nettle_mpi_release(bigint_t a)
+{
+	mpz_clear(TOMPZ(a));
+	gnutls_free(a);
+}
+
+static void wrap_nettle_mpi_clear(bigint_t a)
+{
+	zeroize_key(TOMPZ(a)[0]._mp_d,
+	       TOMPZ(a)[0]._mp_alloc * sizeof(mp_limb_t));
+}
+
+static int wrap_nettle_mpi_modm(bigint_t r, const bigint_t a, const bigint_t b)
+{
+	if (mpz_cmp_ui(TOMPZ(b), 0) == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	mpz_mod(TOMPZ(r), TOMPZ(a), TOMPZ(b));
+	
+	return 0;
+}
+
+static int
+wrap_nettle_mpi_powm(bigint_t w, const bigint_t b, const bigint_t e,
+		     const bigint_t m)
+{
+	mpz_powm(TOMPZ(w), TOMPZ(b), TOMPZ(e), TOMPZ(m));
+
+	return 0;
+}
+
+static int
+wrap_nettle_mpi_addm(bigint_t w, const bigint_t a, const bigint_t b,
+		     const bigint_t m)
+{
+	mpz_add(TOMPZ(w), TOMPZ(b), TOMPZ(a));
+	mpz_fdiv_r(TOMPZ(w), TOMPZ(w), TOMPZ(m));
+
+	return 0;
+}
+
+static int
+wrap_nettle_mpi_subm(bigint_t w, const bigint_t a, const bigint_t b,
+		     const bigint_t m)
+{
+	mpz_sub(TOMPZ(w), TOMPZ(a), TOMPZ(b));
+	mpz_fdiv_r(TOMPZ(w), TOMPZ(w), TOMPZ(m));
+
+	return 0;
+}
+
+static int
+wrap_nettle_mpi_mulm(bigint_t w, const bigint_t a, const bigint_t b,
+		     const bigint_t m)
+{
+	mpz_mul(TOMPZ(w), TOMPZ(a), TOMPZ(b));
+	mpz_fdiv_r(TOMPZ(w), TOMPZ(w), TOMPZ(m));
+
+	return 0;
+}
+
+static int
+wrap_nettle_mpi_add(bigint_t w, const bigint_t a, const bigint_t b)
+{
+	mpz_add(TOMPZ(w), TOMPZ(a), TOMPZ(b));
+
+	return 0;
+}
+
+static int
+wrap_nettle_mpi_sub(bigint_t w, const bigint_t a, const bigint_t b)
+{
+	mpz_sub(TOMPZ(w), TOMPZ(a), TOMPZ(b));
+
+	return 0;
+}
+
+static int
+wrap_nettle_mpi_mul(bigint_t w, const bigint_t a, const bigint_t b)
+{
+	mpz_mul(TOMPZ(w), TOMPZ(a), TOMPZ(b));
+
+	return 0;
+}
+
+/* q = a / b */
+static int
+wrap_nettle_mpi_div(bigint_t q, const bigint_t a, const bigint_t b)
+{
+	mpz_cdiv_q(TOMPZ(q), TOMPZ(a), TOMPZ(b));
+
+	return 0;
+}
+
+static int
+wrap_nettle_mpi_add_ui(bigint_t w, const bigint_t a, unsigned long b)
+{
+	mpz_add_ui(TOMPZ(w), TOMPZ(a), b);
+
+	return 0;
+}
+
+static int
+wrap_nettle_mpi_sub_ui(bigint_t w, const bigint_t a, unsigned long b)
+{
+	mpz_sub_ui(TOMPZ(w), TOMPZ(a), b);
+
+	return 0;
+}
+
+static int
+wrap_nettle_mpi_mul_ui(bigint_t w, const bigint_t a, unsigned long b)
+{
+	mpz_mul_ui(TOMPZ(w), TOMPZ(a), b);
+
+	return 0;
+}
+
+static int wrap_nettle_prime_check(bigint_t pp)
+{
+	int ret;
+
+	ret = mpz_probab_prime_p(TOMPZ(pp), PRIME_CHECK_PARAM);
+	if (ret > 0) {
+		return 0;
+	}
+
+	return GNUTLS_E_INTERNAL_ERROR;	/* ignored */
+}
+
+
+
+int crypto_bigint_prio = INT_MAX;
+
+gnutls_crypto_bigint_st _gnutls_mpi_ops = {
+	.bigint_init = wrap_nettle_mpi_init,
+	.bigint_init_multi = wrap_nettle_mpi_init_multi,
+	.bigint_cmp = wrap_nettle_mpi_cmp,
+	.bigint_cmp_ui = wrap_nettle_mpi_cmp_ui,
+	.bigint_modm = wrap_nettle_mpi_modm,
+	.bigint_copy = wrap_nettle_mpi_copy,
+	.bigint_set = wrap_nettle_mpi_set,
+	.bigint_set_ui = wrap_nettle_mpi_set_ui,
+	.bigint_get_nbits = wrap_nettle_mpi_get_nbits,
+	.bigint_powm = wrap_nettle_mpi_powm,
+	.bigint_addm = wrap_nettle_mpi_addm,
+	.bigint_subm = wrap_nettle_mpi_subm,
+	.bigint_add = wrap_nettle_mpi_add,
+	.bigint_sub = wrap_nettle_mpi_sub,
+	.bigint_add_ui = wrap_nettle_mpi_add_ui,
+	.bigint_sub_ui = wrap_nettle_mpi_sub_ui,
+	.bigint_mul = wrap_nettle_mpi_mul,
+	.bigint_mulm = wrap_nettle_mpi_mulm,
+	.bigint_mul_ui = wrap_nettle_mpi_mul_ui,
+	.bigint_div = wrap_nettle_mpi_div,
+	.bigint_prime_check = wrap_nettle_prime_check,
+	.bigint_release = wrap_nettle_mpi_release,
+	.bigint_clear = wrap_nettle_mpi_clear,
+	.bigint_print = wrap_nettle_mpi_print,
+	.bigint_scan = wrap_nettle_mpi_scan,
+};
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
new file mode 100644
index 0000000..f38016b
--- /dev/null
+++ b/lib/nettle/pk.c
@@ -0,0 +1,3969 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2013-2017 Nikos Mavrogiannopoulos
+ * Copyright (C) 2016-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the functions needed for RSA/DSA public key
+ * encryption and signatures.
+ */
+
+#include "gnutls_int.h"
+#include <mpi.h>
+#include <pk.h>
+#include "errors.h"
+#include <datum.h>
+#include <global.h>
+#include <tls-sig.h>
+#include <num.h>
+#include <x509/x509_int.h>
+#include <x509/common.h>
+#include <random.h>
+#include <pk.h>
+#include <nettle/dsa.h>
+#include <dsa-fips.h>
+#include <rsa-fips.h>
+#include <nettle/rsa.h>
+#include <gnutls/crypto.h>
+#include <nettle/bignum.h>
+#include <nettle/ecc.h>
+#include <nettle/ecdsa.h>
+#include <nettle/ecc-curve.h>
+#include <nettle/curve25519.h>
+#include <nettle/curve448.h>
+#include <nettle/eddsa.h>
+#include <nettle/version.h>
+#if ENABLE_GOST
+#if NEED_INT_ECC
+#include "ecc/gostdsa.h"
+#include "ecc-gost-curve.h"
+#else
+#include <nettle/gostdsa.h>
+#define gost_point_mul_g ecc_point_mul_g
+#define gost_point_set ecc_point_set
+#endif
+#include "gost/gostdsa2.h"
+#endif
+#include "int/ecdsa-compute-k.h"
+#include "int/dsa-compute-k.h"
+#include <gnettle.h>
+#include <fips.h>
+#include "dh.h"
+
+static inline const struct ecc_curve *get_supported_nist_curve(int curve);
+static inline const struct ecc_curve *get_supported_gost_curve(int curve);
+
+/* When these callbacks are used for a nettle operation, the
+ * caller must check the macro HAVE_LIB_ERROR() after the operation
+ * is complete. If the macro is true, the operation is to be considered
+ * failed (meaning the random generation failed).
+ */
+static void rnd_key_func(void *_ctx, size_t length, uint8_t * data)
+{
+	if (gnutls_rnd(GNUTLS_RND_KEY, data, length) < 0) {
+		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+	}
+}
+
+static void rnd_tmpkey_func(void *_ctx, size_t length, uint8_t * data)
+{
+	if (gnutls_rnd(GNUTLS_RND_RANDOM, data, length) < 0) {
+		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+	}
+}
+
+static void rnd_nonce_func(void *_ctx, size_t length, uint8_t * data)
+{
+	if (gnutls_rnd(GNUTLS_RND_NONCE, data, length) < 0) {
+		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+	}
+}
+
+static void rnd_mpz_func(void *_ctx, size_t length, uint8_t * data)
+{
+	mpz_t *k = _ctx;
+	nettle_mpz_get_str_256 (length, data, *k);
+}
+
+static void rnd_nonce_func_fallback(void *_ctx, size_t length, uint8_t * data)
+{
+	if (unlikely(_gnutls_get_lib_state() != LIB_STATE_SELFTEST)) {
+		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+	}
+
+	memset(data, 0xAA, length);
+}
+
+static void
+ecc_scalar_zclear (struct ecc_scalar *s)
+{
+	zeroize_key(s->p, ecc_size(s->ecc)*sizeof(mp_limb_t));
+	ecc_scalar_clear(s);
+}
+
+static void
+ecc_point_zclear (struct ecc_point *p)
+{
+	zeroize_key(p->p, ecc_size_a(p->ecc)*sizeof(mp_limb_t));
+	ecc_point_clear(p);
+}
+ 
+static void
+_dsa_params_get(const gnutls_pk_params_st * pk_params,
+		struct dsa_params *pub)
+{
+	memcpy(pub->p, pk_params->params[DSA_P], SIZEOF_MPZT);
+
+	if (pk_params->params[DSA_Q])
+		memcpy(&pub->q, pk_params->params[DSA_Q], SIZEOF_MPZT);
+	memcpy(pub->g, pk_params->params[DSA_G], SIZEOF_MPZT);
+}
+
+static void
+_rsa_params_to_privkey(const gnutls_pk_params_st * pk_params,
+		       struct rsa_private_key *priv)
+{
+	memcpy(priv->d, pk_params->params[RSA_PRIV], SIZEOF_MPZT);
+	memcpy(priv->p, pk_params->params[RSA_PRIME1], SIZEOF_MPZT);
+	memcpy(priv->q, pk_params->params[RSA_PRIME2], SIZEOF_MPZT);
+	memcpy(priv->c, pk_params->params[RSA_COEF], SIZEOF_MPZT);
+	memcpy(priv->a, pk_params->params[RSA_E1], SIZEOF_MPZT);
+	memcpy(priv->b, pk_params->params[RSA_E2], SIZEOF_MPZT);
+	/* we do not rsa_private_key_prepare() because it involves a multiplication.
+	 * we call it once when we import the parameters */
+	priv->size =
+	    nettle_mpz_sizeinbase_256_u(TOMPZ
+					(pk_params->params[RSA_MODULUS]));
+}
+
+/* returns a negative value on invalid pubkey */
+static int
+_rsa_params_to_pubkey(const gnutls_pk_params_st * pk_params,
+		      struct rsa_public_key *pub)
+{
+	memcpy(pub->n, pk_params->params[RSA_MODULUS], SIZEOF_MPZT);
+	memcpy(pub->e, pk_params->params[RSA_PUB], SIZEOF_MPZT);
+	if (rsa_public_key_prepare(pub) == 0)
+		return gnutls_assert_val(GNUTLS_E_PK_INVALID_PUBKEY);
+
+	return 0;
+}
+
+static int
+_ecc_params_to_privkey(const gnutls_pk_params_st * pk_params,
+		       struct ecc_scalar *priv,
+		       const struct ecc_curve *curve)
+{
+	ecc_scalar_init(priv, curve);
+	if (ecc_scalar_set(priv, pk_params->params[ECC_K]) == 0) {
+		ecc_scalar_clear(priv);
+		return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY);
+	}
+
+	return 0;
+}
+
+static int
+_ecc_params_to_pubkey(const gnutls_pk_params_st * pk_params,
+		      struct ecc_point *pub, const struct ecc_curve *curve)
+{
+	ecc_point_init(pub, curve);
+	if (ecc_point_set
+	    (pub, pk_params->params[ECC_X], pk_params->params[ECC_Y]) == 0) {
+		ecc_point_clear(pub);
+		return gnutls_assert_val(GNUTLS_E_PK_INVALID_PUBKEY);
+	}
+
+	return 0;
+}
+
+#if ENABLE_GOST
+static int
+_gost_params_to_privkey(const gnutls_pk_params_st * pk_params,
+		       struct ecc_scalar *priv,
+		       const struct ecc_curve *curve)
+{
+	ecc_scalar_init(priv, curve);
+	if (ecc_scalar_set(priv, pk_params->params[GOST_K]) == 0) {
+		ecc_scalar_clear(priv);
+		return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY);
+	}
+
+	return 0;
+}
+
+static int
+_gost_params_to_pubkey(const gnutls_pk_params_st * pk_params,
+		       struct ecc_point *pub, const struct ecc_curve *curve)
+{
+	ecc_point_init(pub, curve);
+	if (gost_point_set
+	    (pub, pk_params->params[GOST_X], pk_params->params[GOST_Y]) == 0) {
+		ecc_point_clear(pub);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	return 0;
+}
+#endif
+
+static int
+ecc_shared_secret(struct ecc_scalar *private_key,
+		  struct ecc_point *public_key, void *out, unsigned size)
+{
+	struct ecc_point r;
+	mpz_t x, y;
+	int ret = 0;
+
+	mpz_init(x);
+	mpz_init(y);
+	ecc_point_init(&r, public_key->ecc);
+
+	ecc_point_mul(&r, private_key, public_key);
+
+	ecc_point_get(&r, x, y);
+
+	/* Check if the point is not an identity element.  Note that this cannot
+	 * happen in nettle implementation, because it cannot represent an
+	 * infinity point. */
+	if (mpz_cmp_ui(x, 0) == 0 && mpz_cmp_ui(y, 0) == 0) {
+		ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+		goto cleanup;
+	}
+
+	nettle_mpz_get_str_256(size, out, x);
+
+ cleanup:
+	mpz_clear(x);
+	mpz_clear(y);
+	ecc_point_clear(&r);
+
+	return ret;
+}
+
+#define MAX_DH_BITS DEFAULT_MAX_VERIFY_BITS
+/* This is used when we have no idea on the structure
+ * of p-1 used by the peer. It is still a conservative
+ * choice, but small than what we've been using before.
+ */
+#define DH_EXPONENT_SIZE(p_size) (2*_gnutls_pk_bits_to_subgroup_bits(p_size))
+
+static inline int
+edwards_curve_mul(gnutls_pk_algorithm_t algo,
+		  uint8_t *q, const uint8_t *n, const uint8_t *p)
+{
+	switch (algo) {
+	case GNUTLS_PK_ECDH_X25519:
+		curve25519_mul(q, n, p);
+		return 0;
+	case GNUTLS_PK_ECDH_X448:
+		curve448_mul(q, n, p);
+		return 0;
+	default:
+		return gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+	}
+}
+
+/* This is used for DH or ECDH key derivation. In DH for example
+ * it is given the peers Y and our x, and calculates Y^x
+ */
+static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t algo,
+				  gnutls_datum_t * out,
+				  const gnutls_pk_params_st * priv,
+				  const gnutls_pk_params_st * pub,
+				  const gnutls_datum_t * nonce,
+				  unsigned int flags)
+{
+	int ret;
+	bool not_approved = false;
+
+	switch (algo) {
+	case GNUTLS_PK_DH: {
+		bigint_t f, x, q, prime;
+		bigint_t k = NULL, primesub1 = NULL, r = NULL;
+		unsigned int bits;
+
+		if (nonce != NULL) {
+			ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+			goto cleanup;
+		}
+
+		f = pub->params[DH_Y];
+		x = priv->params[DH_X];
+		q = priv->params[DH_Q];
+		prime = priv->params[DH_P];
+
+		ret = _gnutls_mpi_init_multi(&k, &primesub1, &r, NULL);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gnutls_mpi_sub_ui(primesub1, prime, 1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto dh_cleanup;
+		}
+
+		/* check if f==0,1, or f >= p-1 */
+		if ((_gnutls_mpi_cmp_ui(f, 1) == 0)
+		    || (_gnutls_mpi_cmp_ui(f, 0) == 0)
+		    || (_gnutls_mpi_cmp(f, primesub1) >= 0)) {
+			gnutls_assert();
+			ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+			goto dh_cleanup;
+		}
+
+		/* if we have Q check that y ^ q mod p == 1 */
+		if (q != NULL) {
+			ret = _gnutls_mpi_powm(r, f, q, prime);
+			if (ret < 0) {
+				gnutls_assert();
+				goto dh_cleanup;
+			}
+			ret = _gnutls_mpi_cmp_ui(r, 1);
+			if (ret != 0) {
+				gnutls_assert();
+				ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+				goto dh_cleanup;
+			}
+		} else if ((flags & PK_DERIVE_TLS13) &&
+			   _gnutls_fips_mode_enabled()) {
+			/* Mandatory in FIPS mode for TLS 1.3 */
+			ret = gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+			goto dh_cleanup;
+		}
+
+		/* prevent denial of service */
+		bits = _gnutls_mpi_get_nbits(prime);
+		if (bits == 0 || bits > MAX_DH_BITS) {
+			gnutls_assert();
+			ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+			goto dh_cleanup;
+		}
+
+		if (bits < 2048) {
+			not_approved = true;
+		}
+
+		ret = _gnutls_mpi_powm(k, f, x, prime);
+		if (ret < 0) {
+			gnutls_assert();
+			goto dh_cleanup;
+		}
+
+		/* check if k==0,1, or k = p-1 */
+		if ((_gnutls_mpi_cmp_ui(k, 1) == 0)
+		    || (_gnutls_mpi_cmp_ui(k, 0) == 0)
+		    || (_gnutls_mpi_cmp(k, primesub1) == 0)) {
+			ret = gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+			goto dh_cleanup;
+		}
+
+		if (flags & PK_DERIVE_TLS13) {
+			ret =
+			    _gnutls_mpi_dprint_size(k, out,
+						    (bits+7)/8);
+		} else {
+			ret = _gnutls_mpi_dprint(k, out);
+		}
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto dh_cleanup;
+		}
+
+		ret = 0;
+dh_cleanup:
+		_gnutls_mpi_release(&r);
+		_gnutls_mpi_release(&primesub1);
+		zrelease_temp_mpi_key(&k);
+		if (ret < 0)
+			goto cleanup;
+
+		break;
+	}
+	case GNUTLS_PK_EC:
+		{
+			struct ecc_scalar ecc_priv;
+			struct ecc_point ecc_pub;
+			const struct ecc_curve *curve;
+
+			out->data = NULL;
+
+			if (nonce != NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+				goto cleanup;
+			}
+
+			curve = get_supported_nist_curve(priv->curve);
+			if (curve == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+				goto cleanup;
+			}
+
+			/* P-192 is not supported in FIPS 140-3 */
+			if (priv->curve == GNUTLS_ECC_CURVE_SECP192R1) {
+				not_approved = true;
+			}
+
+			ret = _ecc_params_to_pubkey(pub, &ecc_pub, curve);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			ret =
+			    _ecc_params_to_privkey(priv, &ecc_priv, curve);
+			if (ret < 0) {
+				ecc_point_clear(&ecc_pub);
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			out->size = gnutls_ecc_curve_get_size(priv->curve);
+			/*ecc_size(curve)*sizeof(mp_limb_t); */
+			out->data = gnutls_malloc(out->size);
+			if (out->data == NULL) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_MEMORY_ERROR);
+				goto ecc_cleanup;
+			}
+
+			ret = ecc_shared_secret(&ecc_priv, &ecc_pub, out->data,
+						out->size);
+			if (ret < 0)
+				gnutls_free(out->data);
+
+		      ecc_cleanup:
+			ecc_point_clear(&ecc_pub);
+			ecc_scalar_zclear(&ecc_priv);
+			if (ret < 0)
+				goto cleanup;
+			break;
+		}
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_ECDH_X448:
+		{
+			unsigned size = gnutls_ecc_curve_get_size(priv->curve);
+
+			/* Edwards curves are not approved */
+			not_approved = true;
+
+			if (nonce != NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+				goto cleanup;
+			}
+
+			/* The point is in pub, while the private part (scalar) in priv. */
+
+			if (size == 0 || priv->raw_priv.size != size) {
+				ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+				goto cleanup;
+			}
+
+			out->data = gnutls_malloc(size);
+			if (out->data == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				goto cleanup;
+			}
+
+			out->size = size;
+
+			ret = edwards_curve_mul(algo, out->data, priv->raw_priv.data, pub->raw_pub.data);
+			if (ret < 0)
+				goto cleanup;
+
+			if (_gnutls_mem_is_zero(out->data, out->size)) {
+				gnutls_free(out->data);
+				gnutls_assert();
+				ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+				goto cleanup;
+			}
+			break;
+		}
+#if ENABLE_GOST
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+	{
+		struct ecc_scalar ecc_priv;
+		struct ecc_point ecc_pub;
+		const struct ecc_curve *curve;
+
+		/* GOST curves are not approved */
+		not_approved = true;
+
+		out->data = NULL;
+
+		curve = get_supported_gost_curve(priv->curve);
+		if (curve == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_ECC_UNSUPPORTED_CURVE;
+			goto cleanup;
+		}
+
+		if (nonce == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_INVALID_REQUEST;
+			goto cleanup;
+		}
+
+		ret = _gost_params_to_pubkey(pub, &ecc_pub, curve);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gost_params_to_privkey(priv, &ecc_priv, curve);
+		if (ret < 0) {
+			ecc_point_clear(&ecc_pub);
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		out->size = 2 * gnutls_ecc_curve_get_size(priv->curve);
+		out->data = gnutls_malloc(out->size);
+		if (out->data == NULL) {
+			ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+			goto gost_cleanup;
+		}
+
+		gostdsa_vko(&ecc_priv, &ecc_pub,
+			    nonce->size, nonce->data,
+			    out->data);
+
+	      gost_cleanup:
+		ecc_point_clear(&ecc_pub);
+		ecc_scalar_zclear(&ecc_priv);
+		if (ret < 0)
+			goto cleanup;
+		break;
+	}
+#endif
+	default:
+		gnutls_assert();
+		ret = GNUTLS_E_INTERNAL_ERROR;
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else if (not_approved) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+
+	return ret;
+}
+
+static int
+_wrap_nettle_pk_encrypt(gnutls_pk_algorithm_t algo,
+			gnutls_datum_t * ciphertext,
+			const gnutls_datum_t * plaintext,
+			const gnutls_pk_params_st * pk_params)
+{
+	int ret;
+	mpz_t p;
+
+	FAIL_IF_LIB_ERROR;
+
+	mpz_init(p);
+
+	switch (algo) {
+	case GNUTLS_PK_RSA:
+		{
+			struct rsa_public_key pub;
+			nettle_random_func *random_func;
+
+			ret = _rsa_params_to_pubkey(pk_params, &pub);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			if (_gnutls_get_lib_state() == LIB_STATE_SELFTEST)
+				random_func = rnd_nonce_func_fallback;
+			else
+				random_func = rnd_nonce_func;
+			ret =
+			    rsa_encrypt(&pub, NULL, random_func,
+					plaintext->size, plaintext->data,
+					p);
+			if (ret == 0 || HAVE_LIB_ERROR()) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_ENCRYPTION_FAILED);
+				goto cleanup;
+			}
+
+			ret =
+			    _gnutls_mpi_dprint_size(p, ciphertext,
+						    pub.size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			break;
+		}
+	default:
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	}
+
+	mpz_clear(p);
+
+	FAIL_IF_LIB_ERROR;
+	return ret;
+}
+
+static int
+_wrap_nettle_pk_decrypt(gnutls_pk_algorithm_t algo,
+			gnutls_datum_t * plaintext,
+			const gnutls_datum_t * ciphertext,
+			const gnutls_pk_params_st * pk_params)
+{
+	int ret;
+
+	FAIL_IF_LIB_ERROR;
+
+	plaintext->data = NULL;
+
+	/* make a sexp from pkey */
+	switch (algo) {
+	case GNUTLS_PK_RSA:
+		{
+			struct rsa_private_key priv;
+			struct rsa_public_key pub;
+			size_t length;
+			bigint_t c;
+			nettle_random_func *random_func;
+
+			_rsa_params_to_privkey(pk_params, &priv);
+			ret = _rsa_params_to_pubkey(pk_params, &pub);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			if (ciphertext->size != pub.size) {
+				ret = gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+				goto cleanup;
+			}
+
+			if (_gnutls_mpi_init_scan_nz
+			    (&c, ciphertext->data,
+			     ciphertext->size) != 0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_MPI_SCAN_FAILED);
+				goto cleanup;
+			}
+
+			length = pub.size;
+			plaintext->data = gnutls_malloc(length);
+			if (plaintext->data == NULL) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_MEMORY_ERROR);
+				goto cleanup;
+			}
+
+			if (_gnutls_get_lib_state() == LIB_STATE_SELFTEST)
+				random_func = rnd_nonce_func_fallback;
+			else
+				random_func = rnd_nonce_func;
+			ret =
+			    rsa_decrypt_tr(&pub, &priv, NULL, random_func,
+					   &length, plaintext->data,
+					   TOMPZ(c));
+			_gnutls_mpi_release(&c);
+			plaintext->size = length;
+
+			if (ret == 0 || HAVE_LIB_ERROR()) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_DECRYPTION_FAILED);
+				goto cleanup;
+			}
+
+			break;
+		}
+	default:
+		gnutls_assert();
+		ret = GNUTLS_E_INTERNAL_ERROR;
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	if (ret < 0) {
+		gnutls_free(plaintext->data);
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	}
+
+	FAIL_IF_LIB_ERROR;
+	return ret;
+}
+
+/* Note: we do not allocate in this function to avoid asymettric
+ * unallocation (which creates a side channel) in case of failure
+ * */
+static int
+_wrap_nettle_pk_decrypt2(gnutls_pk_algorithm_t algo,
+			 const gnutls_datum_t * ciphertext,
+			 unsigned char * plaintext,
+			 size_t plaintext_size,
+			 const gnutls_pk_params_st * pk_params)
+{
+	struct rsa_private_key priv;
+	struct rsa_public_key pub;
+	bigint_t c;
+	uint32_t is_err;
+	int ret;
+	nettle_random_func *random_func;
+
+	FAIL_IF_LIB_ERROR;
+
+	if (algo != GNUTLS_PK_RSA || plaintext == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		goto fail;
+	}
+
+	_rsa_params_to_privkey(pk_params, &priv);
+	ret = _rsa_params_to_pubkey(pk_params, &pub);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	if (ciphertext->size != pub.size) {
+		ret = gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+		goto fail;
+	}
+
+	if (_gnutls_mpi_init_scan_nz(&c, ciphertext->data,
+				     ciphertext->size) != 0) {
+		ret = gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED);
+		goto fail;
+	}
+
+	if (_gnutls_get_lib_state() == LIB_STATE_SELFTEST)
+		random_func = rnd_nonce_func_fallback;
+	else
+		random_func = rnd_nonce_func;
+	ret = rsa_sec_decrypt(&pub, &priv, NULL, random_func,
+			     plaintext_size, plaintext, TOMPZ(c));
+
+	/* The decrypt operation is infallible; treat the approved
+	 * operation as complete at this point, regardless of any
+	 * decryption failure detected below.
+	 */
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+
+	/* after this point, any conditional on failure that cause differences
+	 * in execution may create a timing or cache access pattern side
+	 * channel that can be used as an oracle, so thread very carefully */
+	_gnutls_mpi_release(&c);
+	/* Here HAVE_LIB_ERROR() should be fine as it doesn't have
+	 * branches in it and returns a bool */
+	is_err = HAVE_LIB_ERROR();
+	/* if is_err != 0 */
+	is_err = CONSTCHECK_NOT_EQUAL(is_err, 0);
+	/* or ret == 0 */
+	is_err |= CONSTCHECK_EQUAL(ret, 0);
+	/* then return GNUTLS_E_DECRYPTION_FAILED */
+	return (int)((is_err * UINT_MAX) & GNUTLS_E_DECRYPTION_FAILED);
+
+ fail:
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+
+	return ret;
+}
+
+#define CHECK_INVALID_RSA_PSS_PARAMS(dig_size, salt_size, pub_size, err) \
+	if (unlikely(dig_size + salt_size + 2 > pub_size)) \
+		return gnutls_assert_val(err)
+
+static int
+_rsa_pss_sign_digest_tr(gnutls_digest_algorithm_t dig,
+			const struct rsa_public_key *pub,
+			const struct rsa_private_key *priv,
+			void *rnd_ctx, nettle_random_func *rnd_func,
+			size_t salt_size,
+			const uint8_t *digest,
+			mpz_t s)
+{
+	int (*sign_func)(const struct rsa_public_key *,
+			const struct rsa_private_key *,
+			void *, nettle_random_func *,
+			size_t, const uint8_t *,
+			const uint8_t *,
+			mpz_t);
+	uint8_t *salt = NULL;
+	size_t hash_size;
+	int ret;
+
+	switch (dig) {
+	case GNUTLS_DIG_SHA256:
+		sign_func = rsa_pss_sha256_sign_digest_tr;
+		hash_size = 32;
+		break;
+	case GNUTLS_DIG_SHA384:
+		sign_func = rsa_pss_sha384_sign_digest_tr;
+		hash_size = 48;
+		break;
+	case GNUTLS_DIG_SHA512:
+		sign_func = rsa_pss_sha512_sign_digest_tr;
+		hash_size = 64;
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_UNKNOWN_ALGORITHM;
+	}
+
+	/* This is also checked in pss_encode_mgf1, but error out earlier.  */
+	CHECK_INVALID_RSA_PSS_PARAMS(hash_size, salt_size, pub->size, GNUTLS_E_PK_INVALID_PUBKEY_PARAMS);
+
+	if (salt_size > 0) {
+		salt = gnutls_malloc(salt_size);
+		if (salt == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		ret = gnutls_rnd(GNUTLS_RND_NONCE, salt, salt_size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret = sign_func(pub, priv, rnd_ctx, rnd_func, salt_size, salt,
+			digest, s);
+	if (ret == 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_PK_SIGN_FAILED;
+	} else
+		ret = 0;
+
+ cleanup:
+	gnutls_free(salt);
+	return ret;
+}
+
+static inline gnutls_ecc_curve_t
+get_eddsa_curve(gnutls_pk_algorithm_t algo)
+{
+	switch (algo) {
+	case GNUTLS_PK_EDDSA_ED25519:
+		return GNUTLS_ECC_CURVE_ED25519;
+	case GNUTLS_PK_EDDSA_ED448:
+		return GNUTLS_ECC_CURVE_ED448;
+	default:
+		return gnutls_assert_val(GNUTLS_ECC_CURVE_INVALID);
+	}
+}
+
+static inline gnutls_ecc_curve_t
+get_ecdh_curve(gnutls_pk_algorithm_t algo)
+{
+	switch (algo) {
+	case GNUTLS_PK_ECDH_X25519:
+		return GNUTLS_ECC_CURVE_X25519;
+	case GNUTLS_PK_ECDH_X448:
+		return GNUTLS_ECC_CURVE_X448;
+	default:
+		return gnutls_assert_val(GNUTLS_ECC_CURVE_INVALID);
+	}
+}
+
+static inline int
+eddsa_sign(gnutls_pk_algorithm_t algo,
+	   const uint8_t *pub,
+	   const uint8_t *priv,
+	   size_t length, const uint8_t *msg,
+	   uint8_t *signature)
+{
+	switch (algo) {
+	case GNUTLS_PK_EDDSA_ED25519:
+		ed25519_sha512_sign(pub, priv, length, msg, signature);
+		return 0;
+	case GNUTLS_PK_EDDSA_ED448:
+		ed448_shake256_sign(pub, priv, length, msg, signature);
+		return 0;
+	default:
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM);
+	}
+}
+
+/* This is the lower-level part of privkey_sign_raw_data().
+ *
+ * It accepts data in the appropriate hash form, i.e., DigestInfo
+ * for PK_RSA, hash for PK_ECDSA, PK_DSA, PK_RSA_PSS, and raw data
+ * for Ed25519 and Ed448.
+ *
+ * in case of EC/DSA, signed data are encoded into r,s values
+ */
+static int
+_wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo,
+		     gnutls_datum_t * signature,
+		     const gnutls_datum_t * vdata,
+		     const gnutls_pk_params_st * pk_params,
+		     const gnutls_x509_spki_st * sign_params)
+{
+	int ret;
+	unsigned int hash_len;
+	const mac_entry_st *me;
+	bool not_approved = false;
+
+	FAIL_IF_LIB_ERROR;
+
+	/* check if the curve relates to the algorithm used */
+	if (IS_EC(algo) && gnutls_ecc_curve_get_pk(pk_params->curve) != algo) {
+		ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+		goto cleanup;
+	}
+
+	/* deterministic ECDSA/DSA is prohibited under FIPS except in
+	 * the selftests */
+	if ((algo == GNUTLS_PK_DSA || algo == GNUTLS_PK_ECDSA) &&
+	    (sign_params->flags & GNUTLS_PK_FLAG_REPRODUCIBLE) &&
+	    _gnutls_fips_mode_enabled() &&
+	    _gnutls_get_lib_state() != LIB_STATE_SELFTEST) {
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto cleanup;
+	}
+
+	switch (algo) {
+	case GNUTLS_PK_EDDSA_ED25519:	/* we do EdDSA */
+	case GNUTLS_PK_EDDSA_ED448:
+		{
+			const gnutls_ecc_curve_entry_st *e;
+
+			/* EdDSA is not approved yet */
+			not_approved = true;
+
+			if (unlikely(get_eddsa_curve(algo) != pk_params->curve)) {
+				ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+				goto cleanup;
+			}
+
+			e = _gnutls_ecc_curve_get_params(pk_params->curve);
+			if (e == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+				goto cleanup;
+			}
+
+			signature->data = gnutls_malloc(e->sig_size);
+			if (signature->data == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				goto cleanup;
+			}
+
+			signature->size = e->sig_size;
+
+			if (pk_params->raw_pub.size != e->size || pk_params->raw_priv.size != e->size) {
+				ret = gnutls_assert_val(GNUTLS_E_PK_SIGN_FAILED);
+				goto cleanup;
+			}
+
+			ret = eddsa_sign(algo,
+					 pk_params->raw_pub.data,
+					 pk_params->raw_priv.data,
+					 vdata->size, vdata->data,
+					 signature->data);
+			if (ret < 0)
+				goto cleanup;
+
+			break;
+		}
+#if ENABLE_GOST
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		{
+			struct ecc_scalar priv;
+			struct dsa_signature sig;
+			const struct ecc_curve *curve;
+
+			/* GOSTDSA is not approved */
+			not_approved = true;
+
+			curve = get_supported_gost_curve(pk_params->curve);
+			if (curve == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+				goto cleanup;
+			}
+
+			ret =
+			    _ecc_params_to_privkey(pk_params, &priv,
+						   curve);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			/* This call will return a valid MAC entry and
+			 * getters will check that is not null anyway. */
+			me = hash_to_entry(_gnutls_gost_digest(pk_params->algo));
+			if (_gnutls_mac_get_algo_len(me) != vdata->size) {
+				_gnutls_debug_log
+				    ("Security level of algorithm requires hash %s(%zd)\n",
+				     _gnutls_mac_get_name(me),
+				     _gnutls_mac_get_algo_len(me));
+				ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+				goto cleanup;
+			}
+
+			dsa_signature_init(&sig);
+
+			gostdsa_sign(&priv, NULL, rnd_tmpkey_func,
+				     vdata->size, vdata->data, &sig);
+
+			ret =
+			    _gnutls_encode_gost_rs(signature, &sig.r, &sig.s,
+						   (ecc_bit_size(curve) + 7) / 8);
+
+			dsa_signature_clear(&sig);
+			ecc_scalar_zclear(&priv);
+
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			break;
+		}
+#endif
+	case GNUTLS_PK_ECDSA:	/* we do ECDSA */
+		{
+			struct ecc_scalar priv;
+			struct dsa_signature sig;
+			int curve_id = pk_params->curve;
+			const struct ecc_curve *curve;
+			mpz_t k;
+			void *random_ctx;
+			nettle_random_func *random_func;
+
+			curve = get_supported_nist_curve(curve_id);
+			if (curve == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+				goto cleanup;
+			}
+
+			/* P-192 is not supported in FIPS 140-3 */
+			if (curve_id == GNUTLS_ECC_CURVE_SECP192R1) {
+				not_approved = true;
+			}
+
+			ret =
+			    _ecc_params_to_privkey(pk_params, &priv,
+						   curve);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			dsa_signature_init(&sig);
+
+			me = _gnutls_dsa_q_to_hash(pk_params,
+						   &hash_len);
+
+			/* Only SHA-2 is allowed in FIPS 140-3 */
+			switch (me->id) {
+			case GNUTLS_MAC_SHA256:
+			case GNUTLS_MAC_SHA384:
+			case GNUTLS_MAC_SHA512:
+			case GNUTLS_MAC_SHA224:
+				break;
+			default:
+				not_approved = true;
+			}
+
+			if (hash_len > vdata->size) {
+				gnutls_assert();
+				_gnutls_debug_log
+				    ("Security level of algorithm requires hash %s(%d) or better\n",
+				     _gnutls_mac_get_name(me), hash_len);
+				hash_len = vdata->size;
+			}
+
+			mpz_init(k);
+			if (_gnutls_get_lib_state() == LIB_STATE_SELFTEST ||
+			    (sign_params->flags & GNUTLS_PK_FLAG_REPRODUCIBLE)) {
+				ret = _gnutls_ecdsa_compute_k(k,
+							      curve_id,
+							      pk_params->params[ECC_K],
+							      DIG_TO_MAC(sign_params->dsa_dig),
+							      vdata->data,
+							      vdata->size);
+				if (ret < 0)
+					goto ecdsa_cleanup;
+				random_ctx = &k;
+				random_func = rnd_mpz_func;
+			} else {
+				random_ctx = NULL;
+				random_func = rnd_nonce_func;
+			}
+			ecdsa_sign(&priv, random_ctx, random_func, hash_len,
+				   vdata->data, &sig);
+
+			/* prevent memory leaks */
+			if (HAVE_LIB_ERROR()) {
+				ret = GNUTLS_E_LIB_IN_ERROR_STATE;
+				goto ecdsa_cleanup;
+			}
+
+			ret =
+			    _gnutls_encode_ber_rs(signature, &sig.r,
+						  &sig.s);
+
+ ecdsa_cleanup:
+			dsa_signature_clear(&sig);
+			ecc_scalar_zclear(&priv);
+			mpz_clear(k);
+
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			break;
+		}
+	case GNUTLS_PK_DSA:
+		{
+			struct dsa_params pub;
+			bigint_t priv;
+			struct dsa_signature sig;
+			mpz_t k;
+			void *random_ctx;
+			nettle_random_func *random_func;
+
+			/* DSA is currently being defined as sunset with the
+			 * current draft of FIPS 186-5 */
+			not_approved = true;
+
+			memset(&priv, 0, sizeof(priv));
+			memset(&pub, 0, sizeof(pub));
+			_dsa_params_get(pk_params, &pub);
+
+			priv = pk_params->params[DSA_X];
+
+			dsa_signature_init(&sig);
+
+			me = _gnutls_dsa_q_to_hash(pk_params,
+						   &hash_len);
+
+			if (hash_len > vdata->size) {
+				gnutls_assert();
+				_gnutls_debug_log
+				    ("Security level of algorithm requires hash %s(%d) or better (have: %d)\n",
+				     _gnutls_mac_get_name(me), hash_len, (int)vdata->size);
+				hash_len = vdata->size;
+			}
+
+			mpz_init(k);
+			if (_gnutls_get_lib_state() == LIB_STATE_SELFTEST ||
+			    (sign_params->flags & GNUTLS_PK_FLAG_REPRODUCIBLE)) {
+				ret = _gnutls_dsa_compute_k(k,
+							    pub.q,
+							    TOMPZ(priv),
+							    DIG_TO_MAC(sign_params->dsa_dig),
+							    vdata->data,
+							    vdata->size);
+				if (ret < 0)
+					goto dsa_fail;
+				/* cancel-out dsa_sign's addition of 1 to random data */
+				mpz_sub_ui (k, k, 1);
+				random_ctx = &k;
+				random_func = rnd_mpz_func;
+			} else {
+				random_ctx = NULL;
+				random_func = rnd_nonce_func;
+			}
+			ret =
+			    dsa_sign(&pub, TOMPZ(priv), random_ctx, random_func,
+				     hash_len, vdata->data, &sig);
+			if (ret == 0 || HAVE_LIB_ERROR()) {
+				gnutls_assert();
+				ret = GNUTLS_E_PK_SIGN_FAILED;
+				goto dsa_fail;
+			}
+
+			ret =
+			    _gnutls_encode_ber_rs(signature, &sig.r,
+						  &sig.s);
+
+ dsa_fail:
+			dsa_signature_clear(&sig);
+			mpz_clear(k);
+
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			break;
+		}
+	case GNUTLS_PK_RSA:
+		{
+			struct rsa_private_key priv;
+			struct rsa_public_key pub;
+			nettle_random_func *random_func;
+			mpz_t s;
+
+			_rsa_params_to_privkey(pk_params, &priv);
+
+			ret = _rsa_params_to_pubkey(pk_params, &pub);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			/* RSA modulus size should be 2048-bit or larger in FIPS
+			 * 140-3.  In addition to this, only SHA-2 is allowed
+			 * for SigGen; it is checked in pk_prepare_hash lib/pk.c
+			 */
+			if (unlikely(mpz_sizeinbase(pub.n, 2) < 2048)) {
+				not_approved = true;
+			}
+
+			mpz_init(s);
+
+			if (_gnutls_get_lib_state() == LIB_STATE_SELFTEST)
+				random_func = rnd_nonce_func_fallback;
+			else
+				random_func = rnd_nonce_func;
+			ret =
+			    rsa_pkcs1_sign_tr(&pub, &priv, NULL, random_func,
+					      vdata->size, vdata->data, s);
+			if (ret == 0 || HAVE_LIB_ERROR()) {
+				gnutls_assert();
+				ret = GNUTLS_E_PK_SIGN_FAILED;
+				goto rsa_fail;
+			}
+
+			ret =
+			    _gnutls_mpi_dprint_size(s, signature,
+						    pub.size);
+
+		      rsa_fail:
+			mpz_clear(s);
+
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			break;
+		}
+	case GNUTLS_PK_RSA_PSS:
+		{
+			struct rsa_private_key priv;
+			struct rsa_public_key pub;
+			mpz_t s;
+
+			_rsa_params_to_privkey(pk_params, &priv);
+
+			ret = _rsa_params_to_pubkey(pk_params, &pub);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			/* RSA modulus size should be 2048-bit or larger in FIPS
+			 * 140-3.  In addition to this, only SHA-2 is allowed
+			 * for SigGen; however, Nettle only support SHA256,
+			 * SHA384, and SHA512 for RSA-PSS (see
+			 * _rsa_pss_sign_digest_tr in this file for details).
+			 */
+			if (unlikely(mpz_sizeinbase(pub.n, 2) < 2048)) {
+				not_approved = true;
+			}
+
+			mpz_init(s);
+
+			ret =
+			    _rsa_pss_sign_digest_tr(sign_params->rsa_pss_dig,
+						    &pub, &priv,
+						    NULL, rnd_nonce_func,
+						    sign_params->salt_size,
+						    vdata->data, s);
+			if (ret < 0) {
+				gnutls_assert();
+				ret = GNUTLS_E_PK_SIGN_FAILED;
+				goto rsa_pss_fail;
+			}
+
+			ret =
+			    _gnutls_mpi_dprint_size(s, signature,
+						    pub.size);
+
+		      rsa_pss_fail:
+			mpz_clear(s);
+
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			break;
+		}
+	default:
+		gnutls_assert();
+		ret = GNUTLS_E_INTERNAL_ERROR;
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else if (not_approved) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+
+	FAIL_IF_LIB_ERROR;
+	return ret;
+}
+
+static int
+_rsa_pss_verify_digest(gnutls_digest_algorithm_t dig,
+		       const struct rsa_public_key *pub,
+		       size_t salt_size,
+		       const uint8_t *digest,
+		       size_t digest_size,
+		       const mpz_t s)
+{
+	int (*verify_func) (const struct rsa_public_key *,
+			    size_t,
+			    const uint8_t *,
+			    const mpz_t);
+	size_t hash_size;
+
+	switch (dig) {
+	case GNUTLS_DIG_SHA256:
+		verify_func = rsa_pss_sha256_verify_digest;
+		hash_size = 32;
+		break;
+	case GNUTLS_DIG_SHA384:
+		verify_func = rsa_pss_sha384_verify_digest;
+		hash_size = 48;
+		break;
+	case GNUTLS_DIG_SHA512:
+		verify_func = rsa_pss_sha512_verify_digest;
+		hash_size = 64;
+		break;
+	default:
+		gnutls_assert();
+		return 0;
+	}
+
+	if (digest_size != hash_size)
+		return gnutls_assert_val(0);
+
+	CHECK_INVALID_RSA_PSS_PARAMS(hash_size, salt_size, pub->size, 0);
+
+	return verify_func(pub, salt_size, digest, s);
+}
+
+static inline int
+eddsa_verify(gnutls_pk_algorithm_t algo,
+	     const uint8_t *pub,
+	     size_t length, const uint8_t *msg,
+	     const uint8_t *signature)
+{
+	int ret;
+
+	switch (algo) {
+	case GNUTLS_PK_EDDSA_ED25519:
+		ret = ed25519_sha512_verify(pub, length, msg, signature);
+		if (ret == 0)
+			return gnutls_assert_val(GNUTLS_E_PK_SIG_VERIFY_FAILED);
+		return 0;
+	case GNUTLS_PK_EDDSA_ED448:
+		ret = ed448_shake256_verify(pub, length, msg, signature);
+		if (ret == 0)
+			return gnutls_assert_val(GNUTLS_E_PK_SIG_VERIFY_FAILED);
+		return 0;
+	default:
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM);
+	}
+}
+
+static int
+_wrap_nettle_pk_verify(gnutls_pk_algorithm_t algo,
+		       const gnutls_datum_t * vdata,
+		       const gnutls_datum_t * signature,
+		       const gnutls_pk_params_st * pk_params,
+		       const gnutls_x509_spki_st * sign_params)
+{
+	int ret;
+	unsigned int hash_len;
+	bigint_t tmp[2] = { NULL, NULL };
+	bool not_approved = false;
+
+	FAIL_IF_LIB_ERROR;
+
+	/* check if the curve relates to the algorithm used */
+	if (IS_EC(algo) && gnutls_ecc_curve_get_pk(pk_params->curve) != algo) {
+		ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+		goto cleanup;
+	}
+
+	switch (algo) {
+	case GNUTLS_PK_EDDSA_ED25519:	/* we do EdDSA */
+	case GNUTLS_PK_EDDSA_ED448:
+		{
+			const gnutls_ecc_curve_entry_st *e;
+
+			/* EdDSA is not approved yet */
+			not_approved = true;
+
+			if (unlikely(get_eddsa_curve(algo) != pk_params->curve)) {
+				ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+				goto cleanup;
+			}
+
+			e = _gnutls_ecc_curve_get_params(pk_params->curve);
+			if (e == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+				goto cleanup;
+			}
+
+			if (signature->size != e->sig_size) {
+				ret = gnutls_assert_val(GNUTLS_E_PK_SIG_VERIFY_FAILED);
+				goto cleanup;
+			}
+
+			if (pk_params->raw_pub.size != e->size) {
+				ret = gnutls_assert_val(GNUTLS_E_PK_SIGN_FAILED);
+				goto cleanup;
+			}
+
+			ret = eddsa_verify(algo,
+					   pk_params->raw_pub.data,
+					   vdata->size, vdata->data,
+					   signature->data);
+			break;
+		}
+#if ENABLE_GOST
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		{
+			struct ecc_point pub;
+			struct dsa_signature sig;
+			const struct ecc_curve *curve;
+			const mac_entry_st *me;
+
+			/* GOSTDSA is not approved */
+			not_approved = true;
+
+			curve = get_supported_gost_curve(pk_params->curve);
+			if (curve == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+				goto cleanup;
+			}
+
+			/* This call will return a valid MAC entry and
+			 * getters will check that is not null anyway. */
+			me = hash_to_entry(_gnutls_gost_digest(pk_params->algo));
+			if (_gnutls_mac_get_algo_len(me) != vdata->size) {
+				ret = gnutls_assert_val(GNUTLS_E_PK_SIG_VERIFY_FAILED);
+				goto cleanup;
+			}
+
+			ret =
+			    _gnutls_decode_gost_rs(signature, &tmp[0],
+						  &tmp[1]);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			ret =
+			    _gost_params_to_pubkey(pk_params, &pub, curve);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			memcpy(sig.r, tmp[0], SIZEOF_MPZT);
+			memcpy(sig.s, tmp[1], SIZEOF_MPZT);
+
+			ret = gostdsa_verify(&pub, vdata->size, vdata->data, &sig);
+			if (ret == 0) {
+				gnutls_assert();
+				ret = GNUTLS_E_PK_SIG_VERIFY_FAILED;
+			} else
+				ret = 0;
+
+			ecc_point_clear(&pub);
+			break;
+		}
+#endif
+	case GNUTLS_PK_ECDSA:	/* ECDSA */
+		{
+			struct ecc_point pub;
+			struct dsa_signature sig;
+			int curve_id = pk_params->curve;
+			const struct ecc_curve *curve;
+			const mac_entry_st *me;
+
+			curve = get_supported_nist_curve(curve_id);
+			if (curve == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+				goto cleanup;
+			}
+
+			ret =
+			    _gnutls_decode_ber_rs(signature, &tmp[0],
+						  &tmp[1]);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			ret =
+			    _ecc_params_to_pubkey(pk_params, &pub, curve);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			memcpy(sig.r, tmp[0], SIZEOF_MPZT);
+			memcpy(sig.s, tmp[1], SIZEOF_MPZT);
+
+			me = _gnutls_dsa_q_to_hash(pk_params, &hash_len);
+
+			/* SHA-1 is allowed for SigVer in FIPS 140-3 in legacy
+			 * mode */
+			switch (me->id) {
+			case GNUTLS_MAC_SHA1:
+			case GNUTLS_MAC_SHA256:
+			case GNUTLS_MAC_SHA384:
+			case GNUTLS_MAC_SHA512:
+			case GNUTLS_MAC_SHA224:
+				break;
+			default:
+				not_approved = true;
+			}
+
+			if (hash_len > vdata->size)
+				hash_len = vdata->size;
+
+			ret =
+			    ecdsa_verify(&pub, hash_len, vdata->data,
+					 &sig);
+			if (ret == 0) {
+				gnutls_assert();
+				ret = GNUTLS_E_PK_SIG_VERIFY_FAILED;
+			} else
+				ret = 0;
+
+			ecc_point_clear(&pub);
+			break;
+		}
+	case GNUTLS_PK_DSA:
+		{
+			struct dsa_params pub;
+			struct dsa_signature sig;
+			bigint_t y;
+
+			/* DSA is currently being defined as sunset with the
+			 * current draft of FIPS 186-5 */
+			not_approved = true;
+
+			ret =
+			    _gnutls_decode_ber_rs(signature, &tmp[0],
+						  &tmp[1]);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			memset(&pub, 0, sizeof(pub));
+			_dsa_params_get(pk_params, &pub);
+			y = pk_params->params[DSA_Y];
+
+			memcpy(sig.r, tmp[0], SIZEOF_MPZT);
+			memcpy(sig.s, tmp[1], SIZEOF_MPZT);
+
+			_gnutls_dsa_q_to_hash(pk_params, &hash_len);
+
+			if (hash_len > vdata->size)
+				hash_len = vdata->size;
+
+			ret =
+			    dsa_verify(&pub, TOMPZ(y), hash_len, vdata->data, &sig);
+			if (ret == 0) {
+				gnutls_assert();
+				ret = GNUTLS_E_PK_SIG_VERIFY_FAILED;
+			} else
+				ret = 0;
+
+			break;
+		}
+	case GNUTLS_PK_RSA:
+		{
+			struct rsa_public_key pub;
+			size_t bits;
+
+			ret = _rsa_params_to_pubkey(pk_params, &pub);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			bits = mpz_sizeinbase(pub.n, 2);
+
+			/* In FIPS 140-3, RSA key size should be larger than
+			 * 2048-bit or one of the known lengths (1024, 1280,
+			 * 1536, 1792; i.e., multiple of 256-bits).
+			 *
+			 * In addition to this, only SHA-1 and SHA-2 are allowed
+			 * for SigVer; it is checked in _pkcs1_rsa_verify_sig in
+			 * lib/pubkey.c.
+			 */
+			if (unlikely(bits < 2048 &&
+				     bits != 1024 && bits != 1280 &&
+				     bits != 1536 && bits != 1792)) {
+				not_approved = true;
+			}
+
+			if (signature->size != pub.size) {
+				ret = gnutls_assert_val(GNUTLS_E_PK_SIG_VERIFY_FAILED);
+				goto cleanup;
+			}
+
+			ret =
+			    _gnutls_mpi_init_scan_nz(&tmp[0], signature->data,
+						signature->size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			ret =
+			    rsa_pkcs1_verify(&pub, vdata->size,
+					     vdata->data, TOMPZ(tmp[0]));
+			if (ret == 0)
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_PK_SIG_VERIFY_FAILED);
+			else
+				ret = 0;
+
+			break;
+		}
+	case GNUTLS_PK_RSA_PSS:
+		{
+			struct rsa_public_key pub;
+
+			if ((sign_params->flags &
+			     GNUTLS_PK_FLAG_RSA_PSS_FIXED_SALT_LENGTH) &&
+			    sign_params->salt_size != vdata->size) {
+				ret = gnutls_assert_val(GNUTLS_E_PK_SIG_VERIFY_FAILED);
+				goto cleanup;
+			}
+
+			ret = _rsa_params_to_pubkey(pk_params, &pub);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			/* RSA modulus size should be 2048-bit or larger in FIPS
+			 * 140-3.  In addition to this, only SHA-1 and SHA-2 are
+			 * allowed for SigVer, while Nettle only supports
+			 * SHA256, SHA384, and SHA512 for RSA-PSS (see
+			 * _rsa_pss_verify_digest in this file for the details).
+			 */
+			if (unlikely(mpz_sizeinbase(pub.n, 2) < 2048)) {
+				not_approved = true;
+			}
+
+			if (signature->size != pub.size) {
+				ret = gnutls_assert_val(GNUTLS_E_PK_SIG_VERIFY_FAILED);
+				goto cleanup;
+			}
+
+			ret =
+			    _gnutls_mpi_init_scan_nz(&tmp[0], signature->data,
+						     signature->size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			ret = _rsa_pss_verify_digest(sign_params->rsa_pss_dig,
+						     &pub,
+						     sign_params->salt_size,
+						     vdata->data, vdata->size,
+						     TOMPZ(tmp[0]));
+			if (ret == 0)
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_PK_SIG_VERIFY_FAILED);
+			else
+				ret = 0;
+
+			break;
+		}
+	default:
+		gnutls_assert();
+		ret = GNUTLS_E_INTERNAL_ERROR;
+		goto cleanup;
+	}
+
+      cleanup:
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else if (not_approved) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+
+	_gnutls_mpi_release(&tmp[0]);
+	_gnutls_mpi_release(&tmp[1]);
+	FAIL_IF_LIB_ERROR;
+	return ret;
+}
+
+static inline const struct ecc_curve *get_supported_nist_curve(int curve)
+{
+	switch (curve) {
+#ifdef ENABLE_NON_SUITEB_CURVES
+	case GNUTLS_ECC_CURVE_SECP192R1:
+		return nettle_get_secp_192r1();
+	case GNUTLS_ECC_CURVE_SECP224R1:
+		return nettle_get_secp_224r1();
+#endif
+	case GNUTLS_ECC_CURVE_SECP256R1:
+		return nettle_get_secp_256r1();
+	case GNUTLS_ECC_CURVE_SECP384R1:
+		return nettle_get_secp_384r1();
+	case GNUTLS_ECC_CURVE_SECP521R1:
+		return nettle_get_secp_521r1();
+	default:
+		return NULL;
+	}
+}
+
+static inline const char *get_supported_nist_curve_order(int curve)
+{
+	static const struct {
+		int curve;
+		const char *order;
+	} orders[] = {
+#ifdef ENABLE_NON_SUITEB_CURVES
+		{ GNUTLS_ECC_CURVE_SECP192R1,
+		  "ffffffffffffffffffffffff99def836"
+		  "146bc9b1b4d22831" },
+		{ GNUTLS_ECC_CURVE_SECP224R1,
+		  "ffffffffffffffffffffffffffff16a2"
+		  "e0b8f03e13dd29455c5c2a3d" },
+#endif
+		{ GNUTLS_ECC_CURVE_SECP256R1,
+		  "ffffffff00000000ffffffffffffffff"
+		  "bce6faada7179e84f3b9cac2fc632551" },
+		{ GNUTLS_ECC_CURVE_SECP384R1,
+		  "ffffffffffffffffffffffffffffffff"
+		  "ffffffffffffffffc7634d81f4372ddf"
+		  "581a0db248b0a77aecec196accc52973" },
+		{ GNUTLS_ECC_CURVE_SECP521R1,
+		  "1fffffffffffffffffffffffffffffff"
+		  "ffffffffffffffffffffffffffffffff"
+		  "ffa51868783bf2f966b7fcc0148f709a"
+		  "5d03bb5c9b8899c47aebb6fb71e91386"
+		  "409" },
+	};
+	size_t i;
+
+	for (i = 0; i < sizeof(orders)/sizeof(orders[0]); i++) {
+		if (orders[i].curve == curve)
+			return orders[i].order;
+	}
+	return NULL;
+}
+
+static inline const char *get_supported_nist_curve_modulus(int curve)
+{
+	static const struct {
+		int curve;
+		const char *order;
+	} orders[] = {
+#ifdef ENABLE_NON_SUITEB_CURVES
+		{ GNUTLS_ECC_CURVE_SECP192R1,
+		  "fffffffffffffffffffffffffffffffe"
+		  "ffffffffffffffff" },
+		{ GNUTLS_ECC_CURVE_SECP224R1,
+		  "ffffffffffffffffffffffffffffffff"
+		  "000000000000000000000001" },
+#endif
+		{ GNUTLS_ECC_CURVE_SECP256R1,
+		  "ffffffff000000010000000000000000"
+		  "00000000ffffffffffffffffffffffff" },
+		{ GNUTLS_ECC_CURVE_SECP384R1,
+		  "ffffffffffffffffffffffffffffffff"
+		  "fffffffffffffffffffffffffffffffe"
+		  "ffffffff0000000000000000ffffffff" },
+		{ GNUTLS_ECC_CURVE_SECP521R1,
+		  "1ff"
+		  "ffffffffffffffffffffffffffffffff"
+		  "ffffffffffffffffffffffffffffffff"
+		  "ffffffffffffffffffffffffffffffff"
+		  "ffffffffffffffffffffffffffffffff" },
+	};
+	size_t i;
+
+	for (i = 0; i < sizeof(orders)/sizeof(orders[0]); i++) {
+		if (orders[i].curve == curve)
+			return orders[i].order;
+	}
+	return NULL;
+}
+
+static inline const struct ecc_curve *get_supported_gost_curve(int curve)
+{
+	switch (curve) {
+#if ENABLE_GOST
+	case GNUTLS_ECC_CURVE_GOST256CPA:
+	case GNUTLS_ECC_CURVE_GOST256CPXA:
+	case GNUTLS_ECC_CURVE_GOST256B:
+		return nettle_get_gost_gc256b();
+	case GNUTLS_ECC_CURVE_GOST512A:
+		return nettle_get_gost_gc512a();
+#endif
+	default:
+		return NULL;
+	}
+}
+
+static int _wrap_nettle_pk_curve_exists(gnutls_ecc_curve_t curve)
+{
+	switch (curve) {
+		case GNUTLS_ECC_CURVE_ED25519:
+		case GNUTLS_ECC_CURVE_X25519:
+		case GNUTLS_ECC_CURVE_ED448:
+		case GNUTLS_ECC_CURVE_X448:
+			return 1;
+		default:
+			return ((get_supported_nist_curve(curve)!=NULL ||
+				 get_supported_gost_curve(curve)!=NULL)?1:0);
+	}
+}
+
+static int _wrap_nettle_pk_exists(gnutls_pk_algorithm_t pk)
+{
+	switch (pk) {
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_DSA:
+	case GNUTLS_PK_DH:
+	case GNUTLS_PK_ECDSA:
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_RSA_PSS:
+	case GNUTLS_PK_EDDSA_ED25519:
+#if ENABLE_GOST
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+#endif
+	case GNUTLS_PK_ECDH_X448:
+	case GNUTLS_PK_EDDSA_ED448:
+		return 1;
+	default:
+		return 0;
+	}
+}
+
+static int _wrap_nettle_pk_sign_exists(gnutls_sign_algorithm_t sign)
+{
+	switch (sign) {
+	case GNUTLS_SIGN_RSA_SHA1:
+	case GNUTLS_SIGN_DSA_SHA1:
+	case GNUTLS_SIGN_RSA_MD5:
+	case GNUTLS_SIGN_RSA_MD2:
+	case GNUTLS_SIGN_RSA_RMD160:
+	case GNUTLS_SIGN_RSA_SHA256:
+	case GNUTLS_SIGN_RSA_SHA384:
+	case GNUTLS_SIGN_RSA_SHA512:
+	case GNUTLS_SIGN_RSA_SHA224:
+	case GNUTLS_SIGN_DSA_SHA224:
+	case GNUTLS_SIGN_DSA_SHA256:
+	case GNUTLS_SIGN_ECDSA_SHA1:
+	case GNUTLS_SIGN_ECDSA_SHA224:
+	case GNUTLS_SIGN_ECDSA_SHA256:
+	case GNUTLS_SIGN_ECDSA_SHA384:
+	case GNUTLS_SIGN_ECDSA_SHA512:
+	case GNUTLS_SIGN_DSA_SHA384:
+	case GNUTLS_SIGN_DSA_SHA512:
+	case GNUTLS_SIGN_ECDSA_SHA3_224:
+	case GNUTLS_SIGN_ECDSA_SHA3_256:
+	case GNUTLS_SIGN_ECDSA_SHA3_384:
+	case GNUTLS_SIGN_ECDSA_SHA3_512:
+
+	case GNUTLS_SIGN_DSA_SHA3_224:
+	case GNUTLS_SIGN_DSA_SHA3_256:
+	case GNUTLS_SIGN_DSA_SHA3_384:
+	case GNUTLS_SIGN_DSA_SHA3_512:
+	case GNUTLS_SIGN_RSA_SHA3_224:
+	case GNUTLS_SIGN_RSA_SHA3_256:
+	case GNUTLS_SIGN_RSA_SHA3_384:
+	case GNUTLS_SIGN_RSA_SHA3_512:
+
+	case GNUTLS_SIGN_RSA_PSS_SHA256:
+	case GNUTLS_SIGN_RSA_PSS_SHA384:
+	case GNUTLS_SIGN_RSA_PSS_SHA512:
+	case GNUTLS_SIGN_EDDSA_ED25519:
+	case GNUTLS_SIGN_RSA_RAW:
+
+	case GNUTLS_SIGN_ECDSA_SECP256R1_SHA256:
+	case GNUTLS_SIGN_ECDSA_SECP384R1_SHA384:
+	case GNUTLS_SIGN_ECDSA_SECP521R1_SHA512:
+
+	case GNUTLS_SIGN_RSA_PSS_RSAE_SHA256:
+	case GNUTLS_SIGN_RSA_PSS_RSAE_SHA384:
+	case GNUTLS_SIGN_RSA_PSS_RSAE_SHA512:
+
+#if ENABLE_GOST
+	case GNUTLS_SIGN_GOST_94:
+	case GNUTLS_SIGN_GOST_256:
+	case GNUTLS_SIGN_GOST_512:
+#endif
+	case GNUTLS_SIGN_EDDSA_ED448:
+		return 1;
+	default:
+		return 0;
+	}
+}
+
+/* Generates algorithm's parameters. That is:
+ *  For DSA: p, q, and g are generated.
+ *  For RSA: nothing
+ *  For ECDSA/EDDSA: nothing
+ */
+static int
+wrap_nettle_pk_generate_params(gnutls_pk_algorithm_t algo,
+			       unsigned int level /*bits or curve*/ ,
+			       gnutls_pk_params_st * params)
+{
+	int ret;
+	unsigned int i, q_bits;
+
+	FAIL_IF_LIB_ERROR;
+
+	params->algo = algo;
+
+	switch (algo) {
+	case GNUTLS_PK_DSA:
+	case GNUTLS_PK_DH:
+		{
+			struct dsa_params pub;
+			struct dss_params_validation_seeds cert;
+			unsigned index;
+
+			dsa_params_init(&pub);
+
+			if (GNUTLS_BITS_HAVE_SUBGROUP(level)) {
+				q_bits = GNUTLS_BITS_TO_SUBGROUP(level);
+				level = GNUTLS_BITS_TO_GROUP(level);
+			} else {
+				q_bits = _gnutls_pk_bits_to_subgroup_bits(level);
+			}
+
+			if (q_bits == 0)
+				return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+			if (_gnutls_fips_mode_enabled() != 0 || params->pkflags & GNUTLS_PK_FLAG_PROVABLE) {
+				if (algo==GNUTLS_PK_DSA)
+					index = 1;
+				else
+					index = 2;
+
+				if (params->palgo != 0 && params->palgo != GNUTLS_DIG_SHA384) {
+					ret = GNUTLS_E_INVALID_REQUEST;
+					goto dsa_fail;
+				}
+
+				params->palgo = GNUTLS_DIG_SHA384;
+
+				if (params->seed_size) {
+					ret =
+						_dsa_generate_dss_pqg(&pub, &cert,
+							index, params->seed_size, params->seed,
+							NULL, NULL, level, q_bits);
+				} else {
+					ret =
+						dsa_generate_dss_pqg(&pub, &cert,
+							index, NULL, rnd_tmpkey_func,
+							NULL, NULL, level, q_bits);
+				}
+				if (ret != 1 || HAVE_LIB_ERROR()) {
+					gnutls_assert();
+					ret = GNUTLS_E_PK_GENERATION_ERROR;
+					goto dsa_fail;
+				}
+
+				if (cert.seed_length && cert.seed_length < sizeof(params->seed)) {
+					params->seed_size = cert.seed_length;
+					memcpy(params->seed, cert.seed, cert.seed_length);
+				}
+
+				/* verify the generated parameters */
+				ret = dsa_validate_dss_pqg(&pub, &cert, index);
+				if (ret != 1) {
+					gnutls_assert();
+					ret = GNUTLS_E_PK_GENERATION_ERROR;
+					goto dsa_fail;
+				}
+			} else {
+				if (q_bits < 160)
+					q_bits = 160;
+
+				ret = dsa_generate_params(&pub, NULL, rnd_tmpkey_func,
+							  NULL, NULL, level, q_bits);
+				if (ret != 1 || HAVE_LIB_ERROR()) {
+					gnutls_assert();
+					ret = GNUTLS_E_PK_GENERATION_ERROR;
+					goto dsa_fail;
+				}
+			}
+
+			params->params_nr = 0;
+
+			ret = _gnutls_mpi_init_multi(&params->params[DSA_P], &params->params[DSA_Q],
+					&params->params[DSA_G], NULL);
+			if (ret < 0) {
+				gnutls_assert();
+				goto dsa_fail;
+			}
+			params->params_nr = 3;
+
+			mpz_set(TOMPZ(params->params[DSA_P]), pub.p);
+			mpz_set(TOMPZ(params->params[DSA_Q]), pub.q);
+			mpz_set(TOMPZ(params->params[DSA_G]), pub.g);
+
+			ret = 0;
+
+		      dsa_fail:
+			dsa_params_clear(&pub);
+
+			if (ret < 0)
+				goto fail;
+
+			break;
+		}
+	case GNUTLS_PK_RSA_PSS:
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_ECDSA:
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_ECDH_X448:
+#if ENABLE_GOST
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+#endif
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	FAIL_IF_LIB_ERROR;
+	return 0;
+
+      fail:
+
+	for (i = 0; i < params->params_nr; i++) {
+		_gnutls_mpi_release(&params->params[i]);
+	}
+	params->params_nr = 0;
+
+	FAIL_IF_LIB_ERROR;
+	return ret;
+}
+
+#ifdef ENABLE_FIPS140
+int _gnutls_dh_generate_key(gnutls_dh_params_t dh_params,
+			    gnutls_datum_t *priv_key, gnutls_datum_t *pub_key);
+
+int _gnutls_dh_compute_key(gnutls_dh_params_t dh_params,
+			   const gnutls_datum_t *priv_key, const gnutls_datum_t *pub_key,
+			   const gnutls_datum_t *peer_key, gnutls_datum_t *Z);
+
+int _gnutls_ecdh_compute_key(gnutls_ecc_curve_t curve,
+			   const gnutls_datum_t *x, const gnutls_datum_t *y,
+			   const gnutls_datum_t *k,
+			   const gnutls_datum_t *peer_x, const gnutls_datum_t *peer_y,
+			   gnutls_datum_t *Z);
+
+int _gnutls_ecdh_generate_key(gnutls_ecc_curve_t curve,
+			      gnutls_datum_t *x, gnutls_datum_t *y,
+			      gnutls_datum_t *k);
+
+
+int _gnutls_dh_generate_key(gnutls_dh_params_t dh_params,
+			    gnutls_datum_t *priv_key, gnutls_datum_t *pub_key)
+{
+	gnutls_pk_params_st params;
+	int ret;
+
+	gnutls_pk_params_init(&params);
+	params.params[DH_P] = _gnutls_mpi_copy(dh_params->params[0]);
+	params.params[DH_G] = _gnutls_mpi_copy(dh_params->params[1]);
+
+	params.params_nr = 5;
+	params.algo = GNUTLS_PK_DH;
+
+	priv_key->data = NULL;
+	pub_key->data = NULL;
+
+	ret = _gnutls_pk_generate_keys(GNUTLS_PK_DH, dh_params->q_bits, &params, 0);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	ret =
+	    _gnutls_mpi_dprint_lz(params.params[DH_X], priv_key);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	ret =
+	    _gnutls_mpi_dprint_lz(params.params[DH_Y], pub_key);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	ret = 0;
+	goto cleanup;
+ fail:
+	gnutls_free(pub_key->data);
+	gnutls_free(priv_key->data);
+ cleanup:
+	gnutls_pk_params_clear(&params);
+	gnutls_pk_params_release(&params);
+	return ret;
+}
+
+/* Note that the value of Z will have the leading bytes stripped if they are zero -
+ * which follows the TLS approach. */
+int _gnutls_dh_compute_key(gnutls_dh_params_t dh_params,
+			   const gnutls_datum_t *priv_key, const gnutls_datum_t *pub_key,
+			   const gnutls_datum_t *peer_key, gnutls_datum_t *Z)
+{
+	gnutls_pk_params_st pub, priv;
+	int ret;
+
+	gnutls_pk_params_init(&pub);
+	pub.params_nr = 5;
+	pub.algo = GNUTLS_PK_DH;
+
+	gnutls_pk_params_init(&priv);
+	priv.params_nr = 5;
+	priv.algo = GNUTLS_PK_DH;
+
+	if (_gnutls_mpi_init_scan_nz
+		    (&pub.params[DH_Y], peer_key->data,
+		     peer_key->size) != 0) {
+		ret =
+		    gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED);
+		goto cleanup;
+	}
+
+	priv.params[DH_P] = _gnutls_mpi_copy(dh_params->params[0]);
+	priv.params[DH_G] = _gnutls_mpi_copy(dh_params->params[1]);
+	if (dh_params->params[2])
+		priv.params[DH_Q] = _gnutls_mpi_copy(dh_params->params[2]);
+
+	if (_gnutls_mpi_init_scan_nz
+		    (&priv.params[DH_X], priv_key->data,
+		     priv_key->size) != 0) {
+		ret =
+		    gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED);
+		goto cleanup;
+	}
+
+	Z->data = NULL;
+
+	ret = _gnutls_pk_derive(GNUTLS_PK_DH, Z, &priv, &pub);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_pk_params_clear(&pub);
+	gnutls_pk_params_release(&pub);
+	gnutls_pk_params_clear(&priv);
+	gnutls_pk_params_release(&priv);
+	return ret;
+}
+
+int _gnutls_ecdh_generate_key(gnutls_ecc_curve_t curve,
+			      gnutls_datum_t *x, gnutls_datum_t *y,
+			      gnutls_datum_t *k)
+{
+	gnutls_pk_params_st params;
+	int ret;
+
+	gnutls_pk_params_init(&params);
+	params.params_nr = 3;
+	params.curve = curve;
+	params.algo = GNUTLS_PK_ECDSA;
+
+	x->data = NULL;
+	y->data = NULL;
+	k->data = NULL;
+
+	ret = _gnutls_pk_generate_keys(GNUTLS_PK_ECDSA, curve, &params, 0);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	ret =
+	    _gnutls_mpi_dprint_lz(params.params[ECC_X], x);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	ret =
+	    _gnutls_mpi_dprint_lz(params.params[ECC_Y], y);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	ret =
+	    _gnutls_mpi_dprint_lz(params.params[ECC_K], k);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	ret = 0;
+	goto cleanup;
+ fail:
+	gnutls_free(y->data);
+	gnutls_free(x->data);
+	gnutls_free(k->data);
+ cleanup:
+	gnutls_pk_params_clear(&params);
+	gnutls_pk_params_release(&params);
+	return ret;
+}
+
+int _gnutls_ecdh_compute_key(gnutls_ecc_curve_t curve,
+			   const gnutls_datum_t *x, const gnutls_datum_t *y,
+			   const gnutls_datum_t *k,
+			   const gnutls_datum_t *peer_x, const gnutls_datum_t *peer_y,
+			   gnutls_datum_t *Z)
+{
+	gnutls_pk_params_st pub, priv;
+	int ret;
+
+	gnutls_pk_params_init(&pub);
+	pub.params_nr = 3;
+	pub.algo = GNUTLS_PK_ECDSA;
+	pub.curve = curve;
+
+	gnutls_pk_params_init(&priv);
+	priv.params_nr = 3;
+	priv.algo = GNUTLS_PK_ECDSA;
+	priv.curve = curve;
+
+	if (_gnutls_mpi_init_scan_nz
+		    (&pub.params[ECC_Y], peer_y->data,
+		     peer_y->size) != 0) {
+		ret =
+		    gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED);
+		goto cleanup;
+	}
+
+	if (_gnutls_mpi_init_scan_nz
+		    (&pub.params[ECC_X], peer_x->data,
+		     peer_x->size) != 0) {
+		ret =
+		    gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED);
+		goto cleanup;
+	}
+
+	if (_gnutls_mpi_init_scan_nz
+		    (&priv.params[ECC_Y], y->data,
+		     y->size) != 0) {
+		ret =
+		    gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED);
+		goto cleanup;
+	}
+
+	if (_gnutls_mpi_init_scan_nz
+		    (&priv.params[ECC_X], x->data,
+		     x->size) != 0) {
+		ret =
+		    gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED);
+		goto cleanup;
+	}
+
+	if (_gnutls_mpi_init_scan_nz
+		    (&priv.params[ECC_K], k->data,
+		     k->size) != 0) {
+		ret =
+		    gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED);
+		goto cleanup;
+	}
+
+	Z->data = NULL;
+
+	ret = _gnutls_pk_derive(GNUTLS_PK_ECDSA, Z, &priv, &pub);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_pk_params_clear(&pub);
+	gnutls_pk_params_release(&pub);
+	gnutls_pk_params_clear(&priv);
+	gnutls_pk_params_release(&priv);
+	return ret;
+}
+
+static int pct_test(gnutls_pk_algorithm_t algo, const gnutls_pk_params_st* params)
+{
+	int ret;
+	gnutls_datum_t sig = {NULL, 0};
+	const char const_data[20] = "onetwothreefourfive";
+	const char const_data_sha256[32] = "onetwothreefourfivesixseveneight";
+	const char const_data_sha384[48] = "onetwothreefourfivesixseveneightnineteneleventwe";
+	const char const_data_sha512[64] = "onetwothreefourfivesixseveneightnineteneleventwelvethirteenfourt";
+	gnutls_datum_t ddata, tmp = {NULL,0};
+	char* gen_data = NULL;
+	gnutls_x509_spki_st spki;
+	gnutls_fips140_context_t context;
+
+	memcpy(&spki, &params->spki, sizeof(spki));
+
+	if (algo == GNUTLS_PK_DSA || algo == GNUTLS_PK_EC) {
+		unsigned hash_len;
+
+		_gnutls_dsa_q_to_hash(params, &hash_len);
+		gen_data = gnutls_malloc(hash_len);
+		gnutls_rnd(GNUTLS_RND_NONCE, gen_data, hash_len);
+
+		ddata.data = (void*)gen_data;
+		ddata.size = hash_len;
+	} else if (algo == GNUTLS_PK_GOST_01 || algo == GNUTLS_PK_GOST_12_256) {
+		ddata.data = (void*)const_data_sha256;
+		ddata.size = sizeof(const_data_sha256);
+	} else if (algo == GNUTLS_PK_GOST_12_512) {
+		ddata.data = (void*)const_data_sha512;
+		ddata.size = sizeof(const_data_sha512);
+	} else if (algo == GNUTLS_PK_RSA_PSS) {
+		if (spki.rsa_pss_dig == GNUTLS_DIG_UNKNOWN)
+			spki.rsa_pss_dig = GNUTLS_DIG_SHA256;
+
+		switch (spki.rsa_pss_dig) {
+		case GNUTLS_DIG_SHA256:
+			ddata.data = (void*)const_data_sha256;
+			ddata.size = sizeof(const_data_sha256);
+			break;
+		case GNUTLS_DIG_SHA384:
+			ddata.data = (void*)const_data_sha384;
+			ddata.size = sizeof(const_data_sha384);
+			break;
+		case GNUTLS_DIG_SHA512:
+			ddata.data = (void*)const_data_sha512;
+			ddata.size = sizeof(const_data_sha512);
+			break;
+		default:
+			ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR);
+			goto cleanup;
+		}
+	} else {
+		ddata.data = (void*)const_data;
+		ddata.size = sizeof(const_data);
+	}
+
+	switch (algo) {
+	case GNUTLS_PK_RSA:
+		/* Push a temporary FIPS context because _gnutls_pk_encrypt and
+		 * _gnutls_pk_decrypt below will mark RSAES-PKCS1-v1_5 operation
+		 * non-approved */
+		if (gnutls_fips140_context_init(&context) < 0) {
+			ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR);
+			goto cleanup;
+		}
+		if (gnutls_fips140_push_context(context) < 0) {
+			ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR);
+			gnutls_fips140_context_deinit(context);
+			goto cleanup;
+		}
+
+		ret = _gnutls_pk_encrypt(algo, &sig, &ddata, params);
+		if (ret < 0) {
+			ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR);
+		}
+		if (ret == 0 &&
+		    ddata.size == sig.size &&
+		    memcmp(ddata.data, sig.data, sig.size) == 0) {
+			ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR);
+		}
+		if (ret == 0 &&
+		    _gnutls_pk_decrypt(algo, &tmp, &sig, params) < 0) {
+			ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR);
+		}
+		if (ret == 0 &&
+		    !(tmp.size == ddata.size &&
+		      memcmp(tmp.data, ddata.data, tmp.size) == 0)) {
+			ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR);
+		}
+
+		if (unlikely(gnutls_fips140_pop_context() < 0)) {
+			ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR);
+		}
+		gnutls_fips140_context_deinit(context);
+
+		if (ret < 0) {
+			goto cleanup;
+		}
+
+		free(sig.data);
+		sig.data = NULL;
+
+		FALLTHROUGH;
+	case GNUTLS_PK_EC: /* we only do keys for ECDSA */
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+	case GNUTLS_PK_DSA:
+	case GNUTLS_PK_RSA_PSS:
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		ret = _gnutls_pk_sign(algo, &sig, &ddata, params, &spki);
+		if (ret < 0) {
+			ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR);
+			goto cleanup;
+		}
+
+		ret = _gnutls_pk_verify(algo, &ddata, &sig, params, &spki);
+		if (ret < 0) {
+			ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR);
+			gnutls_assert();
+			goto cleanup;
+		}
+		break;
+	case GNUTLS_PK_DH:
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_ECDH_X448:
+		ret = 0;
+		goto cleanup;
+	default:
+		ret = gnutls_assert_val(GNUTLS_E_UNKNOWN_PK_ALGORITHM);
+		goto cleanup;
+	}
+
+	ret = 0;
+cleanup:
+	if (ret == GNUTLS_E_PK_GENERATION_ERROR) {
+		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+	}
+	gnutls_free(gen_data);
+	gnutls_free(sig.data);
+	gnutls_free(tmp.data);
+	return ret;
+}
+#endif
+
+static inline int
+eddsa_public_key(gnutls_pk_algorithm_t algo,
+		 uint8_t *pub, const uint8_t *priv)
+{
+	switch (algo) {
+	case GNUTLS_PK_EDDSA_ED25519:
+		ed25519_sha512_public_key(pub, priv);
+		return 0;
+	case GNUTLS_PK_EDDSA_ED448:
+		ed448_shake256_public_key(pub, priv);
+		return 0;
+	default:
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM);
+	}
+}
+
+static inline int
+edwards_curve_mul_g(gnutls_pk_algorithm_t algo,
+		    uint8_t *q, const uint8_t *n)
+{
+	switch (algo) {
+	case GNUTLS_PK_ECDH_X25519:
+		curve25519_mul_g(q, n);
+		return 0;
+	case GNUTLS_PK_ECDH_X448:
+		curve448_mul_g(q, n);
+		return 0;
+	default:
+		return gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+	}
+}
+
+static inline int
+dh_find_q(const gnutls_pk_params_st *pk_params, mpz_t q)
+{
+	gnutls_datum_t prime = { NULL, 0 };
+	gnutls_datum_t generator = { NULL, 0 };
+	uint8_t *data_q;
+	size_t n_q;
+	bigint_t _q;
+	int ret = 0;
+
+	ret = _gnutls_mpi_dprint(pk_params->params[DSA_P], &prime);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_mpi_dprint(pk_params->params[DSA_G], &generator);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (!_gnutls_dh_prime_match_fips_approved(prime.data,
+						  prime.size,
+						  generator.data,
+						  generator.size,
+						  &data_q,
+						  &n_q)) {
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto cleanup;
+	}
+
+	if (_gnutls_mpi_init_scan_nz(&_q, data_q, n_q) != 0) {
+		ret = gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED);
+		goto cleanup;
+	}
+
+	mpz_set(q, TOMPZ(_q));
+	_gnutls_mpi_release(&_q);
+
+ cleanup:
+	gnutls_free(prime.data);
+	gnutls_free(generator.data);
+
+	return ret;
+}
+
+/* To generate a DH key either q must be set in the params or
+ * level should be set to the number of required bits.
+ */
+static int
+wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo,
+			       unsigned int level /*bits or curve */ ,
+			       gnutls_pk_params_st * params,
+			       unsigned ephemeral /*non-zero if they are ephemeral keys */)
+{
+	int ret;
+	unsigned int i;
+	unsigned rnd_level;
+	nettle_random_func *rnd_func;
+	bool not_approved = false;
+
+	FAIL_IF_LIB_ERROR;
+
+	/* check if the curve relates to the algorithm used */
+	if (IS_EC(algo) && gnutls_ecc_curve_get_pk(level) != algo) {
+		ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+		goto cleanup;
+	}
+
+	if (ephemeral) {
+		rnd_level = GNUTLS_RND_RANDOM;
+		rnd_func = rnd_tmpkey_func;
+	} else {
+		rnd_func = rnd_key_func;
+		rnd_level = GNUTLS_RND_KEY;
+	}
+
+	switch (algo) {
+	case GNUTLS_PK_DSA:
+#ifdef ENABLE_FIPS140
+		if (_gnutls_fips_mode_enabled() != 0) {
+			struct dsa_params pub;
+			mpz_t x, y;
+
+			/* DSA is currently being defined as sunset with the
+			 * current draft of FIPS 186-5 */
+			not_approved = true;
+
+			if (params->params[DSA_Q] == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+				goto cleanup;
+			}
+
+			_dsa_params_get(params, &pub);
+
+			mpz_init(x);
+			mpz_init(y);
+
+			ret =
+			    dsa_generate_dss_keypair(&pub, y, x,
+						 NULL, rnd_func,
+						 NULL, NULL);
+			if (ret != 1 || HAVE_LIB_ERROR()) {
+				gnutls_assert();
+				ret = GNUTLS_E_PK_GENERATION_ERROR;
+				goto dsa_fail;
+			}
+
+			ret = _gnutls_mpi_init_multi(&params->params[DSA_Y], &params->params[DSA_X], NULL);
+			if (ret < 0) {
+				gnutls_assert();
+				goto dsa_fail;
+			}
+
+			mpz_set(TOMPZ(params->params[DSA_Y]), y);
+			mpz_set(TOMPZ(params->params[DSA_X]), x);
+			params->params_nr += 2;
+
+		      dsa_fail:
+			mpz_clear(x);
+			mpz_clear(y);
+
+			if (ret < 0)
+				goto cleanup;
+
+			break;
+		}
+#endif
+		FALLTHROUGH;
+	case GNUTLS_PK_DH:
+		{
+			struct dsa_params pub;
+			mpz_t r;
+			mpz_t x, y;
+			int max_tries;
+			unsigned have_q = 0;
+			mpz_t q;
+			mpz_t primesub1;
+			mpz_t ypowq;
+
+			if (algo != params->algo) {
+				ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+				goto cleanup;
+			}
+
+			_dsa_params_get(params, &pub);
+
+			if (params->params[DSA_Q] != NULL)
+				have_q = 1;
+
+			/* This check is for the case !ENABLE_FIPS140 */
+			if (algo == GNUTLS_PK_DSA && have_q == 0) {
+				ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+				goto cleanup;
+			}
+
+			mpz_init(r);
+			mpz_init(x);
+			mpz_init(y);
+
+			mpz_init(q);
+			mpz_init(primesub1);
+			mpz_init(ypowq);
+
+			max_tries = 3;
+			do {
+				if (have_q) {
+					mpz_set(r, pub.q);
+					mpz_sub_ui(r, r, 2);
+					nettle_mpz_random(x, NULL, rnd_func, r);
+					mpz_add_ui(x, x, 1);
+				} else {
+					unsigned size = mpz_sizeinbase(pub.p, 2);
+					if (level == 0)
+						level = MIN(size, DH_EXPONENT_SIZE(size));
+					nettle_mpz_random_size(x, NULL, rnd_func, level);
+
+					if (level >= size)
+						mpz_mod(x, x, pub.p);
+				}
+
+				mpz_powm(y, pub.g, x, pub.p);
+
+				max_tries--;
+				if (max_tries <= 0) {
+					gnutls_assert();
+					ret = GNUTLS_E_RANDOM_FAILED;
+					goto dh_fail;
+				}
+
+				if (HAVE_LIB_ERROR()) {
+					gnutls_assert();
+					ret = GNUTLS_E_LIB_IN_ERROR_STATE;
+					goto dh_fail;
+				}
+
+			} while(mpz_cmp_ui(y, 1) == 0);
+
+#ifdef ENABLE_FIPS140
+			if (_gnutls_fips_mode_enabled()) {
+				/* Perform FFC full public key validation checks
+				 * according to SP800-56A (revision 3), 5.6.2.3.1.
+				 */
+
+				/* Step 1: 2 <= y <= p - 2 */
+				mpz_sub_ui(primesub1, pub.p, 1);
+
+				if (mpz_cmp_ui(y, 2) < 0 || mpz_cmp(y, primesub1) >= 0) {
+					ret = gnutls_assert_val(GNUTLS_E_RANDOM_FAILED);
+					goto dh_fail;
+				}
+
+				/* Step 2: 1 = y^q mod p */
+				if (have_q)
+					mpz_set(q, pub.q);
+				else {
+					ret = dh_find_q(params, q);
+					if (ret < 0)
+						goto dh_fail;
+				}
+
+				mpz_powm(ypowq, y, q, pub.p);
+				if (mpz_cmp_ui(ypowq, 1) != 0) {
+					ret = gnutls_assert_val(GNUTLS_E_RANDOM_FAILED);
+					goto dh_fail;
+				}
+			}
+#endif
+
+			ret = _gnutls_mpi_init_multi(&params->params[DSA_Y], &params->params[DSA_X], NULL);
+			if (ret < 0) {
+				gnutls_assert();
+				goto dh_fail;
+			}
+
+			mpz_set(TOMPZ(params->params[DSA_Y]), y);
+			mpz_set(TOMPZ(params->params[DSA_X]), x);
+			params->params_nr += 2;
+
+			ret = 0;
+
+		      dh_fail:
+			mpz_clear(r);
+			mpz_clear(x);
+			mpz_clear(y);
+			mpz_clear(q);
+			mpz_clear(primesub1);
+			mpz_clear(ypowq);
+
+			if (ret < 0)
+				goto cleanup;
+
+			break;
+		}
+	case GNUTLS_PK_RSA_PSS:
+	case GNUTLS_PK_RSA:
+		{
+			struct rsa_public_key pub;
+			struct rsa_private_key priv;
+
+			rsa_public_key_init(&pub);
+			rsa_private_key_init(&priv);
+
+			mpz_set_ui(pub.e, 65537);
+
+			if ((params->pkflags & GNUTLS_PK_FLAG_PROVABLE) || _gnutls_fips_mode_enabled() != 0) {
+				params->pkflags |= GNUTLS_PK_FLAG_PROVABLE;
+				if (params->palgo != 0 && params->palgo != GNUTLS_DIG_SHA384) {
+					ret = GNUTLS_E_INVALID_REQUEST;
+					goto rsa_fail;
+				}
+
+				params->palgo = GNUTLS_DIG_SHA384;
+
+				if (params->seed_size) {
+					ret = _rsa_generate_fips186_4_keypair(&pub, &priv,
+						params->seed_size, params->seed,
+						NULL, NULL, level);
+				} else {
+					unsigned retries = 0;
+					/* The provable RSA key generation process is deterministic
+					 * but has an internal maximum iteration counter and when
+					 * exceed will fail for certain random seeds. This is a very
+					 * rare condition, but it nevertheless happens and even CI builds fail
+					 * occasionally. When we generate the random seed internally, remediate
+					 * by retrying a different seed on failure. */
+					do {
+						params->seed_size = sizeof(params->seed);
+						ret =
+						    rsa_generate_fips186_4_keypair(&pub, &priv, NULL,
+							 rnd_func, NULL, NULL,
+							 &params->seed_size, params->seed,
+							 level);
+					} while (ret != 1 && ++retries < 3);
+				}
+			} else {
+				not_approved = true;
+
+				ret =
+				    rsa_generate_keypair(&pub, &priv, NULL,
+						 rnd_func, NULL, NULL,
+						 level, 0);
+			}
+			if (ret != 1 || HAVE_LIB_ERROR()) {
+				gnutls_assert();
+				ret = GNUTLS_E_PK_GENERATION_ERROR;
+				goto rsa_fail;
+			}
+
+			params->params_nr = 0;
+			for (i = 0; i < RSA_PRIVATE_PARAMS; i++) {
+				ret = _gnutls_mpi_init(&params->params[i]);
+				if (ret < 0) {
+					gnutls_assert();
+					goto rsa_fail;
+				}
+				params->params_nr++;
+			}
+
+			/* In FIPS 140-3, pub.n should be 2048-bit or larger; it
+			 * is assured in rsa_generate_fips186_4_keypair in
+			 * lib/nettle/int/rsa-keygen-fips186.c. */
+
+			mpz_set(TOMPZ(params->params[RSA_MODULUS]), pub.n);
+			mpz_set(TOMPZ(params->params[RSA_PUB]), pub.e);
+			mpz_set(TOMPZ(params->params[RSA_PRIV]), priv.d);
+			mpz_set(TOMPZ(params->params[RSA_PRIME1]), priv.p);
+			mpz_set(TOMPZ(params->params[RSA_PRIME2]), priv.q);
+			mpz_set(TOMPZ(params->params[RSA_COEF]), priv.c);
+			mpz_set(TOMPZ(params->params[RSA_E1]), priv.a);
+			mpz_set(TOMPZ(params->params[RSA_E2]), priv.b);
+
+			ret = 0;
+
+		      rsa_fail:
+			rsa_private_key_clear(&priv);
+			rsa_public_key_clear(&pub);
+
+			if (ret < 0)
+				goto cleanup;
+
+			break;
+		}
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+		{
+			unsigned size = gnutls_ecc_curve_get_size(level);
+
+			/* EdDSA is not approved yet */
+			not_approved = true;
+
+			if (params->pkflags & GNUTLS_PK_FLAG_PROVABLE) {
+				ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+				goto cleanup;
+			}
+
+			if (unlikely(get_eddsa_curve(algo) != level)) {
+				ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+				goto cleanup;
+			}
+
+			if (size == 0) {
+				ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+				goto cleanup;
+			}
+
+			params->curve = level;
+
+			params->raw_priv.data = gnutls_malloc(size);
+			if (params->raw_priv.data == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				goto cleanup;
+			}
+
+			params->raw_pub.data = gnutls_malloc(size);
+			if (params->raw_pub.data == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				goto cleanup;
+			}
+
+			ret = gnutls_rnd(rnd_level, params->raw_priv.data, size);
+			if (ret < 0) {
+				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				goto cleanup;
+			}
+			params->raw_pub.size = size;
+			params->raw_priv.size = size;
+
+			ret = eddsa_public_key(algo,
+					       params->raw_pub.data,
+					       params->raw_priv.data);
+			if (ret < 0)
+				goto cleanup;
+
+			break;
+		}
+	case GNUTLS_PK_ECDSA:
+		if (params->pkflags & GNUTLS_PK_FLAG_PROVABLE)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		{
+			struct ecc_scalar key;
+			struct ecc_point pub;
+			const struct ecc_curve *curve;
+			struct ecc_scalar n;
+			struct ecc_scalar m;
+			struct ecc_point r;
+			mpz_t x, y, xx, yy, nn, mm;
+
+			curve = get_supported_nist_curve(level);
+			if (curve == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+				goto cleanup;
+			}
+
+			/* P-192 is not supported in FIPS 140-3 */
+			if (level == GNUTLS_ECC_CURVE_SECP192R1) {
+				not_approved = true;
+			}
+
+			mpz_init(x);
+			mpz_init(y);
+			mpz_init(xx);
+			mpz_init(yy);
+			mpz_init(nn);
+			mpz_init(mm);
+
+			ecc_scalar_init(&key, curve);
+			ecc_point_init(&pub, curve);
+			ecc_scalar_init(&n, curve);
+			ecc_scalar_init(&m, curve);
+			ecc_point_init(&r, curve);
+
+			ecdsa_generate_keypair(&pub, &key, NULL, rnd_func);
+			if (HAVE_LIB_ERROR()) {
+				ret = gnutls_assert_val(GNUTLS_E_LIB_IN_ERROR_STATE);
+				goto ecc_fail;
+			}
+
+			ret = _gnutls_mpi_init_multi(&params->params[ECC_X], &params->params[ECC_Y],
+					&params->params[ECC_K], NULL);
+			if (ret < 0) {
+				gnutls_assert();
+				goto ecc_fail;
+			}
+
+			params->curve = level;
+			params->params_nr = ECC_PRIVATE_PARAMS;
+
+			ecc_point_get(&pub, x, y);
+
+#ifdef ENABLE_FIPS140
+			if (_gnutls_fips_mode_enabled()) {
+				/* Perform ECC full public key validation checks
+				 * according to SP800-56A (revision 3), 5.6.2.3.3.
+				 */
+
+				const char *order, *modulus;
+
+				/* Step 1: verify that Q is not an identity
+				 * element (an infinity point).  Note that this
+				 * cannot happen in the nettle implementation,
+				 * because it cannot represent an infinity point
+				 * on curves. */
+				if (mpz_cmp_ui(x, 0) == 0 && mpz_cmp_ui(y, 0) == 0) {
+					ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+					goto ecc_fail;
+				}
+
+				/* Step 2: verify that both coordinates of Q are
+				 * in the range [0, p - 1].
+				 *
+				 * Step 3: verify that Q lie on the curve
+				 *
+				 * Both checks are performed in nettle.  */
+				if (!ecc_point_set(&r, x, y)) {
+					ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+					goto ecc_fail;
+				}
+
+				/* Step 4: verify that n * Q, where n is the
+				 * curve order, result in an identity element
+				 *
+				 * Since nettle internally cannot represent an
+				 * identity element on curves, we validate this
+				 * instead:
+				 *
+				 *   (n - 1) * Q = -Q
+				 *
+				 * That effectively means: n * Q = -Q + Q = O
+				 */
+				order = get_supported_nist_curve_order(level);
+				if (unlikely(order == NULL)) {
+					ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+					goto ecc_fail;
+				}
+
+				ret = mpz_set_str(nn, order, 16);
+				if (unlikely(ret < 0)) {
+					ret = gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED);
+					goto ecc_fail;
+				}
+
+				modulus = get_supported_nist_curve_modulus(level);
+				if (unlikely(modulus == NULL)) {
+					ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+					goto ecc_fail;
+				}
+
+				ret = mpz_set_str(mm, modulus, 16);
+				if (unlikely(ret < 0)) {
+					ret = gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED);
+					goto ecc_fail;
+				}
+
+				/* (n - 1) * Q = -Q */
+				mpz_sub_ui (nn, nn, 1);
+				ecc_scalar_set(&n, nn);
+				ecc_point_mul(&r, &n, &r);
+				ecc_point_get(&r, xx, yy);
+				mpz_sub (mm, mm, y);
+
+				if (mpz_cmp(xx, x) != 0 || mpz_cmp(yy, mm) != 0) {
+					ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+					goto ecc_fail;
+				}
+			} else {
+				not_approved = true;
+			}
+#endif
+
+			mpz_set(TOMPZ(params->params[ECC_X]), x);
+			mpz_set(TOMPZ(params->params[ECC_Y]), y);
+
+			ecc_scalar_get(&key, TOMPZ(params->params[ECC_K]));
+
+			ret = 0;
+
+		      ecc_fail:
+			mpz_clear(x);
+			mpz_clear(y);
+			mpz_clear(xx);
+			mpz_clear(yy);
+			mpz_clear(nn);
+			mpz_clear(mm);
+			ecc_point_clear(&pub);
+			ecc_scalar_clear(&key);
+			ecc_point_clear(&r);
+			ecc_scalar_clear(&n);
+			ecc_scalar_clear(&m);
+
+			if (ret < 0)
+				goto cleanup;
+
+			break;
+		}
+#if ENABLE_GOST
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		if (params->pkflags & GNUTLS_PK_FLAG_PROVABLE)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		{
+			struct ecc_scalar key;
+			struct ecc_point pub;
+			const struct ecc_curve *curve;
+			const mac_entry_st *me;
+
+			/* GOST curves are not approved */
+			not_approved = true;
+
+			curve = get_supported_gost_curve(level);
+			if (curve == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+				goto cleanup;
+			}
+
+			me = hash_to_entry(_gnutls_gost_digest(algo));
+			if (!me || me->output_size * 8 != ecc_bit_size(curve)) {
+				ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+				goto cleanup;
+			}
+
+			ecc_scalar_init(&key, curve);
+			ecc_point_init(&pub, curve);
+
+			gostdsa_generate_keypair(&pub, &key, NULL, rnd_key_func);
+			if (HAVE_LIB_ERROR()) {
+				ret = gnutls_assert_val(GNUTLS_E_LIB_IN_ERROR_STATE);
+				goto ecc_fail;
+			}
+
+
+			ret = _gnutls_mpi_init_multi(&params->params[GOST_X], &params->params[GOST_Y],
+					&params->params[GOST_K], NULL);
+			if (ret < 0) {
+				gnutls_assert();
+				goto gost_fail;
+			}
+
+			params->curve = level;
+			params->params_nr = GOST_PRIVATE_PARAMS;
+
+			ecc_point_get(&pub, TOMPZ(params->params[GOST_X]),
+				      TOMPZ(params->params[GOST_Y]));
+			ecc_scalar_get(&key, TOMPZ(params->params[GOST_K]));
+
+			ret = 0;
+
+		      gost_fail:
+			ecc_point_clear(&pub);
+			ecc_scalar_clear(&key);
+
+			if (ret < 0)
+				goto cleanup;
+
+			break;
+		}
+#endif
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_ECDH_X448:
+		{
+			unsigned size = gnutls_ecc_curve_get_size(level);
+
+			not_approved = true;
+
+			if (size == 0) {
+				ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+				goto cleanup;
+			}
+
+			params->curve = level;
+
+			params->raw_priv.data = gnutls_malloc(size);
+			if (params->raw_priv.data == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				goto cleanup;
+			}
+
+			params->raw_pub.data = gnutls_malloc(size);
+			if (params->raw_pub.data == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				goto cleanup;
+			}
+
+			ret = gnutls_rnd(rnd_level, params->raw_priv.data, size);
+			if (ret < 0) {
+				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				goto cleanup;
+			}
+			params->raw_pub.size = size;
+			params->raw_priv.size = size;
+
+			ret = edwards_curve_mul_g(algo, params->raw_pub.data, params->raw_priv.data);
+			if (ret < 0)
+				goto cleanup;
+			break;
+		}
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	params->algo = algo;
+
+#ifdef ENABLE_FIPS140
+	ret = pct_test(algo, params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+#endif
+
+ cleanup:
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		for (i = 0; i < params->params_nr; i++) {
+			_gnutls_mpi_release(&params->params[i]);
+		}
+		params->params_nr = 0;
+		gnutls_free(params->raw_priv.data);
+		gnutls_free(params->raw_pub.data);
+	} else if (not_approved) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+
+	FAIL_IF_LIB_ERROR;
+	return ret;
+}
+
+
+static int
+wrap_nettle_pk_verify_priv_params(gnutls_pk_algorithm_t algo,
+			     const gnutls_pk_params_st * params)
+{
+	int ret;
+
+	switch (algo) {
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_RSA_PSS:
+		{
+			bigint_t t1 = NULL, t2 = NULL;
+
+			if (params->params_nr != RSA_PRIVATE_PARAMS)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_INVALID_REQUEST);
+
+			ret = _gnutls_mpi_init_multi(&t1, &t2, NULL);
+			if (ret < 0)
+				return
+				    gnutls_assert_val(ret);
+
+			_gnutls_mpi_mulm(t1, params->params[RSA_PRIME1],
+					 params->params[RSA_PRIME2],
+					 params->params[RSA_MODULUS]);
+			if (_gnutls_mpi_cmp_ui(t1, 0) != 0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_ILLEGAL_PARAMETER);
+				goto rsa_cleanup;
+			}
+
+			mpz_invert(TOMPZ(t1),
+				   TOMPZ(params->params[RSA_PRIME2]),
+				   TOMPZ(params->params[RSA_PRIME1]));
+			if (_gnutls_mpi_cmp(t1, params->params[RSA_COEF])
+			    != 0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_ILLEGAL_PARAMETER);
+				goto rsa_cleanup;
+			}
+
+			/* [RSA_PRIME1] = d % p-1, [RSA_PRIME2] = d % q-1 */
+			_gnutls_mpi_sub_ui(t1, params->params[RSA_PRIME1],
+					   1);
+			ret = _gnutls_mpi_modm(t2, params->params[RSA_PRIV], t1);
+			if (ret < 0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_MEMORY_ERROR);
+				goto rsa_cleanup;
+			}
+
+			if (_gnutls_mpi_cmp(params->params[RSA_E1], t2) !=
+			    0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_ILLEGAL_PARAMETER);
+				goto rsa_cleanup;
+			}
+
+			_gnutls_mpi_sub_ui(t1, params->params[RSA_PRIME2],
+					   1);
+
+			ret = _gnutls_mpi_modm(t2, params->params[RSA_PRIV], t1);
+			if (ret < 0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_MEMORY_ERROR);
+				goto rsa_cleanup;
+			}
+
+			if (_gnutls_mpi_cmp(params->params[RSA_E2], t2) !=
+			    0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_ILLEGAL_PARAMETER);
+				goto rsa_cleanup;
+			}
+
+			ret = 0;
+
+		      rsa_cleanup:
+			zrelease_mpi_key(&t1);
+			zrelease_mpi_key(&t2);
+		}
+
+		break;
+	case GNUTLS_PK_DSA:
+		{
+			bigint_t t1 = NULL;
+
+			if (params->params_nr != DSA_PRIVATE_PARAMS)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_INVALID_REQUEST);
+
+			ret = _gnutls_mpi_init(&t1);
+			if (ret < 0)
+				return
+				    gnutls_assert_val(ret);
+
+			ret = _gnutls_mpi_powm(t1, params->params[DSA_G],
+					 params->params[DSA_X],
+					 params->params[DSA_P]);
+			if (ret < 0) {
+				gnutls_assert();
+				goto dsa_cleanup;
+			}
+
+			if (_gnutls_mpi_cmp(t1, params->params[DSA_Y]) !=
+			    0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_ILLEGAL_PARAMETER);
+				goto dsa_cleanup;
+			}
+
+			ret = 0;
+
+		      dsa_cleanup:
+			zrelease_mpi_key(&t1);
+		}
+
+		break;
+	case GNUTLS_PK_ECDSA:
+		{
+			struct ecc_point r, pub;
+			struct ecc_scalar priv;
+			mpz_t x1, y1, x2, y2;
+			const struct ecc_curve *curve;
+
+			if (params->params_nr != ECC_PRIVATE_PARAMS)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_INVALID_REQUEST);
+
+			curve = get_supported_nist_curve(params->curve);
+			if (curve == NULL)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+
+			ret = _ecc_params_to_pubkey(params, &pub, curve);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			ret = _ecc_params_to_privkey(params, &priv, curve);
+			if (ret < 0) {
+				ecc_point_clear(&pub);
+				return gnutls_assert_val(ret);
+			}
+
+			ecc_point_init(&r, curve);
+			/* verify that x,y lie on the curve */
+			ret =
+			    ecc_point_set(&r, TOMPZ(params->params[ECC_X]),
+					  TOMPZ(params->params[ECC_Y]));
+			if (ret == 0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_ILLEGAL_PARAMETER);
+				goto ecc_cleanup;
+			}
+			ecc_point_clear(&r);
+
+			ecc_point_init(&r, curve);
+			ecc_point_mul_g(&r, &priv);
+
+			mpz_init(x1);
+			mpz_init(y1);
+			ecc_point_get(&r, x1, y1);
+			ecc_point_zclear(&r);
+
+			mpz_init(x2);
+			mpz_init(y2);
+			ecc_point_get(&pub, x2, y2);
+
+			/* verify that k*(Gx,Gy)=(x,y) */
+			if (mpz_cmp(x1, x2) != 0 || mpz_cmp(y1, y2) != 0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_ILLEGAL_PARAMETER);
+				goto ecc_cleanup;
+			}
+
+			ret = 0;
+
+		      ecc_cleanup:
+			ecc_scalar_zclear(&priv);
+			ecc_point_clear(&pub);
+
+			mpz_clear(x1);
+			mpz_clear(y1);
+			mpz_clear(x2);
+			mpz_clear(y2);
+		}
+		break;
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448: {
+		gnutls_ecc_curve_t curve;
+		const gnutls_ecc_curve_entry_st *e;
+		uint8_t pub[57]; /* can accommodate both curves */
+
+		curve = get_eddsa_curve(algo);
+		e = _gnutls_ecc_curve_get_params(curve);
+		if (e == NULL)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		if (params->raw_pub.data == NULL) {
+			return 0; /* nothing to verify */
+		}
+
+		if (params->raw_pub.size != e->size)
+			return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+		ret = eddsa_public_key(algo, pub, params->raw_priv.data);
+		if (ret < 0)
+			return ret;
+
+		if (memcmp(params->raw_pub.data, pub, e->size) != 0)
+			return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+		ret = 0;
+		break;
+	}
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_ECDH_X448: {
+		gnutls_ecc_curve_t curve;
+		const gnutls_ecc_curve_entry_st *e;
+		uint8_t pub[57]; /* can accommodate both curves */
+
+		curve = get_ecdh_curve(algo);
+		e = _gnutls_ecc_curve_get_params(curve);
+		if (e == NULL)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		if (params->raw_pub.data == NULL) {
+			return 0; /* nothing to verify */
+		}
+
+		if (params->raw_pub.size != e->size)
+			return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+		ret = edwards_curve_mul_g(algo, pub, params->raw_priv.data);
+		if (ret < 0)
+			return ret;
+
+		if (memcmp(params->raw_pub.data, pub, e->size) != 0)
+			return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+		ret = 0;
+                break;
+        }
+#if ENABLE_GOST
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		{
+			struct ecc_point r, pub;
+			struct ecc_scalar priv;
+			mpz_t x1, y1, x2, y2;
+			const struct ecc_curve *curve;
+
+			if (params->params_nr != GOST_PRIVATE_PARAMS)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_INVALID_REQUEST);
+
+			curve = get_supported_gost_curve(params->curve);
+			if (curve == NULL)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+
+			ret = _gost_params_to_pubkey(params, &pub, curve);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			ret = _gost_params_to_privkey(params, &priv, curve);
+			if (ret < 0) {
+				ecc_point_clear(&pub);
+				return gnutls_assert_val(ret);
+			}
+
+			ecc_point_init(&r, curve);
+			/* verify that x,y lie on the curve */
+			ret =
+			    gost_point_set(&r, TOMPZ(params->params[GOST_X]),
+					  TOMPZ(params->params[GOST_Y]));
+			if (ret == 0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_ILLEGAL_PARAMETER);
+				goto gost_cleanup;
+			}
+			ecc_point_clear(&r);
+
+			ecc_point_init(&r, curve);
+			gost_point_mul_g(&r, &priv);
+
+			mpz_init(x1);
+			mpz_init(y1);
+			ecc_point_get(&r, x1, y1);
+			ecc_point_zclear(&r);
+
+			mpz_init(x2);
+			mpz_init(y2);
+			ecc_point_get(&pub, x2, y2);
+
+			/* verify that k*(Gx,Gy)=(x,y) */
+			if (mpz_cmp(x1, x2) != 0 || mpz_cmp(y1, y2) != 0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_ILLEGAL_PARAMETER);
+				goto gost_cleanup;
+			}
+
+			ret = 0;
+
+		      gost_cleanup:
+			ecc_scalar_zclear(&priv);
+			ecc_point_clear(&pub);
+
+			mpz_clear(x1);
+			mpz_clear(y1);
+			mpz_clear(x2);
+			mpz_clear(y2);
+		}
+		break;
+#endif
+	default:
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	return ret;
+}
+
+static int
+wrap_nettle_pk_verify_pub_params(gnutls_pk_algorithm_t algo,
+			     const gnutls_pk_params_st * params)
+{
+	int ret;
+
+	switch (algo) {
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_RSA_PSS:
+	case GNUTLS_PK_DSA:
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+		return 0;
+	case GNUTLS_PK_ECDSA:
+		{
+			/* just verify that x and y lie on the curve */
+			struct ecc_point r, pub;
+			const struct ecc_curve *curve;
+
+			if (params->params_nr != ECC_PUBLIC_PARAMS)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_INVALID_REQUEST);
+
+			curve = get_supported_nist_curve(params->curve);
+			if (curve == NULL)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+
+			ret = _ecc_params_to_pubkey(params, &pub, curve);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			ecc_point_init(&r, curve);
+			/* verify that x,y lie on the curve */
+			ret =
+			    ecc_point_set(&r, TOMPZ(params->params[ECC_X]),
+					  TOMPZ(params->params[ECC_Y]));
+			if (ret == 0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_ILLEGAL_PARAMETER);
+				goto ecc_cleanup;
+			}
+			ecc_point_clear(&r);
+
+			ret = 0;
+
+		      ecc_cleanup:
+			ecc_point_clear(&pub);
+		}
+		break;
+#if ENABLE_GOST
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		{
+			/* just verify that x and y lie on the curve */
+			struct ecc_point r, pub;
+			const struct ecc_curve *curve;
+
+			if (params->params_nr != GOST_PUBLIC_PARAMS)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_INVALID_REQUEST);
+
+			curve = get_supported_gost_curve(params->curve);
+			if (curve == NULL)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+
+			ret = _gost_params_to_pubkey(params, &pub, curve);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			ecc_point_init(&r, curve);
+			/* verify that x,y lie on the curve */
+			ret =
+			    ecc_point_set(&r, TOMPZ(params->params[GOST_X]),
+					  TOMPZ(params->params[GOST_Y]));
+			if (ret == 0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_ILLEGAL_PARAMETER);
+				goto gost_cleanup;
+			}
+			ecc_point_clear(&r);
+
+			ret = 0;
+
+		      gost_cleanup:
+			ecc_point_clear(&pub);
+		}
+		break;
+#endif
+	default:
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	return ret;
+}
+
+static int calc_rsa_exp(gnutls_pk_params_st * params)
+{
+	bigint_t tmp;
+	int ret;
+
+	if (params->params_nr < RSA_PRIVATE_PARAMS - 2) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	params->params[RSA_E1] = params->params[RSA_E2] = NULL;
+
+	ret = _gnutls_mpi_init_multi(&tmp, &params->params[RSA_E1], &params->params[RSA_E2], NULL);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* [6] = d % p-1, [7] = d % q-1 */
+	_gnutls_mpi_sub_ui(tmp, params->params[RSA_PRIME1], 1);
+	ret =
+	    _gnutls_mpi_modm(params->params[RSA_E1], params->params[RSA_PRIV] /*d */ , tmp);
+	if (ret < 0)
+		goto fail;
+
+	_gnutls_mpi_sub_ui(tmp, params->params[RSA_PRIME2], 1);
+	ret =
+	    _gnutls_mpi_modm(params->params[RSA_E2], params->params[RSA_PRIV] /*d */ , tmp);
+	if (ret < 0)
+		goto fail;
+
+	zrelease_mpi_key(&tmp);
+
+	return 0;
+
+fail:
+	zrelease_mpi_key(&tmp);
+	zrelease_mpi_key(&params->params[RSA_E1]);
+	zrelease_mpi_key(&params->params[RSA_E2]);
+
+	return ret;
+}
+
+static int calc_rsa_priv(gnutls_pk_params_st * params)
+{
+	bigint_t lcm, p1, q1;
+	int ret;
+
+	params->params[RSA_PRIV] = NULL;
+
+	ret = _gnutls_mpi_init_multi(&params->params[RSA_PRIV], &lcm, &p1, &q1, NULL);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* lcm(p - 1, q - 1) */
+	mpz_sub_ui(p1, params->params[RSA_PRIME1], 1);
+	mpz_sub_ui(q1, params->params[RSA_PRIME2], 1);
+	mpz_lcm(lcm, p1, q1);
+
+	zrelease_mpi_key(&p1);
+	zrelease_mpi_key(&q1);
+
+	/* d = e^{-1} (mod lcm) */
+	ret = mpz_invert(params->params[RSA_PRIV], params->params[RSA_PUB], lcm);
+
+	zrelease_mpi_key(&lcm);
+
+	if (ret == 0) {
+		zrelease_mpi_key(&params->params[RSA_PRIV]);
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return 0;
+}
+
+static int calc_dsa_pub(gnutls_pk_params_st * params)
+{
+	int ret;
+
+	params->params[DSA_Y] = NULL;
+
+	ret = _gnutls_mpi_init(&params->params[DSA_Y]);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* y = g^x mod p */
+	ret = _gnutls_mpi_powm(params->params[DSA_Y], params->params[DSA_G],
+			params->params[DSA_X], params->params[DSA_P]);
+	if (ret < 0) {
+		zrelease_mpi_key(&params->params[DSA_Y]);
+		return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+static int
+wrap_nettle_pk_fixup(gnutls_pk_algorithm_t algo,
+		     gnutls_direction_t direction,
+		     gnutls_pk_params_st * params)
+{
+	int ret;
+
+	if (direction != GNUTLS_IMPORT)
+		return 0;
+
+	if (algo == GNUTLS_PK_RSA) {
+		struct rsa_private_key priv;
+
+		if (params->params[RSA_PRIV] == NULL) {
+			ret = calc_rsa_priv(params);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+			params->params_nr++;
+		}
+
+		/* do not trust the generated values. Some old private keys
+		 * generated by us have mess on the values. Those were very
+		 * old but it seemed some of the shipped example private
+		 * keys were as old.
+		 */
+		if (params->params_nr < RSA_PRIVATE_PARAMS - 3)
+			return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY);
+
+		if (params->params[RSA_COEF] == NULL) {
+			ret = _gnutls_mpi_init(&params->params[RSA_COEF]);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+
+		if (mpz_cmp_ui(TOMPZ(params->params[RSA_PRIME1]), 0) == 0)
+			return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY);
+
+		if (mpz_invert(TOMPZ(params->params[RSA_COEF]),
+			       TOMPZ(params->params[RSA_PRIME2]),
+			       TOMPZ(params->params[RSA_PRIME1])) == 0)
+			return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY);
+
+		/* calculate exp1 [6] and exp2 [7] */
+		zrelease_mpi_key(&params->params[RSA_E1]);
+		zrelease_mpi_key(&params->params[RSA_E2]);
+
+		/* marks RSA_COEF as present */
+		params->params_nr = RSA_PRIVATE_PARAMS - 2;
+		ret = calc_rsa_exp(params);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		params->params_nr = RSA_PRIVATE_PARAMS;
+
+		/* perform nettle's internal checks */
+		_rsa_params_to_privkey(params, &priv);
+		ret = rsa_private_key_prepare(&priv);
+		if (ret == 0) {
+			return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY);
+		}
+	} else if (algo == GNUTLS_PK_EDDSA_ED25519 ||
+		   algo == GNUTLS_PK_EDDSA_ED448) {
+		if (unlikely(get_eddsa_curve(algo) != params->curve))
+			return gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+
+		if (params->raw_priv.data == NULL)
+			return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY);
+
+		if (params->raw_pub.data == NULL) {
+			params->raw_pub.data = gnutls_malloc(params->raw_priv.size);
+		}
+
+		if (params->raw_pub.data == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		ret = eddsa_public_key(algo,
+				       params->raw_pub.data,
+				       params->raw_priv.data);
+		if (ret < 0) {
+			gnutls_free(params->raw_pub.data);
+			return ret;
+		}
+
+		params->raw_pub.size = params->raw_priv.size;
+	} else if (algo == GNUTLS_PK_ECDH_X25519 ||
+		   algo == GNUTLS_PK_ECDH_X448) {
+		if (unlikely(get_ecdh_curve(algo) != params->curve))
+			return gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+
+		if (params->raw_priv.data == NULL)
+			return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY);
+
+		if (params->raw_pub.data == NULL) {
+			params->raw_pub.data = gnutls_malloc(params->raw_priv.size);
+		}
+
+		if (params->raw_pub.data == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		ret = edwards_curve_mul_g(algo,
+					  params->raw_pub.data,
+					  params->raw_priv.data);
+		if (ret < 0) {
+			gnutls_free(params->raw_pub.data);
+			return ret;
+		}
+
+		params->raw_pub.size = params->raw_priv.size;
+	} else if (algo == GNUTLS_PK_RSA_PSS) {
+		if (params->params_nr < RSA_PRIVATE_PARAMS - 3)
+			return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY);
+
+		if (params->spki.rsa_pss_dig != 0) {
+			unsigned pub_size = nettle_mpz_sizeinbase_256_u(TOMPZ(params->params[RSA_MODULUS]));
+			/* sanity check for private key */
+			CHECK_INVALID_RSA_PSS_PARAMS(gnutls_hash_get_len(params->spki.rsa_pss_dig),
+						     params->spki.salt_size, pub_size,
+						     GNUTLS_E_PK_INVALID_PUBKEY_PARAMS);
+		}
+	} else if (algo == GNUTLS_PK_DSA) {
+		if (params->params[DSA_Y] == NULL) {
+			ret = calc_dsa_pub(params);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+			params->params_nr++;
+		}
+	}
+#if ENABLE_GOST
+	else if (algo == GNUTLS_PK_GOST_01 ||
+		 algo == GNUTLS_PK_GOST_12_256 ||
+		 algo == GNUTLS_PK_GOST_12_512) {
+		struct ecc_point r;
+		struct ecc_scalar priv;
+		const struct ecc_curve *curve;
+
+		if (params->params_nr != GOST_PRIVATE_PARAMS)
+			return gnutls_assert_val
+				(GNUTLS_E_INVALID_REQUEST);
+
+		curve = get_supported_gost_curve(params->curve);
+		if (curve == NULL)
+			return gnutls_assert_val
+				(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+
+		if (ecc_bit_size(curve) < _gnutls_mpi_get_nbits(params->params[GOST_K]))
+			gostdsa_unmask_key(curve, TOMPZ(params->params[GOST_K]));
+
+		ret = _gost_params_to_privkey(params, &priv, curve);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		ecc_point_init(&r, curve);
+		gost_point_mul_g(&r, &priv);
+
+		ecc_point_get(&r, params->params[GOST_X],
+				  params->params[GOST_Y]);
+
+		ecc_point_clear(&r);
+		ecc_scalar_clear(&priv);
+	}
+#endif
+
+	return 0;
+}
+
+int crypto_pk_prio = INT_MAX;
+
+gnutls_crypto_pk_st _gnutls_pk_ops = {
+	.encrypt = _wrap_nettle_pk_encrypt,
+	.decrypt = _wrap_nettle_pk_decrypt,
+	.decrypt2 = _wrap_nettle_pk_decrypt2,
+	.sign = _wrap_nettle_pk_sign,
+	.verify = _wrap_nettle_pk_verify,
+	.verify_priv_params = wrap_nettle_pk_verify_priv_params,
+	.verify_pub_params = wrap_nettle_pk_verify_pub_params,
+	.generate_params = wrap_nettle_pk_generate_params,
+	.generate_keys = wrap_nettle_pk_generate_keys,
+	.pk_fixup_private_params = wrap_nettle_pk_fixup,
+	.derive = _wrap_nettle_pk_derive,
+	.curve_exists = _wrap_nettle_pk_curve_exists,
+	.pk_exists = _wrap_nettle_pk_exists,
+	.sign_exists = _wrap_nettle_pk_sign_exists
+};
diff --git a/lib/nettle/prf.c b/lib/nettle/prf.c
new file mode 100644
index 0000000..631ba3b
--- /dev/null
+++ b/lib/nettle/prf.c
@@ -0,0 +1,139 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include <gnutls_int.h>
+#include "int/tls1-prf.h"
+#include <nettle/hmac.h>
+#if ENABLE_GOST
+#include "gost/hmac-gost.h"
+#endif
+
+/*-
+ * _gnutls_prf_raw:
+ * @mac: the MAC algorithm to use, set to %GNUTLS_MAC_MD5_SHA1 for the TLS1.0 mac
+ * @master_size: length of the @master variable.
+ * @master: the master secret used in PRF computation
+ * @label_size: length of the @label variable.
+ * @label: label used in PRF computation, typically a short string.
+ * @seed_size: length of the @seed variable.
+ * @seed: optional extra data to seed the PRF with.
+ * @outsize: size of pre-allocated output buffer to hold the output.
+ * @out: pre-allocated buffer to hold the generated data.
+ *
+ * Apply the TLS Pseudo-Random-Function (PRF) on the master secret
+ * and the provided data.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ -*/
+int
+_gnutls_prf_raw(gnutls_mac_algorithm_t mac,
+		size_t master_size, const void *master,
+		size_t label_size, const char *label,
+		size_t seed_size, const uint8_t *seed, size_t outsize, char *out)
+{
+	int ret;
+
+	switch (mac) {
+	case GNUTLS_MAC_MD5_SHA1:
+		tls10_prf(master_size, (uint8_t*)master, label_size, label,
+			  seed_size, seed, outsize, (uint8_t*)out);
+		return 0;
+	case GNUTLS_MAC_SHA256:{
+		struct hmac_sha256_ctx ctx;
+		hmac_sha256_set_key(&ctx, master_size, (uint8_t*)master);
+
+		ret = tls12_prf(&ctx,
+			  (nettle_hash_update_func *)
+			  hmac_sha256_update,
+			  (nettle_hash_digest_func *)
+			  hmac_sha256_digest, SHA256_DIGEST_SIZE,
+			  label_size, label, seed_size,
+			  seed, outsize,
+			  (uint8_t*)out);
+
+		if (unlikely(ret != 1))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		break;
+	}
+	case GNUTLS_MAC_SHA384:{
+		struct hmac_sha384_ctx ctx;
+		hmac_sha384_set_key(&ctx, master_size, master);
+
+		ret = tls12_prf(&ctx,
+			  (nettle_hash_update_func *)
+			  hmac_sha384_update,
+			  (nettle_hash_digest_func *)
+			  hmac_sha384_digest, SHA384_DIGEST_SIZE,
+			  label_size, label, seed_size,
+			  seed, outsize,
+			  (uint8_t*)out);
+
+		if (unlikely(ret != 1))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		break;
+	}
+#if ENABLE_GOST
+	case GNUTLS_MAC_STREEBOG_256:{
+		struct hmac_streebog256_ctx ctx;
+		hmac_streebog256_set_key(&ctx, master_size, master);
+
+		ret = tls12_prf(&ctx,
+			  (nettle_hash_update_func *)
+			  hmac_streebog256_update,
+			  (nettle_hash_digest_func *)
+			  hmac_streebog256_digest, STREEBOG256_DIGEST_SIZE,
+			  label_size, label, seed_size,
+			  seed, outsize,
+			  (uint8_t*)out);
+
+		if (unlikely(ret != 1))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		break;
+	}
+	case GNUTLS_MAC_STREEBOG_512:{
+		struct hmac_streebog512_ctx ctx;
+		hmac_streebog512_set_key(&ctx, master_size, master);
+
+		ret = tls12_prf(&ctx,
+			  (nettle_hash_update_func *)
+			  hmac_streebog512_update,
+			  (nettle_hash_digest_func *)
+			  hmac_streebog512_digest, STREEBOG512_DIGEST_SIZE,
+			  label_size, label, seed_size,
+			  seed, outsize,
+			  (uint8_t*)out);
+
+		if (unlikely(ret != 1))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		break;
+	}
+#endif
+	default:
+		gnutls_assert();
+		_gnutls_debug_log("unhandled PRF %s\n",
+				  gnutls_mac_get_name(mac));
+		return GNUTLS_E_INVALID_REQUEST;
+
+	}
+
+	return 0;
+}
diff --git a/lib/nettle/rnd-common.h b/lib/nettle/rnd-common.h
new file mode 100644
index 0000000..025fe02
--- /dev/null
+++ b/lib/nettle/rnd-common.h
@@ -0,0 +1,45 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2000, 2001, 2008 Niels Möller
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_NETTLE_RND_COMMON_H
+#define GNUTLS_LIB_NETTLE_RND_COMMON_H
+
+#include "gnutls_int.h"
+#ifdef HAVE_GETPID
+# include <unistd.h>		/* getpid */
+#endif
+#ifdef HAVE_GETRUSAGE
+# include <sys/resource.h>
+#endif
+
+#include <fips.h>
+
+int _rnd_system_entropy_init(void);
+void _rnd_system_entropy_deinit(void);
+
+typedef int (*get_entropy_func)(void* rnd, size_t size);
+
+extern get_entropy_func _rnd_get_system_entropy;
+
+
+#endif /* GNUTLS_LIB_NETTLE_RND_COMMON_H */
diff --git a/lib/nettle/rnd-fips.c b/lib/nettle/rnd-fips.c
new file mode 100644
index 0000000..35ad618
--- /dev/null
+++ b/lib/nettle/rnd-fips.c
@@ -0,0 +1,308 @@
+/*
+ * Copyright (C) 2013-2017 Red Hat
+ *
+ * This file is part of GnuTLS.
+ *
+ * Libgcrypt is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * Libgcrypt is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <drbg-aes.h>
+#include <fips.h>
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <nettle/sha2.h>
+#include <atfork.h>
+#include <rnd-common.h>
+
+/* The block size is chosen arbitrarily */
+#define ENTROPY_BLOCK_SIZE SHA256_DIGEST_SIZE
+
+/* This provides a random generator for gnutls. It uses
+ * two instances of the DRBG-AES-CTR generator, one for
+ * nonce level and another for the other levels of randomness.
+ */
+struct fips_ctx {
+	struct drbg_aes_ctx nonce_context;
+	struct drbg_aes_ctx normal_context;
+	unsigned int forkid;
+	uint8_t entropy_hash[SHA256_DIGEST_SIZE];
+};
+
+static int _rngfips_ctx_reinit(struct fips_ctx *fctx);
+static int _rngfips_ctx_init(struct fips_ctx *fctx);
+static int drbg_reseed(struct fips_ctx *fctx, struct drbg_aes_ctx *ctx);
+static int get_entropy(struct fips_ctx *fctx, uint8_t *buffer, size_t length);
+
+static int get_random(struct drbg_aes_ctx *ctx, struct fips_ctx *fctx,
+		      void *buffer, size_t length)
+{
+	int ret;
+
+	if ( _gnutls_detect_fork(fctx->forkid) != 0) {
+		ret = _rngfips_ctx_reinit(fctx);
+		if (ret < 0) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	if (ctx->reseed_counter > DRBG_AES_RESEED_TIME) {
+		ret = drbg_reseed(fctx, ctx);
+		if (ret < 0) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	ret = drbg_aes_random(ctx, length, buffer);
+	if (ret == 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_RANDOM_FAILED);
+	}
+
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	return 0;
+}
+
+static int get_entropy(struct fips_ctx *fctx, uint8_t *buffer, size_t length)
+{
+	int ret;
+	uint8_t block[ENTROPY_BLOCK_SIZE];
+	uint8_t hash[SHA256_DIGEST_SIZE];
+	struct sha256_ctx ctx;
+	size_t total = 0;
+
+	/* For FIPS 140-2 4.9.2 continuous random number generator
+	 * test, iteratively fetch fixed sized block from the system
+	 * RNG and compare consecutive blocks.
+	 *
+	 * Note that we store the hash of the entropy block rather
+	 * than the block itself for backward secrecy.
+	 */
+	while (total < length) {
+		ret = _rnd_get_system_entropy(block, ENTROPY_BLOCK_SIZE);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		sha256_init(&ctx);
+		sha256_update(&ctx, sizeof(block), block);
+		sha256_digest(&ctx, sizeof(hash), hash);
+
+		if (memcmp(hash, fctx->entropy_hash, sizeof(hash)) == 0) {
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			_gnutls_switch_lib_state(LIB_STATE_ERROR);
+			return gnutls_assert_val(GNUTLS_E_RANDOM_FAILED);
+		}
+		memcpy(fctx->entropy_hash, hash, sizeof(hash));
+
+		memcpy(buffer, block, MIN(length - total, sizeof(block)));
+		total += sizeof(block);
+		buffer += sizeof(block);
+	}
+	zeroize_key(block, sizeof(block));
+
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	return 0;
+}
+
+#define PSTRING "gnutls-rng"
+#define PSTRING_SIZE (sizeof(PSTRING)-1)
+static int drbg_init(struct fips_ctx *fctx, struct drbg_aes_ctx *ctx)
+{
+	uint8_t buffer[DRBG_AES_SEED_SIZE];
+	int ret;
+
+	ret = get_entropy(fctx, buffer, sizeof(buffer));
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+
+	ret = drbg_aes_init(ctx, sizeof(buffer), buffer,
+			    PSTRING_SIZE, (void*)PSTRING);
+	zeroize_key(buffer, sizeof(buffer));
+	if (ret == 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_RANDOM_FAILED);
+	}
+
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	return GNUTLS_E_SUCCESS;
+}
+
+/* Reseed a generator. */
+static int drbg_reseed(struct fips_ctx *fctx, struct drbg_aes_ctx *ctx)
+{
+	uint8_t buffer[DRBG_AES_SEED_SIZE];
+	int ret;
+
+	ret = get_entropy(fctx, buffer, sizeof(buffer));
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(ret);
+	}
+
+	ret = drbg_aes_reseed(ctx, sizeof(buffer), buffer, 0, NULL);
+	zeroize_key(buffer, sizeof(buffer));
+	if (ret == 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_RANDOM_FAILED);
+	}
+
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	return GNUTLS_E_SUCCESS;
+}
+
+static int _rngfips_ctx_init(struct fips_ctx *fctx)
+{
+	uint8_t block[ENTROPY_BLOCK_SIZE];
+	struct sha256_ctx ctx;
+	int ret;
+
+	/* For FIPS 140-2 4.9.2 continuous random number generator
+	 * test, get the initial entropy from the system RNG and keep
+	 * it for comparison.
+	 *
+	 * Note that we store the hash of the entropy block rather
+	 * than the block itself for backward secrecy.
+	 */
+	ret = _rnd_get_system_entropy(block, sizeof(block));
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+	sha256_init(&ctx);
+	sha256_update(&ctx, sizeof(block), block);
+	zeroize_key(block, sizeof(block));
+	sha256_digest(&ctx, sizeof(fctx->entropy_hash), fctx->entropy_hash);
+
+	/* normal */
+	ret = drbg_init(fctx, &fctx->normal_context);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* nonce */
+	ret = drbg_init(fctx, &fctx->nonce_context);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	fctx->forkid = _gnutls_get_forkid();
+
+	return 0;
+}
+
+static int _rngfips_ctx_reinit(struct fips_ctx *fctx)
+{
+	int ret;
+
+	/* normal */
+	ret = drbg_reseed(fctx, &fctx->normal_context);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* nonce */
+	ret = drbg_reseed(fctx, &fctx->nonce_context);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	fctx->forkid = _gnutls_get_forkid();
+
+	return 0;
+}
+
+/* Initialize this random subsystem. */
+static int _rngfips_init(void **_ctx)
+{
+/* Basic initialization is required to
+   do a few checks on the implementation.  */
+	struct fips_ctx *ctx;
+	int ret;
+
+	ctx = gnutls_calloc(1, sizeof(*ctx));
+	if (ctx == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	ret = _rngfips_ctx_init(ctx);
+	if (ret < 0) {
+		gnutls_free(ctx);
+		return gnutls_assert_val(ret);
+	}
+
+	*_ctx = ctx;
+
+	return 0;
+}
+
+static int _rngfips_rnd(void *_ctx, int level, void *buffer, size_t length)
+{
+	struct fips_ctx *ctx = _ctx;
+	int ret;
+
+	switch (level) {
+	case GNUTLS_RND_RANDOM:
+	case GNUTLS_RND_KEY:
+		/* Unlike the chacha generator in rnd.c we do not need
+		 * to explicitly protect against backtracking in GNUTLS_RND_KEY
+		 * level. This protection is part of the DRBG generator. */
+		ret = get_random(&ctx->normal_context, ctx, buffer, length);
+		break;
+	default:
+		ret = get_random(&ctx->nonce_context, ctx, buffer, length);
+		break;
+	}
+
+	return ret;
+}
+
+static void _rngfips_deinit(void *_ctx)
+{
+	struct fips_ctx *ctx = _ctx;
+
+	zeroize_key(ctx, sizeof(*ctx));
+	free(ctx);
+}
+
+static void _rngfips_refresh(void *_ctx)
+{
+	/* this is predictable RNG. Don't refresh */
+	return;
+}
+
+static int selftest_kat(void)
+{
+	int ret;
+
+	ret = drbg_aes_self_test();
+
+	if (ret == 0) {
+		_gnutls_debug_log("DRBG-AES self test failed\n");
+		return gnutls_assert_val(GNUTLS_E_RANDOM_FAILED);
+	} else
+		_gnutls_debug_log("DRBG-AES self test succeeded\n");
+
+	return 0;
+}
+
+gnutls_crypto_rnd_st _gnutls_fips_rnd_ops = {
+	.init = _rngfips_init,
+	.deinit = _rngfips_deinit,
+	.rnd = _rngfips_rnd,
+	.rnd_refresh = _rngfips_refresh,
+	.self_test = selftest_kat,
+};
+
diff --git a/lib/nettle/rnd-fuzzer.c b/lib/nettle/rnd-fuzzer.c
new file mode 100644
index 0000000..821eebc
--- /dev/null
+++ b/lib/nettle/rnd-fuzzer.c
@@ -0,0 +1,150 @@
+/*
+ * Copyright (C) 2017 Red Hat
+ * Copyright (C) 1995-2017 Free Software Foundation, Inc.
+ * This file is part of the GNU C Library.
+ * Contributed by Ulrich Drepper <drepper@gnu.ai.mit.edu>, August 1995.
+ *
+ * This file is part of GnuTLS.
+ *
+ * Libgcrypt is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * Libgcrypt is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <drbg-aes.h>
+#include <fips.h>
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <stdlib.h>
+#include <rnd-common.h>
+
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+
+struct r48_rand_data {
+	unsigned short int __x[3];	/* Current state.  */
+	unsigned short int __old_x[3];	/* Old state.  */
+	unsigned short int __c;	/* Additive const. in congruential formula.  */
+	unsigned short int __init;	/* Flag for initializing.  */
+	__extension__ unsigned long long int __a;	/* Factor in congruential
+							   formula.  */
+};
+
+#ifdef __clang__
+__attribute__((no_sanitize("integer")))
+#endif
+static int
+__r48_rand_iterate(unsigned short int xsubi[3], struct r48_rand_data *buffer)
+{
+	uint64_t X;
+	uint64_t result;
+
+	/* Initialize buffer, if not yet done.  */
+	if (unlikely(!buffer->__init)) {
+		buffer->__a = 0x5deece66dull;
+		buffer->__c = 0xb;
+		buffer->__init = 1;
+	}
+
+	/* Do the real work.  We choose a data type which contains at least
+	   48 bits.  Because we compute the modulus it does not care how
+	   many bits really are computed.  */
+
+	X = (uint64_t) xsubi[2] << 32 | (uint32_t) xsubi[1] << 16 | xsubi[0];
+
+	result = X * buffer->__a + buffer->__c;
+
+	xsubi[0] = result & 0xffff;
+	xsubi[1] = (result >> 16) & 0xffff;
+	xsubi[2] = (result >> 32) & 0xffff;
+
+	return 0;
+}
+
+#ifdef __clang__
+__attribute__((no_sanitize("integer")))
+#elif defined __GNUC__
+__attribute__((no_sanitize("shift-base")))
+#endif
+static int
+r48_r(unsigned short int xsubi[3], struct r48_rand_data *buffer,
+      long int *result)
+{
+	/* Compute next state.  */
+	if (__r48_rand_iterate(xsubi, buffer) < 0)
+		return -1;
+
+	/* Store the result.  */
+	*result = (int32_t) ((xsubi[2] << 16) | xsubi[1]);
+
+	return 0;
+}
+
+static int r48(struct r48_rand_data *buffer, long int *result)
+{
+	return r48_r(buffer->__x, buffer, result);
+}
+
+/* This is a dummy random generator intended to be reproducible
+ * for use in fuzzying targets.
+ */
+
+static int _rngfuzz_init(void **_ctx)
+{
+	*_ctx = calloc(1, sizeof(struct r48_rand_data));
+
+	return 0;
+}
+
+static int _rngfuzz_rnd(void *_ctx, int level, void *buffer, size_t length)
+{
+	struct r48_rand_data *ctx = _ctx;
+	uint8_t *p = buffer;
+	long r;
+	unsigned i;
+
+	memset(ctx, 0, sizeof(*ctx));
+
+	for (i = 0; i < length; i++) {
+		r48(ctx, &r);
+		p[i] = r;
+	}
+	return 0;
+}
+
+static void _rngfuzz_deinit(void *_ctx)
+{
+	struct r48_rand_data *ctx = _ctx;
+
+	free(ctx);
+}
+
+static void _rngfuzz_refresh(void *_ctx)
+{
+	/* this is predictable RNG. Don't refresh */
+	return;
+}
+
+gnutls_crypto_rnd_st _gnutls_fuzz_rnd_ops = {
+	.init = _rngfuzz_init,
+	.deinit = _rngfuzz_deinit,
+	.rnd = _rngfuzz_rnd,
+	.rnd_refresh = _rngfuzz_refresh,
+	.self_test = NULL,
+};
+
+#endif /* FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION */
diff --git a/lib/nettle/rnd.c b/lib/nettle/rnd.c
new file mode 100644
index 0000000..cddf1f7
--- /dev/null
+++ b/lib/nettle/rnd.c
@@ -0,0 +1,274 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2016-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <locks.h>
+#include <num.h>
+#include <nettle/chacha.h>
+#include <rnd-common.h>
+#include <system.h>
+#include <atfork.h>
+#include <errno.h>
+#include <minmax.h>
+
+#define PRNG_KEY_SIZE CHACHA_KEY_SIZE
+
+/* For a high level description see the documentation and
+ * the 'Random number generation' section of chapter
+ * 'Using GnuTLS as a cryptographic library'.
+ */
+
+/* We have two "refresh" operations for the PRNG:
+ *  re-seed: the random generator obtains a new key from the system or another PRNG
+ *           (occurs when a time or data-based limit is reached for the GNUTLS_RND_RANDOM
+ *            and GNUTLS_RND_KEY levels and data-based for the nonce level)
+ *  re-key:  the random generator obtains a new key by utilizing its own output.
+ *           This only happens for the GNUTLS_RND_KEY level, on every operation.
+ */
+
+/* after this number of bytes PRNG will rekey using the system RNG */
+static const unsigned prng_reseed_limits[] = {
+	[GNUTLS_RND_NONCE] = 16*1024*1024, /* 16 MB - we re-seed using the GNUTLS_RND_RANDOM output */
+	[GNUTLS_RND_RANDOM] = 2*1024*1024, /* 2MB - we re-seed by time as well */
+	[GNUTLS_RND_KEY] = 2*1024*1024 /* same as GNUTLS_RND_RANDOM - but we re-key on every operation */
+};
+
+static const time_t prng_reseed_time[] = {
+	[GNUTLS_RND_NONCE] = 14400, /* 4 hours */
+	[GNUTLS_RND_RANDOM] = 7200, /* 2 hours */
+	[GNUTLS_RND_KEY] = 7200 /* same as RANDOM */
+};
+
+struct prng_ctx_st {
+	struct chacha_ctx ctx;
+	size_t counter;
+	unsigned int forkid;
+	time_t last_reseed;
+};
+
+struct generators_ctx_st {
+	struct prng_ctx_st nonce;  /* GNUTLS_RND_NONCE */
+	struct prng_ctx_st normal; /* GNUTLS_RND_RANDOM, GNUTLS_RND_KEY */
+};
+
+
+static void wrap_nettle_rnd_deinit(void *_ctx)
+{
+	gnutls_free(_ctx);
+}
+
+/* Initializes the nonce level random generator.
+ *
+ * the @new_key must be provided.
+ *
+ * @init must be non zero on first initialization, and
+ * zero on any subsequent reinitializations.
+ */
+static int single_prng_init(struct prng_ctx_st *ctx,
+			    uint8_t new_key[PRNG_KEY_SIZE],
+			    unsigned new_key_size,
+			    unsigned init)
+{
+	uint8_t nonce[CHACHA_NONCE_SIZE];
+
+	memset(nonce, 0, sizeof(nonce)); /* to prevent valgrind from whinning */
+
+	if (init == 0) {
+		/* use the previous key to generate IV as well */
+		chacha_crypt(&ctx->ctx, sizeof(nonce), nonce, nonce);
+
+		/* Add key continuity by XORing the new key with data generated
+		 * from the old key */
+		chacha_crypt(&ctx->ctx, new_key_size, new_key, new_key);
+	} else {
+		struct timespec now; /* current time */
+
+		ctx->forkid = _gnutls_get_forkid();
+
+		gnutls_gettime(&now);
+		memcpy(nonce, &now, MIN(sizeof(nonce), sizeof(now)));
+		ctx->last_reseed = now.tv_sec;
+	}
+
+	chacha_set_key(&ctx->ctx, new_key);
+	chacha_set_nonce(&ctx->ctx, nonce);
+
+	zeroize_key(new_key, new_key_size);
+
+	ctx->counter = 0;
+
+	return 0;
+}
+
+/* API functions */
+
+static int wrap_nettle_rnd_init(void **_ctx)
+{
+	int ret;
+	uint8_t new_key[PRNG_KEY_SIZE*2];
+	struct generators_ctx_st *ctx;
+
+	ctx = calloc(1, sizeof(*ctx));
+	if (ctx == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	/* initialize the nonce RNG */
+	ret = _rnd_get_system_entropy(new_key, sizeof(new_key));
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	ret = single_prng_init(&ctx->nonce, new_key, PRNG_KEY_SIZE, 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	/* initialize the random/key RNG */
+	ret = single_prng_init(&ctx->normal, new_key+PRNG_KEY_SIZE, PRNG_KEY_SIZE, 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	*_ctx = ctx;
+
+	return 0;
+ fail:
+	gnutls_free(ctx);
+	return ret;
+}
+
+static int
+wrap_nettle_rnd(void *_ctx, int level, void *data, size_t datasize)
+{
+	struct generators_ctx_st *ctx = _ctx;
+	struct prng_ctx_st *prng_ctx;
+	int ret, reseed = 0;
+	uint8_t new_key[PRNG_KEY_SIZE];
+	time_t now;
+
+	if (level == GNUTLS_RND_RANDOM || level == GNUTLS_RND_KEY)
+		prng_ctx = &ctx->normal;
+	else if (level == GNUTLS_RND_NONCE)
+		prng_ctx = &ctx->nonce;
+	else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(GNUTLS_E_RANDOM_FAILED);
+	}
+
+	/* Two reasons for this memset():
+	 *  1. avoid getting filled with valgrind warnings
+	 *  2. avoid a cipher/PRNG failure to expose stack data
+	 */
+	memset(data, 0, datasize);
+
+	now = gnutls_time(0);
+
+	/* We re-seed based on time in addition to output data. That is,
+	 * to prevent a temporal state compromise to become permanent for low
+	 * traffic sites */
+	if (unlikely(_gnutls_detect_fork(prng_ctx->forkid))) {
+		reseed = 1;
+	} else {
+		if (now > prng_ctx->last_reseed + prng_reseed_time[level])
+			reseed = 1;
+	}
+
+	if (reseed != 0 || prng_ctx->counter > prng_reseed_limits[level]) {
+		if (level == GNUTLS_RND_NONCE) {
+			ret = wrap_nettle_rnd(_ctx, GNUTLS_RND_RANDOM, new_key, sizeof(new_key));
+		} else {
+
+			/* we also use the system entropy to reduce the impact
+			 * of a temporal state compromise for these two levels. */
+			ret = _rnd_get_system_entropy(new_key, sizeof(new_key));
+		}
+
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			goto cleanup;
+		}
+
+		ret = single_prng_init(prng_ctx, new_key, sizeof(new_key), 0);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			goto cleanup;
+		}
+
+		prng_ctx->last_reseed = now;
+		prng_ctx->forkid = _gnutls_get_forkid();
+	}
+
+	chacha_crypt(&prng_ctx->ctx, datasize, data, data);
+	prng_ctx->counter += datasize;
+
+	if (level == GNUTLS_RND_KEY) { /* prevent backtracking */
+		ret = wrap_nettle_rnd(_ctx, GNUTLS_RND_RANDOM, new_key, sizeof(new_key));
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			goto cleanup;
+		}
+
+		ret = single_prng_init(prng_ctx, new_key, sizeof(new_key), 0);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+			goto cleanup;
+		}
+	}
+
+	ret = 0;
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+
+cleanup:
+	return ret;
+}
+
+static void wrap_nettle_rnd_refresh(void *_ctx)
+{
+	struct generators_ctx_st *ctx = _ctx;
+	char tmp;
+
+	/* force reseed */
+	ctx->nonce.counter = prng_reseed_limits[GNUTLS_RND_NONCE]+1;
+	ctx->normal.counter = prng_reseed_limits[GNUTLS_RND_RANDOM]+1;
+
+	wrap_nettle_rnd(_ctx, GNUTLS_RND_NONCE, &tmp, 1);
+	wrap_nettle_rnd(_ctx, GNUTLS_RND_RANDOM, &tmp, 1);
+}
+
+int crypto_rnd_prio = INT_MAX;
+
+gnutls_crypto_rnd_st _gnutls_rnd_ops = {
+	.init = wrap_nettle_rnd_init,
+	.deinit = wrap_nettle_rnd_deinit,
+	.rnd = wrap_nettle_rnd,
+	.rnd_refresh = wrap_nettle_rnd_refresh,
+	.self_test = NULL,
+};
diff --git a/lib/nettle/sysrng-bcrypt.c b/lib/nettle/sysrng-bcrypt.c
new file mode 100644
index 0000000..a08e9de
--- /dev/null
+++ b/lib/nettle/sysrng-bcrypt.c
@@ -0,0 +1,83 @@
+/*
+ * Copyright (C) 2010-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ * Copyright (C) 2000, 2001, 2008 Niels Möller
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Here are the common parts of the random generator layer. 
+ * Some of this code was based on the LSH 
+ * random generator (the trivia and device source functions for POSIX)
+ * and modified to fit gnutls' needs. Relicenced with permission. 
+ * Original author Niels Möller.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <locks.h>
+#include <num.h>
+#include <nettle/yarrow.h>
+#include <errno.h>
+#include <rnd-common.h>
+#include <hash-pjw-bare.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+
+/* The windows randomness gatherer.
+ */
+
+#include <windows.h>
+#include <bcrypt.h>
+
+get_entropy_func _rnd_get_system_entropy = NULL;
+
+static BCRYPT_ALG_HANDLE device_fd = 0;
+
+static
+int _rnd_get_system_entropy_win32(void* rnd, size_t size)
+{
+	NTSTATUS err = BCryptGenRandom(device_fd, rnd, size, 0);
+	if (!BCRYPT_SUCCESS(err)) {
+		_gnutls_debug_log("Error in BCryptGenRandom: %ld\n", err);
+		return GNUTLS_E_RANDOM_DEVICE_ERROR;
+	}
+
+	return 0;
+}
+
+int _rnd_system_entropy_init(void)
+{
+	NTSTATUS err = BCryptOpenAlgorithmProvider
+	    (&device_fd, BCRYPT_RNG_ALGORITHM, NULL, 0);
+	if (!BCRYPT_SUCCESS(err)) {
+		_gnutls_debug_log("error in BCryptOpenAlgorithmProvider!\n");
+		return GNUTLS_E_RANDOM_DEVICE_ERROR;
+	}
+
+	_rnd_get_system_entropy = _rnd_get_system_entropy_win32;
+	return 0;
+}
+
+void _rnd_system_entropy_deinit(void)
+{
+	BCryptCloseAlgorithmProvider(device_fd, 0);
+}
diff --git a/lib/nettle/sysrng-getentropy.c b/lib/nettle/sysrng-getentropy.c
new file mode 100644
index 0000000..0666d48
--- /dev/null
+++ b/lib/nettle/sysrng-getentropy.c
@@ -0,0 +1,78 @@
+/*
+ * Copyright (C) 2010-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* The *BSD getentropy() system random generator. The simplest of all.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <locks.h>
+#include <num.h>
+#include <errno.h>
+#include <rnd-common.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#ifdef __APPLE__
+#include <sys/random.h>
+#endif
+
+/* gnulib wants to claim strerror even if it cannot provide it. WTF */
+#undef strerror
+
+/* The POSIX (Linux-BSD) randomness gatherer.
+ */
+
+#include <time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/time.h>
+#include <fcntl.h>
+
+get_entropy_func _rnd_get_system_entropy = NULL;
+
+static int _rnd_get_system_entropy_simple(void* _rnd, size_t size)
+{
+	if (getentropy(_rnd, size) < 0) {
+		int e = errno;
+		gnutls_assert();
+		_gnutls_debug_log
+			("Failed to use getentropy: %s\n",
+					 strerror(e));
+		return GNUTLS_E_RANDOM_DEVICE_ERROR;
+	}
+	return 0;
+}
+
+int _rnd_system_entropy_init(void)
+{
+	_rnd_get_system_entropy = _rnd_get_system_entropy_simple;
+	return 0;
+}
+
+void _rnd_system_entropy_deinit(void)
+{
+	return;
+}
+
diff --git a/lib/nettle/sysrng-linux.c b/lib/nettle/sysrng-linux.c
new file mode 100644
index 0000000..6b3971c
--- /dev/null
+++ b/lib/nettle/sysrng-linux.c
@@ -0,0 +1,198 @@
+/*
+ * Copyright (C) 2010-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* The Linux style system random generator: That is,
+ * getrandom() -> /dev/urandom, where "->" indicates fallback.
+ */
+
+#ifndef RND_NO_INCLUDES
+# include "gnutls_int.h"
+# include "errors.h"
+# include <num.h>
+# include <errno.h>
+# include <rnd-common.h>
+#endif
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+
+/* gnulib wants to claim strerror even if it cannot provide it. WTF */
+#undef strerror
+
+#include <time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/time.h>
+#include <fcntl.h>
+
+get_entropy_func _rnd_get_system_entropy = NULL;
+
+#if defined(__linux__)
+# ifdef HAVE_GETRANDOM
+#  include <sys/random.h>
+# else
+#  include <sys/syscall.h>
+#  undef getrandom
+#  if defined(SYS_getrandom)
+#   define getrandom(dst,s,flags) syscall(SYS_getrandom, (void*)dst, (size_t)s, (unsigned int)flags)
+#  else
+static ssize_t _getrandom0(void *buf, size_t buflen, unsigned int flags)
+{
+        errno = ENOSYS;
+        return -1;
+}
+#   define getrandom(dst,s,flags) _getrandom0(dst,s,flags)
+#  endif
+# endif
+
+
+static unsigned have_getrandom(void)
+{
+	char c;
+	int ret;
+	ret = getrandom(&c, 1, 1/*GRND_NONBLOCK*/);
+	if (ret == 1 || (ret == -1 && errno == EAGAIN))
+		return 1;
+	return 0;
+}
+
+/* returns exactly the amount of bytes requested */
+static int force_getrandom(void *buf, size_t buflen, unsigned int flags)
+{
+	int left = buflen;
+	int ret;
+	uint8_t *p = buf;
+
+	while (left > 0) {
+		ret = getrandom(p, left, flags);
+		if (ret == -1) {
+			if (errno != EINTR)
+				return ret;
+		}
+
+		if (ret > 0) {
+			left -= ret;
+			p += ret;
+		}
+	}
+
+	return buflen;
+}
+
+static int _rnd_get_system_entropy_getrandom(void* _rnd, size_t size)
+{
+	int ret;
+	ret = force_getrandom(_rnd, size, 0);
+	if (ret == -1) {
+		int e = errno;
+		gnutls_assert();
+		_gnutls_debug_log
+			("Failed to use getrandom: %s\n",
+					 strerror(e));
+		return GNUTLS_E_RANDOM_DEVICE_ERROR;
+	}
+
+	return 0;
+}
+#else /* not linux */
+# define have_getrandom() 0
+#endif
+
+static int _rnd_get_system_entropy_urandom(void* _rnd, size_t size)
+{
+	uint8_t* rnd = _rnd;
+	uint32_t done;
+	int urandom_fd;
+
+	urandom_fd = open("/dev/urandom", O_RDONLY);
+	if (urandom_fd < 0) {
+		_gnutls_debug_log("Cannot open /dev/urandom!\n");
+		return GNUTLS_E_RANDOM_DEVICE_ERROR;
+	}
+
+	for (done = 0; done < size;) {
+		int res;
+		do {
+			res = read(urandom_fd, rnd + done, size - done);
+		} while (res < 0 && errno == EINTR);
+
+		if (res <= 0) {
+			int e = errno;
+			if (res < 0) {
+				_gnutls_debug_log
+					("Failed to read /dev/urandom: %s\n",
+					 strerror(e));
+			} else {
+				_gnutls_debug_log
+					("Failed to read /dev/urandom: end of file\n");
+			}
+
+			close(urandom_fd);
+			return GNUTLS_E_RANDOM_DEVICE_ERROR;
+		}
+
+		done += res;
+	}
+
+	close(urandom_fd);
+	return 0;
+}
+
+int _rnd_system_entropy_init(void)
+{
+	int urandom_fd;
+
+#if defined(__linux__)
+	/* Enable getrandom() usage if available */
+	if (have_getrandom()) {
+		_rnd_get_system_entropy = _rnd_get_system_entropy_getrandom;
+		_gnutls_debug_log("getrandom random generator was selected\n");
+		return 0;
+	} else {
+		_gnutls_debug_log("getrandom is not available\n");
+	}
+#endif
+
+	/* Fallback: /dev/urandom */
+
+	/* Check that we can open it */
+	urandom_fd = open("/dev/urandom", O_RDONLY);
+	if (urandom_fd < 0) {
+		_gnutls_debug_log("Cannot open /dev/urandom during initialization!\n");
+		return gnutls_assert_val(GNUTLS_E_RANDOM_DEVICE_ERROR);
+	}
+	close(urandom_fd);
+
+	_rnd_get_system_entropy = _rnd_get_system_entropy_urandom;
+	_gnutls_debug_log("/dev/urandom random generator was selected\n");
+
+	return 0;
+}
+
+void _rnd_system_entropy_deinit(void)
+{
+	/* A no-op now when we open and close /dev/urandom every time */
+	return;
+}
+
diff --git a/lib/nettle/sysrng-netbsd.c b/lib/nettle/sysrng-netbsd.c
new file mode 100644
index 0000000..7f74b4e
--- /dev/null
+++ b/lib/nettle/sysrng-netbsd.c
@@ -0,0 +1,78 @@
+/*
+ * Copyright (C) 2010-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nia Alarie
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The *BSD sysctl-based system random generator.
+ * Used on NetBSD.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <locks.h>
+#include <num.h>
+#include <errno.h>
+#include <rnd-common.h>
+
+#include <sys/sysctl.h>
+
+#define	ARRAY_SIZE(A)	(sizeof(A)/sizeof((A)[0]))
+
+get_entropy_func _rnd_get_system_entropy = NULL;
+
+static int _rnd_get_system_entropy_sysctl(void* _rnd, size_t size)
+{
+	static int name[] = {CTL_KERN, KERN_ARND};
+	size_t count, req;
+	unsigned char* p;
+
+	p = _rnd;
+	while (size) {
+		req = size < 32 ? size : 32;
+		count = req;
+
+		if (sysctl(name, ARRAY_SIZE(name), p, &count, NULL, 0) == -1) {
+			return GNUTLS_E_RANDOM_DEVICE_ERROR;
+		}
+
+		if (count != req) {
+			return GNUTLS_E_RANDOM_DEVICE_ERROR; /* Can't happen. */
+		}
+
+		p += count;
+		size -= count;
+	}
+
+	return 0;
+}
+
+int _rnd_system_entropy_init(void)
+{
+	_rnd_get_system_entropy = _rnd_get_system_entropy_sysctl;
+	return 0;
+}
+
+void _rnd_system_entropy_deinit(void)
+{
+	return;
+}
+
diff --git a/lib/nettle/sysrng-windows.c b/lib/nettle/sysrng-windows.c
new file mode 100644
index 0000000..8c931d2
--- /dev/null
+++ b/lib/nettle/sysrng-windows.c
@@ -0,0 +1,84 @@
+/*
+ * Copyright (C) 2010-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ * Copyright (C) 2000, 2001, 2008 Niels Möller
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Here are the common parts of the random generator layer. 
+ * Some of this code was based on the LSH 
+ * random generator (the trivia and device source functions for POSIX)
+ * and modified to fit gnutls' needs. Relicenced with permission. 
+ * Original author Niels Möller.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <locks.h>
+#include <num.h>
+#include <nettle/yarrow.h>
+#include <errno.h>
+#include <rnd-common.h>
+#include <hash-pjw-bare.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+
+/* The windows randomness gatherer.
+ */
+
+#include <windows.h>
+#include <wincrypt.h>
+
+get_entropy_func _rnd_get_system_entropy = NULL;
+
+static HCRYPTPROV device_fd = 0;
+
+static
+int _rnd_get_system_entropy_win32(void* rnd, size_t size)
+{
+	if (!CryptGenRandom(device_fd, (DWORD) size, rnd)) {
+		_gnutls_debug_log("Error in CryptGenRandom: %d\n",
+					(int)GetLastError());
+		return GNUTLS_E_RANDOM_DEVICE_ERROR;
+	}
+
+	return 0;
+}
+
+int _rnd_system_entropy_init(void)
+{
+	if (!CryptAcquireContext
+		(&device_fd, NULL, NULL, PROV_RSA_FULL,
+		 CRYPT_SILENT | CRYPT_VERIFYCONTEXT)) {
+		_gnutls_debug_log
+			("error in CryptAcquireContext!\n");
+		return GNUTLS_E_RANDOM_DEVICE_ERROR;
+	}
+
+	_rnd_get_system_entropy = _rnd_get_system_entropy_win32;
+	return 0;
+}
+
+void _rnd_system_entropy_deinit(void)
+{
+	CryptReleaseContext(device_fd, 0);
+}
diff --git a/lib/num.h b/lib/num.h
new file mode 100644
index 0000000..dd2ee41
--- /dev/null
+++ b/lib/num.h
@@ -0,0 +1,120 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_NUM_H
+#define GNUTLS_LIB_NUM_H
+
+#include "gnutls_int.h"
+
+#include <minmax.h>
+#include <byteswap.h>
+
+/* data should be at least 3 bytes */
+inline static uint32_t _gnutls_read_uint24(const uint8_t * data)
+{
+	return (data[0] << 16) | (data[1] << 8) | (data[2]);
+}
+
+inline static uint64_t _gnutls_read_uint64(const uint8_t * data)
+{
+	uint64_t res;
+
+	memcpy(&res, data, sizeof(uint64_t));
+#ifndef WORDS_BIGENDIAN
+	res = bswap_64(res);
+#endif
+	return res;
+}
+
+inline static void _gnutls_write_uint64(uint64_t num, uint8_t * data)
+{
+#ifndef WORDS_BIGENDIAN
+	num = bswap_64(num);
+#endif
+	memcpy(data, &num, 8);
+}
+
+inline static void _gnutls_write_uint24(uint32_t num, uint8_t * data)
+{
+	data[0] = num >> 16;
+	data[1] = num >> 8;
+	data[2] = num;
+}
+
+inline static uint32_t _gnutls_read_uint32(const uint8_t * data)
+{
+	uint32_t res;
+
+	memcpy(&res, data, sizeof(uint32_t));
+#ifndef WORDS_BIGENDIAN
+	res = bswap_32(res);
+#endif
+	return res;
+}
+
+inline static void _gnutls_write_uint32(uint32_t num, uint8_t * data)
+{
+
+#ifndef WORDS_BIGENDIAN
+	num = bswap_32(num);
+#endif
+	memcpy(data, &num, sizeof(uint32_t));
+}
+
+inline static uint16_t _gnutls_read_uint16(const uint8_t * data)
+{
+	uint16_t res;
+	memcpy(&res, data, sizeof(uint16_t));
+#ifndef WORDS_BIGENDIAN
+	res = bswap_16(res);
+#endif
+	return res;
+}
+
+inline static void _gnutls_write_uint16(uint16_t num, uint8_t * data)
+{
+
+#ifndef WORDS_BIGENDIAN
+	num = bswap_16(num);
+#endif
+	memcpy(data, &num, sizeof(uint16_t));
+}
+
+inline static uint32_t _gnutls_conv_uint32(uint32_t data)
+{
+#ifndef WORDS_BIGENDIAN
+	return bswap_32(data);
+#else
+	return data;
+#endif
+}
+
+inline static uint16_t _gnutls_conv_uint16(uint16_t data)
+{
+#ifndef WORDS_BIGENDIAN
+	return bswap_16(data);
+#else
+	return data;
+#endif
+}
+
+#endif /* GNUTLS_LIB_NUM_H */
diff --git a/lib/ocsp-api.c b/lib/ocsp-api.c
new file mode 100644
index 0000000..28f7e05
--- /dev/null
+++ b/lib/ocsp-api.c
@@ -0,0 +1,640 @@
+/*
+ * Copyright (C) 2012-2017 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Simon Josefsson, Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ *  Status Request (OCSP) API.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <auth.h>
+#include <auth/cert.h>
+#include <handshake.h>
+#include <minmax.h>
+
+#ifdef ENABLE_OCSP
+
+#include <gnutls/ocsp.h>
+#include "x509/ocsp.h"
+
+/**
+ * gnutls_ocsp_status_request_get:
+ * @session: is a #gnutls_session_t type.
+ * @response: a #gnutls_datum_t with DER encoded OCSP response
+ *
+ * This function returns the OCSP status response received
+ * from the TLS server. The @response should be treated as
+ * constant. If no OCSP response is available then
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since: 3.1.3
+ **/
+int
+gnutls_ocsp_status_request_get(gnutls_session_t session,
+			       gnutls_datum_t * response)
+{
+	return gnutls_ocsp_status_request_get2(session, 0, response);
+}
+
+/**
+ * gnutls_ocsp_status_request_get2:
+ * @session: is a #gnutls_session_t type.
+ * @idx: the index of peer's certificate
+ * @response: a #gnutls_datum_t with DER encoded OCSP response
+ *
+ * This function returns the OCSP status response received
+ * from the TLS server for the certificate index provided.
+ * The index corresponds to certificates as returned by
+ * gnutls_certificate_get_peers. When index is zero this
+ * function operates identically to gnutls_ocsp_status_request_get().
+ *
+ * The returned @response should be treated as
+ * constant. If no OCSP response is available for the
+ * given index then %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * is returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_ocsp_status_request_get2(gnutls_session_t session,
+			        unsigned idx,
+			        gnutls_datum_t * response)
+{
+	const version_entry_st *ver = get_version(session);
+	cert_auth_info_t info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+
+	if (!ver->tls13_sem && session->security_parameters.entity == GNUTLS_SERVER)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (info == NULL || info->raw_ocsp_list == NULL ||
+	    info->nocsp <= idx || info->raw_ocsp_list[idx].size == 0)
+		return
+		    gnutls_assert_val
+		    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	response->data = info->raw_ocsp_list[idx].data;
+	response->size = info->raw_ocsp_list[idx].size;
+
+	return 0;
+}
+
+/**
+ * gnutls_certificate_set_ocsp_status_request_function:
+ * @sc: is a #gnutls_certificate_credentials_t type.
+ * @ocsp_func: function pointer to OCSP status request callback.
+ * @ptr: opaque pointer passed to callback function
+ *
+ * This function is to be used by server to register a callback to
+ * handle OCSP status requests from the client.  The callback will be
+ * invoked if the client supplied a status-request OCSP extension.
+ * The callback function prototype is:
+ *
+ * typedef int (*gnutls_status_request_ocsp_func)
+ *    (gnutls_session_t session, void *ptr, gnutls_datum_t *ocsp_response);
+ *
+ * The callback will be invoked if the client requests an OCSP certificate
+ * status.  The callback may return %GNUTLS_E_NO_CERTIFICATE_STATUS, if
+ * there is no recent OCSP response. If the callback returns %GNUTLS_E_SUCCESS,
+ * it is expected to have the @ocsp_response field set with a valid (DER-encoded)
+ * OCSP response. The response must be a value allocated using gnutls_malloc(),
+ * and will be deinitialized by the caller.
+ *
+ * It is possible to set a specific callback for each provided certificate
+ * using gnutls_certificate_set_ocsp_status_request_function2().
+ *
+ * Since: 3.1.3
+ **/
+void
+gnutls_certificate_set_ocsp_status_request_function
+(gnutls_certificate_credentials_t sc,
+gnutls_status_request_ocsp_func ocsp_func, void *ptr)
+{
+
+	sc->glob_ocsp_func = ocsp_func;
+	sc->glob_ocsp_func_ptr = ptr;
+}
+
+/**
+ * gnutls_certificate_set_ocsp_status_request_function2:
+ * @sc: is a #gnutls_certificate_credentials_t type.
+ * @idx: is a certificate index as returned by gnutls_certificate_set_key() and friends
+ * @ocsp_func: function pointer to OCSP status request callback.
+ * @ptr: opaque pointer passed to callback function
+ *
+ * This function is to be used by server to register a callback to
+ * provide OCSP status requests that correspond to the indexed certificate chain
+ * from the client.  The callback will be invoked if the client supplied a
+ * status-request OCSP extension.
+ *
+ * The callback function prototype is:
+ *
+ * typedef int (*gnutls_status_request_ocsp_func)
+ *    (gnutls_session_t session, void *ptr, gnutls_datum_t *ocsp_response);
+ *
+ * The callback will be invoked if the client requests an OCSP certificate
+ * status.  The callback may return %GNUTLS_E_NO_CERTIFICATE_STATUS, if
+ * there is no recent OCSP response. If the callback returns %GNUTLS_E_SUCCESS,
+ * it is expected to have the @ocsp_response field set with a valid (DER-encoded)
+ * OCSP response. The response must be a value allocated using gnutls_malloc(),
+ * and will be deinitialized by the caller.
+ *
+ * Note: the ability to set multiple OCSP responses per credential
+ * structure via the index @idx was added in version 3.5.6. To keep
+ * backwards compatibility, it requires using gnutls_certificate_set_flags()
+ * with the %GNUTLS_CERTIFICATE_API_V2 flag to make the set certificate
+ * functions return an index usable by this function.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since: 3.5.5
+ **/
+int
+gnutls_certificate_set_ocsp_status_request_function2
+(gnutls_certificate_credentials_t sc, unsigned idx, gnutls_status_request_ocsp_func ocsp_func, void *ptr)
+{
+	if (idx >= sc->ncerts)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	sc->certs[idx].ocsp_func = ocsp_func;
+	sc->certs[idx].ocsp_func_ptr = ptr;
+
+	return 0;
+}
+
+static
+unsigned resp_matches_pcert(gnutls_ocsp_resp_t resp, const gnutls_pcert_st *cert)
+{
+	gnutls_x509_crt_t crt;
+	int ret;
+	unsigned retval;
+
+	ret = gnutls_x509_crt_init(&crt);
+	if (ret < 0)
+		return 0;
+
+	ret = gnutls_x509_crt_import(crt, &cert->cert, GNUTLS_X509_FMT_DER);
+	if (ret < 0) {
+		gnutls_assert();
+		retval = 0;
+		goto cleanup;
+	}
+
+	ret = gnutls_ocsp_resp_check_crt(resp, 0, crt);
+	if (ret == 0)
+		retval = 1;
+	else
+		retval = 0;
+
+ cleanup:
+	gnutls_x509_crt_deinit(crt);
+	return retval;
+}
+
+/**
+ * gnutls_certificate_set_ocsp_status_request_file:
+ * @sc: is a credentials structure.
+ * @response_file: a filename of the OCSP response
+ * @idx: is a certificate index as returned by gnutls_certificate_set_key() and friends
+ *
+ * This function loads the provided OCSP response. It will be
+ * sent to the client if requests an OCSP certificate status for
+ * the certificate chain specified by @idx.
+ *
+ * Note: the ability to set multiple OCSP responses per credential
+ * structure via the index @idx was added in version 3.5.6. To keep
+ * backwards compatibility, it requires using gnutls_certificate_set_flags()
+ * with the %GNUTLS_CERTIFICATE_API_V2 flag to make the set certificate
+ * functions return an index usable by this function.
+ *
+ * This function can be called multiple times since GnuTLS 3.6.3
+ * when multiple responses which apply to the chain are available.
+ * If the response provided does not match any certificates present
+ * in the chain, the code %GNUTLS_E_OCSP_MISMATCH_WITH_CERTS is returned.
+ * To revert to the previous behavior set the flag %GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK
+ * in the certificate credentials structure. In that case, only the
+ * end-certificate's OCSP response can be set.
+ * If the response is already expired at the time of loading the code
+ * %GNUTLS_E_EXPIRED is returned.
+ *
+ * To revert to the previous behavior of this function which does not return
+ * any errors, set the flag %GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ *
+ * Since: 3.1.3
+ **/
+int
+gnutls_certificate_set_ocsp_status_request_file(gnutls_certificate_credentials_t sc,
+						const char *response_file,
+						unsigned idx)
+{
+	int ret;
+
+	ret = gnutls_certificate_set_ocsp_status_request_file2(sc, response_file,
+							       idx, GNUTLS_X509_FMT_DER);
+	if (ret >= 0)
+		return 0;
+	else
+		return ret;
+}
+
+static int append_response(gnutls_certificate_credentials_t sc, unsigned idx,
+			   gnutls_ocsp_resp_t resp, const gnutls_datum_t *der)
+{
+	int ret;
+	unsigned i, found = 0;
+	unsigned try_already_set = 0;
+	time_t t;
+
+ retry:
+
+	/* iterate through all certificates in chain, and add the response
+	 * to the certificate that it matches with.
+	 */
+	for (i=0;i<MIN(sc->certs[idx].cert_list_length, MAX_OCSP_RESPONSES);i++) {
+		if (!try_already_set && sc->certs[idx].ocsp_data[i].response.data)
+			continue;
+
+		if (!resp_matches_pcert(resp, &sc->certs[idx].cert_list[i]))
+			continue;
+
+		t = _gnutls_ocsp_get_validity(resp);
+		/* if already invalid */
+		if (t == (time_t)-1) {
+			_gnutls_debug_log("the OCSP response associated with chain %d on pos %d, is invalid/expired\n", idx, i);
+			return GNUTLS_E_EXPIRED;
+		} else if (t == (time_t)-2) {
+			_gnutls_debug_log("the OCSP response associated with chain %d on pos %d, is too old (ignoring)\n", idx, i);
+			return 0;
+		}
+
+		if (t >= 0)
+			sc->certs[idx].ocsp_data[i].exptime = t;
+		else
+			sc->certs[idx].ocsp_data[i].exptime = 0;
+
+		_gnutls_debug_log("associating OCSP response with chain %d on pos %d\n", idx, i);
+
+		gnutls_free(sc->certs[idx].ocsp_data[i].response.data);
+
+		ret = _gnutls_set_datum(&sc->certs[idx].ocsp_data[i].response,
+					der->data,
+					der->size);
+		if (ret < 0) {
+			gnutls_assert();
+			sc->certs[idx].ocsp_data[i].response.data = NULL;
+			sc->certs[idx].ocsp_data[i].response.size = 0;
+			return ret;
+		}
+
+		if (sc->certs[idx].ocsp_data_length <= i)
+			sc->certs[idx].ocsp_data_length = i+1;
+
+		found = 1;
+		break;
+	}
+
+	if (!found) {
+		/* slow path; if we found no matching certificate for the OCSP
+		 * response, try all the existing, even if a response is already
+		 * given. */
+		if (!try_already_set) {
+			try_already_set = 1;
+			goto retry;
+		}
+		ret = GNUTLS_E_OCSP_MISMATCH_WITH_CERTS;
+	} else {
+		ret = 0;
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_certificate_set_ocsp_status_request_file2:
+ * @sc: is a credentials structure.
+ * @response_file: a filename of the OCSP response
+ * @idx: is a certificate index as returned by gnutls_certificate_set_key() and friends
+ * @fmt: is PEM or DER
+ *
+ * This function loads the OCSP responses to be sent to the
+ * peer for the certificate chain specified by @idx. When @fmt is
+ * set to PEM, multiple responses can be loaded.
+ *
+ * This function must be called after setting any certificates, and
+ * cannot be used for certificates that are provided via a callback --
+ * that is when gnutls_certificate_set_retrieve_function() is used. In
+ * that case consider using gnutls_certificate_set_retrieve_function3().
+ *
+ * This function can be called multiple times when multiple responses
+ * applicable to the certificate chain are available.
+ * If the response provided does not match any certificates present
+ * in the chain, the code %GNUTLS_E_OCSP_MISMATCH_WITH_CERTS is returned.
+ * If the response is already expired at the time of loading the code
+ * %GNUTLS_E_EXPIRED is returned.
+ *
+ * Returns: On success, the number of loaded responses is returned,
+ *   otherwise a negative error code.
+ *
+ * Since: 3.1.3
+ **/
+int
+gnutls_certificate_set_ocsp_status_request_file2(gnutls_certificate_credentials_t sc,
+						const char *response_file,
+						unsigned idx,
+						gnutls_x509_crt_fmt_t fmt)
+{
+	gnutls_datum_t raw = {NULL, 0};
+	int ret;
+
+	if (idx >= sc->ncerts)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	ret = gnutls_load_file(response_file, &raw);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+
+	ret = gnutls_certificate_set_ocsp_status_request_mem(sc, &raw, idx, fmt);
+	gnutls_free(raw.data);
+	return ret;
+}
+
+#define PEM_OCSP_RESPONSE "OCSP RESPONSE"
+#define FULL_PEM_OCSP_RESPONSE "-----BEGIN OCSP RESPONSE"
+
+/**
+ * gnutls_certificate_set_ocsp_status_request_mem:
+ * @sc: is a credentials structure.
+ * @resp_data: a memory buffer holding an OCSP response
+ * @idx: is a certificate index as returned by gnutls_certificate_set_key() and friends
+ * @fmt: is PEM or DER
+ *
+ * This function sets the OCSP responses to be sent to the
+ * peer for the certificate chain specified by @idx. When @fmt is set
+ * to PEM, multiple responses can be loaded.
+ *
+ * Note: the ability to set multiple OCSP responses per credential
+ * structure via the index @idx was added in version 3.5.6. To keep
+ * backwards compatibility, it requires using gnutls_certificate_set_flags()
+ * with the %GNUTLS_CERTIFICATE_API_V2 flag to make the set certificate
+ * functions return an index usable by this function.
+ *
+ * This function must be called after setting any certificates, and
+ * cannot be used for certificates that are provided via a callback --
+ * that is when gnutls_certificate_set_retrieve_function() is used.
+ *
+ * This function can be called multiple times when multiple responses which
+ * apply to the certificate chain are available.
+ * If the response provided does not match any certificates present
+ * in the chain, the code %GNUTLS_E_OCSP_MISMATCH_WITH_CERTS is returned.
+ * If the response is already expired at the time of loading the code
+ * %GNUTLS_E_EXPIRED is returned.
+ *
+ * Returns: On success, the number of loaded responses is returned,
+ *   otherwise a negative error code.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_certificate_set_ocsp_status_request_mem(gnutls_certificate_credentials_t sc,
+					       const gnutls_datum_t *resp_data,
+					       unsigned idx,
+					       gnutls_x509_crt_fmt_t fmt)
+
+{
+	gnutls_datum_t der = {NULL, 0};
+	gnutls_ocsp_resp_t resp = NULL;
+	int ret;
+	unsigned int nresp = 0;
+
+	ret = gnutls_ocsp_resp_init(&resp);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	if (fmt == GNUTLS_X509_FMT_PEM) {
+		/* load multiple responses */
+		gnutls_datum_t p = {resp_data->data, resp_data->size};
+
+		p.data = memmem(p.data, p.size, FULL_PEM_OCSP_RESPONSE,
+				sizeof(FULL_PEM_OCSP_RESPONSE)-1);
+		if (p.data == NULL) {
+			ret = gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+			goto cleanup;
+		}
+
+		p.size -= p.data - resp_data->data;
+		if (p.size <= 0) {
+			ret = gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+			goto cleanup;
+		}
+
+		do {
+			ret = gnutls_pem_base64_decode2(PEM_OCSP_RESPONSE, &p, &der);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			ret = gnutls_certificate_set_ocsp_status_request_mem(sc, &der, idx,
+									     GNUTLS_X509_FMT_DER);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			nresp++;
+
+			gnutls_free(der.data);
+
+			p.data++;
+			p.size--;
+
+			p.data = memmem(p.data, p.size, FULL_PEM_OCSP_RESPONSE,
+					sizeof(FULL_PEM_OCSP_RESPONSE)-1);
+			if (p.data == NULL)
+				break;
+			p.size = resp_data->size - (p.data - resp_data->data);
+		} while(p.size > 0);
+
+		ret = nresp;
+	} else {
+		/* DER: load a single response */
+		if (sc->flags & GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK) {
+			ret = gnutls_ocsp_resp_import2(resp, resp_data, GNUTLS_X509_FMT_DER);
+			if (ret >= 0) {
+				sc->certs[idx].ocsp_data[0].exptime = _gnutls_ocsp_get_validity(resp);
+				if (sc->certs[idx].ocsp_data[0].exptime <= 0)
+					sc->certs[idx].ocsp_data[0].exptime = 0;
+			}
+
+			/* quick load of first response */
+			gnutls_free(sc->certs[idx].ocsp_data[0].response.data);
+
+			ret = _gnutls_set_datum(&sc->certs[idx].ocsp_data[0].response,
+						resp_data->data,
+						resp_data->size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			sc->certs[idx].ocsp_data_length = 1;
+			goto cleanup;
+		}
+
+		ret = gnutls_ocsp_resp_import2(resp, resp_data, GNUTLS_X509_FMT_DER);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = append_response(sc, idx, resp, resp_data);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = 1;
+	}
+  cleanup:
+	gnutls_free(der.data);
+	if (resp)
+		gnutls_ocsp_resp_deinit(resp);
+
+	return ret;
+}
+
+/**
+ * gnutls_certificate_get_ocsp_expiration:
+ * @sc: is a credentials structure.
+ * @idx: is a certificate chain index as returned by gnutls_certificate_set_key() and friends
+ * @oidx: is an OCSP response index
+ * @flags: should be zero
+ *
+ * This function returns the validity of the loaded OCSP responses,
+ * to provide information on when to reload/refresh them.
+ *
+ * Note that the credentials structure should be read-only when in
+ * use, thus when reloading, either the credentials structure must not
+ * be in use by any sessions, or a new credentials structure should be
+ * allocated for new sessions.
+ *
+ * When @oidx is (-1) then the minimum refresh time for all responses
+ * is returned. Otherwise the index specifies the response corresponding
+ * to the @odix certificate in the certificate chain.
+ *
+ * Returns: On success, the expiration time of the OCSP response. Otherwise
+ *   (time_t)(-1) on error, or (time_t)-2 on out of bounds.
+ *
+ * Since: 3.6.3
+ **/
+time_t
+gnutls_certificate_get_ocsp_expiration(gnutls_certificate_credentials_t sc,
+				       unsigned idx,
+				       int oidx,
+				       unsigned flags)
+{
+	unsigned j;
+
+	if (idx >= sc->ncerts)
+		return (time_t)-2;
+
+	if (oidx == -1) {
+		time_t min = 0;
+
+		for (j=0;j<MIN(sc->certs[idx].cert_list_length, MAX_OCSP_RESPONSES);j++) {
+			if (min <= 0)
+				min = sc->certs[idx].ocsp_data[j].exptime;
+			else
+				if (sc->certs[idx].ocsp_data[j].exptime > 0 &&
+				    min >= sc->certs[idx].ocsp_data[j].exptime)
+					min = sc->certs[idx].ocsp_data[j].exptime;
+		}
+		return min;
+	}
+
+	if (oidx >= MAX_OCSP_RESPONSES || (unsigned)oidx >= sc->certs[idx].cert_list_length)
+		return (time_t)-2;
+
+	if (sc->certs[idx].ocsp_data[oidx].response.data == NULL)
+		return (time_t)-1;
+
+	return sc->certs[idx].ocsp_data[oidx].exptime;
+}
+
+/**
+ * gnutls_ocsp_status_request_is_checked:
+ * @session: is a gnutls session
+ * @flags: should be zero or %GNUTLS_OCSP_SR_IS_AVAIL
+ *
+ * When flags are zero this function returns non-zero if a valid OCSP status
+ * response was included in the TLS handshake. That is, an OCSP status response
+ * which is not too old, superseded or marks the certificate as revoked.
+ * It returns zero otherwise.
+ *
+ * When the flag %GNUTLS_OCSP_SR_IS_AVAIL is specified, the function
+ * returns non-zero if an OCSP status response was included in the handshake
+ * even if it was invalid. Otherwise, if no OCSP status response was included,
+ * it returns zero. The %GNUTLS_OCSP_SR_IS_AVAIL flag was introduced in GnuTLS 3.4.0.
+ *
+ * This is a helper function when needing to decide whether to perform an
+ * explicit OCSP validity check on the peer's certificate. Should be called after
+ * any of gnutls_certificate_verify_peers*() are called.
+ *
+ * This function is always usable on client side, but on server side only
+ * under TLS 1.3, which is the first version of TLS that allows cliend-side OCSP
+ * responses.
+ *
+ * Returns: Non-zero if the response was valid, or a zero if it wasn't sent,
+ * or sent and was invalid.
+ *
+ * Since: 3.1.4
+ **/
+unsigned
+gnutls_ocsp_status_request_is_checked(gnutls_session_t session,
+				      unsigned int flags)
+{
+	int ret;
+	gnutls_datum_t data;
+
+	if (flags & GNUTLS_OCSP_SR_IS_AVAIL) {
+		ret = gnutls_ocsp_status_request_get(session, &data);
+		if (ret < 0)
+			return gnutls_assert_val(0);
+
+		if (data.data == NULL)
+			return gnutls_assert_val(0);
+		return 1;
+	}
+	return session->internals.ocsp_check_ok;
+}
+
+#endif
diff --git a/lib/openpgp_compat.c b/lib/openpgp_compat.c
new file mode 100644
index 0000000..d96ee8d
--- /dev/null
+++ b/lib/openpgp_compat.c
@@ -0,0 +1,844 @@
+/*
+ * Copyright (C) 2017 Nikos Mavrogiannopoulos
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the definitions of OpenPGP stub functions
+ * for ABI compatibility.
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/openpgp.h>
+#include <gnutls/abstract.h>
+
+int gnutls_openpgp_crt_init(gnutls_openpgp_crt_t * key)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+void gnutls_openpgp_crt_deinit(gnutls_openpgp_crt_t key)
+{
+	return;
+}
+
+int gnutls_openpgp_crt_import(gnutls_openpgp_crt_t key,
+			      const gnutls_datum_t * data,
+			      gnutls_openpgp_crt_fmt_t format)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_crt_export(gnutls_openpgp_crt_t key,
+			      gnutls_openpgp_crt_fmt_t format,
+			      void *output_data,
+			      size_t * output_data_size) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_crt_export2(gnutls_openpgp_crt_t key,
+			       gnutls_openpgp_crt_fmt_t format,
+			       gnutls_datum_t * out) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_crt_print(gnutls_openpgp_crt_t cert,
+			     gnutls_certificate_print_formats_t
+			     format, gnutls_datum_t * out) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_crt_get_key_usage(gnutls_openpgp_crt_t key,
+				     unsigned int *key_usage) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_crt_get_fingerprint(gnutls_openpgp_crt_t key,
+				       void *fpr, size_t * fprlen) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_crt_get_subkey_fingerprint(gnutls_openpgp_crt_t
+					      key,
+					      unsigned int idx,
+					      void *fpr, size_t * fprlen) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_crt_get_name(gnutls_openpgp_crt_t key,
+				int idx, char *buf, size_t * sizeof_buf) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+gnutls_pk_algorithm_t
+gnutls_openpgp_crt_get_pk_algorithm(gnutls_openpgp_crt_t key,
+				    unsigned int *bits) 
+{
+	return GNUTLS_PK_UNKNOWN;
+}
+
+
+int gnutls_openpgp_crt_get_version(gnutls_openpgp_crt_t key) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+time_t gnutls_openpgp_crt_get_creation_time(gnutls_openpgp_crt_t key) 
+{
+	return (time_t)-1;
+}
+
+time_t gnutls_openpgp_crt_get_expiration_time(gnutls_openpgp_crt_t key) 
+{
+	return (time_t)-1;
+}
+
+
+int gnutls_openpgp_crt_get_key_id(gnutls_openpgp_crt_t key,
+				  gnutls_openpgp_keyid_t keyid) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_crt_check_hostname(gnutls_openpgp_crt_t key,
+				      const char *hostname) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_crt_check_hostname2(gnutls_openpgp_crt_t key,
+				      const char *hostname, unsigned int flags) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int
+gnutls_openpgp_crt_check_email(gnutls_openpgp_crt_t key, const char *email, unsigned flags) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_crt_get_revoked_status(gnutls_openpgp_crt_t key) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_crt_get_subkey_count(gnutls_openpgp_crt_t key) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_crt_get_subkey_idx(gnutls_openpgp_crt_t key,
+				      const gnutls_openpgp_keyid_t keyid) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_crt_get_subkey_revoked_status
+    (gnutls_openpgp_crt_t key, unsigned int idx) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+gnutls_pk_algorithm_t
+gnutls_openpgp_crt_get_subkey_pk_algorithm(gnutls_openpgp_crt_t
+					   key,
+					   unsigned int idx,
+					   unsigned int *bits) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+time_t
+    gnutls_openpgp_crt_get_subkey_creation_time
+    (gnutls_openpgp_crt_t key, unsigned int idx) 
+{
+	return (time_t)-1;
+}
+
+time_t
+    gnutls_openpgp_crt_get_subkey_expiration_time
+    (gnutls_openpgp_crt_t key, unsigned int idx) 
+{
+	return (time_t)-1;
+}
+
+int gnutls_openpgp_crt_get_subkey_id(gnutls_openpgp_crt_t key,
+				     unsigned int idx,
+				     gnutls_openpgp_keyid_t keyid) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_crt_get_subkey_usage(gnutls_openpgp_crt_t key,
+					unsigned int idx,
+					unsigned int *key_usage) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_crt_get_subkey_pk_dsa_raw(gnutls_openpgp_crt_t
+					     crt, unsigned int idx,
+					     gnutls_datum_t * p,
+					     gnutls_datum_t * q,
+					     gnutls_datum_t * g,
+					     gnutls_datum_t * y) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_crt_get_subkey_pk_rsa_raw(gnutls_openpgp_crt_t
+					     crt, unsigned int idx,
+					     gnutls_datum_t * m,
+					     gnutls_datum_t * e) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_crt_get_pk_dsa_raw(gnutls_openpgp_crt_t crt,
+				      gnutls_datum_t * p,
+				      gnutls_datum_t * q,
+				      gnutls_datum_t * g,
+				      gnutls_datum_t * y) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_crt_get_pk_rsa_raw(gnutls_openpgp_crt_t crt,
+				      gnutls_datum_t * m,
+				      gnutls_datum_t * e) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_crt_get_preferred_key_id(gnutls_openpgp_crt_t
+					    key,
+					    gnutls_openpgp_keyid_t keyid) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int
+gnutls_openpgp_crt_set_preferred_key_id(gnutls_openpgp_crt_t key,
+					const
+					gnutls_openpgp_keyid_t keyid) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+/* privkey stuff.
+ */
+int gnutls_openpgp_privkey_init(gnutls_openpgp_privkey_t * key) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+void gnutls_openpgp_privkey_deinit(gnutls_openpgp_privkey_t key)
+{
+	return;
+}
+
+gnutls_pk_algorithm_t
+    gnutls_openpgp_privkey_get_pk_algorithm
+    (gnutls_openpgp_privkey_t key, unsigned int *bits)
+{
+	return GNUTLS_PK_UNKNOWN;
+}
+
+gnutls_sec_param_t
+gnutls_openpgp_privkey_sec_param(gnutls_openpgp_privkey_t key) 
+{
+	return 0;
+}
+
+int gnutls_openpgp_privkey_import(gnutls_openpgp_privkey_t key,
+				  const gnutls_datum_t * data,
+				  gnutls_openpgp_crt_fmt_t format,
+				  const char *password,
+				  unsigned int flags) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_privkey_get_fingerprint(gnutls_openpgp_privkey_t
+					   key, void *fpr,
+					   size_t * fprlen) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_privkey_get_subkey_fingerprint
+    (gnutls_openpgp_privkey_t key, unsigned int idx, void *fpr,
+     size_t * fprlen) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_privkey_get_key_id(gnutls_openpgp_privkey_t key,
+				      gnutls_openpgp_keyid_t keyid) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_privkey_get_subkey_count(gnutls_openpgp_privkey_t key) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_privkey_get_subkey_idx(gnutls_openpgp_privkey_t
+					  key,
+					  const
+					  gnutls_openpgp_keyid_t keyid) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_privkey_get_subkey_revoked_status
+    (gnutls_openpgp_privkey_t key, unsigned int idx) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_privkey_get_revoked_status
+    (gnutls_openpgp_privkey_t key) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+gnutls_pk_algorithm_t
+    gnutls_openpgp_privkey_get_subkey_pk_algorithm
+    (gnutls_openpgp_privkey_t key, unsigned int idx, unsigned int *bits) 
+{
+	return GNUTLS_PK_UNKNOWN;
+}
+
+
+time_t
+    gnutls_openpgp_privkey_get_subkey_expiration_time
+    (gnutls_openpgp_privkey_t key, unsigned int idx)
+{
+	return (time_t)-1;
+}
+
+int gnutls_openpgp_privkey_get_subkey_id(gnutls_openpgp_privkey_t
+					 key, unsigned int idx,
+					 gnutls_openpgp_keyid_t keyid) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+time_t
+    gnutls_openpgp_privkey_get_subkey_creation_time
+    (gnutls_openpgp_privkey_t key, unsigned int idx) 
+{
+	return (time_t)-1;
+}
+
+
+int gnutls_openpgp_privkey_export_subkey_dsa_raw
+    (gnutls_openpgp_privkey_t pkey, unsigned int idx,
+     gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g,
+     gnutls_datum_t * y, gnutls_datum_t * x) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_privkey_export_subkey_rsa_raw
+    (gnutls_openpgp_privkey_t pkey, unsigned int idx,
+     gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * d,
+     gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_privkey_export_dsa_raw(gnutls_openpgp_privkey_t
+					  pkey, gnutls_datum_t * p,
+					  gnutls_datum_t * q,
+					  gnutls_datum_t * g,
+					  gnutls_datum_t * y,
+					  gnutls_datum_t * x) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_privkey_export_rsa_raw(gnutls_openpgp_privkey_t
+					  pkey, gnutls_datum_t * m,
+					  gnutls_datum_t * e,
+					  gnutls_datum_t * d,
+					  gnutls_datum_t * p,
+					  gnutls_datum_t * q,
+					  gnutls_datum_t * u) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_privkey_export(gnutls_openpgp_privkey_t key,
+				  gnutls_openpgp_crt_fmt_t format,
+				  const char *password,
+				  unsigned int flags,
+				  void *output_data,
+				  size_t * output_data_size) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_privkey_export2(gnutls_openpgp_privkey_t key,
+				   gnutls_openpgp_crt_fmt_t format,
+				   const char *password,
+				   unsigned int flags,
+				   gnutls_datum_t * out) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_privkey_set_preferred_key_id
+    (gnutls_openpgp_privkey_t key, const gnutls_openpgp_keyid_t keyid) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_openpgp_privkey_get_preferred_key_id
+    (gnutls_openpgp_privkey_t key, gnutls_openpgp_keyid_t keyid) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_crt_get_auth_subkey(gnutls_openpgp_crt_t crt,
+				       gnutls_openpgp_keyid_t
+				       keyid, unsigned int flag) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+/* Keyring stuff.
+ */
+
+int gnutls_openpgp_keyring_init(gnutls_openpgp_keyring_t * keyring) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+void gnutls_openpgp_keyring_deinit(gnutls_openpgp_keyring_t keyring)
+{
+	return;
+}
+
+int gnutls_openpgp_keyring_import(gnutls_openpgp_keyring_t keyring,
+				  const gnutls_datum_t * data,
+				  gnutls_openpgp_crt_fmt_t format) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_keyring_check_id(gnutls_openpgp_keyring_t ring,
+				    const gnutls_openpgp_keyid_t
+				    keyid, unsigned int flags) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+
+int gnutls_openpgp_crt_verify_ring(gnutls_openpgp_crt_t key,
+				   gnutls_openpgp_keyring_t
+				   keyring, unsigned int flags,
+				   unsigned int *verify
+				   /* the output of the verification */
+    ) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_crt_verify_self(gnutls_openpgp_crt_t key,
+				   unsigned int flags,
+				   unsigned int *verify) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_keyring_get_crt(gnutls_openpgp_keyring_t ring,
+				   unsigned int idx,
+				   gnutls_openpgp_crt_t * cert) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_openpgp_keyring_get_crt_count(gnutls_openpgp_keyring_t ring) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+
+
+void
+gnutls_openpgp_set_recv_key_function(gnutls_session_t session,
+				     gnutls_openpgp_recv_key_func func)
+{
+	return;
+}
+
+int gnutls_certificate_set_openpgp_key
+    (gnutls_certificate_credentials_t res,
+     gnutls_openpgp_crt_t crt, gnutls_openpgp_privkey_t pkey) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int
+gnutls_certificate_get_openpgp_key(gnutls_certificate_credentials_t res,
+                                   unsigned index,
+                                   gnutls_openpgp_privkey_t *key) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int
+gnutls_certificate_get_openpgp_crt(gnutls_certificate_credentials_t res,
+                                   unsigned index,
+                                   gnutls_openpgp_crt_t **crt_list,
+                                   unsigned *crt_list_size) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int
+ gnutls_certificate_set_openpgp_key_file
+    (gnutls_certificate_credentials_t res, const char *certfile,
+     const char *keyfile, gnutls_openpgp_crt_fmt_t format) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_certificate_set_openpgp_key_mem
+    (gnutls_certificate_credentials_t res,
+     const gnutls_datum_t * cert, const gnutls_datum_t * key,
+     gnutls_openpgp_crt_fmt_t format) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int
+ gnutls_certificate_set_openpgp_key_file2
+    (gnutls_certificate_credentials_t res, const char *certfile,
+     const char *keyfile, const char *subkey_id,
+     gnutls_openpgp_crt_fmt_t format) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int
+ gnutls_certificate_set_openpgp_key_mem2
+    (gnutls_certificate_credentials_t res,
+     const gnutls_datum_t * cert, const gnutls_datum_t * key,
+     const char *subkey_id, gnutls_openpgp_crt_fmt_t format) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_certificate_set_openpgp_keyring_mem
+    (gnutls_certificate_credentials_t c, const unsigned char *data,
+     size_t dlen, gnutls_openpgp_crt_fmt_t format) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+
+int gnutls_certificate_set_openpgp_keyring_file
+    (gnutls_certificate_credentials_t c, const char *file,
+     gnutls_openpgp_crt_fmt_t format) 
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+/**
+ * gnutls_pubkey_import_openpgp:
+ * @key: The public key
+ * @crt: The certificate to be imported
+ * @flags: should be zero
+ *
+ * This function is no-op.
+ *
+ * Returns: %GNUTLS_E_UNIMPLEMENTED_FEATURE.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_pubkey_import_openpgp(gnutls_pubkey_t key,
+				 gnutls_openpgp_crt_t crt,
+				 unsigned int flags)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+/**
+ * gnutls_pubkey_import_openpgp_raw:
+ * @pkey: The public key
+ * @data: The public key data to be imported
+ * @format: The format of the public key
+ * @keyid: The key id to use (optional)
+ * @flags: Should be zero
+ *
+ * This function is no-op.
+ *
+ * Returns: %GNUTLS_E_UNIMPLEMENTED_FEATURE.
+ *
+ * Since: 3.1.3
+ **/
+int gnutls_pubkey_import_openpgp_raw(gnutls_pubkey_t pkey,
+				     const gnutls_datum_t * data,
+				     gnutls_openpgp_crt_fmt_t
+				     format,
+				     const gnutls_openpgp_keyid_t
+				     keyid, unsigned int flags)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+/**
+ * gnutls_pubkey_get_key_id:
+ * @key: Holds the public key
+ * @flags: should be one of the flags from %gnutls_keyid_flags_t
+ * @output_data: will contain the key ID
+ * @output_data_size: holds the size of output_data (and will be
+ *   replaced by the actual size of parameters)
+ * @subkey: ignored
+ *
+ * This function is no-op.
+ *
+ * Returns: %GNUTLS_E_UNIMPLEMENTED_FEATURE.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pubkey_get_openpgp_key_id(gnutls_pubkey_t key,
+				 unsigned int flags,
+				 unsigned char *output_data,
+				 size_t * output_data_size,
+				 unsigned int *subkey)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+/**
+ * gnutls_privkey_import_openpgp:
+ * @pkey: The private key
+ * @key: The private key to be imported
+ * @flags: Flags for the import
+ *
+ * This function is no-op.
+ *
+ * Returns: %GNUTLS_E_UNIMPLEMENTED_FEATURE.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_privkey_import_openpgp(gnutls_privkey_t pkey,
+				  gnutls_openpgp_privkey_t key,
+				  unsigned int flags)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+/**
+ * gnutls_privkey_export_openpgp:
+ * @pkey: The private key
+ * @key: Location for the key to be exported.
+ *
+ * This function is no-op.
+ *
+ * Returns: %GNUTLS_E_UNIMPLEMENTED_FEATURE.
+ *
+ * Since: 3.4.0
+ */
+int gnutls_privkey_export_openpgp(gnutls_privkey_t pkey,
+                                  gnutls_openpgp_privkey_t * key)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+/**
+ * gnutls_privkey_import_openpgp_raw:
+ * @pkey: The private key
+ * @data: The private key data to be imported
+ * @format: The format of the private key
+ * @keyid: The key id to use (optional)
+ * @password: A password (optional)
+ *
+ * This function is no-op.
+ *
+ * Returns: %GNUTLS_E_UNIMPLEMENTED_FEATURE.
+ *
+ * Since: 3.1.0
+ **/
+int gnutls_privkey_import_openpgp_raw(gnutls_privkey_t pkey,
+				      const gnutls_datum_t * data,
+				      gnutls_openpgp_crt_fmt_t
+				      format,
+				      const gnutls_openpgp_keyid_t
+				      keyid, const char *password)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+/**
+ * gnutls_pcert_import_openpgp_raw:
+ * @pcert: The pcert structure
+ * @cert: The raw certificate to be imported
+ * @format: The format of the certificate
+ * @keyid: The key ID to use (NULL for the master key)
+ * @flags: zero for now
+ *
+ * This function is no-op.
+ *
+ * Returns: %GNUTLS_E_UNIMPLEMENTED_FEATURE.
+ *
+ * Since: 3.0
+ **/
+int gnutls_pcert_import_openpgp_raw(gnutls_pcert_st * pcert,
+				    const gnutls_datum_t * cert,
+				    gnutls_openpgp_crt_fmt_t
+				    format,
+				    gnutls_openpgp_keyid_t keyid,
+				    unsigned int flags)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+/**
+ * gnutls_pcert_import_openpgp:
+ * @pcert: The pcert structure
+ * @crt: The raw certificate to be imported
+ * @flags: zero for now
+ *
+ * This function is no-op.
+ *
+ * Returns: %GNUTLS_E_UNIMPLEMENTED_FEATURE.
+ *
+ * Since: 3.0
+ **/
+int gnutls_pcert_import_openpgp(gnutls_pcert_st * pcert,
+				gnutls_openpgp_crt_t crt,
+				unsigned int flags)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+/**
+ * gnutls_pcert_export_x509:
+ * @pcert: The pcert structure.
+ * @crt: An initialized #gnutls_openpgp_crt_t.
+ *
+ * This function is no-op.
+ *
+ * Returns: %GNUTLS_E_UNIMPLEMENTED_FEATURE.
+ *
+ * Since: 3.4.0
+ */
+int gnutls_pcert_export_openpgp(gnutls_pcert_st * pcert,
+                                gnutls_openpgp_crt_t * crt)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+/**
+ * gnutls_openpgp_privkey_sign_hash:
+ * @session: is a gnutls session
+ * @status: is ignored
+ *
+ * This function is no-op.
+ *
+ * Returns: %GNUTLS_E_UNIMPLEMENTED_FEATURE.
+ */
+void
+gnutls_openpgp_send_cert(gnutls_session_t session,
+			 gnutls_openpgp_crt_status_t status)
+{
+	return;
+}
+
+/**
+ * gnutls_certificate_get_peers_subkey_id:
+ * @session: is a gnutls session
+ * @id: will contain the ID
+ *
+ * This function is no-op.
+ *
+ * Returns: %GNUTLS_E_UNIMPLEMENTED_FEATURE.
+ *
+ * Since: 3.1.3
+ **/
+int gnutls_certificate_get_peers_subkey_id(gnutls_session_t session,
+					   gnutls_datum_t * id)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+/**
+ * gnutls_openpgp_privkey_sign_hash:
+ * @key: Holds the key
+ * @hash: holds the data to be signed
+ * @signature: will contain newly allocated signature
+ *
+ * This function is no-op.
+ *
+ * Returns: %GNUTLS_E_UNIMPLEMENTED_FEATURE.
+ */
+int
+gnutls_openpgp_privkey_sign_hash(gnutls_openpgp_privkey_t key,
+				 const gnutls_datum_t * hash,
+				 gnutls_datum_t * signature)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
diff --git a/lib/pcert.c b/lib/pcert.c
new file mode 100644
index 0000000..e5057ae
--- /dev/null
+++ b/lib/pcert.c
@@ -0,0 +1,565 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <auth/cert.h>
+#include <x509/common.h>
+#include <x509.h>
+#include "x509/x509_int.h"
+#include <gnutls/x509.h>
+#include "x509_b64.h"
+
+/**
+ * gnutls_pcert_import_x509:
+ * @pcert: The pcert structure
+ * @crt: The certificate to be imported
+ * @flags: zero for now
+ *
+ * This convenience function will import the given certificate to a
+ * #gnutls_pcert_st structure. The structure must be deinitialized
+ * afterwards using gnutls_pcert_deinit();
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int gnutls_pcert_import_x509(gnutls_pcert_st * pcert,
+			     gnutls_x509_crt_t crt, unsigned int flags)
+{
+	int ret;
+
+	memset(pcert, 0, sizeof(*pcert));
+
+	pcert->type = GNUTLS_CRT_X509;
+	pcert->cert.data = NULL;
+
+	ret =
+	    gnutls_x509_crt_export2(crt, GNUTLS_X509_FMT_DER,
+				    &pcert->cert);
+	if (ret < 0) {
+		ret = gnutls_assert_val(ret);
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_init(&pcert->pubkey);
+	if (ret < 0) {
+		ret = gnutls_assert_val(ret);
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_import_x509(pcert->pubkey, crt, 0);
+	if (ret < 0) {
+		gnutls_pubkey_deinit(pcert->pubkey);
+		pcert->pubkey = NULL;
+		ret = gnutls_assert_val(ret);
+		goto cleanup;
+	}
+
+	return 0;
+
+      cleanup:
+	_gnutls_free_datum(&pcert->cert);
+
+	return ret;
+}
+
+/**
+ * gnutls_pcert_import_x509_list:
+ * @pcert_list: The structures to store the certificates; must not contain initialized #gnutls_pcert_st structures.
+ * @crt: The certificates to be imported
+ * @ncrt: The number of certificates in @crt; will be updated if necessary
+ * @flags: zero or %GNUTLS_X509_CRT_LIST_SORT
+ *
+ * This convenience function will import the given certificates to an
+ * already allocated set of #gnutls_pcert_st structures. The structures must
+ * be deinitialized afterwards using gnutls_pcert_deinit(). @pcert_list
+ * should contain space for at least @ncrt elements.
+ *
+ * In the case %GNUTLS_X509_CRT_LIST_SORT is specified and that
+ * function cannot sort the list, %GNUTLS_E_CERTIFICATE_LIST_UNSORTED
+ * will be returned. Currently sorting can fail if the list size
+ * exceeds an internal constraint (16).
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int gnutls_pcert_import_x509_list(gnutls_pcert_st * pcert_list,
+				  gnutls_x509_crt_t *crt, unsigned *ncrt,
+				  unsigned int flags)
+{
+	int ret;
+	unsigned i;
+	unsigned current = 0;
+	gnutls_x509_crt_t sorted[DEFAULT_MAX_VERIFY_DEPTH];
+	gnutls_x509_crt_t *s;
+
+	s = crt;
+
+	if (flags & GNUTLS_X509_CRT_LIST_SORT && *ncrt > 1) {
+		if (*ncrt > DEFAULT_MAX_VERIFY_DEPTH) {
+			ret = _gnutls_check_if_sorted(s, *ncrt);
+			if (ret < 0) {
+				gnutls_assert();
+				return GNUTLS_E_CERTIFICATE_LIST_UNSORTED;
+			}
+		} else {
+			for (i = 0; i < *ncrt; i++) {
+				sorted[i] = s[i];
+			}
+			s = sorted;
+			*ncrt = _gnutls_sort_clist(s, *ncrt);
+		}
+	}
+
+	for (i=0;i<*ncrt;i++) {
+		ret = gnutls_pcert_import_x509(&pcert_list[i], s[i], 0);
+		if (ret < 0) {
+			current = i;
+			goto cleanup;
+		}
+	}
+
+	return 0;
+
+ cleanup:
+	for (i=0;i<current;i++) {
+		gnutls_pcert_deinit(&pcert_list[i]);
+	}
+	return ret;
+
+}
+
+/**
+ * gnutls_pcert_list_import_x509_raw:
+ * @pcert_list: The structures to store the certificates; must not contain initialized #gnutls_pcert_st structures.
+ * @pcert_list_size: Initially must hold the maximum number of certs. It will be updated with the number of certs available.
+ * @data: The certificates.
+ * @format: One of DER or PEM.
+ * @flags: must be (0) or an OR'd sequence of gnutls_certificate_import_flags.
+ *
+ * This function will import the provided DER or PEM encoded certificates to an
+ * already allocated set of #gnutls_pcert_st structures. The structures must
+ * be deinitialized afterwards using gnutls_pcert_deinit(). @pcert_list
+ * should contain space for at least @pcert_list_size elements.
+ *
+ * If the Certificate is PEM encoded it should have a header of "X509
+ * CERTIFICATE", or "CERTIFICATE".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value; if the @pcert list doesn't have enough space
+ *   %GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_pcert_list_import_x509_raw(gnutls_pcert_st *pcert_list,
+				  unsigned int *pcert_list_size,
+				  const gnutls_datum_t *data,
+				  gnutls_x509_crt_fmt_t format,
+				  unsigned int flags)
+{
+	int ret;
+	unsigned int i = 0, j;
+	gnutls_x509_crt_t *crt;
+
+	crt = _gnutls_reallocarray(NULL, *pcert_list_size,
+				   sizeof(gnutls_x509_crt_t));
+
+	if (crt == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	ret =
+	    gnutls_x509_crt_list_import(crt, pcert_list_size, data, format,
+					flags);
+	if (ret < 0) {
+		ret = gnutls_assert_val(ret);
+		goto cleanup_crt;
+	}
+
+	for (i = 0; i < *pcert_list_size; i++) {
+		ret = gnutls_pcert_import_x509(&pcert_list[i], crt[i], flags);
+		if (ret < 0) {
+			ret = gnutls_assert_val(ret);
+			goto cleanup_pcert;
+		}
+	}
+
+	ret = 0;
+	goto cleanup;
+
+ cleanup_pcert:
+	for (j = 0; j < i; j++)
+		gnutls_pcert_deinit(&pcert_list[j]);
+
+ cleanup:
+	for (i = 0; i < *pcert_list_size; i++)
+		gnutls_x509_crt_deinit(crt[i]);
+
+ cleanup_crt:
+	gnutls_free(crt);
+	return ret;
+
+}
+
+/**
+ * gnutls_pcert_list_import_x509_url:
+ * @pcert_list: The structures to store the certificates; must not contain initialized #gnutls_pcert_st structures.
+ * @pcert_list_size: Initially must hold the maximum number of certs. It will be updated with the number of certs available.
+ * @file: A file or supported URI with the certificates to load
+ * @format: %GNUTLS_X509_FMT_DER or %GNUTLS_X509_FMT_PEM if a file is given
+ * @pin_fn: a PIN callback if not globally set
+ * @pin_fn_userdata: parameter for the PIN callback
+ * @flags: zero or flags from %gnutls_certificate_import_flags
+ *
+ * This convenience function will import a certificate chain from the given
+ * file or supported URI to #gnutls_pcert_st structures. The structures
+ * must be deinitialized afterwards using gnutls_pcert_deinit().
+ *
+ * This function will always return a sorted certificate chain.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value; if the @pcert list doesn't have enough space
+ *   %GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.
+ *
+ * Since: 3.6.3
+ **/
+int gnutls_pcert_list_import_x509_file(gnutls_pcert_st *pcert_list,
+				       unsigned *pcert_list_size,
+				       const char *file,
+				       gnutls_x509_crt_fmt_t format,
+				       gnutls_pin_callback_t pin_fn,
+				       void *pin_fn_userdata,
+				       unsigned int flags)
+{
+	int ret, ret2;
+	unsigned i;
+	gnutls_x509_crt_t *crts = NULL;
+	unsigned crts_size = 0;
+	gnutls_datum_t data = {NULL, 0};
+
+	if (gnutls_url_is_supported(file) != 0) {
+		ret = gnutls_x509_crt_list_import_url(&crts, &crts_size, file, pin_fn, pin_fn_userdata, 0);
+		if (ret < 0) {
+			ret2 = gnutls_x509_crt_list_import_url(&crts, &crts_size, file, pin_fn, pin_fn_userdata, GNUTLS_PKCS11_OBJ_FLAG_LOGIN);
+			if (ret2 >= 0) ret = ret2;
+		}
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+	} else { /* file */
+		ret = gnutls_load_file(file, &data);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = gnutls_x509_crt_list_import2(&crts, &crts_size, &data, format, flags|GNUTLS_X509_CRT_LIST_SORT);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	if (crts_size > *pcert_list_size) {
+		gnutls_assert();
+		ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
+		goto cleanup;
+	}
+
+	ret = gnutls_pcert_import_x509_list(pcert_list, crts, &crts_size, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	*pcert_list_size = crts_size;
+
+	ret = 0;
+cleanup:
+	for (i=0;i<crts_size;i++)
+		gnutls_x509_crt_deinit(crts[i]);
+	gnutls_free(crts);
+	gnutls_free(data.data);
+	return ret;
+}
+
+
+/**
+ * gnutls_pcert_import_x509_raw:
+ * @pcert: The pcert structure
+ * @cert: The raw certificate to be imported
+ * @format: The format of the certificate
+ * @flags: zero for now
+ *
+ * This convenience function will import the given certificate to a
+ * #gnutls_pcert_st structure. The structure must be deinitialized
+ * afterwards using gnutls_pcert_deinit();
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int gnutls_pcert_import_x509_raw(gnutls_pcert_st * pcert,
+				 const gnutls_datum_t * cert,
+				 gnutls_x509_crt_fmt_t format,
+				 unsigned int flags)
+{
+	int ret;
+	gnutls_x509_crt_t crt;
+
+	memset(pcert, 0, sizeof(*pcert));
+
+	ret = gnutls_x509_crt_init(&crt);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_x509_crt_import(crt, cert, format);
+	if (ret < 0) {
+		ret = gnutls_assert_val(ret);
+		goto cleanup;
+	}
+
+	ret = gnutls_pcert_import_x509(pcert, crt, flags);
+	if (ret < 0) {
+		ret = gnutls_assert_val(ret);
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	gnutls_x509_crt_deinit(crt);
+
+	return ret;
+}
+
+/**
+ * gnutls_pcert_import_rawpk:
+ * @pcert: The pcert structure to import the data into.
+ * @pubkey: The raw public-key in #gnutls_pubkey_t format to be imported
+ * @flags: zero for now
+ *
+ * This convenience function will import (i.e. convert) the given raw
+ * public key @pubkey into a #gnutls_pcert_st structure. The structure
+ * must be deinitialized afterwards using gnutls_pcert_deinit(). The
+ * given @pubkey must not be deinitialized because it will be associated
+ * with the given @pcert structure and will be deinitialized with it.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.6
+ **/
+int gnutls_pcert_import_rawpk(gnutls_pcert_st* pcert,
+			     gnutls_pubkey_t pubkey, unsigned int flags)
+{
+	int ret;
+
+	if (pubkey == NULL) {
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+	}
+
+	memset(pcert, 0, sizeof(*pcert));
+
+	/* A pcert struct holds a raw copy of the certificate data.
+	 * Therefore we convert our gnutls_pubkey_t to its raw DER
+	 * representation and copy it into our pcert. It is this raw data
+	 * that will be transferred to the peer via a Certificate msg.
+	 * According to the spec (RFC7250) a DER representation must be used.
+	 */
+	ret = gnutls_pubkey_export2(pubkey, GNUTLS_X509_FMT_DER, &pcert->cert);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	pcert->pubkey = pubkey;
+
+	pcert->type = GNUTLS_CRT_RAWPK;
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_pcert_import_rawpk_raw:
+ * @pcert: The pcert structure to import the data into.
+ * @rawpubkey: The raw public-key in #gnutls_datum_t format to be imported.
+ * @format: The format of the raw public-key. DER or PEM.
+ * @key_usage: An ORed sequence of %GNUTLS_KEY_* flags.
+ * @flags: zero for now
+ *
+ * This convenience function will import (i.e. convert) the given raw
+ * public key @rawpubkey into a #gnutls_pcert_st structure. The structure
+ * must be deinitialized afterwards using gnutls_pcert_deinit().
+ * Note that the caller is responsible for freeing @rawpubkey. All necessary
+ * values will be copied into @pcert.
+ *
+ * Key usage (as defined by X.509 extension (2.5.29.15)) can be explicitly
+ * set because there is no certificate structure around the key to define
+ * this value. See for more info gnutls_x509_crt_get_key_usage().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.6
+ **/
+int gnutls_pcert_import_rawpk_raw(gnutls_pcert_st* pcert,
+				    const gnutls_datum_t* rawpubkey,
+				    gnutls_x509_crt_fmt_t format,
+				    unsigned int key_usage, unsigned int flags)
+{
+	int ret;
+
+	if (rawpubkey == NULL) {
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+	}
+
+	memset(pcert, 0, sizeof(*pcert));
+
+	ret = gnutls_pubkey_init(&pcert->pubkey);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	// Convert our raw public-key to a gnutls_pubkey_t structure
+	ret = gnutls_pubkey_import(pcert->pubkey, rawpubkey, format);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	pcert->pubkey->key_usage = key_usage;
+
+	/* A pcert struct holds a raw copy of the certificate data.
+	 * It is this raw data that will be transferred to the peer via a
+	 * Certificate message. According to the spec (RFC7250) a DER
+	 * representation must be used. Therefore we check the format and
+	 * convert if necessary.
+	 */
+	if (format == GNUTLS_X509_FMT_PEM) {
+		ret = _gnutls_fbase64_decode(PEM_PK,
+					rawpubkey->data, rawpubkey->size,
+					&pcert->cert);
+
+		if (ret < 0) {
+			gnutls_pubkey_deinit(pcert->pubkey);
+
+			return gnutls_assert_val(ret);
+		}
+	} else {
+		// Directly copy the raw DER data to our pcert
+		ret = _gnutls_set_datum(&pcert->cert, rawpubkey->data, rawpubkey->size);
+
+		if (ret < 0) {
+			gnutls_pubkey_deinit(pcert->pubkey);
+
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	pcert->type = GNUTLS_CRT_RAWPK;
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_pcert_export_x509:
+ * @pcert: The pcert structure.
+ * @crt: An initialized #gnutls_x509_crt_t.
+ *
+ * Converts the given #gnutls_pcert_t type into a #gnutls_x509_crt_t.
+ * This function only works if the type of @pcert is %GNUTLS_CRT_X509.
+ * When successful, the value written to @crt must be freed with
+ * gnutls_x509_crt_deinit() when no longer needed.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ * negative error value.
+ *
+ * Since: 3.4.0
+ */
+int gnutls_pcert_export_x509(gnutls_pcert_st * pcert,
+			     gnutls_x509_crt_t * crt)
+{
+	int ret;
+
+	if (pcert->type != GNUTLS_CRT_X509) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_x509_crt_init(crt);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_x509_crt_import(*crt, &pcert->cert, GNUTLS_X509_FMT_DER);
+	if (ret < 0) {
+		gnutls_x509_crt_deinit(*crt);
+		*crt = NULL;
+
+		return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pcert_deinit:
+ * @pcert: The structure to be deinitialized
+ *
+ * This function will deinitialize a pcert structure.
+ *
+ * Since: 3.0
+ **/
+void gnutls_pcert_deinit(gnutls_pcert_st * pcert)
+{
+	if (pcert->pubkey)
+		gnutls_pubkey_deinit(pcert->pubkey);
+	pcert->pubkey = NULL;
+	_gnutls_free_datum(&pcert->cert);
+}
+
+/* Converts the first certificate for the cert_auth_info structure
+ * to a pcert.
+ */
+int
+_gnutls_get_auth_info_pcert(gnutls_pcert_st * pcert,
+			    gnutls_certificate_type_t type,
+			    cert_auth_info_t info)
+{
+	switch (type) {
+		case GNUTLS_CRT_X509:
+			return gnutls_pcert_import_x509_raw(pcert,
+							&info->raw_certificate_list[0],
+							GNUTLS_X509_FMT_DER,
+							0);
+		case GNUTLS_CRT_RAWPK:
+			return gnutls_pcert_import_rawpk_raw(pcert,
+							&info->raw_certificate_list[0],
+							GNUTLS_X509_FMT_DER,
+							0, 0);
+		default:
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+}
diff --git a/lib/pin.c b/lib/pin.c
new file mode 100644
index 0000000..2c6f06e
--- /dev/null
+++ b/lib/pin.c
@@ -0,0 +1,88 @@
+/*
+ * GnuTLS PIN support for PKCS#11 or TPM
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * 
+ * Authors: Nikos Mavrogiannopoulos
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/pkcs11.h>
+#include <pin.h>
+#include "errors.h"
+
+gnutls_pin_callback_t _gnutls_pin_func;
+void *_gnutls_pin_data;
+
+/**
+ * gnutls_pkcs11_set_pin_function:
+ * @fn: The PIN callback, a gnutls_pin_callback_t() function.
+ * @userdata: data to be supplied to callback
+ *
+ * This function will set a callback function to be used when a PIN is
+ * required for PKCS 11 operations.  See
+ * gnutls_pin_callback_t() on how the callback should behave.
+ *
+ * Since: 2.12.0
+ **/
+void
+gnutls_pkcs11_set_pin_function(gnutls_pin_callback_t fn, void *userdata)
+{
+	_gnutls_pin_func = fn;
+	_gnutls_pin_data = userdata;
+}
+
+/**
+ * gnutls_pkcs11_get_pin_function:
+ * @userdata: data to be supplied to callback
+ *
+ * This function will return the callback function set using
+ * gnutls_pkcs11_set_pin_function().
+ *
+ * Returns: The function set or NULL otherwise.
+ * 
+ * Since: 3.1.0
+ **/
+gnutls_pin_callback_t gnutls_pkcs11_get_pin_function(void **userdata)
+{
+	if (_gnutls_pin_func != NULL) {
+		*userdata = _gnutls_pin_data;
+		return _gnutls_pin_func;
+	}
+	return NULL;
+}
+
+int
+_gnutls_retrieve_pin(struct pin_info_st *pin_info, const char *url, const char *label,
+		     unsigned flags,
+		     char *pin, unsigned pin_size)
+{
+	int ret;
+
+	if (pin_info && pin_info->cb)
+		ret =
+		    pin_info->cb(pin_info->data, 0,
+				 (char *) url, label, flags,
+				 pin, pin_size);
+	else if (_gnutls_pin_func)
+		ret =
+		    _gnutls_pin_func(_gnutls_pin_data, 0,
+				     (char *) url, label, flags,
+				     pin, pin_size);
+	else
+		ret = gnutls_assert_val(GNUTLS_E_PKCS11_PIN_ERROR);
+
+	return ret;
+}
diff --git a/lib/pin.h b/lib/pin.h
new file mode 100644
index 0000000..a21b185
--- /dev/null
+++ b/lib/pin.h
@@ -0,0 +1,11 @@
+#ifndef GNUTLS_LIB_PIN_H
+#define GNUTLS_LIB_PIN_H
+
+extern gnutls_pin_callback_t _gnutls_pin_func;
+extern void *_gnutls_pin_data;
+
+int
+_gnutls_retrieve_pin(struct pin_info_st *pin_info, const char *url, const char *label,
+		     unsigned pin_flags, char *pin, unsigned pin_size);
+
+#endif /* GNUTLS_LIB_PIN_H */
diff --git a/lib/pk.c b/lib/pk.c
new file mode 100644
index 0000000..c5600a3
--- /dev/null
+++ b/lib/pk.c
@@ -0,0 +1,1243 @@
+/*
+ * Copyright (C) 2001-2014 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the functions needed for RSA/DSA public key
+ * encryption and signatures. 
+ */
+
+#include "gnutls_int.h"
+#include <mpi.h>
+#include <pk.h>
+#include "errors.h"
+#include <datum.h>
+#include <global.h>
+#include <num.h>
+#include "debug.h"
+#include <x509/x509_int.h>
+#include <x509/common.h>
+#include <random.h>
+#include <gnutls/crypto.h>
+
+/**
+ * gnutls_encode_rs_value:
+ * @sig_value: will hold a Dss-Sig-Value DER encoded structure
+ * @r: must contain the r value
+ * @s: must contain the s value
+ *
+ * This function will encode the provided r and s values, 
+ * into a Dss-Sig-Value structure, used for DSA and ECDSA
+ * signatures.
+ *
+ * The output value should be deallocated using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since: 3.6.0
+ *
+ **/
+int
+gnutls_encode_rs_value(gnutls_datum_t * sig_value,
+			const gnutls_datum_t * r,
+			const gnutls_datum_t * s)
+{
+	return _gnutls_encode_ber_rs_raw(sig_value, r, s);
+}
+
+/* same as gnutls_encode_rs_value(), but kept since it used
+ * to be exported for FIPS140 CAVS testing.
+ */
+int
+_gnutls_encode_ber_rs_raw(gnutls_datum_t * sig_value,
+			  const gnutls_datum_t * r,
+			  const gnutls_datum_t * s)
+{
+	asn1_node sig;
+	int result, ret;
+	uint8_t *tmp = NULL;
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_gnutls_asn(),
+				 "GNUTLS.DSASignatureValue",
+				 &sig)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (s->data[0] >= 0x80 || r->data[0] >= 0x80) {
+		tmp = gnutls_malloc(MAX(r->size, s->size)+1);
+		if (tmp == NULL) {
+			ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+			goto cleanup;
+		}
+	}
+
+	if (r->data[0] >= 0x80) {
+		tmp[0] = 0;
+		memcpy(&tmp[1], r->data, r->size);
+		result = asn1_write_value(sig, "r", tmp, 1+r->size);
+	} else {
+		result = asn1_write_value(sig, "r", r->data, r->size);
+	}
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+
+	if (s->data[0] >= 0x80) {
+		tmp[0] = 0;
+		memcpy(&tmp[1], s->data, s->size);
+		result = asn1_write_value(sig, "s", tmp, 1+s->size);
+	} else {
+		result = asn1_write_value(sig, "s", s->data, s->size);
+	}
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_der_encode(sig, "", sig_value, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_free(tmp);
+	asn1_delete_structure(&sig);
+	return ret;
+}
+
+int
+_gnutls_encode_ber_rs(gnutls_datum_t * sig_value, bigint_t r, bigint_t s)
+{
+	asn1_node sig;
+	int result;
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_gnutls_asn(),
+				 "GNUTLS.DSASignatureValue",
+				 &sig)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _gnutls_x509_write_int(sig, "r", r, 1);
+	if (result < 0) {
+		gnutls_assert();
+		asn1_delete_structure(&sig);
+		return result;
+	}
+
+	result = _gnutls_x509_write_int(sig, "s", s, 1);
+	if (result < 0) {
+		gnutls_assert();
+		asn1_delete_structure(&sig);
+		return result;
+	}
+
+	result = _gnutls_x509_der_encode(sig, "", sig_value, 0);
+	asn1_delete_structure(&sig);
+
+	if (result < 0)
+		return gnutls_assert_val(result);
+
+	return 0;
+}
+
+
+/* decodes the Dss-Sig-Value structure
+ */
+int
+_gnutls_decode_ber_rs(const gnutls_datum_t * sig_value, bigint_t * r,
+		      bigint_t * s)
+{
+	asn1_node sig;
+	int result;
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_gnutls_asn(),
+				 "GNUTLS.DSASignatureValue",
+				 &sig)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* rfc3279 doesn't specify whether Dss-Sig-Value is encoded
+	 * as DER or BER. As such we do not restrict to the DER subset. */
+	result =
+	    asn1_der_decoding(&sig, sig_value->data, sig_value->size,
+			      NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&sig);
+		return _gnutls_asn2err(result);
+	}
+
+	result = _gnutls_x509_read_int(sig, "r", r);
+	if (result < 0) {
+		gnutls_assert();
+		asn1_delete_structure(&sig);
+		return result;
+	}
+
+	result = _gnutls_x509_read_int(sig, "s", s);
+	if (result < 0) {
+		gnutls_assert();
+		_gnutls_mpi_release(r);
+		asn1_delete_structure(&sig);
+		return result;
+	}
+
+	asn1_delete_structure(&sig);
+
+	return 0;
+}
+
+/**
+ * gnutls_decode_rs_value:
+ * @sig_value: holds a Dss-Sig-Value DER or BER encoded structure
+ * @r: will contain the r value
+ * @s: will contain the s value
+ *
+ * This function will decode the provided @sig_value, 
+ * into @r and @s elements. The Dss-Sig-Value is used for DSA and ECDSA
+ * signatures.
+ *
+ * The output values may be padded with a zero byte to prevent them
+ * from being interpreted as negative values. The value
+ * should be deallocated using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since: 3.6.0
+ *
+ **/
+int gnutls_decode_rs_value(const gnutls_datum_t * sig_value, gnutls_datum_t *r,
+			   gnutls_datum_t *s)
+{
+	return _gnutls_decode_ber_rs_raw(sig_value, r, s);
+}
+
+/* same as gnutls_decode_rs_value(), but kept since it used
+ * to be exported for FIPS140 CAVS testing.
+ */
+int
+_gnutls_decode_ber_rs_raw(const gnutls_datum_t * sig_value, gnutls_datum_t *r,
+			  gnutls_datum_t *s)
+{
+	asn1_node sig;
+	int result;
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_gnutls_asn(),
+				 "GNUTLS.DSASignatureValue",
+				 &sig)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* rfc3279 doesn't specify whether Dss-Sig-Value is encoded
+	 * as DER or BER. As such we do not restrict to the DER subset. */
+	result =
+	    asn1_der_decoding(&sig, sig_value->data, sig_value->size,
+			      NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&sig);
+		return _gnutls_asn2err(result);
+	}
+
+	result = _gnutls_x509_read_value(sig, "r", r);
+	if (result < 0) {
+		gnutls_assert();
+		asn1_delete_structure(&sig);
+		return result;
+	}
+
+	result = _gnutls_x509_read_value(sig, "s", s);
+	if (result < 0) {
+		gnutls_assert();
+		gnutls_free(r->data);
+		asn1_delete_structure(&sig);
+		return result;
+	}
+
+	asn1_delete_structure(&sig);
+
+	return 0;
+}
+
+int
+_gnutls_encode_gost_rs(gnutls_datum_t * sig_value, bigint_t r, bigint_t s,
+		       size_t intsize)
+{
+	uint8_t *data;
+	int result;
+
+	data = gnutls_malloc(intsize * 2);
+	if (data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	if ((result = _gnutls_mpi_bprint_size(s, data, intsize)) < 0) {
+		gnutls_assert();
+		gnutls_free(data);
+		return result;
+	}
+
+	if ((result = _gnutls_mpi_bprint_size(r, data + intsize, intsize)) < 0) {
+		gnutls_assert();
+		gnutls_free(data);
+		return result;
+	}
+
+	sig_value->data = data;
+	sig_value->size = intsize * 2;
+
+	return 0;
+}
+
+int
+_gnutls_decode_gost_rs(const gnutls_datum_t * sig_value, bigint_t * r,
+		       bigint_t * s)
+{
+	int ret;
+	unsigned halfsize = sig_value->size >> 1;
+
+	if (sig_value->size % 2 != 0) {
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+	}
+
+	ret = _gnutls_mpi_init_scan(s, sig_value->data, halfsize);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	ret = _gnutls_mpi_init_scan(r, sig_value->data + halfsize, halfsize);
+	if (ret < 0) {
+		_gnutls_mpi_release(s);
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_encode_gost_rs_value:
+ * @sig_value: will hold a GOST signature according to RFC 4491 section 2.2.2
+ * @r: must contain the r value
+ * @s: must contain the s value
+ *
+ * This function will encode the provided r and s values, into binary
+ * representation according to RFC 4491 section 2.2.2, used for GOST R
+ * 34.10-2001 (and thus also for GOST R 34.10-2012) signatures.
+ *
+ * The output value should be deallocated using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since: 3.6.0
+ */
+int gnutls_encode_gost_rs_value(gnutls_datum_t * sig_value, const gnutls_datum_t * r, const gnutls_datum_t  *s)
+{
+	uint8_t *data;
+	size_t intsize = r->size;
+
+	if (s->size != intsize) {
+		gnutls_assert();
+		return GNUTLS_E_ILLEGAL_PARAMETER;
+	}
+
+	data = gnutls_malloc(intsize * 2);
+	if (data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	memcpy(data, s->data, intsize);
+	memcpy(data + intsize, r->data, intsize);
+
+	sig_value->data = data;
+	sig_value->size = intsize * 2;
+
+	return 0;
+}
+
+/**
+ * gnutls_decode_gost_rs_value:
+ * @sig_value: will holds a GOST signature according to RFC 4491 section 2.2.2
+ * @r: will contain the r value
+ * @s: will contain the s value
+ *
+ * This function will decode the provided @sig_value, into @r and @s elements.
+ * See RFC 4491 section 2.2.2 for the format of signature value.
+ *
+ * The output values may be padded with a zero byte to prevent them
+ * from being interpreted as negative values. The value
+ * should be deallocated using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since: 3.6.0
+ */
+int gnutls_decode_gost_rs_value(const gnutls_datum_t * sig_value, gnutls_datum_t * r, gnutls_datum_t * s)
+{
+	int ret;
+	unsigned halfsize = sig_value->size >> 1;
+
+	if (sig_value->size % 2 != 0)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	ret = _gnutls_set_datum(s, sig_value->data, halfsize);
+	if (ret != 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_set_datum(r, sig_value->data + halfsize, halfsize);
+	if (ret != 0) {
+		_gnutls_free_datum(s);
+		return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+gnutls_digest_algorithm_t _gnutls_gost_digest(gnutls_pk_algorithm_t pk)
+{
+	if (pk == GNUTLS_PK_GOST_01)
+		return GNUTLS_DIG_GOSTR_94;
+	else if (pk == GNUTLS_PK_GOST_12_256)
+		return GNUTLS_DIG_STREEBOG_256;
+	else if (pk == GNUTLS_PK_GOST_12_512)
+		return GNUTLS_DIG_STREEBOG_512;
+
+	gnutls_assert();
+
+	return GNUTLS_DIG_UNKNOWN;
+}
+
+gnutls_pk_algorithm_t _gnutls_digest_gost(gnutls_digest_algorithm_t digest)
+{
+	if (digest == GNUTLS_DIG_GOSTR_94)
+		return GNUTLS_PK_GOST_01;
+	else if (digest == GNUTLS_DIG_STREEBOG_256)
+		return GNUTLS_PK_GOST_12_256;
+	else if (digest == GNUTLS_DIG_STREEBOG_512)
+		return GNUTLS_PK_GOST_12_512;
+
+	gnutls_assert();
+
+	return GNUTLS_PK_UNKNOWN;
+}
+
+gnutls_gost_paramset_t _gnutls_gost_paramset_default(gnutls_pk_algorithm_t pk)
+{
+	if (pk == GNUTLS_PK_GOST_01)
+		return GNUTLS_GOST_PARAMSET_CP_A;
+	else if (pk == GNUTLS_PK_GOST_12_256 ||
+		 pk == GNUTLS_PK_GOST_12_512)
+		return GNUTLS_GOST_PARAMSET_TC26_Z;
+	else
+		return gnutls_assert_val(GNUTLS_GOST_PARAMSET_UNKNOWN);
+}
+
+/* some generic pk functions */
+
+int _gnutls_pk_params_copy(gnutls_pk_params_st * dst,
+			   const gnutls_pk_params_st * src)
+{
+	unsigned int i, j;
+	dst->params_nr = 0;
+
+	if (src == NULL || (src->params_nr == 0 && src->raw_pub.size == 0)) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	dst->pkflags = src->pkflags;
+	dst->curve = src->curve;
+	dst->gost_params = src->gost_params;
+	dst->qbits = src->qbits;
+	dst->algo = src->algo;
+
+	for (i = 0; i < src->params_nr; i++) {
+		dst->params[i] = _gnutls_mpi_copy(src->params[i]);
+		if (dst->params[i] == NULL) {
+			goto fail;
+		}
+
+		dst->params_nr++;
+	}
+
+	if (_gnutls_set_datum(&dst->raw_priv, src->raw_priv.data, src->raw_priv.size) < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	if (_gnutls_set_datum(&dst->raw_pub, src->raw_pub.data, src->raw_pub.size) < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	if (src->seed_size) {
+		dst->seed_size = src->seed_size;
+		memcpy(dst->seed, src->seed, src->seed_size);
+	}
+	dst->palgo = src->palgo;
+
+	memcpy(&dst->spki, &src->spki, sizeof(gnutls_x509_spki_st));
+
+	return 0;
+
+fail:
+	for (j = 0; j < i; j++)
+		_gnutls_mpi_release(&dst->params[j]);
+	return GNUTLS_E_MEMORY_ERROR;
+}
+
+void gnutls_pk_params_init(gnutls_pk_params_st * p)
+{
+	memset(p, 0, sizeof(gnutls_pk_params_st));
+}
+
+void gnutls_pk_params_release(gnutls_pk_params_st * p)
+{
+	unsigned int i;
+	for (i = 0; i < p->params_nr; i++) {
+		_gnutls_mpi_release(&p->params[i]);
+	}
+	gnutls_free(p->raw_priv.data);
+	gnutls_free(p->raw_pub.data);
+
+	p->params_nr = 0;
+}
+
+void gnutls_pk_params_clear(gnutls_pk_params_st * p)
+{
+	unsigned int i;
+	for (i = 0; i < p->params_nr; i++) {
+		if (p->params[i] != NULL)
+			_gnutls_mpi_clear(p->params[i]);
+	}
+	gnutls_memset(p->seed, 0, p->seed_size);
+	p->seed_size = 0;
+	if (p->raw_priv.data != NULL) {
+		gnutls_memset(p->raw_priv.data, 0, p->raw_priv.size);
+		p->raw_priv.size = 0;
+	}
+}
+
+int
+_gnutls_find_rsa_pss_salt_size(unsigned bits, const mac_entry_st *me,
+			       unsigned salt_size)
+{
+	unsigned digest_size;
+	int max_salt_size;
+	unsigned key_size;
+
+	digest_size = _gnutls_hash_get_algo_len(me);
+	key_size = (bits + 7) / 8;
+
+	if (key_size == 0) {
+		return gnutls_assert_val(GNUTLS_E_PK_INVALID_PUBKEY);
+	} else {
+		max_salt_size = key_size - digest_size - 2;
+		if (max_salt_size < 0)
+			return gnutls_assert_val(GNUTLS_E_CONSTRAINT_ERROR);
+	}
+
+	if (salt_size < digest_size)
+		salt_size = digest_size;
+
+	if (salt_size > (unsigned)max_salt_size)
+		salt_size = max_salt_size;
+
+	return salt_size;
+}
+
+/* Writes the digest information and the digest in a DER encoded
+ * structure. The digest info is allocated and stored into the info structure.
+ */
+int
+encode_ber_digest_info(const mac_entry_st * e,
+			const gnutls_datum_t * digest,
+			gnutls_datum_t * output)
+{
+	asn1_node dinfo = NULL;
+	int result;
+	const char *algo;
+	uint8_t *tmp_output;
+	int tmp_output_size;
+
+	/* prevent asn1_write_value() treating input as string */
+	if (digest->size == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	algo = _gnutls_x509_mac_to_oid(e);
+	if (algo == NULL) {
+		gnutls_assert();
+		_gnutls_debug_log("Hash algorithm: %d has no OID\n",
+				  e->id);
+		return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
+	}
+
+	if ((result = asn1_create_element(_gnutls_get_gnutls_asn(),
+					  "GNUTLS.DigestInfo",
+					  &dinfo)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result =
+	    asn1_write_value(dinfo, "digestAlgorithm.algorithm", algo, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&dinfo);
+		return _gnutls_asn2err(result);
+	}
+
+	/* Write an ASN.1 NULL in the parameters field.  This matches RFC
+	   3279 and RFC 4055, although is arguable incorrect from a historic
+	   perspective (see those documents for more information).
+	   Regardless of what is correct, this appears to be what most
+	   implementations do.  */
+	result = asn1_write_value(dinfo, "digestAlgorithm.parameters",
+				  ASN1_NULL, ASN1_NULL_SIZE);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&dinfo);
+		return _gnutls_asn2err(result);
+	}
+
+	result =
+	    asn1_write_value(dinfo, "digest", digest->data, digest->size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&dinfo);
+		return _gnutls_asn2err(result);
+	}
+
+	tmp_output_size = 0;
+	result = asn1_der_coding(dinfo, "", NULL, &tmp_output_size, NULL);
+	if (result != ASN1_MEM_ERROR) {
+		gnutls_assert();
+		asn1_delete_structure(&dinfo);
+		return _gnutls_asn2err(result);
+	}
+
+	tmp_output = gnutls_malloc(tmp_output_size);
+	if (tmp_output == NULL) {
+		gnutls_assert();
+		asn1_delete_structure(&dinfo);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	result =
+	    asn1_der_coding(dinfo, "", tmp_output, &tmp_output_size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&dinfo);
+		return _gnutls_asn2err(result);
+	}
+
+	asn1_delete_structure(&dinfo);
+
+	output->size = tmp_output_size;
+	output->data = tmp_output;
+
+	return 0;
+}
+
+/**
+ * gnutls_encode_ber_digest_info:
+ * @info: an RSA BER encoded DigestInfo structure
+ * @hash: the hash algorithm that was used to get the digest
+ * @digest: must contain the digest data
+ * @output: will contain the allocated DigestInfo BER encoded data
+ *
+ * This function will encode the provided digest data, and its
+ * algorithm into an RSA PKCS#1 1.5 DigestInfo structure. 
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since: 3.5.0
+ *
+ **/
+int
+gnutls_encode_ber_digest_info(gnutls_digest_algorithm_t hash,
+			      const gnutls_datum_t * digest,
+			      gnutls_datum_t * output)
+{
+	const mac_entry_st *e = hash_to_entry(hash);
+	if (unlikely(e == NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	return encode_ber_digest_info(e , digest, output);
+}
+
+/**
+ * gnutls_decode_ber_digest_info:
+ * @info: an RSA BER encoded DigestInfo structure
+ * @hash: will contain the hash algorithm of the structure
+ * @digest: will contain the hash output of the structure
+ * @digest_size: will contain the hash size of the structure; initially must hold the maximum size of @digest
+ *
+ * This function will parse an RSA PKCS#1 1.5 DigestInfo structure
+ * and report the hash algorithm used as well as the digest data.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since: 3.5.0
+ *
+ **/
+int
+gnutls_decode_ber_digest_info(const gnutls_datum_t * info,
+		       gnutls_digest_algorithm_t * hash,
+		       unsigned char * digest, unsigned int *digest_size)
+{
+	asn1_node dinfo = NULL;
+	int result;
+	char str[MAX(MAX_OID_SIZE, MAX_HASH_SIZE)];
+	int len;
+
+	if ((result = asn1_create_element(_gnutls_get_gnutls_asn(),
+					  "GNUTLS.DigestInfo",
+					  &dinfo)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* rfc2313 required BER encoding of that field, thus
+	 * we don't restrict libtasn1 to DER subset */
+	result = asn1_der_decoding(&dinfo, info->data, info->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&dinfo);
+		return _gnutls_asn2err(result);
+	}
+
+	len = sizeof(str) - 1;
+	result =
+	    asn1_read_value(dinfo, "digestAlgorithm.algorithm", str, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&dinfo);
+		return _gnutls_asn2err(result);
+	}
+
+	*hash = gnutls_oid_to_digest(str);
+
+	if (*hash == GNUTLS_DIG_UNKNOWN) {
+
+		_gnutls_debug_log("verify.c: HASH OID: %s\n", str);
+
+		gnutls_assert();
+		asn1_delete_structure(&dinfo);
+		return GNUTLS_E_UNKNOWN_HASH_ALGORITHM;
+	}
+
+	len = sizeof(str) - 1;
+	result =
+	    asn1_read_value(dinfo, "digestAlgorithm.parameters", str,
+			    &len);
+	/* To avoid permitting garbage in the parameters field, either the
+	   parameters field is not present, or it contains 0x05 0x00. */
+	if (!(result == ASN1_ELEMENT_NOT_FOUND ||
+	      (result == ASN1_SUCCESS && len == ASN1_NULL_SIZE &&
+	       memcmp(str, ASN1_NULL, ASN1_NULL_SIZE) == 0))) {
+		gnutls_assert();
+		asn1_delete_structure(&dinfo);
+		return GNUTLS_E_ASN1_GENERIC_ERROR;
+	}
+
+	len = *digest_size;
+	result = asn1_read_value(dinfo, "digest", digest, &len);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		*digest_size = len;
+		asn1_delete_structure(&dinfo);
+		return _gnutls_asn2err(result);
+	}
+
+	*digest_size = len;
+	asn1_delete_structure(&dinfo);
+
+	return 0;
+}
+
+int
+_gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params,
+				    gnutls_datum_t * m, gnutls_datum_t * e,
+				    gnutls_datum_t * d, gnutls_datum_t * p,
+				    gnutls_datum_t * q, gnutls_datum_t * u,
+				    gnutls_datum_t * e1,
+				    gnutls_datum_t * e2,
+				    unsigned int flags)
+{
+	int ret;
+	mpi_dprint_func dprint = _gnutls_mpi_dprint_lz;
+
+	if (flags & GNUTLS_EXPORT_FLAG_NO_LZ)
+		dprint = _gnutls_mpi_dprint;
+
+	if (params == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (!GNUTLS_PK_IS_RSA(params->algo)) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (m) {
+		ret = dprint(params->params[0], m);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	}
+
+	/* E */
+	if (e) {
+		ret = dprint(params->params[1], e);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	}
+
+	/* D */
+	if (d && params->params[2]) {
+		ret = dprint(params->params[2], d);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	} else if (d) {
+		d->data = NULL;
+		d->size = 0;
+	}
+
+	/* P */
+	if (p && params->params[3]) {
+		ret = dprint(params->params[3], p);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	} else if (p) {
+		p->data = NULL;
+		p->size = 0;
+	}
+
+	/* Q */
+	if (q && params->params[4]) {
+		ret = dprint(params->params[4], q);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	} else if (q) {
+		q->data = NULL;
+		q->size = 0;
+	}
+
+	/* U */
+	if (u && params->params[5]) {
+		ret = dprint(params->params[5], u);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	} else if (u) {
+		u->data = NULL;
+		u->size = 0;
+	}
+
+	/* E1 */
+	if (e1 && params->params[6]) {
+		ret = dprint(params->params[6], e1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	} else if (e1) {
+		e1->data = NULL;
+		e1->size = 0;
+	}
+
+	/* E2 */
+	if (e2 && params->params[7]) {
+		ret = dprint(params->params[7], e2);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	} else if (e2) {
+		e2->data = NULL;
+		e2->size = 0;
+	}
+
+	return 0;
+
+      error:
+	_gnutls_free_datum(m);
+	_gnutls_free_datum(d);
+	_gnutls_free_datum(e);
+	_gnutls_free_datum(e1);
+	_gnutls_free_datum(e2);
+	_gnutls_free_datum(p);
+	_gnutls_free_datum(q);
+
+	return ret;
+}
+
+int
+_gnutls_params_get_dsa_raw(const gnutls_pk_params_st* params,
+			     gnutls_datum_t * p, gnutls_datum_t * q,
+			     gnutls_datum_t * g, gnutls_datum_t * y,
+			     gnutls_datum_t * x, unsigned int flags)
+{
+	int ret;
+	mpi_dprint_func dprint = _gnutls_mpi_dprint_lz;
+
+	if (flags & GNUTLS_EXPORT_FLAG_NO_LZ)
+		dprint = _gnutls_mpi_dprint;
+
+	if (params == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (params->algo != GNUTLS_PK_DSA) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* P */
+	if (p) {
+		ret = dprint(params->params[0], p);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	/* Q */
+	if (q) {
+		ret = dprint(params->params[1], q);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_free_datum(p);
+			return ret;
+		}
+	}
+
+
+	/* G */
+	if (g) {
+		ret = dprint(params->params[2], g);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_free_datum(p);
+			_gnutls_free_datum(q);
+			return ret;
+		}
+	}
+
+
+	/* Y */
+	if (y) {
+		ret = dprint(params->params[3], y);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_free_datum(p);
+			_gnutls_free_datum(g);
+			_gnutls_free_datum(q);
+			return ret;
+		}
+	}
+
+	/* X */
+	if (x) {
+		ret = dprint(params->params[4], x);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_free_datum(y);
+			_gnutls_free_datum(p);
+			_gnutls_free_datum(g);
+			_gnutls_free_datum(q);
+			return ret;
+		}
+	}
+
+	return 0;
+}
+
+int _gnutls_params_get_ecc_raw(const gnutls_pk_params_st* params,
+				       gnutls_ecc_curve_t * curve,
+				       gnutls_datum_t * x,
+				       gnutls_datum_t * y,
+				       gnutls_datum_t * k,
+				       unsigned int flags)
+{
+	int ret;
+	mpi_dprint_func dprint = _gnutls_mpi_dprint_lz;
+	const gnutls_ecc_curve_entry_st *e;
+
+	if (flags & GNUTLS_EXPORT_FLAG_NO_LZ)
+		dprint = _gnutls_mpi_dprint;
+
+	if (params == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (curve)
+		*curve = params->curve;
+
+	e = _gnutls_ecc_curve_get_params(params->curve);
+
+	if (_curve_is_eddsa(e) || _curve_is_modern_ecdh(e)) {
+		if (x) {
+			ret = _gnutls_set_datum(x, params->raw_pub.data, params->raw_pub.size);
+			if (ret < 0) {
+				return gnutls_assert_val(ret);
+			}
+		}
+
+		if (y) {
+			y->data = NULL;
+			y->size = 0;
+		}
+
+		if (k) {
+			ret = _gnutls_set_datum(k, params->raw_priv.data, params->raw_priv.size);
+			if (ret < 0) {
+				_gnutls_free_datum(x);
+				return gnutls_assert_val(ret);
+			}
+		}
+
+		return 0;
+	}
+
+	if (unlikely(e == NULL || e->pk != GNUTLS_PK_ECDSA))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	/* X */
+	if (x) {
+		ret = dprint(params->params[ECC_X], x);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	/* Y */
+	if (y) {
+		ret = dprint(params->params[ECC_Y], y);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_free_datum(x);
+			return ret;
+		}
+	}
+
+
+	/* K */
+	if (k) {
+		ret = dprint(params->params[ECC_K], k);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_free_datum(x);
+			_gnutls_free_datum(y);
+			return ret;
+		}
+	}
+
+	return 0;
+
+}
+
+int _gnutls_params_get_gost_raw(const gnutls_pk_params_st* params,
+				       gnutls_ecc_curve_t * curve,
+				       gnutls_digest_algorithm_t * digest,
+				       gnutls_gost_paramset_t * paramset,
+				       gnutls_datum_t * x,
+				       gnutls_datum_t * y,
+				       gnutls_datum_t * k,
+				       unsigned int flags)
+{
+	int ret;
+	mpi_dprint_func dprint = _gnutls_mpi_dprint_le;
+
+	if (params == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (curve)
+		*curve = params->curve;
+
+	if (digest)
+		*digest = _gnutls_gost_digest(params->algo);
+
+	if (paramset)
+		*paramset = params->gost_params;
+
+	/* X */
+	if (x) {
+		ret = dprint(params->params[GOST_X], x);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	/* Y */
+	if (y) {
+		ret = dprint(params->params[GOST_Y], y);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_free_datum(x);
+			return ret;
+		}
+	}
+
+
+	/* K */
+	if (k) {
+		ret = dprint(params->params[GOST_K], k);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_free_datum(x);
+			_gnutls_free_datum(y);
+			return ret;
+		}
+	}
+
+	return 0;
+
+}
+
+int
+pk_hash_data(gnutls_pk_algorithm_t pk, const mac_entry_st * hash,
+	     gnutls_pk_params_st * params,
+	     const gnutls_datum_t * data, gnutls_datum_t * digest)
+{
+	int ret;
+
+	digest->size = _gnutls_hash_get_algo_len(hash);
+	digest->data = gnutls_malloc(digest->size);
+	if (digest->data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret =
+	    _gnutls_hash_fast((gnutls_digest_algorithm_t)hash->id, data->data, data->size,
+			      digest->data);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	return 0;
+
+      cleanup:
+	gnutls_free(digest->data);
+	return ret;
+}
+
+
+/* 
+ * This function will do RSA PKCS #1 1.5 encoding
+ * on the given digest. The given digest must be allocated
+ * and will be freed if replacement is required.
+ */
+int
+pk_prepare_hash(gnutls_pk_algorithm_t pk,
+		const mac_entry_st * hash, gnutls_datum_t * digest)
+{
+	int ret;
+	gnutls_datum_t old_digest = { digest->data, digest->size };
+
+	switch (pk) {
+	case GNUTLS_PK_RSA:
+		if (unlikely(hash == NULL))
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		/* Only SHA-2 is allowed in FIPS 140-3 */
+		switch (hash->id) {
+		case GNUTLS_MAC_SHA256:
+		case GNUTLS_MAC_SHA384:
+		case GNUTLS_MAC_SHA512:
+		case GNUTLS_MAC_SHA224:
+			break;
+		default:
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+		}
+
+		/* Encode the digest as a DigestInfo
+		 */
+		if ((ret =
+		     encode_ber_digest_info(hash, &old_digest,
+					    digest)) != 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		_gnutls_free_datum(&old_digest);
+		break;
+	case GNUTLS_PK_RSA_PSS:
+	case GNUTLS_PK_DSA:
+	case GNUTLS_PK_ECDSA:
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_ECDH_X448:
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+	}
+
+	return 0;
+}
diff --git a/lib/pk.h b/lib/pk.h
new file mode 100644
index 0000000..7f3c999
--- /dev/null
+++ b/lib/pk.h
@@ -0,0 +1,135 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_PK_H
+#define GNUTLS_LIB_PK_H
+
+extern int crypto_pk_prio;
+extern gnutls_crypto_pk_st _gnutls_pk_ops;
+
+#define _gnutls_pk_encrypt( algo, ciphertext, plaintext, params) _gnutls_pk_ops.encrypt( algo, ciphertext, plaintext, params)
+#define _gnutls_pk_decrypt( algo, ciphertext, plaintext, params) _gnutls_pk_ops.decrypt( algo, ciphertext, plaintext, params)
+#define _gnutls_pk_decrypt2( algo, ciphertext, plaintext, size, params) _gnutls_pk_ops.decrypt2( algo, ciphertext, plaintext, size, params)
+#define _gnutls_pk_sign( algo, sig, data, params, sign_params) _gnutls_pk_ops.sign( algo, sig, data, params, sign_params)
+#define _gnutls_pk_verify( algo, data, sig, params, sign_params) _gnutls_pk_ops.verify( algo, data, sig, params, sign_params)
+#define _gnutls_pk_verify_priv_params( algo, params) _gnutls_pk_ops.verify_priv_params( algo, params)
+#define _gnutls_pk_verify_pub_params( algo, params) _gnutls_pk_ops.verify_pub_params( algo, params)
+#define _gnutls_pk_derive( algo, out, pub, priv) _gnutls_pk_ops.derive( algo, out, pub, priv, NULL, 0)
+#define _gnutls_pk_derive_nonce( algo, out, pub, priv, nonce) _gnutls_pk_ops.derive( algo, out, pub, priv, nonce, 0)
+#define _gnutls_pk_derive_tls13( algo, out, pub, priv) _gnutls_pk_ops.derive( algo, out, pub, priv, NULL, PK_DERIVE_TLS13)
+#define _gnutls_pk_generate_keys( algo, bits, params, temporal) _gnutls_pk_ops.generate_keys( algo, bits, params, temporal)
+#define _gnutls_pk_generate_params( algo, bits, priv) _gnutls_pk_ops.generate_params( algo, bits, priv)
+#define _gnutls_pk_hash_algorithm( pk, sig, params, hash) _gnutls_pk_ops.hash_algorithm(pk, sig, params, hash)
+#define _gnutls_pk_curve_exists( curve) _gnutls_pk_ops.curve_exists(curve)
+#define _gnutls_pk_exists(algo) _gnutls_pk_ops.pk_exists(algo)
+#define _gnutls_pk_sign_exists(algo) _gnutls_pk_ops.sign_exists(algo)
+
+inline static int
+_gnutls_pk_fixup(gnutls_pk_algorithm_t algo, gnutls_direction_t direction,
+		 gnutls_pk_params_st * params)
+{
+	if (_gnutls_pk_ops.pk_fixup_private_params)
+		return _gnutls_pk_ops.pk_fixup_private_params(algo,
+							      direction,
+							      params);
+	return 0;
+}
+
+int _gnutls_pk_params_copy(gnutls_pk_params_st * dst,
+			   const gnutls_pk_params_st * src);
+
+/* The internal PK interface */
+int
+_gnutls_encode_ber_rs(gnutls_datum_t * sig_value, bigint_t r, bigint_t s);
+int
+_gnutls_encode_ber_rs_raw(gnutls_datum_t * sig_value,
+			  const gnutls_datum_t * r,
+			  const gnutls_datum_t * s);
+
+int
+_gnutls_decode_ber_rs(const gnutls_datum_t * sig_value, bigint_t * r,
+		      bigint_t * s);
+
+int
+_gnutls_decode_ber_rs_raw(const gnutls_datum_t * sig_value, gnutls_datum_t *r,
+			  gnutls_datum_t *s);
+
+int
+_gnutls_encode_gost_rs(gnutls_datum_t * sig_value, bigint_t r, bigint_t s,
+		       size_t intsize);
+
+int
+_gnutls_decode_gost_rs(const gnutls_datum_t * sig_value, bigint_t * r,
+		       bigint_t * s);
+
+gnutls_digest_algorithm_t _gnutls_gost_digest(gnutls_pk_algorithm_t pk);
+gnutls_pk_algorithm_t _gnutls_digest_gost(gnutls_digest_algorithm_t digest);
+gnutls_gost_paramset_t _gnutls_gost_paramset_default(gnutls_pk_algorithm_t pk);
+
+int
+encode_ber_digest_info(const mac_entry_st * e,
+		       const gnutls_datum_t * digest,
+		       gnutls_datum_t * output);
+
+#define decode_ber_digest_info gnutls_decode_ber_digest_info
+
+int
+_gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params,
+				    gnutls_datum_t * m, gnutls_datum_t * e,
+				    gnutls_datum_t * d, gnutls_datum_t * p,
+				    gnutls_datum_t * q, gnutls_datum_t * u,
+				    gnutls_datum_t * e1,
+				    gnutls_datum_t * e2,
+				    unsigned int flags);
+
+int
+_gnutls_params_get_dsa_raw(const gnutls_pk_params_st* params,
+			     gnutls_datum_t * p, gnutls_datum_t * q,
+			     gnutls_datum_t * g, gnutls_datum_t * y,
+			     gnutls_datum_t * x, unsigned int flags);
+
+int _gnutls_params_get_ecc_raw(const gnutls_pk_params_st* params,
+				       gnutls_ecc_curve_t * curve,
+				       gnutls_datum_t * x,
+				       gnutls_datum_t * y,
+				       gnutls_datum_t * k,
+				       unsigned int flags);
+
+int _gnutls_params_get_gost_raw(const gnutls_pk_params_st* params,
+				       gnutls_ecc_curve_t * curve,
+				       gnutls_digest_algorithm_t * digest,
+				       gnutls_gost_paramset_t * paramset,
+				       gnutls_datum_t * x,
+				       gnutls_datum_t * y,
+				       gnutls_datum_t * k,
+				       unsigned int flags);
+
+int pk_prepare_hash(gnutls_pk_algorithm_t pk, const mac_entry_st * hash,
+		    gnutls_datum_t * output);
+int pk_hash_data(gnutls_pk_algorithm_t pk, const mac_entry_st * hash,
+		 gnutls_pk_params_st * params, const gnutls_datum_t * data,
+		 gnutls_datum_t * digest);
+
+int _gnutls_find_rsa_pss_salt_size(unsigned bits, const mac_entry_st *me,
+				   unsigned salt_size);
+
+#endif /* GNUTLS_LIB_PK_H */
diff --git a/lib/pkcs11.c b/lib/pkcs11.c
new file mode 100644
index 0000000..3ece1d9
--- /dev/null
+++ b/lib/pkcs11.c
@@ -0,0 +1,4794 @@
+/*
+ * GnuTLS PKCS#11 support
+ * Copyright (C) 2010-2014 Free Software Foundation, Inc.
+ * Copyright (C) 2008 Joe Orton <joe@manyfish.co.uk>
+ * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ * Copyright (C) 2014-2017 Red Hat
+ * 
+ * Authors: Nikos Mavrogiannopoulos, Stef Walter
+ *
+ * Inspired and some parts (pkcs11_login) based on neon PKCS #11 support 
+ * by Joe Orton. More ideas came from the pkcs11-helper library by 
+ * Alon Bar-Lev.
+ *
+ * GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/pkcs11.h>
+#include <string.h>
+#include "errors.h"
+#include <datum.h>
+#include <x509/common.h>
+#include <locks.h>
+
+#include <pin.h>
+#include <pkcs11_int.h>
+#include "pkcs11x.h"
+#include <system-keys.h>
+#include "x509/x509_int.h"
+
+#include <atfork.h>
+#include "intprops.h"
+
+#define MAX_PROVIDERS 16
+
+#define MAX_SLOTS 48
+
+GNUTLS_STATIC_MUTEX(pkcs11_mutex);
+
+struct gnutls_pkcs11_provider_st {
+	struct ck_function_list *module;
+	unsigned active;
+	unsigned custom_init;
+	unsigned trusted; /* in the sense of p11-kit trusted:
+			   * it can be used for verification */
+	struct ck_info info;
+};
+
+struct find_flags_data_st {
+	struct p11_kit_uri *info;
+	unsigned int slot_flags; /* Slot Information Flags */
+	unsigned int token_flags; /* Token Information Flags */
+	unsigned int trusted;
+};
+
+struct find_single_obj_st {
+	gnutls_pkcs11_obj_t obj;
+	bool overwrite_exts; /* only valid if looking for a certificate */
+};
+
+struct find_obj_session_st {
+	gnutls_pkcs11_obj_t obj;
+	struct ck_function_list *ptr;
+	ck_session_handle_t pks;
+	ck_object_handle_t ohandle;
+	unsigned long slot_id;
+};
+
+struct find_multi_obj_st {
+	gnutls_pkcs11_obj_t *p_list;
+	unsigned int current;
+	unsigned int flags;
+	struct p11_kit_uri *info;
+	bool overwrite_exts; /* only valid if looking for a certificate */
+};
+
+struct find_token_num {
+	struct p11_kit_uri *info;
+	unsigned int seq;	/* which one we are looking for */
+	unsigned int current;	/* which one are we now */
+};
+
+struct find_token_modname {
+	struct p11_kit_uri *info;
+	char *modname;
+	void *ptr;
+	unsigned long slot_id;
+};
+
+struct find_pkey_list_st {
+	gnutls_buffer_st *key_ids;
+	size_t key_ids_size;
+};
+
+struct find_cert_st {
+	gnutls_datum_t dn;
+	gnutls_datum_t issuer_dn;
+	gnutls_datum_t key_id;
+	gnutls_datum_t serial;
+
+	unsigned need_import;
+	gnutls_pkcs11_obj_t obj;
+	gnutls_x509_crt_t crt; /* used when compare flag is specified */
+	unsigned flags;
+};
+
+
+static struct gnutls_pkcs11_provider_st providers[MAX_PROVIDERS];
+static unsigned int active_providers = 0;
+
+static init_level_t providers_initialized = PROV_UNINITIALIZED;
+static unsigned int pkcs11_forkid = 0;
+
+static int _gnutls_pkcs11_reinit(void);
+
+gnutls_pkcs11_token_callback_t _gnutls_token_func;
+void *_gnutls_token_data;
+
+static int auto_load(unsigned trusted);
+
+int pkcs11_rv_to_err(ck_rv_t rv)
+{
+	switch (rv) {
+	case CKR_OK:
+		return 0;
+	case CKR_HOST_MEMORY:
+		return GNUTLS_E_MEMORY_ERROR;
+	case CKR_SLOT_ID_INVALID:
+		return GNUTLS_E_PKCS11_SLOT_ERROR;
+	case CKR_ARGUMENTS_BAD:
+	case CKR_MECHANISM_PARAM_INVALID:
+		return GNUTLS_E_INVALID_REQUEST;
+	case CKR_NEED_TO_CREATE_THREADS:
+	case CKR_CANT_LOCK:
+	case CKR_FUNCTION_NOT_PARALLEL:
+	case CKR_MUTEX_BAD:
+	case CKR_MUTEX_NOT_LOCKED:
+		return GNUTLS_E_LOCKING_ERROR;
+	case CKR_ATTRIBUTE_READ_ONLY:
+	case CKR_ATTRIBUTE_SENSITIVE:
+	case CKR_ATTRIBUTE_TYPE_INVALID:
+	case CKR_ATTRIBUTE_VALUE_INVALID:
+		return GNUTLS_E_PKCS11_ATTRIBUTE_ERROR;
+	case CKR_DEVICE_ERROR:
+	case CKR_DEVICE_MEMORY:
+	case CKR_DEVICE_REMOVED:
+		return GNUTLS_E_PKCS11_DEVICE_ERROR;
+	case CKR_DATA_INVALID:
+	case CKR_DATA_LEN_RANGE:
+	case CKR_ENCRYPTED_DATA_INVALID:
+	case CKR_ENCRYPTED_DATA_LEN_RANGE:
+	case CKR_OBJECT_HANDLE_INVALID:
+		return GNUTLS_E_PKCS11_DATA_ERROR;
+	case CKR_FUNCTION_NOT_SUPPORTED:
+	case CKR_MECHANISM_INVALID:
+		return GNUTLS_E_PKCS11_UNSUPPORTED_FEATURE_ERROR;
+	case CKR_KEY_HANDLE_INVALID:
+	case CKR_KEY_SIZE_RANGE:
+	case CKR_KEY_TYPE_INCONSISTENT:
+	case CKR_KEY_NOT_NEEDED:
+	case CKR_KEY_CHANGED:
+	case CKR_KEY_NEEDED:
+	case CKR_KEY_INDIGESTIBLE:
+	case CKR_KEY_FUNCTION_NOT_PERMITTED:
+	case CKR_KEY_NOT_WRAPPABLE:
+	case CKR_KEY_UNEXTRACTABLE:
+		return GNUTLS_E_PKCS11_KEY_ERROR;
+	case CKR_PIN_INCORRECT:
+	case CKR_PIN_INVALID:
+	case CKR_PIN_LEN_RANGE:
+		return GNUTLS_E_PKCS11_PIN_ERROR;
+	case CKR_PIN_EXPIRED:
+		return GNUTLS_E_PKCS11_PIN_EXPIRED;
+	case CKR_PIN_LOCKED:
+		return GNUTLS_E_PKCS11_PIN_LOCKED;
+	case CKR_SESSION_CLOSED:
+	case CKR_SESSION_COUNT:
+	case CKR_SESSION_HANDLE_INVALID:
+	case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
+	case CKR_SESSION_READ_ONLY:
+	case CKR_SESSION_EXISTS:
+	case CKR_SESSION_READ_ONLY_EXISTS:
+	case CKR_SESSION_READ_WRITE_SO_EXISTS:
+		return GNUTLS_E_PKCS11_SESSION_ERROR;
+	case CKR_SIGNATURE_INVALID:
+	case CKR_SIGNATURE_LEN_RANGE:
+		return GNUTLS_E_PKCS11_SIGNATURE_ERROR;
+	case CKR_TOKEN_NOT_PRESENT:
+	case CKR_TOKEN_NOT_RECOGNIZED:
+	case CKR_TOKEN_WRITE_PROTECTED:
+		return GNUTLS_E_PKCS11_TOKEN_ERROR;
+	case CKR_USER_ALREADY_LOGGED_IN:
+	case CKR_USER_NOT_LOGGED_IN:
+	case CKR_USER_PIN_NOT_INITIALIZED:
+	case CKR_USER_TYPE_INVALID:
+	case CKR_USER_ANOTHER_ALREADY_LOGGED_IN:
+	case CKR_USER_TOO_MANY_TYPES:
+		return GNUTLS_E_PKCS11_USER_ERROR;
+	case CKR_BUFFER_TOO_SMALL:
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	default:
+		return GNUTLS_E_PKCS11_ERROR;
+	}
+}
+
+
+static int scan_slots(struct gnutls_pkcs11_provider_st *p,
+		      ck_slot_id_t * slots, unsigned long *nslots)
+{
+	ck_rv_t rv;
+
+	rv = pkcs11_get_slot_list(p->module, 1, slots, nslots);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		return pkcs11_rv_to_err(rv);
+	}
+	return 0;
+}
+
+static int
+pkcs11_add_module(const char* name, struct ck_function_list *module, unsigned custom_init, const char *params)
+{
+	unsigned int i;
+	struct ck_info info;
+
+	if (active_providers >= MAX_PROVIDERS) {
+		gnutls_assert();
+		return GNUTLS_E_CONSTRAINT_ERROR;
+	}
+
+	memset(&info, 0, sizeof(info));
+	pkcs11_get_module_info(module, &info);
+
+	/* initially check if this module is a duplicate */
+	for (i = 0; i < active_providers; i++) {
+		/* already loaded, skip the rest */
+		if (module == providers[i].module ||
+		    memcmp(&info, &providers[i].info, sizeof(info)) == 0) {
+			_gnutls_debug_log("p11: module %s is already loaded.\n", name);
+			return GNUTLS_E_INT_RET_0;
+		}
+	}
+
+	active_providers++;
+	providers[active_providers - 1].module = module;
+	providers[active_providers - 1].active = 1;
+	providers[active_providers - 1].trusted = 0;
+	providers[active_providers - 1].custom_init = custom_init;
+
+	if (p11_kit_module_get_flags(module) & P11_KIT_MODULE_TRUSTED ||
+		(params != NULL && strstr(params, "trusted") != 0))
+		providers[active_providers - 1].trusted = 1;
+
+	memcpy(&providers[active_providers - 1].info, &info, sizeof(info));
+
+	return 0;
+}
+
+/* Returns:
+ *  - negative error code on error,
+ *  - 0 on success
+ *  - 1 on success (and a fork was detected - cb was run)
+ *
+ * The output value of the callback will be returned if it is
+ * a negative one (indicating failure).
+*/
+int _gnutls_pkcs11_check_init(init_level_t req_level, void *priv, pkcs11_reinit_function cb)
+{
+	int ret, sret = 0;
+
+	ret = gnutls_static_mutex_lock(&pkcs11_mutex);
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_LOCKING_ERROR);
+
+	if (providers_initialized > PROV_UNINITIALIZED) {
+		ret = 0;
+
+		if (_gnutls_detect_fork(pkcs11_forkid)) {
+			/* if we are initialized but a fork is detected */
+			ret = _gnutls_pkcs11_reinit();
+			if (ret == 0) {
+				sret = 1;
+				if (cb) {
+					int ret2 = cb(priv);
+					if (ret2 < 0)
+						ret = ret2;
+				}
+				pkcs11_forkid = _gnutls_get_forkid();
+			}
+		}
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	/* Possible Transitions: PROV_UNINITIALIZED -> PROV_INIT_MANUAL -> PROV_INIT_MANUAL_TRUSTED
+	 * PROV_UNINITIALIZED -> PROV_INIT_TRUSTED -> PROV_INIT_ALL
+	 *
+	 * request for PROV_INIT_TRUSTED may result to PROV_INIT_MANUAL_TRUSTED
+	 * request for PROV_INIT_ALL may result to PROV_INIT_MANUAL or PROV_INIT_MANUAL_TRUSTED
+	 */
+	switch(req_level) {
+		case PROV_UNINITIALIZED:
+		case PROV_INIT_MANUAL:
+			break;
+		case PROV_INIT_TRUSTED:
+		case PROV_INIT_MANUAL_TRUSTED:
+			if (providers_initialized < PROV_INIT_MANUAL_TRUSTED) {
+				_gnutls_debug_log("Initializing needed PKCS #11 modules\n");
+				ret = auto_load(1);
+				if (ret < 0) {
+					gnutls_assert();
+				}
+
+				if (providers_initialized == PROV_INIT_MANUAL)
+					providers_initialized = PROV_INIT_MANUAL_TRUSTED;
+				else
+					providers_initialized = PROV_INIT_TRUSTED;
+
+				goto cleanup;
+			}
+			break;
+		case PROV_INIT_ALL:
+			if (providers_initialized == PROV_INIT_TRUSTED ||
+			    providers_initialized == PROV_UNINITIALIZED) {
+				_gnutls_debug_log("Initializing all PKCS #11 modules\n");
+				ret = gnutls_pkcs11_init(GNUTLS_PKCS11_FLAG_AUTO, NULL);
+				if (ret < 0) {
+					gnutls_assert();
+				}
+
+				providers_initialized = PROV_INIT_ALL;
+				goto cleanup;
+			}
+			break;
+	}
+
+	ret = sret;
+
+ cleanup:
+	(void)gnutls_static_mutex_unlock(&pkcs11_mutex);
+
+	return ret;
+}
+
+
+/**
+ * gnutls_pkcs11_add_provider:
+ * @name: The filename of the module
+ * @params: should be NULL or a known string (see description)
+ *
+ * This function will load and add a PKCS 11 module to the module
+ * list used in gnutls. After this function is called the module will
+ * be used for PKCS 11 operations.
+ *
+ * When loading a module to be used for certificate verification,
+ * use the string 'trusted' as @params.
+ *
+ * Note that this function is not thread safe.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_pkcs11_add_provider(const char *name, const char *params)
+{
+	struct ck_function_list *module;
+	unsigned custom_init = 0, flags = 0;
+	struct ck_c_initialize_args args;
+	const char *p;
+	int ret;
+
+	if (params && (p = strstr(params, "p11-kit:")) != 0) {
+		memset (&args, 0, sizeof (args));
+		args.reserved = (char*)(p + sizeof("p11-kit:")-1);
+		args.flags = CKF_OS_LOCKING_OK;
+
+		custom_init = 1;
+		flags = P11_KIT_MODULE_UNMANAGED;
+	}
+
+	module = p11_kit_module_load(name, P11_KIT_MODULE_CRITICAL|flags);
+	if (module == NULL) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: Cannot load provider %s\n", name);
+		return GNUTLS_E_PKCS11_LOAD_ERROR;
+	}
+
+	_gnutls_debug_log
+		    ("p11: Initializing module: %s\n", name);
+
+	/* check if we have special information for a p11-kit trust module */
+	if (custom_init) {
+		ret = module->C_Initialize(&args);
+	} else {
+		ret = p11_kit_module_initialize(module);
+	}
+
+	if (ret != CKR_OK) {
+		p11_kit_module_release(module);
+		gnutls_assert();
+		return pkcs11_rv_to_err(ret);
+	}
+
+	ret = pkcs11_add_module(name, module, custom_init, params);
+	if (ret != 0) {
+		if (ret == GNUTLS_E_INT_RET_0)
+			ret = 0;
+		if (!custom_init)
+			p11_kit_module_finalize(module);
+		else
+			module->C_Finalize(NULL);
+		p11_kit_module_release(module);
+		gnutls_assert();
+	}
+
+	return ret;
+}
+
+static
+int add_obj_attrs(struct p11_kit_uri *info, struct ck_attribute a[4], unsigned *a_vals, ck_object_class_t *class, ck_certificate_type_t *type)
+{
+	struct ck_attribute *attr;
+
+	*type = -1;
+	*class = CKO_CERTIFICATE;
+
+	/* find the object that matches the URL */
+	*a_vals = 0;
+	attr = p11_kit_uri_get_attribute(info, CKA_ID);
+	if (attr) {
+		memcpy(a + (*a_vals), attr, sizeof(struct ck_attribute));
+		(*a_vals)++;
+	}
+
+	attr = p11_kit_uri_get_attribute(info, CKA_LABEL);
+	if (attr) {
+		memcpy(a + (*a_vals), attr, sizeof(struct ck_attribute));
+		(*a_vals)++;
+	}
+
+	if (!(*a_vals)) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Find objects with given class and type */
+	attr = p11_kit_uri_get_attribute(info, CKA_CLASS);
+	if (attr) {
+		if (attr->value
+		    && attr->value_len == sizeof(ck_object_class_t))
+			memcpy(class, attr->value, sizeof(ck_object_class_t));
+		if (*class == CKO_CERTIFICATE)
+			*type = CKC_X_509;
+		memcpy(a + (*a_vals), attr, sizeof(struct ck_attribute));
+		(*a_vals)++;
+	}
+
+	if (*type != (ck_certificate_type_t) - 1) {
+		a[(*a_vals)].type = CKA_CERTIFICATE_TYPE;
+		a[(*a_vals)].value = type;
+		a[(*a_vals)].value_len = sizeof *type;
+		(*a_vals)++;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_obj_set_info:
+ * @obj: should contain a #gnutls_pkcs11_obj_t type
+ * @itype: Denotes the type of information to be set
+ * @data: the data to set
+ * @data_size: the size of data
+ * @flags: Or sequence of GNUTLS_PKCS11_OBJ_* flags
+ *
+ * This function will set attributes on the provided object.
+ * Available options for @itype are %GNUTLS_PKCS11_OBJ_LABEL,
+ * %GNUTLS_PKCS11_OBJ_ID_HEX, and %GNUTLS_PKCS11_OBJ_ID.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code on error.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_pkcs11_obj_set_info(gnutls_pkcs11_obj_t obj,
+			   gnutls_pkcs11_obj_info_t itype,
+			   const void *data, size_t data_size,
+			   unsigned flags)
+{
+	struct p11_kit_uri *info = obj->info;
+	struct pkcs11_session_info sinfo;
+	struct ck_attribute a[4];
+	ck_object_handle_t ctx[2];
+	ck_certificate_type_t type;
+	ck_object_class_t class;
+	unsigned long count;
+	size_t size;
+	unsigned a_vals;
+	char tmp[128];
+	ck_rv_t rv;
+	int ret;
+
+	PKCS11_CHECK_INIT;
+
+	ret =
+	    pkcs11_open_session(&sinfo, NULL, info,
+				SESSION_WRITE |
+				pkcs11_obj_flags_to_int(flags));
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = add_obj_attrs(info, a, &a_vals, &class, &type);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	rv = pkcs11_find_objects_init(sinfo.module, sinfo.pks, a,
+				      a_vals);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: FindObjectsInit failed.\n");
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+	rv = pkcs11_find_objects(sinfo.module, sinfo.pks, ctx, 2, &count);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: FindObjects failed.\n");
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+	if (count > 1 || count == 0) {
+		gnutls_assert();
+		if (count > 1)
+			_gnutls_debug_log("p11: More than one objects match (%d)\n", (int)count);
+		ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		goto cleanup;
+	}
+
+	switch (itype) {
+	case GNUTLS_PKCS11_OBJ_ID_HEX:
+		size = sizeof(tmp);
+		ret = _gnutls_hex2bin(data, data_size, (uint8_t*)tmp, &size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		data = tmp;
+		data_size = size;
+
+		FALLTHROUGH;
+	case GNUTLS_PKCS11_OBJ_ID:
+		a[0].type = CKA_ID;
+		a[0].value = (void*)data;
+		a[0].value_len = data_size;
+
+		rv = pkcs11_set_attribute_value(sinfo.module, sinfo.pks, ctx[0], a, 1);
+		if (rv != CKR_OK) {
+			gnutls_assert();
+			_gnutls_debug_log("p11: set_attribute_value failed.\n");
+			ret = pkcs11_rv_to_err(rv);
+			goto cleanup;
+		}
+
+		break;
+	case GNUTLS_PKCS11_OBJ_LABEL:
+		a[0].type = CKA_LABEL;
+		a[0].value = (void*)data;
+		a[0].value_len = data_size;
+
+		rv = pkcs11_set_attribute_value(sinfo.module, sinfo.pks, ctx[0], a, 1);
+		if (rv != CKR_OK) {
+			gnutls_assert();
+			_gnutls_debug_log("p11: set_attribute_value failed.\n");
+			ret = pkcs11_rv_to_err(rv);
+			goto cleanup;
+		}
+
+		break;
+	default:
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	pkcs11_close_session(&sinfo);
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_obj_get_info:
+ * @obj: should contain a #gnutls_pkcs11_obj_t type
+ * @itype: Denotes the type of information requested
+ * @output: where output will be stored
+ * @output_size: contains the maximum size of the output buffer and will be
+ *     overwritten with the actual size.
+ *
+ * This function will return information about the PKCS11 certificate
+ * such as the label, id as well as token information where the key is
+ * stored.
+ *
+ * When output is text, a null terminated string is written to @output and its
+ * string length is written to @output_size (without null terminator). If the
+ * buffer is too small, @output_size will contain the expected buffer size
+ * (with null terminator for text) and return %GNUTLS_E_SHORT_MEMORY_BUFFER.
+ *
+ * In versions previously to 3.6.0 this function included the null terminator
+ * to @output_size. After 3.6.0 the output size doesn't include the terminator character.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code on error.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pkcs11_obj_get_info(gnutls_pkcs11_obj_t obj,
+			   gnutls_pkcs11_obj_info_t itype,
+			   void *output, size_t * output_size)
+{
+	return pkcs11_get_info(obj->info, itype, output, output_size);
+}
+
+static int
+find_obj_session_cb(struct ck_function_list *module, struct pkcs11_session_info *sinfo,
+		    struct ck_token_info *tinfo, struct ck_info *lib_info,
+		    void *input)
+{
+	struct find_obj_session_st *find_data = input;
+	struct ck_attribute a[4];
+	ck_rv_t rv;
+	ck_object_handle_t ctx = CK_INVALID_HANDLE;
+	unsigned long count;
+	unsigned a_vals;
+        ck_certificate_type_t type;
+        ck_object_class_t class;
+	int found = 0, ret;
+
+	if (tinfo == NULL) {	/* we don't support multiple calls */
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	/* do not bother reading the token if basic fields do not match
+	 */
+	if (!p11_kit_uri_match_token_info(find_data->obj->info, tinfo) ||
+	    !p11_kit_uri_match_module_info(find_data->obj->info,
+					      lib_info)) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	ret = add_obj_attrs(find_data->obj->info, a, &a_vals, &class, &type);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	rv = pkcs11_find_objects_init(sinfo->module, sinfo->pks, a,
+				      a_vals);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: FindObjectsInit failed.\n");
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+	if (pkcs11_find_objects(sinfo->module, sinfo->pks, &ctx, 1, &count) == CKR_OK &&
+	    count == 1) {
+		find_data->ptr = sinfo->module;
+		find_data->pks = sinfo->pks;
+		find_data->slot_id = sinfo->sid;
+		find_data->ohandle = ctx;
+		found = 1;
+	}
+
+	if (found == 0) {
+		gnutls_assert();
+		if (count > 1)
+			ret = GNUTLS_E_TOO_MANY_MATCHES;
+		else
+			ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+	} else {
+		ret = 0;
+	}
+
+ cleanup:
+	pkcs11_find_objects_final(sinfo);
+
+	return ret;
+}
+
+
+/**
+ * gnutls_pkcs11_obj_get_ptr:
+ * @obj: should contain a #gnutls_pkcs11_obj_t type
+ * @ptr: will contain the CK_FUNCTION_LIST_PTR pointer (may be %NULL)
+ * @session: will contain the CK_SESSION_HANDLE of the object
+ * @ohandle: will contain the CK_OBJECT_HANDLE of the object
+ * @slot_id: the identifier of the slot (may be %NULL)
+ * @flags: Or sequence of GNUTLS_PKCS11_OBJ_* flags
+ *
+ * Obtains the PKCS#11 session handles of an object. @session and @ohandle
+ * must be deinitialized by the caller. The returned pointers are
+ * independent of the @obj lifetime.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code
+ * on error.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_pkcs11_obj_get_ptr(gnutls_pkcs11_obj_t obj, void **ptr,
+			  void **session, void **ohandle,
+			  unsigned long *slot_id,
+			  unsigned int flags)
+{
+	int ret;
+	struct find_obj_session_st find_data;
+
+	PKCS11_CHECK_INIT;
+	memset(&find_data, 0, sizeof(find_data));
+
+	find_data.obj = obj;
+
+	ret =
+	    _pkcs11_traverse_tokens(find_obj_session_cb, &find_data, obj->info,
+				    &obj->pin,
+				    SESSION_NO_CLOSE|pkcs11_obj_flags_to_int(flags));
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (ptr)
+		*ptr = find_data.ptr;
+
+	*ohandle = (void*)find_data.ohandle;
+	*session = (void*)find_data.pks;
+
+	if (slot_id)
+		*slot_id = find_data.slot_id;
+
+	return 0;
+}
+
+int
+pkcs11_get_info(struct p11_kit_uri *info,
+		gnutls_pkcs11_obj_info_t itype, void *output,
+		size_t * output_size)
+{
+	struct ck_attribute *attr = NULL;
+	struct ck_version *version = NULL;
+	const uint8_t *str = NULL;
+	size_t str_max = 0;
+	int terminate = 0;
+	int hexify = 0;
+	size_t length = 0;
+	const char *data = NULL;
+	char buf[32];
+
+	/*
+	 * Either attr, str or version is valid by the time switch
+	 * finishes
+	 */
+
+	switch (itype) {
+	case GNUTLS_PKCS11_OBJ_ID:
+		attr = p11_kit_uri_get_attribute(info, CKA_ID);
+		break;
+	case GNUTLS_PKCS11_OBJ_ID_HEX:
+		attr = p11_kit_uri_get_attribute(info, CKA_ID);
+		hexify = 1;
+		terminate = 1;
+		break;
+	case GNUTLS_PKCS11_OBJ_LABEL:
+		attr = p11_kit_uri_get_attribute(info, CKA_LABEL);
+		terminate = 1;
+		break;
+	case GNUTLS_PKCS11_OBJ_TOKEN_LABEL:
+		str = p11_kit_uri_get_token_info(info)->label;
+		str_max = 32;
+		break;
+	case GNUTLS_PKCS11_OBJ_TOKEN_SERIAL:
+		str = p11_kit_uri_get_token_info(info)->serial_number;
+		str_max = 16;
+		break;
+	case GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER:
+		str = p11_kit_uri_get_token_info(info)->manufacturer_id;
+		str_max = 32;
+		break;
+	case GNUTLS_PKCS11_OBJ_TOKEN_MODEL:
+		str = p11_kit_uri_get_token_info(info)->model;
+		str_max = 16;
+		break;
+	case GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION:
+		str =
+		    p11_kit_uri_get_module_info(info)->library_description;
+		str_max = 32;
+		break;
+	case GNUTLS_PKCS11_OBJ_LIBRARY_VERSION:
+		version =
+		    &p11_kit_uri_get_module_info(info)->library_version;
+		break;
+	case GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER:
+		str = p11_kit_uri_get_module_info(info)->manufacturer_id;
+		str_max = 32;
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (attr != NULL) {
+		data = attr->value;
+		length = attr->value_len;
+	} else if (str != NULL) {
+		data = (void *) str;
+		length = p11_kit_space_strlen(str, str_max);
+		terminate = 1;
+	} else if (version != NULL) {
+		data = buf;
+		length =
+		    snprintf(buf, sizeof(buf), "%d.%d",
+			     (int) version->major, (int) version->minor);
+		terminate = 1;
+	} else {
+		*output_size = 0;
+		if (output)
+			((uint8_t *) output)[0] = 0;
+		return 0;
+	}
+
+	if (hexify) {
+		/* terminate is assumed with hexify */
+		if (*output_size < length * 3) {
+			*output_size = length * 3;
+			return GNUTLS_E_SHORT_MEMORY_BUFFER;
+		}
+		if (output && length > 0)
+			_gnutls_bin2hex(data, length, output, *output_size,
+					":");
+		*output_size = length * 3;
+		return 0;
+	} else {
+		if (*output_size < length + terminate) {
+			*output_size = length + terminate;
+			return GNUTLS_E_SHORT_MEMORY_BUFFER;
+		}
+		if (output) {
+			memcpy(output, data, length);
+			if (terminate)
+				((unsigned char *) output)[length] = '\0';
+		}
+		*output_size = length;
+	}
+
+	return 0;
+}
+
+static int init = 0;
+
+/* tries to load modules from /etc/gnutls/pkcs11.conf if it exists
+ */
+static void compat_load(const char *configfile)
+{
+	FILE *fp;
+	int ret;
+	char line[512];
+	const char *library;
+
+	if (configfile == NULL)
+		configfile = "/etc/gnutls/pkcs11.conf";
+
+	fp = fopen(configfile, "re");
+	if (fp == NULL) {
+		gnutls_assert();
+		return;
+	}
+
+	_gnutls_debug_log("Loading PKCS #11 libraries from %s\n",
+			  configfile);
+	while (fgets(line, sizeof(line), fp) != NULL) {
+		if (strncmp(line, "load", sizeof("load") - 1) == 0) {
+			char *p;
+			p = strchr(line, '=');
+			if (p == NULL)
+				continue;
+
+			library = ++p;
+			p = strchr(line, '\n');
+			if (p != NULL)
+				*p = 0;
+
+			ret = gnutls_pkcs11_add_provider(library, NULL);
+			if (ret < 0) {
+				gnutls_assert();
+				_gnutls_debug_log
+				    ("Cannot load provider: %s\n",
+				     library);
+				continue;
+			}
+		}
+	}
+	fclose(fp);
+
+	return;
+}
+
+static int auto_load(unsigned trusted)
+{
+	struct ck_function_list **modules;
+	int i, ret;
+	char* name;
+
+	modules = p11_kit_modules_load_and_initialize(trusted?P11_KIT_MODULE_TRUSTED:0);
+	if (modules == NULL) {
+		gnutls_assert();
+		_gnutls_debug_log
+		    ("Cannot initialize registered modules: %s\n",
+		     p11_kit_message());
+		return GNUTLS_E_PKCS11_LOAD_ERROR;
+	}
+
+	for (i = 0; modules[i] != NULL; i++) {
+		name = p11_kit_module_get_name(modules[i]);
+		_gnutls_debug_log
+			    ("p11: Initializing module: %s\n", name);
+
+		ret = pkcs11_add_module(name, modules[i], 0, NULL);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_debug_log
+			    ("Cannot load PKCS #11 module: %s\n", name);
+		}
+		free(name);
+	}
+
+	/* Shallow free */
+	free(modules);
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_init:
+ * @flags: An ORed sequence of %GNUTLS_PKCS11_FLAG_*
+ * @deprecated_config_file: either NULL or the location of a deprecated
+ *     configuration file
+ *
+ * This function will initialize the PKCS 11 subsystem in gnutls. It will
+ * read configuration files if %GNUTLS_PKCS11_FLAG_AUTO is used or allow
+ * you to independently load PKCS 11 modules using gnutls_pkcs11_add_provider()
+ * if %GNUTLS_PKCS11_FLAG_MANUAL is specified.
+ *
+ * You don't need to call this function since GnuTLS 3.3.0 because it is being called
+ * during the first request PKCS 11 operation. That call will assume the %GNUTLS_PKCS11_FLAG_AUTO
+ * flag. If another flags are required then it must be called independently
+ * prior to any PKCS 11 operation.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pkcs11_init(unsigned int flags, const char *deprecated_config_file)
+{
+	int ret = 0;
+
+	if (init != 0) {
+		init++;
+		return 0;
+	}
+	init++;
+
+	pkcs11_forkid = _gnutls_get_forkid();
+
+	p11_kit_pin_register_callback(P11_KIT_PIN_FALLBACK,
+				      p11_kit_pin_file_callback, NULL,
+				      NULL);
+
+	if (flags == GNUTLS_PKCS11_FLAG_MANUAL) {
+		/* if manual configuration is requested then don't
+		 * bother loading any other providers */
+		providers_initialized = PROV_INIT_MANUAL;
+		return 0;
+	 } else if (flags & GNUTLS_PKCS11_FLAG_AUTO) {
+		if (deprecated_config_file == NULL)
+			ret = auto_load(0);
+
+		compat_load(deprecated_config_file);
+
+		providers_initialized = PROV_INIT_ALL;
+
+		return ret;
+	} else if (flags & GNUTLS_PKCS11_FLAG_AUTO_TRUSTED) {
+		ret = auto_load(1);
+
+		providers_initialized = PROV_INIT_TRUSTED;
+
+		return ret;
+	}
+
+	return 0;
+}
+
+static int _gnutls_pkcs11_reinit(void)
+{
+	unsigned i;
+	ck_rv_t rv;
+
+	for (i = 0; i < active_providers; i++) {
+		if (providers[i].module != NULL) {
+			rv = p11_kit_module_initialize(providers
+						       [i].module);
+			if (rv == CKR_OK || rv == CKR_CRYPTOKI_ALREADY_INITIALIZED) {
+				providers[i].active = 1;
+			} else {
+				providers[i].active = 0;
+				_gnutls_debug_log
+				    ("Cannot re-initialize registered module '%.*s': %s\n",
+				     (int)32, providers[i].info.library_description,
+				     p11_kit_strerror(rv));
+			}
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_reinit:
+ *
+ * This function will reinitialize the PKCS 11 subsystem in gnutls. 
+ * This is required by PKCS 11 when an application uses fork(). The
+ * reinitialization function must be called on the child.
+ *
+ * Note that since GnuTLS 3.3.0, the reinitialization of the PKCS #11
+ * subsystem occurs automatically after fork.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int gnutls_pkcs11_reinit(void)
+{
+	int ret;
+
+	/* make sure that we don't call more than once after a fork */
+	if (_gnutls_detect_fork(pkcs11_forkid) == 0)
+		return 0;
+
+	ret = _gnutls_pkcs11_reinit();
+
+	pkcs11_forkid = _gnutls_get_forkid();
+
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_deinit:
+ *
+ * This function will deinitialize the PKCS 11 subsystem in gnutls.
+ * This function is only needed if you need to deinitialize the
+ * subsystem without calling gnutls_global_deinit().
+ *
+ * Since: 2.12.0
+ **/
+void gnutls_pkcs11_deinit(void)
+{
+	unsigned int i;
+
+	if (init == 0)
+		return;
+
+	init--;
+	if (init > 0)
+		return;
+
+	for (i = 0; i < active_providers; i++) {
+		if (providers[i].active) {
+
+			if (!providers[i].custom_init)
+				p11_kit_module_finalize(providers[i].module);
+			else
+				providers[i].module->C_Finalize(NULL);
+		}
+		p11_kit_module_release(providers[i].module);
+	}
+	active_providers = 0;
+	providers_initialized = PROV_UNINITIALIZED;
+
+	gnutls_pkcs11_set_pin_function(NULL, NULL);
+	gnutls_pkcs11_set_token_function(NULL, NULL);
+	p11_kit_pin_unregister_callback(P11_KIT_PIN_FALLBACK,
+					p11_kit_pin_file_callback, NULL);
+}
+
+/**
+ * gnutls_pkcs11_set_token_function:
+ * @fn: The token callback
+ * @userdata: data to be supplied to callback
+ *
+ * This function will set a callback function to be used when a token
+ * needs to be inserted to continue PKCS 11 operations.
+ *
+ * Since: 2.12.0
+ **/
+void
+gnutls_pkcs11_set_token_function(gnutls_pkcs11_token_callback_t fn,
+				 void *userdata)
+{
+	_gnutls_token_func = fn;
+	_gnutls_token_data = userdata;
+}
+
+int pkcs11_url_to_info(const char *url, struct p11_kit_uri **info, unsigned flags)
+{
+	int allocated = 0;
+	int ret;
+	struct ck_attribute at;
+	ck_object_class_t klass;
+
+	if (*info == NULL) {
+		*info = p11_kit_uri_new();
+		if (*info == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+		allocated = 1;
+	}
+
+	ret = p11_kit_uri_parse(url, P11_KIT_URI_FOR_ANY, *info);
+	if (ret < 0) {
+		if (allocated) {
+			p11_kit_uri_free(*info);
+			*info = NULL;
+		}
+		gnutls_assert();
+		return ret == P11_KIT_URI_NO_MEMORY ?
+		    GNUTLS_E_MEMORY_ERROR : GNUTLS_E_PARSING_ERROR;
+	}
+
+	/* check for incomplete/invalid URIs */
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_EXPECT_CERT) {
+		klass = CKO_CERTIFICATE;
+		at.type = CKA_CLASS;
+		at.value = &klass;
+		at.value_len = sizeof (klass);
+		p11_kit_uri_set_attribute (*info, &at);
+	} else if (flags & GNUTLS_PKCS11_OBJ_FLAG_EXPECT_PRIVKEY) {
+		klass = CKO_PRIVATE_KEY;
+		at.type = CKA_CLASS;
+		at.value = &klass;
+		at.value_len = sizeof (klass);
+		p11_kit_uri_set_attribute (*info, &at);
+	} else if (flags & GNUTLS_PKCS11_OBJ_FLAG_EXPECT_PUBKEY) {
+		klass = CKO_PUBLIC_KEY;
+		at.type = CKA_CLASS;
+		at.value = &klass;
+		at.value_len = sizeof (klass);
+		p11_kit_uri_set_attribute (*info, &at);
+	}
+
+	return 0;
+}
+
+int
+pkcs11_info_to_url(struct p11_kit_uri *info,
+		   gnutls_pkcs11_url_type_t detailed, char **url)
+{
+	p11_kit_uri_type_t type = 0;
+	int ret;
+
+	switch (detailed) {
+	case GNUTLS_PKCS11_URL_GENERIC:
+		type = P11_KIT_URI_FOR_OBJECT_ON_TOKEN;
+		break;
+	case GNUTLS_PKCS11_URL_LIB:
+		type = P11_KIT_URI_FOR_OBJECT_ON_TOKEN_AND_MODULE;
+		break;
+	case GNUTLS_PKCS11_URL_LIB_VERSION:
+		type =
+		    P11_KIT_URI_FOR_OBJECT_ON_TOKEN_AND_MODULE |
+		    P11_KIT_URI_FOR_MODULE_WITH_VERSION;
+		break;
+	}
+
+	ret = p11_kit_uri_format(info, type, url);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret == P11_KIT_URI_NO_MEMORY ?
+		    GNUTLS_E_MEMORY_ERROR : GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_obj_init:
+ * @obj: A pointer to the type to be initialized
+ *
+ * This function will initialize a pkcs11 certificate structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_pkcs11_obj_init(gnutls_pkcs11_obj_t * obj)
+{
+	*obj = gnutls_calloc(1, sizeof(struct gnutls_pkcs11_obj_st));
+	if (*obj == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	(*obj)->info = p11_kit_uri_new();
+	if ((*obj)->info == NULL) {
+		gnutls_free(*obj);
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_obj_set_pin_function:
+ * @obj: The object structure
+ * @fn: the callback
+ * @userdata: data associated with the callback
+ *
+ * This function will set a callback function to be used when
+ * required to access the object. This function overrides the global
+ * set using gnutls_pkcs11_set_pin_function().
+ *
+ * Since: 3.1.0
+ **/
+void
+gnutls_pkcs11_obj_set_pin_function(gnutls_pkcs11_obj_t obj,
+				   gnutls_pin_callback_t fn,
+				   void *userdata)
+{
+	obj->pin.cb = fn;
+	obj->pin.data = userdata;
+}
+
+/**
+ * gnutls_pkcs11_obj_deinit:
+ * @obj: The type to be deinitialized
+ *
+ * This function will deinitialize a certificate structure.
+ *
+ * Since: 2.12.0
+ **/
+void gnutls_pkcs11_obj_deinit(gnutls_pkcs11_obj_t obj)
+{
+	unsigned i;
+	for (i=0;i<obj->pubkey_size;i++)
+		_gnutls_free_datum(&obj->pubkey[i]);
+	_gnutls_free_datum(&obj->raw);
+	p11_kit_uri_free(obj->info);
+	free(obj);
+}
+
+/**
+ * gnutls_pkcs11_obj_export:
+ * @obj: Holds the object
+ * @output_data: will contain the object data
+ * @output_data_size: holds the size of output_data (and will be
+ *   replaced by the actual size of parameters)
+ *
+ * This function will export the PKCS11 object data.  It is normal for
+ * data to be inaccessible and in that case %GNUTLS_E_INVALID_REQUEST
+ * will be returned.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will
+ * be returned.
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and %GNUTLS_E_SUCCESS (0) on success.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pkcs11_obj_export(gnutls_pkcs11_obj_t obj,
+			 void *output_data, size_t * output_data_size)
+{
+	if (obj == NULL || obj->raw.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (output_data == NULL || *output_data_size < obj->raw.size) {
+		*output_data_size = obj->raw.size;
+		gnutls_assert();
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+	*output_data_size = obj->raw.size;
+
+	memcpy(output_data, obj->raw.data, obj->raw.size);
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_obj_export2:
+ * @obj: Holds the object
+ * @out: will contain the object data
+ *
+ * This function will export the PKCS11 object data.  It is normal for
+ * data to be inaccessible and in that case %GNUTLS_E_INVALID_REQUEST
+ * will be returned.
+ *
+ * The output buffer is allocated using gnutls_malloc().
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and %GNUTLS_E_SUCCESS (0) on success.
+ *
+ * Since: 3.1.3
+ **/
+int
+gnutls_pkcs11_obj_export2(gnutls_pkcs11_obj_t obj, gnutls_datum_t * out)
+{
+	return gnutls_pkcs11_obj_export3(obj, GNUTLS_X509_FMT_DER, out);
+}
+
+/**
+ * gnutls_pkcs11_obj_export3:
+ * @obj: Holds the object
+ * @out: will contain the object data
+ * @fmt: The format of the exported data
+ *
+ * This function will export the PKCS11 object data.  It is normal for
+ * data to be inaccessible and in that case %GNUTLS_E_INVALID_REQUEST
+ * will be returned.
+ *
+ * The output buffer is allocated using gnutls_malloc().
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and %GNUTLS_E_SUCCESS (0) on success.
+ *
+ * Since: 3.2.7
+ **/
+int
+gnutls_pkcs11_obj_export3(gnutls_pkcs11_obj_t obj,
+			  gnutls_x509_crt_fmt_t fmt, gnutls_datum_t * out)
+{
+	int ret;
+
+	if (obj == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	switch (obj->type) {
+	case GNUTLS_PKCS11_OBJ_X509_CRT:
+		if (obj->raw.data == NULL)
+			return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+		if (fmt == GNUTLS_X509_FMT_PEM) {
+			return
+			    gnutls_pem_base64_encode2(PEM_X509_CERT2,
+						      &obj->raw, out);
+		} else {
+			return _gnutls_set_datum(out, obj->raw.data,
+						 obj->raw.size);
+		}
+	case GNUTLS_PKCS11_OBJ_PUBKEY:{
+			/* that approach allows to return a public key even if
+			 * CKA_VALUE is not set */
+			gnutls_pubkey_t pubkey;
+
+			ret = gnutls_pubkey_init(&pubkey);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			ret =
+			    gnutls_pubkey_import_pkcs11(pubkey,
+							obj, 0);
+			if (ret < 0) {
+				gnutls_assert();
+				goto pcleanup;
+			}
+
+			ret =
+			    gnutls_pubkey_export2(pubkey, fmt,
+						  out);
+
+		      pcleanup:
+			gnutls_pubkey_deinit(pubkey);
+			return ret;
+		}
+	default:
+		if (obj->raw.data == NULL)
+			return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+		if (fmt == GNUTLS_X509_FMT_PEM) {
+			return gnutls_pem_base64_encode2("DATA",
+							 &obj->raw,
+							 out);
+		} else {
+			return _gnutls_set_datum(out, obj->raw.data,
+						 obj->raw.size);
+		}
+	}
+}
+
+
+int
+pkcs11_find_slot(struct ck_function_list **module, ck_slot_id_t * slot,
+		 struct p11_kit_uri *info,
+		 struct ck_token_info *_tinfo,
+		 struct ck_slot_info *_slot_info,
+		 unsigned int *trusted)
+{
+	unsigned int x, z;
+	int ret;
+	unsigned long nslots;
+	ck_slot_id_t slots[MAX_SLOTS];
+
+	for (x = 0; x < active_providers; x++) {
+		if (providers[x].active == 0)
+			continue;
+
+		if (!p11_kit_uri_match_module_info(info,
+					      &providers[x].info)) {
+			continue;
+		}
+
+		nslots = sizeof(slots) / sizeof(slots[0]);
+		ret = scan_slots(&providers[x], slots, &nslots);
+		if (ret < 0) {
+			gnutls_assert();
+			continue;
+		}
+
+		for (z = 0; z < nslots; z++) {
+			struct ck_token_info tinfo;
+			struct ck_slot_info sinfo;
+
+			if (pkcs11_get_token_info
+			    (providers[x].module, slots[z],
+			     &tinfo) != CKR_OK) {
+				continue;
+			}
+
+			if (!p11_kit_uri_match_token_info(info, &tinfo)) {
+				continue;
+			}
+
+			if (pkcs11_get_slot_info
+			    (providers[x].module, slots[z], &sinfo) != CKR_OK) {
+				continue;
+			}
+
+			/* ok found */
+			*module = providers[x].module;
+			*slot = slots[z];
+
+			if (trusted)
+				*trusted = providers[x].trusted;
+
+			if (_tinfo != NULL)
+				memcpy(_tinfo, &tinfo, sizeof(tinfo));
+
+			if (_slot_info != NULL)
+				memcpy(_slot_info, &sinfo, sizeof(sinfo));
+
+			return 0;
+		}
+	}
+
+	gnutls_assert();
+	return GNUTLS_E_PKCS11_REQUESTED_OBJECT_NOT_AVAILBLE;
+}
+
+int
+pkcs11_open_session(struct pkcs11_session_info *sinfo,
+		    struct pin_info_st *pin_info,
+		    struct p11_kit_uri *info, unsigned int flags)
+{
+	ck_rv_t rv;
+	int ret;
+	ck_session_handle_t pks = 0;
+	struct ck_function_list *module;
+	ck_slot_id_t slot;
+	struct ck_token_info tinfo;
+
+	memset(sinfo, 0, sizeof(*sinfo));
+
+	ret = pkcs11_find_slot(&module, &slot, info, &tinfo,
+				&sinfo->slot_info,
+				&sinfo->trusted);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	rv = (module)->C_OpenSession(slot, ((flags & SESSION_WRITE)
+					    ? CKF_RW_SESSION : 0) |
+				     CKF_SERIAL_SESSION, NULL, NULL, &pks);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		return pkcs11_rv_to_err(rv);
+	}
+
+	/* ok found */
+	sinfo->pks = pks;
+	sinfo->module = module;
+	sinfo->sid = slot;
+	sinfo->init = 1;
+	memcpy(&sinfo->tinfo, &tinfo, sizeof(sinfo->tinfo));
+
+	ret =
+	    pkcs11_login(sinfo, pin_info, info,
+			 flags);
+	if (ret < 0) {
+		gnutls_assert();
+		pkcs11_close_session(sinfo);
+		return ret;
+	}
+
+	return 0;
+}
+
+
+int
+_pkcs11_traverse_tokens(find_func_t find_func, void *input,
+			struct p11_kit_uri *info,
+			struct pin_info_st *pin_info, unsigned int flags)
+{
+	ck_rv_t rv;
+	unsigned int found = 0, x, z;
+	int ret;
+	ck_session_handle_t pks = 0;
+	struct pkcs11_session_info sinfo;
+	struct ck_function_list *module = NULL;
+	unsigned long nslots;
+	ck_slot_id_t slots[MAX_SLOTS];
+
+	for (x = 0; x < active_providers; x++) {
+		if (providers[x].active == 0)
+			continue;
+
+		if (flags & SESSION_TRUSTED && providers[x].trusted == 0)
+			continue;
+
+		if (info && !p11_kit_uri_match_module_info(info, &providers[x].info)) {
+			continue;
+		}
+
+		nslots = sizeof(slots) / sizeof(slots[0]);
+		ret = scan_slots(&providers[x], slots, &nslots);
+		if (ret < 0) {
+			gnutls_assert();
+			continue;
+		}
+
+		module = providers[x].module;
+		for (z = 0; z < nslots; z++) {
+			struct ck_token_info l_tinfo;
+			struct ck_slot_info l_sinfo;
+
+			if (pkcs11_get_token_info(module, slots[z],
+						  &l_tinfo) != CKR_OK) {
+				continue;
+			}
+
+			if (info && !p11_kit_uri_match_token_info(info, &l_tinfo)) {
+				continue;
+			}
+
+			if (pkcs11_get_slot_info(module, slots[z],
+						 &l_sinfo) != CKR_OK) {
+				continue;
+			}
+
+			rv = (module)->C_OpenSession(slots[z],
+						     ((flags & SESSION_WRITE) ? CKF_RW_SESSION : 0)
+						     | CKF_SERIAL_SESSION,
+						     NULL, NULL, &pks);
+			if (rv != CKR_OK) {
+				continue;
+			}
+
+			memset(&sinfo, 0, sizeof(sinfo));
+			sinfo.module = module;
+			sinfo.pks = pks;
+			sinfo.sid = slots[z];
+			sinfo.trusted = providers[x].trusted;
+
+			memcpy(&sinfo.tinfo, &l_tinfo, sizeof(sinfo.tinfo));
+			memcpy(&sinfo.slot_info, &l_sinfo, sizeof(sinfo.slot_info));
+
+			ret =
+			    pkcs11_login(&sinfo, pin_info,
+					 info, flags);
+			if (ret < 0) {
+				gnutls_assert();
+				pkcs11_close_session(&sinfo);
+
+				/* treat the error as fatal only if
+				 * the token requires login */
+				if (l_tinfo.flags & CKF_LOGIN_REQUIRED)
+					return ret;
+				continue;
+			}
+
+			ret =
+			    find_func(providers[x].module, &sinfo, &l_tinfo, &providers[x].info, input);
+
+			if (ret == 0) {
+				found = 1;
+				goto finish;
+			} else {
+				pkcs11_close_session(&sinfo);
+				pks = 0;
+			}
+		}
+	}
+
+      finish:
+	/* final call */
+
+	if (found == 0) {
+		if (module) {
+			sinfo.module = module;
+			sinfo.pks = pks;
+			ret = find_func(providers[x].module, &sinfo, NULL, NULL, input);
+		} else
+			ret =
+			    gnutls_assert_val
+			    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+	} else {
+		ret = 0;
+	}
+
+	if (pks != 0 && module != NULL) {
+		if (ret != 0 || !(flags & SESSION_NO_CLOSE))
+			pkcs11_close_session(&sinfo);
+	}
+
+	return ret;
+}
+
+ck_object_class_t pkcs11_type_to_class(gnutls_pkcs11_obj_type_t type)
+{
+	switch (type) {
+	case GNUTLS_PKCS11_OBJ_X509_CRT:
+		return CKO_CERTIFICATE;
+	case GNUTLS_PKCS11_OBJ_X509_CRT_EXTENSION:
+		return CKO_X_CERTIFICATE_EXTENSION;
+	case GNUTLS_PKCS11_OBJ_PUBKEY:
+		return CKO_PUBLIC_KEY;
+	case GNUTLS_PKCS11_OBJ_PRIVKEY:
+		return CKO_PRIVATE_KEY;
+	case GNUTLS_PKCS11_OBJ_SECRET_KEY:
+		return CKO_SECRET_KEY;
+	case GNUTLS_PKCS11_OBJ_DATA:
+		return CKO_DATA;
+	default:
+		return -1;
+	}
+}
+
+static gnutls_pkcs11_obj_type_t pkcs11_class_to_type(ck_object_class_t class)
+{
+	switch (class) {
+	case CKO_CERTIFICATE:
+		return GNUTLS_PKCS11_OBJ_X509_CRT;
+	case CKO_X_CERTIFICATE_EXTENSION:
+		return GNUTLS_PKCS11_OBJ_X509_CRT_EXTENSION;
+	case CKO_PUBLIC_KEY:
+		return GNUTLS_PKCS11_OBJ_PUBKEY;
+	case CKO_PRIVATE_KEY:
+		return GNUTLS_PKCS11_OBJ_PRIVKEY;
+	case CKO_SECRET_KEY:
+		return GNUTLS_PKCS11_OBJ_SECRET_KEY;
+	case CKO_DATA:
+		return GNUTLS_PKCS11_OBJ_DATA;
+	default:
+		_gnutls_debug_log("unknown pkcs11 object class %x\n", (unsigned)class);
+		return GNUTLS_PKCS11_OBJ_UNKNOWN;
+	}
+}
+
+/* imports an object from a token to a pkcs11_obj_t type.
+ */
+static int
+pkcs11_obj_import(ck_object_class_t class, gnutls_pkcs11_obj_t obj,
+		  const gnutls_datum_t * data,
+		  const gnutls_datum_t * id,
+		  const gnutls_datum_t * label,
+		  struct ck_token_info *tinfo, struct ck_info *lib_info)
+{
+	struct ck_attribute attr;
+	int ret;
+
+	obj->type = pkcs11_class_to_type(class);
+
+	attr.type = CKA_CLASS;
+	attr.value = &class;
+	attr.value_len = sizeof(class);
+	ret = p11_kit_uri_set_attribute(obj->info, &attr);
+	if (ret < 0) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	if (data && data->data && data->size) {
+		ret = _gnutls_set_datum(&obj->raw, data->data, data->size);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	/* copy the token and library info into the uri */
+	memcpy(p11_kit_uri_get_token_info(obj->info), tinfo,
+	       sizeof(struct ck_token_info));
+	memcpy(p11_kit_uri_get_module_info(obj->info), lib_info,
+	       sizeof(struct ck_info));
+
+	if (label && label->data && label->size) {
+		attr.type = CKA_LABEL;
+		attr.value = label->data;
+		attr.value_len = label->size;
+		ret = p11_kit_uri_set_attribute(obj->info, &attr);
+		if (ret < 0) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+	}
+
+	if (id && id->data && id->size) {
+		attr.type = CKA_ID;
+		attr.value = id->data;
+		attr.value_len = id->size;
+		ret = p11_kit_uri_set_attribute(obj->info, &attr);
+		if (ret < 0) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+	}
+
+	return 0;
+}
+
+int pkcs11_read_pubkey(struct ck_function_list *module,
+		       ck_session_handle_t pks, ck_object_handle_t ctx,
+		       ck_key_type_t key_type, gnutls_pkcs11_obj_t pobj)
+{
+	struct ck_attribute a[4];
+	uint8_t *tmp1;
+	uint8_t *tmp2 = NULL;
+	size_t tmp1_size, tmp2_size;
+	int ret;
+	ck_rv_t rv;
+
+	tmp1_size = tmp2_size = MAX_PK_PARAM_SIZE;
+	tmp1 = gnutls_calloc(1, tmp1_size);
+	if (tmp1 == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	tmp2 = gnutls_calloc(1, tmp2_size);
+	if (tmp2 == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		goto cleanup;
+	}
+
+	switch (key_type) {
+	case CKK_RSA:
+		a[0].type = CKA_MODULUS;
+		a[0].value = tmp1;
+		a[0].value_len = tmp1_size;
+		a[1].type = CKA_PUBLIC_EXPONENT;
+		a[1].value = tmp2;
+		a[1].value_len = tmp2_size;
+
+		if (pkcs11_get_attribute_value(module, pks, ctx, a, 2) ==
+		    CKR_OK) {
+
+			pobj->pubkey[0].data = a[0].value;
+			pobj->pubkey[0].size = a[0].value_len;
+
+			pobj->pubkey[1].data = a[1].value;
+			pobj->pubkey[1].size = a[1].value_len;
+
+			pobj->pubkey_size = 2;
+		} else {
+			gnutls_assert();
+			ret = GNUTLS_E_PKCS11_ERROR;
+			goto cleanup;
+		}
+		break;
+	case CKK_DSA:
+		a[0].type = CKA_PRIME;
+		a[0].value = tmp1;
+		a[0].value_len = tmp1_size;
+		a[1].type = CKA_SUBPRIME;
+		a[1].value = tmp2;
+		a[1].value_len = tmp2_size;
+
+		if ((rv = pkcs11_get_attribute_value(module, pks, ctx, a, 2)) ==
+		    CKR_OK) {
+			ret =
+			    _gnutls_set_datum(&pobj->pubkey[0], a[0].value,
+					      a[0].value_len);
+
+			if (ret >= 0)
+				ret =
+				    _gnutls_set_datum(&pobj->pubkey
+						      [1], a[1].value,
+						      a[1].value_len);
+
+			if (ret < 0) {
+				gnutls_assert();
+				_gnutls_free_datum(&pobj->pubkey[1]);
+				_gnutls_free_datum(&pobj->pubkey[0]);
+				ret = GNUTLS_E_MEMORY_ERROR;
+				goto cleanup;
+			}
+
+			pobj->pubkey_size = 2;
+		} else {
+			gnutls_assert();
+			ret = pkcs11_rv_to_err(rv);
+			goto cleanup;
+		}
+
+		a[0].type = CKA_BASE;
+		a[0].value = tmp1;
+		a[0].value_len = tmp1_size;
+		a[1].type = CKA_VALUE;
+		a[1].value = tmp2;
+		a[1].value_len = tmp2_size;
+
+		if ((rv = pkcs11_get_attribute_value(module, pks, ctx, a, 2)) ==
+		    CKR_OK) {
+			pobj->pubkey[2].data = a[0].value;
+			pobj->pubkey[2].size = a[0].value_len;
+
+			pobj->pubkey[3].data = a[1].value;
+			pobj->pubkey[3].size = a[1].value_len;
+
+			pobj->pubkey_size = 4;
+		} else {
+			gnutls_assert();
+			ret = pkcs11_rv_to_err(rv);
+			goto cleanup;
+		}
+		break;
+	case CKK_ECDSA:
+		a[0].type = CKA_EC_PARAMS;
+		a[0].value = tmp1;
+		a[0].value_len = tmp1_size;
+
+		a[1].type = CKA_EC_POINT;
+		a[1].value = tmp2;
+		a[1].value_len = tmp2_size;
+
+		if ((rv = pkcs11_get_attribute_value(module, pks, ctx, a, 2)) ==
+		    CKR_OK) {
+
+			pobj->pubkey[0].data = a[0].value;
+			pobj->pubkey[0].size = a[0].value_len;
+
+			pobj->pubkey[1].data = a[1].value;
+			pobj->pubkey[1].size = a[1].value_len;
+
+			pobj->pubkey_size = 2;
+		} else {
+			gnutls_assert();
+
+			ret = pkcs11_rv_to_err(rv);
+			goto cleanup;
+		}
+
+		break;
+#ifdef HAVE_CKM_EDDSA
+	case CKK_EC_EDWARDS:
+		a[0].type = CKA_EC_PARAMS;
+		a[0].value = tmp1;
+		a[0].value_len = tmp1_size;
+
+		a[1].type = CKA_EC_POINT;
+		a[1].value = tmp2;
+		a[1].value_len = tmp2_size;
+
+		if ((rv = pkcs11_get_attribute_value(module, pks, ctx, a, 2)) ==
+		    CKR_OK) {
+
+			pobj->pubkey[0].data = a[0].value;
+			pobj->pubkey[0].size = a[0].value_len;
+
+			pobj->pubkey[1].data = a[1].value;
+			pobj->pubkey[1].size = a[1].value_len;
+
+			pobj->pubkey_size = 2;
+		} else {
+			gnutls_assert();
+
+			ret = pkcs11_rv_to_err(rv);
+			goto cleanup;
+		}
+
+		break;
+#endif
+	default:
+		_gnutls_debug_log("requested reading public key of unsupported type %u\n", (unsigned)key_type);
+		ret = gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+		goto cleanup;
+	}
+
+	return 0;
+
+cleanup:
+	gnutls_free(tmp1);
+	gnutls_free(tmp2);
+
+	return ret;
+}
+
+static int
+pkcs11_obj_import_pubkey(struct ck_function_list *module,
+			 ck_session_handle_t pks,
+			 ck_object_handle_t ctx,
+			 gnutls_pkcs11_obj_t pobj,
+			 gnutls_datum_t *data,
+			 const gnutls_datum_t *id,
+			 const gnutls_datum_t *label,
+			 struct ck_token_info *tinfo,
+			 struct ck_info *lib_info)
+{
+	struct ck_attribute a[4];
+	ck_key_type_t key_type;
+	int ret;
+	ck_bool_t tval;
+
+	a[0].type = CKA_KEY_TYPE;
+	a[0].value = &key_type;
+	a[0].value_len = sizeof(key_type);
+
+	if (pkcs11_get_attribute_value(module, pks, ctx, a, 1) == CKR_OK) {
+		pobj->pk_algorithm = key_type_to_pk(key_type);
+
+		ret =
+		    pkcs11_read_pubkey(module, pks, ctx, key_type,
+				       pobj);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	/* read key usage flags */
+	a[0].type = CKA_ENCRYPT;
+	a[0].value = &tval;
+	a[0].value_len = sizeof(tval);
+
+	if (pkcs11_get_attribute_value(module, pks, ctx, a, 1) == CKR_OK) {
+		if (tval != 0) {
+			pobj->key_usage |= GNUTLS_KEY_DATA_ENCIPHERMENT;
+		}
+	}
+
+	a[0].type = CKA_VERIFY;
+	a[0].value = &tval;
+	a[0].value_len = sizeof(tval);
+
+	if (pkcs11_get_attribute_value(module, pks, ctx, a, 1) == CKR_OK) {
+		if (tval != 0) {
+			pobj->key_usage |= GNUTLS_KEY_DIGITAL_SIGNATURE |
+			    GNUTLS_KEY_KEY_CERT_SIGN | GNUTLS_KEY_CRL_SIGN
+			    | GNUTLS_KEY_NON_REPUDIATION;
+		}
+	}
+
+	a[0].type = CKA_VERIFY_RECOVER;
+	a[0].value = &tval;
+	a[0].value_len = sizeof(tval);
+
+	if (pkcs11_get_attribute_value(module, pks, ctx, a, 1) == CKR_OK) {
+		if (tval != 0) {
+			pobj->key_usage |= GNUTLS_KEY_DIGITAL_SIGNATURE |
+			    GNUTLS_KEY_KEY_CERT_SIGN | GNUTLS_KEY_CRL_SIGN
+			    | GNUTLS_KEY_NON_REPUDIATION;
+		}
+	}
+
+	a[0].type = CKA_DERIVE;
+	a[0].value = &tval;
+	a[0].value_len = sizeof(tval);
+
+	if (pkcs11_get_attribute_value(module, pks, ctx, a, 1) == CKR_OK) {
+		if (tval != 0) {
+			pobj->key_usage |= GNUTLS_KEY_KEY_AGREEMENT;
+		}
+	}
+
+	a[0].type = CKA_WRAP;
+	a[0].value = &tval;
+	a[0].value_len = sizeof(tval);
+
+	if (pkcs11_get_attribute_value(module, pks, ctx, a, 1) == CKR_OK) {
+		if (tval != 0) {
+			pobj->key_usage |= GNUTLS_KEY_KEY_ENCIPHERMENT;
+		}
+	}
+
+	ret = pkcs11_obj_import(CKO_PUBLIC_KEY, pobj, data, id, label,
+				 tinfo, lib_info);
+	return ret;
+}
+
+static int
+pkcs11_import_object(ck_object_handle_t ctx, ck_object_class_t class,
+		     struct pkcs11_session_info *sinfo,
+		     struct ck_token_info *tinfo, struct ck_info *lib_info,
+		     gnutls_pkcs11_obj_t pobj)
+{
+	ck_bool_t b;
+	int rv, ret;
+	struct ck_attribute a[4];
+	unsigned long category = 0;
+	char label_tmp[PKCS11_LABEL_SIZE];
+	char id_tmp[PKCS11_ID_SIZE];
+	gnutls_datum_t id, label, data = {NULL, 0};
+
+	/* now figure out flags */
+	pobj->flags = 0;
+	a[0].type = CKA_WRAP;
+	a[0].value = &b;
+	a[0].value_len = sizeof(b);
+
+	rv = pkcs11_get_attribute_value(sinfo->module, sinfo->pks, ctx, a, 1);
+	if (rv == CKR_OK && b != 0)
+		pobj->flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_KEY_WRAP;
+
+	a[0].type = CKA_UNWRAP;
+	a[0].value = &b;
+	a[0].value_len = sizeof(b);
+
+	rv = pkcs11_get_attribute_value(sinfo->module, sinfo->pks, ctx, a, 1);
+	if (rv == CKR_OK && b != 0)
+		pobj->flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_KEY_WRAP;
+
+	a[0].type = CKA_PRIVATE;
+	a[0].value = &b;
+	a[0].value_len = sizeof(b);
+
+	rv = pkcs11_get_attribute_value(sinfo->module, sinfo->pks, ctx, a, 1);
+	if (rv == CKR_OK && b != 0)
+		pobj->flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE;
+
+	a[0].type = CKA_TRUSTED;
+	a[0].value = &b;
+	a[0].value_len = sizeof(b);
+
+	rv = pkcs11_get_attribute_value(sinfo->module, sinfo->pks, ctx, a, 1);
+	if (rv == CKR_OK && b != 0)
+		pobj->flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED;
+
+	if (sinfo->trusted) { /* only p11-kit "trusted" modules support this flag */
+		a[0].type = CKA_X_DISTRUSTED;
+		a[0].value = &b;
+		a[0].value_len = sizeof(b);
+
+		rv = pkcs11_get_attribute_value(sinfo->module, sinfo->pks, ctx, a, 1);
+		if (rv == CKR_OK && b != 0)
+			pobj->flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_DISTRUSTED;
+	}
+
+	a[0].type = CKA_SENSITIVE;
+	a[0].value = &b;
+	a[0].value_len = sizeof(b);
+
+	rv = pkcs11_get_attribute_value(sinfo->module, sinfo->pks, ctx, a, 1);
+	if (rv == CKR_OK) {
+		if (b != 0)
+			pobj->flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE;
+		else
+			pobj->flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE;
+	}
+
+	a[0].type = CKA_EXTRACTABLE;
+	a[0].value = &b;
+	a[0].value_len = sizeof(b);
+
+	rv = pkcs11_get_attribute_value(sinfo->module, sinfo->pks, ctx, a, 1);
+	if (rv == CKR_OK && b != 0)
+		pobj->flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_EXTRACTABLE;
+
+	a[0].type = CKA_NEVER_EXTRACTABLE;
+	a[0].value = &b;
+	a[0].value_len = sizeof(b);
+
+	rv = pkcs11_get_attribute_value(sinfo->module, sinfo->pks, ctx, a, 1);
+	if (rv == CKR_OK && b != 0)
+		pobj->flags |= GNUTLS_PKCS11_OBJ_FLAG_NEVER_EXTRACTABLE;
+
+	a[0].type = CKA_CERTIFICATE_CATEGORY;
+	a[0].value = &category;
+	a[0].value_len = sizeof(category);
+
+	rv = pkcs11_get_attribute_value(sinfo->module, sinfo->pks, ctx, a, 1);
+	if (rv == CKR_OK && category == 2)
+		pobj->flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_CA;
+
+	a[0].type = CKA_ALWAYS_AUTHENTICATE;
+	a[0].value = &b;
+	a[0].value_len = sizeof(b);
+
+	rv = pkcs11_get_attribute_value(sinfo->module, sinfo->pks, ctx, a, 1);
+	if (rv == CKR_OK && b != 0)
+		pobj->flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_ALWAYS_AUTH;
+
+	/* now recover the object label/id */
+	a[0].type = CKA_LABEL;
+	a[0].value = label_tmp;
+	a[0].value_len = sizeof(label_tmp);
+	rv = pkcs11_get_attribute_value
+	    (sinfo->module, sinfo->pks, ctx, a, 1);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		label.data = NULL;
+		label.size = 0;
+	} else {
+		label.data = a[0].value;
+		label.size = a[0].value_len;
+	}
+
+	a[0].type = CKA_ID;
+	a[0].value = id_tmp;
+	a[0].value_len = sizeof(id_tmp);
+	rv = pkcs11_get_attribute_value
+	    (sinfo->module, sinfo->pks, ctx, a, 1);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		id.data = NULL;
+		id.size = 0;
+	} else {
+		id.data = a[0].value;
+		id.size = a[0].value_len;
+	}
+
+	if (label.data == NULL && id.data == NULL)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	rv = pkcs11_get_attribute_avalue
+	    (sinfo->module, sinfo->pks, ctx, CKA_VALUE, &data);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		/* data will be null */
+	}
+
+	if (class == CKO_PUBLIC_KEY) {
+		ret =
+		    pkcs11_obj_import_pubkey(sinfo->module,
+					     sinfo->pks,
+					     ctx,
+					     pobj,
+					     &data,
+					     &id, &label,
+					     tinfo,
+					     lib_info);
+	} else {
+		ret =
+		    pkcs11_obj_import(class,
+				      pobj,
+				      &data, &id, &label,
+				      tinfo,
+				      lib_info);
+	}
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_free(data.data);
+	return ret;
+}
+
+static int
+find_single_obj_cb(struct ck_function_list *module, struct pkcs11_session_info *sinfo,
+	     struct ck_token_info *tinfo, struct ck_info *lib_info,
+	     void *input)
+{
+	struct find_single_obj_st *find_data = input;
+	struct ck_attribute a[4];
+	ck_certificate_type_t type;
+	ck_object_class_t class;
+	ck_rv_t rv;
+	ck_object_handle_t ctx = CK_INVALID_HANDLE;
+	unsigned long count;
+	unsigned a_vals;
+	int found = 0, ret;
+
+	if (tinfo == NULL) {	/* we don't support multiple calls */
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	/* do not bother reading the token if basic fields do not match
+	 */
+	if (!p11_kit_uri_match_token_info
+	    (find_data->obj->info, tinfo)
+	    || !p11_kit_uri_match_module_info(find_data->obj->info,
+					      lib_info)) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	ret = add_obj_attrs(find_data->obj->info, a, &a_vals, &class, &type);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	rv = pkcs11_find_objects_init(sinfo->module, sinfo->pks, a,
+				      a_vals);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: FindObjectsInit failed.\n");
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+	if (pkcs11_find_objects(sinfo->module, sinfo->pks, &ctx, 1, &count) == CKR_OK &&
+	    count == 1) {
+		ret = pkcs11_import_object(ctx, class, sinfo, tinfo, lib_info, find_data->obj);
+		if (ret >= 0) {
+			found = 1;
+		}
+	} else {
+		_gnutls_debug_log
+		    ("p11: Skipped object, missing attrs.\n");
+	}
+
+	if (found == 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	} else {
+		ret = 0;
+	}
+
+      cleanup:
+	pkcs11_find_objects_final(sinfo);
+
+	if (ret == 0 && find_data->overwrite_exts && find_data->obj->raw.size > 0 && ctx != CK_INVALID_HANDLE) {
+		gnutls_datum_t spki;
+		rv = pkcs11_get_attribute_avalue(sinfo->module, sinfo->pks, ctx, CKA_PUBLIC_KEY_INFO, &spki);
+		if (rv == CKR_OK) {
+			ret = pkcs11_override_cert_exts(sinfo, &spki, &find_data->obj->raw);
+			gnutls_free(spki.data);
+			if (ret < 0) {
+				gnutls_assert();
+				return ret;
+			}
+		}
+	}
+
+	return ret;
+}
+
+unsigned int pkcs11_obj_flags_to_int(unsigned int flags)
+{
+	unsigned int ret_flags = 0;
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_LOGIN)
+		ret_flags |= SESSION_LOGIN | SESSION_FORCE_LOGIN;
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO)
+		ret_flags |= SESSION_LOGIN | SESSION_SO | SESSION_FORCE_LOGIN | SESSION_WRITE;
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE)
+		ret_flags |= SESSION_TRUSTED;
+
+	return ret_flags;
+}
+
+/**
+ * gnutls_pkcs11_obj_import_url:
+ * @obj: The structure to store the object
+ * @url: a PKCS 11 url identifying the key
+ * @flags: Or sequence of GNUTLS_PKCS11_OBJ_* flags
+ *
+ * This function will "import" a PKCS 11 URL identifying an object (e.g. certificate)
+ * to the #gnutls_pkcs11_obj_t type. This does not involve any
+ * parsing (such as X.509 or OpenPGP) since the #gnutls_pkcs11_obj_t is
+ * format agnostic. Only data are transferred.
+ *
+ * If the flag %GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT is specified
+ * any certificate read, will have its extensions overwritten by any
+ * stapled extensions in the trust module.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pkcs11_obj_import_url(gnutls_pkcs11_obj_t obj, const char *url,
+			     unsigned int flags)
+{
+	int ret;
+	struct find_single_obj_st find_data;
+
+	PKCS11_CHECK_INIT;
+	memset(&find_data, 0, sizeof(find_data));
+
+	/* fill in the find data structure */
+	find_data.obj = obj;
+
+	ret = pkcs11_url_to_info(url, &obj->info, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT) {
+		find_data.overwrite_exts = 1;
+	}
+
+	ret =
+	    _pkcs11_traverse_tokens(find_single_obj_cb, &find_data, obj->info,
+				    &obj->pin,
+				    pkcs11_obj_flags_to_int(flags));
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+static int
+find_token_num_cb(struct ck_function_list *module, struct pkcs11_session_info *sinfo,
+		  struct ck_token_info *tinfo,
+		  struct ck_info *lib_info, void *input)
+{
+	struct find_token_num *find_data = input;
+
+	if (tinfo == NULL) {	/* we don't support multiple calls */
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	if (find_data->current == find_data->seq) {
+		memcpy(p11_kit_uri_get_token_info(find_data->info),
+		       tinfo, sizeof(struct ck_token_info));
+		memcpy(p11_kit_uri_get_module_info(find_data->info),
+		       lib_info, sizeof(struct ck_info));
+		return 0;
+	}
+
+	find_data->current++;
+	/* search the token for the id */
+
+
+	return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;	/* non zero is enough */
+}
+
+static int
+find_token_modname_cb(struct ck_function_list *module, struct pkcs11_session_info *sinfo,
+		      struct ck_token_info *tinfo,
+		      struct ck_info *lib_info, void *input)
+{
+	struct find_token_modname *find_data = input;
+
+	if (tinfo == NULL) {	/* we don't support multiple calls */
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	if (!p11_kit_uri_match_token_info(find_data->info, tinfo)
+	    || !p11_kit_uri_match_module_info(find_data->info,
+					      lib_info)) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	find_data->modname = p11_kit_config_option(module, "module");
+	find_data->ptr = module;
+	find_data->slot_id = sinfo->sid;
+	return 0;
+}
+
+/* Internal symbol used by tests */
+int
+_gnutls_pkcs11_token_get_url(unsigned int seq,
+			     gnutls_pkcs11_url_type_t detailed, char **url,
+			     unsigned flags);
+
+/**
+ * _gnutls_pkcs11_token_get_url:
+ * @seq: sequence number starting from 0
+ * @detailed: non zero if a detailed URL is required
+ * @url: will contain an allocated url
+ * @flags: zero or 1. When 1 no initialization is performed.
+ *
+ * This function will return the URL for each token available
+ * in system. The url has to be released using gnutls_free()
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if the sequence number
+ * exceeds the available tokens, otherwise a negative error value.
+ *
+ **/
+int
+_gnutls_pkcs11_token_get_url(unsigned int seq,
+			     gnutls_pkcs11_url_type_t detailed, char **url,
+			     unsigned flags)
+{
+	int ret;
+	struct find_token_num tn;
+
+	if (!(flags & 1)) {
+		PKCS11_CHECK_INIT;
+	}
+
+	memset(&tn, 0, sizeof(tn));
+	tn.seq = seq;
+	tn.info = p11_kit_uri_new();
+
+	ret = _pkcs11_traverse_tokens(find_token_num_cb, &tn, NULL, NULL, 0);
+	if (ret < 0) {
+		p11_kit_uri_free(tn.info);
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = pkcs11_info_to_url(tn.info, detailed, url);
+	p11_kit_uri_free(tn.info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_token_get_url:
+ * @seq: sequence number starting from 0
+ * @detailed: non zero if a detailed URL is required
+ * @url: will contain an allocated url
+ *
+ * This function will return the URL for each token available
+ * in system. The url has to be released using gnutls_free()
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if the sequence number
+ * exceeds the available tokens, otherwise a negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pkcs11_token_get_url(unsigned int seq,
+			    gnutls_pkcs11_url_type_t detailed, char **url)
+{
+	return _gnutls_pkcs11_token_get_url(seq, detailed, url, 0);
+}
+
+/**
+ * gnutls_pkcs11_token_get_info:
+ * @url: should contain a PKCS 11 URL
+ * @ttype: Denotes the type of information requested
+ * @output: where output will be stored
+ * @output_size: contains the maximum size of the output buffer and will be
+ *     overwritten with the actual size.
+ *
+ * This function will return information about the PKCS 11 token such
+ * as the label, id, etc.
+ *
+ * When output is text, a null terminated string is written to @output and its
+ * string length is written to @output_size (without null terminator). If the
+ * buffer is too small, @output_size will contain the expected buffer size
+ * (with null terminator for text) and return %GNUTLS_E_SHORT_MEMORY_BUFFER.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code
+ * on error.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pkcs11_token_get_info(const char *url,
+			     gnutls_pkcs11_token_info_t ttype,
+			     void *output, size_t * output_size)
+{
+	struct p11_kit_uri *info = NULL;
+	const uint8_t *str;
+	char *temp_str = NULL;
+	size_t len;
+	int ret;
+
+	PKCS11_CHECK_INIT;
+
+	ret = pkcs11_url_to_info(url, &info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	switch (ttype) {
+	case GNUTLS_PKCS11_TOKEN_LABEL:
+		str = p11_kit_uri_get_token_info(info)->label;
+		len = p11_kit_space_strlen(str, 32);
+		break;
+	case GNUTLS_PKCS11_TOKEN_SERIAL:
+		str = p11_kit_uri_get_token_info(info)->serial_number;
+		len = p11_kit_space_strlen(str, 16);
+		break;
+	case GNUTLS_PKCS11_TOKEN_MANUFACTURER:
+		str = p11_kit_uri_get_token_info(info)->manufacturer_id;
+		len = p11_kit_space_strlen(str, 32);
+		break;
+	case GNUTLS_PKCS11_TOKEN_MODEL:
+		str = p11_kit_uri_get_token_info(info)->model;
+		len = p11_kit_space_strlen(str, 16);
+		break;
+	case GNUTLS_PKCS11_TOKEN_MODNAME: {
+		struct find_token_modname tn;
+
+		memset(&tn, 0, sizeof(tn));
+		tn.info = info;
+
+		ret = _pkcs11_traverse_tokens(find_token_modname_cb, &tn, NULL, NULL, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		temp_str = tn.modname;
+		if (temp_str) {
+			str = (uint8_t *)temp_str;
+			len = strlen(temp_str);
+		} else {
+			gnutls_assert();
+			len = 0;
+		}
+		break;
+	}
+	default:
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	if (len < *output_size) {
+		if (len)
+			memcpy(output, str, len);
+		((char *) output)[len] = '\0';
+		*output_size = len;
+		ret = 0;
+	} else {
+		*output_size = len + 1;
+		ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+ cleanup:
+	free(temp_str);
+	p11_kit_uri_free(info);
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_token_get_ptr:
+ * @url: should contain a PKCS#11 URL identifying a token
+ * @ptr: will contain the CK_FUNCTION_LIST_PTR pointer
+ * @slot_id: will contain the slot_id (may be %NULL)
+ * @flags: should be zero
+ *
+ * This function will return the function pointer of the specified
+ * token by the URL. The returned pointers are valid until
+ * gnutls is deinitialized, c.f. _global_deinit().
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code
+ * on error.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_pkcs11_token_get_ptr(const char *url, void **ptr, unsigned long *slot_id,
+			    unsigned int flags)
+{
+	struct p11_kit_uri *info = NULL;
+	int ret;
+	struct find_token_modname tn;
+
+	PKCS11_CHECK_INIT;
+
+	ret = pkcs11_url_to_info(url, &info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	memset(&tn, 0, sizeof(tn));
+	tn.info = info;
+
+	ret = _pkcs11_traverse_tokens(find_token_modname_cb, &tn, NULL, NULL, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (ptr)
+		*ptr = tn.ptr;
+	if (slot_id)
+		*slot_id = tn.slot_id;
+
+	ret = 0;
+
+ cleanup:
+	free(tn.modname);
+	p11_kit_uri_free(info);
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_obj_export_url:
+ * @obj: Holds the PKCS 11 certificate
+ * @detailed: non zero if a detailed URL is required
+ * @url: will contain an allocated url
+ *
+ * This function will export a URL identifying the given object.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pkcs11_obj_export_url(gnutls_pkcs11_obj_t obj,
+			     gnutls_pkcs11_url_type_t detailed, char **url)
+{
+	int ret;
+
+	ret = pkcs11_info_to_url(obj->info, detailed, url);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_obj_get_type:
+ * @obj: Holds the PKCS 11 object
+ *
+ * This function will return the type of the object being
+ * stored in the structure.
+ *
+ * Returns: The type of the object
+ *
+ * Since: 2.12.0
+ **/
+gnutls_pkcs11_obj_type_t
+gnutls_pkcs11_obj_get_type(gnutls_pkcs11_obj_t obj)
+{
+	return obj->type;
+}
+
+static int
+retrieve_pin_from_source(const char *pinfile,
+			 struct ck_token_info *token_info, int attempts,
+			 ck_user_type_t user_type,
+			 struct p11_kit_pin **pin)
+{
+	unsigned int flags = 0;
+	struct p11_kit_uri *token_uri;
+	struct p11_kit_pin *result;
+	char *label;
+
+	label =
+	    p11_kit_space_strdup(token_info->label,
+				 sizeof(token_info->label));
+	if (label == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	token_uri = p11_kit_uri_new();
+	if (token_uri == NULL) {
+		free(label);
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	memcpy(p11_kit_uri_get_token_info(token_uri), token_info,
+	       sizeof(struct ck_token_info));
+
+	if (attempts)
+		flags |= P11_KIT_PIN_FLAGS_RETRY;
+	if (user_type == CKU_USER) {
+		flags |= P11_KIT_PIN_FLAGS_USER_LOGIN;
+		if (token_info->flags & CKF_USER_PIN_COUNT_LOW)
+			flags |= P11_KIT_PIN_FLAGS_MANY_TRIES;
+		if (token_info->flags & CKF_USER_PIN_FINAL_TRY)
+			flags |= P11_KIT_PIN_FLAGS_FINAL_TRY;
+	} else if (user_type == CKU_SO) {
+		flags |= P11_KIT_PIN_FLAGS_SO_LOGIN;
+		if (token_info->flags & CKF_SO_PIN_COUNT_LOW)
+			flags |= P11_KIT_PIN_FLAGS_MANY_TRIES;
+		if (token_info->flags & CKF_SO_PIN_FINAL_TRY)
+			flags |= P11_KIT_PIN_FLAGS_FINAL_TRY;
+	} else if (user_type == CKU_CONTEXT_SPECIFIC) {
+		flags |= P11_KIT_PIN_FLAGS_CONTEXT_LOGIN;
+	}
+
+	result = p11_kit_pin_request(pinfile, token_uri, label, flags);
+	p11_kit_uri_free(token_uri);
+	free(label);
+
+	if (result == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_PKCS11_PIN_ERROR;
+	}
+
+	*pin = result;
+	return 0;
+}
+
+static int
+retrieve_pin_from_callback(const struct pin_info_st *pin_info,
+			   struct ck_token_info *token_info,
+			   int attempts, ck_user_type_t user_type,
+			   struct p11_kit_pin **pin)
+{
+	char pin_value[GNUTLS_PKCS11_MAX_PIN_LEN];
+	unsigned int flags = 0;
+	char *token_str;
+	char *label;
+	struct p11_kit_uri *token_uri;
+	int ret = 0;
+
+	label =
+	    p11_kit_space_strdup(token_info->label,
+				 sizeof(token_info->label));
+	if (label == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	token_uri = p11_kit_uri_new();
+	if (token_uri == NULL) {
+		free(label);
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	memcpy(p11_kit_uri_get_token_info(token_uri), token_info,
+	       sizeof(struct ck_token_info));
+	ret = pkcs11_info_to_url(token_uri, 1, &token_str);
+	p11_kit_uri_free(token_uri);
+
+	if (ret < 0) {
+		free(label);
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	if (user_type == CKU_USER || user_type == CKU_CONTEXT_SPECIFIC) {
+		flags |= GNUTLS_PIN_USER;
+
+		if (user_type == CKU_CONTEXT_SPECIFIC)
+			flags |= GNUTLS_PIN_CONTEXT_SPECIFIC;
+		if (token_info->flags & CKF_USER_PIN_COUNT_LOW)
+			flags |= GNUTLS_PIN_COUNT_LOW;
+		if (token_info->flags & CKF_USER_PIN_FINAL_TRY)
+			flags |= GNUTLS_PIN_FINAL_TRY;
+	} else if (user_type == CKU_SO) {
+		flags |= GNUTLS_PIN_SO;
+		if (token_info->flags & CKF_SO_PIN_COUNT_LOW)
+			flags |= GNUTLS_PIN_COUNT_LOW;
+		if (token_info->flags & CKF_SO_PIN_FINAL_TRY)
+			flags |= GNUTLS_PIN_FINAL_TRY;
+	}
+
+	if (attempts > 0)
+		flags |= GNUTLS_PIN_WRONG;
+
+	if (pin_info && pin_info->cb)
+		ret =
+		    pin_info->cb(pin_info->data, attempts,
+				 (char *) token_str, label, flags,
+				 pin_value, GNUTLS_PKCS11_MAX_PIN_LEN);
+	else if (_gnutls_pin_func)
+		ret =
+		    _gnutls_pin_func(_gnutls_pin_data, attempts,
+				     (char *) token_str, label, flags,
+				     pin_value, GNUTLS_PKCS11_MAX_PIN_LEN);
+	else
+		ret = gnutls_assert_val(GNUTLS_E_PKCS11_PIN_ERROR);
+
+	free(token_str);
+	free(label);
+
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_PKCS11_PIN_ERROR);
+
+	*pin = p11_kit_pin_new_for_string(pin_value);
+
+	if (*pin == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	return 0;
+}
+
+int
+pkcs11_retrieve_pin(struct pin_info_st *pin_info, struct p11_kit_uri *info,
+		    struct ck_token_info *token_info, int attempts,
+		    ck_user_type_t user_type, struct p11_kit_pin **pin)
+{
+	const char *pinfile;
+	int ret = GNUTLS_E_PKCS11_PIN_ERROR;
+
+	*pin = NULL;
+
+	/* First check for pin-value field */
+	pinfile = p11_kit_uri_get_pin_value(info);
+	if (pinfile != NULL) {
+		if (attempts > 0) {
+			_gnutls_debug_log("p11: refusing more than a single attempts with pin-value\n");
+			return gnutls_assert_val(GNUTLS_E_PKCS11_PIN_ERROR);
+		}
+
+		_gnutls_debug_log("p11: Using pin-value to retrieve PIN\n");
+		*pin = p11_kit_pin_new_for_string(pinfile);
+		if (*pin != NULL)
+			ret = 0;
+	} else { /* try pin-source */
+		/* Check if a pinfile is specified, and use that if possible */
+		pinfile = p11_kit_uri_get_pin_source(info);
+		if (pinfile != NULL) {
+			if (attempts > 0) {
+				_gnutls_debug_log("p11: refusing more than a single attempts with pin-source\n");
+				return gnutls_assert_val(GNUTLS_E_PKCS11_PIN_ERROR);
+			}
+
+			_gnutls_debug_log("p11: Using pin-source to retrieve PIN\n");
+			ret =
+			    retrieve_pin_from_source(pinfile, token_info, attempts,
+						     user_type, pin);
+		}
+	}
+
+	/* The global gnutls pin callback */
+	if (ret < 0)
+		ret =
+		    retrieve_pin_from_callback(pin_info, token_info,
+					       attempts, user_type, pin);
+
+	/* Otherwise, PIN entry is necessary for login, so fail if there's
+	 * no callback. */
+
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_debug_log
+		    ("p11: No suitable pin callback but login required.\n");
+	}
+
+	return ret;
+}
+
+int
+pkcs11_login(struct pkcs11_session_info *sinfo,
+	     struct pin_info_st *pin_info,
+	     struct p11_kit_uri *info,
+	     unsigned flags)
+{
+	struct ck_session_info session_info;
+	int attempt = 0, ret;
+	ck_user_type_t user_type;
+	ck_rv_t rv;
+
+	if (!(flags & SESSION_LOGIN)) {
+		_gnutls_debug_log("p11: No login requested.\n");
+		return 0;
+	}
+
+	if (flags & SESSION_SO) {
+		user_type = CKU_SO;
+	} else if (flags & SESSION_CONTEXT_SPECIFIC) {
+		user_type = CKU_CONTEXT_SPECIFIC;
+	} else {
+		user_type = CKU_USER;
+	}
+
+	if (!(flags & (SESSION_FORCE_LOGIN|SESSION_SO)) &&
+	    !(sinfo->tinfo.flags & CKF_LOGIN_REQUIRED)) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: No login required in token.\n");
+		return 0;
+	}
+
+	/* For a token with a "protected" (out-of-band) authentication
+	 * path, calling login with a NULL username is all that is
+	 * required. */
+	if (sinfo->tinfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH) {
+		rv = (sinfo->module)->C_Login(sinfo->pks,
+					      user_type,
+					      NULL, 0);
+		if (rv == CKR_OK || rv == CKR_USER_ALREADY_LOGGED_IN) {
+			return 0;
+		} else {
+			gnutls_assert();
+			_gnutls_debug_log
+			    ("p11: Protected login failed.\n");
+			ret = pkcs11_rv_to_err(rv);
+			goto cleanup;
+		}
+	}
+
+	do {
+		struct p11_kit_pin *pin;
+		struct ck_token_info tinfo;
+
+		memcpy(&tinfo, &sinfo->tinfo, sizeof(tinfo));
+
+		if (!(flags & SESSION_CONTEXT_SPECIFIC)) {
+			/* Check whether the session is already logged in, and if so, just skip */
+			rv = (sinfo->module)->C_GetSessionInfo(sinfo->pks,
+							       &session_info);
+			if (rv == CKR_OK) {
+				if (flags & SESSION_SO) {
+					if (session_info.state == CKS_RW_SO_FUNCTIONS) {
+						ret = 0;
+						_gnutls_debug_log
+						    ("p11: Already logged in as SO\n");
+						goto cleanup;
+					}
+				} else if (session_info.state == CKS_RO_USER_FUNCTIONS
+					|| session_info.state == CKS_RW_USER_FUNCTIONS) {
+					ret = 0;
+					_gnutls_debug_log
+					    ("p11: Already logged in as user\n");
+					goto cleanup;
+				}
+			}
+		}
+
+		/* If login has been attempted once already, check the token
+		 * status again, the flags might change. */
+		if (attempt) {
+			rv = pkcs11_get_token_info(sinfo->module, sinfo->sid,
+				     &tinfo);
+			if (rv != CKR_OK) {
+				gnutls_assert();
+				_gnutls_debug_log
+				    ("p11: GetTokenInfo failed\n");
+
+				ret = pkcs11_rv_to_err(rv);
+				goto cleanup;
+			}
+		}
+
+		ret =
+		    pkcs11_retrieve_pin(pin_info, info, &tinfo, attempt++,
+					user_type, &pin);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		rv = (sinfo->module)->C_Login(sinfo->pks, user_type,
+					      (unsigned char *)
+					      p11_kit_pin_get_value(pin,
+								    NULL),
+					      p11_kit_pin_get_length(pin));
+
+		p11_kit_pin_unref(pin);
+	}
+	while (rv == CKR_PIN_INCORRECT);
+
+	_gnutls_debug_log("p11: Login result = %s (%lu)\n", (rv==0)?"ok":p11_kit_strerror(rv), rv);
+
+	ret = (rv == CKR_OK || rv ==
+	       CKR_USER_ALREADY_LOGGED_IN) ? 0 : pkcs11_rv_to_err(rv);
+
+ cleanup:
+	return ret;
+}
+
+int pkcs11_call_token_func(struct p11_kit_uri *info, const unsigned retry)
+{
+	struct ck_token_info *tinfo;
+	char *label;
+	int ret = 0;
+
+	tinfo = p11_kit_uri_get_token_info(info);
+	label = p11_kit_space_strdup(tinfo->label, sizeof(tinfo->label));
+	ret = (_gnutls_token_func) (_gnutls_token_data, label, retry);
+	free(label);
+
+	return ret;
+}
+
+
+static int
+find_privkeys(struct pkcs11_session_info *sinfo,
+	      struct ck_token_info *tinfo, struct find_pkey_list_st *list)
+{
+	struct ck_attribute a[3];
+	ck_object_class_t class;
+	ck_rv_t rv;
+	ck_object_handle_t ctx;
+	unsigned long count, current;
+	char certid_tmp[PKCS11_ID_SIZE];
+	int ret;
+
+	class = CKO_PRIVATE_KEY;
+
+	/* Find an object with private key class and a certificate ID
+	 * which matches the certificate. */
+	a[0].type = CKA_CLASS;
+	a[0].value = &class;
+	a[0].value_len = sizeof class;
+
+	rv = pkcs11_find_objects_init(sinfo->module, sinfo->pks, a, 1);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		return pkcs11_rv_to_err(rv);
+	}
+
+	list->key_ids_size = 0;
+	while (pkcs11_find_objects
+	       (sinfo->module, sinfo->pks, &ctx, 1, &count) == CKR_OK
+	       && count == 1) {
+		list->key_ids_size++;
+	}
+
+	pkcs11_find_objects_final(sinfo);
+
+	if (list->key_ids_size == 0) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	list->key_ids = _gnutls_reallocarray(NULL, list->key_ids_size,
+					     sizeof(gnutls_buffer_st));
+	if (list->key_ids == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	/* actual search */
+	a[0].type = CKA_CLASS;
+	a[0].value = &class;
+	a[0].value_len = sizeof class;
+
+	rv = pkcs11_find_objects_init(sinfo->module, sinfo->pks, a, 1);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		return pkcs11_rv_to_err(rv);
+	}
+
+	current = 0;
+	while (pkcs11_find_objects
+	       (sinfo->module, sinfo->pks, &ctx, 1, &count) == CKR_OK
+	       && count == 1
+	       && current < list->key_ids_size) {
+
+		a[0].type = CKA_ID;
+		a[0].value = certid_tmp;
+		a[0].value_len = sizeof(certid_tmp);
+
+		_gnutls_buffer_init(&list->key_ids[current]);
+
+		if (pkcs11_get_attribute_value
+		    (sinfo->module, sinfo->pks, ctx, a, 1) == CKR_OK) {
+			ret = _gnutls_buffer_append_data(&list->key_ids[current],
+						   a[0].value,
+						   a[0].value_len);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+			current++;
+		}
+	}
+
+	pkcs11_find_objects_final(sinfo);
+
+	list->key_ids_size = current;
+
+	return 0;
+}
+
+/* Recover certificate list from tokens */
+
+#define OBJECTS_A_TIME 8*1024
+
+static int
+find_multi_objs_cb(struct ck_function_list *module, struct pkcs11_session_info *sinfo,
+	  struct ck_token_info *tinfo, struct ck_info *lib_info, void *input)
+{
+	struct find_multi_obj_st *find_data = input;
+	struct ck_attribute a[16];
+	struct ck_attribute *attr;
+	ck_object_class_t class = (ck_object_class_t) -1;
+	ck_certificate_type_t type = (ck_certificate_type_t) -1;
+	ck_bool_t trusted;
+	unsigned long category;
+	ck_rv_t rv;
+	ck_object_handle_t *ctx = NULL;
+	unsigned long count;
+	char certid_tmp[PKCS11_ID_SIZE];
+	int ret;
+	struct find_pkey_list_st plist;	/* private key holder */
+	unsigned int i, tot_values = 0, class_set = 0;
+	unsigned start_elem;
+
+	if (tinfo == NULL) {
+		gnutls_assert();
+		return 0;
+	}
+
+	/* do not bother reading the token if basic fields do not match
+	 */
+	if (!p11_kit_uri_match_token_info(find_data->info, tinfo) ||
+	    !p11_kit_uri_match_module_info(find_data->info, lib_info)) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	memset(&plist, 0, sizeof(plist));
+
+	if (find_data->flags & GNUTLS_PKCS11_OBJ_FLAG_WITH_PRIVKEY) {
+		ret = find_privkeys(sinfo, tinfo, &plist);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		if (plist.key_ids_size == 0) {
+			gnutls_assert();
+			return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		}
+	}
+
+	/* Find objects with given class and type */
+	attr = p11_kit_uri_get_attribute(find_data->info, CKA_CLASS);
+	if (attr) {
+		if (attr->value
+		    && attr->value_len == sizeof(ck_object_class_t))
+			class = *((ck_object_class_t *) attr->value);
+		if (class == CKO_CERTIFICATE)
+			type = CKC_X_509;
+	}
+
+	if (find_data->flags & GNUTLS_PKCS11_OBJ_FLAG_CRT) {
+		class = CKO_CERTIFICATE;
+
+		a[tot_values].type = CKA_CLASS;
+		a[tot_values].value = &class;
+		a[tot_values].value_len = sizeof class;
+		tot_values++;
+		class_set = 1;
+
+		type = CKC_X_509;
+		a[tot_values].type = CKA_CERTIFICATE_TYPE;
+		a[tot_values].value = &type;
+		a[tot_values].value_len = sizeof type;
+		tot_values++;
+		_gnutls_assert_log("p11 attrs: CKA_CLASS (CERT), CKA_CERTIFICATE_TYPE\n");
+	}
+
+	if (find_data->flags & GNUTLS_PKCS11_OBJ_FLAG_PUBKEY) {
+		class = CKO_PUBLIC_KEY;
+
+		a[tot_values].type = CKA_CLASS;
+		a[tot_values].value = &class;
+		a[tot_values].value_len = sizeof class;
+		tot_values++;
+		class_set = 1;
+		_gnutls_assert_log("p11 attrs: CKA_CLASS (PUBLIC KEY)\n");
+	}
+
+	if (find_data->flags & GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY) {
+		class = CKO_PRIVATE_KEY;
+
+		a[tot_values].type = CKA_CLASS;
+		a[tot_values].value = &class;
+		a[tot_values].value_len = sizeof class;
+		tot_values++;
+		class_set = 1;
+		_gnutls_assert_log("p11 attrs: CKA_CLASS (PRIVATE KEY)\n");
+	}
+
+	if (find_data->flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED) {
+		trusted = 1;
+		a[tot_values].type = CKA_TRUSTED;
+		a[tot_values].value = &trusted;
+		a[tot_values].value_len = sizeof trusted;
+		tot_values++;
+		_gnutls_assert_log("p11 attrs: CKA_TRUSTED\n");
+	}
+
+	if (find_data->flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_DISTRUSTED) {
+		if (!sinfo->trusted) { /* only p11-kit trust modules support this */
+			gnutls_assert();
+			return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		}
+
+		trusted = 1;
+		a[tot_values].type = CKA_X_DISTRUSTED;
+		a[tot_values].value = &trusted;
+		a[tot_values].value_len = sizeof trusted;
+		tot_values++;
+		_gnutls_assert_log("p11 attrs: CKA_X_DISTRUSTED\n");
+	}
+
+	if (find_data->flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_CA) {
+		category = 2;
+		a[tot_values].type = CKA_CERTIFICATE_CATEGORY;
+		a[tot_values].value = &category;
+		a[tot_values].value_len = sizeof category;
+		tot_values++;
+		_gnutls_assert_log("p11 attrs: CKA_CERTIFICATE_CATEGORY=CA\n");
+	}
+
+	if (class_set == 0 && class != (ck_object_class_t)-1) {
+		a[tot_values].type = CKA_CLASS;
+		a[tot_values].value = &class;
+		a[tot_values].value_len = sizeof class;
+		tot_values++;
+		class_set = 1;
+		_gnutls_assert_log("p11 attrs: CKA_CLASS\n");
+	}
+
+	attr = p11_kit_uri_get_attribute(find_data->info, CKA_ID);
+	if (attr) {
+		a[tot_values].type = CKA_ID;
+		a[tot_values].value = attr->value;
+		a[tot_values].value_len = attr->value_len;
+		tot_values++;
+		_gnutls_assert_log("p11 attrs: CKA_ID\n");
+	}
+
+	attr = p11_kit_uri_get_attribute(find_data->info, CKA_LABEL);
+	if (attr) {
+		a[tot_values].type = CKA_LABEL;
+		a[tot_values].value = attr->value;
+		a[tot_values].value_len = attr->value_len;
+		tot_values++;
+		_gnutls_assert_log("p11 attrs: CKA_LABEL\n");
+	}
+
+	rv = pkcs11_find_objects_init(sinfo->module, sinfo->pks, a,
+				      tot_values);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: FindObjectsInit failed.\n");
+		return pkcs11_rv_to_err(rv);
+	}
+
+	ctx = _gnutls_reallocarray(NULL, OBJECTS_A_TIME, sizeof(ctx[0]));
+	if (ctx == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		goto fail;
+	}
+
+	start_elem = find_data->current;
+
+	while (pkcs11_find_objects
+	       (sinfo->module, sinfo->pks, ctx, OBJECTS_A_TIME, &count) == CKR_OK
+	       && count > 0) {
+		unsigned j;
+		gnutls_datum_t id;
+
+		if (unlikely(INT_ADD_OVERFLOW(find_data->current, count))) {
+			ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+			goto fail;
+		}
+
+		find_data->p_list =
+			_gnutls_reallocarray_fast(find_data->p_list,
+						  find_data->current + count,
+						  sizeof(find_data->p_list[0]));
+		if (find_data->p_list == NULL) {
+			ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+			goto fail;
+		}
+
+		for (j=0;j<count;j++) {
+			a[0].type = CKA_ID;
+			a[0].value = certid_tmp;
+			a[0].value_len = sizeof certid_tmp;
+
+			if (pkcs11_get_attribute_value
+			    (sinfo->module, sinfo->pks, ctx[j], a, 1) == CKR_OK) {
+				id.data = a[0].value;
+				id.size = a[0].value_len;
+			} else {
+				id.data = NULL;
+				id.size = 0;
+			}
+
+			if (class_set == 0) {
+				a[0].type = CKA_CLASS;
+				a[0].value = &class;
+				a[0].value_len = sizeof class;
+
+				rv = pkcs11_get_attribute_value(sinfo->module,
+							   sinfo->pks, ctx[j], a, 1);
+				if (rv != CKR_OK) {
+					class = -1;
+				}
+			}
+
+			if (find_data->flags & GNUTLS_PKCS11_OBJ_FLAG_WITH_PRIVKEY) {
+				for (i = 0; i < plist.key_ids_size; i++) {
+					if (plist.key_ids[i].length !=
+					    id.size
+					    || memcmp(plist.key_ids[i].data,
+						      id.data,
+						      id.size) != 0) {
+						/* not found */
+						continue;
+					}
+				}
+			}
+
+			ret =
+			    gnutls_pkcs11_obj_init(&find_data->p_list
+						   [find_data->current]);
+			if (ret < 0) {
+				gnutls_assert();
+				goto fail;
+			}
+
+			ret = pkcs11_import_object(ctx[j], class, sinfo,
+					     tinfo, lib_info,
+					     find_data->p_list[find_data->current]);
+			if (ret < 0) {
+				gnutls_assert();
+				/* skip the failed object */
+				continue;
+			}
+
+			find_data->current++;
+		}
+	}
+
+	pkcs11_find_objects_final(sinfo);
+
+	/* we can have only a search state going on, so we can only overwrite extensions
+	 * after we have read everything. */
+	if (find_data->overwrite_exts) {
+		for (i=start_elem;i<find_data->current;i++) {
+			if (find_data->p_list[i]->raw.size > 0) {
+				gnutls_datum_t spki;
+				rv = pkcs11_get_attribute_avalue(sinfo->module, sinfo->pks, ctx[i], CKA_PUBLIC_KEY_INFO, &spki);
+				if (rv == CKR_OK) {
+					ret = pkcs11_override_cert_exts(sinfo, &spki, &find_data->p_list[i]->raw);
+					gnutls_free(spki.data);
+					if (ret < 0) {
+						gnutls_assert();
+						goto fail;
+					}
+				}
+			}
+		}
+	}
+	gnutls_free(ctx);
+
+	return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;	/* continue until all tokens have been checked */
+
+      fail:
+	gnutls_free(ctx);
+	pkcs11_find_objects_final(sinfo);
+	if (plist.key_ids != NULL) {
+		for (i = 0; i < plist.key_ids_size; i++) {
+			_gnutls_buffer_clear(&plist.key_ids[i]);
+		}
+		gnutls_free(plist.key_ids);
+	}
+	if (find_data->p_list != NULL) {
+		for (i = 0; i < find_data->current; i++) {
+			gnutls_pkcs11_obj_deinit(find_data->p_list[i]);
+		}
+		gnutls_free(find_data->p_list);
+	}
+	find_data->p_list = NULL;
+	find_data->current = 0;
+
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_obj_list_import_url3:
+ * @p_list: An uninitialized object list (may be %NULL)
+ * @n_list: Initially should hold the maximum size of the list. Will contain the actual size.
+ * @url: A PKCS 11 url identifying a set of objects
+ * @flags: Or sequence of GNUTLS_PKCS11_OBJ_* flags
+ *
+ * This function will initialize and set values to an object list
+ * by using all objects identified by a PKCS 11 URL.
+ *
+ * This function will enumerate all the objects specified by the PKCS#11 URL
+ * provided. It expects an already allocated @p_list which has *@n_list elements,
+ * and that value will be updated to the actual number of present objects. The
+ * @p_list objects will be initialized and set by this function.
+ * To obtain a list of all available objects use a @url of 'pkcs11:'.
+ *
+ * All returned objects must be deinitialized using gnutls_pkcs11_obj_deinit().
+ *
+ * The supported in this function @flags are %GNUTLS_PKCS11_OBJ_FLAG_LOGIN,
+ * %GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO, %GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE,
+ * %GNUTLS_PKCS11_OBJ_FLAG_CRT, %GNUTLS_PKCS11_OBJ_FLAG_PUBKEY, %GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY,
+ * %GNUTLS_PKCS11_OBJ_FLAG_WITH_PRIVKEY, %GNUTLS_PKCS11_OBJ_FLAG_MARK_CA,
+ * %GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED, and since 3.5.1 the %GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT.
+ *
+ * On versions of GnuTLS prior to 3.4.0 the equivalent function was
+ * gnutls_pkcs11_obj_list_import_url(). That is also available on this version
+ * as a macro which maps to this function.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_pkcs11_obj_list_import_url3(gnutls_pkcs11_obj_t * p_list,
+				  unsigned int *n_list,
+				  const char *url,
+				  unsigned int flags)
+{
+	gnutls_pkcs11_obj_t *list1 = NULL;
+	unsigned int n_list1, i;
+	int ret;
+
+	ret = gnutls_pkcs11_obj_list_import_url4(&list1, &n_list1, url, flags);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (n_list1 > *n_list) {
+		*n_list = n_list1;
+		for (i=0;i<n_list1;i++) {
+			gnutls_pkcs11_obj_deinit(list1[i]);
+		}
+		gnutls_free(list1);
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+	}
+
+	*n_list = n_list1;
+	if (p_list && list1)
+		memcpy(p_list, list1, n_list1*sizeof(p_list[0]));
+	gnutls_free(list1);
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_obj_list_import_url4:
+ * @p_list: An uninitialized object list (may be NULL)
+ * @n_list: It will contain the size of the list.
+ * @url: A PKCS 11 url identifying a set of objects
+ * @flags: Or sequence of GNUTLS_PKCS11_OBJ_* flags
+ *
+ * This function will enumerate all the objects specified by the PKCS#11 URL
+ * provided. It will initialize and set values to the object pointer list (@p_list)
+ * provided. To obtain a list of all available objects use a @url of 'pkcs11:'.
+ *
+ * All returned objects must be deinitialized using gnutls_pkcs11_obj_deinit(),
+ * and @p_list must be deinitialized using gnutls_free().
+ *
+ * The supported in this function @flags are %GNUTLS_PKCS11_OBJ_FLAG_LOGIN,
+ * %GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO, %GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE,
+ * %GNUTLS_PKCS11_OBJ_FLAG_CRT, %GNUTLS_PKCS11_OBJ_FLAG_PUBKEY, %GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY,
+ * %GNUTLS_PKCS11_OBJ_FLAG_WITH_PRIVKEY, %GNUTLS_PKCS11_OBJ_FLAG_MARK_CA,
+ * %GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED, and since 3.5.1 the %GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT.
+ *
+ * On versions of GnuTLS prior to 3.4.0 the equivalent function was
+ * gnutls_pkcs11_obj_list_import_url2(). That is also available on this version
+ * as a macro which maps to this function.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_pkcs11_obj_list_import_url4(gnutls_pkcs11_obj_t ** p_list,
+				   unsigned int *n_list,
+				   const char *url,
+				   unsigned int flags)
+{
+	int ret;
+	struct find_multi_obj_st priv;
+
+	PKCS11_CHECK_INIT_FLAGS(flags);
+
+	memset(&priv, 0, sizeof(priv));
+
+	/* fill in the find data structure */
+	priv.flags = flags;
+
+	if (url == NULL || url[0] == 0) {
+		url = "pkcs11:";
+	}
+
+	ret = pkcs11_url_to_info(url, &priv.info, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT) {
+		priv.overwrite_exts = 1;
+	}
+
+	ret =
+	    _pkcs11_traverse_tokens(find_multi_objs_cb, &priv, priv.info,
+				    NULL, pkcs11_obj_flags_to_int(flags));
+	p11_kit_uri_free(priv.info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			*p_list = NULL;
+			*n_list = 0;
+			ret = 0;
+		}
+		return ret;
+	}
+
+	*n_list = priv.current;
+	*p_list = priv.p_list;
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_import_pkcs11:
+ * @crt: A certificate of type #gnutls_x509_crt_t
+ * @pkcs11_crt: A PKCS 11 object that contains a certificate
+ *
+ * This function will import a PKCS 11 certificate to a #gnutls_x509_crt_t
+ * structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_x509_crt_import_pkcs11(gnutls_x509_crt_t crt,
+			      gnutls_pkcs11_obj_t pkcs11_crt)
+{
+	return gnutls_x509_crt_import(crt, &pkcs11_crt->raw,
+				      GNUTLS_X509_FMT_DER);
+}
+
+/*-
+ * _gnutls_x509_crt_import_pkcs11_url:
+ * @crt: A certificate of type #gnutls_x509_crt_t
+ * @url: A PKCS 11 url
+ * @flags: One of GNUTLS_PKCS11_OBJ_* flags
+ *
+ * This function will import a PKCS 11 certificate directly from a token
+ * without involving the #gnutls_pkcs11_obj_t type. This function will
+ * fail if the certificate stored is not of X.509 type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ -*/
+int
+_gnutls_x509_crt_import_pkcs11_url(gnutls_x509_crt_t crt,
+				  const char *url, unsigned int flags)
+{
+	gnutls_pkcs11_obj_t pcrt;
+	int ret;
+
+	ret = gnutls_pkcs11_obj_init(&pcrt);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (crt->pin.cb)
+		gnutls_pkcs11_obj_set_pin_function(pcrt, crt->pin.cb,
+						   crt->pin.data);
+
+	ret = gnutls_pkcs11_obj_import_url(pcrt, url, flags|GNUTLS_PKCS11_OBJ_FLAG_EXPECT_CERT);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_crt_import(crt, &pcrt->raw, GNUTLS_X509_FMT_DER);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	
+
+	ret = 0;
+ cleanup:
+
+	gnutls_pkcs11_obj_deinit(pcrt);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_list_import_pkcs11:
+ * @certs: A list of certificates of type #gnutls_x509_crt_t
+ * @cert_max: The maximum size of the list
+ * @objs: A list of PKCS 11 objects
+ * @flags: 0 for now
+ *
+ * This function will import a PKCS 11 certificate list to a list of 
+ * #gnutls_x509_crt_t type. These must not be initialized.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_x509_crt_list_import_pkcs11(gnutls_x509_crt_t * certs,
+				   unsigned int cert_max,
+				   gnutls_pkcs11_obj_t * const objs,
+				   unsigned int flags)
+{
+	unsigned int i, j;
+	int ret;
+
+	for (i = 0; i < cert_max; i++) {
+		ret = gnutls_x509_crt_init(&certs[i]);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = gnutls_x509_crt_import_pkcs11(certs[i], objs[i]);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	return 0;
+
+      cleanup:
+	for (j = 0; j < i; j++) {
+		gnutls_x509_crt_deinit(certs[j]);
+	}
+
+	return ret;
+}
+
+static int
+find_flags_cb(struct ck_function_list *module, struct pkcs11_session_info *sinfo,
+	   struct ck_token_info *tinfo, struct ck_info *lib_info, void *input)
+{
+	struct find_flags_data_st *find_data = input;
+
+	if (tinfo == NULL) {	/* we don't support multiple calls */
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	/* do not bother reading the token if basic fields do not match
+	 */
+	if (!p11_kit_uri_match_token_info(find_data->info, tinfo) ||
+	    !p11_kit_uri_match_module_info(find_data->info, lib_info)) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	/* found token! */
+	if (p11_kit_module_get_flags(sinfo->module) & P11_KIT_MODULE_TRUSTED)
+		find_data->trusted = 1;
+	else
+		find_data->trusted = 0;
+	find_data->slot_flags = sinfo->slot_info.flags;
+	find_data->token_flags = sinfo->tinfo.flags;
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_token_get_flags:
+ * @url: should contain a PKCS 11 URL
+ * @flags: The output flags (GNUTLS_PKCS11_TOKEN_*)
+ *
+ * This function will return information about the PKCS 11 token flags.
+ *
+ * The supported flags are: %GNUTLS_PKCS11_TOKEN_HW and %GNUTLS_PKCS11_TOKEN_TRUSTED.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code on error.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_pkcs11_token_get_flags(const char *url, unsigned int *flags)
+{
+	struct find_flags_data_st find_data;
+	int ret;
+
+	PKCS11_CHECK_INIT;
+
+	memset(&find_data, 0, sizeof(find_data));
+	ret = pkcs11_url_to_info(url, &find_data.info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _pkcs11_traverse_tokens(find_flags_cb, &find_data, find_data.info,
+				    NULL, 0);
+	p11_kit_uri_free(find_data.info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	*flags = 0;
+
+	/* read slot flags */
+	if (find_data.slot_flags & CKF_HW_SLOT)
+		*flags |= GNUTLS_PKCS11_TOKEN_HW;
+
+	/* read token flags */
+	if (find_data.token_flags & CKF_RNG)
+		*flags |= GNUTLS_PKCS11_TOKEN_RNG;
+
+	if (find_data.token_flags & CKF_LOGIN_REQUIRED)
+		*flags |= GNUTLS_PKCS11_TOKEN_LOGIN_REQUIRED;
+
+	if (find_data.token_flags & CKF_PROTECTED_AUTHENTICATION_PATH)
+		*flags |= GNUTLS_PKCS11_TOKEN_PROTECTED_AUTHENTICATION_PATH;
+
+	if (find_data.token_flags & CKF_TOKEN_INITIALIZED)
+		*flags |= GNUTLS_PKCS11_TOKEN_INITIALIZED;
+
+	if (find_data.token_flags & CKF_USER_PIN_COUNT_LOW)
+		*flags |= GNUTLS_PKCS11_TOKEN_USER_PIN_COUNT_LOW;
+
+	if (find_data.token_flags & CKF_USER_PIN_FINAL_TRY)
+		*flags |= GNUTLS_PKCS11_TOKEN_USER_PIN_FINAL_TRY;
+
+	if (find_data.token_flags & CKF_USER_PIN_LOCKED)
+		*flags |= GNUTLS_PKCS11_TOKEN_USER_PIN_LOCKED;
+
+	if (find_data.token_flags & CKF_SO_PIN_COUNT_LOW)
+		*flags |= GNUTLS_PKCS11_TOKEN_SO_PIN_COUNT_LOW;
+
+	if (find_data.token_flags & CKF_SO_PIN_FINAL_TRY)
+		*flags |= GNUTLS_PKCS11_TOKEN_SO_PIN_FINAL_TRY;
+
+	if (find_data.token_flags & CKF_SO_PIN_LOCKED)
+		*flags |= GNUTLS_PKCS11_TOKEN_SO_PIN_LOCKED;
+
+	if (find_data.token_flags & CKF_USER_PIN_INITIALIZED)
+		*flags |= GNUTLS_PKCS11_TOKEN_USER_PIN_INITIALIZED;
+
+#ifdef CKF_ERROR_STATE
+	if (find_data.token_flags & CKF_ERROR_STATE)
+		*flags |= GNUTLS_PKCS11_TOKEN_ERROR_STATE;
+#endif
+
+	/* other flags */
+	if (find_data.trusted != 0)
+		*flags |= GNUTLS_PKCS11_TOKEN_TRUSTED;
+
+	return 0;
+
+}
+
+/**
+ * gnutls_pkcs11_token_get_mechanism:
+ * @url: should contain a PKCS 11 URL
+ * @idx: The index of the mechanism
+ * @mechanism: The PKCS #11 mechanism ID
+ *
+ * This function will return the names of the supported mechanisms
+ * by the token. It should be called with an increasing index until
+ * it return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code on error.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pkcs11_token_get_mechanism(const char *url, unsigned int idx,
+				  unsigned long *mechanism)
+{
+	int ret;
+	ck_rv_t rv;
+	struct ck_function_list *module;
+	ck_slot_id_t slot;
+	struct ck_token_info tinfo;
+	struct p11_kit_uri *info = NULL;
+	unsigned long count;
+	ck_mechanism_type_t mlist[400];
+
+	PKCS11_CHECK_INIT;
+
+	ret = pkcs11_url_to_info(url, &info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = pkcs11_find_slot(&module, &slot, info, &tinfo, NULL, NULL);
+	p11_kit_uri_free(info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	count = sizeof(mlist) / sizeof(mlist[0]);
+	rv = pkcs11_get_mechanism_list(module, slot, mlist, &count);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		return pkcs11_rv_to_err(rv);
+	}
+
+	if (idx >= count) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	*mechanism = mlist[idx];
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_token_check_mechanism:
+ * @url: should contain a PKCS 11 URL
+ * @mechanism: The PKCS #11 mechanism ID
+ * @ptr: if set it should point to a CK_MECHANISM_INFO struct
+ * @psize: the size of CK_MECHANISM_INFO struct (for safety)
+ * @flags: must be zero
+ *
+ * This function will return whether a mechanism is supported
+ * by the given token. If the mechanism is supported and
+ * @ptr is set, it will be updated with the token information.
+ *
+ * Returns: Non-zero if the mechanism is supported or zero otherwise.
+ *
+ * Since: 3.6.0
+ **/
+unsigned
+gnutls_pkcs11_token_check_mechanism(const char *url,
+				    unsigned long mechanism,
+				    void *ptr, unsigned psize, unsigned flags)
+{
+	int ret;
+	ck_rv_t rv;
+	struct ck_function_list *module;
+	ck_slot_id_t slot;
+	struct ck_token_info tinfo;
+	struct p11_kit_uri *info = NULL;
+	struct ck_mechanism_info minfo;
+
+	PKCS11_CHECK_INIT;
+
+	ret = pkcs11_url_to_info(url, &info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = pkcs11_find_slot(&module, &slot, info, &tinfo, NULL, NULL);
+	p11_kit_uri_free(info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	rv = pkcs11_get_mechanism_info(module, slot, mechanism, &minfo);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		return 0;
+	}
+
+	if (ptr) {
+		if (sizeof(minfo) > psize)
+			return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+		else if (sizeof(minfo) < psize)
+			memset(ptr, 0, psize);
+		memcpy(ptr, &minfo, sizeof(minfo));
+	}
+
+	return 1;
+}
+
+/**
+ * gnutls_pkcs11_type_get_name:
+ * @type: Holds the PKCS 11 object type, a #gnutls_pkcs11_obj_type_t.
+ *
+ * This function will return a human readable description of the
+ * PKCS11 object type @obj.  It will return "Unknown" for unknown
+ * types.
+ *
+ * Returns: human readable string labeling the PKCS11 object type
+ * @type.
+ *
+ * Since: 2.12.0
+ **/
+const char *gnutls_pkcs11_type_get_name(gnutls_pkcs11_obj_type_t type)
+{
+	switch (type) {
+	case GNUTLS_PKCS11_OBJ_X509_CRT:
+		return "X.509 Certificate";
+	case GNUTLS_PKCS11_OBJ_PUBKEY:
+		return "Public key";
+	case GNUTLS_PKCS11_OBJ_PRIVKEY:
+		return "Private key";
+	case GNUTLS_PKCS11_OBJ_SECRET_KEY:
+		return "Secret key";
+	case GNUTLS_PKCS11_OBJ_DATA:
+		return "Data";
+	case GNUTLS_PKCS11_OBJ_X509_CRT_EXTENSION:
+		return "X.509 certificate extension";
+	case GNUTLS_PKCS11_OBJ_UNKNOWN:
+	default:
+		return "Unknown";
+	}
+}
+
+static
+int check_found_cert(struct find_cert_st *priv,
+		     ck_object_handle_t ctx,
+		     gnutls_datum_t *data,
+		     time_t now,
+		     ck_object_handle_t *cand_ctx)
+{
+	gnutls_x509_crt_t tcrt = NULL;
+	unsigned has_ski;
+	int ret;
+
+	ret = gnutls_x509_crt_init(&tcrt);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_x509_crt_import(tcrt, data, GNUTLS_X509_FMT_DER);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (priv->flags & GNUTLS_PKCS11_OBJ_FLAG_COMPARE) {
+		if (priv->crt == NULL) {
+			gnutls_assert();
+			ret = -1;
+			goto cleanup;
+		}
+
+		if (gnutls_x509_crt_equals(priv->crt, tcrt) == 0) {
+			/* doesn't match */
+			_gnutls_debug_log("check_found_cert: cert doesn't match the expected\n");
+			ret = -1;
+			goto cleanup;
+		}
+	}
+
+	if (priv->flags & GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY) {
+		if (priv->crt == NULL) {
+			gnutls_assert();
+			ret = -1;
+			goto cleanup;
+		}
+
+		if (_gnutls_check_if_same_key(priv->crt, tcrt, 1) == 0) {
+			/* doesn't match */
+			_gnutls_debug_log("check_found_cert: cert key doesn't match the expected key\n");
+			ret = -1;
+			goto cleanup;
+		}
+	}
+
+	if (priv->key_id.size > 0 &&
+	    !_gnutls_check_valid_key_id(&priv->key_id, tcrt, now, &has_ski)) {
+		gnutls_assert();
+		if (has_ski) {
+			_gnutls_debug_log("check_found_cert: cert has invalid key ID\n");
+			ret = -1;
+		} else {
+			/* That's a possible match; there can be CA certificates without
+			 * an SKI, which match a cert which has AKI. */
+			*cand_ctx = ctx;
+		}
+		goto cleanup;
+	}
+
+	ret = 0;
+cleanup:
+	if (tcrt != NULL)
+		gnutls_x509_crt_deinit(tcrt);
+	return ret;
+}
+
+static int get_data_and_attrs(struct pkcs11_session_info *sinfo,
+			      ck_object_handle_t object, gnutls_datum_t *data,
+			      char *label, size_t label_size,
+			      uint8_t *id, size_t id_size,
+			      gnutls_datum_t *o_label, gnutls_datum_t *o_id)
+{
+	ck_rv_t rv;
+	struct ck_attribute a[2];
+
+	/* data will contain the certificate */
+	rv = pkcs11_get_attribute_avalue(sinfo->module, sinfo->pks, object, CKA_VALUE, data);
+	if (rv == CKR_OK) {
+		a[0].type = CKA_LABEL;
+		a[0].value = label;
+		a[0].value_len = label_size;
+
+		a[1].type = CKA_ID;
+		a[1].value = id;
+		a[1].value_len = id_size;
+
+		if (pkcs11_get_attribute_value(sinfo->module, sinfo->pks, object, a,
+				     2) == CKR_OK) {
+			o_label->data = a[0].value;
+			o_label->size = a[0].value_len;
+			o_id->data = a[1].value;
+			o_id->size = a[1].value_len;
+
+			return 0;
+		} else {
+			_gnutls_free_datum(data);
+			_gnutls_debug_log
+				    ("p11: Skipped cert, missing attrs.\n");
+		}
+	}
+
+	return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+}
+
+static int
+find_cert_cb(struct ck_function_list *module, struct pkcs11_session_info *sinfo,
+	    struct ck_token_info *tinfo, struct ck_info *lib_info, void *input)
+{
+	struct ck_attribute a[10];
+	ck_object_class_t class = -1;
+	ck_certificate_type_t type = (ck_certificate_type_t) - 1;
+	ck_rv_t rv;
+	ck_object_handle_t ctx, cand_ctx = CK_INVALID_HANDLE;
+	unsigned long count, a_vals;
+	int found = 0, ret;
+	struct find_cert_st *priv = input;
+	char label_tmp[PKCS11_LABEL_SIZE];
+	uint8_t id_tmp[PKCS11_ID_SIZE];
+	gnutls_datum_t data = {NULL, 0};
+	unsigned finalized;
+	int i, tries;
+	ck_bool_t trusted = 1;
+	time_t now;
+	gnutls_datum_t label = {NULL,0}, id = {NULL,0};
+
+	if (tinfo == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	/* the DISTRUSTED flag is p11-kit module specific */
+	if (priv->flags & GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED) {
+		if (memcmp(lib_info->manufacturer_id, "PKCS#11 Kit", 11) != 0) {
+			gnutls_assert();
+			return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		}
+	}
+
+	if (priv->dn.size == 0 && priv->key_id.size == 0 && priv->issuer_dn.size == 0 &&
+		priv->serial.size == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	/* Find objects with given class and type */
+
+	if (priv->key_id.size > 0 && priv->dn.size > 0)
+		tries = 2;
+	else
+		tries = 1;
+
+	now = gnutls_time(0);
+	for (i = 0; i < tries; i++) {
+
+		a_vals = 0;
+		class = CKO_CERTIFICATE;
+		a[a_vals].type = CKA_CLASS;
+		a[a_vals].value = &class;
+		a[a_vals].value_len = sizeof class;
+		a_vals++;
+
+		if (priv->flags & GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED) {
+			a[a_vals].type = CKA_TRUSTED;
+			a[a_vals].value = &trusted;
+			a[a_vals].value_len = sizeof trusted;
+			a_vals++;
+		}
+
+		if (priv->flags & GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED) {
+			if (!sinfo->trusted) /* only p11-kit "trusted" modules support this flag */
+				return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+			a[a_vals].type = CKA_X_DISTRUSTED;
+			a[a_vals].value = &trusted;
+			a[a_vals].value_len = sizeof trusted;
+			a_vals++;
+		}
+
+		if (priv->need_import != 0) {
+			type = CKC_X_509;
+			a[a_vals].type = CKA_CERTIFICATE_TYPE;
+			a[a_vals].value = &type;
+			a[a_vals].value_len = sizeof type;
+			a_vals++;
+		}
+
+		if (i == 0 && priv->key_id.size > 0) {
+			a[a_vals].type = CKA_ID;
+			a[a_vals].value = priv->key_id.data;
+			a[a_vals].value_len = priv->key_id.size;
+			a_vals++;
+		}
+
+		/* This doesn't do a proper comparison, see
+		 * _gnutls_x509_compare_raw_dn() */
+		if (priv->dn.size > 0) {
+			a[a_vals].type = CKA_SUBJECT;
+			a[a_vals].value = priv->dn.data;
+			a[a_vals].value_len = priv->dn.size;
+			a_vals++;
+		}
+
+		if (priv->serial.size > 0) {
+			a[a_vals].type = CKA_SERIAL_NUMBER;
+			a[a_vals].value = priv->serial.data;
+			a[a_vals].value_len = priv->serial.size;
+			a_vals++;
+		}
+
+		/* Same problem as for priv->dn */
+		if (priv->issuer_dn.size > 0) {
+			a[a_vals].type = CKA_ISSUER;
+			a[a_vals].value = priv->issuer_dn.data;
+			a[a_vals].value_len = priv->issuer_dn.size;
+			a_vals++;
+		}
+
+		finalized = 0;
+		rv = pkcs11_find_objects_init(sinfo->module, sinfo->pks, a,
+					      a_vals);
+		if (rv != CKR_OK) {
+			gnutls_assert();
+			_gnutls_debug_log
+			    ("p11: FindObjectsInit failed.\n");
+			ret = pkcs11_rv_to_err(rv);
+			goto cleanup;
+		}
+
+		while (pkcs11_find_objects
+		       (sinfo->module, sinfo->pks, &ctx, 1,
+			&count) == CKR_OK && count == 1) {
+
+			if (priv->need_import == 0 && !(priv->flags & GNUTLS_PKCS11_OBJ_FLAG_COMPARE)
+			    && !(priv->flags & GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY)) {
+				found = 1;
+				break;
+			}
+
+			ret = get_data_and_attrs(sinfo, ctx, &data,
+						 label_tmp, sizeof(label_tmp),
+						 id_tmp, sizeof(id_tmp),
+						 &label,
+						 &id);
+			if (ret < 0)
+				continue;
+
+			ret = check_found_cert(priv, ctx, &data, now, &cand_ctx);
+			if (ret < 0) {
+				_gnutls_free_datum(&data);
+				continue;
+			}
+
+			found = 1;
+			break;
+		}
+
+		if (!found && cand_ctx != CK_INVALID_HANDLE) {
+			/* there was a possible match; let's retrieve that one instead of
+			 * failing */
+			ret = get_data_and_attrs(sinfo, cand_ctx, &data,
+						 label_tmp, sizeof(label_tmp),
+						 id_tmp, sizeof(id_tmp),
+						 &label,
+						 &id);
+			if (ret >= 0)
+				found = 1;
+
+			/* we do not need to use check_found_cert() because
+			 * in case we have a candidate, we already have checked it
+			 */
+		}
+
+		pkcs11_find_objects_final(sinfo);
+		finalized = 1;
+
+		if (found != 0) {
+			if (!(priv->flags & GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED) &&
+			    (priv->flags & GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT) && data.size > 0) {
+				gnutls_datum_t spki;
+				rv = pkcs11_get_attribute_avalue(sinfo->module, sinfo->pks, ctx, CKA_PUBLIC_KEY_INFO, &spki);
+				if (rv == CKR_OK) {
+					ret = pkcs11_override_cert_exts(sinfo, &spki, &data);
+					gnutls_free(spki.data);
+					if (ret < 0) {
+						gnutls_assert();
+						goto cleanup;
+					}
+				}
+			}
+
+			if (priv->need_import != 0) {
+				ret =
+				    pkcs11_obj_import(class, priv->obj,
+						      &data, &id, &label,
+						      tinfo,
+						      lib_info);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+			}
+			break;
+		}
+	}
+
+	if (found == 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	} else {
+		ret = 0;
+	}
+
+      cleanup:
+	gnutls_free(data.data);
+	if (finalized == 0)
+		pkcs11_find_objects_final(sinfo);
+
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_get_raw_issuer:
+ * @url: A PKCS 11 url identifying a token
+ * @cert: is the certificate to find issuer for
+ * @issuer: Will hold the issuer if any in an allocated buffer.
+ * @fmt: The format of the exported issuer.
+ * @flags: Use zero or flags from %GNUTLS_PKCS11_OBJ_FLAG.
+ *
+ * This function will return the issuer of a given certificate, if it
+ * is stored in the token. By default only marked as trusted issuers
+ * are returned. If any issuer should be returned specify
+ * %GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY in @flags.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.2.7
+ **/
+int gnutls_pkcs11_get_raw_issuer(const char *url, gnutls_x509_crt_t cert,
+				 gnutls_datum_t * issuer,
+				 gnutls_x509_crt_fmt_t fmt,
+				 unsigned int flags)
+{
+	int ret;
+	struct find_cert_st priv;
+	uint8_t id[PKCS11_ID_SIZE];
+	size_t id_size;
+	struct p11_kit_uri *info = NULL;
+
+	PKCS11_CHECK_INIT_FLAGS(flags);
+
+	memset(&priv, 0, sizeof(priv));
+
+	if (url == NULL || url[0] == 0) {
+		url = "pkcs11:";
+	}
+
+	ret = pkcs11_url_to_info(url, &info, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	id_size = sizeof(id);
+	ret =
+	    gnutls_x509_crt_get_authority_key_id(cert, id, &id_size, NULL);
+	if (ret >= 0) {
+		priv.key_id.data = id;
+		priv.key_id.size = id_size;
+	}
+
+	priv.dn.data = cert->raw_issuer_dn.data;
+	priv.dn.size = cert->raw_issuer_dn.size;
+
+	if (!(flags & GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY))
+		flags |= GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED;
+
+	priv.flags = flags;
+
+	ret = gnutls_pkcs11_obj_init(&priv.obj);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	gnutls_pkcs11_obj_set_pin_function(priv.obj, cert->pin.cb, cert->pin.data);
+
+	priv.need_import = 1;
+
+	ret =
+	    _pkcs11_traverse_tokens(find_cert_cb, &priv, info,
+				    &cert->pin, pkcs11_obj_flags_to_int(flags));
+	if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		/* we have failed retrieving the right certificate; if there
+		 * was a close match return that one. */
+		priv.flags |= GNUTLS_PKCS11_OBJ_FLAG_FIRST_CLOSE_MATCH;
+		ret =
+		    _pkcs11_traverse_tokens(find_cert_cb, &priv, info,
+					    &cert->pin, pkcs11_obj_flags_to_int(flags));
+	}
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pkcs11_obj_export3(priv.obj, fmt, issuer);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	if (priv.obj)
+		gnutls_pkcs11_obj_deinit(priv.obj);
+	if (info)
+		p11_kit_uri_free(info);
+
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_get_raw_issuer_by_dn:
+ * @url: A PKCS 11 url identifying a token
+ * @dn: is the DN to search for
+ * @issuer: Will hold the issuer if any in an allocated buffer.
+ * @fmt: The format of the exported issuer.
+ * @flags: Use zero or flags from %GNUTLS_PKCS11_OBJ_FLAG.
+ *
+ * This function will return the certificate with the given DN, if it
+ * is stored in the token. By default only marked as trusted issuers
+ * are returned. If any issuer should be returned specify
+ * %GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY in @flags.
+ *
+ * The name of the function includes issuer because it can
+ * be used to discover issuers of certificates.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int gnutls_pkcs11_get_raw_issuer_by_dn (const char *url, const gnutls_datum_t *dn,
+					gnutls_datum_t *issuer,
+					gnutls_x509_crt_fmt_t fmt,
+					unsigned int flags)
+{
+	int ret;
+	struct find_cert_st priv;
+	struct p11_kit_uri *info = NULL;
+
+	PKCS11_CHECK_INIT_FLAGS(flags);
+
+	memset(&priv, 0, sizeof(priv));
+
+	if (url == NULL || url[0] == 0) {
+		url = "pkcs11:";
+	}
+
+	ret = pkcs11_url_to_info(url, &info, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	priv.dn.data = dn->data;
+	priv.dn.size = dn->size;
+
+	if (!(flags & GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY))
+		flags |= GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED;
+
+	priv.flags = flags;
+
+	ret = gnutls_pkcs11_obj_init(&priv.obj);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	priv.need_import = 1;
+
+	ret =
+	    _pkcs11_traverse_tokens(find_cert_cb, &priv, info,
+				    NULL, pkcs11_obj_flags_to_int(flags));
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pkcs11_obj_export3(priv.obj, fmt, issuer);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	if (priv.obj)
+		gnutls_pkcs11_obj_deinit(priv.obj);
+	if (info)
+		p11_kit_uri_free(info);
+
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_get_raw_issuer_by_subject_key_id:
+ * @url: A PKCS 11 url identifying a token
+ * @dn: is the DN to search for (may be %NULL)
+ * @spki: is the subject key ID to search for
+ * @issuer: Will hold the issuer if any in an allocated buffer.
+ * @fmt: The format of the exported issuer.
+ * @flags: Use zero or flags from %GNUTLS_PKCS11_OBJ_FLAG.
+ *
+ * This function will return the certificate with the given DN and @spki, if it
+ * is stored in the token. By default only marked as trusted issuers
+ * are returned. If any issuer should be returned specify
+ * %GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY in @flags.
+ *
+ * The name of the function includes issuer because it can
+ * be used to discover issuers of certificates.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.2
+ **/
+int gnutls_pkcs11_get_raw_issuer_by_subject_key_id (const char *url, 
+					const gnutls_datum_t *dn,
+					const gnutls_datum_t *spki,
+					gnutls_datum_t *issuer,
+					gnutls_x509_crt_fmt_t fmt,
+					unsigned int flags)
+{
+	int ret;
+	struct find_cert_st priv;
+	struct p11_kit_uri *info = NULL;
+
+	PKCS11_CHECK_INIT_FLAGS(flags);
+
+	memset(&priv, 0, sizeof(priv));
+
+	if (url == NULL || url[0] == 0) {
+		url = "pkcs11:";
+	}
+
+	ret = pkcs11_url_to_info(url, &info, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (dn) {
+		priv.dn.data = dn->data;
+		priv.dn.size = dn->size;
+	}
+
+	priv.key_id.data = spki->data;
+	priv.key_id.size = spki->size;
+
+	if (!(flags & GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY))
+		flags |= GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED;
+
+	priv.flags = flags;
+
+	ret = gnutls_pkcs11_obj_init(&priv.obj);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	priv.need_import = 1;
+
+	ret =
+	    _pkcs11_traverse_tokens(find_cert_cb, &priv, info,
+				    NULL, pkcs11_obj_flags_to_int(flags));
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pkcs11_obj_export3(priv.obj, fmt, issuer);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	if (priv.obj)
+		gnutls_pkcs11_obj_deinit(priv.obj);
+	if (info)
+		p11_kit_uri_free(info);
+
+	return ret;
+}
+
+unsigned
+_gnutls_pkcs11_crt_is_known(const char *url, gnutls_x509_crt_t cert,
+			    unsigned int flags,
+			    gnutls_x509_crt_t *trusted_cert)
+{
+	int ret;
+	struct find_cert_st priv;
+	uint8_t serial[128];
+	size_t serial_size;
+	struct p11_kit_uri *info = NULL;
+
+	PKCS11_CHECK_INIT_FLAGS_RET(flags, 0);
+
+	memset(&priv, 0, sizeof(priv));
+
+	if (trusted_cert) {
+		ret = gnutls_pkcs11_obj_init(&priv.obj);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		priv.need_import = 1;
+	}
+
+	if (url == NULL || url[0] == 0) {
+		url = "pkcs11:";
+	}
+
+	ret = pkcs11_url_to_info(url, &info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return 0;
+	}
+
+	/* Attempt searching using the issuer DN + serial number */
+	serial_size = sizeof(serial);
+	ret =
+	    gnutls_x509_crt_get_serial(cert, serial, &serial_size);
+	if (ret < 0) {
+		gnutls_assert();
+		ret = 0;
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_ext_gen_number(serial, serial_size, &priv.serial);
+	if (ret < 0) {
+		gnutls_assert();
+		ret = 0;
+		goto cleanup;
+	}
+
+	priv.crt = cert;
+
+	priv.issuer_dn.data = cert->raw_issuer_dn.data;
+	priv.issuer_dn.size = cert->raw_issuer_dn.size;
+
+	/* assume PKCS11_OBJ_FLAG_COMPARE everywhere but DISTRUST info */
+	if (!(flags & GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED) && !(flags & GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY)) {
+		flags |= GNUTLS_PKCS11_OBJ_FLAG_COMPARE;
+	}
+
+	priv.flags = flags;
+
+	ret =
+	    _pkcs11_traverse_tokens(find_cert_cb, &priv, info,
+				    NULL, pkcs11_obj_flags_to_int(flags));
+	if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		_gnutls_debug_log("crt_is_known: did not find cert, using issuer DN + serial, using DN only\n");
+		/* attempt searching with the subject DN only */
+		gnutls_assert();
+		if (priv.obj)
+			gnutls_pkcs11_obj_deinit(priv.obj);
+		gnutls_free(priv.serial.data);
+		memset(&priv, 0, sizeof(priv));
+		if (trusted_cert) {
+			ret = gnutls_pkcs11_obj_init(&priv.obj);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			priv.need_import = 1;
+		}
+		priv.crt = cert;
+		priv.flags = flags;
+
+		priv.dn.data = cert->raw_dn.data;
+		priv.dn.size = cert->raw_dn.size;
+		ret =
+		    _pkcs11_traverse_tokens(find_cert_cb, &priv, info,
+				    NULL, pkcs11_obj_flags_to_int(flags));
+	}
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_debug_log("crt_is_known: did not find any cert\n");
+		ret = 0;
+		goto cleanup;
+	}
+
+	if (trusted_cert) {
+		ret = gnutls_x509_crt_init(trusted_cert);
+		if (ret < 0) {
+			gnutls_assert();
+			ret = 0;
+			goto cleanup;
+		}
+		ret = gnutls_x509_crt_import_pkcs11(*trusted_cert, priv.obj);
+		if (ret < 0) {
+			gnutls_assert();
+			gnutls_x509_crt_deinit(*trusted_cert);
+			ret = 0;
+			goto cleanup;
+		}
+	}
+	ret = 1;
+
+      cleanup:
+	if (priv.obj)
+		gnutls_pkcs11_obj_deinit(priv.obj);
+	if (info)
+		p11_kit_uri_free(info);
+	gnutls_free(priv.serial.data);
+
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_crt_is_known:
+ * @url: A PKCS 11 url identifying a token
+ * @cert: is the certificate to find issuer for
+ * @flags: Use zero or flags from %GNUTLS_PKCS11_OBJ_FLAG.
+ *
+ * This function will check whether the provided certificate is stored
+ * in the specified token. This is useful in combination with 
+ * %GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED or
+ * %GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED,
+ * to check whether a CA is present or a certificate is blacklisted in
+ * a trust PKCS #11 module.
+ *
+ * This function can be used with a @url of "pkcs11:", and in that case all modules
+ * will be searched. To restrict the modules to the marked as trusted in p11-kit
+ * use the %GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE flag.
+ *
+ * Note that the flag %GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED is
+ * specific to p11-kit trust modules.
+ *
+ * Returns: If the certificate exists non-zero is returned, otherwise zero.
+ *
+ * Since: 3.3.0
+ **/
+unsigned gnutls_pkcs11_crt_is_known(const char *url, gnutls_x509_crt_t cert,
+				 unsigned int flags)
+{
+	return _gnutls_pkcs11_crt_is_known(url, cert, flags, NULL);
+}
+
+/**
+ * gnutls_pkcs11_obj_get_flags:
+ * @obj: The pkcs11 object
+ * @oflags: Will hold the output flags
+ *
+ * This function will return the flags of the object.
+ * The @oflags will be flags from %gnutls_pkcs11_obj_flags. That is,
+ * the %GNUTLS_PKCS11_OBJ_FLAG_MARK_* flags.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.7
+ **/
+int
+gnutls_pkcs11_obj_get_flags(gnutls_pkcs11_obj_t obj, unsigned int *oflags)
+{
+	*oflags = obj->flags;
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_obj_flags_get_str:
+ * @flags: holds the flags
+ *
+ * This function given an or-sequence of %GNUTLS_PKCS11_OBJ_FLAG_MARK,
+ * will return an allocated string with its description. The string
+ * needs to be deallocated using gnutls_free().
+ *
+ * Returns: If flags is zero %NULL is returned, otherwise an allocated string.
+ *
+ * Since: 3.3.7
+ **/
+char *gnutls_pkcs11_obj_flags_get_str(unsigned int flags)
+{
+	gnutls_buffer_st str;
+	gnutls_datum_t out;
+	int ret;
+
+	if (flags == 0)
+		return NULL;
+
+	_gnutls_buffer_init(&str);
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_KEY_WRAP)
+		_gnutls_buffer_append_str(&str, "CKA_WRAP/UNWRAP; ");
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_CA)
+		_gnutls_buffer_append_str(&str, "CKA_CERTIFICATE_CATEGORY=CA; ");
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE)
+		_gnutls_buffer_append_str(&str, "CKA_PRIVATE; ");
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_ALWAYS_AUTH)
+		_gnutls_buffer_append_str(&str, "CKA_ALWAYS_AUTH; ");
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED)
+		_gnutls_buffer_append_str(&str, "CKA_TRUSTED; ");
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_DISTRUSTED)
+		_gnutls_buffer_append_str(&str, "CKA_X_DISTRUSTED; ");
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_EXTRACTABLE)
+		_gnutls_buffer_append_str(&str, "CKA_EXTRACTABLE; ");
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_NEVER_EXTRACTABLE)
+		_gnutls_buffer_append_str(&str, "CKA_NEVER_EXTRACTABLE; ");
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE)
+		_gnutls_buffer_append_str(&str, "CKA_SENSITIVE; ");
+
+	ret = _gnutls_buffer_to_datum(&str, &out, 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	return (char*)out.data;
+fail:
+	return NULL;
+
+}
diff --git a/lib/pkcs11_int.c b/lib/pkcs11_int.c
new file mode 100644
index 0000000..c4e867a
--- /dev/null
+++ b/lib/pkcs11_int.c
@@ -0,0 +1,304 @@
+/*
+ * GnuTLS PKCS#11 support
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2008, Joe Orton <joe@manyfish.co.uk>
+ * 
+ * Authors: Nikos Mavrogiannopoulos, Stef Walter
+ *
+ * Inspired and some parts (pkcs11_login) based on neon PKCS #11 support 
+ * by Joe Orton. More ideas came from the pkcs11-helper library by 
+ * Alon Bar-Lev.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/pkcs11.h>
+#include <stdio.h>
+#include <string.h>
+#include "errors.h"
+#include <datum.h>
+
+#include <pin.h>
+#include <pkcs11_int.h>
+#include <p11-kit/p11-kit.h>
+#include <p11-kit/pkcs11.h>
+#include <p11-kit/pin.h>
+
+ck_rv_t
+pkcs11_get_slot_list(struct ck_function_list * module,
+		     unsigned char token_present, ck_slot_id_t * slot_list,
+		     unsigned long *count)
+{
+	return (module)->C_GetSlotList(token_present, slot_list, count);
+}
+
+ck_rv_t
+pkcs11_get_module_info(struct ck_function_list * module,
+		       struct ck_info * info)
+{
+	return (module)->C_GetInfo(info);
+}
+
+ck_rv_t
+pkcs11_get_slot_info(struct ck_function_list * module,
+		     ck_slot_id_t slot_id, struct ck_slot_info * info)
+{
+	return (module)->C_GetSlotInfo(slot_id, info);
+}
+
+ck_rv_t
+pkcs11_get_token_info(struct ck_function_list * module,
+		      ck_slot_id_t slot_id, struct ck_token_info * info)
+{
+	return (module)->C_GetTokenInfo(slot_id, info);
+}
+
+ck_rv_t
+pkcs11_find_objects_init(struct ck_function_list * module,
+			 ck_session_handle_t sess,
+			 struct ck_attribute * templ, unsigned long count)
+{
+	return (module)->C_FindObjectsInit(sess, templ, count);
+}
+
+ck_rv_t
+pkcs11_find_objects(struct ck_function_list * module,
+		    ck_session_handle_t sess,
+		    ck_object_handle_t * objects,
+		    unsigned long max_object_count,
+		    unsigned long *object_count)
+{
+	return (module)->C_FindObjects(sess, objects, max_object_count,
+				       object_count);
+}
+
+ck_rv_t pkcs11_find_objects_final(struct pkcs11_session_info * sinfo)
+{
+	return (sinfo->module)->C_FindObjectsFinal(sinfo->pks);
+}
+
+ck_rv_t pkcs11_close_session(struct pkcs11_session_info * sinfo)
+{
+	sinfo->init = 0;
+	return (sinfo->module)->C_CloseSession(sinfo->pks);
+}
+
+ck_rv_t
+pkcs11_set_attribute_value(struct ck_function_list * module,
+			   ck_session_handle_t sess,
+			   ck_object_handle_t object,
+			   struct ck_attribute * templ,
+			   unsigned long count)
+{
+	return (module)->C_SetAttributeValue(sess, object, templ, count);
+}
+
+ck_rv_t
+pkcs11_get_attribute_value(struct ck_function_list * module,
+			   ck_session_handle_t sess,
+			   ck_object_handle_t object,
+			   struct ck_attribute * templ,
+			   unsigned long count)
+{
+	return (module)->C_GetAttributeValue(sess, object, templ, count);
+}
+
+/* Returns only a single attribute value, but allocates its data 
+ * Only the type needs to be set.
+ */
+ck_rv_t
+pkcs11_get_attribute_avalue(struct ck_function_list * module,
+			   ck_session_handle_t sess,
+			   ck_object_handle_t object,
+			   ck_attribute_type_t type,
+			   gnutls_datum_t *res)
+{
+	ck_rv_t rv;
+	struct ck_attribute templ;
+	void *t;
+
+	res->data = NULL;
+	res->size = 0;
+
+	templ.type = type;
+	templ.value = NULL;
+	templ.value_len = 0;
+	rv = (module)->C_GetAttributeValue(sess, object, &templ, 1);
+	if (rv == CKR_OK) {
+		/* PKCS#11 v2.20 requires sensitive values to set a length
+		 * of -1. In that case an error should have been returned,
+		 * but some implementations return CKR_OK instead. */
+		if (templ.value_len == (unsigned long)-1)
+			return CKR_ATTRIBUTE_SENSITIVE;
+
+		if (templ.value_len == 0)
+			return rv;
+
+		templ.type = type;
+		t = gnutls_malloc(templ.value_len);
+		if (t == NULL)
+			return gnutls_assert_val(CKR_HOST_MEMORY);
+		templ.value = t;
+		rv = (module)->C_GetAttributeValue(sess, object, &templ, 1);
+		if (rv != CKR_OK) {
+			gnutls_free(t);
+			return rv;
+		}
+		res->data = t;
+		res->size = templ.value_len;
+	}
+	return rv;
+}
+
+ck_rv_t
+pkcs11_get_mechanism_list(struct ck_function_list * module,
+			  ck_slot_id_t slot_id,
+			  ck_mechanism_type_t * mechanism_list,
+			  unsigned long *count)
+{
+	return (module)->C_GetMechanismList(slot_id, mechanism_list,
+					    count);
+}
+
+ck_rv_t
+pkcs11_get_mechanism_info(struct ck_function_list *module,
+			  ck_slot_id_t slot_id,
+			  ck_mechanism_type_t mechanism,
+			  struct ck_mechanism_info *ptr)
+{
+	return (module)->C_GetMechanismInfo(slot_id, mechanism,
+					    ptr);
+}
+
+ck_rv_t
+pkcs11_sign_init(struct ck_function_list * module,
+		 ck_session_handle_t sess,
+		 struct ck_mechanism * mechanism, ck_object_handle_t key)
+{
+	return (module)->C_SignInit(sess, mechanism, key);
+}
+
+ck_rv_t
+pkcs11_sign(struct ck_function_list * module,
+	    ck_session_handle_t sess,
+	    unsigned char *data,
+	    unsigned long data_len,
+	    unsigned char *signature, unsigned long *signature_len)
+{
+	return (module)->C_Sign(sess, data, data_len, signature,
+				signature_len);
+}
+
+ck_rv_t
+pkcs11_generate_key(struct ck_function_list * module,
+		    ck_session_handle_t sess,
+		    struct ck_mechanism * mechanism,
+		    struct ck_attribute * templ,
+		    unsigned long count,
+		    ck_object_handle_t * key)
+{
+	return (module)->C_GenerateKey(sess, mechanism, templ, count, key);
+}
+
+ck_rv_t
+pkcs11_generate_key_pair(struct ck_function_list * module,
+			 ck_session_handle_t sess,
+			 struct ck_mechanism * mechanism,
+			 struct ck_attribute * pub_templ,
+			 unsigned long pub_templ_count,
+			 struct ck_attribute * priv_templ,
+			 unsigned long priv_templ_count,
+			 ck_object_handle_t * pub_ctx,
+			 ck_object_handle_t * priv_ctx)
+{
+	return (module)->C_GenerateKeyPair(sess, mechanism, pub_templ,
+					   pub_templ_count, priv_templ,
+					   priv_templ_count, pub_ctx, priv_ctx);
+}
+
+ck_rv_t
+pkcs11_decrypt_init(struct ck_function_list * module,
+		    ck_session_handle_t sess,
+		    struct ck_mechanism * mechanism,
+		    ck_object_handle_t key_ctx)
+{
+	return (module)->C_DecryptInit(sess, mechanism, key_ctx);
+}
+
+ck_rv_t
+pkcs11_decrypt(struct ck_function_list * module,
+	       ck_session_handle_t sess,
+	       unsigned char *encrypted_data,
+	       unsigned long encrypted_data_len,
+	       unsigned char *data, unsigned long *data_len)
+{
+	return (module)->C_Decrypt(sess, encrypted_data,
+				   encrypted_data_len, data, data_len);
+}
+
+ck_rv_t
+pkcs11_create_object(struct ck_function_list * module,
+		     ck_session_handle_t sess,
+		     struct ck_attribute * templ,
+		     unsigned long count, ck_object_handle_t * ctx)
+{
+	return (module)->C_CreateObject(sess, templ, count, ctx);
+}
+
+ck_rv_t
+pkcs11_destroy_object(struct ck_function_list * module,
+		      ck_session_handle_t sess, ck_object_handle_t ctx)
+{
+	return (module)->C_DestroyObject(sess, ctx);
+}
+
+ck_rv_t
+pkcs11_init_token(struct ck_function_list * module,
+		  ck_slot_id_t slot_id, unsigned char *pin,
+		  unsigned long pin_len, unsigned char *label)
+{
+	return (module)->C_InitToken(slot_id, pin, pin_len, label);
+}
+
+ck_rv_t
+pkcs11_init_pin(struct ck_function_list * module,
+		ck_session_handle_t sess,
+		unsigned char *pin, unsigned long pin_len)
+{
+	return (module)->C_InitPIN(sess, pin, pin_len);
+}
+
+ck_rv_t
+pkcs11_set_pin(struct ck_function_list * module,
+	       ck_session_handle_t sess,
+	       const char *old_pin,
+	       unsigned long old_len,
+	       const char *new_pin, unsigned long new_len)
+{
+	return (module)->C_SetPIN(sess, (uint8_t *) old_pin, old_len,
+				  (uint8_t *) new_pin, new_len);
+}
+
+ck_rv_t
+_gnutls_pkcs11_get_random(struct ck_function_list * module,
+		  ck_session_handle_t sess, void *data, size_t len)
+{
+	return (module)->C_GenerateRandom(sess, data, len);
+}
+
+const char *pkcs11_strerror(ck_rv_t rv)
+{
+	return p11_kit_strerror(rv);
+}
diff --git a/lib/pkcs11_int.h b/lib/pkcs11_int.h
new file mode 100644
index 0000000..86cce0d
--- /dev/null
+++ b/lib/pkcs11_int.h
@@ -0,0 +1,470 @@
+/*
+ * GnuTLS PKCS#11 support
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * 
+ * Authors: Nikos Mavrogiannopoulos, Stef Walter
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+
+#ifndef GNUTLS_LIB_PKCS11_INT_H
+#define GNUTLS_LIB_PKCS11_INT_H
+
+#ifdef ENABLE_PKCS11
+
+#define CRYPTOKI_GNU
+#include <p11-kit/pkcs11.h>
+#include <gnutls/pkcs11.h>
+#include <x509/x509_int.h>
+
+/* Part of PKCS#11 3.0 interface, which was added in p11-kit 0.23.14 */
+#ifdef CKM_EDDSA
+#define HAVE_CKM_EDDSA
+#endif
+
+#define PKCS11_ID_SIZE 128
+#define PKCS11_LABEL_SIZE 128
+
+#include <p11-kit/p11-kit.h>
+#include <p11-kit/pin.h>
+#include <p11-kit/uri.h>
+typedef unsigned char ck_bool_t;
+
+struct pkcs11_session_info {
+	struct ck_function_list *module;
+	struct ck_token_info tinfo;
+	struct ck_slot_info slot_info;
+	ck_session_handle_t pks;
+	ck_slot_id_t sid;
+	unsigned int init;
+	unsigned int trusted; /* whether module is marked as trusted */
+};
+
+struct gnutls_pkcs11_obj_st {
+	gnutls_datum_t raw;
+	gnutls_pkcs11_obj_type_t type;
+	ck_object_class_t class;
+
+	unsigned int flags;
+	struct p11_kit_uri *info;
+
+	/* only when pubkey */
+	gnutls_datum_t pubkey[MAX_PUBLIC_PARAMS_SIZE];
+	unsigned pubkey_size;
+	gnutls_pk_algorithm_t pk_algorithm;
+	unsigned int key_usage;
+
+	struct pin_info_st pin;
+};
+
+struct gnutls_pkcs11_privkey_st {
+	gnutls_pk_algorithm_t pk_algorithm;
+	unsigned int rsa_pss_ok; /* if it is an RSA key, it can do RSA-PSS */
+	unsigned int bits;
+
+	unsigned int flags;
+	struct p11_kit_uri *uinfo;
+	char *url;
+
+	struct pkcs11_session_info sinfo;
+	ck_object_handle_t ref;	/* the key in the session */
+	unsigned reauth; /* whether we need to login on each operation */
+
+	void *mutex; /* lock for operations requiring co-ordination */
+
+	struct pin_info_st pin;
+};
+
+/* This must be called on every function that uses a PKCS #11 function
+ * directly. It can be provided a callback function to run when a reinitialization
+ * occurs. */
+typedef int (*pkcs11_reinit_function)(void *priv);
+
+typedef enum init_level_t {
+	PROV_UNINITIALIZED = 0,
+	PROV_INIT_MANUAL,
+	PROV_INIT_MANUAL_TRUSTED,
+	PROV_INIT_TRUSTED,
+	PROV_INIT_ALL
+} init_level_t;
+
+/* See _gnutls_pkcs11_check_init() for possible Transitions.
+ */
+
+int _gnutls_pkcs11_check_init(init_level_t req_level, void *priv, pkcs11_reinit_function cb);
+
+#define FIX_KEY_USAGE(pk, usage) \
+	if (usage == 0) { \
+		if (pk == GNUTLS_PK_RSA) \
+			usage = GNUTLS_KEY_DECIPHER_ONLY|GNUTLS_KEY_DIGITAL_SIGNATURE; \
+		else \
+			usage = GNUTLS_KEY_DIGITAL_SIGNATURE; \
+	}
+
+#define PKCS11_CHECK_INIT \
+	ret = _gnutls_pkcs11_check_init(PROV_INIT_ALL, NULL, NULL); \
+	if (ret < 0) \
+		return gnutls_assert_val(ret)
+
+#define PKCS11_CHECK_INIT_RET(x) \
+	ret = _gnutls_pkcs11_check_init(PROV_INIT_ALL, NULL, NULL); \
+	if (ret < 0) \
+		return gnutls_assert_val(x)
+
+#define PKCS11_CHECK_INIT_FLAGS(f) \
+	ret = _gnutls_pkcs11_check_init((f & GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE)?PROV_INIT_TRUSTED:PROV_INIT_ALL, NULL, NULL); \
+	if (ret < 0) \
+		return gnutls_assert_val(ret)
+
+#define PKCS11_CHECK_INIT_FLAGS_RET(f, x) \
+	ret = _gnutls_pkcs11_check_init((f & GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE)?PROV_INIT_TRUSTED:PROV_INIT_ALL, NULL, NULL); \
+	if (ret < 0) \
+		return gnutls_assert_val(x)
+
+
+/* thus function is called for every token in the traverse_tokens
+ * function. Once everything is traversed it is called with NULL tinfo.
+ * It should return 0 if found what it was looking for.
+ */
+typedef int (*find_func_t) (struct ck_function_list *, struct pkcs11_session_info *,
+			    struct ck_token_info * tinfo, struct ck_info *,
+			    void *input);
+
+int pkcs11_rv_to_err(ck_rv_t rv);
+int pkcs11_url_to_info(const char *url, struct p11_kit_uri **info, unsigned flags);
+int
+pkcs11_find_slot(struct ck_function_list **module, ck_slot_id_t * slot,
+		 struct p11_kit_uri *info, struct ck_token_info *_tinfo,
+		 struct ck_slot_info *_slot_info, unsigned int *trusted);
+
+int pkcs11_read_pubkey(struct ck_function_list *module,
+		       ck_session_handle_t pks, ck_object_handle_t obj,
+		       ck_key_type_t key_type, gnutls_pkcs11_obj_t pobj);
+
+int pkcs11_override_cert_exts(struct pkcs11_session_info *sinfo, gnutls_datum_t *spki, gnutls_datum_t *der);
+
+int pkcs11_get_info(struct p11_kit_uri *info,
+		    gnutls_pkcs11_obj_info_t itype, void *output,
+		    size_t * output_size);
+int pkcs11_login(struct pkcs11_session_info *sinfo,
+		 struct pin_info_st *pin_info,
+		 struct p11_kit_uri *info, unsigned flags);
+
+int pkcs11_call_token_func(struct p11_kit_uri *info, const unsigned retry);
+
+extern gnutls_pkcs11_token_callback_t _gnutls_token_func;
+extern void *_gnutls_token_data;
+
+void pkcs11_rescan_slots(void);
+int pkcs11_info_to_url(struct p11_kit_uri *info,
+		       gnutls_pkcs11_url_type_t detailed, char **url);
+
+int
+_gnutls_x509_crt_import_pkcs11_url(gnutls_x509_crt_t crt,
+				  const char *url, unsigned int flags);
+
+#define SESSION_WRITE (1<<0)
+#define SESSION_LOGIN (1<<1)
+#define SESSION_SO (1<<2)	/* security officer session */
+#define SESSION_TRUSTED (1<<3) /* session on a marked as trusted (p11-kit) module */
+#define SESSION_FORCE_LOGIN (1<<4) /* force login even when CFK_LOGIN_REQUIRED is not set */
+#define SESSION_CONTEXT_SPECIFIC (1<<5)
+#define SESSION_NO_CLOSE (1<<6) /* don't close session on success */
+
+int pkcs11_open_session(struct pkcs11_session_info *sinfo,
+			struct pin_info_st *pin_info,
+			struct p11_kit_uri *info, unsigned int flags);
+int _pkcs11_traverse_tokens(find_func_t find_func, void *input,
+			    struct p11_kit_uri *info,
+			    struct pin_info_st *pin_info,
+			    unsigned int flags);
+ck_object_class_t pkcs11_strtype_to_class(const char *type);
+
+/* Additional internal flags for gnutls_pkcs11_obj_flags */
+/* @GNUTLS_PKCS11_OBJ_FLAG_EXPECT_CERT: When importing an object, provide a hint on the type, to allow incomplete URLs
+ * @GNUTLS_PKCS11_OBJ_FLAG_EXPECT_PRIVKEY: Hint for private key */
+#define GNUTLS_PKCS11_OBJ_FLAG_FIRST_CLOSE_MATCH ((unsigned int)1<<28)
+#define GNUTLS_PKCS11_OBJ_FLAG_EXPECT_CERT (1<<29)
+#define GNUTLS_PKCS11_OBJ_FLAG_EXPECT_PRIVKEY (1<<30)
+#define GNUTLS_PKCS11_OBJ_FLAG_EXPECT_PUBKEY ((unsigned int)1<<31)
+
+int pkcs11_token_matches_info(struct p11_kit_uri *info,
+			      struct ck_token_info *tinfo,
+			      struct ck_info *lib_info);
+
+unsigned int pkcs11_obj_flags_to_int(unsigned int flags);
+
+int
+_gnutls_pkcs11_privkey_sign(gnutls_pkcs11_privkey_t key,
+			    const gnutls_sign_entry_st *se,
+			    const gnutls_datum_t * hash,
+			    gnutls_datum_t * signature,
+			    gnutls_x509_spki_st *spki_params);
+
+int
+_gnutls_pkcs11_privkey_decrypt_data(gnutls_pkcs11_privkey_t key,
+				    unsigned int flags,
+				    const gnutls_datum_t * ciphertext,
+				    gnutls_datum_t * plaintext);
+
+int
+_gnutls_pkcs11_privkey_decrypt_data2(gnutls_pkcs11_privkey_t key,
+				     unsigned int flags,
+				     const gnutls_datum_t * ciphertext,
+			             unsigned char * plaintext,
+			             size_t plaintext_size);
+
+int
+_pkcs11_privkey_get_pubkey (gnutls_pkcs11_privkey_t pkey, gnutls_pubkey_t *pub, unsigned flags);
+
+static inline int pk_to_mech(gnutls_pk_algorithm_t pk)
+{
+	if (pk == GNUTLS_PK_DSA)
+		return CKM_DSA;
+	else if (pk == GNUTLS_PK_EC)
+		return CKM_ECDSA;
+	else if (pk == GNUTLS_PK_RSA)
+		return CKM_RSA_PKCS;
+	else if (pk == GNUTLS_PK_RSA_PSS)
+		return CKM_RSA_PKCS_PSS;
+#ifdef HAVE_CKM_EDDSA
+        else if (pk == GNUTLS_PK_EDDSA_ED25519)
+                return CKM_EDDSA;
+#endif
+	else
+		return -1;
+}
+
+static inline int pk_to_key_type(gnutls_pk_algorithm_t pk)
+{
+	if (pk == GNUTLS_PK_DSA)
+		return CKK_DSA;
+	else if (pk == GNUTLS_PK_EC)
+		return CKK_ECDSA;
+	else if (pk == GNUTLS_PK_RSA_PSS || pk == GNUTLS_PK_RSA)
+		return CKK_RSA;
+#ifdef HAVE_CKM_EDDSA
+        else if (pk == GNUTLS_PK_EDDSA_ED25519)
+                return CKK_EC_EDWARDS;
+#endif
+	else
+		return -1;
+}
+
+static inline gnutls_pk_algorithm_t key_type_to_pk(ck_key_type_t m)
+{
+	if (m == CKK_RSA)
+		return GNUTLS_PK_RSA;
+	else if (m == CKK_DSA)
+		return GNUTLS_PK_DSA;
+	else if (m == CKK_ECDSA)
+		return GNUTLS_PK_EC;
+#ifdef HAVE_CKM_EDDSA
+        else if (m == CKK_EC_EDWARDS)
+                return GNUTLS_PK_EDDSA_ED25519;
+#endif
+	else
+		return GNUTLS_PK_UNKNOWN;
+}
+
+static inline int pk_to_genmech(gnutls_pk_algorithm_t pk, ck_key_type_t *type)
+{
+	if (pk == GNUTLS_PK_DSA) {
+		*type = CKK_DSA;
+		return CKM_DSA_KEY_PAIR_GEN;
+	} else if (pk == GNUTLS_PK_EC) {
+		*type = CKK_ECDSA;
+		return CKM_ECDSA_KEY_PAIR_GEN;
+	} else if (pk == GNUTLS_PK_RSA_PSS || pk == GNUTLS_PK_RSA) {
+		*type = CKK_RSA;
+		return CKM_RSA_PKCS_KEY_PAIR_GEN;
+#ifdef HAVE_CKM_EDDSA
+        } else if (pk == GNUTLS_PK_EDDSA_ED25519) {
+                *type = CKK_EC_EDWARDS;
+                return CKM_EDDSA;
+#endif
+	} else {
+		*type = -1;
+		return -1;
+	}
+}
+
+int
+pkcs11_retrieve_pin(struct pin_info_st *pin_info, struct p11_kit_uri *info,
+		    struct ck_token_info *token_info, int attempts,
+		    ck_user_type_t user_type, struct p11_kit_pin **pin);
+
+ck_object_class_t pkcs11_type_to_class(gnutls_pkcs11_obj_type_t type);
+
+ck_rv_t
+pkcs11_generate_key(struct ck_function_list * module,
+		    ck_session_handle_t sess,
+		    struct ck_mechanism * mechanism,
+		    struct ck_attribute * templ,
+		    unsigned long count,
+		    ck_object_handle_t * key);
+
+ck_rv_t
+pkcs11_generate_key_pair(struct ck_function_list * module,
+			 ck_session_handle_t sess,
+			 struct ck_mechanism * mechanism,
+			 struct ck_attribute * pub_templ,
+			 unsigned long pub_templ_count,
+			 struct ck_attribute * priv_templ,
+			 unsigned long priv_templ_count,
+			 ck_object_handle_t * pub,
+			 ck_object_handle_t * priv);
+
+ck_rv_t
+pkcs11_get_slot_list(struct ck_function_list *module,
+		     unsigned char token_present,
+		     ck_slot_id_t * slot_list, unsigned long *count);
+
+ck_rv_t
+pkcs11_get_module_info(struct ck_function_list *module,
+		       struct ck_info *info);
+
+ck_rv_t
+pkcs11_get_slot_info(struct ck_function_list *module,
+		     ck_slot_id_t slot_id, struct ck_slot_info *info);
+
+ck_rv_t
+pkcs11_get_token_info(struct ck_function_list *module,
+		      ck_slot_id_t slot_id, struct ck_token_info *info);
+
+ck_rv_t
+pkcs11_find_objects_init(struct ck_function_list *module,
+			 ck_session_handle_t sess,
+			 struct ck_attribute *templ, unsigned long count);
+
+ck_rv_t
+pkcs11_find_objects(struct ck_function_list *module,
+		    ck_session_handle_t sess,
+		    ck_object_handle_t * objects,
+		    unsigned long max_object_count,
+		    unsigned long *object_count);
+
+ck_rv_t pkcs11_find_objects_final(struct pkcs11_session_info *);
+
+ck_rv_t pkcs11_close_session(struct pkcs11_session_info *);
+
+ck_rv_t
+pkcs11_set_attribute_value(struct ck_function_list * module,
+			   ck_session_handle_t sess,
+			   ck_object_handle_t object,
+			   struct ck_attribute * templ,
+			   unsigned long count);
+
+ck_rv_t
+pkcs11_get_attribute_value(struct ck_function_list *module,
+			   ck_session_handle_t sess,
+			   ck_object_handle_t object,
+			   struct ck_attribute *templ,
+			   unsigned long count);
+
+ck_rv_t
+pkcs11_get_attribute_avalue(struct ck_function_list * module,
+			   ck_session_handle_t sess,
+			   ck_object_handle_t object,
+			   ck_attribute_type_t type,
+			   gnutls_datum_t *res);
+
+ck_rv_t
+pkcs11_get_mechanism_list(struct ck_function_list *module,
+			  ck_slot_id_t slot_id,
+			  ck_mechanism_type_t * mechanism_list,
+			  unsigned long *count);
+
+ck_rv_t
+pkcs11_get_mechanism_info(struct ck_function_list *module,
+			  ck_slot_id_t slot_id,
+			  ck_mechanism_type_t mechanism,
+			  struct ck_mechanism_info *ptr);
+
+ck_rv_t
+pkcs11_sign_init(struct ck_function_list *module,
+		 ck_session_handle_t sess,
+		 struct ck_mechanism *mechanism, ck_object_handle_t key);
+
+ck_rv_t
+pkcs11_sign(struct ck_function_list *module,
+	    ck_session_handle_t sess,
+	    unsigned char *data,
+	    unsigned long data_len,
+	    unsigned char *signature, unsigned long *signature_len);
+
+ck_rv_t
+pkcs11_decrypt_init(struct ck_function_list *module,
+		    ck_session_handle_t sess,
+		    struct ck_mechanism *mechanism,
+		    ck_object_handle_t key);
+
+ck_rv_t
+pkcs11_decrypt(struct ck_function_list *module,
+	       ck_session_handle_t sess,
+	       unsigned char *encrypted_data,
+	       unsigned long encrypted_data_len,
+	       unsigned char *data, unsigned long *data_len);
+
+ck_rv_t
+pkcs11_create_object(struct ck_function_list *module,
+		     ck_session_handle_t sess,
+		     struct ck_attribute *templ,
+		     unsigned long count, ck_object_handle_t * object);
+
+ck_rv_t
+pkcs11_destroy_object(struct ck_function_list *module,
+		      ck_session_handle_t sess, ck_object_handle_t object);
+
+ck_rv_t
+pkcs11_init_token(struct ck_function_list *module,
+		  ck_slot_id_t slot_id, unsigned char *pin,
+		  unsigned long pin_len, unsigned char *label);
+
+ck_rv_t
+pkcs11_init_pin(struct ck_function_list *module,
+		ck_session_handle_t sess,
+		unsigned char *pin, unsigned long pin_len);
+
+ck_rv_t
+pkcs11_set_pin(struct ck_function_list *module,
+	       ck_session_handle_t sess,
+	       const char *old_pin,
+	       unsigned long old_len,
+	       const char *new_pin, unsigned long new_len);
+
+ck_rv_t
+_gnutls_pkcs11_get_random(struct ck_function_list *module,
+		  ck_session_handle_t sess, void *data, size_t len);
+
+
+const char *pkcs11_strerror(ck_rv_t rv);
+
+/* Returns 1 if the provided URL is an object, rather than
+ * a token. */
+inline static bool is_pkcs11_url_object(const char *url)
+{
+	if (strstr(url, "id=") != 0 || strstr(url, "object=") != 0)
+		return 1;
+	return 0;
+}
+
+unsigned
+_gnutls_pkcs11_crt_is_known(const char *url, gnutls_x509_crt_t cert,
+			    unsigned int flags,
+			    gnutls_x509_crt_t *trusted_cert);
+
+#endif				/* ENABLE_PKCS11 */
+
+#endif /* GNUTLS_LIB_PKCS11_INT_H */
diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c
new file mode 100644
index 0000000..3ecd183
--- /dev/null
+++ b/lib/pkcs11_privkey.c
@@ -0,0 +1,1514 @@
+/*
+ * GnuTLS PKCS#11 support
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ * 
+ * Authors: Nikos Mavrogiannopoulos, Stef Walter
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/pkcs11.h>
+#include <stdio.h>
+#include <string.h>
+#include "errors.h"
+#include <datum.h>
+#include <pkcs11_int.h>
+#include <tls-sig.h>
+#include <pk.h>
+#include <fips.h>
+#include "urls.h"
+#include "locks.h"
+#include <p11-kit/uri.h>
+
+/* In case of a fork, it will invalidate the open session
+ * in the privkey and start another */
+#define PKCS11_CHECK_INIT_PRIVKEY(k) \
+	ret = _gnutls_pkcs11_check_init(PROV_INIT_ALL, k, reopen_privkey_session); \
+	if (ret < 0) \
+		return gnutls_assert_val(ret)
+
+#define FIND_OBJECT(key) \
+	do { \
+		int retries = 0; \
+		int rret; \
+		ret = find_object (&key->sinfo, &key->pin, &key->ref, key->uinfo, \
+					  SESSION_LOGIN); \
+		if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { \
+			if (_gnutls_token_func) \
+			  { \
+			    rret = pkcs11_call_token_func (key->uinfo, retries++); \
+			    if (rret == 0) continue; \
+			  } \
+			return gnutls_assert_val(ret); \
+		} else if (ret < 0) { \
+			return gnutls_assert_val(ret); \
+		} \
+		break; \
+	} while (1);
+
+
+/**
+ * gnutls_pkcs11_privkey_init:
+ * @key: A pointer to the type to be initialized
+ *
+ * This function will initialize an private key structure. This
+ * structure can be used for accessing an underlying PKCS#11 object.
+ *
+ * In versions of GnuTLS later than 3.5.11 the object is protected
+ * using locks and a single %gnutls_pkcs11_privkey_t can be re-used
+ * by many threads. However, for performance it is recommended to utilize
+ * one object per key per thread.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs11_privkey_init(gnutls_pkcs11_privkey_t * key)
+{
+	int ret;
+	FAIL_IF_LIB_ERROR;
+
+	*key = gnutls_calloc(1, sizeof(struct gnutls_pkcs11_privkey_st));
+	if (*key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	(*key)->uinfo = p11_kit_uri_new();
+	if ((*key)->uinfo == NULL) {
+		free(*key);
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret = gnutls_mutex_init(&(*key)->mutex);
+	if (ret < 0) {
+		gnutls_assert();
+		p11_kit_uri_free((*key)->uinfo);
+		free(*key);
+		return GNUTLS_E_LOCKING_ERROR;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_privkey_cpy:
+ * @dst: The destination key, which should be initialized.
+ * @src: The source key
+ *
+ * This function will copy a private key from source to destination
+ * key. Destination has to be initialized.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_pkcs11_privkey_cpy(gnutls_pkcs11_privkey_t dst,
+			  gnutls_pkcs11_privkey_t src)
+{
+	return gnutls_pkcs11_privkey_import_url(dst, src->url, src->flags);
+}
+
+/**
+ * gnutls_pkcs11_privkey_deinit:
+ * @key: the key to be deinitialized
+ *
+ * This function will deinitialize a private key structure.
+ **/
+void gnutls_pkcs11_privkey_deinit(gnutls_pkcs11_privkey_t key)
+{
+	p11_kit_uri_free(key->uinfo);
+	gnutls_free(key->url);
+	if (key->sinfo.init != 0)
+		pkcs11_close_session(&key->sinfo);
+	gnutls_mutex_deinit(&key->mutex);
+	gnutls_free(key);
+}
+
+/**
+ * gnutls_pkcs11_privkey_get_pk_algorithm:
+ * @key: should contain a #gnutls_pkcs11_privkey_t type
+ * @bits: if bits is non null it will hold the size of the parameters' in bits
+ *
+ * This function will return the public key algorithm of a private
+ * key.
+ *
+ * Returns: a member of the #gnutls_pk_algorithm_t enumeration on
+ *   success, or a negative error code on error.
+ **/
+int
+gnutls_pkcs11_privkey_get_pk_algorithm(gnutls_pkcs11_privkey_t key,
+				       unsigned int *bits)
+{
+	if (bits)
+		*bits = key->bits;
+	return key->pk_algorithm;
+}
+
+/**
+ * gnutls_pkcs11_privkey_get_info:
+ * @pkey: should contain a #gnutls_pkcs11_privkey_t type
+ * @itype: Denotes the type of information requested
+ * @output: where output will be stored
+ * @output_size: contains the maximum size of the output and will be overwritten with actual
+ *
+ * This function will return information about the PKCS 11 private key such
+ * as the label, id as well as token information where the key is stored. When
+ * output is text it returns null terminated string although #output_size contains
+ * the size of the actual data only.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code on error.
+ **/
+int
+gnutls_pkcs11_privkey_get_info(gnutls_pkcs11_privkey_t pkey,
+			       gnutls_pkcs11_obj_info_t itype,
+			       void *output, size_t * output_size)
+{
+	return pkcs11_get_info(pkey->uinfo, itype, output, output_size);
+}
+
+static int
+find_object(struct pkcs11_session_info *sinfo,
+	    struct pin_info_st *pin_info,
+	    ck_object_handle_t * _ctx,
+	    struct p11_kit_uri *info, unsigned int flags)
+{
+	int ret;
+	ck_object_handle_t ctx;
+	struct ck_attribute *attrs;
+	unsigned long attr_count;
+	unsigned long count;
+	ck_rv_t rv;
+
+	ret =
+	    pkcs11_open_session(sinfo, pin_info, info,
+				flags & SESSION_LOGIN);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	attrs = p11_kit_uri_get_attributes(info, &attr_count);
+	rv = pkcs11_find_objects_init(sinfo->module, sinfo->pks, attrs,
+				      attr_count);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: FindObjectsInit failed.\n");
+		ret = pkcs11_rv_to_err(rv);
+		goto fail;
+	}
+
+	if (pkcs11_find_objects(sinfo->module, sinfo->pks, &ctx, 1, &count)
+	    == CKR_OK && count == 1) {
+		*_ctx = ctx;
+		pkcs11_find_objects_final(sinfo);
+		return 0;
+	}
+
+	ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	pkcs11_find_objects_final(sinfo);
+      fail:
+	pkcs11_close_session(sinfo);
+
+	return ret;
+}
+
+/* callback function to be passed in _gnutls_pkcs11_check_init().
+ * It is run, only when a fork has been detected, and data have
+ * been re-initialized. In that case we reset the session and re-open
+ * the object. */
+static int reopen_privkey_session(void * _privkey)
+{
+	int ret;
+	gnutls_pkcs11_privkey_t privkey = _privkey;
+
+	memset(&privkey->sinfo, 0, sizeof(privkey->sinfo));
+	privkey->ref = 0;
+	FIND_OBJECT(privkey);
+
+	return 0;
+}
+
+#define REPEAT_ON_INVALID_HANDLE(expr) \
+	if ((expr) == CKR_SESSION_HANDLE_INVALID) { \
+		ret = reopen_privkey_session(key); \
+		if (ret < 0) \
+			return gnutls_assert_val(ret); \
+		expr; \
+	}
+
+struct hash_mappings_st {
+	gnutls_digest_algorithm_t id;
+	unsigned long phash; /* pkcs11 hash ID */
+	unsigned long mgf_id;
+};
+
+
+#ifndef CKG_MGF1_SHA224
+# define CKG_MGF1_SHA224 0x00000005UL
+# define CKG_MGF1_SHA256 0x00000002UL
+# define CKG_MGF1_SHA384 0x00000003UL
+# define CKG_MGF1_SHA512 0x00000004UL
+
+struct ck_rsa_pkcs_pss_params {
+	ck_mechanism_type_t hash_alg;
+	/* ck_rsa_pkcs_mgf_type_t is not defined in old versions of p11-kit */
+	unsigned long mgf;
+	unsigned long s_len;
+};
+#endif
+
+static const struct hash_mappings_st hash_mappings[] =
+{
+	{.id = GNUTLS_DIG_SHA224,
+	 .phash = CKM_SHA224,
+	 .mgf_id = CKG_MGF1_SHA224
+	},
+	{.id = GNUTLS_DIG_SHA256,
+	 .phash = CKM_SHA256,
+	 .mgf_id = CKG_MGF1_SHA256
+	},
+	{.id = GNUTLS_DIG_SHA384,
+	 .phash = CKM_SHA384,
+	 .mgf_id = CKG_MGF1_SHA384
+	},
+	{.id = GNUTLS_DIG_SHA512,
+	 .phash = CKM_SHA512,
+	 .mgf_id = CKG_MGF1_SHA512
+	}
+};
+
+static const struct hash_mappings_st *hash_to_map(gnutls_digest_algorithm_t hash)
+{
+	unsigned i;
+	for (i=0;i<sizeof(hash_mappings)/sizeof(hash_mappings[0]);i++) {
+		if (hash == hash_mappings[i].id)
+			return &hash_mappings[i];
+	}
+	return NULL;
+}
+
+/*-
+ * _gnutls_pkcs11_privkey_sign:
+ * @key: Holds the key
+ * @hash: holds the data to be signed (should be output of a hash)
+ * @signature: will contain the signature allocated with gnutls_malloc()
+ *
+ * This function will sign the given data using a signature algorithm
+ * supported by the private key. It is assumed that the given data
+ * are the output of a hash function. Input is the same as in
+ * privkey_sign_raw_data().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ -*/
+int
+_gnutls_pkcs11_privkey_sign(gnutls_pkcs11_privkey_t key,
+			    const gnutls_sign_entry_st *se,
+			    const gnutls_datum_t * hash,
+			    gnutls_datum_t * signature,
+			    gnutls_x509_spki_st *spki_params)
+{
+	ck_rv_t rv;
+	int ret;
+	struct ck_mechanism mech;
+	gnutls_datum_t tmp = { NULL, 0 };
+	unsigned long siglen;
+	struct pkcs11_session_info *sinfo;
+	unsigned req_login = 0;
+	unsigned login_flags = SESSION_LOGIN|SESSION_CONTEXT_SPECIFIC;
+	struct ck_rsa_pkcs_pss_params rsa_pss_params;
+
+	PKCS11_CHECK_INIT_PRIVKEY(key);
+
+	sinfo = &key->sinfo;
+
+	if (se->pk == GNUTLS_PK_RSA_PSS) {
+		const struct hash_mappings_st *map = hash_to_map(se->hash);
+
+		if (unlikely(map == NULL))
+			return gnutls_assert_val(GNUTLS_E_UNKNOWN_PK_ALGORITHM);
+
+		if (unlikely(!key->rsa_pss_ok))
+			return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM);
+
+		rsa_pss_params.hash_alg = map->phash;
+		rsa_pss_params.mgf = map->mgf_id;
+		rsa_pss_params.s_len = spki_params->salt_size;
+
+		mech.mechanism = CKM_RSA_PKCS_PSS;
+		mech.parameter = &rsa_pss_params;
+		mech.parameter_len = sizeof(rsa_pss_params);
+	} else {
+		ret = pk_to_mech(se->pk);
+
+		if (ret == -1)
+			return gnutls_assert_val(GNUTLS_E_UNKNOWN_PK_ALGORITHM);
+
+		mech.mechanism = ret;
+		mech.parameter = NULL;
+		mech.parameter_len = 0;
+	}
+
+	ret = gnutls_mutex_lock(&key->mutex);
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_LOCKING_ERROR);
+
+	/* Initialize signing operation; using the private key discovered
+	 * earlier. */
+	REPEAT_ON_INVALID_HANDLE(rv = pkcs11_sign_init(sinfo->module, sinfo->pks, &mech, key->ref));
+	if (rv != CKR_OK) {
+		_gnutls_debug_log("p11: %s\n", pkcs11_strerror(rv));
+		gnutls_assert();
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+ retry_login:
+	if (key->reauth || req_login) {
+		if (req_login)
+			login_flags = SESSION_FORCE_LOGIN|SESSION_LOGIN;
+		ret =
+		    pkcs11_login(&key->sinfo, &key->pin,
+				 key->uinfo, login_flags);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_debug_log("PKCS #11 login failed, trying operation anyway\n");
+			/* let's try the operation anyway */
+		}
+	}
+
+	/* Work out how long the signature must be: */
+	rv = pkcs11_sign(sinfo->module, sinfo->pks, hash->data, hash->size,
+			 NULL, &siglen);
+	if (unlikely(rv == CKR_USER_NOT_LOGGED_IN && req_login == 0)) {
+		req_login = 1;
+		goto retry_login;
+	}
+
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+	tmp.data = gnutls_malloc(siglen);
+	tmp.size = siglen;
+
+	rv = pkcs11_sign(sinfo->module, sinfo->pks, hash->data, hash->size,
+			 tmp.data, &siglen);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+
+	if (key->pk_algorithm == GNUTLS_PK_ECDSA
+	    || key->pk_algorithm == GNUTLS_PK_DSA) {
+		unsigned int hlen = siglen / 2;
+		gnutls_datum_t r, s;
+
+		if (siglen % 2 != 0) {
+			gnutls_assert();
+			ret = GNUTLS_E_PK_SIGN_FAILED;
+			goto cleanup;
+		}
+
+		r.data = tmp.data;
+		r.size = hlen;
+
+		s.data = &tmp.data[hlen];
+		s.size = hlen;
+
+		ret = _gnutls_encode_ber_rs_raw(signature, &r, &s);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		gnutls_free(tmp.data);
+	} else {
+		signature->size = siglen;
+		signature->data = tmp.data;
+	}
+
+	ret = 0;
+
+      cleanup:
+	gnutls_mutex_unlock(&key->mutex);
+	if (sinfo != &key->sinfo)
+		pkcs11_close_session(sinfo);
+	if (ret < 0)
+		gnutls_free(tmp.data);
+
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_privkey_status:
+ * @key: Holds the key
+ *
+ * Checks the status of the private key token.
+ *
+ * Returns: this function will return non-zero if the token
+ * holding the private key is still available (inserted), and zero otherwise.
+ *
+ * Since: 3.1.9
+ *
+ **/
+unsigned gnutls_pkcs11_privkey_status(gnutls_pkcs11_privkey_t key)
+{
+	ck_rv_t rv;
+	int ret;
+	struct ck_session_info session_info;
+
+	PKCS11_CHECK_INIT_PRIVKEY(key);
+
+	REPEAT_ON_INVALID_HANDLE(rv = (key->sinfo.module)->C_GetSessionInfo(key->sinfo.pks, &session_info));
+	if (rv != CKR_OK) {
+		ret = 0;
+		goto cleanup;
+	}
+	ret = 1;
+
+      cleanup:
+
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_privkey_import_url:
+ * @pkey: The private key
+ * @url: a PKCS 11 url identifying the key
+ * @flags: Or sequence of GNUTLS_PKCS11_OBJ_* flags
+ *
+ * This function will "import" a PKCS 11 URL identifying a private
+ * key to the #gnutls_pkcs11_privkey_t type. In reality since
+ * in most cases keys cannot be exported, the private key structure
+ * is being associated with the available operations on the token.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_pkcs11_privkey_import_url(gnutls_pkcs11_privkey_t pkey,
+				 const char *url, unsigned int flags)
+{
+	int ret;
+	struct ck_attribute *attr;
+	struct ck_attribute a[4];
+	ck_key_type_t key_type;
+	ck_bool_t reauth = 0;
+
+	PKCS11_CHECK_INIT;
+
+	memset(&pkey->sinfo, 0, sizeof(pkey->sinfo));
+
+	if (pkey->url)
+		gnutls_free(pkey->url);
+
+	if (pkey->uinfo) {
+		p11_kit_uri_free(pkey->uinfo);
+		pkey->uinfo = NULL;
+	}
+
+	pkey->url = gnutls_strdup(url);
+	if (pkey->url == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	ret = pkcs11_url_to_info(pkey->url, &pkey->uinfo, flags|GNUTLS_PKCS11_OBJ_FLAG_EXPECT_PRIVKEY);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	pkey->flags = flags;
+
+	attr = p11_kit_uri_get_attribute(pkey->uinfo, CKA_CLASS);
+	if (!attr || attr->value_len != sizeof(ck_object_class_t) ||
+	    *(ck_object_class_t *) attr->value != CKO_PRIVATE_KEY) {
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	attr = p11_kit_uri_get_attribute(pkey->uinfo, CKA_ID);
+	if (!attr) {
+		attr = p11_kit_uri_get_attribute(pkey->uinfo, CKA_LABEL);
+		if (!attr) {
+			gnutls_assert();
+			ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+			goto cleanup;
+		}
+	}
+
+	FIND_OBJECT(pkey);
+
+	pkey->pk_algorithm = GNUTLS_PK_UNKNOWN;
+	a[0].type = CKA_KEY_TYPE;
+	a[0].value = &key_type;
+	a[0].value_len = sizeof(key_type);
+	if (pkcs11_get_attribute_value(pkey->sinfo.module, pkey->sinfo.pks, pkey->ref, a, 1)
+	    == CKR_OK) {
+		pkey->pk_algorithm = key_type_to_pk(key_type);
+	}
+
+	if (pkey->pk_algorithm == GNUTLS_PK_UNKNOWN) {
+		_gnutls_debug_log
+		    ("Cannot determine PKCS #11 key algorithm\n");
+		ret = GNUTLS_E_UNKNOWN_ALGORITHM;
+		goto cleanup;
+	}
+
+
+	if (pkey->pk_algorithm == GNUTLS_PK_RSA) { /* determine whether it can do rsa-pss */
+		ck_bool_t tval = 0;
+
+		a[0].type = CKA_MODULUS;
+		a[0].value = NULL;
+		a[0].value_len = 0;
+		a[1].type = CKA_SIGN;
+		a[1].value = &tval;
+		a[1].value_len = sizeof(tval);
+		if (pkcs11_get_attribute_value(pkey->sinfo.module, pkey->sinfo.pks, pkey->ref, a, 2)
+		    == CKR_OK) {
+			pkey->bits = a[0].value_len*8;
+		}
+
+		ret = gnutls_pkcs11_token_check_mechanism(url, CKM_RSA_PKCS_PSS, NULL, 0, 0);
+		if (ret != 0 && tval) {
+			pkey->rsa_pss_ok = 1;
+		} else {
+			_gnutls_debug_log("Detected incompatible with TLS1.3 RSA key! (%s)\n", url);
+		}
+	}
+
+	a[0].type = CKA_ALWAYS_AUTHENTICATE;
+	a[0].value = &reauth;
+	a[0].value_len = sizeof(reauth);
+
+	if (pkcs11_get_attribute_value(pkey->sinfo.module, pkey->sinfo.pks, pkey->ref, a, 1)
+	    == CKR_OK) {
+		pkey->reauth = reauth;
+	}
+
+	ret = 0;
+
+	return ret;
+
+      cleanup:
+	if (pkey->uinfo != NULL) {
+		p11_kit_uri_free(pkey->uinfo);
+		pkey->uinfo = NULL;
+	}
+	gnutls_free(pkey->url);
+
+	return ret;
+}
+
+/*-
+ * _gnutls_pkcs11_privkey_decrypt_data:
+ * @key: Holds the key
+ * @flags: should be 0 for now
+ * @ciphertext: holds the data to be signed
+ * @plaintext: will contain the plaintext, allocated with gnutls_malloc()
+ *
+ * This function will decrypt the given data using the public key algorithm
+ * supported by the private key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ -*/
+int
+_gnutls_pkcs11_privkey_decrypt_data(gnutls_pkcs11_privkey_t key,
+				    unsigned int flags,
+				    const gnutls_datum_t * ciphertext,
+				    gnutls_datum_t * plaintext)
+{
+	ck_rv_t rv;
+	int ret;
+	struct ck_mechanism mech;
+	unsigned long siglen;
+	unsigned req_login = 0;
+	unsigned login_flags = SESSION_LOGIN|SESSION_CONTEXT_SPECIFIC;
+
+	PKCS11_CHECK_INIT_PRIVKEY(key);
+
+	if (key->pk_algorithm != GNUTLS_PK_RSA)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	mech.mechanism = CKM_RSA_PKCS;
+	mech.parameter = NULL;
+	mech.parameter_len = 0;
+
+	ret = gnutls_mutex_lock(&key->mutex);
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_LOCKING_ERROR);
+
+	/* Initialize signing operation; using the private key discovered
+	 * earlier. */
+	REPEAT_ON_INVALID_HANDLE(rv = pkcs11_decrypt_init(key->sinfo.module, key->sinfo.pks, &mech, key->ref));
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+ retry_login:
+	if (key->reauth || req_login) {
+		if (req_login)
+			login_flags = SESSION_FORCE_LOGIN|SESSION_LOGIN;
+		ret =
+		    pkcs11_login(&key->sinfo, &key->pin,
+				 key->uinfo, login_flags);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_debug_log("PKCS #11 login failed, trying operation anyway\n");
+			/* let's try the operation anyway */
+		}
+	}
+
+	/* Work out how long the plaintext must be: */
+	rv = pkcs11_decrypt(key->sinfo.module, key->sinfo.pks, ciphertext->data,
+			    ciphertext->size, NULL, &siglen);
+	if (unlikely(rv == CKR_USER_NOT_LOGGED_IN && req_login == 0)) {
+		req_login = 1;
+		goto retry_login;
+	}
+
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+	plaintext->data = gnutls_malloc(siglen);
+	plaintext->size = siglen;
+
+	rv = pkcs11_decrypt(key->sinfo.module, key->sinfo.pks, ciphertext->data,
+			    ciphertext->size, plaintext->data, &siglen);
+	if (rv != CKR_OK) {
+		gnutls_free(plaintext->data);
+		gnutls_assert();
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+	plaintext->size = siglen;
+
+	ret = 0;
+
+      cleanup:
+	gnutls_mutex_unlock(&key->mutex);
+	return ret;
+}
+
+/*-
+ * _gnutls_pkcs11_privkey_decrypt_data2:
+ * @key: Holds the key
+ * @flags: should be 0 for now
+ * @ciphertext: holds the data to be signed
+ * @plaintext: a preallocated buffer that will be filled with the plaintext
+ * @plaintext_size: size of the plaintext
+ *
+ * This function will decrypt the given data using the public key algorithm
+ * supported by the private key.
+ * Unlike with _gnutls_pkcs11_privkey_decrypt_data the plaintext size is known
+ * and provided by the caller, if the plaintext size differs from the requested
+ * one, the operation fails and the provided buffer is left unchanged.
+ * NOTE: plaintext_size must be exactly the size of the payload in the
+ * ciphertext, otherwise an error is returned and the plaintext buffer is left
+ * unchanged.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ -*/
+int
+_gnutls_pkcs11_privkey_decrypt_data2(gnutls_pkcs11_privkey_t key,
+				     unsigned int flags,
+				     const gnutls_datum_t * ciphertext,
+				     unsigned char * plaintext,
+				     size_t plaintext_size)
+{
+	ck_rv_t rv;
+	int ret;
+	struct ck_mechanism mech;
+	unsigned long siglen = ciphertext->size;
+	unsigned req_login = 0;
+	unsigned login_flags = SESSION_LOGIN|SESSION_CONTEXT_SPECIFIC;
+	unsigned char *buffer;
+	volatile unsigned char value;
+	unsigned char mask;
+
+	PKCS11_CHECK_INIT_PRIVKEY(key);
+
+	if (key->pk_algorithm != GNUTLS_PK_RSA)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	mech.mechanism = CKM_RSA_PKCS;
+	mech.parameter = NULL;
+	mech.parameter_len = 0;
+
+	ret = gnutls_mutex_lock(&key->mutex);
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_LOCKING_ERROR);
+
+	buffer = gnutls_malloc(siglen);
+	if (!buffer) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	/* Initialize signing operation; using the private key discovered
+	 * earlier. */
+	REPEAT_ON_INVALID_HANDLE(
+		rv = pkcs11_decrypt_init(key->sinfo.module, key->sinfo.pks,
+					 &mech, key->ref)
+	);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+ retry_login:
+	if (key->reauth || req_login) {
+		if (req_login)
+			login_flags = SESSION_FORCE_LOGIN|SESSION_LOGIN;
+		ret =
+		    pkcs11_login(&key->sinfo, &key->pin,
+				 key->uinfo, login_flags);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_debug_log("PKCS #11 login failed, trying operation anyway\n");
+			/* let's try the operation anyway */
+		}
+	}
+
+	ret = 0;
+	siglen = ciphertext->size;
+	rv = pkcs11_decrypt(key->sinfo.module, key->sinfo.pks,
+			    ciphertext->data, ciphertext->size,
+			    buffer, &siglen);
+	if (unlikely(rv == CKR_USER_NOT_LOGGED_IN && req_login == 0)) {
+		req_login = 1;
+		goto retry_login;
+	}
+
+	/* NOTE: These branches are not side-channel silent */
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		ret = pkcs11_rv_to_err(rv);
+	} else if (siglen != plaintext_size) {
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* conditionally copy buffer in a side-channel silent way */
+	/* on success mask is 0xFF, on failure it is 0 */
+	mask = ((uint32_t)ret >> 31) - 1U;
+	for (size_t i = 0; i < plaintext_size; i++) {
+		value = (buffer[i] & mask) + (plaintext[i] & ~mask);
+		plaintext[i] = value;
+	}
+
+      cleanup:
+	gnutls_mutex_unlock(&key->mutex);
+	gnutls_free(buffer);
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_privkey_export_url:
+ * @key: Holds the PKCS 11 key
+ * @detailed: non zero if a detailed URL is required
+ * @url: will contain an allocated url
+ *
+ * This function will export a URL identifying the given key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_pkcs11_privkey_export_url(gnutls_pkcs11_privkey_t key,
+				 gnutls_pkcs11_url_type_t detailed,
+				 char **url)
+{
+	int ret;
+
+	ret = pkcs11_info_to_url(key->uinfo, detailed, url);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+#if 0
+/**
+ * gnutls_pkcs11_privkey_generate:
+ * @url: a token URL
+ * @pk: the public key algorithm
+ * @bits: the security bits
+ * @label: a label
+ * @flags: should be zero
+ *
+ * This function will generate a private key in the specified
+ * by the @url token. The private key will be generate within
+ * the token and will not be exportable.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_pkcs11_privkey_generate(const char *url, gnutls_pk_algorithm_t pk,
+			       unsigned int bits, const char *label,
+			       unsigned int flags)
+{
+	int x;
+}
+
+/**
+ * gnutls_pkcs11_privkey_generate2:
+ * @url: a token URL
+ * @pk: the public key algorithm
+ * @bits: the security bits
+ * @label: a label
+ * @fmt: the format of output params. PEM or DER
+ * @pubkey: will hold the public key (may be %NULL)
+ * @flags: zero or an OR'ed sequence of %GNUTLS_PKCS11_OBJ_FLAGs
+ *
+ * This function will generate a private key in the specified
+ * by the @url token. The private key will be generate within
+ * the token and will not be exportable. This function will
+ * store the DER-encoded public key in the SubjectPublicKeyInfo format
+ * in @pubkey. The @pubkey should be deinitialized using gnutls_free().
+ *
+ * Note that when generating an elliptic curve key, the curve
+ * can be substituted in the place of the bits parameter using the
+ * GNUTLS_CURVE_TO_BITS() macro.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.5
+ **/
+int
+gnutls_pkcs11_privkey_generate2(const char *url, gnutls_pk_algorithm_t pk,
+				unsigned int bits, const char *label,
+				gnutls_x509_crt_fmt_t fmt,
+				gnutls_datum_t * pubkey,
+				unsigned int flags)
+{
+	int x;
+}
+#endif
+
+static const char def_rsa_pub_exp[3] = { 1,0,1 }; // 65537 = 0x10001
+
+struct dsa_params {
+	/* FIPS 186-3 maximal size for L and N length pair is (3072,256). */
+	uint8_t prime[384];
+	uint8_t subprime[32];
+	uint8_t generator[384];
+};
+
+static int
+_dsa_params_generate(struct ck_function_list *module, ck_session_handle_t session,
+		     unsigned long bits, struct dsa_params *params,
+		     struct ck_attribute *a, int *a_val)
+{
+	struct ck_mechanism mech = { CKM_DSA_PARAMETER_GEN };
+	struct ck_attribute attr = { CKA_PRIME_BITS, &bits, sizeof(bits) };
+	ck_object_handle_t key;
+	ck_rv_t rv;
+
+	/* Generate DSA parameters from prime length. */
+
+	rv = pkcs11_generate_key(module, session, &mech, &attr, 1, &key);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: %s\n", pkcs11_strerror(rv));
+		return pkcs11_rv_to_err(rv);
+	}
+
+	/* Retrieve generated parameters to be used with the new key pair. */
+
+	a[*a_val + 0].type = CKA_PRIME;
+	a[*a_val + 0].value = params->prime;
+	a[*a_val + 0].value_len = sizeof(params->prime);
+
+	a[*a_val + 1].type = CKA_SUBPRIME;
+	a[*a_val + 1].value = params->subprime;
+	a[*a_val + 1].value_len = sizeof(params->subprime);
+
+	a[*a_val + 2].type = CKA_BASE;
+	a[*a_val + 2].value = params->generator;
+	a[*a_val + 2].value_len = sizeof(params->generator);
+
+	rv = pkcs11_get_attribute_value(module, session, key, &a[*a_val], 3);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: %s\n", pkcs11_strerror(rv));
+		return pkcs11_rv_to_err(rv);
+	}
+
+	*a_val += 3;
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_privkey_generate3:
+ * @url: a token URL
+ * @pk: the public key algorithm
+ * @bits: the security bits
+ * @label: a label
+ * @cid: The CKA_ID to use for the new object
+ * @fmt: the format of output params. PEM or DER
+ * @pubkey: will hold the public key (may be %NULL)
+ * @key_usage: One of GNUTLS_KEY_*
+ * @flags: zero or an OR'ed sequence of %GNUTLS_PKCS11_OBJ_FLAGs
+ *
+ * This function will generate a private key in the specified
+ * by the @url token. The private key will be generate within
+ * the token and will not be exportable. This function will
+ * store the DER-encoded public key in the SubjectPublicKeyInfo format 
+ * in @pubkey. The @pubkey should be deinitialized using gnutls_free().
+ *
+ * Note that when generating an elliptic curve key, the curve
+ * can be substituted in the place of the bits parameter using the
+ * GNUTLS_CURVE_TO_BITS() macro.
+ *
+ * Since 3.6.3 the objects are marked as sensitive by default unless
+ * %GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE is specified.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_pkcs11_privkey_generate3(const char *url, gnutls_pk_algorithm_t pk,
+				unsigned int bits, const char *label,
+				const gnutls_datum_t *cid,
+				gnutls_x509_crt_fmt_t fmt,
+				gnutls_datum_t * pubkey,
+				unsigned int key_usage,
+				unsigned int flags)
+{
+	int ret;
+	const ck_bool_t tval = 1;
+	const ck_bool_t fval = 0;
+	struct pkcs11_session_info sinfo;
+	struct p11_kit_uri *info = NULL;
+	ck_rv_t rv;
+	struct ck_attribute a[22], p[22];
+	ck_object_handle_t pub_ctx, priv_ctx;
+	unsigned long _bits = bits;
+	int a_val, p_val;
+	struct ck_mechanism mech;
+	gnutls_pubkey_t pkey = NULL;
+	gnutls_pkcs11_obj_t obj = NULL;
+	gnutls_datum_t der = {NULL, 0};
+	ck_key_type_t key_type;
+	uint8_t id[20];
+	struct dsa_params dsa_params;
+
+	PKCS11_CHECK_INIT;
+	FIX_KEY_USAGE(pk, key_usage);
+
+	memset(&sinfo, 0, sizeof(sinfo));
+
+	ret = pkcs11_url_to_info(url, &info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    pkcs11_open_session(&sinfo, NULL, info,
+				SESSION_WRITE |
+				pkcs11_obj_flags_to_int(flags));
+	p11_kit_uri_free(info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* a holds the public key template
+	 * and p the private key */
+	a_val = p_val = 0;
+	mech.parameter = NULL;
+	mech.parameter_len = 0;
+	mech.mechanism = pk_to_genmech(pk, &key_type);
+
+	if (!(flags & GNUTLS_PKCS11_OBJ_FLAG_NO_STORE_PUBKEY)) {
+		a[a_val].type = CKA_TOKEN;
+		a[a_val].value = (void *) &tval;
+		a[a_val].value_len = sizeof(tval);
+		a_val++;
+
+		a[a_val].type = CKA_PRIVATE;
+		a[a_val].value = (void *) &fval;
+		a[a_val].value_len = sizeof(fval);
+		a_val++;
+	}
+
+	a[a_val].type = CKA_ID;
+	if (cid == NULL || cid->size == 0) {
+		ret = gnutls_rnd(GNUTLS_RND_NONCE, id, sizeof(id));
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		a[a_val].value = (void *) id;
+		a[a_val].value_len = sizeof(id);
+	} else {
+		a[a_val].value = (void *) cid->data;
+		a[a_val].value_len = cid->size;
+	}
+
+	p[p_val].type = CKA_ID;
+	p[p_val].value = a[a_val].value;
+	p[p_val].value_len = a[a_val].value_len;
+	a_val++;
+	p_val++;
+
+	switch (pk) {
+	case GNUTLS_PK_RSA:
+		p[p_val].type = CKA_DECRYPT;
+		if (key_usage & (GNUTLS_KEY_DECIPHER_ONLY|GNUTLS_KEY_ENCIPHER_ONLY)) {
+			p[p_val].value = (void *) &tval;
+			p[p_val].value_len = sizeof(tval);
+		} else {
+			p[p_val].value = (void *) &fval;
+			p[p_val].value_len = sizeof(fval);
+		}
+		p_val++;
+
+		p[p_val].type = CKA_SIGN;
+		if (key_usage & GNUTLS_KEY_DIGITAL_SIGNATURE) {
+			p[p_val].value = (void *) &tval;
+			p[p_val].value_len = sizeof(tval);
+		} else {
+			p[p_val].value = (void *) &fval;
+			p[p_val].value_len = sizeof(fval);
+		}
+		p_val++;
+
+		a[a_val].type = CKA_ENCRYPT;
+		a[a_val].value = (void *) &tval;
+		a[a_val].value_len = sizeof(tval);
+		a_val++;
+
+		a[a_val].type = CKA_VERIFY;
+		a[a_val].value = (void *) &tval;
+		a[a_val].value_len = sizeof(tval);
+		a_val++;
+
+		a[a_val].type = CKA_MODULUS_BITS;
+		a[a_val].value = &_bits;
+		a[a_val].value_len = sizeof(_bits);
+		a_val++;
+
+		a[a_val].type = CKA_PUBLIC_EXPONENT;
+		a[a_val].value = (char*)def_rsa_pub_exp;
+		a[a_val].value_len = sizeof(def_rsa_pub_exp);
+		a_val++;
+
+		break;
+	case GNUTLS_PK_DSA:
+		p[p_val].type = CKA_SIGN;
+		if (key_usage & GNUTLS_KEY_DIGITAL_SIGNATURE) {
+			p[p_val].value = (void *) &tval;
+			p[p_val].value_len = sizeof(tval);
+		} else {
+			p[p_val].value = (void *) &fval;
+			p[p_val].value_len = sizeof(fval);
+		}
+		p_val++;
+
+		a[a_val].type = CKA_VERIFY;
+		a[a_val].value = (void *) &tval;
+		a[a_val].value_len = sizeof(tval);
+		a_val++;
+
+		ret = _dsa_params_generate(sinfo.module, sinfo.pks, _bits,
+					   &dsa_params, a, &a_val);
+		if (ret < 0) {
+			goto cleanup;
+		}
+
+		break;
+	case GNUTLS_PK_ECDSA:
+		p[p_val].type = CKA_SIGN;
+		if (key_usage & GNUTLS_KEY_DIGITAL_SIGNATURE) {
+			p[p_val].value = (void *) &tval;
+			p[p_val].value_len = sizeof(tval);
+		} else {
+			p[p_val].value = (void *) &fval;
+			p[p_val].value_len = sizeof(fval);
+		}
+		p_val++;
+
+		a[a_val].type = CKA_VERIFY;
+		a[a_val].value = (void *) &tval;
+		a[a_val].value_len = sizeof(tval);
+		a_val++;
+
+		if (GNUTLS_BITS_ARE_CURVE(bits)) {
+			bits = GNUTLS_BITS_TO_CURVE(bits);
+		} else {
+			bits = _gnutls_ecc_bits_to_curve(pk, bits);
+		}
+
+		ret = _gnutls_x509_write_ecc_params(bits, &der);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		a[a_val].type = CKA_EC_PARAMS;
+		a[a_val].value = der.data;
+		a[a_val].value_len = der.size;
+		a_val++;
+
+		break;
+	case GNUTLS_PK_EDDSA_ED25519:
+		p[p_val].type = CKA_SIGN;
+		p[p_val].value = (void *) &tval;
+		p[p_val].value_len = sizeof(tval);
+		p_val++;
+
+		a[a_val].type = CKA_VERIFY;
+		a[a_val].value = (void *) &tval;
+		a[a_val].value_len = sizeof(tval);
+		a_val++;
+
+		ret = _gnutls_x509_write_ecc_params(GNUTLS_ECC_CURVE_ED25519, &der);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		a[a_val].type = CKA_EC_PARAMS;
+		a[a_val].value = der.data;
+		a[a_val].value_len = der.size;
+		a_val++;
+		break;
+	default:
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto cleanup;
+	}
+
+	/*
+	 * on request, add the CKA_WRAP/CKA_UNWRAP key attribute
+	 */
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_KEY_WRAP) {
+		p[p_val].type = CKA_UNWRAP;
+		p[p_val].value = (void*)&tval;
+		p[p_val].value_len = sizeof(tval);
+		p_val++;
+		a[a_val].type = CKA_WRAP;
+		a[a_val].value = (void*)&tval;
+		a[a_val].value_len = sizeof(tval);
+		a_val++;
+	}
+
+	/* a private key is set always as private unless
+	 * requested otherwise
+	 */
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE) {
+		p[p_val].type = CKA_PRIVATE;
+		p[p_val].value = (void *) &fval;
+		p[p_val].value_len = sizeof(fval);
+		p_val++;
+	} else {
+		p[p_val].type = CKA_PRIVATE;
+		p[p_val].value = (void *) &tval;
+		p[p_val].value_len = sizeof(tval);
+		p_val++;
+	}
+
+	p[p_val].type = CKA_TOKEN;
+	p[p_val].value = (void *) &tval;
+	p[p_val].value_len = sizeof(tval);
+	p_val++;
+
+	if (label) {
+		p[p_val].type = CKA_LABEL;
+		p[p_val].value = (void *) label;
+		p[p_val].value_len = strlen(label);
+		p_val++;
+
+		a[a_val].type = CKA_LABEL;
+		a[a_val].value = (void *) label;
+		a[a_val].value_len = strlen(label);
+		a_val++;
+	}
+
+	if (!(flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE)) {
+		p[p_val].type = CKA_SENSITIVE;
+		p[p_val].value = (void *) &tval;
+		p[p_val].value_len = sizeof(tval);
+		p_val++;
+	} else {
+		p[p_val].type = CKA_SENSITIVE;
+		p[p_val].value = (void *) &fval;
+		p[p_val].value_len = sizeof(fval);
+		p_val++;
+	}
+
+	rv = pkcs11_generate_key_pair(sinfo.module, sinfo.pks, &mech, a,
+				      a_val, p, p_val, &pub_ctx, &priv_ctx);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: %s\n", pkcs11_strerror(rv));
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+	/* extract the public key */
+	if (pubkey) {
+
+		ret = gnutls_pubkey_init(&pkey);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = gnutls_pkcs11_obj_init(&obj);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		obj->pk_algorithm = pk;
+		obj->type = GNUTLS_PKCS11_OBJ_PUBKEY;
+		ret =
+		    pkcs11_read_pubkey(sinfo.module, sinfo.pks, pub_ctx,
+				       key_type, obj);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = gnutls_pubkey_import_pkcs11(pkey, obj, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = gnutls_pubkey_export2(pkey, fmt, pubkey);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+      cleanup:
+	if (obj != NULL)
+		gnutls_pkcs11_obj_deinit(obj);
+	if (pkey != NULL)
+		gnutls_pubkey_deinit(pkey);
+
+	if (sinfo.pks != 0)
+		pkcs11_close_session(&sinfo);
+	gnutls_free(der.data);
+
+	return ret;
+}
+
+/* loads a the corresponding to the private key public key either from 
+ * a public key object or from a certificate.
+ */
+static int load_pubkey_obj(gnutls_pkcs11_privkey_t pkey, gnutls_pubkey_t pub)
+{
+	int ret, iret;
+	gnutls_x509_crt_t crt;
+
+	ret = gnutls_pubkey_import_url(pub, pkey->url, pkey->flags);
+	if (ret >= 0) {
+		return ret;
+	}
+	iret = ret;
+
+	/* else try certificate */
+	ret = gnutls_x509_crt_init(&crt);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	gnutls_x509_crt_set_pin_function(crt, pkey->pin.cb, pkey->pin.data);
+
+	ret = gnutls_x509_crt_import_url(crt, pkey->url, pkey->flags);
+	if (ret < 0) {
+		ret = iret;
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_import_x509(pub, crt, 0);
+
+ cleanup:
+	gnutls_x509_crt_deinit(crt);
+	return ret;
+}
+
+int
+_pkcs11_privkey_get_pubkey (gnutls_pkcs11_privkey_t pkey, gnutls_pubkey_t *pub, unsigned flags)
+{
+	gnutls_pubkey_t pubkey = NULL;
+	gnutls_pkcs11_obj_t obj = NULL;
+	ck_key_type_t key_type;
+	int ret;
+
+	PKCS11_CHECK_INIT_PRIVKEY(pkey);
+
+	if (!pkey) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_pubkey_init(&pubkey);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pkcs11_obj_init(&obj);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	obj->pk_algorithm = gnutls_pkcs11_privkey_get_pk_algorithm(pkey, 0);
+	obj->type = GNUTLS_PKCS11_OBJ_PUBKEY;
+	pk_to_genmech(obj->pk_algorithm, &key_type);
+
+	gnutls_pubkey_set_pin_function(pubkey, pkey->pin.cb, pkey->pin.data);
+
+	/* we can only read the public key from RSA keys */
+	if (key_type != CKK_RSA) {
+		/* try opening the public key object if it exists */
+		ret = load_pubkey_obj(pkey, pubkey);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	} else {
+		ret = pkcs11_read_pubkey(pkey->sinfo.module, pkey->sinfo.pks, pkey->ref, key_type, obj);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = gnutls_pubkey_import_pkcs11(pubkey, obj, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	*pub = pubkey;
+
+	pubkey = NULL;
+	ret = 0;
+
+ cleanup:
+	if (obj != NULL)
+		gnutls_pkcs11_obj_deinit(obj);
+	if (pubkey != NULL)
+		gnutls_pubkey_deinit(pubkey);
+
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_privkey_export_pubkey
+ * @pkey: The private key
+ * @fmt: the format of output params. PEM or DER.
+ * @data: will hold the public key
+ * @flags: should be zero
+ *
+ * This function will extract the public key (modulus and public
+ * exponent) from the private key specified by the @url private key.
+ * This public key will be stored in @pubkey in the format specified
+ * by @fmt. @pubkey should be deinitialized using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.7
+ **/
+int
+gnutls_pkcs11_privkey_export_pubkey(gnutls_pkcs11_privkey_t pkey,
+				     gnutls_x509_crt_fmt_t fmt,
+				     gnutls_datum_t * data,
+				     unsigned int flags)
+{
+	int ret;
+	gnutls_pubkey_t pubkey = NULL;
+
+	ret = _pkcs11_privkey_get_pubkey(pkey, &pubkey, flags);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pubkey_export2(pubkey, fmt, data);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	if (pubkey != NULL)
+		gnutls_pubkey_deinit(pubkey);
+
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_privkey_set_pin_function:
+ * @key: The private key
+ * @fn: the callback
+ * @userdata: data associated with the callback
+ *
+ * This function will set a callback function to be used when
+ * required to access the object. This function overrides the global
+ * set using gnutls_pkcs11_set_pin_function().
+ *
+ * Since: 3.1.0
+ *
+ **/
+void
+gnutls_pkcs11_privkey_set_pin_function(gnutls_pkcs11_privkey_t key,
+				       gnutls_pin_callback_t fn,
+				       void *userdata)
+{
+	key->pin.cb = fn;
+	key->pin.data = userdata;
+}
diff --git a/lib/pkcs11_secret.c b/lib/pkcs11_secret.c
new file mode 100644
index 0000000..95bbfae
--- /dev/null
+++ b/lib/pkcs11_secret.c
@@ -0,0 +1,150 @@
+/*
+ * GnuTLS PKCS#11 support
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * 
+ * Author: Nikos Mavrogiannopoulos, Stef Walter
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/pkcs11.h>
+#include <stdio.h>
+#include <string.h>
+#include "errors.h"
+#include <datum.h>
+#include <pkcs11_int.h>
+#include <random.h>
+
+/**
+ * gnutls_pkcs11_copy_secret_key:
+ * @token_url: A PKCS #11 URL specifying a token
+ * @key: The raw key
+ * @label: A name to be used for the stored data
+ * @key_usage: One of GNUTLS_KEY_*
+ * @flags: One of GNUTLS_PKCS11_OBJ_FLAG_*
+ *
+ * This function will copy a raw secret (symmetric) key into a PKCS #11 
+ * token specified by a URL. The key can be marked as sensitive or not.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pkcs11_copy_secret_key(const char *token_url, gnutls_datum_t * key,
+			      const char *label,
+			      unsigned int key_usage, unsigned int flags
+			      /* GNUTLS_PKCS11_OBJ_FLAG_* */ )
+{
+	int ret;
+	struct p11_kit_uri *info = NULL;
+	ck_rv_t rv;
+	struct ck_attribute a[12];
+	ck_object_class_t class = CKO_SECRET_KEY;
+	ck_object_handle_t ctx;
+	ck_key_type_t keytype = CKK_GENERIC_SECRET;
+	ck_bool_t tval = 1;
+	int a_val;
+	uint8_t id[16];
+	struct pkcs11_session_info sinfo;
+	
+	PKCS11_CHECK_INIT;
+
+	memset(&sinfo, 0, sizeof(sinfo));
+
+	ret = pkcs11_url_to_info(token_url, &info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* generate a unique ID */
+	ret = gnutls_rnd(GNUTLS_RND_NONCE, id, sizeof(id));
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    pkcs11_open_session(&sinfo, NULL, info,
+				SESSION_WRITE |
+				pkcs11_obj_flags_to_int(flags));
+	p11_kit_uri_free(info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* We do not copy key usage flags.
+	 */
+	a[0].type = CKA_CLASS;
+	a[0].value = &class;
+	a[0].value_len = sizeof(class);
+	a[1].type = CKA_VALUE;
+	a[1].value = key->data;
+	a[1].value_len = key->size;
+	a[2].type = CKA_TOKEN;
+	a[2].value = &tval;
+	a[2].value_len = sizeof(tval);
+	a[3].type = CKA_PRIVATE;
+	a[3].value = &tval;
+	a[3].value_len = sizeof(tval);
+	a[4].type = CKA_KEY_TYPE;
+	a[4].value = &keytype;
+	a[4].value_len = sizeof(keytype);
+	a[5].type = CKA_ID;
+	a[5].value = id;
+	a[5].value_len = sizeof(id);
+
+	a_val = 6;
+
+	if (label) {
+		a[a_val].type = CKA_LABEL;
+		a[a_val].value = (void *) label;
+		a[a_val].value_len = strlen(label);
+		a_val++;
+	}
+
+	if (!(flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE))
+		tval = 1;
+	else
+		tval = 0;
+
+	a[a_val].type = CKA_SENSITIVE;
+	a[a_val].value = &tval;
+	a[a_val].value_len = sizeof(tval);
+	a_val++;
+
+	rv = pkcs11_create_object(sinfo.module, sinfo.pks, a, a_val, &ctx);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: %s\n", pkcs11_strerror(rv));
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+	/* generated! 
+	 */
+
+	ret = 0;
+
+      cleanup:
+	pkcs11_close_session(&sinfo);
+
+	return ret;
+
+}
diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c
new file mode 100644
index 0000000..3ce794b
--- /dev/null
+++ b/lib/pkcs11_write.c
@@ -0,0 +1,1468 @@
+/*
+ * GnuTLS PKCS#11 support
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * 
+ * Authors: Nikos Mavrogiannopoulos, Stef Walter
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/pkcs11.h>
+#include <stdio.h>
+#include <string.h>
+#include "errors.h"
+#include <datum.h>
+#include <pkcs11_int.h>
+#include "pkcs11x.h"
+#include <x509/common.h>
+#include "pk.h"
+
+static const ck_bool_t tval = 1;
+static const ck_bool_t fval = 0;
+
+#define MAX_ASIZE 24
+
+static void mark_flags(unsigned flags, struct ck_attribute *a, unsigned *a_val, unsigned trusted)
+{
+	static const unsigned long category = 2;
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_CA) {
+		a[*a_val].type = CKA_CERTIFICATE_CATEGORY;
+		a[*a_val].value = (void *) &category;
+		a[*a_val].value_len = sizeof(category);
+		(*a_val)++;
+	}
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_DISTRUSTED) {
+		if (trusted) {
+			a[*a_val].type = CKA_X_DISTRUSTED;
+			a[*a_val].value = (void *) &tval;
+			a[*a_val].value_len = sizeof(tval);
+			(*a_val)++;
+		} else {
+			_gnutls_debug_log("p11: ignoring the distrusted flag as it is not valid on non-p11-kit-trust modules\n");
+		}
+	}
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED) {
+		a[*a_val].type = CKA_TRUSTED;
+		a[*a_val].value = (void *) &tval;
+		a[*a_val].value_len = sizeof(tval);
+		(*a_val)++;
+
+		a[*a_val].type = CKA_PRIVATE;
+		a[*a_val].value = (void *) &fval;
+		a[*a_val].value_len = sizeof(fval);
+		(*a_val)++;
+	} else {
+		if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE) {
+			a[*a_val].type = CKA_PRIVATE;
+			a[*a_val].value = (void *) &tval;
+			a[*a_val].value_len = sizeof(tval);
+			(*a_val)++;
+		} else if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE) {
+			a[*a_val].type = CKA_PRIVATE;
+			a[*a_val].value = (void *) &fval;
+			a[*a_val].value_len = sizeof(fval);
+			(*a_val)++;
+		}
+	}
+}
+
+/**
+ * gnutls_pkcs11_copy_x509_crt2:
+ * @token_url: A PKCS #11 URL specifying a token
+ * @crt: The certificate to copy
+ * @label: The name to be used for the stored data
+ * @cid: The CKA_ID to set for the object -if NULL, the ID will be derived from the public key
+ * @flags: One of GNUTLS_PKCS11_OBJ_FLAG_*
+ *
+ * This function will copy a certificate into a PKCS #11 token specified by
+ * a URL. Valid flags to mark the certificate: %GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED,
+ * %GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE, %GNUTLS_PKCS11_OBJ_FLAG_MARK_CA,
+ * %GNUTLS_PKCS11_OBJ_FLAG_MARK_ALWAYS_AUTH.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_pkcs11_copy_x509_crt2(const char *token_url,
+			    gnutls_x509_crt_t crt, const char *label,
+			    const gnutls_datum_t *cid,
+			    unsigned int flags)
+{
+	int ret;
+	struct p11_kit_uri *info = NULL;
+	ck_rv_t rv;
+	size_t der_size, id_size, serial_size;
+	gnutls_datum_t serial_der = {NULL, 0};
+	uint8_t *der = NULL;
+	uint8_t serial[128];
+	uint8_t id[20];
+	struct ck_attribute a[MAX_ASIZE];
+	ck_object_class_t class = CKO_CERTIFICATE;
+	ck_certificate_type_t type = CKC_X_509;
+	ck_object_handle_t ctx;
+	unsigned a_val;
+	struct pkcs11_session_info sinfo;
+	
+	PKCS11_CHECK_INIT;
+
+	ret = pkcs11_url_to_info(token_url, &info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    pkcs11_open_session(&sinfo, NULL, info,
+				SESSION_WRITE |
+				pkcs11_obj_flags_to_int(flags));
+	p11_kit_uri_free(info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	der_size = 0;
+	ret =
+	    gnutls_x509_crt_export(crt, GNUTLS_X509_FMT_DER, NULL,
+				   &der_size);
+	if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	der = gnutls_malloc(der_size);
+	if (der == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	ret =
+	    gnutls_x509_crt_export(crt, GNUTLS_X509_FMT_DER, der,
+				   &der_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	a[0].type = CKA_CLASS;
+	a[0].value = &class;
+	a[0].value_len = sizeof(class);
+
+	a[1].type = CKA_ID;
+	if (cid == NULL || cid->size == 0) {
+		id_size = sizeof(id);
+		ret = gnutls_x509_crt_get_subject_key_id(crt, id, &id_size, NULL);
+		if (ret < 0) {
+			id_size = sizeof(id);
+			ret = gnutls_x509_crt_get_key_id(crt, 0, id, &id_size);
+			if (ret < 0) {
+			  gnutls_assert();
+			  goto cleanup;
+			}
+		}
+
+		a[1].value = id;
+		a[1].value_len = id_size;
+	} else {
+		a[1].value = cid->data;
+		a[1].value_len = cid->size;
+	}
+
+	/* we do not use the key usage flags; these are apparent from
+	 * the certificate itself. */
+	a[2].type = CKA_VALUE;
+	a[2].value = der;
+	a[2].value_len = der_size;
+	a[3].type = CKA_TOKEN;
+	a[3].value = (void *) &tval;
+	a[3].value_len = sizeof(tval);
+	a[4].type = CKA_CERTIFICATE_TYPE;
+	a[4].value = &type;
+	a[4].value_len = sizeof(type);
+
+	a_val = 5;
+
+	a[a_val].type = CKA_SUBJECT;
+	a[a_val].value = crt->raw_dn.data;
+	a[a_val].value_len = crt->raw_dn.size;
+	a_val++;
+
+	if (crt->raw_issuer_dn.size > 0) {
+		a[a_val].type = CKA_ISSUER;
+		a[a_val].value = crt->raw_issuer_dn.data;
+		a[a_val].value_len = crt->raw_issuer_dn.size;
+		a_val++;
+	}
+
+	serial_size = sizeof(serial);
+	if (gnutls_x509_crt_get_serial(crt, serial, &serial_size) >= 0) {
+		ret = _gnutls_x509_ext_gen_number(serial, serial_size, &serial_der);
+		if (ret >= 0) {
+			a[a_val].type = CKA_SERIAL_NUMBER;
+			a[a_val].value = (void *) serial_der.data;
+			a[a_val].value_len = serial_der.size;
+			a_val++;
+		}
+	}
+
+	if (label) {
+		a[a_val].type = CKA_LABEL;
+		a[a_val].value = (void *) label;
+		a[a_val].value_len = strlen(label);
+		a_val++;
+	}
+
+	mark_flags(flags, a, &a_val, sinfo.trusted);
+
+	rv = pkcs11_create_object(sinfo.module, sinfo.pks, a, a_val, &ctx);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: %s\n", pkcs11_strerror(rv));
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+	/* generated! 
+	 */
+
+	ret = 0;
+
+      cleanup:
+	gnutls_free(der);
+	gnutls_free(serial_der.data);
+	pkcs11_close_session(&sinfo);
+	return ret;
+
+}
+
+static void clean_pubkey(struct ck_attribute *a, unsigned a_val)
+{
+	unsigned i;
+
+	for (i=0;i<a_val;i++) {
+		switch(a[i].type) {
+			case CKA_MODULUS:
+			case CKA_PUBLIC_EXPONENT:
+			case CKA_PRIME:
+			case CKA_SUBPRIME:
+			case CKA_VALUE:
+			case CKA_BASE:
+			case CKA_EC_PARAMS:
+			case CKA_EC_POINT:
+				gnutls_free(a[i].value);
+				break;
+		}
+	}
+}
+
+static int add_pubkey(gnutls_pubkey_t pubkey, struct ck_attribute *a, unsigned *a_val)
+{
+	gnutls_pk_algorithm_t pk;
+	int ret;
+
+	pk = gnutls_pubkey_get_pk_algorithm(pubkey, NULL);
+
+	switch (pk) {
+	case GNUTLS_PK_RSA_PSS:
+	case GNUTLS_PK_RSA: {
+		gnutls_datum_t m, e;
+
+		/* PKCS#11 defines integers as unsigned having most significant byte
+		 * first, e.g., 32768 = 0x80 0x00. This is interpreted literraly by
+		 * some HSMs which do not accept an integer with a leading zero */
+		ret = gnutls_pubkey_export_rsa_raw2(pubkey, &m, &e, GNUTLS_EXPORT_FLAG_NO_LZ);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+
+		a[*a_val].type = CKA_MODULUS;
+		a[*a_val].value = m.data;
+		a[*a_val].value_len = m.size;
+		(*a_val)++;
+
+		a[*a_val].type = CKA_PUBLIC_EXPONENT;
+		a[*a_val].value = e.data;
+		a[*a_val].value_len = e.size;
+		(*a_val)++;
+		break;
+	}
+	case GNUTLS_PK_DSA: {
+		gnutls_datum_t p, q, g, y;
+
+		ret = gnutls_pubkey_export_dsa_raw2(pubkey, &p, &q, &g, &y, GNUTLS_EXPORT_FLAG_NO_LZ);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		a[*a_val].type = CKA_PRIME;
+		a[*a_val].value = p.data;
+		a[*a_val].value_len = p.size;
+		(*a_val)++;
+
+		a[*a_val].type = CKA_SUBPRIME;
+		a[*a_val].value = q.data;
+		a[*a_val].value_len = q.size;
+		(*a_val)++;
+
+		a[*a_val].type = CKA_BASE;
+		a[*a_val].value = g.data;
+		a[*a_val].value_len = g.size;
+		(*a_val)++;
+
+		a[*a_val].type = CKA_VALUE;
+		a[*a_val].value = y.data;
+		a[*a_val].value_len = y.size;
+		(*a_val)++;
+		break;
+	}
+	case GNUTLS_PK_EC: {
+		gnutls_datum_t params, point;
+
+		ret = gnutls_pubkey_export_ecc_x962(pubkey, &params, &point);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		a[*a_val].type = CKA_EC_PARAMS;
+		a[*a_val].value = params.data;
+		a[*a_val].value_len = params.size;
+		(*a_val)++;
+
+		a[*a_val].type = CKA_EC_POINT;
+		a[*a_val].value = point.data;
+		a[*a_val].value_len = point.size;
+		(*a_val)++;
+		break;
+	}
+	case GNUTLS_PK_EDDSA_ED25519: {
+		gnutls_datum_t params, ecpoint;
+
+		ret =
+		    _gnutls_x509_write_ecc_params(pubkey->params.curve,
+						  &params);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		a[*a_val].type = CKA_EC_PARAMS;
+		a[*a_val].value = params.data;
+		a[*a_val].value_len = params.size;
+		(*a_val)++;
+
+		ret = _gnutls_x509_encode_string(ASN1_ETYPE_OCTET_STRING,
+						 pubkey->params.raw_pub.data,
+						 pubkey->params.raw_pub.size,
+						 &ecpoint);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		a[*a_val].type = CKA_EC_POINT;
+		a[*a_val].value = ecpoint.data;
+		a[*a_val].value_len = ecpoint.size;
+		(*a_val)++;
+		break;
+	}
+
+	default:
+		_gnutls_debug_log("requested writing public key of unsupported type %u\n", (unsigned)pk);
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs11_copy_pubkey:
+ * @token_url: A PKCS #11 URL specifying a token
+ * @pubkey: The public key to copy
+ * @label: The name to be used for the stored data
+ * @cid: The CKA_ID to set for the object -if NULL, the ID will be derived from the public key
+ * @key_usage: One of GNUTLS_KEY_*
+ * @flags: One of GNUTLS_PKCS11_OBJ_FLAG_*
+ *
+ * This function will copy a public key object into a PKCS #11 token specified by
+ * a URL. Valid flags to mark the key: %GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED,
+ * %GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE, %GNUTLS_PKCS11_OBJ_FLAG_MARK_CA,
+ * %GNUTLS_PKCS11_OBJ_FLAG_MARK_ALWAYS_AUTH.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.6
+ **/
+int
+gnutls_pkcs11_copy_pubkey(const char *token_url,
+			  gnutls_pubkey_t pubkey, const char *label,
+			  const gnutls_datum_t *cid,
+			  unsigned int key_usage, unsigned int flags)
+{
+	int ret;
+	struct p11_kit_uri *info = NULL;
+	ck_rv_t rv;
+	size_t id_size;
+	uint8_t id[20];
+	struct ck_attribute a[MAX_ASIZE];
+	gnutls_pk_algorithm_t pk;
+	ck_object_class_t class = CKO_PUBLIC_KEY;
+	ck_object_handle_t ctx;
+	unsigned a_val;
+	ck_key_type_t type;
+	struct pkcs11_session_info sinfo;
+	
+	PKCS11_CHECK_INIT;
+
+	ret = pkcs11_url_to_info(token_url, &info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    pkcs11_open_session(&sinfo, NULL, info,
+				SESSION_WRITE |
+				pkcs11_obj_flags_to_int(flags));
+	p11_kit_uri_free(info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	a[0].type = CKA_CLASS;
+	a[0].value = &class;
+	a[0].value_len = sizeof(class);
+
+	a[1].type = CKA_TOKEN;
+	a[1].value = (void *) &tval;
+	a[1].value_len = sizeof(tval);
+
+	a_val = 2;
+
+	ret = add_pubkey(pubkey, a, &a_val);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (label) {
+		a[a_val].type = CKA_LABEL;
+		a[a_val].value = (void *) label;
+		a[a_val].value_len = strlen(label);
+		a_val++;
+	}
+
+	pk = gnutls_pubkey_get_pk_algorithm(pubkey, NULL);
+	type = pk_to_key_type(pk);
+	FIX_KEY_USAGE(pk, key_usage);
+
+	a[a_val].type = CKA_KEY_TYPE;
+	a[a_val].value = &type;
+	a[a_val].value_len = sizeof(type);
+	a_val++;
+
+	a[a_val].type = CKA_ID;
+	if (cid == NULL || cid->size == 0) {
+		id_size = sizeof(id);
+		ret = gnutls_pubkey_get_key_id(pubkey, 0, id, &id_size);
+		if (ret < 0) {
+			  gnutls_assert();
+			  goto cleanup;
+		}
+
+		a[a_val].value = id;
+		a[a_val].value_len = id_size;
+	} else {
+		a[a_val].value = cid->data;
+		a[a_val].value_len = cid->size;
+	}
+	a_val++;
+
+	mark_flags(flags, a, &a_val, sinfo.trusted);
+
+	a[a_val].type = CKA_VERIFY;
+	if (key_usage & GNUTLS_KEY_DIGITAL_SIGNATURE) {
+		a[a_val].value = (void*)&tval;
+		a[a_val].value_len = sizeof(tval);
+	} else {
+		a[a_val].value = (void*)&fval;
+		a[a_val].value_len = sizeof(fval);
+	}
+	a_val++;
+
+	if (pk == GNUTLS_PK_RSA) {
+		a[a_val].type = CKA_ENCRYPT;
+		if (key_usage & (GNUTLS_KEY_ENCIPHER_ONLY|GNUTLS_KEY_DECIPHER_ONLY)) {
+			a[a_val].value = (void*)&tval;
+			a[a_val].value_len = sizeof(tval);
+		} else {
+			a[a_val].value = (void*)&fval;
+			a[a_val].value_len = sizeof(fval);
+		}
+		a_val++;
+	}
+
+	rv = pkcs11_create_object(sinfo.module, sinfo.pks, a, a_val, &ctx);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: %s\n", pkcs11_strerror(rv));
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+	/* generated! 
+	 */
+
+	ret = 0;
+
+      cleanup:
+	clean_pubkey(a, a_val);
+	pkcs11_close_session(&sinfo);
+	return ret;
+
+}
+
+
+/**
+ * gnutls_pkcs11_copy_attached_extension:
+ * @token_url: A PKCS #11 URL specifying a token
+ * @crt: An X.509 certificate object
+ * @data: the attached extension
+ * @label: A name to be used for the attached extension (may be %NULL)
+ * @flags: One of GNUTLS_PKCS11_OBJ_FLAG_*
+ *
+ * This function will copy an the attached extension in @data for
+ * the certificate provided in @crt in the PKCS #11 token specified
+ * by the URL (typically a trust module). The extension must be in
+ * RFC5280 Extension format.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.8
+ **/
+int
+gnutls_pkcs11_copy_attached_extension(const char *token_url,
+		       gnutls_x509_crt_t crt,
+		       gnutls_datum_t *data,
+		       const char *label,
+		       unsigned int flags)
+{
+	int ret;
+	struct p11_kit_uri *info = NULL;
+	ck_rv_t rv;
+	struct ck_attribute a[MAX_ASIZE];
+	ck_object_handle_t ctx;
+	unsigned a_vals;
+	struct pkcs11_session_info sinfo;
+	ck_object_class_t class;
+	gnutls_datum_t spki = {NULL, 0};
+	
+	PKCS11_CHECK_INIT;
+
+	ret = pkcs11_url_to_info(token_url, &info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    pkcs11_open_session(&sinfo, NULL, info,
+				SESSION_WRITE |
+				pkcs11_obj_flags_to_int(flags));
+	p11_kit_uri_free(info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = x509_crt_to_raw_pubkey(crt, &spki);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	class = CKO_X_CERTIFICATE_EXTENSION;
+	a_vals = 0;
+	a[a_vals].type = CKA_CLASS;
+	a[a_vals].value = &class;
+	a[a_vals++].value_len = sizeof(class);
+
+	a[a_vals].type = CKA_PUBLIC_KEY_INFO;
+	a[a_vals].value = spki.data;
+	a[a_vals++].value_len = spki.size;
+
+	a[a_vals].type = CKA_VALUE;
+	a[a_vals].value = data->data;
+	a[a_vals++].value_len = data->size;
+
+	a[a_vals].type = CKA_TOKEN;
+	a[a_vals].value = (void *) &tval;
+	a[a_vals++].value_len = sizeof(tval);
+
+	if (label) {
+		a[a_vals].type = CKA_LABEL;
+		a[a_vals].value = (void *) label;
+		a[a_vals++].value_len = strlen(label);
+	}
+
+	rv = pkcs11_create_object(sinfo.module, sinfo.pks, a, a_vals, &ctx);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: %s\n", pkcs11_strerror(rv));
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	pkcs11_close_session(&sinfo);
+	gnutls_free(spki.data);
+	return ret;
+
+}
+
+/**
+ * gnutls_pkcs11_copy_x509_privkey2:
+ * @token_url: A PKCS #11 URL specifying a token
+ * @key: A private key
+ * @label: A name to be used for the stored data
+ * @cid: The CKA_ID to set for the object -if NULL, the ID will be derived from the public key
+ * @key_usage: One of GNUTLS_KEY_*
+ * @flags: One of GNUTLS_PKCS11_OBJ_* flags
+ *
+ * This function will copy a private key into a PKCS #11 token specified by
+ * a URL.
+ *
+ * Since 3.6.3 the objects are marked as sensitive by default unless
+ * %GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE is specified.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_pkcs11_copy_x509_privkey2(const char *token_url,
+				gnutls_x509_privkey_t key,
+				const char *label,
+				const gnutls_datum_t *cid,
+				unsigned int key_usage, unsigned int flags)
+{
+	int ret;
+	struct p11_kit_uri *info = NULL;
+	ck_rv_t rv;
+	size_t id_size;
+	uint8_t id[20];
+	struct ck_attribute a[32];
+	ck_object_class_t class = CKO_PRIVATE_KEY;
+	ck_object_handle_t ctx;
+	ck_key_type_t type;
+	int a_val;
+	gnutls_pk_algorithm_t pk;
+	gnutls_datum_t p, q, g, y, x;
+	gnutls_datum_t m, e, d, u, exp1, exp2;
+	struct pkcs11_session_info sinfo;
+
+	PKCS11_CHECK_INIT;
+
+	memset(&p, 0, sizeof(p));
+	memset(&q, 0, sizeof(q));
+	memset(&g, 0, sizeof(g));
+	memset(&y, 0, sizeof(y));
+	memset(&x, 0, sizeof(x));
+	memset(&m, 0, sizeof(m));
+	memset(&e, 0, sizeof(e));
+	memset(&d, 0, sizeof(d));
+	memset(&u, 0, sizeof(u));
+	memset(&exp1, 0, sizeof(exp1));
+	memset(&exp2, 0, sizeof(exp2));
+
+	ret = pkcs11_url_to_info(token_url, &info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    pkcs11_open_session(&sinfo, NULL, info,
+				SESSION_WRITE |
+				pkcs11_obj_flags_to_int(flags));
+	p11_kit_uri_free(info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	pk = gnutls_x509_privkey_get_pk_algorithm(key);
+	FIX_KEY_USAGE(pk, key_usage);
+
+	a_val = 0;
+	a[a_val].type = CKA_CLASS;
+	a[a_val].value = &class;
+	a[a_val].value_len = sizeof(class);
+	a_val++;
+
+	a[a_val].type = CKA_ID;
+	if (cid == NULL || cid->size == 0) {
+		id_size = sizeof(id);
+		ret = gnutls_x509_privkey_get_key_id(key, 0, id, &id_size);
+		if (ret < 0) {
+			p11_kit_uri_free(info);
+			gnutls_assert();
+			return ret;
+		}
+
+		a[a_val].value = id;
+		a[a_val].value_len = id_size;
+	} else {
+		a[a_val].value = cid->data;
+		a[a_val].value_len = cid->size;
+	}
+	a_val++;
+
+	a[a_val].type = CKA_SIGN;
+	if (key_usage & GNUTLS_KEY_DIGITAL_SIGNATURE) {
+		a[a_val].value = (void*)&tval;
+		a[a_val].value_len = sizeof(tval);
+	} else {
+		a[a_val].value = (void*)&fval;
+		a[a_val].value_len = sizeof(fval);
+	}
+	a_val++;
+
+	if (pk == GNUTLS_PK_RSA) {
+		a[a_val].type = CKA_DECRYPT;
+		if ((key_usage & (GNUTLS_KEY_ENCIPHER_ONLY|GNUTLS_KEY_DECIPHER_ONLY)) ||
+		    (key_usage & GNUTLS_KEY_KEY_ENCIPHERMENT)) {
+			a[a_val].value = (void*)&tval;
+			a[a_val].value_len = sizeof(tval);
+		} else {
+			a[a_val].value = (void*)&fval;
+			a[a_val].value_len = sizeof(fval);
+		}
+		a_val++;
+	}
+
+	a[a_val].type = CKA_TOKEN;
+	a[a_val].value = (void *) &tval;
+	a[a_val].value_len = sizeof(tval);
+	a_val++;
+
+	/* a private key is set always as private unless
+	 * requested otherwise
+	 */
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE) {
+		a[a_val].type = CKA_PRIVATE;
+		a[a_val].value = (void *) &fval;
+		a[a_val].value_len = sizeof(fval);
+		a_val++;
+	} else {
+		a[a_val].type = CKA_PRIVATE;
+		a[a_val].value = (void *) &tval;
+		a[a_val].value_len = sizeof(tval);
+		a_val++;
+	}
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_ALWAYS_AUTH) {
+		a[a_val].type = CKA_ALWAYS_AUTHENTICATE;
+		a[a_val].value = (void *) &tval;
+		a[a_val].value_len = sizeof(tval);
+		a_val++;
+	}
+
+	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_EXTRACTABLE) {
+		a[a_val].type = CKA_EXTRACTABLE;
+		a[a_val].value = (void *) &tval;
+		a[a_val].value_len = sizeof(tval);
+		(a_val)++;
+	} else {
+		a[a_val].type = CKA_EXTRACTABLE;
+		a[a_val].value = (void *) &fval;
+		a[a_val].value_len = sizeof(fval);
+		(a_val)++;
+	}
+
+	if (label) {
+		a[a_val].type = CKA_LABEL;
+		a[a_val].value = (void *) label;
+		a[a_val].value_len = strlen(label);
+		a_val++;
+	}
+
+	if (!(flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE)) {
+		a[a_val].type = CKA_SENSITIVE;
+		a[a_val].value = (void *) &tval;
+		a[a_val].value_len = sizeof(tval);
+		a_val++;
+	} else {
+		a[a_val].type = CKA_SENSITIVE;
+		a[a_val].value = (void *) &fval;
+		a[a_val].value_len = sizeof(fval);
+		a_val++;
+	}
+
+	switch (pk) {
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_RSA_PSS:
+		{
+
+			ret = _gnutls_params_get_rsa_raw(&key->params, &m, &e, &d, &p,
+							 &q, &u, &exp1, &exp2,
+							 GNUTLS_EXPORT_FLAG_NO_LZ);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			type = CKK_RSA;
+
+			a[a_val].type = CKA_MODULUS;
+			a[a_val].value = m.data;
+			a[a_val].value_len = m.size;
+			a_val++;
+
+			a[a_val].type = CKA_PUBLIC_EXPONENT;
+			a[a_val].value = e.data;
+			a[a_val].value_len = e.size;
+			a_val++;
+
+			a[a_val].type = CKA_PRIVATE_EXPONENT;
+			a[a_val].value = d.data;
+			a[a_val].value_len = d.size;
+			a_val++;
+
+			a[a_val].type = CKA_PRIME_1;
+			a[a_val].value = p.data;
+			a[a_val].value_len = p.size;
+			a_val++;
+
+			a[a_val].type = CKA_PRIME_2;
+			a[a_val].value = q.data;
+			a[a_val].value_len = q.size;
+			a_val++;
+
+			a[a_val].type = CKA_COEFFICIENT;
+			a[a_val].value = u.data;
+			a[a_val].value_len = u.size;
+			a_val++;
+
+			a[a_val].type = CKA_EXPONENT_1;
+			a[a_val].value = exp1.data;
+			a[a_val].value_len = exp1.size;
+			a_val++;
+
+			a[a_val].type = CKA_EXPONENT_2;
+			a[a_val].value = exp2.data;
+			a[a_val].value_len = exp2.size;
+			a_val++;
+
+			break;
+		}
+	case GNUTLS_PK_DSA:
+		{
+			ret = _gnutls_params_get_dsa_raw(&key->params, &p, &q, &g, &y, &x,
+							 GNUTLS_EXPORT_FLAG_NO_LZ);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			type = CKK_DSA;
+
+			a[a_val].type = CKA_PRIME;
+			a[a_val].value = p.data;
+			a[a_val].value_len = p.size;
+			a_val++;
+
+			a[a_val].type = CKA_SUBPRIME;
+			a[a_val].value = q.data;
+			a[a_val].value_len = q.size;
+			a_val++;
+
+			a[a_val].type = CKA_BASE;
+			a[a_val].value = g.data;
+			a[a_val].value_len = g.size;
+			a_val++;
+
+			a[a_val].type = CKA_VALUE;
+			a[a_val].value = x.data;
+			a[a_val].value_len = x.size;
+			a_val++;
+
+			break;
+		}
+	case GNUTLS_PK_EC:
+		{
+			ret =
+			    _gnutls_x509_write_ecc_params(key->params.curve,
+							  &p);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			ret =
+			    _gnutls_mpi_dprint(key->params.
+						params[ECC_K], &x);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			type = CKK_ECDSA;
+
+			a[a_val].type = CKA_EC_PARAMS;
+			a[a_val].value = p.data;
+			a[a_val].value_len = p.size;
+			a_val++;
+
+			a[a_val].type = CKA_VALUE;
+			a[a_val].value = x.data;
+			a[a_val].value_len = x.size;
+			a_val++;
+
+			break;
+		}
+#ifdef HAVE_CKM_EDDSA
+	case GNUTLS_PK_EDDSA_ED25519:
+		{
+			ret =
+			    _gnutls_x509_write_ecc_params(key->params.curve,
+							  &p);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			type = CKK_EC_EDWARDS;
+
+			a[a_val].type = CKA_EC_PARAMS;
+			a[a_val].value = p.data;
+			a[a_val].value_len = p.size;
+			a_val++;
+
+			a[a_val].type = CKA_VALUE;
+			a[a_val].value = key->params.raw_priv.data;
+			a[a_val].value_len = key->params.raw_priv.size;
+			a_val++;
+
+			break;
+		}
+#endif
+	default:
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	a[a_val].type = CKA_KEY_TYPE;
+	a[a_val].value = &type;
+	a[a_val].value_len = sizeof(type);
+	a_val++;
+
+	rv = pkcs11_create_object(sinfo.module, sinfo.pks, a, a_val, &ctx);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: %s\n", pkcs11_strerror(rv));
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	switch (pk) {
+	case GNUTLS_PK_RSA_PSS:
+	case GNUTLS_PK_RSA:
+		{
+			gnutls_free(m.data);
+			gnutls_free(e.data);
+			gnutls_free(d.data);
+			gnutls_free(p.data);
+			gnutls_free(q.data);
+			gnutls_free(u.data);
+			gnutls_free(exp1.data);
+			gnutls_free(exp2.data);
+			break;
+		}
+	case GNUTLS_PK_DSA:
+		{
+			gnutls_free(p.data);
+			gnutls_free(q.data);
+			gnutls_free(g.data);
+			gnutls_free(y.data);
+			gnutls_free(x.data);
+			break;
+		}
+	case GNUTLS_PK_EC:
+	case GNUTLS_PK_EDDSA_ED25519:
+		{
+			gnutls_free(p.data);
+			gnutls_free(x.data);
+			break;
+		}
+	default:
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		break;
+	}
+
+	if (sinfo.pks != 0)
+		pkcs11_close_session(&sinfo);
+
+	return ret;
+
+}
+
+struct delete_data_st {
+	struct p11_kit_uri *info;
+	unsigned int deleted;	/* how many */
+};
+
+static int
+delete_obj_url_cb(struct ck_function_list *module, struct pkcs11_session_info *sinfo,
+		  struct ck_token_info *tinfo,
+		  struct ck_info *lib_info, void *input)
+{
+	struct delete_data_st *find_data = input;
+	struct ck_attribute a[4];
+	struct ck_attribute *attr;
+	ck_object_class_t class;
+	ck_certificate_type_t type = (ck_certificate_type_t) - 1;
+	ck_rv_t rv;
+	ck_object_handle_t ctx;
+	unsigned long count, a_vals;
+	int found = 0, ret;
+
+	if (tinfo == NULL) {	/* we don't support multiple calls */
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	/* do not bother reading the token if basic fields do not match
+	 */
+	if (!p11_kit_uri_match_module_info(find_data->info, lib_info) ||
+	    !p11_kit_uri_match_token_info(find_data->info, tinfo)) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	/* Find objects with given class and type */
+	class = CKO_CERTIFICATE;	/* default  */
+	a_vals = 0;
+
+	attr = p11_kit_uri_get_attribute(find_data->info, CKA_CLASS);
+	if (attr != NULL) {
+		if (attr->value
+		    && attr->value_len == sizeof(ck_object_class_t))
+			class = *((ck_object_class_t *) attr->value);
+		if (class == CKO_CERTIFICATE)
+			type = CKC_X_509;
+
+		a[a_vals].type = CKA_CLASS;
+		a[a_vals].value = &class;
+		a[a_vals].value_len = sizeof(class);
+		a_vals++;
+	}
+
+	attr = p11_kit_uri_get_attribute(find_data->info, CKA_ID);
+	if (attr != NULL) {
+		memcpy(a + a_vals, attr, sizeof(struct ck_attribute));
+		a_vals++;
+	}
+
+	if (type != (ck_certificate_type_t) - 1) {
+		a[a_vals].type = CKA_CERTIFICATE_TYPE;
+		a[a_vals].value = &type;
+		a[a_vals].value_len = sizeof type;
+		a_vals++;
+	}
+
+	attr = p11_kit_uri_get_attribute(find_data->info, CKA_LABEL);
+	if (attr != NULL) {
+		memcpy(a + a_vals, attr, sizeof(struct ck_attribute));
+		a_vals++;
+	}
+
+	rv = pkcs11_find_objects_init(sinfo->module, sinfo->pks, a,
+				      a_vals);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: FindObjectsInit failed.\n");
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+
+	while (pkcs11_find_objects
+	       (sinfo->module, sinfo->pks, &ctx, 1, &count) == CKR_OK
+	       && count == 1) {
+		rv = pkcs11_destroy_object(sinfo->module, sinfo->pks, ctx);
+		if (rv != CKR_OK) {
+			_gnutls_debug_log
+			    ("p11: Cannot destroy object: %s\n",
+			     pkcs11_strerror(rv));
+		} else {
+			find_data->deleted++;
+		}
+
+		found = 1;
+	}
+
+	if (found == 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	} else {
+		ret = 0;
+	}
+
+      cleanup:
+	pkcs11_find_objects_final(sinfo);
+
+	return ret;
+}
+
+
+/**
+ * gnutls_pkcs11_delete_url:
+ * @object_url: The URL of the object to delete.
+ * @flags: One of GNUTLS_PKCS11_OBJ_* flags
+ * 
+ * This function will delete objects matching the given URL.
+ * Note that not all tokens support the delete operation.
+ *
+ * Returns: On success, the number of objects deleted is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_pkcs11_delete_url(const char *object_url, unsigned int flags)
+{
+	int ret;
+	struct delete_data_st find_data;
+
+	PKCS11_CHECK_INIT;
+
+	memset(&find_data, 0, sizeof(find_data));
+
+	ret = pkcs11_url_to_info(object_url, &find_data.info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _pkcs11_traverse_tokens(delete_obj_url_cb, &find_data,
+				    find_data.info, NULL,
+				    SESSION_WRITE |
+				    pkcs11_obj_flags_to_int(flags));
+	p11_kit_uri_free(find_data.info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return find_data.deleted;
+
+}
+
+/**
+ * gnutls_pkcs11_token_init:
+ * @token_url: A PKCS #11 URL specifying a token
+ * @so_pin: Security Officer's PIN
+ * @label: A name to be used for the token
+ *
+ * This function will initialize (format) a token. If the token is
+ * at a factory defaults state the security officer's PIN given will be
+ * set to be the default. Otherwise it should match the officer's PIN.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_pkcs11_token_init(const char *token_url,
+			 const char *so_pin, const char *label)
+{
+	int ret;
+	struct p11_kit_uri *info = NULL;
+	ck_rv_t rv;
+	struct ck_function_list *module;
+	ck_slot_id_t slot;
+	char flabel[32];
+
+	PKCS11_CHECK_INIT;
+
+	ret = pkcs11_url_to_info(token_url, &info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = pkcs11_find_slot(&module, &slot, info, NULL, NULL, NULL);
+	p11_kit_uri_free(info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* so it seems memset has other uses than zeroing! */
+	memset(flabel, ' ', sizeof(flabel));
+	if (label != NULL)
+		memcpy(flabel, label, strlen(label));
+
+	rv = pkcs11_init_token(module, slot, (uint8_t *) so_pin,
+			       strlen(so_pin), (uint8_t *) flabel);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: %s\n", pkcs11_strerror(rv));
+		return pkcs11_rv_to_err(rv);
+	}
+
+	return 0;
+
+}
+
+#define L(x) ((x==NULL)?0:strlen(x))
+
+/**
+ * gnutls_pkcs11_token_set_pin:
+ * @token_url: A PKCS #11 URL specifying a token
+ * @oldpin: old user's PIN
+ * @newpin: new user's PIN
+ * @flags: one of #gnutls_pin_flag_t.
+ *
+ * This function will modify or set a user or administrator's PIN for
+ * the given token.  If it is called to set a PIN for first time
+ * the oldpin must be %NULL. When setting the admin's PIN with the
+ * %GNUTLS_PIN_SO flag, the @oldpin value must be provided (this requirement
+ * is relaxed after GnuTLS 3.6.5 since which the PIN will be requested if missing).
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_pkcs11_token_set_pin(const char *token_url,
+			    const char *oldpin,
+			    const char *newpin, unsigned int flags)
+{
+	int ret;
+	struct p11_kit_uri *info = NULL;
+	ck_rv_t rv;
+	unsigned int ses_flags;
+	struct pkcs11_session_info sinfo;
+
+	PKCS11_CHECK_INIT;
+
+	ret = pkcs11_url_to_info(token_url, &info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (((flags & GNUTLS_PIN_USER) && oldpin == NULL) ||
+	    (flags & GNUTLS_PIN_SO))
+		ses_flags = SESSION_WRITE | SESSION_LOGIN | SESSION_SO;
+	else
+		ses_flags = SESSION_WRITE | SESSION_LOGIN;
+
+	ret = pkcs11_open_session(&sinfo, NULL, info, ses_flags);
+	p11_kit_uri_free(info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (oldpin == NULL && !(flags & GNUTLS_PIN_SO)) {
+		/* This changes only the user PIN */
+		rv = pkcs11_init_pin(sinfo.module, sinfo.pks,
+				     (uint8_t *) newpin, strlen(newpin));
+		if (rv != CKR_OK) {
+			gnutls_assert();
+			_gnutls_debug_log("p11: %s\n",
+					  pkcs11_strerror(rv));
+			ret = pkcs11_rv_to_err(rv);
+			goto finish;
+		}
+	} else {
+		struct p11_kit_pin *pin;
+		unsigned oldpin_size;
+
+		oldpin_size = L(oldpin);
+
+		if (!(sinfo.tinfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH)) {
+			if (newpin == NULL)
+				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+			if (oldpin == NULL) {
+				struct pin_info_st pin_info;
+				memset(&pin_info, 0, sizeof(pin_info));
+
+				ret = pkcs11_retrieve_pin(&pin_info, info, &sinfo.tinfo, 0, CKU_SO, &pin);
+				if (ret < 0) {
+					gnutls_assert();
+					goto finish;
+				}
+				oldpin = (const char*)p11_kit_pin_get_value(pin, NULL);
+				oldpin_size = p11_kit_pin_get_length(pin);
+			}
+		}
+
+		rv = pkcs11_set_pin(sinfo.module, sinfo.pks,
+				    oldpin, oldpin_size,
+				    newpin, L(newpin));
+		if (rv != CKR_OK) {
+			gnutls_assert();
+			_gnutls_debug_log("p11: %s\n",
+					  pkcs11_strerror(rv));
+			ret = pkcs11_rv_to_err(rv);
+			goto finish;
+		}
+	}
+
+	ret = 0;
+
+      finish:
+	pkcs11_close_session(&sinfo);
+	return ret;
+
+}
+
+/**
+ * gnutls_pkcs11_token_get_random:
+ * @token_url: A PKCS #11 URL specifying a token
+ * @len:       The number of bytes of randomness to request
+ * @rnddata:   A pointer to the memory area to be filled with random data
+ *
+ * This function will get random data from the given token.
+ * It will store rnddata and fill the memory pointed to by rnddata with
+ * len random bytes from the token.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_pkcs11_token_get_random(const char *token_url,
+			       void *rnddata, size_t len)
+{
+	int ret;
+	struct p11_kit_uri *info = NULL;
+	ck_rv_t rv;
+	struct pkcs11_session_info sinfo;
+
+	PKCS11_CHECK_INIT;
+
+	ret = pkcs11_url_to_info(token_url, &info, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = pkcs11_open_session(&sinfo, NULL, info, 0);
+	p11_kit_uri_free(info);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	rv = _gnutls_pkcs11_get_random(sinfo.module, sinfo.pks, rnddata, len);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("p11: %s\n", pkcs11_strerror(rv));
+		ret = pkcs11_rv_to_err(rv);
+		goto finish;
+	}
+
+	ret = 0;
+
+      finish:
+	pkcs11_close_session(&sinfo);
+	return ret;
+
+}
+
+#if 0
+/* For documentation purposes */
+
+
+/**
+ * gnutls_pkcs11_copy_x509_crt:
+ * @token_url: A PKCS #11 URL specifying a token
+ * @crt: A certificate
+ * @label: A name to be used for the stored data
+ * @flags: One of GNUTLS_PKCS11_OBJ_FLAG_*
+ *
+ * This function will copy a certificate into a PKCS #11 token specified by
+ * a URL. The certificate can be marked as trusted or not.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_pkcs11_copy_x509_crt(const char *token_url,
+			    gnutls_x509_crt_t crt, const char *label,
+			    unsigned int flags)
+{
+	int x;
+}
+
+/**
+ * gnutls_pkcs11_copy_x509_privkey:
+ * @token_url: A PKCS #11 URL specifying a token
+ * @key: A private key
+ * @label: A name to be used for the stored data
+ * @key_usage: One of GNUTLS_KEY_*
+ * @flags: One of GNUTLS_PKCS11_OBJ_* flags
+ *
+ * This function will copy a private key into a PKCS #11 token specified by
+ * a URL.
+ *
+ * Since 3.6.3 the objects are marked as sensitive by default unless
+ * %GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE is specified.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_pkcs11_copy_x509_privkey(const char *token_url,
+				gnutls_x509_privkey_t key,
+				const char *label,
+				unsigned int key_usage, unsigned int flags)
+{
+	int x;
+}
+
+#endif
diff --git a/lib/pkcs11x.c b/lib/pkcs11x.c
new file mode 100644
index 0000000..dfaee58
--- /dev/null
+++ b/lib/pkcs11x.c
@@ -0,0 +1,315 @@
+/*
+ * GnuTLS PKCS#11 support
+ * Copyright (C) 2010-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Red Hat
+ * 
+ * Authors: Nikos Mavrogiannopoulos
+ *
+ * GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/pkcs11.h>
+#include <global.h>
+#include "errors.h"
+#include "x509/common.h"
+
+#include <pkcs11_int.h>
+#include <p11-kit/p11-kit.h>
+#include "pkcs11x.h"
+#include "intprops.h"
+
+struct find_ext_data_st {
+	/* in */
+	gnutls_pkcs11_obj_t obj;
+	gnutls_datum_t spki;
+
+	/* out */
+	gnutls_x509_ext_st *exts;
+	unsigned int exts_size;
+};
+
+static int override_ext(gnutls_x509_crt_t crt, gnutls_datum_t *ext)
+{
+	gnutls_x509_ext_st parsed;
+	int ret;
+
+	ret = _gnutls_x509_decode_ext(ext, &parsed);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* set the new extension */
+	ret = _gnutls_x509_crt_set_extension(crt, parsed.oid, &parsed.data, parsed.critical);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	
+	ret = 0;
+ cleanup:
+	gnutls_x509_ext_deinit(&parsed);
+	return ret;
+}
+
+/* This function re-encodes a certificate to contain its stapled extensions.
+ * That assumes that the certificate is not in the distrusted list.
+ */
+int pkcs11_override_cert_exts(struct pkcs11_session_info *sinfo, gnutls_datum_t *spki, gnutls_datum_t *der)
+{
+	int ret;
+	gnutls_datum_t new_der = {NULL, 0};
+	struct ck_attribute a[2];
+	struct ck_attribute b[1];
+	unsigned long count;
+	unsigned ext_data_size = der->size;
+	uint8_t *ext_data = NULL;
+	ck_object_class_t class = -1;
+	gnutls_x509_crt_t crt = NULL;
+	unsigned finalize = 0;
+	ck_rv_t rv;
+	ck_object_handle_t obj;
+
+	if (sinfo->trusted == 0) {
+		_gnutls_debug_log("p11: cannot override extensions on a non-p11-kit trust module\n");
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	/* retrieve the extensions */
+	class = CKO_X_CERTIFICATE_EXTENSION;
+	a[0].type = CKA_CLASS;
+	a[0].value = &class;
+	a[0].value_len = sizeof class;
+
+	a[1].type = CKA_PUBLIC_KEY_INFO;
+	a[1].value = spki->data;
+	a[1].value_len = spki->size;
+
+	rv = pkcs11_find_objects_init(sinfo->module, sinfo->pks, a, 2);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log
+		    ("p11: FindObjectsInit failed for cert extensions.\n");
+		ret = pkcs11_rv_to_err(rv);
+		goto cleanup;
+	}
+	finalize = 1;
+
+	rv = pkcs11_find_objects(sinfo->module, sinfo->pks, &obj, 1, &count);
+	if (rv == CKR_OK && count == 1) {
+		ext_data = gnutls_malloc(ext_data_size);
+		if (ext_data == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto cleanup;
+		}
+
+		ret = gnutls_x509_crt_init(&crt);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = gnutls_x509_crt_import(crt, der, GNUTLS_X509_FMT_DER);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		do {
+
+			b[0].type = CKA_VALUE;
+			b[0].value = ext_data;
+			b[0].value_len = ext_data_size;
+
+			if (pkcs11_get_attribute_value
+			    (sinfo->module, sinfo->pks, obj, b, 1) == CKR_OK) {
+				gnutls_datum_t data = { b[0].value, b[0].value_len };
+
+				ret = override_ext(crt, &data);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+			}
+		} while (pkcs11_find_objects(sinfo->module, sinfo->pks, &obj, 1, &count) == CKR_OK && count == 1);
+
+		/* overwrite the old certificate with the new */
+		ret = gnutls_x509_crt_export2(crt, GNUTLS_X509_FMT_DER, &new_der);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		gnutls_free(der->data);
+		der->data = new_der.data;
+		der->size = new_der.size;
+	}
+
+	ret = 0;
+ cleanup:
+	if (crt != NULL)
+		gnutls_x509_crt_deinit(crt);
+	if (finalize != 0)
+		pkcs11_find_objects_final(sinfo);
+	gnutls_free(ext_data);
+	return ret;
+
+}
+
+static int
+find_ext_cb(struct ck_function_list *module, struct pkcs11_session_info *sinfo,
+	    struct ck_token_info *tinfo, struct ck_info *lib_info,
+	    void *input)
+{
+	struct find_ext_data_st *find_data = input;
+	struct ck_attribute a[4];
+	ck_object_class_t class = -1;
+	unsigned long count;
+	ck_rv_t rv;
+	ck_object_handle_t obj;
+	int ret;
+	gnutls_datum_t ext;
+
+	if (tinfo == NULL) {	/* we don't support multiple calls */
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	/* do not bother reading the token if basic fields do not match
+	 */
+	if (!p11_kit_uri_match_token_info
+	    (find_data->obj->info, tinfo)
+	    || !p11_kit_uri_match_module_info(find_data->obj->info,
+					      lib_info)) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	/* retrieve the extensions */
+	class = CKO_X_CERTIFICATE_EXTENSION;
+	a[0].type = CKA_CLASS;
+	a[0].value = &class;
+	a[0].value_len = sizeof class;
+
+	a[1].type = CKA_PUBLIC_KEY_INFO;
+	a[1].value = find_data->spki.data;
+	a[1].value_len = find_data->spki.size;
+
+	rv = pkcs11_find_objects_init(sinfo->module, sinfo->pks, a, 2);
+	if (rv != CKR_OK) {
+		gnutls_assert();
+		_gnutls_debug_log
+		    ("p11: FindObjectsInit failed for cert extensions.\n");
+		return pkcs11_rv_to_err(rv);
+	}
+
+	while(pkcs11_find_objects(sinfo->module, sinfo->pks, &obj, 1, &count) == CKR_OK && count == 1) {
+		rv = pkcs11_get_attribute_avalue(sinfo->module, sinfo->pks, obj, CKA_VALUE, &ext);
+		if (rv == CKR_OK) {
+
+			if (unlikely(INT_ADD_OVERFLOW(find_data->exts_size, 1))) {
+				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				goto cleanup;
+			}
+
+			find_data->exts =
+				_gnutls_reallocarray_fast(find_data->exts,
+							  find_data->exts_size + 1,
+							  sizeof(find_data->exts[0]));
+			if (find_data->exts == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				goto cleanup;
+			}
+
+			if (_gnutls_x509_decode_ext(&ext, &find_data->exts[find_data->exts_size]) == 0) {
+				find_data->exts_size++;
+			}
+			gnutls_free(ext.data);
+		}
+	}
+
+	ret = 0;
+ cleanup:
+	pkcs11_find_objects_final(sinfo);
+	return ret;
+}
+
+/**
+ * gnutls_pkcs11_obj_get_exts:
+ * @obj: should contain a #gnutls_pkcs11_obj_t type
+ * @exts: a pointer to a %gnutls_x509_ext_st pointer
+ * @exts_size: will be updated with the number of @exts
+ * @flags: Or sequence of %GNUTLS_PKCS11_OBJ_* flags 
+ *
+ * This function will return information about attached extensions
+ * that associate to the provided object (which should be a certificate).
+ * The extensions are the attached p11-kit trust module extensions.
+ *
+ * Each element of @exts must be deinitialized using gnutls_x509_ext_deinit()
+ * while @exts should be deallocated using gnutls_free().
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code on error.
+ *
+ * Since: 3.3.8
+ **/
+int
+gnutls_pkcs11_obj_get_exts(gnutls_pkcs11_obj_t obj,
+			   gnutls_x509_ext_st **exts, unsigned int *exts_size,
+			   unsigned int flags)
+{
+	int ret;
+	gnutls_datum_t spki = {NULL, 0};
+	struct find_ext_data_st find_data;
+	unsigned deinit_spki = 0;
+
+	PKCS11_CHECK_INIT;
+	memset(&find_data, 0, sizeof(find_data));
+
+	*exts_size = 0;
+
+	if (obj->type != GNUTLS_PKCS11_OBJ_X509_CRT && obj->type != GNUTLS_PKCS11_OBJ_PUBKEY)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (obj->type == GNUTLS_PKCS11_OBJ_PUBKEY) {
+		spki.data = obj->raw.data;
+		spki.size = obj->raw.size;
+	} else {
+		ret = _gnutls_x509_raw_crt_to_raw_pubkey(&obj->raw, &spki);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		deinit_spki = 1;
+	}
+
+	find_data.spki.data = spki.data;
+	find_data.spki.size = spki.size;
+	find_data.obj = obj;
+	ret =
+	    _pkcs11_traverse_tokens(find_ext_cb, &find_data, obj->info,
+				    &obj->pin,
+				    pkcs11_obj_flags_to_int(flags));
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	*exts = find_data.exts;
+	*exts_size = find_data.exts_size;
+
+	ret = 0;
+ cleanup:
+	if (deinit_spki)
+		gnutls_free(spki.data);
+	return ret;
+}
+
diff --git a/lib/pkcs11x.h b/lib/pkcs11x.h
new file mode 100644
index 0000000..6fb10cb
--- /dev/null
+++ b/lib/pkcs11x.h
@@ -0,0 +1,26 @@
+/*
+ * GnuTLS PKCS#11 support
+ * Copyright (C) 2014 Red Hat
+ * 
+ * Authors: Nikos Mavrogiannopoulos
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+
+#ifndef GNUTLS_LIB_PKCS11X_H
+#define GNUTLS_LIB_PKCS11X_H
+
+#include <p11-kit/pkcs11x.h>
+
+#endif /* GNUTLS_LIB_PKCS11X_H */
diff --git a/lib/pkix.asn b/lib/pkix.asn
new file mode 100644
index 0000000..48eaf39
--- /dev/null
+++ b/lib/pkix.asn
@@ -0,0 +1,608 @@
+
+PKIX1 { }
+
+DEFINITIONS IMPLICIT TAGS ::=
+
+BEGIN
+
+-- This contains both PKIX1Implicit88 and RFC2630 ASN.1 modules.
+-- ISO arc for standard certificate and CRL extensions
+
+-- authority key identifier OID and syntax
+
+PrivateKeyUsagePeriod ::= SEQUENCE {
+     notBefore       [0]     GeneralizedTime OPTIONAL,
+     notAfter        [1]     GeneralizedTime OPTIONAL }
+
+AuthorityKeyIdentifier ::= SEQUENCE {
+      keyIdentifier             [0] OCTET STRING             OPTIONAL, --KeyIdentifier
+      authorityCertIssuer       [1] GeneralNames             OPTIONAL,
+      authorityCertSerialNumber [2] CertificateSerialNumber  OPTIONAL }
+    -- authorityCertIssuer and authorityCertSerialNumber shall both
+    -- be present or both be absgent
+
+-- subject key identifier OID and syntax
+
+SubjectKeyIdentifier ::= OCTET STRING
+
+-- key usage extension OID and syntax
+
+KeyUsage ::= BIT STRING
+
+-- Directory string type --
+
+DirectoryString ::= CHOICE {
+      teletexString             TeletexString (SIZE (1..MAX)),
+      printableString           PrintableString (SIZE (1..MAX)),
+      universalString           UniversalString (SIZE (1..MAX)),
+      utf8String              UTF8String (SIZE (1..MAX)),
+      bmpString               BMPString (SIZE(1..MAX)) }
+
+SubjectAltName ::= GeneralNames
+
+GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
+
+GeneralName ::= CHOICE {
+     otherName                       [0]     AnotherName,
+     rfc822Name                      [1]     IA5String,
+     dNSName                         [2]     IA5String,
+     x400Address                     [3]     ANY,
+-- Changed to work with the libtasn1 parser.
+     directoryName                   [4]     EXPLICIT SEQUENCE OF RelativeDistinguishedName, --Name,
+     ediPartyName                    [5]     ANY, --EDIPartyName replaced by ANY to save memory
+     uniformResourceIdentifier       [6]     IA5String,
+     iPAddress                       [7]     OCTET STRING,
+     registeredID                    [8]     OBJECT IDENTIFIER }
+
+-- AnotherName replaces OTHER-NAME ::= TYPE-IDENTIFIER, as
+-- TYPE-IDENTIFIER is not supported in the '88 ASN.1 syntax
+
+AnotherName ::= SEQUENCE {
+     type-id    OBJECT IDENTIFIER,
+     value      [0] EXPLICIT ANY DEFINED BY type-id }
+
+-- issuer alternative name extension OID and syntax
+
+IssuerAltName ::= GeneralNames
+
+-- basic constraints extension OID and syntax
+
+BasicConstraints ::= SEQUENCE {
+     cA                      BOOLEAN DEFAULT FALSE,
+     pathLenConstraint       INTEGER (0..MAX) OPTIONAL }
+
+-- CRL distribution points extension OID and syntax
+
+CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
+
+DistributionPoint ::= SEQUENCE {
+     distributionPoint       [0]     EXPLICIT DistributionPointName OPTIONAL,
+     reasons                 [1]     ReasonFlags OPTIONAL,
+     cRLIssuer               [2]     GeneralNames OPTIONAL
+}
+
+DistributionPointName ::= CHOICE {
+    fullName                [0]     GeneralNames,
+    nameRelativeToCRLIssuer [1]     RelativeDistinguishedName 
+}
+
+ReasonFlags ::= BIT STRING
+
+-- extended key usage extension OID and syntax
+
+ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF OBJECT IDENTIFIER --ExtKeyUsageSyntax
+
+-- authority info access
+
+AuthorityInfoAccessSyntax  ::=
+        SEQUENCE SIZE (1..MAX) OF AccessDescription
+
+AccessDescription  ::=  SEQUENCE {
+        accessMethod          OBJECT IDENTIFIER,
+        accessLocation        GeneralName  }
+
+-- CRL number extension OID and syntax
+
+-- CRLNumber ::= INTEGER (0..MAX)
+
+-- certificate issuer CRL entry extension OID and syntax
+
+-- CertificateIssuer ::= GeneralNames
+
+-- --------------------------------------
+--  EXPLICIT
+-- --------------------------------------
+
+-- attribute data types --
+
+Attribute       ::=     SEQUENCE {
+        type            OBJECT IDENTIFIER, -- AttributeType
+        values  SET OF ANY -- AttributeValue
+                -- at least one value is required -- 
+}
+
+-- AttributeType           ::=   OBJECT IDENTIFIER
+
+-- AttributeValue          ::=   ANY DEFINED BY type
+
+AttributeTypeAndValue           ::=     SEQUENCE {
+        type    OBJECT IDENTIFIER, -- AttributeType
+        value   ANY } -- AttributeValue
+
+Name            ::=   CHOICE { -- only one possibility for now --
+                                 rdnSequence  SEQUENCE OF RelativeDistinguishedName }
+
+DistinguishedName       ::=   SEQUENCE OF RelativeDistinguishedName -- RDNSequence
+
+RelativeDistinguishedName  ::=
+                    SET SIZE (1 .. MAX) OF AttributeTypeAndValue
+
+
+-- --------------------------------------------------------
+-- certificate and CRL specific structures begin here
+-- --------------------------------------------------------
+
+Certificate  ::=  SEQUENCE  {
+     tbsCertificate       TBSCertificate,
+     signatureAlgorithm   AlgorithmIdentifier,
+     signature            BIT STRING  }
+
+TBSCertificate  ::=  SEQUENCE  {
+     version         [0]  EXPLICIT INTEGER DEFAULT 0,
+     serialNumber         CertificateSerialNumber,
+     signature            AlgorithmIdentifier,
+     issuer               Name,
+     validity             Validity,
+     subject              Name,
+     subjectPublicKeyInfo SubjectPublicKeyInfo,
+     issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
+                          -- If present, version shall be v2 or v3
+     subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
+                          -- If present, version shall be v2 or v3
+     extensions      [3]  EXPLICIT Extensions OPTIONAL
+                          -- If present, version shall be v3 --  
+}
+
+CertificateSerialNumber  ::=  INTEGER
+
+Validity ::= SEQUENCE {
+     notBefore      Time,
+     notAfter       Time }
+
+Time ::= CHOICE {
+     utcTime        UTCTime,
+     generalTime    GeneralizedTime }
+
+UniqueIdentifier  ::=  BIT STRING
+
+SubjectPublicKeyInfo  ::=  SEQUENCE  {
+     algorithm            AlgorithmIdentifier,
+     subjectPublicKey     BIT STRING  }
+
+Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
+
+Extension  ::=  SEQUENCE  {
+     extnID      OBJECT IDENTIFIER,
+     critical    BOOLEAN DEFAULT FALSE,
+     extnValue   OCTET STRING  }
+
+
+-- ------------------------------------------
+-- CRL structures
+-- ------------------------------------------
+
+CertificateList  ::=  SEQUENCE  {
+     tbsCertList          TBSCertList,
+     signatureAlgorithm   AlgorithmIdentifier,
+     signature            BIT STRING  }
+
+TBSCertList  ::=  SEQUENCE  {
+     version                 INTEGER OPTIONAL,
+                                  -- if present, shall be v2
+     signature               AlgorithmIdentifier,
+     issuer                  Name,
+     thisUpdate              Time,
+     nextUpdate              Time OPTIONAL,
+     revokedCertificates     SEQUENCE OF SEQUENCE  {
+          userCertificate         CertificateSerialNumber,
+          revocationDate          Time,
+          crlEntryExtensions      Extensions OPTIONAL
+                                         -- if present, shall be v2
+                               }  OPTIONAL,
+     crlExtensions           [0] EXPLICIT Extensions OPTIONAL
+                                         -- if present, shall be v2 -- 
+}
+
+-- Version, Time, CertificateSerialNumber, and Extensions were
+-- defined earlier for use in the certificate structure
+
+AlgorithmIdentifier  ::=  SEQUENCE  {
+     algorithm               OBJECT IDENTIFIER,
+     parameters              ANY DEFINED BY algorithm OPTIONAL  }
+                                -- contains a value of the type
+                                -- registered for use with the
+                                -- algorithm object identifier value
+
+-- Algorithm OIDs and parameter structures
+
+Dss-Sig-Value ::= SEQUENCE {
+     r       INTEGER,
+     s       INTEGER  
+}
+
+Dss-Parms  ::=  SEQUENCE  {
+     p             INTEGER,
+     q             INTEGER,
+     g             INTEGER  }
+
+-- Extension types and attribute values
+--
+
+-- END of PKIX1Implicit88
+
+
+-- BEGIN of RFC2630
+
+-- Cryptographic Message Syntax
+
+pkcs-7-ContentInfo ::= SEQUENCE {
+  contentType OBJECT IDENTIFIER,
+  content [0] EXPLICIT ANY DEFINED BY contentType }
+
+pkcs-7-DigestInfo ::= SEQUENCE {
+  digestAlgorithm AlgorithmIdentifier,
+  digest OCTET STRING 
+}
+
+pkcs-7-SignedData ::= SEQUENCE {
+  version INTEGER,
+  digestAlgorithms pkcs-7-DigestAlgorithmIdentifiers,
+  encapContentInfo pkcs-7-EncapsulatedContentInfo,
+  certificates [0] IMPLICIT pkcs-7-CertificateSet OPTIONAL,
+  crls [1] IMPLICIT pkcs-7-CertificateRevocationLists OPTIONAL,
+  signerInfos pkcs-7-SignerInfos 
+}
+
+pkcs-7-DigestAlgorithmIdentifiers ::= SET OF AlgorithmIdentifier
+
+-- rfc5652: eContent [0] EXPLICIT OCTET STRING OPTIONAL
+-- rfc2315: content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL
+
+pkcs-7-EncapsulatedContentInfo ::= SEQUENCE {
+  eContentType OBJECT IDENTIFIER,
+  eContent [0] EXPLICIT ANY OPTIONAL }
+
+-- We don't use CertificateList here since we only want
+-- to read the raw data.
+pkcs-7-CertificateRevocationLists ::= SET OF ANY
+
+pkcs-7-CertificateChoices ::= CHOICE {
+-- Although the paper uses Certificate type, we
+-- don't use it since, we don't need to parse it.
+-- We only need to read and store it.
+  certificate ANY
+}
+
+pkcs-7-CertificateSet ::= SET OF pkcs-7-CertificateChoices
+
+IssuerAndSerialNumber ::= SEQUENCE {
+	issuer Name,
+	serialNumber CertificateSerialNumber
+}
+
+pkcs-7-SignerInfo ::= SEQUENCE {
+     version INTEGER,
+     sid SignerIdentifier,
+     digestAlgorithm AlgorithmIdentifier,
+     signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
+     signatureAlgorithm AlgorithmIdentifier,
+     signature OCTET STRING,
+     unsignedAttrs [1] IMPLICIT SignedAttributes OPTIONAL }
+
+SignedAttributes ::= SET SIZE (1..MAX) OF Attribute
+
+SignerIdentifier ::= CHOICE {
+	issuerAndSerialNumber IssuerAndSerialNumber,
+	subjectKeyIdentifier [0] OCTET STRING
+}
+
+pkcs-7-SignerInfos ::= SET OF pkcs-7-SignerInfo
+
+
+-- BEGIN of RFC2986
+
+-- Certificate requests
+pkcs-10-CertificationRequestInfo ::= SEQUENCE {
+     version       INTEGER,
+     subject       Name,
+     subjectPKInfo SubjectPublicKeyInfo,
+     attributes    [0] Attributes
+}
+
+Attributes ::= SET OF Attribute
+
+pkcs-10-CertificationRequest ::= SEQUENCE {
+     certificationRequestInfo pkcs-10-CertificationRequestInfo,
+     signatureAlgorithm AlgorithmIdentifier,
+     signature          BIT STRING
+}
+
+-- stuff from PKCS#9
+
+pkcs-9-at-challengePassword OBJECT IDENTIFIER   ::= {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 7}
+
+pkcs-9-challengePassword        ::= CHOICE {
+      printableString       PrintableString,
+      utf8String            UTF8String }
+
+pkcs-9-localKeyId ::= OCTET STRING
+
+-- PKCS #8 stuff
+
+-- Private-key information syntax
+
+pkcs-8-PrivateKeyInfo ::= SEQUENCE {
+  version INTEGER,
+  privateKeyAlgorithm AlgorithmIdentifier,
+  privateKey OCTET STRING,
+  attributes [0] Attributes OPTIONAL }
+
+-- Encrypted private-key information syntax
+
+pkcs-8-EncryptedPrivateKeyInfo ::= SEQUENCE {
+    encryptionAlgorithm AlgorithmIdentifier,
+    encryptedData pkcs-8-EncryptedData 
+}
+
+pkcs-8-EncryptedData ::= OCTET STRING
+
+-- PKCS #5 stuff
+
+pkcs-5-des-CBC-params ::= OCTET STRING (SIZE(8))
+pkcs-5-des-EDE3-CBC-params ::= OCTET STRING (SIZE(8))
+pkcs-5-aes128-CBC-params ::= OCTET STRING (SIZE(16))
+pkcs-5-aes192-CBC-params ::= OCTET STRING (SIZE(16))
+pkcs-5-aes256-CBC-params ::= OCTET STRING (SIZE(16))
+
+-- GOST extension
+Gost28147-89-Parameters ::= SEQUENCE {
+	iv OCTET STRING, -- (SIZE (8))
+	encryptionParamSet OBJECT IDENTIFIER
+}
+
+pkcs-5-PBE-params ::= SEQUENCE {
+  salt OCTET STRING,
+  iterationCount INTEGER }
+
+pkcs-5-PBES2-params ::= SEQUENCE {
+  keyDerivationFunc AlgorithmIdentifier,
+  encryptionScheme AlgorithmIdentifier }
+
+-- PBKDF2
+
+-- pkcs-5-algid-hmacWithSHA1 AlgorithmIdentifier ::=
+--   {algorithm pkcs-5-id-hmacWithSHA1, parameters NULL : NULL}
+
+pkcs-5-PBKDF2-params ::= SEQUENCE {
+  salt CHOICE {
+    specified OCTET STRING,
+    otherSource AlgorithmIdentifier
+  },
+  iterationCount INTEGER (1..MAX),
+  keyLength INTEGER (1..MAX) OPTIONAL,
+  prf AlgorithmIdentifier OPTIONAL -- DEFAULT pkcs-5-id-hmacWithSHA1 
+}
+
+-- PKCS #12 stuff
+
+pkcs-12-PFX ::= SEQUENCE {
+  version   INTEGER {v3(3)},
+  authSafe  pkcs-7-ContentInfo,
+  macData   pkcs-12-MacData OPTIONAL
+}
+
+pkcs-12-PbeParams ::= SEQUENCE {
+  salt        OCTET STRING,
+  iterations  INTEGER
+}
+
+pkcs-12-MacData ::= SEQUENCE {
+  mac         pkcs-7-DigestInfo,
+  macSalt     OCTET STRING,
+  iterations  INTEGER DEFAULT 1
+-- Note: The default is for historical reasons and its use is
+-- deprecated. A higher value, like 1024 is recommended.
+}
+
+pkcs-12-AuthenticatedSafe ::= SEQUENCE OF pkcs-7-ContentInfo
+  -- Data if unencrypted
+  -- EncryptedData if password-encrypted
+  -- EnvelopedData if public key-encrypted
+
+pkcs-12-SafeContents ::= SEQUENCE OF pkcs-12-SafeBag
+
+pkcs-12-SafeBag ::= SEQUENCE {
+  bagId          OBJECT IDENTIFIER,
+  bagValue       [0] EXPLICIT ANY DEFINED BY badId,
+  bagAttributes  SET OF Attribute OPTIONAL
+}
+
+-- CertBag
+
+pkcs-12-CertBag ::= SEQUENCE {
+  certId    OBJECT IDENTIFIER,
+  certValue [0] EXPLICIT ANY DEFINED BY certId
+}
+
+-- x509Certificate BAG-TYPE ::= {OCTET STRING IDENTIFIED BY {pkcs-9-certTypes 1}}
+-- DER-encoded X.509 certificate stored in OCTET STRING
+
+pkcs-12-CRLBag ::= SEQUENCE {
+  crlId     OBJECT IDENTIFIER,
+  crlValue  [0] EXPLICIT ANY DEFINED BY crlId
+}
+
+pkcs-12-SecretBag ::= SEQUENCE {
+  secretTypeId     OBJECT IDENTIFIER,
+  secretValue  [0] EXPLICIT ANY DEFINED BY secretTypeId
+}
+
+-- x509CRL BAG-TYPE ::= {OCTET STRING IDENTIFIED BY {pkcs-9-crlTypes 1}}
+-- DER-encoded X.509 CRL stored in OCTET STRING
+
+-- PKCS #7 stuff (needed in PKCS 12)
+
+pkcs-7-Data ::= OCTET STRING
+
+pkcs-7-EncryptedData ::= SEQUENCE {
+    version INTEGER,
+    encryptedContentInfo pkcs-7-EncryptedContentInfo,
+    unprotectedAttrs [1] IMPLICIT pkcs-7-UnprotectedAttributes OPTIONAL }
+
+pkcs-7-EncryptedContentInfo ::= SEQUENCE {
+    contentType OBJECT IDENTIFIER,
+    contentEncryptionAlgorithm pkcs-7-ContentEncryptionAlgorithmIdentifier,
+    encryptedContent [0] IMPLICIT OCTET STRING OPTIONAL }
+
+pkcs-7-ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+
+pkcs-7-UnprotectedAttributes ::= SET SIZE (1..MAX) OF Attribute
+
+-- rfc3820
+
+ProxyCertInfo ::= SEQUENCE {
+   pCPathLenConstraint  INTEGER (0..MAX) OPTIONAL,
+   proxyPolicy          ProxyPolicy }
+
+ProxyPolicy ::= SEQUENCE {
+  policyLanguage   OBJECT IDENTIFIER,
+  policy           OCTET STRING OPTIONAL }
+
+-- 2.5.29.32
+
+
+certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
+
+PolicyInformation ::= SEQUENCE {
+  policyIdentifier   OBJECT IDENTIFIER,
+  policyQualifiers   SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL }
+
+PolicyQualifierInfo ::= SEQUENCE {
+  policyQualifierId  OBJECT IDENTIFIER,
+  qualifier          ANY DEFINED BY policyQualifierId }
+
+CPSuri ::= IA5String
+
+UserNotice ::= SEQUENCE {
+  noticeRef        NoticeReference OPTIONAL,
+  explicitText     DisplayText OPTIONAL }
+
+NoticeReference ::= SEQUENCE {
+  organization     DisplayText,
+  noticeNumbers    SEQUENCE OF INTEGER }
+
+DisplayText ::= CHOICE {
+  ia5String        IA5String      (SIZE (1..200)),
+  visibleString    VisibleString  (SIZE (1..200)),
+  bmpString        BMPString      (SIZE (1..200)),
+  utf8String       UTF8String     (SIZE (1..200)) }
+
+-- rfc2560
+
+OCSPRequest     ::=     SEQUENCE {
+    tbsRequest                  TBSRequest,
+    optionalSignature   [0]     EXPLICIT Signature OPTIONAL }
+
+TBSRequest      ::=     SEQUENCE {
+    version             [0] EXPLICIT INTEGER DEFAULT 0,
+    requestorName       [1] EXPLICIT GeneralName OPTIONAL,
+    requestList             SEQUENCE OF Request,
+    requestExtensions   [2] EXPLICIT Extensions OPTIONAL }
+
+Signature       ::=     SEQUENCE {
+    signatureAlgorithm   AlgorithmIdentifier,
+    signature            BIT STRING,
+    certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+
+Request ::=     SEQUENCE {
+    reqCert                    CertID,
+    singleRequestExtensions    [0] EXPLICIT Extensions OPTIONAL }
+
+CertID ::= SEQUENCE {
+    hashAlgorithm            AlgorithmIdentifier,
+    issuerNameHash     OCTET STRING, -- Hash of Issuer's DN
+    issuerKeyHash      OCTET STRING, -- Hash of Issuers public key
+    serialNumber       CertificateSerialNumber }
+
+OCSPResponse ::= SEQUENCE {
+   responseStatus         OCSPResponseStatus,
+   responseBytes          [0] EXPLICIT ResponseBytes OPTIONAL }
+
+OCSPResponseStatus ::= ENUMERATED {
+    successful            (0),      --Response has valid confirmations
+    malformedRequest      (1),      --Illegal confirmation request
+    internalError         (2),      --Internal error in issuer
+    tryLater              (3),      --Try again later
+                                    --(4) is not used
+    sigRequired           (5),      --Must sign the request
+    unauthorized          (6)       --Request unauthorized
+}
+
+ResponseBytes ::=       SEQUENCE {
+    responseType   OBJECT IDENTIFIER,
+    response       OCTET STRING }
+
+BasicOCSPResponse       ::= SEQUENCE {
+   tbsResponseData      ResponseData,
+   signatureAlgorithm   AlgorithmIdentifier,
+   signature            BIT STRING,
+   certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+
+ResponseData ::= SEQUENCE {
+   version              [0] EXPLICIT INTEGER DEFAULT 0,
+   responderID              ResponderID,
+   producedAt               GeneralizedTime,
+   responses                SEQUENCE OF SingleResponse,
+   responseExtensions   [1] EXPLICIT Extensions OPTIONAL }
+
+ResponderID ::= CHOICE {
+-- Changed to work with the libtasn1 parser.
+   byName   [1] EXPLICIT SEQUENCE OF RelativeDistinguishedName, --Name
+   byKey    [2] EXPLICIT OCTET STRING --SHA-1 hash of responder's public key 
+}
+
+SingleResponse ::= SEQUENCE {
+   certID                       CertID,
+   certStatus                   CertStatus,
+   thisUpdate                   GeneralizedTime,
+   nextUpdate           [0]     EXPLICIT GeneralizedTime OPTIONAL,
+   singleExtensions     [1]     EXPLICIT Extensions OPTIONAL }
+
+CertStatus ::= CHOICE {
+    good                [0]     IMPLICIT NULL,
+    revoked             [1]     IMPLICIT RevokedInfo,
+    unknown             [2]     IMPLICIT UnknownInfo }
+
+RevokedInfo ::= SEQUENCE {
+    revocationTime              GeneralizedTime,
+    revocationReason    [0]     EXPLICIT ENUMERATED { unspecified(0) } OPTIONAL }
+
+UnknownInfo ::= NULL -- this can be replaced with an enumeration
+
+-- rfc5280
+
+NameConstraints ::= SEQUENCE {
+     permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
+     excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
+
+GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
+
+GeneralSubtree ::= SEQUENCE {
+     base                    GeneralName,
+     minimum         [0]     INTEGER DEFAULT 0,
+     maximum         [1]     INTEGER OPTIONAL }
+
+-- rfc7633
+TlsFeatures ::= SEQUENCE OF INTEGER
+
+END
diff --git a/lib/pkix_asn1_tab.c b/lib/pkix_asn1_tab.c
new file mode 100644
index 0000000..e6ca2a8
--- /dev/null
+++ b/lib/pkix_asn1_tab.c
@@ -0,0 +1,481 @@
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <libtasn1.h>
+
+const asn1_static_node pkix_asn1_tab[] = {
+  { "PKIX1", 536875024, NULL },
+  { NULL, 1073741836, NULL },
+  { "PrivateKeyUsagePeriod", 1610612741, NULL },
+  { "notBefore", 1610637349, NULL },
+  { NULL, 4104, "0"},
+  { "notAfter", 536895525, NULL },
+  { NULL, 4104, "1"},
+  { "AuthorityKeyIdentifier", 1610612741, NULL },
+  { "keyIdentifier", 1610637319, NULL },
+  { NULL, 4104, "0"},
+  { "authorityCertIssuer", 1610637314, "GeneralNames"},
+  { NULL, 4104, "1"},
+  { "authorityCertSerialNumber", 536895490, "CertificateSerialNumber"},
+  { NULL, 4104, "2"},
+  { "SubjectKeyIdentifier", 1073741831, NULL },
+  { "KeyUsage", 1073741830, NULL },
+  { "DirectoryString", 1610612754, NULL },
+  { "teletexString", 1612709918, NULL },
+  { "MAX", 524298, "1"},
+  { "printableString", 1612709919, NULL },
+  { "MAX", 524298, "1"},
+  { "universalString", 1612709920, NULL },
+  { "MAX", 524298, "1"},
+  { "utf8String", 1612709922, NULL },
+  { "MAX", 524298, "1"},
+  { "bmpString", 538968097, NULL },
+  { "MAX", 524298, "1"},
+  { "SubjectAltName", 1073741826, "GeneralNames"},
+  { "GeneralNames", 1612709899, NULL },
+  { "MAX", 1074266122, "1"},
+  { NULL, 2, "GeneralName"},
+  { "GeneralName", 1610612754, NULL },
+  { "otherName", 1610620930, "AnotherName"},
+  { NULL, 4104, "0"},
+  { "rfc822Name", 1610620957, NULL },
+  { NULL, 4104, "1"},
+  { "dNSName", 1610620957, NULL },
+  { NULL, 4104, "2"},
+  { "x400Address", 1610620941, NULL },
+  { NULL, 4104, "3"},
+  { "directoryName", 1610620939, NULL },
+  { NULL, 1073743880, "4"},
+  { NULL, 2, "RelativeDistinguishedName"},
+  { "ediPartyName", 1610620941, NULL },
+  { NULL, 4104, "5"},
+  { "uniformResourceIdentifier", 1610620957, NULL },
+  { NULL, 4104, "6"},
+  { "iPAddress", 1610620935, NULL },
+  { NULL, 4104, "7"},
+  { "registeredID", 536879116, NULL },
+  { NULL, 4104, "8"},
+  { "AnotherName", 1610612741, NULL },
+  { "type-id", 1073741836, NULL },
+  { "value", 541073421, NULL },
+  { NULL, 1073743880, "0"},
+  { "type-id", 1, NULL },
+  { "IssuerAltName", 1073741826, "GeneralNames"},
+  { "BasicConstraints", 1610612741, NULL },
+  { "cA", 1610645508, NULL },
+  { NULL, 131081, NULL },
+  { "pathLenConstraint", 16387, NULL },
+  { "CRLDistributionPoints", 1612709899, NULL },
+  { "MAX", 1074266122, "1"},
+  { NULL, 2, "DistributionPoint"},
+  { "DistributionPoint", 1610612741, NULL },
+  { "distributionPoint", 1610637314, "DistributionPointName"},
+  { NULL, 2056, "0"},
+  { "reasons", 1610637314, "ReasonFlags"},
+  { NULL, 4104, "1"},
+  { "cRLIssuer", 536895490, "GeneralNames"},
+  { NULL, 4104, "2"},
+  { "DistributionPointName", 1610612754, NULL },
+  { "fullName", 1610620930, "GeneralNames"},
+  { NULL, 4104, "0"},
+  { "nameRelativeToCRLIssuer", 536879106, "RelativeDistinguishedName"},
+  { NULL, 4104, "1"},
+  { "ReasonFlags", 1073741830, NULL },
+  { "ExtKeyUsageSyntax", 1612709899, NULL },
+  { "MAX", 1074266122, "1"},
+  { NULL, 12, NULL },
+  { "AuthorityInfoAccessSyntax", 1612709899, NULL },
+  { "MAX", 1074266122, "1"},
+  { NULL, 2, "AccessDescription"},
+  { "AccessDescription", 1610612741, NULL },
+  { "accessMethod", 1073741836, NULL },
+  { "accessLocation", 2, "GeneralName"},
+  { "Attribute", 1610612741, NULL },
+  { "type", 1073741836, NULL },
+  { "values", 536870927, NULL },
+  { NULL, 13, NULL },
+  { "AttributeTypeAndValue", 1610612741, NULL },
+  { "type", 1073741836, NULL },
+  { "value", 13, NULL },
+  { "Name", 1610612754, NULL },
+  { "rdnSequence", 536870923, NULL },
+  { NULL, 2, "RelativeDistinguishedName"},
+  { "DistinguishedName", 1610612747, NULL },
+  { NULL, 2, "RelativeDistinguishedName"},
+  { "RelativeDistinguishedName", 1612709903, NULL },
+  { "MAX", 1074266122, "1"},
+  { NULL, 2, "AttributeTypeAndValue"},
+  { "Certificate", 1610612741, NULL },
+  { "tbsCertificate", 1073741826, "TBSCertificate"},
+  { "signatureAlgorithm", 1073741826, "AlgorithmIdentifier"},
+  { "signature", 6, NULL },
+  { "TBSCertificate", 1610612741, NULL },
+  { "version", 1610653699, NULL },
+  { NULL, 1073741833, "0"},
+  { NULL, 2056, "0"},
+  { "serialNumber", 1073741826, "CertificateSerialNumber"},
+  { "signature", 1073741826, "AlgorithmIdentifier"},
+  { "issuer", 1073741826, "Name"},
+  { "validity", 1073741826, "Validity"},
+  { "subject", 1073741826, "Name"},
+  { "subjectPublicKeyInfo", 1073741826, "SubjectPublicKeyInfo"},
+  { "issuerUniqueID", 1610637314, "UniqueIdentifier"},
+  { NULL, 4104, "1"},
+  { "subjectUniqueID", 1610637314, "UniqueIdentifier"},
+  { NULL, 4104, "2"},
+  { "extensions", 536895490, "Extensions"},
+  { NULL, 2056, "3"},
+  { "CertificateSerialNumber", 1073741827, NULL },
+  { "Validity", 1610612741, NULL },
+  { "notBefore", 1073741826, "Time"},
+  { "notAfter", 2, "Time"},
+  { "Time", 1610612754, NULL },
+  { "utcTime", 1073741860, NULL },
+  { "generalTime", 37, NULL },
+  { "UniqueIdentifier", 1073741830, NULL },
+  { "SubjectPublicKeyInfo", 1610612741, NULL },
+  { "algorithm", 1073741826, "AlgorithmIdentifier"},
+  { "subjectPublicKey", 6, NULL },
+  { "Extensions", 1612709899, NULL },
+  { "MAX", 1074266122, "1"},
+  { NULL, 2, "Extension"},
+  { "Extension", 1610612741, NULL },
+  { "extnID", 1073741836, NULL },
+  { "critical", 1610645508, NULL },
+  { NULL, 131081, NULL },
+  { "extnValue", 7, NULL },
+  { "CertificateList", 1610612741, NULL },
+  { "tbsCertList", 1073741826, "TBSCertList"},
+  { "signatureAlgorithm", 1073741826, "AlgorithmIdentifier"},
+  { "signature", 6, NULL },
+  { "TBSCertList", 1610612741, NULL },
+  { "version", 1073758211, NULL },
+  { "signature", 1073741826, "AlgorithmIdentifier"},
+  { "issuer", 1073741826, "Name"},
+  { "thisUpdate", 1073741826, "Time"},
+  { "nextUpdate", 1073758210, "Time"},
+  { "revokedCertificates", 1610629131, NULL },
+  { NULL, 536870917, NULL },
+  { "userCertificate", 1073741826, "CertificateSerialNumber"},
+  { "revocationDate", 1073741826, "Time"},
+  { "crlEntryExtensions", 16386, "Extensions"},
+  { "crlExtensions", 536895490, "Extensions"},
+  { NULL, 2056, "0"},
+  { "AlgorithmIdentifier", 1610612741, NULL },
+  { "algorithm", 1073741836, NULL },
+  { "parameters", 541081613, NULL },
+  { "algorithm", 1, NULL },
+  { "Dss-Sig-Value", 1610612741, NULL },
+  { "r", 1073741827, NULL },
+  { "s", 3, NULL },
+  { "Dss-Parms", 1610612741, NULL },
+  { "p", 1073741827, NULL },
+  { "q", 1073741827, NULL },
+  { "g", 3, NULL },
+  { "pkcs-7-ContentInfo", 1610612741, NULL },
+  { "contentType", 1073741836, NULL },
+  { "content", 541073421, NULL },
+  { NULL, 1073743880, "0"},
+  { "contentType", 1, NULL },
+  { "pkcs-7-DigestInfo", 1610612741, NULL },
+  { "digestAlgorithm", 1073741826, "AlgorithmIdentifier"},
+  { "digest", 7, NULL },
+  { "pkcs-7-SignedData", 1610612741, NULL },
+  { "version", 1073741827, NULL },
+  { "digestAlgorithms", 1073741826, "pkcs-7-DigestAlgorithmIdentifiers"},
+  { "encapContentInfo", 1073741826, "pkcs-7-EncapsulatedContentInfo"},
+  { "certificates", 1610637314, "pkcs-7-CertificateSet"},
+  { NULL, 4104, "0"},
+  { "crls", 1610637314, "pkcs-7-CertificateRevocationLists"},
+  { NULL, 4104, "1"},
+  { "signerInfos", 2, "pkcs-7-SignerInfos"},
+  { "pkcs-7-DigestAlgorithmIdentifiers", 1610612751, NULL },
+  { NULL, 2, "AlgorithmIdentifier"},
+  { "pkcs-7-EncapsulatedContentInfo", 1610612741, NULL },
+  { "eContentType", 1073741836, NULL },
+  { "eContent", 536895501, NULL },
+  { NULL, 2056, "0"},
+  { "pkcs-7-CertificateRevocationLists", 1610612751, NULL },
+  { NULL, 13, NULL },
+  { "pkcs-7-CertificateChoices", 1610612754, NULL },
+  { "certificate", 13, NULL },
+  { "pkcs-7-CertificateSet", 1610612751, NULL },
+  { NULL, 2, "pkcs-7-CertificateChoices"},
+  { "IssuerAndSerialNumber", 1610612741, NULL },
+  { "issuer", 1073741826, "Name"},
+  { "serialNumber", 2, "CertificateSerialNumber"},
+  { "pkcs-7-SignerInfo", 1610612741, NULL },
+  { "version", 1073741827, NULL },
+  { "sid", 1073741826, "SignerIdentifier"},
+  { "digestAlgorithm", 1073741826, "AlgorithmIdentifier"},
+  { "signedAttrs", 1610637314, "SignedAttributes"},
+  { NULL, 4104, "0"},
+  { "signatureAlgorithm", 1073741826, "AlgorithmIdentifier"},
+  { "signature", 1073741831, NULL },
+  { "unsignedAttrs", 536895490, "SignedAttributes"},
+  { NULL, 4104, "1"},
+  { "SignedAttributes", 1612709903, NULL },
+  { "MAX", 1074266122, "1"},
+  { NULL, 2, "Attribute"},
+  { "SignerIdentifier", 1610612754, NULL },
+  { "issuerAndSerialNumber", 1073741826, "IssuerAndSerialNumber"},
+  { "subjectKeyIdentifier", 536879111, NULL },
+  { NULL, 4104, "0"},
+  { "pkcs-7-SignerInfos", 1610612751, NULL },
+  { NULL, 2, "pkcs-7-SignerInfo"},
+  { "pkcs-10-CertificationRequestInfo", 1610612741, NULL },
+  { "version", 1073741827, NULL },
+  { "subject", 1073741826, "Name"},
+  { "subjectPKInfo", 1073741826, "SubjectPublicKeyInfo"},
+  { "attributes", 536879106, "Attributes"},
+  { NULL, 4104, "0"},
+  { "Attributes", 1610612751, NULL },
+  { NULL, 2, "Attribute"},
+  { "pkcs-10-CertificationRequest", 1610612741, NULL },
+  { "certificationRequestInfo", 1073741826, "pkcs-10-CertificationRequestInfo"},
+  { "signatureAlgorithm", 1073741826, "AlgorithmIdentifier"},
+  { "signature", 6, NULL },
+  { "pkcs-9-at-challengePassword", 1879048204, NULL },
+  { "iso", 1073741825, "1"},
+  { "member-body", 1073741825, "2"},
+  { "us", 1073741825, "840"},
+  { "rsadsi", 1073741825, "113549"},
+  { "pkcs", 1073741825, "1"},
+  { NULL, 1073741825, "9"},
+  { NULL, 1, "7"},
+  { "pkcs-9-challengePassword", 1610612754, NULL },
+  { "printableString", 1073741855, NULL },
+  { "utf8String", 34, NULL },
+  { "pkcs-9-localKeyId", 1073741831, NULL },
+  { "pkcs-8-PrivateKeyInfo", 1610612741, NULL },
+  { "version", 1073741827, NULL },
+  { "privateKeyAlgorithm", 1073741826, "AlgorithmIdentifier"},
+  { "privateKey", 1073741831, NULL },
+  { "attributes", 536895490, "Attributes"},
+  { NULL, 4104, "0"},
+  { "pkcs-8-EncryptedPrivateKeyInfo", 1610612741, NULL },
+  { "encryptionAlgorithm", 1073741826, "AlgorithmIdentifier"},
+  { "encryptedData", 2, "pkcs-8-EncryptedData"},
+  { "pkcs-8-EncryptedData", 1073741831, NULL },
+  { "pkcs-5-des-CBC-params", 1612709895, NULL },
+  { NULL, 1048586, "8"},
+  { "pkcs-5-des-EDE3-CBC-params", 1612709895, NULL },
+  { NULL, 1048586, "8"},
+  { "pkcs-5-aes128-CBC-params", 1612709895, NULL },
+  { NULL, 1048586, "16"},
+  { "pkcs-5-aes192-CBC-params", 1612709895, NULL },
+  { NULL, 1048586, "16"},
+  { "pkcs-5-aes256-CBC-params", 1612709895, NULL },
+  { NULL, 1048586, "16"},
+  { "Gost28147-89-Parameters", 1610612741, NULL },
+  { "iv", 1073741831, NULL },
+  { "encryptionParamSet", 12, NULL },
+  { "pkcs-5-PBE-params", 1610612741, NULL },
+  { "salt", 1073741831, NULL },
+  { "iterationCount", 3, NULL },
+  { "pkcs-5-PBES2-params", 1610612741, NULL },
+  { "keyDerivationFunc", 1073741826, "AlgorithmIdentifier"},
+  { "encryptionScheme", 2, "AlgorithmIdentifier"},
+  { "pkcs-5-PBKDF2-params", 1610612741, NULL },
+  { "salt", 1610612754, NULL },
+  { "specified", 1073741831, NULL },
+  { "otherSource", 2, "AlgorithmIdentifier"},
+  { "iterationCount", 1073741827, NULL },
+  { "keyLength", 1073758211, NULL },
+  { "prf", 16386, "AlgorithmIdentifier"},
+  { "pkcs-12-PFX", 1610612741, NULL },
+  { "version", 1610874883, NULL },
+  { "v3", 1, "3"},
+  { "authSafe", 1073741826, "pkcs-7-ContentInfo"},
+  { "macData", 16386, "pkcs-12-MacData"},
+  { "pkcs-12-PbeParams", 1610612741, NULL },
+  { "salt", 1073741831, NULL },
+  { "iterations", 3, NULL },
+  { "pkcs-12-MacData", 1610612741, NULL },
+  { "mac", 1073741826, "pkcs-7-DigestInfo"},
+  { "macSalt", 1073741831, NULL },
+  { "iterations", 536903683, NULL },
+  { NULL, 9, "1"},
+  { "pkcs-12-AuthenticatedSafe", 1610612747, NULL },
+  { NULL, 2, "pkcs-7-ContentInfo"},
+  { "pkcs-12-SafeContents", 1610612747, NULL },
+  { NULL, 2, "pkcs-12-SafeBag"},
+  { "pkcs-12-SafeBag", 1610612741, NULL },
+  { "bagId", 1073741836, NULL },
+  { "bagValue", 1614815245, NULL },
+  { NULL, 1073743880, "0"},
+  { "badId", 1, NULL },
+  { "bagAttributes", 536887311, NULL },
+  { NULL, 2, "Attribute"},
+  { "pkcs-12-CertBag", 1610612741, NULL },
+  { "certId", 1073741836, NULL },
+  { "certValue", 541073421, NULL },
+  { NULL, 1073743880, "0"},
+  { "certId", 1, NULL },
+  { "pkcs-12-CRLBag", 1610612741, NULL },
+  { "crlId", 1073741836, NULL },
+  { "crlValue", 541073421, NULL },
+  { NULL, 1073743880, "0"},
+  { "crlId", 1, NULL },
+  { "pkcs-12-SecretBag", 1610612741, NULL },
+  { "secretTypeId", 1073741836, NULL },
+  { "secretValue", 541073421, NULL },
+  { NULL, 1073743880, "0"},
+  { "secretTypeId", 1, NULL },
+  { "pkcs-7-Data", 1073741831, NULL },
+  { "pkcs-7-EncryptedData", 1610612741, NULL },
+  { "version", 1073741827, NULL },
+  { "encryptedContentInfo", 1073741826, "pkcs-7-EncryptedContentInfo"},
+  { "unprotectedAttrs", 536895490, "pkcs-7-UnprotectedAttributes"},
+  { NULL, 4104, "1"},
+  { "pkcs-7-EncryptedContentInfo", 1610612741, NULL },
+  { "contentType", 1073741836, NULL },
+  { "contentEncryptionAlgorithm", 1073741826, "pkcs-7-ContentEncryptionAlgorithmIdentifier"},
+  { "encryptedContent", 536895495, NULL },
+  { NULL, 4104, "0"},
+  { "pkcs-7-ContentEncryptionAlgorithmIdentifier", 1073741826, "AlgorithmIdentifier"},
+  { "pkcs-7-UnprotectedAttributes", 1612709903, NULL },
+  { "MAX", 1074266122, "1"},
+  { NULL, 2, "Attribute"},
+  { "ProxyCertInfo", 1610612741, NULL },
+  { "pCPathLenConstraint", 1073758211, NULL },
+  { "proxyPolicy", 2, "ProxyPolicy"},
+  { "ProxyPolicy", 1610612741, NULL },
+  { "policyLanguage", 1073741836, NULL },
+  { "policy", 16391, NULL },
+  { "certificatePolicies", 1612709899, NULL },
+  { "MAX", 1074266122, "1"},
+  { NULL, 2, "PolicyInformation"},
+  { "PolicyInformation", 1610612741, NULL },
+  { "policyIdentifier", 1073741836, NULL },
+  { "policyQualifiers", 538984459, NULL },
+  { "MAX", 1074266122, "1"},
+  { NULL, 2, "PolicyQualifierInfo"},
+  { "PolicyQualifierInfo", 1610612741, NULL },
+  { "policyQualifierId", 1073741836, NULL },
+  { "qualifier", 541065229, NULL },
+  { "policyQualifierId", 1, NULL },
+  { "CPSuri", 1073741853, NULL },
+  { "UserNotice", 1610612741, NULL },
+  { "noticeRef", 1073758210, "NoticeReference"},
+  { "explicitText", 16386, "DisplayText"},
+  { "NoticeReference", 1610612741, NULL },
+  { "organization", 1073741826, "DisplayText"},
+  { "noticeNumbers", 536870923, NULL },
+  { NULL, 3, NULL },
+  { "DisplayText", 1610612754, NULL },
+  { "ia5String", 1612709917, NULL },
+  { "200", 524298, "1"},
+  { "visibleString", 1612709923, NULL },
+  { "200", 524298, "1"},
+  { "bmpString", 1612709921, NULL },
+  { "200", 524298, "1"},
+  { "utf8String", 538968098, NULL },
+  { "200", 524298, "1"},
+  { "OCSPRequest", 1610612741, NULL },
+  { "tbsRequest", 1073741826, "TBSRequest"},
+  { "optionalSignature", 536895490, "Signature"},
+  { NULL, 2056, "0"},
+  { "TBSRequest", 1610612741, NULL },
+  { "version", 1610653699, NULL },
+  { NULL, 1073741833, "0"},
+  { NULL, 2056, "0"},
+  { "requestorName", 1610637314, "GeneralName"},
+  { NULL, 2056, "1"},
+  { "requestList", 1610612747, NULL },
+  { NULL, 2, "Request"},
+  { "requestExtensions", 536895490, "Extensions"},
+  { NULL, 2056, "2"},
+  { "Signature", 1610612741, NULL },
+  { "signatureAlgorithm", 1073741826, "AlgorithmIdentifier"},
+  { "signature", 1073741830, NULL },
+  { "certs", 536895499, NULL },
+  { NULL, 1073743880, "0"},
+  { NULL, 2, "Certificate"},
+  { "Request", 1610612741, NULL },
+  { "reqCert", 1073741826, "CertID"},
+  { "singleRequestExtensions", 536895490, "Extensions"},
+  { NULL, 2056, "0"},
+  { "CertID", 1610612741, NULL },
+  { "hashAlgorithm", 1073741826, "AlgorithmIdentifier"},
+  { "issuerNameHash", 1073741831, NULL },
+  { "issuerKeyHash", 1073741831, NULL },
+  { "serialNumber", 2, "CertificateSerialNumber"},
+  { "OCSPResponse", 1610612741, NULL },
+  { "responseStatus", 1073741826, "OCSPResponseStatus"},
+  { "responseBytes", 536895490, "ResponseBytes"},
+  { NULL, 2056, "0"},
+  { "OCSPResponseStatus", 1610874901, NULL },
+  { "successful", 1073741825, "0"},
+  { "malformedRequest", 1073741825, "1"},
+  { "internalError", 1073741825, "2"},
+  { "tryLater", 1073741825, "3"},
+  { "sigRequired", 1073741825, "5"},
+  { "unauthorized", 1, "6"},
+  { "ResponseBytes", 1610612741, NULL },
+  { "responseType", 1073741836, NULL },
+  { "response", 7, NULL },
+  { "BasicOCSPResponse", 1610612741, NULL },
+  { "tbsResponseData", 1073741826, "ResponseData"},
+  { "signatureAlgorithm", 1073741826, "AlgorithmIdentifier"},
+  { "signature", 1073741830, NULL },
+  { "certs", 536895499, NULL },
+  { NULL, 1073743880, "0"},
+  { NULL, 2, "Certificate"},
+  { "ResponseData", 1610612741, NULL },
+  { "version", 1610653699, NULL },
+  { NULL, 1073741833, "0"},
+  { NULL, 2056, "0"},
+  { "responderID", 1073741826, "ResponderID"},
+  { "producedAt", 1073741861, NULL },
+  { "responses", 1610612747, NULL },
+  { NULL, 2, "SingleResponse"},
+  { "responseExtensions", 536895490, "Extensions"},
+  { NULL, 2056, "1"},
+  { "ResponderID", 1610612754, NULL },
+  { "byName", 1610620939, NULL },
+  { NULL, 1073743880, "1"},
+  { NULL, 2, "RelativeDistinguishedName"},
+  { "byKey", 536879111, NULL },
+  { NULL, 2056, "2"},
+  { "SingleResponse", 1610612741, NULL },
+  { "certID", 1073741826, "CertID"},
+  { "certStatus", 1073741826, "CertStatus"},
+  { "thisUpdate", 1073741861, NULL },
+  { "nextUpdate", 1610637349, NULL },
+  { NULL, 2056, "0"},
+  { "singleExtensions", 536895490, "Extensions"},
+  { NULL, 2056, "1"},
+  { "CertStatus", 1610612754, NULL },
+  { "good", 1610620948, NULL },
+  { NULL, 4104, "0"},
+  { "revoked", 1610620930, "RevokedInfo"},
+  { NULL, 4104, "1"},
+  { "unknown", 536879106, "UnknownInfo"},
+  { NULL, 4104, "2"},
+  { "RevokedInfo", 1610612741, NULL },
+  { "revocationTime", 1073741861, NULL },
+  { "revocationReason", 537157653, NULL },
+  { NULL, 1073743880, "0"},
+  { "unspecified", 1, "0"},
+  { "UnknownInfo", 1073741844, NULL },
+  { "NameConstraints", 1610612741, NULL },
+  { "permittedSubtrees", 1610637314, "GeneralSubtrees"},
+  { NULL, 4104, "0"},
+  { "excludedSubtrees", 536895490, "GeneralSubtrees"},
+  { NULL, 4104, "1"},
+  { "GeneralSubtrees", 1612709899, NULL },
+  { "MAX", 1074266122, "1"},
+  { NULL, 2, "GeneralSubtree"},
+  { "GeneralSubtree", 1610612741, NULL },
+  { "base", 1073741826, "GeneralName"},
+  { "minimum", 1610653699, NULL },
+  { NULL, 1073741833, "0"},
+  { NULL, 4104, "0"},
+  { "maximum", 536895491, NULL },
+  { NULL, 4104, "1"},
+  { "TlsFeatures", 536870923, NULL },
+  { NULL, 3, NULL },
+  { NULL, 0, NULL }
+};
diff --git a/lib/prf.c b/lib/prf.c
new file mode 100644
index 0000000..bb76e2e
--- /dev/null
+++ b/lib/prf.c
@@ -0,0 +1,351 @@
+/*
+ * Copyright (C) 2002-2015 Free Software Foundation, Inc.
+ * Copyright (C) 2014-2015 Nikos Mavrogiannopoulos
+ * Copyright (C) 2016-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions for the TLS PRF handling.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "handshake.h"
+#include "secrets.h"
+#include <num.h>
+#include <state.h>
+#include <algorithms.h>
+
+/**
+ * gnutls_prf_raw:
+ * @session: is a #gnutls_session_t type.
+ * @label_size: length of the @label variable.
+ * @label: label used in PRF computation, typically a short string.
+ * @seed_size: length of the @seed variable.
+ * @seed: optional extra data to seed the PRF with.
+ * @outsize: size of pre-allocated output buffer to hold the output.
+ * @out: pre-allocated buffer to hold the generated data.
+ *
+ * Apply the TLS Pseudo-Random-Function (PRF) on the master secret
+ * and the provided data.
+ *
+ * The @label variable usually contains a string denoting the purpose
+ * for the generated data.  The @seed usually contains data such as the
+ * client and server random, perhaps together with some additional
+ * data that is added to guarantee uniqueness of the output for a
+ * particular purpose.
+ *
+ * Because the output is not guaranteed to be unique for a particular
+ * session unless @seed includes the client random and server random
+ * fields (the PRF would output the same data on another connection
+ * resumed from the first one), it is not recommended to use this
+ * function directly.  The gnutls_prf() function seeds the PRF with the
+ * client and server random fields directly, and is recommended if you
+ * want to generate pseudo random data unique for each session.
+ *
+ * Note: This function will only operate under TLS versions prior to 1.3.
+ * In TLS1.3 the use of PRF is replaced with HKDF and the generic
+ * exporters like gnutls_prf_rfc5705() should be used instead. Under
+ * TLS1.3 this function returns %GNUTLS_E_INVALID_REQUEST.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ **/
+int
+gnutls_prf_raw(gnutls_session_t session,
+	       size_t label_size,
+	       const char *label,
+	       size_t seed_size, const char *seed, size_t outsize,
+	       char *out)
+{
+	int ret;
+	const version_entry_st *vers = get_version(session);
+
+	if (vers && vers->tls13_sem)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (session->security_parameters.prf == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = _gnutls_prf_raw(session->security_parameters.prf->id,
+			  GNUTLS_MASTER_SIZE, session->security_parameters.master_secret,
+			  label_size, label,
+			  seed_size, (uint8_t *) seed,
+			  outsize, out);
+
+	return ret;
+}
+
+static int
+_tls13_derive_exporter(const mac_entry_st *prf,
+		       gnutls_session_t session,
+		       size_t label_size, const char *label,
+		       size_t context_size, const char *context,
+		       size_t outsize, char *out,
+		       bool early)
+{
+	uint8_t secret[MAX_HASH_SIZE];
+	uint8_t digest[MAX_HASH_SIZE];
+	unsigned digest_size = prf->output_size;
+	int ret;
+
+	ret = _tls13_derive_secret2(prf, label, label_size, NULL, 0,
+				    session->key.proto.tls13.ap_expkey,
+				    secret);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_hash_fast((gnutls_digest_algorithm_t)prf->id,
+			       context, context_size, digest);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return _tls13_expand_secret2(prf,
+				     EXPORTER_LABEL, sizeof(EXPORTER_LABEL)-1,
+				     digest, digest_size,
+				     secret, outsize, out);
+}
+
+/**
+ * gnutls_prf_rfc5705:
+ * @session: is a #gnutls_session_t type.
+ * @label_size: length of the @label variable.
+ * @label: label used in PRF computation, typically a short string.
+ * @context_size: length of the @extra variable.
+ * @context: optional extra data to seed the PRF with.
+ * @outsize: size of pre-allocated output buffer to hold the output.
+ * @out: pre-allocated buffer to hold the generated data.
+ *
+ * Exports keying material from TLS/DTLS session to an application, as
+ * specified in RFC5705.
+ *
+ * In the TLS versions prior to 1.3, it applies the TLS
+ * Pseudo-Random-Function (PRF) on the master secret and the provided
+ * data, seeded with the client and server random fields.
+ *
+ * In TLS 1.3, it applies HKDF on the exporter master secret derived
+ * from the master secret.
+ *
+ * The @label variable usually contains a string denoting the purpose
+ * for the generated data.
+ *
+ * The @context variable can be used to add more data to the seed, after
+ * the random variables.  It can be used to make sure the
+ * generated output is strongly connected to some additional data
+ * (e.g., a string used in user authentication). 
+ *
+ * The output is placed in @out, which must be pre-allocated.
+ *
+ * Note that, to provide the RFC5705 context, the @context variable
+ * must be non-null.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ *
+ * Since: 3.4.4
+ **/
+int
+gnutls_prf_rfc5705(gnutls_session_t session,
+		   size_t label_size, const char *label,
+		   size_t context_size, const char *context,
+		   size_t outsize, char *out)
+{
+	const version_entry_st *vers = get_version(session);
+	int ret;
+
+	if (session->security_parameters.prf == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (vers && vers->tls13_sem) {
+		ret = _tls13_derive_exporter(session->security_parameters.prf,
+					     session,
+					     label_size, label,
+					     context_size, context,
+					     outsize, out,
+					     0);
+	} else {
+		char *pctx = NULL;
+
+		if (context != NULL && context_size > 65535)  {
+			gnutls_assert();
+			return GNUTLS_E_INVALID_REQUEST;
+		}
+
+		if (context != NULL) {
+			pctx = gnutls_malloc(context_size+2);
+			if (!pctx) {
+				gnutls_assert();
+				return GNUTLS_E_MEMORY_ERROR;
+			}
+
+			memcpy(pctx+2, context, context_size);
+			_gnutls_write_uint16(context_size, (void*)pctx);
+			context_size += 2;
+		}
+
+		ret = gnutls_prf(session, label_size, label, 0,
+				 context_size, pctx, outsize, out);
+
+		gnutls_free(pctx);
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_prf_early:
+ * @session: is a #gnutls_session_t type.
+ * @label_size: length of the @label variable.
+ * @label: label used in PRF computation, typically a short string.
+ * @context_size: length of the @extra variable.
+ * @context: optional extra data to seed the PRF with.
+ * @outsize: size of pre-allocated output buffer to hold the output.
+ * @out: pre-allocated buffer to hold the generated data.
+ *
+ * This function is similar to gnutls_prf_rfc5705(), but only works in
+ * TLS 1.3 or later to export early keying material.
+ *
+ * Note that the keying material is only available after the
+ * ClientHello message is processed and before the application traffic
+ * keys are established.  Therefore this function shall be called in a
+ * handshake hook function for %GNUTLS_HANDSHAKE_CLIENT_HELLO.
+ *
+ * The @label variable usually contains a string denoting the purpose
+ * for the generated data.
+ *
+ * The @context variable can be used to add more data to the seed, after
+ * the random variables.  It can be used to make sure the
+ * generated output is strongly connected to some additional data
+ * (e.g., a string used in user authentication).
+ *
+ * The output is placed in @out, which must be pre-allocated.
+ *
+ * Note that, to provide the RFC5705 context, the @context variable
+ * must be non-null.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ *
+ * Since: 3.6.8
+ **/
+int
+gnutls_prf_early(gnutls_session_t session,
+		 size_t label_size, const char *label,
+		 size_t context_size, const char *context,
+		 size_t outsize, char *out)
+{
+	if (session->internals.initial_negotiation_completed ||
+	    session->key.binders[0].prf == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	return _tls13_derive_exporter(session->key.binders[0].prf, session,
+				      label_size, label,
+				      context_size, context,
+				      outsize, out,
+				      1);
+}
+
+/**
+ * gnutls_prf:
+ * @session: is a #gnutls_session_t type.
+ * @label_size: length of the @label variable.
+ * @label: label used in PRF computation, typically a short string.
+ * @server_random_first: non-zero if server random field should be first in seed
+ * @extra_size: length of the @extra variable.
+ * @extra: optional extra data to seed the PRF with.
+ * @outsize: size of pre-allocated output buffer to hold the output.
+ * @out: pre-allocated buffer to hold the generated data.
+ *
+ * Applies the TLS Pseudo-Random-Function (PRF) on the master secret
+ * and the provided data, seeded with the client and server random fields.
+ * For the key expansion specified in RFC5705 see gnutls_prf_rfc5705().
+ *
+ * The @label variable usually contains a string denoting the purpose
+ * for the generated data.  The @server_random_first indicates whether
+ * the client random field or the server random field should be first
+ * in the seed.  Non-zero indicates that the server random field is first,
+ * 0 that the client random field is first.
+ *
+ * The @extra variable can be used to add more data to the seed, after
+ * the random variables.  It can be used to make sure the
+ * generated output is strongly connected to some additional data
+ * (e.g., a string used in user authentication).
+ *
+ * The output is placed in @out, which must be pre-allocated.
+ *
+ * Note: This function produces identical output with gnutls_prf_rfc5705()
+ * when @server_random_first is set to 0 and @extra is %NULL. Under TLS1.3
+ * this function will only operate when these conditions are true, or otherwise
+ * return %GNUTLS_E_INVALID_REQUEST.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ **/
+int
+gnutls_prf(gnutls_session_t session,
+	   size_t label_size,
+	   const char *label,
+	   int server_random_first,
+	   size_t extra_size, const char *extra,
+	   size_t outsize, char *out)
+{
+	int ret;
+	uint8_t *seed;
+	const version_entry_st *vers = get_version(session);
+	size_t seedsize = 2 * GNUTLS_RANDOM_SIZE + extra_size;
+
+	if (vers && vers->tls13_sem) {
+		if (extra == NULL && server_random_first == 0)
+			return gnutls_prf_rfc5705(session, label_size, label,
+						  extra_size, extra, outsize, out);
+		else
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (session->security_parameters.prf == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	seed = gnutls_malloc(seedsize);
+	if (!seed) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	memcpy(seed, server_random_first ?
+	       session->security_parameters.server_random :
+	       session->security_parameters.client_random,
+	       GNUTLS_RANDOM_SIZE);
+	memcpy(seed + GNUTLS_RANDOM_SIZE,
+	       server_random_first ? session->security_parameters.
+	       client_random : session->security_parameters.server_random,
+	       GNUTLS_RANDOM_SIZE);
+
+	if (extra && extra_size) {
+		memcpy(seed + 2 * GNUTLS_RANDOM_SIZE, extra, extra_size);
+	}
+
+	ret =
+	    _gnutls_prf_raw(session->security_parameters.prf->id,
+			GNUTLS_MASTER_SIZE, session->security_parameters.master_secret,
+			label_size, label,
+			seedsize, seed,
+			outsize, out);
+
+	gnutls_free(seed);
+
+	return ret;
+}
+
diff --git a/lib/priority.c b/lib/priority.c
new file mode 100644
index 0000000..efa4d90
--- /dev/null
+++ b/lib/priority.c
@@ -0,0 +1,4053 @@
+/*
+ * Copyright (C) 2004-2015 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2019 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Here lies the code of the gnutls_*_set_priority() functions.
+ */
+
+#include "gnutls_int.h"
+#include "algorithms.h"
+#include "errors.h"
+#include <num.h>
+#include <gnutls/x509.h>
+#include <c-ctype.h>
+#include <hello_ext.h>
+#include <c-strcase.h>
+#include "fips.h"
+#include "errno.h"
+#include "ext/srp.h"
+#include <gnutls/gnutls.h>
+#include "profiles.h"
+#include "c-strcase.h"
+#include "inih/ini.h"
+#include "locks.h"
+#include "profiles.h"
+#include "name_val_array.h"
+
+#define MAX_ELEMENTS GNUTLS_MAX_ALGORITHM_NUM
+
+#define ENABLE_PROFILE(c, profile) do { \
+	c->additional_verify_flags &= 0x00ffffff; \
+	c->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(profile); \
+	c->level = _gnutls_profile_to_sec_level(profile); \
+	} while(0)
+
+/* This function is used by the test suite */
+char *_gnutls_resolve_priorities(const char* priorities);
+
+/* This variable points to either a constant value (DEFAULT_PRIORITY_STRING or
+ * externally assigned) or heap-allocated
+ * system_wide_config.default_priority_string. We can't move this to the
+ * system_wide_config struct, because this variable is part of (private) ABI
+ * exported for testing.
+ */
+const char *_gnutls_default_priority_string = DEFAULT_PRIORITY_STRING;
+
+static void prio_remove(priority_st * priority_list, unsigned int algo);
+static void prio_add(priority_st * priority_list, unsigned int algo);
+static void
+break_list(char *etag,
+		 char *broken_etag[MAX_ELEMENTS], int *size);
+
+typedef void (bulk_rmadd_func) (priority_st * priority_list, const int *);
+
+inline static void _set_priority(priority_st * st, const int *list)
+{
+	int num = 0, i;
+
+	while (list[num] != 0)
+		num++;
+	if (num > MAX_ALGOS)
+		num = MAX_ALGOS;
+	st->num_priorities = num;
+
+	for (i = 0; i < num; i++) {
+		st->priorities[i] = list[i];
+	}
+
+	return;
+}
+
+inline static void _add_priority(priority_st * st, const int *list)
+{
+	int num, i, j, init;
+
+	init = i = st->num_priorities;
+
+	for (num = 0; list[num] != 0; ++num) {
+		if (i + 1 > MAX_ALGOS) {
+			return;
+		}
+
+		for (j = 0; j < init; j++) {
+			if (st->priorities[j] == (unsigned) list[num]) {
+				break;
+			}
+		}
+
+		if (j == init) {
+			st->priorities[i++] = list[num];
+			st->num_priorities++;
+		}
+	}
+
+	return;
+}
+
+static void _clear_priorities(priority_st * st, const int *list)
+{
+	memset(st, 0, sizeof(*st));
+}
+
+static void _clear_given_priorities(priority_st * st, const int *list)
+{
+	unsigned i;
+
+	for (i=0;list[i]!=0;i++) {
+		prio_remove(st, list[i]);
+	}
+}
+
+static const int _supported_groups_dh[] = {
+	GNUTLS_GROUP_FFDHE2048,
+	GNUTLS_GROUP_FFDHE3072,
+	GNUTLS_GROUP_FFDHE4096,
+	GNUTLS_GROUP_FFDHE6144,
+	GNUTLS_GROUP_FFDHE8192,
+	0
+};
+
+static const int _supported_groups_ecdh[] = {
+	GNUTLS_GROUP_SECP256R1,
+	GNUTLS_GROUP_SECP384R1,
+	GNUTLS_GROUP_SECP521R1,
+	GNUTLS_GROUP_X25519, /* RFC 8422 */
+	GNUTLS_GROUP_X448, /* RFC 8422 */
+	0
+};
+
+static const int _supported_groups_gost[] = {
+#ifdef ENABLE_GOST
+	GNUTLS_GROUP_GC256A,
+	GNUTLS_GROUP_GC256B,
+	GNUTLS_GROUP_GC256C,
+	GNUTLS_GROUP_GC256D,
+	GNUTLS_GROUP_GC512A,
+	GNUTLS_GROUP_GC512B,
+	GNUTLS_GROUP_GC512C,
+#endif
+	0
+};
+
+static const int _supported_groups_normal[] = {
+	GNUTLS_GROUP_SECP256R1,
+	GNUTLS_GROUP_SECP384R1,
+	GNUTLS_GROUP_SECP521R1,
+	GNUTLS_GROUP_X25519, /* RFC 8422 */
+	GNUTLS_GROUP_X448, /* RFC 8422 */
+
+	/* These should stay last as our default behavior
+	 * is to send key shares for two top types (GNUTLS_KEY_SHARE_TOP2)
+	 * and we wouldn't want to have these sent by all clients
+	 * by default as they are quite expensive CPU-wise. */
+	GNUTLS_GROUP_FFDHE2048,
+	GNUTLS_GROUP_FFDHE3072,
+	GNUTLS_GROUP_FFDHE4096,
+	GNUTLS_GROUP_FFDHE6144,
+	GNUTLS_GROUP_FFDHE8192,
+	0
+};
+static const int* supported_groups_normal = _supported_groups_normal;
+
+static const int _supported_groups_secure128[] = {
+	GNUTLS_GROUP_SECP256R1,
+	GNUTLS_GROUP_SECP384R1,
+	GNUTLS_GROUP_SECP521R1,
+	GNUTLS_GROUP_X25519, /* RFC 8422 */
+	GNUTLS_GROUP_X448, /* RFC 8422 */
+	GNUTLS_GROUP_FFDHE2048,
+	GNUTLS_GROUP_FFDHE3072,
+	GNUTLS_GROUP_FFDHE4096,
+	GNUTLS_GROUP_FFDHE6144,
+	GNUTLS_GROUP_FFDHE8192,
+	0
+};
+static const int* supported_groups_secure128 = _supported_groups_secure128;
+
+static const int _supported_groups_suiteb128[] = {
+	GNUTLS_GROUP_SECP256R1,
+	GNUTLS_GROUP_SECP384R1,
+	0
+};
+static const int* supported_groups_suiteb128 = _supported_groups_suiteb128;
+
+static const int _supported_groups_suiteb192[] = {
+	GNUTLS_GROUP_SECP384R1,
+	0
+};
+static const int* supported_groups_suiteb192 = _supported_groups_suiteb192;
+
+static const int _supported_groups_secure192[] = {
+	GNUTLS_GROUP_SECP384R1,
+	GNUTLS_GROUP_SECP521R1,
+	GNUTLS_GROUP_FFDHE8192,
+	0
+};
+static const int* supported_groups_secure192 = _supported_groups_secure192;
+
+static const int protocol_priority[] = {
+	GNUTLS_TLS1_3,
+	GNUTLS_TLS1_2,
+	GNUTLS_TLS1_1,
+	GNUTLS_TLS1_0,
+	GNUTLS_DTLS1_2,
+	GNUTLS_DTLS1_0,
+	0
+};
+
+/* contains all the supported TLS protocols, intended to be used for eliminating them
+ */
+static const int stream_protocol_priority[] = {
+	GNUTLS_TLS1_3,
+	GNUTLS_TLS1_2,
+	GNUTLS_TLS1_1,
+	GNUTLS_TLS1_0,
+	0
+};
+
+/* contains all the supported DTLS protocols, intended to be used for eliminating them
+ */
+static const int dgram_protocol_priority[] = {
+	GNUTLS_DTLS1_2,
+	GNUTLS_DTLS1_0,
+	GNUTLS_DTLS0_9,
+	0
+};
+
+static const int dtls_protocol_priority[] = {
+	GNUTLS_DTLS1_2,
+	GNUTLS_DTLS1_0,
+	0
+};
+
+static const int _protocol_priority_suiteb[] = {
+	GNUTLS_TLS1_2,
+	0
+};
+static const int* protocol_priority_suiteb = _protocol_priority_suiteb;
+
+static const int _kx_priority_performance[] = {
+	GNUTLS_KX_RSA,
+#ifdef ENABLE_ECDHE
+	GNUTLS_KX_ECDHE_ECDSA,
+	GNUTLS_KX_ECDHE_RSA,
+#endif
+#ifdef ENABLE_DHE
+	GNUTLS_KX_DHE_RSA,
+#endif
+	0
+};
+static const int* kx_priority_performance = _kx_priority_performance;
+
+static const int _kx_priority_pfs[] = {
+#ifdef ENABLE_ECDHE
+	GNUTLS_KX_ECDHE_ECDSA,
+	GNUTLS_KX_ECDHE_RSA,
+#endif
+#ifdef ENABLE_DHE
+	GNUTLS_KX_DHE_RSA,
+#endif
+	0
+};
+static const int* kx_priority_pfs = _kx_priority_pfs;
+
+static const int _kx_priority_suiteb[] = {
+	GNUTLS_KX_ECDHE_ECDSA,
+	0
+};
+static const int* kx_priority_suiteb = _kx_priority_suiteb;
+
+static const int _kx_priority_secure[] = {
+	/* The ciphersuites that offer forward secrecy take
+	 * precedence
+	 */
+#ifdef ENABLE_ECDHE
+	GNUTLS_KX_ECDHE_ECDSA,
+	GNUTLS_KX_ECDHE_RSA,
+#endif
+	GNUTLS_KX_RSA,
+	/* KX-RSA is now ahead of DHE-RSA and DHE-DSS due to the compatibility
+	 * issues the DHE ciphersuites have. That is, one cannot enforce a specific
+	 * security level without dropping the connection.
+	 */
+#ifdef ENABLE_DHE
+	GNUTLS_KX_DHE_RSA,
+#endif
+	/* GNUTLS_KX_ANON_DH: Man-in-the-middle prone, don't add!
+	 */
+	0
+};
+static const int* kx_priority_secure = _kx_priority_secure;
+
+static const int _kx_priority_gost[] = {
+#ifdef ENABLE_GOST
+	GNUTLS_KX_VKO_GOST_12,
+#endif
+	0,
+};
+static const int* kx_priority_gost = _kx_priority_gost;
+
+static const int _cipher_priority_performance_default[] = {
+	GNUTLS_CIPHER_AES_128_GCM,
+	GNUTLS_CIPHER_AES_256_GCM,
+	GNUTLS_CIPHER_CHACHA20_POLY1305,
+	GNUTLS_CIPHER_AES_128_CCM,
+	GNUTLS_CIPHER_AES_256_CCM,
+	GNUTLS_CIPHER_AES_128_CBC,
+	GNUTLS_CIPHER_AES_256_CBC,
+	0
+};
+
+static const int _cipher_priority_performance_no_aesni[] = {
+	GNUTLS_CIPHER_CHACHA20_POLY1305,
+	GNUTLS_CIPHER_AES_128_GCM,
+	GNUTLS_CIPHER_AES_256_GCM,
+	GNUTLS_CIPHER_AES_128_CCM,
+	GNUTLS_CIPHER_AES_256_CCM,
+	GNUTLS_CIPHER_AES_128_CBC,
+	GNUTLS_CIPHER_AES_256_CBC,
+	0
+};
+
+/* If GCM and AES acceleration is available then prefer
+ * them over anything else. Overall we prioritise AEAD
+ * over legacy ciphers, and 256-bit over 128 (for future
+ * proof).
+ */
+static const int _cipher_priority_normal_default[] = {
+	GNUTLS_CIPHER_AES_256_GCM,
+	GNUTLS_CIPHER_CHACHA20_POLY1305,
+	GNUTLS_CIPHER_AES_256_CCM,
+
+	GNUTLS_CIPHER_AES_256_CBC,
+
+	GNUTLS_CIPHER_AES_128_GCM,
+	GNUTLS_CIPHER_AES_128_CCM,
+
+	GNUTLS_CIPHER_AES_128_CBC,
+	0
+};
+
+static const int cipher_priority_performance_fips[] = {
+	GNUTLS_CIPHER_AES_128_GCM,
+	GNUTLS_CIPHER_AES_128_CCM,
+	GNUTLS_CIPHER_AES_256_GCM,
+	GNUTLS_CIPHER_AES_256_CCM,
+
+	GNUTLS_CIPHER_AES_128_CBC,
+	GNUTLS_CIPHER_AES_256_CBC,
+	0
+};
+
+static const int cipher_priority_normal_fips[] = {
+	GNUTLS_CIPHER_AES_256_GCM,
+	GNUTLS_CIPHER_AES_256_CCM,
+	GNUTLS_CIPHER_AES_256_CBC,
+
+	GNUTLS_CIPHER_AES_128_GCM,
+	GNUTLS_CIPHER_AES_128_CBC,
+	GNUTLS_CIPHER_AES_128_CCM,
+	0
+};
+
+
+static const int _cipher_priority_suiteb128[] = {
+	GNUTLS_CIPHER_AES_256_GCM,
+	GNUTLS_CIPHER_AES_128_GCM,
+	0
+};
+static const int* cipher_priority_suiteb128 = _cipher_priority_suiteb128;
+
+static const int _cipher_priority_suiteb192[] = {
+	GNUTLS_CIPHER_AES_256_GCM,
+	0
+};
+static const int* cipher_priority_suiteb192 = _cipher_priority_suiteb192;
+
+
+static const int _cipher_priority_secure128[] = {
+	GNUTLS_CIPHER_AES_256_GCM,
+	GNUTLS_CIPHER_CHACHA20_POLY1305,
+	GNUTLS_CIPHER_AES_256_CBC,
+	GNUTLS_CIPHER_AES_256_CCM,
+
+	GNUTLS_CIPHER_AES_128_GCM,
+	GNUTLS_CIPHER_AES_128_CBC,
+	GNUTLS_CIPHER_AES_128_CCM,
+	0
+};
+static const int *cipher_priority_secure128 = _cipher_priority_secure128;
+
+
+static const int _cipher_priority_secure192[] = {
+	GNUTLS_CIPHER_AES_256_GCM,
+	GNUTLS_CIPHER_CHACHA20_POLY1305,
+	GNUTLS_CIPHER_AES_256_CBC,
+	GNUTLS_CIPHER_AES_256_CCM,
+	0
+};
+static const int* cipher_priority_secure192 = _cipher_priority_secure192;
+
+static const int _sign_priority_default[] = {
+	GNUTLS_SIGN_RSA_SHA256,
+	GNUTLS_SIGN_RSA_PSS_SHA256,
+	GNUTLS_SIGN_RSA_PSS_RSAE_SHA256,
+	GNUTLS_SIGN_ECDSA_SHA256,
+	GNUTLS_SIGN_ECDSA_SECP256R1_SHA256,
+
+	GNUTLS_SIGN_EDDSA_ED25519,
+
+	GNUTLS_SIGN_RSA_SHA384,
+	GNUTLS_SIGN_RSA_PSS_SHA384,
+	GNUTLS_SIGN_RSA_PSS_RSAE_SHA384,
+	GNUTLS_SIGN_ECDSA_SHA384,
+	GNUTLS_SIGN_ECDSA_SECP384R1_SHA384,
+
+	GNUTLS_SIGN_EDDSA_ED448,
+
+	GNUTLS_SIGN_RSA_SHA512,
+	GNUTLS_SIGN_RSA_PSS_SHA512,
+	GNUTLS_SIGN_RSA_PSS_RSAE_SHA512,
+
+	GNUTLS_SIGN_ECDSA_SHA512,
+	GNUTLS_SIGN_ECDSA_SECP521R1_SHA512,
+
+	GNUTLS_SIGN_RSA_SHA1,
+	GNUTLS_SIGN_ECDSA_SHA1,
+
+	0
+};
+static const int* sign_priority_default = _sign_priority_default;
+
+static const int _sign_priority_suiteb128[] = {
+	GNUTLS_SIGN_ECDSA_SHA256,
+	GNUTLS_SIGN_ECDSA_SECP256R1_SHA256,
+	GNUTLS_SIGN_ECDSA_SHA384,
+	GNUTLS_SIGN_ECDSA_SECP384R1_SHA384,
+	0
+};
+static const int* sign_priority_suiteb128 = _sign_priority_suiteb128;
+
+static const int _sign_priority_suiteb192[] = {
+	GNUTLS_SIGN_ECDSA_SHA384,
+	GNUTLS_SIGN_ECDSA_SECP384R1_SHA384,
+	0
+};
+static const int* sign_priority_suiteb192 = _sign_priority_suiteb192;
+
+static const int _sign_priority_secure128[] = {
+	GNUTLS_SIGN_RSA_SHA256,
+	GNUTLS_SIGN_RSA_PSS_SHA256,
+	GNUTLS_SIGN_RSA_PSS_RSAE_SHA256,
+	GNUTLS_SIGN_ECDSA_SHA256,
+	GNUTLS_SIGN_ECDSA_SECP256R1_SHA256,
+
+	GNUTLS_SIGN_EDDSA_ED25519,
+
+	GNUTLS_SIGN_RSA_SHA384,
+	GNUTLS_SIGN_RSA_PSS_SHA384,
+	GNUTLS_SIGN_RSA_PSS_RSAE_SHA384,
+	GNUTLS_SIGN_ECDSA_SHA384,
+	GNUTLS_SIGN_ECDSA_SECP384R1_SHA384,
+
+	GNUTLS_SIGN_EDDSA_ED448,
+
+	GNUTLS_SIGN_RSA_SHA512,
+	GNUTLS_SIGN_RSA_PSS_SHA512,
+	GNUTLS_SIGN_RSA_PSS_RSAE_SHA512,
+	GNUTLS_SIGN_ECDSA_SHA512,
+	GNUTLS_SIGN_ECDSA_SECP521R1_SHA512,
+
+	0
+};
+static const int* sign_priority_secure128 = _sign_priority_secure128;
+
+static const int _sign_priority_secure192[] = {
+	GNUTLS_SIGN_RSA_SHA384,
+	GNUTLS_SIGN_RSA_PSS_SHA384,
+	GNUTLS_SIGN_RSA_PSS_RSAE_SHA384,
+	GNUTLS_SIGN_ECDSA_SHA384,
+	GNUTLS_SIGN_ECDSA_SECP384R1_SHA384,
+	GNUTLS_SIGN_EDDSA_ED448,
+	GNUTLS_SIGN_RSA_SHA512,
+	GNUTLS_SIGN_RSA_PSS_SHA512,
+	GNUTLS_SIGN_RSA_PSS_RSAE_SHA512,
+	GNUTLS_SIGN_ECDSA_SHA512,
+	GNUTLS_SIGN_ECDSA_SECP521R1_SHA512,
+
+	0
+};
+static const int* sign_priority_secure192 = _sign_priority_secure192;
+
+static const int _sign_priority_gost[] = {
+#ifdef ENABLE_GOST
+	GNUTLS_SIGN_GOST_256,
+	GNUTLS_SIGN_GOST_512,
+#endif
+	0
+};
+static const int* sign_priority_gost = _sign_priority_gost;
+
+static const int mac_priority_normal_default[] = {
+	GNUTLS_MAC_SHA1,
+	GNUTLS_MAC_AEAD,
+	0
+};
+
+static const int mac_priority_normal_fips[] = {
+	GNUTLS_MAC_SHA1,
+	GNUTLS_MAC_AEAD,
+	0
+};
+
+static const int *cipher_priority_performance = _cipher_priority_performance_default;
+static const int *cipher_priority_normal = _cipher_priority_normal_default;
+static const int *mac_priority_normal = mac_priority_normal_default;
+
+static const int _cipher_priority_gost[] = {
+#ifdef ENABLE_GOST
+	GNUTLS_CIPHER_GOST28147_TC26Z_CNT,
+#endif
+	0
+};
+static const int *cipher_priority_gost = _cipher_priority_gost;
+
+static const int _mac_priority_gost[] = {
+#ifdef ENABLE_GOST
+	GNUTLS_MAC_GOST28147_TC26Z_IMIT,
+#endif
+	0
+};
+static const int *mac_priority_gost = _mac_priority_gost;
+
+/* if called with replace the default priorities with the FIPS140 ones */
+void _gnutls_priority_update_fips(void)
+{
+	cipher_priority_performance = cipher_priority_performance_fips;
+	cipher_priority_normal = cipher_priority_normal_fips;
+	mac_priority_normal = mac_priority_normal_fips;
+}
+
+void _gnutls_priority_update_non_aesni(void)
+{
+	/* if we have no AES acceleration in performance mode
+	 * prefer fast stream ciphers */
+	if (_gnutls_fips_mode_enabled() == 0) {
+		cipher_priority_performance = _cipher_priority_performance_no_aesni;
+	}
+}
+
+static const int _mac_priority_suiteb[] = {
+	GNUTLS_MAC_AEAD,
+	0
+};
+static const int* mac_priority_suiteb = _mac_priority_suiteb;
+
+static const int _mac_priority_secure128[] = {
+	GNUTLS_MAC_SHA1,
+	GNUTLS_MAC_AEAD,
+	0
+};
+static const int* mac_priority_secure128 = _mac_priority_secure128;
+
+static const int _mac_priority_secure192[] = {
+	GNUTLS_MAC_AEAD,
+	0
+};
+static const int* mac_priority_secure192 = _mac_priority_secure192;
+
+static const int cert_type_priority_default[] = {
+	GNUTLS_CRT_X509,
+	0
+};
+
+static const int cert_type_priority_all[] = {
+	GNUTLS_CRT_X509,
+	GNUTLS_CRT_RAWPK,
+	0
+};
+
+typedef void (rmadd_func) (priority_st * priority_list, unsigned int alg);
+
+static void prio_remove(priority_st * priority_list, unsigned int algo)
+{
+	unsigned int i;
+
+	for (i = 0; i < priority_list->num_priorities; i++) {
+		if (priority_list->priorities[i] == algo) {
+			priority_list->num_priorities--;
+			if ((priority_list->num_priorities - i) > 0)
+				memmove(&priority_list->priorities[i],
+					&priority_list->priorities[i + 1],
+					(priority_list->num_priorities -
+					 i) *
+					sizeof(priority_list->
+					       priorities[0]));
+			priority_list->priorities[priority_list->
+						num_priorities] = 0;
+			break;
+		}
+	}
+
+	return;
+}
+
+static void prio_add(priority_st * priority_list, unsigned int algo)
+{
+	unsigned int i, l = priority_list->num_priorities;
+
+	if (l >= MAX_ALGOS)
+		return;		/* can't add it anyway */
+
+	for (i = 0; i < l; ++i) {
+		if (algo == priority_list->priorities[i])
+			return;	/* if it exists */
+	}
+
+	priority_list->priorities[l] = algo;
+	priority_list->num_priorities++;
+
+	return;
+}
+
+
+/**
+ * gnutls_priority_set:
+ * @session: is a #gnutls_session_t type.
+ * @priority: is a #gnutls_priority_t type.
+ *
+ * Sets the priorities to use on the ciphers, key exchange methods,
+ * and macs. Note that this function is expected to be called once
+ * per session; when called multiple times (e.g., before a re-handshake,
+ * the caller should make sure that any new settings are not incompatible
+ * with the original session).
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code on error.
+ **/
+int
+gnutls_priority_set(gnutls_session_t session, gnutls_priority_t priority)
+{
+	int ret;
+
+	if (priority == NULL || priority->protocol.num_priorities == 0 ||
+	    priority->cs.size == 0)
+		return gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET);
+
+	/* set the current version to the first in the chain, if this is
+	 * the call before the initial handshake. During a re-handshake
+	 * we do not set the version to avoid overriding the currently
+	 * negotiated version. */
+	if (!session->internals.handshake_in_progress &&
+	    !session->internals.initial_negotiation_completed) {
+		ret = _gnutls_set_current_version(session,
+						  priority->protocol.priorities[0]);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	/* At this point the provided priorities passed the sanity tests */
+
+	if (session->internals.priorities)
+		gnutls_priority_deinit(session->internals.priorities);
+
+	gnutls_atomic_increment(&priority->usage_cnt);
+	session->internals.priorities = priority;
+
+	if (priority->no_tickets != 0) {
+		session->internals.flags |= GNUTLS_NO_TICKETS;
+	}
+
+	if (priority->no_tickets_tls12 != 0) {
+		/* when PFS is explicitly requested, disable session tickets for TLS 1.2 */
+		session->internals.flags |= GNUTLS_NO_TICKETS_TLS12;
+	}
+
+	ADD_PROFILE_VFLAGS(session, priority->additional_verify_flags);
+
+	/* mirror variables */
+#undef COPY_TO_INTERNALS
+#define COPY_TO_INTERNALS(xx) session->internals.xx = priority->_##xx
+	COPY_TO_INTERNALS(allow_large_records);
+	COPY_TO_INTERNALS(allow_small_records);
+	COPY_TO_INTERNALS(no_etm);
+	COPY_TO_INTERNALS(no_ext_master_secret);
+	COPY_TO_INTERNALS(allow_key_usage_violation);
+	COPY_TO_INTERNALS(allow_wrong_pms);
+	COPY_TO_INTERNALS(dumbfw);
+	COPY_TO_INTERNALS(dh_prime_bits);
+
+	return 0;
+}
+
+
+#define LEVEL_NONE "NONE"
+#define LEVEL_NORMAL "NORMAL"
+#define LEVEL_PFS "PFS"
+#define LEVEL_PERFORMANCE "PERFORMANCE"
+#define LEVEL_SECURE128 "SECURE128"
+#define LEVEL_SECURE192 "SECURE192"
+#define LEVEL_SECURE256 "SECURE256"
+#define LEVEL_SUITEB128 "SUITEB128"
+#define LEVEL_SUITEB192 "SUITEB192"
+#define LEVEL_LEGACY "LEGACY"
+#define LEVEL_SYSTEM "SYSTEM"
+
+struct priority_groups_st {
+	const char *name;
+	const char *alias;
+	const int **proto_list;
+	const int **cipher_list;
+	const int **mac_list;
+	const int **kx_list;
+	const int **sign_list;
+	const int **group_list;
+	unsigned profile;
+	int sec_param;
+	bool no_tickets;
+	bool no_tickets_tls12;
+};
+
+static const struct priority_groups_st pgroups[] =
+{
+	{.name = LEVEL_NORMAL,
+	 .cipher_list = &cipher_priority_normal,
+	 .mac_list = &mac_priority_normal,
+	 .kx_list = &kx_priority_secure,
+	 .sign_list = &sign_priority_default,
+	 .group_list = &supported_groups_normal,
+	 .profile = GNUTLS_PROFILE_LOW,
+	 .sec_param = GNUTLS_SEC_PARAM_WEAK
+	},
+	{.name = LEVEL_PFS,
+	 .cipher_list = &cipher_priority_normal,
+	 .mac_list = &mac_priority_secure128,
+	 .kx_list = &kx_priority_pfs,
+	 .sign_list = &sign_priority_default,
+	 .group_list = &supported_groups_normal,
+	 .profile = GNUTLS_PROFILE_LOW,
+	 .sec_param = GNUTLS_SEC_PARAM_WEAK,
+	 .no_tickets_tls12 = 1
+	},
+	{.name = LEVEL_SECURE128,
+	 .alias = "SECURE",
+	 .cipher_list = &cipher_priority_secure128,
+	 .mac_list = &mac_priority_secure128,
+	 .kx_list = &kx_priority_secure,
+	 .sign_list = &sign_priority_secure128,
+	 .group_list = &supported_groups_secure128,
+		/* The profile should have been HIGH but if we don't allow
+		 * SHA-1 (80-bits) as signature algorithm we are not able
+		 * to connect anywhere with this level */
+	 .profile = GNUTLS_PROFILE_LOW,
+	 .sec_param = GNUTLS_SEC_PARAM_LOW
+	},
+	{.name = LEVEL_SECURE192,
+	 .alias = LEVEL_SECURE256,
+	 .cipher_list = &cipher_priority_secure192,
+	 .mac_list = &mac_priority_secure192,
+	 .kx_list = &kx_priority_secure,
+	 .sign_list = &sign_priority_secure192,
+	 .group_list = &supported_groups_secure192,
+	 .profile = GNUTLS_PROFILE_HIGH,
+	 .sec_param = GNUTLS_SEC_PARAM_HIGH
+	},
+	{.name = LEVEL_SUITEB128,
+	 .proto_list = &protocol_priority_suiteb,
+	 .cipher_list = &cipher_priority_suiteb128,
+	 .mac_list = &mac_priority_suiteb,
+	 .kx_list = &kx_priority_suiteb,
+	 .sign_list = &sign_priority_suiteb128,
+	 .group_list = &supported_groups_suiteb128,
+	 .profile = GNUTLS_PROFILE_SUITEB128,
+	 .sec_param = GNUTLS_SEC_PARAM_HIGH
+	},
+	{.name = LEVEL_SUITEB192,
+	 .proto_list = &protocol_priority_suiteb,
+	 .cipher_list = &cipher_priority_suiteb192,
+	 .mac_list = &mac_priority_suiteb,
+	 .kx_list = &kx_priority_suiteb,
+	 .sign_list = &sign_priority_suiteb192,
+	 .group_list = &supported_groups_suiteb192,
+	 .profile = GNUTLS_PROFILE_SUITEB192,
+	 .sec_param = GNUTLS_SEC_PARAM_ULTRA
+	},
+	{.name = LEVEL_LEGACY,
+	 .cipher_list = &cipher_priority_normal,
+	 .mac_list = &mac_priority_normal,
+	 .kx_list = &kx_priority_secure,
+	 .sign_list = &sign_priority_default,
+	 .group_list = &supported_groups_normal,
+	 .sec_param = GNUTLS_SEC_PARAM_VERY_WEAK
+	},
+	{.name = LEVEL_PERFORMANCE,
+	 .cipher_list = &cipher_priority_performance,
+	 .mac_list = &mac_priority_normal,
+	 .kx_list = &kx_priority_performance,
+	 .sign_list = &sign_priority_default,
+	 .group_list = &supported_groups_normal,
+	 .profile = GNUTLS_PROFILE_LOW,
+	 .sec_param = GNUTLS_SEC_PARAM_WEAK
+	},
+	{
+	 .name = NULL,
+	}
+};
+
+#define SET_PROFILE(to_set) \
+	profile = GNUTLS_VFLAGS_TO_PROFILE(priority_cache->additional_verify_flags); \
+	if (profile == 0 || profile > to_set) { \
+		priority_cache->additional_verify_flags &= ~GNUTLS_VFLAGS_PROFILE_MASK; \
+		priority_cache->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(to_set); \
+	}
+
+#define SET_LEVEL(to_set) \
+		if (priority_cache->level == 0 || (unsigned)priority_cache->level > (unsigned)to_set) \
+			priority_cache->level = to_set
+
+static
+int check_level(const char *level, gnutls_priority_t priority_cache,
+		int add)
+{
+	bulk_rmadd_func *func;
+	unsigned profile = 0;
+	unsigned i;
+	int j;
+	const cipher_entry_st *centry;
+
+	if (add)
+		func = _add_priority;
+	else
+		func = _set_priority;
+
+	for (i=0;;i++) {
+		if (pgroups[i].name == NULL)
+			return 0;
+
+		if (c_strcasecmp(level, pgroups[i].name) == 0 ||
+			(pgroups[i].alias != NULL && c_strcasecmp(level, pgroups[i].alias) == 0)) {
+			if (pgroups[i].proto_list != NULL)
+				func(&priority_cache->protocol, *pgroups[i].proto_list);
+			func(&priority_cache->_cipher, *pgroups[i].cipher_list);
+			func(&priority_cache->_kx, *pgroups[i].kx_list);
+			func(&priority_cache->_mac, *pgroups[i].mac_list);
+			func(&priority_cache->_sign_algo, *pgroups[i].sign_list);
+			func(&priority_cache->_supported_ecc, *pgroups[i].group_list);
+
+			if (pgroups[i].profile != 0) {
+				SET_PROFILE(pgroups[i].profile); /* set certificate level */
+			}
+			SET_LEVEL(pgroups[i].sec_param); /* set DH params level */
+			priority_cache->no_tickets = pgroups[i].no_tickets;
+			priority_cache->no_tickets_tls12 = pgroups[i].no_tickets_tls12;
+			if (priority_cache->have_cbc == 0) {
+				for (j=0;(*pgroups[i].cipher_list)[j]!=0;j++) {
+					centry = cipher_to_entry((*pgroups[i].cipher_list)[j]);
+					if (centry != NULL && centry->type == CIPHER_BLOCK) {
+						priority_cache->have_cbc = 1;
+						break;
+					}
+				}
+			}
+			return 1;
+		}
+	}
+}
+
+static void enable_compat(gnutls_priority_t c)
+{
+	ENABLE_PRIO_COMPAT(c);
+}
+static void enable_server_key_usage_violations(gnutls_priority_t c)
+{
+	c->allow_server_key_usage_violation = 1;
+}
+static void enable_allow_small_records(gnutls_priority_t c)
+{
+	c->_allow_small_records = 1;
+}
+static void enable_dumbfw(gnutls_priority_t c)
+{
+	c->_dumbfw = 1;
+}
+static void enable_no_extensions(gnutls_priority_t c)
+{
+	c->no_extensions = 1;
+}
+static void enable_no_ext_master_secret(gnutls_priority_t c)
+{
+	c->_no_ext_master_secret = 1;
+}
+static void enable_no_etm(gnutls_priority_t c)
+{
+	c->_no_etm = 1;
+}
+static void enable_force_etm(gnutls_priority_t c)
+{
+	c->force_etm = 1;
+}
+static void enable_no_tickets(gnutls_priority_t c)
+{
+	c->no_tickets = 1;
+}
+static void enable_no_tickets_tls12(gnutls_priority_t c)
+{
+	c->no_tickets_tls12 = 1;
+}
+static void disable_wildcards(gnutls_priority_t c)
+{
+	c->additional_verify_flags |= GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS;
+}
+static void enable_profile_very_weak(gnutls_priority_t c)
+{
+	ENABLE_PROFILE(c, GNUTLS_PROFILE_VERY_WEAK);
+}
+static void enable_profile_low(gnutls_priority_t c)
+{
+	ENABLE_PROFILE(c, GNUTLS_PROFILE_LOW);
+}
+static void enable_profile_legacy(gnutls_priority_t c)
+{
+	ENABLE_PROFILE(c, GNUTLS_PROFILE_LEGACY);
+}
+static void enable_profile_medium(gnutls_priority_t c)
+{
+	ENABLE_PROFILE(c, GNUTLS_PROFILE_MEDIUM);
+}
+static void enable_profile_high(gnutls_priority_t c)
+{
+	ENABLE_PROFILE(c, GNUTLS_PROFILE_HIGH);
+}
+static void enable_profile_ultra(gnutls_priority_t c)
+{
+	ENABLE_PROFILE(c, GNUTLS_PROFILE_ULTRA);
+}
+static void enable_profile_future(gnutls_priority_t c)
+{
+	ENABLE_PROFILE(c, GNUTLS_PROFILE_FUTURE);
+}
+static void enable_profile_suiteb128(gnutls_priority_t c)
+{
+	ENABLE_PROFILE(c, GNUTLS_PROFILE_SUITEB128);
+}
+static void enable_profile_suiteb192(gnutls_priority_t c)
+{
+	ENABLE_PROFILE(c, GNUTLS_PROFILE_SUITEB128);
+}
+static void enable_safe_renegotiation(gnutls_priority_t c)
+{
+	c->sr = SR_SAFE;
+
+}
+static void enable_unsafe_renegotiation(gnutls_priority_t c)
+{
+	c->sr = SR_UNSAFE;
+}
+static void enable_partial_safe_renegotiation(gnutls_priority_t c)
+{
+	c->sr = SR_PARTIAL;
+}
+static void disable_safe_renegotiation(gnutls_priority_t c)
+{
+	c->sr = SR_DISABLED;
+}
+static void enable_fallback_scsv(gnutls_priority_t c)
+{
+	c->fallback = 1;
+}
+static void enable_latest_record_version(gnutls_priority_t c)
+{
+	c->min_record_version = 0;
+}
+static void enable_ssl3_record_version(gnutls_priority_t c)
+{
+	c->min_record_version = 1;
+}
+static void enable_verify_allow_rsa_md5(gnutls_priority_t c)
+{
+	c->additional_verify_flags |=
+	    GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5;
+}
+static void enable_verify_allow_sha1(gnutls_priority_t c)
+{
+	c->additional_verify_flags |=
+	    GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1;
+}
+static void enable_verify_allow_broken(gnutls_priority_t c)
+{
+	c->additional_verify_flags |=
+	    GNUTLS_VERIFY_ALLOW_BROKEN;
+}
+static void disable_crl_checks(gnutls_priority_t c)
+{
+	c->additional_verify_flags |=
+		GNUTLS_VERIFY_DISABLE_CRL_CHECKS;
+}
+static void enable_server_precedence(gnutls_priority_t c)
+{
+	c->server_precedence = 1;
+}
+static void disable_tls13_compat_mode(gnutls_priority_t c)
+{
+	c->tls13_compat_mode = false;
+}
+static void dummy_func(gnutls_priority_t c)
+{
+}
+
+#include <priority_options.h>
+
+struct cfg {
+	bool allowlisting;
+	bool ktls_enabled;
+
+	name_val_array_t priority_strings;
+	char *priority_string;
+	char *default_priority_string;
+	gnutls_certificate_verification_profiles_t verification_profile;
+
+	gnutls_cipher_algorithm_t ciphers[MAX_ALGOS+1];
+	gnutls_mac_algorithm_t macs[MAX_ALGOS+1];
+	gnutls_group_t groups[MAX_ALGOS+1];
+	gnutls_kx_algorithm_t kxs[MAX_ALGOS+1];
+	gnutls_sign_algorithm_t sigs[MAX_ALGOS+1];
+	gnutls_protocol_t versions[MAX_ALGOS+1];
+
+	gnutls_digest_algorithm_t hashes[MAX_ALGOS+1];
+	gnutls_ecc_curve_t ecc_curves[MAX_ALGOS+1];
+	gnutls_sign_algorithm_t sigs_for_cert[MAX_ALGOS+1];
+};
+
+static inline void
+cfg_deinit(struct cfg *cfg)
+{
+	if (cfg->priority_strings) {
+		_name_val_array_clear(&cfg->priority_strings);
+	}
+	gnutls_free(cfg->priority_string);
+	gnutls_free(cfg->default_priority_string);
+}
+
+/* Lock for reading and writing system_wide_config */
+GNUTLS_RWLOCK(system_wide_config_rwlock);
+static struct cfg system_wide_config;
+
+static unsigned fail_on_invalid_config = 0;
+static const char *system_priority_file = SYSTEM_PRIORITY_FILE;
+static time_t system_priority_last_mod = 0;
+static unsigned system_priority_file_loaded = 0;
+
+#define GLOBAL_SECTION "global"
+#define CUSTOM_PRIORITY_SECTION "priorities"
+#define OVERRIDES_SECTION "overrides"
+#define MAX_ALGO_NAME 2048
+
+bool _gnutls_allowlisting_mode(void)
+{
+	return system_wide_config.allowlisting;
+}
+
+static void _clear_default_system_priority(void)
+{
+	gnutls_free(system_wide_config.default_priority_string);
+	system_wide_config.default_priority_string = NULL;
+
+	_gnutls_default_priority_string = DEFAULT_PRIORITY_STRING;
+}
+
+gnutls_certificate_verification_profiles_t _gnutls_get_system_wide_verification_profile(void)
+{
+	return system_wide_config.verification_profile;
+}
+
+/* removes spaces */
+static char *clear_spaces(const char *str, char out[MAX_ALGO_NAME])
+{
+	const char *p = str;
+	unsigned i = 0;
+
+	while (c_isspace(*p))
+		p++;
+
+	while (!c_isspace(*p) && *p != 0) {
+		out[i++] = *p;
+		p++;
+
+		if (i >= MAX_ALGO_NAME-1)
+			break;
+	}
+	out[i] = 0;
+	return out;
+}
+
+struct ini_ctx {
+	struct cfg cfg;
+
+	gnutls_digest_algorithm_t *hashes;
+	size_t hashes_size;
+	gnutls_sign_algorithm_t *sigs;
+	size_t sigs_size;
+	gnutls_sign_algorithm_t *sigs_for_cert;
+	size_t sigs_for_cert_size;
+	gnutls_protocol_t *versions;
+	size_t versions_size;
+	gnutls_ecc_curve_t *curves;
+	size_t curves_size;
+};
+
+static inline void
+ini_ctx_deinit(struct ini_ctx *ctx)
+{
+	cfg_deinit(&ctx->cfg);
+	gnutls_free(ctx->hashes);
+	gnutls_free(ctx->sigs);
+	gnutls_free(ctx->sigs_for_cert);
+	gnutls_free(ctx->versions);
+	gnutls_free(ctx->curves);
+}
+
+static inline void
+cfg_steal(struct cfg *dst, struct cfg *src)
+{
+	dst->verification_profile = src->verification_profile;
+
+	dst->priority_strings = src->priority_strings;
+	src->priority_strings = NULL;
+
+	dst->priority_string = src->priority_string;
+	src->priority_string = NULL;
+
+	dst->default_priority_string = src->default_priority_string;
+	src->default_priority_string = NULL;
+
+	dst->allowlisting = src->allowlisting;
+	dst->ktls_enabled = src->ktls_enabled;
+	memcpy(dst->ciphers, src->ciphers, sizeof(src->ciphers));
+	memcpy(dst->macs, src->macs, sizeof(src->macs));
+	memcpy(dst->groups, src->groups, sizeof(src->groups));
+	memcpy(dst->kxs, src->kxs, sizeof(src->kxs));
+	memcpy(dst->hashes, src->hashes, sizeof(src->hashes));
+	memcpy(dst->ecc_curves, src->ecc_curves, sizeof(src->ecc_curves));
+	memcpy(dst->sigs, src->sigs, sizeof(src->sigs));
+	memcpy(dst->sigs_for_cert, src->sigs_for_cert,
+	       sizeof(src->sigs_for_cert));
+}
+
+/*
+ * synchronizing changes from struct cfg to global `lib/algorithms` arrays
+ */
+
+/* global side-effect! modifies `flags` in `hash_algorithms[]` */
+static inline int /* allowlisting-only */
+_cfg_hashes_remark(struct cfg* cfg)
+{
+	size_t i;
+	_gnutls_digest_mark_insecure_all();
+	for (i = 0; cfg->hashes[i] != 0; i++) {
+		int ret = _gnutls_digest_set_secure(cfg->hashes[i], 1);
+		if (unlikely(ret < 0)) {
+			return gnutls_assert_val(ret);
+		}
+	}
+	return 0;
+}
+
+/* global side-effect! modifies `flags` in `sign_algorithms[]` */
+static inline int /* allowlisting-only */
+_cfg_sigs_remark(struct cfg* cfg)
+{
+	size_t i;
+	_gnutls_sign_mark_insecure_all(_INSECURE);
+	for (i = 0; cfg->sigs[i] != 0; i++) {
+		int ret = _gnutls_sign_set_secure(cfg->sigs[i],
+		                                  _INSECURE_FOR_CERTS);
+		if (unlikely(ret < 0)) {
+			return gnutls_assert_val(ret);
+		}
+	}
+	for (i = 0; cfg->sigs_for_cert[i] != 0; i++) {
+		int ret = _gnutls_sign_set_secure(cfg->sigs_for_cert[i],
+		                                  _SECURE);
+		if (unlikely(ret < 0)) {
+			return gnutls_assert_val(ret);
+		}
+	}
+	return 0;
+}
+
+/* global side-effect! modifies `supported` in `sup_versions[]` */
+static inline int /* allowlisting-only */
+_cfg_versions_remark(struct cfg* cfg)
+{
+	size_t i;
+	_gnutls_version_mark_disabled_all();
+	for (i = 0; cfg->versions[i] != 0; i++) {
+		int ret = _gnutls_protocol_set_enabled(cfg->versions[i], 1);
+		if (unlikely(ret < 0)) {
+			return gnutls_assert_val(ret);
+		}
+	}
+	return 0;
+}
+
+/* global side-effect! modifies `supported` in `ecc_curves[]` */
+static inline int /* allowlisting-only */
+_cfg_ecc_curves_remark(struct cfg* cfg)
+{
+	size_t i;
+	_gnutls_ecc_curve_mark_disabled_all();
+	for (i = 0; cfg->ecc_curves[i] != 0; i++) {
+		int ret = _gnutls_ecc_curve_set_enabled(cfg->ecc_curves[i], 1);
+		if (unlikely(ret < 0)) {
+			return gnutls_assert_val(ret);
+		}
+	}
+	return 0;
+}
+
+/*
+ * setting arrays of struct cfg: from other arrays
+ */
+
+static inline int /* allowlisting-only */
+cfg_hashes_set_array(struct cfg* cfg,
+		     gnutls_digest_algorithm_t* src, size_t len)
+{
+	if (unlikely(len >= MAX_ALGOS)) {
+		return gnutls_assert_val(GNUTLS_A_INTERNAL_ERROR);
+	}
+	if (len) {
+		memcpy(cfg->hashes,
+		       src, sizeof(gnutls_digest_algorithm_t) * len);
+	}
+	cfg->hashes[len] = 0;
+	return _cfg_hashes_remark(cfg);
+}
+
+static inline int /* allowlisting-only */
+cfg_sigs_set_arrays(struct cfg* cfg,
+		    gnutls_sign_algorithm_t* src, size_t len,
+		    gnutls_sign_algorithm_t* src_for_cert, size_t len_for_cert)
+{
+	if (unlikely(len >= MAX_ALGOS)) {
+		return gnutls_assert_val(GNUTLS_A_INTERNAL_ERROR);
+	}
+	if (unlikely(len_for_cert >= MAX_ALGOS)) {
+		return gnutls_assert_val(GNUTLS_A_INTERNAL_ERROR);
+	}
+	if (len) {
+		memcpy(cfg->sigs, src, sizeof(gnutls_sign_algorithm_t) * len);
+	}
+	if (len_for_cert) {
+		memcpy(cfg->sigs_for_cert, src_for_cert,
+		       sizeof(gnutls_sign_algorithm_t) * len_for_cert);
+	}
+	cfg->sigs[len] = 0;
+	cfg->sigs_for_cert[len_for_cert] = 0;
+	return _cfg_sigs_remark(cfg);
+}
+
+static inline int /* allowlisting-only */
+cfg_versions_set_array(struct cfg* cfg, gnutls_protocol_t* src, size_t len)
+{
+	if (unlikely(len >= MAX_ALGOS)) {
+		return gnutls_assert_val(GNUTLS_A_INTERNAL_ERROR);
+	}
+	if (len) {
+		memcpy(cfg->versions, src, sizeof(gnutls_protocol_t) * len);
+	}
+	cfg->versions[len] = 0;
+	return _cfg_versions_remark(cfg);
+}
+
+static inline int /* allowlisting-only */
+cfg_ecc_curves_set_array(struct cfg* cfg, gnutls_ecc_curve_t* src, size_t len)
+{
+	if (unlikely(len >= MAX_ALGOS)) {
+		return gnutls_assert_val(GNUTLS_A_INTERNAL_ERROR);
+	}
+	if (len) {
+		memcpy(cfg->ecc_curves, src, sizeof(gnutls_ecc_curve_t) * len);
+	}
+	cfg->ecc_curves[len] = 0;
+	return _cfg_ecc_curves_remark(cfg);
+}
+
+/*
+ * appending to arrays of struct cfg
+ */
+
+/* polymorphic way to DRY this operation. other possible approaches:
+ * 1. just unmacro (long)
+ * 2. cast to ints and write a function operating on ints
+ *    (hacky, every call is +4 lines, needs a portable static assert)
+ * 3. macro whole functions, not just this operation (harder to find/read)
+ */
+#define APPEND_TO_NULL_TERMINATED_ARRAY(dst, element) \
+	do { \
+		size_t i; \
+		for (i = 0; dst[i] != 0; i++) { \
+			if (dst[i] == element) { \
+				return 0; \
+			} \
+		} \
+		if (unlikely(i >= MAX_ALGOS)) { \
+			return gnutls_assert_val(GNUTLS_A_INTERNAL_ERROR); \
+		} \
+		dst[i] = element; \
+		dst[i + 1] = 0; \
+	} while (0)
+
+static inline int /* allowlisting-only */
+cfg_hashes_add(struct cfg *cfg, gnutls_digest_algorithm_t dig)
+{
+	_gnutls_debug_log("cfg: enabling digest algorithm %s\n",
+	                  gnutls_digest_get_name(dig));
+	APPEND_TO_NULL_TERMINATED_ARRAY(cfg->hashes, dig);
+	return _cfg_hashes_remark(cfg);
+}
+
+static inline int /* allowlisting-only */
+cfg_sigs_add(struct cfg *cfg, gnutls_sign_algorithm_t sig)
+{
+	_gnutls_debug_log("cfg: enabling signature algorithm "
+	                  "(for non-certificate usage) "
+	                  "%s\n", gnutls_sign_get_name(sig));
+	APPEND_TO_NULL_TERMINATED_ARRAY(cfg->sigs, sig);
+	return _cfg_sigs_remark(cfg);
+}
+
+static inline int /* allowlisting-only */
+cfg_sigs_for_cert_add(struct cfg *cfg, gnutls_sign_algorithm_t sig)
+{
+	_gnutls_debug_log("cfg: enabling signature algorithm"
+	                  "(for certificate usage) "
+	                  "%s\n", gnutls_sign_get_name(sig));
+	APPEND_TO_NULL_TERMINATED_ARRAY(cfg->sigs_for_cert, sig);
+	return _cfg_sigs_remark(cfg);
+}
+
+static inline int /* allowlisting-only */
+cfg_versions_add(struct cfg *cfg, gnutls_protocol_t prot)
+{
+	_gnutls_debug_log("cfg: enabling version %s\n",
+	                  gnutls_protocol_get_name(prot));
+	APPEND_TO_NULL_TERMINATED_ARRAY(cfg->versions, prot);
+	return _cfg_versions_remark(cfg);
+}
+
+static inline int /* allowlisting-only */
+cfg_ecc_curves_add(struct cfg *cfg, gnutls_ecc_curve_t curve)
+{
+	_gnutls_debug_log("cfg: enabling curve %s\n",
+	                  gnutls_ecc_curve_get_name(curve));
+	APPEND_TO_NULL_TERMINATED_ARRAY(cfg->ecc_curves, curve);
+	return _cfg_ecc_curves_remark(cfg);
+}
+
+#undef APPEND_TO_NULL_TERMINATED_ARRAY
+
+/*
+ * removing from arrays of struct cfg
+ */
+
+/* polymorphic way to DRY this removal, see APPEND_TO_NULL_TERMINATED_ARRAY */
+#define REMOVE_FROM_NULL_TERMINATED_ARRAY(dst, element) \
+	do { \
+		size_t i, j; \
+		for (i = 0; dst[i] != 0; i++) { \
+			if (dst[i] == element) { \
+				for (j = i; dst[j] != 0; j++) { \
+					dst[j] = dst[j + 1]; \
+				} \
+			} \
+		} \
+	} while (0)
+
+static inline int /* allowlisting-only */
+cfg_hashes_remove(struct cfg *cfg, gnutls_digest_algorithm_t dig)
+{
+	_gnutls_debug_log("cfg: disabling digest algorithm %s\n",
+	                  gnutls_digest_get_name(dig));
+	REMOVE_FROM_NULL_TERMINATED_ARRAY(cfg->hashes, dig);
+	return _cfg_hashes_remark(cfg);
+}
+
+static inline int /* allowlisting-only */
+cfg_sigs_remove(struct cfg *cfg, gnutls_sign_algorithm_t sig)
+{
+	_gnutls_debug_log("cfg: disabling signature algorithm "
+	                  "(for non-certificate usage) "
+	                  "%s\n", gnutls_sign_get_name(sig));
+	REMOVE_FROM_NULL_TERMINATED_ARRAY(cfg->sigs, sig);
+	return _cfg_sigs_remark(cfg);
+}
+
+static inline int /* allowlisting-only */
+cfg_sigs_for_cert_remove(struct cfg *cfg, gnutls_sign_algorithm_t sig)
+{
+	_gnutls_debug_log("cfg: disabling signature algorithm"
+	                  "(for certificate usage) "
+	                  "%s\n", gnutls_sign_get_name(sig));
+	REMOVE_FROM_NULL_TERMINATED_ARRAY(cfg->sigs_for_cert, sig);
+	return _cfg_sigs_remark(cfg);
+}
+
+static inline int /* allowlisting-only */
+cfg_versions_remove(struct cfg *cfg, gnutls_protocol_t prot)
+{
+	_gnutls_debug_log("cfg: disabling version %s\n",
+	                  gnutls_protocol_get_name(prot));
+	REMOVE_FROM_NULL_TERMINATED_ARRAY(cfg->versions, prot);
+	return _cfg_versions_remark(cfg);
+}
+
+static inline int /* allowlisting-only */
+cfg_ecc_curves_remove(struct cfg *cfg, gnutls_ecc_curve_t curve)
+{
+	_gnutls_debug_log("cfg: disabling curve %s\n",
+	                  gnutls_ecc_curve_get_name(curve));
+	REMOVE_FROM_NULL_TERMINATED_ARRAY(cfg->ecc_curves, curve);
+	return _cfg_ecc_curves_remark(cfg);
+}
+
+static inline int
+cfg_apply(struct cfg *cfg, struct ini_ctx *ctx)
+{
+	size_t i;
+	int ret;
+
+	cfg_steal(cfg, &ctx->cfg);
+
+	if (cfg->default_priority_string) {
+		_gnutls_default_priority_string = cfg->default_priority_string;
+	}
+
+	if (cfg->allowlisting) {
+		/* also updates `flags` of global `hash_algorithms[]` */
+		ret = cfg_hashes_set_array(cfg, ctx->hashes, ctx->hashes_size);
+		if (unlikely(ret < 0)) {
+			return gnutls_assert_val(ret);
+		}
+		/* also updates `flags` of global `sign_algorithms[]` */
+		ret = cfg_sigs_set_arrays(cfg, ctx->sigs, ctx->sigs_size,
+					  ctx->sigs_for_cert,
+					  ctx->sigs_for_cert_size);
+		if (unlikely(ret < 0)) {
+			return gnutls_assert_val(ret);
+		}
+		/* also updates `supported` field of global `sup_versions[]` */
+		ret = cfg_versions_set_array(cfg,
+					     ctx->versions, ctx->versions_size);
+		if (unlikely(ret < 0)) {
+			return gnutls_assert_val(ret);
+		}
+		/* also updates `supported` field of global `ecc_curves[]` */
+		ret = cfg_ecc_curves_set_array(cfg,
+					       ctx->curves, ctx->curves_size);
+		if (unlikely(ret < 0)) {
+			return gnutls_assert_val(ret);
+		}
+	} else {
+		/* updates same global arrays as above, but doesn't store
+		 * the algorithms into the `struct cfg` as allowlisting does.
+		 * blocklisting doesn't allow relaxing the restrictions */
+		for (i = 0; i < ctx->hashes_size; i++) {
+			ret = _gnutls_digest_mark_insecure(ctx->hashes[i]);
+			if (unlikely(ret < 0)) {
+				return ret;
+			}
+		}
+		for (i = 0; i < ctx->sigs_size; i++) {
+			ret = _gnutls_sign_mark_insecure(ctx->sigs[i],
+							     _INSECURE);
+			if (unlikely(ret < 0)) {
+				return ret;
+			}
+		}
+		for (i = 0; i < ctx->sigs_for_cert_size; i++) {
+			ret = _gnutls_sign_mark_insecure(ctx->sigs_for_cert[i], _INSECURE_FOR_CERTS);
+			if (unlikely(ret < 0)) {
+				return ret;
+			}
+		}
+		for (i = 0; i < ctx->versions_size; i++) {
+			ret = _gnutls_version_mark_disabled(ctx->versions[i]);
+			if (unlikely(ret < 0)) {
+				return ret;
+			}
+		}
+		for (i = 0; i < ctx->curves_size; i++) {
+			ret = _gnutls_ecc_curve_mark_disabled(ctx->curves[i]);
+			if (unlikely(ret < 0)) {
+				return ret;
+			}
+		}
+	}
+
+	return 0;
+}
+
+/* This function parses the global section of the configuration file.
+ */
+static int global_ini_handler(void *ctx, const char *section, const char *name, const char *value)
+{
+	char *p;
+	char str[MAX_ALGO_NAME];
+	struct cfg *cfg = ctx;
+
+	if (section != NULL && c_strcasecmp(section, GLOBAL_SECTION) == 0) {
+		if (c_strcasecmp(name, "override-mode") == 0) {
+			p = clear_spaces(value, str);
+			if (c_strcasecmp(p, "allowlist") == 0) {
+				cfg->allowlisting = true;
+			} else if (c_strcasecmp(p, "blocklist") == 0) {
+				cfg->allowlisting = false;
+			} else {
+				_gnutls_debug_log("cfg: unknown override mode %s\n",
+					p);
+				if (fail_on_invalid_config)
+					return 0;
+			}
+		} else if (c_strcasecmp(name, "ktls") == 0) {
+			p = clear_spaces(value, str);
+			if (c_strcasecmp(p, "true") == 0) {
+				cfg->ktls_enabled = true;
+			} else {
+				_gnutls_debug_log("cfg: unknown ktls mode %s\n",
+					p);
+				if (fail_on_invalid_config)
+					return 0;
+			}
+		} else {
+			_gnutls_debug_log("unknown parameter %s\n", name);
+			if (fail_on_invalid_config)
+				return 0;
+		}
+	}
+
+	return 1;
+}
+
+static bool
+override_allowed(bool allowlisting, const char *name)
+{
+	static const struct {
+		const char *allowlist_name;
+		const char *blocklist_name;
+	} names[] = {
+		{ "secure-hash", "insecure-hash" },
+		{ "secure-sig", "insecure-sig" },
+		{ "secure-sig-for-cert", "insecure-sig-for-cert" },
+		{ "enabled-version", "disabled-version" },
+		{ "enabled-curve", "disabled-curve" },
+		{ "tls-enabled-cipher", "tls-disabled-cipher" },
+		{ "tls-enabled-group", "tls-disabled-group" },
+		{ "tls-enabled-kx", "tls-disabled-kx" },
+		{ "tls-enabled-mac", "tls-disabled-mac" }
+	};
+	size_t i;
+
+	for (i = 0; i < sizeof(names) / sizeof(names[0]); i++) {
+		if (c_strcasecmp(name,
+				 allowlisting ?
+				 names[i].blocklist_name :
+				 names[i].allowlist_name) == 0)
+			return false;
+	}
+
+	return true;
+}
+
+/* This function parses a gnutls configuration file.  Updating internal settings
+ * according to the parsed configuration is done by cfg_apply.
+ */
+static int cfg_ini_handler(void *_ctx, const char *section, const char *name, const char *value)
+{
+	char *p;
+	int ret;
+	unsigned i;
+	char str[MAX_ALGO_NAME];
+	struct ini_ctx *ctx = _ctx;
+	struct cfg *cfg = &ctx->cfg;
+
+	/* Note that we intentionally overwrite the value above; inih does
+	 * not use that value after we handle it. */
+
+	/* Parse sections */
+	if (section == NULL || section[0] == 0 || c_strcasecmp(section, CUSTOM_PRIORITY_SECTION)==0) {
+		_gnutls_debug_log("cfg: adding priority: %s -> %s\n", name, value);
+
+		ret = _name_val_array_append(&cfg->priority_strings, name, value);
+		if (ret < 0)
+			return 0;
+	} else if (c_strcasecmp(section, OVERRIDES_SECTION)==0) {
+		if (!override_allowed(cfg->allowlisting, name)) {
+			_gnutls_debug_log("cfg: %s is not allowed in this mode\n",
+					  name);
+			if (fail_on_invalid_config)
+				return 0;
+		} else if (c_strcasecmp(name, "default-priority-string")==0) {
+			if (cfg->default_priority_string) {
+				gnutls_free(cfg->default_priority_string);
+				cfg->default_priority_string = NULL;
+			}
+			p = clear_spaces(value, str);
+			_gnutls_debug_log("cfg: setting default-priority-string to %s\n", p);
+			if (strlen(p) > 0) {
+				cfg->default_priority_string = gnutls_strdup(p);
+				if (!cfg->default_priority_string) {
+					_gnutls_debug_log("cfg: failed setting default-priority-string\n");
+					return 0;
+				}
+			} else {
+				_gnutls_debug_log("cfg: empty default-priority-string, using default\n");
+				if (fail_on_invalid_config)
+					return 0;
+			}
+		} else if (c_strcasecmp(name, "insecure-hash") == 0 ||
+			   c_strcasecmp(name, "secure-hash") == 0) {
+			gnutls_digest_algorithm_t dig, *tmp;
+
+			p = clear_spaces(value, str);
+
+			if (cfg->allowlisting) {
+				_gnutls_debug_log("cfg: marking hash %s as secure\n",
+						  p);
+			} else {
+				_gnutls_debug_log("cfg: marking hash %s as insecure\n",
+						  p);
+			}
+
+			dig = gnutls_digest_get_id(p);
+			if (dig == GNUTLS_DIG_UNKNOWN) {
+				_gnutls_debug_log("cfg: found unknown hash %s in %s\n",
+						  p, name);
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+			tmp = _gnutls_reallocarray(ctx->hashes,
+						   ctx->hashes_size + 1,
+						   sizeof(gnutls_digest_algorithm_t));
+			if (!tmp) {
+				if (cfg->allowlisting) {
+					_gnutls_debug_log("cfg: failed marking hash %s as secure\n",
+							  p);
+				} else {
+					_gnutls_debug_log("cfg: failed marking hash %s as insecure\n",
+							  p);
+				}
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+
+			ctx->hashes = tmp;
+			ctx->hashes[ctx->hashes_size] = dig;
+			ctx->hashes_size++;
+		} else if (c_strcasecmp(name, "insecure-sig") == 0 ||
+			   c_strcasecmp(name, "secure-sig") == 0) {
+			gnutls_sign_algorithm_t sig, *tmp;
+
+			p = clear_spaces(value, str);
+
+			if (cfg->allowlisting) {
+				_gnutls_debug_log("cfg: marking signature %s as secure\n",
+						  p);
+			} else {
+				_gnutls_debug_log("cfg: marking signature %s as insecure\n",
+						  p);
+			}
+
+			sig = gnutls_sign_get_id(p);
+			if (sig == GNUTLS_SIGN_UNKNOWN) {
+				_gnutls_debug_log("cfg: found unknown signature algorithm %s in %s\n",
+						  p, name);
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+			tmp = _gnutls_reallocarray(ctx->sigs,
+						   ctx->sigs_size + 1,
+						   sizeof(gnutls_sign_algorithm_t));
+			if (!tmp) {
+				if (cfg->allowlisting) {
+					_gnutls_debug_log("cfg: failed marking signature %s as secure\n",
+							  p);
+				} else {
+					_gnutls_debug_log("cfg: failed marking signature %s as insecure\n",
+							  p);
+				}
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+
+			ctx->sigs = tmp;
+			ctx->sigs[ctx->sigs_size] = sig;
+			ctx->sigs_size++;
+		} else if (c_strcasecmp(name, "insecure-sig-for-cert") == 0 ||
+			   c_strcasecmp(name, "secure-sig-for-cert") == 0) {
+			gnutls_sign_algorithm_t sig, *tmp;
+
+			p = clear_spaces(value, str);
+
+			if (cfg->allowlisting) {
+				_gnutls_debug_log("cfg: marking signature %s as secure for certs\n",
+						  p);
+			} else {
+				_gnutls_debug_log("cfg: marking signature %s as insecure for certs\n",
+						  p);
+			}
+
+			sig = gnutls_sign_get_id(p);
+			if (sig == GNUTLS_SIGN_UNKNOWN) {
+				_gnutls_debug_log("cfg: found unknown signature algorithm %s in %s\n",
+						  p, name);
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+			tmp = _gnutls_reallocarray(ctx->sigs_for_cert,
+						   ctx->sigs_for_cert_size + 1,
+						   sizeof(gnutls_sign_algorithm_t));
+			if (!tmp) {
+				if (cfg->allowlisting) {
+					_gnutls_debug_log("cfg: failed marking signature %s as secure for certs\n",
+							  p);
+				} else {
+					_gnutls_debug_log("cfg: failed marking signature %s as insecure for certs\n",
+							  p);
+				}
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+
+			ctx->sigs_for_cert = tmp;
+			ctx->sigs_for_cert[ctx->sigs_for_cert_size] = sig;
+			ctx->sigs_for_cert_size++;
+		} else if (c_strcasecmp(name, "disabled-version") == 0 ||
+			   c_strcasecmp(name, "enabled-version") == 0) {
+			gnutls_protocol_t prot, *tmp;
+
+			p = clear_spaces(value, str);
+
+			if (cfg->allowlisting) {
+				_gnutls_debug_log("cfg: enabling version %s\n",
+						  p);
+			} else {
+				_gnutls_debug_log("cfg: disabling version %s\n",
+						  p);
+			}
+
+			prot = gnutls_protocol_get_id(p);
+			if (prot == GNUTLS_VERSION_UNKNOWN) {
+				_gnutls_debug_log("cfg: found unknown version %s in %s\n",
+						  p, name);
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+			tmp = _gnutls_reallocarray(ctx->versions,
+						   ctx->versions_size + 1,
+						   sizeof(gnutls_protocol_t));
+			if (!tmp) {
+				if (cfg->allowlisting) {
+					_gnutls_debug_log("cfg: failed enabling version %s\n",
+							  p);
+				} else {
+					_gnutls_debug_log("cfg: failed disabling version %s\n",
+							  p);
+				}
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+
+			ctx->versions = tmp;
+			ctx->versions[ctx->versions_size] = prot;
+			ctx->versions_size++;
+		} else if (c_strcasecmp(name, "disabled-curve") == 0 ||
+			   c_strcasecmp(name, "enabled-curve") == 0) {
+			gnutls_ecc_curve_t curve, *tmp;
+
+			p = clear_spaces(value, str);
+
+			if (cfg->allowlisting) {
+				_gnutls_debug_log("cfg: enabling curve %s\n",
+						  p);
+			} else {
+				_gnutls_debug_log("cfg: disabling curve %s\n",
+						  p);
+			}
+
+			curve = gnutls_ecc_curve_get_id(p);
+			if (curve == GNUTLS_ECC_CURVE_INVALID) {
+				_gnutls_debug_log("cfg: found unknown curve %s in %s\n",
+						  p, name);
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+			tmp = _gnutls_reallocarray(ctx->curves,
+						   ctx->curves_size + 1,
+						   sizeof(gnutls_ecc_curve_t));
+			if (!tmp) {
+				if (cfg->allowlisting) {
+					_gnutls_debug_log("cfg: failed enabling curve %s\n",
+							  p);
+				} else {
+					_gnutls_debug_log("cfg: failed disabling curve %s\n",
+							  p);
+				}
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+
+			ctx->curves = tmp;
+			ctx->curves[ctx->curves_size] = curve;
+			ctx->curves_size++;
+		} else if (c_strcasecmp(name, "min-verification-profile")==0) {
+			gnutls_certificate_verification_profiles_t profile;
+			profile = gnutls_certificate_verification_profile_get_id(value);
+
+			if (profile == GNUTLS_PROFILE_UNKNOWN) {
+				_gnutls_debug_log("cfg: found unknown profile %s in %s\n",
+						  value, name);
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+
+			cfg->verification_profile = profile;
+		} else if (c_strcasecmp(name, "tls-disabled-cipher") == 0 ||
+			   c_strcasecmp(name, "tls-enabled-cipher") == 0) {
+			gnutls_cipher_algorithm_t algo;
+
+			p = clear_spaces(value, str);
+
+			if (cfg->allowlisting) {
+				_gnutls_debug_log("cfg: enabling cipher %s for TLS\n",
+						  p);
+			} else {
+				_gnutls_debug_log("cfg: disabling cipher %s for TLS\n",
+						  p);
+			}
+
+			algo = gnutls_cipher_get_id(p);
+			if (algo == GNUTLS_CIPHER_UNKNOWN) {
+				_gnutls_debug_log("cfg: unknown algorithm %s listed at %s\n",
+						  p, name);
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+
+			i = 0;
+			while (cfg->ciphers[i] != 0)
+				i++;
+
+			if (i > MAX_ALGOS-1) {
+				if (cfg->allowlisting) {
+					_gnutls_debug_log("cfg: too many (%d) enabled ciphers from %s\n",
+							  i, name);
+				} else {
+					_gnutls_debug_log("cfg: too many (%d) disabled ciphers from %s\n",
+							  i, name);
+				}
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+			cfg->ciphers[i] = algo;
+			cfg->ciphers[i+1] = 0;
+
+		} else if (c_strcasecmp(name, "tls-disabled-mac") == 0 ||
+			   c_strcasecmp(name, "tls-enabled-mac") == 0) {
+			gnutls_mac_algorithm_t algo;
+
+			p = clear_spaces(value, str);
+
+			if (cfg->allowlisting) {
+				_gnutls_debug_log("cfg: enabling MAC %s for TLS\n",
+						  p);
+			} else {
+				_gnutls_debug_log("cfg: disabling MAC %s for TLS\n",
+						  p);
+			}
+
+			algo = gnutls_mac_get_id(p);
+			if (algo == 0) {
+				_gnutls_debug_log("cfg: unknown algorithm %s listed at %s\n",
+						  p, name);
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+
+			i = 0;
+			while (cfg->macs[i] != 0)
+				i++;
+
+			if (i > MAX_ALGOS-1) {
+				if (cfg->allowlisting) {
+					_gnutls_debug_log("cfg: too many (%d) enabled MACs from %s\n",
+							  i, name);
+				} else {
+					_gnutls_debug_log("cfg: too many (%d) disabled MACs from %s\n",
+							  i, name);
+				}
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+			cfg->macs[i] = algo;
+			cfg->macs[i+1] = 0;
+		} else if (c_strcasecmp(name, "tls-disabled-group") == 0 ||
+			   c_strcasecmp(name, "tls-enabled-group") == 0) {
+			gnutls_group_t algo;
+
+			p = clear_spaces(value, str);
+
+			if (c_strncasecmp(p, "GROUP-", 6) == 0)
+				p += 6;
+
+			if (cfg->allowlisting) {
+				_gnutls_debug_log("cfg: enabling group %s for TLS\n",
+						  p);
+			} else {
+				_gnutls_debug_log("cfg: disabling group %s for TLS\n",
+						  p);
+			}
+
+			algo = _gnutls_group_get_id(p);
+			if (algo == 0) {
+				_gnutls_debug_log("cfg: unknown group %s listed at %s\n",
+						  p, name);
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+
+			i = 0;
+			while (cfg->groups[i] != 0)
+				i++;
+
+			if (i > MAX_ALGOS-1) {
+				if (cfg->allowlisting) {
+					_gnutls_debug_log("cfg: too many (%d) enabled groups from %s\n",
+							  i, name);
+				} else {
+					_gnutls_debug_log("cfg: too many (%d) disabled groups from %s\n",
+							  i, name);
+				}
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+			cfg->groups[i] = algo;
+			cfg->groups[i+1] = 0;
+		} else if (c_strcasecmp(name, "tls-disabled-kx") == 0 ||
+			   c_strcasecmp(name, "tls-enabled-kx") == 0) {
+			unsigned algo;
+
+			p = clear_spaces(value, str);
+
+			if (cfg->allowlisting) {
+				_gnutls_debug_log("cfg: enabling key exchange %s for TLS\n",
+						  p);
+			} else {
+				_gnutls_debug_log("cfg: disabling key exchange %s for TLS\n",
+						  p);
+			}
+
+			algo = gnutls_kx_get_id(p);
+			if (algo == 0) {
+				_gnutls_debug_log("cfg: unknown key exchange %s listed at %s\n",
+						  p, name);
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+
+			i = 0;
+			while (cfg->kxs[i] != 0)
+				i++;
+
+			if (i > MAX_ALGOS-1) {
+				if (cfg->allowlisting) {
+					_gnutls_debug_log("cfg: too many (%d) enabled key exchanges from %s\n",
+							  i, name);
+				} else {
+					_gnutls_debug_log("cfg: too many (%d) disabled key exchanges from %s\n",
+							  i, name);
+				}
+				if (fail_on_invalid_config)
+					return 0;
+				goto exit;
+			}
+			cfg->kxs[i] = algo;
+			cfg->kxs[i+1] = 0;
+		} else {
+			_gnutls_debug_log("unknown parameter %s\n", name);
+			if (fail_on_invalid_config)
+				return 0;
+		}
+	} else if (c_strcasecmp(section, GLOBAL_SECTION) != 0) {
+		_gnutls_debug_log("cfg: unknown section %s\n",
+				  section);
+		if (fail_on_invalid_config)
+			return 0;
+	}
+
+ exit:
+	return 1;
+}
+
+static int /* not locking system_wide_config */
+construct_system_wide_priority_string(gnutls_buffer_st* buf)
+{
+	int ret;
+	size_t i;
+
+	_gnutls_buffer_init(buf);
+
+	ret = _gnutls_buffer_append_str(buf, "NONE");
+	if (ret < 0) {
+		_gnutls_buffer_clear(buf);
+		return ret;
+	}
+
+	for (i = 0; system_wide_config.kxs[i] != 0; i++) {
+		ret = _gnutls_buffer_append_str(buf, ":+");
+		if (ret < 0) {
+			_gnutls_buffer_clear(buf);
+			return ret;
+		}
+
+		ret = _gnutls_buffer_append_str(buf,
+						gnutls_kx_get_name(system_wide_config.kxs[i]));
+		if (ret < 0) {
+			_gnutls_buffer_clear(buf);
+			return ret;
+		}
+	}
+
+	for (i = 0; system_wide_config.groups[i] != 0; i++) {
+		ret = _gnutls_buffer_append_str(buf, ":+GROUP-");
+		if (ret < 0) {
+			_gnutls_buffer_clear(buf);
+			return ret;
+		}
+
+		ret = _gnutls_buffer_append_str(buf,
+						gnutls_group_get_name(system_wide_config.groups[i]));
+		if (ret < 0) {
+			_gnutls_buffer_clear(buf);
+			return ret;
+		}
+	}
+
+	for (i = 0; system_wide_config.ciphers[i] != 0; i++) {
+		ret = _gnutls_buffer_append_str(buf, ":+");
+		if (ret < 0) {
+			_gnutls_buffer_clear(buf);
+			return ret;
+		}
+
+		ret = _gnutls_buffer_append_str(buf,
+						gnutls_cipher_get_name(system_wide_config.ciphers[i]));
+		if (ret < 0) {
+			_gnutls_buffer_clear(buf);
+			return ret;
+		}
+	}
+
+	for (i = 0; system_wide_config.macs[i] != 0; i++) {
+		ret = _gnutls_buffer_append_str(buf, ":+");
+		if (ret < 0) {
+			_gnutls_buffer_clear(buf);
+			return ret;
+		}
+
+		ret = _gnutls_buffer_append_str(buf,
+						gnutls_mac_get_name(system_wide_config.macs[i]));
+		if (ret < 0) {
+			_gnutls_buffer_clear(buf);
+			return ret;
+		}
+	}
+
+	for (i = 0; system_wide_config.sigs[i] != 0; i++) {
+		ret = _gnutls_buffer_append_str(buf, ":+SIGN-");
+		if (ret < 0) {
+			_gnutls_buffer_clear(buf);
+			return ret;
+		}
+
+		ret = _gnutls_buffer_append_str(buf,
+						gnutls_sign_get_name(system_wide_config.sigs[i]));
+		if (ret < 0) {
+			_gnutls_buffer_clear(buf);
+			return ret;
+		}
+	}
+
+	for (i = 0; system_wide_config.versions[i] != 0; i++) {
+		ret = _gnutls_buffer_append_str(buf, ":+VERS-");
+		if (ret < 0) {
+			_gnutls_buffer_clear(buf);
+			return ret;
+		}
+
+		ret = _gnutls_buffer_append_str(buf,
+						gnutls_protocol_get_name(system_wide_config.versions[i]));
+		if (ret < 0) {
+			_gnutls_buffer_clear(buf);
+			return ret;
+		}
+	}
+	return 0;
+}
+
+static int /* not locking system_wide_config */
+update_system_wide_priority_string(void)
+{
+	/* doesn't do locking, _gnutls_update_system_priorities does */
+	gnutls_buffer_st buf;
+	int ret;
+
+	ret = construct_system_wide_priority_string(&buf);
+	if (ret < 0) {
+		_gnutls_debug_log("cfg: unable to construct "
+				  "system-wide priority string: %s",
+				  gnutls_strerror(ret));
+		_gnutls_buffer_clear(&buf);
+		return ret;
+	}
+
+	gnutls_free(system_wide_config.priority_string);
+	system_wide_config.priority_string = gnutls_strdup((char *)buf.data);
+	_gnutls_buffer_clear(&buf);
+
+	return 0;
+}
+
+static int _gnutls_update_system_priorities(bool defer_system_wide)
+{
+	int ret, err = 0;
+	struct stat sb;
+	FILE *fp;
+	gnutls_buffer_st buf;
+	struct ini_ctx ctx;
+
+	ret = gnutls_rwlock_rdlock(&system_wide_config_rwlock);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	if (stat(system_priority_file, &sb) < 0) {
+		_gnutls_debug_log("cfg: unable to access: %s: %d\n",
+				  system_priority_file, errno);
+		goto out;
+	}
+
+	if (system_priority_file_loaded &&
+	    system_priority_last_mod == sb.st_mtime) {
+		_gnutls_debug_log("cfg: system priority %s has not changed\n",
+				  system_priority_file);
+		if (system_wide_config.priority_string) {
+			goto out;  /* nothing to do */
+		}
+	}
+
+	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+
+	ret = gnutls_rwlock_wrlock(&system_wide_config_rwlock);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	/* Another thread could have successfully re-read system-wide config,
+	 * skip re-reading if the mtime it has used is exactly the same.
+	 */
+	if (system_priority_file_loaded) {
+		system_priority_file_loaded =
+			(system_priority_last_mod == sb.st_mtime);
+	}
+
+	if (!system_priority_file_loaded) {
+		_name_val_array_clear(&system_wide_config.priority_strings);
+
+		gnutls_free(system_wide_config.priority_string);
+		system_wide_config.priority_string = NULL;
+
+		fp = fopen(system_priority_file, "re");
+		if (fp == NULL) {
+			_gnutls_debug_log("cfg: unable to open: %s: %d\n",
+					  system_priority_file, errno);
+			goto out;
+		}
+		/* Parsing the configuration file needs to be done in 2 phases:
+		 * first parsing the [global] section
+		 * and then the other sections,
+		 * because the [global] section modifies the parsing behavior.
+		 */
+		memset(&ctx, 0, sizeof(ctx));
+		err = ini_parse_file(fp, global_ini_handler, &ctx);
+		if (!err) {
+			if (fseek(fp, 0L, SEEK_SET) < 0) {
+				_gnutls_debug_log("cfg: unable to rewind: %s\n",
+						  system_priority_file);
+				if (fail_on_invalid_config)
+					exit(1);
+			}
+			err = ini_parse_file(fp, cfg_ini_handler, &ctx);
+		}
+		fclose(fp);
+		if (err) {
+			ini_ctx_deinit(&ctx);
+			_gnutls_debug_log("cfg: unable to parse: %s: %d\n",
+					  system_priority_file, err);
+			goto out;
+		}
+		cfg_apply(&system_wide_config, &ctx);
+		ini_ctx_deinit(&ctx);
+		_gnutls_debug_log("cfg: loaded system config %s mtime %lld\n",
+				  system_priority_file,
+				  (unsigned long long)sb.st_mtime);
+
+	}
+
+	if (system_wide_config.allowlisting) {
+		if (defer_system_wide) {
+			/* try constructing a priority string,
+			 * but don't apply it yet, at this point
+			 * we're only interested in whether we can */
+			ret = construct_system_wide_priority_string(&buf);
+			_gnutls_buffer_clear(&buf);
+			_gnutls_debug_log("cfg: deferred setting "
+					  "system-wide priority string\n");
+		} else {
+			ret = update_system_wide_priority_string();
+			_gnutls_debug_log("cfg: finalized "
+					  "system-wide priority string\n");
+		}
+		if (ret < 0) {
+			_gnutls_debug_log("cfg: unable to build priority string: %s\n",
+					  gnutls_strerror(ret));
+			if (fail_on_invalid_config)
+				exit(1);
+			goto out;
+		}
+	}
+
+	system_priority_file_loaded = 1;
+	system_priority_last_mod = sb.st_mtime;
+
+ out:
+	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+
+	if (err && fail_on_invalid_config) {
+		exit(1);
+	}
+
+	return ret;
+}
+
+void _gnutls_prepare_to_load_system_priorities(void)
+{
+	const char *p;
+	int ret;
+
+	p = secure_getenv("GNUTLS_SYSTEM_PRIORITY_FILE");
+	if (p != NULL)
+		system_priority_file = p;
+
+	p = secure_getenv("GNUTLS_SYSTEM_PRIORITY_FAIL_ON_INVALID");
+	if (p != NULL && p[0] == '1' && p[1] == 0)
+		fail_on_invalid_config = 1;
+
+	ret = _gnutls_update_system_priorities(true /* defer_system_wide */);
+	if (ret < 0) {
+		_gnutls_debug_log("failed to update system priorities: %s\n",
+				  gnutls_strerror(ret));
+	}
+}
+
+void _gnutls_unload_system_priorities(void)
+{
+	_name_val_array_clear(&system_wide_config.priority_strings);
+	gnutls_free(system_wide_config.priority_string);
+	_clear_default_system_priority();
+	system_priority_last_mod = 0;
+}
+
+/**
+ * gnutls_get_system_config_file:
+ *
+ * Returns the filename of the system wide configuration
+ * file to be loaded by the library.
+ *
+ * Returns: a constant pointer to the config file path
+ *
+ * Since: 3.6.9
+ **/
+const char *gnutls_get_system_config_file(void)
+{
+	return system_priority_file;
+}
+
+#define S(str) ((str!=NULL)?str:"")
+
+/* Returns the new priorities if a priority string prefixed
+ * with '@' is provided, or just a copy of the provided
+ * priorities, appended with any additional present in
+ * the priorities string.
+ *
+ * The returned string must be released using gnutls_free().
+ */
+char *_gnutls_resolve_priorities(const char* priorities)
+{
+	const char *p = priorities;
+	char *additional = NULL;
+	char *resolved = NULL;
+	const char *ss, *ss_next;
+	unsigned ss_len, ss_next_len;
+	size_t n, n2 = 0;
+	int ret;
+
+	while (c_isspace(*p)) {
+		p++;
+	}
+
+	/* Cannot reduce further. */
+	if (*p != '@') {
+		return gnutls_strdup(p);
+	}
+
+	ss = p+1;
+	additional = strchr(ss, ':');
+	if (additional) {
+		additional++;
+	}
+
+	/* Always try to refresh the cached data, to allow it to be
+	 * updated without restarting all applications.
+	 */
+	ret = _gnutls_update_system_priorities(false /* defer_system_wide */);
+	if (ret < 0) {
+		_gnutls_debug_log("failed to update system priorities: %s\n",
+				  gnutls_strerror(ret));
+	}
+
+	do {
+		ss_next = strchr(ss, ',');
+		if (ss_next) {
+			if (additional && ss_next > additional) {
+				ss_next = NULL;
+			} else {
+				ss_next++;
+			}
+		}
+
+		if (ss_next) {
+			ss_len = ss_next - ss - 1;
+			ss_next_len = additional - ss_next - 1;
+		} else if (additional) {
+			ss_len = additional - ss - 1;
+			ss_next_len = 0;
+		} else {
+			ss_len = strlen(ss);
+			ss_next_len = 0;
+		}
+
+		ret = gnutls_rwlock_rdlock(&system_wide_config_rwlock);
+		if (ret < 0) {
+			_gnutls_debug_log("cannot read system priority strings: %s\n",
+					  gnutls_strerror(ret));
+			break;
+		}
+		if (system_wide_config.allowlisting &&
+		    ss_len == sizeof(LEVEL_SYSTEM) - 1 &&
+		    strncmp(LEVEL_SYSTEM, ss, ss_len) == 0) {
+			p = system_wide_config.priority_string;
+		} else {
+			p = _name_val_array_value(system_wide_config.priority_strings, ss, ss_len);
+		}
+
+		_gnutls_debug_log("resolved '%.*s' to '%s', next '%.*s'\n",
+				  ss_len, ss, S(p), ss_next_len, S(ss_next));
+
+		if (p) {
+			n = strlen(p);
+			if (additional) {
+				n2 = strlen(additional);
+			}
+
+			resolved = gnutls_malloc(n+n2+1+1);
+			if (resolved) {
+				memcpy(resolved, p, n);
+				if (additional) {
+					resolved[n] = ':';
+					memcpy(&resolved[n+1], additional, n2);
+					resolved[n+n2+1] = 0;
+				} else {
+					resolved[n] = 0;
+				}
+			}
+		}
+
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+
+		ss = ss_next;
+	} while (ss && !resolved);
+
+	if (resolved) {
+		_gnutls_debug_log("selected priority string: %s\n", resolved);
+	} else {
+		_gnutls_debug_log("unable to resolve %s\n", priorities);
+	}
+
+	return resolved;
+}
+
+static void add_ec(gnutls_priority_t priority_cache)
+{
+	const gnutls_group_entry_st *ge;
+	unsigned i;
+
+	for (i = 0; i < priority_cache->_supported_ecc.num_priorities; i++) {
+		ge = _gnutls_id_to_group(priority_cache->_supported_ecc.priorities[i]);
+		if (ge != NULL && priority_cache->groups.size < sizeof(priority_cache->groups.entry)/sizeof(priority_cache->groups.entry[0])) {
+			/* do not add groups which do not correspond to enabled ciphersuites */
+			if (!ge->curve)
+				continue;
+			priority_cache->groups.entry[priority_cache->groups.size++] = ge;
+		}
+	}
+}
+
+static void add_dh(gnutls_priority_t priority_cache)
+{
+	const gnutls_group_entry_st *ge;
+	unsigned i;
+
+	for (i = 0; i < priority_cache->_supported_ecc.num_priorities; i++) {
+		ge = _gnutls_id_to_group(priority_cache->_supported_ecc.priorities[i]);
+		if (ge != NULL && priority_cache->groups.size < sizeof(priority_cache->groups.entry)/sizeof(priority_cache->groups.entry[0])) {
+			/* do not add groups which do not correspond to enabled ciphersuites */
+			if (!ge->prime)
+				continue;
+			priority_cache->groups.entry[priority_cache->groups.size++] = ge;
+			priority_cache->groups.have_ffdhe = 1;
+		}
+	}
+}
+
+/* This function was originally precalculating ciphersuite-specific items, however
+ * it has now extended to much more than that. It provides a consistency check to
+ * set parameters, and in cases it applies policy specific items.
+ */
+static int set_ciphersuite_list(gnutls_priority_t priority_cache)
+{
+	unsigned i, j, z;
+	const gnutls_cipher_suite_entry_st *ce;
+	const gnutls_sign_entry_st *se;
+	unsigned have_ec = 0;
+	unsigned have_dh = 0;
+	unsigned tls_sig_sem = 0;
+	const version_entry_st *tlsmax = NULL, *vers;
+	const version_entry_st *dtlsmax = NULL;
+	const version_entry_st *tlsmin = NULL;
+	const version_entry_st *dtlsmin = NULL;
+	unsigned have_tls13 = 0, have_srp = 0;
+	unsigned have_pre_tls12 = 0, have_tls12 = 0;
+	unsigned have_psk = 0, have_null = 0, have_rsa_psk = 0;
+	gnutls_digest_algorithm_t prf_digest;
+	int ret = 0;
+
+	/* have_psk indicates that a PSK key exchange compatible
+	 * with TLS1.3 is enabled. */
+
+	priority_cache->cs.size = 0;
+	priority_cache->sigalg.size = 0;
+	priority_cache->groups.size = 0;
+	priority_cache->groups.have_ffdhe = 0;
+
+	/* The following requires a lock so there are no inconsistencies in the
+	 * members of system_wide_config loaded from the config file. */
+	ret = gnutls_rwlock_rdlock(&system_wide_config_rwlock);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	/* in blocklisting mode, apply system wide disablement of key exchanges,
+	 * groups, MACs, and ciphers. */
+	if (!system_wide_config.allowlisting) {
+		/* disable key exchanges which are globally disabled */
+		z = 0;
+		while (system_wide_config.kxs[z] != 0) {
+			for (i = j = 0; i < priority_cache->_kx.num_priorities; i++) {
+				if (priority_cache->_kx.priorities[i] != system_wide_config.kxs[z])
+					priority_cache->_kx.priorities[j++] = priority_cache->_kx.priorities[i];
+			}
+			priority_cache->_kx.num_priorities = j;
+			z++;
+		}
+
+		/* disable groups which are globally disabled */
+		z = 0;
+		while (system_wide_config.groups[z] != 0) {
+			for (i = j = 0; i < priority_cache->_supported_ecc.num_priorities; i++) {
+				if (priority_cache->_supported_ecc.priorities[i] != system_wide_config.groups[z])
+					priority_cache->_supported_ecc.priorities[j++] = priority_cache->_supported_ecc.priorities[i];
+			}
+			priority_cache->_supported_ecc.num_priorities = j;
+			z++;
+		}
+
+		/* disable ciphers which are globally disabled */
+		z = 0;
+		while (system_wide_config.ciphers[z] != 0) {
+			for (i = j = 0; i < priority_cache->_cipher.num_priorities; i++) {
+				if (priority_cache->_cipher.priorities[i] != system_wide_config.ciphers[z])
+					priority_cache->_cipher.priorities[j++] = priority_cache->_cipher.priorities[i];
+			}
+			priority_cache->_cipher.num_priorities = j;
+			z++;
+		}
+
+		/* disable MACs which are globally disabled */
+		z = 0;
+		while (system_wide_config.macs[z] != 0) {
+			for (i = j = 0; i < priority_cache->_mac.num_priorities; i++) {
+				if (priority_cache->_mac.priorities[i] != system_wide_config.macs[z])
+					priority_cache->_mac.priorities[j++] = priority_cache->_mac.priorities[i];
+			}
+			priority_cache->_mac.num_priorities = j;
+			z++;
+		}
+	}
+
+	for (j=0;j<priority_cache->_cipher.num_priorities;j++) {
+		if (priority_cache->_cipher.priorities[j] == GNUTLS_CIPHER_NULL) {
+			have_null = 1;
+			break;
+		}
+	}
+
+	for (i = 0; i < priority_cache->_kx.num_priorities; i++) {
+		if (IS_SRP_KX(priority_cache->_kx.priorities[i])) {
+			have_srp = 1;
+		} else if (_gnutls_kx_is_psk(priority_cache->_kx.priorities[i])) {
+			if (priority_cache->_kx.priorities[i] == GNUTLS_KX_RSA_PSK)
+				have_rsa_psk = 1;
+			else
+				have_psk = 1;
+		}
+	}
+
+	/* disable TLS versions which are added but are unsupported */
+	for (i = j = 0; i < priority_cache->protocol.num_priorities; i++) {
+		vers = version_to_entry(priority_cache->protocol.priorities[i]);
+		if (!vers || vers->supported ||
+				(system_wide_config.allowlisting && \
+				 vers->supported_revertible))
+			priority_cache->protocol.priorities[j++] = priority_cache->protocol.priorities[i];
+	}
+	priority_cache->protocol.num_priorities = j;
+
+
+	/* if we have NULL ciphersuites, SRP, or RSA-PSK enabled remove TLS1.3+
+	 * protocol versions; they cannot be negotiated under TLS1.3. */
+	if (have_null || have_srp || have_rsa_psk || priority_cache->no_extensions) {
+		for (i = j = 0; i < priority_cache->protocol.num_priorities; i++) {
+			vers = version_to_entry(priority_cache->protocol.priorities[i]);
+			if (!vers || !vers->tls13_sem)
+				priority_cache->protocol.priorities[j++] = priority_cache->protocol.priorities[i];
+		}
+		priority_cache->protocol.num_priorities = j;
+	}
+
+	for (i = 0; i < priority_cache->protocol.num_priorities; i++) {
+		vers = version_to_entry(priority_cache->protocol.priorities[i]);
+		if (!vers)
+			continue;
+
+		if (vers->transport == GNUTLS_STREAM) { /* TLS */
+			tls_sig_sem |= vers->tls_sig_sem;
+			if (vers->tls13_sem)
+				have_tls13 = 1;
+
+			if (vers->id == GNUTLS_TLS1_2)
+				have_tls12 = 1;
+			else if (vers->id < GNUTLS_TLS1_2)
+				have_pre_tls12 = 1;
+
+			if (tlsmax == NULL || vers->age > tlsmax->age)
+				tlsmax = vers;
+			if (tlsmin == NULL || vers->age < tlsmin->age)
+				tlsmin = vers;
+		} else { /* dtls */
+			tls_sig_sem |= vers->tls_sig_sem;
+
+			/* we need to introduce similar handling to above
+			 * when DTLS1.3 is supported */
+
+			if (dtlsmax == NULL || vers->age > dtlsmax->age)
+				dtlsmax = vers;
+			if (dtlsmin == NULL || vers->age < dtlsmin->age)
+				dtlsmin = vers;
+		}
+	}
+
+	/* DTLS or TLS protocols must be present */
+	if ((!tlsmax || !tlsmin) && (!dtlsmax || !dtlsmin)) {
+		ret = gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET);
+		goto out;
+	}
+
+	priority_cache->have_psk = have_psk;
+
+	/* if we are have TLS1.3+ do not enable any key exchange algorithms,
+	 * the protocol doesn't require any. */
+	if (tlsmin && tlsmin->tls13_sem && !have_psk) {
+		if (!dtlsmin || (dtlsmin && dtlsmin->tls13_sem))
+			priority_cache->_kx.num_priorities = 0;
+	}
+
+	/* Add TLS 1.3 ciphersuites (no KX) */
+	for (j=0;j<priority_cache->_cipher.num_priorities;j++) {
+		for (z=0;z<priority_cache->_mac.num_priorities;z++) {
+			ce = cipher_suite_get(
+				0, priority_cache->_cipher.priorities[j],
+				priority_cache->_mac.priorities[z]);
+			if (ce == NULL)
+				continue;
+
+			prf_digest = MAC_TO_DIG(ce->prf);
+			if (prf_digest == GNUTLS_DIG_UNKNOWN)
+				continue;
+			if (_gnutls_digest_is_insecure(prf_digest))
+				continue;
+
+			if (priority_cache->cs.size < MAX_CIPHERSUITE_SIZE)
+				priority_cache->cs.entry[priority_cache->cs.size++] = ce;
+		}
+	}
+
+	for (i = 0; i < priority_cache->_kx.num_priorities; i++) {
+		for (j=0;j<priority_cache->_cipher.num_priorities;j++) {
+			for (z=0;z<priority_cache->_mac.num_priorities;z++) {
+				ce = cipher_suite_get(
+					priority_cache->_kx.priorities[i],
+					priority_cache->_cipher.priorities[j],
+					priority_cache->_mac.priorities[z]);
+				if (ce == NULL)
+					continue;
+
+				prf_digest = MAC_TO_DIG(ce->prf);
+				if (prf_digest == GNUTLS_DIG_UNKNOWN)
+					continue;
+				if (_gnutls_digest_is_insecure(prf_digest))
+					continue;
+
+				if (priority_cache->cs.size == MAX_CIPHERSUITE_SIZE)
+					continue;
+				priority_cache->cs.entry[priority_cache->cs.size++] = ce;
+				if (!have_ec && (_gnutls_kx_is_ecc(ce->kx_algorithm) ||
+						 _gnutls_kx_is_vko_gost(ce->kx_algorithm))) {
+					have_ec = 1;
+					add_ec(priority_cache);
+				}
+				if (!have_dh && _gnutls_kx_is_dhe(ce->kx_algorithm)) {
+					have_dh = 1;
+					add_dh(priority_cache);
+				}
+			}
+		}
+	}
+
+	if (have_tls13 && (!have_ec || !have_dh)) {
+		/* scan groups to determine have_ec and have_dh */
+		for (i=0; i < priority_cache->_supported_ecc.num_priorities; i++) {
+			const gnutls_group_entry_st *ge;
+			ge = _gnutls_id_to_group(priority_cache->_supported_ecc.priorities[i]);
+			if (ge) {
+				if (ge->curve && !have_ec) {
+					add_ec(priority_cache);
+					have_ec = 1;
+				} else if (ge->prime && !have_dh) {
+					add_dh(priority_cache);
+					have_dh = 1;
+				}
+
+				if (have_dh && have_ec)
+					break;
+			}
+		}
+
+	}
+
+	for (i = 0; i < priority_cache->_sign_algo.num_priorities; i++) {
+		se = _gnutls_sign_to_entry(priority_cache->_sign_algo.priorities[i]);
+		if (se != NULL && priority_cache->sigalg.size < sizeof(priority_cache->sigalg.entry)/sizeof(priority_cache->sigalg.entry[0])) {
+			/* if the signature algorithm semantics is not
+			 * compatible with the protocol's, or the algorithm is
+			 * marked as insecure, then skip. */
+			if ((se->aid.tls_sem & tls_sig_sem) == 0 ||
+			    !_gnutls_sign_is_secure2(se, system_wide_config.allowlisting ?
+						     GNUTLS_SIGN_FLAG_ALLOW_INSECURE_REVERTIBLE :
+						     0)) {
+				continue;
+			}
+			priority_cache->sigalg.entry[priority_cache->sigalg.size++] = se;
+		}
+	}
+
+	_gnutls_debug_log("added %d protocols, %d ciphersuites, %d sig algos and %d groups into priority list\n",
+			  priority_cache->protocol.num_priorities,
+			  priority_cache->cs.size, priority_cache->sigalg.size,
+			  priority_cache->groups.size);
+
+	if (priority_cache->sigalg.size == 0) {
+		/* no signature algorithms; eliminate TLS 1.2 or DTLS 1.2 and later */
+		priority_st newp;
+		newp.num_priorities = 0;
+
+		/* we need to eliminate TLS 1.2 or DTLS 1.2 and later protocols */
+		for (i = 0; i < priority_cache->protocol.num_priorities; i++) {
+			if (priority_cache->protocol.priorities[i] < GNUTLS_TLS1_2) {
+				newp.priorities[newp.num_priorities++] = priority_cache->protocol.priorities[i];
+			} else if (priority_cache->protocol.priorities[i] >= GNUTLS_DTLS_VERSION_MIN &&
+				   priority_cache->protocol.priorities[i] < GNUTLS_DTLS1_2) {
+				newp.priorities[newp.num_priorities++] = priority_cache->protocol.priorities[i];
+			}
+		}
+		memcpy(&priority_cache->protocol, &newp, sizeof(newp));
+	}
+
+	if (unlikely(priority_cache->protocol.num_priorities == 0)) {
+		ret = gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET);
+		goto out;
+	}
+#ifndef ENABLE_SSL3
+	else if (unlikely(priority_cache->protocol.num_priorities == 1 && priority_cache->protocol.priorities[0] == GNUTLS_SSL3)) {
+		ret = gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET);
+		goto out;
+	}
+#endif
+
+	if (unlikely(priority_cache->cs.size == 0)) {
+		ret = gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET);
+		goto out;
+	}
+
+	/* when TLS 1.3 is available we must have groups set; additionally
+	 * we require TLS1.2 to be enabled if TLS1.3 is asked for, and
+	 * a pre-TLS1.2 protocol is there; that is because servers which
+	 * do not support TLS1.3 will negotiate TLS1.2 if seen a TLS1.3 handshake */
+	if (unlikely((!have_psk && tlsmax && tlsmax->id >= GNUTLS_TLS1_3 && priority_cache->groups.size == 0)) ||
+	    (!have_tls12 && have_pre_tls12 && have_tls13)) {
+		for (i = j = 0; i < priority_cache->protocol.num_priorities; i++) {
+			vers = version_to_entry(priority_cache->protocol.priorities[i]);
+			if (!vers || vers->transport != GNUTLS_STREAM || !vers->tls13_sem)
+				priority_cache->protocol.priorities[j++] = priority_cache->protocol.priorities[i];
+		}
+		priority_cache->protocol.num_priorities = j;
+	}
+
+	/* ensure that the verification profile is not lower from the configured */
+	if (system_wide_config.verification_profile) {
+		gnutls_sec_param_t level = priority_cache->level;
+		gnutls_sec_param_t system_wide_level = _gnutls_profile_to_sec_level(system_wide_config.verification_profile);
+
+		if (level < system_wide_level) {
+			ENABLE_PROFILE(priority_cache, system_wide_config.verification_profile);
+		}
+	}
+
+ out:
+	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+	return ret;
+}
+
+/**
+ * gnutls_priority_init2:
+ * @priority_cache: is a #gnutls_priority_t type.
+ * @priorities: is a string describing priorities (may be %NULL)
+ * @err_pos: In case of an error this will have the position in the string the error occurred
+ * @flags: zero or %GNUTLS_PRIORITY_INIT_DEF_APPEND
+ *
+ * Sets priorities for the ciphers, key exchange methods, and macs.
+ * The @priority_cache should be deinitialized
+ * using gnutls_priority_deinit().
+ *
+ * The #priorities option allows you to specify a colon
+ * separated list of the cipher priorities to enable.
+ * Some keywords are defined to provide quick access
+ * to common preferences.
+ *
+ * When @flags is set to %GNUTLS_PRIORITY_INIT_DEF_APPEND then the @priorities
+ * specified will be appended to the default options.
+ *
+ * Unless there is a special need, use the "NORMAL" keyword to
+ * apply a reasonable security level, or "NORMAL:%%COMPAT" for compatibility.
+ *
+ * "PERFORMANCE" means all the "secure" ciphersuites are enabled,
+ * limited to 128 bit ciphers and sorted by terms of speed
+ * performance.
+ *
+ * "LEGACY" the NORMAL settings for GnuTLS 3.2.x or earlier. There is
+ * no verification profile set, and the allowed DH primes are considered
+ * weak today.
+ *
+ * "NORMAL" means all "secure" ciphersuites. The 256-bit ciphers are
+ * included as a fallback only.  The ciphers are sorted by security
+ * margin.
+ *
+ * "PFS" means all "secure" ciphersuites that support perfect forward secrecy.
+ * The 256-bit ciphers are included as a fallback only.
+ * The ciphers are sorted by security margin.
+ *
+ * "SECURE128" means all "secure" ciphersuites of security level 128-bit
+ * or more.
+ *
+ * "SECURE192" means all "secure" ciphersuites of security level 192-bit
+ * or more.
+ *
+ * "SUITEB128" means all the NSA SuiteB ciphersuites with security level
+ * of 128.
+ *
+ * "SUITEB192" means all the NSA SuiteB ciphersuites with security level
+ * of 192.
+ *
+ * "NONE" means nothing is enabled.  This disables everything, including protocols.
+ *
+ * "@@KEYWORD1,KEYWORD2,..." The system administrator imposed settings.
+ * The provided keyword(s) will be expanded from a configuration-time
+ * provided file - default is: /etc/gnutls/config.
+ * Any attributes that follow it, will be appended to the expanded
+ * string. If multiple keywords are provided, separated by commas,
+ * then the first keyword that exists in the configuration file
+ * will be used. At least one of the keywords must exist, or this
+ * function will return an error. Typical usage would be to specify
+ * an application specified keyword first, followed by "SYSTEM" as
+ * a default fallback. e.g., "@LIBVIRT,SYSTEM:!-VERS-SSL3.0" will
+ * first try to find a config file entry matching "LIBVIRT", but if
+ * that does not exist will use the entry for "SYSTEM". If "SYSTEM"
+ * does not exist either, an error will be returned. In all cases,
+ * the SSL3.0 protocol will be disabled. The system priority file
+ * entries should be formatted as "KEYWORD=VALUE", e.g.,
+ * "SYSTEM=NORMAL:+ARCFOUR-128".
+ *
+ * Special keywords are "!", "-" and "+".
+ * "!" or "-" appended with an algorithm will remove this algorithm.
+ * "+" appended with an algorithm will add this algorithm.
+ *
+ * Check the GnuTLS manual section "Priority strings" for detailed
+ * information.
+ *
+ * Examples:
+ *
+ * "NONE:+VERS-TLS-ALL:+MAC-ALL:+RSA:+AES-128-CBC:+SIGN-ALL:+COMP-NULL"
+ *
+ * "NORMAL:+ARCFOUR-128" means normal ciphers plus ARCFOUR-128.
+ *
+ * "SECURE128:-VERS-SSL3.0" means that only secure ciphers are
+ * and enabled, SSL3.0 is disabled.
+ *
+ * "NONE:+VERS-TLS-ALL:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:+SIGN-RSA-SHA1",
+ *
+ * "NONE:+VERS-TLS-ALL:+AES-128-CBC:+ECDHE-RSA:+SHA1:+COMP-NULL:+SIGN-RSA-SHA1:+CURVE-SECP256R1",
+ *
+ * "SECURE256:+SECURE128",
+ *
+ * Note that "NORMAL:%%COMPAT" is the most compatible mode.
+ *
+ * A %NULL @priorities string indicates the default priorities to be
+ * used (this is available since GnuTLS 3.3.0).
+ *
+ * Returns: On syntax error %GNUTLS_E_INVALID_REQUEST is returned,
+ * %GNUTLS_E_SUCCESS on success, or an error code.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_priority_init2(gnutls_priority_t * priority_cache,
+		      const char *priorities, const char **err_pos,
+		      unsigned flags)
+{
+	gnutls_buffer_st buf;
+	const char *ep;
+	int ret;
+
+	if (flags & GNUTLS_PRIORITY_INIT_DEF_APPEND) {
+		if (priorities == NULL)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		if (err_pos)
+			*err_pos = priorities;
+
+		_gnutls_buffer_init(&buf);
+
+		ret = _gnutls_buffer_append_str(&buf, _gnutls_default_priority_string);
+		if (ret < 0) {
+			_gnutls_buffer_clear(&buf);
+			return gnutls_assert_val(ret);
+		}
+
+		ret = _gnutls_buffer_append_str(&buf, ":");
+		if (ret < 0) {
+			_gnutls_buffer_clear(&buf);
+			return gnutls_assert_val(ret);
+		}
+
+		ret = _gnutls_buffer_append_str(&buf, priorities);
+		if (ret < 0) {
+			_gnutls_buffer_clear(&buf);
+			return gnutls_assert_val(ret);
+		}
+
+		ret = gnutls_priority_init(priority_cache, (const char*)buf.data, &ep);
+		if (ret < 0 && ep != (const char*)buf.data && ep != NULL) {
+			ptrdiff_t diff = (ptrdiff_t)ep-(ptrdiff_t)buf.data;
+			unsigned hlen = strlen(_gnutls_default_priority_string)+1;
+
+			if (err_pos && diff > hlen) {
+				*err_pos = priorities + diff - hlen;
+			}
+		}
+		_gnutls_buffer_clear(&buf);
+		return ret;
+	} else {
+		return gnutls_priority_init(priority_cache, priorities, err_pos);
+	}
+}
+
+#define PRIO_MATCH(name) c_strncasecmp(&broken_list[i][1], name, sizeof(name) - 1)
+
+/**
+ * gnutls_priority_init:
+ * @priority_cache: is a #gnutls_priority_t type.
+ * @priorities: is a string describing priorities (may be %NULL)
+ * @err_pos: In case of an error this will have the position in the string the error occurred
+ *
+ * For applications that do not modify their crypto settings per release, consider
+ * using gnutls_priority_init2() with %GNUTLS_PRIORITY_INIT_DEF_APPEND flag
+ * instead. We suggest to use centralized crypto settings handled by the GnuTLS
+ * library, and applications modifying the default settings to their needs.
+ *
+ * This function is identical to gnutls_priority_init2() with zero
+ * flags.
+ *
+ * A %NULL @priorities string indicates the default priorities to be
+ * used (this is available since GnuTLS 3.3.0).
+ *
+ * Returns: On syntax error %GNUTLS_E_INVALID_REQUEST is returned,
+ * %GNUTLS_E_SUCCESS on success, or an error code.
+ **/
+int
+gnutls_priority_init(gnutls_priority_t * priority_cache,
+		     const char *priorities, const char **err_pos)
+{
+	char *broken_list[MAX_ELEMENTS];
+	int broken_list_size = 0, i = 0, j;
+	char *darg = NULL;
+	unsigned ikeyword_set = 0;
+	int algo;
+	int ret;
+	rmadd_func *fn;
+	bulk_rmadd_func *bulk_fn;
+	bulk_rmadd_func *bulk_given_fn;
+	const cipher_entry_st *centry;
+	unsigned resolved_match = 1;
+
+	if (err_pos)
+		*err_pos = priorities;
+
+	*priority_cache =
+	    gnutls_calloc(1, sizeof(struct gnutls_priority_st));
+	if (*priority_cache == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	/* for now unsafe renegotiation is default on everyone. To be removed
+	 * when we make it the default.
+	 */
+	(*priority_cache)->sr = SR_PARTIAL;
+	/* For now TLS 1.3 middlebox compatibility mode is enabled by default.
+	 * This will eventually be disabled by default and moved to the %COMPAT
+	 * setting.
+	 */
+	(*priority_cache)->tls13_compat_mode = true;
+	(*priority_cache)->min_record_version = 1;
+	gnutls_atomic_init(&(*priority_cache)->usage_cnt);
+
+	if (system_wide_config.allowlisting && !priorities) {
+		priorities = "@" LEVEL_SYSTEM;
+	}
+	if (priorities == NULL) {
+		priorities = _gnutls_default_priority_string;
+		resolved_match = 0;
+	}
+
+	darg = _gnutls_resolve_priorities(priorities);
+	if (darg == NULL) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if (strcmp(darg, priorities) != 0)
+		resolved_match = 0;
+
+	break_list(darg, broken_list, &broken_list_size);
+	/* This is our default set of protocol version, certificate types.
+	 */
+	if (c_strcasecmp(broken_list[0], LEVEL_NONE) != 0) {
+		_set_priority(&(*priority_cache)->protocol,
+			      protocol_priority);
+		_set_priority(&(*priority_cache)->client_ctype,
+			      cert_type_priority_default);
+		_set_priority(&(*priority_cache)->server_ctype,
+			      cert_type_priority_default);
+		_set_priority(&(*priority_cache)->_sign_algo,
+			      sign_priority_default);
+		_set_priority(&(*priority_cache)->_supported_ecc,
+			      supported_groups_normal);
+		i = 0;
+	} else {
+		ikeyword_set = 1;
+		i = 1;
+	}
+
+	for (; i < broken_list_size; i++) {
+		if (check_level(broken_list[i], *priority_cache, ikeyword_set) != 0) {
+			ikeyword_set = 1;
+			continue;
+		} else if (broken_list[i][0] == '!'
+			   || broken_list[i][0] == '+'
+			   || broken_list[i][0] == '-') {
+			if (broken_list[i][0] == '+') {
+				fn = prio_add;
+				bulk_fn = _add_priority;
+				bulk_given_fn = _add_priority;
+			} else {
+				fn = prio_remove;
+				bulk_fn = _clear_priorities;
+				bulk_given_fn = _clear_given_priorities;
+			}
+
+			if (broken_list[i][0] == '+'
+			    && check_level(&broken_list[i][1],
+					   *priority_cache, 1) != 0) {
+				continue;
+			} else if ((algo =
+				    gnutls_mac_get_id(&broken_list[i][1]))
+				   != GNUTLS_MAC_UNKNOWN) {
+				fn(&(*priority_cache)->_mac, algo);
+			} else if ((centry = cipher_name_to_entry(&broken_list[i][1])) != NULL) {
+				if (_gnutls_cipher_exists(centry->id)) {
+					fn(&(*priority_cache)->_cipher, centry->id);
+					if (centry->type == CIPHER_BLOCK)
+						(*priority_cache)->have_cbc = 1;
+				}
+			} else if ((algo =
+				  _gnutls_kx_get_id(&broken_list[i][1])) !=
+				 GNUTLS_KX_UNKNOWN) {
+				if (algo != GNUTLS_KX_INVALID)
+					fn(&(*priority_cache)->_kx, algo);
+			} else if (PRIO_MATCH("VERS-") == 0) {
+				if (PRIO_MATCH("VERS-TLS-ALL") == 0) {
+					bulk_given_fn(&(*priority_cache)->
+						protocol,
+						stream_protocol_priority);
+				} else if (PRIO_MATCH("VERS-DTLS-ALL") == 0) {
+					bulk_given_fn(&(*priority_cache)->
+						protocol,
+						(bulk_given_fn==_add_priority)?dtls_protocol_priority:dgram_protocol_priority);
+				} else if (PRIO_MATCH("VERS-ALL") == 0) {
+					bulk_fn(&(*priority_cache)->
+						protocol,
+						protocol_priority);
+				} else {
+					if ((algo =
+					     gnutls_protocol_get_id
+					     (&broken_list[i][6])) !=
+					    GNUTLS_VERSION_UNKNOWN) {
+						fn(&(*priority_cache)->
+						   protocol, algo);
+					} else
+						goto error;
+
+				}
+			} /* now check if the element is something like -ALGO */
+			else if (PRIO_MATCH("COMP-") == 0) {
+				/* ignore all compression methods */
+				continue;
+			} /* now check if the element is something like -ALGO */
+			else if (PRIO_MATCH("CURVE-") == 0) {
+				if (PRIO_MATCH("CURVE-ALL") == 0) {
+					bulk_fn(&(*priority_cache)->
+						_supported_ecc,
+						supported_groups_normal);
+				} else {
+					if ((algo =
+					     gnutls_ecc_curve_get_id
+					     (&broken_list[i][7])) !=
+					    GNUTLS_ECC_CURVE_INVALID)
+						fn(&(*priority_cache)->
+						   _supported_ecc, algo);
+					else
+						goto error;
+				}
+			} else if (PRIO_MATCH("GROUP-") == 0) {
+				if (PRIO_MATCH("GROUP-ALL") == 0) {
+					bulk_fn(&(*priority_cache)->
+						_supported_ecc,
+						supported_groups_normal);
+				} else if (PRIO_MATCH("GROUP-DH-ALL") == 0) {
+					bulk_given_fn(&(*priority_cache)->
+						_supported_ecc,
+						_supported_groups_dh);
+				} else if (PRIO_MATCH("GROUP-EC-ALL") == 0) {
+					bulk_given_fn(&(*priority_cache)->
+						_supported_ecc,
+						_supported_groups_ecdh);
+				} else if (PRIO_MATCH("GROUP-GOST-ALL") == 0) {
+					bulk_given_fn(&(*priority_cache)->
+						_supported_ecc,
+						_supported_groups_gost);
+				} else {
+					if ((algo =
+					     _gnutls_group_get_id
+					     (&broken_list[i][7])) !=
+					    GNUTLS_GROUP_INVALID)
+						fn(&(*priority_cache)->
+						   _supported_ecc, algo);
+					else
+						goto error;
+				}
+			} else if (PRIO_MATCH("CTYPE-") == 0) {
+				// Certificate types
+				if (PRIO_MATCH("CTYPE-ALL") == 0) {
+					// Symmetric cert types, all types allowed
+					bulk_fn(&(*priority_cache)->client_ctype,
+						cert_type_priority_all);
+					bulk_fn(&(*priority_cache)->server_ctype,
+						cert_type_priority_all);
+				} else if (PRIO_MATCH("CTYPE-CLI-") == 0) {
+					// Client certificate types
+					if (PRIO_MATCH("CTYPE-CLI-ALL") == 0) {
+						// All client cert types allowed
+						bulk_fn(&(*priority_cache)->client_ctype,
+							cert_type_priority_all);
+					} else if ((algo = gnutls_certificate_type_get_id
+							(&broken_list[i][11])) != GNUTLS_CRT_UNKNOWN) {
+						// Specific client cert type allowed
+						fn(&(*priority_cache)->client_ctype, algo);
+					} else goto error;
+				} else if (PRIO_MATCH("CTYPE-SRV-") == 0) {
+					// Server certificate types
+					if (PRIO_MATCH("CTYPE-SRV-ALL") == 0) {
+						// All server cert types allowed
+						bulk_fn(&(*priority_cache)->server_ctype,
+							cert_type_priority_all);
+					} else if ((algo = gnutls_certificate_type_get_id
+							(&broken_list[i][11])) != GNUTLS_CRT_UNKNOWN) {
+							// Specific server cert type allowed
+						fn(&(*priority_cache)->server_ctype, algo);
+					} else goto error;
+				} else { // Symmetric certificate type
+					if ((algo = gnutls_certificate_type_get_id
+					     (&broken_list[i][7])) != GNUTLS_CRT_UNKNOWN) {
+						fn(&(*priority_cache)->client_ctype, algo);
+						fn(&(*priority_cache)->server_ctype, algo);
+					} else if (PRIO_MATCH("CTYPE-OPENPGP") == 0) {
+						/* legacy openpgp option - ignore */
+						continue;
+					} else goto error;
+				}
+			} else if (PRIO_MATCH("SIGN-") == 0) {
+				if (PRIO_MATCH("SIGN-ALL") == 0) {
+					bulk_fn(&(*priority_cache)->
+						_sign_algo,
+						sign_priority_default);
+				} else if (PRIO_MATCH("SIGN-GOST-ALL") == 0) {
+					bulk_fn(&(*priority_cache)->
+						_sign_algo,
+						sign_priority_gost);
+				} else {
+					if ((algo =
+					     gnutls_sign_get_id
+					     (&broken_list[i][6])) !=
+					    GNUTLS_SIGN_UNKNOWN)
+						fn(&(*priority_cache)->
+						   _sign_algo, algo);
+					else
+						goto error;
+				}
+			} else if (PRIO_MATCH("MAC-") == 0) {
+				if (PRIO_MATCH("MAC-ALL") == 0) {
+					bulk_fn(&(*priority_cache)->_mac,
+							mac_priority_normal);
+				} else if (PRIO_MATCH("MAC-GOST-ALL") == 0) {
+					bulk_fn(&(*priority_cache)->_mac,
+							mac_priority_gost);
+				}
+			} else if (PRIO_MATCH("CIPHER-") == 0) {
+				if (PRIO_MATCH("CIPHER-ALL") == 0) {
+					bulk_fn(&(*priority_cache)->_cipher,
+							cipher_priority_normal);
+				} else if (PRIO_MATCH("CIPHER-GOST-ALL") == 0) {
+					bulk_fn(&(*priority_cache)->_cipher,
+							cipher_priority_gost);
+				}
+			} else if (PRIO_MATCH("KX-") == 0) {
+				if (PRIO_MATCH("KX-ALL") == 0) {
+					bulk_fn(&(*priority_cache)->_kx,
+							kx_priority_secure);
+				} else if (PRIO_MATCH("KX-GOST-ALL") == 0) {
+					bulk_fn(&(*priority_cache)->_kx,
+							kx_priority_gost);
+				}
+			} else if (PRIO_MATCH("GOST") == 0) {
+				bulk_given_fn(&(*priority_cache)->_supported_ecc,
+					_supported_groups_gost);
+				bulk_fn(&(*priority_cache)->_sign_algo,
+					sign_priority_gost);
+				bulk_fn(&(*priority_cache)->_mac,
+						mac_priority_gost);
+				bulk_fn(&(*priority_cache)->_cipher,
+						cipher_priority_gost);
+				bulk_fn(&(*priority_cache)->_kx,
+						kx_priority_gost);
+			} else
+				goto error;
+		} else if (broken_list[i][0] == '%') {
+			const struct priority_options_st * o;
+			/* to add a new option modify
+			 * priority_options.gperf */
+			o = in_word_set(&broken_list[i][1], strlen(&broken_list[i][1]));
+			if (o == NULL) {
+				goto error;
+			}
+			o->func(*priority_cache);
+		} else
+			goto error;
+	}
+
+	ret = set_ciphersuite_list(*priority_cache);
+	if (ret < 0) {
+		if (err_pos)
+			*err_pos = priorities;
+		goto error_cleanup;
+	}
+
+	gnutls_free(darg);
+
+	return 0;
+
+ error:
+	if (err_pos != NULL && i < broken_list_size && resolved_match) {
+		*err_pos = priorities;
+		for (j = 0; j < i; j++) {
+			(*err_pos) += strlen(broken_list[j]) + 1;
+		}
+	}
+	ret = GNUTLS_E_INVALID_REQUEST;
+
+ error_cleanup:
+	free(darg);
+	gnutls_priority_deinit(*priority_cache);
+	*priority_cache = NULL;
+
+	return ret;
+}
+
+/**
+ * gnutls_priority_deinit:
+ * @priority_cache: is a #gnutls_priority_t type.
+ *
+ * Deinitializes the priority cache.
+ **/
+void gnutls_priority_deinit(gnutls_priority_t priority_cache)
+{
+	if (priority_cache == NULL)
+		return;
+
+	/* Note that here we care about the following two cases:
+	 * 1. Multiple sessions or different threads holding a reference + a global reference
+	 * 2. One session holding a reference with a possible global reference
+	 *
+	 * As such, it will never be that two threads reach the
+	 * zero state at the same time, unless the global reference
+	 * is cleared too, which is invalid state.
+	 */
+	if (gnutls_atomic_val(&priority_cache->usage_cnt) == 0) {
+		gnutls_atomic_deinit(&priority_cache->usage_cnt);
+		gnutls_free(priority_cache);
+		return;
+	} else {
+		gnutls_atomic_decrement(&priority_cache->usage_cnt);
+	}
+}
+
+
+/**
+ * gnutls_priority_set_direct:
+ * @session: is a #gnutls_session_t type.
+ * @priorities: is a string describing priorities
+ * @err_pos: In case of an error this will have the position in the string the error occurred
+ *
+ * Sets the priorities to use on the ciphers, key exchange methods,
+ * and macs.  This function avoids keeping a
+ * priority cache and is used to directly set string priorities to a
+ * TLS session.  For documentation check the gnutls_priority_init().
+ *
+ * To use a reasonable default, consider using gnutls_set_default_priority(),
+ * or gnutls_set_default_priority_append() instead of this function.
+ *
+ * Returns: On syntax error %GNUTLS_E_INVALID_REQUEST is returned,
+ * %GNUTLS_E_SUCCESS on success, or an error code.
+ **/
+int
+gnutls_priority_set_direct(gnutls_session_t session,
+			   const char *priorities, const char **err_pos)
+{
+	gnutls_priority_t prio;
+	int ret;
+
+	ret = gnutls_priority_init(&prio, priorities, err_pos);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_priority_set(session, prio);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* ensure that the session holds the only reference for the struct */
+	gnutls_priority_deinit(prio);
+
+	return 0;
+}
+
+/* Breaks a list of "xxx", "yyy", to a character array, of
+ * MAX_COMMA_SEP_ELEMENTS size; Note that the given string is modified.
+  */
+static void
+break_list(char *list,
+		 char *broken_list[MAX_ELEMENTS], int *size)
+{
+	char *p = list;
+
+	*size = 0;
+
+	do {
+		broken_list[*size] = p;
+
+		(*size)++;
+
+		p = strchr(p, ':');
+		if (p) {
+			*p = 0;
+			p++;	/* move to next entry and skip white
+				 * space.
+				 */
+			while (*p == ' ')
+				p++;
+		}
+	}
+	while (p != NULL && *size < MAX_ELEMENTS);
+}
+
+/**
+ * gnutls_set_default_priority:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Sets the default priority on the ciphers, key exchange methods,
+ * and macs. This is the recommended method of
+ * setting the defaults, in order to promote consistency between applications
+ * using GnuTLS, and to allow GnuTLS using applications to update settings
+ * in par with the library. For client applications which require
+ * maximum compatibility consider calling gnutls_session_enable_compatibility_mode()
+ * after this function.
+ *
+ * For an application to specify additional options to priority string
+ * consider using gnutls_set_default_priority_append().
+ *
+ * To allow a user to override the defaults (e.g., when a user interface
+ * or configuration file is available), the functions
+ * gnutls_priority_set_direct() or gnutls_priority_set() can
+ * be used.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ *
+ * Since: 2.1.4
+ **/
+int gnutls_set_default_priority(gnutls_session_t session)
+{
+	return gnutls_priority_set_direct(session, NULL, NULL);
+}
+
+/**
+ * gnutls_set_default_priority_append:
+ * @session: is a #gnutls_session_t type.
+ * @add_prio: is a string describing priorities to be appended to default
+ * @err_pos: In case of an error this will have the position in the string the error occurred
+ * @flags: must be zero
+ *
+ * Sets the default priority on the ciphers, key exchange methods,
+ * and macs with the additional options in @add_prio. This is the recommended method of
+ * setting the defaults when only few additional options are to be added. This promotes
+ * consistency between applications using GnuTLS, and allows GnuTLS using applications
+ * to update settings in par with the library.
+ *
+ * The @add_prio string should start as a normal priority string, e.g.,
+ * '-VERS-TLS-ALL:+VERS-TLS1.3:%%COMPAT' or '%%FORCE_ETM'. That is, it must not start
+ * with ':'.
+ *
+ * To allow a user to override the defaults (e.g., when a user interface
+ * or configuration file is available), the functions
+ * gnutls_priority_set_direct() or gnutls_priority_set() can
+ * be used.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ *
+ * Since: 3.6.3
+ **/
+int gnutls_set_default_priority_append(gnutls_session_t session,
+				       const char *add_prio,
+				       const char **err_pos,
+				       unsigned flags)
+{
+	gnutls_priority_t prio;
+	int ret;
+
+	ret = gnutls_priority_init2(&prio, add_prio, err_pos, GNUTLS_PRIORITY_INIT_DEF_APPEND);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_priority_set(session, prio);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* ensure that the session holds the only reference for the struct */
+	gnutls_priority_deinit(prio);
+
+	return 0;
+}
+
+/**
+ * gnutls_priority_ecc_curve_list:
+ * @pcache: is a #gnutls_priority_t type.
+ * @list: will point to an integer list
+ *
+ * Get a list of available elliptic curves in the priority
+ * structure.
+ *
+ * Deprecated: This function has been replaced by
+ * gnutls_priority_group_list() since 3.6.0.
+ *
+ * Returns: the number of items, or an error code.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_priority_ecc_curve_list(gnutls_priority_t pcache,
+			       const unsigned int **list)
+{
+	unsigned i;
+
+	if (pcache->_supported_ecc.num_priorities == 0)
+		return 0;
+
+	*list = pcache->_supported_ecc.priorities;
+
+	/* to ensure we don't confuse the caller, we do not include
+	 * any FFDHE groups. This may return an incomplete list. */
+	for (i=0;i<pcache->_supported_ecc.num_priorities;i++)
+		if (pcache->_supported_ecc.priorities[i] > GNUTLS_ECC_CURVE_MAX)
+			return i;
+
+	return pcache->_supported_ecc.num_priorities;
+}
+
+/**
+ * gnutls_priority_group_list:
+ * @pcache: is a #gnutls_priority_t type.
+ * @list: will point to an integer list
+ *
+ * Get a list of available groups in the priority
+ * structure.
+ *
+ * Returns: the number of items, or an error code.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_priority_group_list(gnutls_priority_t pcache,
+			       const unsigned int **list)
+{
+	if (pcache->_supported_ecc.num_priorities == 0)
+		return 0;
+
+	*list = pcache->_supported_ecc.priorities;
+	return pcache->_supported_ecc.num_priorities;
+}
+
+/**
+ * gnutls_priority_kx_list:
+ * @pcache: is a #gnutls_priority_t type.
+ * @list: will point to an integer list
+ *
+ * Get a list of available key exchange methods in the priority
+ * structure.
+ *
+ * Returns: the number of items, or an error code.
+ * Since: 3.2.3
+ **/
+int
+gnutls_priority_kx_list(gnutls_priority_t pcache,
+			const unsigned int **list)
+{
+	if (pcache->_kx.num_priorities == 0)
+		return 0;
+
+	*list = pcache->_kx.priorities;
+	return pcache->_kx.num_priorities;
+}
+
+/**
+ * gnutls_priority_cipher_list:
+ * @pcache: is a #gnutls_priority_t type.
+ * @list: will point to an integer list
+ *
+ * Get a list of available ciphers in the priority
+ * structure.
+ *
+ * Returns: the number of items, or an error code.
+ * Since: 3.2.3
+ **/
+int
+gnutls_priority_cipher_list(gnutls_priority_t pcache,
+			    const unsigned int **list)
+{
+	if (pcache->_cipher.num_priorities == 0)
+		return 0;
+
+	*list = pcache->_cipher.priorities;
+	return pcache->_cipher.num_priorities;
+}
+
+/**
+ * gnutls_priority_mac_list:
+ * @pcache: is a #gnutls_priority_t type.
+ * @list: will point to an integer list
+ *
+ * Get a list of available MAC algorithms in the priority
+ * structure.
+ *
+ * Returns: the number of items, or an error code.
+ * Since: 3.2.3
+ **/
+int
+gnutls_priority_mac_list(gnutls_priority_t pcache,
+			 const unsigned int **list)
+{
+	if (pcache->_mac.num_priorities == 0)
+		return 0;
+
+	*list = pcache->_mac.priorities;
+	return pcache->_mac.num_priorities;
+}
+
+/**
+ * gnutls_priority_compression_list:
+ * @pcache: is a #gnutls_priority_t type.
+ * @list: will point to an integer list
+ *
+ * Get a list of available compression method in the priority
+ * structure.
+ *
+ * Returns: the number of methods, or an error code.
+ * Since: 3.0
+ **/
+int
+gnutls_priority_compression_list(gnutls_priority_t pcache,
+				 const unsigned int **list)
+{
+	static const unsigned int priority[1] = {GNUTLS_COMP_NULL};
+
+	*list = priority;
+	return 1;
+}
+
+/**
+ * gnutls_priority_protocol_list:
+ * @pcache: is a #gnutls_priority_t type.
+ * @list: will point to an integer list
+ *
+ * Get a list of available TLS version numbers in the priority
+ * structure.
+ *
+ * Returns: the number of protocols, or an error code.
+ * Since: 3.0
+ **/
+int
+gnutls_priority_protocol_list(gnutls_priority_t pcache,
+			      const unsigned int **list)
+{
+	if (pcache->protocol.num_priorities == 0)
+		return 0;
+
+	*list = pcache->protocol.priorities;
+	return pcache->protocol.num_priorities;
+}
+
+/**
+ * gnutls_priority_sign_list:
+ * @pcache: is a #gnutls_priority_t type.
+ * @list: will point to an integer list
+ *
+ * Get a list of available signature algorithms in the priority
+ * structure.
+ *
+ * Returns: the number of algorithms, or an error code.
+ * Since: 3.0
+ **/
+int
+gnutls_priority_sign_list(gnutls_priority_t pcache,
+			  const unsigned int **list)
+{
+	if (pcache->_sign_algo.num_priorities == 0)
+		return 0;
+
+	*list = pcache->_sign_algo.priorities;
+	return pcache->_sign_algo.num_priorities;
+}
+
+/**
+ * gnutls_priority_certificate_type_list:
+ * @pcache: is a #gnutls_priority_t type.
+ * @list: will point to an integer list
+ *
+ * Get a list of available certificate types in the priority
+ * structure.
+ *
+ * As of version 3.6.4 this function is an alias for
+ * gnutls_priority_certificate_type_list2 with the target parameter
+ * set to:
+ * - GNUTLS_CTYPE_SERVER, if the %SERVER_PRECEDENCE option is set
+ * - GNUTLS_CTYPE_CLIENT, otherwise.
+ *
+ * Returns: the number of certificate types, or an error code.
+ * Since: 3.0
+ **/
+int
+gnutls_priority_certificate_type_list(gnutls_priority_t pcache,
+				      const unsigned int **list)
+{
+	gnutls_ctype_target_t target =
+		pcache->server_precedence ? GNUTLS_CTYPE_SERVER : GNUTLS_CTYPE_CLIENT;
+
+	return gnutls_priority_certificate_type_list2(pcache, list, target);
+}
+
+/**
+ * gnutls_priority_certificate_type_list2:
+ * @pcache: is a #gnutls_priority_t type.
+ * @list: will point to an integer list.
+ * @target: is a #gnutls_ctype_target_t type. Valid arguments are
+ *   GNUTLS_CTYPE_CLIENT and GNUTLS_CTYPE_SERVER
+ *
+ * Get a list of available certificate types for the given target
+ * in the priority structure.
+ *
+ * Returns: the number of certificate types, or an error code.
+ *
+ * Since: 3.6.4
+ **/
+int
+gnutls_priority_certificate_type_list2(gnutls_priority_t pcache,
+				      const unsigned int **list, gnutls_ctype_target_t target)
+{
+	switch (target)	{
+		case GNUTLS_CTYPE_CLIENT:
+			if(pcache->client_ctype.num_priorities > 0) {
+				*list = pcache->client_ctype.priorities;
+				return pcache->client_ctype.num_priorities;
+			}
+			break;
+		case GNUTLS_CTYPE_SERVER:
+			if(pcache->server_ctype.num_priorities > 0)	{
+				*list = pcache->server_ctype.priorities;
+				return pcache->server_ctype.num_priorities;
+			}
+			break;
+		default:
+			// Invalid target given
+			gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	// Found a matching target but non of them had any ctypes set
+	return 0;
+}
+
+/**
+ * gnutls_priority_string_list:
+ * @iter: an integer counter starting from zero
+ * @flags: one of %GNUTLS_PRIORITY_LIST_INIT_KEYWORDS, %GNUTLS_PRIORITY_LIST_SPECIAL
+ *
+ * Can be used to iterate all available priority strings.
+ * Due to internal implementation details, there are cases where this
+ * function can return the empty string. In that case that string should be ignored.
+ * When no strings are available it returns %NULL.
+ *
+ * Returns: a priority string
+ * Since: 3.4.0
+ **/
+const char *
+gnutls_priority_string_list(unsigned iter, unsigned int flags)
+{
+	if (flags & GNUTLS_PRIORITY_LIST_INIT_KEYWORDS) {
+		if (iter >= (sizeof(pgroups)/sizeof(pgroups[0]))-1)
+			return NULL;
+		return pgroups[iter].name;
+	} else if (flags & GNUTLS_PRIORITY_LIST_SPECIAL) {
+		if (iter >= (sizeof(wordlist)/sizeof(wordlist[0]))-1)
+			return NULL;
+		return wordlist[iter].name;
+	}
+	return NULL;
+}
+
+bool _gnutls_config_is_ktls_enabled(void){
+	return system_wide_config.ktls_enabled;
+}
+
+/*
+ * high-level interface for overriding configuration files
+ */
+
+static inline bool /* not locking system_wide_config */
+system_wide_config_is_malleable(void) {
+	if (!system_wide_config.allowlisting) {
+		_gnutls_audit_log(NULL, "allowlisting is not enabled!\n");
+		return false;
+	}
+	if (system_wide_config.priority_string) {
+		_gnutls_audit_log(NULL, "priority strings have already been "
+				"initialized!\n");
+		return false;
+	}
+	return true;
+}
+
+/**
+ * gnutls_digest_set_secure:
+ * @dig: is a digest algorithm
+ * @secure: whether to mark the digest algorithm secure
+ *
+ * Modify the previous system wide setting that marked @dig as secure
+ * or insecure. This only has effect when the algorithm is enabled
+ * through the allowlisting mode in the configuration file, or when
+ * the setting is modified with a prior call to this function.
+ *
+ * Since: 3.7.3
+ */
+int
+gnutls_digest_set_secure(gnutls_digest_algorithm_t dig, unsigned int secure)
+{
+#ifndef DISABLE_SYSTEM_CONFIG
+	int ret;
+	ret = gnutls_rwlock_wrlock(&system_wide_config_rwlock);
+	if (ret < 0) {
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+		return gnutls_assert_val(ret);
+	}
+	if (!system_wide_config_is_malleable()) {
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (secure) {
+		ret = cfg_hashes_add(&system_wide_config, dig);
+	} else {
+		ret = cfg_hashes_remove(&system_wide_config, dig);
+	}
+
+	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+	return ret;
+#else
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+#endif
+}
+
+/**
+ * gnutls_sign_set_secure:
+ * @sign: the sign algorithm
+ * @secure: whether to mark the sign algorithm secure
+ *
+ * Modify the previous system wide setting that marked @sign as secure
+ * or insecure.  Calling this function is allowed
+ * only if allowlisting mode is set in the configuration file,
+ * and only if the system-wide TLS priority string
+ * has not been initialized yet.
+ * The intended usage is to provide applications with a way
+ * to expressly deviate from the distribution or site defaults
+ * inherited from the configuration file.
+ * The modification is composable with further modifications
+ * performed through the priority string mechanism.
+ *
+ * This function is not thread-safe and is intended to be called
+ * in the main thread at the beginning of the process execution.
+ *
+ * Even when @secure is true, @sign is not marked as secure for the
+ * use in certificates.  Use gnutls_sign_set_secure_for_certs() to
+ * mark it secure as well for certificates.
+ *
+ * Returns: 0 on success or negative error code otherwise.
+ *
+ * Since: 3.7.3
+ */
+int
+gnutls_sign_set_secure(gnutls_sign_algorithm_t sign, unsigned int secure)
+{
+#ifndef DISABLE_SYSTEM_CONFIG
+	int ret;
+	ret = gnutls_rwlock_wrlock(&system_wide_config_rwlock);
+	if (ret < 0) {
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+		return gnutls_assert_val(ret);
+	}
+	if (!system_wide_config_is_malleable()) {
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (secure) {
+		ret = cfg_sigs_add(&system_wide_config, sign);
+	} else {
+		ret = cfg_sigs_remove(&system_wide_config, sign);
+		if (ret < 0) {
+			(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+			return ret;
+		}
+		/* irregularity, distrusting also means distrusting for certs */
+		ret = cfg_sigs_for_cert_remove(&system_wide_config, sign);
+	}
+
+	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+	return ret;
+#else
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+#endif
+}
+
+
+/**
+ * gnutls_sign_set_secure_for_certs:
+ * @sign: the sign algorithm
+ * @secure: whether to mark the sign algorithm secure for certificates
+ *
+ * Modify the previous system wide setting that marked @sign as secure
+ * or insecure for the use in certificates.  Calling this fuction is allowed
+ * only if allowlisting mode is set in the configuration file,
+ * and only if the system-wide TLS priority string
+ * has not been initialized yet.
+ * The intended usage is to provide applications with a way
+ * to expressly deviate from the distribution or site defaults
+ * inherited from the configuration file.
+ * The modification is composable with further modifications
+ * performed through the priority string mechanism.
+ *
+ * This function is not thread-safe and is intended to be called
+ * in the main thread at the beginning of the process execution.
+
+ * When @secure is true, @sign is marked as secure for any use unlike
+ * gnutls_sign_set_secure().  Otherwise, it is marked as insecure only
+ * for the use in certificates.  Use gnutls_sign_set_secure() to mark
+ * it insecure for any uses.
+ *
+ * Returns: 0 on success or negative error code otherwise.
+ *
+ * Since: 3.7.3
+ */
+int
+gnutls_sign_set_secure_for_certs(gnutls_sign_algorithm_t sign,
+				 unsigned int secure)
+{
+#ifndef DISABLE_SYSTEM_CONFIG
+	int ret;
+	ret = gnutls_rwlock_wrlock(&system_wide_config_rwlock);
+	if (ret < 0) {
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+		return gnutls_assert_val(ret);
+	}
+	if (!system_wide_config_is_malleable()) {
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (secure) {
+		/* irregularity, trusting for certs means trusting in general */
+		ret = cfg_sigs_add(&system_wide_config, sign);
+		if (ret < 0) {
+			(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+			return ret;
+		}
+		ret = cfg_sigs_for_cert_add(&system_wide_config, sign);
+	} else {
+		ret = cfg_sigs_for_cert_remove(&system_wide_config, sign);
+	}
+
+	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+	return ret;
+#else
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+#endif
+}
+
+/**
+ * gnutls_protocol_set_enabled:
+ * @version: is a (gnutls) version number
+ * @enabled: whether to enable the protocol
+ *
+ * Control the previous system-wide setting that marked @version as
+ * enabled or disabled.  Calling this fuction is allowed
+ * only if allowlisting mode is set in the configuration file,
+ * and only if the system-wide TLS priority string
+ * has not been initialized yet.
+ * The intended usage is to provide applications with a way
+ * to expressly deviate from the distribution or site defaults
+ * inherited from the configuration file.
+ * The modification is composable with further modifications
+ * performed through the priority string mechanism.
+ *
+ * This function is not thread-safe and is intended to be called
+ * in the main thread at the beginning of the process execution.
+ *
+ * Returns: 0 on success or negative error code otherwise.
+ *
+ * Since: 3.7.3
+ */
+int /* allowlisting-only */ /* not thread-safe */
+gnutls_protocol_set_enabled(gnutls_protocol_t version, unsigned int enabled)
+{
+#ifndef DISABLE_SYSTEM_CONFIG
+	int ret;
+	ret = gnutls_rwlock_wrlock(&system_wide_config_rwlock);
+	if (ret < 0) {
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+		return gnutls_assert_val(ret);
+	}
+	if (!system_wide_config_is_malleable()) {
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (enabled) {
+		ret = cfg_versions_add(&system_wide_config, version);
+	} else {
+		ret = cfg_versions_remove(&system_wide_config, version);
+	}
+
+	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+	return ret;
+#else
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+#endif
+}
+
+/**
+ * gnutls_ecc_curve_set_enabled:
+ * @curve: is an ECC curve
+ * @enabled: whether to enable the curve
+ *
+ * Modify the previous system wide setting that marked @curve as
+ * enabled or disabled.  Calling this fuction is allowed
+ * only if allowlisting mode is set in the configuration file,
+ * and only if the system-wide TLS priority string
+ * has not been initialized yet.
+ * The intended usage is to provide applications with a way
+ * to expressly deviate from the distribution or site defaults
+ * inherited from the configuration file.
+ * The modification is composable with further modifications
+ * performed through the priority string mechanism.
+ *
+ * This function is not thread-safe and is intended to be called
+ * in the main thread at the beginning of the process execution.
+ *
+ * Returns: 0 on success or negative error code otherwise.
+ *
+ * Since: 3.7.3
+ */
+int
+gnutls_ecc_curve_set_enabled(gnutls_ecc_curve_t curve, unsigned int enabled)
+{
+#ifndef DISABLE_SYSTEM_CONFIG
+	int ret;
+	ret = gnutls_rwlock_wrlock(&system_wide_config_rwlock);
+	if (ret < 0) {
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+		return gnutls_assert_val(ret);
+	}
+	if (!system_wide_config_is_malleable()) {
+		(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (enabled) {
+		ret = cfg_ecc_curves_add(&system_wide_config, curve);
+	} else {
+		ret = cfg_ecc_curves_remove(&system_wide_config, curve);
+	}
+
+	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
+	return ret;
+#else
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+#endif
+}
diff --git a/lib/priority_options.gperf b/lib/priority_options.gperf
new file mode 100644
index 0000000..5a041b7
--- /dev/null
+++ b/lib/priority_options.gperf
@@ -0,0 +1,43 @@
+%{
+typedef void (*option_set_func)(gnutls_priority_t);
+%}
+%language=ANSI-C
+%readonly-tables
+struct priority_options_st { const char *name; option_set_func func; };
+%%
+COMPAT, enable_compat
+DUMBFW, enable_dumbfw
+NO_EXTENSIONS, enable_no_extensions
+NO_TICKETS, enable_no_tickets
+NO_TICKETS_TLS12, enable_no_tickets_tls12
+NO_ETM, enable_no_etm
+FORCE_ETM, enable_force_etm
+NO_SESSION_HASH, enable_no_ext_master_secret
+STATELESS_COMPRESSION, dummy_func
+VERIFY_ALLOW_BROKEN, enable_verify_allow_broken
+VERIFY_ALLOW_SIGN_RSA_MD5, enable_verify_allow_rsa_md5
+VERIFY_ALLOW_SIGN_WITH_SHA1, enable_verify_allow_sha1
+VERIFY_DISABLE_CRL_CHECKS, disable_crl_checks
+SSL3_RECORD_VERSION, enable_ssl3_record_version
+LATEST_RECORD_VERSION, enable_latest_record_version
+VERIFY_ALLOW_X509_V1_CA_CRT, dummy_func
+UNSAFE_RENEGOTIATION, enable_unsafe_renegotiation
+SAFE_RENEGOTIATION, enable_safe_renegotiation
+PARTIAL_RENEGOTIATION, enable_partial_safe_renegotiation
+DISABLE_SAFE_RENEGOTIATION, disable_safe_renegotiation
+FALLBACK_SCSV, enable_fallback_scsv
+DISABLE_WILDCARDS, disable_wildcards
+SERVER_PRECEDENCE, enable_server_precedence
+PROFILE_VERY_WEAK, enable_profile_very_weak
+PROFILE_LOW, enable_profile_low
+PROFILE_LEGACY, enable_profile_legacy
+PROFILE_MEDIUM, enable_profile_medium
+PROFILE_HIGH, enable_profile_high
+PROFILE_ULTRA, enable_profile_ultra
+PROFILE_FUTURE, enable_profile_future
+PROFILE_SUITEB128, enable_profile_suiteb128
+PROFILE_SUITEB192, enable_profile_suiteb192
+NEW_PADDING, dummy_func
+DEBUG_ALLOW_KEY_USAGE_VIOLATIONS, enable_server_key_usage_violations
+ALLOW_SMALL_RECORDS, enable_allow_small_records
+DISABLE_TLS13_COMPAT_MODE, disable_tls13_compat_mode
diff --git a/lib/priority_options.h b/lib/priority_options.h
new file mode 100644
index 0000000..11f9b47
--- /dev/null
+++ b/lib/priority_options.h
@@ -0,0 +1,189 @@
+/* ANSI-C code produced by gperf version 3.1 */
+/* Command-line: gperf --global-table -t priority_options.gperf  */
+/* Computed positions: -k'1,$' */
+
+#if !((' ' == 32) && ('!' == 33) && ('"' == 34) && ('#' == 35) \
+      && ('%' == 37) && ('&' == 38) && ('\'' == 39) && ('(' == 40) \
+      && (')' == 41) && ('*' == 42) && ('+' == 43) && (',' == 44) \
+      && ('-' == 45) && ('.' == 46) && ('/' == 47) && ('0' == 48) \
+      && ('1' == 49) && ('2' == 50) && ('3' == 51) && ('4' == 52) \
+      && ('5' == 53) && ('6' == 54) && ('7' == 55) && ('8' == 56) \
+      && ('9' == 57) && (':' == 58) && (';' == 59) && ('<' == 60) \
+      && ('=' == 61) && ('>' == 62) && ('?' == 63) && ('A' == 65) \
+      && ('B' == 66) && ('C' == 67) && ('D' == 68) && ('E' == 69) \
+      && ('F' == 70) && ('G' == 71) && ('H' == 72) && ('I' == 73) \
+      && ('J' == 74) && ('K' == 75) && ('L' == 76) && ('M' == 77) \
+      && ('N' == 78) && ('O' == 79) && ('P' == 80) && ('Q' == 81) \
+      && ('R' == 82) && ('S' == 83) && ('T' == 84) && ('U' == 85) \
+      && ('V' == 86) && ('W' == 87) && ('X' == 88) && ('Y' == 89) \
+      && ('Z' == 90) && ('[' == 91) && ('\\' == 92) && (']' == 93) \
+      && ('^' == 94) && ('_' == 95) && ('a' == 97) && ('b' == 98) \
+      && ('c' == 99) && ('d' == 100) && ('e' == 101) && ('f' == 102) \
+      && ('g' == 103) && ('h' == 104) && ('i' == 105) && ('j' == 106) \
+      && ('k' == 107) && ('l' == 108) && ('m' == 109) && ('n' == 110) \
+      && ('o' == 111) && ('p' == 112) && ('q' == 113) && ('r' == 114) \
+      && ('s' == 115) && ('t' == 116) && ('u' == 117) && ('v' == 118) \
+      && ('w' == 119) && ('x' == 120) && ('y' == 121) && ('z' == 122) \
+      && ('{' == 123) && ('|' == 124) && ('}' == 125) && ('~' == 126))
+/* The character set is not based on ISO-646.  */
+#error "gperf generated tables don't work with this execution character set. Please report a bug to <bug-gperf@gnu.org>."
+#endif
+
+#line 1 "priority_options.gperf"
+
+typedef void (*option_set_func)(gnutls_priority_t);
+#line 6 "priority_options.gperf"
+struct priority_options_st { const char *name; option_set_func func; };
+
+#define TOTAL_KEYWORDS 36
+#define MIN_WORD_LENGTH 6
+#define MAX_WORD_LENGTH 32
+#define MIN_HASH_VALUE 6
+#define MAX_HASH_VALUE 57
+/* maximum key range = 52, duplicates = 0 */
+
+#ifdef __GNUC__
+__inline
+#else
+#ifdef __cplusplus
+inline
+#endif
+#endif
+static unsigned int
+hash (register const char *str, register size_t len)
+{
+  static const unsigned char asso_values[] =
+    {
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 15,
+      25, 58, 58,  5, 58, 58, 20, 58, 58, 58,
+      58, 58, 58, 58, 58, 20, 58, 10,  0,  5,
+       0,  0,  5, 58, 58, 10, 25,  0,  0, 58,
+      10, 58, 58,  0,  0,  5, 15, 30, 58, 20,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58, 58, 58, 58, 58,
+      58, 58, 58, 58, 58, 58
+    };
+  return len + asso_values[(unsigned char)str[len - 1]] + asso_values[(unsigned char)str[0]];
+}
+
+static const struct priority_options_st wordlist[] =
+  {
+    {""}, {""}, {""}, {""}, {""}, {""},
+#line 13 "priority_options.gperf"
+    {"NO_ETM", enable_no_etm},
+    {""}, {""},
+#line 14 "priority_options.gperf"
+    {"FORCE_ETM", enable_force_etm},
+#line 11 "priority_options.gperf"
+    {"NO_TICKETS", enable_no_tickets},
+#line 40 "priority_options.gperf"
+    {"NEW_PADDING", dummy_func},
+    {""},
+#line 10 "priority_options.gperf"
+    {"NO_EXTENSIONS", enable_no_extensions},
+    {""}, {""},
+#line 8 "priority_options.gperf"
+    {"COMPAT", enable_compat},
+#line 29 "priority_options.gperf"
+    {"DISABLE_WILDCARDS", disable_wildcards},
+#line 25 "priority_options.gperf"
+    {"SAFE_RENEGOTIATION", enable_safe_renegotiation},
+#line 21 "priority_options.gperf"
+    {"SSL3_RECORD_VERSION", enable_ssl3_record_version},
+#line 15 "priority_options.gperf"
+    {"NO_SESSION_HASH", enable_no_ext_master_secret},
+#line 16 "priority_options.gperf"
+    {"STATELESS_COMPRESSION", dummy_func},
+#line 30 "priority_options.gperf"
+    {"SERVER_PRECEDENCE", enable_server_precedence},
+    {""},
+#line 34 "priority_options.gperf"
+    {"PROFILE_MEDIUM", enable_profile_medium},
+#line 24 "priority_options.gperf"
+    {"UNSAFE_RENEGOTIATION", enable_unsafe_renegotiation},
+#line 27 "priority_options.gperf"
+    {"DISABLE_SAFE_RENEGOTIATION", disable_safe_renegotiation},
+#line 35 "priority_options.gperf"
+    {"PROFILE_HIGH", enable_profile_high},
+#line 28 "priority_options.gperf"
+    {"FALLBACK_SCSV", enable_fallback_scsv},
+#line 37 "priority_options.gperf"
+    {"PROFILE_FUTURE", enable_profile_future},
+#line 43 "priority_options.gperf"
+    {"DISABLE_TLS13_COMPAT_MODE", disable_tls13_compat_mode},
+#line 26 "priority_options.gperf"
+    {"PARTIAL_RENEGOTIATION", enable_partial_safe_renegotiation},
+#line 41 "priority_options.gperf"
+    {"DEBUG_ALLOW_KEY_USAGE_VIOLATIONS", enable_server_key_usage_violations},
+    {""},
+#line 17 "priority_options.gperf"
+    {"VERIFY_ALLOW_BROKEN", enable_verify_allow_broken},
+    {""},
+#line 9 "priority_options.gperf"
+    {"DUMBFW", enable_dumbfw},
+#line 31 "priority_options.gperf"
+    {"PROFILE_VERY_WEAK", enable_profile_very_weak},
+    {""},
+#line 42 "priority_options.gperf"
+    {"ALLOW_SMALL_RECORDS", enable_allow_small_records},
+#line 20 "priority_options.gperf"
+    {"VERIFY_DISABLE_CRL_CHECKS", disable_crl_checks},
+#line 12 "priority_options.gperf"
+    {"NO_TICKETS_TLS12", enable_no_tickets_tls12},
+#line 23 "priority_options.gperf"
+    {"VERIFY_ALLOW_X509_V1_CA_CRT", dummy_func},
+#line 36 "priority_options.gperf"
+    {"PROFILE_ULTRA", enable_profile_ultra},
+#line 33 "priority_options.gperf"
+    {"PROFILE_LEGACY", enable_profile_legacy},
+#line 18 "priority_options.gperf"
+    {"VERIFY_ALLOW_SIGN_RSA_MD5", enable_verify_allow_rsa_md5},
+#line 22 "priority_options.gperf"
+    {"LATEST_RECORD_VERSION", enable_latest_record_version},
+#line 38 "priority_options.gperf"
+    {"PROFILE_SUITEB128", enable_profile_suiteb128},
+    {""}, {""}, {""},
+#line 32 "priority_options.gperf"
+    {"PROFILE_LOW", enable_profile_low},
+#line 39 "priority_options.gperf"
+    {"PROFILE_SUITEB192", enable_profile_suiteb192},
+    {""}, {""}, {""}, {""},
+#line 19 "priority_options.gperf"
+    {"VERIFY_ALLOW_SIGN_WITH_SHA1", enable_verify_allow_sha1}
+  };
+
+static const struct priority_options_st *
+in_word_set (register const char *str, register size_t len)
+{
+  if (len <= MAX_WORD_LENGTH && len >= MIN_WORD_LENGTH)
+    {
+      register unsigned int key = hash (str, len);
+
+      if (key <= MAX_HASH_VALUE)
+        {
+          register const char *s = wordlist[key].name;
+
+          if (*str == *s && !strcmp (str + 1, s + 1))
+            return &wordlist[key];
+        }
+    }
+  return 0;
+}
diff --git a/lib/privkey.c b/lib/privkey.c
new file mode 100644
index 0000000..0b77443
--- /dev/null
+++ b/lib/privkey.c
@@ -0,0 +1,2005 @@
+/*
+ * GnuTLS PKCS#11 support
+ * Copyright (C) 2010-2014 Free Software Foundation, Inc.
+ * Copyright (C) 2012-2015 Nikos Mavrogiannopoulos
+ * Copyright (C) 2016-2017 Red Hat, Inc.
+ * 
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/pkcs11.h>
+#include <stdio.h>
+#include <string.h>
+#include "errors.h"
+#include <datum.h>
+#include <pkcs11_int.h>
+#include <gnutls/abstract.h>
+#include <pk.h>
+#include <x509_int.h>
+#include <tls-sig.h>
+#include <algorithms.h>
+#include <fips.h>
+#include <system-keys.h>
+#include "urls.h"
+#include "tpm2.h"
+#include "pkcs11_int.h"
+#include <abstract_int.h>
+
+static int
+privkey_sign_prehashed(gnutls_privkey_t signer,
+		       const gnutls_sign_entry_st *se,
+		       const gnutls_datum_t * hash_data,
+		       gnutls_datum_t * signature,
+		       gnutls_x509_spki_st * params);
+
+/**
+ * gnutls_privkey_get_type:
+ * @key: should contain a #gnutls_privkey_t type
+ *
+ * This function will return the type of the private key. This is
+ * actually the type of the subsystem used to set this private key.
+ *
+ * Returns: a member of the #gnutls_privkey_type_t enumeration on
+ *   success, or a negative error code on error.
+ *
+ * Since: 2.12.0
+ **/
+gnutls_privkey_type_t gnutls_privkey_get_type(gnutls_privkey_t key)
+{
+	return key->type;
+}
+
+/**
+ * gnutls_privkey_get_seed:
+ * @key: should contain a #gnutls_privkey_t type
+ * @digest: if non-NULL it will contain the digest algorithm used for key generation (if applicable)
+ * @seed: where seed will be copied to
+ * @seed_size: originally holds the size of @seed, will be updated with actual size
+ *
+ * This function will return the seed that was used to generate the
+ * given private key. That function will succeed only if the key was generated
+ * as a provable key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.0
+ **/
+int gnutls_privkey_get_seed(gnutls_privkey_t key, gnutls_digest_algorithm_t *digest, void *seed, size_t *seed_size)
+{
+	if (key->type != GNUTLS_PRIVKEY_X509)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	return gnutls_x509_privkey_get_seed(key->key.x509, digest, seed, seed_size);
+}
+
+/**
+ * gnutls_privkey_verify_seed:
+ * @key: should contain a #gnutls_privkey_t type
+ * @digest: it contains the digest algorithm used for key generation (if applicable)
+ * @seed: the seed of the key to be checked with
+ * @seed_size: holds the size of @seed
+ *
+ * This function will verify that the given private key was generated from
+ * the provided seed.
+ *
+ * Returns: In case of a verification failure %GNUTLS_E_PRIVKEY_VERIFICATION_ERROR
+ * is returned, and zero or positive code on success.
+ *
+ * Since: 3.5.0
+ **/
+int gnutls_privkey_verify_seed(gnutls_privkey_t key, gnutls_digest_algorithm_t digest, const void *seed, size_t seed_size)
+{
+	if (key->type != GNUTLS_PRIVKEY_X509)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	return gnutls_x509_privkey_verify_seed(key->key.x509, digest, seed, seed_size);
+}
+
+/**
+ * gnutls_privkey_get_pk_algorithm:
+ * @key: should contain a #gnutls_privkey_t type
+ * @bits: If set will return the number of bits of the parameters (may be NULL)
+ *
+ * This function will return the public key algorithm of a private
+ * key and if possible will return a number of bits that indicates
+ * the security parameter of the key.
+ *
+ * Returns: a member of the #gnutls_pk_algorithm_t enumeration on
+ *   success, or a negative error code on error.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_privkey_get_pk_algorithm(gnutls_privkey_t key, unsigned int *bits)
+{
+	switch (key->type) {
+#ifdef ENABLE_PKCS11
+	case GNUTLS_PRIVKEY_PKCS11:
+		return gnutls_pkcs11_privkey_get_pk_algorithm(key->key.pkcs11,
+							      bits);
+#endif
+	case GNUTLS_PRIVKEY_X509:
+		if (bits) {
+			*bits = pubkey_to_bits(&key->key.x509->params);
+		}
+
+		return gnutls_x509_privkey_get_pk_algorithm(key->key.x509);
+	case GNUTLS_PRIVKEY_EXT:
+		if (bits)
+			*bits = key->key.ext.bits;
+
+		return key->pk_algorithm;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+}
+
+static int
+privkey_to_pubkey(gnutls_pk_algorithm_t pk,
+		  const gnutls_pk_params_st * priv, gnutls_pk_params_st * pub)
+{
+	int ret;
+
+	pub->algo = priv->algo;
+	pub->pkflags = priv->pkflags;
+	pub->curve = priv->curve;
+	pub->gost_params = priv->gost_params;
+	pub->qbits = priv->qbits;
+	memcpy(&pub->spki, &priv->spki, sizeof(gnutls_x509_spki_st));
+
+	switch (pk) {
+	case GNUTLS_PK_RSA_PSS:
+	case GNUTLS_PK_RSA:
+		pub->params[0] = _gnutls_mpi_copy(priv->params[0]);
+		pub->params[1] = _gnutls_mpi_copy(priv->params[1]);
+
+		pub->params_nr = RSA_PUBLIC_PARAMS;
+
+		if (pub->params[0] == NULL || pub->params[1] == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto cleanup;
+		}
+
+		break;
+	case GNUTLS_PK_DSA:
+		pub->params[0] = _gnutls_mpi_copy(priv->params[0]);
+		pub->params[1] = _gnutls_mpi_copy(priv->params[1]);
+		pub->params[2] = _gnutls_mpi_copy(priv->params[2]);
+		pub->params[3] = _gnutls_mpi_copy(priv->params[3]);
+
+		pub->params_nr = DSA_PUBLIC_PARAMS;
+
+		if (pub->params[0] == NULL || pub->params[1] == NULL ||
+		    pub->params[2] == NULL || pub->params[3] == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto cleanup;
+		}
+
+		break;
+	case GNUTLS_PK_ECDSA:
+		pub->params[ECC_X] = _gnutls_mpi_copy(priv->params[ECC_X]);
+		pub->params[ECC_Y] = _gnutls_mpi_copy(priv->params[ECC_Y]);
+
+		pub->params_nr = ECC_PUBLIC_PARAMS;
+
+		if (pub->params[ECC_X] == NULL || pub->params[ECC_Y] == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto cleanup;
+		}
+
+		break;
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_ECDH_X448:
+		ret = _gnutls_set_datum(&pub->raw_pub, priv->raw_pub.data, priv->raw_pub.size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		break;
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		pub->params[GOST_X] = _gnutls_mpi_copy(priv->params[GOST_X]);
+		pub->params[GOST_Y] = _gnutls_mpi_copy(priv->params[GOST_Y]);
+
+		pub->params_nr = GOST_PUBLIC_PARAMS;
+
+		if (pub->params[GOST_X] == NULL || pub->params[GOST_Y] == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto cleanup;
+		}
+
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return 0;
+ cleanup:
+	gnutls_pk_params_release(pub);
+	return ret;
+}
+
+/* Returns the public key of the private key (if possible)
+ */
+int
+_gnutls_privkey_get_mpis(gnutls_privkey_t key, gnutls_pk_params_st * params)
+{
+	int ret;
+
+	switch (key->type) {
+	case GNUTLS_PRIVKEY_X509:
+		ret = _gnutls_pk_params_copy(params, &key->key.x509->params);
+		break;
+#ifdef ENABLE_PKCS11
+	case GNUTLS_PRIVKEY_PKCS11: {
+		gnutls_pubkey_t pubkey;
+
+		ret = _pkcs11_privkey_get_pubkey(key->key.pkcs11, &pubkey, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_pubkey_get_mpis(pubkey, params);
+		gnutls_pubkey_deinit(pubkey);
+
+		break;
+		}
+#endif
+	default:
+		if (key->key.ext.pk_params_func) {
+			ret = key->key.ext.pk_params_func(key,
+							  key->key.ext.userdata,
+							  params);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+			return ret;
+		}
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return ret;
+}
+
+int
+_gnutls_privkey_get_public_mpis(gnutls_privkey_t key,
+				gnutls_pk_params_st * params)
+{
+	int ret;
+	gnutls_pk_params_st tmp1;
+
+	gnutls_pk_params_init(&tmp1);
+
+	ret = _gnutls_privkey_get_mpis(key, &tmp1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = privkey_to_pubkey(key->pk_algorithm, &tmp1, params);
+
+	gnutls_pk_params_release(&tmp1);
+
+	if (ret < 0)
+		gnutls_assert();
+
+	return ret;
+}
+
+/* This function retrieves default sign parameters from KEY. */
+int
+_gnutls_privkey_get_spki_params(gnutls_privkey_t key,
+				gnutls_x509_spki_st * params)
+{
+	switch (key->type) {
+#ifdef ENABLE_PKCS11
+	case GNUTLS_PRIVKEY_PKCS11:
+		break;
+#endif
+	case GNUTLS_PRIVKEY_EXT:
+		break;
+	case GNUTLS_PRIVKEY_X509:
+		_gnutls_x509_privkey_get_spki_params(key->key.x509, params);
+		return 0;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	memset(params, 0, sizeof(gnutls_x509_spki_st));
+
+	return 0;
+}
+
+/* This function fills in PARAMS with the necessary parameters to sign
+ * with PK and DIG. PARAMS must be initialized with
+ * _gnutls_privkey_get_spki_params in advance.
+ *
+ * After calling this function the params structure will
+ * be initialized even if the original SubjectPublicKeyInfo was empty.
+ */
+int
+_gnutls_privkey_update_spki_params(gnutls_privkey_t key,
+				 gnutls_pk_algorithm_t pk,
+				 gnutls_digest_algorithm_t dig,
+				 unsigned flags,
+				 gnutls_x509_spki_st *params)
+{
+	unsigned salt_size = 0;
+	unsigned bits = 0;
+	gnutls_pk_algorithm_t key_pk;
+
+	if (flags & GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS) {
+		if (!GNUTLS_PK_IS_RSA(pk))
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		pk = GNUTLS_PK_RSA_PSS;
+	}
+
+	key_pk = gnutls_privkey_get_pk_algorithm(key, &bits);
+	if ((key_pk != pk) &&
+	      !(key_pk == GNUTLS_PK_RSA && pk == GNUTLS_PK_RSA_PSS)) {
+		gnutls_assert();
+		return GNUTLS_E_CONSTRAINT_ERROR;
+	}
+
+	if (pk == GNUTLS_PK_RSA_PSS) {
+		const mac_entry_st *me;
+		int ret;
+
+		me = hash_to_entry(dig);
+		if (unlikely(me == NULL))
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		if (params->pk == GNUTLS_PK_RSA)
+			salt_size = 0;
+		else if (params->pk == GNUTLS_PK_RSA_PSS) {
+			if (params->rsa_pss_dig != GNUTLS_DIG_UNKNOWN && dig != params->rsa_pss_dig) {
+				return gnutls_assert_val(GNUTLS_E_CONSTRAINT_ERROR);
+			}
+
+			salt_size = params->salt_size;
+		}
+
+		if (flags & GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE)
+			params->salt_size = 0;
+		else {
+			ret = _gnutls_find_rsa_pss_salt_size(bits, me, salt_size);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+			if (flags & GNUTLS_PRIVKEY_FLAG_RSA_PSS_FIXED_SALT_LENGTH &&
+			    (size_t)ret != _gnutls_hash_get_algo_len(me)) {
+				return gnutls_assert_val(GNUTLS_E_CONSTRAINT_ERROR);
+			}
+			params->salt_size = ret;
+		}
+		params->rsa_pss_dig = dig;
+	}
+
+	params->pk = pk;
+
+	return 0;
+}
+
+/**
+ * gnutls_privkey_init:
+ * @key: A pointer to the type to be initialized
+ *
+ * This function will initialize a private key object. The object can
+ * be used to generate, import, and perform cryptographic operations
+ * on the associated private key.
+ *
+ * Note that when the underlying private key is a PKCS#11 key (i.e.,
+ * when imported with a PKCS#11 URI), the limitations of gnutls_pkcs11_privkey_init()
+ * apply to this object as well. In versions of GnuTLS later than 3.5.11 the object
+ * is protected using locks and a single %gnutls_privkey_t can be re-used
+ * by many threads. However, for performance it is recommended to utilize
+ * one object per key per thread.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_privkey_init(gnutls_privkey_t * key)
+{
+	FAIL_IF_LIB_ERROR;
+
+	*key = gnutls_calloc(1, sizeof(struct gnutls_privkey_st));
+	if (*key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_privkey_deinit:
+ * @key: The key to be deinitialized
+ *
+ * This function will deinitialize a private key structure.
+ *
+ * Since: 2.12.0
+ **/
+void gnutls_privkey_deinit(gnutls_privkey_t key)
+{
+	if (key == NULL)
+		return;
+
+	if (key->flags & GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE
+	    || key->flags & GNUTLS_PRIVKEY_IMPORT_COPY)
+		switch (key->type) {
+#ifdef ENABLE_PKCS11
+		case GNUTLS_PRIVKEY_PKCS11:
+			gnutls_pkcs11_privkey_deinit(key->key.pkcs11);
+			break;
+#endif
+		case GNUTLS_PRIVKEY_X509:
+			gnutls_x509_privkey_deinit(key->key.x509);
+			break;
+		case GNUTLS_PRIVKEY_EXT:
+			if (key->key.ext.deinit_func != NULL)
+				key->key.ext.deinit_func(key,
+							 key->key.ext.userdata);
+			break;
+		default:
+			break;
+		}
+	gnutls_free(key);
+}
+
+/* Will erase all private key information, except PIN */
+void _gnutls_privkey_cleanup(gnutls_privkey_t key)
+{
+	memset(&key->key, 0, sizeof(key->key));
+	key->type = 0;
+	key->pk_algorithm = 0;
+	key->flags = 0;
+}
+
+/* will fail if the private key contains an actual key.
+ */
+static int check_if_clean(gnutls_privkey_t key)
+{
+	if (key->type != 0)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	return 0;
+}
+
+#ifdef ENABLE_PKCS11
+
+/**
+ * gnutls_privkey_import_pkcs11:
+ * @pkey: The private key
+ * @key: The private key to be imported
+ * @flags: Flags for the import
+ *
+ * This function will import the given private key to the abstract
+ * #gnutls_privkey_t type.
+ *
+ * The #gnutls_pkcs11_privkey_t object must not be deallocated
+ * during the lifetime of this structure.
+ *
+ * @flags might be zero or one of %GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE
+ * and %GNUTLS_PRIVKEY_IMPORT_COPY.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_privkey_import_pkcs11(gnutls_privkey_t pkey,
+			     gnutls_pkcs11_privkey_t key, unsigned int flags)
+{
+	int ret;
+
+	ret = check_if_clean(pkey);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (flags & GNUTLS_PRIVKEY_IMPORT_COPY)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	pkey->key.pkcs11 = key;
+	pkey->type = GNUTLS_PRIVKEY_PKCS11;
+	pkey->pk_algorithm = gnutls_pkcs11_privkey_get_pk_algorithm(key, NULL);
+	pkey->flags = flags;
+
+	if (pkey->pin.data)
+		gnutls_pkcs11_privkey_set_pin_function(key, pkey->pin.cb,
+						       pkey->pin.data);
+
+	return 0;
+}
+
+#if 0
+/**
+ * gnutls_privkey_import_pkcs11_url:
+ * @key: A key of type #gnutls_pubkey_t
+ * @url: A PKCS 11 url
+ *
+ * This function will import a PKCS 11 private key to a #gnutls_private_key_t
+ * type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.0
+ **/
+
+int gnutls_privkey_import_pkcs11_url(gnutls_privkey_t key, const char *url)
+{
+	int x;
+}
+#endif
+
+static
+int _gnutls_privkey_import_pkcs11_url(gnutls_privkey_t key, const char *url, unsigned flags)
+{
+	gnutls_pkcs11_privkey_t pkey;
+	int ret;
+
+	ret = gnutls_pkcs11_privkey_init(&pkey);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (key->pin.cb)
+		gnutls_pkcs11_privkey_set_pin_function(pkey, key->pin.cb,
+						       key->pin.data);
+
+	ret = gnutls_pkcs11_privkey_import_url(pkey, url, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    gnutls_privkey_import_pkcs11(key, pkey,
+					 GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	return 0;
+
+ cleanup:
+	gnutls_pkcs11_privkey_deinit(pkey);
+
+	return ret;
+}
+
+/**
+ * gnutls_privkey_export_pkcs11:
+ * @pkey: The private key
+ * @key: Location for the key to be exported.
+ *
+ * Converts the given abstract private key to a #gnutls_pkcs11_privkey_t
+ * type. The key must be of type %GNUTLS_PRIVKEY_PKCS11. The key
+ * returned in @key must be deinitialized with
+ * gnutls_pkcs11_privkey_deinit().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ */
+int
+gnutls_privkey_export_pkcs11(gnutls_privkey_t pkey,
+			     gnutls_pkcs11_privkey_t *key)
+{
+	int ret;
+
+	if (pkey->type != GNUTLS_PRIVKEY_PKCS11) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_pkcs11_privkey_init(key);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pkcs11_privkey_cpy(*key, pkey->key.pkcs11);
+	if (ret < 0) {
+		gnutls_pkcs11_privkey_deinit(*key);
+		*key = NULL;
+
+		return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+#endif				/* ENABLE_PKCS11 */
+
+/**
+ * gnutls_privkey_import_ext:
+ * @pkey: The private key
+ * @pk: The public key algorithm
+ * @userdata: private data to be provided to the callbacks
+ * @sign_func: callback for signature operations
+ * @decrypt_func: callback for decryption operations
+ * @flags: Flags for the import
+ *
+ * This function will associate the given callbacks with the
+ * #gnutls_privkey_t type. At least one of the two callbacks
+ * must be non-null.
+ *
+ * Note that the signing function is supposed to "raw" sign data, i.e.,
+ * without any hashing or preprocessing. In case of RSA the DigestInfo
+ * will be provided, and the signing function is expected to do the PKCS #1
+ * 1.5 padding and the exponentiation.
+ *
+ * See also gnutls_privkey_import_ext3().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_privkey_import_ext(gnutls_privkey_t pkey,
+			  gnutls_pk_algorithm_t pk,
+			  void *userdata,
+			  gnutls_privkey_sign_func sign_func,
+			  gnutls_privkey_decrypt_func decrypt_func,
+			  unsigned int flags)
+{
+	return gnutls_privkey_import_ext2(pkey, pk, userdata, sign_func,
+					  decrypt_func, NULL, flags);
+}
+
+#define PK_IS_OK_FOR_EXT2(pk) \
+	((pk == GNUTLS_PK_RSA) || (pk == GNUTLS_PK_ECDSA) || (pk == GNUTLS_PK_DSA))
+
+/**
+ * gnutls_privkey_import_ext2:
+ * @pkey: The private key
+ * @pk: The public key algorithm
+ * @userdata: private data to be provided to the callbacks
+ * @sign_fn: callback for signature operations
+ * @decrypt_fn: callback for decryption operations
+ * @deinit_fn: a deinitialization function
+ * @flags: Flags for the import
+ *
+ * This function will associate the given callbacks with the
+ * #gnutls_privkey_t type. At least one of the two callbacks
+ * must be non-null. If a deinitialization function is provided
+ * then flags is assumed to contain %GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE.
+ *
+ * Note that the signing function is supposed to "raw" sign data, i.e.,
+ * without any hashing or preprocessing. In case of RSA the DigestInfo
+ * will be provided, and the signing function is expected to do the PKCS #1
+ * 1.5 padding and the exponentiation.
+ *
+ * See also gnutls_privkey_import_ext3().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1
+ **/
+int
+gnutls_privkey_import_ext2(gnutls_privkey_t pkey,
+			   gnutls_pk_algorithm_t pk,
+			   void *userdata,
+			   gnutls_privkey_sign_func sign_fn,
+			   gnutls_privkey_decrypt_func decrypt_fn,
+			   gnutls_privkey_deinit_func deinit_fn,
+			   unsigned int flags)
+{
+	int ret;
+
+	ret = check_if_clean(pkey);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (!PK_IS_OK_FOR_EXT2(pk))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (sign_fn == NULL && decrypt_fn == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	pkey->key.ext.sign_func = sign_fn;
+	pkey->key.ext.decrypt_func = decrypt_fn;
+	pkey->key.ext.deinit_func = deinit_fn;
+	pkey->key.ext.userdata = userdata;
+	pkey->type = GNUTLS_PRIVKEY_EXT;
+	pkey->pk_algorithm = pk;
+	pkey->flags = flags;
+
+	/* Ensure gnutls_privkey_deinit() calls the deinit_func */
+	if (deinit_fn)
+		pkey->flags |= GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE;
+
+	return 0;
+}
+
+/**
+ * gnutls_privkey_import_ext3:
+ * @pkey: The private key
+ * @userdata: private data to be provided to the callbacks
+ * @sign_fn: callback for signature operations
+ * @decrypt_fn: callback for decryption operations
+ * @deinit_fn: a deinitialization function
+ * @info_fn: returns info about the public key algorithm (should not be %NULL)
+ * @flags: Flags for the import
+ *
+ * This function will associate the given callbacks with the
+ * #gnutls_privkey_t type. At least one of the two callbacks
+ * must be non-null. If a deinitialization function is provided
+ * then flags is assumed to contain %GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE.
+ *
+ * Note that the signing function is supposed to "raw" sign data, i.e.,
+ * without any hashing or preprocessing. In case of RSA the DigestInfo
+ * will be provided, and the signing function is expected to do the PKCS #1
+ * 1.5 padding and the exponentiation.
+ *
+ * The @info_fn must provide information on the algorithms supported by
+ * this private key, and should support the flags %GNUTLS_PRIVKEY_INFO_PK_ALGO and
+ * %GNUTLS_PRIVKEY_INFO_SIGN_ALGO. It must return -1 on unknown flags.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_privkey_import_ext3(gnutls_privkey_t pkey,
+			   void *userdata,
+			   gnutls_privkey_sign_func sign_fn,
+			   gnutls_privkey_decrypt_func decrypt_fn,
+			   gnutls_privkey_deinit_func deinit_fn,
+			   gnutls_privkey_info_func info_fn,
+			   unsigned int flags)
+{
+	int ret;
+
+	ret = check_if_clean(pkey);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (sign_fn == NULL && decrypt_fn == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (info_fn == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	pkey->key.ext.sign_func = sign_fn;
+	pkey->key.ext.decrypt_func = decrypt_fn;
+	pkey->key.ext.deinit_func = deinit_fn;
+	pkey->key.ext.info_func = info_fn;
+	pkey->key.ext.userdata = userdata;
+	pkey->type = GNUTLS_PRIVKEY_EXT;
+	pkey->flags = flags;
+
+	pkey->pk_algorithm = pkey->key.ext.info_func(pkey, GNUTLS_PRIVKEY_INFO_PK_ALGO, pkey->key.ext.userdata);
+
+	if (!PK_IS_OK_FOR_EXT2(pkey->pk_algorithm))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	/* Ensure gnutls_privkey_deinit() calls the deinit_func */
+	if (deinit_fn)
+		pkey->flags |= GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE;
+
+	return 0;
+}
+
+/**
+ * gnutls_privkey_import_ext4:
+ * @pkey: The private key
+ * @userdata: private data to be provided to the callbacks
+ * @sign_data_fn: callback for signature operations (may be %NULL)
+ * @sign_hash_fn: callback for signature operations (may be %NULL)
+ * @decrypt_fn: callback for decryption operations (may be %NULL)
+ * @deinit_fn: a deinitialization function
+ * @info_fn: returns info about the public key algorithm (should not be %NULL)
+ * @flags: Flags for the import
+ *
+ * This function will associate the given callbacks with the
+ * #gnutls_privkey_t type. At least one of the callbacks
+ * must be non-null. If a deinitialization function is provided
+ * then flags is assumed to contain %GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE.
+ *
+ * Note that in contrast with the signing function of
+ * gnutls_privkey_import_ext3(), the signing functions provided to this
+ * function take explicitly the signature algorithm as parameter and
+ * different functions are provided to sign the data and hashes.
+ *
+ * The @sign_hash_fn is to be called to sign pre-hashed data. The input
+ * to the callback is the output of the hash (such as SHA256) corresponding
+ * to the signature algorithm. For RSA PKCS#1 signatures, the signature
+ * algorithm can be set to %GNUTLS_SIGN_RSA_RAW, and in that case the data
+ * should be handled as if they were an RSA PKCS#1 DigestInfo structure.
+ *
+ * The @sign_data_fn is to be called to sign data. The input data will be
+ * he data to be signed (and hashed), with the provided signature
+ * algorithm. This function is to be used for signature algorithms like
+ * Ed25519 which cannot take pre-hashed data as input.
+ *
+ * When both @sign_data_fn and @sign_hash_fn functions are provided they
+ * must be able to operate on all the supported signature algorithms,
+ * unless prohibited by the type of the algorithm (e.g., as with Ed25519).
+ *
+ * The @info_fn must provide information on the signature algorithms supported by
+ * this private key, and should support the flags %GNUTLS_PRIVKEY_INFO_PK_ALGO,
+ * %GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO and %GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS.
+ * It must return -1 on unknown flags.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_privkey_import_ext4(gnutls_privkey_t pkey,
+                           void *userdata,
+                           gnutls_privkey_sign_data_func sign_data_fn,
+                           gnutls_privkey_sign_hash_func sign_hash_fn,
+                           gnutls_privkey_decrypt_func decrypt_fn,
+                           gnutls_privkey_deinit_func deinit_fn,
+                           gnutls_privkey_info_func info_fn,
+                           unsigned int flags)
+{
+	int ret;
+
+	ret = check_if_clean(pkey);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (sign_data_fn == NULL && sign_hash_fn == NULL && decrypt_fn == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (info_fn == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	pkey->key.ext.sign_data_func = sign_data_fn;
+	pkey->key.ext.sign_hash_func = sign_hash_fn;
+	pkey->key.ext.decrypt_func = decrypt_fn;
+	pkey->key.ext.deinit_func = deinit_fn;
+	pkey->key.ext.info_func = info_fn;
+	pkey->key.ext.userdata = userdata;
+	pkey->type = GNUTLS_PRIVKEY_EXT;
+	pkey->flags = flags;
+
+	pkey->pk_algorithm = pkey->key.ext.info_func(pkey, GNUTLS_PRIVKEY_INFO_PK_ALGO, pkey->key.ext.userdata);
+
+	ret = pkey->key.ext.info_func(pkey, GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS, pkey->key.ext.userdata);
+	if (ret >= 0)
+		pkey->key.ext.bits = ret;
+
+	/* Ensure gnutls_privkey_deinit() calls the deinit_func */
+	if (deinit_fn)
+		pkey->flags |= GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE;
+
+	return 0;
+}
+
+/**
+ * gnutls_privkey_import_x509:
+ * @pkey: The private key
+ * @key: The private key to be imported
+ * @flags: Flags for the import
+ *
+ * This function will import the given private key to the abstract
+ * #gnutls_privkey_t type.
+ *
+ * The #gnutls_x509_privkey_t object must not be deallocated
+ * during the lifetime of this structure.
+ *
+ * @flags might be zero or one of %GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE
+ * and %GNUTLS_PRIVKEY_IMPORT_COPY.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_privkey_import_x509(gnutls_privkey_t pkey,
+			   gnutls_x509_privkey_t key, unsigned int flags)
+{
+	int ret;
+
+	ret = check_if_clean(pkey);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (flags & GNUTLS_PRIVKEY_IMPORT_COPY) {
+		ret = gnutls_x509_privkey_init(&pkey->key.x509);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = gnutls_x509_privkey_cpy(pkey->key.x509, key);
+		if (ret < 0) {
+			gnutls_x509_privkey_deinit(pkey->key.x509);
+			return gnutls_assert_val(ret);
+		}
+	} else
+		pkey->key.x509 = key;
+
+	pkey->type = GNUTLS_PRIVKEY_X509;
+	pkey->pk_algorithm = gnutls_x509_privkey_get_pk_algorithm(key);
+	pkey->flags = flags;
+
+	return 0;
+}
+
+/**
+ * gnutls_privkey_export_x509:
+ * @pkey: The private key
+ * @key: Location for the key to be exported.
+ *
+ * Converts the given abstract private key to a #gnutls_x509_privkey_t
+ * type. The abstract key must be of type %GNUTLS_PRIVKEY_X509. The input
+ * @key must not be initialized. The key returned in @key should be deinitialized
+ * using gnutls_x509_privkey_deinit().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ */
+int
+gnutls_privkey_export_x509(gnutls_privkey_t pkey,
+			   gnutls_x509_privkey_t *key)
+{
+	int ret;
+
+	if (pkey->type != GNUTLS_PRIVKEY_X509) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_x509_privkey_init(key);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_x509_privkey_cpy(*key, pkey->key.x509);
+	if (ret < 0) {
+		gnutls_x509_privkey_deinit(*key);
+		*key = NULL;
+
+		return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_privkey_generate:
+ * @pkey: An initialized private key
+ * @algo: is one of the algorithms in #gnutls_pk_algorithm_t.
+ * @bits: the size of the parameters to generate
+ * @flags: Must be zero or flags from #gnutls_privkey_flags_t.
+ *
+ * This function will generate a random private key. Note that this
+ * function must be called on an initialized private key.
+ *
+ * The flag %GNUTLS_PRIVKEY_FLAG_PROVABLE
+ * instructs the key generation process to use algorithms like Shawe-Taylor
+ * (from FIPS PUB186-4) which generate provable parameters out of a seed
+ * for RSA and DSA keys. See gnutls_privkey_generate2() for more
+ * information.
+ *
+ * Note that when generating an elliptic curve key, the curve
+ * can be substituted in the place of the bits parameter using the
+ * GNUTLS_CURVE_TO_BITS() macro. The input to the macro is any curve from
+ * %gnutls_ecc_curve_t.
+ *
+ * For DSA keys, if the subgroup size needs to be specified check
+ * the GNUTLS_SUBGROUP_TO_BITS() macro.
+ *
+ * It is recommended to do not set the number of @bits directly, use gnutls_sec_param_to_pk_bits() instead .
+ *
+ * See also gnutls_privkey_generate2().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int
+gnutls_privkey_generate(gnutls_privkey_t pkey,
+			gnutls_pk_algorithm_t algo, unsigned int bits,
+			unsigned int flags)
+{
+	return gnutls_privkey_generate2(pkey, algo, bits, flags, NULL, 0);
+}
+
+/**
+ * gnutls_privkey_generate2:
+ * @pkey: The private key
+ * @algo: is one of the algorithms in #gnutls_pk_algorithm_t.
+ * @bits: the size of the modulus
+ * @flags: Must be zero or flags from #gnutls_privkey_flags_t.
+ * @data: Allow specifying %gnutls_keygen_data_st types such as the seed to be used.
+ * @data_size: The number of @data available.
+ *
+ * This function will generate a random private key. Note that this
+ * function must be called on an initialized private key.
+ *
+ * The flag %GNUTLS_PRIVKEY_FLAG_PROVABLE
+ * instructs the key generation process to use algorithms like Shawe-Taylor
+ * (from FIPS PUB186-4) which generate provable parameters out of a seed
+ * for RSA and DSA keys. On DSA keys the PQG parameters are generated using the
+ * seed, while on RSA the two primes. To specify an explicit seed
+ * (by default a random seed is used), use the @data with a %GNUTLS_KEYGEN_SEED
+ * type.
+ *
+ * Note that when generating an elliptic curve key, the curve
+ * can be substituted in the place of the bits parameter using the
+ * GNUTLS_CURVE_TO_BITS() macro.
+ *
+ * To export the generated keys in memory or in files it is recommended to use the
+ * PKCS#8 form as it can handle all key types, and can store additional parameters
+ * such as the seed, in case of provable RSA or DSA keys.
+ * Generated keys can be exported in memory using gnutls_privkey_export_x509(),
+ * and then with gnutls_x509_privkey_export2_pkcs8().
+ *
+ * If key generation is part of your application, avoid setting the number
+ * of bits directly, and instead use gnutls_sec_param_to_pk_bits().
+ * That way the generated keys will adapt to the security levels
+ * of the underlying GnuTLS library.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.0
+ **/
+int
+gnutls_privkey_generate2(gnutls_privkey_t pkey,
+			 gnutls_pk_algorithm_t algo, unsigned int bits,
+			 unsigned int flags, const gnutls_keygen_data_st *data, unsigned data_size)
+{
+	int ret;
+
+	ret = gnutls_x509_privkey_init(&pkey->key.x509);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_x509_privkey_generate2(pkey->key.x509, algo, bits, flags, data, data_size);
+	if (ret < 0) {
+		gnutls_x509_privkey_deinit(pkey->key.x509);
+		pkey->key.x509 = NULL;
+		return gnutls_assert_val(ret);
+	}
+
+	pkey->type = GNUTLS_PRIVKEY_X509;
+	pkey->pk_algorithm = algo;
+	pkey->flags = flags | GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE;
+
+	return 0;
+}
+
+/**
+ * gnutls_privkey_sign_data:
+ * @signer: Holds the key
+ * @hash: should be a digest algorithm
+ * @flags: Zero or one of %gnutls_privkey_flags_t
+ * @data: holds the data to be signed
+ * @signature: will contain the signature allocated with gnutls_malloc()
+ *
+ * This function will sign the given data using a signature algorithm
+ * supported by the private key. Signature algorithms are always used
+ * together with a hash functions.  Different hash functions may be
+ * used for the RSA algorithm, but only the SHA family for the DSA keys.
+ *
+ * You may use gnutls_pubkey_get_preferred_hash_algorithm() to determine
+ * the hash algorithm.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ * negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_privkey_sign_data(gnutls_privkey_t signer,
+			 gnutls_digest_algorithm_t hash,
+			 unsigned int flags,
+			 const gnutls_datum_t * data,
+			 gnutls_datum_t * signature)
+{
+	int ret;
+	gnutls_x509_spki_st params;
+
+	if (flags & GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = _gnutls_privkey_get_spki_params(signer, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_privkey_update_spki_params(signer, signer->pk_algorithm,
+					         hash, flags, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	FIX_SIGN_PARAMS(params, flags, hash);
+
+	return privkey_sign_and_hash_data(signer, _gnutls_pk_to_sign_entry(params.pk, hash), data, signature, &params);
+}
+
+/**
+ * gnutls_privkey_sign_data2:
+ * @signer: Holds the key
+ * @algo: The signature algorithm used
+ * @flags: Zero or one of %gnutls_privkey_flags_t
+ * @data: holds the data to be signed
+ * @signature: will contain the signature allocated with gnutls_malloc()
+ *
+ * This function will sign the given data using the specified signature
+ * algorithm. This function is an enhancement of gnutls_privkey_sign_data(),
+ * as it allows utilizing a alternative signature algorithm where possible
+ * (e.g, use an RSA key with RSA-PSS).
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ * negative error value.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_privkey_sign_data2(gnutls_privkey_t signer,
+			  gnutls_sign_algorithm_t algo,
+			  unsigned int flags,
+			  const gnutls_datum_t * data,
+			  gnutls_datum_t * signature)
+{
+	int ret;
+	gnutls_x509_spki_st params;
+	const gnutls_sign_entry_st *se;
+
+	if (flags & GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	se = _gnutls_sign_to_entry(algo);
+	if (se == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = _gnutls_privkey_get_spki_params(signer, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_privkey_update_spki_params(signer, se->pk, se->hash,
+					         flags, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	FIX_SIGN_PARAMS(params, flags, se->hash);
+
+	return privkey_sign_and_hash_data(signer, se, data, signature, &params);
+}
+
+/**
+ * gnutls_privkey_sign_hash2:
+ * @signer: Holds the signer's key
+ * @algo: The signature algorithm used
+ * @flags: Zero or one of %gnutls_privkey_flags_t
+ * @hash_data: holds the data to be signed
+ * @signature: will contain newly allocated signature
+ *
+ * This function will sign the given hashed data using the specified signature
+ * algorithm. This function is an enhancement of gnutls_privkey_sign_hash(),
+ * as it allows utilizing a alternative signature algorithm where possible
+ * (e.g, use an RSA key with RSA-PSS).
+ *
+ * The flags may be %GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA.
+ * In that case this function will ignore @hash_algo and perform a raw PKCS1 signature.
+ * Note that this flag is supported since 3.6.9.
+ *
+ * Note also that, not all algorithm support signing already hashed data. When
+ * signing with Ed25519, gnutls_privkey_sign_data2() should be used instead.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_privkey_sign_hash2(gnutls_privkey_t signer,
+			  gnutls_sign_algorithm_t algo,
+			  unsigned int flags,
+			  const gnutls_datum_t * hash_data,
+			  gnutls_datum_t * signature)
+{
+	int ret;
+	gnutls_x509_spki_st params;
+	const gnutls_sign_entry_st *se;
+
+	if (flags & GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA) {
+		/* the corresponding signature algorithm is SIGN_RSA_RAW,
+		 * irrespective of hash algorithm. */
+		se = _gnutls_sign_to_entry(GNUTLS_SIGN_RSA_RAW);
+	} else {
+		se = _gnutls_sign_to_entry(algo);
+		if (unlikely(se == NULL))
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	}
+
+	ret = _gnutls_privkey_get_spki_params(signer, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_privkey_update_spki_params(signer, se->pk, se->hash,
+					         flags, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	FIX_SIGN_PARAMS(params, flags, se->hash);
+
+	return privkey_sign_prehashed(signer, se, hash_data, signature, &params);
+}
+
+int
+privkey_sign_and_hash_data(gnutls_privkey_t signer,
+			   const gnutls_sign_entry_st *se,
+			   const gnutls_datum_t * data,
+			   gnutls_datum_t * signature,
+			   gnutls_x509_spki_st * params)
+{
+	int ret;
+	gnutls_datum_t digest;
+	const mac_entry_st *me;
+
+	if (unlikely(se == NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (_gnutls_pk_is_not_prehashed(se->pk)) {
+		return privkey_sign_raw_data(signer, se, data, signature, params);
+	}
+
+	me = hash_to_entry(se->hash);
+	if (me == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = pk_hash_data(se->pk, me, NULL, data, &digest);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = pk_prepare_hash(se->pk, me, &digest);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = privkey_sign_raw_data(signer, se, &digest, signature, params);
+	_gnutls_free_datum(&digest);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+
+ cleanup:
+	_gnutls_free_datum(&digest);
+	return ret;
+}
+
+
+/**
+ * gnutls_privkey_sign_hash:
+ * @signer: Holds the signer's key
+ * @hash_algo: The hash algorithm used
+ * @flags: Zero or one of %gnutls_privkey_flags_t
+ * @hash_data: holds the data to be signed
+ * @signature: will contain newly allocated signature
+ *
+ * This function will sign the given hashed data using a signature algorithm
+ * supported by the private key. Signature algorithms are always used
+ * together with a hash functions.  Different hash functions may be
+ * used for the RSA algorithm, but only SHA-XXX for the DSA keys.
+ *
+ * You may use gnutls_pubkey_get_preferred_hash_algorithm() to determine
+ * the hash algorithm.
+ *
+ * The flags may be %GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA or %GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS.
+ * In the former case this function will ignore @hash_algo and perform a raw PKCS1 signature,
+ * and in the latter an RSA-PSS signature will be generated.
+ *
+ * Note that, not all algorithm support signing already hashed data. When
+ * signing with Ed25519, gnutls_privkey_sign_data() should be used.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_privkey_sign_hash(gnutls_privkey_t signer,
+			 gnutls_digest_algorithm_t hash_algo,
+			 unsigned int flags,
+			 const gnutls_datum_t * hash_data,
+			 gnutls_datum_t * signature)
+{
+	int ret;
+	gnutls_x509_spki_st params;
+	const gnutls_sign_entry_st *se;
+
+	ret = _gnutls_privkey_get_spki_params(signer, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_privkey_update_spki_params(signer, signer->pk_algorithm,
+					       hash_algo, flags, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* legacy callers of this API could use a hash algorithm of 0 (unknown)
+	 * to indicate raw hashing. As we now always want to know the signing
+	 * algorithm involved, we try discovering the hash algorithm. */
+	if (hash_algo == 0 && (params.pk == GNUTLS_PK_DSA || params.pk == GNUTLS_PK_ECDSA)) {
+		hash_algo = _gnutls_hash_size_to_sha_hash(hash_data->size);
+	}
+
+	if (params.pk == GNUTLS_PK_RSA && (flags & GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA)) {
+		/* the corresponding signature algorithm is SIGN_RSA_RAW,
+		 * irrespective of hash algorithm. */
+		se = _gnutls_sign_to_entry(GNUTLS_SIGN_RSA_RAW);
+	} else {
+		se = _gnutls_pk_to_sign_entry(params.pk, hash_algo);
+	}
+
+	if (unlikely(se == NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	FIX_SIGN_PARAMS(params, flags, hash_algo);
+
+	return privkey_sign_prehashed(signer, se,
+				      hash_data, signature, &params);
+}
+
+static int
+privkey_sign_prehashed(gnutls_privkey_t signer,
+		       const gnutls_sign_entry_st *se,
+		       const gnutls_datum_t * hash_data,
+		       gnutls_datum_t * signature,
+		       gnutls_x509_spki_st * params)
+{
+	int ret;
+	gnutls_datum_t digest;
+
+	if (unlikely(se == NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (se->id == GNUTLS_SIGN_RSA_RAW) {
+		return privkey_sign_raw_data(signer,
+					     se,
+					     hash_data, signature,
+					     params);
+	}
+
+	if (_gnutls_pk_is_not_prehashed(signer->pk_algorithm)) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	digest.data = gnutls_malloc(hash_data->size);
+	if (digest.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+	digest.size = hash_data->size;
+	memcpy(digest.data, hash_data->data, digest.size);
+
+	ret = pk_prepare_hash(se->pk, hash_to_entry(se->hash), &digest);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = privkey_sign_raw_data(signer,
+				    se,
+				    &digest, signature,
+				    params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+ cleanup:
+	_gnutls_free_datum(&digest);
+	return ret;
+}
+
+/*-
+ * privkey_sign_raw_data:
+ * @key: Holds the key
+ * @data: holds the data to be signed
+ * @signature: will contain the signature allocated with gnutls_malloc()
+ * @params: holds the signing parameters
+ *
+ * This function will sign the given data using a signature algorithm
+ * supported by the private key. Note that this is a low-level function
+ * and does not apply any preprocessing or hash on the signed data. 
+ * For example on an RSA key the input @data should be of the DigestInfo
+ * PKCS #1 1.5 format, on RSA-PSS, DSA or ECDSA the input should be a hash output
+ * and on Ed25519 the raw data to be signed.
+ *
+ * Note this function is equivalent to using the %GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA
+ * flag with gnutls_privkey_sign_hash().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ * negative error value.
+ *
+ * Since: 3.1.10
+ -*/
+int
+privkey_sign_raw_data(gnutls_privkey_t key,
+		      const gnutls_sign_entry_st *se,
+		      const gnutls_datum_t * data,
+		      gnutls_datum_t * signature,
+		      gnutls_x509_spki_st * params)
+{
+	if (unlikely(se == NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	switch (key->type) {
+#ifdef ENABLE_PKCS11
+	case GNUTLS_PRIVKEY_PKCS11:
+		return _gnutls_pkcs11_privkey_sign(key->key.pkcs11, se,
+						   data, signature,
+						   params);
+#endif
+	case GNUTLS_PRIVKEY_X509:
+		return _gnutls_pk_sign(se->pk, signature, data,
+				       &key->key.x509->params, params);
+	case GNUTLS_PRIVKEY_EXT:
+		if (unlikely(key->key.ext.sign_data_func == NULL &&
+			key->key.ext.sign_hash_func == NULL &&
+			key->key.ext.sign_func == NULL))
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		if (_gnutls_pk_is_not_prehashed(se->pk)) {
+			if (!key->key.ext.sign_data_func)
+				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+			return key->key.ext.sign_data_func(key, se->id,
+							   key->key.ext.userdata,
+							   0,
+							   data, signature);
+		} else if (key->key.ext.sign_hash_func) {
+			if (se->pk == GNUTLS_PK_RSA) {
+				se = _gnutls_sign_to_entry(GNUTLS_SIGN_RSA_RAW);
+				assert(se != NULL);
+			}
+
+			/* se may not be set here if we are doing legacy RSA */
+			return key->key.ext.sign_hash_func(key, se->id,
+							   key->key.ext.userdata,
+							   0,
+							   data, signature);
+		} else {
+			if (!PK_IS_OK_FOR_EXT2(se->pk))
+				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+			return key->key.ext.sign_func(key, key->key.ext.userdata,
+						      data, signature);
+		}
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+}
+
+/**
+ * gnutls_privkey_decrypt_data:
+ * @key: Holds the key
+ * @flags: zero for now
+ * @ciphertext: holds the data to be decrypted
+ * @plaintext: will contain the decrypted data, allocated with gnutls_malloc()
+ *
+ * This function will decrypt the given data using the algorithm
+ * supported by the private key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ * negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_privkey_decrypt_data(gnutls_privkey_t key,
+			    unsigned int flags,
+			    const gnutls_datum_t * ciphertext,
+			    gnutls_datum_t * plaintext)
+{
+	switch (key->type) {
+	case GNUTLS_PRIVKEY_X509:
+		return _gnutls_pk_decrypt(key->pk_algorithm, plaintext,
+					  ciphertext, &key->key.x509->params);
+#ifdef ENABLE_PKCS11
+	case GNUTLS_PRIVKEY_PKCS11:
+		return _gnutls_pkcs11_privkey_decrypt_data(key->key.pkcs11,
+							   flags,
+							   ciphertext,
+							   plaintext);
+#endif
+	case GNUTLS_PRIVKEY_EXT:
+		if (key->key.ext.decrypt_func == NULL)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		return key->key.ext.decrypt_func(key,
+						 key->key.ext.userdata,
+						 ciphertext, plaintext);
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+}
+
+/**
+ * gnutls_privkey_decrypt_data2:
+ * @key: Holds the key
+ * @flags: zero for now
+ * @ciphertext: holds the data to be decrypted
+ * @plaintext: a preallocated buffer that will be filled with the plaintext
+ * @plaintext_size: in/out size of the plaintext
+ *
+ * This function will decrypt the given data using the algorithm
+ * supported by the private key. Unlike with gnutls_privkey_decrypt_data()
+ * this function operates in constant time and constant memory access.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ * negative error value.
+ *
+ * Since: 3.6.5
+ **/
+
+int
+gnutls_privkey_decrypt_data2(gnutls_privkey_t key,
+			     unsigned int flags,
+			     const gnutls_datum_t * ciphertext,
+			     unsigned char * plaintext,
+			     size_t plaintext_size)
+{
+	/* Note: except for the backwards compatibility function, no
+	 * conditional code should be called after the decryption
+	 * function call, to avoid creating oracle attacks based
+	 * on cache/timing side channels */
+
+	/* backwards compatibility */
+	if (key->type == GNUTLS_PRIVKEY_EXT &&
+	    key->key.ext.decrypt_func2 == NULL &&
+	    key->key.ext.decrypt_func != NULL) {
+		gnutls_datum_t plain;
+		int ret;
+		ret = key->key.ext.decrypt_func(key,
+						key->key.ext.userdata,
+						ciphertext,
+						&plain);
+		if (plain.size != plaintext_size) {
+			ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		} else {
+			memcpy(plaintext, plain.data, plain.size);
+		}
+		gnutls_free(plain.data);
+		return ret;
+	}
+
+	switch (key->type) {
+	case GNUTLS_PRIVKEY_X509:
+		return _gnutls_pk_decrypt2(key->pk_algorithm, ciphertext,
+					   plaintext, plaintext_size,
+					   &key->key.x509->params);
+#ifdef ENABLE_PKCS11
+	case GNUTLS_PRIVKEY_PKCS11:
+		return _gnutls_pkcs11_privkey_decrypt_data2(key->key.pkcs11,
+							    flags,
+							    ciphertext,
+							    plaintext,
+							    plaintext_size);
+#endif
+	case GNUTLS_PRIVKEY_EXT:
+		if (key->key.ext.decrypt_func2 == NULL)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		return key->key.ext.decrypt_func2(key,
+						  key->key.ext.userdata,
+						  ciphertext, plaintext,
+						  plaintext_size);
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+}
+
+/**
+ * gnutls_privkey_import_x509_raw:
+ * @pkey: The private key
+ * @data: The private key data to be imported
+ * @format: The format of the private key
+ * @password: A password (optional)
+ * @flags: an ORed sequence of gnutls_pkcs_encrypt_flags_t
+ *
+ * This function will import the given private key to the abstract
+ * #gnutls_privkey_t type. 
+ *
+ * The supported formats are basic unencrypted key, PKCS8, PKCS12, 
+ * TSS2, and the openssl format.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.0
+ **/
+int gnutls_privkey_import_x509_raw(gnutls_privkey_t pkey,
+				   const gnutls_datum_t * data,
+				   gnutls_x509_crt_fmt_t format,
+				   const char *password, unsigned int flags)
+{
+	gnutls_x509_privkey_t xpriv;
+	int ret;
+
+#ifdef HAVE_TSS2
+	if (format == GNUTLS_X509_FMT_PEM &&
+	    memmem(data->data, data->size, "--BEGIN TSS2", 12) != NULL) {
+		ret = _gnutls_load_tpm2_key(pkey, data);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		return 0;
+	}
+#endif
+
+	ret = gnutls_x509_privkey_init(&xpriv);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (pkey->pin.cb) {
+		gnutls_x509_privkey_set_pin_function(xpriv, pkey->pin.cb,
+						     pkey->pin.data);
+	}
+
+	ret = gnutls_x509_privkey_import2(xpriv, data, format, password, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    gnutls_privkey_import_x509(pkey, xpriv,
+				       GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	return 0;
+
+ cleanup:
+	gnutls_x509_privkey_deinit(xpriv);
+
+	return ret;
+}
+
+/**
+ * gnutls_privkey_import_url:
+ * @key: A key of type #gnutls_privkey_t
+ * @url: A PKCS 11 url
+ * @flags: should be zero
+ *
+ * This function will import a PKCS11 or TPM URL as a
+ * private key. The supported URL types can be checked
+ * using gnutls_url_is_supported().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.0
+ **/
+int
+gnutls_privkey_import_url(gnutls_privkey_t key, const char *url,
+			  unsigned int flags)
+{
+	unsigned i;
+	int ret;
+
+	for (i=0;i<_gnutls_custom_urls_size;i++) {
+		if (strncmp(url, _gnutls_custom_urls[i].name, _gnutls_custom_urls[i].name_size) == 0) {
+			if (_gnutls_custom_urls[i].import_key) {
+				ret = _gnutls_custom_urls[i].import_key(key, url, flags);
+				goto cleanup;
+			}
+			break;
+		}
+	}
+
+	if (strncmp(url, PKCS11_URL, PKCS11_URL_SIZE) == 0) {
+#ifdef ENABLE_PKCS11
+		ret = _gnutls_privkey_import_pkcs11_url(key, url, flags);
+#else
+		ret = gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+#endif
+		goto cleanup;
+	}
+
+	if (strncmp(url, TPMKEY_URL, TPMKEY_URL_SIZE) == 0) {
+#ifdef HAVE_TROUSERS
+		ret = gnutls_privkey_import_tpm_url(key, url, NULL, NULL, 0);
+#else
+		ret = gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+#endif
+		goto cleanup;
+	}
+
+	if (strncmp(url, SYSTEM_URL, SYSTEM_URL_SIZE) == 0) {
+		ret = _gnutls_privkey_import_system_url(key, url);
+		goto cleanup;
+	}
+
+	ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+ cleanup:
+	return ret;
+}
+
+/**
+ * gnutls_privkey_set_pin_function:
+ * @key: A key of type #gnutls_privkey_t
+ * @fn: the callback
+ * @userdata: data associated with the callback
+ *
+ * This function will set a callback function to be used when
+ * required to access the object. This function overrides any other
+ * global PIN functions.
+ *
+ * Note that this function must be called right after initialization
+ * to have effect.
+ *
+ * Since: 3.1.0
+ *
+ **/
+void gnutls_privkey_set_pin_function(gnutls_privkey_t key,
+				     gnutls_pin_callback_t fn, void *userdata)
+{
+	key->pin.cb = fn;
+	key->pin.data = userdata;
+}
+
+/**
+ * gnutls_privkey_set_flags:
+ * @key: A key of type #gnutls_privkey_t
+ * @flags: flags from the %gnutls_privkey_flags
+ *
+ * This function will set flags for the specified private key, after
+ * it is generated. Currently this is useful for the %GNUTLS_PRIVKEY_FLAG_EXPORT_COMPAT
+ * to allow exporting a "provable" private key in backwards compatible way.
+ *
+ * Since: 3.5.0
+ *
+ **/
+void gnutls_privkey_set_flags(gnutls_privkey_t key,
+			      unsigned int flags)
+{
+	key->flags |= flags;
+	if (key->type == GNUTLS_PRIVKEY_X509)
+		gnutls_x509_privkey_set_flags(key->key.x509, flags);
+}
+
+/**
+ * gnutls_privkey_status:
+ * @key: Holds the key
+ *
+ * Checks the status of the private key token. This function
+ * is an actual wrapper over gnutls_pkcs11_privkey_status(), and
+ * if the private key is a PKCS #11 token it will check whether
+ * it is inserted or not.
+ *
+ * Returns: this function will return non-zero if the token 
+ * holding the private key is still available (inserted), and zero otherwise.
+ * 
+ * Since: 3.1.10
+ *
+ **/
+int gnutls_privkey_status(gnutls_privkey_t key)
+{
+	switch (key->type) {
+#ifdef ENABLE_PKCS11
+	case GNUTLS_PRIVKEY_PKCS11:
+		return gnutls_pkcs11_privkey_status(key->key.pkcs11);
+#endif
+	default:
+		return 1;
+	}
+}
+
+/**
+ * gnutls_privkey_verify_params:
+ * @key: should contain a #gnutls_privkey_t type
+ *
+ * This function will verify the private key parameters.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_privkey_verify_params(gnutls_privkey_t key)
+{
+	gnutls_pk_params_st params;
+	int ret;
+
+	gnutls_pk_params_init(&params);
+
+	ret = _gnutls_privkey_get_mpis(key, &params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_pk_verify_priv_params(key->pk_algorithm, &params);
+
+	gnutls_pk_params_release(&params);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_privkey_get_spki:
+ * @privkey: a public key of type #gnutls_privkey_t
+ * @spki: a SubjectPublicKeyInfo structure of type #gnutls_privkey_spki_t
+ * @flags: must be zero
+ *
+ * This function will return the public key information if available.
+ * The provided @spki must be initialized.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_privkey_get_spki(gnutls_privkey_t privkey, gnutls_x509_spki_t spki, unsigned int flags)
+{
+	gnutls_x509_spki_t p = &privkey->key.x509->params.spki;
+
+	if (privkey == NULL || privkey->type != GNUTLS_PRIVKEY_X509) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	if (p->pk == GNUTLS_PK_UNKNOWN)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	memcpy(spki, p, sizeof(gnutls_x509_spki_st));
+
+	return 0;
+}
+
+/**
+ * gnutls_privkey_set_spki:
+ * @privkey: a public key of type #gnutls_privkey_t
+ * @spki: a SubjectPublicKeyInfo structure of type #gnutls_privkey_spki_t
+ * @flags: must be zero
+ *
+ * This function will set the public key information.
+ * The provided @spki must be initialized.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_privkey_set_spki(gnutls_privkey_t privkey, const gnutls_x509_spki_t spki, unsigned int flags)
+{
+	if (privkey == NULL || privkey->type != GNUTLS_PRIVKEY_X509) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	return gnutls_x509_privkey_set_spki(privkey->key.x509, spki, flags);
+}
+
+/* Checks whether the public key given is compatible with the
+ * signature algorithm used. The session is only used for audit logging, and
+ * it may be null.
+ */
+unsigned _gnutls_privkey_compatible_with_sig(gnutls_privkey_t privkey,
+					     gnutls_sign_algorithm_t sign)
+{
+	const gnutls_sign_entry_st *se;
+
+	se = _gnutls_sign_to_entry(sign);
+	if (unlikely(se == NULL))
+		return gnutls_assert_val(0);
+
+	/* Prevent RSA-PSS private keys from negotiating an RSA signature,
+	 * and RSA keys which cannot do RSA-PSS (e.g., smart card) from
+	 * negotiating RSA-PSS sig.
+	 */
+
+	if (se->pk != privkey->pk_algorithm) { /* if the PK algorithm of the signature differs to the one on the pubkey */
+		if (!sign_supports_priv_pk_algorithm(se, privkey->pk_algorithm)) {
+			_gnutls_handshake_log("cannot use privkey of %s with %s\n",
+					      gnutls_pk_get_name(privkey->pk_algorithm), se->name);
+			return 0;
+		}
+	}
+
+	if (privkey->type == GNUTLS_PRIVKEY_EXT) {
+		if (privkey->key.ext.info_func) {
+			int ret;
+
+			ret = privkey->key.ext.info_func(privkey,
+						     GNUTLS_SIGN_ALGO_TO_FLAGS(sign)|GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO,
+						     privkey->key.ext.userdata);
+			if (ret != -1)
+				return ret;
+
+			/* use the old flag */
+			ret = privkey->key.ext.info_func(privkey, GNUTLS_PRIVKEY_INFO_SIGN_ALGO,
+						     privkey->key.ext.userdata);
+			if (ret == (int)sign)
+				return 1;
+		}
+
+		/* This key type is very limited on what it can handle */
+		if (!PK_IS_OK_FOR_EXT2(se->pk))
+			return gnutls_assert_val(0);
+	}
+#ifdef ENABLE_PKCS11
+	else if (privkey->type == GNUTLS_PRIVKEY_PKCS11) {
+		if (privkey->pk_algorithm == GNUTLS_PK_RSA && se->pk == GNUTLS_PK_RSA_PSS) {
+			if (!privkey->key.pkcs11->rsa_pss_ok)
+				return 0;
+		}
+	}
+#endif
+
+	return 1;
+}
diff --git a/lib/privkey_raw.c b/lib/privkey_raw.c
new file mode 100644
index 0000000..ba6d86d
--- /dev/null
+++ b/lib/privkey_raw.c
@@ -0,0 +1,539 @@
+/*
+ * Copyright (C) 2010-2014 Free Software Foundation, Inc.
+ * 
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/pkcs11.h>
+#include <stdio.h>
+#include <string.h>
+#include "errors.h"
+#include <datum.h>
+#include <pkcs11_int.h>
+#include <gnutls/abstract.h>
+#include <pk.h>
+#include <x509_int.h>
+#include <tls-sig.h>
+#include <algorithms.h>
+#include <fips.h>
+#include <abstract_int.h>
+
+/**
+ * gnutls_privkey_export_rsa_raw:
+ * @key: Holds the certificate
+ * @m: will hold the modulus
+ * @e: will hold the public exponent
+ * @d: will hold the private exponent
+ * @p: will hold the first prime (p)
+ * @q: will hold the second prime (q)
+ * @u: will hold the coefficient
+ * @e1: will hold e1 = d mod (p-1)
+ * @e2: will hold e2 = d mod (q-1)
+ *
+ * This function will export the RSA private key's parameters found
+ * in the given structure. The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum. For
+ * EdDSA keys, the @y value should be %NULL.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.3.0
+ **/
+int
+gnutls_privkey_export_rsa_raw(gnutls_privkey_t key,
+				    gnutls_datum_t * m, gnutls_datum_t * e,
+				    gnutls_datum_t * d, gnutls_datum_t * p,
+				    gnutls_datum_t * q, gnutls_datum_t * u,
+				    gnutls_datum_t * e1,
+				    gnutls_datum_t * e2)
+{
+	return gnutls_privkey_export_rsa_raw2(key, m, e, d, p, q, u, e1, e2, 0);
+}
+
+/**
+ * gnutls_privkey_export_rsa_raw2:
+ * @key: Holds the certificate
+ * @m: will hold the modulus
+ * @e: will hold the public exponent
+ * @d: will hold the private exponent
+ * @p: will hold the first prime (p)
+ * @q: will hold the second prime (q)
+ * @u: will hold the coefficient
+ * @e1: will hold e1 = d mod (p-1)
+ * @e2: will hold e2 = d mod (q-1)
+ * @flags: flags from %gnutls_abstract_export_flags_t
+ *
+ * This function will export the RSA private key's parameters found
+ * in the given structure. The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_privkey_export_rsa_raw2(gnutls_privkey_t key,
+				    gnutls_datum_t * m, gnutls_datum_t * e,
+				    gnutls_datum_t * d, gnutls_datum_t * p,
+				    gnutls_datum_t * q, gnutls_datum_t * u,
+				    gnutls_datum_t * e1,
+				    gnutls_datum_t * e2,
+				    unsigned int flags)
+{
+gnutls_pk_params_st params;
+int ret;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+	
+	gnutls_pk_params_init(&params);
+
+	ret = _gnutls_privkey_get_mpis(key, &params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_params_get_rsa_raw(&params, m, e, d, p, q, u, e1, e2, flags);
+
+	gnutls_pk_params_release(&params);
+
+	return ret;
+}
+
+/**
+ * gnutls_privkey_export_dsa_raw:
+ * @key: Holds the public key
+ * @p: will hold the p
+ * @q: will hold the q
+ * @g: will hold the g
+ * @y: will hold the y
+ * @x: will hold the x
+ *
+ * This function will export the DSA private key's parameters found
+ * in the given structure. The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.3.0
+ **/
+int
+gnutls_privkey_export_dsa_raw(gnutls_privkey_t key,
+			     gnutls_datum_t * p, gnutls_datum_t * q,
+			     gnutls_datum_t * g, gnutls_datum_t * y,
+			     gnutls_datum_t * x)
+{
+	return gnutls_privkey_export_dsa_raw2(key, p, q, g, y, x, 0);
+}
+
+/**
+ * gnutls_privkey_export_dsa_raw2:
+ * @key: Holds the public key
+ * @p: will hold the p
+ * @q: will hold the q
+ * @g: will hold the g
+ * @y: will hold the y
+ * @x: will hold the x
+ * @flags: flags from %gnutls_abstract_export_flags_t
+ *
+ * This function will export the DSA private key's parameters found
+ * in the given structure. The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_privkey_export_dsa_raw2(gnutls_privkey_t key,
+			     gnutls_datum_t * p, gnutls_datum_t * q,
+			     gnutls_datum_t * g, gnutls_datum_t * y,
+			     gnutls_datum_t * x, unsigned int flags)
+{
+gnutls_pk_params_st params;
+int ret;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+	
+	gnutls_pk_params_init(&params);
+
+	ret = _gnutls_privkey_get_mpis(key, &params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_params_get_dsa_raw(&params, p, q, g, y, x, flags);
+
+	gnutls_pk_params_release(&params);
+
+	return ret;
+}
+
+
+/**
+ * gnutls_privkey_export_ecc_raw:
+ * @key: Holds the public key
+ * @curve: will hold the curve
+ * @x: will hold the x-coordinate
+ * @y: will hold the y-coordinate
+ * @k: will hold the private key
+ *
+ * This function will export the ECC private key's parameters found
+ * in the given structure. The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * In EdDSA curves the @y parameter will be %NULL and the other parameters
+ * will be in the native format for the curve.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.3.0
+ **/
+int
+gnutls_privkey_export_ecc_raw(gnutls_privkey_t key,
+				       gnutls_ecc_curve_t * curve,
+				       gnutls_datum_t * x,
+				       gnutls_datum_t * y,
+				       gnutls_datum_t * k)
+{
+	return gnutls_privkey_export_ecc_raw2(key, curve, x, y, k, 0);
+}
+
+/**
+ * gnutls_privkey_export_ecc_raw2:
+ * @key: Holds the public key
+ * @curve: will hold the curve
+ * @x: will hold the x-coordinate
+ * @y: will hold the y-coordinate
+ * @k: will hold the private key
+ * @flags: flags from %gnutls_abstract_export_flags_t
+ *
+ * This function will export the ECC private key's parameters found
+ * in the given structure. The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * In EdDSA curves the @y parameter will be %NULL and the other parameters
+ * will be in the native format for the curve.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_privkey_export_ecc_raw2(gnutls_privkey_t key,
+				       gnutls_ecc_curve_t * curve,
+				       gnutls_datum_t * x,
+				       gnutls_datum_t * y,
+				       gnutls_datum_t * k,
+				       unsigned int flags)
+{
+gnutls_pk_params_st params;
+int ret;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+	
+	gnutls_pk_params_init(&params);
+
+	ret = _gnutls_privkey_get_mpis(key, &params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_params_get_ecc_raw(&params, curve, x, y, k, flags);
+
+	gnutls_pk_params_release(&params);
+
+	return ret;
+}
+
+/**
+ * gnutls_privkey_export_gost_raw2:
+ * @key: Holds the public key
+ * @curve: will hold the curve
+ * @digest: will hold the digest
+ * @paramset: will hold the GOST parameter set ID
+ * @x: will hold the x-coordinate
+ * @y: will hold the y-coordinate
+ * @k: will hold the private key
+ * @flags: flags from %gnutls_abstract_export_flags_t
+ *
+ * This function will export the GOST private key's parameters found
+ * in the given structure. The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Note: parameters will be stored with least significant byte first. On
+ * version 3.6.3 this was incorrectly returned in big-endian format.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_privkey_export_gost_raw2(gnutls_privkey_t key,
+				       gnutls_ecc_curve_t * curve,
+				       gnutls_digest_algorithm_t * digest,
+				       gnutls_gost_paramset_t * paramset,
+				       gnutls_datum_t * x,
+				       gnutls_datum_t * y,
+				       gnutls_datum_t * k,
+				       unsigned int flags)
+{
+	gnutls_pk_params_st params;
+	int ret;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	gnutls_pk_params_init(&params);
+
+	ret = _gnutls_privkey_get_mpis(key, &params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_params_get_gost_raw(&params, curve, digest, paramset,
+					  x, y, k, flags);
+
+	gnutls_pk_params_release(&params);
+
+	return ret;
+}
+
+/**
+ * gnutls_privkey_import_rsa_raw:
+ * @key: The structure to store the parsed key
+ * @m: holds the modulus
+ * @e: holds the public exponent
+ * @d: holds the private exponent (optional)
+ * @p: holds the first prime (p)
+ * @q: holds the second prime (q)
+ * @u: holds the coefficient (optional)
+ * @e1: holds e1 = d mod (p-1) (optional)
+ * @e2: holds e2 = d mod (q-1) (optional)
+ *
+ * This function will convert the given RSA raw parameters to the
+ * native #gnutls_privkey_t format.  The output will be stored in
+ * @key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_privkey_import_rsa_raw(gnutls_privkey_t key,
+				    const gnutls_datum_t * m,
+				    const gnutls_datum_t * e,
+				    const gnutls_datum_t * d,
+				    const gnutls_datum_t * p,
+				    const gnutls_datum_t * q,
+				    const gnutls_datum_t * u,
+				    const gnutls_datum_t * e1,
+				    const gnutls_datum_t * e2)
+{
+int ret;
+gnutls_x509_privkey_t xkey;
+
+	ret = gnutls_x509_privkey_init(&xkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_x509_privkey_import_rsa_raw2(xkey, m, e, d, p, q, u, e1, e1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	
+	ret = gnutls_privkey_import_x509(key, xkey, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	
+	return 0;
+
+error:
+	gnutls_x509_privkey_deinit(xkey);
+	return ret;
+}
+
+/**
+ * gnutls_privkey_import_dsa_raw:
+ * @key: The structure to store the parsed key
+ * @p: holds the p
+ * @q: holds the q
+ * @g: holds the g
+ * @y: holds the y (optional)
+ * @x: holds the x
+ *
+ * This function will convert the given DSA raw parameters to the
+ * native #gnutls_privkey_t format.  The output will be stored
+ * in @key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_privkey_import_dsa_raw(gnutls_privkey_t key,
+				   const gnutls_datum_t * p,
+				   const gnutls_datum_t * q,
+				   const gnutls_datum_t * g,
+				   const gnutls_datum_t * y,
+				   const gnutls_datum_t * x)
+{
+int ret;
+gnutls_x509_privkey_t xkey;
+
+	ret = gnutls_x509_privkey_init(&xkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_x509_privkey_import_dsa_raw(xkey, p, q, g, y, x);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	
+	ret = gnutls_privkey_import_x509(key, xkey, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	
+	return 0;
+
+error:
+	gnutls_x509_privkey_deinit(xkey);
+	return ret;
+}
+
+/**
+ * gnutls_privkey_import_ecc_raw:
+ * @key: The key
+ * @curve: holds the curve
+ * @x: holds the x-coordinate
+ * @y: holds the y-coordinate
+ * @k: holds the k (private key)
+ *
+ * This function will convert the given elliptic curve parameters to the
+ * native #gnutls_privkey_t format.  The output will be stored
+ * in @key.
+ *
+ * In EdDSA curves the @y parameter should be %NULL and the @x and @k parameters
+ * must be in the native format for the curve.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_privkey_import_ecc_raw(gnutls_privkey_t key,
+			      gnutls_ecc_curve_t curve,
+			      const gnutls_datum_t * x,
+			      const gnutls_datum_t * y,
+			      const gnutls_datum_t * k)
+{
+int ret;
+gnutls_x509_privkey_t xkey;
+
+	ret = gnutls_x509_privkey_init(&xkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_x509_privkey_import_ecc_raw(xkey, curve, x, y, k);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	
+	ret = gnutls_privkey_import_x509(key, xkey, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	
+	return 0;
+
+error:
+	gnutls_x509_privkey_deinit(xkey);
+	return ret;
+}
+
+/**
+ * gnutls_privkey_import_gost_raw:
+ * @key: The key
+ * @curve: holds the curve
+ * @digest: holds the digest
+ * @paramset: holds the GOST parameter set ID
+ * @x: holds the x-coordinate
+ * @y: holds the y-coordinate
+ * @k: holds the k (private key)
+ *
+ * This function will convert the given GOST private key's parameters to the
+ * native #gnutls_privkey_t format.  The output will be stored
+ * in @key.  @digest should be one of GNUTLS_DIG_GOSR_94,
+ * GNUTLS_DIG_STREEBOG_256 or GNUTLS_DIG_STREEBOG_512.  If @paramset is set to
+ * GNUTLS_GOST_PARAMSET_UNKNOWN default one will be selected depending on
+ * @digest.
+ *
+ * Note: parameters should be stored with least significant byte first. On
+ * version 3.6.3 big-endian format was used incorrectly.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_privkey_import_gost_raw(gnutls_privkey_t key,
+				   gnutls_ecc_curve_t curve,
+				   gnutls_digest_algorithm_t digest,
+				   gnutls_gost_paramset_t paramset,
+				   const gnutls_datum_t * x,
+				   const gnutls_datum_t * y,
+				   const gnutls_datum_t * k)
+{
+	int ret;
+	gnutls_x509_privkey_t xkey;
+
+	ret = gnutls_x509_privkey_init(&xkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_x509_privkey_import_gost_raw(xkey, curve, digest, paramset, x, y, k);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = gnutls_privkey_import_x509(key, xkey, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	return 0;
+
+error:
+	gnutls_x509_privkey_deinit(xkey);
+	return ret;
+}
diff --git a/lib/profiles.c b/lib/profiles.c
new file mode 100644
index 0000000..d74cc2c
--- /dev/null
+++ b/lib/profiles.c
@@ -0,0 +1,105 @@
+/*
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <algorithms.h>
+#include "errors.h"
+#include <x509/common.h>
+#include "c-strcase.h"
+#include "profiles.h"
+
+typedef struct {
+	const char *name;
+	gnutls_certificate_verification_profiles_t profile;
+	gnutls_sec_param_t sec_param;
+} gnutls_profile_entry;
+
+static const gnutls_profile_entry profiles[] = {
+	{"Very weak", GNUTLS_PROFILE_VERY_WEAK, GNUTLS_SEC_PARAM_VERY_WEAK},
+	{"Low", GNUTLS_PROFILE_LOW, GNUTLS_SEC_PARAM_LOW},
+	{"Legacy", GNUTLS_PROFILE_LEGACY, GNUTLS_SEC_PARAM_LEGACY},
+	{"Medium", GNUTLS_PROFILE_MEDIUM, GNUTLS_SEC_PARAM_MEDIUM},
+	{"High", GNUTLS_PROFILE_HIGH, GNUTLS_SEC_PARAM_HIGH},
+	{"Ultra", GNUTLS_PROFILE_ULTRA, GNUTLS_SEC_PARAM_ULTRA},
+	{"Future", GNUTLS_PROFILE_FUTURE, GNUTLS_SEC_PARAM_FUTURE},
+	{"SuiteB128", GNUTLS_PROFILE_SUITEB128, GNUTLS_SEC_PARAM_HIGH},
+	{"SuiteB192", GNUTLS_PROFILE_SUITEB192, GNUTLS_SEC_PARAM_ULTRA},
+	{NULL, 0, 0}
+};
+
+gnutls_sec_param_t _gnutls_profile_to_sec_level(gnutls_certificate_verification_profiles_t profile)
+{
+	const gnutls_profile_entry *p;
+
+	for(p = profiles; p->name != NULL; p++) {
+		if (profile == p->profile)
+			return p->sec_param;
+	}
+
+	return GNUTLS_SEC_PARAM_UNKNOWN;
+}
+
+/**
+ * gnutls_certificate_verification_profile_get_id:
+ * @name: is a profile name
+ *
+ * Convert a string to a #gnutls_certificate_verification_profiles_t value.  The names are
+ * compared in a case insensitive way.
+ *
+ * Returns: a #gnutls_certificate_verification_profiles_t id of the specified profile,
+ *   or %GNUTLS_PROFILE_UNKNOWN on failure.
+ **/
+gnutls_certificate_verification_profiles_t gnutls_certificate_verification_profile_get_id(const char *name)
+{
+	const gnutls_profile_entry *p;
+
+	if (name == NULL)
+		return GNUTLS_PROFILE_UNKNOWN;
+
+	for (p = profiles; p->name != NULL; p++) {
+		if (c_strcasecmp(p->name, name) == 0)
+			return p->profile;
+	}
+
+	return GNUTLS_PROFILE_UNKNOWN;
+}
+
+/**
+ * gnutls_certificate_verification_profile_get_name:
+ * @id: is a profile ID
+ *
+ * Convert a #gnutls_certificate_verification_profiles_t value to a string.
+ *
+ * Returns: a string that contains the name of the specified profile or %NULL.
+ **/
+const char *
+gnutls_certificate_verification_profile_get_name(gnutls_certificate_verification_profiles_t id)
+{
+	const gnutls_profile_entry *p;
+
+	for (p = profiles; p->name != NULL; p++) {
+		if (p->profile == id)
+			return p->name;
+	}
+
+	return NULL;
+}
diff --git a/lib/profiles.h b/lib/profiles.h
new file mode 100644
index 0000000..ee49f9b
--- /dev/null
+++ b/lib/profiles.h
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_PROFILES_H
+#define GNUTLS_LIB_PROFILES_H
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+gnutls_sec_param_t _gnutls_profile_to_sec_level(gnutls_certificate_verification_profiles_t profile) __GNUTLS_PURE__;
+
+gnutls_certificate_verification_profiles_t _gnutls_get_system_wide_verification_profile(void);
+
+#endif /* GNUTLS_LIB_PROFILES_H */
diff --git a/lib/psk.c b/lib/psk.c
new file mode 100644
index 0000000..49fe91c
--- /dev/null
+++ b/lib/psk.c
@@ -0,0 +1,648 @@
+/*
+ * Copyright (C) 2005-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions for manipulating the PSK credentials. */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <str.h>
+#include <auth/psk.h>
+#include <state.h>
+
+#ifdef ENABLE_PSK
+
+#include <auth/psk_passwd.h>
+#include <num.h>
+#include <file.h>
+#include <datum.h>
+#include "debug.h"
+#include "dh.h"
+
+/**
+ * gnutls_psk_free_client_credentials:
+ * @sc: is a #gnutls_psk_client_credentials_t type.
+ *
+ * Free a gnutls_psk_client_credentials_t structure.
+ **/
+void gnutls_psk_free_client_credentials(gnutls_psk_client_credentials_t sc)
+{
+	_gnutls_free_datum(&sc->username);
+	_gnutls_free_datum(&sc->key);
+	gnutls_free(sc);
+}
+
+/**
+ * gnutls_psk_allocate_client_credentials:
+ * @sc: is a pointer to a #gnutls_psk_server_credentials_t type.
+ *
+ * Allocate a gnutls_psk_client_credentials_t structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ **/
+int
+gnutls_psk_allocate_client_credentials(gnutls_psk_client_credentials_t *
+				       sc)
+{
+	*sc = gnutls_calloc(1, sizeof(psk_client_credentials_st));
+
+	if (*sc == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	/* TLS 1.3 - Default binder HMAC algorithm is SHA-256 */
+	(*sc)->binder_algo = _gnutls_mac_to_entry(GNUTLS_MAC_SHA256);
+	return 0;
+}
+
+/**
+ * gnutls_psk_set_client_credentials:
+ * @res: is a #gnutls_psk_client_credentials_t type.
+ * @username: is the user's zero-terminated userid
+ * @key: is the user's key
+ * @flags: indicate the format of the key, either
+ *   %GNUTLS_PSK_KEY_RAW or %GNUTLS_PSK_KEY_HEX.
+ *
+ * This function sets the username and password, in a
+ * gnutls_psk_client_credentials_t type.  Those will be used in
+ * PSK authentication.  @username should be an ASCII string or UTF-8
+ * string. In case of a UTF-8 string it is recommended to be following
+ * the PRECIS framework for usernames (rfc8265). The key can be either
+ * in raw byte format or in Hex format (without the 0x prefix).
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ **/
+int
+gnutls_psk_set_client_credentials(gnutls_psk_client_credentials_t res,
+				  const char *username,
+				  const gnutls_datum_t * key,
+				  gnutls_psk_key_flags flags)
+{
+	gnutls_datum_t dat;
+
+	if (username == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	dat.data = (unsigned char *) username;
+	dat.size = strlen(username);
+
+	return gnutls_psk_set_client_credentials2(res, &dat, key, flags);
+}
+
+/**
+ * gnutls_psk_set_client_credentials2:
+ * @res: is a #gnutls_psk_client_credentials_t type.
+ * @username: is the userid
+ * @key: is the user's key
+ * @flags: indicate the format of the key, either
+ *   %GNUTLS_PSK_KEY_RAW or %GNUTLS_PSK_KEY_HEX.
+ *
+ * This function is identical to gnutls_psk_set_client_credentials(),
+ * except that it allows a non-null-terminated username to be introduced.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ */
+int
+gnutls_psk_set_client_credentials2(gnutls_psk_client_credentials_t res,
+				   const gnutls_datum_t *username,
+				   const gnutls_datum_t *key,
+				   gnutls_psk_key_flags flags)
+{
+	int ret;
+
+	if (username == NULL || username->data == NULL || key == NULL || key->data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret =
+	    _gnutls_set_datum(&res->username, username->data, username->size);
+	if (ret < 0)
+		return ret;
+
+	if (flags == GNUTLS_PSK_KEY_RAW) {
+		if (_gnutls_set_datum(&res->key, key->data, key->size) < 0) {
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto error;
+		}
+	} else {		/* HEX key */
+		size_t size;
+		size = res->key.size = key->size / 2;
+		res->key.data = gnutls_malloc(size);
+		if (res->key.data == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto error;
+		}
+
+		ret =
+		    gnutls_hex_decode(key, (char *) res->key.data, &size);
+		res->key.size = (unsigned int) size;
+		if (ret < 0) {
+			
+			gnutls_assert();
+			goto error;
+		}
+
+		if (size < 4) {
+			gnutls_assert();
+			ret = GNUTLS_E_INVALID_REQUEST;
+			goto error;
+		}
+	}
+
+	return 0;
+
+      error:
+	_gnutls_free_datum(&res->username);
+	_gnutls_free_datum(&res->key);
+
+	return ret;
+}
+
+/**
+ * gnutls_psk_free_server_credentials:
+ * @sc: is a #gnutls_psk_server_credentials_t type.
+ *
+ * Free a gnutls_psk_server_credentials_t structure.
+ **/
+void gnutls_psk_free_server_credentials(gnutls_psk_server_credentials_t sc)
+{
+	if (sc->deinit_dh_params) {
+		gnutls_dh_params_deinit(sc->dh_params);
+	}
+
+	gnutls_free(sc->password_file);
+	gnutls_free(sc->hint);
+	gnutls_free(sc);
+}
+
+/**
+ * gnutls_psk_allocate_server_credentials:
+ * @sc: is a pointer to a #gnutls_psk_server_credentials_t type.
+ *
+ * Allocate a gnutls_psk_server_credentials_t structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ **/
+int
+gnutls_psk_allocate_server_credentials(gnutls_psk_server_credentials_t *
+				       sc)
+{
+	*sc = gnutls_calloc(1, sizeof(psk_server_cred_st));
+
+	if (*sc == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	/* TLS 1.3 - Default binder HMAC algorithm is SHA-256 */
+	(*sc)->binder_algo = _gnutls_mac_to_entry(GNUTLS_MAC_SHA256);
+	return 0;
+}
+
+
+/**
+ * gnutls_psk_set_server_credentials_file:
+ * @res: is a #gnutls_psk_server_credentials_t type.
+ * @password_file: is the PSK password file (passwd.psk)
+ *
+ * This function sets the password file, in a
+ * #gnutls_psk_server_credentials_t type.  This password file
+ * holds usernames and keys and will be used for PSK authentication.
+ *
+ * Each entry in the file consists of a username, followed by a colon
+ * (':') and a hex-encoded key.  If the username contains a colon or
+ * any other special character, it can be hex-encoded preceded by a
+ * '#'.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ **/
+int
+gnutls_psk_set_server_credentials_file(gnutls_psk_server_credentials_t
+				       res, const char *password_file)
+{
+
+	if (password_file == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Check if the files can be opened */
+	if (_gnutls_file_exists(password_file) != 0) {
+		gnutls_assert();
+		return GNUTLS_E_FILE_ERROR;
+	}
+
+	res->password_file = gnutls_strdup(password_file);
+	if (res->password_file == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_psk_set_server_credentials_hint:
+ * @res: is a #gnutls_psk_server_credentials_t type.
+ * @hint: is the PSK identity hint string
+ *
+ * This function sets the identity hint, in a
+ * #gnutls_psk_server_credentials_t type.  This hint is sent to
+ * the client to help it chose a good PSK credential (i.e., username
+ * and password).
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since: 2.4.0
+ **/
+int
+gnutls_psk_set_server_credentials_hint(gnutls_psk_server_credentials_t res,
+				       const char *hint)
+{
+	res->hint = gnutls_strdup(hint);
+	if (res->hint == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+static int call_server_callback_legacy(gnutls_session_t session,
+				       const gnutls_datum_t *username,
+				       gnutls_datum_t *key)
+{
+	gnutls_psk_server_credentials_t cred =
+			(gnutls_psk_server_credentials_t)
+				_gnutls_get_cred(session, GNUTLS_CRD_PSK);
+	if (unlikely(cred == NULL))
+	  return gnutls_assert_val(-1);
+
+	return cred->pwd_callback_legacy(session, (const char *) username->data, key);
+}
+
+/**
+ * gnutls_psk_set_server_credentials_function:
+ * @cred: is a #gnutls_psk_server_credentials_t type.
+ * @func: is the callback function
+ *
+ * This function can be used to set a callback to retrieve the user's PSK credentials.
+ * The callback's function form is:
+ * int (*callback)(gnutls_session_t, const char* username,
+ *  gnutls_datum_t* key);
+ *
+ * @username contains the actual username.
+ * The @key must be filled in using the gnutls_malloc().
+ *
+ * In case the callback returned a negative number then gnutls will
+ * assume that the username does not exist.
+ *
+ * The callback function will only be called once per handshake.  The
+ * callback function should return 0 on success, while -1 indicates
+ * an error.
+ **/
+void
+gnutls_psk_set_server_credentials_function(gnutls_psk_server_credentials_t
+					   cred,
+					   gnutls_psk_server_credentials_function
+					   * func)
+{
+	cred->pwd_callback_legacy = func;
+	cred->pwd_callback = call_server_callback_legacy;
+}
+
+/**
+ * gnutls_psk_set_server_credentials_function2:
+ * @cred: is a #gnutls_psk_server_credentials_t type.
+ * @func: is the callback function
+ *
+ * This function can be used to set a callback to retrieve the user's PSK credentials.
+ * The callback's function form is:
+ * int (*callback)(gnutls_session_t, const gnutls_datum_t* username,
+ *  gnutls_datum_t* key);
+ *
+ * This callback function has the same semantics as that of gnutls_psk_set_server_credentials_function(),
+ * but it allows non-string usernames to be used.
+ *
+ * @username contains the actual username.
+ * The @key must be filled in using the gnutls_malloc().
+ *
+ * In case the callback returned a negative number then gnutls will
+ * assume that the username does not exist.
+ *
+ * The callback function will only be called once per handshake.  The
+ * callback function should return 0 on success, while -1 indicates
+ * an error.
+ **/
+void
+gnutls_psk_set_server_credentials_function2(gnutls_psk_server_credentials_t cred,
+					    gnutls_psk_server_credentials_function2 func)
+{
+	cred->pwd_callback = func;
+	cred->pwd_callback_legacy = NULL;
+}
+
+static int call_client_callback_legacy(gnutls_session_t session,
+				       gnutls_datum_t *username,
+				       gnutls_datum_t *key)
+{
+	int ret;
+	char *user_p;
+	gnutls_psk_client_credentials_t cred =
+			(gnutls_psk_client_credentials_t)
+				_gnutls_get_cred(session, GNUTLS_CRD_PSK);
+	if (unlikely(cred == NULL))
+	  return gnutls_assert_val(-1);
+
+
+	ret = cred->get_function_legacy(session, &user_p, key);
+
+	if (ret)
+		goto end;
+
+	username->data = (uint8_t *) user_p;
+	username->size = strlen(user_p);
+
+end:
+	return ret;
+}
+
+/**
+ * gnutls_psk_set_client_credentials_function:
+ * @cred: is a #gnutls_psk_server_credentials_t type.
+ * @func: is the callback function
+ *
+ * This function can be used to set a callback to retrieve the username and
+ * password for client PSK authentication.
+ * The callback's function form is:
+ * int (*callback)(gnutls_session_t, char** username,
+ *  gnutls_datum_t* key);
+ *
+ * The @username and @key->data must be allocated using gnutls_malloc().
+ * The @username should be an ASCII string or UTF-8
+ * string. In case of a UTF-8 string it is recommended to be following
+ * the PRECIS framework for usernames (rfc8265).
+ *
+ * The callback function will be called once per handshake.
+ *
+ * The callback function should return 0 on success.
+ * -1 indicates an error.
+ **/
+void
+gnutls_psk_set_client_credentials_function(gnutls_psk_client_credentials_t
+					   cred,
+					   gnutls_psk_client_credentials_function
+					   * func)
+{
+	cred->get_function = call_client_callback_legacy;
+	cred->get_function_legacy = func;
+}
+
+/**
+ * gnutls_psk_set_client_credentials_function2:
+ * @cred: is a #gnutls_psk_server_credentials_t type.
+ * @func: is the callback function
+ *
+ * This function can be used to set a callback to retrieve the username and
+ * password for client PSK authentication.
+ * The callback's function form is:
+ * int (*callback)(gnutls_session_t, gnutls_datum_t* username,
+ *  gnutls_datum_t* key);
+ *
+ * This callback function has the same semantics as that of gnutls_psk_set_client_credentials_function(),
+ * but it allows non-string usernames to be used.
+ *
+ * The @username and @key->data must be allocated using gnutls_malloc().
+ * The @username should be an ASCII string or UTF-8
+ * string. In case of a UTF-8 string it is recommended to be following
+ * the PRECIS framework for usernames (rfc8265).
+ *
+ * The callback function will be called once per handshake.
+ *
+ * The callback function should return 0 on success.
+ * -1 indicates an error.
+ **/
+void
+gnutls_psk_set_client_credentials_function2(gnutls_psk_client_credentials_t cred,
+					    gnutls_psk_client_credentials_function2 *func)
+{
+	cred->get_function = func;
+	cred->get_function_legacy = NULL;
+}
+
+
+/**
+ * gnutls_psk_server_get_username:
+ * @session: is a gnutls session
+ *
+ * This should only be called in case of PSK authentication and in
+ * case of a server.
+ *
+ * The returned pointer should be considered constant (do not free) and valid 
+ * for the lifetime of the session.
+ *
+ * This function will return %NULL if the username has embedded NULL bytes.
+ * In that case, gnutls_psk_server_get_username2() should be used to retrieve the username.
+ *
+ * Returns: the username of the peer, or %NULL in case of an error,
+ * or if the username has embedded NULLs.
+ **/
+const char *gnutls_psk_server_get_username(gnutls_session_t session)
+{
+	psk_auth_info_t info;
+
+	CHECK_AUTH_TYPE(GNUTLS_CRD_PSK, NULL);
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+	if (info == NULL)
+		return NULL;
+
+	if (info->username[0] != 0 && !_gnutls_has_embedded_null(info->username, info->username_len))
+		return info->username;
+
+	return NULL;
+}
+
+/**
+ * gnutls_psk_server_get_username2:
+ * @session: is a gnutls session
+ * @username: a datum that will be filled in by this function
+ *
+ * Return a pointer to the username of the peer in the supplied datum. Does not
+ * need to be null-terminated.
+ *
+ * This should only be called in case of PSK authentication and in
+ * case of a server.
+ *
+ * The returned pointer should be considered constant (do not free) and valid 
+ * for the lifetime of the session.
+ *
+ * Returns: %GNUTLS_E_SUCCESS, or a negative value in case of an error.
+ **/
+int gnutls_psk_server_get_username2(gnutls_session_t session, gnutls_datum_t *username)
+{
+	psk_auth_info_t info;
+
+	CHECK_AUTH_TYPE(GNUTLS_CRD_PSK, GNUTLS_E_INVALID_REQUEST);
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+	if (info == NULL)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+	if (info->username_len > 0) {
+		username->data = (unsigned char *) info->username;
+		username->size = info->username_len;
+		return 0;
+	}
+
+	return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+}
+
+/**
+ * gnutls_psk_client_get_hint:
+ * @session: is a gnutls session
+ *
+ * The PSK identity hint may give the client help in deciding which
+ * username to use.  This should only be called in case of PSK
+ * authentication and in case of a client.
+ *
+ * Note: there is no hint in TLS 1.3, so this function will return %NULL
+ * if TLS 1.3 has been negotiated.
+ *
+ * Returns: the identity hint of the peer, or %NULL in case of an error or if TLS 1.3 is being used.
+ *
+ * Since: 2.4.0
+ **/
+const char *gnutls_psk_client_get_hint(gnutls_session_t session)
+{
+	psk_auth_info_t info;
+
+	CHECK_AUTH_TYPE(GNUTLS_CRD_PSK, NULL);
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+	return info ? info->hint : NULL;
+}
+
+/**
+ * gnutls_psk_set_server_dh_params:
+ * @res: is a gnutls_psk_server_credentials_t type
+ * @dh_params: is a structure that holds Diffie-Hellman parameters.
+ *
+ * This function will set the Diffie-Hellman parameters for an
+ * anonymous server to use. These parameters will be used in
+ * Diffie-Hellman exchange with PSK cipher suites.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
+ **/
+void
+gnutls_psk_set_server_dh_params(gnutls_psk_server_credentials_t res,
+				gnutls_dh_params_t dh_params)
+{
+	if (res->deinit_dh_params) {
+		res->deinit_dh_params = 0;
+		gnutls_dh_params_deinit(res->dh_params);
+		res->dh_params = NULL;
+	}
+
+	res->dh_params = dh_params;
+	res->dh_sec_param = gnutls_pk_bits_to_sec_param(GNUTLS_PK_DH, _gnutls_mpi_get_nbits(dh_params->params[0]));
+}
+
+/**
+ * gnutls_psk_set_server_known_dh_params:
+ * @res: is a gnutls_psk_server_credentials_t type
+ * @sec_param: is an option of the %gnutls_sec_param_t enumeration
+ *
+ * This function will set the Diffie-Hellman parameters for a
+ * PSK server to use. These parameters will be used in
+ * Ephemeral Diffie-Hellman cipher suites and will be selected from
+ * the FFDHE set of RFC7919 according to the security level provided.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.6
+ **/
+int
+gnutls_psk_set_server_known_dh_params(gnutls_psk_server_credentials_t res,
+				       gnutls_sec_param_t sec_param)
+{
+	res->dh_sec_param = sec_param;
+
+	return 0;
+}
+
+/**
+ * gnutls_psk_set_server_params_function:
+ * @res: is a #gnutls_certificate_credentials_t type
+ * @func: is the function to be called
+ *
+ * This function will set a callback in order for the server to get
+ * the Diffie-Hellman parameters for PSK authentication.  The callback
+ * should return %GNUTLS_E_SUCCESS (0) on success.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
+ **/
+void
+gnutls_psk_set_server_params_function(gnutls_psk_server_credentials_t res,
+				      gnutls_params_function * func)
+{
+	res->params_func = func;
+}
+
+/**
+ * gnutls_psk_set_params_function:
+ * @res: is a gnutls_psk_server_credentials_t type
+ * @func: is the function to be called
+ *
+ * This function will set a callback in order for the server to get
+ * the Diffie-Hellman or RSA parameters for PSK authentication.  The
+ * callback should return %GNUTLS_E_SUCCESS (0) on success.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
+ **/
+void
+gnutls_psk_set_params_function(gnutls_psk_server_credentials_t res,
+			       gnutls_params_function * func)
+{
+	res->params_func = func;
+}
+
+#endif				/* ENABLE_PSK */
diff --git a/lib/pubkey.c b/lib/pubkey.c
new file mode 100644
index 0000000..a0e5bc9
--- /dev/null
+++ b/lib/pubkey.c
@@ -0,0 +1,2786 @@
+/*
+ * GnuTLS public key support
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ * 
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/pkcs11.h>
+#include <stdio.h>
+#include <string.h>
+#include "errors.h"
+#include <datum.h>
+#include <pkcs11_int.h>
+#include <gnutls/abstract.h>
+#include <tls-sig.h>
+#include <pk.h>
+#include <x509_int.h>
+#include <num.h>
+#include <x509/common.h>
+#include <x509_b64.h>
+#include <abstract_int.h>
+#include <fips.h>
+#include "urls.h"
+#include <ecc.h>
+
+static int
+pubkey_verify_hashed_data(const gnutls_sign_entry_st *se,
+			  const mac_entry_st *me,
+			  const gnutls_datum_t * hash,
+			  const gnutls_datum_t * signature,
+			  gnutls_pk_params_st * params,
+			  gnutls_x509_spki_st * sign_params,
+			  unsigned flags);
+
+static
+int pubkey_supports_sig(gnutls_pubkey_t pubkey,
+			const gnutls_sign_entry_st *se);
+
+unsigned pubkey_to_bits(const gnutls_pk_params_st * params)
+{
+	switch (params->algo) {
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_RSA_PSS:
+		return _gnutls_mpi_get_nbits(params->params[RSA_MODULUS]);
+	case GNUTLS_PK_DSA:
+		return _gnutls_mpi_get_nbits(params->params[DSA_P]);
+	case GNUTLS_PK_ECDSA:
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_ECDH_X448:
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		return gnutls_ecc_curve_get_size(params->curve) * 8;
+	default:
+		return 0;
+	}
+}
+
+/**
+ * gnutls_pubkey_get_pk_algorithm:
+ * @key: should contain a #gnutls_pubkey_t type
+ * @bits: If set will return the number of bits of the parameters (may be NULL)
+ *
+ * This function will return the public key algorithm of a public
+ * key and if possible will return a number of bits that indicates
+ * the security parameter of the key.
+ *
+ * Returns: a member of the #gnutls_pk_algorithm_t enumeration on
+ *   success, or a negative error code on error.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_pubkey_get_pk_algorithm(gnutls_pubkey_t key, unsigned int *bits)
+{
+	if (bits)
+		*bits = key->bits;
+
+	return key->params.algo;
+}
+
+/**
+ * gnutls_pubkey_get_key_usage:
+ * @key: should contain a #gnutls_pubkey_t type
+ * @usage: If set will return the number of bits of the parameters (may be NULL)
+ *
+ * This function will return the key usage of the public key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_pubkey_get_key_usage(gnutls_pubkey_t key, unsigned int *usage)
+{
+	if (usage)
+		*usage = key->key_usage;
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_init:
+ * @key: A pointer to the type to be initialized
+ *
+ * This function will initialize a public key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_pubkey_init(gnutls_pubkey_t * key)
+{
+	FAIL_IF_LIB_ERROR;
+
+	*key = gnutls_calloc(1, sizeof(struct gnutls_pubkey_st));
+	if (*key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_deinit:
+ * @key: The key to be deinitialized
+ *
+ * This function will deinitialize a public key structure.
+ *
+ * Since: 2.12.0
+ **/
+void gnutls_pubkey_deinit(gnutls_pubkey_t key)
+{
+	if (!key)
+		return;
+	gnutls_pk_params_release(&key->params);
+	gnutls_free(key);
+}
+
+/**
+ * gnutls_pubkey_import_x509:
+ * @key: The public key
+ * @crt: The certificate to be imported
+ * @flags: should be zero
+ *
+ * This function will import the given public key to the abstract
+ * #gnutls_pubkey_t type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pubkey_import_x509(gnutls_pubkey_t key, gnutls_x509_crt_t crt,
+			  unsigned int flags)
+{
+	int ret;
+
+	gnutls_pk_params_release(&key->params);
+	/* params initialized in _gnutls_x509_crt_get_mpis */
+
+	ret = gnutls_x509_crt_get_pk_algorithm(crt, &key->bits);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	key->params.algo = ret;
+
+	ret = gnutls_x509_crt_get_key_usage(crt, &key->key_usage, NULL);
+	if (ret < 0)
+		key->key_usage = 0;
+
+	ret = _gnutls_x509_crt_get_mpis(crt, &key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_import_x509_crq:
+ * @key: The public key
+ * @crq: The certificate to be imported
+ * @flags: should be zero
+ *
+ * This function will import the given public key to the abstract
+ * #gnutls_pubkey_t type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.5
+ **/
+int
+gnutls_pubkey_import_x509_crq(gnutls_pubkey_t key, gnutls_x509_crq_t crq,
+			      unsigned int flags)
+{
+	int ret;
+
+	gnutls_pk_params_release(&key->params);
+	/* params initialized in _gnutls_x509_crq_get_mpis */
+
+	key->params.algo = gnutls_x509_crq_get_pk_algorithm(crq, &key->bits);
+
+	ret = gnutls_x509_crq_get_key_usage(crq, &key->key_usage, NULL);
+	if (ret < 0)
+		key->key_usage = 0;
+
+	ret = _gnutls_x509_crq_get_mpis(crq, &key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_import_privkey:
+ * @key: The public key
+ * @pkey: The private key
+ * @usage: GNUTLS_KEY_* key usage flags.
+ * @flags: should be zero
+ *
+ * Imports the public key from a private.  This function will import
+ * the given public key to the abstract #gnutls_pubkey_t type.
+ *
+ * Note that in certain keys this operation may not be possible, e.g.,
+ * in other than RSA PKCS#11 keys.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pubkey_import_privkey(gnutls_pubkey_t key, gnutls_privkey_t pkey,
+			     unsigned int usage, unsigned int flags)
+{
+	gnutls_pk_params_release(&key->params);
+	gnutls_pk_params_init(&key->params);
+
+	key->key_usage = usage;
+	key->params.algo = gnutls_privkey_get_pk_algorithm(pkey, &key->bits);
+
+	return _gnutls_privkey_get_public_mpis(pkey, &key->params);
+}
+
+/**
+ * gnutls_pubkey_get_preferred_hash_algorithm:
+ * @key: Holds the certificate
+ * @hash: The result of the call with the hash algorithm used for signature
+ * @mand: If non zero it means that the algorithm MUST use this hash. May be NULL.
+ *
+ * This function will read the certificate and return the appropriate digest
+ * algorithm to use for signing with this certificate. Some certificates (i.e.
+ * DSA might not be able to sign without the preferred algorithm).
+ *
+ * To get the signature algorithm instead of just the hash use gnutls_pk_to_sign()
+ * with the algorithm of the certificate/key and the provided @hash.
+ *
+ * Returns: the 0 if the hash algorithm is found. A negative error code is
+ * returned on error.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pubkey_get_preferred_hash_algorithm(gnutls_pubkey_t key,
+					   gnutls_digest_algorithm_t *
+					   hash, unsigned int *mand)
+{
+	int ret;
+	const mac_entry_st *me;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (mand)
+		*mand = 0;
+
+	switch (key->params.algo) {
+	case GNUTLS_PK_DSA:
+		if (mand)
+			*mand = 1;
+		FALLTHROUGH;
+	case GNUTLS_PK_ECDSA:
+
+		me = _gnutls_dsa_q_to_hash(&key->params, NULL);
+		if (hash)
+			*hash = (gnutls_digest_algorithm_t)me->id;
+
+		ret = 0;
+		break;
+	case GNUTLS_PK_EDDSA_ED25519:
+		if (hash)
+			*hash = GNUTLS_DIG_SHA512;
+
+		ret = 0;
+		break;
+	case GNUTLS_PK_EDDSA_ED448:
+		if (hash)
+			*hash = GNUTLS_DIG_SHAKE_256;
+
+		ret = 0;
+		break;
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		if (hash)
+			*hash = _gnutls_gost_digest(key->params.algo);
+		if (mand)
+			*mand = 1;
+
+		ret = 0;
+		break;
+	case GNUTLS_PK_RSA_PSS:
+		if (mand && key->params.spki.rsa_pss_dig)
+			*mand = 1;
+
+		if (hash) {
+			if (key->params.spki.rsa_pss_dig) {
+				*hash = key->params.spki.rsa_pss_dig;
+			} else {
+				*hash = _gnutls_pk_bits_to_sha_hash(pubkey_to_bits(&key->params));
+			}
+		}
+		ret = 0;
+		break;
+	case GNUTLS_PK_RSA:
+		if (hash)
+			*hash = _gnutls_pk_bits_to_sha_hash(pubkey_to_bits(&key->params));
+		ret = 0;
+		break;
+
+	default:
+		gnutls_assert();
+		ret = GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	return ret;
+}
+
+#ifdef ENABLE_PKCS11
+
+/* The EC_PARAMS attribute can contain either printable string with curve name
+ * or OID defined in RFC 8410 */
+static int
+gnutls_pubkey_parse_ecc_eddsa_params(const gnutls_datum_t *parameters,
+				     gnutls_ecc_curve_t *outcurve)
+{
+	gnutls_ecc_curve_t curve = GNUTLS_ECC_CURVE_INVALID;
+	asn1_node asn1 = NULL;
+	unsigned int etype = ASN1_ETYPE_INVALID;
+	char str[MAX_OID_SIZE];
+	int str_size;
+	int ret;
+
+	ret = asn1_create_element(_gnutls_get_gnutls_asn(),
+				  "GNUTLS.pkcs-11-ec-Parameters", &asn1);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	ret = asn1_der_decoding(&asn1, parameters->data, parameters->size,
+				NULL);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	/* Read the type of choice.
+	 */
+	str_size = sizeof(str) - 1;
+	ret = asn1_read_value(asn1, "", str, &str_size);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+	str[str_size] = 0;
+
+	/* Convert the choice to enum type */
+	if (strcmp(str, "oId") == 0) {
+		etype = ASN1_ETYPE_OBJECT_ID;
+	} else if (strcmp(str, "curveName") == 0) {
+		etype = ASN1_ETYPE_PRINTABLE_STRING;
+	}
+
+	str_size = sizeof(str) - 1;
+	switch (etype) {
+	case ASN1_ETYPE_OBJECT_ID:
+		ret = asn1_read_value(asn1, "oId", str, &str_size);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			break;
+		}
+
+		curve = gnutls_oid_to_ecc_curve(str);
+		if (curve != GNUTLS_ECC_CURVE_ED25519 &&
+		    curve != GNUTLS_ECC_CURVE_ED448) {
+			_gnutls_debug_log("Curve %s is not supported for EdDSA\n", str);
+			gnutls_assert();
+			curve = GNUTLS_ECC_CURVE_INVALID;
+			ret = GNUTLS_E_ECC_UNSUPPORTED_CURVE;
+			break;
+		}
+
+		ret = GNUTLS_E_SUCCESS;
+		break;
+
+	case ASN1_ETYPE_PRINTABLE_STRING:
+		ret = asn1_read_value(asn1, "curveName", str, &str_size);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			break;
+		}
+
+		if (str_size == strlen("edwards25519") &&
+		    strncmp(str, "edwards25519", str_size) == 0) {
+			curve = GNUTLS_ECC_CURVE_ED25519;
+			ret = GNUTLS_E_SUCCESS;
+			break;
+		} else if (str_size == strlen("edwards448") &&
+			   strncmp(str, "edwards448", str_size) == 0) {
+			curve = GNUTLS_ECC_CURVE_ED448;
+			ret = GNUTLS_E_SUCCESS;
+			break;
+		}
+		/* FALLTHROUGH */
+
+	default:
+		/* Neither of CHOICEs found. Fail */
+		gnutls_assert();
+		ret = GNUTLS_E_ECC_UNSUPPORTED_CURVE;
+		curve = GNUTLS_ECC_CURVE_INVALID;
+		break;
+	}
+
+
+      cleanup:
+	asn1_delete_structure(&asn1);
+	*outcurve = curve;
+	return ret;
+}
+
+
+static int
+gnutls_pubkey_import_ecc_eddsa(gnutls_pubkey_t key,
+			       const gnutls_datum_t * parameters,
+			       const gnutls_datum_t * ecpoint)
+{
+	int ret;
+
+	gnutls_ecc_curve_t curve = GNUTLS_ECC_CURVE_INVALID;
+	gnutls_datum_t raw_point = {NULL, 0};
+
+	ret = gnutls_pubkey_parse_ecc_eddsa_params(parameters, &curve);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	ret = _gnutls_x509_decode_string(ASN1_ETYPE_OCTET_STRING,
+					 ecpoint->data, ecpoint->size,
+					 &raw_point, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_free(raw_point.data);
+		return ret;
+	}
+	ret = gnutls_pubkey_import_ecc_raw(key, curve, &raw_point, NULL);
+
+	gnutls_free(raw_point.data);
+	return ret;
+}
+
+/* Same as above, but for Edwards key agreement */
+static int
+gnutls_pubkey_parse_ecc_ecdh_params(const gnutls_datum_t *parameters,
+                                    gnutls_ecc_curve_t *outcurve)
+{
+	gnutls_ecc_curve_t curve = GNUTLS_ECC_CURVE_INVALID;
+	asn1_node asn1 = NULL;
+	unsigned int etype = ASN1_ETYPE_INVALID;
+	char str[MAX_OID_SIZE];
+	int str_size;
+	int ret;
+
+	ret = asn1_create_element(_gnutls_get_gnutls_asn(),
+				  "GNUTLS.pkcs-11-ec-Parameters", &asn1);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	ret = asn1_der_decoding(&asn1, parameters->data, parameters->size,
+				NULL);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	/* Read the type of choice.
+	 */
+	str_size = sizeof(str) - 1;
+	ret = asn1_read_value(asn1, "", str, &str_size);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+	str[str_size] = 0;
+
+	/* Convert the choice to enum type */
+	if (strcmp(str, "oId") == 0) {
+		etype = ASN1_ETYPE_OBJECT_ID;
+	} else if (strcmp(str, "curveName") == 0) {
+		etype = ASN1_ETYPE_PRINTABLE_STRING;
+	}
+
+	str_size = sizeof(str) - 1;
+	switch (etype) {
+	case ASN1_ETYPE_OBJECT_ID:
+		ret = asn1_read_value(asn1, "oId", str, &str_size);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			break;
+		}
+
+		curve = gnutls_oid_to_ecc_curve(str);
+		if (curve != GNUTLS_ECC_CURVE_X25519 &&
+		    curve != GNUTLS_ECC_CURVE_X448) {
+			_gnutls_debug_log("Curve %s is not supported for Edwards-based key agreement\n", str);
+			gnutls_assert();
+			curve = GNUTLS_ECC_CURVE_INVALID;
+			ret = GNUTLS_E_ECC_UNSUPPORTED_CURVE;
+			break;
+		}
+
+		ret = GNUTLS_E_SUCCESS;
+		break;
+
+	case ASN1_ETYPE_PRINTABLE_STRING:
+		ret = asn1_read_value(asn1, "curveName", str, &str_size);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			break;
+		}
+
+		if (str_size == strlen("x25519") &&
+		    strncmp(str, "x25519", str_size) == 0) {
+			curve = GNUTLS_ECC_CURVE_X25519;
+			ret = GNUTLS_E_SUCCESS;
+			break;
+		} else if (str_size == strlen("x448") &&
+			   strncmp(str, "x448", str_size) == 0) {
+			curve = GNUTLS_ECC_CURVE_X448;
+			ret = GNUTLS_E_SUCCESS;
+			break;
+		}
+		/* FALLTHROUGH */
+
+	default:
+		/* Neither of CHOICEs found. Fail */
+		gnutls_assert();
+		ret = GNUTLS_E_ECC_UNSUPPORTED_CURVE;
+		curve = GNUTLS_ECC_CURVE_INVALID;
+		break;
+	}
+
+
+      cleanup:
+	asn1_delete_structure(&asn1);
+	*outcurve = curve;
+	return ret;
+}
+
+static int
+gnutls_pubkey_import_ecc_ecdh(gnutls_pubkey_t key,
+                              const gnutls_datum_t * parameters,
+                              const gnutls_datum_t * ecpoint)
+{
+	int ret;
+
+	gnutls_ecc_curve_t curve = GNUTLS_ECC_CURVE_INVALID;
+	gnutls_datum_t raw_point = {NULL, 0};
+
+	ret = gnutls_pubkey_parse_ecc_ecdh_params(parameters, &curve);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	ret = _gnutls_x509_decode_string(ASN1_ETYPE_OCTET_STRING,
+					 ecpoint->data, ecpoint->size,
+					 &raw_point, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_free(raw_point.data);
+		return ret;
+	}
+	ret = gnutls_pubkey_import_ecc_raw(key, curve, &raw_point, NULL);
+
+	gnutls_free(raw_point.data);
+	return ret;
+}
+
+/**
+ * gnutls_pubkey_import_pkcs11:
+ * @key: The public key
+ * @obj: The parameters to be imported
+ * @flags: should be zero
+ *
+ * Imports a public key from a pkcs11 key. This function will import
+ * the given public key to the abstract #gnutls_pubkey_t type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pubkey_import_pkcs11(gnutls_pubkey_t key,
+			    gnutls_pkcs11_obj_t obj, unsigned int flags)
+{
+	int ret, type;
+
+	type = gnutls_pkcs11_obj_get_type(obj);
+	if (type != GNUTLS_PKCS11_OBJ_PUBKEY
+	    && type != GNUTLS_PKCS11_OBJ_X509_CRT) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (type == GNUTLS_PKCS11_OBJ_X509_CRT) {
+		gnutls_x509_crt_t xcrt;
+
+		ret = gnutls_x509_crt_init(&xcrt);
+		if (ret < 0) {
+			gnutls_assert()
+			    return ret;
+		}
+
+		ret = gnutls_x509_crt_import_pkcs11(xcrt, obj);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup_crt;
+		}
+
+		ret = gnutls_pubkey_import_x509(key, xcrt, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup_crt;
+		}
+
+		ret = gnutls_x509_crt_get_key_usage(xcrt, &key->key_usage, NULL);
+		if (ret < 0)
+		  key->key_usage = 0;
+
+		ret = 0;
+	      cleanup_crt:
+		gnutls_x509_crt_deinit(xcrt);
+		return ret;
+	}
+
+	key->key_usage = obj->key_usage;
+
+	switch (obj->pk_algorithm) {
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_RSA_PSS:
+		ret = gnutls_pubkey_import_rsa_raw(key, &obj->pubkey[0],
+						   &obj->pubkey[1]);
+		break;
+	case GNUTLS_PK_DSA:
+		ret = gnutls_pubkey_import_dsa_raw(key, &obj->pubkey[0],
+						   &obj->pubkey[1],
+						   &obj->pubkey[2],
+						   &obj->pubkey[3]);
+		break;
+	case GNUTLS_PK_EC:
+		ret = gnutls_pubkey_import_ecc_x962(key, &obj->pubkey[0],
+						    &obj->pubkey[1]);
+		break;
+	case GNUTLS_PK_EDDSA_ED25519:
+		ret = gnutls_pubkey_import_ecc_eddsa(key, &obj->pubkey[0],
+						     &obj->pubkey[1]);
+		break;
+	case GNUTLS_PK_ECDH_X25519:
+		ret = gnutls_pubkey_import_ecc_ecdh(key, &obj->pubkey[0],
+                                                    &obj->pubkey[1]);
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+	}
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+#endif				/* ENABLE_PKCS11 */
+
+/**
+ * gnutls_pubkey_export:
+ * @key: Holds the certificate
+ * @format: the format of output params. One of PEM or DER.
+ * @output_data: will contain a certificate PEM or DER encoded
+ * @output_data_size: holds the size of output_data (and will be
+ *   replaced by the actual size of parameters)
+ *
+ * This function will export the public key to DER or PEM format.
+ * The contents of the exported data is the SubjectPublicKeyInfo
+ * X.509 structure.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *output_data_size is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER will
+ * be returned.
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN CERTIFICATE".
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and 0 on success.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pubkey_export(gnutls_pubkey_t key,
+		     gnutls_x509_crt_fmt_t format, void *output_data,
+		     size_t * output_data_size)
+{
+	int result;
+	asn1_node spk = NULL;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.SubjectPublicKeyInfo", &spk))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result =
+	    _gnutls_x509_encode_and_copy_PKI_params(spk, "",
+						    &key->params);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_export_int_named(spk, "",
+					       format, PEM_PK,
+					       output_data,
+					       output_data_size);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+      cleanup:
+	asn1_delete_structure(&spk);
+
+	return result;
+}
+
+/**
+ * gnutls_pubkey_export2:
+ * @key: Holds the certificate
+ * @format: the format of output params. One of PEM or DER.
+ * @out: will contain a certificate PEM or DER encoded
+ *
+ * This function will export the public key to DER or PEM format.
+ * The contents of the exported data is the SubjectPublicKeyInfo
+ * X.509 structure.
+ *
+ * The output buffer will be allocated using gnutls_malloc().
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN CERTIFICATE".
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and 0 on success.
+ *
+ * Since: 3.1.3
+ **/
+int
+gnutls_pubkey_export2(gnutls_pubkey_t key,
+		      gnutls_x509_crt_fmt_t format, gnutls_datum_t * out)
+{
+	int result;
+	asn1_node spk = NULL;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.SubjectPublicKeyInfo", &spk))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result =
+	    _gnutls_x509_encode_and_copy_PKI_params(spk, "",
+						    &key->params);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_export_int_named2(spk, "",
+						format, PEM_PK,
+						out);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+      cleanup:
+	asn1_delete_structure(&spk);
+
+	return result;
+}
+
+/**
+ * gnutls_pubkey_get_key_id:
+ * @key: Holds the public key
+ * @flags: should be one of the flags from %gnutls_keyid_flags_t
+ * @output_data: will contain the key ID
+ * @output_data_size: holds the size of output_data (and will be
+ *   replaced by the actual size of parameters)
+ *
+ * This function will return a unique ID that depends on the public
+ * key parameters. This ID can be used in checking whether a
+ * certificate corresponds to the given public key.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *output_data_size is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER will
+ * be returned.  The output will normally be a SHA-1 hash output,
+ * which is 20 bytes.
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and 0 on success.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pubkey_get_key_id(gnutls_pubkey_t key, unsigned int flags,
+			 unsigned char *output_data,
+			 size_t * output_data_size)
+{
+	int ret = 0;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret =
+	    _gnutls_get_key_id(&key->params,
+			       output_data, output_data_size, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_export_rsa_raw2:
+ * @key: Holds the certificate
+ * @m: will hold the modulus (may be %NULL)
+ * @e: will hold the public exponent (may be %NULL)
+ * @flags: flags from %gnutls_abstract_export_flags_t
+ *
+ * This function will export the RSA public key's parameters found in
+ * the given structure.  The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * This function allows for %NULL parameters since 3.4.1.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_pubkey_export_rsa_raw2(gnutls_pubkey_t key,
+			     gnutls_datum_t * m, gnutls_datum_t * e,
+			     unsigned flags)
+{
+	int ret;
+	mpi_dprint_func dprint = _gnutls_mpi_dprint_lz;
+
+	if (flags & GNUTLS_EXPORT_FLAG_NO_LZ)
+		dprint = _gnutls_mpi_dprint;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (!GNUTLS_PK_IS_RSA(key->params.algo)) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (m) {
+		ret = dprint(key->params.params[0], m);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	if (e) {
+		ret = dprint(key->params.params[1], e);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_free_datum(m);
+			return ret;
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_export_rsa_raw:
+ * @key: Holds the certificate
+ * @m: will hold the modulus (may be %NULL)
+ * @e: will hold the public exponent (may be %NULL)
+ *
+ * This function will export the RSA public key's parameters found in
+ * the given structure.  The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * This function allows for %NULL parameters since 3.4.1.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.3.0
+ **/
+int
+gnutls_pubkey_export_rsa_raw(gnutls_pubkey_t key,
+			     gnutls_datum_t * m, gnutls_datum_t * e)
+{
+	return gnutls_pubkey_export_rsa_raw2(key, m, e, 0);
+}
+
+
+/**
+ * gnutls_pubkey_export_dsa_raw:
+ * @key: Holds the public key
+ * @p: will hold the p (may be %NULL)
+ * @q: will hold the q (may be %NULL)
+ * @g: will hold the g (may be %NULL)
+ * @y: will hold the y (may be %NULL)
+ *
+ * This function will export the DSA public key's parameters found in
+ * the given certificate.  The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * This function allows for %NULL parameters since 3.4.1.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.3.0
+ **/
+int
+gnutls_pubkey_export_dsa_raw(gnutls_pubkey_t key,
+			     gnutls_datum_t * p, gnutls_datum_t * q,
+			     gnutls_datum_t * g, gnutls_datum_t * y)
+{
+	return gnutls_pubkey_export_dsa_raw2(key, p, q, g, y, 0);
+}
+
+/**
+ * gnutls_pubkey_export_dsa_raw2:
+ * @key: Holds the public key
+ * @p: will hold the p (may be %NULL)
+ * @q: will hold the q (may be %NULL)
+ * @g: will hold the g (may be %NULL)
+ * @y: will hold the y (may be %NULL)
+ * @flags: flags from %gnutls_abstract_export_flags_t
+ *
+ * This function will export the DSA public key's parameters found in
+ * the given certificate.  The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * This function allows for %NULL parameters since 3.4.1.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_pubkey_export_dsa_raw2(gnutls_pubkey_t key,
+			     gnutls_datum_t * p, gnutls_datum_t * q,
+			     gnutls_datum_t * g, gnutls_datum_t * y,
+			     unsigned flags)
+{
+	int ret;
+	mpi_dprint_func dprint = _gnutls_mpi_dprint_lz;
+
+	if (flags & GNUTLS_EXPORT_FLAG_NO_LZ)
+		dprint = _gnutls_mpi_dprint;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (key->params.algo != GNUTLS_PK_DSA) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* P */
+	if (p) {
+		ret = dprint(key->params.params[0], p);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	/* Q */
+	if (q) {
+		ret = dprint(key->params.params[1], q);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_free_datum(p);
+			return ret;
+		}
+	}
+
+	/* G */
+	if (g) {
+		ret = dprint(key->params.params[2], g);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_free_datum(p);
+			_gnutls_free_datum(q);
+			return ret;
+		}
+	}
+
+	/* Y */
+	if (y) {
+		ret = dprint(key->params.params[3], y);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_free_datum(p);
+			_gnutls_free_datum(g);
+			_gnutls_free_datum(q);
+			return ret;
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_export_ecc_raw:
+ * @key: Holds the public key
+ * @curve: will hold the curve (may be %NULL)
+ * @x: will hold x-coordinate (may be %NULL)
+ * @y: will hold y-coordinate (may be %NULL)
+ *
+ * This function will export the ECC public key's parameters found in
+ * the given key.  The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * In EdDSA curves the @y parameter will be %NULL and the other parameters
+ * will be in the native format for the curve.
+ *
+ * This function allows for %NULL parameters since 3.4.1.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_pubkey_export_ecc_raw(gnutls_pubkey_t key,
+			     gnutls_ecc_curve_t * curve,
+			     gnutls_datum_t * x, gnutls_datum_t * y)
+{
+	return gnutls_pubkey_export_ecc_raw2(key, curve, x, y, 0);
+}
+
+/**
+ * gnutls_pubkey_export_ecc_raw2:
+ * @key: Holds the public key
+ * @curve: will hold the curve (may be %NULL)
+ * @x: will hold x-coordinate (may be %NULL)
+ * @y: will hold y-coordinate (may be %NULL)
+ * @flags: flags from %gnutls_abstract_export_flags_t
+ *
+ * This function will export the ECC public key's parameters found in
+ * the given key.  The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * In EdDSA curves the @y parameter will be %NULL and the other parameters
+ * will be in the native format for the curve.
+ *
+ * This function allows for %NULL parameters since 3.4.1.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_pubkey_export_ecc_raw2(gnutls_pubkey_t key,
+			     gnutls_ecc_curve_t * curve,
+			     gnutls_datum_t * x, gnutls_datum_t * y,
+			     unsigned int flags)
+{
+	int ret;
+	mpi_dprint_func dprint = _gnutls_mpi_dprint_lz;
+
+	if (flags & GNUTLS_EXPORT_FLAG_NO_LZ)
+		dprint = _gnutls_mpi_dprint;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (!IS_EC(key->params.algo)) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (curve)
+		*curve = key->params.curve;
+
+	if (key->params.algo == GNUTLS_PK_EDDSA_ED25519 ||
+	    key->params.algo == GNUTLS_PK_EDDSA_ED448 ||
+	    key->params.algo == GNUTLS_PK_ECDH_X25519 ||
+	    key->params.algo == GNUTLS_PK_ECDH_X448) {
+		if (x) {
+			ret = _gnutls_set_datum(x, key->params.raw_pub.data, key->params.raw_pub.size);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+		if (y) {
+			y->data = NULL;
+			y->size = 0;
+		}
+		return 0;
+	}
+
+	/* ECDSA */
+
+	/* X */
+	if (x) {
+		ret = dprint(key->params.params[ECC_X], x);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	/* Y */
+	if (y) {
+		ret = dprint(key->params.params[ECC_Y], y);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_free_datum(x);
+			return ret;
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_export_ecc_x962:
+ * @key: Holds the public key
+ * @parameters: DER encoding of an ANSI X9.62 parameters
+ * @ecpoint: DER encoding of ANSI X9.62 ECPoint
+ *
+ * This function will export the ECC public key's parameters found in
+ * the given certificate.  The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_pubkey_export_ecc_x962(gnutls_pubkey_t key,
+				  gnutls_datum_t * parameters,
+				  gnutls_datum_t * ecpoint)
+{
+	int ret;
+	gnutls_datum_t raw_point = {NULL,0};
+
+	if (key == NULL || key->params.algo != GNUTLS_PK_EC)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = _gnutls_x509_write_ecc_pubkey(&key->params, &raw_point);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_x509_encode_string(ASN1_ETYPE_OCTET_STRING,
+					 raw_point.data, raw_point.size, ecpoint);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_write_ecc_params(key->params.curve, parameters);
+	if (ret < 0) {
+		_gnutls_free_datum(ecpoint);
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_free(raw_point.data);
+	return ret;
+}
+
+/**
+ * gnutls_pubkey_export_gost_raw2:
+ * @key: Holds the public key
+ * @curve: will hold the curve (may be %NULL)
+ * @digest: will hold the curve (may be %NULL)
+ * @paramset: will hold the parameters id (may be %NULL)
+ * @x: will hold the x-coordinate (may be %NULL)
+ * @y: will hold the y-coordinate (may be %NULL)
+ * @flags: flags from %gnutls_abstract_export_flags_t
+ *
+ * This function will export the GOST public key's parameters found in
+ * the given key.  The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Note: parameters will be stored with least significant byte first. On
+ * version 3.6.3 this was incorrectly returned in big-endian format.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_pubkey_export_gost_raw2(gnutls_pubkey_t key,
+			       gnutls_ecc_curve_t * curve,
+			       gnutls_digest_algorithm_t * digest,
+			       gnutls_gost_paramset_t * paramset,
+			       gnutls_datum_t * x, gnutls_datum_t * y,
+			       unsigned int flags)
+{
+	int ret;
+
+	mpi_dprint_func dprint = _gnutls_mpi_dprint_le;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (key->params.algo != GNUTLS_PK_GOST_01 &&
+	    key->params.algo != GNUTLS_PK_GOST_12_256 &&
+	    key->params.algo != GNUTLS_PK_GOST_12_512) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (curve)
+		*curve = key->params.curve;
+
+	if (digest)
+		*digest = _gnutls_gost_digest(key->params.algo);
+
+	if (paramset)
+		*paramset = key->params.gost_params;
+
+	/* X */
+	if (x) {
+		ret = dprint(key->params.params[GOST_X], x);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	/* Y */
+	if (y) {
+		ret = dprint(key->params.params[GOST_Y], y);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_free_datum(x);
+			return ret;
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_import:
+ * @key: The public key. 
+ * @data: The DER or PEM encoded certificate. 
+ * @format: One of DER or PEM 
+ * 
+ * This function will import the provided public key in
+ * a SubjectPublicKeyInfo X.509 structure to a native
+ * %gnutls_pubkey_t type. The output will be stored 
+ * in @key. If the public key is PEM encoded it should have a header 
+ * of "PUBLIC KEY". 
+ * 
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ * negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pubkey_import(gnutls_pubkey_t key,
+		     const gnutls_datum_t * data,
+		     gnutls_x509_crt_fmt_t format)
+{
+	int result = 0, need_free = 0;
+	gnutls_datum_t _data;
+	asn1_node spk;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	_data.data = data->data;
+	_data.size = data->size;
+
+	/* If the Certificate is in PEM format then decode it
+	 */
+	if (format == GNUTLS_X509_FMT_PEM) {
+		/* Try the first header */
+		result =
+		    _gnutls_fbase64_decode(PEM_PK, data->data,
+					   data->size, &_data);
+
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+
+		need_free = 1;
+	}
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.SubjectPublicKeyInfo", &spk))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = _asn1_strict_der_decode(&spk, _data.data, _data.size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = _gnutls_get_asn_mpis(spk, "", &key->params);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	key->bits = pubkey_to_bits(&key->params);
+	result = 0;
+
+      cleanup:
+	asn1_delete_structure(&spk);
+
+	if (need_free)
+		_gnutls_free_datum(&_data);
+	return result;
+}
+
+/**
+ * gnutls_x509_crt_set_pubkey:
+ * @crt: should contain a #gnutls_x509_crt_t type
+ * @key: holds a public key
+ *
+ * This function will set the public parameters from the given public
+ * key to the certificate. The @key can be deallocated after that.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_x509_crt_set_pubkey(gnutls_x509_crt_t crt, gnutls_pubkey_t key)
+{
+	int result;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result = _gnutls_x509_encode_and_copy_PKI_params(crt->cert,
+							 "tbsCertificate.subjectPublicKeyInfo",
+							 &key->params);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	if (key->key_usage)
+		gnutls_x509_crt_set_key_usage(crt, key->key_usage);
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crq_set_pubkey:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @key: holds a public key
+ *
+ * This function will set the public parameters from the given public
+ * key to the request. The @key can be deallocated after that.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_x509_crq_set_pubkey(gnutls_x509_crq_t crq, gnutls_pubkey_t key)
+{
+	int result;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result = _gnutls_x509_encode_and_copy_PKI_params
+	    (crq->crq,
+	     "certificationRequestInfo.subjectPKInfo",
+	     &key->params);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	if (key->key_usage)
+		gnutls_x509_crq_set_key_usage(crq, key->key_usage);
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_set_key_usage:
+ * @key: a certificate of type #gnutls_x509_crt_t
+ * @usage: an ORed sequence of the GNUTLS_KEY_* elements.
+ *
+ * This function will set the key usage flags of the public key. This
+ * is only useful if the key is to be exported to a certificate or
+ * certificate request.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_pubkey_set_key_usage(gnutls_pubkey_t key, unsigned int usage)
+{
+	key->key_usage = usage;
+
+	return 0;
+}
+
+#ifdef ENABLE_PKCS11
+
+#if 0
+/**
+ * gnutls_pubkey_import_pkcs11_url:
+ * @key: A key of type #gnutls_pubkey_t
+ * @url: A PKCS 11 url
+ * @flags: One of GNUTLS_PKCS11_OBJ_* flags
+ *
+ * This function will import a PKCS 11 certificate to a #gnutls_pubkey_t
+ * structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pubkey_import_pkcs11_url(gnutls_pubkey_t key, const char *url,
+				unsigned int flags)
+{
+	int x;
+}
+#endif
+
+static int
+_gnutls_pubkey_import_pkcs11_url(gnutls_pubkey_t key, const char *url,
+				unsigned int flags)
+{
+	gnutls_pkcs11_obj_t pcrt;
+	int ret;
+
+	ret = gnutls_pkcs11_obj_init(&pcrt);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (key->pin.cb)
+		gnutls_pkcs11_obj_set_pin_function(pcrt, key->pin.cb,
+						   key->pin.data);
+
+	ret = gnutls_pkcs11_obj_import_url(pcrt, url, flags|GNUTLS_PKCS11_OBJ_FLAG_EXPECT_PUBKEY);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_import_pkcs11(key, pcrt, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+      cleanup:
+
+	gnutls_pkcs11_obj_deinit(pcrt);
+
+	return ret;
+}
+
+#endif				/* ENABLE_PKCS11 */
+
+/**
+ * gnutls_pubkey_import_url:
+ * @key: A key of type #gnutls_pubkey_t
+ * @url: A PKCS 11 url
+ * @flags: One of GNUTLS_PKCS11_OBJ_* flags
+ *
+ * This function will import a public key from the provided URL.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.0
+ **/
+int
+gnutls_pubkey_import_url(gnutls_pubkey_t key, const char *url,
+			 unsigned int flags)
+{
+	unsigned i;
+
+	for (i=0;i<_gnutls_custom_urls_size;i++) {
+		if (strncmp(url, _gnutls_custom_urls[i].name, _gnutls_custom_urls[i].name_size) == 0) {
+			if (_gnutls_custom_urls[i].import_pubkey)
+				return _gnutls_custom_urls[i].import_pubkey(key, url, flags);
+		}
+	}
+
+	if (strncmp(url, PKCS11_URL, PKCS11_URL_SIZE) == 0)
+#ifdef ENABLE_PKCS11
+		return _gnutls_pubkey_import_pkcs11_url(key, url, flags);
+#else
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+#endif
+
+	if (strncmp(url, TPMKEY_URL, TPMKEY_URL_SIZE) == 0)
+#ifdef HAVE_TROUSERS
+		return gnutls_pubkey_import_tpm_url(key, url, NULL, 0);
+#else
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+#endif
+
+	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+}
+
+/**
+ * gnutls_pubkey_import_rsa_raw:
+ * @key: The key
+ * @m: holds the modulus
+ * @e: holds the public exponent
+ *
+ * This function will replace the parameters in the given structure.
+ * The new parameters should be stored in the appropriate
+ * gnutls_datum.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an negative error code.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pubkey_import_rsa_raw(gnutls_pubkey_t key,
+			     const gnutls_datum_t * m,
+			     const gnutls_datum_t * e)
+{
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	gnutls_pk_params_release(&key->params);
+	gnutls_pk_params_init(&key->params);
+
+	if (_gnutls_mpi_init_scan_nz(&key->params.params[0], m->data, m->size)) {
+		gnutls_assert();
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	if (_gnutls_mpi_init_scan_nz(&key->params.params[1], e->data, e->size)) {
+		gnutls_assert();
+		_gnutls_mpi_release(&key->params.params[0]);
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	key->params.params_nr = RSA_PUBLIC_PARAMS;
+	key->params.algo = GNUTLS_PK_RSA;
+	key->bits = pubkey_to_bits(&key->params);
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_import_ecc_raw:
+ * @key: The structure to store the parsed key
+ * @curve: holds the curve
+ * @x: holds the x-coordinate
+ * @y: holds the y-coordinate
+ *
+ * This function will convert the given elliptic curve parameters to a
+ * #gnutls_pubkey_t.  The output will be stored in @key.
+ *
+ * In EdDSA curves the @y parameter should be %NULL and the @x parameter must
+ * be the value in the native format for the curve.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_pubkey_import_ecc_raw(gnutls_pubkey_t key,
+			     gnutls_ecc_curve_t curve,
+			     const gnutls_datum_t * x,
+			     const gnutls_datum_t * y)
+{
+	int ret;
+
+	if (key == NULL || x == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	gnutls_pk_params_release(&key->params);
+	gnutls_pk_params_init(&key->params);
+
+	if (curve_is_eddsa(curve)) {
+		unsigned size = gnutls_ecc_curve_get_size(curve);
+		if (x->size != size) {
+			ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+			goto cleanup;
+		}
+
+		ret = _gnutls_set_datum(&key->params.raw_pub, x->data, x->size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		switch (curve) {
+		case GNUTLS_ECC_CURVE_ED25519:
+			key->params.algo = GNUTLS_PK_EDDSA_ED25519;
+			break;
+		case GNUTLS_ECC_CURVE_ED448:
+			key->params.algo = GNUTLS_PK_EDDSA_ED448;
+			break;
+		default:
+			break;
+		}
+		key->params.curve = curve;
+		key->bits = pubkey_to_bits(&key->params);
+
+		return 0;
+	}
+
+	/* ECDSA */
+	if (y == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	key->params.curve = curve;
+
+	if (_gnutls_mpi_init_scan_nz
+	    (&key->params.params[ECC_X], x->data, x->size)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+	key->params.params_nr++;
+
+	if (_gnutls_mpi_init_scan_nz
+	    (&key->params.params[ECC_Y], y->data, y->size)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+	key->params.params_nr++;
+	key->params.algo = GNUTLS_PK_ECDSA;
+	key->bits = pubkey_to_bits(&key->params);
+
+	return 0;
+
+      cleanup:
+	gnutls_pk_params_release(&key->params);
+	return ret;
+}
+
+/**
+ * gnutls_pubkey_import_ecc_x962:
+ * @key: The structure to store the parsed key
+ * @parameters: DER encoding of an ANSI X9.62 parameters
+ * @ecpoint: DER encoding of ANSI X9.62 ECPoint
+ *
+ * This function will convert the given elliptic curve parameters to a
+ * #gnutls_pubkey_t.  The output will be stored in @key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_pubkey_import_ecc_x962(gnutls_pubkey_t key,
+			      const gnutls_datum_t * parameters,
+			      const gnutls_datum_t * ecpoint)
+{
+	int ret;
+	gnutls_datum_t raw_point = {NULL,0};
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	gnutls_pk_params_release(&key->params);
+	gnutls_pk_params_init(&key->params);
+
+	key->params.params_nr = 0;
+
+	ret =
+	    _gnutls_x509_read_ecc_params(parameters->data,
+					 parameters->size, &key->params.curve);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_decode_string(ASN1_ETYPE_OCTET_STRING,
+					 ecpoint->data, ecpoint->size, &raw_point, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_ecc_ansi_x962_import(raw_point.data, raw_point.size,
+					   &key->params.params[ECC_X],
+					   &key->params.params[ECC_Y]);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	key->params.params_nr += 2;
+	key->params.algo = GNUTLS_PK_EC;
+
+	gnutls_free(raw_point.data);
+	return 0;
+
+      cleanup:
+	gnutls_pk_params_release(&key->params);
+	gnutls_free(raw_point.data);
+	return ret;
+}
+
+/**
+ * gnutls_pubkey_import_gost_raw:
+ * @key: The structure to store the parsed key
+ * @curve: holds the curve
+ * @digest: holds the digest
+ * @paramset: holds the parameters id
+ * @x: holds the x-coordinate
+ * @y: holds the y-coordinate
+ *
+ * This function will convert the given GOST public key's parameters to a
+ * #gnutls_pubkey_t.  The output will be stored in @key.  @digest should be
+ * one of GNUTLS_DIG_GOSR_94, GNUTLS_DIG_STREEBOG_256 or
+ * GNUTLS_DIG_STREEBOG_512.  If @paramset is set to GNUTLS_GOST_PARAMSET_UNKNOWN
+ * default one will be selected depending on @digest.
+ *
+ * Note: parameters should be stored with least significant byte first. On
+ * version 3.6.3 big-endian format was used incorrectly.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_pubkey_import_gost_raw(gnutls_pubkey_t key,
+			     gnutls_ecc_curve_t curve,
+			     gnutls_digest_algorithm_t digest,
+			     gnutls_gost_paramset_t paramset,
+			     const gnutls_datum_t * x,
+			     const gnutls_datum_t * y)
+{
+	int ret;
+	gnutls_pk_algorithm_t pk_algo;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	pk_algo = _gnutls_digest_gost(digest);
+	if (pk_algo == GNUTLS_PK_UNKNOWN)
+		return GNUTLS_E_ILLEGAL_PARAMETER;
+
+	if (paramset == GNUTLS_GOST_PARAMSET_UNKNOWN)
+		paramset = _gnutls_gost_paramset_default(pk_algo);
+
+	gnutls_pk_params_release(&key->params);
+	gnutls_pk_params_init(&key->params);
+
+	key->params.curve = curve;
+	key->params.gost_params = paramset;
+
+	if (_gnutls_mpi_init_scan_le
+	    (&key->params.params[GOST_X], x->data, x->size)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+	key->params.params_nr++;
+
+	if (_gnutls_mpi_init_scan_le
+	    (&key->params.params[GOST_Y], y->data, y->size)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+	key->params.params_nr++;
+	key->params.algo = pk_algo;
+
+	return 0;
+
+      cleanup:
+	gnutls_pk_params_release(&key->params);
+	return ret;
+}
+
+/**
+ * gnutls_pubkey_import_dsa_raw:
+ * @key: The structure to store the parsed key
+ * @p: holds the p
+ * @q: holds the q
+ * @g: holds the g
+ * @y: holds the y
+ *
+ * This function will convert the given DSA raw parameters to the
+ * native #gnutls_pubkey_t format.  The output will be stored
+ * in @key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_pubkey_import_dsa_raw(gnutls_pubkey_t key,
+			     const gnutls_datum_t * p,
+			     const gnutls_datum_t * q,
+			     const gnutls_datum_t * g,
+			     const gnutls_datum_t * y)
+{
+	size_t siz = 0;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	gnutls_pk_params_release(&key->params);
+	gnutls_pk_params_init(&key->params);
+
+	siz = p->size;
+	if (_gnutls_mpi_init_scan_nz(&key->params.params[0], p->data, siz)) {
+		gnutls_assert();
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	siz = q->size;
+	if (_gnutls_mpi_init_scan_nz(&key->params.params[1], q->data, siz)) {
+		gnutls_assert();
+		_gnutls_mpi_release(&key->params.params[0]);
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	siz = g->size;
+	if (_gnutls_mpi_init_scan_nz(&key->params.params[2], g->data, siz)) {
+		gnutls_assert();
+		_gnutls_mpi_release(&key->params.params[1]);
+		_gnutls_mpi_release(&key->params.params[0]);
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	siz = y->size;
+	if (_gnutls_mpi_init_scan_nz(&key->params.params[3], y->data, siz)) {
+		gnutls_assert();
+		_gnutls_mpi_release(&key->params.params[2]);
+		_gnutls_mpi_release(&key->params.params[1]);
+		_gnutls_mpi_release(&key->params.params[0]);
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	key->params.params_nr = DSA_PUBLIC_PARAMS;
+	key->params.algo = GNUTLS_PK_DSA;
+	key->bits = pubkey_to_bits(&key->params);
+
+	return 0;
+
+}
+
+/* Updates the gnutls_x509_spki_st parameters based on the signature
+ * information, and reports any incompatibilities between the existing
+ * parameters (if any) with the signature algorithm */
+static
+int fixup_spki_params(const gnutls_pk_params_st *key_params, const gnutls_sign_entry_st *se,
+		       const mac_entry_st *me, gnutls_x509_spki_st *params)
+{
+	unsigned bits;
+
+	if (se->pk != key_params->algo) {
+		if (!sign_supports_priv_pk_algorithm(se, key_params->algo)) {
+			_gnutls_debug_log("have key: %s/%d, with sign %s/%d\n",
+					gnutls_pk_get_name(key_params->algo), key_params->algo,
+					se->name, se->id);
+			return gnutls_assert_val(GNUTLS_E_CONSTRAINT_ERROR);
+		}
+	}
+
+	if (params->pk == GNUTLS_PK_RSA_PSS) {
+		int ret;
+		if (!GNUTLS_PK_IS_RSA(key_params->algo))
+			return gnutls_assert_val(GNUTLS_E_CONSTRAINT_ERROR);
+
+		/* The requested sign algorithm is RSA-PSS, while the
+		 * pubkey doesn't include parameter information. Fill
+		 * it with the same way as gnutls_privkey_sign*. */
+		if (key_params->algo == GNUTLS_PK_RSA || params->rsa_pss_dig == 0) {
+			bits = pubkey_to_bits(key_params);
+			params->rsa_pss_dig = se->hash;
+			ret = _gnutls_find_rsa_pss_salt_size(bits, me, 0);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			params->salt_size = ret;
+		}
+
+		if (params->rsa_pss_dig != se->hash)
+			return gnutls_assert_val(GNUTLS_E_CONSTRAINT_ERROR);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_verify_data2:
+ * @pubkey: Holds the public key
+ * @algo: The signature algorithm used
+ * @flags: Zero or an OR list of #gnutls_certificate_verify_flags
+ * @data: holds the signed data
+ * @signature: contains the signature
+ *
+ * This function will verify the given signed data, using the
+ * parameters from the certificate.
+ *
+ * Returns: In case of a verification failure %GNUTLS_E_PK_SIG_VERIFY_FAILED 
+ * is returned, and zero or positive code on success. For known to be insecure
+ * signatures this function will return %GNUTLS_E_INSUFFICIENT_SECURITY unless
+ * the flag %GNUTLS_VERIFY_ALLOW_BROKEN is specified.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_pubkey_verify_data2(gnutls_pubkey_t pubkey,
+			   gnutls_sign_algorithm_t algo,
+			   unsigned int flags,
+			   const gnutls_datum_t * data,
+			   const gnutls_datum_t * signature)
+{
+	int ret;
+	const mac_entry_st *me;
+	gnutls_x509_spki_st params;
+	const gnutls_sign_entry_st *se;
+
+	if (pubkey == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (flags & GNUTLS_VERIFY_USE_TLS1_RSA)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memcpy(&params, &pubkey->params.spki, sizeof(gnutls_x509_spki_st));
+
+	se = _gnutls_sign_to_entry(algo);
+	if (se == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = pubkey_supports_sig(pubkey, se);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	params.pk = se->pk;
+	if (flags & GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH) {
+		params.flags |= GNUTLS_PK_FLAG_RSA_PSS_FIXED_SALT_LENGTH;
+	}
+
+	me = hash_to_entry(se->hash);
+	if (me == NULL && !_gnutls_pk_is_not_prehashed(se->pk))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = pubkey_verify_data(se, me, data, signature, &pubkey->params,
+				 &params, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_verify_hash2:
+ * @key: Holds the public key
+ * @algo: The signature algorithm used
+ * @flags: Zero or an OR list of #gnutls_certificate_verify_flags
+ * @hash: holds the hash digest to be verified
+ * @signature: contains the signature
+ *
+ * This function will verify the given signed digest, using the
+ * parameters from the public key. Note that unlike gnutls_privkey_sign_hash(),
+ * this function accepts a signature algorithm instead of a digest algorithm.
+ * You can use gnutls_pk_to_sign() to get the appropriate value.
+ *
+ * Returns: In case of a verification failure %GNUTLS_E_PK_SIG_VERIFY_FAILED 
+ * is returned, and zero or positive code on success. For known to be insecure
+ * signatures this function will return %GNUTLS_E_INSUFFICIENT_SECURITY unless
+ * the flag %GNUTLS_VERIFY_ALLOW_BROKEN is specified.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_pubkey_verify_hash2(gnutls_pubkey_t key,
+			   gnutls_sign_algorithm_t algo,
+			   unsigned int flags,
+			   const gnutls_datum_t * hash,
+			   const gnutls_datum_t * signature)
+{
+	const mac_entry_st *me;
+	gnutls_x509_spki_st params;
+	const gnutls_sign_entry_st *se;
+	int ret;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (_gnutls_pk_is_not_prehashed(key->params.algo)) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	memcpy(&params, &key->params.spki, sizeof(gnutls_x509_spki_st));
+
+	if (flags & GNUTLS_VERIFY_USE_TLS1_RSA) {
+		if (!GNUTLS_PK_IS_RSA(key->params.algo))
+			return gnutls_assert_val(GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY);
+		params.pk = GNUTLS_PK_RSA;
+		/* we do not check for insecure algorithms with this flag */
+		return _gnutls_pk_verify(params.pk, hash, signature,
+					 &key->params, &params);
+	} else {
+		se = _gnutls_sign_to_entry(algo);
+		if (se == NULL)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		ret = pubkey_supports_sig(key, se);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		params.pk = se->pk;
+
+		me = hash_to_entry(se->hash);
+		if (me == NULL && !_gnutls_pk_is_not_prehashed(se->pk))
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		ret = pubkey_verify_hashed_data(se, me, hash, signature,
+						&key->params,
+						&params, flags);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_encrypt_data:
+ * @key: Holds the public key
+ * @flags: should be 0 for now
+ * @plaintext: The data to be encrypted
+ * @ciphertext: contains the encrypted data
+ *
+ * This function will encrypt the given data, using the public
+ * key. On success the @ciphertext will be allocated using gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_pubkey_encrypt_data(gnutls_pubkey_t key, unsigned int flags,
+			   const gnutls_datum_t * plaintext,
+			   gnutls_datum_t * ciphertext)
+{
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_pk_encrypt(key->params.algo, ciphertext,
+				  plaintext, &key->params);
+}
+
+static
+int pubkey_supports_sig(gnutls_pubkey_t pubkey,
+			const gnutls_sign_entry_st *se)
+{
+	if (pubkey->params.algo == GNUTLS_PK_ECDSA && se->curve) {
+		gnutls_ecc_curve_t curve = pubkey->params.curve;
+
+		if (curve != se->curve) {
+			_gnutls_handshake_log("have key: ECDSA with %s/%d, with sign %s/%d\n",
+				gnutls_ecc_curve_get_name(curve), (int)curve,
+				se->name, se->id);
+			return gnutls_assert_val(GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY);
+		}
+	}
+
+	if (se->pk != pubkey->params.algo) { /* if the PK algorithm of the signature differs to the one on the pubkey */
+		if (!sign_supports_priv_pk_algorithm(se, pubkey->params.algo)) {
+			_gnutls_handshake_log("have key: %s/%d, with sign %s/%d\n",
+					gnutls_pk_get_name(pubkey->params.algo), pubkey->params.algo,
+					se->name, se->id);
+			return gnutls_assert_val(GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY);
+		}
+	}
+
+	return 0;
+}
+
+/* Checks whether the public key given is compatible with the
+ * signature algorithm used. The session is only used for audit logging, and
+ * it may be null.
+ */
+int _gnutls_pubkey_compatible_with_sig(gnutls_session_t session,
+				       gnutls_pubkey_t pubkey,
+				       const version_entry_st * ver,
+				       gnutls_sign_algorithm_t sign)
+{
+	unsigned int hash_size = 0;
+	unsigned int sig_hash_size;
+	const mac_entry_st *me;
+	const gnutls_sign_entry_st *se;
+	int ret;
+
+	se = _gnutls_sign_to_entry(sign);
+	if (se != NULL) {
+		ret = pubkey_supports_sig(pubkey, se);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	} else if (_gnutls_version_has_selectable_sighash(ver)) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (pubkey->params.algo == GNUTLS_PK_DSA) {
+		me = _gnutls_dsa_q_to_hash(&pubkey->params, &hash_size);
+
+		/* DSA keys over 1024 bits cannot be used with TLS 1.x, x<2 */
+		if (!_gnutls_version_has_selectable_sighash(ver)) {
+			if (me->id != GNUTLS_MAC_SHA1)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL);
+		} else if (se != NULL) {
+			me = hash_to_entry(se->hash);
+
+			sig_hash_size = _gnutls_hash_get_algo_len(me);
+			if (sig_hash_size < hash_size)
+				_gnutls_audit_log(session,
+						  "The hash size used in signature (%u) is less than the expected (%u)\n",
+						  sig_hash_size,
+						  hash_size);
+		}
+
+	} else if (pubkey->params.algo == GNUTLS_PK_ECDSA) {
+		if (_gnutls_version_has_selectable_sighash(ver)
+		    && se != NULL) {
+			_gnutls_dsa_q_to_hash(&pubkey->params, &hash_size);
+
+			me = hash_to_entry(se->hash);
+
+			sig_hash_size = _gnutls_hash_get_algo_len(me);
+
+			if (sig_hash_size < hash_size)
+				_gnutls_audit_log(session,
+						  "The hash size used in signature (%u) is less than the expected (%u)\n",
+						  sig_hash_size,
+						  hash_size);
+		}
+
+	} else if (pubkey->params.algo == GNUTLS_PK_GOST_01 ||
+		   pubkey->params.algo == GNUTLS_PK_GOST_12_256 ||
+		   pubkey->params.algo == GNUTLS_PK_GOST_12_512) {
+		if (_gnutls_version_has_selectable_sighash(ver)
+		    && se != NULL) {
+			if (_gnutls_gost_digest(pubkey->params.algo) != se->hash) {
+				_gnutls_audit_log(session,
+						  "The hash algo used in signature (%u) is not expected (%u)\n",
+						  se->hash, _gnutls_gost_digest(pubkey->params.algo));
+				return gnutls_assert_val(GNUTLS_E_CONSTRAINT_ERROR);
+			}
+		}
+
+	} else if (pubkey->params.algo == GNUTLS_PK_RSA_PSS) {
+		if (!_gnutls_version_has_selectable_sighash(ver))
+			/* this should not have happened */
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		/* RSA PSS public keys are restricted to a single digest, i.e., signature */
+
+		if (pubkey->params.spki.rsa_pss_dig && pubkey->params.spki.rsa_pss_dig != se->hash) {
+			return gnutls_assert_val(GNUTLS_E_CONSTRAINT_ERROR);
+		}
+	}
+
+	return 0;
+}
+
+/* Returns the public key. 
+ */
+int
+_gnutls_pubkey_get_mpis(gnutls_pubkey_t key, gnutls_pk_params_st * params)
+{
+	return _gnutls_pk_params_copy(params, &key->params);
+}
+
+/* if hash==MD5 then we do RSA-MD5
+ * if hash==SHA then we do RSA-SHA
+ * params[0] is modulus
+ * params[1] is public key
+ */
+static int
+_pkcs1_rsa_verify_sig(gnutls_pk_algorithm_t pk,
+		      const mac_entry_st * me,
+		      const gnutls_datum_t * text,
+		      const gnutls_datum_t * prehash,
+		      const gnutls_datum_t * signature,
+		      gnutls_pk_params_st * params,
+		      gnutls_x509_spki_st * sign_params)
+{
+	int ret;
+	uint8_t md[MAX_HASH_SIZE], *cmp;
+	unsigned int digest_size;
+	gnutls_datum_t d, di;
+
+	if (unlikely(me == NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	digest_size = _gnutls_hash_get_algo_len(me);
+	if (prehash) {
+		if (prehash->data == NULL || prehash->size != digest_size)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		cmp = prehash->data;
+	} else {
+		if (!text) {
+			gnutls_assert();
+			return GNUTLS_E_INVALID_REQUEST;
+		}
+
+		ret = _gnutls_hash_fast((gnutls_digest_algorithm_t)me->id,
+					text->data, text->size, md);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		cmp = md;
+	}
+
+	d.data = cmp;
+	d.size = digest_size;
+
+	if (pk == GNUTLS_PK_RSA) {
+		/* SHA-1 is allowed for SigVer in FIPS 140-3 in legacy
+		 * mode */
+		switch (me->id) {
+		case GNUTLS_MAC_SHA1:
+		case GNUTLS_MAC_SHA256:
+		case GNUTLS_MAC_SHA384:
+		case GNUTLS_MAC_SHA512:
+		case GNUTLS_MAC_SHA224:
+			break;
+		default:
+			_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+		}
+
+		/* decrypted is a BER encoded data of type DigestInfo
+		 */
+		ret = encode_ber_digest_info(me, &d, &di);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_pk_verify(pk, &di, signature, params,
+					sign_params);
+		_gnutls_free_datum(&di);
+	} else {
+		ret = _gnutls_pk_verify(pk, &d, signature, params,
+					sign_params);
+	}
+
+	return ret;
+}
+
+/* Hashes input data and verifies a signature.
+ */
+static int
+dsa_verify_hashed_data(gnutls_pk_algorithm_t pk,
+		       const mac_entry_st * algo,
+		       const gnutls_datum_t * hash,
+		       const gnutls_datum_t * signature,
+		       gnutls_pk_params_st * params,
+		       gnutls_x509_spki_st * sign_params)
+{
+	gnutls_datum_t digest;
+	unsigned int hash_len;
+
+	if (algo == NULL)
+		algo = _gnutls_dsa_q_to_hash(params, &hash_len);
+	else
+		hash_len = _gnutls_hash_get_algo_len(algo);
+
+	/* SHA1 or better allowed */
+	if (!hash->data || hash->size < hash_len) {
+		gnutls_assert();
+		_gnutls_debug_log
+		    ("Hash size (%d) does not correspond to hash %s(%d) or better.\n",
+		     (int) hash->size, _gnutls_mac_get_name(algo),
+		     hash_len);
+
+		if (hash->size != 20)	/* SHA1 is allowed */
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_PK_SIG_VERIFY_FAILED);
+	}
+
+	digest.data = hash->data;
+	digest.size = hash->size;
+
+	return _gnutls_pk_verify(pk, &digest, signature, params, sign_params);
+}
+
+static int
+dsa_verify_data(gnutls_pk_algorithm_t pk,
+		const mac_entry_st * algo,
+		const gnutls_datum_t * data,
+		const gnutls_datum_t * signature,
+		gnutls_pk_params_st * params,
+		gnutls_x509_spki_st * sign_params)
+{
+	int ret;
+	uint8_t _digest[MAX_HASH_SIZE];
+	gnutls_datum_t digest;
+
+	if (algo == NULL)
+		algo = _gnutls_dsa_q_to_hash(params, NULL);
+
+	ret = _gnutls_hash_fast((gnutls_digest_algorithm_t)algo->id,
+				data->data, data->size, _digest);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	digest.data = _digest;
+	digest.size = _gnutls_hash_get_algo_len(algo);
+
+	return _gnutls_pk_verify(pk, &digest, signature, params, sign_params);
+}
+
+/* Verifies the signature data, and returns GNUTLS_E_PK_SIG_VERIFY_FAILED if 
+ * not verified, or 1 otherwise.
+ */
+static int
+pubkey_verify_hashed_data(const gnutls_sign_entry_st *se,
+			  const mac_entry_st *me,
+			  const gnutls_datum_t * hash,
+			  const gnutls_datum_t * signature,
+			  gnutls_pk_params_st * params,
+			  gnutls_x509_spki_st * sign_params,
+			  unsigned flags)
+{
+	int ret;
+
+	if (unlikely(me==NULL))
+		return gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM);
+
+	ret = fixup_spki_params(params, se, me, sign_params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	switch (se->pk) {
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_RSA_PSS:
+
+		if (_pkcs1_rsa_verify_sig
+		    (se->pk, me, NULL, hash, signature, params, sign_params) != 0)
+		{
+			gnutls_assert();
+			return GNUTLS_E_PK_SIG_VERIFY_FAILED;
+		}
+
+		break;
+
+	case GNUTLS_PK_ECDSA:
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+	case GNUTLS_PK_DSA:
+		if (dsa_verify_hashed_data
+		    (se->pk, me, hash, signature, params, sign_params) != 0) {
+			gnutls_assert();
+			return GNUTLS_E_PK_SIG_VERIFY_FAILED;
+		}
+
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+
+	}
+
+	if (_gnutls_sign_is_secure2(se, 0) == 0 && _gnutls_is_broken_sig_allowed(se, flags) == 0) {
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_SECURITY);
+	}
+
+	return 1;
+}
+
+/* Verifies the signature data, and returns GNUTLS_E_PK_SIG_VERIFY_FAILED if 
+ * not verified, or 1 otherwise.
+ */
+int
+pubkey_verify_data(const gnutls_sign_entry_st *se,
+		   const mac_entry_st *me,
+		   const gnutls_datum_t * data,
+		   const gnutls_datum_t * signature,
+		   gnutls_pk_params_st * params,
+		   gnutls_x509_spki_st * sign_params,
+		   unsigned flags)
+{
+	int ret;
+
+	if (unlikely(me == NULL))
+		return gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM);
+
+	ret = fixup_spki_params(params, se, me, sign_params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	switch (se->pk) {
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_RSA_PSS:
+		if (_pkcs1_rsa_verify_sig
+		    (se->pk, me, data, NULL, signature, params, sign_params) != 0) {
+			gnutls_assert();
+			return GNUTLS_E_PK_SIG_VERIFY_FAILED;
+		}
+
+		break;
+
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+		if (_gnutls_pk_verify(se->pk, data, signature, params, sign_params) != 0) {
+			gnutls_assert();
+			return GNUTLS_E_PK_SIG_VERIFY_FAILED;
+		}
+
+		break;
+
+	case GNUTLS_PK_EC:
+	case GNUTLS_PK_DSA:
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		if (dsa_verify_data
+		    (se->pk, me, data, signature, params, sign_params) != 0) {
+			gnutls_assert();
+			return GNUTLS_E_PK_SIG_VERIFY_FAILED;
+		}
+
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+
+	}
+
+	if (_gnutls_sign_is_secure2(se,0) == 0 && _gnutls_is_broken_sig_allowed(se, flags) == 0) {
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_SECURITY);
+	}
+
+	return 1;
+}
+
+const mac_entry_st *_gnutls_dsa_q_to_hash(const gnutls_pk_params_st *
+					  params, unsigned int *hash_len)
+{
+	int bits = 0;
+	int ret;
+
+	if (params->algo == GNUTLS_PK_DSA)
+		bits = _gnutls_mpi_get_nbits(params->params[1]);
+	else if (params->algo == GNUTLS_PK_EC)
+		bits = gnutls_ecc_curve_get_size(params->curve) * 8;
+
+	if (bits <= 160) {
+		if (hash_len)
+			*hash_len = 20;
+		ret = GNUTLS_DIG_SHA1;
+	} else if (bits <= 192) {
+		if (hash_len)
+			*hash_len = 24;
+		ret = GNUTLS_DIG_SHA256;
+	} else if (bits <= 224) {
+		if (hash_len)
+			*hash_len = 28;
+		ret = GNUTLS_DIG_SHA256;
+	} else if (bits <= 256) {
+		if (hash_len)
+			*hash_len = 32;
+		ret = GNUTLS_DIG_SHA256;
+	} else if (bits <= 384) {
+		if (hash_len)
+			*hash_len = 48;
+		ret = GNUTLS_DIG_SHA384;
+	} else {
+		if (hash_len)
+			*hash_len = 64;
+		ret = GNUTLS_DIG_SHA512;
+	}
+
+	return mac_to_entry(ret);
+}
+
+/**
+ * gnutls_pubkey_set_pin_function:
+ * @key: A key of type #gnutls_pubkey_t
+ * @fn: the callback
+ * @userdata: data associated with the callback
+ *
+ * This function will set a callback function to be used when
+ * required to access the object. This function overrides any other
+ * global PIN functions.
+ *
+ * Note that this function must be called right after initialization
+ * to have effect.
+ *
+ * Since: 3.1.0
+ *
+ **/
+void gnutls_pubkey_set_pin_function(gnutls_pubkey_t key,
+				    gnutls_pin_callback_t fn,
+				    void *userdata)
+{
+	key->pin.cb = fn;
+	key->pin.data = userdata;
+}
+
+/**
+ * gnutls_pubkey_import_x509_raw:
+ * @pkey: The public key
+ * @data: The public key data to be imported
+ * @format: The format of the public key
+ * @flags: should be zero
+ *
+ * This function will import the given public key to the abstract
+ * #gnutls_pubkey_t type. 
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.3
+ **/
+int gnutls_pubkey_import_x509_raw(gnutls_pubkey_t pkey,
+				  const gnutls_datum_t * data,
+				  gnutls_x509_crt_fmt_t format,
+				  unsigned int flags)
+{
+	gnutls_x509_crt_t xpriv;
+	int ret;
+
+	ret = gnutls_x509_crt_init(&xpriv);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_x509_crt_import(xpriv, data, format);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_import_x509(pkey, xpriv, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	gnutls_x509_crt_deinit(xpriv);
+
+	return ret;
+}
+
+/**
+ * gnutls_pubkey_verify_params:
+ * @key: should contain a #gnutls_pubkey_t type
+ *
+ * This function will verify the public key parameters.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_pubkey_verify_params(gnutls_pubkey_t key)
+{
+	int ret;
+
+	ret = _gnutls_pk_verify_pub_params(key->params.algo, &key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_get_spki:
+ * @pubkey: a public key of type #gnutls_pubkey_t
+ * @spki: a SubjectPublicKeyInfo structure of type #gnutls_pubkey_spki_t
+ * @flags: must be zero
+ *
+ * This function will return the public key information if available.
+ * The provided @spki must be initialized.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_pubkey_get_spki(gnutls_pubkey_t pubkey, gnutls_x509_spki_t spki, unsigned int flags)
+{
+	gnutls_x509_spki_t p = &pubkey->params.spki;
+
+	if (pubkey == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (p->pk == GNUTLS_PK_UNKNOWN)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	memcpy(spki, p, sizeof(gnutls_x509_spki_st));
+
+	return 0;
+}
+
+/**
+ * gnutls_pubkey_set_spki:
+ * @pubkey: a public key of type #gnutls_pubkey_t
+ * @spki: a SubjectPublicKeyInfo structure of type #gnutls_pubkey_spki_t
+ * @flags: must be zero
+ *
+ * This function will set the public key information.
+ * The provided @spki must be initialized.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_pubkey_set_spki(gnutls_pubkey_t pubkey, const gnutls_x509_spki_t spki, unsigned int flags)
+{
+	if (pubkey == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (!_gnutls_pk_are_compat(pubkey->params.algo, spki->pk))
+                return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memcpy(&pubkey->params.spki, spki, sizeof(gnutls_x509_spki_st));
+
+	pubkey->params.algo = spki->pk;
+
+	return 0;
+}
diff --git a/lib/random.c b/lib/random.c
new file mode 100644
index 0000000..f1abe74
--- /dev/null
+++ b/lib/random.c
@@ -0,0 +1,196 @@
+/*
+ * Copyright (C) 2008-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file handles all the internal functions that cope with random data.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <random.h>
+#include "locks.h"
+#include <fips.h>
+
+#include "gthreads.h"
+
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+extern gnutls_crypto_rnd_st _gnutls_fuzz_rnd_ops;
+#endif
+
+/* Per thread context of random generator, and a flag to indicate initialization */
+static _Thread_local void *gnutls_rnd_ctx;
+static _Thread_local unsigned rnd_initialized = 0;
+
+struct rnd_ctx_list_st {
+	void *ctx;
+	struct rnd_ctx_list_st *next;
+};
+
+/* A global list of all allocated contexts - to be
+ * used during deinitialization. */
+GNUTLS_STATIC_MUTEX(gnutls_rnd_ctx_list_mutex);
+static struct rnd_ctx_list_st *head = NULL;
+
+static int append(void *ctx)
+{
+	struct rnd_ctx_list_st *e = gnutls_malloc(sizeof(*e));
+
+	if (e == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	e->ctx = ctx;
+	e->next = head;
+
+	head = e;
+
+	return 0;
+}
+
+inline static int _gnutls_rnd_init(void)
+{
+	if (unlikely(!rnd_initialized)) {
+		int ret;
+
+		if (_gnutls_rnd_ops.init == NULL) {
+			rnd_initialized = 1;
+			return 0;
+		}
+
+		if (_gnutls_rnd_ops.init(&gnutls_rnd_ctx) < 0) {
+			gnutls_assert();
+			return GNUTLS_E_RANDOM_FAILED;
+		}
+
+		ret = gnutls_static_mutex_lock(&gnutls_rnd_ctx_list_mutex);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+		ret = append(gnutls_rnd_ctx);
+		(void)gnutls_static_mutex_unlock(&gnutls_rnd_ctx_list_mutex);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_rnd_ops.deinit(gnutls_rnd_ctx);
+			return ret;
+		}
+
+		rnd_initialized = 1;
+	}
+	return 0;
+}
+
+int _gnutls_rnd_preinit(void)
+{
+	int ret;
+
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+# warning Insecure PRNG is enabled
+	ret = gnutls_crypto_rnd_register(100, &_gnutls_fuzz_rnd_ops);
+	if (ret < 0)
+		return ret;
+
+#elif defined(ENABLE_FIPS140)
+	/* The FIPS140 random generator is only enabled when we are compiled
+	 * with FIPS support, _and_ the system is in FIPS installed state.
+	 */
+	if (_gnutls_fips_mode_enabled() != 0) {
+		ret = gnutls_crypto_rnd_register(100, &_gnutls_fips_rnd_ops);
+		if (ret < 0)
+			return ret;
+	}
+#endif
+
+	ret = _rnd_system_entropy_init();
+	if (ret < 0) {
+		gnutls_assert();
+		return GNUTLS_E_RANDOM_FAILED;
+	}
+
+	return 0;
+}
+
+void _gnutls_rnd_deinit(void)
+{
+	if (_gnutls_rnd_ops.deinit != NULL) {
+		struct rnd_ctx_list_st *e = head, *next;
+
+		while(e != NULL) {
+			next = e->next;
+			_gnutls_rnd_ops.deinit(e->ctx);
+			gnutls_free(e);
+			e = next;
+		}
+		head = NULL;
+	}
+
+	rnd_initialized = 0;
+	_rnd_system_entropy_deinit();
+
+	return;
+}
+
+/**
+ * gnutls_rnd:
+ * @level: a security level
+ * @data: place to store random bytes
+ * @len: The requested size
+ *
+ * This function will generate random data and store it to output
+ * buffer. The value of @level should be one of %GNUTLS_RND_NONCE,
+ * %GNUTLS_RND_RANDOM and %GNUTLS_RND_KEY. See the manual and
+ * %gnutls_rnd_level_t for detailed information.
+ *
+ * This function is thread-safe and also fork-safe.
+ *
+ * Returns: Zero on success, or a negative error code on error.
+ *
+ * Since: 2.12.0
+ **/
+int gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len)
+{
+	int ret;
+	FAIL_IF_LIB_ERROR;
+
+	if (unlikely((ret=_gnutls_rnd_init()) < 0))
+		return gnutls_assert_val(ret);
+
+	if (likely(len > 0)) {
+		return _gnutls_rnd_ops.rnd(gnutls_rnd_ctx, level, data,
+					   len);
+	}
+	return 0;
+}
+
+/**
+ * gnutls_rnd_refresh:
+ *
+ * This function refreshes the random generator state.
+ * That is the current precise time, CPU usage, and
+ * other values are input into its state.
+ *
+ * On a slower rate input from /dev/urandom is mixed too.
+ *
+ * Since: 3.1.7
+ **/
+void gnutls_rnd_refresh(void)
+{
+	if (rnd_initialized && _gnutls_rnd_ops.rnd_refresh)
+		_gnutls_rnd_ops.rnd_refresh(gnutls_rnd_ctx);
+}
diff --git a/lib/random.h b/lib/random.h
new file mode 100644
index 0000000..0d76738
--- /dev/null
+++ b/lib/random.h
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2008-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_RANDOM_H
+#define GNUTLS_LIB_RANDOM_H
+
+#include <gnutls/crypto.h>
+#include <crypto-backend.h>
+#include "nettle/rnd-common.h"
+
+extern int crypto_rnd_prio;
+extern gnutls_crypto_rnd_st _gnutls_rnd_ops;
+
+void _gnutls_rnd_deinit(void);
+int _gnutls_rnd_preinit(void);
+
+#endif /* GNUTLS_LIB_RANDOM_H */
diff --git a/lib/randomart.c b/lib/randomart.c
new file mode 100644
index 0000000..f300fab
--- /dev/null
+++ b/lib/randomart.c
@@ -0,0 +1,62 @@
+/*
+ * Copyright (C) 2001-2015 Free Software Foundation, Inc.
+ * Copyright (C) 2015 Nikos Mavrogiannopoulos
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <extras/randomart.h>
+
+/**
+ * gnutls_random_art:
+ * @type: The type of the random art (for now only %GNUTLS_RANDOM_ART_OPENSSH is supported)
+ * @key_type: The type of the key (RSA, DSA etc.)
+ * @key_size: The size of the key in bits
+ * @fpr: The fingerprint of the key
+ * @fpr_size: The size of the fingerprint
+ * @art: The returned random art
+ *
+ * This function will convert a given fingerprint to an "artistic"
+ * image. The returned image is allocated using gnutls_malloc(), is
+ * null-terminated but art->size will not account the terminating null.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ **/
+int gnutls_random_art(gnutls_random_art_t type,
+		      const char *key_type, unsigned int key_size,
+		      void *fpr, size_t fpr_size, gnutls_datum_t * art)
+{
+	if (type != GNUTLS_RANDOM_ART_OPENSSH)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	art->data =
+	    (void *) _gnutls_key_fingerprint_randomart(fpr, fpr_size,
+						       key_type, key_size,
+						       NULL);
+	if (art->data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	art->size = strlen((char *) art->data);
+
+	return 0;
+}
+
diff --git a/lib/range.c b/lib/range.c
new file mode 100644
index 0000000..041578c
--- /dev/null
+++ b/lib/range.c
@@ -0,0 +1,325 @@
+/*
+ * Copyright (C) 2012 INRIA Paris-Rocquencourt
+ *
+ * Author: Alfredo Pironti
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "algorithms.h"
+#include "constate.h"
+#include "record.h"
+
+static void
+_gnutls_set_range(gnutls_range_st * dst, const size_t low,
+		  const size_t high)
+{
+	dst->low = low;
+	dst->high = high;
+	return;
+}
+
+/*
+ * Returns how much LH pad we can put in this fragment, given we'll
+ * put at least data_length bytes of user data.
+ */
+static ssize_t
+_gnutls_range_max_lh_pad(gnutls_session_t session, ssize_t data_length,
+			 ssize_t max_frag)
+{
+	int ret;
+	ssize_t max_pad;
+	unsigned int fixed_pad;
+	record_parameters_st *record_params;
+	ssize_t this_pad;
+	ssize_t block_size;
+	ssize_t tag_size, overflow;
+	const version_entry_st *vers = get_version(session);
+
+	if (unlikely(vers == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	ret =
+	    _gnutls_epoch_get(session, EPOCH_WRITE_CURRENT,
+			      &record_params);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (!vers->tls13_sem && record_params->write.is_aead) /* not yet ready */
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (vers->tls13_sem) {
+		max_pad = max_record_send_size(session, record_params);
+		fixed_pad = 2;
+	} else {
+		max_pad = MAX_PAD_SIZE;
+		fixed_pad = 1;
+	}
+
+	this_pad = MIN(max_pad, max_frag - data_length);
+
+	block_size = _gnutls_cipher_get_block_size(record_params->cipher);
+	tag_size =
+	    _gnutls_auth_cipher_tag_len(&record_params->write.
+					ctx.tls12);
+	switch (_gnutls_cipher_type(record_params->cipher)) {
+	case CIPHER_AEAD:
+	case CIPHER_STREAM:
+		return this_pad;
+
+	case CIPHER_BLOCK:
+		overflow =
+		    (data_length + this_pad + tag_size +
+		     fixed_pad) % block_size;
+		if (overflow > this_pad) {
+			return this_pad;
+		} else {
+			return this_pad - overflow;
+		}
+	default:
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+}
+
+/**
+ * gnutls_record_can_use_length_hiding:
+ * @session: is a #gnutls_session_t type.
+ *
+ * If the session supports length-hiding padding, you can
+ * invoke gnutls_record_send_range() to send a message whose
+ * length is hidden in the given range. If the session does not
+ * support length hiding padding, you can use the standard
+ * gnutls_record_send() function, or gnutls_record_send_range()
+ * making sure that the range is the same as the length of the
+ * message you are trying to send.
+ *
+ * Returns: true (1) if the current session supports length-hiding
+ * padding, false (0) if the current session does not.
+ **/
+unsigned gnutls_record_can_use_length_hiding(gnutls_session_t session)
+{
+	int ret;
+	record_parameters_st *record_params;
+	const version_entry_st *vers = get_version(session);
+
+	if (unlikely(vers == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (vers->tls13_sem)
+		return 1;
+
+#ifdef ENABLE_SSL3
+	if (vers->id == GNUTLS_SSL3)
+		return 0;
+#endif
+
+	ret =
+	    _gnutls_epoch_get(session, EPOCH_WRITE_CURRENT,
+			      &record_params);
+	if (ret < 0) {
+		return 0;
+	}
+
+	switch (_gnutls_cipher_type(record_params->cipher)) {
+	case CIPHER_BLOCK:
+		return 1;
+	case CIPHER_STREAM:
+	case CIPHER_AEAD:
+	default:
+		return 0;
+	}
+}
+
+/**
+ * gnutls_range_split:
+ * @session: is a #gnutls_session_t type
+ * @orig: is the original range provided by the user
+ * @next: is the returned range that can be conveyed in a TLS record
+ * @remainder: is the returned remaining range
+ *
+ * This function should be used when it is required to hide the length
+ * of very long data that cannot be directly provided to gnutls_record_send_range().
+ * In that case this function should be called with the desired length
+ * hiding range in @orig. The returned @next value should then be used in
+ * the next call to gnutls_record_send_range() with the partial data.
+ * That process should be repeated until @remainder is (0,0).
+ *
+ * Returns: 0 in case splitting succeeds, non zero in case of error.
+ * Note that @orig is not changed, while the values of @next
+ * and @remainder are modified to store the resulting values.
+ */
+int
+gnutls_range_split(gnutls_session_t session,
+		   const gnutls_range_st * orig,
+		   gnutls_range_st * next, gnutls_range_st * remainder)
+{
+	int ret;
+	ssize_t max_frag;
+	ssize_t orig_low = (ssize_t) orig->low;
+	ssize_t orig_high = (ssize_t) orig->high;
+	record_parameters_st *record_params;
+
+	ret =
+	    _gnutls_epoch_get(session, EPOCH_WRITE_CURRENT,
+			      &record_params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	max_frag = max_record_send_size(session, record_params);
+
+	if (orig_high == orig_low) {
+		int length = MIN(orig_high, max_frag);
+		int rem = orig_high - length;
+		_gnutls_set_range(next, length, length);
+		_gnutls_set_range(remainder, rem, rem);
+
+		return 0;
+	} else {
+		if (orig_low >= max_frag) {
+			_gnutls_set_range(next, max_frag, max_frag);
+			_gnutls_set_range(remainder, orig_low - max_frag,
+					  orig_high - max_frag);
+		} else {
+			ret =
+			    _gnutls_range_max_lh_pad(session, orig_low,
+						     max_frag);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			ssize_t this_pad = MIN(ret, orig_high - orig_low);
+
+			_gnutls_set_range(next, orig_low,
+					  orig_low + this_pad);
+			_gnutls_set_range(remainder, 0,
+					  orig_high - (orig_low +
+						       this_pad));
+		}
+
+		return 0;
+	}
+}
+
+static size_t
+_gnutls_range_fragment(size_t data_size, gnutls_range_st cur,
+		       gnutls_range_st next)
+{
+	return MIN(cur.high, data_size - next.low);
+}
+
+/**
+ * gnutls_record_send_range:
+ * @session: is a #gnutls_session_t type.
+ * @data: contains the data to send.
+ * @data_size: is the length of the data.
+ * @range: is the range of lengths in which the real data length must be hidden.
+ *
+ * This function operates like gnutls_record_send() but, while
+ * gnutls_record_send() adds minimal padding to each TLS record,
+ * this function uses the TLS extra-padding feature to conceal the real
+ * data size within the range of lengths provided.
+ * Some TLS sessions do not support extra padding (e.g. stream ciphers in standard
+ * TLS or SSL3 sessions). To know whether the current session supports extra
+ * padding, and hence length hiding, use the gnutls_record_can_use_length_hiding()
+ * function.
+ *
+ * Note: This function currently is limited to blocking sockets.
+ *
+ * Returns: The number of bytes sent (that is data_size in a successful invocation),
+ * or a negative error code.
+ **/
+ssize_t
+gnutls_record_send_range(gnutls_session_t session, const void *data,
+			 size_t data_size, const gnutls_range_st * range)
+{
+	size_t sent = 0;
+	size_t next_fragment_length;
+	ssize_t ret;
+	gnutls_range_st cur_range, next_range;
+
+	/* sanity check on range and data size */
+	if (range->low > range->high ||
+	    data_size < range->low || data_size > range->high) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	ret = gnutls_record_can_use_length_hiding(session);
+	if (ret == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	_gnutls_set_range(&cur_range, range->low, range->high);
+
+	_gnutls_record_log
+	    ("RANGE: Preparing message with size %d, range (%d,%d)\n",
+	     (int) data_size, (int) range->low, (int) range->high);
+
+	while (cur_range.high != 0) {
+		ret =
+		    gnutls_range_split(session, &cur_range, &cur_range,
+				       &next_range);
+		if (ret < 0) {
+			return ret;	/* already gnutls_assert_val'd */
+		}
+
+		next_fragment_length =
+		    _gnutls_range_fragment(data_size, cur_range,
+					   next_range);
+
+		_gnutls_record_log
+		    ("RANGE: Next fragment size: %d (%d,%d); remaining range: (%d,%d)\n",
+		     (int) next_fragment_length, (int) cur_range.low,
+		     (int) cur_range.high, (int) next_range.low,
+		     (int) next_range.high);
+
+		ret =
+		    _gnutls_send_tlen_int(session, GNUTLS_APPLICATION_DATA,
+					  -1, EPOCH_WRITE_CURRENT,
+					  &(((char *) data)[sent]),
+					  next_fragment_length,
+					  cur_range.high -
+					  next_fragment_length,
+					  MBUFFER_FLUSH);
+
+		while (ret == GNUTLS_E_AGAIN
+		       || ret == GNUTLS_E_INTERRUPTED) {
+			ret =
+			    _gnutls_send_tlen_int(session,
+						  GNUTLS_APPLICATION_DATA,
+						  -1, EPOCH_WRITE_CURRENT,
+						  NULL, 0, 0,
+						  MBUFFER_FLUSH);
+		}
+
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+		if (ret != (ssize_t) next_fragment_length) {
+			_gnutls_record_log
+			    ("RANGE: ERROR: ret = %d; next_fragment_length = %d\n",
+			     (int) ret, (int) next_fragment_length);
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		}
+		sent += next_fragment_length;
+		data_size -= next_fragment_length;
+		_gnutls_set_range(&cur_range, next_range.low,
+				  next_range.high);
+	}
+
+	return sent;
+}
diff --git a/lib/record.c b/lib/record.c
new file mode 100644
index 0000000..fd24aca
--- /dev/null
+++ b/lib/record.c
@@ -0,0 +1,2536 @@
+/*
+ * Copyright (C) 2000-2018 Free Software Foundation, Inc.
+ * Copyright (C) 2012-2018 Nikos Mavrogiannopoulos
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that are record layer specific, are included in this file.
+ */
+
+/* allocate this many bytes more when encrypting or decrypting, to
+ * compensate for broken backends such as cryptodev.
+ */
+#define CIPHER_SLACK_SIZE 32
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "debug.h"
+#include "cipher.h"
+#include "buffers.h"
+#include "mbuffers.h"
+#include "handshake.h"
+#include "hash_int.h"
+#include "cipher_int.h"
+#include "algorithms.h"
+#include "db.h"
+#include "auth.h"
+#include "num.h"
+#include "record.h"
+#include "datum.h"
+#include "constate.h"
+#include "tls13/key_update.h"
+#include <ext/heartbeat.h>
+#include <state.h>
+#include <dtls.h>
+#include <dh.h>
+#include <random.h>
+#include <xsize.h>
+#include "locks.h"
+#include "system/ktls.h"
+#include <intprops.h>
+
+
+struct tls_record_st {
+	uint16_t header_size;
+	uint8_t version[2];
+	uint64_t sequence;	/* DTLS */
+	uint16_t length;
+	uint16_t packet_size;	/* header_size + length */
+	content_type_t type;
+	uint16_t epoch;		/* valid in DTLS only */
+#ifdef ENABLE_SSL2
+	unsigned v2:1;		/* whether an SSLv2 client hello */
+#endif
+	/* the data */
+};
+
+/**
+ * gnutls_record_disable_padding:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Used to disabled padding in TLS 1.0 and above.  Normally you do not
+ * need to use this function, but there are buggy clients that
+ * complain if a server pads the encrypted data.  This of course will
+ * disable protection against statistical attacks on the data.
+ *
+ * This function is defunct since 3.1.7. Random padding is disabled
+ * by default unless requested using gnutls_record_send_range().
+ *
+ **/
+void gnutls_record_disable_padding(gnutls_session_t session)
+{
+	return;
+}
+
+/**
+ * gnutls_transport_set_ptr:
+ * @session: is a #gnutls_session_t type.
+ * @ptr: is the value.
+ *
+ * Used to set the first argument of the transport function (for push
+ * and pull callbacks). In berkeley style sockets this function will set the
+ * connection descriptor.
+ *
+ **/
+void
+gnutls_transport_set_ptr(gnutls_session_t session,
+			 gnutls_transport_ptr_t ptr)
+{
+	session->internals.transport_recv_ptr = ptr;
+	session->internals.transport_send_ptr = ptr;
+}
+
+/**
+ * gnutls_transport_set_ptr2:
+ * @session: is a #gnutls_session_t type.
+ * @recv_ptr: is the value for the pull function
+ * @send_ptr: is the value for the push function
+ *
+ * Used to set the first argument of the transport function (for push
+ * and pull callbacks). In berkeley style sockets this function will set the
+ * connection descriptor.  With this function you can use two different
+ * pointers for receiving and sending.
+ **/
+void
+gnutls_transport_set_ptr2(gnutls_session_t session,
+			  gnutls_transport_ptr_t recv_ptr,
+			  gnutls_transport_ptr_t send_ptr)
+{
+	session->internals.transport_send_ptr = send_ptr;
+	session->internals.transport_recv_ptr = recv_ptr;
+}
+
+/**
+ * gnutls_transport_set_int2:
+ * @session: is a #gnutls_session_t type.
+ * @recv_fd: is socket descriptor for the pull function
+ * @send_fd: is socket descriptor for the push function
+ *
+ * This function sets the first argument of the transport functions,
+ * such as send() and recv() for the default callbacks using the
+ * system's socket API. With this function you can set two different
+ * descriptors for receiving and sending.
+ *
+ * This function is equivalent to calling gnutls_transport_set_ptr2()
+ * with the descriptors, but requires no casts.
+ *
+ * Since: 3.1.9
+ **/
+void
+gnutls_transport_set_int2(gnutls_session_t session,
+			  int recv_fd, int send_fd)
+{
+	session->internals.transport_send_ptr =
+	    (gnutls_transport_ptr_t) (long) send_fd;
+	session->internals.transport_recv_ptr =
+	    (gnutls_transport_ptr_t) (long) recv_fd;
+}
+
+#if 0
+/* this will be a macro */
+/**
+ * gnutls_transport_set_int:
+ * @session: is a #gnutls_session_t type.
+ * @fd: is the socket descriptor for the connection.
+ *
+ * This function sets the first argument of the transport function, such
+ * as send() and recv() for the default callbacks using the
+ * system's socket API.
+ *
+ * This function is equivalent to calling gnutls_transport_set_ptr()
+ * with the descriptor, but requires no casts.
+ *
+ * Since: 3.1.9
+ *
+ **/
+void gnutls_transport_set_int(gnutls_session_t session, int fd)
+{
+	session->internals.transport_recv_ptr =
+	    (gnutls_transport_ptr_t) (long) fd;
+	session->internals.transport_send_ptr =
+	    (gnutls_transport_ptr_t) (long) fd;
+}
+#endif
+
+/**
+ * gnutls_transport_get_ptr:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Used to get the first argument of the transport function (like
+ * PUSH and PULL).  This must have been set using
+ * gnutls_transport_set_ptr().
+ *
+ * Returns: The first argument of the transport function.
+ **/
+gnutls_transport_ptr_t gnutls_transport_get_ptr(gnutls_session_t session)
+{
+	return session->internals.transport_recv_ptr;
+}
+
+/**
+ * gnutls_transport_get_ptr2:
+ * @session: is a #gnutls_session_t type.
+ * @recv_ptr: will hold the value for the pull function
+ * @send_ptr: will hold the value for the push function
+ *
+ * Used to get the arguments of the transport functions (like PUSH
+ * and PULL).  These should have been set using
+ * gnutls_transport_set_ptr2().
+ **/
+void
+gnutls_transport_get_ptr2(gnutls_session_t session,
+			  gnutls_transport_ptr_t * recv_ptr,
+			  gnutls_transport_ptr_t * send_ptr)
+{
+
+	*recv_ptr = session->internals.transport_recv_ptr;
+	*send_ptr = session->internals.transport_send_ptr;
+}
+
+/**
+ * gnutls_transport_get_int2:
+ * @session: is a #gnutls_session_t type.
+ * @recv_int: will hold the value for the pull function
+ * @send_int: will hold the value for the push function
+ *
+ * Used to get the arguments of the transport functions (like PUSH
+ * and PULL).  These should have been set using
+ * gnutls_transport_set_int2().
+ *
+ * Since: 3.1.9
+ **/
+void
+gnutls_transport_get_int2(gnutls_session_t session,
+			  int *recv_int, int *send_int)
+{
+
+	*recv_int = (long) session->internals.transport_recv_ptr;
+	*send_int = (long) session->internals.transport_send_ptr;
+}
+
+/**
+ * gnutls_transport_get_int:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Used to get the first argument of the transport function (like
+ * PUSH and PULL).  This must have been set using
+ * gnutls_transport_set_int().
+ *
+ * Returns: The first argument of the transport function.
+ *
+ * Since: 3.1.9
+ **/
+int gnutls_transport_get_int(gnutls_session_t session)
+{
+	return (long) session->internals.transport_recv_ptr;
+}
+
+/**
+ * gnutls_bye:
+ * @session: is a #gnutls_session_t type.
+ * @how: is an integer
+ *
+ * Terminates the current TLS/SSL connection. The connection should
+ * have been initiated using gnutls_handshake().  @how should be one
+ * of %GNUTLS_SHUT_RDWR, %GNUTLS_SHUT_WR.
+ *
+ * In case of %GNUTLS_SHUT_RDWR the TLS session gets
+ * terminated and further receives and sends will be disallowed.  If
+ * the return value is zero you may continue using the underlying
+ * transport layer. %GNUTLS_SHUT_RDWR sends an alert containing a close
+ * request and waits for the peer to reply with the same message.
+ *
+ * In case of %GNUTLS_SHUT_WR the TLS session gets terminated
+ * and further sends will be disallowed. In order to reuse the
+ * connection you should wait for an EOF from the peer.
+ * %GNUTLS_SHUT_WR sends an alert containing a close request.
+ *
+ * Note that not all implementations will properly terminate a TLS
+ * connection.  Some of them, usually for performance reasons, will
+ * terminate only the underlying transport layer, and thus not
+ * distinguishing between a malicious party prematurely terminating
+ * the connection and normal termination.
+ *
+ * This function may also return %GNUTLS_E_AGAIN or
+ * %GNUTLS_E_INTERRUPTED; cf.  gnutls_record_get_direction().
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code, see
+ *   function documentation for entire semantics.
+ **/
+int gnutls_bye(gnutls_session_t session, gnutls_close_request_t how)
+{
+	int ret = 0;
+
+	switch (BYE_STATE) {
+	case BYE_STATE0:
+		if (!IS_KTLS_ENABLED(session, GNUTLS_KTLS_SEND))
+			ret = _gnutls_io_write_flush(session);
+		BYE_STATE = BYE_STATE0;
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+		FALLTHROUGH;
+	case BYE_STATE1:
+		ret = gnutls_alert_send(session, GNUTLS_AL_WARNING,
+				GNUTLS_A_CLOSE_NOTIFY);
+		BYE_STATE = BYE_STATE1;
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+		FALLTHROUGH;
+	case BYE_STATE2:
+		BYE_STATE = BYE_STATE2;
+		if (how == GNUTLS_SHUT_RDWR) {
+			if (IS_KTLS_ENABLED(session, GNUTLS_KTLS_SEND)){
+				do {
+					ret = _gnutls_ktls_recv_int(session,
+							GNUTLS_ALERT, NULL, 0);
+				}
+				while (ret == GNUTLS_E_GOT_APPLICATION_DATA);
+			} else {
+				do {
+					ret =
+						_gnutls_recv_int(session, GNUTLS_ALERT,
+								 NULL, 0, NULL,
+								 session->internals.
+								 record_timeout_ms);
+				}
+				while (ret == GNUTLS_E_GOT_APPLICATION_DATA);
+			}
+
+			if (ret >= 0)
+				session->internals.may_not_read = 1;
+
+			if (ret < 0) {
+				gnutls_assert();
+				return ret;
+			}
+		}
+		BYE_STATE = BYE_STATE2;
+
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	BYE_STATE = BYE_STATE0;
+
+	session->internals.may_not_write = 1;
+	return 0;
+}
+
+inline static void session_unresumable(gnutls_session_t session)
+{
+	session->internals.resumable = false;
+}
+
+/* returns 0 if session is valid
+ */
+inline static int session_is_valid(gnutls_session_t session)
+{
+	if (session->internals.invalid_connection != 0)
+		return GNUTLS_E_INVALID_SESSION;
+
+	return 0;
+}
+
+/* Copies the record version into the headers. The
+ * version must have 2 bytes at least.
+ */
+inline static int
+copy_record_version(gnutls_session_t session,
+		    gnutls_handshake_description_t htype,
+		    uint8_t version[2])
+{
+	const version_entry_st *lver;
+
+	lver = get_version(session);
+	if (session->internals.initial_negotiation_completed ||
+	    htype != GNUTLS_HANDSHAKE_CLIENT_HELLO ||
+	    (session->internals.hsk_flags & HSK_HRR_RECEIVED) ||
+	    session->internals.default_record_version[0] == 0) {
+
+		if (unlikely(lver == NULL))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		if (lver->tls13_sem) {
+			version[0] = 0x03;
+			version[1] = 0x03;
+		} else {
+			version[0] = lver->major;
+			version[1] = lver->minor;
+		}
+	} else {
+		version[0] = session->internals.default_record_version[0];
+		version[1] = session->internals.default_record_version[1];
+	}
+
+	return 0;
+}
+
+/* Increments the sequence value
+ */
+inline static int
+sequence_increment(gnutls_session_t session, uint64_t * value)
+{
+	uint64_t snmax = UINT64_C(0xffffffffffffffff);
+
+	if (IS_DTLS(session)) {
+		uint64_t mask;
+
+		snmax = UINT64_C(0xffffffffffff);
+		mask = snmax;
+
+		if ((*value & mask) == snmax)
+			return -1;
+
+		*value = ((*value & mask) + 1) | (*value & ~mask);
+	} else {
+		if (*value == snmax)
+			return -1;
+
+		(*value)++;
+	}
+
+	return 0;
+}
+
+/* This function behaves exactly like write(). The only difference is
+ * that it accepts, the gnutls_session_t and the content_type_t of data to
+ * send (if called by the user the Content is specific)
+ * It is intended to transfer data, under the current session.
+ *
+ * @type: The content type to send
+ * @htype: If this is a handshake message then the handshake type
+ * @epoch_rel: %EPOCH_READ_* or %EPOCH_WRITE_*
+ * @data: the data to be sent
+ * @data_size: the size of the @data
+ * @min_pad: the minimum required padding
+ * @mflags: zero or %MBUFFER_FLUSH
+ *
+ * Oct 30 2001: Removed capability to send data more than MAX_RECORD_SIZE.
+ * This makes the function much easier to read, and more error resistant
+ * (there were cases were the old function could mess everything up).
+ * --nmav
+ *
+ * This function may accept a NULL pointer for data, and 0 for size, if
+ * and only if the previous send was interrupted for some reason.
+ *
+ */
+ssize_t
+_gnutls_send_tlen_int(gnutls_session_t session, content_type_t type,
+		      gnutls_handshake_description_t htype,
+		      unsigned int epoch_rel, const void *_data,
+		      size_t data_size, size_t min_pad,
+		      unsigned int mflags)
+{
+	mbuffer_st *bufel;
+	ssize_t cipher_size;
+	int retval, ret;
+	int send_data_size;
+	uint8_t *headers;
+	int header_size;
+	const uint8_t *data = _data;
+	record_parameters_st *record_params;
+	size_t max_send_size;
+	record_state_st *record_state;
+	const version_entry_st *vers = get_version(session);
+
+	ret = _gnutls_epoch_get(session, epoch_rel, &record_params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* Safeguard against processing data with an incomplete cipher state. */
+	if (!record_params->initialized)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	record_state = &record_params->write;
+
+	/* Do not allow null pointer if the send buffer is empty.
+	 * If the previous send was interrupted then a null pointer is
+	 * ok, and means to resume.
+	 */
+	if (session->internals.record_send_buffer.byte_length == 0 &&
+	    (data_size == 0 && _data == NULL)) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (type != GNUTLS_ALERT)	/* alert messages are sent anyway */
+		if (session_is_valid(session)
+		    || session->internals.may_not_write != 0) {
+			gnutls_assert();
+			return GNUTLS_E_INVALID_SESSION;
+		}
+
+	max_send_size = max_record_send_size(session, record_params);
+
+	if (data_size > max_send_size) {
+		if (IS_DTLS(session))
+			return gnutls_assert_val(GNUTLS_E_LARGE_PACKET);
+
+		send_data_size = max_send_size;
+	} else
+		send_data_size = data_size;
+
+	/* Only encrypt if we don't have data to send
+	 * from the previous run. - probably interrupted.
+	 */
+	if (mflags != 0
+	    && session->internals.record_send_buffer.byte_length > 0) {
+		ret = _gnutls_io_write_flush(session);
+		if (ret > 0)
+			cipher_size = ret;
+		else
+			cipher_size = 0;
+
+		retval = session->internals.record_send_buffer_user_size;
+	} else {
+		if (unlikely((send_data_size == 0 && min_pad == 0)))
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		/* now proceed to packet encryption
+		 */
+		cipher_size = MAX_RECORD_SEND_SIZE(session);
+
+		bufel = _mbuffer_alloc_align16(cipher_size + CIPHER_SLACK_SIZE,
+			get_total_headers2(session, record_params));
+		if (bufel == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		headers = _mbuffer_get_uhead_ptr(bufel);
+		if (vers->tls13_sem && record_params->cipher->id != GNUTLS_CIPHER_NULL)
+			headers[0] = GNUTLS_APPLICATION_DATA;
+		else
+			headers[0] = type;
+
+		/* Use the default record version, if it is
+		 * set. */
+		ret = copy_record_version(session, htype, &headers[1]);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		/* Adjust header length and add sequence for DTLS */
+		if (IS_DTLS(session))
+			_gnutls_write_uint64(record_state->sequence_number, &headers[3]);
+
+		_gnutls_record_log
+		    ("REC[%p]: Preparing Packet %s(%d) with length: %d and min pad: %d\n",
+		     session, _gnutls_packet2str(type), type,
+		     (int) data_size, (int) min_pad);
+
+		header_size = RECORD_HEADER_SIZE(session);
+		_mbuffer_set_udata_size(bufel, cipher_size);
+		_mbuffer_set_uhead_size(bufel, header_size);
+
+		ret =
+		    _gnutls_encrypt(session,
+				    data, send_data_size, min_pad,
+				    bufel, type, record_params);
+		if (ret <= 0) {
+			gnutls_assert();
+			if (ret == 0)
+				ret = GNUTLS_E_ENCRYPTION_FAILED;
+			gnutls_free(bufel);
+			return ret;	/* error */
+		}
+
+		cipher_size = _mbuffer_get_udata_size(bufel);
+		retval = send_data_size;
+		session->internals.record_send_buffer_user_size =
+		    send_data_size;
+
+		/* increase sequence number
+		 */
+		if (sequence_increment
+		    (session, &record_state->sequence_number) != 0) {
+			session_invalidate(session);
+			gnutls_free(bufel);
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_RECORD_LIMIT_REACHED);
+		}
+
+		ret = _gnutls_io_write_buffered(session, bufel, mflags);
+	}
+
+	if (ret != cipher_size) {
+		/* If we have sent any data then just return
+		 * the error value. Do not invalidate the session.
+		 */
+		if (ret < 0 && gnutls_error_is_fatal(ret) == 0)
+			return gnutls_assert_val(ret);
+
+		if (ret > 0)
+			ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		session_unresumable(session);
+		session->internals.may_not_write = 1;
+		return gnutls_assert_val(ret);
+	}
+
+	session->internals.record_send_buffer_user_size = 0;
+
+	_gnutls_record_log
+	    ("REC[%p]: Sent Packet[%ld] %s(%d) in epoch %d and length: %d\n",
+	     session, (unsigned long)(record_state->sequence_number),
+	     _gnutls_packet2str(type), type, (int) record_params->epoch,
+	     (int) cipher_size);
+
+	if (vers->tls13_sem && !(session->internals.flags & GNUTLS_NO_AUTO_REKEY) &&
+	    !(record_params->cipher->flags & GNUTLS_CIPHER_FLAG_NO_REKEY)) {
+		if (unlikely((record_state->sequence_number & UINT64_C(0xffffff)) == UINT64_C(0xfffffd))) {
+			/* After we have sent 2^24 messages, mark the session
+			 * as needing a key update. */
+			session->internals.rsend_state = RECORD_SEND_KEY_UPDATE_1;
+		}
+	}
+
+	return retval;
+}
+
+inline static int
+check_recv_type(gnutls_session_t session, content_type_t recv_type)
+{
+	switch (recv_type) {
+	case GNUTLS_CHANGE_CIPHER_SPEC:
+	case GNUTLS_ALERT:
+	case GNUTLS_HANDSHAKE:
+	case GNUTLS_HEARTBEAT:
+	case GNUTLS_APPLICATION_DATA:
+		return 0;
+	default:
+		gnutls_assert();
+		_gnutls_audit_log(session,
+				  "Received record packet of unknown type %u\n",
+				  (unsigned int) recv_type);
+		return GNUTLS_E_UNEXPECTED_PACKET;
+	}
+
+}
+
+
+/* Checks if there are pending data in the record buffers. If there are
+ * then it copies the data.
+ */
+static int
+get_data_from_buffers(gnutls_session_t session, content_type_t type,
+	      uint8_t * data, int data_size, void *seq)
+{
+	if ((type == GNUTLS_APPLICATION_DATA ||
+	     type == GNUTLS_HANDSHAKE || type == GNUTLS_CHANGE_CIPHER_SPEC)
+	    && _gnutls_record_buffer_get_size(session) > 0) {
+		int ret;
+		ret =
+		    _gnutls_record_buffer_get(type, session, data,
+					      data_size, seq);
+		if (ret < 0) {
+			if (IS_DTLS(session)) {
+				if (ret == GNUTLS_E_UNEXPECTED_PACKET) {
+					ret = GNUTLS_E_AGAIN;
+				}
+			}
+			gnutls_assert();
+			return ret;
+		}
+
+		return ret;
+	}
+
+	return 0;
+}
+
+/* Checks and retrieves any pending data in the application data record buffers.
+ */
+static int
+get_packet_from_buffers(gnutls_session_t session, content_type_t type,
+		     gnutls_packet_t *packet)
+{
+	if (_gnutls_record_buffer_get_size(session) > 0) {
+		int ret;
+		ret =
+			_gnutls_record_buffer_get_packet(type, session, packet);
+		if (ret < 0) {
+			if (IS_DTLS(session)) {
+				if (ret == GNUTLS_E_UNEXPECTED_PACKET) {
+					ret = GNUTLS_E_AGAIN;
+				}
+			}
+			gnutls_assert();
+			return ret;
+		}
+
+		return ret;
+	}
+
+	*packet = NULL;
+	return 0;
+}
+
+
+
+/* Here we check if the advertized version is the one we
+ * negotiated in the handshake.
+ */
+inline static int
+record_check_version(gnutls_session_t session,
+		     gnutls_handshake_description_t htype,
+		     uint8_t version[2])
+{
+	const version_entry_st *vers = get_version(session);
+	int diff = 0;
+
+	if (vers->tls13_sem) {
+		/* TLS 1.3 requires version to be 0x0303 */
+		if (version[0] != 0x03 || version[1] != 0x03)
+			diff = 1;
+	} else {
+		if (vers->major != version[0] || vers->minor != version[1])
+			diff = 1;
+	}
+
+	if (!IS_DTLS(session)) {
+		if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO ||
+		    htype == GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST ||
+		    htype == GNUTLS_HANDSHAKE_SERVER_HELLO) {
+			if (version[0] != 3) {
+				gnutls_assert();
+				_gnutls_record_log
+				    ("REC[%p]: INVALID VERSION PACKET: (%d) %d.%d\n",
+				     session, htype, version[0],
+				     version[1]);
+				return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
+			}
+		} else if (diff != 0) {
+			/* Reject record packets that have a different version than the
+			 * one negotiated. Note that this version is not protected by any
+			 * mac. I don't really think that this check serves any purpose.
+			 */
+			gnutls_assert();
+			_gnutls_record_log
+			    ("REC[%p]: INVALID VERSION PACKET: (%d) %d.%d\n",
+			     session, htype, version[0], version[1]);
+
+			return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
+		}
+	} else {		/* DTLS */
+
+		/* In DTLS the only information we have here is whether we
+		 * expect a handshake message or not.
+		 */
+		if (htype == (gnutls_handshake_description_t) - 1) {
+			if (diff) {
+				/* Reject record packets that have a different version than the
+				 * one negotiated. Note that this version is not protected by any
+				 * mac. I don't really think that this check serves any purpose.
+				 */
+				gnutls_assert();
+				_gnutls_record_log
+				    ("REC[%p]: INVALID VERSION PACKET: (%d) %d.%d\n",
+				     session, htype, version[0],
+				     version[1]);
+
+				return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
+			}
+		} else if (vers->id > GNUTLS_DTLS1_0 && version[0] > 254) {
+			gnutls_assert();
+			_gnutls_record_log
+			    ("REC[%p]: INVALID DTLS VERSION PACKET: (%d) %d.%d\n",
+			     session, htype, version[0], version[1]);
+			return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
+		} else if (vers->id == GNUTLS_DTLS0_9 && version[0] > 1) {
+			gnutls_assert();
+			_gnutls_record_log
+			    ("REC[%p]: INVALID DTLS VERSION PACKET: (%d) %d.%d\n",
+			     session, htype, version[0], version[1]);
+			return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
+		}
+	}
+
+	return 0;
+}
+
+static int
+recv_hello_request(gnutls_session_t session, void *data,
+		   uint32_t data_size)
+{
+	uint8_t type;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+
+	if (data_size < 1)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	if (session->internals.handshake_in_progress)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+
+	type = ((uint8_t *) data)[0];
+	if (type == GNUTLS_HANDSHAKE_HELLO_REQUEST) {
+		if (IS_DTLS(session))
+			session->internals.dtls.hsk_read_seq++;
+		if (session->internals.flags & GNUTLS_AUTO_REAUTH) {
+			session->internals.recv_state = RECV_STATE_REHANDSHAKE;
+			return GNUTLS_E_AGAIN;
+		} else {
+			return GNUTLS_E_REHANDSHAKE;
+		}
+	} else {
+		gnutls_assert();
+		return GNUTLS_E_UNEXPECTED_PACKET;
+	}
+}
+
+/* This function will check if the received record type is
+ * the one we actually expect and adds it to the proper
+ * buffer. The bufel will be deinitialized after calling
+ * this function, even if it fails.
+ */
+static int
+record_add_to_buffers(gnutls_session_t session,
+		      struct tls_record_st *recv, content_type_t type,
+		      gnutls_handshake_description_t htype,
+		      uint64_t seq, mbuffer_st * bufel)
+{
+
+	int ret;
+	const version_entry_st *ver = get_version(session);
+
+	if ((recv->type == type)
+	    && (type == GNUTLS_APPLICATION_DATA ||
+		type == GNUTLS_CHANGE_CIPHER_SPEC ||
+		type == GNUTLS_HANDSHAKE)) {
+		if (bufel->msg.size == 0) {
+			if (type == GNUTLS_APPLICATION_DATA) {
+				/* this is needed to distinguish an empty
+				 * message and EOF */
+				ret = GNUTLS_E_AGAIN;
+				goto cleanup;
+			} else {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_UNEXPECTED_PACKET);
+				goto unexpected_packet;
+			}
+		}
+
+		/* application data cannot be inserted between (async) handshake
+		 * messages */
+		if (type == GNUTLS_APPLICATION_DATA &&
+		    (session->internals.handshake_recv_buffer_size != 0 ||
+		     session->internals.handshake_header_recv_buffer.length != 0)) {
+			ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+			goto unexpected_packet;
+		}
+
+		_gnutls_record_buffer_put(session, type, seq, bufel);
+
+		/* if we received application data as expected then we
+		 * deactivate the async timer */
+		_dtls_async_timer_delete(session);
+	} else {
+		/* if the expected type is different than the received
+		 */
+		switch (recv->type) {
+		case GNUTLS_ALERT:
+			if (bufel->msg.size < 2) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_UNEXPECTED_PACKET);
+				goto unexpected_packet;
+			}
+
+			_gnutls_record_log
+			    ("REC[%p]: Alert[%d|%d] - %s - was received\n",
+			     session, bufel->msg.data[0],
+			     bufel->msg.data[1],
+			     gnutls_alert_get_name((int) bufel->msg.
+						   data[1]));
+
+			if (!session->internals.initial_negotiation_completed &&
+			    session->internals.handshake_in_progress && STATE == STATE0) { /* handshake hasn't started */
+				ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+				goto unexpected_packet;
+			}
+
+			session->internals.last_alert = bufel->msg.data[1];
+
+			/* if close notify is received and
+			 * the alert is not fatal
+			 */
+			if (bufel->msg.data[1] == GNUTLS_A_CLOSE_NOTIFY
+			    && bufel->msg.data[0] != GNUTLS_AL_FATAL) {
+				/* If we have been expecting for an alert do
+				 */
+				session->internals.read_eof = 1;
+				ret = GNUTLS_E_SESSION_EOF;
+				goto cleanup;
+			} else {
+				/* if the alert is FATAL or WARNING
+				 * return the appropriate message
+				 */
+				gnutls_assert();
+				ret = GNUTLS_E_WARNING_ALERT_RECEIVED;
+				if ((ver && ver->tls13_sem) || bufel->msg.data[0] == GNUTLS_AL_FATAL) {
+					session_unresumable(session);
+					session_invalidate(session);
+					ret =
+					    gnutls_assert_val
+					    (GNUTLS_E_FATAL_ALERT_RECEIVED);
+				}
+				goto cleanup;
+			}
+			break;
+
+		case GNUTLS_CHANGE_CIPHER_SPEC:
+			if (!(IS_DTLS(session))) {
+				ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+				goto cleanup;
+			}
+
+			_gnutls_record_buffer_put(session, recv->type, seq,
+						  bufel);
+
+			break;
+
+#ifdef ENABLE_HEARTBEAT
+		case GNUTLS_HEARTBEAT:
+			ret = _gnutls_heartbeat_handle(session, bufel);
+			goto cleanup;
+#endif
+
+		case GNUTLS_APPLICATION_DATA:
+			if (session->internals.
+			    initial_negotiation_completed == 0) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_UNEXPECTED_PACKET);
+				goto unexpected_packet;
+			}
+
+			/* In TLS1.3 post-handshake authentication allow application
+			 * data error code. */
+			if ((ver && ver->tls13_sem) && type == GNUTLS_HANDSHAKE &&
+			    htype == GNUTLS_HANDSHAKE_CERTIFICATE_PKT &&
+			    session->internals.initial_negotiation_completed) {
+				_gnutls_record_buffer_put(session, recv->type,
+							  seq, bufel);
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_GOT_APPLICATION_DATA);
+			}
+
+			/* The got_application data is only returned
+			 * if expecting client hello (for rehandshake
+			 * reasons). Otherwise it is an unexpected packet
+			 */
+			if (type == GNUTLS_ALERT
+			    || ((htype == GNUTLS_HANDSHAKE_SERVER_HELLO ||
+			         htype == GNUTLS_HANDSHAKE_CLIENT_HELLO ||
+			         htype == GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST)
+				&& type == GNUTLS_HANDSHAKE)) {
+				/* even if data is unexpected put it into the buffer */
+				_gnutls_record_buffer_put(session, recv->type,
+							  seq, bufel);
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_GOT_APPLICATION_DATA);
+			} else {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_UNEXPECTED_PACKET);
+				goto unexpected_packet;
+			}
+
+			break;
+
+		case GNUTLS_HANDSHAKE:
+			/* In DTLS we might receive a handshake replay from the peer to indicate
+			 * the our last TLS handshake messages were not received.
+			 */
+			if (IS_DTLS(session)) {
+				if (type == GNUTLS_CHANGE_CIPHER_SPEC) {
+					ret =
+					    gnutls_assert_val
+					    (GNUTLS_E_UNEXPECTED_PACKET);
+					goto unexpected_packet;
+				}
+
+				if (_dtls_is_async(session)
+				    && _dtls_async_timer_active(session)) {
+					if (session->security_parameters.
+					    entity == GNUTLS_SERVER
+					    && bufel->htype ==
+					    GNUTLS_HANDSHAKE_CLIENT_HELLO)
+					{
+						/* client requested rehandshake. Delete the timer */
+						_dtls_async_timer_delete
+						    (session);
+					} else {
+						session->internals.
+						    recv_state =
+						    RECV_STATE_DTLS_RETRANSMIT;
+						ret =
+						    _dtls_retransmit
+						    (session);
+						if (ret == 0) {
+							session->internals.
+							    recv_state =
+							    RECV_STATE_0;
+							ret =
+							    gnutls_assert_val
+							    (GNUTLS_E_AGAIN);
+							goto unexpected_packet;
+						}
+						goto cleanup;
+					}
+				}
+			}
+
+			/* retrieve async handshake messages */
+			if (ver && ver->tls13_sem) {
+				_gnutls_record_buffer_put(session, recv->type, seq, bufel);
+
+				ret = _gnutls13_recv_async_handshake(session);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+
+				/* bufel is now accounted */
+				return GNUTLS_E_AGAIN;
+			}
+
+			/* This is legal if HELLO_REQUEST is received - and we are a client.
+			 * If we are a server, a client may initiate a renegotiation at any time.
+			 */
+			if (session->security_parameters.entity ==
+			    GNUTLS_SERVER
+			    && session->internals.handshake_in_progress == 0
+			    && bufel->htype ==
+			    GNUTLS_HANDSHAKE_CLIENT_HELLO) {
+				gnutls_assert();
+				_gnutls_record_buffer_put(session,
+							      recv->type,
+							      seq, bufel);
+				return GNUTLS_E_REHANDSHAKE;
+			}
+
+			/* If we are already in a handshake then a Hello
+			 * Request is illegal. But here we don't really care
+			 * since this message will never make it up here.
+			 */
+
+			/* So we accept it, if it is a Hello. If not, this will
+			 * fail and trigger flight retransmissions after some time. */
+			ret =
+			    recv_hello_request(session,
+					       bufel->msg.data,
+					       bufel->msg.size);
+			goto unexpected_packet;
+		default:
+
+			_gnutls_record_log
+			    ("REC[%p]: Received unexpected packet %d (%s) expecting %d (%s)\n",
+			     session, recv->type,
+			     _gnutls_packet2str(recv->type), type,
+			     _gnutls_packet2str(type));
+
+			gnutls_assert();
+			ret = GNUTLS_E_UNEXPECTED_PACKET;
+			goto unexpected_packet;
+		}
+	}
+
+	return 0;
+
+ unexpected_packet:
+
+	if (IS_DTLS(session) && ret != GNUTLS_E_REHANDSHAKE) {
+		_mbuffer_xfree(&bufel);
+		RETURN_DTLS_EAGAIN_OR_TIMEOUT(session, ret);
+	}
+
+ cleanup:
+	_mbuffer_xfree(&bufel);
+	return ret;
+
+}
+
+
+/* Checks the record headers and returns the length, version and
+ * content type.
+ */
+static void
+record_read_headers(gnutls_session_t session,
+		    uint8_t headers[MAX_RECORD_HEADER_SIZE],
+		    content_type_t type,
+		    gnutls_handshake_description_t htype,
+		    struct tls_record_st *record)
+{
+
+	/* Read the first two bytes to determine if this is a
+	 * version 2 message
+	 */
+
+#ifdef ENABLE_SSL2
+	if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO
+	    && type == GNUTLS_HANDSHAKE && headers[0] > 127
+	    && !(IS_DTLS(session))) {
+
+		/* if msb set and expecting handshake message
+		 * it should be SSL 2 hello
+		 */
+		record->version[0] = 3;	/* assume SSL 3.0 */
+		record->version[1] = 0;
+
+		record->length = (((headers[0] & 0x7f) << 8)) | headers[1];
+
+		/* SSL 2.0 headers */
+		record->header_size = record->packet_size = 2;
+		record->type = GNUTLS_HANDSHAKE;	/* we accept only v2 client hello
+							 */
+
+		/* in order to assist the handshake protocol.
+		 * V2 compatibility is a mess.
+		 */
+		record->v2 = 1;
+		record->epoch = 0;
+		memset(&record->sequence, 0, sizeof(record->sequence));
+
+		_gnutls_record_log
+		    ("REC[%p]: SSL 2.0 %s packet received. Length: %d\n",
+		     session, _gnutls_packet2str(record->type),
+		     record->length);
+
+	} else
+#endif
+	{
+		/* dtls version 1.0 and TLS version 1.x */
+#ifdef ENABLE_SSL2
+		record->v2 = 0;
+#endif
+
+		record->type = headers[0];
+		record->version[0] = headers[1];
+		record->version[1] = headers[2];
+
+		if (IS_DTLS(session)) {
+			record->sequence = _gnutls_read_uint64(&headers[3]);
+			record->length = _gnutls_read_uint16(&headers[11]);
+			record->epoch = record->sequence >> 48;
+		} else {
+			memset(&record->sequence, 0,
+			       sizeof(record->sequence));
+			record->length = _gnutls_read_uint16(&headers[3]);
+			record->epoch = session->security_parameters.epoch_read;
+		}
+
+		_gnutls_record_log
+		    ("REC[%p]: SSL %d.%d %s packet received. Epoch %d, length: %d\n",
+		     session, (int) record->version[0],
+		     (int) record->version[1],
+		     _gnutls_packet2str(record->type), (int) record->epoch,
+		     record->length);
+
+	}
+
+	record->packet_size += record->length;
+}
+
+
+static int recv_headers(gnutls_session_t session,
+			record_parameters_st *record_params,
+			content_type_t type,
+			gnutls_handshake_description_t htype,
+			struct tls_record_st *record, unsigned int *ms)
+{
+	int ret;
+	gnutls_datum_t raw;	/* raw headers */
+	/* Read the headers.
+	 */
+	record->header_size = record->packet_size =
+	    RECORD_HEADER_SIZE(session);
+
+	ret =
+	    _gnutls_io_read_buffered(session, record->header_size, -1, ms);
+	if (ret != record->header_size) {
+		if (ret < 0 && gnutls_error_is_fatal(ret) == 0)
+			return ret;
+
+		if (ret > 0)
+			ret = GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+		else if (ret == 0)
+			ret = GNUTLS_E_PREMATURE_TERMINATION;
+
+		return gnutls_assert_val(ret);
+	}
+
+	ret = _mbuffer_linearize_align16(&session->internals.record_recv_buffer,
+		get_total_headers2(session, record_params));
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_mbuffer_head_get_first(&session->internals.record_recv_buffer,
+				&raw);
+	if (raw.size < RECORD_HEADER_SIZE(session))
+		return
+		    gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	record_read_headers(session, raw.data, type, htype, record);
+
+	/* Check if the DTLS epoch is valid */
+	if (IS_DTLS(session)) {
+		if (_gnutls_epoch_is_valid(session, record->epoch) == 0) {
+			_gnutls_audit_log(session,
+					  "Discarded message[%lu] with invalid epoch %u.\n",
+					  (unsigned long)record->sequence,
+					  (unsigned int) (record->sequence >> 48));
+			gnutls_assert();
+			/* doesn't matter, just a fatal error */
+			return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+		}
+	}
+
+	/* Here we check if the Type of the received packet is
+	 * ok.
+	 */
+	if ((ret = check_recv_type(session, record->type)) < 0)
+		return gnutls_assert_val(ret);
+
+	/* Here we check if the advertized version is the one we
+	 * negotiated in the handshake.
+	 */
+	if ((ret =
+	     record_check_version(session, htype, record->version)) < 0)
+		return gnutls_assert_val(ret);
+
+	if (record->length == 0 || record->length > max_record_recv_size(session)) {
+		_gnutls_audit_log
+		    (session, "Received packet with illegal length: %u (max: %u)\n",
+		     (unsigned int) record->length, (unsigned)max_record_recv_size(session));
+
+		if (record->length == 0) {
+			/* Empty, unencrypted records are always unexpected. */
+			if (record_params->cipher->id == GNUTLS_CIPHER_NULL)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_UNEXPECTED_PACKET);
+
+			return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+		}
+		return
+		    gnutls_assert_val(GNUTLS_E_RECORD_OVERFLOW);
+	}
+
+	_gnutls_record_log
+	    ("REC[%p]: Expected Packet %s(%d)\n", session,
+	     _gnutls_packet2str(type), type);
+	_gnutls_record_log
+	    ("REC[%p]: Received Packet %s(%d) with length: %d\n", session,
+	     _gnutls_packet2str(record->type), record->type,
+	     record->length);
+
+
+	return 0;
+}
+
+/* @ms: is the number of milliseconds to wait for data. Use zero for indefinite.
+ *
+ * This will receive record layer packets and add them to
+ * application_data_buffer and handshake_data_buffer.
+ *
+ * If the htype is not -1 then handshake timeouts
+ * will be enforced.
+ */
+ssize_t
+_gnutls_recv_in_buffers(gnutls_session_t session, content_type_t type,
+			gnutls_handshake_description_t htype,
+			unsigned int ms)
+{
+	uint64_t packet_sequence;
+	gnutls_datum_t ciphertext;
+	mbuffer_st *bufel = NULL, *decrypted = NULL;
+	gnutls_datum_t t;
+	int ret;
+	unsigned int n_retries = 0;
+	record_parameters_st *record_params;
+	record_state_st *record_state;
+	struct tls_record_st record;
+	const version_entry_st *vers = get_version(session);
+
+ begin:
+
+	if (n_retries > DEFAULT_MAX_EMPTY_RECORDS) {
+		gnutls_assert();
+		return GNUTLS_E_TOO_MANY_EMPTY_PACKETS;
+	}
+
+	if (session->internals.read_eof != 0) {
+		/* if we have already read an EOF
+		 */
+		return 0;
+	} else if (session_is_valid(session) != 0
+		   || session->internals.may_not_read != 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_SESSION);
+
+	/* get the record state parameters */
+	ret =
+	    _gnutls_epoch_get(session, EPOCH_READ_CURRENT, &record_params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* Safeguard against processing data with an incomplete cipher state. */
+	if (!record_params->initialized)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	record_state = &record_params->read;
+
+	/* receive headers */
+	ret = recv_headers(session, record_params, type, htype, &record, (!(session->internals.flags & GNUTLS_NONBLOCK))?&ms:0);
+	if (ret < 0) {
+		ret = gnutls_assert_val_fatal(ret);
+		goto recv_error;
+	}
+
+	if (IS_DTLS(session))
+		packet_sequence = record.sequence;
+	else
+		packet_sequence = record_state->sequence_number;
+
+	/* Read the packet data and insert it to record_recv_buffer.
+	 */
+	ret =
+	    _gnutls_io_read_buffered(session, record.packet_size,
+				     record.type, (!(session->internals.flags & GNUTLS_NONBLOCK))?&ms:0);
+	if (ret != record.packet_size) {
+		gnutls_assert();
+		goto recv_error;
+	}
+
+	/* ok now we are sure that we have read all the data - so
+	 * move on !
+	 */
+	ret = _mbuffer_linearize_align16(&session->internals.record_recv_buffer,
+		get_total_headers2(session, record_params));
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	bufel =
+	    _mbuffer_head_get_first(&session->internals.record_recv_buffer,
+				    NULL);
+	if (bufel == NULL)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (vers && vers->tls13_sem && record.type == GNUTLS_CHANGE_CIPHER_SPEC) {
+		/* if the CCS has value other than 0x01, or arrives
+		 * after Finished, abort the connection */
+		if (record.length != 1 ||
+		    *((uint8_t *) _mbuffer_get_udata_ptr(bufel) +
+		      record.header_size) != 0x01 ||
+		    !session->internals.handshake_in_progress)
+			return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+
+		_gnutls_read_log("discarding change cipher spec in TLS1.3\n");
+		/* we use the same mechanism to retry as when
+		 * receiving multiple empty TLS packets */
+		bufel =
+		    _mbuffer_head_pop_first(&session->internals.
+					    record_recv_buffer);
+		_mbuffer_xfree(&bufel);
+		n_retries++;
+		goto begin;
+	}
+
+	/* We allocate the maximum possible to allow few compressed bytes to expand to a
+	 * full record. Moreover we add space for any pad and the MAC (in case
+	 * they are encrypted).
+	 */
+	ret = max_decrypted_size(session) + MAX_PAD_SIZE + MAX_HASH_SIZE;
+	decrypted = _mbuffer_alloc_align16(ret, 0);
+	if (decrypted == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	_mbuffer_set_udata_size(decrypted, ret);
+	ciphertext.data =
+	    (uint8_t *) _mbuffer_get_udata_ptr(bufel) + record.header_size;
+	ciphertext.size = record.length;
+
+	/* decrypt the data we got.
+	 */
+	t.data = _mbuffer_get_udata_ptr(decrypted);
+	t.size = _mbuffer_get_udata_size(decrypted);
+	ret =
+	    _gnutls_decrypt(session, &ciphertext, &t,
+			    &record.type, record_params, packet_sequence);
+	if (ret >= 0)
+		_mbuffer_set_udata_size(decrypted, ret);
+
+	_mbuffer_head_remove_bytes(&session->internals.record_recv_buffer,
+				   record.header_size + record.length);
+
+	if (session->security_parameters.entity == GNUTLS_SERVER &&
+	    session->internals.hsk_flags & HSK_EARLY_DATA_IN_FLIGHT) {
+		if (session->internals.hsk_flags & HSK_EARLY_DATA_ACCEPTED) {
+			if (ret < 0 ||
+			    /* early data must always be encrypted, treat it
+			     * as decryption failure if otherwise */
+			    record_params->cipher->id == GNUTLS_CIPHER_NULL) {
+				_gnutls_record_log
+					("REC[%p]: failed to decrypt early data, in epoch %d\n",
+					 session,
+						record_params->epoch);
+				ret = GNUTLS_E_DECRYPTION_FAILED;
+				goto sanity_check_error;
+			} else if (record.type == GNUTLS_APPLICATION_DATA) {
+				size_t decrypted_length =
+					_mbuffer_get_udata_size(decrypted);
+				_gnutls_record_log
+					("REC[%p]: decrypted early data with length: %d, in epoch %d\n",
+					 session,
+					 (int) decrypted_length,
+					 record_params->epoch);
+				if (decrypted_length >
+				    session->security_parameters.max_early_data_size -
+				    session->internals.early_data_received) {
+					_gnutls_record_log
+						("REC[%p]: max_early_data_size exceeded\n",
+						 session);
+					ret = GNUTLS_E_UNEXPECTED_PACKET;
+					goto sanity_check_error;
+				}
+
+				_mbuffer_enqueue(&session->internals.early_data_recv_buffer, decrypted);
+				session->internals.early_data_received +=
+					decrypted_length;
+
+				/* Increase sequence number. We do both for TLS and DTLS, since in
+				 * DTLS we also rely on that number (roughly) since it may get reported
+				 * to application via gnutls_record_get_state().
+				 */
+				if (sequence_increment(session, &record_state->sequence_number) != 0) {
+					session_invalidate(session);
+					gnutls_assert();
+					ret = GNUTLS_E_RECORD_LIMIT_REACHED;
+					goto sanity_check_error;
+				}
+
+				/* decrypted is now accounted */
+				return GNUTLS_E_AGAIN;
+			}
+		} else {
+			/* We do not accept early data: skip decryption
+			 * failure up to max_early_data_size. Otherwise,
+			 * if the record is properly decrypted, treat it as
+			 * the start of client's second flight.
+			 */
+			if (record.type == GNUTLS_APPLICATION_DATA &&
+			    (ret < 0 ||
+			     /* early data must always be encrypted, treat it
+			      * as decryption failure if otherwise */
+			     record_params->cipher->id == GNUTLS_CIPHER_NULL)) {
+				if (record.length >
+				    session->security_parameters.max_early_data_size -
+				    session->internals.early_data_received) {
+					_gnutls_record_log
+						("REC[%p]: max_early_data_size exceeded\n",
+						 session);
+					ret = GNUTLS_E_UNEXPECTED_PACKET;
+					goto sanity_check_error;
+				}
+
+				_gnutls_record_log("REC[%p]: Discarded early data[%lu] due to invalid decryption, length: %u\n",
+						   session,
+						   (unsigned long)packet_sequence,
+						   (unsigned int)
+						   record.length);
+				session->internals.early_data_received += record.length;
+				/* silently discard received data */
+				_mbuffer_xfree(&decrypted);
+				return gnutls_assert_val(GNUTLS_E_AGAIN);
+			} else {
+				session->internals.hsk_flags &= ~HSK_EARLY_DATA_IN_FLIGHT;
+			}
+		}
+	}
+
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_audit_log(session,
+				  "Discarded message[%lu] due to invalid decryption\n",
+				  (unsigned long)packet_sequence);
+		goto sanity_check_error;
+	}
+
+	if (IS_DTLS(session)) {
+		/* check for duplicates. We check after the message
+		 * is processed and authenticated to avoid someone
+		 * messing with our windows. */
+		if (likely(!(session->internals.flags & GNUTLS_NO_REPLAY_PROTECTION))) {
+			ret = _dtls_record_check(record_params, packet_sequence);
+			if (ret < 0) {
+				_gnutls_record_log
+				    ("REC[%p]: Discarded duplicate message[%u.%lu]: %s\n",
+				     session,
+				     (unsigned int) (record.sequence >> 48),
+				     (unsigned long) (packet_sequence),
+				     _gnutls_packet2str(record.type));
+				goto sanity_check_error;
+			}
+		}
+
+		_gnutls_record_log
+		    ("REC[%p]: Decrypted Packet[%u.%lu] %s(%d) with length: %d\n",
+		     session,
+		     (unsigned int) (record.sequence >> 48),
+		     (unsigned long) packet_sequence,
+		     _gnutls_packet2str(record.type), record.type,
+		     (int) _mbuffer_get_udata_size(decrypted));
+
+		/* store the last valid sequence number. We don't use that internally but
+		 * callers of gnutls_record_get_state() could take advantage of it. */
+		record_state->sequence_number = record.sequence;
+	} else {
+		_gnutls_record_log
+		    ("REC[%p]: Decrypted Packet[%lu] %s(%d) with length: %d\n",
+		     session,
+		     (unsigned long) packet_sequence,
+		     _gnutls_packet2str(record.type), record.type,
+		     (int) _mbuffer_get_udata_size(decrypted));
+
+	}
+
+	/* Increase sequence number. We do both for TLS and DTLS, since in
+	 * DTLS we also rely on that number (roughly) since it may get reported
+	 * to application via gnutls_record_get_state().
+	 */
+	if (sequence_increment(session, &record_state->sequence_number) != 0) {
+		session_invalidate(session);
+		gnutls_assert();
+		ret = GNUTLS_E_RECORD_LIMIT_REACHED;
+		goto sanity_check_error;
+	}
+
+/* (originally for) TLS 1.0 CBC protection.
+ * Actually this code is called if we just received
+ * an empty packet. An empty TLS packet is usually
+ * sent to protect some vulnerabilities in the CBC mode.
+ * In that case we go to the beginning and start reading
+ * the next packet.
+ */
+	if (_mbuffer_get_udata_size(decrypted) == 0 &&
+	    /* Under TLS 1.3, there are only AEAD ciphers and this
+	     * logic is meaningless. Moreover, the implementation need
+	     * to send correct alert upon receiving empty messages in
+	     * certain occasions. Skip this and leave
+	     * record_add_to_buffers() to handle the empty
+	     * messages. */
+	    !(vers && vers->tls13_sem)) {
+		_mbuffer_xfree(&decrypted);
+		n_retries++;
+		goto begin;
+	}
+
+	if (_mbuffer_get_udata_size(decrypted) > max_decrypted_size(session)) {
+		_gnutls_audit_log
+		    (session, "Received packet with illegal length: %u\n",
+		     (unsigned int) ret);
+
+		ret = gnutls_assert_val(GNUTLS_E_RECORD_OVERFLOW);
+		goto sanity_check_error;
+	}
+
+#ifdef ENABLE_SSL2
+	if (record.v2) {
+		decrypted->htype = GNUTLS_HANDSHAKE_CLIENT_HELLO_V2;
+	} else
+#endif
+	{
+		uint8_t *p = _mbuffer_get_udata_ptr(decrypted);
+		decrypted->htype = p[0];
+	}
+
+	ret =
+	    record_add_to_buffers(session, &record, type, htype,
+				  packet_sequence, decrypted);
+
+	/* decrypted is now either deinitialized or buffered somewhere else */
+
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return ret;
+
+ discard:
+	session->internals.dtls.packets_dropped++;
+
+	/* discard the whole received fragment. */
+	bufel =
+	    _mbuffer_head_pop_first(&session->internals.
+				    record_recv_buffer);
+	_mbuffer_xfree(&bufel);
+	return gnutls_assert_val(GNUTLS_E_AGAIN);
+
+ sanity_check_error:
+	if (IS_DTLS(session)) {
+		session->internals.dtls.packets_dropped++;
+		ret = gnutls_assert_val(GNUTLS_E_AGAIN);
+		goto cleanup;
+	}
+
+	session_unresumable(session);
+	session_invalidate(session);
+
+ cleanup:
+	_mbuffer_xfree(&decrypted);
+	return ret;
+
+ recv_error:
+	if (ret < 0
+	    && (gnutls_error_is_fatal(ret) == 0
+		|| ret == GNUTLS_E_TIMEDOUT))
+		return ret;
+
+	if (type == GNUTLS_ALERT) {	/* we were expecting close notify */
+		session_invalidate(session);
+		gnutls_assert();
+		return 0;
+	}
+
+	if (IS_DTLS(session) && (ret == GNUTLS_E_DECRYPTION_FAILED ||
+		ret == GNUTLS_E_UNSUPPORTED_VERSION_PACKET ||
+		ret == GNUTLS_E_UNEXPECTED_PACKET_LENGTH ||
+		ret == GNUTLS_E_RECORD_OVERFLOW ||
+		ret == GNUTLS_E_UNEXPECTED_PACKET ||
+		ret == GNUTLS_E_ERROR_IN_FINISHED_PACKET ||
+		ret == GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET)) {
+		goto discard;
+	}
+
+	session_invalidate(session);
+	session_unresumable(session);
+
+	if (ret == 0)
+		return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+	else
+		return ret;
+}
+
+/* Returns a value greater than zero (>= 0) if buffers should be checked
+ * for data. */
+static ssize_t
+check_session_status(gnutls_session_t session, unsigned ms)
+{
+	int ret;
+
+	if (session->internals.read_eof != 0) {
+		/* if we have already read an EOF
+		 */
+		return 0;
+	} else if (session_is_valid(session) != 0
+		   || session->internals.may_not_read != 0) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_SESSION;
+	}
+
+	switch (session->internals.recv_state) {
+	case RECV_STATE_REAUTH:
+		session->internals.recv_state = RECV_STATE_0;
+
+		ret = gnutls_reauth(session, 0);
+		if (ret < 0) {
+			/* a temp or fatal error, make sure we reset the state
+			 * so we can resume on temp errors */
+			session->internals.recv_state = RECV_STATE_REAUTH;
+			return gnutls_assert_val(ret);
+		}
+
+		return 1;
+	case RECV_STATE_REHANDSHAKE:
+		session->internals.recv_state = RECV_STATE_0;
+
+		ret = gnutls_handshake(session);
+		if (ret < 0) {
+			/* a temp or fatal error, make sure we reset the state
+			 * so we can resume on temp errors */
+			session->internals.recv_state = RECV_STATE_REHANDSHAKE;
+			return gnutls_assert_val(ret);
+		}
+
+		return 1;
+	case RECV_STATE_ASYNC_HANDSHAKE:
+		ret = _gnutls_recv_in_buffers(session, GNUTLS_HANDSHAKE, -1, ms);
+		if (ret < 0 && ret != GNUTLS_E_SESSION_EOF)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls13_recv_async_handshake(session);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		return GNUTLS_E_AGAIN;
+	case RECV_STATE_EARLY_START_HANDLING:
+	case RECV_STATE_FALSE_START_HANDLING:
+		return 1;
+	case RECV_STATE_FALSE_START:
+		/* if false start is not complete we always expect for handshake packets
+		 * prior to anything else. */
+		if (session->security_parameters.entity != GNUTLS_CLIENT ||
+		    !(session->internals.flags & GNUTLS_ENABLE_FALSE_START))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		/* Attempt to complete handshake - we only need to receive */
+		session->internals.recv_state = RECV_STATE_FALSE_START_HANDLING;
+		ret = gnutls_handshake(session);
+		if (ret < 0) {
+			/* a temp or fatal error, make sure we reset the state
+			 * so we can resume on temp errors */
+			session->internals.recv_state = RECV_STATE_FALSE_START;
+			return gnutls_assert_val(ret);
+		}
+
+		session->internals.recv_state = RECV_STATE_0;
+		return 1;
+	case RECV_STATE_EARLY_START:
+		/* if early start is not complete we always expect for handshake packets
+		 * prior to anything else. */
+		if (session->security_parameters.entity != GNUTLS_SERVER ||
+		    !(session->internals.flags & GNUTLS_ENABLE_EARLY_START))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		/* Attempt to complete handshake - we only need to receive */
+		session->internals.recv_state = RECV_STATE_EARLY_START_HANDLING;
+		ret = gnutls_handshake(session);
+		if (ret < 0) {
+			/* a temp or fatal error, make sure we reset the state
+			 * so we can resume on temp errors */
+			session->internals.recv_state = RECV_STATE_EARLY_START;
+			return gnutls_assert_val(ret);
+		}
+
+		session->internals.recv_state = RECV_STATE_0;
+		return 1;
+	case RECV_STATE_DTLS_RETRANSMIT:
+		ret = _dtls_retransmit(session);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		session->internals.recv_state = RECV_STATE_0;
+
+		FALLTHROUGH;
+	case RECV_STATE_0:
+
+		_dtls_async_timer_check(session);
+		return 1;
+	default:
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+}
+
+/* This function behaves exactly like read(). The only difference is
+ * that it accepts the gnutls_session_t and the content_type_t of data to
+ * receive (if called by the user the Content is Userdata only)
+ * It is intended to receive data, under the current session.
+ */
+ssize_t
+_gnutls_recv_int(gnutls_session_t session, content_type_t type,
+		 uint8_t * data, size_t data_size, void *seq,
+		 unsigned int ms)
+{
+	int ret;
+
+	if ((type != GNUTLS_ALERT && type != GNUTLS_HEARTBEAT)
+	    && (data_size == 0 || data == NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = check_session_status(session, ms);
+	if (ret <= 0)
+		return ret;
+
+	/* If we have enough data in the cache do not bother receiving
+	 * a new packet. (in order to flush the cache)
+	 */
+	ret = get_data_from_buffers(session, type, data, data_size, seq);
+	if (ret != 0)
+		return ret;
+
+	ret = _gnutls_recv_in_buffers(session, type, -1, ms);
+	if (ret < 0 && ret != GNUTLS_E_SESSION_EOF)
+		return gnutls_assert_val(ret);
+
+	return get_data_from_buffers(session, type, data, data_size, seq);
+}
+
+/**
+ * gnutls_packet_get:
+ * @packet: is a #gnutls_packet_t type.
+ * @data: will contain the data present in the @packet structure (may be %NULL)
+ * @sequence: the 8-bytes of the packet sequence number (may be %NULL)
+ *
+ * This function returns the data and sequence number associated with
+ * the received packet.
+ *
+ * Since: 3.3.5
+ **/
+
+void gnutls_packet_get(gnutls_packet_t packet, gnutls_datum_t *data, unsigned char *sequence)
+{
+	if (unlikely(packet == NULL)) {
+		gnutls_assert();
+		if (data) {
+			data->data = NULL;
+			data->size = 0;
+			return;
+		}
+	}
+
+	assert(packet != NULL);
+
+	if (sequence) {
+		_gnutls_write_uint64(packet->record_sequence, sequence);
+	}
+
+	if (data) {
+		data->size = packet->msg.size - packet->mark;
+		data->data = packet->msg.data + packet->mark;
+	}
+}
+
+/**
+ * gnutls_packet_deinit:
+ * @packet: is a pointer to a #gnutls_packet_st structure.
+ *
+ * This function will deinitialize all data associated with
+ * the received packet.
+ *
+ * Since: 3.3.5
+ **/
+void gnutls_packet_deinit(gnutls_packet_t packet)
+{
+	gnutls_free(packet);
+}
+
+/**
+ * gnutls_record_discard_queued:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function discards all queued to be sent packets in a DTLS session.
+ * These are the packets queued after an interrupted gnutls_record_send().
+ *
+ * This function can only be used with transports where send() is
+ * an all-or-nothing operation (e.g., UDP). When partial writes are allowed
+ * this function will cause session errors.
+ *
+ * Returns: The number of bytes discarded.
+ *
+ * Since: 3.4.0
+ **/
+size_t
+gnutls_record_discard_queued(gnutls_session_t session)
+{
+	size_t ret = session->internals.record_send_buffer.byte_length;
+	_mbuffer_head_clear(&session->internals.record_send_buffer);
+	return ret;
+}
+
+/**
+ * gnutls_record_recv_packet:
+ * @session: is a #gnutls_session_t type.
+ * @packet: the structure that will hold the packet data
+ *
+ * This is a lower-level function than gnutls_record_recv() and allows
+ * to directly receive the whole decrypted packet. That avoids a
+ * memory copy, and is intended to be used by applications seeking high
+ * performance.
+ *
+ * The received packet is accessed using gnutls_packet_get() and
+ * must be deinitialized using gnutls_packet_deinit(). The returned
+ * packet will be %NULL if the return value is zero (EOF).
+ *
+ * Returns: The number of bytes received and zero on EOF (for stream
+ * connections).  A negative error code is returned in case of an error.
+ *
+ * Since: 3.3.5
+ **/
+ssize_t
+gnutls_record_recv_packet(gnutls_session_t session,
+			  gnutls_packet_t *packet)
+{
+	int ret;
+
+	if (packet == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = check_session_status(session, session->internals.record_timeout_ms);
+	if (ret <= 0)
+		return ret;
+
+	ret = get_packet_from_buffers(session, GNUTLS_APPLICATION_DATA, packet);
+	if (ret != 0)
+		return ret;
+
+	ret = _gnutls_recv_in_buffers(session, GNUTLS_APPLICATION_DATA, -1,
+				      session->internals.record_timeout_ms);
+	if (ret < 0 && ret != GNUTLS_E_SESSION_EOF)
+		return gnutls_assert_val(ret);
+
+	return get_packet_from_buffers(session, GNUTLS_APPLICATION_DATA, packet);
+}
+
+static
+ssize_t append_data_to_corked(gnutls_session_t session, const void *data, size_t data_size)
+{
+	int ret;
+
+	if (IS_DTLS(session)) {
+		if (data_size + session->internals.record_presend_buffer.length >
+			gnutls_dtls_get_data_mtu(session)) {
+			return gnutls_assert_val(GNUTLS_E_LARGE_PACKET);
+		}
+	}
+
+	ret =
+	    _gnutls_buffer_append_data(&session->internals.
+				       record_presend_buffer, data,
+				       data_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return data_size;
+}
+
+/**
+ * gnutls_record_send:
+ * @session: is a #gnutls_session_t type.
+ * @data: contains the data to send
+ * @data_size: is the length of the data
+ *
+ * This function has the similar semantics with send().  The only
+ * difference is that it accepts a GnuTLS session, and uses different
+ * error codes.
+ * Note that if the send buffer is full, send() will block this
+ * function.  See the send() documentation for more information.
+ *
+ * You can replace the default push function which is send(), by using
+ * gnutls_transport_set_push_function().
+ *
+ * If the EINTR is returned by the internal push function
+ * then %GNUTLS_E_INTERRUPTED will be returned. If
+ * %GNUTLS_E_INTERRUPTED or %GNUTLS_E_AGAIN is returned, you must
+ * call this function again with the exact same parameters, or provide a
+ * %NULL pointer for @data and 0 for @data_size, in order to write the
+ * same data as before. If you wish to discard the previous data instead
+ * of retrying, you must call gnutls_record_discard_queued() before
+ * calling this function with different parameters. Note that the latter
+ * works only on special transports (e.g., UDP).
+ * cf. gnutls_record_get_direction().
+ *
+ * Note that in DTLS this function will return the %GNUTLS_E_LARGE_PACKET
+ * error code if the send data exceed the data MTU value - as returned
+ * by gnutls_dtls_get_data_mtu(). The errno value EMSGSIZE
+ * also maps to %GNUTLS_E_LARGE_PACKET.
+ * Note that since 3.2.13 this function can be called under cork in DTLS
+ * mode, and will refuse to send data over the MTU size by returning
+ * %GNUTLS_E_LARGE_PACKET.
+ *
+ * Returns: The number of bytes sent, or a negative error code.  The
+ *   number of bytes sent might be less than @data_size.  The maximum
+ *   number of bytes this function can send in a single call depends
+ *   on the negotiated maximum record size.
+ **/
+ssize_t
+gnutls_record_send(gnutls_session_t session, const void *data,
+		   size_t data_size)
+{
+	return gnutls_record_send2(session, data, data_size, 0, 0);
+}
+
+/**
+ * gnutls_record_send2:
+ * @session: is a #gnutls_session_t type.
+ * @data: contains the data to send
+ * @data_size: is the length of the data
+ * @pad: padding to be added to the record
+ * @flags: must be zero
+ *
+ * This function is identical to gnutls_record_send() except that it
+ * takes an extra argument to specify padding to be added the record.
+ * To determine the maximum size of padding, use
+ * gnutls_record_get_max_size() and gnutls_record_overhead_size().
+ *
+ * Note that in order for GnuTLS to provide constant time processing
+ * of padding and data in TLS1.3, the flag %GNUTLS_SAFE_PADDING_CHECK
+ * must be used in gnutls_init().
+ *
+ * Returns: The number of bytes sent, or a negative error code.  The
+ *   number of bytes sent might be less than @data_size.  The maximum
+ *   number of bytes this function can send in a single call depends
+ *   on the negotiated maximum record size.
+ *
+ * Since: 3.6.3
+ **/
+ssize_t
+gnutls_record_send2(gnutls_session_t session, const void *data,
+		    size_t data_size, size_t pad, unsigned flags)
+{
+	const version_entry_st *vers = get_version(session);
+	size_t max_pad = 0;
+	int ret;
+
+	if (unlikely(!session->internals.initial_negotiation_completed)) {
+		/* this is to protect buggy applications from sending unencrypted
+		 * data. We allow sending however, if we are in false or early start
+		 * handshake state. */
+		gnutls_mutex_lock(&session->internals.post_negotiation_lock);
+
+		/* we intentionally re-check the initial_negotation_completed variable
+		 * to avoid locking during normal operation of gnutls_record_send2() */
+		if (!session->internals.initial_negotiation_completed &&
+		    session->internals.recv_state != RECV_STATE_FALSE_START &&
+		    session->internals.recv_state != RECV_STATE_FALSE_START_HANDLING &&
+		    session->internals.recv_state != RECV_STATE_EARLY_START &&
+		    session->internals.recv_state != RECV_STATE_EARLY_START_HANDLING &&
+		    !(session->internals.hsk_flags & HSK_EARLY_DATA_IN_FLIGHT)) {
+
+			gnutls_mutex_unlock(&session->internals.post_negotiation_lock);
+			return gnutls_assert_val(GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE);
+		}
+		gnutls_mutex_unlock(&session->internals.post_negotiation_lock);
+	}
+
+	if (unlikely(!vers))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (vers->tls13_sem)
+		max_pad = gnutls_record_get_max_size(session) - gnutls_record_overhead_size(session);
+
+	if (pad > max_pad)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	switch(session->internals.rsend_state) {
+		case RECORD_SEND_NORMAL:
+			if (IS_KTLS_ENABLED(session, GNUTLS_KTLS_SEND)) {
+				return _gnutls_ktls_send(session, data, data_size);
+			} else {
+				return _gnutls_send_tlen_int(session, GNUTLS_APPLICATION_DATA,
+								 -1, EPOCH_WRITE_CURRENT, data,
+								 data_size, pad, MBUFFER_FLUSH);
+			}
+		case RECORD_SEND_CORKED:
+		case RECORD_SEND_CORKED_TO_KU:
+			return append_data_to_corked(session, data, data_size);
+		case RECORD_SEND_KEY_UPDATE_1:
+			_gnutls_buffer_reset(&session->internals.record_key_update_buffer);
+
+			ret = _gnutls_buffer_append_data(&session->internals.record_key_update_buffer,
+							 data, data_size);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			session->internals.rsend_state = RECORD_SEND_KEY_UPDATE_2;
+			FALLTHROUGH;
+		case RECORD_SEND_KEY_UPDATE_2:
+			ret = gnutls_session_key_update(session, 0);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			session->internals.rsend_state = RECORD_SEND_KEY_UPDATE_3;
+			FALLTHROUGH;
+		case RECORD_SEND_KEY_UPDATE_3:
+			ret = _gnutls_send_int(session, GNUTLS_APPLICATION_DATA,
+						-1, EPOCH_WRITE_CURRENT,
+						session->internals.record_key_update_buffer.data,
+						session->internals.record_key_update_buffer.length,
+						MBUFFER_FLUSH);
+			_gnutls_buffer_clear(&session->internals.record_key_update_buffer);
+			session->internals.rsend_state = RECORD_SEND_NORMAL;
+			if (ret < 0)
+				gnutls_assert();
+
+			return ret;
+		default:
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+}
+
+/**
+ * gnutls_record_send_early_data:
+ * @session: is a #gnutls_session_t type.
+ * @data: contains the data to send
+ * @data_size: is the length of the data
+ *
+ * This function can be used by a client to send data early in the
+ * handshake processes when resuming a session.  This is used to
+ * implement a zero-roundtrip (0-RTT) mode.  It has the same semantics
+ * as gnutls_record_send().
+ *
+ * There may be a limit to the amount of data sent as early data.  Use
+ * gnutls_record_get_max_early_data_size() to check the limit.  If the
+ * limit exceeds, this function returns
+ * %GNUTLS_E_RECORD_LIMIT_REACHED.
+ *
+ * Returns: The number of bytes sent, or a negative error code.  The
+ *   number of bytes sent might be less than @data_size.  The maximum
+ *   number of bytes this function can send in a single call depends
+ *   on the negotiated maximum record size.
+ *
+ * Since: 3.6.5
+ **/
+ssize_t gnutls_record_send_early_data(gnutls_session_t session,
+				      const void *data,
+				      size_t data_size)
+{
+	int ret;
+
+	if (session->security_parameters.entity != GNUTLS_CLIENT)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (data_size == 0) {
+		return 0;
+	}
+
+	if (xsum(session->internals.
+		 early_data_presend_buffer.length,
+		 data_size) >
+	    session->security_parameters.max_early_data_size)
+		return gnutls_assert_val(GNUTLS_E_RECORD_LIMIT_REACHED);
+
+	ret =
+	    _gnutls_buffer_append_data(&session->internals.
+				       early_data_presend_buffer, data,
+				       data_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	session->internals.flags |= GNUTLS_ENABLE_EARLY_DATA;
+
+	return ret;
+}
+
+/**
+ * gnutls_record_send_file:
+ * @session: is a #gnutls_session_t type.
+ * @fd: file descriptor from which to read data.
+ * @offset: Is relative to file offset, denotes the starting location for
+ *          reading.  after function returns, it point to position following
+ *          last read byte.
+ * @count: is the length of the data in bytes to be read from file and send.
+ *
+ * This function sends data from @fd. If KTLS (kernel TLS) is enabled, it will
+ * use the sendfile() system call to avoid overhead of copying data between user
+ * space and the kernel. Otherwise, this functionality is merely emulated by
+ * calling read() and gnutls_record_send(). If this implementation is
+ * suboptimal, check whether KTLS is enabled using
+ * gnutls_transport_is_ktls_enabled().
+ *
+ * If @offset is NULL then file offset is incremented by number of bytes send,
+ * otherwise file offset remains unchanged.
+ *
+ * Returns: The number of bytes sent, or a negative error code.
+ **/
+ssize_t gnutls_record_send_file(gnutls_session_t session, int fd,
+				off_t *offset, size_t count)
+{
+	ssize_t ret;
+	size_t buf_len;
+	size_t sent = 0;
+	uint8_t *buf;
+	off_t saved_offset = 0;
+
+	if (IS_KTLS_ENABLED(session, GNUTLS_KTLS_SEND)) {
+		return _gnutls_ktls_send_file(session, fd, offset, count);
+	}
+
+	if (offset != NULL) {
+		saved_offset = lseek(fd, 0, SEEK_CUR);
+		if (saved_offset == (off_t)-1) {
+			return GNUTLS_E_FILE_ERROR;
+		}
+		if (lseek(fd, *offset, SEEK_CUR) == -1) {
+			return GNUTLS_E_FILE_ERROR;
+		}
+	}
+
+	buf_len = MIN(count, MAX(max_record_send_size(session, NULL), 512));
+
+	buf = gnutls_malloc(buf_len);
+	if (buf == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto end;
+	}
+
+	while (sent < count) {
+		ret = read(fd, buf, MIN(buf_len, count - sent));
+		if (ret == 0) {
+			break;
+		} else if (ret == -1){
+			if (errno == EAGAIN) {
+				ret = GNUTLS_E_AGAIN;
+				goto end;
+			}
+			ret = GNUTLS_E_FILE_ERROR;
+			goto end;
+		}
+
+		ret = gnutls_record_send(session, buf, ret);
+		if (ret < 0) {
+			goto end;
+		}
+		if (INT_ADD_OVERFLOW(sent, ret)) {
+			gnutls_assert();
+			ret = GNUTLS_E_RECORD_OVERFLOW;
+			goto end;
+		}
+		sent += ret;
+	}
+
+	ret = sent;
+
+  end:
+	if (offset != NULL){
+		if (likely(!INT_ADD_OVERFLOW(*offset, sent))) {
+			*offset += sent;
+		} else {
+			gnutls_assert();
+			ret = GNUTLS_E_RECORD_OVERFLOW;
+		}
+		lseek(fd, saved_offset, SEEK_SET);
+	}
+	gnutls_free(buf);
+	return ret;
+}
+
+/**
+ * gnutls_record_recv_early_data:
+ * @session: is a #gnutls_session_t type.
+ * @data: the buffer that the data will be read into
+ * @data_size: the number of requested bytes
+ *
+ * This function can be used by a server to retrieve data sent early
+ * in the handshake processes when resuming a session.  This is used
+ * to implement a zero-roundtrip (0-RTT) mode.  It has the same
+ * semantics as gnutls_record_recv().
+ *
+ * This function can be called either in a handshake hook, or after
+ * the handshake is complete.
+ *
+ * Returns: The number of bytes received and zero when early data
+ * reading is complete.  A negative error code is returned in case of
+ * an error.  If no early data is received during the handshake, this
+ * function returns %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.  The
+ * number of bytes received might be less than the requested
+ * @data_size.
+ *
+ * Since: 3.6.5
+ **/
+ssize_t
+gnutls_record_recv_early_data(gnutls_session_t session, void *data, size_t data_size)
+{
+	mbuffer_st *bufel;
+	gnutls_datum_t msg;
+	size_t length;
+
+	if (session->security_parameters.entity != GNUTLS_SERVER)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	bufel = _mbuffer_head_get_first(&session->internals.early_data_recv_buffer,
+					&msg);
+	if (bufel == NULL)
+		return
+		    gnutls_assert_val
+		    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	length = MIN(msg.size, data_size);
+	memcpy(data, msg.data, length);
+	_mbuffer_head_remove_bytes(&session->internals.early_data_recv_buffer,
+				   length);
+
+	return length;
+}
+
+/**
+ * gnutls_record_cork:
+ * @session: is a #gnutls_session_t type.
+ *
+ * If called, gnutls_record_send() will no longer send any records.
+ * Any sent records will be cached until gnutls_record_uncork() is called.
+ *
+ * This function is safe to use with DTLS after GnuTLS 3.3.0.
+ *
+ * Since: 3.1.9
+ **/
+void gnutls_record_cork(gnutls_session_t session)
+{
+	session->internals.rsend_state = RECORD_SEND_CORKED;
+}
+
+/**
+ * gnutls_record_uncork:
+ * @session: is a #gnutls_session_t type.
+ * @flags: Could be zero or %GNUTLS_RECORD_WAIT
+ *
+ * This resets the effect of gnutls_record_cork(), and flushes any pending
+ * data. If the %GNUTLS_RECORD_WAIT flag is specified then this
+ * function will block until the data is sent or a fatal error
+ * occurs (i.e., the function will retry on %GNUTLS_E_AGAIN and
+ * %GNUTLS_E_INTERRUPTED).
+ *
+ * If the flag %GNUTLS_RECORD_WAIT is not specified and the function
+ * is interrupted then the %GNUTLS_E_AGAIN or %GNUTLS_E_INTERRUPTED
+ * errors will be returned. To obtain the data left in the corked
+ * buffer use gnutls_record_check_corked().
+ *
+ * Returns: On success the number of transmitted data is returned, or
+ * otherwise a negative error code.
+ *
+ * Since: 3.1.9
+ **/
+int gnutls_record_uncork(gnutls_session_t session, unsigned int flags)
+{
+	int ret;
+	ssize_t total = 0;
+	record_send_state_t orig_state = session->internals.rsend_state;
+
+	if (orig_state == RECORD_SEND_CORKED)
+		session->internals.rsend_state = RECORD_SEND_NORMAL;
+	else if (orig_state == RECORD_SEND_CORKED_TO_KU)
+		session->internals.rsend_state = RECORD_SEND_KEY_UPDATE_1;
+	else
+		return 0;	/* nothing to be done */
+
+	while (session->internals.record_presend_buffer.length > 0) {
+		if (flags == GNUTLS_RECORD_WAIT) {
+			do {
+				ret =
+				    gnutls_record_send(session,
+						       session->internals.
+						       record_presend_buffer.
+						       data,
+						       session->internals.
+						       record_presend_buffer.
+						       length);
+			}
+			while (ret < 0 && (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED));
+		} else {
+			ret =
+			    gnutls_record_send(session,
+					       session->internals.
+					       record_presend_buffer.data,
+					       session->internals.
+					       record_presend_buffer.
+					       length);
+		}
+		if (ret < 0)
+			goto fail;
+
+		session->internals.record_presend_buffer.data += ret;
+		session->internals.record_presend_buffer.length -= ret;
+		total += ret;
+	}
+
+	return total;
+
+      fail:
+	session->internals.rsend_state = orig_state;
+	return ret;
+}
+
+/**
+ * gnutls_record_recv:
+ * @session: is a #gnutls_session_t type.
+ * @data: the buffer that the data will be read into
+ * @data_size: the number of requested bytes
+ *
+ * This function has the similar semantics with recv().  The only
+ * difference is that it accepts a GnuTLS session, and uses different
+ * error codes.
+ * In the special case that the peer requests a renegotiation, the
+ * caller will receive an error code of %GNUTLS_E_REHANDSHAKE.  In case
+ * of a client, this message may be simply ignored, replied with an alert
+ * %GNUTLS_A_NO_RENEGOTIATION, or replied with a new handshake,
+ * depending on the client's will. A server receiving this error code
+ * can only initiate a new handshake or terminate the session.
+ *
+ * If %EINTR is returned by the internal pull function (the default
+ * is recv()) then %GNUTLS_E_INTERRUPTED will be returned.  If
+ * %GNUTLS_E_INTERRUPTED or %GNUTLS_E_AGAIN is returned, you must
+ * call this function again to get the data.  See also
+ * gnutls_record_get_direction().
+ *
+ * Returns: The number of bytes received and zero on EOF (for stream
+ * connections).  A negative error code is returned in case of an error.
+ * The number of bytes received might be less than the requested @data_size.
+ **/
+ssize_t
+gnutls_record_recv(gnutls_session_t session, void *data, size_t data_size)
+{
+	if (unlikely(!session->internals.initial_negotiation_completed)) {
+		/* this is to protect buggy applications from sending unencrypted
+		 * data. We allow sending however, if we are in false start handshake
+		 * state. */
+		if (session->internals.recv_state != RECV_STATE_FALSE_START &&
+		    session->internals.recv_state != RECV_STATE_EARLY_START)
+			return gnutls_assert_val(GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE);
+	}
+
+	if (IS_KTLS_ENABLED(session, GNUTLS_KTLS_RECV)) {
+		return _gnutls_ktls_recv(session, data, data_size);
+	} else {
+		return _gnutls_recv_int(session, GNUTLS_APPLICATION_DATA,
+					data, data_size, NULL,
+					session->internals.record_timeout_ms);
+	}
+}
+
+/**
+ * gnutls_record_recv_seq:
+ * @session: is a #gnutls_session_t type.
+ * @data: the buffer that the data will be read into
+ * @data_size: the number of requested bytes
+ * @seq: is the packet's 64-bit sequence number. Should have space for 8 bytes.
+ *
+ * This function is the same as gnutls_record_recv(), except that
+ * it returns in addition to data, the sequence number of the data.
+ * This is useful in DTLS where record packets might be received
+ * out-of-order. The returned 8-byte sequence number is an
+ * integer in big-endian format and should be
+ * treated as a unique message identification.
+ *
+ * Returns: The number of bytes received and zero on EOF.  A negative
+ *   error code is returned in case of an error.  The number of bytes
+ *   received might be less than @data_size.
+ *
+ * Since: 3.0
+ **/
+ssize_t
+gnutls_record_recv_seq(gnutls_session_t session, void *data,
+		       size_t data_size, unsigned char *seq)
+{
+	return _gnutls_recv_int(session, GNUTLS_APPLICATION_DATA,
+				data, data_size, seq,
+				session->internals.record_timeout_ms);
+}
+
+/**
+ * gnutls_record_set_timeout:
+ * @session: is a #gnutls_session_t type.
+ * @ms: is a timeout value in milliseconds
+ *
+ * This function sets the receive timeout for the record layer
+ * to the provided value. Use an @ms value of zero to disable
+ * timeout (the default), or %GNUTLS_INDEFINITE_TIMEOUT, to
+ * set an indefinite timeout.
+ *
+ * This function requires to set a pull timeout callback. See
+ * gnutls_transport_set_pull_timeout_function().
+ *
+ * Since: 3.1.7
+ **/
+void gnutls_record_set_timeout(gnutls_session_t session, unsigned int ms)
+{
+	session->internals.record_timeout_ms = ms;
+}
+
+/**
+ * gnutls_handshake_write:
+ * @session: is a #gnutls_session_t type.
+ * @level: the current encryption level for reading a handshake message
+ * @data: the (const) handshake data to be processed
+ * @data_size: the size of data
+ *
+ * This function processes a handshake message in the encryption level
+ * specified with @level. Prior to calling this function, a handshake
+ * read callback must be set on @session. Use
+ * gnutls_handshake_set_read_function() to do this.
+ *
+ * Since: 3.7.0
+ */
+int
+gnutls_handshake_write(gnutls_session_t session,
+			gnutls_record_encryption_level_t level,
+			const void *data, size_t data_size)
+{
+	record_parameters_st *record_params;
+	record_state_st *record_state;
+	mbuffer_st *bufel;
+	uint8_t *p;
+	int ret;
+
+	/* DTLS is not supported */
+	if (IS_DTLS(session))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	/* Nothing to do */
+	if (data_size == 0)
+		return gnutls_assert_val(0);
+
+	/* When using this, the outgoing handshake messages should
+	 * also be handled manually */
+	if (!session->internals.h_read_func)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (session->internals.initial_negotiation_completed) {
+		const version_entry_st *vers = get_version(session);
+		if (unlikely(vers == NULL || !vers->tls13_sem))
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	ret = _gnutls_epoch_get(session, EPOCH_READ_CURRENT, &record_params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	record_state = &record_params->read;
+	if (record_state->level > level)
+		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+	bufel = _mbuffer_alloc_align16(data_size, 0);
+	if (bufel == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	memcpy(_mbuffer_get_udata_ptr(bufel), data, data_size);
+	_mbuffer_set_udata_size(bufel, data_size);
+	p = _mbuffer_get_udata_ptr(bufel);
+	bufel->htype = p[0];
+
+	if (sequence_increment(session, &record_state->sequence_number) != 0) {
+		_mbuffer_xfree(&bufel);
+		return gnutls_assert_val(GNUTLS_E_RECORD_LIMIT_REACHED);
+	}
+
+	_gnutls_record_buffer_put(session, GNUTLS_HANDSHAKE,
+				  record_state->sequence_number, bufel);
+
+	if (session->internals.initial_negotiation_completed)
+		return _gnutls13_recv_async_handshake(session);
+
+	return 0;
+}
diff --git a/lib/record.h b/lib/record.h
new file mode 100644
index 0000000..27aab48
--- /dev/null
+++ b/lib/record.h
@@ -0,0 +1,108 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_RECORD_H
+#define GNUTLS_LIB_RECORD_H
+
+#include <gnutls/gnutls.h>
+#include <buffers.h>
+#include <constate.h>
+
+ssize_t _gnutls_send_tlen_int(gnutls_session_t session,
+			      content_type_t type,
+			      gnutls_handshake_description_t htype,
+			      unsigned int epoch_rel, const void *data,
+			      size_t sizeofdata, size_t min_pad,
+			      unsigned int mflags);
+
+inline static ssize_t
+_gnutls_send_int(gnutls_session_t session, content_type_t type,
+		 gnutls_handshake_description_t htype,
+		 unsigned int epoch_rel, const void *_data,
+		 size_t data_size, unsigned int mflags)
+{
+	return _gnutls_send_tlen_int(session, type, htype, epoch_rel,
+				     _data, data_size, 0, mflags);
+}
+
+ssize_t _gnutls_recv_int(gnutls_session_t session, content_type_t type,
+			 uint8_t * data,
+			 size_t sizeofdata, void *seq, unsigned int ms);
+
+inline static unsigned max_record_recv_size(gnutls_session_t session)
+{
+	unsigned size;
+
+	if (session->internals.max_recv_size == 0) {
+		size = session->security_parameters.max_record_recv_size + RECORD_HEADER_SIZE(session);
+		if (session->internals.allow_large_records != 0)
+			size += EXTRA_COMP_SIZE;
+	} else {
+		size = session->internals.max_recv_size;
+	}
+
+	return size;
+}
+
+inline static unsigned max_decrypted_size(gnutls_session_t session)
+{
+	unsigned size = 0;
+
+	if (session->internals.allow_large_records != 0)
+		size += EXTRA_COMP_SIZE;
+
+	size += session->security_parameters.max_record_recv_size;
+
+	return size;
+}
+
+/* Returns the headers + any IV that the ciphersuite
+ * requires */
+inline static
+unsigned int get_total_headers(gnutls_session_t session)
+{
+	int ret;
+	record_parameters_st *params;
+	unsigned total = RECORD_HEADER_SIZE(session);
+
+	ret = _gnutls_epoch_get(session, EPOCH_WRITE_CURRENT, &params);
+	if (ret < 0) {
+		return total;
+	}
+	
+	return total + _gnutls_cipher_get_explicit_iv_size(params->cipher);
+}
+
+inline static
+unsigned int get_total_headers2(gnutls_session_t session, record_parameters_st *params)
+{
+	unsigned total = RECORD_HEADER_SIZE(session);
+
+	return total + _gnutls_cipher_get_explicit_iv_size(params->cipher);
+}
+
+inline static void session_invalidate(gnutls_session_t session)
+{
+	session->internals.invalid_connection = 1;
+}
+
+#endif /* GNUTLS_LIB_RECORD_H */
diff --git a/lib/safe-memfuncs.c b/lib/safe-memfuncs.c
new file mode 100644
index 0000000..2be4db6
--- /dev/null
+++ b/lib/safe-memfuncs.c
@@ -0,0 +1,80 @@
+/*
+ * Copyright (C) 2014 Red Hat
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <string.h>
+
+/**
+ * gnutls_memset:
+ * @data: the memory to set
+ * @c: the constant byte to fill the memory with
+ * @size: the size of memory
+ *
+ * This function will operate similarly to memset(), but will
+ * not be optimized out by the compiler.
+ *
+ * Since: 3.4.0
+ **/
+void gnutls_memset(void *data, int c, size_t size)
+{
+	explicit_bzero(data, size);
+	memset(data, c, size);
+}
+
+/**
+ * gnutls_memcmp:
+ * @s1: the first address to compare
+ * @s2: the second address to compare
+ * @n: the size of memory to compare
+ *
+ * This function will operate similarly to memcmp(), but will operate
+ * on time that depends only on the size of the string. That is will
+ * not return early if the strings don't match on the first byte.
+ *
+ * Returns: non zero on difference and zero if the buffers are identical.
+ *
+ * Since: 3.4.0
+ **/
+int gnutls_memcmp(const void *s1, const void *s2, size_t n)
+{
+	unsigned i;
+	unsigned status = 0;
+	const uint8_t *_s1 = s1;
+	const uint8_t *_s2 = s2;
+
+	for (i=0;i<n;i++) {
+		status |= (_s1[i] ^ _s2[i]);
+	}
+
+	return status;
+}
+
+#ifdef TEST_SAFE_MEMSET
+int main()
+{
+	char x[64];
+
+	gnutls_memset(x, 0, sizeof(x));
+
+	return 0;
+
+}
+
+#endif
diff --git a/lib/secrets.c b/lib/secrets.c
new file mode 100644
index 0000000..728876e
--- /dev/null
+++ b/lib/secrets.c
@@ -0,0 +1,214 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* TLS 1.3 secret key derivation handling.
+ */
+
+#include <config.h>
+#include "crypto-api.h"
+#include "fips.h"
+#include "gnutls_int.h"
+#include "secrets.h"
+
+/* HKDF-Extract(0,0) or HKDF-Extract(0, PSK) */
+int _tls13_init_secret(gnutls_session_t session, const uint8_t *psk, size_t psk_size)
+{
+	session->key.proto.tls13.temp_secret_size = session->security_parameters.prf->output_size;
+
+	return _tls13_init_secret2(session->security_parameters.prf,
+				   psk, psk_size,
+				   session->key.proto.tls13.temp_secret);
+}
+
+int _tls13_init_secret2(const mac_entry_st *prf,
+			const uint8_t *psk, size_t psk_size,
+			void *out)
+{
+	char buf[128];
+
+	if (unlikely(prf == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	/* when no PSK, use the zero-value */
+	if (psk == NULL) {
+		psk_size = prf->output_size;
+		if (unlikely(psk_size >= sizeof(buf)))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		memset(buf, 0, psk_size);
+		psk = (uint8_t*) buf;
+	}
+
+	return gnutls_hmac_fast(prf->id,
+				"", 0,
+				psk, psk_size,
+				out);
+}
+
+/* HKDF-Extract(Prev-Secret, key) */
+int _tls13_update_secret(gnutls_session_t session, const uint8_t *key, size_t key_size)
+{
+	gnutls_datum_t _key;
+	gnutls_datum_t salt;
+	int ret;
+
+	_key.data = (void *)key;
+	_key.size = key_size;
+	salt.data = (void *)session->key.proto.tls13.temp_secret;
+	salt.size = session->key.proto.tls13.temp_secret_size;
+
+	ret = _gnutls_hkdf_extract(session->security_parameters.prf->id,
+			           &_key, &salt,
+			           session->key.proto.tls13.temp_secret);
+	if (ret < 0)
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	else
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+
+	return ret;
+}
+
+/* Derive-Secret(Secret, Label, Messages) */
+int _tls13_derive_secret2(const mac_entry_st *prf,
+			 const char *label, unsigned label_size,
+			 const uint8_t *tbh, size_t tbh_size,
+			 const uint8_t secret[MAX_HASH_SIZE],
+			 void *out)
+{
+	uint8_t digest[MAX_HASH_SIZE];
+	int ret;
+	unsigned digest_size;
+
+	if (unlikely(prf == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	if (unlikely(label_size >= sizeof(digest)))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	digest_size = prf->output_size;
+	ret = gnutls_hash_fast((gnutls_digest_algorithm_t) prf->id,
+				tbh, tbh_size, digest);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return _tls13_expand_secret2(prf, label, label_size, digest, digest_size, secret, digest_size, out);
+}
+
+/* Derive-Secret(Secret, Label, Messages) */
+int _tls13_derive_secret(gnutls_session_t session,
+			 const char *label, unsigned label_size,
+			 const uint8_t *tbh, size_t tbh_size,
+			 const uint8_t secret[MAX_HASH_SIZE],
+			 void *out)
+{
+	if (unlikely(session->security_parameters.prf == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	return _tls13_derive_secret2(session->security_parameters.prf, label, label_size, tbh, tbh_size,
+				         secret,
+				         out);
+}
+
+/* HKDF-Expand-Label(Secret, Label, HashValue, Length) */
+int _tls13_expand_secret2(const mac_entry_st *prf,
+			 const char *label, unsigned label_size,
+			 const uint8_t *msg, size_t msg_size,
+			 const uint8_t secret[MAX_HASH_SIZE],
+			 unsigned out_size,
+			 void *out)
+{
+	uint8_t tmp[256] = "tls13 ";
+	gnutls_buffer_st str;
+	gnutls_datum_t key;
+	gnutls_datum_t info;
+	int ret;
+
+	if (unlikely(label_size >= sizeof(tmp)-6))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	_gnutls_buffer_init(&str);
+
+	ret = _gnutls_buffer_append_prefix(&str, 16, out_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	memcpy(&tmp[6], label, label_size);
+	ret = _gnutls_buffer_append_data_prefix(&str, 8, tmp, label_size+6);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_buffer_append_data_prefix(&str, 8, msg, msg_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	key.data = (void *)secret;
+	key.size =_gnutls_mac_get_algo_len(mac_to_entry(prf->id));
+	info.data = str.data;
+	info.size = str.length;
+
+	ret = _gnutls_hkdf_expand(prf->id, &key, &info, out, out_size);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		gnutls_assert();
+		goto cleanup;
+	} else {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_APPROVED);
+	}
+
+#if 0
+        _gnutls_hard_log("INT: hkdf label: %d,%s\n",
+                         out_size,
+                         _gnutls_bin2hex(str.data, str.length,
+                                         (char*)tmp, sizeof(tmp), NULL));
+        _gnutls_hard_log("INT: secret expanded for '%.*s': %d,%s\n", 
+                         (int)label_size, label, out_size,
+                         _gnutls_bin2hex(out, out_size,
+                                         (char*)tmp, sizeof(tmp), NULL));
+#endif
+
+	ret = 0;
+ cleanup:
+	_gnutls_buffer_clear(&str);
+	return ret;
+}
+
+int _tls13_expand_secret(gnutls_session_t session,
+		const char *label, unsigned label_size,
+		const uint8_t *msg, size_t msg_size,
+		const uint8_t secret[MAX_HASH_SIZE],
+		unsigned out_size,
+		void *out)
+{
+	if (unlikely(session->security_parameters.prf == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	return _tls13_expand_secret2(session->security_parameters.prf,
+			label, label_size,
+			msg, msg_size, secret,
+			out_size, out);
+}
+
diff --git a/lib/secrets.h b/lib/secrets.h
new file mode 100644
index 0000000..181b53b
--- /dev/null
+++ b/lib/secrets.h
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_SECRETS_H
+#define GNUTLS_LIB_SECRETS_H
+
+#include "gnutls_int.h"
+
+int _tls13_init_secret(gnutls_session_t session, const uint8_t *psk, size_t psk_size);
+int _tls13_update_secret(gnutls_session_t session, const uint8_t *key, size_t key_size);
+
+int _tls13_init_secret2(const mac_entry_st *prf,
+		const uint8_t *psk, size_t psk_size,
+		void *out);
+
+int _tls13_derive_secret(gnutls_session_t session,
+			 const char *label, unsigned label_size,
+			 const uint8_t *msg, size_t msg_size,
+			 const uint8_t secret[MAX_HASH_SIZE],
+			 void *out /* of enough length to hold PRF MAC */);
+int _tls13_derive_secret2(const mac_entry_st *prf,
+			  const char *label, unsigned label_size,
+			  const uint8_t *tbh, size_t tbh_size,
+			  const uint8_t secret[MAX_HASH_SIZE],
+			  void *out);
+
+int _tls13_expand_secret(gnutls_session_t session,
+			 const char *label, unsigned label_size,
+			 const uint8_t *msg, size_t msg_size,
+			 const uint8_t secret[MAX_HASH_SIZE],
+			 unsigned out_size,
+			 void *out);
+int _tls13_expand_secret2(const mac_entry_st *prf,
+			  const char *label, unsigned label_size,
+			  const uint8_t *msg, size_t msg_size,
+			  const uint8_t secret[MAX_HASH_SIZE],
+			  unsigned out_size, void *out);
+
+#endif /* GNUTLS_LIB_SECRETS_H */
diff --git a/lib/session.c b/lib/session.c
new file mode 100644
index 0000000..744c83d
--- /dev/null
+++ b/lib/session.c
@@ -0,0 +1,529 @@
+/*
+ * Copyright (C) 2000-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+#include "gnutls_int.h"
+#include "errors.h"
+#include "debug.h"
+#include <session_pack.h>
+#include <datum.h>
+#include "buffers.h"
+#include "state.h"
+#include "ext/cert_types.h"
+#include <minmax.h>
+
+/**
+ * gnutls_session_get_data:
+ * @session: is a #gnutls_session_t type.
+ * @session_data: is a pointer to space to hold the session.
+ * @session_data_size: is the session_data's size, or it will be set by the function.
+ *
+ * Returns all session parameters needed to be stored to support resumption,
+ * in a pre-allocated buffer.
+ *
+ * See gnutls_session_get_data2() for more information.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ **/
+int
+gnutls_session_get_data(gnutls_session_t session,
+			void *session_data, size_t * session_data_size)
+{
+
+	gnutls_datum_t psession;
+	int ret;
+
+	ret = gnutls_session_get_data2(session, &psession);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (psession.size > *session_data_size) {
+		*session_data_size = psession.size;
+		ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
+		goto error;
+	}
+	*session_data_size = psession.size;
+
+	if (session_data != NULL)
+		memcpy(session_data, psession.data, psession.size);
+
+	ret = 0;
+
+      error:
+	_gnutls_free_datum(&psession);
+	return ret;
+}
+
+#define EMPTY_DATA "\x00\x00\x00\x00"
+#define EMPTY_DATA_SIZE 4
+
+/**
+ * gnutls_session_get_data2:
+ * @session: is a #gnutls_session_t type.
+ * @data: is a pointer to a datum that will hold the session.
+ *
+ * Returns necessary parameters to support resumption. The client
+ * should call this function and store the returned session data. A session
+ * can be resumed later by calling gnutls_session_set_data() with the returned
+ * data. Note that under TLS 1.3, it is recommended for clients to use
+ * session parameters only once, to prevent passive-observers from correlating
+ * the different connections.
+ *
+ * The returned @data are allocated and must be released using gnutls_free().
+ *
+ * This function will fail if called prior to handshake completion. In
+ * case of false start TLS, the handshake completes only after data have
+ * been successfully received from the peer.
+ *
+ * Under TLS1.3 session resumption is possible only after a session ticket
+ * is received by the client. To ensure that such a ticket has been received use
+ * gnutls_session_get_flags() and check for flag %GNUTLS_SFLAGS_SESSION_TICKET;
+ * if this flag is not set, this function will wait for a new ticket within
+ * an estimated roundtrip, and if not received will return dummy data which
+ * cannot lead to resumption.
+ *
+ * To get notified when new tickets are received by the server
+ * use gnutls_handshake_set_hook_function() to wait for %GNUTLS_HANDSHAKE_NEW_SESSION_TICKET
+ * messages. Each call of gnutls_session_get_data2() after a ticket is
+ * received, will return session resumption data corresponding to the last
+ * received ticket.
+ *
+ * Note that this function under TLS1.3 requires a callback to be set with
+ * gnutls_transport_set_pull_timeout_function() for successful operation. There
+ * was a bug before 3.6.10 which could make this function fail if that callback
+ * was not set. On later versions if not set, the function will return a successful
+ * error code, but will return dummy data that cannot lead to a resumption.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ **/
+int
+gnutls_session_get_data2(gnutls_session_t session, gnutls_datum_t *data)
+{
+	const version_entry_st *vers = get_version(session);
+	int ret;
+
+	if (data == NULL || vers == NULL) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (vers->tls13_sem && !(session->internals.hsk_flags & HSK_TICKET_RECEIVED)) {
+		unsigned ertt = session->internals.ertt;
+		/* use our estimation of round-trip + some time for the server to calculate
+		 * the value(s). */
+		ertt += 60;
+
+		/* we cannot use a read with timeout if the caller has not set
+		 * a callback with gnutls_transport_set_pull_timeout_function() */
+		if (NO_TIMEOUT_FUNC_SET(session) || (session->internals.flags & GNUTLS_NONBLOCK)) {
+			if (!(session->internals.flags & GNUTLS_NONBLOCK))
+				_gnutls_debug_log("TLS1.3 works efficiently if a callback with gnutls_transport_set_pull_timeout_function() is set\n");
+		} else {
+			/* wait for a message with timeout */
+			ret = _gnutls_recv_in_buffers(session, GNUTLS_APPLICATION_DATA, -1, ertt);
+			if (ret < 0 && (gnutls_error_is_fatal(ret) && ret != GNUTLS_E_TIMEDOUT)) {
+				return gnutls_assert_val(ret);
+			}
+		}
+
+		if (!(session->internals.hsk_flags & HSK_TICKET_RECEIVED)) {
+			ret = _gnutls_set_datum(data, EMPTY_DATA, EMPTY_DATA_SIZE);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			return 0;
+		}
+	} else if (!vers->tls13_sem) {
+		/* under TLS1.3 we want to pack the latest ticket, while that's
+		 * not the case in TLS1.2 or earlier. */
+		if (gnutls_session_is_resumed(session) && session->internals.resumption_data.data) {
+			ret = _gnutls_set_datum(data, session->internals.resumption_data.data, session->internals.resumption_data.size);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			return 0;
+		}
+	}
+
+	if (!session->internals.resumable)
+		return GNUTLS_E_INVALID_SESSION;
+
+	ret = _gnutls_session_pack(session, data);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+
+/**
+ * gnutls_session_get_id:
+ * @session: is a #gnutls_session_t type.
+ * @session_id: is a pointer to space to hold the session id.
+ * @session_id_size: initially should contain the maximum @session_id size and will be updated.
+ *
+ * Returns the TLS session identifier. The session ID is selected by the
+ * server, and in older versions of TLS was a unique identifier shared
+ * between client and server which was persistent across resumption.
+ * In the latest version of TLS (1.3) or TLS with session tickets, the
+ * notion of session identifiers is undefined and cannot be relied for uniquely
+ * identifying sessions across client and server.
+ *
+ * In client side this function returns the identifier returned by the
+ * server, and cannot be assumed to have any relation to session resumption.
+ * In server side this function is guaranteed to return a persistent
+ * identifier of the session since GnuTLS 3.6.4, which may not necessarily
+ * map into the TLS session ID value. Prior to that version the value
+ * could only be considered a persistent identifier, under TLS1.2 or earlier
+ * and when no session tickets were in use.
+ *
+ * The session identifier value returned is always less than
+ * %GNUTLS_MAX_SESSION_ID_SIZE.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ **/
+int
+gnutls_session_get_id(gnutls_session_t session,
+		      void *session_id, size_t * session_id_size)
+{
+	size_t given_session_id_size = *session_id_size;
+
+	*session_id_size = session->security_parameters.session_id_size;
+
+	/* just return the session size */
+	if (session_id == NULL) {
+		return 0;
+	}
+
+	if (given_session_id_size <
+	    session->security_parameters.session_id_size) {
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	memcpy(session_id, &session->security_parameters.session_id,
+	       *session_id_size);
+
+	return 0;
+}
+
+/**
+ * gnutls_session_get_id2:
+ * @session: is a #gnutls_session_t type.
+ * @session_id: will point to the session ID.
+ *
+ * Returns the TLS session identifier. The session ID is selected by the
+ * server, and in older versions of TLS was a unique identifier shared
+ * between client and server which was persistent across resumption.
+ * In the latest version of TLS (1.3) or TLS 1.2 with session tickets, the
+ * notion of session identifiers is undefined and cannot be relied for uniquely
+ * identifying sessions across client and server.
+ *
+ * In client side this function returns the identifier returned by the
+ * server, and cannot be assumed to have any relation to session resumption.
+ * In server side this function is guaranteed to return a persistent
+ * identifier of the session since GnuTLS 3.6.4, which may not necessarily
+ * map into the TLS session ID value. Prior to that version the value
+ * could only be considered a persistent identifier, under TLS1.2 or earlier
+ * and when no session tickets were in use.
+ *
+ * The session identifier value returned is always less than
+ * %GNUTLS_MAX_SESSION_ID_SIZE and should be treated as constant.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since: 3.1.4
+ **/
+int
+gnutls_session_get_id2(gnutls_session_t session,
+		       gnutls_datum_t * session_id)
+{
+	session_id->size = session->security_parameters.session_id_size;
+	session_id->data = session->security_parameters.session_id;
+
+	return 0;
+}
+
+/**
+ * gnutls_session_set_data:
+ * @session: is a #gnutls_session_t type.
+ * @session_data: is a pointer to space to hold the session.
+ * @session_data_size: is the session's size
+ *
+ * Sets all session parameters, in order to resume a previously
+ * established session.  The session data given must be the one
+ * returned by gnutls_session_get_data().  This function should be
+ * called before gnutls_handshake().
+ *
+ * Keep in mind that session resuming is advisory. The server may
+ * choose not to resume the session, thus a full handshake will be
+ * performed.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ **/
+int
+gnutls_session_set_data(gnutls_session_t session,
+			const void *session_data, size_t session_data_size)
+{
+	int ret;
+	gnutls_datum_t psession;
+
+	psession.data = (uint8_t *) session_data;
+	psession.size = session_data_size;
+
+	if (session_data == NULL || session_data_size == 0) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* under TLS1.3 we always return some data on resumption when there
+	 * is no ticket in order to keep compatibility with existing apps */
+	if (session_data_size == EMPTY_DATA_SIZE &&
+	    memcmp(session_data, EMPTY_DATA, EMPTY_DATA_SIZE) == 0) {
+		return 0;
+	}
+
+	ret = _gnutls_session_unpack(session, &psession);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	session->internals.resumption_requested = 1;
+
+	if (session->internals.resumption_data.data != NULL)
+		gnutls_free(session->internals.resumption_data.data);
+	ret = _gnutls_set_datum(&session->internals.resumption_data, session_data, session_data_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_session_force_valid:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Clears the invalid flag in a session. That means
+ * that sessions were corrupt or invalid data were received 
+ * can be re-used. Use only when debugging or experimenting
+ * with the TLS protocol. Should not be used in typical
+ * applications.
+ *
+ **/
+void gnutls_session_force_valid(gnutls_session_t session)
+{
+	session->internals.invalid_connection = 0;
+}
+
+#define DESC_SIZE 96
+
+/**
+ * gnutls_session_get_desc:
+ * @session: is a gnutls session
+ *
+ * This function returns a string describing the current session.
+ * The string is null terminated and allocated using gnutls_malloc().
+ *
+ * If initial negotiation is not complete when this function is called,
+ * %NULL will be returned.
+ *
+ * Returns: a description of the protocols and algorithms in the current session.
+ *
+ * Since: 3.1.10
+ **/
+char *gnutls_session_get_desc(gnutls_session_t session)
+{
+	gnutls_kx_algorithm_t kx;
+	const char *kx_str, *sign_str;
+	gnutls_certificate_type_t ctype_client, ctype_server;
+	char kx_name[64] = "";
+	char proto_name[32];
+	char _group_name[24];
+	const char *group_name = NULL;
+	int dh_bits = 0;
+	unsigned mac_id;
+	unsigned sign_algo;
+	char *desc;
+	const struct gnutls_group_entry_st *group = get_group(session);
+	const version_entry_st *ver = get_version(session);
+
+	if (session->internals.initial_negotiation_completed == 0)
+		return NULL;
+
+	kx = session->security_parameters.cs->kx_algorithm;
+	if (group)
+		group_name = group->name;
+#if defined(ENABLE_DHE) || defined(ENABLE_ANON)
+	if (group_name == NULL && _gnutls_kx_is_dhe(kx)) {
+		dh_bits = gnutls_dh_get_prime_bits(session);
+		if (dh_bits > 0)
+			snprintf(_group_name, sizeof(_group_name), "CUSTOM%d", dh_bits);
+		else
+			snprintf(_group_name, sizeof(_group_name), "CUSTOM");
+		group_name = _group_name;
+	}
+#endif
+
+	/* Key exchange    - Signature algorithm */
+	/* DHE-3072        - RSA-PSS-2048        */
+	/* ECDHE-SECP256R1 - ECDSA-SECP256R1     */
+
+	sign_algo = gnutls_sign_algorithm_get(session);
+	sign_str = gnutls_sign_get_name(sign_algo);
+
+	if (kx == 0 && ver->tls13_sem) { /* TLS 1.3 */
+		if (session->internals.hsk_flags & HSK_PSK_SELECTED) {
+			if (group) {
+				if (group->pk == GNUTLS_PK_DH)
+					snprintf(kx_name, sizeof(kx_name), "(DHE-PSK-%s)",
+						 group_name);
+				else
+					snprintf(kx_name, sizeof(kx_name), "(ECDHE-PSK-%s)",
+						 group_name);
+			} else {
+					snprintf(kx_name, sizeof(kx_name), "(PSK)");
+			}
+		} else if (group && sign_str) {
+			if (group->curve)
+				snprintf(kx_name, sizeof(kx_name), "(ECDHE-%s)-(%s)",
+					 group_name, sign_str);
+			else
+				snprintf(kx_name, sizeof(kx_name), "(DHE-%s)-(%s)",
+					 group_name, sign_str);
+		}
+	} else {
+		kx_str = gnutls_kx_get_name(kx);
+		if (kx_str == NULL) {
+			gnutls_assert();
+			return NULL;
+		}
+
+		if ((kx == GNUTLS_KX_ECDHE_ECDSA || kx == GNUTLS_KX_ECDHE_RSA ||
+		    kx == GNUTLS_KX_ECDHE_PSK) && group_name) {
+			if (sign_str)
+				snprintf(kx_name, sizeof(kx_name), "(ECDHE-%s)-(%s)",
+					 group_name, sign_str);
+			else
+				snprintf(kx_name, sizeof(kx_name), "(ECDHE-%s)",
+					 group_name);
+		} else if ((kx == GNUTLS_KX_DHE_DSS || kx == GNUTLS_KX_DHE_RSA ||
+		    kx == GNUTLS_KX_DHE_PSK) && group_name) {
+			if (sign_str)
+				snprintf(kx_name, sizeof(kx_name), "(DHE-%s)-(%s)", group_name, sign_str);
+			else
+				snprintf(kx_name, sizeof(kx_name), "(DHE-%s)", group_name);
+		} else if (kx == GNUTLS_KX_RSA) {
+			/* Possible enhancement: include the certificate bits */
+			snprintf(kx_name, sizeof(kx_name), "(RSA)");
+		} else {
+			snprintf(kx_name, sizeof(kx_name), "(%s)",
+				 kx_str);
+		}
+	}
+
+	if (are_alternative_cert_types_allowed(session)) {
+		// Get certificate types
+		ctype_client = get_certificate_type(session, GNUTLS_CTYPE_CLIENT);
+		ctype_server = get_certificate_type(session, GNUTLS_CTYPE_SERVER);
+
+		if (ctype_client == ctype_server) {
+			// print proto version, client/server cert type
+			snprintf(proto_name, sizeof(proto_name), "%s-%s",
+				 gnutls_protocol_get_name(get_num_version(session)),
+				 gnutls_certificate_type_get_name(ctype_client));
+		} else {
+			// print proto version, client cert type, server cert type
+			snprintf(proto_name, sizeof(proto_name), "%s-%s-%s",
+				 gnutls_protocol_get_name(get_num_version(session)),
+				 gnutls_certificate_type_get_name(ctype_client),
+				 gnutls_certificate_type_get_name(ctype_server));
+		}
+	} else { // Assumed default certificate type (X.509)
+		snprintf(proto_name, sizeof(proto_name), "%s",
+				 gnutls_protocol_get_name(get_num_version(session)));
+	}
+
+	desc = gnutls_malloc(DESC_SIZE);
+	if (desc == NULL)
+		return NULL;
+
+	mac_id = gnutls_mac_get(session);
+	if (mac_id == GNUTLS_MAC_AEAD) { /* no need to print */
+		snprintf(desc, DESC_SIZE,
+			 "(%s)-%s-(%s)",
+			 proto_name,
+			 kx_name,
+			 gnutls_cipher_get_name(gnutls_cipher_get(session)));
+	} else {
+		snprintf(desc, DESC_SIZE,
+			 "(%s)-%s-(%s)-(%s)",
+			 proto_name,
+			 kx_name,
+			 gnutls_cipher_get_name(gnutls_cipher_get(session)),
+			 gnutls_mac_get_name(mac_id));
+	}
+
+	return desc;
+}
+
+/**
+ * gnutls_session_set_id:
+ * @session: is a #gnutls_session_t type.
+ * @sid: the session identifier
+ *
+ * This function sets the session ID to be used in a client hello.
+ * This is a function intended for exceptional uses. Do not use this
+ * function unless you are implementing a custom protocol.
+ *
+ * To set session resumption parameters use gnutls_session_set_data() instead.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since: 3.2.1
+ **/
+int
+gnutls_session_set_id(gnutls_session_t session, const gnutls_datum_t * sid)
+{
+	if (session->security_parameters.entity == GNUTLS_SERVER ||
+	    sid->size > GNUTLS_MAX_SESSION_ID_SIZE)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memset(&session->internals.resumed_security_parameters, 0,
+	       sizeof(session->internals.resumed_security_parameters));
+
+	session->internals.resumed_security_parameters.session_id_size =
+	    sid->size;
+	memcpy(session->internals.resumed_security_parameters.session_id,
+	       sid->data, sid->size);
+
+	return 0;
+}
diff --git a/lib/session_pack.c b/lib/session_pack.c
new file mode 100644
index 0000000..fa9a0fc
--- /dev/null
+++ b/lib/session_pack.c
@@ -0,0 +1,1204 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Contains functions that are supposed to pack and unpack session data,
+ * before and after they are sent to the database backend.
+ */
+
+#include "gnutls_int.h"
+#ifdef ENABLE_SRP
+#include <auth/srp_kx.h>
+#endif
+#ifdef ENABLE_PSK
+#include <auth/psk.h>
+#endif
+#include <auth/anon.h>
+#include <auth/cert.h>
+#include "errors.h"
+#include <auth.h>
+#include <session_pack.h>
+#include <datum.h>
+#include <num.h>
+#include <hello_ext.h>
+#include <constate.h>
+#include <algorithms.h>
+#include <state.h>
+#include <db.h>
+#include "tls13/session_ticket.h"
+
+static int pack_certificate_auth_info(gnutls_session_t,
+				      gnutls_buffer_st * packed_session);
+static int unpack_certificate_auth_info(gnutls_session_t,
+					gnutls_buffer_st * packed_session);
+
+static int unpack_srp_auth_info(gnutls_session_t session,
+				gnutls_buffer_st * packed_session);
+static int pack_srp_auth_info(gnutls_session_t session,
+			      gnutls_buffer_st * packed_session);
+
+static int unpack_psk_auth_info(gnutls_session_t session,
+				gnutls_buffer_st * packed_session);
+static int pack_psk_auth_info(gnutls_session_t session,
+			      gnutls_buffer_st * packed_session);
+
+static int unpack_anon_auth_info(gnutls_session_t session,
+				 gnutls_buffer_st * packed_session);
+static int pack_anon_auth_info(gnutls_session_t session,
+			       gnutls_buffer_st * packed_session);
+
+static int unpack_security_parameters(gnutls_session_t session,
+				      gnutls_buffer_st * packed_session);
+static int pack_security_parameters(gnutls_session_t session,
+				    gnutls_buffer_st * packed_session);
+static int tls13_unpack_security_parameters(gnutls_session_t session,
+					    gnutls_buffer_st * packed_session);
+static int tls13_pack_security_parameters(gnutls_session_t session,
+					  gnutls_buffer_st * packed_session);
+
+
+/* Since auth_info structures contain malloced data, this function
+ * is required in order to pack these structures in a vector in
+ * order to store them to the DB.
+ *
+ * packed_session will contain the session data.
+ *
+ * The data will be in a platform independent format.
+ */
+int
+_gnutls_session_pack(gnutls_session_t session,
+		     gnutls_datum_t * packed_session)
+{
+	int ret;
+	gnutls_buffer_st sb;
+	uint8_t id;
+
+	if (packed_session == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	_gnutls_buffer_init(&sb);
+
+
+	id = gnutls_auth_get_type(session);
+
+	BUFFER_APPEND_NUM(&sb, PACKED_SESSION_MAGIC);
+	BUFFER_APPEND_NUM(&sb, session->security_parameters.timestamp);
+	BUFFER_APPEND_NUM(&sb, session->internals.expire_time);
+	BUFFER_APPEND(&sb, &id, 1);
+
+	switch (id) {
+#ifdef ENABLE_SRP
+	case GNUTLS_CRD_SRP:
+		ret = pack_srp_auth_info(session, &sb);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+		break;
+#endif
+#ifdef ENABLE_PSK
+	case GNUTLS_CRD_PSK:
+		ret = pack_psk_auth_info(session, &sb);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+		break;
+#endif
+#ifdef ENABLE_ANON
+	case GNUTLS_CRD_ANON:
+		ret = pack_anon_auth_info(session, &sb);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+		break;
+#endif
+	case GNUTLS_CRD_CERTIFICATE:
+		ret = pack_certificate_auth_info(session, &sb);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+		break;
+	default:
+		ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		goto fail;
+
+	}
+
+	/* Auth_info structures copied. Now copy security_parameters_st. 
+	 * packed_session must have allocated space for the security parameters.
+	 */
+	ret = pack_security_parameters(session, &sb);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+
+	if (session->security_parameters.pversion->tls13_sem) {
+		ret = tls13_pack_security_parameters(session, &sb);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+	}
+
+	/* Extensions are re-negotiated in a resumed session under TLS 1.3 */
+	if (!session->security_parameters.pversion->tls13_sem) {
+		ret = _gnutls_hello_ext_pack(session, &sb);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+	}
+
+	return _gnutls_buffer_to_datum(&sb, packed_session, 0);
+
+      fail:
+	_gnutls_buffer_clear(&sb);
+	return ret;
+}
+
+
+/* Load session data from a buffer.
+ */
+int
+_gnutls_session_unpack(gnutls_session_t session,
+		       const gnutls_datum_t * packed_session)
+{
+	int ret;
+	gnutls_buffer_st sb;
+	uint32_t magic;
+	uint32_t expire_time;
+	uint8_t id;
+
+	_gnutls_buffer_init(&sb);
+
+	if (packed_session == NULL || packed_session->size == 0) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	ret =
+	    _gnutls_buffer_append_data(&sb, packed_session->data,
+				       packed_session->size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (session->key.auth_info != NULL) {
+		_gnutls_free_auth_info(session);
+	}
+
+	BUFFER_POP_NUM(&sb, magic);
+	if (magic != PACKED_SESSION_MAGIC) {
+		ret = gnutls_assert_val(GNUTLS_E_DB_ERROR);
+		goto error;
+	}
+
+	BUFFER_POP_NUM(&sb,
+		       session->internals.resumed_security_parameters.
+		       timestamp);
+	BUFFER_POP_NUM(&sb, expire_time);
+	(void) expire_time;
+	BUFFER_POP(&sb, &id, 1);
+
+	switch (id) {
+#ifdef ENABLE_SRP
+	case GNUTLS_CRD_SRP:
+		ret = unpack_srp_auth_info(session, &sb);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+		break;
+#endif
+#ifdef ENABLE_PSK
+	case GNUTLS_CRD_PSK:
+		ret = unpack_psk_auth_info(session, &sb);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+		break;
+#endif
+#ifdef ENABLE_ANON
+	case GNUTLS_CRD_ANON:
+		ret = unpack_anon_auth_info(session, &sb);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+		break;
+#endif
+	case GNUTLS_CRD_CERTIFICATE:
+		ret = unpack_certificate_auth_info(session, &sb);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+		break;
+	default:
+		gnutls_assert();
+		ret = GNUTLS_E_INTERNAL_ERROR;
+		goto error;
+
+	}
+
+	/* Auth_info structures copied. Now copy security_parameters_st. 
+	 * packed_session must have allocated space for the security parameters.
+	 */
+	ret = unpack_security_parameters(session, &sb);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if (session->internals.resumed_security_parameters.pversion->tls13_sem) {
+		/* 'prf' will not be NULL at this point, else unpack_security_parameters() would have failed */
+		ret = tls13_unpack_security_parameters(session, &sb);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	}
+
+	if (!session->internals.resumed_security_parameters.pversion->tls13_sem) {
+		ret = _gnutls_hello_ext_unpack(session, &sb);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	}
+
+	ret = 0;
+
+      error:
+	_gnutls_buffer_clear(&sb);
+
+	return ret;
+}
+
+/*
+ * If we're using TLS 1.3 semantics, we might have TLS 1.3-specific data.
+ * Format:
+ *      4 bytes the total length
+ *      4 bytes the ticket lifetime
+ *      4 bytes the ticket age add value
+ *      1 byte the ticket nonce length
+ *      x bytes the ticket nonce
+ *      4 bytes the ticket length
+ *      x bytes the ticket
+ *      1 bytes the resumption master secret length
+ *      x bytes the resumption master secret
+ *     12 bytes the ticket arrival time
+ *      4 bytes the max early data size
+ *
+ * We only store that info if we received a TLS 1.3 NewSessionTicket at some point.
+ * If we didn't receive any NST then we cannot resume a TLS 1.3 session and hence
+ * its nonsense to store all that info.
+ */
+static int
+tls13_pack_security_parameters(gnutls_session_t session, gnutls_buffer_st *ps)
+{
+	int ret = 0;
+	uint32_t length = 0;
+	size_t length_pos;
+	tls13_ticket_st *ticket = &session->internals.tls13_ticket;
+
+	length_pos = ps->length;
+	BUFFER_APPEND_NUM(ps, 0);
+
+	if (ticket->ticket.data != NULL) {
+		BUFFER_APPEND_NUM(ps, ticket->lifetime);
+		length += 4;
+		BUFFER_APPEND_NUM(ps, ticket->age_add);
+		length += 4;
+		BUFFER_APPEND_PFX1(ps,
+				   ticket->nonce,
+				   ticket->nonce_size);
+		length += (1 + ticket->nonce_size);
+		BUFFER_APPEND_PFX4(ps,
+				   ticket->ticket.data,
+				   ticket->ticket.size);
+		length += (4 + ticket->ticket.size);
+		BUFFER_APPEND_PFX1(ps,
+				   ticket->resumption_master_secret,
+				   ticket->prf->output_size);
+		length += (1 + ticket->prf->output_size);
+		BUFFER_APPEND_TS(ps, ticket->arrival_time);
+		length += 12;
+		BUFFER_APPEND_NUM(ps,
+				  session->security_parameters.
+				  max_early_data_size);
+		length += 4;
+
+		/* Overwrite the length field */
+		_gnutls_write_uint32(length, ps->data + length_pos);
+	}
+
+	return ret;
+}
+
+static int
+tls13_unpack_security_parameters(gnutls_session_t session, gnutls_buffer_st *ps)
+{
+	uint32_t ttl_len;
+	tls13_ticket_st *ticket = &session->internals.tls13_ticket;
+	gnutls_datum_t t;
+	int ret = 0;
+
+	BUFFER_POP_NUM(ps, ttl_len);
+
+	if (ttl_len > 0) {
+		BUFFER_POP_NUM(ps, ticket->lifetime);
+		BUFFER_POP_NUM(ps, ticket->age_add);
+
+		ret = _gnutls_buffer_pop_datum_prefix8(ps, &t);
+		if (ret < 0 || t.size > sizeof(ticket->nonce)) {
+			    ret = GNUTLS_E_PARSING_ERROR;
+			    gnutls_assert();
+			    goto error;
+		}
+		ticket->nonce_size = t.size;
+		memcpy(ticket->nonce, t.data, t.size);
+
+		BUFFER_POP_DATUM(ps, &ticket->ticket);
+
+		ret = _gnutls_buffer_pop_datum_prefix8(ps, &t);
+		if (ret < 0 || t.size > sizeof(ticket->resumption_master_secret)) {
+			    ret = GNUTLS_E_PARSING_ERROR;
+			    gnutls_assert();
+			    goto error;
+		}
+		memcpy(ticket->resumption_master_secret, t.data, t.size);
+
+		if (unlikely(session->internals.resumed_security_parameters.prf == NULL ||
+		    session->internals.resumed_security_parameters.prf->output_size != t.size))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		ticket->prf = session->internals.resumed_security_parameters.prf;
+
+		BUFFER_POP_TS(ps, ticket->arrival_time);
+		BUFFER_POP_NUM(ps,
+			       session->security_parameters.
+			       max_early_data_size);
+	}
+
+error:
+	return ret;
+}
+
+/* Format: 
+ *      1 byte the credentials type
+ *      4 bytes the size of the whole structure
+ *	DH stuff
+ *      2 bytes the size of secret key in bits
+ *      4 bytes the size of the prime
+ *      x bytes the prime
+ *      4 bytes the size of the generator
+ *      x bytes the generator
+ *      4 bytes the size of the public key
+ *      x bytes the public key
+ *	RSA stuff
+ *      4 bytes the size of the modulus
+ *      x bytes the modulus
+ *      4 bytes the size of the exponent
+ *      x bytes the exponent
+ *	CERTIFICATES
+ *      4 bytes the length of the certificate list
+ *      4 bytes the size of first certificate
+ *      x bytes the certificate
+ *       and so on...
+ */
+static int
+pack_certificate_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
+{
+	unsigned int i;
+	int cur_size, ret;
+	cert_auth_info_t info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	int size_offset;
+
+	size_offset = ps->length;
+	BUFFER_APPEND_NUM(ps, 0);
+	cur_size = ps->length;
+
+	if (info) {
+
+		BUFFER_APPEND_NUM(ps, info->dh.secret_bits);
+		BUFFER_APPEND_PFX4(ps, info->dh.prime.data,
+				   info->dh.prime.size);
+		BUFFER_APPEND_PFX4(ps, info->dh.generator.data,
+				   info->dh.generator.size);
+		BUFFER_APPEND_PFX4(ps, info->dh.public_key.data,
+				   info->dh.public_key.size);
+
+		BUFFER_APPEND_NUM(ps, info->ncerts);
+
+		for (i = 0; i < info->ncerts; i++) {
+			BUFFER_APPEND_PFX4(ps,
+					   info->raw_certificate_list[i].
+					   data,
+					   info->raw_certificate_list[i].
+					   size);
+		}
+
+		BUFFER_APPEND_NUM(ps, info->nocsp);
+
+		for (i = 0; i < info->nocsp; i++) {
+			BUFFER_APPEND_PFX4(ps,
+					   info->raw_ocsp_list[i].
+					   data,
+					   info->raw_ocsp_list[i].
+					   size);
+		}
+	}
+
+	/* write the real size */
+	_gnutls_write_uint32(ps->length - cur_size,
+			     ps->data + size_offset);
+
+	return 0;
+}
+
+
+/* Upack certificate info.
+ */
+static int
+unpack_certificate_auth_info(gnutls_session_t session,
+			     gnutls_buffer_st * ps)
+{
+	int ret;
+	unsigned int i = 0, j = 0;
+	size_t pack_size;
+	cert_auth_info_t info = NULL;
+	unsigned cur_ncerts = 0;
+	unsigned cur_nocsp = 0;
+
+	BUFFER_POP_NUM(ps, pack_size);
+
+	if (pack_size == 0)
+		return 0;	/* nothing to be done */
+
+	/* client and server have the same auth_info here
+	 */
+	ret =
+	    _gnutls_auth_info_init(session, GNUTLS_CRD_CERTIFICATE,
+				  sizeof(cert_auth_info_st), 1);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	if (info == NULL)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	BUFFER_POP_NUM(ps, info->dh.secret_bits);
+
+	BUFFER_POP_DATUM(ps, &info->dh.prime);
+	BUFFER_POP_DATUM(ps, &info->dh.generator);
+	BUFFER_POP_DATUM(ps, &info->dh.public_key);
+
+	BUFFER_POP_NUM(ps, info->ncerts);
+
+	if (info->ncerts > 0) {
+		info->raw_certificate_list =
+		    gnutls_calloc(info->ncerts, sizeof(gnutls_datum_t));
+		if (info->raw_certificate_list == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto error;
+		}
+	}
+
+	for (i = 0; i < info->ncerts; i++) {
+		BUFFER_POP_DATUM(ps, &info->raw_certificate_list[i]);
+		cur_ncerts++;
+	}
+
+	/* read OCSP responses */
+	BUFFER_POP_NUM(ps, info->nocsp);
+
+	if (info->nocsp > 0) {
+		info->raw_ocsp_list =
+		    gnutls_calloc(info->nocsp, sizeof(gnutls_datum_t));
+		if (info->raw_ocsp_list == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto error;
+		}
+	}
+
+	for (i = 0; i < info->nocsp; i++) {
+		BUFFER_POP_DATUM(ps, &info->raw_ocsp_list[i]);
+		cur_nocsp++;
+	}
+
+	return 0;
+
+      error:
+	if (info) {
+		_gnutls_free_datum(&info->dh.prime);
+		_gnutls_free_datum(&info->dh.generator);
+		_gnutls_free_datum(&info->dh.public_key);
+
+		for (j = 0; j < cur_ncerts; j++)
+			_gnutls_free_datum(&info->raw_certificate_list[j]);
+
+		for (j = 0; j < cur_nocsp; j++)
+			_gnutls_free_datum(&info->raw_ocsp_list[j]);
+
+		gnutls_free(info->raw_certificate_list);
+		gnutls_free(info->raw_ocsp_list);
+	}
+
+	return ret;
+
+}
+
+#ifdef ENABLE_SRP
+/* Packs the SRP session authentication data.
+ */
+
+/* Format: 
+ *      1 byte the credentials type
+ *      4 bytes the size of the SRP username (x)
+ *      x bytes the SRP username
+ */
+static int
+pack_srp_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
+{
+	srp_server_auth_info_t info = _gnutls_get_auth_info(session, GNUTLS_CRD_SRP);
+	int len, ret;
+	int size_offset;
+	size_t cur_size;
+	const char *username = NULL;
+
+	if (info) {
+		if (info->username) {
+			username = info->username;
+			len = strlen(info->username) + 1; /* include the terminating null */
+		} else {
+			username = "\0";
+			len = 1;
+		}
+	} else
+		len = 0;
+
+	size_offset = ps->length;
+	BUFFER_APPEND_NUM(ps, 0);
+	cur_size = ps->length;
+
+	BUFFER_APPEND_PFX4(ps, username, len);
+
+	/* write the real size */
+	_gnutls_write_uint32(ps->length - cur_size,
+			     ps->data + size_offset);
+
+	return 0;
+}
+
+
+static int
+unpack_srp_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
+{
+	size_t username_size;
+	int ret;
+	srp_server_auth_info_t info;
+
+	BUFFER_POP_NUM(ps, username_size);
+	if (username_size > MAX_USERNAME_SIZE + 1)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	ret = _gnutls_auth_info_init(session, GNUTLS_CRD_SRP,
+				     sizeof(srp_server_auth_info_st), 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_SRP);
+	if (info == NULL)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	gnutls_free(info->username);
+	if (username_size == 0) {
+		info->username = NULL;
+	} else {
+		info->username = gnutls_malloc(username_size);
+		if (info->username == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+	BUFFER_POP(ps, info->username, username_size);
+
+	ret = 0;
+
+      error:
+	return ret;
+}
+#endif
+
+
+#ifdef ENABLE_ANON
+/* Packs the ANON session authentication data.
+ */
+
+/* Format: 
+ *      1 byte the credentials type
+ *      4 bytes the size of the whole structure
+ *      2 bytes the size of secret key in bits
+ *      4 bytes the size of the prime
+ *      x bytes the prime
+ *      4 bytes the size of the generator
+ *      x bytes the generator
+ *      4 bytes the size of the public key
+ *      x bytes the public key
+ */
+static int
+pack_anon_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
+{
+	int cur_size, ret;
+	anon_auth_info_t info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
+	int size_offset;
+
+	size_offset = ps->length;
+	BUFFER_APPEND_NUM(ps, 0);
+	cur_size = ps->length;
+
+	if (info) {
+		BUFFER_APPEND_NUM(ps, info->dh.secret_bits);
+		BUFFER_APPEND_PFX4(ps, info->dh.prime.data,
+				   info->dh.prime.size);
+		BUFFER_APPEND_PFX4(ps, info->dh.generator.data,
+				   info->dh.generator.size);
+		BUFFER_APPEND_PFX4(ps, info->dh.public_key.data,
+				   info->dh.public_key.size);
+	}
+
+	/* write the real size */
+	_gnutls_write_uint32(ps->length - cur_size,
+			     ps->data + size_offset);
+
+	return 0;
+}
+
+
+static int
+unpack_anon_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
+{
+	int ret;
+	size_t pack_size;
+	anon_auth_info_t info = NULL;
+
+	BUFFER_POP_NUM(ps, pack_size);
+
+	if (pack_size == 0)
+		return 0;	/* nothing to be done */
+
+	/* client and server have the same auth_info here
+	 */
+	ret =
+	    _gnutls_auth_info_init(session, GNUTLS_CRD_ANON,
+				  sizeof(anon_auth_info_st), 1);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
+	if (info == NULL)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	BUFFER_POP_NUM(ps, info->dh.secret_bits);
+
+	BUFFER_POP_DATUM(ps, &info->dh.prime);
+	BUFFER_POP_DATUM(ps, &info->dh.generator);
+	BUFFER_POP_DATUM(ps, &info->dh.public_key);
+
+	return 0;
+
+      error:
+	if (info) {
+		_gnutls_free_datum(&info->dh.prime);
+		_gnutls_free_datum(&info->dh.generator);
+		_gnutls_free_datum(&info->dh.public_key);
+	}
+
+	return ret;
+}
+#endif				/* ANON */
+
+#ifdef ENABLE_PSK
+/* Packs the PSK session authentication data.
+ */
+
+/* Format: 
+ *      1 byte the credentials type
+ *      4 bytes the size of the whole structure
+ *
+ *      4 bytes the size of the PSK username (x)
+ *      x bytes the PSK username
+ *      2 bytes the size of secret key in bits
+ *      4 bytes the size of the prime
+ *      x bytes the prime
+ *      4 bytes the size of the generator
+ *      x bytes the generator
+ *      4 bytes the size of the public key
+ *      x bytes the public key
+ */
+static int
+pack_psk_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
+{
+	psk_auth_info_t info;
+	int username_len;
+	int hint_len, ret;
+	int size_offset;
+	size_t cur_size;
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+	if (info == NULL)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	username_len = info->username_len;
+	hint_len = info->hint_len + 1; /* include the terminating null */
+
+	size_offset = ps->length;
+	BUFFER_APPEND_NUM(ps, 0);
+	cur_size = ps->length;
+
+	BUFFER_APPEND_PFX4(ps, info->username, username_len);
+	BUFFER_APPEND_PFX4(ps, info->hint ? info->hint : "\0", hint_len);
+
+	BUFFER_APPEND_NUM(ps, info->dh.secret_bits);
+	BUFFER_APPEND_PFX4(ps, info->dh.prime.data, info->dh.prime.size);
+	BUFFER_APPEND_PFX4(ps, info->dh.generator.data,
+			   info->dh.generator.size);
+	BUFFER_APPEND_PFX4(ps, info->dh.public_key.data,
+			   info->dh.public_key.size);
+
+	/* write the real size */
+	_gnutls_write_uint32(ps->length - cur_size,
+			     ps->data + size_offset);
+	return 0;
+}
+
+static int
+unpack_psk_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
+{
+	size_t username_size, hint_size;
+	int ret;
+	psk_auth_info_t info;
+	unsigned pack_size;
+
+	ret =
+	    _gnutls_auth_info_init(session, GNUTLS_CRD_PSK,
+				  sizeof(psk_auth_info_st), 1);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+	if (info == NULL)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	BUFFER_POP_NUM(ps, pack_size);
+	if (pack_size == 0)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	BUFFER_POP_NUM(ps, username_size);
+	if (username_size > MAX_USERNAME_SIZE)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	gnutls_free(info->username);
+	info->username = gnutls_malloc(username_size + 1);
+	if (info->username == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	BUFFER_POP(ps, info->username, username_size);
+	info->username[username_size] = 0;
+	info->username_len = username_size;
+
+	/* hint_size includes the terminating null */
+	BUFFER_POP_NUM(ps, hint_size);
+	if (hint_size > MAX_USERNAME_SIZE + 1)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	gnutls_free(info->hint);
+	info->hint = gnutls_malloc(hint_size);
+	if (info->hint == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	BUFFER_POP(ps, info->hint, hint_size);
+	info->hint_len = hint_size - 1;
+
+	BUFFER_POP_NUM(ps, info->dh.secret_bits);
+
+	BUFFER_POP_DATUM(ps, &info->dh.prime);
+	BUFFER_POP_DATUM(ps, &info->dh.generator);
+	BUFFER_POP_DATUM(ps, &info->dh.public_key);
+
+	ret = 0;
+
+      error:
+	_gnutls_free_datum(&info->dh.prime);
+	_gnutls_free_datum(&info->dh.generator);
+	_gnutls_free_datum(&info->dh.public_key);
+
+	return ret;
+}
+#endif
+
+
+/* Packs the security parameters.
+ */
+static int
+pack_security_parameters(gnutls_session_t session, gnutls_buffer_st * ps)
+{
+
+	int ret;
+	int size_offset;
+	size_t cur_size;
+
+	if (session->security_parameters.epoch_read
+	    != session->security_parameters.epoch_write &&
+	    !(session->internals.hsk_flags & HSK_EARLY_START_USED)) {
+		gnutls_assert();
+		return GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE;
+	}
+
+	ret = _gnutls_epoch_get(session, EPOCH_READ_CURRENT, NULL);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* move after the auth info stuff.
+	 */
+	size_offset = ps->length;
+	BUFFER_APPEND_NUM(ps, 0);
+	cur_size = ps->length;
+
+	BUFFER_APPEND_NUM(ps, session->security_parameters.entity);
+	BUFFER_APPEND_NUM(ps, session->security_parameters.prf->id);
+
+	BUFFER_APPEND_NUM(ps,
+			  session->security_parameters.client_auth_type);
+	BUFFER_APPEND_NUM(ps,
+			  session->security_parameters.server_auth_type);
+
+	BUFFER_APPEND(ps, &session->security_parameters.session_id_size,
+		      1);
+	BUFFER_APPEND(ps, session->security_parameters.session_id,
+		      session->security_parameters.session_id_size);
+
+	BUFFER_APPEND_NUM(ps, session->security_parameters.pversion->id);
+
+	BUFFER_APPEND_NUM(ps, session->security_parameters.client_ctype);
+	BUFFER_APPEND_NUM(ps, session->security_parameters.server_ctype);
+
+	BUFFER_APPEND(ps, session->security_parameters.cs->id, 2);
+
+	/* if we are under TLS 1.3 do not pack keys or params negotiated using an extension
+	 * they are not necessary */
+	if (!session->security_parameters.pversion->tls13_sem) {
+		BUFFER_APPEND_PFX1(ps, session->security_parameters.master_secret,
+			      GNUTLS_MASTER_SIZE);
+		BUFFER_APPEND_PFX1(ps, session->security_parameters.client_random,
+			      GNUTLS_RANDOM_SIZE);
+		BUFFER_APPEND_PFX1(ps, session->security_parameters.server_random,
+			      GNUTLS_RANDOM_SIZE);
+
+		/* reset max_record_recv_size if it was negotiated
+		 * using the record_size_limit extension */
+		if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_NEGOTIATED) {
+			BUFFER_APPEND_NUM(ps,
+					  session->security_parameters.
+					  max_user_record_send_size);
+			BUFFER_APPEND_NUM(ps,
+					  session->security_parameters.
+					  max_user_record_recv_size);
+		} else {
+			BUFFER_APPEND_NUM(ps,
+					  session->security_parameters.
+					  max_record_recv_size);
+			BUFFER_APPEND_NUM(ps,
+					  session->security_parameters.
+					  max_record_send_size);
+		}
+
+		if (session->security_parameters.grp) {
+			BUFFER_APPEND_NUM(ps, session->security_parameters.grp->id);
+		} else {
+			BUFFER_APPEND_NUM(ps, 0);
+		}
+
+		BUFFER_APPEND_NUM(ps,
+				  session->security_parameters.server_sign_algo);
+		BUFFER_APPEND_NUM(ps,
+				  session->security_parameters.client_sign_algo);
+		BUFFER_APPEND_NUM(ps,
+				  session->security_parameters.ext_master_secret);
+		BUFFER_APPEND_NUM(ps,
+				  session->security_parameters.etm);
+	}
+
+
+	_gnutls_write_uint32(ps->length - cur_size,
+			     ps->data + size_offset);
+
+	return 0;
+}
+
+static int
+unpack_security_parameters(gnutls_session_t session, gnutls_buffer_st * ps)
+{
+	size_t pack_size;
+	int ret;
+	unsigned version;
+	gnutls_datum_t t;
+	time_t timestamp;
+	uint8_t cs[2];
+
+	BUFFER_POP_NUM(ps, pack_size);
+
+	if (pack_size == 0)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	timestamp =
+	    session->internals.resumed_security_parameters.timestamp;
+	memset(&session->internals.resumed_security_parameters, 0,
+	       sizeof(session->internals.resumed_security_parameters));
+	session->internals.resumed_security_parameters.timestamp =
+	    timestamp;
+
+	BUFFER_POP_NUM(ps,
+		       session->internals.resumed_security_parameters.
+		       entity);
+
+	BUFFER_POP_NUM(ps, version);
+	session->internals.resumed_security_parameters.prf = mac_to_entry(version);
+	if (session->internals.resumed_security_parameters.prf == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	BUFFER_POP_NUM(ps,
+		       session->internals.resumed_security_parameters.
+		       client_auth_type);
+	BUFFER_POP_NUM(ps,
+		       session->internals.resumed_security_parameters.
+		       server_auth_type);
+
+	BUFFER_POP(ps,
+		   &session->internals.resumed_security_parameters.
+		   session_id_size, 1);
+
+	BUFFER_POP(ps,
+		   session->internals.resumed_security_parameters.
+		   session_id,
+		   session->internals.resumed_security_parameters.
+		   session_id_size);
+
+	BUFFER_POP_NUM(ps, version);
+	session->internals.resumed_security_parameters.pversion =
+	    version_to_entry(version);
+	if (session->internals.resumed_security_parameters.pversion ==
+	    NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	BUFFER_POP_NUM(ps,
+		       session->internals.resumed_security_parameters.
+		       client_ctype);
+	BUFFER_POP_NUM(ps,
+		       session->internals.resumed_security_parameters.
+		       server_ctype);
+
+	BUFFER_POP(ps, cs, 2);
+	session->internals.resumed_security_parameters.cs = ciphersuite_to_entry(cs);
+	if (session->internals.resumed_security_parameters.cs == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (!session->internals.resumed_security_parameters.pversion->tls13_sem) {
+		/* master secret */
+		ret = _gnutls_buffer_pop_datum_prefix8(ps, &t);
+		if (ret < 0) {
+			ret = GNUTLS_E_PARSING_ERROR;
+			gnutls_assert();
+			goto error;
+		}
+		if (t.size == GNUTLS_MASTER_SIZE)
+			memcpy(session->internals.resumed_security_parameters.master_secret, t.data, t.size);
+
+		/* client random */
+		ret = _gnutls_buffer_pop_datum_prefix8(ps, &t);
+		if (ret < 0) {
+			ret = GNUTLS_E_PARSING_ERROR;
+			gnutls_assert();
+			goto error;
+		}
+		if (t.size == GNUTLS_RANDOM_SIZE)
+			memcpy(session->internals.resumed_security_parameters.client_random, t.data, t.size);
+
+		/* server random */
+		ret = _gnutls_buffer_pop_datum_prefix8(ps, &t);
+		if (ret < 0) {
+			ret = GNUTLS_E_PARSING_ERROR;
+			gnutls_assert();
+			goto error;
+		}
+		if (t.size == GNUTLS_RANDOM_SIZE)
+			memcpy(session->internals.resumed_security_parameters.server_random, t.data, t.size);
+
+
+		BUFFER_POP_NUM(ps,
+			       session->internals.resumed_security_parameters.
+			       max_record_send_size);
+		BUFFER_POP_NUM(ps,
+			       session->internals.resumed_security_parameters.
+			       max_record_recv_size);
+
+		BUFFER_POP_NUM(ps, ret);
+		session->internals.resumed_security_parameters.grp = _gnutls_id_to_group(ret);
+		/* it can be null */
+
+		BUFFER_POP_NUM(ps,
+			       session->internals.resumed_security_parameters.
+			       server_sign_algo);
+		BUFFER_POP_NUM(ps,
+			       session->internals.resumed_security_parameters.
+			       client_sign_algo);
+		BUFFER_POP_NUM(ps,
+			       session->internals.resumed_security_parameters.
+			       ext_master_secret);
+		BUFFER_POP_NUM(ps,
+			       session->internals.resumed_security_parameters.
+			       etm);
+
+		if (session->internals.resumed_security_parameters.
+		    max_record_recv_size == 0
+		    || session->internals.resumed_security_parameters.
+		    max_record_send_size == 0) {
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		}
+	}
+
+	ret = 0;
+
+      error:
+	return ret;
+}
+
+/**
+ * gnutls_session_set_premaster:
+ * @session: is a #gnutls_session_t type.
+ * @entity: GNUTLS_SERVER or GNUTLS_CLIENT
+ * @version: the TLS protocol version
+ * @kx: the key exchange method
+ * @cipher: the cipher
+ * @mac: the MAC algorithm
+ * @comp: the compression method (ignored)
+ * @master: the master key to use
+ * @session_id: the session identifier
+ *
+ * This function sets the premaster secret in a session. This is
+ * a function intended for exceptional uses. Do not use this
+ * function unless you are implementing a legacy protocol.
+ * Use gnutls_session_set_data() instead.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ **/
+int
+gnutls_session_set_premaster(gnutls_session_t session, unsigned int entity,
+			     gnutls_protocol_t version,
+			     gnutls_kx_algorithm_t kx,
+			     gnutls_cipher_algorithm_t cipher,
+			     gnutls_mac_algorithm_t mac,
+			     gnutls_compression_method_t comp,
+			     const gnutls_datum_t * master,
+			     const gnutls_datum_t * session_id)
+{
+	int ret;
+	uint8_t cs[2];
+
+	memset(&session->internals.resumed_security_parameters, 0,
+	       sizeof(session->internals.resumed_security_parameters));
+
+	session->internals.resumed_security_parameters.entity = entity;
+
+	ret =
+	    _gnutls_cipher_suite_get_id(kx, cipher, mac, cs);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	session->internals.resumed_security_parameters.cs = ciphersuite_to_entry(cs);
+	if (session->internals.resumed_security_parameters.cs == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	session->internals.resumed_security_parameters.client_ctype =
+			DEFAULT_CERT_TYPE;
+	session->internals.resumed_security_parameters.server_ctype =
+			DEFAULT_CERT_TYPE;
+	session->internals.resumed_security_parameters.pversion =
+	    version_to_entry(version);
+	if (session->internals.resumed_security_parameters.pversion ==
+	    NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (session->internals.resumed_security_parameters.pversion->selectable_prf)
+		session->internals.resumed_security_parameters.prf = mac_to_entry(session->internals.resumed_security_parameters.cs->prf);
+	else
+		session->internals.resumed_security_parameters.prf = mac_to_entry(GNUTLS_MAC_MD5_SHA1);
+	if (session->internals.resumed_security_parameters.prf == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (master->size != GNUTLS_MASTER_SIZE)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memcpy(session->internals.resumed_security_parameters.
+	       master_secret, master->data, master->size);
+
+	if (session_id->size > GNUTLS_MAX_SESSION_ID)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	session->internals.resumed_security_parameters.session_id_size =
+	    session_id->size;
+	memcpy(session->internals.resumed_security_parameters.session_id,
+	       session_id->data, session_id->size);
+
+	session->internals.resumed_security_parameters.
+	    max_record_send_size =
+	    session->internals.resumed_security_parameters.
+	    max_record_recv_size = DEFAULT_MAX_RECORD_SIZE;
+
+	session->internals.resumed_security_parameters.timestamp =
+	    gnutls_time(0);
+
+	session->internals.resumed_security_parameters.grp = 0;
+
+	session->internals.resumed_security_parameters.post_handshake_auth = 0;
+
+	session->internals.premaster_set = 1;
+
+	return 0;
+}
diff --git a/lib/session_pack.h b/lib/session_pack.h
new file mode 100644
index 0000000..20b3fbc
--- /dev/null
+++ b/lib/session_pack.h
@@ -0,0 +1,31 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_SESSION_PACK_H
+#define GNUTLS_LIB_SESSION_PACK_H
+
+int _gnutls_session_pack(gnutls_session_t session,
+			 gnutls_datum_t * packed_session);
+int _gnutls_session_unpack(gnutls_session_t session,
+			   const gnutls_datum_t * packed_session);
+
+#endif /* GNUTLS_LIB_SESSION_PACK_H */
diff --git a/lib/srp.c b/lib/srp.c
new file mode 100644
index 0000000..78bcbfd
--- /dev/null
+++ b/lib/srp.c
@@ -0,0 +1,852 @@
+/*
+ * Copyright (C) 2001-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <auth/srp_kx.h>
+#include <state.h>
+
+#ifdef ENABLE_SRP
+
+#include "srp.h"
+#include <auth/srp_passwd.h>
+#include <mpi.h>
+#include <num.h>
+#include <file.h>
+#include <algorithms.h>
+#include <random.h>
+
+#include "debug.h"
+
+
+/* Here functions for SRP (like g^x mod n) are defined 
+ */
+
+static int
+_gnutls_srp_gx(uint8_t * text, size_t textsize, uint8_t ** result,
+	       bigint_t g, bigint_t prime)
+{
+	bigint_t x, e = NULL;
+	size_t result_size;
+	int ret;
+
+	if (_gnutls_mpi_init_scan_nz(&x, text, textsize)) {
+		gnutls_assert();
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	ret = _gnutls_mpi_init(&e);
+	if (ret < 0)
+		goto cleanup;
+
+	/* e = g^x mod prime (n) */
+	ret = _gnutls_mpi_powm(e, g, x, prime);
+	if (ret < 0)
+		goto cleanup;
+
+	ret = _gnutls_mpi_print(e, NULL, &result_size);
+	if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
+		*result = gnutls_malloc(result_size);
+		if ((*result) == NULL) {
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto cleanup;
+		}
+
+		ret = _gnutls_mpi_print(e, *result, &result_size);
+		if (ret < 0)
+			goto cleanup;
+
+		ret = result_size;
+	} else {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_PRINT_FAILED;
+	}
+
+cleanup:
+	_gnutls_mpi_release(&e);
+	_gnutls_mpi_release(&x);
+
+	return ret;
+
+}
+
+
+/****************
+ * Choose a random value b and calculate B = (k* v + g^b) % N.
+ * where k == SHA1(N|g)
+ * Return: B and if ret_b is not NULL b.
+ */
+bigint_t
+_gnutls_calc_srp_B(bigint_t * ret_b, bigint_t g, bigint_t n, bigint_t v)
+{
+	bigint_t tmpB = NULL, tmpV = NULL;
+	bigint_t b = NULL, B = NULL, k = NULL;
+	int ret;
+
+	/* calculate:  B = (k*v + g^b) % N 
+	 */
+	ret = _gnutls_mpi_init_multi(&tmpV, &tmpB, &B, &b, NULL);
+	if (ret < 0)
+		return NULL;
+
+	_gnutls_mpi_random_modp(b, n, GNUTLS_RND_RANDOM);
+
+	k = _gnutls_calc_srp_u(n, g, n);
+	if (k == NULL) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = _gnutls_mpi_mulm(tmpV, k, v, n);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = _gnutls_mpi_powm(tmpB, g, b, n);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = _gnutls_mpi_addm(B, tmpV, tmpB, n);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	_gnutls_mpi_release(&k);
+	_gnutls_mpi_release(&tmpB);
+	_gnutls_mpi_release(&tmpV);
+
+	if (ret_b)
+		*ret_b = b;
+	else
+		_gnutls_mpi_release(&b);
+
+	return B;
+
+      error:
+	_gnutls_mpi_release(&b);
+	_gnutls_mpi_release(&B);
+	_gnutls_mpi_release(&k);
+	_gnutls_mpi_release(&tmpB);
+	_gnutls_mpi_release(&tmpV);
+	return NULL;
+
+}
+
+/* This calculates the SHA1(A | B)
+ * A and B will be left-padded with zeros to fill n_size.
+ */
+bigint_t _gnutls_calc_srp_u(bigint_t A, bigint_t B, bigint_t n)
+{
+	size_t b_size, a_size;
+	uint8_t *holder, hd[MAX_HASH_SIZE];
+	size_t holder_size, hash_size, n_size;
+	int ret;
+	bigint_t res;
+
+	/* get the size of n in bytes */
+	_gnutls_mpi_print(n, NULL, &n_size);
+
+	_gnutls_mpi_print(A, NULL, &a_size);
+	_gnutls_mpi_print(B, NULL, &b_size);
+
+	if (a_size > n_size || b_size > n_size) {
+		gnutls_assert();
+		return NULL;	/* internal error */
+	}
+
+	holder_size = n_size + n_size;
+
+	holder = gnutls_calloc(1, holder_size);
+	if (holder == NULL)
+		return NULL;
+
+	_gnutls_mpi_print(A, &holder[n_size - a_size], &a_size);
+	_gnutls_mpi_print(B, &holder[n_size + n_size - b_size], &b_size);
+
+	ret = _gnutls_hash_fast(GNUTLS_DIG_SHA1, holder, holder_size, hd);
+	if (ret < 0) {
+		gnutls_free(holder);
+		gnutls_assert();
+		return NULL;
+	}
+
+	/* convert the bytes of hd to integer
+	 */
+	hash_size = 20;		/* SHA */
+	ret = _gnutls_mpi_init_scan_nz(&res, hd, hash_size);
+	gnutls_free(holder);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	return res;
+}
+
+/* S = (A * v^u) ^ b % N 
+ * this is our shared key (server premaster secret)
+ */
+bigint_t
+_gnutls_calc_srp_S1(bigint_t A, bigint_t b, bigint_t u, bigint_t v,
+		    bigint_t n)
+{
+	bigint_t tmp1 = NULL, tmp2 = NULL;
+	bigint_t S = NULL;
+	int ret;
+
+	ret = _gnutls_mpi_init_multi(&S, &tmp1, &tmp2, NULL);
+	if (ret < 0)
+		return NULL;
+
+	ret = _gnutls_mpi_powm(tmp1, v, u, n);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = _gnutls_mpi_mulm(tmp2, A, tmp1, n);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	_gnutls_mpi_powm(S, tmp2, b, n);
+
+	_gnutls_mpi_release(&tmp1);
+	_gnutls_mpi_release(&tmp2);
+
+	return S;
+
+error:
+	_gnutls_mpi_release(&S);
+	_gnutls_mpi_release(&tmp1);
+	_gnutls_mpi_release(&tmp2);
+	return NULL;
+}
+
+/* A = g^a % N 
+ * returns A and a (which is random)
+ */
+bigint_t _gnutls_calc_srp_A(bigint_t * a, bigint_t g, bigint_t n)
+{
+	bigint_t tmpa;
+	bigint_t A;
+	int ret;
+
+	ret = _gnutls_mpi_init_multi(&A, &tmpa, NULL);
+	if (ret < 0) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	_gnutls_mpi_random_modp(tmpa, n, GNUTLS_RND_RANDOM);
+
+	ret = _gnutls_mpi_powm(A, g, tmpa, n);
+	if (ret < 0)
+		goto error;
+
+	if (a != NULL)
+		*a = tmpa;
+	else
+		_gnutls_mpi_release(&tmpa);
+
+	return A;
+error:
+	_gnutls_mpi_release(&tmpa);
+	_gnutls_mpi_release(&A);
+	return NULL;
+}
+
+/* generate x = SHA(s | SHA(U | ":" | p))
+ * The output is exactly 20 bytes
+ */
+static int
+_gnutls_calc_srp_sha(const char *username, const char *_password,
+		     uint8_t * salt, int salt_size, size_t * size,
+		     void *digest, unsigned allow_invalid_pass)
+{
+	digest_hd_st td;
+	uint8_t res[MAX_HASH_SIZE];
+	int ret;
+	const mac_entry_st *me = mac_to_entry(GNUTLS_MAC_SHA1);
+	char *password;
+	gnutls_datum_t pout;
+
+	*size = 20;
+
+	ret = _gnutls_utf8_password_normalize(_password, strlen(_password), &pout, allow_invalid_pass);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+	password = (char*)pout.data;
+
+	ret = _gnutls_hash_init(&td, me);
+	if (ret < 0) {
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+	_gnutls_hash(&td, username, strlen(username));
+	_gnutls_hash(&td, ":", 1);
+	_gnutls_hash(&td, password, strlen(password));
+
+	_gnutls_hash_deinit(&td, res);
+
+	ret = _gnutls_hash_init(&td, me);
+	if (ret < 0) {
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	_gnutls_hash(&td, salt, salt_size);
+	_gnutls_hash(&td, res, 20);	/* 20 bytes is the output of sha1 */
+
+	_gnutls_hash_deinit(&td, digest);
+	ret = 0;
+
+ cleanup:
+	gnutls_free(password);
+	return ret;
+}
+
+int
+_gnutls_calc_srp_x(char *username, char *password, uint8_t * salt,
+		   size_t salt_size, size_t * size, void *digest)
+{
+
+	return _gnutls_calc_srp_sha(username, password, salt,
+				    salt_size, size, digest, 1);
+}
+
+
+/* S = (B - k*g^x) ^ (a + u * x) % N
+ * this is our shared key (client premaster secret)
+ */
+bigint_t
+_gnutls_calc_srp_S2(bigint_t B, bigint_t g, bigint_t x, bigint_t a,
+		    bigint_t u, bigint_t n)
+{
+	bigint_t S = NULL, tmp1 = NULL, tmp2 = NULL;
+	bigint_t tmp4 = NULL, tmp3 = NULL, k = NULL;
+	int ret;
+
+	ret = _gnutls_mpi_init_multi(&S, &tmp1, &tmp2, &tmp3, &tmp4, NULL);
+	if (ret < 0)
+		return NULL;
+
+	k = _gnutls_calc_srp_u(n, g, n);
+	if (k == NULL) {
+		gnutls_assert();
+		goto freeall;
+	}
+
+	ret = _gnutls_mpi_powm(tmp1, g, x, n);	/* g^x */
+	if (ret < 0) {
+		gnutls_assert();
+		goto freeall;
+	}
+
+	ret = _gnutls_mpi_mulm(tmp3, tmp1, k, n);	/* k*g^x mod n */
+	if (ret < 0) {
+		gnutls_assert();
+		goto freeall;
+	}
+
+	ret = _gnutls_mpi_subm(tmp2, B, tmp3, n);
+	if (ret < 0) {
+		gnutls_assert();
+		goto freeall;
+	}
+
+	ret = _gnutls_mpi_mul(tmp1, u, x);
+	if (ret < 0) {
+		gnutls_assert();
+		goto freeall;
+	}
+
+	ret = _gnutls_mpi_add(tmp4, a, tmp1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto freeall;
+	}
+
+	ret = _gnutls_mpi_powm(S, tmp2, tmp4, n);
+	if (ret < 0) {
+		gnutls_assert();
+		goto freeall;
+	}
+
+	_gnutls_mpi_release(&tmp1);
+	_gnutls_mpi_release(&tmp2);
+	_gnutls_mpi_release(&tmp3);
+	_gnutls_mpi_release(&tmp4);
+	_gnutls_mpi_release(&k);
+
+	return S;
+
+      freeall:
+	_gnutls_mpi_release(&k);
+	_gnutls_mpi_release(&tmp1);
+	_gnutls_mpi_release(&tmp2);
+	_gnutls_mpi_release(&tmp3);
+	_gnutls_mpi_release(&tmp4);
+	_gnutls_mpi_release(&S);
+	return NULL;
+}
+
+/**
+ * gnutls_srp_free_client_credentials:
+ * @sc: is a #gnutls_srp_client_credentials_t type.
+ *
+ * Free a gnutls_srp_client_credentials_t structure.
+ **/
+void gnutls_srp_free_client_credentials(gnutls_srp_client_credentials_t sc)
+{
+	gnutls_free(sc->username);
+	gnutls_free(sc->password);
+	gnutls_free(sc);
+}
+
+/**
+ * gnutls_srp_allocate_client_credentials:
+ * @sc: is a pointer to a #gnutls_srp_server_credentials_t type.
+ *
+ * Allocate a gnutls_srp_client_credentials_t structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or an
+ *   error code.
+ **/
+int
+gnutls_srp_allocate_client_credentials(gnutls_srp_client_credentials_t *
+				       sc)
+{
+	*sc = gnutls_calloc(1, sizeof(srp_client_credentials_st));
+
+	if (*sc == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	return 0;
+}
+
+/**
+ * gnutls_srp_set_client_credentials:
+ * @res: is a #gnutls_srp_client_credentials_t type.
+ * @username: is the user's userid
+ * @password: is the user's password
+ *
+ * This function sets the username and password, in a
+ * #gnutls_srp_client_credentials_t type.  Those will be used in
+ * SRP authentication.  @username should be an ASCII string or UTF-8
+ * string. In case of a UTF-8 string it is recommended to be following
+ * the PRECIS framework for usernames (rfc8265). The password can
+ * be in ASCII format, or normalized using gnutls_utf8_password_normalize().
+
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or an
+ *   error code.
+ **/
+int
+gnutls_srp_set_client_credentials(gnutls_srp_client_credentials_t res,
+				  const char *username,
+				  const char *password)
+{
+
+	if (username == NULL || password == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	res->username = gnutls_strdup(username);
+	if (res->username == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	res->password = gnutls_strdup(password);
+	if (res->password == NULL) {
+		gnutls_free(res->username);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_srp_free_server_credentials:
+ * @sc: is a #gnutls_srp_server_credentials_t type.
+ *
+ * Free a gnutls_srp_server_credentials_t structure.
+ **/
+void gnutls_srp_free_server_credentials(gnutls_srp_server_credentials_t sc)
+{
+	gnutls_free(sc->password_file);
+	gnutls_free(sc->password_conf_file);
+
+	gnutls_free(sc);
+}
+
+/* Size of the default (random) seed if
+ * gnutls_srp_set_server_fake_salt_seed() is not called to set
+ * a seed.
+ */
+#define DEFAULT_FAKE_SALT_SEED_SIZE 20
+
+/* Size of the fake salts generated if
+ * gnutls_srp_set_server_fake_salt_seed() is not called to set
+ * another size.
+ */
+#define DEFAULT_FAKE_SALT_SIZE 16
+
+/**
+ * gnutls_srp_allocate_server_credentials:
+ * @sc: is a pointer to a #gnutls_srp_server_credentials_t type.
+ *
+ * Allocate a gnutls_srp_server_credentials_t structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or an
+ *   error code.
+ **/
+int
+gnutls_srp_allocate_server_credentials(gnutls_srp_server_credentials_t *
+				       sc)
+{
+	int ret;
+	*sc = gnutls_calloc(1, sizeof(srp_server_cred_st));
+
+	if (*sc == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	(*sc)->fake_salt_seed_size = DEFAULT_FAKE_SALT_SEED_SIZE;
+	ret = gnutls_rnd(GNUTLS_RND_RANDOM, (*sc)->fake_salt_seed,
+			 DEFAULT_FAKE_SALT_SEED_SIZE);
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	(*sc)->fake_salt_length = DEFAULT_FAKE_SALT_SIZE;
+	return 0;
+
+cleanup:
+	gnutls_free(*sc);
+	return ret;
+}
+
+/**
+ * gnutls_srp_set_server_credentials_file:
+ * @res: is a #gnutls_srp_server_credentials_t type.
+ * @password_file: is the SRP password file (tpasswd)
+ * @password_conf_file: is the SRP password conf file (tpasswd.conf)
+ *
+ * This function sets the password files, in a
+ * #gnutls_srp_server_credentials_t type.  Those password files
+ * hold usernames and verifiers and will be used for SRP
+ * authentication.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or an
+ *   error code.
+ **/
+int
+gnutls_srp_set_server_credentials_file(gnutls_srp_server_credentials_t res,
+				       const char *password_file,
+				       const char *password_conf_file)
+{
+
+	if (password_file == NULL || password_conf_file == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Check if the files can be opened */
+	if (_gnutls_file_exists(password_file) != 0) {
+		gnutls_assert();
+		return GNUTLS_E_FILE_ERROR;
+	}
+
+	if (_gnutls_file_exists(password_conf_file) != 0) {
+		gnutls_assert();
+		return GNUTLS_E_FILE_ERROR;
+	}
+
+	res->password_file = gnutls_strdup(password_file);
+	if (res->password_file == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	res->password_conf_file = gnutls_strdup(password_conf_file);
+	if (res->password_conf_file == NULL) {
+		gnutls_assert();
+		gnutls_free(res->password_file);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+
+/**
+ * gnutls_srp_set_server_credentials_function:
+ * @cred: is a #gnutls_srp_server_credentials_t type.
+ * @func: is the callback function
+ *
+ * This function can be used to set a callback to retrieve the user's
+ * SRP credentials.  The callback's function form is:
+ *
+ * int (*callback)(gnutls_session_t, const char* username,
+ *  gnutls_datum_t *salt, gnutls_datum_t *verifier, gnutls_datum_t *generator,
+ *  gnutls_datum_t *prime);
+ *
+ * @username contains the actual username.
+ * The @salt, @verifier, @generator and @prime must be filled
+ * in using the gnutls_malloc(). For convenience @prime and @generator
+ * may also be one of the static parameters defined in gnutls.h.
+ *
+ * Initially, the data field is NULL in every #gnutls_datum_t
+ * structure that the callback has to fill in. When the
+ * callback is done GnuTLS deallocates all of those buffers
+ * which are non-NULL, regardless of the return value.
+ *
+ * In order to prevent attackers from guessing valid usernames,
+ * if a user does not exist, g and n values should be filled in
+ * using a random user's parameters. In that case the callback must
+ * return the special value (1).
+ * See #gnutls_srp_set_server_fake_salt_seed too.
+ * If this is not required for your application, return a negative
+ * number from the callback to abort the handshake.
+ *
+ * The callback function will only be called once per handshake.
+ * The callback function should return 0 on success, while
+ * -1 indicates an error.
+ **/
+void
+gnutls_srp_set_server_credentials_function(gnutls_srp_server_credentials_t
+					   cred,
+					   gnutls_srp_server_credentials_function
+					   *func)
+{
+	cred->pwd_callback = func;
+}
+
+/**
+ * gnutls_srp_set_client_credentials_function:
+ * @cred: is a #gnutls_srp_server_credentials_t type.
+ * @func: is the callback function
+ *
+ * This function can be used to set a callback to retrieve the
+ * username and password for client SRP authentication.  The
+ * callback's function form is:
+ *
+ * int (*callback)(gnutls_session_t, char** username, char**password);
+ *
+ * The @username and @password must be allocated using
+ * gnutls_malloc().
+ *
+ * The @username should be an ASCII string or UTF-8
+ * string. In case of a UTF-8 string it is recommended to be following
+ * the PRECIS framework for usernames (rfc8265). The password can
+ * be in ASCII format, or normalized using gnutls_utf8_password_normalize().
+ *
+ * The callback function will be called once per handshake before the
+ * initial hello message is sent.
+ *
+ * The callback should not return a negative error code the second
+ * time called, since the handshake procedure will be aborted.
+ *
+ * The callback function should return 0 on success.
+ * -1 indicates an error.
+ **/
+void
+gnutls_srp_set_client_credentials_function(gnutls_srp_client_credentials_t
+					   cred,
+					   gnutls_srp_client_credentials_function
+					   * func)
+{
+	cred->get_function = func;
+}
+
+
+/**
+ * gnutls_srp_server_get_username:
+ * @session: is a gnutls session
+ *
+ * This function will return the username of the peer.  This should
+ * only be called in case of SRP authentication and in case of a
+ * server.  Returns NULL in case of an error.
+ *
+ * Returns: SRP username of the peer, or NULL in case of error.
+ **/
+const char *gnutls_srp_server_get_username(gnutls_session_t session)
+{
+	srp_server_auth_info_t info;
+
+	CHECK_AUTH_TYPE(GNUTLS_CRD_SRP, NULL);
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_SRP);
+	if (info == NULL)
+		return NULL;
+	return info->username;
+}
+
+/**
+ * gnutls_srp_verifier:
+ * @username: is the user's name
+ * @password: is the user's password
+ * @salt: should be some randomly generated bytes
+ * @generator: is the generator of the group
+ * @prime: is the group's prime
+ * @res: where the verifier will be stored.
+ *
+ * This function will create an SRP verifier, as specified in
+ * RFC2945.  The @prime and @generator should be one of the static
+ * parameters defined in gnutls/gnutls.h or may be generated.
+ *
+ * The verifier will be allocated with @gnutls_malloc() and will be stored in
+ * @res using binary format.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or an
+ *   error code.
+ **/
+int
+gnutls_srp_verifier(const char *username, const char *password,
+		    const gnutls_datum_t * salt,
+		    const gnutls_datum_t * generator,
+		    const gnutls_datum_t * prime, gnutls_datum_t * res)
+{
+	bigint_t _n, _g;
+	int ret;
+	size_t digest_size = 20, size;
+	uint8_t digest[20];
+
+	ret = _gnutls_calc_srp_sha(username, password, salt->data,
+				   salt->size, &digest_size, digest, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	size = prime->size;
+	if (_gnutls_mpi_init_scan_nz(&_n, prime->data, size)) {
+		gnutls_assert();
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	size = generator->size;
+	if (_gnutls_mpi_init_scan_nz(&_g, generator->data, size)) {
+		gnutls_assert();
+		_gnutls_mpi_release(&_n);
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	ret = _gnutls_srp_gx(digest, 20, &res->data, _g, _n);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_mpi_release(&_n);
+		_gnutls_mpi_release(&_g);
+		return ret;
+	}
+	res->size = ret;
+
+	_gnutls_mpi_release(&_n);
+	_gnutls_mpi_release(&_g);
+
+	return 0;
+}
+
+/**
+ * gnutls_srp_set_prime_bits:
+ * @session: is a #gnutls_session_t type.
+ * @bits: is the number of bits
+ *
+ * This function sets the minimum accepted number of bits, for use in
+ * an SRP key exchange.  If zero, the default 2048 bits will be used.
+ *
+ * In the client side it sets the minimum accepted number of bits.  If
+ * a server sends a prime with less bits than that
+ * %GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER will be returned by the
+ * handshake.
+ *
+ * This function has no effect in server side.
+ *
+ * Since: 2.6.0
+ **/
+void gnutls_srp_set_prime_bits(gnutls_session_t session, unsigned int bits)
+{
+	session->internals.dh_prime_bits = bits;
+}
+
+/**
+ * gnutls_srp_set_server_fake_salt_seed:
+ * @cred: is a #gnutls_srp_server_credentials_t type
+ * @seed: is the seed data, only needs to be valid until the function
+ * returns; size of the seed must be greater than zero
+ * @salt_length: is the length of the generated fake salts
+ *
+ * This function sets the seed that is used to generate salts for
+ * invalid (non-existent) usernames.
+ *
+ * In order to prevent attackers from guessing valid usernames,
+ * when a user does not exist gnutls generates a salt and a verifier
+ * and proceeds with the protocol as usual.
+ * The authentication will ultimately fail, but the client cannot tell
+ * whether the username is valid (exists) or invalid.
+ *
+ * If an attacker learns the seed, given a salt (which is part of the
+ * handshake) which was generated when the seed was in use, it can tell
+ * whether or not the authentication failed because of an unknown username.
+ * This seed cannot be used to reveal application data or passwords.
+ *
+ * @salt_length should represent the salt length your application uses.
+ * Generating fake salts longer than 20 bytes is not supported.
+ *
+ * By default the seed is a random value, different each time a
+ * #gnutls_srp_server_credentials_t is allocated and fake salts are
+ * 16 bytes long.
+ *
+ * Since: 3.3.0
+ **/
+void
+gnutls_srp_set_server_fake_salt_seed(gnutls_srp_server_credentials_t cred,
+				     const gnutls_datum_t * seed,
+				     unsigned int salt_length)
+{
+	unsigned seed_size = seed->size;
+	const unsigned char *seed_data = seed->data;
+
+	if (seed_size > sizeof(cred->fake_salt_seed))
+		seed_size = sizeof(cred->fake_salt_seed);
+
+	memcpy(cred->fake_salt_seed, seed_data, seed_size);
+	cred->fake_salt_seed_size = seed_size;
+
+	/* Cap the salt length at the output size of the MAC algorithm
+	 * we are using to generate the fake salts.
+	 */
+	const mac_entry_st * me = mac_to_entry(SRP_FAKE_SALT_MAC);
+	const size_t mac_len = me->output_size;
+
+	cred->fake_salt_length = (salt_length < mac_len ? salt_length : mac_len);
+}
+
+#endif				/* ENABLE_SRP */
diff --git a/lib/srp.h b/lib/srp.h
new file mode 100644
index 0000000..ab5a184
--- /dev/null
+++ b/lib/srp.h
@@ -0,0 +1,47 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_SRP_H
+#define GNUTLS_LIB_SRP_H
+
+#include <config.h>
+
+#ifdef ENABLE_SRP
+
+bigint_t _gnutls_calc_srp_B(bigint_t * ret_b, bigint_t g, bigint_t n,
+			    bigint_t v);
+bigint_t _gnutls_calc_srp_u(bigint_t A, bigint_t B, bigint_t N);
+bigint_t _gnutls_calc_srp_S1(bigint_t A, bigint_t b, bigint_t u,
+			     bigint_t v, bigint_t n);
+bigint_t _gnutls_calc_srp_A(bigint_t * a, bigint_t g, bigint_t n);
+bigint_t _gnutls_calc_srp_S2(bigint_t B, bigint_t g, bigint_t x,
+			     bigint_t a, bigint_t u, bigint_t n);
+int _gnutls_calc_srp_x(char *username, char *password, uint8_t * salt,
+		       size_t salt_size, size_t * size, void *digest);
+int _gnutls_srp_gn(uint8_t ** ret_g, uint8_t ** ret_n, int bits);
+
+/* g is defined to be 2 */
+#define SRP_MAX_HASH_SIZE 24
+
+#endif
+
+#endif /* GNUTLS_LIB_SRP_H */
diff --git a/lib/sslv2_compat.c b/lib/sslv2_compat.c
new file mode 100644
index 0000000..c4a0143
--- /dev/null
+++ b/lib/sslv2_compat.c
@@ -0,0 +1,255 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions to parse the SSLv2.0 hello message.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "dh.h"
+#include "debug.h"
+#include "algorithms.h"
+#include "cipher.h"
+#include "buffers.h"
+#include "kx.h"
+#include "handshake.h"
+#include "num.h"
+#include "hash_int.h"
+#include "db.h"
+#include "hello_ext.h"
+#include "auth.h"
+#include "sslv2_compat.h"
+#include "constate.h"
+
+#ifdef ENABLE_SSL2
+/* This selects the best supported ciphersuite from the ones provided */
+static int
+_gnutls_handshake_select_v2_suite(gnutls_session_t session,
+				  uint8_t * data, unsigned int datalen)
+{
+	unsigned int i, j;
+	int ret;
+	uint8_t *_data;
+	int _datalen;
+
+	_gnutls_handshake_log
+	    ("HSK[%p]: Parsing a version 2.0 client hello.\n", session);
+
+	if (datalen % 3 != 0) {
+		gnutls_assert();
+		return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+	}
+
+	_data = gnutls_malloc(datalen);
+	if (_data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	i = _datalen = 0;
+	for (j = 0; j < datalen; j += 3) {
+		if (data[j] == 0) {
+			memcpy(&_data[i], &data[j + 1], 2);
+			i += 2;
+			_datalen += 2;
+		}
+	}
+
+	ret = _gnutls_server_select_suite(session, _data, _datalen, 0);
+	gnutls_free(_data);
+
+	return ret;
+
+}
+
+
+/* Read a v2 client hello. Some browsers still use that beast!
+ * However they set their version to 3.0 or 3.1.
+ */
+int
+_gnutls_read_client_hello_v2(gnutls_session_t session, uint8_t * data,
+			     unsigned int len)
+{
+	uint16_t session_id_len = 0;
+	int pos = 0;
+	int ret = 0, sret = 0;
+	uint16_t sizeOfSuites;
+	uint8_t rnd[GNUTLS_RANDOM_SIZE], major, minor;
+	int neg_version;
+	const version_entry_st *vers;
+	uint16_t challenge;
+	uint8_t session_id[GNUTLS_MAX_SESSION_ID_SIZE];
+
+	DECR_LEN(len, 2);
+
+	_gnutls_handshake_log
+	    ("HSK[%p]: SSL 2.0 Hello: Client's version: %d.%d\n", session,
+	     data[pos], data[pos + 1]);
+
+	major = data[pos];
+	minor = data[pos + 1];
+	set_adv_version(session, major, minor);
+
+	ret = _gnutls_negotiate_version(session, major, minor, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	vers = get_version(session);
+	if (vers == NULL)
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+	neg_version = vers->id;
+
+	pos += 2;
+
+	/* Read uint16_t cipher_spec_length */
+	DECR_LEN(len, 2);
+	sizeOfSuites = _gnutls_read_uint16(&data[pos]);
+	pos += 2;
+
+	/* read session id length */
+	DECR_LEN(len, 2);
+	session_id_len = _gnutls_read_uint16(&data[pos]);
+	pos += 2;
+
+	if (session_id_len > GNUTLS_MAX_SESSION_ID_SIZE) {
+		gnutls_assert();
+		return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+	}
+
+	/* read challenge length */
+	DECR_LEN(len, 2);
+	challenge = _gnutls_read_uint16(&data[pos]);
+	pos += 2;
+
+	if (challenge < 16 || challenge > GNUTLS_RANDOM_SIZE) {
+		gnutls_assert();
+		return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
+	}
+
+	/* call the user hello callback
+	 */
+	ret = _gnutls_user_hello_func(session, major, minor);
+	if (ret < 0) {
+		if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) {
+			sret = GNUTLS_E_INT_RET_0;
+		} else {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	/* find an appropriate cipher suite */
+
+	DECR_LEN(len, sizeOfSuites);
+	ret =
+	    _gnutls_handshake_select_v2_suite(session, &data[pos],
+					      sizeOfSuites);
+
+	pos += sizeOfSuites;
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* check if the credentials (username, public key etc.) are ok
+	 */
+	if (_gnutls_get_kx_cred
+	    (session,
+	     session->security_parameters.cs->kx_algorithm) == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	/* set the mod_auth_st to the appropriate struct
+	 * according to the KX algorithm. This is needed since all the
+	 * handshake functions are read from there;
+	 */
+	session->internals.auth_struct =
+	    _gnutls_kx_auth_struct(session->security_parameters.
+				    cs->kx_algorithm);
+	if (session->internals.auth_struct == NULL) {
+
+		_gnutls_handshake_log
+		    ("HSK[%p]: SSL 2.0 Hello: Cannot find the appropriate handler for the KX algorithm\n",
+		     session);
+
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	/* read random new values -skip session id for now */
+	DECR_LEN(len, session_id_len);	/* skip session id for now */
+	memcpy(session_id, &data[pos], session_id_len);
+	pos += session_id_len;
+
+	DECR_LEN(len, challenge);
+	memset(rnd, 0, GNUTLS_RANDOM_SIZE);
+
+	memcpy(&rnd[GNUTLS_RANDOM_SIZE - challenge], &data[pos],
+	       challenge);
+
+	_gnutls_set_client_random(session, rnd);
+
+	/* generate server random value */
+	ret = _gnutls_gen_server_random(session, neg_version);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	session->security_parameters.timestamp = gnutls_time(NULL);
+
+
+	/* RESUME SESSION */
+
+	DECR_LEN(len, session_id_len);
+	ret =
+	    _gnutls_server_restore_session(session, session_id,
+					   session_id_len);
+
+	if (ret == 0) {		/* resumed! */
+		/* get the new random values */
+		memcpy(session->internals.resumed_security_parameters.
+		       server_random,
+		       session->security_parameters.server_random,
+		       GNUTLS_RANDOM_SIZE);
+		memcpy(session->internals.resumed_security_parameters.
+		       client_random,
+		       session->security_parameters.client_random,
+		       GNUTLS_RANDOM_SIZE);
+
+		session->internals.resumed = true;
+		return 0;
+	} else {
+		ret = _gnutls_generate_session_id(
+			session->security_parameters.session_id,
+			&session->security_parameters.session_id_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		session->internals.resumed = false;
+	}
+
+	return sret;
+}
+#endif
diff --git a/lib/sslv2_compat.h b/lib/sslv2_compat.h
new file mode 100644
index 0000000..61b62cd
--- /dev/null
+++ b/lib/sslv2_compat.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_SSLV2_COMPAT_H
+#define GNUTLS_LIB_SSLV2_COMPAT_H
+
+int _gnutls_read_client_hello_v2(gnutls_session_t session, uint8_t * data,
+				 unsigned int datalen);
+
+#endif /* GNUTLS_LIB_SSLV2_COMPAT_H */
diff --git a/lib/state.c b/lib/state.c
new file mode 100644
index 0000000..9e16d99
--- /dev/null
+++ b/lib/state.c
@@ -0,0 +1,1886 @@
+/*
+ * Copyright (C) 2002-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2014-2016 Nikos Mavrogiannopoulos
+ * Copyright (C) 2015-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions to manipulate the session (gnutls_int.h), and some other stuff
+ * are included here. The file's name is traditionally gnutls_state even if the
+ * state has been renamed to session.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <auth.h>
+#include <num.h>
+#include <datum.h>
+#include <db.h>
+#include <record.h>
+#include <handshake.h>
+#include <dh.h>
+#include <buffers.h>
+#include <mbuffers.h>
+#include <state.h>
+#include <constate.h>
+#include <auth/cert.h>
+#include <auth/anon.h>
+#include <auth/psk.h>
+#include <algorithms.h>
+#include <hello_ext.h>
+#include <system.h>
+#include <random.h>
+#include <fips.h>
+#include <intprops.h>
+#include <gnutls/dtls.h>
+#include "dtls.h"
+#include "tls13/session_ticket.h"
+#include "ext/cert_types.h"
+#include "locks.h"
+#include "kx.h"
+
+/* to be used by supplemental data support to disable TLS1.3
+ * when supplemental data have been globally registered */
+unsigned _gnutls_disable_tls13 = 0;
+
+/* These should really be static, but src/tests.c calls them.  Make
+   them public functions?  */
+void
+_gnutls_rsa_pms_set_version(gnutls_session_t session,
+			    unsigned char major, unsigned char minor);
+
+/**
+ * gnutls_cipher_get:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get the currently used cipher.
+ *
+ * Returns: the currently used cipher, a #gnutls_cipher_algorithm_t
+ *   type.
+ **/
+gnutls_cipher_algorithm_t gnutls_cipher_get(gnutls_session_t session)
+{
+	record_parameters_st *record_params;
+	int ret;
+
+	ret =
+	    _gnutls_epoch_get(session, EPOCH_READ_CURRENT, &record_params);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_CIPHER_NULL);
+
+	return record_params->cipher->id;
+}
+
+/**
+ * gnutls_early_cipher_get:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get the cipher algorithm used for encrypting early data.
+ *
+ * Returns: the cipher used for early data, a
+ *   #gnutls_cipher_algorithm_t type.
+ *
+ * Since: 3.7.2
+ **/
+gnutls_cipher_algorithm_t gnutls_early_cipher_get(gnutls_session_t session)
+{
+	const cipher_entry_st *ce;
+
+	if (!(session->internals.hsk_flags & HSK_EARLY_DATA_IN_FLIGHT)) {
+		return gnutls_assert_val(GNUTLS_CIPHER_UNKNOWN);
+	}
+
+	if (unlikely(session->internals.
+		     resumed_security_parameters.cs == NULL)) {
+		return gnutls_assert_val(GNUTLS_CIPHER_UNKNOWN);
+	}
+
+	ce = cipher_to_entry(session->internals.
+			     resumed_security_parameters.
+			     cs->block_algorithm);
+	if (unlikely(ce == NULL)) {
+		return gnutls_assert_val(GNUTLS_CIPHER_UNKNOWN);
+	}
+
+	return ce->id;
+}
+
+/**
+ * gnutls_certificate_type_get:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function returns the type of the certificate that is negotiated
+ * for this side to send to the peer. The certificate type is by default
+ * X.509, unless an alternative certificate type is enabled by
+ * gnutls_init() and negotiated during the session.
+ *
+ * Resumed sessions will return the certificate type that was negotiated
+ * and used in the original session.
+ *
+ * As of version 3.6.4 it is recommended to use
+ * gnutls_certificate_type_get2() which is more fine-grained.
+ *
+ * Returns: the currently used #gnutls_certificate_type_t certificate
+ *   type as negotiated for 'our' side of the connection.
+ **/
+gnutls_certificate_type_t
+gnutls_certificate_type_get(gnutls_session_t session)
+{
+	return gnutls_certificate_type_get2(session, GNUTLS_CTYPE_OURS);
+}
+
+/**
+ * gnutls_certificate_type_get2:
+ * @session: is a #gnutls_session_t type.
+ * @target: is a #gnutls_ctype_target_t type.
+ *
+ * This function returns the type of the certificate that a side
+ * is negotiated to use.  The certificate type is by default X.509,
+ * unless an alternative certificate type is enabled by gnutls_init() and
+ * negotiated during the session.
+ *
+ * The @target parameter specifies whether to request the negotiated
+ * certificate type for the client (%GNUTLS_CTYPE_CLIENT),
+ * or for the server (%GNUTLS_CTYPE_SERVER). Additionally, in P2P mode
+ * connection set up where you don't know in advance who will be client
+ * and who will be server you can use the flag (%GNUTLS_CTYPE_OURS) and
+ * (%GNUTLS_CTYPE_PEERS) to retrieve the corresponding certificate types.
+ *
+ * Resumed sessions will return the certificate type that was negotiated
+ * and used in the original session. That is, this function can be used
+ * to reliably determine the type of the certificate returned by
+ * gnutls_certificate_get_peers().
+ *
+ * Returns: the currently used #gnutls_certificate_type_t certificate
+ *   type for the client or the server.
+ *
+ * Since: 3.6.4
+ **/
+gnutls_certificate_type_t
+gnutls_certificate_type_get2(gnutls_session_t session,
+			     gnutls_ctype_target_t target)
+{
+	/* We want to inline this function so therefore
+	 * we've defined it in gnutls_int.h */
+	return get_certificate_type(session, target);
+}
+
+/**
+ * gnutls_kx_get:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get the currently used key exchange algorithm.
+ *
+ * This function will return %GNUTLS_KX_ECDHE_RSA, or %GNUTLS_KX_DHE_RSA
+ * under TLS 1.3, to indicate an elliptic curve DH key exchange or
+ * a finite field one. The precise group used is available
+ * by calling gnutls_group_get() instead.
+ *
+ * Returns: the key exchange algorithm used in the last handshake, a
+ *   #gnutls_kx_algorithm_t value.
+ **/
+gnutls_kx_algorithm_t gnutls_kx_get(gnutls_session_t session)
+{
+	if (session->security_parameters.cs == 0)
+		return 0;
+
+	if (session->security_parameters.cs->kx_algorithm == 0) { /* TLS 1.3 */
+		const version_entry_st *ver = get_version(session);
+		const gnutls_group_entry_st *group = get_group(session);
+
+		if (ver->tls13_sem) {
+			if (session->internals.hsk_flags & HSK_PSK_SELECTED) {
+				if (group) {
+					if (group->pk == GNUTLS_PK_DH)
+						return GNUTLS_KX_DHE_PSK;
+					else
+						return GNUTLS_KX_ECDHE_PSK;
+				} else {
+					return GNUTLS_KX_PSK;
+				}
+			} else if (group) {
+				if (group->pk == GNUTLS_PK_DH)
+					return GNUTLS_KX_DHE_RSA;
+				else
+					return GNUTLS_KX_ECDHE_RSA;
+			}
+		}
+	}
+
+	return session->security_parameters.cs->kx_algorithm;
+}
+
+/**
+ * gnutls_mac_get:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get the currently used MAC algorithm.
+ *
+ * Returns: the currently used mac algorithm, a
+ *   #gnutls_mac_algorithm_t value.
+ **/
+gnutls_mac_algorithm_t gnutls_mac_get(gnutls_session_t session)
+{
+	record_parameters_st *record_params;
+	int ret;
+
+	ret =
+	    _gnutls_epoch_get(session, EPOCH_READ_CURRENT, &record_params);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_MAC_NULL);
+
+	return record_params->mac->id;
+}
+
+/**
+ * gnutls_compression_get:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get the currently used compression algorithm.
+ *
+ * Returns: the currently used compression method, a
+ *   #gnutls_compression_method_t value.
+ **/
+gnutls_compression_method_t
+gnutls_compression_get(gnutls_session_t session)
+{
+	return GNUTLS_COMP_NULL;
+}
+
+/**
+ * gnutls_prf_hash_get:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get the currently used hash algorithm. In TLS 1.3, the hash
+ * algorithm is used for both the key derivation function and
+ * handshake message authentication code. In TLS 1.2, it matches the
+ * hash algorithm used for PRF.
+ *
+ * Returns: the currently used hash algorithm, a
+ *    #gnutls_digest_algorithm_t value.
+ *
+ * Since: 3.6.13
+ **/
+gnutls_digest_algorithm_t
+gnutls_prf_hash_get(const gnutls_session_t session)
+{
+	if (session->security_parameters.prf == NULL)
+		return gnutls_assert_val(GNUTLS_DIG_UNKNOWN);
+
+	if (session->security_parameters.prf->id >= GNUTLS_MAC_AEAD)
+		return gnutls_assert_val(GNUTLS_DIG_UNKNOWN);
+
+	return (gnutls_digest_algorithm_t)session->security_parameters.prf->id;
+}
+
+/**
+ * gnutls_early_prf_hash_get:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get the hash algorithm used as a PRF to derive keys for encrypting
+ * early data in TLS 1.3.
+ *
+ * Returns: the hash algorithm used for early data, a
+ *    #gnutls_digest_algorithm_t value.
+ *
+ * Since: 3.7.2
+ **/
+gnutls_digest_algorithm_t
+gnutls_early_prf_hash_get(const gnutls_session_t session)
+{
+	if (!(session->internals.hsk_flags & HSK_EARLY_DATA_IN_FLIGHT)) {
+		return gnutls_assert_val(GNUTLS_DIG_UNKNOWN);
+	}
+
+	if (unlikely(session->internals.
+		     resumed_security_parameters.prf == NULL)) {
+		return gnutls_assert_val(GNUTLS_DIG_UNKNOWN);
+	}
+
+	if (unlikely(session->internals.
+		     resumed_security_parameters.prf->id >= GNUTLS_MAC_AEAD)) {
+		return gnutls_assert_val(GNUTLS_DIG_UNKNOWN);
+	}
+
+	return (gnutls_digest_algorithm_t)session->internals.
+		resumed_security_parameters.prf->id;
+}
+
+/**
+ * gnutls_ciphersuite_get:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get the canonical name of negotiated TLS ciphersuite.  The names
+ * returned by this function match the IANA registry, with one
+ * exception:
+ *
+ *   TLS_DHE_DSS_RC4_128_SHA { 0x00, 0x66 }
+ *
+ * which is reserved for compatibility.
+ *
+ * To get a detailed description of the current ciphersuite, it is
+ * recommended to use gnutls_session_get_desc().
+ *
+ * Returns: a string that contains the canonical name of a TLS ciphersuite,
+ *     or %NULL if the handshake is not completed.
+ *
+ * Since: 3.7.4
+ **/
+const char *
+gnutls_ciphersuite_get(gnutls_session_t session)
+{
+	if (unlikely(session->internals.handshake_in_progress)) {
+		return NULL;
+	}
+	return session->security_parameters.cs->canonical_name;
+}
+
+void reset_binders(gnutls_session_t session)
+{
+	_gnutls_free_temp_key_datum(&session->key.binders[0].psk);
+	_gnutls_free_temp_key_datum(&session->key.binders[1].psk);
+	memset(session->key.binders, 0, sizeof(session->key.binders));
+}
+
+/* Check whether certificate credentials of type @cert_type are set
+ * for the current session.
+ */
+static bool _gnutls_has_cert_credentials(gnutls_session_t session,
+						gnutls_certificate_type_t cert_type)
+{
+	unsigned i;
+	unsigned cert_found = 0;
+	gnutls_certificate_credentials_t cred;
+
+	/* First, check for certificate credentials. If we have no certificate
+	 * credentials set then we don't support certificates at all.
+	 */
+	cred = (gnutls_certificate_credentials_t)
+			_gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+
+	if (cred == NULL)
+		return false;
+
+	/* There are credentials initialized. Now check whether we can find
+	 * pre-set certificates of the required type, but only if we don't
+	 * use the callback functions.
+	 */
+	if (cred->get_cert_callback3 == NULL) {
+		for (i = 0; i < cred->ncerts; i++) {
+			if (cred->certs[i].cert_list[0].type == cert_type) {
+				cert_found = 1;
+				break;
+			}
+		}
+
+		if (cert_found == 0) {
+			/* No matching certificate found. */
+			return false;
+		}
+	}
+
+	return true; // OK
+}
+
+/* Check if the given certificate type is supported.
+ * This means that it is enabled by the priority functions,
+ * and in some cases a matching certificate exists. A check for
+ * the latter can be toggled via the parameter @check_credentials.
+ */
+bool
+_gnutls_session_is_cert_type_supported(gnutls_session_t session,
+				    gnutls_certificate_type_t cert_type,
+				    bool check_credentials,
+				    gnutls_ctype_target_t target)
+{
+	unsigned i;
+	priority_st* ctype_priorities;
+
+	// Check whether this cert type is enabled by the application
+	if (!is_cert_type_enabled(session, cert_type))
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE);
+
+	// Perform a credentials check if requested
+	if (check_credentials)	{
+		if (!_gnutls_has_cert_credentials(session, cert_type))
+			return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE);
+	}
+
+	/* So far so good. We have the required credentials (if needed).
+	 * Now check whether we are allowed to use them according to our
+	 * priorities.
+	 */
+	// Which certificate type should we query?
+	switch (target) {
+		case GNUTLS_CTYPE_CLIENT:
+			ctype_priorities =
+					&(session->internals.priorities->client_ctype);
+			break;
+		case GNUTLS_CTYPE_SERVER:
+			ctype_priorities =
+					&(session->internals.priorities->server_ctype);
+			break;
+		default:
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	// No explicit priorities set, and default ctype is asked
+	if (ctype_priorities->num_priorities == 0
+	    && cert_type == DEFAULT_CERT_TYPE)
+		return 0;
+
+	/* Now lets find out whether our cert type is in our priority
+	 * list, i.e. set of allowed cert types.
+	 */
+	for (i = 0; i < ctype_priorities->num_priorities; i++) {
+		if (ctype_priorities->priorities[i] == cert_type)
+			return 0;
+	}
+
+	return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
+}
+
+static void deinit_keys(gnutls_session_t session)
+{
+	const version_entry_st *vers = get_version(session);
+
+	if (vers == NULL)
+		return;
+
+	gnutls_pk_params_release(&session->key.kshare.ecdhx_params);
+	gnutls_pk_params_release(&session->key.kshare.ecdh_params);
+	gnutls_pk_params_release(&session->key.kshare.dh_params);
+
+	if (!vers->tls13_sem && session->key.binders[0].prf == NULL) {
+		gnutls_pk_params_release(&session->key.proto.tls12.ecdh.params);
+		gnutls_pk_params_release(&session->key.proto.tls12.dh.params);
+		zrelease_temp_mpi_key(&session->key.proto.tls12.ecdh.x);
+		zrelease_temp_mpi_key(&session->key.proto.tls12.ecdh.y);
+		_gnutls_free_temp_key_datum(&session->key.proto.tls12.ecdh.raw);
+
+		zrelease_temp_mpi_key(&session->key.proto.tls12.dh.client_Y);
+
+		/* SRP */
+		zrelease_temp_mpi_key(&session->key.proto.tls12.srp.srp_p);
+		zrelease_temp_mpi_key(&session->key.proto.tls12.srp.srp_g);
+		zrelease_temp_mpi_key(&session->key.proto.tls12.srp.srp_key);
+
+		zrelease_temp_mpi_key(&session->key.proto.tls12.srp.u);
+		zrelease_temp_mpi_key(&session->key.proto.tls12.srp.a);
+		zrelease_temp_mpi_key(&session->key.proto.tls12.srp.x);
+		zrelease_temp_mpi_key(&session->key.proto.tls12.srp.A);
+		zrelease_temp_mpi_key(&session->key.proto.tls12.srp.B);
+		zrelease_temp_mpi_key(&session->key.proto.tls12.srp.b);
+	} else {
+		gnutls_memset(session->key.proto.tls13.temp_secret, 0,
+			      sizeof(session->key.proto.tls13.temp_secret));
+	}
+
+	reset_binders(session);
+	_gnutls_free_temp_key_datum(&session->key.key);
+}
+
+/* An internal version of _gnutls_handshake_internal_state_clear(),
+ * it will not attempt to deallocate, only initialize */
+static void handshake_internal_state_clear1(gnutls_session_t session)
+{
+	/* by default no selected certificate */
+	session->internals.adv_version_major = 0;
+	session->internals.adv_version_minor = 0;
+	session->internals.direction = 0;
+
+	/* use out of band data for the last
+	 * handshake messages received.
+	 */
+	session->internals.last_handshake_in = -1;
+	session->internals.last_handshake_out = -1;
+
+	session->internals.resumable = true;
+
+	session->internals.handshake_suspicious_loops = 0;
+	session->internals.dtls.hsk_read_seq = 0;
+	session->internals.dtls.hsk_write_seq = 0;
+
+	session->internals.cand_ec_group = 0;
+	session->internals.cand_dh_group = 0;
+
+	session->internals.hrr_cs[0] = CS_INVALID_MAJOR;
+	session->internals.hrr_cs[1] = CS_INVALID_MINOR;
+}
+
+/* This function will clear all the variables in internals
+ * structure within the session, which depend on the current handshake.
+ * This is used to allow further handshakes.
+ */
+void _gnutls_handshake_internal_state_clear(gnutls_session_t session)
+{
+	handshake_internal_state_clear1(session);
+
+	_gnutls_handshake_hash_buffers_clear(session);
+	deinit_keys(session);
+
+	_gnutls_epoch_gc(session);
+
+	session->internals.handshake_abs_timeout.tv_sec = 0;
+	session->internals.handshake_abs_timeout.tv_nsec = 0;
+	session->internals.handshake_in_progress = 0;
+
+	session->internals.tfo.connect_addrlen = 0;
+	session->internals.tfo.connect_only = 0;
+	session->internals.early_data_received = 0;
+}
+
+/**
+ * gnutls_init:
+ * @session: is a pointer to a #gnutls_session_t type.
+ * @flags: indicate if this session is to be used for server or client.
+ *
+ * This function initializes the provided session. Every
+ * session must be initialized before use, and must be deinitialized
+ * after used by calling gnutls_deinit().
+ *
+ * @flags can be any combination of flags from %gnutls_init_flags_t.
+ *
+ * Note that since version 3.1.2 this function enables some common
+ * TLS extensions such as session tickets and OCSP certificate status
+ * request in client side by default. To prevent that use the %GNUTLS_NO_EXTENSIONS
+ * flag.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ **/
+int gnutls_init(gnutls_session_t * session, unsigned int flags)
+{
+	int ret;
+
+	FAIL_IF_LIB_ERROR;
+
+	*session = gnutls_calloc(1, sizeof(struct gnutls_session_int));
+	if (*session == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	ret = gnutls_mutex_init(&(*session)->internals.post_negotiation_lock);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_free(*session);
+		return ret;
+	}
+
+	ret = gnutls_mutex_init(&(*session)->internals.epoch_lock);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_mutex_deinit(&(*session)->internals.post_negotiation_lock);
+		gnutls_free(*session);
+		return ret;
+	}
+
+	ret = _gnutls_epoch_setup_next(*session, 1, NULL);
+	if (ret < 0) {
+		gnutls_mutex_deinit(&(*session)->internals.post_negotiation_lock);
+		gnutls_mutex_deinit(&(*session)->internals.epoch_lock);
+		gnutls_free(*session);
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+	_gnutls_epoch_bump(*session);
+
+	(*session)->security_parameters.entity =
+	    (flags & GNUTLS_SERVER ? GNUTLS_SERVER : GNUTLS_CLIENT);
+
+	/* the default certificate type for TLS */
+	(*session)->security_parameters.client_ctype = DEFAULT_CERT_TYPE;
+	(*session)->security_parameters.server_ctype = DEFAULT_CERT_TYPE;
+
+	/* Initialize buffers */
+	_gnutls_buffer_init(&(*session)->internals.handshake_hash_buffer);
+	_gnutls_buffer_init(&(*session)->internals.post_handshake_hash_buffer);
+	_gnutls_buffer_init(&(*session)->internals.hb_remote_data);
+	_gnutls_buffer_init(&(*session)->internals.hb_local_data);
+	_gnutls_buffer_init(&(*session)->internals.record_presend_buffer);
+	_gnutls_buffer_init(&(*session)->internals.record_key_update_buffer);
+	_gnutls_buffer_init(&(*session)->internals.reauth_buffer);
+
+	_mbuffer_head_init(&(*session)->internals.record_buffer);
+	_mbuffer_head_init(&(*session)->internals.record_send_buffer);
+	_mbuffer_head_init(&(*session)->internals.record_recv_buffer);
+	_mbuffer_head_init(&(*session)->internals.early_data_recv_buffer);
+	_gnutls_buffer_init(&(*session)->internals.early_data_presend_buffer);
+
+	_mbuffer_head_init(&(*session)->internals.handshake_send_buffer);
+	_gnutls_handshake_recv_buffer_init(*session);
+
+	(*session)->internals.expire_time = DEFAULT_EXPIRE_TIME;
+
+	/* Ticket key rotation - set the default X to 3 times the ticket expire time */
+	(*session)->key.totp.last_result = 0;
+
+	gnutls_handshake_set_max_packet_length((*session),
+					       MAX_HANDSHAKE_PACKET_SIZE);
+
+	/* set the socket pointers to -1;
+	 */
+	(*session)->internals.transport_recv_ptr =
+	    (gnutls_transport_ptr_t) - 1;
+	(*session)->internals.transport_send_ptr =
+	    (gnutls_transport_ptr_t) - 1;
+
+	/* set the default maximum record size for TLS
+	 */
+	(*session)->security_parameters.max_record_recv_size =
+	    DEFAULT_MAX_RECORD_SIZE;
+	(*session)->security_parameters.max_record_send_size =
+	    DEFAULT_MAX_RECORD_SIZE;
+	(*session)->security_parameters.max_user_record_recv_size =
+	    DEFAULT_MAX_RECORD_SIZE;
+	(*session)->security_parameters.max_user_record_send_size =
+	    DEFAULT_MAX_RECORD_SIZE;
+
+	/* set the default early data size for TLS
+	 */
+	if ((*session)->security_parameters.entity == GNUTLS_SERVER) {
+		(*session)->security_parameters.max_early_data_size =
+			DEFAULT_MAX_EARLY_DATA_SIZE;
+	} else {
+		(*session)->security_parameters.max_early_data_size =
+			UINT32_MAX;
+	}
+
+	/* Everything else not initialized here is initialized as NULL
+	 * or 0. This is why calloc is used. However, we want to
+	 * ensure that certain portions of data are initialized at
+	 * runtime before being used. Mark such regions with a
+	 * valgrind client request as undefined.
+	 */
+	_gnutls_memory_mark_undefined((*session)->security_parameters.master_secret,
+				      GNUTLS_MASTER_SIZE);
+	_gnutls_memory_mark_undefined((*session)->security_parameters.client_random,
+				      GNUTLS_RANDOM_SIZE);
+	_gnutls_memory_mark_undefined((*session)->security_parameters.server_random,
+				      GNUTLS_RANDOM_SIZE);
+	_gnutls_memory_mark_undefined((*session)->key.session_ticket_key,
+				      TICKET_MASTER_KEY_SIZE);
+	_gnutls_memory_mark_undefined((*session)->key.previous_ticket_key,
+				      TICKET_MASTER_KEY_SIZE);
+	_gnutls_memory_mark_undefined((*session)->key.initial_stek,
+				      TICKET_MASTER_KEY_SIZE);
+
+	handshake_internal_state_clear1(*session);
+
+#ifdef MSG_NOSIGNAL
+	if (flags & GNUTLS_NO_SIGNAL)
+		gnutls_transport_set_vec_push_function(*session, system_writev_nosignal);
+	else
+#endif
+		gnutls_transport_set_vec_push_function(*session, system_writev);
+	(*session)->internals.pull_timeout_func = gnutls_system_recv_timeout;
+	(*session)->internals.pull_func = system_read;
+	(*session)->internals.errno_func = system_errno;
+
+	(*session)->internals.saved_username = NULL;
+	(*session)->internals.saved_username_size = -1;
+
+	/* heartbeat timeouts */
+	(*session)->internals.hb_retrans_timeout_ms = 1000;
+	(*session)->internals.hb_total_timeout_ms = 60000;
+
+	if (flags & GNUTLS_DATAGRAM) {
+		(*session)->internals.dtls.mtu = DTLS_DEFAULT_MTU;
+		(*session)->internals.transport = GNUTLS_DGRAM;
+
+		gnutls_dtls_set_timeouts(*session, DTLS_RETRANS_TIMEOUT, 60000);
+	} else {
+		(*session)->internals.transport = GNUTLS_STREAM;
+	}
+
+	/* Enable useful extensions */
+	if ((flags & GNUTLS_CLIENT) && !(flags & GNUTLS_NO_EXTENSIONS)) {
+#ifdef ENABLE_OCSP
+		gnutls_ocsp_status_request_enable_client(*session, NULL, 0,
+							 NULL);
+#endif
+	}
+
+	/* session tickets in server side are enabled by setting a key */
+	if (flags & GNUTLS_SERVER)
+		flags |= GNUTLS_NO_TICKETS;
+
+	(*session)->internals.flags = flags;
+
+	if (_gnutls_disable_tls13 != 0)
+		(*session)->internals.flags |= INT_FLAG_NO_TLS13;
+
+	/* Install the default keylog function */
+	gnutls_session_set_keylog_function(*session, _gnutls_nss_keylog_func);
+
+	return 0;
+}
+
+
+/**
+ * gnutls_deinit:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function clears all buffers associated with the @session.
+ * This function will also remove session data from the session
+ * database if the session was terminated abnormally.
+ **/
+void gnutls_deinit(gnutls_session_t session)
+{
+	unsigned int i;
+
+	if (session == NULL)
+		return;
+
+	/* remove auth info firstly */
+	_gnutls_free_auth_info(session);
+
+	_gnutls_handshake_internal_state_clear(session);
+	_gnutls_handshake_io_buffer_clear(session);
+	_gnutls_hello_ext_priv_deinit(session);
+
+	for (i = 0; i < MAX_EPOCH_INDEX; i++)
+		if (session->record_parameters[i] != NULL) {
+			_gnutls_epoch_free(session,
+					   session->record_parameters[i]);
+			session->record_parameters[i] = NULL;
+		}
+
+	_gnutls_buffer_clear(&session->internals.handshake_hash_buffer);
+	_gnutls_buffer_clear(&session->internals.post_handshake_hash_buffer);
+	_gnutls_buffer_clear(&session->internals.hb_remote_data);
+	_gnutls_buffer_clear(&session->internals.hb_local_data);
+	_gnutls_buffer_clear(&session->internals.record_presend_buffer);
+	_gnutls_buffer_clear(&session->internals.record_key_update_buffer);
+	_gnutls_buffer_clear(&session->internals.reauth_buffer);
+
+	_mbuffer_head_clear(&session->internals.record_buffer);
+	_mbuffer_head_clear(&session->internals.record_recv_buffer);
+	_mbuffer_head_clear(&session->internals.record_send_buffer);
+
+	_mbuffer_head_clear(&session->internals.early_data_recv_buffer);
+	_gnutls_buffer_clear(&session->internals.early_data_presend_buffer);
+
+	_gnutls_free_datum(&session->internals.resumption_data);
+	_gnutls_free_datum(&session->internals.dtls.dcookie);
+
+	for (i = 0; i < session->internals.rexts_size; i++)
+		gnutls_free(session->internals.rexts[i].name);
+	gnutls_free(session->internals.rexts);
+	gnutls_free(session->internals.post_handshake_cr_context.data);
+
+	gnutls_free(session->internals.saved_username);
+	gnutls_free(session->internals.rsup);
+
+	gnutls_credentials_clear(session);
+	_gnutls_selected_certs_deinit(session);
+
+	/* destroy any session ticket we may have received */
+	tls13_ticket_deinit(&session->internals.tls13_ticket);
+
+	/* we rely on priorities' internal reference counting */
+	gnutls_priority_deinit(session->internals.priorities);
+
+	/* overwrite any temp TLS1.3 keys */
+	gnutls_memset(&session->key.proto, 0, sizeof(session->key.proto));
+
+	/* clear session ticket keys */
+	_gnutls_memory_mark_defined(session->key.session_ticket_key,
+				    TICKET_MASTER_KEY_SIZE);
+	gnutls_memset(&session->key.session_ticket_key, 0,
+	              TICKET_MASTER_KEY_SIZE);
+	_gnutls_memory_mark_undefined(session->key.session_ticket_key,
+				      TICKET_MASTER_KEY_SIZE);
+
+	_gnutls_memory_mark_defined(session->key.previous_ticket_key,
+				    TICKET_MASTER_KEY_SIZE);
+	gnutls_memset(&session->key.previous_ticket_key, 0,
+	              TICKET_MASTER_KEY_SIZE);
+	_gnutls_memory_mark_undefined(session->key.previous_ticket_key,
+				      TICKET_MASTER_KEY_SIZE);
+
+	_gnutls_memory_mark_defined(session->key.initial_stek,
+				    TICKET_MASTER_KEY_SIZE);
+	gnutls_memset(&session->key.initial_stek, 0,
+	              TICKET_MASTER_KEY_SIZE);
+	_gnutls_memory_mark_undefined(session->key.initial_stek,
+				      TICKET_MASTER_KEY_SIZE);
+
+	gnutls_mutex_deinit(&session->internals.post_negotiation_lock);
+	gnutls_mutex_deinit(&session->internals.epoch_lock);
+
+	gnutls_free(session);
+}
+
+int _gnutls_dh_set_peer_public(gnutls_session_t session, bigint_t public)
+{
+	dh_info_st *dh;
+	int ret;
+
+	switch (gnutls_auth_get_type(session)) {
+	case GNUTLS_CRD_ANON:
+		{
+			anon_auth_info_t info;
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			dh = &info->dh;
+			break;
+		}
+	case GNUTLS_CRD_PSK:
+		{
+			psk_auth_info_t info;
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			dh = &info->dh;
+			break;
+		}
+	case GNUTLS_CRD_CERTIFICATE:
+		{
+			cert_auth_info_t info;
+
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			dh = &info->dh;
+			break;
+		}
+	default:
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	if (dh->public_key.data)
+		_gnutls_free_datum(&dh->public_key);
+
+	ret = _gnutls_mpi_dprint_lz(public, &dh->public_key);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+int _gnutls_dh_set_secret_bits(gnutls_session_t session, unsigned bits)
+{
+	switch (gnutls_auth_get_type(session)) {
+	case GNUTLS_CRD_ANON:
+		{
+			anon_auth_info_t info;
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+			info->dh.secret_bits = bits;
+			break;
+		}
+	case GNUTLS_CRD_PSK:
+		{
+			psk_auth_info_t info;
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+			info->dh.secret_bits = bits;
+			break;
+		}
+	case GNUTLS_CRD_CERTIFICATE:
+		{
+			cert_auth_info_t info;
+
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			info->dh.secret_bits = bits;
+			break;
+	default:
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		}
+	}
+
+	return 0;
+}
+
+/* Sets the prime and the generator in the auth info structure.
+ */
+int
+_gnutls_dh_save_group(gnutls_session_t session, bigint_t gen,
+		     bigint_t prime)
+{
+	dh_info_st *dh;
+	int ret;
+
+	switch (gnutls_auth_get_type(session)) {
+	case GNUTLS_CRD_ANON:
+		{
+			anon_auth_info_t info;
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			dh = &info->dh;
+			break;
+		}
+	case GNUTLS_CRD_PSK:
+		{
+			psk_auth_info_t info;
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			dh = &info->dh;
+			break;
+		}
+	case GNUTLS_CRD_CERTIFICATE:
+		{
+			cert_auth_info_t info;
+
+			info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+			if (info == NULL)
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+			dh = &info->dh;
+			break;
+		}
+	default:
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	if (dh->prime.data)
+		_gnutls_free_datum(&dh->prime);
+
+	if (dh->generator.data)
+		_gnutls_free_datum(&dh->generator);
+
+	/* prime
+	 */
+	ret = _gnutls_mpi_dprint_lz(prime, &dh->prime);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* generator
+	 */
+	ret = _gnutls_mpi_dprint_lz(gen, &dh->generator);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_free_datum(&dh->prime);
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_certificate_send_x509_rdn_sequence:
+ * @session: a #gnutls_session_t type.
+ * @status: is 0 or 1
+ *
+ * If status is non zero, this function will order gnutls not to send
+ * the rdnSequence in the certificate request message. That is the
+ * server will not advertise its trusted CAs to the peer. If status
+ * is zero then the default behaviour will take effect, which is to
+ * advertise the server's trusted CAs.
+ *
+ * This function has no effect in clients, and in authentication
+ * methods other than certificate with X.509 certificates.
+ **/
+void
+gnutls_certificate_send_x509_rdn_sequence(gnutls_session_t session,
+					  int status)
+{
+	session->internals.ignore_rdn_sequence = status;
+}
+
+/*-
+ * _gnutls_record_set_default_version - Used to set the default version for the first record packet
+ * @session: is a #gnutls_session_t type.
+ * @major: is a tls major version
+ * @minor: is a tls minor version
+ *
+ * This function sets the default version that we will use in the first
+ * record packet (client hello). This function is only useful to people
+ * that know TLS internals and want to debug other implementations.
+ -*/
+void
+_gnutls_record_set_default_version(gnutls_session_t session,
+				   unsigned char major,
+				   unsigned char minor)
+{
+	session->internals.default_record_version[0] = major;
+	session->internals.default_record_version[1] = minor;
+}
+
+/*-
+ * _gnutls_hello_set_default_version - Used to set the default version for the first record packet
+ * @session: is a #gnutls_session_t type.
+ * @major: is a tls major version
+ * @minor: is a tls minor version
+ *
+ * This function sets the default version that we will use in the first
+ * record packet (client hello). This function is only useful to people
+ * that know TLS internals and want to debug other implementations.
+ -*/
+void
+_gnutls_hello_set_default_version(gnutls_session_t session,
+				   unsigned char major,
+				   unsigned char minor)
+{
+	session->internals.default_hello_version[0] = major;
+	session->internals.default_hello_version[1] = minor;
+}
+
+/**
+ * gnutls_handshake_set_private_extensions:
+ * @session: is a #gnutls_session_t type.
+ * @allow: is an integer (0 or 1)
+ *
+ * This function will enable or disable the use of private cipher
+ * suites (the ones that start with 0xFF).  By default or if @allow
+ * is 0 then these cipher suites will not be advertised nor used.
+ *
+ * Currently GnuTLS does not include such cipher-suites or
+ * compression algorithms.
+ *
+ * Enabling the private ciphersuites when talking to other than
+ * gnutls servers and clients may cause interoperability problems.
+ **/
+void
+gnutls_handshake_set_private_extensions(gnutls_session_t session,
+					int allow)
+{
+	/* we have no private extensions */
+	return;
+}
+
+
+/**
+ * gnutls_session_is_resumed:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Checks whether session is resumed or not. This is functional
+ * for both server and client side.
+ *
+ * Returns: non zero if this session is resumed, or a zero if this is
+ *   a new session.
+ **/
+int gnutls_session_is_resumed(gnutls_session_t session)
+{
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		const version_entry_st *ver = get_version(session);
+		if (ver && ver->tls13_sem) {
+			return session->internals.resumed;
+		}
+
+		if (session->security_parameters.session_id_size > 0 &&
+		    session->security_parameters.session_id_size ==
+		    session->internals.resumed_security_parameters.
+		    session_id_size
+		    && memcmp(session->security_parameters.session_id,
+			      session->
+			      internals.resumed_security_parameters.
+			      session_id,
+			      session->security_parameters.
+			      session_id_size) == 0)
+			return 1;
+	} else {
+		if (session->internals.resumed)
+			return 1;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_session_resumption_requested:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Check whether the client has asked for session resumption.
+ * This function is valid only on server side.
+ *
+ * Returns: non zero if session resumption was asked, or a zero if not.
+ **/
+int gnutls_session_resumption_requested(gnutls_session_t session)
+{
+	if (session->security_parameters.entity == GNUTLS_CLIENT) {
+		return 0;
+	} else {
+		return session->internals.resumption_requested;
+	}
+}
+
+/*-
+ * _gnutls_session_is_psk - Used to check whether this session uses PSK kx
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function will return non zero if this session uses a PSK key
+ * exchange algorithm.
+ -*/
+int _gnutls_session_is_psk(gnutls_session_t session)
+{
+	gnutls_kx_algorithm_t kx;
+
+	kx = session->security_parameters.cs->kx_algorithm;
+	if (kx == GNUTLS_KX_PSK || kx == GNUTLS_KX_DHE_PSK
+	    || kx == GNUTLS_KX_RSA_PSK)
+		return 1;
+
+	return 0;
+}
+
+/*-
+ * _gnutls_session_is_ecc - Used to check whether this session uses ECC kx
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function will return non zero if this session uses an elliptic
+ * curves key exchange exchange algorithm.
+ -*/
+int _gnutls_session_is_ecc(gnutls_session_t session)
+{
+	gnutls_kx_algorithm_t kx;
+
+	/* We get the key exchange algorithm through the ciphersuite because
+	 * the negotiated key exchange might not have been set yet.
+	 */
+	kx = session->security_parameters.cs->kx_algorithm;
+
+	return _gnutls_kx_is_ecc(kx);
+}
+
+/**
+ * gnutls_session_get_ptr:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get user pointer for session.  Useful in callbacks.  This is the
+ *   pointer set with gnutls_session_set_ptr().
+ *
+ * Returns: the user given pointer from the session structure, or
+ *   %NULL if it was never set.
+ **/
+void *gnutls_session_get_ptr(gnutls_session_t session)
+{
+	return session->internals.user_ptr;
+}
+
+/**
+ * gnutls_session_set_ptr:
+ * @session: is a #gnutls_session_t type.
+ * @ptr: is the user pointer
+ *
+ * This function will set (associate) the user given pointer @ptr to
+ * the session structure.  This pointer can be accessed with
+ * gnutls_session_get_ptr().
+ **/
+void gnutls_session_set_ptr(gnutls_session_t session, void *ptr)
+{
+	session->internals.user_ptr = ptr;
+}
+
+/**
+ * gnutls_session_set_verify_function:
+ * @session: is a #gnutls_session_t type.
+ * @func: is the callback function
+ *
+ * This function sets a callback to be called when peer's certificate
+ * has been received in order to verify it on receipt rather than
+ * doing after the handshake is completed. This overrides any callback
+ * set using gnutls_certificate_set_verify_function().
+ *
+ * The callback's function prototype is:
+ * int (*callback)(gnutls_session_t);
+ *
+ * If the callback function is provided then gnutls will call it, in the
+ * handshake, just after the certificate message has been received.
+ * To verify or obtain the certificate the gnutls_certificate_verify_peers2(),
+ * gnutls_certificate_type_get(), gnutls_certificate_get_peers() functions
+ * can be used.
+ *
+ * The callback function should return 0 for the handshake to continue
+ * or non-zero to terminate.
+ *
+ * Since: 3.4.6
+ **/
+void
+ gnutls_session_set_verify_function
+    (gnutls_session_t session,
+     gnutls_certificate_verify_function * func)
+{
+	session->internals.verify_callback = func;
+}
+
+/**
+ * gnutls_record_get_direction:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function is useful to determine whether a GnuTLS function was interrupted
+ * while sending or receiving, so that select() or poll() may be called appropriately.
+ *
+ * It provides information about the internals of the record
+ * protocol and is only useful if a prior gnutls function call,
+ * e.g.  gnutls_handshake(), was interrupted and returned
+ * %GNUTLS_E_INTERRUPTED or %GNUTLS_E_AGAIN. After such an interrupt
+ * applications may call select() or poll() before restoring the
+ * interrupted GnuTLS function.
+ *
+ * This function's output is unreliable if you are using the same
+ * @session in different threads for sending and receiving.
+ *
+ * Returns: 0 if interrupted while trying to read data, or 1 while trying to write data.
+ **/
+int gnutls_record_get_direction(gnutls_session_t session)
+{
+	return session->internals.direction;
+}
+
+/*-
+ * _gnutls_rsa_pms_set_version - Sets a version to be used at the RSA PMS
+ * @session: is a #gnutls_session_t type.
+ * @major: is the major version to use
+ * @minor: is the minor version to use
+ *
+ * This function will set the given version number to be used at the
+ * RSA PMS secret. This is only useful to clients, which want to
+ * test server's capabilities.
+ -*/
+void
+_gnutls_rsa_pms_set_version(gnutls_session_t session,
+			    unsigned char major, unsigned char minor)
+{
+	session->internals.rsa_pms_version[0] = major;
+	session->internals.rsa_pms_version[1] = minor;
+}
+
+void _gnutls_session_client_cert_type_set(gnutls_session_t session,
+			      gnutls_certificate_type_t ct)
+{
+	_gnutls_handshake_log
+	    ("HSK[%p]: Selected client certificate type %s (%d)\n", session,
+	     gnutls_certificate_type_get_name(ct), ct);
+	session->security_parameters.client_ctype = ct;
+}
+
+void _gnutls_session_server_cert_type_set(gnutls_session_t session,
+			      gnutls_certificate_type_t ct)
+{
+	_gnutls_handshake_log
+	    ("HSK[%p]: Selected server certificate type %s (%d)\n", session,
+	     gnutls_certificate_type_get_name(ct), ct);
+	session->security_parameters.server_ctype = ct;
+}
+
+/**
+ * gnutls_handshake_set_post_client_hello_function:
+ * @session: is a #gnutls_session_t type.
+ * @func: is the function to be called
+ *
+ * This function will set a callback to be called after the client
+ * hello has been received (callback valid in server side only). This
+ * allows the server to adjust settings based on received extensions.
+ *
+ * Those settings could be ciphersuites, requesting certificate, or
+ * anything else except for version negotiation (this is done before
+ * the hello message is parsed).
+ *
+ * This callback must return 0 on success or a gnutls error code to
+ * terminate the handshake.
+ *
+ * Since GnuTLS 3.3.5 the callback is
+ * allowed to return %GNUTLS_E_AGAIN or %GNUTLS_E_INTERRUPTED to
+ * put the handshake on hold. In that case gnutls_handshake()
+ * will return %GNUTLS_E_INTERRUPTED and can be resumed when needed.
+ *
+ * Warning: You should not use this function to terminate the
+ * handshake based on client input unless you know what you are
+ * doing. Before the handshake is finished there is no way to know if
+ * there is a man-in-the-middle attack being performed.
+ **/
+void
+gnutls_handshake_set_post_client_hello_function(gnutls_session_t session,
+						gnutls_handshake_simple_hook_func func)
+{
+	session->internals.user_hello_func = func;
+}
+
+
+/**
+ * gnutls_session_enable_compatibility_mode:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function can be used to disable certain (security) features in
+ * TLS in order to maintain maximum compatibility with buggy
+ * clients. Because several trade-offs with security are enabled,
+ * if required they will be reported through the audit subsystem.
+ *
+ * Normally only servers that require maximum compatibility with
+ * everything out there, need to call this function.
+ *
+ * Note that this function must be called after any call to gnutls_priority
+ * functions.
+ *
+ * Since: 2.1.4
+ **/
+void gnutls_session_enable_compatibility_mode(gnutls_session_t session)
+{
+	ENABLE_COMPAT(&session->internals);
+}
+
+/**
+ * gnutls_session_channel_binding:
+ * @session: is a #gnutls_session_t type.
+ * @cbtype: an #gnutls_channel_binding_t enumeration type
+ * @cb: output buffer array with data
+ *
+ * Extract given channel binding data of the @cbtype (e.g.,
+ * %GNUTLS_CB_TLS_UNIQUE) type.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success,
+ * %GNUTLS_E_UNIMPLEMENTED_FEATURE if the @cbtype is unsupported,
+ * %GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE if the data is not
+ * currently available, or an error code.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_session_channel_binding(gnutls_session_t session,
+			       gnutls_channel_binding_t cbtype,
+			       gnutls_datum_t * cb)
+{
+	if (!session->internals.initial_negotiation_completed)
+		return GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE;
+
+	if (cbtype == GNUTLS_CB_TLS_UNIQUE) {
+		const version_entry_st *ver = get_version(session);
+		if (unlikely(ver == NULL || ver->tls13_sem))
+			return GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE;
+
+		cb->size = session->internals.cb_tls_unique_len;
+		cb->data = gnutls_malloc(cb->size);
+		if (cb->data == NULL)
+			return GNUTLS_E_MEMORY_ERROR;
+
+		memcpy(cb->data, session->internals.cb_tls_unique, cb->size);
+
+		return 0;
+	}
+
+	if (cbtype == GNUTLS_CB_TLS_SERVER_END_POINT) {
+		const gnutls_datum_t *ders;
+		unsigned int num_certs = 1;
+		int ret;
+		size_t rlen;
+		gnutls_x509_crt_t cert;
+		gnutls_digest_algorithm_t algo;
+
+		/* Only X509 certificates are supported for this binding type */
+		ret = gnutls_certificate_type_get (session);
+		if (ret != GNUTLS_CRT_X509)
+			return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+
+		if (session->security_parameters.entity == GNUTLS_CLIENT)
+			ders = gnutls_certificate_get_peers (session, &num_certs);
+		else
+			ders = gnutls_certificate_get_ours (session);
+
+		/* Previous check indicated we have x509 but you never know */
+		if (!ders || num_certs == 0)
+			return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+
+		ret = gnutls_x509_crt_list_import (&cert, &num_certs, ders,
+				GNUTLS_X509_FMT_DER, 0);
+		/* Again, this is not supposed to happen (normally) */
+		if (ret < 0 || num_certs == 0)
+			return GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE;
+
+		/* Obtain signature algorithm used by certificate */
+		ret = gnutls_x509_crt_get_signature_algorithm (cert);
+		if (ret < 0 || ret == GNUTLS_SIGN_UNKNOWN)
+			return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+
+		/* obtain hash function from signature and normalize it */
+		algo = gnutls_sign_get_hash_algorithm (ret);
+		switch (algo) {
+		case GNUTLS_DIG_MD5:
+		case GNUTLS_DIG_SHA1:
+			algo = GNUTLS_DIG_SHA256;
+			break;
+		case GNUTLS_DIG_UNKNOWN:
+		case GNUTLS_DIG_NULL:
+		case GNUTLS_DIG_MD5_SHA1:
+			/* double hashing not supported either */
+			gnutls_x509_crt_deinit (cert);
+			return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+		default:
+			break;
+		}
+
+		/* preallocate 512 bits buffer as maximum supported digest */
+		rlen = MAX_HASH_SIZE;
+		cb->data = gnutls_malloc(rlen);
+		if (cb->data == NULL) {
+			gnutls_x509_crt_deinit (cert);
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+
+		ret = gnutls_x509_crt_get_fingerprint (cert, algo, cb->data,
+				&rlen);
+		if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
+			cb->data = gnutls_realloc_fast (cb->data, cb->size);
+			if (cb->data == NULL) {
+				gnutls_x509_crt_deinit (cert);
+				return GNUTLS_E_MEMORY_ERROR;
+			}
+			ret = gnutls_x509_crt_get_fingerprint (cert, algo,
+					cb->data, &rlen);
+		}
+		cb->size = rlen;
+		gnutls_x509_crt_deinit (cert);
+		return ret;
+	}
+
+	if (cbtype == GNUTLS_CB_TLS_EXPORTER) {
+#define RFC5705_LABEL_DATA "EXPORTER-Channel-Binding"
+#define RFC5705_LABEL_LEN 24
+#define EXPORTER_CTX_DATA ""
+#define EXPORTER_CTX_LEN 0
+
+		const version_entry_st *ver = get_version(session);
+		if (unlikely(ver == NULL)) {
+			return GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE;
+		}
+
+		/* "tls-exporter" channel binding is defined only when
+		 * the TLS handshake results in unique master secrets,
+		 * i.e., either TLS 1.3, or TLS 1.2 with extended
+		 * master secret negotiated.
+		 */
+		if (!ver->tls13_sem &&
+		    gnutls_session_ext_master_secret_status(session) == 0) {
+			return GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE;
+		}
+
+		cb->size = 32;
+		cb->data = gnutls_malloc(cb->size);
+		if (cb->data == NULL)
+			return GNUTLS_E_MEMORY_ERROR;
+
+		return gnutls_prf_rfc5705 (session,
+				RFC5705_LABEL_LEN, RFC5705_LABEL_DATA,
+				EXPORTER_CTX_LEN, EXPORTER_CTX_DATA,
+				cb->size, (char *) cb->data);
+	}
+
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+/**
+ * gnutls_ecc_curve_get:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Returns the currently used elliptic curve for key exchange. Only valid
+ * when using an elliptic curve ciphersuite.
+ *
+ * Returns: the currently used curve, a #gnutls_ecc_curve_t
+ *   type.
+ *
+ * Since: 3.0
+ **/
+gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session)
+{
+	const gnutls_group_entry_st *e;
+
+	e = get_group(session);
+	if (e == NULL || e->curve == 0)
+		return 0;
+	return e->curve;
+}
+
+/**
+ * gnutls_group_get:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Returns the currently used group for key exchange. Only valid
+ * when using an elliptic curve or DH ciphersuite.
+ *
+ * Returns: the currently used group, a #gnutls_group_t
+ *   type.
+ *
+ * Since: 3.6.0
+ **/
+gnutls_group_t gnutls_group_get(gnutls_session_t session)
+{
+	const gnutls_group_entry_st *e;
+
+	e = get_group(session);
+	if (e == NULL)
+		return 0;
+	return e->id;
+}
+
+/**
+ * gnutls_protocol_get_version:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get TLS version, a #gnutls_protocol_t value.
+ *
+ * Returns: The version of the currently used protocol.
+ **/
+gnutls_protocol_t gnutls_protocol_get_version(gnutls_session_t session)
+{
+	return get_num_version(session);
+}
+
+/**
+ * gnutls_session_get_random:
+ * @session: is a #gnutls_session_t type.
+ * @client: the client part of the random
+ * @server: the server part of the random
+ *
+ * This function returns pointers to the client and server
+ * random fields used in the TLS handshake. The pointers are
+ * not to be modified or deallocated.
+ *
+ * If a client random value has not yet been established, the output
+ * will be garbage.
+ *
+ * Since: 3.0
+ **/
+void
+gnutls_session_get_random(gnutls_session_t session,
+			  gnutls_datum_t * client, gnutls_datum_t * server)
+{
+	if (client) {
+		client->data = session->security_parameters.client_random;
+		client->size =
+		    sizeof(session->security_parameters.client_random);
+	}
+
+	if (server) {
+		server->data = session->security_parameters.server_random;
+		server->size =
+		    sizeof(session->security_parameters.server_random);
+	}
+}
+
+/**
+ * gnutls_session_get_master_secret:
+ * @session: is a #gnutls_session_t type.
+ * @secret: the session's master secret
+ *
+ * This function returns pointers to the master secret
+ * used in the TLS session. The pointers are not to be modified or deallocated.
+ *
+ * This function is only applicable under TLS 1.2 or earlier versions.
+ *
+ * Since: 3.5.0
+ **/
+void
+gnutls_session_get_master_secret(gnutls_session_t session, gnutls_datum_t *secret)
+{
+	secret->data = session->security_parameters.master_secret;
+	secret->size = sizeof(session->security_parameters.master_secret);
+}
+
+unsigned int timespec_sub_ms(struct timespec *a, struct timespec *b)
+{
+	time_t dsecs;
+
+	dsecs = a->tv_sec - b->tv_sec;
+	if (!INT_MULTIPLY_OVERFLOW(dsecs, 1000)) {
+		return (dsecs*1000 + (a->tv_nsec - b->tv_nsec) / (1000 * 1000));
+	} else {
+		return UINT_MAX;
+	}
+}
+
+/**
+ * gnutls_handshake_set_random:
+ * @session: is a #gnutls_session_t type.
+ * @random: a random value of 32-bytes
+ *
+ * This function will explicitly set the server or client hello 
+ * random value in the subsequent TLS handshake. The random value 
+ * should be a 32-byte value.
+ *
+ * Note that this function should not normally be used as gnutls
+ * will select automatically a random value for the handshake.
+ *
+ * This function should not be used when resuming a session.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ *
+ * Since 3.1.9
+ **/
+int
+gnutls_handshake_set_random(gnutls_session_t session,
+			    const gnutls_datum_t * random)
+{
+	if (random->size != GNUTLS_RANDOM_SIZE)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	session->internals.sc_random_set = 1;
+	if (session->security_parameters.entity == GNUTLS_CLIENT)
+		memcpy(session->internals.resumed_security_parameters.
+		       client_random, random->data, random->size);
+	else
+		memcpy(session->internals.resumed_security_parameters.
+		       server_random, random->data, random->size);
+
+	return 0;
+}
+
+/**
+ * gnutls_handshake_set_hook_function:
+ * @session: is a #gnutls_session_t type
+ * @htype: the %gnutls_handshake_description_t of the message to hook at
+ * @when: %GNUTLS_HOOK_* depending on when the hook function should be called
+ * @func: is the function to be called
+ *
+ * This function will set a callback to be called after or before the specified
+ * handshake message has been received or generated. This is a
+ * generalization of gnutls_handshake_set_post_client_hello_function().
+ *
+ * To call the hook function prior to the message being generated or processed
+ * use %GNUTLS_HOOK_PRE as @when parameter, %GNUTLS_HOOK_POST to call
+ * after, and %GNUTLS_HOOK_BOTH for both cases.
+ *
+ * This callback must return 0 on success or a gnutls error code to
+ * terminate the handshake.
+ *
+ * To hook at all handshake messages use an @htype of %GNUTLS_HANDSHAKE_ANY.
+ *
+ * Warning: You should not use this function to terminate the
+ * handshake based on client input unless you know what you are
+ * doing. Before the handshake is finished there is no way to know if
+ * there is a man-in-the-middle attack being performed.
+ **/
+void
+gnutls_handshake_set_hook_function(gnutls_session_t session,
+				   unsigned int htype,
+				   int when,
+				   gnutls_handshake_hook_func func)
+{
+	session->internals.h_hook = func;
+	session->internals.h_type = htype;
+	session->internals.h_post = when;
+}
+
+/**
+ * gnutls_handshake_set_read_function:
+ * @session: is #gnutls_session_t type
+ * @func: is the function to be called
+ *
+ * This function will set a callback to be called when a handshake
+ * message is being sent.
+ *
+ * Since: 3.7.0
+ */
+void
+gnutls_handshake_set_read_function(gnutls_session_t session,
+				   gnutls_handshake_read_func func)
+{
+	session->internals.h_read_func = func;
+}
+
+/**
+ * gnutls_alert_set_read_function:
+ * @session: is #gnutls_session_t type
+ * @func: is the function to be called
+ *
+ * This function will set a callback to be called when an alert
+ * message is being sent.
+ *
+ * Since: 3.7.0
+ */
+void
+gnutls_alert_set_read_function(gnutls_session_t session,
+			       gnutls_alert_read_func func)
+{
+	session->internals.alert_read_func = func;
+}
+
+/**
+ * gnutls_record_get_state:
+ * @session: is a #gnutls_session_t type
+ * @read: if non-zero the read parameters are returned, otherwise the write
+ * @mac_key: the key used for MAC (if a MAC is used)
+ * @IV: the initialization vector or nonce used
+ * @cipher_key: the cipher key
+ * @seq_number: A 64-bit sequence number
+ *
+ * This function will return the parameters of the current record state.
+ * These are only useful to be provided to an external off-loading device
+ * or subsystem. The returned values should be considered constant
+ * and valid for the lifetime of the session.
+ *
+ * In that case, to sync the state back you must call gnutls_record_set_state().
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ *
+ * Since 3.4.0
+ **/
+int
+gnutls_record_get_state(gnutls_session_t session,
+			unsigned read,
+			gnutls_datum_t *mac_key,
+			gnutls_datum_t *IV,
+			gnutls_datum_t *cipher_key,
+			unsigned char seq_number[8])
+{
+	record_parameters_st *record_params;
+	record_state_st *record_state;
+	unsigned int epoch;
+	int ret;
+
+	if (read)
+		epoch = EPOCH_READ_CURRENT;
+	else
+		epoch = EPOCH_WRITE_CURRENT;
+
+	ret = _gnutls_epoch_get(session, epoch, &record_params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (!record_params->initialized)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (read)
+		record_state = &record_params->read;
+	else
+		record_state = &record_params->write;
+
+	if (mac_key) {
+		mac_key->data = record_state->mac_key;
+		mac_key->size = record_state->mac_key_size;
+	}
+
+	if (IV) {
+		IV->data = record_state->iv;
+		IV->size = record_state->iv_size;
+	}
+
+	if (cipher_key) {
+		cipher_key->data = record_state->key;
+		cipher_key->size = record_state->key_size;
+	}
+
+	if (seq_number)
+		_gnutls_write_uint64(record_state->sequence_number, seq_number);
+	return 0;
+}
+
+/**
+ * gnutls_record_set_state:
+ * @session: is a #gnutls_session_t type
+ * @read: if non-zero the read parameters are returned, otherwise the write
+ * @seq_number: A 64-bit sequence number
+ *
+ * This function will set the sequence number in the current record state.
+ * This function is useful if sending and receiving are offloaded from
+ * gnutls. That is, if gnutls_record_get_state() was used.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
+ *
+ * Since 3.4.0
+ **/
+int
+gnutls_record_set_state(gnutls_session_t session,
+			unsigned read,
+			const unsigned char seq_number[8])
+{
+	record_parameters_st *record_params;
+	record_state_st *record_state;
+	int epoch, ret;
+
+	if (read)
+		epoch = EPOCH_READ_CURRENT;
+	else
+		epoch = EPOCH_WRITE_CURRENT;
+
+	ret = _gnutls_epoch_get(session, epoch, &record_params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (!record_params->initialized)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (read)
+		record_state = &record_params->read;
+	else
+		record_state = &record_params->write;
+
+	record_state->sequence_number = _gnutls_read_uint64(seq_number);
+
+	if (IS_DTLS(session)) {
+		_dtls_reset_window(record_params);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_session_get_flags:
+ * @session: is a #gnutls_session_t type.
+ *
+ * This function will return a series (ORed) of flags, applicable
+ * for the current session.
+ *
+ * This replaces individual informational functions such as
+ * gnutls_safe_renegotiation_status(), gnutls_session_ext_master_secret_status(),
+ * etc.
+ *
+ * Returns: An ORed sequence of flags (see %gnutls_session_flags_t)
+ *
+ * Since: 3.5.0
+ **/
+unsigned gnutls_session_get_flags(gnutls_session_t session)
+{
+	unsigned flags = 0;
+
+	if (gnutls_safe_renegotiation_status(session))
+		flags |= GNUTLS_SFLAGS_SAFE_RENEGOTIATION;
+	if (gnutls_session_ext_master_secret_status(session))
+		flags |= GNUTLS_SFLAGS_EXT_MASTER_SECRET;
+	if (gnutls_session_etm_status(session))
+		flags |= GNUTLS_SFLAGS_ETM;
+	if (gnutls_heartbeat_allowed(session, GNUTLS_HB_LOCAL_ALLOWED_TO_SEND))
+		flags |= GNUTLS_SFLAGS_HB_LOCAL_SEND;
+	if (gnutls_heartbeat_allowed(session, GNUTLS_HB_PEER_ALLOWED_TO_SEND))
+		flags |= GNUTLS_SFLAGS_HB_PEER_SEND;
+	if (session->internals.hsk_flags & HSK_FALSE_START_USED)
+		flags |= GNUTLS_SFLAGS_FALSE_START;
+	if ((session->internals.hsk_flags & HSK_EARLY_START_USED) &&
+	    (session->internals.flags & GNUTLS_ENABLE_EARLY_START))
+		flags |= GNUTLS_SFLAGS_EARLY_START;
+	if (session->internals.hsk_flags & HSK_USED_FFDHE)
+		flags |= GNUTLS_SFLAGS_RFC7919;
+	if (session->internals.hsk_flags & HSK_TICKET_RECEIVED)
+		flags |= GNUTLS_SFLAGS_SESSION_TICKET;
+	if (session->security_parameters.post_handshake_auth)
+		flags |= GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH;
+	if (session->internals.hsk_flags & HSK_EARLY_DATA_ACCEPTED)
+		flags |= GNUTLS_SFLAGS_EARLY_DATA;
+	if (session->internals.hsk_flags & HSK_OCSP_REQUESTED)
+		flags |= GNUTLS_SFLAGS_CLI_REQUESTED_OCSP;
+	if (session->internals.hsk_flags & HSK_CLIENT_OCSP_REQUESTED)
+		flags |= GNUTLS_SFLAGS_SERV_REQUESTED_OCSP;
+
+	return flags;
+}
diff --git a/lib/state.h b/lib/state.h
new file mode 100644
index 0000000..be6fad8
--- /dev/null
+++ b/lib/state.h
@@ -0,0 +1,121 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_STATE_H
+#define GNUTLS_LIB_STATE_H
+
+#include "gnutls_int.h"
+
+void _gnutls_session_client_cert_type_set(gnutls_session_t session,
+					 gnutls_certificate_type_t);
+void _gnutls_session_server_cert_type_set(gnutls_session_t session,
+					 gnutls_certificate_type_t);
+
+inline static const gnutls_group_entry_st *
+get_group(gnutls_session_t session)
+{
+	return session->security_parameters.grp;
+}
+
+int _gnutls_session_is_ecc(gnutls_session_t session);
+
+inline static void
+_gnutls_session_group_set(gnutls_session_t session,
+			  const gnutls_group_entry_st *e)
+{
+	_gnutls_handshake_log("HSK[%p]: Selected group %s (%d)\n",
+			      session, e->name, e->id);
+	session->security_parameters.grp = e;
+}
+
+inline static
+void set_default_version(gnutls_session_t session, const version_entry_st *ver)
+{
+	if (ver->tls13_sem) {
+		session->internals.default_record_version[0] = 3;
+		session->internals.default_record_version[1] = 1;
+	} else {
+		session->internals.default_record_version[0] = ver->major;
+		session->internals.default_record_version[1] = ver->minor;
+	}
+}
+
+void
+_gnutls_record_set_default_version(gnutls_session_t session,
+				   unsigned char major,
+				   unsigned char minor);
+
+void
+_gnutls_hello_set_default_version(gnutls_session_t session,
+				   unsigned char major,
+				   unsigned char minor);
+
+#include <auth.h>
+
+#define CHECK_AUTH_TYPE(auth, ret) if (gnutls_auth_get_type(session) != auth) { \
+	gnutls_assert(); \
+	return ret; \
+	}
+
+
+bool _gnutls_session_is_cert_type_supported(gnutls_session_t session,
+				    gnutls_certificate_type_t cert_type,
+				    bool check_credentials,
+				    gnutls_ctype_target_t target);
+int _gnutls_dh_set_secret_bits(gnutls_session_t session, unsigned bits);
+
+int _gnutls_dh_set_peer_public(gnutls_session_t session, bigint_t public);
+int _gnutls_dh_save_group(gnutls_session_t session, bigint_t gen,
+			 bigint_t prime);
+
+static inline int _gnutls_dh_get_min_prime_bits(gnutls_session_t session)
+{
+	if (session->internals.dh_prime_bits != 0)
+		return session->internals.dh_prime_bits;
+	else
+		return gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH,
+						   session->internals.
+						   priorities->level);
+}
+
+void _gnutls_handshake_internal_state_clear(gnutls_session_t);
+
+int _gnutls_session_is_psk(gnutls_session_t session);
+
+void reset_binders(gnutls_session_t session);
+
+inline static int
+_gnutls_PRF(gnutls_session_t session,
+	    const uint8_t * secret, unsigned int secret_size,
+	    const char *label, int label_size, const uint8_t * seed,
+	    int seed_size, int total_bytes, void *ret)
+{
+	return _gnutls_prf_raw(session->security_parameters.prf->id,
+			       secret_size, secret,
+			       label_size, label,
+			       seed_size, seed,
+			       total_bytes, ret);
+}
+
+#define DEFAULT_CERT_TYPE GNUTLS_CRT_X509
+
+#endif /* GNUTLS_LIB_STATE_H */
diff --git a/lib/stek.c b/lib/stek.c
new file mode 100644
index 0000000..22ab505
--- /dev/null
+++ b/lib/stek.c
@@ -0,0 +1,364 @@
+/*
+ * Copyright (C) 2018 Free Software Foundation, Inc.
+ *
+ * Author: Ander Juaristi
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+#include "gnutls_int.h"
+#include "stek.h"
+
+#define NAME_POS (0)
+#define KEY_POS (TICKET_KEY_NAME_SIZE)
+#define MAC_SECRET_POS (TICKET_KEY_NAME_SIZE+TICKET_CIPHER_KEY_SIZE)
+
+static int totp_sha3(gnutls_session_t session,
+		uint64_t t,
+		const gnutls_datum_t *secret,
+		uint8_t out[TICKET_MASTER_KEY_SIZE])
+{
+	int retval;
+	uint8_t t_be[8];
+	digest_hd_st hd;
+	/*
+	 * We choose SHA3-512 because it outputs 64 bytes,
+	 * just the same length as the ticket key.
+	 */
+	const gnutls_digest_algorithm_t algo = GNUTLS_DIG_SHA3_512;
+#if TICKET_MASTER_KEY_SIZE != 64
+#error "TICKET_MASTER_KEY_SIZE must be 64 bytes"
+#endif
+
+	if (unlikely(secret == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if ((retval = _gnutls_hash_init(&hd, hash_to_entry(algo))) < 0)
+		return gnutls_assert_val(retval);
+
+	_gnutls_write_uint64(t, t_be);
+
+	if ((retval = _gnutls_hash(&hd, t_be, sizeof(t_be))) < 0)
+		return gnutls_assert_val(retval);
+	if ((retval = _gnutls_hash(&hd, secret->data, secret->size)) < 0)
+		return gnutls_assert_val(retval);
+
+	_gnutls_hash_deinit(&hd, out);
+	return GNUTLS_E_SUCCESS;
+}
+
+static uint64_t T(gnutls_session_t session, time_t t)
+{
+	uint64_t numeral = t;
+	unsigned int x = session->internals.expire_time * STEK_ROTATION_PERIOD_PRODUCT;
+
+	if (numeral <= 0)
+		return 0;
+
+	return (numeral / x);
+}
+
+static int64_t totp_next(gnutls_session_t session)
+{
+	time_t t;
+	uint64_t result;
+
+	t = gnutls_time(NULL);
+	if (unlikely(t == (time_t) -1))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	result = T(session, t);
+	if (result == 0)
+		return 0;
+
+	if (result == session->key.totp.last_result)
+		return 0;
+
+	return result;
+}
+
+static int64_t totp_previous(gnutls_session_t session)
+{
+	uint64_t result;
+
+	if (session->key.totp.last_result == 0)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	if (!session->key.totp.was_rotated)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	result = session->key.totp.last_result - 1;
+	if (result == 0)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	return result;
+}
+
+static void call_rotation_callback(gnutls_session_t session,
+		uint8_t key[TICKET_MASTER_KEY_SIZE], uint64_t t)
+{
+	gnutls_datum_t prev_key, new_key;
+
+	if (session->key.totp.cb) {
+		new_key.data = key;
+		new_key.size = TICKET_MASTER_KEY_SIZE;
+		prev_key.data = session->key.session_ticket_key;
+		prev_key.size = TICKET_MASTER_KEY_SIZE;
+
+		session->key.totp.cb(&prev_key, &new_key, t);
+	}
+}
+
+static int rotate(gnutls_session_t session)
+{
+	int64_t t;
+	gnutls_datum_t secret;
+	uint8_t key[TICKET_MASTER_KEY_SIZE];
+
+	/* Do we need to calculate new totp? */
+	t = totp_next(session);
+	if (t > 0) {
+		secret.data = session->key.initial_stek;
+		secret.size = TICKET_MASTER_KEY_SIZE;
+
+		/* Generate next key */
+		if (totp_sha3(session, t, &secret, key) < 0) {
+			gnutls_assert();
+			return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		}
+
+		/* Replace old key with new one, and call callback if provided */
+		call_rotation_callback(session, key, t);
+		session->key.totp.last_result = t;
+		_gnutls_memory_mark_defined(session->key.session_ticket_key,
+					    sizeof(key));
+		memcpy(session->key.session_ticket_key, key, sizeof(key));
+
+		session->key.totp.was_rotated = 1;
+	} else if (t < 0) {
+		return gnutls_assert_val(t);
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+static int rotate_back_and_peek(gnutls_session_t session,
+				uint8_t key[TICKET_MASTER_KEY_SIZE])
+{
+	int64_t t;
+	gnutls_datum_t secret;
+
+	/* Get the previous TOTP */
+	t = totp_previous(session);
+	if (t < 0)
+		return gnutls_assert_val(t);
+
+	secret.data = session->key.initial_stek;
+	secret.size = TICKET_MASTER_KEY_SIZE;
+
+	if (totp_sha3(session, t, &secret, key) < 0)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	return 0;
+}
+
+/*
+ * _gnutls_get_session_ticket_encryption_key:
+ * @key_name: an empty datum that will receive the key name part of the STEK
+ * @mac_key: an empty datum that will receive the MAC key part of the STEK
+ * @enc_key: an empty datum that will receive the encryption key part of the STEK
+ *
+ * Get the currently active session ticket encryption key (STEK).
+ *
+ * The STEK is a 64-byte blob which is further divided in three parts,
+ * and this function requires the caller to supply three separate datums for each one.
+ * Though the caller might omit one or more of those if not interested in that part of the STEK.
+ *
+ * These are the three parts the STEK is divided in:
+ *
+ *  - Key name: 16 bytes
+ *  - Encryption key: 32 bytes
+ *  - MAC key: 16 bytes
+ *
+ * This function will transparently rotate the key, if the time has come for that,
+ * before returning it to the caller.
+ */
+int _gnutls_get_session_ticket_encryption_key(gnutls_session_t session,
+					      gnutls_datum_t *key_name,
+					      gnutls_datum_t *mac_key,
+					      gnutls_datum_t *enc_key)
+{
+	int retval;
+
+	if (unlikely(session == NULL)) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	if (!session->key.stek_initialized) {
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+	}
+
+	if ((retval = rotate(session)) < 0)
+		return gnutls_assert_val(retval);
+
+	/* Copy key parts to user-supplied datums (if provided) */
+	if (key_name) {
+		key_name->data = &session->key.session_ticket_key[NAME_POS];
+		key_name->size = TICKET_KEY_NAME_SIZE;
+	}
+	if (mac_key) {
+		mac_key->data = &session->key.session_ticket_key[MAC_SECRET_POS];
+		mac_key->size = TICKET_MAC_SECRET_SIZE;
+	}
+	if (enc_key) {
+		enc_key->data = &session->key.session_ticket_key[KEY_POS];
+		enc_key->size = TICKET_CIPHER_KEY_SIZE;
+	}
+
+	return retval;
+}
+
+/*
+ * _gnutls_get_session_ticket_decryption_key:
+ * @ticket_data: the bytes of a session ticket that must be decrypted
+ * @key_name: an empty datum that will receive the key name part of the STEK
+ * @mac_key: an empty datum that will receive the MAC key part of the STEK
+ * @enc_key: an empty datum that will receive the encryption key part of the STEK
+ *
+ * Get the key (STEK) the given session ticket was encrypted with.
+ *
+ * As with its encryption counterpart (%_gnutls_get_session_ticket_encryption_key),
+ * this function will also transparently rotate
+ * the currently active STEK if time has come for that, and it also requires the different
+ * parts of the STEK to be obtained in different datums.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or a negative error code, such as
+ * %GNUTLS_E_REQUSTED_DATA_NOT_AVAILABLE if no key could be found for the supplied ticket.
+ */
+int _gnutls_get_session_ticket_decryption_key(gnutls_session_t session,
+					      const gnutls_datum_t *ticket_data,
+					      gnutls_datum_t *key_name,
+					      gnutls_datum_t *mac_key,
+					      gnutls_datum_t *enc_key)
+{
+	int retval;
+	uint8_t *key_data;
+
+	if (unlikely(session == NULL || ticket_data == NULL || ticket_data->data == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (ticket_data->size < TICKET_KEY_NAME_SIZE)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (!session->key.stek_initialized) {
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+	}
+
+	if ((retval = rotate(session)) < 0)
+		return gnutls_assert_val(retval);
+
+	/*
+	 * Is current key valid?
+	 * We compare the first 16 bytes --> The key_name field.
+	 */
+	if (memcmp(ticket_data->data,
+		   &session->key.session_ticket_key[NAME_POS],
+		   TICKET_KEY_NAME_SIZE) == 0) {
+		key_data = session->key.session_ticket_key;
+		goto key_found;
+	}
+
+	/*
+	 * Current key is not valid.
+	 * Compute previous key and see if that matches.
+	 */
+	_gnutls_memory_mark_defined(session->key.previous_ticket_key, TICKET_MASTER_KEY_SIZE);
+	if ((retval = rotate_back_and_peek(session, session->key.previous_ticket_key)) < 0) {
+		_gnutls_memory_mark_undefined(session->key.previous_ticket_key, TICKET_MASTER_KEY_SIZE);
+		return gnutls_assert_val(retval);
+	}
+
+	if (memcmp(ticket_data->data,
+		   &session->key.previous_ticket_key[NAME_POS],
+		   TICKET_KEY_NAME_SIZE) == 0) {
+		key_data = session->key.previous_ticket_key;
+		goto key_found;
+	}
+
+	return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+key_found:
+	if (key_name) {
+		key_name->data = &key_data[NAME_POS];
+		key_name->size = TICKET_KEY_NAME_SIZE;
+	}
+	if (mac_key) {
+		mac_key->data = &key_data[MAC_SECRET_POS];
+		mac_key->size = TICKET_MAC_SECRET_SIZE;
+	}
+	if (enc_key) {
+		enc_key->data = &key_data[KEY_POS];
+		enc_key->size = TICKET_CIPHER_KEY_SIZE;
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/*
+ * _gnutls_initialize_session_ticket_key_rotation:
+ * @key: Initial session ticket key
+ *
+ * Initialize the session ticket key rotation.
+ *
+ * This function will not enable session ticket keys on the server side. That is done
+ * with the gnutls_session_ticket_enable_server() function. This function just initializes
+ * the internal state to support periodical rotation of the session ticket encryption key.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success, or %GNUTLS_E_INVALID_REQUEST on error.
+ */
+int _gnutls_initialize_session_ticket_key_rotation(gnutls_session_t session, const gnutls_datum_t *key)
+{
+	if (unlikely(session == NULL || key == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (unlikely(session->key.totp.last_result != 0))
+		return GNUTLS_E_INVALID_REQUEST;
+
+	_gnutls_memory_mark_defined(session->key.initial_stek,
+				    TICKET_MASTER_KEY_SIZE);
+	memcpy(session->key.initial_stek, key->data, key->size);
+
+	session->key.stek_initialized = true;
+	session->key.totp.was_rotated = 0;
+	return 0;
+}
+
+/*
+ * _gnutls_set_session_ticket_key_rotation_callback:
+ * @cb: the callback function
+ *
+ * Set a callback function that will be invoked every time the session ticket key
+ * is rotated.
+ *
+ * The function will take as arguments the previous key, the new key and the time
+ * step value that caused the key to rotate.
+ *
+ */
+void _gnutls_set_session_ticket_key_rotation_callback(gnutls_session_t session, gnutls_stek_rotation_callback_t cb)
+{
+	if (session)
+		session->key.totp.cb = cb;
+}
diff --git a/lib/stek.h b/lib/stek.h
new file mode 100644
index 0000000..284e6cb
--- /dev/null
+++ b/lib/stek.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2018 Free Software Foundation, Inc.
+ *
+ * Author: Ander Juaristi
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_STEK_H
+#define GNUTLS_LIB_STEK_H
+
+#include "gnutls_int.h"
+
+int _gnutls_get_session_ticket_encryption_key(gnutls_session_t session,
+					      gnutls_datum_t *key_name,
+					      gnutls_datum_t *mac_key,
+					      gnutls_datum_t *enc_key);
+int _gnutls_get_session_ticket_decryption_key(gnutls_session_t session,
+					      const gnutls_datum_t *ticket_data,
+					      gnutls_datum_t *key_name,
+					      gnutls_datum_t *mac_key,
+					      gnutls_datum_t *enc_key);
+
+void _gnutls_set_session_ticket_key_rotation_callback(gnutls_session_t session,
+		gnutls_stek_rotation_callback_t cb);
+
+int _gnutls_initialize_session_ticket_key_rotation(gnutls_session_t session,
+		const gnutls_datum_t *key);
+
+#endif /* GNUTLS_LIB_STEK_H */
diff --git a/lib/str-iconv.c b/lib/str-iconv.c
new file mode 100644
index 0000000..7786dc8
--- /dev/null
+++ b/lib/str-iconv.c
@@ -0,0 +1,171 @@
+/*
+ * Copyright (C) 2010-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include <config.h>
+#include <system.h>
+#include "gnutls_int.h"
+#include "errors.h"
+
+#include <sys/socket.h>
+#include <errno.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistr.h>
+#include <uninorm.h>
+#include "num.h"
+
+static void change_u16_endianness(uint8_t *dst, const uint8_t *src, unsigned size, unsigned be)
+{
+	unsigned convert = 0;
+	unsigned i;
+	uint8_t tmp;
+
+#ifdef WORDS_BIGENDIAN
+	if (!be)
+		convert = 1;
+#else
+	if (be)
+		convert = 1;
+#endif
+
+	/* convert to LE */
+	if (convert) {
+		for (i = 0; i < size; i += 2) {
+			tmp = src[i];
+			dst[i] = src[1 + i];
+			dst[1 + i] = tmp;
+		}
+	} else {
+		if (dst != src)
+			memcpy(dst, src, size);
+	}
+}
+
+int _gnutls_ucs2_to_utf8(const void *data, size_t size,
+			 gnutls_datum_t * output, unsigned be)
+{
+	int ret;
+	size_t dstlen;
+	void *src;
+	uint8_t *tmp_dst = NULL;
+	uint8_t *dst = NULL;
+
+	if (size > 2 && ((uint8_t *) data)[size-1] == 0 && ((uint8_t *) data)[size-2] == 0) {
+		size -= 2;
+	}
+
+	if (size == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	src = gnutls_malloc(size+2);
+	if (src == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	/* convert to LE if needed */
+	change_u16_endianness(src, data, size, be);
+
+	dstlen = 0;
+	tmp_dst = u16_to_u8((uint16_t*)src, size/2, NULL, &dstlen);
+	if (tmp_dst == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		goto fail;
+	}
+
+	dst = gnutls_malloc(dstlen+1);
+	if (dst == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto fail;
+	}
+
+	memcpy(dst, tmp_dst, dstlen);
+	dst[dstlen] = 0;
+
+	output->data = (void *) dst;
+	output->size = dstlen;
+
+	ret = 0;
+	goto cleanup;
+
+ fail:
+	gnutls_free(dst);
+
+ cleanup:
+	gnutls_free(src);
+	free(tmp_dst);
+
+	return ret;
+}
+
+int _gnutls_utf8_to_ucs2(const void *data, size_t size,
+			 gnutls_datum_t * output, unsigned be)
+{
+	int ret;
+	size_t dstlen, nrm_size = 0, tmp_size = 0;
+	uint16_t *tmp_dst = NULL;
+	uint16_t *nrm_dst = NULL;
+	uint8_t *dst = NULL;
+
+	if (size == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	tmp_dst = u8_to_u16(data, size, NULL, &tmp_size);
+	if (tmp_dst == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	nrm_dst = u16_normalize(UNINORM_NFC, tmp_dst, tmp_size, NULL, &nrm_size);
+	if (nrm_dst == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		goto fail;
+	}
+
+	dstlen = nrm_size * 2; /* convert to bytes */
+
+	dst = gnutls_malloc(dstlen+2);
+	if (dst == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto fail;
+	}
+
+	/* convert to BE */
+	change_u16_endianness(dst, (uint8_t*)tmp_dst, dstlen, be);
+	dst[dstlen] = 0;
+	dst[dstlen+1] = 0;
+
+	output->data = (void *) dst;
+	output->size = dstlen;
+
+	ret = 0;
+	goto cleanup;
+
+ fail:
+	gnutls_free(dst);
+
+ cleanup:
+	free(tmp_dst);
+	free(nrm_dst);
+
+	return ret;
+}
+
diff --git a/lib/str-idna.c b/lib/str-idna.c
new file mode 100644
index 0000000..74b8d22
--- /dev/null
+++ b/lib/str-idna.c
@@ -0,0 +1,280 @@
+/*
+ * Copyright (C) 2017 Tim Rühsen
+ * Copyright (C) 2016, 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "str.h"
+#include <unistr.h>
+
+#ifdef HAVE_LIBIDN2
+
+# include <idn2.h>
+
+# define ICAST char
+
+/**
+ * gnutls_idna_map:
+ * @input: contain the UTF-8 formatted domain name
+ * @ilen: the length of the provided string
+ * @out: the result in an null-terminated allocated string
+ * @flags: should be zero
+ *
+ * This function will convert the provided UTF-8 domain name, to
+ * its IDNA mapping in an allocated variable. Note that depending on the flags the used gnutls
+ * library was compiled with, the output of this function may vary (i.e.,
+ * may be IDNA2008, or IDNA2003).
+ *
+ * To force IDNA2008 specify the flag %GNUTLS_IDNA_FORCE_2008. In
+ * the case GnuTLS is not compiled with the necessary dependencies,
+ * %GNUTLS_E_UNIMPLEMENTED_FEATURE will be returned to indicate that
+ * gnutls is unable to perform the requested conversion.
+ *
+ * Note also, that this function will return an empty string if an
+ * empty string is provided as input.
+ *
+ * Returns: %GNUTLS_E_INVALID_UTF8_STRING on invalid UTF-8 data, or 0 on success.
+ *
+ * Since: 3.5.8
+ **/
+int gnutls_idna_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsigned flags)
+{
+	char *idna = NULL;
+	int rc, ret;
+	gnutls_datum_t istr;
+	unsigned int idn2_flags = IDN2_NFC_INPUT;
+	unsigned int idn2_tflags = IDN2_NFC_INPUT;
+
+	/* IDN2_NONTRANSITIONAL automatically converts to lowercase
+	 * IDN2_NFC_INPUT converts to NFC before toASCII conversion
+	 *
+	 * Since IDN2_NONTRANSITIONAL implicitly does NFC conversion, we don't need
+	 * the additional IDN2_NFC_INPUT. But just for the unlikely case that the linked
+	 * library is not matching the headers when building and it doesn't support TR46,
+	 * we provide IDN2_NFC_INPUT.
+	 *
+	 * Without IDN2_USE_STD3_ASCII_RULES, the result could contain any ASCII characters,
+	 * e.g. 'evil.c\u2100.example.com' will be converted into
+	 * 'evil.ca/c.example.com', which seems no good idea. */
+	idn2_flags |= IDN2_NONTRANSITIONAL | IDN2_USE_STD3_ASCII_RULES;
+	idn2_tflags |= IDN2_TRANSITIONAL | IDN2_USE_STD3_ASCII_RULES;
+
+	if (ilen == 0) {
+		out->data = (uint8_t*)gnutls_strdup("");
+		out->size = 0;
+		if (out->data == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		return 0;
+	}
+
+	if (_gnutls_str_is_print(input, ilen)) {
+		return _gnutls_set_strdatum(out, input, ilen);
+	}
+
+	ret = _gnutls_set_strdatum(&istr, input, ilen);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	rc = idn2_to_ascii_8z((ICAST*)istr.data, (ICAST**)&idna, idn2_flags);
+	if (rc == IDN2_DISALLOWED && !(flags & GNUTLS_IDNA_FORCE_2008))
+		rc = idn2_to_ascii_8z((ICAST*)istr.data, (ICAST**)&idna, idn2_tflags);
+
+	if (rc != IDN2_OK) {
+		gnutls_assert();
+		idna = NULL; /* in case idn2_lookup_u8 modifies &idna */
+		_gnutls_debug_log("unable to convert name '%s' to IDNA format: %s\n", istr.data, idn2_strerror(rc));
+		ret = GNUTLS_E_INVALID_UTF8_STRING;
+		goto fail;
+	}
+
+	if (gnutls_free != idn2_free) {
+		ret = _gnutls_set_strdatum(out, idna, strlen(idna));
+	} else  {
+		out->data = (unsigned char*)idna;
+		out->size = strlen(idna);
+		idna = NULL;
+		ret = 0;
+	}
+
+ fail:
+	idn2_free(idna);
+	gnutls_free(istr.data);
+	return ret;
+}
+
+/**
+ * gnutls_idna_reverse_map:
+ * @input: contain the ACE (IDNA) formatted domain name
+ * @ilen: the length of the provided string
+ * @out: the result in an null-terminated allocated UTF-8 string
+ * @flags: should be zero
+ *
+ * This function will convert an ACE (ASCII-encoded) domain name to a UTF-8 domain name.
+ *
+ * If GnuTLS is compiled without IDNA support, then this function
+ * will return %GNUTLS_E_UNIMPLEMENTED_FEATURE.
+ *
+ * Note also, that this function will return an empty string if an
+ * empty string is provided as input.
+ *
+ * Returns: A negative error code on error, or 0 on success.
+ *
+ * Since: 3.5.8
+ **/
+int gnutls_idna_reverse_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsigned flags)
+{
+	char *u8 = NULL;
+	int rc, ret;
+	gnutls_datum_t istr;
+
+	if (ilen == 0) {
+		out->data = (uint8_t*)gnutls_strdup("");
+		out->size = 0;
+		if (out->data == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		return 0;
+	}
+
+	ret = _gnutls_set_strdatum(&istr, input, ilen);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* currently libidn2 just converts single labels, thus a wrapper function */
+	rc = idn2_to_unicode_8z8z((char*)istr.data, &u8, 0);
+	if (rc != IDN2_OK) {
+		gnutls_assert();
+		_gnutls_debug_log("unable to convert ACE name '%s' to UTF-8 format: %s\n", istr.data, idn2_strerror(rc));
+		ret = GNUTLS_E_INVALID_UTF8_STRING;
+		goto fail;
+	}
+
+	if (gnutls_malloc != malloc) {
+		ret = _gnutls_set_strdatum(out, u8, strlen(u8));
+	} else  {
+		out->data = (unsigned char*)u8;
+		out->size = strlen(u8);
+		u8 = NULL;
+		ret = 0;
+	}
+ fail:
+	idn2_free(u8);
+	gnutls_free(istr.data);
+	return ret;
+}
+
+#else /* no HAVE_LIBIDN2 */
+
+# undef gnutls_idna_map
+int gnutls_idna_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsigned flags)
+{
+	if (!_gnutls_str_is_print(input, ilen)) {
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+	}
+
+	return _gnutls_set_strdatum(out, input, ilen);
+}
+
+int gnutls_idna_reverse_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsigned flags)
+{
+	return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+}
+#endif /* HAVE_LIBIDN2 */
+
+int _gnutls_idna_email_map(const char *input, unsigned ilen, gnutls_datum_t *output)
+{
+	const char *p = input;
+
+	while(*p != 0 && *p != '@') {
+		if (!c_isprint(*p))
+			return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_EMAIL);
+		p++;
+	}
+
+	if (_gnutls_str_is_print(input, ilen)) {
+		return _gnutls_set_strdatum(output, input, ilen);
+	}
+
+	if (*p == '@') {
+		unsigned name_part = p-input;
+		int ret;
+		gnutls_datum_t domain;
+
+		ret = gnutls_idna_map(p+1, ilen-name_part-1, &domain, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		output->data = gnutls_malloc(name_part+1+domain.size+1);
+		if (output->data == NULL) {
+			gnutls_free(domain.data);
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		}
+		memcpy(output->data, input, name_part);
+		output->data[name_part] = '@';
+		memcpy(&output->data[name_part+1], domain.data, domain.size);
+		output->data[name_part+domain.size+1] = 0;
+		output->size = name_part+domain.size+1;
+		gnutls_free(domain.data);
+		return 0;
+	} else {
+		return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_EMAIL);
+	}
+}
+
+int _gnutls_idna_email_reverse_map(const char *input, unsigned ilen, gnutls_datum_t *output)
+{
+	const char *p = input;
+
+	while(*p != 0 && *p != '@') {
+		if (!c_isprint(*p))
+			return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_EMAIL);
+		p++;
+	}
+
+	if (*p == '@') {
+		unsigned name_part = p-input;
+		int ret;
+		gnutls_datum_t domain;
+
+		ret = gnutls_idna_reverse_map(p+1, ilen-name_part-1, &domain, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		output->data = gnutls_malloc(name_part+1+domain.size+1);
+		if (output->data == NULL) {
+			gnutls_free(domain.data);
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		}
+		memcpy(output->data, input, name_part);
+		output->data[name_part] = '@';
+		memcpy(&output->data[name_part+1], domain.data, domain.size);
+		output->data[name_part+domain.size+1] = 0;
+		output->size = name_part+domain.size+1;
+		gnutls_free(domain.data);
+		return 0;
+	} else {
+		return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_EMAIL);
+	}
+}
diff --git a/lib/str-unicode.c b/lib/str-unicode.c
new file mode 100644
index 0000000..d66710a
--- /dev/null
+++ b/lib/str-unicode.c
@@ -0,0 +1,290 @@
+/*
+ * Copyright (C) 2016, 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "str.h"
+#include <uninorm.h>
+#include <unistr.h>
+#include <unictype.h>
+
+/* rfc5892#section-2.6 exceptions
+ */
+inline static int is_allowed_exception(uint32_t ch)
+{
+	switch (ch) {
+		case 0xB7:
+		case 0x0375:
+		case 0x05F3:
+		case 0x05F4:
+		case 0x30FB:
+		case 0x0660:
+		case 0x0661:
+		case 0x0662:
+		case 0x0663:
+		case 0x0664:
+		case 0x0665:
+		case 0x0666:
+		case 0x0667:
+		case 0x0668:
+		case 0x0669:
+		case 0x06F0:
+		case 0x06F1:
+		case 0x06F2:
+		case 0x06F3:
+		case 0x06F4:
+		case 0x06F5:
+		case 0x06F6:
+		case 0x06F7:
+		case 0x06F8:
+		case 0x06F9:
+		case 0x0640:
+		case 0x07FA:
+		case 0x302E:
+		case 0x302F:
+		case 0x3031:
+		case 0x3032:
+		case 0x3033:
+		case 0x3034:
+		case 0x3035:
+		case 0x303B:
+			return 0; /* disallowed */
+		case 0xDF:
+		case 0x03C2:
+		case 0x06FD:
+		case 0x06FE:
+		case 0x0F0B:
+		case 0x3007:
+			return 1; /* allowed */
+		default:
+			return -1; /* not exception */
+	}
+}
+
+/* Checks whether the provided string is in the valid set of FreeFormClass (RFC7564
+ * as an RFC7613 requirement), and converts all spaces to the ASCII-space. */
+static int check_for_valid_freeformclass(uint32_t *ucs4, unsigned ucs4_size)
+{
+	unsigned i;
+	int rc;
+	uint32_t tmp[4];
+	size_t tmp_size;
+	uint32_t *nrm;
+	uc_general_category_t cat;
+	unsigned is_invalid;
+
+	/* make the union of Valid categories, excluding any invalid (i.e., control) */
+	cat = uc_general_category_or(UC_CATEGORY_Ll, UC_CATEGORY_Lu); /* LetterDigits */
+	cat = uc_general_category_or(cat, UC_CATEGORY_Lo);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Nd);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Lm);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Mn);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Mc);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Lt); /* OtherLetterDigits */
+	cat = uc_general_category_or(cat, UC_CATEGORY_Nl);
+	cat = uc_general_category_or(cat, UC_CATEGORY_No);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Me);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Sm); /* Symbols */
+	cat = uc_general_category_or(cat, UC_CATEGORY_Sc);
+	cat = uc_general_category_or(cat, UC_CATEGORY_So);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Sk);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Pc); /* Punctuation */
+	cat = uc_general_category_or(cat, UC_CATEGORY_Pd);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Ps);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Pe);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Pi);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Pf);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Po);
+	cat = uc_general_category_or(cat, UC_CATEGORY_Zs); /* Spaces */
+	cat = uc_general_category_and_not(cat, UC_CATEGORY_Cc); /* Not in Control */
+
+	/* check for being in the allowed sets in rfc7564#section-4.3 */
+	for (i=0;i<ucs4_size;i++) {
+		is_invalid = 0;
+
+		/* Disallowed 
+		   o  Old Hangul Jamo characters, i.e., the OldHangulJamo ("I") category
+		      (not handled in this code)
+
+		   o  Control characters, i.e., the Controls ("L") category
+
+		   o  Ignorable characters, i.e., the PrecisIgnorableProperties ("M")
+		 */
+		if (uc_is_property_default_ignorable_code_point(ucs4[i]) ||
+		    uc_is_property_not_a_character(ucs4[i])) {
+			return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_STRING);
+		}
+
+
+		/* Contextual rules - we do not implement them / we reject chars from these sets
+		   o  A number of characters from the Exceptions ("F") category defined
+
+		   o  Joining characters, i.e., the JoinControl ("H") category defined
+		 */
+		rc = is_allowed_exception(ucs4[i]);
+		if (rc == 0 || uc_is_property_join_control(ucs4[i]))
+			return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_STRING);
+
+		if (rc == 1) /* exceptionally allowed, continue */
+			continue;
+
+
+		/* Replace all spaces; an RFC7613 requirement
+		 */
+		if (uc_is_general_category(ucs4[i], UC_CATEGORY_Zs)) /* replace */
+			ucs4[i] = 0x20;
+
+		/* Valid */
+		if ((ucs4[i] < 0x21 || ucs4[i] > 0x7E) && !uc_is_general_category(ucs4[i], cat))
+			is_invalid = 1;
+
+		/* HasCompat */
+		if (is_invalid) {
+			tmp_size = sizeof(tmp)/sizeof(tmp[0]);
+			nrm = u32_normalize(UNINORM_NFKC, &ucs4[i], 1, tmp, &tmp_size);
+			if (nrm == NULL || (tmp_size == 1 && nrm[0] == ucs4[i]))
+				return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_STRING);
+		}
+	}
+
+	return 0;
+}
+
+
+/**
+ * gnutls_utf8_password_normalize:
+ * @password: contain the UTF-8 formatted password
+ * @plen: the length of the provided password
+ * @out: the result in an null-terminated allocated string
+ * @flags: should be zero
+ *
+ * This function will convert the provided UTF-8 password according
+ * to the normalization rules in RFC7613.
+ *
+ * If the flag %GNUTLS_UTF8_IGNORE_ERRS is specified, any UTF-8 encoding
+ * errors will be ignored, and in that case the output will be a copy of the input.
+ *
+ * Returns: %GNUTLS_E_INVALID_UTF8_STRING on invalid UTF-8 data, or 0 on success.
+ *
+ * Since: 3.5.7
+ **/
+int gnutls_utf8_password_normalize(const unsigned char *password, unsigned plen,
+				   gnutls_datum_t *out, unsigned flags)
+{
+	size_t ucs4_size = 0, nrm_size = 0;
+	size_t final_size = 0;
+	uint8_t *final = NULL;
+	uint32_t *ucs4 = NULL;
+	uint32_t *nrm = NULL;
+	uint8_t *nrmu8 = NULL;
+	int ret;
+
+	if (plen == 0) {
+		out->data = (uint8_t*)gnutls_strdup("");
+		out->size = 0;
+		if (out->data == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		return 0;
+	}
+
+	/* check for invalid UTF-8 */
+	if (u8_check((uint8_t*)password, plen) != NULL) {
+		gnutls_assert();
+		if (flags & GNUTLS_UTF8_IGNORE_ERRS) {
+ raw_copy:
+			out->data = gnutls_malloc(plen+1);
+			if (out->data == NULL)
+				return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+			out->size = plen;
+			memcpy(out->data, password, plen);
+			out->data[plen] = 0;
+			return 0;
+		} else {
+			return GNUTLS_E_INVALID_UTF8_STRING;
+		}
+	}
+
+	/* convert to UTF-32 */
+	ucs4 = u8_to_u32((uint8_t*)password, plen, NULL, &ucs4_size);
+	if (ucs4 == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_PARSING_ERROR;
+		goto fail;
+	}
+
+	ret = check_for_valid_freeformclass(ucs4, ucs4_size);
+	if (ret < 0) {
+		gnutls_assert();
+		if (flags & GNUTLS_UTF8_IGNORE_ERRS) {
+			free(ucs4);
+			goto raw_copy;
+		}
+		if (ret == GNUTLS_E_INVALID_UTF8_STRING)
+			ret = GNUTLS_E_INVALID_PASSWORD_STRING;
+		goto fail;
+	}
+
+	/* normalize to NFC */
+	nrm = u32_normalize(UNINORM_NFC, ucs4, ucs4_size, NULL, &nrm_size);
+	if (nrm == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_PASSWORD_STRING;
+		goto fail;
+	}
+
+	/* convert back to UTF-8 */
+	final_size = 0;
+	nrmu8 = u32_to_u8(nrm, nrm_size, NULL, &final_size);
+	if (nrmu8 == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_PASSWORD_STRING;
+		goto fail;
+	}
+
+	/* copy to output with null terminator */
+	final = gnutls_malloc(final_size+1);
+	if (final == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto fail;
+	}
+
+	memcpy(final, nrmu8, final_size);
+	final[final_size] = 0;
+
+	free(ucs4);
+	free(nrm);
+	free(nrmu8);
+
+	out->data = final;
+	out->size = final_size;
+
+	return 0;
+
+ fail:
+	gnutls_free(final);
+	free(ucs4);
+	free(nrm);
+	free(nrmu8);
+	return ret;
+}
+
diff --git a/lib/str.c b/lib/str.c
new file mode 100644
index 0000000..787a6b3
--- /dev/null
+++ b/lib/str.c
@@ -0,0 +1,1154 @@
+/*
+ * Copyright (C) 2002-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2016-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <num.h>
+#include "str.h"
+#include <stdarg.h>
+#include <c-ctype.h>
+#include <intprops.h>
+#include <nettle/base64.h>
+#include "extras/hex.h"
+
+/* These functions are like strcat, strcpy. They only
+ * do bound checking (they shouldn't cause buffer overruns),
+ * and they always produce null terminated strings.
+ *
+ * They should be used only with null terminated strings.
+ */
+void _gnutls_str_cat(char *dest, size_t dest_tot_size, const char *src)
+{
+	size_t str_size = strlen(src);
+	size_t dest_size = strlen(dest);
+
+	if (dest_tot_size - dest_size > str_size) {
+		strcat(dest, src);
+	} else {
+		if (dest_tot_size - dest_size > 0) {
+			strncat(dest, src,
+				(dest_tot_size - dest_size) - 1);
+			dest[dest_tot_size - 1] = 0;
+		}
+	}
+}
+
+void _gnutls_str_cpy(char *dest, size_t dest_tot_size, const char *src)
+{
+	size_t str_size = strlen(src);
+
+	if (dest_tot_size > str_size) {
+		strcpy(dest, src);
+	} else {
+		if (dest_tot_size > 0) {
+			memcpy(dest, src, (dest_tot_size) - 1);
+			dest[dest_tot_size - 1] = 0;
+		}
+	}
+}
+
+void _gnutls_buffer_init(gnutls_buffer_st * str)
+{
+	str->data = str->allocd = NULL;
+	str->max_length = 0;
+	str->length = 0;
+}
+
+void _gnutls_buffer_clear(gnutls_buffer_st * str)
+{
+	if (str == NULL || str->allocd == NULL)
+		return;
+	gnutls_free(str->allocd);
+
+	str->data = NULL;
+	str->max_length = 0;
+	str->length = 0;
+}
+
+#define MIN_CHUNK 1024
+
+/**
+ * gnutls_buffer_append_data:
+ * @dest: the buffer to append to
+ * @data: the data
+ * @data_size: the size of @data
+ *
+ * Appends the provided @data to the destination buffer.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_buffer_append_data(gnutls_buffer_t dest, const void *data,
+			   size_t data_size)
+{
+	size_t const tot_len = data_size + dest->length;
+	int ret;
+
+	if (unlikely(dest->data != NULL && dest->allocd == NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (data_size == 0)
+		return 0;
+
+	if (unlikely(sizeof(size_t) == 4 &&
+	    INT_ADD_OVERFLOW (((ssize_t)MAX(data_size, MIN_CHUNK)), ((ssize_t)dest->length)))) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	ret = _gnutls_buffer_resize(dest, tot_len);
+	if (ret < 0) {
+		return ret;
+	}
+	assert(dest->data != NULL);
+
+	memcpy(&dest->data[dest->length], data, data_size);
+	dest->length = tot_len;
+
+	return 0;
+}
+
+#ifdef AGGRESSIVE_REALLOC
+
+/* Use a simpler logic for reallocation; i.e., always call
+ * gnutls_realloc_fast() and do not reclaim the no-longer-used
+ * area which has been removed from the beginning of buffer
+ * with _gnutls_buffer_pop_datum().  This helps hit more
+ * issues when running under valgrind.
+ */
+int _gnutls_buffer_resize(gnutls_buffer_st * dest, size_t new_size)
+{
+	size_t unused;
+
+	if (unlikely(dest->data != NULL && dest->allocd == NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	unused = MEMSUB(dest->data, dest->allocd);
+	dest->allocd =
+	    gnutls_realloc_fast(dest->allocd, new_size + unused);
+	if (dest->allocd == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+	dest->max_length = new_size + unused;
+	dest->data = dest->allocd + unused;
+
+	return 0;
+}
+
+#else
+
+static void align_allocd_with_data(gnutls_buffer_st * dest)
+{
+	assert(dest->allocd != NULL);
+	assert(dest->data != NULL);
+	if (dest->length)
+		memmove(dest->allocd, dest->data, dest->length);
+	dest->data = dest->allocd;
+}
+
+int _gnutls_buffer_resize(gnutls_buffer_st * dest, size_t new_size)
+{
+	if (unlikely(dest->data != NULL && dest->allocd == NULL))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (dest->max_length >= new_size) {
+		size_t unused = MEMSUB(dest->data, dest->allocd);
+		if (dest->max_length - unused <= new_size) {
+			align_allocd_with_data(dest);
+		}
+
+		return 0;
+	} else {
+		size_t unused = MEMSUB(dest->data, dest->allocd);
+		size_t alloc_len =
+		    MAX(new_size, MIN_CHUNK) + MAX(dest->max_length,
+						   MIN_CHUNK);
+
+		dest->allocd =
+		    gnutls_realloc_fast(dest->allocd, alloc_len);
+		if (dest->allocd == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+		dest->max_length = alloc_len;
+		dest->data = dest->allocd + unused;
+
+		align_allocd_with_data(dest);
+
+		return 0;
+	}
+}
+
+#endif
+
+/* Appends the provided string. The null termination byte is appended
+ * but not included in length.
+ */
+int _gnutls_buffer_append_str(gnutls_buffer_st * dest, const char *src)
+{
+	int ret;
+	ret = _gnutls_buffer_append_data(dest, src, strlen(src) + 1);
+	if (ret >= 0)
+		dest->length--;
+
+	return ret;
+}
+
+/* returns data from a string in a constant buffer.
+ * The data will NOT be valid if buffer is released or
+ * data are appended in the buffer.
+ */
+void
+_gnutls_buffer_pop_datum(gnutls_buffer_st * str, gnutls_datum_t * data,
+			 size_t req_size)
+{
+	if (str->length == 0) {
+		data->data = NULL;
+		data->size = 0;
+		return;
+	}
+
+	if (req_size > str->length)
+		req_size = str->length;
+
+	data->data = str->data;
+	data->size = req_size;
+
+	str->data += req_size;
+	str->length -= req_size;
+
+	/* if string becomes empty start from beginning */
+	if (str->length == 0) {
+		str->data = str->allocd;
+	}
+
+	return;
+}
+
+/* converts the buffer to a datum if possible. After this call
+ * (failed or not) the buffer should be considered deinitialized.
+ */
+int _gnutls_buffer_to_datum(gnutls_buffer_st * str, gnutls_datum_t * data, unsigned is_str)
+{
+	int ret;
+
+	if (str->length == 0) {
+		data->data = NULL;
+		data->size = 0;
+		ret = 0;
+		goto fail;
+	}
+
+	if (is_str) {
+		ret = _gnutls_buffer_append_data(str, "\x00", 1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+	}
+
+	if (str->allocd != str->data) {
+		data->data = gnutls_malloc(str->length);
+		if (data->data == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto fail;
+		}
+		memcpy(data->data, str->data, str->length);
+		data->size = str->length;
+		_gnutls_buffer_clear(str);
+	} else {
+		data->data = str->data;
+		data->size = str->length;
+		_gnutls_buffer_init(str);
+	}
+
+	if (is_str) {
+		data->size--;
+	}
+
+	return 0;
+ fail:
+	_gnutls_buffer_clear(str);
+	return ret;
+}
+
+/* returns data from a string in a constant buffer. Will
+ * fail with GNUTLS_E_PARSING_ERROR, if the string has not enough data.
+ */
+int
+_gnutls_buffer_pop_data(gnutls_buffer_st * str, void *data,
+			size_t req_size)
+{
+	gnutls_datum_t tdata;
+
+	_gnutls_buffer_pop_datum(str, &tdata, req_size);
+	if (tdata.data == NULL || tdata.size != req_size) {
+		return GNUTLS_E_PARSING_ERROR;
+	}
+
+	memcpy(data, tdata.data, tdata.size);
+
+	return 0;
+}
+
+int
+_gnutls_buffer_append_printf(gnutls_buffer_st * dest, const char *fmt, ...)
+{
+	va_list args;
+	int len;
+	char *str = NULL;
+
+	va_start(args, fmt);
+	len = vasprintf(&str, fmt, args);
+	va_end(args);
+
+	if (len < 0 || !str)
+		return -1;
+
+	len = _gnutls_buffer_append_str(dest, str);
+
+	free(str);
+
+	return len;
+}
+
+static int
+_gnutls_buffer_insert_data(gnutls_buffer_st * dest, int pos,
+			   const void *str, size_t str_size)
+{
+	size_t orig_length = dest->length;
+	int ret;
+
+	ret = _gnutls_buffer_resize(dest, dest->length + str_size);	/* resize to make space */
+	if (ret < 0)
+		return ret;
+
+	assert(dest->data != NULL);
+
+	memmove(&dest->data[pos + str_size], &dest->data[pos],
+		orig_length - pos);
+
+	memcpy(&dest->data[pos], str, str_size);
+	dest->length += str_size;
+
+	return 0;
+}
+
+static void
+_gnutls_buffer_delete_data(gnutls_buffer_st * dest, int pos,
+			   size_t str_size)
+{
+	memmove(&dest->data[pos], &dest->data[pos + str_size],
+		dest->length - pos - str_size);
+
+	dest->length -= str_size;
+
+	return;
+}
+
+
+int
+_gnutls_buffer_append_escape(gnutls_buffer_st * dest, const void *data,
+			     size_t data_size, const char *invalid_chars)
+{
+	int rv = -1;
+	char t[5];
+	unsigned int pos = dest->length;
+
+	rv = _gnutls_buffer_append_data(dest, data, data_size);
+	if (rv < 0)
+		return gnutls_assert_val(rv);
+
+	while (pos < dest->length) {
+
+		if (dest->data[pos] == '\\'
+			|| strchr(invalid_chars, dest->data[pos])
+			|| !c_isgraph(dest->data[pos])) {
+
+			snprintf(t, sizeof(t), "%%%.2X",
+				 (unsigned int) dest->data[pos]);
+
+			_gnutls_buffer_delete_data(dest, pos, 1);
+
+			if (_gnutls_buffer_insert_data(dest, pos, t, 3) < 0) {
+				rv = -1;
+				goto cleanup;
+			}
+			pos += 3;
+		} else
+			pos++;
+	}
+
+	rv = 0;
+
+      cleanup:
+	return rv;
+}
+
+int _gnutls_buffer_unescape(gnutls_buffer_st * dest)
+{
+	int rv = -1;
+	unsigned int pos = 0;
+
+	while (pos < dest->length) {
+		if (dest->data[pos] == '%') {
+			if (pos + 1 < dest->length && dest->data[pos + 1] == '%') {
+				// %% -> %
+				_gnutls_buffer_delete_data(dest, pos, 1);
+			} else if (pos + 2 < dest->length && c_isxdigit(dest->data[pos + 1]) && c_isxdigit(dest->data[pos + 2])) {
+				unsigned char x;
+
+				hex_decode((char *) dest->data + pos + 1, 2, &x, 1);
+
+				_gnutls_buffer_delete_data(dest, pos, 3);
+				_gnutls_buffer_insert_data(dest, pos, &x, 1);
+			}
+		}
+		pos++;
+	}
+
+	rv = 0;
+
+	return rv;
+}
+
+
+/* Converts the given string (old) to hex. A buffer must be provided
+ * to hold the new hex string. The new string will be null terminated.
+ * If the buffer does not have enough space to hold the string, a
+ * truncated hex string is returned (always null terminated).
+ */
+char *_gnutls_bin2hex(const void *_old, size_t oldlen,
+		      char *buffer, size_t buffer_size,
+		      const char *separator)
+{
+	unsigned int i, j;
+	const uint8_t *old = _old;
+	int step = 2;
+	const char empty[] = "";
+
+	if (separator != NULL && separator[0] != 0)
+		step = 3;
+	else
+		separator = empty;
+
+	if (buffer_size < 3) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	i = j = 0;
+	sprintf(&buffer[j], "%.2x", old[i]);
+	j += 2;
+	i++;
+
+	for (; i < oldlen && j + step < buffer_size; j += step) {
+		sprintf(&buffer[j], "%s%.2x", separator, old[i]);
+		i++;
+	}
+	buffer[j] = '\0';
+
+	return buffer;
+}
+
+/**
+ * gnutls_hex2bin:
+ * @hex_data: string with data in hex format
+ * @hex_size: size of hex data
+ * @bin_data: output array with binary data
+ * @bin_size: when calling should hold maximum size of @bin_data,
+ *	    on return will hold actual length of @bin_data.
+ *
+ * Convert a buffer with hex data to binary data. This function
+ * unlike gnutls_hex_decode() can parse hex data with separators
+ * between numbers. That is, it ignores any non-hex characters.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 2.4.0
+ **/
+int
+gnutls_hex2bin(const char *hex_data,
+	       size_t hex_size, void *bin_data, size_t * bin_size)
+{
+	return _gnutls_hex2bin(hex_data, hex_size, (void *) bin_data,
+			       bin_size);
+}
+
+int
+_gnutls_hex2bin(const char *hex_data, size_t hex_size, uint8_t * bin_data,
+		size_t * bin_size)
+{
+	unsigned int i, j;
+	uint8_t hex2_data[3];
+	unsigned long val;
+
+	hex2_data[2] = 0;
+
+	for (i = j = 0; i < hex_size;) {
+		if (!isxdigit(hex_data[i])) {	/* skip non-hex such as the ':' in 00:FF */
+			i++;
+			continue;
+		}
+		if (j >= *bin_size) {
+			gnutls_assert();
+			return GNUTLS_E_SHORT_MEMORY_BUFFER;
+		}
+
+		if (i+1 >= hex_size)
+			return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+		hex2_data[0] = hex_data[i];
+		hex2_data[1] = hex_data[i + 1];
+		i += 2;
+
+		val = strtoul((char *) hex2_data, NULL, 16);
+		if (val == ULONG_MAX) {
+			gnutls_assert();
+			return GNUTLS_E_PARSING_ERROR;
+		}
+		bin_data[j] = val;
+		j++;
+	}
+	*bin_size = j;
+
+	return 0;
+}
+
+/**
+ * gnutls_hex_decode2:
+ * @hex_data: contain the encoded data
+ * @result: the result in an allocated string
+ *
+ * This function will decode the given encoded data, using the hex
+ * encoding used by PSK password files.
+ *
+ * Returns: %GNUTLS_E_PARSING_ERROR on invalid hex data, or 0 on success.
+ **/
+int
+gnutls_hex_decode2(const gnutls_datum_t * hex_data, gnutls_datum_t *result)
+{
+	int ret;
+	int size = hex_data_size(hex_data->size);
+
+	result->data = gnutls_malloc(size);
+	if (result->data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	result->size = size;
+	ret = hex_decode((char *) hex_data->data, hex_data->size,
+			 result->data, result->size);
+	if (ret == 0) {
+		gnutls_assert();
+		gnutls_free(result->data);
+		return GNUTLS_E_PARSING_ERROR;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_hex_decode:
+ * @hex_data: contain the encoded data
+ * @result: the place where decoded data will be copied
+ * @result_size: holds the size of the result
+ *
+ * This function will decode the given encoded data, using the hex
+ * encoding used by PSK password files.
+ *
+ * Initially @result_size must hold the maximum size available in
+ * @result, and on return it will contain the number of bytes written.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not
+ *   long enough, %GNUTLS_E_PARSING_ERROR on invalid hex data, or 0 on success.
+ **/
+int
+gnutls_hex_decode(const gnutls_datum_t * hex_data, void *result,
+		  size_t * result_size)
+{
+	int ret;
+	size_t size = hex_data_size(hex_data->size);
+
+	if (*result_size < size) {
+		gnutls_assert();
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	ret = hex_decode((char *) hex_data->data, hex_data->size,
+			 result, size);
+	if (ret == 0) {
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+	}
+	*result_size = size;
+
+	return 0;
+}
+
+/**
+ * gnutls_hex_encode:
+ * @data: contain the raw data
+ * @result: the place where hex data will be copied
+ * @result_size: holds the size of the result
+ *
+ * This function will convert the given data to printable data, using
+ * the hex encoding, as used in the PSK password files.
+ *
+ * Note that the size of the result includes the null terminator.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the buffer given is not
+ * long enough, or 0 on success.
+ **/
+int
+gnutls_hex_encode(const gnutls_datum_t * data, char *result,
+		  size_t * result_size)
+{
+	int ret;
+	size_t size = hex_str_size(data->size);
+
+	if (*result_size < size) {
+		gnutls_assert();
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	ret = hex_encode(data->data, data->size, result, *result_size);
+	if (ret == 0) {
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+	}
+
+	*result_size = size;
+
+	return 0;
+}
+
+/**
+ * gnutls_hex_encode2:
+ * @data: contain the raw data
+ * @result: the result in an allocated string
+ *
+ * This function will convert the given data to printable data, using
+ * the hex encoding, as used in the PSK password files.
+ *
+ * Note that the size of the result does NOT include the null terminator.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ **/
+int
+gnutls_hex_encode2(const gnutls_datum_t * data, gnutls_datum_t *result)
+{
+	int ret;
+	int size = hex_str_size(data->size);
+
+	result->data = gnutls_malloc(size);
+	if (result->data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret = hex_encode((char*)data->data, data->size, (char*)result->data, size);
+	if (ret == 0) {
+		gnutls_free(result->data);
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+	}
+
+	result->size = size-1;
+
+	return 0;
+}
+
+static int
+hostname_compare_raw(const char *certname,
+			 size_t certnamesize, const char *hostname)
+{
+	if (certnamesize == strlen(hostname) && memcmp(hostname, certname, certnamesize) == 0)
+		return 1;
+	return 0;
+}
+
+static int
+hostname_compare_ascii(const char *certname,
+			 size_t certnamesize, const char *hostname)
+{
+	for (;
+	     *certname && *hostname
+	     && c_toupper(*certname) == c_toupper(*hostname);
+	     certname++, hostname++, certnamesize--);
+
+	/* the strings are the same */
+	if (certnamesize == 0 && *hostname == '\0')
+		return 1;
+
+	return 0;
+}
+
+/* compare hostname against certificate, taking account of wildcards
+ * return 1 on success or 0 on error
+ *
+ * note: certnamesize is required as X509 certs can contain embedded NULs in
+ * the strings such as CN or subjectAltName.
+ *
+ * Wildcards are taken into account only if they are the leftmost
+ * component, and if the string is ascii only (partial advice from rfc6125)
+ *
+ */
+int
+_gnutls_hostname_compare(const char *certname,
+			 size_t certnamesize, const char *hostname, unsigned vflags)
+{
+	char *p;
+	unsigned i;
+
+	for (i=0;i<certnamesize;i++) {
+		if (c_isprint(certname[i]) == 0)
+			return hostname_compare_raw(certname, certnamesize, hostname);
+	}
+
+	if (*certname == '*' && !(vflags & GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS)) {
+		/* a wildcard certificate */
+
+		/* ensure that we have at least two domain components after
+		 * the wildcard. */
+		p = strrchr(certname, '.');
+		if (p == NULL || strchr(certname, '.') == p || p[1] == 0) {
+			return 0;
+		}
+
+		certname++;
+		certnamesize--;
+
+		while (1) {
+			if (hostname_compare_ascii(certname, certnamesize, hostname))
+				return 1;
+
+			/* wildcards are only allowed to match a single domain
+			   component or component fragment */
+			if (*hostname == '\0' || *hostname == '.')
+				break;
+			hostname++;
+		}
+
+		return 0;
+	} else {
+		return hostname_compare_ascii(certname, certnamesize, hostname);
+	}
+}
+
+int
+_gnutls_buffer_append_prefix(gnutls_buffer_st * buf, int pfx_size,
+			     size_t data_size)
+{
+	uint8_t ss[4];
+
+	if (pfx_size == 32) {
+		_gnutls_write_uint32(data_size, ss);
+		pfx_size = 4;
+	} else if (pfx_size == 24) {
+		_gnutls_write_uint24(data_size, ss);
+		pfx_size = 3;
+	} else if (pfx_size == 16) {
+		_gnutls_write_uint16(data_size, ss);
+		pfx_size = 2;
+	} else if (pfx_size == 8) {
+		ss[0] = data_size;
+		pfx_size = 1;
+	} else
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	return _gnutls_buffer_append_data(buf, ss, pfx_size);
+}
+
+int _gnutls_buffer_pop_prefix8(gnutls_buffer_st *buf, uint8_t *data, int check)
+{
+	if (buf->length < 1) {
+		gnutls_assert();
+		return GNUTLS_E_PARSING_ERROR;
+	}
+
+	*data = buf->data[0];
+
+	if (check && *data > buf->length - 1) {
+		gnutls_assert();
+		return GNUTLS_E_PARSING_ERROR;
+	}
+
+	buf->data++;
+	buf->length--;
+
+	return 0;
+}
+
+int
+_gnutls_buffer_pop_prefix16(gnutls_buffer_st * buf, size_t * data_size,
+			    int check)
+{
+	size_t size;
+
+	if (buf->length < 2) {
+		gnutls_assert();
+		return GNUTLS_E_PARSING_ERROR;
+	}
+
+	size = _gnutls_read_uint16(buf->data);
+	if (check && size > buf->length - 2) {
+		gnutls_assert();
+		return GNUTLS_E_PARSING_ERROR;
+	}
+
+	buf->data += 2;
+	buf->length -= 2;
+
+	*data_size = size;
+
+	return 0;
+}
+
+int
+_gnutls_buffer_pop_prefix24(gnutls_buffer_st * buf, size_t * data_size,
+			    int check)
+{
+	size_t size;
+
+	if (buf->length < 3) {
+		gnutls_assert();
+		return GNUTLS_E_PARSING_ERROR;
+	}
+
+	size = _gnutls_read_uint24(buf->data);
+	if (check && size > buf->length - 3) {
+		gnutls_assert();
+		return GNUTLS_E_PARSING_ERROR;
+	}
+
+	buf->data += 3;
+	buf->length -= 3;
+
+	*data_size = size;
+
+	return 0;
+}
+
+/* Reads an uint32 number from the buffer. If check is non zero it will also check whether
+ * the number read, is less than the data in the buffer
+ */
+int
+_gnutls_buffer_pop_prefix32(gnutls_buffer_st * buf, size_t * data_size,
+			    int check)
+{
+	size_t size;
+
+	if (buf->length < 4) {
+		gnutls_assert();
+		return GNUTLS_E_PARSING_ERROR;
+	}
+
+	size = _gnutls_read_uint32(buf->data);
+	if (check && size > buf->length - 4) {
+		gnutls_assert();
+		return GNUTLS_E_PARSING_ERROR;
+	}
+
+	buf->data += 4;
+	buf->length -= 4;
+
+	*data_size = size;
+
+	return 0;
+}
+
+int
+_gnutls_buffer_pop_datum_prefix32(gnutls_buffer_st * buf,
+				  gnutls_datum_t * data)
+{
+	size_t size;
+	int ret;
+
+	ret = _gnutls_buffer_pop_prefix32(buf, &size, 1);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (size > 0) {
+		size_t osize = size;
+		_gnutls_buffer_pop_datum(buf, data, size);
+		if (osize != data->size) {
+			gnutls_assert();
+			return GNUTLS_E_PARSING_ERROR;
+		}
+	} else {
+		data->size = 0;
+		data->data = NULL;
+	}
+
+	return 0;
+}
+
+int
+_gnutls_buffer_pop_datum_prefix24(gnutls_buffer_st * buf,
+				  gnutls_datum_t * data)
+{
+	size_t size;
+	int ret;
+
+	ret = _gnutls_buffer_pop_prefix24(buf, &size, 1);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (size > 0) {
+		size_t osize = size;
+		_gnutls_buffer_pop_datum(buf, data, size);
+		if (osize != data->size) {
+			gnutls_assert();
+			return GNUTLS_E_PARSING_ERROR;
+		}
+	} else {
+		data->size = 0;
+		data->data = NULL;
+	}
+
+	return 0;
+}
+
+int
+_gnutls_buffer_pop_datum_prefix16(gnutls_buffer_st * buf,
+				  gnutls_datum_t * data)
+{
+	size_t size;
+
+	if (buf->length < 2) {
+		gnutls_assert();
+		return GNUTLS_E_PARSING_ERROR;
+	}
+
+	size = _gnutls_read_uint16(buf->data);
+
+	buf->data += 2;
+	buf->length -= 2;
+
+	if (size > 0) {
+		size_t osize = size;
+		_gnutls_buffer_pop_datum(buf, data, size);
+		if (osize != data->size) {
+			gnutls_assert();
+			return GNUTLS_E_PARSING_ERROR;
+		}
+	} else {
+		data->size = 0;
+		data->data = NULL;
+	}
+
+	return 0;
+}
+
+int
+_gnutls_buffer_pop_datum_prefix8(gnutls_buffer_st * buf,
+				 gnutls_datum_t * data)
+{
+	size_t size;
+
+	if (buf->length < 1) {
+		gnutls_assert();
+		return GNUTLS_E_PARSING_ERROR;
+	}
+
+	size = buf->data[0];
+
+	buf->data++;
+	buf->length--;
+
+	if (size > 0) {
+		size_t osize = size;
+		_gnutls_buffer_pop_datum(buf, data, size);
+		if (osize != data->size) {
+			gnutls_assert();
+			return GNUTLS_E_PARSING_ERROR;
+		}
+	} else {
+		data->size = 0;
+		data->data = NULL;
+	}
+
+	return 0;
+}
+
+int
+_gnutls_buffer_append_data_prefix(gnutls_buffer_st * buf,
+				  int pfx_size, const void *data,
+				  size_t data_size)
+{
+	int ret;
+
+	ret = _gnutls_buffer_append_prefix(buf, pfx_size, data_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (data_size > 0) {
+		ret = _gnutls_buffer_append_data(buf, data, data_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+int _gnutls_buffer_append_mpi(gnutls_buffer_st * buf, int pfx_size,
+			      bigint_t mpi, int lz)
+{
+	gnutls_datum_t dd;
+	int ret;
+
+	if (lz)
+		ret = _gnutls_mpi_dprint_lz(mpi, &dd);
+	else
+		ret = _gnutls_mpi_dprint(mpi, &dd);
+
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret =
+	    _gnutls_buffer_append_data_prefix(buf, pfx_size, dd.data,
+					      dd.size);
+
+	_gnutls_free_datum(&dd);
+
+	return ret;
+}
+
+/* Appends an MPI of fixed-size in bytes left-padded with zeros if necessary */
+int _gnutls_buffer_append_fixed_mpi(gnutls_buffer_st * buf,
+				    bigint_t mpi, unsigned size)
+{
+	gnutls_datum_t dd;
+	unsigned pad, i;
+	int ret;
+
+	ret = _gnutls_mpi_dprint(mpi, &dd);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (size < dd.size) {
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto cleanup;
+	}
+
+	pad = size - dd.size;
+	for (i=0;i<pad;i++) {
+		ret =
+		    _gnutls_buffer_append_data(buf, "\x00", 1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	/* append the rest */
+	ret =
+	    _gnutls_buffer_append_data(buf, dd.data, dd.size);
+
+ cleanup:
+	_gnutls_free_datum(&dd);
+	return ret;
+}
+
+void
+_gnutls_buffer_hexprint(gnutls_buffer_st * str,
+			const void *_data, size_t len)
+{
+	size_t j;
+	const unsigned char *data = _data;
+
+	if (len == 0)
+		_gnutls_buffer_append_str(str, "00");
+	else {
+		for (j = 0; j < len; j++)
+			_gnutls_buffer_append_printf(str, "%.2x",
+						     (unsigned) data[j]);
+	}
+}
+
+int
+_gnutls_buffer_base64print(gnutls_buffer_st * str,
+			   const void *_data, size_t len)
+{
+	const unsigned char *data = _data;
+	unsigned b64len = BASE64_ENCODE_RAW_LENGTH(len);
+	int ret;
+
+	ret = _gnutls_buffer_resize(str, str->length+b64len+1);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	base64_encode_raw((void*)&str->data[str->length], len, data);
+	str->length += b64len;
+	str->data[str->length] = 0;
+
+	return 0;
+}
+
+void
+_gnutls_buffer_hexdump(gnutls_buffer_st * str, const void *_data,
+		       size_t len, const char *spc)
+{
+	size_t j;
+	const unsigned char *data = _data;
+
+	if (spc)
+		_gnutls_buffer_append_str(str, spc);
+	for (j = 0; j < len; j++) {
+		if (((j + 1) % 16) == 0) {
+			_gnutls_buffer_append_printf(str, "%.2x\n",
+						     (unsigned) data[j]);
+			if (spc && j != (len - 1))
+				_gnutls_buffer_append_str(str, spc);
+		} else if (j == (len - 1))
+			_gnutls_buffer_append_printf(str, "%.2x",
+						     (unsigned) data[j]);
+		else
+			_gnutls_buffer_append_printf(str, "%.2x:",
+						     (unsigned) data[j]);
+	}
+	if ((j % 16) != 0)
+		_gnutls_buffer_append_str(str, "\n");
+}
+
+void
+_gnutls_buffer_asciiprint(gnutls_buffer_st * str,
+			  const char *data, size_t len)
+{
+	size_t j;
+
+	for (j = 0; j < len; j++)
+		if (c_isprint(data[j]))
+			_gnutls_buffer_append_printf(str, "%c",
+						     (unsigned char)
+						     data[j]);
+		else
+			_gnutls_buffer_append_printf(str, ".");
+}
diff --git a/lib/str.h b/lib/str.h
new file mode 100644
index 0000000..c80d2f5
--- /dev/null
+++ b/lib/str.h
@@ -0,0 +1,326 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2016-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_STR_H
+#define GNUTLS_LIB_STR_H
+
+#include <config.h>
+#include "gnutls_int.h"
+#include "errors.h"
+#include <datum.h>
+#include <c-ctype.h>
+#include "errors.h"
+
+#ifdef HAVE_DCGETTEXT
+# include "gettext.h"
+# define _(String) dgettext (PACKAGE, String)
+# define N_(String) gettext_noop (String)
+#else
+# define _(String) String
+# define N_(String) String
+#endif
+
+int gnutls_utf8_password_normalize(const uint8_t *password, unsigned password_len,
+				   gnutls_datum_t *out, unsigned flags);
+
+#define _gnutls_utf8_password_normalize(p, plen, out, ignore_errs) \
+	gnutls_utf8_password_normalize((unsigned char*)p, plen, out, \
+		ignore_errs?(GNUTLS_UTF8_IGNORE_ERRS):0)
+
+int _gnutls_idna_email_map(const char *input, unsigned ilen, gnutls_datum_t *output);
+int _gnutls_idna_email_reverse_map(const char *input, unsigned ilen, gnutls_datum_t *output);
+
+inline static unsigned _gnutls_str_is_print(const char *str, unsigned size)
+{
+	unsigned i;
+	for (i=0;i<size;i++) {
+		if (!c_isprint(str[i]))
+			return 0;
+	}
+	return 1;
+}
+
+inline static unsigned _gnutls_dnsname_is_valid(const char *str, unsigned size)
+{
+	unsigned i;
+	for (i=0;i<size;i++) {
+		if (!(c_isalnum(str[i]) || str[i] == '-' || str[i] == '.'))
+			return 0;
+	}
+	return 1;
+}
+
+inline static bool _gnutls_has_embedded_null(const char *str, unsigned size)
+{
+	if (strlen(str) != size)
+		return true;
+	return false;
+}
+
+void _gnutls_str_cpy(char *dest, size_t dest_tot_size, const char *src);
+void _gnutls_str_cat(char *dest, size_t dest_tot_size, const char *src);
+
+typedef struct gnutls_buffer_st {
+	uint8_t *allocd;	/* pointer to allocated data */
+	uint8_t *data;		/* API: pointer to data to copy from */
+	size_t max_length;
+	size_t length;		/* API: current length */
+} gnutls_buffer_st;
+
+/* Initialize a buffer */
+void _gnutls_buffer_init(gnutls_buffer_st *);
+
+/* Free the data in a buffer */
+void _gnutls_buffer_clear(gnutls_buffer_st *);
+
+/* Set the buffer data to be of zero length */
+inline static void _gnutls_buffer_reset(gnutls_buffer_st * buf)
+{
+	buf->data = buf->allocd;
+	buf->length = 0;
+}
+
+int _gnutls_buffer_resize(gnutls_buffer_st *, size_t new_size);
+
+int _gnutls_buffer_append_str(gnutls_buffer_st *, const char *str);
+
+#define _gnutls_buffer_append_data gnutls_buffer_append_data
+
+#include <num.h>
+
+int _gnutls_buffer_append_prefix(gnutls_buffer_st * buf, int pfx_size,
+				 size_t data_size);
+
+int _gnutls_buffer_append_mpi(gnutls_buffer_st * buf, int pfx_size,
+			      bigint_t, int lz);
+
+int _gnutls_buffer_append_fixed_mpi(gnutls_buffer_st * buf,
+				    bigint_t mpi, unsigned size);
+
+int _gnutls_buffer_append_data_prefix(gnutls_buffer_st * buf, int pfx_size,
+				      const void *data, size_t data_size);
+int _gnutls_buffer_pop_data(gnutls_buffer_st *, void *, size_t size);
+void _gnutls_buffer_pop_datum(gnutls_buffer_st *, gnutls_datum_t *,
+			      size_t max_size);
+
+/* 32-bit prefix */
+int _gnutls_buffer_pop_prefix32(gnutls_buffer_st * buf, size_t * data_size, int check);
+int _gnutls_buffer_pop_prefix24(gnutls_buffer_st * buf, size_t * data_size, int check);
+int _gnutls_buffer_pop_prefix16(gnutls_buffer_st * buf, size_t * data_size, int check);
+int _gnutls_buffer_pop_prefix8(gnutls_buffer_st *, uint8_t *, int check);
+
+/* 32-bit prefix */
+int _gnutls_buffer_pop_datum_prefix32(gnutls_buffer_st * buf,
+				      gnutls_datum_t * data);
+
+/* 24-bit prefix */
+int _gnutls_buffer_pop_datum_prefix24(gnutls_buffer_st * buf,
+				      gnutls_datum_t * data);
+
+/* 16-bit prefix */
+int _gnutls_buffer_pop_datum_prefix16(gnutls_buffer_st * buf,
+				      gnutls_datum_t * data);
+
+/* 8-bit prefix */
+int _gnutls_buffer_pop_datum_prefix8(gnutls_buffer_st * buf,
+				     gnutls_datum_t * data);
+
+int _gnutls_buffer_to_datum(gnutls_buffer_st * str, gnutls_datum_t * data, unsigned is_str);
+
+inline static
+void _gnutls_ro_buffer_from_datum(gnutls_buffer_st * str, gnutls_datum_t * data)
+{
+	_gnutls_buffer_init(str);
+	str->length = data->size;
+	str->max_length = data->size;
+	str->data = data->data;
+}
+
+int
+_gnutls_buffer_append_escape(gnutls_buffer_st * dest, const void *data,
+			     size_t data_size, const char *invalid_chars);
+int _gnutls_buffer_unescape(gnutls_buffer_st * dest);
+
+#ifndef __attribute__
+/* This feature is available in gcc versions 2.5 and later.  */
+#if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 5)
+#define __attribute__(Spec)	/* empty */
+#endif
+#endif
+
+int _gnutls_buffer_append_printf(gnutls_buffer_st * dest, const char *fmt,
+				 ...)
+    __attribute__ ((format(printf, 2, 3)));
+
+void _gnutls_buffer_hexprint(gnutls_buffer_st * str,
+			     const void *data, size_t len);
+int _gnutls_buffer_base64print(gnutls_buffer_st * str,
+			        const void *data, size_t len);
+void _gnutls_buffer_hexdump(gnutls_buffer_st * str, const void *data,
+			    size_t len, const char *spc);
+void _gnutls_buffer_asciiprint(gnutls_buffer_st * str,
+			       const char *data, size_t len);
+
+char *_gnutls_bin2hex(const void *old, size_t oldlen, char *buffer,
+		      size_t buffer_size, const char *separator);
+int _gnutls_hex2bin(const char *hex_data, size_t hex_size,
+		    uint8_t * bin_data, size_t * bin_size);
+
+int _gnutls_hostname_compare(const char *certname, size_t certnamesize,
+			     const char *hostname, unsigned vflags);
+
+#define MAX_CN 256
+#define MAX_DN 1024
+
+#define BUFFER_APPEND(b, x, s) { \
+	ret = _gnutls_buffer_append_data(b, x, s); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    return ret; \
+	} \
+    }
+
+/* append data prefixed with 4-bytes length field*/
+#define BUFFER_APPEND_PFX4(b, x, s) { \
+	ret = _gnutls_buffer_append_data_prefix(b, 32, x, s); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    return ret; \
+	} \
+    }
+
+#define BUFFER_APPEND_PFX3(b, x, s) { \
+	ret = _gnutls_buffer_append_data_prefix(b, 24, x, s); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    return ret; \
+	} \
+    }
+
+#define BUFFER_APPEND_PFX2(b, x, s) { \
+	ret = _gnutls_buffer_append_data_prefix(b, 16, x, s); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    return ret; \
+	} \
+    }
+
+#define BUFFER_APPEND_PFX1(b, x, s) { \
+	ret = _gnutls_buffer_append_data_prefix(b, 8, x, s); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    return ret; \
+	} \
+    }
+
+#define BUFFER_APPEND_NUM(b, s) { \
+	ret = _gnutls_buffer_append_prefix(b, 32, s); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    return ret; \
+	} \
+    }
+
+#define BUFFER_APPEND_TS(b, s) { \
+	ret = _gnutls_buffer_append_prefix(b, 32, (uint64_t) s.tv_sec >> 32); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    return ret; \
+	} \
+	ret = _gnutls_buffer_append_prefix(b, 32, s.tv_sec & 0xFFFFFFFF); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    return ret; \
+	} \
+	ret = _gnutls_buffer_append_prefix(b, 32, s.tv_nsec); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    return ret; \
+	} \
+    }
+
+#define BUFFER_POP(b, x, s) { \
+	ret = _gnutls_buffer_pop_data(b, x, s); \
+	if (ret < 0) { \
+	    ret = GNUTLS_E_PARSING_ERROR; \
+	    gnutls_assert(); \
+	    goto error; \
+	} \
+    }
+
+#define BUFFER_POP_DATUM(b, o) { \
+	gnutls_datum_t d; \
+	ret = _gnutls_buffer_pop_datum_prefix32(b, &d); \
+	if (ret >= 0) \
+	    ret = _gnutls_set_datum (o, d.data, d.size); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    goto error; \
+	} \
+    }
+
+#define BUFFER_POP_NUM(b, o) { \
+	size_t s; \
+	ret = _gnutls_buffer_pop_prefix32(b, &s, 0); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    goto error; \
+	} \
+	o = s; \
+    }
+
+#define BUFFER_POP_CAST_NUM(b, o) { \
+	size_t s; \
+	ret = _gnutls_buffer_pop_prefix32(b, &s, 0); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    goto error; \
+	} \
+	o = (void *) (intptr_t)(s); \
+    }
+
+#define BUFFER_POP_TS(b, o) { \
+	size_t s; \
+	uint64_t v; \
+	ret = _gnutls_buffer_pop_prefix32(b, &s, 0); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    goto error; \
+	} \
+	v = s; \
+	ret = _gnutls_buffer_pop_prefix32(b, &s, 0); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    goto error; \
+	} \
+	v = (v << 32) | s; \
+	ret = _gnutls_buffer_pop_prefix32(b, &s, 0); \
+	if (ret < 0) { \
+	    gnutls_assert(); \
+	    goto error; \
+	} \
+	o.tv_sec = v; \
+	o.tv_nsec = s; \
+    }
+
+#endif /* GNUTLS_LIB_STR_H */
diff --git a/lib/str_array.h b/lib/str_array.h
new file mode 100644
index 0000000..2a78723
--- /dev/null
+++ b/lib/str_array.h
@@ -0,0 +1,135 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_STR_ARRAY_H
+#define GNUTLS_LIB_STR_ARRAY_H
+
+#include "gnutls_int.h"
+#include "errors.h"
+
+/* Functionality to allow an array of strings. Strings
+ * are allowed to be added to the list and matched against it.
+ */
+
+typedef struct gnutls_str_array_st {
+	char *str;
+	unsigned int len;
+	struct gnutls_str_array_st *next;
+} *gnutls_str_array_t;
+
+inline static void _gnutls_str_array_init(gnutls_str_array_t * head)
+{
+	*head = NULL;
+}
+
+inline static void _gnutls_str_array_clear(gnutls_str_array_t * head)
+{
+	gnutls_str_array_t prev, array = *head;
+
+	while (array != NULL) {
+		prev = array;
+		array = prev->next;
+		gnutls_free(prev);
+	}
+	*head = NULL;
+}
+
+inline static int _gnutls_str_array_match(gnutls_str_array_t head,
+					  const char *str)
+{
+	gnutls_str_array_t array = head;
+
+	while (array != NULL) {
+		if (strcmp(array->str, str) == 0)
+			return 1;
+		array = array->next;
+	}
+
+	return 0;
+}
+
+inline static void append(gnutls_str_array_t array, const char *str,
+			  int len)
+{
+	array->str = ((char *) array) + sizeof(struct gnutls_str_array_st);
+	memcpy(array->str, str, len);
+	array->str[len] = 0;
+	array->len = len;
+	array->next = NULL;
+}
+
+inline static int _gnutls_str_array_append(gnutls_str_array_t * head,
+					   const char *str, int len)
+{
+	gnutls_str_array_t prev, array;
+	if (*head == NULL) {
+		*head =
+		    gnutls_malloc(len + 1 +
+				  sizeof(struct gnutls_str_array_st));
+		if (*head == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		array = *head;
+		append(array, str, len);
+	} else {
+		array = *head;
+		prev = array;
+		while (array != NULL) {
+			prev = array;
+			array = prev->next;
+		}
+		prev->next =
+		    gnutls_malloc(len + 1 +
+				  sizeof(struct gnutls_str_array_st));
+
+		array = prev->next;
+
+		if (array == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		append(array, str, len);
+	}
+
+	return 0;
+}
+
+inline static int _gnutls_str_array_append_idna(gnutls_str_array_t * head,
+			const char *name, size_t size)
+{
+	int ret;
+	gnutls_datum_t ahost;
+
+	/* convert the provided hostname to ACE-Labels domain. */
+	ret = gnutls_idna_map(name, size, &ahost, 0);
+	if (ret < 0) {
+		_gnutls_debug_log("unable to convert hostname %s to IDNA format\n", name);
+		/* insert the raw name */
+		return _gnutls_str_array_append(head, name, size);
+	}
+
+	ret = _gnutls_str_array_append(head, (char*)ahost.data, ahost.size);
+	gnutls_free(ahost.data);
+
+	return ret;
+}
+
+#endif /* GNUTLS_LIB_STR_ARRAY_H */
diff --git a/lib/supplemental.c b/lib/supplemental.c
new file mode 100644
index 0000000..becb01e
--- /dev/null
+++ b/lib/supplemental.c
@@ -0,0 +1,410 @@
+/*
+ * Copyright (C) 2007-2012 Free Software Foundation, Inc.
+ *
+ * Author: Simon Josefsson
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains support functions for 'TLS Handshake Message for
+ * Supplemental Data' (RFC 4680).
+ *
+ * The idea here is simple.  gnutls_handshake() in gnuts_handshake.c
+ * will call _gnutls_gen_supplemental and _gnutls_parse_supplemental
+ * when some extension requested that supplemental data be sent or
+ * received.  Extension request this by setting the flags
+ * do_recv_supplemental or do_send_supplemental in the session.
+ *
+ * The functions in this file iterate through the _gnutls_supplemental
+ * array, and calls the send/recv functions for each respective data
+ * type.
+ *
+ * The receive function of each data type is responsible for decoding
+ * its own data.  If the extension did not expect to receive
+ * supplemental data, it should return GNUTLS_E_UNEXPECTED_PACKET.
+ * Otherwise, it just parse the data as normal.
+ *
+ * The send function needs to append the 2-byte data format type, and
+ * append the 2-byte length of its data, and the data.  If it doesn't
+ * want to send any data, it is fine to return without doing anything.
+ */
+
+#include "gnutls_int.h"
+#include <gnutls/gnutls.h>
+#include "supplemental.h"
+#include "errors.h"
+#include "num.h"
+#include "intprops.h"
+
+typedef struct gnutls_supplemental_entry_st {
+	char *name;
+	gnutls_supplemental_data_format_type_t type;
+	gnutls_supp_recv_func supp_recv_func;
+	gnutls_supp_send_func supp_send_func;
+} gnutls_supplemental_entry_st;
+
+static size_t suppfunc_size = 0;
+static gnutls_supplemental_entry_st *suppfunc = NULL;
+
+/**
+ * gnutls_supplemental_get_name:
+ * @type: is a supplemental data format type
+ *
+ * Convert a #gnutls_supplemental_data_format_type_t value to a
+ * string.
+ *
+ * Returns: a string that contains the name of the specified
+ *   supplemental data format type, or %NULL for unknown types.
+ **/
+const char
+    *gnutls_supplemental_get_name(gnutls_supplemental_data_format_type_t
+				  type)
+{
+	size_t i;
+
+	for (i = 0; i < suppfunc_size; i++) {
+		if (suppfunc[i].type == type)
+			return suppfunc[i].name;
+	}
+
+	return NULL;
+}
+
+void _gnutls_supplemental_deinit(void)
+{
+	unsigned i;
+
+	for (i = 0; i < suppfunc_size; i++) {
+		gnutls_free(suppfunc[i].name);
+	}
+	gnutls_free(suppfunc);
+
+	suppfunc = NULL;
+	suppfunc_size = 0;
+}
+
+static gnutls_supp_recv_func
+get_supp_func_recv(gnutls_session_t session, gnutls_supplemental_data_format_type_t type)
+{
+	size_t i;
+
+	for (i = 0; i < session->internals.rsup_size; i++) {
+		if (session->internals.rsup[i].type == type)
+			return session->internals.rsup[i].supp_recv_func;
+	}
+
+	for (i = 0; i < suppfunc_size; i++) {
+		if (suppfunc[i].type == type)
+			return suppfunc[i].supp_recv_func;
+	}
+
+	return NULL;
+}
+
+static int gen_supplemental(gnutls_session_t session, const gnutls_supplemental_entry_st *supp,
+			    gnutls_buffer_st * buf)
+{
+	int ret;
+	gnutls_supp_send_func supp_send = supp->supp_send_func;
+	size_t sizepos = buf->length;
+
+	/* Make room for supplement type and length byte length field. */
+	ret = _gnutls_buffer_append_data(buf, "\0\0\0\0", 4);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = supp_send(session, buf);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* If data were added, store type+length, otherwise reset. */
+	if (buf->length > sizepos + 4) {
+		buf->data[sizepos] = (supp->type >> 8) & 0xFF;
+		buf->data[sizepos + 1] = supp->type & 0xFF;
+		buf->data[sizepos + 2] =
+		    ((buf->length - sizepos - 4) >> 8) & 0xFF;
+		buf->data[sizepos + 3] =
+		    (buf->length - sizepos - 4) & 0xFF;
+	} else
+		buf->length -= 4;
+
+	return 0;
+}
+
+int
+_gnutls_gen_supplemental(gnutls_session_t session, gnutls_buffer_st * buf)
+{
+	size_t i;
+	int ret;
+	unsigned init_pos = buf->length;
+
+	/* Make room for 3 byte length field. */
+	ret = _gnutls_buffer_append_data(buf, "\0\0\0", 3);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	for (i = 0; i < session->internals.rsup_size; i++) {
+		ret = gen_supplemental(session, &session->internals.rsup[i], buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	for (i = 0; i < suppfunc_size; i++) {
+		ret = gen_supplemental(session, &suppfunc[i], buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	i = buf->length - init_pos - 3;
+
+	buf->data[init_pos] = (i >> 16) & 0xFF;
+	buf->data[init_pos+1] = (i >> 8) & 0xFF;
+	buf->data[init_pos+2] = i & 0xFF;
+
+	_gnutls_debug_log
+	    ("EXT[%p]: Sending %d bytes of supplemental data\n", session,
+	     (int) buf->length);
+
+	return buf->length - init_pos;
+}
+
+int
+_gnutls_parse_supplemental(gnutls_session_t session,
+			   const uint8_t * data, int datalen)
+{
+	const uint8_t *p = data;
+	size_t dsize = datalen;
+	size_t total_size;
+
+	DECR_LEN(dsize, 3);
+	total_size = _gnutls_read_uint24(p);
+	p += 3;
+
+	if (dsize != total_size) {
+		gnutls_assert();
+		return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+	}
+
+	do {
+		uint16_t supp_data_type;
+		uint16_t supp_data_length;
+		gnutls_supp_recv_func recv_func;
+
+		DECR_LEN(dsize, 2);
+		supp_data_type = _gnutls_read_uint16(p);
+		p += 2;
+
+		DECR_LEN(dsize, 2);
+		supp_data_length = _gnutls_read_uint16(p);
+		p += 2;
+
+		_gnutls_debug_log
+		    ("EXT[%p]: Got supplemental type=%02x length=%d\n",
+		     session, supp_data_type, supp_data_length);
+
+		recv_func = get_supp_func_recv(session, supp_data_type);
+		if (recv_func) {
+			int ret = recv_func(session, p, supp_data_length);
+			if (ret < 0) {
+				gnutls_assert();
+				return ret;
+			}
+		} else {
+			gnutls_assert();
+			return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+		}
+
+		DECR_LEN(dsize, supp_data_length);
+		p += supp_data_length;
+	}
+	while (dsize > 0);
+
+	return 0;
+}
+
+static int
+_gnutls_supplemental_register(gnutls_supplemental_entry_st *entry)
+{
+	gnutls_supplemental_entry_st *p;
+	unsigned i;
+
+	for (i = 0; i < suppfunc_size; i++) {
+		if (entry->type == suppfunc[i].type)
+			return gnutls_assert_val(GNUTLS_E_ALREADY_REGISTERED);
+	}
+
+	if (unlikely(INT_ADD_OVERFLOW(suppfunc_size, 1))) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	p = _gnutls_reallocarray_fast(suppfunc, suppfunc_size + 1,
+				      sizeof(*suppfunc));
+	if (!p) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	suppfunc = p;
+
+	memcpy(&suppfunc[suppfunc_size], entry, sizeof(*entry));
+
+	suppfunc_size++;
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_supplemental_register:
+ * @name: the name of the supplemental data to register
+ * @type: the type of the supplemental data format
+ * @recv_func: the function to receive the data
+ * @send_func: the function to send the data
+ *
+ * This function will register a new supplemental data type (rfc4680).
+ * The registered data will remain until gnutls_global_deinit()
+ * is called. The provided @type must be an unassigned type in
+ * %gnutls_supplemental_data_format_type_t. If the type is already
+ * registered or handled by GnuTLS internally %GNUTLS_E_ALREADY_REGISTERED
+ * will be returned.
+ *
+ * This function is not thread safe. As supplemental data are not defined under
+ * TLS 1.3, this function will disable TLS 1.3 support globally.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_supplemental_register(const char *name, gnutls_supplemental_data_format_type_t type,
+			     gnutls_supp_recv_func recv_func, gnutls_supp_send_func send_func)
+{
+	gnutls_supplemental_entry_st tmp_entry;
+	int ret;
+
+	tmp_entry.name = gnutls_strdup(name);
+	tmp_entry.type = type;
+	tmp_entry.supp_recv_func = recv_func;
+	tmp_entry.supp_send_func = send_func;
+	
+	ret = _gnutls_supplemental_register(&tmp_entry);
+	if (ret < 0) {
+		gnutls_free(tmp_entry.name);
+	}
+
+	_gnutls_disable_tls13 = 1;
+
+	return ret;
+}
+
+/**
+ * gnutls_session_supplemental_register:
+ * @session: the session for which this will be registered
+ * @name: the name of the supplemental data to register
+ * @type: the type of the supplemental data format
+ * @recv_func: the function to receive the data
+ * @send_func: the function to send the data
+ * @flags: must be zero
+ *
+ * This function will register a new supplemental data type (rfc4680).
+ * The registered supplemental functions will be used for that specific
+ * session. The provided @type must be an unassigned type in
+ * %gnutls_supplemental_data_format_type_t.
+ *
+ * If the type is already registered or handled by GnuTLS internally
+ * %GNUTLS_E_ALREADY_REGISTERED will be returned.
+ *
+ * As supplemental data are not defined under TLS 1.3, this function will
+ * disable TLS 1.3 support for the given session.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.5.5
+ **/
+int
+gnutls_session_supplemental_register(gnutls_session_t session, const char *name,
+				     gnutls_supplemental_data_format_type_t type,
+				     gnutls_supp_recv_func recv_func,
+				     gnutls_supp_send_func send_func,
+				     unsigned flags)
+{
+	gnutls_supplemental_entry_st tmp_entry;
+	gnutls_supplemental_entry_st *p;
+	unsigned i;
+
+	tmp_entry.name = NULL;
+	tmp_entry.type = type;
+	tmp_entry.supp_recv_func = recv_func;
+	tmp_entry.supp_send_func = send_func;
+
+	for (i = 0; i < suppfunc_size; i++) {
+		if (type == suppfunc[i].type)
+			return gnutls_assert_val(GNUTLS_E_ALREADY_REGISTERED);
+	}
+
+	p = gnutls_realloc(session->internals.rsup,
+			   sizeof(gnutls_supplemental_entry_st)*(session->internals.rsup_size + 1));
+	if (!p)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	session->internals.rsup = p;
+
+	memcpy(&session->internals.rsup[session->internals.rsup_size], &tmp_entry, sizeof(tmp_entry));
+	session->internals.rsup_size++;
+
+	session->internals.flags |= INT_FLAG_NO_TLS13;
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_supplemental_recv:
+ * @session: is a #gnutls_session_t type.
+ * @do_recv_supplemental: non-zero in order to expect supplemental data
+ *
+ * This function is to be called by an extension handler to
+ * instruct gnutls to attempt to receive supplemental data
+ * during the handshake process.
+ *
+ * Since: 3.4.0
+ **/
+void
+gnutls_supplemental_recv(gnutls_session_t session, unsigned do_recv_supplemental)
+{
+	session->security_parameters.do_recv_supplemental = do_recv_supplemental;
+}
+
+/**
+ * gnutls_supplemental_send:
+ * @session: is a #gnutls_session_t type.
+ * @do_send_supplemental: non-zero in order to send supplemental data
+ *
+ * This function is to be called by an extension handler to
+ * instruct gnutls to send supplemental data during the handshake process.
+ *
+ * Since: 3.4.0
+ **/
+void
+gnutls_supplemental_send(gnutls_session_t session, unsigned do_send_supplemental)
+{
+	session->security_parameters.do_send_supplemental = do_send_supplemental;
+}
diff --git a/lib/supplemental.h b/lib/supplemental.h
new file mode 100644
index 0000000..446d709
--- /dev/null
+++ b/lib/supplemental.h
@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2007-2012 Free Software Foundation, Inc.
+ *
+ * Author: Simon Josefsson
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_SUPPLEMENTAL_H
+#define GNUTLS_LIB_SUPPLEMENTAL_H
+
+#include "gnutls_int.h"
+
+int _gnutls_parse_supplemental(gnutls_session_t session,
+			       const uint8_t * data, int data_size);
+int _gnutls_gen_supplemental(gnutls_session_t session,
+			     gnutls_buffer_st * buf);
+
+void _gnutls_supplemental_deinit(void);
+
+#endif /* GNUTLS_LIB_SUPPLEMENTAL_H */
diff --git a/lib/system-keys.h b/lib/system-keys.h
new file mode 100644
index 0000000..ad3c411
--- /dev/null
+++ b/lib/system-keys.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright © 2014 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_SYSTEM_KEYS_H
+#define GNUTLS_LIB_SYSTEM_KEYS_H
+
+#ifdef _WIN32
+# define _gnutls_system_url_is_supported(x) 1
+#else
+# define _gnutls_system_url_is_supported(x) 0
+#endif
+
+int
+_gnutls_x509_crt_import_system_url(gnutls_x509_crt_t crt, const char *url);
+
+int
+_gnutls_privkey_import_system_url(gnutls_privkey_t pkey,
+				  const char *url);
+
+void _gnutls_system_key_deinit(void);
+int _gnutls_system_key_init(void);
+
+#endif /* GNUTLS_LIB_SYSTEM_KEYS_H */
diff --git a/lib/system.c b/lib/system.c
new file mode 100644
index 0000000..f01669d
--- /dev/null
+++ b/lib/system.c
@@ -0,0 +1,102 @@
+/*
+ * Copyright (C) 2010-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include <config.h>
+#include <system.h>
+#include "gnutls_int.h"
+#include "errors.h"
+
+#include <sys/socket.h>
+#include <errno.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <time.h>
+
+#ifdef _WIN32
+# include <windows.h>
+# include <wincrypt.h>
+# if defined(NEED_CERT_ENUM_CRLS)
+CertEnumCRLsInStoreFunc pCertEnumCRLsInStore;
+static HMODULE Crypt32_dll;
+# endif
+#endif
+
+/* System specific function wrappers for certificate stores.
+ */
+gnutls_time_func gnutls_time;
+gnutls_gettime_func gnutls_gettime;
+
+/* emulate gnulib's gettime using gettimeofday to avoid linking to
+ * librt */
+static void _gnutls_gettime(struct timespec *t)
+{
+#if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_REALTIME)
+	clock_gettime(CLOCK_REALTIME, t);
+#else
+	struct timeval tv;
+	gettimeofday(&tv, NULL);
+	t->tv_sec = tv.tv_sec;
+	t->tv_nsec = tv.tv_usec * 1000;
+#endif
+}
+
+void _gnutls_global_set_gettime_function(gnutls_gettime_func gettime_func)
+{
+	gnutls_gettime = gettime_func;
+}
+
+int gnutls_system_global_init(void)
+{
+#if defined(_WIN32) && defined(NEED_CERT_ENUM_CRLS)
+	/* used in system/certs.c */
+	HMODULE crypto;
+	crypto = LoadLibrary(TEXT("Crypt32.dll"));
+
+	if (crypto == NULL)
+		return GNUTLS_E_CRYPTO_INIT_FAILED;
+
+	pCertEnumCRLsInStore =
+	    (CertEnumCRLsInStoreFunc) GetProcAddress(crypto,
+						      "CertEnumCRLsInStore");
+	if (pCertEnumCRLsInStore == NULL) {
+		FreeLibrary(crypto);
+		return GNUTLS_E_CRYPTO_INIT_FAILED;
+	}
+
+	Crypt32_dll = crypto;
+#endif
+	gnutls_time = time;
+	gnutls_gettime = _gnutls_gettime;
+	return 0;
+}
+
+void gnutls_system_global_deinit(void)
+{
+#if defined(_WIN32) && defined(NEED_CERT_ENUM_CRLS)
+	FreeLibrary(Crypt32_dll);
+#endif
+	gnutls_time = time;
+	gnutls_gettime = _gnutls_gettime;
+}
+
+
diff --git a/lib/system.h b/lib/system.h
new file mode 100644
index 0000000..e15c8cd
--- /dev/null
+++ b/lib/system.h
@@ -0,0 +1,107 @@
+/*
+ * Copyright (C) 2010-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_SYSTEM_H
+#define GNUTLS_LIB_SYSTEM_H
+
+#include "gnutls_int.h"
+#include <time.h>
+#include <sys/time.h>
+
+#ifdef _WIN32
+# if defined(__MINGW32__) && !defined(__MINGW64_VERSION_MAJOR) && __MINGW32_MAJOR_VERSION <= 3 && __MINGW32_MINOR_VERSION <= 20
+#  define NEED_CERT_ENUM_CRLS
+typedef PCCRL_CONTEXT WINAPI(*CertEnumCRLsInStoreFunc) (HCERTSTORE
+							 hCertStore,
+							 PCCRL_CONTEXT
+							 pPrevCrlContext);
+extern CertEnumCRLsInStoreFunc pCertEnumCRLsInStore;
+# else
+#  define pCertEnumCRLsInStore CertEnumCRLsInStore
+# endif
+#include <windows.h>		/* for Sleep */
+#else
+#include <sys/uio.h>		/* for writev */
+#endif
+
+#ifdef _POSIX_PATH_MAX
+# define GNUTLS_PATH_MAX _POSIX_PATH_MAX
+#else
+# define GNUTLS_PATH_MAX 256
+#endif
+
+int system_errno(gnutls_transport_ptr_t);
+
+ssize_t system_write(gnutls_transport_ptr_t ptr, const void *data,
+		     size_t data_size);
+#define HAVE_WRITEV
+ssize_t system_writev(gnutls_transport_ptr_t ptr, const giovec_t * iovec,
+		      int iovec_cnt);
+ssize_t system_writev_nosignal(gnutls_transport_ptr_t ptr, const giovec_t * iovec,
+		      int iovec_cnt);
+ssize_t system_writev_tfo(gnutls_session_t ptr, const giovec_t * iovec,
+		      int iovec_cnt);
+ssize_t system_writev_nosignal_tfo(gnutls_session_t ptr, const giovec_t * iovec,
+		      int iovec_cnt);
+ssize_t system_read(gnutls_transport_ptr_t ptr, void *data,
+		    size_t data_size);
+
+#if defined(_WIN32)
+# define HAVE_WIN32_LOCKS
+#elif defined(HAVE_LIBPTHREAD) || defined(HAVE_PTHREAD_MUTEX_LOCK)
+# define HAVE_PTHREAD_LOCKS
+#else
+# define HAVE_NO_LOCKS
+#endif
+
+typedef void (*gnutls_gettime_func) (struct timespec *);
+
+extern gnutls_time_func gnutls_time;
+extern gnutls_gettime_func gnutls_gettime;
+
+static inline void millisleep(unsigned int ms)
+{
+#ifdef _WIN32
+	Sleep(ms);
+#else
+	struct timespec ts;
+
+	ts.tv_sec = 0;
+	ts.tv_nsec = ms * 1000 * 1000;
+
+	nanosleep(&ts, NULL);
+#endif
+}
+
+int _gnutls_find_config_path(char *path, size_t max_size);
+int _gnutls_ucs2_to_utf8(const void *data, size_t size,
+			 gnutls_datum_t * output, unsigned bigendian);
+int _gnutls_utf8_to_ucs2(const void *data, size_t size,
+			 gnutls_datum_t * output, unsigned be);
+
+void _gnutls_global_set_gettime_function(gnutls_gettime_func gettime_func);
+
+int gnutls_system_global_init(void);
+void gnutls_system_global_deinit(void);
+
+#endif /* GNUTLS_LIB_SYSTEM_H */
diff --git a/lib/system/certs.c b/lib/system/certs.c
new file mode 100644
index 0000000..611c645
--- /dev/null
+++ b/lib/system/certs.c
@@ -0,0 +1,374 @@
+/*
+ * Copyright (C) 2010-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include <config.h>
+#include "gnutls_int.h"
+#include "errors.h"
+
+#include <sys/socket.h>
+#include <errno.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include "system.h"
+
+#ifdef _WIN32
+# include <windows.h>
+# include <wincrypt.h>
+
+#else /* !_WIN32 */
+
+# include <poll.h>
+
+# if defined(HAVE_GETPWUID_R)
+#  include <pwd.h>
+# endif
+#endif
+
+#ifdef __APPLE__
+# include <CoreFoundation/CoreFoundation.h>
+# include <Security/Security.h>
+# include <Availability.h>
+#endif
+
+/* System specific function wrappers for certificate stores.
+ */
+
+#define CONFIG_PATH ".gnutls"
+
+/* Returns a path to store user-specific configuration
+ * data.
+ */
+int _gnutls_find_config_path(char *path, size_t max_size)
+{
+	const char *home_dir = secure_getenv("HOME");
+
+	if (home_dir != NULL && home_dir[0] != 0) {
+		snprintf(path, max_size, "%s/" CONFIG_PATH, home_dir);
+		return 0;
+	}
+
+#ifdef _WIN32
+	if (home_dir == NULL || home_dir[0] == '\0') {
+		const char *home_drive = getenv("HOMEDRIVE");
+		const char *home_path = getenv("HOMEPATH");
+
+		if (home_drive != NULL && home_path != NULL) {
+			snprintf(path, max_size, "%s%s\\" CONFIG_PATH, home_drive, home_path);
+		} else {
+			path[0] = 0;
+		}
+	}
+#elif defined(HAVE_GETPWUID_R)
+	if (home_dir == NULL || home_dir[0] == '\0') {
+		struct passwd *pwd;
+		struct passwd _pwd;
+		int ret;
+		char tmp[512];
+
+		ret = getpwuid_r(getuid(), &_pwd, tmp, sizeof(tmp), &pwd);
+		if (ret == 0 && pwd != NULL) {
+			snprintf(path, max_size, "%s/" CONFIG_PATH, pwd->pw_dir);
+		} else {
+			path[0] = 0;
+		}
+	}
+#else
+	if (home_dir == NULL || home_dir[0] == '\0') {
+			path[0] = 0;
+	}
+#endif
+
+	return 0;
+}
+
+#if defined(DEFAULT_TRUST_STORE_FILE) || (defined(DEFAULT_TRUST_STORE_PKCS11) && defined(ENABLE_PKCS11))
+static
+int
+add_system_trust(gnutls_x509_trust_list_t list,
+		 unsigned int tl_flags, unsigned int tl_vflags)
+{
+	int ret, r = 0;
+	const char *crl_file =
+#ifdef DEFAULT_CRL_FILE
+	    DEFAULT_CRL_FILE;
+#else
+	    NULL;
+#endif
+
+#if defined(ENABLE_PKCS11) && defined(DEFAULT_TRUST_STORE_PKCS11)
+	ret =
+	    gnutls_x509_trust_list_add_trust_file(list,
+						  DEFAULT_TRUST_STORE_PKCS11,
+						  crl_file,
+						  GNUTLS_X509_FMT_DER,
+						  tl_flags, tl_vflags);
+	if (ret > 0)
+		r += ret;
+#endif
+
+#ifdef DEFAULT_TRUST_STORE_FILE
+	ret =
+	    gnutls_x509_trust_list_add_trust_file(list,
+						  DEFAULT_TRUST_STORE_FILE,
+						  crl_file,
+						  GNUTLS_X509_FMT_PEM,
+						  tl_flags, tl_vflags);
+	if (ret > 0)
+		r += ret;
+#endif
+
+#ifdef DEFAULT_BLACKLIST_FILE
+	ret = gnutls_x509_trust_list_remove_trust_file(list, DEFAULT_BLACKLIST_FILE, GNUTLS_X509_FMT_PEM);
+	if (ret < 0) {
+		_gnutls_debug_log("Could not load blacklist file '%s'\n", DEFAULT_BLACKLIST_FILE);
+	}
+#endif
+
+	return r;
+}
+#elif defined(_WIN32)
+static
+int add_system_trust(gnutls_x509_trust_list_t list, unsigned int tl_flags,
+		     unsigned int tl_vflags)
+{
+	unsigned int i;
+	int r = 0;
+
+	for (i = 0; i < 2; i++) {
+		HCERTSTORE store;
+		const CERT_CONTEXT *cert;
+		const CRL_CONTEXT *crl;
+		gnutls_datum_t data;
+
+		if (i == 0)
+			store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER , L"ROOT");
+		else
+			store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"CA");
+
+		if (store == NULL)
+			return GNUTLS_E_FILE_ERROR;
+
+		cert = CertEnumCertificatesInStore(store, NULL);
+		crl = pCertEnumCRLsInStore(store, NULL);
+
+		while (cert != NULL) {
+			if (cert->dwCertEncodingType == X509_ASN_ENCODING) {
+				data.data = cert->pbCertEncoded;
+				data.size = cert->cbCertEncoded;
+				if (gnutls_x509_trust_list_add_trust_mem
+				    (list, &data, NULL,
+				     GNUTLS_X509_FMT_DER, tl_flags,
+				     tl_vflags) > 0)
+					r++;
+			}
+			cert = CertEnumCertificatesInStore(store, cert);
+		}
+
+		while (crl != NULL) {
+			if (crl->dwCertEncodingType == X509_ASN_ENCODING) {
+				data.data = crl->pbCrlEncoded;
+				data.size = crl->cbCrlEncoded;
+				gnutls_x509_trust_list_add_trust_mem(list,
+								     NULL,
+								     &data,
+								     GNUTLS_X509_FMT_DER,
+								     tl_flags,
+								     tl_vflags);
+			}
+			crl = pCertEnumCRLsInStore(store, crl);
+		}
+		CertCloseStore(store, 0);
+	}
+
+#ifdef DEFAULT_BLACKLIST_FILE
+	ret = gnutls_x509_trust_list_remove_trust_file(list, DEFAULT_BLACKLIST_FILE, GNUTLS_X509_FMT_PEM);
+	if (ret < 0) {
+		_gnutls_debug_log("Could not load blacklist file '%s'\n", DEFAULT_BLACKLIST_FILE);
+	}
+#endif
+
+	return r;
+}
+#elif defined(ANDROID) || defined(__ANDROID__) || defined(DEFAULT_TRUST_STORE_DIR)
+
+# include <dirent.h>
+# include <unistd.h>
+
+# if defined(ANDROID) || defined(__ANDROID__)
+#  define DEFAULT_TRUST_STORE_DIR "/system/etc/security/cacerts/"
+
+static int load_revoked_certs(gnutls_x509_trust_list_t list, unsigned type)
+{
+	DIR *dirp;
+	struct dirent *d;
+	int ret;
+	int r = 0;
+	char path[GNUTLS_PATH_MAX];
+
+	dirp = opendir("/data/misc/keychain/cacerts-removed/");
+	if (dirp != NULL) {
+		do {
+			d = readdir(dirp);
+			if (d != NULL && d->d_type == DT_REG) {
+				snprintf(path, sizeof(path),
+					 "/data/misc/keychain/cacerts-removed/%s",
+					 d->d_name);
+
+				ret =
+				    gnutls_x509_trust_list_remove_trust_file
+				    (list, path, type);
+				if (ret >= 0)
+					r += ret;
+			}
+		}
+		while (d != NULL);
+		closedir(dirp);
+	}
+
+	return r;
+}
+# endif
+
+
+/* This works on android 4.x 
+ */
+static
+int add_system_trust(gnutls_x509_trust_list_t list, unsigned int tl_flags,
+		     unsigned int tl_vflags)
+{
+	int r = 0, ret;
+
+	ret = gnutls_x509_trust_list_add_trust_dir(list, DEFAULT_TRUST_STORE_DIR,
+		NULL, GNUTLS_X509_FMT_PEM, tl_flags, tl_vflags);
+	if (ret >= 0)
+		r += ret;
+
+# if defined(ANDROID) || defined(__ANDROID__)
+	ret = load_revoked_certs(list, GNUTLS_X509_FMT_DER);
+	if (ret >= 0)
+		r -= ret;
+
+	ret = gnutls_x509_trust_list_add_trust_dir(list, "/data/misc/keychain/cacerts-added/",
+		NULL, GNUTLS_X509_FMT_DER, tl_flags, tl_vflags);
+	if (ret >= 0)
+		r += ret;
+# endif
+
+	return r;
+}
+#elif defined(__APPLE__) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 1070
+static
+int osstatus_error(status)
+{
+	CFStringRef err_str = SecCopyErrorMessageString(status, NULL);
+	_gnutls_debug_log("Error loading system root certificates: %s\n",
+			  CFStringGetCStringPtr(err_str, kCFStringEncodingUTF8));
+	CFRelease(err_str);
+	return GNUTLS_E_FILE_ERROR;
+}
+
+static
+int add_system_trust(gnutls_x509_trust_list_t list, unsigned int tl_flags,
+		     unsigned int tl_vflags)
+{
+	int r=0;
+
+	SecTrustSettingsDomain domain[] = { kSecTrustSettingsDomainUser,
+					    kSecTrustSettingsDomainAdmin,
+					    kSecTrustSettingsDomainSystem };
+	for (size_t d=0; d<sizeof(domain)/sizeof(*domain); d++) {
+		CFArrayRef certs = NULL;
+		OSStatus status = SecTrustSettingsCopyCertificates(domain[d],
+								   &certs);
+		if (status == errSecNoTrustSettings)
+			continue;
+		if (status != errSecSuccess)
+			return osstatus_error(status);
+
+		int cert_count = CFArrayGetCount(certs);
+		for (int i=0; i<cert_count; i++) {
+			SecCertificateRef cert =
+				(void*)CFArrayGetValueAtIndex(certs, i);
+			CFDataRef der;
+			status = SecItemExport(cert, kSecFormatX509Cert, 0,
+					       NULL, &der);
+			if (status != errSecSuccess) {
+				CFRelease(der);
+				CFRelease(certs);
+				return osstatus_error(status);
+			}
+
+			if (gnutls_x509_trust_list_add_trust_mem(list,
+								 &(gnutls_datum_t) {
+									.data = (void*)CFDataGetBytePtr(der),
+									.size = CFDataGetLength(der),
+								 },
+								 NULL,
+			                                         GNUTLS_X509_FMT_DER,
+								 tl_flags,
+								 tl_vflags) > 0)
+				r++;
+			CFRelease(der);
+		}
+		CFRelease(certs);
+	}
+
+#ifdef DEFAULT_BLACKLIST_FILE
+	ret = gnutls_x509_trust_list_remove_trust_file(list, DEFAULT_BLACKLIST_FILE, GNUTLS_X509_FMT_PEM);
+	if (ret < 0) {
+		_gnutls_debug_log("Could not load blacklist file '%s'\n", DEFAULT_BLACKLIST_FILE);
+	}
+#endif
+
+	return r;
+}
+#else
+
+#define add_system_trust(x,y,z) GNUTLS_E_UNIMPLEMENTED_FEATURE
+
+#endif
+
+/**
+ * gnutls_x509_trust_list_add_system_trust:
+ * @list: The structure of the list
+ * @tl_flags: GNUTLS_TL_*
+ * @tl_vflags: gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL
+ *
+ * This function adds the system's default trusted certificate
+ * authorities to the trusted list. Note that on unsupported systems
+ * this function returns %GNUTLS_E_UNIMPLEMENTED_FEATURE.
+ *
+ * This function implies the flag %GNUTLS_TL_NO_DUPLICATES.
+ *
+ * Returns: The number of added elements or a negative error code on error.
+ *
+ * Since: 3.1
+ **/
+int
+gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t list,
+					unsigned int tl_flags,
+					unsigned int tl_vflags)
+{
+	return add_system_trust(list, tl_flags|GNUTLS_TL_NO_DUPLICATES, tl_vflags);
+}
+
diff --git a/lib/system/fastopen.c b/lib/system/fastopen.c
new file mode 100644
index 0000000..a904e37
--- /dev/null
+++ b/lib/system/fastopen.c
@@ -0,0 +1,245 @@
+/*
+ * Copyright (C) 2016 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include <config.h>
+#include <system.h>
+#include "gnutls_int.h"
+#include "errors.h"
+
+#include <sys/socket.h>
+#include <netinet/in.h> /* IPPROTO_TCP */
+#include <errno.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+
+/* Get TCP_FASTOPEN */
+#ifdef HAVE_NETINET_TCP_H
+# include <netinet/tcp.h>
+#endif
+
+/* TCP Fast Open on OSX behaves differently from Linux, so define these helpers */
+#if defined __APPLE__ && defined __MACH__ && defined CONNECT_DATA_IDEMPOTENT && defined CONNECT_RESUME_ON_READ_WRITE
+# if defined __has_builtin && __has_builtin(__builtin_available)
+#  define TCP_FASTOPEN_OSX
+# endif
+#elif defined TCP_FASTOPEN && defined MSG_FASTOPEN
+# define TCP_FASTOPEN_LINUX
+#endif
+
+/* Do not use the gnulib functions for sending and receiving data.
+ * Using them makes gnutls only working with gnulib applications.
+ */
+#undef send
+#undef recv
+#undef select
+#undef connect
+
+#ifdef _WIN32
+static ssize_t
+tfo_writev(gnutls_transport_ptr_t ptr, const giovec_t * iovec, int iovec_cnt)
+{
+	tfo_st *p = ptr;
+	int fd = p->fd;
+
+	if (unlikely(p->connect_addrlen != 0)) {
+		int ret;
+
+		ret = connect(fd, (struct sockaddr*)&p->connect_addr,
+				p->connect_addrlen);
+		if (ret == -1 && (errno == EINPROGRESS)) {
+			gnutls_assert();
+			errno = EAGAIN;
+		}
+
+		if (ret == 0 || errno != EAGAIN) {
+			p->connect_only = 0;
+			p->connect_addrlen = 0;
+		}
+
+		return ret;
+	}
+
+	return system_writev(GNUTLS_INT_TO_POINTER(fd), iovec, iovec_cnt);
+}
+#else /* sendmsg */
+static ssize_t
+tfo_writev(gnutls_transport_ptr_t ptr, const giovec_t * iovec, int iovec_cnt)
+{
+	tfo_st *p = ptr;
+	int fd = p->fd;
+	struct msghdr hdr;
+	int ret;
+
+	memset(&hdr, 0, sizeof(hdr));
+	hdr.msg_iov = (struct iovec *)iovec;
+	hdr.msg_iovlen = iovec_cnt;
+
+	if (likely(!p->connect_addrlen))
+		return sendmsg(fd, &hdr, p->flags);
+
+# if defined(TCP_FASTOPEN_LINUX)
+	if (!p->connect_only) {
+		int on = 1;
+
+		if (setsockopt(fd, IPPROTO_TCP, TCP_FASTOPEN, &on, sizeof(on)) == -1)
+			_gnutls_debug_log("Failed to set socket option FASTOPEN\n");
+
+		hdr.msg_name = &p->connect_addr;
+		hdr.msg_namelen = p->connect_addrlen;
+
+		ret = sendmsg(fd, &hdr, p->flags | MSG_FASTOPEN);
+
+		if (ret < 0) {
+			if (errno == EINPROGRESS) {
+				gnutls_assert();
+				errno = EAGAIN; // GnuTLS does not handle EINPROGRESS
+			} else if (errno == EOPNOTSUPP) {
+				// fallback from fastopen, e.g. when fastopen is disabled in system
+				_gnutls_debug_log("Fallback from TCP Fast Open... TFO is not enabled at system level\n");
+				p->connect_only = 1;
+				goto connect_only;
+			}
+		}
+	} else {
+ connect_only:
+		ret = connect(fd, (struct sockaddr*)&p->connect_addr, p->connect_addrlen);
+		if (errno == ENOTCONN || errno == EINPROGRESS) {
+			gnutls_assert();
+			errno = EAGAIN;
+		}
+
+		if (ret == 0)
+			p->connect_only = 0;
+	}
+# elif defined(TCP_FASTOPEN_OSX)
+	{
+		if(__builtin_available(macOS 10.11, iOS 9.0, tvOS 9.0, watchOS 2.0, *)) {
+			sa_endpoints_t endpoints = { .sae_dstaddr = (struct sockaddr*)&p->connect_addr, .sae_dstaddrlen = p->connect_addrlen };
+
+			ret = connectx(fd, &endpoints, SAE_ASSOCID_ANY, CONNECT_RESUME_ON_READ_WRITE | CONNECT_DATA_IDEMPOTENT, NULL, 0, NULL, NULL);
+		}
+		else
+		{
+			ret = connect(fd, (struct sockaddr*)&p->connect_addr, p->connect_addrlen);
+		}
+		if (errno == ENOTCONN || errno == EINPROGRESS) {
+			gnutls_assert();
+			errno = EAGAIN;
+		}
+	}
+# else
+	ret = connect(fd, (struct sockaddr*)&p->connect_addr, p->connect_addrlen);
+	if (errno == ENOTCONN || errno == EINPROGRESS) {
+		gnutls_assert();
+		errno = EAGAIN;
+	}
+# endif
+
+	if (ret == 0 || errno != EAGAIN) {
+		/* This has to be called just once, connect info not needed any more */
+		p->connect_addrlen = 0;
+	}
+
+	return ret;
+}
+#endif /* sendmsg */
+
+static
+int tfo_recv_timeout(gnutls_transport_ptr_t ptr, unsigned int ms)
+{
+	tfo_st *p = ptr;
+
+	return gnutls_system_recv_timeout((gnutls_transport_ptr_t)(long)p->fd, ms);
+}
+
+static ssize_t
+tfo_read(gnutls_transport_ptr_t ptr, void *data, size_t data_size)
+{
+	tfo_st *p = ptr;
+
+	return recv(p->fd, data, data_size, 0);
+}
+
+/**
+ * gnutls_transport_set_fastopen:
+ * @session: is a #gnutls_session_t type.
+ * @fd: is the session's socket descriptor
+ * @connect_addr: is the address we want to connect to
+ * @connect_addrlen: is the length of @connect_addr
+ * @flags: must be zero
+ *
+ * Enables TCP Fast Open (TFO) for the specified TLS client session.
+ * That means that TCP connection establishment and the transmission
+ * of the first TLS client hello packet are combined. The
+ * peer's address must be  specified in @connect_addr and @connect_addrlen,
+ * and the socket specified by @fd should not be connected.
+ *
+ * TFO only works for TCP sockets of type AF_INET and AF_INET6.
+ * If the OS doesn't support TCP fast open this function will result
+ * to gnutls using connect() transparently during the first write.
+ *
+ * Note: This function overrides all the transport callback functions.
+ * If this is undesirable, TCP Fast Open must be implemented on the user
+ * callback functions without calling this function. When using
+ * this function, transport callbacks must not be set, and 
+ * gnutls_transport_set_ptr() or gnutls_transport_set_int()
+ * must not be called.
+ *
+ * On GNU/Linux TFO has to be enabled at the system layer, that is
+ *   in /proc/sys/net/ipv4/tcp_fastopen, bit 0 has to be set.
+ *
+ * This function has no effect on server sessions.
+ *
+ * Since: 3.5.3
+ **/
+void
+gnutls_transport_set_fastopen(gnutls_session_t session,
+			      int fd, struct sockaddr *connect_addr, socklen_t connect_addrlen,
+			      unsigned int flags)
+{
+	if (connect_addrlen > (socklen_t)sizeof(session->internals.tfo.connect_addr)) {
+		gnutls_assert();
+		return;
+	}
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		gnutls_assert();
+		return;
+	}
+
+	memcpy(&session->internals.tfo.connect_addr, connect_addr, connect_addrlen);
+	session->internals.tfo.connect_addrlen = connect_addrlen;
+	session->internals.tfo.fd = fd;
+
+	gnutls_transport_set_pull_function(session, tfo_read);
+	gnutls_transport_set_pull_timeout_function(session, tfo_recv_timeout);
+	gnutls_transport_set_ptr(session, &session->internals.tfo);
+
+	session->internals.tfo.flags = 0;
+#ifdef MSG_NOSIGNAL
+	if (session->internals.flags & GNUTLS_NO_SIGNAL)
+		session->internals.tfo.flags |= MSG_NOSIGNAL;
+#endif
+
+	gnutls_transport_set_vec_push_function(session, tfo_writev);
+}
+
diff --git a/lib/system/keys-dummy.c b/lib/system/keys-dummy.c
new file mode 100644
index 0000000..bd3fba4
--- /dev/null
+++ b/lib/system/keys-dummy.c
@@ -0,0 +1,80 @@
+/*
+ * Copyright © 2014 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <gnutls/gnutls.h>
+#include <gnutls/abstract.h>
+#include <gnutls/pkcs12.h>
+#include <gnutls/system-keys.h>
+#include "system-keys.h"
+#include <tls-sig.h>
+#include <pk.h>
+
+void gnutls_system_key_iter_deinit(gnutls_system_key_iter_t iter)
+{
+	return;
+}
+
+int
+gnutls_system_key_iter_get_info(gnutls_system_key_iter_t *iter,
+				unsigned cert_type,
+				char **cert_url,
+				char **key_url,
+				char **label,
+				gnutls_datum_t *der,
+				unsigned int flags)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_system_key_delete(const char *cert_url, const char *key_url)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_system_key_add_x509(gnutls_x509_crt_t crt, gnutls_x509_privkey_t privkey,
+				const char *label, char **cert_url, char **key_url)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int
+_gnutls_privkey_import_system_url(gnutls_privkey_t pkey,
+				  const char *url)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int
+_gnutls_x509_crt_import_system_url(gnutls_x509_crt_t crt, const char *url)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int _gnutls_system_key_init(void)
+{
+	return 0;
+}
+
+void _gnutls_system_key_deinit(void)
+{
+	return;
+}
diff --git a/lib/system/keys-win.c b/lib/system/keys-win.c
new file mode 100644
index 0000000..a0fffe2
--- /dev/null
+++ b/lib/system/keys-win.c
@@ -0,0 +1,1542 @@
+/*
+ * Copyright © 2014-2016 Red Hat, Inc.
+ * Copyright © 2015-2016 Dyalog Ltd.
+ *
+ * Author: Nikos Mavrogiannopoulos, Bjørn Christensen
+ *
+ * GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+// Before including any Windows header we need to set _WIN32_WINNT to Vista
+// (or higher) so that the NCRYPT stuff can be used.
+#if _WIN32_WINNT < 0x600
+#undef _WIN32_WINNT
+#define _WIN32_WINNT 0x600
+#endif
+
+#include <config.h>
+#include "gnutls_int.h"
+#include "errors.h"
+#include <gnutls/gnutls.h>
+#include <gnutls/abstract.h>
+#include <gnutls/pkcs12.h>
+#include <gnutls/system-keys.h>
+#include "system-keys.h"
+#include <tls-sig.h>
+#include <pk.h>
+#include <urls.h>
+
+#if !defined(_WIN32)
+#error should not be included
+#endif
+
+#include <wincrypt.h>
+#include <winbase.h>
+#include <winapifamily.h>
+
+#ifdef __MINGW32__
+# include <_mingw.h>
+# ifdef __MINGW64_VERSION_MAJOR
+/* MinGW64 */
+#  include <ncrypt.h>
+# else
+/* mingw.org's MinGW */
+# include <security.h>
+# define BCRYPT_PAD_PKCS1 0x00000002
+# define BCRYPT_RSA_ALGORITHM L"RSA"
+# define BCRYPT_DSA_ALGORITHM L"DSA"
+# define BCRYPT_SHA1_ALGORITHM L"SHA1"
+# define BCRYPT_SHA256_ALGORITHM L"SHA256"
+# define BCRYPT_SHA384_ALGORITHM L"SHA384"
+# define BCRYPT_SHA512_ALGORITHM L"SHA512"
+# define BCRYPT_ECDSA_P256_ALGORITHM L"ECDSA_P256"
+# define BCRYPT_ECDSA_P384_ALGORITHM L"ECDSA_P384"
+# define BCRYPT_ECDSA_P521_ALGORITHM L"ECDSA_P521"
+typedef ULONG_PTR NCRYPT_HANDLE;
+typedef ULONG_PTR NCRYPT_PROV_HANDLE;
+typedef ULONG_PTR NCRYPT_KEY_HANDLE;
+typedef struct _BCRYPT_PKCS1_PADDING_INFO {
+	LPCWSTR pszAlgId;
+} BCRYPT_PKCS1_PADDING_INFO;
+# endif
+#else /* non-mingw */
+# include <ncrypt.h>
+#endif
+
+// MinGW headers may not have these defines
+#ifndef NCRYPT_SHA1_ALGORITHM
+#define NCRYPT_SHA1_ALGORITHM	   BCRYPT_SHA1_ALGORITHM
+#endif
+#ifndef NCRYPT_SHA256_ALGORITHM
+#define NCRYPT_SHA256_ALGORITHM	 BCRYPT_SHA256_ALGORITHM
+#endif
+#ifndef NCRYPT_SHA384_ALGORITHM
+#define NCRYPT_SHA384_ALGORITHM	 BCRYPT_SHA384_ALGORITHM
+#endif
+#ifndef NCRYPT_SHA512_ALGORITHM
+#define NCRYPT_SHA512_ALGORITHM	 BCRYPT_SHA512_ALGORITHM
+#endif
+#ifndef NCRYPT_PAD_PKCS1_FLAG
+#define NCRYPT_PAD_PKCS1_FLAG 2
+#endif
+#ifndef NCRYPT_ALGORITHM_PROPERTY
+#define NCRYPT_ALGORITHM_PROPERTY	       L"Algorithm Name"
+#endif
+#ifndef CERT_NCRYPT_KEY_HANDLE_TRANSFER_PROP_ID
+#define CERT_NCRYPT_KEY_HANDLE_TRANSFER_PROP_ID 99
+#endif
+
+#define MAX_WID_SIZE 48
+
+static
+void *memrev(unsigned char *pvData, DWORD cbData);
+
+struct system_key_iter_st {
+	HCERTSTORE store;
+	const CERT_CONTEXT *cert;
+};
+
+typedef struct priv_st {
+	DWORD dwKeySpec;	/* CAPI key */
+	HCRYPTPROV hCryptProv;	/* CAPI keystore */
+	NCRYPT_KEY_HANDLE nc;	/* CNG Keystore */
+	gnutls_pk_algorithm_t pk;
+	gnutls_sign_algorithm_t sign_algo;
+} priv_st;
+
+typedef SECURITY_STATUS(WINAPI * NCryptDeleteKeyFunc) (NCRYPT_KEY_HANDLE hKey,
+						       DWORD dwFlags);
+
+typedef SECURITY_STATUS(WINAPI *
+			NCryptOpenStorageProviderFunc) (NCRYPT_PROV_HANDLE *
+							phProvider,
+							LPCWSTR pszProviderName,
+							DWORD dwFlags);
+
+typedef SECURITY_STATUS(WINAPI *
+			NCryptOpenKeyFunc) (NCRYPT_PROV_HANDLE hProvider,
+					    NCRYPT_KEY_HANDLE * phKey,
+					    LPCWSTR pszKeyName,
+					    DWORD dwLegacyKeySpec,
+					    DWORD dwFlags);
+
+typedef SECURITY_STATUS(WINAPI * NCryptGetPropertyFunc) (NCRYPT_HANDLE hObject,
+							 LPCWSTR pszProperty,
+							 PBYTE pbOutput,
+							 DWORD cbOutput,
+							 DWORD * pcbResult,
+							 DWORD dwFlags);
+
+typedef SECURITY_STATUS(WINAPI * NCryptFreeObjectFunc) (NCRYPT_HANDLE hObject);
+
+typedef SECURITY_STATUS(WINAPI * NCryptDecryptFunc) (NCRYPT_KEY_HANDLE hKey,
+						     PBYTE pbInput,
+						     DWORD cbInput,
+						     VOID * pPaddingInfo,
+						     PBYTE pbOutput,
+						     DWORD cbOutput,
+						     DWORD * pcbResult,
+						     DWORD dwFlags);
+
+typedef SECURITY_STATUS(WINAPI * NCryptSignHashFunc) (NCRYPT_KEY_HANDLE hKey,
+						      VOID * pPaddingInfo,
+						      PBYTE pbHashValue,
+						      DWORD cbHashValue,
+						      PBYTE pbSignature,
+						      DWORD cbSignature,
+						      DWORD * pcbResult,
+						      DWORD dwFlags);
+
+static int StrCmpW(const WCHAR * str1, const WCHAR * str2)
+{
+	while (*str1 && (*str1 == *str2)) {
+		str1++;
+		str2++;
+	}
+	return *str1 - *str2;
+}
+
+#ifdef DYN_NCRYPT
+static NCryptDeleteKeyFunc pNCryptDeleteKey;
+static NCryptOpenStorageProviderFunc pNCryptOpenStorageProvider;
+static NCryptOpenKeyFunc pNCryptOpenKey;
+static NCryptGetPropertyFunc pNCryptGetProperty;
+static NCryptFreeObjectFunc pNCryptFreeObject;
+static NCryptDecryptFunc pNCryptDecrypt;
+static NCryptSignHashFunc pNCryptSignHash;
+#else
+#define pNCryptDeleteKey NCryptDeleteKey
+#define pNCryptOpenStorageProvider NCryptOpenStorageProvider
+#define pNCryptOpenKey NCryptOpenKey
+#define pNCryptGetProperty NCryptGetProperty
+#define pNCryptFreeObject NCryptFreeObject
+#define pNCryptDecrypt NCryptDecrypt
+#define pNCryptSignHash NCryptSignHash
+#endif
+
+static unsigned ncrypt_init = 0;
+static HMODULE ncrypt_lib;
+
+#define WIN_URL SYSTEM_URL"win:"
+#define WIN_URL_SIZE 11
+
+static int
+get_id(const char *url, uint8_t * bin, size_t * bin_size, unsigned cert)
+{
+	int ret;
+	unsigned url_size = strlen(url);
+	const char *p = url, *p2;
+	gnutls_datum_t tmp;
+
+	if (cert != 0) {
+		if (url_size < sizeof(WIN_URL)
+		    || strncmp(url, WIN_URL, WIN_URL_SIZE) != 0)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	} else {
+		if (url_size < sizeof(WIN_URL)
+		    || strncmp(url, WIN_URL, WIN_URL_SIZE) != 0)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	p += sizeof(WIN_URL) - 1;
+
+	p = strstr(p, "id=");
+	if (p == NULL)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+	p += 3;
+
+	p2 = strchr(p, ';');
+	if (p2 == NULL) {
+		url_size = strlen(p);
+	} else {
+		url_size = (p2 - p);
+	}
+
+	tmp.data = p;
+	tmp.size = url_size;
+	ret = gnutls_hex_decode(&tmp, bin, bin_size);
+	if (ret < 0)
+		return ret;
+
+	return 0;
+}
+
+#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
+static
+void *memrev(unsigned char *pvData, DWORD cbData)
+{
+	char t;
+	DWORD i;
+
+	for (i = 0; i < cbData / 2; i++) {
+		t = pvData[i];
+		pvData[i] = pvData[cbData - 1 - i];
+		pvData[cbData - 1 - i] = t;
+	}
+	return pvData;
+}
+
+static
+int capi_sign(gnutls_privkey_t key, void *userdata,
+	      const gnutls_datum_t * raw_data, gnutls_datum_t * signature)
+{
+	priv_st *priv = (priv_st *) userdata;
+	ALG_ID Algid;
+	HCRYPTHASH hHash = 0;
+	uint8_t digest[MAX_HASH_SIZE];
+	unsigned int digest_size;
+	gnutls_digest_algorithm_t algo;
+	DWORD size1 = 0, sizesize = sizeof(DWORD);
+	DWORD ret_sig = 0;
+	int ret;
+
+	signature->data = NULL;
+	signature->size = 0;
+
+	digest_size = raw_data->size;
+
+	switch (digest_size) {
+	case 16:
+		Algid = CALG_MD5;
+		break;
+		//case 35:  size=20;                                    // DigestInfo SHA1
+	case 20:
+		Algid = CALG_SHA1;
+		break;
+		//case 51:  size=32;                                    // DigestInto SHA-256
+	case 32:
+		Algid = CALG_SHA_256;
+		break;
+	case 36:
+		Algid = CALG_SSL3_SHAMD5;
+		break;
+	case 48:
+		Algid = CALG_SHA_384;
+		break;
+	case 64:
+		Algid = CALG_SHA_512;
+		break;
+	default:
+		digest_size = sizeof(digest);
+		ret =
+		    decode_ber_digest_info(raw_data, &algo, digest,
+					   &digest_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		switch (algo) {
+		case GNUTLS_DIG_SHA1:
+			Algid = CALG_SHA1;
+			break;
+#ifdef NCRYPT_SHA224_ALGORITHM
+		case GNUTLS_DIG_SHA224:
+			Algid = CALG_SHA_224;
+			break;
+#endif
+		case GNUTLS_DIG_SHA256:
+			Algid = CALG_SHA_256;
+			break;
+		case GNUTLS_DIG_SHA384:
+			Algid = CALG_SHA_384;
+			break;
+		case GNUTLS_DIG_SHA512:
+			Algid = CALG_SHA_512;
+			break;
+		default:
+			return
+			    gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM);
+		}
+	}
+
+	if (!CryptCreateHash(priv->hCryptProv, Algid, 0, 0, &hHash)) {
+		gnutls_assert();
+		_gnutls_debug_log("error in create hash: %d\n",
+				  (int)GetLastError());
+		ret = GNUTLS_E_PK_SIGN_FAILED;
+		goto fail;
+	}
+
+	if (!CryptSetHashParam(hHash, HP_HASHVAL, digest, 0)) {
+		gnutls_assert();
+		_gnutls_debug_log("error in set hash val: %d\n",
+				  (int)GetLastError());
+		ret = GNUTLS_E_PK_SIGN_FAILED;
+		goto fail;
+	}
+
+	if (!CryptGetHashParam
+	    (hHash, HP_HASHSIZE, (BYTE *) & size1, &sizesize, 0)
+	    || digest_size != size1) {
+		gnutls_assert();
+		_gnutls_debug_log("error in hash size: %d\n", (int)size1);
+		ret = GNUTLS_E_PK_SIGN_FAILED;
+		goto fail;
+	}
+
+	if (!CryptSignHash(hHash, priv->dwKeySpec, NULL, 0, NULL, &ret_sig)) {
+		gnutls_assert();
+		_gnutls_debug_log("error in pre-signing: %d\n",
+				  (int)GetLastError());
+		ret = GNUTLS_E_PK_SIGN_FAILED;
+		goto fail;
+	}
+
+	signature->size = ret_sig;
+	signature->data = (unsigned char *)gnutls_malloc(signature->size);
+
+	if (signature->data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	if (!CryptSignHash
+	    (hHash, priv->dwKeySpec, NULL, 0, signature->data, &ret_sig)) {
+		gnutls_assert();
+		_gnutls_debug_log("error in signing: %d\n",
+				  (int)GetLastError());
+		ret = GNUTLS_E_PK_SIGN_FAILED;
+		goto fail;
+	}
+
+	memrev(signature->data, signature->size);
+
+	CryptDestroyHash(hHash);
+	signature->size = ret_sig;
+
+	return 0;
+ fail:
+	if (hHash != 0)
+		CryptDestroyHash(hHash);
+	gnutls_free(signature->data);
+	return ret;
+}
+
+static
+int capi_decrypt(gnutls_privkey_t key, void *userdata,
+		 const gnutls_datum_t * ciphertext, gnutls_datum_t * plaintext)
+{
+	priv_st *priv = (priv_st *) userdata;
+	DWORD size = 0;
+	int ret;
+
+	plaintext->data = NULL;
+	plaintext->size = 0;
+
+	if (priv->pk != GNUTLS_PK_RSA) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	plaintext->size = size = ciphertext->size;
+	plaintext->data = (unsigned char *)gnutls_malloc(plaintext->size);
+	if (plaintext->data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	memcpy(plaintext->data, ciphertext->data, size);
+	if (0 ==
+	    CryptDecrypt(priv->hCryptProv, 0, true, 0, plaintext->data,
+			 &size)) {
+		gnutls_assert();
+		ret = GNUTLS_E_PK_DECRYPTION_FAILED;
+		goto fail;
+	}
+
+	return 0;
+ fail:
+	gnutls_free(plaintext->data);
+	return ret;
+}
+
+static
+void capi_deinit(gnutls_privkey_t key, void *userdata)
+{
+	priv_st *priv = (priv_st *) userdata;
+	CryptReleaseContext(priv->hCryptProv, 0);
+	gnutls_free(priv);
+}
+
+static int capi_info(gnutls_privkey_t key, unsigned int flags, void *userdata)
+{
+	priv_st *priv = (priv_st *) userdata;
+
+	if (flags & GNUTLS_PRIVKEY_INFO_PK_ALGO)
+		return priv->pk;
+	if (flags & GNUTLS_PRIVKEY_INFO_SIGN_ALGO)
+		return priv->sign_algo;
+	return -1;
+}
+
+static 
+int privkey_import_capi(gnutls_privkey_t pkey, const char *url, 
+		priv_st *priv, CRYPT_KEY_PROV_INFO *kpi)
+{
+	HCRYPTPROV hCryptProv = 0;
+	int ret, enc_too = 0;
+	DWORD i, dwErrCode = 0;
+
+	if (CryptAcquireContextW(&hCryptProv,
+					kpi->pwszContainerName,
+					kpi->pwszProvName,
+					kpi->dwProvType, kpi->dwFlags)) {
+		for (i = 0; i < kpi->cProvParam; i++)
+			if (!CryptSetProvParam(hCryptProv,
+							kpi->rgProvParam[i].
+							dwParam,
+							kpi->rgProvParam[i].
+							pbData,
+							kpi->rgProvParam[i].
+							dwFlags)) {
+				dwErrCode = GetLastError();
+				break;
+			};
+	} else {
+		dwErrCode = GetLastError();
+	}
+
+	if (ERROR_SUCCESS != dwErrCode) {
+		_gnutls_debug_log
+			("error in getting cryptprov: %d from %s\n",
+				(int)GetLastError(), url);
+		ret =
+			gnutls_assert_val
+			(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+		goto cleanup;
+	}
+
+	{
+		BYTE buf[100 + sizeof(PROV_ENUMALGS_EX) * 2];
+		PROV_ENUMALGS_EX *pAlgo = (PROV_ENUMALGS_EX *) buf;
+		DWORD len = sizeof(buf);
+
+		if (CryptGetProvParam
+			(hCryptProv, PP_ENUMALGS_EX, buf, &len,
+				CRYPT_FIRST)) {
+			DWORD hash = 0;
+			do {
+				switch (pAlgo->aiAlgid) {
+				case CALG_RSA_SIGN:
+					priv->pk = GNUTLS_PK_RSA;
+					enc_too = 1;
+					break;
+				case CALG_DSS_SIGN:
+					priv->pk =
+						priv->pk ==
+						GNUTLS_PK_RSA ?
+						GNUTLS_PK_RSA :
+						GNUTLS_PK_DSA;
+					break;
+				case CALG_SHA1:
+					hash = 1;
+					break;
+				case CALG_SHA_256:
+					hash = 256;
+					break;
+				default:
+					break;
+				}
+
+				len = sizeof(buf);	// reset the buffer size
+			} while (CryptGetProvParam
+					(hCryptProv, PP_ENUMALGS_EX, buf, &len,
+					CRYPT_NEXT));
+
+			if (priv->pk == GNUTLS_PK_DSA)
+				priv->sign_algo = GNUTLS_SIGN_DSA_SHA1;
+			else
+				priv->sign_algo =
+					(hash >
+						1) ? GNUTLS_SIGN_RSA_SHA256 :
+					GNUTLS_SIGN_RSA_SHA1;
+		}
+	}
+
+	priv->hCryptProv = hCryptProv;
+	priv->dwKeySpec = kpi->dwKeySpec;
+
+	ret = gnutls_privkey_import_ext3(pkey, priv, capi_sign,
+						(enc_too !=
+						0) ? capi_decrypt : NULL,
+						capi_deinit, capi_info, 0);
+ cleanup:
+	if (ret < 0) {
+		if (hCryptProv != 0)
+			CryptReleaseContext(hCryptProv, 0);
+	}
+	return ret;
+}
+#endif /* WINAPI_PARTITION_DESKTOP */
+
+static
+int cng_sign(gnutls_privkey_t key, void *userdata,
+	     const gnutls_datum_t * raw_data, gnutls_datum_t * signature)
+{
+	priv_st *priv = userdata;
+	BCRYPT_PKCS1_PADDING_INFO _info;
+	void *info = NULL;
+	DWORD ret_sig = 0;
+	int ret;
+	DWORD flags = 0;
+	gnutls_datum_t data = { raw_data->data, raw_data->size };
+	uint8_t digest[MAX_HASH_SIZE];
+	unsigned int digest_size;
+	gnutls_digest_algorithm_t algo;
+	SECURITY_STATUS r;
+
+	signature->data = NULL;
+	signature->size = 0;
+
+	if (priv->pk == GNUTLS_PK_RSA) {
+
+		flags = BCRYPT_PAD_PKCS1;
+		info = &_info;
+
+		if (raw_data->size == 36) {	/* TLS 1.0 MD5+SHA1 */
+			_info.pszAlgId = NULL;
+		} else {
+			digest_size = sizeof(digest);
+			ret =
+			    decode_ber_digest_info(raw_data, &algo, digest,
+						   &digest_size);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			switch (algo) {
+			case GNUTLS_DIG_SHA1:
+				_info.pszAlgId = NCRYPT_SHA1_ALGORITHM;
+				break;
+#ifdef NCRYPT_SHA224_ALGORITHM
+			case GNUTLS_DIG_SHA224:
+				_info.pszAlgId = NCRYPT_SHA224_ALGORITHM;
+				break;
+#endif
+			case GNUTLS_DIG_SHA256:
+				_info.pszAlgId = NCRYPT_SHA256_ALGORITHM;
+				break;
+			case GNUTLS_DIG_SHA384:
+				_info.pszAlgId = NCRYPT_SHA384_ALGORITHM;
+				break;
+			case GNUTLS_DIG_SHA512:
+				_info.pszAlgId = NCRYPT_SHA512_ALGORITHM;
+				break;
+			default:
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_UNKNOWN_HASH_ALGORITHM);
+			}
+			data.data = digest;
+			data.size = digest_size;
+		}
+	}
+
+	r = pNCryptSignHash(priv->nc, info, data.data, data.size,
+			    NULL, 0, &ret_sig, flags);
+	if (FAILED(r)) {
+		gnutls_assert();
+		_gnutls_debug_log("error in pre-signing: %d\n",
+				  (int)GetLastError());
+		ret = GNUTLS_E_PK_SIGN_FAILED;
+		goto fail;
+	}
+
+	signature->size = ret_sig;
+	signature->data = gnutls_malloc(signature->size);
+	if (signature->data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	r = pNCryptSignHash(priv->nc, info, data.data, data.size,
+			    signature->data, signature->size, &ret_sig, flags);
+	if (FAILED(r)) {
+		gnutls_assert();
+		_gnutls_debug_log("error in signing: %d\n",
+				  (int)GetLastError());
+		ret = GNUTLS_E_PK_SIGN_FAILED;
+		goto fail;
+	}
+
+	signature->size = ret_sig;
+
+	return 0;
+ fail:
+	gnutls_free(signature->data);
+	return ret;
+}
+
+static
+int cng_decrypt(gnutls_privkey_t key, void *userdata,
+		const gnutls_datum_t * ciphertext, gnutls_datum_t * plaintext)
+{
+	priv_st *priv = userdata;
+	SECURITY_STATUS r;
+	DWORD ret_dec = 0;
+	int ret;
+
+	plaintext->data = NULL;
+	plaintext->size = 0;
+
+	if (priv->pk != GNUTLS_PK_RSA) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	r = pNCryptDecrypt(priv->nc, ciphertext->data, ciphertext->size,
+			   NULL, NULL, 0, &ret_dec, NCRYPT_PAD_PKCS1_FLAG);
+	if (FAILED(r)) {
+		gnutls_assert();
+		return GNUTLS_E_PK_DECRYPTION_FAILED;
+	}
+
+	plaintext->size = ret_dec;
+	plaintext->data = gnutls_malloc(plaintext->size);
+	if (plaintext->data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	r = pNCryptDecrypt(priv->nc, ciphertext->data, ciphertext->size,
+			   NULL, plaintext->data, plaintext->size,
+			   &ret_dec, NCRYPT_PAD_PKCS1_FLAG);
+	if (FAILED(r)) {
+		gnutls_assert();
+		ret = GNUTLS_E_PK_DECRYPTION_FAILED;
+		goto fail;
+	}
+	plaintext->size = ret_dec;
+
+	return 0;
+ fail:
+	gnutls_free(plaintext->data);
+	return ret;
+}
+
+static
+void cng_deinit(gnutls_privkey_t key, void *userdata)
+{
+	priv_st *priv = userdata;
+	pNCryptFreeObject(priv->nc);
+	gnutls_free(priv);
+}
+
+static int cng_info(gnutls_privkey_t key, unsigned int flags, void *userdata)
+{
+	priv_st *priv = userdata;
+
+	if (flags & GNUTLS_PRIVKEY_INFO_PK_ALGO)
+		return priv->pk;
+	if (flags & GNUTLS_PRIVKEY_INFO_SIGN_ALGO)
+		return priv->sign_algo;
+	return -1;
+}
+
+static
+int privkey_import_ncrypt(gnutls_privkey_t pkey, const char *url, 
+		priv_st *priv, CRYPT_KEY_PROV_INFO *kpi, NCRYPT_PROV_HANDLE *sctx)
+{
+	SECURITY_STATUS r;
+	NCRYPT_KEY_HANDLE nc = 0;
+	int ret, enc_too = 0;
+	WCHAR algo_str[64];
+	DWORD algo_str_size = 0;
+
+	r = pNCryptOpenKey(*sctx, &nc, kpi->pwszContainerName, 0, 0);
+	if (FAILED(r)) {
+		ret =
+			gnutls_assert_val
+			(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+		goto cleanup;
+	}
+
+	r = pNCryptGetProperty(nc, NCRYPT_ALGORITHM_PROPERTY,
+					(BYTE *) algo_str, sizeof(algo_str),
+					&algo_str_size, 0);
+	if (FAILED(r)) {
+		ret =
+			gnutls_assert_val
+			(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+		goto cleanup;
+	}
+
+	if (StrCmpW(algo_str, BCRYPT_RSA_ALGORITHM) == 0) {
+		priv->pk = GNUTLS_PK_RSA;
+		priv->sign_algo = GNUTLS_SIGN_RSA_SHA256;
+		enc_too = 1;
+	} else if (StrCmpW(algo_str, BCRYPT_DSA_ALGORITHM) == 0) {
+		priv->pk = GNUTLS_PK_DSA;
+		priv->sign_algo = GNUTLS_SIGN_DSA_SHA1;
+	} else if (StrCmpW(algo_str, BCRYPT_ECDSA_P256_ALGORITHM) == 0) {
+		priv->pk = GNUTLS_PK_EC;
+		priv->sign_algo = GNUTLS_SIGN_ECDSA_SHA256;
+	} else if (StrCmpW(algo_str, BCRYPT_ECDSA_P384_ALGORITHM) == 0) {
+		priv->pk = GNUTLS_PK_EC;
+		priv->sign_algo = GNUTLS_SIGN_ECDSA_SHA384;
+	} else if (StrCmpW(algo_str, BCRYPT_ECDSA_P521_ALGORITHM) == 0) {
+		priv->pk = GNUTLS_PK_EC;
+		priv->sign_algo = GNUTLS_SIGN_ECDSA_SHA512;
+	} else {
+		_gnutls_debug_log("unknown key algorithm: %ls\n",
+					algo_str);
+		ret = gnutls_assert_val(GNUTLS_E_UNKNOWN_PK_ALGORITHM);
+		goto cleanup;
+	}
+	priv->nc = nc;
+
+	ret = gnutls_privkey_import_ext3(pkey, priv, cng_sign,
+						(enc_too !=
+						0) ? cng_decrypt : NULL,
+						cng_deinit, cng_info, 0);
+ cleanup:
+	if (ret < 0) {
+		if (nc != 0)
+			pNCryptFreeObject(nc);
+	}
+	return ret;
+}
+
+/*-
+ * _gnutls_privkey_import_system:
+ * @pkey: The private key
+ * @url: The URL of the key
+ *
+ * This function will import the given private key to the abstract
+ * #gnutls_privkey_t type. 
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ *
+ -*/
+int _gnutls_privkey_import_system_url(gnutls_privkey_t pkey, const char *url)
+{
+#if !WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) && _WIN32_WINNT < 0x0A00	/*win10 */
+    return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+#else /* WINAPI_PARTITION_DESKTOP || _WIN32_WINNT_WIN10 */
+	uint8_t id[MAX_WID_SIZE];
+	HCERTSTORE store = NULL;
+	size_t id_size;
+	const CERT_CONTEXT *cert = NULL;
+	CRYPT_HASH_BLOB blob;
+	CRYPT_KEY_PROV_INFO *kpi = NULL;
+	NCRYPT_PROV_HANDLE sctx = 0;
+	DWORD kpi_size;
+	SECURITY_STATUS r;
+	int ret;
+	priv_st *priv;
+
+	if (ncrypt_init == 0)
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+
+	if (url == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	priv = gnutls_calloc(1, sizeof(*priv));
+	if (priv == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	id_size = sizeof(id);
+	ret = get_id(url, id, &id_size, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	blob.cbData = id_size;
+	blob.pbData = id;
+
+	store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY");
+	if (store == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_FILE_ERROR;
+		goto cleanup;
+	}
+
+	cert = CertFindCertificateInStore(store,
+					  X509_ASN_ENCODING,
+					  0,
+					  CERT_FIND_KEY_IDENTIFIER,
+					  &blob, NULL);
+
+	if (cert == NULL) {
+		char buf[64];
+		_gnutls_debug_log("cannot find ID: %s from %s\n",
+				  _gnutls_bin2hex(id, id_size,
+						  buf, sizeof(buf), NULL), url);
+		ret = gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+		goto cleanup;
+	}
+
+	kpi_size = 0;
+	r = CertGetCertificateContextProperty(cert, CERT_KEY_PROV_INFO_PROP_ID,
+					      NULL, &kpi_size);
+	if (r == 0) {
+		_gnutls_debug_log("error in getting context: %d from %s\n",
+				  (int)GetLastError(), url);
+		ret = gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+		goto cleanup;
+	}
+
+	kpi = gnutls_malloc(kpi_size);
+	if (kpi == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	r = CertGetCertificateContextProperty(cert, CERT_KEY_PROV_INFO_PROP_ID,
+					      kpi, &kpi_size);
+	if (r == 0) {
+		_gnutls_debug_log("error in getting context: %d from %s\n",
+				  (int)GetLastError(), url);
+		ret = gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+		goto cleanup;
+	}
+
+	r = pNCryptOpenStorageProvider(&sctx, kpi->pwszProvName, 0);
+	if (!FAILED(r)) {	/* if this works carry on with CNG */
+
+		ret = privkey_import_ncrypt(pkey, url, priv, kpi, &sctx);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	} else {
+#if !WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
+		/* CAPI is not supported in UWP */
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+#else /* WINAPI_PARTITION_DESKTOP */
+		/* this should be CAPI */
+		_gnutls_debug_log
+		    ("error in opening CNG keystore: %x from %ls\n", (int)r,
+		     kpi->pwszProvName);
+
+		ret = privkey_import_capi(pkey, url, priv, kpi);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+#endif /* WINAPI_PARTITION_DESKTOP */
+	}
+	ret = 0;
+ cleanup:
+	if (ret < 0) {
+		gnutls_free(priv);
+	}
+	if (sctx != 0)
+		pNCryptFreeObject(sctx);
+
+	gnutls_free(kpi);
+
+	if (cert != 0)
+		CertFreeCertificateContext(cert);
+
+	CertCloseStore(store, 0);
+	return ret;
+#endif /* WINAPI_PARTITION_DESKTOP || _WIN32_WINNT_WIN10 */
+}
+
+int _gnutls_x509_crt_import_system_url(gnutls_x509_crt_t crt, const char *url)
+{
+	uint8_t id[MAX_WID_SIZE];
+	HCERTSTORE store = NULL;
+	size_t id_size;
+	const CERT_CONTEXT *cert = NULL;
+	CRYPT_HASH_BLOB blob;
+	int ret;
+	gnutls_datum_t data;
+
+	if (ncrypt_init == 0)
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+
+	id_size = sizeof(id);
+	ret = get_id(url, id, &id_size, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	blob.cbData = id_size;
+	blob.pbData = id;
+
+	store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY");
+	if (store == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_FILE_ERROR;
+		goto cleanup;
+	}
+
+	cert = CertFindCertificateInStore(store,
+					  X509_ASN_ENCODING,
+					  0,
+					  CERT_FIND_KEY_IDENTIFIER,
+					  &blob, NULL);
+
+	if (cert == NULL) {
+		char buf[64];
+		_gnutls_debug_log("cannot find ID: %s from %s\n",
+				  _gnutls_bin2hex(id, id_size,
+						  buf, sizeof(buf), NULL), url);
+		ret = gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+		goto cleanup;
+	}
+
+	data.data = cert->pbCertEncoded;
+	data.size = cert->cbCertEncoded;
+
+	ret = gnutls_x509_crt_import(crt, &data, GNUTLS_X509_FMT_DER);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	if (cert != 0)
+		CertFreeCertificateContext(cert);
+
+	CertCloseStore(store, 0);
+	return ret;
+}
+
+/**
+ * gnutls_system_key_iter_deinit:
+ * @iter: an iterator of system keys
+ *
+ * This function will deinitialize the iterator.
+ *
+ * Since: 3.4.0
+ **/
+void gnutls_system_key_iter_deinit(gnutls_system_key_iter_t iter)
+{
+	if (ncrypt_init == 0)
+		return;
+	if (iter->cert != NULL)
+		CertFreeCertificateContext(iter->cert);
+	CertCloseStore(iter->store, 0);
+	gnutls_free(iter);
+}
+
+static
+int get_win_urls(const CERT_CONTEXT * cert, char **cert_url, char **key_url,
+		 char **label, gnutls_datum_t * der)
+{
+	BOOL r;
+	int ret;
+	DWORD tl_size;
+	gnutls_datum_t tmp_label = { NULL, 0 };
+	char name[MAX_CN * 2];
+	char hex[MAX_WID_SIZE * 2 + 1];
+	gnutls_buffer_st str;
+#ifdef WORDS_BIGENDIAN
+	const unsigned bigendian = 1;
+#else
+	const unsigned bigendian = 0;
+#endif
+
+	if (cert == NULL)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (der) {
+		der->data = gnutls_malloc(cert->cbCertEncoded);
+		if (der->data == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		memcpy(der->data, cert->pbCertEncoded, cert->cbCertEncoded);
+		der->size = cert->cbCertEncoded;
+	}
+
+	_gnutls_buffer_init(&str);
+	if (label)
+		*label = NULL;
+	if (key_url)
+		*key_url = NULL;
+	if (cert_url)
+		*cert_url = NULL;
+
+	tl_size = sizeof(name);
+	r = CertGetCertificateContextProperty(cert, CERT_FRIENDLY_NAME_PROP_ID,
+					      name, &tl_size);
+	if (r != 0) {		/* optional */
+		ret =
+		    _gnutls_ucs2_to_utf8(name, tl_size, &tmp_label, bigendian);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+		if (label)
+			*label = (char *)tmp_label.data;
+	}
+
+	tl_size = sizeof(name);
+	r = CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID,
+					      name, &tl_size);
+	if (r == 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		goto fail;
+	}
+
+	if (_gnutls_bin2hex(name, tl_size, hex, sizeof(hex), 0) == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+		goto fail;
+	}
+
+	ret =
+	    _gnutls_buffer_append_printf(&str, WIN_URL "id=%s;type=cert", hex);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	if (tmp_label.data) {
+		ret = _gnutls_buffer_append_str(&str, ";name=");
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		ret =
+		    _gnutls_buffer_append_escape(&str, tmp_label.data,
+						 tmp_label.size, " ");
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+	}
+
+	ret = _gnutls_buffer_append_data(&str, "\x00", 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	if (cert_url)
+		*cert_url = (char *)str.data;
+	_gnutls_buffer_init(&str);
+
+	ret =
+	    _gnutls_buffer_append_printf(&str, WIN_URL "id=%s;type=privkey",
+					 hex);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	if (tmp_label.data) {
+		ret = _gnutls_buffer_append_str(&str, ";name=");
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		ret =
+		    _gnutls_buffer_append_escape(&str, tmp_label.data,
+						 tmp_label.size, " ");
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+	}
+
+	ret = _gnutls_buffer_append_data(&str, "\x00", 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	if (key_url)
+		*key_url = (char *)str.data;
+	_gnutls_buffer_init(&str);
+
+	ret = 0;
+	goto cleanup;
+
+ fail:
+	if (der)
+		gnutls_free(der->data);
+	if (cert_url)
+		gnutls_free(*cert_url);
+	if (key_url)
+		gnutls_free(*key_url);
+	if (label)
+		gnutls_free(*label);
+ cleanup:
+	_gnutls_buffer_clear(&str);
+	return ret;
+}
+
+/**
+ * gnutls_system_key_iter_get_info:
+ * @iter: an iterator of the system keys (must be set to %NULL initially)
+ * @cert_type: A value of gnutls_certificate_type_t which indicates the type of certificate to look for
+ * @cert_url: The certificate URL of the pair (may be %NULL)
+ * @key_url: The key URL of the pair (may be %NULL)
+ * @label: The friendly name (if any) of the pair (may be %NULL)
+ * @der: if non-NULL the DER data of the certificate
+ * @flags: should be zero
+ *
+ * This function will return on each call a certificate
+ * and key pair URLs, as well as a label associated with them,
+ * and the DER-encoded certificate. When the iteration is complete it will
+ * return %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.
+ *
+ * Typically @cert_type should be %GNUTLS_CRT_X509.
+ *
+ * All values set are allocated and must be cleared using gnutls_free(),
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_system_key_iter_get_info(gnutls_system_key_iter_t * iter,
+				unsigned cert_type,
+				char **cert_url,
+				char **key_url,
+				char **label,
+				gnutls_datum_t * der, unsigned int flags)
+{
+	if (ncrypt_init == 0)
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+	if (cert_type != GNUTLS_CRT_X509)
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+
+	if (*iter == NULL) {
+		*iter = gnutls_calloc(1, sizeof(struct system_key_iter_st));
+		if (*iter == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		(*iter)->store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY");
+		if ((*iter)->store == NULL) {
+			gnutls_free(*iter);
+			*iter = NULL;
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+		}
+
+		(*iter)->cert =
+		    CertEnumCertificatesInStore((*iter)->store, NULL);
+
+		return get_win_urls((*iter)->cert, cert_url, key_url, label,
+				    der);
+	} else {
+		if ((*iter)->cert == NULL)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+		(*iter)->cert =
+		    CertEnumCertificatesInStore((*iter)->store, (*iter)->cert);
+		return get_win_urls((*iter)->cert, cert_url, key_url, label,
+				    der);
+
+	}
+}
+
+/**
+ * gnutls_system_key_delete:
+ * @cert_url: the URL of the certificate
+ * @key_url: the URL of the key
+ *
+ * This function will delete the key and certificate pair.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int gnutls_system_key_delete(const char *cert_url, const char *key_url)
+{
+	uint8_t id[MAX_WID_SIZE];
+	HCERTSTORE store = NULL;
+	size_t id_size;
+	const CERT_CONTEXT *cert = NULL;
+	CRYPT_HASH_BLOB blob;
+	NCRYPT_KEY_HANDLE nc;
+	DWORD nc_size;
+	BOOL r;
+	int ret;
+
+	if (ncrypt_init == 0)
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+
+	if (cert_url == NULL && key_url == NULL)
+		return 0;
+
+	if (cert_url != NULL) {
+		id_size = sizeof(id);
+		ret = get_id(cert_url, id, &id_size, 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	} else {
+		id_size = sizeof(id);
+		ret = get_id(key_url, id, &id_size, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	blob.cbData = id_size;
+	blob.pbData = id;
+
+	store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY");
+	if (store != NULL) {
+		do {
+			cert = CertFindCertificateInStore(store,
+							  X509_ASN_ENCODING,
+							  0,
+							  CERT_FIND_KEY_IDENTIFIER,
+							  &blob, cert);
+
+			if (cert && key_url) {
+				nc_size = sizeof(nc);
+				r = CertGetCertificateContextProperty(cert,
+								      CERT_NCRYPT_KEY_HANDLE_TRANSFER_PROP_ID,
+								      &nc,
+								      &nc_size);
+				if (r != 0) {
+					pNCryptDeleteKey(nc, 0);
+					pNCryptFreeObject(nc);
+				} else {
+					gnutls_assert();
+				}
+			}
+
+			if (cert && cert_url)
+				CertDeleteCertificateFromStore(cert);
+		} while (cert != NULL);
+		CertCloseStore(store, 0);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_system_key_add_x509:
+ * @crt: the certificate to be added
+ * @privkey: the key to be added
+ * @label: the friendly name to describe the key
+ * @cert_url: if non-NULL it will contain an allocated value with the certificate URL
+ * @key_url: if non-NULL it will contain an allocated value with the key URL
+ *
+ * This function will added the given key and certificate pair,
+ * to the system list.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int gnutls_system_key_add_x509(gnutls_x509_crt_t crt,
+			       gnutls_x509_privkey_t privkey, const char *label,
+			       char **cert_url, char **key_url)
+{
+	HCERTSTORE store = NULL;
+	CRYPT_DATA_BLOB pfx;
+	gnutls_datum_t _pfx = { NULL, 0 };
+	gnutls_pkcs12_t p12 = NULL;
+	gnutls_pkcs12_bag_t bag1 = NULL, bag2 = NULL;
+	uint8_t id[MAX_WID_SIZE];
+	size_t id_size;
+	gnutls_datum_t kid;
+	int ret;
+
+	if (ncrypt_init == 0)
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+
+	if (label == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	id_size = sizeof(id);
+	ret = gnutls_x509_crt_get_key_id(crt, 0, id, &id_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	kid.data = id;
+	kid.size = id_size;
+
+	/* the idea: import the cert and private key into PKCS #12
+	 * format, export it into pfx, and import it into store */
+	ret = gnutls_pkcs12_init(&p12);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pkcs12_bag_init(&bag1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pkcs12_bag_set_crt(bag1, crt);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pkcs12_bag_set_key_id(bag1, 0, &kid);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (label)
+		gnutls_pkcs12_bag_set_friendly_name(bag1, 0, label);
+
+	ret = gnutls_pkcs12_bag_init(&bag2);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pkcs12_bag_set_privkey(bag2, privkey, NULL, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pkcs12_bag_set_key_id(bag2, 0, &kid);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (label)
+		gnutls_pkcs12_bag_set_friendly_name(bag2, 0, label);
+
+	ret = gnutls_pkcs12_set_bag(p12, bag1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pkcs12_set_bag(p12, bag2);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pkcs12_generate_mac(p12, "123456");
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pkcs12_export2(p12, GNUTLS_X509_FMT_DER, &_pfx);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	pfx.cbData = _pfx.size;
+	pfx.pbData = _pfx.data;
+
+	store = PFXImportCertStore(&pfx, L"123456", 0);
+	if (store == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	if (cert_url || key_url) {
+		unsigned char sha[20];
+		CRYPT_HASH_BLOB blob;
+		const CERT_CONTEXT *cert = NULL;
+		gnutls_datum_t data;
+
+		ret = gnutls_x509_crt_export2(crt, GNUTLS_X509_FMT_DER, &data);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret =
+		    gnutls_hash_fast(GNUTLS_DIG_SHA1, data.data, data.size,
+				     sha);
+		gnutls_free(data.data);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		blob.cbData = sizeof(sha);
+		blob.pbData = sha;
+
+		cert = CertFindCertificateInStore(store,
+						  X509_ASN_ENCODING,
+						  0,
+						  CERT_FIND_SHA1_HASH,
+						  &blob, NULL);
+
+		if (cert == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_KEY_IMPORT_FAILED;
+			goto cleanup;
+		}
+
+		ret = get_win_urls(cert, cert_url, key_url, NULL, NULL);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret = 0;
+
+ cleanup:
+	if (p12 != NULL)
+		gnutls_pkcs12_deinit(p12);
+	if (bag1 != NULL)
+		gnutls_pkcs12_bag_deinit(bag1);
+	if (bag2 != NULL)
+		gnutls_pkcs12_bag_deinit(bag2);
+	if (store != NULL)
+		CertCloseStore(store, 0);
+	gnutls_free(_pfx.data);
+	return ret;
+}
+
+int _gnutls_system_key_init(void)
+{
+	int ret;
+
+#ifdef DYN_NCRYPT
+	ncrypt_lib = LoadLibrary(TEXT("ncrypt.dll"));
+	if (ncrypt_lib == NULL) {
+		return gnutls_assert_val(GNUTLS_E_CRYPTO_INIT_FAILED);
+	}
+
+	pNCryptDeleteKey =
+	    (NCryptDeleteKeyFunc) GetProcAddress(ncrypt_lib, "NCryptDeleteKey");
+	if (pNCryptDeleteKey == NULL) {
+		ret = GNUTLS_E_CRYPTO_INIT_FAILED;
+		goto fail;
+	}
+
+	pNCryptOpenStorageProvider =
+	    (NCryptOpenStorageProviderFunc) GetProcAddress(ncrypt_lib,
+							   "NCryptOpenStorageProvider");
+	if (pNCryptOpenStorageProvider == NULL) {
+		ret = GNUTLS_E_CRYPTO_INIT_FAILED;
+		goto fail;
+	}
+
+	pNCryptOpenKey =
+	    (NCryptOpenKeyFunc) GetProcAddress(ncrypt_lib, "NCryptOpenKey");
+	if (pNCryptOpenKey == NULL) {
+		ret = GNUTLS_E_CRYPTO_INIT_FAILED;
+		goto fail;
+	}
+
+	pNCryptGetProperty =
+	    (NCryptGetPropertyFunc) GetProcAddress(ncrypt_lib,
+						   "NCryptGetProperty");
+	if (pNCryptGetProperty == NULL) {
+		ret = GNUTLS_E_CRYPTO_INIT_FAILED;
+		goto fail;
+	}
+
+	pNCryptFreeObject =
+	    (NCryptFreeObjectFunc) GetProcAddress(ncrypt_lib,
+						  "NCryptFreeObject");
+	if (pNCryptFreeObject == NULL) {
+		ret = GNUTLS_E_CRYPTO_INIT_FAILED;
+		goto fail;
+	}
+
+	pNCryptDecrypt =
+	    (NCryptDecryptFunc) GetProcAddress(ncrypt_lib, "NCryptDecrypt");
+	if (pNCryptDecrypt == NULL) {
+		ret = GNUTLS_E_CRYPTO_INIT_FAILED;
+		goto fail;
+	}
+
+	pNCryptSignHash =
+	    (NCryptSignHashFunc) GetProcAddress(ncrypt_lib, "NCryptSignHash");
+	if (pNCryptSignHash == NULL) {
+		ret = GNUTLS_E_CRYPTO_INIT_FAILED;
+		goto fail;
+	}
+	ncrypt_init = 1;
+
+	return 0;
+ fail:
+	FreeLibrary(ncrypt_lib);
+	return ret;
+#else
+    ncrypt_init = 1;
+    return 0;
+#endif
+}
+
+void _gnutls_system_key_deinit(void)
+{
+	if (ncrypt_init != 0) {
+		FreeLibrary(ncrypt_lib);
+		ncrypt_init = 0;
+	}
+}
diff --git a/lib/system/ktls.c b/lib/system/ktls.c
new file mode 100644
index 0000000..ddf27fa
--- /dev/null
+++ b/lib/system/ktls.c
@@ -0,0 +1,487 @@
+/*
+ * Copyright (C) 2021 Free Software Foundation, Inc.
+ *
+ * Author: Fratnišek Krenželok
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "config.h"
+#include "system/ktls.h"
+
+#ifdef ENABLE_KTLS
+
+#include <linux/tls.h>
+#include <record.h>
+#include <sys/socket.h>
+#include <netinet/tcp.h>
+#include <unistd.h>
+#include <errno.h>
+#include "ext/session_ticket.h"
+#include <sys/sendfile.h>
+
+/**
+ * gnutls_transport_is_ktls_enabled:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Checks if KTLS is now enabled and was properly inicialized.
+ *
+ * Returns: %GNUTLS_KTLS_RECV, %GNUTLS_KTLS_SEND, %GNUTLS_KTLS_DUPLEX, otherwise 0
+ *
+ * Since: 3.7.3
+ **/
+gnutls_transport_ktls_enable_flags_t
+gnutls_transport_is_ktls_enabled(gnutls_session_t session){
+	if (unlikely(!session->internals.initial_negotiation_completed)){
+		_gnutls_debug_log("Initial negotiation is not yet complete\n");
+		return 0;
+	}
+
+	return session->internals.ktls_enabled;
+}
+
+void _gnutls_ktls_enable(gnutls_session_t session)
+{
+	int sockin, sockout;
+
+	gnutls_transport_get_int2(session, &sockin, &sockout);
+
+	if (setsockopt(sockin, SOL_TCP, TCP_ULP, "tls", sizeof ("tls")) == 0) {
+		session->internals.ktls_enabled |= GNUTLS_KTLS_RECV;
+		if (sockin == sockout) {
+			session->internals.ktls_enabled |= GNUTLS_KTLS_SEND;
+		}
+	} else {
+		_gnutls_record_log("Unable to set TCP_ULP for read socket: %d\n",
+				   errno);
+	}
+
+	if (sockin != sockout) {
+		if (setsockopt(sockout, SOL_TCP, TCP_ULP, "tls", sizeof ("tls")) == 0) {
+			session->internals.ktls_enabled |= GNUTLS_KTLS_SEND;
+		} else {
+			_gnutls_record_log("Unable to set TCP_ULP for write socket: %d\n",
+					   errno);
+		}
+	}
+}
+
+int _gnutls_ktls_set_keys(gnutls_session_t session)
+{
+	gnutls_cipher_algorithm_t cipher = gnutls_cipher_get(session);
+	gnutls_datum_t mac_key;
+	gnutls_datum_t iv;
+	gnutls_datum_t cipher_key;
+	unsigned char seq_number[8];
+	int sockin, sockout;
+	int ret;
+
+	gnutls_transport_get_int2(session, &sockin, &sockout);
+
+	/* check whether or not cipher suite supports ktls
+	 */
+	int version = gnutls_protocol_get_version(session);
+	if ((version != GNUTLS_TLS1_3 && version != GNUTLS_TLS1_2) ||
+		(gnutls_cipher_get(session) != GNUTLS_CIPHER_AES_128_GCM &&
+		gnutls_cipher_get(session) != GNUTLS_CIPHER_AES_256_GCM)) {
+		return  GNUTLS_E_UNIMPLEMENTED_FEATURE;
+	}
+
+	ret = gnutls_record_get_state(session, 1, &mac_key, &iv, &cipher_key,
+								   seq_number);
+	if (ret < 0) {
+		return ret;
+	}
+
+	if(session->internals.ktls_enabled & GNUTLS_KTLS_RECV){
+		switch (cipher) {
+			case GNUTLS_CIPHER_AES_128_GCM:
+			{
+				struct tls12_crypto_info_aes_gcm_128 crypto_info;
+				memset(&crypto_info, 0, sizeof(crypto_info));
+
+				crypto_info.info.cipher_type = TLS_CIPHER_AES_GCM_128;
+				assert(cipher_key.size == TLS_CIPHER_AES_GCM_128_KEY_SIZE);
+
+				/* for TLS 1.2 IV is generated in kernel */
+				if (version == GNUTLS_TLS1_2) {
+					crypto_info.info.version = TLS_1_2_VERSION;
+					memcpy(crypto_info.iv, seq_number, TLS_CIPHER_AES_GCM_128_IV_SIZE);
+				} else {
+					crypto_info.info.version = TLS_1_3_VERSION;
+					assert(iv.size == TLS_CIPHER_AES_GCM_128_SALT_SIZE
+							+ TLS_CIPHER_AES_GCM_128_IV_SIZE);
+
+					memcpy(crypto_info.iv, iv.data +
+						TLS_CIPHER_AES_GCM_128_SALT_SIZE,
+						TLS_CIPHER_AES_GCM_128_IV_SIZE);
+				}
+
+				memcpy(crypto_info.salt, iv.data,
+				TLS_CIPHER_AES_GCM_128_SALT_SIZE);
+				memcpy(crypto_info.rec_seq, seq_number,
+				TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
+				memcpy(crypto_info.key, cipher_key.data,
+				TLS_CIPHER_AES_GCM_128_KEY_SIZE);
+
+				if (setsockopt (sockin, SOL_TLS, TLS_RX,
+						&crypto_info, sizeof (crypto_info))) {
+					session->internals.ktls_enabled &= ~GNUTLS_KTLS_RECV;
+					return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+				}
+			}
+			break;
+			case GNUTLS_CIPHER_AES_256_GCM:
+			{
+				struct tls12_crypto_info_aes_gcm_256 crypto_info;
+				memset(&crypto_info, 0, sizeof(crypto_info));
+
+				crypto_info.info.cipher_type = TLS_CIPHER_AES_GCM_256;
+				assert (cipher_key.size == TLS_CIPHER_AES_GCM_256_KEY_SIZE);
+
+				/* for TLS 1.2 IV is generated in kernel */
+				if (version == GNUTLS_TLS1_2) {
+					crypto_info.info.version = TLS_1_2_VERSION;
+					memcpy(crypto_info.iv, seq_number, TLS_CIPHER_AES_GCM_256_IV_SIZE);
+				} else {
+					crypto_info.info.version = TLS_1_3_VERSION;
+					assert (iv.size == TLS_CIPHER_AES_GCM_256_SALT_SIZE
+							+ TLS_CIPHER_AES_GCM_256_IV_SIZE);
+
+					memcpy(crypto_info.iv, iv.data + TLS_CIPHER_AES_GCM_256_SALT_SIZE,
+					TLS_CIPHER_AES_GCM_256_IV_SIZE);
+				}
+
+				memcpy (crypto_info.salt, iv.data,
+				TLS_CIPHER_AES_GCM_256_SALT_SIZE);
+				memcpy (crypto_info.rec_seq, seq_number,
+				TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
+				memcpy (crypto_info.key, cipher_key.data,
+				TLS_CIPHER_AES_GCM_256_KEY_SIZE);
+
+				if (setsockopt (sockin, SOL_TLS, TLS_RX,
+						&crypto_info, sizeof (crypto_info))) {
+					session->internals.ktls_enabled &= ~GNUTLS_KTLS_RECV;
+					return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+				}
+			}
+			break;
+			default:
+				assert(0);
+		}
+	}
+
+	ret = gnutls_record_get_state (session, 0, &mac_key, &iv, &cipher_key,
+								   seq_number);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	if(session->internals.ktls_enabled & GNUTLS_KTLS_SEND){
+		switch (cipher) {
+			case GNUTLS_CIPHER_AES_128_GCM:
+			{
+				struct tls12_crypto_info_aes_gcm_128 crypto_info;
+				memset(&crypto_info, 0, sizeof(crypto_info));
+
+				crypto_info.info.cipher_type = TLS_CIPHER_AES_GCM_128;
+
+				assert (cipher_key.size == TLS_CIPHER_AES_GCM_128_KEY_SIZE);
+
+				/* for TLS 1.2 IV is generated in kernel */
+				if (version == GNUTLS_TLS1_2) {
+					crypto_info.info.version = TLS_1_2_VERSION;
+					memcpy(crypto_info.iv, seq_number, TLS_CIPHER_AES_GCM_128_IV_SIZE);
+				} else {
+					crypto_info.info.version = TLS_1_3_VERSION;
+					assert (iv.size == TLS_CIPHER_AES_GCM_128_SALT_SIZE
+							+ TLS_CIPHER_AES_GCM_128_IV_SIZE);
+
+					memcpy (crypto_info.iv, iv.data + TLS_CIPHER_AES_GCM_128_SALT_SIZE,
+					TLS_CIPHER_AES_GCM_128_IV_SIZE);
+				}
+
+				memcpy (crypto_info.salt, iv.data,
+				TLS_CIPHER_AES_GCM_128_SALT_SIZE);
+				memcpy (crypto_info.rec_seq, seq_number,
+				TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
+				memcpy (crypto_info.key, cipher_key.data,
+				TLS_CIPHER_AES_GCM_128_KEY_SIZE);
+
+				if (setsockopt (sockout, SOL_TLS, TLS_TX,
+						&crypto_info, sizeof (crypto_info))) {
+					session->internals.ktls_enabled &= ~GNUTLS_KTLS_SEND;
+					return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+				}
+			}
+			break;
+			case GNUTLS_CIPHER_AES_256_GCM:
+			{
+				struct tls12_crypto_info_aes_gcm_256 crypto_info;
+				memset(&crypto_info, 0, sizeof(crypto_info));
+
+				crypto_info.info.cipher_type = TLS_CIPHER_AES_GCM_256;
+				assert (cipher_key.size == TLS_CIPHER_AES_GCM_256_KEY_SIZE);
+
+				/* for TLS 1.2 IV is generated in kernel */
+				if (version == GNUTLS_TLS1_2) {
+					crypto_info.info.version = TLS_1_2_VERSION;
+					memcpy(crypto_info.iv, seq_number, TLS_CIPHER_AES_GCM_256_IV_SIZE);
+				} else {
+					crypto_info.info.version = TLS_1_3_VERSION;
+					assert (iv.size == TLS_CIPHER_AES_GCM_256_SALT_SIZE +
+							TLS_CIPHER_AES_GCM_256_IV_SIZE);
+
+					memcpy (crypto_info.iv, iv.data + TLS_CIPHER_AES_GCM_256_SALT_SIZE,
+					TLS_CIPHER_AES_GCM_256_IV_SIZE);
+				}
+
+				memcpy (crypto_info.salt, iv.data,
+				TLS_CIPHER_AES_GCM_256_SALT_SIZE);
+				memcpy (crypto_info.rec_seq, seq_number,
+				TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
+				memcpy (crypto_info.key, cipher_key.data,
+				TLS_CIPHER_AES_GCM_256_KEY_SIZE);
+
+				if (setsockopt (sockout, SOL_TLS, TLS_TX,
+						&crypto_info, sizeof (crypto_info))) {
+					session->internals.ktls_enabled &= ~GNUTLS_KTLS_SEND;
+					return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+				}
+			}
+			break;
+			default:
+				assert(0);
+		}
+	}
+
+	return 0;
+}
+
+ssize_t _gnutls_ktls_send_file(gnutls_session_t session, int fd,
+		off_t *offset, size_t count)
+{
+	ssize_t ret;
+	int sockin, sockout;
+
+	assert(session != NULL);
+
+	gnutls_transport_get_int2(session, &sockin, &sockout);
+
+	ret = sendfile(sockout, fd, offset, count);
+	if (ret == -1){
+		switch(errno) {
+			case EINTR:
+				return GNUTLS_E_INTERRUPTED;
+			case EAGAIN:
+				return GNUTLS_E_AGAIN;
+			default:
+				return GNUTLS_E_PUSH_ERROR;
+		}
+	}
+
+	return ret;
+}
+
+int _gnutls_ktls_send_control_msg(gnutls_session_t session,
+		unsigned char record_type, const void *data, size_t data_size)
+{
+	const char *buf = data;
+	ssize_t ret;
+	int sockin, sockout;
+	size_t data_to_send = data_size;
+
+	assert (session != NULL);
+
+	gnutls_transport_get_int2(session, &sockin, &sockout);
+
+	while (data_to_send > 0) {
+		char cmsg[CMSG_SPACE(sizeof (unsigned char))];
+		struct msghdr msg = { 0 };
+		struct iovec msg_iov;   /* Vector of data to send/receive into. */
+		struct cmsghdr *hdr;
+
+		msg.msg_control = cmsg;
+		msg.msg_controllen = sizeof cmsg;
+
+		hdr = CMSG_FIRSTHDR(&msg);
+		hdr->cmsg_level = SOL_TLS;
+		hdr->cmsg_type = TLS_SET_RECORD_TYPE;
+		hdr->cmsg_len = CMSG_LEN(sizeof (unsigned char));
+
+		// construct record header
+		*CMSG_DATA(hdr) = record_type;
+		msg.msg_controllen = hdr->cmsg_len;
+
+		msg_iov.iov_base = (void *)buf;
+		msg_iov.iov_len = data_to_send;
+
+		msg.msg_iov = &msg_iov;
+		msg.msg_iovlen = 1;
+
+		ret = sendmsg(sockout, &msg, MSG_DONTWAIT);
+
+		if (ret == -1) {
+			switch (errno) {
+				case EINTR:
+					return GNUTLS_E_INTERRUPTED;
+				case EAGAIN:
+					return GNUTLS_E_AGAIN;
+				default:
+					return GNUTLS_E_PUSH_ERROR;
+			}
+		}
+
+		buf += ret;
+		data_to_send -= ret;
+	}
+
+	return data_size;
+}
+
+int _gnutls_ktls_recv_control_msg(gnutls_session_t session,
+			unsigned char *record_type, void *data, size_t data_size)
+{
+	char *buf = data;
+	ssize_t ret;
+	int sockin, sockout;
+
+	char cmsg[CMSG_SPACE(sizeof (unsigned char))];
+	struct msghdr msg = { 0 };
+	struct iovec msg_iov;
+	struct cmsghdr *hdr;
+
+	assert (session != NULL);
+
+	gnutls_transport_get_int2(session, &sockin, &sockout);
+
+	if (session->internals.read_eof != 0) {
+		return 0;
+	} else if (session->internals.invalid_connection != 0 ||
+			session->internals.may_not_read != 0)
+		return GNUTLS_E_INVALID_SESSION;
+
+	/* receive message */
+	msg.msg_control = cmsg;
+	msg.msg_controllen = sizeof cmsg;
+
+	msg_iov.iov_base = buf;
+	msg_iov.iov_len = data_size;
+
+	msg.msg_iov = &msg_iov;
+	msg.msg_iovlen = 1;
+
+	ret = recvmsg(sockin, &msg, MSG_DONTWAIT);
+
+	if (ret == -1){
+		switch(errno){
+			case EAGAIN:
+				return GNUTLS_E_AGAIN;
+			case EINVAL:
+				return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
+			case EMSGSIZE:
+				return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+			case EBADMSG:
+				return GNUTLS_E_DECRYPTION_FAILED;
+			default:
+				return GNUTLS_E_PULL_ERROR;
+		}
+	}
+
+	/* connection closed */
+	if (ret == 0)
+		return 0;
+
+	/* get record type from header */
+	hdr = CMSG_FIRSTHDR(&msg);
+	if (hdr == NULL){
+		return GNUTLS_E_PULL_ERROR;
+	}
+	if (hdr->cmsg_level == SOL_TLS && hdr->cmsg_type == TLS_GET_RECORD_TYPE)
+		*record_type = *(unsigned char *)CMSG_DATA(hdr);
+	else
+		*record_type = GNUTLS_APPLICATION_DATA;
+
+	return ret;
+}
+
+int _gnutls_ktls_recv_int(gnutls_session_t session, content_type_t type,
+		void *data, size_t data_size)
+{
+	unsigned char record_type;
+	int ret;
+
+	ret = _gnutls_ktls_recv_control_msg(session,
+			&record_type, data, data_size);
+
+	if (ret > 0) {
+		switch (record_type){
+			case GNUTLS_CHANGE_CIPHER_SPEC:
+				return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+				break;
+			case GNUTLS_ALERT:
+				session_invalidate(session);
+				ret = 0;
+				break;
+			case GNUTLS_HANDSHAKE:
+				// ignore post-handshake messages
+				if (type != record_type)
+					return GNUTLS_E_AGAIN;
+				break;
+			case GNUTLS_APPLICATION_DATA:
+				if (type != record_type)
+					ret = GNUTLS_E_GOT_APPLICATION_DATA;
+				break;
+			case GNUTLS_HEARTBEAT:
+				break;
+			default:
+				gnutls_assert();
+				return GNUTLS_E_UNEXPECTED_PACKET;
+		}
+	}
+	return ret;
+}
+
+#else //ENABLE_KTLS
+gnutls_transport_ktls_enable_flags_t
+gnutls_transport_is_ktls_enabled(gnutls_session_t session) {
+	return 0;
+}
+
+void _gnutls_ktls_enable(gnutls_session_t session) {
+}
+
+int _gnutls_ktls_set_keys(gnutls_session_t session) {
+	return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+}
+
+ssize_t _gnutls_ktls_send_file(gnutls_session_t session, int fd,
+		off_t *offset, size_t count) {
+	return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+}
+
+int _gnutls_ktls_send_control_msg(gnutls_session_t session,
+		unsigned char record_type, const void *data, size_t data_size) {
+	return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+}
+
+int _gnutls_ktls_recv_int(gnutls_session_t session, content_type_t type,
+		void *data, size_t data_size) {
+	return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+}
+
+#endif //ENABLE_KTLS
diff --git a/lib/system/ktls.h b/lib/system/ktls.h
new file mode 100644
index 0000000..8a98a8e
--- /dev/null
+++ b/lib/system/ktls.h
@@ -0,0 +1,18 @@
+#ifndef GNUTLS_LIB_ACCELERATED_KTLS_H
+#define GNUTLS_LIB_ACCELERATED_KTLS_H
+
+#include "gnutls_int.h"
+
+void _gnutls_ktls_enable(gnutls_session_t session);
+int _gnutls_ktls_set_keys(gnutls_session_t session);
+ssize_t _gnutls_ktls_send_file(gnutls_session_t session, int fd,
+		off_t *offset, size_t count);
+int _gnutls_ktls_send_control_msg(gnutls_session_t session, unsigned char record_type,
+		const void *data, size_t data_size);
+#define _gnutls_ktls_send(x, y, z) _gnutls_ktls_send_control_msg(x, GNUTLS_APPLICATION_DATA, y, z);
+int _gnutls_ktls_recv_control_msg(gnutls_session_t session, unsigned char *record_type,
+		void *data, size_t data_size);
+int _gnutls_ktls_recv_int(gnutls_session_t session, content_type_t type, void *data, size_t data_size);
+#define _gnutls_ktls_recv(x, y, z) _gnutls_ktls_recv_int(x, GNUTLS_APPLICATION_DATA, y, z)
+
+#endif /* GNUTLS_LIB_ACCELERATED_KTLS_H */
diff --git a/lib/system/sockets.c b/lib/system/sockets.c
new file mode 100644
index 0000000..e1d6fd1
--- /dev/null
+++ b/lib/system/sockets.c
@@ -0,0 +1,234 @@
+/*
+ * Copyright (C) 2010-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include <config.h>
+#include <system.h>
+#include "gnutls_int.h"
+#include "errors.h"
+
+#include <sys/socket.h>
+#include <errno.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+
+#ifdef _WIN32
+# include <windows.h>
+#else /* !_WIN32 */
+# include <poll.h>
+#endif
+
+/* System specific socket function wrappers.
+ */
+
+#ifdef _WIN32
+/* Do not use the gnulib functions for sending and receiving data.
+ * Using them makes gnutls only working with gnulib applications.
+ */
+#undef send
+#undef recv
+#undef select
+
+int system_errno(gnutls_transport_ptr p)
+{
+	int tmperr = WSAGetLastError();
+	int ret = 0;
+	switch (tmperr) {
+	case WSAEWOULDBLOCK:
+		ret = EAGAIN;
+		break;
+	case NO_ERROR:
+		ret = 0;
+		break;
+	case WSAEINTR:
+		ret = EINTR;
+		break;
+	case WSAEMSGSIZE:
+		ret = EMSGSIZE;
+		break;
+	default:
+		ret = EIO;
+		break;
+	}
+	WSASetLastError(tmperr);
+
+	return ret;
+}
+
+ssize_t
+system_write(gnutls_transport_ptr ptr, const void *data, size_t data_size)
+{
+	return send(GNUTLS_POINTER_TO_INT(ptr), data, data_size, 0);
+}
+
+ssize_t
+system_writev(gnutls_transport_ptr_t ptr, const giovec_t * iovec,
+	      int iovec_cnt)
+{
+	WSABUF bufs[32];
+	DWORD bytes_sent;
+	DWORD to_send_cnt = 0;
+	size_t to_send_bytes = 0;
+
+	if ((size_t)iovec_cnt > sizeof(bufs) / sizeof(bufs[0]))
+		iovec_cnt = sizeof(bufs) / sizeof(bufs[0]);
+
+	while (to_send_cnt < (DWORD)iovec_cnt && to_send_bytes < SSIZE_MAX) {
+		bufs[to_send_cnt].buf = iovec[to_send_cnt].iov_base;
+
+		if (to_send_bytes + iovec[to_send_cnt].iov_len > SSIZE_MAX) {
+			/* Return value limit: successful result value cannot
+			 * exceed SSIZE_MAX */
+			size_t space_left = (size_t)SSIZE_MAX - to_send_bytes;
+			bufs[to_send_cnt].len = (unsigned long)
+					(space_left > ULONG_MAX ?
+						ULONG_MAX : space_left);
+			to_send_cnt++;
+			break;
+		}
+#ifdef _WIN64
+		if (iovec[to_send_cnt].iov_len > ULONG_MAX) {
+			/* WSASend() limitation */
+			bufs[to_send_cnt].len = ULONG_MAX;
+			to_send_cnt++;
+			break;
+		}
+#endif
+		bufs[to_send_cnt].len =
+			(unsigned long) iovec[to_send_cnt].iov_len;
+		to_send_bytes += iovec[to_send_cnt].iov_len;
+		to_send_cnt++;
+	}
+
+	if (WSASend(GNUTLS_POINTER_TO_INT(ptr), bufs, to_send_cnt, &bytes_sent,
+			0, NULL, NULL) != 0)
+		return -1;
+
+	return (ssize_t)bytes_sent;
+}
+
+#else				/* POSIX */
+int system_errno(gnutls_transport_ptr_t ptr)
+{
+#if defined(_AIX) || defined(AIX)
+	if (errno == 0)
+		errno = EAGAIN;
+#endif
+
+	return errno;
+}
+
+static ssize_t
+_system_writev(gnutls_transport_ptr_t ptr, const giovec_t * iovec,
+	      int iovec_cnt, int flags)
+{
+	struct msghdr hdr;
+
+	memset(&hdr, 0, sizeof(hdr));
+	hdr.msg_iov = (struct iovec *)iovec;
+	hdr.msg_iovlen = iovec_cnt;
+
+	return sendmsg(GNUTLS_POINTER_TO_INT(ptr), &hdr, flags);
+}
+
+#ifdef MSG_NOSIGNAL
+ssize_t
+system_writev_nosignal(gnutls_transport_ptr_t ptr, const giovec_t * iovec,
+	      int iovec_cnt)
+{
+	return _system_writev(ptr, iovec, iovec_cnt, MSG_NOSIGNAL);
+}
+
+#endif
+
+ssize_t
+system_writev(gnutls_transport_ptr_t ptr, const giovec_t * iovec,
+	      int iovec_cnt)
+{
+	return _system_writev(ptr, iovec, iovec_cnt, 0);
+}
+
+#endif
+
+
+ssize_t
+system_read(gnutls_transport_ptr_t ptr, void *data, size_t data_size)
+{
+	return recv(GNUTLS_POINTER_TO_INT(ptr), data, data_size, 0);
+}
+
+/**
+ * gnutls_system_recv_timeout:
+ * @ptr: A file descriptor (wrapped in a gnutls_transport_ptr_t pointer)
+ * @ms: The number of milliseconds to wait.
+ *
+ * Wait for data to be received from the provided socket (@ptr) within a
+ * timeout period in milliseconds, using select() on the provided @ptr.
+ *
+ * This function is provided as a helper for constructing custom
+ * callbacks for gnutls_transport_set_pull_timeout_function(),
+ * which can be used if you rely on socket file descriptors.
+ *
+ * Returns -1 on error, 0 on timeout, positive value if data are available for reading.
+ *
+ * Since: 3.4.0
+ **/
+int gnutls_system_recv_timeout(gnutls_transport_ptr_t ptr, unsigned int ms)
+{
+	int ret;
+	int fd = GNUTLS_POINTER_TO_INT(ptr);
+#ifndef _WIN32
+	int timeo;
+	struct pollfd pfd;
+
+	pfd.fd = fd;
+	pfd.events = POLLIN;
+	pfd.revents = 0;
+
+	if (ms == GNUTLS_INDEFINITE_TIMEOUT)
+		timeo = -1;
+	else
+		timeo = ms;
+	do {
+		ret = poll(&pfd, 1, timeo);
+	} while(ret == -1 && errno == EINTR);
+#else
+	fd_set rfds;
+	struct timeval _tv, *tv = NULL;
+
+	FD_ZERO(&rfds);
+	FD_SET(fd, &rfds);
+
+	if (ms != GNUTLS_INDEFINITE_TIMEOUT) {
+		_tv.tv_sec = ms/1000;
+		_tv.tv_usec = (ms % 1000) * 1000;
+		tv = &_tv;
+	}
+
+	ret = select(fd + 1, &rfds, NULL, NULL, tv);
+#endif
+	if (ret <= 0)
+		return ret;
+
+	return ret;
+}
+
diff --git a/lib/system/threads.c b/lib/system/threads.c
new file mode 100644
index 0000000..89b5959
--- /dev/null
+++ b/lib/system/threads.c
@@ -0,0 +1,87 @@
+/*
+ * Copyright (C) 2010-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include <config.h>
+#include <system.h>
+#include "gnutls_int.h"
+#include "errors.h"
+
+#include <sys/socket.h>
+#include <errno.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+
+#include "glthread/lock.h"
+
+/* System specific lock function wrappers.
+ */
+
+/* Thread stuff */
+
+static int gnutls_system_mutex_init(void **priv)
+{
+	gl_lock_t *lock = malloc(sizeof(gl_lock_t));
+
+	if (!lock) {
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	if (glthread_lock_init(lock)) {
+		free(lock);
+		return gnutls_assert_val(GNUTLS_E_LOCKING_ERROR);
+	}
+
+	*priv = lock;
+	return 0;
+}
+
+static int gnutls_system_mutex_deinit(void **priv)
+{
+	if (glthread_lock_destroy((gl_lock_t *) * priv)) {
+		return gnutls_assert_val(GNUTLS_E_LOCKING_ERROR);
+	}
+	free(*priv);
+	return 0;
+}
+
+static int gnutls_system_mutex_lock(void **priv)
+{
+	if (glthread_lock_lock((gl_lock_t *) * priv)) {
+		return gnutls_assert_val(GNUTLS_E_LOCKING_ERROR);
+	}
+	return 0;
+}
+
+static int gnutls_system_mutex_unlock(void **priv)
+{
+	if (glthread_lock_unlock((gl_lock_t *) * priv)) {
+		return gnutls_assert_val(GNUTLS_E_LOCKING_ERROR);
+	}
+	return 0;
+}
+
+mutex_init_func gnutls_mutex_init = gnutls_system_mutex_init;
+mutex_deinit_func gnutls_mutex_deinit = gnutls_system_mutex_deinit;
+mutex_lock_func gnutls_mutex_lock = gnutls_system_mutex_lock;
+mutex_unlock_func gnutls_mutex_unlock = gnutls_system_mutex_unlock;
+
diff --git a/lib/system_override.c b/lib/system_override.c
new file mode 100644
index 0000000..9179bf5
--- /dev/null
+++ b/lib/system_override.c
@@ -0,0 +1,196 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains function that will override the 
+ * default berkeley sockets API per session.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <num.h>
+#include <record.h>
+#include <buffers.h>
+#include <mbuffers.h>
+#include <state.h>
+#include <dtls.h>
+#include <system.h>
+
+#include <errno.h>
+#ifdef _WIN32
+#include <windows.h>
+#endif
+
+/**
+ * gnutls_transport_set_errno:
+ * @session: is a #gnutls_session_t type.
+ * @err: error value to store in session-specific errno variable.
+ *
+ * Store @err in the session-specific errno variable.  Useful values
+ * for @err are EINTR, EAGAIN and EMSGSIZE, other values are treated will be
+ * treated as real errors in the push/pull function.
+ *
+ * This function is useful in replacement push and pull functions set by
+ * gnutls_transport_set_push_function() and
+ * gnutls_transport_set_pull_function() under Windows, where the
+ * replacements may not have access to the same @errno
+ * variable that is used by GnuTLS (e.g., the application is linked to
+ * msvcr71.dll and gnutls is linked to msvcrt.dll).
+ *
+ * This function is unreliable if you are using the same
+ * @session in different threads for sending and receiving.
+ *
+ **/
+void gnutls_transport_set_errno(gnutls_session_t session, int err)
+{
+	session->internals.errnum = err;
+}
+
+/**
+ * gnutls_transport_set_pull_function:
+ * @session: is a #gnutls_session_t type.
+ * @pull_func: a callback function similar to read()
+ *
+ * This is the function where you set a function for gnutls to receive
+ * data.  Normally, if you use berkeley style sockets, do not need to
+ * use this function since the default recv(2) will probably be ok.
+ * The callback should return 0 on connection termination, a positive
+ * number indicating the number of bytes received, and -1 on error.
+ *
+ * @gnutls_pull_func is of the form,
+ * ssize_t (*gnutls_pull_func)(gnutls_transport_ptr_t, void*, size_t);
+ **/
+void
+gnutls_transport_set_pull_function(gnutls_session_t session,
+				   gnutls_pull_func pull_func)
+{
+	session->internals.pull_func = pull_func;
+}
+
+/**
+ * gnutls_transport_set_pull_timeout_function:
+ * @session: is a #gnutls_session_t type.
+ * @func: a callback function
+ *
+ * This is the function where you set a function for gnutls to know
+ * whether data are ready to be received. It should wait for data a
+ * given time frame in milliseconds. The callback should return 0 on 
+ * timeout, a positive number if data can be received, and -1 on error.
+ * You'll need to override this function if select() is not suitable
+ * for the provided transport calls.
+ *
+ * As with select(), if the timeout value is zero the callback should return
+ * zero if no data are immediately available. The special value
+ * %GNUTLS_INDEFINITE_TIMEOUT indicates that the callback should wait indefinitely
+ * for data.
+ *
+ * @gnutls_pull_timeout_func is of the form,
+ * int (*gnutls_pull_timeout_func)(gnutls_transport_ptr_t, unsigned int ms);
+ *
+ * This callback is necessary when gnutls_handshake_set_timeout() or 
+ * gnutls_record_set_timeout() are set, under TLS1.3 and for enforcing the DTLS
+ * mode timeouts when in blocking mode.
+ *
+ * For compatibility with future GnuTLS versions this callback must be set when
+ * a custom pull function is registered. The callback will not be used when the
+ * session is in TLS mode with non-blocking sockets. That is, when %GNUTLS_NONBLOCK
+ * is specified for a TLS session in gnutls_init().
+ *
+ * The helper function gnutls_system_recv_timeout() is provided to
+ * simplify writing callbacks. 
+ *
+ * Since: 3.0
+ **/
+void
+gnutls_transport_set_pull_timeout_function(gnutls_session_t session,
+					   gnutls_pull_timeout_func func)
+{
+	session->internals.pull_timeout_func = func;
+}
+
+/**
+ * gnutls_transport_set_push_function:
+ * @session: is a #gnutls_session_t type.
+ * @push_func: a callback function similar to write()
+ *
+ * This is the function where you set a push function for gnutls to
+ * use in order to send data.  If you are going to use berkeley style
+ * sockets, you do not need to use this function since the default
+ * send(2) will probably be ok.  Otherwise you should specify this
+ * function for gnutls to be able to send data.
+ * The callback should return a positive number indicating the
+ * bytes sent, and -1 on error.
+ *
+ * @push_func is of the form,
+ * ssize_t (*gnutls_push_func)(gnutls_transport_ptr_t, const void*, size_t);
+ *
+ **/
+void
+gnutls_transport_set_push_function(gnutls_session_t session,
+				   gnutls_push_func push_func)
+{
+	session->internals.push_func = push_func;
+	session->internals.vec_push_func = NULL;
+}
+
+/**
+ * gnutls_transport_set_vec_push_function:
+ * @session: is a #gnutls_session_t type.
+ * @vec_func: a callback function similar to writev()
+ *
+ * Using this function you can override the default writev(2)
+ * function for gnutls to send data. Setting this callback 
+ * instead of gnutls_transport_set_push_function() is recommended
+ * since it introduces less overhead in the TLS handshake process.
+ *
+ * @vec_func is of the form,
+ * ssize_t (*gnutls_vec_push_func) (gnutls_transport_ptr_t, const giovec_t * iov, int iovcnt);
+ *
+ * Since: 2.12.0
+ **/
+void
+gnutls_transport_set_vec_push_function(gnutls_session_t session,
+				       gnutls_vec_push_func vec_func)
+{
+	session->internals.push_func = NULL;
+	session->internals.vec_push_func = vec_func;
+}
+
+/**
+ * gnutls_transport_set_errno_function:
+ * @session: is a #gnutls_session_t type.
+ * @errno_func: a callback function similar to write()
+ *
+ * This is the function where you set a function to retrieve errno
+ * after a failed push or pull operation.
+ *
+ * @errno_func is of the form,
+ * int (*gnutls_errno_func)(gnutls_transport_ptr_t);
+ * and should return the errno.
+ *
+ * Since: 2.12.0
+ **/
+void
+gnutls_transport_set_errno_function(gnutls_session_t session,
+				    gnutls_errno_func errno_func)
+{
+	session->internals.errno_func = errno_func;
+}
diff --git a/lib/tls-sig.c b/lib/tls-sig.c
new file mode 100644
index 0000000..84fd57d
--- /dev/null
+++ b/lib/tls-sig.c
@@ -0,0 +1,841 @@
+/*
+ * Copyright (C) 2001-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <x509_b64.h>
+#include <auth/cert.h>
+#include <algorithms.h>
+#include <datum.h>
+#include <mpi.h>
+#include <global.h>
+#include <pk.h>
+#include <debug.h>
+#include <buffers.h>
+#include <tls-sig.h>
+#include <kx.h>
+#include <libtasn1.h>
+#include <ext/signature.h>
+#include <state.h>
+#include <x509/common.h>
+#include <abstract_int.h>
+
+int _gnutls_check_key_usage_for_sig(gnutls_session_t session, unsigned key_usage, unsigned our_cert)
+{
+	const char *lstr;
+	unsigned allow_key_usage_violation;
+
+	if (our_cert) {
+		lstr = "Local";
+		allow_key_usage_violation = session->internals.priorities->allow_server_key_usage_violation;
+	} else {
+		lstr = "Peer's";
+		allow_key_usage_violation = session->internals.allow_key_usage_violation;
+	}
+
+	if (key_usage != 0) {
+		if (!(key_usage & GNUTLS_KEY_DIGITAL_SIGNATURE)) {
+			gnutls_assert();
+			if (likely(allow_key_usage_violation == 0)) {
+				_gnutls_audit_log(session,
+					  "%s certificate does not allow digital signatures. Key usage violation detected.\n", lstr);
+				return GNUTLS_E_KEY_USAGE_VIOLATION;
+			} else {
+				_gnutls_audit_log(session,
+					  "%s certificate does not allow digital signatures. Key usage violation detected (ignored).\n", lstr);
+			}
+		}
+	}
+	return 0;
+}
+
+/* Generates a signature of all the random data and the parameters.
+ * Used in *DHE_* ciphersuites for TLS 1.2.
+ */
+static int
+_gnutls_handshake_sign_data12(gnutls_session_t session,
+			    gnutls_pcert_st * cert, gnutls_privkey_t pkey,
+			    gnutls_datum_t * params,
+			    gnutls_datum_t * signature,
+			    gnutls_sign_algorithm_t sign_algo)
+{
+	gnutls_datum_t dconcat;
+	int ret;
+
+	_gnutls_handshake_log
+	    ("HSK[%p]: signing TLS 1.2 handshake data: using %s\n", session,
+	     gnutls_sign_algorithm_get_name(sign_algo));
+
+	if (unlikely(gnutls_sign_supports_pk_algorithm(sign_algo, pkey->pk_algorithm) == 0))
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	dconcat.size = GNUTLS_RANDOM_SIZE*2 + params->size;
+	dconcat.data = gnutls_malloc(dconcat.size);
+	if (dconcat.data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	memcpy(dconcat.data, session->security_parameters.client_random, GNUTLS_RANDOM_SIZE);
+	memcpy(dconcat.data+GNUTLS_RANDOM_SIZE, session->security_parameters.server_random, GNUTLS_RANDOM_SIZE);
+	memcpy(dconcat.data+GNUTLS_RANDOM_SIZE*2, params->data, params->size);
+
+	ret = gnutls_privkey_sign_data2(pkey, sign_algo,
+					0, &dconcat, signature);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+	gnutls_free(dconcat.data);
+
+	return ret;
+
+}
+
+static int
+_gnutls_handshake_sign_data10(gnutls_session_t session,
+			    gnutls_pcert_st * cert, gnutls_privkey_t pkey,
+			    gnutls_datum_t * params,
+			    gnutls_datum_t * signature,
+			    gnutls_sign_algorithm_t sign_algo)
+{
+	gnutls_datum_t dconcat;
+	int ret;
+	digest_hd_st td_sha;
+	uint8_t concat[MAX_SIG_SIZE];
+	const mac_entry_st *me;
+	gnutls_pk_algorithm_t pk_algo;
+
+	pk_algo = gnutls_privkey_get_pk_algorithm(pkey, NULL);
+	if (pk_algo == GNUTLS_PK_RSA)
+		me = hash_to_entry(GNUTLS_DIG_MD5_SHA1);
+	else
+		me = hash_to_entry(
+				gnutls_sign_get_hash_algorithm(sign_algo));
+	if (me == NULL)
+		return gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM);
+
+	if (unlikely(gnutls_sign_supports_pk_algorithm(sign_algo, pk_algo) == 0))
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	pk_algo = gnutls_sign_get_pk_algorithm(sign_algo);
+	if (pk_algo == GNUTLS_PK_UNKNOWN)
+		return gnutls_assert_val(GNUTLS_E_UNKNOWN_PK_ALGORITHM);
+
+	_gnutls_handshake_log
+	    ("HSK[%p]: signing handshake data: using %s\n", session,
+	     gnutls_sign_algorithm_get_name(sign_algo));
+
+	ret = _gnutls_hash_init(&td_sha, me);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	_gnutls_hash(&td_sha, session->security_parameters.client_random,
+		     GNUTLS_RANDOM_SIZE);
+	_gnutls_hash(&td_sha, session->security_parameters.server_random,
+		     GNUTLS_RANDOM_SIZE);
+	_gnutls_hash(&td_sha, params->data, params->size);
+
+	_gnutls_hash_deinit(&td_sha, concat);
+
+	dconcat.data = concat;
+	dconcat.size = _gnutls_hash_get_algo_len(me);
+
+	ret = gnutls_privkey_sign_hash(pkey, MAC_TO_DIG(me->id), GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA,
+				       &dconcat, signature);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+	return ret;
+}
+
+/* Generates a signature of all the random data and the parameters.
+ * Used in DHE_* ciphersuites.
+ */
+int
+_gnutls_handshake_sign_data(gnutls_session_t session,
+			    gnutls_pcert_st * cert, gnutls_privkey_t pkey,
+			    gnutls_datum_t * params,
+			    gnutls_datum_t * signature,
+			    gnutls_sign_algorithm_t * sign_algo)
+{
+	const version_entry_st *ver = get_version(session);
+	unsigned key_usage = 0;
+	int ret;
+
+	*sign_algo = session->security_parameters.server_sign_algo;
+	if (*sign_algo == GNUTLS_SIGN_UNKNOWN) {
+		gnutls_assert();
+		return GNUTLS_E_UNWANTED_ALGORITHM;
+	}
+
+	gnutls_pubkey_get_key_usage(cert->pubkey, &key_usage);
+
+	ret = _gnutls_check_key_usage_for_sig(session, key_usage, 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (_gnutls_version_has_selectable_sighash(ver))
+		return _gnutls_handshake_sign_data12(session, cert, pkey, params, signature, *sign_algo);
+	else
+		return _gnutls_handshake_sign_data10(session, cert, pkey, params, signature, *sign_algo);
+}
+
+/* Generates a signature of all the random data and the parameters.
+ * Used in DHE_* ciphersuites.
+ */
+static int
+_gnutls_handshake_verify_data10(gnutls_session_t session,
+			      unsigned verify_flags,
+			      gnutls_pcert_st * cert,
+			      const gnutls_datum_t * params,
+			      gnutls_datum_t * signature,
+			      gnutls_sign_algorithm_t sign_algo)
+{
+	gnutls_datum_t dconcat;
+	int ret;
+	digest_hd_st td_sha;
+	uint8_t concat[MAX_SIG_SIZE];
+	gnutls_digest_algorithm_t hash_algo;
+	const mac_entry_st *me;
+	gnutls_pk_algorithm_t pk_algo;
+
+	pk_algo = gnutls_pubkey_get_pk_algorithm(cert->pubkey, NULL);
+	if (pk_algo == GNUTLS_PK_RSA) {
+		hash_algo = GNUTLS_DIG_MD5_SHA1;
+		verify_flags |= GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA;
+	} else {
+		hash_algo = GNUTLS_DIG_SHA1;
+		if (sign_algo == GNUTLS_SIGN_UNKNOWN) {
+			sign_algo = gnutls_pk_to_sign(pk_algo, hash_algo);
+		}
+	}
+
+	me = hash_to_entry(hash_algo);
+
+	ret = _gnutls_hash_init(&td_sha, me);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	_gnutls_hash(&td_sha, session->security_parameters.client_random,
+		     GNUTLS_RANDOM_SIZE);
+	_gnutls_hash(&td_sha, session->security_parameters.server_random,
+		     GNUTLS_RANDOM_SIZE);
+	_gnutls_hash(&td_sha, params->data, params->size);
+
+	_gnutls_hash_deinit(&td_sha, concat);
+
+	dconcat.data = concat;
+	dconcat.size = _gnutls_hash_get_algo_len(me);
+
+	ret = gnutls_pubkey_verify_hash2(cert->pubkey, sign_algo,
+					 GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1|verify_flags,
+					 &dconcat, signature);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return ret;
+}
+
+static int
+_gnutls_handshake_verify_data12(gnutls_session_t session,
+			      unsigned verify_flags,
+			      gnutls_pcert_st * cert,
+			      const gnutls_datum_t * params,
+			      gnutls_datum_t * signature,
+			      gnutls_sign_algorithm_t sign_algo)
+{
+	gnutls_datum_t dconcat;
+	int ret;
+	const version_entry_st *ver = get_version(session);
+	const gnutls_sign_entry_st *se = _gnutls_sign_to_entry(sign_algo);
+
+	_gnutls_handshake_log
+	    ("HSK[%p]: verify TLS 1.2 handshake data: using %s\n", session,
+	     se->name);
+
+	ret =
+	    _gnutls_pubkey_compatible_with_sig(session,
+					       cert->pubkey, ver,
+					       sign_algo);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (unlikely(sign_supports_cert_pk_algorithm(se, cert->pubkey->params.algo) == 0)) {
+		_gnutls_handshake_log("HSK[%p]: certificate of %s cannot be combined with %s sig\n",
+				      session, gnutls_pk_get_name(cert->pubkey->params.algo), se->name);
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	ret =
+	    _gnutls_session_sign_algo_enabled(session, sign_algo);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	dconcat.size = GNUTLS_RANDOM_SIZE*2+params->size;
+	dconcat.data = gnutls_malloc(dconcat.size);
+	if (dconcat.data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	memcpy(dconcat.data, session->security_parameters.client_random, GNUTLS_RANDOM_SIZE);
+	memcpy(dconcat.data+GNUTLS_RANDOM_SIZE, session->security_parameters.server_random, GNUTLS_RANDOM_SIZE);
+	memcpy(dconcat.data+GNUTLS_RANDOM_SIZE*2, params->data, params->size);
+
+	ret = gnutls_pubkey_verify_data2(cert->pubkey, sign_algo, verify_flags,
+					 &dconcat, signature);
+	if (ret < 0)
+		gnutls_assert();
+
+	gnutls_free(dconcat.data);
+
+	return ret;
+}
+
+int
+_gnutls_handshake_verify_data(gnutls_session_t session,
+			      unsigned verify_flags,
+			      gnutls_pcert_st * cert,
+			      const gnutls_datum_t * params,
+			      gnutls_datum_t * signature,
+			      gnutls_sign_algorithm_t sign_algo)
+{
+	unsigned key_usage;
+	int ret;
+	const version_entry_st *ver = get_version(session);
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_CERTIFICATE_ERROR;
+	}
+
+	gnutls_pubkey_get_key_usage(cert->pubkey, &key_usage);
+
+	ret = _gnutls_check_key_usage_for_sig(session, key_usage, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	gnutls_sign_algorithm_set_server(session, sign_algo);
+
+	if (_gnutls_version_has_selectable_sighash(ver))
+		return _gnutls_handshake_verify_data12(session, verify_flags, cert, params, signature, sign_algo);
+	else
+		return _gnutls_handshake_verify_data10(session, verify_flags, cert, params, signature, sign_algo);
+}
+
+
+/* Client certificate verify calculations
+ */
+
+static void
+_gnutls_reverse_datum(gnutls_datum_t * d)
+{
+	unsigned i;
+
+	for (i = 0; i < d->size / 2; i ++) {
+		uint8_t t = d->data[i];
+		d->data[i] = d->data[d->size - 1 - i];
+		d->data[d->size - 1 - i] = t;
+	}
+}
+
+static int
+_gnutls_create_reverse(const gnutls_datum_t *src, gnutls_datum_t *dst)
+{
+	unsigned int i;
+
+	dst->size = src->size;
+	dst->data = gnutls_malloc(dst->size);
+	if (!dst->data)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	for (i = 0; i < dst->size; i++)
+		dst->data[i] = src->data[dst->size - 1 - i];
+
+	return 0;
+}
+
+/* this is _gnutls_handshake_verify_crt_vrfy for TLS 1.2
+ */
+static int
+_gnutls_handshake_verify_crt_vrfy12(gnutls_session_t session,
+				    unsigned verify_flags,
+				    gnutls_pcert_st * cert,
+				    gnutls_datum_t * signature,
+				    gnutls_sign_algorithm_t sign_algo)
+{
+	int ret;
+	gnutls_datum_t dconcat;
+	const gnutls_sign_entry_st *se = _gnutls_sign_to_entry(sign_algo);
+	gnutls_datum_t sig_rev = {NULL, 0};
+
+	ret = _gnutls_session_sign_algo_enabled(session, sign_algo);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (unlikely(sign_supports_cert_pk_algorithm(se, cert->pubkey->params.algo) == 0)) {
+		_gnutls_handshake_log("HSK[%p]: certificate of %s cannot be combined with %s sig\n",
+				      session, gnutls_pk_get_name(cert->pubkey->params.algo), se->name);
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	if (se->flags & GNUTLS_SIGN_FLAG_CRT_VRFY_REVERSE) {
+		ret = _gnutls_create_reverse(signature, &sig_rev);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	dconcat.data = session->internals.handshake_hash_buffer.data;
+	dconcat.size = session->internals.handshake_hash_buffer_prev_len;
+
+	/* Here we intentionally enable flag GNUTLS_VERIFY_ALLOW_BROKEN
+	 * because we have checked whether the currently used signature
+	 * algorithm is allowed in the session. */
+	ret = gnutls_pubkey_verify_data2(cert->pubkey, sign_algo, verify_flags|GNUTLS_VERIFY_ALLOW_BROKEN,
+					 &dconcat,
+					 sig_rev.data ? &sig_rev : signature);
+	_gnutls_free_datum(&sig_rev);
+	if (ret < 0)
+		gnutls_assert();
+
+	return ret;
+
+}
+
+/* Verifies a SSL 3.0 signature (like the one in the client certificate
+ * verify message).
+ */
+#ifdef ENABLE_SSL3
+static int
+_gnutls_handshake_verify_crt_vrfy3(gnutls_session_t session,
+				   unsigned verify_flags,
+				   gnutls_pcert_st * cert,
+				   gnutls_datum_t * signature,
+				   gnutls_sign_algorithm_t sign_algo)
+{
+	int ret;
+	uint8_t concat[MAX_SIG_SIZE];
+	digest_hd_st td_sha;
+	gnutls_datum_t dconcat;
+	gnutls_pk_algorithm_t pk =
+	    gnutls_pubkey_get_pk_algorithm(cert->pubkey, NULL);
+
+	ret = _gnutls_generate_master(session, 1);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	dconcat.data = concat;
+	dconcat.size = 0;
+
+	if (pk == GNUTLS_PK_RSA) {
+		digest_hd_st td_md5;
+
+		ret = _gnutls_hash_init(&td_md5,
+					hash_to_entry(GNUTLS_DIG_MD5));
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		_gnutls_hash(&td_md5,
+				session->internals.handshake_hash_buffer.data,
+				session->internals.handshake_hash_buffer_prev_len);
+
+		ret = _gnutls_mac_deinit_ssl3_handshake(&td_md5, concat,
+						session->security_parameters.
+						master_secret,
+						GNUTLS_MASTER_SIZE);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		verify_flags |= GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA;
+		dconcat.size = 16;
+	}
+
+	ret = _gnutls_hash_init(&td_sha, hash_to_entry(GNUTLS_DIG_SHA1));
+	if (ret < 0) {
+		gnutls_assert();
+		return GNUTLS_E_HASH_FAILED;
+	}
+
+	_gnutls_hash(&td_sha,
+		     session->internals.handshake_hash_buffer.data,
+		     session->internals.handshake_hash_buffer_prev_len);
+
+	ret =
+	    _gnutls_mac_deinit_ssl3_handshake(&td_sha,
+					      dconcat.data + dconcat.size,
+					      session->security_parameters.
+					      master_secret,
+					      GNUTLS_MASTER_SIZE);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	dconcat.size += 20;
+
+	ret = gnutls_pubkey_verify_hash2(cert->pubkey, GNUTLS_SIGN_UNKNOWN,
+					 GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1|verify_flags,
+					 &dconcat, signature);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return ret;
+}
+#endif
+
+static int
+_gnutls_handshake_verify_crt_vrfy10(gnutls_session_t session,
+				    unsigned verify_flags,
+				    gnutls_pcert_st * cert,
+				    gnutls_datum_t * signature,
+				    gnutls_sign_algorithm_t sign_algo)
+{
+	int ret;
+	uint8_t concat[MAX_SIG_SIZE];
+	digest_hd_st td_sha;
+	gnutls_datum_t dconcat;
+	gnutls_pk_algorithm_t pk_algo;
+	const mac_entry_st *me;
+
+	/* TLS 1.0 and TLS 1.1 */
+	pk_algo = gnutls_pubkey_get_pk_algorithm(cert->pubkey, NULL);
+	if (pk_algo == GNUTLS_PK_RSA) {
+		me = hash_to_entry(GNUTLS_DIG_MD5_SHA1);
+		verify_flags |= GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA;
+		sign_algo = GNUTLS_SIGN_UNKNOWN;
+	} else {
+		me = hash_to_entry(GNUTLS_DIG_SHA1);
+		sign_algo = gnutls_pk_to_sign(pk_algo, GNUTLS_DIG_SHA1);
+	}
+	ret = _gnutls_hash_init(&td_sha, me);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	_gnutls_hash(&td_sha,
+		     session->internals.handshake_hash_buffer.data,
+		     session->internals.handshake_hash_buffer_prev_len);
+
+	_gnutls_hash_deinit(&td_sha, concat);
+
+	dconcat.data = concat;
+	dconcat.size = _gnutls_hash_get_algo_len(me);
+
+	ret = gnutls_pubkey_verify_hash2(cert->pubkey, sign_algo,
+					 GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1|verify_flags,
+					 &dconcat, signature);
+	if (ret < 0)
+		gnutls_assert();
+
+	return ret;
+}
+
+/* Verifies a TLS signature (like the one in the client certificate
+ * verify message). 
+ */
+int
+_gnutls_handshake_verify_crt_vrfy(gnutls_session_t session,
+				  unsigned verify_flags,
+				  gnutls_pcert_st * cert,
+				  gnutls_datum_t * signature,
+				  gnutls_sign_algorithm_t sign_algo)
+{
+	int ret;
+	const version_entry_st *ver = get_version(session);
+	unsigned key_usage;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_CERTIFICATE_ERROR;
+	}
+
+	gnutls_pubkey_get_key_usage(cert->pubkey, &key_usage);
+
+	ret = _gnutls_check_key_usage_for_sig(session, key_usage, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_handshake_log("HSK[%p]: verify cert vrfy: using %s\n",
+			      session,
+			      gnutls_sign_algorithm_get_name(sign_algo));
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	gnutls_sign_algorithm_set_client(session, sign_algo);
+
+	/* TLS 1.2 */
+	if (_gnutls_version_has_selectable_sighash(ver))
+		return _gnutls_handshake_verify_crt_vrfy12(session, 
+							   verify_flags,
+							   cert,
+							   signature,
+							   sign_algo);
+#ifdef ENABLE_SSL3
+	if (ver->id == GNUTLS_SSL3)
+		return _gnutls_handshake_verify_crt_vrfy3(session,
+							  verify_flags,
+							  cert,
+							  signature,
+							  sign_algo);
+#endif
+
+	/* TLS 1.0 and TLS 1.1 */
+	return _gnutls_handshake_verify_crt_vrfy10(session,
+						   verify_flags,
+						   cert,
+						   signature,
+						   sign_algo);
+}
+
+/* the same as _gnutls_handshake_sign_crt_vrfy except that it is made for TLS 1.2.
+ * Returns the used signature algorithm, or a negative error code.
+ */
+static int
+_gnutls_handshake_sign_crt_vrfy12(gnutls_session_t session,
+				  gnutls_pcert_st * cert,
+				  gnutls_privkey_t pkey,
+				  gnutls_datum_t * signature)
+{
+	gnutls_datum_t dconcat;
+	gnutls_sign_algorithm_t sign_algo;
+	const gnutls_sign_entry_st *se;
+	int ret;
+
+	sign_algo = _gnutls_session_get_sign_algo(session, cert, pkey, 1, GNUTLS_KX_UNKNOWN);
+	if (sign_algo == GNUTLS_SIGN_UNKNOWN) {
+		gnutls_assert();
+		return GNUTLS_E_UNWANTED_ALGORITHM;
+	}
+
+	se = _gnutls_sign_to_entry(sign_algo);
+	if (se == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	gnutls_sign_algorithm_set_client(session, sign_algo);
+
+	if (unlikely(gnutls_sign_supports_pk_algorithm(sign_algo, pkey->pk_algorithm) == 0))
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	_gnutls_debug_log("sign handshake cert vrfy: picked %s\n",
+			  gnutls_sign_algorithm_get_name(sign_algo));
+
+	dconcat.data = session->internals.handshake_hash_buffer.data;
+	dconcat.size = session->internals.handshake_hash_buffer.length;
+
+	ret = gnutls_privkey_sign_data2(pkey, sign_algo,
+					0, &dconcat, signature);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (se->flags & GNUTLS_SIGN_FLAG_CRT_VRFY_REVERSE)
+		_gnutls_reverse_datum(signature);
+
+	return sign_algo;
+}
+
+#ifdef ENABLE_SSL3
+static int
+_gnutls_handshake_sign_crt_vrfy3(gnutls_session_t session,
+				 gnutls_pcert_st * cert,
+				 const version_entry_st *ver,
+				 gnutls_privkey_t pkey,
+				 gnutls_datum_t * signature)
+{
+	gnutls_datum_t dconcat;
+	int ret;
+	uint8_t concat[MAX_SIG_SIZE];
+	digest_hd_st td_sha;
+	gnutls_pk_algorithm_t pk =
+	    gnutls_privkey_get_pk_algorithm(pkey, NULL);
+
+	/* ensure 1024 bit DSA keys are used */
+	ret =
+	    _gnutls_pubkey_compatible_with_sig(session, cert->pubkey, ver,
+					       GNUTLS_SIGN_UNKNOWN);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_generate_master(session, 1);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	dconcat.data = concat;
+	dconcat.size = 0;
+
+	if (pk == GNUTLS_PK_RSA) {
+		digest_hd_st td_md5;
+		ret =
+		    _gnutls_hash_init(&td_md5,
+				      hash_to_entry(GNUTLS_DIG_MD5));
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		_gnutls_hash(&td_md5,
+			     session->internals.handshake_hash_buffer.data,
+			     session->internals.handshake_hash_buffer.
+			     length);
+
+		ret = _gnutls_mac_deinit_ssl3_handshake(&td_md5,
+							dconcat.data,
+							session->security_parameters.
+							master_secret,
+							GNUTLS_MASTER_SIZE);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		dconcat.size = 16;
+	}
+
+	ret = _gnutls_hash_init(&td_sha, hash_to_entry(GNUTLS_DIG_SHA1));
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	_gnutls_hash(&td_sha,
+		     session->internals.handshake_hash_buffer.data,
+		     session->internals.handshake_hash_buffer.length);
+	ret =
+		_gnutls_mac_deinit_ssl3_handshake(&td_sha,
+				dconcat.data + dconcat.size,
+				session->security_parameters.
+				master_secret,
+				GNUTLS_MASTER_SIZE);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	dconcat.size += 20;
+
+	ret = gnutls_privkey_sign_hash(pkey, GNUTLS_DIG_SHA1,
+				       GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA,
+				       &dconcat, signature);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return GNUTLS_SIGN_UNKNOWN;
+}
+#endif
+
+static int
+_gnutls_handshake_sign_crt_vrfy10(gnutls_session_t session,
+				  gnutls_pcert_st * cert,
+				  const version_entry_st *ver,
+				  gnutls_privkey_t pkey,
+				  gnutls_datum_t * signature)
+{
+	gnutls_datum_t dconcat;
+	int ret;
+	uint8_t concat[MAX_SIG_SIZE];
+	digest_hd_st td_sha;
+	gnutls_pk_algorithm_t pk =
+	    gnutls_privkey_get_pk_algorithm(pkey, NULL);
+	const mac_entry_st *me;
+
+	/* ensure 1024 bit DSA keys are used */
+	ret =
+	    _gnutls_pubkey_compatible_with_sig(session, cert->pubkey, ver,
+					       GNUTLS_SIGN_UNKNOWN);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (pk == GNUTLS_PK_RSA)
+		me = hash_to_entry(GNUTLS_DIG_MD5_SHA1);
+	else
+		me = hash_to_entry(GNUTLS_DIG_SHA1);
+
+	ret = _gnutls_hash_init(&td_sha, me);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	_gnutls_hash(&td_sha,
+		     session->internals.handshake_hash_buffer.data,
+		     session->internals.handshake_hash_buffer.length);
+
+	_gnutls_hash_deinit(&td_sha, concat);
+
+	dconcat.data = concat;
+	dconcat.size = _gnutls_hash_get_algo_len(me);
+
+	ret = gnutls_privkey_sign_hash(pkey, MAC_TO_DIG(me->id), GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA,
+				       &dconcat, signature);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return GNUTLS_SIGN_UNKNOWN;
+}
+
+/* Generates a signature of all the previous sent packets in the
+ * handshake procedure.
+ * 20040227: now it works for SSL 3.0 as well
+ * 20091031: works for TLS 1.2 too!
+ *
+ * For TLS1.x, x<2 returns negative for failure and zero or unspecified for success.
+ * For TLS1.2 returns the signature algorithm used on success, or a negative error code;
+ *
+ * Returns the used signature algorithm, or a negative error code.
+ */
+int
+_gnutls_handshake_sign_crt_vrfy(gnutls_session_t session,
+				gnutls_pcert_st * cert,
+				gnutls_privkey_t pkey,
+				gnutls_datum_t * signature)
+{
+	int ret;
+	const version_entry_st *ver = get_version(session);
+	unsigned key_usage = 0;
+
+	if (unlikely(ver == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	gnutls_pubkey_get_key_usage(cert->pubkey, &key_usage);
+
+	ret = _gnutls_check_key_usage_for_sig(session, key_usage, 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* TLS 1.2 */
+	if (_gnutls_version_has_selectable_sighash(ver))
+		return _gnutls_handshake_sign_crt_vrfy12(session, cert,
+							 pkey, signature);
+
+	/* TLS 1.1 or earlier */
+#ifdef ENABLE_SSL3
+	if (ver->id == GNUTLS_SSL3)
+		return _gnutls_handshake_sign_crt_vrfy3(session, cert, ver,
+							pkey, signature);
+#endif
+
+	return _gnutls_handshake_sign_crt_vrfy10(session, cert, ver,
+						 pkey, signature);
+}
diff --git a/lib/tls-sig.h b/lib/tls-sig.h
new file mode 100644
index 0000000..e2635ee
--- /dev/null
+++ b/lib/tls-sig.h
@@ -0,0 +1,63 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_TLS_SIG_H
+#define GNUTLS_LIB_TLS_SIG_H
+
+#include <gnutls/abstract.h>
+
+/* While this is currently equal to the length of RSA/SHA512
+ * signature, it should also be sufficient for DSS signature and any
+ * other RSA signatures including one with the old MD5/SHA1-combined
+ * format.
+ */
+#define MAX_SIG_SIZE (19 + MAX_HASH_SIZE)
+
+int _gnutls_check_key_usage_for_sig(gnutls_session_t session, unsigned key_usage,
+				    unsigned our_cert);
+
+int _gnutls_handshake_sign_crt_vrfy(gnutls_session_t session,
+				    gnutls_pcert_st * cert,
+				    gnutls_privkey_t pkey,
+				    gnutls_datum_t * signature);
+
+int _gnutls_handshake_sign_data(gnutls_session_t session,
+				gnutls_pcert_st * cert,
+				gnutls_privkey_t pkey,
+				gnutls_datum_t * params,
+				gnutls_datum_t * signature,
+				gnutls_sign_algorithm_t * algo);
+
+int _gnutls_handshake_verify_crt_vrfy(gnutls_session_t session,
+				      unsigned verify_flags,
+				      gnutls_pcert_st * cert,
+				      gnutls_datum_t * signature,
+				      gnutls_sign_algorithm_t);
+
+int _gnutls_handshake_verify_data(gnutls_session_t session,
+				  unsigned verify_flags,
+				  gnutls_pcert_st * cert,
+				  const gnutls_datum_t * params,
+				  gnutls_datum_t * signature,
+				  gnutls_sign_algorithm_t algo);
+
+#endif /* GNUTLS_LIB_TLS_SIG_H */
diff --git a/lib/tls13-sig.c b/lib/tls13-sig.c
new file mode 100644
index 0000000..3b193d7
--- /dev/null
+++ b/lib/tls13-sig.c
@@ -0,0 +1,218 @@
+/*
+ * Copyright (C) 2017-2019 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <auth/cert.h>
+#include <algorithms.h>
+#include <ext/signature.h>
+#include <abstract_int.h>
+#include "tls13-sig.h"
+#include "tls-sig.h"
+#include "hash_int.h"
+
+#undef PREFIX_SIZE
+#define PREFIX_SIZE 64
+#if PREFIX_SIZE < MAX_HASH_SIZE
+/* we assume later that prefix is sufficient to store hash output */
+# error Need to modify code
+#endif
+
+int
+_gnutls13_handshake_verify_data(gnutls_session_t session,
+			      unsigned verify_flags,
+			      gnutls_pcert_st *cert,
+			      const gnutls_datum_t *context,
+			      const gnutls_datum_t *signature,
+			      const gnutls_sign_entry_st *se)
+{
+	int ret;
+	const version_entry_st *ver = get_version(session);
+	gnutls_buffer_st buf;
+	uint8_t prefix[PREFIX_SIZE];
+	unsigned key_usage = 0;
+	gnutls_datum_t p;
+
+	_gnutls_handshake_log
+	    ("HSK[%p]: verifying TLS 1.3 handshake data using %s\n", session,
+	     se->name);
+
+	ret =
+	    _gnutls_pubkey_compatible_with_sig(session,
+					       cert->pubkey, ver,
+					       se->id);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (unlikely(sign_supports_cert_pk_algorithm(se, cert->pubkey->params.algo) == 0)) {
+		_gnutls_handshake_log("HSK[%p]: certificate of %s cannot be combined with %s sig\n",
+				      session, gnutls_pk_get_name(cert->pubkey->params.algo), se->name);
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	ret =
+	    _gnutls_session_sign_algo_enabled(session, se->id);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	if ((se->flags & GNUTLS_SIGN_FLAG_TLS13_OK) == 0) /* explicitly prohibited */
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	gnutls_pubkey_get_key_usage(cert->pubkey, &key_usage);
+
+	ret = _gnutls_check_key_usage_for_sig(session, key_usage, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_buffer_init(&buf);
+
+	memset(prefix, 0x20, sizeof(prefix));
+	ret = _gnutls_buffer_append_data(&buf, prefix, sizeof(prefix));
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_buffer_append_data(&buf, context->data, context->size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_buffer_append_data(&buf, "\x00", 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_hash_fast(MAC_TO_DIG(session->security_parameters.prf->id),
+			       session->internals.handshake_hash_buffer.data,
+			       session->internals.handshake_hash_buffer_prev_len,
+			       prefix);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_buffer_append_data(&buf, prefix, session->security_parameters.prf->output_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	p.data = buf.data;
+	p.size = buf.length;
+
+	verify_flags |= GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH;
+	ret = gnutls_pubkey_verify_data2(cert->pubkey, se->id, verify_flags, &p,
+					 signature);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	_gnutls_buffer_clear(&buf);
+
+	return ret;
+}
+
+int
+_gnutls13_handshake_sign_data(gnutls_session_t session,
+			      gnutls_pcert_st * cert, gnutls_privkey_t pkey,
+			      const gnutls_datum_t *context,
+			      gnutls_datum_t * signature,
+			      const gnutls_sign_entry_st *se)
+{
+	gnutls_datum_t p;
+	int ret;
+	gnutls_buffer_st buf;
+	uint8_t tmp[MAX_HASH_SIZE];
+
+	if (unlikely(se == NULL || (se->flags & GNUTLS_SIGN_FLAG_TLS13_OK) == 0))
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	if (unlikely(sign_supports_priv_pk_algorithm(se, pkey->pk_algorithm) == 0))
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	/* when we reach here we know we have a signing certificate */
+	_gnutls_handshake_log
+	    ("HSK[%p]: signing TLS 1.3 handshake data: using %s and PRF: %s\n", session, se->name,
+	     session->security_parameters.prf->name);
+
+	_gnutls_buffer_init(&buf);
+
+	ret = _gnutls_buffer_resize(&buf, PREFIX_SIZE);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	memset(buf.data, 0x20, PREFIX_SIZE);
+	buf.length += PREFIX_SIZE;
+
+	ret = _gnutls_buffer_append_data(&buf, context->data, context->size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_buffer_append_data(&buf, "\x00", 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_hash_fast(MAC_TO_DIG(session->security_parameters.prf->id),
+			       session->internals.handshake_hash_buffer.data,
+			       session->internals.handshake_hash_buffer.length,
+			       tmp);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_buffer_append_data(&buf, tmp, session->security_parameters.prf->output_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	p.data = buf.data;
+	p.size = buf.length;
+
+	ret = gnutls_privkey_sign_data2(pkey, se->id,
+					GNUTLS_PRIVKEY_FLAG_RSA_PSS_FIXED_SALT_LENGTH,
+					&p, signature);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	_gnutls_buffer_clear(&buf);
+
+	return ret;
+
+}
diff --git a/lib/tls13-sig.h b/lib/tls13-sig.h
new file mode 100644
index 0000000..a638420
--- /dev/null
+++ b/lib/tls13-sig.h
@@ -0,0 +1,43 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_TLS13_SIG_H
+#define GNUTLS_LIB_TLS13_SIG_H
+
+#include "gnutls_int.h"
+
+int
+_gnutls13_handshake_verify_data(gnutls_session_t session,
+			        unsigned verify_flags,
+			        gnutls_pcert_st *cert,
+			        const gnutls_datum_t *context,
+			        const gnutls_datum_t *signature,
+			        const gnutls_sign_entry_st *se);
+
+int
+_gnutls13_handshake_sign_data(gnutls_session_t session,
+			      gnutls_pcert_st * cert, gnutls_privkey_t pkey,
+			      const gnutls_datum_t *context,
+			      gnutls_datum_t * signature,
+			      const gnutls_sign_entry_st *se);
+
+#endif /* GNUTLS_LIB_TLS13_SIG_H */
diff --git a/lib/tls13/anti_replay.c b/lib/tls13/anti_replay.c
new file mode 100644
index 0000000..f8333c5
--- /dev/null
+++ b/lib/tls13/anti_replay.c
@@ -0,0 +1,266 @@
+/*
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "db.h"
+#include "system.h"
+#include "tls13/anti_replay.h"
+
+/* The default time window in milliseconds; RFC8446 suggests the order
+ * of ten seconds is sufficient for the clients on the Internet. */
+#define DEFAULT_WINDOW_MS 10000
+
+struct gnutls_anti_replay_st {
+	uint32_t window;
+	struct timespec start_time;
+	gnutls_db_add_func db_add_func;
+	void *db_ptr;
+};
+
+/**
+ * gnutls_anti_replay_init:
+ * @anti_replay: is a pointer to #gnutls_anti_replay_t type
+ *
+ * This function will allocate and initialize the @anti_replay context
+ * to be usable for detect replay attacks. The context can then be
+ * attached to a @gnutls_session_t with
+ * gnutls_anti_replay_enable().
+ *
+ * Returns: Zero or a negative error code on error.
+ *
+ * Since: 3.6.5
+ **/
+int
+gnutls_anti_replay_init(gnutls_anti_replay_t *anti_replay)
+{
+	*anti_replay = gnutls_calloc(1, sizeof(struct gnutls_anti_replay_st));
+	if (!*anti_replay)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	(*anti_replay)->window = DEFAULT_WINDOW_MS;
+
+	gnutls_gettime(&(*anti_replay)->start_time);
+
+	return 0;
+}
+
+/**
+ * gnutls_anti_replay_set_window:
+ * @anti_replay: is a #gnutls_anti_replay_t type.
+ * @window: is the time window recording ClientHello, in milliseconds
+ *
+ * Sets the time window used for ClientHello recording.  In order to
+ * protect against replay attacks, the server records ClientHello
+ * messages within this time period from the last update, and
+ * considers it a replay when a ClientHello outside of the period; if
+ * a ClientHello arrives within this period, the server checks the
+ * database and detects duplicates.
+ *
+ * For the details of the algorithm, see RFC 8446, section 8.2.
+ *
+ * Since: 3.6.5
+ */
+void
+gnutls_anti_replay_set_window(gnutls_anti_replay_t anti_replay,
+			      unsigned int window)
+{
+	anti_replay->window = window;
+}
+
+/**
+ * gnutls_anti_replay_deinit:
+ * @anti_replay: is a #gnutls_anti_replay type
+ *
+ * This function will deinitialize all resources occupied by the given
+ * anti-replay context.
+ *
+ * Since: 3.6.5
+ **/
+void
+gnutls_anti_replay_deinit(gnutls_anti_replay_t anti_replay)
+{
+	gnutls_free(anti_replay);
+}
+
+/**
+ * gnutls_anti_replay_enable:
+ * @session: is a #gnutls_session_t type.
+ * @anti_replay: is a #gnutls_anti_replay_t type.
+ *
+ * Request that the server should use anti-replay mechanism.
+ *
+ * Since: 3.6.5
+ **/
+void
+gnutls_anti_replay_enable(gnutls_session_t session,
+			  gnutls_anti_replay_t anti_replay)
+{
+	if (unlikely(session->security_parameters.entity != GNUTLS_SERVER)) {
+		gnutls_assert();
+		return;
+	}
+
+	session->internals.anti_replay = anti_replay;
+}
+
+int
+_gnutls_anti_replay_check(gnutls_anti_replay_t anti_replay,
+			  uint32_t client_ticket_age,
+			  struct timespec *ticket_creation_time,
+			  gnutls_datum_t *id)
+{
+	struct timespec now;
+	time_t window;
+	uint32_t server_ticket_age, diff;
+	gnutls_datum_t key = { NULL, 0 };
+	gnutls_datum_t entry = { NULL, 0 };
+	unsigned char key_buffer[MAX_HASH_SIZE + 12];
+	unsigned char entry_buffer[12]; /* magic + timestamp + expire_time */
+	unsigned char *p;
+	int ret;
+
+	if (unlikely(id->size > MAX_HASH_SIZE))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	gnutls_gettime(&now);
+	server_ticket_age = timespec_sub_ms(&now, ticket_creation_time);
+
+	/* It shouldn't be possible that the server's view of ticket
+	 * age is smaller than the client's view.
+	 */
+	if (unlikely(server_ticket_age < client_ticket_age))
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+	/* If ticket is created before recording has started, discard
+	 * reject early data.
+	 */
+	if (_gnutls_timespec_cmp(ticket_creation_time,
+				 &anti_replay->start_time) < 0) {
+		_gnutls_handshake_log("anti_replay: ticket is created before recording has started\n");
+		return gnutls_assert_val(GNUTLS_E_EARLY_DATA_REJECTED);
+	}
+
+	/* If certain amount of time (window) has elapsed, rollover
+	 * the recording.
+	 */
+	diff = timespec_sub_ms(&now, &anti_replay->start_time);
+	if (diff > anti_replay->window)
+		gnutls_gettime(&anti_replay->start_time);
+
+	/* If expected_arrival_time is out of window, reject early
+	 * data.
+	 */
+	if (server_ticket_age - client_ticket_age > anti_replay->window) {
+		_gnutls_handshake_log("anti_replay: server ticket age: %u, client ticket age: %u\n",
+				      server_ticket_age,
+				      client_ticket_age);
+		return gnutls_assert_val(GNUTLS_E_EARLY_DATA_REJECTED);
+	}
+
+	/* Check if the ClientHello is stored in the database.
+	 */
+	if (!anti_replay->db_add_func)
+		return gnutls_assert_val(GNUTLS_E_EARLY_DATA_REJECTED);
+
+	/* Create a key for database lookup, prefixing window start
+	 * time to ID.  Note that this shouldn't clash with session ID
+	 * used in TLS 1.2, because such IDs are 32 octets, while here
+	 * the key becomes 44+ octets.
+	 */
+	p = key_buffer;
+	_gnutls_write_uint32((uint64_t) anti_replay->start_time.tv_sec >> 32, p);
+	p += 4;
+	_gnutls_write_uint32(anti_replay->start_time.tv_sec & 0xFFFFFFFF, p);
+	p += 4;
+	_gnutls_write_uint32(anti_replay->start_time.tv_nsec, p);
+	p += 4;
+	memcpy(p, id->data, id->size);
+	p += id->size;
+	key.data = key_buffer;
+	key.size = p - key_buffer;
+
+	/* Create an entry to be stored on database if the lookup
+	 * failed.  This is formatted so that
+	 * gnutls_db_check_entry_expire_time() work.
+	 */
+	p = entry_buffer;
+	_gnutls_write_uint32(PACKED_SESSION_MAGIC, p);
+	p += 4;
+	_gnutls_write_uint32(now.tv_sec, p);
+	p += 4;
+	window = anti_replay->window / 1000;
+	_gnutls_write_uint32(window, p);
+	p += 4;
+	entry.data = entry_buffer;
+	entry.size = p - entry_buffer;
+
+	ret = anti_replay->db_add_func(anti_replay->db_ptr,
+				       (uint64_t)now.tv_sec+(uint64_t)window, &key, &entry);
+	if (ret < 0) {
+		_gnutls_handshake_log("anti_replay: duplicate ClientHello found\n");
+		return gnutls_assert_val(GNUTLS_E_EARLY_DATA_REJECTED);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_anti_replay_set_ptr:
+ * @anti_replay: is a #gnutls_anti_replay_t type.
+ * @ptr: is the pointer
+ *
+ * Sets the pointer that will be provided to db add function
+ * as the first argument.
+ **/
+void gnutls_anti_replay_set_ptr(gnutls_anti_replay_t anti_replay, void *ptr)
+{
+	anti_replay->db_ptr = ptr;
+}
+
+/**
+ * gnutls_anti_replay_set_add_function:
+ * @anti_replay: is a #gnutls_anti_replay_t type.
+ * @add_func: is the function.
+ *
+ * Sets the function that will be used to store an entry if it is not
+ * already present in the resumed sessions database.  This function returns 0
+ * if the entry is successfully stored, and a negative error code
+ * otherwise.  In particular, if the entry is found in the database,
+ * it returns %GNUTLS_E_DB_ENTRY_EXISTS.
+ *
+ * The arguments to the @add_func are:
+ *  - %ptr: the pointer set with gnutls_anti_replay_set_ptr()
+ *  - %exp_time: the expiration time of the entry
+ *  - %key: a pointer to the key
+ *  - %data: a pointer to data to store
+ *
+ * The data set by this function can be examined using
+ * gnutls_db_check_entry_expire_time() and gnutls_db_check_entry_time().
+ *
+ * Since: 3.6.5
+ **/
+void
+gnutls_anti_replay_set_add_function(gnutls_anti_replay_t anti_replay,
+				    gnutls_db_add_func add_func)
+{
+	anti_replay->db_add_func = add_func;
+}
diff --git a/lib/tls13/anti_replay.h b/lib/tls13/anti_replay.h
new file mode 100644
index 0000000..87726c3
--- /dev/null
+++ b/lib/tls13/anti_replay.h
@@ -0,0 +1,31 @@
+/*
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_TLS13_ANTI_REPLAY_H
+#define GNUTLS_LIB_TLS13_ANTI_REPLAY_H
+
+int _gnutls_anti_replay_check(gnutls_anti_replay_t,
+			      uint32_t client_ticket_age,
+			      struct timespec *ticket_creation_time,
+			      gnutls_datum_t *id);
+
+#endif /* GNUTLS_LIB_TLS13_ANTI_REPLAY_H */
diff --git a/lib/tls13/certificate.c b/lib/tls13/certificate.c
new file mode 100644
index 0000000..9792629
--- /dev/null
+++ b/lib/tls13/certificate.c
@@ -0,0 +1,662 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "compress.h"
+#include "errors.h"
+#include "extv.h"
+#include "handshake.h"
+#include "tls13/certificate.h"
+#include "auth/cert.h"
+#include "mbuffers.h"
+#include "ext/compress_certificate.h"
+#include "ext/status_request.h"
+
+static int parse_cert_extension(void *ctx, unsigned tls_id, const uint8_t *data, unsigned data_size);
+static int parse_cert_list(gnutls_session_t session, uint8_t * data, size_t data_size);
+static int compress_certificate(gnutls_buffer_st * buf, unsigned cert_pos_mark,
+			        gnutls_compression_method_t comp_method);
+static int decompress_certificate(gnutls_buffer_st * buf);
+
+int _gnutls13_recv_certificate(gnutls_session_t session)
+{
+	int ret, err, decompress_cert = 0;
+	gnutls_buffer_st buf;
+	unsigned optional = 0;
+
+	if (!session->internals.initial_negotiation_completed &&
+	    session->internals.hsk_flags & HSK_PSK_SELECTED)
+		return 0;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER) {
+		/* if we didn't request a certificate, there will not be any */
+		if (session->internals.send_cert_req == 0)
+			return 0;
+
+		if (session->internals.send_cert_req != GNUTLS_CERT_REQUIRE)
+			optional = 1;
+	}
+
+	ret = _gnutls_recv_handshake(session, GNUTLS_HANDSHAKE_CERTIFICATE_PKT, 0, &buf);
+	if (ret == GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET) {
+		/* check if we received compressed certificate */
+		err = _gnutls_recv_handshake(session, GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, 0, &buf);
+		if (err >= 0) {
+			decompress_cert = 1;
+			ret = err;
+		}
+	}
+	if (ret < 0) {
+		if (ret == GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET && session->internals.send_cert_req)
+			return gnutls_assert_val(GNUTLS_E_NO_CERTIFICATE_FOUND);
+
+		return gnutls_assert_val(ret);
+	}
+
+	if (buf.length == 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+		goto cleanup;
+	}
+
+	if (decompress_cert) {
+		ret = decompress_certificate(&buf);
+		if (ret < 0) {
+			gnutls_assert();
+			gnutls_alert_send(session, GNUTLS_AL_FATAL, GNUTLS_A_BAD_CERTIFICATE);
+			goto cleanup;
+		}
+	}
+
+	if (session->internals.initial_negotiation_completed &&
+	    session->internals.post_handshake_cr_context.size > 0) {
+		gnutls_datum_t context;
+
+		/* verify whether the context matches */
+		ret = _gnutls_buffer_pop_datum_prefix8(&buf, &context);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		if (context.size != session->internals.post_handshake_cr_context.size ||
+		    memcmp(context.data, session->internals.post_handshake_cr_context.data,
+		           context.size) != 0) {
+			ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+			gnutls_assert();
+			goto cleanup;
+		}
+	} else {
+		if (buf.data[0] != 0) {
+			/* The context field must be empty during handshake */
+			gnutls_assert();
+			ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+			goto cleanup;
+		}
+
+		/* buf.length is positive */
+		buf.data++;
+		buf.length--;
+	}
+
+	_gnutls_handshake_log("HSK[%p]: parsing certificate message\n", session);
+
+	ret = parse_cert_list(session, buf.data, buf.length);
+	if (ret < 0) {
+		if (ret == GNUTLS_E_NO_CERTIFICATE_FOUND) {
+			if (optional)
+				ret = 0;
+			else if (session->security_parameters.entity ==
+				 GNUTLS_SERVER)
+				ret = GNUTLS_E_CERTIFICATE_REQUIRED;
+		}
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	session->internals.hsk_flags |= HSK_CRT_VRFY_EXPECTED;
+
+	ret = 0;
+cleanup:
+
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+struct ocsp_req_ctx_st {
+	gnutls_pcert_st *pcert;
+	unsigned cert_index;
+	gnutls_session_t session;
+	gnutls_certificate_credentials_t cred;
+};
+
+static
+int append_status_request(void *_ctx, gnutls_buffer_st *buf)
+{
+	struct ocsp_req_ctx_st *ctx = _ctx;
+	gnutls_session_t session = ctx->session;
+	int ret;
+	gnutls_datum_t resp;
+	unsigned free_resp = 0;
+
+	assert(session->internals.selected_ocsp_func != NULL ||
+	       session->internals.selected_ocsp_length != 0);
+
+	/* The global ocsp callback function can only be used to return
+	 * a single certificate request */
+	if (session->internals.selected_ocsp_length == 1 && ctx->cert_index != 0)
+		return 0;
+
+	if (session->internals.selected_ocsp_length > 0) {
+		if (ctx->cert_index < session->internals.selected_ocsp_length) {
+			if ((session->internals.selected_ocsp[ctx->cert_index].exptime != 0 &&
+			    gnutls_time(0) >= session->internals.selected_ocsp[ctx->cert_index].exptime) ||
+			    session->internals.selected_ocsp[ctx->cert_index].response.data == NULL) {
+				return 0;
+			}
+
+			resp.data = session->internals.selected_ocsp[ctx->cert_index].response.data;
+			resp.size = session->internals.selected_ocsp[ctx->cert_index].response.size;
+			ret = 0;
+		} else {
+			return 0;
+		}
+	} else if (session->internals.selected_ocsp_func) {
+		if (ctx->cert_index == 0) {
+			ret = session->internals.selected_ocsp_func(session, session->internals.selected_ocsp_func_ptr, &resp);
+			free_resp = 1;
+		} else {
+			return 0;
+		}
+	} else
+		return 0;
+
+	if (ret == GNUTLS_E_NO_CERTIFICATE_STATUS || resp.data == 0) {
+		return 0;
+	} else if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	ret = _gnutls_buffer_append_data(buf, "\x01", 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_buffer_append_data_prefix(buf, 24, resp.data, resp.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	if (free_resp)
+		gnutls_free(resp.data);
+	return ret;
+}
+
+int _gnutls13_send_certificate(gnutls_session_t session, unsigned again)
+{
+	int ret, compress_cert;
+	gnutls_pcert_st *apr_cert_list = NULL;
+	gnutls_privkey_t apr_pkey = NULL;
+	int apr_cert_list_length = 0;
+	mbuffer_st *bufel = NULL;
+	gnutls_buffer_st buf;
+	unsigned pos_mark, ext_pos_mark, cert_pos_mark;
+	unsigned i;
+	struct ocsp_req_ctx_st ctx;
+	gnutls_certificate_credentials_t cred;
+	gnutls_compression_method_t comp_method;
+	gnutls_handshake_description_t h_type;
+
+	comp_method = gnutls_compress_certificate_get_selected_method(session);
+	compress_cert = comp_method != GNUTLS_COMP_UNKNOWN;
+	h_type = compress_cert ? GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT
+			       : GNUTLS_HANDSHAKE_CERTIFICATE_PKT;
+
+	if (again == 0) {
+		if (!session->internals.initial_negotiation_completed &&
+		    session->internals.hsk_flags & HSK_PSK_SELECTED)
+			return 0;
+
+		if (session->security_parameters.entity == GNUTLS_SERVER &&
+		    session->internals.resumed)
+			return 0;
+
+		cred = (gnutls_certificate_credentials_t)
+		    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+		if (cred == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+		}
+
+		if (session->security_parameters.entity == GNUTLS_CLIENT &&
+		    !(session->internals.hsk_flags & HSK_CRT_ASKED)) {
+			return 0;
+		}
+
+		ret = _gnutls_get_selected_cert(session, &apr_cert_list,
+						&apr_cert_list_length, &apr_pkey);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		cert_pos_mark = buf.length;
+
+		if (session->security_parameters.entity == GNUTLS_CLIENT) {
+			ret = _gnutls_buffer_append_data_prefix(&buf, 8,
+								session->internals.post_handshake_cr_context.data,
+								session->internals.post_handshake_cr_context.size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+		} else {
+			ret = _gnutls_buffer_append_prefix(&buf, 8, 0);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+		}
+
+		/* mark total size */
+		pos_mark = buf.length;
+		ret = _gnutls_buffer_append_prefix(&buf, 24, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		for (i=0;i<(unsigned)apr_cert_list_length;i++) {
+			ret = _gnutls_buffer_append_data_prefix(&buf, 24,
+								apr_cert_list[i].cert.data,
+								apr_cert_list[i].cert.size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+#ifdef ENABLE_OCSP
+			if ((session->internals.selected_ocsp_length > 0 ||
+			     session->internals.selected_ocsp_func) &&
+			     (((session->internals.hsk_flags & HSK_OCSP_REQUESTED) && IS_SERVER(session)) ||
+			     ((session->internals.hsk_flags & HSK_CLIENT_OCSP_REQUESTED) && !IS_SERVER(session)))) {
+				/* append status response if available */
+				ret = _gnutls_extv_append_init(&buf);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+				ext_pos_mark = ret;
+
+				ctx.pcert = &apr_cert_list[i];
+				ctx.cert_index = i;
+				ctx.session = session;
+				ctx.cred = cred;
+				ret = _gnutls_extv_append(&buf, STATUS_REQUEST_TLS_ID,
+							  &ctx, append_status_request);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+
+				ret = _gnutls_extv_append_final(&buf, ext_pos_mark, 0);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+			} else
+#endif
+			{
+				ret = _gnutls_buffer_append_prefix(&buf, 16, 0);
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+			}
+		}
+
+		_gnutls_write_uint24(buf.length-pos_mark-3, &buf.data[pos_mark]);
+
+		if (compress_cert) {
+			ret = compress_certificate(&buf, cert_pos_mark, comp_method);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+		}
+
+		bufel = _gnutls_buffer_to_mbuffer(&buf);
+	}
+
+	return _gnutls_send_handshake(session, bufel, h_type);
+
+ cleanup:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+typedef struct crt_cert_ctx_st {
+	gnutls_session_t session;
+	gnutls_datum_t *ocsp;
+	unsigned idx;
+} crt_cert_ctx_st;
+
+static int parse_cert_extension(void *_ctx, unsigned tls_id, const uint8_t *data, unsigned data_size)
+{
+	crt_cert_ctx_st *ctx = _ctx;
+	gnutls_session_t session = ctx->session;
+	int ret;
+
+	if (tls_id == STATUS_REQUEST_TLS_ID) {
+#ifdef ENABLE_OCSP
+		if (!_gnutls_hello_ext_is_present(session, ext_mod_status_request.gid)) {
+			gnutls_assert();
+			goto unexpected;
+		}
+
+		_gnutls_handshake_log("Found OCSP response on cert %d\n", ctx->idx);
+
+		ret = _gnutls_parse_ocsp_response(session, data, data_size, ctx->ocsp);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+#endif
+	} else {
+		goto unexpected;
+	}
+
+	return 0;
+
+ unexpected:
+	_gnutls_debug_log("received unexpected certificate extension (%d)\n", (int)tls_id);
+	return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
+}
+
+static int
+parse_cert_list(gnutls_session_t session, uint8_t * data, size_t data_size)
+{
+	int ret;
+	size_t len;
+	uint8_t *p = data;
+	cert_auth_info_t info;
+	gnutls_certificate_credentials_t cred;
+	size_t size;
+	int i;
+	unsigned npeer_certs, npeer_ocsp, j;
+	crt_cert_ctx_st ctx;
+	gnutls_datum_t *peer_certs = NULL;
+	gnutls_datum_t *peer_ocsp = NULL;
+	unsigned nentries = 0;
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if ((ret =
+	     _gnutls_auth_info_init(session, GNUTLS_CRD_CERTIFICATE,
+				   sizeof(cert_auth_info_st), 1)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (data == NULL || data_size == 0) {
+		/* no certificate was sent */
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+	}
+
+	info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	if (info == NULL)
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+
+	DECR_LEN(data_size, 3);
+	size = _gnutls_read_uint24(p);
+	p += 3;
+
+	if (size != data_size)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	if (size == 0)
+		return gnutls_assert_val(GNUTLS_E_NO_CERTIFICATE_FOUND);
+
+	i = data_size;
+
+	while (i > 0) {
+		DECR_LEN(data_size, 3);
+		len = _gnutls_read_uint24(p);
+		if (len == 0)
+			return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+		DECR_LEN(data_size, len);
+		p += len + 3;
+		i -= len + 3;
+
+		DECR_LEN(data_size, 2);
+		len = _gnutls_read_uint16(p);
+		DECR_LEN(data_size, len);
+
+		i -= len + 2;
+		p += len + 2;
+
+		nentries++;
+	}
+
+	if (data_size != 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	/* this is unnecessary - keeping to avoid a regression due to a re-org
+	 * of the loop above */
+	if (nentries == 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	npeer_ocsp = 0;
+	npeer_certs = 0;
+
+	/* Ok we now allocate the memory to hold the
+	 * certificate list
+	 */
+	peer_certs = gnutls_calloc(nentries, sizeof(gnutls_datum_t));
+	if (peer_certs == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	peer_ocsp = gnutls_calloc(nentries, sizeof(gnutls_datum_t));
+	if (peer_ocsp == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		goto cleanup;
+	}
+
+	p = data+3;
+
+	/* Now we start parsing the list (again).
+	 * We don't use DECR_LEN since the list has
+	 * been parsed before.
+	 */
+
+	ctx.session = session;
+
+	for (j = 0; j < nentries; j++) {
+		len = _gnutls_read_uint24(p);
+		p += 3;
+
+		ret = _gnutls_set_datum(&peer_certs[j], p, len);
+		if (ret < 0) {
+			gnutls_assert();
+			ret = GNUTLS_E_CERTIFICATE_ERROR;
+			goto cleanup;
+		}
+		npeer_certs++;
+
+		p += len;
+
+		len = _gnutls_read_uint16(p);
+
+		ctx.ocsp = &peer_ocsp[j];
+		ctx.idx = j;
+
+		ret = _gnutls_extv_parse(&ctx, parse_cert_extension, p, len+2);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		p += len+2;
+		npeer_ocsp++;
+	}
+
+	/* The OCSP entries match the certificate entries, although
+	 * the contents of each OCSP entry may be NULL.
+	 */
+	for(j=0;j<info->ncerts;j++)
+		gnutls_free(info->raw_certificate_list[j].data);
+	gnutls_free(info->raw_certificate_list);
+
+	for(j=0;j<info->nocsp;j++)
+		gnutls_free(info->raw_ocsp_list[j].data);
+	gnutls_free(info->raw_ocsp_list);
+
+
+	info->raw_certificate_list = peer_certs;
+	info->ncerts = npeer_certs;
+
+	info->raw_ocsp_list = peer_ocsp;
+	info->nocsp = npeer_ocsp;
+
+	return 0;
+
+ cleanup:
+	for(j=0;j<npeer_certs;j++)
+		gnutls_free(peer_certs[j].data);
+
+	for(j=0;j<npeer_ocsp;j++)
+		gnutls_free(peer_ocsp[j].data);
+	gnutls_free(peer_certs);
+	gnutls_free(peer_ocsp);
+	return ret;
+
+}
+
+static int
+compress_certificate(gnutls_buffer_st * buf, unsigned cert_pos_mark,
+		     gnutls_compression_method_t comp_method)
+{
+	int ret, method_num;
+	size_t comp_bound;
+	gnutls_datum_t plain, comp = { NULL, 0 };
+
+	method_num = _gnutls_compress_certificate_method2num(comp_method);
+	if (method_num == GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER)
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	plain.data = buf->data + cert_pos_mark;
+	plain.size = buf->length - cert_pos_mark;
+
+	comp_bound = _gnutls_compress_bound(comp_method, plain.size);
+	if (comp_bound == 0)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	comp.data = gnutls_malloc(comp_bound);
+	if (comp.data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	ret = _gnutls_compress(comp_method, comp.data, comp_bound, plain.data, plain.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	comp.size = ret;
+
+	buf->length = cert_pos_mark;
+	ret = _gnutls_buffer_append_prefix(buf, 16, method_num);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	ret = _gnutls_buffer_append_prefix(buf, 24, plain.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	ret = _gnutls_buffer_append_data_prefix(buf, 24, comp.data, comp.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	
+cleanup:
+	gnutls_free(comp.data);
+	return ret;
+}
+
+static int
+decompress_certificate(gnutls_buffer_st * buf)
+{
+	int ret;
+	size_t method_num, plain_exp_len;
+	gnutls_datum_t comp, plain = { NULL, 0 };
+	gnutls_compression_method_t comp_method;
+
+	ret = _gnutls_buffer_pop_prefix16(buf, &method_num, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+	comp_method = _gnutls_compress_certificate_num2method(method_num);
+
+	ret = _gnutls_buffer_pop_prefix24(buf, &plain_exp_len, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_buffer_pop_datum_prefix24(buf, &comp);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	plain.data = gnutls_malloc(plain_exp_len);
+	if (plain.data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	ret = _gnutls_decompress(comp_method, plain.data, plain_exp_len, comp.data, comp.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	plain.size = ret;
+
+	if (plain.size != plain_exp_len) {
+		gnutls_assert();
+		ret = GNUTLS_E_DECOMPRESSION_FAILED;
+		goto cleanup;
+	}
+
+	_gnutls_buffer_clear(buf);
+	ret = _gnutls_buffer_append_data(buf, plain.data, plain.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+cleanup:
+	gnutls_free(plain.data);
+	return ret;
+}
diff --git a/lib/tls13/certificate.h b/lib/tls13/certificate.h
new file mode 100644
index 0000000..6f46cc2
--- /dev/null
+++ b/lib/tls13/certificate.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_TLS13_CERTIFICATE_H
+#define GNUTLS_LIB_TLS13_CERTIFICATE_H
+
+int _gnutls13_recv_certificate(gnutls_session_t session);
+int _gnutls13_send_certificate(gnutls_session_t session, unsigned again);
+
+#endif /* GNUTLS_LIB_TLS13_CERTIFICATE_H */
diff --git a/lib/tls13/certificate_request.c b/lib/tls13/certificate_request.c
new file mode 100644
index 0000000..b613cab
--- /dev/null
+++ b/lib/tls13/certificate_request.c
@@ -0,0 +1,393 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "extv.h"
+#include "handshake.h"
+#include "tls13/certificate_request.h"
+#include "ext/compress_certificate.h"
+#include "ext/signature.h"
+#include "ext/status_request.h"
+#include "mbuffers.h"
+#include "algorithms.h"
+#include "auth/cert.h"
+
+/* for tlist dereference */
+#include "x509/verify-high.h"
+
+#define EXTID_CERTIFICATE_AUTHORITIES 47
+
+typedef struct crt_req_ctx_st {
+	gnutls_session_t session;
+	unsigned got_sig_algo;
+	gnutls_pk_algorithm_t pk_algos[MAX_ALGOS];
+	unsigned pk_algos_length;
+	const uint8_t *rdn; /* pointer inside the message buffer */
+	unsigned rdn_size;
+} crt_req_ctx_st;
+
+static unsigned is_algo_in_list(gnutls_pk_algorithm_t algo, gnutls_pk_algorithm_t *list, unsigned list_size)
+{
+	unsigned j;
+
+	for (j=0;j<list_size;j++) {
+		if (list[j] == algo)
+			return 1;
+	}
+	return 0;
+}
+
+static
+int parse_cert_extension(void *_ctx, unsigned tls_id, const uint8_t *data, unsigned data_size)
+{
+	crt_req_ctx_st *ctx = _ctx;
+	gnutls_session_t session = ctx->session;
+	unsigned v;
+	int ret;
+
+	/* Decide which certificate to use if the signature algorithms extension
+	 * is present.
+	 */
+	if (tls_id == ext_mod_sig.tls_id) {
+		const version_entry_st *ver = get_version(session);
+		const gnutls_sign_entry_st *se;
+		/* signature algorithms; let's use it to decide the certificate to use */
+		unsigned i;
+
+		if (ctx->got_sig_algo)
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
+
+		ctx->got_sig_algo = 1;
+
+		if (data_size < 2)
+			return gnutls_assert_val(GNUTLS_E_TLS_PACKET_DECODING_ERROR);
+
+		v = _gnutls_read_uint16(data);
+		if (v != data_size-2)
+			return gnutls_assert_val(GNUTLS_E_TLS_PACKET_DECODING_ERROR);
+
+		data += 2;
+		data_size -= 2;
+
+		ret = _gnutls_sign_algorithm_parse_data(session, data, data_size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		/* The APIs to retrieve a client certificate accept the public
+		 * key algorithms instead of signatures. Get the public key algorithms
+		 * from the signatures.
+		 */
+		for (i=0;i<(unsigned)data_size;i+=2) {
+			se = _gnutls_tls_aid_to_sign_entry(data[i], data[i+1], ver);
+			if (se == NULL)
+				continue;
+
+			if (ctx->pk_algos_length >= sizeof(ctx->pk_algos)/sizeof(ctx->pk_algos[0]))
+				break;
+
+			if (is_algo_in_list(se->pk, ctx->pk_algos, ctx->pk_algos_length))
+				continue;
+
+			ctx->pk_algos[ctx->pk_algos_length++] = se->pk;
+		}
+#ifdef ENABLE_OCSP
+	} else if (tls_id == ext_mod_status_request.tls_id) {
+		if (data_size != 0)
+			return gnutls_assert_val(GNUTLS_E_TLS_PACKET_DECODING_ERROR);
+
+		/* we are now allowed to send OCSP staples */
+		session->internals.hsk_flags |= HSK_CLIENT_OCSP_REQUESTED;
+#endif
+	} else if (tls_id == EXTID_CERTIFICATE_AUTHORITIES) {
+		if (data_size < 3) {
+			return gnutls_assert_val(GNUTLS_E_TLS_PACKET_DECODING_ERROR);
+		}
+
+		v = _gnutls_read_uint16(data);
+		if (v != data_size-2)
+			return gnutls_assert_val(GNUTLS_E_TLS_PACKET_DECODING_ERROR);
+
+		ctx->rdn = data+2;
+		ctx->rdn_size = v;
+	} else if (tls_id == ext_mod_compress_certificate.tls_id) {
+		ret = _gnutls_compress_certificate_recv_params(session,
+							       data,
+							       data_size);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	return 0;
+}
+
+int _gnutls13_recv_certificate_request_int(gnutls_session_t session, gnutls_buffer_st *buf)
+{
+	int ret;
+	crt_req_ctx_st ctx;
+	gnutls_pcert_st *apr_cert_list;
+	gnutls_privkey_t apr_pkey;
+	int apr_cert_list_length;
+
+	_gnutls_handshake_log("HSK[%p]: parsing certificate request\n", session);
+
+	if (unlikely(session->security_parameters.entity == GNUTLS_SERVER))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	/* if initial negotiation is complete, this is a post-handshake auth */
+	if (!session->internals.initial_negotiation_completed) {
+		if (buf->data[0] != 0) {
+			/* The context field must be empty during handshake */
+			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+		}
+
+		/* buf->length is positive */
+		buf->data++;
+		buf->length--;
+	} else {
+		gnutls_datum_t context;
+
+		ret = _gnutls_buffer_pop_datum_prefix8(buf, &context);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		gnutls_free(session->internals.post_handshake_cr_context.data);
+		ret = _gnutls_set_datum(&session->internals.post_handshake_cr_context,
+					context.data, context.size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	memset(&ctx, 0, sizeof(ctx));
+	ctx.session = session;
+
+	ret = _gnutls_extv_parse(&ctx, parse_cert_extension, buf->data, buf->length);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* The "signature_algorithms" extension MUST be specified */
+	if (!ctx.got_sig_algo)
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION);
+
+	session->internals.hsk_flags |= HSK_CRT_ASKED;
+
+	ret = _gnutls_select_client_cert(session, ctx.rdn, ctx.rdn_size,
+					 ctx.pk_algos, ctx.pk_algos_length);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_get_selected_cert(session, &apr_cert_list,
+					&apr_cert_list_length, &apr_pkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (apr_cert_list_length > 0) {
+		gnutls_sign_algorithm_t algo;
+
+		algo = _gnutls_session_get_sign_algo(session, &apr_cert_list[0], apr_pkey, 0, GNUTLS_KX_UNKNOWN);
+		if (algo == GNUTLS_SIGN_UNKNOWN) {
+			_gnutls_handshake_log("HSK[%p]: rejecting client auth because of no suitable signature algorithm\n", session);
+			_gnutls_selected_certs_deinit(session);
+			return gnutls_assert_val(0);
+		}
+
+		gnutls_sign_algorithm_set_client(session, algo);
+	}
+
+	return 0;
+}
+
+int _gnutls13_recv_certificate_request(gnutls_session_t session)
+{
+	int ret;
+	gnutls_buffer_st buf;
+
+	if (!session->internals.initial_negotiation_completed &&
+	    session->internals.hsk_flags & HSK_PSK_SELECTED)
+		return 0;
+
+	if (unlikely(session->security_parameters.entity != GNUTLS_CLIENT))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	ret = _gnutls_recv_handshake(session, GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST, 1, &buf);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* if not received */
+	if (buf.length == 0) {
+		_gnutls_buffer_clear(&buf);
+		return 0;
+	}
+
+	ret = _gnutls13_recv_certificate_request_int(session, &buf);
+
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+static
+int write_certificate_authorities(void *ctx, gnutls_buffer_st *buf)
+{
+	gnutls_session_t session = ctx;
+	gnutls_certificate_credentials_t cred;
+
+	if (session->internals.ignore_rdn_sequence != 0)
+		return 0;
+
+	cred = (gnutls_certificate_credentials_t)
+	    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (cred == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+	}
+
+	if (cred->tlist->x509_rdn_sequence.size == 0)
+		return 0;
+
+	return
+	    _gnutls_buffer_append_data_prefix(buf, 16,
+					      cred->
+					      tlist->x509_rdn_sequence.
+					      data,
+					      cred->
+					      tlist->x509_rdn_sequence.
+					      size);
+}
+
+static int append_empty_ext(void *ctx, gnutls_buffer_st *buf)
+{
+	return GNUTLS_E_INT_RET_0;
+}
+
+int _gnutls13_send_certificate_request(gnutls_session_t session, unsigned again)
+{
+	gnutls_certificate_credentials_t cred;
+	int ret;
+	mbuffer_st *bufel = NULL;
+	gnutls_buffer_st buf;
+	unsigned init_pos;
+
+	if (again == 0) {
+		unsigned char rnd[12];
+
+		if (!session->internals.initial_negotiation_completed &&
+		    session->internals.hsk_flags & HSK_PSK_SELECTED)
+			return 0;
+
+		if (session->internals.send_cert_req == 0)
+			return 0;
+
+		cred = (gnutls_certificate_credentials_t)
+		    _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+		if (cred == NULL)
+			return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+
+		ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		if (session->internals.initial_negotiation_completed) { /* reauth */
+			ret = gnutls_rnd(GNUTLS_RND_NONCE, rnd, sizeof(rnd));
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			gnutls_free(session->internals.post_handshake_cr_context.data);
+			ret = _gnutls_set_datum(&session->internals.post_handshake_cr_context,
+						rnd, sizeof(rnd));
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			ret = _gnutls_buffer_append_data_prefix(&buf, 8,
+							        session->internals.post_handshake_cr_context.data,
+							        session->internals.post_handshake_cr_context.size);
+		} else {
+			ret = _gnutls_buffer_append_prefix(&buf, 8, 0);
+		}
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gnutls_extv_append_init(&buf);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		init_pos = ret;
+
+		ret = _gnutls_extv_append(&buf, ext_mod_sig.tls_id, session,
+					  (extv_append_func)_gnutls_sign_algorithm_write_params);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gnutls_extv_append(&buf, EXTID_CERTIFICATE_AUTHORITIES, session,
+					  write_certificate_authorities);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+#ifdef ENABLE_OCSP
+		/* We always advertise our support for OCSP stapling */
+		ret = _gnutls_extv_append(&buf, ext_mod_status_request.tls_id, session,
+					  append_empty_ext);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		session->internals.hsk_flags |= HSK_CLIENT_OCSP_REQUESTED;
+#endif
+
+		ret = _gnutls_extv_append(&buf, ext_mod_compress_certificate.tls_id, session,
+					  (extv_append_func)_gnutls_compress_certificate_send_params);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gnutls_extv_append_final(&buf, init_pos, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		bufel = _gnutls_buffer_to_mbuffer(&buf);
+
+		session->internals.hsk_flags |= HSK_CRT_REQ_SENT;
+	}
+
+	return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST);
+
+ cleanup:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+
+}
+
diff --git a/lib/tls13/certificate_request.h b/lib/tls13/certificate_request.h
new file mode 100644
index 0000000..40ac9f2
--- /dev/null
+++ b/lib/tls13/certificate_request.h
@@ -0,0 +1,31 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_TLS13_CERTIFICATE_REQUEST_H
+#define GNUTLS_LIB_TLS13_CERTIFICATE_REQUEST_H
+
+int _gnutls13_recv_certificate_request(gnutls_session_t session);
+int _gnutls13_recv_certificate_request_int(gnutls_session_t session, gnutls_buffer_st *buf);
+
+int _gnutls13_send_certificate_request(gnutls_session_t session, unsigned again);
+
+#endif /* GNUTLS_LIB_TLS13_CERTIFICATE_REQUEST_H */
diff --git a/lib/tls13/certificate_verify.c b/lib/tls13/certificate_verify.c
new file mode 100644
index 0000000..45ff6fa
--- /dev/null
+++ b/lib/tls13/certificate_verify.c
@@ -0,0 +1,241 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "handshake.h"
+#include "auth/cert.h"
+#include "ext/signature.h"
+#include "algorithms.h"
+#include "tls13-sig.h"
+#include "mbuffers.h"
+#include "tls13/certificate_verify.h"
+
+#define SRV_CTX "TLS 1.3, server CertificateVerify"
+static const gnutls_datum_t srv_ctx = {
+	(void*)SRV_CTX, sizeof(SRV_CTX)-1
+};
+
+#define CLI_CTX "TLS 1.3, client CertificateVerify"
+static const gnutls_datum_t cli_ctx = {
+	(void*)CLI_CTX, sizeof(CLI_CTX)-1
+};
+
+int _gnutls13_recv_certificate_verify(gnutls_session_t session)
+{
+	int ret;
+	gnutls_buffer_st buf;
+	const gnutls_sign_entry_st *se;
+	gnutls_datum_t sig_data;
+	gnutls_certificate_credentials_t cred;
+	unsigned vflags;
+	gnutls_pcert_st peer_cert;
+	cert_auth_info_t info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
+	bool server = 0;
+	gnutls_certificate_type_t cert_type;
+
+	memset(&peer_cert, 0, sizeof(peer_cert));
+
+	/* this message is only expected if we have received
+	 * a certificate message */
+	if (!(session->internals.hsk_flags & HSK_CRT_VRFY_EXPECTED))
+		return 0;
+
+	if (session->security_parameters.entity == GNUTLS_SERVER)
+		server = 1;
+
+	cred = (gnutls_certificate_credentials_t)
+		_gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE);
+	if (unlikely(cred == NULL))
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+	if (unlikely(info == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	ret = _gnutls_recv_handshake(session, GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY, 0, &buf);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_handshake_log("HSK[%p]: Parsing certificate verify\n", session);
+
+	if (buf.length < 2) {
+		gnutls_assert();
+		ret = GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+		goto cleanup;
+	}
+
+	se = _gnutls_tls_aid_to_sign_entry(buf.data[0], buf.data[1], get_version(session));
+	if (se == NULL) {
+		_gnutls_handshake_log("Found unsupported signature (%d.%d)\n", (int)buf.data[0], (int)buf.data[1]);
+		ret = gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+		goto cleanup;
+	}
+
+	if (server)
+		gnutls_sign_algorithm_set_client(session, se->id);
+	else
+		gnutls_sign_algorithm_set_server(session, se->id);
+
+	buf.data+=2;
+	buf.length-=2;
+
+	/* we check during verification whether the algorithm is enabled */
+
+	ret = _gnutls_buffer_pop_datum_prefix16(&buf, &sig_data);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (sig_data.size == 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+		goto cleanup;
+	}
+
+	/* We verify the certificate of the peer. Therefore we need to
+	 * retrieve the negotiated certificate type for the peer. */
+	cert_type = get_certificate_type(session, GNUTLS_CTYPE_PEERS);
+
+	/* Verify the signature */
+	ret = _gnutls_get_auth_info_pcert(&peer_cert, cert_type, info);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	vflags = cred->verify_flags | session->internals.additional_verify_flags;
+
+	ret = _gnutls13_handshake_verify_data(session, vflags, &peer_cert,
+					      server?(&cli_ctx):(&srv_ctx),
+					      &sig_data, se);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (buf.length > 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_pcert_deinit(&peer_cert);
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+int _gnutls13_send_certificate_verify(gnutls_session_t session, unsigned again)
+{
+	int ret;
+	gnutls_pcert_st *apr_cert_list;
+	gnutls_privkey_t apr_pkey;
+	int apr_cert_list_length;
+	mbuffer_st *bufel = NULL;
+	gnutls_buffer_st buf;
+	gnutls_datum_t sig = {NULL, 0};
+	gnutls_sign_algorithm_t algo;
+	const gnutls_sign_entry_st *se;
+	bool server = 0;
+
+	if (again == 0) {
+		if (!session->internals.initial_negotiation_completed &&
+		    session->internals.hsk_flags & HSK_PSK_SELECTED)
+			return 0;
+
+		if (session->security_parameters.entity == GNUTLS_SERVER &&
+		    session->internals.resumed)
+			return 0;
+
+		if (session->security_parameters.entity == GNUTLS_SERVER)
+			server = 1;
+
+		ret = _gnutls_get_selected_cert(session, &apr_cert_list,
+						&apr_cert_list_length, &apr_pkey);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		if (apr_cert_list_length == 0) {
+			if (server) {
+				return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+			} else {
+				/* for client, this means either we
+				 * didn't get a cert request or we are
+				 * declining authentication; in either
+				 * case we don't send a cert verify */
+				return 0;
+			}
+		}
+
+		if (server) {
+			algo = _gnutls_session_get_sign_algo(session, &apr_cert_list[0], apr_pkey, 0, GNUTLS_KX_UNKNOWN);
+			if (algo == GNUTLS_SIGN_UNKNOWN)
+				return gnutls_assert_val(GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY);
+
+			gnutls_sign_algorithm_set_server(session, algo);
+		} else {
+			/* for client, signature algorithm is already
+			 * determined from Certificate Request */
+			algo = gnutls_sign_algorithm_get_client(session);
+			if (unlikely(algo == GNUTLS_SIGN_UNKNOWN))
+				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		}
+
+		se = _gnutls_sign_to_entry(algo);
+
+		ret = _gnutls13_handshake_sign_data(session, &apr_cert_list[0], apr_pkey,
+						    server?(&srv_ctx):(&cli_ctx),
+						    &sig, se);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gnutls_buffer_append_data(&buf, se->aid.id, 2);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gnutls_buffer_append_data_prefix(&buf, 16, sig.data, sig.size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		bufel = _gnutls_buffer_to_mbuffer(&buf);
+
+		gnutls_free(sig.data);
+	}
+
+	return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY);
+
+ cleanup:
+	gnutls_free(sig.data);
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
diff --git a/lib/tls13/certificate_verify.h b/lib/tls13/certificate_verify.h
new file mode 100644
index 0000000..9d4ce31
--- /dev/null
+++ b/lib/tls13/certificate_verify.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_TLS13_CERTIFICATE_VERIFY_H
+#define GNUTLS_LIB_TLS13_CERTIFICATE_VERIFY_H
+
+int _gnutls13_recv_certificate_verify(gnutls_session_t session);
+int _gnutls13_send_certificate_verify(gnutls_session_t session, unsigned again);
+
+#endif /* GNUTLS_LIB_TLS13_CERTIFICATE_VERIFY_H */
diff --git a/lib/tls13/early_data.c b/lib/tls13/early_data.c
new file mode 100644
index 0000000..3d565d5
--- /dev/null
+++ b/lib/tls13/early_data.c
@@ -0,0 +1,107 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "handshake.h"
+#include "tls13/early_data.h"
+
+int _gnutls13_send_early_data(gnutls_session_t session)
+{
+	int ret;
+
+	if (!(session->security_parameters.entity == GNUTLS_CLIENT &&
+	      session->internals.hsk_flags & HSK_EARLY_DATA_IN_FLIGHT))
+		return 0;
+
+	while (session->internals.early_data_presend_buffer.length > 0) {
+		ret =
+			gnutls_record_send(session,
+					   session->internals.
+					   early_data_presend_buffer.data,
+					   session->internals.
+					   early_data_presend_buffer.
+					   length);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		session->internals.early_data_presend_buffer.data += ret;
+		session->internals.early_data_presend_buffer.length -= ret;
+	}
+
+
+	return 0;
+}
+
+int _gnutls13_send_end_of_early_data(gnutls_session_t session, unsigned again)
+{
+	int ret;
+	mbuffer_st *bufel = NULL;
+	gnutls_buffer_st buf;
+
+	if (!(session->security_parameters.entity == GNUTLS_CLIENT &&
+	      session->internals.hsk_flags & HSK_EARLY_DATA_ACCEPTED))
+		return 0;
+
+	if (session->internals.flags & GNUTLS_NO_END_OF_EARLY_DATA) {
+		return 0;
+	}
+
+	if (again == 0) {
+		ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		bufel = _gnutls_buffer_to_mbuffer(&buf);
+	}
+
+	return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_END_OF_EARLY_DATA);
+}
+
+int _gnutls13_recv_end_of_early_data(gnutls_session_t session)
+{
+	int ret;
+	gnutls_buffer_st buf;
+
+	if (!(session->security_parameters.entity == GNUTLS_SERVER &&
+	      session->internals.hsk_flags & HSK_EARLY_DATA_ACCEPTED))
+		return 0;
+
+	if (!(session->internals.flags & GNUTLS_NO_END_OF_EARLY_DATA)) {
+		ret = _gnutls_recv_handshake(session, GNUTLS_HANDSHAKE_END_OF_EARLY_DATA, 0, &buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		if (buf.length != 0) {
+			gnutls_assert();
+			ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
+			goto cleanup;
+		}
+	}
+
+	session->internals.hsk_flags &= ~HSK_EARLY_DATA_IN_FLIGHT;
+
+	ret = 0;
+cleanup:
+
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
diff --git a/lib/tls13/early_data.h b/lib/tls13/early_data.h
new file mode 100644
index 0000000..6fef12c
--- /dev/null
+++ b/lib/tls13/early_data.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_TLS13_EARLY_DATA_H
+#define GNUTLS_LIB_TLS13_EARLY_DATA_H
+
+int _gnutls13_send_end_of_early_data(gnutls_session_t session, unsigned again);
+int _gnutls13_recv_end_of_early_data(gnutls_session_t session);
+int _gnutls13_send_early_data(gnutls_session_t session);
+
+#endif /* GNUTLS_LIB_TLS13_EARLY_DATA_H */
diff --git a/lib/tls13/encrypted_extensions.c b/lib/tls13/encrypted_extensions.c
new file mode 100644
index 0000000..84c328f
--- /dev/null
+++ b/lib/tls13/encrypted_extensions.c
@@ -0,0 +1,75 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "hello_ext.h"
+#include "handshake.h"
+#include "mbuffers.h"
+#include "tls13/encrypted_extensions.h"
+
+int _gnutls13_recv_encrypted_extensions(gnutls_session_t session)
+{
+	int ret;
+	gnutls_buffer_st buf;
+
+	ret = _gnutls_recv_handshake(session, GNUTLS_HANDSHAKE_ENCRYPTED_EXTENSIONS, 0, &buf);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_handshake_log("HSK[%p]: parsing encrypted extensions\n", session);
+	ret = _gnutls_parse_hello_extensions(session, GNUTLS_EXT_FLAG_EE, GNUTLS_EXT_ANY,
+					     buf.data, buf.length);
+	_gnutls_buffer_clear(&buf);
+
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+int _gnutls13_send_encrypted_extensions(gnutls_session_t session, unsigned again)
+{
+	int ret;
+	mbuffer_st *bufel = NULL;
+	gnutls_buffer_st buf;
+
+	if (again == 0) {
+		ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_gen_hello_extensions(session, &buf, GNUTLS_EXT_FLAG_EE, GNUTLS_EXT_ANY);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		bufel = _gnutls_buffer_to_mbuffer(&buf);
+	}
+
+	return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_ENCRYPTED_EXTENSIONS);
+
+ cleanup:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
diff --git a/lib/tls13/encrypted_extensions.h b/lib/tls13/encrypted_extensions.h
new file mode 100644
index 0000000..2c7cf75
--- /dev/null
+++ b/lib/tls13/encrypted_extensions.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_TLS13_ENCRYPTED_EXTENSIONS_H
+#define GNUTLS_LIB_TLS13_ENCRYPTED_EXTENSIONS_H
+
+int _gnutls13_recv_encrypted_extensions(gnutls_session_t session);
+int _gnutls13_send_encrypted_extensions(gnutls_session_t session, unsigned again);
+
+#endif /* GNUTLS_LIB_TLS13_ENCRYPTED_EXTENSIONS_H */
diff --git a/lib/tls13/finished.c b/lib/tls13/finished.c
new file mode 100644
index 0000000..ec646e6
--- /dev/null
+++ b/lib/tls13/finished.c
@@ -0,0 +1,183 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "handshake.h"
+#include "tls13/finished.h"
+#include "mem.h"
+#include "mbuffers.h"
+#include "secrets.h"
+
+int _gnutls13_compute_finished(const mac_entry_st *prf,
+		const uint8_t *base_key,
+		gnutls_buffer_st *handshake_hash_buffer,
+		void *out)
+{
+	int ret;
+	uint8_t fkey[MAX_HASH_SIZE];
+	uint8_t ts_hash[MAX_HASH_SIZE];
+
+	ret = _tls13_expand_secret2(prf,
+			"finished", 8,
+			NULL, 0,
+			base_key,
+			prf->output_size, fkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_hash_fast(MAC_TO_DIG(prf->id),
+			       handshake_hash_buffer->data,
+			       handshake_hash_buffer->length,
+			       ts_hash);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_hmac_fast(prf->id,
+			       fkey, prf->output_size,
+			       ts_hash, prf->output_size,
+			       out);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+int _gnutls13_recv_finished(gnutls_session_t session)
+{
+	int ret;
+	gnutls_buffer_st buf;
+	uint8_t verifier[MAX_HASH_SIZE];
+	const uint8_t *base_key;
+	unsigned hash_size;
+
+	if (unlikely(session->security_parameters.prf == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	hash_size = session->security_parameters.prf->output_size;
+
+	if (!session->internals.initial_negotiation_completed) {
+		if (session->security_parameters.entity == GNUTLS_CLIENT)
+			base_key = session->key.proto.tls13.hs_skey;
+		else
+			base_key = session->key.proto.tls13.hs_ckey;
+	} else {
+		if (session->security_parameters.entity == GNUTLS_CLIENT)
+			base_key = session->key.proto.tls13.ap_skey;
+		else
+			base_key = session->key.proto.tls13.ap_ckey;
+	}
+
+	ret = _gnutls13_compute_finished(session->security_parameters.prf,
+			base_key,
+			&session->internals.handshake_hash_buffer,
+			verifier);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_recv_handshake(session, GNUTLS_HANDSHAKE_FINISHED, 0, &buf);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_handshake_log("HSK[%p]: parsing finished\n", session);
+
+	if (buf.length != hash_size) {
+		gnutls_assert();
+		ret = GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+		goto cleanup;
+	}
+
+
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+# warning This is unsafe for production builds
+#else
+	if (gnutls_memcmp(verifier, buf.data, buf.length) != 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_ERROR_IN_FINISHED_PACKET;
+		goto cleanup;
+	}
+#endif
+
+	ret = 0;
+cleanup:
+	
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+int _gnutls13_send_finished(gnutls_session_t session, unsigned again)
+{
+	int ret;
+	uint8_t verifier[MAX_HASH_SIZE];
+	mbuffer_st *bufel = NULL;
+	const uint8_t *base_key;
+	unsigned hash_size;
+
+	if (again == 0) {
+		if (unlikely(session->security_parameters.prf == NULL))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		hash_size = session->security_parameters.prf->output_size;
+
+		if (!session->internals.initial_negotiation_completed) {
+			if (session->security_parameters.entity == GNUTLS_CLIENT)
+				base_key = session->key.proto.tls13.hs_ckey;
+			else
+				base_key = session->key.proto.tls13.hs_skey;
+		} else {
+			if (session->security_parameters.entity == GNUTLS_CLIENT)
+				base_key = session->key.proto.tls13.ap_ckey;
+			else
+				base_key = session->key.proto.tls13.ap_skey;
+		}
+
+		ret = _gnutls13_compute_finished(session->security_parameters.prf,
+				base_key,
+				&session->internals.handshake_hash_buffer,
+				verifier);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		_gnutls_handshake_log("HSK[%p]: sending finished\n", session);
+
+		bufel = _gnutls_handshake_alloc(session, hash_size);
+		if (bufel == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		_mbuffer_set_udata_size(bufel, 0);
+		ret = _mbuffer_append_data(bufel, verifier, hash_size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_FINISHED);
+
+cleanup:
+	_mbuffer_xfree(&bufel);
+	return ret;
+}
diff --git a/lib/tls13/finished.h b/lib/tls13/finished.h
new file mode 100644
index 0000000..cf475b2
--- /dev/null
+++ b/lib/tls13/finished.h
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_TLS13_FINISHED_H
+#define GNUTLS_LIB_TLS13_FINISHED_H
+
+int _gnutls13_compute_finished(const mac_entry_st *prf,
+		const uint8_t *base_key,
+		gnutls_buffer_st *handshake_hash_buffer,
+		void *out);
+int _gnutls13_recv_finished(gnutls_session_t session);
+int _gnutls13_send_finished(gnutls_session_t session, unsigned again);
+
+#endif /* GNUTLS_LIB_TLS13_FINISHED_H */
diff --git a/lib/tls13/hello_retry.c b/lib/tls13/hello_retry.c
new file mode 100644
index 0000000..dd4cba5
--- /dev/null
+++ b/lib/tls13/hello_retry.c
@@ -0,0 +1,195 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "hello_ext.h"
+#include "handshake.h"
+#include "tls13/hello_retry.h"
+#include "auth/cert.h"
+#include "mbuffers.h"
+#include "state.h"
+
+int _gnutls13_send_hello_retry_request(gnutls_session_t session, unsigned again)
+{
+	int ret;
+	mbuffer_st *bufel = NULL;
+	gnutls_buffer_st buf;
+	const version_entry_st *ver;
+	const uint8_t vbuf[2] = {0x03, 0x03};
+
+	if (again == 0) {
+		ver = get_version(session);
+		if (unlikely(ver == NULL || session->security_parameters.cs == NULL))
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+		ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_buffer_append_data(&buf, vbuf, 2);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_buffer_append_data(&buf,
+						 HRR_RANDOM,
+						 GNUTLS_RANDOM_SIZE);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gnutls_buffer_append_data_prefix(&buf, 8,
+							session->security_parameters.session_id,
+							session->security_parameters.session_id_size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gnutls_buffer_append_data(&buf, session->security_parameters.cs->id, 2);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		/* compression */
+		ret = _gnutls_buffer_append_prefix(&buf, 8, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gnutls_gen_hello_extensions(session, &buf,
+						   GNUTLS_EXT_FLAG_HRR,
+						   GNUTLS_EXT_ANY);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		/* reset extensions sent by this session to allow re-sending them */
+		session->internals.used_exts = 0;
+
+		reset_binders(session);
+
+		bufel = _gnutls_buffer_to_mbuffer(&buf);
+	}
+
+	return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST);
+
+ cleanup:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+int
+_gnutls13_recv_hello_retry_request(gnutls_session_t session,
+				   gnutls_buffer_st *buf)
+{
+	int ret;
+	uint8_t tmp[2];
+	const gnutls_cipher_suite_entry_st *cs;
+	const mac_entry_st *prf;
+	gnutls_datum_t session_id;
+	uint8_t random[GNUTLS_RANDOM_SIZE];
+
+	/* only under TLS 1.3 */
+	if (IS_DTLS(session))
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+
+	if (session->internals.hsk_flags & HSK_HRR_RECEIVED)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+
+	session->internals.hsk_flags |= HSK_HRR_RECEIVED;
+
+	/* version */
+	ret = _gnutls_buffer_pop_data(buf, tmp, 2);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	if (unlikely(tmp[0] != 0x03 || tmp[1] != 0x03))
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
+
+	ret = _gnutls_buffer_pop_data(buf, random, GNUTLS_RANDOM_SIZE);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	if (memcmp(random, HRR_RANDOM, GNUTLS_RANDOM_SIZE) != 0) {
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	ret = _gnutls_buffer_pop_datum_prefix8(buf, &session_id);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	/* read ciphersuites */
+	ret = _gnutls_buffer_pop_data(buf, tmp, 2);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	cs = ciphersuite_to_entry(tmp);
+	if (unlikely(cs == NULL))
+		return gnutls_assert_val(GNUTLS_E_UNKNOWN_CIPHER_SUITE);
+
+	_gnutls_handshake_log("EXT[%p]: Hello Retry Request with %s\n", session, cs->name);
+	memcpy(session->internals.hrr_cs, cs->id, 2);
+
+	prf = mac_to_entry(cs->prf);
+	if (unlikely(prf == NULL))
+		return gnutls_assert_val(GNUTLS_E_UNKNOWN_CIPHER_SUITE);
+
+	/* compression */
+	ret = _gnutls_buffer_pop_data(buf, tmp, 1);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	if (unlikely(tmp[0] != 0))
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	ret = _gnutls13_handshake_hash_buffers_synth(session, prf, 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (buf->length <= 2) {
+		/* no extensions present */
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH);
+	}
+
+	/* figure version first */
+	ret =
+	    _gnutls_parse_hello_extensions(session, GNUTLS_EXT_FLAG_HRR,
+					   GNUTLS_EXT_VERSION_NEG,
+					   buf->data, buf->length);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* parse the rest of extensions */
+	ret = _gnutls_parse_hello_extensions(session, GNUTLS_EXT_FLAG_HRR, GNUTLS_EXT_ANY,
+					     buf->data, buf->length);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	session->internals.used_exts = 0;
+
+	return 0;
+}
diff --git a/lib/tls13/hello_retry.h b/lib/tls13/hello_retry.h
new file mode 100644
index 0000000..373670f
--- /dev/null
+++ b/lib/tls13/hello_retry.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_TLS13_HELLO_RETRY_H
+#define GNUTLS_LIB_TLS13_HELLO_RETRY_H
+
+int _gnutls13_send_hello_retry_request(gnutls_session_t session, unsigned again);
+
+#endif /* GNUTLS_LIB_TLS13_HELLO_RETRY_H */
diff --git a/lib/tls13/key_update.c b/lib/tls13/key_update.c
new file mode 100644
index 0000000..c6f6e0a
--- /dev/null
+++ b/lib/tls13/key_update.c
@@ -0,0 +1,217 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "handshake.h"
+#include "tls13/key_update.h"
+#include "mem.h"
+#include "mbuffers.h"
+#include "secrets.h"
+
+#define KEY_UPDATES_WINDOW 1000
+#define KEY_UPDATES_PER_WINDOW 8
+
+static int update_keys(gnutls_session_t session, hs_stage_t stage)
+{
+	int ret;
+
+	ret = _tls13_update_secret(session, session->key.proto.tls13.temp_secret,
+				   session->key.proto.tls13.temp_secret_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	_gnutls_epoch_bump(session);
+	ret = _gnutls_epoch_dup(session, EPOCH_READ_CURRENT);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* If we send a key update during early start, only update our
+	 * write keys */
+	if (session->internals.recv_state == RECV_STATE_EARLY_START) {
+		ret = _tls13_write_connection_state_init(session, stage);
+	} else {
+		ret = _tls13_connection_state_init(session, stage);
+	}
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+int _gnutls13_recv_key_update(gnutls_session_t session, gnutls_buffer_st *buf)
+{
+	int ret;
+	struct timespec now;
+
+	if (buf->length != 1)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+	gnutls_gettime(&now);
+
+	/* Roll over the counter if the time window has elapsed */
+	if (session->internals.key_update_count == 0 ||
+	    timespec_sub_ms(&now, &session->internals.last_key_update) >
+	    KEY_UPDATES_WINDOW) {
+		session->internals.last_key_update = now;
+		session->internals.key_update_count = 0;
+	}
+
+	if (unlikely(++session->internals.key_update_count >
+		     KEY_UPDATES_PER_WINDOW)) {
+		_gnutls_debug_log("reached maximum number of key updates per %d milliseconds (%d)\n",
+				  KEY_UPDATES_WINDOW,
+				  KEY_UPDATES_PER_WINDOW);
+		return gnutls_assert_val(GNUTLS_E_TOO_MANY_HANDSHAKE_PACKETS);
+	}
+
+	_gnutls_epoch_gc(session);
+
+	_gnutls_handshake_log("HSK[%p]: received TLS 1.3 key update (%u)\n",
+			      session, (unsigned)buf->data[0]);
+
+	switch(buf->data[0]) {
+	case 0:
+		/* peer updated its key, not requested our key update */
+		ret = update_keys(session, STAGE_UPD_PEERS);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		break;
+	case 1:
+		if (session->internals.hsk_flags & HSK_KEY_UPDATE_ASKED) {
+			/* if we had asked a key update we shouldn't get this
+			 * reply */
+			return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+		}
+
+		/* peer updated its key, requested our key update */
+		ret = update_keys(session, STAGE_UPD_PEERS);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		/* we mark that a key update is schedule, and it
+		 * will be performed prior to sending the next application
+		 * message.
+		 */
+		if (session->internals.rsend_state == RECORD_SEND_NORMAL)
+			session->internals.rsend_state = RECORD_SEND_KEY_UPDATE_1;
+		else if (session->internals.rsend_state == RECORD_SEND_CORKED)
+			session->internals.rsend_state = RECORD_SEND_CORKED_TO_KU;
+
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+	}
+
+	session->internals.hsk_flags &= ~(unsigned)(HSK_KEY_UPDATE_ASKED);
+
+	return 0;
+}
+
+int _gnutls13_send_key_update(gnutls_session_t session, unsigned again, unsigned flags /* GNUTLS_KU_* */)
+{
+	int ret;
+	mbuffer_st *bufel = NULL;
+	uint8_t val;
+
+	if (again == 0) {
+		if (flags & GNUTLS_KU_PEER) {
+			/* mark that we asked a key update to prevent an
+			 * infinite ping pong when receiving the reply */
+			session->internals.hsk_flags |= HSK_KEY_UPDATE_ASKED;
+			val = 0x01;
+		} else {
+			val = 0x00;
+		}
+
+		_gnutls_handshake_log("HSK[%p]: sending key update (%u)\n", session, (unsigned)val);
+
+		bufel = _gnutls_handshake_alloc(session, 1);
+		if (bufel == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		_mbuffer_set_udata_size(bufel, 0);
+		ret = _mbuffer_append_data(bufel, &val, 1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+	}
+
+	return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_KEY_UPDATE);
+
+cleanup:
+	_mbuffer_xfree(&bufel);
+	return ret;
+}
+
+/**
+ * gnutls_session_key_update:
+ * @session: is a #gnutls_session_t type.
+ * @flags: zero of %GNUTLS_KU_PEER
+ *
+ * This function will update/refresh the session keys when the
+ * TLS protocol is 1.3 or better. The peer is notified of the
+ * update by sending a message, so this function should be
+ * treated similarly to gnutls_record_send() --i.e., it may
+ * return %GNUTLS_E_AGAIN or %GNUTLS_E_INTERRUPTED.
+ *
+ * When this flag %GNUTLS_KU_PEER is specified, this function
+ * in addition to updating the local keys, will ask the peer to
+ * refresh its keys too.
+ *
+ * If the negotiated version is not TLS 1.3 or better this
+ * function will return %GNUTLS_E_INVALID_REQUEST.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.6.3
+ **/
+int gnutls_session_key_update(gnutls_session_t session, unsigned flags)
+{
+	int ret;
+	const version_entry_st *vers = get_version(session);
+
+	if (!vers->tls13_sem)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	ret =
+	    _gnutls13_send_key_update(session, AGAIN(STATE150), flags);
+	STATE = STATE150;
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+	STATE = STATE0;
+
+	_gnutls_epoch_gc(session);
+
+	/* it was completely sent, update the keys */
+	ret = update_keys(session, STAGE_UPD_OURS);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
diff --git a/lib/tls13/key_update.h b/lib/tls13/key_update.h
new file mode 100644
index 0000000..4a0123a
--- /dev/null
+++ b/lib/tls13/key_update.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_TLS13_KEY_UPDATE_H
+#define GNUTLS_LIB_TLS13_KEY_UPDATE_H
+
+int _gnutls13_recv_key_update(gnutls_session_t session, gnutls_buffer_st *buf);
+int _gnutls13_send_key_update(gnutls_session_t session, unsigned again, unsigned flags);
+
+#endif /* GNUTLS_LIB_TLS13_KEY_UPDATE_H */
diff --git a/lib/tls13/post_handshake.c b/lib/tls13/post_handshake.c
new file mode 100644
index 0000000..97ca287
--- /dev/null
+++ b/lib/tls13/post_handshake.c
@@ -0,0 +1,252 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that relate to the TLS handshake procedure.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "dh.h"
+#include "debug.h"
+#include "algorithms.h"
+#include "cipher.h"
+#include "buffers.h"
+#include "mbuffers.h"
+#include "kx.h"
+#include "handshake.h"
+#include "num.h"
+#include "hash_int.h"
+#include "db.h"
+#include "hello_ext.h"
+#include "supplemental.h"
+#include "auth.h"
+#include "sslv2_compat.h"
+#include <auth/cert.h>
+#include "constate.h"
+#include <record.h>
+#include <state.h>
+#include <random.h>
+#include <dtls.h>
+#include "tls13/certificate_request.h"
+#include "tls13/certificate_verify.h"
+#include "tls13/certificate.h"
+#include "tls13/finished.h"
+
+#undef AGAIN
+#define AGAIN(x) ((x)==(REAUTH_STATE))
+
+/*
+ * _gnutls13_reauth_client
+ * This function performs the client side of the post-handshake authentication
+ */
+static
+int _gnutls13_reauth_client(gnutls_session_t session)
+{
+	int ret = 0;
+	size_t tmp;
+
+	if (!session->internals.initial_negotiation_completed)
+		return gnutls_assert_val(GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE);
+
+	if (!(session->internals.flags & GNUTLS_POST_HANDSHAKE_AUTH))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (session->internals.reauth_buffer.length == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	switch (REAUTH_STATE) {
+	case REAUTH_STATE0:
+
+		/* restore handshake transcript */
+		_gnutls_buffer_reset(&session->internals.handshake_hash_buffer);
+		ret = gnutls_buffer_append_data(&session->internals.handshake_hash_buffer,
+						session->internals.post_handshake_hash_buffer.data,
+						session->internals.post_handshake_hash_buffer.length);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		/* append the previously received certificate request message, to the
+		 * transcript. */
+		ret = gnutls_buffer_append_data(&session->internals.handshake_hash_buffer,
+						session->internals.reauth_buffer.data,
+						session->internals.reauth_buffer.length);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		session->internals.handshake_hash_buffer_prev_len = session->internals.handshake_hash_buffer.length;
+
+		/* skip the reauth buffer handshake message headers */
+		ret = _gnutls_buffer_pop_prefix32(&session->internals.reauth_buffer, &tmp, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		FALLTHROUGH;
+	case REAUTH_STATE1:
+		ret = _gnutls13_recv_certificate_request_int(session,
+							     &session->internals.reauth_buffer);
+		REAUTH_STATE = REAUTH_STATE1;
+		IMED_RET("recv certificate request", ret, 0);
+		FALLTHROUGH;
+	case REAUTH_STATE2:
+		ret = _gnutls13_send_certificate(session, AGAIN(REAUTH_STATE2));
+		REAUTH_STATE = REAUTH_STATE2;
+		IMED_RET("send certificate", ret, 0);
+		FALLTHROUGH;
+	case REAUTH_STATE3:
+		ret = _gnutls13_send_certificate_verify(session, AGAIN(REAUTH_STATE3));
+		REAUTH_STATE = REAUTH_STATE3;
+		IMED_RET("send certificate verify", ret, 0);
+		FALLTHROUGH;
+	case REAUTH_STATE4:
+		ret = _gnutls13_send_finished(session, AGAIN(REAUTH_STATE4));
+		REAUTH_STATE = REAUTH_STATE4;
+		IMED_RET("send finished", ret, 0);
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	_gnutls_handshake_hash_buffers_clear(session);
+	_gnutls_buffer_reset(&session->internals.reauth_buffer);
+	REAUTH_STATE = REAUTH_STATE0;
+
+	return 0;
+}
+
+/*
+ * _gnutls13_reauth_server
+ * This function does the server stuff of the post-handshake authentication.
+ */
+static
+int _gnutls13_reauth_server(gnutls_session_t session)
+{
+	int ret = 0;
+
+	if (session->security_parameters.post_handshake_auth == 0 ||
+	    (!(session->internals.flags & GNUTLS_POST_HANDSHAKE_AUTH)))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (session->internals.send_cert_req == 0) {
+		_gnutls_debug_log("You need to call gnutls_certificate_server_set_request to enable post handshake auth\n");
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	switch (REAUTH_STATE) {
+	case REAUTH_STATE0:
+		/* restore handshake transcript */
+		_gnutls_buffer_reset(&session->internals.handshake_hash_buffer);
+		ret = gnutls_buffer_append_data(&session->internals.handshake_hash_buffer,
+						session->internals.post_handshake_hash_buffer.data,
+						session->internals.post_handshake_hash_buffer.length);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		session->internals.handshake_hash_buffer_prev_len = session->internals.handshake_hash_buffer.length;
+
+		FALLTHROUGH;
+	case REAUTH_STATE1:
+		ret = _gnutls13_send_certificate_request(session, AGAIN(REAUTH_STATE1));
+		REAUTH_STATE = REAUTH_STATE1;
+		IMED_RET("send certificate request", ret, 0);
+		FALLTHROUGH;
+	case REAUTH_STATE2:
+		/* here we should tolerate application data */
+		ret = _gnutls13_recv_certificate(session);
+		REAUTH_STATE = REAUTH_STATE2;
+		IMED_RET("recv certificate", ret, 0);
+		FALLTHROUGH;
+	case REAUTH_STATE3:
+		ret = _gnutls13_recv_certificate_verify(session);
+		REAUTH_STATE = REAUTH_STATE3;
+		IMED_RET("recv certificate verify", ret, 0);
+		FALLTHROUGH;
+	case REAUTH_STATE4:
+		ret = _gnutls_run_verify_callback(session, GNUTLS_CLIENT);
+		REAUTH_STATE = REAUTH_STATE4;
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		FALLTHROUGH;
+	case REAUTH_STATE5:
+		ret = _gnutls13_recv_finished(session);
+		REAUTH_STATE = REAUTH_STATE5;
+		IMED_RET("recv finished", ret, 0);
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	_gnutls_handshake_hash_buffers_clear(session);
+	REAUTH_STATE = REAUTH_STATE0;
+
+	return 0;
+}
+
+/**
+ * gnutls_reauth:
+ * @session: is a #gnutls_session_t type.
+ * @flags: must be zero
+ *
+ * This function performs the post-handshake authentication
+ * for TLS 1.3. The post-handshake authentication is initiated by the server
+ * by calling this function. Clients respond when %GNUTLS_E_REAUTH_REQUEST
+ * has been seen while receiving data.
+ *
+ * The non-fatal errors expected by this function are:
+ * %GNUTLS_E_INTERRUPTED, %GNUTLS_E_AGAIN, as well as
+ * %GNUTLS_E_GOT_APPLICATION_DATA when called on server side.
+ *
+ * The former two interrupt the authentication procedure due to the transport
+ * layer being interrupted, and the latter because there were pending data prior
+ * to peer initiating the re-authentication. The server should read/process that
+ * data as unauthenticated and retry calling gnutls_reauth().
+ *
+ * When this function is called under TLS1.2 or earlier or the peer didn't
+ * advertise post-handshake auth, it always fails with
+ * %GNUTLS_E_INVALID_REQUEST. The verification of the received peers certificate
+ * is delegated to the session or credentials verification callbacks. A
+ * server can check whether post handshake authentication is supported
+ * by the client by checking the session flags with gnutls_session_get_flags().
+ *
+ * Prior to calling this function in server side, the function
+ * gnutls_certificate_server_set_request() must be called setting expectations
+ * for the received certificate (request or require). If none are set
+ * this function will return with %GNUTLS_E_INVALID_REQUEST.
+ *
+ * Note that post handshake authentication is available irrespective
+ * of the initial negotiation type (PSK or certificate). In all cases
+ * however, certificate credentials must be set to the session prior
+ * to calling this function.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on a successful authentication, otherwise a negative error code.
+ **/
+int gnutls_reauth(gnutls_session_t session, unsigned int flags)
+{
+	const version_entry_st *vers = get_version(session);
+
+	if (unlikely(!vers->tls13_sem))
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (session->security_parameters.entity == GNUTLS_SERVER)
+		return _gnutls13_reauth_server(session);
+	else
+		return _gnutls13_reauth_client(session);
+}
diff --git a/lib/tls13/psk_ext_parser.c b/lib/tls13/psk_ext_parser.c
new file mode 100644
index 0000000..33ebc04
--- /dev/null
+++ b/lib/tls13/psk_ext_parser.c
@@ -0,0 +1,111 @@
+/*
+ * Copyright (C) 2017-2018 Free Software Foundation, Inc.
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Ander Juaristi, Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "tls13/psk_ext_parser.h"
+
+/* Returns GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE when no identities
+ * are present, or 0, on success.
+ */
+int _gnutls13_psk_ext_parser_init(psk_ext_parser_st *p,
+				  const unsigned char *data, size_t len)
+{
+	if (!p || !data || !len)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	memset(p, 0, sizeof(*p));
+
+	DECR_LEN(len, 2);
+	p->identities_len = _gnutls_read_uint16(data);
+	data += 2;
+
+	if (p->identities_len == 0)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	p->identities_data = (unsigned char *) data;
+
+	DECR_LEN(len, p->identities_len);
+	data += p->identities_len;
+
+	DECR_LEN(len, 2);
+	p->binders_len = _gnutls_read_uint16(data);
+	data += 2;
+
+	p->binders_data = data;
+	DECR_LEN(len, p->binders_len);
+
+	return 0;
+}
+
+/* Extract PSK identity and move to the next iteration.
+ *
+ * Returns GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE when no more identities
+ * are present, or 0, on success.
+ */
+int _gnutls13_psk_ext_iter_next_identity(psk_ext_iter_st *iter,
+					 struct psk_st *psk)
+{
+	if (iter->identities_len == 0)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+	DECR_LEN(iter->identities_len, 2);
+	psk->identity.size = _gnutls_read_uint16(iter->identities_data);
+	if (psk->identity.size == 0)
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	iter->identities_data += 2;
+	psk->identity.data = (void*)iter->identities_data;
+
+	DECR_LEN(iter->identities_len, psk->identity.size);
+	iter->identities_data += psk->identity.size;
+
+	DECR_LEN(iter->identities_len, 4);
+	psk->ob_ticket_age = _gnutls_read_uint32(iter->identities_data);
+	iter->identities_data += 4;
+
+	return 0;
+}
+
+/* Extract PSK binder and move to the next iteration.
+ *
+ * Returns GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE when no more identities
+ * are present, or 0, on success.
+ */
+int _gnutls13_psk_ext_iter_next_binder(psk_ext_iter_st *iter,
+				       gnutls_datum_t *binder)
+{
+	if (iter->binders_len == 0)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+	DECR_LEN(iter->binders_len, 1);
+	binder->size = *iter->binders_data;
+	if (binder->size == 0)
+		return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+	iter->binders_data++;
+	binder->data = (uint8_t *)iter->binders_data;
+	DECR_LEN(iter->binders_len, binder->size);
+	iter->binders_data += binder->size;
+
+	return 0;
+}
diff --git a/lib/tls13/psk_ext_parser.h b/lib/tls13/psk_ext_parser.h
new file mode 100644
index 0000000..f46b211
--- /dev/null
+++ b/lib/tls13/psk_ext_parser.h
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 2017 Free Software Foundation, Inc.
+ *
+ * Author: Ander Juaristi
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_TLS13_PSK_EXT_PARSER_H
+#define GNUTLS_LIB_TLS13_PSK_EXT_PARSER_H
+
+struct psk_ext_parser_st {
+	const unsigned char *identities_data;
+	size_t identities_len;
+
+	const unsigned char *binders_data;
+	size_t binders_len;
+};
+
+typedef struct psk_ext_parser_st psk_ext_parser_st;
+typedef struct psk_ext_parser_st psk_ext_iter_st;
+
+struct psk_st {
+	/* constant values */
+	gnutls_datum_t identity;
+	uint32_t ob_ticket_age;
+};
+
+int _gnutls13_psk_ext_parser_init(psk_ext_parser_st *p,
+				  const unsigned char *data, size_t len);
+
+inline static
+void _gnutls13_psk_ext_iter_init(psk_ext_iter_st *iter,
+				 const psk_ext_parser_st *p)
+{
+	memcpy(iter, p, sizeof(*p));
+}
+
+int _gnutls13_psk_ext_iter_next_identity(psk_ext_iter_st *iter,
+					 struct psk_st *psk);
+int _gnutls13_psk_ext_iter_next_binder(psk_ext_iter_st *iter,
+				       gnutls_datum_t *binder);
+
+#endif /* GNUTLS_LIB_TLS13_PSK_EXT_PARSER_H */
diff --git a/lib/tls13/session_ticket.c b/lib/tls13/session_ticket.c
new file mode 100644
index 0000000..909ab05
--- /dev/null
+++ b/lib/tls13/session_ticket.c
@@ -0,0 +1,496 @@
+/*
+ * Copyright (C) 2017-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos, Ander Juaristi
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "extv.h"
+#include "handshake.h"
+#include "mbuffers.h"
+#include "ext/pre_shared_key.h"
+#include "ext/session_ticket.h"
+#include "ext/early_data.h"
+#include "auth/cert.h"
+#include "tls13/session_ticket.h"
+#include "session_pack.h"
+#include "db.h"
+
+static int
+pack_ticket(gnutls_session_t session, tls13_ticket_st *ticket, gnutls_datum_t *packed)
+{
+	uint8_t *p;
+	gnutls_datum_t state;
+	int ret;
+
+	ret = _gnutls_session_pack(session, &state);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	packed->size = 2 + 4 + 4 +
+		1 + ticket->prf->output_size +
+		1 + ticket->nonce_size + 2 + state.size + 12;
+
+	packed->data = gnutls_malloc(packed->size);
+	if (!packed->data) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	p = packed->data;
+
+	_gnutls_write_uint16(ticket->prf->id, p);
+	p += 2;
+	_gnutls_write_uint32(ticket->age_add, p);
+	p += 4;
+	_gnutls_write_uint32(ticket->lifetime, p);
+	p += 4;
+	*p = ticket->prf->output_size;
+	p += 1;
+	memcpy(p, ticket->resumption_master_secret, ticket->prf->output_size);
+	p += ticket->prf->output_size;
+	*p = ticket->nonce_size;
+
+	p += 1;
+	memcpy(p, ticket->nonce, ticket->nonce_size);
+	p += ticket->nonce_size;
+
+	_gnutls_write_uint16(state.size, p);
+	p += 2;
+
+	memcpy(p, state.data, state.size);
+	p += state.size;
+
+	_gnutls_write_uint32((uint64_t) ticket->creation_time.tv_sec >> 32, p);
+	p += 4;
+	_gnutls_write_uint32(ticket->creation_time.tv_sec & 0xFFFFFFFF, p);
+	p += 4;
+	_gnutls_write_uint32(ticket->creation_time.tv_nsec, p);
+
+	ret = 0;
+
+ cleanup:
+	gnutls_free(state.data);
+	return ret;
+}
+
+static int
+unpack_ticket(gnutls_session_t session, gnutls_datum_t *packed, tls13_ticket_st *data)
+{
+	uint32_t age_add, lifetime;
+	struct timespec creation_time;
+	uint8_t resumption_master_secret[MAX_HASH_SIZE];
+	size_t resumption_master_secret_size;
+	uint8_t nonce[UINT8_MAX];
+	size_t nonce_size;
+	gnutls_datum_t state;
+	gnutls_mac_algorithm_t kdf;
+	const mac_entry_st *prf;
+	uint8_t *p;
+	size_t len;
+	uint64_t v;
+	int ret;
+
+	if (unlikely(packed == NULL || data == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	memset(data, 0, sizeof(*data));
+
+	p = packed->data;
+	len = packed->size;
+
+	DECR_LEN(len, 2);
+	kdf = _gnutls_read_uint16(p);
+	p += 2;
+
+	/* Check if the MAC ID we got is valid */
+	prf = _gnutls_mac_to_entry(kdf);
+	if (prf == NULL)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+	/* Read the ticket age add and the ticket lifetime */
+	DECR_LEN(len, 4);
+	age_add = _gnutls_read_uint32(p);
+	p += 4;
+
+	DECR_LEN(len, 4);
+	lifetime = _gnutls_read_uint32(p);
+	p += 4;
+
+	/*
+	 * Check if the whole ticket is large enough,
+	 * and read the resumption master secret
+	 */
+	DECR_LEN(len, 1);
+	resumption_master_secret_size = *p;
+	p += 1;
+
+	/* Check if the size of resumption_master_secret matches the PRF */
+	if (resumption_master_secret_size != prf->output_size)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+	DECR_LEN(len, resumption_master_secret_size);
+	memcpy(resumption_master_secret, p, resumption_master_secret_size);
+	p += resumption_master_secret_size;
+
+	/* Read the ticket nonce */
+	DECR_LEN(len, 1);
+	nonce_size = *p;
+	p += 1;
+
+	DECR_LEN(len, nonce_size);
+	memcpy(nonce, p, nonce_size);
+	p += nonce_size;
+
+	DECR_LEN(len, 2);
+	state.size = _gnutls_read_uint16(p);
+	p += 2;
+
+	DECR_LEN(len, state.size);
+	state.data = p;
+	p += state.size;
+
+	DECR_LEN(len, 12);
+	v = _gnutls_read_uint32(p);
+	p += 4;
+	creation_time.tv_sec = (v << 32) | _gnutls_read_uint32(p);
+	p += 4;
+	creation_time.tv_nsec = _gnutls_read_uint32(p);
+
+	ret = _gnutls_session_unpack(session, &state);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* No errors - Now return all the data to the caller */
+	data->prf = prf;
+	memcpy(data->resumption_master_secret, resumption_master_secret,
+	       resumption_master_secret_size);
+	memcpy(data->nonce, nonce, nonce_size);
+	data->nonce_size = nonce_size;
+	data->age_add = age_add;
+	data->lifetime = lifetime;
+	memcpy(&data->creation_time, &creation_time, sizeof(struct timespec));
+
+	return 0;
+}
+
+static int
+generate_session_ticket(gnutls_session_t session, tls13_ticket_st *ticket)
+{
+	int ret;
+	gnutls_datum_t packed = { NULL, 0 };
+	struct timespec now;
+	tls13_ticket_st ticket_data;
+
+	gnutls_gettime(&now);
+	if (session->internals.resumed) {
+		/* If we are resuming ensure that we don't extend the lifetime
+		 * of the ticket past the original session expiration time */
+		if (now.tv_sec >= session->security_parameters.timestamp + session->internals.expire_time)
+			return GNUTLS_E_INT_RET_0; /* don't send ticket */
+		else
+			ticket->lifetime = session->security_parameters.timestamp +
+					   session->internals.expire_time - now.tv_sec;
+	} else {
+		/* Set ticket lifetime to the default expiration time */
+		ticket->lifetime = session->internals.expire_time;
+	}
+
+	/* Generate a random 32-bit ticket nonce */
+	ticket->nonce_size = 4;
+
+	if ((ret = gnutls_rnd(GNUTLS_RND_NONCE,
+			ticket->nonce, ticket->nonce_size)) < 0)
+		return gnutls_assert_val(ret);
+
+	if ((ret = gnutls_rnd(GNUTLS_RND_NONCE, &ticket->age_add, sizeof(uint32_t))) < 0)
+		return gnutls_assert_val(ret);
+	/* This is merely to produce the same binder value on
+	 * different endian architectures. */
+#ifdef WORDS_BIGENDIAN
+	ticket->age_add = bswap_32(ticket->age_add);
+#endif
+
+	ticket->prf = session->security_parameters.prf;
+
+	/* Encrypt the ticket and place the result in ticket->ticket */
+	ticket_data.lifetime = ticket->lifetime;
+	ticket_data.age_add = ticket->age_add;
+	memcpy(&ticket_data.creation_time, &now, sizeof(struct timespec));
+	memcpy(ticket_data.nonce, ticket->nonce, ticket->nonce_size);
+	ticket_data.nonce_size = ticket->nonce_size;
+	ticket_data.prf = ticket->prf;
+	memcpy(&ticket_data.resumption_master_secret,
+	       session->key.proto.tls13.ap_rms,
+	       ticket->prf->output_size);
+
+	ret = pack_ticket(session, &ticket_data, &packed);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_encrypt_session_ticket(session, &packed, &ticket->ticket);
+	_gnutls_free_datum(&packed);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+static int append_nst_extension(void *ctx, gnutls_buffer_st *buf)
+{
+	gnutls_session_t session = ctx;
+	int ret;
+
+	if (!(session->internals.flags & GNUTLS_ENABLE_EARLY_DATA))
+		return 0;
+
+	ret = _gnutls_buffer_append_prefix(buf, 32,
+					   session->security_parameters.
+					   max_early_data_size);
+	if (ret < 0)
+		gnutls_assert();
+
+	return ret;
+}
+
+int _gnutls13_send_session_ticket(gnutls_session_t session, unsigned nr, unsigned again)
+{
+	int ret = 0;
+	mbuffer_st *bufel = NULL;
+	gnutls_buffer_st buf;
+	tls13_ticket_st ticket;
+	unsigned i;
+
+	/* Client does not send a NewSessionTicket */
+	if (unlikely(session->security_parameters.entity == GNUTLS_CLIENT))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	/* Session resumption has not been enabled */
+	if (session->internals.flags & GNUTLS_NO_TICKETS)
+		return gnutls_assert_val(0);
+
+	/* If we received the psk_key_exchange_modes extension which
+	 * does not have overlap with the server configuration, don't
+	 * send a session ticket */
+	if (session->internals.hsk_flags & HSK_PSK_KE_MODE_INVALID)
+		return gnutls_assert_val(0);
+
+	if (again == 0) {
+		for (i=0;i<nr;i++) {
+			unsigned init_pos;
+
+			memset(&ticket, 0, sizeof(tls13_ticket_st));
+			bufel = NULL;
+
+			ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			ret = generate_session_ticket(session, &ticket);
+			if (ret < 0) {
+				if (ret == GNUTLS_E_INT_RET_0) {
+					ret = gnutls_assert_val(0);
+					goto cleanup;
+				}
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			ret = _gnutls_buffer_append_prefix(&buf, 32, ticket.lifetime);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			ret = _gnutls_buffer_append_prefix(&buf, 32, ticket.age_add);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			/* append ticket_nonce */
+			ret = _gnutls_buffer_append_data_prefix(&buf, 8, ticket.nonce, ticket.nonce_size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			/* append ticket */
+			ret = _gnutls_buffer_append_data_prefix(&buf, 16, ticket.ticket.data, ticket.ticket.size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			_gnutls_free_datum(&ticket.ticket);
+
+			/* append extensions */
+			ret = _gnutls_extv_append_init(&buf);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			init_pos = ret;
+
+			ret = _gnutls_extv_append(&buf, ext_mod_early_data.tls_id, session,
+						  (extv_append_func)append_nst_extension);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			ret = _gnutls_extv_append_final(&buf, init_pos, 0);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			bufel = _gnutls_buffer_to_mbuffer(&buf);
+
+			ret = _gnutls_send_handshake2(session, bufel,
+						      GNUTLS_HANDSHAKE_NEW_SESSION_TICKET, 1);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			session->internals.hsk_flags |= HSK_TLS13_TICKET_SENT;
+		}
+	}
+
+	ret = _gnutls_handshake_io_write_flush(session);
+
+	return ret;
+
+cleanup:
+	_gnutls_free_datum(&ticket.ticket);
+	_mbuffer_xfree(&bufel);
+	_gnutls_buffer_clear(&buf);
+
+	return ret;
+}
+
+static int parse_nst_extension(void *ctx, unsigned tls_id, const unsigned char *data, unsigned data_size)
+{
+	gnutls_session_t session = ctx;
+	if (tls_id == ext_mod_early_data.tls_id) {
+		if (data_size < 4)
+			return gnutls_assert_val(GNUTLS_E_TLS_PACKET_DECODING_ERROR);
+		session->security_parameters.max_early_data_size =
+			_gnutls_read_uint32(data);
+	}
+	return 0;
+}
+
+int _gnutls13_recv_session_ticket(gnutls_session_t session, gnutls_buffer_st *buf)
+{
+	int ret;
+	uint8_t value;
+	tls13_ticket_st *ticket = &session->internals.tls13_ticket;
+	gnutls_datum_t t;
+	size_t val;
+
+	if (unlikely(buf == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	_gnutls_free_datum(&ticket->ticket);
+	memset(ticket, 0, sizeof(tls13_ticket_st));
+
+	_gnutls_handshake_log("HSK[%p]: parsing session ticket message\n", session);
+
+	/* ticket_lifetime */
+	ret = _gnutls_buffer_pop_prefix32(buf, &val, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+	ticket->lifetime = val;
+
+	/* ticket_age_add */
+	ret = _gnutls_buffer_pop_prefix32(buf, &val, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+	ticket->age_add = val;
+
+	/* ticket_nonce */
+	ret = _gnutls_buffer_pop_prefix8(buf, &value, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ticket->nonce_size = value;
+	ret = _gnutls_buffer_pop_data(buf, ticket->nonce, ticket->nonce_size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* ticket */
+	ret = _gnutls_buffer_pop_datum_prefix16(buf, &t);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	gnutls_free(ticket->ticket.data);
+	ret = _gnutls_set_datum(&ticket->ticket, t.data, t.size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* Extensions */
+	ret = _gnutls_extv_parse(session, parse_nst_extension, buf->data, buf->length);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* Record the ticket arrival time */
+	gnutls_gettime(&ticket->arrival_time);
+
+	return 0;
+}
+
+/*
+ * Parse the ticket in 'data' and return the resumption master secret
+ * and the KDF ID associated to it.
+ */
+int _gnutls13_unpack_session_ticket(gnutls_session_t session,
+		gnutls_datum_t *data,
+		tls13_ticket_st *ticket_data)
+{
+	int ret;
+	gnutls_datum_t decrypted = { NULL, 0 };
+
+	if (unlikely(data == NULL || ticket_data == NULL))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (!session->key.stek_initialized) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	/* Check MAC and decrypt ticket */
+	ret = _gnutls_decrypt_session_ticket(session, data, &decrypted);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* Return ticket parameters */
+	ret = unpack_ticket(session, &decrypted, ticket_data);
+	_gnutls_free_datum(&decrypted);
+	if (ret < 0)
+		return ret;
+
+	ret = _gnutls_check_resumed_params(session);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
diff --git a/lib/tls13/session_ticket.h b/lib/tls13/session_ticket.h
new file mode 100644
index 0000000..db0be15
--- /dev/null
+++ b/lib/tls13/session_ticket.h
@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos, Ander Juaristi
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_TLS13_SESSION_TICKET_H
+#define GNUTLS_LIB_TLS13_SESSION_TICKET_H
+
+int _gnutls13_recv_session_ticket(gnutls_session_t session, gnutls_buffer_st *buf);
+int _gnutls13_send_session_ticket(gnutls_session_t session, unsigned nr, unsigned again);
+
+static inline bool
+_gnutls13_can_send_session_ticket(gnutls_session_t session)
+{
+	return session->key.stek_initialized &&
+		!(session->internals.flags & GNUTLS_NO_TICKETS);
+}
+
+int _gnutls13_unpack_session_ticket(gnutls_session_t session,
+				    gnutls_datum_t *data,
+				    tls13_ticket_st *ticket_data);
+
+inline static
+void tls13_ticket_deinit(tls13_ticket_st *ticket)
+{
+	zeroize_temp_key(&ticket->resumption_master_secret,
+			 sizeof(ticket->resumption_master_secret));
+
+	_gnutls_free_datum(&ticket->ticket);
+	memset(ticket, 0, sizeof(tls13_ticket_st));
+}
+
+#endif /* GNUTLS_LIB_TLS13_SESSION_TICKET_H */
diff --git a/lib/tpm.c b/lib/tpm.c
new file mode 100644
index 0000000..46b1ca9
--- /dev/null
+++ b/lib/tpm.c
@@ -0,0 +1,1875 @@
+/*
+ * OpenConnect (SSL + DTLS) VPN client
+ *
+ * Copyright © 2012 Free Software Foundation.
+ * Copyright © 2008-2012 Intel Corporation.
+ * Copyright © 2015-2016 Red Hat, Inc.
+ *
+ * Author: David Woodhouse <dwmw2@infradead.org>
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * TPM code based on client-tpm.c from
+ * Carolin Latze <latze@angry-red-pla.net> and Tobias Soder
+ */
+
+#include <config.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/abstract.h>
+#include <gnutls/tpm.h>
+#include "gnutls_int.h"
+
+#ifdef HAVE_TROUSERS
+
+#include "errors.h"
+#include <pkcs11_int.h>
+#include <x509/common.h>
+#include <x509_b64.h>
+#include <random.h>
+#include <pin.h>
+#include <c-ctype.h>
+
+#include <dlfcn.h>
+#include <trousers/tss.h>
+#include <trousers/trousers.h>
+
+typedef char *(*Trspi_Error_Layer_func)(TSS_RESULT);
+typedef char *(*Trspi_Error_String_func)(TSS_RESULT);
+typedef TSS_RESULT (*Trspi_Error_Code_func)(TSS_RESULT);
+
+typedef TSS_RESULT (*Tspi_Context_CloseObject_func)(TSS_HCONTEXT, TSS_HOBJECT);
+typedef TSS_RESULT (*Tspi_Context_Close_func)(TSS_HCONTEXT);
+typedef TSS_RESULT (*Tspi_Context_CreateObject_func)(TSS_HCONTEXT, TSS_FLAG, TSS_FLAG, TSS_HOBJECT*);
+typedef TSS_RESULT (*Tspi_Context_FreeMemory_func)(TSS_HCONTEXT, BYTE*);
+typedef TSS_RESULT (*Tspi_Context_GetTpmObject_func)(TSS_HCONTEXT, TSS_HTPM*);
+typedef TSS_RESULT (*Tspi_Context_LoadKeyByUUID_func)(TSS_HCONTEXT, TSS_FLAG, TSS_UUID, TSS_HKEY*);
+typedef TSS_RESULT (*Tspi_Context_RegisterKey_func)(TSS_HCONTEXT, TSS_HKEY, TSS_FLAG, TSS_UUID, TSS_FLAG, TSS_UUID);
+typedef TSS_RESULT (*Tspi_Context_UnregisterKey_func)(TSS_HCONTEXT, TSS_FLAG, TSS_UUID, TSS_HKEY*);
+typedef TSS_RESULT (*Tspi_Key_CreateKey_func)(TSS_HKEY, TSS_HKEY, TSS_HPCRS);
+typedef TSS_RESULT (*Tspi_Hash_SetHashValue_func)(TSS_HHASH, UINT32, BYTE*);
+typedef TSS_RESULT (*Tspi_Hash_Sign_func)(TSS_HHASH, TSS_HKEY, UINT32*, BYTE**);
+typedef TSS_RESULT (*Tspi_Policy_SetSecret_func)(TSS_HPOLICY, TSS_FLAG, UINT32, BYTE*);
+typedef TSS_RESULT (*Tspi_Context_Create_func)(TSS_HCONTEXT*);
+typedef TSS_RESULT (*Tspi_Context_Connect_func)(TSS_HCONTEXT, TSS_UNICODE*);
+typedef TSS_RESULT (*Tspi_GetPolicyObject_func)(TSS_HOBJECT, TSS_FLAG, TSS_HPOLICY*);
+typedef TSS_RESULT (*Tspi_DecodeBER_TssBlob_func)(UINT32, BYTE*, UINT32*, UINT32*, BYTE*);
+typedef TSS_RESULT (*Tspi_Context_LoadKeyByBlob_func)(TSS_HCONTEXT, TSS_HKEY, UINT32, BYTE*, TSS_HKEY*);
+typedef TSS_RESULT (*Tspi_Policy_AssignToObject_func)(TSS_HPOLICY, TSS_HOBJECT);
+typedef TSS_RESULT (*Tspi_GetAttribData_func)(TSS_HOBJECT, TSS_FLAG, TSS_FLAG, UINT32*, BYTE**);
+typedef TSS_RESULT (*Tspi_GetAttribUint32_func)(TSS_HOBJECT, TSS_FLAG, TSS_FLAG, UINT32*);
+typedef TSS_RESULT (*Tspi_TPM_StirRandom_func)(TSS_HTPM, UINT32, BYTE*);
+typedef TSS_RESULT (*Tspi_SetAttribUint32_func)(TSS_HOBJECT, TSS_FLAG, TSS_FLAG, UINT32);
+typedef TSS_RESULT (*Tspi_EncodeDER_TssBlob_func)(UINT32, BYTE*, UINT32, UINT32*, BYTE*);
+typedef TSS_RESULT (*Tspi_Context_GetRegisteredKeysByUUID2_func)(TSS_HCONTEXT, TSS_FLAG, TSS_UUID*, UINT32*, TSS_KM_KEYINFO2**);
+
+static Tspi_Context_CloseObject_func pTspi_Context_CloseObject;
+static Tspi_Context_Close_func pTspi_Context_Close;
+static Tspi_Context_CreateObject_func pTspi_Context_CreateObject;
+static Tspi_Context_FreeMemory_func pTspi_Context_FreeMemory;
+static Tspi_Context_GetTpmObject_func pTspi_Context_GetTpmObject;
+static Tspi_Context_LoadKeyByUUID_func pTspi_Context_LoadKeyByUUID;
+static Tspi_Context_RegisterKey_func pTspi_Context_RegisterKey;
+static Tspi_Context_UnregisterKey_func pTspi_Context_UnregisterKey;
+static Tspi_Key_CreateKey_func pTspi_Key_CreateKey;
+static Tspi_Hash_SetHashValue_func pTspi_Hash_SetHashValue;
+static Tspi_Hash_Sign_func pTspi_Hash_Sign;
+static Tspi_Policy_SetSecret_func pTspi_Policy_SetSecret;
+static Tspi_Context_Create_func pTspi_Context_Create;
+static Tspi_Context_Connect_func pTspi_Context_Connect;
+static Tspi_GetPolicyObject_func pTspi_GetPolicyObject;
+static Tspi_DecodeBER_TssBlob_func pTspi_DecodeBER_TssBlob;
+static Tspi_Context_LoadKeyByBlob_func pTspi_Context_LoadKeyByBlob;
+static Tspi_Policy_AssignToObject_func pTspi_Policy_AssignToObject;
+static Tspi_GetAttribData_func pTspi_GetAttribData;
+static Tspi_GetAttribUint32_func pTspi_GetAttribUint32;
+static Tspi_Context_GetTpmObject_func pTspi_Context_GetTpmObject;
+static Tspi_TPM_StirRandom_func pTspi_TPM_StirRandom;
+static Tspi_SetAttribUint32_func pTspi_SetAttribUint32;
+static Tspi_EncodeDER_TssBlob_func pTspi_EncodeDER_TssBlob;
+static Tspi_Context_GetRegisteredKeysByUUID2_func pTspi_Context_GetRegisteredKeysByUUID2;
+
+static Trspi_Error_Layer_func pTrspi_Error_Layer;
+static Trspi_Error_String_func pTrspi_Error_String;
+static Trspi_Error_Code_func pTrspi_Error_Code;
+
+static void *tpm_dl = NULL;
+
+#define _DLSYM(dl, sym) \
+	p##sym = dlsym(dl, #sym); \
+	if (p##sym == NULL) { \
+		dlclose(dl); \
+		dl = NULL; \
+		return -1; \
+	}
+
+static int check_init(void)
+{
+	if (tpm_dl == NULL) {
+		tpm_dl = dlopen(TROUSERS_LIB, RTLD_LAZY);
+		if (tpm_dl == NULL) {
+			_gnutls_debug_log("couldn't open %s\n", TROUSERS_LIB);
+			return -1;
+		}
+
+		_DLSYM(tpm_dl,Tspi_Context_CloseObject);
+		_DLSYM(tpm_dl,Tspi_Context_Close);
+		_DLSYM(tpm_dl,Tspi_Context_CreateObject);
+		_DLSYM(tpm_dl,Tspi_Context_FreeMemory);
+		_DLSYM(tpm_dl,Tspi_Context_GetTpmObject);
+		_DLSYM(tpm_dl,Tspi_Context_LoadKeyByUUID);
+		_DLSYM(tpm_dl,Tspi_Context_RegisterKey);
+		_DLSYM(tpm_dl,Tspi_Context_UnregisterKey);
+		_DLSYM(tpm_dl,Tspi_Key_CreateKey);
+		_DLSYM(tpm_dl,Tspi_Hash_SetHashValue);
+		_DLSYM(tpm_dl,Tspi_Hash_Sign);
+		_DLSYM(tpm_dl,Tspi_Policy_SetSecret);
+		_DLSYM(tpm_dl,Tspi_Context_Create);
+		_DLSYM(tpm_dl,Tspi_Context_Connect);
+		_DLSYM(tpm_dl,Tspi_GetPolicyObject);
+		_DLSYM(tpm_dl,Tspi_DecodeBER_TssBlob);
+		_DLSYM(tpm_dl,Tspi_Context_LoadKeyByBlob);
+		_DLSYM(tpm_dl,Tspi_Policy_AssignToObject);
+		_DLSYM(tpm_dl,Tspi_GetAttribData);
+		_DLSYM(tpm_dl,Tspi_GetAttribUint32);
+		_DLSYM(tpm_dl,Tspi_Context_GetTpmObject);
+		_DLSYM(tpm_dl,Tspi_TPM_StirRandom);
+		_DLSYM(tpm_dl,Tspi_SetAttribUint32);
+		_DLSYM(tpm_dl,Tspi_EncodeDER_TssBlob);
+		_DLSYM(tpm_dl,Tspi_Context_GetRegisteredKeysByUUID2);
+
+		_DLSYM(tpm_dl,Trspi_Error_Layer);
+		_DLSYM(tpm_dl,Trspi_Error_String);
+		_DLSYM(tpm_dl,Trspi_Error_Code);
+	}
+
+	return 0;
+}
+
+#define CHECK_INIT \
+		if (check_init() < 0) return gnutls_assert_val(GNUTLS_E_TPM_NO_LIB)
+
+#define CHECK_INIT_VOID \
+		if (check_init() < 0) return
+
+void _gnutls_tpm_global_deinit(void)
+{
+	if (tpm_dl) {
+		dlclose(tpm_dl);
+		tpm_dl = NULL;
+	}
+}
+
+struct tpm_ctx_st {
+	TSS_HCONTEXT tpm_ctx;
+	TSS_HKEY tpm_key;
+	TSS_HPOLICY tpm_key_policy;
+	TSS_HKEY srk;
+	TSS_HPOLICY srk_policy;
+};
+
+struct tpm_key_list_st {
+	UINT32 size;
+	TSS_KM_KEYINFO2 *ki;
+	TSS_HCONTEXT tpm_ctx;
+};
+
+static void tpm_close_session(struct tpm_ctx_st *s);
+static int import_tpm_key(gnutls_privkey_t pkey,
+			  const gnutls_datum_t * fdata,
+			  gnutls_tpmkey_fmt_t format,
+			  TSS_UUID * uuid,
+			  TSS_FLAG storage_type,
+			  const char *srk_password,
+			  const char *key_password);
+static int encode_tpmkey_url(char **url, const TSS_UUID * uuid,
+			     TSS_FLAG storage);
+
+/* TPM URL format: (draft-mavrogiannopoulos-tpmuri-01)
+ *
+ * tpmkey:file=/path/to/file
+ * tpmkey:uuid=7f468c16-cb7f-11e1-824d-b3a4f4b20343;storage=user
+ * tpmkey:uuid=7f468c16-cb7f-11e1-824d-b3a4f4b20343;storage=system
+ *
+ */
+
+
+static int tss_err_pwd(TSS_RESULT err, int pwd_error)
+{
+	_gnutls_debug_log("TPM (%s) error: %s (%x)\n",
+			  pTrspi_Error_Layer(err), pTrspi_Error_String(err),
+			  (unsigned int) pTrspi_Error_Code(err));
+
+	switch (ERROR_LAYER(err)) {
+	case TSS_LAYER_TPM:
+		switch (ERROR_CODE(err)) {
+		case TPM_E_AUTHFAIL:
+			return pwd_error;
+		case TPM_E_NOSRK:
+			return GNUTLS_E_TPM_UNINITIALIZED;
+		default:
+			return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
+		}
+	case TSS_LAYER_TCS:
+	case TSS_LAYER_TSP:
+		switch (ERROR_CODE(err)) {
+		case TSS_E_COMM_FAILURE:
+		case TSS_E_NO_CONNECTION:
+		case TSS_E_CONNECTION_FAILED:
+		case TSS_E_CONNECTION_BROKEN:
+			return GNUTLS_E_TPM_SESSION_ERROR;
+		case TSS_E_PS_KEY_NOTFOUND:
+			return GNUTLS_E_TPM_KEY_NOT_FOUND;
+		default:
+			return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
+		}
+	default:
+		return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
+	}
+}
+
+#define tss_err(x) tss_err_pwd(x, GNUTLS_E_TPM_SRK_PASSWORD_ERROR)
+#define tss_err_key(x) tss_err_pwd(x, GNUTLS_E_TPM_KEY_PASSWORD_ERROR)
+
+static void tpm_deinit_fn(gnutls_privkey_t key, void *_s)
+{
+	struct tpm_ctx_st *s = _s;
+
+	pTspi_Context_CloseObject(s->tpm_ctx, s->tpm_key_policy);
+	pTspi_Context_CloseObject(s->tpm_ctx, s->tpm_key);
+
+	tpm_close_session(s);
+	gnutls_free(s);
+}
+
+static int
+tpm_sign_fn(gnutls_privkey_t key, void *_s,
+	    const gnutls_datum_t * data, gnutls_datum_t * sig)
+{
+	struct tpm_ctx_st *s = _s;
+	TSS_HHASH hash;
+	int err;
+
+	_gnutls_debug_log("TPM sign function called for %u bytes.\n",
+			  data->size);
+
+	err =
+	    pTspi_Context_CreateObject(s->tpm_ctx,
+				      TSS_OBJECT_TYPE_HASH, TSS_HASH_OTHER,
+				      &hash);
+	if (err) {
+		gnutls_assert();
+		_gnutls_debug_log("Failed to create TPM hash object: %s\n",
+				  pTrspi_Error_String(err));
+		return GNUTLS_E_PK_SIGN_FAILED;
+	}
+	err = pTspi_Hash_SetHashValue(hash, data->size, data->data);
+	if (err) {
+		gnutls_assert();
+		_gnutls_debug_log
+		    ("Failed to set value in TPM hash object: %s\n",
+		     pTrspi_Error_String(err));
+		pTspi_Context_CloseObject(s->tpm_ctx, hash);
+		return GNUTLS_E_PK_SIGN_FAILED;
+	}
+	err = pTspi_Hash_Sign(hash, s->tpm_key, &sig->size, &sig->data);
+	pTspi_Context_CloseObject(s->tpm_ctx, hash);
+	if (err) {
+		if (s->tpm_key_policy || err != TPM_E_AUTHFAIL)
+			_gnutls_debug_log
+			    ("TPM hash signature failed: %s\n",
+			     pTrspi_Error_String(err));
+		if (err == TPM_E_AUTHFAIL)
+			return GNUTLS_E_TPM_KEY_PASSWORD_ERROR;
+		else
+			return GNUTLS_E_PK_SIGN_FAILED;
+	}
+	return 0;
+}
+
+static const unsigned char nullpass[20];
+static const gnutls_datum_t nulldata = { (void *) nullpass, 20 };
+
+const TSS_UUID srk_uuid = TSS_UUID_SRK;
+
+static int tpm_pin(struct pin_info_st *pin_info, const TSS_UUID * uuid,
+		   TSS_FLAG storage, char *pin, unsigned int pin_size,
+		   unsigned int attempts)
+{
+	unsigned int flags = 0;
+	const char *label;
+	char *url = NULL;
+	int ret;
+
+	if (attempts > 0)
+		flags |= GNUTLS_PIN_WRONG;
+
+	if (uuid) {
+		if (memcmp(uuid, &srk_uuid, sizeof(TSS_UUID)) == 0) {
+			label = "SRK";
+
+			ret = encode_tpmkey_url(&url, uuid, storage);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		} else {
+			label = "TPM";
+
+			ret = encode_tpmkey_url(&url, uuid, storage);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+	} else
+		label = "unknown";
+
+	ret = _gnutls_retrieve_pin(pin_info, url, label, flags, pin, pin_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+      cleanup:
+	gnutls_free(url);
+	return ret;
+}
+
+
+static TSS_RESULT myTspi_Policy_SetSecret(TSS_HPOLICY hPolicy,
+					  UINT32 ulSecretLength,
+					  BYTE * rgbSecret)
+{
+	if (rgbSecret == NULL) {
+		/* Well known NULL key */
+		return pTspi_Policy_SetSecret(hPolicy,
+					     TSS_SECRET_MODE_SHA1,
+					     sizeof(nullpass),
+					     (BYTE *) nullpass);
+	} else {		/* key is given */
+
+		return pTspi_Policy_SetSecret(hPolicy,
+					     TSS_SECRET_MODE_PLAIN,
+					     ulSecretLength, rgbSecret);
+	}
+}
+
+#define SAFE_LEN(x) (x==NULL?0:strlen(x))
+
+static int tpm_open_session(struct tpm_ctx_st *s, const char *_srk_password, unsigned allow_invalid_pass)
+{
+	int err, ret;
+	char *password = NULL;
+
+	err = pTspi_Context_Create(&s->tpm_ctx);
+	if (err) {
+		gnutls_assert();
+		return tss_err(err);
+	}
+
+	if (_srk_password != NULL) {
+		gnutls_datum_t pout;
+		ret = _gnutls_utf8_password_normalize(_srk_password, strlen(_srk_password), &pout, allow_invalid_pass);
+		if (ret < 0) {
+			gnutls_assert();
+			goto out_tspi_ctx;
+		}
+		password = (char*)pout.data;
+	}
+
+	err = pTspi_Context_Connect(s->tpm_ctx, NULL);
+	if (err) {
+		gnutls_assert();
+		ret = tss_err(err);
+		goto out_tspi_ctx;
+	}
+
+	err =
+	    pTspi_Context_LoadKeyByUUID(s->tpm_ctx, TSS_PS_TYPE_SYSTEM,
+				       srk_uuid, &s->srk);
+	if (err) {
+		gnutls_assert();
+		ret = tss_err(err);
+		goto out_tspi_ctx;
+	}
+
+	err =
+	    pTspi_GetPolicyObject(s->srk, TSS_POLICY_USAGE, &s->srk_policy);
+	if (err) {
+		gnutls_assert();
+		ret = tss_err(err);
+		goto out_srk;
+	}
+
+	err = myTspi_Policy_SetSecret(s->srk_policy,
+				      SAFE_LEN(password),
+				      (BYTE *) password);
+	if (err) {
+		gnutls_assert();
+		ret = tss_err(err);
+		goto out_srkpol;
+	}
+	gnutls_free(password);
+
+	return 0;
+
+      out_srkpol:
+	pTspi_Context_CloseObject(s->tpm_ctx, s->srk_policy);
+	s->srk_policy = 0;
+      out_srk:
+	pTspi_Context_CloseObject(s->tpm_ctx, s->srk);
+	s->srk = 0;
+      out_tspi_ctx:
+	pTspi_Context_Close(s->tpm_ctx);
+	s->tpm_ctx = 0;
+	gnutls_free(password);
+	return ret;
+
+}
+
+static void tpm_close_session(struct tpm_ctx_st *s)
+{
+	pTspi_Context_CloseObject(s->tpm_ctx, s->srk_policy);
+	s->srk_policy = 0;
+	pTspi_Context_CloseObject(s->tpm_ctx, s->srk);
+	s->srk = 0;
+	pTspi_Context_Close(s->tpm_ctx);
+	s->tpm_ctx = 0;
+}
+
+static int
+import_tpm_key_cb(gnutls_privkey_t pkey, const gnutls_datum_t * fdata,
+		  gnutls_tpmkey_fmt_t format, TSS_UUID * uuid,
+		  TSS_FLAG storage, const char *srk_password,
+		  const char *key_password)
+{
+	unsigned int attempts = 0;
+	char pin1[GNUTLS_PKCS11_MAX_PIN_LEN];
+	char pin2[GNUTLS_PKCS11_MAX_PIN_LEN];
+	int ret, ret2;
+
+	do {
+		ret =
+		    import_tpm_key(pkey, fdata, format, uuid, storage,
+				   srk_password, key_password);
+
+		if (attempts > 3)
+			break;
+
+		if (ret == GNUTLS_E_TPM_SRK_PASSWORD_ERROR) {
+			ret2 =
+			    tpm_pin(&pkey->pin, &srk_uuid, storage, pin1,
+				    sizeof(pin1), attempts++);
+			if (ret2 < 0) {
+				gnutls_assert();
+				return GNUTLS_E_TPM_SRK_PASSWORD_ERROR;
+			}
+			srk_password = pin1;
+		}
+
+		if (ret == GNUTLS_E_TPM_KEY_PASSWORD_ERROR) {
+			ret2 =
+			    tpm_pin(&pkey->pin, uuid, storage, pin2,
+				    sizeof(pin2), attempts++);
+			if (ret2 < 0) {
+				gnutls_assert();
+				return GNUTLS_E_TPM_KEY_PASSWORD_ERROR;
+			}
+			key_password = pin2;
+		}
+	}
+	while (ret == GNUTLS_E_TPM_KEY_PASSWORD_ERROR
+	       || ret == GNUTLS_E_TPM_SRK_PASSWORD_ERROR);
+
+	if (ret < 0)
+		gnutls_assert();
+	return ret;
+}
+
+static int load_key(TSS_HCONTEXT tpm_ctx, TSS_HKEY srk,
+		    const gnutls_datum_t * fdata,
+		    gnutls_tpmkey_fmt_t format, TSS_HKEY * tpm_key)
+{
+	int ret, err;
+	gnutls_datum_t asn1 = { NULL, 0 };
+
+	if (format == GNUTLS_TPMKEY_FMT_CTK_PEM) {
+		gnutls_datum_t td;
+
+		ret =
+		    gnutls_pem_base64_decode2("TSS KEY BLOB", fdata,
+					      &asn1);
+		if (ret) {
+			gnutls_assert();
+			_gnutls_debug_log
+			    ("Error decoding TSS key blob: %s\n",
+			     gnutls_strerror(ret));
+			return ret;
+		}
+
+		ret =
+		    _gnutls_x509_decode_string(ASN1_ETYPE_OCTET_STRING,
+					       asn1.data, asn1.size, &td, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		gnutls_free(asn1.data);
+		asn1.data = td.data;
+		asn1.size = td.size;
+	} else {		/* DER */
+
+		UINT32 tint2;
+		UINT32 type;
+
+		asn1.size = fdata->size;
+		asn1.data = gnutls_malloc(asn1.size);
+		if (asn1.data == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+
+		tint2 = asn1.size;
+		err =
+		    pTspi_DecodeBER_TssBlob(fdata->size, fdata->data, &type,
+					   &tint2, asn1.data);
+		if (err != 0) {
+			gnutls_assert();
+			ret = tss_err(err);
+			goto cleanup;
+		}
+
+		asn1.size = tint2;
+	}
+
+	/* ... we get it here instead. */
+	err = pTspi_Context_LoadKeyByBlob(tpm_ctx, srk,
+					 asn1.size, asn1.data, tpm_key);
+	if (err != 0) {
+		gnutls_assert();
+		ret = tss_err(err);
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	gnutls_free(asn1.data);
+
+	return ret;
+}
+
+static int
+import_tpm_key(gnutls_privkey_t pkey,
+	       const gnutls_datum_t * fdata,
+	       gnutls_tpmkey_fmt_t format,
+	       TSS_UUID * uuid,
+	       TSS_FLAG storage,
+	       const char *srk_password, const char *_key_password)
+{
+	int err, ret;
+	struct tpm_ctx_st *s;
+	gnutls_datum_t tmp_sig;
+	char *key_password = NULL;
+	uint32_t authusage;
+
+	s = gnutls_malloc(sizeof(*s));
+	if (s == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	if (_key_password != NULL) {
+		gnutls_datum_t pout;
+		ret = _gnutls_utf8_password_normalize(_key_password, strlen(_key_password), &pout, 1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto out_ctx;
+		}
+		key_password = (char*)pout.data;
+	}
+
+	/* normalization of srk_password happens in tpm_open_session() */
+
+	ret = tpm_open_session(s, srk_password, 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto out_ctx;
+	}
+
+	if (fdata != NULL) {
+		ret =
+		    load_key(s->tpm_ctx, s->srk, fdata, format,
+			     &s->tpm_key);
+		if (ret < 0) {
+			gnutls_assert();
+			goto out_session;
+		}
+	} else if (uuid) {
+		err =
+		    pTspi_Context_LoadKeyByUUID(s->tpm_ctx, storage,
+					       *uuid, &s->tpm_key);
+
+		if (err) {
+			gnutls_assert();
+			ret = tss_err(err);
+			goto out_session;
+		}
+	} else {
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto out_session;
+	}
+
+	err = pTspi_GetAttribUint32(s->tpm_key, TSS_TSPATTRIB_KEY_INFO,
+				    TSS_TSPATTRIB_KEYINFO_AUTHUSAGE,
+				    &authusage);
+	if (err) {
+		gnutls_assert();
+		ret = tss_err(err);
+		goto out_session;
+	}
+
+	if (authusage) {
+		if (!_key_password) {
+			ret = GNUTLS_E_TPM_KEY_PASSWORD_ERROR;
+			goto out_session;
+		}
+
+		err = pTspi_Context_CreateObject(s->tpm_ctx,
+						 TSS_OBJECT_TYPE_POLICY,
+						 TSS_POLICY_USAGE,
+						 &s->tpm_key_policy);
+		if (err) {
+			gnutls_assert();
+			ret = tss_err(err);
+			goto out_key;
+		}
+
+		err = pTspi_Policy_AssignToObject(s->tpm_key_policy,
+						       s->tpm_key);
+		if (err) {
+			gnutls_assert();
+			ret = tss_err(err);
+			goto out_key_policy;
+		}
+
+		err = myTspi_Policy_SetSecret(s->tpm_key_policy,
+					      SAFE_LEN(key_password),
+					      (void *) key_password);
+
+		if (err) {
+			gnutls_assert();
+			ret = tss_err_key(err);
+			goto out_key_policy;
+		}
+	}
+
+	ret =
+	    gnutls_privkey_import_ext2(pkey, GNUTLS_PK_RSA, s,
+				       tpm_sign_fn, NULL, tpm_deinit_fn,
+				       0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto out_session;
+	}
+
+	ret =
+	    gnutls_privkey_sign_data(pkey, GNUTLS_DIG_SHA1, 0, &nulldata,
+				     &tmp_sig);
+	if (ret < 0) {
+		gnutls_assert();
+		goto out_session;
+	}
+
+	gnutls_free(key_password);
+
+	return 0;
+      out_key_policy:
+	pTspi_Context_CloseObject(s->tpm_ctx, s->tpm_key_policy);
+	s->tpm_key_policy = 0;
+      out_key:
+	pTspi_Context_CloseObject(s->tpm_ctx, s->tpm_key);
+	s->tpm_key = 0;
+      out_session:
+	_gnutls_privkey_cleanup(pkey);
+	tpm_close_session(s);
+      out_ctx:
+	gnutls_free(s);
+	gnutls_free(key_password);
+	return ret;
+}
+
+/**
+ * gnutls_privkey_import_tpm_raw:
+ * @pkey: The private key
+ * @fdata: The TPM key to be imported
+ * @format: The format of the private key
+ * @srk_password: The password for the SRK key (optional)
+ * @key_password: A password for the key (optional)
+ * @flags: should be zero
+ *
+ * This function will import the given private key to the abstract
+ * #gnutls_privkey_t type. 
+ *
+ * With respect to passwords the same as in gnutls_privkey_import_tpm_url() apply.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.0
+ *
+ **/
+int
+gnutls_privkey_import_tpm_raw(gnutls_privkey_t pkey,
+			      const gnutls_datum_t * fdata,
+			      gnutls_tpmkey_fmt_t format,
+			      const char *srk_password,
+			      const char *key_password, unsigned int flags)
+{
+	CHECK_INIT;
+
+	if (flags & GNUTLS_PRIVKEY_DISABLE_CALLBACKS)
+		return import_tpm_key(pkey, fdata, format, NULL, 0,
+				      srk_password, key_password);
+	else
+		return import_tpm_key_cb(pkey, fdata, format, NULL, 0,
+					 srk_password, key_password);
+}
+
+struct tpmkey_url_st {
+	char *filename;
+	TSS_UUID uuid;
+	TSS_FLAG storage;
+	unsigned int uuid_set;
+};
+
+static void clear_tpmkey_url(struct tpmkey_url_st *s)
+{
+	gnutls_free(s->filename);
+	memset(s, 0, sizeof(*s));
+}
+
+static int
+unescape_string(char *output, const char *input, size_t * size,
+		char terminator)
+{
+	gnutls_buffer_st str;
+	int ret = 0;
+	char *p;
+	int len;
+
+	_gnutls_buffer_init(&str);
+
+	/* find terminator */
+	p = strchr(input, terminator);
+	if (p != NULL)
+		len = p - input;
+	else
+		len = strlen(input);
+
+	ret = _gnutls_buffer_append_data(&str, input, len);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_buffer_unescape(&str);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_buffer_append_data(&str, "", 1);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_buffer_pop_data(&str, output, str.length);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	_gnutls_buffer_clear(&str);
+
+	return ret;
+}
+
+#define UUID_SIZE 16
+
+static int randomize_uuid(TSS_UUID * uuid)
+{
+	uint8_t raw_uuid[16];
+	int ret;
+
+	ret = gnutls_rnd(GNUTLS_RND_NONCE, raw_uuid, sizeof(raw_uuid));
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* mark it as random uuid */
+	raw_uuid[6] &= 0x0f;
+	raw_uuid[6] |= 0x40;
+	raw_uuid[8] &= 0x0f;
+	raw_uuid[8] |= 0x80;
+
+	memcpy(&uuid->ulTimeLow, raw_uuid, 4);
+	memcpy(&uuid->usTimeMid, &raw_uuid[4], 2);
+	memcpy(&uuid->usTimeHigh, &raw_uuid[6], 2);
+	uuid->bClockSeqHigh = raw_uuid[8];
+	uuid->bClockSeqLow = raw_uuid[9];
+	memcpy(&uuid->rgbNode, &raw_uuid[10], 6);
+
+	return 0;
+}
+
+static int encode_tpmkey_url(char **url, const TSS_UUID * uuid,
+			     TSS_FLAG storage)
+{
+	uint8_t u1[UUID_SIZE];
+	gnutls_buffer_st buf;
+	gnutls_datum_t dret;
+	int ret;
+
+	_gnutls_buffer_init(&buf);
+
+	memcpy(u1, &uuid->ulTimeLow, 4);
+	memcpy(&u1[4], &uuid->usTimeMid, 2);
+	memcpy(&u1[6], &uuid->usTimeHigh, 2);
+	u1[8] = uuid->bClockSeqHigh;
+	u1[9] = uuid->bClockSeqLow;
+	memcpy(&u1[10], uuid->rgbNode, 6);
+
+	ret = _gnutls_buffer_append_str(&buf, "tpmkey:uuid=");
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_buffer_append_printf(&buf,
+					 "%.2x%.2x%.2x%.2x-%.2x%.2x-%.2x%.2x-%.2x%.2x-%.2x%.2x%.2x%.2x%.2x%.2x",
+					 (unsigned int) u1[0],
+					 (unsigned int) u1[1],
+					 (unsigned int) u1[2],
+					 (unsigned int) u1[3],
+					 (unsigned int) u1[4],
+					 (unsigned int) u1[5],
+					 (unsigned int) u1[6],
+					 (unsigned int) u1[7],
+					 (unsigned int) u1[8],
+					 (unsigned int) u1[9],
+					 (unsigned int) u1[10],
+					 (unsigned int) u1[11],
+					 (unsigned int) u1[12],
+					 (unsigned int) u1[13],
+					 (unsigned int) u1[14],
+					 (unsigned int) u1[15]);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_buffer_append_printf(&buf, ";storage=%s",
+					 (storage ==
+					  TSS_PS_TYPE_USER) ? "user" :
+					 "system");
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_buffer_to_datum(&buf, &dret, 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	*url = (char *) dret.data;
+
+	return 0;
+      cleanup:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+static int decode_tpmkey_url(const char *url, struct tpmkey_url_st *s)
+{
+	char *p;
+	size_t size;
+	int ret;
+	unsigned int i, j;
+
+	if (strstr(url, "tpmkey:") == NULL)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	memset(s, 0, sizeof(*s));
+
+	p = strstr(url, "file=");
+	if (p != NULL) {
+		p += sizeof("file=") - 1;
+		size = strlen(p);
+		s->filename = gnutls_malloc(size + 1);
+		if (s->filename == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		ret = unescape_string(s->filename, p, &size, ';');
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		s->filename[size] = 0;
+	} else if ((p = strstr(url, "uuid=")) != NULL) {
+		char tmp_uuid[33];
+		uint8_t raw_uuid[16];
+		gnutls_datum_t tmp;
+
+		p += sizeof("uuid=") - 1;
+		size = strlen(p);
+
+		for (j = i = 0; i < size; i++) {
+			if (j == sizeof(tmp_uuid) - 1) {
+				break;
+			}
+			if (c_isalnum(p[i]))
+				tmp_uuid[j++] = p[i];
+		}
+		tmp_uuid[j] = 0;
+
+		tmp.data = (void*)tmp_uuid;
+		tmp.size = strlen(tmp_uuid);
+		size = sizeof(raw_uuid);
+		ret =
+		    gnutls_hex_decode(&tmp, raw_uuid,
+				      &size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		memcpy(&s->uuid.ulTimeLow, raw_uuid, 4);
+		memcpy(&s->uuid.usTimeMid, &raw_uuid[4], 2);
+		memcpy(&s->uuid.usTimeHigh, &raw_uuid[6], 2);
+		s->uuid.bClockSeqHigh = raw_uuid[8];
+		s->uuid.bClockSeqLow = raw_uuid[9];
+		memcpy(&s->uuid.rgbNode, &raw_uuid[10], 6);
+		s->uuid_set = 1;
+	} else {
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+	}
+
+	if (strstr(url, "storage=user") != NULL)
+		s->storage = TSS_PS_TYPE_USER;
+	else
+		s->storage = TSS_PS_TYPE_SYSTEM;
+
+	return 0;
+
+      cleanup:
+	clear_tpmkey_url(s);
+	return ret;
+}
+
+/**
+ * gnutls_privkey_import_tpm_url:
+ * @pkey: The private key
+ * @url: The URL of the TPM key to be imported
+ * @srk_password: The password for the SRK key (optional)
+ * @key_password: A password for the key (optional)
+ * @flags: One of the GNUTLS_PRIVKEY_* flags
+ *
+ * This function will import the given private key to the abstract
+ * #gnutls_privkey_t type.
+ *
+ * Note that unless %GNUTLS_PRIVKEY_DISABLE_CALLBACKS
+ * is specified, if incorrect (or NULL) passwords are given
+ * the PKCS11 callback functions will be used to obtain the
+ * correct passwords. Otherwise if the SRK password is wrong
+ * %GNUTLS_E_TPM_SRK_PASSWORD_ERROR is returned and if the key password
+ * is wrong or not provided then %GNUTLS_E_TPM_KEY_PASSWORD_ERROR
+ * is returned. 
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.0
+ *
+ **/
+int
+gnutls_privkey_import_tpm_url(gnutls_privkey_t pkey,
+			      const char *url,
+			      const char *srk_password,
+			      const char *key_password, unsigned int flags)
+{
+	struct tpmkey_url_st durl;
+	gnutls_datum_t fdata = { NULL, 0 };
+	int ret;
+
+	CHECK_INIT;
+
+	ret = decode_tpmkey_url(url, &durl);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (durl.filename) {
+		ret = gnutls_load_file(durl.filename, &fdata);
+		if (ret < 0) {
+			gnutls_assert();
+			_gnutls_debug_log("Error loading %s\n",
+					  durl.filename);
+			goto cleanup;
+		}
+
+		ret =
+		    gnutls_privkey_import_tpm_raw(pkey, &fdata,
+						  GNUTLS_TPMKEY_FMT_CTK_PEM,
+						  srk_password,
+						  key_password, flags);
+		if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR)
+			ret =
+			    gnutls_privkey_import_tpm_raw(pkey, &fdata,
+							  GNUTLS_TPMKEY_FMT_RAW,
+							  srk_password,
+							  key_password,
+							  flags);
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	} else if (durl.uuid_set) {
+		if (flags & GNUTLS_PRIVKEY_DISABLE_CALLBACKS)
+			ret =
+			    import_tpm_key(pkey, NULL, 0, &durl.uuid,
+					   durl.storage, srk_password,
+					   key_password);
+		else
+			ret =
+			    import_tpm_key_cb(pkey, NULL, 0, &durl.uuid,
+					      durl.storage, srk_password,
+					      key_password);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret = 0;
+      cleanup:
+	gnutls_free(fdata.data);
+	clear_tpmkey_url(&durl);
+	return ret;
+}
+
+
+/* reads the RSA public key from the given TSS key.
+ * If psize is non-null it contains the total size of the parameters
+ * in bytes */
+static int read_pubkey(gnutls_pubkey_t pub, TSS_HKEY key_ctx,
+		       size_t * psize)
+{
+	void *tdata;
+	UINT32 tint;
+	TSS_RESULT tssret;
+	gnutls_datum_t m, e;
+	int ret;
+
+	/* read the public key */
+
+	tssret = pTspi_GetAttribData(key_ctx, TSS_TSPATTRIB_RSAKEY_INFO,
+				    TSS_TSPATTRIB_KEYINFO_RSA_MODULUS,
+				    &tint, (void *) &tdata);
+	if (tssret != 0) {
+		gnutls_assert();
+		return tss_err(tssret);
+	}
+
+	m.data = tdata;
+	m.size = tint;
+
+	tssret = pTspi_GetAttribData(key_ctx, TSS_TSPATTRIB_RSAKEY_INFO,
+				    TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT,
+				    &tint, (void *) &tdata);
+	if (tssret != 0) {
+		gnutls_assert();
+		pTspi_Context_FreeMemory(key_ctx, m.data);
+		return tss_err(tssret);
+	}
+
+	e.data = tdata;
+	e.size = tint;
+
+	ret = gnutls_pubkey_import_rsa_raw(pub, &m, &e);
+
+	pTspi_Context_FreeMemory(key_ctx, m.data);
+	pTspi_Context_FreeMemory(key_ctx, e.data);
+
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (psize)
+		*psize = e.size + m.size;
+
+	return 0;
+}
+
+
+
+static int
+import_tpm_pubkey(gnutls_pubkey_t pkey,
+		  const gnutls_datum_t * fdata,
+		  gnutls_tpmkey_fmt_t format,
+		  TSS_UUID * uuid,
+		  TSS_FLAG storage, const char *srk_password)
+{
+	int err, ret;
+	struct tpm_ctx_st s;
+
+	ret = tpm_open_session(&s, srk_password, 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (fdata != NULL) {
+		ret =
+		    load_key(s.tpm_ctx, s.srk, fdata, format, &s.tpm_key);
+		if (ret < 0) {
+			gnutls_assert();
+			goto out_session;
+		}
+	} else if (uuid) {
+		err =
+		    pTspi_Context_LoadKeyByUUID(s.tpm_ctx, storage,
+					       *uuid, &s.tpm_key);
+		if (err) {
+			gnutls_assert();
+			ret = tss_err(err);
+			goto out_session;
+		}
+	} else {
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto out_session;
+	}
+
+	ret = read_pubkey(pkey, s.tpm_key, NULL);
+	if (ret < 0) {
+		gnutls_assert();
+		goto out_session;
+	}
+
+	ret = 0;
+      out_session:
+	tpm_close_session(&s);
+	return ret;
+}
+
+static int
+import_tpm_pubkey_cb(gnutls_pubkey_t pkey,
+		     const gnutls_datum_t * fdata,
+		     gnutls_tpmkey_fmt_t format,
+		     TSS_UUID * uuid,
+		     TSS_FLAG storage, const char *srk_password)
+{
+	unsigned int attempts = 0;
+	char pin1[GNUTLS_PKCS11_MAX_PIN_LEN];
+	int ret, sret;
+
+	do {
+		ret =
+		    import_tpm_pubkey(pkey, fdata, format, uuid, storage,
+				      srk_password);
+
+		if (attempts > 3)
+			break;
+
+		if (ret == GNUTLS_E_TPM_SRK_PASSWORD_ERROR) {
+			sret =
+			    tpm_pin(&pkey->pin, &srk_uuid, storage, pin1,
+				    sizeof(pin1), attempts++);
+			if (sret < 0) {
+				gnutls_assert();
+				return GNUTLS_E_TPM_SRK_PASSWORD_ERROR;
+			}
+			srk_password = pin1;
+		}
+	}
+	while (ret == GNUTLS_E_TPM_SRK_PASSWORD_ERROR);
+
+	if (ret < 0)
+		gnutls_assert();
+	return ret;
+}
+
+
+/**
+ * gnutls_pubkey_import_tpm_raw:
+ * @pkey: The public key
+ * @fdata: The TPM key to be imported
+ * @format: The format of the private key
+ * @srk_password: The password for the SRK key (optional)
+ * @flags: One of the GNUTLS_PUBKEY_* flags
+ *
+ * This function will import the public key from the provided TPM key
+ * structure.
+ *
+ * With respect to passwords the same as in
+ * gnutls_pubkey_import_tpm_url() apply.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.0
+ **/
+int
+gnutls_pubkey_import_tpm_raw(gnutls_pubkey_t pkey,
+			     const gnutls_datum_t * fdata,
+			     gnutls_tpmkey_fmt_t format,
+			     const char *srk_password, unsigned int flags)
+{
+	CHECK_INIT;
+
+	if (flags & GNUTLS_PUBKEY_DISABLE_CALLBACKS)
+		return import_tpm_pubkey_cb(pkey, fdata, format, NULL, 0,
+					    srk_password);
+	else
+		return import_tpm_pubkey(pkey, fdata, format, NULL, 0,
+					 srk_password);
+}
+
+/**
+ * gnutls_pubkey_import_tpm_url:
+ * @pkey: The public key
+ * @url: The URL of the TPM key to be imported
+ * @srk_password: The password for the SRK key (optional)
+ * @flags: should be zero
+ *
+ * This function will import the given private key to the abstract
+ * #gnutls_privkey_t type. 
+ *
+ * Note that unless %GNUTLS_PUBKEY_DISABLE_CALLBACKS
+ * is specified, if incorrect (or NULL) passwords are given
+ * the PKCS11 callback functions will be used to obtain the
+ * correct passwords. Otherwise if the SRK password is wrong
+ * %GNUTLS_E_TPM_SRK_PASSWORD_ERROR is returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.0
+ *
+ **/
+int
+gnutls_pubkey_import_tpm_url(gnutls_pubkey_t pkey,
+			     const char *url,
+			     const char *srk_password, unsigned int flags)
+{
+	struct tpmkey_url_st durl;
+	gnutls_datum_t fdata = { NULL, 0 };
+	int ret;
+
+	CHECK_INIT;
+
+	ret = decode_tpmkey_url(url, &durl);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (durl.filename) {
+
+		ret = gnutls_load_file(durl.filename, &fdata);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret =
+		    gnutls_pubkey_import_tpm_raw(pkey, &fdata,
+						 GNUTLS_TPMKEY_FMT_CTK_PEM,
+						 srk_password, flags);
+		if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR)
+			ret =
+			    gnutls_pubkey_import_tpm_raw(pkey, &fdata,
+							 GNUTLS_TPMKEY_FMT_RAW,
+							 srk_password,
+							 flags);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	} else if (durl.uuid_set) {
+		if (flags & GNUTLS_PUBKEY_DISABLE_CALLBACKS)
+			ret =
+			    import_tpm_pubkey(pkey, NULL, 0, &durl.uuid,
+					      durl.storage, srk_password);
+		else
+			ret =
+			    import_tpm_pubkey_cb(pkey, NULL, 0, &durl.uuid,
+						 durl.storage,
+						 srk_password);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret = 0;
+      cleanup:
+	gnutls_free(fdata.data);
+	clear_tpmkey_url(&durl);
+	return ret;
+}
+
+
+/**
+ * gnutls_tpm_privkey_generate:
+ * @pk: the public key algorithm
+ * @bits: the security bits
+ * @srk_password: a password to protect the exported key (optional)
+ * @key_password: the password for the TPM (optional)
+ * @format: the format of the private key
+ * @pub_format: the format of the public key
+ * @privkey: the generated key
+ * @pubkey: the corresponding public key (may be null)
+ * @flags: should be a list of GNUTLS_TPM_* flags
+ *
+ * This function will generate a private key in the TPM
+ * chip. The private key will be generated within the chip
+ * and will be exported in a wrapped with TPM's master key
+ * form. Furthermore the wrapped key can be protected with
+ * the provided @password.
+ *
+ * Note that bits in TPM is quantized value. If the input value
+ * is not one of the allowed values, then it will be quantized to
+ * one of 512, 1024, 2048, 4096, 8192 and 16384.
+ *
+ * Allowed flags are:
+ *
+ * %GNUTLS_TPM_KEY_SIGNING: Generate a signing key instead of a legacy,
+ *
+ * %GNUTLS_TPM_REGISTER_KEY: Register the generate key in TPM. In that
+ * case @privkey would contain a URL with the UUID.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.0
+ **/
+int
+gnutls_tpm_privkey_generate(gnutls_pk_algorithm_t pk, unsigned int bits,
+			    const char *srk_password,
+			    const char *key_password,
+			    gnutls_tpmkey_fmt_t format,
+			    gnutls_x509_crt_fmt_t pub_format,
+			    gnutls_datum_t * privkey,
+			    gnutls_datum_t * pubkey, unsigned int flags)
+{
+	TSS_FLAG tpm_flags = TSS_KEY_VOLATILE;
+	TSS_HKEY key_ctx;
+	TSS_RESULT tssret;
+	int ret;
+	void *tdata;
+	UINT32 tint;
+	gnutls_datum_t tmpkey = { NULL, 0 };
+	TSS_HPOLICY key_policy;
+	gnutls_pubkey_t pub;
+	struct tpm_ctx_st s;
+	TSS_FLAG storage_type;
+	TSS_HTPM htpm;
+	uint8_t buf[32];
+
+	CHECK_INIT;
+
+	privkey->data = NULL;
+	if (pubkey != NULL)
+		pubkey->data = NULL;
+
+	if (flags & GNUTLS_TPM_KEY_SIGNING)
+		tpm_flags |= TSS_KEY_TYPE_SIGNING;
+	else
+		tpm_flags |= TSS_KEY_TYPE_LEGACY;
+
+	if (flags & GNUTLS_TPM_KEY_USER)
+		storage_type = TSS_PS_TYPE_USER;
+	else
+		storage_type = TSS_PS_TYPE_SYSTEM;
+
+	if (bits <= 512)
+		tpm_flags |= TSS_KEY_SIZE_512;
+	else if (bits <= 1024)
+		tpm_flags |= TSS_KEY_SIZE_1024;
+	else if (bits <= 2048)
+		tpm_flags |= TSS_KEY_SIZE_2048;
+	else if (bits <= 4096)
+		tpm_flags |= TSS_KEY_SIZE_4096;
+	else if (bits <= 8192)
+		tpm_flags |= TSS_KEY_SIZE_8192;
+	else
+		tpm_flags |= TSS_KEY_SIZE_16384;
+
+	ret = tpm_open_session(&s, srk_password, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* put some randomness into TPM. 
+	 * Let's not trust it completely.
+	 */
+	tssret = pTspi_Context_GetTpmObject(s.tpm_ctx, &htpm);
+	if (tssret != 0) {
+		gnutls_assert();
+		ret = tss_err(tssret);
+		goto err_cc;
+	}
+
+
+	ret = gnutls_rnd(GNUTLS_RND_RANDOM, buf, sizeof(buf));
+	if (ret < 0) {
+		gnutls_assert();
+		goto err_cc;
+	}
+
+	tssret = pTspi_TPM_StirRandom(htpm, sizeof(buf), buf);
+	if (tssret) {
+		gnutls_assert();
+	}
+
+	tssret =
+	    pTspi_Context_CreateObject(s.tpm_ctx, TSS_OBJECT_TYPE_RSAKEY,
+				      tpm_flags, &key_ctx);
+	if (tssret != 0) {
+		gnutls_assert();
+		ret = tss_err(tssret);
+		goto err_cc;
+	}
+
+	tssret =
+	    pTspi_SetAttribUint32(key_ctx, TSS_TSPATTRIB_KEY_INFO,
+				 TSS_TSPATTRIB_KEYINFO_SIGSCHEME,
+				 TSS_SS_RSASSAPKCS1V15_DER);
+	if (tssret != 0) {
+		gnutls_assert();
+		ret = tss_err(tssret);
+		goto err_sa;
+	}
+
+	/* set the password of the actual key */
+	if (key_password) {
+		gnutls_datum_t pout;
+		char *password = NULL;
+
+		tssret =
+		    pTspi_GetPolicyObject(key_ctx, TSS_POLICY_USAGE,
+					 &key_policy);
+		if (tssret != 0) {
+			gnutls_assert();
+			ret = tss_err(tssret);
+			goto err_sa;
+		}
+
+		ret = _gnutls_utf8_password_normalize(key_password, strlen(key_password), &pout, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto err_sa;
+		}
+		password = (char*)pout.data;
+
+		tssret = myTspi_Policy_SetSecret(key_policy,
+						 SAFE_LEN(password),
+						 (void *)password);
+		gnutls_free(password);
+		if (tssret != 0) {
+			gnutls_assert();
+			ret = tss_err(tssret);
+			goto err_sa;
+		}
+	}
+
+	tssret = pTspi_Key_CreateKey(key_ctx, s.srk, 0);
+	if (tssret != 0) {
+		gnutls_assert();
+		ret = tss_err(tssret);
+		goto err_sa;
+	}
+
+	if (flags & GNUTLS_TPM_REGISTER_KEY) {
+		TSS_UUID key_uuid;
+
+		ret = randomize_uuid(&key_uuid);
+		if (ret < 0) {
+			gnutls_assert();
+			goto err_sa;
+		}
+
+		tssret =
+		    pTspi_Context_RegisterKey(s.tpm_ctx, key_ctx,
+					     storage_type, key_uuid,
+					     TSS_PS_TYPE_SYSTEM, srk_uuid);
+		if (tssret != 0) {
+			gnutls_assert();
+			ret = tss_err(tssret);
+			goto err_sa;
+		}
+
+		ret =
+		    encode_tpmkey_url((char **) &privkey->data, &key_uuid,
+				      storage_type);
+		if (ret < 0) {
+			TSS_HKEY tkey;
+
+			pTspi_Context_UnregisterKey(s.tpm_ctx, storage_type,
+						   key_uuid, &tkey);
+			gnutls_assert();
+			goto err_sa;
+		}
+		privkey->size = strlen((char *) privkey->data);
+
+	} else {		/* get the key as blob */
+
+
+		tssret =
+		    pTspi_GetAttribData(key_ctx, TSS_TSPATTRIB_KEY_BLOB,
+				       TSS_TSPATTRIB_KEYBLOB_BLOB, &tint,
+				       (void *) &tdata);
+		if (tssret != 0) {
+			gnutls_assert();
+			ret = tss_err(tssret);
+			goto err_sa;
+		}
+
+
+		if (format == GNUTLS_TPMKEY_FMT_CTK_PEM) {
+			ret =
+			    _gnutls_x509_encode_string
+			    (ASN1_ETYPE_OCTET_STRING, tdata, tint,
+			     &tmpkey);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			ret =
+			    _gnutls_fbase64_encode("TSS KEY BLOB",
+						   tmpkey.data,
+						   tmpkey.size, privkey);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+		} else {
+			UINT32 tint2;
+
+			tmpkey.size = tint + 32;	/* spec says no more than 20 */
+			tmpkey.data = gnutls_malloc(tmpkey.size);
+			if (tmpkey.data == NULL) {
+				gnutls_assert();
+				ret = GNUTLS_E_MEMORY_ERROR;
+				goto cleanup;
+			}
+
+			tint2 = tmpkey.size;
+			tssret =
+			    pTspi_EncodeDER_TssBlob(tint, tdata,
+						   TSS_BLOB_TYPE_PRIVATEKEY,
+						   &tint2, tmpkey.data);
+			if (tssret != 0) {
+				gnutls_assert();
+				ret = tss_err(tssret);
+				goto cleanup;
+			}
+
+			tmpkey.size = tint2;
+
+			privkey->data = tmpkey.data;
+			privkey->size = tmpkey.size;
+			tmpkey.data = NULL;
+		}
+	}
+
+	/* read the public key */
+	if (pubkey != NULL) {
+		size_t psize = 0;
+
+		ret = gnutls_pubkey_init(&pub);
+		if (ret < 0) {
+			gnutls_assert();
+			goto privkey_cleanup;
+		}
+
+		ret = read_pubkey(pub, key_ctx, &psize);
+		if (ret < 0) {
+			gnutls_assert();
+			goto privkey_cleanup;
+		}
+		psize += 512;
+
+		pubkey->data = gnutls_malloc(psize);
+		if (pubkey->data == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto pubkey_cleanup;
+		}
+
+		ret =
+		    gnutls_pubkey_export(pub, pub_format, pubkey->data,
+					 &psize);
+		if (ret < 0) {
+			gnutls_assert();
+			goto pubkey_cleanup;
+		}
+		pubkey->size = psize;
+
+		gnutls_pubkey_deinit(pub);
+	}
+
+	ret = 0;
+	goto cleanup;
+
+      pubkey_cleanup:
+	gnutls_pubkey_deinit(pub);
+      privkey_cleanup:
+	gnutls_free(privkey->data);
+      cleanup:
+	gnutls_free(tmpkey.data);
+      err_sa:
+	pTspi_Context_CloseObject(s.tpm_ctx, key_ctx);
+      err_cc:
+	tpm_close_session(&s);
+	return ret;
+}
+
+
+/**
+ * gnutls_tpm_key_list_deinit:
+ * @list: a list of the keys
+ *
+ * This function will deinitialize the list of stored keys in the TPM.
+ *
+ * Since: 3.1.0
+ **/
+void gnutls_tpm_key_list_deinit(gnutls_tpm_key_list_t list)
+{
+	CHECK_INIT_VOID;
+
+	if (list->tpm_ctx != 0)
+		pTspi_Context_Close(list->tpm_ctx);
+	gnutls_free(list);
+}
+
+/**
+ * gnutls_tpm_key_list_get_url:
+ * @list: a list of the keys
+ * @idx: The index of the key (starting from zero)
+ * @url: The URL to be returned
+ * @flags: should be zero
+ *
+ * This function will return for each given index a URL of
+ * the corresponding key.
+ * If the provided index is out of bounds then %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * is returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.0
+ **/
+int
+gnutls_tpm_key_list_get_url(gnutls_tpm_key_list_t list, unsigned int idx,
+			    char **url, unsigned int flags)
+{
+	CHECK_INIT;
+
+	if (idx >= list->size)
+		return
+		    gnutls_assert_val
+		    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	return encode_tpmkey_url(url, &list->ki[idx].keyUUID,
+				 list->ki[idx].persistentStorageType);
+}
+
+/**
+ * gnutls_tpm_get_registered:
+ * @list: a list to store the keys
+ *
+ * This function will get a list of stored keys in the TPM. The uuid
+ * of those keys
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.0
+ **/
+int gnutls_tpm_get_registered(gnutls_tpm_key_list_t * list)
+{
+	TSS_RESULT tssret;
+	int ret;
+
+	CHECK_INIT;
+
+	*list = gnutls_calloc(1, sizeof(struct tpm_key_list_st));
+	if (*list == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	tssret = pTspi_Context_Create(&(*list)->tpm_ctx);
+	if (tssret) {
+		gnutls_assert();
+		ret = tss_err(tssret);
+		goto cleanup;
+	}
+
+	tssret = pTspi_Context_Connect((*list)->tpm_ctx, NULL);
+	if (tssret) {
+		gnutls_assert();
+		ret = tss_err(tssret);
+		goto cleanup;
+	}
+
+	tssret =
+	    pTspi_Context_GetRegisteredKeysByUUID2((*list)->tpm_ctx,
+						  TSS_PS_TYPE_SYSTEM, NULL,
+						  &(*list)->size,
+						  &(*list)->ki);
+	if (tssret) {
+		gnutls_assert();
+		ret = tss_err(tssret);
+		goto cleanup;
+	}
+	return 0;
+
+      cleanup:
+	gnutls_tpm_key_list_deinit(*list);
+
+	return ret;
+}
+
+/**
+ * gnutls_tpm_privkey_delete:
+ * @url: the URL describing the key
+ * @srk_password: a password for the SRK key
+ *
+ * This function will unregister the private key from the TPM
+ * chip. 
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.0
+ **/
+int gnutls_tpm_privkey_delete(const char *url, const char *srk_password)
+{
+	struct tpm_ctx_st s;
+	struct tpmkey_url_st durl;
+	TSS_RESULT tssret;
+	TSS_HKEY tkey;
+	int ret;
+
+	CHECK_INIT;
+
+	ret = decode_tpmkey_url(url, &durl);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (durl.uuid_set == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = tpm_open_session(&s, srk_password, 1);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	tssret =
+	    pTspi_Context_UnregisterKey(s.tpm_ctx, durl.storage, durl.uuid,
+				       &tkey);
+	if (tssret != 0) {
+		gnutls_assert();
+		ret = tss_err(tssret);
+		goto err_cc;
+	}
+
+	ret = 0;
+      err_cc:
+	tpm_close_session(&s);
+	return ret;
+}
+#else				/* HAVE_TROUSERS */
+int
+gnutls_privkey_import_tpm_raw(gnutls_privkey_t pkey,
+			      const gnutls_datum_t * fdata,
+			      gnutls_tpmkey_fmt_t format,
+			      const char *srk_password,
+			      const char *key_password, unsigned int flags)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int
+gnutls_privkey_import_tpm_url(gnutls_privkey_t pkey,
+			      const char *url,
+			      const char *srk_password,
+			      const char *key_password, unsigned int flags)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int
+gnutls_pubkey_import_tpm_raw(gnutls_pubkey_t pkey,
+			     const gnutls_datum_t * fdata,
+			     gnutls_tpmkey_fmt_t format,
+			     const char *srk_password, unsigned int flags)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int
+gnutls_pubkey_import_tpm_url(gnutls_pubkey_t pkey,
+			     const char *url,
+			     const char *srk_password, unsigned int flags)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int
+gnutls_tpm_privkey_generate(gnutls_pk_algorithm_t pk, unsigned int bits,
+			    const char *srk_password,
+			    const char *key_password,
+			    gnutls_tpmkey_fmt_t format,
+			    gnutls_x509_crt_fmt_t pub_format,
+			    gnutls_datum_t * privkey,
+			    gnutls_datum_t * pubkey, unsigned int flags)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+void gnutls_tpm_key_list_deinit(gnutls_tpm_key_list_t list)
+{
+	return;
+}
+
+int
+gnutls_tpm_key_list_get_url(gnutls_tpm_key_list_t list, unsigned int idx,
+			    char **url, unsigned int flags)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_tpm_get_registered(gnutls_tpm_key_list_t * list)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+
+int gnutls_tpm_privkey_delete(const char *url, const char *srk_password)
+{
+	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+}
+#endif				/* HAVE_TROUSERS */
diff --git a/lib/tpm2.c b/lib/tpm2.c
new file mode 100644
index 0000000..1c1b710
--- /dev/null
+++ b/lib/tpm2.c
@@ -0,0 +1,301 @@
+/*
+ * Copyright © 2018-2021 David Woodhouse.
+ * Copyright © 2019,2021 Red Hat, Inc.
+ *
+ * Author: David Woodhouse <dwmw2@infradead.org>, Nikos Mavrogiannopoulos,
+ *	Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include <config.h>
+
+#include "gnutls_int.h"
+#include "global.h"
+#include "tpm2.h"
+#include "pin.h"
+#include "abstract_int.h"
+
+#include <string.h>
+#include <libtasn1.h>
+
+static const char OID_loadable_key[] = "2.23.133.10.1.3";
+
+static int rsa_key_info(gnutls_privkey_t key, unsigned int flags, void *_info)
+{
+	if (flags & GNUTLS_PRIVKEY_INFO_PK_ALGO) {
+		return GNUTLS_PK_RSA;
+	}
+
+	if (flags & GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS) {
+		struct tpm2_info_st *info = _info;
+
+		return tpm2_rsa_key_bits(info);
+	}
+
+	if (flags & GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO) {
+		gnutls_sign_algorithm_t algo = GNUTLS_FLAGS_TO_SIGN_ALGO(flags);
+		switch (algo) {
+		case GNUTLS_SIGN_RSA_RAW:
+		case GNUTLS_SIGN_RSA_SHA1:
+		case GNUTLS_SIGN_RSA_SHA256:
+		case GNUTLS_SIGN_RSA_SHA384:
+		case GNUTLS_SIGN_RSA_SHA512:
+			return 1;
+
+		case GNUTLS_SIGN_RSA_PSS_SHA256:
+		case GNUTLS_SIGN_RSA_PSS_RSAE_SHA256:
+		case GNUTLS_SIGN_RSA_PSS_SHA384:
+		case GNUTLS_SIGN_RSA_PSS_RSAE_SHA384:
+		case GNUTLS_SIGN_RSA_PSS_SHA512:
+		case GNUTLS_SIGN_RSA_PSS_RSAE_SHA512:
+			return 1;
+
+		default:
+			_gnutls_debug_log("tpm2: unsupported RSA sign algo %s\n",
+					  gnutls_sign_get_name(algo));
+			return 0;
+		}
+	}
+
+	if (flags & GNUTLS_PRIVKEY_INFO_SIGN_ALGO) {
+		return GNUTLS_SIGN_RSA_RAW;
+	}
+
+	return -1;
+}
+
+static int ec_key_info(gnutls_privkey_t key, unsigned int flags, void *_info)
+{
+	if (flags & GNUTLS_PRIVKEY_INFO_PK_ALGO) {
+		return GNUTLS_PK_EC;
+	}
+
+	if (flags & GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO) {
+		gnutls_sign_algorithm_t algo = GNUTLS_FLAGS_TO_SIGN_ALGO(flags);
+		struct tpm2_info_st *info = _info;
+		uint16_t tpm2_curve = tpm2_key_curve(info);
+
+		switch (algo) {
+		case GNUTLS_SIGN_ECDSA_SHA1:
+		case GNUTLS_SIGN_ECDSA_SHA256:
+			return 1;
+
+		case GNUTLS_SIGN_ECDSA_SECP256R1_SHA256:
+			return tpm2_curve == 0x0003; /* TPM2_ECC_NIST_P256 */
+
+		case GNUTLS_SIGN_ECDSA_SECP384R1_SHA384:
+			return tpm2_curve == 0x0004; /* TPM2_ECC_NIST_P384 */
+
+		case GNUTLS_SIGN_ECDSA_SECP521R1_SHA512:
+			return tpm2_curve == 0x0005; /* TPM2_ECC_NIST_P521 */
+
+		default:
+			_gnutls_debug_log("tpm2: unsupported EC sign algo %s\n",
+					  gnutls_sign_get_name(algo));
+			return 0;
+		}
+	}
+
+	if (flags & GNUTLS_PRIVKEY_INFO_SIGN_ALGO) {
+		return GNUTLS_SIGN_ECDSA_SHA256;
+	}
+
+	return -1;
+}
+
+static int decode_data(asn1_node n, gnutls_datum_t *r)
+{
+	asn1_data_node_st d;
+	int lenlen;
+	int result;
+
+	if (!n) {
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result = asn1_read_node_value(n, &d);
+	if (result != ASN1_SUCCESS) {
+		return _gnutls_asn2err(result);
+	}
+
+	result = asn1_get_length_der(d.value, d.value_len, &lenlen);
+	if (result < 0) {
+		return _gnutls_asn2err(result);
+	}
+
+	r->data = (unsigned char *)d.value + lenlen;
+	r->size = d.value_len - lenlen;
+
+	return 0;
+}
+
+int _gnutls_load_tpm2_key(gnutls_privkey_t pkey, const gnutls_datum_t *fdata)
+{
+	gnutls_datum_t asn1, pubdata, privdata;
+	asn1_node tpmkey = NULL;
+	char value_buf[16];
+	int value_buflen;
+	bool emptyauth = false;
+	unsigned int parent;
+	int err, ret;
+	struct tpm2_info_st *info = NULL;
+
+	ret = gnutls_pem_base64_decode2("TSS2 PRIVATE KEY", fdata, &asn1);
+	if (ret < 0) {
+		/* Report the first error */
+		_gnutls_debug_log("tpm2: error decoding TSS2 key blob: %s\n",
+				  gnutls_strerror(ret));
+		return ret;
+	}
+
+	err = asn1_create_element(_gnutls_get_gnutls_asn(), "GNUTLS.TPMKey",
+				  &tpmkey);
+	if (err != ASN1_SUCCESS) {
+		_gnutls_debug_log("tpm2: failed to create ASN.1 type: %s\n",
+				  asn1_strerror(err));
+		ret = _gnutls_asn2err(err);
+		goto out_asn1;
+	}
+
+	err = asn1_der_decoding(&tpmkey, asn1.data, asn1.size, NULL);
+	if (err != ASN1_SUCCESS) {
+		_gnutls_debug_log("tpm2: failed to decode key from ASN.1: %s\n",
+				  asn1_strerror(err));
+		ret = _gnutls_asn2err(err);
+		goto out_tpmkey;
+	}
+
+	value_buflen = sizeof(value_buf);
+	err = asn1_read_value(tpmkey, "type", value_buf, &value_buflen);
+	if (err != ASN1_SUCCESS) {
+		_gnutls_debug_log("tpm2: failed to parse key type OID: %s\n",
+				  asn1_strerror(err));
+		ret = _gnutls_asn2err(err);
+		goto out_tpmkey;
+	}
+	if (strncmp(value_buf, OID_loadable_key, value_buflen)) {
+		_gnutls_debug_log("tpm2: key has unknown type OID %s not %s\n",
+				  value_buf, OID_loadable_key);
+		ret = GNUTLS_E_TPM_ERROR;
+		goto out_tpmkey;
+	}
+
+	value_buflen = sizeof(value_buf);
+	if (!asn1_read_value(tpmkey, "emptyAuth", value_buf, &value_buflen) &&
+	    !strcmp(value_buf, "TRUE")) {
+		emptyauth = 1;
+	}
+
+	memset(value_buf, 0, 5);
+	value_buflen = 5;
+	err = asn1_read_value(tpmkey, "parent", value_buf, &value_buflen);
+	if (err == ASN1_ELEMENT_NOT_FOUND) {
+		parent = 0x40000001; /* RH_OWNER */
+	} else if (err != ASN1_SUCCESS) {
+		_gnutls_debug_log("tpm2: failed to parse TPM2 key parent: %s\n",
+				  asn1_strerror(err));
+		ret = GNUTLS_E_TPM_ERROR;
+		goto out_tpmkey;
+	} else {
+		int i = 0;
+		parent = 0;
+
+		if (value_buflen == 5) {
+			if (value_buf[0]) {
+				gnutls_assert();
+				_gnutls_debug_log("tpm2: failed to parse parent key\n");
+				ret = GNUTLS_E_TPM_ERROR;
+				goto out_tpmkey;
+			}
+			/* Skip the leading zero */
+			i++;
+		}
+		for ( ; i < value_buflen; i++) {
+			parent <<= 8;
+			parent |= value_buf[i];
+		}
+	}
+
+	ret = decode_data(asn1_find_node(tpmkey, "pubkey"), &pubdata);
+	if (ret < 0) {
+		_gnutls_debug_log("tpm2: failed to parse pubkey element: %s\n",
+				  gnutls_strerror(ret));
+		ret = GNUTLS_E_TPM_ERROR;
+		goto out_tpmkey;
+	}
+	ret = decode_data(asn1_find_node(tpmkey, "privkey"), &privdata);
+	if (ret < 0) {
+		_gnutls_debug_log("tpm2: failed to parse privkey element: %s\n",
+				  gnutls_strerror(ret));
+		ret = GNUTLS_E_TPM_ERROR;
+		goto out_tpmkey;
+	}
+
+	_gnutls_debug_log("tpm2: parsed key with parent %x, emptyauth %d\n",
+			  parent, emptyauth);
+
+	info = tpm2_info_init(&pkey->pin);
+	if (info == NULL) {
+		_gnutls_debug_log("tpm2: failed to allocate context\n");
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto out_tpmkey;
+	}
+
+	/* Now we've extracted what we need from the ASN.1, invoke the
+	 * actual TPM2 code (whichever implementation we end up with */
+	ret = install_tpm2_key(info, pkey, parent, emptyauth,
+			       &privdata, &pubdata);
+	if (ret < 0) {
+		goto out_tpmkey;
+	}
+
+	switch (ret) {
+	case GNUTLS_PK_RSA:
+		gnutls_privkey_import_ext4(pkey, info, NULL,
+					   tpm2_rsa_sign_hash_fn, NULL,
+					   tpm2_deinit_fn, rsa_key_info, 0);
+		pkey->key.ext.pk_params_func = tpm2_convert_public;
+		break;
+
+	case GNUTLS_PK_ECDSA:
+		gnutls_privkey_import_ext4(pkey, info, NULL,
+					   tpm2_ec_sign_hash_fn, NULL,
+					   tpm2_deinit_fn, ec_key_info, 0);
+		pkey->key.ext.pk_params_func = tpm2_convert_public;
+		break;
+
+	default:
+		ret = GNUTLS_E_TPM_ERROR;
+		goto out_tpmkey;
+	}
+
+	ret = 0;
+	info = NULL; /* part of pkey now */
+
+ out_tpmkey:
+	asn1_delete_structure(&tpmkey);
+	release_tpm2_ctx(info);
+ out_asn1:
+	gnutls_free(asn1.data);
+	return ret;
+}
+
+void _gnutls_tpm2_deinit(void)
+{
+	tpm2_esys_deinit();
+}
diff --git a/lib/tpm2.h b/lib/tpm2.h
new file mode 100644
index 0000000..7966e2d
--- /dev/null
+++ b/lib/tpm2.h
@@ -0,0 +1,65 @@
+/*
+ * Copyright (C) 2000-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_TPM2_H
+# define GNUTLS_LIB_TPM2_H
+
+#include "pin.h"
+
+/* Functions used outside tpm2.c */
+
+void _gnutls_tpm2_deinit(void);
+int _gnutls_load_tpm2_key(gnutls_privkey_t pkey, const gnutls_datum_t *fdata);
+
+/* Functions only used in tpm2.c */
+
+struct tpm2_info_st;
+
+struct tpm2_info_st *tpm2_info_init(struct pin_info_st *pin);
+
+void tpm2_esys_deinit(void);
+
+void release_tpm2_ctx(struct tpm2_info_st *info);
+
+int install_tpm2_key(struct tpm2_info_st *info, gnutls_privkey_t pkey,
+		     unsigned int parent, bool emptyauth,
+		     gnutls_datum_t *privdata, gnutls_datum_t *pubdata);
+
+void tpm2_deinit_fn(gnutls_privkey_t key, void *priv);
+
+int tpm2_rsa_sign_hash_fn(gnutls_privkey_t key, gnutls_sign_algorithm_t algo,
+			  void *_info, unsigned int flags,
+			  const gnutls_datum_t *data, gnutls_datum_t *sig);
+
+int tpm2_ec_sign_hash_fn(gnutls_privkey_t key, gnutls_sign_algorithm_t algo,
+			 void *_info, unsigned int flags,
+			 const gnutls_datum_t *data, gnutls_datum_t *sig);
+
+uint16_t tpm2_key_curve(struct tpm2_info_st *info);
+int tpm2_rsa_key_bits(struct tpm2_info_st *info);
+
+int tpm2_convert_public(gnutls_privkey_t key,
+			void *userdata,
+			gnutls_pk_params_st *params);
+
+#endif /* GNUTLS_LIB_TPM2_H */
diff --git a/lib/tpm2_esys.c b/lib/tpm2_esys.c
new file mode 100644
index 0000000..70209b7
--- /dev/null
+++ b/lib/tpm2_esys.c
@@ -0,0 +1,1139 @@
+/*
+ * Copyright © 2018-2021 David Woodhouse.
+ * Copyright © 2019,2021 Red Hat, Inc.
+ *
+ * Author: David Woodhouse <dwmw2@infradead.org>, Nikos Mavrogiannopoulos,
+ *	Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Portions taken from tpm2-tss-engine, copyright as below: */
+
+/*******************************************************************************
+ * Copyright 2017-2018, Fraunhofer SIT sponsored by Infineon Technologies AG
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of tpm2-tss-engine nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ ******************************************************************************/
+
+#include "config.h"
+
+#include "gnutls_int.h"
+#include "abstract_int.h"
+
+#include <errno.h>
+#include <stdio.h>
+#include <stdint.h>
+#include <string.h>
+
+#include "tpm2.h"
+#include "locks.h"
+
+#include <tss2/tss2_mu.h>
+#include <tss2/tss2_esys.h>
+#include <tss2/tss2_tctildr.h>
+
+#include <dlfcn.h>
+
+/* We don't want to link to libtss2-esys, as it brings in other
+ * crypto libraries.  Instead, only dlopen it as needed.
+ */
+
+static void *_gnutls_tss2_esys_dlhandle;
+static void *_gnutls_tss2_mu_dlhandle;
+static void *_gnutls_tss2_tctildr_dlhandle;
+
+/* Copied from gnulib/lib/intprops.h */
+
+/* Does the __typeof__ keyword work?  This could be done by
+   'configure', but for now it's easier to do it by hand.  */
+#undef HAVE___TYPEOF__
+#if (2 <= __GNUC__ \
+     || (4 <= __clang_major__) \
+     || (1210 <= __IBMC__ && defined __IBM__TYPEOF__) \
+     || (0x5110 <= __SUNPRO_C && !__STDC__))
+# define HAVE___TYPEOF__ 1
+#else
+# define HAVE___TYPEOF__ 0
+#endif
+
+#if HAVE___TYPEOF__
+static __typeof__(Esys_GetCapability) (*_gnutls_tss2_Esys_GetCapability);
+static __typeof__(Esys_Free) (*_gnutls_tss2_Esys_Free);
+static __typeof__(Esys_TR_SetAuth) (*_gnutls_tss2_Esys_TR_SetAuth);
+static __typeof__(Esys_CreatePrimary) (*_gnutls_tss2_Esys_CreatePrimary);
+static __typeof__(Esys_Initialize) (*_gnutls_tss2_Esys_Initialize);
+static __typeof__(Esys_Startup) (*_gnutls_tss2_Esys_Startup);
+static __typeof__(Esys_TR_FromTPMPublic) (*_gnutls_tss2_Esys_TR_FromTPMPublic);
+static __typeof__(Esys_ReadPublic) (*_gnutls_tss2_Esys_ReadPublic);
+static __typeof__(Esys_Load) (*_gnutls_tss2_Esys_Load);
+static __typeof__(Esys_FlushContext) (*_gnutls_tss2_Esys_FlushContext);
+static __typeof__(Esys_Finalize) (*_gnutls_tss2_Esys_Finalize);
+static __typeof__(Esys_RSA_Decrypt) (*_gnutls_tss2_Esys_RSA_Decrypt);
+static __typeof__(Esys_Sign) (*_gnutls_tss2_Esys_Sign);
+
+static __typeof__(Tss2_MU_TPM2B_PRIVATE_Unmarshal)
+(*_gnutls_tss2_Tss2_MU_TPM2B_PRIVATE_Unmarshal);
+static __typeof__(Tss2_MU_TPM2B_PUBLIC_Unmarshal)
+(*_gnutls_tss2_Tss2_MU_TPM2B_PUBLIC_Unmarshal);
+
+static __typeof__(Tss2_TctiLdr_Initialize)
+(*_gnutls_tss2_Tss2_TctiLdr_Initialize);
+static __typeof__(Tss2_TctiLdr_Finalize)
+(*_gnutls_tss2_Tss2_TctiLdr_Finalize);
+#else
+static TSS2_RC
+(*_gnutls_tss2_Esys_GetCapability)(ESYS_CONTEXT *esysContext,
+				   ESYS_TR shandle1,
+				   ESYS_TR shandle2,
+				   ESYS_TR shandle3,
+				   TPM2_CAP capability,
+				   UINT32 property,
+				   UINT32 propertyCount,
+				   TPMI_YES_NO *moreData,
+				   TPMS_CAPABILITY_DATA **capabilityData);
+static void (*_gnutls_tss2_Esys_Free)(void *__ptr);
+static TSS2_RC (*_gnutls_tss2_Esys_TR_SetAuth)(ESYS_CONTEXT *esysContext,
+					       ESYS_TR handle,
+					       TPM2B_AUTH const *authValue);
+static TSS2_RC
+(*_gnutls_tss2_Esys_CreatePrimary)(ESYS_CONTEXT *esysContext,
+				   ESYS_TR primaryHandle,
+				   ESYS_TR shandle1,
+				   ESYS_TR shandle2,
+				   ESYS_TR shandle3,
+				   const TPM2B_SENSITIVE_CREATE *inSensitive,
+				   const TPM2B_PUBLIC *inPublic,
+				   const TPM2B_DATA *outsideInfo,
+				   const TPML_PCR_SELECTION *creationPCR,
+				   ESYS_TR *objectHandle,
+				   TPM2B_PUBLIC **outPublic,
+				   TPM2B_CREATION_DATA **creationData,
+				   TPM2B_DIGEST **creationHash,
+				   TPMT_TK_CREATION **creationTicket);
+static TSS2_RC (*_gnutls_tss2_Esys_Initialize)(ESYS_CONTEXT **esys_context,
+					       TSS2_TCTI_CONTEXT *tcti,
+					       TSS2_ABI_VERSION *abiVersion);
+static TSS2_RC (*_gnutls_tss2_Esys_Startup)(ESYS_CONTEXT *esysContext,
+					    TPM2_SU startupType);
+static TSS2_RC (*_gnutls_tss2_Esys_TR_FromTPMPublic)(ESYS_CONTEXT *esysContext,
+						     TPM2_HANDLE tpm_handle,
+						     ESYS_TR optionalSession1,
+						     ESYS_TR optionalSession2,
+						     ESYS_TR optionalSession3,
+						     ESYS_TR *object);
+static TSS2_RC (*_gnutls_tss2_Esys_ReadPublic)(ESYS_CONTEXT *esysContext,
+					       ESYS_TR objectHandle,
+					       ESYS_TR shandle1,
+					       ESYS_TR shandle2,
+					       ESYS_TR shandle3,
+					       TPM2B_PUBLIC **outPublic,
+					       TPM2B_NAME **name,
+					       TPM2B_NAME **qualifiedName);
+static TSS2_RC (*_gnutls_tss2_Esys_Load)(ESYS_CONTEXT *esysContext,
+					 ESYS_TR parentHandle,
+					 ESYS_TR shandle1,
+					 ESYS_TR shandle2,
+					 ESYS_TR shandle3,
+					 const TPM2B_PRIVATE *inPrivate,
+					 const TPM2B_PUBLIC *inPublic,
+					 ESYS_TR *objectHandle);
+static TSS2_RC (*_gnutls_tss2_Esys_FlushContext)(ESYS_CONTEXT *esysContext,
+						 ESYS_TR flushHandle);
+static void (*_gnutls_tss2_Esys_Finalize)(ESYS_CONTEXT **context);
+static TSS2_RC
+(*_gnutls_tss2_Esys_RSA_Decrypt)(ESYS_CONTEXT *esysContext,
+				 ESYS_TR keyHandle,
+				 ESYS_TR shandle1,
+				 ESYS_TR shandle2,
+				 ESYS_TR shandle3,
+				 const TPM2B_PUBLIC_KEY_RSA *cipherText,
+				 const TPMT_RSA_DECRYPT *inScheme,
+				 const TPM2B_DATA *label,
+				 TPM2B_PUBLIC_KEY_RSA **message);
+static TSS2_RC (*_gnutls_tss2_Esys_Sign)(ESYS_CONTEXT *esysContext,
+					 ESYS_TR keyHandle,
+					 ESYS_TR shandle1,
+					 ESYS_TR shandle2,
+					 ESYS_TR shandle3,
+					 const TPM2B_DIGEST *digest,
+					 const TPMT_SIG_SCHEME *inScheme,
+					 const TPMT_TK_HASHCHECK *validation,
+					 TPMT_SIGNATURE **signature);
+
+static TSS2_RC
+(*_gnutls_tss2_Tss2_MU_TPM2B_PRIVATE_Unmarshal)(uint8_t const buffer[],
+						size_t buffer_size,
+						size_t *offset,
+						TPM2B_PRIVATE *dest);
+static TSS2_RC
+(*_gnutls_tss2_Tss2_MU_TPM2B_PUBLIC_Unmarshal)(uint8_t const buffer[],
+					       size_t buffer_size,
+					       size_t *offset,
+					       TPM2B_PUBLIC *dest);
+
+static TSS2_RC
+(*_gnutls_tss2_Tss2_TctiLdr_Initialize)(const char *nameConf,
+					TSS2_TCTI_CONTEXT **context);
+static void (*_gnutls_tss2_Tss2_TctiLdr_Finalize)(TSS2_TCTI_CONTEXT **context);
+#endif
+
+#define DLSYM_TSS2(sys, sym)						\
+	_gnutls_tss2_##sym = dlsym(_gnutls_tss2_##sys##_dlhandle, #sym); \
+	if (!_gnutls_tss2_##sym) {					\
+		return -1;						\
+	}
+
+static int
+init_tss2_funcs(void)
+{
+	if (!_gnutls_tss2_esys_dlhandle) {
+		_gnutls_tss2_esys_dlhandle =
+			dlopen("libtss2-esys.so.0", RTLD_NOW | RTLD_GLOBAL);
+		if (!_gnutls_tss2_esys_dlhandle) {
+			_gnutls_debug_log("tpm2: unable to dlopen libtss2-esys\n");
+			return -1;
+		}
+	}
+
+	DLSYM_TSS2(esys, Esys_GetCapability)
+	DLSYM_TSS2(esys, Esys_Free)
+	DLSYM_TSS2(esys, Esys_TR_SetAuth)
+	DLSYM_TSS2(esys, Esys_CreatePrimary)
+	DLSYM_TSS2(esys, Esys_Initialize)
+	DLSYM_TSS2(esys, Esys_Startup)
+	DLSYM_TSS2(esys, Esys_TR_FromTPMPublic)
+	DLSYM_TSS2(esys, Esys_ReadPublic)
+	DLSYM_TSS2(esys, Esys_Load)
+	DLSYM_TSS2(esys, Esys_FlushContext)
+	DLSYM_TSS2(esys, Esys_Finalize)
+	DLSYM_TSS2(esys, Esys_RSA_Decrypt)
+	DLSYM_TSS2(esys, Esys_Sign)
+
+	if (!_gnutls_tss2_mu_dlhandle) {
+		_gnutls_tss2_mu_dlhandle =
+			dlopen("libtss2-mu.so.0", RTLD_NOW | RTLD_GLOBAL);
+		if (!_gnutls_tss2_mu_dlhandle) {
+			_gnutls_debug_log("tpm2: unable to dlopen libtss2-mu\n");
+			return -1;
+		}
+	}
+
+	DLSYM_TSS2(mu, Tss2_MU_TPM2B_PRIVATE_Unmarshal)
+	DLSYM_TSS2(mu, Tss2_MU_TPM2B_PUBLIC_Unmarshal)
+
+	if (!_gnutls_tss2_tctildr_dlhandle) {
+		_gnutls_tss2_tctildr_dlhandle =
+			dlopen("libtss2-tctildr.so.0", RTLD_NOW | RTLD_GLOBAL);
+		if (!_gnutls_tss2_tctildr_dlhandle) {
+			_gnutls_debug_log("tpm2: unable to dlopen libtss2-tctildr\n");
+			return -1;
+		}
+	}
+
+	DLSYM_TSS2(tctildr, Tss2_TctiLdr_Initialize)
+	DLSYM_TSS2(tctildr, Tss2_TctiLdr_Finalize)
+
+	return 0;
+}
+
+struct tpm2_info_st {
+	TPM2B_PUBLIC pub;
+	TPM2B_PRIVATE priv;
+	TPM2B_DIGEST userauth;
+	TPM2B_DIGEST ownerauth;
+	unsigned bits;
+	bool need_userauth;
+	bool need_ownerauth;
+	bool did_ownerauth;
+	unsigned int parent;
+	struct pin_info_st *pin_info;
+};
+
+static TSS2_TCTI_CONTEXT *tcti_ctx;
+
+#define PRIMARY_HASH_ALGORITHM TPM2_ALG_SHA256
+#define PRIMARY_OBJECT_ATTRIBUTES (TPMA_OBJECT_USERWITHAUTH |		\
+				   TPMA_OBJECT_RESTRICTED |		\
+				   TPMA_OBJECT_DECRYPT |		\
+				   TPMA_OBJECT_NODA |			\
+				   TPMA_OBJECT_FIXEDTPM |		\
+				   TPMA_OBJECT_FIXEDPARENT |		\
+				   TPMA_OBJECT_SENSITIVEDATAORIGIN)
+
+static const TPM2B_PUBLIC primary_template_rsa = {
+	.publicArea = {
+		.type = TPM2_ALG_RSA,
+		.nameAlg = PRIMARY_HASH_ALGORITHM,
+		.objectAttributes = PRIMARY_OBJECT_ATTRIBUTES,
+		.authPolicy = {
+			.size = 0,
+		},
+		.parameters.rsaDetail = {
+			.symmetric = {
+				.algorithm = TPM2_ALG_AES,
+				.keyBits.aes = 128,
+				.mode.aes = TPM2_ALG_CFB,
+			},
+			.scheme = {
+				.scheme = TPM2_ALG_NULL,
+				.details = {}
+			},
+			.keyBits = 2048,
+			.exponent = 0,
+		},
+		.unique.rsa = {
+			.size = 0,
+		}
+	}
+};
+
+static const TPM2B_PUBLIC primary_template_ecc = {
+	.publicArea = {
+		.type = TPM2_ALG_ECC,
+		.nameAlg = PRIMARY_HASH_ALGORITHM,
+		.objectAttributes = PRIMARY_OBJECT_ATTRIBUTES,
+		.authPolicy = {
+			.size = 0,
+		},
+		.parameters.eccDetail = {
+			.symmetric = {
+				.algorithm = TPM2_ALG_AES,
+				.keyBits.aes = 128,
+				.mode.aes = TPM2_ALG_CFB,
+			},
+			.scheme = {
+				.scheme = TPM2_ALG_NULL,
+				.details = {}
+			},
+			.curveID = TPM2_ECC_NIST_P256,
+			.kdf = {
+				.scheme = TPM2_ALG_NULL,
+				.details = {}
+			},
+		},
+		.unique.ecc = {
+			.x.size = 0,
+			.y.size = 0
+		}
+	}
+};
+
+static const TPM2B_SENSITIVE_CREATE primary_sensitive = {
+	.sensitive = {
+		.userAuth = {
+			.size = 0,
+		},
+		.data = {
+			.size = 0,
+		}
+	}
+};
+
+static const TPM2B_DATA all_outside_info = {
+	.size = 0,
+};
+
+static const TPML_PCR_SELECTION all_creation_pcr = {
+	.count = 0,
+};
+
+
+#define rc_is_key_auth_failed(rc) (((rc) & 0xff) == TPM2_RC_BAD_AUTH)
+#define rc_is_parent_auth_failed(rc) (((rc) & 0xff) == TPM2_RC_AUTH_FAIL)
+
+struct tpm2_info_st *tpm2_info_init(struct pin_info_st *pin)
+{
+	struct tpm2_info_st *t = gnutls_calloc(1, sizeof(struct tpm2_info_st));
+
+	if (t == NULL) {
+		return NULL;
+	}
+
+	t->pin_info = pin;
+
+	return t;
+}
+
+static int tpm2_pin(struct pin_info_st *pin_info, const char *url,
+		    const char *label,
+		    char *pin, unsigned int pin_size)
+{
+	int ret;
+
+	if (!label) {
+		label = "unknown";
+	}
+
+	ret = _gnutls_retrieve_pin(pin_info, url, label, 0, pin, pin_size);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+	return ret;
+}
+
+static void install_tpm_passphrase(TPM2B_DIGEST *auth, char *pass)
+{
+	if (strlen(pass) > sizeof(auth->buffer) - 1) {
+		_gnutls_debug_log("tpm2: password too long; truncating\n");
+	}
+	auth->size = strlen(pass);
+	snprintf((char*)auth->buffer, sizeof(auth->buffer), "%s", pass);
+	zeroize_key(pass, auth->size);
+}
+
+/* Figure out usable primary template according to the capabilities of
+ * the TPM chip; ECC is preferred over RSA for performance reasons.
+ */
+static const TPM2B_PUBLIC *
+get_primary_template(ESYS_CONTEXT *ctx)
+{
+	TPMS_CAPABILITY_DATA *capability_data;
+	UINT32 i;
+	TSS2_RC rc;
+
+	rc = _gnutls_tss2_Esys_GetCapability(ctx,
+				ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
+				TPM2_CAP_ALGS, 0, TPM2_MAX_CAP_ALGS,
+				NULL, &capability_data);
+	if (rc) {
+		_gnutls_debug_log("tpm2: Esys_GetCapability failed: 0x%x\n", rc);
+		return NULL;
+	}
+
+	for (i = 0; i < capability_data->data.algorithms.count; i++) {
+		if (capability_data->data.algorithms.algProperties[i].alg ==
+		    TPM2_ALG_ECC) {
+			_gnutls_tss2_Esys_Free(capability_data);
+			return &primary_template_ecc;
+		}
+	}
+
+	for (i = 0; i < capability_data->data.algorithms.count; i++) {
+		if (capability_data->data.algorithms.algProperties[i].alg ==
+		    TPM2_ALG_RSA) {
+			_gnutls_tss2_Esys_Free(capability_data);
+			return &primary_template_rsa;
+		}
+        }
+
+	_gnutls_tss2_Esys_Free(capability_data);
+	_gnutls_debug_log("tpm2: unable to find primary template\n");
+	return NULL;
+}
+
+static const char *
+tpm2_hierarchy_name(TPM2_RH hierarchy)
+{
+	switch (hierarchy) {
+	case TPM2_RH_OWNER:
+		return "owner";
+	case TPM2_RH_NULL:
+		return "null";
+	case TPM2_RH_ENDORSEMENT:
+		return "endorsement";
+	case TPM2_RH_PLATFORM:
+		return "platform";
+	default:
+		gnutls_assert();
+		return NULL;
+	}
+}
+
+static ESYS_TR
+tpm2_hierarchy_to_esys_handle(TPM2_RH hierarchy)
+{
+	switch (hierarchy) {
+	case TPM2_RH_OWNER:
+		return ESYS_TR_RH_OWNER;
+	case TPM2_RH_NULL:
+		return ESYS_TR_RH_NULL;
+	case TPM2_RH_ENDORSEMENT:
+		return ESYS_TR_RH_ENDORSEMENT;
+	case TPM2_RH_PLATFORM:
+		return ESYS_TR_RH_PLATFORM;
+	default:
+		gnutls_assert();
+		return ESYS_TR_NONE;
+	}
+}
+
+static int init_tpm2_primary(struct tpm2_info_st *info,
+			     ESYS_CONTEXT *ctx, ESYS_TR *primary_handle)
+{
+	TSS2_RC rc;
+	const char *hierarchy_name;
+	ESYS_TR hierarchy;
+	const TPM2B_PUBLIC *primary_template;
+
+	hierarchy_name = tpm2_hierarchy_name(info->parent);
+	hierarchy = tpm2_hierarchy_to_esys_handle(info->parent);
+
+	if (!hierarchy_name || hierarchy == ESYS_TR_NONE) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	_gnutls_debug_log("tpm2: creating primary key under %s hierarchy\n",
+			  hierarchy_name);
+ reauth:
+	if (info->need_ownerauth) {
+		char pass[GNUTLS_PKCS11_MAX_PIN_LEN];
+		if (tpm2_pin(info->pin_info, "tpm2:", hierarchy_name,
+			     pass, sizeof(pass))) {
+			return gnutls_assert_val(GNUTLS_E_TPM_KEY_PASSWORD_ERROR);
+		}
+		install_tpm_passphrase(&info->ownerauth, pass);
+		info->need_ownerauth = false;
+	}
+	rc = _gnutls_tss2_Esys_TR_SetAuth(ctx, hierarchy, &info->ownerauth);
+	if (rc) {
+		_gnutls_debug_log("tpm2: Esys_TR_SetAuth failed: 0x%x\n", rc);
+		return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
+	}
+	primary_template = get_primary_template(ctx);
+	if (!primary_template) {
+		return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
+	}
+	rc = _gnutls_tss2_Esys_CreatePrimary(ctx, hierarchy,
+				ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
+				&primary_sensitive,
+				primary_template,
+				&all_outside_info, &all_creation_pcr,
+				primary_handle, NULL, NULL, NULL, NULL);
+	if (rc_is_key_auth_failed(rc)) {
+		_gnutls_debug_log("tpm2: Esys_CreatePrimary owner auth failed\n");
+		info->need_ownerauth = true;
+		goto reauth;
+	} else if (rc) {
+		_gnutls_debug_log("tpm2: Esys_CreatePrimary failed: 0x%x\n", rc);
+		return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
+	}
+	return 0;
+}
+
+#define parent_is_generated(parent) ((parent) >> TPM2_HR_SHIFT == TPM2_HT_PERMANENT)
+#define parent_is_persistent(parent) ((parent) >> TPM2_HR_SHIFT == TPM2_HT_PERSISTENT)
+
+static int init_tpm2_key(ESYS_CONTEXT **ctx, ESYS_TR *key_handle,
+			 struct tpm2_info_st *info)
+{
+	ESYS_TR parent_handle = ESYS_TR_NONE;
+	TSS2_RC rc;
+
+	*key_handle = ESYS_TR_NONE;
+
+	_gnutls_debug_log("tpm2: establishing connection with TPM\n");
+
+	rc = _gnutls_tss2_Esys_Initialize(ctx, tcti_ctx, NULL);
+	if (rc) {
+		gnutls_assert();
+		_gnutls_debug_log("tpm2: Esys_Initialize failed: 0x%x\n", rc);
+		goto error;
+	}
+
+	rc = _gnutls_tss2_Esys_Startup(*ctx, TPM2_SU_CLEAR);
+	if (rc == TPM2_RC_INITIALIZE) {
+		_gnutls_debug_log("tpm2: was already started up thus false positive failing in tpm2tss log\n");
+	} else if (rc) {
+		gnutls_assert();
+		_gnutls_debug_log("tpm2: Esys_Startup failed: 0x%x\n", rc);
+		goto error;
+	}
+
+	if (parent_is_generated(info->parent)) {
+		if (init_tpm2_primary(info, *ctx, &parent_handle)) {
+			gnutls_assert();
+			goto error;
+		}
+	} else {
+		rc = _gnutls_tss2_Esys_TR_FromTPMPublic(*ctx, info->parent,
+					   ESYS_TR_NONE,
+					   ESYS_TR_NONE,
+					   ESYS_TR_NONE,
+					   &parent_handle);
+		if (rc) {
+			gnutls_assert();
+			_gnutls_debug_log("tpm2: Esys_TR_FromTPMPublic failed for parent 0x%x: 0x%x\n",
+					  info->parent, rc);
+			goto error;
+		}
+		/* If we don't already have a password (and haven't already authenticated
+		 * successfully), check the NODA flag on the parent and demand one if DA
+		 * protection is enabled (since that strongly implies there is a non-empty
+		 * password). */
+		if (!info->did_ownerauth && !info->ownerauth.size) {
+			TPM2B_PUBLIC *pub = NULL;
+
+			rc = _gnutls_tss2_Esys_ReadPublic(*ctx, parent_handle,
+					     ESYS_TR_NONE,
+					     ESYS_TR_NONE,
+					     ESYS_TR_NONE,
+					     &pub, NULL, NULL);
+			if (!rc &&
+			    !(pub->publicArea.objectAttributes & TPMA_OBJECT_NODA)) {
+				info->need_ownerauth = true;
+			}
+			_gnutls_tss2_Esys_Free(pub);
+		}
+	reauth:
+		if (info->need_ownerauth) {
+			char pass[GNUTLS_PKCS11_MAX_PIN_LEN];
+			if (tpm2_pin(info->pin_info, "tpm2:", "parent",
+				     pass, sizeof(pass))) {
+				return gnutls_assert_val(GNUTLS_E_TPM_KEY_PASSWORD_ERROR);
+			}
+			install_tpm_passphrase(&info->ownerauth, pass);
+			info->need_ownerauth = false;
+		}
+		rc = _gnutls_tss2_Esys_TR_SetAuth(*ctx, parent_handle, &info->ownerauth);
+		if (rc) {
+			gnutls_assert();
+			_gnutls_debug_log("tpm2: Esys_TR_SetAuth failed: 0x%x\n",
+					  rc);
+			goto error;
+		}
+	}
+
+	_gnutls_debug_log("tpm2: loading TPM2 key blob, parent handle 0x%x\n",
+			  parent_handle);
+
+	rc = _gnutls_tss2_Esys_Load(*ctx, parent_handle,
+		       ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
+		       &info->priv, &info->pub,
+		       key_handle);
+	if (rc_is_parent_auth_failed(rc)) {
+		gnutls_assert();
+		_gnutls_debug_log("tpm2: Esys_Load auth failed\n");
+		info->need_ownerauth = true;
+		goto reauth;
+	}
+	if (rc) {
+		gnutls_assert();
+		_gnutls_debug_log("tpm2: Esys_Load failed: 0x%x\n", rc);
+		goto error;
+	}
+	info->did_ownerauth = true;
+
+	if (parent_is_generated(info->parent)) {
+		rc = _gnutls_tss2_Esys_FlushContext(*ctx, parent_handle);
+		if (rc) {
+			_gnutls_debug_log("tpm2: Esys_FlushContext for generated primary failed: 0x%x\n",
+					  rc);
+		}
+		/* But it's non-fatal. */
+	}
+
+	return 0;
+ error:
+	if (parent_is_generated(info->parent) && parent_handle != ESYS_TR_NONE) {
+		_gnutls_tss2_Esys_FlushContext(*ctx, parent_handle);
+	}
+	if (*key_handle != ESYS_TR_NONE) {
+		_gnutls_tss2_Esys_FlushContext(*ctx, *key_handle);
+	}
+	*key_handle = ESYS_TR_NONE;
+
+	_gnutls_tss2_Esys_Finalize(ctx);
+	return GNUTLS_E_TPM_ERROR;
+}
+
+static int
+auth_tpm2_key(struct tpm2_info_st *info, ESYS_CONTEXT *ctx, ESYS_TR key_handle)
+{
+	TSS2_RC rc;
+
+	if (info->need_userauth) {
+		char pass[GNUTLS_PKCS11_MAX_PIN_LEN];
+		if (tpm2_pin(info->pin_info, "tpm2:", "key",
+			     pass, sizeof(pass))) {
+			return gnutls_assert_val(GNUTLS_E_TPM_KEY_PASSWORD_ERROR);
+		}
+
+		install_tpm_passphrase(&info->userauth, pass);
+		info->need_userauth = false;
+	}
+
+	rc = _gnutls_tss2_Esys_TR_SetAuth(ctx, key_handle, &info->userauth);
+	if (rc) {
+		_gnutls_debug_log("tpm2: Esys_TR_SetAuth failed: 0x%x\n", rc);
+		return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
+	}
+	return 0;
+}
+
+int tpm2_rsa_sign_hash_fn(gnutls_privkey_t key, gnutls_sign_algorithm_t algo,
+			  void *_info, unsigned int flags,
+			  const gnutls_datum_t *data, gnutls_datum_t *sig)
+{
+	struct tpm2_info_st *info = _info;
+	int ret;
+	ESYS_CONTEXT *ectx = NULL;
+	TPM2B_PUBLIC_KEY_RSA digest, *tsig = NULL;
+	TPM2B_DATA label = { .size = 0 };
+	TPMT_RSA_DECRYPT in_scheme = { .scheme = TPM2_ALG_NULL };
+	ESYS_TR key_handle = ESYS_TR_NONE;
+	const gnutls_sign_entry_st *se;
+	gnutls_x509_spki_st params;
+	TSS2_RC rc;
+
+	_gnutls_debug_log("tpm2: RSA (%s) sign function called for %d bytes\n",
+			  gnutls_sign_get_name(algo), data->size);
+
+	se = _gnutls_sign_to_entry(algo);
+	if (unlikely(se == NULL)) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	switch (se->pk) {
+	case GNUTLS_PK_RSA_PSS:
+		/* This code is a copy from privkey_sign_* functions and
+		 * exercised twice because gnutls_privkey_sign_hash_func
+		 * currently does not provide access to SPKI params
+		 * calculated. */
+		ret = _gnutls_privkey_get_spki_params(key, &params);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		flags |= GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS;
+		ret = _gnutls_privkey_update_spki_params(key,
+							 key->pk_algorithm,
+							 se->hash, flags,
+							 &params);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		FIX_SIGN_PARAMS(params, flags, se->hash);
+
+		digest.size = info->pub.publicArea.unique.rsa.size;
+		ret = _gnutls_rsa_pss_sign_pad(&params, tpm2_rsa_key_bits(info),
+					       data,
+					       digest.buffer, digest.size);
+		if (ret < 0) {
+			return gnutls_assert_val(GNUTLS_E_PK_SIGN_FAILED);
+		}
+		break;
+	case GNUTLS_PK_RSA:
+		digest.size = info->pub.publicArea.unique.rsa.size;
+		ret = _gnutls_rsa_pkcs1_sign_pad(tpm2_rsa_key_bits(info),
+						 data,
+						 digest.buffer, digest.size);
+		if (ret < 0) {
+			return gnutls_assert_val(GNUTLS_E_PK_SIGN_FAILED);
+		}
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	ret = init_tpm2_key(&ectx, &key_handle, info);
+	if (ret < 0) {
+		gnutls_assert();
+		goto out;
+	}
+ reauth:
+	ret = auth_tpm2_key(info, ectx, key_handle);
+	if (ret < 0) {
+		gnutls_assert();
+		goto out;
+	}
+
+	rc = _gnutls_tss2_Esys_RSA_Decrypt(ectx, key_handle,
+			      ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
+			      &digest, &in_scheme, &label, &tsig);
+	if (rc_is_key_auth_failed(rc)) {
+		gnutls_assert();
+		_gnutls_debug_log("tpm2: Esys_RSA_Decrypt auth failed\n");
+		info->need_userauth = true;
+		goto reauth;
+	}
+	if (rc) {
+		gnutls_assert();
+		_gnutls_debug_log("tpm2: failed to generate RSA signature: 0x%x\n", rc);
+		goto out;
+	}
+
+	ret = _gnutls_set_datum(sig, tsig->buffer, tsig->size);
+ out:
+	_gnutls_tss2_Esys_Free(tsig);
+
+	if (key_handle != ESYS_TR_NONE) {
+		_gnutls_tss2_Esys_FlushContext(ectx, key_handle);
+	}
+
+	if (ectx) {
+		_gnutls_tss2_Esys_Finalize(&ectx);
+	}
+
+	return ret;
+}
+
+int tpm2_ec_sign_hash_fn(gnutls_privkey_t key, gnutls_sign_algorithm_t algo,
+			 void *_info, unsigned int flags,
+			 const gnutls_datum_t *data, gnutls_datum_t *sig)
+{
+	struct tpm2_info_st *info = _info;
+	int ret;
+	ESYS_CONTEXT *ectx = NULL;
+	TPM2B_DIGEST digest;
+	TPMT_SIGNATURE *tsig = NULL;
+	ESYS_TR key_handle = ESYS_TR_NONE;
+	TSS2_RC rc;
+	TPMT_TK_HASHCHECK validation = { .tag = TPM2_ST_HASHCHECK,
+					 .hierarchy = TPM2_RH_NULL,
+					 .digest.size = 0 };
+	TPMT_SIG_SCHEME in_scheme = { .scheme = TPM2_ALG_ECDSA };
+	gnutls_datum_t sig_r, sig_s;
+
+	_gnutls_debug_log("tpm2: EC sign function called for %d bytes\n",
+			  data->size);
+
+	switch (algo) {
+	case GNUTLS_SIGN_ECDSA_SHA1:
+		in_scheme.details.ecdsa.hashAlg = TPM2_ALG_SHA1;
+		break;
+	case GNUTLS_SIGN_ECDSA_SHA256:
+	case GNUTLS_SIGN_ECDSA_SECP256R1_SHA256:
+		in_scheme.details.ecdsa.hashAlg = TPM2_ALG_SHA256;
+		break;
+	case GNUTLS_SIGN_ECDSA_SHA384:
+	case GNUTLS_SIGN_ECDSA_SECP384R1_SHA384:
+		in_scheme.details.ecdsa.hashAlg = TPM2_ALG_SHA384;
+		break;
+	case GNUTLS_SIGN_ECDSA_SHA512:
+	case GNUTLS_SIGN_ECDSA_SECP521R1_SHA512:
+		in_scheme.details.ecdsa.hashAlg = TPM2_ALG_SHA512;
+		break;
+	default:
+		_gnutls_debug_log("tpm2: Unknown TPM2 EC digest size %d\n",
+				  data->size);
+		return GNUTLS_E_PK_SIGN_FAILED;
+	}
+
+	memcpy(digest.buffer, data->data, data->size);
+	digest.size = data->size;
+
+	ret = init_tpm2_key(&ectx, &key_handle, info);
+	if (ret < 0) {
+		gnutls_assert();
+		goto out;
+	}
+ reauth:
+	ret = auth_tpm2_key(info, ectx, key_handle);
+	if (ret < 0) {
+		gnutls_assert();
+		goto out;
+	}
+
+	rc = _gnutls_tss2_Esys_Sign(ectx, key_handle,
+		       ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
+		       &digest, &in_scheme, &validation,
+		       &tsig);
+	if (rc_is_key_auth_failed(rc)) {
+		_gnutls_debug_log("tpm2: Esys_Sign auth failed\n");
+		info->need_userauth = true;
+		goto reauth;
+	}
+	if (rc) {
+		_gnutls_debug_log("tpm2: failed to generate EC signature: 0x%x\n", rc);
+		goto out;
+	}
+
+	sig_r.data = tsig->signature.ecdsa.signatureR.buffer;
+	sig_r.size = tsig->signature.ecdsa.signatureR.size;
+	sig_s.data = tsig->signature.ecdsa.signatureS.buffer;
+	sig_s.size = tsig->signature.ecdsa.signatureS.size;
+
+	ret = gnutls_encode_rs_value(sig, &sig_r, &sig_s);
+ out:
+	_gnutls_tss2_Esys_Free(tsig);
+
+	if (key_handle != ESYS_TR_NONE) {
+		_gnutls_tss2_Esys_FlushContext(ectx, key_handle);
+	}
+
+	if (ectx) {
+		_gnutls_tss2_Esys_Finalize(&ectx);
+	}
+
+	return ret;
+}
+
+GNUTLS_ONCE(tpm2_esys_once);
+
+static void
+tpm2_esys_once_init(void)
+{
+	const char *tcti;
+	const char * const tcti_vars[] = {
+		"GNUTLS_TPM2_TCTI",
+		"TPM2TOOLS_TCTI",
+		"TCTI",
+		"TEST_TCTI"
+	};
+	size_t i;
+	TSS2_RC rc;
+
+	if (init_tss2_funcs() < 0) {
+		_gnutls_debug_log("tpm2: unable to initialize TSS2 functions\n");
+		return;
+	}
+
+	for (i = 0; i < sizeof(tcti_vars) / sizeof(tcti_vars[0]); i++) {
+		tcti = secure_getenv(tcti_vars[i]);
+		if (tcti && *tcti != '\0') {
+			_gnutls_debug_log("tpm2: TCTI configuration found in %s\n",
+					  tcti_vars[i]);
+			break;
+		}
+	}
+	if (tcti && *tcti != '\0') {
+		rc = _gnutls_tss2_Tss2_TctiLdr_Initialize(tcti, &tcti_ctx);
+		if (rc) {
+			_gnutls_debug_log("tpm2: TSS2_TctiLdr_Initialize failed: 0x%x\n",
+					  rc);
+		}
+	}
+}
+
+/* called by the global destructor through _gnutls_tpm2_deinit */
+void
+tpm2_esys_deinit(void)
+{
+	if (tcti_ctx) {
+		_gnutls_tss2_Tss2_TctiLdr_Finalize(&tcti_ctx);
+		tcti_ctx = NULL;
+	}
+	if (_gnutls_tss2_esys_dlhandle) {
+		dlclose(_gnutls_tss2_esys_dlhandle);
+		_gnutls_tss2_esys_dlhandle = NULL;
+	}
+	if (_gnutls_tss2_mu_dlhandle) {
+		dlclose(_gnutls_tss2_mu_dlhandle);
+		_gnutls_tss2_mu_dlhandle = NULL;
+	}
+	if (_gnutls_tss2_tctildr_dlhandle) {
+		dlclose(_gnutls_tss2_tctildr_dlhandle);
+		_gnutls_tss2_tctildr_dlhandle = NULL;
+	}
+}
+
+int install_tpm2_key(struct tpm2_info_st *info, gnutls_privkey_t pkey,
+		     unsigned int parent, bool emptyauth,
+		     gnutls_datum_t *privdata, gnutls_datum_t *pubdata)
+{
+	TSS2_RC rc;
+
+	(void)gnutls_once(&tpm2_esys_once, tpm2_esys_once_init);
+
+	if (!tcti_ctx) {
+		return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
+	}
+
+	if (!parent_is_persistent(parent) &&
+	    parent != TPM2_RH_OWNER && parent != TPM2_RH_NULL &&
+	    parent != TPM2_RH_ENDORSEMENT && parent != TPM2_RH_PLATFORM) {
+		_gnutls_debug_log("tpm2: Invalid TPM2 parent handle 0x%08x\n",
+				  parent);
+		return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
+	}
+
+	info->parent = parent;
+
+	rc = _gnutls_tss2_Tss2_MU_TPM2B_PRIVATE_Unmarshal(privdata->data, privdata->size, NULL,
+							     &info->priv);
+	if (rc) {
+		_gnutls_debug_log("tpm2: failed to import private key data: 0x%x\n",
+				  rc);
+		return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
+	}
+
+	rc = _gnutls_tss2_Tss2_MU_TPM2B_PUBLIC_Unmarshal(pubdata->data, pubdata->size, NULL,
+							    &info->pub);
+	if (rc) {
+		_gnutls_debug_log("tpm2: failed to import public key data: 0x%x\n",
+				  rc);
+		return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
+	}
+
+	info->need_userauth = !emptyauth;
+
+	switch (info->pub.publicArea.type) {
+	case TPM2_ALG_RSA:
+		return GNUTLS_PK_RSA;
+	case TPM2_ALG_ECC:
+		return GNUTLS_PK_ECDSA;
+	default:
+		_gnutls_debug_log("tpm2: unsupported key type %d\n",
+				  info->pub.publicArea.type);
+		return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
+	}
+}
+
+uint16_t tpm2_key_curve(struct tpm2_info_st *info)
+{
+	return info->pub.publicArea.parameters.eccDetail.curveID;
+}
+
+int tpm2_rsa_key_bits(struct tpm2_info_st *info)
+{
+	return info->pub.publicArea.parameters.rsaDetail.keyBits;
+}
+
+void release_tpm2_ctx(struct tpm2_info_st *info)
+{
+	if (info) {
+		zeroize_key(info->ownerauth.buffer,
+			    sizeof(info->ownerauth.buffer));
+		zeroize_key(info->userauth.buffer,
+			    sizeof(info->userauth.buffer));
+		gnutls_free(info);
+	}
+}
+
+void tpm2_deinit_fn(gnutls_privkey_t key, void *priv)
+{
+	release_tpm2_ctx(priv);
+}
+
+static gnutls_ecc_curve_t
+tpm2_curve_to_gnutls_curve(TPMI_ECC_CURVE curve) {
+	switch (curve) {
+	case TPM2_ECC_NIST_P192:
+		return GNUTLS_ECC_CURVE_SECP192R1;
+	case TPM2_ECC_NIST_P224:
+		return GNUTLS_ECC_CURVE_SECP224R1;
+	case TPM2_ECC_NIST_P256:
+		return GNUTLS_ECC_CURVE_SECP256R1;
+	case TPM2_ECC_NIST_P384:
+		return GNUTLS_ECC_CURVE_SECP384R1;
+	case TPM2_ECC_NIST_P521:
+		return GNUTLS_ECC_CURVE_SECP521R1;
+	default:
+		return GNUTLS_ECC_CURVE_INVALID;
+	}
+}
+
+static int
+convert_public_rsa(struct tpm2_info_st *info, gnutls_pk_params_st *params)
+{
+	int ret;
+	UINT32 exponent;
+
+	memset(params, 0, sizeof(gnutls_pk_params_st));
+
+	params->algo = GNUTLS_PK_RSA;
+	params->params_nr = 2;
+
+	ret = _gnutls_mpi_init_scan_nz(&params->params[RSA_MODULUS],
+				       info->pub.publicArea.unique.rsa.buffer,
+				       info->pub.publicArea.unique.rsa.size);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	exponent = info->pub.publicArea.parameters.rsaDetail.exponent;
+	if (exponent == 0) {
+		exponent = 0x10001;
+	}
+	ret = _gnutls_mpi_init(&params->params[RSA_PUB]);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+	_gnutls_mpi_set_ui(params->params[RSA_PUB], exponent);
+
+	return 0;
+}
+
+static int
+convert_public_ecc(struct tpm2_info_st *info, gnutls_pk_params_st *params)
+{
+	int ret;
+
+	TPMS_ECC_PARMS *detail = &info->pub.publicArea.parameters.eccDetail;
+	TPMS_ECC_POINT *point = &info->pub.publicArea.unique.ecc;
+
+	memset(params, 0, sizeof(gnutls_pk_params_st));
+
+	params->algo = GNUTLS_PK_ECDSA;
+	params->params_nr = 2;
+
+	ret = _gnutls_mpi_init_scan_nz(&params->params[ECC_X],
+				       point->x.buffer, point->x.size);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+	ret = _gnutls_mpi_init_scan_nz(&params->params[ECC_Y],
+				       point->y.buffer, point->y.size);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	params->curve = tpm2_curve_to_gnutls_curve(detail->curveID);
+	if (params->curve == GNUTLS_ECC_CURVE_INVALID) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	return 0;
+}
+
+int
+tpm2_convert_public(gnutls_privkey_t key,
+		    void *_info,
+		    gnutls_pk_params_st *params)
+{
+	struct tpm2_info_st *info = _info;
+
+	switch (info->pub.publicArea.type) {
+	case TPM2_ALG_RSA:
+		return convert_public_rsa(info, params);
+	case TPM2_ALG_ECC:
+		return convert_public_ecc(info, params);
+	default:
+		_gnutls_debug_log("tpm2: unsupported TPM2 key type %d\n",
+				  info->pub.publicArea.type);
+		return gnutls_assert_val(GNUTLS_E_TPM_ERROR);
+	}
+
+	return 0;
+}
diff --git a/lib/unistring/Makefile.am b/lib/unistring/Makefile.am
new file mode 100644
index 0000000..c942781
--- /dev/null
+++ b/lib/unistring/Makefile.am
@@ -0,0 +1,1092 @@
+## DO NOT EDIT! GENERATED AUTOMATICALLY!
+## Process this file with automake to produce Makefile.in.
+# Copyright (C) 2002-2021 Free Software Foundation, Inc.
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This file is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this file.  If not, see <https://www.gnu.org/licenses/>.
+#
+# As a special exception to the GNU General Public License,
+# this file may be distributed as part of a program that
+# contains a configuration script generated by Autoconf, under
+# the same distribution terms as the rest of that program.
+#
+# Generated by gnulib-tool.
+# Reproduce by:
+# gnulib-tool --import --local-dir=lib/unistring/override \
+#  --lib=libunistring \
+#  --source-base=lib/unistring \
+#  --m4-base=lib/unistring/m4 \
+#  --doc-base=doc \
+#  --tests-base=tests \
+#  --aux-dir=build-aux \
+#  --lgpl=3orGPLv2 \
+#  --no-conditional-dependencies \
+#  --libtool \
+#  --macro-prefix=unistring \
+#  unictype/category-all \
+#  unictype/property-default-ignorable-code-point \
+#  unictype/property-join-control \
+#  unictype/property-not-a-character \
+#  uninorm/nfc \
+#  uninorm/nfkc \
+#  uninorm/u16-normalize \
+#  uninorm/u32-normalize \
+#  uninorm/u8-normalize \
+#  unistr/u16-to-u8 \
+#  unistr/u32-to-u8 \
+#  unistr/u8-check \
+#  unistr/u8-to-u16 \
+#  unistr/u8-to-u32
+
+AUTOMAKE_OPTIONS = 1.11 gnits subdir-objects
+
+SUBDIRS =
+noinst_HEADERS =
+noinst_LIBRARIES =
+noinst_LTLIBRARIES =
+EXTRA_DIST =
+BUILT_SOURCES =
+SUFFIXES =
+MOSTLYCLEANFILES = core *.stackdump
+MOSTLYCLEANDIRS =
+CLEANFILES =
+DISTCLEANFILES =
+MAINTAINERCLEANFILES =
+# No GNU Make output.
+EXTRA_DIST += m4/gnulib-cache.m4
+
+AM_CPPFLAGS =
+AM_CFLAGS =
+
+noinst_LTLIBRARIES += libunistring.la
+
+libunistring_la_SOURCES =
+libunistring_la_LIBADD = $(unistring_LTLIBOBJS)
+libunistring_la_DEPENDENCIES = $(unistring_LTLIBOBJS)
+EXTRA_libunistring_la_SOURCES =
+libunistring_la_LDFLAGS = $(AM_LDFLAGS)
+libunistring_la_LDFLAGS += -no-undefined
+
+## begin gnulib module absolute-header
+
+# Use this preprocessor expression to decide whether #include_next works.
+# Do not rely on a 'configure'-time test for this, since the expression
+# might appear in an installed header, which is used by some other compiler.
+HAVE_INCLUDE_NEXT = (__GNUC__ || __clang__ || 60000000 <= __DECC_VER)
+
+## end   gnulib module absolute-header
+
+## begin gnulib module array-mergesort
+
+
+EXTRA_DIST += array-mergesort.h
+
+## end   gnulib module array-mergesort
+
+## begin gnulib module attribute
+
+
+EXTRA_DIST += attribute.h
+
+## end   gnulib module attribute
+
+## begin gnulib module gperf
+
+GPERF = gperf
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
+
+## end   gnulib module gperf
+
+## begin gnulib module limits-h
+
+BUILT_SOURCES += $(LIMITS_H)
+
+# We need the following in order to create <limits.h> when the system
+# doesn't have one that is compatible with GNU.
+if GL_GENERATE_LIMITS_H
+limits.h: limits.in.h $(top_builddir)/config.status
+	$(AM_V_GEN)rm -f $@-t $@ && \
+	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */' && \
+	  sed -e 's|@''GUARD_PREFIX''@|GL_UNISTRING|g' \
+	      -e 's|@''INCLUDE_NEXT''@|$(INCLUDE_NEXT)|g' \
+	      -e 's|@''PRAGMA_SYSTEM_HEADER''@|@PRAGMA_SYSTEM_HEADER@|g' \
+	      -e 's|@''PRAGMA_COLUMNS''@|@PRAGMA_COLUMNS@|g' \
+	      -e 's|@''NEXT_LIMITS_H''@|$(NEXT_LIMITS_H)|g' \
+	      < $(srcdir)/limits.in.h; \
+	} > $@-t && \
+	mv $@-t $@
+else
+limits.h: $(top_builddir)/config.status
+	rm -f $@
+endif
+MOSTLYCLEANFILES += limits.h limits.h-t
+
+EXTRA_DIST += limits.in.h
+
+## end   gnulib module limits-h
+
+## begin gnulib module snippet/unused-parameter
+
+# Because this Makefile snippet defines a variable used by other
+# gnulib Makefile snippets, it must be present in all makefiles that
+# need it. This is ensured by the applicability 'all' defined above.
+
+UNUSED_PARAMETER_H=$(srcdir)/unused-parameter.h
+
+EXTRA_DIST += unused-parameter.h
+
+## end   gnulib module snippet/unused-parameter
+
+## begin gnulib module stdbool
+
+BUILT_SOURCES += $(STDBOOL_H)
+
+# We need the following in order to create <stdbool.h> when the system
+# doesn't have one that works.
+if GL_GENERATE_STDBOOL_H
+stdbool.h: stdbool.in.h $(top_builddir)/config.status
+	$(AM_V_GEN)rm -f $@-t $@ && \
+	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \
+	  sed -e 's/@''HAVE__BOOL''@/$(HAVE__BOOL)/g' < $(srcdir)/stdbool.in.h; \
+	} > $@-t && \
+	mv $@-t $@
+else
+stdbool.h: $(top_builddir)/config.status
+	rm -f $@
+endif
+MOSTLYCLEANFILES += stdbool.h stdbool.h-t
+
+EXTRA_DIST += stdbool.in.h
+
+## end   gnulib module stdbool
+
+## begin gnulib module stdint
+
+BUILT_SOURCES += $(STDINT_H)
+
+# We need the following in order to create <stdint.h> when the system
+# doesn't have one that works with the given compiler.
+if GL_GENERATE_STDINT_H
+stdint.h: stdint.in.h $(top_builddir)/config.status
+	$(AM_V_GEN)rm -f $@-t $@ && \
+	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \
+	  sed -e 's|@''GUARD_PREFIX''@|GL_UNISTRING|g' \
+	      -e 's/@''HAVE_STDINT_H''@/$(HAVE_STDINT_H)/g' \
+	      -e 's|@''INCLUDE_NEXT''@|$(INCLUDE_NEXT)|g' \
+	      -e 's|@''PRAGMA_SYSTEM_HEADER''@|@PRAGMA_SYSTEM_HEADER@|g' \
+	      -e 's|@''PRAGMA_COLUMNS''@|@PRAGMA_COLUMNS@|g' \
+	      -e 's|@''NEXT_STDINT_H''@|$(NEXT_STDINT_H)|g' \
+	      -e 's/@''HAVE_C99_STDINT_H''@/$(HAVE_C99_STDINT_H)/g' \
+	      -e 's/@''HAVE_SYS_TYPES_H''@/$(HAVE_SYS_TYPES_H)/g' \
+	      -e 's/@''HAVE_INTTYPES_H''@/$(HAVE_INTTYPES_H)/g' \
+	      -e 's/@''HAVE_SYS_INTTYPES_H''@/$(HAVE_SYS_INTTYPES_H)/g' \
+	      -e 's/@''HAVE_SYS_BITYPES_H''@/$(HAVE_SYS_BITYPES_H)/g' \
+	      -e 's/@''HAVE_WCHAR_H''@/$(HAVE_WCHAR_H)/g' \
+	      -e 's/@''APPLE_UNIVERSAL_BUILD''@/$(APPLE_UNIVERSAL_BUILD)/g' \
+	      -e 's/@''BITSIZEOF_PTRDIFF_T''@/$(BITSIZEOF_PTRDIFF_T)/g' \
+	      -e 's/@''PTRDIFF_T_SUFFIX''@/$(PTRDIFF_T_SUFFIX)/g' \
+	      -e 's/@''BITSIZEOF_SIG_ATOMIC_T''@/$(BITSIZEOF_SIG_ATOMIC_T)/g' \
+	      -e 's/@''HAVE_SIGNED_SIG_ATOMIC_T''@/$(HAVE_SIGNED_SIG_ATOMIC_T)/g' \
+	      -e 's/@''SIG_ATOMIC_T_SUFFIX''@/$(SIG_ATOMIC_T_SUFFIX)/g' \
+	      -e 's/@''BITSIZEOF_SIZE_T''@/$(BITSIZEOF_SIZE_T)/g' \
+	      -e 's/@''SIZE_T_SUFFIX''@/$(SIZE_T_SUFFIX)/g' \
+	      -e 's/@''BITSIZEOF_WCHAR_T''@/$(BITSIZEOF_WCHAR_T)/g' \
+	      -e 's/@''HAVE_SIGNED_WCHAR_T''@/$(HAVE_SIGNED_WCHAR_T)/g' \
+	      -e 's/@''WCHAR_T_SUFFIX''@/$(WCHAR_T_SUFFIX)/g' \
+	      -e 's/@''BITSIZEOF_WINT_T''@/$(BITSIZEOF_WINT_T)/g' \
+	      -e 's/@''HAVE_SIGNED_WINT_T''@/$(HAVE_SIGNED_WINT_T)/g' \
+	      -e 's/@''WINT_T_SUFFIX''@/$(WINT_T_SUFFIX)/g' \
+	      -e 's/@''GNULIBHEADERS_OVERRIDE_WINT_T''@/$(GNULIBHEADERS_OVERRIDE_WINT_T)/g' \
+	      < $(srcdir)/stdint.in.h; \
+	} > $@-t && \
+	mv $@-t $@
+else
+stdint.h: $(top_builddir)/config.status
+	rm -f $@
+endif
+MOSTLYCLEANFILES += stdint.h stdint.h-t
+
+EXTRA_DIST += stdint.in.h
+
+## end   gnulib module stdint
+
+## begin gnulib module sys_types
+
+BUILT_SOURCES += sys/types.h
+
+# We need the following in order to create <sys/types.h> when the system
+# doesn't have one that works with the given compiler.
+sys/types.h: sys_types.in.h $(top_builddir)/config.status
+	$(AM_V_at)$(MKDIR_P) sys
+	$(AM_V_GEN)rm -f $@-t $@ && \
+	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \
+	  sed -e 's|@''GUARD_PREFIX''@|GL_UNISTRING|g' \
+	      -e 's|@''INCLUDE_NEXT''@|$(INCLUDE_NEXT)|g' \
+	      -e 's|@''PRAGMA_SYSTEM_HEADER''@|@PRAGMA_SYSTEM_HEADER@|g' \
+	      -e 's|@''PRAGMA_COLUMNS''@|@PRAGMA_COLUMNS@|g' \
+	      -e 's|@''NEXT_SYS_TYPES_H''@|$(NEXT_SYS_TYPES_H)|g' \
+	      -e 's|@''WINDOWS_64_BIT_OFF_T''@|$(WINDOWS_64_BIT_OFF_T)|g' \
+	      -e 's|@''WINDOWS_STAT_INODES''@|$(WINDOWS_STAT_INODES)|g' \
+	      < $(srcdir)/sys_types.in.h; \
+	} > $@-t && \
+	mv $@-t $@
+MOSTLYCLEANFILES += sys/types.h sys/types.h-t
+
+EXTRA_DIST += sys_types.in.h
+
+## end   gnulib module sys_types
+
+## begin gnulib module unictype/base
+
+BUILT_SOURCES += $(LIBUNISTRING_UNICTYPE_H)
+
+unictype.h: unictype.in.h
+	$(AM_V_GEN)rm -f $@-t $@ && \
+	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \
+	  cat $(srcdir)/unictype.in.h; \
+	} > $@-t && \
+	mv -f $@-t $@
+MOSTLYCLEANFILES += unictype.h unictype.h-t
+
+EXTRA_DIST += unictype.in.h
+
+## end   gnulib module unictype/base
+
+## begin gnulib module unictype/category-C
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_C
+libunistring_la_SOURCES += unictype/categ_C.c
+endif
+
+EXTRA_DIST += unictype/categ_C.h
+
+## end   gnulib module unictype/category-C
+
+## begin gnulib module unictype/category-Cc
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CC
+libunistring_la_SOURCES += unictype/categ_Cc.c
+endif
+
+EXTRA_DIST += unictype/categ_Cc.h
+
+## end   gnulib module unictype/category-Cc
+
+## begin gnulib module unictype/category-Cf
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CF
+libunistring_la_SOURCES += unictype/categ_Cf.c
+endif
+
+EXTRA_DIST += unictype/categ_Cf.h
+
+## end   gnulib module unictype/category-Cf
+
+## begin gnulib module unictype/category-Cn
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CN
+libunistring_la_SOURCES += unictype/categ_Cn.c
+endif
+
+EXTRA_DIST += unictype/categ_Cn.h
+
+## end   gnulib module unictype/category-Cn
+
+## begin gnulib module unictype/category-Co
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CO
+libunistring_la_SOURCES += unictype/categ_Co.c
+endif
+
+EXTRA_DIST += unictype/categ_Co.h
+
+## end   gnulib module unictype/category-Co
+
+## begin gnulib module unictype/category-Cs
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CS
+libunistring_la_SOURCES += unictype/categ_Cs.c
+endif
+
+EXTRA_DIST += unictype/categ_Cs.h
+
+## end   gnulib module unictype/category-Cs
+
+## begin gnulib module unictype/category-L
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_L
+libunistring_la_SOURCES += unictype/categ_L.c
+endif
+
+EXTRA_DIST += unictype/categ_L.h
+
+## end   gnulib module unictype/category-L
+
+## begin gnulib module unictype/category-LC
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LC
+libunistring_la_SOURCES += unictype/categ_LC.c
+endif
+
+EXTRA_DIST += unictype/categ_LC.h
+
+## end   gnulib module unictype/category-LC
+
+## begin gnulib module unictype/category-Ll
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LL
+libunistring_la_SOURCES += unictype/categ_Ll.c
+endif
+
+EXTRA_DIST += unictype/categ_Ll.h
+
+## end   gnulib module unictype/category-Ll
+
+## begin gnulib module unictype/category-Lm
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LM
+libunistring_la_SOURCES += unictype/categ_Lm.c
+endif
+
+EXTRA_DIST += unictype/categ_Lm.h
+
+## end   gnulib module unictype/category-Lm
+
+## begin gnulib module unictype/category-Lo
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LO
+libunistring_la_SOURCES += unictype/categ_Lo.c
+endif
+
+EXTRA_DIST += unictype/categ_Lo.h
+
+## end   gnulib module unictype/category-Lo
+
+## begin gnulib module unictype/category-Lt
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LT
+libunistring_la_SOURCES += unictype/categ_Lt.c
+endif
+
+EXTRA_DIST += unictype/categ_Lt.h
+
+## end   gnulib module unictype/category-Lt
+
+## begin gnulib module unictype/category-Lu
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LU
+libunistring_la_SOURCES += unictype/categ_Lu.c
+endif
+
+EXTRA_DIST += unictype/categ_Lu.h
+
+## end   gnulib module unictype/category-Lu
+
+## begin gnulib module unictype/category-M
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_M
+libunistring_la_SOURCES += unictype/categ_M.c
+endif
+
+EXTRA_DIST += unictype/categ_M.h
+
+## end   gnulib module unictype/category-M
+
+## begin gnulib module unictype/category-Mc
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_MC
+libunistring_la_SOURCES += unictype/categ_Mc.c
+endif
+
+EXTRA_DIST += unictype/categ_Mc.h
+
+## end   gnulib module unictype/category-Mc
+
+## begin gnulib module unictype/category-Me
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ME
+libunistring_la_SOURCES += unictype/categ_Me.c
+endif
+
+EXTRA_DIST += unictype/categ_Me.h
+
+## end   gnulib module unictype/category-Me
+
+## begin gnulib module unictype/category-Mn
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_MN
+libunistring_la_SOURCES += unictype/categ_Mn.c
+endif
+
+EXTRA_DIST += unictype/categ_Mn.h
+
+## end   gnulib module unictype/category-Mn
+
+## begin gnulib module unictype/category-N
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_N
+libunistring_la_SOURCES += unictype/categ_N.c
+endif
+
+EXTRA_DIST += unictype/categ_N.h
+
+## end   gnulib module unictype/category-N
+
+## begin gnulib module unictype/category-Nd
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ND
+libunistring_la_SOURCES += unictype/categ_Nd.c
+endif
+
+EXTRA_DIST += unictype/categ_Nd.h
+
+## end   gnulib module unictype/category-Nd
+
+## begin gnulib module unictype/category-Nl
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_NL
+libunistring_la_SOURCES += unictype/categ_Nl.c
+endif
+
+EXTRA_DIST += unictype/categ_Nl.h
+
+## end   gnulib module unictype/category-Nl
+
+## begin gnulib module unictype/category-No
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_NO
+libunistring_la_SOURCES += unictype/categ_No.c
+endif
+
+EXTRA_DIST += unictype/categ_No.h
+
+## end   gnulib module unictype/category-No
+
+## begin gnulib module unictype/category-P
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_P
+libunistring_la_SOURCES += unictype/categ_P.c
+endif
+
+EXTRA_DIST += unictype/categ_P.h
+
+## end   gnulib module unictype/category-P
+
+## begin gnulib module unictype/category-Pc
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PC
+libunistring_la_SOURCES += unictype/categ_Pc.c
+endif
+
+EXTRA_DIST += unictype/categ_Pc.h
+
+## end   gnulib module unictype/category-Pc
+
+## begin gnulib module unictype/category-Pd
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PD
+libunistring_la_SOURCES += unictype/categ_Pd.c
+endif
+
+EXTRA_DIST += unictype/categ_Pd.h
+
+## end   gnulib module unictype/category-Pd
+
+## begin gnulib module unictype/category-Pe
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PE
+libunistring_la_SOURCES += unictype/categ_Pe.c
+endif
+
+EXTRA_DIST += unictype/categ_Pe.h
+
+## end   gnulib module unictype/category-Pe
+
+## begin gnulib module unictype/category-Pf
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PF
+libunistring_la_SOURCES += unictype/categ_Pf.c
+endif
+
+EXTRA_DIST += unictype/categ_Pf.h
+
+## end   gnulib module unictype/category-Pf
+
+## begin gnulib module unictype/category-Pi
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PI
+libunistring_la_SOURCES += unictype/categ_Pi.c
+endif
+
+EXTRA_DIST += unictype/categ_Pi.h
+
+## end   gnulib module unictype/category-Pi
+
+## begin gnulib module unictype/category-Po
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PO
+libunistring_la_SOURCES += unictype/categ_Po.c
+endif
+
+EXTRA_DIST += unictype/categ_Po.h
+
+## end   gnulib module unictype/category-Po
+
+## begin gnulib module unictype/category-Ps
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PS
+libunistring_la_SOURCES += unictype/categ_Ps.c
+endif
+
+EXTRA_DIST += unictype/categ_Ps.h
+
+## end   gnulib module unictype/category-Ps
+
+## begin gnulib module unictype/category-S
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_S
+libunistring_la_SOURCES += unictype/categ_S.c
+endif
+
+EXTRA_DIST += unictype/categ_S.h
+
+## end   gnulib module unictype/category-S
+
+## begin gnulib module unictype/category-Sc
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_SC
+libunistring_la_SOURCES += unictype/categ_Sc.c
+endif
+
+EXTRA_DIST += unictype/categ_Sc.h
+
+## end   gnulib module unictype/category-Sc
+
+## begin gnulib module unictype/category-Sk
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_SK
+libunistring_la_SOURCES += unictype/categ_Sk.c
+endif
+
+EXTRA_DIST += unictype/categ_Sk.h
+
+## end   gnulib module unictype/category-Sk
+
+## begin gnulib module unictype/category-Sm
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_SM
+libunistring_la_SOURCES += unictype/categ_Sm.c
+endif
+
+EXTRA_DIST += unictype/categ_Sm.h
+
+## end   gnulib module unictype/category-Sm
+
+## begin gnulib module unictype/category-So
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_SO
+libunistring_la_SOURCES += unictype/categ_So.c
+endif
+
+EXTRA_DIST += unictype/categ_So.h
+
+## end   gnulib module unictype/category-So
+
+## begin gnulib module unictype/category-Z
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_Z
+libunistring_la_SOURCES += unictype/categ_Z.c
+endif
+
+EXTRA_DIST += unictype/categ_Z.h
+
+## end   gnulib module unictype/category-Z
+
+## begin gnulib module unictype/category-Zl
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ZL
+libunistring_la_SOURCES += unictype/categ_Zl.c
+endif
+
+EXTRA_DIST += unictype/categ_Zl.h
+
+## end   gnulib module unictype/category-Zl
+
+## begin gnulib module unictype/category-Zp
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ZP
+libunistring_la_SOURCES += unictype/categ_Zp.c
+endif
+
+EXTRA_DIST += unictype/categ_Zp.h
+
+## end   gnulib module unictype/category-Zp
+
+## begin gnulib module unictype/category-Zs
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ZS
+libunistring_la_SOURCES += unictype/categ_Zs.c
+endif
+
+EXTRA_DIST += unictype/categ_Zs.h
+
+## end   gnulib module unictype/category-Zs
+
+## begin gnulib module unictype/category-and
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_AND
+libunistring_la_SOURCES += unictype/categ_and.c
+endif
+
+## end   gnulib module unictype/category-and
+
+## begin gnulib module unictype/category-and-not
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_AND_NOT
+libunistring_la_SOURCES += unictype/categ_and_not.c
+endif
+
+## end   gnulib module unictype/category-and-not
+
+## begin gnulib module unictype/category-byname
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_BYNAME
+libunistring_la_SOURCES += unictype/categ_byname.c
+endif
+
+$(srcdir)/unictype/categ_byname.h: $(srcdir)/unictype/categ_byname.gperf
+	$(V_GPERF)$(GPERF) -m 10 $(srcdir)/unictype/categ_byname.gperf > $(srcdir)/unictype/categ_byname.h-t1 \
+	&& sed -e 's/^const/static const/' < $(srcdir)/unictype/categ_byname.h-t1 > $(srcdir)/unictype/categ_byname.h-t2 \
+	&& mv $(srcdir)/unictype/categ_byname.h-t2 $(srcdir)/unictype/categ_byname.h
+BUILT_SOURCES        += unictype/categ_byname.h
+MOSTLYCLEANFILES     += unictype/categ_byname.h-t1 unictype/categ_byname.h-t2
+MAINTAINERCLEANFILES += unictype/categ_byname.h
+EXTRA_DIST           += unictype/categ_byname.h
+
+EXTRA_DIST += unictype/categ_byname.gperf
+
+## end   gnulib module unictype/category-byname
+
+## begin gnulib module unictype/category-longname
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LONGNAME
+libunistring_la_SOURCES += unictype/categ_longname.c
+endif
+
+## end   gnulib module unictype/category-longname
+
+## begin gnulib module unictype/category-name
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_NAME
+libunistring_la_SOURCES += unictype/categ_name.c
+endif
+
+## end   gnulib module unictype/category-name
+
+## begin gnulib module unictype/category-none
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_NONE
+libunistring_la_SOURCES += unictype/categ_none.c
+endif
+
+## end   gnulib module unictype/category-none
+
+## begin gnulib module unictype/category-of
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_OF
+libunistring_la_SOURCES += unictype/categ_of.c
+endif
+
+EXTRA_DIST += unictype/categ_of.h
+
+## end   gnulib module unictype/category-of
+
+## begin gnulib module unictype/category-or
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_OR
+libunistring_la_SOURCES += unictype/categ_or.c
+endif
+
+## end   gnulib module unictype/category-or
+
+## begin gnulib module unictype/category-test
+
+if LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_TEST
+libunistring_la_SOURCES += unictype/categ_test.c
+endif
+
+EXTRA_DIST += unictype/bitmap.h
+
+## end   gnulib module unictype/category-test
+
+## begin gnulib module unictype/combining-class
+
+if LIBUNISTRING_COMPILE_UNICTYPE_COMBINING_CLASS
+libunistring_la_SOURCES += unictype/combiningclass.c
+endif
+
+EXTRA_DIST += unictype/combiningclass.h
+
+## end   gnulib module unictype/combining-class
+
+## begin gnulib module unictype/property-default-ignorable-code-point
+
+if LIBUNISTRING_COMPILE_UNICTYPE_PROPERTY_DEFAULT_IGNORABLE_CODE_POINT
+libunistring_la_SOURCES += unictype/pr_default_ignorable_code_point.c
+endif
+
+EXTRA_DIST += unictype/bitmap.h unictype/pr_default_ignorable_code_point.h
+
+## end   gnulib module unictype/property-default-ignorable-code-point
+
+## begin gnulib module unictype/property-join-control
+
+if LIBUNISTRING_COMPILE_UNICTYPE_PROPERTY_JOIN_CONTROL
+libunistring_la_SOURCES += unictype/pr_join_control.c
+endif
+
+EXTRA_DIST += unictype/bitmap.h unictype/pr_join_control.h
+
+## end   gnulib module unictype/property-join-control
+
+## begin gnulib module unictype/property-not-a-character
+
+if LIBUNISTRING_COMPILE_UNICTYPE_PROPERTY_NOT_A_CHARACTER
+libunistring_la_SOURCES += unictype/pr_not_a_character.c
+endif
+
+EXTRA_DIST += unictype/bitmap.h unictype/pr_not_a_character.h
+
+## end   gnulib module unictype/property-not-a-character
+
+## begin gnulib module uninorm/base
+
+BUILT_SOURCES += $(LIBUNISTRING_UNINORM_H)
+
+uninorm.h: uninorm.in.h
+	$(AM_V_GEN)rm -f $@-t $@ && \
+	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \
+	  cat $(srcdir)/uninorm.in.h; \
+	} > $@-t && \
+	mv -f $@-t $@
+MOSTLYCLEANFILES += uninorm.h uninorm.h-t
+
+EXTRA_DIST += uninorm.in.h
+
+## end   gnulib module uninorm/base
+
+## begin gnulib module uninorm/canonical-decomposition
+
+if LIBUNISTRING_COMPILE_UNINORM_CANONICAL_DECOMPOSITION
+libunistring_la_SOURCES += uninorm/canonical-decomposition.c
+endif
+
+## end   gnulib module uninorm/canonical-decomposition
+
+## begin gnulib module uninorm/compat-decomposition
+
+libunistring_la_SOURCES += uninorm/compat-decomposition.c
+
+EXTRA_DIST += uninorm/decompose-internal.h
+
+## end   gnulib module uninorm/compat-decomposition
+
+## begin gnulib module uninorm/composition
+
+if LIBUNISTRING_COMPILE_UNINORM_COMPOSITION
+libunistring_la_SOURCES += uninorm/composition.c
+endif
+
+$(srcdir)/uninorm/composition-table.h: $(srcdir)/uninorm/composition-table.gperf
+	$(V_GPERF)$(GPERF) -m 1 $(srcdir)/uninorm/composition-table.gperf > $(srcdir)/uninorm/composition-table.h-t1 \
+	&& sed -e 's/^const/static const/' < $(srcdir)/uninorm/composition-table.h-t1 > $(srcdir)/uninorm/composition-table.h-t2 \
+	&& mv $(srcdir)/uninorm/composition-table.h-t2 $(srcdir)/uninorm/composition-table.h
+BUILT_SOURCES        += uninorm/composition-table.h
+MOSTLYCLEANFILES     += uninorm/composition-table.h-t1 uninorm/composition-table.h-t2
+MAINTAINERCLEANFILES += uninorm/composition-table.h
+EXTRA_DIST           += uninorm/composition-table.h
+
+EXTRA_DIST += uninorm/composition-table.gperf
+
+## end   gnulib module uninorm/composition
+
+## begin gnulib module uninorm/decompose-internal
+
+libunistring_la_SOURCES += uninorm/decompose-internal.c
+
+EXTRA_DIST += uninorm/decompose-internal.h
+
+## end   gnulib module uninorm/decompose-internal
+
+## begin gnulib module uninorm/decomposition
+
+if LIBUNISTRING_COMPILE_UNINORM_DECOMPOSITION
+libunistring_la_SOURCES += uninorm/decomposition.c
+endif
+
+## end   gnulib module uninorm/decomposition
+
+## begin gnulib module uninorm/decomposition-table
+
+libunistring_la_SOURCES += uninorm/decomposition-table.c
+
+EXTRA_DIST += uninorm/decomposition-table.h uninorm/decomposition-table1.h uninorm/decomposition-table2.h
+
+## end   gnulib module uninorm/decomposition-table
+
+## begin gnulib module uninorm/nfc
+
+if LIBUNISTRING_COMPILE_UNINORM_NFC
+libunistring_la_SOURCES += uninorm/nfc.c
+endif
+
+EXTRA_DIST += uninorm/normalize-internal.h
+
+## end   gnulib module uninorm/nfc
+
+## begin gnulib module uninorm/nfd
+
+if LIBUNISTRING_COMPILE_UNINORM_NFD
+libunistring_la_SOURCES += uninorm/nfd.c
+endif
+
+EXTRA_DIST += uninorm/normalize-internal.h
+
+## end   gnulib module uninorm/nfd
+
+## begin gnulib module uninorm/nfkc
+
+if LIBUNISTRING_COMPILE_UNINORM_NFKC
+libunistring_la_SOURCES += uninorm/nfkc.c
+endif
+
+EXTRA_DIST += uninorm/normalize-internal.h
+
+## end   gnulib module uninorm/nfkc
+
+## begin gnulib module uninorm/nfkd
+
+if LIBUNISTRING_COMPILE_UNINORM_NFKD
+libunistring_la_SOURCES += uninorm/nfkd.c
+endif
+
+EXTRA_DIST += uninorm/normalize-internal.h
+
+## end   gnulib module uninorm/nfkd
+
+## begin gnulib module uninorm/u16-normalize
+
+if LIBUNISTRING_COMPILE_UNINORM_U16_NORMALIZE
+libunistring_la_SOURCES += uninorm/u16-normalize.c
+endif
+
+EXTRA_DIST += uninorm/normalize-internal.h uninorm/u-normalize-internal.h
+
+## end   gnulib module uninorm/u16-normalize
+
+## begin gnulib module uninorm/u32-normalize
+
+if LIBUNISTRING_COMPILE_UNINORM_U32_NORMALIZE
+libunistring_la_SOURCES += uninorm/u32-normalize.c
+endif
+
+EXTRA_DIST += uninorm/normalize-internal.h uninorm/u-normalize-internal.h
+
+## end   gnulib module uninorm/u32-normalize
+
+## begin gnulib module uninorm/u8-normalize
+
+if LIBUNISTRING_COMPILE_UNINORM_U8_NORMALIZE
+libunistring_la_SOURCES += uninorm/u8-normalize.c
+endif
+
+EXTRA_DIST += uninorm/normalize-internal.h uninorm/u-normalize-internal.h
+
+## end   gnulib module uninorm/u8-normalize
+
+## begin gnulib module unistr/base
+
+BUILT_SOURCES += $(LIBUNISTRING_UNISTR_H)
+
+unistr.h: unistr.in.h
+	$(AM_V_GEN)rm -f $@-t $@ && \
+	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \
+	  cat $(srcdir)/unistr.in.h; \
+	} > $@-t && \
+	mv -f $@-t $@
+MOSTLYCLEANFILES += unistr.h unistr.h-t
+
+EXTRA_DIST += unistr.in.h
+
+## end   gnulib module unistr/base
+
+## begin gnulib module unistr/u16-cpy
+
+if LIBUNISTRING_COMPILE_UNISTR_U16_CPY
+libunistring_la_SOURCES += unistr/u16-cpy.c
+endif
+
+EXTRA_DIST += unistr/u-cpy.h
+
+## end   gnulib module unistr/u16-cpy
+
+## begin gnulib module unistr/u16-mbtouc-unsafe
+
+if LIBUNISTRING_COMPILE_UNISTR_U16_MBTOUC_UNSAFE
+libunistring_la_SOURCES += unistr/u16-mbtouc-unsafe.c unistr/u16-mbtouc-unsafe-aux.c
+endif
+
+## end   gnulib module unistr/u16-mbtouc-unsafe
+
+## begin gnulib module unistr/u16-mbtoucr
+
+if LIBUNISTRING_COMPILE_UNISTR_U16_MBTOUCR
+libunistring_la_SOURCES += unistr/u16-mbtoucr.c
+endif
+
+## end   gnulib module unistr/u16-mbtoucr
+
+## begin gnulib module unistr/u16-to-u8
+
+if LIBUNISTRING_COMPILE_UNISTR_U16_TO_U8
+libunistring_la_SOURCES += unistr/u16-to-u8.c
+endif
+
+## end   gnulib module unistr/u16-to-u8
+
+## begin gnulib module unistr/u16-uctomb
+
+if LIBUNISTRING_COMPILE_UNISTR_U16_UCTOMB
+libunistring_la_SOURCES += unistr/u16-uctomb.c unistr/u16-uctomb-aux.c
+endif
+
+## end   gnulib module unistr/u16-uctomb
+
+## begin gnulib module unistr/u32-cpy
+
+if LIBUNISTRING_COMPILE_UNISTR_U32_CPY
+libunistring_la_SOURCES += unistr/u32-cpy.c
+endif
+
+EXTRA_DIST += unistr/u-cpy.h
+
+## end   gnulib module unistr/u32-cpy
+
+## begin gnulib module unistr/u32-mbtouc-unsafe
+
+if LIBUNISTRING_COMPILE_UNISTR_U32_MBTOUC_UNSAFE
+libunistring_la_SOURCES += unistr/u32-mbtouc-unsafe.c
+endif
+
+## end   gnulib module unistr/u32-mbtouc-unsafe
+
+## begin gnulib module unistr/u32-to-u8
+
+if LIBUNISTRING_COMPILE_UNISTR_U32_TO_U8
+libunistring_la_SOURCES += unistr/u32-to-u8.c
+endif
+
+## end   gnulib module unistr/u32-to-u8
+
+## begin gnulib module unistr/u32-uctomb
+
+if LIBUNISTRING_COMPILE_UNISTR_U32_UCTOMB
+libunistring_la_SOURCES += unistr/u32-uctomb.c
+endif
+
+## end   gnulib module unistr/u32-uctomb
+
+## begin gnulib module unistr/u8-check
+
+if LIBUNISTRING_COMPILE_UNISTR_U8_CHECK
+libunistring_la_SOURCES += unistr/u8-check.c
+endif
+
+## end   gnulib module unistr/u8-check
+
+## begin gnulib module unistr/u8-cpy
+
+if LIBUNISTRING_COMPILE_UNISTR_U8_CPY
+libunistring_la_SOURCES += unistr/u8-cpy.c
+endif
+
+EXTRA_DIST += unistr/u-cpy.h
+
+## end   gnulib module unistr/u8-cpy
+
+## begin gnulib module unistr/u8-mbtouc-unsafe
+
+if LIBUNISTRING_COMPILE_UNISTR_U8_MBTOUC_UNSAFE
+libunistring_la_SOURCES += unistr/u8-mbtouc-unsafe.c unistr/u8-mbtouc-unsafe-aux.c
+endif
+
+## end   gnulib module unistr/u8-mbtouc-unsafe
+
+## begin gnulib module unistr/u8-mbtoucr
+
+if LIBUNISTRING_COMPILE_UNISTR_U8_MBTOUCR
+libunistring_la_SOURCES += unistr/u8-mbtoucr.c
+endif
+
+## end   gnulib module unistr/u8-mbtoucr
+
+## begin gnulib module unistr/u8-to-u16
+
+if LIBUNISTRING_COMPILE_UNISTR_U8_TO_U16
+libunistring_la_SOURCES += unistr/u8-to-u16.c
+endif
+
+## end   gnulib module unistr/u8-to-u16
+
+## begin gnulib module unistr/u8-to-u32
+
+if LIBUNISTRING_COMPILE_UNISTR_U8_TO_U32
+libunistring_la_SOURCES += unistr/u8-to-u32.c
+endif
+
+## end   gnulib module unistr/u8-to-u32
+
+## begin gnulib module unistr/u8-uctomb
+
+if LIBUNISTRING_COMPILE_UNISTR_U8_UCTOMB
+libunistring_la_SOURCES += unistr/u8-uctomb.c unistr/u8-uctomb-aux.c
+endif
+
+## end   gnulib module unistr/u8-uctomb
+
+## begin gnulib module unitypes
+
+BUILT_SOURCES += $(LIBUNISTRING_UNITYPES_H)
+
+unitypes.h: unitypes.in.h
+	$(AM_V_GEN)rm -f $@-t $@ && \
+	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \
+	  cat $(srcdir)/unitypes.in.h; \
+	} > $@-t && \
+	mv -f $@-t $@
+MOSTLYCLEANFILES += unitypes.h unitypes.h-t
+
+EXTRA_DIST += unitypes.in.h
+
+## end   gnulib module unitypes
+
+
+mostlyclean-local: mostlyclean-generic
+	@for dir in '' $(MOSTLYCLEANDIRS); do \
+	  if test -n "$$dir" && test -d $$dir; then \
+	    echo "rmdir $$dir"; rmdir $$dir; \
+	  fi; \
+	done; \
+	:
diff --git a/lib/unistring/Makefile.in b/lib/unistring/Makefile.in
new file mode 100644
index 0000000..9bfd553
--- /dev/null
+++ b/lib/unistring/Makefile.in
@@ -0,0 +1,3518 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2002-2021 Free Software Foundation, Inc.
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This file is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this file.  If not, see <https://www.gnu.org/licenses/>.
+#
+# As a special exception to the GNU General Public License,
+# this file may be distributed as part of a program that
+# contains a configuration script generated by Autoconf, under
+# the same distribution terms as the rest of that program.
+#
+# Generated by gnulib-tool.
+# Reproduce by:
+# gnulib-tool --import --local-dir=lib/unistring/override \
+#  --lib=libunistring \
+#  --source-base=lib/unistring \
+#  --m4-base=lib/unistring/m4 \
+#  --doc-base=doc \
+#  --tests-base=tests \
+#  --aux-dir=build-aux \
+#  --lgpl=3orGPLv2 \
+#  --no-conditional-dependencies \
+#  --libtool \
+#  --macro-prefix=unistring \
+#  unictype/category-all \
+#  unictype/property-default-ignorable-code-point \
+#  unictype/property-join-control \
+#  unictype/property-not-a-character \
+#  uninorm/nfc \
+#  uninorm/nfkc \
+#  uninorm/u16-normalize \
+#  uninorm/u32-normalize \
+#  uninorm/u8-normalize \
+#  unistr/u16-to-u8 \
+#  unistr/u32-to-u8 \
+#  unistr/u8-check \
+#  unistr/u8-to-u16 \
+#  unistr/u8-to-u32
+
+
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_C_TRUE@am__append_1 = unictype/categ_C.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CC_TRUE@am__append_2 = unictype/categ_Cc.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CF_TRUE@am__append_3 = unictype/categ_Cf.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CN_TRUE@am__append_4 = unictype/categ_Cn.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CO_TRUE@am__append_5 = unictype/categ_Co.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CS_TRUE@am__append_6 = unictype/categ_Cs.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_L_TRUE@am__append_7 = unictype/categ_L.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LC_TRUE@am__append_8 = unictype/categ_LC.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LL_TRUE@am__append_9 = unictype/categ_Ll.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LM_TRUE@am__append_10 = unictype/categ_Lm.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LO_TRUE@am__append_11 = unictype/categ_Lo.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LT_TRUE@am__append_12 = unictype/categ_Lt.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LU_TRUE@am__append_13 = unictype/categ_Lu.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_M_TRUE@am__append_14 = unictype/categ_M.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_MC_TRUE@am__append_15 = unictype/categ_Mc.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ME_TRUE@am__append_16 = unictype/categ_Me.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_MN_TRUE@am__append_17 = unictype/categ_Mn.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_N_TRUE@am__append_18 = unictype/categ_N.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ND_TRUE@am__append_19 = unictype/categ_Nd.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_NL_TRUE@am__append_20 = unictype/categ_Nl.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_NO_TRUE@am__append_21 = unictype/categ_No.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_P_TRUE@am__append_22 = unictype/categ_P.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PC_TRUE@am__append_23 = unictype/categ_Pc.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PD_TRUE@am__append_24 = unictype/categ_Pd.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PE_TRUE@am__append_25 = unictype/categ_Pe.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PF_TRUE@am__append_26 = unictype/categ_Pf.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PI_TRUE@am__append_27 = unictype/categ_Pi.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PO_TRUE@am__append_28 = unictype/categ_Po.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PS_TRUE@am__append_29 = unictype/categ_Ps.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_S_TRUE@am__append_30 = unictype/categ_S.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_SC_TRUE@am__append_31 = unictype/categ_Sc.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_SK_TRUE@am__append_32 = unictype/categ_Sk.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_SM_TRUE@am__append_33 = unictype/categ_Sm.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_SO_TRUE@am__append_34 = unictype/categ_So.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_Z_TRUE@am__append_35 = unictype/categ_Z.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ZL_TRUE@am__append_36 = unictype/categ_Zl.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ZP_TRUE@am__append_37 = unictype/categ_Zp.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ZS_TRUE@am__append_38 = unictype/categ_Zs.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_AND_TRUE@am__append_39 = unictype/categ_and.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_AND_NOT_TRUE@am__append_40 = unictype/categ_and_not.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_BYNAME_TRUE@am__append_41 = unictype/categ_byname.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LONGNAME_TRUE@am__append_42 = unictype/categ_longname.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_NAME_TRUE@am__append_43 = unictype/categ_name.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_NONE_TRUE@am__append_44 = unictype/categ_none.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_OF_TRUE@am__append_45 = unictype/categ_of.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_OR_TRUE@am__append_46 = unictype/categ_or.c
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_TEST_TRUE@am__append_47 = unictype/categ_test.c
+@LIBUNISTRING_COMPILE_UNICTYPE_COMBINING_CLASS_TRUE@am__append_48 = unictype/combiningclass.c
+@LIBUNISTRING_COMPILE_UNICTYPE_PROPERTY_DEFAULT_IGNORABLE_CODE_POINT_TRUE@am__append_49 = unictype/pr_default_ignorable_code_point.c
+@LIBUNISTRING_COMPILE_UNICTYPE_PROPERTY_JOIN_CONTROL_TRUE@am__append_50 = unictype/pr_join_control.c
+@LIBUNISTRING_COMPILE_UNICTYPE_PROPERTY_NOT_A_CHARACTER_TRUE@am__append_51 = unictype/pr_not_a_character.c
+@LIBUNISTRING_COMPILE_UNINORM_CANONICAL_DECOMPOSITION_TRUE@am__append_52 = uninorm/canonical-decomposition.c
+@LIBUNISTRING_COMPILE_UNINORM_COMPOSITION_TRUE@am__append_53 = uninorm/composition.c
+@LIBUNISTRING_COMPILE_UNINORM_DECOMPOSITION_TRUE@am__append_54 = uninorm/decomposition.c
+@LIBUNISTRING_COMPILE_UNINORM_NFC_TRUE@am__append_55 = uninorm/nfc.c
+@LIBUNISTRING_COMPILE_UNINORM_NFD_TRUE@am__append_56 = uninorm/nfd.c
+@LIBUNISTRING_COMPILE_UNINORM_NFKC_TRUE@am__append_57 = uninorm/nfkc.c
+@LIBUNISTRING_COMPILE_UNINORM_NFKD_TRUE@am__append_58 = uninorm/nfkd.c
+@LIBUNISTRING_COMPILE_UNINORM_U16_NORMALIZE_TRUE@am__append_59 = uninorm/u16-normalize.c
+@LIBUNISTRING_COMPILE_UNINORM_U32_NORMALIZE_TRUE@am__append_60 = uninorm/u32-normalize.c
+@LIBUNISTRING_COMPILE_UNINORM_U8_NORMALIZE_TRUE@am__append_61 = uninorm/u8-normalize.c
+@LIBUNISTRING_COMPILE_UNISTR_U16_CPY_TRUE@am__append_62 = unistr/u16-cpy.c
+@LIBUNISTRING_COMPILE_UNISTR_U16_MBTOUC_UNSAFE_TRUE@am__append_63 = unistr/u16-mbtouc-unsafe.c unistr/u16-mbtouc-unsafe-aux.c
+@LIBUNISTRING_COMPILE_UNISTR_U16_MBTOUCR_TRUE@am__append_64 = unistr/u16-mbtoucr.c
+@LIBUNISTRING_COMPILE_UNISTR_U16_TO_U8_TRUE@am__append_65 = unistr/u16-to-u8.c
+@LIBUNISTRING_COMPILE_UNISTR_U16_UCTOMB_TRUE@am__append_66 = unistr/u16-uctomb.c unistr/u16-uctomb-aux.c
+@LIBUNISTRING_COMPILE_UNISTR_U32_CPY_TRUE@am__append_67 = unistr/u32-cpy.c
+@LIBUNISTRING_COMPILE_UNISTR_U32_MBTOUC_UNSAFE_TRUE@am__append_68 = unistr/u32-mbtouc-unsafe.c
+@LIBUNISTRING_COMPILE_UNISTR_U32_TO_U8_TRUE@am__append_69 = unistr/u32-to-u8.c
+@LIBUNISTRING_COMPILE_UNISTR_U32_UCTOMB_TRUE@am__append_70 = unistr/u32-uctomb.c
+@LIBUNISTRING_COMPILE_UNISTR_U8_CHECK_TRUE@am__append_71 = unistr/u8-check.c
+@LIBUNISTRING_COMPILE_UNISTR_U8_CPY_TRUE@am__append_72 = unistr/u8-cpy.c
+@LIBUNISTRING_COMPILE_UNISTR_U8_MBTOUC_UNSAFE_TRUE@am__append_73 = unistr/u8-mbtouc-unsafe.c unistr/u8-mbtouc-unsafe-aux.c
+@LIBUNISTRING_COMPILE_UNISTR_U8_MBTOUCR_TRUE@am__append_74 = unistr/u8-mbtoucr.c
+@LIBUNISTRING_COMPILE_UNISTR_U8_TO_U16_TRUE@am__append_75 = unistr/u8-to-u16.c
+@LIBUNISTRING_COMPILE_UNISTR_U8_TO_U32_TRUE@am__append_76 = unistr/u8-to-u32.c
+@LIBUNISTRING_COMPILE_UNISTR_U8_UCTOMB_TRUE@am__append_77 = unistr/u8-uctomb.c unistr/u8-uctomb-aux.c
+subdir = lib/unistring
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(noinst_HEADERS) \
+	$(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+LIBRARIES = $(noinst_LIBRARIES)
+LTLIBRARIES = $(noinst_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+am__libunistring_la_SOURCES_DIST = unictype/categ_C.c \
+	unictype/categ_Cc.c unictype/categ_Cf.c unictype/categ_Cn.c \
+	unictype/categ_Co.c unictype/categ_Cs.c unictype/categ_L.c \
+	unictype/categ_LC.c unictype/categ_Ll.c unictype/categ_Lm.c \
+	unictype/categ_Lo.c unictype/categ_Lt.c unictype/categ_Lu.c \
+	unictype/categ_M.c unictype/categ_Mc.c unictype/categ_Me.c \
+	unictype/categ_Mn.c unictype/categ_N.c unictype/categ_Nd.c \
+	unictype/categ_Nl.c unictype/categ_No.c unictype/categ_P.c \
+	unictype/categ_Pc.c unictype/categ_Pd.c unictype/categ_Pe.c \
+	unictype/categ_Pf.c unictype/categ_Pi.c unictype/categ_Po.c \
+	unictype/categ_Ps.c unictype/categ_S.c unictype/categ_Sc.c \
+	unictype/categ_Sk.c unictype/categ_Sm.c unictype/categ_So.c \
+	unictype/categ_Z.c unictype/categ_Zl.c unictype/categ_Zp.c \
+	unictype/categ_Zs.c unictype/categ_and.c \
+	unictype/categ_and_not.c unictype/categ_byname.c \
+	unictype/categ_longname.c unictype/categ_name.c \
+	unictype/categ_none.c unictype/categ_of.c unictype/categ_or.c \
+	unictype/categ_test.c unictype/combiningclass.c \
+	unictype/pr_default_ignorable_code_point.c \
+	unictype/pr_join_control.c unictype/pr_not_a_character.c \
+	uninorm/canonical-decomposition.c \
+	uninorm/compat-decomposition.c uninorm/composition.c \
+	uninorm/decompose-internal.c uninorm/decomposition.c \
+	uninorm/decomposition-table.c uninorm/nfc.c uninorm/nfd.c \
+	uninorm/nfkc.c uninorm/nfkd.c uninorm/u16-normalize.c \
+	uninorm/u32-normalize.c uninorm/u8-normalize.c \
+	unistr/u16-cpy.c unistr/u16-mbtouc-unsafe.c \
+	unistr/u16-mbtouc-unsafe-aux.c unistr/u16-mbtoucr.c \
+	unistr/u16-to-u8.c unistr/u16-uctomb.c unistr/u16-uctomb-aux.c \
+	unistr/u32-cpy.c unistr/u32-mbtouc-unsafe.c unistr/u32-to-u8.c \
+	unistr/u32-uctomb.c unistr/u8-check.c unistr/u8-cpy.c \
+	unistr/u8-mbtouc-unsafe.c unistr/u8-mbtouc-unsafe-aux.c \
+	unistr/u8-mbtoucr.c unistr/u8-to-u16.c unistr/u8-to-u32.c \
+	unistr/u8-uctomb.c unistr/u8-uctomb-aux.c
+am__dirstamp = $(am__leading_dot)dirstamp
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_C_TRUE@am__objects_1 = unictype/categ_C.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CC_TRUE@am__objects_2 = unictype/categ_Cc.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CF_TRUE@am__objects_3 = unictype/categ_Cf.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CN_TRUE@am__objects_4 = unictype/categ_Cn.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CO_TRUE@am__objects_5 = unictype/categ_Co.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_CS_TRUE@am__objects_6 = unictype/categ_Cs.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_L_TRUE@am__objects_7 = unictype/categ_L.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LC_TRUE@am__objects_8 = unictype/categ_LC.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LL_TRUE@am__objects_9 = unictype/categ_Ll.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LM_TRUE@am__objects_10 = unictype/categ_Lm.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LO_TRUE@am__objects_11 = unictype/categ_Lo.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LT_TRUE@am__objects_12 = unictype/categ_Lt.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LU_TRUE@am__objects_13 = unictype/categ_Lu.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_M_TRUE@am__objects_14 = unictype/categ_M.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_MC_TRUE@am__objects_15 = unictype/categ_Mc.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ME_TRUE@am__objects_16 = unictype/categ_Me.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_MN_TRUE@am__objects_17 = unictype/categ_Mn.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_N_TRUE@am__objects_18 = unictype/categ_N.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ND_TRUE@am__objects_19 = unictype/categ_Nd.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_NL_TRUE@am__objects_20 = unictype/categ_Nl.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_NO_TRUE@am__objects_21 = unictype/categ_No.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_P_TRUE@am__objects_22 = unictype/categ_P.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PC_TRUE@am__objects_23 = unictype/categ_Pc.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PD_TRUE@am__objects_24 = unictype/categ_Pd.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PE_TRUE@am__objects_25 = unictype/categ_Pe.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PF_TRUE@am__objects_26 = unictype/categ_Pf.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PI_TRUE@am__objects_27 = unictype/categ_Pi.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PO_TRUE@am__objects_28 = unictype/categ_Po.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_PS_TRUE@am__objects_29 = unictype/categ_Ps.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_S_TRUE@am__objects_30 = unictype/categ_S.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_SC_TRUE@am__objects_31 = unictype/categ_Sc.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_SK_TRUE@am__objects_32 = unictype/categ_Sk.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_SM_TRUE@am__objects_33 = unictype/categ_Sm.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_SO_TRUE@am__objects_34 = unictype/categ_So.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_Z_TRUE@am__objects_35 = unictype/categ_Z.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ZL_TRUE@am__objects_36 = unictype/categ_Zl.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ZP_TRUE@am__objects_37 = unictype/categ_Zp.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_ZS_TRUE@am__objects_38 = unictype/categ_Zs.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_AND_TRUE@am__objects_39 = unictype/categ_and.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_AND_NOT_TRUE@am__objects_40 = unictype/categ_and_not.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_BYNAME_TRUE@am__objects_41 = unictype/categ_byname.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_LONGNAME_TRUE@am__objects_42 = unictype/categ_longname.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_NAME_TRUE@am__objects_43 = unictype/categ_name.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_NONE_TRUE@am__objects_44 = unictype/categ_none.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_OF_TRUE@am__objects_45 = unictype/categ_of.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_OR_TRUE@am__objects_46 = unictype/categ_or.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_TEST_TRUE@am__objects_47 = unictype/categ_test.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_COMBINING_CLASS_TRUE@am__objects_48 = unictype/combiningclass.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_PROPERTY_DEFAULT_IGNORABLE_CODE_POINT_TRUE@am__objects_49 = unictype/pr_default_ignorable_code_point.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_PROPERTY_JOIN_CONTROL_TRUE@am__objects_50 = unictype/pr_join_control.lo
+@LIBUNISTRING_COMPILE_UNICTYPE_PROPERTY_NOT_A_CHARACTER_TRUE@am__objects_51 = unictype/pr_not_a_character.lo
+@LIBUNISTRING_COMPILE_UNINORM_CANONICAL_DECOMPOSITION_TRUE@am__objects_52 = uninorm/canonical-decomposition.lo
+@LIBUNISTRING_COMPILE_UNINORM_COMPOSITION_TRUE@am__objects_53 = uninorm/composition.lo
+@LIBUNISTRING_COMPILE_UNINORM_DECOMPOSITION_TRUE@am__objects_54 = uninorm/decomposition.lo
+@LIBUNISTRING_COMPILE_UNINORM_NFC_TRUE@am__objects_55 =  \
+@LIBUNISTRING_COMPILE_UNINORM_NFC_TRUE@	uninorm/nfc.lo
+@LIBUNISTRING_COMPILE_UNINORM_NFD_TRUE@am__objects_56 =  \
+@LIBUNISTRING_COMPILE_UNINORM_NFD_TRUE@	uninorm/nfd.lo
+@LIBUNISTRING_COMPILE_UNINORM_NFKC_TRUE@am__objects_57 =  \
+@LIBUNISTRING_COMPILE_UNINORM_NFKC_TRUE@	uninorm/nfkc.lo
+@LIBUNISTRING_COMPILE_UNINORM_NFKD_TRUE@am__objects_58 =  \
+@LIBUNISTRING_COMPILE_UNINORM_NFKD_TRUE@	uninorm/nfkd.lo
+@LIBUNISTRING_COMPILE_UNINORM_U16_NORMALIZE_TRUE@am__objects_59 = uninorm/u16-normalize.lo
+@LIBUNISTRING_COMPILE_UNINORM_U32_NORMALIZE_TRUE@am__objects_60 = uninorm/u32-normalize.lo
+@LIBUNISTRING_COMPILE_UNINORM_U8_NORMALIZE_TRUE@am__objects_61 = uninorm/u8-normalize.lo
+@LIBUNISTRING_COMPILE_UNISTR_U16_CPY_TRUE@am__objects_62 =  \
+@LIBUNISTRING_COMPILE_UNISTR_U16_CPY_TRUE@	unistr/u16-cpy.lo
+@LIBUNISTRING_COMPILE_UNISTR_U16_MBTOUC_UNSAFE_TRUE@am__objects_63 = unistr/u16-mbtouc-unsafe.lo \
+@LIBUNISTRING_COMPILE_UNISTR_U16_MBTOUC_UNSAFE_TRUE@	unistr/u16-mbtouc-unsafe-aux.lo
+@LIBUNISTRING_COMPILE_UNISTR_U16_MBTOUCR_TRUE@am__objects_64 = unistr/u16-mbtoucr.lo
+@LIBUNISTRING_COMPILE_UNISTR_U16_TO_U8_TRUE@am__objects_65 = unistr/u16-to-u8.lo
+@LIBUNISTRING_COMPILE_UNISTR_U16_UCTOMB_TRUE@am__objects_66 = unistr/u16-uctomb.lo \
+@LIBUNISTRING_COMPILE_UNISTR_U16_UCTOMB_TRUE@	unistr/u16-uctomb-aux.lo
+@LIBUNISTRING_COMPILE_UNISTR_U32_CPY_TRUE@am__objects_67 =  \
+@LIBUNISTRING_COMPILE_UNISTR_U32_CPY_TRUE@	unistr/u32-cpy.lo
+@LIBUNISTRING_COMPILE_UNISTR_U32_MBTOUC_UNSAFE_TRUE@am__objects_68 = unistr/u32-mbtouc-unsafe.lo
+@LIBUNISTRING_COMPILE_UNISTR_U32_TO_U8_TRUE@am__objects_69 = unistr/u32-to-u8.lo
+@LIBUNISTRING_COMPILE_UNISTR_U32_UCTOMB_TRUE@am__objects_70 = unistr/u32-uctomb.lo
+@LIBUNISTRING_COMPILE_UNISTR_U8_CHECK_TRUE@am__objects_71 =  \
+@LIBUNISTRING_COMPILE_UNISTR_U8_CHECK_TRUE@	unistr/u8-check.lo
+@LIBUNISTRING_COMPILE_UNISTR_U8_CPY_TRUE@am__objects_72 =  \
+@LIBUNISTRING_COMPILE_UNISTR_U8_CPY_TRUE@	unistr/u8-cpy.lo
+@LIBUNISTRING_COMPILE_UNISTR_U8_MBTOUC_UNSAFE_TRUE@am__objects_73 = unistr/u8-mbtouc-unsafe.lo \
+@LIBUNISTRING_COMPILE_UNISTR_U8_MBTOUC_UNSAFE_TRUE@	unistr/u8-mbtouc-unsafe-aux.lo
+@LIBUNISTRING_COMPILE_UNISTR_U8_MBTOUCR_TRUE@am__objects_74 = unistr/u8-mbtoucr.lo
+@LIBUNISTRING_COMPILE_UNISTR_U8_TO_U16_TRUE@am__objects_75 = unistr/u8-to-u16.lo
+@LIBUNISTRING_COMPILE_UNISTR_U8_TO_U32_TRUE@am__objects_76 = unistr/u8-to-u32.lo
+@LIBUNISTRING_COMPILE_UNISTR_U8_UCTOMB_TRUE@am__objects_77 = unistr/u8-uctomb.lo \
+@LIBUNISTRING_COMPILE_UNISTR_U8_UCTOMB_TRUE@	unistr/u8-uctomb-aux.lo
+am_libunistring_la_OBJECTS = $(am__objects_1) $(am__objects_2) \
+	$(am__objects_3) $(am__objects_4) $(am__objects_5) \
+	$(am__objects_6) $(am__objects_7) $(am__objects_8) \
+	$(am__objects_9) $(am__objects_10) $(am__objects_11) \
+	$(am__objects_12) $(am__objects_13) $(am__objects_14) \
+	$(am__objects_15) $(am__objects_16) $(am__objects_17) \
+	$(am__objects_18) $(am__objects_19) $(am__objects_20) \
+	$(am__objects_21) $(am__objects_22) $(am__objects_23) \
+	$(am__objects_24) $(am__objects_25) $(am__objects_26) \
+	$(am__objects_27) $(am__objects_28) $(am__objects_29) \
+	$(am__objects_30) $(am__objects_31) $(am__objects_32) \
+	$(am__objects_33) $(am__objects_34) $(am__objects_35) \
+	$(am__objects_36) $(am__objects_37) $(am__objects_38) \
+	$(am__objects_39) $(am__objects_40) $(am__objects_41) \
+	$(am__objects_42) $(am__objects_43) $(am__objects_44) \
+	$(am__objects_45) $(am__objects_46) $(am__objects_47) \
+	$(am__objects_48) $(am__objects_49) $(am__objects_50) \
+	$(am__objects_51) $(am__objects_52) \
+	uninorm/compat-decomposition.lo $(am__objects_53) \
+	uninorm/decompose-internal.lo $(am__objects_54) \
+	uninorm/decomposition-table.lo $(am__objects_55) \
+	$(am__objects_56) $(am__objects_57) $(am__objects_58) \
+	$(am__objects_59) $(am__objects_60) $(am__objects_61) \
+	$(am__objects_62) $(am__objects_63) $(am__objects_64) \
+	$(am__objects_65) $(am__objects_66) $(am__objects_67) \
+	$(am__objects_68) $(am__objects_69) $(am__objects_70) \
+	$(am__objects_71) $(am__objects_72) $(am__objects_73) \
+	$(am__objects_74) $(am__objects_75) $(am__objects_76) \
+	$(am__objects_77)
+libunistring_la_OBJECTS = $(am_libunistring_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+libunistring_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+	$(AM_CFLAGS) $(CFLAGS) $(libunistring_la_LDFLAGS) $(LDFLAGS) \
+	-o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = unictype/$(DEPDIR)/categ_C.Plo \
+	unictype/$(DEPDIR)/categ_Cc.Plo \
+	unictype/$(DEPDIR)/categ_Cf.Plo \
+	unictype/$(DEPDIR)/categ_Cn.Plo \
+	unictype/$(DEPDIR)/categ_Co.Plo \
+	unictype/$(DEPDIR)/categ_Cs.Plo unictype/$(DEPDIR)/categ_L.Plo \
+	unictype/$(DEPDIR)/categ_LC.Plo \
+	unictype/$(DEPDIR)/categ_Ll.Plo \
+	unictype/$(DEPDIR)/categ_Lm.Plo \
+	unictype/$(DEPDIR)/categ_Lo.Plo \
+	unictype/$(DEPDIR)/categ_Lt.Plo \
+	unictype/$(DEPDIR)/categ_Lu.Plo unictype/$(DEPDIR)/categ_M.Plo \
+	unictype/$(DEPDIR)/categ_Mc.Plo \
+	unictype/$(DEPDIR)/categ_Me.Plo \
+	unictype/$(DEPDIR)/categ_Mn.Plo unictype/$(DEPDIR)/categ_N.Plo \
+	unictype/$(DEPDIR)/categ_Nd.Plo \
+	unictype/$(DEPDIR)/categ_Nl.Plo \
+	unictype/$(DEPDIR)/categ_No.Plo unictype/$(DEPDIR)/categ_P.Plo \
+	unictype/$(DEPDIR)/categ_Pc.Plo \
+	unictype/$(DEPDIR)/categ_Pd.Plo \
+	unictype/$(DEPDIR)/categ_Pe.Plo \
+	unictype/$(DEPDIR)/categ_Pf.Plo \
+	unictype/$(DEPDIR)/categ_Pi.Plo \
+	unictype/$(DEPDIR)/categ_Po.Plo \
+	unictype/$(DEPDIR)/categ_Ps.Plo unictype/$(DEPDIR)/categ_S.Plo \
+	unictype/$(DEPDIR)/categ_Sc.Plo \
+	unictype/$(DEPDIR)/categ_Sk.Plo \
+	unictype/$(DEPDIR)/categ_Sm.Plo \
+	unictype/$(DEPDIR)/categ_So.Plo unictype/$(DEPDIR)/categ_Z.Plo \
+	unictype/$(DEPDIR)/categ_Zl.Plo \
+	unictype/$(DEPDIR)/categ_Zp.Plo \
+	unictype/$(DEPDIR)/categ_Zs.Plo \
+	unictype/$(DEPDIR)/categ_and.Plo \
+	unictype/$(DEPDIR)/categ_and_not.Plo \
+	unictype/$(DEPDIR)/categ_byname.Plo \
+	unictype/$(DEPDIR)/categ_longname.Plo \
+	unictype/$(DEPDIR)/categ_name.Plo \
+	unictype/$(DEPDIR)/categ_none.Plo \
+	unictype/$(DEPDIR)/categ_of.Plo \
+	unictype/$(DEPDIR)/categ_or.Plo \
+	unictype/$(DEPDIR)/categ_test.Plo \
+	unictype/$(DEPDIR)/combiningclass.Plo \
+	unictype/$(DEPDIR)/pr_default_ignorable_code_point.Plo \
+	unictype/$(DEPDIR)/pr_join_control.Plo \
+	unictype/$(DEPDIR)/pr_not_a_character.Plo \
+	uninorm/$(DEPDIR)/canonical-decomposition.Plo \
+	uninorm/$(DEPDIR)/compat-decomposition.Plo \
+	uninorm/$(DEPDIR)/composition.Plo \
+	uninorm/$(DEPDIR)/decompose-internal.Plo \
+	uninorm/$(DEPDIR)/decomposition-table.Plo \
+	uninorm/$(DEPDIR)/decomposition.Plo uninorm/$(DEPDIR)/nfc.Plo \
+	uninorm/$(DEPDIR)/nfd.Plo uninorm/$(DEPDIR)/nfkc.Plo \
+	uninorm/$(DEPDIR)/nfkd.Plo uninorm/$(DEPDIR)/u16-normalize.Plo \
+	uninorm/$(DEPDIR)/u32-normalize.Plo \
+	uninorm/$(DEPDIR)/u8-normalize.Plo \
+	unistr/$(DEPDIR)/u16-cpy.Plo \
+	unistr/$(DEPDIR)/u16-mbtouc-unsafe-aux.Plo \
+	unistr/$(DEPDIR)/u16-mbtouc-unsafe.Plo \
+	unistr/$(DEPDIR)/u16-mbtoucr.Plo \
+	unistr/$(DEPDIR)/u16-to-u8.Plo \
+	unistr/$(DEPDIR)/u16-uctomb-aux.Plo \
+	unistr/$(DEPDIR)/u16-uctomb.Plo unistr/$(DEPDIR)/u32-cpy.Plo \
+	unistr/$(DEPDIR)/u32-mbtouc-unsafe.Plo \
+	unistr/$(DEPDIR)/u32-to-u8.Plo unistr/$(DEPDIR)/u32-uctomb.Plo \
+	unistr/$(DEPDIR)/u8-check.Plo unistr/$(DEPDIR)/u8-cpy.Plo \
+	unistr/$(DEPDIR)/u8-mbtouc-unsafe-aux.Plo \
+	unistr/$(DEPDIR)/u8-mbtouc-unsafe.Plo \
+	unistr/$(DEPDIR)/u8-mbtoucr.Plo unistr/$(DEPDIR)/u8-to-u16.Plo \
+	unistr/$(DEPDIR)/u8-to-u32.Plo \
+	unistr/$(DEPDIR)/u8-uctomb-aux.Plo \
+	unistr/$(DEPDIR)/u8-uctomb.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+SOURCES = $(libunistring_la_SOURCES) $(EXTRA_libunistring_la_SOURCES)
+DIST_SOURCES = $(am__libunistring_la_SOURCES_DIST) \
+	$(EXTRA_libunistring_la_SOURCES)
+RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \
+	ctags-recursive dvi-recursive html-recursive info-recursive \
+	install-data-recursive install-dvi-recursive \
+	install-exec-recursive install-html-recursive \
+	install-info-recursive install-pdf-recursive \
+	install-ps-recursive install-recursive installcheck-recursive \
+	installdirs-recursive pdf-recursive ps-recursive \
+	tags-recursive uninstall-recursive
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+HEADERS = $(noinst_HEADERS)
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive	\
+  distclean-recursive maintainer-clean-recursive
+am__recursive_targets = \
+  $(RECURSIVE_TARGETS) \
+  $(RECURSIVE_CLEAN_TARGETS) \
+  $(am__extra_recursive_targets)
+AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
+	distdir distdir-am
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+DIST_SUBDIRS = $(SUBDIRS)
+am__DIST_COMMON = $(srcdir)/Makefile.in \
+	$(top_srcdir)/build-aux/depcomp
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+am__relativize = \
+  dir0=`pwd`; \
+  sed_first='s,^\([^/]*\)/.*$$,\1,'; \
+  sed_rest='s,^[^/]*/*,,'; \
+  sed_last='s,^.*/\([^/]*\)$$,\1,'; \
+  sed_butlast='s,/*[^/]*$$,,'; \
+  while test -n "$$dir1"; do \
+    first=`echo "$$dir1" | sed -e "$$sed_first"`; \
+    if test "$$first" != "."; then \
+      if test "$$first" = ".."; then \
+        dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \
+        dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \
+      else \
+        first2=`echo "$$dir2" | sed -e "$$sed_first"`; \
+        if test "$$first2" = "$$first"; then \
+          dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \
+        else \
+          dir2="../$$dir2"; \
+        fi; \
+        dir0="$$dir0"/"$$first"; \
+      fi; \
+    fi; \
+    dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \
+  done; \
+  reldir="$$dir2"
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = gperf
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+AUTOMAKE_OPTIONS = 1.11 gnits subdir-objects
+SUBDIRS = 
+noinst_HEADERS = 
+noinst_LIBRARIES = 
+noinst_LTLIBRARIES = libunistring.la
+# No GNU Make output.
+EXTRA_DIST = m4/gnulib-cache.m4 array-mergesort.h attribute.h \
+	limits.in.h unused-parameter.h stdbool.in.h stdint.in.h \
+	sys_types.in.h unictype.in.h unictype/categ_C.h \
+	unictype/categ_Cc.h unictype/categ_Cf.h unictype/categ_Cn.h \
+	unictype/categ_Co.h unictype/categ_Cs.h unictype/categ_L.h \
+	unictype/categ_LC.h unictype/categ_Ll.h unictype/categ_Lm.h \
+	unictype/categ_Lo.h unictype/categ_Lt.h unictype/categ_Lu.h \
+	unictype/categ_M.h unictype/categ_Mc.h unictype/categ_Me.h \
+	unictype/categ_Mn.h unictype/categ_N.h unictype/categ_Nd.h \
+	unictype/categ_Nl.h unictype/categ_No.h unictype/categ_P.h \
+	unictype/categ_Pc.h unictype/categ_Pd.h unictype/categ_Pe.h \
+	unictype/categ_Pf.h unictype/categ_Pi.h unictype/categ_Po.h \
+	unictype/categ_Ps.h unictype/categ_S.h unictype/categ_Sc.h \
+	unictype/categ_Sk.h unictype/categ_Sm.h unictype/categ_So.h \
+	unictype/categ_Z.h unictype/categ_Zl.h unictype/categ_Zp.h \
+	unictype/categ_Zs.h unictype/categ_byname.h \
+	unictype/categ_byname.gperf unictype/categ_of.h \
+	unictype/bitmap.h unictype/combiningclass.h unictype/bitmap.h \
+	unictype/pr_default_ignorable_code_point.h unictype/bitmap.h \
+	unictype/pr_join_control.h unictype/bitmap.h \
+	unictype/pr_not_a_character.h uninorm.in.h \
+	uninorm/decompose-internal.h uninorm/composition-table.h \
+	uninorm/composition-table.gperf uninorm/decompose-internal.h \
+	uninorm/decomposition-table.h uninorm/decomposition-table1.h \
+	uninorm/decomposition-table2.h uninorm/normalize-internal.h \
+	uninorm/normalize-internal.h uninorm/normalize-internal.h \
+	uninorm/normalize-internal.h uninorm/normalize-internal.h \
+	uninorm/u-normalize-internal.h uninorm/normalize-internal.h \
+	uninorm/u-normalize-internal.h uninorm/normalize-internal.h \
+	uninorm/u-normalize-internal.h unistr.in.h unistr/u-cpy.h \
+	unistr/u-cpy.h unistr/u-cpy.h unitypes.in.h
+BUILT_SOURCES = $(LIMITS_H) $(STDBOOL_H) $(STDINT_H) sys/types.h \
+	$(LIBUNISTRING_UNICTYPE_H) unictype/categ_byname.h \
+	$(LIBUNISTRING_UNINORM_H) uninorm/composition-table.h \
+	$(LIBUNISTRING_UNISTR_H) $(LIBUNISTRING_UNITYPES_H)
+SUFFIXES = 
+MOSTLYCLEANFILES = core *.stackdump limits.h limits.h-t stdbool.h \
+	stdbool.h-t stdint.h stdint.h-t sys/types.h sys/types.h-t \
+	unictype.h unictype.h-t unictype/categ_byname.h-t1 \
+	unictype/categ_byname.h-t2 uninorm.h uninorm.h-t \
+	uninorm/composition-table.h-t1 uninorm/composition-table.h-t2 \
+	unistr.h unistr.h-t unitypes.h unitypes.h-t
+MOSTLYCLEANDIRS = 
+CLEANFILES = 
+DISTCLEANFILES = 
+MAINTAINERCLEANFILES = unictype/categ_byname.h \
+	uninorm/composition-table.h
+AM_CPPFLAGS = 
+AM_CFLAGS = 
+libunistring_la_SOURCES = $(am__append_1) $(am__append_2) \
+	$(am__append_3) $(am__append_4) $(am__append_5) \
+	$(am__append_6) $(am__append_7) $(am__append_8) \
+	$(am__append_9) $(am__append_10) $(am__append_11) \
+	$(am__append_12) $(am__append_13) $(am__append_14) \
+	$(am__append_15) $(am__append_16) $(am__append_17) \
+	$(am__append_18) $(am__append_19) $(am__append_20) \
+	$(am__append_21) $(am__append_22) $(am__append_23) \
+	$(am__append_24) $(am__append_25) $(am__append_26) \
+	$(am__append_27) $(am__append_28) $(am__append_29) \
+	$(am__append_30) $(am__append_31) $(am__append_32) \
+	$(am__append_33) $(am__append_34) $(am__append_35) \
+	$(am__append_36) $(am__append_37) $(am__append_38) \
+	$(am__append_39) $(am__append_40) $(am__append_41) \
+	$(am__append_42) $(am__append_43) $(am__append_44) \
+	$(am__append_45) $(am__append_46) $(am__append_47) \
+	$(am__append_48) $(am__append_49) $(am__append_50) \
+	$(am__append_51) $(am__append_52) \
+	uninorm/compat-decomposition.c $(am__append_53) \
+	uninorm/decompose-internal.c $(am__append_54) \
+	uninorm/decomposition-table.c $(am__append_55) \
+	$(am__append_56) $(am__append_57) $(am__append_58) \
+	$(am__append_59) $(am__append_60) $(am__append_61) \
+	$(am__append_62) $(am__append_63) $(am__append_64) \
+	$(am__append_65) $(am__append_66) $(am__append_67) \
+	$(am__append_68) $(am__append_69) $(am__append_70) \
+	$(am__append_71) $(am__append_72) $(am__append_73) \
+	$(am__append_74) $(am__append_75) $(am__append_76) \
+	$(am__append_77)
+libunistring_la_LIBADD = $(unistring_LTLIBOBJS)
+libunistring_la_DEPENDENCIES = $(unistring_LTLIBOBJS)
+EXTRA_libunistring_la_SOURCES = 
+libunistring_la_LDFLAGS = $(AM_LDFLAGS) -no-undefined
+
+# Use this preprocessor expression to decide whether #include_next works.
+# Do not rely on a 'configure'-time test for this, since the expression
+# might appear in an installed header, which is used by some other compiler.
+HAVE_INCLUDE_NEXT = (__GNUC__ || __clang__ || 60000000 <= __DECC_VER)
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
+
+# Because this Makefile snippet defines a variable used by other
+# gnulib Makefile snippets, it must be present in all makefiles that
+# need it. This is ensured by the applicability 'all' defined above.
+UNUSED_PARAMETER_H = $(srcdir)/unused-parameter.h
+all: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) all-recursive
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am  $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnits lib/unistring/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --gnits lib/unistring/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-noinstLIBRARIES:
+	-test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES)
+
+clean-noinstLTLIBRARIES:
+	-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+	@list='$(noinst_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+unictype/$(am__dirstamp):
+	@$(MKDIR_P) unictype
+	@: > unictype/$(am__dirstamp)
+unictype/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) unictype/$(DEPDIR)
+	@: > unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_C.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Cc.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Cf.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Cn.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Co.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Cs.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_L.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_LC.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Ll.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Lm.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Lo.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Lt.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Lu.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_M.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Mc.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Me.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Mn.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_N.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Nd.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Nl.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_No.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_P.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Pc.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Pd.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Pe.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Pf.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Pi.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Po.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Ps.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_S.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Sc.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Sk.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Sm.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_So.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Z.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Zl.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Zp.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_Zs.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_and.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_and_not.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_byname.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_longname.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_name.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_none.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_of.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_or.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/categ_test.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/combiningclass.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/pr_default_ignorable_code_point.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/pr_join_control.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+unictype/pr_not_a_character.lo: unictype/$(am__dirstamp) \
+	unictype/$(DEPDIR)/$(am__dirstamp)
+uninorm/$(am__dirstamp):
+	@$(MKDIR_P) uninorm
+	@: > uninorm/$(am__dirstamp)
+uninorm/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) uninorm/$(DEPDIR)
+	@: > uninorm/$(DEPDIR)/$(am__dirstamp)
+uninorm/canonical-decomposition.lo: uninorm/$(am__dirstamp) \
+	uninorm/$(DEPDIR)/$(am__dirstamp)
+uninorm/compat-decomposition.lo: uninorm/$(am__dirstamp) \
+	uninorm/$(DEPDIR)/$(am__dirstamp)
+uninorm/composition.lo: uninorm/$(am__dirstamp) \
+	uninorm/$(DEPDIR)/$(am__dirstamp)
+uninorm/decompose-internal.lo: uninorm/$(am__dirstamp) \
+	uninorm/$(DEPDIR)/$(am__dirstamp)
+uninorm/decomposition.lo: uninorm/$(am__dirstamp) \
+	uninorm/$(DEPDIR)/$(am__dirstamp)
+uninorm/decomposition-table.lo: uninorm/$(am__dirstamp) \
+	uninorm/$(DEPDIR)/$(am__dirstamp)
+uninorm/nfc.lo: uninorm/$(am__dirstamp) \
+	uninorm/$(DEPDIR)/$(am__dirstamp)
+uninorm/nfd.lo: uninorm/$(am__dirstamp) \
+	uninorm/$(DEPDIR)/$(am__dirstamp)
+uninorm/nfkc.lo: uninorm/$(am__dirstamp) \
+	uninorm/$(DEPDIR)/$(am__dirstamp)
+uninorm/nfkd.lo: uninorm/$(am__dirstamp) \
+	uninorm/$(DEPDIR)/$(am__dirstamp)
+uninorm/u16-normalize.lo: uninorm/$(am__dirstamp) \
+	uninorm/$(DEPDIR)/$(am__dirstamp)
+uninorm/u32-normalize.lo: uninorm/$(am__dirstamp) \
+	uninorm/$(DEPDIR)/$(am__dirstamp)
+uninorm/u8-normalize.lo: uninorm/$(am__dirstamp) \
+	uninorm/$(DEPDIR)/$(am__dirstamp)
+unistr/$(am__dirstamp):
+	@$(MKDIR_P) unistr
+	@: > unistr/$(am__dirstamp)
+unistr/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) unistr/$(DEPDIR)
+	@: > unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u16-cpy.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u16-mbtouc-unsafe.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u16-mbtouc-unsafe-aux.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u16-mbtoucr.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u16-to-u8.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u16-uctomb.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u16-uctomb-aux.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u32-cpy.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u32-mbtouc-unsafe.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u32-to-u8.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u32-uctomb.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u8-check.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u8-cpy.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u8-mbtouc-unsafe.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u8-mbtouc-unsafe-aux.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u8-mbtoucr.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u8-to-u16.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u8-to-u32.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u8-uctomb.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+unistr/u8-uctomb-aux.lo: unistr/$(am__dirstamp) \
+	unistr/$(DEPDIR)/$(am__dirstamp)
+
+libunistring.la: $(libunistring_la_OBJECTS) $(libunistring_la_DEPENDENCIES) $(EXTRA_libunistring_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(libunistring_la_LINK)  $(libunistring_la_OBJECTS) $(libunistring_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+	-rm -f unictype/*.$(OBJEXT)
+	-rm -f unictype/*.lo
+	-rm -f uninorm/*.$(OBJEXT)
+	-rm -f uninorm/*.lo
+	-rm -f unistr/*.$(OBJEXT)
+	-rm -f unistr/*.lo
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_C.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Cc.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Cf.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Cn.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Co.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Cs.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_L.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_LC.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Ll.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Lm.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Lo.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Lt.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Lu.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_M.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Mc.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Me.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Mn.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_N.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Nd.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Nl.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_No.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_P.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Pc.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Pd.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Pe.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Pf.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Pi.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Po.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Ps.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_S.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Sc.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Sk.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Sm.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_So.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Z.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Zl.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Zp.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_Zs.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_and.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_and_not.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_byname.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_longname.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_name.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_none.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_of.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_or.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/categ_test.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/combiningclass.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/pr_default_ignorable_code_point.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/pr_join_control.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unictype/$(DEPDIR)/pr_not_a_character.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@uninorm/$(DEPDIR)/canonical-decomposition.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@uninorm/$(DEPDIR)/compat-decomposition.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@uninorm/$(DEPDIR)/composition.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@uninorm/$(DEPDIR)/decompose-internal.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@uninorm/$(DEPDIR)/decomposition-table.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@uninorm/$(DEPDIR)/decomposition.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@uninorm/$(DEPDIR)/nfc.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@uninorm/$(DEPDIR)/nfd.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@uninorm/$(DEPDIR)/nfkc.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@uninorm/$(DEPDIR)/nfkd.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@uninorm/$(DEPDIR)/u16-normalize.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@uninorm/$(DEPDIR)/u32-normalize.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@uninorm/$(DEPDIR)/u8-normalize.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u16-cpy.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u16-mbtouc-unsafe-aux.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u16-mbtouc-unsafe.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u16-mbtoucr.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u16-to-u8.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u16-uctomb-aux.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u16-uctomb.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u32-cpy.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u32-mbtouc-unsafe.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u32-to-u8.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u32-uctomb.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u8-check.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u8-cpy.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u8-mbtouc-unsafe-aux.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u8-mbtouc-unsafe.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u8-mbtoucr.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u8-to-u16.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u8-to-u32.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u8-uctomb-aux.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@unistr/$(DEPDIR)/u8-uctomb.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+	-rm -rf unictype/.libs unictype/_libs
+	-rm -rf uninorm/.libs uninorm/_libs
+	-rm -rf unistr/.libs unistr/_libs
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run 'make' without going through this Makefile.
+# To change the values of 'make' variables: instead of editing Makefiles,
+# (1) if the variable is set in 'config.status', edit 'config.status'
+#     (which will cause the Makefiles to be regenerated when you run 'make');
+# (2) otherwise, pass the desired values on the 'make' command line.
+$(am__recursive_targets):
+	@fail=; \
+	if $(am__make_keepgoing); then \
+	  failcom='fail=yes'; \
+	else \
+	  failcom='exit 1'; \
+	fi; \
+	dot_seen=no; \
+	target=`echo $@ | sed s/-recursive//`; \
+	case "$@" in \
+	  distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+	  *) list='$(SUBDIRS)' ;; \
+	esac; \
+	for subdir in $$list; do \
+	  echo "Making $$target in $$subdir"; \
+	  if test "$$subdir" = "."; then \
+	    dot_seen=yes; \
+	    local_target="$$target-am"; \
+	  else \
+	    local_target="$$target"; \
+	  fi; \
+	  ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+	  || eval $$failcom; \
+	done; \
+	if test "$$dot_seen" = "no"; then \
+	  $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+	fi; test -z "$$fail"
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-recursive
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+	  include_option=--etags-include; \
+	  empty_fix=.; \
+	else \
+	  include_option=--include; \
+	  empty_fix=; \
+	fi; \
+	list='$(SUBDIRS)'; for subdir in $$list; do \
+	  if test "$$subdir" = .; then :; else \
+	    test ! -f $$subdir/TAGS || \
+	      set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \
+	  fi; \
+	done; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-recursive
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-recursive
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+	@list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+	  if test "$$subdir" = .; then :; else \
+	    $(am__make_dryrun) \
+	      || test -d "$(distdir)/$$subdir" \
+	      || $(MKDIR_P) "$(distdir)/$$subdir" \
+	      || exit 1; \
+	    dir1=$$subdir; dir2="$(distdir)/$$subdir"; \
+	    $(am__relativize); \
+	    new_distdir=$$reldir; \
+	    dir1=$$subdir; dir2="$(top_distdir)"; \
+	    $(am__relativize); \
+	    new_top_distdir=$$reldir; \
+	    echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \
+	    echo "     am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \
+	    ($(am__cd) $$subdir && \
+	      $(MAKE) $(AM_MAKEFLAGS) \
+	        top_distdir="$$new_top_distdir" \
+	        distdir="$$new_distdir" \
+		am__remove_distdir=: \
+		am__skip_length_check=: \
+		am__skip_mode_fix=: \
+	        distdir) \
+	      || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) check-recursive
+all-am: Makefile $(LIBRARIES) $(LTLIBRARIES) $(HEADERS)
+installdirs: installdirs-recursive
+installdirs-am:
+install: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) install-recursive
+install-exec: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+	-test -z "$(MOSTLYCLEANFILES)" || rm -f $(MOSTLYCLEANFILES)
+
+clean-generic:
+	-test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+	-rm -f unictype/$(DEPDIR)/$(am__dirstamp)
+	-rm -f unictype/$(am__dirstamp)
+	-rm -f uninorm/$(DEPDIR)/$(am__dirstamp)
+	-rm -f uninorm/$(am__dirstamp)
+	-rm -f unistr/$(DEPDIR)/$(am__dirstamp)
+	-rm -f unistr/$(am__dirstamp)
+	-test -z "$(DISTCLEANFILES)" || rm -f $(DISTCLEANFILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+	-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
+	-test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES)
+clean: clean-recursive
+
+clean-am: clean-generic clean-libtool clean-noinstLIBRARIES \
+	clean-noinstLTLIBRARIES mostlyclean-am
+
+distclean: distclean-recursive
+		-rm -f unictype/$(DEPDIR)/categ_C.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Cc.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Cf.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Cn.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Co.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Cs.Plo
+	-rm -f unictype/$(DEPDIR)/categ_L.Plo
+	-rm -f unictype/$(DEPDIR)/categ_LC.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Ll.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Lm.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Lo.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Lt.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Lu.Plo
+	-rm -f unictype/$(DEPDIR)/categ_M.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Mc.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Me.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Mn.Plo
+	-rm -f unictype/$(DEPDIR)/categ_N.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Nd.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Nl.Plo
+	-rm -f unictype/$(DEPDIR)/categ_No.Plo
+	-rm -f unictype/$(DEPDIR)/categ_P.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Pc.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Pd.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Pe.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Pf.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Pi.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Po.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Ps.Plo
+	-rm -f unictype/$(DEPDIR)/categ_S.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Sc.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Sk.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Sm.Plo
+	-rm -f unictype/$(DEPDIR)/categ_So.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Z.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Zl.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Zp.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Zs.Plo
+	-rm -f unictype/$(DEPDIR)/categ_and.Plo
+	-rm -f unictype/$(DEPDIR)/categ_and_not.Plo
+	-rm -f unictype/$(DEPDIR)/categ_byname.Plo
+	-rm -f unictype/$(DEPDIR)/categ_longname.Plo
+	-rm -f unictype/$(DEPDIR)/categ_name.Plo
+	-rm -f unictype/$(DEPDIR)/categ_none.Plo
+	-rm -f unictype/$(DEPDIR)/categ_of.Plo
+	-rm -f unictype/$(DEPDIR)/categ_or.Plo
+	-rm -f unictype/$(DEPDIR)/categ_test.Plo
+	-rm -f unictype/$(DEPDIR)/combiningclass.Plo
+	-rm -f unictype/$(DEPDIR)/pr_default_ignorable_code_point.Plo
+	-rm -f unictype/$(DEPDIR)/pr_join_control.Plo
+	-rm -f unictype/$(DEPDIR)/pr_not_a_character.Plo
+	-rm -f uninorm/$(DEPDIR)/canonical-decomposition.Plo
+	-rm -f uninorm/$(DEPDIR)/compat-decomposition.Plo
+	-rm -f uninorm/$(DEPDIR)/composition.Plo
+	-rm -f uninorm/$(DEPDIR)/decompose-internal.Plo
+	-rm -f uninorm/$(DEPDIR)/decomposition-table.Plo
+	-rm -f uninorm/$(DEPDIR)/decomposition.Plo
+	-rm -f uninorm/$(DEPDIR)/nfc.Plo
+	-rm -f uninorm/$(DEPDIR)/nfd.Plo
+	-rm -f uninorm/$(DEPDIR)/nfkc.Plo
+	-rm -f uninorm/$(DEPDIR)/nfkd.Plo
+	-rm -f uninorm/$(DEPDIR)/u16-normalize.Plo
+	-rm -f uninorm/$(DEPDIR)/u32-normalize.Plo
+	-rm -f uninorm/$(DEPDIR)/u8-normalize.Plo
+	-rm -f unistr/$(DEPDIR)/u16-cpy.Plo
+	-rm -f unistr/$(DEPDIR)/u16-mbtouc-unsafe-aux.Plo
+	-rm -f unistr/$(DEPDIR)/u16-mbtouc-unsafe.Plo
+	-rm -f unistr/$(DEPDIR)/u16-mbtoucr.Plo
+	-rm -f unistr/$(DEPDIR)/u16-to-u8.Plo
+	-rm -f unistr/$(DEPDIR)/u16-uctomb-aux.Plo
+	-rm -f unistr/$(DEPDIR)/u16-uctomb.Plo
+	-rm -f unistr/$(DEPDIR)/u32-cpy.Plo
+	-rm -f unistr/$(DEPDIR)/u32-mbtouc-unsafe.Plo
+	-rm -f unistr/$(DEPDIR)/u32-to-u8.Plo
+	-rm -f unistr/$(DEPDIR)/u32-uctomb.Plo
+	-rm -f unistr/$(DEPDIR)/u8-check.Plo
+	-rm -f unistr/$(DEPDIR)/u8-cpy.Plo
+	-rm -f unistr/$(DEPDIR)/u8-mbtouc-unsafe-aux.Plo
+	-rm -f unistr/$(DEPDIR)/u8-mbtouc-unsafe.Plo
+	-rm -f unistr/$(DEPDIR)/u8-mbtoucr.Plo
+	-rm -f unistr/$(DEPDIR)/u8-to-u16.Plo
+	-rm -f unistr/$(DEPDIR)/u8-to-u32.Plo
+	-rm -f unistr/$(DEPDIR)/u8-uctomb-aux.Plo
+	-rm -f unistr/$(DEPDIR)/u8-uctomb.Plo
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+html-am:
+
+info: info-recursive
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-recursive
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-recursive
+
+install-html-am:
+
+install-info: install-info-recursive
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-recursive
+
+install-pdf-am:
+
+install-ps: install-ps-recursive
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+		-rm -f unictype/$(DEPDIR)/categ_C.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Cc.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Cf.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Cn.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Co.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Cs.Plo
+	-rm -f unictype/$(DEPDIR)/categ_L.Plo
+	-rm -f unictype/$(DEPDIR)/categ_LC.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Ll.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Lm.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Lo.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Lt.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Lu.Plo
+	-rm -f unictype/$(DEPDIR)/categ_M.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Mc.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Me.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Mn.Plo
+	-rm -f unictype/$(DEPDIR)/categ_N.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Nd.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Nl.Plo
+	-rm -f unictype/$(DEPDIR)/categ_No.Plo
+	-rm -f unictype/$(DEPDIR)/categ_P.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Pc.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Pd.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Pe.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Pf.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Pi.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Po.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Ps.Plo
+	-rm -f unictype/$(DEPDIR)/categ_S.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Sc.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Sk.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Sm.Plo
+	-rm -f unictype/$(DEPDIR)/categ_So.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Z.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Zl.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Zp.Plo
+	-rm -f unictype/$(DEPDIR)/categ_Zs.Plo
+	-rm -f unictype/$(DEPDIR)/categ_and.Plo
+	-rm -f unictype/$(DEPDIR)/categ_and_not.Plo
+	-rm -f unictype/$(DEPDIR)/categ_byname.Plo
+	-rm -f unictype/$(DEPDIR)/categ_longname.Plo
+	-rm -f unictype/$(DEPDIR)/categ_name.Plo
+	-rm -f unictype/$(DEPDIR)/categ_none.Plo
+	-rm -f unictype/$(DEPDIR)/categ_of.Plo
+	-rm -f unictype/$(DEPDIR)/categ_or.Plo
+	-rm -f unictype/$(DEPDIR)/categ_test.Plo
+	-rm -f unictype/$(DEPDIR)/combiningclass.Plo
+	-rm -f unictype/$(DEPDIR)/pr_default_ignorable_code_point.Plo
+	-rm -f unictype/$(DEPDIR)/pr_join_control.Plo
+	-rm -f unictype/$(DEPDIR)/pr_not_a_character.Plo
+	-rm -f uninorm/$(DEPDIR)/canonical-decomposition.Plo
+	-rm -f uninorm/$(DEPDIR)/compat-decomposition.Plo
+	-rm -f uninorm/$(DEPDIR)/composition.Plo
+	-rm -f uninorm/$(DEPDIR)/decompose-internal.Plo
+	-rm -f uninorm/$(DEPDIR)/decomposition-table.Plo
+	-rm -f uninorm/$(DEPDIR)/decomposition.Plo
+	-rm -f uninorm/$(DEPDIR)/nfc.Plo
+	-rm -f uninorm/$(DEPDIR)/nfd.Plo
+	-rm -f uninorm/$(DEPDIR)/nfkc.Plo
+	-rm -f uninorm/$(DEPDIR)/nfkd.Plo
+	-rm -f uninorm/$(DEPDIR)/u16-normalize.Plo
+	-rm -f uninorm/$(DEPDIR)/u32-normalize.Plo
+	-rm -f uninorm/$(DEPDIR)/u8-normalize.Plo
+	-rm -f unistr/$(DEPDIR)/u16-cpy.Plo
+	-rm -f unistr/$(DEPDIR)/u16-mbtouc-unsafe-aux.Plo
+	-rm -f unistr/$(DEPDIR)/u16-mbtouc-unsafe.Plo
+	-rm -f unistr/$(DEPDIR)/u16-mbtoucr.Plo
+	-rm -f unistr/$(DEPDIR)/u16-to-u8.Plo
+	-rm -f unistr/$(DEPDIR)/u16-uctomb-aux.Plo
+	-rm -f unistr/$(DEPDIR)/u16-uctomb.Plo
+	-rm -f unistr/$(DEPDIR)/u32-cpy.Plo
+	-rm -f unistr/$(DEPDIR)/u32-mbtouc-unsafe.Plo
+	-rm -f unistr/$(DEPDIR)/u32-to-u8.Plo
+	-rm -f unistr/$(DEPDIR)/u32-uctomb.Plo
+	-rm -f unistr/$(DEPDIR)/u8-check.Plo
+	-rm -f unistr/$(DEPDIR)/u8-cpy.Plo
+	-rm -f unistr/$(DEPDIR)/u8-mbtouc-unsafe-aux.Plo
+	-rm -f unistr/$(DEPDIR)/u8-mbtouc-unsafe.Plo
+	-rm -f unistr/$(DEPDIR)/u8-mbtoucr.Plo
+	-rm -f unistr/$(DEPDIR)/u8-to-u16.Plo
+	-rm -f unistr/$(DEPDIR)/u8-to-u32.Plo
+	-rm -f unistr/$(DEPDIR)/u8-uctomb-aux.Plo
+	-rm -f unistr/$(DEPDIR)/u8-uctomb.Plo
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool mostlyclean-local
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: $(am__recursive_targets) all check install install-am \
+	install-exec install-strip
+
+.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \
+	am--depfiles check check-am clean clean-generic clean-libtool \
+	clean-noinstLIBRARIES clean-noinstLTLIBRARIES cscopelist-am \
+	ctags ctags-am distclean distclean-compile distclean-generic \
+	distclean-libtool distclean-tags distdir dvi dvi-am html \
+	html-am info info-am install install-am install-data \
+	install-data-am install-dvi install-dvi-am install-exec \
+	install-exec-am install-html install-html-am install-info \
+	install-info-am install-man install-pdf install-pdf-am \
+	install-ps install-ps-am install-strip installcheck \
+	installcheck-am installdirs installdirs-am maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool mostlyclean-local pdf \
+	pdf-am ps ps-am tags tags-am uninstall uninstall-am
+
+.PRECIOUS: Makefile
+
+
+# We need the following in order to create <limits.h> when the system
+# doesn't have one that is compatible with GNU.
+@GL_GENERATE_LIMITS_H_TRUE@limits.h: limits.in.h $(top_builddir)/config.status
+@GL_GENERATE_LIMITS_H_TRUE@	$(AM_V_GEN)rm -f $@-t $@ && \
+@GL_GENERATE_LIMITS_H_TRUE@	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */' && \
+@GL_GENERATE_LIMITS_H_TRUE@	  sed -e 's|@''GUARD_PREFIX''@|GL_UNISTRING|g' \
+@GL_GENERATE_LIMITS_H_TRUE@	      -e 's|@''INCLUDE_NEXT''@|$(INCLUDE_NEXT)|g' \
+@GL_GENERATE_LIMITS_H_TRUE@	      -e 's|@''PRAGMA_SYSTEM_HEADER''@|@PRAGMA_SYSTEM_HEADER@|g' \
+@GL_GENERATE_LIMITS_H_TRUE@	      -e 's|@''PRAGMA_COLUMNS''@|@PRAGMA_COLUMNS@|g' \
+@GL_GENERATE_LIMITS_H_TRUE@	      -e 's|@''NEXT_LIMITS_H''@|$(NEXT_LIMITS_H)|g' \
+@GL_GENERATE_LIMITS_H_TRUE@	      < $(srcdir)/limits.in.h; \
+@GL_GENERATE_LIMITS_H_TRUE@	} > $@-t && \
+@GL_GENERATE_LIMITS_H_TRUE@	mv $@-t $@
+@GL_GENERATE_LIMITS_H_FALSE@limits.h: $(top_builddir)/config.status
+@GL_GENERATE_LIMITS_H_FALSE@	rm -f $@
+
+# We need the following in order to create <stdbool.h> when the system
+# doesn't have one that works.
+@GL_GENERATE_STDBOOL_H_TRUE@stdbool.h: stdbool.in.h $(top_builddir)/config.status
+@GL_GENERATE_STDBOOL_H_TRUE@	$(AM_V_GEN)rm -f $@-t $@ && \
+@GL_GENERATE_STDBOOL_H_TRUE@	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \
+@GL_GENERATE_STDBOOL_H_TRUE@	  sed -e 's/@''HAVE__BOOL''@/$(HAVE__BOOL)/g' < $(srcdir)/stdbool.in.h; \
+@GL_GENERATE_STDBOOL_H_TRUE@	} > $@-t && \
+@GL_GENERATE_STDBOOL_H_TRUE@	mv $@-t $@
+@GL_GENERATE_STDBOOL_H_FALSE@stdbool.h: $(top_builddir)/config.status
+@GL_GENERATE_STDBOOL_H_FALSE@	rm -f $@
+
+# We need the following in order to create <stdint.h> when the system
+# doesn't have one that works with the given compiler.
+@GL_GENERATE_STDINT_H_TRUE@stdint.h: stdint.in.h $(top_builddir)/config.status
+@GL_GENERATE_STDINT_H_TRUE@	$(AM_V_GEN)rm -f $@-t $@ && \
+@GL_GENERATE_STDINT_H_TRUE@	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \
+@GL_GENERATE_STDINT_H_TRUE@	  sed -e 's|@''GUARD_PREFIX''@|GL_UNISTRING|g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''HAVE_STDINT_H''@/$(HAVE_STDINT_H)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's|@''INCLUDE_NEXT''@|$(INCLUDE_NEXT)|g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's|@''PRAGMA_SYSTEM_HEADER''@|@PRAGMA_SYSTEM_HEADER@|g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's|@''PRAGMA_COLUMNS''@|@PRAGMA_COLUMNS@|g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's|@''NEXT_STDINT_H''@|$(NEXT_STDINT_H)|g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''HAVE_C99_STDINT_H''@/$(HAVE_C99_STDINT_H)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''HAVE_SYS_TYPES_H''@/$(HAVE_SYS_TYPES_H)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''HAVE_INTTYPES_H''@/$(HAVE_INTTYPES_H)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''HAVE_SYS_INTTYPES_H''@/$(HAVE_SYS_INTTYPES_H)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''HAVE_SYS_BITYPES_H''@/$(HAVE_SYS_BITYPES_H)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''HAVE_WCHAR_H''@/$(HAVE_WCHAR_H)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''APPLE_UNIVERSAL_BUILD''@/$(APPLE_UNIVERSAL_BUILD)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''BITSIZEOF_PTRDIFF_T''@/$(BITSIZEOF_PTRDIFF_T)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''PTRDIFF_T_SUFFIX''@/$(PTRDIFF_T_SUFFIX)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''BITSIZEOF_SIG_ATOMIC_T''@/$(BITSIZEOF_SIG_ATOMIC_T)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''HAVE_SIGNED_SIG_ATOMIC_T''@/$(HAVE_SIGNED_SIG_ATOMIC_T)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''SIG_ATOMIC_T_SUFFIX''@/$(SIG_ATOMIC_T_SUFFIX)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''BITSIZEOF_SIZE_T''@/$(BITSIZEOF_SIZE_T)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''SIZE_T_SUFFIX''@/$(SIZE_T_SUFFIX)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''BITSIZEOF_WCHAR_T''@/$(BITSIZEOF_WCHAR_T)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''HAVE_SIGNED_WCHAR_T''@/$(HAVE_SIGNED_WCHAR_T)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''WCHAR_T_SUFFIX''@/$(WCHAR_T_SUFFIX)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''BITSIZEOF_WINT_T''@/$(BITSIZEOF_WINT_T)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''HAVE_SIGNED_WINT_T''@/$(HAVE_SIGNED_WINT_T)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''WINT_T_SUFFIX''@/$(WINT_T_SUFFIX)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      -e 's/@''GNULIBHEADERS_OVERRIDE_WINT_T''@/$(GNULIBHEADERS_OVERRIDE_WINT_T)/g' \
+@GL_GENERATE_STDINT_H_TRUE@	      < $(srcdir)/stdint.in.h; \
+@GL_GENERATE_STDINT_H_TRUE@	} > $@-t && \
+@GL_GENERATE_STDINT_H_TRUE@	mv $@-t $@
+@GL_GENERATE_STDINT_H_FALSE@stdint.h: $(top_builddir)/config.status
+@GL_GENERATE_STDINT_H_FALSE@	rm -f $@
+
+# We need the following in order to create <sys/types.h> when the system
+# doesn't have one that works with the given compiler.
+sys/types.h: sys_types.in.h $(top_builddir)/config.status
+	$(AM_V_at)$(MKDIR_P) sys
+	$(AM_V_GEN)rm -f $@-t $@ && \
+	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \
+	  sed -e 's|@''GUARD_PREFIX''@|GL_UNISTRING|g' \
+	      -e 's|@''INCLUDE_NEXT''@|$(INCLUDE_NEXT)|g' \
+	      -e 's|@''PRAGMA_SYSTEM_HEADER''@|@PRAGMA_SYSTEM_HEADER@|g' \
+	      -e 's|@''PRAGMA_COLUMNS''@|@PRAGMA_COLUMNS@|g' \
+	      -e 's|@''NEXT_SYS_TYPES_H''@|$(NEXT_SYS_TYPES_H)|g' \
+	      -e 's|@''WINDOWS_64_BIT_OFF_T''@|$(WINDOWS_64_BIT_OFF_T)|g' \
+	      -e 's|@''WINDOWS_STAT_INODES''@|$(WINDOWS_STAT_INODES)|g' \
+	      < $(srcdir)/sys_types.in.h; \
+	} > $@-t && \
+	mv $@-t $@
+
+unictype.h: unictype.in.h
+	$(AM_V_GEN)rm -f $@-t $@ && \
+	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \
+	  cat $(srcdir)/unictype.in.h; \
+	} > $@-t && \
+	mv -f $@-t $@
+
+$(srcdir)/unictype/categ_byname.h: $(srcdir)/unictype/categ_byname.gperf
+	$(V_GPERF)$(GPERF) -m 10 $(srcdir)/unictype/categ_byname.gperf > $(srcdir)/unictype/categ_byname.h-t1 \
+	&& sed -e 's/^const/static const/' < $(srcdir)/unictype/categ_byname.h-t1 > $(srcdir)/unictype/categ_byname.h-t2 \
+	&& mv $(srcdir)/unictype/categ_byname.h-t2 $(srcdir)/unictype/categ_byname.h
+
+uninorm.h: uninorm.in.h
+	$(AM_V_GEN)rm -f $@-t $@ && \
+	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \
+	  cat $(srcdir)/uninorm.in.h; \
+	} > $@-t && \
+	mv -f $@-t $@
+
+$(srcdir)/uninorm/composition-table.h: $(srcdir)/uninorm/composition-table.gperf
+	$(V_GPERF)$(GPERF) -m 1 $(srcdir)/uninorm/composition-table.gperf > $(srcdir)/uninorm/composition-table.h-t1 \
+	&& sed -e 's/^const/static const/' < $(srcdir)/uninorm/composition-table.h-t1 > $(srcdir)/uninorm/composition-table.h-t2 \
+	&& mv $(srcdir)/uninorm/composition-table.h-t2 $(srcdir)/uninorm/composition-table.h
+
+unistr.h: unistr.in.h
+	$(AM_V_GEN)rm -f $@-t $@ && \
+	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \
+	  cat $(srcdir)/unistr.in.h; \
+	} > $@-t && \
+	mv -f $@-t $@
+
+unitypes.h: unitypes.in.h
+	$(AM_V_GEN)rm -f $@-t $@ && \
+	{ echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \
+	  cat $(srcdir)/unitypes.in.h; \
+	} > $@-t && \
+	mv -f $@-t $@
+
+mostlyclean-local: mostlyclean-generic
+	@for dir in '' $(MOSTLYCLEANDIRS); do \
+	  if test -n "$$dir" && test -d $$dir; then \
+	    echo "rmdir $$dir"; rmdir $$dir; \
+	  fi; \
+	done; \
+	:
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/lib/unistring/array-mergesort.h b/lib/unistring/array-mergesort.h
new file mode 100644
index 0000000..7f997fc
--- /dev/null
+++ b/lib/unistring/array-mergesort.h
@@ -0,0 +1,290 @@
+/* Stable-sorting of an array using mergesort.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+/* This file implements stable sorting of an array, using the mergesort
+   algorithm.
+   Worst-case running time for an array of length N is O(N log N).
+   Unlike the mpsort module, the algorithm here attempts to minimize not
+   only the number of comparisons, but also the number of copying operations.
+
+   Before including this file, you need to define
+     ELEMENT      The type of every array element.
+     COMPARE      A two-argument macro that takes two 'const ELEMENT *'
+                  pointers and returns a negative, zero, or positive 'int'
+                  value if the element pointed to by the first argument is,
+                  respectively, less, equal, or greater than the element
+                  pointed to by the second argument.
+     STATIC       The storage class of the functions being defined.
+     STATIC_FROMTO  (Optional.) Overrides STATIC for the 'merge_sort_fromto'
+                    function.
+   Before including this file, you also need to include:
+     #include <stddef.h>
+ */
+
+/* Merge the sorted arrays src1[0..n1-1] and src2[0..n2-1] into
+   dst[0..n1+n2-1].  In case of ambiguity, put the elements of src1
+   before the elements of src2.
+   n1 and n2 must be > 0.
+   The arrays src1 and src2 must not overlap the dst array, except that
+   src1 may be dst[n2..n1+n2-1], or src2 may be dst[n1..n1+n2-1].  */
+static void
+merge (const ELEMENT *src1, size_t n1,
+       const ELEMENT *src2, size_t n2,
+       ELEMENT *dst)
+{
+  for (;;) /* while (n1 > 0 && n2 > 0) */
+    {
+      if (COMPARE (src1, src2) <= 0)
+        {
+          *dst++ = *src1++;
+          n1--;
+          if (n1 == 0)
+            break;
+        }
+      else
+        {
+          *dst++ = *src2++;
+          n2--;
+          if (n2 == 0)
+            break;
+        }
+    }
+  /* Here n1 == 0 || n2 == 0 but also n1 > 0 || n2 > 0.  */
+  if (n1 > 0)
+    {
+      if (dst != src1)
+        do
+          {
+            *dst++ = *src1++;
+            n1--;
+          }
+        while (n1 > 0);
+    }
+  else /* n2 > 0 */
+    {
+      if (dst != src2)
+        do
+          {
+            *dst++ = *src2++;
+            n2--;
+          }
+        while (n2 > 0);
+    }
+}
+
+/* Sort src[0..n-1] into dst[0..n-1], using tmp[0..n/2-1] as temporary
+   (scratch) storage.
+   The arrays src, dst, tmp must not overlap.  */
+#ifdef STATIC_FROMTO
+STATIC_FROMTO
+#else
+STATIC
+#endif
+void
+merge_sort_fromto (const ELEMENT *src, ELEMENT *dst, size_t n, ELEMENT *tmp)
+{
+  switch (n)
+    {
+    case 0:
+      return;
+    case 1:
+      /* Nothing to do.  */
+      dst[0] = src[0];
+      return;
+    case 2:
+      /* Trivial case.  */
+      if (COMPARE (&src[0], &src[1]) <= 0)
+        {
+          /* src[0] <= src[1] */
+          dst[0] = src[0];
+          dst[1] = src[1];
+        }
+      else
+        {
+          dst[0] = src[1];
+          dst[1] = src[0];
+        }
+      break;
+    case 3:
+      /* Simple case.  */
+      if (COMPARE (&src[0], &src[1]) <= 0)
+        {
+          if (COMPARE (&src[1], &src[2]) <= 0)
+            {
+              /* src[0] <= src[1] <= src[2] */
+              dst[0] = src[0];
+              dst[1] = src[1];
+              dst[2] = src[2];
+            }
+          else if (COMPARE (&src[0], &src[2]) <= 0)
+            {
+              /* src[0] <= src[2] < src[1] */
+              dst[0] = src[0];
+              dst[1] = src[2];
+              dst[2] = src[1];
+            }
+          else
+            {
+              /* src[2] < src[0] <= src[1] */
+              dst[0] = src[2];
+              dst[1] = src[0];
+              dst[2] = src[1];
+            }
+        }
+      else
+        {
+          if (COMPARE (&src[0], &src[2]) <= 0)
+            {
+              /* src[1] < src[0] <= src[2] */
+              dst[0] = src[1];
+              dst[1] = src[0];
+              dst[2] = src[2];
+            }
+          else if (COMPARE (&src[1], &src[2]) <= 0)
+            {
+              /* src[1] <= src[2] < src[0] */
+              dst[0] = src[1];
+              dst[1] = src[2];
+              dst[2] = src[0];
+            }
+          else
+            {
+              /* src[2] < src[1] < src[0] */
+              dst[0] = src[2];
+              dst[1] = src[1];
+              dst[2] = src[0];
+            }
+        }
+      break;
+    default:
+      {
+        size_t n1 = n / 2;
+        size_t n2 = (n + 1) / 2;
+        /* Note: n1 + n2 = n, n1 <= n2.  */
+        /* Sort src[n1..n-1] into dst[n1..n-1], scratching tmp[0..n2/2-1].  */
+        merge_sort_fromto (src + n1, dst + n1, n2, tmp);
+        /* Sort src[0..n1-1] into tmp[0..n1-1], scratching dst[0..n1-1].  */
+        merge_sort_fromto (src, tmp, n1, dst);
+        /* Merge the two half results.  */
+        merge (tmp, n1, dst + n1, n2, dst);
+      }
+      break;
+    }
+}
+
+/* Sort src[0..n-1], using tmp[0..n-1] as temporary (scratch) storage.
+   The arrays src, tmp must not overlap. */
+STATIC void
+merge_sort_inplace (ELEMENT *src, size_t n, ELEMENT *tmp)
+{
+  switch (n)
+    {
+    case 0:
+    case 1:
+      /* Nothing to do.  */
+      return;
+    case 2:
+      /* Trivial case.  */
+      if (COMPARE (&src[0], &src[1]) <= 0)
+        {
+          /* src[0] <= src[1] */
+        }
+      else
+        {
+          ELEMENT t = src[0];
+          src[0] = src[1];
+          src[1] = t;
+        }
+      break;
+    case 3:
+      /* Simple case.  */
+      if (COMPARE (&src[0], &src[1]) <= 0)
+        {
+          if (COMPARE (&src[1], &src[2]) <= 0)
+            {
+              /* src[0] <= src[1] <= src[2] */
+            }
+          else if (COMPARE (&src[0], &src[2]) <= 0)
+            {
+              /* src[0] <= src[2] < src[1] */
+              ELEMENT t = src[1];
+              src[1] = src[2];
+              src[2] = t;
+            }
+          else
+            {
+              /* src[2] < src[0] <= src[1] */
+              ELEMENT t = src[0];
+              src[0] = src[2];
+              src[2] = src[1];
+              src[1] = t;
+            }
+        }
+      else
+        {
+          if (COMPARE (&src[0], &src[2]) <= 0)
+            {
+              /* src[1] < src[0] <= src[2] */
+              ELEMENT t = src[0];
+              src[0] = src[1];
+              src[1] = t;
+            }
+          else if (COMPARE (&src[1], &src[2]) <= 0)
+            {
+              /* src[1] <= src[2] < src[0] */
+              ELEMENT t = src[0];
+              src[0] = src[1];
+              src[1] = src[2];
+              src[2] = t;
+            }
+          else
+            {
+              /* src[2] < src[1] < src[0] */
+              ELEMENT t = src[0];
+              src[0] = src[2];
+              src[2] = t;
+            }
+        }
+      break;
+    default:
+      {
+        size_t n1 = n / 2;
+        size_t n2 = (n + 1) / 2;
+        /* Note: n1 + n2 = n, n1 <= n2.  */
+        /* Sort src[n1..n-1], scratching tmp[0..n2-1].  */
+        merge_sort_inplace (src + n1, n2, tmp);
+        /* Sort src[0..n1-1] into tmp[0..n1-1], scratching tmp[n1..2*n1-1].  */
+        merge_sort_fromto (src, tmp, n1, tmp + n1);
+        /* Merge the two half results.  */
+        merge (tmp, n1, src + n1, n2, src);
+      }
+      break;
+    }
+}
+
+#undef ELEMENT
+#undef COMPARE
+#undef STATIC
diff --git a/lib/unistring/attribute.h b/lib/unistring/attribute.h
new file mode 100644
index 0000000..b7e573c
--- /dev/null
+++ b/lib/unistring/attribute.h
@@ -0,0 +1,227 @@
+/* ATTRIBUTE_* macros for using attributes in GCC and similar compilers
+
+   Copyright 2020-2021 Free Software Foundation, Inc.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+/* Written by Paul Eggert.  */
+
+/* Provide public ATTRIBUTE_* names for the private _GL_ATTRIBUTE_*
+   macros used within Gnulib.  */
+
+/* These attributes can be placed in two ways:
+     - At the start of a declaration (i.e. even before storage-class
+       specifiers!); then they apply to all entities that are declared
+       by the declaration.
+     - Immediately after the name of an entity being declared by the
+       declaration; then they apply to that entity only.  */
+
+#ifndef _GL_ATTRIBUTE_H
+#define _GL_ATTRIBUTE_H
+
+
+/* This file defines two types of attributes:
+   * C2X standard attributes.  These have macro names that do not begin with
+     'ATTRIBUTE_'.
+   * Selected GCC attributes; see:
+     https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html
+     https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html
+     https://gcc.gnu.org/onlinedocs/gcc/Common-Type-Attributes.html
+     These names begin with 'ATTRIBUTE_' to avoid name clashes.  */
+
+
+/* =============== Attributes for specific kinds of functions =============== */
+
+/* Attributes for functions that should not be used.  */
+
+/* Warn if the entity is used.  */
+/* Applies to:
+     - function, variable,
+     - struct, union, struct/union member,
+     - enumeration, enumeration item,
+     - typedef,
+   in C++ also: namespace, class, template specialization.  */
+#define DEPRECATED _GL_ATTRIBUTE_DEPRECATED
+
+/* If a function call is not optimized way, warn with MSG.  */
+/* Applies to: functions.  */
+#define ATTRIBUTE_WARNING(msg) _GL_ATTRIBUTE_WARNING (msg)
+
+/* If a function call is not optimized way, report an error with MSG.  */
+/* Applies to: functions.  */
+#define ATTRIBUTE_ERROR(msg) _GL_ATTRIBUTE_ERROR (msg)
+
+
+/* Attributes for memory-allocating functions.  */
+
+/* The function returns a pointer to freshly allocated memory.  */
+/* Applies to: functions.  */
+#define ATTRIBUTE_MALLOC _GL_ATTRIBUTE_MALLOC
+
+/* ATTRIBUTE_ALLOC_SIZE ((N)) - The Nth argument of the function
+   is the size of the returned memory block.
+   ATTRIBUTE_ALLOC_SIZE ((M, N)) - Multiply the Mth and Nth arguments
+   to determine the size of the returned memory block.  */
+/* Applies to: function, pointer to function, function types.  */
+#define ATTRIBUTE_ALLOC_SIZE(args) _GL_ATTRIBUTE_ALLOC_SIZE (args)
+
+
+/* Attributes for variadic functions.  */
+
+/* The variadic function expects a trailing NULL argument.
+   ATTRIBUTE_SENTINEL () - The last argument is NULL (requires C99).
+   ATTRIBUTE_SENTINEL ((N)) - The (N+1)st argument from the end is NULL.  */
+/* Applies to: functions.  */
+#define ATTRIBUTE_SENTINEL(pos) _GL_ATTRIBUTE_SENTINEL (pos)
+
+
+/* ================== Attributes for compiler diagnostics ================== */
+
+/* Attributes that help the compiler diagnose programmer mistakes.
+   Some of them may also help for some compiler optimizations.  */
+
+/* ATTRIBUTE_FORMAT ((ARCHETYPE, STRING-INDEX, FIRST-TO-CHECK)) -
+   The STRING-INDEXth function argument is a format string of style
+   ARCHETYPE, which is one of:
+     printf, gnu_printf
+     scanf, gnu_scanf,
+     strftime, gnu_strftime,
+     strfmon,
+   or the same thing prefixed and suffixed with '__'.
+   If FIRST-TO-CHECK is not 0, arguments starting at FIRST-TO_CHECK
+   are suitable for the format string.  */
+/* Applies to: functions.  */
+#define ATTRIBUTE_FORMAT(spec) _GL_ATTRIBUTE_FORMAT (spec)
+
+/* ATTRIBUTE_NONNULL ((N1, N2,...)) - Arguments N1, N2,... must not be NULL.
+   ATTRIBUTE_NONNULL () - All pointer arguments must not be null.  */
+/* Applies to: functions.  */
+#define ATTRIBUTE_NONNULL(args) _GL_ATTRIBUTE_NONNULL (args)
+
+/* The function's return value is a non-NULL pointer.  */
+/* Applies to: functions.  */
+#define ATTRIBUTE_RETURNS_NONNULL _GL_ATTRIBUTE_RETURNS_NONNULL
+
+/* Warn if the caller does not use the return value,
+   unless the caller uses something like ignore_value.  */
+/* Applies to: function, enumeration, class.  */
+#define NODISCARD _GL_ATTRIBUTE_NODISCARD
+
+
+/* Attributes that disable false alarms when the compiler diagnoses
+   programmer "mistakes".  */
+
+/* Do not warn if the entity is not used.  */
+/* Applies to:
+     - function, variable,
+     - struct, union, struct/union member,
+     - enumeration, enumeration item,
+     - typedef,
+   in C++ also: class.  */
+#define MAYBE_UNUSED _GL_ATTRIBUTE_MAYBE_UNUSED
+
+/* The contents of a character array is not meant to be NUL-terminated.  */
+/* Applies to: struct/union members and variables that are arrays of element
+   type '[[un]signed] char'.  */
+#define ATTRIBUTE_NONSTRING _GL_ATTRIBUTE_NONSTRING
+
+/* Do not warn if control flow falls through to the immediately
+   following 'case' or 'default' label.  */
+/* Applies to: Empty statement (;), inside a 'switch' statement.  */
+#define FALLTHROUGH _GL_ATTRIBUTE_FALLTHROUGH
+
+
+/* ================== Attributes for debugging information ================== */
+
+/* Attributes regarding debugging information emitted by the compiler.  */
+
+/* Omit the function from stack traces when debugging.  */
+/* Applies to: function.  */
+#define ATTRIBUTE_ARTIFICIAL _GL_ATTRIBUTE_ARTIFICIAL
+
+/* Make the entity visible to debuggers etc., even with '-fwhole-program'.  */
+/* Applies to: functions, variables.  */
+#define ATTRIBUTE_EXTERNALLY_VISIBLE _GL_ATTRIBUTE_EXTERNALLY_VISIBLE
+
+
+/* ========== Attributes that mainly direct compiler optimizations ========== */
+
+/* The function does not throw exceptions.  */
+/* Applies to: functions.  */
+#define ATTRIBUTE_NOTHROW _GL_ATTRIBUTE_NOTHROW
+
+/* Do not inline the function.  */
+/* Applies to: functions.  */
+#define ATTRIBUTE_NOINLINE _GL_ATTRIBUTE_NOINLINE
+
+/* Always inline the function, and report an error if the compiler
+   cannot inline.  */
+/* Applies to: function.  */
+#define ATTRIBUTE_ALWAYS_INLINE _GL_ATTRIBUTE_ALWAYS_INLINE
+
+/* It is OK for a compiler to omit duplicate calls with the same arguments.
+   This attribute is safe for a function that neither depends on
+   nor affects observable state, and always returns exactly once -
+   e.g., does not loop forever, and does not call longjmp.
+   (This attribute is stricter than ATTRIBUTE_PURE.)  */
+/* Applies to: functions.  */
+#define ATTRIBUTE_CONST _GL_ATTRIBUTE_CONST
+
+/* It is OK for a compiler to omit duplicate calls with the same
+   arguments if observable state is not changed between calls.
+   This attribute is safe for a function that does not affect
+   observable state, and always returns exactly once.
+   (This attribute is looser than ATTRIBUTE_CONST.)  */
+/* Applies to: functions.  */
+#define ATTRIBUTE_PURE _GL_ATTRIBUTE_PURE
+
+/* The function is rarely executed.  */
+/* Applies to: functions.  */
+#define ATTRIBUTE_COLD _GL_ATTRIBUTE_COLD
+
+/* If called from some other compilation unit, the function executes
+   code from that unit only by return or by exception handling,
+   letting the compiler optimize that unit more aggressively.  */
+/* Applies to: functions.  */
+#define ATTRIBUTE_LEAF _GL_ATTRIBUTE_LEAF
+
+/* For struct members: The member has the smallest possible alignment.
+   For struct, union, class: All members have the smallest possible alignment,
+   minimizing the memory required.  */
+/* Applies to: struct members, struct, union,
+   in C++ also: class.  */
+#define ATTRIBUTE_PACKED _GL_ATTRIBUTE_PACKED
+
+
+/* ================ Attributes that make invalid code valid ================ */
+
+/* Attributes that prevent fatal compiler optimizations for code that is not
+   fully ISO C compliant.  */
+
+/* Pointers to the type may point to the same storage as pointers to
+   other types, thus disabling strict aliasing optimization.  */
+/* Applies to: types.  */
+#define ATTRIBUTE_MAY_ALIAS _GL_ATTRIBUTE_MAY_ALIAS
+
+
+#endif /* _GL_ATTRIBUTE_H */
diff --git a/lib/unistring/limits.in.h b/lib/unistring/limits.in.h
new file mode 100644
index 0000000..4776e91
--- /dev/null
+++ b/lib/unistring/limits.in.h
@@ -0,0 +1,130 @@
+/* A GNU-like <limits.h>.
+
+   Copyright 2016-2021 Free Software Foundation, Inc.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program; if not, see <https://www.gnu.org/licenses/>.  */
+
+#if __GNUC__ >= 3
+@PRAGMA_SYSTEM_HEADER@
+#endif
+@PRAGMA_COLUMNS@
+
+#if defined _GL_ALREADY_INCLUDING_LIMITS_H
+/* Special invocation convention:
+   On Haiku/x86_64, we have a sequence of nested includes
+   <limits.h> -> <syslimits.h> -> <limits.h>.
+   In this situation, LONG_MAX and INT_MAX are not yet defined,
+   therefore we should not attempt to define LONG_BIT.  */
+
+#@INCLUDE_NEXT@ @NEXT_LIMITS_H@
+
+#else
+/* Normal invocation convention.  */
+
+#ifndef _@GUARD_PREFIX@_LIMITS_H
+
+# define _GL_ALREADY_INCLUDING_LIMITS_H
+
+/* The include_next requires a split double-inclusion guard.  */
+# @INCLUDE_NEXT@ @NEXT_LIMITS_H@
+
+# undef _GL_ALREADY_INCLUDING_LIMITS_H
+
+#ifndef _@GUARD_PREFIX@_LIMITS_H
+#define _@GUARD_PREFIX@_LIMITS_H
+
+#ifndef LLONG_MIN
+# if defined LONG_LONG_MIN /* HP-UX 11.31 */
+#  define LLONG_MIN LONG_LONG_MIN
+# elif defined LONGLONG_MIN /* IRIX 6.5 */
+#  define LLONG_MIN LONGLONG_MIN
+# elif defined __GNUC__
+#  define LLONG_MIN (- __LONG_LONG_MAX__ - 1LL)
+# endif
+#endif
+#ifndef LLONG_MAX
+# if defined LONG_LONG_MAX /* HP-UX 11.31 */
+#  define LLONG_MAX LONG_LONG_MAX
+# elif defined LONGLONG_MAX /* IRIX 6.5 */
+#  define LLONG_MAX LONGLONG_MAX
+# elif defined __GNUC__
+#  define LLONG_MAX __LONG_LONG_MAX__
+# endif
+#endif
+#ifndef ULLONG_MAX
+# if defined ULONG_LONG_MAX /* HP-UX 11.31 */
+#  define ULLONG_MAX ULONG_LONG_MAX
+# elif defined ULONGLONG_MAX /* IRIX 6.5 */
+#  define ULLONG_MAX ULONGLONG_MAX
+# elif defined __GNUC__
+#  define ULLONG_MAX (__LONG_LONG_MAX__ * 2ULL + 1ULL)
+# endif
+#endif
+
+/* The number of usable bits in an unsigned or signed integer type
+   with minimum value MIN and maximum value MAX, as an int expression
+   suitable in #if.  Cover all known practical hosts.  This
+   implementation exploits the fact that MAX is 1 less than a power of
+   2, and merely counts the number of 1 bits in MAX; "COBn" means
+   "count the number of 1 bits in the low-order n bits").  */
+#define _GL_INTEGER_WIDTH(min, max) (((min) < 0) + _GL_COB128 (max))
+#define _GL_COB128(n) (_GL_COB64 ((n) >> 31 >> 31 >> 2) + _GL_COB64 (n))
+#define _GL_COB64(n) (_GL_COB32 ((n) >> 31 >> 1) + _GL_COB32 (n))
+#define _GL_COB32(n) (_GL_COB16 ((n) >> 16) + _GL_COB16 (n))
+#define _GL_COB16(n) (_GL_COB8 ((n) >> 8) + _GL_COB8 (n))
+#define _GL_COB8(n) (_GL_COB4 ((n) >> 4) + _GL_COB4 (n))
+#define _GL_COB4(n) (!!((n) & 8) + !!((n) & 4) + !!((n) & 2) + !!((n) & 1))
+
+#ifndef WORD_BIT
+/* Assume 'int' is 32 bits wide.  */
+# define WORD_BIT 32
+#endif
+#ifndef LONG_BIT
+/* Assume 'long' is 32 or 64 bits wide.  */
+# if LONG_MAX == INT_MAX
+#  define LONG_BIT 32
+# else
+#  define LONG_BIT 64
+# endif
+#endif
+
+/* Macros specified by ISO/IEC TS 18661-1:2014.  */
+
+#if (! defined ULLONG_WIDTH                                             \
+     && (defined _GNU_SOURCE || defined __STDC_WANT_IEC_60559_BFP_EXT__))
+# define CHAR_WIDTH _GL_INTEGER_WIDTH (CHAR_MIN, CHAR_MAX)
+# define SCHAR_WIDTH _GL_INTEGER_WIDTH (SCHAR_MIN, SCHAR_MAX)
+# define UCHAR_WIDTH _GL_INTEGER_WIDTH (0, UCHAR_MAX)
+# define SHRT_WIDTH _GL_INTEGER_WIDTH (SHRT_MIN, SHRT_MAX)
+# define USHRT_WIDTH _GL_INTEGER_WIDTH (0, USHRT_MAX)
+# define INT_WIDTH _GL_INTEGER_WIDTH (INT_MIN, INT_MAX)
+# define UINT_WIDTH _GL_INTEGER_WIDTH (0, UINT_MAX)
+# define LONG_WIDTH _GL_INTEGER_WIDTH (LONG_MIN, LONG_MAX)
+# define ULONG_WIDTH _GL_INTEGER_WIDTH (0, ULONG_MAX)
+# define LLONG_WIDTH _GL_INTEGER_WIDTH (LLONG_MIN, LLONG_MAX)
+# define ULLONG_WIDTH _GL_INTEGER_WIDTH (0, ULLONG_MAX)
+#endif /* !ULLONG_WIDTH && (_GNU_SOURCE || __STDC_WANT_IEC_60559_BFP_EXT__) */
+
+#endif /* _@GUARD_PREFIX@_LIMITS_H */
+#endif /* _@GUARD_PREFIX@_LIMITS_H */
+#endif
diff --git a/lib/unistring/m4/gnulib-cache.m4 b/lib/unistring/m4/gnulib-cache.m4
new file mode 100644
index 0000000..d51f5b6
--- /dev/null
+++ b/lib/unistring/m4/gnulib-cache.m4
@@ -0,0 +1,86 @@
+# Copyright (C) 2002-2021 Free Software Foundation, Inc.
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This file is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this file.  If not, see <https://www.gnu.org/licenses/>.
+#
+# As a special exception to the GNU General Public License,
+# this file may be distributed as part of a program that
+# contains a configuration script generated by Autoconf, under
+# the same distribution terms as the rest of that program.
+#
+# Generated by gnulib-tool.
+#
+# This file represents the specification of how gnulib-tool is used.
+# It acts as a cache: It is written and read by gnulib-tool.
+# In projects that use version control, this file is meant to be put under
+# version control, like the configure.ac and various Makefile.am files.
+
+
+# Specification in the form of a command-line invocation:
+# gnulib-tool --import --local-dir=lib/unistring/override \
+#  --lib=libunistring \
+#  --source-base=lib/unistring \
+#  --m4-base=lib/unistring/m4 \
+#  --doc-base=doc \
+#  --tests-base=tests \
+#  --aux-dir=build-aux \
+#  --lgpl=3orGPLv2 \
+#  --no-conditional-dependencies \
+#  --libtool \
+#  --macro-prefix=unistring \
+#  unictype/category-all \
+#  unictype/property-default-ignorable-code-point \
+#  unictype/property-join-control \
+#  unictype/property-not-a-character \
+#  uninorm/nfc \
+#  uninorm/nfkc \
+#  uninorm/u16-normalize \
+#  uninorm/u32-normalize \
+#  uninorm/u8-normalize \
+#  unistr/u16-to-u8 \
+#  unistr/u32-to-u8 \
+#  unistr/u8-check \
+#  unistr/u8-to-u16 \
+#  unistr/u8-to-u32
+
+# Specification in the form of a few gnulib-tool.m4 macro invocations:
+gl_LOCAL_DIR([lib/unistring/override])
+gl_MODULES([
+  unictype/category-all
+  unictype/property-default-ignorable-code-point
+  unictype/property-join-control
+  unictype/property-not-a-character
+  uninorm/nfc
+  uninorm/nfkc
+  uninorm/u16-normalize
+  uninorm/u32-normalize
+  uninorm/u8-normalize
+  unistr/u16-to-u8
+  unistr/u32-to-u8
+  unistr/u8-check
+  unistr/u8-to-u16
+  unistr/u8-to-u32
+])
+gl_AVOID([])
+gl_SOURCE_BASE([lib/unistring])
+gl_M4_BASE([lib/unistring/m4])
+gl_PO_BASE([])
+gl_DOC_BASE([doc])
+gl_TESTS_BASE([tests])
+gl_LIB([libunistring])
+gl_LGPL([3orGPLv2])
+gl_MAKEFILE_NAME([])
+gl_LIBTOOL
+gl_MACRO_PREFIX([unistring])
+gl_PO_DOMAIN([])
+gl_WITNESS_C_MACRO([])
diff --git a/lib/unistring/m4/gnulib-comp.m4 b/lib/unistring/m4/gnulib-comp.m4
new file mode 100644
index 0000000..449807f
--- /dev/null
+++ b/lib/unistring/m4/gnulib-comp.m4
@@ -0,0 +1,575 @@
+# DO NOT EDIT! GENERATED AUTOMATICALLY!
+# Copyright (C) 2002-2021 Free Software Foundation, Inc.
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This file is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this file.  If not, see <https://www.gnu.org/licenses/>.
+#
+# As a special exception to the GNU General Public License,
+# this file may be distributed as part of a program that
+# contains a configuration script generated by Autoconf, under
+# the same distribution terms as the rest of that program.
+#
+# Generated by gnulib-tool.
+#
+# This file represents the compiled summary of the specification in
+# gnulib-cache.m4. It lists the computed macro invocations that need
+# to be invoked from configure.ac.
+# In projects that use version control, this file can be treated like
+# other built files.
+
+
+# This macro should be invoked from ./configure.ac, in the section
+# "Checks for programs", right after AC_PROG_CC, and certainly before
+# any checks for libraries, header files, types and library functions.
+AC_DEFUN([unistring_EARLY],
+[
+  m4_pattern_forbid([^gl_[A-Z]])dnl the gnulib macro namespace
+  m4_pattern_allow([^gl_ES$])dnl a valid locale name
+  m4_pattern_allow([^gl_LIBOBJS$])dnl a variable
+  m4_pattern_allow([^gl_LTLIBOBJS$])dnl a variable
+
+  # Pre-early section.
+  AC_REQUIRE([gl_PROG_AR_RANLIB])
+
+  AC_REQUIRE([AM_PROG_CC_C_O])
+  # Code from module absolute-header:
+  # Code from module array-mergesort:
+  # Code from module attribute:
+  # Code from module gperf:
+  # Code from module include_next:
+  # Code from module inline:
+  # Code from module limits-h:
+  # Code from module multiarch:
+  # Code from module snippet/unused-parameter:
+  # Code from module ssize_t:
+  # Code from module stdbool:
+  # Code from module stdint:
+  # Code from module sys_types:
+  # Code from module unictype/base:
+  # Code from module unictype/category-C:
+  # Code from module unictype/category-Cc:
+  # Code from module unictype/category-Cf:
+  # Code from module unictype/category-Cn:
+  # Code from module unictype/category-Co:
+  # Code from module unictype/category-Cs:
+  # Code from module unictype/category-L:
+  # Code from module unictype/category-LC:
+  # Code from module unictype/category-Ll:
+  # Code from module unictype/category-Lm:
+  # Code from module unictype/category-Lo:
+  # Code from module unictype/category-Lt:
+  # Code from module unictype/category-Lu:
+  # Code from module unictype/category-M:
+  # Code from module unictype/category-Mc:
+  # Code from module unictype/category-Me:
+  # Code from module unictype/category-Mn:
+  # Code from module unictype/category-N:
+  # Code from module unictype/category-Nd:
+  # Code from module unictype/category-Nl:
+  # Code from module unictype/category-No:
+  # Code from module unictype/category-P:
+  # Code from module unictype/category-Pc:
+  # Code from module unictype/category-Pd:
+  # Code from module unictype/category-Pe:
+  # Code from module unictype/category-Pf:
+  # Code from module unictype/category-Pi:
+  # Code from module unictype/category-Po:
+  # Code from module unictype/category-Ps:
+  # Code from module unictype/category-S:
+  # Code from module unictype/category-Sc:
+  # Code from module unictype/category-Sk:
+  # Code from module unictype/category-Sm:
+  # Code from module unictype/category-So:
+  # Code from module unictype/category-Z:
+  # Code from module unictype/category-Zl:
+  # Code from module unictype/category-Zp:
+  # Code from module unictype/category-Zs:
+  # Code from module unictype/category-all:
+  # Code from module unictype/category-and:
+  # Code from module unictype/category-and-not:
+  # Code from module unictype/category-byname:
+  # Code from module unictype/category-longname:
+  # Code from module unictype/category-name:
+  # Code from module unictype/category-none:
+  # Code from module unictype/category-of:
+  # Code from module unictype/category-or:
+  # Code from module unictype/category-test:
+  # Code from module unictype/category-test-withtable:
+  # Code from module unictype/combining-class:
+  # Code from module unictype/property-default-ignorable-code-point:
+  # Code from module unictype/property-join-control:
+  # Code from module unictype/property-not-a-character:
+  # Code from module uninorm/base:
+  # Code from module uninorm/canonical-decomposition:
+  # Code from module uninorm/compat-decomposition:
+  # Code from module uninorm/composition:
+  # Code from module uninorm/decompose-internal:
+  # Code from module uninorm/decomposition:
+  # Code from module uninorm/decomposition-table:
+  # Code from module uninorm/nfc:
+  # Code from module uninorm/nfd:
+  # Code from module uninorm/nfkc:
+  # Code from module uninorm/nfkd:
+  # Code from module uninorm/u16-normalize:
+  # Code from module uninorm/u32-normalize:
+  # Code from module uninorm/u8-normalize:
+  # Code from module unistr/base:
+  # Code from module unistr/u16-cpy:
+  # Code from module unistr/u16-mbtouc-unsafe:
+  # Code from module unistr/u16-mbtoucr:
+  # Code from module unistr/u16-to-u8:
+  # Code from module unistr/u16-uctomb:
+  # Code from module unistr/u32-cpy:
+  # Code from module unistr/u32-mbtouc-unsafe:
+  # Code from module unistr/u32-to-u8:
+  # Code from module unistr/u32-uctomb:
+  # Code from module unistr/u8-check:
+  # Code from module unistr/u8-cpy:
+  # Code from module unistr/u8-mbtouc-unsafe:
+  # Code from module unistr/u8-mbtoucr:
+  # Code from module unistr/u8-to-u16:
+  # Code from module unistr/u8-to-u32:
+  # Code from module unistr/u8-uctomb:
+  # Code from module unitypes:
+])
+
+# This macro should be invoked from ./configure.ac, in the section
+# "Check for header files, types and library functions".
+AC_DEFUN([unistring_INIT],
+[
+  AM_CONDITIONAL([GL_COND_LIBTOOL], [true])
+  gl_cond_libtool=true
+  gl_m4_base='lib/unistring/m4'
+  m4_pushdef([AC_LIBOBJ], m4_defn([unistring_LIBOBJ]))
+  m4_pushdef([AC_REPLACE_FUNCS], m4_defn([unistring_REPLACE_FUNCS]))
+  m4_pushdef([AC_LIBSOURCES], m4_defn([unistring_LIBSOURCES]))
+  m4_pushdef([unistring_LIBSOURCES_LIST], [])
+  m4_pushdef([unistring_LIBSOURCES_DIR], [])
+  m4_pushdef([GL_MACRO_PREFIX], [unistring])
+  m4_pushdef([GL_MODULE_INDICATOR_PREFIX], [GL_UNISTRING])
+  gl_COMMON
+  gl_source_base='lib/unistring'
+  gl_INLINE
+  gl_LIMITS_H
+  gl_MULTIARCH
+  gt_TYPE_SSIZE_T
+  AM_STDBOOL_H
+  gl_STDINT_H
+  gl_SYS_TYPES_H
+  gl_SYS_TYPES_H_REQUIRE_DEFAULTS
+  AC_PROG_MKDIR_P
+  gl_LIBUNISTRING_LIBHEADER([0.9.8], [unictype.h])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-C])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Cc])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Cf])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Cn])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Co])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Cs])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-L])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-LC])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Ll])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Lm])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Lo])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Lt])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Lu])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-M])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Mc])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Me])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Mn])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-N])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Nd])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Nl])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-No])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-P])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Pc])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Pd])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Pe])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Pf])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Pi])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Po])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Ps])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-S])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Sc])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Sk])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Sm])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-So])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Z])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Zl])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Zp])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-Zs])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-and])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-and-not])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-byname])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-longname])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-name])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-none])
+  AC_REQUIRE([AC_C_INLINE])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-of])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-or])
+  AC_REQUIRE([AC_C_INLINE])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/category-test])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/combining-class])
+  AC_REQUIRE([AC_C_INLINE])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/property-default-ignorable-code-point])
+  AC_REQUIRE([AC_C_INLINE])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/property-join-control])
+  AC_REQUIRE([AC_C_INLINE])
+  gl_LIBUNISTRING_MODULE([0.9.8], [unictype/property-not-a-character])
+  gl_LIBUNISTRING_LIBHEADER([0.9.11], [uninorm.h])
+  gl_LIBUNISTRING_MODULE([0.9.8], [uninorm/canonical-decomposition])
+  gl_LIBUNISTRING_MODULE([0.9.8], [uninorm/composition])
+  gl_LIBUNISTRING_MODULE([0.9.8], [uninorm/decomposition])
+  AC_REQUIRE([AC_C_INLINE])
+  gl_LIBUNISTRING_MODULE([0.9.8], [uninorm/nfc])
+  gl_LIBUNISTRING_MODULE([0.9.8], [uninorm/nfd])
+  gl_LIBUNISTRING_MODULE([0.9.8], [uninorm/nfkc])
+  gl_LIBUNISTRING_MODULE([0.9.8], [uninorm/nfkd])
+  gl_MODULE_INDICATOR_FOR_TESTS([uninorm/u16-normalize])
+  gl_LIBUNISTRING_MODULE([0.9.8], [uninorm/u16-normalize])
+  gl_MODULE_INDICATOR_FOR_TESTS([uninorm/u32-normalize])
+  gl_LIBUNISTRING_MODULE([0.9.8], [uninorm/u32-normalize])
+  gl_MODULE_INDICATOR_FOR_TESTS([uninorm/u8-normalize])
+  gl_LIBUNISTRING_MODULE([0.9.8], [uninorm/u8-normalize])
+  gl_LIBUNISTRING_LIBHEADER([0.9.11], [unistr.h])
+  gl_LIBUNISTRING_MODULE([0.9], [unistr/u16-cpy])
+  gl_MODULE_INDICATOR([unistr/u16-mbtouc-unsafe])
+  gl_LIBUNISTRING_MODULE([0.9], [unistr/u16-mbtouc-unsafe])
+  gl_MODULE_INDICATOR([unistr/u16-mbtoucr])
+  gl_LIBUNISTRING_MODULE([0.9], [unistr/u16-mbtoucr])
+  gl_LIBUNISTRING_MODULE([0.9.3], [unistr/u16-to-u8])
+  gl_MODULE_INDICATOR([unistr/u16-uctomb])
+  gl_LIBUNISTRING_MODULE([0.9], [unistr/u16-uctomb])
+  gl_LIBUNISTRING_MODULE([0.9], [unistr/u32-cpy])
+  gl_MODULE_INDICATOR([unistr/u32-mbtouc-unsafe])
+  gl_LIBUNISTRING_MODULE([0.9], [unistr/u32-mbtouc-unsafe])
+  gl_LIBUNISTRING_MODULE([0.9], [unistr/u32-to-u8])
+  gl_MODULE_INDICATOR([unistr/u32-uctomb])
+  gl_LIBUNISTRING_MODULE([0.9], [unistr/u32-uctomb])
+  gl_LIBUNISTRING_MODULE([0.9], [unistr/u8-check])
+  gl_LIBUNISTRING_MODULE([0.9], [unistr/u8-cpy])
+  gl_MODULE_INDICATOR([unistr/u8-mbtouc-unsafe])
+  gl_LIBUNISTRING_MODULE([0.9.4], [unistr/u8-mbtouc-unsafe])
+  gl_MODULE_INDICATOR([unistr/u8-mbtoucr])
+  gl_LIBUNISTRING_MODULE([0.9], [unistr/u8-mbtoucr])
+  gl_LIBUNISTRING_MODULE([0.9.3], [unistr/u8-to-u16])
+  gl_LIBUNISTRING_MODULE([0.9.3], [unistr/u8-to-u32])
+  gl_MODULE_INDICATOR([unistr/u8-uctomb])
+  gl_LIBUNISTRING_MODULE([0.9], [unistr/u8-uctomb])
+  gl_LIBUNISTRING_LIBHEADER([0.9.11], [unitypes.h])
+  # End of code from modules
+  m4_ifval(unistring_LIBSOURCES_LIST, [
+    m4_syscmd([test ! -d ]m4_defn([unistring_LIBSOURCES_DIR])[ ||
+      for gl_file in ]unistring_LIBSOURCES_LIST[ ; do
+        if test ! -r ]m4_defn([unistring_LIBSOURCES_DIR])[/$gl_file ; then
+          echo "missing file ]m4_defn([unistring_LIBSOURCES_DIR])[/$gl_file" >&2
+          exit 1
+        fi
+      done])dnl
+      m4_if(m4_sysval, [0], [],
+        [AC_FATAL([expected source file, required through AC_LIBSOURCES, not found])])
+  ])
+  m4_popdef([GL_MODULE_INDICATOR_PREFIX])
+  m4_popdef([GL_MACRO_PREFIX])
+  m4_popdef([unistring_LIBSOURCES_DIR])
+  m4_popdef([unistring_LIBSOURCES_LIST])
+  m4_popdef([AC_LIBSOURCES])
+  m4_popdef([AC_REPLACE_FUNCS])
+  m4_popdef([AC_LIBOBJ])
+  AC_CONFIG_COMMANDS_PRE([
+    unistring_libobjs=
+    unistring_ltlibobjs=
+    if test -n "$unistring_LIBOBJS"; then
+      # Remove the extension.
+      sed_drop_objext='s/\.o$//;s/\.obj$//'
+      for i in `for i in $unistring_LIBOBJS; do echo "$i"; done | sed -e "$sed_drop_objext" | sort | uniq`; do
+        unistring_libobjs="$unistring_libobjs $i.$ac_objext"
+        unistring_ltlibobjs="$unistring_ltlibobjs $i.lo"
+      done
+    fi
+    AC_SUBST([unistring_LIBOBJS], [$unistring_libobjs])
+    AC_SUBST([unistring_LTLIBOBJS], [$unistring_ltlibobjs])
+  ])
+  gltests_libdeps=
+  gltests_ltlibdeps=
+  m4_pushdef([AC_LIBOBJ], m4_defn([unistringtests_LIBOBJ]))
+  m4_pushdef([AC_REPLACE_FUNCS], m4_defn([unistringtests_REPLACE_FUNCS]))
+  m4_pushdef([AC_LIBSOURCES], m4_defn([unistringtests_LIBSOURCES]))
+  m4_pushdef([unistringtests_LIBSOURCES_LIST], [])
+  m4_pushdef([unistringtests_LIBSOURCES_DIR], [])
+  m4_pushdef([GL_MACRO_PREFIX], [unistringtests])
+  m4_pushdef([GL_MODULE_INDICATOR_PREFIX], [GL_UNISTRING])
+  gl_COMMON
+  gl_source_base='tests'
+changequote(,)dnl
+  unistringtests_WITNESS=IN_`echo "${PACKAGE-$PACKAGE_TARNAME}" | LC_ALL=C tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ | LC_ALL=C sed -e 's/[^A-Z0-9_]/_/g'`_GNULIB_TESTS
+changequote([, ])dnl
+  AC_SUBST([unistringtests_WITNESS])
+  gl_module_indicator_condition=$unistringtests_WITNESS
+  m4_pushdef([gl_MODULE_INDICATOR_CONDITION], [$gl_module_indicator_condition])
+  m4_popdef([gl_MODULE_INDICATOR_CONDITION])
+  m4_ifval(unistringtests_LIBSOURCES_LIST, [
+    m4_syscmd([test ! -d ]m4_defn([unistringtests_LIBSOURCES_DIR])[ ||
+      for gl_file in ]unistringtests_LIBSOURCES_LIST[ ; do
+        if test ! -r ]m4_defn([unistringtests_LIBSOURCES_DIR])[/$gl_file ; then
+          echo "missing file ]m4_defn([unistringtests_LIBSOURCES_DIR])[/$gl_file" >&2
+          exit 1
+        fi
+      done])dnl
+      m4_if(m4_sysval, [0], [],
+        [AC_FATAL([expected source file, required through AC_LIBSOURCES, not found])])
+  ])
+  m4_popdef([GL_MODULE_INDICATOR_PREFIX])
+  m4_popdef([GL_MACRO_PREFIX])
+  m4_popdef([unistringtests_LIBSOURCES_DIR])
+  m4_popdef([unistringtests_LIBSOURCES_LIST])
+  m4_popdef([AC_LIBSOURCES])
+  m4_popdef([AC_REPLACE_FUNCS])
+  m4_popdef([AC_LIBOBJ])
+  AC_CONFIG_COMMANDS_PRE([
+    unistringtests_libobjs=
+    unistringtests_ltlibobjs=
+    if test -n "$unistringtests_LIBOBJS"; then
+      # Remove the extension.
+      sed_drop_objext='s/\.o$//;s/\.obj$//'
+      for i in `for i in $unistringtests_LIBOBJS; do echo "$i"; done | sed -e "$sed_drop_objext" | sort | uniq`; do
+        unistringtests_libobjs="$unistringtests_libobjs $i.$ac_objext"
+        unistringtests_ltlibobjs="$unistringtests_ltlibobjs $i.lo"
+      done
+    fi
+    AC_SUBST([unistringtests_LIBOBJS], [$unistringtests_libobjs])
+    AC_SUBST([unistringtests_LTLIBOBJS], [$unistringtests_ltlibobjs])
+  ])
+])
+
+# Like AC_LIBOBJ, except that the module name goes
+# into unistring_LIBOBJS instead of into LIBOBJS.
+AC_DEFUN([unistring_LIBOBJ], [
+  AS_LITERAL_IF([$1], [unistring_LIBSOURCES([$1.c])])dnl
+  unistring_LIBOBJS="$unistring_LIBOBJS $1.$ac_objext"
+])
+
+# Like AC_REPLACE_FUNCS, except that the module name goes
+# into unistring_LIBOBJS instead of into LIBOBJS.
+AC_DEFUN([unistring_REPLACE_FUNCS], [
+  m4_foreach_w([gl_NAME], [$1], [AC_LIBSOURCES(gl_NAME[.c])])dnl
+  AC_CHECK_FUNCS([$1], , [unistring_LIBOBJ($ac_func)])
+])
+
+# Like AC_LIBSOURCES, except the directory where the source file is
+# expected is derived from the gnulib-tool parameterization,
+# and alloca is special cased (for the alloca-opt module).
+# We could also entirely rely on EXTRA_lib..._SOURCES.
+AC_DEFUN([unistring_LIBSOURCES], [
+  m4_foreach([_gl_NAME], [$1], [
+    m4_if(_gl_NAME, [alloca.c], [], [
+      m4_define([unistring_LIBSOURCES_DIR], [lib/unistring])
+      m4_append([unistring_LIBSOURCES_LIST], _gl_NAME, [ ])
+    ])
+  ])
+])
+
+# Like AC_LIBOBJ, except that the module name goes
+# into unistringtests_LIBOBJS instead of into LIBOBJS.
+AC_DEFUN([unistringtests_LIBOBJ], [
+  AS_LITERAL_IF([$1], [unistringtests_LIBSOURCES([$1.c])])dnl
+  unistringtests_LIBOBJS="$unistringtests_LIBOBJS $1.$ac_objext"
+])
+
+# Like AC_REPLACE_FUNCS, except that the module name goes
+# into unistringtests_LIBOBJS instead of into LIBOBJS.
+AC_DEFUN([unistringtests_REPLACE_FUNCS], [
+  m4_foreach_w([gl_NAME], [$1], [AC_LIBSOURCES(gl_NAME[.c])])dnl
+  AC_CHECK_FUNCS([$1], , [unistringtests_LIBOBJ($ac_func)])
+])
+
+# Like AC_LIBSOURCES, except the directory where the source file is
+# expected is derived from the gnulib-tool parameterization,
+# and alloca is special cased (for the alloca-opt module).
+# We could also entirely rely on EXTRA_lib..._SOURCES.
+AC_DEFUN([unistringtests_LIBSOURCES], [
+  m4_foreach([_gl_NAME], [$1], [
+    m4_if(_gl_NAME, [alloca.c], [], [
+      m4_define([unistringtests_LIBSOURCES_DIR], [tests])
+      m4_append([unistringtests_LIBSOURCES_LIST], _gl_NAME, [ ])
+    ])
+  ])
+])
+
+# This macro records the list of files which have been installed by
+# gnulib-tool and may be removed by future gnulib-tool invocations.
+AC_DEFUN([unistring_FILE_LIST], [
+  lib/array-mergesort.h
+  lib/attribute.h
+  lib/limits.in.h
+  lib/stdbool.in.h
+  lib/stdint.in.h
+  lib/sys_types.in.h
+  lib/unictype.in.h
+  lib/unictype/bitmap.h
+  lib/unictype/categ_C.c
+  lib/unictype/categ_C.h
+  lib/unictype/categ_Cc.c
+  lib/unictype/categ_Cc.h
+  lib/unictype/categ_Cf.c
+  lib/unictype/categ_Cf.h
+  lib/unictype/categ_Cn.c
+  lib/unictype/categ_Cn.h
+  lib/unictype/categ_Co.c
+  lib/unictype/categ_Co.h
+  lib/unictype/categ_Cs.c
+  lib/unictype/categ_Cs.h
+  lib/unictype/categ_L.c
+  lib/unictype/categ_L.h
+  lib/unictype/categ_LC.c
+  lib/unictype/categ_LC.h
+  lib/unictype/categ_Ll.c
+  lib/unictype/categ_Ll.h
+  lib/unictype/categ_Lm.c
+  lib/unictype/categ_Lm.h
+  lib/unictype/categ_Lo.c
+  lib/unictype/categ_Lo.h
+  lib/unictype/categ_Lt.c
+  lib/unictype/categ_Lt.h
+  lib/unictype/categ_Lu.c
+  lib/unictype/categ_Lu.h
+  lib/unictype/categ_M.c
+  lib/unictype/categ_M.h
+  lib/unictype/categ_Mc.c
+  lib/unictype/categ_Mc.h
+  lib/unictype/categ_Me.c
+  lib/unictype/categ_Me.h
+  lib/unictype/categ_Mn.c
+  lib/unictype/categ_Mn.h
+  lib/unictype/categ_N.c
+  lib/unictype/categ_N.h
+  lib/unictype/categ_Nd.c
+  lib/unictype/categ_Nd.h
+  lib/unictype/categ_Nl.c
+  lib/unictype/categ_Nl.h
+  lib/unictype/categ_No.c
+  lib/unictype/categ_No.h
+  lib/unictype/categ_P.c
+  lib/unictype/categ_P.h
+  lib/unictype/categ_Pc.c
+  lib/unictype/categ_Pc.h
+  lib/unictype/categ_Pd.c
+  lib/unictype/categ_Pd.h
+  lib/unictype/categ_Pe.c
+  lib/unictype/categ_Pe.h
+  lib/unictype/categ_Pf.c
+  lib/unictype/categ_Pf.h
+  lib/unictype/categ_Pi.c
+  lib/unictype/categ_Pi.h
+  lib/unictype/categ_Po.c
+  lib/unictype/categ_Po.h
+  lib/unictype/categ_Ps.c
+  lib/unictype/categ_Ps.h
+  lib/unictype/categ_S.c
+  lib/unictype/categ_S.h
+  lib/unictype/categ_Sc.c
+  lib/unictype/categ_Sc.h
+  lib/unictype/categ_Sk.c
+  lib/unictype/categ_Sk.h
+  lib/unictype/categ_Sm.c
+  lib/unictype/categ_Sm.h
+  lib/unictype/categ_So.c
+  lib/unictype/categ_So.h
+  lib/unictype/categ_Z.c
+  lib/unictype/categ_Z.h
+  lib/unictype/categ_Zl.c
+  lib/unictype/categ_Zl.h
+  lib/unictype/categ_Zp.c
+  lib/unictype/categ_Zp.h
+  lib/unictype/categ_Zs.c
+  lib/unictype/categ_Zs.h
+  lib/unictype/categ_and.c
+  lib/unictype/categ_and_not.c
+  lib/unictype/categ_byname.c
+  lib/unictype/categ_byname.gperf
+  lib/unictype/categ_longname.c
+  lib/unictype/categ_name.c
+  lib/unictype/categ_none.c
+  lib/unictype/categ_of.c
+  lib/unictype/categ_of.h
+  lib/unictype/categ_or.c
+  lib/unictype/categ_test.c
+  lib/unictype/combiningclass.c
+  lib/unictype/combiningclass.h
+  lib/unictype/pr_default_ignorable_code_point.c
+  lib/unictype/pr_default_ignorable_code_point.h
+  lib/unictype/pr_join_control.c
+  lib/unictype/pr_join_control.h
+  lib/unictype/pr_not_a_character.c
+  lib/unictype/pr_not_a_character.h
+  lib/uninorm.in.h
+  lib/uninorm/canonical-decomposition.c
+  lib/uninorm/compat-decomposition.c
+  lib/uninorm/composition-table.gperf
+  lib/uninorm/composition.c
+  lib/uninorm/decompose-internal.c
+  lib/uninorm/decompose-internal.h
+  lib/uninorm/decomposition-table.c
+  lib/uninorm/decomposition-table.h
+  lib/uninorm/decomposition-table1.h
+  lib/uninorm/decomposition-table2.h
+  lib/uninorm/decomposition.c
+  lib/uninorm/nfc.c
+  lib/uninorm/nfd.c
+  lib/uninorm/nfkc.c
+  lib/uninorm/nfkd.c
+  lib/uninorm/normalize-internal.h
+  lib/uninorm/u-normalize-internal.h
+  lib/uninorm/u16-normalize.c
+  lib/uninorm/u32-normalize.c
+  lib/uninorm/u8-normalize.c
+  lib/unistr.in.h
+  lib/unistr/u-cpy.h
+  lib/unistr/u16-cpy.c
+  lib/unistr/u16-mbtouc-unsafe-aux.c
+  lib/unistr/u16-mbtouc-unsafe.c
+  lib/unistr/u16-mbtoucr.c
+  lib/unistr/u16-to-u8.c
+  lib/unistr/u16-uctomb-aux.c
+  lib/unistr/u16-uctomb.c
+  lib/unistr/u32-cpy.c
+  lib/unistr/u32-mbtouc-unsafe.c
+  lib/unistr/u32-to-u8.c
+  lib/unistr/u32-uctomb.c
+  lib/unistr/u8-check.c
+  lib/unistr/u8-cpy.c
+  lib/unistr/u8-mbtouc-unsafe-aux.c
+  lib/unistr/u8-mbtouc-unsafe.c
+  lib/unistr/u8-mbtoucr.c
+  lib/unistr/u8-to-u16.c
+  lib/unistr/u8-to-u32.c
+  lib/unistr/u8-uctomb-aux.c
+  lib/unistr/u8-uctomb.c
+  lib/unitypes.in.h
+  lib/unused-parameter.h
+  m4/00gnulib.m4
+  m4/absolute-header.m4
+  m4/gnulib-common.m4
+  m4/include_next.m4
+  m4/inline.m4
+  m4/libunistring-base.m4
+  m4/limits-h.m4
+  m4/multiarch.m4
+  m4/off_t.m4
+  m4/pid_t.m4
+  m4/ssize_t.m4
+  m4/stdbool.m4
+  m4/stdint.m4
+  m4/sys_types_h.m4
+  m4/wint_t.m4
+  m4/zzgnulib.m4
+])
diff --git a/lib/unistring/m4/inline.m4 b/lib/unistring/m4/inline.m4
new file mode 100644
index 0000000..04fc774
--- /dev/null
+++ b/lib/unistring/m4/inline.m4
@@ -0,0 +1,40 @@
+# inline.m4 serial 4
+dnl Copyright (C) 2006, 2009-2021 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl Test for the 'inline' keyword or equivalent.
+dnl Define 'inline' to a supported equivalent, or to nothing if not supported,
+dnl like AC_C_INLINE does.  Also, define HAVE_INLINE if 'inline' or an
+dnl equivalent is effectively supported, i.e. if the compiler is likely to
+dnl drop unused 'static inline' functions.
+AC_DEFUN([gl_INLINE],
+[
+  AC_REQUIRE([AC_C_INLINE])
+  AC_CACHE_CHECK([whether the compiler generally respects inline],
+    [gl_cv_c_inline_effective],
+    [if test $ac_cv_c_inline = no; then
+       gl_cv_c_inline_effective=no
+     else
+       dnl GCC defines __NO_INLINE__ if not optimizing or if -fno-inline is
+       dnl specified.
+       dnl Use AC_COMPILE_IFELSE here, not AC_EGREP_CPP, because the result
+       dnl depends on optimization flags, which can be in CFLAGS.
+       dnl (AC_EGREP_CPP looks only at the CPPFLAGS.)
+       AC_COMPILE_IFELSE(
+         [AC_LANG_PROGRAM([[]],
+           [[#ifdef __NO_INLINE__
+               #error "inline is not effective"
+             #endif]])],
+         [gl_cv_c_inline_effective=yes],
+         [gl_cv_c_inline_effective=no])
+     fi
+    ])
+  if test $gl_cv_c_inline_effective = yes; then
+    AC_DEFINE([HAVE_INLINE], [1],
+      [Define to 1 if the compiler supports one of the keywords
+       'inline', '__inline__', '__inline' and effectively inlines
+       functions marked as such.])
+  fi
+])
diff --git a/lib/unistring/m4/libunistring-base.m4 b/lib/unistring/m4/libunistring-base.m4
new file mode 100644
index 0000000..657bc0d
--- /dev/null
+++ b/lib/unistring/m4/libunistring-base.m4
@@ -0,0 +1,141 @@
+# libunistring-base.m4 serial 5
+dnl Copyright (C) 2010-2021 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Paolo Bonzini and Bruno Haible.
+
+dnl gl_LIBUNISTRING_MODULE([VERSION], [Module])
+dnl Declares that the source files of Module should be compiled, unless we
+dnl are linking with libunistring and its version is >= the given VERSION.
+dnl Defines an automake conditional LIBUNISTRING_COMPILE_$MODULE that is
+dnl true if the source files of Module should be compiled.
+dnl This macro is to be used for public libunistring API, not for
+dnl undocumented API.
+dnl
+dnl You have to bump the VERSION argument to the next projected version
+dnl number each time you make a change that affects the behaviour of the
+dnl functions defined in Module (even if the sources of Module itself do not
+dnl change).
+
+AC_DEFUN([gl_LIBUNISTRING_MODULE],
+[
+  AC_REQUIRE([gl_LIBUNISTRING_LIB_PREPARE])
+  dnl Use the variables HAVE_LIBUNISTRING, LIBUNISTRING_VERSION from
+  dnl gl_LIBUNISTRING_CORE if that macro has been run.
+  AM_CONDITIONAL(AS_TR_CPP([LIBUNISTRING_COMPILE_$2]),
+    [gl_LIBUNISTRING_VERSION_CMP([$1])])
+])
+
+dnl gl_LIBUNISTRING_LIBHEADER([VERSION], [HeaderFile])
+dnl Declares that HeaderFile should be created, unless we are linking
+dnl with libunistring and its version is >= the given VERSION.
+dnl HeaderFile should be relative to the lib directory and end in '.h'.
+dnl Prepares for substituting LIBUNISTRING_HEADERFILE (to HeaderFile or empty).
+dnl
+dnl When we are linking with the already installed libunistring and its version
+dnl is < VERSION, we create HeaderFile here, because we may compile functions
+dnl (via gl_LIBUNISTRING_MODULE above) that are not contained in the installed
+dnl version.
+dnl When we are linking with the already installed libunistring and its version
+dnl is > VERSION, we don't create HeaderFile here: it could cause compilation
+dnl errors in other libunistring header files if some types are missing.
+dnl
+dnl You have to bump the VERSION argument to the next projected version
+dnl number each time you make a non-comment change to the HeaderFile.
+
+AC_DEFUN([gl_LIBUNISTRING_LIBHEADER],
+[
+  AC_REQUIRE([gl_LIBUNISTRING_LIB_PREPARE])
+  dnl Use the variables HAVE_LIBUNISTRING, LIBUNISTRING_VERSION from
+  dnl gl_LIBUNISTRING_CORE if that macro has been run.
+  if gl_LIBUNISTRING_VERSION_CMP([$1]); then
+    LIBUNISTRING_[]AS_TR_CPP([$2])='$2'
+  else
+    LIBUNISTRING_[]AS_TR_CPP([$2])=
+  fi
+  AC_SUBST([LIBUNISTRING_]AS_TR_CPP([$2]))
+])
+
+dnl Miscellaneous preparations/initializations.
+
+AC_DEFUN([gl_LIBUNISTRING_LIB_PREPARE],
+[
+  dnl Ensure that HAVE_LIBUNISTRING is fully determined at this point.
+  m4_ifdef([gl_LIBUNISTRING], [AC_REQUIRE([gl_LIBUNISTRING])])
+
+  AC_REQUIRE([AC_PROG_AWK])
+
+dnl Sed expressions to extract the parts of a version number.
+changequote(,)
+gl_libunistring_sed_extract_major='/^[0-9]/{s/^\([0-9]*\).*/\1/p;q;}
+i\
+0
+q
+'
+gl_libunistring_sed_extract_minor='/^[0-9][0-9]*[.][0-9]/{s/^[0-9]*[.]\([0-9]*\).*/\1/p;q;}
+i\
+0
+q
+'
+gl_libunistring_sed_extract_subminor='/^[0-9][0-9]*[.][0-9][0-9]*[.][0-9]/{s/^[0-9]*[.][0-9]*[.]\([0-9]*\).*/\1/p;q;}
+i\
+0
+q
+'
+changequote([,])
+
+  if test "$HAVE_LIBUNISTRING" = yes; then
+    LIBUNISTRING_VERSION_MAJOR=`echo "$LIBUNISTRING_VERSION" | sed -n -e "$gl_libunistring_sed_extract_major"`
+    LIBUNISTRING_VERSION_MINOR=`echo "$LIBUNISTRING_VERSION" | sed -n -e "$gl_libunistring_sed_extract_minor"`
+    LIBUNISTRING_VERSION_SUBMINOR=`echo "$LIBUNISTRING_VERSION" | sed -n -e "$gl_libunistring_sed_extract_subminor"`
+  fi
+])
+
+dnl gl_LIBUNISTRING_VERSION_CMP([VERSION])
+dnl Expands to a shell statement that evaluates to true if LIBUNISTRING_VERSION
+dnl is less than the VERSION argument.
+AC_DEFUN([gl_LIBUNISTRING_VERSION_CMP],
+[ { test "$HAVE_LIBUNISTRING" != yes \
+    || {
+         dnl AS_LITERAL_IF exists and works fine since autoconf-2.59 at least.
+         AS_LITERAL_IF([$1],
+           [dnl This is the optimized variant, that assumes the argument is a literal:
+            m4_pushdef([requested_version_major],
+              [gl_LIBUNISTRING_ARG_OR_ZERO(m4_bpatsubst([$1], [^\([0-9]*\).*], [\1]), [])])
+            m4_pushdef([requested_version_minor],
+              [gl_LIBUNISTRING_ARG_OR_ZERO(m4_bpatsubst([$1], [^[0-9]*[.]\([0-9]*\).*], [\1]), [$1])])
+            m4_pushdef([requested_version_subminor],
+              [gl_LIBUNISTRING_ARG_OR_ZERO(m4_bpatsubst([$1], [^[0-9]*[.][0-9]*[.]\([0-9]*\).*], [\1]), [$1])])
+            test $LIBUNISTRING_VERSION_MAJOR -lt requested_version_major \
+            || { test $LIBUNISTRING_VERSION_MAJOR -eq requested_version_major \
+                 && { test $LIBUNISTRING_VERSION_MINOR -lt requested_version_minor \
+                      || { test $LIBUNISTRING_VERSION_MINOR -eq requested_version_minor \
+                           && test $LIBUNISTRING_VERSION_SUBMINOR -lt requested_version_subminor
+                         }
+                    }
+               }
+            m4_popdef([requested_version_subminor])
+            m4_popdef([requested_version_minor])
+            m4_popdef([requested_version_major])
+           ],
+           [dnl This is the unoptimized variant:
+            requested_version_major=`echo '$1' | sed -n -e "$gl_libunistring_sed_extract_major"`
+            requested_version_minor=`echo '$1' | sed -n -e "$gl_libunistring_sed_extract_minor"`
+            requested_version_subminor=`echo '$1' | sed -n -e "$gl_libunistring_sed_extract_subminor"`
+            test $LIBUNISTRING_VERSION_MAJOR -lt $requested_version_major \
+            || { test $LIBUNISTRING_VERSION_MAJOR -eq $requested_version_major \
+                 && { test $LIBUNISTRING_VERSION_MINOR -lt $requested_version_minor \
+                      || { test $LIBUNISTRING_VERSION_MINOR -eq $requested_version_minor \
+                           && test $LIBUNISTRING_VERSION_SUBMINOR -lt $requested_version_subminor
+                         }
+                    }
+               }
+           ])
+       }
+  }])
+
+dnl gl_LIBUNISTRING_ARG_OR_ZERO([ARG], [ORIG]) expands to ARG if it is not the
+dnl same as ORIG, otherwise to 0.
+m4_define([gl_LIBUNISTRING_ARG_OR_ZERO], [m4_if([$1], [$2], [0], [$1])])
diff --git a/lib/unistring/stdbool.in.h b/lib/unistring/stdbool.in.h
new file mode 100644
index 0000000..33e9538
--- /dev/null
+++ b/lib/unistring/stdbool.in.h
@@ -0,0 +1,141 @@
+/* Copyright (C) 2001-2003, 2006-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <haible@clisp.cons.org>, 2001.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, see <https://www.gnu.org/licenses/>.  */
+
+#ifndef _GL_STDBOOL_H
+#define _GL_STDBOOL_H
+
+/* ISO C 99 <stdbool.h> for platforms that lack it.  */
+
+/* Usage suggestions:
+
+   Programs that use <stdbool.h> should be aware of some limitations
+   and standards compliance issues.
+
+   Standards compliance:
+
+       - <stdbool.h> must be #included before 'bool', 'false', 'true'
+         can be used.
+
+       - You cannot assume that sizeof (bool) == 1.
+
+       - Programs should not undefine the macros bool, true, and false,
+         as C99 lists that as an "obsolescent feature".
+
+   Limitations of this substitute, when used in a C89 environment:
+
+       - <stdbool.h> must be #included before the '_Bool' type can be used.
+
+       - You cannot assume that _Bool is a typedef; it might be a macro.
+
+       - Bit-fields of type 'bool' are not supported.  Portable code
+         should use 'unsigned int foo : 1;' rather than 'bool foo : 1;'.
+
+       - In C99, casts and automatic conversions to '_Bool' or 'bool' are
+         performed in such a way that every nonzero value gets converted
+         to 'true', and zero gets converted to 'false'.  This doesn't work
+         with this substitute.  With this substitute, only the values 0 and 1
+         give the expected result when converted to _Bool' or 'bool'.
+
+       - C99 allows the use of (_Bool)0.0 in constant expressions, but
+         this substitute cannot always provide this property.
+
+   Also, it is suggested that programs use 'bool' rather than '_Bool';
+   this isn't required, but 'bool' is more common.  */
+
+
+/* 7.16. Boolean type and values */
+
+/* BeOS <sys/socket.h> already #defines false 0, true 1.  We use the same
+   definitions below, but temporarily we have to #undef them.  */
+#if defined __BEOS__ && !defined __HAIKU__
+# include <OS.h> /* defines bool but not _Bool */
+# undef false
+# undef true
+#endif
+
+#ifdef __cplusplus
+# define _Bool bool
+# define bool bool
+#else
+# if defined __BEOS__ && !defined __HAIKU__
+  /* A compiler known to have 'bool'.  */
+  /* If the compiler already has both 'bool' and '_Bool', we can assume they
+     are the same types.  */
+#  if !@HAVE__BOOL@
+typedef bool _Bool;
+#  endif
+# else
+#  if !defined __GNUC__
+   /* If @HAVE__BOOL@:
+        Some HP-UX cc and AIX IBM C compiler versions have compiler bugs when
+        the built-in _Bool type is used.  See
+          https://gcc.gnu.org/ml/gcc-patches/2003-12/msg02303.html
+          https://lists.gnu.org/r/bug-coreutils/2005-11/msg00161.html
+          https://lists.gnu.org/r/bug-coreutils/2005-10/msg00086.html
+        Similar bugs are likely with other compilers as well; this file
+        wouldn't be used if <stdbool.h> was working.
+        So we override the _Bool type.
+      If !@HAVE__BOOL@:
+        Need to define _Bool ourselves. As 'signed char' or as an enum type?
+        Use of a typedef, with SunPRO C, leads to a stupid
+          "warning: _Bool is a keyword in ISO C99".
+        Use of an enum type, with IRIX cc, leads to a stupid
+          "warning(1185): enumerated type mixed with another type".
+        Even the existence of an enum type, without a typedef,
+          "Invalid enumerator. (badenum)" with HP-UX cc on Tru64.
+        The only benefit of the enum, debuggability, is not important
+        with these compilers.  So use 'signed char' and no enum.  */
+#   define _Bool signed char
+#  else
+   /* With this compiler, trust the _Bool type if the compiler has it.  */
+#   if !@HAVE__BOOL@
+   /* For the sake of symbolic names in gdb, define true and false as
+      enum constants, not only as macros.
+      It is tempting to write
+         typedef enum { false = 0, true = 1 } _Bool;
+      so that gdb prints values of type 'bool' symbolically.  But then
+      values of type '_Bool' might promote to 'int' or 'unsigned int'
+      (see ISO C 99 6.7.2.2.(4)); however, '_Bool' must promote to 'int'
+      (see ISO C 99 6.3.1.1.(2)).  So add a negative value to the
+      enum; this ensures that '_Bool' promotes to 'int'.  */
+typedef enum { _Bool_must_promote_to_int = -1, false = 0, true = 1 } _Bool;
+#   endif
+#  endif
+# endif
+# define bool _Bool
+#endif
+
+/* The other macros must be usable in preprocessor directives.  */
+#ifdef __cplusplus
+# define false false
+# define true true
+#else
+# define false 0
+# define true 1
+#endif
+
+#define __bool_true_false_are_defined 1
+
+#endif /* _GL_STDBOOL_H */
diff --git a/lib/unistring/stdint.in.h b/lib/unistring/stdint.in.h
new file mode 100644
index 0000000..41c7190
--- /dev/null
+++ b/lib/unistring/stdint.in.h
@@ -0,0 +1,749 @@
+/* Copyright (C) 2001-2002, 2004-2021 Free Software Foundation, Inc.
+   Written by Paul Eggert, Bruno Haible, Sam Steingold, Peter Burwood.
+   This file is part of gnulib.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, see <https://www.gnu.org/licenses/>.  */
+
+/*
+ * ISO C 99 <stdint.h> for platforms that lack it.
+ * <https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/stdint.h.html>
+ */
+
+#ifndef _@GUARD_PREFIX@_STDINT_H
+
+#if __GNUC__ >= 3
+@PRAGMA_SYSTEM_HEADER@
+#endif
+@PRAGMA_COLUMNS@
+
+/* When including a system file that in turn includes <inttypes.h>,
+   use the system <inttypes.h>, not our substitute.  This avoids
+   problems with (for example) VMS, whose <sys/bitypes.h> includes
+   <inttypes.h>.  */
+#define _GL_JUST_INCLUDE_SYSTEM_INTTYPES_H
+
+/* On Android (Bionic libc), <sys/types.h> includes this file before
+   having defined 'time_t'.  Therefore in this case avoid including
+   other system header files; just include the system's <stdint.h>.
+   Ideally we should test __BIONIC__ here, but it is only defined after
+   <sys/cdefs.h> has been included; hence test __ANDROID__ instead.  */
+#if defined __ANDROID__ && defined _GL_INCLUDING_SYS_TYPES_H
+# @INCLUDE_NEXT@ @NEXT_STDINT_H@
+#else
+
+/* Get those types that are already defined in other system include
+   files, so that we can "#define int8_t signed char" below without
+   worrying about a later system include file containing a "typedef
+   signed char int8_t;" that will get messed up by our macro.  Our
+   macros should all be consistent with the system versions, except
+   for the "fast" types and macros, which we recommend against using
+   in public interfaces due to compiler differences.  */
+
+#if @HAVE_STDINT_H@
+# if defined __sgi && ! defined __c99
+   /* Bypass IRIX's <stdint.h> if in C89 mode, since it merely annoys users
+      with "This header file is to be used only for c99 mode compilations"
+      diagnostics.  */
+#  define __STDINT_H__
+# endif
+
+  /* Some pre-C++11 <stdint.h> implementations need this.  */
+# ifdef __cplusplus
+#  ifndef __STDC_CONSTANT_MACROS
+#   define __STDC_CONSTANT_MACROS 1
+#  endif
+#  ifndef __STDC_LIMIT_MACROS
+#   define __STDC_LIMIT_MACROS 1
+#  endif
+# endif
+
+  /* Other systems may have an incomplete or buggy <stdint.h>.
+     Include it before <inttypes.h>, since any "#include <stdint.h>"
+     in <inttypes.h> would reinclude us, skipping our contents because
+     _@GUARD_PREFIX@_STDINT_H is defined.
+     The include_next requires a split double-inclusion guard.  */
+# @INCLUDE_NEXT@ @NEXT_STDINT_H@
+#endif
+
+#if ! defined _@GUARD_PREFIX@_STDINT_H && ! defined _GL_JUST_INCLUDE_SYSTEM_STDINT_H
+#define _@GUARD_PREFIX@_STDINT_H
+
+/* Get SCHAR_MIN, SCHAR_MAX, UCHAR_MAX, INT_MIN, INT_MAX,
+   LONG_MIN, LONG_MAX, ULONG_MAX, _GL_INTEGER_WIDTH.  */
+#include <limits.h>
+
+/* Override WINT_MIN and WINT_MAX if gnulib's <wchar.h> or <wctype.h> overrides
+   wint_t.  */
+#if @GNULIBHEADERS_OVERRIDE_WINT_T@
+# undef WINT_MIN
+# undef WINT_MAX
+# define WINT_MIN 0x0U
+# define WINT_MAX 0xffffffffU
+#endif
+
+#if ! @HAVE_C99_STDINT_H@
+
+/* <sys/types.h> defines some of the stdint.h types as well, on glibc,
+   IRIX 6.5, and OpenBSD 3.8 (via <machine/types.h>).
+   AIX 5.2 <sys/types.h> isn't needed and causes troubles.
+   Mac OS X 10.4.6 <sys/types.h> includes <stdint.h> (which is us), but
+   relies on the system <stdint.h> definitions, so include
+   <sys/types.h> after @NEXT_STDINT_H@.  */
+# if @HAVE_SYS_TYPES_H@ && ! defined _AIX
+#  include <sys/types.h>
+# endif
+
+# if @HAVE_INTTYPES_H@
+  /* In OpenBSD 3.8, <inttypes.h> includes <machine/types.h>, which defines
+     int{8,16,32,64}_t, uint{8,16,32,64}_t and __BIT_TYPES_DEFINED__.
+     <inttypes.h> also defines intptr_t and uintptr_t.  */
+#  include <inttypes.h>
+# elif @HAVE_SYS_INTTYPES_H@
+  /* Solaris 7 <sys/inttypes.h> has the types except the *_fast*_t types, and
+     the macros except for *_FAST*_*, INTPTR_MIN, PTRDIFF_MIN, PTRDIFF_MAX.  */
+#  include <sys/inttypes.h>
+# endif
+
+# if @HAVE_SYS_BITYPES_H@ && ! defined __BIT_TYPES_DEFINED__
+  /* Linux libc4 >= 4.6.7 and libc5 have a <sys/bitypes.h> that defines
+     int{8,16,32,64}_t and __BIT_TYPES_DEFINED__.  In libc5 >= 5.2.2 it is
+     included by <sys/types.h>.  */
+#  include <sys/bitypes.h>
+# endif
+
+# undef _GL_JUST_INCLUDE_SYSTEM_INTTYPES_H
+
+/* Minimum and maximum values for an integer type under the usual assumption.
+   Return an unspecified value if BITS == 0, adding a check to pacify
+   picky compilers.  */
+
+/* These are separate macros, because if you try to merge these macros into
+   a single one, HP-UX cc rejects the resulting expression in constant
+   expressions.  */
+# define _STDINT_UNSIGNED_MIN(bits, zero) \
+    (zero)
+# define _STDINT_SIGNED_MIN(bits, zero) \
+    (~ _STDINT_MAX (1, bits, zero))
+
+# define _STDINT_MAX(signed, bits, zero) \
+    (((((zero) + 1) << ((bits) ? (bits) - 1 - (signed) : 0)) - 1) * 2 + 1)
+
+#if !GNULIB_defined_stdint_types
+
+/* 7.18.1.1. Exact-width integer types */
+
+/* Here we assume a standard architecture where the hardware integer
+   types have 8, 16, 32, optionally 64 bits.  */
+
+# undef int8_t
+# undef uint8_t
+typedef signed char gl_int8_t;
+typedef unsigned char gl_uint8_t;
+# define int8_t gl_int8_t
+# define uint8_t gl_uint8_t
+
+# undef int16_t
+# undef uint16_t
+typedef short int gl_int16_t;
+typedef unsigned short int gl_uint16_t;
+# define int16_t gl_int16_t
+# define uint16_t gl_uint16_t
+
+# undef int32_t
+# undef uint32_t
+typedef int gl_int32_t;
+typedef unsigned int gl_uint32_t;
+# define int32_t gl_int32_t
+# define uint32_t gl_uint32_t
+
+/* If the system defines INT64_MAX, assume int64_t works.  That way,
+   if the underlying platform defines int64_t to be a 64-bit long long
+   int, the code below won't mistakenly define it to be a 64-bit long
+   int, which would mess up C++ name mangling.  We must use #ifdef
+   rather than #if, to avoid an error with HP-UX 10.20 cc.  */
+
+# ifdef INT64_MAX
+#  define GL_INT64_T
+# else
+/* Do not undefine int64_t if gnulib is not being used with 64-bit
+   types, since otherwise it breaks platforms like Tandem/NSK.  */
+#  if LONG_MAX >> 31 >> 31 == 1
+#   undef int64_t
+typedef long int gl_int64_t;
+#   define int64_t gl_int64_t
+#   define GL_INT64_T
+#  elif defined _MSC_VER
+#   undef int64_t
+typedef __int64 gl_int64_t;
+#   define int64_t gl_int64_t
+#   define GL_INT64_T
+#  else
+#   undef int64_t
+typedef long long int gl_int64_t;
+#   define int64_t gl_int64_t
+#   define GL_INT64_T
+#  endif
+# endif
+
+# ifdef UINT64_MAX
+#  define GL_UINT64_T
+# else
+#  if ULONG_MAX >> 31 >> 31 >> 1 == 1
+#   undef uint64_t
+typedef unsigned long int gl_uint64_t;
+#   define uint64_t gl_uint64_t
+#   define GL_UINT64_T
+#  elif defined _MSC_VER
+#   undef uint64_t
+typedef unsigned __int64 gl_uint64_t;
+#   define uint64_t gl_uint64_t
+#   define GL_UINT64_T
+#  else
+#   undef uint64_t
+typedef unsigned long long int gl_uint64_t;
+#   define uint64_t gl_uint64_t
+#   define GL_UINT64_T
+#  endif
+# endif
+
+/* Avoid collision with Solaris 2.5.1 <pthread.h> etc.  */
+# define _UINT8_T
+# define _UINT32_T
+# define _UINT64_T
+
+
+/* 7.18.1.2. Minimum-width integer types */
+
+/* Here we assume a standard architecture where the hardware integer
+   types have 8, 16, 32, optionally 64 bits. Therefore the leastN_t types
+   are the same as the corresponding N_t types.  */
+
+# undef int_least8_t
+# undef uint_least8_t
+# undef int_least16_t
+# undef uint_least16_t
+# undef int_least32_t
+# undef uint_least32_t
+# undef int_least64_t
+# undef uint_least64_t
+# define int_least8_t int8_t
+# define uint_least8_t uint8_t
+# define int_least16_t int16_t
+# define uint_least16_t uint16_t
+# define int_least32_t int32_t
+# define uint_least32_t uint32_t
+# ifdef GL_INT64_T
+#  define int_least64_t int64_t
+# endif
+# ifdef GL_UINT64_T
+#  define uint_least64_t uint64_t
+# endif
+
+/* 7.18.1.3. Fastest minimum-width integer types */
+
+/* Note: Other <stdint.h> substitutes may define these types differently.
+   It is not recommended to use these types in public header files. */
+
+/* Here we assume a standard architecture where the hardware integer
+   types have 8, 16, 32, optionally 64 bits. Therefore the fastN_t types
+   are taken from the same list of types.  The following code normally
+   uses types consistent with glibc, as that lessens the chance of
+   incompatibility with older GNU hosts.  */
+
+# undef int_fast8_t
+# undef uint_fast8_t
+# undef int_fast16_t
+# undef uint_fast16_t
+# undef int_fast32_t
+# undef uint_fast32_t
+# undef int_fast64_t
+# undef uint_fast64_t
+typedef signed char gl_int_fast8_t;
+typedef unsigned char gl_uint_fast8_t;
+
+# ifdef __sun
+/* Define types compatible with SunOS 5.10, so that code compiled under
+   earlier SunOS versions works with code compiled under SunOS 5.10.  */
+typedef int gl_int_fast32_t;
+typedef unsigned int gl_uint_fast32_t;
+# else
+typedef long int gl_int_fast32_t;
+typedef unsigned long int gl_uint_fast32_t;
+# endif
+typedef gl_int_fast32_t gl_int_fast16_t;
+typedef gl_uint_fast32_t gl_uint_fast16_t;
+
+# define int_fast8_t gl_int_fast8_t
+# define uint_fast8_t gl_uint_fast8_t
+# define int_fast16_t gl_int_fast16_t
+# define uint_fast16_t gl_uint_fast16_t
+# define int_fast32_t gl_int_fast32_t
+# define uint_fast32_t gl_uint_fast32_t
+# ifdef GL_INT64_T
+#  define int_fast64_t int64_t
+# endif
+# ifdef GL_UINT64_T
+#  define uint_fast64_t uint64_t
+# endif
+
+/* 7.18.1.4. Integer types capable of holding object pointers */
+
+/* kLIBC's <stdint.h> defines _INTPTR_T_DECLARED and needs its own
+   definitions of intptr_t and uintptr_t (which use int and unsigned)
+   to avoid clashes with declarations of system functions like sbrk.
+   Similarly, MinGW WSL-5.4.1 <stdint.h> needs its own intptr_t and
+   uintptr_t to avoid conflicting declarations of system functions like
+   _findclose in <io.h>.  */
+# if !((defined __KLIBC__ && defined _INTPTR_T_DECLARED) \
+       || defined __MINGW32__)
+#  undef intptr_t
+#  undef uintptr_t
+#  ifdef _WIN64
+typedef long long int gl_intptr_t;
+typedef unsigned long long int gl_uintptr_t;
+#  else
+typedef long int gl_intptr_t;
+typedef unsigned long int gl_uintptr_t;
+#  endif
+#  define intptr_t gl_intptr_t
+#  define uintptr_t gl_uintptr_t
+# endif
+
+/* 7.18.1.5. Greatest-width integer types */
+
+/* Note: These types are compiler dependent. It may be unwise to use them in
+   public header files. */
+
+/* If the system defines INTMAX_MAX, assume that intmax_t works, and
+   similarly for UINTMAX_MAX and uintmax_t.  This avoids problems with
+   assuming one type where another is used by the system.  */
+
+# ifndef INTMAX_MAX
+#  undef INTMAX_C
+#  undef intmax_t
+#  if LONG_MAX >> 30 == 1
+typedef long long int gl_intmax_t;
+#   define intmax_t gl_intmax_t
+#  elif defined GL_INT64_T
+#   define intmax_t int64_t
+#  else
+typedef long int gl_intmax_t;
+#   define intmax_t gl_intmax_t
+#  endif
+# endif
+
+# ifndef UINTMAX_MAX
+#  undef UINTMAX_C
+#  undef uintmax_t
+#  if ULONG_MAX >> 31 == 1
+typedef unsigned long long int gl_uintmax_t;
+#   define uintmax_t gl_uintmax_t
+#  elif defined GL_UINT64_T
+#   define uintmax_t uint64_t
+#  else
+typedef unsigned long int gl_uintmax_t;
+#   define uintmax_t gl_uintmax_t
+#  endif
+# endif
+
+/* Verify that intmax_t and uintmax_t have the same size.  Too much code
+   breaks if this is not the case.  If this check fails, the reason is likely
+   to be found in the autoconf macros.  */
+typedef int _verify_intmax_size[sizeof (intmax_t) == sizeof (uintmax_t)
+                                ? 1 : -1];
+
+# define GNULIB_defined_stdint_types 1
+# endif /* !GNULIB_defined_stdint_types */
+
+/* 7.18.2. Limits of specified-width integer types */
+
+/* 7.18.2.1. Limits of exact-width integer types */
+
+/* Here we assume a standard architecture where the hardware integer
+   types have 8, 16, 32, optionally 64 bits.  */
+
+# undef INT8_MIN
+# undef INT8_MAX
+# undef UINT8_MAX
+# define INT8_MIN  (~ INT8_MAX)
+# define INT8_MAX  127
+# define UINT8_MAX  255
+
+# undef INT16_MIN
+# undef INT16_MAX
+# undef UINT16_MAX
+# define INT16_MIN  (~ INT16_MAX)
+# define INT16_MAX  32767
+# define UINT16_MAX  65535
+
+# undef INT32_MIN
+# undef INT32_MAX
+# undef UINT32_MAX
+# define INT32_MIN  (~ INT32_MAX)
+# define INT32_MAX  2147483647
+# define UINT32_MAX  4294967295U
+
+# if defined GL_INT64_T && ! defined INT64_MAX
+/* Prefer (- INTMAX_C (1) << 63) over (~ INT64_MAX) because SunPRO C 5.0
+   evaluates the latter incorrectly in preprocessor expressions.  */
+#  define INT64_MIN  (- INTMAX_C (1) << 63)
+#  define INT64_MAX  INTMAX_C (9223372036854775807)
+# endif
+
+# if defined GL_UINT64_T && ! defined UINT64_MAX
+#  define UINT64_MAX  UINTMAX_C (18446744073709551615)
+# endif
+
+/* 7.18.2.2. Limits of minimum-width integer types */
+
+/* Here we assume a standard architecture where the hardware integer
+   types have 8, 16, 32, optionally 64 bits. Therefore the leastN_t types
+   are the same as the corresponding N_t types.  */
+
+# undef INT_LEAST8_MIN
+# undef INT_LEAST8_MAX
+# undef UINT_LEAST8_MAX
+# define INT_LEAST8_MIN  INT8_MIN
+# define INT_LEAST8_MAX  INT8_MAX
+# define UINT_LEAST8_MAX  UINT8_MAX
+
+# undef INT_LEAST16_MIN
+# undef INT_LEAST16_MAX
+# undef UINT_LEAST16_MAX
+# define INT_LEAST16_MIN  INT16_MIN
+# define INT_LEAST16_MAX  INT16_MAX
+# define UINT_LEAST16_MAX  UINT16_MAX
+
+# undef INT_LEAST32_MIN
+# undef INT_LEAST32_MAX
+# undef UINT_LEAST32_MAX
+# define INT_LEAST32_MIN  INT32_MIN
+# define INT_LEAST32_MAX  INT32_MAX
+# define UINT_LEAST32_MAX  UINT32_MAX
+
+# undef INT_LEAST64_MIN
+# undef INT_LEAST64_MAX
+# ifdef GL_INT64_T
+#  define INT_LEAST64_MIN  INT64_MIN
+#  define INT_LEAST64_MAX  INT64_MAX
+# endif
+
+# undef UINT_LEAST64_MAX
+# ifdef GL_UINT64_T
+#  define UINT_LEAST64_MAX  UINT64_MAX
+# endif
+
+/* 7.18.2.3. Limits of fastest minimum-width integer types */
+
+/* Here we assume a standard architecture where the hardware integer
+   types have 8, 16, 32, optionally 64 bits. Therefore the fastN_t types
+   are taken from the same list of types.  */
+
+# undef INT_FAST8_MIN
+# undef INT_FAST8_MAX
+# undef UINT_FAST8_MAX
+# define INT_FAST8_MIN  SCHAR_MIN
+# define INT_FAST8_MAX  SCHAR_MAX
+# define UINT_FAST8_MAX  UCHAR_MAX
+
+# undef INT_FAST16_MIN
+# undef INT_FAST16_MAX
+# undef UINT_FAST16_MAX
+# define INT_FAST16_MIN  INT_FAST32_MIN
+# define INT_FAST16_MAX  INT_FAST32_MAX
+# define UINT_FAST16_MAX  UINT_FAST32_MAX
+
+# undef INT_FAST32_MIN
+# undef INT_FAST32_MAX
+# undef UINT_FAST32_MAX
+# ifdef __sun
+#  define INT_FAST32_MIN  INT_MIN
+#  define INT_FAST32_MAX  INT_MAX
+#  define UINT_FAST32_MAX  UINT_MAX
+# else
+#  define INT_FAST32_MIN  LONG_MIN
+#  define INT_FAST32_MAX  LONG_MAX
+#  define UINT_FAST32_MAX  ULONG_MAX
+# endif
+
+# undef INT_FAST64_MIN
+# undef INT_FAST64_MAX
+# ifdef GL_INT64_T
+#  define INT_FAST64_MIN  INT64_MIN
+#  define INT_FAST64_MAX  INT64_MAX
+# endif
+
+# undef UINT_FAST64_MAX
+# ifdef GL_UINT64_T
+#  define UINT_FAST64_MAX  UINT64_MAX
+# endif
+
+/* 7.18.2.4. Limits of integer types capable of holding object pointers */
+
+# undef INTPTR_MIN
+# undef INTPTR_MAX
+# undef UINTPTR_MAX
+# ifdef _WIN64
+#  define INTPTR_MIN  LLONG_MIN
+#  define INTPTR_MAX  LLONG_MAX
+#  define UINTPTR_MAX  ULLONG_MAX
+# else
+#  define INTPTR_MIN  LONG_MIN
+#  define INTPTR_MAX  LONG_MAX
+#  define UINTPTR_MAX  ULONG_MAX
+# endif
+
+/* 7.18.2.5. Limits of greatest-width integer types */
+
+# ifndef INTMAX_MAX
+#  undef INTMAX_MIN
+#  ifdef INT64_MAX
+#   define INTMAX_MIN  INT64_MIN
+#   define INTMAX_MAX  INT64_MAX
+#  else
+#   define INTMAX_MIN  INT32_MIN
+#   define INTMAX_MAX  INT32_MAX
+#  endif
+# endif
+
+# ifndef UINTMAX_MAX
+#  ifdef UINT64_MAX
+#   define UINTMAX_MAX  UINT64_MAX
+#  else
+#   define UINTMAX_MAX  UINT32_MAX
+#  endif
+# endif
+
+/* 7.18.3. Limits of other integer types */
+
+/* ptrdiff_t limits */
+# undef PTRDIFF_MIN
+# undef PTRDIFF_MAX
+# if @APPLE_UNIVERSAL_BUILD@
+#  ifdef _LP64
+#   define PTRDIFF_MIN  _STDINT_SIGNED_MIN (64, 0l)
+#   define PTRDIFF_MAX  _STDINT_MAX (1, 64, 0l)
+#  else
+#   define PTRDIFF_MIN  _STDINT_SIGNED_MIN (32, 0)
+#   define PTRDIFF_MAX  _STDINT_MAX (1, 32, 0)
+#  endif
+# else
+#  define PTRDIFF_MIN  \
+    _STDINT_SIGNED_MIN (@BITSIZEOF_PTRDIFF_T@, 0@PTRDIFF_T_SUFFIX@)
+#  define PTRDIFF_MAX  \
+    _STDINT_MAX (1, @BITSIZEOF_PTRDIFF_T@, 0@PTRDIFF_T_SUFFIX@)
+# endif
+
+/* sig_atomic_t limits */
+# undef SIG_ATOMIC_MIN
+# undef SIG_ATOMIC_MAX
+# if @HAVE_SIGNED_SIG_ATOMIC_T@
+#  define SIG_ATOMIC_MIN  \
+    _STDINT_SIGNED_MIN (@BITSIZEOF_SIG_ATOMIC_T@, 0@SIG_ATOMIC_T_SUFFIX@)
+# else
+#  define SIG_ATOMIC_MIN  \
+    _STDINT_UNSIGNED_MIN (@BITSIZEOF_SIG_ATOMIC_T@, 0@SIG_ATOMIC_T_SUFFIX@)
+# endif
+# define SIG_ATOMIC_MAX  \
+   _STDINT_MAX (@HAVE_SIGNED_SIG_ATOMIC_T@, @BITSIZEOF_SIG_ATOMIC_T@, \
+                0@SIG_ATOMIC_T_SUFFIX@)
+
+
+/* size_t limit */
+# undef SIZE_MAX
+# if @APPLE_UNIVERSAL_BUILD@
+#  ifdef _LP64
+#   define SIZE_MAX  _STDINT_MAX (0, 64, 0ul)
+#  else
+#   define SIZE_MAX  _STDINT_MAX (0, 32, 0ul)
+#  endif
+# else
+#  define SIZE_MAX  _STDINT_MAX (0, @BITSIZEOF_SIZE_T@, 0@SIZE_T_SUFFIX@)
+# endif
+
+/* wchar_t limits */
+/* Get WCHAR_MIN, WCHAR_MAX.
+   This include is not on the top, above, because on OSF/1 4.0 we have a
+   sequence of nested includes
+   <wchar.h> -> <stdio.h> -> <getopt.h> -> <stdlib.h>, and the latter includes
+   <stdint.h> and assumes its types are already defined.  */
+# if @HAVE_WCHAR_H@ && ! (defined WCHAR_MIN && defined WCHAR_MAX)
+#  define _GL_JUST_INCLUDE_SYSTEM_WCHAR_H
+#  include <wchar.h>
+#  undef _GL_JUST_INCLUDE_SYSTEM_WCHAR_H
+# endif
+# undef WCHAR_MIN
+# undef WCHAR_MAX
+# if @HAVE_SIGNED_WCHAR_T@
+#  define WCHAR_MIN  \
+    _STDINT_SIGNED_MIN (@BITSIZEOF_WCHAR_T@, 0@WCHAR_T_SUFFIX@)
+# else
+#  define WCHAR_MIN  \
+    _STDINT_UNSIGNED_MIN (@BITSIZEOF_WCHAR_T@, 0@WCHAR_T_SUFFIX@)
+# endif
+# define WCHAR_MAX  \
+   _STDINT_MAX (@HAVE_SIGNED_WCHAR_T@, @BITSIZEOF_WCHAR_T@, 0@WCHAR_T_SUFFIX@)
+
+/* wint_t limits */
+/* If gnulib's <wchar.h> or <wctype.h> overrides wint_t, @WINT_T_SUFFIX@ is not
+   accurate, therefore use the definitions from above.  */
+# if !@GNULIBHEADERS_OVERRIDE_WINT_T@
+#  undef WINT_MIN
+#  undef WINT_MAX
+#  if @HAVE_SIGNED_WINT_T@
+#   define WINT_MIN  \
+     _STDINT_SIGNED_MIN (@BITSIZEOF_WINT_T@, 0@WINT_T_SUFFIX@)
+#  else
+#   define WINT_MIN  \
+     _STDINT_UNSIGNED_MIN (@BITSIZEOF_WINT_T@, 0@WINT_T_SUFFIX@)
+#  endif
+#  define WINT_MAX  \
+    _STDINT_MAX (@HAVE_SIGNED_WINT_T@, @BITSIZEOF_WINT_T@, 0@WINT_T_SUFFIX@)
+# endif
+
+/* 7.18.4. Macros for integer constants */
+
+/* 7.18.4.1. Macros for minimum-width integer constants */
+/* According to ISO C 99 Technical Corrigendum 1 */
+
+/* Here we assume a standard architecture where the hardware integer
+   types have 8, 16, 32, optionally 64 bits, and int is 32 bits.  */
+
+# undef INT8_C
+# undef UINT8_C
+# define INT8_C(x) x
+# define UINT8_C(x) x
+
+# undef INT16_C
+# undef UINT16_C
+# define INT16_C(x) x
+# define UINT16_C(x) x
+
+# undef INT32_C
+# undef UINT32_C
+# define INT32_C(x) x
+# define UINT32_C(x) x ## U
+
+# undef INT64_C
+# undef UINT64_C
+# if LONG_MAX >> 31 >> 31 == 1
+#  define INT64_C(x) x##L
+# elif defined _MSC_VER
+#  define INT64_C(x) x##i64
+# else
+#  define INT64_C(x) x##LL
+# endif
+# if ULONG_MAX >> 31 >> 31 >> 1 == 1
+#  define UINT64_C(x) x##UL
+# elif defined _MSC_VER
+#  define UINT64_C(x) x##ui64
+# else
+#  define UINT64_C(x) x##ULL
+# endif
+
+/* 7.18.4.2. Macros for greatest-width integer constants */
+
+# ifndef INTMAX_C
+#  if LONG_MAX >> 30 == 1
+#   define INTMAX_C(x)   x##LL
+#  elif defined GL_INT64_T
+#   define INTMAX_C(x)   INT64_C(x)
+#  else
+#   define INTMAX_C(x)   x##L
+#  endif
+# endif
+
+# ifndef UINTMAX_C
+#  if ULONG_MAX >> 31 == 1
+#   define UINTMAX_C(x)  x##ULL
+#  elif defined GL_UINT64_T
+#   define UINTMAX_C(x)  UINT64_C(x)
+#  else
+#   define UINTMAX_C(x)  x##UL
+#  endif
+# endif
+
+#endif /* !@HAVE_C99_STDINT_H@ */
+
+/* Macros specified by ISO/IEC TS 18661-1:2014.  */
+
+#if (!defined UINTMAX_WIDTH \
+     && (defined _GNU_SOURCE || defined __STDC_WANT_IEC_60559_BFP_EXT__))
+# ifdef INT8_MAX
+#  define INT8_WIDTH _GL_INTEGER_WIDTH (INT8_MIN, INT8_MAX)
+# endif
+# ifdef UINT8_MAX
+#  define UINT8_WIDTH _GL_INTEGER_WIDTH (0, UINT8_MAX)
+# endif
+# ifdef INT16_MAX
+#  define INT16_WIDTH _GL_INTEGER_WIDTH (INT16_MIN, INT16_MAX)
+# endif
+# ifdef UINT16_MAX
+#  define UINT16_WIDTH _GL_INTEGER_WIDTH (0, UINT16_MAX)
+# endif
+# ifdef INT32_MAX
+#  define INT32_WIDTH _GL_INTEGER_WIDTH (INT32_MIN, INT32_MAX)
+# endif
+# ifdef UINT32_MAX
+#  define UINT32_WIDTH _GL_INTEGER_WIDTH (0, UINT32_MAX)
+# endif
+# ifdef INT64_MAX
+#  define INT64_WIDTH _GL_INTEGER_WIDTH (INT64_MIN, INT64_MAX)
+# endif
+# ifdef UINT64_MAX
+#  define UINT64_WIDTH _GL_INTEGER_WIDTH (0, UINT64_MAX)
+# endif
+# define INT_LEAST8_WIDTH _GL_INTEGER_WIDTH (INT_LEAST8_MIN, INT_LEAST8_MAX)
+# define UINT_LEAST8_WIDTH _GL_INTEGER_WIDTH (0, UINT_LEAST8_MAX)
+# define INT_LEAST16_WIDTH _GL_INTEGER_WIDTH (INT_LEAST16_MIN, INT_LEAST16_MAX)
+# define UINT_LEAST16_WIDTH _GL_INTEGER_WIDTH (0, UINT_LEAST16_MAX)
+# define INT_LEAST32_WIDTH _GL_INTEGER_WIDTH (INT_LEAST32_MIN, INT_LEAST32_MAX)
+# define UINT_LEAST32_WIDTH _GL_INTEGER_WIDTH (0, UINT_LEAST32_MAX)
+# define INT_LEAST64_WIDTH _GL_INTEGER_WIDTH (INT_LEAST64_MIN, INT_LEAST64_MAX)
+# define UINT_LEAST64_WIDTH _GL_INTEGER_WIDTH (0, UINT_LEAST64_MAX)
+# define INT_FAST8_WIDTH _GL_INTEGER_WIDTH (INT_FAST8_MIN, INT_FAST8_MAX)
+# define UINT_FAST8_WIDTH _GL_INTEGER_WIDTH (0, UINT_FAST8_MAX)
+# define INT_FAST16_WIDTH _GL_INTEGER_WIDTH (INT_FAST16_MIN, INT_FAST16_MAX)
+# define UINT_FAST16_WIDTH _GL_INTEGER_WIDTH (0, UINT_FAST16_MAX)
+# define INT_FAST32_WIDTH _GL_INTEGER_WIDTH (INT_FAST32_MIN, INT_FAST32_MAX)
+# define UINT_FAST32_WIDTH _GL_INTEGER_WIDTH (0, UINT_FAST32_MAX)
+# define INT_FAST64_WIDTH _GL_INTEGER_WIDTH (INT_FAST64_MIN, INT_FAST64_MAX)
+# define UINT_FAST64_WIDTH _GL_INTEGER_WIDTH (0, UINT_FAST64_MAX)
+# define INTPTR_WIDTH _GL_INTEGER_WIDTH (INTPTR_MIN, INTPTR_MAX)
+# define UINTPTR_WIDTH _GL_INTEGER_WIDTH (0, UINTPTR_MAX)
+# define INTMAX_WIDTH _GL_INTEGER_WIDTH (INTMAX_MIN, INTMAX_MAX)
+# define UINTMAX_WIDTH _GL_INTEGER_WIDTH (0, UINTMAX_MAX)
+# define PTRDIFF_WIDTH _GL_INTEGER_WIDTH (PTRDIFF_MIN, PTRDIFF_MAX)
+# define SIZE_WIDTH _GL_INTEGER_WIDTH (0, SIZE_MAX)
+# define WCHAR_WIDTH _GL_INTEGER_WIDTH (WCHAR_MIN, WCHAR_MAX)
+# ifdef WINT_MAX
+#  define WINT_WIDTH _GL_INTEGER_WIDTH (WINT_MIN, WINT_MAX)
+# endif
+# ifdef SIG_ATOMIC_MAX
+#  define SIG_ATOMIC_WIDTH _GL_INTEGER_WIDTH (SIG_ATOMIC_MIN, SIG_ATOMIC_MAX)
+# endif
+#endif /* !WINT_WIDTH && (_GNU_SOURCE || __STDC_WANT_IEC_60559_BFP_EXT__) */
+
+#endif /* _@GUARD_PREFIX@_STDINT_H */
+#endif /* !(defined __ANDROID__ && ...) */
+#endif /* !defined _@GUARD_PREFIX@_STDINT_H && !defined _GL_JUST_INCLUDE_SYSTEM_STDINT_H */
diff --git a/lib/unistring/sys_types.in.h b/lib/unistring/sys_types.in.h
new file mode 100644
index 0000000..f397d62
--- /dev/null
+++ b/lib/unistring/sys_types.in.h
@@ -0,0 +1,115 @@
+/* Provide a more complete sys/types.h.
+
+   Copyright (C) 2011-2021 Free Software Foundation, Inc.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, see <https://www.gnu.org/licenses/>.  */
+
+#if __GNUC__ >= 3
+@PRAGMA_SYSTEM_HEADER@
+#endif
+@PRAGMA_COLUMNS@
+
+#if defined _WIN32 && !defined __CYGWIN__ \
+    && (defined __need_off_t || defined __need___off64_t \
+        || defined __need_ssize_t || defined __need_time_t)
+
+/* Special invocation convention inside mingw header files.  */
+
+#@INCLUDE_NEXT@ @NEXT_SYS_TYPES_H@
+
+#else
+/* Normal invocation convention.  */
+
+#ifndef _@GUARD_PREFIX@_SYS_TYPES_H
+
+/* The include_next requires a split double-inclusion guard.  */
+# define _GL_INCLUDING_SYS_TYPES_H
+#@INCLUDE_NEXT@ @NEXT_SYS_TYPES_H@
+# undef _GL_INCLUDING_SYS_TYPES_H
+
+#ifndef _@GUARD_PREFIX@_SYS_TYPES_H
+#define _@GUARD_PREFIX@_SYS_TYPES_H
+
+/* Override off_t if Large File Support is requested on native Windows.  */
+#if @WINDOWS_64_BIT_OFF_T@
+/* Same as int64_t in <stdint.h>.  */
+# if defined _MSC_VER
+#  define off_t __int64
+# else
+#  define off_t long long int
+# endif
+/* Indicator, for gnulib internal purposes.  */
+# define _GL_WINDOWS_64_BIT_OFF_T 1
+#endif
+
+/* Override dev_t and ino_t if distinguishable inodes support is requested
+   on native Windows.  */
+#if @WINDOWS_STAT_INODES@
+
+# if @WINDOWS_STAT_INODES@ == 2
+/* Experimental, not useful in Windows 10.  */
+
+/* Define dev_t to a 64-bit type.  */
+#  if !defined GNULIB_defined_dev_t
+typedef unsigned long long int rpl_dev_t;
+#   undef dev_t
+#   define dev_t rpl_dev_t
+#   define GNULIB_defined_dev_t 1
+#  endif
+
+/* Define ino_t to a 128-bit type.  */
+#  if !defined GNULIB_defined_ino_t
+/* MSVC does not have a 128-bit integer type.
+   GCC has a 128-bit integer type __int128, but only on 64-bit targets.  */
+typedef struct { unsigned long long int _gl_ino[2]; } rpl_ino_t;
+#   undef ino_t
+#   define ino_t rpl_ino_t
+#   define GNULIB_defined_ino_t 1
+#  endif
+
+# else /* @WINDOWS_STAT_INODES@ == 1 */
+
+/* Define ino_t to a 64-bit type.  */
+#  if !defined GNULIB_defined_ino_t
+typedef unsigned long long int rpl_ino_t;
+#   undef ino_t
+#   define ino_t rpl_ino_t
+#   define GNULIB_defined_ino_t 1
+#  endif
+
+# endif
+
+/* Indicator, for gnulib internal purposes.  */
+# define _GL_WINDOWS_STAT_INODES @WINDOWS_STAT_INODES@
+
+#endif
+
+/* MSVC 9 defines size_t in <stddef.h>, not in <sys/types.h>.  */
+/* But avoid namespace pollution on glibc systems.  */
+#if (defined _WIN32 && ! defined __CYGWIN__) && ! defined __GLIBC__
+# include <stddef.h>
+#endif
+
+#endif /* _@GUARD_PREFIX@_SYS_TYPES_H */
+#endif /* _@GUARD_PREFIX@_SYS_TYPES_H */
+#endif /* __need_XXX */
diff --git a/lib/unistring/unictype.in.h b/lib/unistring/unictype.in.h
new file mode 100644
index 0000000..b520188
--- /dev/null
+++ b/lib/unistring/unictype.in.h
@@ -0,0 +1,1062 @@
+/* Unicode character classification and properties.
+   Copyright (C) 2002, 2005-2021 Free Software Foundation, Inc.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#ifndef _UNICTYPE_H
+#define _UNICTYPE_H
+
+#include "unitypes.h"
+
+/* Get bool.  */
+#include <stdbool.h>
+
+/* Get size_t.  */
+#include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* ========================================================================= */
+
+/* Field 1 of Unicode Character Database: Character name.
+   See "uniname.h".  */
+
+/* ========================================================================= */
+
+/* Field 2 of Unicode Character Database: General category.  */
+
+/* Data type denoting a General category value.  This is not just a bitmask,
+   but rather a bitmask and a pointer to the lookup table, so that programs
+   that use only the predefined bitmasks (i.e. don't combine bitmasks with &
+   and |) don't have a link-time dependency towards the big general table.  */
+typedef struct
+{
+  uint32_t bitmask : 31;
+  /*bool*/ unsigned int generic : 1;
+  union
+  {
+    const void *table;                               /* when generic is 0 */
+    bool (*lookup_fn) (ucs4_t uc, uint32_t bitmask); /* when generic is 1 */
+  } lookup;
+}
+uc_general_category_t;
+
+/* Bits and bit masks denoting General category values.  UnicodeData-3.2.0.html
+   says a 32-bit integer will always suffice to represent them.
+   These bit masks can only be used with the uc_is_general_category_withtable
+   function.  */
+enum
+{
+  UC_CATEGORY_MASK_L  = 0x0000001f,
+  UC_CATEGORY_MASK_LC = 0x00000007,
+  UC_CATEGORY_MASK_Lu = 0x00000001,
+  UC_CATEGORY_MASK_Ll = 0x00000002,
+  UC_CATEGORY_MASK_Lt = 0x00000004,
+  UC_CATEGORY_MASK_Lm = 0x00000008,
+  UC_CATEGORY_MASK_Lo = 0x00000010,
+  UC_CATEGORY_MASK_M  = 0x000000e0,
+  UC_CATEGORY_MASK_Mn = 0x00000020,
+  UC_CATEGORY_MASK_Mc = 0x00000040,
+  UC_CATEGORY_MASK_Me = 0x00000080,
+  UC_CATEGORY_MASK_N  = 0x00000700,
+  UC_CATEGORY_MASK_Nd = 0x00000100,
+  UC_CATEGORY_MASK_Nl = 0x00000200,
+  UC_CATEGORY_MASK_No = 0x00000400,
+  UC_CATEGORY_MASK_P  = 0x0003f800,
+  UC_CATEGORY_MASK_Pc = 0x00000800,
+  UC_CATEGORY_MASK_Pd = 0x00001000,
+  UC_CATEGORY_MASK_Ps = 0x00002000,
+  UC_CATEGORY_MASK_Pe = 0x00004000,
+  UC_CATEGORY_MASK_Pi = 0x00008000,
+  UC_CATEGORY_MASK_Pf = 0x00010000,
+  UC_CATEGORY_MASK_Po = 0x00020000,
+  UC_CATEGORY_MASK_S  = 0x003c0000,
+  UC_CATEGORY_MASK_Sm = 0x00040000,
+  UC_CATEGORY_MASK_Sc = 0x00080000,
+  UC_CATEGORY_MASK_Sk = 0x00100000,
+  UC_CATEGORY_MASK_So = 0x00200000,
+  UC_CATEGORY_MASK_Z  = 0x01c00000,
+  UC_CATEGORY_MASK_Zs = 0x00400000,
+  UC_CATEGORY_MASK_Zl = 0x00800000,
+  UC_CATEGORY_MASK_Zp = 0x01000000,
+  UC_CATEGORY_MASK_C  = 0x3e000000,
+  UC_CATEGORY_MASK_Cc = 0x02000000,
+  UC_CATEGORY_MASK_Cf = 0x04000000,
+  UC_CATEGORY_MASK_Cs = 0x08000000,
+  UC_CATEGORY_MASK_Co = 0x10000000,
+  UC_CATEGORY_MASK_Cn = 0x20000000
+};
+
+/* Predefined General category values.  */
+extern const uc_general_category_t UC_CATEGORY_L;
+extern const uc_general_category_t UC_CATEGORY_LC;
+extern const uc_general_category_t UC_CATEGORY_Lu;
+extern const uc_general_category_t UC_CATEGORY_Ll;
+extern const uc_general_category_t UC_CATEGORY_Lt;
+extern const uc_general_category_t UC_CATEGORY_Lm;
+extern const uc_general_category_t UC_CATEGORY_Lo;
+extern const uc_general_category_t UC_CATEGORY_M;
+extern const uc_general_category_t UC_CATEGORY_Mn;
+extern const uc_general_category_t UC_CATEGORY_Mc;
+extern const uc_general_category_t UC_CATEGORY_Me;
+extern const uc_general_category_t UC_CATEGORY_N;
+extern const uc_general_category_t UC_CATEGORY_Nd;
+extern const uc_general_category_t UC_CATEGORY_Nl;
+extern const uc_general_category_t UC_CATEGORY_No;
+extern const uc_general_category_t UC_CATEGORY_P;
+extern const uc_general_category_t UC_CATEGORY_Pc;
+extern const uc_general_category_t UC_CATEGORY_Pd;
+extern const uc_general_category_t UC_CATEGORY_Ps;
+extern const uc_general_category_t UC_CATEGORY_Pe;
+extern const uc_general_category_t UC_CATEGORY_Pi;
+extern const uc_general_category_t UC_CATEGORY_Pf;
+extern const uc_general_category_t UC_CATEGORY_Po;
+extern const uc_general_category_t UC_CATEGORY_S;
+extern const uc_general_category_t UC_CATEGORY_Sm;
+extern const uc_general_category_t UC_CATEGORY_Sc;
+extern const uc_general_category_t UC_CATEGORY_Sk;
+extern const uc_general_category_t UC_CATEGORY_So;
+extern const uc_general_category_t UC_CATEGORY_Z;
+extern const uc_general_category_t UC_CATEGORY_Zs;
+extern const uc_general_category_t UC_CATEGORY_Zl;
+extern const uc_general_category_t UC_CATEGORY_Zp;
+extern const uc_general_category_t UC_CATEGORY_C;
+extern const uc_general_category_t UC_CATEGORY_Cc;
+extern const uc_general_category_t UC_CATEGORY_Cf;
+extern const uc_general_category_t UC_CATEGORY_Cs;
+extern const uc_general_category_t UC_CATEGORY_Co;
+extern const uc_general_category_t UC_CATEGORY_Cn;
+/* Non-public.  */
+extern const uc_general_category_t _UC_CATEGORY_NONE;
+
+/* Alias names for predefined General category values.  */
+#define UC_LETTER                    UC_CATEGORY_L
+#define UC_CASED_LETTER              UC_CATEGORY_LC
+#define UC_UPPERCASE_LETTER          UC_CATEGORY_Lu
+#define UC_LOWERCASE_LETTER          UC_CATEGORY_Ll
+#define UC_TITLECASE_LETTER          UC_CATEGORY_Lt
+#define UC_MODIFIER_LETTER           UC_CATEGORY_Lm
+#define UC_OTHER_LETTER              UC_CATEGORY_Lo
+#define UC_MARK                      UC_CATEGORY_M
+#define UC_NON_SPACING_MARK          UC_CATEGORY_Mn
+#define UC_COMBINING_SPACING_MARK    UC_CATEGORY_Mc
+#define UC_ENCLOSING_MARK            UC_CATEGORY_Me
+#define UC_NUMBER                    UC_CATEGORY_N
+#define UC_DECIMAL_DIGIT_NUMBER      UC_CATEGORY_Nd
+#define UC_LETTER_NUMBER             UC_CATEGORY_Nl
+#define UC_OTHER_NUMBER              UC_CATEGORY_No
+#define UC_PUNCTUATION               UC_CATEGORY_P
+#define UC_CONNECTOR_PUNCTUATION     UC_CATEGORY_Pc
+#define UC_DASH_PUNCTUATION          UC_CATEGORY_Pd
+#define UC_OPEN_PUNCTUATION          UC_CATEGORY_Ps /* a.k.a. UC_START_PUNCTUATION */
+#define UC_CLOSE_PUNCTUATION         UC_CATEGORY_Pe /* a.k.a. UC_END_PUNCTUATION */
+#define UC_INITIAL_QUOTE_PUNCTUATION UC_CATEGORY_Pi
+#define UC_FINAL_QUOTE_PUNCTUATION   UC_CATEGORY_Pf
+#define UC_OTHER_PUNCTUATION         UC_CATEGORY_Po
+#define UC_SYMBOL                    UC_CATEGORY_S
+#define UC_MATH_SYMBOL               UC_CATEGORY_Sm
+#define UC_CURRENCY_SYMBOL           UC_CATEGORY_Sc
+#define UC_MODIFIER_SYMBOL           UC_CATEGORY_Sk
+#define UC_OTHER_SYMBOL              UC_CATEGORY_So
+#define UC_SEPARATOR                 UC_CATEGORY_Z
+#define UC_SPACE_SEPARATOR           UC_CATEGORY_Zs
+#define UC_LINE_SEPARATOR            UC_CATEGORY_Zl
+#define UC_PARAGRAPH_SEPARATOR       UC_CATEGORY_Zp
+#define UC_OTHER                     UC_CATEGORY_C
+#define UC_CONTROL                   UC_CATEGORY_Cc
+#define UC_FORMAT                    UC_CATEGORY_Cf
+#define UC_SURROGATE                 UC_CATEGORY_Cs /* all of them are invalid characters */
+#define UC_PRIVATE_USE               UC_CATEGORY_Co
+#define UC_UNASSIGNED                UC_CATEGORY_Cn /* some of them are invalid characters */
+
+/* Return the union of two general categories.
+   This corresponds to the unions of the two sets of characters.  */
+extern uc_general_category_t
+       uc_general_category_or (uc_general_category_t category1,
+                               uc_general_category_t category2);
+
+/* Return the intersection of two general categories as bit masks.
+   This *does*not* correspond to the intersection of the two sets of
+   characters.  */
+extern uc_general_category_t
+       uc_general_category_and (uc_general_category_t category1,
+                                uc_general_category_t category2);
+
+/* Return the intersection of a general category with the complement of a
+   second general category, as bit masks.
+   This *does*not* correspond to the intersection with complement, when
+   viewing the categories as sets of characters.  */
+extern uc_general_category_t
+       uc_general_category_and_not (uc_general_category_t category1,
+                                    uc_general_category_t category2);
+
+/* Return the name of a general category.  */
+extern const char *
+       uc_general_category_name (uc_general_category_t category)
+       _UC_ATTRIBUTE_PURE;
+
+/* Return the long name of a general category.  */
+extern const char *
+       uc_general_category_long_name (uc_general_category_t category)
+       _UC_ATTRIBUTE_PURE;
+
+/* Return the general category given by name, e.g. "Lu", or by long name,
+   e.g. "Uppercase Letter".  */
+extern uc_general_category_t
+       uc_general_category_byname (const char *category_name)
+       _UC_ATTRIBUTE_PURE;
+
+/* Return the general category of a Unicode character.  */
+extern uc_general_category_t
+       uc_general_category (ucs4_t uc)
+       _UC_ATTRIBUTE_PURE;
+
+/* Test whether a Unicode character belongs to a given category.
+   The CATEGORY argument can be the combination of several predefined
+   general categories.  */
+extern bool
+       uc_is_general_category (ucs4_t uc, uc_general_category_t category)
+       _UC_ATTRIBUTE_PURE;
+/* Likewise.  This function uses a big table comprising all categories.  */
+extern bool
+       uc_is_general_category_withtable (ucs4_t uc, uint32_t bitmask)
+       _UC_ATTRIBUTE_CONST;
+
+/* ========================================================================= */
+
+/* Field 3 of Unicode Character Database: Canonical combining class.  */
+
+/* The possible results of uc_combining_class (0..255) are described in
+   UCD.html.  The list here is not definitive; more values can be added
+   in future versions.  */
+enum
+{
+  UC_CCC_NR   =   0, /* Not Reordered */
+  UC_CCC_OV   =   1, /* Overlay */
+  UC_CCC_NK   =   7, /* Nukta */
+  UC_CCC_KV   =   8, /* Kana Voicing */
+  UC_CCC_VR   =   9, /* Virama */
+  UC_CCC_ATBL = 200, /* Attached Below Left */
+  UC_CCC_ATB  = 202, /* Attached Below */
+  UC_CCC_ATA  = 214, /* Attached Above */
+  UC_CCC_ATAR = 216, /* Attached Above Right */
+  UC_CCC_BL   = 218, /* Below Left */
+  UC_CCC_B    = 220, /* Below */
+  UC_CCC_BR   = 222, /* Below Right */
+  UC_CCC_L    = 224, /* Left */
+  UC_CCC_R    = 226, /* Right */
+  UC_CCC_AL   = 228, /* Above Left */
+  UC_CCC_A    = 230, /* Above */
+  UC_CCC_AR   = 232, /* Above Right */
+  UC_CCC_DB   = 233, /* Double Below */
+  UC_CCC_DA   = 234, /* Double Above */
+  UC_CCC_IS   = 240  /* Iota Subscript */
+};
+
+/* Return the canonical combining class of a Unicode character.  */
+extern int
+       uc_combining_class (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Return the name of a canonical combining class.  */
+extern const char *
+       uc_combining_class_name (int ccc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Return the long name of a canonical combining class.  */
+extern const char *
+       uc_combining_class_long_name (int ccc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Return the canonical combining class given by name, e.g. "BL", or by long
+   name, e.g. "Below Left".  */
+extern int
+       uc_combining_class_byname (const char *ccc_name)
+       _UC_ATTRIBUTE_PURE;
+
+/* ========================================================================= */
+
+/* Field 4 of Unicode Character Database: Bidi class.
+   Before Unicode 4.0, this field was called "Bidirectional category".  */
+
+enum
+{
+  UC_BIDI_L,   /* Left-to-Right */
+  UC_BIDI_LRE, /* Left-to-Right Embedding */
+  UC_BIDI_LRO, /* Left-to-Right Override */
+  UC_BIDI_R,   /* Right-to-Left */
+  UC_BIDI_AL,  /* Right-to-Left Arabic */
+  UC_BIDI_RLE, /* Right-to-Left Embedding */
+  UC_BIDI_RLO, /* Right-to-Left Override */
+  UC_BIDI_PDF, /* Pop Directional Format */
+  UC_BIDI_EN,  /* European Number */
+  UC_BIDI_ES,  /* European Number Separator */
+  UC_BIDI_ET,  /* European Number Terminator */
+  UC_BIDI_AN,  /* Arabic Number */
+  UC_BIDI_CS,  /* Common Number Separator */
+  UC_BIDI_NSM, /* Non-Spacing Mark */
+  UC_BIDI_BN,  /* Boundary Neutral */
+  UC_BIDI_B,   /* Paragraph Separator */
+  UC_BIDI_S,   /* Segment Separator */
+  UC_BIDI_WS,  /* Whitespace */
+  UC_BIDI_ON,  /* Other Neutral */
+  UC_BIDI_LRI, /* Left-to-Right Isolate */
+  UC_BIDI_RLI, /* Right-to-Left Isolate */
+  UC_BIDI_FSI, /* First Strong Isolate */
+  UC_BIDI_PDI  /* Pop Directional Isolate */
+};
+
+/* Return the name of a bidi class.  */
+extern const char *
+       uc_bidi_class_name (int bidi_class)
+       _UC_ATTRIBUTE_CONST;
+/* Same; obsolete function name.  */
+extern const char *
+       uc_bidi_category_name (int category)
+       _UC_ATTRIBUTE_CONST;
+
+/* Return the long name of a bidi class.  */
+extern const char *
+       uc_bidi_class_long_name (int bidi_class)
+       _UC_ATTRIBUTE_CONST;
+
+/* Return the bidi class given by name, e.g. "LRE", or by long name, e.g.
+   "Left-to-Right Embedding".  */
+extern int
+       uc_bidi_class_byname (const char *bidi_class_name)
+       _UC_ATTRIBUTE_PURE;
+/* Same; obsolete function name.  */
+extern int
+       uc_bidi_category_byname (const char *category_name)
+       _UC_ATTRIBUTE_PURE;
+
+/* Return the bidi class of a Unicode character.  */
+extern int
+       uc_bidi_class (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+/* Same; obsolete function name.  */
+extern int
+       uc_bidi_category (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Test whether a Unicode character belongs to a given bidi class.  */
+extern bool
+       uc_is_bidi_class (ucs4_t uc, int bidi_class)
+       _UC_ATTRIBUTE_CONST;
+/* Same; obsolete function name.  */
+extern bool
+       uc_is_bidi_category (ucs4_t uc, int category)
+       _UC_ATTRIBUTE_CONST;
+
+/* ========================================================================= */
+
+/* Field 5 of Unicode Character Database: Character decomposition mapping.
+   See "uninorm.h".  */
+
+/* ========================================================================= */
+
+/* Field 6 of Unicode Character Database: Decimal digit value.  */
+
+/* Return the decimal digit value of a Unicode character.  */
+extern int
+       uc_decimal_value (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* ========================================================================= */
+
+/* Field 7 of Unicode Character Database: Digit value.  */
+
+/* Return the digit value of a Unicode character.  */
+extern int
+       uc_digit_value (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* ========================================================================= */
+
+/* Field 8 of Unicode Character Database: Numeric value.  */
+
+/* Return the numeric value of a Unicode character.  */
+typedef struct
+{
+  int numerator;
+  int denominator;
+}
+uc_fraction_t;
+extern uc_fraction_t
+       uc_numeric_value (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* ========================================================================= */
+
+/* Field 9 of Unicode Character Database: Mirrored.  */
+
+/* Return the mirrored character of a Unicode character UC in *PUC.  */
+extern bool
+       uc_mirror_char (ucs4_t uc, ucs4_t *puc);
+
+/* ========================================================================= */
+
+/* Field 10 of Unicode Character Database: Unicode 1.0 Name.
+   Not available in this library.  */
+
+/* ========================================================================= */
+
+/* Field 11 of Unicode Character Database: ISO 10646 comment.
+   Not available in this library.  */
+
+/* ========================================================================= */
+
+/* Field 12, 13, 14 of Unicode Character Database: Uppercase mapping,
+   lowercase mapping, titlecase mapping.  See "unicase.h".  */
+
+/* ========================================================================= */
+
+/* Field 2 of the file ArabicShaping.txt in the Unicode Character Database.  */
+
+/* Possible joining types.  */
+enum
+{
+  UC_JOINING_TYPE_U, /* Non_Joining */
+  UC_JOINING_TYPE_T, /* Transparent */
+  UC_JOINING_TYPE_C, /* Join_Causing */
+  UC_JOINING_TYPE_L, /* Left_Joining */
+  UC_JOINING_TYPE_R, /* Right_Joining */
+  UC_JOINING_TYPE_D  /* Dual_Joining */
+};
+
+/* Return the name of a joining type.  */
+extern const char *
+       uc_joining_type_name (int joining_type)
+       _UC_ATTRIBUTE_CONST;
+
+/* Return the long name of a joining type.  */
+extern const char *
+       uc_joining_type_long_name (int joining_type)
+       _UC_ATTRIBUTE_CONST;
+
+/* Return the joining type given by name, e.g. "D", or by long name, e.g.
+   "Dual Joining".  */
+extern int
+       uc_joining_type_byname (const char *joining_type_name)
+       _UC_ATTRIBUTE_PURE;
+
+/* Return the joining type of a Unicode character.  */
+extern int
+       uc_joining_type (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* ========================================================================= */
+
+/* Field 3 of the file ArabicShaping.txt in the Unicode Character Database.  */
+
+/* Possible joining groups.
+   This enumeration may be extended in the future.  */
+enum
+{
+  UC_JOINING_GROUP_NONE,                  /* No_Joining_Group */
+  UC_JOINING_GROUP_AIN,                   /* Ain */
+  UC_JOINING_GROUP_ALAPH,                 /* Alaph */
+  UC_JOINING_GROUP_ALEF,                  /* Alef */
+  UC_JOINING_GROUP_BEH,                   /* Beh */
+  UC_JOINING_GROUP_BETH,                  /* Beth */
+  UC_JOINING_GROUP_BURUSHASKI_YEH_BARREE, /* Burushaski_Yeh_Barree */
+  UC_JOINING_GROUP_DAL,                   /* Dal */
+  UC_JOINING_GROUP_DALATH_RISH,           /* Dalath_Rish */
+  UC_JOINING_GROUP_E,                     /* E */
+  UC_JOINING_GROUP_FARSI_YEH,             /* Farsi_Yeh */
+  UC_JOINING_GROUP_FE,                    /* Fe */
+  UC_JOINING_GROUP_FEH,                   /* Feh */
+  UC_JOINING_GROUP_FINAL_SEMKATH,         /* Final_Semkath */
+  UC_JOINING_GROUP_GAF,                   /* Gaf */
+  UC_JOINING_GROUP_GAMAL,                 /* Gamal */
+  UC_JOINING_GROUP_HAH,                   /* Hah */
+  UC_JOINING_GROUP_HE,                    /* He */
+  UC_JOINING_GROUP_HEH,                   /* Heh */
+  UC_JOINING_GROUP_HEH_GOAL,              /* Heh_Goal */
+  UC_JOINING_GROUP_HETH,                  /* Heth */
+  UC_JOINING_GROUP_KAF,                   /* Kaf */
+  UC_JOINING_GROUP_KAPH,                  /* Kaph */
+  UC_JOINING_GROUP_KHAPH,                 /* Khaph */
+  UC_JOINING_GROUP_KNOTTED_HEH,           /* Knotted_Heh */
+  UC_JOINING_GROUP_LAM,                   /* Lam */
+  UC_JOINING_GROUP_LAMADH,                /* Lamadh */
+  UC_JOINING_GROUP_MEEM,                  /* Meem */
+  UC_JOINING_GROUP_MIM,                   /* Mim */
+  UC_JOINING_GROUP_NOON,                  /* Noon */
+  UC_JOINING_GROUP_NUN,                   /* Nun */
+  UC_JOINING_GROUP_NYA,                   /* Nya */
+  UC_JOINING_GROUP_PE,                    /* Pe */
+  UC_JOINING_GROUP_QAF,                   /* Qaf */
+  UC_JOINING_GROUP_QAPH,                  /* Qaph */
+  UC_JOINING_GROUP_REH,                   /* Reh */
+  UC_JOINING_GROUP_REVERSED_PE,           /* Reversed_Pe */
+  UC_JOINING_GROUP_SAD,                   /* Sad */
+  UC_JOINING_GROUP_SADHE,                 /* Sadhe */
+  UC_JOINING_GROUP_SEEN,                  /* Seen */
+  UC_JOINING_GROUP_SEMKATH,               /* Semkath */
+  UC_JOINING_GROUP_SHIN,                  /* Shin */
+  UC_JOINING_GROUP_SWASH_KAF,             /* Swash_Kaf */
+  UC_JOINING_GROUP_SYRIAC_WAW,            /* Syriac_Waw */
+  UC_JOINING_GROUP_TAH,                   /* Tah */
+  UC_JOINING_GROUP_TAW,                   /* Taw */
+  UC_JOINING_GROUP_TEH_MARBUTA,           /* Teh_Marbuta */
+  UC_JOINING_GROUP_TEH_MARBUTA_GOAL,      /* Teh_Marbuta_Goal */
+  UC_JOINING_GROUP_TETH,                  /* Teth */
+  UC_JOINING_GROUP_WAW,                   /* Waw */
+  UC_JOINING_GROUP_YEH,                   /* Yeh */
+  UC_JOINING_GROUP_YEH_BARREE,            /* Yeh_Barree */
+  UC_JOINING_GROUP_YEH_WITH_TAIL,         /* Yeh_With_Tail */
+  UC_JOINING_GROUP_YUDH,                  /* Yudh */
+  UC_JOINING_GROUP_YUDH_HE,               /* Yudh_He */
+  UC_JOINING_GROUP_ZAIN,                  /* Zain */
+  UC_JOINING_GROUP_ZHAIN,                 /* Zhain */
+  UC_JOINING_GROUP_ROHINGYA_YEH,          /* Rohingya_Yeh */
+  UC_JOINING_GROUP_STRAIGHT_WAW,          /* Straight_Waw */
+  UC_JOINING_GROUP_MANICHAEAN_ALEPH,      /* Manichaean_Aleph */
+  UC_JOINING_GROUP_MANICHAEAN_BETH,       /* Manichaean_Beth */
+  UC_JOINING_GROUP_MANICHAEAN_GIMEL,      /* Manichaean_Gimel */
+  UC_JOINING_GROUP_MANICHAEAN_DALETH,     /* Manichaean_Daleth */
+  UC_JOINING_GROUP_MANICHAEAN_WAW,        /* Manichaean_Waw */
+  UC_JOINING_GROUP_MANICHAEAN_ZAYIN,      /* Manichaean_Zayin */
+  UC_JOINING_GROUP_MANICHAEAN_HETH,       /* Manichaean_Heth */
+  UC_JOINING_GROUP_MANICHAEAN_TETH,       /* Manichaean_Teth */
+  UC_JOINING_GROUP_MANICHAEAN_YODH,       /* Manichaean_Yodh */
+  UC_JOINING_GROUP_MANICHAEAN_KAPH,       /* Manichaean_Kaph */
+  UC_JOINING_GROUP_MANICHAEAN_LAMEDH,     /* Manichaean_Lamedh */
+  UC_JOINING_GROUP_MANICHAEAN_DHAMEDH,    /* Manichaean_Dhamedh */
+  UC_JOINING_GROUP_MANICHAEAN_THAMEDH,    /* Manichaean_Thamedh */
+  UC_JOINING_GROUP_MANICHAEAN_MEM,        /* Manichaean_Mem */
+  UC_JOINING_GROUP_MANICHAEAN_NUN,        /* Manichaean_Nun */
+  UC_JOINING_GROUP_MANICHAEAN_SAMEKH,     /* Manichaean_Aleph */
+  UC_JOINING_GROUP_MANICHAEAN_AYIN,       /* Manichaean_Ayin */
+  UC_JOINING_GROUP_MANICHAEAN_PE,         /* Manichaean_Pe */
+  UC_JOINING_GROUP_MANICHAEAN_SADHE,      /* Manichaean_Sadhe */
+  UC_JOINING_GROUP_MANICHAEAN_QOPH,       /* Manichaean_Qoph */
+  UC_JOINING_GROUP_MANICHAEAN_RESH,       /* Manichaean_Resh */
+  UC_JOINING_GROUP_MANICHAEAN_TAW,        /* Manichaean_Taw */
+  UC_JOINING_GROUP_MANICHAEAN_ONE,        /* Manichaean_One */
+  UC_JOINING_GROUP_MANICHAEAN_FIVE,       /* Manichaean_Five */
+  UC_JOINING_GROUP_MANICHAEAN_TEN,        /* Manichaean_Ten */
+  UC_JOINING_GROUP_MANICHAEAN_TWENTY,     /* Manichaean_Twenty */
+  UC_JOINING_GROUP_MANICHAEAN_HUNDRED,    /* Manichaean_Hundred */
+  UC_JOINING_GROUP_AFRICAN_FEH,           /* African_Feh */
+  UC_JOINING_GROUP_AFRICAN_QAF,           /* African_Qaf */
+  UC_JOINING_GROUP_AFRICAN_NOON           /* African_Noon */
+};
+
+/* Return the name of a joining group.  */
+extern const char *
+       uc_joining_group_name (int joining_group)
+       _UC_ATTRIBUTE_CONST;
+
+/* Return the joining group given by name, e.g. "Teh_Marbuta".  */
+extern int
+       uc_joining_group_byname (const char *joining_group_name)
+       _UC_ATTRIBUTE_PURE;
+
+/* Return the joining group of a Unicode character.  */
+extern int
+       uc_joining_group (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* ========================================================================= */
+
+/* Common API for properties.  */
+
+/* Data type denoting a property.  This is not just a number, but rather a
+   pointer to the test functions, so that programs that use only few of the
+   properties don't have a link-time dependency towards all the tables.  */
+typedef struct
+{
+  bool (*test_fn) (ucs4_t uc);
+}
+uc_property_t;
+
+/* Predefined properties.  */
+/* General.  */
+extern const uc_property_t UC_PROPERTY_WHITE_SPACE;
+extern const uc_property_t UC_PROPERTY_ALPHABETIC;
+extern const uc_property_t UC_PROPERTY_OTHER_ALPHABETIC;
+extern const uc_property_t UC_PROPERTY_NOT_A_CHARACTER;
+extern const uc_property_t UC_PROPERTY_DEFAULT_IGNORABLE_CODE_POINT;
+extern const uc_property_t UC_PROPERTY_OTHER_DEFAULT_IGNORABLE_CODE_POINT;
+extern const uc_property_t UC_PROPERTY_DEPRECATED;
+extern const uc_property_t UC_PROPERTY_LOGICAL_ORDER_EXCEPTION;
+extern const uc_property_t UC_PROPERTY_VARIATION_SELECTOR;
+extern const uc_property_t UC_PROPERTY_PRIVATE_USE;
+extern const uc_property_t UC_PROPERTY_UNASSIGNED_CODE_VALUE;
+/* Case.  */
+extern const uc_property_t UC_PROPERTY_UPPERCASE;
+extern const uc_property_t UC_PROPERTY_OTHER_UPPERCASE;
+extern const uc_property_t UC_PROPERTY_LOWERCASE;
+extern const uc_property_t UC_PROPERTY_OTHER_LOWERCASE;
+extern const uc_property_t UC_PROPERTY_TITLECASE;
+extern const uc_property_t UC_PROPERTY_CASED;
+extern const uc_property_t UC_PROPERTY_CASE_IGNORABLE;
+extern const uc_property_t UC_PROPERTY_CHANGES_WHEN_LOWERCASED;
+extern const uc_property_t UC_PROPERTY_CHANGES_WHEN_UPPERCASED;
+extern const uc_property_t UC_PROPERTY_CHANGES_WHEN_TITLECASED;
+extern const uc_property_t UC_PROPERTY_CHANGES_WHEN_CASEFOLDED;
+extern const uc_property_t UC_PROPERTY_CHANGES_WHEN_CASEMAPPED;
+extern const uc_property_t UC_PROPERTY_SOFT_DOTTED;
+/* Identifiers.  */
+extern const uc_property_t UC_PROPERTY_ID_START;
+extern const uc_property_t UC_PROPERTY_OTHER_ID_START;
+extern const uc_property_t UC_PROPERTY_ID_CONTINUE;
+extern const uc_property_t UC_PROPERTY_OTHER_ID_CONTINUE;
+extern const uc_property_t UC_PROPERTY_XID_START;
+extern const uc_property_t UC_PROPERTY_XID_CONTINUE;
+extern const uc_property_t UC_PROPERTY_PATTERN_WHITE_SPACE;
+extern const uc_property_t UC_PROPERTY_PATTERN_SYNTAX;
+/* Shaping and rendering.  */
+extern const uc_property_t UC_PROPERTY_JOIN_CONTROL;
+extern const uc_property_t UC_PROPERTY_GRAPHEME_BASE;
+extern const uc_property_t UC_PROPERTY_GRAPHEME_EXTEND;
+extern const uc_property_t UC_PROPERTY_OTHER_GRAPHEME_EXTEND;
+extern const uc_property_t UC_PROPERTY_GRAPHEME_LINK;
+/* Bidi.  */
+extern const uc_property_t UC_PROPERTY_BIDI_CONTROL;
+extern const uc_property_t UC_PROPERTY_BIDI_LEFT_TO_RIGHT;
+extern const uc_property_t UC_PROPERTY_BIDI_HEBREW_RIGHT_TO_LEFT;
+extern const uc_property_t UC_PROPERTY_BIDI_ARABIC_RIGHT_TO_LEFT;
+extern const uc_property_t UC_PROPERTY_BIDI_EUROPEAN_DIGIT;
+extern const uc_property_t UC_PROPERTY_BIDI_EUR_NUM_SEPARATOR;
+extern const uc_property_t UC_PROPERTY_BIDI_EUR_NUM_TERMINATOR;
+extern const uc_property_t UC_PROPERTY_BIDI_ARABIC_DIGIT;
+extern const uc_property_t UC_PROPERTY_BIDI_COMMON_SEPARATOR;
+extern const uc_property_t UC_PROPERTY_BIDI_BLOCK_SEPARATOR;
+extern const uc_property_t UC_PROPERTY_BIDI_SEGMENT_SEPARATOR;
+extern const uc_property_t UC_PROPERTY_BIDI_WHITESPACE;
+extern const uc_property_t UC_PROPERTY_BIDI_NON_SPACING_MARK;
+extern const uc_property_t UC_PROPERTY_BIDI_BOUNDARY_NEUTRAL;
+extern const uc_property_t UC_PROPERTY_BIDI_PDF;
+extern const uc_property_t UC_PROPERTY_BIDI_EMBEDDING_OR_OVERRIDE;
+extern const uc_property_t UC_PROPERTY_BIDI_OTHER_NEUTRAL;
+/* Numeric.  */
+extern const uc_property_t UC_PROPERTY_HEX_DIGIT;
+extern const uc_property_t UC_PROPERTY_ASCII_HEX_DIGIT;
+/* CJK.  */
+extern const uc_property_t UC_PROPERTY_IDEOGRAPHIC;
+extern const uc_property_t UC_PROPERTY_UNIFIED_IDEOGRAPH;
+extern const uc_property_t UC_PROPERTY_RADICAL;
+extern const uc_property_t UC_PROPERTY_IDS_BINARY_OPERATOR;
+extern const uc_property_t UC_PROPERTY_IDS_TRINARY_OPERATOR;
+/* Misc.  */
+extern const uc_property_t UC_PROPERTY_ZERO_WIDTH;
+extern const uc_property_t UC_PROPERTY_SPACE;
+extern const uc_property_t UC_PROPERTY_NON_BREAK;
+extern const uc_property_t UC_PROPERTY_ISO_CONTROL;
+extern const uc_property_t UC_PROPERTY_FORMAT_CONTROL;
+extern const uc_property_t UC_PROPERTY_DASH;
+extern const uc_property_t UC_PROPERTY_HYPHEN;
+extern const uc_property_t UC_PROPERTY_PUNCTUATION;
+extern const uc_property_t UC_PROPERTY_LINE_SEPARATOR;
+extern const uc_property_t UC_PROPERTY_PARAGRAPH_SEPARATOR;
+extern const uc_property_t UC_PROPERTY_QUOTATION_MARK;
+extern const uc_property_t UC_PROPERTY_SENTENCE_TERMINAL;
+extern const uc_property_t UC_PROPERTY_TERMINAL_PUNCTUATION;
+extern const uc_property_t UC_PROPERTY_CURRENCY_SYMBOL;
+extern const uc_property_t UC_PROPERTY_MATH;
+extern const uc_property_t UC_PROPERTY_OTHER_MATH;
+extern const uc_property_t UC_PROPERTY_PAIRED_PUNCTUATION;
+extern const uc_property_t UC_PROPERTY_LEFT_OF_PAIR;
+extern const uc_property_t UC_PROPERTY_COMBINING;
+extern const uc_property_t UC_PROPERTY_COMPOSITE;
+extern const uc_property_t UC_PROPERTY_DECIMAL_DIGIT;
+extern const uc_property_t UC_PROPERTY_NUMERIC;
+extern const uc_property_t UC_PROPERTY_DIACRITIC;
+extern const uc_property_t UC_PROPERTY_EXTENDER;
+extern const uc_property_t UC_PROPERTY_IGNORABLE_CONTROL;
+
+/* Return the property given by name, e.g. "White space".  */
+extern uc_property_t
+       uc_property_byname (const char *property_name);
+
+/* Test whether a property is valid.  */
+#define uc_property_is_valid(property) ((property).test_fn != NULL)
+
+/* Test whether a Unicode character has a given property.  */
+extern bool
+       uc_is_property (ucs4_t uc, uc_property_t property);
+extern bool uc_is_property_white_space (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_alphabetic (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_other_alphabetic (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_not_a_character (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_default_ignorable_code_point (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_other_default_ignorable_code_point (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_deprecated (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_logical_order_exception (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_variation_selector (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_private_use (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_unassigned_code_value (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_uppercase (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_other_uppercase (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_lowercase (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_other_lowercase (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_titlecase (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_cased (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_case_ignorable (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_changes_when_lowercased (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_changes_when_uppercased (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_changes_when_titlecased (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_changes_when_casefolded (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_changes_when_casemapped (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_soft_dotted (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_id_start (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_other_id_start (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_id_continue (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_other_id_continue (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_xid_start (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_xid_continue (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_pattern_white_space (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_pattern_syntax (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_join_control (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_grapheme_base (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_grapheme_extend (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_other_grapheme_extend (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_grapheme_link (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_control (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_left_to_right (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_hebrew_right_to_left (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_arabic_right_to_left (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_european_digit (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_eur_num_separator (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_eur_num_terminator (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_arabic_digit (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_common_separator (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_block_separator (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_segment_separator (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_whitespace (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_non_spacing_mark (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_boundary_neutral (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_pdf (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_embedding_or_override (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_bidi_other_neutral (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_hex_digit (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_ascii_hex_digit (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_ideographic (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_unified_ideograph (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_radical (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_ids_binary_operator (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_ids_trinary_operator (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_zero_width (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_space (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_non_break (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_iso_control (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_format_control (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_dash (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_hyphen (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_punctuation (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_line_separator (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_paragraph_separator (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_quotation_mark (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_sentence_terminal (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_terminal_punctuation (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_currency_symbol (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_math (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_other_math (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_paired_punctuation (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_left_of_pair (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_combining (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_composite (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_decimal_digit (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_numeric (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_diacritic (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_extender (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+extern bool uc_is_property_ignorable_control (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* ========================================================================= */
+
+/* Subdivision of the Unicode characters into scripts.  */
+
+typedef struct
+{
+  unsigned int code : 21;
+  unsigned int start : 1;
+  unsigned int end : 1;
+}
+uc_interval_t;
+typedef struct
+{
+  unsigned int nintervals;
+  const uc_interval_t *intervals;
+  const char *name;
+}
+uc_script_t;
+
+/* Return the script of a Unicode character.  */
+extern const uc_script_t *
+       uc_script (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Return the script given by name, e.g. "HAN".  */
+extern const uc_script_t *
+       uc_script_byname (const char *script_name)
+       _UC_ATTRIBUTE_PURE;
+
+/* Test whether a Unicode character belongs to a given script.  */
+extern bool
+       uc_is_script (ucs4_t uc, const uc_script_t *script)
+       _UC_ATTRIBUTE_PURE;
+
+/* Get the list of all scripts.  */
+extern void
+       uc_all_scripts (const uc_script_t **scripts, size_t *count);
+
+/* ========================================================================= */
+
+/* Subdivision of the Unicode character range into blocks.  */
+
+typedef struct
+{
+  ucs4_t start;
+  ucs4_t end;
+  const char *name;
+}
+uc_block_t;
+
+/* Return the block a character belongs to.  */
+extern const uc_block_t *
+       uc_block (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Test whether a Unicode character belongs to a given block.  */
+extern bool
+       uc_is_block (ucs4_t uc, const uc_block_t *block)
+       _UC_ATTRIBUTE_PURE;
+
+/* Get the list of all blocks.  */
+extern void
+       uc_all_blocks (const uc_block_t **blocks, size_t *count);
+
+/* ========================================================================= */
+
+/* Properties taken from language standards.  */
+
+/* Test whether a Unicode character is considered whitespace in ISO C 99.  */
+extern bool
+       uc_is_c_whitespace (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Test whether a Unicode character is considered whitespace in Java.  */
+extern bool
+       uc_is_java_whitespace (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+enum
+{
+  UC_IDENTIFIER_START,    /* valid as first or subsequent character */
+  UC_IDENTIFIER_VALID,    /* valid as subsequent character only */
+  UC_IDENTIFIER_INVALID,  /* not valid */
+  UC_IDENTIFIER_IGNORABLE /* ignorable (Java only) */
+};
+
+/* Return the categorization of a Unicode character w.r.t. the ISO C 99
+   identifier syntax.  */
+extern int
+       uc_c_ident_category (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Return the categorization of a Unicode character w.r.t. the Java
+   identifier syntax.  */
+extern int
+       uc_java_ident_category (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* ========================================================================= */
+
+/* Like ISO C <ctype.h> and <wctype.h>.  These functions are deprecated,
+   because this set of functions was designed with ASCII in mind and cannot
+   reflect the more diverse reality of the Unicode character set.  But they
+   can be a quick-and-dirty porting aid when migrating from wchar_t APIs
+   to Unicode strings.  */
+
+/* Test for any character for which 'uc_is_alpha' or 'uc_is_digit' is true.  */
+extern bool
+       uc_is_alnum (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Test for any character for which 'uc_is_upper' or 'uc_is_lower' is true,
+   or any character that is one of a locale-specific set of characters for
+   which none of 'uc_is_cntrl', 'uc_is_digit', 'uc_is_punct', or 'uc_is_space'
+   is true.  */
+extern bool
+       uc_is_alpha (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Test for any control character.  */
+extern bool
+       uc_is_cntrl (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Test for any character that corresponds to a decimal-digit character.  */
+extern bool
+       uc_is_digit (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Test for any character for which 'uc_is_print' is true and 'uc_is_space'
+   is false.  */
+extern bool
+       uc_is_graph (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Test for any character that corresponds to a lowercase letter or is one
+   of a locale-specific set of characters for which none of 'uc_is_cntrl',
+   'uc_is_digit', 'uc_is_punct', or 'uc_is_space' is true.  */
+extern bool
+       uc_is_lower (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Test for any printing character.  */
+extern bool
+       uc_is_print (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Test for any printing character that is one of a locale-specific set of
+   characters for which neither 'uc_is_space' nor 'uc_is_alnum' is true.  */
+extern bool
+       uc_is_punct (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Test for any character that corresponds to a locale-specific set of
+   characters for which none of 'uc_is_alnum', 'uc_is_graph', or 'uc_is_punct'
+   is true.  */
+extern bool
+       uc_is_space (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Test for any character that corresponds to an uppercase letter or is one
+   of a locale-specific set of character for which none of 'uc_is_cntrl',
+   'uc_is_digit', 'uc_is_punct', or 'uc_is_space' is true.  */
+extern bool
+       uc_is_upper (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* Test for any character that corresponds to a hexadecimal-digit
+   character.  */
+extern bool
+       uc_is_xdigit (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* GNU extension. */
+/* Test for any character that corresponds to a standard blank character or
+   a locale-specific set of characters for which 'uc_is_alnum' is false.  */
+extern bool
+       uc_is_blank (ucs4_t uc)
+       _UC_ATTRIBUTE_CONST;
+
+/* ========================================================================= */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _UNICTYPE_H */
diff --git a/lib/unistring/unictype/bitmap.h b/lib/unistring/unictype/bitmap.h
new file mode 100644
index 0000000..3fab59a
--- /dev/null
+++ b/lib/unistring/unictype/bitmap.h
@@ -0,0 +1,57 @@
+/* Three-level bitmap lookup.
+   Copyright (C) 2000-2002, 2005-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2000-2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+static inline int bitmap_lookup (const void *table, ucs4_t uc);
+
+/* These values are currently hardcoded into gen-uni-tables.c, function
+   output_predicate().  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+
+static inline int
+bitmap_lookup (const void *table, ucs4_t uc)
+{
+  unsigned int index1 = uc >> header_0;
+  if (index1 < ((const int *) table)[0])
+    {
+      int lookup1 = ((const int *) table)[1 + index1];
+      if (lookup1 >= 0)
+        {
+          unsigned int index2 = (uc >> header_2) & header_3;
+          int lookup2 = ((const short *) table)[lookup1 + index2];
+          if (lookup2 >= 0)
+            {
+              unsigned int index3 = (uc >> 5) & header_4;
+              unsigned int lookup3 = ((const unsigned int *) table)[lookup2 + index3];
+
+              return (lookup3 >> (uc & 0x1f)) & 1;
+            }
+        }
+    }
+  return 0;
+}
diff --git a/lib/unistring/unictype/categ_C.c b/lib/unistring/unictype/categ_C.c
new file mode 100644
index 0000000..23e7caf
--- /dev/null
+++ b/lib/unistring/unictype/categ_C.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_C table.  */
+#include "categ_C.h"
+
+const uc_general_category_t UC_CATEGORY_C =
+  { UC_CATEGORY_MASK_C, 0, { &u_categ_C } };
diff --git a/lib/unistring/unictype/categ_C.h b/lib/unistring/unictype/categ_C.h
new file mode 100644
index 0000000..34e4097
--- /dev/null
+++ b/lib/unistring/unictype/categ_C.h
@@ -0,0 +1,994 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[17];
+    short level2[5 << 7];
+    unsigned int level3[78 << 4];
+  }
+u_categ_C =
+{
+  { 17 },
+  {
+       18 * sizeof (int) / sizeof (short) +     0,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   256,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   512,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384
+  },
+  {
+       18 +   640 * sizeof (short) / sizeof (int) +     0,
+       18 +   640 * sizeof (short) / sizeof (int) +    16,
+       18 +   640 * sizeof (short) / sizeof (int) +    32,
+       18 +   640 * sizeof (short) / sizeof (int) +    48,
+       18 +   640 * sizeof (short) / sizeof (int) +    64,
+       18 +   640 * sizeof (short) / sizeof (int) +    80,
+       18 +   640 * sizeof (short) / sizeof (int) +    96,
+       18 +   640 * sizeof (short) / sizeof (int) +   112,
+       18 +   640 * sizeof (short) / sizeof (int) +   128,
+       18 +   640 * sizeof (short) / sizeof (int) +   144,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +   160,
+       18 +   640 * sizeof (short) / sizeof (int) +   176,
+       18 +   640 * sizeof (short) / sizeof (int) +   192,
+       18 +   640 * sizeof (short) / sizeof (int) +   208,
+       18 +   640 * sizeof (short) / sizeof (int) +   224,
+       18 +   640 * sizeof (short) / sizeof (int) +   240,
+       18 +   640 * sizeof (short) / sizeof (int) +   256,
+       18 +   640 * sizeof (short) / sizeof (int) +   272,
+       -1,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +   288,
+       18 +   640 * sizeof (short) / sizeof (int) +   304,
+       18 +   640 * sizeof (short) / sizeof (int) +   320,
+       18 +   640 * sizeof (short) / sizeof (int) +   336,
+       18 +   640 * sizeof (short) / sizeof (int) +   352,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +   368,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +   384,
+       -1,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +   400,
+       18 +   640 * sizeof (short) / sizeof (int) +   416,
+       18 +   640 * sizeof (short) / sizeof (int) +   432,
+       18 +   640 * sizeof (short) / sizeof (int) +   448,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +   464,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   496,
+       18 +   640 * sizeof (short) / sizeof (int) +   512,
+       18 +   640 * sizeof (short) / sizeof (int) +   528,
+       18 +   640 * sizeof (short) / sizeof (int) +   544,
+       18 +   640 * sizeof (short) / sizeof (int) +   560,
+       18 +   640 * sizeof (short) / sizeof (int) +   576,
+       18 +   640 * sizeof (short) / sizeof (int) +   592,
+       18 +   640 * sizeof (short) / sizeof (int) +   608,
+       18 +   640 * sizeof (short) / sizeof (int) +   624,
+       18 +   640 * sizeof (short) / sizeof (int) +   640,
+       18 +   640 * sizeof (short) / sizeof (int) +   656,
+       18 +   640 * sizeof (short) / sizeof (int) +   672,
+       18 +   640 * sizeof (short) / sizeof (int) +   688,
+       18 +   640 * sizeof (short) / sizeof (int) +   704,
+       18 +   640 * sizeof (short) / sizeof (int) +   720,
+       18 +   640 * sizeof (short) / sizeof (int) +   736,
+       18 +   640 * sizeof (short) / sizeof (int) +   752,
+       18 +   640 * sizeof (short) / sizeof (int) +   768,
+       18 +   640 * sizeof (short) / sizeof (int) +   784,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +   800,
+       18 +   640 * sizeof (short) / sizeof (int) +   816,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       -1,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +   832,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +   848,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +   864,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   880,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +   896,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +   912,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   928,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   944,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   960,
+       18 +   640 * sizeof (short) / sizeof (int) +   976,
+       18 +   640 * sizeof (short) / sizeof (int) +   992,
+       18 +   640 * sizeof (short) / sizeof (int) +  1008,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +  1024,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +  1040,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +  1056,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +  1072,
+       18 +   640 * sizeof (short) / sizeof (int) +  1088,
+       18 +   640 * sizeof (short) / sizeof (int) +  1104,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +  1120,
+       18 +   640 * sizeof (short) / sizeof (int) +  1136,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +  1152,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +  1168,
+       18 +   640 * sizeof (short) / sizeof (int) +  1184,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +  1200,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       -1,
+       18 +   640 * sizeof (short) / sizeof (int) +  1216,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +  1232,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480,
+       18 +   640 * sizeof (short) / sizeof (int) +   480
+  },
+  {
+    0xFFFFFFFFU, 0x00000000U, 0x00000000U, 0x80000000U,
+    0xFFFFFFFFU, 0x00002000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03000000U,
+    0x0000280FU, 0x00000004U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00010000U, 0x01800000U, 0x00000001U,
+    0x00011900U, 0x00000000U, 0x0000FF00U, 0xFFE0F800U,
+    0x3000003FU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x20000000U, 0x00000000U,
+    0x0000C000U, 0x00000000U, 0x00001800U, 0x00000000U,
+    0x00000000U, 0xFFFC0000U, 0x00000000U, 0xF8000000U,
+    0x00000000U, 0x8000C000U, 0xB0000000U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xC0200000U, 0x000FFFFFU, 0x00000004U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00066010U, 0x0C3A0200U, 0x4F7F8660U, 0xF0000030U,
+    0x00067811U, 0x2C920200U, 0xA1FDC678U, 0xFFC0003FU,
+    0x00044011U, 0x0C120200U, 0xFFFEC440U, 0xFDFC0030U,
+    0x00066011U, 0x0C120200U, 0x4F3FC660U, 0xFF000030U,
+    0x29C23813U, 0x3C0038E7U, 0xFF7EC238U, 0xF800003FU,
+    0x00022010U, 0x1C000200U, 0xF89FC220U, 0x00FF0030U,
+    0x00022010U, 0x0C100200U, 0xBF9FC220U, 0xFFF90030U,
+    0x00022011U, 0x18000000U, 0x000F0220U, 0x00000030U,
+    0x03800013U, 0xD0040000U, 0x00A07B80U, 0xFFE3003FU,
+    0x00000001U, 0x78000000U, 0xF0000000U, 0xFFFFFFFFU,
+    0x010FDA69U, 0xC4001351U, 0x0C00C0A0U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000100U, 0x0001E000U,
+    0x01000000U, 0x20000000U, 0xF8002000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000DF40U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xC280C200U, 0x00000000U,
+    0x0000C200U, 0x80C20000U, 0x008000C2U, 0x00000000U,
+    0x00C20000U, 0x00000000U, 0x18000000U, 0xE0000000U,
+    0xFC000000U, 0x00000000U, 0x00000000U, 0xC0C00000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xE0000000U, 0x00000000U, 0x00000000U, 0xFE000000U,
+    0xFFE02000U, 0xFF800000U, 0xFFF00000U, 0xFFF22000U,
+    0x00000000U, 0x00000000U, 0xC0000000U, 0xFC00FC00U,
+    0xFC00C000U, 0x00000000U, 0x00000000U, 0xFF000000U,
+    0x00000000U, 0x0000F800U, 0x00000000U, 0xFFC00000U,
+    0x80000000U, 0xF000F000U, 0x0000000EU, 0xFFE0C000U,
+    0x00000000U, 0x0000F000U, 0x3800FC00U, 0x00000000U,
+    0x30000000U, 0x00000000U, 0x80000000U, 0x60000000U,
+    0xFC00FC00U, 0x8000C000U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x0000F000U, 0xE0000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0FF00000U,
+    0x00000000U, 0x07000000U, 0x00001C00U, 0x00000000U,
+    0xFFFFFE00U, 0xFFFFFFFFU, 0x0000FF00U, 0xFC800000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x07C00000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xC0C00000U, 0x00000000U, 0x5500C0C0U, 0xC0000000U,
+    0x00000000U, 0x00200000U, 0x10300020U, 0x80230000U,
+    0x0000F800U, 0x00007C00U, 0x00000000U, 0x000CFFFFU,
+    0xE0008000U, 0x80000000U, 0x0000FFFFU, 0xFFFE0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000F000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x80000000U,
+    0x00000000U, 0xFFFFFF80U, 0xFFFFF800U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00300000U,
+    0x00C00000U, 0x1C000000U, 0xFFFC0200U, 0xFFFF0FFFU,
+    0x00000000U, 0x00008000U, 0x80000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x01F00000U,
+    0x00000000U, 0x0000DF40U, 0x00000000U, 0x7FFE7F00U,
+    0xFF800000U, 0x80808080U, 0x80808080U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFE0U, 0xFFFFFFFFU,
+    0x04000000U, 0x00000000U, 0x00000000U, 0xFFF00000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFC00000U, 0xF000FFFFU,
+    0x00000000U, 0x00000000U, 0x00000001U, 0x00000000U,
+    0x01800000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000001FU, 0x0001C000U, 0x00000000U, 0x00000000U,
+    0x00008000U, 0xF8000000U, 0x00000000U, 0x0000FFF0U,
+    0x80000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x80000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFC00000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFC00000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000E000U, 0x00000000U, 0x0000FF80U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFF000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFF000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFF008000U, 0xFFFFFFFFU, 0x007FFFFFU,
+    0x00000000U, 0xFC00F000U, 0x00000000U, 0xFF000000U,
+    0x00000000U, 0x00000000U, 0xFC003FC0U, 0xC0000000U,
+    0x00000000U, 0x00000000U, 0x7FF00000U, 0xE0000000U,
+    0x00000000U, 0x00000000U, 0x3C004000U, 0x80000000U,
+    0x00000000U, 0xFF800000U, 0x0C00C000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x07FFFFF8U, 0xFF800000U,
+    0xFF818181U, 0x00008080U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFC00C000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x0000FFF0U, 0x00000780U, 0xF0000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000C000U,
+    0x00000000U, 0x00000000U, 0xFC000000U, 0xFFFFFFFFU,
+    0x1F07FF80U, 0xA0800000U, 0x00000024U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0007FFFCU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000FFFFU, 0x00000000U,
+    0x00030000U, 0x00000000U, 0xFFFFFF00U, 0xC000FFFFU,
+    0xFC000000U, 0x00000000U, 0x00080000U, 0x0020F080U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xE0000000U,
+    0x00000001U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x80000000U, 0xE3030303U, 0xCFFF8080U,
+    0x00001000U, 0x48000080U, 0xC000C000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xF8000000U,
+    0x00000078U, 0x00700000U, 0x00000000U, 0x00000000U,
+    0xF0008000U, 0xFFFFFFFEU, 0x0000FFFFU, 0xC0000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xE0000000U, 0x00000000U, 0xFFFE0000U, 0xF0000000U,
+    0x00000000U, 0x0000FFF0U, 0x0000F800U, 0xF8000000U,
+    0x40000000U, 0x00000000U, 0xFFC000F0U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xC0000000U, 0x0000FC00U, 0x00F00000U, 0xF0000000U,
+    0x00000000U, 0x0000FF00U, 0x00000000U, 0xFFFF7FF0U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFF800000U, 0xFFC00000U, 0xFFFFFF00U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x000002C0U, 0x6E400000U, 0x00400000U, 0x00000000U,
+    0x80000000U, 0xFFFF007FU, 0xFFFFFFFFU, 0x07C80000U,
+    0x70000000U, 0x7C000000U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x0F000000U, 0x00030000U, 0x00000000U,
+    0x01100F90U, 0x78F00000U, 0xFE00FF00U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFFU, 0x00000000U, 0xFF800780U,
+    0x00000000U, 0x01C00000U, 0x00C00000U, 0x00F80000U,
+    0xE1FC0000U, 0xFFFF01FFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0xFFFFFE00U, 0xFFFFFFFFU,
+    0x00000000U, 0xFFF80000U, 0x00000000U, 0x03F80000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x80000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x0003C000U, 0x7FFF0000U,
+    0x00000000U, 0x20000000U, 0x0000FFFCU, 0xFC00FE00U,
+    0x00000000U, 0x00200000U, 0x0000FFF0U, 0xFF800000U,
+    0x00000000U, 0x00000000U, 0x0000C000U, 0xFFE00001U,
+    0x00040000U, 0x80000000U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x40004280U, 0x0000FC00U, 0x00000000U, 0xFC00F800U,
+    0x00066010U, 0x0C120200U, 0x1F7EC660U, 0xFFE0E030U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0xD4000000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0xFC00FF00U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00C00000U, 0xC0000000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0xFC00FFE0U, 0xFFFFE000U,
+    0x00000000U, 0xFF000000U, 0xFFFFFC00U, 0xFFFFFFFFU,
+    0x1C000000U, 0x0000F000U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x00000000U, 0x00000000U, 0x7FF80000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x00000000U, 0xFE000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000200U, 0x00800000U, 0x0000FFC0U, 0x0000E000U,
+    0x00030000U, 0xFF800100U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFC000000U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFE08000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFF0U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0xFFFF8000U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0xFFFFFF80U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0xFE000000U, 0x80000000U, 0xFFFF3C00U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000FFFFU, 0xFFC0C000U,
+    0x00000000U, 0x00000000U, 0x0400FFC0U, 0x1F000004U,
+    0xFFFF0000U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x0000FFE0U, 0x80000000U,
+    0x00007FFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFEU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFFFE000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFF80000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFCU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xE000F800U,
+    0x0C00FE00U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFC00000U,
+    0x00000000U, 0x00000180U, 0x00000000U, 0x07F80000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFFFFE00U,
+    0x00000000U, 0x00000000U, 0xFFFFFFC0U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0xFF800000U, 0xFFFC0000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00200000U, 0x00000000U,
+    0x20000000U, 0x1400219BU, 0x00000010U, 0x00000000U,
+    0x20201840U, 0x84000000U, 0x000203A0U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x000000C0U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00003000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x07FFF000U, 0xFFFF0001U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x06000080U, 0xFFFFF824U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFF800060U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x3C00F800U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000010U, 0xF5080169U, 0x5569157BU, 0xA1080869U,
+    0xF0000400U, 0xF0000411U, 0xFFFFFFFFU, 0xFFFCFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x0000F000U, 0x00000000U, 0x00000000U,
+    0xFFF00000U, 0x00018000U, 0x00010001U, 0xFFC00000U,
+    0x0000E000U, 0x00008000U, 0x00000000U, 0x0000F000U,
+    0x00000000U, 0xFFFFE000U, 0xFFFFFFFFU, 0x0000003FU,
+    0x0000FFF8U, 0xF0000000U, 0xFFFCFE00U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFF80000U, 0xFF80E000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFF00000U,
+    0x00000000U, 0x00000000U, 0xFFE00000U, 0xFFFFFFFFU,
+    0x0000F000U, 0x00000000U, 0xFC00FF00U, 0x00000000U,
+    0x0000FF00U, 0xFFFFC000U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x8000FFFFU, 0x8006FF00U, 0x8000F000U, 0xFFFFFFFFU,
+    0xFFFC0000U, 0xFFFFFFFFU, 0xFFFFFFFEU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFF800000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFE00000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xC0000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFCU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xC0000000U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFFF0000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Cc.c b/lib/unistring/unictype/categ_Cc.c
new file mode 100644
index 0000000..b2f4c9b
--- /dev/null
+++ b/lib/unistring/unictype/categ_Cc.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Cc table.  */
+#include "categ_Cc.h"
+
+const uc_general_category_t UC_CATEGORY_Cc =
+  { UC_CATEGORY_MASK_Cc, 0, { &u_categ_Cc } };
diff --git a/lib/unistring/unictype/categ_Cc.h b/lib/unistring/unictype/categ_Cc.h
new file mode 100644
index 0000000..1573450
--- /dev/null
+++ b/lib/unistring/unictype/categ_Cc.h
@@ -0,0 +1,156 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[1 << 4];
+  }
+u_categ_Cc =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0xFFFFFFFFU, 0x00000000U, 0x00000000U, 0x80000000U,
+    0xFFFFFFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Cf.c b/lib/unistring/unictype/categ_Cf.c
new file mode 100644
index 0000000..caa7836
--- /dev/null
+++ b/lib/unistring/unictype/categ_Cf.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Cf table.  */
+#include "categ_Cf.h"
+
+const uc_general_category_t UC_CATEGORY_Cf =
+  { UC_CATEGORY_MASK_Cf, 0, { &u_categ_Cf } };
diff --git a/lib/unistring/unictype/categ_Cf.h b/lib/unistring/unictype/categ_Cf.h
new file mode 100644
index 0000000..76deea9
--- /dev/null
+++ b/lib/unistring/unictype/categ_Cf.h
@@ -0,0 +1,464 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[15];
+    short level2[3 << 7];
+    unsigned int level3[10 << 4];
+  }
+u_categ_Cf =
+{
+  { 15 },
+  {
+       16 * sizeof (int) / sizeof (short) +     0,
+       16 * sizeof (int) / sizeof (short) +   128,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 * sizeof (int) / sizeof (short) +   256
+  },
+  {
+       16 +   384 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +    16,
+       16 +   384 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +    48,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +    64,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +    80,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +    96,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   112,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   128,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   144,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00002000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x1000003FU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x20000000U, 0x00000000U,
+    0x00008000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000004U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00004000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000F800U, 0x00007C00U, 0x00000000U, 0x0000FFDFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x80000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0E000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x20000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x0000000FU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x07F80000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000002U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Cn.c b/lib/unistring/unictype/categ_Cn.c
new file mode 100644
index 0000000..57ceb96
--- /dev/null
+++ b/lib/unistring/unictype/categ_Cn.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Cn table.  */
+#include "categ_Cn.h"
+
+const uc_general_category_t UC_CATEGORY_Cn =
+  { UC_CATEGORY_MASK_Cn, 0, { &u_categ_Cn } };
diff --git a/lib/unistring/unictype/categ_Cn.h b/lib/unistring/unictype/categ_Cn.h
new file mode 100644
index 0000000..80849cc
--- /dev/null
+++ b/lib/unistring/unictype/categ_Cn.h
@@ -0,0 +1,1118 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[17];
+    short level2[6 << 7];
+    unsigned int level3[77 << 4];
+  }
+u_categ_Cn =
+{
+  { 17 },
+  {
+       18 * sizeof (int) / sizeof (short) +     0,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   256,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   384,
+       18 * sizeof (int) / sizeof (short) +   512,
+       18 * sizeof (int) / sizeof (short) +   640,
+       18 * sizeof (int) / sizeof (short) +   640
+  },
+  {
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +     0,
+       18 +   768 * sizeof (short) / sizeof (int) +    16,
+       18 +   768 * sizeof (short) / sizeof (int) +    32,
+       18 +   768 * sizeof (short) / sizeof (int) +    48,
+       18 +   768 * sizeof (short) / sizeof (int) +    64,
+       18 +   768 * sizeof (short) / sizeof (int) +    80,
+       18 +   768 * sizeof (short) / sizeof (int) +    96,
+       18 +   768 * sizeof (short) / sizeof (int) +   112,
+       18 +   768 * sizeof (short) / sizeof (int) +   128,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +   144,
+       18 +   768 * sizeof (short) / sizeof (int) +   160,
+       18 +   768 * sizeof (short) / sizeof (int) +   176,
+       18 +   768 * sizeof (short) / sizeof (int) +   192,
+       18 +   768 * sizeof (short) / sizeof (int) +   208,
+       18 +   768 * sizeof (short) / sizeof (int) +   224,
+       18 +   768 * sizeof (short) / sizeof (int) +   240,
+       18 +   768 * sizeof (short) / sizeof (int) +   256,
+       -1,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +   272,
+       18 +   768 * sizeof (short) / sizeof (int) +   288,
+       18 +   768 * sizeof (short) / sizeof (int) +   304,
+       18 +   768 * sizeof (short) / sizeof (int) +   320,
+       18 +   768 * sizeof (short) / sizeof (int) +   336,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +   352,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +   368,
+       -1,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +   384,
+       18 +   768 * sizeof (short) / sizeof (int) +   400,
+       18 +   768 * sizeof (short) / sizeof (int) +   416,
+       18 +   768 * sizeof (short) / sizeof (int) +   432,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +   448,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +   464,
+       18 +   768 * sizeof (short) / sizeof (int) +   480,
+       18 +   768 * sizeof (short) / sizeof (int) +   496,
+       18 +   768 * sizeof (short) / sizeof (int) +   512,
+       18 +   768 * sizeof (short) / sizeof (int) +   528,
+       18 +   768 * sizeof (short) / sizeof (int) +   544,
+       18 +   768 * sizeof (short) / sizeof (int) +   560,
+       18 +   768 * sizeof (short) / sizeof (int) +   576,
+       18 +   768 * sizeof (short) / sizeof (int) +   592,
+       18 +   768 * sizeof (short) / sizeof (int) +   608,
+       18 +   768 * sizeof (short) / sizeof (int) +   624,
+       18 +   768 * sizeof (short) / sizeof (int) +   640,
+       18 +   768 * sizeof (short) / sizeof (int) +   656,
+       18 +   768 * sizeof (short) / sizeof (int) +   672,
+       18 +   768 * sizeof (short) / sizeof (int) +   688,
+       18 +   768 * sizeof (short) / sizeof (int) +   704,
+       18 +   768 * sizeof (short) / sizeof (int) +   720,
+       18 +   768 * sizeof (short) / sizeof (int) +   736,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +   768,
+       18 +   768 * sizeof (short) / sizeof (int) +   784,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       -1,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +   800,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +   816,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +   832,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   848,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +   864,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +   880,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   896,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   912,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   928,
+       18 +   768 * sizeof (short) / sizeof (int) +   944,
+       18 +   768 * sizeof (short) / sizeof (int) +   960,
+       18 +   768 * sizeof (short) / sizeof (int) +   976,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +   992,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +  1008,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +  1024,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +  1040,
+       18 +   768 * sizeof (short) / sizeof (int) +  1056,
+       18 +   768 * sizeof (short) / sizeof (int) +  1072,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +  1088,
+       18 +   768 * sizeof (short) / sizeof (int) +  1104,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +  1120,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +  1136,
+       18 +   768 * sizeof (short) / sizeof (int) +  1152,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +  1168,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +  1184,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +  1200,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       18 +   768 * sizeof (short) / sizeof (int) +   752,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   768 * sizeof (short) / sizeof (int) +  1216
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03000000U,
+    0x0000280FU, 0x00000004U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00010000U, 0x01800000U, 0x00000001U,
+    0x00011900U, 0x00000000U, 0x0000FF00U, 0xFFE0F800U,
+    0x20000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00004000U, 0x00000000U, 0x00001800U, 0x00000000U,
+    0x00000000U, 0xFFFC0000U, 0x00000000U, 0xF8000000U,
+    0x00000000U, 0x8000C000U, 0xB0000000U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xC0200000U, 0x000FFFFFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00066010U, 0x0C3A0200U, 0x4F7F8660U, 0xF0000030U,
+    0x00067811U, 0x2C920200U, 0xA1FDC678U, 0xFFC0003FU,
+    0x00044011U, 0x0C120200U, 0xFFFEC440U, 0xFDFC0030U,
+    0x00066011U, 0x0C120200U, 0x4F3FC660U, 0xFF000030U,
+    0x29C23813U, 0x3C0038E7U, 0xFF7EC238U, 0xF800003FU,
+    0x00022010U, 0x1C000200U, 0xF89FC220U, 0x00FF0030U,
+    0x00022010U, 0x0C100200U, 0xBF9FC220U, 0xFFF90030U,
+    0x00022011U, 0x18000000U, 0x000F0220U, 0x00000030U,
+    0x03800013U, 0xD0040000U, 0x00A07B80U, 0xFFE3003FU,
+    0x00000001U, 0x78000000U, 0xF0000000U, 0xFFFFFFFFU,
+    0x010FDA69U, 0xC4001351U, 0x0C00C0A0U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000100U, 0x0001E000U,
+    0x01000000U, 0x20000000U, 0xF8002000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000DF40U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xC280C200U, 0x00000000U,
+    0x0000C200U, 0x80C20000U, 0x008000C2U, 0x00000000U,
+    0x00C20000U, 0x00000000U, 0x18000000U, 0xE0000000U,
+    0xFC000000U, 0x00000000U, 0x00000000U, 0xC0C00000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xE0000000U, 0x00000000U, 0x00000000U, 0xFE000000U,
+    0xFFE02000U, 0xFF800000U, 0xFFF00000U, 0xFFF22000U,
+    0x00000000U, 0x00000000U, 0xC0000000U, 0xFC00FC00U,
+    0xFC008000U, 0x00000000U, 0x00000000U, 0xFF000000U,
+    0x00000000U, 0x0000F800U, 0x00000000U, 0xFFC00000U,
+    0x80000000U, 0xF000F000U, 0x0000000EU, 0xFFE0C000U,
+    0x00000000U, 0x0000F000U, 0x3800FC00U, 0x00000000U,
+    0x30000000U, 0x00000000U, 0x80000000U, 0x60000000U,
+    0xFC00FC00U, 0x8000C000U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x0000F000U, 0xE0000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0FF00000U,
+    0x00000000U, 0x07000000U, 0x00001C00U, 0x00000000U,
+    0xFFFFFE00U, 0xFFFFFFFFU, 0x0000FF00U, 0xFC800000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x07C00000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xC0C00000U, 0x00000000U, 0x5500C0C0U, 0xC0000000U,
+    0x00000000U, 0x00200000U, 0x10300020U, 0x80230000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x000C0020U,
+    0xE0008000U, 0x80000000U, 0x0000FFFFU, 0xFFFE0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000F000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x80000000U,
+    0x00000000U, 0xFFFFFF80U, 0xFFFFF800U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00300000U,
+    0x00C00000U, 0x1C000000U, 0xFFFC0200U, 0xFFFF0FFFU,
+    0x00000000U, 0x00008000U, 0x80000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x01F00000U,
+    0x00000000U, 0x0000DF40U, 0x00000000U, 0x7FFE7F00U,
+    0xFF800000U, 0x80808080U, 0x80808080U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFE0U, 0xFFFFFFFFU,
+    0x04000000U, 0x00000000U, 0x00000000U, 0xFFF00000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFC00000U, 0xF000FFFFU,
+    0x00000000U, 0x00000000U, 0x00000001U, 0x00000000U,
+    0x01800000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000001FU, 0x0001C000U, 0x00000000U, 0x00000000U,
+    0x00008000U, 0xF8000000U, 0x00000000U, 0x0000FFF0U,
+    0x80000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x80000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFC00000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFC00000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000E000U, 0x00000000U, 0x0000FF80U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFF000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFF000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFF008000U, 0xFFFFFFFFU, 0x007FFFFFU,
+    0x00000000U, 0xFC00F000U, 0x00000000U, 0xFF000000U,
+    0x00000000U, 0x00000000U, 0xFC003FC0U, 0xC0000000U,
+    0x00000000U, 0x00000000U, 0x7FF00000U, 0xE0000000U,
+    0x00000000U, 0x00000000U, 0x3C004000U, 0x80000000U,
+    0x00000000U, 0xFF800000U, 0x0C00C000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x07FFFFF8U, 0xFF800000U,
+    0xFF818181U, 0x00008080U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFC00C000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x0000FFF0U, 0x00000780U, 0xF0000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000C000U,
+    0x00000000U, 0x00000000U, 0xFC000000U, 0xFFFFFFFFU,
+    0x1F07FF80U, 0xA0800000U, 0x00000024U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0007FFFCU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000FFFFU, 0x00000000U,
+    0x00030000U, 0x00000000U, 0xFFFFFF00U, 0xC000FFFFU,
+    0xFC000000U, 0x00000000U, 0x00080000U, 0x0020F080U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x60000000U,
+    0x00000001U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x80000000U, 0xE3030303U, 0xC1FF8080U,
+    0x00001000U, 0x48000080U, 0xC000C000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xF8000000U,
+    0x00000078U, 0x00700000U, 0x00000000U, 0x00000000U,
+    0xF0008000U, 0xFFFFFFFEU, 0x0000FFFFU, 0xC0000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xE0000000U, 0x00000000U, 0xFFFE0000U, 0xF0000000U,
+    0x00000000U, 0x0000FFF0U, 0x0000F800U, 0xF8000000U,
+    0x40000000U, 0x00000000U, 0xFFC000F0U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xC0000000U, 0x0000FC00U, 0x00F00000U, 0xF0000000U,
+    0x00000000U, 0x0000FF00U, 0x00000000U, 0xFFFF7FF0U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFF800000U, 0xFFC00000U, 0xFFFFFF00U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x000002C0U, 0x6E400000U, 0x00400000U, 0x00000000U,
+    0x80000000U, 0xFFFF007FU, 0xFFFFFFFFU, 0x07C80000U,
+    0x70000000U, 0x7C000000U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x0F000000U, 0x00030000U, 0x00000000U,
+    0x01100F90U, 0x78F00000U, 0xFE00FF00U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFFU, 0x00000000U, 0xFF800780U,
+    0x00000000U, 0x01C00000U, 0x00C00000U, 0x00F80000U,
+    0xE1FC0000U, 0xFFFF01FFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0xFFFFFE00U, 0xFFFFFFFFU,
+    0x00000000U, 0xFFF80000U, 0x00000000U, 0x03F80000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x80000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x0003C000U, 0x7FFF0000U,
+    0x00000000U, 0x00000000U, 0x0000FFFCU, 0xFC00FE00U,
+    0x00000000U, 0x00200000U, 0x0000FFF0U, 0xFF800000U,
+    0x00000000U, 0x00000000U, 0x0000C000U, 0xFFE00001U,
+    0x00040000U, 0x80000000U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x40004280U, 0x0000FC00U, 0x00000000U, 0xFC00F800U,
+    0x00066010U, 0x0C120200U, 0x1F7EC660U, 0xFFE0E030U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0xD4000000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0xFC00FF00U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00C00000U, 0xC0000000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0xFC00FFE0U, 0xFFFFE000U,
+    0x00000000U, 0xFF000000U, 0xFFFFFC00U, 0xFFFFFFFFU,
+    0x1C000000U, 0x0000F000U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x00000000U, 0x00000000U, 0x7FF80000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x00000000U, 0xFE000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000200U, 0x00800000U, 0x0000FFC0U, 0x0000E000U,
+    0x00030000U, 0xFF800100U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFC000000U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFE08000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFF0U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0xFFFF8000U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0xFFFFFF80U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0xFE000000U, 0x80000000U, 0xFFFF3C00U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000FFFFU, 0xFFC0C000U,
+    0x00000000U, 0x00000000U, 0x0400FFC0U, 0x1F000004U,
+    0xFFFF0000U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x0000FFE0U, 0x80000000U,
+    0x00007FFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFEU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFFFE000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFF80000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFCU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xE000F800U,
+    0x0C00FE00U, 0xFFFFFFF0U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFC00000U,
+    0x00000000U, 0x00000180U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFFFFE00U,
+    0x00000000U, 0x00000000U, 0xFFFFFFC0U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0xFF800000U, 0xFFFC0000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00200000U, 0x00000000U,
+    0x20000000U, 0x1400219BU, 0x00000010U, 0x00000000U,
+    0x20201840U, 0x84000000U, 0x000203A0U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x000000C0U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00003000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x07FFF000U, 0xFFFF0001U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x06000080U, 0xFFFFF824U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFF800060U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x3C00F800U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000010U, 0xF5080169U, 0x5569157BU, 0xA1080869U,
+    0xF0000400U, 0xF0000411U, 0xFFFFFFFFU, 0xFFFCFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x0000F000U, 0x00000000U, 0x00000000U,
+    0xFFF00000U, 0x00018000U, 0x00010001U, 0xFFC00000U,
+    0x0000E000U, 0x00008000U, 0x00000000U, 0x0000F000U,
+    0x00000000U, 0xFFFFE000U, 0xFFFFFFFFU, 0x0000003FU,
+    0x0000FFF8U, 0xF0000000U, 0xFFFCFE00U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFF80000U, 0xFF80E000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFF00000U,
+    0x00000000U, 0x00000000U, 0xFFE00000U, 0xFFFFFFFFU,
+    0x0000F000U, 0x00000000U, 0xFC00FF00U, 0x00000000U,
+    0x0000FF00U, 0xFFFFC000U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x8000FFFFU, 0x8006FF00U, 0x8000F000U, 0xFFFFFFFFU,
+    0xFFFC0000U, 0xFFFFFFFFU, 0xFFFFFFFEU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFF800000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFE00000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xC0000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFCU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xC0000000U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFDU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFFF0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xC0000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Co.c b/lib/unistring/unictype/categ_Co.c
new file mode 100644
index 0000000..7f90e3c
--- /dev/null
+++ b/lib/unistring/unictype/categ_Co.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Co table.  */
+#include "categ_Co.h"
+
+const uc_general_category_t UC_CATEGORY_Co =
+  { UC_CATEGORY_MASK_Co, 0, { &u_categ_Co } };
diff --git a/lib/unistring/unictype/categ_Co.h b/lib/unistring/unictype/categ_Co.h
new file mode 100644
index 0000000..10d81e2
--- /dev/null
+++ b/lib/unistring/unictype/categ_Co.h
@@ -0,0 +1,310 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[17];
+    short level2[2 << 7];
+    unsigned int level3[3 << 4];
+  }
+u_categ_Co =
+{
+  { 17 },
+  {
+       18 * sizeof (int) / sizeof (short) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       -1,
+       -1,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +    32
+  },
+  {
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x3FFFFFFFU
+  }
+};
diff --git a/lib/unistring/unictype/categ_Cs.c b/lib/unistring/unictype/categ_Cs.c
new file mode 100644
index 0000000..5c7b4d8
--- /dev/null
+++ b/lib/unistring/unictype/categ_Cs.c
@@ -0,0 +1,39 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+static bool
+uc_is_category_Cs (ucs4_t uc)
+{
+  return (uc >= 0xd800 && uc < 0xe000);
+}
+
+const uc_general_category_t UC_CATEGORY_Cs =
+  { UC_CATEGORY_MASK_Cs, 1, { &uc_is_category_Cs } };
diff --git a/lib/unistring/unictype/categ_Cs.h b/lib/unistring/unictype/categ_Cs.h
new file mode 100644
index 0000000..478b157
--- /dev/null
+++ b/lib/unistring/unictype/categ_Cs.h
@@ -0,0 +1,156 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[1 << 4];
+  }
+u_categ_Cs =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU
+  }
+};
diff --git a/lib/unistring/unictype/categ_L.c b/lib/unistring/unictype/categ_L.c
new file mode 100644
index 0000000..827fdcf
--- /dev/null
+++ b/lib/unistring/unictype/categ_L.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_L table.  */
+#include "categ_L.h"
+
+const uc_general_category_t UC_CATEGORY_L =
+  { UC_CATEGORY_MASK_L, 0, { &u_categ_L } };
diff --git a/lib/unistring/unictype/categ_L.h b/lib/unistring/unictype/categ_L.h
new file mode 100644
index 0000000..97c0b57
--- /dev/null
+++ b/lib/unistring/unictype/categ_L.h
@@ -0,0 +1,672 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[3];
+    short level2[3 << 7];
+    unsigned int level3[65 << 4];
+  }
+u_categ_L =
+{
+  { 3 },
+  {
+        4 * sizeof (int) / sizeof (short) +     0,
+        4 * sizeof (int) / sizeof (short) +   128,
+        4 * sizeof (int) / sizeof (short) +   256
+  },
+  {
+        4 +   384 * sizeof (short) / sizeof (int) +     0,
+        4 +   384 * sizeof (short) / sizeof (int) +    16,
+        4 +   384 * sizeof (short) / sizeof (int) +    32,
+        4 +   384 * sizeof (short) / sizeof (int) +    48,
+        4 +   384 * sizeof (short) / sizeof (int) +    64,
+        4 +   384 * sizeof (short) / sizeof (int) +    80,
+        4 +   384 * sizeof (short) / sizeof (int) +    96,
+        4 +   384 * sizeof (short) / sizeof (int) +   112,
+        4 +   384 * sizeof (short) / sizeof (int) +   128,
+        4 +   384 * sizeof (short) / sizeof (int) +   144,
+        4 +   384 * sizeof (short) / sizeof (int) +   160,
+        4 +   384 * sizeof (short) / sizeof (int) +   176,
+        4 +   384 * sizeof (short) / sizeof (int) +   192,
+        4 +   384 * sizeof (short) / sizeof (int) +   208,
+        4 +   384 * sizeof (short) / sizeof (int) +   224,
+        4 +   384 * sizeof (short) / sizeof (int) +   240,
+        4 +   384 * sizeof (short) / sizeof (int) +   256,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   272,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   304,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   336,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   352,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   368,
+        4 +   384 * sizeof (short) / sizeof (int) +   384,
+        4 +   384 * sizeof (short) / sizeof (int) +   400,
+        4 +   384 * sizeof (short) / sizeof (int) +   416,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   432,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   448,
+        4 +   384 * sizeof (short) / sizeof (int) +   464,
+        4 +   384 * sizeof (short) / sizeof (int) +   480,
+        4 +   384 * sizeof (short) / sizeof (int) +   496,
+        4 +   384 * sizeof (short) / sizeof (int) +   512,
+        4 +   384 * sizeof (short) / sizeof (int) +   528,
+        4 +   384 * sizeof (short) / sizeof (int) +   544,
+        4 +   384 * sizeof (short) / sizeof (int) +   560,
+        4 +   384 * sizeof (short) / sizeof (int) +   576,
+        4 +   384 * sizeof (short) / sizeof (int) +   592,
+        4 +   384 * sizeof (short) / sizeof (int) +   608,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   624,
+        4 +   384 * sizeof (short) / sizeof (int) +   640,
+        4 +   384 * sizeof (short) / sizeof (int) +   656,
+        4 +   384 * sizeof (short) / sizeof (int) +   672,
+        4 +   384 * sizeof (short) / sizeof (int) +   688,
+        4 +   384 * sizeof (short) / sizeof (int) +   704,
+        4 +   384 * sizeof (short) / sizeof (int) +   720,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   736,
+        4 +   384 * sizeof (short) / sizeof (int) +   752,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   768,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   784,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   800,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   816,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   832,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   848,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   864,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   880,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   896,
+        4 +   384 * sizeof (short) / sizeof (int) +   912,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   928,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   944,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   960,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   976,
+        4 +   384 * sizeof (short) / sizeof (int) +   992,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +  1008,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +  1024,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x07FFFFFEU, 0x07FFFFFEU,
+    0x00000000U, 0x04200400U, 0xFF7FFFFFU, 0xFF7FFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0003FFC3U, 0x0000501FU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xBCDF0000U,
+    0xFFFFD740U, 0xFFFFFFFBU, 0xFFFFFFFFU, 0xFFBFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFC03U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFEFFFFU, 0x027FFFFFU, 0xFFFFFFFEU,
+    0x000000FFU, 0x00000000U, 0xFFFF0000U, 0x000707FFU,
+    0x00000000U, 0xFFFFFFFFU, 0x000007FFU, 0xFFFEC000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x002FFFFFU, 0x9C00C060U,
+    0xFFFD0000U, 0x0000FFFFU, 0xFFFFE000U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x0002003FU, 0xFFFFFC00U, 0x043007FFU,
+    0x043FFFFFU, 0x00000110U, 0x01FFFFFFU, 0x00000000U,
+    0x00000000U, 0x3FDFFFFFU, 0x00000000U, 0x00000000U,
+    0xFFFFFFF0U, 0x23FFFFFFU, 0xFF010000U, 0xFFFE0003U,
+    0xFFF99FE1U, 0x23C5FDFFU, 0xB0004000U, 0x00030003U,
+    0xFFF987E0U, 0x036DFDFFU, 0x5E000000U, 0x001C0000U,
+    0xFFFBBFE0U, 0x23EDFDFFU, 0x00010000U, 0x02000003U,
+    0xFFF99FE0U, 0x23EDFDFFU, 0xB0000000U, 0x00020003U,
+    0xD63DC7E8U, 0x03FFC718U, 0x00010000U, 0x00000000U,
+    0xFFFDDFE0U, 0x23FFFDFFU, 0x07000000U, 0x00000003U,
+    0xFFFDDFE1U, 0x23EFFDFFU, 0x40000000U, 0x00060003U,
+    0xFFFDDFE0U, 0x27FFFFFFU, 0x80704000U, 0xFC000003U,
+    0xFC7FFFE0U, 0x2FFBFFFFU, 0x0000007FU, 0x00000000U,
+    0xFFFFFFFEU, 0x000DFFFFU, 0x0000007FU, 0x00000000U,
+    0xFEF02596U, 0x200DECAEU, 0xF000005FU, 0x00000000U,
+    0x00000001U, 0x00000000U, 0xFFFFFEFFU, 0x00001FFFU,
+    0x00001F00U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x800007FFU, 0x3C3F0000U, 0xFFE1C062U,
+    0x00004003U, 0xFFFFFFFFU, 0xFFFF20BFU, 0xF7FFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x3D7F3DFFU, 0xFFFFFFFFU,
+    0xFFFF3DFFU, 0x7F3DFFFFU, 0xFF7FFF3DU, 0xFFFFFFFFU,
+    0xFF3DFFFFU, 0xFFFFFFFFU, 0x07FFFFFFU, 0x00000000U,
+    0x0000FFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x3F3FFFFFU,
+    0xFFFFFFFEU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFF9FFFU,
+    0x07FFFFFEU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x01FE07FFU,
+    0x0003DFFFU, 0x0003FFFFU, 0x0003FFFFU, 0x0001DFFFU,
+    0xFFFFFFFFU, 0x000FFFFFU, 0x10800000U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x00FFFFFFU,
+    0xFFFFFF9FU, 0xFFFF05FFU, 0xFFFFFFFFU, 0x003FFFFFU,
+    0x7FFFFFFFU, 0x00000000U, 0xFFFF0000U, 0x001F3FFFU,
+    0xFFFFFFFFU, 0xFFFF0FFFU, 0x000003FFU, 0x00000000U,
+    0x007FFFFFU, 0xFFFFFFFFU, 0x001FFFFFU, 0x00000000U,
+    0x00000000U, 0x00000080U, 0x00000000U, 0x00000000U,
+    0xFFFFFFE0U, 0x000FFFFFU, 0x00000FE0U, 0x00000000U,
+    0xFFFFFFF8U, 0xFC00C001U, 0xFFFFFFFFU, 0x0000003FU,
+    0xFFFFFFFFU, 0x0000000FU, 0xFC00E000U, 0x3FFFFFFFU,
+    0x000001FFU, 0x00000000U, 0x00000000U, 0x0063DE00U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x3F3FFFFFU, 0xFFFFFFFFU, 0xAAFF3F3FU, 0x3FFFFFFFU,
+    0xFFFFFFFFU, 0x5FDFFFFFU, 0x0FCF1FDCU, 0x1FDC1FFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x80020000U,
+    0x1FFF0000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x3E2FFC84U, 0xF3FFBD50U, 0x000043E0U, 0x00000000U,
+    0x00000018U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFF7FFFU, 0x7FFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x000C781FU,
+    0xFFFFFFFFU, 0xFFFF20BFU, 0xFFFFFFFFU, 0x000080FFU,
+    0x007FFFFFU, 0x7F7F7F7FU, 0x7F7F7F7FU, 0x00000000U,
+    0x00000000U, 0x00008000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000060U, 0x183E0000U, 0xFFFFFFFEU, 0xFFFFFFFFU,
+    0xE07FFFFFU, 0xFFFFFFFEU, 0xFFFFFFFFU, 0xF7FFFFFFU,
+    0xFFFFFFE0U, 0xFFFE3FFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00007FFFU, 0x07FFFFFFU, 0x00000000U, 0xFFFF0000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x003FFFFFU, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x003FFFFFU, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00001FFFU, 0x00000000U, 0xFFFF0000U, 0x3FFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFF1FFFU, 0x00000C00U, 0xFFFFFFFFU, 0x80007FFFU,
+    0x3FFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000003FU,
+    0xFF800000U, 0xFFFFFFFCU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFF9FFU, 0x00FF7FFFU, 0x00000000U, 0xFF800000U,
+    0xFFFFF7BBU, 0x00000007U, 0xFFFFFFFFU, 0x000FFFFFU,
+    0xFFFFFFFCU, 0x000FFFFFU, 0x00000000U, 0x28FC0000U,
+    0xFFFFFC00U, 0xFFFF003FU, 0x0000007FU, 0x1FFFFFFFU,
+    0xFFFFFFF0U, 0x0007FFFFU, 0x00008000U, 0x7C00FFDFU,
+    0xFFFFFFFFU, 0x000001FFU, 0x00000FF7U, 0xC47FFFFFU,
+    0xFFFFFFFFU, 0x3E62FFFFU, 0x38000005U, 0x001C07FFU,
+    0x007E7E7EU, 0xFFFF7F7FU, 0xF7FFFFFFU, 0xFFFF003FU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x00000007U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFF000FU, 0xFFFFF87FU, 0x0FFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFF3FFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x03FFFFFFU, 0x00000000U,
+    0xA0F8007FU, 0x5F7FFDFFU, 0xFFFFFFDBU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x0003FFFFU, 0xFFF80000U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x3FFFFFFFU, 0xFFFF0000U, 0xFFFFFFFFU,
+    0xFFFCFFFFU, 0xFFFFFFFFU, 0x000000FFU, 0x0FFF0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFDF0000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x1FFFFFFFU,
+    0x00000000U, 0x07FFFFFEU, 0x07FFFFFEU, 0xFFFFFFC0U,
+    0xFFFFFFFFU, 0x7FFFFFFFU, 0x1CFCFCFCU, 0x00000000U,
+    0xFFFFEFFFU, 0xB7FFFF7FU, 0x3FFF3FFFU, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x07FFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x1FFFFFFFU, 0xFFFFFFFFU, 0x0001FFFFU, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFF0000U, 0xFFFF03FDU, 0x003FFFFFU,
+    0x3FFFFFFFU, 0xFFFFFFFFU, 0x0000FF0FU, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x3FFFFFFFU, 0xFFFF0000U, 0xFF0FFFFFU, 0x0FFFFFFFU,
+    0xFFFFFFFFU, 0xFFFF00FFU, 0xFFFFFFFFU, 0x0000000FU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x007FFFFFU, 0x003FFFFFU, 0x000000FFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFD3FU, 0x91BFFFFFU, 0x003FFFFFU, 0x007FFFFFU,
+    0x7FFFFFFFU, 0x00000000U, 0x00000000U, 0x0037FFFFU,
+    0x003FFFFFU, 0x03FFFFFFU, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xC0FFFFFFU, 0x00000000U, 0x00000000U,
+    0xFEEF0001U, 0x000FFFFFU, 0x00000000U, 0x1FFFFFFFU,
+    0x1FFFFFFFU, 0x00000000U, 0xFFFFFEFFU, 0x0000001FU,
+    0xFFFFFFFFU, 0x003FFFFFU, 0x003FFFFFU, 0x0007FFFFU,
+    0x0003FFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x000001FFU, 0x00000000U,
+    0xFFFFFFFFU, 0x0007FFFFU, 0xFFFFFFFFU, 0x0007FFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFF8U, 0x00FFFFFFU, 0x00000000U, 0x00000000U,
+    0xFFFFFFF8U, 0x0000FFFFU, 0xFFFF0000U, 0x000001FFU,
+    0xFFFFFFF8U, 0x0000007FU, 0xFFFF0000U, 0x0047FFFFU,
+    0xFFFFFFF8U, 0x0007FFFFU, 0x1400001EU, 0x00000000U,
+    0xFFFBFFFFU, 0x00000FFFU, 0x00000000U, 0x00000000U,
+    0xBFFFBD7FU, 0xFFFF01FFU, 0x7FFFFFFFU, 0x00000000U,
+    0xFFF99FE0U, 0x23EDFDFFU, 0xE0010000U, 0x00000003U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x001FFFFFU, 0x00000780U, 0x00000000U,
+    0xFFFFFFFFU, 0x0000FFFFU, 0x000000B0U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x00007FFFU, 0x0F000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x0000FFFFU, 0x00000010U, 0x00000000U,
+    0xFFFFFFFFU, 0x000007FFU, 0x00000000U, 0x00000000U,
+    0x03FFFFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x80000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFFFU, 0x01FFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFDFFU, 0x00007FFFU, 0x00000001U, 0xFFFC0000U,
+    0x0000FFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x03FFFFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000000FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x00007FFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000007FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x01FFFFFFU, 0x7FFFFFFFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFF0000U, 0x00003FFFU,
+    0xFFFFFFFFU, 0x0000FFFFU, 0x0000000FU, 0xE0FFFFF8U,
+    0x0000FFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0001001FU, 0x00000000U,
+    0xFFF80000U, 0x00000000U, 0x00000000U, 0x00000001U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x00001FFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x0007FFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000003U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x1FFF07FFU,
+    0x03FF01FFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFDFFFFFU, 0xFFFFFFFFU,
+    0xDFFFFFFFU, 0xEBFFDE64U, 0xFFFFFFEFU, 0xFFFFFFFFU,
+    0xDFDFE7BFU, 0x7BFFFFFFU, 0xFFFDFC5FU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFF3FU, 0xF7FFFFFDU, 0xF7FFFFFFU,
+    0xFFDFFFFFU, 0xFFDFFFFFU, 0xFFFF7FFFU, 0xFFFF7FFFU,
+    0xFFFFFDFFU, 0xFFFFFDFFU, 0x00000FF7U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000001FU, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000000FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFEFU, 0x0AF7FE96U, 0xAA96EA84U, 0x5EF7F796U,
+    0x0FFFFBFFU, 0x0FFFFBEEU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x007FFFFFU, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x001FFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x3FFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x00000003U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x3FFFFFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_LC.c b/lib/unistring/unictype/categ_LC.c
new file mode 100644
index 0000000..14ce800
--- /dev/null
+++ b/lib/unistring/unictype/categ_LC.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2011-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2011.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_LC table.  */
+#include "categ_LC.h"
+
+const uc_general_category_t UC_CATEGORY_LC =
+  { UC_CATEGORY_MASK_LC, 0, { &u_categ_LC } };
diff --git a/lib/unistring/unictype/categ_LC.h b/lib/unistring/unictype/categ_LC.h
new file mode 100644
index 0000000..52cf851
--- /dev/null
+++ b/lib/unistring/unictype/categ_LC.h
@@ -0,0 +1,359 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[19 << 4];
+  }
+u_categ_LC =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+        3 +   256 * sizeof (short) / sizeof (int) +   112,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   128,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   144,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   160,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   176,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   192,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   208,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   224,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   240,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   256,
+        3 +   256 * sizeof (short) / sizeof (int) +   272,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   288,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x07FFFFFEU, 0x07FFFFFEU,
+    0x00000000U, 0x00200000U, 0xFF7FFFFFU, 0xFF7FFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xF7FFFFFFU, 0xFFFFFFF0U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFEFFFFFU, 0x0000FFFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xB8CF0000U,
+    0xFFFFD740U, 0xFFFFFFFBU, 0xFFFFFFFFU, 0xFFBFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFC03U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFEFFFFU, 0x007FFFFFU, 0xFFFFFFFEU,
+    0x000000FFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFFU, 0x000020BFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x3F3FFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x000001FFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x00000FFFU, 0x00000000U, 0xFEFFF800U,
+    0x07FFFFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x3F3FFFFFU, 0xFFFFFFFFU, 0xAAFF3F3FU, 0x3FFFFFFFU,
+    0xFFFFFFFFU, 0x5FDFFFFFU, 0x0FCF1FDCU, 0x1FDC1FFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x3E2FFC84U, 0xF21FBD50U, 0x000043E0U, 0x00000000U,
+    0x00000018U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFF7FFFU, 0x7FFFFFFFU, 0xCFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x000C781FU,
+    0xFFFFFFFFU, 0x000020BFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFFFU, 0x00003FFFU,
+    0x0FFFFFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFCU, 0xFFFFFFFFU, 0xFFFEFFFFU,
+    0xFFFF78FFU, 0x00FF7FFFU, 0x00000000U, 0x04000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFF0000U, 0x07FFFFFFU, 0xFFFF003FU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00F8007FU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x07FFFFFEU, 0x07FFFFFEU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000FFFFU, 0x00000000U,
+    0x00000000U, 0xFFFF0000U, 0xFF0FFFFFU, 0x0FFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x0007FFFFU, 0xFFFFFFFFU, 0x0007FFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFDFFFFFU, 0xFFFFFFFFU,
+    0xDFFFFFFFU, 0xEBFFDE64U, 0xFFFFFFEFU, 0xFFFFFFFFU,
+    0xDFDFE7BFU, 0x7BFFFFFFU, 0xFFFDFC5FU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFF3FU, 0xF7FFFFFDU, 0xF7FFFFFFU,
+    0xFFDFFFFFU, 0xFFDFFFFFU, 0xFFFF7FFFU, 0xFFFF7FFFU,
+    0xFFFFFDFFU, 0xFFFFFDFFU, 0x00000FF7U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000000FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Ll.c b/lib/unistring/unictype/categ_Ll.c
new file mode 100644
index 0000000..efc3e9e
--- /dev/null
+++ b/lib/unistring/unictype/categ_Ll.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Ll table.  */
+#include "categ_Ll.h"
+
+const uc_general_category_t UC_CATEGORY_Ll =
+  { UC_CATEGORY_MASK_Ll, 0, { &u_categ_Ll } };
diff --git a/lib/unistring/unictype/categ_Ll.h b/lib/unistring/unictype/categ_Ll.h
new file mode 100644
index 0000000..ad9e42e
--- /dev/null
+++ b/lib/unistring/unictype/categ_Ll.h
@@ -0,0 +1,355 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[18 << 4];
+  }
+u_categ_Ll =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   112,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   128,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   144,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   160,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   176,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   192,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   208,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   224,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   240,
+        3 +   256 * sizeof (short) / sizeof (int) +   256,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   272,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x07FFFFFEU,
+    0x00000000U, 0x00200000U, 0x80000000U, 0xFF7FFFFFU,
+    0xAAAAAAAAU, 0x55AAAAAAU, 0xAAAAAB55U, 0xD4AAAAAAU,
+    0x4E243129U, 0xE6512D2AU, 0xB5555240U, 0xAA29AAAAU,
+    0xAAAAAAAAU, 0x93FAAAAAU, 0xFFFFAA85U, 0xFFFFFFFFU,
+    0xFFEFFFFFU, 0x0000FFFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x388A0000U,
+    0x00010000U, 0xFFFFF000U, 0xAAE37FFFU, 0x192FAAAAU,
+    0x00000000U, 0xFFFF0000U, 0xFFFFFFFFU, 0xAAAAAAAAU,
+    0xAAAAA802U, 0xAAAAAAAAU, 0xAAAAD554U, 0xAAAAAAAAU,
+    0xAAAAAAAAU, 0x0000AAAAU, 0x00000000U, 0xFFFFFFFEU,
+    0x000000FFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x3F000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x000001FFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x00000FFFU, 0x00000000U, 0xFEFFF800U,
+    0x07FFFFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xAAAAAAAAU, 0xAAAAAAAAU, 0xAAAAAAAAU, 0xAAAAAAAAU,
+    0xBFEAAAAAU, 0xAAAAAAAAU, 0xAAAAAAAAU, 0xAAAAAAAAU,
+    0x003F00FFU, 0x00FF00FFU, 0x00FF003FU, 0x3FFF00FFU,
+    0x00FF00FFU, 0x40DF00FFU, 0x00CF00DCU, 0x00DC00FFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0008C400U, 0x32108000U, 0x000043C0U, 0x00000000U,
+    0x00000010U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFF0000U, 0x7FFFFFFFU, 0x0FDA1562U,
+    0xAAAAAAAAU, 0xAAAAAAAAU, 0xAAAAAAAAU, 0x0008501AU,
+    0xFFFFFFFFU, 0x000020BFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xAAAAAAAAU, 0x00002AAAU,
+    0x0AAAAAAAU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xAAABAAA8U, 0xAAAAAAAAU, 0x95FEAAAAU,
+    0xAABA50AAU, 0x00A002AAU, 0x00000000U, 0x04000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFF0000U, 0x07FFFFFFU, 0xFFFF003FU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00F8007FU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x07FFFFFEU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFFF00U, 0x0000FFFFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFF000000U, 0x0FFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFFFU, 0x0007FFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFFFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFC000000U, 0x000FFFFFU, 0xFFDFC000U, 0x000000FFU,
+    0x0FFFFFFCU, 0xEBC00000U, 0x0000FFEFU, 0xFFFFFC00U,
+    0xC000000FU, 0x00FFFFFFU, 0xFFFC0000U, 0x00000FFFU,
+    0xFFFFFFC0U, 0xFC000000U, 0x000FFFFFU, 0xFFFFC000U,
+    0x000000FFU, 0x0FFFFFFCU, 0xFFC00000U, 0x0000FFFFU,
+    0xFFFFFC00U, 0x0000003FU, 0xF7FFFFFCU, 0xF0000003U,
+    0x0FDFFFFFU, 0xFFC00000U, 0x003F7FFFU, 0xFFFF0000U,
+    0x0000FDFFU, 0xFFFFFC00U, 0x00000BF7U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFCU, 0x0000000FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Lm.c b/lib/unistring/unictype/categ_Lm.c
new file mode 100644
index 0000000..80f9a17
--- /dev/null
+++ b/lib/unistring/unictype/categ_Lm.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Lm table.  */
+#include "categ_Lm.h"
+
+const uc_general_category_t UC_CATEGORY_Lm =
+  { UC_CATEGORY_MASK_Lm, 0, { &u_categ_Lm } };
diff --git a/lib/unistring/unictype/categ_Lm.h b/lib/unistring/unictype/categ_Lm.h
new file mode 100644
index 0000000..658f976
--- /dev/null
+++ b/lib/unistring/unictype/categ_Lm.h
@@ -0,0 +1,371 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[22 << 4];
+  }
+u_categ_Lm =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+        3 +   256 * sizeof (short) / sizeof (int) +   112,
+        3 +   256 * sizeof (short) / sizeof (int) +   128,
+        3 +   256 * sizeof (short) / sizeof (int) +   144,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   160,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   176,
+        3 +   256 * sizeof (short) / sizeof (int) +   192,
+        3 +   256 * sizeof (short) / sizeof (int) +   208,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   224,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   240,
+        3 +   256 * sizeof (short) / sizeof (int) +   256,
+        3 +   256 * sizeof (short) / sizeof (int) +   272,
+        3 +   256 * sizeof (short) / sizeof (int) +   288,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   304,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   320,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   336,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFF0000U, 0x0003FFC3U, 0x0000501FU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x04100000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x02000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000001U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000060U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x04300000U,
+    0x04000000U, 0x00000110U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00020000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000040U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000040U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x10000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00800000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000008U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000080U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x3F000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFF000U, 0xFFFFFFFFU, 0x010007FFU,
+    0xF8000000U, 0xFFFFFFFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x80020000U,
+    0x1FFF0000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x30000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00008000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00008000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000020U, 0x083E0000U, 0x00000000U, 0x00000000U,
+    0x60000000U, 0x00000000U, 0x00000000U, 0x70000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00200000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x3F000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00001000U, 0x00000000U, 0x00000000U, 0x80000000U,
+    0x30000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFF800000U, 0x00000000U, 0x00000000U, 0x00010000U,
+    0x00000100U, 0x00000000U, 0x00000000U, 0x03000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00008000U, 0x00000040U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00010000U,
+    0x00000000U, 0x00000000U, 0x20000000U, 0x00180000U,
+    0x00000000U, 0x00000000U, 0xF0000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00010000U,
+    0xC0000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000000FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFF80000U, 0x00000000U, 0x00000000U, 0x00000001U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Lo.c b/lib/unistring/unictype/categ_Lo.c
new file mode 100644
index 0000000..9f971ec
--- /dev/null
+++ b/lib/unistring/unictype/categ_Lo.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Lo table.  */
+#include "categ_Lo.h"
+
+const uc_general_category_t UC_CATEGORY_Lo =
+  { UC_CATEGORY_MASK_Lo, 0, { &u_categ_Lo } };
diff --git a/lib/unistring/unictype/categ_Lo.h b/lib/unistring/unictype/categ_Lo.h
new file mode 100644
index 0000000..d7399eb
--- /dev/null
+++ b/lib/unistring/unictype/categ_Lo.h
@@ -0,0 +1,660 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[3];
+    short level2[3 << 7];
+    unsigned int level3[62 << 4];
+  }
+u_categ_Lo =
+{
+  { 3 },
+  {
+        4 * sizeof (int) / sizeof (short) +     0,
+        4 * sizeof (int) / sizeof (short) +   128,
+        4 * sizeof (int) / sizeof (short) +   256
+  },
+  {
+        4 +   384 * sizeof (short) / sizeof (int) +     0,
+        4 +   384 * sizeof (short) / sizeof (int) +    16,
+        4 +   384 * sizeof (short) / sizeof (int) +    32,
+        4 +   384 * sizeof (short) / sizeof (int) +    48,
+        4 +   384 * sizeof (short) / sizeof (int) +    64,
+        4 +   384 * sizeof (short) / sizeof (int) +    80,
+        4 +   384 * sizeof (short) / sizeof (int) +    96,
+        4 +   384 * sizeof (short) / sizeof (int) +   112,
+        4 +   384 * sizeof (short) / sizeof (int) +   128,
+        4 +   384 * sizeof (short) / sizeof (int) +   144,
+        4 +   384 * sizeof (short) / sizeof (int) +   160,
+        4 +   384 * sizeof (short) / sizeof (int) +   176,
+        4 +   384 * sizeof (short) / sizeof (int) +   192,
+        4 +   384 * sizeof (short) / sizeof (int) +   208,
+        4 +   384 * sizeof (short) / sizeof (int) +   224,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   240,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   256,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   272,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   304,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   320,
+        4 +   384 * sizeof (short) / sizeof (int) +   336,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   352,
+        4 +   384 * sizeof (short) / sizeof (int) +   368,
+        4 +   384 * sizeof (short) / sizeof (int) +   384,
+        4 +   384 * sizeof (short) / sizeof (int) +   400,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   416,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   432,
+        4 +   384 * sizeof (short) / sizeof (int) +   448,
+        4 +   384 * sizeof (short) / sizeof (int) +   464,
+        4 +   384 * sizeof (short) / sizeof (int) +   480,
+        4 +   384 * sizeof (short) / sizeof (int) +   496,
+        4 +   384 * sizeof (short) / sizeof (int) +   512,
+        4 +   384 * sizeof (short) / sizeof (int) +   528,
+        4 +   384 * sizeof (short) / sizeof (int) +   544,
+        4 +   384 * sizeof (short) / sizeof (int) +   560,
+        4 +   384 * sizeof (short) / sizeof (int) +   576,
+        4 +   384 * sizeof (short) / sizeof (int) +   592,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   608,
+        4 +   384 * sizeof (short) / sizeof (int) +   624,
+        4 +   384 * sizeof (short) / sizeof (int) +   640,
+        4 +   384 * sizeof (short) / sizeof (int) +   656,
+        4 +   384 * sizeof (short) / sizeof (int) +   672,
+        4 +   384 * sizeof (short) / sizeof (int) +   688,
+        4 +   384 * sizeof (short) / sizeof (int) +   704,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   720,
+        4 +   384 * sizeof (short) / sizeof (int) +   736,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   752,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   768,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   784,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   800,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   816,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   832,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   848,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   864,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   880,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   896,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   912,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   928,
+        4 +   384 * sizeof (short) / sizeof (int) +   944,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   960,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        4 +   384 * sizeof (short) / sizeof (int) +   288,
+        4 +   384 * sizeof (short) / sizeof (int) +   976,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x04000400U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x08000000U, 0x0000000FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00100000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFF0000U, 0x000707FFU,
+    0x00000000U, 0xFFFFFFFFU, 0x000007FEU, 0xFFFEC000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x002FFFFFU, 0x9C00C000U,
+    0xFFFD0000U, 0x0000FFFFU, 0xFFFFE000U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x0002003FU, 0xFFFFFC00U, 0x000007FFU,
+    0x003FFFFFU, 0x00000000U, 0x01FFFFFFU, 0x00000000U,
+    0x00000000U, 0x3FDFFFFFU, 0x00000000U, 0x00000000U,
+    0xFFFFFFF0U, 0x23FFFFFFU, 0xFF010000U, 0xFFFC0003U,
+    0xFFF99FE1U, 0x23C5FDFFU, 0xB0004000U, 0x00030003U,
+    0xFFF987E0U, 0x036DFDFFU, 0x5E000000U, 0x001C0000U,
+    0xFFFBBFE0U, 0x23EDFDFFU, 0x00010000U, 0x02000003U,
+    0xFFF99FE0U, 0x23EDFDFFU, 0xB0000000U, 0x00020003U,
+    0xD63DC7E8U, 0x03FFC718U, 0x00010000U, 0x00000000U,
+    0xFFFDDFE0U, 0x23FFFDFFU, 0x07000000U, 0x00000003U,
+    0xFFFDDFE1U, 0x23EFFDFFU, 0x40000000U, 0x00060003U,
+    0xFFFDDFE0U, 0x27FFFFFFU, 0x80704000U, 0xFC000003U,
+    0xFC7FFFE0U, 0x2FFBFFFFU, 0x0000007FU, 0x00000000U,
+    0xFFFFFFFEU, 0x000DFFFFU, 0x0000003FU, 0x00000000U,
+    0xFEF02596U, 0x200DECAEU, 0xF000001FU, 0x00000000U,
+    0x00000001U, 0x00000000U, 0xFFFFFEFFU, 0x00001FFFU,
+    0x00001F00U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x800007FFU, 0x3C3F0000U, 0xFFE1C062U,
+    0x00004003U, 0x00000000U, 0xFFFF0000U, 0xE7FFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x3D7F3DFFU, 0xFFFFFFFFU,
+    0xFFFF3DFFU, 0x7F3DFFFFU, 0xFF7FFF3DU, 0xFFFFFFFFU,
+    0xFF3DFFFFU, 0xFFFFFFFFU, 0x07FFFFFFU, 0x00000000U,
+    0x0000FFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFEU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFF9FFFU,
+    0x07FFFFFEU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x01FE07FFU,
+    0x0003DFFFU, 0x0003FFFFU, 0x0003FFFFU, 0x0001DFFFU,
+    0xFFFFFFFFU, 0x000FFFFFU, 0x10000000U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFFU, 0xFFFFFFF7U, 0x00FFFFFFU,
+    0xFFFFFF9FU, 0xFFFF05FFU, 0xFFFFFFFFU, 0x003FFFFFU,
+    0x7FFFFFFFU, 0x00000000U, 0xFFFF0000U, 0x001F3FFFU,
+    0xFFFFFFFFU, 0xFFFF0FFFU, 0x000003FFU, 0x00000000U,
+    0x007FFFFFU, 0xFFFFFFFFU, 0x001FFFFFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFE0U, 0x000FFFFFU, 0x00000FE0U, 0x00000000U,
+    0xFFFFFFF8U, 0xFC00C001U, 0xFFFFFFFFU, 0x0000003FU,
+    0xFFFFFFFFU, 0x0000000FU, 0xFC00E000U, 0x00FFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0063DE00U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x01E00000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFF0000U, 0xFFFFFFFFU, 0x000000FFU,
+    0x007FFFFFU, 0x7F7F7F7FU, 0x7F7F7F7FU, 0x00000000U,
+    0x00000040U, 0x10000000U, 0xFFFFFFFEU, 0xFFFFFFFFU,
+    0x807FFFFFU, 0xFFFFFFFEU, 0xFFFFFFFFU, 0x87FFFFFFU,
+    0xFFFFFFE0U, 0xFFFE3FFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00007FFFU, 0x07FFFFFFU, 0x00000000U, 0xFFFF0000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x003FFFFFU, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x003FFFFFU, 0x00000000U,
+    0xFFDFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00001FFFU, 0x00000000U, 0xFFFF0000U, 0x00FFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFF0FFFU, 0x00000C00U, 0x00000000U, 0x00004000U,
+    0x00000000U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000003FU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00008000U, 0x00000000U, 0x00000000U, 0xF8800000U,
+    0xFFFFF7BBU, 0x00000007U, 0xFFFFFFFFU, 0x000FFFFFU,
+    0xFFFFFFFCU, 0x000FFFFFU, 0x00000000U, 0x28FC0000U,
+    0xFFFFFC00U, 0xFFFF003FU, 0x0000007FU, 0x1FFFFFFFU,
+    0xFFFFFFF0U, 0x0007FFFFU, 0x00000000U, 0x7C00FF9FU,
+    0xFFFFFFFFU, 0x000001FFU, 0x00000FF7U, 0xC47EFFFFU,
+    0xFFFFFFFFU, 0x3E62FFFFU, 0x18000005U, 0x000407FFU,
+    0x007E7E7EU, 0x00007F7FU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFFFU, 0x00000007U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFF000FU, 0xFFFFF87FU, 0x0FFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFF3FFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x03FFFFFFU, 0x00000000U,
+    0xA0000000U, 0x5F7FFDFFU, 0xFFFFFFDBU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x0003FFFFU, 0xFFF80000U, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x3FFFFFFFU, 0xFFFF0000U, 0xFFFFFFFFU,
+    0xFFFCFFFFU, 0xFFFFFFFFU, 0x000000FFU, 0x0FFF0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFDF0000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x1FFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFFEFFC0U,
+    0x3FFFFFFFU, 0x7FFFFFFFU, 0x1CFCFCFCU, 0x00000000U,
+    0xFFFFEFFFU, 0xB7FFFF7FU, 0x3FFF3FFFU, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x07FFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x1FFFFFFFU, 0xFFFFFFFFU, 0x0001FFFFU, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFF0000U, 0xFFFF03FDU, 0x003FFFFFU,
+    0x3FFFFFFFU, 0xFFFFFFFFU, 0x0000FF0FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFF0000U, 0xFFFFFFFFU,
+    0x3FFFFFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFF00FFU, 0xFFFFFFFFU, 0x0000000FU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x007FFFFFU, 0x003FFFFFU, 0x000000FFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFD3FU, 0x91BFFFFFU, 0x003FFFFFU, 0x007FFFFFU,
+    0x7FFFFFFFU, 0x00000000U, 0x00000000U, 0x0037FFFFU,
+    0x003FFFFFU, 0x03FFFFFFU, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xC0FFFFFFU, 0x00000000U, 0x00000000U,
+    0xFEEF0001U, 0x000FFFFFU, 0x00000000U, 0x1FFFFFFFU,
+    0x1FFFFFFFU, 0x00000000U, 0xFFFFFEFFU, 0x0000001FU,
+    0xFFFFFFFFU, 0x003FFFFFU, 0x003FFFFFU, 0x0007FFFFU,
+    0x0003FFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x000001FFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFF8U, 0x00FFFFFFU, 0x00000000U, 0x00000000U,
+    0xFFFFFFF8U, 0x0000FFFFU, 0xFFFF0000U, 0x000001FFU,
+    0xFFFFFFF8U, 0x0000007FU, 0xFFFF0000U, 0x0047FFFFU,
+    0xFFFFFFF8U, 0x0007FFFFU, 0x1400001EU, 0x00000000U,
+    0xFFFBFFFFU, 0x00000FFFU, 0x00000000U, 0x00000000U,
+    0xBFFFBD7FU, 0xFFFF01FFU, 0x7FFFFFFFU, 0x00000000U,
+    0xFFF99FE0U, 0x23EDFDFFU, 0xE0010000U, 0x00000003U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x001FFFFFU, 0x00000780U, 0x00000000U,
+    0xFFFFFFFFU, 0x0000FFFFU, 0x000000B0U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x00007FFFU, 0x0F000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x0000FFFFU, 0x00000010U, 0x00000000U,
+    0xFFFFFFFFU, 0x000007FFU, 0x00000000U, 0x00000000U,
+    0x03FFFFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x80000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFFFU, 0x01FFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFDFFU, 0x00007FFFU, 0x00000001U, 0xFFFC0000U,
+    0x0000FFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x03FFFFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000000FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x00007FFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000007FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x01FFFFFFU, 0x7FFFFFFFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFF0000U, 0x00003FFFU,
+    0xFFFFFFFFU, 0x0000FFFFU, 0x00000000U, 0xE0FFFFF8U,
+    0x0000FFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0001001FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x00001FFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x0007FFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000003U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x1FFF07FFU,
+    0x03FF01FFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000001FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFEFU, 0x0AF7FE96U, 0xAA96EA84U, 0x5EF7F796U,
+    0x0FFFFBFFU, 0x0FFFFBEEU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x007FFFFFU, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x001FFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x3FFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0x00000003U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x3FFFFFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Lt.c b/lib/unistring/unictype/categ_Lt.c
new file mode 100644
index 0000000..39ae49d
--- /dev/null
+++ b/lib/unistring/unictype/categ_Lt.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Lt table.  */
+#include "categ_Lt.h"
+
+const uc_general_category_t UC_CATEGORY_Lt =
+  { UC_CATEGORY_MASK_Lt, 0, { &u_categ_Lt } };
diff --git a/lib/unistring/unictype/categ_Lt.h b/lib/unistring/unictype/categ_Lt.h
new file mode 100644
index 0000000..f9d6683
--- /dev/null
+++ b/lib/unistring/unictype/categ_Lt.h
@@ -0,0 +1,160 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[2 << 4];
+  }
+u_categ_Lt =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000920U, 0x00040000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFF00FF00U, 0x1000FF00U, 0x00001000U, 0x10000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Lu.c b/lib/unistring/unictype/categ_Lu.c
new file mode 100644
index 0000000..1509706
--- /dev/null
+++ b/lib/unistring/unictype/categ_Lu.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Lu table.  */
+#include "categ_Lu.h"
+
+const uc_general_category_t UC_CATEGORY_Lu =
+  { UC_CATEGORY_MASK_Lu, 0, { &u_categ_Lu } };
diff --git a/lib/unistring/unictype/categ_Lu.h b/lib/unistring/unictype/categ_Lu.h
new file mode 100644
index 0000000..c21aa9a
--- /dev/null
+++ b/lib/unistring/unictype/categ_Lu.h
@@ -0,0 +1,347 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[16 << 4];
+  }
+u_categ_Lu =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   112,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   128,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   144,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   160,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   176,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   192,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   208,
+        3 +   256 * sizeof (short) / sizeof (int) +   224,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   240,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x07FFFFFEU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x7F7FFFFFU, 0x00000000U,
+    0x55555555U, 0xAA555555U, 0x555554AAU, 0x2B555555U,
+    0xB1DBCED6U, 0x11AED2D5U, 0x4AAAA490U, 0x55D25555U,
+    0x55555555U, 0x6C055555U, 0x0000557AU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x80450000U,
+    0xFFFED740U, 0x00000FFBU, 0x551C8000U, 0xE6905555U,
+    0xFFFFFFFFU, 0x0000FFFFU, 0x00000000U, 0x55555555U,
+    0x55555401U, 0x55555555U, 0x55552AABU, 0x55555555U,
+    0x55555555U, 0xFFFE5555U, 0x007FFFFFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFFU, 0x000020BFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x003FFFFFU,
+    0x55555555U, 0x55555555U, 0x55555555U, 0x55555555U,
+    0x40155555U, 0x55555555U, 0x55555555U, 0x55555555U,
+    0x3F00FF00U, 0xFF00FF00U, 0xAA003F00U, 0x0000FF00U,
+    0x00000000U, 0x0F000000U, 0x0F000F00U, 0x0F001F00U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x3E273884U, 0xC00F3D50U, 0x00000020U, 0x00000000U,
+    0x00000008U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x00007FFFU, 0x00000000U, 0xC025EA9DU,
+    0x55555555U, 0x55555555U, 0x55555555U, 0x00042805U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x55555555U, 0x00001555U,
+    0x05555555U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x55545554U, 0x55555555U, 0x6A005555U,
+    0x55452855U, 0x005F7D55U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x07FFFFFEU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x000000FFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFF0000U, 0x000FFFFFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x0007FFFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFFFFFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x03FFFFFFU, 0xFFF00000U, 0x00003FFFU, 0xFFFFFF00U,
+    0xD0000003U, 0x003FDE64U, 0xFFFF0000U, 0x000003FFU,
+    0x1FDFE7B0U, 0x7B000000U, 0x0001FC5FU, 0xFFFFF000U,
+    0x0000003FU, 0x03FFFFFFU, 0xFFF00000U, 0x00003FFFU,
+    0xFFFFFF00U, 0xF0000003U, 0x003FFFFFU, 0xFFFF0000U,
+    0x000003FFU, 0xFFFFFF00U, 0x00000001U, 0x07FFFFFCU,
+    0xF0000000U, 0x001FFFFFU, 0xFFC00000U, 0x00007FFFU,
+    0xFFFF0000U, 0x000001FFU, 0x00000400U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x00000003U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_M.c b/lib/unistring/unictype/categ_M.c
new file mode 100644
index 0000000..bbc394b
--- /dev/null
+++ b/lib/unistring/unictype/categ_M.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_M table.  */
+#include "categ_M.h"
+
+const uc_general_category_t UC_CATEGORY_M =
+  { UC_CATEGORY_MASK_M, 0, { &u_categ_M } };
diff --git a/lib/unistring/unictype/categ_M.h b/lib/unistring/unictype/categ_M.h
new file mode 100644
index 0000000..d3e03fd
--- /dev/null
+++ b/lib/unistring/unictype/categ_M.h
@@ -0,0 +1,576 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[15];
+    short level2[3 << 7];
+    unsigned int level3[38 << 4];
+  }
+u_categ_M =
+{
+  { 15 },
+  {
+       16 * sizeof (int) / sizeof (short) +     0,
+       16 * sizeof (int) / sizeof (short) +   128,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 * sizeof (int) / sizeof (short) +   256
+  },
+  {
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +     0,
+       16 +   384 * sizeof (short) / sizeof (int) +    16,
+       16 +   384 * sizeof (short) / sizeof (int) +    32,
+       16 +   384 * sizeof (short) / sizeof (int) +    48,
+       16 +   384 * sizeof (short) / sizeof (int) +    64,
+       16 +   384 * sizeof (short) / sizeof (int) +    80,
+       16 +   384 * sizeof (short) / sizeof (int) +    96,
+       16 +   384 * sizeof (short) / sizeof (int) +   112,
+       16 +   384 * sizeof (short) / sizeof (int) +   128,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   144,
+       16 +   384 * sizeof (short) / sizeof (int) +   160,
+       16 +   384 * sizeof (short) / sizeof (int) +   176,
+       16 +   384 * sizeof (short) / sizeof (int) +   192,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   208,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   224,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   240,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   256,
+       16 +   384 * sizeof (short) / sizeof (int) +   272,
+       16 +   384 * sizeof (short) / sizeof (int) +   288,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   304,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   320,
+       16 +   384 * sizeof (short) / sizeof (int) +   336,
+       16 +   384 * sizeof (short) / sizeof (int) +   352,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   368,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   384,
+       16 +   384 * sizeof (short) / sizeof (int) +   400,
+       16 +   384 * sizeof (short) / sizeof (int) +   416,
+       16 +   384 * sizeof (short) / sizeof (int) +   432,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   448,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   464,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   480,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   496,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   512,
+       16 +   384 * sizeof (short) / sizeof (int) +   528,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   544,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   560,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   576,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   592,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000FFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x000003F8U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFE0000U, 0xBFFFFFFFU, 0x000000B6U, 0x00000000U,
+    0x07FF0000U, 0x00000000U, 0xFFFFF800U, 0x00010000U,
+    0x00000000U, 0x00000000U, 0x9FC00000U, 0x00003D9FU,
+    0x00020000U, 0xFFFF0000U, 0x000007FFU, 0x00000000U,
+    0x00000000U, 0x0001FFC0U, 0x00000000U, 0x000FF800U,
+    0xFBC00000U, 0x00003EEFU, 0x0E000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFF00000U, 0xFFFFFFFBU,
+    0x0000000FU, 0xDC000000U, 0x00FEFFFFU, 0x0000000CU,
+    0x0000000EU, 0xD0000000U, 0x0080399FU, 0x0000000CU,
+    0x0000000EU, 0xD0000000U, 0x00023987U, 0x00230000U,
+    0x0000000EU, 0xD0000000U, 0x00003BBFU, 0x0000000CU,
+    0x0000000EU, 0xD0000000U, 0x00C0399FU, 0x0000000CU,
+    0x00000004U, 0xC0000000U, 0x00803DC7U, 0x00000000U,
+    0x0000000FU, 0xC0000000U, 0x00603DDFU, 0x0000000CU,
+    0x0000000EU, 0xD0000000U, 0x00603DDFU, 0x0000000CU,
+    0x0000000EU, 0xC0000000U, 0x00803DDFU, 0x0000000CU,
+    0x0000000CU, 0x00000000U, 0xFF5F8400U, 0x000C0000U,
+    0x00000000U, 0x07F20000U, 0x00007F80U, 0x00000000U,
+    0x00000000U, 0x1BF20000U, 0x00003F00U, 0x00000000U,
+    0x03000000U, 0xC2A00000U, 0x00000000U, 0xFFFE0000U,
+    0xFEFFE0DFU, 0x1FFFFFFFU, 0x00000040U, 0x00000000U,
+    0x00000000U, 0x7FFFF800U, 0xC3C00000U, 0x001E3F9DU,
+    0x3C00BFFCU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xE0000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x001C0000U, 0x001C0000U, 0x000C0000U, 0x000C0000U,
+    0x00000000U, 0xFFF00000U, 0x200FFFFFU, 0x00000000U,
+    0x00003800U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000060U, 0x00000200U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x0FFF0FFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0F800000U, 0x00000000U, 0x7FE00000U, 0x9FFFFFFFU,
+    0x00000000U, 0x7FFF0000U, 0x00000000U, 0x00000000U,
+    0x0000001FU, 0xFFF00000U, 0x0000001FU, 0x000FF800U,
+    0x00000007U, 0x00003FFEU, 0x00000000U, 0x000FFFC0U,
+    0x00000000U, 0x00FFFFF0U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFF70000U, 0x031C21FFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFFFU, 0xF83FFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFF0000U, 0x0001FFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00038000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x80000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFFFFFFFU,
+    0x00000000U, 0x0000FC00U, 0x00000000U, 0x00000000U,
+    0x06000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x3FF78000U,
+    0xC0000000U, 0x00000000U, 0x00000000U, 0x00030000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000844U, 0x000000F8U, 0x00000000U, 0x00000000U,
+    0x00000003U, 0xFFF00000U, 0x0000003FU, 0x0003FFFFU,
+    0x00000000U, 0x00003FC0U, 0x000FFF80U, 0x00000000U,
+    0x0000000FU, 0xFFF80000U, 0x00000001U, 0x00000020U,
+    0x00000000U, 0x007FFE00U, 0x00003008U, 0x38000000U,
+    0x00000000U, 0xC19D0000U, 0x00000002U, 0x0060F800U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x000037F8U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x40000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000FFFFU, 0x0000FFFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x20000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000001U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x07C00000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000F06EU, 0x87000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000060U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000007U, 0xFF000000U, 0x0000007FU, 0x80000000U,
+    0x00000007U, 0x07FF0000U, 0x00000000U, 0x00000000U,
+    0x00000007U, 0x001FFF80U, 0x00000000U, 0x00080000U,
+    0x00000007U, 0xFFF80000U, 0x00001C01U, 0x00000000U,
+    0x00000000U, 0x40FFF000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x80000000U, 0x000007FFU,
+    0x0000000FU, 0xD0000000U, 0x0080399FU, 0x001F1FCCU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFE00000U, 0x0000007FU, 0x00000000U,
+    0x00000000U, 0xFFFF0000U, 0x0000000FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFF3F8000U, 0x30000001U, 0x00000000U,
+    0x00000000U, 0xFFFF0000U, 0x00000001U, 0x00000000U,
+    0x00000000U, 0x00FFF800U, 0x00000000U, 0x00000000U,
+    0xE0000000U, 0x00000FFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFF7F8000U, 0x00000000U, 0x00000000U,
+    0xFFFC0000U, 0x007FFEFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x001F0000U,
+    0x00000000U, 0x007F0000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFE0000U, 0x7FFFFFFFU,
+    0x00078000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x60000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xF807E3E0U,
+    0x00000FE7U, 0x00003C00U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000001CU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xF87FFFFFU, 0xFFFFFFFFU, 0x00201FFFU,
+    0xF8000010U, 0x0000FFFEU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xF9FFFF7FU, 0x000007DBU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x007F0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x000007F0U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000FFFFU
+  }
+};
diff --git a/lib/unistring/unictype/categ_Mc.c b/lib/unistring/unictype/categ_Mc.c
new file mode 100644
index 0000000..c1a5420
--- /dev/null
+++ b/lib/unistring/unictype/categ_Mc.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Mc table.  */
+#include "categ_Mc.h"
+
+const uc_general_category_t UC_CATEGORY_Mc =
+  { UC_CATEGORY_MASK_Mc, 0, { &u_categ_Mc } };
diff --git a/lib/unistring/unictype/categ_Mc.h b/lib/unistring/unictype/categ_Mc.h
new file mode 100644
index 0000000..89ffe6c
--- /dev/null
+++ b/lib/unistring/unictype/categ_Mc.h
@@ -0,0 +1,359 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[19 << 4];
+  }
+u_categ_Mc =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+        3 +   256 * sizeof (short) / sizeof (int) +   112,
+        3 +   256 * sizeof (short) / sizeof (int) +   128,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   144,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   160,
+        3 +   256 * sizeof (short) / sizeof (int) +   176,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   192,
+        3 +   256 * sizeof (short) / sizeof (int) +   208,
+        3 +   256 * sizeof (short) / sizeof (int) +   224,
+        3 +   256 * sizeof (short) / sizeof (int) +   240,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   256,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   272,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   288,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000008U, 0xC8000000U, 0x0000DE01U, 0x00000000U,
+    0x0000000CU, 0xC0000000U, 0x00801981U, 0x00000000U,
+    0x00000008U, 0xC0000000U, 0x00000001U, 0x00000000U,
+    0x00000008U, 0xC0000000U, 0x00001A01U, 0x00000000U,
+    0x0000000CU, 0x40000000U, 0x00801981U, 0x00000000U,
+    0x00000000U, 0xC0000000U, 0x00801DC6U, 0x00000000U,
+    0x0000000EU, 0x00000000U, 0x0000001EU, 0x00000000U,
+    0x0000000CU, 0x40000000U, 0x00600D9FU, 0x00000000U,
+    0x0000000CU, 0xC0000000U, 0x00801DC1U, 0x00000000U,
+    0x0000000CU, 0x00000000U, 0xFF038000U, 0x000C0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xC0000000U, 0x00000000U, 0x80000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x19021800U, 0x00C00000U, 0x00003F9CU,
+    0x1C009F98U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xC0400000U, 0x000001BFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x01FB0E78U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x06000000U, 0x00000000U, 0x00A00000U, 0x0007E01AU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000010U, 0xE8200000U, 0x0000001BU, 0x00000000U,
+    0x00000004U, 0x000004C2U, 0x00000000U, 0x000C5C80U,
+    0x00000000U, 0x00300FF0U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x000C0002U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x0000C000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000098U, 0x00000000U, 0x00000000U,
+    0x00000003U, 0xFFF00000U, 0x0000000FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x000C0000U, 0x00000000U,
+    0x00000008U, 0xEC300000U, 0x00000001U, 0x00000000U,
+    0x00000000U, 0x00198000U, 0x00002000U, 0x28000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0020C800U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x000016D8U,
+    0x00000005U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000004U, 0x01870000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00001000U, 0x00000000U, 0x00000000U,
+    0x00000004U, 0x80380000U, 0x00000001U, 0x00000000U,
+    0x00000000U, 0x002C7000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000007U,
+    0x0000000CU, 0xC0000000U, 0x0080399EU, 0x0000000CU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00E00000U, 0x00000023U, 0x00000000U,
+    0x00000000U, 0x7A070000U, 0x00000002U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x4F038000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x58070000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x0040D000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000043U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x40008000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00120200U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFE0000U, 0x7FFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0007E060U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Me.c b/lib/unistring/unictype/categ_Me.c
new file mode 100644
index 0000000..9e590ab
--- /dev/null
+++ b/lib/unistring/unictype/categ_Me.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Me table.  */
+#include "categ_Me.h"
+
+const uc_general_category_t UC_CATEGORY_Me =
+  { UC_CATEGORY_MASK_Me, 0, { &u_categ_Me } };
diff --git a/lib/unistring/unictype/categ_Me.h b/lib/unistring/unictype/categ_Me.h
new file mode 100644
index 0000000..ea68dbf
--- /dev/null
+++ b/lib/unistring/unictype/categ_Me.h
@@ -0,0 +1,168 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[4 << 4];
+  }
+u_categ_Me =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    48,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000300U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x40000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xE0000000U, 0x0000001DU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00070000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Mn.c b/lib/unistring/unictype/categ_Mn.c
new file mode 100644
index 0000000..57e5524
--- /dev/null
+++ b/lib/unistring/unictype/categ_Mn.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Mn table.  */
+#include "categ_Mn.h"
+
+const uc_general_category_t UC_CATEGORY_Mn =
+  { UC_CATEGORY_MASK_Mn, 0, { &u_categ_Mn } };
diff --git a/lib/unistring/unictype/categ_Mn.h b/lib/unistring/unictype/categ_Mn.h
new file mode 100644
index 0000000..06e660a
--- /dev/null
+++ b/lib/unistring/unictype/categ_Mn.h
@@ -0,0 +1,576 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[15];
+    short level2[3 << 7];
+    unsigned int level3[38 << 4];
+  }
+u_categ_Mn =
+{
+  { 15 },
+  {
+       16 * sizeof (int) / sizeof (short) +     0,
+       16 * sizeof (int) / sizeof (short) +   128,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 * sizeof (int) / sizeof (short) +   256
+  },
+  {
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +     0,
+       16 +   384 * sizeof (short) / sizeof (int) +    16,
+       16 +   384 * sizeof (short) / sizeof (int) +    32,
+       16 +   384 * sizeof (short) / sizeof (int) +    48,
+       16 +   384 * sizeof (short) / sizeof (int) +    64,
+       16 +   384 * sizeof (short) / sizeof (int) +    80,
+       16 +   384 * sizeof (short) / sizeof (int) +    96,
+       16 +   384 * sizeof (short) / sizeof (int) +   112,
+       16 +   384 * sizeof (short) / sizeof (int) +   128,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   144,
+       16 +   384 * sizeof (short) / sizeof (int) +   160,
+       16 +   384 * sizeof (short) / sizeof (int) +   176,
+       16 +   384 * sizeof (short) / sizeof (int) +   192,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   208,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   224,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   240,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   256,
+       16 +   384 * sizeof (short) / sizeof (int) +   272,
+       16 +   384 * sizeof (short) / sizeof (int) +   288,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   304,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   320,
+       16 +   384 * sizeof (short) / sizeof (int) +   336,
+       16 +   384 * sizeof (short) / sizeof (int) +   352,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   368,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   384,
+       16 +   384 * sizeof (short) / sizeof (int) +   400,
+       16 +   384 * sizeof (short) / sizeof (int) +   416,
+       16 +   384 * sizeof (short) / sizeof (int) +   432,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   448,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   464,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   480,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   496,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   512,
+       16 +   384 * sizeof (short) / sizeof (int) +   528,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   544,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   560,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   576,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   592,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000FFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x000000F8U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFE0000U, 0xBFFFFFFFU, 0x000000B6U, 0x00000000U,
+    0x07FF0000U, 0x00000000U, 0xFFFFF800U, 0x00010000U,
+    0x00000000U, 0x00000000U, 0x9FC00000U, 0x00003D9FU,
+    0x00020000U, 0xFFFF0000U, 0x000007FFU, 0x00000000U,
+    0x00000000U, 0x0001FFC0U, 0x00000000U, 0x000FF800U,
+    0xFBC00000U, 0x00003EEFU, 0x0E000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFF00000U, 0xFFFFFFFBU,
+    0x00000007U, 0x14000000U, 0x00FE21FEU, 0x0000000CU,
+    0x00000002U, 0x10000000U, 0x0000201EU, 0x0000000CU,
+    0x00000006U, 0x10000000U, 0x00023986U, 0x00230000U,
+    0x00000006U, 0x10000000U, 0x000021BEU, 0x0000000CU,
+    0x00000002U, 0x90000000U, 0x0040201EU, 0x0000000CU,
+    0x00000004U, 0x00000000U, 0x00002001U, 0x00000000U,
+    0x00000001U, 0xC0000000U, 0x00603DC1U, 0x0000000CU,
+    0x00000002U, 0x90000000U, 0x00003040U, 0x0000000CU,
+    0x00000002U, 0x00000000U, 0x0000201EU, 0x0000000CU,
+    0x00000000U, 0x00000000U, 0x005C0400U, 0x00000000U,
+    0x00000000U, 0x07F20000U, 0x00007F80U, 0x00000000U,
+    0x00000000U, 0x1BF20000U, 0x00003F00U, 0x00000000U,
+    0x03000000U, 0x02A00000U, 0x00000000U, 0x7FFE0000U,
+    0xFEFFE0DFU, 0x1FFFFFFFU, 0x00000040U, 0x00000000U,
+    0x00000000U, 0x66FDE000U, 0xC3000000U, 0x001E0001U,
+    0x20002064U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xE0000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x001C0000U, 0x001C0000U, 0x000C0000U, 0x000C0000U,
+    0x00000000U, 0x3FB00000U, 0x200FFE40U, 0x00000000U,
+    0x00003800U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000060U, 0x00000200U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x0E040187U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x09800000U, 0x00000000U, 0x7F400000U, 0x9FF81FE5U,
+    0x00000000U, 0x3FFF0000U, 0x00000000U, 0x00000000U,
+    0x0000000FU, 0x17D00000U, 0x00000004U, 0x000FF800U,
+    0x00000003U, 0x00003B3CU, 0x00000000U, 0x0003A340U,
+    0x00000000U, 0x00CFF000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFF70000U, 0x031021FDU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFFFU, 0xF83FFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x1FFF0000U, 0x0001FFE2U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00038000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x80000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00003C00U, 0x00000000U, 0x00000000U,
+    0x06000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x3FF08000U,
+    0xC0000000U, 0x00000000U, 0x00000000U, 0x00030000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000844U, 0x00000060U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000030U, 0x0003FFFFU,
+    0x00000000U, 0x00003FC0U, 0x0003FF80U, 0x00000000U,
+    0x00000007U, 0x13C80000U, 0x00000000U, 0x00000020U,
+    0x00000000U, 0x00667E00U, 0x00001008U, 0x10000000U,
+    0x00000000U, 0xC19D0000U, 0x00000002U, 0x00403000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00002120U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x40000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000FFFFU, 0x0000FFFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x20000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000001U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x07C00000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000F06EU, 0x87000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000060U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000002U, 0xFF000000U, 0x0000007FU, 0x80000000U,
+    0x00000003U, 0x06780000U, 0x00000000U, 0x00000000U,
+    0x00000007U, 0x001FEF80U, 0x00000000U, 0x00080000U,
+    0x00000003U, 0x7FC00000U, 0x00001C00U, 0x00000000U,
+    0x00000000U, 0x40D38000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x80000000U, 0x000007F8U,
+    0x00000003U, 0x10000000U, 0x00000001U, 0x001F1FC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFF000000U, 0x0000005CU, 0x00000000U,
+    0x00000000U, 0x85F80000U, 0x0000000DU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xB03C0000U, 0x30000001U, 0x00000000U,
+    0x00000000U, 0xA7F80000U, 0x00000001U, 0x00000000U,
+    0x00000000U, 0x00BF2800U, 0x00000000U, 0x00000000U,
+    0xE0000000U, 0x00000FBCU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xBF7F0000U, 0x00000000U, 0x00000000U,
+    0xFFFC0000U, 0x006DFCFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x001F0000U,
+    0x00000000U, 0x007F0000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00078000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x60000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xF8000380U,
+    0x00000FE7U, 0x00003C00U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000001CU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xF87FFFFFU, 0xFFFFFFFFU, 0x00201FFFU,
+    0xF8000010U, 0x0000FFFEU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xF9FFFF7FU, 0x000007DBU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x007F0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x000007F0U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x0000FFFFU
+  }
+};
diff --git a/lib/unistring/unictype/categ_N.c b/lib/unistring/unictype/categ_N.c
new file mode 100644
index 0000000..51f367d
--- /dev/null
+++ b/lib/unistring/unictype/categ_N.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_N table.  */
+#include "categ_N.h"
+
+const uc_general_category_t UC_CATEGORY_N =
+  { UC_CATEGORY_MASK_N, 0, { &u_categ_N } };
diff --git a/lib/unistring/unictype/categ_N.h b/lib/unistring/unictype/categ_N.h
new file mode 100644
index 0000000..3287963
--- /dev/null
+++ b/lib/unistring/unictype/categ_N.h
@@ -0,0 +1,447 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[41 << 4];
+  }
+u_categ_N =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+        3 +   256 * sizeof (short) / sizeof (int) +   112,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   128,
+        3 +   256 * sizeof (short) / sizeof (int) +   144,
+        3 +   256 * sizeof (short) / sizeof (int) +   160,
+        3 +   256 * sizeof (short) / sizeof (int) +   176,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   192,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   208,
+        3 +   256 * sizeof (short) / sizeof (int) +   224,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   240,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   256,
+        3 +   256 * sizeof (short) / sizeof (int) +   272,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   288,
+        3 +   256 * sizeof (short) / sizeof (int) +   304,
+        3 +   256 * sizeof (short) / sizeof (int) +   320,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   336,
+        3 +   256 * sizeof (short) / sizeof (int) +   352,
+        3 +   256 * sizeof (short) / sizeof (int) +   368,
+        3 +   256 * sizeof (short) / sizeof (int) +   384,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   400,
+        3 +   256 * sizeof (short) / sizeof (int) +   416,
+        3 +   256 * sizeof (short) / sizeof (int) +   432,
+        3 +   256 * sizeof (short) / sizeof (int) +   448,
+        3 +   256 * sizeof (short) / sizeof (int) +   464,
+        3 +   256 * sizeof (short) / sizeof (int) +   480,
+        3 +   256 * sizeof (short) / sizeof (int) +   496,
+        3 +   256 * sizeof (short) / sizeof (int) +   512,
+        3 +   256 * sizeof (short) / sizeof (int) +   528,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   544,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   560,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   576,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   592,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   608,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   624,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   640,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x03FF0000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x720C0000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x000003FFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03FF0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x000003FFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03F0FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00FCFFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0007FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x7F00FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x7F000000U, 0x01FFFFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x000FFFFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x000003FFU, 0x00000000U,
+    0x03FF0000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x1FFFFE00U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0001C000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03FF03FFU,
+    0x03FF0000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000FFC0U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x07FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x03FF03FFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x03FF0000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF03FFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03F10000U,
+    0x000003FFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFF0000U, 0xFFFFFFFFU,
+    0x000003E7U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFFFFFFFU,
+    0x0FFFFFFFU, 0x00000000U, 0x00000000U, 0xFFFFFC00U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFC00000U,
+    0x000FFFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x20000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000080U, 0x070003FEU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x003C0000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x000003FFU, 0xFFFEFF00U, 0x00000000U,
+    0x000003FFU, 0xFFFE0000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x000003FFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x003F0000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x000003FFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x03FF0000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03FF0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x03FF0000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFF80U, 0x000FFFFFU, 0xFFFFFFFFU, 0x01FFFFFFU,
+    0x00000C00U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0FFFFFFEU,
+    0x00000000U, 0x0000000FU, 0x00000402U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x003E0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x000003FFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFF000000U, 0xFE000000U,
+    0x00000000U, 0x0000FF80U, 0x00000000U, 0xF8000000U,
+    0x0FC00000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x30000000U, 0xFFFCFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x000000FFU, 0x60000000U,
+    0xE0000000U, 0x00000000U, 0x00000000U, 0x0000F800U,
+    0x00000000U, 0x00000000U, 0xFF000000U, 0xFF000000U,
+    0x00000000U, 0x0000FE00U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFC000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x7FFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFC0000U, 0x0000FFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03FF0000U,
+    0x00000000U, 0xFFC00000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x001FFFFEU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03FF0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x000003FFU, 0x00000000U,
+    0x00000000U, 0x0FFF0000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0007FFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFF0000U, 0x00001FFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x00007FFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x000003FFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFBFF0000U, 0x00000003U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0003FFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFC000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000FF80U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00001FFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Nd.c b/lib/unistring/unictype/categ_Nd.c
new file mode 100644
index 0000000..18594e9
--- /dev/null
+++ b/lib/unistring/unictype/categ_Nd.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Nd table.  */
+#include "categ_Nd.h"
+
+const uc_general_category_t UC_CATEGORY_Nd =
+  { UC_CATEGORY_MASK_Nd, 0, { &u_categ_Nd } };
diff --git a/lib/unistring/unictype/categ_Nd.h b/lib/unistring/unictype/categ_Nd.h
new file mode 100644
index 0000000..613f583
--- /dev/null
+++ b/lib/unistring/unictype/categ_Nd.h
@@ -0,0 +1,379 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[24 << 4];
+  }
+u_categ_Nd =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+        3 +   256 * sizeof (short) / sizeof (int) +   112,
+        3 +   256 * sizeof (short) / sizeof (int) +   128,
+        3 +   256 * sizeof (short) / sizeof (int) +   144,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   160,
+        3 +   256 * sizeof (short) / sizeof (int) +   176,
+        3 +   256 * sizeof (short) / sizeof (int) +   192,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   208,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   224,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   240,
+        3 +   256 * sizeof (short) / sizeof (int) +   256,
+        3 +   256 * sizeof (short) / sizeof (int) +   272,
+        3 +   256 * sizeof (short) / sizeof (int) +   288,
+        3 +   256 * sizeof (short) / sizeof (int) +   304,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   320,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   336,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   352,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   368,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x03FF0000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x000003FFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03FF0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x000003FFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x000003FFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x000003FFU, 0x00000000U,
+    0x03FF0000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x000003FFU,
+    0x03FF0000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000FFC0U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x03FF03FFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x03FF0000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF03FFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x000003FFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x000003FFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x03FF0000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03FF0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x03FF0000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x000003FFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03FF0000U,
+    0x00000000U, 0xFFC00000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03FF0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x000003FFU, 0x00000000U,
+    0x00000000U, 0x03FF0000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x000003FFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x000003FFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFC000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x03FF0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Nl.c b/lib/unistring/unictype/categ_Nl.c
new file mode 100644
index 0000000..b11143f
--- /dev/null
+++ b/lib/unistring/unictype/categ_Nl.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Nl table.  */
+#include "categ_Nl.h"
+
+const uc_general_category_t UC_CATEGORY_Nl =
+  { UC_CATEGORY_MASK_Nl, 0, { &u_categ_Nl } };
diff --git a/lib/unistring/unictype/categ_Nl.h b/lib/unistring/unictype/categ_Nl.h
new file mode 100644
index 0000000..902a59b
--- /dev/null
+++ b/lib/unistring/unictype/categ_Nl.h
@@ -0,0 +1,311 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[7 << 4];
+  }
+u_categ_Nl =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0001C000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFFFFFFFU,
+    0x000001E7U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000080U, 0x070003FEU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFFFU, 0x001FFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000402U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x003E0000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x00007FFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_No.c b/lib/unistring/unictype/categ_No.c
new file mode 100644
index 0000000..ca1ef70
--- /dev/null
+++ b/lib/unistring/unictype/categ_No.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_No table.  */
+#include "categ_No.h"
+
+const uc_general_category_t UC_CATEGORY_No =
+  { UC_CATEGORY_MASK_No, 0, { &u_categ_No } };
diff --git a/lib/unistring/unictype/categ_No.h b/lib/unistring/unictype/categ_No.h
new file mode 100644
index 0000000..20f952d
--- /dev/null
+++ b/lib/unistring/unictype/categ_No.h
@@ -0,0 +1,399 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[29 << 4];
+  }
+u_categ_No =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+        3 +   256 * sizeof (short) / sizeof (int) +   112,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   128,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   144,
+        3 +   256 * sizeof (short) / sizeof (int) +   160,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   176,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   192,
+        3 +   256 * sizeof (short) / sizeof (int) +   208,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   224,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   240,
+        3 +   256 * sizeof (short) / sizeof (int) +   256,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   272,
+        3 +   256 * sizeof (short) / sizeof (int) +   288,
+        3 +   256 * sizeof (short) / sizeof (int) +   304,
+        3 +   256 * sizeof (short) / sizeof (int) +   320,
+        3 +   256 * sizeof (short) / sizeof (int) +   336,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   352,
+        3 +   256 * sizeof (short) / sizeof (int) +   368,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   384,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   400,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   416,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   432,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   448,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x720C0000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03F00000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00FC0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00070000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x7F000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x7F000000U, 0x01FF0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x000FFC00U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x1FFFFE00U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03FF0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x04000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03F10000U,
+    0x000003FFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFF0000U, 0x00000000U,
+    0x00000200U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFFFFFFFU,
+    0x0FFFFFFFU, 0x00000000U, 0x00000000U, 0xFFFFFC00U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFFC00000U,
+    0x000FFFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x20000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x003C0000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x000003FFU, 0xFFFEFF00U, 0x00000000U,
+    0x000003FFU, 0xFFFE0000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x003F0000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFF80U, 0x000FFFFFU, 0x00000000U, 0x01E00000U,
+    0x00000C00U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0FFFFFFEU,
+    0x00000000U, 0x0000000FU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFF000000U, 0xFE000000U,
+    0x00000000U, 0x0000FF80U, 0x00000000U, 0xF8000000U,
+    0x0FC00000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x30000000U, 0xFFFCFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x000000FFU, 0x60000000U,
+    0xE0000000U, 0x00000000U, 0x00000000U, 0x0000F800U,
+    0x00000000U, 0x00000000U, 0xFF000000U, 0xFF000000U,
+    0x00000000U, 0x0000FE00U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xFC000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x7FFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFC0000U, 0x0000003FU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x001FFFFEU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x0C000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0007FC00U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFC000000U, 0x00001FFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xF8000000U, 0x00000003U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0003FFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000FF80U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00001FFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_P.c b/lib/unistring/unictype/categ_P.c
new file mode 100644
index 0000000..152d370
--- /dev/null
+++ b/lib/unistring/unictype/categ_P.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_P table.  */
+#include "categ_P.h"
+
+const uc_general_category_t UC_CATEGORY_P =
+  { UC_CATEGORY_MASK_P, 0, { &u_categ_P } };
diff --git a/lib/unistring/unictype/categ_P.h b/lib/unistring/unictype/categ_P.h
new file mode 100644
index 0000000..8818e82
--- /dev/null
+++ b/lib/unistring/unictype/categ_P.h
@@ -0,0 +1,455 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[43 << 4];
+  }
+u_categ_P =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+        3 +   256 * sizeof (short) / sizeof (int) +   112,
+        3 +   256 * sizeof (short) / sizeof (int) +   128,
+        3 +   256 * sizeof (short) / sizeof (int) +   144,
+        3 +   256 * sizeof (short) / sizeof (int) +   160,
+        3 +   256 * sizeof (short) / sizeof (int) +   176,
+        3 +   256 * sizeof (short) / sizeof (int) +   192,
+        3 +   256 * sizeof (short) / sizeof (int) +   208,
+        3 +   256 * sizeof (short) / sizeof (int) +   224,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   240,
+        3 +   256 * sizeof (short) / sizeof (int) +   256,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   272,
+        3 +   256 * sizeof (short) / sizeof (int) +   288,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   304,
+        3 +   256 * sizeof (short) / sizeof (int) +   320,
+        3 +   256 * sizeof (short) / sizeof (int) +   336,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   352,
+        3 +   256 * sizeof (short) / sizeof (int) +   368,
+        3 +   256 * sizeof (short) / sizeof (int) +   384,
+        3 +   256 * sizeof (short) / sizeof (int) +   400,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   416,
+        3 +   256 * sizeof (short) / sizeof (int) +   432,
+        3 +   256 * sizeof (short) / sizeof (int) +   448,
+        3 +   256 * sizeof (short) / sizeof (int) +   464,
+        3 +   256 * sizeof (short) / sizeof (int) +   480,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   496,
+        3 +   256 * sizeof (short) / sizeof (int) +   512,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   528,
+        3 +   256 * sizeof (short) / sizeof (int) +   544,
+        3 +   256 * sizeof (short) / sizeof (int) +   560,
+        3 +   256 * sizeof (short) / sizeof (int) +   576,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   592,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   608,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   624,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   640,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   656,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   672,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x8C00F7EEU, 0xB8000001U, 0x28000000U,
+    0x00000000U, 0x88C00882U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x40000000U,
+    0x00000080U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFC000000U, 0x00000000U,
+    0x00000600U, 0x40000000U, 0x00000049U, 0x00180000U,
+    0xC8003600U, 0x00000000U, 0x00000000U, 0x00003C00U,
+    0x00000000U, 0x00000000U, 0x00100000U, 0x00000000U,
+    0x00003FFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03800000U,
+    0x00000000U, 0x7FFF0000U, 0x40000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00010030U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00010000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00100000U,
+    0x00000000U, 0x00000000U, 0x0C008000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0017FFF0U, 0x3C000000U, 0x00000000U, 0x00000000U,
+    0x00000020U, 0x00000000U, 0x061F0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000FC00U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x08000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x000001FFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000001U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00006000U,
+    0x18000000U, 0x00000000U, 0x00000000U, 0x00003800U,
+    0x00000000U, 0x00600000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x07700000U, 0x00000000U,
+    0x000007FFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000030U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xC0000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00003F7FU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFC000000U, 0x00000001U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xF0000000U,
+    0x00000000U, 0xF8000000U, 0x00000000U, 0xC0000000U,
+    0x00000000U, 0x00000000U, 0x000800FFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFF0000U, 0xFFFF00FFU, 0x7FFBFFEFU, 0x60000000U,
+    0x00006000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000F00U, 0x00000600U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x003FFF00U,
+    0x00000000U, 0x00000000U, 0x00000060U, 0x0000FFC0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x01FFFFF8U, 0x00000000U, 0x0F000000U, 0x30000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xDE000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00010000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFF7FFFU, 0x0000001FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFF3FF0EU, 0x20010000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000001U, 0x00000000U, 0x08000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xC0000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000E000U, 0x00000000U, 0x00000000U, 0x40080000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00FC0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00F00000U,
+    0x00000000U, 0x00000000U, 0x0000C000U, 0x17000000U,
+    0x00000000U, 0x0000C000U, 0x80000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xC0003FFEU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xF0000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xC0000000U, 0x00030000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000800U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xC0000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x03FF0000U, 0xFFFF0000U, 0xFFF7FFFFU, 0x00000D0BU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x8C00F7EEU, 0xB8000001U, 0xA8000000U, 0x0000003FU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000007U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x80000000U, 0x00000000U, 0x00010000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00008000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00800000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x80000000U, 0x80000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x01FF0000U, 0x80000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x007F0000U,
+    0x00000000U, 0xFE000000U, 0x00000000U, 0x00000000U,
+    0x1E000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00003F80U, 0x00000000U,
+    0x00000000U, 0xD8000000U, 0x00000003U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000000FU, 0x00300000U,
+    0x00000000U, 0x00000000U, 0xE80023E0U, 0x00000000U,
+    0x00000000U, 0x3F000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000200U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x2800F800U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000040U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00FFFFFEU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000000EU, 0x00001FFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x70000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000003EU, 0x00030000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x001F0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000C000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00200000U,
+    0x00000000U, 0x0F800000U, 0x00000010U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x80000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000F80U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xC0000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Pc.c b/lib/unistring/unictype/categ_Pc.c
new file mode 100644
index 0000000..4020342
--- /dev/null
+++ b/lib/unistring/unictype/categ_Pc.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Pc table.  */
+#include "categ_Pc.h"
+
+const uc_general_category_t UC_CATEGORY_Pc =
+  { UC_CATEGORY_MASK_Pc, 0, { &u_categ_Pc } };
diff --git a/lib/unistring/unictype/categ_Pc.h b/lib/unistring/unictype/categ_Pc.h
new file mode 100644
index 0000000..f182c71
--- /dev/null
+++ b/lib/unistring/unictype/categ_Pc.h
@@ -0,0 +1,164 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[3 << 4];
+  }
+u_categ_Pc =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    32
+  },
+  {
+    0x00000000U, 0x00000000U, 0x80000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x80000000U, 0x00100001U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00180000U, 0x0000E000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x80000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Pd.c b/lib/unistring/unictype/categ_Pd.c
new file mode 100644
index 0000000..f713b69
--- /dev/null
+++ b/lib/unistring/unictype/categ_Pd.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Pd table.  */
+#include "categ_Pd.h"
+
+const uc_general_category_t UC_CATEGORY_Pd =
+  { UC_CATEGORY_MASK_Pd, 0, { &u_categ_Pd } };
diff --git a/lib/unistring/unictype/categ_Pd.h b/lib/unistring/unictype/categ_Pd.h
new file mode 100644
index 0000000..daa9a0d
--- /dev/null
+++ b/lib/unistring/unictype/categ_Pd.h
@@ -0,0 +1,184 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[8 << 4];
+  }
+u_categ_Pd =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    32,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    48,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    64,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    80,
+        2 +   128 * sizeof (short) / sizeof (int) +    96,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +   112
+  },
+  {
+    0x00000000U, 0x00002000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000400U, 0x40000000U, 0x00000000U, 0x00000000U,
+    0x00000001U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000040U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x003F0000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x04800000U, 0x0C000000U, 0x00000001U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x10000000U, 0x00010000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000001U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00060000U, 0x01000000U, 0x00000008U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00002000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Pe.c b/lib/unistring/unictype/categ_Pe.c
new file mode 100644
index 0000000..7cf5331
--- /dev/null
+++ b/lib/unistring/unictype/categ_Pe.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Pe table.  */
+#include "categ_Pe.h"
+
+const uc_general_category_t UC_CATEGORY_Pe =
+  { UC_CATEGORY_MASK_Pe, 0, { &u_categ_Pe } };
diff --git a/lib/unistring/unictype/categ_Pe.h b/lib/unistring/unictype/categ_Pe.h
new file mode 100644
index 0000000..a15831a
--- /dev/null
+++ b/lib/unistring/unictype/categ_Pe.h
@@ -0,0 +1,196 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[11 << 4];
+  }
+u_categ_Pe =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    48,
+        2 +   128 * sizeof (short) / sizeof (int) +    64,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    80,
+        2 +   128 * sizeof (short) / sizeof (int) +    96,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +   112,
+        2 +   128 * sizeof (short) / sizeof (int) +   128,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +   144,
+        2 +   128 * sizeof (short) / sizeof (int) +   160
+  },
+  {
+    0x00000000U, 0x00000200U, 0x20000000U, 0x20000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x28000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x10000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000040U, 0x40000000U,
+    0x00004000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000A00U, 0x00000400U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x002AAA00U,
+    0x00000000U, 0x00000000U, 0x00000040U, 0x0000AA80U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x01555550U, 0x00000000U, 0x0A000000U, 0x20000000U,
+    0x00000000U, 0x000002A8U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xCAA2AA00U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x40000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x01000000U, 0x55400000U, 0x54000115U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000200U, 0x20000000U, 0x20000000U, 0x00000009U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Pf.c b/lib/unistring/unictype/categ_Pf.c
new file mode 100644
index 0000000..f78ff73
--- /dev/null
+++ b/lib/unistring/unictype/categ_Pf.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Pf table.  */
+#include "categ_Pf.h"
+
+const uc_general_category_t UC_CATEGORY_Pf =
+  { UC_CATEGORY_MASK_Pf, 0, { &u_categ_Pf } };
diff --git a/lib/unistring/unictype/categ_Pf.h b/lib/unistring/unictype/categ_Pf.h
new file mode 100644
index 0000000..5559188
--- /dev/null
+++ b/lib/unistring/unictype/categ_Pf.h
@@ -0,0 +1,164 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[3 << 4];
+  }
+u_categ_Pf =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x08000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x22000000U, 0x04000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x20002428U, 0x00000002U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Pi.c b/lib/unistring/unictype/categ_Pi.c
new file mode 100644
index 0000000..9740468
--- /dev/null
+++ b/lib/unistring/unictype/categ_Pi.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Pi table.  */
+#include "categ_Pi.h"
+
+const uc_general_category_t UC_CATEGORY_Pi =
+  { UC_CATEGORY_MASK_Pi, 0, { &u_categ_Pi } };
diff --git a/lib/unistring/unictype/categ_Pi.h b/lib/unistring/unictype/categ_Pi.h
new file mode 100644
index 0000000..8ee94f4
--- /dev/null
+++ b/lib/unistring/unictype/categ_Pi.h
@@ -0,0 +1,164 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[3 << 4];
+  }
+u_categ_Pi =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000800U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x99000000U, 0x02000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x10001214U, 0x00000001U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Po.c b/lib/unistring/unictype/categ_Po.c
new file mode 100644
index 0000000..9d5e880
--- /dev/null
+++ b/lib/unistring/unictype/categ_Po.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Po table.  */
+#include "categ_Po.h"
+
+const uc_general_category_t UC_CATEGORY_Po =
+  { UC_CATEGORY_MASK_Po, 0, { &u_categ_Po } };
diff --git a/lib/unistring/unictype/categ_Po.h b/lib/unistring/unictype/categ_Po.h
new file mode 100644
index 0000000..bca38f9
--- /dev/null
+++ b/lib/unistring/unictype/categ_Po.h
@@ -0,0 +1,435 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[38 << 4];
+  }
+u_categ_Po =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+        3 +   256 * sizeof (short) / sizeof (int) +   112,
+        3 +   256 * sizeof (short) / sizeof (int) +   128,
+        3 +   256 * sizeof (short) / sizeof (int) +   144,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   160,
+        3 +   256 * sizeof (short) / sizeof (int) +   176,
+        3 +   256 * sizeof (short) / sizeof (int) +   192,
+        3 +   256 * sizeof (short) / sizeof (int) +   208,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   224,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   240,
+        3 +   256 * sizeof (short) / sizeof (int) +   256,
+        3 +   256 * sizeof (short) / sizeof (int) +   272,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   288,
+        3 +   256 * sizeof (short) / sizeof (int) +   304,
+        3 +   256 * sizeof (short) / sizeof (int) +   320,
+        3 +   256 * sizeof (short) / sizeof (int) +   336,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   352,
+        3 +   256 * sizeof (short) / sizeof (int) +   368,
+        3 +   256 * sizeof (short) / sizeof (int) +   384,
+        3 +   256 * sizeof (short) / sizeof (int) +   400,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   416,
+        3 +   256 * sizeof (short) / sizeof (int) +   432,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   448,
+        3 +   256 * sizeof (short) / sizeof (int) +   464,
+        3 +   256 * sizeof (short) / sizeof (int) +   480,
+        3 +   256 * sizeof (short) / sizeof (int) +   496,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   512,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   528,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   544,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   560,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   576,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   592,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x8C00D4EEU, 0x10000001U, 0x00000000U,
+    0x00000000U, 0x80C00082U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x40000000U,
+    0x00000080U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFC000000U, 0x00000000U,
+    0x00000200U, 0x00000000U, 0x00000049U, 0x00180000U,
+    0xC8003600U, 0x00000000U, 0x00000000U, 0x00003C00U,
+    0x00000000U, 0x00000000U, 0x00100000U, 0x00000000U,
+    0x00003FFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03800000U,
+    0x00000000U, 0x7FFF0000U, 0x40000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00010030U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00010000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00100000U,
+    0x00000000U, 0x00000000U, 0x0C008000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0017FFF0U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000020U, 0x00000000U, 0x061F0000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000FC00U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x08000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x000001FFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00006000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00003800U,
+    0x00000000U, 0x00600000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x07700000U, 0x00000000U,
+    0x000007BFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000030U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xC0000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00003F7FU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFC000000U, 0x00000001U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xF0000000U,
+    0x00000000U, 0xF8000000U, 0x00000000U, 0xC0000000U,
+    0x00000000U, 0x00000000U, 0x000800FFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00C00000U, 0x79FF00FFU, 0x7FEBFF8EU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xDE000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00010000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xCB7FC9C3U, 0xF3FF7C00U, 0x0000001AU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000000EU, 0x20000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x08000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xC0000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000E000U, 0x00000000U, 0x00000000U, 0x40080000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00FC0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00F00000U,
+    0x00000000U, 0x00000000U, 0x0000C000U, 0x17000000U,
+    0x00000000U, 0x0000C000U, 0x80000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xC0003FFEU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xF0000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xC0000000U, 0x00030000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000800U,
+    0x027F0000U, 0x00010000U, 0x80F71E60U, 0x00000D03U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x8C00D4EEU, 0x10000001U, 0x00000000U, 0x00000032U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000007U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x80000000U, 0x00000000U, 0x00010000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00008000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00800000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x80000000U, 0x80000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x01FF0000U, 0x80000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x007F0000U,
+    0x00000000U, 0xFE000000U, 0x00000000U, 0x00000000U,
+    0x1E000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00003F80U, 0x00000000U,
+    0x00000000U, 0xD8000000U, 0x00000003U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000000FU, 0x00300000U,
+    0x00000000U, 0x00000000U, 0xE80023E0U, 0x00000000U,
+    0x00000000U, 0x3F000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000200U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x2800F800U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000040U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00FFFFFEU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000000EU, 0x00001FFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x70000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x0000003EU, 0x00030000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x001F0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0000C000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00200000U,
+    0x00000000U, 0x0F800000U, 0x00000010U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x80000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000F80U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xC0000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Ps.c b/lib/unistring/unictype/categ_Ps.c
new file mode 100644
index 0000000..399d4bc
--- /dev/null
+++ b/lib/unistring/unictype/categ_Ps.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Ps table.  */
+#include "categ_Ps.h"
+
+const uc_general_category_t UC_CATEGORY_Ps =
+  { UC_CATEGORY_MASK_Ps, 0, { &u_categ_Ps } };
diff --git a/lib/unistring/unictype/categ_Ps.h b/lib/unistring/unictype/categ_Ps.h
new file mode 100644
index 0000000..77941cb
--- /dev/null
+++ b/lib/unistring/unictype/categ_Ps.h
@@ -0,0 +1,196 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[11 << 4];
+  }
+u_categ_Ps =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    48,
+        2 +   128 * sizeof (short) / sizeof (int) +    64,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    80,
+        2 +   128 * sizeof (short) / sizeof (int) +    96,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +   112,
+        2 +   128 * sizeof (short) / sizeof (int) +   128,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +   144,
+        2 +   128 * sizeof (short) / sizeof (int) +   160
+  },
+  {
+    0x00000000U, 0x00000100U, 0x08000000U, 0x08000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x14000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x08000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x44000000U, 0x00000000U, 0x00000020U, 0x20000000U,
+    0x00002000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000500U, 0x00000200U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00155500U,
+    0x00000000U, 0x00000000U, 0x00000020U, 0x00005540U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00AAAAA8U, 0x00000000U, 0x05000000U, 0x10000000U,
+    0x00000000U, 0x00000154U, 0x00000004U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x25515500U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x80000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00800000U, 0xAAA00000U, 0x2A00008AU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000100U, 0x08000000U, 0x88000000U, 0x00000004U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_S.c b/lib/unistring/unictype/categ_S.c
new file mode 100644
index 0000000..3779933
--- /dev/null
+++ b/lib/unistring/unictype/categ_S.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_S table.  */
+#include "categ_S.h"
+
+const uc_general_category_t UC_CATEGORY_S =
+  { UC_CATEGORY_MASK_S, 0, { &u_categ_S } };
diff --git a/lib/unistring/unictype/categ_S.h b/lib/unistring/unictype/categ_S.h
new file mode 100644
index 0000000..5147dd0
--- /dev/null
+++ b/lib/unistring/unictype/categ_S.h
@@ -0,0 +1,475 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[48 << 4];
+  }
+u_categ_S =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+        3 +   256 * sizeof (short) / sizeof (int) +   112,
+        3 +   256 * sizeof (short) / sizeof (int) +   128,
+        3 +   256 * sizeof (short) / sizeof (int) +   144,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   160,
+        3 +   256 * sizeof (short) / sizeof (int) +   176,
+        3 +   256 * sizeof (short) / sizeof (int) +   192,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   208,
+        3 +   256 * sizeof (short) / sizeof (int) +   224,
+        3 +   256 * sizeof (short) / sizeof (int) +   240,
+        3 +   256 * sizeof (short) / sizeof (int) +   256,
+        3 +   256 * sizeof (short) / sizeof (int) +   272,
+        3 +   256 * sizeof (short) / sizeof (int) +   288,
+        3 +   256 * sizeof (short) / sizeof (int) +   304,
+        3 +   256 * sizeof (short) / sizeof (int) +   320,
+        3 +   256 * sizeof (short) / sizeof (int) +   336,
+        3 +   256 * sizeof (short) / sizeof (int) +   352,
+        3 +   256 * sizeof (short) / sizeof (int) +   368,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   384,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   400,
+        3 +   256 * sizeof (short) / sizeof (int) +   416,
+        3 +   256 * sizeof (short) / sizeof (int) +   432,
+        3 +   256 * sizeof (short) / sizeof (int) +   448,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   464,
+        3 +   256 * sizeof (short) / sizeof (int) +   480,
+        3 +   256 * sizeof (short) / sizeof (int) +   496,
+        3 +   256 * sizeof (short) / sizeof (int) +   512,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   528,
+        3 +   256 * sizeof (short) / sizeof (int) +   544,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   560,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   576,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   592,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   608,
+        3 +   256 * sizeof (short) / sizeof (int) +   624,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   640,
+        3 +   256 * sizeof (short) / sizeof (int) +   656,
+        3 +   256 * sizeof (short) / sizeof (int) +   672,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   688,
+        3 +   256 * sizeof (short) / sizeof (int) +   704,
+        3 +   256 * sizeof (short) / sizeof (int) +   720,
+        3 +   256 * sizeof (short) / sizeof (int) +   656,
+        3 +   256 * sizeof (short) / sizeof (int) +   736,
+        3 +   256 * sizeof (short) / sizeof (int) +   752,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x70000810U, 0x40000000U, 0x50000001U,
+    0x00000000U, 0x0113D37CU, 0x00800000U, 0x00800000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFC003CU, 0xFFFFAFE0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00200000U,
+    0x00000030U, 0x00000000U, 0x00000000U, 0x00400000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000004U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000E000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000C9C0U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x40000000U, 0x60000200U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00400000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x0C0C0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00020000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00010000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x07F80000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x80000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00008000U, 0x02000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x80000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFCE8000EU, 0x01500000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xC0000000U, 0x01E0DFBFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xC0000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x03FF0000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x08000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000001U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xC0000000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x1FF007FEU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xA0000000U, 0xE000E003U, 0x6000E000U,
+    0x00000000U, 0x00000000U, 0x00040010U, 0x1C000000U,
+    0x00001C00U, 0x7FFFFFFFU, 0x00000000U, 0x00000000U,
+    0xC1D0037BU, 0x0C0042AFU, 0x0000BC1FU, 0x00000000U,
+    0xFFFF0C00U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFF0FFU, 0xFFFFF9FFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x7FFFFFFFU,
+    0xFFFFFFFFU, 0x0000007FU, 0x000007FFU, 0x00000000U,
+    0xF0000000U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x000003FFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x000000FFU,
+    0xFFF00000U, 0xFFFFFFFFU, 0xFFFFFF9FU, 0xFFFF003FU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFE000007U, 0xFFFFFFFFU, 0xF0FFFFFFU, 0xCFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFCFFFFFU,
+    0xFF3FFFFFU, 0xE3FFFFFFU, 0x0003FDFFU, 0x0000F000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x000007E0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFBFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x000FFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x003FFFFFU, 0x0FFF0000U,
+    0x000C0010U, 0xC0C00001U, 0x00000000U, 0x00000000U,
+    0x18000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFC30000U, 0x00000000U, 0xFFFFFFFFU, 0x0000000FU,
+    0x7FFFFFFFU, 0xFFFFFC00U, 0x000100FFU, 0xFFFFFFFFU,
+    0xFFFFFC00U, 0x0001FFFFU, 0xFFFFFFFFU, 0x7FFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFF0000U, 0xFFFFFFFFU, 0x0000007FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x007FFFFFU, 0x00000003U, 0x00000000U, 0x00000000U,
+    0x00000600U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x03C00F00U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03800000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x08000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000200U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFC0000U, 0x00000003U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x30000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000274U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x70000810U, 0x40000000U, 0x50000001U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x30007F7FU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFF800000U, 0x00000000U, 0xFE000000U,
+    0x0FFF73FFU, 0x00000001U, 0xFFFF0000U, 0x1FFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x01800000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000100U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x80000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xF0000000U, 0x00000020U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x10000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x003FFFFFU,
+    0xFFFFFFFFU, 0xFFFFFE7FU, 0xFFFFFFFFU, 0x00001C1FU,
+    0xFFFFF018U, 0xFFFFC3FFU, 0xFFFFFFFFU, 0x000001FFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x00000023U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x007FFFFFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x08000002U, 0x08000000U,
+    0x00200000U, 0x00200000U, 0x00008000U, 0x00008000U,
+    0x00000200U, 0x00000200U, 0x00000008U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x07800000U, 0x00000000U, 0xFFDFE000U,
+    0x0000006FU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00030000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFF0FFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x000FFFFFU, 0xFFFE7FFFU, 0xFFFEFFFEU, 0x003FFFFFU,
+    0xFFFF0000U, 0xFFFF7FFFU, 0xFFFFFFFFU, 0xFFFF0FFFU,
+    0xFFFFFFFFU, 0x00001FFFU, 0x00000000U, 0xFFFFFFC0U,
+    0xFFFF0007U, 0x0FFFFFFFU, 0x000301FFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0007FFFFU, 0x007F1FFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x000FFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x001FFFFFU, 0x00000000U,
+    0xFFFF0FFFU, 0xFFFFFFFFU, 0x03FF00FFU, 0xFFFFFFFFU,
+    0xFFFF00FFU, 0x00003FFFU, 0x00000000U, 0x00000000U,
+    0x7FFF0000U, 0x7FF900FFU, 0x7FFF0FFFU, 0x00000000U,
+    0x0003FFFFU, 0x00000000U, 0x00000001U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Sc.c b/lib/unistring/unictype/categ_Sc.c
new file mode 100644
index 0000000..07442e9
--- /dev/null
+++ b/lib/unistring/unictype/categ_Sc.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Sc table.  */
+#include "categ_Sc.h"
+
+const uc_general_category_t UC_CATEGORY_Sc =
+  { UC_CATEGORY_MASK_Sc, 0, { &u_categ_Sc } };
diff --git a/lib/unistring/unictype/categ_Sc.h b/lib/unistring/unictype/categ_Sc.h
new file mode 100644
index 0000000..b11965d
--- /dev/null
+++ b/lib/unistring/unictype/categ_Sc.h
@@ -0,0 +1,196 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[11 << 4];
+  }
+u_categ_Sc =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    16,
+        2 +   128 * sizeof (short) / sizeof (int) +    32,
+        2 +   128 * sizeof (short) / sizeof (int) +    48,
+        2 +   128 * sizeof (short) / sizeof (int) +    64,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    80,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    96,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +   112,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +   128,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +   144,
+        2 +   128 * sizeof (short) / sizeof (int) +   160
+  },
+  {
+    0x00000000U, 0x00000010U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x0000003CU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00008000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000800U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x080C0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00020000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x02000000U,
+    0x00000000U, 0x80000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x08000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x7FFFFFFFU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x01000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x10000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000200U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000010U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000063U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Sk.c b/lib/unistring/unictype/categ_Sk.c
new file mode 100644
index 0000000..ab7a56a
--- /dev/null
+++ b/lib/unistring/unictype/categ_Sk.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Sk table.  */
+#include "categ_Sk.h"
+
+const uc_general_category_t UC_CATEGORY_Sk =
+  { UC_CATEGORY_MASK_Sk, 0, { &u_categ_Sk } };
diff --git a/lib/unistring/unictype/categ_Sk.h b/lib/unistring/unictype/categ_Sk.h
new file mode 100644
index 0000000..6843868
--- /dev/null
+++ b/lib/unistring/unictype/categ_Sk.h
@@ -0,0 +1,319 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[9 << 4];
+  }
+u_categ_Sk =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   112,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   128,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x40000000U, 0x00000001U,
+    0x00000000U, 0x01108100U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFC003CU, 0xFFFFAFE0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00200000U,
+    0x00000030U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xA0000000U, 0xE000E003U, 0x6000E000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x18000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x007FFFFFU, 0x00000003U, 0x00000000U, 0x00000000U,
+    0x00000600U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x08000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFFFC0000U, 0x00000003U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x40000000U, 0x00000001U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000008U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xF8000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Sm.c b/lib/unistring/unictype/categ_Sm.c
new file mode 100644
index 0000000..29c824d
--- /dev/null
+++ b/lib/unistring/unictype/categ_Sm.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Sm table.  */
+#include "categ_Sm.h"
+
+const uc_general_category_t UC_CATEGORY_Sm =
+  { UC_CATEGORY_MASK_Sm, 0, { &u_categ_Sm } };
diff --git a/lib/unistring/unictype/categ_Sm.h b/lib/unistring/unictype/categ_Sm.h
new file mode 100644
index 0000000..e16f449
--- /dev/null
+++ b/lib/unistring/unictype/categ_Sm.h
@@ -0,0 +1,335 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[13 << 4];
+  }
+u_categ_Sm =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+        3 +   256 * sizeof (short) / sizeof (int) +   112,
+        3 +   256 * sizeof (short) / sizeof (int) +   128,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   144,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   160,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   176,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   192,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x70000800U, 0x00000000U, 0x50000000U,
+    0x00000000U, 0x00021000U, 0x00800000U, 0x00800000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00400000U,
+    0x000001C0U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00040010U, 0x1C000000U,
+    0x00001C00U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x01000000U, 0x00000000U, 0x0000081FU, 0x00000000U,
+    0x0C1F0000U, 0x00004049U, 0x0014C000U, 0xFFF00000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000003U, 0x00000000U, 0x10000000U,
+    0xF8000000U, 0x000FFFFFU, 0xF0000000U, 0x00000003U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00800000U, 0x00000002U, 0xFF000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00008000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFF9FU, 0xFFFF003FU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFE000007U, 0xFFFFFFFFU, 0xF0FFFFFFU, 0xCFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0xFFFF0000U, 0x00001F9FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000200U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000074U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x70000800U, 0x00000000U, 0x50000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00001E04U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x08000002U, 0x08000000U,
+    0x00200000U, 0x00200000U, 0x00008000U, 0x00008000U,
+    0x00000200U, 0x00000200U, 0x00000008U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00030000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_So.c b/lib/unistring/unictype/categ_So.c
new file mode 100644
index 0000000..132bb45
--- /dev/null
+++ b/lib/unistring/unictype/categ_So.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_So table.  */
+#include "categ_So.h"
+
+const uc_general_category_t UC_CATEGORY_So =
+  { UC_CATEGORY_MASK_So, 0, { &u_categ_So } };
diff --git a/lib/unistring/unictype/categ_So.h b/lib/unistring/unictype/categ_So.h
new file mode 100644
index 0000000..1fac8b1
--- /dev/null
+++ b/lib/unistring/unictype/categ_So.h
@@ -0,0 +1,447 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[2];
+    short level2[2 << 7];
+    unsigned int level3[41 << 4];
+  }
+u_categ_So =
+{
+  { 2 },
+  {
+        3 * sizeof (int) / sizeof (short) +     0,
+        3 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+        3 +   256 * sizeof (short) / sizeof (int) +     0,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +    16,
+        3 +   256 * sizeof (short) / sizeof (int) +    32,
+        3 +   256 * sizeof (short) / sizeof (int) +    48,
+        3 +   256 * sizeof (short) / sizeof (int) +    64,
+        3 +   256 * sizeof (short) / sizeof (int) +    80,
+        3 +   256 * sizeof (short) / sizeof (int) +    96,
+        3 +   256 * sizeof (short) / sizeof (int) +   112,
+        3 +   256 * sizeof (short) / sizeof (int) +   128,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   144,
+        3 +   256 * sizeof (short) / sizeof (int) +   160,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   176,
+        3 +   256 * sizeof (short) / sizeof (int) +   192,
+        3 +   256 * sizeof (short) / sizeof (int) +   208,
+        3 +   256 * sizeof (short) / sizeof (int) +   224,
+        3 +   256 * sizeof (short) / sizeof (int) +   240,
+        3 +   256 * sizeof (short) / sizeof (int) +   256,
+        3 +   256 * sizeof (short) / sizeof (int) +   272,
+        3 +   256 * sizeof (short) / sizeof (int) +   288,
+        3 +   256 * sizeof (short) / sizeof (int) +   304,
+        3 +   256 * sizeof (short) / sizeof (int) +   320,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   336,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   352,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   368,
+        3 +   256 * sizeof (short) / sizeof (int) +   384,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   400,
+        3 +   256 * sizeof (short) / sizeof (int) +   416,
+        3 +   256 * sizeof (short) / sizeof (int) +   432,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   448,
+        3 +   256 * sizeof (short) / sizeof (int) +   464,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   480,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   496,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   512,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   528,
+        3 +   256 * sizeof (short) / sizeof (int) +   544,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   560,
+        3 +   256 * sizeof (short) / sizeof (int) +   576,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        3 +   256 * sizeof (short) / sizeof (int) +   592,
+        3 +   256 * sizeof (short) / sizeof (int) +   608,
+        3 +   256 * sizeof (short) / sizeof (int) +   560,
+        3 +   256 * sizeof (short) / sizeof (int) +   624,
+        3 +   256 * sizeof (short) / sizeof (int) +   640,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00014240U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000004U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00006000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000C000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x40000000U, 0x60000200U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00400000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x04000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00010000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x05F80000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x80000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00008000U, 0x02000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFCE8000EU, 0x01500000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xC0000000U, 0x01E0DFBFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xC0000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x03FF0000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000001U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xC0000000U, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x1FF007FEU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xC0D0037BU, 0x0C0042AFU, 0x0000B400U, 0x00000000U,
+    0xF3E00C00U, 0xFFFFBFB6U, 0xFFEB3FFFU, 0x000FFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFF0FFU, 0xFFFFF9FCU, 0xFFFFFFFFU, 0xEFFFFFFFU,
+    0x07FFFFFFU, 0xFFF00000U, 0x0FFFFFFFU, 0x7FFFFFFCU,
+    0xFFFFFFFFU, 0x0000007FU, 0x000007FFU, 0x00000000U,
+    0xF0000000U, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x000003FFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFF7FFFFFU, 0xFFFFFFFDU, 0x00FFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFF7FFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x000000FFU,
+    0xFFF00000U, 0xFFFFFFFFU, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0x0000FFFFU, 0xFFFFE060U, 0xFFCFFFFFU,
+    0xFF3FFFFFU, 0xE3FFFFFFU, 0x0003FDFFU, 0x0000F000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x000007E0U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFBFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x000FFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x003FFFFFU, 0x0FFF0000U,
+    0x000C0010U, 0xC0C00001U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFC30000U, 0x00000000U, 0xFFFFFFFFU, 0x0000000FU,
+    0x7FFFFFFFU, 0xFFFFFC00U, 0x000100FFU, 0xFFFFFFFFU,
+    0xFFFFFC00U, 0x0001FFFFU, 0xFFFFFFFFU, 0x7FFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFF0000U, 0xFFFFFFFFU, 0x0000007FU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x02C00F00U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x03800000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x20000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x30006110U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xFF800000U, 0x00000000U, 0xFE000000U,
+    0x0FFF73FFU, 0x00000001U, 0xFFFF0000U, 0x1FFFFFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x01800000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000100U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x80000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0xF0000000U, 0x00000020U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x10000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x003FFFFFU,
+    0xFFFFFFFFU, 0xFFFFFE7FU, 0xFFFFFFFFU, 0x00001C1FU,
+    0xFFFFF018U, 0xFFFFC3FFU, 0xFFFFFFFFU, 0x000001FFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x00000023U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x007FFFFFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x00000000U, 0x07800000U, 0x00000000U, 0xFFDFE000U,
+    0x0000006FU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFF0FFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0x000FFFFFU, 0xFFFE7FFFU, 0xFFFEFFFEU, 0x003FFFFFU,
+    0xFFFF0000U, 0xFFFF7FFFU, 0xFFFFFFFFU, 0xFFFF0FFFU,
+    0xFFFFFFFFU, 0x00001FFFU, 0x00000000U, 0xFFFFFFC0U,
+    0xFFFF0007U, 0x0FFFFFFFU, 0x000301FFU, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x07FFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x0007FFFFU, 0x007F1FFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x000FFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0x001FFFFFU, 0x00000000U,
+    0xFFFF0FFFU, 0xFFFFFFFFU, 0x03FF00FFU, 0xFFFFFFFFU,
+    0xFFFF00FFU, 0x00003FFFU, 0x00000000U, 0x00000000U,
+    0x7FFF0000U, 0x7FF900FFU, 0x7FFF0FFFU, 0x00000000U,
+    0x0003FFFFU, 0x00000000U, 0x00000001U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Z.c b/lib/unistring/unictype/categ_Z.c
new file mode 100644
index 0000000..5b3ed0b
--- /dev/null
+++ b/lib/unistring/unictype/categ_Z.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Z table.  */
+#include "categ_Z.h"
+
+const uc_general_category_t UC_CATEGORY_Z =
+  { UC_CATEGORY_MASK_Z, 0, { &u_categ_Z } };
diff --git a/lib/unistring/unictype/categ_Z.h b/lib/unistring/unictype/categ_Z.h
new file mode 100644
index 0000000..172cc93
--- /dev/null
+++ b/lib/unistring/unictype/categ_Z.h
@@ -0,0 +1,168 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[4 << 4];
+  }
+u_categ_Z =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    48,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000001U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000001U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000001U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x000007FFU, 0x00008300U, 0x80000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000001U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Zl.c b/lib/unistring/unictype/categ_Zl.c
new file mode 100644
index 0000000..4964533
--- /dev/null
+++ b/lib/unistring/unictype/categ_Zl.c
@@ -0,0 +1,39 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+static bool
+uc_is_category_Zl (ucs4_t uc)
+{
+  return (uc == 0x2028);
+}
+
+const uc_general_category_t UC_CATEGORY_Zl =
+  { UC_CATEGORY_MASK_Zl, 1, { &uc_is_category_Zl } };
diff --git a/lib/unistring/unictype/categ_Zl.h b/lib/unistring/unictype/categ_Zl.h
new file mode 100644
index 0000000..1082fdc
--- /dev/null
+++ b/lib/unistring/unictype/categ_Zl.h
@@ -0,0 +1,156 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[1 << 4];
+  }
+u_categ_Zl =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000100U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Zp.c b/lib/unistring/unictype/categ_Zp.c
new file mode 100644
index 0000000..ce22fff
--- /dev/null
+++ b/lib/unistring/unictype/categ_Zp.c
@@ -0,0 +1,39 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+static bool
+uc_is_category_Zp (ucs4_t uc)
+{
+  return (uc == 0x2029);
+}
+
+const uc_general_category_t UC_CATEGORY_Zp =
+  { UC_CATEGORY_MASK_Zp, 1, { &uc_is_category_Zp } };
diff --git a/lib/unistring/unictype/categ_Zp.h b/lib/unistring/unictype/categ_Zp.h
new file mode 100644
index 0000000..1bcf4bf
--- /dev/null
+++ b/lib/unistring/unictype/categ_Zp.h
@@ -0,0 +1,156 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[1 << 4];
+  }
+u_categ_Zp =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000200U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_Zs.c b/lib/unistring/unictype/categ_Zs.c
new file mode 100644
index 0000000..eeed0ca
--- /dev/null
+++ b/lib/unistring/unictype/categ_Zs.c
@@ -0,0 +1,36 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_categ_Zs table.  */
+#include "categ_Zs.h"
+
+const uc_general_category_t UC_CATEGORY_Zs =
+  { UC_CATEGORY_MASK_Zs, 0, { &u_categ_Zs } };
diff --git a/lib/unistring/unictype/categ_Zs.h b/lib/unistring/unictype/categ_Zs.h
new file mode 100644
index 0000000..e93f3df
--- /dev/null
+++ b/lib/unistring/unictype/categ_Zs.h
@@ -0,0 +1,168 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[4 << 4];
+  }
+u_categ_Zs =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +    48,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000001U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000001U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000001U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x000007FFU, 0x00008000U, 0x80000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000001U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/categ_and.c b/lib/unistring/unictype/categ_and.c
new file mode 100644
index 0000000..ffca2ba
--- /dev/null
+++ b/lib/unistring/unictype/categ_and.c
@@ -0,0 +1,54 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2007.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+uc_general_category_t
+uc_general_category_and (uc_general_category_t category1,
+                         uc_general_category_t category2)
+{
+  uint32_t bitmask;
+  uc_general_category_t result;
+
+  bitmask = category1.bitmask & category2.bitmask;
+
+  if (bitmask == category1.bitmask)
+    return category1;
+
+  if (bitmask == category2.bitmask)
+    return category2;
+
+  if (bitmask == 0)
+    return _UC_CATEGORY_NONE;
+
+  result.bitmask = bitmask;
+  result.generic = 1;
+  result.lookup.lookup_fn = &uc_is_general_category_withtable;
+  return result;
+}
diff --git a/lib/unistring/unictype/categ_and_not.c b/lib/unistring/unictype/categ_and_not.c
new file mode 100644
index 0000000..af51e32
--- /dev/null
+++ b/lib/unistring/unictype/categ_and_not.c
@@ -0,0 +1,51 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2007.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+uc_general_category_t
+uc_general_category_and_not (uc_general_category_t category1,
+                             uc_general_category_t category2)
+{
+  uint32_t bitmask;
+  uc_general_category_t result;
+
+  bitmask = category1.bitmask & ~category2.bitmask;
+
+  if (bitmask == category1.bitmask)
+    return category1;
+
+  if (bitmask == 0)
+    return _UC_CATEGORY_NONE;
+
+  result.bitmask = bitmask;
+  result.generic = 1;
+  result.lookup.lookup_fn = &uc_is_general_category_withtable;
+  return result;
+}
diff --git a/lib/unistring/unictype/categ_byname.c b/lib/unistring/unictype/categ_byname.c
new file mode 100644
index 0000000..ecc3acb
--- /dev/null
+++ b/lib/unistring/unictype/categ_byname.c
@@ -0,0 +1,200 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2011-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+#include <stdlib.h>
+#include <string.h>
+
+/* Indices stored in the 'struct named_category' elements of the perfect hash
+   table.  We don't use uc_general_category_t values or their addresses
+   directly, because this would introduce load-time relocations.  */
+enum
+{
+  UC_CATEGORY_INDEX_L,
+  UC_CATEGORY_INDEX_LC,
+  UC_CATEGORY_INDEX_Lu,
+  UC_CATEGORY_INDEX_Ll,
+  UC_CATEGORY_INDEX_Lt,
+  UC_CATEGORY_INDEX_Lm,
+  UC_CATEGORY_INDEX_Lo,
+  UC_CATEGORY_INDEX_M,
+  UC_CATEGORY_INDEX_Mn,
+  UC_CATEGORY_INDEX_Mc,
+  UC_CATEGORY_INDEX_Me,
+  UC_CATEGORY_INDEX_N,
+  UC_CATEGORY_INDEX_Nd,
+  UC_CATEGORY_INDEX_Nl,
+  UC_CATEGORY_INDEX_No,
+  UC_CATEGORY_INDEX_P,
+  UC_CATEGORY_INDEX_Pc,
+  UC_CATEGORY_INDEX_Pd,
+  UC_CATEGORY_INDEX_Ps,
+  UC_CATEGORY_INDEX_Pe,
+  UC_CATEGORY_INDEX_Pi,
+  UC_CATEGORY_INDEX_Pf,
+  UC_CATEGORY_INDEX_Po,
+  UC_CATEGORY_INDEX_S,
+  UC_CATEGORY_INDEX_Sm,
+  UC_CATEGORY_INDEX_Sc,
+  UC_CATEGORY_INDEX_Sk,
+  UC_CATEGORY_INDEX_So,
+  UC_CATEGORY_INDEX_Z,
+  UC_CATEGORY_INDEX_Zs,
+  UC_CATEGORY_INDEX_Zl,
+  UC_CATEGORY_INDEX_Zp,
+  UC_CATEGORY_INDEX_C,
+  UC_CATEGORY_INDEX_Cc,
+  UC_CATEGORY_INDEX_Cf,
+  UC_CATEGORY_INDEX_Cs,
+  UC_CATEGORY_INDEX_Co,
+  UC_CATEGORY_INDEX_Cn
+};
+
+#include "unictype/categ_byname.h"
+
+uc_general_category_t
+uc_general_category_byname (const char *category_name)
+{
+  size_t len;
+
+  len = strlen (category_name);
+  if (len <= MAX_WORD_LENGTH)
+    {
+      char buf[MAX_WORD_LENGTH + 1];
+      const struct named_category *found;
+
+      /* Copy category_name into buf, converting '_' and '-' to ' '.  */
+      {
+        const char *p = category_name;
+        char *q = buf;
+
+        for (;; p++, q++)
+          {
+            char c = *p;
+
+            if (c == '_' || c == '-')
+              c = ' ';
+            *q = c;
+            if (c == '\0')
+              break;
+          }
+      }
+      /* Here q == buf + len.  */
+
+      /* Do a hash table lookup, with case-insensitive comparison.  */
+      found = uc_general_category_lookup (buf, len);
+      if (found != NULL)
+        /* Use a 'switch' statement here, because a table would introduce
+           load-time relocations.  */
+        switch (found->category_index)
+          {
+          case UC_CATEGORY_INDEX_L:
+            return UC_CATEGORY_L;
+          case UC_CATEGORY_INDEX_LC:
+            return UC_CATEGORY_LC;
+          case UC_CATEGORY_INDEX_Lu:
+            return UC_CATEGORY_Lu;
+          case UC_CATEGORY_INDEX_Ll:
+            return UC_CATEGORY_Ll;
+          case UC_CATEGORY_INDEX_Lt:
+            return UC_CATEGORY_Lt;
+          case UC_CATEGORY_INDEX_Lm:
+            return UC_CATEGORY_Lm;
+          case UC_CATEGORY_INDEX_Lo:
+            return UC_CATEGORY_Lo;
+          case UC_CATEGORY_INDEX_M:
+            return UC_CATEGORY_M;
+          case UC_CATEGORY_INDEX_Mn:
+            return UC_CATEGORY_Mn;
+          case UC_CATEGORY_INDEX_Mc:
+            return UC_CATEGORY_Mc;
+          case UC_CATEGORY_INDEX_Me:
+            return UC_CATEGORY_Me;
+          case UC_CATEGORY_INDEX_N:
+            return UC_CATEGORY_N;
+          case UC_CATEGORY_INDEX_Nd:
+            return UC_CATEGORY_Nd;
+          case UC_CATEGORY_INDEX_Nl:
+            return UC_CATEGORY_Nl;
+          case UC_CATEGORY_INDEX_No:
+            return UC_CATEGORY_No;
+          case UC_CATEGORY_INDEX_P:
+            return UC_CATEGORY_P;
+          case UC_CATEGORY_INDEX_Pc:
+            return UC_CATEGORY_Pc;
+          case UC_CATEGORY_INDEX_Pd:
+            return UC_CATEGORY_Pd;
+          case UC_CATEGORY_INDEX_Ps:
+            return UC_CATEGORY_Ps;
+          case UC_CATEGORY_INDEX_Pe:
+            return UC_CATEGORY_Pe;
+          case UC_CATEGORY_INDEX_Pi:
+            return UC_CATEGORY_Pi;
+          case UC_CATEGORY_INDEX_Pf:
+            return UC_CATEGORY_Pf;
+          case UC_CATEGORY_INDEX_Po:
+            return UC_CATEGORY_Po;
+          case UC_CATEGORY_INDEX_S:
+            return UC_CATEGORY_S;
+          case UC_CATEGORY_INDEX_Sm:
+            return UC_CATEGORY_Sm;
+          case UC_CATEGORY_INDEX_Sc:
+            return UC_CATEGORY_Sc;
+          case UC_CATEGORY_INDEX_Sk:
+            return UC_CATEGORY_Sk;
+          case UC_CATEGORY_INDEX_So:
+            return UC_CATEGORY_So;
+          case UC_CATEGORY_INDEX_Z:
+            return UC_CATEGORY_Z;
+          case UC_CATEGORY_INDEX_Zs:
+            return UC_CATEGORY_Zs;
+          case UC_CATEGORY_INDEX_Zl:
+            return UC_CATEGORY_Zl;
+          case UC_CATEGORY_INDEX_Zp:
+            return UC_CATEGORY_Zp;
+          case UC_CATEGORY_INDEX_C:
+            return UC_CATEGORY_C;
+          case UC_CATEGORY_INDEX_Cc:
+            return UC_CATEGORY_Cc;
+          case UC_CATEGORY_INDEX_Cf:
+            return UC_CATEGORY_Cf;
+          case UC_CATEGORY_INDEX_Cs:
+            return UC_CATEGORY_Cs;
+          case UC_CATEGORY_INDEX_Co:
+            return UC_CATEGORY_Co;
+          case UC_CATEGORY_INDEX_Cn:
+            return UC_CATEGORY_Cn;
+          default:
+            abort ();
+          }
+    }
+  /* Invalid category name.  */
+  return _UC_CATEGORY_NONE;
+}
diff --git a/lib/unistring/unictype/categ_byname.gperf b/lib/unistring/unictype/categ_byname.gperf
new file mode 100644
index 0000000..54d1996
--- /dev/null
+++ b/lib/unistring/unictype/categ_byname.gperf
@@ -0,0 +1,116 @@
+/* Categories of Unicode characters.  */
+struct named_category { int name; unsigned int category_index; };
+%struct-type
+%ignore-case
+%language=ANSI-C
+%define hash-function-name general_category_hash
+%define lookup-function-name uc_general_category_lookup
+%readonly-tables
+%global-table
+%define word-array-name general_category_names
+%pic
+%define string-pool-name general_category_stringpool
+%%
+L, UC_CATEGORY_INDEX_L
+LC, UC_CATEGORY_INDEX_LC
+Lu, UC_CATEGORY_INDEX_Lu
+Ll, UC_CATEGORY_INDEX_Ll
+Lt, UC_CATEGORY_INDEX_Lt
+Lm, UC_CATEGORY_INDEX_Lm
+Lo, UC_CATEGORY_INDEX_Lo
+M, UC_CATEGORY_INDEX_M
+Mn, UC_CATEGORY_INDEX_Mn
+Mc, UC_CATEGORY_INDEX_Mc
+Me, UC_CATEGORY_INDEX_Me
+N, UC_CATEGORY_INDEX_N
+Nd, UC_CATEGORY_INDEX_Nd
+Nl, UC_CATEGORY_INDEX_Nl
+No, UC_CATEGORY_INDEX_No
+P, UC_CATEGORY_INDEX_P
+Pc, UC_CATEGORY_INDEX_Pc
+Pd, UC_CATEGORY_INDEX_Pd
+Ps, UC_CATEGORY_INDEX_Ps
+Pe, UC_CATEGORY_INDEX_Pe
+Pi, UC_CATEGORY_INDEX_Pi
+Pf, UC_CATEGORY_INDEX_Pf
+Po, UC_CATEGORY_INDEX_Po
+S, UC_CATEGORY_INDEX_S
+Sm, UC_CATEGORY_INDEX_Sm
+Sc, UC_CATEGORY_INDEX_Sc
+Sk, UC_CATEGORY_INDEX_Sk
+So, UC_CATEGORY_INDEX_So
+Z, UC_CATEGORY_INDEX_Z
+Zs, UC_CATEGORY_INDEX_Zs
+Zl, UC_CATEGORY_INDEX_Zl
+Zp, UC_CATEGORY_INDEX_Zp
+C, UC_CATEGORY_INDEX_C
+Cc, UC_CATEGORY_INDEX_Cc
+Cf, UC_CATEGORY_INDEX_Cf
+Cs, UC_CATEGORY_INDEX_Cs
+Co, UC_CATEGORY_INDEX_Co
+Cn, UC_CATEGORY_INDEX_Cn
+Letter, UC_CATEGORY_INDEX_L
+Cased Letter, UC_CATEGORY_INDEX_LC
+CasedLetter, UC_CATEGORY_INDEX_LC
+Uppercase Letter, UC_CATEGORY_INDEX_Lu
+UppercaseLetter, UC_CATEGORY_INDEX_Lu
+Lowercase Letter, UC_CATEGORY_INDEX_Ll
+LowercaseLetter, UC_CATEGORY_INDEX_Ll
+Titlecase Letter, UC_CATEGORY_INDEX_Lt
+TitlecaseLetter, UC_CATEGORY_INDEX_Lt
+Modifier Letter, UC_CATEGORY_INDEX_Lm
+ModifierLetter, UC_CATEGORY_INDEX_Lm
+Other Letter, UC_CATEGORY_INDEX_Lo
+OtherLetter, UC_CATEGORY_INDEX_Lo
+Mark, UC_CATEGORY_INDEX_M
+Nonspacing Mark, UC_CATEGORY_INDEX_Mn
+NonspacingMark, UC_CATEGORY_INDEX_Mn
+Spacing Mark, UC_CATEGORY_INDEX_Mc
+SpacingMark, UC_CATEGORY_INDEX_Mc
+Enclosing Mark, UC_CATEGORY_INDEX_Me
+EnclosingMark, UC_CATEGORY_INDEX_Me
+Number, UC_CATEGORY_INDEX_N
+Decimal Number, UC_CATEGORY_INDEX_Nd
+DecimalNumber, UC_CATEGORY_INDEX_Nd
+Letter Number, UC_CATEGORY_INDEX_Nl
+LetterNumber, UC_CATEGORY_INDEX_Nl
+Other Number, UC_CATEGORY_INDEX_No
+OtherNumber, UC_CATEGORY_INDEX_No
+Punctuation, UC_CATEGORY_INDEX_P
+Connector Punctuation, UC_CATEGORY_INDEX_Pc
+ConnectorPunctuation, UC_CATEGORY_INDEX_Pc
+Dash Punctuation, UC_CATEGORY_INDEX_Pd
+DashPunctuation, UC_CATEGORY_INDEX_Pd
+Open Punctuation, UC_CATEGORY_INDEX_Ps
+OpenPunctuation, UC_CATEGORY_INDEX_Ps
+Close Punctuation, UC_CATEGORY_INDEX_Pe
+ClosePunctuation, UC_CATEGORY_INDEX_Pe
+Initial Punctuation, UC_CATEGORY_INDEX_Pi
+InitialPunctuation, UC_CATEGORY_INDEX_Pi
+Final Punctuation, UC_CATEGORY_INDEX_Pf
+FinalPunctuation, UC_CATEGORY_INDEX_Pf
+Other Punctuation, UC_CATEGORY_INDEX_Po
+OtherPunctuation, UC_CATEGORY_INDEX_Po
+Symbol, UC_CATEGORY_INDEX_S
+Math Symbol, UC_CATEGORY_INDEX_Sm
+MathSymbol, UC_CATEGORY_INDEX_Sm
+Currency Symbol, UC_CATEGORY_INDEX_Sc
+CurrencySymbol, UC_CATEGORY_INDEX_Sc
+Modifier Symbol, UC_CATEGORY_INDEX_Sk
+ModifierSymbol, UC_CATEGORY_INDEX_Sk
+Other Symbol, UC_CATEGORY_INDEX_So
+OtherSymbol, UC_CATEGORY_INDEX_So
+Separator, UC_CATEGORY_INDEX_Z
+Space Separator, UC_CATEGORY_INDEX_Zs
+SpaceSeparator, UC_CATEGORY_INDEX_Zs
+Line Separator, UC_CATEGORY_INDEX_Zl
+LineSeparator, UC_CATEGORY_INDEX_Zl
+Paragraph Separator, UC_CATEGORY_INDEX_Zp
+ParagraphSeparator, UC_CATEGORY_INDEX_Zp
+Other, UC_CATEGORY_INDEX_C
+Control, UC_CATEGORY_INDEX_Cc
+Format, UC_CATEGORY_INDEX_Cf
+Surrogate, UC_CATEGORY_INDEX_Cs
+Private Use, UC_CATEGORY_INDEX_Co
+PrivateUse, UC_CATEGORY_INDEX_Co
+Unassigned, UC_CATEGORY_INDEX_Cn
diff --git a/lib/unistring/unictype/categ_byname.h b/lib/unistring/unictype/categ_byname.h
new file mode 100644
index 0000000..1f28a13
--- /dev/null
+++ b/lib/unistring/unictype/categ_byname.h
@@ -0,0 +1,616 @@
+/* ANSI-C code produced by gperf version 3.1 */
+/* Command-line: gperf -m 10 ./unictype/categ_byname.gperf  */
+/* Computed positions: -k'1-2,7,$' */
+
+#if !((' ' == 32) && ('!' == 33) && ('"' == 34) && ('#' == 35) \
+      && ('%' == 37) && ('&' == 38) && ('\'' == 39) && ('(' == 40) \
+      && (')' == 41) && ('*' == 42) && ('+' == 43) && (',' == 44) \
+      && ('-' == 45) && ('.' == 46) && ('/' == 47) && ('0' == 48) \
+      && ('1' == 49) && ('2' == 50) && ('3' == 51) && ('4' == 52) \
+      && ('5' == 53) && ('6' == 54) && ('7' == 55) && ('8' == 56) \
+      && ('9' == 57) && (':' == 58) && (';' == 59) && ('<' == 60) \
+      && ('=' == 61) && ('>' == 62) && ('?' == 63) && ('A' == 65) \
+      && ('B' == 66) && ('C' == 67) && ('D' == 68) && ('E' == 69) \
+      && ('F' == 70) && ('G' == 71) && ('H' == 72) && ('I' == 73) \
+      && ('J' == 74) && ('K' == 75) && ('L' == 76) && ('M' == 77) \
+      && ('N' == 78) && ('O' == 79) && ('P' == 80) && ('Q' == 81) \
+      && ('R' == 82) && ('S' == 83) && ('T' == 84) && ('U' == 85) \
+      && ('V' == 86) && ('W' == 87) && ('X' == 88) && ('Y' == 89) \
+      && ('Z' == 90) && ('[' == 91) && ('\\' == 92) && (']' == 93) \
+      && ('^' == 94) && ('_' == 95) && ('a' == 97) && ('b' == 98) \
+      && ('c' == 99) && ('d' == 100) && ('e' == 101) && ('f' == 102) \
+      && ('g' == 103) && ('h' == 104) && ('i' == 105) && ('j' == 106) \
+      && ('k' == 107) && ('l' == 108) && ('m' == 109) && ('n' == 110) \
+      && ('o' == 111) && ('p' == 112) && ('q' == 113) && ('r' == 114) \
+      && ('s' == 115) && ('t' == 116) && ('u' == 117) && ('v' == 118) \
+      && ('w' == 119) && ('x' == 120) && ('y' == 121) && ('z' == 122) \
+      && ('{' == 123) && ('|' == 124) && ('}' == 125) && ('~' == 126))
+/* The character set is not based on ISO-646.  */
+#error "gperf generated tables don't work with this execution character set. Please report a bug to <bug-gperf@gnu.org>."
+#endif
+
+#line 2 "./unictype/categ_byname.gperf"
+struct named_category { int name; unsigned int category_index; };
+
+#define TOTAL_KEYWORDS 103
+#define MIN_WORD_LENGTH 1
+#define MAX_WORD_LENGTH 21
+#define MIN_HASH_VALUE 1
+#define MAX_HASH_VALUE 150
+/* maximum key range = 150, duplicates = 0 */
+
+#ifndef GPERF_DOWNCASE
+#define GPERF_DOWNCASE 1
+static unsigned char gperf_downcase[256] =
+  {
+      0,   1,   2,   3,   4,   5,   6,   7,   8,   9,  10,  11,  12,  13,  14,
+     15,  16,  17,  18,  19,  20,  21,  22,  23,  24,  25,  26,  27,  28,  29,
+     30,  31,  32,  33,  34,  35,  36,  37,  38,  39,  40,  41,  42,  43,  44,
+     45,  46,  47,  48,  49,  50,  51,  52,  53,  54,  55,  56,  57,  58,  59,
+     60,  61,  62,  63,  64,  97,  98,  99, 100, 101, 102, 103, 104, 105, 106,
+    107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121,
+    122,  91,  92,  93,  94,  95,  96,  97,  98,  99, 100, 101, 102, 103, 104,
+    105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119,
+    120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134,
+    135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149,
+    150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164,
+    165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179,
+    180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, 194,
+    195, 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, 207, 208, 209,
+    210, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 222, 223, 224,
+    225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237, 238, 239,
+    240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, 254,
+    255
+  };
+#endif
+
+#ifndef GPERF_CASE_STRCMP
+#define GPERF_CASE_STRCMP 1
+static int
+gperf_case_strcmp (register const char *s1, register const char *s2)
+{
+  for (;;)
+    {
+      unsigned char c1 = gperf_downcase[(unsigned char)*s1++];
+      unsigned char c2 = gperf_downcase[(unsigned char)*s2++];
+      if (c1 != 0 && c1 == c2)
+        continue;
+      return (int)c1 - (int)c2;
+    }
+}
+#endif
+
+#ifdef __GNUC__
+__inline
+#else
+#ifdef __cplusplus
+inline
+#endif
+#endif
+static unsigned int
+general_category_hash (register const char *str, register size_t len)
+{
+  static const unsigned char asso_values[] =
+    {
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151,   1, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151,  16, 151,   1,  66,  21,
+        9,  25, 151,  62, 151,  49,   0,  51,   4,   7,
+        6, 151,  25,  42,   5,   8, 151, 151, 151,   0,
+       45, 151, 151, 151, 151, 151, 151,  16, 151,   1,
+       66,  21,   9,  25, 151,  62, 151,  49,   0,  51,
+        4,   7,   6, 151,  25,  42,   5,   8, 151, 151,
+      151,   0,  45, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151, 151, 151, 151, 151,
+      151, 151, 151, 151, 151, 151
+    };
+  register unsigned int hval = len;
+
+  switch (hval)
+    {
+      default:
+        hval += asso_values[(unsigned char)str[6]];
+      /*FALLTHROUGH*/
+      case 6:
+      case 5:
+      case 4:
+      case 3:
+      case 2:
+        hval += asso_values[(unsigned char)str[1]];
+      /*FALLTHROUGH*/
+      case 1:
+        hval += asso_values[(unsigned char)str[0]];
+        break;
+    }
+  return hval + asso_values[(unsigned char)str[len - 1]];
+}
+
+struct general_category_stringpool_t
+  {
+    char general_category_stringpool_str1[sizeof("L")];
+    char general_category_stringpool_str2[sizeof("Ll")];
+    char general_category_stringpool_str3[sizeof("C")];
+    char general_category_stringpool_str4[sizeof("LC")];
+    char general_category_stringpool_str5[sizeof("Cc")];
+    char general_category_stringpool_str6[sizeof("Nl")];
+    char general_category_stringpool_str9[sizeof("N")];
+    char general_category_stringpool_str10[sizeof("Pc")];
+    char general_category_stringpool_str11[sizeof("Cn")];
+    char general_category_stringpool_str12[sizeof("Lt")];
+    char general_category_stringpool_str13[sizeof("P")];
+    char general_category_stringpool_str15[sizeof("Control")];
+    char general_category_stringpool_str16[sizeof("Lo")];
+    char general_category_stringpool_str17[sizeof("Co")];
+    char general_category_stringpool_str18[sizeof("Lu")];
+    char general_category_stringpool_str20[sizeof("No")];
+    char general_category_stringpool_str21[sizeof("Cf")];
+    char general_category_stringpool_str22[sizeof("Po")];
+    char general_category_stringpool_str23[sizeof("OtherSymbol")];
+    char general_category_stringpool_str24[sizeof("CurrencySymbol")];
+    char general_category_stringpool_str25[sizeof("Currency Symbol")];
+    char general_category_stringpool_str26[sizeof("Pf")];
+    char general_category_stringpool_str27[sizeof("Format")];
+    char general_category_stringpool_str28[sizeof("Close Punctuation")];
+    char general_category_stringpool_str29[sizeof("ClosePunctuation")];
+    char general_category_stringpool_str36[sizeof("OpenPunctuation")];
+    char general_category_stringpool_str37[sizeof("ConnectorPunctuation")];
+    char general_category_stringpool_str38[sizeof("Connector Punctuation")];
+    char general_category_stringpool_str39[sizeof("Other Punctuation")];
+    char general_category_stringpool_str40[sizeof("OtherPunctuation")];
+    char general_category_stringpool_str41[sizeof("Open Punctuation")];
+    char general_category_stringpool_str42[sizeof("Other")];
+    char general_category_stringpool_str43[sizeof("Number")];
+    char general_category_stringpool_str45[sizeof("Punctuation")];
+    char general_category_stringpool_str46[sizeof("Sc")];
+    char general_category_stringpool_str47[sizeof("Zl")];
+    char general_category_stringpool_str48[sizeof("Symbol")];
+    char general_category_stringpool_str49[sizeof("Other Letter")];
+    char general_category_stringpool_str50[sizeof("Pe")];
+    char general_category_stringpool_str52[sizeof("Letter")];
+    char general_category_stringpool_str53[sizeof("Other Number")];
+    char general_category_stringpool_str54[sizeof("Cased Letter")];
+    char general_category_stringpool_str55[sizeof("Mc")];
+    char general_category_stringpool_str56[sizeof("OtherNumber")];
+    char general_category_stringpool_str58[sizeof("So")];
+    char general_category_stringpool_str59[sizeof("Zp")];
+    char general_category_stringpool_str60[sizeof("Letter Number")];
+    char general_category_stringpool_str61[sizeof("Mn")];
+    char general_category_stringpool_str62[sizeof("LetterNumber")];
+    char general_category_stringpool_str63[sizeof("LowercaseLetter")];
+    char general_category_stringpool_str64[sizeof("Lowercase Letter")];
+    char general_category_stringpool_str66[sizeof("Other Symbol")];
+    char general_category_stringpool_str69[sizeof("OtherLetter")];
+    char general_category_stringpool_str70[sizeof("UppercaseLetter")];
+    char general_category_stringpool_str71[sizeof("Uppercase Letter")];
+    char general_category_stringpool_str74[sizeof("CasedLetter")];
+    char general_category_stringpool_str75[sizeof("NonspacingMark")];
+    char general_category_stringpool_str76[sizeof("Nonspacing Mark")];
+    char general_category_stringpool_str78[sizeof("Math Symbol")];
+    char general_category_stringpool_str81[sizeof("ParagraphSeparator")];
+    char general_category_stringpool_str82[sizeof("Paragraph Separator")];
+    char general_category_stringpool_str83[sizeof("PrivateUse")];
+    char general_category_stringpool_str84[sizeof("Private Use")];
+    char general_category_stringpool_str85[sizeof("S")];
+    char general_category_stringpool_str87[sizeof("Cs")];
+    char general_category_stringpool_str88[sizeof("InitialPunctuation")];
+    char general_category_stringpool_str89[sizeof("Initial Punctuation")];
+    char general_category_stringpool_str91[sizeof("Z")];
+    char general_category_stringpool_str92[sizeof("Ps")];
+    char general_category_stringpool_str93[sizeof("ModifierSymbol")];
+    char general_category_stringpool_str94[sizeof("Modifier Symbol")];
+    char general_category_stringpool_str95[sizeof("Me")];
+    char general_category_stringpool_str96[sizeof("Surrogate")];
+    char general_category_stringpool_str98[sizeof("Final Punctuation")];
+    char general_category_stringpool_str99[sizeof("FinalPunctuation")];
+    char general_category_stringpool_str102[sizeof("Separator")];
+    char general_category_stringpool_str103[sizeof("M")];
+    char general_category_stringpool_str104[sizeof("Lm")];
+    char general_category_stringpool_str105[sizeof("DashPunctuation")];
+    char general_category_stringpool_str106[sizeof("LineSeparator")];
+    char general_category_stringpool_str108[sizeof("SpaceSeparator")];
+    char general_category_stringpool_str110[sizeof("Dash Punctuation")];
+    char general_category_stringpool_str113[sizeof("Unassigned")];
+    char general_category_stringpool_str118[sizeof("ModifierLetter")];
+    char general_category_stringpool_str119[sizeof("Modifier Letter")];
+    char general_category_stringpool_str120[sizeof("Mark")];
+    char general_category_stringpool_str122[sizeof("Line Separator")];
+    char general_category_stringpool_str123[sizeof("TitlecaseLetter")];
+    char general_category_stringpool_str124[sizeof("Titlecase Letter")];
+    char general_category_stringpool_str125[sizeof("DecimalNumber")];
+    char general_category_stringpool_str126[sizeof("Decimal Number")];
+    char general_category_stringpool_str128[sizeof("MathSymbol")];
+    char general_category_stringpool_str130[sizeof("Space Separator")];
+    char general_category_stringpool_str131[sizeof("Zs")];
+    char general_category_stringpool_str132[sizeof("Pi")];
+    char general_category_stringpool_str133[sizeof("SpacingMark")];
+    char general_category_stringpool_str134[sizeof("Spacing Mark")];
+    char general_category_stringpool_str138[sizeof("Nd")];
+    char general_category_stringpool_str140[sizeof("Pd")];
+    char general_category_stringpool_str142[sizeof("Sk")];
+    char general_category_stringpool_str146[sizeof("Sm")];
+    char general_category_stringpool_str149[sizeof("EnclosingMark")];
+    char general_category_stringpool_str150[sizeof("Enclosing Mark")];
+  };
+static const struct general_category_stringpool_t general_category_stringpool_contents =
+  {
+    "L",
+    "Ll",
+    "C",
+    "LC",
+    "Cc",
+    "Nl",
+    "N",
+    "Pc",
+    "Cn",
+    "Lt",
+    "P",
+    "Control",
+    "Lo",
+    "Co",
+    "Lu",
+    "No",
+    "Cf",
+    "Po",
+    "OtherSymbol",
+    "CurrencySymbol",
+    "Currency Symbol",
+    "Pf",
+    "Format",
+    "Close Punctuation",
+    "ClosePunctuation",
+    "OpenPunctuation",
+    "ConnectorPunctuation",
+    "Connector Punctuation",
+    "Other Punctuation",
+    "OtherPunctuation",
+    "Open Punctuation",
+    "Other",
+    "Number",
+    "Punctuation",
+    "Sc",
+    "Zl",
+    "Symbol",
+    "Other Letter",
+    "Pe",
+    "Letter",
+    "Other Number",
+    "Cased Letter",
+    "Mc",
+    "OtherNumber",
+    "So",
+    "Zp",
+    "Letter Number",
+    "Mn",
+    "LetterNumber",
+    "LowercaseLetter",
+    "Lowercase Letter",
+    "Other Symbol",
+    "OtherLetter",
+    "UppercaseLetter",
+    "Uppercase Letter",
+    "CasedLetter",
+    "NonspacingMark",
+    "Nonspacing Mark",
+    "Math Symbol",
+    "ParagraphSeparator",
+    "Paragraph Separator",
+    "PrivateUse",
+    "Private Use",
+    "S",
+    "Cs",
+    "InitialPunctuation",
+    "Initial Punctuation",
+    "Z",
+    "Ps",
+    "ModifierSymbol",
+    "Modifier Symbol",
+    "Me",
+    "Surrogate",
+    "Final Punctuation",
+    "FinalPunctuation",
+    "Separator",
+    "M",
+    "Lm",
+    "DashPunctuation",
+    "LineSeparator",
+    "SpaceSeparator",
+    "Dash Punctuation",
+    "Unassigned",
+    "ModifierLetter",
+    "Modifier Letter",
+    "Mark",
+    "Line Separator",
+    "TitlecaseLetter",
+    "Titlecase Letter",
+    "DecimalNumber",
+    "Decimal Number",
+    "MathSymbol",
+    "Space Separator",
+    "Zs",
+    "Pi",
+    "SpacingMark",
+    "Spacing Mark",
+    "Nd",
+    "Pd",
+    "Sk",
+    "Sm",
+    "EnclosingMark",
+    "Enclosing Mark"
+  };
+#define general_category_stringpool ((const char *) &general_category_stringpool_contents)
+
+static const struct named_category general_category_names[] =
+  {
+    {-1},
+#line 14 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str1, UC_CATEGORY_INDEX_L},
+#line 17 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str2, UC_CATEGORY_INDEX_Ll},
+#line 46 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str3, UC_CATEGORY_INDEX_C},
+#line 15 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str4, UC_CATEGORY_INDEX_LC},
+#line 47 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str5, UC_CATEGORY_INDEX_Cc},
+#line 27 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str6, UC_CATEGORY_INDEX_Nl},
+    {-1}, {-1},
+#line 25 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str9, UC_CATEGORY_INDEX_N},
+#line 30 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str10, UC_CATEGORY_INDEX_Pc},
+#line 51 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str11, UC_CATEGORY_INDEX_Cn},
+#line 18 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str12, UC_CATEGORY_INDEX_Lt},
+#line 29 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str13, UC_CATEGORY_INDEX_P},
+    {-1},
+#line 111 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str15, UC_CATEGORY_INDEX_Cc},
+#line 20 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str16, UC_CATEGORY_INDEX_Lo},
+#line 50 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str17, UC_CATEGORY_INDEX_Co},
+#line 16 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str18, UC_CATEGORY_INDEX_Lu},
+    {-1},
+#line 28 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str20, UC_CATEGORY_INDEX_No},
+#line 48 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str21, UC_CATEGORY_INDEX_Cf},
+#line 36 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str22, UC_CATEGORY_INDEX_Po},
+#line 102 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str23, UC_CATEGORY_INDEX_So},
+#line 98 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str24, UC_CATEGORY_INDEX_Sc},
+#line 97 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str25, UC_CATEGORY_INDEX_Sc},
+#line 35 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str26, UC_CATEGORY_INDEX_Pf},
+#line 112 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str27, UC_CATEGORY_INDEX_Cf},
+#line 86 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str28, UC_CATEGORY_INDEX_Pe},
+#line 87 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str29, UC_CATEGORY_INDEX_Pe},
+    {-1}, {-1}, {-1}, {-1}, {-1}, {-1},
+#line 85 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str36, UC_CATEGORY_INDEX_Ps},
+#line 81 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str37, UC_CATEGORY_INDEX_Pc},
+#line 80 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str38, UC_CATEGORY_INDEX_Pc},
+#line 92 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str39, UC_CATEGORY_INDEX_Po},
+#line 93 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str40, UC_CATEGORY_INDEX_Po},
+#line 84 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str41, UC_CATEGORY_INDEX_Ps},
+#line 110 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str42, UC_CATEGORY_INDEX_C},
+#line 72 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str43, UC_CATEGORY_INDEX_N},
+    {-1},
+#line 79 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str45, UC_CATEGORY_INDEX_P},
+#line 39 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str46, UC_CATEGORY_INDEX_Sc},
+#line 44 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str47, UC_CATEGORY_INDEX_Zl},
+#line 94 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str48, UC_CATEGORY_INDEX_S},
+#line 63 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str49, UC_CATEGORY_INDEX_Lo},
+#line 33 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str50, UC_CATEGORY_INDEX_Pe},
+    {-1},
+#line 52 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str52, UC_CATEGORY_INDEX_L},
+#line 77 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str53, UC_CATEGORY_INDEX_No},
+#line 53 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str54, UC_CATEGORY_INDEX_LC},
+#line 23 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str55, UC_CATEGORY_INDEX_Mc},
+#line 78 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str56, UC_CATEGORY_INDEX_No},
+    {-1},
+#line 41 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str58, UC_CATEGORY_INDEX_So},
+#line 45 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str59, UC_CATEGORY_INDEX_Zp},
+#line 75 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str60, UC_CATEGORY_INDEX_Nl},
+#line 22 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str61, UC_CATEGORY_INDEX_Mn},
+#line 76 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str62, UC_CATEGORY_INDEX_Nl},
+#line 58 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str63, UC_CATEGORY_INDEX_Ll},
+#line 57 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str64, UC_CATEGORY_INDEX_Ll},
+    {-1},
+#line 101 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str66, UC_CATEGORY_INDEX_So},
+    {-1}, {-1},
+#line 64 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str69, UC_CATEGORY_INDEX_Lo},
+#line 56 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str70, UC_CATEGORY_INDEX_Lu},
+#line 55 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str71, UC_CATEGORY_INDEX_Lu},
+    {-1}, {-1},
+#line 54 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str74, UC_CATEGORY_INDEX_LC},
+#line 67 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str75, UC_CATEGORY_INDEX_Mn},
+#line 66 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str76, UC_CATEGORY_INDEX_Mn},
+    {-1},
+#line 95 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str78, UC_CATEGORY_INDEX_Sm},
+    {-1}, {-1},
+#line 109 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str81, UC_CATEGORY_INDEX_Zp},
+#line 108 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str82, UC_CATEGORY_INDEX_Zp},
+#line 115 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str83, UC_CATEGORY_INDEX_Co},
+#line 114 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str84, UC_CATEGORY_INDEX_Co},
+#line 37 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str85, UC_CATEGORY_INDEX_S},
+    {-1},
+#line 49 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str87, UC_CATEGORY_INDEX_Cs},
+#line 89 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str88, UC_CATEGORY_INDEX_Pi},
+#line 88 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str89, UC_CATEGORY_INDEX_Pi},
+    {-1},
+#line 42 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str91, UC_CATEGORY_INDEX_Z},
+#line 32 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str92, UC_CATEGORY_INDEX_Ps},
+#line 100 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str93, UC_CATEGORY_INDEX_Sk},
+#line 99 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str94, UC_CATEGORY_INDEX_Sk},
+#line 24 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str95, UC_CATEGORY_INDEX_Me},
+#line 113 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str96, UC_CATEGORY_INDEX_Cs},
+    {-1},
+#line 90 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str98, UC_CATEGORY_INDEX_Pf},
+#line 91 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str99, UC_CATEGORY_INDEX_Pf},
+    {-1}, {-1},
+#line 103 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str102, UC_CATEGORY_INDEX_Z},
+#line 21 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str103, UC_CATEGORY_INDEX_M},
+#line 19 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str104, UC_CATEGORY_INDEX_Lm},
+#line 83 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str105, UC_CATEGORY_INDEX_Pd},
+#line 107 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str106, UC_CATEGORY_INDEX_Zl},
+    {-1},
+#line 105 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str108, UC_CATEGORY_INDEX_Zs},
+    {-1},
+#line 82 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str110, UC_CATEGORY_INDEX_Pd},
+    {-1}, {-1},
+#line 116 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str113, UC_CATEGORY_INDEX_Cn},
+    {-1}, {-1}, {-1}, {-1},
+#line 62 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str118, UC_CATEGORY_INDEX_Lm},
+#line 61 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str119, UC_CATEGORY_INDEX_Lm},
+#line 65 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str120, UC_CATEGORY_INDEX_M},
+    {-1},
+#line 106 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str122, UC_CATEGORY_INDEX_Zl},
+#line 60 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str123, UC_CATEGORY_INDEX_Lt},
+#line 59 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str124, UC_CATEGORY_INDEX_Lt},
+#line 74 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str125, UC_CATEGORY_INDEX_Nd},
+#line 73 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str126, UC_CATEGORY_INDEX_Nd},
+    {-1},
+#line 96 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str128, UC_CATEGORY_INDEX_Sm},
+    {-1},
+#line 104 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str130, UC_CATEGORY_INDEX_Zs},
+#line 43 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str131, UC_CATEGORY_INDEX_Zs},
+#line 34 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str132, UC_CATEGORY_INDEX_Pi},
+#line 69 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str133, UC_CATEGORY_INDEX_Mc},
+#line 68 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str134, UC_CATEGORY_INDEX_Mc},
+    {-1}, {-1}, {-1},
+#line 26 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str138, UC_CATEGORY_INDEX_Nd},
+    {-1},
+#line 31 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str140, UC_CATEGORY_INDEX_Pd},
+    {-1},
+#line 40 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str142, UC_CATEGORY_INDEX_Sk},
+    {-1}, {-1}, {-1},
+#line 38 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str146, UC_CATEGORY_INDEX_Sm},
+    {-1}, {-1},
+#line 71 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str149, UC_CATEGORY_INDEX_Me},
+#line 70 "./unictype/categ_byname.gperf"
+    {(int)(size_t)&((struct general_category_stringpool_t *)0)->general_category_stringpool_str150, UC_CATEGORY_INDEX_Me}
+  };
+
+static const struct named_category *
+uc_general_category_lookup (register const char *str, register size_t len)
+{
+  if (len <= MAX_WORD_LENGTH && len >= MIN_WORD_LENGTH)
+    {
+      register unsigned int key = general_category_hash (str, len);
+
+      if (key <= MAX_HASH_VALUE)
+        {
+          register int o = general_category_names[key].name;
+          if (o >= 0)
+            {
+              register const char *s = o + general_category_stringpool;
+
+              if ((((unsigned char)*str ^ (unsigned char)*s) & ~32) == 0 && !gperf_case_strcmp (str, s))
+                return &general_category_names[key];
+            }
+        }
+    }
+  return 0;
+}
diff --git a/lib/unistring/unictype/categ_longname.c b/lib/unistring/unictype/categ_longname.c
new file mode 100644
index 0000000..9dbc9cb
--- /dev/null
+++ b/lib/unistring/unictype/categ_longname.c
@@ -0,0 +1,115 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2011-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2011.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+static const char u_category_long_name[30][22] =
+{
+  "Uppercase Letter",
+  "Lowercase Letter",
+  "Titlecase Letter",
+  "Modifier Letter",
+  "Other Letter",
+  "Nonspacing Mark",
+  "Spacing Mark",
+  "Enclosing Mark",
+  "Decimal Number",
+  "Letter Number",
+  "Other Number",
+  "Connector Punctuation",
+  "Dash Punctuation",
+  "Open Punctuation",
+  "Close Punctuation",
+  "Initial Punctuation",
+  "Final Punctuation",
+  "Other Punctuation",
+  "Math Symbol",
+  "Currency Symbol",
+  "Modifier Symbol",
+  "Other Symbol",
+  "Space Separator",
+  "Line Separator",
+  "Paragraph Separator",
+  "Control",
+  "Format",
+  "Surrogate",
+  "Private Use",
+  "Unassigned"
+};
+
+const char *
+uc_general_category_long_name (uc_general_category_t category)
+{
+  uint32_t bitmask = category.bitmask;
+  /* bitmask should consist of a single bit.  */
+  if (bitmask != 0)
+    {
+      if ((bitmask & (bitmask - 1)) == 0)
+        {
+          int bit;
+          /* Take log2 using a variant of Robert Harley's method.
+             Found by Bruno Haible 1996.  */
+          uint32_t n = bitmask;
+          static const char ord2_tab[64] =
+            {
+              -1,  0,  1, 12,  2,  6, -1, 13,  3, -1,  7, -1, -1, -1, -1, 14,
+              10,  4, -1, -1,  8, -1, -1, 25, -1, -1, -1, -1, -1, 21, 27, 15,
+              31, 11,  5, -1, -1, -1, -1, -1,  9, -1, -1, 24, -1, -1, 20, 26,
+              30, -1, -1, -1, -1, 23, -1, 19, 29, -1, 22, 18, 28, 17, 16, -1
+            };
+          n += n << 4;
+          n += n << 6;
+          n = (n << 16) - n;
+          bit = ord2_tab[n >> 26];
+
+          if (bit < sizeof (u_category_long_name) / sizeof (u_category_long_name[0]))
+            return u_category_long_name[bit];
+        }
+      else
+        {
+          if (bitmask == UC_CATEGORY_MASK_L)
+            return "Letter";
+          if (bitmask == UC_CATEGORY_MASK_LC)
+            return "Cased Letter";
+          if (bitmask == UC_CATEGORY_MASK_M)
+            return "Mark";
+          if (bitmask == UC_CATEGORY_MASK_N)
+            return "Number";
+          if (bitmask == UC_CATEGORY_MASK_P)
+            return "Punctuation";
+          if (bitmask == UC_CATEGORY_MASK_S)
+            return "Symbol";
+          if (bitmask == UC_CATEGORY_MASK_Z)
+            return "Separator";
+          if (bitmask == UC_CATEGORY_MASK_C)
+            return "Other";
+        }
+    }
+  return NULL;
+}
diff --git a/lib/unistring/unictype/categ_name.c b/lib/unistring/unictype/categ_name.c
new file mode 100644
index 0000000..be512c5
--- /dev/null
+++ b/lib/unistring/unictype/categ_name.c
@@ -0,0 +1,88 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2011-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+static const char u_category_name[30][3] =
+{
+  "Lu", "Ll", "Lt", "Lm", "Lo", "Mn", "Mc", "Me", "Nd", "Nl",
+  "No", "Pc", "Pd", "Ps", "Pe", "Pi", "Pf", "Po", "Sm", "Sc",
+  "Sk", "So", "Zs", "Zl", "Zp", "Cc", "Cf", "Cs", "Co", "Cn"
+};
+
+const char *
+uc_general_category_name (uc_general_category_t category)
+{
+  uint32_t bitmask = category.bitmask;
+  /* bitmask should consist of a single bit.  */
+  if (bitmask != 0)
+    {
+      if ((bitmask & (bitmask - 1)) == 0)
+        {
+          int bit;
+          /* Take log2 using a variant of Robert Harley's method.
+             Found by Bruno Haible 1996.  */
+          uint32_t n = bitmask;
+          static const char ord2_tab[64] =
+            {
+              -1,  0,  1, 12,  2,  6, -1, 13,  3, -1,  7, -1, -1, -1, -1, 14,
+              10,  4, -1, -1,  8, -1, -1, 25, -1, -1, -1, -1, -1, 21, 27, 15,
+              31, 11,  5, -1, -1, -1, -1, -1,  9, -1, -1, 24, -1, -1, 20, 26,
+              30, -1, -1, -1, -1, 23, -1, 19, 29, -1, 22, 18, 28, 17, 16, -1
+            };
+          n += n << 4;
+          n += n << 6;
+          n = (n << 16) - n;
+          bit = ord2_tab[n >> 26];
+
+          if (bit < sizeof (u_category_name) / sizeof (u_category_name[0]))
+            return u_category_name[bit];
+        }
+      else
+        {
+          if (bitmask == UC_CATEGORY_MASK_L)
+            return "L";
+          if (bitmask == UC_CATEGORY_MASK_LC)
+            return "LC";
+          if (bitmask == UC_CATEGORY_MASK_M)
+            return "M";
+          if (bitmask == UC_CATEGORY_MASK_N)
+            return "N";
+          if (bitmask == UC_CATEGORY_MASK_P)
+            return "P";
+          if (bitmask == UC_CATEGORY_MASK_S)
+            return "S";
+          if (bitmask == UC_CATEGORY_MASK_Z)
+            return "Z";
+          if (bitmask == UC_CATEGORY_MASK_C)
+            return "C";
+        }
+    }
+  return NULL;
+}
diff --git a/lib/unistring/unictype/categ_none.c b/lib/unistring/unictype/categ_none.c
new file mode 100644
index 0000000..0aec635
--- /dev/null
+++ b/lib/unistring/unictype/categ_none.c
@@ -0,0 +1,39 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2007.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+static bool
+always_false (ucs4_t uc, uint32_t bitmask)
+{
+  return false;
+}
+
+const uc_general_category_t _UC_CATEGORY_NONE =
+  { 0, 1, { &always_false } };
diff --git a/lib/unistring/unictype/categ_of.c b/lib/unistring/unictype/categ_of.c
new file mode 100644
index 0000000..fb0c075
--- /dev/null
+++ b/lib/unistring/unictype/categ_of.c
@@ -0,0 +1,90 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_category table.  */
+#include "categ_of.h"
+
+static inline int
+lookup_withtable (ucs4_t uc)
+{
+  unsigned int index1 = uc >> category_header_0;
+  if (index1 < category_header_1)
+    {
+      int lookup1 = u_category.level1[index1];
+      if (lookup1 >= 0)
+        {
+          unsigned int index2 = (uc >> category_header_2) & category_header_3;
+          int lookup2 = u_category.level2[lookup1 + index2];
+          if (lookup2 >= 0)
+            {
+              unsigned int index3 = ((uc & category_header_4) + lookup2) * 5;
+              /* level3 contains 5-bit values, packed into 16-bit words.  */
+              unsigned int lookup3 =
+                (((unsigned int) u_category.level3[index3>>4]
+                  | ((unsigned int) u_category.level3[(index3>>4)+1] << 16))
+                 >> (index3 % 16))
+                & 0x1f;
+
+              return lookup3;
+            }
+        }
+      return 29; /* = log2(UC_CATEGORY_MASK_Cn) */
+    }
+  return -1;
+}
+
+bool
+uc_is_general_category_withtable (ucs4_t uc, uint32_t bitmask)
+{
+  int bit = lookup_withtable (uc);
+
+  if (bit >= 0)
+    return ((bitmask >> bit) & 1);
+  else
+    return false;
+}
+
+uc_general_category_t
+uc_general_category (ucs4_t uc)
+{
+  int bit = lookup_withtable (uc);
+  uc_general_category_t result;
+
+  if (bit >= 0)
+    {
+      result.bitmask = 1 << bit;
+      result.generic = 1;
+      result.lookup.lookup_fn = &uc_is_general_category_withtable;
+      return result;
+    }
+  else
+    return _UC_CATEGORY_NONE;
+}
diff --git a/lib/unistring/unictype/categ_of.h b/lib/unistring/unictype/categ_of.h
new file mode 100644
index 0000000..605b235
--- /dev/null
+++ b/lib/unistring/unictype/categ_of.h
@@ -0,0 +1,1428 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Categories of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define category_header_0 16
+#define category_header_1 17
+#define category_header_2 7
+#define category_header_3 511
+#define category_header_4 127
+static const
+struct
+  {
+    int level1[17];
+    short level2[5 << 9];
+    unsigned short level3[216 * 40 + 1];
+  }
+u_category =
+{
+  {
+        0,   512,  1024,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,  1536,  2048,
+     2048
+  },
+  {
+        0,   128,   256,   384,   512,   640,   768,   896,
+     1024,  1152,  1280,  1408,  1536,  1664,  1792,  1920,
+     2048,  2176,  2304,  2432,  2560,  2688,  2816,  2944,
+     3072,  3200,  3328,  3456,  3584,  3712,  3840,  3968,
+     4096,  4224,  4352,  4352,  4480,  4608,  4736,  4864,
+     4992,  4352,  4352,  4352,  5120,  5248,  5376,  5504,
+     5632,  5760,  5888,  6016,  6144,  6272,  6400,  6528,
+     6656,  6784,  6912,  7040,  7168,  7296,  7424,  7552,
+     7680,  7808,  7936,  8064,  8192,  8192,  8320,  8448,
+     8576,  8704,  8832,  8960,  9088,  8832,  9216,  9344,
+     8832,  8832,  8192,  9472,  8192,  8192,  9600,  9728,
+     9856,  9984, 10112, 10240, 10368, 10496,  8832, 10624,
+    10752, 10880, 11008, 11136, 11264, 11392,  8832,  8832,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352, 11520,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352, 11648,
+    11776,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352, 11904,  4352,  4352, 12032, 12160, 12288, 12416,
+    12544, 12672, 12800, 12928, 13056, 13184, 13312, 13440,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352, 13568,
+    13696, 13696, 13696, 13696, 13696, 13696, 13696, 13696,
+    13696, 13696, 13696, 13696, 13696, 13696, 13696, 13696,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824,  4352,  4352, 13952, 14080, 14208, 14336,
+     4352,  4352, 14464, 14592, 14720, 14848, 14976, 15104,
+    15232, 15360, 15488, 15616,    -1, 15744, 15872, 16000,
+    16128, 16256, 16384,    -1,  4352,  4352, 16512,    -1,
+    16640, 16768, 16896, 17024, 17152, 17280, 17408, 17536,
+    17664, 17792,    -1,    -1, 17920,    -1,    -1,    -1,
+    18048, 18176, 18304, 18432, 18560, 18688, 18816,    -1,
+    18944, 19072,    -1, 19200, 19328, 19456, 19584,    -1,
+       -1, 19712,    -1,    -1,    -1, 19840,    -1,    -1,
+    19968, 20096,    -1,    -1,    -1,    -1,    -1,    -1,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352, 20224,
+    20352,  4352, 20480,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+    20608,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     4352,  4352,  4352,  4352, 20736,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     4352,  4352,  4352,  4352, 20864, 20992, 21120, 21248,
+       -1,    -1,    -1,    -1,    -1,    -1, 21376, 21504,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352, 21632,
+     4352,  4352,  4352,  4352,  4352, 21760,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    21888,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    22016, 22144,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     8832, 22272, 22400, 22528, 22656,    -1, 22784,    -1,
+    22912, 23040, 23168, 23296, 23424, 23552, 23680, 23808,
+     8832,  8832,  8832,  8832, 23936, 24064,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    24192,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     4352, 24320, 24448,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1, 24576, 24704,    -1,    -1,
+    24832, 24960, 25088, 25216, 25344,    -1,  8832, 25472,
+     8832,  8832,  8832,  8832,  8832, 25600, 25728, 25856,
+    25984, 26112, 26240, 26368,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352, 26496,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352, 26624,  4352,
+    26752,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352,  4352,  4352,  4352,
+     4352,  4352,  4352,  4352,  4352, 26880,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     4352,  4352,  4352,  4352, 27008,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    27136,    -1, 27264, 27392,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 13824,
+    13824, 13824, 13824, 13824, 13824, 13824, 13824, 27520
+  },
+  {
+    0xe739, 0x739c, 0x39ce, 0x9ce7, 0xce73, 0xe739, 0x739c, 0x39ce,
+    0x9ce7, 0xce73, 0xc636, 0x6338, 0xcd8c, 0x1945, 0x8c59, 0x2108,
+    0x1084, 0x0842, 0x28c5, 0x8ca5, 0x0011, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x1680, 0x5d1d, 0x8434, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x2684, 0xcc9d,
+    0xe739, 0x739c, 0x39ce, 0x9ce7, 0xce73, 0xe739, 0x739c, 0x39ce,
+    0x9ce7, 0xce73, 0xce36, 0x6739, 0xb48d, 0x2792, 0xa575, 0x2a55,
+    0x4345, 0x548c, 0xa811, 0x8a94, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0090, 0x0000, 0x0800, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2190, 0x1084, 0x0842,
+    0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008,
+    0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020,
+    0x0200, 0x0108, 0x1004, 0x0040, 0x0401, 0x4010, 0x2100, 0x0080,
+    0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200,
+    0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x0008, 0x1004, 0x0840,
+    0x8001, 0x0200, 0x0100, 0x1000, 0x0002, 0x0400, 0x0200, 0x2000,
+    0x0084, 0x0040, 0x8020, 0x0200, 0x0100, 0x0084, 0x0002, 0x0001,
+    0x4010, 0x2000, 0x0204, 0x0842, 0x1084, 0x4402, 0x2200, 0x1100,
+    0x0040, 0x0401, 0x4010, 0x0100, 0x1004, 0x0802, 0x8020, 0x0200,
+    0x2008, 0x0080, 0x0802, 0x8801, 0x0200, 0x2000, 0x0080, 0x0802,
+    0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008,
+    0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020,
+    0x4210, 0x2108, 0x1000, 0x0800, 0x0401, 0x0000, 0x2008, 0x0080,
+    0x0802, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4240, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8c63,
+    0xc631, 0x6318, 0x318c, 0x18c6, 0x5063, 0xe94a, 0x6318, 0x318c,
+    0x18c6, 0x5063, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x8c63, 0x2831,
+    0x94a5, 0x3a52, 0xa0e8, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529,
+    0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529,
+    0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294,
+    0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52,
+    0xa529, 0x5294, 0x294a, 0x8020, 0x2830, 0xbd08, 0x108f, 0x0442,
+    0xf7bd, 0x294e, 0x0088, 0x0e80, 0x003a, 0x0001, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x7400, 0x0000, 0x0000, 0x1000, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0042, 0x0021, 0x4200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200,
+    0x2008, 0x0080, 0x0802, 0x8421, 0x8200, 0x0104, 0x1080, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8020, 0x0200,
+    0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802,
+    0xd420, 0x4a52, 0xe729, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008,
+    0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020,
+    0x0200, 0x2008, 0x0080, 0x0802, 0x0400, 0x4010, 0x0100, 0x1004,
+    0x0840, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200,
+    0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802,
+    0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008,
+    0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x001d,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x7de8, 0x18c4, 0x8c63, 0x843d, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x3d08, 0xdeb2, 0x9d6b, 0x94bd, 0x4a52, 0xa529,
+    0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0x2b0a, 0x94b1, 0x4a58, 0xbd2c, 0xdef7,
+    0xef7b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0xde90, 0xef7b, 0x9084, 0x7b18, 0xbdef, 0xdef7, 0xef7b,
+    0x6b5a, 0xb5ad, 0x3294, 0x19c6, 0xad63, 0x94a5, 0x4a52, 0xa529,
+    0xa894, 0x8c7b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1083, 0x0842, 0x8421, 0x5290,
+    0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x2108, 0x1084,
+    0x0842, 0x18c5, 0x2123, 0x1085, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x4912, 0xa529, 0x5294, 0x2d74, 0x94a5, 0xc652,
+    0xa528, 0x5296, 0x210a, 0x2108, 0x1084, 0x0842, 0x4211, 0x256a,
+    0xc631, 0x6318, 0x318c, 0x18c6, 0xd763, 0x10a4, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0xde94,
+    0x2109, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x4842, 0xa529, 0x5294, 0x294a, 0xf485,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0x2108, 0x1084, 0x0842, 0x4211,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x5290, 0x294a, 0x94a5, 0x4632, 0x318d, 0xde8e, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x4842, 0xa529,
+    0x528c, 0x294a, 0x94a5, 0x4a32, 0xa329, 0x5294, 0xef4a, 0xc631,
+    0x6318, 0x318c, 0x18c6, 0xec63, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0xa421, 0xd294, 0xec7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef,
+    0xdef7, 0xef7b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x3a42, 0x8421, 0x4210, 0xef48, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x4a5e, 0xa529, 0x5294, 0x294a, 0xe8a5, 0x4a52,
+    0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a,
+    0x14a5, 0x0843, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x5314, 0x3188, 0x94a6, 0x4a52, 0xc529, 0x6318,
+    0x318a, 0x94a4, 0x4a52, 0x8429, 0x4210, 0x2108, 0x9484, 0x2312,
+    0x0842, 0x8421, 0x4210, 0x1071, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x18a4, 0x09d3, 0x8421, 0x4210, 0x277a, 0x77a4, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0xa421, 0x4213, 0x2108, 0x93a4,
+    0x3bde, 0x8421, 0x5ef4, 0x3188, 0x94a6, 0x7a52, 0xa637, 0x6377,
+    0xe90a, 0xf7bd, 0x7bde, 0xbd37, 0x4ef7, 0x2748, 0x9484, 0x3bd2,
+    0x0842, 0x8421, 0x4210, 0xcc84, 0x94a9, 0x4a52, 0xd9d5, 0xef7b,
+    0x14bd, 0x09d3, 0x8421, 0xde90, 0x277b, 0x77a4, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0xa421, 0x4213, 0x2108, 0x13a4,
+    0x09d2, 0x84e9, 0x5ef4, 0x31ba, 0x94a6, 0x7bde, 0xa52f, 0x52f7,
+    0xef4a, 0xf4bd, 0x7bde, 0x9def, 0x4210, 0xe93a, 0xf7bd, 0x3bde,
+    0x0842, 0x8421, 0x4210, 0x10a5, 0x4a42, 0xbdef, 0xdef7, 0xef7b,
+    0x14bd, 0x09d3, 0x8421, 0x4210, 0x2748, 0x7484, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0xa421, 0x4213, 0x2108, 0x13a4,
+    0x09d2, 0x8421, 0x5ef4, 0x3188, 0x94a6, 0x4a52, 0xc52f, 0x6374,
+    0xef4a, 0xf7a4, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0x9484, 0x3bd2,
+    0x0842, 0x8421, 0x4210, 0xf671, 0x7bde, 0x9def, 0xdef4, 0xef7b,
+    0x18bd, 0x09d3, 0x8421, 0x4210, 0x277a, 0x77a4, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0xa421, 0x4213, 0x2108, 0x13a4,
+    0x09d2, 0x8421, 0x5ef4, 0x2988, 0x94a6, 0x7a52, 0xa637, 0x6377,
+    0xef4a, 0xf7bd, 0x7bde, 0xbd31, 0x4ef7, 0x2748, 0x9484, 0x3bd2,
+    0x0842, 0x8421, 0x4210, 0x2895, 0x94a5, 0xbd52, 0xdef7, 0xef7b,
+    0x17bd, 0x09d2, 0x8421, 0xde90, 0x213b, 0x13a4, 0x4842, 0x9def,
+    0x4e90, 0x213a, 0x77bd, 0x7a42, 0x84ef, 0xde90, 0x213b, 0x1084,
+    0x0842, 0x8421, 0xdef4, 0x31bb, 0x98c5, 0xbbde, 0xa631, 0x631b,
+    0xef4a, 0xf7a4, 0x7bde, 0xbd37, 0xdef7, 0xef7b, 0xf7bd, 0x3bde,
+    0x0842, 0x8421, 0x4210, 0xa94a, 0x6b5a, 0x75ad, 0xded6, 0xef7b,
+    0x18c5, 0x09d3, 0x8421, 0x4210, 0x213a, 0x13a4, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0xa421, 0x4213, 0x2108, 0x1084,
+    0x0842, 0x8421, 0xdef4, 0x2949, 0x18c5, 0x7a63, 0xa529, 0x5297,
+    0xef4a, 0xf7bd, 0x4bde, 0x84e9, 0xde90, 0xef7b, 0x9484, 0x3bd2,
+    0x0842, 0x8421, 0x4210, 0xf7bd, 0x7bde, 0x4aef, 0xa529, 0xaa94,
+    0x18a4, 0x09d3, 0x8421, 0x4210, 0x213a, 0x13a4, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0xa421, 0x4213, 0x2108, 0x1084,
+    0x09d2, 0x8421, 0x5ef4, 0x2988, 0x18c6, 0x7a63, 0xa631, 0x531b,
+    0xef4a, 0xf7bd, 0x8dde, 0xbde9, 0xdef7, 0xe93b, 0x9484, 0x3bd2,
+    0x0842, 0x8421, 0x4210, 0x909d, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x18bd, 0x09d3, 0x8421, 0x4210, 0x213a, 0x13a4, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0xde90, 0x3189, 0x94a6, 0xba52, 0xa631, 0x631b,
+    0xa90a, 0xf7bd, 0x084e, 0x4a31, 0xa529, 0x2294, 0x9484, 0x3bd2,
+    0x0842, 0x8421, 0x4210, 0x294a, 0x94a5, 0xaa52, 0x4212, 0x2108,
+    0x1bbd, 0x09d3, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0xbde9,
+    0x4213, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x7484,
+    0x0842, 0x8421, 0xd210, 0xef49, 0x1084, 0x0842, 0xbde9, 0xde97,
+    0x377b, 0x94c6, 0x7a52, 0xc6e9, 0x6318, 0x318c, 0xf7bd, 0x3bde,
+    0x0842, 0x8421, 0x4210, 0x1bbd, 0x7b13, 0xbdef, 0xdef7, 0xef7b,
+    0x109d, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x10a4,
+    0x4a52, 0xa529, 0xde94, 0x9f7b, 0x1084, 0xc842, 0xa528, 0x5294,
+    0x894a, 0x2108, 0x1084, 0x0842, 0xd8c5, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x909d, 0x7a4e, 0xa427, 0xde93, 0xef49, 0xf7bd, 0x084e, 0x9d21,
+    0x4210, 0x2108, 0x109d, 0x49d2, 0xbd27, 0xd213, 0x2109, 0x10a4,
+    0x4a52, 0xa529, 0x52f4, 0xef48, 0x1084, 0xfa42, 0xa5e8, 0x5294,
+    0xef4a, 0x2108, 0x1084, 0x0842, 0x4ef5, 0x2108, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xd6a4, 0x631a, 0x318c, 0x18c6, 0x8c63, 0xc631, 0x6b1a, 0xa5ad,
+    0x5ad4, 0xad6b, 0x2108, 0x1084, 0x0842, 0xa529, 0x5294, 0x294a,
+    0x4b55, 0xb52d, 0xd734, 0x319c, 0x1084, 0x0842, 0x9d21, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0xef7a, 0x94bd, 0x4a52, 0xa529, 0x5294, 0x314a,
+    0x94a5, 0x6252, 0x8429, 0x4210, 0x294a, 0x94a5, 0x4a52, 0xbd29,
+    0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0xad7a, 0xd6b5, 0x6b5a, 0xb5a9, 0x5ad6,
+    0xad7b, 0xc631, 0x6b18, 0x35ad, 0xdec6, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x6310, 0x294a, 0x94c5,
+    0x4a52, 0xa629, 0x6314, 0x214a, 0x2108, 0x1084, 0x0842, 0x18c5,
+    0x8c63, 0x1084, 0x8842, 0xa531, 0x4210, 0x2948, 0x1885, 0x0863,
+    0xc631, 0x6318, 0x210c, 0x94a4, 0x0852, 0x8421, 0x4210, 0x2108,
+    0x1484, 0x4a63, 0xc631, 0x6318, 0x310a, 0x2108, 0x1084, 0x0842,
+    0x6319, 0xad4a, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x4000, 0xbd07, 0xdef7,
+    0xef41, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x3890, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0xa421, 0x4213,
+    0xef48, 0x1084, 0x0842, 0xa4e9, 0x4213, 0xef48, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0xa421, 0x4213, 0xef48, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x13a4,
+    0x4842, 0x84ef, 0x4210, 0xe908, 0x13a4, 0x4842, 0x84ef, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x84e9, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x13a4, 0x4842, 0x84ef,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0xde90, 0x294b, 0xc631, 0x6318,
+    0x518c, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0xef7a,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0xd6b5, 0x6b5a, 0xb5ad,
+    0xdef6, 0xef7b, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x4000, 0x21ef, 0x1084, 0xef42,
+    0x108c, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2462, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1096, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0xe690, 0xef7a, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x1890, 0x4a63, 0x1089, 0x0842, 0xa421, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x213a, 0x9484, 0x7a52, 0xbdef,
+    0xdef7, 0xef7b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x9484,
+    0x6252, 0xbdec, 0xdef7, 0xef7b, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x9484, 0x7bd2, 0xbdef, 0xdef7, 0xef7b, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x213a, 0x97a4, 0x7bd2, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x8a52, 0xa529, 0x5294, 0x318a, 0x18c6, 0x4c63, 0xa631, 0x5294,
+    0x294a, 0x94a5, 0x6312, 0x311c, 0x49c6, 0xef4a, 0x2108, 0x1084,
+    0x0842, 0xdef5, 0xef7b, 0x294a, 0x94a5, 0x4a52, 0xdef5, 0xef7b,
+    0xc631, 0x2318, 0x318b, 0x52c6, 0xee8a, 0x2108, 0x1084, 0x0842,
+    0xdef5, 0xef7b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x9084, 0x0841, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0xbd21, 0xdef7, 0xef7b,
+    0x1084, 0x4a42, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0xa421, 0xde90, 0xef7b, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x4842, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0xe908, 0x14a5, 0x8c63, 0xc529, 0xd318, 0xef7b, 0x14c6,
+    0x8c63, 0xa631, 0xd294, 0xef7b, 0xf7b5, 0x231e, 0x0842, 0x8421,
+    0x4210, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0xef48, 0x1084, 0x7a42, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0xd210, 0xef7b, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0xdef4,
+    0xef7b, 0x2108, 0x1084, 0x0842, 0xdea9, 0xad7b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0xc529,
+    0xd298, 0x8c7b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x4c42, 0xa531, 0x5294, 0xe94a, 0x14c5, 0x4a63,
+    0xa529, 0x5294, 0x318c, 0x98c6, 0x4a52, 0xa529, 0x5294, 0x2f7a,
+    0x2108, 0x1084, 0x0842, 0xdef5, 0xef7b, 0x2108, 0x1084, 0x0842,
+    0xdef5, 0xef7b, 0xc631, 0x6318, 0x311c, 0x18c6, 0xef63, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0xe9ca, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x94a5, 0x0862, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x4c52, 0xa529, 0x5314, 0x318c, 0x14c6, 0x0863, 0x8421, 0xd210,
+    0xef7b, 0x2108, 0x1084, 0x0842, 0x18c5, 0x8c63, 0xd6b1, 0x6b5a,
+    0xb5ad, 0x52d6, 0x294a, 0x94a5, 0x6b52, 0xb5ad, 0x5ad6, 0xef7b,
+    0x18a5, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x94c4, 0x8a52, 0xa531, 0x5298, 0x210a, 0x2108,
+    0x1084, 0x0842, 0x4211, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x4842,
+    0xa531, 0x6318, 0x298a, 0x18a5, 0x7bd3, 0xbdef, 0x1ef7, 0x8c63,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x8c62, 0xc631, 0x5318, 0x294a, 0x94a5,
+    0x4c62, 0xbd29, 0x18f7, 0x8c63, 0x2108, 0x1084, 0x0842, 0xdef5,
+    0x2109, 0x2108, 0x1084, 0x0842, 0x4211, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x6321, 0x318c, 0x8c46,
+    0x8421, 0x4210, 0xa108, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef,
+    0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xc631, 0x6318, 0xbd8c, 0xdef7,
+    0xef7b, 0x94a5, 0x4a58, 0xa529, 0x5294, 0x294a, 0x94c5, 0x4a52,
+    0x8529, 0x4210, 0x210a, 0x1884, 0x0853, 0xa5e9, 0xdef4, 0xef7b,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x3084, 0x18c6, 0x8c63,
+    0xc631, 0x6318, 0x318c, 0x18c6, 0x8c63, 0xc631, 0x6318, 0x318c,
+    0x18c6, 0x8c63, 0xc631, 0x6318, 0x318c, 0x18c6, 0x8c63, 0xc631,
+    0x6318, 0x108c, 0x0842, 0x8421, 0x4210, 0x2308, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x3184, 0x18c6, 0x8c63, 0xc631, 0x6318, 0x318c, 0x18c6, 0x8c63,
+    0xc631, 0x6318, 0x318c, 0x18c6, 0x94a5, 0x4a52, 0xa529, 0x5294,
+    0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52,
+    0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xbdef, 0x52f7, 0x294a,
+    0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008,
+    0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020,
+    0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080,
+    0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200,
+    0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802,
+    0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x4200, 0x2108,
+    0x1084, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020,
+    0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080,
+    0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200,
+    0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802,
+    0x8421, 0x4210, 0x0008, 0x0000, 0x0000, 0x8421, 0x4210, 0x00ef,
+    0x0000, 0xef40, 0x8421, 0x4210, 0x0008, 0x0000, 0x0000, 0x8421,
+    0x4210, 0x0008, 0x0000, 0x0000, 0x8421, 0x4210, 0x00ef, 0x0000,
+    0xef40, 0x8421, 0x4210, 0x1d08, 0xd074, 0x0741, 0x8421, 0x4210,
+    0x0008, 0x0000, 0x0000, 0x8421, 0x4210, 0x2108, 0x1084, 0xef42,
+    0x8421, 0x4210, 0x4208, 0x2108, 0x1084, 0x8421, 0x4210, 0x4208,
+    0x2108, 0x1084, 0x8421, 0x4210, 0x4208, 0x2108, 0x1084, 0x8421,
+    0x7a10, 0x0008, 0x2000, 0xa068, 0x8694, 0x7a10, 0x0008, 0x2000,
+    0xa528, 0x8421, 0x7bd0, 0x0008, 0xd000, 0xa529, 0x8421, 0x4210,
+    0x0008, 0x0000, 0xa528, 0x87bd, 0x7a10, 0x0008, 0x2000, 0xed28,
+    0x5ad6, 0xad6b, 0xd6b5, 0xad5a, 0xd6b5, 0x318c, 0x58c6, 0x0f8c,
+    0xf7b6, 0x7b60, 0xc631, 0x6318, 0x178c, 0xad6b, 0xb6b5, 0xc631,
+    0x6318, 0xf18c, 0x18c1, 0x5c63, 0xc62b, 0x9b28, 0x318b, 0x18c6,
+    0x8c63, 0xca31, 0x62b8, 0x318c, 0x18c6, 0xb463, 0x6b5a, 0xbbad,
+    0x5ad6, 0xad6b, 0xd6b5, 0xf46a, 0x94ae, 0x4a52, 0x2949, 0x1b9b,
+    0x294a, 0x94a5, 0x4a52, 0x2949, 0xeb9b, 0x8c63, 0xc631, 0x6318,
+    0x318c, 0xef7a, 0xce73, 0xe739, 0x739c, 0x39ce, 0x9ce7, 0xce73,
+    0xe739, 0x739c, 0x39ce, 0xece7, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x39ce, 0x9ca7, 0x4a73,
+    0xa529, 0x5294, 0x294a, 0xf7a5, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x82b5, 0x6b5a, 0xb505, 0x0006, 0x0840, 0x8000, 0x4150, 0x12ad,
+    0x0000, 0xad40, 0xd6b5, 0x2a0a, 0xa0a8, 0x0002, 0x0d40, 0x0000,
+    0x0810, 0x2421, 0x1ad4, 0x0002, 0x4a52, 0x4129, 0x2108, 0x5954,
+    0xa86b, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0xa529, 0x5294,
+    0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52,
+    0x2529, 0x5210, 0x494a, 0xdad5, 0xef7b, 0x4a52, 0x6b29, 0xb5ad,
+    0x594a, 0xad6b, 0x56b2, 0xab59, 0xb5ac, 0x5ad6, 0xacab, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0x94ab, 0xcab5, 0x6b2a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0xa52a, 0x5294, 0x294a, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294,
+    0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52,
+    0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a,
+    0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529,
+    0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5,
+    0xd6b5, 0x6b5a, 0xcdad, 0x5735, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd652, 0x6b5a, 0xb5ad, 0x5ab9, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x2ad6, 0xad6b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x2956, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52,
+    0x6b59, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x2ad6, 0x94a5, 0xd652, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xed6b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xbded, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xd6b5, 0x6b5a, 0xb5ad, 0xded6,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0x294a, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294,
+    0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52,
+    0x5529, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0xa52a, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb595, 0x5ad6, 0xad6b, 0xd655, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0x52ad, 0x294a, 0x94a5,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0x956b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xcdad, 0xd735, 0x735c, 0x35cd, 0x9cd7, 0x4a52, 0xa529, 0x5294,
+    0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x6b55, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0x4a52, 0x9b29, 0x5293, 0x294a,
+    0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0x6529,
+    0xcd73, 0xd735, 0x735c, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5,
+    0xca52, 0x9ae6, 0xae6b, 0xe6b9, 0x6b9a, 0xb9ae, 0x9ae6, 0x4e6b,
+    0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52,
+    0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a,
+    0x94a5, 0x4a52, 0xa529, 0xcd94, 0x2735, 0x94a5, 0x4a52, 0xa529,
+    0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0xd94a, 0x949c,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0x4a52,
+    0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0x6b29, 0x5295, 0x294a,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x7bda, 0xb5ad, 0x5ad6, 0xad6b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ef,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0xdef6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad7,
+    0xad6b, 0xf6b5, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0x5ef7, 0xad6b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0xe800, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0xe842, 0x0020, 0x4200,
+    0x0100, 0x1004, 0x0000, 0x8020, 0x4010, 0x2108, 0x3084, 0x0006,
+    0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008,
+    0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020,
+    0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080,
+    0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x6a10,
+    0xb5ad, 0x1056, 0x2840, 0x80a5, 0x7bd0, 0x3def, 0x18c6, 0x8c55,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0xbd0f, 0xdef7, 0xef43, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0xbd21, 0xdef7, 0x1f7b, 0xf7b1, 0x7bde, 0xbdef, 0xdef7, 0x2f7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0xbde9,
+    0xdef7, 0xef7b, 0x1084, 0x0842, 0x84e9, 0x4210, 0xe908, 0x1084,
+    0x0842, 0x84e9, 0x4210, 0xe908, 0x1084, 0x0842, 0x84e9, 0x4210,
+    0xe908, 0x1084, 0x0842, 0x84e9, 0x4210, 0xe908, 0x94a5, 0x4a52,
+    0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a,
+    0x3e31, 0x60f8, 0xf18c, 0xf8c1, 0x8c60, 0xc631, 0x6318, 0x3164,
+    0xf8b2, 0x8c60, 0x360f, 0x5cd7, 0xcd73, 0x18c5, 0x1c63, 0xc631,
+    0x6318, 0x318c, 0x1632, 0x8c63, 0xb62c, 0x7b18, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5af6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x7bda, 0xbdef, 0xdef7, 0xef7b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xd6b5, 0x6b5a, 0xb5ad, 0xdad6, 0xef7b,
+    0xc636, 0x0758, 0xcd49, 0xd735, 0x735c, 0xd5cd, 0x5cda, 0xcd73,
+    0xc735, 0x739a, 0xa535, 0x5294, 0x294a, 0x5295, 0x318a, 0x8c6c,
+    0x4631, 0x29ad, 0x41a5, 0xad62, 0x109d, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0xbde9,
+    0x4a14, 0x20c7, 0x108c, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x3890, 0x20c6,
+    0xf7bd, 0x09de, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0xef48, 0x109d,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0xe908, 0x2ab5, 0x54a5, 0xb5ad,
+    0x5ad6, 0xad6b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0xde90, 0xef7b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x7bda,
+    0xbdef, 0xdef7, 0xef7b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xed6b, 0x294a, 0x94a5, 0x4a52, 0x5ad5, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0x4aad, 0xa529,
+    0x5294, 0x2955, 0x94a5, 0x4a52, 0xa529, 0x5294, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b,
+    0x294a, 0x94a5, 0x4a52, 0x5ad5, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0x2955,
+    0x94a5, 0x4a52, 0xa529, 0x5294, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xed6b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x4842, 0xbdef, 0xdef7, 0xef7b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x4842, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0642, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0xef7a, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xbded, 0xdef7,
+    0xef7b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x6321, 0x318c, 0x8c46,
+    0x1084, 0x0842, 0x8421, 0x3210, 0x8c62, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x2108, 0x1084, 0x0842, 0xd211, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0x8020, 0x0200, 0x2008, 0x0080,
+    0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200,
+    0x2008, 0x0080, 0x2902, 0x9ce7, 0x4a58, 0xa529, 0x5294, 0x1c4a,
+    0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008,
+    0x3080, 0x2946, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x4842,
+    0x294a, 0x94a5, 0x4a52, 0xc4a5, 0x6318, 0xbd8c, 0xdef7, 0xef7b,
+    0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x631d,
+    0x318c, 0x18c6, 0x8294, 0x0200, 0x2008, 0x0080, 0x0802, 0x8021,
+    0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0080,
+    0x0802, 0x8020, 0x0200, 0x2008, 0x0080, 0x0802, 0x8020, 0x0200,
+    0x2008, 0x0080, 0x0802, 0x8423, 0x4210, 0x0108, 0x1004, 0x0800,
+    0x8020, 0x0200, 0x8308, 0x1052, 0x2040, 0x8020, 0x0210, 0x2008,
+    0x0080, 0x0802, 0x8020, 0x0200, 0x2008, 0x0000, 0xe800, 0x0000,
+    0x0200, 0xbd08, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0x6327, 0x4204, 0x2108,
+    0x1484, 0x4842, 0x8421, 0x4290, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x4a63, 0xb531, 0xdad6, 0xef7b, 0x294a,
+    0x54a5, 0xb3ad, 0xdef6, 0xef7b, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x6312, 0xbd8c, 0xdef7, 0xef7b,
+    0x10c6, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x8c62, 0xc631, 0x6318, 0x318c, 0x18c6, 0x4a53, 0xbdef, 0xdef7,
+    0x8c7b, 0x2108, 0x1084, 0x0842, 0xdef5, 0xef7b, 0x94a5, 0x4a52,
+    0xa529, 0x5294, 0x294a, 0x10a5, 0x0842, 0x3121, 0x1246, 0xef49,
+    0x2108, 0x1084, 0x0842, 0x4211, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x4842, 0xa529, 0x5294, 0x8c4a, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0xa529, 0x5294,
+    0x294a, 0x18a5, 0x7bd3, 0xbdef, 0xdef7, 0x8f7b, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0xef7a,
+    0x14a5, 0x0843, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x9084,
+    0x4c62, 0xa529, 0x5318, 0x318c, 0xc626, 0x6318, 0x318c, 0x18c6,
+    0x1f63, 0x2108, 0x1084, 0x0842, 0xdef5, 0x8c7b, 0x1084, 0xca42,
+    0x8420, 0x4210, 0x2108, 0x2108, 0x1084, 0x0842, 0x4211, 0xe908,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0xa421, 0x5294, 0x314a, 0x14a6,
+    0x4a63, 0xbde9, 0xdef7, 0xef7b, 0x9084, 0x0842, 0x8421, 0x5210,
+    0xef4c, 0x2108, 0x1084, 0x0842, 0x1ef5, 0x8c63, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1083, 0x0842, 0xb5a9, 0x5312, 0x210c,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x9485,
+    0x0852, 0x8529, 0x4210, 0x2948, 0x90a4, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0x4277, 0x8c46, 0x1084, 0x0842,
+    0x8421, 0x5310, 0x318a, 0x9231, 0x4c31, 0xbde9, 0xdef7, 0xef7b,
+    0x109d, 0x0842, 0x9de9, 0x4210, 0xe908, 0x109d, 0x0842, 0xbde9,
+    0xdef7, 0xef7b, 0x1084, 0x0842, 0x84e9, 0x4210, 0xe908, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x3a04, 0x18c6, 0x8421, 0x4210,
+    0xbdef, 0xdef7, 0xef7b, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x8a63,
+    0xc531, 0x6898, 0xef4a, 0x2108, 0x1084, 0x0842, 0xdef5, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x7bd2, 0xbdef, 0xdef7, 0xef7b, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0xbde9, 0x4277,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0xd210, 0xef7b,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef,
+    0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0x739c, 0x39ce, 0x9ce7, 0xce73, 0xe739, 0x739c, 0x39ce, 0x9ce7,
+    0xce73, 0xe739, 0x739c, 0x39ce, 0x9ce7, 0xce73, 0xe739, 0x739c,
+    0x39ce, 0x9ce7, 0xce73, 0xe739, 0x739c, 0x39ce, 0x9ce7, 0xce73,
+    0xe739, 0x739c, 0x39ce, 0x9ce7, 0xce73, 0xe739, 0x739c, 0x39ce,
+    0x9ce7, 0xce73, 0xe739, 0x739c, 0x39ce, 0x9ce7, 0xce73, 0xe739,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0xef48, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0xdef4, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x8421, 0x4210, 0xbde8, 0xdef7, 0xef7b, 0xf7bd, 0x4210, 0xbd08,
+    0xdef7, 0x2149, 0x1084, 0x0842, 0x4421, 0x4212, 0x2108, 0x1084,
+    0x0842, 0x84e9, 0x4210, 0xe93a, 0x7484, 0x3a42, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x5084,
+    0x294a, 0x94a5, 0x4a52, 0xa529, 0xf694, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0x77bd, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x6b88, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x13bd, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0xbd21, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0x1084, 0x0842, 0x8421, 0x3210, 0xef6b,
+    0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0xc631, 0x6318, 0x2e6c,
+    0xdef6, 0xef7b, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0xb191,
+    0x9ab5, 0xae6b, 0xe6b9, 0x6b9a, 0xb9ae, 0x62e6, 0x2e6c, 0x18c6,
+    0x5ad7, 0xc631, 0x631e, 0xac8c, 0xe6b9, 0x8b9a, 0x4a31, 0xa526,
+    0x71ec, 0xd8c6, 0xef7b, 0x1084, 0x3a42, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0xd77a,
+    0xc63d, 0x6338, 0xcd8c, 0x1945, 0x8c59, 0x2108, 0x1084, 0x0842,
+    0x28c5, 0x8ca5, 0x0011, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x1680, 0x5d1d, 0x8434, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x2684, 0x6c9d, 0x362e, 0x2317,
+    0x8421, 0x4210, 0x2108, 0x1083, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x18c8, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0xe908, 0x13bd, 0x0842, 0xbd21, 0x4213,
+    0x2108, 0x13bd, 0x0842, 0xbd21, 0x4213, 0xef7a, 0x4a73, 0xe75a,
+    0x55ec, 0x294a, 0xed6b, 0xf7bd, 0x7bde, 0x5def, 0x5d6b, 0xef6b,
+    0x1084, 0x0842, 0x8421, 0xd210, 0x2109, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x84e9, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4e90, 0x2748, 0x1084, 0x0842, 0x8421, 0x4210,
+    0xef48, 0x1084, 0x0842, 0x8421, 0x4210, 0xef48, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0xde90, 0xef7b,
+    0xc631, 0x7bde, 0x4a57, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52,
+    0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a,
+    0x7bd5, 0xb5af, 0x5ad6, 0xad6b, 0xa529, 0x5294, 0x294a, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294,
+    0x294a, 0x94a5, 0x4a52, 0xa529, 0x9494, 0xaa52, 0x5ad6, 0xad6b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x552a, 0xed6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0xdad6, 0xef7b, 0xf7b5, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xef4b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0xef7a, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0xf7a4, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0x2945, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xd529, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x294a, 0x7bd5, 0xbdef, 0xdef7, 0xef7b, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1124, 0x0842, 0x8421, 0xdea4,
+    0xef7b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x4842, 0xa529, 0xde94, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x8f48, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x7bd2, 0x84ef, 0x4210,
+    0x2108, 0xa531, 0x5294, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x2100, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0xef48, 0x2108, 0x1084, 0x0842, 0xdef5, 0xef7b, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x7bd0, 0x21ef, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0xd084, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0xbd21, 0xdef7, 0xef7b, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x7bd2,
+    0xbdef, 0xdef7, 0x8f7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0xbde9, 0xdef7, 0xef7b, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x4842, 0xbdef, 0xdef7, 0xef7b, 0x1084, 0x0842,
+    0xbd21, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x4842, 0xa4ef, 0x4213, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x4842, 0xa427, 0x4ef7, 0x277a, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x4842, 0x4a8f, 0xa529, 0x5294, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x55a9, 0xa529, 0x5294,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0xe908, 0xf7bd, 0x7bde, 0x4a57, 0xa529, 0x5294, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x9084, 0x484e, 0xbdef, 0xa577, 0x5294,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x8842, 0x4a52,
+    0xd529, 0x8f7b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0xdef4, 0x8f7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0xbd21, 0xaef7, 0x2114, 0x294a, 0x94a5, 0x4a52, 0xa529,
+    0x5294, 0x2bbd, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294,
+    0x94a4, 0x4bd2, 0xbde9, 0x5ef7, 0x294a, 0x1084, 0x09d2, 0x9d21,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x7bd2, 0xa5ef, 0xde94, 0x2f7b, 0x294a, 0x94a5, 0xbd52, 0xdef7,
+    0xef7b, 0xc631, 0x6318, 0xb18c, 0xdef7, 0xef7b, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x8a94,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x5294, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0x1084, 0x0842, 0x9521, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x4a42,
+    0xbde9, 0xa577, 0x5294, 0xc631, 0x6318, 0xbdec, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x4842, 0x3def, 0x18c6, 0x8c63, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x4842, 0x4aef, 0xa529, 0x5294, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x9084, 0x7bde, 0x4aef, 0xa529, 0x5294,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0xf484, 0x7bde, 0x3def,
+    0x18c6, 0xef7b, 0xf7bd, 0x7bde, 0x5def, 0xa529, 0x5294, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0xa421, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x8000,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x7bde, 0xbdef, 0xa52b, 0x5294,
+    0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef,
+    0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0x294a, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0xea94,
+    0x18a6, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0xa521, 0x5294, 0x294a, 0x94a5, 0x4a52, 0x3189, 0x18c6,
+    0xef63, 0x2bbd, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x14a5,
+    0x0842, 0x8421, 0x4210, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0x2f7b,
+    0x18a5, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x98c6,
+    0x4a52, 0xa631, 0x1894, 0x8c75, 0xf631, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0xa421, 0xdef7, 0xef7b, 0x2108, 0x1084, 0x0842, 0xdef5, 0xef7b,
+    0x14a5, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0xa529, 0x6294, 0x294a, 0x94a5,
+    0x3a52, 0x0842, 0x8421, 0x4210, 0xc631, 0x7bd8, 0xbdef, 0xdef7,
+    0xef7b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x9084, 0x2312, 0xbde9, 0xdef7, 0xef7b,
+    0x18a5, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x4c63, 0xa529, 0x5294, 0x314a, 0x1086, 0x6242, 0x318c, 0x5296,
+    0xef62, 0x2108, 0x1084, 0x0842, 0x4891, 0x8c62, 0x295d, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0x294a, 0x7aa5, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x7484, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x6210, 0x298c, 0x18a5,
+    0x4c53, 0x3129, 0x18c6, 0xe963, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0xa4e9, 0x4213, 0x2748, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2748, 0x1084, 0x0842, 0x2421, 0xdef6, 0xef7b, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2908, 0x98c6, 0x4a52,
+    0xa529, 0xde94, 0xef7b, 0x2108, 0x1084, 0x0842, 0xdef5, 0xef7b,
+    0x18a5, 0x09d3, 0x8421, 0x4210, 0x277a, 0x77a4, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0xa421, 0x4213, 0x2108, 0x13a4,
+    0x09d2, 0x8421, 0x5ef4, 0x3188, 0x18c5, 0x7a63, 0xa637, 0x6377,
+    0xef4c, 0xf7a4, 0x7bde, 0xbd37, 0xdef7, 0x2109, 0x1884, 0x7bd3,
+    0xa529, 0x5294, 0xef7a, 0x94a5, 0x7a52, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x8c42, 0xa531, 0x5294, 0x294a, 0x94c6, 0x4c52, 0x8421, 0x1890,
+    0x8c63, 0x2108, 0x1084, 0x0842, 0xd8f5, 0xef63, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x98c6,
+    0x4a52, 0xc529, 0x6314, 0x298c, 0x94c5, 0x4842, 0xbd24, 0xdef7,
+    0xef7b, 0x2108, 0x1084, 0x0842, 0xdef5, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x3108, 0x94c6,
+    0x4a52, 0xc6ef, 0x5318, 0x298a, 0xc625, 0x6318, 0x318c, 0x18c6,
+    0x8c63, 0xc631, 0x6318, 0x848c, 0x5210, 0xef4a, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x98c6,
+    0x4a52, 0xa529, 0x6314, 0x298a, 0xc625, 0x7a48, 0xbdef, 0xdef7,
+    0xef7b, 0x2108, 0x1084, 0x0842, 0xdef5, 0xef7b, 0xc631, 0x6318,
+    0x318c, 0x18c6, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x6290, 0x318a, 0x94a5,
+    0x8a52, 0xbd29, 0xdef7, 0xef7b, 0x2108, 0x1084, 0x0842, 0xdef5,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0xdef4, 0x294b, 0x94c6, 0x8a52, 0xa529, 0xd294, 0xef7b, 0x2108,
+    0x1084, 0x0842, 0x1529, 0xac63, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef,
+    0xdef7, 0xef7b, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x2108, 0x1084,
+    0x0842, 0xa529, 0x5294, 0xa94a, 0x7bde, 0xbdef, 0xdef7, 0x277b,
+    0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef,
+    0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0xa421, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0xa421, 0x4213, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x3108, 0x94a5,
+    0x4a52, 0xa5e9, 0x5294, 0x298a, 0xc624, 0x6318, 0xbdef, 0xdef7,
+    0xef7b, 0x2108, 0x1084, 0x0842, 0xa529, 0x5294, 0x294a, 0x94a5,
+    0x4a52, 0xa529, 0xef7a, 0x1231, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x97bd, 0x4a52, 0xa529,
+    0x5294, 0x294a, 0x94a5, 0x4a52, 0xdd29, 0x5294, 0x294a, 0x94c5,
+    0x4a62, 0xbde9, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0xdef4, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a,
+    0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529,
+    0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294,
+    0x294a, 0x94a5, 0xea52, 0xc631, 0x7b18, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x7bd2, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0xe908, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0xbde9, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0xa421, 0xdef7, 0xef7b, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0xe908, 0x2108, 0x1084,
+    0x0842, 0xdef5, 0x8c7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef,
+    0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0xef48, 0x94a5, 0x6252, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x94a5,
+    0x4a52, 0x3189, 0x58c6, 0xad6b, 0x8c63, 0x6b11, 0xbdef, 0xdef7,
+    0xef7b, 0x2108, 0x1084, 0x0842, 0xa575, 0x5294, 0x754a, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0xbd21, 0xdef7, 0x2109,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0xf7bd, 0x7bde, 0xbdef,
+    0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x7a42, 0xbdef, 0xdef7,
+    0xef7b, 0x18c4, 0x8c63, 0xc631, 0x6318, 0x318c, 0x18c6, 0x8c63,
+    0xc631, 0x6318, 0x318c, 0x18c6, 0x8c63, 0xc631, 0x6318, 0xe98c,
+    0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0x2f7b, 0x94a5, 0xc631, 0x6318,
+    0x318c, 0x18c6, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7a3, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0xef7a, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x9084, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xf484, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef,
+    0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0xde90, 0xef7b, 0x1084, 0x0842, 0x8421, 0x4210, 0xef7a,
+    0x1084, 0x0842, 0xa421, 0xdef7, 0xef7b, 0x1084, 0x0842, 0x8421,
+    0x5ef4, 0x894b, 0x6b5a, 0x7bdd, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xbdef, 0xdef7, 0xef7b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xbded, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x8d5a,
+    0xa529, 0x5ad4, 0x318d, 0x18c6, 0xb5ad, 0x5ad6, 0x52eb, 0x294a,
+    0x94a5, 0x4b5a, 0xa529, 0x5294, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5296, 0xad4a, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0x96b5, 0x6a52, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xbded, 0xdef7, 0xef7b, 0x294a, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0xf54a, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0840, 0x8421, 0x7a10, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x8400, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x0084, 0x003a, 0x83bd, 0x01de, 0x1de8, 0x0000, 0x003a, 0x0000,
+    0x4000, 0x2108, 0xd0f4, 0x0843, 0x8421, 0x43d0, 0x2108, 0x1084,
+    0x0842, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4000, 0x0007, 0xde80, 0x0001, 0x0000, 0x3a00, 0x0000,
+    0x0000, 0x087a, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x0008, 0x0074, 0xe800, 0x0000, 0x3a00, 0xbde8, 0x0003,
+    0x0000, 0x87a0, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x0084, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x4000, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0840, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x8400, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x0084, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x4000, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x00ef, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x8640, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1904, 0x0842, 0x0021, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x1900, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x6410, 0x2108,
+    0x0084, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x6400, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x9042, 0x8421, 0x0210, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x9000, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x4108, 0x1086, 0x0842, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x4000, 0x1086, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x0421, 0x4219, 0x2108, 0xd080,
+    0x423b, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529,
+    0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5,
+    0x4a52, 0xb5a9, 0x52d6, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294,
+    0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52,
+    0xa529, 0x5294, 0xad6a, 0xd6b5, 0x4b5a, 0xb5ad, 0x5ad6, 0xad6b,
+    0xd6b5, 0x6a5a, 0x318d, 0xd8c6, 0xef7b, 0xf7bd, 0x7bde, 0xbdef,
+    0x52f7, 0x294a, 0x94bd, 0x4a52, 0xa529, 0x5294, 0x294a, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x94a5, 0x4a52, 0xa5e9, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529,
+    0x52f7, 0x294a, 0xf4a5, 0x7a52, 0xa529, 0xde94, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x7a42, 0x4a57, 0xa529,
+    0x5294, 0x94a5, 0x4a52, 0xbde9, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x8400, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4a50, 0xa529, 0xde94,
+    0xef7b, 0x2108, 0x1084, 0x0842, 0xdef5, 0x8c7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x09d2, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x909d, 0x7a4e, 0x9d27, 0x4210, 0x2108, 0x9084,
+    0x084e, 0x9d21, 0xd274, 0xef7b, 0x93bd, 0x7bde, 0x9d27, 0xd274,
+    0x2109, 0x909d, 0x7a4e, 0x9d27, 0xd274, 0x2749, 0x909d, 0x7a4e,
+    0x8427, 0x4e90, 0x2108, 0x9084, 0x084e, 0x9d21, 0x4210, 0xe93a,
+    0x1084, 0x0842, 0x8421, 0x4274, 0x2108, 0x1084, 0x0842, 0x8421,
+    0xd210, 0xef7b, 0x109d, 0x09d2, 0x8421, 0x4274, 0x2108, 0x1084,
+    0x0842, 0x8421, 0xd210, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf652, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0xdad6, 0xef7b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x7bda, 0xbdef,
+    0xdef7, 0xef7b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xed6b, 0xd6bd,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6bd, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6bd, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xbdef, 0xdef7, 0xef7b,
+    0x294a, 0x94a5, 0x4a52, 0xa529, 0xef7a, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xed6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0xdad6, 0xef7b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b,
+    0xd6b5, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0xdad6, 0xef7b, 0xd6b5, 0x6b5a, 0xb5ad, 0xdef7,
+    0xef7b, 0xf6b5, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x4a56, 0xa529,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xef7b, 0xd6b5, 0x6b5a, 0xbded, 0xdef7, 0xef7b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x7bda, 0xbdef, 0xdef7, 0xef7b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6,
+    0xad6b, 0xd6b5, 0x7b5a, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0xdad6, 0xef7b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xbdad, 0xdef7,
+    0xef7b, 0xd6b5, 0x6b5a, 0xb5ad, 0xdef6, 0xef7b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b,
+    0xd6b5, 0x6b5a, 0xbdad, 0xdef7, 0xef7b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xef6b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xed6b, 0xd6b5, 0x6b5a, 0xbdad, 0xdef7, 0xef7b, 0xf7b5,
+    0x6b5a, 0xb5ad, 0x5ad6, 0xed6b, 0xd6b5, 0x6b5a, 0xb5ad, 0xdad6,
+    0xef7b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xed6b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xf6b5, 0x7bde, 0xbdef,
+    0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7b5, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0xbde9, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x7a42, 0xbdef, 0xdef7, 0xef7b, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0xef48, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084,
+    0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210,
+    0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842,
+    0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421, 0x4210, 0x2108,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0x2108, 0xf484, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x1084, 0x0842, 0x8421, 0x4210, 0x2108, 0x1084, 0x0842, 0x8421,
+    0x4210, 0xef48, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd,
+    0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7,
+    0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde,
+    0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0xf75d, 0x7bde, 0xbdef, 0xdef7, 0xef7b, 0xf7bd, 0x7bde, 0xbdef,
+    0xdef7, 0xef7b, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a,
+    0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b,
+    0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad,
+    0x5ad6, 0xad6b, 0xd6b5, 0x6b5a, 0xb5ad, 0x5ad6, 0xad6b, 0xd6b5,
+    0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529,
+    0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294,
+    0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52,
+    0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a,
+    0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529,
+    0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5,
+    0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294,
+    0x294a, 0x94a5, 0x4a52, 0xa529, 0x5294, 0x294a, 0x94a5, 0x4a52,
+    0xa529, 0x5294, 0x294a, 0xf7bd, 0x7bde, 0xbdef, 0xdef7, 0xef7b,
+    0x739c, 0x39ce, 0x9ce7, 0xce73, 0xe739, 0x739c, 0x39ce, 0x9ce7,
+    0xce73, 0xe739, 0x739c, 0x39ce, 0x9ce7, 0xce73, 0xe739, 0x739c,
+    0x39ce, 0x9ce7, 0xce73, 0xe739, 0x739c, 0x39ce, 0x9ce7, 0xce73,
+    0xe739, 0x739c, 0x39ce, 0x9ce7, 0xce73, 0xe739, 0x739c, 0x39ce,
+    0x9ce7, 0xce73, 0xe739, 0x739c, 0x39ce, 0x9ce7, 0xce73, 0xef79,
+    0x0000
+  }
+};
diff --git a/lib/unistring/unictype/categ_or.c b/lib/unistring/unictype/categ_or.c
new file mode 100644
index 0000000..d1ca517
--- /dev/null
+++ b/lib/unistring/unictype/categ_or.c
@@ -0,0 +1,51 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2007.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+uc_general_category_t
+uc_general_category_or (uc_general_category_t category1,
+                        uc_general_category_t category2)
+{
+  uint32_t bitmask;
+  uc_general_category_t result;
+
+  bitmask = category1.bitmask | category2.bitmask;
+
+  if (bitmask == category1.bitmask)
+    return category1;
+
+  if (bitmask == category2.bitmask)
+    return category2;
+
+  result.bitmask = bitmask;
+  result.generic = 1;
+  result.lookup.lookup_fn = &uc_is_general_category_withtable;
+  return result;
+}
diff --git a/lib/unistring/unictype/categ_test.c b/lib/unistring/unictype/categ_test.c
new file mode 100644
index 0000000..b9fbabf
--- /dev/null
+++ b/lib/unistring/unictype/categ_test.c
@@ -0,0 +1,41 @@
+/* Categories of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+#include "bitmap.h"
+
+bool
+uc_is_general_category (ucs4_t uc, uc_general_category_t category)
+{
+  if (category.generic)
+    return category.lookup.lookup_fn (uc, category.bitmask);
+  else
+    return bitmap_lookup (category.lookup.table, uc);
+}
diff --git a/lib/unistring/unictype/combiningclass.c b/lib/unistring/unictype/combiningclass.c
new file mode 100644
index 0000000..cd7ad59
--- /dev/null
+++ b/lib/unistring/unictype/combiningclass.c
@@ -0,0 +1,56 @@
+/* Combining classes of Unicode characters.
+   Copyright (C) 2002, 2006, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+/* Define u_combclass table.  */
+#include "combiningclass.h"
+
+int
+uc_combining_class (ucs4_t uc)
+{
+  unsigned int index1 = uc >> combclass_header_0;
+  if (index1 < combclass_header_1)
+    {
+      int lookup1 = u_combclass.level1[index1];
+      if (lookup1 >= 0)
+        {
+          unsigned int index2 = (uc >> combclass_header_2) & combclass_header_3;
+          int lookup2 = u_combclass.level2[lookup1 + index2];
+          if (lookup2 >= 0)
+            {
+              unsigned int index3 = (uc & combclass_header_4);
+              unsigned int lookup3 = u_combclass.level3[lookup2 + index3];
+
+              return lookup3;
+            }
+        }
+    }
+  return 0;
+}
diff --git a/lib/unistring/unictype/combiningclass.h b/lib/unistring/unictype/combiningclass.h
new file mode 100644
index 0000000..ddfe9b0
--- /dev/null
+++ b/lib/unistring/unictype/combiningclass.h
@@ -0,0 +1,1351 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Combining class of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define combclass_header_0 16
+#define combclass_header_1 2
+#define combclass_header_2 7
+#define combclass_header_3 511
+#define combclass_header_4 127
+static const
+struct
+  {
+    int level1[2];
+    short level2[2 << 9];
+    unsigned char level3[75 << 7];
+  }
+u_combclass =
+{
+  {     0,   512 },
+  {
+       -1,    -1,    -1,    -1,    -1,    -1,     0,    -1,
+       -1,   128,    -1,   256,   384,   512,   640,   768,
+      896,  1024,  1152,  1280,  1280,  1280,  1280,  1408,
+     1536,  1280,  1408,  1664,  1792,  1920,  2048,  2176,
+     2304,  2432,    -1,    -1,    -1,    -1,  2560,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,  2688,  2816,
+       -1,  2944,  3072,    -1,  3200,  3328,  3456,  3584,
+     3712,  3840,    -1,  3968,    -1,    -1,    -1,    -1,
+       -1,  4096,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,  4224,  4352,  4480,    -1,    -1,    -1,    -1,
+     4608,  4736,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,  4864,  4992,    -1,    -1,
+     5120,  5248,  5376,  5504,    -1,  5632,    -1,  5760,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,  5888,    -1,
+       -1,    -1,    -1,    -1,  6016,    -1,    -1,    -1,
+       -1,    -1,    -1,  6144,    -1,  6272,  6400,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,  6528,  6656,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     6784,  6912,  7040,  7168,  7296,  7424,  7552,    -1,
+     7680,  7808,    -1,  7936,  8064,  8192,  8320,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     8064,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,  8448,  8576,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,  8704,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,  8832,  8960,  9088,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     9216,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,  9344,  9472,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1
+  },
+  {
+    230, 230, 230, 230, 230, 230, 230, 230,
+    230, 230, 230, 230, 230, 230, 230, 230,
+    230, 230, 230, 230, 230, 232, 220, 220,
+    220, 220, 232, 216, 220, 220, 220, 220,
+    220, 202, 202, 220, 220, 220, 220, 202,
+    202, 220, 220, 220, 220, 220, 220, 220,
+    220, 220, 220, 220,   1,   1,   1,   1,
+      1, 220, 220, 220, 220, 230, 230, 230,
+    230, 230, 230, 230, 230, 240, 230, 220,
+    220, 220, 230, 230, 230, 220, 220,   0,
+    230, 230, 230, 220, 220, 220, 220, 230,
+    232, 220, 220, 230, 233, 234, 234, 233,
+    234, 234, 233, 230, 230, 230, 230, 230,
+    230, 230, 230, 230, 230, 230, 230, 230,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0, 230, 230, 230, 230, 230,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0, 220, 230, 230, 230, 230, 220, 230,
+    230, 230, 222, 220, 230, 230, 230, 230,
+    230, 230, 220, 220, 220, 220, 220, 220,
+    230, 230, 220, 230, 230, 222, 228, 230,
+     10,  11,  12,  13,  14,  15,  16,  17,
+     18,  19,  19,  20,  21,  22,   0,  23,
+      0,  24,  25,   0, 230, 220,   0,  18,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230, 230, 230, 230, 230, 230, 230, 230,
+     30,  31,  32,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,  27,  28,  29,  30,  31,
+     32,  33,  34, 230, 230, 220, 220, 230,
+    230, 230, 230, 230, 220, 230, 230, 220,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+     35,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0, 230, 230,
+    230, 230, 230, 230, 230,   0,   0, 230,
+    230, 230, 230, 220, 230,   0,   0, 230,
+    230,   0, 220, 230, 230, 220,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,  36,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230, 220, 230, 230, 220, 230, 230, 220,
+    220, 220, 230, 220, 220, 230, 220, 230,
+    230, 230, 220, 230, 220, 230, 220, 230,
+    220, 230, 230,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0, 230, 230, 230, 230, 230,
+    230, 230, 220, 230,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0, 230, 230,
+    230, 230,   0, 230, 230, 230, 230, 230,
+    230, 230, 230, 230,   0, 230, 230, 230,
+      0, 230, 230, 230, 230, 230,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0, 220, 220, 220,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0, 230, 230, 230, 230,
+    230, 230, 230, 230, 230, 230, 230, 230,
+    230, 230,   0, 220, 230, 230, 220, 230,
+    230, 220, 230, 230, 230, 220, 220, 220,
+     27,  28,  29, 230, 230, 230, 220, 230,
+    230, 220, 220, 230, 230, 230, 230, 230,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   7,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   9,   0,   0,
+      0, 230, 220, 230, 230,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   7,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   9,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   9,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   9,   0,   0,
+      0,   0,   0,   0,   0,  84,  91,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   9,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    103, 103,   9,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    107, 107, 107, 107,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    118, 118,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    122, 122, 122, 122,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    220, 220,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0, 220,   0, 220,
+      0, 216,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0, 129, 130,   0, 132,   0,   0,   0,
+      0,   0, 130, 130, 130, 130,   0,   0,
+    130,   0, 230, 230,   9,   0, 230, 230,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0, 220,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   7,
+      0,   9,   9,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0, 220,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0, 230, 230, 230,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   9,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   9,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   9,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0, 230,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0, 228,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0, 222, 230, 220,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0, 230,
+    220,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      9,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0, 230, 230, 230,
+    230, 230, 230, 230, 230,   0,   0, 220,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230, 230, 230, 230, 230, 220, 220, 220,
+    220, 220, 220, 230, 230, 220,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   7,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   9,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0, 230, 220, 230, 230, 230,
+    230, 230, 230, 230,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   9,   9,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   7,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   9,   9,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   7,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230, 230, 230,   0,   1, 220, 220, 220,
+    220, 220, 230, 230, 220, 220, 220, 220,
+    230,   0,   1,   1,   1,   1,   1,   1,
+      1,   0,   0,   0,   0, 220,   0,   0,
+      0,   0,   0,   0, 230,   0,   0,   0,
+    230, 230,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230, 230, 220, 230, 230, 230, 230, 230,
+    230, 230, 220, 230, 230, 234, 214, 220,
+    202, 230, 230, 230, 230, 230, 230, 230,
+    230, 230, 230, 230, 230, 230, 230, 230,
+    230, 230, 230, 230, 230, 230, 230, 230,
+    230, 230, 230, 230, 230, 230, 230, 230,
+    230, 230, 230, 230, 230, 230,   0,   0,
+      0,   0,   0, 230, 233, 220, 230, 220,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230, 230,   1,   1, 230, 230, 230, 230,
+      1,   1,   1, 230, 230,   0,   0,   0,
+      0, 230,   0,   0,   0,   1,   1, 230,
+    220, 230,   1,   1, 220, 220, 220, 220,
+    230,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0, 230,
+    230, 230,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   9,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230, 230, 230, 230, 230, 230, 230, 230,
+    230, 230, 230, 230, 230, 230, 230, 230,
+    230, 230, 230, 230, 230, 230, 230, 230,
+    230, 230, 230, 230, 230, 230, 230, 230,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0, 218, 228, 232, 222, 224, 224,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   8,   8,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0, 230,
+      0,   0,   0,   0, 230, 230, 230, 230,
+    230, 230, 230, 230, 230, 230,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0, 230, 230,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230, 230,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   9,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   9,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230, 230, 230, 230, 230, 230, 230, 230,
+    230, 230, 230, 230, 230, 230, 230, 230,
+    230, 230,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0, 220, 220, 220,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   9,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   7,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      9,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230,   0, 230, 230, 220,   0,   0, 230,
+    230,   0,   0,   0,   0,   0, 230, 230,
+      0, 230,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   9,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   9,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,  26,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230, 230, 230, 230, 230, 230, 230, 220,
+    220, 220, 220, 220, 220, 220, 230, 230,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0, 220,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    220,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0, 230, 230,
+    230, 230, 230,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0, 220,   0, 230,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230,   1, 220,   0,   0,   0,   0,   9,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0, 230, 220,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   9,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   9,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   9,   7,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230, 230, 230,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   9,   9,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   7,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      9,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   7,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   9,   7,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   7,   9,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   7,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   9,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0, 230, 230,
+    230, 230, 230, 230, 230,   0,   0,   0,
+    230, 230, 230, 230, 230,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   9,   0,   0,   0,   7,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   9,   7,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   9,
+      7,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   9,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   9,   7,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   9,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      1,   1,   1,   1,   1,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230, 230, 230, 230, 230, 230, 230,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   1,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0, 216, 216,   1,
+      1,   1,   0,   0,   0, 226, 216, 216,
+    216, 216, 216,   0,   0,   0,   0,   0,
+      0,   0,   0, 220, 220, 220, 220, 220,
+    220, 220, 220,   0,   0, 230, 230, 230,
+    230, 230, 220, 220,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0, 230, 230, 230, 230,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0, 230, 230, 230,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    230, 230, 230, 230, 230, 230, 230,   0,
+    230, 230, 230, 230, 230, 230, 230, 230,
+    230, 230, 230, 230, 230, 230, 230, 230,
+    230,   0,   0, 230, 230, 230, 230, 230,
+    230, 230,   0, 230, 230,   0, 230, 230,
+    230, 230, 230,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+    220, 220, 220, 220, 220, 220, 220,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0, 230, 230, 230, 230,
+    230, 230,   7,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0,
+      0,   0,   0,   0,   0,   0,   0,   0
+  }
+};
diff --git a/lib/unistring/unictype/pr_default_ignorable_code_point.c b/lib/unistring/unictype/pr_default_ignorable_code_point.c
new file mode 100644
index 0000000..c3e7d27
--- /dev/null
+++ b/lib/unistring/unictype/pr_default_ignorable_code_point.c
@@ -0,0 +1,44 @@
+/* Properties of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+#include "bitmap.h"
+
+/* Define u_property_default_ignorable_code_point table.  */
+#include "pr_default_ignorable_code_point.h"
+
+bool
+uc_is_property_default_ignorable_code_point (ucs4_t uc)
+{
+  return bitmap_lookup (&u_property_default_ignorable_code_point, uc);
+}
+
+const uc_property_t UC_PROPERTY_DEFAULT_IGNORABLE_CODE_POINT =
+  { &uc_is_property_default_ignorable_code_point };
diff --git a/lib/unistring/unictype/pr_default_ignorable_code_point.h b/lib/unistring/unictype/pr_default_ignorable_code_point.h
new file mode 100644
index 0000000..0324b54
--- /dev/null
+++ b/lib/unistring/unictype/pr_default_ignorable_code_point.h
@@ -0,0 +1,472 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Properties of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[15];
+    short level2[3 << 7];
+    unsigned int level3[12 << 4];
+  }
+u_property_default_ignorable_code_point =
+{
+  { 15 },
+  {
+       16 * sizeof (int) / sizeof (short) +     0,
+       16 * sizeof (int) / sizeof (short) +   128,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 * sizeof (int) / sizeof (short) +   256
+  },
+  {
+       16 +   384 * sizeof (short) / sizeof (int) +     0,
+       16 +   384 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +    32,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +    48,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +    64,
+       16 +   384 * sizeof (short) / sizeof (int) +    80,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +    96,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   112,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   128,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   144,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   160,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       16 +   384 * sizeof (short) / sizeof (int) +   176,
+       16 +   384 * sizeof (short) / sizeof (int) +   176,
+       16 +   384 * sizeof (short) / sizeof (int) +   176,
+       16 +   384 * sizeof (short) / sizeof (int) +   176,
+       16 +   384 * sizeof (short) / sizeof (int) +   176,
+       16 +   384 * sizeof (short) / sizeof (int) +   176,
+       16 +   384 * sizeof (short) / sizeof (int) +   176,
+       16 +   384 * sizeof (short) / sizeof (int) +   176,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00002000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00008000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x10000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x80000000U, 0x00000001U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00300000U, 0x00000000U, 0x00000000U,
+    0x00007800U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000F800U, 0x00007C00U, 0x00000000U, 0x0000FFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000010U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x0000FFFFU, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x80000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000001U, 0x00000000U, 0x01FF0000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x0000000FU, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x07F80000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU,
+    0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU
+  }
+};
diff --git a/lib/unistring/unictype/pr_join_control.c b/lib/unistring/unictype/pr_join_control.c
new file mode 100644
index 0000000..8aebae5
--- /dev/null
+++ b/lib/unistring/unictype/pr_join_control.c
@@ -0,0 +1,56 @@
+/* Properties of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+#if 0
+
+#include "bitmap.h"
+
+/* Define u_property_join_control table.  */
+#include "pr_join_control.h"
+
+bool
+uc_is_property_join_control (ucs4_t uc)
+{
+  return bitmap_lookup (&u_property_join_control, uc);
+}
+
+#else
+
+bool
+uc_is_property_join_control (ucs4_t uc)
+{
+  return (uc >= 0x200C && uc <= 0x200D);
+}
+
+#endif
+
+const uc_property_t UC_PROPERTY_JOIN_CONTROL =
+  { &uc_is_property_join_control };
diff --git a/lib/unistring/unictype/pr_join_control.h b/lib/unistring/unictype/pr_join_control.h
new file mode 100644
index 0000000..05f9118
--- /dev/null
+++ b/lib/unistring/unictype/pr_join_control.h
@@ -0,0 +1,156 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Properties of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[1];
+    short level2[1 << 7];
+    unsigned int level3[1 << 4];
+  }
+u_property_join_control =
+{
+  { 1 },
+  {     2 * sizeof (int) / sizeof (short) +     0 },
+  {
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+        2 +   128 * sizeof (short) / sizeof (int) +     0,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1
+  },
+  {
+    0x00003000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U
+  }
+};
diff --git a/lib/unistring/unictype/pr_not_a_character.c b/lib/unistring/unictype/pr_not_a_character.c
new file mode 100644
index 0000000..d87e791
--- /dev/null
+++ b/lib/unistring/unictype/pr_not_a_character.c
@@ -0,0 +1,44 @@
+/* Properties of Unicode characters.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unictype.h"
+
+#include "bitmap.h"
+
+/* Define u_property_not_a_character table.  */
+#include "pr_not_a_character.h"
+
+bool
+uc_is_property_not_a_character (ucs4_t uc)
+{
+  return bitmap_lookup (&u_property_not_a_character, uc);
+}
+
+const uc_property_t UC_PROPERTY_NOT_A_CHARACTER =
+  { &uc_is_property_not_a_character };
diff --git a/lib/unistring/unictype/pr_not_a_character.h b/lib/unistring/unictype/pr_not_a_character.h
new file mode 100644
index 0000000..332f8c8
--- /dev/null
+++ b/lib/unistring/unictype/pr_not_a_character.h
@@ -0,0 +1,306 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Properties of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+#define header_0 16
+#define header_2 9
+#define header_3 127
+#define header_4 15
+static const
+struct
+  {
+    int header[1];
+    int level1[17];
+    short level2[2 << 7];
+    unsigned int level3[2 << 4];
+  }
+u_property_not_a_character =
+{
+  { 17 },
+  {
+       18 * sizeof (int) / sizeof (short) +     0,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128,
+       18 * sizeof (int) / sizeof (short) +   128
+  },
+  {
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   256 * sizeof (short) / sizeof (int) +     0,
+       18 +   256 * sizeof (short) / sizeof (int) +    16,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       -1,
+       18 +   256 * sizeof (short) / sizeof (int) +    16
+  },
+  {
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0xFFFF0000U, 0x0000FFFFU,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0x00000000U,
+    0x00000000U, 0x00000000U, 0x00000000U, 0xC0000000U
+  }
+};
diff --git a/lib/unistring/uninorm.in.h b/lib/unistring/uninorm.in.h
new file mode 100644
index 0000000..645b7f6
--- /dev/null
+++ b/lib/unistring/uninorm.in.h
@@ -0,0 +1,257 @@
+/* Normalization forms (composition and decomposition) of Unicode strings.
+   Copyright (C) 2001-2002, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#ifndef _UNINORM_H
+#define _UNINORM_H
+
+/* Get size_t.  */
+#include <stddef.h>
+
+#include "unitypes.h"
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+/* Conventions:
+
+   All functions prefixed with u8_ operate on UTF-8 encoded strings.
+   Their unit is an uint8_t (1 byte).
+
+   All functions prefixed with u16_ operate on UTF-16 encoded strings.
+   Their unit is an uint16_t (a 2-byte word).
+
+   All functions prefixed with u32_ operate on UCS-4 encoded strings.
+   Their unit is an uint32_t (a 4-byte word).
+
+   All argument pairs (s, n) denote a Unicode string s[0..n-1] with exactly
+   n units.
+
+   Functions returning a string result take a (resultbuf, lengthp) argument
+   pair.  If resultbuf is not NULL and the result fits into *lengthp units,
+   it is put in resultbuf, and resultbuf is returned.  Otherwise, a freshly
+   allocated string is returned.  In both cases, *lengthp is set to the
+   length (number of units) of the returned string.  In case of error,
+   NULL is returned and errno is set.  */
+
+
+enum
+{
+  UC_DECOMP_CANONICAL,/*            Canonical decomposition.                  */
+  UC_DECOMP_FONT,    /*   <font>    A font variant (e.g. a blackletter form). */
+  UC_DECOMP_NOBREAK, /* <noBreak>   A no-break version of a space or hyphen.  */
+  UC_DECOMP_INITIAL, /* <initial>   An initial presentation form (Arabic).    */
+  UC_DECOMP_MEDIAL,  /*  <medial>   A medial presentation form (Arabic).      */
+  UC_DECOMP_FINAL,   /*  <final>    A final presentation form (Arabic).       */
+  UC_DECOMP_ISOLATED,/* <isolated>  An isolated presentation form (Arabic).   */
+  UC_DECOMP_CIRCLE,  /*  <circle>   An encircled form.                        */
+  UC_DECOMP_SUPER,   /*  <super>    A superscript form.                       */
+  UC_DECOMP_SUB,     /*   <sub>     A subscript form.                         */
+  UC_DECOMP_VERTICAL,/* <vertical>  A vertical layout presentation form.      */
+  UC_DECOMP_WIDE,    /*   <wide>    A wide (or zenkaku) compatibility character. */
+  UC_DECOMP_NARROW,  /*  <narrow>   A narrow (or hankaku) compatibility character. */
+  UC_DECOMP_SMALL,   /*  <small>    A small variant form (CNS compatibility). */
+  UC_DECOMP_SQUARE,  /*  <square>   A CJK squared font variant.               */
+  UC_DECOMP_FRACTION,/* <fraction>  A vulgar fraction form.                   */
+  UC_DECOMP_COMPAT   /*  <compat>   Otherwise unspecified compatibility character. */
+};
+
+/* Maximum size of decomposition of a single Unicode character.  */
+#define UC_DECOMPOSITION_MAX_LENGTH 32
+
+/* Return the character decomposition mapping of a Unicode character.
+   DECOMPOSITION must point to an array of at least UC_DECOMPOSITION_MAX_LENGTH
+   ucs_t elements.
+   When a decomposition exists, DECOMPOSITION[0..N-1] and *DECOMP_TAG are
+   filled and N is returned.  Otherwise -1 is returned.  */
+extern int
+       uc_decomposition (ucs4_t uc, int *decomp_tag, ucs4_t *decomposition);
+
+/* Return the canonical character decomposition mapping of a Unicode character.
+   DECOMPOSITION must point to an array of at least UC_DECOMPOSITION_MAX_LENGTH
+   ucs_t elements.
+   When a decomposition exists, DECOMPOSITION[0..N-1] is filled and N is
+   returned.  Otherwise -1 is returned.  */
+extern int
+       uc_canonical_decomposition (ucs4_t uc, ucs4_t *decomposition);
+
+
+/* Attempt to combine the Unicode characters uc1, uc2.
+   uc1 is known to have canonical combining class 0.
+   Return the combination of uc1 and uc2, if it exists.
+   Return 0 otherwise.
+   Not all decompositions can be recombined using this function.  See the
+   Unicode file CompositionExclusions.txt for details.  */
+extern ucs4_t
+       uc_composition (ucs4_t uc1, ucs4_t uc2)
+       _UC_ATTRIBUTE_CONST;
+
+
+/* An object of type uninorm_t denotes a Unicode normalization form.  */
+struct unicode_normalization_form;
+typedef const struct unicode_normalization_form *uninorm_t;
+
+/* UNINORM_NFD: Normalization form D: canonical decomposition.  */
+extern const struct unicode_normalization_form uninorm_nfd;
+#define UNINORM_NFD (&uninorm_nfd)
+
+/* UNINORM_NFC: Normalization form C: canonical decomposition, then
+   canonical composition.  */
+extern const struct unicode_normalization_form uninorm_nfc;
+#define UNINORM_NFC (&uninorm_nfc)
+
+/* UNINORM_NFKD: Normalization form KD: compatibility decomposition.  */
+extern const struct unicode_normalization_form uninorm_nfkd;
+#define UNINORM_NFKD (&uninorm_nfkd)
+
+/* UNINORM_NFKC: Normalization form KC: compatibility decomposition, then
+   canonical composition.  */
+extern const struct unicode_normalization_form uninorm_nfkc;
+#define UNINORM_NFKC (&uninorm_nfkc)
+
+/* Test whether a normalization form does compatibility decomposition.  */
+#define uninorm_is_compat_decomposing(nf) \
+  ((* (const unsigned int *) (nf) >> 0) & 1)
+
+/* Test whether a normalization form includes canonical composition.  */
+#define uninorm_is_composing(nf) \
+  ((* (const unsigned int *) (nf) >> 1) & 1)
+
+/* Return the decomposing variant of a normalization form.
+   This maps NFC,NFD -> NFD and NFKC,NFKD -> NFKD.  */
+extern uninorm_t
+       uninorm_decomposing_form (uninorm_t nf)
+       _UC_ATTRIBUTE_PURE;
+
+
+/* Return the specified normalization form of a string.  */
+extern uint8_t *
+       u8_normalize (uninorm_t nf, const uint8_t *s, size_t n,
+                     uint8_t *_UC_RESTRICT resultbuf, size_t *lengthp);
+extern uint16_t *
+       u16_normalize (uninorm_t nf, const uint16_t *s, size_t n,
+                      uint16_t *_UC_RESTRICT resultbuf, size_t *lengthp);
+extern uint32_t *
+       u32_normalize (uninorm_t nf, const uint32_t *s, size_t n,
+                      uint32_t *_UC_RESTRICT resultbuf, size_t *lengthp);
+
+
+/* Compare S1 and S2, ignoring differences in normalization.
+   NF must be either UNINORM_NFD or UNINORM_NFKD.
+   If successful, set *RESULTP to -1 if S1 < S2, 0 if S1 = S2, 1 if S1 > S2, and
+   return 0.  Upon failure, return -1 with errno set.  */
+extern int
+       u8_normcmp (const uint8_t *s1, size_t n1, const uint8_t *s2, size_t n2,
+                   uninorm_t nf, int *resultp);
+extern int
+       u16_normcmp (const uint16_t *s1, size_t n1, const uint16_t *s2, size_t n2,
+                    uninorm_t nf, int *resultp);
+extern int
+       u32_normcmp (const uint32_t *s1, size_t n1, const uint32_t *s2, size_t n2,
+                    uninorm_t nf, int *resultp);
+
+
+/* Converts the string S of length N to a NUL-terminated byte sequence, in such
+   a way that comparing uN_normxfrm (S1) and uN_normxfrm (S2) with uN_cmp2() is
+   equivalent to comparing S1 and S2 with uN_normcoll().
+   NF must be either UNINORM_NFC or UNINORM_NFKC.  */
+extern char *
+       u8_normxfrm (const uint8_t *s, size_t n, uninorm_t nf,
+                    char *resultbuf, size_t *lengthp);
+extern char *
+       u16_normxfrm (const uint16_t *s, size_t n, uninorm_t nf,
+                     char *resultbuf, size_t *lengthp);
+extern char *
+       u32_normxfrm (const uint32_t *s, size_t n, uninorm_t nf,
+                     char *resultbuf, size_t *lengthp);
+
+
+/* Compare S1 and S2, ignoring differences in normalization, using the
+   collation rules of the current locale.
+   NF must be either UNINORM_NFC or UNINORM_NFKC.
+   If successful, set *RESULTP to -1 if S1 < S2, 0 if S1 = S2, 1 if S1 > S2, and
+   return 0.  Upon failure, return -1 with errno set.  */
+extern int
+       u8_normcoll (const uint8_t *s1, size_t n1, const uint8_t *s2, size_t n2,
+                    uninorm_t nf, int *resultp);
+extern int
+       u16_normcoll (const uint16_t *s1, size_t n1, const uint16_t *s2, size_t n2,
+                     uninorm_t nf, int *resultp);
+extern int
+       u32_normcoll (const uint32_t *s1, size_t n1, const uint32_t *s2, size_t n2,
+                     uninorm_t nf, int *resultp);
+
+
+/* Normalization of a stream of Unicode characters.
+
+   A "stream of Unicode characters" is essentially a function that accepts an
+   ucs4_t argument repeatedly, optionally combined with a function that
+   "flushes" the stream.  */
+
+/* Data type of a stream of Unicode characters that normalizes its input
+   according to a given normalization form and passes the normalized character
+   sequence to the encapsulated stream of Unicode characters.  */
+struct uninorm_filter;
+
+/* Create and return a normalization filter for Unicode characters.
+   The pair (stream_func, stream_data) is the encapsulated stream.
+   stream_func (stream_data, uc) receives the Unicode character uc
+   and returns 0 if successful, or -1 with errno set upon failure.
+   Return the new filter, or NULL with errno set upon failure.  */
+extern struct uninorm_filter *
+       uninorm_filter_create (uninorm_t nf,
+                              int (*stream_func) (void *stream_data, ucs4_t uc),
+                              void *stream_data);
+
+/* Stuff a Unicode character into a normalizing filter.
+   Return 0 if successful, or -1 with errno set upon failure.  */
+extern int
+       uninorm_filter_write (struct uninorm_filter *filter, ucs4_t uc);
+
+/* Bring data buffered in the filter to its destination, the encapsulated
+   stream.
+   Return 0 if successful, or -1 with errno set upon failure.
+   Note! If after calling this function, additional characters are written
+   into the filter, the resulting character sequence in the encapsulated stream
+   will not necessarily be normalized.  */
+extern int
+       uninorm_filter_flush (struct uninorm_filter *filter);
+
+/* Bring data buffered in the filter to its destination, the encapsulated
+   stream, then close and free the filter.
+   Return 0 if successful, or -1 with errno set upon failure.  */
+extern int
+       uninorm_filter_free (struct uninorm_filter *filter);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+
+#endif /* _UNINORM_H */
diff --git a/lib/unistring/uninorm/canonical-decomposition.c b/lib/unistring/uninorm/canonical-decomposition.c
new file mode 100644
index 0000000..7df3689
--- /dev/null
+++ b/lib/unistring/uninorm/canonical-decomposition.c
@@ -0,0 +1,116 @@
+/* Canonical decomposition of Unicode characters.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "uninorm.h"
+
+#include <stdlib.h>
+
+#include "uninorm/decomposition-table.h"
+
+int
+uc_canonical_decomposition (ucs4_t uc, ucs4_t *decomposition)
+{
+  if (uc >= 0xAC00 && uc < 0xD7A4)
+    {
+      /* Hangul syllable.  See Unicode standard, chapter 3, section
+         "Hangul Syllable Decomposition",  See also the clarification at
+         <https://www.unicode.org/versions/Unicode5.1.0/>, section
+         "Clarification of Hangul Jamo Handling".  */
+      unsigned int t;
+
+      uc -= 0xAC00;
+      t = uc % 28;
+
+      if (t == 0)
+        {
+          unsigned int v, l;
+
+          uc = uc / 28;
+          v = uc % 21;
+          l = uc / 21;
+
+          decomposition[0] = 0x1100 + l;
+          decomposition[1] = 0x1161 + v;
+          return 2;
+        }
+      else
+        {
+#if 1 /* Return the pairwise decomposition, not the full decomposition.  */
+          decomposition[0] = 0xAC00 + uc - t; /* = 0xAC00 + (l * 21 + v) * 28; */
+          decomposition[1] = 0x11A7 + t;
+          return 2;
+#else
+          unsigned int v, l;
+
+          uc = uc / 28;
+          v = uc % 21;
+          l = uc / 21;
+
+          decomposition[0] = 0x1100 + l;
+          decomposition[1] = 0x1161 + v;
+          decomposition[2] = 0x11A7 + t;
+          return 3;
+#endif
+        }
+    }
+  else if (uc < 0x110000)
+    {
+      unsigned short entry = decomp_index (uc);
+      /* An entry of (unsigned short)(-1) denotes an absent entry.
+         Otherwise, bit 15 of the entry tells whether the decomposition
+         is a canonical one.  */
+      if (entry < 0x8000)
+        {
+          const unsigned char *p;
+          unsigned int element;
+          unsigned int length;
+
+          p = &gl_uninorm_decomp_chars_table[3 * entry];
+          element = (p[0] << 16) | (p[1] << 8) | p[2];
+          /* The first element has 5 bits for the decomposition type.  */
+          if (((element >> 18) & 0x1f) != UC_DECOMP_CANONICAL)
+            abort ();
+          length = 1;
+          for (;;)
+            {
+              /* Every element has an 18 bits wide Unicode code point.  */
+              *decomposition = element & 0x3ffff;
+              /* Bit 23 tells whether there are more elements,  */
+              if ((element & (1 << 23)) == 0)
+                break;
+              p += 3;
+              element = (p[0] << 16) | (p[1] << 8) | p[2];
+              decomposition++;
+              length++;
+            }
+          return length;
+        }
+    }
+  return -1;
+}
diff --git a/lib/unistring/uninorm/compat-decomposition.c b/lib/unistring/uninorm/compat-decomposition.c
new file mode 100644
index 0000000..db2fbbb
--- /dev/null
+++ b/lib/unistring/uninorm/compat-decomposition.c
@@ -0,0 +1,40 @@
+/* Compatibility decomposition of Unicode characters.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "decompose-internal.h"
+
+#include "uninorm.h"
+
+int
+uc_compat_decomposition (ucs4_t uc, ucs4_t *decomposition)
+{
+  int tag;
+
+  return uc_decomposition (uc, &tag, decomposition);
+}
diff --git a/lib/unistring/uninorm/composition-table.gperf b/lib/unistring/uninorm/composition-table.gperf
new file mode 100644
index 0000000..b82a5ad
--- /dev/null
+++ b/lib/unistring/uninorm/composition-table.gperf
@@ -0,0 +1,979 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Canonical composition of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+
+/* Copyright (C) 2009 Free Software Foundation, Inc.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+struct composition_rule { char codes[6]; };
+%struct-type
+%language=ANSI-C
+%define slot-name codes
+%define hash-function-name gl_uninorm_compose_hash
+%define lookup-function-name gl_uninorm_compose_lookup
+%compare-lengths
+%compare-strncmp
+%readonly-tables
+%omit-struct-type
+%%
+"\x00\x00\x41\x00\x03\x00", 0x00c0
+"\x00\x00\x41\x00\x03\x01", 0x00c1
+"\x00\x00\x41\x00\x03\x02", 0x00c2
+"\x00\x00\x41\x00\x03\x03", 0x00c3
+"\x00\x00\x41\x00\x03\x08", 0x00c4
+"\x00\x00\x41\x00\x03\x0a", 0x00c5
+"\x00\x00\x43\x00\x03\x27", 0x00c7
+"\x00\x00\x45\x00\x03\x00", 0x00c8
+"\x00\x00\x45\x00\x03\x01", 0x00c9
+"\x00\x00\x45\x00\x03\x02", 0x00ca
+"\x00\x00\x45\x00\x03\x08", 0x00cb
+"\x00\x00\x49\x00\x03\x00", 0x00cc
+"\x00\x00\x49\x00\x03\x01", 0x00cd
+"\x00\x00\x49\x00\x03\x02", 0x00ce
+"\x00\x00\x49\x00\x03\x08", 0x00cf
+"\x00\x00\x4e\x00\x03\x03", 0x00d1
+"\x00\x00\x4f\x00\x03\x00", 0x00d2
+"\x00\x00\x4f\x00\x03\x01", 0x00d3
+"\x00\x00\x4f\x00\x03\x02", 0x00d4
+"\x00\x00\x4f\x00\x03\x03", 0x00d5
+"\x00\x00\x4f\x00\x03\x08", 0x00d6
+"\x00\x00\x55\x00\x03\x00", 0x00d9
+"\x00\x00\x55\x00\x03\x01", 0x00da
+"\x00\x00\x55\x00\x03\x02", 0x00db
+"\x00\x00\x55\x00\x03\x08", 0x00dc
+"\x00\x00\x59\x00\x03\x01", 0x00dd
+"\x00\x00\x61\x00\x03\x00", 0x00e0
+"\x00\x00\x61\x00\x03\x01", 0x00e1
+"\x00\x00\x61\x00\x03\x02", 0x00e2
+"\x00\x00\x61\x00\x03\x03", 0x00e3
+"\x00\x00\x61\x00\x03\x08", 0x00e4
+"\x00\x00\x61\x00\x03\x0a", 0x00e5
+"\x00\x00\x63\x00\x03\x27", 0x00e7
+"\x00\x00\x65\x00\x03\x00", 0x00e8
+"\x00\x00\x65\x00\x03\x01", 0x00e9
+"\x00\x00\x65\x00\x03\x02", 0x00ea
+"\x00\x00\x65\x00\x03\x08", 0x00eb
+"\x00\x00\x69\x00\x03\x00", 0x00ec
+"\x00\x00\x69\x00\x03\x01", 0x00ed
+"\x00\x00\x69\x00\x03\x02", 0x00ee
+"\x00\x00\x69\x00\x03\x08", 0x00ef
+"\x00\x00\x6e\x00\x03\x03", 0x00f1
+"\x00\x00\x6f\x00\x03\x00", 0x00f2
+"\x00\x00\x6f\x00\x03\x01", 0x00f3
+"\x00\x00\x6f\x00\x03\x02", 0x00f4
+"\x00\x00\x6f\x00\x03\x03", 0x00f5
+"\x00\x00\x6f\x00\x03\x08", 0x00f6
+"\x00\x00\x75\x00\x03\x00", 0x00f9
+"\x00\x00\x75\x00\x03\x01", 0x00fa
+"\x00\x00\x75\x00\x03\x02", 0x00fb
+"\x00\x00\x75\x00\x03\x08", 0x00fc
+"\x00\x00\x79\x00\x03\x01", 0x00fd
+"\x00\x00\x79\x00\x03\x08", 0x00ff
+"\x00\x00\x41\x00\x03\x04", 0x0100
+"\x00\x00\x61\x00\x03\x04", 0x0101
+"\x00\x00\x41\x00\x03\x06", 0x0102
+"\x00\x00\x61\x00\x03\x06", 0x0103
+"\x00\x00\x41\x00\x03\x28", 0x0104
+"\x00\x00\x61\x00\x03\x28", 0x0105
+"\x00\x00\x43\x00\x03\x01", 0x0106
+"\x00\x00\x63\x00\x03\x01", 0x0107
+"\x00\x00\x43\x00\x03\x02", 0x0108
+"\x00\x00\x63\x00\x03\x02", 0x0109
+"\x00\x00\x43\x00\x03\x07", 0x010a
+"\x00\x00\x63\x00\x03\x07", 0x010b
+"\x00\x00\x43\x00\x03\x0c", 0x010c
+"\x00\x00\x63\x00\x03\x0c", 0x010d
+"\x00\x00\x44\x00\x03\x0c", 0x010e
+"\x00\x00\x64\x00\x03\x0c", 0x010f
+"\x00\x00\x45\x00\x03\x04", 0x0112
+"\x00\x00\x65\x00\x03\x04", 0x0113
+"\x00\x00\x45\x00\x03\x06", 0x0114
+"\x00\x00\x65\x00\x03\x06", 0x0115
+"\x00\x00\x45\x00\x03\x07", 0x0116
+"\x00\x00\x65\x00\x03\x07", 0x0117
+"\x00\x00\x45\x00\x03\x28", 0x0118
+"\x00\x00\x65\x00\x03\x28", 0x0119
+"\x00\x00\x45\x00\x03\x0c", 0x011a
+"\x00\x00\x65\x00\x03\x0c", 0x011b
+"\x00\x00\x47\x00\x03\x02", 0x011c
+"\x00\x00\x67\x00\x03\x02", 0x011d
+"\x00\x00\x47\x00\x03\x06", 0x011e
+"\x00\x00\x67\x00\x03\x06", 0x011f
+"\x00\x00\x47\x00\x03\x07", 0x0120
+"\x00\x00\x67\x00\x03\x07", 0x0121
+"\x00\x00\x47\x00\x03\x27", 0x0122
+"\x00\x00\x67\x00\x03\x27", 0x0123
+"\x00\x00\x48\x00\x03\x02", 0x0124
+"\x00\x00\x68\x00\x03\x02", 0x0125
+"\x00\x00\x49\x00\x03\x03", 0x0128
+"\x00\x00\x69\x00\x03\x03", 0x0129
+"\x00\x00\x49\x00\x03\x04", 0x012a
+"\x00\x00\x69\x00\x03\x04", 0x012b
+"\x00\x00\x49\x00\x03\x06", 0x012c
+"\x00\x00\x69\x00\x03\x06", 0x012d
+"\x00\x00\x49\x00\x03\x28", 0x012e
+"\x00\x00\x69\x00\x03\x28", 0x012f
+"\x00\x00\x49\x00\x03\x07", 0x0130
+"\x00\x00\x4a\x00\x03\x02", 0x0134
+"\x00\x00\x6a\x00\x03\x02", 0x0135
+"\x00\x00\x4b\x00\x03\x27", 0x0136
+"\x00\x00\x6b\x00\x03\x27", 0x0137
+"\x00\x00\x4c\x00\x03\x01", 0x0139
+"\x00\x00\x6c\x00\x03\x01", 0x013a
+"\x00\x00\x4c\x00\x03\x27", 0x013b
+"\x00\x00\x6c\x00\x03\x27", 0x013c
+"\x00\x00\x4c\x00\x03\x0c", 0x013d
+"\x00\x00\x6c\x00\x03\x0c", 0x013e
+"\x00\x00\x4e\x00\x03\x01", 0x0143
+"\x00\x00\x6e\x00\x03\x01", 0x0144
+"\x00\x00\x4e\x00\x03\x27", 0x0145
+"\x00\x00\x6e\x00\x03\x27", 0x0146
+"\x00\x00\x4e\x00\x03\x0c", 0x0147
+"\x00\x00\x6e\x00\x03\x0c", 0x0148
+"\x00\x00\x4f\x00\x03\x04", 0x014c
+"\x00\x00\x6f\x00\x03\x04", 0x014d
+"\x00\x00\x4f\x00\x03\x06", 0x014e
+"\x00\x00\x6f\x00\x03\x06", 0x014f
+"\x00\x00\x4f\x00\x03\x0b", 0x0150
+"\x00\x00\x6f\x00\x03\x0b", 0x0151
+"\x00\x00\x52\x00\x03\x01", 0x0154
+"\x00\x00\x72\x00\x03\x01", 0x0155
+"\x00\x00\x52\x00\x03\x27", 0x0156
+"\x00\x00\x72\x00\x03\x27", 0x0157
+"\x00\x00\x52\x00\x03\x0c", 0x0158
+"\x00\x00\x72\x00\x03\x0c", 0x0159
+"\x00\x00\x53\x00\x03\x01", 0x015a
+"\x00\x00\x73\x00\x03\x01", 0x015b
+"\x00\x00\x53\x00\x03\x02", 0x015c
+"\x00\x00\x73\x00\x03\x02", 0x015d
+"\x00\x00\x53\x00\x03\x27", 0x015e
+"\x00\x00\x73\x00\x03\x27", 0x015f
+"\x00\x00\x53\x00\x03\x0c", 0x0160
+"\x00\x00\x73\x00\x03\x0c", 0x0161
+"\x00\x00\x54\x00\x03\x27", 0x0162
+"\x00\x00\x74\x00\x03\x27", 0x0163
+"\x00\x00\x54\x00\x03\x0c", 0x0164
+"\x00\x00\x74\x00\x03\x0c", 0x0165
+"\x00\x00\x55\x00\x03\x03", 0x0168
+"\x00\x00\x75\x00\x03\x03", 0x0169
+"\x00\x00\x55\x00\x03\x04", 0x016a
+"\x00\x00\x75\x00\x03\x04", 0x016b
+"\x00\x00\x55\x00\x03\x06", 0x016c
+"\x00\x00\x75\x00\x03\x06", 0x016d
+"\x00\x00\x55\x00\x03\x0a", 0x016e
+"\x00\x00\x75\x00\x03\x0a", 0x016f
+"\x00\x00\x55\x00\x03\x0b", 0x0170
+"\x00\x00\x75\x00\x03\x0b", 0x0171
+"\x00\x00\x55\x00\x03\x28", 0x0172
+"\x00\x00\x75\x00\x03\x28", 0x0173
+"\x00\x00\x57\x00\x03\x02", 0x0174
+"\x00\x00\x77\x00\x03\x02", 0x0175
+"\x00\x00\x59\x00\x03\x02", 0x0176
+"\x00\x00\x79\x00\x03\x02", 0x0177
+"\x00\x00\x59\x00\x03\x08", 0x0178
+"\x00\x00\x5a\x00\x03\x01", 0x0179
+"\x00\x00\x7a\x00\x03\x01", 0x017a
+"\x00\x00\x5a\x00\x03\x07", 0x017b
+"\x00\x00\x7a\x00\x03\x07", 0x017c
+"\x00\x00\x5a\x00\x03\x0c", 0x017d
+"\x00\x00\x7a\x00\x03\x0c", 0x017e
+"\x00\x00\x4f\x00\x03\x1b", 0x01a0
+"\x00\x00\x6f\x00\x03\x1b", 0x01a1
+"\x00\x00\x55\x00\x03\x1b", 0x01af
+"\x00\x00\x75\x00\x03\x1b", 0x01b0
+"\x00\x00\x41\x00\x03\x0c", 0x01cd
+"\x00\x00\x61\x00\x03\x0c", 0x01ce
+"\x00\x00\x49\x00\x03\x0c", 0x01cf
+"\x00\x00\x69\x00\x03\x0c", 0x01d0
+"\x00\x00\x4f\x00\x03\x0c", 0x01d1
+"\x00\x00\x6f\x00\x03\x0c", 0x01d2
+"\x00\x00\x55\x00\x03\x0c", 0x01d3
+"\x00\x00\x75\x00\x03\x0c", 0x01d4
+"\x00\x00\xdc\x00\x03\x04", 0x01d5
+"\x00\x00\xfc\x00\x03\x04", 0x01d6
+"\x00\x00\xdc\x00\x03\x01", 0x01d7
+"\x00\x00\xfc\x00\x03\x01", 0x01d8
+"\x00\x00\xdc\x00\x03\x0c", 0x01d9
+"\x00\x00\xfc\x00\x03\x0c", 0x01da
+"\x00\x00\xdc\x00\x03\x00", 0x01db
+"\x00\x00\xfc\x00\x03\x00", 0x01dc
+"\x00\x00\xc4\x00\x03\x04", 0x01de
+"\x00\x00\xe4\x00\x03\x04", 0x01df
+"\x00\x02\x26\x00\x03\x04", 0x01e0
+"\x00\x02\x27\x00\x03\x04", 0x01e1
+"\x00\x00\xc6\x00\x03\x04", 0x01e2
+"\x00\x00\xe6\x00\x03\x04", 0x01e3
+"\x00\x00\x47\x00\x03\x0c", 0x01e6
+"\x00\x00\x67\x00\x03\x0c", 0x01e7
+"\x00\x00\x4b\x00\x03\x0c", 0x01e8
+"\x00\x00\x6b\x00\x03\x0c", 0x01e9
+"\x00\x00\x4f\x00\x03\x28", 0x01ea
+"\x00\x00\x6f\x00\x03\x28", 0x01eb
+"\x00\x01\xea\x00\x03\x04", 0x01ec
+"\x00\x01\xeb\x00\x03\x04", 0x01ed
+"\x00\x01\xb7\x00\x03\x0c", 0x01ee
+"\x00\x02\x92\x00\x03\x0c", 0x01ef
+"\x00\x00\x6a\x00\x03\x0c", 0x01f0
+"\x00\x00\x47\x00\x03\x01", 0x01f4
+"\x00\x00\x67\x00\x03\x01", 0x01f5
+"\x00\x00\x4e\x00\x03\x00", 0x01f8
+"\x00\x00\x6e\x00\x03\x00", 0x01f9
+"\x00\x00\xc5\x00\x03\x01", 0x01fa
+"\x00\x00\xe5\x00\x03\x01", 0x01fb
+"\x00\x00\xc6\x00\x03\x01", 0x01fc
+"\x00\x00\xe6\x00\x03\x01", 0x01fd
+"\x00\x00\xd8\x00\x03\x01", 0x01fe
+"\x00\x00\xf8\x00\x03\x01", 0x01ff
+"\x00\x00\x41\x00\x03\x0f", 0x0200
+"\x00\x00\x61\x00\x03\x0f", 0x0201
+"\x00\x00\x41\x00\x03\x11", 0x0202
+"\x00\x00\x61\x00\x03\x11", 0x0203
+"\x00\x00\x45\x00\x03\x0f", 0x0204
+"\x00\x00\x65\x00\x03\x0f", 0x0205
+"\x00\x00\x45\x00\x03\x11", 0x0206
+"\x00\x00\x65\x00\x03\x11", 0x0207
+"\x00\x00\x49\x00\x03\x0f", 0x0208
+"\x00\x00\x69\x00\x03\x0f", 0x0209
+"\x00\x00\x49\x00\x03\x11", 0x020a
+"\x00\x00\x69\x00\x03\x11", 0x020b
+"\x00\x00\x4f\x00\x03\x0f", 0x020c
+"\x00\x00\x6f\x00\x03\x0f", 0x020d
+"\x00\x00\x4f\x00\x03\x11", 0x020e
+"\x00\x00\x6f\x00\x03\x11", 0x020f
+"\x00\x00\x52\x00\x03\x0f", 0x0210
+"\x00\x00\x72\x00\x03\x0f", 0x0211
+"\x00\x00\x52\x00\x03\x11", 0x0212
+"\x00\x00\x72\x00\x03\x11", 0x0213
+"\x00\x00\x55\x00\x03\x0f", 0x0214
+"\x00\x00\x75\x00\x03\x0f", 0x0215
+"\x00\x00\x55\x00\x03\x11", 0x0216
+"\x00\x00\x75\x00\x03\x11", 0x0217
+"\x00\x00\x53\x00\x03\x26", 0x0218
+"\x00\x00\x73\x00\x03\x26", 0x0219
+"\x00\x00\x54\x00\x03\x26", 0x021a
+"\x00\x00\x74\x00\x03\x26", 0x021b
+"\x00\x00\x48\x00\x03\x0c", 0x021e
+"\x00\x00\x68\x00\x03\x0c", 0x021f
+"\x00\x00\x41\x00\x03\x07", 0x0226
+"\x00\x00\x61\x00\x03\x07", 0x0227
+"\x00\x00\x45\x00\x03\x27", 0x0228
+"\x00\x00\x65\x00\x03\x27", 0x0229
+"\x00\x00\xd6\x00\x03\x04", 0x022a
+"\x00\x00\xf6\x00\x03\x04", 0x022b
+"\x00\x00\xd5\x00\x03\x04", 0x022c
+"\x00\x00\xf5\x00\x03\x04", 0x022d
+"\x00\x00\x4f\x00\x03\x07", 0x022e
+"\x00\x00\x6f\x00\x03\x07", 0x022f
+"\x00\x02\x2e\x00\x03\x04", 0x0230
+"\x00\x02\x2f\x00\x03\x04", 0x0231
+"\x00\x00\x59\x00\x03\x04", 0x0232
+"\x00\x00\x79\x00\x03\x04", 0x0233
+"\x00\x00\xa8\x00\x03\x01", 0x0385
+"\x00\x03\x91\x00\x03\x01", 0x0386
+"\x00\x03\x95\x00\x03\x01", 0x0388
+"\x00\x03\x97\x00\x03\x01", 0x0389
+"\x00\x03\x99\x00\x03\x01", 0x038a
+"\x00\x03\x9f\x00\x03\x01", 0x038c
+"\x00\x03\xa5\x00\x03\x01", 0x038e
+"\x00\x03\xa9\x00\x03\x01", 0x038f
+"\x00\x03\xca\x00\x03\x01", 0x0390
+"\x00\x03\x99\x00\x03\x08", 0x03aa
+"\x00\x03\xa5\x00\x03\x08", 0x03ab
+"\x00\x03\xb1\x00\x03\x01", 0x03ac
+"\x00\x03\xb5\x00\x03\x01", 0x03ad
+"\x00\x03\xb7\x00\x03\x01", 0x03ae
+"\x00\x03\xb9\x00\x03\x01", 0x03af
+"\x00\x03\xcb\x00\x03\x01", 0x03b0
+"\x00\x03\xb9\x00\x03\x08", 0x03ca
+"\x00\x03\xc5\x00\x03\x08", 0x03cb
+"\x00\x03\xbf\x00\x03\x01", 0x03cc
+"\x00\x03\xc5\x00\x03\x01", 0x03cd
+"\x00\x03\xc9\x00\x03\x01", 0x03ce
+"\x00\x03\xd2\x00\x03\x01", 0x03d3
+"\x00\x03\xd2\x00\x03\x08", 0x03d4
+"\x00\x04\x15\x00\x03\x00", 0x0400
+"\x00\x04\x15\x00\x03\x08", 0x0401
+"\x00\x04\x13\x00\x03\x01", 0x0403
+"\x00\x04\x06\x00\x03\x08", 0x0407
+"\x00\x04\x1a\x00\x03\x01", 0x040c
+"\x00\x04\x18\x00\x03\x00", 0x040d
+"\x00\x04\x23\x00\x03\x06", 0x040e
+"\x00\x04\x18\x00\x03\x06", 0x0419
+"\x00\x04\x38\x00\x03\x06", 0x0439
+"\x00\x04\x35\x00\x03\x00", 0x0450
+"\x00\x04\x35\x00\x03\x08", 0x0451
+"\x00\x04\x33\x00\x03\x01", 0x0453
+"\x00\x04\x56\x00\x03\x08", 0x0457
+"\x00\x04\x3a\x00\x03\x01", 0x045c
+"\x00\x04\x38\x00\x03\x00", 0x045d
+"\x00\x04\x43\x00\x03\x06", 0x045e
+"\x00\x04\x74\x00\x03\x0f", 0x0476
+"\x00\x04\x75\x00\x03\x0f", 0x0477
+"\x00\x04\x16\x00\x03\x06", 0x04c1
+"\x00\x04\x36\x00\x03\x06", 0x04c2
+"\x00\x04\x10\x00\x03\x06", 0x04d0
+"\x00\x04\x30\x00\x03\x06", 0x04d1
+"\x00\x04\x10\x00\x03\x08", 0x04d2
+"\x00\x04\x30\x00\x03\x08", 0x04d3
+"\x00\x04\x15\x00\x03\x06", 0x04d6
+"\x00\x04\x35\x00\x03\x06", 0x04d7
+"\x00\x04\xd8\x00\x03\x08", 0x04da
+"\x00\x04\xd9\x00\x03\x08", 0x04db
+"\x00\x04\x16\x00\x03\x08", 0x04dc
+"\x00\x04\x36\x00\x03\x08", 0x04dd
+"\x00\x04\x17\x00\x03\x08", 0x04de
+"\x00\x04\x37\x00\x03\x08", 0x04df
+"\x00\x04\x18\x00\x03\x04", 0x04e2
+"\x00\x04\x38\x00\x03\x04", 0x04e3
+"\x00\x04\x18\x00\x03\x08", 0x04e4
+"\x00\x04\x38\x00\x03\x08", 0x04e5
+"\x00\x04\x1e\x00\x03\x08", 0x04e6
+"\x00\x04\x3e\x00\x03\x08", 0x04e7
+"\x00\x04\xe8\x00\x03\x08", 0x04ea
+"\x00\x04\xe9\x00\x03\x08", 0x04eb
+"\x00\x04\x2d\x00\x03\x08", 0x04ec
+"\x00\x04\x4d\x00\x03\x08", 0x04ed
+"\x00\x04\x23\x00\x03\x04", 0x04ee
+"\x00\x04\x43\x00\x03\x04", 0x04ef
+"\x00\x04\x23\x00\x03\x08", 0x04f0
+"\x00\x04\x43\x00\x03\x08", 0x04f1
+"\x00\x04\x23\x00\x03\x0b", 0x04f2
+"\x00\x04\x43\x00\x03\x0b", 0x04f3
+"\x00\x04\x27\x00\x03\x08", 0x04f4
+"\x00\x04\x47\x00\x03\x08", 0x04f5
+"\x00\x04\x2b\x00\x03\x08", 0x04f8
+"\x00\x04\x4b\x00\x03\x08", 0x04f9
+"\x00\x06\x27\x00\x06\x53", 0x0622
+"\x00\x06\x27\x00\x06\x54", 0x0623
+"\x00\x06\x48\x00\x06\x54", 0x0624
+"\x00\x06\x27\x00\x06\x55", 0x0625
+"\x00\x06\x4a\x00\x06\x54", 0x0626
+"\x00\x06\xd5\x00\x06\x54", 0x06c0
+"\x00\x06\xc1\x00\x06\x54", 0x06c2
+"\x00\x06\xd2\x00\x06\x54", 0x06d3
+"\x00\x09\x28\x00\x09\x3c", 0x0929
+"\x00\x09\x30\x00\x09\x3c", 0x0931
+"\x00\x09\x33\x00\x09\x3c", 0x0934
+"\x00\x09\xc7\x00\x09\xbe", 0x09cb
+"\x00\x09\xc7\x00\x09\xd7", 0x09cc
+"\x00\x0b\x47\x00\x0b\x56", 0x0b48
+"\x00\x0b\x47\x00\x0b\x3e", 0x0b4b
+"\x00\x0b\x47\x00\x0b\x57", 0x0b4c
+"\x00\x0b\x92\x00\x0b\xd7", 0x0b94
+"\x00\x0b\xc6\x00\x0b\xbe", 0x0bca
+"\x00\x0b\xc7\x00\x0b\xbe", 0x0bcb
+"\x00\x0b\xc6\x00\x0b\xd7", 0x0bcc
+"\x00\x0c\x46\x00\x0c\x56", 0x0c48
+"\x00\x0c\xbf\x00\x0c\xd5", 0x0cc0
+"\x00\x0c\xc6\x00\x0c\xd5", 0x0cc7
+"\x00\x0c\xc6\x00\x0c\xd6", 0x0cc8
+"\x00\x0c\xc6\x00\x0c\xc2", 0x0cca
+"\x00\x0c\xca\x00\x0c\xd5", 0x0ccb
+"\x00\x0d\x46\x00\x0d\x3e", 0x0d4a
+"\x00\x0d\x47\x00\x0d\x3e", 0x0d4b
+"\x00\x0d\x46\x00\x0d\x57", 0x0d4c
+"\x00\x0d\xd9\x00\x0d\xca", 0x0dda
+"\x00\x0d\xd9\x00\x0d\xcf", 0x0ddc
+"\x00\x0d\xdc\x00\x0d\xca", 0x0ddd
+"\x00\x0d\xd9\x00\x0d\xdf", 0x0dde
+"\x00\x10\x25\x00\x10\x2e", 0x1026
+"\x00\x1b\x05\x00\x1b\x35", 0x1b06
+"\x00\x1b\x07\x00\x1b\x35", 0x1b08
+"\x00\x1b\x09\x00\x1b\x35", 0x1b0a
+"\x00\x1b\x0b\x00\x1b\x35", 0x1b0c
+"\x00\x1b\x0d\x00\x1b\x35", 0x1b0e
+"\x00\x1b\x11\x00\x1b\x35", 0x1b12
+"\x00\x1b\x3a\x00\x1b\x35", 0x1b3b
+"\x00\x1b\x3c\x00\x1b\x35", 0x1b3d
+"\x00\x1b\x3e\x00\x1b\x35", 0x1b40
+"\x00\x1b\x3f\x00\x1b\x35", 0x1b41
+"\x00\x1b\x42\x00\x1b\x35", 0x1b43
+"\x00\x00\x41\x00\x03\x25", 0x1e00
+"\x00\x00\x61\x00\x03\x25", 0x1e01
+"\x00\x00\x42\x00\x03\x07", 0x1e02
+"\x00\x00\x62\x00\x03\x07", 0x1e03
+"\x00\x00\x42\x00\x03\x23", 0x1e04
+"\x00\x00\x62\x00\x03\x23", 0x1e05
+"\x00\x00\x42\x00\x03\x31", 0x1e06
+"\x00\x00\x62\x00\x03\x31", 0x1e07
+"\x00\x00\xc7\x00\x03\x01", 0x1e08
+"\x00\x00\xe7\x00\x03\x01", 0x1e09
+"\x00\x00\x44\x00\x03\x07", 0x1e0a
+"\x00\x00\x64\x00\x03\x07", 0x1e0b
+"\x00\x00\x44\x00\x03\x23", 0x1e0c
+"\x00\x00\x64\x00\x03\x23", 0x1e0d
+"\x00\x00\x44\x00\x03\x31", 0x1e0e
+"\x00\x00\x64\x00\x03\x31", 0x1e0f
+"\x00\x00\x44\x00\x03\x27", 0x1e10
+"\x00\x00\x64\x00\x03\x27", 0x1e11
+"\x00\x00\x44\x00\x03\x2d", 0x1e12
+"\x00\x00\x64\x00\x03\x2d", 0x1e13
+"\x00\x01\x12\x00\x03\x00", 0x1e14
+"\x00\x01\x13\x00\x03\x00", 0x1e15
+"\x00\x01\x12\x00\x03\x01", 0x1e16
+"\x00\x01\x13\x00\x03\x01", 0x1e17
+"\x00\x00\x45\x00\x03\x2d", 0x1e18
+"\x00\x00\x65\x00\x03\x2d", 0x1e19
+"\x00\x00\x45\x00\x03\x30", 0x1e1a
+"\x00\x00\x65\x00\x03\x30", 0x1e1b
+"\x00\x02\x28\x00\x03\x06", 0x1e1c
+"\x00\x02\x29\x00\x03\x06", 0x1e1d
+"\x00\x00\x46\x00\x03\x07", 0x1e1e
+"\x00\x00\x66\x00\x03\x07", 0x1e1f
+"\x00\x00\x47\x00\x03\x04", 0x1e20
+"\x00\x00\x67\x00\x03\x04", 0x1e21
+"\x00\x00\x48\x00\x03\x07", 0x1e22
+"\x00\x00\x68\x00\x03\x07", 0x1e23
+"\x00\x00\x48\x00\x03\x23", 0x1e24
+"\x00\x00\x68\x00\x03\x23", 0x1e25
+"\x00\x00\x48\x00\x03\x08", 0x1e26
+"\x00\x00\x68\x00\x03\x08", 0x1e27
+"\x00\x00\x48\x00\x03\x27", 0x1e28
+"\x00\x00\x68\x00\x03\x27", 0x1e29
+"\x00\x00\x48\x00\x03\x2e", 0x1e2a
+"\x00\x00\x68\x00\x03\x2e", 0x1e2b
+"\x00\x00\x49\x00\x03\x30", 0x1e2c
+"\x00\x00\x69\x00\x03\x30", 0x1e2d
+"\x00\x00\xcf\x00\x03\x01", 0x1e2e
+"\x00\x00\xef\x00\x03\x01", 0x1e2f
+"\x00\x00\x4b\x00\x03\x01", 0x1e30
+"\x00\x00\x6b\x00\x03\x01", 0x1e31
+"\x00\x00\x4b\x00\x03\x23", 0x1e32
+"\x00\x00\x6b\x00\x03\x23", 0x1e33
+"\x00\x00\x4b\x00\x03\x31", 0x1e34
+"\x00\x00\x6b\x00\x03\x31", 0x1e35
+"\x00\x00\x4c\x00\x03\x23", 0x1e36
+"\x00\x00\x6c\x00\x03\x23", 0x1e37
+"\x00\x1e\x36\x00\x03\x04", 0x1e38
+"\x00\x1e\x37\x00\x03\x04", 0x1e39
+"\x00\x00\x4c\x00\x03\x31", 0x1e3a
+"\x00\x00\x6c\x00\x03\x31", 0x1e3b
+"\x00\x00\x4c\x00\x03\x2d", 0x1e3c
+"\x00\x00\x6c\x00\x03\x2d", 0x1e3d
+"\x00\x00\x4d\x00\x03\x01", 0x1e3e
+"\x00\x00\x6d\x00\x03\x01", 0x1e3f
+"\x00\x00\x4d\x00\x03\x07", 0x1e40
+"\x00\x00\x6d\x00\x03\x07", 0x1e41
+"\x00\x00\x4d\x00\x03\x23", 0x1e42
+"\x00\x00\x6d\x00\x03\x23", 0x1e43
+"\x00\x00\x4e\x00\x03\x07", 0x1e44
+"\x00\x00\x6e\x00\x03\x07", 0x1e45
+"\x00\x00\x4e\x00\x03\x23", 0x1e46
+"\x00\x00\x6e\x00\x03\x23", 0x1e47
+"\x00\x00\x4e\x00\x03\x31", 0x1e48
+"\x00\x00\x6e\x00\x03\x31", 0x1e49
+"\x00\x00\x4e\x00\x03\x2d", 0x1e4a
+"\x00\x00\x6e\x00\x03\x2d", 0x1e4b
+"\x00\x00\xd5\x00\x03\x01", 0x1e4c
+"\x00\x00\xf5\x00\x03\x01", 0x1e4d
+"\x00\x00\xd5\x00\x03\x08", 0x1e4e
+"\x00\x00\xf5\x00\x03\x08", 0x1e4f
+"\x00\x01\x4c\x00\x03\x00", 0x1e50
+"\x00\x01\x4d\x00\x03\x00", 0x1e51
+"\x00\x01\x4c\x00\x03\x01", 0x1e52
+"\x00\x01\x4d\x00\x03\x01", 0x1e53
+"\x00\x00\x50\x00\x03\x01", 0x1e54
+"\x00\x00\x70\x00\x03\x01", 0x1e55
+"\x00\x00\x50\x00\x03\x07", 0x1e56
+"\x00\x00\x70\x00\x03\x07", 0x1e57
+"\x00\x00\x52\x00\x03\x07", 0x1e58
+"\x00\x00\x72\x00\x03\x07", 0x1e59
+"\x00\x00\x52\x00\x03\x23", 0x1e5a
+"\x00\x00\x72\x00\x03\x23", 0x1e5b
+"\x00\x1e\x5a\x00\x03\x04", 0x1e5c
+"\x00\x1e\x5b\x00\x03\x04", 0x1e5d
+"\x00\x00\x52\x00\x03\x31", 0x1e5e
+"\x00\x00\x72\x00\x03\x31", 0x1e5f
+"\x00\x00\x53\x00\x03\x07", 0x1e60
+"\x00\x00\x73\x00\x03\x07", 0x1e61
+"\x00\x00\x53\x00\x03\x23", 0x1e62
+"\x00\x00\x73\x00\x03\x23", 0x1e63
+"\x00\x01\x5a\x00\x03\x07", 0x1e64
+"\x00\x01\x5b\x00\x03\x07", 0x1e65
+"\x00\x01\x60\x00\x03\x07", 0x1e66
+"\x00\x01\x61\x00\x03\x07", 0x1e67
+"\x00\x1e\x62\x00\x03\x07", 0x1e68
+"\x00\x1e\x63\x00\x03\x07", 0x1e69
+"\x00\x00\x54\x00\x03\x07", 0x1e6a
+"\x00\x00\x74\x00\x03\x07", 0x1e6b
+"\x00\x00\x54\x00\x03\x23", 0x1e6c
+"\x00\x00\x74\x00\x03\x23", 0x1e6d
+"\x00\x00\x54\x00\x03\x31", 0x1e6e
+"\x00\x00\x74\x00\x03\x31", 0x1e6f
+"\x00\x00\x54\x00\x03\x2d", 0x1e70
+"\x00\x00\x74\x00\x03\x2d", 0x1e71
+"\x00\x00\x55\x00\x03\x24", 0x1e72
+"\x00\x00\x75\x00\x03\x24", 0x1e73
+"\x00\x00\x55\x00\x03\x30", 0x1e74
+"\x00\x00\x75\x00\x03\x30", 0x1e75
+"\x00\x00\x55\x00\x03\x2d", 0x1e76
+"\x00\x00\x75\x00\x03\x2d", 0x1e77
+"\x00\x01\x68\x00\x03\x01", 0x1e78
+"\x00\x01\x69\x00\x03\x01", 0x1e79
+"\x00\x01\x6a\x00\x03\x08", 0x1e7a
+"\x00\x01\x6b\x00\x03\x08", 0x1e7b
+"\x00\x00\x56\x00\x03\x03", 0x1e7c
+"\x00\x00\x76\x00\x03\x03", 0x1e7d
+"\x00\x00\x56\x00\x03\x23", 0x1e7e
+"\x00\x00\x76\x00\x03\x23", 0x1e7f
+"\x00\x00\x57\x00\x03\x00", 0x1e80
+"\x00\x00\x77\x00\x03\x00", 0x1e81
+"\x00\x00\x57\x00\x03\x01", 0x1e82
+"\x00\x00\x77\x00\x03\x01", 0x1e83
+"\x00\x00\x57\x00\x03\x08", 0x1e84
+"\x00\x00\x77\x00\x03\x08", 0x1e85
+"\x00\x00\x57\x00\x03\x07", 0x1e86
+"\x00\x00\x77\x00\x03\x07", 0x1e87
+"\x00\x00\x57\x00\x03\x23", 0x1e88
+"\x00\x00\x77\x00\x03\x23", 0x1e89
+"\x00\x00\x58\x00\x03\x07", 0x1e8a
+"\x00\x00\x78\x00\x03\x07", 0x1e8b
+"\x00\x00\x58\x00\x03\x08", 0x1e8c
+"\x00\x00\x78\x00\x03\x08", 0x1e8d
+"\x00\x00\x59\x00\x03\x07", 0x1e8e
+"\x00\x00\x79\x00\x03\x07", 0x1e8f
+"\x00\x00\x5a\x00\x03\x02", 0x1e90
+"\x00\x00\x7a\x00\x03\x02", 0x1e91
+"\x00\x00\x5a\x00\x03\x23", 0x1e92
+"\x00\x00\x7a\x00\x03\x23", 0x1e93
+"\x00\x00\x5a\x00\x03\x31", 0x1e94
+"\x00\x00\x7a\x00\x03\x31", 0x1e95
+"\x00\x00\x68\x00\x03\x31", 0x1e96
+"\x00\x00\x74\x00\x03\x08", 0x1e97
+"\x00\x00\x77\x00\x03\x0a", 0x1e98
+"\x00\x00\x79\x00\x03\x0a", 0x1e99
+"\x00\x01\x7f\x00\x03\x07", 0x1e9b
+"\x00\x00\x41\x00\x03\x23", 0x1ea0
+"\x00\x00\x61\x00\x03\x23", 0x1ea1
+"\x00\x00\x41\x00\x03\x09", 0x1ea2
+"\x00\x00\x61\x00\x03\x09", 0x1ea3
+"\x00\x00\xc2\x00\x03\x01", 0x1ea4
+"\x00\x00\xe2\x00\x03\x01", 0x1ea5
+"\x00\x00\xc2\x00\x03\x00", 0x1ea6
+"\x00\x00\xe2\x00\x03\x00", 0x1ea7
+"\x00\x00\xc2\x00\x03\x09", 0x1ea8
+"\x00\x00\xe2\x00\x03\x09", 0x1ea9
+"\x00\x00\xc2\x00\x03\x03", 0x1eaa
+"\x00\x00\xe2\x00\x03\x03", 0x1eab
+"\x00\x1e\xa0\x00\x03\x02", 0x1eac
+"\x00\x1e\xa1\x00\x03\x02", 0x1ead
+"\x00\x01\x02\x00\x03\x01", 0x1eae
+"\x00\x01\x03\x00\x03\x01", 0x1eaf
+"\x00\x01\x02\x00\x03\x00", 0x1eb0
+"\x00\x01\x03\x00\x03\x00", 0x1eb1
+"\x00\x01\x02\x00\x03\x09", 0x1eb2
+"\x00\x01\x03\x00\x03\x09", 0x1eb3
+"\x00\x01\x02\x00\x03\x03", 0x1eb4
+"\x00\x01\x03\x00\x03\x03", 0x1eb5
+"\x00\x1e\xa0\x00\x03\x06", 0x1eb6
+"\x00\x1e\xa1\x00\x03\x06", 0x1eb7
+"\x00\x00\x45\x00\x03\x23", 0x1eb8
+"\x00\x00\x65\x00\x03\x23", 0x1eb9
+"\x00\x00\x45\x00\x03\x09", 0x1eba
+"\x00\x00\x65\x00\x03\x09", 0x1ebb
+"\x00\x00\x45\x00\x03\x03", 0x1ebc
+"\x00\x00\x65\x00\x03\x03", 0x1ebd
+"\x00\x00\xca\x00\x03\x01", 0x1ebe
+"\x00\x00\xea\x00\x03\x01", 0x1ebf
+"\x00\x00\xca\x00\x03\x00", 0x1ec0
+"\x00\x00\xea\x00\x03\x00", 0x1ec1
+"\x00\x00\xca\x00\x03\x09", 0x1ec2
+"\x00\x00\xea\x00\x03\x09", 0x1ec3
+"\x00\x00\xca\x00\x03\x03", 0x1ec4
+"\x00\x00\xea\x00\x03\x03", 0x1ec5
+"\x00\x1e\xb8\x00\x03\x02", 0x1ec6
+"\x00\x1e\xb9\x00\x03\x02", 0x1ec7
+"\x00\x00\x49\x00\x03\x09", 0x1ec8
+"\x00\x00\x69\x00\x03\x09", 0x1ec9
+"\x00\x00\x49\x00\x03\x23", 0x1eca
+"\x00\x00\x69\x00\x03\x23", 0x1ecb
+"\x00\x00\x4f\x00\x03\x23", 0x1ecc
+"\x00\x00\x6f\x00\x03\x23", 0x1ecd
+"\x00\x00\x4f\x00\x03\x09", 0x1ece
+"\x00\x00\x6f\x00\x03\x09", 0x1ecf
+"\x00\x00\xd4\x00\x03\x01", 0x1ed0
+"\x00\x00\xf4\x00\x03\x01", 0x1ed1
+"\x00\x00\xd4\x00\x03\x00", 0x1ed2
+"\x00\x00\xf4\x00\x03\x00", 0x1ed3
+"\x00\x00\xd4\x00\x03\x09", 0x1ed4
+"\x00\x00\xf4\x00\x03\x09", 0x1ed5
+"\x00\x00\xd4\x00\x03\x03", 0x1ed6
+"\x00\x00\xf4\x00\x03\x03", 0x1ed7
+"\x00\x1e\xcc\x00\x03\x02", 0x1ed8
+"\x00\x1e\xcd\x00\x03\x02", 0x1ed9
+"\x00\x01\xa0\x00\x03\x01", 0x1eda
+"\x00\x01\xa1\x00\x03\x01", 0x1edb
+"\x00\x01\xa0\x00\x03\x00", 0x1edc
+"\x00\x01\xa1\x00\x03\x00", 0x1edd
+"\x00\x01\xa0\x00\x03\x09", 0x1ede
+"\x00\x01\xa1\x00\x03\x09", 0x1edf
+"\x00\x01\xa0\x00\x03\x03", 0x1ee0
+"\x00\x01\xa1\x00\x03\x03", 0x1ee1
+"\x00\x01\xa0\x00\x03\x23", 0x1ee2
+"\x00\x01\xa1\x00\x03\x23", 0x1ee3
+"\x00\x00\x55\x00\x03\x23", 0x1ee4
+"\x00\x00\x75\x00\x03\x23", 0x1ee5
+"\x00\x00\x55\x00\x03\x09", 0x1ee6
+"\x00\x00\x75\x00\x03\x09", 0x1ee7
+"\x00\x01\xaf\x00\x03\x01", 0x1ee8
+"\x00\x01\xb0\x00\x03\x01", 0x1ee9
+"\x00\x01\xaf\x00\x03\x00", 0x1eea
+"\x00\x01\xb0\x00\x03\x00", 0x1eeb
+"\x00\x01\xaf\x00\x03\x09", 0x1eec
+"\x00\x01\xb0\x00\x03\x09", 0x1eed
+"\x00\x01\xaf\x00\x03\x03", 0x1eee
+"\x00\x01\xb0\x00\x03\x03", 0x1eef
+"\x00\x01\xaf\x00\x03\x23", 0x1ef0
+"\x00\x01\xb0\x00\x03\x23", 0x1ef1
+"\x00\x00\x59\x00\x03\x00", 0x1ef2
+"\x00\x00\x79\x00\x03\x00", 0x1ef3
+"\x00\x00\x59\x00\x03\x23", 0x1ef4
+"\x00\x00\x79\x00\x03\x23", 0x1ef5
+"\x00\x00\x59\x00\x03\x09", 0x1ef6
+"\x00\x00\x79\x00\x03\x09", 0x1ef7
+"\x00\x00\x59\x00\x03\x03", 0x1ef8
+"\x00\x00\x79\x00\x03\x03", 0x1ef9
+"\x00\x03\xb1\x00\x03\x13", 0x1f00
+"\x00\x03\xb1\x00\x03\x14", 0x1f01
+"\x00\x1f\x00\x00\x03\x00", 0x1f02
+"\x00\x1f\x01\x00\x03\x00", 0x1f03
+"\x00\x1f\x00\x00\x03\x01", 0x1f04
+"\x00\x1f\x01\x00\x03\x01", 0x1f05
+"\x00\x1f\x00\x00\x03\x42", 0x1f06
+"\x00\x1f\x01\x00\x03\x42", 0x1f07
+"\x00\x03\x91\x00\x03\x13", 0x1f08
+"\x00\x03\x91\x00\x03\x14", 0x1f09
+"\x00\x1f\x08\x00\x03\x00", 0x1f0a
+"\x00\x1f\x09\x00\x03\x00", 0x1f0b
+"\x00\x1f\x08\x00\x03\x01", 0x1f0c
+"\x00\x1f\x09\x00\x03\x01", 0x1f0d
+"\x00\x1f\x08\x00\x03\x42", 0x1f0e
+"\x00\x1f\x09\x00\x03\x42", 0x1f0f
+"\x00\x03\xb5\x00\x03\x13", 0x1f10
+"\x00\x03\xb5\x00\x03\x14", 0x1f11
+"\x00\x1f\x10\x00\x03\x00", 0x1f12
+"\x00\x1f\x11\x00\x03\x00", 0x1f13
+"\x00\x1f\x10\x00\x03\x01", 0x1f14
+"\x00\x1f\x11\x00\x03\x01", 0x1f15
+"\x00\x03\x95\x00\x03\x13", 0x1f18
+"\x00\x03\x95\x00\x03\x14", 0x1f19
+"\x00\x1f\x18\x00\x03\x00", 0x1f1a
+"\x00\x1f\x19\x00\x03\x00", 0x1f1b
+"\x00\x1f\x18\x00\x03\x01", 0x1f1c
+"\x00\x1f\x19\x00\x03\x01", 0x1f1d
+"\x00\x03\xb7\x00\x03\x13", 0x1f20
+"\x00\x03\xb7\x00\x03\x14", 0x1f21
+"\x00\x1f\x20\x00\x03\x00", 0x1f22
+"\x00\x1f\x21\x00\x03\x00", 0x1f23
+"\x00\x1f\x20\x00\x03\x01", 0x1f24
+"\x00\x1f\x21\x00\x03\x01", 0x1f25
+"\x00\x1f\x20\x00\x03\x42", 0x1f26
+"\x00\x1f\x21\x00\x03\x42", 0x1f27
+"\x00\x03\x97\x00\x03\x13", 0x1f28
+"\x00\x03\x97\x00\x03\x14", 0x1f29
+"\x00\x1f\x28\x00\x03\x00", 0x1f2a
+"\x00\x1f\x29\x00\x03\x00", 0x1f2b
+"\x00\x1f\x28\x00\x03\x01", 0x1f2c
+"\x00\x1f\x29\x00\x03\x01", 0x1f2d
+"\x00\x1f\x28\x00\x03\x42", 0x1f2e
+"\x00\x1f\x29\x00\x03\x42", 0x1f2f
+"\x00\x03\xb9\x00\x03\x13", 0x1f30
+"\x00\x03\xb9\x00\x03\x14", 0x1f31
+"\x00\x1f\x30\x00\x03\x00", 0x1f32
+"\x00\x1f\x31\x00\x03\x00", 0x1f33
+"\x00\x1f\x30\x00\x03\x01", 0x1f34
+"\x00\x1f\x31\x00\x03\x01", 0x1f35
+"\x00\x1f\x30\x00\x03\x42", 0x1f36
+"\x00\x1f\x31\x00\x03\x42", 0x1f37
+"\x00\x03\x99\x00\x03\x13", 0x1f38
+"\x00\x03\x99\x00\x03\x14", 0x1f39
+"\x00\x1f\x38\x00\x03\x00", 0x1f3a
+"\x00\x1f\x39\x00\x03\x00", 0x1f3b
+"\x00\x1f\x38\x00\x03\x01", 0x1f3c
+"\x00\x1f\x39\x00\x03\x01", 0x1f3d
+"\x00\x1f\x38\x00\x03\x42", 0x1f3e
+"\x00\x1f\x39\x00\x03\x42", 0x1f3f
+"\x00\x03\xbf\x00\x03\x13", 0x1f40
+"\x00\x03\xbf\x00\x03\x14", 0x1f41
+"\x00\x1f\x40\x00\x03\x00", 0x1f42
+"\x00\x1f\x41\x00\x03\x00", 0x1f43
+"\x00\x1f\x40\x00\x03\x01", 0x1f44
+"\x00\x1f\x41\x00\x03\x01", 0x1f45
+"\x00\x03\x9f\x00\x03\x13", 0x1f48
+"\x00\x03\x9f\x00\x03\x14", 0x1f49
+"\x00\x1f\x48\x00\x03\x00", 0x1f4a
+"\x00\x1f\x49\x00\x03\x00", 0x1f4b
+"\x00\x1f\x48\x00\x03\x01", 0x1f4c
+"\x00\x1f\x49\x00\x03\x01", 0x1f4d
+"\x00\x03\xc5\x00\x03\x13", 0x1f50
+"\x00\x03\xc5\x00\x03\x14", 0x1f51
+"\x00\x1f\x50\x00\x03\x00", 0x1f52
+"\x00\x1f\x51\x00\x03\x00", 0x1f53
+"\x00\x1f\x50\x00\x03\x01", 0x1f54
+"\x00\x1f\x51\x00\x03\x01", 0x1f55
+"\x00\x1f\x50\x00\x03\x42", 0x1f56
+"\x00\x1f\x51\x00\x03\x42", 0x1f57
+"\x00\x03\xa5\x00\x03\x14", 0x1f59
+"\x00\x1f\x59\x00\x03\x00", 0x1f5b
+"\x00\x1f\x59\x00\x03\x01", 0x1f5d
+"\x00\x1f\x59\x00\x03\x42", 0x1f5f
+"\x00\x03\xc9\x00\x03\x13", 0x1f60
+"\x00\x03\xc9\x00\x03\x14", 0x1f61
+"\x00\x1f\x60\x00\x03\x00", 0x1f62
+"\x00\x1f\x61\x00\x03\x00", 0x1f63
+"\x00\x1f\x60\x00\x03\x01", 0x1f64
+"\x00\x1f\x61\x00\x03\x01", 0x1f65
+"\x00\x1f\x60\x00\x03\x42", 0x1f66
+"\x00\x1f\x61\x00\x03\x42", 0x1f67
+"\x00\x03\xa9\x00\x03\x13", 0x1f68
+"\x00\x03\xa9\x00\x03\x14", 0x1f69
+"\x00\x1f\x68\x00\x03\x00", 0x1f6a
+"\x00\x1f\x69\x00\x03\x00", 0x1f6b
+"\x00\x1f\x68\x00\x03\x01", 0x1f6c
+"\x00\x1f\x69\x00\x03\x01", 0x1f6d
+"\x00\x1f\x68\x00\x03\x42", 0x1f6e
+"\x00\x1f\x69\x00\x03\x42", 0x1f6f
+"\x00\x03\xb1\x00\x03\x00", 0x1f70
+"\x00\x03\xb5\x00\x03\x00", 0x1f72
+"\x00\x03\xb7\x00\x03\x00", 0x1f74
+"\x00\x03\xb9\x00\x03\x00", 0x1f76
+"\x00\x03\xbf\x00\x03\x00", 0x1f78
+"\x00\x03\xc5\x00\x03\x00", 0x1f7a
+"\x00\x03\xc9\x00\x03\x00", 0x1f7c
+"\x00\x1f\x00\x00\x03\x45", 0x1f80
+"\x00\x1f\x01\x00\x03\x45", 0x1f81
+"\x00\x1f\x02\x00\x03\x45", 0x1f82
+"\x00\x1f\x03\x00\x03\x45", 0x1f83
+"\x00\x1f\x04\x00\x03\x45", 0x1f84
+"\x00\x1f\x05\x00\x03\x45", 0x1f85
+"\x00\x1f\x06\x00\x03\x45", 0x1f86
+"\x00\x1f\x07\x00\x03\x45", 0x1f87
+"\x00\x1f\x08\x00\x03\x45", 0x1f88
+"\x00\x1f\x09\x00\x03\x45", 0x1f89
+"\x00\x1f\x0a\x00\x03\x45", 0x1f8a
+"\x00\x1f\x0b\x00\x03\x45", 0x1f8b
+"\x00\x1f\x0c\x00\x03\x45", 0x1f8c
+"\x00\x1f\x0d\x00\x03\x45", 0x1f8d
+"\x00\x1f\x0e\x00\x03\x45", 0x1f8e
+"\x00\x1f\x0f\x00\x03\x45", 0x1f8f
+"\x00\x1f\x20\x00\x03\x45", 0x1f90
+"\x00\x1f\x21\x00\x03\x45", 0x1f91
+"\x00\x1f\x22\x00\x03\x45", 0x1f92
+"\x00\x1f\x23\x00\x03\x45", 0x1f93
+"\x00\x1f\x24\x00\x03\x45", 0x1f94
+"\x00\x1f\x25\x00\x03\x45", 0x1f95
+"\x00\x1f\x26\x00\x03\x45", 0x1f96
+"\x00\x1f\x27\x00\x03\x45", 0x1f97
+"\x00\x1f\x28\x00\x03\x45", 0x1f98
+"\x00\x1f\x29\x00\x03\x45", 0x1f99
+"\x00\x1f\x2a\x00\x03\x45", 0x1f9a
+"\x00\x1f\x2b\x00\x03\x45", 0x1f9b
+"\x00\x1f\x2c\x00\x03\x45", 0x1f9c
+"\x00\x1f\x2d\x00\x03\x45", 0x1f9d
+"\x00\x1f\x2e\x00\x03\x45", 0x1f9e
+"\x00\x1f\x2f\x00\x03\x45", 0x1f9f
+"\x00\x1f\x60\x00\x03\x45", 0x1fa0
+"\x00\x1f\x61\x00\x03\x45", 0x1fa1
+"\x00\x1f\x62\x00\x03\x45", 0x1fa2
+"\x00\x1f\x63\x00\x03\x45", 0x1fa3
+"\x00\x1f\x64\x00\x03\x45", 0x1fa4
+"\x00\x1f\x65\x00\x03\x45", 0x1fa5
+"\x00\x1f\x66\x00\x03\x45", 0x1fa6
+"\x00\x1f\x67\x00\x03\x45", 0x1fa7
+"\x00\x1f\x68\x00\x03\x45", 0x1fa8
+"\x00\x1f\x69\x00\x03\x45", 0x1fa9
+"\x00\x1f\x6a\x00\x03\x45", 0x1faa
+"\x00\x1f\x6b\x00\x03\x45", 0x1fab
+"\x00\x1f\x6c\x00\x03\x45", 0x1fac
+"\x00\x1f\x6d\x00\x03\x45", 0x1fad
+"\x00\x1f\x6e\x00\x03\x45", 0x1fae
+"\x00\x1f\x6f\x00\x03\x45", 0x1faf
+"\x00\x03\xb1\x00\x03\x06", 0x1fb0
+"\x00\x03\xb1\x00\x03\x04", 0x1fb1
+"\x00\x1f\x70\x00\x03\x45", 0x1fb2
+"\x00\x03\xb1\x00\x03\x45", 0x1fb3
+"\x00\x03\xac\x00\x03\x45", 0x1fb4
+"\x00\x03\xb1\x00\x03\x42", 0x1fb6
+"\x00\x1f\xb6\x00\x03\x45", 0x1fb7
+"\x00\x03\x91\x00\x03\x06", 0x1fb8
+"\x00\x03\x91\x00\x03\x04", 0x1fb9
+"\x00\x03\x91\x00\x03\x00", 0x1fba
+"\x00\x03\x91\x00\x03\x45", 0x1fbc
+"\x00\x00\xa8\x00\x03\x42", 0x1fc1
+"\x00\x1f\x74\x00\x03\x45", 0x1fc2
+"\x00\x03\xb7\x00\x03\x45", 0x1fc3
+"\x00\x03\xae\x00\x03\x45", 0x1fc4
+"\x00\x03\xb7\x00\x03\x42", 0x1fc6
+"\x00\x1f\xc6\x00\x03\x45", 0x1fc7
+"\x00\x03\x95\x00\x03\x00", 0x1fc8
+"\x00\x03\x97\x00\x03\x00", 0x1fca
+"\x00\x03\x97\x00\x03\x45", 0x1fcc
+"\x00\x1f\xbf\x00\x03\x00", 0x1fcd
+"\x00\x1f\xbf\x00\x03\x01", 0x1fce
+"\x00\x1f\xbf\x00\x03\x42", 0x1fcf
+"\x00\x03\xb9\x00\x03\x06", 0x1fd0
+"\x00\x03\xb9\x00\x03\x04", 0x1fd1
+"\x00\x03\xca\x00\x03\x00", 0x1fd2
+"\x00\x03\xb9\x00\x03\x42", 0x1fd6
+"\x00\x03\xca\x00\x03\x42", 0x1fd7
+"\x00\x03\x99\x00\x03\x06", 0x1fd8
+"\x00\x03\x99\x00\x03\x04", 0x1fd9
+"\x00\x03\x99\x00\x03\x00", 0x1fda
+"\x00\x1f\xfe\x00\x03\x00", 0x1fdd
+"\x00\x1f\xfe\x00\x03\x01", 0x1fde
+"\x00\x1f\xfe\x00\x03\x42", 0x1fdf
+"\x00\x03\xc5\x00\x03\x06", 0x1fe0
+"\x00\x03\xc5\x00\x03\x04", 0x1fe1
+"\x00\x03\xcb\x00\x03\x00", 0x1fe2
+"\x00\x03\xc1\x00\x03\x13", 0x1fe4
+"\x00\x03\xc1\x00\x03\x14", 0x1fe5
+"\x00\x03\xc5\x00\x03\x42", 0x1fe6
+"\x00\x03\xcb\x00\x03\x42", 0x1fe7
+"\x00\x03\xa5\x00\x03\x06", 0x1fe8
+"\x00\x03\xa5\x00\x03\x04", 0x1fe9
+"\x00\x03\xa5\x00\x03\x00", 0x1fea
+"\x00\x03\xa1\x00\x03\x14", 0x1fec
+"\x00\x00\xa8\x00\x03\x00", 0x1fed
+"\x00\x1f\x7c\x00\x03\x45", 0x1ff2
+"\x00\x03\xc9\x00\x03\x45", 0x1ff3
+"\x00\x03\xce\x00\x03\x45", 0x1ff4
+"\x00\x03\xc9\x00\x03\x42", 0x1ff6
+"\x00\x1f\xf6\x00\x03\x45", 0x1ff7
+"\x00\x03\x9f\x00\x03\x00", 0x1ff8
+"\x00\x03\xa9\x00\x03\x00", 0x1ffa
+"\x00\x03\xa9\x00\x03\x45", 0x1ffc
+"\x00\x21\x90\x00\x03\x38", 0x219a
+"\x00\x21\x92\x00\x03\x38", 0x219b
+"\x00\x21\x94\x00\x03\x38", 0x21ae
+"\x00\x21\xd0\x00\x03\x38", 0x21cd
+"\x00\x21\xd4\x00\x03\x38", 0x21ce
+"\x00\x21\xd2\x00\x03\x38", 0x21cf
+"\x00\x22\x03\x00\x03\x38", 0x2204
+"\x00\x22\x08\x00\x03\x38", 0x2209
+"\x00\x22\x0b\x00\x03\x38", 0x220c
+"\x00\x22\x23\x00\x03\x38", 0x2224
+"\x00\x22\x25\x00\x03\x38", 0x2226
+"\x00\x22\x3c\x00\x03\x38", 0x2241
+"\x00\x22\x43\x00\x03\x38", 0x2244
+"\x00\x22\x45\x00\x03\x38", 0x2247
+"\x00\x22\x48\x00\x03\x38", 0x2249
+"\x00\x00\x3d\x00\x03\x38", 0x2260
+"\x00\x22\x61\x00\x03\x38", 0x2262
+"\x00\x22\x4d\x00\x03\x38", 0x226d
+"\x00\x00\x3c\x00\x03\x38", 0x226e
+"\x00\x00\x3e\x00\x03\x38", 0x226f
+"\x00\x22\x64\x00\x03\x38", 0x2270
+"\x00\x22\x65\x00\x03\x38", 0x2271
+"\x00\x22\x72\x00\x03\x38", 0x2274
+"\x00\x22\x73\x00\x03\x38", 0x2275
+"\x00\x22\x76\x00\x03\x38", 0x2278
+"\x00\x22\x77\x00\x03\x38", 0x2279
+"\x00\x22\x7a\x00\x03\x38", 0x2280
+"\x00\x22\x7b\x00\x03\x38", 0x2281
+"\x00\x22\x82\x00\x03\x38", 0x2284
+"\x00\x22\x83\x00\x03\x38", 0x2285
+"\x00\x22\x86\x00\x03\x38", 0x2288
+"\x00\x22\x87\x00\x03\x38", 0x2289
+"\x00\x22\xa2\x00\x03\x38", 0x22ac
+"\x00\x22\xa8\x00\x03\x38", 0x22ad
+"\x00\x22\xa9\x00\x03\x38", 0x22ae
+"\x00\x22\xab\x00\x03\x38", 0x22af
+"\x00\x22\x7c\x00\x03\x38", 0x22e0
+"\x00\x22\x7d\x00\x03\x38", 0x22e1
+"\x00\x22\x91\x00\x03\x38", 0x22e2
+"\x00\x22\x92\x00\x03\x38", 0x22e3
+"\x00\x22\xb2\x00\x03\x38", 0x22ea
+"\x00\x22\xb3\x00\x03\x38", 0x22eb
+"\x00\x22\xb4\x00\x03\x38", 0x22ec
+"\x00\x22\xb5\x00\x03\x38", 0x22ed
+"\x00\x30\x4b\x00\x30\x99", 0x304c
+"\x00\x30\x4d\x00\x30\x99", 0x304e
+"\x00\x30\x4f\x00\x30\x99", 0x3050
+"\x00\x30\x51\x00\x30\x99", 0x3052
+"\x00\x30\x53\x00\x30\x99", 0x3054
+"\x00\x30\x55\x00\x30\x99", 0x3056
+"\x00\x30\x57\x00\x30\x99", 0x3058
+"\x00\x30\x59\x00\x30\x99", 0x305a
+"\x00\x30\x5b\x00\x30\x99", 0x305c
+"\x00\x30\x5d\x00\x30\x99", 0x305e
+"\x00\x30\x5f\x00\x30\x99", 0x3060
+"\x00\x30\x61\x00\x30\x99", 0x3062
+"\x00\x30\x64\x00\x30\x99", 0x3065
+"\x00\x30\x66\x00\x30\x99", 0x3067
+"\x00\x30\x68\x00\x30\x99", 0x3069
+"\x00\x30\x6f\x00\x30\x99", 0x3070
+"\x00\x30\x6f\x00\x30\x9a", 0x3071
+"\x00\x30\x72\x00\x30\x99", 0x3073
+"\x00\x30\x72\x00\x30\x9a", 0x3074
+"\x00\x30\x75\x00\x30\x99", 0x3076
+"\x00\x30\x75\x00\x30\x9a", 0x3077
+"\x00\x30\x78\x00\x30\x99", 0x3079
+"\x00\x30\x78\x00\x30\x9a", 0x307a
+"\x00\x30\x7b\x00\x30\x99", 0x307c
+"\x00\x30\x7b\x00\x30\x9a", 0x307d
+"\x00\x30\x46\x00\x30\x99", 0x3094
+"\x00\x30\x9d\x00\x30\x99", 0x309e
+"\x00\x30\xab\x00\x30\x99", 0x30ac
+"\x00\x30\xad\x00\x30\x99", 0x30ae
+"\x00\x30\xaf\x00\x30\x99", 0x30b0
+"\x00\x30\xb1\x00\x30\x99", 0x30b2
+"\x00\x30\xb3\x00\x30\x99", 0x30b4
+"\x00\x30\xb5\x00\x30\x99", 0x30b6
+"\x00\x30\xb7\x00\x30\x99", 0x30b8
+"\x00\x30\xb9\x00\x30\x99", 0x30ba
+"\x00\x30\xbb\x00\x30\x99", 0x30bc
+"\x00\x30\xbd\x00\x30\x99", 0x30be
+"\x00\x30\xbf\x00\x30\x99", 0x30c0
+"\x00\x30\xc1\x00\x30\x99", 0x30c2
+"\x00\x30\xc4\x00\x30\x99", 0x30c5
+"\x00\x30\xc6\x00\x30\x99", 0x30c7
+"\x00\x30\xc8\x00\x30\x99", 0x30c9
+"\x00\x30\xcf\x00\x30\x99", 0x30d0
+"\x00\x30\xcf\x00\x30\x9a", 0x30d1
+"\x00\x30\xd2\x00\x30\x99", 0x30d3
+"\x00\x30\xd2\x00\x30\x9a", 0x30d4
+"\x00\x30\xd5\x00\x30\x99", 0x30d6
+"\x00\x30\xd5\x00\x30\x9a", 0x30d7
+"\x00\x30\xd8\x00\x30\x99", 0x30d9
+"\x00\x30\xd8\x00\x30\x9a", 0x30da
+"\x00\x30\xdb\x00\x30\x99", 0x30dc
+"\x00\x30\xdb\x00\x30\x9a", 0x30dd
+"\x00\x30\xa6\x00\x30\x99", 0x30f4
+"\x00\x30\xef\x00\x30\x99", 0x30f7
+"\x00\x30\xf0\x00\x30\x99", 0x30f8
+"\x00\x30\xf1\x00\x30\x99", 0x30f9
+"\x00\x30\xf2\x00\x30\x99", 0x30fa
+"\x00\x30\xfd\x00\x30\x99", 0x30fe
+"\x01\x10\x99\x01\x10\xba", 0x1109a
+"\x01\x10\x9b\x01\x10\xba", 0x1109c
+"\x01\x10\xa5\x01\x10\xba", 0x110ab
+"\x01\x11\x31\x01\x11\x27", 0x1112e
+"\x01\x11\x32\x01\x11\x27", 0x1112f
+"\x01\x13\x47\x01\x13\x3e", 0x1134b
+"\x01\x13\x47\x01\x13\x57", 0x1134c
+"\x01\x14\xb9\x01\x14\xba", 0x114bb
+"\x01\x14\xb9\x01\x14\xb0", 0x114bc
+"\x01\x14\xb9\x01\x14\xbd", 0x114be
+"\x01\x15\xb8\x01\x15\xaf", 0x115ba
+"\x01\x15\xb9\x01\x15\xaf", 0x115bb
diff --git a/lib/unistring/uninorm/composition-table.h b/lib/unistring/uninorm/composition-table.h
new file mode 100644
index 0000000..8107a4a
--- /dev/null
+++ b/lib/unistring/uninorm/composition-table.h
@@ -0,0 +1,2197 @@
+/* ANSI-C code produced by gperf version 3.1 */
+/* Command-line: gperf -m 1 ./uninorm/composition-table.gperf  */
+/* Computed positions: -k'2-3,6' */
+
+
+#define TOTAL_KEYWORDS 940
+#define MIN_WORD_LENGTH 6
+#define MAX_WORD_LENGTH 6
+#define MIN_HASH_VALUE 1
+#define MAX_HASH_VALUE 1565
+/* maximum key range = 1565, duplicates = 0 */
+
+#ifdef __GNUC__
+__inline
+#else
+#ifdef __cplusplus
+inline
+#endif
+#endif
+/*ARGSUSED*/
+static unsigned int
+gl_uninorm_compose_hash (register const char *str, register size_t len)
+{
+  static const unsigned short asso_values[] =
+    {
+         7,    1,    0,    3,   58,  132,  531,   62,    4,   33,
+       117,  268,  476,  135,  509,  481,  103,  265,  249,  495,
+        61,  124,  336,  409,  703,  241,  435,  462,  738, 1566,
+        48,   13,  901,  766,  322,  635,  192,  621,  846,   13,
+       337,   65,  161,  130,  103,   28,  255,  640,  133,  342,
+       172,   52, 1566,  818,  201,   34,  695,   50,   31, 1566,
+        16,   35,  438,  139,   63,   89,  272,    2,  588,  167,
+        12,  375,  289,   61,   44,  548,  431,  452,  395,  180,
+       794,  853,  362,  561,  456,  202,  677,  360,  195,  300,
+       572,  715, 1566,  291, 1566,  276,  814,   26,  634,  579,
+       270,   98,  423,  415,  323,   42,  862,  657,  559,  324,
+       262,  124,  863, 1566,  251,  538,  236,  133,   47,  406,
+       691,  219,  590,    5,   56,   83, 1566,    1, 1566, 1566,
+        65,   39, 1566, 1566,   37,   35, 1566, 1566, 1566, 1566,
+      1566, 1566, 1566, 1566,    4,  527,   18, 1566,    0,  849,
+      1566,  781, 1566,  572,   59,   73, 1566,  204, 1566,  417,
+       618,  511,   20, 1566, 1566,  708,  167, 1566,  855,  685,
+      1566,  333,   73,  136,   71,  625,  611,  523,   12,  311,
+        11,  649,   10,  505,   62,  482, 1566,  113, 1566,  126,
+         7,  476, 1566,  614,  853,    1,   41,  560,  553,  261,
+       104,  719,  668,  854,   19,   10,    9,  728,   31, 1566,
+       442, 1566,  749,  313,   12,    0,  659,    3, 1566,  329,
+        37, 1566, 1566, 1566,   44, 1566,  847, 1566,   33,    4,
+        23,    1,   33,   24,  757,    4, 1566, 1566, 1566,    3,
+        93,   73,   72, 1566,  824,   20,   17, 1566,    0, 1566,
+      1566, 1566,   77,   46,  460, 1566, 1566
+    };
+  return asso_values[(unsigned char)str[5]+1] + asso_values[(unsigned char)str[2]] + asso_values[(unsigned char)str[1]];
+}
+
+static const struct composition_rule *
+gl_uninorm_compose_lookup (register const char *str, register size_t len)
+{
+  static const unsigned char lengthtable[] =
+    {
+       0,  6,  6,  0,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  0,  6,  6,
+       6,  6,  6,  6,  6,  0,  6,  6,  6,  6,  6,  6,  6,  6,
+       0,  6,  6,  6,  6,  6,  6,  6,  6,  0,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  0,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  0,
+       6,  6,  6,  0,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  0,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  0,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  0,  6,  6,  0,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  0,  6,  6,  0,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  0,  6,  6,  6,  6,  6,  6,  0,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       0,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  0,  6,  6,
+       0,  6,  0,  6,  0,  6,  6,  6,  6,  0,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,  6,
+       6,  6,  6,  6,  6,  6,  6,  0,  6,  6,  6,  6,  0,  6,
+       6,  6,  0,  6,  0,  6,  6,  6,  6,  0,  6,  6,  0,  6,
+       6,  6,  0,  6,  0,  0,  0,  6,  0,  6,  0,  6,  6,  6,
+       6,  0,  6,  6,  6,  6,  6,  0,  6,  0,  6,  0,  0,  6,
+       6,  6,  6,  0,  6,  0,  0,  6,  6,  0,  6,  6,  6,  0,
+       6,  0,  0,  0,  6,  0,  6,  6,  0,  6,  6,  0,  0,  0,
+       0,  6,  0,  0,  0,  0,  0,  0,  0,  0,  6,  0,  6,  0,
+       0,  0,  0,  0,  6,  6,  0,  0,  0,  0,  6,  6,  6,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  6,  6,
+       0,  0,  0,  0,  0,  0,  6,  6,  0,  6,  6,  6,  0,  6,
+       0,  6,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  6,
+       6,  0,  0,  0,  6,  0,  0,  6,  6,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  6,  0,  0,  0,  6,  6,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  6,  0,  0,  0,  0,  0,  0,
+       0,  6,  6,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  6,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  6,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  6,  0,  0,  0,  0,  0,  6,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  6,
+       0,  0,  0,  6,  0,  0,  0,  0,  0,  6,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  6,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  6,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  6,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  6,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  6,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
+       0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  6
+    };
+  static const struct composition_rule wordlist[] =
+    {
+      {""},
+#line 581 "./uninorm/composition-table.gperf"
+      {"\000\001\002\000\003\001", 0x1eae},
+#line 583 "./uninorm/composition-table.gperf"
+      {"\000\001\002\000\003\000", 0x1eb0},
+      {""},
+#line 582 "./uninorm/composition-table.gperf"
+      {"\000\001\003\000\003\001", 0x1eaf},
+#line 584 "./uninorm/composition-table.gperf"
+      {"\000\001\003\000\003\000", 0x1eb1},
+#line 566 "./uninorm/composition-table.gperf"
+      {"\000\001\177\000\003\007", 0x1e9b},
+#line 247 "./uninorm/composition-table.gperf"
+      {"\000\000\370\000\003\001", 0x01ff},
+#line 421 "./uninorm/composition-table.gperf"
+      {"\000\000\347\000\003\001", 0x1e09},
+#line 99 "./uninorm/composition-table.gperf"
+      {"\000\000C\000\003\001", 0x0106},
+#line 459 "./uninorm/composition-table.gperf"
+      {"\000\000\357\000\003\001", 0x1e2f},
+#line 243 "./uninorm/composition-table.gperf"
+      {"\000\000\345\000\003\001", 0x01fb},
+#line 101 "./uninorm/composition-table.gperf"
+      {"\000\000C\000\003\002", 0x0108},
+#line 103 "./uninorm/composition-table.gperf"
+      {"\000\000C\000\003\007", 0x010a},
+#line 662 "./uninorm/composition-table.gperf"
+      {"\000\037\001\000\003\001", 0x1f05},
+#line 660 "./uninorm/composition-table.gperf"
+      {"\000\037\001\000\003\000", 0x1f03},
+#line 664 "./uninorm/composition-table.gperf"
+      {"\000\037\001\000\003B", 0x1f07},
+#line 669 "./uninorm/composition-table.gperf"
+      {"\000\037\010\000\003\001", 0x1f0c},
+#line 667 "./uninorm/composition-table.gperf"
+      {"\000\037\010\000\003\000", 0x1f0a},
+#line 671 "./uninorm/composition-table.gperf"
+      {"\000\037\010\000\003B", 0x1f0e},
+#line 661 "./uninorm/composition-table.gperf"
+      {"\000\037\000\000\003\001", 0x1f04},
+#line 659 "./uninorm/composition-table.gperf"
+      {"\000\037\000\000\003\000", 0x1f02},
+#line 663 "./uninorm/composition-table.gperf"
+      {"\000\037\000\000\003B", 0x1f06},
+#line 442 "./uninorm/composition-table.gperf"
+      {"\000\000F\000\003\007", 0x1e1e},
+#line 860 "./uninorm/composition-table.gperf"
+      {"\000\003\316\000\003E", 0x1ff4},
+#line 766 "./uninorm/composition-table.gperf"
+      {"\000\037\002\000\003E", 0x1f82},
+#line 765 "./uninorm/composition-table.gperf"
+      {"\000\037\001\000\003E", 0x1f81},
+#line 489 "./uninorm/composition-table.gperf"
+      {"\000\000\365\000\003\001", 0x1e4d},
+#line 767 "./uninorm/composition-table.gperf"
+      {"\000\037\003\000\003E", 0x1f83},
+#line 772 "./uninorm/composition-table.gperf"
+      {"\000\037\010\000\003E", 0x1f88},
+#line 245 "./uninorm/composition-table.gperf"
+      {"\000\000\346\000\003\001", 0x01fd},
+#line 515 "./uninorm/composition-table.gperf"
+      {"\000\001a\000\003\007", 0x1e67},
+#line 764 "./uninorm/composition-table.gperf"
+      {"\000\037\000\000\003E", 0x1f80},
+#line 67 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003\001", 0x00e1},
+#line 66 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003\000", 0x00e0},
+#line 818 "./uninorm/composition-table.gperf"
+      {"\000\037\266\000\003E", 0x1fb7},
+#line 68 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003\002", 0x00e2},
+#line 279 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003\007", 0x0227},
+#line 787 "./uninorm/composition-table.gperf"
+      {"\000\037'\000\003E", 0x1f97},
+#line 746 "./uninorm/composition-table.gperf"
+      {"\000\037a\000\003\001", 0x1f65},
+#line 744 "./uninorm/composition-table.gperf"
+      {"\000\037a\000\003\000", 0x1f63},
+#line 748 "./uninorm/composition-table.gperf"
+      {"\000\037a\000\003B", 0x1f67},
+#line 862 "./uninorm/composition-table.gperf"
+      {"\000\037\366\000\003E", 0x1ff7},
+#line 533 "./uninorm/composition-table.gperf"
+      {"\000\001i\000\003\001", 0x1e79},
+#line 215 "./uninorm/composition-table.gperf"
+      {"\000\000\334\000\003\001", 0x01d7},
+#line 219 "./uninorm/composition-table.gperf"
+      {"\000\000\334\000\003\000", 0x01db},
+#line 670 "./uninorm/composition-table.gperf"
+      {"\000\037\011\000\003\001", 0x1f0d},
+#line 668 "./uninorm/composition-table.gperf"
+      {"\000\037\011\000\003\000", 0x1f0b},
+#line 672 "./uninorm/composition-table.gperf"
+      {"\000\037\011\000\003B", 0x1f0f},
+#line 78 "./uninorm/composition-table.gperf"
+      {"\000\000i\000\003\001", 0x00ed},
+#line 77 "./uninorm/composition-table.gperf"
+      {"\000\000i\000\003\000", 0x00ec},
+#line 797 "./uninorm/composition-table.gperf"
+      {"\000\037a\000\003E", 0x1fa1},
+#line 79 "./uninorm/composition-table.gperf"
+      {"\000\000i\000\003\002", 0x00ee},
+#line 793 "./uninorm/composition-table.gperf"
+      {"\000\037-\000\003E", 0x1f9d},
+#line 138 "./uninorm/composition-table.gperf"
+      {"\000\000J\000\003\002", 0x0134},
+#line 754 "./uninorm/composition-table.gperf"
+      {"\000\037i\000\003\001", 0x1f6d},
+#line 752 "./uninorm/composition-table.gperf"
+      {"\000\037i\000\003\000", 0x1f6b},
+#line 756 "./uninorm/composition-table.gperf"
+      {"\000\037i\000\003B", 0x1f6f},
+#line 773 "./uninorm/composition-table.gperf"
+      {"\000\037\011\000\003E", 0x1f89},
+#line 587 "./uninorm/composition-table.gperf"
+      {"\000\001\002\000\003\003", 0x1eb4},
+#line 491 "./uninorm/composition-table.gperf"
+      {"\000\000\365\000\003\010", 0x1e4f},
+#line 624 "./uninorm/composition-table.gperf"
+      {"\000\036\315\000\003\002", 0x1ed9},
+#line 588 "./uninorm/composition-table.gperf"
+      {"\000\001\003\000\003\003", 0x1eb5},
+#line 714 "./uninorm/composition-table.gperf"
+      {"\000\0379\000\003\001", 0x1f3d},
+#line 712 "./uninorm/composition-table.gperf"
+      {"\000\0379\000\003\000", 0x1f3b},
+#line 716 "./uninorm/composition-table.gperf"
+      {"\000\0379\000\003B", 0x1f3f},
+#line 70 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003\010", 0x00e4},
+#line 805 "./uninorm/composition-table.gperf"
+      {"\000\037i\000\003E", 0x1fa9},
+#line 52 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\003\001", 0x00cd},
+#line 51 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\003\000", 0x00cc},
+#line 623 "./uninorm/composition-table.gperf"
+      {"\000\036\314\000\003\002", 0x1ed8},
+#line 53 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\003\002", 0x00ce},
+#line 137 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\003\007", 0x0130},
+#line 884 "./uninorm/composition-table.gperf"
+      {"\000\000<\000\0038", 0x226e},
+#line 728 "./uninorm/composition-table.gperf"
+      {"\000\037I\000\003\001", 0x1f4d},
+#line 726 "./uninorm/composition-table.gperf"
+      {"\000\037I\000\003\000", 0x1f4b},
+#line 721 "./uninorm/composition-table.gperf"
+      {"\000\037@\000\003\001", 0x1f44},
+#line 719 "./uninorm/composition-table.gperf"
+      {"\000\037@\000\003\000", 0x1f42},
+#line 698 "./uninorm/composition-table.gperf"
+      {"\000\037)\000\003\001", 0x1f2d},
+#line 696 "./uninorm/composition-table.gperf"
+      {"\000\037)\000\003\000", 0x1f2b},
+#line 700 "./uninorm/composition-table.gperf"
+      {"\000\037)\000\003B", 0x1f2f},
+#line 858 "./uninorm/composition-table.gperf"
+      {"\000\037|\000\003E", 0x1ff2},
+#line 80 "./uninorm/composition-table.gperf"
+      {"\000\000i\000\003\010", 0x00ef},
+#line 768 "./uninorm/composition-table.gperf"
+      {"\000\037\004\000\003E", 0x1f84},
+#line 216 "./uninorm/composition-table.gperf"
+      {"\000\000\374\000\003\001", 0x01d8},
+#line 220 "./uninorm/composition-table.gperf"
+      {"\000\000\374\000\003\000", 0x01dc},
+#line 826 "./uninorm/composition-table.gperf"
+      {"\000\003\256\000\003E", 0x1fc4},
+#line 771 "./uninorm/composition-table.gperf"
+      {"\000\037\007\000\003E", 0x1f87},
+#line 816 "./uninorm/composition-table.gperf"
+      {"\000\003\254\000\003E", 0x1fb4},
+#line 328 "./uninorm/composition-table.gperf"
+      {"\000\004:\000\003\001", 0x045c},
+#line 789 "./uninorm/composition-table.gperf"
+      {"\000\037)\000\003E", 0x1f99},
+#line 69 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003\003", 0x00e3},
+#line 881 "./uninorm/composition-table.gperf"
+      {"\000\000=\000\0038", 0x2260},
+#line 360 "./uninorm/composition-table.gperf"
+      {"\000\004C\000\003\010", 0x04f1},
+#line 342 "./uninorm/composition-table.gperf"
+      {"\000\004\331\000\003\010", 0x04db},
+#line 96 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003\006", 0x0103},
+#line 41 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003\001", 0x00c1},
+#line 40 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003\000", 0x00c0},
+#line 98 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003(", 0x0105},
+#line 42 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003\002", 0x00c2},
+#line 278 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003\007", 0x0226},
+#line 54 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\003\010", 0x00cf},
+#line 722 "./uninorm/composition-table.gperf"
+      {"\000\037A\000\003\001", 0x1f45},
+#line 720 "./uninorm/composition-table.gperf"
+      {"\000\037A\000\003\000", 0x1f43},
+#line 363 "./uninorm/composition-table.gperf"
+      {"\000\004'\000\003\010", 0x04f4},
+#line 74 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003\001", 0x00e9},
+#line 73 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003\000", 0x00e8},
+#line 130 "./uninorm/composition-table.gperf"
+      {"\000\000i\000\003\003", 0x0129},
+#line 75 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003\002", 0x00ea},
+#line 114 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003\007", 0x0117},
+#line 326 "./uninorm/composition-table.gperf"
+      {"\000\0043\000\003\001", 0x0453},
+#line 134 "./uninorm/composition-table.gperf"
+      {"\000\000i\000\003\006", 0x012d},
+#line 537 "./uninorm/composition-table.gperf"
+      {"\000\000v\000\003\003", 0x1e7d},
+#line 605 "./uninorm/composition-table.gperf"
+      {"\000\036\270\000\003\002", 0x1ec6},
+#line 136 "./uninorm/composition-table.gperf"
+      {"\000\000i\000\003(", 0x012f},
+#line 354 "./uninorm/composition-table.gperf"
+      {"\000\004\351\000\003\010", 0x04eb},
+#line 677 "./uninorm/composition-table.gperf"
+      {"\000\037\020\000\003\001", 0x1f14},
+#line 675 "./uninorm/composition-table.gperf"
+      {"\000\037\020\000\003\000", 0x1f12},
+#line 585 "./uninorm/composition-table.gperf"
+      {"\000\001\002\000\003\011", 0x1eb2},
+#line 355 "./uninorm/composition-table.gperf"
+      {"\000\004-\000\003\010", 0x04ec},
+#line 377 "./uninorm/composition-table.gperf"
+      {"\000\0113\000\011<", 0x0934},
+#line 586 "./uninorm/composition-table.gperf"
+      {"\000\001\003\000\003\011", 0x1eb3},
+#line 330 "./uninorm/composition-table.gperf"
+      {"\000\004C\000\003\006", 0x045e},
+#line 801 "./uninorm/composition-table.gperf"
+      {"\000\037e\000\003E", 0x1fa5},
+#line 353 "./uninorm/composition-table.gperf"
+      {"\000\004\350\000\003\010", 0x04ea},
+#line 346 "./uninorm/composition-table.gperf"
+      {"\000\0047\000\003\010", 0x04df},
+#line 129 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\003\003", 0x0128},
+#line 441 "./uninorm/composition-table.gperf"
+      {"\000\002)\000\003\006", 0x1e1d},
+#line 792 "./uninorm/composition-table.gperf"
+      {"\000\037,\000\003E", 0x1f9c},
+#line 44 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003\010", 0x00c4},
+#line 133 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\003\006", 0x012c},
+#line 83 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003\001", 0x00f3},
+#line 82 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003\000", 0x00f2},
+#line 135 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\003(", 0x012e},
+#line 84 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003\002", 0x00f4},
+#line 287 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003\007", 0x022f},
+#line 249 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003\017", 0x0201},
+#line 234 "./uninorm/composition-table.gperf"
+      {"\000\001\353\000\003\004", 0x01ed},
+#line 76 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003\010", 0x00eb},
+#line 351 "./uninorm/composition-table.gperf"
+      {"\000\004\036\000\003\010", 0x04e6},
+#line 88 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003\001", 0x00fa},
+#line 87 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003\000", 0x00f9},
+#line 774 "./uninorm/composition-table.gperf"
+      {"\000\037\012\000\003E", 0x1f8a},
+#line 89 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003\002", 0x00fb},
+#line 105 "./uninorm/composition-table.gperf"
+      {"\000\000C\000\003\014", 0x010c},
+#line 224 "./uninorm/composition-table.gperf"
+      {"\000\002'\000\003\004", 0x01e1},
+#line 705 "./uninorm/composition-table.gperf"
+      {"\000\0370\000\003\001", 0x1f34},
+#line 703 "./uninorm/composition-table.gperf"
+      {"\000\0370\000\003\000", 0x1f32},
+#line 707 "./uninorm/composition-table.gperf"
+      {"\000\0370\000\003B", 0x1f36},
+#line 811 "./uninorm/composition-table.gperf"
+      {"\000\037o\000\003E", 0x1faf},
+#line 570 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003\011", 0x1ea3},
+#line 282 "./uninorm/composition-table.gperf"
+      {"\000\000\326\000\003\004", 0x022a},
+#line 257 "./uninorm/composition-table.gperf"
+      {"\000\000i\000\003\017", 0x0209},
+#line 236 "./uninorm/composition-table.gperf"
+      {"\000\002\222\000\003\014", 0x01ef},
+#line 43 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003\003", 0x00c3},
+#line 791 "./uninorm/composition-table.gperf"
+      {"\000\037+\000\003E", 0x1f9b},
+#line 283 "./uninorm/composition-table.gperf"
+      {"\000\000\366\000\003\004", 0x022b},
+#line 769 "./uninorm/composition-table.gperf"
+      {"\000\037\005\000\003E", 0x1f85},
+#line 95 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003\006", 0x0102},
+#line 285 "./uninorm/composition-table.gperf"
+      {"\000\000\365\000\003\004", 0x022d},
+#line 777 "./uninorm/composition-table.gperf"
+      {"\000\037\015\000\003E", 0x1f8d},
+#line 97 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003(", 0x0104},
+#line 226 "./uninorm/composition-table.gperf"
+      {"\000\000\346\000\003\004", 0x01e3},
+#line 596 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003\003", 0x1ebd},
+#line 86 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003\010", 0x00f6},
+#line 94 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003\004", 0x0101},
+#line 608 "./uninorm/composition-table.gperf"
+      {"\000\000i\000\003\011", 0x1ec9},
+#line 112 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003\006", 0x0115},
+#line 206 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003\014", 0x01ce},
+#line 397 "./uninorm/composition-table.gperf"
+      {"\000\015\331\000\015\317", 0x0ddc},
+#line 116 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003(", 0x0119},
+#line 256 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\003\017", 0x0208},
+#line 222 "./uninorm/composition-table.gperf"
+      {"\000\000\344\000\003\004", 0x01df},
+#line 90 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003\010", 0x00fc},
+#line 48 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003\001", 0x00c9},
+#line 47 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003\000", 0x00c8},
+#line 213 "./uninorm/composition-table.gperf"
+      {"\000\000\334\000\003\004", 0x01d5},
+#line 49 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003\002", 0x00ca},
+#line 113 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003\007", 0x0116},
+#line 217 "./uninorm/composition-table.gperf"
+      {"\000\000\334\000\003\014", 0x01d9},
+#line 221 "./uninorm/composition-table.gperf"
+      {"\000\000\304\000\003\004", 0x01de},
+#line 132 "./uninorm/composition-table.gperf"
+      {"\000\000i\000\003\004", 0x012b},
+#line 399 "./uninorm/composition-table.gperf"
+      {"\000\015\331\000\015\337", 0x0dde},
+#line 315 "./uninorm/composition-table.gperf"
+      {"\000\004\025\000\003\000", 0x0400},
+#line 208 "./uninorm/composition-table.gperf"
+      {"\000\000i\000\003\014", 0x01d0},
+#line 607 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\003\011", 0x1ec8},
+#line 790 "./uninorm/composition-table.gperf"
+      {"\000\037*\000\003E", 0x1f9a},
+#line 57 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003\001", 0x00d3},
+#line 56 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003\000", 0x00d2},
+#line 85 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003\003", 0x00f5},
+#line 58 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003\002", 0x00d4},
+#line 286 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003\007", 0x022e},
+#line 358 "./uninorm/composition-table.gperf"
+      {"\000\004C\000\003\004", 0x04ef},
+#line 157 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003\006", 0x014f},
+#line 337 "./uninorm/composition-table.gperf"
+      {"\000\004\020\000\003\010", 0x04d2},
+#line 963 "./uninorm/composition-table.gperf"
+      {"\0000\357\0000\231", 0x30f7},
+#line 232 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003(", 0x01eb},
+#line 933 "./uninorm/composition-table.gperf"
+      {"\0000{\0000\231", 0x307c},
+#line 179 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003\003", 0x0169},
+#line 248 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003\017", 0x0200},
+#line 131 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\003\004", 0x012a},
+#line 376 "./uninorm/composition-table.gperf"
+      {"\000\0110\000\011<", 0x0931},
+#line 183 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003\006", 0x016d},
+#line 207 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\003\014", 0x01cf},
+#line 935 "./uninorm/composition-table.gperf"
+      {"\0000F\0000\231", 0x3094},
+#line 189 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003(", 0x0173},
+#line 550 "./uninorm/composition-table.gperf"
+      {"\000\000X\000\003\007", 0x1e8a},
+#line 50 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003\010", 0x00cb},
+#line 253 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003\017", 0x0205},
+#line 62 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003\001", 0x00da},
+#line 61 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003\000", 0x00d9},
+#line 934 "./uninorm/composition-table.gperf"
+      {"\0000{\0000\232", 0x307d},
+#line 63 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003\002", 0x00db},
+#line 569 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003\011", 0x1ea2},
+#line 469 "./uninorm/composition-table.gperf"
+      {"\000\0367\000\003\004", 0x1e39},
+#line 316 "./uninorm/composition-table.gperf"
+      {"\000\004\025\000\003\010", 0x0401},
+#line 214 "./uninorm/composition-table.gperf"
+      {"\000\000\374\000\003\004", 0x01d6},
+#line 784 "./uninorm/composition-table.gperf"
+      {"\000\037$\000\003E", 0x1f94},
+#line 921 "./uninorm/composition-table.gperf"
+      {"\0000a\0000\231", 0x3062},
+#line 218 "./uninorm/composition-table.gperf"
+      {"\000\000\374\000\003\014", 0x01da},
+#line 60 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003\010", 0x00d6},
+#line 365 "./uninorm/composition-table.gperf"
+      {"\000\004+\000\003\010", 0x04f8},
+#line 594 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003\011", 0x1ebb},
+#line 335 "./uninorm/composition-table.gperf"
+      {"\000\004\020\000\003\006", 0x04d0},
+#line 338 "./uninorm/composition-table.gperf"
+      {"\000\0040\000\003\010", 0x04d3},
+#line 568 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003#", 0x1ea1},
+#line 91 "./uninorm/composition-table.gperf"
+      {"\000\000y\000\003\001", 0x00fd},
+#line 650 "./uninorm/composition-table.gperf"
+      {"\000\000y\000\003\000", 0x1ef3},
+#line 93 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003\004", 0x0100},
+#line 193 "./uninorm/composition-table.gperf"
+      {"\000\000y\000\003\002", 0x0177},
+#line 555 "./uninorm/composition-table.gperf"
+      {"\000\000y\000\003\007", 0x1e8f},
+#line 205 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003\014", 0x01cd},
+#line 595 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003\003", 0x1ebc},
+#line 949 "./uninorm/composition-table.gperf"
+      {"\0000\304\0000\231", 0x30c5},
+#line 261 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003\017", 0x020d},
+#line 552 "./uninorm/composition-table.gperf"
+      {"\000\000X\000\003\010", 0x1e8c},
+#line 111 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003\006", 0x0114},
+#line 110 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003\004", 0x0113},
+#line 967 "./uninorm/composition-table.gperf"
+      {"\0000\375\0000\231", 0x30fe},
+#line 115 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003(", 0x0118},
+#line 118 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003\014", 0x011b},
+#line 610 "./uninorm/composition-table.gperf"
+      {"\000\000i\000\003#", 0x1ecb},
+#line 64 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003\010", 0x00dc},
+#line 269 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003\017", 0x0215},
+#line 339 "./uninorm/composition-table.gperf"
+      {"\000\004\025\000\003\006", 0x04d6},
+#line 59 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003\003", 0x00d5},
+#line 539 "./uninorm/composition-table.gperf"
+      {"\000\000v\000\003#", 0x1e7f},
+#line 519 "./uninorm/composition-table.gperf"
+      {"\000\000t\000\003\007", 0x1e6b},
+#line 614 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003\011", 0x1ecf},
+#line 156 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003\006", 0x014e},
+#line 434 "./uninorm/composition-table.gperf"
+      {"\000\001\022\000\003\001", 0x1e16},
+#line 432 "./uninorm/composition-table.gperf"
+      {"\000\001\022\000\003\000", 0x1e14},
+#line 231 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003(", 0x01ea},
+#line 336 "./uninorm/composition-table.gperf"
+      {"\000\0040\000\003\006", 0x04d1},
+#line 684 "./uninorm/composition-table.gperf"
+      {"\000\037\031\000\003\001", 0x1f1d},
+#line 682 "./uninorm/composition-table.gperf"
+      {"\000\037\031\000\003\000", 0x1f1b},
+#line 275 "./uninorm/composition-table.gperf"
+      {"\000\000t\000\003&", 0x021b},
+#line 638 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003\011", 0x1ee7},
+#line 161 "./uninorm/composition-table.gperf"
+      {"\000\000r\000\003\001", 0x0155},
+#line 92 "./uninorm/composition-table.gperf"
+      {"\000\000y\000\003\010", 0x00ff},
+#line 609 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\003#", 0x1eca},
+#line 824 "./uninorm/composition-table.gperf"
+      {"\000\037t\000\003E", 0x1fc2},
+#line 501 "./uninorm/composition-table.gperf"
+      {"\000\000r\000\003\007", 0x1e59},
+#line 155 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003\004", 0x014d},
+#line 966 "./uninorm/composition-table.gperf"
+      {"\0000\362\0000\231", 0x30fa},
+#line 965 "./uninorm/composition-table.gperf"
+      {"\0000\361\0000\231", 0x30f9},
+#line 210 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003\014", 0x01d2},
+#line 178 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003\003", 0x0168},
+#line 420 "./uninorm/composition-table.gperf"
+      {"\000\000\307\000\003\001", 0x1e08},
+#line 149 "./uninorm/composition-table.gperf"
+      {"\000\000n\000\003\001", 0x0144},
+#line 241 "./uninorm/composition-table.gperf"
+      {"\000\000n\000\003\000", 0x01f9},
+#line 182 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003\006", 0x016c},
+#line 181 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003\004", 0x016b},
+#line 481 "./uninorm/composition-table.gperf"
+      {"\000\000n\000\003\007", 0x1e45},
+#line 188 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003(", 0x0172},
+#line 212 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003\014", 0x01d4},
+#line 563 "./uninorm/composition-table.gperf"
+      {"\000\000t\000\003\010", 0x1e97},
+#line 252 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003\017", 0x0204},
+#line 678 "./uninorm/composition-table.gperf"
+      {"\000\037\021\000\003\001", 0x1f15},
+#line 676 "./uninorm/composition-table.gperf"
+      {"\000\037\021\000\003\000", 0x1f13},
+#line 794 "./uninorm/composition-table.gperf"
+      {"\000\037.\000\003E", 0x1f9e},
+#line 423 "./uninorm/composition-table.gperf"
+      {"\000\000d\000\003\007", 0x1e0b},
+#line 251 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003\021", 0x0203},
+#line 414 "./uninorm/composition-table.gperf"
+      {"\000\000B\000\003\007", 0x1e02},
+#line 656 "./uninorm/composition-table.gperf"
+      {"\000\000y\000\003\003", 0x1ef9},
+#line 964 "./uninorm/composition-table.gperf"
+      {"\0000\360\0000\231", 0x30f8},
+#line 393 "./uninorm/composition-table.gperf"
+      {"\000\015F\000\015>", 0x0d4a},
+#line 810 "./uninorm/composition-table.gperf"
+      {"\000\037n\000\003E", 0x1fae},
+#line 567 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003#", 0x1ea0},
+#line 969 "./uninorm/composition-table.gperf"
+      {"\001\020\233\001\020\272", 0x1109c},
+#line 260 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003\017", 0x020c},
+#line 593 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003\011", 0x1eba},
+#line 344 "./uninorm/composition-table.gperf"
+      {"\000\0046\000\003\010", 0x04dd},
+#line 775 "./uninorm/composition-table.gperf"
+      {"\000\037\013\000\003E", 0x1f8b},
+#line 332 "./uninorm/composition-table.gperf"
+      {"\000\004u\000\003\017", 0x0477},
+#line 800 "./uninorm/composition-table.gperf"
+      {"\000\037d\000\003E", 0x1fa4},
+#line 951 "./uninorm/composition-table.gperf"
+      {"\0000\310\0000\231", 0x30c9},
+#line 592 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003#", 0x1eb9},
+#line 259 "./uninorm/composition-table.gperf"
+      {"\000\000i\000\003\021", 0x020b},
+#line 127 "./uninorm/composition-table.gperf"
+      {"\000\000H\000\003\002", 0x0124},
+#line 446 "./uninorm/composition-table.gperf"
+      {"\000\000H\000\003\007", 0x1e22},
+#line 71 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003\012", 0x00e5},
+#line 727 "./uninorm/composition-table.gperf"
+      {"\000\037H\000\003\001", 0x1f4c},
+#line 725 "./uninorm/composition-table.gperf"
+      {"\000\037H\000\003\000", 0x1f4a},
+#line 613 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003\011", 0x1ece},
+#line 945 "./uninorm/composition-table.gperf"
+      {"\0000\273\0000\231", 0x30bc},
+#line 109 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003\004", 0x0112},
+#line 65 "./uninorm/composition-table.gperf"
+      {"\000\000Y\000\003\001", 0x00dd},
+#line 649 "./uninorm/composition-table.gperf"
+      {"\000\000Y\000\003\000", 0x1ef2},
+#line 117 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003\014", 0x011a},
+#line 192 "./uninorm/composition-table.gperf"
+      {"\000\000Y\000\003\002", 0x0176},
+#line 554 "./uninorm/composition-table.gperf"
+      {"\000\000Y\000\003\007", 0x1e8e},
+#line 268 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003\017", 0x0214},
+#line 739 "./uninorm/composition-table.gperf"
+      {"\000\037Y\000\003\001", 0x1f5d},
+#line 738 "./uninorm/composition-table.gperf"
+      {"\000\037Y\000\003\000", 0x1f5b},
+#line 740 "./uninorm/composition-table.gperf"
+      {"\000\037Y\000\003B", 0x1f5f},
+#line 925 "./uninorm/composition-table.gperf"
+      {"\0000o\0000\231", 0x3070},
+#line 258 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\003\021", 0x020a},
+#line 946 "./uninorm/composition-table.gperf"
+      {"\0000\275\0000\231", 0x30be},
+#line 154 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003\004", 0x014c},
+#line 488 "./uninorm/composition-table.gperf"
+      {"\000\000\325\000\003\001", 0x1e4c},
+#line 334 "./uninorm/composition-table.gperf"
+      {"\000\0046\000\003\006", 0x04c2},
+#line 209 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003\014", 0x01d1},
+#line 612 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003#", 0x1ecd},
+#line 532 "./uninorm/composition-table.gperf"
+      {"\000\001h\000\003\001", 0x1e78},
+#line 929 "./uninorm/composition-table.gperf"
+      {"\0000u\0000\231", 0x3076},
+#line 637 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003\011", 0x1ee6},
+#line 81 "./uninorm/composition-table.gperf"
+      {"\000\000n\000\003\003", 0x00f1},
+#line 938 "./uninorm/composition-table.gperf"
+      {"\0000\255\0000\231", 0x30ae},
+#line 450 "./uninorm/composition-table.gperf"
+      {"\000\000H\000\003\010", 0x1e26},
+#line 926 "./uninorm/composition-table.gperf"
+      {"\0000o\0000\232", 0x3071},
+#line 475 "./uninorm/composition-table.gperf"
+      {"\000\000m\000\003\001", 0x1e3f},
+#line 636 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003#", 0x1ee5},
+#line 128 "./uninorm/composition-table.gperf"
+      {"\000\000h\000\003\002", 0x0125},
+#line 447 "./uninorm/composition-table.gperf"
+      {"\000\000h\000\003\007", 0x1e23},
+#line 477 "./uninorm/composition-table.gperf"
+      {"\000\000m\000\003\007", 0x1e41},
+#line 753 "./uninorm/composition-table.gperf"
+      {"\000\037h\000\003\001", 0x1f6c},
+#line 751 "./uninorm/composition-table.gperf"
+      {"\000\037h\000\003\000", 0x1f6a},
+#line 755 "./uninorm/composition-table.gperf"
+      {"\000\037h\000\003B", 0x1f6e},
+#line 930 "./uninorm/composition-table.gperf"
+      {"\0000u\0000\232", 0x3077},
+#line 194 "./uninorm/composition-table.gperf"
+      {"\000\000Y\000\003\010", 0x0178},
+#line 180 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003\004", 0x016a},
+#line 395 "./uninorm/composition-table.gperf"
+      {"\000\015F\000\015W", 0x0d4c},
+#line 654 "./uninorm/composition-table.gperf"
+      {"\000\000y\000\003\011", 0x1ef7},
+#line 211 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003\014", 0x01d3},
+#line 250 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003\021", 0x0202},
+#line 46 "./uninorm/composition-table.gperf"
+      {"\000\000C\000\003'", 0x00c7},
+#line 782 "./uninorm/composition-table.gperf"
+      {"\000\037\"\000\003E", 0x1f92},
+#line 804 "./uninorm/composition-table.gperf"
+      {"\000\037h\000\003E", 0x1fa8},
+#line 809 "./uninorm/composition-table.gperf"
+      {"\000\037m\000\003E", 0x1fad},
+#line 697 "./uninorm/composition-table.gperf"
+      {"\000\037(\000\003\001", 0x1f2c},
+#line 695 "./uninorm/composition-table.gperf"
+      {"\000\037(\000\003\000", 0x1f2a},
+#line 699 "./uninorm/composition-table.gperf"
+      {"\000\037(\000\003B", 0x1f2e},
+#line 490 "./uninorm/composition-table.gperf"
+      {"\000\000\325\000\003\010", 0x1e4e},
+#line 255 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003\021", 0x0207},
+#line 706 "./uninorm/composition-table.gperf"
+      {"\000\0371\000\003\001", 0x1f35},
+#line 704 "./uninorm/composition-table.gperf"
+      {"\000\0371\000\003\000", 0x1f33},
+#line 708 "./uninorm/composition-table.gperf"
+      {"\000\0371\000\003B", 0x1f37},
+#line 291 "./uninorm/composition-table.gperf"
+      {"\000\000y\000\003\004", 0x0233},
+#line 962 "./uninorm/composition-table.gperf"
+      {"\0000\246\0000\231", 0x30f4},
+#line 437 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003-", 0x1e19},
+#line 265 "./uninorm/composition-table.gperf"
+      {"\000\000r\000\003\017", 0x0211},
+#line 788 "./uninorm/composition-table.gperf"
+      {"\000\037(\000\003E", 0x1f98},
+#line 451 "./uninorm/composition-table.gperf"
+      {"\000\000h\000\003\010", 0x1e27},
+#line 45 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003\012", 0x00c5},
+#line 655 "./uninorm/composition-table.gperf"
+      {"\000\000Y\000\003\003", 0x1ef8},
+#line 591 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003#", 0x1eb8},
+#line 542 "./uninorm/composition-table.gperf"
+      {"\000\000W\000\003\001", 0x1e82},
+#line 540 "./uninorm/composition-table.gperf"
+      {"\000\000W\000\003\000", 0x1e80},
+#line 160 "./uninorm/composition-table.gperf"
+      {"\000\000R\000\003\001", 0x0154},
+#line 190 "./uninorm/composition-table.gperf"
+      {"\000\000W\000\003\002", 0x0174},
+#line 546 "./uninorm/composition-table.gperf"
+      {"\000\000W\000\003\007", 0x1e86},
+#line 912 "./uninorm/composition-table.gperf"
+      {"\0000O\0000\231", 0x3050},
+#line 500 "./uninorm/composition-table.gperf"
+      {"\000\000R\000\003\007", 0x1e58},
+#line 878 "./uninorm/composition-table.gperf"
+      {"\000\"C\000\0038", 0x2244},
+#line 872 "./uninorm/composition-table.gperf"
+      {"\000\"\003\000\0038", 0x2204},
+#line 873 "./uninorm/composition-table.gperf"
+      {"\000\"\010\000\0038", 0x2209},
+#line 893 "./uninorm/composition-table.gperf"
+      {"\000\"{\000\0038", 0x2281},
+#line 177 "./uninorm/composition-table.gperf"
+      {"\000\000t\000\003\014", 0x0165},
+#line 611 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003#", 0x1ecc},
+#line 263 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003\021", 0x020f},
+#line 468 "./uninorm/composition-table.gperf"
+      {"\000\0366\000\003\004", 0x1e38},
+#line 238 "./uninorm/composition-table.gperf"
+      {"\000\000G\000\003\001", 0x01f4},
+#line 908 "./uninorm/composition-table.gperf"
+      {"\000\"\264\000\0038", 0x22ec},
+#line 906 "./uninorm/composition-table.gperf"
+      {"\000\"\262\000\0038", 0x22ea},
+#line 119 "./uninorm/composition-table.gperf"
+      {"\000\000G\000\003\002", 0x011c},
+#line 123 "./uninorm/composition-table.gperf"
+      {"\000\000G\000\003\007", 0x0120},
+#line 288 "./uninorm/composition-table.gperf"
+      {"\000\002.\000\003\004", 0x0230},
+#line 877 "./uninorm/composition-table.gperf"
+      {"\000\"<\000\0038", 0x2241},
+#line 271 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003\021", 0x0217},
+#line 905 "./uninorm/composition-table.gperf"
+      {"\000\"\222\000\0038", 0x22e3},
+#line 457 "./uninorm/composition-table.gperf"
+      {"\000\000i\000\0030", 0x1e2d},
+#line 898 "./uninorm/composition-table.gperf"
+      {"\000\"\242\000\0038", 0x22ac},
+#line 165 "./uninorm/composition-table.gperf"
+      {"\000\000r\000\003\014", 0x0159},
+#line 915 "./uninorm/composition-table.gperf"
+      {"\0000U\0000\231", 0x3056},
+#line 531 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003-", 0x1e77},
+#line 936 "./uninorm/composition-table.gperf"
+      {"\0000\235\0000\231", 0x309e},
+#line 331 "./uninorm/composition-table.gperf"
+      {"\000\004t\000\003\017", 0x0476},
+#line 882 "./uninorm/composition-table.gperf"
+      {"\000\"a\000\0038", 0x2262},
+#line 440 "./uninorm/composition-table.gperf"
+      {"\000\002(\000\003\006", 0x1e1c},
+#line 544 "./uninorm/composition-table.gperf"
+      {"\000\000W\000\003\010", 0x1e84},
+#line 635 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003#", 0x1ee4},
+#line 148 "./uninorm/composition-table.gperf"
+      {"\000\000N\000\003\001", 0x0143},
+#line 240 "./uninorm/composition-table.gperf"
+      {"\000\000N\000\003\000", 0x01f8},
+#line 153 "./uninorm/composition-table.gperf"
+      {"\000\000n\000\003\014", 0x0148},
+#line 375 "./uninorm/composition-table.gperf"
+      {"\000\011(\000\011<", 0x0929},
+#line 480 "./uninorm/composition-table.gperf"
+      {"\000\000N\000\003\007", 0x1e44},
+#line 897 "./uninorm/composition-table.gperf"
+      {"\000\"\207\000\0038", 0x2289},
+#line 185 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003\012", 0x016f},
+#line 896 "./uninorm/composition-table.gperf"
+      {"\000\"\206\000\0038", 0x2288},
+#line 456 "./uninorm/composition-table.gperf"
+      {"\000\000I\000\0030", 0x1e2c},
+#line 895 "./uninorm/composition-table.gperf"
+      {"\000\"\203\000\0038", 0x2285},
+#line 108 "./uninorm/composition-table.gperf"
+      {"\000\000d\000\003\014", 0x010f},
+#line 543 "./uninorm/composition-table.gperf"
+      {"\000\000w\000\003\001", 0x1e83},
+#line 541 "./uninorm/composition-table.gperf"
+      {"\000\000w\000\003\000", 0x1e81},
+#line 523 "./uninorm/composition-table.gperf"
+      {"\000\000t\000\0031", 0x1e6f},
+#line 191 "./uninorm/composition-table.gperf"
+      {"\000\000w\000\003\002", 0x0175},
+#line 547 "./uninorm/composition-table.gperf"
+      {"\000\000w\000\003\007", 0x1e87},
+#line 652 "./uninorm/composition-table.gperf"
+      {"\000\000y\000\003#", 0x1ef5},
+#line 890 "./uninorm/composition-table.gperf"
+      {"\000\"v\000\0038", 0x2278},
+#line 297 "./uninorm/composition-table.gperf"
+      {"\000\003\237\000\003\001", 0x038c},
+#line 863 "./uninorm/composition-table.gperf"
+      {"\000\003\237\000\003\000", 0x1ff8},
+#line 239 "./uninorm/composition-table.gperf"
+      {"\000\000g\000\003\001", 0x01f5},
+#line 254 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003\021", 0x0206},
+#line 653 "./uninorm/composition-table.gperf"
+      {"\000\000Y\000\003\011", 0x1ef6},
+#line 120 "./uninorm/composition-table.gperf"
+      {"\000\000g\000\003\002", 0x011d},
+#line 124 "./uninorm/composition-table.gperf"
+      {"\000\000g\000\003\007", 0x0121},
+#line 343 "./uninorm/composition-table.gperf"
+      {"\000\004\026\000\003\010", 0x04dc},
+#line 902 "./uninorm/composition-table.gperf"
+      {"\000\"|\000\0038", 0x22e0},
+#line 436 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003-", 0x1e18},
+#line 507 "./uninorm/composition-table.gperf"
+      {"\000\000r\000\0031", 0x1e5f},
+#line 276 "./uninorm/composition-table.gperf"
+      {"\000\000H\000\003\014", 0x021e},
+#line 494 "./uninorm/composition-table.gperf"
+      {"\000\001L\000\003\001", 0x1e52},
+#line 492 "./uninorm/composition-table.gperf"
+      {"\000\001L\000\003\000", 0x1e50},
+#line 443 "./uninorm/composition-table.gperf"
+      {"\000\000f\000\003\007", 0x1e1f},
+#line 521 "./uninorm/composition-table.gperf"
+      {"\000\000t\000\003#", 0x1e6d},
+#line 262 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003\021", 0x020e},
+#line 894 "./uninorm/composition-table.gperf"
+      {"\000\"\202\000\0038", 0x2284},
+#line 142 "./uninorm/composition-table.gperf"
+      {"\000\000L\000\003\001", 0x0139},
+#line 290 "./uninorm/composition-table.gperf"
+      {"\000\000Y\000\003\004", 0x0232},
+#line 803 "./uninorm/composition-table.gperf"
+      {"\000\037g\000\003E", 0x1fa7},
+#line 485 "./uninorm/composition-table.gperf"
+      {"\000\000n\000\0031", 0x1e49},
+#line 281 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\003'", 0x0229},
+#line 927 "./uninorm/composition-table.gperf"
+      {"\0000r\0000\231", 0x3073},
+#line 121 "./uninorm/composition-table.gperf"
+      {"\000\000G\000\003\006", 0x011e},
+#line 313 "./uninorm/composition-table.gperf"
+      {"\000\003\322\000\003\001", 0x03d3},
+#line 545 "./uninorm/composition-table.gperf"
+      {"\000\000w\000\003\010", 0x1e85},
+#line 439 "./uninorm/composition-table.gperf"
+      {"\000\000e\000\0030", 0x1e1b},
+#line 802 "./uninorm/composition-table.gperf"
+      {"\000\037f\000\003E", 0x1fa6},
+#line 427 "./uninorm/composition-table.gperf"
+      {"\000\000d\000\0031", 0x1e0f},
+#line 503 "./uninorm/composition-table.gperf"
+      {"\000\000r\000\003#", 0x1e5b},
+#line 418 "./uninorm/composition-table.gperf"
+      {"\000\000B\000\0031", 0x1e06},
+#line 284 "./uninorm/composition-table.gperf"
+      {"\000\000\325\000\003\004", 0x022c},
+#line 495 "./uninorm/composition-table.gperf"
+      {"\000\001M\000\003\001", 0x1e53},
+#line 493 "./uninorm/composition-table.gperf"
+      {"\000\001M\000\003\000", 0x1e51},
+#line 903 "./uninorm/composition-table.gperf"
+      {"\000\"}\000\0038", 0x22e1},
+#line 333 "./uninorm/composition-table.gperf"
+      {"\000\004\026\000\003\006", 0x04c1},
+#line 928 "./uninorm/composition-table.gperf"
+      {"\0000r\0000\232", 0x3074},
+#line 270 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003\021", 0x0216},
+#line 474 "./uninorm/composition-table.gperf"
+      {"\000\000M\000\003\001", 0x1e3e},
+#line 55 "./uninorm/composition-table.gperf"
+      {"\000\000N\000\003\003", 0x00d1},
+#line 483 "./uninorm/composition-table.gperf"
+      {"\000\000n\000\003#", 0x1e47},
+#line 922 "./uninorm/composition-table.gperf"
+      {"\0000d\0000\231", 0x3065},
+#line 476 "./uninorm/composition-table.gperf"
+      {"\000\000M\000\003\007", 0x1e40},
+#line 530 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003-", 0x1e76},
+#line 277 "./uninorm/composition-table.gperf"
+      {"\000\000h\000\003\014", 0x021f},
+#line 364 "./uninorm/composition-table.gperf"
+      {"\000\004G\000\003\010", 0x04f5},
+#line 518 "./uninorm/composition-table.gperf"
+      {"\000\000T\000\003\007", 0x1e6a},
+#line 920 "./uninorm/composition-table.gperf"
+      {"\0000_\0000\231", 0x3060},
+#line 425 "./uninorm/composition-table.gperf"
+      {"\000\000d\000\003#", 0x1e0d},
+#line 887 "./uninorm/composition-table.gperf"
+      {"\000\"e\000\0038", 0x2271},
+#line 416 "./uninorm/composition-table.gperf"
+      {"\000\000B\000\003#", 0x1e04},
+#line 264 "./uninorm/composition-table.gperf"
+      {"\000\000R\000\003\017", 0x0210},
+#line 844 "./uninorm/composition-table.gperf"
+      {"\000\037\376\000\003\001", 0x1fde},
+#line 843 "./uninorm/composition-table.gperf"
+      {"\000\037\376\000\003\000", 0x1fdd},
+#line 845 "./uninorm/composition-table.gperf"
+      {"\000\037\376\000\003B", 0x1fdf},
+#line 274 "./uninorm/composition-table.gperf"
+      {"\000\000T\000\003&", 0x021a},
+#line 184 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003\012", 0x016e},
+#line 314 "./uninorm/composition-table.gperf"
+      {"\000\003\322\000\003\010", 0x03d4},
+#line 310 "./uninorm/composition-table.gperf"
+      {"\000\003\277\000\003\001", 0x03cc},
+#line 761 "./uninorm/composition-table.gperf"
+      {"\000\003\277\000\003\000", 0x1f78},
+#line 723 "./uninorm/composition-table.gperf"
+      {"\000\003\237\000\003\023", 0x1f48},
+#line 529 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\0030", 0x1e75},
+#line 919 "./uninorm/composition-table.gperf"
+      {"\0000]\0000\231", 0x305e},
+#line 122 "./uninorm/composition-table.gperf"
+      {"\000\000g\000\003\006", 0x011f},
+#line 306 "./uninorm/composition-table.gperf"
+      {"\000\003\271\000\003\001", 0x03af},
+#line 760 "./uninorm/composition-table.gperf"
+      {"\000\003\271\000\003\000", 0x1f76},
+#line 838 "./uninorm/composition-table.gperf"
+      {"\000\003\271\000\003B", 0x1fd6},
+#line 448 "./uninorm/composition-table.gperf"
+      {"\000\000H\000\003#", 0x1e24},
+#line 833 "./uninorm/composition-table.gperf"
+      {"\000\037\277\000\003\001", 0x1fce},
+#line 832 "./uninorm/composition-table.gperf"
+      {"\000\037\277\000\003\000", 0x1fcd},
+#line 834 "./uninorm/composition-table.gperf"
+      {"\000\037\277\000\003B", 0x1fcf},
+#line 917 "./uninorm/composition-table.gperf"
+      {"\0000Y\0000\231", 0x305a},
+#line 319 "./uninorm/composition-table.gperf"
+      {"\000\004\032\000\003\001", 0x040c},
+#line 565 "./uninorm/composition-table.gperf"
+      {"\000\000y\000\003\012", 0x1e99},
+#line 885 "./uninorm/composition-table.gperf"
+      {"\000\000>\000\0038", 0x226f},
+#line 435 "./uninorm/composition-table.gperf"
+      {"\000\001\023\000\003\001", 0x1e17},
+#line 433 "./uninorm/composition-table.gperf"
+      {"\000\001\023\000\003\000", 0x1e15},
+#line 525 "./uninorm/composition-table.gperf"
+      {"\000\000t\000\003-", 0x1e71},
+#line 651 "./uninorm/composition-table.gperf"
+      {"\000\000Y\000\003#", 0x1ef4},
+#line 345 "./uninorm/composition-table.gperf"
+      {"\000\004\027\000\003\010", 0x04de},
+#line 776 "./uninorm/composition-table.gperf"
+      {"\000\037\014\000\003E", 0x1f8c},
+#line 562 "./uninorm/composition-table.gperf"
+      {"\000\000h\000\0031", 0x1e96},
+#line 941 "./uninorm/composition-table.gperf"
+      {"\0000\263\0000\231", 0x30b4},
+#line 164 "./uninorm/composition-table.gperf"
+      {"\000\000R\000\003\014", 0x0158},
+#line 956 "./uninorm/composition-table.gperf"
+      {"\0000\325\0000\231", 0x30d6},
+#line 779 "./uninorm/composition-table.gperf"
+      {"\000\037\017\000\003E", 0x1f8f},
+#line 267 "./uninorm/composition-table.gperf"
+      {"\000\000r\000\003\021", 0x0213},
+#line 305 "./uninorm/composition-table.gperf"
+      {"\000\003\267\000\003\001", 0x03ae},
+#line 759 "./uninorm/composition-table.gperf"
+      {"\000\003\267\000\003\000", 0x1f74},
+#line 827 "./uninorm/composition-table.gperf"
+      {"\000\003\267\000\003B", 0x1fc6},
+#line 280 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\003'", 0x0228},
+#line 626 "./uninorm/composition-table.gperf"
+      {"\000\001\241\000\003\001", 0x1edb},
+#line 628 "./uninorm/composition-table.gperf"
+      {"\000\001\241\000\003\000", 0x1edd},
+#line 444 "./uninorm/composition-table.gperf"
+      {"\000\000G\000\003\004", 0x1e20},
+#line 924 "./uninorm/composition-table.gperf"
+      {"\0000h\0000\231", 0x3069},
+#line 438 "./uninorm/composition-table.gperf"
+      {"\000\000E\000\0030", 0x1e1a},
+#line 227 "./uninorm/composition-table.gperf"
+      {"\000\000G\000\003\014", 0x01e6},
+#line 308 "./uninorm/composition-table.gperf"
+      {"\000\003\271\000\003\010", 0x03ca},
+#line 957 "./uninorm/composition-table.gperf"
+      {"\0000\325\0000\232", 0x30d7},
+#line 825 "./uninorm/composition-table.gperf"
+      {"\000\003\267\000\003E", 0x1fc3},
+#line 960 "./uninorm/composition-table.gperf"
+      {"\0000\333\0000\231", 0x30dc},
+#line 449 "./uninorm/composition-table.gperf"
+      {"\000\000h\000\003#", 0x1e25},
+#line 479 "./uninorm/composition-table.gperf"
+      {"\000\000m\000\003#", 0x1e43},
+#line 487 "./uninorm/composition-table.gperf"
+      {"\000\000n\000\003-", 0x1e4b},
+#line 937 "./uninorm/composition-table.gperf"
+      {"\0000\253\0000\231", 0x30ac},
+#line 303 "./uninorm/composition-table.gperf"
+      {"\000\003\261\000\003\001", 0x03ac},
+#line 757 "./uninorm/composition-table.gperf"
+      {"\000\003\261\000\003\000", 0x1f70},
+#line 817 "./uninorm/composition-table.gperf"
+      {"\000\003\261\000\003B", 0x1fb6},
+#line 352 "./uninorm/composition-table.gperf"
+      {"\000\004>\000\003\010", 0x04e7},
+#line 293 "./uninorm/composition-table.gperf"
+      {"\000\003\221\000\003\001", 0x0386},
+#line 821 "./uninorm/composition-table.gperf"
+      {"\000\003\221\000\003\000", 0x1fba},
+#line 431 "./uninorm/composition-table.gperf"
+      {"\000\000d\000\003-", 0x1e13},
+#line 606 "./uninorm/composition-table.gperf"
+      {"\000\036\271\000\003\002", 0x1ec7},
+#line 778 "./uninorm/composition-table.gperf"
+      {"\000\037\016\000\003E", 0x1f8e},
+#line 961 "./uninorm/composition-table.gperf"
+      {"\0000\333\0000\232", 0x30dd},
+#line 362 "./uninorm/composition-table.gperf"
+      {"\000\004C\000\003\013", 0x04f3},
+#line 152 "./uninorm/composition-table.gperf"
+      {"\000\000N\000\003\014", 0x0147},
+#line 815 "./uninorm/composition-table.gperf"
+      {"\000\003\261\000\003E", 0x1fb3},
+#line 879 "./uninorm/composition-table.gperf"
+      {"\000\"E\000\0038", 0x2247},
+#line 717 "./uninorm/composition-table.gperf"
+      {"\000\003\277\000\003\023", 0x1f40},
+#line 506 "./uninorm/composition-table.gperf"
+      {"\000\000R\000\0031", 0x1e5e},
+#line 822 "./uninorm/composition-table.gperf"
+      {"\000\003\221\000\003E", 0x1fbc},
+#line 356 "./uninorm/composition-table.gperf"
+      {"\000\004M\000\003\010", 0x04ed},
+#line 724 "./uninorm/composition-table.gperf"
+      {"\000\003\237\000\003\024", 0x1f49},
+#line 167 "./uninorm/composition-table.gperf"
+      {"\000\000s\000\003\001", 0x015b},
+#line 701 "./uninorm/composition-table.gperf"
+      {"\000\003\271\000\003\023", 0x1f30},
+#line 835 "./uninorm/composition-table.gperf"
+      {"\000\003\271\000\003\006", 0x1fd0},
+#line 169 "./uninorm/composition-table.gperf"
+      {"\000\000s\000\003\002", 0x015d},
+#line 509 "./uninorm/composition-table.gperf"
+      {"\000\000s\000\003\007", 0x1e61},
+#line 977 "./uninorm/composition-table.gperf"
+      {"\001\024\271\001\024\275", 0x114be},
+#line 528 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\0030", 0x1e74},
+#line 916 "./uninorm/composition-table.gperf"
+      {"\0000W\0000\231", 0x3058},
+#line 317 "./uninorm/composition-table.gperf"
+      {"\000\004\023\000\003\001", 0x0403},
+#line 445 "./uninorm/composition-table.gperf"
+      {"\000\000g\000\003\004", 0x1e21},
+#line 460 "./uninorm/composition-table.gperf"
+      {"\000\000K\000\003\001", 0x1e30},
+#line 770 "./uninorm/composition-table.gperf"
+      {"\000\037\006\000\003E", 0x1f86},
+#line 228 "./uninorm/composition-table.gperf"
+      {"\000\000g\000\003\014", 0x01e7},
+#line 273 "./uninorm/composition-table.gperf"
+      {"\000\000s\000\003&", 0x0219},
+#line 548 "./uninorm/composition-table.gperf"
+      {"\000\000W\000\003#", 0x1e88},
+#line 244 "./uninorm/composition-table.gperf"
+      {"\000\000\306\000\003\001", 0x01fc},
+#line 502 "./uninorm/composition-table.gperf"
+      {"\000\000R\000\003#", 0x1e5a},
+#line 580 "./uninorm/composition-table.gperf"
+      {"\000\036\241\000\003\002", 0x1ead},
+#line 311 "./uninorm/composition-table.gperf"
+      {"\000\003\305\000\003\001", 0x03cd},
+#line 762 "./uninorm/composition-table.gperf"
+      {"\000\003\305\000\003\000", 0x1f7a},
+#line 851 "./uninorm/composition-table.gperf"
+      {"\000\003\305\000\003B", 0x1fe6},
+#line 143 "./uninorm/composition-table.gperf"
+      {"\000\000l\000\003\001", 0x013a},
+#line 242 "./uninorm/composition-table.gperf"
+      {"\000\000\305\000\003\001", 0x01fa},
+#line 166 "./uninorm/composition-table.gperf"
+      {"\000\000S\000\003\001", 0x015a},
+#line 685 "./uninorm/composition-table.gperf"
+      {"\000\003\267\000\003\023", 0x1f20},
+#line 632 "./uninorm/composition-table.gperf"
+      {"\000\001\241\000\003\003", 0x1ee1},
+#line 168 "./uninorm/composition-table.gperf"
+      {"\000\000S\000\003\002", 0x015c},
+#line 508 "./uninorm/composition-table.gperf"
+      {"\000\000S\000\003\007", 0x1e60},
+#line 146 "./uninorm/composition-table.gperf"
+      {"\000\000L\000\003\014", 0x013d},
+#line 484 "./uninorm/composition-table.gperf"
+      {"\000\000N\000\0031", 0x1e48},
+#line 296 "./uninorm/composition-table.gperf"
+      {"\000\003\231\000\003\001", 0x038a},
+#line 842 "./uninorm/composition-table.gperf"
+      {"\000\003\231\000\003\000", 0x1fda},
+#line 512 "./uninorm/composition-table.gperf"
+      {"\000\001Z\000\003\007", 0x1e64},
+#line 828 "./uninorm/composition-table.gperf"
+      {"\000\037\306\000\003E", 0x1fc7},
+#line 195 "./uninorm/composition-table.gperf"
+      {"\000\000Z\000\003\001", 0x0179},
+#line 175 "./uninorm/composition-table.gperf"
+      {"\000\000t\000\003'", 0x0163},
+#line 272 "./uninorm/composition-table.gperf"
+      {"\000\000S\000\003&", 0x0218},
+#line 556 "./uninorm/composition-table.gperf"
+      {"\000\000Z\000\003\002", 0x1e90},
+#line 197 "./uninorm/composition-table.gperf"
+      {"\000\000Z\000\003\007", 0x017b},
+#line 808 "./uninorm/composition-table.gperf"
+      {"\000\037l\000\003E", 0x1fac},
+      {""},
+#line 100 "./uninorm/composition-table.gperf"
+      {"\000\000c\000\003\001", 0x0107},
+#line 657 "./uninorm/composition-table.gperf"
+      {"\000\003\261\000\003\023", 0x1f00},
+#line 812 "./uninorm/composition-table.gperf"
+      {"\000\003\261\000\003\006", 0x1fb0},
+#line 102 "./uninorm/composition-table.gperf"
+      {"\000\000c\000\003\002", 0x0109},
+#line 104 "./uninorm/composition-table.gperf"
+      {"\000\000c\000\003\007", 0x010b},
+#line 665 "./uninorm/composition-table.gperf"
+      {"\000\003\221\000\003\023", 0x1f08},
+#line 819 "./uninorm/composition-table.gperf"
+      {"\000\003\221\000\003\006", 0x1fb8},
+      {""},
+#line 482 "./uninorm/composition-table.gperf"
+      {"\000\000N\000\003#", 0x1e46},
+#line 163 "./uninorm/composition-table.gperf"
+      {"\000\000r\000\003'", 0x0157},
+#line 309 "./uninorm/composition-table.gperf"
+      {"\000\003\305\000\003\010", 0x03cb},
+#line 196 "./uninorm/composition-table.gperf"
+      {"\000\000z\000\003\001", 0x017a},
+#line 176 "./uninorm/composition-table.gperf"
+      {"\000\000T\000\003\014", 0x0164},
+#line 422 "./uninorm/composition-table.gperf"
+      {"\000\000D\000\003\007", 0x1e0a},
+#line 557 "./uninorm/composition-table.gperf"
+      {"\000\000z\000\003\002", 0x1e91},
+#line 198 "./uninorm/composition-table.gperf"
+      {"\000\000z\000\003\007", 0x017c},
+      {""},
+#line 718 "./uninorm/composition-table.gperf"
+      {"\000\003\277\000\003\024", 0x1f41},
+#line 799 "./uninorm/composition-table.gperf"
+      {"\000\037c\000\003E", 0x1fa3},
+#line 549 "./uninorm/composition-table.gperf"
+      {"\000\000w\000\003#", 0x1e89},
+#line 151 "./uninorm/composition-table.gperf"
+      {"\000\000n\000\003'", 0x0146},
+#line 159 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003\013", 0x0151},
+#line 301 "./uninorm/composition-table.gperf"
+      {"\000\003\231\000\003\010", 0x03aa},
+#line 702 "./uninorm/composition-table.gperf"
+      {"\000\003\271\000\003\024", 0x1f31},
+#line 470 "./uninorm/composition-table.gperf"
+      {"\000\000L\000\0031", 0x1e3a},
+      {""},
+#line 640 "./uninorm/composition-table.gperf"
+      {"\000\001\260\000\003\001", 0x1ee9},
+#line 642 "./uninorm/composition-table.gperf"
+      {"\000\001\260\000\003\000", 0x1eeb},
+#line 429 "./uninorm/composition-table.gperf"
+      {"\000\000d\000\003'", 0x1e11},
+#line 923 "./uninorm/composition-table.gperf"
+      {"\0000f\0000\231", 0x3067},
+#line 187 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003\013", 0x0171},
+#line 836 "./uninorm/composition-table.gperf"
+      {"\000\003\271\000\003\004", 0x1fd1},
+#line 266 "./uninorm/composition-table.gperf"
+      {"\000\000R\000\003\021", 0x0212},
+#line 625 "./uninorm/composition-table.gperf"
+      {"\000\001\240\000\003\001", 0x1eda},
+#line 627 "./uninorm/composition-table.gperf"
+      {"\000\001\240\000\003\000", 0x1edc},
+#line 590 "./uninorm/composition-table.gperf"
+      {"\000\036\241\000\003\006", 0x1eb7},
+#line 318 "./uninorm/composition-table.gperf"
+      {"\000\004\006\000\003\010", 0x0407},
+#line 888 "./uninorm/composition-table.gperf"
+      {"\000\"r\000\0038", 0x2274},
+#line 729 "./uninorm/composition-table.gperf"
+      {"\000\003\305\000\003\023", 0x1f50},
+#line 846 "./uninorm/composition-table.gperf"
+      {"\000\003\305\000\003\006", 0x1fe0},
+#line 639 "./uninorm/composition-table.gperf"
+      {"\000\001\257\000\003\001", 0x1ee8},
+#line 641 "./uninorm/composition-table.gperf"
+      {"\000\001\257\000\003\000", 0x1eea},
+      {""},
+#line 630 "./uninorm/composition-table.gperf"
+      {"\000\001\241\000\003\011", 0x1edf},
+#line 466 "./uninorm/composition-table.gperf"
+      {"\000\000L\000\003#", 0x1e36},
+#line 517 "./uninorm/composition-table.gperf"
+      {"\000\036c\000\003\007", 0x1e69},
+#line 686 "./uninorm/composition-table.gperf"
+      {"\000\003\267\000\003\024", 0x1f21},
+#line 452 "./uninorm/composition-table.gperf"
+      {"\000\000H\000\003'", 0x1e28},
+#line 954 "./uninorm/composition-table.gperf"
+      {"\0000\322\0000\231", 0x30d3},
+#line 522 "./uninorm/composition-table.gperf"
+      {"\000\000T\000\0031", 0x1e6e},
+#line 709 "./uninorm/composition-table.gperf"
+      {"\000\003\231\000\003\023", 0x1f38},
+#line 840 "./uninorm/composition-table.gperf"
+      {"\000\003\231\000\003\006", 0x1fd8},
+#line 856 "./uninorm/composition-table.gperf"
+      {"\000\003\241\000\003\024", 0x1fec},
+#line 366 "./uninorm/composition-table.gperf"
+      {"\000\004K\000\003\010", 0x04f9},
+#line 874 "./uninorm/composition-table.gperf"
+      {"\000\"\013\000\0038", 0x220c},
+#line 235 "./uninorm/composition-table.gperf"
+      {"\000\001\267\000\003\014", 0x01ee},
+#line 886 "./uninorm/composition-table.gperf"
+      {"\000\"d\000\0038", 0x2270},
+      {""},
+#line 911 "./uninorm/composition-table.gperf"
+      {"\0000M\0000\231", 0x304e},
+#line 415 "./uninorm/composition-table.gperf"
+      {"\000\000b\000\003\007", 0x1e03},
+#line 785 "./uninorm/composition-table.gperf"
+      {"\000\037%\000\003E", 0x1f95},
+      {""},
+#line 955 "./uninorm/composition-table.gperf"
+      {"\0000\322\0000\232", 0x30d4},
+#line 394 "./uninorm/composition-table.gperf"
+      {"\000\015G\000\015>", 0x0d4b},
+#line 658 "./uninorm/composition-table.gperf"
+      {"\000\003\261\000\003\024", 0x1f01},
+#line 478 "./uninorm/composition-table.gperf"
+      {"\000\000M\000\003#", 0x1e42},
+#line 304 "./uninorm/composition-table.gperf"
+      {"\000\003\265\000\003\001", 0x03ad},
+#line 758 "./uninorm/composition-table.gperf"
+      {"\000\003\265\000\003\000", 0x1f72},
+#line 666 "./uninorm/composition-table.gperf"
+      {"\000\003\221\000\003\024", 0x1f09},
+#line 520 "./uninorm/composition-table.gperf"
+      {"\000\000T\000\003#", 0x1e6c},
+#line 975 "./uninorm/composition-table.gperf"
+      {"\001\024\271\001\024\272", 0x114bb},
+#line 486 "./uninorm/composition-table.gperf"
+      {"\000\000N\000\003-", 0x1e4a},
+#line 813 "./uninorm/composition-table.gperf"
+      {"\000\003\261\000\003\004", 0x1fb1},
+#line 798 "./uninorm/composition-table.gperf"
+      {"\000\037b\000\003E", 0x1fa2},
+#line 783 "./uninorm/composition-table.gperf"
+      {"\000\037#\000\003E", 0x1f93},
+#line 880 "./uninorm/composition-table.gperf"
+      {"\000\"H\000\0038", 0x2249},
+#line 820 "./uninorm/composition-table.gperf"
+      {"\000\003\221\000\003\004", 0x1fb9},
+#line 158 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003\013", 0x0150},
+#line 461 "./uninorm/composition-table.gperf"
+      {"\000\000k\000\003\001", 0x1e31},
+#line 795 "./uninorm/composition-table.gperf"
+      {"\000\037/\000\003E", 0x1f9f},
+#line 246 "./uninorm/composition-table.gperf"
+      {"\000\000\330\000\003\001", 0x01fe},
+#line 453 "./uninorm/composition-table.gperf"
+      {"\000\000h\000\003'", 0x1e29},
+#line 947 "./uninorm/composition-table.gperf"
+      {"\0000\277\0000\231", 0x30c0},
+#line 579 "./uninorm/composition-table.gperf"
+      {"\000\036\240\000\003\002", 0x1eac},
+#line 646 "./uninorm/composition-table.gperf"
+      {"\000\001\260\000\003\003", 0x1eef},
+#line 300 "./uninorm/composition-table.gperf"
+      {"\000\003\312\000\003\001", 0x0390},
+#line 837 "./uninorm/composition-table.gperf"
+      {"\000\003\312\000\003\000", 0x1fd2},
+#line 839 "./uninorm/composition-table.gperf"
+      {"\000\003\312\000\003B", 0x1fd7},
+#line 944 "./uninorm/composition-table.gperf"
+      {"\0000\271\0000\231", 0x30ba},
+#line 597 "./uninorm/composition-table.gperf"
+      {"\000\000\312\000\003\001", 0x1ebe},
+#line 599 "./uninorm/composition-table.gperf"
+      {"\000\000\312\000\003\000", 0x1ec0},
+#line 631 "./uninorm/composition-table.gperf"
+      {"\000\001\240\000\003\003", 0x1ee0},
+#line 849 "./uninorm/composition-table.gperf"
+      {"\000\003\301\000\003\023", 0x1fe4},
+#line 408 "./uninorm/composition-table.gperf"
+      {"\000\033<\000\0335", 0x1b3d},
+#line 173 "./uninorm/composition-table.gperf"
+      {"\000\000s\000\003\014", 0x0161},
+#line 564 "./uninorm/composition-table.gperf"
+      {"\000\000w\000\003\012", 0x1e98},
+#line 807 "./uninorm/composition-table.gperf"
+      {"\000\037k\000\003E", 0x1fab},
+#line 907 "./uninorm/composition-table.gperf"
+      {"\000\"\263\000\0038", 0x22eb},
+#line 645 "./uninorm/composition-table.gperf"
+      {"\000\001\257\000\003\003", 0x1eee},
+#line 186 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003\013", 0x0170},
+#line 516 "./uninorm/composition-table.gperf"
+      {"\000\036b\000\003\007", 0x1e68},
+#line 730 "./uninorm/composition-table.gperf"
+      {"\000\003\305\000\003\024", 0x1f51},
+#line 299 "./uninorm/composition-table.gperf"
+      {"\000\003\251\000\003\001", 0x038f},
+#line 864 "./uninorm/composition-table.gperf"
+      {"\000\003\251\000\003\000", 0x1ffa},
+#line 229 "./uninorm/composition-table.gperf"
+      {"\000\000K\000\003\014", 0x01e8},
+#line 535 "./uninorm/composition-table.gperf"
+      {"\000\001k\000\003\010", 0x1e7b},
+#line 225 "./uninorm/composition-table.gperf"
+      {"\000\000\306\000\003\004", 0x01e2},
+#line 472 "./uninorm/composition-table.gperf"
+      {"\000\000L\000\003-", 0x1e3c},
+#line 407 "./uninorm/composition-table.gperf"
+      {"\000\033:\000\0335", 0x1b3b},
+#line 847 "./uninorm/composition-table.gperf"
+      {"\000\003\305\000\003\004", 0x1fe1},
+#line 403 "./uninorm/composition-table.gperf"
+      {"\000\033\011\000\0335", 0x1b0a},
+#line 943 "./uninorm/composition-table.gperf"
+      {"\0000\267\0000\231", 0x30b8},
+      {""},
+#line 710 "./uninorm/composition-table.gperf"
+      {"\000\003\231\000\003\024", 0x1f39},
+#line 865 "./uninorm/composition-table.gperf"
+      {"\000\003\251\000\003E", 0x1ffc},
+#line 147 "./uninorm/composition-table.gperf"
+      {"\000\000l\000\003\014", 0x013e},
+#line 551 "./uninorm/composition-table.gperf"
+      {"\000\000x\000\003\007", 0x1e8b},
+#line 172 "./uninorm/composition-table.gperf"
+      {"\000\000S\000\003\014", 0x0160},
+#line 634 "./uninorm/composition-table.gperf"
+      {"\000\001\241\000\003#", 0x1ee3},
+#line 901 "./uninorm/composition-table.gperf"
+      {"\000\"\253\000\0038", 0x22af},
+#line 162 "./uninorm/composition-table.gperf"
+      {"\000\000R\000\003'", 0x0156},
+#line 841 "./uninorm/composition-table.gperf"
+      {"\000\003\231\000\003\004", 0x1fd9},
+#line 713 "./uninorm/composition-table.gperf"
+      {"\000\0378\000\003\001", 0x1f3c},
+#line 711 "./uninorm/composition-table.gperf"
+      {"\000\0378\000\003\000", 0x1f3a},
+#line 715 "./uninorm/composition-table.gperf"
+      {"\000\0378\000\003B", 0x1f3e},
+#line 298 "./uninorm/composition-table.gperf"
+      {"\000\003\245\000\003\001", 0x038e},
+#line 855 "./uninorm/composition-table.gperf"
+      {"\000\003\245\000\003\000", 0x1fea},
+#line 673 "./uninorm/composition-table.gperf"
+      {"\000\003\265\000\003\023", 0x1f10},
+#line 199 "./uninorm/composition-table.gperf"
+      {"\000\000Z\000\003\014", 0x017d},
+#line 940 "./uninorm/composition-table.gperf"
+      {"\0000\261\0000\231", 0x30b2},
+#line 683 "./uninorm/composition-table.gperf"
+      {"\000\037\030\000\003\001", 0x1f1c},
+#line 681 "./uninorm/composition-table.gperf"
+      {"\000\037\030\000\003\000", 0x1f1a},
+#line 524 "./uninorm/composition-table.gperf"
+      {"\000\000T\000\003-", 0x1e70},
+#line 125 "./uninorm/composition-table.gperf"
+      {"\000\000G\000\003'", 0x0122},
+#line 513 "./uninorm/composition-table.gperf"
+      {"\000\001[\000\003\007", 0x1e65},
+#line 106 "./uninorm/composition-table.gperf"
+      {"\000\000c\000\003\014", 0x010d},
+#line 312 "./uninorm/composition-table.gperf"
+      {"\000\003\311\000\003\001", 0x03ce},
+#line 763 "./uninorm/composition-table.gperf"
+      {"\000\003\311\000\003\000", 0x1f7c},
+#line 861 "./uninorm/composition-table.gperf"
+      {"\000\003\311\000\003B", 0x1ff6},
+#line 402 "./uninorm/composition-table.gperf"
+      {"\000\033\007\000\0335", 0x1b08},
+#line 359 "./uninorm/composition-table.gperf"
+      {"\000\004#\000\003\010", 0x04f0},
+#line 464 "./uninorm/composition-table.gperf"
+      {"\000\000K\000\0031", 0x1e34},
+#line 589 "./uninorm/composition-table.gperf"
+      {"\000\036\240\000\003\006", 0x1eb6},
+#line 644 "./uninorm/composition-table.gperf"
+      {"\000\001\260\000\003\011", 0x1eed},
+#line 107 "./uninorm/composition-table.gperf"
+      {"\000\000D\000\003\014", 0x010e},
+#line 553 "./uninorm/composition-table.gperf"
+      {"\000\000x\000\003\010", 0x1e8d},
+#line 200 "./uninorm/composition-table.gperf"
+      {"\000\000z\000\003\014", 0x017e},
+#line 603 "./uninorm/composition-table.gperf"
+      {"\000\000\312\000\003\003", 0x1ec4},
+#line 859 "./uninorm/composition-table.gperf"
+      {"\000\003\311\000\003E", 0x1ff3},
+#line 458 "./uninorm/composition-table.gperf"
+      {"\000\000\317\000\003\001", 0x1e2e},
+#line 629 "./uninorm/composition-table.gperf"
+      {"\000\001\240\000\003\011", 0x1ede},
+#line 511 "./uninorm/composition-table.gperf"
+      {"\000\000s\000\003#", 0x1e63},
+#line 471 "./uninorm/composition-table.gperf"
+      {"\000\000l\000\0031", 0x1e3b},
+#line 150 "./uninorm/composition-table.gperf"
+      {"\000\000N\000\003'", 0x0145},
+#line 910 "./uninorm/composition-table.gperf"
+      {"\0000K\0000\231", 0x304c},
+#line 850 "./uninorm/composition-table.gperf"
+      {"\000\003\301\000\003\024", 0x1fe5},
+#line 536 "./uninorm/composition-table.gperf"
+      {"\000\000V\000\003\003", 0x1e7c},
+#line 643 "./uninorm/composition-table.gperf"
+      {"\000\001\257\000\003\011", 0x1eec},
+#line 302 "./uninorm/composition-table.gperf"
+      {"\000\003\245\000\003\010", 0x03ab},
+#line 950 "./uninorm/composition-table.gperf"
+      {"\0000\306\0000\231", 0x30c7},
+#line 368 "./uninorm/composition-table.gperf"
+      {"\000\006'\000\006T", 0x0623},
+#line 462 "./uninorm/composition-table.gperf"
+      {"\000\000K\000\003#", 0x1e32},
+      {""},
+#line 749 "./uninorm/composition-table.gperf"
+      {"\000\003\251\000\003\023", 0x1f68},
+#line 341 "./uninorm/composition-table.gperf"
+      {"\000\004\330\000\003\010", 0x04da},
+#line 560 "./uninorm/composition-table.gperf"
+      {"\000\000Z\000\0031", 0x1e94},
+#line 504 "./uninorm/composition-table.gperf"
+      {"\000\036Z\000\003\004", 0x1e5c},
+#line 914 "./uninorm/composition-table.gperf"
+      {"\0000S\0000\231", 0x3054},
+#line 329 "./uninorm/composition-table.gperf"
+      {"\000\0048\000\003\000", 0x045d},
+#line 321 "./uninorm/composition-table.gperf"
+      {"\000\004#\000\003\006", 0x040e},
+#line 615 "./uninorm/composition-table.gperf"
+      {"\000\000\324\000\003\001", 0x1ed0},
+#line 617 "./uninorm/composition-table.gperf"
+      {"\000\000\324\000\003\000", 0x1ed2},
+#line 467 "./uninorm/composition-table.gperf"
+      {"\000\000l\000\003#", 0x1e37},
+#line 126 "./uninorm/composition-table.gperf"
+      {"\000\000g\000\003'", 0x0123},
+#line 510 "./uninorm/composition-table.gperf"
+      {"\000\000S\000\003#", 0x1e62},
+#line 527 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003$", 0x1e73},
+#line 320 "./uninorm/composition-table.gperf"
+      {"\000\004\030\000\003\000", 0x040d},
+      {""},
+#line 598 "./uninorm/composition-table.gperf"
+      {"\000\000\352\000\003\001", 0x1ebf},
+#line 600 "./uninorm/composition-table.gperf"
+      {"\000\000\352\000\003\000", 0x1ec1},
+      {""},
+#line 426 "./uninorm/composition-table.gperf"
+      {"\000\000D\000\0031", 0x1e0e},
+#line 327 "./uninorm/composition-table.gperf"
+      {"\000\004V\000\003\010", 0x0457},
+#line 561 "./uninorm/composition-table.gperf"
+      {"\000\000z\000\0031", 0x1e95},
+#line 378 "./uninorm/composition-table.gperf"
+      {"\000\011\307\000\011\276", 0x09cb},
+#line 558 "./uninorm/composition-table.gperf"
+      {"\000\000Z\000\003#", 0x1e92},
+#line 289 "./uninorm/composition-table.gperf"
+      {"\000\002/\000\003\004", 0x0231},
+#line 853 "./uninorm/composition-table.gperf"
+      {"\000\003\245\000\003\006", 0x1fe8},
+#line 972 "./uninorm/composition-table.gperf"
+      {"\001\0212\001\021'", 0x1112f},
+#line 144 "./uninorm/composition-table.gperf"
+      {"\000\000L\000\003'", 0x013b},
+#line 674 "./uninorm/composition-table.gperf"
+      {"\000\003\265\000\003\024", 0x1f11},
+#line 371 "./uninorm/composition-table.gperf"
+      {"\000\006J\000\006T", 0x0626},
+#line 891 "./uninorm/composition-table.gperf"
+      {"\000\"w\000\0038", 0x2279},
+#line 690 "./uninorm/composition-table.gperf"
+      {"\000\037!\000\003\001", 0x1f25},
+#line 688 "./uninorm/composition-table.gperf"
+      {"\000\037!\000\003\000", 0x1f23},
+#line 692 "./uninorm/composition-table.gperf"
+      {"\000\037!\000\003B", 0x1f27},
+#line 381 "./uninorm/composition-table.gperf"
+      {"\000\013G\000\013>", 0x0b4b},
+#line 741 "./uninorm/composition-table.gperf"
+      {"\000\003\311\000\003\023", 0x1f60},
+#line 295 "./uninorm/composition-table.gperf"
+      {"\000\003\227\000\003\001", 0x0389},
+#line 830 "./uninorm/composition-table.gperf"
+      {"\000\003\227\000\003\000", 0x1fca},
+#line 350 "./uninorm/composition-table.gperf"
+      {"\000\0048\000\003\010", 0x04e5},
+#line 424 "./uninorm/composition-table.gperf"
+      {"\000\000D\000\003#", 0x1e0c},
+#line 968 "./uninorm/composition-table.gperf"
+      {"\001\020\231\001\020\272", 0x1109a},
+#line 559 "./uninorm/composition-table.gperf"
+      {"\000\000z\000\003#", 0x1e93},
+      {""},
+#line 781 "./uninorm/composition-table.gperf"
+      {"\000\037!\000\003E", 0x1f91},
+#line 601 "./uninorm/composition-table.gperf"
+      {"\000\000\312\000\003\011", 0x1ec2},
+      {""},
+#line 349 "./uninorm/composition-table.gperf"
+      {"\000\004\030\000\003\010", 0x04e4},
+#line 401 "./uninorm/composition-table.gperf"
+      {"\000\033\005\000\0335", 0x1b06},
+#line 831 "./uninorm/composition-table.gperf"
+      {"\000\003\227\000\003E", 0x1fcc},
+#line 978 "./uninorm/composition-table.gperf"
+      {"\001\025\270\001\025\257", 0x115ba},
+#line 405 "./uninorm/composition-table.gperf"
+      {"\000\033\015\000\0335", 0x1b0e},
+#line 230 "./uninorm/composition-table.gperf"
+      {"\000\000k\000\003\014", 0x01e9},
+#line 174 "./uninorm/composition-table.gperf"
+      {"\000\000T\000\003'", 0x0162},
+#line 496 "./uninorm/composition-table.gperf"
+      {"\000\000P\000\003\001", 0x1e54},
+#line 410 "./uninorm/composition-table.gperf"
+      {"\000\033?\000\0335", 0x1b41},
+      {""},
+#line 648 "./uninorm/composition-table.gperf"
+      {"\000\001\260\000\003#", 0x1ef1},
+#line 498 "./uninorm/composition-table.gperf"
+      {"\000\000P\000\003\007", 0x1e56},
+#line 948 "./uninorm/composition-table.gperf"
+      {"\0000\301\0000\231", 0x30c2},
+#line 733 "./uninorm/composition-table.gperf"
+      {"\000\037P\000\003\001", 0x1f54},
+#line 731 "./uninorm/composition-table.gperf"
+      {"\000\037P\000\003\000", 0x1f52},
+#line 735 "./uninorm/composition-table.gperf"
+      {"\000\037P\000\003B", 0x1f56},
+      {""},
+#line 633 "./uninorm/composition-table.gperf"
+      {"\000\001\240\000\003#", 0x1ee2},
+#line 750 "./uninorm/composition-table.gperf"
+      {"\000\003\251\000\003\024", 0x1f69},
+#line 419 "./uninorm/composition-table.gperf"
+      {"\000\000b\000\0031", 0x1e07},
+#line 621 "./uninorm/composition-table.gperf"
+      {"\000\000\324\000\003\003", 0x1ed6},
+#line 323 "./uninorm/composition-table.gperf"
+      {"\000\0048\000\003\006", 0x0439},
+#line 868 "./uninorm/composition-table.gperf"
+      {"\000!\224\000\0038", 0x21ae},
+#line 939 "./uninorm/composition-table.gperf"
+      {"\0000\257\0000\231", 0x30b0},
+#line 647 "./uninorm/composition-table.gperf"
+      {"\000\001\257\000\003#", 0x1ef0},
+#line 514 "./uninorm/composition-table.gperf"
+      {"\000\001`\000\003\007", 0x1e66},
+#line 866 "./uninorm/composition-table.gperf"
+      {"\000!\220\000\0038", 0x219a},
+#line 473 "./uninorm/composition-table.gperf"
+      {"\000\000l\000\003-", 0x1e3d},
+#line 604 "./uninorm/composition-table.gperf"
+      {"\000\000\352\000\003\003", 0x1ec5},
+#line 322 "./uninorm/composition-table.gperf"
+      {"\000\004\030\000\003\006", 0x0419},
+#line 883 "./uninorm/composition-table.gperf"
+      {"\000\"M\000\0038", 0x226d},
+#line 357 "./uninorm/composition-table.gperf"
+      {"\000\004#\000\003\004", 0x04ee},
+      {""},
+#line 745 "./uninorm/composition-table.gperf"
+      {"\000\037`\000\003\001", 0x1f64},
+#line 743 "./uninorm/composition-table.gperf"
+      {"\000\037`\000\003\000", 0x1f62},
+#line 747 "./uninorm/composition-table.gperf"
+      {"\000\037`\000\003B", 0x1f66},
+#line 526 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003$", 0x1e72},
+#line 616 "./uninorm/composition-table.gperf"
+      {"\000\000\364\000\003\001", 0x1ed1},
+#line 618 "./uninorm/composition-table.gperf"
+      {"\000\000\364\000\003\000", 0x1ed3},
+#line 417 "./uninorm/composition-table.gperf"
+      {"\000\000b\000\003#", 0x1e05},
+#line 867 "./uninorm/composition-table.gperf"
+      {"\000!\222\000\0038", 0x219b},
+#line 737 "./uninorm/composition-table.gperf"
+      {"\000\003\245\000\003\024", 0x1f59},
+#line 465 "./uninorm/composition-table.gperf"
+      {"\000\000k\000\0031", 0x1e35},
+      {""},
+#line 382 "./uninorm/composition-table.gperf"
+      {"\000\013G\000\013W", 0x0b4c},
+#line 796 "./uninorm/composition-table.gperf"
+      {"\000\037`\000\003E", 0x1fa0},
+      {""},
+#line 942 "./uninorm/composition-table.gperf"
+      {"\0000\265\0000\231", 0x30b6},
+      {""},
+#line 854 "./uninorm/composition-table.gperf"
+      {"\000\003\245\000\003\004", 0x1fe9},
+      {""},
+#line 693 "./uninorm/composition-table.gperf"
+      {"\000\003\227\000\003\023", 0x1f28},
+#line 742 "./uninorm/composition-table.gperf"
+      {"\000\003\311\000\003\024", 0x1f61},
+#line 869 "./uninorm/composition-table.gperf"
+      {"\000!\320\000\0038", 0x21cd},
+#line 387 "./uninorm/composition-table.gperf"
+      {"\000\014F\000\014V", 0x0c48},
+      {""},
+#line 430 "./uninorm/composition-table.gperf"
+      {"\000\000D\000\003-", 0x1e12},
+#line 958 "./uninorm/composition-table.gperf"
+      {"\0000\330\0000\231", 0x30d9},
+#line 294 "./uninorm/composition-table.gperf"
+      {"\000\003\225\000\003\001", 0x0388},
+#line 829 "./uninorm/composition-table.gperf"
+      {"\000\003\225\000\003\000", 0x1fc8},
+#line 572 "./uninorm/composition-table.gperf"
+      {"\000\000\342\000\003\001", 0x1ea5},
+#line 574 "./uninorm/composition-table.gperf"
+      {"\000\000\342\000\003\000", 0x1ea7},
+#line 463 "./uninorm/composition-table.gperf"
+      {"\000\000k\000\003#", 0x1e33},
+#line 307 "./uninorm/composition-table.gperf"
+      {"\000\003\313\000\003\001", 0x03b0},
+#line 848 "./uninorm/composition-table.gperf"
+      {"\000\003\313\000\003\000", 0x1fe2},
+#line 852 "./uninorm/composition-table.gperf"
+      {"\000\003\313\000\003B", 0x1fe7},
+#line 571 "./uninorm/composition-table.gperf"
+      {"\000\000\302\000\003\001", 0x1ea4},
+#line 573 "./uninorm/composition-table.gperf"
+      {"\000\000\302\000\003\000", 0x1ea6},
+#line 292 "./uninorm/composition-table.gperf"
+      {"\000\000\250\000\003\001", 0x0385},
+#line 857 "./uninorm/composition-table.gperf"
+      {"\000\000\250\000\003\000", 0x1fed},
+#line 823 "./uninorm/composition-table.gperf"
+      {"\000\000\250\000\003B", 0x1fc1},
+#line 959 "./uninorm/composition-table.gperf"
+      {"\0000\330\0000\232", 0x30da},
+#line 734 "./uninorm/composition-table.gperf"
+      {"\000\037Q\000\003\001", 0x1f55},
+#line 732 "./uninorm/composition-table.gperf"
+      {"\000\037Q\000\003\000", 0x1f53},
+#line 736 "./uninorm/composition-table.gperf"
+      {"\000\037Q\000\003B", 0x1f57},
+#line 202 "./uninorm/composition-table.gperf"
+      {"\000\000o\000\003\033", 0x01a1},
+#line 497 "./uninorm/composition-table.gperf"
+      {"\000\000p\000\003\001", 0x1e55},
+#line 786 "./uninorm/composition-table.gperf"
+      {"\000\037&\000\003E", 0x1f96},
+#line 139 "./uninorm/composition-table.gperf"
+      {"\000\000j\000\003\002", 0x0135},
+#line 619 "./uninorm/composition-table.gperf"
+      {"\000\000\324\000\003\011", 0x1ed4},
+#line 499 "./uninorm/composition-table.gperf"
+      {"\000\000p\000\003\007", 0x1e57},
+      {""},
+#line 538 "./uninorm/composition-table.gperf"
+      {"\000\000V\000\003#", 0x1e7e},
+#line 324 "./uninorm/composition-table.gperf"
+      {"\000\0045\000\003\000", 0x0450},
+#line 204 "./uninorm/composition-table.gperf"
+      {"\000\000u\000\003\033", 0x01b0},
+#line 413 "./uninorm/composition-table.gperf"
+      {"\000\000a\000\003%", 0x1e01},
+      {""},
+#line 602 "./uninorm/composition-table.gperf"
+      {"\000\000\352\000\003\011", 0x1ec3},
+#line 171 "./uninorm/composition-table.gperf"
+      {"\000\000s\000\003'", 0x015f},
+#line 931 "./uninorm/composition-table.gperf"
+      {"\0000x\0000\231", 0x3079},
+      {""},
+#line 348 "./uninorm/composition-table.gperf"
+      {"\000\0048\000\003\004", 0x04e3},
+      {""},
+#line 806 "./uninorm/composition-table.gperf"
+      {"\000\037j\000\003E", 0x1faa},
+#line 814 "./uninorm/composition-table.gperf"
+      {"\000\037p\000\003E", 0x1fb2},
+#line 622 "./uninorm/composition-table.gperf"
+      {"\000\000\364\000\003\003", 0x1ed7},
+#line 233 "./uninorm/composition-table.gperf"
+      {"\000\001\352\000\003\004", 0x01ec},
+      {""},
+#line 140 "./uninorm/composition-table.gperf"
+      {"\000\000K\000\003'", 0x0136},
+#line 347 "./uninorm/composition-table.gperf"
+      {"\000\004\030\000\003\004", 0x04e2},
+      {""},
+#line 505 "./uninorm/composition-table.gperf"
+      {"\000\036[\000\003\004", 0x1e5d},
+#line 534 "./uninorm/composition-table.gperf"
+      {"\000\001j\000\003\010", 0x1e7a},
+#line 932 "./uninorm/composition-table.gperf"
+      {"\0000x\0000\232", 0x307a},
+      {""},
+#line 904 "./uninorm/composition-table.gperf"
+      {"\000\"\221\000\0038", 0x22e2},
+      {""}, {""}, {""},
+#line 145 "./uninorm/composition-table.gperf"
+      {"\000\000l\000\003'", 0x013c},
+      {""},
+#line 170 "./uninorm/composition-table.gperf"
+      {"\000\000S\000\003'", 0x015e},
+      {""},
+#line 918 "./uninorm/composition-table.gperf"
+      {"\0000[\0000\231", 0x305c},
+#line 694 "./uninorm/composition-table.gperf"
+      {"\000\003\227\000\003\024", 0x1f29},
+#line 325 "./uninorm/composition-table.gperf"
+      {"\000\0045\000\003\010", 0x0451},
+#line 889 "./uninorm/composition-table.gperf"
+      {"\000\"s\000\0038", 0x2275},
+      {""},
+#line 578 "./uninorm/composition-table.gperf"
+      {"\000\000\342\000\003\003", 0x1eab},
+#line 679 "./uninorm/composition-table.gperf"
+      {"\000\003\225\000\003\023", 0x1f18},
+#line 689 "./uninorm/composition-table.gperf"
+      {"\000\037 \000\003\001", 0x1f24},
+#line 687 "./uninorm/composition-table.gperf"
+      {"\000\037 \000\003\000", 0x1f22},
+#line 691 "./uninorm/composition-table.gperf"
+      {"\000\037 \000\003B", 0x1f26},
+      {""},
+#line 577 "./uninorm/composition-table.gperf"
+      {"\000\000\302\000\003\003", 0x1eaa},
+      {""},
+#line 952 "./uninorm/composition-table.gperf"
+      {"\0000\317\0000\231", 0x30d0},
+      {""}, {""},
+#line 72 "./uninorm/composition-table.gperf"
+      {"\000\000c\000\003'", 0x00e7},
+#line 970 "./uninorm/composition-table.gperf"
+      {"\001\020\245\001\020\272", 0x110ab},
+#line 201 "./uninorm/composition-table.gperf"
+      {"\000\000O\000\003\033", 0x01a0},
+#line 780 "./uninorm/composition-table.gperf"
+      {"\000\037 \000\003E", 0x1f90},
+      {""},
+#line 406 "./uninorm/composition-table.gperf"
+      {"\000\033\021\000\0335", 0x1b12},
+      {""}, {""},
+#line 404 "./uninorm/composition-table.gperf"
+      {"\000\033\013\000\0335", 0x1b0c},
+#line 428 "./uninorm/composition-table.gperf"
+      {"\000\000D\000\003'", 0x1e10},
+      {""},
+#line 953 "./uninorm/composition-table.gperf"
+      {"\0000\317\0000\232", 0x30d1},
+#line 411 "./uninorm/composition-table.gperf"
+      {"\000\033B\000\0335", 0x1b43},
+#line 454 "./uninorm/composition-table.gperf"
+      {"\000\000H\000\003.", 0x1e2a},
+      {""},
+#line 340 "./uninorm/composition-table.gperf"
+      {"\000\0045\000\003\006", 0x04d7},
+      {""}, {""}, {""},
+#line 412 "./uninorm/composition-table.gperf"
+      {"\000\000A\000\003%", 0x1e00},
+      {""},
+#line 971 "./uninorm/composition-table.gperf"
+      {"\001\0211\001\021'", 0x1112e},
+#line 383 "./uninorm/composition-table.gperf"
+      {"\000\013\222\000\013\327", 0x0b94},
+      {""},
+#line 203 "./uninorm/composition-table.gperf"
+      {"\000\000U\000\003\033", 0x01af},
+#line 620 "./uninorm/composition-table.gperf"
+      {"\000\000\364\000\003\011", 0x1ed5},
+      {""}, {""}, {""}, {""},
+#line 379 "./uninorm/composition-table.gperf"
+      {"\000\011\307\000\011\327", 0x09cc},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+#line 892 "./uninorm/composition-table.gperf"
+      {"\000\"z\000\0038", 0x2280},
+      {""},
+#line 388 "./uninorm/composition-table.gperf"
+      {"\000\014\277\000\014\325", 0x0cc0},
+      {""}, {""}, {""}, {""}, {""},
+#line 455 "./uninorm/composition-table.gperf"
+      {"\000\000h\000\003.", 0x1e2b},
+#line 576 "./uninorm/composition-table.gperf"
+      {"\000\000\342\000\003\011", 0x1ea9},
+      {""}, {""}, {""}, {""},
+#line 680 "./uninorm/composition-table.gperf"
+      {"\000\003\225\000\003\024", 0x1f19},
+#line 575 "./uninorm/composition-table.gperf"
+      {"\000\000\302\000\003\011", 0x1ea8},
+#line 223 "./uninorm/composition-table.gperf"
+      {"\000\002&\000\003\004", 0x01e0},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""},
+#line 396 "./uninorm/composition-table.gperf"
+      {"\000\015\331\000\015\312", 0x0dda},
+#line 876 "./uninorm/composition-table.gperf"
+      {"\000\"%\000\0038", 0x2226},
+      {""}, {""}, {""}, {""}, {""}, {""},
+#line 367 "./uninorm/composition-table.gperf"
+      {"\000\006'\000\006S", 0x0622},
+#line 141 "./uninorm/composition-table.gperf"
+      {"\000\000k\000\003'", 0x0137},
+      {""},
+#line 380 "./uninorm/composition-table.gperf"
+      {"\000\013G\000\013V", 0x0b48},
+#line 237 "./uninorm/composition-table.gperf"
+      {"\000\000j\000\003\014", 0x01f0},
+#line 385 "./uninorm/composition-table.gperf"
+      {"\000\013\307\000\013\276", 0x0bcb},
+      {""},
+#line 875 "./uninorm/composition-table.gperf"
+      {"\000\"#\000\0038", 0x2224},
+      {""},
+#line 973 "./uninorm/composition-table.gperf"
+      {"\001\023G\001\023>", 0x1134b},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""},
+#line 909 "./uninorm/composition-table.gperf"
+      {"\000\"\265\000\0038", 0x22ed},
+#line 369 "./uninorm/composition-table.gperf"
+      {"\000\006H\000\006T", 0x0624},
+      {""}, {""}, {""},
+#line 398 "./uninorm/composition-table.gperf"
+      {"\000\015\334\000\015\312", 0x0ddd},
+      {""}, {""},
+#line 390 "./uninorm/composition-table.gperf"
+      {"\000\014\306\000\014\326", 0x0cc8},
+#line 391 "./uninorm/composition-table.gperf"
+      {"\000\014\306\000\014\302", 0x0cca},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""},
+#line 389 "./uninorm/composition-table.gperf"
+      {"\000\014\306\000\014\325", 0x0cc7},
+      {""}, {""}, {""},
+#line 913 "./uninorm/composition-table.gperf"
+      {"\0000Q\0000\231", 0x3052},
+#line 372 "./uninorm/composition-table.gperf"
+      {"\000\006\325\000\006T", 0x06c0},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""},
+#line 900 "./uninorm/composition-table.gperf"
+      {"\000\"\251\000\0038", 0x22ae},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""},
+#line 974 "./uninorm/composition-table.gperf"
+      {"\001\023G\001\023W", 0x1134c},
+#line 976 "./uninorm/composition-table.gperf"
+      {"\001\024\271\001\024\260", 0x114bc},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""},
+#line 409 "./uninorm/composition-table.gperf"
+      {"\000\033>\000\0335", 0x1b40},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+#line 392 "./uninorm/composition-table.gperf"
+      {"\000\014\312\000\014\325", 0x0ccb},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""},
+#line 361 "./uninorm/composition-table.gperf"
+      {"\000\004#\000\003\013", 0x04f2},
+      {""}, {""}, {""}, {""}, {""},
+#line 374 "./uninorm/composition-table.gperf"
+      {"\000\006\322\000\006T", 0x06d3},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""},
+#line 979 "./uninorm/composition-table.gperf"
+      {"\001\025\271\001\025\257", 0x115bb},
+      {""}, {""}, {""},
+#line 370 "./uninorm/composition-table.gperf"
+      {"\000\006'\000\006U", 0x0625},
+      {""}, {""}, {""}, {""}, {""},
+#line 899 "./uninorm/composition-table.gperf"
+      {"\000\"\250\000\0038", 0x22ad},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""},
+#line 871 "./uninorm/composition-table.gperf"
+      {"\000!\322\000\0038", 0x21cf},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""},
+#line 384 "./uninorm/composition-table.gperf"
+      {"\000\013\306\000\013\276", 0x0bca},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""},
+#line 373 "./uninorm/composition-table.gperf"
+      {"\000\006\301\000\006T", 0x06c2},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""},
+#line 400 "./uninorm/composition-table.gperf"
+      {"\000\020%\000\020.", 0x1026},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""},
+#line 386 "./uninorm/composition-table.gperf"
+      {"\000\013\306\000\013\327", 0x0bcc},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+      {""}, {""}, {""},
+#line 870 "./uninorm/composition-table.gperf"
+      {"\000!\324\000\0038", 0x21ce}
+    };
+
+  if (len <= MAX_WORD_LENGTH && len >= MIN_WORD_LENGTH)
+    {
+      register unsigned int key = gl_uninorm_compose_hash (str, len);
+
+      if (key <= MAX_HASH_VALUE)
+        if (len == lengthtable[key])
+          {
+            register const char *s = wordlist[key].codes;
+
+            if (*str == *s && !memcmp (str + 1, s + 1, len - 1))
+              return &wordlist[key];
+          }
+    }
+  return 0;
+}
diff --git a/lib/unistring/uninorm/composition.c b/lib/unistring/uninorm/composition.c
new file mode 100644
index 0000000..d08ec84
--- /dev/null
+++ b/lib/unistring/uninorm/composition.c
@@ -0,0 +1,96 @@
+/* Canonical composition of Unicode characters.
+   Copyright (C) 2002, 2006, 2009, 2011-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "uninorm.h"
+
+#include <string.h>
+
+struct composition_rule { char codes[6]; unsigned int combined; };
+
+#include "composition-table.h"
+
+ucs4_t
+uc_composition (ucs4_t uc1, ucs4_t uc2)
+{
+  if (uc1 < 0x12000 && uc2 < 0x12000)
+    {
+      if (uc2 >= 0x1161 && uc2 < 0x1161 + 21
+          && uc1 >= 0x1100 && uc1 < 0x1100 + 19)
+        {
+          /* Hangul: Combine single letter L and single letter V to form
+             two-letter syllable LV.  */
+          return 0xAC00 + ((uc1 - 0x1100) * 21 + (uc2 - 0x1161)) * 28;
+        }
+      else if (uc2 > 0x11A7 && uc2 < 0x11A7 + 28
+               && uc1 >= 0xAC00 && uc1 < 0xD7A4 && ((uc1 - 0xAC00) % 28) == 0)
+        {
+          /* Hangul: Combine two-letter syllable LV with single-letter T
+             to form three-letter syllable LVT.  */
+          return uc1 + (uc2 - 0x11A7);
+        }
+      else
+        {
+#if 0
+          unsigned int uc = MUL1 * uc1 * MUL2 * uc2;
+          unsigned int index1 = uc >> composition_header_0;
+          if (index1 < composition_header_1)
+            {
+              int lookup1 = u_composition.level1[index1];
+              if (lookup1 >= 0)
+                {
+                  unsigned int index2 = (uc >> composition_header_2) & composition_header_3;
+                  int lookup2 = u_composition.level2[lookup1 + index2];
+                  if (lookup2 >= 0)
+                    {
+                      unsigned int index3 = (uc & composition_header_4);
+                      unsigned int lookup3 = u_composition.level3[lookup2 + index3];
+                      if ((lookup3 >> 16) == uc2)
+                        return lookup3 & ((1U << 16) - 1);
+                    }
+                }
+            }
+#else
+          char codes[6];
+          const struct composition_rule *rule;
+
+          codes[0] = (uc1 >> 16) & 0xff;
+          codes[1] = (uc1 >> 8) & 0xff;
+          codes[2] = uc1 & 0xff;
+          codes[3] = (uc2 >> 16) & 0xff;
+          codes[4] = (uc2 >> 8) & 0xff;
+          codes[5] = uc2 & 0xff;
+
+          rule = gl_uninorm_compose_lookup (codes, 6);
+          if (rule != NULL)
+            return rule->combined;
+#endif
+        }
+    }
+  return 0;
+}
diff --git a/lib/unistring/uninorm/decompose-internal.c b/lib/unistring/uninorm/decompose-internal.c
new file mode 100644
index 0000000..2c7ee20
--- /dev/null
+++ b/lib/unistring/uninorm/decompose-internal.c
@@ -0,0 +1,38 @@
+/* Decomposition of Unicode strings.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "decompose-internal.h"
+
+#define ELEMENT struct ucs4_with_ccc
+#define COMPARE(a,b) ((a)->ccc - (b)->ccc)
+#define STATIC
+#define STATIC_FROMTO static
+#define merge_sort_fromto gl_uninorm_decompose_merge_sort_fromto
+#define merge_sort_inplace gl_uninorm_decompose_merge_sort_inplace
+#include "array-mergesort.h"
diff --git a/lib/unistring/uninorm/decompose-internal.h b/lib/unistring/uninorm/decompose-internal.h
new file mode 100644
index 0000000..d0ed2e0
--- /dev/null
+++ b/lib/unistring/uninorm/decompose-internal.h
@@ -0,0 +1,45 @@
+/* Decomposition of Unicode strings.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <stddef.h>
+
+#include "unitypes.h"
+
+/* Variant of uc_decomposition that does not produce the 'tag'.  */
+extern int
+       uc_compat_decomposition (ucs4_t uc, ucs4_t *decomposition);
+
+/* A Unicode character together with its canonical combining class.  */
+struct ucs4_with_ccc
+{
+  ucs4_t code;
+  int ccc;      /* range 0..255 */
+};
+
+/* Stable-sort an array of 'struct ucs4_with_ccc'.  */
+extern void
+       gl_uninorm_decompose_merge_sort_inplace (struct ucs4_with_ccc *src, size_t n,
+                                                struct ucs4_with_ccc *tmp);
diff --git a/lib/unistring/uninorm/decomposition-table.c b/lib/unistring/uninorm/decomposition-table.c
new file mode 100644
index 0000000..dbbad4f
--- /dev/null
+++ b/lib/unistring/uninorm/decomposition-table.c
@@ -0,0 +1,32 @@
+/* Decomposition of Unicode characters.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "uninorm/decomposition-table.h"
+
+#include "uninorm/decomposition-table2.h"
diff --git a/lib/unistring/uninorm/decomposition-table.h b/lib/unistring/uninorm/decomposition-table.h
new file mode 100644
index 0000000..c31dd77
--- /dev/null
+++ b/lib/unistring/uninorm/decomposition-table.h
@@ -0,0 +1,57 @@
+/* Decomposition of Unicode characters.
+   Copyright (C) 2001-2003, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+
+#include "unitypes.h"
+
+/* The decomposition table is made of two parts:
+     - A table containing the actual arrays of decomposed equivalents.
+       (This table is separate because the maximum length of a decomposition
+       is 18, much larger than the average length 1.497 of a decomposition).
+     - A 3-level table of indices into this array.  */
+
+#include "decomposition-table1.h"
+
+static inline unsigned short
+decomp_index (ucs4_t uc)
+{
+  unsigned int index1 = uc >> decomp_header_0;
+  if (index1 < decomp_header_1)
+    {
+      int lookup1 = gl_uninorm_decomp_index_table.level1[index1];
+      if (lookup1 >= 0)
+        {
+          unsigned int index2 = (uc >> decomp_header_2) & decomp_header_3;
+          int lookup2 = gl_uninorm_decomp_index_table.level2[lookup1 + index2];
+          if (lookup2 >= 0)
+            {
+              unsigned int index3 = uc & decomp_header_4;
+              return gl_uninorm_decomp_index_table.level3[lookup2 + index3];
+            }
+        }
+    }
+  return (unsigned short)(-1);
+}
diff --git a/lib/unistring/uninorm/decomposition-table1.h b/lib/unistring/uninorm/decomposition-table1.h
new file mode 100644
index 0000000..5fb5ff2
--- /dev/null
+++ b/lib/unistring/uninorm/decomposition-table1.h
@@ -0,0 +1,20 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Decomposition of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+
+extern const unsigned char gl_uninorm_decomp_chars_table[];
+
+#define decomp_header_0 10
+#define decomp_header_1 191
+#define decomp_header_2 5
+#define decomp_header_3 31
+#define decomp_header_4 31
+
+typedef struct
+  {
+    int level1[191];
+    int level2[23 << 5];
+    unsigned short level3[277 << 5];
+  }
+decomp_index_table_t;
+extern const decomp_index_table_t gl_uninorm_decomp_index_table;
diff --git a/lib/unistring/uninorm/decomposition-table2.h b/lib/unistring/uninorm/decomposition-table2.h
new file mode 100644
index 0000000..539819b
--- /dev/null
+++ b/lib/unistring/uninorm/decomposition-table2.h
@@ -0,0 +1,3373 @@
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Decomposition of Unicode characters.  */
+/* Generated automatically by gen-uni-tables.c for Unicode 9.0.0.  */
+
+const unsigned char gl_uninorm_decomp_chars_table[] =
+{
+  0x08, 0x00, 0x20, 0xC0, 0x00, 0x20, 0x00, 0x03, 0x08, 0x20, 0x00, 0x61,
+  0xC0, 0x00, 0x20, 0x00, 0x03, 0x04, 0x20, 0x00, 0x32, 0x20, 0x00, 0x33,
+  0xC0, 0x00, 0x20, 0x00, 0x03, 0x01, 0x40, 0x03, 0xBC, 0xC0, 0x00, 0x20,
+  0x00, 0x03, 0x27, 0x20, 0x00, 0x31, 0x20, 0x00, 0x6F, 0xBC, 0x00, 0x31,
+  0x80, 0x20, 0x44, 0x00, 0x00, 0x34, 0xBC, 0x00, 0x31, 0x80, 0x20, 0x44,
+  0x00, 0x00, 0x32, 0xBC, 0x00, 0x33, 0x80, 0x20, 0x44, 0x00, 0x00, 0x34,
+  0x80, 0x00, 0x41, 0x00, 0x03, 0x00, 0x80, 0x00, 0x41, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x41, 0x00, 0x03, 0x02, 0x80, 0x00, 0x41, 0x00, 0x03, 0x03,
+  0x80, 0x00, 0x41, 0x00, 0x03, 0x08, 0x80, 0x00, 0x41, 0x00, 0x03, 0x0A,
+  0x80, 0x00, 0x43, 0x00, 0x03, 0x27, 0x80, 0x00, 0x45, 0x00, 0x03, 0x00,
+  0x80, 0x00, 0x45, 0x00, 0x03, 0x01, 0x80, 0x00, 0x45, 0x00, 0x03, 0x02,
+  0x80, 0x00, 0x45, 0x00, 0x03, 0x08, 0x80, 0x00, 0x49, 0x00, 0x03, 0x00,
+  0x80, 0x00, 0x49, 0x00, 0x03, 0x01, 0x80, 0x00, 0x49, 0x00, 0x03, 0x02,
+  0x80, 0x00, 0x49, 0x00, 0x03, 0x08, 0x80, 0x00, 0x4E, 0x00, 0x03, 0x03,
+  0x80, 0x00, 0x4F, 0x00, 0x03, 0x00, 0x80, 0x00, 0x4F, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x4F, 0x00, 0x03, 0x02, 0x80, 0x00, 0x4F, 0x00, 0x03, 0x03,
+  0x80, 0x00, 0x4F, 0x00, 0x03, 0x08, 0x80, 0x00, 0x55, 0x00, 0x03, 0x00,
+  0x80, 0x00, 0x55, 0x00, 0x03, 0x01, 0x80, 0x00, 0x55, 0x00, 0x03, 0x02,
+  0x80, 0x00, 0x55, 0x00, 0x03, 0x08, 0x80, 0x00, 0x59, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x61, 0x00, 0x03, 0x00, 0x80, 0x00, 0x61, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x61, 0x00, 0x03, 0x02, 0x80, 0x00, 0x61, 0x00, 0x03, 0x03,
+  0x80, 0x00, 0x61, 0x00, 0x03, 0x08, 0x80, 0x00, 0x61, 0x00, 0x03, 0x0A,
+  0x80, 0x00, 0x63, 0x00, 0x03, 0x27, 0x80, 0x00, 0x65, 0x00, 0x03, 0x00,
+  0x80, 0x00, 0x65, 0x00, 0x03, 0x01, 0x80, 0x00, 0x65, 0x00, 0x03, 0x02,
+  0x80, 0x00, 0x65, 0x00, 0x03, 0x08, 0x80, 0x00, 0x69, 0x00, 0x03, 0x00,
+  0x80, 0x00, 0x69, 0x00, 0x03, 0x01, 0x80, 0x00, 0x69, 0x00, 0x03, 0x02,
+  0x80, 0x00, 0x69, 0x00, 0x03, 0x08, 0x80, 0x00, 0x6E, 0x00, 0x03, 0x03,
+  0x80, 0x00, 0x6F, 0x00, 0x03, 0x00, 0x80, 0x00, 0x6F, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x6F, 0x00, 0x03, 0x02, 0x80, 0x00, 0x6F, 0x00, 0x03, 0x03,
+  0x80, 0x00, 0x6F, 0x00, 0x03, 0x08, 0x80, 0x00, 0x75, 0x00, 0x03, 0x00,
+  0x80, 0x00, 0x75, 0x00, 0x03, 0x01, 0x80, 0x00, 0x75, 0x00, 0x03, 0x02,
+  0x80, 0x00, 0x75, 0x00, 0x03, 0x08, 0x80, 0x00, 0x79, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x79, 0x00, 0x03, 0x08, 0x80, 0x00, 0x41, 0x00, 0x03, 0x04,
+  0x80, 0x00, 0x61, 0x00, 0x03, 0x04, 0x80, 0x00, 0x41, 0x00, 0x03, 0x06,
+  0x80, 0x00, 0x61, 0x00, 0x03, 0x06, 0x80, 0x00, 0x41, 0x00, 0x03, 0x28,
+  0x80, 0x00, 0x61, 0x00, 0x03, 0x28, 0x80, 0x00, 0x43, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x63, 0x00, 0x03, 0x01, 0x80, 0x00, 0x43, 0x00, 0x03, 0x02,
+  0x80, 0x00, 0x63, 0x00, 0x03, 0x02, 0x80, 0x00, 0x43, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x63, 0x00, 0x03, 0x07, 0x80, 0x00, 0x43, 0x00, 0x03, 0x0C,
+  0x80, 0x00, 0x63, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x44, 0x00, 0x03, 0x0C,
+  0x80, 0x00, 0x64, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x45, 0x00, 0x03, 0x04,
+  0x80, 0x00, 0x65, 0x00, 0x03, 0x04, 0x80, 0x00, 0x45, 0x00, 0x03, 0x06,
+  0x80, 0x00, 0x65, 0x00, 0x03, 0x06, 0x80, 0x00, 0x45, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x65, 0x00, 0x03, 0x07, 0x80, 0x00, 0x45, 0x00, 0x03, 0x28,
+  0x80, 0x00, 0x65, 0x00, 0x03, 0x28, 0x80, 0x00, 0x45, 0x00, 0x03, 0x0C,
+  0x80, 0x00, 0x65, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x47, 0x00, 0x03, 0x02,
+  0x80, 0x00, 0x67, 0x00, 0x03, 0x02, 0x80, 0x00, 0x47, 0x00, 0x03, 0x06,
+  0x80, 0x00, 0x67, 0x00, 0x03, 0x06, 0x80, 0x00, 0x47, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x67, 0x00, 0x03, 0x07, 0x80, 0x00, 0x47, 0x00, 0x03, 0x27,
+  0x80, 0x00, 0x67, 0x00, 0x03, 0x27, 0x80, 0x00, 0x48, 0x00, 0x03, 0x02,
+  0x80, 0x00, 0x68, 0x00, 0x03, 0x02, 0x80, 0x00, 0x49, 0x00, 0x03, 0x03,
+  0x80, 0x00, 0x69, 0x00, 0x03, 0x03, 0x80, 0x00, 0x49, 0x00, 0x03, 0x04,
+  0x80, 0x00, 0x69, 0x00, 0x03, 0x04, 0x80, 0x00, 0x49, 0x00, 0x03, 0x06,
+  0x80, 0x00, 0x69, 0x00, 0x03, 0x06, 0x80, 0x00, 0x49, 0x00, 0x03, 0x28,
+  0x80, 0x00, 0x69, 0x00, 0x03, 0x28, 0x80, 0x00, 0x49, 0x00, 0x03, 0x07,
+  0xC0, 0x00, 0x49, 0x00, 0x00, 0x4A, 0xC0, 0x00, 0x69, 0x00, 0x00, 0x6A,
+  0x80, 0x00, 0x4A, 0x00, 0x03, 0x02, 0x80, 0x00, 0x6A, 0x00, 0x03, 0x02,
+  0x80, 0x00, 0x4B, 0x00, 0x03, 0x27, 0x80, 0x00, 0x6B, 0x00, 0x03, 0x27,
+  0x80, 0x00, 0x4C, 0x00, 0x03, 0x01, 0x80, 0x00, 0x6C, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x4C, 0x00, 0x03, 0x27, 0x80, 0x00, 0x6C, 0x00, 0x03, 0x27,
+  0x80, 0x00, 0x4C, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x6C, 0x00, 0x03, 0x0C,
+  0xC0, 0x00, 0x4C, 0x00, 0x00, 0xB7, 0xC0, 0x00, 0x6C, 0x00, 0x00, 0xB7,
+  0x80, 0x00, 0x4E, 0x00, 0x03, 0x01, 0x80, 0x00, 0x6E, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x4E, 0x00, 0x03, 0x27, 0x80, 0x00, 0x6E, 0x00, 0x03, 0x27,
+  0x80, 0x00, 0x4E, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x6E, 0x00, 0x03, 0x0C,
+  0xC0, 0x02, 0xBC, 0x00, 0x00, 0x6E, 0x80, 0x00, 0x4F, 0x00, 0x03, 0x04,
+  0x80, 0x00, 0x6F, 0x00, 0x03, 0x04, 0x80, 0x00, 0x4F, 0x00, 0x03, 0x06,
+  0x80, 0x00, 0x6F, 0x00, 0x03, 0x06, 0x80, 0x00, 0x4F, 0x00, 0x03, 0x0B,
+  0x80, 0x00, 0x6F, 0x00, 0x03, 0x0B, 0x80, 0x00, 0x52, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x72, 0x00, 0x03, 0x01, 0x80, 0x00, 0x52, 0x00, 0x03, 0x27,
+  0x80, 0x00, 0x72, 0x00, 0x03, 0x27, 0x80, 0x00, 0x52, 0x00, 0x03, 0x0C,
+  0x80, 0x00, 0x72, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x53, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x73, 0x00, 0x03, 0x01, 0x80, 0x00, 0x53, 0x00, 0x03, 0x02,
+  0x80, 0x00, 0x73, 0x00, 0x03, 0x02, 0x80, 0x00, 0x53, 0x00, 0x03, 0x27,
+  0x80, 0x00, 0x73, 0x00, 0x03, 0x27, 0x80, 0x00, 0x53, 0x00, 0x03, 0x0C,
+  0x80, 0x00, 0x73, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x54, 0x00, 0x03, 0x27,
+  0x80, 0x00, 0x74, 0x00, 0x03, 0x27, 0x80, 0x00, 0x54, 0x00, 0x03, 0x0C,
+  0x80, 0x00, 0x74, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x55, 0x00, 0x03, 0x03,
+  0x80, 0x00, 0x75, 0x00, 0x03, 0x03, 0x80, 0x00, 0x55, 0x00, 0x03, 0x04,
+  0x80, 0x00, 0x75, 0x00, 0x03, 0x04, 0x80, 0x00, 0x55, 0x00, 0x03, 0x06,
+  0x80, 0x00, 0x75, 0x00, 0x03, 0x06, 0x80, 0x00, 0x55, 0x00, 0x03, 0x0A,
+  0x80, 0x00, 0x75, 0x00, 0x03, 0x0A, 0x80, 0x00, 0x55, 0x00, 0x03, 0x0B,
+  0x80, 0x00, 0x75, 0x00, 0x03, 0x0B, 0x80, 0x00, 0x55, 0x00, 0x03, 0x28,
+  0x80, 0x00, 0x75, 0x00, 0x03, 0x28, 0x80, 0x00, 0x57, 0x00, 0x03, 0x02,
+  0x80, 0x00, 0x77, 0x00, 0x03, 0x02, 0x80, 0x00, 0x59, 0x00, 0x03, 0x02,
+  0x80, 0x00, 0x79, 0x00, 0x03, 0x02, 0x80, 0x00, 0x59, 0x00, 0x03, 0x08,
+  0x80, 0x00, 0x5A, 0x00, 0x03, 0x01, 0x80, 0x00, 0x7A, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x5A, 0x00, 0x03, 0x07, 0x80, 0x00, 0x7A, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x5A, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x7A, 0x00, 0x03, 0x0C,
+  0x40, 0x00, 0x73, 0x80, 0x00, 0x4F, 0x00, 0x03, 0x1B, 0x80, 0x00, 0x6F,
+  0x00, 0x03, 0x1B, 0x80, 0x00, 0x55, 0x00, 0x03, 0x1B, 0x80, 0x00, 0x75,
+  0x00, 0x03, 0x1B, 0xC0, 0x00, 0x44, 0x00, 0x01, 0x7D, 0xC0, 0x00, 0x44,
+  0x00, 0x01, 0x7E, 0xC0, 0x00, 0x64, 0x00, 0x01, 0x7E, 0xC0, 0x00, 0x4C,
+  0x00, 0x00, 0x4A, 0xC0, 0x00, 0x4C, 0x00, 0x00, 0x6A, 0xC0, 0x00, 0x6C,
+  0x00, 0x00, 0x6A, 0xC0, 0x00, 0x4E, 0x00, 0x00, 0x4A, 0xC0, 0x00, 0x4E,
+  0x00, 0x00, 0x6A, 0xC0, 0x00, 0x6E, 0x00, 0x00, 0x6A, 0x80, 0x00, 0x41,
+  0x00, 0x03, 0x0C, 0x80, 0x00, 0x61, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x49,
+  0x00, 0x03, 0x0C, 0x80, 0x00, 0x69, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x4F,
+  0x00, 0x03, 0x0C, 0x80, 0x00, 0x6F, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x55,
+  0x00, 0x03, 0x0C, 0x80, 0x00, 0x75, 0x00, 0x03, 0x0C, 0x80, 0x00, 0xDC,
+  0x00, 0x03, 0x04, 0x80, 0x00, 0xFC, 0x00, 0x03, 0x04, 0x80, 0x00, 0xDC,
+  0x00, 0x03, 0x01, 0x80, 0x00, 0xFC, 0x00, 0x03, 0x01, 0x80, 0x00, 0xDC,
+  0x00, 0x03, 0x0C, 0x80, 0x00, 0xFC, 0x00, 0x03, 0x0C, 0x80, 0x00, 0xDC,
+  0x00, 0x03, 0x00, 0x80, 0x00, 0xFC, 0x00, 0x03, 0x00, 0x80, 0x00, 0xC4,
+  0x00, 0x03, 0x04, 0x80, 0x00, 0xE4, 0x00, 0x03, 0x04, 0x80, 0x02, 0x26,
+  0x00, 0x03, 0x04, 0x80, 0x02, 0x27, 0x00, 0x03, 0x04, 0x80, 0x00, 0xC6,
+  0x00, 0x03, 0x04, 0x80, 0x00, 0xE6, 0x00, 0x03, 0x04, 0x80, 0x00, 0x47,
+  0x00, 0x03, 0x0C, 0x80, 0x00, 0x67, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x4B,
+  0x00, 0x03, 0x0C, 0x80, 0x00, 0x6B, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x4F,
+  0x00, 0x03, 0x28, 0x80, 0x00, 0x6F, 0x00, 0x03, 0x28, 0x80, 0x01, 0xEA,
+  0x00, 0x03, 0x04, 0x80, 0x01, 0xEB, 0x00, 0x03, 0x04, 0x80, 0x01, 0xB7,
+  0x00, 0x03, 0x0C, 0x80, 0x02, 0x92, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x6A,
+  0x00, 0x03, 0x0C, 0xC0, 0x00, 0x44, 0x00, 0x00, 0x5A, 0xC0, 0x00, 0x44,
+  0x00, 0x00, 0x7A, 0xC0, 0x00, 0x64, 0x00, 0x00, 0x7A, 0x80, 0x00, 0x47,
+  0x00, 0x03, 0x01, 0x80, 0x00, 0x67, 0x00, 0x03, 0x01, 0x80, 0x00, 0x4E,
+  0x00, 0x03, 0x00, 0x80, 0x00, 0x6E, 0x00, 0x03, 0x00, 0x80, 0x00, 0xC5,
+  0x00, 0x03, 0x01, 0x80, 0x00, 0xE5, 0x00, 0x03, 0x01, 0x80, 0x00, 0xC6,
+  0x00, 0x03, 0x01, 0x80, 0x00, 0xE6, 0x00, 0x03, 0x01, 0x80, 0x00, 0xD8,
+  0x00, 0x03, 0x01, 0x80, 0x00, 0xF8, 0x00, 0x03, 0x01, 0x80, 0x00, 0x41,
+  0x00, 0x03, 0x0F, 0x80, 0x00, 0x61, 0x00, 0x03, 0x0F, 0x80, 0x00, 0x41,
+  0x00, 0x03, 0x11, 0x80, 0x00, 0x61, 0x00, 0x03, 0x11, 0x80, 0x00, 0x45,
+  0x00, 0x03, 0x0F, 0x80, 0x00, 0x65, 0x00, 0x03, 0x0F, 0x80, 0x00, 0x45,
+  0x00, 0x03, 0x11, 0x80, 0x00, 0x65, 0x00, 0x03, 0x11, 0x80, 0x00, 0x49,
+  0x00, 0x03, 0x0F, 0x80, 0x00, 0x69, 0x00, 0x03, 0x0F, 0x80, 0x00, 0x49,
+  0x00, 0x03, 0x11, 0x80, 0x00, 0x69, 0x00, 0x03, 0x11, 0x80, 0x00, 0x4F,
+  0x00, 0x03, 0x0F, 0x80, 0x00, 0x6F, 0x00, 0x03, 0x0F, 0x80, 0x00, 0x4F,
+  0x00, 0x03, 0x11, 0x80, 0x00, 0x6F, 0x00, 0x03, 0x11, 0x80, 0x00, 0x52,
+  0x00, 0x03, 0x0F, 0x80, 0x00, 0x72, 0x00, 0x03, 0x0F, 0x80, 0x00, 0x52,
+  0x00, 0x03, 0x11, 0x80, 0x00, 0x72, 0x00, 0x03, 0x11, 0x80, 0x00, 0x55,
+  0x00, 0x03, 0x0F, 0x80, 0x00, 0x75, 0x00, 0x03, 0x0F, 0x80, 0x00, 0x55,
+  0x00, 0x03, 0x11, 0x80, 0x00, 0x75, 0x00, 0x03, 0x11, 0x80, 0x00, 0x53,
+  0x00, 0x03, 0x26, 0x80, 0x00, 0x73, 0x00, 0x03, 0x26, 0x80, 0x00, 0x54,
+  0x00, 0x03, 0x26, 0x80, 0x00, 0x74, 0x00, 0x03, 0x26, 0x80, 0x00, 0x48,
+  0x00, 0x03, 0x0C, 0x80, 0x00, 0x68, 0x00, 0x03, 0x0C, 0x80, 0x00, 0x41,
+  0x00, 0x03, 0x07, 0x80, 0x00, 0x61, 0x00, 0x03, 0x07, 0x80, 0x00, 0x45,
+  0x00, 0x03, 0x27, 0x80, 0x00, 0x65, 0x00, 0x03, 0x27, 0x80, 0x00, 0xD6,
+  0x00, 0x03, 0x04, 0x80, 0x00, 0xF6, 0x00, 0x03, 0x04, 0x80, 0x00, 0xD5,
+  0x00, 0x03, 0x04, 0x80, 0x00, 0xF5, 0x00, 0x03, 0x04, 0x80, 0x00, 0x4F,
+  0x00, 0x03, 0x07, 0x80, 0x00, 0x6F, 0x00, 0x03, 0x07, 0x80, 0x02, 0x2E,
+  0x00, 0x03, 0x04, 0x80, 0x02, 0x2F, 0x00, 0x03, 0x04, 0x80, 0x00, 0x59,
+  0x00, 0x03, 0x04, 0x80, 0x00, 0x79, 0x00, 0x03, 0x04, 0x20, 0x00, 0x68,
+  0x20, 0x02, 0x66, 0x20, 0x00, 0x6A, 0x20, 0x00, 0x72, 0x20, 0x02, 0x79,
+  0x20, 0x02, 0x7B, 0x20, 0x02, 0x81, 0x20, 0x00, 0x77, 0x20, 0x00, 0x79,
+  0xC0, 0x00, 0x20, 0x00, 0x03, 0x06, 0xC0, 0x00, 0x20, 0x00, 0x03, 0x07,
+  0xC0, 0x00, 0x20, 0x00, 0x03, 0x0A, 0xC0, 0x00, 0x20, 0x00, 0x03, 0x28,
+  0xC0, 0x00, 0x20, 0x00, 0x03, 0x03, 0xC0, 0x00, 0x20, 0x00, 0x03, 0x0B,
+  0x20, 0x02, 0x63, 0x20, 0x00, 0x6C, 0x20, 0x00, 0x73, 0x20, 0x00, 0x78,
+  0x20, 0x02, 0x95, 0x00, 0x03, 0x00, 0x00, 0x03, 0x01, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0x08, 0x00, 0x03, 0x01, 0x00, 0x02, 0xB9, 0xC0, 0x00, 0x20,
+  0x00, 0x03, 0x45, 0x00, 0x00, 0x3B, 0xC0, 0x00, 0x20, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0xA8, 0x00, 0x03, 0x01, 0x80, 0x03, 0x91, 0x00, 0x03, 0x01,
+  0x00, 0x00, 0xB7, 0x80, 0x03, 0x95, 0x00, 0x03, 0x01, 0x80, 0x03, 0x97,
+  0x00, 0x03, 0x01, 0x80, 0x03, 0x99, 0x00, 0x03, 0x01, 0x80, 0x03, 0x9F,
+  0x00, 0x03, 0x01, 0x80, 0x03, 0xA5, 0x00, 0x03, 0x01, 0x80, 0x03, 0xA9,
+  0x00, 0x03, 0x01, 0x80, 0x03, 0xCA, 0x00, 0x03, 0x01, 0x80, 0x03, 0x99,
+  0x00, 0x03, 0x08, 0x80, 0x03, 0xA5, 0x00, 0x03, 0x08, 0x80, 0x03, 0xB1,
+  0x00, 0x03, 0x01, 0x80, 0x03, 0xB5, 0x00, 0x03, 0x01, 0x80, 0x03, 0xB7,
+  0x00, 0x03, 0x01, 0x80, 0x03, 0xB9, 0x00, 0x03, 0x01, 0x80, 0x03, 0xCB,
+  0x00, 0x03, 0x01, 0x80, 0x03, 0xB9, 0x00, 0x03, 0x08, 0x80, 0x03, 0xC5,
+  0x00, 0x03, 0x08, 0x80, 0x03, 0xBF, 0x00, 0x03, 0x01, 0x80, 0x03, 0xC5,
+  0x00, 0x03, 0x01, 0x80, 0x03, 0xC9, 0x00, 0x03, 0x01, 0x40, 0x03, 0xB2,
+  0x40, 0x03, 0xB8, 0x40, 0x03, 0xA5, 0x80, 0x03, 0xD2, 0x00, 0x03, 0x01,
+  0x80, 0x03, 0xD2, 0x00, 0x03, 0x08, 0x40, 0x03, 0xC6, 0x40, 0x03, 0xC0,
+  0x40, 0x03, 0xBA, 0x40, 0x03, 0xC1, 0x40, 0x03, 0xC2, 0x40, 0x03, 0x98,
+  0x40, 0x03, 0xB5, 0x40, 0x03, 0xA3, 0x80, 0x04, 0x15, 0x00, 0x03, 0x00,
+  0x80, 0x04, 0x15, 0x00, 0x03, 0x08, 0x80, 0x04, 0x13, 0x00, 0x03, 0x01,
+  0x80, 0x04, 0x06, 0x00, 0x03, 0x08, 0x80, 0x04, 0x1A, 0x00, 0x03, 0x01,
+  0x80, 0x04, 0x18, 0x00, 0x03, 0x00, 0x80, 0x04, 0x23, 0x00, 0x03, 0x06,
+  0x80, 0x04, 0x18, 0x00, 0x03, 0x06, 0x80, 0x04, 0x38, 0x00, 0x03, 0x06,
+  0x80, 0x04, 0x35, 0x00, 0x03, 0x00, 0x80, 0x04, 0x35, 0x00, 0x03, 0x08,
+  0x80, 0x04, 0x33, 0x00, 0x03, 0x01, 0x80, 0x04, 0x56, 0x00, 0x03, 0x08,
+  0x80, 0x04, 0x3A, 0x00, 0x03, 0x01, 0x80, 0x04, 0x38, 0x00, 0x03, 0x00,
+  0x80, 0x04, 0x43, 0x00, 0x03, 0x06, 0x80, 0x04, 0x74, 0x00, 0x03, 0x0F,
+  0x80, 0x04, 0x75, 0x00, 0x03, 0x0F, 0x80, 0x04, 0x16, 0x00, 0x03, 0x06,
+  0x80, 0x04, 0x36, 0x00, 0x03, 0x06, 0x80, 0x04, 0x10, 0x00, 0x03, 0x06,
+  0x80, 0x04, 0x30, 0x00, 0x03, 0x06, 0x80, 0x04, 0x10, 0x00, 0x03, 0x08,
+  0x80, 0x04, 0x30, 0x00, 0x03, 0x08, 0x80, 0x04, 0x15, 0x00, 0x03, 0x06,
+  0x80, 0x04, 0x35, 0x00, 0x03, 0x06, 0x80, 0x04, 0xD8, 0x00, 0x03, 0x08,
+  0x80, 0x04, 0xD9, 0x00, 0x03, 0x08, 0x80, 0x04, 0x16, 0x00, 0x03, 0x08,
+  0x80, 0x04, 0x36, 0x00, 0x03, 0x08, 0x80, 0x04, 0x17, 0x00, 0x03, 0x08,
+  0x80, 0x04, 0x37, 0x00, 0x03, 0x08, 0x80, 0x04, 0x18, 0x00, 0x03, 0x04,
+  0x80, 0x04, 0x38, 0x00, 0x03, 0x04, 0x80, 0x04, 0x18, 0x00, 0x03, 0x08,
+  0x80, 0x04, 0x38, 0x00, 0x03, 0x08, 0x80, 0x04, 0x1E, 0x00, 0x03, 0x08,
+  0x80, 0x04, 0x3E, 0x00, 0x03, 0x08, 0x80, 0x04, 0xE8, 0x00, 0x03, 0x08,
+  0x80, 0x04, 0xE9, 0x00, 0x03, 0x08, 0x80, 0x04, 0x2D, 0x00, 0x03, 0x08,
+  0x80, 0x04, 0x4D, 0x00, 0x03, 0x08, 0x80, 0x04, 0x23, 0x00, 0x03, 0x04,
+  0x80, 0x04, 0x43, 0x00, 0x03, 0x04, 0x80, 0x04, 0x23, 0x00, 0x03, 0x08,
+  0x80, 0x04, 0x43, 0x00, 0x03, 0x08, 0x80, 0x04, 0x23, 0x00, 0x03, 0x0B,
+  0x80, 0x04, 0x43, 0x00, 0x03, 0x0B, 0x80, 0x04, 0x27, 0x00, 0x03, 0x08,
+  0x80, 0x04, 0x47, 0x00, 0x03, 0x08, 0x80, 0x04, 0x2B, 0x00, 0x03, 0x08,
+  0x80, 0x04, 0x4B, 0x00, 0x03, 0x08, 0xC0, 0x05, 0x65, 0x00, 0x05, 0x82,
+  0x80, 0x06, 0x27, 0x00, 0x06, 0x53, 0x80, 0x06, 0x27, 0x00, 0x06, 0x54,
+  0x80, 0x06, 0x48, 0x00, 0x06, 0x54, 0x80, 0x06, 0x27, 0x00, 0x06, 0x55,
+  0x80, 0x06, 0x4A, 0x00, 0x06, 0x54, 0xC0, 0x06, 0x27, 0x00, 0x06, 0x74,
+  0xC0, 0x06, 0x48, 0x00, 0x06, 0x74, 0xC0, 0x06, 0xC7, 0x00, 0x06, 0x74,
+  0xC0, 0x06, 0x4A, 0x00, 0x06, 0x74, 0x80, 0x06, 0xD5, 0x00, 0x06, 0x54,
+  0x80, 0x06, 0xC1, 0x00, 0x06, 0x54, 0x80, 0x06, 0xD2, 0x00, 0x06, 0x54,
+  0x80, 0x09, 0x28, 0x00, 0x09, 0x3C, 0x80, 0x09, 0x30, 0x00, 0x09, 0x3C,
+  0x80, 0x09, 0x33, 0x00, 0x09, 0x3C, 0x80, 0x09, 0x15, 0x00, 0x09, 0x3C,
+  0x80, 0x09, 0x16, 0x00, 0x09, 0x3C, 0x80, 0x09, 0x17, 0x00, 0x09, 0x3C,
+  0x80, 0x09, 0x1C, 0x00, 0x09, 0x3C, 0x80, 0x09, 0x21, 0x00, 0x09, 0x3C,
+  0x80, 0x09, 0x22, 0x00, 0x09, 0x3C, 0x80, 0x09, 0x2B, 0x00, 0x09, 0x3C,
+  0x80, 0x09, 0x2F, 0x00, 0x09, 0x3C, 0x80, 0x09, 0xC7, 0x00, 0x09, 0xBE,
+  0x80, 0x09, 0xC7, 0x00, 0x09, 0xD7, 0x80, 0x09, 0xA1, 0x00, 0x09, 0xBC,
+  0x80, 0x09, 0xA2, 0x00, 0x09, 0xBC, 0x80, 0x09, 0xAF, 0x00, 0x09, 0xBC,
+  0x80, 0x0A, 0x32, 0x00, 0x0A, 0x3C, 0x80, 0x0A, 0x38, 0x00, 0x0A, 0x3C,
+  0x80, 0x0A, 0x16, 0x00, 0x0A, 0x3C, 0x80, 0x0A, 0x17, 0x00, 0x0A, 0x3C,
+  0x80, 0x0A, 0x1C, 0x00, 0x0A, 0x3C, 0x80, 0x0A, 0x2B, 0x00, 0x0A, 0x3C,
+  0x80, 0x0B, 0x47, 0x00, 0x0B, 0x56, 0x80, 0x0B, 0x47, 0x00, 0x0B, 0x3E,
+  0x80, 0x0B, 0x47, 0x00, 0x0B, 0x57, 0x80, 0x0B, 0x21, 0x00, 0x0B, 0x3C,
+  0x80, 0x0B, 0x22, 0x00, 0x0B, 0x3C, 0x80, 0x0B, 0x92, 0x00, 0x0B, 0xD7,
+  0x80, 0x0B, 0xC6, 0x00, 0x0B, 0xBE, 0x80, 0x0B, 0xC7, 0x00, 0x0B, 0xBE,
+  0x80, 0x0B, 0xC6, 0x00, 0x0B, 0xD7, 0x80, 0x0C, 0x46, 0x00, 0x0C, 0x56,
+  0x80, 0x0C, 0xBF, 0x00, 0x0C, 0xD5, 0x80, 0x0C, 0xC6, 0x00, 0x0C, 0xD5,
+  0x80, 0x0C, 0xC6, 0x00, 0x0C, 0xD6, 0x80, 0x0C, 0xC6, 0x00, 0x0C, 0xC2,
+  0x80, 0x0C, 0xCA, 0x00, 0x0C, 0xD5, 0x80, 0x0D, 0x46, 0x00, 0x0D, 0x3E,
+  0x80, 0x0D, 0x47, 0x00, 0x0D, 0x3E, 0x80, 0x0D, 0x46, 0x00, 0x0D, 0x57,
+  0x80, 0x0D, 0xD9, 0x00, 0x0D, 0xCA, 0x80, 0x0D, 0xD9, 0x00, 0x0D, 0xCF,
+  0x80, 0x0D, 0xDC, 0x00, 0x0D, 0xCA, 0x80, 0x0D, 0xD9, 0x00, 0x0D, 0xDF,
+  0xC0, 0x0E, 0x4D, 0x00, 0x0E, 0x32, 0xC0, 0x0E, 0xCD, 0x00, 0x0E, 0xB2,
+  0xC0, 0x0E, 0xAB, 0x00, 0x0E, 0x99, 0xC0, 0x0E, 0xAB, 0x00, 0x0E, 0xA1,
+  0x08, 0x0F, 0x0B, 0x80, 0x0F, 0x42, 0x00, 0x0F, 0xB7, 0x80, 0x0F, 0x4C,
+  0x00, 0x0F, 0xB7, 0x80, 0x0F, 0x51, 0x00, 0x0F, 0xB7, 0x80, 0x0F, 0x56,
+  0x00, 0x0F, 0xB7, 0x80, 0x0F, 0x5B, 0x00, 0x0F, 0xB7, 0x80, 0x0F, 0x40,
+  0x00, 0x0F, 0xB5, 0x80, 0x0F, 0x71, 0x00, 0x0F, 0x72, 0x80, 0x0F, 0x71,
+  0x00, 0x0F, 0x74, 0x80, 0x0F, 0xB2, 0x00, 0x0F, 0x80, 0xC0, 0x0F, 0xB2,
+  0x00, 0x0F, 0x81, 0x80, 0x0F, 0xB3, 0x00, 0x0F, 0x80, 0xC0, 0x0F, 0xB3,
+  0x00, 0x0F, 0x81, 0x80, 0x0F, 0x71, 0x00, 0x0F, 0x80, 0x80, 0x0F, 0x92,
+  0x00, 0x0F, 0xB7, 0x80, 0x0F, 0x9C, 0x00, 0x0F, 0xB7, 0x80, 0x0F, 0xA1,
+  0x00, 0x0F, 0xB7, 0x80, 0x0F, 0xA6, 0x00, 0x0F, 0xB7, 0x80, 0x0F, 0xAB,
+  0x00, 0x0F, 0xB7, 0x80, 0x0F, 0x90, 0x00, 0x0F, 0xB5, 0x80, 0x10, 0x25,
+  0x00, 0x10, 0x2E, 0x20, 0x10, 0xDC, 0x80, 0x1B, 0x05, 0x00, 0x1B, 0x35,
+  0x80, 0x1B, 0x07, 0x00, 0x1B, 0x35, 0x80, 0x1B, 0x09, 0x00, 0x1B, 0x35,
+  0x80, 0x1B, 0x0B, 0x00, 0x1B, 0x35, 0x80, 0x1B, 0x0D, 0x00, 0x1B, 0x35,
+  0x80, 0x1B, 0x11, 0x00, 0x1B, 0x35, 0x80, 0x1B, 0x3A, 0x00, 0x1B, 0x35,
+  0x80, 0x1B, 0x3C, 0x00, 0x1B, 0x35, 0x80, 0x1B, 0x3E, 0x00, 0x1B, 0x35,
+  0x80, 0x1B, 0x3F, 0x00, 0x1B, 0x35, 0x80, 0x1B, 0x42, 0x00, 0x1B, 0x35,
+  0x20, 0x00, 0x41, 0x20, 0x00, 0xC6, 0x20, 0x00, 0x42, 0x20, 0x00, 0x44,
+  0x20, 0x00, 0x45, 0x20, 0x01, 0x8E, 0x20, 0x00, 0x47, 0x20, 0x00, 0x48,
+  0x20, 0x00, 0x49, 0x20, 0x00, 0x4A, 0x20, 0x00, 0x4B, 0x20, 0x00, 0x4C,
+  0x20, 0x00, 0x4D, 0x20, 0x00, 0x4E, 0x20, 0x00, 0x4F, 0x20, 0x02, 0x22,
+  0x20, 0x00, 0x50, 0x20, 0x00, 0x52, 0x20, 0x00, 0x54, 0x20, 0x00, 0x55,
+  0x20, 0x00, 0x57, 0x20, 0x00, 0x61, 0x20, 0x02, 0x50, 0x20, 0x02, 0x51,
+  0x20, 0x1D, 0x02, 0x20, 0x00, 0x62, 0x20, 0x00, 0x64, 0x20, 0x00, 0x65,
+  0x20, 0x02, 0x59, 0x20, 0x02, 0x5B, 0x20, 0x02, 0x5C, 0x20, 0x00, 0x67,
+  0x20, 0x00, 0x6B, 0x20, 0x00, 0x6D, 0x20, 0x01, 0x4B, 0x20, 0x00, 0x6F,
+  0x20, 0x02, 0x54, 0x20, 0x1D, 0x16, 0x20, 0x1D, 0x17, 0x20, 0x00, 0x70,
+  0x20, 0x00, 0x74, 0x20, 0x00, 0x75, 0x20, 0x1D, 0x1D, 0x20, 0x02, 0x6F,
+  0x20, 0x00, 0x76, 0x20, 0x1D, 0x25, 0x20, 0x03, 0xB2, 0x20, 0x03, 0xB3,
+  0x20, 0x03, 0xB4, 0x20, 0x03, 0xC6, 0x20, 0x03, 0xC7, 0x24, 0x00, 0x69,
+  0x24, 0x00, 0x72, 0x24, 0x00, 0x75, 0x24, 0x00, 0x76, 0x24, 0x03, 0xB2,
+  0x24, 0x03, 0xB3, 0x24, 0x03, 0xC1, 0x24, 0x03, 0xC6, 0x24, 0x03, 0xC7,
+  0x20, 0x04, 0x3D, 0x20, 0x02, 0x52, 0x20, 0x00, 0x63, 0x20, 0x02, 0x55,
+  0x20, 0x00, 0xF0, 0x20, 0x02, 0x5C, 0x20, 0x00, 0x66, 0x20, 0x02, 0x5F,
+  0x20, 0x02, 0x61, 0x20, 0x02, 0x65, 0x20, 0x02, 0x68, 0x20, 0x02, 0x69,
+  0x20, 0x02, 0x6A, 0x20, 0x1D, 0x7B, 0x20, 0x02, 0x9D, 0x20, 0x02, 0x6D,
+  0x20, 0x1D, 0x85, 0x20, 0x02, 0x9F, 0x20, 0x02, 0x71, 0x20, 0x02, 0x70,
+  0x20, 0x02, 0x72, 0x20, 0x02, 0x73, 0x20, 0x02, 0x74, 0x20, 0x02, 0x75,
+  0x20, 0x02, 0x78, 0x20, 0x02, 0x82, 0x20, 0x02, 0x83, 0x20, 0x01, 0xAB,
+  0x20, 0x02, 0x89, 0x20, 0x02, 0x8A, 0x20, 0x1D, 0x1C, 0x20, 0x02, 0x8B,
+  0x20, 0x02, 0x8C, 0x20, 0x00, 0x7A, 0x20, 0x02, 0x90, 0x20, 0x02, 0x91,
+  0x20, 0x02, 0x92, 0x20, 0x03, 0xB8, 0x80, 0x00, 0x41, 0x00, 0x03, 0x25,
+  0x80, 0x00, 0x61, 0x00, 0x03, 0x25, 0x80, 0x00, 0x42, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x62, 0x00, 0x03, 0x07, 0x80, 0x00, 0x42, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x62, 0x00, 0x03, 0x23, 0x80, 0x00, 0x42, 0x00, 0x03, 0x31,
+  0x80, 0x00, 0x62, 0x00, 0x03, 0x31, 0x80, 0x00, 0xC7, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0xE7, 0x00, 0x03, 0x01, 0x80, 0x00, 0x44, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x64, 0x00, 0x03, 0x07, 0x80, 0x00, 0x44, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x64, 0x00, 0x03, 0x23, 0x80, 0x00, 0x44, 0x00, 0x03, 0x31,
+  0x80, 0x00, 0x64, 0x00, 0x03, 0x31, 0x80, 0x00, 0x44, 0x00, 0x03, 0x27,
+  0x80, 0x00, 0x64, 0x00, 0x03, 0x27, 0x80, 0x00, 0x44, 0x00, 0x03, 0x2D,
+  0x80, 0x00, 0x64, 0x00, 0x03, 0x2D, 0x80, 0x01, 0x12, 0x00, 0x03, 0x00,
+  0x80, 0x01, 0x13, 0x00, 0x03, 0x00, 0x80, 0x01, 0x12, 0x00, 0x03, 0x01,
+  0x80, 0x01, 0x13, 0x00, 0x03, 0x01, 0x80, 0x00, 0x45, 0x00, 0x03, 0x2D,
+  0x80, 0x00, 0x65, 0x00, 0x03, 0x2D, 0x80, 0x00, 0x45, 0x00, 0x03, 0x30,
+  0x80, 0x00, 0x65, 0x00, 0x03, 0x30, 0x80, 0x02, 0x28, 0x00, 0x03, 0x06,
+  0x80, 0x02, 0x29, 0x00, 0x03, 0x06, 0x80, 0x00, 0x46, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x66, 0x00, 0x03, 0x07, 0x80, 0x00, 0x47, 0x00, 0x03, 0x04,
+  0x80, 0x00, 0x67, 0x00, 0x03, 0x04, 0x80, 0x00, 0x48, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x68, 0x00, 0x03, 0x07, 0x80, 0x00, 0x48, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x68, 0x00, 0x03, 0x23, 0x80, 0x00, 0x48, 0x00, 0x03, 0x08,
+  0x80, 0x00, 0x68, 0x00, 0x03, 0x08, 0x80, 0x00, 0x48, 0x00, 0x03, 0x27,
+  0x80, 0x00, 0x68, 0x00, 0x03, 0x27, 0x80, 0x00, 0x48, 0x00, 0x03, 0x2E,
+  0x80, 0x00, 0x68, 0x00, 0x03, 0x2E, 0x80, 0x00, 0x49, 0x00, 0x03, 0x30,
+  0x80, 0x00, 0x69, 0x00, 0x03, 0x30, 0x80, 0x00, 0xCF, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0xEF, 0x00, 0x03, 0x01, 0x80, 0x00, 0x4B, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x6B, 0x00, 0x03, 0x01, 0x80, 0x00, 0x4B, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x6B, 0x00, 0x03, 0x23, 0x80, 0x00, 0x4B, 0x00, 0x03, 0x31,
+  0x80, 0x00, 0x6B, 0x00, 0x03, 0x31, 0x80, 0x00, 0x4C, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x6C, 0x00, 0x03, 0x23, 0x80, 0x1E, 0x36, 0x00, 0x03, 0x04,
+  0x80, 0x1E, 0x37, 0x00, 0x03, 0x04, 0x80, 0x00, 0x4C, 0x00, 0x03, 0x31,
+  0x80, 0x00, 0x6C, 0x00, 0x03, 0x31, 0x80, 0x00, 0x4C, 0x00, 0x03, 0x2D,
+  0x80, 0x00, 0x6C, 0x00, 0x03, 0x2D, 0x80, 0x00, 0x4D, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x6D, 0x00, 0x03, 0x01, 0x80, 0x00, 0x4D, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x6D, 0x00, 0x03, 0x07, 0x80, 0x00, 0x4D, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x6D, 0x00, 0x03, 0x23, 0x80, 0x00, 0x4E, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x6E, 0x00, 0x03, 0x07, 0x80, 0x00, 0x4E, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x6E, 0x00, 0x03, 0x23, 0x80, 0x00, 0x4E, 0x00, 0x03, 0x31,
+  0x80, 0x00, 0x6E, 0x00, 0x03, 0x31, 0x80, 0x00, 0x4E, 0x00, 0x03, 0x2D,
+  0x80, 0x00, 0x6E, 0x00, 0x03, 0x2D, 0x80, 0x00, 0xD5, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0xF5, 0x00, 0x03, 0x01, 0x80, 0x00, 0xD5, 0x00, 0x03, 0x08,
+  0x80, 0x00, 0xF5, 0x00, 0x03, 0x08, 0x80, 0x01, 0x4C, 0x00, 0x03, 0x00,
+  0x80, 0x01, 0x4D, 0x00, 0x03, 0x00, 0x80, 0x01, 0x4C, 0x00, 0x03, 0x01,
+  0x80, 0x01, 0x4D, 0x00, 0x03, 0x01, 0x80, 0x00, 0x50, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x70, 0x00, 0x03, 0x01, 0x80, 0x00, 0x50, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x70, 0x00, 0x03, 0x07, 0x80, 0x00, 0x52, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x72, 0x00, 0x03, 0x07, 0x80, 0x00, 0x52, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x72, 0x00, 0x03, 0x23, 0x80, 0x1E, 0x5A, 0x00, 0x03, 0x04,
+  0x80, 0x1E, 0x5B, 0x00, 0x03, 0x04, 0x80, 0x00, 0x52, 0x00, 0x03, 0x31,
+  0x80, 0x00, 0x72, 0x00, 0x03, 0x31, 0x80, 0x00, 0x53, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x73, 0x00, 0x03, 0x07, 0x80, 0x00, 0x53, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x73, 0x00, 0x03, 0x23, 0x80, 0x01, 0x5A, 0x00, 0x03, 0x07,
+  0x80, 0x01, 0x5B, 0x00, 0x03, 0x07, 0x80, 0x01, 0x60, 0x00, 0x03, 0x07,
+  0x80, 0x01, 0x61, 0x00, 0x03, 0x07, 0x80, 0x1E, 0x62, 0x00, 0x03, 0x07,
+  0x80, 0x1E, 0x63, 0x00, 0x03, 0x07, 0x80, 0x00, 0x54, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x74, 0x00, 0x03, 0x07, 0x80, 0x00, 0x54, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x74, 0x00, 0x03, 0x23, 0x80, 0x00, 0x54, 0x00, 0x03, 0x31,
+  0x80, 0x00, 0x74, 0x00, 0x03, 0x31, 0x80, 0x00, 0x54, 0x00, 0x03, 0x2D,
+  0x80, 0x00, 0x74, 0x00, 0x03, 0x2D, 0x80, 0x00, 0x55, 0x00, 0x03, 0x24,
+  0x80, 0x00, 0x75, 0x00, 0x03, 0x24, 0x80, 0x00, 0x55, 0x00, 0x03, 0x30,
+  0x80, 0x00, 0x75, 0x00, 0x03, 0x30, 0x80, 0x00, 0x55, 0x00, 0x03, 0x2D,
+  0x80, 0x00, 0x75, 0x00, 0x03, 0x2D, 0x80, 0x01, 0x68, 0x00, 0x03, 0x01,
+  0x80, 0x01, 0x69, 0x00, 0x03, 0x01, 0x80, 0x01, 0x6A, 0x00, 0x03, 0x08,
+  0x80, 0x01, 0x6B, 0x00, 0x03, 0x08, 0x80, 0x00, 0x56, 0x00, 0x03, 0x03,
+  0x80, 0x00, 0x76, 0x00, 0x03, 0x03, 0x80, 0x00, 0x56, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x76, 0x00, 0x03, 0x23, 0x80, 0x00, 0x57, 0x00, 0x03, 0x00,
+  0x80, 0x00, 0x77, 0x00, 0x03, 0x00, 0x80, 0x00, 0x57, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0x77, 0x00, 0x03, 0x01, 0x80, 0x00, 0x57, 0x00, 0x03, 0x08,
+  0x80, 0x00, 0x77, 0x00, 0x03, 0x08, 0x80, 0x00, 0x57, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x77, 0x00, 0x03, 0x07, 0x80, 0x00, 0x57, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x77, 0x00, 0x03, 0x23, 0x80, 0x00, 0x58, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x78, 0x00, 0x03, 0x07, 0x80, 0x00, 0x58, 0x00, 0x03, 0x08,
+  0x80, 0x00, 0x78, 0x00, 0x03, 0x08, 0x80, 0x00, 0x59, 0x00, 0x03, 0x07,
+  0x80, 0x00, 0x79, 0x00, 0x03, 0x07, 0x80, 0x00, 0x5A, 0x00, 0x03, 0x02,
+  0x80, 0x00, 0x7A, 0x00, 0x03, 0x02, 0x80, 0x00, 0x5A, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x7A, 0x00, 0x03, 0x23, 0x80, 0x00, 0x5A, 0x00, 0x03, 0x31,
+  0x80, 0x00, 0x7A, 0x00, 0x03, 0x31, 0x80, 0x00, 0x68, 0x00, 0x03, 0x31,
+  0x80, 0x00, 0x74, 0x00, 0x03, 0x08, 0x80, 0x00, 0x77, 0x00, 0x03, 0x0A,
+  0x80, 0x00, 0x79, 0x00, 0x03, 0x0A, 0xC0, 0x00, 0x61, 0x00, 0x02, 0xBE,
+  0x80, 0x01, 0x7F, 0x00, 0x03, 0x07, 0x80, 0x00, 0x41, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x61, 0x00, 0x03, 0x23, 0x80, 0x00, 0x41, 0x00, 0x03, 0x09,
+  0x80, 0x00, 0x61, 0x00, 0x03, 0x09, 0x80, 0x00, 0xC2, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0xE2, 0x00, 0x03, 0x01, 0x80, 0x00, 0xC2, 0x00, 0x03, 0x00,
+  0x80, 0x00, 0xE2, 0x00, 0x03, 0x00, 0x80, 0x00, 0xC2, 0x00, 0x03, 0x09,
+  0x80, 0x00, 0xE2, 0x00, 0x03, 0x09, 0x80, 0x00, 0xC2, 0x00, 0x03, 0x03,
+  0x80, 0x00, 0xE2, 0x00, 0x03, 0x03, 0x80, 0x1E, 0xA0, 0x00, 0x03, 0x02,
+  0x80, 0x1E, 0xA1, 0x00, 0x03, 0x02, 0x80, 0x01, 0x02, 0x00, 0x03, 0x01,
+  0x80, 0x01, 0x03, 0x00, 0x03, 0x01, 0x80, 0x01, 0x02, 0x00, 0x03, 0x00,
+  0x80, 0x01, 0x03, 0x00, 0x03, 0x00, 0x80, 0x01, 0x02, 0x00, 0x03, 0x09,
+  0x80, 0x01, 0x03, 0x00, 0x03, 0x09, 0x80, 0x01, 0x02, 0x00, 0x03, 0x03,
+  0x80, 0x01, 0x03, 0x00, 0x03, 0x03, 0x80, 0x1E, 0xA0, 0x00, 0x03, 0x06,
+  0x80, 0x1E, 0xA1, 0x00, 0x03, 0x06, 0x80, 0x00, 0x45, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x65, 0x00, 0x03, 0x23, 0x80, 0x00, 0x45, 0x00, 0x03, 0x09,
+  0x80, 0x00, 0x65, 0x00, 0x03, 0x09, 0x80, 0x00, 0x45, 0x00, 0x03, 0x03,
+  0x80, 0x00, 0x65, 0x00, 0x03, 0x03, 0x80, 0x00, 0xCA, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0xEA, 0x00, 0x03, 0x01, 0x80, 0x00, 0xCA, 0x00, 0x03, 0x00,
+  0x80, 0x00, 0xEA, 0x00, 0x03, 0x00, 0x80, 0x00, 0xCA, 0x00, 0x03, 0x09,
+  0x80, 0x00, 0xEA, 0x00, 0x03, 0x09, 0x80, 0x00, 0xCA, 0x00, 0x03, 0x03,
+  0x80, 0x00, 0xEA, 0x00, 0x03, 0x03, 0x80, 0x1E, 0xB8, 0x00, 0x03, 0x02,
+  0x80, 0x1E, 0xB9, 0x00, 0x03, 0x02, 0x80, 0x00, 0x49, 0x00, 0x03, 0x09,
+  0x80, 0x00, 0x69, 0x00, 0x03, 0x09, 0x80, 0x00, 0x49, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x69, 0x00, 0x03, 0x23, 0x80, 0x00, 0x4F, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x6F, 0x00, 0x03, 0x23, 0x80, 0x00, 0x4F, 0x00, 0x03, 0x09,
+  0x80, 0x00, 0x6F, 0x00, 0x03, 0x09, 0x80, 0x00, 0xD4, 0x00, 0x03, 0x01,
+  0x80, 0x00, 0xF4, 0x00, 0x03, 0x01, 0x80, 0x00, 0xD4, 0x00, 0x03, 0x00,
+  0x80, 0x00, 0xF4, 0x00, 0x03, 0x00, 0x80, 0x00, 0xD4, 0x00, 0x03, 0x09,
+  0x80, 0x00, 0xF4, 0x00, 0x03, 0x09, 0x80, 0x00, 0xD4, 0x00, 0x03, 0x03,
+  0x80, 0x00, 0xF4, 0x00, 0x03, 0x03, 0x80, 0x1E, 0xCC, 0x00, 0x03, 0x02,
+  0x80, 0x1E, 0xCD, 0x00, 0x03, 0x02, 0x80, 0x01, 0xA0, 0x00, 0x03, 0x01,
+  0x80, 0x01, 0xA1, 0x00, 0x03, 0x01, 0x80, 0x01, 0xA0, 0x00, 0x03, 0x00,
+  0x80, 0x01, 0xA1, 0x00, 0x03, 0x00, 0x80, 0x01, 0xA0, 0x00, 0x03, 0x09,
+  0x80, 0x01, 0xA1, 0x00, 0x03, 0x09, 0x80, 0x01, 0xA0, 0x00, 0x03, 0x03,
+  0x80, 0x01, 0xA1, 0x00, 0x03, 0x03, 0x80, 0x01, 0xA0, 0x00, 0x03, 0x23,
+  0x80, 0x01, 0xA1, 0x00, 0x03, 0x23, 0x80, 0x00, 0x55, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x75, 0x00, 0x03, 0x23, 0x80, 0x00, 0x55, 0x00, 0x03, 0x09,
+  0x80, 0x00, 0x75, 0x00, 0x03, 0x09, 0x80, 0x01, 0xAF, 0x00, 0x03, 0x01,
+  0x80, 0x01, 0xB0, 0x00, 0x03, 0x01, 0x80, 0x01, 0xAF, 0x00, 0x03, 0x00,
+  0x80, 0x01, 0xB0, 0x00, 0x03, 0x00, 0x80, 0x01, 0xAF, 0x00, 0x03, 0x09,
+  0x80, 0x01, 0xB0, 0x00, 0x03, 0x09, 0x80, 0x01, 0xAF, 0x00, 0x03, 0x03,
+  0x80, 0x01, 0xB0, 0x00, 0x03, 0x03, 0x80, 0x01, 0xAF, 0x00, 0x03, 0x23,
+  0x80, 0x01, 0xB0, 0x00, 0x03, 0x23, 0x80, 0x00, 0x59, 0x00, 0x03, 0x00,
+  0x80, 0x00, 0x79, 0x00, 0x03, 0x00, 0x80, 0x00, 0x59, 0x00, 0x03, 0x23,
+  0x80, 0x00, 0x79, 0x00, 0x03, 0x23, 0x80, 0x00, 0x59, 0x00, 0x03, 0x09,
+  0x80, 0x00, 0x79, 0x00, 0x03, 0x09, 0x80, 0x00, 0x59, 0x00, 0x03, 0x03,
+  0x80, 0x00, 0x79, 0x00, 0x03, 0x03, 0x80, 0x03, 0xB1, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0xB1, 0x00, 0x03, 0x14, 0x80, 0x1F, 0x00, 0x00, 0x03, 0x00,
+  0x80, 0x1F, 0x01, 0x00, 0x03, 0x00, 0x80, 0x1F, 0x00, 0x00, 0x03, 0x01,
+  0x80, 0x1F, 0x01, 0x00, 0x03, 0x01, 0x80, 0x1F, 0x00, 0x00, 0x03, 0x42,
+  0x80, 0x1F, 0x01, 0x00, 0x03, 0x42, 0x80, 0x03, 0x91, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0x91, 0x00, 0x03, 0x14, 0x80, 0x1F, 0x08, 0x00, 0x03, 0x00,
+  0x80, 0x1F, 0x09, 0x00, 0x03, 0x00, 0x80, 0x1F, 0x08, 0x00, 0x03, 0x01,
+  0x80, 0x1F, 0x09, 0x00, 0x03, 0x01, 0x80, 0x1F, 0x08, 0x00, 0x03, 0x42,
+  0x80, 0x1F, 0x09, 0x00, 0x03, 0x42, 0x80, 0x03, 0xB5, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0xB5, 0x00, 0x03, 0x14, 0x80, 0x1F, 0x10, 0x00, 0x03, 0x00,
+  0x80, 0x1F, 0x11, 0x00, 0x03, 0x00, 0x80, 0x1F, 0x10, 0x00, 0x03, 0x01,
+  0x80, 0x1F, 0x11, 0x00, 0x03, 0x01, 0x80, 0x03, 0x95, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0x95, 0x00, 0x03, 0x14, 0x80, 0x1F, 0x18, 0x00, 0x03, 0x00,
+  0x80, 0x1F, 0x19, 0x00, 0x03, 0x00, 0x80, 0x1F, 0x18, 0x00, 0x03, 0x01,
+  0x80, 0x1F, 0x19, 0x00, 0x03, 0x01, 0x80, 0x03, 0xB7, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0xB7, 0x00, 0x03, 0x14, 0x80, 0x1F, 0x20, 0x00, 0x03, 0x00,
+  0x80, 0x1F, 0x21, 0x00, 0x03, 0x00, 0x80, 0x1F, 0x20, 0x00, 0x03, 0x01,
+  0x80, 0x1F, 0x21, 0x00, 0x03, 0x01, 0x80, 0x1F, 0x20, 0x00, 0x03, 0x42,
+  0x80, 0x1F, 0x21, 0x00, 0x03, 0x42, 0x80, 0x03, 0x97, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0x97, 0x00, 0x03, 0x14, 0x80, 0x1F, 0x28, 0x00, 0x03, 0x00,
+  0x80, 0x1F, 0x29, 0x00, 0x03, 0x00, 0x80, 0x1F, 0x28, 0x00, 0x03, 0x01,
+  0x80, 0x1F, 0x29, 0x00, 0x03, 0x01, 0x80, 0x1F, 0x28, 0x00, 0x03, 0x42,
+  0x80, 0x1F, 0x29, 0x00, 0x03, 0x42, 0x80, 0x03, 0xB9, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0xB9, 0x00, 0x03, 0x14, 0x80, 0x1F, 0x30, 0x00, 0x03, 0x00,
+  0x80, 0x1F, 0x31, 0x00, 0x03, 0x00, 0x80, 0x1F, 0x30, 0x00, 0x03, 0x01,
+  0x80, 0x1F, 0x31, 0x00, 0x03, 0x01, 0x80, 0x1F, 0x30, 0x00, 0x03, 0x42,
+  0x80, 0x1F, 0x31, 0x00, 0x03, 0x42, 0x80, 0x03, 0x99, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0x99, 0x00, 0x03, 0x14, 0x80, 0x1F, 0x38, 0x00, 0x03, 0x00,
+  0x80, 0x1F, 0x39, 0x00, 0x03, 0x00, 0x80, 0x1F, 0x38, 0x00, 0x03, 0x01,
+  0x80, 0x1F, 0x39, 0x00, 0x03, 0x01, 0x80, 0x1F, 0x38, 0x00, 0x03, 0x42,
+  0x80, 0x1F, 0x39, 0x00, 0x03, 0x42, 0x80, 0x03, 0xBF, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0xBF, 0x00, 0x03, 0x14, 0x80, 0x1F, 0x40, 0x00, 0x03, 0x00,
+  0x80, 0x1F, 0x41, 0x00, 0x03, 0x00, 0x80, 0x1F, 0x40, 0x00, 0x03, 0x01,
+  0x80, 0x1F, 0x41, 0x00, 0x03, 0x01, 0x80, 0x03, 0x9F, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0x9F, 0x00, 0x03, 0x14, 0x80, 0x1F, 0x48, 0x00, 0x03, 0x00,
+  0x80, 0x1F, 0x49, 0x00, 0x03, 0x00, 0x80, 0x1F, 0x48, 0x00, 0x03, 0x01,
+  0x80, 0x1F, 0x49, 0x00, 0x03, 0x01, 0x80, 0x03, 0xC5, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0xC5, 0x00, 0x03, 0x14, 0x80, 0x1F, 0x50, 0x00, 0x03, 0x00,
+  0x80, 0x1F, 0x51, 0x00, 0x03, 0x00, 0x80, 0x1F, 0x50, 0x00, 0x03, 0x01,
+  0x80, 0x1F, 0x51, 0x00, 0x03, 0x01, 0x80, 0x1F, 0x50, 0x00, 0x03, 0x42,
+  0x80, 0x1F, 0x51, 0x00, 0x03, 0x42, 0x80, 0x03, 0xA5, 0x00, 0x03, 0x14,
+  0x80, 0x1F, 0x59, 0x00, 0x03, 0x00, 0x80, 0x1F, 0x59, 0x00, 0x03, 0x01,
+  0x80, 0x1F, 0x59, 0x00, 0x03, 0x42, 0x80, 0x03, 0xC9, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0xC9, 0x00, 0x03, 0x14, 0x80, 0x1F, 0x60, 0x00, 0x03, 0x00,
+  0x80, 0x1F, 0x61, 0x00, 0x03, 0x00, 0x80, 0x1F, 0x60, 0x00, 0x03, 0x01,
+  0x80, 0x1F, 0x61, 0x00, 0x03, 0x01, 0x80, 0x1F, 0x60, 0x00, 0x03, 0x42,
+  0x80, 0x1F, 0x61, 0x00, 0x03, 0x42, 0x80, 0x03, 0xA9, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0xA9, 0x00, 0x03, 0x14, 0x80, 0x1F, 0x68, 0x00, 0x03, 0x00,
+  0x80, 0x1F, 0x69, 0x00, 0x03, 0x00, 0x80, 0x1F, 0x68, 0x00, 0x03, 0x01,
+  0x80, 0x1F, 0x69, 0x00, 0x03, 0x01, 0x80, 0x1F, 0x68, 0x00, 0x03, 0x42,
+  0x80, 0x1F, 0x69, 0x00, 0x03, 0x42, 0x80, 0x03, 0xB1, 0x00, 0x03, 0x00,
+  0x00, 0x03, 0xAC, 0x80, 0x03, 0xB5, 0x00, 0x03, 0x00, 0x00, 0x03, 0xAD,
+  0x80, 0x03, 0xB7, 0x00, 0x03, 0x00, 0x00, 0x03, 0xAE, 0x80, 0x03, 0xB9,
+  0x00, 0x03, 0x00, 0x00, 0x03, 0xAF, 0x80, 0x03, 0xBF, 0x00, 0x03, 0x00,
+  0x00, 0x03, 0xCC, 0x80, 0x03, 0xC5, 0x00, 0x03, 0x00, 0x00, 0x03, 0xCD,
+  0x80, 0x03, 0xC9, 0x00, 0x03, 0x00, 0x00, 0x03, 0xCE, 0x80, 0x1F, 0x00,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x01, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x02,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x03, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x04,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x05, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x06,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x07, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x08,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x09, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x0A,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x0B, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x0C,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x0D, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x0E,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x0F, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x20,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x21, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x22,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x23, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x24,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x25, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x26,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x27, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x28,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x29, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x2A,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x2B, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x2C,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x2D, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x2E,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x2F, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x60,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x61, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x62,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x63, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x64,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x65, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x66,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x67, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x68,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x69, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x6A,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x6B, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x6C,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x6D, 0x00, 0x03, 0x45, 0x80, 0x1F, 0x6E,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0x6F, 0x00, 0x03, 0x45, 0x80, 0x03, 0xB1,
+  0x00, 0x03, 0x06, 0x80, 0x03, 0xB1, 0x00, 0x03, 0x04, 0x80, 0x1F, 0x70,
+  0x00, 0x03, 0x45, 0x80, 0x03, 0xB1, 0x00, 0x03, 0x45, 0x80, 0x03, 0xAC,
+  0x00, 0x03, 0x45, 0x80, 0x03, 0xB1, 0x00, 0x03, 0x42, 0x80, 0x1F, 0xB6,
+  0x00, 0x03, 0x45, 0x80, 0x03, 0x91, 0x00, 0x03, 0x06, 0x80, 0x03, 0x91,
+  0x00, 0x03, 0x04, 0x80, 0x03, 0x91, 0x00, 0x03, 0x00, 0x00, 0x03, 0x86,
+  0x80, 0x03, 0x91, 0x00, 0x03, 0x45, 0xC0, 0x00, 0x20, 0x00, 0x03, 0x13,
+  0x00, 0x03, 0xB9, 0xC0, 0x00, 0x20, 0x00, 0x03, 0x13, 0xC0, 0x00, 0x20,
+  0x00, 0x03, 0x42, 0x80, 0x00, 0xA8, 0x00, 0x03, 0x42, 0x80, 0x1F, 0x74,
+  0x00, 0x03, 0x45, 0x80, 0x03, 0xB7, 0x00, 0x03, 0x45, 0x80, 0x03, 0xAE,
+  0x00, 0x03, 0x45, 0x80, 0x03, 0xB7, 0x00, 0x03, 0x42, 0x80, 0x1F, 0xC6,
+  0x00, 0x03, 0x45, 0x80, 0x03, 0x95, 0x00, 0x03, 0x00, 0x00, 0x03, 0x88,
+  0x80, 0x03, 0x97, 0x00, 0x03, 0x00, 0x00, 0x03, 0x89, 0x80, 0x03, 0x97,
+  0x00, 0x03, 0x45, 0x80, 0x1F, 0xBF, 0x00, 0x03, 0x00, 0x80, 0x1F, 0xBF,
+  0x00, 0x03, 0x01, 0x80, 0x1F, 0xBF, 0x00, 0x03, 0x42, 0x80, 0x03, 0xB9,
+  0x00, 0x03, 0x06, 0x80, 0x03, 0xB9, 0x00, 0x03, 0x04, 0x80, 0x03, 0xCA,
+  0x00, 0x03, 0x00, 0x00, 0x03, 0x90, 0x80, 0x03, 0xB9, 0x00, 0x03, 0x42,
+  0x80, 0x03, 0xCA, 0x00, 0x03, 0x42, 0x80, 0x03, 0x99, 0x00, 0x03, 0x06,
+  0x80, 0x03, 0x99, 0x00, 0x03, 0x04, 0x80, 0x03, 0x99, 0x00, 0x03, 0x00,
+  0x00, 0x03, 0x8A, 0x80, 0x1F, 0xFE, 0x00, 0x03, 0x00, 0x80, 0x1F, 0xFE,
+  0x00, 0x03, 0x01, 0x80, 0x1F, 0xFE, 0x00, 0x03, 0x42, 0x80, 0x03, 0xC5,
+  0x00, 0x03, 0x06, 0x80, 0x03, 0xC5, 0x00, 0x03, 0x04, 0x80, 0x03, 0xCB,
+  0x00, 0x03, 0x00, 0x00, 0x03, 0xB0, 0x80, 0x03, 0xC1, 0x00, 0x03, 0x13,
+  0x80, 0x03, 0xC1, 0x00, 0x03, 0x14, 0x80, 0x03, 0xC5, 0x00, 0x03, 0x42,
+  0x80, 0x03, 0xCB, 0x00, 0x03, 0x42, 0x80, 0x03, 0xA5, 0x00, 0x03, 0x06,
+  0x80, 0x03, 0xA5, 0x00, 0x03, 0x04, 0x80, 0x03, 0xA5, 0x00, 0x03, 0x00,
+  0x00, 0x03, 0x8E, 0x80, 0x03, 0xA1, 0x00, 0x03, 0x14, 0x80, 0x00, 0xA8,
+  0x00, 0x03, 0x00, 0x00, 0x03, 0x85, 0x00, 0x00, 0x60, 0x80, 0x1F, 0x7C,
+  0x00, 0x03, 0x45, 0x80, 0x03, 0xC9, 0x00, 0x03, 0x45, 0x80, 0x03, 0xCE,
+  0x00, 0x03, 0x45, 0x80, 0x03, 0xC9, 0x00, 0x03, 0x42, 0x80, 0x1F, 0xF6,
+  0x00, 0x03, 0x45, 0x80, 0x03, 0x9F, 0x00, 0x03, 0x00, 0x00, 0x03, 0x8C,
+  0x80, 0x03, 0xA9, 0x00, 0x03, 0x00, 0x00, 0x03, 0x8F, 0x80, 0x03, 0xA9,
+  0x00, 0x03, 0x45, 0x00, 0x00, 0xB4, 0xC0, 0x00, 0x20, 0x00, 0x03, 0x14,
+  0x00, 0x20, 0x02, 0x00, 0x20, 0x03, 0x40, 0x00, 0x20, 0x40, 0x00, 0x20,
+  0x40, 0x00, 0x20, 0x40, 0x00, 0x20, 0x40, 0x00, 0x20, 0x08, 0x00, 0x20,
+  0x40, 0x00, 0x20, 0x40, 0x00, 0x20, 0x40, 0x00, 0x20, 0x08, 0x20, 0x10,
+  0xC0, 0x00, 0x20, 0x00, 0x03, 0x33, 0x40, 0x00, 0x2E, 0xC0, 0x00, 0x2E,
+  0x00, 0x00, 0x2E, 0xC0, 0x00, 0x2E, 0x80, 0x00, 0x2E, 0x00, 0x00, 0x2E,
+  0x08, 0x00, 0x20, 0xC0, 0x20, 0x32, 0x00, 0x20, 0x32, 0xC0, 0x20, 0x32,
+  0x80, 0x20, 0x32, 0x00, 0x20, 0x32, 0xC0, 0x20, 0x35, 0x00, 0x20, 0x35,
+  0xC0, 0x20, 0x35, 0x80, 0x20, 0x35, 0x00, 0x20, 0x35, 0xC0, 0x00, 0x21,
+  0x00, 0x00, 0x21, 0xC0, 0x00, 0x20, 0x00, 0x03, 0x05, 0xC0, 0x00, 0x3F,
+  0x00, 0x00, 0x3F, 0xC0, 0x00, 0x3F, 0x00, 0x00, 0x21, 0xC0, 0x00, 0x21,
+  0x00, 0x00, 0x3F, 0xC0, 0x20, 0x32, 0x80, 0x20, 0x32, 0x80, 0x20, 0x32,
+  0x00, 0x20, 0x32, 0x40, 0x00, 0x20, 0x20, 0x00, 0x30, 0x20, 0x00, 0x69,
+  0x20, 0x00, 0x34, 0x20, 0x00, 0x35, 0x20, 0x00, 0x36, 0x20, 0x00, 0x37,
+  0x20, 0x00, 0x38, 0x20, 0x00, 0x39, 0x20, 0x00, 0x2B, 0x20, 0x22, 0x12,
+  0x20, 0x00, 0x3D, 0x20, 0x00, 0x28, 0x20, 0x00, 0x29, 0x20, 0x00, 0x6E,
+  0x24, 0x00, 0x30, 0x24, 0x00, 0x31, 0x24, 0x00, 0x32, 0x24, 0x00, 0x33,
+  0x24, 0x00, 0x34, 0x24, 0x00, 0x35, 0x24, 0x00, 0x36, 0x24, 0x00, 0x37,
+  0x24, 0x00, 0x38, 0x24, 0x00, 0x39, 0x24, 0x00, 0x2B, 0x24, 0x22, 0x12,
+  0x24, 0x00, 0x3D, 0x24, 0x00, 0x28, 0x24, 0x00, 0x29, 0x24, 0x00, 0x61,
+  0x24, 0x00, 0x65, 0x24, 0x00, 0x6F, 0x24, 0x00, 0x78, 0x24, 0x02, 0x59,
+  0x24, 0x00, 0x68, 0x24, 0x00, 0x6B, 0x24, 0x00, 0x6C, 0x24, 0x00, 0x6D,
+  0x24, 0x00, 0x6E, 0x24, 0x00, 0x70, 0x24, 0x00, 0x73, 0x24, 0x00, 0x74,
+  0xC0, 0x00, 0x52, 0x00, 0x00, 0x73, 0xC0, 0x00, 0x61, 0x80, 0x00, 0x2F,
+  0x00, 0x00, 0x63, 0xC0, 0x00, 0x61, 0x80, 0x00, 0x2F, 0x00, 0x00, 0x73,
+  0x04, 0x00, 0x43, 0xC0, 0x00, 0xB0, 0x00, 0x00, 0x43, 0xC0, 0x00, 0x63,
+  0x80, 0x00, 0x2F, 0x00, 0x00, 0x6F, 0xC0, 0x00, 0x63, 0x80, 0x00, 0x2F,
+  0x00, 0x00, 0x75, 0x40, 0x01, 0x90, 0xC0, 0x00, 0xB0, 0x00, 0x00, 0x46,
+  0x04, 0x00, 0x67, 0x04, 0x00, 0x48, 0x04, 0x00, 0x48, 0x04, 0x00, 0x48,
+  0x04, 0x00, 0x68, 0x04, 0x01, 0x27, 0x04, 0x00, 0x49, 0x04, 0x00, 0x49,
+  0x04, 0x00, 0x4C, 0x04, 0x00, 0x6C, 0x04, 0x00, 0x4E, 0xC0, 0x00, 0x4E,
+  0x00, 0x00, 0x6F, 0x04, 0x00, 0x50, 0x04, 0x00, 0x51, 0x04, 0x00, 0x52,
+  0x04, 0x00, 0x52, 0x04, 0x00, 0x52, 0xA0, 0x00, 0x53, 0x00, 0x00, 0x4D,
+  0xC0, 0x00, 0x54, 0x80, 0x00, 0x45, 0x00, 0x00, 0x4C, 0xA0, 0x00, 0x54,
+  0x00, 0x00, 0x4D, 0x04, 0x00, 0x5A, 0x00, 0x03, 0xA9, 0x04, 0x00, 0x5A,
+  0x00, 0x00, 0x4B, 0x00, 0x00, 0xC5, 0x04, 0x00, 0x42, 0x04, 0x00, 0x43,
+  0x04, 0x00, 0x65, 0x04, 0x00, 0x45, 0x04, 0x00, 0x46, 0x04, 0x00, 0x4D,
+  0x04, 0x00, 0x6F, 0x40, 0x05, 0xD0, 0x40, 0x05, 0xD1, 0x40, 0x05, 0xD2,
+  0x40, 0x05, 0xD3, 0x04, 0x00, 0x69, 0xC0, 0x00, 0x46, 0x80, 0x00, 0x41,
+  0x00, 0x00, 0x58, 0x04, 0x03, 0xC0, 0x04, 0x03, 0xB3, 0x04, 0x03, 0x93,
+  0x04, 0x03, 0xA0, 0x04, 0x22, 0x11, 0x04, 0x00, 0x44, 0x04, 0x00, 0x64,
+  0x04, 0x00, 0x65, 0x04, 0x00, 0x69, 0x04, 0x00, 0x6A, 0xBC, 0x00, 0x31,
+  0x80, 0x20, 0x44, 0x00, 0x00, 0x37, 0xBC, 0x00, 0x31, 0x80, 0x20, 0x44,
+  0x00, 0x00, 0x39, 0xBC, 0x00, 0x31, 0x80, 0x20, 0x44, 0x80, 0x00, 0x31,
+  0x00, 0x00, 0x30, 0xBC, 0x00, 0x31, 0x80, 0x20, 0x44, 0x00, 0x00, 0x33,
+  0xBC, 0x00, 0x32, 0x80, 0x20, 0x44, 0x00, 0x00, 0x33, 0xBC, 0x00, 0x31,
+  0x80, 0x20, 0x44, 0x00, 0x00, 0x35, 0xBC, 0x00, 0x32, 0x80, 0x20, 0x44,
+  0x00, 0x00, 0x35, 0xBC, 0x00, 0x33, 0x80, 0x20, 0x44, 0x00, 0x00, 0x35,
+  0xBC, 0x00, 0x34, 0x80, 0x20, 0x44, 0x00, 0x00, 0x35, 0xBC, 0x00, 0x31,
+  0x80, 0x20, 0x44, 0x00, 0x00, 0x36, 0xBC, 0x00, 0x35, 0x80, 0x20, 0x44,
+  0x00, 0x00, 0x36, 0xBC, 0x00, 0x31, 0x80, 0x20, 0x44, 0x00, 0x00, 0x38,
+  0xBC, 0x00, 0x33, 0x80, 0x20, 0x44, 0x00, 0x00, 0x38, 0xBC, 0x00, 0x35,
+  0x80, 0x20, 0x44, 0x00, 0x00, 0x38, 0xBC, 0x00, 0x37, 0x80, 0x20, 0x44,
+  0x00, 0x00, 0x38, 0xBC, 0x00, 0x31, 0x00, 0x20, 0x44, 0x40, 0x00, 0x49,
+  0xC0, 0x00, 0x49, 0x00, 0x00, 0x49, 0xC0, 0x00, 0x49, 0x80, 0x00, 0x49,
+  0x00, 0x00, 0x49, 0xC0, 0x00, 0x49, 0x00, 0x00, 0x56, 0x40, 0x00, 0x56,
+  0xC0, 0x00, 0x56, 0x00, 0x00, 0x49, 0xC0, 0x00, 0x56, 0x80, 0x00, 0x49,
+  0x00, 0x00, 0x49, 0xC0, 0x00, 0x56, 0x80, 0x00, 0x49, 0x80, 0x00, 0x49,
+  0x00, 0x00, 0x49, 0xC0, 0x00, 0x49, 0x00, 0x00, 0x58, 0x40, 0x00, 0x58,
+  0xC0, 0x00, 0x58, 0x00, 0x00, 0x49, 0xC0, 0x00, 0x58, 0x80, 0x00, 0x49,
+  0x00, 0x00, 0x49, 0x40, 0x00, 0x4C, 0x40, 0x00, 0x43, 0x40, 0x00, 0x44,
+  0x40, 0x00, 0x4D, 0x40, 0x00, 0x69, 0xC0, 0x00, 0x69, 0x00, 0x00, 0x69,
+  0xC0, 0x00, 0x69, 0x80, 0x00, 0x69, 0x00, 0x00, 0x69, 0xC0, 0x00, 0x69,
+  0x00, 0x00, 0x76, 0x40, 0x00, 0x76, 0xC0, 0x00, 0x76, 0x00, 0x00, 0x69,
+  0xC0, 0x00, 0x76, 0x80, 0x00, 0x69, 0x00, 0x00, 0x69, 0xC0, 0x00, 0x76,
+  0x80, 0x00, 0x69, 0x80, 0x00, 0x69, 0x00, 0x00, 0x69, 0xC0, 0x00, 0x69,
+  0x00, 0x00, 0x78, 0x40, 0x00, 0x78, 0xC0, 0x00, 0x78, 0x00, 0x00, 0x69,
+  0xC0, 0x00, 0x78, 0x80, 0x00, 0x69, 0x00, 0x00, 0x69, 0x40, 0x00, 0x6C,
+  0x40, 0x00, 0x63, 0x40, 0x00, 0x64, 0x40, 0x00, 0x6D, 0xBC, 0x00, 0x30,
+  0x80, 0x20, 0x44, 0x00, 0x00, 0x33, 0x80, 0x21, 0x90, 0x00, 0x03, 0x38,
+  0x80, 0x21, 0x92, 0x00, 0x03, 0x38, 0x80, 0x21, 0x94, 0x00, 0x03, 0x38,
+  0x80, 0x21, 0xD0, 0x00, 0x03, 0x38, 0x80, 0x21, 0xD4, 0x00, 0x03, 0x38,
+  0x80, 0x21, 0xD2, 0x00, 0x03, 0x38, 0x80, 0x22, 0x03, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0x08, 0x00, 0x03, 0x38, 0x80, 0x22, 0x0B, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0x23, 0x00, 0x03, 0x38, 0x80, 0x22, 0x25, 0x00, 0x03, 0x38,
+  0xC0, 0x22, 0x2B, 0x00, 0x22, 0x2B, 0xC0, 0x22, 0x2B, 0x80, 0x22, 0x2B,
+  0x00, 0x22, 0x2B, 0xC0, 0x22, 0x2E, 0x00, 0x22, 0x2E, 0xC0, 0x22, 0x2E,
+  0x80, 0x22, 0x2E, 0x00, 0x22, 0x2E, 0x80, 0x22, 0x3C, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0x43, 0x00, 0x03, 0x38, 0x80, 0x22, 0x45, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0x48, 0x00, 0x03, 0x38, 0x80, 0x00, 0x3D, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0x61, 0x00, 0x03, 0x38, 0x80, 0x22, 0x4D, 0x00, 0x03, 0x38,
+  0x80, 0x00, 0x3C, 0x00, 0x03, 0x38, 0x80, 0x00, 0x3E, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0x64, 0x00, 0x03, 0x38, 0x80, 0x22, 0x65, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0x72, 0x00, 0x03, 0x38, 0x80, 0x22, 0x73, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0x76, 0x00, 0x03, 0x38, 0x80, 0x22, 0x77, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0x7A, 0x00, 0x03, 0x38, 0x80, 0x22, 0x7B, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0x82, 0x00, 0x03, 0x38, 0x80, 0x22, 0x83, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0x86, 0x00, 0x03, 0x38, 0x80, 0x22, 0x87, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0xA2, 0x00, 0x03, 0x38, 0x80, 0x22, 0xA8, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0xA9, 0x00, 0x03, 0x38, 0x80, 0x22, 0xAB, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0x7C, 0x00, 0x03, 0x38, 0x80, 0x22, 0x7D, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0x91, 0x00, 0x03, 0x38, 0x80, 0x22, 0x92, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0xB2, 0x00, 0x03, 0x38, 0x80, 0x22, 0xB3, 0x00, 0x03, 0x38,
+  0x80, 0x22, 0xB4, 0x00, 0x03, 0x38, 0x80, 0x22, 0xB5, 0x00, 0x03, 0x38,
+  0x00, 0x30, 0x08, 0x00, 0x30, 0x09, 0x1C, 0x00, 0x31, 0x1C, 0x00, 0x32,
+  0x1C, 0x00, 0x33, 0x1C, 0x00, 0x34, 0x1C, 0x00, 0x35, 0x1C, 0x00, 0x36,
+  0x1C, 0x00, 0x37, 0x1C, 0x00, 0x38, 0x1C, 0x00, 0x39, 0x9C, 0x00, 0x31,
+  0x00, 0x00, 0x30, 0x9C, 0x00, 0x31, 0x00, 0x00, 0x31, 0x9C, 0x00, 0x31,
+  0x00, 0x00, 0x32, 0x9C, 0x00, 0x31, 0x00, 0x00, 0x33, 0x9C, 0x00, 0x31,
+  0x00, 0x00, 0x34, 0x9C, 0x00, 0x31, 0x00, 0x00, 0x35, 0x9C, 0x00, 0x31,
+  0x00, 0x00, 0x36, 0x9C, 0x00, 0x31, 0x00, 0x00, 0x37, 0x9C, 0x00, 0x31,
+  0x00, 0x00, 0x38, 0x9C, 0x00, 0x31, 0x00, 0x00, 0x39, 0x9C, 0x00, 0x32,
+  0x00, 0x00, 0x30, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x31, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x32, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x33, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x34,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x35, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x36, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x37, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x38,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x39, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x31, 0x80, 0x00, 0x30, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x31, 0x80, 0x00, 0x31, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x31, 0x80, 0x00, 0x32, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x31, 0x80, 0x00, 0x33, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x31, 0x80, 0x00, 0x34, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x31, 0x80, 0x00, 0x35, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x31, 0x80, 0x00, 0x36, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x31, 0x80, 0x00, 0x37, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x31, 0x80, 0x00, 0x38, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x31, 0x80, 0x00, 0x39, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x32, 0x80, 0x00, 0x30, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x31, 0x00, 0x00, 0x2E, 0xC0, 0x00, 0x32, 0x00, 0x00, 0x2E,
+  0xC0, 0x00, 0x33, 0x00, 0x00, 0x2E, 0xC0, 0x00, 0x34, 0x00, 0x00, 0x2E,
+  0xC0, 0x00, 0x35, 0x00, 0x00, 0x2E, 0xC0, 0x00, 0x36, 0x00, 0x00, 0x2E,
+  0xC0, 0x00, 0x37, 0x00, 0x00, 0x2E, 0xC0, 0x00, 0x38, 0x00, 0x00, 0x2E,
+  0xC0, 0x00, 0x39, 0x00, 0x00, 0x2E, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x30,
+  0x00, 0x00, 0x2E, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x31, 0x00, 0x00, 0x2E,
+  0xC0, 0x00, 0x31, 0x80, 0x00, 0x32, 0x00, 0x00, 0x2E, 0xC0, 0x00, 0x31,
+  0x80, 0x00, 0x33, 0x00, 0x00, 0x2E, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x34,
+  0x00, 0x00, 0x2E, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x35, 0x00, 0x00, 0x2E,
+  0xC0, 0x00, 0x31, 0x80, 0x00, 0x36, 0x00, 0x00, 0x2E, 0xC0, 0x00, 0x31,
+  0x80, 0x00, 0x37, 0x00, 0x00, 0x2E, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x38,
+  0x00, 0x00, 0x2E, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x39, 0x00, 0x00, 0x2E,
+  0xC0, 0x00, 0x32, 0x80, 0x00, 0x30, 0x00, 0x00, 0x2E, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x62,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x63, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x64, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x65, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x66,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x67, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x68, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x69, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x6A,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x6B, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x6C, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x6D, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x6E,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x6F, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x70, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x71, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x72,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x73, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x74, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x75, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x76,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x77, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x78, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x79, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x7A,
+  0x00, 0x00, 0x29, 0x1C, 0x00, 0x41, 0x1C, 0x00, 0x42, 0x1C, 0x00, 0x43,
+  0x1C, 0x00, 0x44, 0x1C, 0x00, 0x45, 0x1C, 0x00, 0x46, 0x1C, 0x00, 0x47,
+  0x1C, 0x00, 0x48, 0x1C, 0x00, 0x49, 0x1C, 0x00, 0x4A, 0x1C, 0x00, 0x4B,
+  0x1C, 0x00, 0x4C, 0x1C, 0x00, 0x4D, 0x1C, 0x00, 0x4E, 0x1C, 0x00, 0x4F,
+  0x1C, 0x00, 0x50, 0x1C, 0x00, 0x51, 0x1C, 0x00, 0x52, 0x1C, 0x00, 0x53,
+  0x1C, 0x00, 0x54, 0x1C, 0x00, 0x55, 0x1C, 0x00, 0x56, 0x1C, 0x00, 0x57,
+  0x1C, 0x00, 0x58, 0x1C, 0x00, 0x59, 0x1C, 0x00, 0x5A, 0x1C, 0x00, 0x61,
+  0x1C, 0x00, 0x62, 0x1C, 0x00, 0x63, 0x1C, 0x00, 0x64, 0x1C, 0x00, 0x65,
+  0x1C, 0x00, 0x66, 0x1C, 0x00, 0x67, 0x1C, 0x00, 0x68, 0x1C, 0x00, 0x69,
+  0x1C, 0x00, 0x6A, 0x1C, 0x00, 0x6B, 0x1C, 0x00, 0x6C, 0x1C, 0x00, 0x6D,
+  0x1C, 0x00, 0x6E, 0x1C, 0x00, 0x6F, 0x1C, 0x00, 0x70, 0x1C, 0x00, 0x71,
+  0x1C, 0x00, 0x72, 0x1C, 0x00, 0x73, 0x1C, 0x00, 0x74, 0x1C, 0x00, 0x75,
+  0x1C, 0x00, 0x76, 0x1C, 0x00, 0x77, 0x1C, 0x00, 0x78, 0x1C, 0x00, 0x79,
+  0x1C, 0x00, 0x7A, 0x1C, 0x00, 0x30, 0xC0, 0x22, 0x2B, 0x80, 0x22, 0x2B,
+  0x80, 0x22, 0x2B, 0x00, 0x22, 0x2B, 0xC0, 0x00, 0x3A, 0x80, 0x00, 0x3A,
+  0x00, 0x00, 0x3D, 0xC0, 0x00, 0x3D, 0x00, 0x00, 0x3D, 0xC0, 0x00, 0x3D,
+  0x80, 0x00, 0x3D, 0x00, 0x00, 0x3D, 0x80, 0x2A, 0xDD, 0x00, 0x03, 0x38,
+  0x24, 0x00, 0x6A, 0x20, 0x00, 0x56, 0x20, 0x2D, 0x61, 0x40, 0x6B, 0xCD,
+  0x40, 0x9F, 0x9F, 0x40, 0x4E, 0x00, 0x40, 0x4E, 0x28, 0x40, 0x4E, 0x36,
+  0x40, 0x4E, 0x3F, 0x40, 0x4E, 0x59, 0x40, 0x4E, 0x85, 0x40, 0x4E, 0x8C,
+  0x40, 0x4E, 0xA0, 0x40, 0x4E, 0xBA, 0x40, 0x51, 0x3F, 0x40, 0x51, 0x65,
+  0x40, 0x51, 0x6B, 0x40, 0x51, 0x82, 0x40, 0x51, 0x96, 0x40, 0x51, 0xAB,
+  0x40, 0x51, 0xE0, 0x40, 0x51, 0xF5, 0x40, 0x52, 0x00, 0x40, 0x52, 0x9B,
+  0x40, 0x52, 0xF9, 0x40, 0x53, 0x15, 0x40, 0x53, 0x1A, 0x40, 0x53, 0x38,
+  0x40, 0x53, 0x41, 0x40, 0x53, 0x5C, 0x40, 0x53, 0x69, 0x40, 0x53, 0x82,
+  0x40, 0x53, 0xB6, 0x40, 0x53, 0xC8, 0x40, 0x53, 0xE3, 0x40, 0x56, 0xD7,
+  0x40, 0x57, 0x1F, 0x40, 0x58, 0xEB, 0x40, 0x59, 0x02, 0x40, 0x59, 0x0A,
+  0x40, 0x59, 0x15, 0x40, 0x59, 0x27, 0x40, 0x59, 0x73, 0x40, 0x5B, 0x50,
+  0x40, 0x5B, 0x80, 0x40, 0x5B, 0xF8, 0x40, 0x5C, 0x0F, 0x40, 0x5C, 0x22,
+  0x40, 0x5C, 0x38, 0x40, 0x5C, 0x6E, 0x40, 0x5C, 0x71, 0x40, 0x5D, 0xDB,
+  0x40, 0x5D, 0xE5, 0x40, 0x5D, 0xF1, 0x40, 0x5D, 0xFE, 0x40, 0x5E, 0x72,
+  0x40, 0x5E, 0x7A, 0x40, 0x5E, 0x7F, 0x40, 0x5E, 0xF4, 0x40, 0x5E, 0xFE,
+  0x40, 0x5F, 0x0B, 0x40, 0x5F, 0x13, 0x40, 0x5F, 0x50, 0x40, 0x5F, 0x61,
+  0x40, 0x5F, 0x73, 0x40, 0x5F, 0xC3, 0x40, 0x62, 0x08, 0x40, 0x62, 0x36,
+  0x40, 0x62, 0x4B, 0x40, 0x65, 0x2F, 0x40, 0x65, 0x34, 0x40, 0x65, 0x87,
+  0x40, 0x65, 0x97, 0x40, 0x65, 0xA4, 0x40, 0x65, 0xB9, 0x40, 0x65, 0xE0,
+  0x40, 0x65, 0xE5, 0x40, 0x66, 0xF0, 0x40, 0x67, 0x08, 0x40, 0x67, 0x28,
+  0x40, 0x6B, 0x20, 0x40, 0x6B, 0x62, 0x40, 0x6B, 0x79, 0x40, 0x6B, 0xB3,
+  0x40, 0x6B, 0xCB, 0x40, 0x6B, 0xD4, 0x40, 0x6B, 0xDB, 0x40, 0x6C, 0x0F,
+  0x40, 0x6C, 0x14, 0x40, 0x6C, 0x34, 0x40, 0x70, 0x6B, 0x40, 0x72, 0x2A,
+  0x40, 0x72, 0x36, 0x40, 0x72, 0x3B, 0x40, 0x72, 0x3F, 0x40, 0x72, 0x47,
+  0x40, 0x72, 0x59, 0x40, 0x72, 0x5B, 0x40, 0x72, 0xAC, 0x40, 0x73, 0x84,
+  0x40, 0x73, 0x89, 0x40, 0x74, 0xDC, 0x40, 0x74, 0xE6, 0x40, 0x75, 0x18,
+  0x40, 0x75, 0x1F, 0x40, 0x75, 0x28, 0x40, 0x75, 0x30, 0x40, 0x75, 0x8B,
+  0x40, 0x75, 0x92, 0x40, 0x76, 0x76, 0x40, 0x76, 0x7D, 0x40, 0x76, 0xAE,
+  0x40, 0x76, 0xBF, 0x40, 0x76, 0xEE, 0x40, 0x77, 0xDB, 0x40, 0x77, 0xE2,
+  0x40, 0x77, 0xF3, 0x40, 0x79, 0x3A, 0x40, 0x79, 0xB8, 0x40, 0x79, 0xBE,
+  0x40, 0x7A, 0x74, 0x40, 0x7A, 0xCB, 0x40, 0x7A, 0xF9, 0x40, 0x7C, 0x73,
+  0x40, 0x7C, 0xF8, 0x40, 0x7F, 0x36, 0x40, 0x7F, 0x51, 0x40, 0x7F, 0x8A,
+  0x40, 0x7F, 0xBD, 0x40, 0x80, 0x01, 0x40, 0x80, 0x0C, 0x40, 0x80, 0x12,
+  0x40, 0x80, 0x33, 0x40, 0x80, 0x7F, 0x40, 0x80, 0x89, 0x40, 0x81, 0xE3,
+  0x40, 0x81, 0xEA, 0x40, 0x81, 0xF3, 0x40, 0x81, 0xFC, 0x40, 0x82, 0x0C,
+  0x40, 0x82, 0x1B, 0x40, 0x82, 0x1F, 0x40, 0x82, 0x6E, 0x40, 0x82, 0x72,
+  0x40, 0x82, 0x78, 0x40, 0x86, 0x4D, 0x40, 0x86, 0x6B, 0x40, 0x88, 0x40,
+  0x40, 0x88, 0x4C, 0x40, 0x88, 0x63, 0x40, 0x89, 0x7E, 0x40, 0x89, 0x8B,
+  0x40, 0x89, 0xD2, 0x40, 0x8A, 0x00, 0x40, 0x8C, 0x37, 0x40, 0x8C, 0x46,
+  0x40, 0x8C, 0x55, 0x40, 0x8C, 0x78, 0x40, 0x8C, 0x9D, 0x40, 0x8D, 0x64,
+  0x40, 0x8D, 0x70, 0x40, 0x8D, 0xB3, 0x40, 0x8E, 0xAB, 0x40, 0x8E, 0xCA,
+  0x40, 0x8F, 0x9B, 0x40, 0x8F, 0xB0, 0x40, 0x8F, 0xB5, 0x40, 0x90, 0x91,
+  0x40, 0x91, 0x49, 0x40, 0x91, 0xC6, 0x40, 0x91, 0xCC, 0x40, 0x91, 0xD1,
+  0x40, 0x95, 0x77, 0x40, 0x95, 0x80, 0x40, 0x96, 0x1C, 0x40, 0x96, 0xB6,
+  0x40, 0x96, 0xB9, 0x40, 0x96, 0xE8, 0x40, 0x97, 0x51, 0x40, 0x97, 0x5E,
+  0x40, 0x97, 0x62, 0x40, 0x97, 0x69, 0x40, 0x97, 0xCB, 0x40, 0x97, 0xED,
+  0x40, 0x97, 0xF3, 0x40, 0x98, 0x01, 0x40, 0x98, 0xA8, 0x40, 0x98, 0xDB,
+  0x40, 0x98, 0xDF, 0x40, 0x99, 0x96, 0x40, 0x99, 0x99, 0x40, 0x99, 0xAC,
+  0x40, 0x9A, 0xA8, 0x40, 0x9A, 0xD8, 0x40, 0x9A, 0xDF, 0x40, 0x9B, 0x25,
+  0x40, 0x9B, 0x2F, 0x40, 0x9B, 0x32, 0x40, 0x9B, 0x3C, 0x40, 0x9B, 0x5A,
+  0x40, 0x9C, 0xE5, 0x40, 0x9E, 0x75, 0x40, 0x9E, 0x7F, 0x40, 0x9E, 0xA5,
+  0x40, 0x9E, 0xBB, 0x40, 0x9E, 0xC3, 0x40, 0x9E, 0xCD, 0x40, 0x9E, 0xD1,
+  0x40, 0x9E, 0xF9, 0x40, 0x9E, 0xFD, 0x40, 0x9F, 0x0E, 0x40, 0x9F, 0x13,
+  0x40, 0x9F, 0x20, 0x40, 0x9F, 0x3B, 0x40, 0x9F, 0x4A, 0x40, 0x9F, 0x52,
+  0x40, 0x9F, 0x8D, 0x40, 0x9F, 0x9C, 0x40, 0x9F, 0xA0, 0x2C, 0x00, 0x20,
+  0x40, 0x30, 0x12, 0x40, 0x53, 0x41, 0x40, 0x53, 0x44, 0x40, 0x53, 0x45,
+  0x80, 0x30, 0x4B, 0x00, 0x30, 0x99, 0x80, 0x30, 0x4D, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0x4F, 0x00, 0x30, 0x99, 0x80, 0x30, 0x51, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0x53, 0x00, 0x30, 0x99, 0x80, 0x30, 0x55, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0x57, 0x00, 0x30, 0x99, 0x80, 0x30, 0x59, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0x5B, 0x00, 0x30, 0x99, 0x80, 0x30, 0x5D, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0x5F, 0x00, 0x30, 0x99, 0x80, 0x30, 0x61, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0x64, 0x00, 0x30, 0x99, 0x80, 0x30, 0x66, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0x68, 0x00, 0x30, 0x99, 0x80, 0x30, 0x6F, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0x6F, 0x00, 0x30, 0x9A, 0x80, 0x30, 0x72, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0x72, 0x00, 0x30, 0x9A, 0x80, 0x30, 0x75, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0x75, 0x00, 0x30, 0x9A, 0x80, 0x30, 0x78, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0x78, 0x00, 0x30, 0x9A, 0x80, 0x30, 0x7B, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0x7B, 0x00, 0x30, 0x9A, 0x80, 0x30, 0x46, 0x00, 0x30, 0x99,
+  0xC0, 0x00, 0x20, 0x00, 0x30, 0x99, 0xC0, 0x00, 0x20, 0x00, 0x30, 0x9A,
+  0x80, 0x30, 0x9D, 0x00, 0x30, 0x99, 0xA8, 0x30, 0x88, 0x00, 0x30, 0x8A,
+  0x80, 0x30, 0xAB, 0x00, 0x30, 0x99, 0x80, 0x30, 0xAD, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xAF, 0x00, 0x30, 0x99, 0x80, 0x30, 0xB1, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xB3, 0x00, 0x30, 0x99, 0x80, 0x30, 0xB5, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xB7, 0x00, 0x30, 0x99, 0x80, 0x30, 0xB9, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xBB, 0x00, 0x30, 0x99, 0x80, 0x30, 0xBD, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xBF, 0x00, 0x30, 0x99, 0x80, 0x30, 0xC1, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xC4, 0x00, 0x30, 0x99, 0x80, 0x30, 0xC6, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xC8, 0x00, 0x30, 0x99, 0x80, 0x30, 0xCF, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xCF, 0x00, 0x30, 0x9A, 0x80, 0x30, 0xD2, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xD2, 0x00, 0x30, 0x9A, 0x80, 0x30, 0xD5, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xD5, 0x00, 0x30, 0x9A, 0x80, 0x30, 0xD8, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xD8, 0x00, 0x30, 0x9A, 0x80, 0x30, 0xDB, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xDB, 0x00, 0x30, 0x9A, 0x80, 0x30, 0xA6, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xEF, 0x00, 0x30, 0x99, 0x80, 0x30, 0xF0, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xF1, 0x00, 0x30, 0x99, 0x80, 0x30, 0xF2, 0x00, 0x30, 0x99,
+  0x80, 0x30, 0xFD, 0x00, 0x30, 0x99, 0xA8, 0x30, 0xB3, 0x00, 0x30, 0xC8,
+  0x40, 0x11, 0x00, 0x40, 0x11, 0x01, 0x40, 0x11, 0xAA, 0x40, 0x11, 0x02,
+  0x40, 0x11, 0xAC, 0x40, 0x11, 0xAD, 0x40, 0x11, 0x03, 0x40, 0x11, 0x04,
+  0x40, 0x11, 0x05, 0x40, 0x11, 0xB0, 0x40, 0x11, 0xB1, 0x40, 0x11, 0xB2,
+  0x40, 0x11, 0xB3, 0x40, 0x11, 0xB4, 0x40, 0x11, 0xB5, 0x40, 0x11, 0x1A,
+  0x40, 0x11, 0x06, 0x40, 0x11, 0x07, 0x40, 0x11, 0x08, 0x40, 0x11, 0x21,
+  0x40, 0x11, 0x09, 0x40, 0x11, 0x0A, 0x40, 0x11, 0x0B, 0x40, 0x11, 0x0C,
+  0x40, 0x11, 0x0D, 0x40, 0x11, 0x0E, 0x40, 0x11, 0x0F, 0x40, 0x11, 0x10,
+  0x40, 0x11, 0x11, 0x40, 0x11, 0x12, 0x40, 0x11, 0x61, 0x40, 0x11, 0x62,
+  0x40, 0x11, 0x63, 0x40, 0x11, 0x64, 0x40, 0x11, 0x65, 0x40, 0x11, 0x66,
+  0x40, 0x11, 0x67, 0x40, 0x11, 0x68, 0x40, 0x11, 0x69, 0x40, 0x11, 0x6A,
+  0x40, 0x11, 0x6B, 0x40, 0x11, 0x6C, 0x40, 0x11, 0x6D, 0x40, 0x11, 0x6E,
+  0x40, 0x11, 0x6F, 0x40, 0x11, 0x70, 0x40, 0x11, 0x71, 0x40, 0x11, 0x72,
+  0x40, 0x11, 0x73, 0x40, 0x11, 0x74, 0x40, 0x11, 0x75, 0x40, 0x11, 0x60,
+  0x40, 0x11, 0x14, 0x40, 0x11, 0x15, 0x40, 0x11, 0xC7, 0x40, 0x11, 0xC8,
+  0x40, 0x11, 0xCC, 0x40, 0x11, 0xCE, 0x40, 0x11, 0xD3, 0x40, 0x11, 0xD7,
+  0x40, 0x11, 0xD9, 0x40, 0x11, 0x1C, 0x40, 0x11, 0xDD, 0x40, 0x11, 0xDF,
+  0x40, 0x11, 0x1D, 0x40, 0x11, 0x1E, 0x40, 0x11, 0x20, 0x40, 0x11, 0x22,
+  0x40, 0x11, 0x23, 0x40, 0x11, 0x27, 0x40, 0x11, 0x29, 0x40, 0x11, 0x2B,
+  0x40, 0x11, 0x2C, 0x40, 0x11, 0x2D, 0x40, 0x11, 0x2E, 0x40, 0x11, 0x2F,
+  0x40, 0x11, 0x32, 0x40, 0x11, 0x36, 0x40, 0x11, 0x40, 0x40, 0x11, 0x47,
+  0x40, 0x11, 0x4C, 0x40, 0x11, 0xF1, 0x40, 0x11, 0xF2, 0x40, 0x11, 0x57,
+  0x40, 0x11, 0x58, 0x40, 0x11, 0x59, 0x40, 0x11, 0x84, 0x40, 0x11, 0x85,
+  0x40, 0x11, 0x88, 0x40, 0x11, 0x91, 0x40, 0x11, 0x92, 0x40, 0x11, 0x94,
+  0x40, 0x11, 0x9E, 0x40, 0x11, 0xA1, 0x20, 0x4E, 0x00, 0x20, 0x4E, 0x8C,
+  0x20, 0x4E, 0x09, 0x20, 0x56, 0xDB, 0x20, 0x4E, 0x0A, 0x20, 0x4E, 0x2D,
+  0x20, 0x4E, 0x0B, 0x20, 0x75, 0x32, 0x20, 0x4E, 0x59, 0x20, 0x4E, 0x19,
+  0x20, 0x4E, 0x01, 0x20, 0x59, 0x29, 0x20, 0x57, 0x30, 0x20, 0x4E, 0xBA,
+  0xC0, 0x00, 0x28, 0x80, 0x11, 0x00, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x11, 0x02, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x03,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x05, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x11, 0x06, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x11, 0x07, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x09,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x0B, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x11, 0x0C, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x11, 0x0E, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x0F,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x10, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x11, 0x11, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x11, 0x12, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x00,
+  0x80, 0x11, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x02,
+  0x80, 0x11, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x03,
+  0x80, 0x11, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x05,
+  0x80, 0x11, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x06,
+  0x80, 0x11, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x07,
+  0x80, 0x11, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x09,
+  0x80, 0x11, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x0B,
+  0x80, 0x11, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x0C,
+  0x80, 0x11, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x0E,
+  0x80, 0x11, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x0F,
+  0x80, 0x11, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x10,
+  0x80, 0x11, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x11,
+  0x80, 0x11, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x12,
+  0x80, 0x11, 0x61, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x0C,
+  0x80, 0x11, 0x6E, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x0B,
+  0x80, 0x11, 0x69, 0x80, 0x11, 0x0C, 0x80, 0x11, 0x65, 0x80, 0x11, 0xAB,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x11, 0x0B, 0x80, 0x11, 0x69,
+  0x80, 0x11, 0x12, 0x80, 0x11, 0x6E, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x4E, 0x00, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x4E, 0x8C,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x4E, 0x09, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x56, 0xDB, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x4E, 0x94, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x51, 0x6D,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x4E, 0x03, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x51, 0x6B, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x4E, 0x5D, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x53, 0x41,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x67, 0x08, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x70, 0x6B, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x6C, 0x34, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x67, 0x28,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x91, 0xD1, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x57, 0x1F, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x65, 0xE5, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x68, 0x2A,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x67, 0x09, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x79, 0x3E, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x54, 0x0D, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x72, 0x79,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x8C, 0xA1, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x79, 0x5D, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x52, 0xB4, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x4E, 0xE3,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x54, 0x7C, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x5B, 0x66, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x76, 0xE3, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x4F, 0x01,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x8C, 0xC7, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x53, 0x54, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x79, 0x6D, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x4F, 0x11,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x81, 0xEA, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x81, 0xF3, 0x00, 0x00, 0x29, 0x1C, 0x55, 0x4F,
+  0x1C, 0x5E, 0x7C, 0x1C, 0x65, 0x87, 0x1C, 0x7B, 0x8F, 0xB8, 0x00, 0x50,
+  0x80, 0x00, 0x54, 0x00, 0x00, 0x45, 0x9C, 0x00, 0x32, 0x00, 0x00, 0x31,
+  0x9C, 0x00, 0x32, 0x00, 0x00, 0x32, 0x9C, 0x00, 0x32, 0x00, 0x00, 0x33,
+  0x9C, 0x00, 0x32, 0x00, 0x00, 0x34, 0x9C, 0x00, 0x32, 0x00, 0x00, 0x35,
+  0x9C, 0x00, 0x32, 0x00, 0x00, 0x36, 0x9C, 0x00, 0x32, 0x00, 0x00, 0x37,
+  0x9C, 0x00, 0x32, 0x00, 0x00, 0x38, 0x9C, 0x00, 0x32, 0x00, 0x00, 0x39,
+  0x9C, 0x00, 0x33, 0x00, 0x00, 0x30, 0x9C, 0x00, 0x33, 0x00, 0x00, 0x31,
+  0x9C, 0x00, 0x33, 0x00, 0x00, 0x32, 0x9C, 0x00, 0x33, 0x00, 0x00, 0x33,
+  0x9C, 0x00, 0x33, 0x00, 0x00, 0x34, 0x9C, 0x00, 0x33, 0x00, 0x00, 0x35,
+  0x1C, 0x11, 0x00, 0x1C, 0x11, 0x02, 0x1C, 0x11, 0x03, 0x1C, 0x11, 0x05,
+  0x1C, 0x11, 0x06, 0x1C, 0x11, 0x07, 0x1C, 0x11, 0x09, 0x1C, 0x11, 0x0B,
+  0x1C, 0x11, 0x0C, 0x1C, 0x11, 0x0E, 0x1C, 0x11, 0x0F, 0x1C, 0x11, 0x10,
+  0x1C, 0x11, 0x11, 0x1C, 0x11, 0x12, 0x9C, 0x11, 0x00, 0x00, 0x11, 0x61,
+  0x9C, 0x11, 0x02, 0x00, 0x11, 0x61, 0x9C, 0x11, 0x03, 0x00, 0x11, 0x61,
+  0x9C, 0x11, 0x05, 0x00, 0x11, 0x61, 0x9C, 0x11, 0x06, 0x00, 0x11, 0x61,
+  0x9C, 0x11, 0x07, 0x00, 0x11, 0x61, 0x9C, 0x11, 0x09, 0x00, 0x11, 0x61,
+  0x9C, 0x11, 0x0B, 0x00, 0x11, 0x61, 0x9C, 0x11, 0x0C, 0x00, 0x11, 0x61,
+  0x9C, 0x11, 0x0E, 0x00, 0x11, 0x61, 0x9C, 0x11, 0x0F, 0x00, 0x11, 0x61,
+  0x9C, 0x11, 0x10, 0x00, 0x11, 0x61, 0x9C, 0x11, 0x11, 0x00, 0x11, 0x61,
+  0x9C, 0x11, 0x12, 0x00, 0x11, 0x61, 0x9C, 0x11, 0x0E, 0x80, 0x11, 0x61,
+  0x80, 0x11, 0xB7, 0x80, 0x11, 0x00, 0x00, 0x11, 0x69, 0x9C, 0x11, 0x0C,
+  0x80, 0x11, 0x6E, 0x80, 0x11, 0x0B, 0x00, 0x11, 0x74, 0x9C, 0x11, 0x0B,
+  0x00, 0x11, 0x6E, 0x1C, 0x4E, 0x00, 0x1C, 0x4E, 0x8C, 0x1C, 0x4E, 0x09,
+  0x1C, 0x56, 0xDB, 0x1C, 0x4E, 0x94, 0x1C, 0x51, 0x6D, 0x1C, 0x4E, 0x03,
+  0x1C, 0x51, 0x6B, 0x1C, 0x4E, 0x5D, 0x1C, 0x53, 0x41, 0x1C, 0x67, 0x08,
+  0x1C, 0x70, 0x6B, 0x1C, 0x6C, 0x34, 0x1C, 0x67, 0x28, 0x1C, 0x91, 0xD1,
+  0x1C, 0x57, 0x1F, 0x1C, 0x65, 0xE5, 0x1C, 0x68, 0x2A, 0x1C, 0x67, 0x09,
+  0x1C, 0x79, 0x3E, 0x1C, 0x54, 0x0D, 0x1C, 0x72, 0x79, 0x1C, 0x8C, 0xA1,
+  0x1C, 0x79, 0x5D, 0x1C, 0x52, 0xB4, 0x1C, 0x79, 0xD8, 0x1C, 0x75, 0x37,
+  0x1C, 0x59, 0x73, 0x1C, 0x90, 0x69, 0x1C, 0x51, 0x2A, 0x1C, 0x53, 0x70,
+  0x1C, 0x6C, 0xE8, 0x1C, 0x98, 0x05, 0x1C, 0x4F, 0x11, 0x1C, 0x51, 0x99,
+  0x1C, 0x6B, 0x63, 0x1C, 0x4E, 0x0A, 0x1C, 0x4E, 0x2D, 0x1C, 0x4E, 0x0B,
+  0x1C, 0x5D, 0xE6, 0x1C, 0x53, 0xF3, 0x1C, 0x53, 0x3B, 0x1C, 0x5B, 0x97,
+  0x1C, 0x5B, 0x66, 0x1C, 0x76, 0xE3, 0x1C, 0x4F, 0x01, 0x1C, 0x8C, 0xC7,
+  0x1C, 0x53, 0x54, 0x1C, 0x59, 0x1C, 0x9C, 0x00, 0x33, 0x00, 0x00, 0x36,
+  0x9C, 0x00, 0x33, 0x00, 0x00, 0x37, 0x9C, 0x00, 0x33, 0x00, 0x00, 0x38,
+  0x9C, 0x00, 0x33, 0x00, 0x00, 0x39, 0x9C, 0x00, 0x34, 0x00, 0x00, 0x30,
+  0x9C, 0x00, 0x34, 0x00, 0x00, 0x31, 0x9C, 0x00, 0x34, 0x00, 0x00, 0x32,
+  0x9C, 0x00, 0x34, 0x00, 0x00, 0x33, 0x9C, 0x00, 0x34, 0x00, 0x00, 0x34,
+  0x9C, 0x00, 0x34, 0x00, 0x00, 0x35, 0x9C, 0x00, 0x34, 0x00, 0x00, 0x36,
+  0x9C, 0x00, 0x34, 0x00, 0x00, 0x37, 0x9C, 0x00, 0x34, 0x00, 0x00, 0x38,
+  0x9C, 0x00, 0x34, 0x00, 0x00, 0x39, 0x9C, 0x00, 0x35, 0x00, 0x00, 0x30,
+  0xC0, 0x00, 0x31, 0x00, 0x67, 0x08, 0xC0, 0x00, 0x32, 0x00, 0x67, 0x08,
+  0xC0, 0x00, 0x33, 0x00, 0x67, 0x08, 0xC0, 0x00, 0x34, 0x00, 0x67, 0x08,
+  0xC0, 0x00, 0x35, 0x00, 0x67, 0x08, 0xC0, 0x00, 0x36, 0x00, 0x67, 0x08,
+  0xC0, 0x00, 0x37, 0x00, 0x67, 0x08, 0xC0, 0x00, 0x38, 0x00, 0x67, 0x08,
+  0xC0, 0x00, 0x39, 0x00, 0x67, 0x08, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x30,
+  0x00, 0x67, 0x08, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x31, 0x00, 0x67, 0x08,
+  0xC0, 0x00, 0x31, 0x80, 0x00, 0x32, 0x00, 0x67, 0x08, 0xB8, 0x00, 0x48,
+  0x00, 0x00, 0x67, 0xB8, 0x00, 0x65, 0x80, 0x00, 0x72, 0x00, 0x00, 0x67,
+  0xB8, 0x00, 0x65, 0x00, 0x00, 0x56, 0xB8, 0x00, 0x4C, 0x80, 0x00, 0x54,
+  0x00, 0x00, 0x44, 0x1C, 0x30, 0xA2, 0x1C, 0x30, 0xA4, 0x1C, 0x30, 0xA6,
+  0x1C, 0x30, 0xA8, 0x1C, 0x30, 0xAA, 0x1C, 0x30, 0xAB, 0x1C, 0x30, 0xAD,
+  0x1C, 0x30, 0xAF, 0x1C, 0x30, 0xB1, 0x1C, 0x30, 0xB3, 0x1C, 0x30, 0xB5,
+  0x1C, 0x30, 0xB7, 0x1C, 0x30, 0xB9, 0x1C, 0x30, 0xBB, 0x1C, 0x30, 0xBD,
+  0x1C, 0x30, 0xBF, 0x1C, 0x30, 0xC1, 0x1C, 0x30, 0xC4, 0x1C, 0x30, 0xC6,
+  0x1C, 0x30, 0xC8, 0x1C, 0x30, 0xCA, 0x1C, 0x30, 0xCB, 0x1C, 0x30, 0xCC,
+  0x1C, 0x30, 0xCD, 0x1C, 0x30, 0xCE, 0x1C, 0x30, 0xCF, 0x1C, 0x30, 0xD2,
+  0x1C, 0x30, 0xD5, 0x1C, 0x30, 0xD8, 0x1C, 0x30, 0xDB, 0x1C, 0x30, 0xDE,
+  0x1C, 0x30, 0xDF, 0x1C, 0x30, 0xE0, 0x1C, 0x30, 0xE1, 0x1C, 0x30, 0xE2,
+  0x1C, 0x30, 0xE4, 0x1C, 0x30, 0xE6, 0x1C, 0x30, 0xE8, 0x1C, 0x30, 0xE9,
+  0x1C, 0x30, 0xEA, 0x1C, 0x30, 0xEB, 0x1C, 0x30, 0xEC, 0x1C, 0x30, 0xED,
+  0x1C, 0x30, 0xEF, 0x1C, 0x30, 0xF0, 0x1C, 0x30, 0xF1, 0x1C, 0x30, 0xF2,
+  0xB8, 0x30, 0xA2, 0x80, 0x30, 0xD1, 0x80, 0x30, 0xFC, 0x00, 0x30, 0xC8,
+  0xB8, 0x30, 0xA2, 0x80, 0x30, 0xEB, 0x80, 0x30, 0xD5, 0x00, 0x30, 0xA1,
+  0xB8, 0x30, 0xA2, 0x80, 0x30, 0xF3, 0x80, 0x30, 0xDA, 0x00, 0x30, 0xA2,
+  0xB8, 0x30, 0xA2, 0x80, 0x30, 0xFC, 0x00, 0x30, 0xEB, 0xB8, 0x30, 0xA4,
+  0x80, 0x30, 0xCB, 0x80, 0x30, 0xF3, 0x00, 0x30, 0xB0, 0xB8, 0x30, 0xA4,
+  0x80, 0x30, 0xF3, 0x00, 0x30, 0xC1, 0xB8, 0x30, 0xA6, 0x80, 0x30, 0xA9,
+  0x00, 0x30, 0xF3, 0xB8, 0x30, 0xA8, 0x80, 0x30, 0xB9, 0x80, 0x30, 0xAF,
+  0x80, 0x30, 0xFC, 0x00, 0x30, 0xC9, 0xB8, 0x30, 0xA8, 0x80, 0x30, 0xFC,
+  0x80, 0x30, 0xAB, 0x00, 0x30, 0xFC, 0xB8, 0x30, 0xAA, 0x80, 0x30, 0xF3,
+  0x00, 0x30, 0xB9, 0xB8, 0x30, 0xAA, 0x80, 0x30, 0xFC, 0x00, 0x30, 0xE0,
+  0xB8, 0x30, 0xAB, 0x80, 0x30, 0xA4, 0x00, 0x30, 0xEA, 0xB8, 0x30, 0xAB,
+  0x80, 0x30, 0xE9, 0x80, 0x30, 0xC3, 0x00, 0x30, 0xC8, 0xB8, 0x30, 0xAB,
+  0x80, 0x30, 0xED, 0x80, 0x30, 0xEA, 0x00, 0x30, 0xFC, 0xB8, 0x30, 0xAC,
+  0x80, 0x30, 0xED, 0x00, 0x30, 0xF3, 0xB8, 0x30, 0xAC, 0x80, 0x30, 0xF3,
+  0x00, 0x30, 0xDE, 0xB8, 0x30, 0xAE, 0x00, 0x30, 0xAC, 0xB8, 0x30, 0xAE,
+  0x80, 0x30, 0xCB, 0x00, 0x30, 0xFC, 0xB8, 0x30, 0xAD, 0x80, 0x30, 0xE5,
+  0x80, 0x30, 0xEA, 0x00, 0x30, 0xFC, 0xB8, 0x30, 0xAE, 0x80, 0x30, 0xEB,
+  0x80, 0x30, 0xC0, 0x00, 0x30, 0xFC, 0xB8, 0x30, 0xAD, 0x00, 0x30, 0xED,
+  0xB8, 0x30, 0xAD, 0x80, 0x30, 0xED, 0x80, 0x30, 0xB0, 0x80, 0x30, 0xE9,
+  0x00, 0x30, 0xE0, 0xB8, 0x30, 0xAD, 0x80, 0x30, 0xED, 0x80, 0x30, 0xE1,
+  0x80, 0x30, 0xFC, 0x80, 0x30, 0xC8, 0x00, 0x30, 0xEB, 0xB8, 0x30, 0xAD,
+  0x80, 0x30, 0xED, 0x80, 0x30, 0xEF, 0x80, 0x30, 0xC3, 0x00, 0x30, 0xC8,
+  0xB8, 0x30, 0xB0, 0x80, 0x30, 0xE9, 0x00, 0x30, 0xE0, 0xB8, 0x30, 0xB0,
+  0x80, 0x30, 0xE9, 0x80, 0x30, 0xE0, 0x80, 0x30, 0xC8, 0x00, 0x30, 0xF3,
+  0xB8, 0x30, 0xAF, 0x80, 0x30, 0xEB, 0x80, 0x30, 0xBC, 0x80, 0x30, 0xA4,
+  0x00, 0x30, 0xED, 0xB8, 0x30, 0xAF, 0x80, 0x30, 0xED, 0x80, 0x30, 0xFC,
+  0x00, 0x30, 0xCD, 0xB8, 0x30, 0xB1, 0x80, 0x30, 0xFC, 0x00, 0x30, 0xB9,
+  0xB8, 0x30, 0xB3, 0x80, 0x30, 0xEB, 0x00, 0x30, 0xCA, 0xB8, 0x30, 0xB3,
+  0x80, 0x30, 0xFC, 0x00, 0x30, 0xDD, 0xB8, 0x30, 0xB5, 0x80, 0x30, 0xA4,
+  0x80, 0x30, 0xAF, 0x00, 0x30, 0xEB, 0xB8, 0x30, 0xB5, 0x80, 0x30, 0xF3,
+  0x80, 0x30, 0xC1, 0x80, 0x30, 0xFC, 0x00, 0x30, 0xE0, 0xB8, 0x30, 0xB7,
+  0x80, 0x30, 0xEA, 0x80, 0x30, 0xF3, 0x00, 0x30, 0xB0, 0xB8, 0x30, 0xBB,
+  0x80, 0x30, 0xF3, 0x00, 0x30, 0xC1, 0xB8, 0x30, 0xBB, 0x80, 0x30, 0xF3,
+  0x00, 0x30, 0xC8, 0xB8, 0x30, 0xC0, 0x80, 0x30, 0xFC, 0x00, 0x30, 0xB9,
+  0xB8, 0x30, 0xC7, 0x00, 0x30, 0xB7, 0xB8, 0x30, 0xC9, 0x00, 0x30, 0xEB,
+  0xB8, 0x30, 0xC8, 0x00, 0x30, 0xF3, 0xB8, 0x30, 0xCA, 0x00, 0x30, 0xCE,
+  0xB8, 0x30, 0xCE, 0x80, 0x30, 0xC3, 0x00, 0x30, 0xC8, 0xB8, 0x30, 0xCF,
+  0x80, 0x30, 0xA4, 0x00, 0x30, 0xC4, 0xB8, 0x30, 0xD1, 0x80, 0x30, 0xFC,
+  0x80, 0x30, 0xBB, 0x80, 0x30, 0xF3, 0x00, 0x30, 0xC8, 0xB8, 0x30, 0xD1,
+  0x80, 0x30, 0xFC, 0x00, 0x30, 0xC4, 0xB8, 0x30, 0xD0, 0x80, 0x30, 0xFC,
+  0x80, 0x30, 0xEC, 0x00, 0x30, 0xEB, 0xB8, 0x30, 0xD4, 0x80, 0x30, 0xA2,
+  0x80, 0x30, 0xB9, 0x80, 0x30, 0xC8, 0x00, 0x30, 0xEB, 0xB8, 0x30, 0xD4,
+  0x80, 0x30, 0xAF, 0x00, 0x30, 0xEB, 0xB8, 0x30, 0xD4, 0x00, 0x30, 0xB3,
+  0xB8, 0x30, 0xD3, 0x00, 0x30, 0xEB, 0xB8, 0x30, 0xD5, 0x80, 0x30, 0xA1,
+  0x80, 0x30, 0xE9, 0x80, 0x30, 0xC3, 0x00, 0x30, 0xC9, 0xB8, 0x30, 0xD5,
+  0x80, 0x30, 0xA3, 0x80, 0x30, 0xFC, 0x00, 0x30, 0xC8, 0xB8, 0x30, 0xD6,
+  0x80, 0x30, 0xC3, 0x80, 0x30, 0xB7, 0x80, 0x30, 0xA7, 0x00, 0x30, 0xEB,
+  0xB8, 0x30, 0xD5, 0x80, 0x30, 0xE9, 0x00, 0x30, 0xF3, 0xB8, 0x30, 0xD8,
+  0x80, 0x30, 0xAF, 0x80, 0x30, 0xBF, 0x80, 0x30, 0xFC, 0x00, 0x30, 0xEB,
+  0xB8, 0x30, 0xDA, 0x00, 0x30, 0xBD, 0xB8, 0x30, 0xDA, 0x80, 0x30, 0xCB,
+  0x00, 0x30, 0xD2, 0xB8, 0x30, 0xD8, 0x80, 0x30, 0xEB, 0x00, 0x30, 0xC4,
+  0xB8, 0x30, 0xDA, 0x80, 0x30, 0xF3, 0x00, 0x30, 0xB9, 0xB8, 0x30, 0xDA,
+  0x80, 0x30, 0xFC, 0x00, 0x30, 0xB8, 0xB8, 0x30, 0xD9, 0x80, 0x30, 0xFC,
+  0x00, 0x30, 0xBF, 0xB8, 0x30, 0xDD, 0x80, 0x30, 0xA4, 0x80, 0x30, 0xF3,
+  0x00, 0x30, 0xC8, 0xB8, 0x30, 0xDC, 0x80, 0x30, 0xEB, 0x00, 0x30, 0xC8,
+  0xB8, 0x30, 0xDB, 0x00, 0x30, 0xF3, 0xB8, 0x30, 0xDD, 0x80, 0x30, 0xF3,
+  0x00, 0x30, 0xC9, 0xB8, 0x30, 0xDB, 0x80, 0x30, 0xFC, 0x00, 0x30, 0xEB,
+  0xB8, 0x30, 0xDB, 0x80, 0x30, 0xFC, 0x00, 0x30, 0xF3, 0xB8, 0x30, 0xDE,
+  0x80, 0x30, 0xA4, 0x80, 0x30, 0xAF, 0x00, 0x30, 0xED, 0xB8, 0x30, 0xDE,
+  0x80, 0x30, 0xA4, 0x00, 0x30, 0xEB, 0xB8, 0x30, 0xDE, 0x80, 0x30, 0xC3,
+  0x00, 0x30, 0xCF, 0xB8, 0x30, 0xDE, 0x80, 0x30, 0xEB, 0x00, 0x30, 0xAF,
+  0xB8, 0x30, 0xDE, 0x80, 0x30, 0xF3, 0x80, 0x30, 0xB7, 0x80, 0x30, 0xE7,
+  0x00, 0x30, 0xF3, 0xB8, 0x30, 0xDF, 0x80, 0x30, 0xAF, 0x80, 0x30, 0xED,
+  0x00, 0x30, 0xF3, 0xB8, 0x30, 0xDF, 0x00, 0x30, 0xEA, 0xB8, 0x30, 0xDF,
+  0x80, 0x30, 0xEA, 0x80, 0x30, 0xD0, 0x80, 0x30, 0xFC, 0x00, 0x30, 0xEB,
+  0xB8, 0x30, 0xE1, 0x00, 0x30, 0xAC, 0xB8, 0x30, 0xE1, 0x80, 0x30, 0xAC,
+  0x80, 0x30, 0xC8, 0x00, 0x30, 0xF3, 0xB8, 0x30, 0xE1, 0x80, 0x30, 0xFC,
+  0x80, 0x30, 0xC8, 0x00, 0x30, 0xEB, 0xB8, 0x30, 0xE4, 0x80, 0x30, 0xFC,
+  0x00, 0x30, 0xC9, 0xB8, 0x30, 0xE4, 0x80, 0x30, 0xFC, 0x00, 0x30, 0xEB,
+  0xB8, 0x30, 0xE6, 0x80, 0x30, 0xA2, 0x00, 0x30, 0xF3, 0xB8, 0x30, 0xEA,
+  0x80, 0x30, 0xC3, 0x80, 0x30, 0xC8, 0x00, 0x30, 0xEB, 0xB8, 0x30, 0xEA,
+  0x00, 0x30, 0xE9, 0xB8, 0x30, 0xEB, 0x80, 0x30, 0xD4, 0x00, 0x30, 0xFC,
+  0xB8, 0x30, 0xEB, 0x80, 0x30, 0xFC, 0x80, 0x30, 0xD6, 0x00, 0x30, 0xEB,
+  0xB8, 0x30, 0xEC, 0x00, 0x30, 0xE0, 0xB8, 0x30, 0xEC, 0x80, 0x30, 0xF3,
+  0x80, 0x30, 0xC8, 0x80, 0x30, 0xB2, 0x00, 0x30, 0xF3, 0xB8, 0x30, 0xEF,
+  0x80, 0x30, 0xC3, 0x00, 0x30, 0xC8, 0xC0, 0x00, 0x30, 0x00, 0x70, 0xB9,
+  0xC0, 0x00, 0x31, 0x00, 0x70, 0xB9, 0xC0, 0x00, 0x32, 0x00, 0x70, 0xB9,
+  0xC0, 0x00, 0x33, 0x00, 0x70, 0xB9, 0xC0, 0x00, 0x34, 0x00, 0x70, 0xB9,
+  0xC0, 0x00, 0x35, 0x00, 0x70, 0xB9, 0xC0, 0x00, 0x36, 0x00, 0x70, 0xB9,
+  0xC0, 0x00, 0x37, 0x00, 0x70, 0xB9, 0xC0, 0x00, 0x38, 0x00, 0x70, 0xB9,
+  0xC0, 0x00, 0x39, 0x00, 0x70, 0xB9, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x30,
+  0x00, 0x70, 0xB9, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x31, 0x00, 0x70, 0xB9,
+  0xC0, 0x00, 0x31, 0x80, 0x00, 0x32, 0x00, 0x70, 0xB9, 0xC0, 0x00, 0x31,
+  0x80, 0x00, 0x33, 0x00, 0x70, 0xB9, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x34,
+  0x00, 0x70, 0xB9, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x35, 0x00, 0x70, 0xB9,
+  0xC0, 0x00, 0x31, 0x80, 0x00, 0x36, 0x00, 0x70, 0xB9, 0xC0, 0x00, 0x31,
+  0x80, 0x00, 0x37, 0x00, 0x70, 0xB9, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x38,
+  0x00, 0x70, 0xB9, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x39, 0x00, 0x70, 0xB9,
+  0xC0, 0x00, 0x32, 0x80, 0x00, 0x30, 0x00, 0x70, 0xB9, 0xC0, 0x00, 0x32,
+  0x80, 0x00, 0x31, 0x00, 0x70, 0xB9, 0xC0, 0x00, 0x32, 0x80, 0x00, 0x32,
+  0x00, 0x70, 0xB9, 0xC0, 0x00, 0x32, 0x80, 0x00, 0x33, 0x00, 0x70, 0xB9,
+  0xC0, 0x00, 0x32, 0x80, 0x00, 0x34, 0x00, 0x70, 0xB9, 0xB8, 0x00, 0x68,
+  0x80, 0x00, 0x50, 0x00, 0x00, 0x61, 0xB8, 0x00, 0x64, 0x00, 0x00, 0x61,
+  0xB8, 0x00, 0x41, 0x00, 0x00, 0x55, 0xB8, 0x00, 0x62, 0x80, 0x00, 0x61,
+  0x00, 0x00, 0x72, 0xB8, 0x00, 0x6F, 0x00, 0x00, 0x56, 0xB8, 0x00, 0x70,
+  0x00, 0x00, 0x63, 0xB8, 0x00, 0x64, 0x00, 0x00, 0x6D, 0xB8, 0x00, 0x64,
+  0x80, 0x00, 0x6D, 0x00, 0x00, 0xB2, 0xB8, 0x00, 0x64, 0x80, 0x00, 0x6D,
+  0x00, 0x00, 0xB3, 0xB8, 0x00, 0x49, 0x00, 0x00, 0x55, 0xB8, 0x5E, 0x73,
+  0x00, 0x62, 0x10, 0xB8, 0x66, 0x2D, 0x00, 0x54, 0x8C, 0xB8, 0x59, 0x27,
+  0x00, 0x6B, 0x63, 0xB8, 0x66, 0x0E, 0x00, 0x6C, 0xBB, 0xB8, 0x68, 0x2A,
+  0x80, 0x5F, 0x0F, 0x80, 0x4F, 0x1A, 0x00, 0x79, 0x3E, 0xB8, 0x00, 0x70,
+  0x00, 0x00, 0x41, 0xB8, 0x00, 0x6E, 0x00, 0x00, 0x41, 0xB8, 0x03, 0xBC,
+  0x00, 0x00, 0x41, 0xB8, 0x00, 0x6D, 0x00, 0x00, 0x41, 0xB8, 0x00, 0x6B,
+  0x00, 0x00, 0x41, 0xB8, 0x00, 0x4B, 0x00, 0x00, 0x42, 0xB8, 0x00, 0x4D,
+  0x00, 0x00, 0x42, 0xB8, 0x00, 0x47, 0x00, 0x00, 0x42, 0xB8, 0x00, 0x63,
+  0x80, 0x00, 0x61, 0x00, 0x00, 0x6C, 0xB8, 0x00, 0x6B, 0x80, 0x00, 0x63,
+  0x80, 0x00, 0x61, 0x00, 0x00, 0x6C, 0xB8, 0x00, 0x70, 0x00, 0x00, 0x46,
+  0xB8, 0x00, 0x6E, 0x00, 0x00, 0x46, 0xB8, 0x03, 0xBC, 0x00, 0x00, 0x46,
+  0xB8, 0x03, 0xBC, 0x00, 0x00, 0x67, 0xB8, 0x00, 0x6D, 0x00, 0x00, 0x67,
+  0xB8, 0x00, 0x6B, 0x00, 0x00, 0x67, 0xB8, 0x00, 0x48, 0x00, 0x00, 0x7A,
+  0xB8, 0x00, 0x6B, 0x80, 0x00, 0x48, 0x00, 0x00, 0x7A, 0xB8, 0x00, 0x4D,
+  0x80, 0x00, 0x48, 0x00, 0x00, 0x7A, 0xB8, 0x00, 0x47, 0x80, 0x00, 0x48,
+  0x00, 0x00, 0x7A, 0xB8, 0x00, 0x54, 0x80, 0x00, 0x48, 0x00, 0x00, 0x7A,
+  0xB8, 0x03, 0xBC, 0x00, 0x21, 0x13, 0xB8, 0x00, 0x6D, 0x00, 0x21, 0x13,
+  0xB8, 0x00, 0x64, 0x00, 0x21, 0x13, 0xB8, 0x00, 0x6B, 0x00, 0x21, 0x13,
+  0xB8, 0x00, 0x66, 0x00, 0x00, 0x6D, 0xB8, 0x00, 0x6E, 0x00, 0x00, 0x6D,
+  0xB8, 0x03, 0xBC, 0x00, 0x00, 0x6D, 0xB8, 0x00, 0x6D, 0x00, 0x00, 0x6D,
+  0xB8, 0x00, 0x63, 0x00, 0x00, 0x6D, 0xB8, 0x00, 0x6B, 0x00, 0x00, 0x6D,
+  0xB8, 0x00, 0x6D, 0x80, 0x00, 0x6D, 0x00, 0x00, 0xB2, 0xB8, 0x00, 0x63,
+  0x80, 0x00, 0x6D, 0x00, 0x00, 0xB2, 0xB8, 0x00, 0x6D, 0x00, 0x00, 0xB2,
+  0xB8, 0x00, 0x6B, 0x80, 0x00, 0x6D, 0x00, 0x00, 0xB2, 0xB8, 0x00, 0x6D,
+  0x80, 0x00, 0x6D, 0x00, 0x00, 0xB3, 0xB8, 0x00, 0x63, 0x80, 0x00, 0x6D,
+  0x00, 0x00, 0xB3, 0xB8, 0x00, 0x6D, 0x00, 0x00, 0xB3, 0xB8, 0x00, 0x6B,
+  0x80, 0x00, 0x6D, 0x00, 0x00, 0xB3, 0xB8, 0x00, 0x6D, 0x80, 0x22, 0x15,
+  0x00, 0x00, 0x73, 0xB8, 0x00, 0x6D, 0x80, 0x22, 0x15, 0x80, 0x00, 0x73,
+  0x00, 0x00, 0xB2, 0xB8, 0x00, 0x50, 0x00, 0x00, 0x61, 0xB8, 0x00, 0x6B,
+  0x80, 0x00, 0x50, 0x00, 0x00, 0x61, 0xB8, 0x00, 0x4D, 0x80, 0x00, 0x50,
+  0x00, 0x00, 0x61, 0xB8, 0x00, 0x47, 0x80, 0x00, 0x50, 0x00, 0x00, 0x61,
+  0xB8, 0x00, 0x72, 0x80, 0x00, 0x61, 0x00, 0x00, 0x64, 0xB8, 0x00, 0x72,
+  0x80, 0x00, 0x61, 0x80, 0x00, 0x64, 0x80, 0x22, 0x15, 0x00, 0x00, 0x73,
+  0xB8, 0x00, 0x72, 0x80, 0x00, 0x61, 0x80, 0x00, 0x64, 0x80, 0x22, 0x15,
+  0x80, 0x00, 0x73, 0x00, 0x00, 0xB2, 0xB8, 0x00, 0x70, 0x00, 0x00, 0x73,
+  0xB8, 0x00, 0x6E, 0x00, 0x00, 0x73, 0xB8, 0x03, 0xBC, 0x00, 0x00, 0x73,
+  0xB8, 0x00, 0x6D, 0x00, 0x00, 0x73, 0xB8, 0x00, 0x70, 0x00, 0x00, 0x56,
+  0xB8, 0x00, 0x6E, 0x00, 0x00, 0x56, 0xB8, 0x03, 0xBC, 0x00, 0x00, 0x56,
+  0xB8, 0x00, 0x6D, 0x00, 0x00, 0x56, 0xB8, 0x00, 0x6B, 0x00, 0x00, 0x56,
+  0xB8, 0x00, 0x4D, 0x00, 0x00, 0x56, 0xB8, 0x00, 0x70, 0x00, 0x00, 0x57,
+  0xB8, 0x00, 0x6E, 0x00, 0x00, 0x57, 0xB8, 0x03, 0xBC, 0x00, 0x00, 0x57,
+  0xB8, 0x00, 0x6D, 0x00, 0x00, 0x57, 0xB8, 0x00, 0x6B, 0x00, 0x00, 0x57,
+  0xB8, 0x00, 0x4D, 0x00, 0x00, 0x57, 0xB8, 0x00, 0x6B, 0x00, 0x03, 0xA9,
+  0xB8, 0x00, 0x4D, 0x00, 0x03, 0xA9, 0xB8, 0x00, 0x61, 0x80, 0x00, 0x2E,
+  0x80, 0x00, 0x6D, 0x00, 0x00, 0x2E, 0xB8, 0x00, 0x42, 0x00, 0x00, 0x71,
+  0xB8, 0x00, 0x63, 0x00, 0x00, 0x63, 0xB8, 0x00, 0x63, 0x00, 0x00, 0x64,
+  0xB8, 0x00, 0x43, 0x80, 0x22, 0x15, 0x80, 0x00, 0x6B, 0x00, 0x00, 0x67,
+  0xB8, 0x00, 0x43, 0x80, 0x00, 0x6F, 0x00, 0x00, 0x2E, 0xB8, 0x00, 0x64,
+  0x00, 0x00, 0x42, 0xB8, 0x00, 0x47, 0x00, 0x00, 0x79, 0xB8, 0x00, 0x68,
+  0x00, 0x00, 0x61, 0xB8, 0x00, 0x48, 0x00, 0x00, 0x50, 0xB8, 0x00, 0x69,
+  0x00, 0x00, 0x6E, 0xB8, 0x00, 0x4B, 0x00, 0x00, 0x4B, 0xB8, 0x00, 0x4B,
+  0x00, 0x00, 0x4D, 0xB8, 0x00, 0x6B, 0x00, 0x00, 0x74, 0xB8, 0x00, 0x6C,
+  0x00, 0x00, 0x6D, 0xB8, 0x00, 0x6C, 0x00, 0x00, 0x6E, 0xB8, 0x00, 0x6C,
+  0x80, 0x00, 0x6F, 0x00, 0x00, 0x67, 0xB8, 0x00, 0x6C, 0x00, 0x00, 0x78,
+  0xB8, 0x00, 0x6D, 0x00, 0x00, 0x62, 0xB8, 0x00, 0x6D, 0x80, 0x00, 0x69,
+  0x00, 0x00, 0x6C, 0xB8, 0x00, 0x6D, 0x80, 0x00, 0x6F, 0x00, 0x00, 0x6C,
+  0xB8, 0x00, 0x50, 0x00, 0x00, 0x48, 0xB8, 0x00, 0x70, 0x80, 0x00, 0x2E,
+  0x80, 0x00, 0x6D, 0x00, 0x00, 0x2E, 0xB8, 0x00, 0x50, 0x80, 0x00, 0x50,
+  0x00, 0x00, 0x4D, 0xB8, 0x00, 0x50, 0x00, 0x00, 0x52, 0xB8, 0x00, 0x73,
+  0x00, 0x00, 0x72, 0xB8, 0x00, 0x53, 0x00, 0x00, 0x76, 0xB8, 0x00, 0x57,
+  0x00, 0x00, 0x62, 0xB8, 0x00, 0x56, 0x80, 0x22, 0x15, 0x00, 0x00, 0x6D,
+  0xB8, 0x00, 0x41, 0x80, 0x22, 0x15, 0x00, 0x00, 0x6D, 0xC0, 0x00, 0x31,
+  0x00, 0x65, 0xE5, 0xC0, 0x00, 0x32, 0x00, 0x65, 0xE5, 0xC0, 0x00, 0x33,
+  0x00, 0x65, 0xE5, 0xC0, 0x00, 0x34, 0x00, 0x65, 0xE5, 0xC0, 0x00, 0x35,
+  0x00, 0x65, 0xE5, 0xC0, 0x00, 0x36, 0x00, 0x65, 0xE5, 0xC0, 0x00, 0x37,
+  0x00, 0x65, 0xE5, 0xC0, 0x00, 0x38, 0x00, 0x65, 0xE5, 0xC0, 0x00, 0x39,
+  0x00, 0x65, 0xE5, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x30, 0x00, 0x65, 0xE5,
+  0xC0, 0x00, 0x31, 0x80, 0x00, 0x31, 0x00, 0x65, 0xE5, 0xC0, 0x00, 0x31,
+  0x80, 0x00, 0x32, 0x00, 0x65, 0xE5, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x33,
+  0x00, 0x65, 0xE5, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x34, 0x00, 0x65, 0xE5,
+  0xC0, 0x00, 0x31, 0x80, 0x00, 0x35, 0x00, 0x65, 0xE5, 0xC0, 0x00, 0x31,
+  0x80, 0x00, 0x36, 0x00, 0x65, 0xE5, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x37,
+  0x00, 0x65, 0xE5, 0xC0, 0x00, 0x31, 0x80, 0x00, 0x38, 0x00, 0x65, 0xE5,
+  0xC0, 0x00, 0x31, 0x80, 0x00, 0x39, 0x00, 0x65, 0xE5, 0xC0, 0x00, 0x32,
+  0x80, 0x00, 0x30, 0x00, 0x65, 0xE5, 0xC0, 0x00, 0x32, 0x80, 0x00, 0x31,
+  0x00, 0x65, 0xE5, 0xC0, 0x00, 0x32, 0x80, 0x00, 0x32, 0x00, 0x65, 0xE5,
+  0xC0, 0x00, 0x32, 0x80, 0x00, 0x33, 0x00, 0x65, 0xE5, 0xC0, 0x00, 0x32,
+  0x80, 0x00, 0x34, 0x00, 0x65, 0xE5, 0xC0, 0x00, 0x32, 0x80, 0x00, 0x35,
+  0x00, 0x65, 0xE5, 0xC0, 0x00, 0x32, 0x80, 0x00, 0x36, 0x00, 0x65, 0xE5,
+  0xC0, 0x00, 0x32, 0x80, 0x00, 0x37, 0x00, 0x65, 0xE5, 0xC0, 0x00, 0x32,
+  0x80, 0x00, 0x38, 0x00, 0x65, 0xE5, 0xC0, 0x00, 0x32, 0x80, 0x00, 0x39,
+  0x00, 0x65, 0xE5, 0xC0, 0x00, 0x33, 0x80, 0x00, 0x30, 0x00, 0x65, 0xE5,
+  0xC0, 0x00, 0x33, 0x80, 0x00, 0x31, 0x00, 0x65, 0xE5, 0xB8, 0x00, 0x67,
+  0x80, 0x00, 0x61, 0x00, 0x00, 0x6C, 0x20, 0x04, 0x4A, 0x20, 0x04, 0x4C,
+  0x20, 0xA7, 0x6F, 0x20, 0x01, 0x26, 0x20, 0x01, 0x53, 0x20, 0xA7, 0x27,
+  0x20, 0xAB, 0x37, 0x20, 0x02, 0x6B, 0x20, 0xAB, 0x52, 0x00, 0x8C, 0x48,
+  0x00, 0x66, 0xF4, 0x00, 0x8E, 0xCA, 0x00, 0x8C, 0xC8, 0x00, 0x6E, 0xD1,
+  0x00, 0x4E, 0x32, 0x00, 0x53, 0xE5, 0x00, 0x9F, 0x9C, 0x00, 0x9F, 0x9C,
+  0x00, 0x59, 0x51, 0x00, 0x91, 0xD1, 0x00, 0x55, 0x87, 0x00, 0x59, 0x48,
+  0x00, 0x61, 0xF6, 0x00, 0x76, 0x69, 0x00, 0x7F, 0x85, 0x00, 0x86, 0x3F,
+  0x00, 0x87, 0xBA, 0x00, 0x88, 0xF8, 0x00, 0x90, 0x8F, 0x00, 0x6A, 0x02,
+  0x00, 0x6D, 0x1B, 0x00, 0x70, 0xD9, 0x00, 0x73, 0xDE, 0x00, 0x84, 0x3D,
+  0x00, 0x91, 0x6A, 0x00, 0x99, 0xF1, 0x00, 0x4E, 0x82, 0x00, 0x53, 0x75,
+  0x00, 0x6B, 0x04, 0x00, 0x72, 0x1B, 0x00, 0x86, 0x2D, 0x00, 0x9E, 0x1E,
+  0x00, 0x5D, 0x50, 0x00, 0x6F, 0xEB, 0x00, 0x85, 0xCD, 0x00, 0x89, 0x64,
+  0x00, 0x62, 0xC9, 0x00, 0x81, 0xD8, 0x00, 0x88, 0x1F, 0x00, 0x5E, 0xCA,
+  0x00, 0x67, 0x17, 0x00, 0x6D, 0x6A, 0x00, 0x72, 0xFC, 0x00, 0x90, 0xCE,
+  0x00, 0x4F, 0x86, 0x00, 0x51, 0xB7, 0x00, 0x52, 0xDE, 0x00, 0x64, 0xC4,
+  0x00, 0x6A, 0xD3, 0x00, 0x72, 0x10, 0x00, 0x76, 0xE7, 0x00, 0x80, 0x01,
+  0x00, 0x86, 0x06, 0x00, 0x86, 0x5C, 0x00, 0x8D, 0xEF, 0x00, 0x97, 0x32,
+  0x00, 0x9B, 0x6F, 0x00, 0x9D, 0xFA, 0x00, 0x78, 0x8C, 0x00, 0x79, 0x7F,
+  0x00, 0x7D, 0xA0, 0x00, 0x83, 0xC9, 0x00, 0x93, 0x04, 0x00, 0x9E, 0x7F,
+  0x00, 0x8A, 0xD6, 0x00, 0x58, 0xDF, 0x00, 0x5F, 0x04, 0x00, 0x7C, 0x60,
+  0x00, 0x80, 0x7E, 0x00, 0x72, 0x62, 0x00, 0x78, 0xCA, 0x00, 0x8C, 0xC2,
+  0x00, 0x96, 0xF7, 0x00, 0x58, 0xD8, 0x00, 0x5C, 0x62, 0x00, 0x6A, 0x13,
+  0x00, 0x6D, 0xDA, 0x00, 0x6F, 0x0F, 0x00, 0x7D, 0x2F, 0x00, 0x7E, 0x37,
+  0x00, 0x96, 0x4B, 0x00, 0x52, 0xD2, 0x00, 0x80, 0x8B, 0x00, 0x51, 0xDC,
+  0x00, 0x51, 0xCC, 0x00, 0x7A, 0x1C, 0x00, 0x7D, 0xBE, 0x00, 0x83, 0xF1,
+  0x00, 0x96, 0x75, 0x00, 0x8B, 0x80, 0x00, 0x62, 0xCF, 0x00, 0x6A, 0x02,
+  0x00, 0x8A, 0xFE, 0x00, 0x4E, 0x39, 0x00, 0x5B, 0xE7, 0x00, 0x60, 0x12,
+  0x00, 0x73, 0x87, 0x00, 0x75, 0x70, 0x00, 0x53, 0x17, 0x00, 0x78, 0xFB,
+  0x00, 0x4F, 0xBF, 0x00, 0x5F, 0xA9, 0x00, 0x4E, 0x0D, 0x00, 0x6C, 0xCC,
+  0x00, 0x65, 0x78, 0x00, 0x7D, 0x22, 0x00, 0x53, 0xC3, 0x00, 0x58, 0x5E,
+  0x00, 0x77, 0x01, 0x00, 0x84, 0x49, 0x00, 0x8A, 0xAA, 0x00, 0x6B, 0xBA,
+  0x00, 0x8F, 0xB0, 0x00, 0x6C, 0x88, 0x00, 0x62, 0xFE, 0x00, 0x82, 0xE5,
+  0x00, 0x63, 0xA0, 0x00, 0x75, 0x65, 0x00, 0x4E, 0xAE, 0x00, 0x51, 0x69,
+  0x00, 0x51, 0xC9, 0x00, 0x68, 0x81, 0x00, 0x7C, 0xE7, 0x00, 0x82, 0x6F,
+  0x00, 0x8A, 0xD2, 0x00, 0x91, 0xCF, 0x00, 0x52, 0xF5, 0x00, 0x54, 0x42,
+  0x00, 0x59, 0x73, 0x00, 0x5E, 0xEC, 0x00, 0x65, 0xC5, 0x00, 0x6F, 0xFE,
+  0x00, 0x79, 0x2A, 0x00, 0x95, 0xAD, 0x00, 0x9A, 0x6A, 0x00, 0x9E, 0x97,
+  0x00, 0x9E, 0xCE, 0x00, 0x52, 0x9B, 0x00, 0x66, 0xC6, 0x00, 0x6B, 0x77,
+  0x00, 0x8F, 0x62, 0x00, 0x5E, 0x74, 0x00, 0x61, 0x90, 0x00, 0x62, 0x00,
+  0x00, 0x64, 0x9A, 0x00, 0x6F, 0x23, 0x00, 0x71, 0x49, 0x00, 0x74, 0x89,
+  0x00, 0x79, 0xCA, 0x00, 0x7D, 0xF4, 0x00, 0x80, 0x6F, 0x00, 0x8F, 0x26,
+  0x00, 0x84, 0xEE, 0x00, 0x90, 0x23, 0x00, 0x93, 0x4A, 0x00, 0x52, 0x17,
+  0x00, 0x52, 0xA3, 0x00, 0x54, 0xBD, 0x00, 0x70, 0xC8, 0x00, 0x88, 0xC2,
+  0x00, 0x8A, 0xAA, 0x00, 0x5E, 0xC9, 0x00, 0x5F, 0xF5, 0x00, 0x63, 0x7B,
+  0x00, 0x6B, 0xAE, 0x00, 0x7C, 0x3E, 0x00, 0x73, 0x75, 0x00, 0x4E, 0xE4,
+  0x00, 0x56, 0xF9, 0x00, 0x5B, 0xE7, 0x00, 0x5D, 0xBA, 0x00, 0x60, 0x1C,
+  0x00, 0x73, 0xB2, 0x00, 0x74, 0x69, 0x00, 0x7F, 0x9A, 0x00, 0x80, 0x46,
+  0x00, 0x92, 0x34, 0x00, 0x96, 0xF6, 0x00, 0x97, 0x48, 0x00, 0x98, 0x18,
+  0x00, 0x4F, 0x8B, 0x00, 0x79, 0xAE, 0x00, 0x91, 0xB4, 0x00, 0x96, 0xB8,
+  0x00, 0x60, 0xE1, 0x00, 0x4E, 0x86, 0x00, 0x50, 0xDA, 0x00, 0x5B, 0xEE,
+  0x00, 0x5C, 0x3F, 0x00, 0x65, 0x99, 0x00, 0x6A, 0x02, 0x00, 0x71, 0xCE,
+  0x00, 0x76, 0x42, 0x00, 0x84, 0xFC, 0x00, 0x90, 0x7C, 0x00, 0x9F, 0x8D,
+  0x00, 0x66, 0x88, 0x00, 0x96, 0x2E, 0x00, 0x52, 0x89, 0x00, 0x67, 0x7B,
+  0x00, 0x67, 0xF3, 0x00, 0x6D, 0x41, 0x00, 0x6E, 0x9C, 0x00, 0x74, 0x09,
+  0x00, 0x75, 0x59, 0x00, 0x78, 0x6B, 0x00, 0x7D, 0x10, 0x00, 0x98, 0x5E,
+  0x00, 0x51, 0x6D, 0x00, 0x62, 0x2E, 0x00, 0x96, 0x78, 0x00, 0x50, 0x2B,
+  0x00, 0x5D, 0x19, 0x00, 0x6D, 0xEA, 0x00, 0x8F, 0x2A, 0x00, 0x5F, 0x8B,
+  0x00, 0x61, 0x44, 0x00, 0x68, 0x17, 0x00, 0x73, 0x87, 0x00, 0x96, 0x86,
+  0x00, 0x52, 0x29, 0x00, 0x54, 0x0F, 0x00, 0x5C, 0x65, 0x00, 0x66, 0x13,
+  0x00, 0x67, 0x4E, 0x00, 0x68, 0xA8, 0x00, 0x6C, 0xE5, 0x00, 0x74, 0x06,
+  0x00, 0x75, 0xE2, 0x00, 0x7F, 0x79, 0x00, 0x88, 0xCF, 0x00, 0x88, 0xE1,
+  0x00, 0x91, 0xCC, 0x00, 0x96, 0xE2, 0x00, 0x53, 0x3F, 0x00, 0x6E, 0xBA,
+  0x00, 0x54, 0x1D, 0x00, 0x71, 0xD0, 0x00, 0x74, 0x98, 0x00, 0x85, 0xFA,
+  0x00, 0x96, 0xA3, 0x00, 0x9C, 0x57, 0x00, 0x9E, 0x9F, 0x00, 0x67, 0x97,
+  0x00, 0x6D, 0xCB, 0x00, 0x81, 0xE8, 0x00, 0x7A, 0xCB, 0x00, 0x7B, 0x20,
+  0x00, 0x7C, 0x92, 0x00, 0x72, 0xC0, 0x00, 0x70, 0x99, 0x00, 0x8B, 0x58,
+  0x00, 0x4E, 0xC0, 0x00, 0x83, 0x36, 0x00, 0x52, 0x3A, 0x00, 0x52, 0x07,
+  0x00, 0x5E, 0xA6, 0x00, 0x62, 0xD3, 0x00, 0x7C, 0xD6, 0x00, 0x5B, 0x85,
+  0x00, 0x6D, 0x1E, 0x00, 0x66, 0xB4, 0x00, 0x8F, 0x3B, 0x00, 0x88, 0x4C,
+  0x00, 0x96, 0x4D, 0x00, 0x89, 0x8B, 0x00, 0x5E, 0xD3, 0x00, 0x51, 0x40,
+  0x00, 0x55, 0xC0, 0x00, 0x58, 0x5A, 0x00, 0x66, 0x74, 0x00, 0x51, 0xDE,
+  0x00, 0x73, 0x2A, 0x00, 0x76, 0xCA, 0x00, 0x79, 0x3C, 0x00, 0x79, 0x5E,
+  0x00, 0x79, 0x65, 0x00, 0x79, 0x8F, 0x00, 0x97, 0x56, 0x00, 0x7C, 0xBE,
+  0x00, 0x7F, 0xBD, 0x00, 0x86, 0x12, 0x00, 0x8A, 0xF8, 0x00, 0x90, 0x38,
+  0x00, 0x90, 0xFD, 0x00, 0x98, 0xEF, 0x00, 0x98, 0xFC, 0x00, 0x99, 0x28,
+  0x00, 0x9D, 0xB4, 0x00, 0x90, 0xDE, 0x00, 0x96, 0xB7, 0x00, 0x4F, 0xAE,
+  0x00, 0x50, 0xE7, 0x00, 0x51, 0x4D, 0x00, 0x52, 0xC9, 0x00, 0x52, 0xE4,
+  0x00, 0x53, 0x51, 0x00, 0x55, 0x9D, 0x00, 0x56, 0x06, 0x00, 0x56, 0x68,
+  0x00, 0x58, 0x40, 0x00, 0x58, 0xA8, 0x00, 0x5C, 0x64, 0x00, 0x5C, 0x6E,
+  0x00, 0x60, 0x94, 0x00, 0x61, 0x68, 0x00, 0x61, 0x8E, 0x00, 0x61, 0xF2,
+  0x00, 0x65, 0x4F, 0x00, 0x65, 0xE2, 0x00, 0x66, 0x91, 0x00, 0x68, 0x85,
+  0x00, 0x6D, 0x77, 0x00, 0x6E, 0x1A, 0x00, 0x6F, 0x22, 0x00, 0x71, 0x6E,
+  0x00, 0x72, 0x2B, 0x00, 0x74, 0x22, 0x00, 0x78, 0x91, 0x00, 0x79, 0x3E,
+  0x00, 0x79, 0x49, 0x00, 0x79, 0x48, 0x00, 0x79, 0x50, 0x00, 0x79, 0x56,
+  0x00, 0x79, 0x5D, 0x00, 0x79, 0x8D, 0x00, 0x79, 0x8E, 0x00, 0x7A, 0x40,
+  0x00, 0x7A, 0x81, 0x00, 0x7B, 0xC0, 0x00, 0x7D, 0xF4, 0x00, 0x7E, 0x09,
+  0x00, 0x7E, 0x41, 0x00, 0x7F, 0x72, 0x00, 0x80, 0x05, 0x00, 0x81, 0xED,
+  0x00, 0x82, 0x79, 0x00, 0x82, 0x79, 0x00, 0x84, 0x57, 0x00, 0x89, 0x10,
+  0x00, 0x89, 0x96, 0x00, 0x8B, 0x01, 0x00, 0x8B, 0x39, 0x00, 0x8C, 0xD3,
+  0x00, 0x8D, 0x08, 0x00, 0x8F, 0xB6, 0x00, 0x90, 0x38, 0x00, 0x96, 0xE3,
+  0x00, 0x97, 0xFF, 0x00, 0x98, 0x3B, 0x00, 0x60, 0x75, 0x02, 0x42, 0xEE,
+  0x00, 0x82, 0x18, 0x00, 0x4E, 0x26, 0x00, 0x51, 0xB5, 0x00, 0x51, 0x68,
+  0x00, 0x4F, 0x80, 0x00, 0x51, 0x45, 0x00, 0x51, 0x80, 0x00, 0x52, 0xC7,
+  0x00, 0x52, 0xFA, 0x00, 0x55, 0x9D, 0x00, 0x55, 0x55, 0x00, 0x55, 0x99,
+  0x00, 0x55, 0xE2, 0x00, 0x58, 0x5A, 0x00, 0x58, 0xB3, 0x00, 0x59, 0x44,
+  0x00, 0x59, 0x54, 0x00, 0x5A, 0x62, 0x00, 0x5B, 0x28, 0x00, 0x5E, 0xD2,
+  0x00, 0x5E, 0xD9, 0x00, 0x5F, 0x69, 0x00, 0x5F, 0xAD, 0x00, 0x60, 0xD8,
+  0x00, 0x61, 0x4E, 0x00, 0x61, 0x08, 0x00, 0x61, 0x8E, 0x00, 0x61, 0x60,
+  0x00, 0x61, 0xF2, 0x00, 0x62, 0x34, 0x00, 0x63, 0xC4, 0x00, 0x64, 0x1C,
+  0x00, 0x64, 0x52, 0x00, 0x65, 0x56, 0x00, 0x66, 0x74, 0x00, 0x67, 0x17,
+  0x00, 0x67, 0x1B, 0x00, 0x67, 0x56, 0x00, 0x6B, 0x79, 0x00, 0x6B, 0xBA,
+  0x00, 0x6D, 0x41, 0x00, 0x6E, 0xDB, 0x00, 0x6E, 0xCB, 0x00, 0x6F, 0x22,
+  0x00, 0x70, 0x1E, 0x00, 0x71, 0x6E, 0x00, 0x77, 0xA7, 0x00, 0x72, 0x35,
+  0x00, 0x72, 0xAF, 0x00, 0x73, 0x2A, 0x00, 0x74, 0x71, 0x00, 0x75, 0x06,
+  0x00, 0x75, 0x3B, 0x00, 0x76, 0x1D, 0x00, 0x76, 0x1F, 0x00, 0x76, 0xCA,
+  0x00, 0x76, 0xDB, 0x00, 0x76, 0xF4, 0x00, 0x77, 0x4A, 0x00, 0x77, 0x40,
+  0x00, 0x78, 0xCC, 0x00, 0x7A, 0xB1, 0x00, 0x7B, 0xC0, 0x00, 0x7C, 0x7B,
+  0x00, 0x7D, 0x5B, 0x00, 0x7D, 0xF4, 0x00, 0x7F, 0x3E, 0x00, 0x80, 0x05,
+  0x00, 0x83, 0x52, 0x00, 0x83, 0xEF, 0x00, 0x87, 0x79, 0x00, 0x89, 0x41,
+  0x00, 0x89, 0x86, 0x00, 0x89, 0x96, 0x00, 0x8A, 0xBF, 0x00, 0x8A, 0xF8,
+  0x00, 0x8A, 0xCB, 0x00, 0x8B, 0x01, 0x00, 0x8A, 0xFE, 0x00, 0x8A, 0xED,
+  0x00, 0x8B, 0x39, 0x00, 0x8B, 0x8A, 0x00, 0x8D, 0x08, 0x00, 0x8F, 0x38,
+  0x00, 0x90, 0x72, 0x00, 0x91, 0x99, 0x00, 0x92, 0x76, 0x00, 0x96, 0x7C,
+  0x00, 0x96, 0xE3, 0x00, 0x97, 0x56, 0x00, 0x97, 0xDB, 0x00, 0x97, 0xFF,
+  0x00, 0x98, 0x0B, 0x00, 0x98, 0x3B, 0x00, 0x9B, 0x12, 0x00, 0x9F, 0x9C,
+  0x02, 0x28, 0x4A, 0x02, 0x28, 0x44, 0x02, 0x33, 0xD5, 0x00, 0x3B, 0x9D,
+  0x00, 0x40, 0x18, 0x00, 0x40, 0x39, 0x02, 0x52, 0x49, 0x02, 0x5C, 0xD0,
+  0x02, 0x7E, 0xD3, 0x00, 0x9F, 0x43, 0x00, 0x9F, 0x8E, 0xC0, 0x00, 0x66,
+  0x00, 0x00, 0x66, 0xC0, 0x00, 0x66, 0x00, 0x00, 0x69, 0xC0, 0x00, 0x66,
+  0x00, 0x00, 0x6C, 0xC0, 0x00, 0x66, 0x80, 0x00, 0x66, 0x00, 0x00, 0x69,
+  0xC0, 0x00, 0x66, 0x80, 0x00, 0x66, 0x00, 0x00, 0x6C, 0xC0, 0x01, 0x7F,
+  0x00, 0x00, 0x74, 0xC0, 0x00, 0x73, 0x00, 0x00, 0x74, 0xC0, 0x05, 0x74,
+  0x00, 0x05, 0x76, 0xC0, 0x05, 0x74, 0x00, 0x05, 0x65, 0xC0, 0x05, 0x74,
+  0x00, 0x05, 0x6B, 0xC0, 0x05, 0x7E, 0x00, 0x05, 0x76, 0xC0, 0x05, 0x74,
+  0x00, 0x05, 0x6D, 0x80, 0x05, 0xD9, 0x00, 0x05, 0xB4, 0x80, 0x05, 0xF2,
+  0x00, 0x05, 0xB7, 0x04, 0x05, 0xE2, 0x04, 0x05, 0xD0, 0x04, 0x05, 0xD3,
+  0x04, 0x05, 0xD4, 0x04, 0x05, 0xDB, 0x04, 0x05, 0xDC, 0x04, 0x05, 0xDD,
+  0x04, 0x05, 0xE8, 0x04, 0x05, 0xEA, 0x04, 0x00, 0x2B, 0x80, 0x05, 0xE9,
+  0x00, 0x05, 0xC1, 0x80, 0x05, 0xE9, 0x00, 0x05, 0xC2, 0x80, 0xFB, 0x49,
+  0x00, 0x05, 0xC1, 0x80, 0xFB, 0x49, 0x00, 0x05, 0xC2, 0x80, 0x05, 0xD0,
+  0x00, 0x05, 0xB7, 0x80, 0x05, 0xD0, 0x00, 0x05, 0xB8, 0x80, 0x05, 0xD0,
+  0x00, 0x05, 0xBC, 0x80, 0x05, 0xD1, 0x00, 0x05, 0xBC, 0x80, 0x05, 0xD2,
+  0x00, 0x05, 0xBC, 0x80, 0x05, 0xD3, 0x00, 0x05, 0xBC, 0x80, 0x05, 0xD4,
+  0x00, 0x05, 0xBC, 0x80, 0x05, 0xD5, 0x00, 0x05, 0xBC, 0x80, 0x05, 0xD6,
+  0x00, 0x05, 0xBC, 0x80, 0x05, 0xD8, 0x00, 0x05, 0xBC, 0x80, 0x05, 0xD9,
+  0x00, 0x05, 0xBC, 0x80, 0x05, 0xDA, 0x00, 0x05, 0xBC, 0x80, 0x05, 0xDB,
+  0x00, 0x05, 0xBC, 0x80, 0x05, 0xDC, 0x00, 0x05, 0xBC, 0x80, 0x05, 0xDE,
+  0x00, 0x05, 0xBC, 0x80, 0x05, 0xE0, 0x00, 0x05, 0xBC, 0x80, 0x05, 0xE1,
+  0x00, 0x05, 0xBC, 0x80, 0x05, 0xE3, 0x00, 0x05, 0xBC, 0x80, 0x05, 0xE4,
+  0x00, 0x05, 0xBC, 0x80, 0x05, 0xE6, 0x00, 0x05, 0xBC, 0x80, 0x05, 0xE7,
+  0x00, 0x05, 0xBC, 0x80, 0x05, 0xE8, 0x00, 0x05, 0xBC, 0x80, 0x05, 0xE9,
+  0x00, 0x05, 0xBC, 0x80, 0x05, 0xEA, 0x00, 0x05, 0xBC, 0x80, 0x05, 0xD5,
+  0x00, 0x05, 0xB9, 0x80, 0x05, 0xD1, 0x00, 0x05, 0xBF, 0x80, 0x05, 0xDB,
+  0x00, 0x05, 0xBF, 0x80, 0x05, 0xE4, 0x00, 0x05, 0xBF, 0xC0, 0x05, 0xD0,
+  0x00, 0x05, 0xDC, 0x18, 0x06, 0x71, 0x14, 0x06, 0x71, 0x18, 0x06, 0x7B,
+  0x14, 0x06, 0x7B, 0x0C, 0x06, 0x7B, 0x10, 0x06, 0x7B, 0x18, 0x06, 0x7E,
+  0x14, 0x06, 0x7E, 0x0C, 0x06, 0x7E, 0x10, 0x06, 0x7E, 0x18, 0x06, 0x80,
+  0x14, 0x06, 0x80, 0x0C, 0x06, 0x80, 0x10, 0x06, 0x80, 0x18, 0x06, 0x7A,
+  0x14, 0x06, 0x7A, 0x0C, 0x06, 0x7A, 0x10, 0x06, 0x7A, 0x18, 0x06, 0x7F,
+  0x14, 0x06, 0x7F, 0x0C, 0x06, 0x7F, 0x10, 0x06, 0x7F, 0x18, 0x06, 0x79,
+  0x14, 0x06, 0x79, 0x0C, 0x06, 0x79, 0x10, 0x06, 0x79, 0x18, 0x06, 0xA4,
+  0x14, 0x06, 0xA4, 0x0C, 0x06, 0xA4, 0x10, 0x06, 0xA4, 0x18, 0x06, 0xA6,
+  0x14, 0x06, 0xA6, 0x0C, 0x06, 0xA6, 0x10, 0x06, 0xA6, 0x18, 0x06, 0x84,
+  0x14, 0x06, 0x84, 0x0C, 0x06, 0x84, 0x10, 0x06, 0x84, 0x18, 0x06, 0x83,
+  0x14, 0x06, 0x83, 0x0C, 0x06, 0x83, 0x10, 0x06, 0x83, 0x18, 0x06, 0x86,
+  0x14, 0x06, 0x86, 0x0C, 0x06, 0x86, 0x10, 0x06, 0x86, 0x18, 0x06, 0x87,
+  0x14, 0x06, 0x87, 0x0C, 0x06, 0x87, 0x10, 0x06, 0x87, 0x18, 0x06, 0x8D,
+  0x14, 0x06, 0x8D, 0x18, 0x06, 0x8C, 0x14, 0x06, 0x8C, 0x18, 0x06, 0x8E,
+  0x14, 0x06, 0x8E, 0x18, 0x06, 0x88, 0x14, 0x06, 0x88, 0x18, 0x06, 0x98,
+  0x14, 0x06, 0x98, 0x18, 0x06, 0x91, 0x14, 0x06, 0x91, 0x18, 0x06, 0xA9,
+  0x14, 0x06, 0xA9, 0x0C, 0x06, 0xA9, 0x10, 0x06, 0xA9, 0x18, 0x06, 0xAF,
+  0x14, 0x06, 0xAF, 0x0C, 0x06, 0xAF, 0x10, 0x06, 0xAF, 0x18, 0x06, 0xB3,
+  0x14, 0x06, 0xB3, 0x0C, 0x06, 0xB3, 0x10, 0x06, 0xB3, 0x18, 0x06, 0xB1,
+  0x14, 0x06, 0xB1, 0x0C, 0x06, 0xB1, 0x10, 0x06, 0xB1, 0x18, 0x06, 0xBA,
+  0x14, 0x06, 0xBA, 0x18, 0x06, 0xBB, 0x14, 0x06, 0xBB, 0x0C, 0x06, 0xBB,
+  0x10, 0x06, 0xBB, 0x18, 0x06, 0xC0, 0x14, 0x06, 0xC0, 0x18, 0x06, 0xC1,
+  0x14, 0x06, 0xC1, 0x0C, 0x06, 0xC1, 0x10, 0x06, 0xC1, 0x18, 0x06, 0xBE,
+  0x14, 0x06, 0xBE, 0x0C, 0x06, 0xBE, 0x10, 0x06, 0xBE, 0x18, 0x06, 0xD2,
+  0x14, 0x06, 0xD2, 0x18, 0x06, 0xD3, 0x14, 0x06, 0xD3, 0x18, 0x06, 0xAD,
+  0x14, 0x06, 0xAD, 0x0C, 0x06, 0xAD, 0x10, 0x06, 0xAD, 0x18, 0x06, 0xC7,
+  0x14, 0x06, 0xC7, 0x18, 0x06, 0xC6, 0x14, 0x06, 0xC6, 0x18, 0x06, 0xC8,
+  0x14, 0x06, 0xC8, 0x18, 0x06, 0x77, 0x18, 0x06, 0xCB, 0x14, 0x06, 0xCB,
+  0x18, 0x06, 0xC5, 0x14, 0x06, 0xC5, 0x18, 0x06, 0xC9, 0x14, 0x06, 0xC9,
+  0x18, 0x06, 0xD0, 0x14, 0x06, 0xD0, 0x0C, 0x06, 0xD0, 0x10, 0x06, 0xD0,
+  0x0C, 0x06, 0x49, 0x10, 0x06, 0x49, 0x98, 0x06, 0x26, 0x00, 0x06, 0x27,
+  0x94, 0x06, 0x26, 0x00, 0x06, 0x27, 0x98, 0x06, 0x26, 0x00, 0x06, 0xD5,
+  0x94, 0x06, 0x26, 0x00, 0x06, 0xD5, 0x98, 0x06, 0x26, 0x00, 0x06, 0x48,
+  0x94, 0x06, 0x26, 0x00, 0x06, 0x48, 0x98, 0x06, 0x26, 0x00, 0x06, 0xC7,
+  0x94, 0x06, 0x26, 0x00, 0x06, 0xC7, 0x98, 0x06, 0x26, 0x00, 0x06, 0xC6,
+  0x94, 0x06, 0x26, 0x00, 0x06, 0xC6, 0x98, 0x06, 0x26, 0x00, 0x06, 0xC8,
+  0x94, 0x06, 0x26, 0x00, 0x06, 0xC8, 0x98, 0x06, 0x26, 0x00, 0x06, 0xD0,
+  0x94, 0x06, 0x26, 0x00, 0x06, 0xD0, 0x8C, 0x06, 0x26, 0x00, 0x06, 0xD0,
+  0x98, 0x06, 0x26, 0x00, 0x06, 0x49, 0x94, 0x06, 0x26, 0x00, 0x06, 0x49,
+  0x8C, 0x06, 0x26, 0x00, 0x06, 0x49, 0x18, 0x06, 0xCC, 0x14, 0x06, 0xCC,
+  0x0C, 0x06, 0xCC, 0x10, 0x06, 0xCC, 0x98, 0x06, 0x26, 0x00, 0x06, 0x2C,
+  0x98, 0x06, 0x26, 0x00, 0x06, 0x2D, 0x98, 0x06, 0x26, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x26, 0x00, 0x06, 0x49, 0x98, 0x06, 0x26, 0x00, 0x06, 0x4A,
+  0x98, 0x06, 0x28, 0x00, 0x06, 0x2C, 0x98, 0x06, 0x28, 0x00, 0x06, 0x2D,
+  0x98, 0x06, 0x28, 0x00, 0x06, 0x2E, 0x98, 0x06, 0x28, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x28, 0x00, 0x06, 0x49, 0x98, 0x06, 0x28, 0x00, 0x06, 0x4A,
+  0x98, 0x06, 0x2A, 0x00, 0x06, 0x2C, 0x98, 0x06, 0x2A, 0x00, 0x06, 0x2D,
+  0x98, 0x06, 0x2A, 0x00, 0x06, 0x2E, 0x98, 0x06, 0x2A, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x2A, 0x00, 0x06, 0x49, 0x98, 0x06, 0x2A, 0x00, 0x06, 0x4A,
+  0x98, 0x06, 0x2B, 0x00, 0x06, 0x2C, 0x98, 0x06, 0x2B, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x2B, 0x00, 0x06, 0x49, 0x98, 0x06, 0x2B, 0x00, 0x06, 0x4A,
+  0x98, 0x06, 0x2C, 0x00, 0x06, 0x2D, 0x98, 0x06, 0x2C, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x2D, 0x00, 0x06, 0x2C, 0x98, 0x06, 0x2D, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x2E, 0x00, 0x06, 0x2C, 0x98, 0x06, 0x2E, 0x00, 0x06, 0x2D,
+  0x98, 0x06, 0x2E, 0x00, 0x06, 0x45, 0x98, 0x06, 0x33, 0x00, 0x06, 0x2C,
+  0x98, 0x06, 0x33, 0x00, 0x06, 0x2D, 0x98, 0x06, 0x33, 0x00, 0x06, 0x2E,
+  0x98, 0x06, 0x33, 0x00, 0x06, 0x45, 0x98, 0x06, 0x35, 0x00, 0x06, 0x2D,
+  0x98, 0x06, 0x35, 0x00, 0x06, 0x45, 0x98, 0x06, 0x36, 0x00, 0x06, 0x2C,
+  0x98, 0x06, 0x36, 0x00, 0x06, 0x2D, 0x98, 0x06, 0x36, 0x00, 0x06, 0x2E,
+  0x98, 0x06, 0x36, 0x00, 0x06, 0x45, 0x98, 0x06, 0x37, 0x00, 0x06, 0x2D,
+  0x98, 0x06, 0x37, 0x00, 0x06, 0x45, 0x98, 0x06, 0x38, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x39, 0x00, 0x06, 0x2C, 0x98, 0x06, 0x39, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x3A, 0x00, 0x06, 0x2C, 0x98, 0x06, 0x3A, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x41, 0x00, 0x06, 0x2C, 0x98, 0x06, 0x41, 0x00, 0x06, 0x2D,
+  0x98, 0x06, 0x41, 0x00, 0x06, 0x2E, 0x98, 0x06, 0x41, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x41, 0x00, 0x06, 0x49, 0x98, 0x06, 0x41, 0x00, 0x06, 0x4A,
+  0x98, 0x06, 0x42, 0x00, 0x06, 0x2D, 0x98, 0x06, 0x42, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x42, 0x00, 0x06, 0x49, 0x98, 0x06, 0x42, 0x00, 0x06, 0x4A,
+  0x98, 0x06, 0x43, 0x00, 0x06, 0x27, 0x98, 0x06, 0x43, 0x00, 0x06, 0x2C,
+  0x98, 0x06, 0x43, 0x00, 0x06, 0x2D, 0x98, 0x06, 0x43, 0x00, 0x06, 0x2E,
+  0x98, 0x06, 0x43, 0x00, 0x06, 0x44, 0x98, 0x06, 0x43, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x43, 0x00, 0x06, 0x49, 0x98, 0x06, 0x43, 0x00, 0x06, 0x4A,
+  0x98, 0x06, 0x44, 0x00, 0x06, 0x2C, 0x98, 0x06, 0x44, 0x00, 0x06, 0x2D,
+  0x98, 0x06, 0x44, 0x00, 0x06, 0x2E, 0x98, 0x06, 0x44, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x44, 0x00, 0x06, 0x49, 0x98, 0x06, 0x44, 0x00, 0x06, 0x4A,
+  0x98, 0x06, 0x45, 0x00, 0x06, 0x2C, 0x98, 0x06, 0x45, 0x00, 0x06, 0x2D,
+  0x98, 0x06, 0x45, 0x00, 0x06, 0x2E, 0x98, 0x06, 0x45, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x45, 0x00, 0x06, 0x49, 0x98, 0x06, 0x45, 0x00, 0x06, 0x4A,
+  0x98, 0x06, 0x46, 0x00, 0x06, 0x2C, 0x98, 0x06, 0x46, 0x00, 0x06, 0x2D,
+  0x98, 0x06, 0x46, 0x00, 0x06, 0x2E, 0x98, 0x06, 0x46, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x46, 0x00, 0x06, 0x49, 0x98, 0x06, 0x46, 0x00, 0x06, 0x4A,
+  0x98, 0x06, 0x47, 0x00, 0x06, 0x2C, 0x98, 0x06, 0x47, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x47, 0x00, 0x06, 0x49, 0x98, 0x06, 0x47, 0x00, 0x06, 0x4A,
+  0x98, 0x06, 0x4A, 0x00, 0x06, 0x2C, 0x98, 0x06, 0x4A, 0x00, 0x06, 0x2D,
+  0x98, 0x06, 0x4A, 0x00, 0x06, 0x2E, 0x98, 0x06, 0x4A, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x4A, 0x00, 0x06, 0x49, 0x98, 0x06, 0x4A, 0x00, 0x06, 0x4A,
+  0x98, 0x06, 0x30, 0x00, 0x06, 0x70, 0x98, 0x06, 0x31, 0x00, 0x06, 0x70,
+  0x98, 0x06, 0x49, 0x00, 0x06, 0x70, 0x98, 0x00, 0x20, 0x80, 0x06, 0x4C,
+  0x00, 0x06, 0x51, 0x98, 0x00, 0x20, 0x80, 0x06, 0x4D, 0x00, 0x06, 0x51,
+  0x98, 0x00, 0x20, 0x80, 0x06, 0x4E, 0x00, 0x06, 0x51, 0x98, 0x00, 0x20,
+  0x80, 0x06, 0x4F, 0x00, 0x06, 0x51, 0x98, 0x00, 0x20, 0x80, 0x06, 0x50,
+  0x00, 0x06, 0x51, 0x98, 0x00, 0x20, 0x80, 0x06, 0x51, 0x00, 0x06, 0x70,
+  0x94, 0x06, 0x26, 0x00, 0x06, 0x31, 0x94, 0x06, 0x26, 0x00, 0x06, 0x32,
+  0x94, 0x06, 0x26, 0x00, 0x06, 0x45, 0x94, 0x06, 0x26, 0x00, 0x06, 0x46,
+  0x94, 0x06, 0x26, 0x00, 0x06, 0x49, 0x94, 0x06, 0x26, 0x00, 0x06, 0x4A,
+  0x94, 0x06, 0x28, 0x00, 0x06, 0x31, 0x94, 0x06, 0x28, 0x00, 0x06, 0x32,
+  0x94, 0x06, 0x28, 0x00, 0x06, 0x45, 0x94, 0x06, 0x28, 0x00, 0x06, 0x46,
+  0x94, 0x06, 0x28, 0x00, 0x06, 0x49, 0x94, 0x06, 0x28, 0x00, 0x06, 0x4A,
+  0x94, 0x06, 0x2A, 0x00, 0x06, 0x31, 0x94, 0x06, 0x2A, 0x00, 0x06, 0x32,
+  0x94, 0x06, 0x2A, 0x00, 0x06, 0x45, 0x94, 0x06, 0x2A, 0x00, 0x06, 0x46,
+  0x94, 0x06, 0x2A, 0x00, 0x06, 0x49, 0x94, 0x06, 0x2A, 0x00, 0x06, 0x4A,
+  0x94, 0x06, 0x2B, 0x00, 0x06, 0x31, 0x94, 0x06, 0x2B, 0x00, 0x06, 0x32,
+  0x94, 0x06, 0x2B, 0x00, 0x06, 0x45, 0x94, 0x06, 0x2B, 0x00, 0x06, 0x46,
+  0x94, 0x06, 0x2B, 0x00, 0x06, 0x49, 0x94, 0x06, 0x2B, 0x00, 0x06, 0x4A,
+  0x94, 0x06, 0x41, 0x00, 0x06, 0x49, 0x94, 0x06, 0x41, 0x00, 0x06, 0x4A,
+  0x94, 0x06, 0x42, 0x00, 0x06, 0x49, 0x94, 0x06, 0x42, 0x00, 0x06, 0x4A,
+  0x94, 0x06, 0x43, 0x00, 0x06, 0x27, 0x94, 0x06, 0x43, 0x00, 0x06, 0x44,
+  0x94, 0x06, 0x43, 0x00, 0x06, 0x45, 0x94, 0x06, 0x43, 0x00, 0x06, 0x49,
+  0x94, 0x06, 0x43, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x44, 0x00, 0x06, 0x45,
+  0x94, 0x06, 0x44, 0x00, 0x06, 0x49, 0x94, 0x06, 0x44, 0x00, 0x06, 0x4A,
+  0x94, 0x06, 0x45, 0x00, 0x06, 0x27, 0x94, 0x06, 0x45, 0x00, 0x06, 0x45,
+  0x94, 0x06, 0x46, 0x00, 0x06, 0x31, 0x94, 0x06, 0x46, 0x00, 0x06, 0x32,
+  0x94, 0x06, 0x46, 0x00, 0x06, 0x45, 0x94, 0x06, 0x46, 0x00, 0x06, 0x46,
+  0x94, 0x06, 0x46, 0x00, 0x06, 0x49, 0x94, 0x06, 0x46, 0x00, 0x06, 0x4A,
+  0x94, 0x06, 0x49, 0x00, 0x06, 0x70, 0x94, 0x06, 0x4A, 0x00, 0x06, 0x31,
+  0x94, 0x06, 0x4A, 0x00, 0x06, 0x32, 0x94, 0x06, 0x4A, 0x00, 0x06, 0x45,
+  0x94, 0x06, 0x4A, 0x00, 0x06, 0x46, 0x94, 0x06, 0x4A, 0x00, 0x06, 0x49,
+  0x94, 0x06, 0x4A, 0x00, 0x06, 0x4A, 0x8C, 0x06, 0x26, 0x00, 0x06, 0x2C,
+  0x8C, 0x06, 0x26, 0x00, 0x06, 0x2D, 0x8C, 0x06, 0x26, 0x00, 0x06, 0x2E,
+  0x8C, 0x06, 0x26, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x26, 0x00, 0x06, 0x47,
+  0x8C, 0x06, 0x28, 0x00, 0x06, 0x2C, 0x8C, 0x06, 0x28, 0x00, 0x06, 0x2D,
+  0x8C, 0x06, 0x28, 0x00, 0x06, 0x2E, 0x8C, 0x06, 0x28, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x28, 0x00, 0x06, 0x47, 0x8C, 0x06, 0x2A, 0x00, 0x06, 0x2C,
+  0x8C, 0x06, 0x2A, 0x00, 0x06, 0x2D, 0x8C, 0x06, 0x2A, 0x00, 0x06, 0x2E,
+  0x8C, 0x06, 0x2A, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x2A, 0x00, 0x06, 0x47,
+  0x8C, 0x06, 0x2B, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x2C, 0x00, 0x06, 0x2D,
+  0x8C, 0x06, 0x2C, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x2D, 0x00, 0x06, 0x2C,
+  0x8C, 0x06, 0x2D, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x2E, 0x00, 0x06, 0x2C,
+  0x8C, 0x06, 0x2E, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x33, 0x00, 0x06, 0x2C,
+  0x8C, 0x06, 0x33, 0x00, 0x06, 0x2D, 0x8C, 0x06, 0x33, 0x00, 0x06, 0x2E,
+  0x8C, 0x06, 0x33, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x35, 0x00, 0x06, 0x2D,
+  0x8C, 0x06, 0x35, 0x00, 0x06, 0x2E, 0x8C, 0x06, 0x35, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x36, 0x00, 0x06, 0x2C, 0x8C, 0x06, 0x36, 0x00, 0x06, 0x2D,
+  0x8C, 0x06, 0x36, 0x00, 0x06, 0x2E, 0x8C, 0x06, 0x36, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x37, 0x00, 0x06, 0x2D, 0x8C, 0x06, 0x38, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x39, 0x00, 0x06, 0x2C, 0x8C, 0x06, 0x39, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x3A, 0x00, 0x06, 0x2C, 0x8C, 0x06, 0x3A, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x41, 0x00, 0x06, 0x2C, 0x8C, 0x06, 0x41, 0x00, 0x06, 0x2D,
+  0x8C, 0x06, 0x41, 0x00, 0x06, 0x2E, 0x8C, 0x06, 0x41, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x42, 0x00, 0x06, 0x2D, 0x8C, 0x06, 0x42, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x43, 0x00, 0x06, 0x2C, 0x8C, 0x06, 0x43, 0x00, 0x06, 0x2D,
+  0x8C, 0x06, 0x43, 0x00, 0x06, 0x2E, 0x8C, 0x06, 0x43, 0x00, 0x06, 0x44,
+  0x8C, 0x06, 0x43, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x44, 0x00, 0x06, 0x2C,
+  0x8C, 0x06, 0x44, 0x00, 0x06, 0x2D, 0x8C, 0x06, 0x44, 0x00, 0x06, 0x2E,
+  0x8C, 0x06, 0x44, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x44, 0x00, 0x06, 0x47,
+  0x8C, 0x06, 0x45, 0x00, 0x06, 0x2C, 0x8C, 0x06, 0x45, 0x00, 0x06, 0x2D,
+  0x8C, 0x06, 0x45, 0x00, 0x06, 0x2E, 0x8C, 0x06, 0x45, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x46, 0x00, 0x06, 0x2C, 0x8C, 0x06, 0x46, 0x00, 0x06, 0x2D,
+  0x8C, 0x06, 0x46, 0x00, 0x06, 0x2E, 0x8C, 0x06, 0x46, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x46, 0x00, 0x06, 0x47, 0x8C, 0x06, 0x47, 0x00, 0x06, 0x2C,
+  0x8C, 0x06, 0x47, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x47, 0x00, 0x06, 0x70,
+  0x8C, 0x06, 0x4A, 0x00, 0x06, 0x2C, 0x8C, 0x06, 0x4A, 0x00, 0x06, 0x2D,
+  0x8C, 0x06, 0x4A, 0x00, 0x06, 0x2E, 0x8C, 0x06, 0x4A, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x4A, 0x00, 0x06, 0x47, 0x90, 0x06, 0x26, 0x00, 0x06, 0x45,
+  0x90, 0x06, 0x26, 0x00, 0x06, 0x47, 0x90, 0x06, 0x28, 0x00, 0x06, 0x45,
+  0x90, 0x06, 0x28, 0x00, 0x06, 0x47, 0x90, 0x06, 0x2A, 0x00, 0x06, 0x45,
+  0x90, 0x06, 0x2A, 0x00, 0x06, 0x47, 0x90, 0x06, 0x2B, 0x00, 0x06, 0x45,
+  0x90, 0x06, 0x2B, 0x00, 0x06, 0x47, 0x90, 0x06, 0x33, 0x00, 0x06, 0x45,
+  0x90, 0x06, 0x33, 0x00, 0x06, 0x47, 0x90, 0x06, 0x34, 0x00, 0x06, 0x45,
+  0x90, 0x06, 0x34, 0x00, 0x06, 0x47, 0x90, 0x06, 0x43, 0x00, 0x06, 0x44,
+  0x90, 0x06, 0x43, 0x00, 0x06, 0x45, 0x90, 0x06, 0x44, 0x00, 0x06, 0x45,
+  0x90, 0x06, 0x46, 0x00, 0x06, 0x45, 0x90, 0x06, 0x46, 0x00, 0x06, 0x47,
+  0x90, 0x06, 0x4A, 0x00, 0x06, 0x45, 0x90, 0x06, 0x4A, 0x00, 0x06, 0x47,
+  0x90, 0x06, 0x40, 0x80, 0x06, 0x4E, 0x00, 0x06, 0x51, 0x90, 0x06, 0x40,
+  0x80, 0x06, 0x4F, 0x00, 0x06, 0x51, 0x90, 0x06, 0x40, 0x80, 0x06, 0x50,
+  0x00, 0x06, 0x51, 0x98, 0x06, 0x37, 0x00, 0x06, 0x49, 0x98, 0x06, 0x37,
+  0x00, 0x06, 0x4A, 0x98, 0x06, 0x39, 0x00, 0x06, 0x49, 0x98, 0x06, 0x39,
+  0x00, 0x06, 0x4A, 0x98, 0x06, 0x3A, 0x00, 0x06, 0x49, 0x98, 0x06, 0x3A,
+  0x00, 0x06, 0x4A, 0x98, 0x06, 0x33, 0x00, 0x06, 0x49, 0x98, 0x06, 0x33,
+  0x00, 0x06, 0x4A, 0x98, 0x06, 0x34, 0x00, 0x06, 0x49, 0x98, 0x06, 0x34,
+  0x00, 0x06, 0x4A, 0x98, 0x06, 0x2D, 0x00, 0x06, 0x49, 0x98, 0x06, 0x2D,
+  0x00, 0x06, 0x4A, 0x98, 0x06, 0x2C, 0x00, 0x06, 0x49, 0x98, 0x06, 0x2C,
+  0x00, 0x06, 0x4A, 0x98, 0x06, 0x2E, 0x00, 0x06, 0x49, 0x98, 0x06, 0x2E,
+  0x00, 0x06, 0x4A, 0x98, 0x06, 0x35, 0x00, 0x06, 0x49, 0x98, 0x06, 0x35,
+  0x00, 0x06, 0x4A, 0x98, 0x06, 0x36, 0x00, 0x06, 0x49, 0x98, 0x06, 0x36,
+  0x00, 0x06, 0x4A, 0x98, 0x06, 0x34, 0x00, 0x06, 0x2C, 0x98, 0x06, 0x34,
+  0x00, 0x06, 0x2D, 0x98, 0x06, 0x34, 0x00, 0x06, 0x2E, 0x98, 0x06, 0x34,
+  0x00, 0x06, 0x45, 0x98, 0x06, 0x34, 0x00, 0x06, 0x31, 0x98, 0x06, 0x33,
+  0x00, 0x06, 0x31, 0x98, 0x06, 0x35, 0x00, 0x06, 0x31, 0x98, 0x06, 0x36,
+  0x00, 0x06, 0x31, 0x94, 0x06, 0x37, 0x00, 0x06, 0x49, 0x94, 0x06, 0x37,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x39, 0x00, 0x06, 0x49, 0x94, 0x06, 0x39,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x3A, 0x00, 0x06, 0x49, 0x94, 0x06, 0x3A,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x33, 0x00, 0x06, 0x49, 0x94, 0x06, 0x33,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x34, 0x00, 0x06, 0x49, 0x94, 0x06, 0x34,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x2D, 0x00, 0x06, 0x49, 0x94, 0x06, 0x2D,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x2C, 0x00, 0x06, 0x49, 0x94, 0x06, 0x2C,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x2E, 0x00, 0x06, 0x49, 0x94, 0x06, 0x2E,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x35, 0x00, 0x06, 0x49, 0x94, 0x06, 0x35,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x36, 0x00, 0x06, 0x49, 0x94, 0x06, 0x36,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x34, 0x00, 0x06, 0x2C, 0x94, 0x06, 0x34,
+  0x00, 0x06, 0x2D, 0x94, 0x06, 0x34, 0x00, 0x06, 0x2E, 0x94, 0x06, 0x34,
+  0x00, 0x06, 0x45, 0x94, 0x06, 0x34, 0x00, 0x06, 0x31, 0x94, 0x06, 0x33,
+  0x00, 0x06, 0x31, 0x94, 0x06, 0x35, 0x00, 0x06, 0x31, 0x94, 0x06, 0x36,
+  0x00, 0x06, 0x31, 0x8C, 0x06, 0x34, 0x00, 0x06, 0x2C, 0x8C, 0x06, 0x34,
+  0x00, 0x06, 0x2D, 0x8C, 0x06, 0x34, 0x00, 0x06, 0x2E, 0x8C, 0x06, 0x34,
+  0x00, 0x06, 0x45, 0x8C, 0x06, 0x33, 0x00, 0x06, 0x47, 0x8C, 0x06, 0x34,
+  0x00, 0x06, 0x47, 0x8C, 0x06, 0x37, 0x00, 0x06, 0x45, 0x90, 0x06, 0x33,
+  0x00, 0x06, 0x2C, 0x90, 0x06, 0x33, 0x00, 0x06, 0x2D, 0x90, 0x06, 0x33,
+  0x00, 0x06, 0x2E, 0x90, 0x06, 0x34, 0x00, 0x06, 0x2C, 0x90, 0x06, 0x34,
+  0x00, 0x06, 0x2D, 0x90, 0x06, 0x34, 0x00, 0x06, 0x2E, 0x90, 0x06, 0x37,
+  0x00, 0x06, 0x45, 0x90, 0x06, 0x38, 0x00, 0x06, 0x45, 0x94, 0x06, 0x27,
+  0x00, 0x06, 0x4B, 0x98, 0x06, 0x27, 0x00, 0x06, 0x4B, 0x8C, 0x06, 0x2A,
+  0x80, 0x06, 0x2C, 0x00, 0x06, 0x45, 0x94, 0x06, 0x2A, 0x80, 0x06, 0x2D,
+  0x00, 0x06, 0x2C, 0x8C, 0x06, 0x2A, 0x80, 0x06, 0x2D, 0x00, 0x06, 0x2C,
+  0x8C, 0x06, 0x2A, 0x80, 0x06, 0x2D, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x2A,
+  0x80, 0x06, 0x2E, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x2A, 0x80, 0x06, 0x45,
+  0x00, 0x06, 0x2C, 0x8C, 0x06, 0x2A, 0x80, 0x06, 0x45, 0x00, 0x06, 0x2D,
+  0x8C, 0x06, 0x2A, 0x80, 0x06, 0x45, 0x00, 0x06, 0x2E, 0x94, 0x06, 0x2C,
+  0x80, 0x06, 0x45, 0x00, 0x06, 0x2D, 0x8C, 0x06, 0x2C, 0x80, 0x06, 0x45,
+  0x00, 0x06, 0x2D, 0x94, 0x06, 0x2D, 0x80, 0x06, 0x45, 0x00, 0x06, 0x4A,
+  0x94, 0x06, 0x2D, 0x80, 0x06, 0x45, 0x00, 0x06, 0x49, 0x8C, 0x06, 0x33,
+  0x80, 0x06, 0x2D, 0x00, 0x06, 0x2C, 0x8C, 0x06, 0x33, 0x80, 0x06, 0x2C,
+  0x00, 0x06, 0x2D, 0x94, 0x06, 0x33, 0x80, 0x06, 0x2C, 0x00, 0x06, 0x49,
+  0x94, 0x06, 0x33, 0x80, 0x06, 0x45, 0x00, 0x06, 0x2D, 0x8C, 0x06, 0x33,
+  0x80, 0x06, 0x45, 0x00, 0x06, 0x2D, 0x8C, 0x06, 0x33, 0x80, 0x06, 0x45,
+  0x00, 0x06, 0x2C, 0x94, 0x06, 0x33, 0x80, 0x06, 0x45, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x33, 0x80, 0x06, 0x45, 0x00, 0x06, 0x45, 0x94, 0x06, 0x35,
+  0x80, 0x06, 0x2D, 0x00, 0x06, 0x2D, 0x8C, 0x06, 0x35, 0x80, 0x06, 0x2D,
+  0x00, 0x06, 0x2D, 0x94, 0x06, 0x35, 0x80, 0x06, 0x45, 0x00, 0x06, 0x45,
+  0x94, 0x06, 0x34, 0x80, 0x06, 0x2D, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x34,
+  0x80, 0x06, 0x2D, 0x00, 0x06, 0x45, 0x94, 0x06, 0x34, 0x80, 0x06, 0x2C,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x34, 0x80, 0x06, 0x45, 0x00, 0x06, 0x2E,
+  0x8C, 0x06, 0x34, 0x80, 0x06, 0x45, 0x00, 0x06, 0x2E, 0x94, 0x06, 0x34,
+  0x80, 0x06, 0x45, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x34, 0x80, 0x06, 0x45,
+  0x00, 0x06, 0x45, 0x94, 0x06, 0x36, 0x80, 0x06, 0x2D, 0x00, 0x06, 0x49,
+  0x94, 0x06, 0x36, 0x80, 0x06, 0x2E, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x36,
+  0x80, 0x06, 0x2E, 0x00, 0x06, 0x45, 0x94, 0x06, 0x37, 0x80, 0x06, 0x45,
+  0x00, 0x06, 0x2D, 0x8C, 0x06, 0x37, 0x80, 0x06, 0x45, 0x00, 0x06, 0x2D,
+  0x8C, 0x06, 0x37, 0x80, 0x06, 0x45, 0x00, 0x06, 0x45, 0x94, 0x06, 0x37,
+  0x80, 0x06, 0x45, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x39, 0x80, 0x06, 0x2C,
+  0x00, 0x06, 0x45, 0x94, 0x06, 0x39, 0x80, 0x06, 0x45, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x39, 0x80, 0x06, 0x45, 0x00, 0x06, 0x45, 0x94, 0x06, 0x39,
+  0x80, 0x06, 0x45, 0x00, 0x06, 0x49, 0x94, 0x06, 0x3A, 0x80, 0x06, 0x45,
+  0x00, 0x06, 0x45, 0x94, 0x06, 0x3A, 0x80, 0x06, 0x45, 0x00, 0x06, 0x4A,
+  0x94, 0x06, 0x3A, 0x80, 0x06, 0x45, 0x00, 0x06, 0x49, 0x94, 0x06, 0x41,
+  0x80, 0x06, 0x2E, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x41, 0x80, 0x06, 0x2E,
+  0x00, 0x06, 0x45, 0x94, 0x06, 0x42, 0x80, 0x06, 0x45, 0x00, 0x06, 0x2D,
+  0x94, 0x06, 0x42, 0x80, 0x06, 0x45, 0x00, 0x06, 0x45, 0x94, 0x06, 0x44,
+  0x80, 0x06, 0x2D, 0x00, 0x06, 0x45, 0x94, 0x06, 0x44, 0x80, 0x06, 0x2D,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x44, 0x80, 0x06, 0x2D, 0x00, 0x06, 0x49,
+  0x8C, 0x06, 0x44, 0x80, 0x06, 0x2C, 0x00, 0x06, 0x2C, 0x94, 0x06, 0x44,
+  0x80, 0x06, 0x2C, 0x00, 0x06, 0x2C, 0x94, 0x06, 0x44, 0x80, 0x06, 0x2E,
+  0x00, 0x06, 0x45, 0x8C, 0x06, 0x44, 0x80, 0x06, 0x2E, 0x00, 0x06, 0x45,
+  0x94, 0x06, 0x44, 0x80, 0x06, 0x45, 0x00, 0x06, 0x2D, 0x8C, 0x06, 0x44,
+  0x80, 0x06, 0x45, 0x00, 0x06, 0x2D, 0x8C, 0x06, 0x45, 0x80, 0x06, 0x2D,
+  0x00, 0x06, 0x2C, 0x8C, 0x06, 0x45, 0x80, 0x06, 0x2D, 0x00, 0x06, 0x45,
+  0x94, 0x06, 0x45, 0x80, 0x06, 0x2D, 0x00, 0x06, 0x4A, 0x8C, 0x06, 0x45,
+  0x80, 0x06, 0x2C, 0x00, 0x06, 0x2D, 0x8C, 0x06, 0x45, 0x80, 0x06, 0x2C,
+  0x00, 0x06, 0x45, 0x8C, 0x06, 0x45, 0x80, 0x06, 0x2E, 0x00, 0x06, 0x2C,
+  0x8C, 0x06, 0x45, 0x80, 0x06, 0x2E, 0x00, 0x06, 0x45, 0x8C, 0x06, 0x45,
+  0x80, 0x06, 0x2C, 0x00, 0x06, 0x2E, 0x8C, 0x06, 0x47, 0x80, 0x06, 0x45,
+  0x00, 0x06, 0x2C, 0x8C, 0x06, 0x47, 0x80, 0x06, 0x45, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x46, 0x80, 0x06, 0x2D, 0x00, 0x06, 0x45, 0x94, 0x06, 0x46,
+  0x80, 0x06, 0x2D, 0x00, 0x06, 0x49, 0x94, 0x06, 0x46, 0x80, 0x06, 0x2C,
+  0x00, 0x06, 0x45, 0x8C, 0x06, 0x46, 0x80, 0x06, 0x2C, 0x00, 0x06, 0x45,
+  0x94, 0x06, 0x46, 0x80, 0x06, 0x2C, 0x00, 0x06, 0x49, 0x94, 0x06, 0x46,
+  0x80, 0x06, 0x45, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x46, 0x80, 0x06, 0x45,
+  0x00, 0x06, 0x49, 0x94, 0x06, 0x4A, 0x80, 0x06, 0x45, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x4A, 0x80, 0x06, 0x45, 0x00, 0x06, 0x45, 0x94, 0x06, 0x28,
+  0x80, 0x06, 0x2E, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x2A, 0x80, 0x06, 0x2C,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x2A, 0x80, 0x06, 0x2C, 0x00, 0x06, 0x49,
+  0x94, 0x06, 0x2A, 0x80, 0x06, 0x2E, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x2A,
+  0x80, 0x06, 0x2E, 0x00, 0x06, 0x49, 0x94, 0x06, 0x2A, 0x80, 0x06, 0x45,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x2A, 0x80, 0x06, 0x45, 0x00, 0x06, 0x49,
+  0x94, 0x06, 0x2C, 0x80, 0x06, 0x45, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x2C,
+  0x80, 0x06, 0x2D, 0x00, 0x06, 0x49, 0x94, 0x06, 0x2C, 0x80, 0x06, 0x45,
+  0x00, 0x06, 0x49, 0x94, 0x06, 0x33, 0x80, 0x06, 0x2E, 0x00, 0x06, 0x49,
+  0x94, 0x06, 0x35, 0x80, 0x06, 0x2D, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x34,
+  0x80, 0x06, 0x2D, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x36, 0x80, 0x06, 0x2D,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x44, 0x80, 0x06, 0x2C, 0x00, 0x06, 0x4A,
+  0x94, 0x06, 0x44, 0x80, 0x06, 0x45, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x4A,
+  0x80, 0x06, 0x2D, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x4A, 0x80, 0x06, 0x2C,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x4A, 0x80, 0x06, 0x45, 0x00, 0x06, 0x4A,
+  0x94, 0x06, 0x45, 0x80, 0x06, 0x45, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x42,
+  0x80, 0x06, 0x45, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x46, 0x80, 0x06, 0x2D,
+  0x00, 0x06, 0x4A, 0x8C, 0x06, 0x42, 0x80, 0x06, 0x45, 0x00, 0x06, 0x2D,
+  0x8C, 0x06, 0x44, 0x80, 0x06, 0x2D, 0x00, 0x06, 0x45, 0x94, 0x06, 0x39,
+  0x80, 0x06, 0x45, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x43, 0x80, 0x06, 0x45,
+  0x00, 0x06, 0x4A, 0x8C, 0x06, 0x46, 0x80, 0x06, 0x2C, 0x00, 0x06, 0x2D,
+  0x94, 0x06, 0x45, 0x80, 0x06, 0x2E, 0x00, 0x06, 0x4A, 0x8C, 0x06, 0x44,
+  0x80, 0x06, 0x2C, 0x00, 0x06, 0x45, 0x94, 0x06, 0x43, 0x80, 0x06, 0x45,
+  0x00, 0x06, 0x45, 0x94, 0x06, 0x44, 0x80, 0x06, 0x2C, 0x00, 0x06, 0x45,
+  0x94, 0x06, 0x46, 0x80, 0x06, 0x2C, 0x00, 0x06, 0x2D, 0x94, 0x06, 0x2C,
+  0x80, 0x06, 0x2D, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x2D, 0x80, 0x06, 0x2C,
+  0x00, 0x06, 0x4A, 0x94, 0x06, 0x45, 0x80, 0x06, 0x2C, 0x00, 0x06, 0x4A,
+  0x94, 0x06, 0x41, 0x80, 0x06, 0x45, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x28,
+  0x80, 0x06, 0x2D, 0x00, 0x06, 0x4A, 0x8C, 0x06, 0x43, 0x80, 0x06, 0x45,
+  0x00, 0x06, 0x45, 0x8C, 0x06, 0x39, 0x80, 0x06, 0x2C, 0x00, 0x06, 0x45,
+  0x8C, 0x06, 0x35, 0x80, 0x06, 0x45, 0x00, 0x06, 0x45, 0x94, 0x06, 0x33,
+  0x80, 0x06, 0x2E, 0x00, 0x06, 0x4A, 0x94, 0x06, 0x46, 0x80, 0x06, 0x2C,
+  0x00, 0x06, 0x4A, 0x98, 0x06, 0x35, 0x80, 0x06, 0x44, 0x00, 0x06, 0xD2,
+  0x98, 0x06, 0x42, 0x80, 0x06, 0x44, 0x00, 0x06, 0xD2, 0x98, 0x06, 0x27,
+  0x80, 0x06, 0x44, 0x80, 0x06, 0x44, 0x00, 0x06, 0x47, 0x98, 0x06, 0x27,
+  0x80, 0x06, 0x43, 0x80, 0x06, 0x28, 0x00, 0x06, 0x31, 0x98, 0x06, 0x45,
+  0x80, 0x06, 0x2D, 0x80, 0x06, 0x45, 0x00, 0x06, 0x2F, 0x98, 0x06, 0x35,
+  0x80, 0x06, 0x44, 0x80, 0x06, 0x39, 0x00, 0x06, 0x45, 0x98, 0x06, 0x31,
+  0x80, 0x06, 0x33, 0x80, 0x06, 0x48, 0x00, 0x06, 0x44, 0x98, 0x06, 0x39,
+  0x80, 0x06, 0x44, 0x80, 0x06, 0x4A, 0x00, 0x06, 0x47, 0x98, 0x06, 0x48,
+  0x80, 0x06, 0x33, 0x80, 0x06, 0x44, 0x00, 0x06, 0x45, 0x98, 0x06, 0x35,
+  0x80, 0x06, 0x44, 0x00, 0x06, 0x49, 0x98, 0x06, 0x35, 0x80, 0x06, 0x44,
+  0x80, 0x06, 0x49, 0x80, 0x00, 0x20, 0x80, 0x06, 0x27, 0x80, 0x06, 0x44,
+  0x80, 0x06, 0x44, 0x80, 0x06, 0x47, 0x80, 0x00, 0x20, 0x80, 0x06, 0x39,
+  0x80, 0x06, 0x44, 0x80, 0x06, 0x4A, 0x80, 0x06, 0x47, 0x80, 0x00, 0x20,
+  0x80, 0x06, 0x48, 0x80, 0x06, 0x33, 0x80, 0x06, 0x44, 0x00, 0x06, 0x45,
+  0x98, 0x06, 0x2C, 0x80, 0x06, 0x44, 0x80, 0x00, 0x20, 0x80, 0x06, 0x2C,
+  0x80, 0x06, 0x44, 0x80, 0x06, 0x27, 0x80, 0x06, 0x44, 0x00, 0x06, 0x47,
+  0x98, 0x06, 0x31, 0x80, 0x06, 0xCC, 0x80, 0x06, 0x27, 0x00, 0x06, 0x44,
+  0x28, 0x00, 0x2C, 0x28, 0x30, 0x01, 0x28, 0x30, 0x02, 0x28, 0x00, 0x3A,
+  0x28, 0x00, 0x3B, 0x28, 0x00, 0x21, 0x28, 0x00, 0x3F, 0x28, 0x30, 0x16,
+  0x28, 0x30, 0x17, 0x28, 0x20, 0x26, 0x28, 0x20, 0x25, 0x28, 0x20, 0x14,
+  0x28, 0x20, 0x13, 0x28, 0x00, 0x5F, 0x28, 0x00, 0x5F, 0x28, 0x00, 0x28,
+  0x28, 0x00, 0x29, 0x28, 0x00, 0x7B, 0x28, 0x00, 0x7D, 0x28, 0x30, 0x14,
+  0x28, 0x30, 0x15, 0x28, 0x30, 0x10, 0x28, 0x30, 0x11, 0x28, 0x30, 0x0A,
+  0x28, 0x30, 0x0B, 0x28, 0x30, 0x08, 0x28, 0x30, 0x09, 0x28, 0x30, 0x0C,
+  0x28, 0x30, 0x0D, 0x28, 0x30, 0x0E, 0x28, 0x30, 0x0F, 0x28, 0x00, 0x5B,
+  0x28, 0x00, 0x5D, 0x40, 0x20, 0x3E, 0x40, 0x20, 0x3E, 0x40, 0x20, 0x3E,
+  0x40, 0x20, 0x3E, 0x40, 0x00, 0x5F, 0x40, 0x00, 0x5F, 0x40, 0x00, 0x5F,
+  0x34, 0x00, 0x2C, 0x34, 0x30, 0x01, 0x34, 0x00, 0x2E, 0x34, 0x00, 0x3B,
+  0x34, 0x00, 0x3A, 0x34, 0x00, 0x3F, 0x34, 0x00, 0x21, 0x34, 0x20, 0x14,
+  0x34, 0x00, 0x28, 0x34, 0x00, 0x29, 0x34, 0x00, 0x7B, 0x34, 0x00, 0x7D,
+  0x34, 0x30, 0x14, 0x34, 0x30, 0x15, 0x34, 0x00, 0x23, 0x34, 0x00, 0x26,
+  0x34, 0x00, 0x2A, 0x34, 0x00, 0x2B, 0x34, 0x00, 0x2D, 0x34, 0x00, 0x3C,
+  0x34, 0x00, 0x3E, 0x34, 0x00, 0x3D, 0x34, 0x00, 0x5C, 0x34, 0x00, 0x24,
+  0x34, 0x00, 0x25, 0x34, 0x00, 0x40, 0x98, 0x00, 0x20, 0x00, 0x06, 0x4B,
+  0x90, 0x06, 0x40, 0x00, 0x06, 0x4B, 0x98, 0x00, 0x20, 0x00, 0x06, 0x4C,
+  0x98, 0x00, 0x20, 0x00, 0x06, 0x4D, 0x98, 0x00, 0x20, 0x00, 0x06, 0x4E,
+  0x90, 0x06, 0x40, 0x00, 0x06, 0x4E, 0x98, 0x00, 0x20, 0x00, 0x06, 0x4F,
+  0x90, 0x06, 0x40, 0x00, 0x06, 0x4F, 0x98, 0x00, 0x20, 0x00, 0x06, 0x50,
+  0x90, 0x06, 0x40, 0x00, 0x06, 0x50, 0x98, 0x00, 0x20, 0x00, 0x06, 0x51,
+  0x90, 0x06, 0x40, 0x00, 0x06, 0x51, 0x98, 0x00, 0x20, 0x00, 0x06, 0x52,
+  0x90, 0x06, 0x40, 0x00, 0x06, 0x52, 0x18, 0x06, 0x21, 0x18, 0x06, 0x22,
+  0x14, 0x06, 0x22, 0x18, 0x06, 0x23, 0x14, 0x06, 0x23, 0x18, 0x06, 0x24,
+  0x14, 0x06, 0x24, 0x18, 0x06, 0x25, 0x14, 0x06, 0x25, 0x18, 0x06, 0x26,
+  0x14, 0x06, 0x26, 0x0C, 0x06, 0x26, 0x10, 0x06, 0x26, 0x18, 0x06, 0x27,
+  0x14, 0x06, 0x27, 0x18, 0x06, 0x28, 0x14, 0x06, 0x28, 0x0C, 0x06, 0x28,
+  0x10, 0x06, 0x28, 0x18, 0x06, 0x29, 0x14, 0x06, 0x29, 0x18, 0x06, 0x2A,
+  0x14, 0x06, 0x2A, 0x0C, 0x06, 0x2A, 0x10, 0x06, 0x2A, 0x18, 0x06, 0x2B,
+  0x14, 0x06, 0x2B, 0x0C, 0x06, 0x2B, 0x10, 0x06, 0x2B, 0x18, 0x06, 0x2C,
+  0x14, 0x06, 0x2C, 0x0C, 0x06, 0x2C, 0x10, 0x06, 0x2C, 0x18, 0x06, 0x2D,
+  0x14, 0x06, 0x2D, 0x0C, 0x06, 0x2D, 0x10, 0x06, 0x2D, 0x18, 0x06, 0x2E,
+  0x14, 0x06, 0x2E, 0x0C, 0x06, 0x2E, 0x10, 0x06, 0x2E, 0x18, 0x06, 0x2F,
+  0x14, 0x06, 0x2F, 0x18, 0x06, 0x30, 0x14, 0x06, 0x30, 0x18, 0x06, 0x31,
+  0x14, 0x06, 0x31, 0x18, 0x06, 0x32, 0x14, 0x06, 0x32, 0x18, 0x06, 0x33,
+  0x14, 0x06, 0x33, 0x0C, 0x06, 0x33, 0x10, 0x06, 0x33, 0x18, 0x06, 0x34,
+  0x14, 0x06, 0x34, 0x0C, 0x06, 0x34, 0x10, 0x06, 0x34, 0x18, 0x06, 0x35,
+  0x14, 0x06, 0x35, 0x0C, 0x06, 0x35, 0x10, 0x06, 0x35, 0x18, 0x06, 0x36,
+  0x14, 0x06, 0x36, 0x0C, 0x06, 0x36, 0x10, 0x06, 0x36, 0x18, 0x06, 0x37,
+  0x14, 0x06, 0x37, 0x0C, 0x06, 0x37, 0x10, 0x06, 0x37, 0x18, 0x06, 0x38,
+  0x14, 0x06, 0x38, 0x0C, 0x06, 0x38, 0x10, 0x06, 0x38, 0x18, 0x06, 0x39,
+  0x14, 0x06, 0x39, 0x0C, 0x06, 0x39, 0x10, 0x06, 0x39, 0x18, 0x06, 0x3A,
+  0x14, 0x06, 0x3A, 0x0C, 0x06, 0x3A, 0x10, 0x06, 0x3A, 0x18, 0x06, 0x41,
+  0x14, 0x06, 0x41, 0x0C, 0x06, 0x41, 0x10, 0x06, 0x41, 0x18, 0x06, 0x42,
+  0x14, 0x06, 0x42, 0x0C, 0x06, 0x42, 0x10, 0x06, 0x42, 0x18, 0x06, 0x43,
+  0x14, 0x06, 0x43, 0x0C, 0x06, 0x43, 0x10, 0x06, 0x43, 0x18, 0x06, 0x44,
+  0x14, 0x06, 0x44, 0x0C, 0x06, 0x44, 0x10, 0x06, 0x44, 0x18, 0x06, 0x45,
+  0x14, 0x06, 0x45, 0x0C, 0x06, 0x45, 0x10, 0x06, 0x45, 0x18, 0x06, 0x46,
+  0x14, 0x06, 0x46, 0x0C, 0x06, 0x46, 0x10, 0x06, 0x46, 0x18, 0x06, 0x47,
+  0x14, 0x06, 0x47, 0x0C, 0x06, 0x47, 0x10, 0x06, 0x47, 0x18, 0x06, 0x48,
+  0x14, 0x06, 0x48, 0x18, 0x06, 0x49, 0x14, 0x06, 0x49, 0x18, 0x06, 0x4A,
+  0x14, 0x06, 0x4A, 0x0C, 0x06, 0x4A, 0x10, 0x06, 0x4A, 0x98, 0x06, 0x44,
+  0x00, 0x06, 0x22, 0x94, 0x06, 0x44, 0x00, 0x06, 0x22, 0x98, 0x06, 0x44,
+  0x00, 0x06, 0x23, 0x94, 0x06, 0x44, 0x00, 0x06, 0x23, 0x98, 0x06, 0x44,
+  0x00, 0x06, 0x25, 0x94, 0x06, 0x44, 0x00, 0x06, 0x25, 0x98, 0x06, 0x44,
+  0x00, 0x06, 0x27, 0x94, 0x06, 0x44, 0x00, 0x06, 0x27, 0x2C, 0x00, 0x21,
+  0x2C, 0x00, 0x22, 0x2C, 0x00, 0x23, 0x2C, 0x00, 0x24, 0x2C, 0x00, 0x25,
+  0x2C, 0x00, 0x26, 0x2C, 0x00, 0x27, 0x2C, 0x00, 0x28, 0x2C, 0x00, 0x29,
+  0x2C, 0x00, 0x2A, 0x2C, 0x00, 0x2B, 0x2C, 0x00, 0x2C, 0x2C, 0x00, 0x2D,
+  0x2C, 0x00, 0x2E, 0x2C, 0x00, 0x2F, 0x2C, 0x00, 0x30, 0x2C, 0x00, 0x31,
+  0x2C, 0x00, 0x32, 0x2C, 0x00, 0x33, 0x2C, 0x00, 0x34, 0x2C, 0x00, 0x35,
+  0x2C, 0x00, 0x36, 0x2C, 0x00, 0x37, 0x2C, 0x00, 0x38, 0x2C, 0x00, 0x39,
+  0x2C, 0x00, 0x3A, 0x2C, 0x00, 0x3B, 0x2C, 0x00, 0x3C, 0x2C, 0x00, 0x3D,
+  0x2C, 0x00, 0x3E, 0x2C, 0x00, 0x3F, 0x2C, 0x00, 0x40, 0x2C, 0x00, 0x41,
+  0x2C, 0x00, 0x42, 0x2C, 0x00, 0x43, 0x2C, 0x00, 0x44, 0x2C, 0x00, 0x45,
+  0x2C, 0x00, 0x46, 0x2C, 0x00, 0x47, 0x2C, 0x00, 0x48, 0x2C, 0x00, 0x49,
+  0x2C, 0x00, 0x4A, 0x2C, 0x00, 0x4B, 0x2C, 0x00, 0x4C, 0x2C, 0x00, 0x4D,
+  0x2C, 0x00, 0x4E, 0x2C, 0x00, 0x4F, 0x2C, 0x00, 0x50, 0x2C, 0x00, 0x51,
+  0x2C, 0x00, 0x52, 0x2C, 0x00, 0x53, 0x2C, 0x00, 0x54, 0x2C, 0x00, 0x55,
+  0x2C, 0x00, 0x56, 0x2C, 0x00, 0x57, 0x2C, 0x00, 0x58, 0x2C, 0x00, 0x59,
+  0x2C, 0x00, 0x5A, 0x2C, 0x00, 0x5B, 0x2C, 0x00, 0x5C, 0x2C, 0x00, 0x5D,
+  0x2C, 0x00, 0x5E, 0x2C, 0x00, 0x5F, 0x2C, 0x00, 0x60, 0x2C, 0x00, 0x61,
+  0x2C, 0x00, 0x62, 0x2C, 0x00, 0x63, 0x2C, 0x00, 0x64, 0x2C, 0x00, 0x65,
+  0x2C, 0x00, 0x66, 0x2C, 0x00, 0x67, 0x2C, 0x00, 0x68, 0x2C, 0x00, 0x69,
+  0x2C, 0x00, 0x6A, 0x2C, 0x00, 0x6B, 0x2C, 0x00, 0x6C, 0x2C, 0x00, 0x6D,
+  0x2C, 0x00, 0x6E, 0x2C, 0x00, 0x6F, 0x2C, 0x00, 0x70, 0x2C, 0x00, 0x71,
+  0x2C, 0x00, 0x72, 0x2C, 0x00, 0x73, 0x2C, 0x00, 0x74, 0x2C, 0x00, 0x75,
+  0x2C, 0x00, 0x76, 0x2C, 0x00, 0x77, 0x2C, 0x00, 0x78, 0x2C, 0x00, 0x79,
+  0x2C, 0x00, 0x7A, 0x2C, 0x00, 0x7B, 0x2C, 0x00, 0x7C, 0x2C, 0x00, 0x7D,
+  0x2C, 0x00, 0x7E, 0x2C, 0x29, 0x85, 0x2C, 0x29, 0x86, 0x30, 0x30, 0x02,
+  0x30, 0x30, 0x0C, 0x30, 0x30, 0x0D, 0x30, 0x30, 0x01, 0x30, 0x30, 0xFB,
+  0x30, 0x30, 0xF2, 0x30, 0x30, 0xA1, 0x30, 0x30, 0xA3, 0x30, 0x30, 0xA5,
+  0x30, 0x30, 0xA7, 0x30, 0x30, 0xA9, 0x30, 0x30, 0xE3, 0x30, 0x30, 0xE5,
+  0x30, 0x30, 0xE7, 0x30, 0x30, 0xC3, 0x30, 0x30, 0xFC, 0x30, 0x30, 0xA2,
+  0x30, 0x30, 0xA4, 0x30, 0x30, 0xA6, 0x30, 0x30, 0xA8, 0x30, 0x30, 0xAA,
+  0x30, 0x30, 0xAB, 0x30, 0x30, 0xAD, 0x30, 0x30, 0xAF, 0x30, 0x30, 0xB1,
+  0x30, 0x30, 0xB3, 0x30, 0x30, 0xB5, 0x30, 0x30, 0xB7, 0x30, 0x30, 0xB9,
+  0x30, 0x30, 0xBB, 0x30, 0x30, 0xBD, 0x30, 0x30, 0xBF, 0x30, 0x30, 0xC1,
+  0x30, 0x30, 0xC4, 0x30, 0x30, 0xC6, 0x30, 0x30, 0xC8, 0x30, 0x30, 0xCA,
+  0x30, 0x30, 0xCB, 0x30, 0x30, 0xCC, 0x30, 0x30, 0xCD, 0x30, 0x30, 0xCE,
+  0x30, 0x30, 0xCF, 0x30, 0x30, 0xD2, 0x30, 0x30, 0xD5, 0x30, 0x30, 0xD8,
+  0x30, 0x30, 0xDB, 0x30, 0x30, 0xDE, 0x30, 0x30, 0xDF, 0x30, 0x30, 0xE0,
+  0x30, 0x30, 0xE1, 0x30, 0x30, 0xE2, 0x30, 0x30, 0xE4, 0x30, 0x30, 0xE6,
+  0x30, 0x30, 0xE8, 0x30, 0x30, 0xE9, 0x30, 0x30, 0xEA, 0x30, 0x30, 0xEB,
+  0x30, 0x30, 0xEC, 0x30, 0x30, 0xED, 0x30, 0x30, 0xEF, 0x30, 0x30, 0xF3,
+  0x30, 0x30, 0x99, 0x30, 0x30, 0x9A, 0x30, 0x31, 0x64, 0x30, 0x31, 0x31,
+  0x30, 0x31, 0x32, 0x30, 0x31, 0x33, 0x30, 0x31, 0x34, 0x30, 0x31, 0x35,
+  0x30, 0x31, 0x36, 0x30, 0x31, 0x37, 0x30, 0x31, 0x38, 0x30, 0x31, 0x39,
+  0x30, 0x31, 0x3A, 0x30, 0x31, 0x3B, 0x30, 0x31, 0x3C, 0x30, 0x31, 0x3D,
+  0x30, 0x31, 0x3E, 0x30, 0x31, 0x3F, 0x30, 0x31, 0x40, 0x30, 0x31, 0x41,
+  0x30, 0x31, 0x42, 0x30, 0x31, 0x43, 0x30, 0x31, 0x44, 0x30, 0x31, 0x45,
+  0x30, 0x31, 0x46, 0x30, 0x31, 0x47, 0x30, 0x31, 0x48, 0x30, 0x31, 0x49,
+  0x30, 0x31, 0x4A, 0x30, 0x31, 0x4B, 0x30, 0x31, 0x4C, 0x30, 0x31, 0x4D,
+  0x30, 0x31, 0x4E, 0x30, 0x31, 0x4F, 0x30, 0x31, 0x50, 0x30, 0x31, 0x51,
+  0x30, 0x31, 0x52, 0x30, 0x31, 0x53, 0x30, 0x31, 0x54, 0x30, 0x31, 0x55,
+  0x30, 0x31, 0x56, 0x30, 0x31, 0x57, 0x30, 0x31, 0x58, 0x30, 0x31, 0x59,
+  0x30, 0x31, 0x5A, 0x30, 0x31, 0x5B, 0x30, 0x31, 0x5C, 0x30, 0x31, 0x5D,
+  0x30, 0x31, 0x5E, 0x30, 0x31, 0x5F, 0x30, 0x31, 0x60, 0x30, 0x31, 0x61,
+  0x30, 0x31, 0x62, 0x30, 0x31, 0x63, 0x2C, 0x00, 0xA2, 0x2C, 0x00, 0xA3,
+  0x2C, 0x00, 0xAC, 0x2C, 0x00, 0xAF, 0x2C, 0x00, 0xA6, 0x2C, 0x00, 0xA5,
+  0x2C, 0x20, 0xA9, 0x30, 0x25, 0x02, 0x30, 0x21, 0x90, 0x30, 0x21, 0x91,
+  0x30, 0x21, 0x92, 0x30, 0x21, 0x93, 0x30, 0x25, 0xA0, 0x30, 0x25, 0xCB,
+  0x81, 0x10, 0x99, 0x01, 0x10, 0xBA, 0x81, 0x10, 0x9B, 0x01, 0x10, 0xBA,
+  0x81, 0x10, 0xA5, 0x01, 0x10, 0xBA, 0x81, 0x11, 0x31, 0x01, 0x11, 0x27,
+  0x81, 0x11, 0x32, 0x01, 0x11, 0x27, 0x81, 0x13, 0x47, 0x01, 0x13, 0x3E,
+  0x81, 0x13, 0x47, 0x01, 0x13, 0x57, 0x81, 0x14, 0xB9, 0x01, 0x14, 0xBA,
+  0x81, 0x14, 0xB9, 0x01, 0x14, 0xB0, 0x81, 0x14, 0xB9, 0x01, 0x14, 0xBD,
+  0x81, 0x15, 0xB8, 0x01, 0x15, 0xAF, 0x81, 0x15, 0xB9, 0x01, 0x15, 0xAF,
+  0x81, 0xD1, 0x57, 0x01, 0xD1, 0x65, 0x81, 0xD1, 0x58, 0x01, 0xD1, 0x65,
+  0x81, 0xD1, 0x5F, 0x01, 0xD1, 0x6E, 0x81, 0xD1, 0x5F, 0x01, 0xD1, 0x6F,
+  0x81, 0xD1, 0x5F, 0x01, 0xD1, 0x70, 0x81, 0xD1, 0x5F, 0x01, 0xD1, 0x71,
+  0x81, 0xD1, 0x5F, 0x01, 0xD1, 0x72, 0x81, 0xD1, 0xB9, 0x01, 0xD1, 0x65,
+  0x81, 0xD1, 0xBA, 0x01, 0xD1, 0x65, 0x81, 0xD1, 0xBB, 0x01, 0xD1, 0x6E,
+  0x81, 0xD1, 0xBC, 0x01, 0xD1, 0x6E, 0x81, 0xD1, 0xBB, 0x01, 0xD1, 0x6F,
+  0x81, 0xD1, 0xBC, 0x01, 0xD1, 0x6F, 0x04, 0x00, 0x41, 0x04, 0x00, 0x42,
+  0x04, 0x00, 0x43, 0x04, 0x00, 0x44, 0x04, 0x00, 0x45, 0x04, 0x00, 0x46,
+  0x04, 0x00, 0x47, 0x04, 0x00, 0x48, 0x04, 0x00, 0x49, 0x04, 0x00, 0x4A,
+  0x04, 0x00, 0x4B, 0x04, 0x00, 0x4C, 0x04, 0x00, 0x4D, 0x04, 0x00, 0x4E,
+  0x04, 0x00, 0x4F, 0x04, 0x00, 0x50, 0x04, 0x00, 0x51, 0x04, 0x00, 0x52,
+  0x04, 0x00, 0x53, 0x04, 0x00, 0x54, 0x04, 0x00, 0x55, 0x04, 0x00, 0x56,
+  0x04, 0x00, 0x57, 0x04, 0x00, 0x58, 0x04, 0x00, 0x59, 0x04, 0x00, 0x5A,
+  0x04, 0x00, 0x61, 0x04, 0x00, 0x62, 0x04, 0x00, 0x63, 0x04, 0x00, 0x64,
+  0x04, 0x00, 0x65, 0x04, 0x00, 0x66, 0x04, 0x00, 0x67, 0x04, 0x00, 0x68,
+  0x04, 0x00, 0x69, 0x04, 0x00, 0x6A, 0x04, 0x00, 0x6B, 0x04, 0x00, 0x6C,
+  0x04, 0x00, 0x6D, 0x04, 0x00, 0x6E, 0x04, 0x00, 0x6F, 0x04, 0x00, 0x70,
+  0x04, 0x00, 0x71, 0x04, 0x00, 0x72, 0x04, 0x00, 0x73, 0x04, 0x00, 0x74,
+  0x04, 0x00, 0x75, 0x04, 0x00, 0x76, 0x04, 0x00, 0x77, 0x04, 0x00, 0x78,
+  0x04, 0x00, 0x79, 0x04, 0x00, 0x7A, 0x04, 0x00, 0x41, 0x04, 0x00, 0x42,
+  0x04, 0x00, 0x43, 0x04, 0x00, 0x44, 0x04, 0x00, 0x45, 0x04, 0x00, 0x46,
+  0x04, 0x00, 0x47, 0x04, 0x00, 0x48, 0x04, 0x00, 0x49, 0x04, 0x00, 0x4A,
+  0x04, 0x00, 0x4B, 0x04, 0x00, 0x4C, 0x04, 0x00, 0x4D, 0x04, 0x00, 0x4E,
+  0x04, 0x00, 0x4F, 0x04, 0x00, 0x50, 0x04, 0x00, 0x51, 0x04, 0x00, 0x52,
+  0x04, 0x00, 0x53, 0x04, 0x00, 0x54, 0x04, 0x00, 0x55, 0x04, 0x00, 0x56,
+  0x04, 0x00, 0x57, 0x04, 0x00, 0x58, 0x04, 0x00, 0x59, 0x04, 0x00, 0x5A,
+  0x04, 0x00, 0x61, 0x04, 0x00, 0x62, 0x04, 0x00, 0x63, 0x04, 0x00, 0x64,
+  0x04, 0x00, 0x65, 0x04, 0x00, 0x66, 0x04, 0x00, 0x67, 0x04, 0x00, 0x69,
+  0x04, 0x00, 0x6A, 0x04, 0x00, 0x6B, 0x04, 0x00, 0x6C, 0x04, 0x00, 0x6D,
+  0x04, 0x00, 0x6E, 0x04, 0x00, 0x6F, 0x04, 0x00, 0x70, 0x04, 0x00, 0x71,
+  0x04, 0x00, 0x72, 0x04, 0x00, 0x73, 0x04, 0x00, 0x74, 0x04, 0x00, 0x75,
+  0x04, 0x00, 0x76, 0x04, 0x00, 0x77, 0x04, 0x00, 0x78, 0x04, 0x00, 0x79,
+  0x04, 0x00, 0x7A, 0x04, 0x00, 0x41, 0x04, 0x00, 0x42, 0x04, 0x00, 0x43,
+  0x04, 0x00, 0x44, 0x04, 0x00, 0x45, 0x04, 0x00, 0x46, 0x04, 0x00, 0x47,
+  0x04, 0x00, 0x48, 0x04, 0x00, 0x49, 0x04, 0x00, 0x4A, 0x04, 0x00, 0x4B,
+  0x04, 0x00, 0x4C, 0x04, 0x00, 0x4D, 0x04, 0x00, 0x4E, 0x04, 0x00, 0x4F,
+  0x04, 0x00, 0x50, 0x04, 0x00, 0x51, 0x04, 0x00, 0x52, 0x04, 0x00, 0x53,
+  0x04, 0x00, 0x54, 0x04, 0x00, 0x55, 0x04, 0x00, 0x56, 0x04, 0x00, 0x57,
+  0x04, 0x00, 0x58, 0x04, 0x00, 0x59, 0x04, 0x00, 0x5A, 0x04, 0x00, 0x61,
+  0x04, 0x00, 0x62, 0x04, 0x00, 0x63, 0x04, 0x00, 0x64, 0x04, 0x00, 0x65,
+  0x04, 0x00, 0x66, 0x04, 0x00, 0x67, 0x04, 0x00, 0x68, 0x04, 0x00, 0x69,
+  0x04, 0x00, 0x6A, 0x04, 0x00, 0x6B, 0x04, 0x00, 0x6C, 0x04, 0x00, 0x6D,
+  0x04, 0x00, 0x6E, 0x04, 0x00, 0x6F, 0x04, 0x00, 0x70, 0x04, 0x00, 0x71,
+  0x04, 0x00, 0x72, 0x04, 0x00, 0x73, 0x04, 0x00, 0x74, 0x04, 0x00, 0x75,
+  0x04, 0x00, 0x76, 0x04, 0x00, 0x77, 0x04, 0x00, 0x78, 0x04, 0x00, 0x79,
+  0x04, 0x00, 0x7A, 0x04, 0x00, 0x41, 0x04, 0x00, 0x43, 0x04, 0x00, 0x44,
+  0x04, 0x00, 0x47, 0x04, 0x00, 0x4A, 0x04, 0x00, 0x4B, 0x04, 0x00, 0x4E,
+  0x04, 0x00, 0x4F, 0x04, 0x00, 0x50, 0x04, 0x00, 0x51, 0x04, 0x00, 0x53,
+  0x04, 0x00, 0x54, 0x04, 0x00, 0x55, 0x04, 0x00, 0x56, 0x04, 0x00, 0x57,
+  0x04, 0x00, 0x58, 0x04, 0x00, 0x59, 0x04, 0x00, 0x5A, 0x04, 0x00, 0x61,
+  0x04, 0x00, 0x62, 0x04, 0x00, 0x63, 0x04, 0x00, 0x64, 0x04, 0x00, 0x66,
+  0x04, 0x00, 0x68, 0x04, 0x00, 0x69, 0x04, 0x00, 0x6A, 0x04, 0x00, 0x6B,
+  0x04, 0x00, 0x6C, 0x04, 0x00, 0x6D, 0x04, 0x00, 0x6E, 0x04, 0x00, 0x70,
+  0x04, 0x00, 0x71, 0x04, 0x00, 0x72, 0x04, 0x00, 0x73, 0x04, 0x00, 0x74,
+  0x04, 0x00, 0x75, 0x04, 0x00, 0x76, 0x04, 0x00, 0x77, 0x04, 0x00, 0x78,
+  0x04, 0x00, 0x79, 0x04, 0x00, 0x7A, 0x04, 0x00, 0x41, 0x04, 0x00, 0x42,
+  0x04, 0x00, 0x43, 0x04, 0x00, 0x44, 0x04, 0x00, 0x45, 0x04, 0x00, 0x46,
+  0x04, 0x00, 0x47, 0x04, 0x00, 0x48, 0x04, 0x00, 0x49, 0x04, 0x00, 0x4A,
+  0x04, 0x00, 0x4B, 0x04, 0x00, 0x4C, 0x04, 0x00, 0x4D, 0x04, 0x00, 0x4E,
+  0x04, 0x00, 0x4F, 0x04, 0x00, 0x50, 0x04, 0x00, 0x51, 0x04, 0x00, 0x52,
+  0x04, 0x00, 0x53, 0x04, 0x00, 0x54, 0x04, 0x00, 0x55, 0x04, 0x00, 0x56,
+  0x04, 0x00, 0x57, 0x04, 0x00, 0x58, 0x04, 0x00, 0x59, 0x04, 0x00, 0x5A,
+  0x04, 0x00, 0x61, 0x04, 0x00, 0x62, 0x04, 0x00, 0x63, 0x04, 0x00, 0x64,
+  0x04, 0x00, 0x65, 0x04, 0x00, 0x66, 0x04, 0x00, 0x67, 0x04, 0x00, 0x68,
+  0x04, 0x00, 0x69, 0x04, 0x00, 0x6A, 0x04, 0x00, 0x6B, 0x04, 0x00, 0x6C,
+  0x04, 0x00, 0x6D, 0x04, 0x00, 0x6E, 0x04, 0x00, 0x6F, 0x04, 0x00, 0x70,
+  0x04, 0x00, 0x71, 0x04, 0x00, 0x72, 0x04, 0x00, 0x73, 0x04, 0x00, 0x74,
+  0x04, 0x00, 0x75, 0x04, 0x00, 0x76, 0x04, 0x00, 0x77, 0x04, 0x00, 0x78,
+  0x04, 0x00, 0x79, 0x04, 0x00, 0x7A, 0x04, 0x00, 0x41, 0x04, 0x00, 0x42,
+  0x04, 0x00, 0x44, 0x04, 0x00, 0x45, 0x04, 0x00, 0x46, 0x04, 0x00, 0x47,
+  0x04, 0x00, 0x4A, 0x04, 0x00, 0x4B, 0x04, 0x00, 0x4C, 0x04, 0x00, 0x4D,
+  0x04, 0x00, 0x4E, 0x04, 0x00, 0x4F, 0x04, 0x00, 0x50, 0x04, 0x00, 0x51,
+  0x04, 0x00, 0x53, 0x04, 0x00, 0x54, 0x04, 0x00, 0x55, 0x04, 0x00, 0x56,
+  0x04, 0x00, 0x57, 0x04, 0x00, 0x58, 0x04, 0x00, 0x59, 0x04, 0x00, 0x61,
+  0x04, 0x00, 0x62, 0x04, 0x00, 0x63, 0x04, 0x00, 0x64, 0x04, 0x00, 0x65,
+  0x04, 0x00, 0x66, 0x04, 0x00, 0x67, 0x04, 0x00, 0x68, 0x04, 0x00, 0x69,
+  0x04, 0x00, 0x6A, 0x04, 0x00, 0x6B, 0x04, 0x00, 0x6C, 0x04, 0x00, 0x6D,
+  0x04, 0x00, 0x6E, 0x04, 0x00, 0x6F, 0x04, 0x00, 0x70, 0x04, 0x00, 0x71,
+  0x04, 0x00, 0x72, 0x04, 0x00, 0x73, 0x04, 0x00, 0x74, 0x04, 0x00, 0x75,
+  0x04, 0x00, 0x76, 0x04, 0x00, 0x77, 0x04, 0x00, 0x78, 0x04, 0x00, 0x79,
+  0x04, 0x00, 0x7A, 0x04, 0x00, 0x41, 0x04, 0x00, 0x42, 0x04, 0x00, 0x44,
+  0x04, 0x00, 0x45, 0x04, 0x00, 0x46, 0x04, 0x00, 0x47, 0x04, 0x00, 0x49,
+  0x04, 0x00, 0x4A, 0x04, 0x00, 0x4B, 0x04, 0x00, 0x4C, 0x04, 0x00, 0x4D,
+  0x04, 0x00, 0x4F, 0x04, 0x00, 0x53, 0x04, 0x00, 0x54, 0x04, 0x00, 0x55,
+  0x04, 0x00, 0x56, 0x04, 0x00, 0x57, 0x04, 0x00, 0x58, 0x04, 0x00, 0x59,
+  0x04, 0x00, 0x61, 0x04, 0x00, 0x62, 0x04, 0x00, 0x63, 0x04, 0x00, 0x64,
+  0x04, 0x00, 0x65, 0x04, 0x00, 0x66, 0x04, 0x00, 0x67, 0x04, 0x00, 0x68,
+  0x04, 0x00, 0x69, 0x04, 0x00, 0x6A, 0x04, 0x00, 0x6B, 0x04, 0x00, 0x6C,
+  0x04, 0x00, 0x6D, 0x04, 0x00, 0x6E, 0x04, 0x00, 0x6F, 0x04, 0x00, 0x70,
+  0x04, 0x00, 0x71, 0x04, 0x00, 0x72, 0x04, 0x00, 0x73, 0x04, 0x00, 0x74,
+  0x04, 0x00, 0x75, 0x04, 0x00, 0x76, 0x04, 0x00, 0x77, 0x04, 0x00, 0x78,
+  0x04, 0x00, 0x79, 0x04, 0x00, 0x7A, 0x04, 0x00, 0x41, 0x04, 0x00, 0x42,
+  0x04, 0x00, 0x43, 0x04, 0x00, 0x44, 0x04, 0x00, 0x45, 0x04, 0x00, 0x46,
+  0x04, 0x00, 0x47, 0x04, 0x00, 0x48, 0x04, 0x00, 0x49, 0x04, 0x00, 0x4A,
+  0x04, 0x00, 0x4B, 0x04, 0x00, 0x4C, 0x04, 0x00, 0x4D, 0x04, 0x00, 0x4E,
+  0x04, 0x00, 0x4F, 0x04, 0x00, 0x50, 0x04, 0x00, 0x51, 0x04, 0x00, 0x52,
+  0x04, 0x00, 0x53, 0x04, 0x00, 0x54, 0x04, 0x00, 0x55, 0x04, 0x00, 0x56,
+  0x04, 0x00, 0x57, 0x04, 0x00, 0x58, 0x04, 0x00, 0x59, 0x04, 0x00, 0x5A,
+  0x04, 0x00, 0x61, 0x04, 0x00, 0x62, 0x04, 0x00, 0x63, 0x04, 0x00, 0x64,
+  0x04, 0x00, 0x65, 0x04, 0x00, 0x66, 0x04, 0x00, 0x67, 0x04, 0x00, 0x68,
+  0x04, 0x00, 0x69, 0x04, 0x00, 0x6A, 0x04, 0x00, 0x6B, 0x04, 0x00, 0x6C,
+  0x04, 0x00, 0x6D, 0x04, 0x00, 0x6E, 0x04, 0x00, 0x6F, 0x04, 0x00, 0x70,
+  0x04, 0x00, 0x71, 0x04, 0x00, 0x72, 0x04, 0x00, 0x73, 0x04, 0x00, 0x74,
+  0x04, 0x00, 0x75, 0x04, 0x00, 0x76, 0x04, 0x00, 0x77, 0x04, 0x00, 0x78,
+  0x04, 0x00, 0x79, 0x04, 0x00, 0x7A, 0x04, 0x00, 0x41, 0x04, 0x00, 0x42,
+  0x04, 0x00, 0x43, 0x04, 0x00, 0x44, 0x04, 0x00, 0x45, 0x04, 0x00, 0x46,
+  0x04, 0x00, 0x47, 0x04, 0x00, 0x48, 0x04, 0x00, 0x49, 0x04, 0x00, 0x4A,
+  0x04, 0x00, 0x4B, 0x04, 0x00, 0x4C, 0x04, 0x00, 0x4D, 0x04, 0x00, 0x4E,
+  0x04, 0x00, 0x4F, 0x04, 0x00, 0x50, 0x04, 0x00, 0x51, 0x04, 0x00, 0x52,
+  0x04, 0x00, 0x53, 0x04, 0x00, 0x54, 0x04, 0x00, 0x55, 0x04, 0x00, 0x56,
+  0x04, 0x00, 0x57, 0x04, 0x00, 0x58, 0x04, 0x00, 0x59, 0x04, 0x00, 0x5A,
+  0x04, 0x00, 0x61, 0x04, 0x00, 0x62, 0x04, 0x00, 0x63, 0x04, 0x00, 0x64,
+  0x04, 0x00, 0x65, 0x04, 0x00, 0x66, 0x04, 0x00, 0x67, 0x04, 0x00, 0x68,
+  0x04, 0x00, 0x69, 0x04, 0x00, 0x6A, 0x04, 0x00, 0x6B, 0x04, 0x00, 0x6C,
+  0x04, 0x00, 0x6D, 0x04, 0x00, 0x6E, 0x04, 0x00, 0x6F, 0x04, 0x00, 0x70,
+  0x04, 0x00, 0x71, 0x04, 0x00, 0x72, 0x04, 0x00, 0x73, 0x04, 0x00, 0x74,
+  0x04, 0x00, 0x75, 0x04, 0x00, 0x76, 0x04, 0x00, 0x77, 0x04, 0x00, 0x78,
+  0x04, 0x00, 0x79, 0x04, 0x00, 0x7A, 0x04, 0x00, 0x41, 0x04, 0x00, 0x42,
+  0x04, 0x00, 0x43, 0x04, 0x00, 0x44, 0x04, 0x00, 0x45, 0x04, 0x00, 0x46,
+  0x04, 0x00, 0x47, 0x04, 0x00, 0x48, 0x04, 0x00, 0x49, 0x04, 0x00, 0x4A,
+  0x04, 0x00, 0x4B, 0x04, 0x00, 0x4C, 0x04, 0x00, 0x4D, 0x04, 0x00, 0x4E,
+  0x04, 0x00, 0x4F, 0x04, 0x00, 0x50, 0x04, 0x00, 0x51, 0x04, 0x00, 0x52,
+  0x04, 0x00, 0x53, 0x04, 0x00, 0x54, 0x04, 0x00, 0x55, 0x04, 0x00, 0x56,
+  0x04, 0x00, 0x57, 0x04, 0x00, 0x58, 0x04, 0x00, 0x59, 0x04, 0x00, 0x5A,
+  0x04, 0x00, 0x61, 0x04, 0x00, 0x62, 0x04, 0x00, 0x63, 0x04, 0x00, 0x64,
+  0x04, 0x00, 0x65, 0x04, 0x00, 0x66, 0x04, 0x00, 0x67, 0x04, 0x00, 0x68,
+  0x04, 0x00, 0x69, 0x04, 0x00, 0x6A, 0x04, 0x00, 0x6B, 0x04, 0x00, 0x6C,
+  0x04, 0x00, 0x6D, 0x04, 0x00, 0x6E, 0x04, 0x00, 0x6F, 0x04, 0x00, 0x70,
+  0x04, 0x00, 0x71, 0x04, 0x00, 0x72, 0x04, 0x00, 0x73, 0x04, 0x00, 0x74,
+  0x04, 0x00, 0x75, 0x04, 0x00, 0x76, 0x04, 0x00, 0x77, 0x04, 0x00, 0x78,
+  0x04, 0x00, 0x79, 0x04, 0x00, 0x7A, 0x04, 0x00, 0x41, 0x04, 0x00, 0x42,
+  0x04, 0x00, 0x43, 0x04, 0x00, 0x44, 0x04, 0x00, 0x45, 0x04, 0x00, 0x46,
+  0x04, 0x00, 0x47, 0x04, 0x00, 0x48, 0x04, 0x00, 0x49, 0x04, 0x00, 0x4A,
+  0x04, 0x00, 0x4B, 0x04, 0x00, 0x4C, 0x04, 0x00, 0x4D, 0x04, 0x00, 0x4E,
+  0x04, 0x00, 0x4F, 0x04, 0x00, 0x50, 0x04, 0x00, 0x51, 0x04, 0x00, 0x52,
+  0x04, 0x00, 0x53, 0x04, 0x00, 0x54, 0x04, 0x00, 0x55, 0x04, 0x00, 0x56,
+  0x04, 0x00, 0x57, 0x04, 0x00, 0x58, 0x04, 0x00, 0x59, 0x04, 0x00, 0x5A,
+  0x04, 0x00, 0x61, 0x04, 0x00, 0x62, 0x04, 0x00, 0x63, 0x04, 0x00, 0x64,
+  0x04, 0x00, 0x65, 0x04, 0x00, 0x66, 0x04, 0x00, 0x67, 0x04, 0x00, 0x68,
+  0x04, 0x00, 0x69, 0x04, 0x00, 0x6A, 0x04, 0x00, 0x6B, 0x04, 0x00, 0x6C,
+  0x04, 0x00, 0x6D, 0x04, 0x00, 0x6E, 0x04, 0x00, 0x6F, 0x04, 0x00, 0x70,
+  0x04, 0x00, 0x71, 0x04, 0x00, 0x72, 0x04, 0x00, 0x73, 0x04, 0x00, 0x74,
+  0x04, 0x00, 0x75, 0x04, 0x00, 0x76, 0x04, 0x00, 0x77, 0x04, 0x00, 0x78,
+  0x04, 0x00, 0x79, 0x04, 0x00, 0x7A, 0x04, 0x00, 0x41, 0x04, 0x00, 0x42,
+  0x04, 0x00, 0x43, 0x04, 0x00, 0x44, 0x04, 0x00, 0x45, 0x04, 0x00, 0x46,
+  0x04, 0x00, 0x47, 0x04, 0x00, 0x48, 0x04, 0x00, 0x49, 0x04, 0x00, 0x4A,
+  0x04, 0x00, 0x4B, 0x04, 0x00, 0x4C, 0x04, 0x00, 0x4D, 0x04, 0x00, 0x4E,
+  0x04, 0x00, 0x4F, 0x04, 0x00, 0x50, 0x04, 0x00, 0x51, 0x04, 0x00, 0x52,
+  0x04, 0x00, 0x53, 0x04, 0x00, 0x54, 0x04, 0x00, 0x55, 0x04, 0x00, 0x56,
+  0x04, 0x00, 0x57, 0x04, 0x00, 0x58, 0x04, 0x00, 0x59, 0x04, 0x00, 0x5A,
+  0x04, 0x00, 0x61, 0x04, 0x00, 0x62, 0x04, 0x00, 0x63, 0x04, 0x00, 0x64,
+  0x04, 0x00, 0x65, 0x04, 0x00, 0x66, 0x04, 0x00, 0x67, 0x04, 0x00, 0x68,
+  0x04, 0x00, 0x69, 0x04, 0x00, 0x6A, 0x04, 0x00, 0x6B, 0x04, 0x00, 0x6C,
+  0x04, 0x00, 0x6D, 0x04, 0x00, 0x6E, 0x04, 0x00, 0x6F, 0x04, 0x00, 0x70,
+  0x04, 0x00, 0x71, 0x04, 0x00, 0x72, 0x04, 0x00, 0x73, 0x04, 0x00, 0x74,
+  0x04, 0x00, 0x75, 0x04, 0x00, 0x76, 0x04, 0x00, 0x77, 0x04, 0x00, 0x78,
+  0x04, 0x00, 0x79, 0x04, 0x00, 0x7A, 0x04, 0x00, 0x41, 0x04, 0x00, 0x42,
+  0x04, 0x00, 0x43, 0x04, 0x00, 0x44, 0x04, 0x00, 0x45, 0x04, 0x00, 0x46,
+  0x04, 0x00, 0x47, 0x04, 0x00, 0x48, 0x04, 0x00, 0x49, 0x04, 0x00, 0x4A,
+  0x04, 0x00, 0x4B, 0x04, 0x00, 0x4C, 0x04, 0x00, 0x4D, 0x04, 0x00, 0x4E,
+  0x04, 0x00, 0x4F, 0x04, 0x00, 0x50, 0x04, 0x00, 0x51, 0x04, 0x00, 0x52,
+  0x04, 0x00, 0x53, 0x04, 0x00, 0x54, 0x04, 0x00, 0x55, 0x04, 0x00, 0x56,
+  0x04, 0x00, 0x57, 0x04, 0x00, 0x58, 0x04, 0x00, 0x59, 0x04, 0x00, 0x5A,
+  0x04, 0x00, 0x61, 0x04, 0x00, 0x62, 0x04, 0x00, 0x63, 0x04, 0x00, 0x64,
+  0x04, 0x00, 0x65, 0x04, 0x00, 0x66, 0x04, 0x00, 0x67, 0x04, 0x00, 0x68,
+  0x04, 0x00, 0x69, 0x04, 0x00, 0x6A, 0x04, 0x00, 0x6B, 0x04, 0x00, 0x6C,
+  0x04, 0x00, 0x6D, 0x04, 0x00, 0x6E, 0x04, 0x00, 0x6F, 0x04, 0x00, 0x70,
+  0x04, 0x00, 0x71, 0x04, 0x00, 0x72, 0x04, 0x00, 0x73, 0x04, 0x00, 0x74,
+  0x04, 0x00, 0x75, 0x04, 0x00, 0x76, 0x04, 0x00, 0x77, 0x04, 0x00, 0x78,
+  0x04, 0x00, 0x79, 0x04, 0x00, 0x7A, 0x04, 0x01, 0x31, 0x04, 0x02, 0x37,
+  0x04, 0x03, 0x91, 0x04, 0x03, 0x92, 0x04, 0x03, 0x93, 0x04, 0x03, 0x94,
+  0x04, 0x03, 0x95, 0x04, 0x03, 0x96, 0x04, 0x03, 0x97, 0x04, 0x03, 0x98,
+  0x04, 0x03, 0x99, 0x04, 0x03, 0x9A, 0x04, 0x03, 0x9B, 0x04, 0x03, 0x9C,
+  0x04, 0x03, 0x9D, 0x04, 0x03, 0x9E, 0x04, 0x03, 0x9F, 0x04, 0x03, 0xA0,
+  0x04, 0x03, 0xA1, 0x04, 0x03, 0xF4, 0x04, 0x03, 0xA3, 0x04, 0x03, 0xA4,
+  0x04, 0x03, 0xA5, 0x04, 0x03, 0xA6, 0x04, 0x03, 0xA7, 0x04, 0x03, 0xA8,
+  0x04, 0x03, 0xA9, 0x04, 0x22, 0x07, 0x04, 0x03, 0xB1, 0x04, 0x03, 0xB2,
+  0x04, 0x03, 0xB3, 0x04, 0x03, 0xB4, 0x04, 0x03, 0xB5, 0x04, 0x03, 0xB6,
+  0x04, 0x03, 0xB7, 0x04, 0x03, 0xB8, 0x04, 0x03, 0xB9, 0x04, 0x03, 0xBA,
+  0x04, 0x03, 0xBB, 0x04, 0x03, 0xBC, 0x04, 0x03, 0xBD, 0x04, 0x03, 0xBE,
+  0x04, 0x03, 0xBF, 0x04, 0x03, 0xC0, 0x04, 0x03, 0xC1, 0x04, 0x03, 0xC2,
+  0x04, 0x03, 0xC3, 0x04, 0x03, 0xC4, 0x04, 0x03, 0xC5, 0x04, 0x03, 0xC6,
+  0x04, 0x03, 0xC7, 0x04, 0x03, 0xC8, 0x04, 0x03, 0xC9, 0x04, 0x22, 0x02,
+  0x04, 0x03, 0xF5, 0x04, 0x03, 0xD1, 0x04, 0x03, 0xF0, 0x04, 0x03, 0xD5,
+  0x04, 0x03, 0xF1, 0x04, 0x03, 0xD6, 0x04, 0x03, 0x91, 0x04, 0x03, 0x92,
+  0x04, 0x03, 0x93, 0x04, 0x03, 0x94, 0x04, 0x03, 0x95, 0x04, 0x03, 0x96,
+  0x04, 0x03, 0x97, 0x04, 0x03, 0x98, 0x04, 0x03, 0x99, 0x04, 0x03, 0x9A,
+  0x04, 0x03, 0x9B, 0x04, 0x03, 0x9C, 0x04, 0x03, 0x9D, 0x04, 0x03, 0x9E,
+  0x04, 0x03, 0x9F, 0x04, 0x03, 0xA0, 0x04, 0x03, 0xA1, 0x04, 0x03, 0xF4,
+  0x04, 0x03, 0xA3, 0x04, 0x03, 0xA4, 0x04, 0x03, 0xA5, 0x04, 0x03, 0xA6,
+  0x04, 0x03, 0xA7, 0x04, 0x03, 0xA8, 0x04, 0x03, 0xA9, 0x04, 0x22, 0x07,
+  0x04, 0x03, 0xB1, 0x04, 0x03, 0xB2, 0x04, 0x03, 0xB3, 0x04, 0x03, 0xB4,
+  0x04, 0x03, 0xB5, 0x04, 0x03, 0xB6, 0x04, 0x03, 0xB7, 0x04, 0x03, 0xB8,
+  0x04, 0x03, 0xB9, 0x04, 0x03, 0xBA, 0x04, 0x03, 0xBB, 0x04, 0x03, 0xBC,
+  0x04, 0x03, 0xBD, 0x04, 0x03, 0xBE, 0x04, 0x03, 0xBF, 0x04, 0x03, 0xC0,
+  0x04, 0x03, 0xC1, 0x04, 0x03, 0xC2, 0x04, 0x03, 0xC3, 0x04, 0x03, 0xC4,
+  0x04, 0x03, 0xC5, 0x04, 0x03, 0xC6, 0x04, 0x03, 0xC7, 0x04, 0x03, 0xC8,
+  0x04, 0x03, 0xC9, 0x04, 0x22, 0x02, 0x04, 0x03, 0xF5, 0x04, 0x03, 0xD1,
+  0x04, 0x03, 0xF0, 0x04, 0x03, 0xD5, 0x04, 0x03, 0xF1, 0x04, 0x03, 0xD6,
+  0x04, 0x03, 0x91, 0x04, 0x03, 0x92, 0x04, 0x03, 0x93, 0x04, 0x03, 0x94,
+  0x04, 0x03, 0x95, 0x04, 0x03, 0x96, 0x04, 0x03, 0x97, 0x04, 0x03, 0x98,
+  0x04, 0x03, 0x99, 0x04, 0x03, 0x9A, 0x04, 0x03, 0x9B, 0x04, 0x03, 0x9C,
+  0x04, 0x03, 0x9D, 0x04, 0x03, 0x9E, 0x04, 0x03, 0x9F, 0x04, 0x03, 0xA0,
+  0x04, 0x03, 0xA1, 0x04, 0x03, 0xF4, 0x04, 0x03, 0xA3, 0x04, 0x03, 0xA4,
+  0x04, 0x03, 0xA5, 0x04, 0x03, 0xA6, 0x04, 0x03, 0xA7, 0x04, 0x03, 0xA8,
+  0x04, 0x03, 0xA9, 0x04, 0x22, 0x07, 0x04, 0x03, 0xB1, 0x04, 0x03, 0xB2,
+  0x04, 0x03, 0xB3, 0x04, 0x03, 0xB4, 0x04, 0x03, 0xB5, 0x04, 0x03, 0xB6,
+  0x04, 0x03, 0xB7, 0x04, 0x03, 0xB8, 0x04, 0x03, 0xB9, 0x04, 0x03, 0xBA,
+  0x04, 0x03, 0xBB, 0x04, 0x03, 0xBC, 0x04, 0x03, 0xBD, 0x04, 0x03, 0xBE,
+  0x04, 0x03, 0xBF, 0x04, 0x03, 0xC0, 0x04, 0x03, 0xC1, 0x04, 0x03, 0xC2,
+  0x04, 0x03, 0xC3, 0x04, 0x03, 0xC4, 0x04, 0x03, 0xC5, 0x04, 0x03, 0xC6,
+  0x04, 0x03, 0xC7, 0x04, 0x03, 0xC8, 0x04, 0x03, 0xC9, 0x04, 0x22, 0x02,
+  0x04, 0x03, 0xF5, 0x04, 0x03, 0xD1, 0x04, 0x03, 0xF0, 0x04, 0x03, 0xD5,
+  0x04, 0x03, 0xF1, 0x04, 0x03, 0xD6, 0x04, 0x03, 0x91, 0x04, 0x03, 0x92,
+  0x04, 0x03, 0x93, 0x04, 0x03, 0x94, 0x04, 0x03, 0x95, 0x04, 0x03, 0x96,
+  0x04, 0x03, 0x97, 0x04, 0x03, 0x98, 0x04, 0x03, 0x99, 0x04, 0x03, 0x9A,
+  0x04, 0x03, 0x9B, 0x04, 0x03, 0x9C, 0x04, 0x03, 0x9D, 0x04, 0x03, 0x9E,
+  0x04, 0x03, 0x9F, 0x04, 0x03, 0xA0, 0x04, 0x03, 0xA1, 0x04, 0x03, 0xF4,
+  0x04, 0x03, 0xA3, 0x04, 0x03, 0xA4, 0x04, 0x03, 0xA5, 0x04, 0x03, 0xA6,
+  0x04, 0x03, 0xA7, 0x04, 0x03, 0xA8, 0x04, 0x03, 0xA9, 0x04, 0x22, 0x07,
+  0x04, 0x03, 0xB1, 0x04, 0x03, 0xB2, 0x04, 0x03, 0xB3, 0x04, 0x03, 0xB4,
+  0x04, 0x03, 0xB5, 0x04, 0x03, 0xB6, 0x04, 0x03, 0xB7, 0x04, 0x03, 0xB8,
+  0x04, 0x03, 0xB9, 0x04, 0x03, 0xBA, 0x04, 0x03, 0xBB, 0x04, 0x03, 0xBC,
+  0x04, 0x03, 0xBD, 0x04, 0x03, 0xBE, 0x04, 0x03, 0xBF, 0x04, 0x03, 0xC0,
+  0x04, 0x03, 0xC1, 0x04, 0x03, 0xC2, 0x04, 0x03, 0xC3, 0x04, 0x03, 0xC4,
+  0x04, 0x03, 0xC5, 0x04, 0x03, 0xC6, 0x04, 0x03, 0xC7, 0x04, 0x03, 0xC8,
+  0x04, 0x03, 0xC9, 0x04, 0x22, 0x02, 0x04, 0x03, 0xF5, 0x04, 0x03, 0xD1,
+  0x04, 0x03, 0xF0, 0x04, 0x03, 0xD5, 0x04, 0x03, 0xF1, 0x04, 0x03, 0xD6,
+  0x04, 0x03, 0x91, 0x04, 0x03, 0x92, 0x04, 0x03, 0x93, 0x04, 0x03, 0x94,
+  0x04, 0x03, 0x95, 0x04, 0x03, 0x96, 0x04, 0x03, 0x97, 0x04, 0x03, 0x98,
+  0x04, 0x03, 0x99, 0x04, 0x03, 0x9A, 0x04, 0x03, 0x9B, 0x04, 0x03, 0x9C,
+  0x04, 0x03, 0x9D, 0x04, 0x03, 0x9E, 0x04, 0x03, 0x9F, 0x04, 0x03, 0xA0,
+  0x04, 0x03, 0xA1, 0x04, 0x03, 0xF4, 0x04, 0x03, 0xA3, 0x04, 0x03, 0xA4,
+  0x04, 0x03, 0xA5, 0x04, 0x03, 0xA6, 0x04, 0x03, 0xA7, 0x04, 0x03, 0xA8,
+  0x04, 0x03, 0xA9, 0x04, 0x22, 0x07, 0x04, 0x03, 0xB1, 0x04, 0x03, 0xB2,
+  0x04, 0x03, 0xB3, 0x04, 0x03, 0xB4, 0x04, 0x03, 0xB5, 0x04, 0x03, 0xB6,
+  0x04, 0x03, 0xB7, 0x04, 0x03, 0xB8, 0x04, 0x03, 0xB9, 0x04, 0x03, 0xBA,
+  0x04, 0x03, 0xBB, 0x04, 0x03, 0xBC, 0x04, 0x03, 0xBD, 0x04, 0x03, 0xBE,
+  0x04, 0x03, 0xBF, 0x04, 0x03, 0xC0, 0x04, 0x03, 0xC1, 0x04, 0x03, 0xC2,
+  0x04, 0x03, 0xC3, 0x04, 0x03, 0xC4, 0x04, 0x03, 0xC5, 0x04, 0x03, 0xC6,
+  0x04, 0x03, 0xC7, 0x04, 0x03, 0xC8, 0x04, 0x03, 0xC9, 0x04, 0x22, 0x02,
+  0x04, 0x03, 0xF5, 0x04, 0x03, 0xD1, 0x04, 0x03, 0xF0, 0x04, 0x03, 0xD5,
+  0x04, 0x03, 0xF1, 0x04, 0x03, 0xD6, 0x04, 0x03, 0xDC, 0x04, 0x03, 0xDD,
+  0x04, 0x00, 0x30, 0x04, 0x00, 0x31, 0x04, 0x00, 0x32, 0x04, 0x00, 0x33,
+  0x04, 0x00, 0x34, 0x04, 0x00, 0x35, 0x04, 0x00, 0x36, 0x04, 0x00, 0x37,
+  0x04, 0x00, 0x38, 0x04, 0x00, 0x39, 0x04, 0x00, 0x30, 0x04, 0x00, 0x31,
+  0x04, 0x00, 0x32, 0x04, 0x00, 0x33, 0x04, 0x00, 0x34, 0x04, 0x00, 0x35,
+  0x04, 0x00, 0x36, 0x04, 0x00, 0x37, 0x04, 0x00, 0x38, 0x04, 0x00, 0x39,
+  0x04, 0x00, 0x30, 0x04, 0x00, 0x31, 0x04, 0x00, 0x32, 0x04, 0x00, 0x33,
+  0x04, 0x00, 0x34, 0x04, 0x00, 0x35, 0x04, 0x00, 0x36, 0x04, 0x00, 0x37,
+  0x04, 0x00, 0x38, 0x04, 0x00, 0x39, 0x04, 0x00, 0x30, 0x04, 0x00, 0x31,
+  0x04, 0x00, 0x32, 0x04, 0x00, 0x33, 0x04, 0x00, 0x34, 0x04, 0x00, 0x35,
+  0x04, 0x00, 0x36, 0x04, 0x00, 0x37, 0x04, 0x00, 0x38, 0x04, 0x00, 0x39,
+  0x04, 0x00, 0x30, 0x04, 0x00, 0x31, 0x04, 0x00, 0x32, 0x04, 0x00, 0x33,
+  0x04, 0x00, 0x34, 0x04, 0x00, 0x35, 0x04, 0x00, 0x36, 0x04, 0x00, 0x37,
+  0x04, 0x00, 0x38, 0x04, 0x00, 0x39, 0x04, 0x06, 0x27, 0x04, 0x06, 0x28,
+  0x04, 0x06, 0x2C, 0x04, 0x06, 0x2F, 0x04, 0x06, 0x48, 0x04, 0x06, 0x32,
+  0x04, 0x06, 0x2D, 0x04, 0x06, 0x37, 0x04, 0x06, 0x4A, 0x04, 0x06, 0x43,
+  0x04, 0x06, 0x44, 0x04, 0x06, 0x45, 0x04, 0x06, 0x46, 0x04, 0x06, 0x33,
+  0x04, 0x06, 0x39, 0x04, 0x06, 0x41, 0x04, 0x06, 0x35, 0x04, 0x06, 0x42,
+  0x04, 0x06, 0x31, 0x04, 0x06, 0x34, 0x04, 0x06, 0x2A, 0x04, 0x06, 0x2B,
+  0x04, 0x06, 0x2E, 0x04, 0x06, 0x30, 0x04, 0x06, 0x36, 0x04, 0x06, 0x38,
+  0x04, 0x06, 0x3A, 0x04, 0x06, 0x6E, 0x04, 0x06, 0xBA, 0x04, 0x06, 0xA1,
+  0x04, 0x06, 0x6F, 0x04, 0x06, 0x28, 0x04, 0x06, 0x2C, 0x04, 0x06, 0x47,
+  0x04, 0x06, 0x2D, 0x04, 0x06, 0x4A, 0x04, 0x06, 0x43, 0x04, 0x06, 0x44,
+  0x04, 0x06, 0x45, 0x04, 0x06, 0x46, 0x04, 0x06, 0x33, 0x04, 0x06, 0x39,
+  0x04, 0x06, 0x41, 0x04, 0x06, 0x35, 0x04, 0x06, 0x42, 0x04, 0x06, 0x34,
+  0x04, 0x06, 0x2A, 0x04, 0x06, 0x2B, 0x04, 0x06, 0x2E, 0x04, 0x06, 0x36,
+  0x04, 0x06, 0x3A, 0x04, 0x06, 0x2C, 0x04, 0x06, 0x2D, 0x04, 0x06, 0x4A,
+  0x04, 0x06, 0x44, 0x04, 0x06, 0x46, 0x04, 0x06, 0x33, 0x04, 0x06, 0x39,
+  0x04, 0x06, 0x35, 0x04, 0x06, 0x42, 0x04, 0x06, 0x34, 0x04, 0x06, 0x2E,
+  0x04, 0x06, 0x36, 0x04, 0x06, 0x3A, 0x04, 0x06, 0xBA, 0x04, 0x06, 0x6F,
+  0x04, 0x06, 0x28, 0x04, 0x06, 0x2C, 0x04, 0x06, 0x47, 0x04, 0x06, 0x2D,
+  0x04, 0x06, 0x37, 0x04, 0x06, 0x4A, 0x04, 0x06, 0x43, 0x04, 0x06, 0x45,
+  0x04, 0x06, 0x46, 0x04, 0x06, 0x33, 0x04, 0x06, 0x39, 0x04, 0x06, 0x41,
+  0x04, 0x06, 0x35, 0x04, 0x06, 0x42, 0x04, 0x06, 0x34, 0x04, 0x06, 0x2A,
+  0x04, 0x06, 0x2B, 0x04, 0x06, 0x2E, 0x04, 0x06, 0x36, 0x04, 0x06, 0x38,
+  0x04, 0x06, 0x3A, 0x04, 0x06, 0x6E, 0x04, 0x06, 0xA1, 0x04, 0x06, 0x27,
+  0x04, 0x06, 0x28, 0x04, 0x06, 0x2C, 0x04, 0x06, 0x2F, 0x04, 0x06, 0x47,
+  0x04, 0x06, 0x48, 0x04, 0x06, 0x32, 0x04, 0x06, 0x2D, 0x04, 0x06, 0x37,
+  0x04, 0x06, 0x4A, 0x04, 0x06, 0x44, 0x04, 0x06, 0x45, 0x04, 0x06, 0x46,
+  0x04, 0x06, 0x33, 0x04, 0x06, 0x39, 0x04, 0x06, 0x41, 0x04, 0x06, 0x35,
+  0x04, 0x06, 0x42, 0x04, 0x06, 0x31, 0x04, 0x06, 0x34, 0x04, 0x06, 0x2A,
+  0x04, 0x06, 0x2B, 0x04, 0x06, 0x2E, 0x04, 0x06, 0x30, 0x04, 0x06, 0x36,
+  0x04, 0x06, 0x38, 0x04, 0x06, 0x3A, 0x04, 0x06, 0x28, 0x04, 0x06, 0x2C,
+  0x04, 0x06, 0x2F, 0x04, 0x06, 0x48, 0x04, 0x06, 0x32, 0x04, 0x06, 0x2D,
+  0x04, 0x06, 0x37, 0x04, 0x06, 0x4A, 0x04, 0x06, 0x44, 0x04, 0x06, 0x45,
+  0x04, 0x06, 0x46, 0x04, 0x06, 0x33, 0x04, 0x06, 0x39, 0x04, 0x06, 0x41,
+  0x04, 0x06, 0x35, 0x04, 0x06, 0x42, 0x04, 0x06, 0x31, 0x04, 0x06, 0x34,
+  0x04, 0x06, 0x2A, 0x04, 0x06, 0x2B, 0x04, 0x06, 0x2E, 0x04, 0x06, 0x30,
+  0x04, 0x06, 0x36, 0x04, 0x06, 0x38, 0x04, 0x06, 0x3A, 0xC0, 0x00, 0x30,
+  0x00, 0x00, 0x2E, 0xC0, 0x00, 0x30, 0x00, 0x00, 0x2C, 0xC0, 0x00, 0x31,
+  0x00, 0x00, 0x2C, 0xC0, 0x00, 0x32, 0x00, 0x00, 0x2C, 0xC0, 0x00, 0x33,
+  0x00, 0x00, 0x2C, 0xC0, 0x00, 0x34, 0x00, 0x00, 0x2C, 0xC0, 0x00, 0x35,
+  0x00, 0x00, 0x2C, 0xC0, 0x00, 0x36, 0x00, 0x00, 0x2C, 0xC0, 0x00, 0x37,
+  0x00, 0x00, 0x2C, 0xC0, 0x00, 0x38, 0x00, 0x00, 0x2C, 0xC0, 0x00, 0x39,
+  0x00, 0x00, 0x2C, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x41, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x42, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x43, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x44,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x45, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x46, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x47, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x48,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x49, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x4A, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x4B, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x4C,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x4D, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x4E, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x4F, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x50,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x51, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x52, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x53, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x54,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x55, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x56, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28,
+  0x80, 0x00, 0x57, 0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x58,
+  0x00, 0x00, 0x29, 0xC0, 0x00, 0x28, 0x80, 0x00, 0x59, 0x00, 0x00, 0x29,
+  0xC0, 0x00, 0x28, 0x80, 0x00, 0x5A, 0x00, 0x00, 0x29, 0xC0, 0x30, 0x14,
+  0x80, 0x00, 0x53, 0x00, 0x30, 0x15, 0x1C, 0x00, 0x43, 0x1C, 0x00, 0x52,
+  0x9C, 0x00, 0x43, 0x00, 0x00, 0x44, 0x9C, 0x00, 0x57, 0x00, 0x00, 0x5A,
+  0x38, 0x00, 0x41, 0x38, 0x00, 0x42, 0x38, 0x00, 0x43, 0x38, 0x00, 0x44,
+  0x38, 0x00, 0x45, 0x38, 0x00, 0x46, 0x38, 0x00, 0x47, 0x38, 0x00, 0x48,
+  0x38, 0x00, 0x49, 0x38, 0x00, 0x4A, 0x38, 0x00, 0x4B, 0x38, 0x00, 0x4C,
+  0x38, 0x00, 0x4D, 0x38, 0x00, 0x4E, 0x38, 0x00, 0x4F, 0x38, 0x00, 0x50,
+  0x38, 0x00, 0x51, 0x38, 0x00, 0x52, 0x38, 0x00, 0x53, 0x38, 0x00, 0x54,
+  0x38, 0x00, 0x55, 0x38, 0x00, 0x56, 0x38, 0x00, 0x57, 0x38, 0x00, 0x58,
+  0x38, 0x00, 0x59, 0x38, 0x00, 0x5A, 0xB8, 0x00, 0x48, 0x00, 0x00, 0x56,
+  0xB8, 0x00, 0x4D, 0x00, 0x00, 0x56, 0xB8, 0x00, 0x53, 0x00, 0x00, 0x44,
+  0xB8, 0x00, 0x53, 0x00, 0x00, 0x53, 0xB8, 0x00, 0x50, 0x80, 0x00, 0x50,
+  0x00, 0x00, 0x56, 0xB8, 0x00, 0x57, 0x00, 0x00, 0x43, 0xA0, 0x00, 0x4D,
+  0x00, 0x00, 0x43, 0xA0, 0x00, 0x4D, 0x00, 0x00, 0x44, 0xB8, 0x00, 0x44,
+  0x00, 0x00, 0x4A, 0xB8, 0x30, 0x7B, 0x00, 0x30, 0x4B, 0xB8, 0x30, 0xB3,
+  0x00, 0x30, 0xB3, 0x38, 0x30, 0xB5, 0x38, 0x62, 0x4B, 0x38, 0x5B, 0x57,
+  0x38, 0x53, 0xCC, 0x38, 0x30, 0xC7, 0x38, 0x4E, 0x8C, 0x38, 0x59, 0x1A,
+  0x38, 0x89, 0xE3, 0x38, 0x59, 0x29, 0x38, 0x4E, 0xA4, 0x38, 0x66, 0x20,
+  0x38, 0x71, 0x21, 0x38, 0x65, 0x99, 0x38, 0x52, 0x4D, 0x38, 0x5F, 0x8C,
+  0x38, 0x51, 0x8D, 0x38, 0x65, 0xB0, 0x38, 0x52, 0x1D, 0x38, 0x7D, 0x42,
+  0x38, 0x75, 0x1F, 0x38, 0x8C, 0xA9, 0x38, 0x58, 0xF0, 0x38, 0x54, 0x39,
+  0x38, 0x6F, 0x14, 0x38, 0x62, 0x95, 0x38, 0x63, 0x55, 0x38, 0x4E, 0x00,
+  0x38, 0x4E, 0x09, 0x38, 0x90, 0x4A, 0x38, 0x5D, 0xE6, 0x38, 0x4E, 0x2D,
+  0x38, 0x53, 0xF3, 0x38, 0x63, 0x07, 0x38, 0x8D, 0x70, 0x38, 0x62, 0x53,
+  0x38, 0x79, 0x81, 0x38, 0x7A, 0x7A, 0x38, 0x54, 0x08, 0x38, 0x6E, 0x80,
+  0x38, 0x67, 0x09, 0x38, 0x67, 0x08, 0x38, 0x75, 0x33, 0x38, 0x52, 0x72,
+  0x38, 0x55, 0xB6, 0x38, 0x91, 0x4D, 0xC0, 0x30, 0x14, 0x80, 0x67, 0x2C,
+  0x00, 0x30, 0x15, 0xC0, 0x30, 0x14, 0x80, 0x4E, 0x09, 0x00, 0x30, 0x15,
+  0xC0, 0x30, 0x14, 0x80, 0x4E, 0x8C, 0x00, 0x30, 0x15, 0xC0, 0x30, 0x14,
+  0x80, 0x5B, 0x89, 0x00, 0x30, 0x15, 0xC0, 0x30, 0x14, 0x80, 0x70, 0xB9,
+  0x00, 0x30, 0x15, 0xC0, 0x30, 0x14, 0x80, 0x62, 0x53, 0x00, 0x30, 0x15,
+  0xC0, 0x30, 0x14, 0x80, 0x76, 0xD7, 0x00, 0x30, 0x15, 0xC0, 0x30, 0x14,
+  0x80, 0x52, 0xDD, 0x00, 0x30, 0x15, 0xC0, 0x30, 0x14, 0x80, 0x65, 0x57,
+  0x00, 0x30, 0x15, 0x1C, 0x5F, 0x97, 0x1C, 0x53, 0xEF, 0x00, 0x4E, 0x3D,
+  0x00, 0x4E, 0x38, 0x00, 0x4E, 0x41, 0x02, 0x01, 0x22, 0x00, 0x4F, 0x60,
+  0x00, 0x4F, 0xAE, 0x00, 0x4F, 0xBB, 0x00, 0x50, 0x02, 0x00, 0x50, 0x7A,
+  0x00, 0x50, 0x99, 0x00, 0x50, 0xE7, 0x00, 0x50, 0xCF, 0x00, 0x34, 0x9E,
+  0x02, 0x06, 0x3A, 0x00, 0x51, 0x4D, 0x00, 0x51, 0x54, 0x00, 0x51, 0x64,
+  0x00, 0x51, 0x77, 0x02, 0x05, 0x1C, 0x00, 0x34, 0xB9, 0x00, 0x51, 0x67,
+  0x00, 0x51, 0x8D, 0x02, 0x05, 0x4B, 0x00, 0x51, 0x97, 0x00, 0x51, 0xA4,
+  0x00, 0x4E, 0xCC, 0x00, 0x51, 0xAC, 0x00, 0x51, 0xB5, 0x02, 0x91, 0xDF,
+  0x00, 0x51, 0xF5, 0x00, 0x52, 0x03, 0x00, 0x34, 0xDF, 0x00, 0x52, 0x3B,
+  0x00, 0x52, 0x46, 0x00, 0x52, 0x72, 0x00, 0x52, 0x77, 0x00, 0x35, 0x15,
+  0x00, 0x52, 0xC7, 0x00, 0x52, 0xC9, 0x00, 0x52, 0xE4, 0x00, 0x52, 0xFA,
+  0x00, 0x53, 0x05, 0x00, 0x53, 0x06, 0x00, 0x53, 0x17, 0x00, 0x53, 0x49,
+  0x00, 0x53, 0x51, 0x00, 0x53, 0x5A, 0x00, 0x53, 0x73, 0x00, 0x53, 0x7D,
+  0x00, 0x53, 0x7F, 0x00, 0x53, 0x7F, 0x00, 0x53, 0x7F, 0x02, 0x0A, 0x2C,
+  0x00, 0x70, 0x70, 0x00, 0x53, 0xCA, 0x00, 0x53, 0xDF, 0x02, 0x0B, 0x63,
+  0x00, 0x53, 0xEB, 0x00, 0x53, 0xF1, 0x00, 0x54, 0x06, 0x00, 0x54, 0x9E,
+  0x00, 0x54, 0x38, 0x00, 0x54, 0x48, 0x00, 0x54, 0x68, 0x00, 0x54, 0xA2,
+  0x00, 0x54, 0xF6, 0x00, 0x55, 0x10, 0x00, 0x55, 0x53, 0x00, 0x55, 0x63,
+  0x00, 0x55, 0x84, 0x00, 0x55, 0x84, 0x00, 0x55, 0x99, 0x00, 0x55, 0xAB,
+  0x00, 0x55, 0xB3, 0x00, 0x55, 0xC2, 0x00, 0x57, 0x16, 0x00, 0x56, 0x06,
+  0x00, 0x57, 0x17, 0x00, 0x56, 0x51, 0x00, 0x56, 0x74, 0x00, 0x52, 0x07,
+  0x00, 0x58, 0xEE, 0x00, 0x57, 0xCE, 0x00, 0x57, 0xF4, 0x00, 0x58, 0x0D,
+  0x00, 0x57, 0x8B, 0x00, 0x58, 0x32, 0x00, 0x58, 0x31, 0x00, 0x58, 0xAC,
+  0x02, 0x14, 0xE4, 0x00, 0x58, 0xF2, 0x00, 0x58, 0xF7, 0x00, 0x59, 0x06,
+  0x00, 0x59, 0x1A, 0x00, 0x59, 0x22, 0x00, 0x59, 0x62, 0x02, 0x16, 0xA8,
+  0x02, 0x16, 0xEA, 0x00, 0x59, 0xEC, 0x00, 0x5A, 0x1B, 0x00, 0x5A, 0x27,
+  0x00, 0x59, 0xD8, 0x00, 0x5A, 0x66, 0x00, 0x36, 0xEE, 0x00, 0x36, 0xFC,
+  0x00, 0x5B, 0x08, 0x00, 0x5B, 0x3E, 0x00, 0x5B, 0x3E, 0x02, 0x19, 0xC8,
+  0x00, 0x5B, 0xC3, 0x00, 0x5B, 0xD8, 0x00, 0x5B, 0xE7, 0x00, 0x5B, 0xF3,
+  0x02, 0x1B, 0x18, 0x00, 0x5B, 0xFF, 0x00, 0x5C, 0x06, 0x00, 0x5F, 0x53,
+  0x00, 0x5C, 0x22, 0x00, 0x37, 0x81, 0x00, 0x5C, 0x60, 0x00, 0x5C, 0x6E,
+  0x00, 0x5C, 0xC0, 0x00, 0x5C, 0x8D, 0x02, 0x1D, 0xE4, 0x00, 0x5D, 0x43,
+  0x02, 0x1D, 0xE6, 0x00, 0x5D, 0x6E, 0x00, 0x5D, 0x6B, 0x00, 0x5D, 0x7C,
+  0x00, 0x5D, 0xE1, 0x00, 0x5D, 0xE2, 0x00, 0x38, 0x2F, 0x00, 0x5D, 0xFD,
+  0x00, 0x5E, 0x28, 0x00, 0x5E, 0x3D, 0x00, 0x5E, 0x69, 0x00, 0x38, 0x62,
+  0x02, 0x21, 0x83, 0x00, 0x38, 0x7C, 0x00, 0x5E, 0xB0, 0x00, 0x5E, 0xB3,
+  0x00, 0x5E, 0xB6, 0x00, 0x5E, 0xCA, 0x02, 0xA3, 0x92, 0x00, 0x5E, 0xFE,
+  0x02, 0x23, 0x31, 0x02, 0x23, 0x31, 0x00, 0x82, 0x01, 0x00, 0x5F, 0x22,
+  0x00, 0x5F, 0x22, 0x00, 0x38, 0xC7, 0x02, 0x32, 0xB8, 0x02, 0x61, 0xDA,
+  0x00, 0x5F, 0x62, 0x00, 0x5F, 0x6B, 0x00, 0x38, 0xE3, 0x00, 0x5F, 0x9A,
+  0x00, 0x5F, 0xCD, 0x00, 0x5F, 0xD7, 0x00, 0x5F, 0xF9, 0x00, 0x60, 0x81,
+  0x00, 0x39, 0x3A, 0x00, 0x39, 0x1C, 0x00, 0x60, 0x94, 0x02, 0x26, 0xD4,
+  0x00, 0x60, 0xC7, 0x00, 0x61, 0x48, 0x00, 0x61, 0x4C, 0x00, 0x61, 0x4E,
+  0x00, 0x61, 0x4C, 0x00, 0x61, 0x7A, 0x00, 0x61, 0x8E, 0x00, 0x61, 0xB2,
+  0x00, 0x61, 0xA4, 0x00, 0x61, 0xAF, 0x00, 0x61, 0xDE, 0x00, 0x61, 0xF2,
+  0x00, 0x61, 0xF6, 0x00, 0x62, 0x10, 0x00, 0x62, 0x1B, 0x00, 0x62, 0x5D,
+  0x00, 0x62, 0xB1, 0x00, 0x62, 0xD4, 0x00, 0x63, 0x50, 0x02, 0x2B, 0x0C,
+  0x00, 0x63, 0x3D, 0x00, 0x62, 0xFC, 0x00, 0x63, 0x68, 0x00, 0x63, 0x83,
+  0x00, 0x63, 0xE4, 0x02, 0x2B, 0xF1, 0x00, 0x64, 0x22, 0x00, 0x63, 0xC5,
+  0x00, 0x63, 0xA9, 0x00, 0x3A, 0x2E, 0x00, 0x64, 0x69, 0x00, 0x64, 0x7E,
+  0x00, 0x64, 0x9D, 0x00, 0x64, 0x77, 0x00, 0x3A, 0x6C, 0x00, 0x65, 0x4F,
+  0x00, 0x65, 0x6C, 0x02, 0x30, 0x0A, 0x00, 0x65, 0xE3, 0x00, 0x66, 0xF8,
+  0x00, 0x66, 0x49, 0x00, 0x3B, 0x19, 0x00, 0x66, 0x91, 0x00, 0x3B, 0x08,
+  0x00, 0x3A, 0xE4, 0x00, 0x51, 0x92, 0x00, 0x51, 0x95, 0x00, 0x67, 0x00,
+  0x00, 0x66, 0x9C, 0x00, 0x80, 0xAD, 0x00, 0x43, 0xD9, 0x00, 0x67, 0x17,
+  0x00, 0x67, 0x1B, 0x00, 0x67, 0x21, 0x00, 0x67, 0x5E, 0x00, 0x67, 0x53,
+  0x02, 0x33, 0xC3, 0x00, 0x3B, 0x49, 0x00, 0x67, 0xFA, 0x00, 0x67, 0x85,
+  0x00, 0x68, 0x52, 0x00, 0x68, 0x85, 0x02, 0x34, 0x6D, 0x00, 0x68, 0x8E,
+  0x00, 0x68, 0x1F, 0x00, 0x69, 0x14, 0x00, 0x3B, 0x9D, 0x00, 0x69, 0x42,
+  0x00, 0x69, 0xA3, 0x00, 0x69, 0xEA, 0x00, 0x6A, 0xA8, 0x02, 0x36, 0xA3,
+  0x00, 0x6A, 0xDB, 0x00, 0x3C, 0x18, 0x00, 0x6B, 0x21, 0x02, 0x38, 0xA7,
+  0x00, 0x6B, 0x54, 0x00, 0x3C, 0x4E, 0x00, 0x6B, 0x72, 0x00, 0x6B, 0x9F,
+  0x00, 0x6B, 0xBA, 0x00, 0x6B, 0xBB, 0x02, 0x3A, 0x8D, 0x02, 0x1D, 0x0B,
+  0x02, 0x3A, 0xFA, 0x00, 0x6C, 0x4E, 0x02, 0x3C, 0xBC, 0x00, 0x6C, 0xBF,
+  0x00, 0x6C, 0xCD, 0x00, 0x6C, 0x67, 0x00, 0x6D, 0x16, 0x00, 0x6D, 0x3E,
+  0x00, 0x6D, 0x77, 0x00, 0x6D, 0x41, 0x00, 0x6D, 0x69, 0x00, 0x6D, 0x78,
+  0x00, 0x6D, 0x85, 0x02, 0x3D, 0x1E, 0x00, 0x6D, 0x34, 0x00, 0x6E, 0x2F,
+  0x00, 0x6E, 0x6E, 0x00, 0x3D, 0x33, 0x00, 0x6E, 0xCB, 0x00, 0x6E, 0xC7,
+  0x02, 0x3E, 0xD1, 0x00, 0x6D, 0xF9, 0x00, 0x6F, 0x6E, 0x02, 0x3F, 0x5E,
+  0x02, 0x3F, 0x8E, 0x00, 0x6F, 0xC6, 0x00, 0x70, 0x39, 0x00, 0x70, 0x1E,
+  0x00, 0x70, 0x1B, 0x00, 0x3D, 0x96, 0x00, 0x70, 0x4A, 0x00, 0x70, 0x7D,
+  0x00, 0x70, 0x77, 0x00, 0x70, 0xAD, 0x02, 0x05, 0x25, 0x00, 0x71, 0x45,
+  0x02, 0x42, 0x63, 0x00, 0x71, 0x9C, 0x02, 0x43, 0xAB, 0x00, 0x72, 0x28,
+  0x00, 0x72, 0x35, 0x00, 0x72, 0x50, 0x02, 0x46, 0x08, 0x00, 0x72, 0x80,
+  0x00, 0x72, 0x95, 0x02, 0x47, 0x35, 0x02, 0x48, 0x14, 0x00, 0x73, 0x7A,
+  0x00, 0x73, 0x8B, 0x00, 0x3E, 0xAC, 0x00, 0x73, 0xA5, 0x00, 0x3E, 0xB8,
+  0x00, 0x3E, 0xB8, 0x00, 0x74, 0x47, 0x00, 0x74, 0x5C, 0x00, 0x74, 0x71,
+  0x00, 0x74, 0x85, 0x00, 0x74, 0xCA, 0x00, 0x3F, 0x1B, 0x00, 0x75, 0x24,
+  0x02, 0x4C, 0x36, 0x00, 0x75, 0x3E, 0x02, 0x4C, 0x92, 0x00, 0x75, 0x70,
+  0x02, 0x21, 0x9F, 0x00, 0x76, 0x10, 0x02, 0x4F, 0xA1, 0x02, 0x4F, 0xB8,
+  0x02, 0x50, 0x44, 0x00, 0x3F, 0xFC, 0x00, 0x40, 0x08, 0x00, 0x76, 0xF4,
+  0x02, 0x50, 0xF3, 0x02, 0x50, 0xF2, 0x02, 0x51, 0x19, 0x02, 0x51, 0x33,
+  0x00, 0x77, 0x1E, 0x00, 0x77, 0x1F, 0x00, 0x77, 0x1F, 0x00, 0x77, 0x4A,
+  0x00, 0x40, 0x39, 0x00, 0x77, 0x8B, 0x00, 0x40, 0x46, 0x00, 0x40, 0x96,
+  0x02, 0x54, 0x1D, 0x00, 0x78, 0x4E, 0x00, 0x78, 0x8C, 0x00, 0x78, 0xCC,
+  0x00, 0x40, 0xE3, 0x02, 0x56, 0x26, 0x00, 0x79, 0x56, 0x02, 0x56, 0x9A,
+  0x02, 0x56, 0xC5, 0x00, 0x79, 0x8F, 0x00, 0x79, 0xEB, 0x00, 0x41, 0x2F,
+  0x00, 0x7A, 0x40, 0x00, 0x7A, 0x4A, 0x00, 0x7A, 0x4F, 0x02, 0x59, 0x7C,
+  0x02, 0x5A, 0xA7, 0x02, 0x5A, 0xA7, 0x00, 0x7A, 0xEE, 0x00, 0x42, 0x02,
+  0x02, 0x5B, 0xAB, 0x00, 0x7B, 0xC6, 0x00, 0x7B, 0xC9, 0x00, 0x42, 0x27,
+  0x02, 0x5C, 0x80, 0x00, 0x7C, 0xD2, 0x00, 0x42, 0xA0, 0x00, 0x7C, 0xE8,
+  0x00, 0x7C, 0xE3, 0x00, 0x7D, 0x00, 0x02, 0x5F, 0x86, 0x00, 0x7D, 0x63,
+  0x00, 0x43, 0x01, 0x00, 0x7D, 0xC7, 0x00, 0x7E, 0x02, 0x00, 0x7E, 0x45,
+  0x00, 0x43, 0x34, 0x02, 0x62, 0x28, 0x02, 0x62, 0x47, 0x00, 0x43, 0x59,
+  0x02, 0x62, 0xD9, 0x00, 0x7F, 0x7A, 0x02, 0x63, 0x3E, 0x00, 0x7F, 0x95,
+  0x00, 0x7F, 0xFA, 0x00, 0x80, 0x05, 0x02, 0x64, 0xDA, 0x02, 0x65, 0x23,
+  0x00, 0x80, 0x60, 0x02, 0x65, 0xA8, 0x00, 0x80, 0x70, 0x02, 0x33, 0x5F,
+  0x00, 0x43, 0xD5, 0x00, 0x80, 0xB2, 0x00, 0x81, 0x03, 0x00, 0x44, 0x0B,
+  0x00, 0x81, 0x3E, 0x00, 0x5A, 0xB5, 0x02, 0x67, 0xA7, 0x02, 0x67, 0xB5,
+  0x02, 0x33, 0x93, 0x02, 0x33, 0x9C, 0x00, 0x82, 0x01, 0x00, 0x82, 0x04,
+  0x00, 0x8F, 0x9E, 0x00, 0x44, 0x6B, 0x00, 0x82, 0x91, 0x00, 0x82, 0x8B,
+  0x00, 0x82, 0x9D, 0x00, 0x52, 0xB3, 0x00, 0x82, 0xB1, 0x00, 0x82, 0xB3,
+  0x00, 0x82, 0xBD, 0x00, 0x82, 0xE6, 0x02, 0x6B, 0x3C, 0x00, 0x82, 0xE5,
+  0x00, 0x83, 0x1D, 0x00, 0x83, 0x63, 0x00, 0x83, 0xAD, 0x00, 0x83, 0x23,
+  0x00, 0x83, 0xBD, 0x00, 0x83, 0xE7, 0x00, 0x84, 0x57, 0x00, 0x83, 0x53,
+  0x00, 0x83, 0xCA, 0x00, 0x83, 0xCC, 0x00, 0x83, 0xDC, 0x02, 0x6C, 0x36,
+  0x02, 0x6D, 0x6B, 0x02, 0x6C, 0xD5, 0x00, 0x45, 0x2B, 0x00, 0x84, 0xF1,
+  0x00, 0x84, 0xF3, 0x00, 0x85, 0x16, 0x02, 0x73, 0xCA, 0x00, 0x85, 0x64,
+  0x02, 0x6F, 0x2C, 0x00, 0x45, 0x5D, 0x00, 0x45, 0x61, 0x02, 0x6F, 0xB1,
+  0x02, 0x70, 0xD2, 0x00, 0x45, 0x6B, 0x00, 0x86, 0x50, 0x00, 0x86, 0x5C,
+  0x00, 0x86, 0x67, 0x00, 0x86, 0x69, 0x00, 0x86, 0xA9, 0x00, 0x86, 0x88,
+  0x00, 0x87, 0x0E, 0x00, 0x86, 0xE2, 0x00, 0x87, 0x79, 0x00, 0x87, 0x28,
+  0x00, 0x87, 0x6B, 0x00, 0x87, 0x86, 0x00, 0x45, 0xD7, 0x00, 0x87, 0xE1,
+  0x00, 0x88, 0x01, 0x00, 0x45, 0xF9, 0x00, 0x88, 0x60, 0x00, 0x88, 0x63,
+  0x02, 0x76, 0x67, 0x00, 0x88, 0xD7, 0x00, 0x88, 0xDE, 0x00, 0x46, 0x35,
+  0x00, 0x88, 0xFA, 0x00, 0x34, 0xBB, 0x02, 0x78, 0xAE, 0x02, 0x79, 0x66,
+  0x00, 0x46, 0xBE, 0x00, 0x46, 0xC7, 0x00, 0x8A, 0xA0, 0x00, 0x8A, 0xED,
+  0x00, 0x8B, 0x8A, 0x00, 0x8C, 0x55, 0x02, 0x7C, 0xA8, 0x00, 0x8C, 0xAB,
+  0x00, 0x8C, 0xC1, 0x00, 0x8D, 0x1B, 0x00, 0x8D, 0x77, 0x02, 0x7F, 0x2F,
+  0x02, 0x08, 0x04, 0x00, 0x8D, 0xCB, 0x00, 0x8D, 0xBC, 0x00, 0x8D, 0xF0,
+  0x02, 0x08, 0xDE, 0x00, 0x8E, 0xD4, 0x00, 0x8F, 0x38, 0x02, 0x85, 0xD2,
+  0x02, 0x85, 0xED, 0x00, 0x90, 0x94, 0x00, 0x90, 0xF1, 0x00, 0x91, 0x11,
+  0x02, 0x87, 0x2E, 0x00, 0x91, 0x1B, 0x00, 0x92, 0x38, 0x00, 0x92, 0xD7,
+  0x00, 0x92, 0xD8, 0x00, 0x92, 0x7C, 0x00, 0x93, 0xF9, 0x00, 0x94, 0x15,
+  0x02, 0x8B, 0xFA, 0x00, 0x95, 0x8B, 0x00, 0x49, 0x95, 0x00, 0x95, 0xB7,
+  0x02, 0x8D, 0x77, 0x00, 0x49, 0xE6, 0x00, 0x96, 0xC3, 0x00, 0x5D, 0xB2,
+  0x00, 0x97, 0x23, 0x02, 0x91, 0x45, 0x02, 0x92, 0x1A, 0x00, 0x4A, 0x6E,
+  0x00, 0x4A, 0x76, 0x00, 0x97, 0xE0, 0x02, 0x94, 0x0A, 0x00, 0x4A, 0xB2,
+  0x02, 0x94, 0x96, 0x00, 0x98, 0x0B, 0x00, 0x98, 0x0B, 0x00, 0x98, 0x29,
+  0x02, 0x95, 0xB6, 0x00, 0x98, 0xE2, 0x00, 0x4B, 0x33, 0x00, 0x99, 0x29,
+  0x00, 0x99, 0xA7, 0x00, 0x99, 0xC2, 0x00, 0x99, 0xFE, 0x00, 0x4B, 0xCE,
+  0x02, 0x9B, 0x30, 0x00, 0x9B, 0x12, 0x00, 0x9C, 0x40, 0x00, 0x9C, 0xFD,
+  0x00, 0x4C, 0xCE, 0x00, 0x4C, 0xED, 0x00, 0x9D, 0x67, 0x02, 0xA0, 0xCE,
+  0x00, 0x4C, 0xF8, 0x02, 0xA1, 0x05, 0x02, 0xA2, 0x0E, 0x02, 0xA2, 0x91,
+  0x00, 0x9E, 0xBB, 0x00, 0x4D, 0x56, 0x00, 0x9E, 0xF9, 0x00, 0x9E, 0xFE,
+  0x00, 0x9F, 0x05, 0x00, 0x9F, 0x0F, 0x00, 0x9F, 0x16, 0x00, 0x9F, 0x3B,
+  0x02, 0xA6, 0x00
+};
+
+const decomp_index_table_t gl_uninorm_decomp_index_table =
+{
+  {
+        0,    32,    64,    96,   128,    -1,   160,   192,
+      224,   256,   288,   320,   352,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,   384,   416,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,   448,   480,
+       -1,    -1,    -1,    -1,   512,   544,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,   576,   608,    -1,    -1,
+       -1,    -1,    -1,   640,   672,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,   704
+  },
+  {
+       -1,    -1,    -1,    -1,    -1,     0,    32,    64,
+       96,   128,   160,   192,    -1,   224,   256,   288,
+      320,   352,    -1,    -1,    -1,   384,   416,   448,
+       -1,    -1,   480,   512,   544,   576,   608,   640,
+      672,   704,   736,   768,    -1,    -1,   800,   832,
+       -1,    -1,    -1,    -1,   864,    -1,    -1,    -1,
+       -1,   896,    -1,   928,    -1,    -1,   960,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,   992,  1024,    -1,    -1,    -1,  1056,    -1,
+       -1,  1088,  1120,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,  1152,    -1,  1184,    -1,  1216,    -1,
+       -1,    -1,  1248,    -1,    -1,    -1,  1280,    -1,
+       -1,    -1,  1312,    -1,    -1,    -1,  1344,    -1,
+       -1,  1376,    -1,    -1,    -1,  1408,  1440,    -1,
+     1472,    -1,  1504,  1536,  1568,  1600,    -1,    -1,
+       -1,  1632,    -1,    -1,    -1,    -1,    -1,  1664,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     1696,  1728,  1760,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,  1792,  1824,  1856,  1888,  1920,    -1,    -1,
+     1952,  1984,  2016,  2048,  2080,  2112,  2144,  2176,
+     2208,  2240,  2272,  2304,  2336,  2368,  2400,  2432,
+     2464,  2496,  2528,  2560,  2592,  2624,    -1,    -1,
+     2656,  2688,  2720,  2752,  2784,  2816,  2848,    -1,
+     2880,  2912,  2944,  2976,  3008,  3040,    -1,  3072,
+       -1,  3104,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,  3136,  3168,  3200,  3232,  3264,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     3296,    -1,    -1,  3328,    -1,    -1,  3360,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,  3392,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,  3424,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,  3456,    -1,    -1,  3488,
+     3520,  3552,  3584,  3616,  3648,  3680,  3712,    -1,
+     3744,  3776,  3808,  3840,  3872,  3904,  3936,  3968,
+       -1,  4000,  4032,  4064,  4096,    -1,    -1,    -1,
+     4128,  4160,  4192,  4224,  4256,  4288,  4320,  4352,
+     4384,  4416,  4448,  4480,  4512,  4544,  4576,  4608,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,  4640,    -1,    -1,    -1,
+       -1,    -1,    -1,  4672,    -1,    -1,    -1,  4704,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,  4736,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     4768,  4800,  4832,  4864,  4896,  4928,  4960,  4992,
+     5024,  5056,  5088,  5120,  5152,  5184,  5216,    -1,
+     5248,  5280,  5312,  5344,  5376,  5408,  5440,  5472,
+     5504,  5536,  5568,  5600,  5632,  5664,  5696,  5728,
+     5760,  5792,  5824,  5856,  5888,  5920,  5952,  5984,
+     6016,  6048,  6080,  6112,  6144,  6176,  6208,  6240,
+     6272,  6304,  6336,  6368,  6400,  6432,  6464,  6496,
+       -1,    -1,    -1,    -1,  6528,  6560,    -1,    -1,
+       -1,  6592,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,  6624,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,  6656,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,  6688,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,  6720,  6752,    -1,  6784,  6816,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     6848,  6880,  6912,  6944,  6976,  7008,  7040,  7072,
+     7104,  7136,  7168,  7200,  7232,  7264,  7296,  7328,
+     7360,  7392,  7424,  7456,  7488,  7520,  7552,  7584,
+     7616,  7648,  7680,  7712,  7744,  7776,  7808,  7840,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     7872,  7904,  7936,  7968,  8000,  8032,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     8064,  8096,  8128,  8160,  8192,    -1,    -1,    -1,
+     8224,  8256,  8288,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     8320,  8352,  8384,  8416,  8448,  8480,  8512,  8544,
+     8576,  8608,  8640,  8672,  8704,  8736,  8768,  8800,
+     8832,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1
+  },
+  {
+    32768,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    32769,    -1, 32771,    -1,    -1,    -1,    -1, 32772,
+       -1,    -1, 32774, 32775, 32776, 32778,    -1,    -1,
+    32779, 32781, 32782,    -1, 32783, 32786, 32789,    -1,
+       24,    26,    28,    30,    32,    34,    -1,    36,
+       38,    40,    42,    44,    46,    48,    50,    52,
+       -1,    54,    56,    58,    60,    62,    64,    -1,
+       -1,    66,    68,    70,    72,    74,    -1,    -1,
+       76,    78,    80,    82,    84,    86,    -1,    88,
+       90,    92,    94,    96,    98,   100,   102,   104,
+       -1,   106,   108,   110,   112,   114,   116,    -1,
+       -1,   118,   120,   122,   124,   126,    -1,   128,
+      130,   132,   134,   136,   138,   140,   142,   144,
+      146,   148,   150,   152,   154,   156,   158,   160,
+       -1,    -1,   162,   164,   166,   168,   170,   172,
+      174,   176,   178,   180,   182,   184,   186,   188,
+      190,   192,   194,   196,   198,   200,    -1,    -1,
+      202,   204,   206,   208,   210,   212,   214,   216,
+      218,    -1, 32988, 32990,   224,   226,   228,   230,
+       -1,   232,   234,   236,   238,   240,   242, 33012,
+    33014,    -1,    -1,   248,   250,   252,   254,   256,
+      258, 33028,    -1,    -1,   262,   264,   266,   268,
+      270,   272,    -1,    -1,   274,   276,   278,   280,
+      282,   284,   286,   288,   290,   292,   294,   296,
+      298,   300,   302,   304,   306,   308,    -1,    -1,
+      310,   312,   314,   316,   318,   320,   322,   324,
+      326,   328,   330,   332,   334,   336,   338,   340,
+      342,   344,   346,   348,   350,   352,   354, 33124,
+      357,   359,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,   361,
+      363,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1, 33133, 33135, 33137, 33139,
+    33141, 33143, 33145, 33147, 33149,   383,   385,   387,
+      389,   391,   393,   395,   397,   399,   401,   403,
+      405,   407,   409,   411,   413,    -1,   415,   417,
+      419,   421,   423,   425,    -1,    -1,   427,   429,
+      431,   433,   435,   437,   439,   441,   443,   445,
+      447, 33217, 33219, 33221,   455,   457,    -1,    -1,
+      459,   461,   463,   465,   467,   469,   471,   473,
+      475,   477,   479,   481,   483,   485,   487,   489,
+      491,   493,   495,   497,   499,   501,   503,   505,
+      507,   509,   511,   513,   515,   517,   519,   521,
+      523,   525,   527,   529,    -1,    -1,   531,   533,
+       -1,    -1,    -1,    -1,    -1,    -1,   535,   537,
+      539,   541,   543,   545,   547,   549,   551,   553,
+      555,   557,   559,   561,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    33331, 33332, 33333, 33334, 33335, 33336, 33337, 33338,
+    33339,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    33340, 33342, 33344, 33346, 33348, 33350,    -1,    -1,
+    33352, 33353, 33354, 33355, 33356,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+      589,   590,    -1,   591,   592,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,   594,    -1,    -1,    -1,
+       -1,    -1, 33363,    -1,    -1,    -1,   597,    -1,
+       -1,    -1,    -1,    -1, 33366,   600,   602,   604,
+      605,   607,   609,    -1,   611,    -1,   613,   615,
+      617,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,   619,   621,   623,   625,   627,   629,
+      631,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,   633,   635,   637,   639,   641,    -1,
+    33411, 33412, 33413,   646,   648, 33418, 33419,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    33420, 33421, 33422,    -1, 33423, 33424,    -1,    -1,
+       -1, 33425,    -1,    -1,    -1,    -1,    -1,    -1,
+      658,   660,    -1,   662,    -1,    -1,    -1,   664,
+       -1,    -1,    -1,    -1,   666,   668,   670,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,   672,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,   674,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+      676,   678,    -1,   680,    -1,    -1,    -1,   682,
+       -1,    -1,    -1,    -1,   684,   686,   688,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,   690,   692,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,   694,   696,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+      698,   700,   702,   704,    -1,    -1,   706,   708,
+       -1,    -1,   710,   712,   714,   716,   718,   720,
+       -1,    -1,   722,   724,   726,   728,   730,   732,
+       -1,    -1,   734,   736,   738,   740,   742,   744,
+      746,   748,   750,   752,   754,   756,    -1,    -1,
+      758,   760,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1, 33530,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,   764,   766,   768,   770,   772,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1, 33542, 33544, 33546,
+    33548,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+      782,    -1,   784,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,   786,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,   788,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,   790,    -1,    -1,   792,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+      794,   796,   798,   800,   802,   804,   806,   808,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,   810,   812,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,   814,   816,    -1,   818,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,   820,    -1,    -1,   822,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,   824,   826,   828,    -1,    -1,   830,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+      832,    -1,    -1,   834,   836,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,   838,   840,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,   842,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,   844,   846,   848,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+      850,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+      852,    -1,    -1,    -1,    -1,    -1,    -1,   854,
+      856,    -1,   858,   860,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,   862,   864,   866,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,   868,    -1,   870,   872,   874,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1, 33644,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1, 33646,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1, 33648, 33650,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1, 33652,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,   885,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,   887,    -1,    -1,
+       -1,    -1,   889,    -1,    -1,    -1,    -1,   891,
+       -1,    -1,    -1,    -1,   893,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,   895,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,   897,    -1,   899,   901, 33671,
+      905, 33675,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,   909,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,   911,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,   913,    -1,    -1,
+       -1,    -1,   915,    -1,    -1,    -1,    -1,   917,
+       -1,    -1,    -1,    -1,   919,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,   921,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,   923,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1, 33693,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,   926,    -1,
+      928,    -1,   930,    -1,   932,    -1,   934,    -1,
+       -1,    -1,   936,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,   938,    -1,   940,    -1,    -1,
+      942,   944,    -1,   946,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1, 33716, 33717, 33718,    -1,
+    33719, 33720, 33721, 33722, 33723, 33724, 33725, 33726,
+    33727, 33728, 33729,    -1, 33730, 33731, 33732, 33733,
+    33734, 33735, 33736, 33737, 33738, 33739, 33740, 33741,
+    33742, 33743, 33744, 33745, 33746, 33747,    -1, 33748,
+    33749, 33750, 33751, 33752, 33753, 33754, 33755, 33756,
+    33757, 33758, 33759, 33760, 33761, 33762, 33763, 33764,
+    33765, 33766, 33767, 33768, 33769, 33770, 33771, 33772,
+    33773, 33774, 33775,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    33776,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1, 33777, 33778, 33779, 33780, 33781,
+    33782, 33783, 33784, 33785, 33786, 33787, 33788, 33789,
+    33790, 33791, 33792, 33793, 33794, 33795, 33796, 33797,
+    33798, 33799, 33800, 33801, 33802, 33803, 33804, 33805,
+    33806, 33807, 33808, 33809, 33810, 33811, 33812, 33813,
+     1046,  1048,  1050,  1052,  1054,  1056,  1058,  1060,
+     1062,  1064,  1066,  1068,  1070,  1072,  1074,  1076,
+     1078,  1080,  1082,  1084,  1086,  1088,  1090,  1092,
+     1094,  1096,  1098,  1100,  1102,  1104,  1106,  1108,
+     1110,  1112,  1114,  1116,  1118,  1120,  1122,  1124,
+     1126,  1128,  1130,  1132,  1134,  1136,  1138,  1140,
+     1142,  1144,  1146,  1148,  1150,  1152,  1154,  1156,
+     1158,  1160,  1162,  1164,  1166,  1168,  1170,  1172,
+     1174,  1176,  1178,  1180,  1182,  1184,  1186,  1188,
+     1190,  1192,  1194,  1196,  1198,  1200,  1202,  1204,
+     1206,  1208,  1210,  1212,  1214,  1216,  1218,  1220,
+     1222,  1224,  1226,  1228,  1230,  1232,  1234,  1236,
+     1238,  1240,  1242,  1244,  1246,  1248,  1250,  1252,
+     1254,  1256,  1258,  1260,  1262,  1264,  1266,  1268,
+     1270,  1272,  1274,  1276,  1278,  1280,  1282,  1284,
+     1286,  1288,  1290,  1292,  1294,  1296,  1298,  1300,
+     1302,  1304,  1306,  1308,  1310,  1312,  1314,  1316,
+     1318,  1320,  1322,  1324,  1326,  1328,  1330,  1332,
+     1334,  1336,  1338,  1340,  1342,  1344,  1346,  1348,
+     1350,  1352, 34122,  1356,    -1,    -1,    -1,    -1,
+     1358,  1360,  1362,  1364,  1366,  1368,  1370,  1372,
+     1374,  1376,  1378,  1380,  1382,  1384,  1386,  1388,
+     1390,  1392,  1394,  1396,  1398,  1400,  1402,  1404,
+     1406,  1408,  1410,  1412,  1414,  1416,  1418,  1420,
+     1422,  1424,  1426,  1428,  1430,  1432,  1434,  1436,
+     1438,  1440,  1442,  1444,  1446,  1448,  1450,  1452,
+     1454,  1456,  1458,  1460,  1462,  1464,  1466,  1468,
+     1470,  1472,  1474,  1476,  1478,  1480,  1482,  1484,
+     1486,  1488,  1490,  1492,  1494,  1496,  1498,  1500,
+     1502,  1504,  1506,  1508,  1510,  1512,  1514,  1516,
+     1518,  1520,  1522,  1524,  1526,  1528,  1530,  1532,
+     1534,  1536,    -1,    -1,    -1,    -1,    -1,    -1,
+     1538,  1540,  1542,  1544,  1546,  1548,  1550,  1552,
+     1554,  1556,  1558,  1560,  1562,  1564,  1566,  1568,
+     1570,  1572,  1574,  1576,  1578,  1580,    -1,    -1,
+     1582,  1584,  1586,  1588,  1590,  1592,    -1,    -1,
+     1594,  1596,  1598,  1600,  1602,  1604,  1606,  1608,
+     1610,  1612,  1614,  1616,  1618,  1620,  1622,  1624,
+     1626,  1628,  1630,  1632,  1634,  1636,  1638,  1640,
+     1642,  1644,  1646,  1648,  1650,  1652,  1654,  1656,
+     1658,  1660,  1662,  1664,  1666,  1668,    -1,    -1,
+     1670,  1672,  1674,  1676,  1678,  1680,    -1,    -1,
+     1682,  1684,  1686,  1688,  1690,  1692,  1694,  1696,
+       -1,  1698,    -1,  1700,    -1,  1702,    -1,  1704,
+     1706,  1708,  1710,  1712,  1714,  1716,  1718,  1720,
+     1722,  1724,  1726,  1728,  1730,  1732,  1734,  1736,
+     1738,  1740,  1741,  1743,  1744,  1746,  1747,  1749,
+     1750,  1752,  1753,  1755,  1756,  1758,    -1,    -1,
+     1759,  1761,  1763,  1765,  1767,  1769,  1771,  1773,
+     1775,  1777,  1779,  1781,  1783,  1785,  1787,  1789,
+     1791,  1793,  1795,  1797,  1799,  1801,  1803,  1805,
+     1807,  1809,  1811,  1813,  1815,  1817,  1819,  1821,
+     1823,  1825,  1827,  1829,  1831,  1833,  1835,  1837,
+     1839,  1841,  1843,  1845,  1847,  1849,  1851,  1853,
+     1855,  1857,  1859,  1861,  1863,    -1,  1865,  1867,
+     1869,  1871,  1873,  1875,  1876, 34646,  1880, 34649,
+    34651,  1885,  1887,  1889,  1891,    -1,  1893,  1895,
+     1897,  1899,  1900,  1902,  1903,  1905,  1907,  1909,
+     1911,  1913,  1915,  1917,    -1,    -1,  1918,  1920,
+     1922,  1924,  1926,  1928,    -1,  1929,  1931,  1933,
+     1935,  1937,  1939,  1941,  1942,  1944,  1946,  1948,
+     1950,  1952,  1954,  1956,  1957,  1959,  1961,  1962,
+       -1,    -1,  1963,  1965,  1967,    -1,  1969,  1971,
+     1973,  1975,  1976,  1978,  1979,  1981, 34750,    -1,
+     1984,  1985, 34754, 34755, 34756, 34757, 34758, 34759,
+    34760, 34761, 34762,    -1,    -1,    -1,    -1,    -1,
+       -1, 34763,    -1,    -1,    -1,    -1,    -1, 34764,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1, 34766, 34767, 34769,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1, 34772,
+       -1,    -1,    -1, 34773, 34775,    -1, 34778, 34780,
+       -1,    -1,    -1,    -1, 34783,    -1, 34785,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1, 34787,
+    34789, 34791,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1, 34793,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1, 34797,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    34798, 34799,    -1,    -1, 34800, 34801, 34802, 34803,
+    34804, 34805, 34806, 34807, 34808, 34809, 34810, 34811,
+    34812, 34813, 34814, 34815, 34816, 34817, 34818, 34819,
+    34820, 34821, 34822, 34823, 34824, 34825, 34826,    -1,
+    34827, 34828, 34829, 34830, 34831, 34832, 34833, 34834,
+    34835, 34836, 34837, 34838, 34839,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    34840,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    34842, 34845, 34848, 34849,    -1, 34851, 34854, 34857,
+       -1, 34858, 34860, 34861, 34862, 34863, 34864, 34865,
+    34866, 34867, 34868, 34869,    -1, 34870, 34871,    -1,
+       -1, 34873, 34874, 34875, 34876, 34877,    -1,    -1,
+    34878, 34880, 34883,    -1, 34885,    -1,  2118,    -1,
+    34887,    -1,  2120,  2121, 34890, 34891,    -1, 34892,
+    34893, 34894,    -1, 34895, 34896, 34897, 34898, 34899,
+    34900, 34901,    -1, 34902, 34905, 34906, 34907, 34908,
+    34909,    -1,    -1,    -1,    -1, 34910, 34911, 34912,
+    34913, 34914,    -1,    -1,    -1,    -1,    -1,    -1,
+    34915, 34918, 34921, 34925, 34928, 34931, 34934, 34937,
+    34940, 34943, 34946, 34949, 34952, 34955, 34958, 34961,
+    34963, 34964, 34966, 34969, 34971, 34972, 34974, 34977,
+    34981, 34983, 34984, 34986, 34989, 34990, 34991, 34992,
+    34993, 34994, 34996, 34999, 35001, 35002, 35004, 35007,
+    35011, 35013, 35014, 35016, 35019, 35020, 35021, 35022,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1, 35023,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,  2258,  2260,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,  2262,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,  2264,  2266,  2268,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,  2270,    -1,    -1,    -1,
+       -1,  2272,    -1,    -1,  2274,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,  2276,    -1,  2278,    -1,
+       -1,    -1,    -1,    -1, 35048, 35050,    -1, 35053,
+    35055,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,  2290,    -1,    -1,  2292,    -1,    -1,  2294,
+       -1,  2296,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     2298,    -1,  2300,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,  2302,  2304,  2306,
+     2308,  2310,    -1,    -1,  2312,  2314,    -1,    -1,
+     2316,  2318,    -1,    -1,    -1,    -1,    -1,    -1,
+     2320,  2322,    -1,    -1,  2324,  2326,    -1,    -1,
+     2328,  2330,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,  2332,  2334,  2336,  2338,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     2340,  2342,  2344,  2346,    -1,    -1,    -1,    -1,
+       -1,    -1,  2348,  2350,  2352,  2354,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,  2356,  2357,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    35126, 35127, 35128, 35129, 35130, 35131, 35132, 35133,
+    35134, 35135, 35137, 35139, 35141, 35143, 35145, 35147,
+    35149, 35151, 35153, 35155, 35157, 35160, 35163, 35166,
+    35169, 35172, 35175, 35178, 35181, 35184, 35188, 35192,
+    35196, 35200, 35204, 35208, 35212, 35216, 35220, 35224,
+    35228, 35230, 35232, 35234, 35236, 35238, 35240, 35242,
+    35244, 35246, 35249, 35252, 35255, 35258, 35261, 35264,
+    35267, 35270, 35273, 35276, 35279, 35282, 35285, 35288,
+    35291, 35294, 35297, 35300, 35303, 35306, 35309, 35312,
+    35315, 35318, 35321, 35324, 35327, 35330, 35333, 35336,
+    35339, 35342, 35345, 35348, 35351, 35354, 35357, 35358,
+    35359, 35360, 35361, 35362, 35363, 35364, 35365, 35366,
+    35367, 35368, 35369, 35370, 35371, 35372, 35373, 35374,
+    35375, 35376, 35377, 35378, 35379, 35380, 35381, 35382,
+    35383, 35384, 35385, 35386, 35387, 35388, 35389, 35390,
+    35391, 35392, 35393, 35394, 35395, 35396, 35397, 35398,
+    35399, 35400, 35401, 35402, 35403, 35404, 35405, 35406,
+    35407, 35408, 35409,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1, 35410,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1, 35414, 35417, 35419,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,  2654,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1, 35424, 35425,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1, 35426,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1, 35427,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1, 35428,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    35429, 35430, 35431, 35432, 35433, 35434, 35435, 35436,
+    35437, 35438, 35439, 35440, 35441, 35442, 35443, 35444,
+    35445, 35446, 35447, 35448, 35449, 35450, 35451, 35452,
+    35453, 35454, 35455, 35456, 35457, 35458, 35459, 35460,
+    35461, 35462, 35463, 35464, 35465, 35466, 35467, 35468,
+    35469, 35470, 35471, 35472, 35473, 35474, 35475, 35476,
+    35477, 35478, 35479, 35480, 35481, 35482, 35483, 35484,
+    35485, 35486, 35487, 35488, 35489, 35490, 35491, 35492,
+    35493, 35494, 35495, 35496, 35497, 35498, 35499, 35500,
+    35501, 35502, 35503, 35504, 35505, 35506, 35507, 35508,
+    35509, 35510, 35511, 35512, 35513, 35514, 35515, 35516,
+    35517, 35518, 35519, 35520, 35521, 35522, 35523, 35524,
+    35525, 35526, 35527, 35528, 35529, 35530, 35531, 35532,
+    35533, 35534, 35535, 35536, 35537, 35538, 35539, 35540,
+    35541, 35542, 35543, 35544, 35545, 35546, 35547, 35548,
+    35549, 35550, 35551, 35552, 35553, 35554, 35555, 35556,
+    35557, 35558, 35559, 35560, 35561, 35562, 35563, 35564,
+    35565, 35566, 35567, 35568, 35569, 35570, 35571, 35572,
+    35573, 35574, 35575, 35576, 35577, 35578, 35579, 35580,
+    35581, 35582, 35583, 35584, 35585, 35586, 35587, 35588,
+    35589, 35590, 35591, 35592, 35593, 35594, 35595, 35596,
+    35597, 35598, 35599, 35600, 35601, 35602, 35603, 35604,
+    35605, 35606, 35607, 35608, 35609, 35610, 35611, 35612,
+    35613, 35614, 35615, 35616, 35617, 35618, 35619, 35620,
+    35621, 35622, 35623, 35624, 35625, 35626, 35627, 35628,
+    35629, 35630, 35631, 35632, 35633, 35634, 35635, 35636,
+    35637, 35638, 35639, 35640, 35641, 35642,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    35643,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1, 35644,    -1,
+    35645, 35646, 35647,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,  2880,    -1,  2882,    -1,
+     2884,    -1,  2886,    -1,  2888,    -1,  2890,    -1,
+     2892,    -1,  2894,    -1,  2896,    -1,  2898,    -1,
+     2900,    -1,  2902,    -1,    -1,  2904,    -1,  2906,
+       -1,  2908,    -1,    -1,    -1,    -1,    -1,    -1,
+     2910,  2912,    -1,  2914,  2916,    -1,  2918,  2920,
+       -1,  2922,  2924,    -1,  2926,  2928,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,  2930,    -1,    -1,    -1,
+       -1,    -1,    -1, 35700, 35702,    -1,  2936, 35706,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,  2940,    -1,  2942,    -1,
+     2944,    -1,  2946,    -1,  2948,    -1,  2950,    -1,
+     2952,    -1,  2954,    -1,  2956,    -1,  2958,    -1,
+     2960,    -1,  2962,    -1,    -1,  2964,    -1,  2966,
+       -1,  2968,    -1,    -1,    -1,    -1,    -1,    -1,
+     2970,  2972,    -1,  2974,  2976,    -1,  2978,  2980,
+       -1,  2982,  2984,    -1,  2986,  2988,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,  2990,    -1,    -1,  2992,
+     2994,  2996,  2998,    -1,    -1,    -1,  3000, 35770,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1, 35772, 35773, 35774, 35775, 35776, 35777, 35778,
+    35779, 35780, 35781, 35782, 35783, 35784, 35785, 35786,
+    35787, 35788, 35789, 35790, 35791, 35792, 35793, 35794,
+    35795, 35796, 35797, 35798, 35799, 35800, 35801, 35802,
+    35803, 35804, 35805, 35806, 35807, 35808, 35809, 35810,
+    35811, 35812, 35813, 35814, 35815, 35816, 35817, 35818,
+    35819, 35820, 35821, 35822, 35823, 35824, 35825, 35826,
+    35827, 35828, 35829, 35830, 35831, 35832, 35833, 35834,
+    35835, 35836, 35837, 35838, 35839, 35840, 35841, 35842,
+    35843, 35844, 35845, 35846, 35847, 35848, 35849, 35850,
+    35851, 35852, 35853, 35854, 35855, 35856, 35857, 35858,
+    35859, 35860, 35861, 35862, 35863, 35864, 35865,    -1,
+       -1,    -1, 35866, 35867, 35868, 35869, 35870, 35871,
+    35872, 35873, 35874, 35875, 35876, 35877, 35878, 35879,
+    35880, 35883, 35886, 35889, 35892, 35895, 35898, 35901,
+    35904, 35907, 35910, 35913, 35916, 35919, 35922, 35926,
+    35930, 35934, 35938, 35942, 35946, 35950, 35954, 35958,
+    35962, 35966, 35970, 35974, 35978, 35982, 35989,    -1,
+    35995, 35998, 36001, 36004, 36007, 36010, 36013, 36016,
+    36019, 36022, 36025, 36028, 36031, 36034, 36037, 36040,
+    36043, 36046, 36049, 36052, 36055, 36058, 36061, 36064,
+    36067, 36070, 36073, 36076, 36079, 36082, 36085, 36088,
+    36091, 36094, 36097, 36100, 36103, 36104, 36105, 36106,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    36107, 36110, 36112, 36114, 36116, 36118, 36120, 36122,
+    36124, 36126, 36128, 36130, 36132, 36134, 36136, 36138,
+    36140, 36141, 36142, 36143, 36144, 36145, 36146, 36147,
+    36148, 36149, 36150, 36151, 36152, 36153, 36154, 36156,
+    36158, 36160, 36162, 36164, 36166, 36168, 36170, 36172,
+    36174, 36176, 36178, 36180, 36182, 36187, 36191,    -1,
+    36193, 36194, 36195, 36196, 36197, 36198, 36199, 36200,
+    36201, 36202, 36203, 36204, 36205, 36206, 36207, 36208,
+    36209, 36210, 36211, 36212, 36213, 36214, 36215, 36216,
+    36217, 36218, 36219, 36220, 36221, 36222, 36223, 36224,
+    36225, 36226, 36227, 36228, 36229, 36230, 36231, 36232,
+    36233, 36234, 36235, 36236, 36237, 36238, 36239, 36240,
+    36241, 36242, 36244, 36246, 36248, 36250, 36252, 36254,
+    36256, 36258, 36260, 36262, 36264, 36266, 36268, 36270,
+    36272, 36274, 36276, 36278, 36280, 36282, 36284, 36286,
+    36288, 36290, 36293, 36296, 36299, 36301, 36304, 36306,
+    36309, 36310, 36311, 36312, 36313, 36314, 36315, 36316,
+    36317, 36318, 36319, 36320, 36321, 36322, 36323, 36324,
+    36325, 36326, 36327, 36328, 36329, 36330, 36331, 36332,
+    36333, 36334, 36335, 36336, 36337, 36338, 36339, 36340,
+    36341, 36342, 36343, 36344, 36345, 36346, 36347, 36348,
+    36349, 36350, 36351, 36352, 36353, 36354, 36355,    -1,
+    36356, 36360, 36364, 36368, 36371, 36375, 36378, 36381,
+    36386, 36390, 36393, 36396, 36399, 36403, 36407, 36410,
+    36413, 36415, 36418, 36422, 36426, 36428, 36433, 36439,
+    36444, 36447, 36452, 36457, 36461, 36464, 36467, 36470,
+    36474, 36479, 36483, 36486, 36489, 36492, 36494, 36496,
+    36498, 36500, 36503, 36506, 36511, 36514, 36518, 36523,
+    36526, 36528, 36530, 36535, 36539, 36544, 36547, 36552,
+    36554, 36557, 36560, 36563, 36566, 36569, 36573, 36576,
+    36578, 36581, 36584, 36587, 36591, 36594, 36597, 36600,
+    36605, 36609, 36611, 36616, 36618, 36622, 36626, 36629,
+    36632, 36635, 36639, 36641, 36644, 36648, 36650, 36655,
+    36658, 36660, 36662, 36664, 36666, 36668, 36670, 36672,
+    36674, 36676, 36678, 36681, 36684, 36687, 36690, 36693,
+    36696, 36699, 36702, 36705, 36708, 36711, 36714, 36717,
+    36720, 36723, 36726, 36728, 36730, 36733, 36735, 36737,
+    36739, 36742, 36745, 36747, 36749, 36751, 36753, 36755,
+    36759, 36761, 36763, 36765, 36767, 36769, 36771, 36773,
+    36775, 36778, 36782, 36784, 36786, 36788, 36790, 36792,
+    36794, 36796, 36799, 36802, 36805, 36808, 36810, 36812,
+    36814, 36816, 36818, 36820, 36822, 36824, 36826, 36828,
+    36831, 36834, 36836, 36839, 36842, 36845, 36847, 36850,
+    36853, 36857, 36859, 36862, 36865, 36868, 36871, 36876,
+    36882, 36884, 36886, 36888, 36890, 36892, 36894, 36896,
+    36898, 36900, 36902, 36904, 36906, 36908, 36910, 36912,
+    36914, 36916, 36918, 36922, 36924, 36926, 36928, 36932,
+    36935, 36937, 36939, 36941, 36943, 36945, 36947, 36949,
+    36951, 36953, 36955, 36958, 36960, 36962, 36965, 36968,
+    36970, 36974, 36977, 36979, 36981, 36983, 36985, 36988,
+    36991, 36993, 36995, 36997, 36999, 37001, 37003, 37005,
+    37007, 37009, 37012, 37015, 37018, 37021, 37024, 37027,
+    37030, 37033, 37036, 37039, 37042, 37045, 37048, 37051,
+    37054, 37057, 37060, 37063, 37066, 37069, 37072, 37075,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1, 37078, 37079,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    37080,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    37081, 37082,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1, 37083, 37084, 37085, 37086,
+     4319,  4320,  4321,  4322,  4323,  4324,  4325,  4326,
+     4327,  4328,  4329,  4330,  4331,  4332,  4333,  4334,
+     4335,  4336,  4337,  4338,  4339,  4340,  4341,  4342,
+     4343,  4344,  4345,  4346,  4347,  4348,  4349,  4350,
+     4351,  4352,  4353,  4354,  4355,  4356,  4357,  4358,
+     4359,  4360,  4361,  4362,  4363,  4364,  4365,  4366,
+     4367,  4368,  4369,  4370,  4371,  4372,  4373,  4374,
+     4375,  4376,  4377,  4378,  4379,  4380,  4381,  4382,
+     4383,  4384,  4385,  4386,  4387,  4388,  4389,  4390,
+     4391,  4392,  4393,  4394,  4395,  4396,  4397,  4398,
+     4399,  4400,  4401,  4402,  4403,  4404,  4405,  4406,
+     4407,  4408,  4409,  4410,  4411,  4412,  4413,  4414,
+     4415,  4416,  4417,  4418,  4419,  4420,  4421,  4422,
+     4423,  4424,  4425,  4426,  4427,  4428,  4429,  4430,
+     4431,  4432,  4433,  4434,  4435,  4436,  4437,  4438,
+     4439,  4440,  4441,  4442,  4443,  4444,  4445,  4446,
+     4447,  4448,  4449,  4450,  4451,  4452,  4453,  4454,
+     4455,  4456,  4457,  4458,  4459,  4460,  4461,  4462,
+     4463,  4464,  4465,  4466,  4467,  4468,  4469,  4470,
+     4471,  4472,  4473,  4474,  4475,  4476,  4477,  4478,
+     4479,  4480,  4481,  4482,  4483,  4484,  4485,  4486,
+     4487,  4488,  4489,  4490,  4491,  4492,  4493,  4494,
+     4495,  4496,  4497,  4498,  4499,  4500,  4501,  4502,
+     4503,  4504,  4505,  4506,  4507,  4508,  4509,  4510,
+     4511,  4512,  4513,  4514,  4515,  4516,  4517,  4518,
+     4519,  4520,  4521,  4522,  4523,  4524,  4525,  4526,
+     4527,  4528,  4529,  4530,  4531,  4532,  4533,  4534,
+     4535,  4536,  4537,  4538,  4539,  4540,  4541,  4542,
+     4543,  4544,  4545,  4546,  4547,  4548,  4549,  4550,
+     4551,  4552,  4553,  4554,  4555,  4556,  4557,  4558,
+     4559,  4560,  4561,  4562,  4563,  4564,  4565,  4566,
+     4567,  4568,  4569,  4570,  4571,  4572,  4573,  4574,
+     4575,  4576,  4577,  4578,  4579,  4580,  4581,  4582,
+     4583,  4584,  4585,  4586,  4587,  4588,    -1,    -1,
+     4589,    -1,  4590,    -1,    -1,  4591,  4592,  4593,
+     4594,  4595,  4596,  4597,  4598,  4599,  4600,    -1,
+     4601,    -1,  4602,    -1,    -1,  4603,  4604,    -1,
+       -1,    -1,  4605,  4606,  4607,  4608,  4609,  4610,
+     4611,  4612,  4613,  4614,  4615,  4616,  4617,  4618,
+     4619,  4620,  4621,  4622,  4623,  4624,  4625,  4626,
+     4627,  4628,  4629,  4630,  4631,  4632,  4633,  4634,
+     4635,  4636,  4637,  4638,  4639,  4640,  4641,  4642,
+     4643,  4644,  4645,  4646,  4647,  4648,  4649,  4650,
+     4651,  4652,  4653,  4654,  4655,  4656,  4657,  4658,
+     4659,  4660,  4661,  4662,  4663,  4664,  4665,  4666,
+     4667,  4668,  4669,  4670,  4671,  4672,    -1,    -1,
+     4673,  4674,  4675,  4676,  4677,  4678,  4679,  4680,
+     4681,  4682,  4683,  4684,  4685,  4686,  4687,  4688,
+     4689,  4690,  4691,  4692,  4693,  4694,  4695,  4696,
+     4697,  4698,  4699,  4700,  4701,  4702,  4703,  4704,
+     4705,  4706,  4707,  4708,  4709,  4710,  4711,  4712,
+     4713,  4714,  4715,  4716,  4717,  4718,  4719,  4720,
+     4721,  4722,  4723,  4724,  4725,  4726,  4727,  4728,
+     4729,  4730,  4731,  4732,  4733,  4734,  4735,  4736,
+     4737,  4738,  4739,  4740,  4741,  4742,  4743,  4744,
+     4745,  4746,  4747,  4748,  4749,  4750,  4751,  4752,
+     4753,  4754,  4755,  4756,  4757,  4758,  4759,  4760,
+     4761,  4762,  4763,  4764,  4765,  4766,  4767,  4768,
+     4769,  4770,  4771,  4772,  4773,  4774,  4775,  4776,
+     4777,  4778,    -1,    -1,    -1,    -1,    -1,    -1,
+    37547, 37549, 37551, 37553, 37556, 37559, 37561,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1, 37563, 37565, 37567, 37569, 37571,
+       -1,    -1,    -1,    -1,    -1,  4805,    -1,  4807,
+    37577, 37578, 37579, 37580, 37581, 37582, 37583, 37584,
+    37585, 37586,  4819,  4821,  4823,  4825,  4827,  4829,
+     4831,  4833,  4835,  4837,  4839,  4841,  4843,    -1,
+     4845,  4847,  4849,  4851,  4853,    -1,  4855,    -1,
+     4857,  4859,    -1,  4861,  4863,    -1,  4865,  4867,
+     4869,  4871,  4873,  4875,  4877,  4879,  4881, 37651,
+    37653, 37654, 37655, 37656, 37657, 37658, 37659, 37660,
+    37661, 37662, 37663, 37664, 37665, 37666, 37667, 37668,
+    37669, 37670, 37671, 37672, 37673, 37674, 37675, 37676,
+    37677, 37678, 37679, 37680, 37681, 37682, 37683, 37684,
+    37685, 37686, 37687, 37688, 37689, 37690, 37691, 37692,
+    37693, 37694, 37695, 37696, 37697, 37698, 37699, 37700,
+    37701, 37702, 37703, 37704, 37705, 37706, 37707, 37708,
+    37709, 37710, 37711, 37712, 37713, 37714, 37715, 37716,
+    37717, 37718, 37719, 37720, 37721, 37722, 37723, 37724,
+    37725, 37726, 37727, 37728, 37729, 37730, 37731, 37732,
+    37733, 37734, 37735, 37736, 37737, 37738, 37739, 37740,
+    37741, 37742, 37743, 37744, 37745, 37746, 37747, 37748,
+    37749, 37750,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1, 37751, 37752, 37753, 37754, 37755,
+    37756, 37757, 37758, 37759, 37760, 37761, 37762, 37763,
+    37764, 37765, 37766, 37767, 37768, 37769, 37770, 37771,
+    37772, 37773, 37774, 37776, 37778, 37780, 37782, 37784,
+    37786, 37788, 37790, 37792, 37794, 37796, 37798, 37800,
+    37802, 37804, 37806, 37808, 37810, 37811, 37812, 37813,
+    37814, 37816, 37818, 37820, 37822, 37824, 37826, 37828,
+    37830, 37832, 37834, 37836, 37838, 37840, 37842, 37844,
+    37846, 37848, 37850, 37852, 37854, 37856, 37858, 37860,
+    37862, 37864, 37866, 37868, 37870, 37872, 37874, 37876,
+    37878, 37880, 37882, 37884, 37886, 37888, 37890, 37892,
+    37894, 37896, 37898, 37900, 37902, 37904, 37906, 37908,
+    37910, 37912, 37914, 37916, 37918, 37920, 37922, 37924,
+    37926, 37928, 37930, 37932, 37934, 37936, 37938, 37940,
+    37942, 37944, 37946, 37948, 37950, 37952, 37954, 37956,
+    37958, 37960, 37962, 37964, 37966, 37968, 37970, 37972,
+    37974, 37976, 37978, 37980, 37982, 37984, 37986, 37988,
+    37990, 37992, 37994, 37996, 37998, 38000, 38002, 38005,
+    38008, 38011, 38014, 38017, 38020, 38022, 38024, 38026,
+    38028, 38030, 38032, 38034, 38036, 38038, 38040, 38042,
+    38044, 38046, 38048, 38050, 38052, 38054, 38056, 38058,
+    38060, 38062, 38064, 38066, 38068, 38070, 38072, 38074,
+    38076, 38078, 38080, 38082, 38084, 38086, 38088, 38090,
+    38092, 38094, 38096, 38098, 38100, 38102, 38104, 38106,
+    38108, 38110, 38112, 38114, 38116, 38118, 38120, 38122,
+    38124, 38126, 38128, 38130, 38132, 38134, 38136, 38138,
+    38140, 38142, 38144, 38146, 38148, 38150, 38152, 38154,
+    38156, 38158, 38160, 38162, 38164, 38166, 38168, 38170,
+    38172, 38174, 38176, 38178, 38180, 38182, 38184, 38186,
+    38188, 38190, 38192, 38194, 38196, 38198, 38200, 38202,
+    38204, 38206, 38208, 38210, 38212, 38214, 38216, 38218,
+    38220, 38222, 38224, 38226, 38228, 38230, 38232, 38234,
+    38236, 38238, 38240, 38242, 38244, 38246, 38248, 38250,
+    38252, 38254, 38256, 38258, 38260, 38262, 38264, 38266,
+    38268, 38270, 38272, 38274, 38276, 38278, 38280, 38282,
+    38284, 38286, 38288, 38290, 38292, 38294, 38296, 38298,
+    38300, 38302, 38304, 38307, 38310, 38313, 38315, 38317,
+    38319, 38321, 38323, 38325, 38327, 38329, 38331, 38333,
+    38335, 38337, 38339, 38341, 38343, 38345, 38347, 38349,
+    38351, 38353, 38355, 38357, 38359, 38361, 38363, 38365,
+    38367, 38369, 38371, 38373, 38375, 38377, 38379, 38381,
+    38383, 38385, 38387, 38389, 38391, 38393, 38395, 38397,
+    38399, 38401, 38403, 38405, 38407, 38409, 38411, 38413,
+    38415, 38417, 38419, 38421, 38423, 38425, 38427, 38429,
+    38431, 38433, 38435, 38437, 38439, 38441, 38443, 38445,
+    38447, 38449, 38451, 38453, 38455, 38457,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    38459, 38462, 38465, 38468, 38471, 38474, 38477, 38480,
+    38483, 38486, 38489, 38492, 38495, 38498, 38501, 38504,
+    38507, 38510, 38513, 38516, 38519, 38522, 38525, 38528,
+    38531, 38534, 38537, 38540, 38543, 38546, 38549, 38552,
+    38555, 38558, 38561, 38564, 38567, 38570, 38573, 38576,
+    38579, 38582, 38585, 38588, 38591, 38594, 38597, 38600,
+    38603, 38606, 38609, 38612, 38615, 38618, 38621, 38624,
+    38627, 38630, 38633, 38636, 38639, 38642, 38645, 38648,
+       -1,    -1, 38651, 38654, 38657, 38660, 38663, 38666,
+    38669, 38672, 38675, 38678, 38681, 38684, 38687, 38690,
+    38693, 38696, 38699, 38702, 38705, 38708, 38711, 38714,
+    38717, 38720, 38723, 38726, 38729, 38732, 38735, 38738,
+    38741, 38744, 38747, 38750, 38753, 38756, 38759, 38762,
+    38765, 38768, 38771, 38774, 38777, 38780, 38783, 38786,
+    38789, 38792, 38795, 38798, 38801, 38804, 38807, 38810,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    38813, 38816, 38819, 38823, 38827, 38831, 38835, 38839,
+    38843, 38847, 38850, 38868, 38876,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    38880, 38881, 38882, 38883, 38884, 38885, 38886, 38887,
+    38888, 38889,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    38890, 38891, 38892, 38893, 38894, 38895, 38896, 38897,
+    38898, 38899, 38900, 38901, 38902, 38903, 38904, 38905,
+    38906, 38907, 38908, 38909, 38910,    -1,    -1, 38911,
+    38912, 38913, 38914, 38915, 38916, 38917, 38918, 38919,
+    38920, 38921, 38922,    -1, 38923, 38924, 38925, 38926,
+    38927, 38928, 38929, 38930, 38931, 38932, 38933, 38934,
+    38935, 38936, 38937, 38938, 38939, 38940, 38941,    -1,
+    38942, 38943, 38944, 38945,    -1,    -1,    -1,    -1,
+    38946, 38948, 38950,    -1, 38952,    -1, 38954, 38956,
+    38958, 38960, 38962, 38964, 38966, 38968, 38970, 38972,
+    38974, 38975, 38976, 38977, 38978, 38979, 38980, 38981,
+    38982, 38983, 38984, 38985, 38986, 38987, 38988, 38989,
+    38990, 38991, 38992, 38993, 38994, 38995, 38996, 38997,
+    38998, 38999, 39000, 39001, 39002, 39003, 39004, 39005,
+    39006, 39007, 39008, 39009, 39010, 39011, 39012, 39013,
+    39014, 39015, 39016, 39017, 39018, 39019, 39020, 39021,
+    39022, 39023, 39024, 39025, 39026, 39027, 39028, 39029,
+    39030, 39031, 39032, 39033, 39034, 39035, 39036, 39037,
+    39038, 39039, 39040, 39041, 39042, 39043, 39044, 39045,
+    39046, 39047, 39048, 39049, 39050, 39051, 39052, 39053,
+    39054, 39055, 39056, 39057, 39058, 39059, 39060, 39061,
+    39062, 39063, 39064, 39065, 39066, 39067, 39068, 39069,
+    39070, 39071, 39072, 39073, 39074, 39075, 39076, 39077,
+    39078, 39079, 39080, 39081, 39082, 39083, 39084, 39085,
+    39086, 39087, 39088, 39089, 39090, 39091, 39093, 39095,
+    39097, 39099, 39101, 39103, 39105,    -1,    -1,    -1,
+       -1, 39107, 39108, 39109, 39110, 39111, 39112, 39113,
+    39114, 39115, 39116, 39117, 39118, 39119, 39120, 39121,
+    39122, 39123, 39124, 39125, 39126, 39127, 39128, 39129,
+    39130, 39131, 39132, 39133, 39134, 39135, 39136, 39137,
+    39138, 39139, 39140, 39141, 39142, 39143, 39144, 39145,
+    39146, 39147, 39148, 39149, 39150, 39151, 39152, 39153,
+    39154, 39155, 39156, 39157, 39158, 39159, 39160, 39161,
+    39162, 39163, 39164, 39165, 39166, 39167, 39168, 39169,
+    39170, 39171, 39172, 39173, 39174, 39175, 39176, 39177,
+    39178, 39179, 39180, 39181, 39182, 39183, 39184, 39185,
+    39186, 39187, 39188, 39189, 39190, 39191, 39192, 39193,
+    39194, 39195, 39196, 39197, 39198, 39199, 39200, 39201,
+    39202, 39203, 39204, 39205, 39206, 39207, 39208, 39209,
+    39210, 39211, 39212, 39213, 39214, 39215, 39216, 39217,
+    39218, 39219, 39220, 39221, 39222, 39223, 39224, 39225,
+    39226, 39227, 39228, 39229, 39230, 39231, 39232, 39233,
+    39234, 39235, 39236, 39237, 39238, 39239, 39240, 39241,
+    39242, 39243, 39244, 39245, 39246, 39247, 39248, 39249,
+    39250, 39251, 39252, 39253, 39254, 39255, 39256, 39257,
+    39258, 39259, 39260, 39261, 39262, 39263, 39264, 39265,
+    39266, 39267, 39268, 39269, 39270, 39271, 39272, 39273,
+    39274, 39275, 39276, 39277, 39278, 39279, 39280, 39281,
+    39282, 39283, 39284, 39285, 39286, 39287, 39288, 39289,
+    39290, 39291, 39292, 39293, 39294, 39295, 39296,    -1,
+       -1,    -1, 39297, 39298, 39299, 39300, 39301, 39302,
+       -1,    -1, 39303, 39304, 39305, 39306, 39307, 39308,
+       -1,    -1, 39309, 39310, 39311, 39312, 39313, 39314,
+       -1,    -1, 39315, 39316, 39317,    -1,    -1,    -1,
+    39318, 39319, 39320, 39321, 39322, 39323, 39324,    -1,
+    39325, 39326, 39327, 39328, 39329, 39330, 39331,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,  6564,    -1,  6566,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,  6568,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,  6570,  6572,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,  6574,  6576,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,  6578,  6580,    -1,  6582,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,  6584,  6586,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,  6588,  6590,
+     6592,  6594,  6596,  6598,  6600,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,  6602,  6604,  6606,  6608,  6610,
+     6612,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    39382, 39383, 39384, 39385, 39386, 39387, 39388, 39389,
+    39390, 39391, 39392, 39393, 39394, 39395, 39396, 39397,
+    39398, 39399, 39400, 39401, 39402, 39403, 39404, 39405,
+    39406, 39407, 39408, 39409, 39410, 39411, 39412, 39413,
+    39414, 39415, 39416, 39417, 39418, 39419, 39420, 39421,
+    39422, 39423, 39424, 39425, 39426, 39427, 39428, 39429,
+    39430, 39431, 39432, 39433, 39434, 39435, 39436, 39437,
+    39438, 39439, 39440, 39441, 39442, 39443, 39444, 39445,
+    39446, 39447, 39448, 39449, 39450, 39451, 39452, 39453,
+    39454, 39455, 39456, 39457, 39458, 39459, 39460, 39461,
+    39462, 39463, 39464, 39465, 39466,    -1, 39467, 39468,
+    39469, 39470, 39471, 39472, 39473, 39474, 39475, 39476,
+    39477, 39478, 39479, 39480, 39481, 39482, 39483, 39484,
+    39485, 39486, 39487, 39488, 39489, 39490, 39491, 39492,
+    39493, 39494, 39495, 39496, 39497, 39498, 39499, 39500,
+    39501, 39502, 39503, 39504, 39505, 39506, 39507, 39508,
+    39509, 39510, 39511, 39512, 39513, 39514, 39515, 39516,
+    39517, 39518, 39519, 39520, 39521, 39522, 39523, 39524,
+    39525, 39526, 39527, 39528, 39529, 39530, 39531, 39532,
+    39533, 39534, 39535, 39536, 39537,    -1, 39538, 39539,
+       -1,    -1, 39540,    -1,    -1, 39541, 39542,    -1,
+       -1, 39543, 39544, 39545, 39546,    -1, 39547, 39548,
+    39549, 39550, 39551, 39552, 39553, 39554, 39555, 39556,
+    39557, 39558,    -1, 39559,    -1, 39560, 39561, 39562,
+    39563, 39564, 39565, 39566,    -1, 39567, 39568, 39569,
+    39570, 39571, 39572, 39573, 39574, 39575, 39576, 39577,
+    39578, 39579, 39580, 39581, 39582, 39583, 39584, 39585,
+    39586, 39587, 39588, 39589, 39590, 39591, 39592, 39593,
+    39594, 39595, 39596, 39597, 39598, 39599, 39600, 39601,
+    39602, 39603, 39604, 39605, 39606, 39607, 39608, 39609,
+    39610, 39611, 39612, 39613, 39614, 39615, 39616, 39617,
+    39618, 39619, 39620, 39621, 39622, 39623, 39624, 39625,
+    39626, 39627, 39628, 39629, 39630, 39631,    -1, 39632,
+    39633, 39634, 39635,    -1,    -1, 39636, 39637, 39638,
+    39639, 39640, 39641, 39642, 39643,    -1, 39644, 39645,
+    39646, 39647, 39648, 39649, 39650,    -1, 39651, 39652,
+    39653, 39654, 39655, 39656, 39657, 39658, 39659, 39660,
+    39661, 39662, 39663, 39664, 39665, 39666, 39667, 39668,
+    39669, 39670, 39671, 39672, 39673, 39674, 39675, 39676,
+    39677, 39678,    -1, 39679, 39680, 39681, 39682,    -1,
+    39683, 39684, 39685, 39686, 39687,    -1, 39688,    -1,
+       -1,    -1, 39689, 39690, 39691, 39692, 39693, 39694,
+    39695,    -1, 39696, 39697, 39698, 39699, 39700, 39701,
+    39702, 39703, 39704, 39705, 39706, 39707, 39708, 39709,
+    39710, 39711, 39712, 39713, 39714, 39715, 39716, 39717,
+    39718, 39719, 39720, 39721, 39722, 39723, 39724, 39725,
+    39726, 39727, 39728, 39729, 39730, 39731, 39732, 39733,
+    39734, 39735, 39736, 39737, 39738, 39739, 39740, 39741,
+    39742, 39743, 39744, 39745, 39746, 39747, 39748, 39749,
+    39750, 39751, 39752, 39753, 39754, 39755, 39756, 39757,
+    39758, 39759, 39760, 39761, 39762, 39763, 39764, 39765,
+    39766, 39767, 39768, 39769, 39770, 39771, 39772, 39773,
+    39774, 39775, 39776, 39777, 39778, 39779, 39780, 39781,
+    39782, 39783, 39784, 39785, 39786, 39787, 39788, 39789,
+    39790, 39791, 39792, 39793, 39794, 39795, 39796, 39797,
+    39798, 39799, 39800, 39801, 39802, 39803, 39804, 39805,
+    39806, 39807, 39808, 39809, 39810, 39811, 39812, 39813,
+    39814, 39815, 39816, 39817, 39818, 39819, 39820, 39821,
+    39822, 39823, 39824, 39825, 39826, 39827, 39828, 39829,
+    39830, 39831, 39832, 39833, 39834, 39835, 39836, 39837,
+    39838, 39839, 39840, 39841, 39842, 39843, 39844, 39845,
+    39846, 39847, 39848, 39849, 39850, 39851, 39852, 39853,
+    39854, 39855, 39856, 39857, 39858, 39859, 39860, 39861,
+    39862, 39863, 39864, 39865, 39866, 39867, 39868, 39869,
+    39870, 39871, 39872, 39873, 39874, 39875, 39876, 39877,
+    39878, 39879, 39880, 39881, 39882, 39883, 39884, 39885,
+    39886, 39887, 39888, 39889, 39890, 39891, 39892, 39893,
+    39894, 39895, 39896, 39897, 39898, 39899, 39900, 39901,
+    39902, 39903, 39904, 39905, 39906, 39907, 39908, 39909,
+    39910, 39911, 39912, 39913, 39914, 39915, 39916, 39917,
+    39918, 39919, 39920, 39921, 39922, 39923, 39924, 39925,
+    39926, 39927, 39928, 39929, 39930, 39931, 39932, 39933,
+    39934, 39935, 39936, 39937, 39938, 39939, 39940, 39941,
+    39942, 39943, 39944, 39945, 39946, 39947, 39948, 39949,
+    39950, 39951, 39952, 39953, 39954, 39955, 39956, 39957,
+    39958, 39959, 39960, 39961, 39962, 39963, 39964, 39965,
+    39966, 39967, 39968, 39969, 39970, 39971, 39972, 39973,
+    39974, 39975, 39976, 39977, 39978, 39979, 39980, 39981,
+    39982, 39983, 39984, 39985, 39986, 39987, 39988, 39989,
+    39990, 39991, 39992, 39993, 39994, 39995, 39996, 39997,
+    39998, 39999, 40000, 40001, 40002, 40003, 40004, 40005,
+    40006, 40007, 40008, 40009, 40010, 40011, 40012, 40013,
+    40014, 40015, 40016, 40017, 40018, 40019, 40020, 40021,
+    40022, 40023, 40024, 40025, 40026, 40027, 40028, 40029,
+    40030, 40031, 40032, 40033, 40034, 40035,    -1,    -1,
+    40036, 40037, 40038, 40039, 40040, 40041, 40042, 40043,
+    40044, 40045, 40046, 40047, 40048, 40049, 40050, 40051,
+    40052, 40053, 40054, 40055, 40056, 40057, 40058, 40059,
+    40060, 40061, 40062, 40063, 40064, 40065, 40066, 40067,
+    40068, 40069, 40070, 40071, 40072, 40073, 40074, 40075,
+    40076, 40077, 40078, 40079, 40080, 40081, 40082, 40083,
+    40084, 40085, 40086, 40087, 40088, 40089, 40090, 40091,
+    40092, 40093, 40094, 40095, 40096, 40097, 40098, 40099,
+    40100, 40101, 40102, 40103, 40104, 40105, 40106, 40107,
+    40108, 40109, 40110, 40111, 40112, 40113, 40114, 40115,
+    40116, 40117, 40118, 40119, 40120, 40121, 40122, 40123,
+    40124, 40125, 40126, 40127, 40128, 40129, 40130, 40131,
+    40132, 40133, 40134, 40135, 40136, 40137, 40138, 40139,
+    40140, 40141, 40142, 40143, 40144, 40145, 40146, 40147,
+    40148, 40149, 40150, 40151, 40152, 40153, 40154, 40155,
+    40156, 40157, 40158, 40159, 40160, 40161, 40162, 40163,
+    40164, 40165, 40166, 40167, 40168, 40169, 40170, 40171,
+    40172, 40173, 40174, 40175, 40176, 40177, 40178, 40179,
+    40180, 40181, 40182, 40183, 40184, 40185, 40186, 40187,
+    40188, 40189, 40190, 40191, 40192, 40193, 40194, 40195,
+    40196, 40197, 40198, 40199, 40200, 40201, 40202, 40203,
+    40204, 40205, 40206, 40207, 40208, 40209, 40210, 40211,
+    40212, 40213, 40214, 40215, 40216, 40217, 40218, 40219,
+    40220, 40221, 40222, 40223, 40224, 40225, 40226, 40227,
+    40228, 40229, 40230, 40231, 40232, 40233, 40234, 40235,
+    40236, 40237, 40238, 40239, 40240, 40241, 40242, 40243,
+    40244, 40245, 40246, 40247, 40248, 40249, 40250, 40251,
+    40252, 40253, 40254, 40255, 40256, 40257, 40258, 40259,
+    40260, 40261, 40262, 40263, 40264, 40265, 40266, 40267,
+    40268, 40269, 40270, 40271, 40272, 40273, 40274, 40275,
+    40276, 40277, 40278, 40279, 40280, 40281, 40282, 40283,
+    40284, 40285, 40286, 40287, 40288, 40289, 40290, 40291,
+    40292, 40293, 40294, 40295, 40296, 40297, 40298, 40299,
+    40300, 40301, 40302, 40303, 40304, 40305, 40306, 40307,
+    40308, 40309, 40310, 40311, 40312, 40313, 40314, 40315,
+    40316, 40317, 40318, 40319, 40320, 40321, 40322, 40323,
+    40324, 40325, 40326, 40327,    -1,    -1, 40328, 40329,
+    40330, 40331, 40332, 40333, 40334, 40335, 40336, 40337,
+    40338, 40339, 40340, 40341, 40342, 40343, 40344, 40345,
+    40346, 40347, 40348, 40349, 40350, 40351, 40352, 40353,
+    40354, 40355, 40356, 40357, 40358, 40359, 40360, 40361,
+    40362, 40363, 40364, 40365, 40366, 40367, 40368, 40369,
+    40370, 40371, 40372, 40373, 40374, 40375, 40376, 40377,
+    40378, 40379, 40380, 40381,    -1, 40382, 40383, 40384,
+    40385, 40386, 40387, 40388, 40389, 40390, 40391, 40392,
+    40393, 40394, 40395, 40396, 40397, 40398, 40399, 40400,
+    40401, 40402, 40403, 40404, 40405, 40406, 40407, 40408,
+       -1, 40409, 40410,    -1, 40411,    -1,    -1, 40412,
+       -1, 40413, 40414, 40415, 40416, 40417, 40418, 40419,
+    40420, 40421, 40422,    -1, 40423, 40424, 40425, 40426,
+       -1, 40427,    -1, 40428,    -1,    -1,    -1,    -1,
+       -1,    -1, 40429,    -1,    -1,    -1,    -1, 40430,
+       -1, 40431,    -1, 40432,    -1, 40433, 40434, 40435,
+       -1, 40436, 40437,    -1, 40438,    -1,    -1, 40439,
+       -1, 40440,    -1, 40441,    -1, 40442,    -1, 40443,
+       -1, 40444, 40445,    -1, 40446,    -1,    -1, 40447,
+    40448, 40449, 40450,    -1, 40451, 40452, 40453, 40454,
+    40455, 40456, 40457,    -1, 40458, 40459, 40460, 40461,
+       -1, 40462, 40463, 40464, 40465,    -1, 40466,    -1,
+    40467, 40468, 40469, 40470, 40471, 40472, 40473, 40474,
+    40475, 40476,    -1, 40477, 40478, 40479, 40480, 40481,
+    40482, 40483, 40484, 40485, 40486, 40487, 40488, 40489,
+    40490, 40491, 40492, 40493,    -1,    -1,    -1,    -1,
+       -1, 40494, 40495, 40496,    -1, 40497, 40498, 40499,
+    40500, 40501,    -1, 40502, 40503, 40504, 40505, 40506,
+    40507, 40508, 40509, 40510, 40511, 40512, 40513, 40514,
+    40515, 40516, 40517, 40518,    -1,    -1,    -1,    -1,
+    40519, 40521, 40523, 40525, 40527, 40529, 40531, 40533,
+    40535, 40537, 40539,    -1,    -1,    -1,    -1,    -1,
+    40541, 40544, 40547, 40550, 40553, 40556, 40559, 40562,
+    40565, 40568, 40571, 40574, 40577, 40580, 40583, 40586,
+    40589, 40592, 40595, 40598, 40601, 40604, 40607, 40610,
+    40613, 40616, 40619, 40622, 40623, 40624, 40626,    -1,
+    40628, 40629, 40630, 40631, 40632, 40633, 40634, 40635,
+    40636, 40637, 40638, 40639, 40640, 40641, 40642, 40643,
+    40644, 40645, 40646, 40647, 40648, 40649, 40650, 40651,
+    40652, 40653, 40654, 40656, 40658, 40660, 40662, 40665,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1, 40667, 40669,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    40671,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    40673, 40675, 40677,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    40678, 40679, 40680, 40681, 40682, 40683, 40684, 40685,
+    40686, 40687, 40688, 40689, 40690, 40691, 40692, 40693,
+    40694, 40695, 40696, 40697, 40698, 40699, 40700, 40701,
+    40702, 40703, 40704, 40705, 40706, 40707, 40708, 40709,
+    40710, 40711, 40712, 40713, 40714, 40715, 40716, 40717,
+    40718, 40719, 40720, 40721,    -1,    -1,    -1,    -1,
+    40722, 40725, 40728, 40731, 40734, 40737, 40740, 40743,
+    40746,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+    40749, 40750,    -1,    -1,    -1,    -1,    -1,    -1,
+       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+     7983,  7984,  7985,  7986,  7987,  7988,  7989,  7990,
+     7991,  7992,  7993,  7994,  7995,  7996,  7997,  7998,
+     7999,  8000,  8001,  8002,  8003,  8004,  8005,  8006,
+     8007,  8008,  8009,  8010,  8011,  8012,  8013,  8014,
+     8015,  8016,  8017,  8018,  8019,  8020,  8021,  8022,
+     8023,  8024,  8025,  8026,  8027,  8028,  8029,  8030,
+     8031,  8032,  8033,  8034,  8035,  8036,  8037,  8038,
+     8039,  8040,  8041,  8042,  8043,  8044,  8045,  8046,
+     8047,  8048,  8049,  8050,  8051,  8052,  8053,  8054,
+     8055,  8056,  8057,  8058,  8059,  8060,  8061,  8062,
+     8063,  8064,  8065,  8066,  8067,  8068,  8069,  8070,
+     8071,  8072,  8073,  8074,  8075,  8076,  8077,  8078,
+     8079,  8080,  8081,  8082,  8083,  8084,  8085,  8086,
+     8087,  8088,  8089,  8090,  8091,  8092,  8093,  8094,
+     8095,  8096,  8097,  8098,  8099,  8100,  8101,  8102,
+     8103,  8104,  8105,  8106,  8107,  8108,  8109,  8110,
+     8111,  8112,  8113,  8114,  8115,  8116,  8117,  8118,
+     8119,  8120,  8121,  8122,  8123,  8124,  8125,  8126,
+     8127,  8128,  8129,  8130,  8131,  8132,  8133,  8134,
+     8135,  8136,  8137,  8138,  8139,  8140,  8141,  8142,
+     8143,  8144,  8145,  8146,  8147,  8148,  8149,  8150,
+     8151,  8152,  8153,  8154,  8155,  8156,  8157,  8158,
+     8159,  8160,  8161,  8162,  8163,  8164,  8165,  8166,
+     8167,  8168,  8169,  8170,  8171,  8172,  8173,  8174,
+     8175,  8176,  8177,  8178,  8179,  8180,  8181,  8182,
+     8183,  8184,  8185,  8186,  8187,  8188,  8189,  8190,
+     8191,  8192,  8193,  8194,  8195,  8196,  8197,  8198,
+     8199,  8200,  8201,  8202,  8203,  8204,  8205,  8206,
+     8207,  8208,  8209,  8210,  8211,  8212,  8213,  8214,
+     8215,  8216,  8217,  8218,  8219,  8220,  8221,  8222,
+     8223,  8224,  8225,  8226,  8227,  8228,  8229,  8230,
+     8231,  8232,  8233,  8234,  8235,  8236,  8237,  8238,
+     8239,  8240,  8241,  8242,  8243,  8244,  8245,  8246,
+     8247,  8248,  8249,  8250,  8251,  8252,  8253,  8254,
+     8255,  8256,  8257,  8258,  8259,  8260,  8261,  8262,
+     8263,  8264,  8265,  8266,  8267,  8268,  8269,  8270,
+     8271,  8272,  8273,  8274,  8275,  8276,  8277,  8278,
+     8279,  8280,  8281,  8282,  8283,  8284,  8285,  8286,
+     8287,  8288,  8289,  8290,  8291,  8292,  8293,  8294,
+     8295,  8296,  8297,  8298,  8299,  8300,  8301,  8302,
+     8303,  8304,  8305,  8306,  8307,  8308,  8309,  8310,
+     8311,  8312,  8313,  8314,  8315,  8316,  8317,  8318,
+     8319,  8320,  8321,  8322,  8323,  8324,  8325,  8326,
+     8327,  8328,  8329,  8330,  8331,  8332,  8333,  8334,
+     8335,  8336,  8337,  8338,  8339,  8340,  8341,  8342,
+     8343,  8344,  8345,  8346,  8347,  8348,  8349,  8350,
+     8351,  8352,  8353,  8354,  8355,  8356,  8357,  8358,
+     8359,  8360,  8361,  8362,  8363,  8364,  8365,  8366,
+     8367,  8368,  8369,  8370,  8371,  8372,  8373,  8374,
+     8375,  8376,  8377,  8378,  8379,  8380,  8381,  8382,
+     8383,  8384,  8385,  8386,  8387,  8388,  8389,  8390,
+     8391,  8392,  8393,  8394,  8395,  8396,  8397,  8398,
+     8399,  8400,  8401,  8402,  8403,  8404,  8405,  8406,
+     8407,  8408,  8409,  8410,  8411,  8412,  8413,  8414,
+     8415,  8416,  8417,  8418,  8419,  8420,  8421,  8422,
+     8423,  8424,  8425,  8426,  8427,  8428,  8429,  8430,
+     8431,  8432,  8433,  8434,  8435,  8436,  8437,  8438,
+     8439,  8440,  8441,  8442,  8443,  8444,  8445,  8446,
+     8447,  8448,  8449,  8450,  8451,  8452,  8453,  8454,
+     8455,  8456,  8457,  8458,  8459,  8460,  8461,  8462,
+     8463,  8464,  8465,  8466,  8467,  8468,  8469,  8470,
+     8471,  8472,  8473,  8474,  8475,  8476,  8477,  8478,
+     8479,  8480,  8481,  8482,  8483,  8484,  8485,  8486,
+     8487,  8488,  8489,  8490,  8491,  8492,  8493,  8494,
+     8495,  8496,  8497,  8498,  8499,  8500,  8501,  8502,
+     8503,  8504,  8505,  8506,  8507,  8508,  8509,  8510,
+     8511,  8512,  8513,  8514,  8515,  8516,  8517,  8518,
+     8519,  8520,  8521,  8522,  8523,  8524,    -1,    -1
+  }
+};
diff --git a/lib/unistring/uninorm/decomposition.c b/lib/unistring/uninorm/decomposition.c
new file mode 100644
index 0000000..7feb81f
--- /dev/null
+++ b/lib/unistring/uninorm/decomposition.c
@@ -0,0 +1,111 @@
+/* Decomposition of Unicode characters.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "uninorm.h"
+
+#include "uninorm/decomposition-table.h"
+
+int
+uc_decomposition (ucs4_t uc, int *decomp_tag, ucs4_t *decomposition)
+{
+  if (uc >= 0xAC00 && uc < 0xD7A4)
+    {
+      /* Hangul syllable.  See Unicode standard, chapter 3, section
+         "Hangul Syllable Decomposition",  See also the clarification at
+         <https://www.unicode.org/versions/Unicode5.1.0/>, section
+         "Clarification of Hangul Jamo Handling".  */
+      unsigned int t;
+
+      uc -= 0xAC00;
+      t = uc % 28;
+
+      *decomp_tag = UC_DECOMP_CANONICAL;
+      if (t == 0)
+        {
+          unsigned int v, l;
+
+          uc = uc / 28;
+          v = uc % 21;
+          l = uc / 21;
+
+          decomposition[0] = 0x1100 + l;
+          decomposition[1] = 0x1161 + v;
+          return 2;
+        }
+      else
+        {
+#if 1 /* Return the pairwise decomposition, not the full decomposition.  */
+          decomposition[0] = 0xAC00 + uc - t; /* = 0xAC00 + (l * 21 + v) * 28; */
+          decomposition[1] = 0x11A7 + t;
+          return 2;
+#else
+          unsigned int v, l;
+
+          uc = uc / 28;
+          v = uc % 21;
+          l = uc / 21;
+
+          decomposition[0] = 0x1100 + l;
+          decomposition[1] = 0x1161 + v;
+          decomposition[2] = 0x11A7 + t;
+          return 3;
+#endif
+        }
+    }
+  else if (uc < 0x110000)
+    {
+      unsigned short entry = decomp_index (uc);
+      if (entry != (unsigned short)(-1))
+        {
+          const unsigned char *p;
+          unsigned int element;
+          unsigned int length;
+
+          p = &gl_uninorm_decomp_chars_table[3 * (entry & 0x7FFF)];
+          element = (p[0] << 16) | (p[1] << 8) | p[2];
+          /* The first element has 5 bits for the decomposition type.  */
+          *decomp_tag = (element >> 18) & 0x1f;
+          length = 1;
+          for (;;)
+            {
+              /* Every element has an 18 bits wide Unicode code point.  */
+              *decomposition = element & 0x3ffff;
+              /* Bit 23 tells whether there are more elements,  */
+              if ((element & (1 << 23)) == 0)
+                break;
+              p += 3;
+              element = (p[0] << 16) | (p[1] << 8) | p[2];
+              decomposition++;
+              length++;
+            }
+          return length;
+        }
+    }
+  return -1;
+}
diff --git a/lib/unistring/uninorm/nfc.c b/lib/unistring/uninorm/nfc.c
new file mode 100644
index 0000000..49bc75e
--- /dev/null
+++ b/lib/unistring/uninorm/nfc.c
@@ -0,0 +1,40 @@
+/* Unicode Normalization Form C.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "uninorm.h"
+
+#include "normalize-internal.h"
+
+const struct unicode_normalization_form uninorm_nfc =
+  {
+    NF_IS_COMPOSING,
+    uc_canonical_decomposition,
+    uc_composition,
+    &uninorm_nfd
+  };
diff --git a/lib/unistring/uninorm/nfd.c b/lib/unistring/uninorm/nfd.c
new file mode 100644
index 0000000..93160fd
--- /dev/null
+++ b/lib/unistring/uninorm/nfd.c
@@ -0,0 +1,40 @@
+/* Unicode Normalization Form D.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "uninorm.h"
+
+#include "normalize-internal.h"
+
+const struct unicode_normalization_form uninorm_nfd =
+  {
+    0,
+    uc_canonical_decomposition,
+    NULL,
+    &uninorm_nfd
+  };
diff --git a/lib/unistring/uninorm/nfkc.c b/lib/unistring/uninorm/nfkc.c
new file mode 100644
index 0000000..4633652
--- /dev/null
+++ b/lib/unistring/uninorm/nfkc.c
@@ -0,0 +1,41 @@
+/* Unicode Normalization Form KC.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "uninorm.h"
+
+#include "normalize-internal.h"
+#include "uninorm/decompose-internal.h"
+
+const struct unicode_normalization_form uninorm_nfkc =
+  {
+    NF_IS_COMPAT_DECOMPOSING | NF_IS_COMPOSING,
+    uc_compat_decomposition,
+    uc_composition,
+    &uninorm_nfkd
+  };
diff --git a/lib/unistring/uninorm/nfkd.c b/lib/unistring/uninorm/nfkd.c
new file mode 100644
index 0000000..d47d87b
--- /dev/null
+++ b/lib/unistring/uninorm/nfkd.c
@@ -0,0 +1,41 @@
+/* Unicode Normalization Form KD.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "uninorm.h"
+
+#include "normalize-internal.h"
+#include "uninorm/decompose-internal.h"
+
+const struct unicode_normalization_form uninorm_nfkd =
+  {
+    NF_IS_COMPAT_DECOMPOSING,
+    uc_compat_decomposition,
+    NULL,
+    &uninorm_nfkd
+  };
diff --git a/lib/unistring/uninorm/normalize-internal.h b/lib/unistring/uninorm/normalize-internal.h
new file mode 100644
index 0000000..7d78153
--- /dev/null
+++ b/lib/unistring/uninorm/normalize-internal.h
@@ -0,0 +1,44 @@
+/* Normalization of Unicode strings.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include "unitypes.h"
+
+/* Complete definition of normalization form descriptor.  */
+struct unicode_normalization_form
+{
+  /* Bit mask containing meta-information.
+     This must be the first field.  */
+  unsigned int description;
+  #define NF_IS_COMPAT_DECOMPOSING  (1 << 0)
+  #define NF_IS_COMPOSING           (1 << 1)
+  /* Function that decomposes a Unicode character.  */
+  int (*decomposer) (ucs4_t uc, ucs4_t *decomposition);
+  /* Function that combines two Unicode characters, a starter and another
+     character.  */
+  ucs4_t (*composer) (ucs4_t uc1, ucs4_t uc2);
+  /* Decomposing variant.  */
+  const struct unicode_normalization_form *decomposing_variant;
+};
diff --git a/lib/unistring/uninorm/u-normalize-internal.h b/lib/unistring/uninorm/u-normalize-internal.h
new file mode 100644
index 0000000..c78083c
--- /dev/null
+++ b/lib/unistring/uninorm/u-normalize-internal.h
@@ -0,0 +1,389 @@
+/* Decomposition and composition of Unicode strings.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+UNIT *
+FUNC (uninorm_t nf, const UNIT *s, size_t n,
+      UNIT *resultbuf, size_t *lengthp)
+{
+  int (*decomposer) (ucs4_t uc, ucs4_t *decomposition) = nf->decomposer;
+  ucs4_t (*composer) (ucs4_t uc1, ucs4_t uc2) = nf->composer;
+
+  /* The result being accumulated.  */
+  UNIT *result;
+  size_t length;
+  size_t allocated;
+  /* The buffer for sorting.  */
+  #define SORTBUF_PREALLOCATED 64
+  struct ucs4_with_ccc sortbuf_preallocated[2 * SORTBUF_PREALLOCATED];
+  struct ucs4_with_ccc *sortbuf; /* array of size 2 * sortbuf_allocated */
+  size_t sortbuf_allocated;
+  size_t sortbuf_count;
+
+  /* Initialize the accumulator.  */
+  if (resultbuf == NULL)
+    {
+      result = NULL;
+      allocated = 0;
+    }
+  else
+    {
+      result = resultbuf;
+      allocated = *lengthp;
+    }
+  length = 0;
+
+  /* Initialize the buffer for sorting.  */
+  sortbuf = sortbuf_preallocated;
+  sortbuf_allocated = SORTBUF_PREALLOCATED;
+  sortbuf_count = 0;
+
+  {
+    const UNIT *s_end = s + n;
+
+    for (;;)
+      {
+        int count;
+        ucs4_t decomposed[UC_DECOMPOSITION_MAX_LENGTH];
+        int decomposed_count;
+        int i;
+
+        if (s < s_end)
+          {
+            /* Fetch the next character.  */
+            count = U_MBTOUC_UNSAFE (&decomposed[0], s, s_end - s);
+            decomposed_count = 1;
+
+            /* Decompose it, recursively.
+               It would be possible to precompute the recursive decomposition
+               and store it in a table.  But this would significantly increase
+               the size of the decomposition tables, because for example for
+               U+1FC1 the recursive canonical decomposition and the recursive
+               compatibility decomposition are different.  */
+            {
+              int curr;
+
+              for (curr = 0; curr < decomposed_count; )
+                {
+                  /* Invariant: decomposed[0..curr-1] is fully decomposed, i.e.
+                     all elements are atomic.  */
+                  ucs4_t curr_decomposed[UC_DECOMPOSITION_MAX_LENGTH];
+                  int curr_decomposed_count;
+
+                  curr_decomposed_count = decomposer (decomposed[curr], curr_decomposed);
+                  if (curr_decomposed_count >= 0)
+                    {
+                      /* Move curr_decomposed[0..curr_decomposed_count-1] over
+                         decomposed[curr], making room.  It's not worth using
+                         memcpy() here, since the counts are so small.  */
+                      int shift = curr_decomposed_count - 1;
+
+                      if (shift < 0)
+                        abort ();
+                      if (shift > 0)
+                        {
+                          int j;
+
+                          decomposed_count += shift;
+                          if (decomposed_count > UC_DECOMPOSITION_MAX_LENGTH)
+                            abort ();
+                          for (j = decomposed_count - 1 - shift; j > curr; j--)
+                            decomposed[j + shift] = decomposed[j];
+                        }
+                      for (; shift >= 0; shift--)
+                        decomposed[curr + shift] = curr_decomposed[shift];
+                    }
+                  else
+                    {
+                      /* decomposed[curr] is atomic.  */
+                      curr++;
+                    }
+                }
+            }
+          }
+        else
+          {
+            count = 0;
+            decomposed_count = 0;
+          }
+
+        i = 0;
+        for (;;)
+          {
+            ucs4_t uc;
+            int ccc;
+
+            if (s < s_end)
+              {
+                /* Fetch the next character from the decomposition.  */
+                if (i == decomposed_count)
+                  break;
+                uc = decomposed[i];
+                ccc = uc_combining_class (uc);
+              }
+            else
+              {
+                /* End of string reached.  */
+                uc = 0;
+                ccc = 0;
+              }
+
+            if (ccc == 0)
+              {
+                size_t j;
+
+                /* Apply the canonical ordering algorithm to the accumulated
+                   sequence of characters.  */
+                if (sortbuf_count > 1)
+                  gl_uninorm_decompose_merge_sort_inplace (sortbuf, sortbuf_count,
+                                                           sortbuf + sortbuf_count);
+
+                if (composer != NULL)
+                  {
+                    /* Attempt to combine decomposed characters, as specified
+                       in the Unicode Standard Annex #15 "Unicode Normalization
+                       Forms".  We need to check
+                         1. whether the first accumulated character is a
+                            "starter" (i.e. has ccc = 0).  This is usually the
+                            case.  But when the string starts with a
+                            non-starter, the sortbuf also starts with a
+                            non-starter.  Btw, this check could also be
+                            omitted, because the composition table has only
+                            entries (code1, code2) for which code1 is a
+                            starter; if the first accumulated character is not
+                            a starter, no lookup will succeed.
+                         2. If the sortbuf has more than one character, check
+                            for each of these characters that are not "blocked"
+                            from the starter (i.e. have a ccc that is higher
+                            than the ccc of the previous character) whether it
+                            can be combined with the first character.
+                         3. If only one character is left in sortbuf, check
+                            whether it can be combined with the next character
+                            (also a starter).  */
+                    if (sortbuf_count > 0 && sortbuf[0].ccc == 0)
+                      {
+                        for (j = 1; j < sortbuf_count; )
+                          {
+                            if (sortbuf[j].ccc > sortbuf[j - 1].ccc)
+                              {
+                                ucs4_t combined =
+                                  composer (sortbuf[0].code, sortbuf[j].code);
+                                if (combined)
+                                  {
+                                    size_t k;
+
+                                    sortbuf[0].code = combined;
+                                    /* sortbuf[0].ccc = 0, still valid.  */
+                                    for (k = j + 1; k < sortbuf_count; k++)
+                                      sortbuf[k - 1] = sortbuf[k];
+                                    sortbuf_count--;
+                                    continue;
+                                  }
+                              }
+                            j++;
+                          }
+                        if (s < s_end && sortbuf_count == 1)
+                          {
+                            ucs4_t combined =
+                              composer (sortbuf[0].code, uc);
+                            if (combined)
+                              {
+                                uc = combined;
+                                ccc = 0;
+                                /* uc could be further combined with subsequent
+                                   characters.  So don't put it into sortbuf[0] in
+                                   this round, only in the next round.  */
+                                sortbuf_count = 0;
+                              }
+                          }
+                      }
+                  }
+
+                for (j = 0; j < sortbuf_count; j++)
+                  {
+                    ucs4_t muc = sortbuf[j].code;
+
+                    /* Append muc to the result accumulator.  */
+                    if (length < allocated)
+                      {
+                        int ret =
+                          U_UCTOMB (result + length, muc, allocated - length);
+                        if (ret == -1)
+                          {
+                            errno = EINVAL;
+                            goto fail;
+                          }
+                        if (ret >= 0)
+                          {
+                            length += ret;
+                            goto done_appending;
+                          }
+                      }
+                    {
+                      size_t old_allocated = allocated;
+                      size_t new_allocated = 2 * old_allocated;
+                      if (new_allocated < 64)
+                        new_allocated = 64;
+                      if (new_allocated < old_allocated) /* integer overflow? */
+                        abort ();
+                      {
+                        UNIT *larger_result;
+                        if (result == NULL)
+                          {
+                            larger_result =
+                              (UNIT *) malloc (new_allocated * sizeof (UNIT));
+                            if (larger_result == NULL)
+                              {
+                                errno = ENOMEM;
+                                goto fail;
+                              }
+                          }
+                        else if (result == resultbuf)
+                          {
+                            larger_result =
+                              (UNIT *) malloc (new_allocated * sizeof (UNIT));
+                            if (larger_result == NULL)
+                              {
+                                errno = ENOMEM;
+                                goto fail;
+                              }
+                            U_CPY (larger_result, resultbuf, length);
+                          }
+                        else
+                          {
+                            larger_result =
+                              (UNIT *) realloc (result, new_allocated * sizeof (UNIT));
+                            if (larger_result == NULL)
+                              {
+                                errno = ENOMEM;
+                                goto fail;
+                              }
+                          }
+                        result = larger_result;
+                        allocated = new_allocated;
+                        {
+                          int ret =
+                            U_UCTOMB (result + length, muc, allocated - length);
+                          if (ret == -1)
+                            {
+                              errno = EINVAL;
+                              goto fail;
+                            }
+                          if (ret < 0)
+                            abort ();
+                          length += ret;
+                          goto done_appending;
+                        }
+                      }
+                    }
+                   done_appending: ;
+                  }
+
+                /* sortbuf is now empty.  */
+                sortbuf_count = 0;
+              }
+
+            if (!(s < s_end))
+              /* End of string reached.  */
+              break;
+
+            /* Append (uc, ccc) to sortbuf.  */
+            if (sortbuf_count == sortbuf_allocated)
+              {
+                struct ucs4_with_ccc *new_sortbuf;
+
+                sortbuf_allocated = 2 * sortbuf_allocated;
+                if (sortbuf_allocated < sortbuf_count) /* integer overflow? */
+                  abort ();
+                new_sortbuf =
+                  (struct ucs4_with_ccc *) malloc (2 * sortbuf_allocated * sizeof (struct ucs4_with_ccc));
+                if (new_sortbuf == NULL)
+                  {
+                    errno = ENOMEM;
+                    goto fail;
+                  }
+                memcpy (new_sortbuf, sortbuf,
+                        sortbuf_count * sizeof (struct ucs4_with_ccc));
+                if (sortbuf != sortbuf_preallocated)
+                  free (sortbuf);
+                sortbuf = new_sortbuf;
+              }
+            sortbuf[sortbuf_count].code = uc;
+            sortbuf[sortbuf_count].ccc = ccc;
+            sortbuf_count++;
+
+            i++;
+          }
+
+        if (!(s < s_end))
+          /* End of string reached.  */
+          break;
+
+        s += count;
+      }
+  }
+
+  if (length == 0)
+    {
+      if (result == NULL)
+        {
+          /* Return a non-NULL value.  NULL means error.  */
+          result = (UNIT *) malloc (1);
+          if (result == NULL)
+            {
+              errno = ENOMEM;
+              goto fail;
+            }
+        }
+    }
+  else if (result != resultbuf && length < allocated)
+    {
+      /* Shrink the allocated memory if possible.  */
+      UNIT *memory;
+
+      memory = (UNIT *) realloc (result, length * sizeof (UNIT));
+      if (memory != NULL)
+        result = memory;
+    }
+
+  if (sortbuf_count > 0)
+    abort ();
+  if (sortbuf != sortbuf_preallocated)
+    free (sortbuf);
+
+  *lengthp = length;
+  return result;
+
+ fail:
+  {
+    int saved_errno = errno;
+    if (sortbuf != sortbuf_preallocated)
+      free (sortbuf);
+    if (result != resultbuf)
+      free (result);
+    errno = saved_errno;
+  }
+  return NULL;
+}
diff --git a/lib/unistring/uninorm/u16-normalize.c b/lib/unistring/uninorm/u16-normalize.c
new file mode 100644
index 0000000..00cfdc8
--- /dev/null
+++ b/lib/unistring/uninorm/u16-normalize.c
@@ -0,0 +1,47 @@
+/* Normalization of UTF-16 strings.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "uninorm.h"
+
+#include <errno.h>
+#include <stddef.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "unistr.h"
+#include "unictype.h"
+#include "normalize-internal.h"
+#include "uninorm/decompose-internal.h"
+
+#define FUNC u16_normalize
+#define UNIT uint16_t
+#define U_MBTOUC_UNSAFE u16_mbtouc_unsafe
+#define U_UCTOMB u16_uctomb
+#define U_CPY u16_cpy
+#include "u-normalize-internal.h"
diff --git a/lib/unistring/uninorm/u32-normalize.c b/lib/unistring/uninorm/u32-normalize.c
new file mode 100644
index 0000000..928f8a7
--- /dev/null
+++ b/lib/unistring/uninorm/u32-normalize.c
@@ -0,0 +1,47 @@
+/* Normalization of UTF-32 strings.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "uninorm.h"
+
+#include <errno.h>
+#include <stddef.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "unistr.h"
+#include "unictype.h"
+#include "normalize-internal.h"
+#include "uninorm/decompose-internal.h"
+
+#define FUNC u32_normalize
+#define UNIT uint32_t
+#define U_MBTOUC_UNSAFE u32_mbtouc_unsafe
+#define U_UCTOMB u32_uctomb
+#define U_CPY u32_cpy
+#include "u-normalize-internal.h"
diff --git a/lib/unistring/uninorm/u8-normalize.c b/lib/unistring/uninorm/u8-normalize.c
new file mode 100644
index 0000000..d263cc9
--- /dev/null
+++ b/lib/unistring/uninorm/u8-normalize.c
@@ -0,0 +1,47 @@
+/* Normalization of UTF-8 strings.
+   Copyright (C) 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2009.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "uninorm.h"
+
+#include <errno.h>
+#include <stddef.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "unistr.h"
+#include "unictype.h"
+#include "normalize-internal.h"
+#include "uninorm/decompose-internal.h"
+
+#define FUNC u8_normalize
+#define UNIT uint8_t
+#define U_MBTOUC_UNSAFE u8_mbtouc_unsafe
+#define U_UCTOMB u8_uctomb
+#define U_CPY u8_cpy
+#include "u-normalize-internal.h"
diff --git a/lib/unistring/unistr.in.h b/lib/unistring/unistr.in.h
new file mode 100644
index 0000000..50b3058
--- /dev/null
+++ b/lib/unistring/unistr.in.h
@@ -0,0 +1,758 @@
+/* Elementary Unicode string functions.
+   Copyright (C) 2001-2002, 2005-2021 Free Software Foundation, Inc.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#ifndef _UNISTR_H
+#define _UNISTR_H
+
+#include "unitypes.h"
+
+/* Get common macros for C.  */
+#include "unused-parameter.h"
+
+/* Get bool.  */
+#include <stdbool.h>
+
+/* Get size_t, ptrdiff_t.  */
+#include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+/* Conventions:
+
+   All functions prefixed with u8_ operate on UTF-8 encoded strings.
+   Their unit is an uint8_t (1 byte).
+
+   All functions prefixed with u16_ operate on UTF-16 encoded strings.
+   Their unit is an uint16_t (a 2-byte word).
+
+   All functions prefixed with u32_ operate on UCS-4 encoded strings.
+   Their unit is an uint32_t (a 4-byte word).
+
+   All argument pairs (s, n) denote a Unicode string s[0..n-1] with exactly
+   n units.
+
+   All arguments starting with "str" and the arguments of functions starting
+   with u8_str/u16_str/u32_str denote a NUL terminated string, i.e. a string
+   which terminates at the first NUL unit.  This termination unit is
+   considered part of the string for all memory allocation purposes, but
+   is not considered part of the string for all other logical purposes.
+
+   Functions returning a string result take a (resultbuf, lengthp) argument
+   pair.  If resultbuf is not NULL and the result fits into *lengthp units,
+   it is put in resultbuf, and resultbuf is returned.  Otherwise, a freshly
+   allocated string is returned.  In both cases, *lengthp is set to the
+   length (number of units) of the returned string.  In case of error,
+   NULL is returned and errno is set.  */
+
+
+/* Elementary string checks.  */
+
+/* Check whether an UTF-8 string is well-formed.
+   Return NULL if valid, or a pointer to the first invalid unit otherwise.  */
+extern const uint8_t *
+       u8_check (const uint8_t *s, size_t n)
+       _UC_ATTRIBUTE_PURE;
+
+/* Check whether an UTF-16 string is well-formed.
+   Return NULL if valid, or a pointer to the first invalid unit otherwise.  */
+extern const uint16_t *
+       u16_check (const uint16_t *s, size_t n)
+       _UC_ATTRIBUTE_PURE;
+
+/* Check whether an UCS-4 string is well-formed.
+   Return NULL if valid, or a pointer to the first invalid unit otherwise.  */
+extern const uint32_t *
+       u32_check (const uint32_t *s, size_t n)
+       _UC_ATTRIBUTE_PURE;
+
+
+/* Elementary string conversions.  */
+
+/* Convert an UTF-8 string to an UTF-16 string.  */
+extern uint16_t *
+       u8_to_u16 (const uint8_t *s, size_t n, uint16_t *resultbuf,
+                  size_t *lengthp);
+
+/* Convert an UTF-8 string to an UCS-4 string.  */
+extern uint32_t *
+       u8_to_u32 (const uint8_t *s, size_t n, uint32_t *resultbuf,
+                  size_t *lengthp);
+
+/* Convert an UTF-16 string to an UTF-8 string.  */
+extern uint8_t *
+       u16_to_u8 (const uint16_t *s, size_t n, uint8_t *resultbuf,
+                  size_t *lengthp);
+
+/* Convert an UTF-16 string to an UCS-4 string.  */
+extern uint32_t *
+       u16_to_u32 (const uint16_t *s, size_t n, uint32_t *resultbuf,
+                   size_t *lengthp);
+
+/* Convert an UCS-4 string to an UTF-8 string.  */
+extern uint8_t *
+       u32_to_u8 (const uint32_t *s, size_t n, uint8_t *resultbuf,
+                  size_t *lengthp);
+
+/* Convert an UCS-4 string to an UTF-16 string.  */
+extern uint16_t *
+       u32_to_u16 (const uint32_t *s, size_t n, uint16_t *resultbuf,
+                   size_t *lengthp);
+
+
+/* Elementary string functions.  */
+
+/* Return the length (number of units) of the first character in S, which is
+   no longer than N.  Return 0 if it is the NUL character.  Return -1 upon
+   failure.  */
+/* Similar to mblen(), except that s must not be NULL.  */
+extern int
+       u8_mblen (const uint8_t *s, size_t n)
+       _UC_ATTRIBUTE_PURE;
+extern int
+       u16_mblen (const uint16_t *s, size_t n)
+       _UC_ATTRIBUTE_PURE;
+extern int
+       u32_mblen (const uint32_t *s, size_t n)
+       _UC_ATTRIBUTE_PURE;
+
+/* Return the length (number of units) of the first character in S, putting
+   its 'ucs4_t' representation in *PUC.  Upon failure, *PUC is set to 0xfffd,
+   and an appropriate number of units is returned.
+   The number of available units, N, must be > 0.  */
+/* Similar to mbtowc(), except that puc and s must not be NULL, n must be > 0,
+   and the NUL character is not treated specially.  */
+/* The variants with _unsafe suffix are for backward compatibility with
+   libunistring versions < 0.9.7.  */
+
+#if GNULIB_UNISTR_U8_MBTOUC_UNSAFE || HAVE_LIBUNISTRING
+# if !HAVE_INLINE
+extern int
+       u8_mbtouc_unsafe (ucs4_t *puc, const uint8_t *s, size_t n);
+# else
+extern int
+       u8_mbtouc_unsafe_aux (ucs4_t *puc, const uint8_t *s, size_t n);
+static inline int
+u8_mbtouc_unsafe (ucs4_t *puc, const uint8_t *s, size_t n)
+{
+  uint8_t c = *s;
+
+  if (c < 0x80)
+    {
+      *puc = c;
+      return 1;
+    }
+  else
+    return u8_mbtouc_unsafe_aux (puc, s, n);
+}
+# endif
+#endif
+
+#if GNULIB_UNISTR_U16_MBTOUC_UNSAFE || HAVE_LIBUNISTRING
+# if !HAVE_INLINE
+extern int
+       u16_mbtouc_unsafe (ucs4_t *puc, const uint16_t *s, size_t n);
+# else
+extern int
+       u16_mbtouc_unsafe_aux (ucs4_t *puc, const uint16_t *s, size_t n);
+static inline int
+u16_mbtouc_unsafe (ucs4_t *puc, const uint16_t *s, size_t n)
+{
+  uint16_t c = *s;
+
+  if (c < 0xd800 || c >= 0xe000)
+    {
+      *puc = c;
+      return 1;
+    }
+  else
+    return u16_mbtouc_unsafe_aux (puc, s, n);
+}
+# endif
+#endif
+
+#if GNULIB_UNISTR_U32_MBTOUC_UNSAFE || HAVE_LIBUNISTRING
+# if !HAVE_INLINE
+extern int
+       u32_mbtouc_unsafe (ucs4_t *puc, const uint32_t *s, size_t n);
+# else
+static inline int
+u32_mbtouc_unsafe (ucs4_t *puc,
+                   const uint32_t *s, size_t n _GL_UNUSED_PARAMETER)
+{
+  uint32_t c = *s;
+
+  if (c < 0xd800 || (c >= 0xe000 && c < 0x110000))
+    *puc = c;
+  else
+    /* invalid multibyte character */
+    *puc = 0xfffd;
+  return 1;
+}
+# endif
+#endif
+
+#if GNULIB_UNISTR_U8_MBTOUC || HAVE_LIBUNISTRING
+# if !HAVE_INLINE
+extern int
+       u8_mbtouc (ucs4_t *puc, const uint8_t *s, size_t n);
+# else
+extern int
+       u8_mbtouc_aux (ucs4_t *puc, const uint8_t *s, size_t n);
+static inline int
+u8_mbtouc (ucs4_t *puc, const uint8_t *s, size_t n)
+{
+  uint8_t c = *s;
+
+  if (c < 0x80)
+    {
+      *puc = c;
+      return 1;
+    }
+  else
+    return u8_mbtouc_aux (puc, s, n);
+}
+# endif
+#endif
+
+#if GNULIB_UNISTR_U16_MBTOUC || HAVE_LIBUNISTRING
+# if !HAVE_INLINE
+extern int
+       u16_mbtouc (ucs4_t *puc, const uint16_t *s, size_t n);
+# else
+extern int
+       u16_mbtouc_aux (ucs4_t *puc, const uint16_t *s, size_t n);
+static inline int
+u16_mbtouc (ucs4_t *puc, const uint16_t *s, size_t n)
+{
+  uint16_t c = *s;
+
+  if (c < 0xd800 || c >= 0xe000)
+    {
+      *puc = c;
+      return 1;
+    }
+  else
+    return u16_mbtouc_aux (puc, s, n);
+}
+# endif
+#endif
+
+#if GNULIB_UNISTR_U32_MBTOUC || HAVE_LIBUNISTRING
+# if !HAVE_INLINE
+extern int
+       u32_mbtouc (ucs4_t *puc, const uint32_t *s, size_t n);
+# else
+static inline int
+u32_mbtouc (ucs4_t *puc, const uint32_t *s, size_t n _GL_UNUSED_PARAMETER)
+{
+  uint32_t c = *s;
+
+  if (c < 0xd800 || (c >= 0xe000 && c < 0x110000))
+    *puc = c;
+  else
+    /* invalid multibyte character */
+    *puc = 0xfffd;
+  return 1;
+}
+# endif
+#endif
+
+/* Return the length (number of units) of the first character in S, putting
+   its 'ucs4_t' representation in *PUC.  Upon failure, *PUC is set to 0xfffd,
+   and -1 is returned for an invalid sequence of units, -2 is returned for an
+   incomplete sequence of units.
+   The number of available units, N, must be > 0.  */
+/* Similar to u*_mbtouc(), except that the return value gives more details
+   about the failure, similar to mbrtowc().  */
+
+#if GNULIB_UNISTR_U8_MBTOUCR || HAVE_LIBUNISTRING
+extern int
+       u8_mbtoucr (ucs4_t *puc, const uint8_t *s, size_t n);
+#endif
+
+#if GNULIB_UNISTR_U16_MBTOUCR || HAVE_LIBUNISTRING
+extern int
+       u16_mbtoucr (ucs4_t *puc, const uint16_t *s, size_t n);
+#endif
+
+#if GNULIB_UNISTR_U32_MBTOUCR || HAVE_LIBUNISTRING
+extern int
+       u32_mbtoucr (ucs4_t *puc, const uint32_t *s, size_t n);
+#endif
+
+/* Put the multibyte character represented by UC in S, returning its
+   length.  Return -1 upon failure, -2 if the number of available units, N,
+   is too small.  The latter case cannot occur if N >= 6/2/1, respectively.  */
+/* Similar to wctomb(), except that s must not be NULL, and the argument n
+   must be specified.  */
+
+#if GNULIB_UNISTR_U8_UCTOMB || HAVE_LIBUNISTRING
+/* Auxiliary function, also used by u8_chr, u8_strchr, u8_strrchr.  */
+extern int
+       u8_uctomb_aux (uint8_t *s, ucs4_t uc, ptrdiff_t n);
+# if !HAVE_INLINE
+extern int
+       u8_uctomb (uint8_t *s, ucs4_t uc, ptrdiff_t n);
+# else
+static inline int
+u8_uctomb (uint8_t *s, ucs4_t uc, ptrdiff_t n)
+{
+  if (uc < 0x80 && n > 0)
+    {
+      s[0] = uc;
+      return 1;
+    }
+  else
+    return u8_uctomb_aux (s, uc, n);
+}
+# endif
+#endif
+
+#if GNULIB_UNISTR_U16_UCTOMB || HAVE_LIBUNISTRING
+/* Auxiliary function, also used by u16_chr, u16_strchr, u16_strrchr.  */
+extern int
+       u16_uctomb_aux (uint16_t *s, ucs4_t uc, ptrdiff_t n);
+# if !HAVE_INLINE
+extern int
+       u16_uctomb (uint16_t *s, ucs4_t uc, ptrdiff_t n);
+# else
+static inline int
+u16_uctomb (uint16_t *s, ucs4_t uc, ptrdiff_t n)
+{
+  if (uc < 0xd800 && n > 0)
+    {
+      s[0] = uc;
+      return 1;
+    }
+  else
+    return u16_uctomb_aux (s, uc, n);
+}
+# endif
+#endif
+
+#if GNULIB_UNISTR_U32_UCTOMB || HAVE_LIBUNISTRING
+# if !HAVE_INLINE
+extern int
+       u32_uctomb (uint32_t *s, ucs4_t uc, ptrdiff_t n);
+# else
+static inline int
+u32_uctomb (uint32_t *s, ucs4_t uc, ptrdiff_t n)
+{
+  if (uc < 0xd800 || (uc >= 0xe000 && uc < 0x110000))
+    {
+      if (n > 0)
+        {
+          *s = uc;
+          return 1;
+        }
+      else
+        return -2;
+    }
+  else
+    return -1;
+}
+# endif
+#endif
+
+/* Copy N units from SRC to DEST.  */
+/* Similar to memcpy().  */
+extern uint8_t *
+       u8_cpy (uint8_t *_UC_RESTRICT dest, const uint8_t *src, size_t n);
+extern uint16_t *
+       u16_cpy (uint16_t *_UC_RESTRICT dest, const uint16_t *src, size_t n);
+extern uint32_t *
+       u32_cpy (uint32_t *_UC_RESTRICT dest, const uint32_t *src, size_t n);
+
+/* Copy N units from SRC to DEST, guaranteeing correct behavior for
+   overlapping memory areas.  */
+/* Similar to memmove().  */
+extern uint8_t *
+       u8_move (uint8_t *dest, const uint8_t *src, size_t n);
+extern uint16_t *
+       u16_move (uint16_t *dest, const uint16_t *src, size_t n);
+extern uint32_t *
+       u32_move (uint32_t *dest, const uint32_t *src, size_t n);
+
+/* Set the first N characters of S to UC.  UC should be a character that
+   occupies only 1 unit.  */
+/* Similar to memset().  */
+extern uint8_t *
+       u8_set (uint8_t *s, ucs4_t uc, size_t n);
+extern uint16_t *
+       u16_set (uint16_t *s, ucs4_t uc, size_t n);
+extern uint32_t *
+       u32_set (uint32_t *s, ucs4_t uc, size_t n);
+
+/* Compare S1 and S2, each of length N.  */
+/* Similar to memcmp().  */
+extern int
+       u8_cmp (const uint8_t *s1, const uint8_t *s2, size_t n)
+       _UC_ATTRIBUTE_PURE;
+extern int
+       u16_cmp (const uint16_t *s1, const uint16_t *s2, size_t n)
+       _UC_ATTRIBUTE_PURE;
+extern int
+       u32_cmp (const uint32_t *s1, const uint32_t *s2, size_t n)
+       _UC_ATTRIBUTE_PURE;
+
+/* Compare S1 and S2.  */
+/* Similar to the gnulib function memcmp2().  */
+extern int
+       u8_cmp2 (const uint8_t *s1, size_t n1, const uint8_t *s2, size_t n2)
+       _UC_ATTRIBUTE_PURE;
+extern int
+       u16_cmp2 (const uint16_t *s1, size_t n1, const uint16_t *s2, size_t n2)
+       _UC_ATTRIBUTE_PURE;
+extern int
+       u32_cmp2 (const uint32_t *s1, size_t n1, const uint32_t *s2, size_t n2)
+       _UC_ATTRIBUTE_PURE;
+
+/* Search the string at S for UC.  */
+/* Similar to memchr().  */
+extern uint8_t *
+       u8_chr (const uint8_t *s, size_t n, ucs4_t uc)
+       _UC_ATTRIBUTE_PURE;
+extern uint16_t *
+       u16_chr (const uint16_t *s, size_t n, ucs4_t uc)
+       _UC_ATTRIBUTE_PURE;
+extern uint32_t *
+       u32_chr (const uint32_t *s, size_t n, ucs4_t uc)
+       _UC_ATTRIBUTE_PURE;
+
+/* Count the number of Unicode characters in the N units from S.  */
+/* Similar to mbsnlen().  */
+extern size_t
+       u8_mbsnlen (const uint8_t *s, size_t n)
+       _UC_ATTRIBUTE_PURE;
+extern size_t
+       u16_mbsnlen (const uint16_t *s, size_t n)
+       _UC_ATTRIBUTE_PURE;
+extern size_t
+       u32_mbsnlen (const uint32_t *s, size_t n)
+       _UC_ATTRIBUTE_PURE;
+
+/* Elementary string functions with memory allocation.  */
+
+/* Make a freshly allocated copy of S, of length N.  */
+extern uint8_t *
+       u8_cpy_alloc (const uint8_t *s, size_t n);
+extern uint16_t *
+       u16_cpy_alloc (const uint16_t *s, size_t n);
+extern uint32_t *
+       u32_cpy_alloc (const uint32_t *s, size_t n);
+
+/* Elementary string functions on NUL terminated strings.  */
+
+/* Return the length (number of units) of the first character in S.
+   Return 0 if it is the NUL character.  Return -1 upon failure.  */
+extern int
+       u8_strmblen (const uint8_t *s)
+       _UC_ATTRIBUTE_PURE;
+extern int
+       u16_strmblen (const uint16_t *s)
+       _UC_ATTRIBUTE_PURE;
+extern int
+       u32_strmblen (const uint32_t *s)
+       _UC_ATTRIBUTE_PURE;
+
+/* Return the length (number of units) of the first character in S, putting
+   its 'ucs4_t' representation in *PUC.  Return 0 if it is the NUL
+   character.  Return -1 upon failure.  */
+extern int
+       u8_strmbtouc (ucs4_t *puc, const uint8_t *s);
+extern int
+       u16_strmbtouc (ucs4_t *puc, const uint16_t *s);
+extern int
+       u32_strmbtouc (ucs4_t *puc, const uint32_t *s);
+
+/* Forward iteration step.  Advances the pointer past the next character,
+   or returns NULL if the end of the string has been reached.  Puts the
+   character's 'ucs4_t' representation in *PUC.  */
+extern const uint8_t *
+       u8_next (ucs4_t *puc, const uint8_t *s);
+extern const uint16_t *
+       u16_next (ucs4_t *puc, const uint16_t *s);
+extern const uint32_t *
+       u32_next (ucs4_t *puc, const uint32_t *s);
+
+/* Backward iteration step.  Advances the pointer to point to the previous
+   character, or returns NULL if the beginning of the string had been reached.
+   Puts the character's 'ucs4_t' representation in *PUC.  */
+extern const uint8_t *
+       u8_prev (ucs4_t *puc, const uint8_t *s, const uint8_t *start);
+extern const uint16_t *
+       u16_prev (ucs4_t *puc, const uint16_t *s, const uint16_t *start);
+extern const uint32_t *
+       u32_prev (ucs4_t *puc, const uint32_t *s, const uint32_t *start);
+
+/* Return the number of units in S.  */
+/* Similar to strlen(), wcslen().  */
+extern size_t
+       u8_strlen (const uint8_t *s)
+       _UC_ATTRIBUTE_PURE;
+extern size_t
+       u16_strlen (const uint16_t *s)
+       _UC_ATTRIBUTE_PURE;
+extern size_t
+       u32_strlen (const uint32_t *s)
+       _UC_ATTRIBUTE_PURE;
+
+/* Return the number of units in S, but at most MAXLEN.  */
+/* Similar to strnlen(), wcsnlen().  */
+extern size_t
+       u8_strnlen (const uint8_t *s, size_t maxlen)
+       _UC_ATTRIBUTE_PURE;
+extern size_t
+       u16_strnlen (const uint16_t *s, size_t maxlen)
+       _UC_ATTRIBUTE_PURE;
+extern size_t
+       u32_strnlen (const uint32_t *s, size_t maxlen)
+       _UC_ATTRIBUTE_PURE;
+
+/* Copy SRC to DEST.  */
+/* Similar to strcpy(), wcscpy().  */
+extern uint8_t *
+       u8_strcpy (uint8_t *_UC_RESTRICT dest, const uint8_t *src);
+extern uint16_t *
+       u16_strcpy (uint16_t *_UC_RESTRICT dest, const uint16_t *src);
+extern uint32_t *
+       u32_strcpy (uint32_t *_UC_RESTRICT dest, const uint32_t *src);
+
+/* Copy SRC to DEST, returning the address of the terminating NUL in DEST.  */
+/* Similar to stpcpy().  */
+extern uint8_t *
+       u8_stpcpy (uint8_t *_UC_RESTRICT dest, const uint8_t *src);
+extern uint16_t *
+       u16_stpcpy (uint16_t *_UC_RESTRICT dest, const uint16_t *src);
+extern uint32_t *
+       u32_stpcpy (uint32_t *_UC_RESTRICT dest, const uint32_t *src);
+
+/* Copy no more than N units of SRC to DEST.  */
+/* Similar to strncpy(), wcsncpy().  */
+extern uint8_t *
+       u8_strncpy (uint8_t *_UC_RESTRICT dest, const uint8_t *src, size_t n);
+extern uint16_t *
+       u16_strncpy (uint16_t *_UC_RESTRICT dest, const uint16_t *src, size_t n);
+extern uint32_t *
+       u32_strncpy (uint32_t *_UC_RESTRICT dest, const uint32_t *src, size_t n);
+
+/* Copy no more than N units of SRC to DEST.  Return a pointer past the last
+   non-NUL unit written into DEST.  */
+/* Similar to stpncpy().  */
+extern uint8_t *
+       u8_stpncpy (uint8_t *_UC_RESTRICT dest, const uint8_t *src, size_t n);
+extern uint16_t *
+       u16_stpncpy (uint16_t *_UC_RESTRICT dest, const uint16_t *src, size_t n);
+extern uint32_t *
+       u32_stpncpy (uint32_t *_UC_RESTRICT dest, const uint32_t *src, size_t n);
+
+/* Append SRC onto DEST.  */
+/* Similar to strcat(), wcscat().  */
+extern uint8_t *
+       u8_strcat (uint8_t *_UC_RESTRICT dest, const uint8_t *src);
+extern uint16_t *
+       u16_strcat (uint16_t *_UC_RESTRICT dest, const uint16_t *src);
+extern uint32_t *
+       u32_strcat (uint32_t *_UC_RESTRICT dest, const uint32_t *src);
+
+/* Append no more than N units of SRC onto DEST.  */
+/* Similar to strncat(), wcsncat().  */
+extern uint8_t *
+       u8_strncat (uint8_t *_UC_RESTRICT dest, const uint8_t *src, size_t n);
+extern uint16_t *
+       u16_strncat (uint16_t *_UC_RESTRICT dest, const uint16_t *src, size_t n);
+extern uint32_t *
+       u32_strncat (uint32_t *_UC_RESTRICT dest, const uint32_t *src, size_t n);
+
+/* Compare S1 and S2.  */
+/* Similar to strcmp(), wcscmp().  */
+#ifdef __sun
+/* Avoid a collision with the u8_strcmp() function in Solaris 11 libc.  */
+extern int
+       u8_strcmp_gnu (const uint8_t *s1, const uint8_t *s2)
+       _UC_ATTRIBUTE_PURE;
+# define u8_strcmp u8_strcmp_gnu
+#else
+extern int
+       u8_strcmp (const uint8_t *s1, const uint8_t *s2)
+       _UC_ATTRIBUTE_PURE;
+#endif
+extern int
+       u16_strcmp (const uint16_t *s1, const uint16_t *s2)
+       _UC_ATTRIBUTE_PURE;
+extern int
+       u32_strcmp (const uint32_t *s1, const uint32_t *s2)
+       _UC_ATTRIBUTE_PURE;
+
+/* Compare S1 and S2 using the collation rules of the current locale.
+   Return -1 if S1 < S2, 0 if S1 = S2, 1 if S1 > S2.
+   Upon failure, set errno and return any value.  */
+/* Similar to strcoll(), wcscoll().  */
+extern int
+       u8_strcoll (const uint8_t *s1, const uint8_t *s2);
+extern int
+       u16_strcoll (const uint16_t *s1, const uint16_t *s2);
+extern int
+       u32_strcoll (const uint32_t *s1, const uint32_t *s2);
+
+/* Compare no more than N units of S1 and S2.  */
+/* Similar to strncmp(), wcsncmp().  */
+extern int
+       u8_strncmp (const uint8_t *s1, const uint8_t *s2, size_t n)
+       _UC_ATTRIBUTE_PURE;
+extern int
+       u16_strncmp (const uint16_t *s1, const uint16_t *s2, size_t n)
+       _UC_ATTRIBUTE_PURE;
+extern int
+       u32_strncmp (const uint32_t *s1, const uint32_t *s2, size_t n)
+       _UC_ATTRIBUTE_PURE;
+
+/* Duplicate S, returning an identical malloc'd string.  */
+/* Similar to strdup(), wcsdup().  */
+extern uint8_t *
+       u8_strdup (const uint8_t *s);
+extern uint16_t *
+       u16_strdup (const uint16_t *s);
+extern uint32_t *
+       u32_strdup (const uint32_t *s);
+
+/* Find the first occurrence of UC in STR.  */
+/* Similar to strchr(), wcschr().  */
+extern uint8_t *
+       u8_strchr (const uint8_t *str, ucs4_t uc)
+       _UC_ATTRIBUTE_PURE;
+extern uint16_t *
+       u16_strchr (const uint16_t *str, ucs4_t uc)
+       _UC_ATTRIBUTE_PURE;
+extern uint32_t *
+       u32_strchr (const uint32_t *str, ucs4_t uc)
+       _UC_ATTRIBUTE_PURE;
+
+/* Find the last occurrence of UC in STR.  */
+/* Similar to strrchr(), wcsrchr().  */
+extern uint8_t *
+       u8_strrchr (const uint8_t *str, ucs4_t uc)
+       _UC_ATTRIBUTE_PURE;
+extern uint16_t *
+       u16_strrchr (const uint16_t *str, ucs4_t uc)
+       _UC_ATTRIBUTE_PURE;
+extern uint32_t *
+       u32_strrchr (const uint32_t *str, ucs4_t uc)
+       _UC_ATTRIBUTE_PURE;
+
+/* Return the length of the initial segment of STR which consists entirely
+   of Unicode characters not in REJECT.  */
+/* Similar to strcspn(), wcscspn().  */
+extern size_t
+       u8_strcspn (const uint8_t *str, const uint8_t *reject)
+       _UC_ATTRIBUTE_PURE;
+extern size_t
+       u16_strcspn (const uint16_t *str, const uint16_t *reject)
+       _UC_ATTRIBUTE_PURE;
+extern size_t
+       u32_strcspn (const uint32_t *str, const uint32_t *reject)
+       _UC_ATTRIBUTE_PURE;
+
+/* Return the length of the initial segment of STR which consists entirely
+   of Unicode characters in ACCEPT.  */
+/* Similar to strspn(), wcsspn().  */
+extern size_t
+       u8_strspn (const uint8_t *str, const uint8_t *accept)
+       _UC_ATTRIBUTE_PURE;
+extern size_t
+       u16_strspn (const uint16_t *str, const uint16_t *accept)
+       _UC_ATTRIBUTE_PURE;
+extern size_t
+       u32_strspn (const uint32_t *str, const uint32_t *accept)
+       _UC_ATTRIBUTE_PURE;
+
+/* Find the first occurrence in STR of any character in ACCEPT.  */
+/* Similar to strpbrk(), wcspbrk().  */
+extern uint8_t *
+       u8_strpbrk (const uint8_t *str, const uint8_t *accept)
+       _UC_ATTRIBUTE_PURE;
+extern uint16_t *
+       u16_strpbrk (const uint16_t *str, const uint16_t *accept)
+       _UC_ATTRIBUTE_PURE;
+extern uint32_t *
+       u32_strpbrk (const uint32_t *str, const uint32_t *accept)
+       _UC_ATTRIBUTE_PURE;
+
+/* Find the first occurrence of NEEDLE in HAYSTACK.  */
+/* Similar to strstr(), wcsstr().  */
+extern uint8_t *
+       u8_strstr (const uint8_t *haystack, const uint8_t *needle)
+       _UC_ATTRIBUTE_PURE;
+extern uint16_t *
+       u16_strstr (const uint16_t *haystack, const uint16_t *needle)
+       _UC_ATTRIBUTE_PURE;
+extern uint32_t *
+       u32_strstr (const uint32_t *haystack, const uint32_t *needle)
+       _UC_ATTRIBUTE_PURE;
+
+/* Test whether STR starts with PREFIX.  */
+extern bool
+       u8_startswith (const uint8_t *str, const uint8_t *prefix)
+       _UC_ATTRIBUTE_PURE;
+extern bool
+       u16_startswith (const uint16_t *str, const uint16_t *prefix)
+       _UC_ATTRIBUTE_PURE;
+extern bool
+       u32_startswith (const uint32_t *str, const uint32_t *prefix)
+       _UC_ATTRIBUTE_PURE;
+
+/* Test whether STR ends with SUFFIX.  */
+extern bool
+       u8_endswith (const uint8_t *str, const uint8_t *suffix)
+       _UC_ATTRIBUTE_PURE;
+extern bool
+       u16_endswith (const uint16_t *str, const uint16_t *suffix)
+       _UC_ATTRIBUTE_PURE;
+extern bool
+       u32_endswith (const uint32_t *str, const uint32_t *suffix)
+       _UC_ATTRIBUTE_PURE;
+
+/* Divide STR into tokens separated by characters in DELIM.
+   This interface is actually more similar to wcstok than to strtok.  */
+/* Similar to strtok_r(), wcstok().  */
+extern uint8_t *
+       u8_strtok (uint8_t *_UC_RESTRICT str, const uint8_t *delim,
+                  uint8_t **ptr);
+extern uint16_t *
+       u16_strtok (uint16_t *_UC_RESTRICT str, const uint16_t *delim,
+                   uint16_t **ptr);
+extern uint32_t *
+       u32_strtok (uint32_t *_UC_RESTRICT str, const uint32_t *delim,
+                   uint32_t **ptr);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _UNISTR_H */
diff --git a/lib/unistring/unistr/u-cpy.h b/lib/unistring/unistr/u-cpy.h
new file mode 100644
index 0000000..25c2ba5
--- /dev/null
+++ b/lib/unistring/unistr/u-cpy.h
@@ -0,0 +1,42 @@
+/* Copy piece of UTF-8/UTF-16/UTF-32 string.
+   Copyright (C) 1999, 2002, 2006, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <string.h>
+
+UNIT *
+FUNC (UNIT *dest, const UNIT *src, size_t n)
+{
+#if 0
+  UNIT *destptr = dest;
+
+  for (; n > 0; n--)
+    *destptr++ = *src++;
+#else
+  if (n > 0)
+    memcpy ((char *) dest, (const char *) src, n * sizeof (UNIT));
+#endif
+  return dest;
+}
diff --git a/lib/unistring/unistr/u16-cpy.c b/lib/unistring/unistr/u16-cpy.c
new file mode 100644
index 0000000..ba3e44c
--- /dev/null
+++ b/lib/unistring/unistr/u16-cpy.c
@@ -0,0 +1,34 @@
+/* Copy piece of UTF-16 string.
+   Copyright (C) 1999, 2002, 2006, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unistr.h"
+
+#define FUNC u16_cpy
+#define UNIT uint16_t
+#include "u-cpy.h"
diff --git a/lib/unistring/unistr/u16-mbtouc-unsafe-aux.c b/lib/unistring/unistr/u16-mbtouc-unsafe-aux.c
new file mode 100644
index 0000000..3b415a2
--- /dev/null
+++ b/lib/unistring/unistr/u16-mbtouc-unsafe-aux.c
@@ -0,0 +1,60 @@
+/* Conversion UTF-16 to UCS-4.
+   Copyright (C) 2001-2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2001.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unistr.h"
+
+#if defined IN_LIBUNISTRING || HAVE_INLINE
+
+int
+u16_mbtouc_unsafe_aux (ucs4_t *puc, const uint16_t *s, size_t n)
+{
+  uint16_t c = *s;
+
+  if (c < 0xdc00)
+    {
+      if (n >= 2)
+        {
+          if (s[1] >= 0xdc00 && s[1] < 0xe000)
+            {
+              *puc = 0x10000 + ((c - 0xd800) << 10) + (s[1] - 0xdc00);
+              return 2;
+            }
+          /* invalid multibyte character */
+        }
+      else
+        {
+          /* incomplete multibyte character */
+        }
+    }
+  /* invalid multibyte character */
+  *puc = 0xfffd;
+  return 1;
+}
+
+#endif
diff --git a/lib/unistring/unistr/u16-mbtouc-unsafe.c b/lib/unistring/unistr/u16-mbtouc-unsafe.c
new file mode 100644
index 0000000..74d83ab
--- /dev/null
+++ b/lib/unistring/unistr/u16-mbtouc-unsafe.c
@@ -0,0 +1,71 @@
+/* Look at first character in UTF-16 string.
+   Copyright (C) 1999-2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2001.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+#if defined IN_LIBUNISTRING
+/* Tell unistr.h to declare u16_mbtouc_unsafe as 'extern', not
+   'static inline'.  */
+# include "unistring-notinline.h"
+#endif
+
+/* Specification.  */
+#include "unistr.h"
+
+#if !HAVE_INLINE
+
+int
+u16_mbtouc_unsafe (ucs4_t *puc, const uint16_t *s, size_t n)
+{
+  uint16_t c = *s;
+
+  if (c < 0xd800 || c >= 0xe000)
+    {
+      *puc = c;
+      return 1;
+    }
+  if (c < 0xdc00)
+    {
+      if (n >= 2)
+        {
+          if (s[1] >= 0xdc00 && s[1] < 0xe000)
+            {
+              *puc = 0x10000 + ((c - 0xd800) << 10) + (s[1] - 0xdc00);
+              return 2;
+            }
+          /* invalid multibyte character */
+        }
+      else
+        {
+          /* incomplete multibyte character */
+        }
+    }
+  /* invalid multibyte character */
+  *puc = 0xfffd;
+  return 1;
+}
+
+#endif
diff --git a/lib/unistring/unistr/u16-mbtoucr.c b/lib/unistring/unistr/u16-mbtoucr.c
new file mode 100644
index 0000000..04f96ac
--- /dev/null
+++ b/lib/unistring/unistr/u16-mbtoucr.c
@@ -0,0 +1,63 @@
+/* Look at first character in UTF-16 string, returning an error code.
+   Copyright (C) 1999-2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2001.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unistr.h"
+
+int
+u16_mbtoucr (ucs4_t *puc, const uint16_t *s, size_t n)
+{
+  uint16_t c = *s;
+
+  if (c < 0xd800 || c >= 0xe000)
+    {
+      *puc = c;
+      return 1;
+    }
+  if (c < 0xdc00)
+    {
+      if (n >= 2)
+        {
+          if (s[1] >= 0xdc00 && s[1] < 0xe000)
+            {
+              *puc = 0x10000 + ((c - 0xd800) << 10) + (s[1] - 0xdc00);
+              return 2;
+            }
+          /* invalid multibyte character */
+        }
+      else
+        {
+          /* incomplete multibyte character */
+          *puc = 0xfffd;
+          return -2;
+        }
+    }
+  /* invalid multibyte character */
+  *puc = 0xfffd;
+  return -1;
+}
diff --git a/lib/unistring/unistr/u16-to-u8.c b/lib/unistring/unistr/u16-to-u8.c
new file mode 100644
index 0000000..e6268f5
--- /dev/null
+++ b/lib/unistring/unistr/u16-to-u8.c
@@ -0,0 +1,145 @@
+/* Convert UTF-16 string to UTF-8 string.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unistr.h"
+
+#define FUNC u16_to_u8
+#define SRC_UNIT uint16_t
+#define DST_UNIT uint8_t
+
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+
+DST_UNIT *
+FUNC (const SRC_UNIT *s, size_t n, DST_UNIT *resultbuf, size_t *lengthp)
+{
+  const SRC_UNIT *s_end = s + n;
+  /* Output string accumulator.  */
+  DST_UNIT *result;
+  size_t allocated;
+  size_t length;
+
+  if (resultbuf != NULL)
+    {
+      result = resultbuf;
+      allocated = *lengthp;
+    }
+  else
+    {
+      result = NULL;
+      allocated = 0;
+    }
+  length = 0;
+  /* Invariants:
+     result is either == resultbuf or == NULL or malloc-allocated.
+     If length > 0, then result != NULL.  */
+
+  while (s < s_end)
+    {
+      ucs4_t uc;
+      int count;
+
+      /* Fetch a Unicode character from the input string.  */
+      count = u16_mbtoucr (&uc, s, s_end - s);
+      if (count < 0)
+        {
+          if (!(result == resultbuf || result == NULL))
+            free (result);
+          errno = EILSEQ;
+          return NULL;
+        }
+      s += count;
+
+      /* Store it in the output string.  */
+      count = u8_uctomb (result + length, uc, allocated - length);
+      if (count == -1)
+        {
+          if (!(result == resultbuf || result == NULL))
+            free (result);
+          errno = EILSEQ;
+          return NULL;
+        }
+      if (count == -2)
+        {
+          DST_UNIT *memory;
+
+          allocated = (allocated > 0 ? 2 * allocated : 12);
+          if (length + 6 > allocated)
+            allocated = length + 6;
+          if (result == resultbuf || result == NULL)
+            memory = (DST_UNIT *) malloc (allocated * sizeof (DST_UNIT));
+          else
+            memory =
+              (DST_UNIT *) realloc (result, allocated * sizeof (DST_UNIT));
+
+          if (memory == NULL)
+            {
+              if (!(result == resultbuf || result == NULL))
+                free (result);
+              errno = ENOMEM;
+              return NULL;
+            }
+          if (result == resultbuf && length > 0)
+            memcpy ((char *) memory, (char *) result,
+                    length * sizeof (DST_UNIT));
+          result = memory;
+          count = u8_uctomb (result + length, uc, allocated - length);
+          if (count < 0)
+            abort ();
+        }
+      length += count;
+    }
+
+  if (length == 0)
+    {
+      if (result == NULL)
+        {
+          /* Return a non-NULL value.  NULL means error.  */
+          result = (DST_UNIT *) malloc (1);
+          if (result == NULL)
+            {
+              errno = ENOMEM;
+              return NULL;
+            }
+        }
+    }
+  else if (result != resultbuf && length < allocated)
+    {
+      /* Shrink the allocated memory if possible.  */
+      DST_UNIT *memory;
+
+      memory = (DST_UNIT *) realloc (result, length * sizeof (DST_UNIT));
+      if (memory != NULL)
+        result = memory;
+    }
+
+  *lengthp = length;
+  return result;
+}
diff --git a/lib/unistring/unistr/u16-uctomb-aux.c b/lib/unistring/unistr/u16-uctomb-aux.c
new file mode 100644
index 0000000..5294030
--- /dev/null
+++ b/lib/unistring/unistr/u16-uctomb-aux.c
@@ -0,0 +1,67 @@
+/* Conversion UCS-4 to UTF-16.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unistr.h"
+
+int
+u16_uctomb_aux (uint16_t *s, ucs4_t uc, ptrdiff_t n)
+{
+  if (uc < 0xd800)
+    {
+      /* The case n >= 1 is already handled by the caller.  */
+    }
+  else if (uc < 0x10000)
+    {
+      if (uc >= 0xe000)
+        {
+          if (n >= 1)
+            {
+              s[0] = uc;
+              return 1;
+            }
+        }
+      else
+        return -1;
+    }
+  else
+    {
+      if (uc < 0x110000)
+        {
+          if (n >= 2)
+            {
+              s[0] = 0xd800 + ((uc - 0x10000) >> 10);
+              s[1] = 0xdc00 + ((uc - 0x10000) & 0x3ff);
+              return 2;
+            }
+        }
+      else
+        return -1;
+    }
+  return -2;
+}
diff --git a/lib/unistring/unistr/u16-uctomb.c b/lib/unistring/unistr/u16-uctomb.c
new file mode 100644
index 0000000..2a009d0
--- /dev/null
+++ b/lib/unistring/unistr/u16-uctomb.c
@@ -0,0 +1,81 @@
+/* Store a character in UTF-16 string.
+   Copyright (C) 2002, 2005-2006, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+#if defined IN_LIBUNISTRING
+/* Tell unistr.h to declare u16_uctomb as 'extern', not 'static inline'.  */
+# include "unistring-notinline.h"
+#endif
+
+/* Specification.  */
+#include "unistr.h"
+
+#if !HAVE_INLINE
+
+int
+u16_uctomb (uint16_t *s, ucs4_t uc, ptrdiff_t n)
+{
+  if (uc < 0xd800)
+    {
+      if (n > 0)
+        {
+          s[0] = uc;
+          return 1;
+        }
+      /* else return -2, below.  */
+    }
+  else if (uc < 0x10000)
+    {
+      if (uc >= 0xe000)
+        {
+          if (n >= 1)
+            {
+              s[0] = uc;
+              return 1;
+            }
+        }
+      else
+        return -1;
+    }
+  else
+    {
+      if (uc < 0x110000)
+        {
+          if (n >= 2)
+            {
+              s[0] = 0xd800 + ((uc - 0x10000) >> 10);
+              s[1] = 0xdc00 + ((uc - 0x10000) & 0x3ff);
+              return 2;
+            }
+        }
+      else
+        return -1;
+    }
+  return -2;
+}
+
+#endif
diff --git a/lib/unistring/unistr/u32-cpy.c b/lib/unistring/unistr/u32-cpy.c
new file mode 100644
index 0000000..2ad503c
--- /dev/null
+++ b/lib/unistring/unistr/u32-cpy.c
@@ -0,0 +1,34 @@
+/* Copy piece of UTF-32 string.
+   Copyright (C) 1999, 2002, 2006, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unistr.h"
+
+#define FUNC u32_cpy
+#define UNIT uint32_t
+#include "u-cpy.h"
diff --git a/lib/unistring/unistr/u32-mbtouc-unsafe.c b/lib/unistring/unistr/u32-mbtouc-unsafe.c
new file mode 100644
index 0000000..23d1512
--- /dev/null
+++ b/lib/unistring/unistr/u32-mbtouc-unsafe.c
@@ -0,0 +1,53 @@
+/* Look at first character in UTF-32 string.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+#if defined IN_LIBUNISTRING
+/* Tell unistr.h to declare u32_mbtouc_unsafe as 'extern', not
+   'static inline'.  */
+# include "unistring-notinline.h"
+#endif
+
+/* Specification.  */
+#include "unistr.h"
+
+#if !HAVE_INLINE
+
+int
+u32_mbtouc_unsafe (ucs4_t *puc, const uint32_t *s, size_t n)
+{
+  uint32_t c = *s;
+
+  if (c < 0xd800 || (c >= 0xe000 && c < 0x110000))
+    *puc = c;
+  else
+    /* invalid multibyte character */
+    *puc = 0xfffd;
+  return 1;
+}
+
+#endif
diff --git a/lib/unistring/unistr/u32-to-u8.c b/lib/unistring/unistr/u32-to-u8.c
new file mode 100644
index 0000000..064edcf
--- /dev/null
+++ b/lib/unistring/unistr/u32-to-u8.c
@@ -0,0 +1,139 @@
+/* Convert UTF-32 string to UTF-8 string.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unistr.h"
+
+#define FUNC u32_to_u8
+#define SRC_UNIT uint32_t
+#define DST_UNIT uint8_t
+
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+
+DST_UNIT *
+FUNC (const SRC_UNIT *s, size_t n, DST_UNIT *resultbuf, size_t *lengthp)
+{
+  const SRC_UNIT *s_end = s + n;
+  /* Output string accumulator.  */
+  DST_UNIT *result;
+  size_t allocated;
+  size_t length;
+
+  if (resultbuf != NULL)
+    {
+      result = resultbuf;
+      allocated = *lengthp;
+    }
+  else
+    {
+      result = NULL;
+      allocated = 0;
+    }
+  length = 0;
+  /* Invariants:
+     result is either == resultbuf or == NULL or malloc-allocated.
+     If length > 0, then result != NULL.  */
+
+  while (s < s_end)
+    {
+      ucs4_t uc;
+      int count;
+
+      /* Fetch a Unicode character from the input string.  */
+      uc = *s++;
+      /* No need to call the safe variant u32_mbtouc, because
+         u8_uctomb will verify uc anyway.  */
+
+      /* Store it in the output string.  */
+      count = u8_uctomb (result + length, uc, allocated - length);
+      if (count == -1)
+        {
+          if (!(result == resultbuf || result == NULL))
+            free (result);
+          errno = EILSEQ;
+          return NULL;
+        }
+      if (count == -2)
+        {
+          DST_UNIT *memory;
+
+          allocated = (allocated > 0 ? 2 * allocated : 12);
+          if (length + 6 > allocated)
+            allocated = length + 6;
+          if (result == resultbuf || result == NULL)
+            memory = (DST_UNIT *) malloc (allocated * sizeof (DST_UNIT));
+          else
+            memory =
+              (DST_UNIT *) realloc (result, allocated * sizeof (DST_UNIT));
+
+          if (memory == NULL)
+            {
+              if (!(result == resultbuf || result == NULL))
+                free (result);
+              errno = ENOMEM;
+              return NULL;
+            }
+          if (result == resultbuf && length > 0)
+            memcpy ((char *) memory, (char *) result,
+                    length * sizeof (DST_UNIT));
+          result = memory;
+          count = u8_uctomb (result + length, uc, allocated - length);
+          if (count < 0)
+            abort ();
+        }
+      length += count;
+    }
+
+  if (length == 0)
+    {
+      if (result == NULL)
+        {
+          /* Return a non-NULL value.  NULL means error.  */
+          result = (DST_UNIT *) malloc (1);
+          if (result == NULL)
+            {
+              errno = ENOMEM;
+              return NULL;
+            }
+        }
+    }
+  else if (result != resultbuf && length < allocated)
+    {
+      /* Shrink the allocated memory if possible.  */
+      DST_UNIT *memory;
+
+      memory = (DST_UNIT *) realloc (result, length * sizeof (DST_UNIT));
+      if (memory != NULL)
+        result = memory;
+    }
+
+  *lengthp = length;
+  return result;
+}
diff --git a/lib/unistring/unistr/u32-uctomb.c b/lib/unistring/unistr/u32-uctomb.c
new file mode 100644
index 0000000..2a64a93
--- /dev/null
+++ b/lib/unistring/unistr/u32-uctomb.c
@@ -0,0 +1,56 @@
+/* Store a character in UTF-32 string.
+   Copyright (C) 2002, 2005-2006, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+#if defined IN_LIBUNISTRING
+/* Tell unistr.h to declare u32_uctomb as 'extern', not 'static inline'.  */
+# include "unistring-notinline.h"
+#endif
+
+/* Specification.  */
+#include "unistr.h"
+
+#if !HAVE_INLINE
+
+int
+u32_uctomb (uint32_t *s, ucs4_t uc, ptrdiff_t n)
+{
+  if (uc < 0xd800 || (uc >= 0xe000 && uc < 0x110000))
+    {
+      if (n > 0)
+        {
+          *s = uc;
+          return 1;
+        }
+      else
+        return -2;
+    }
+  else
+    return -1;
+}
+
+#endif
diff --git a/lib/unistring/unistr/u8-check.c b/lib/unistring/unistr/u8-check.c
new file mode 100644
index 0000000..c1d69ee
--- /dev/null
+++ b/lib/unistring/unistr/u8-check.c
@@ -0,0 +1,86 @@
+/* Check UTF-8 string.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unistr.h"
+
+const uint8_t *
+u8_check (const uint8_t *s, size_t n)
+{
+  const uint8_t *s_end = s + n;
+
+  while (s < s_end)
+    {
+      /* Keep in sync with unistr.h and u8-mbtouc-aux.c.  */
+      uint8_t c = *s;
+
+      if (c < 0x80)
+        {
+          s++;
+          continue;
+        }
+      if (c >= 0xc2)
+        {
+          if (c < 0xe0)
+            {
+              if (s + 2 <= s_end
+                  && (s[1] ^ 0x80) < 0x40)
+                {
+                  s += 2;
+                  continue;
+                }
+            }
+          else if (c < 0xf0)
+            {
+              if (s + 3 <= s_end
+                  && (s[1] ^ 0x80) < 0x40 && (s[2] ^ 0x80) < 0x40
+                  && (c >= 0xe1 || s[1] >= 0xa0)
+                  && (c != 0xed || s[1] < 0xa0))
+                {
+                  s += 3;
+                  continue;
+                }
+            }
+          else if (c < 0xf8)
+            {
+              if (s + 4 <= s_end
+                  && (s[1] ^ 0x80) < 0x40 && (s[2] ^ 0x80) < 0x40
+                  && (s[3] ^ 0x80) < 0x40
+                  && (c >= 0xf1 || s[1] >= 0x90)
+                  && (c < 0xf4 || (c == 0xf4 && s[1] < 0x90)))
+                {
+                  s += 4;
+                  continue;
+                }
+            }
+        }
+      /* invalid or incomplete multibyte character */
+      return s;
+    }
+  return NULL;
+}
diff --git a/lib/unistring/unistr/u8-cpy.c b/lib/unistring/unistr/u8-cpy.c
new file mode 100644
index 0000000..ec77c4c
--- /dev/null
+++ b/lib/unistring/unistr/u8-cpy.c
@@ -0,0 +1,34 @@
+/* Copy piece of UTF-8 string.
+   Copyright (C) 2002, 2006, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unistr.h"
+
+#define FUNC u8_cpy
+#define UNIT uint8_t
+#include "u-cpy.h"
diff --git a/lib/unistring/unistr/u8-mbtouc-unsafe-aux.c b/lib/unistring/unistr/u8-mbtouc-unsafe-aux.c
new file mode 100644
index 0000000..b24dfcc
--- /dev/null
+++ b/lib/unistring/unistr/u8-mbtouc-unsafe-aux.c
@@ -0,0 +1,148 @@
+/* Conversion UTF-8 to UCS-4.
+   Copyright (C) 2001-2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2001.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unistr.h"
+
+#if defined IN_LIBUNISTRING || HAVE_INLINE
+
+int
+u8_mbtouc_unsafe_aux (ucs4_t *puc, const uint8_t *s, size_t n)
+{
+  uint8_t c = *s;
+
+  if (c >= 0xc2)
+    {
+      if (c < 0xe0)
+        {
+          if (n >= 2)
+            {
+              if ((s[1] ^ 0x80) < 0x40)
+                {
+                  *puc = ((unsigned int) (c & 0x1f) << 6)
+                         | (unsigned int) (s[1] ^ 0x80);
+                  return 2;
+                }
+              /* invalid multibyte character */
+            }
+          else
+            {
+              /* incomplete multibyte character */
+              *puc = 0xfffd;
+              return 1;
+            }
+        }
+      else if (c < 0xf0)
+        {
+          if (n >= 3)
+            {
+              if ((s[1] ^ 0x80) < 0x40)
+                {
+                  if ((s[2] ^ 0x80) < 0x40)
+                    {
+                      if ((c >= 0xe1 || s[1] >= 0xa0)
+                          && (c != 0xed || s[1] < 0xa0))
+                        {
+                          *puc = ((unsigned int) (c & 0x0f) << 12)
+                                 | ((unsigned int) (s[1] ^ 0x80) << 6)
+                                 | (unsigned int) (s[2] ^ 0x80);
+                          return 3;
+                        }
+                      /* invalid multibyte character */
+                      *puc = 0xfffd;
+                      return 3;
+                    }
+                  /* invalid multibyte character */
+                  *puc = 0xfffd;
+                  return 2;
+                }
+              /* invalid multibyte character */
+            }
+          else
+            {
+              /* incomplete multibyte character */
+              *puc = 0xfffd;
+              if (n == 1 || (s[1] ^ 0x80) >= 0x40)
+                return 1;
+              else
+                return 2;
+            }
+        }
+      else if (c < 0xf8)
+        {
+          if (n >= 4)
+            {
+              if ((s[1] ^ 0x80) < 0x40)
+                {
+                  if ((s[2] ^ 0x80) < 0x40)
+                    {
+                      if ((s[3] ^ 0x80) < 0x40)
+                        {
+                          if ((c >= 0xf1 || s[1] >= 0x90)
+                              && (c < 0xf4 || (c == 0xf4 && s[1] < 0x90))
+                             )
+                            {
+                              *puc = ((unsigned int) (c & 0x07) << 18)
+                                     | ((unsigned int) (s[1] ^ 0x80) << 12)
+                                     | ((unsigned int) (s[2] ^ 0x80) << 6)
+                                     | (unsigned int) (s[3] ^ 0x80);
+                              return 4;
+                            }
+                          /* invalid multibyte character */
+                          *puc = 0xfffd;
+                          return 4;
+                        }
+                      /* invalid multibyte character */
+                      *puc = 0xfffd;
+                      return 3;
+                    }
+                  /* invalid multibyte character */
+                  *puc = 0xfffd;
+                  return 2;
+                }
+              /* invalid multibyte character */
+            }
+          else
+            {
+              /* incomplete multibyte character */
+              *puc = 0xfffd;
+              if (n == 1 || (s[1] ^ 0x80) >= 0x40)
+                return 1;
+              else if (n == 2 || (s[2] ^ 0x80) >= 0x40)
+                return 2;
+              else
+                return 3;
+            }
+        }
+    }
+  /* invalid multibyte character */
+  *puc = 0xfffd;
+  return 1;
+}
+
+#endif
diff --git a/lib/unistring/unistr/u8-mbtouc-unsafe.c b/lib/unistring/unistr/u8-mbtouc-unsafe.c
new file mode 100644
index 0000000..b98a0b9
--- /dev/null
+++ b/lib/unistring/unistr/u8-mbtouc-unsafe.c
@@ -0,0 +1,159 @@
+/* Look at first character in UTF-8 string.
+   Copyright (C) 1999-2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2001.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+#if defined IN_LIBUNISTRING
+/* Tell unistr.h to declare u8_mbtouc_unsafe as 'extern', not
+   'static inline'.  */
+# include "unistring-notinline.h"
+#endif
+
+/* Specification.  */
+#include "unistr.h"
+
+#if !HAVE_INLINE
+
+int
+u8_mbtouc_unsafe (ucs4_t *puc, const uint8_t *s, size_t n)
+{
+  uint8_t c = *s;
+
+  if (c < 0x80)
+    {
+      *puc = c;
+      return 1;
+    }
+  else if (c >= 0xc2)
+    {
+      if (c < 0xe0)
+        {
+          if (n >= 2)
+            {
+              if ((s[1] ^ 0x80) < 0x40)
+                {
+                  *puc = ((unsigned int) (c & 0x1f) << 6)
+                         | (unsigned int) (s[1] ^ 0x80);
+                  return 2;
+                }
+              /* invalid multibyte character */
+            }
+          else
+            {
+              /* incomplete multibyte character */
+              *puc = 0xfffd;
+              return 1;
+            }
+        }
+      else if (c < 0xf0)
+        {
+          if (n >= 3)
+            {
+              if ((s[1] ^ 0x80) < 0x40)
+                {
+                  if ((s[2] ^ 0x80) < 0x40)
+                    {
+                      if ((c >= 0xe1 || s[1] >= 0xa0)
+                          && (c != 0xed || s[1] < 0xa0))
+                        {
+                          *puc = ((unsigned int) (c & 0x0f) << 12)
+                                 | ((unsigned int) (s[1] ^ 0x80) << 6)
+                                 | (unsigned int) (s[2] ^ 0x80);
+                          return 3;
+                        }
+                      /* invalid multibyte character */
+                      *puc = 0xfffd;
+                      return 3;
+                    }
+                  /* invalid multibyte character */
+                  *puc = 0xfffd;
+                  return 2;
+                }
+              /* invalid multibyte character */
+            }
+          else
+            {
+              /* incomplete multibyte character */
+              *puc = 0xfffd;
+              if (n == 1 || (s[1] ^ 0x80) >= 0x40)
+                return 1;
+              else
+                return 2;
+            }
+        }
+      else if (c < 0xf8)
+        {
+          if (n >= 4)
+            {
+              if ((s[1] ^ 0x80) < 0x40)
+                {
+                  if ((s[2] ^ 0x80) < 0x40)
+                    {
+                      if ((s[3] ^ 0x80) < 0x40)
+                        {
+                          if ((c >= 0xf1 || s[1] >= 0x90)
+                              && (c < 0xf4 || (c == 0xf4 && s[1] < 0x90))
+                             )
+                            {
+                              *puc = ((unsigned int) (c & 0x07) << 18)
+                                     | ((unsigned int) (s[1] ^ 0x80) << 12)
+                                     | ((unsigned int) (s[2] ^ 0x80) << 6)
+                                     | (unsigned int) (s[3] ^ 0x80);
+                              return 4;
+                            }
+                          /* invalid multibyte character */
+                          *puc = 0xfffd;
+                          return 4;
+                        }
+                      /* invalid multibyte character */
+                      *puc = 0xfffd;
+                      return 3;
+                    }
+                  /* invalid multibyte character */
+                  *puc = 0xfffd;
+                  return 2;
+                }
+              /* invalid multibyte character */
+            }
+          else
+            {
+              /* incomplete multibyte character */
+              *puc = 0xfffd;
+              if (n == 1 || (s[1] ^ 0x80) >= 0x40)
+                return 1;
+              else if (n == 2 || (s[2] ^ 0x80) >= 0x40)
+                return 2;
+              else
+                return 3;
+            }
+        }
+    }
+  /* invalid multibyte character */
+  *puc = 0xfffd;
+  return 1;
+}
+
+#endif
diff --git a/lib/unistring/unistr/u8-mbtoucr.c b/lib/unistring/unistr/u8-mbtoucr.c
new file mode 100644
index 0000000..47d63d4
--- /dev/null
+++ b/lib/unistring/unistr/u8-mbtoucr.c
@@ -0,0 +1,151 @@
+/* Look at first character in UTF-8 string, returning an error code.
+   Copyright (C) 1999-2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2001.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unistr.h"
+
+int
+u8_mbtoucr (ucs4_t *puc, const uint8_t *s, size_t n)
+{
+  uint8_t c = *s;
+
+  if (c < 0x80)
+    {
+      *puc = c;
+      return 1;
+    }
+  else if (c >= 0xc2)
+    {
+      if (c < 0xe0)
+        {
+          if (n >= 2)
+            {
+              if ((s[1] ^ 0x80) < 0x40)
+                {
+                  *puc = ((unsigned int) (c & 0x1f) << 6)
+                         | (unsigned int) (s[1] ^ 0x80);
+                  return 2;
+                }
+              /* invalid multibyte character */
+            }
+          else
+            {
+              /* incomplete multibyte character */
+              *puc = 0xfffd;
+              return -2;
+            }
+        }
+      else if (c < 0xf0)
+        {
+          if (n >= 2)
+            {
+              if ((s[1] ^ 0x80) < 0x40
+                  && (c >= 0xe1 || s[1] >= 0xa0)
+                  && (c != 0xed || s[1] < 0xa0))
+                {
+                  if (n >= 3)
+                    {
+                      if ((s[2] ^ 0x80) < 0x40)
+                        {
+                          *puc = ((unsigned int) (c & 0x0f) << 12)
+                                 | ((unsigned int) (s[1] ^ 0x80) << 6)
+                                 | (unsigned int) (s[2] ^ 0x80);
+                          return 3;
+                        }
+                      /* invalid multibyte character */
+                    }
+                  else
+                    {
+                      /* incomplete multibyte character */
+                      *puc = 0xfffd;
+                      return -2;
+                    }
+                }
+              /* invalid multibyte character */
+            }
+          else
+            {
+              /* incomplete multibyte character */
+              *puc = 0xfffd;
+              return -2;
+            }
+        }
+      else if (c < 0xf8)
+        {
+          if (n >= 2)
+            {
+              if ((s[1] ^ 0x80) < 0x40
+                  && (c >= 0xf1 || s[1] >= 0x90)
+                  && (c < 0xf4 || (c == 0xf4 && s[1] < 0x90)))
+                {
+                  if (n >= 3)
+                    {
+                      if ((s[2] ^ 0x80) < 0x40)
+                        {
+                          if (n >= 4)
+                            {
+                              if ((s[3] ^ 0x80) < 0x40)
+                                {
+                                  *puc = ((unsigned int) (c & 0x07) << 18)
+                                         | ((unsigned int) (s[1] ^ 0x80) << 12)
+                                         | ((unsigned int) (s[2] ^ 0x80) << 6)
+                                         | (unsigned int) (s[3] ^ 0x80);
+                                  return 4;
+                                }
+                              /* invalid multibyte character */
+                            }
+                          else
+                            {
+                              /* incomplete multibyte character */
+                              *puc = 0xfffd;
+                              return -2;
+                            }
+                        }
+                      /* invalid multibyte character */
+                    }
+                  else
+                    {
+                      /* incomplete multibyte character */
+                      *puc = 0xfffd;
+                      return -2;
+                    }
+                }
+              /* invalid multibyte character */
+            }
+          else
+            {
+              /* incomplete multibyte character */
+              *puc = 0xfffd;
+              return -2;
+            }
+        }
+    }
+  /* invalid multibyte character */
+  *puc = 0xfffd;
+  return -1;
+}
diff --git a/lib/unistring/unistr/u8-to-u16.c b/lib/unistring/unistr/u8-to-u16.c
new file mode 100644
index 0000000..ef728ff
--- /dev/null
+++ b/lib/unistring/unistr/u8-to-u16.c
@@ -0,0 +1,145 @@
+/* Convert UTF-8 string to UTF-16 string.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unistr.h"
+
+#define FUNC u8_to_u16
+#define SRC_UNIT uint8_t
+#define DST_UNIT uint16_t
+
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+
+DST_UNIT *
+FUNC (const SRC_UNIT *s, size_t n, DST_UNIT *resultbuf, size_t *lengthp)
+{
+  const SRC_UNIT *s_end = s + n;
+  /* Output string accumulator.  */
+  DST_UNIT *result;
+  size_t allocated;
+  size_t length;
+
+  if (resultbuf != NULL)
+    {
+      result = resultbuf;
+      allocated = *lengthp;
+    }
+  else
+    {
+      result = NULL;
+      allocated = 0;
+    }
+  length = 0;
+  /* Invariants:
+     result is either == resultbuf or == NULL or malloc-allocated.
+     If length > 0, then result != NULL.  */
+
+  while (s < s_end)
+    {
+      ucs4_t uc;
+      int count;
+
+      /* Fetch a Unicode character from the input string.  */
+      count = u8_mbtoucr (&uc, s, s_end - s);
+      if (count < 0)
+        {
+          if (!(result == resultbuf || result == NULL))
+            free (result);
+          errno = EILSEQ;
+          return NULL;
+        }
+      s += count;
+
+      /* Store it in the output string.  */
+      count = u16_uctomb (result + length, uc, allocated - length);
+      if (count == -1)
+        {
+          if (!(result == resultbuf || result == NULL))
+            free (result);
+          errno = EILSEQ;
+          return NULL;
+        }
+      if (count == -2)
+        {
+          DST_UNIT *memory;
+
+          allocated = (allocated > 0 ? 2 * allocated : 12);
+          if (length + 2 > allocated)
+            allocated = length + 2;
+          if (result == resultbuf || result == NULL)
+            memory = (DST_UNIT *) malloc (allocated * sizeof (DST_UNIT));
+          else
+            memory =
+              (DST_UNIT *) realloc (result, allocated * sizeof (DST_UNIT));
+
+          if (memory == NULL)
+            {
+              if (!(result == resultbuf || result == NULL))
+                free (result);
+              errno = ENOMEM;
+              return NULL;
+            }
+          if (result == resultbuf && length > 0)
+            memcpy ((char *) memory, (char *) result,
+                    length * sizeof (DST_UNIT));
+          result = memory;
+          count = u16_uctomb (result + length, uc, allocated - length);
+          if (count < 0)
+            abort ();
+        }
+      length += count;
+    }
+
+  if (length == 0)
+    {
+      if (result == NULL)
+        {
+          /* Return a non-NULL value.  NULL means error.  */
+          result = (DST_UNIT *) malloc (1);
+          if (result == NULL)
+            {
+              errno = ENOMEM;
+              return NULL;
+            }
+        }
+    }
+  else if (result != resultbuf && length < allocated)
+    {
+      /* Shrink the allocated memory if possible.  */
+      DST_UNIT *memory;
+
+      memory = (DST_UNIT *) realloc (result, length * sizeof (DST_UNIT));
+      if (memory != NULL)
+        result = memory;
+    }
+
+  *lengthp = length;
+  return result;
+}
diff --git a/lib/unistring/unistr/u8-to-u32.c b/lib/unistring/unistr/u8-to-u32.c
new file mode 100644
index 0000000..b947c6c
--- /dev/null
+++ b/lib/unistring/unistr/u8-to-u32.c
@@ -0,0 +1,134 @@
+/* Convert UTF-8 string to UTF-32 string.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unistr.h"
+
+#define FUNC u8_to_u32
+#define SRC_UNIT uint8_t
+#define DST_UNIT uint32_t
+
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+
+DST_UNIT *
+FUNC (const SRC_UNIT *s, size_t n, DST_UNIT *resultbuf, size_t *lengthp)
+{
+  const SRC_UNIT *s_end = s + n;
+  /* Output string accumulator.  */
+  DST_UNIT *result;
+  size_t allocated;
+  size_t length;
+
+  if (resultbuf != NULL)
+    {
+      result = resultbuf;
+      allocated = *lengthp;
+    }
+  else
+    {
+      result = NULL;
+      allocated = 0;
+    }
+  length = 0;
+  /* Invariants:
+     result is either == resultbuf or == NULL or malloc-allocated.
+     If length > 0, then result != NULL.  */
+
+  while (s < s_end)
+    {
+      ucs4_t uc;
+      int count;
+
+      /* Fetch a Unicode character from the input string.  */
+      count = u8_mbtoucr (&uc, s, s_end - s);
+      if (count < 0)
+        {
+          if (!(result == resultbuf || result == NULL))
+            free (result);
+          errno = EILSEQ;
+          return NULL;
+        }
+      s += count;
+
+      /* Store it in the output string.  */
+      if (length + 1 > allocated)
+        {
+          DST_UNIT *memory;
+
+          allocated = (allocated > 0 ? 2 * allocated : 12);
+          if (length + 1 > allocated)
+            allocated = length + 1;
+          if (result == resultbuf || result == NULL)
+            memory = (DST_UNIT *) malloc (allocated * sizeof (DST_UNIT));
+          else
+            memory =
+              (DST_UNIT *) realloc (result, allocated * sizeof (DST_UNIT));
+
+          if (memory == NULL)
+            {
+              if (!(result == resultbuf || result == NULL))
+                free (result);
+              errno = ENOMEM;
+              return NULL;
+            }
+          if (result == resultbuf && length > 0)
+            memcpy ((char *) memory, (char *) result,
+                    length * sizeof (DST_UNIT));
+          result = memory;
+        }
+      result[length++] = uc;
+    }
+
+  if (length == 0)
+    {
+      if (result == NULL)
+        {
+          /* Return a non-NULL value.  NULL means error.  */
+          result = (DST_UNIT *) malloc (1);
+          if (result == NULL)
+            {
+              errno = ENOMEM;
+              return NULL;
+            }
+        }
+    }
+  else if (result != resultbuf && length < allocated)
+    {
+      /* Shrink the allocated memory if possible.  */
+      DST_UNIT *memory;
+
+      memory = (DST_UNIT *) realloc (result, length * sizeof (DST_UNIT));
+      if (memory != NULL)
+        result = memory;
+    }
+
+  *lengthp = length;
+  return result;
+}
diff --git a/lib/unistring/unistr/u8-uctomb-aux.c b/lib/unistring/unistr/u8-uctomb-aux.c
new file mode 100644
index 0000000..3e4e29c
--- /dev/null
+++ b/lib/unistring/unistr/u8-uctomb-aux.c
@@ -0,0 +1,69 @@
+/* Conversion UCS-4 to UTF-8.
+   Copyright (C) 2002, 2006-2007, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+/* Specification.  */
+#include "unistr.h"
+
+#include "attribute.h"
+
+int
+u8_uctomb_aux (uint8_t *s, ucs4_t uc, ptrdiff_t n)
+{
+  int count;
+
+  if (uc < 0x80)
+    /* The case n >= 1 is already handled by the caller.  */
+    return -2;
+  else if (uc < 0x800)
+    count = 2;
+  else if (uc < 0x10000)
+    {
+      if (uc < 0xd800 || uc >= 0xe000)
+        count = 3;
+      else
+        return -1;
+    }
+  else if (uc < 0x110000)
+    count = 4;
+  else
+    return -1;
+
+  if (n < count)
+    return -2;
+
+  switch (count) /* note: code falls through cases! */
+    {
+    case 4: s[3] = 0x80 | (uc & 0x3f); uc = uc >> 6; uc |= 0x10000;
+      FALLTHROUGH;
+    case 3: s[2] = 0x80 | (uc & 0x3f); uc = uc >> 6; uc |= 0x800;
+      FALLTHROUGH;
+    case 2: s[1] = 0x80 | (uc & 0x3f); uc = uc >> 6; uc |= 0xc0;
+  /*case 1:*/ s[0] = uc;
+    }
+  return count;
+}
diff --git a/lib/unistring/unistr/u8-uctomb.c b/lib/unistring/unistr/u8-uctomb.c
new file mode 100644
index 0000000..55ff3d6
--- /dev/null
+++ b/lib/unistring/unistr/u8-uctomb.c
@@ -0,0 +1,88 @@
+/* Store a character in UTF-8 string.
+   Copyright (C) 2002, 2005-2006, 2009-2021 Free Software Foundation, Inc.
+   Written by Bruno Haible <bruno@clisp.org>, 2002.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#include <config.h>
+
+#if defined IN_LIBUNISTRING
+/* Tell unistr.h to declare u8_uctomb as 'extern', not 'static inline'.  */
+# include "unistring-notinline.h"
+#endif
+
+/* Specification.  */
+#include "unistr.h"
+
+#include "attribute.h"
+
+#if !HAVE_INLINE
+
+int
+u8_uctomb (uint8_t *s, ucs4_t uc, ptrdiff_t n)
+{
+  if (uc < 0x80)
+    {
+      if (n > 0)
+        {
+          s[0] = uc;
+          return 1;
+        }
+      /* else return -2, below.  */
+    }
+  else
+    {
+      int count;
+
+      if (uc < 0x800)
+        count = 2;
+      else if (uc < 0x10000)
+        {
+          if (uc < 0xd800 || uc >= 0xe000)
+            count = 3;
+          else
+            return -1;
+        }
+      else if (uc < 0x110000)
+        count = 4;
+      else
+        return -1;
+
+      if (n >= count)
+        {
+          switch (count) /* note: code falls through cases! */
+            {
+            case 4: s[3] = 0x80 | (uc & 0x3f); uc = uc >> 6; uc |= 0x10000;
+              FALLTHROUGH;
+            case 3: s[2] = 0x80 | (uc & 0x3f); uc = uc >> 6; uc |= 0x800;
+              FALLTHROUGH;
+            case 2: s[1] = 0x80 | (uc & 0x3f); uc = uc >> 6; uc |= 0xc0;
+          /*case 1:*/ s[0] = uc;
+            }
+          return count;
+        }
+    }
+  return -2;
+}
+
+#endif
diff --git a/lib/unistring/unitypes.in.h b/lib/unistring/unitypes.in.h
new file mode 100644
index 0000000..babb549
--- /dev/null
+++ b/lib/unistring/unitypes.in.h
@@ -0,0 +1,70 @@
+/* Elementary types and macros for the GNU UniString library.
+   Copyright (C) 2002, 2005-2006, 2009-2021 Free Software Foundation, Inc.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+#ifndef _UNITYPES_H
+#define _UNITYPES_H
+
+/* Get uint8_t, uint16_t, uint32_t.  */
+#include <stdint.h>
+
+/* Type representing a Unicode character.  */
+typedef uint32_t ucs4_t;
+
+/* Attribute of a function whose result depends only on the arguments
+   (not pointers!) and which has no side effects.  */
+#ifndef _UC_ATTRIBUTE_CONST
+# if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 95) || defined __clang__
+#  define _UC_ATTRIBUTE_CONST __attribute__ ((__const__))
+# else
+#  define _UC_ATTRIBUTE_CONST
+# endif
+#endif
+
+/* Attribute of a function whose result depends only on the arguments
+   (possibly pointers) and global memory, and which has no side effects.  */
+#ifndef _UC_ATTRIBUTE_PURE
+# if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 96) || defined __clang__
+#  define _UC_ATTRIBUTE_PURE __attribute__ ((__pure__))
+# else
+#  define _UC_ATTRIBUTE_PURE
+# endif
+#endif
+
+/* Qualifier in a function declaration, that asserts that the caller must
+   pass a pointer to a different object in the specified pointer argument
+   than in the other pointer arguments.  */
+#ifndef _UC_RESTRICT
+# if defined __restrict \
+     || 2 < __GNUC__ + (95 <= __GNUC_MINOR__) \
+     || __clang_major__ >= 3
+#  define _UC_RESTRICT __restrict
+# elif 199901L <= __STDC_VERSION__ || defined restrict
+#  define _UC_RESTRICT restrict
+# else
+#  define _UC_RESTRICT
+# endif
+#endif
+
+#endif /* _UNITYPES_H */
diff --git a/lib/unistring/unused-parameter.h b/lib/unistring/unused-parameter.h
new file mode 100644
index 0000000..b4891bf
--- /dev/null
+++ b/lib/unistring/unused-parameter.h
@@ -0,0 +1,41 @@
+/* A C macro for declaring that specific function parameters are not used.
+   Copyright (C) 2008-2021 Free Software Foundation, Inc.
+
+   This program is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+/* _GL_UNUSED_PARAMETER is a marker that can be appended to function parameter
+   declarations for parameters that are not used.  This helps to reduce
+   warnings, such as from GCC -Wunused-parameter.  The syntax is as follows:
+       type param _GL_UNUSED_PARAMETER
+   or more generally
+       param_decl _GL_UNUSED_PARAMETER
+   For example:
+       int param _GL_UNUSED_PARAMETER
+       int *(*param)(void) _GL_UNUSED_PARAMETER
+   Other possible, but obscure and discouraged syntaxes:
+       int _GL_UNUSED_PARAMETER *(*param)(void)
+       _GL_UNUSED_PARAMETER int *(*param)(void)
+ */
+#ifndef _GL_UNUSED_PARAMETER
+# define _GL_UNUSED_PARAMETER _GL_ATTRIBUTE_MAYBE_UNUSED
+#endif
diff --git a/lib/urls.c b/lib/urls.c
new file mode 100644
index 0000000..7a797ee
--- /dev/null
+++ b/lib/urls.c
@@ -0,0 +1,165 @@
+/*
+ * Copyright © 2014 Nikos Mavrogiannopoulos
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include "str.h"
+#include "urls.h"
+#include "system-keys.h"
+#include <c-strcase.h>
+
+#define MAX_CUSTOM_URLS 8
+
+gnutls_custom_url_st _gnutls_custom_urls[MAX_CUSTOM_URLS];
+unsigned _gnutls_custom_urls_size = 0;
+
+/**
+ * gnutls_url_is_supported:
+ * @url: A URI to be tested
+ *
+ * Check whether the provided @url is supported.  Depending on the system libraries
+ * GnuTLS may support pkcs11, tpmkey or other URLs.
+ *
+ * Returns: return non-zero if the given URL is supported, and zero if
+ * it is not known.
+ *
+ * Since: 3.1.0
+ **/
+unsigned gnutls_url_is_supported(const char *url)
+{
+	unsigned i;
+
+	for (i=0;i<_gnutls_custom_urls_size;i++) {
+		if (c_strncasecmp(url, _gnutls_custom_urls[i].name, _gnutls_custom_urls[i].name_size) == 0)
+			return 1;
+	}
+
+#ifdef ENABLE_PKCS11
+	if (c_strncasecmp(url, PKCS11_URL, sizeof(PKCS11_URL)-1) == 0)
+		return 1;
+#endif
+#ifdef HAVE_TROUSERS
+	if (c_strncasecmp(url, TPMKEY_URL, sizeof(TPMKEY_URL)-1) == 0)
+		return 1;
+#endif
+	if (c_strncasecmp(url, SYSTEM_URL, sizeof(SYSTEM_URL)-1) == 0)
+		return _gnutls_system_url_is_supported(url);
+
+	return 0;
+}
+
+int _gnutls_url_is_known(const char *url)
+{
+	unsigned i;
+
+	if (c_strncasecmp(url, PKCS11_URL, sizeof(PKCS11_URL)-1) == 0)
+		return 1;
+	else if (c_strncasecmp(url, TPMKEY_URL, sizeof(TPMKEY_URL)-1) == 0)
+		return 1;
+	else if (c_strncasecmp(url, SYSTEM_URL, sizeof(SYSTEM_URL)-1) == 0)
+		return 1;
+	else {
+		for (i=0;i<_gnutls_custom_urls_size;i++) {
+			if (c_strncasecmp(url, _gnutls_custom_urls[i].name, _gnutls_custom_urls[i].name_size) == 0)
+				return 1;
+		}
+
+		return 0;
+	}
+}
+
+/**
+ * gnutls_register_custom_url:
+ * @st: A %gnutls_custom_url_st structure
+ *
+ * Register a custom URL. This will affect the following functions:
+ * gnutls_url_is_supported(), gnutls_privkey_import_url(),
+ * gnutls_pubkey_import_url, gnutls_x509_crt_import_url() 
+ * and all functions that depend on
+ * them, e.g., gnutls_certificate_set_x509_key_file2().
+ *
+ * The provided structure and callback functions must be valid throughout
+ * the lifetime of the process. The registration of an existing URL type
+ * will fail with %GNUTLS_E_INVALID_REQUEST. Since GnuTLS 3.5.0 this function
+ * can be used to override the builtin URLs.
+ *
+ * This function is not thread safe.
+ *
+ * Returns: returns zero if the given structure was imported or a negative value otherwise.
+ *
+ * Since: 3.4.0
+ **/
+int gnutls_register_custom_url(const gnutls_custom_url_st *st)
+{
+	unsigned i;
+
+	for (i=0;i<_gnutls_custom_urls_size;i++) {
+		if (_gnutls_custom_urls[i].name_size == st->name_size &&
+		    strcmp(_gnutls_custom_urls[i].name, st->name) == 0) {
+		    return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		}
+	}
+
+	if (_gnutls_custom_urls_size < MAX_CUSTOM_URLS-1) {
+		memcpy(&_gnutls_custom_urls[_gnutls_custom_urls_size], st, sizeof(*st));
+		_gnutls_custom_urls_size++;
+		return 0;
+	} else {
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+	}
+}
+
+/*-
+ * _gnutls_get_raw_issuer:
+ * @url: A PKCS 11 url identifying a token
+ * @cert: is the certificate to find issuer for
+ * @issuer: Will hold the issuer if any in an allocated buffer.
+ * @flags: Use zero or flags from %GNUTLS_PKCS11_OBJ_FLAG.
+ *
+ * This function will return the issuer of a given certificate in
+ * DER format.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ -*/
+int _gnutls_get_raw_issuer(const char *url, gnutls_x509_crt_t cert,
+				 gnutls_datum_t * issuer,
+				 unsigned int flags)
+{
+	unsigned i;
+
+#ifdef ENABLE_PKCS11
+	if (c_strncasecmp(url, PKCS11_URL, PKCS11_URL_SIZE) == 0) {
+		return gnutls_pkcs11_get_raw_issuer(url, cert, issuer, GNUTLS_X509_FMT_DER, flags);
+	}
+#endif
+	for (i=0;i<_gnutls_custom_urls_size;i++) {
+		if (c_strncasecmp(url, _gnutls_custom_urls[i].name, _gnutls_custom_urls[i].name_size) == 0) {
+			if (_gnutls_custom_urls[i].get_issuer) {
+				return _gnutls_custom_urls[i].get_issuer(url, cert, issuer, flags);
+			}
+			break;
+		}
+	}
+
+	return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+}
diff --git a/lib/urls.h b/lib/urls.h
new file mode 100644
index 0000000..636592c
--- /dev/null
+++ b/lib/urls.h
@@ -0,0 +1,43 @@
+/*
+ * Copyright © 2014 Nikos Mavrogiannopoulos
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_URLS_H
+#define GNUTLS_LIB_URLS_H
+
+#define PKCS11_URL "pkcs11:"
+#define SYSTEM_URL "system:"
+#define TPMKEY_URL "tpmkey:"
+
+#define PKCS11_URL_SIZE (sizeof(PKCS11_URL)-1)
+#define SYSTEM_URL_SIZE (sizeof(SYSTEM_URL)-1)
+#define TPMKEY_URL_SIZE (sizeof(TPMKEY_URL)-1)
+
+#include <gnutls/urls.h>
+
+extern gnutls_custom_url_st _gnutls_custom_urls[];
+extern unsigned _gnutls_custom_urls_size;
+
+int _gnutls_url_is_known(const char *url);
+
+int _gnutls_get_raw_issuer(const char *url, gnutls_x509_crt_t cert,
+				 gnutls_datum_t * issuer,
+				 unsigned int flags);
+
+#endif /* GNUTLS_LIB_URLS_H */
diff --git a/lib/verify-tofu.c b/lib/verify-tofu.c
new file mode 100644
index 0000000..97f4738
--- /dev/null
+++ b/lib/verify-tofu.c
@@ -0,0 +1,767 @@
+/*
+ * Copyright (C) 2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <libtasn1.h>
+#include <global.h>
+#include <num.h>		/* MAX */
+#include <tls-sig.h>
+#include "str.h"
+#include <datum.h>
+#include "x509_int.h"
+#include <nettle/base64.h>
+#include <common.h>
+#include <gnutls/abstract.h>
+#include <system.h>
+#include <locks.h>
+
+GNUTLS_STATIC_MUTEX(file_mutex);
+
+struct gnutls_tdb_int {
+	gnutls_tdb_store_func store;
+	gnutls_tdb_store_commitment_func cstore;
+	gnutls_tdb_verify_func verify;
+};
+
+static int raw_pubkey_to_base64(const gnutls_datum_t * raw,
+				gnutls_datum_t * b64);
+static int verify_pubkey(const char *file, const char *host,
+			 const char *service, const gnutls_datum_t * skey);
+
+static
+int store_commitment(const char *db_name, const char *host,
+		     const char *service, time_t expiration,
+		     gnutls_digest_algorithm_t hash_algo,
+		     const gnutls_datum_t * hash);
+static
+int store_pubkey(const char *db_name, const char *host,
+		 const char *service, time_t expiration,
+		 const gnutls_datum_t * pubkey);
+
+static int find_config_file(char *file, size_t max_size);
+
+struct gnutls_tdb_int default_tdb = {
+	store_pubkey,
+	store_commitment,
+	verify_pubkey
+};
+
+
+/**
+ * gnutls_verify_stored_pubkey:
+ * @db_name: A file specifying the stored keys (use NULL for the default)
+ * @tdb: A storage structure or NULL to use the default
+ * @host: The peer's name
+ * @service: non-NULL if this key is specific to a service (e.g. http)
+ * @cert_type: The type of the certificate
+ * @cert: The raw (der) data of the certificate
+ * @flags: should be 0.
+ *
+ * This function will try to verify a raw public-key or a public-key provided via
+ * a raw (DER-encoded) certificate using a list of stored public keys.
+ * The @service field if non-NULL should be a port number.
+ *
+ * The @db_name variable if non-null specifies a custom backend for
+ * the retrieval of entries. If it is NULL then the
+ * default file backend will be used. In POSIX-like systems the
+ * file backend uses the $HOME/.gnutls/known_hosts file.
+ *
+ * Note that if the custom storage backend is provided the
+ * retrieval function should return %GNUTLS_E_CERTIFICATE_KEY_MISMATCH
+ * if the host/service pair is found but key doesn't match,
+ * %GNUTLS_E_NO_CERTIFICATE_FOUND if no such host/service with
+ * the given key is found, and 0 if it was found. The storage
+ * function should return 0 on success.
+ *
+ * As of GnuTLS 3.6.6 this function also verifies raw public keys.
+ *
+ * Returns: If no associated public key is found
+ * then %GNUTLS_E_NO_CERTIFICATE_FOUND will be returned. If a key
+ * is found but does not match %GNUTLS_E_CERTIFICATE_KEY_MISMATCH
+ * is returned. On success, %GNUTLS_E_SUCCESS (0) is returned,
+ * or a negative error value on other errors.
+ *
+ * Since: 3.0.13
+ **/
+int
+gnutls_verify_stored_pubkey(const char *db_name,
+			    gnutls_tdb_t tdb,
+			    const char *host,
+			    const char *service,
+			    gnutls_certificate_type_t cert_type,
+			    const gnutls_datum_t * cert,
+			    unsigned int flags)
+{
+	gnutls_datum_t pubkey = { NULL, 0 }; // Holds the pubkey in subjectPublicKeyInfo format (DER encoded)
+	int ret;
+	char local_file[MAX_FILENAME];
+	bool need_free;
+
+
+	if (db_name == NULL && tdb == NULL) {
+		ret = find_config_file(local_file, sizeof(local_file));
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		db_name = local_file;
+	}
+
+	if (tdb == NULL)
+		tdb = &default_tdb;
+
+	/* Import the public key depending on the provided certificate type */
+	switch (cert_type) {
+		case GNUTLS_CRT_X509:
+			/* Extract the pubkey from the cert. This function does a malloc
+			 * deep down the call chain. We are responsible for freeing. */
+			ret = _gnutls_x509_raw_crt_to_raw_pubkey(cert, &pubkey);
+
+			if (ret < 0) {
+				_gnutls_free_datum(&pubkey);
+				return gnutls_assert_val(ret);
+			}
+
+			need_free = true;
+			break;
+		case GNUTLS_CRT_RAWPK:
+			pubkey.data = cert->data;
+			pubkey.size = cert->size;
+			need_free = false;
+			break;
+		default:
+			return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE);
+	}
+
+	// Verify our pubkey against the database
+	ret = tdb->verify(db_name, host, service, &pubkey);
+	if (ret < 0 && ret != GNUTLS_E_CERTIFICATE_KEY_MISMATCH)
+		ret = gnutls_assert_val(GNUTLS_E_NO_CERTIFICATE_FOUND);
+
+	if (need_free) {
+		_gnutls_free_datum(&pubkey);
+	}
+
+	return ret;
+}
+
+static int parse_commitment_line(char *line,
+				 const char *host, size_t host_len,
+				 const char *service, size_t service_len,
+				 time_t now, const gnutls_datum_t * skey)
+{
+	char *p, *kp;
+	char *savep = NULL;
+	size_t kp_len, phash_size;
+	time_t expiration;
+	int ret;
+	const mac_entry_st *hash_algo;
+	uint8_t phash[MAX_HASH_SIZE];
+	uint8_t hphash[MAX_HASH_SIZE * 2 + 1];
+
+	/* read host */
+	p = strtok_r(line, "|", &savep);
+	if (p == NULL)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	if (p[0] != '*' && host != NULL && strcmp(p, host) != 0)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	/* read service */
+	p = strtok_r(NULL, "|", &savep);
+	if (p == NULL)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	if (p[0] != '*' && service != NULL && strcmp(p, service) != 0)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	/* read expiration */
+	p = strtok_r(NULL, "|", &savep);
+	if (p == NULL)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	expiration = (time_t) atol(p);
+	if (expiration > 0 && now > expiration)
+		return gnutls_assert_val(GNUTLS_E_EXPIRED);
+
+	/* read hash algorithm */
+	p = strtok_r(NULL, "|", &savep);
+	if (p == NULL)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	hash_algo = mac_to_entry(atol(p));
+	if (_gnutls_digest_get_name(hash_algo) == NULL)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	/* read hash */
+	kp = strtok_r(NULL, "|", &savep);
+	if (kp == NULL)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	p = strpbrk(kp, "\n \r\t|");
+	if (p != NULL)
+		*p = 0;
+
+	/* hash and hex encode */
+	ret =
+	    _gnutls_hash_fast((gnutls_digest_algorithm_t)hash_algo->id,
+				skey->data, skey->size, phash);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	phash_size = _gnutls_hash_get_algo_len(hash_algo);
+
+	p = _gnutls_bin2hex(phash, phash_size, (void *) hphash,
+			    sizeof(hphash), NULL);
+	if (p == NULL)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	kp_len = strlen(kp);
+	if (kp_len != phash_size * 2)
+		return
+		    gnutls_assert_val(GNUTLS_E_CERTIFICATE_KEY_MISMATCH);
+
+	if (memcmp(kp, hphash, kp_len) != 0)
+		return
+		    gnutls_assert_val(GNUTLS_E_CERTIFICATE_KEY_MISMATCH);
+
+	/* key found and matches */
+	return 0;
+}
+
+
+static int parse_line(char *line,
+		      const char *host, size_t host_len,
+		      const char *service, size_t service_len,
+		      time_t now,
+		      const gnutls_datum_t * rawkey,
+		      const gnutls_datum_t * b64key)
+{
+	char *p, *kp;
+	char *savep = NULL;
+	size_t kp_len;
+	time_t expiration;
+
+	/* read version */
+	p = strtok_r(line, "|", &savep);
+	if (p == NULL)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	if (strncmp(p, "c0", 2) == 0)
+		return parse_commitment_line(p + 3, host, host_len,
+					     service, service_len, now,
+					     rawkey);
+
+	if (strncmp(p, "g0", 2) != 0)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	/* read host */
+	p = strtok_r(NULL, "|", &savep);
+	if (p == NULL)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	if (p[0] != '*' && host != NULL && strcmp(p, host) != 0)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	/* read service */
+	p = strtok_r(NULL, "|", &savep);
+	if (p == NULL)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	if (p[0] != '*' && service != NULL && strcmp(p, service) != 0)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	/* read expiration */
+	p = strtok_r(NULL, "|", &savep);
+	if (p == NULL)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	expiration = (time_t) atol(p);
+	if (expiration > 0 && now > expiration)
+		return gnutls_assert_val(GNUTLS_E_EXPIRED);
+
+	/* read key */
+	kp = strtok_r(NULL, "|", &savep);
+	if (kp == NULL)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	p = strpbrk(kp, "\n \r\t|");
+	if (p != NULL)
+		*p = 0;
+
+	kp_len = strlen(kp);
+	if (kp_len != b64key->size)
+		return
+		    gnutls_assert_val(GNUTLS_E_CERTIFICATE_KEY_MISMATCH);
+
+	if (memcmp(kp, b64key->data, b64key->size) != 0)
+		return
+		    gnutls_assert_val(GNUTLS_E_CERTIFICATE_KEY_MISMATCH);
+
+	/* key found and matches */
+	return 0;
+}
+
+/* Returns the base64 key if found
+ */
+static int verify_pubkey(const char *file,
+			 const char *host, const char *service,
+			 const gnutls_datum_t * pubkey)
+{
+	FILE *fp;
+	char *line = NULL;
+	size_t line_size = 0;
+	int ret, l2, mismatch = 0;
+	size_t host_len = 0, service_len = 0;
+	time_t now = gnutls_time(0);
+	gnutls_datum_t b64key = { NULL, 0 };
+
+	ret = raw_pubkey_to_base64(pubkey, &b64key);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (host != NULL)
+		host_len = strlen(host);
+	if (service != NULL)
+		service_len = strlen(service);
+
+	fp = fopen(file, "rbe");
+	if (fp == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+		goto cleanup;
+	}
+
+	do {
+		l2 = getline(&line, &line_size, fp);
+		if (l2 > 0) {
+			ret =
+			    parse_line(line, host, host_len, service,
+				       service_len, now, pubkey, &b64key);
+			if (ret == 0) {	/* found */
+				goto cleanup;
+			} else if (ret ==
+				   GNUTLS_E_CERTIFICATE_KEY_MISMATCH)
+				mismatch = 1;
+		}
+	}
+	while (l2 >= 0);
+
+	if (mismatch)
+		ret = GNUTLS_E_CERTIFICATE_KEY_MISMATCH;
+	else
+		ret = GNUTLS_E_NO_CERTIFICATE_FOUND;
+
+      cleanup:
+	free(line);
+	if (fp != NULL)
+		fclose(fp);
+	gnutls_free(b64key.data);
+
+	return ret;
+}
+
+static int raw_pubkey_to_base64(const gnutls_datum_t * raw,
+				gnutls_datum_t * b64)
+{
+	size_t size;
+
+	size = BASE64_ENCODE_RAW_LENGTH(raw->size);
+
+	b64->data = gnutls_malloc(size);
+	if (b64->data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	base64_encode_raw((void*)b64->data, raw->size, raw->data);
+	b64->size = size;
+
+	return 0;
+}
+
+static
+int store_pubkey(const char *db_name, const char *host,
+		 const char *service, time_t expiration,
+		 const gnutls_datum_t * pubkey)
+{
+	FILE *fp = NULL;
+	gnutls_datum_t b64key = { NULL, 0 };
+	int ret;
+
+	ret = gnutls_static_mutex_lock(&file_mutex);
+	if (ret != 0)
+		return gnutls_assert_val(GNUTLS_E_LOCKING_ERROR);
+
+	ret = raw_pubkey_to_base64(pubkey, &b64key);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	fp = fopen(db_name, "abe+");
+	if (fp == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+		goto cleanup;
+	}
+
+	if (service == NULL)
+		service = "*";
+	if (host == NULL)
+		host = "*";
+
+	fprintf(fp, "|g0|%s|%s|%lu|%.*s\n", host, service,
+		(unsigned long) expiration, b64key.size, b64key.data);
+
+	ret = 0;
+
+      cleanup:
+	if (fp != NULL)
+		fclose(fp);
+
+	(void)gnutls_static_mutex_unlock(&file_mutex);
+	gnutls_free(b64key.data);
+
+	return ret;
+}
+
+static
+int store_commitment(const char *db_name, const char *host,
+		     const char *service, time_t expiration,
+		     gnutls_digest_algorithm_t hash_algo,
+		     const gnutls_datum_t * hash)
+{
+	FILE *fp;
+	char buffer[MAX_HASH_SIZE * 2 + 1];
+
+	fp = fopen(db_name, "abe+");
+	if (fp == NULL)
+		return gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+
+	if (service == NULL)
+		service = "*";
+	if (host == NULL)
+		host = "*";
+
+	fprintf(fp, "|c0|%s|%s|%lu|%u|%s\n", host, service,
+		(unsigned long) expiration, (unsigned) hash_algo,
+		_gnutls_bin2hex(hash->data, hash->size, buffer,
+				sizeof(buffer), NULL));
+
+	fclose(fp);
+
+	return 0;
+}
+
+/**
+ * gnutls_store_pubkey:
+ * @db_name: A file specifying the stored keys (use NULL for the default)
+ * @tdb: A storage structure or NULL to use the default
+ * @host: The peer's name
+ * @service: non-NULL if this key is specific to a service (e.g. http)
+ * @cert_type: The type of the certificate
+ * @cert: The data of the certificate
+ * @expiration: The expiration time (use 0 to disable expiration)
+ * @flags: should be 0.
+ *
+ * This function will store a raw public-key or a public-key provided via
+ * a raw (DER-encoded) certificate to the list of stored public keys. The key
+ * will be considered valid until the provided expiration time.
+ *
+ * The @tdb variable if non-null specifies a custom backend for
+ * the storage of entries. If it is NULL then the
+ * default file backend will be used.
+ *
+ * Unless an alternative @tdb is provided, the storage format is a textual format
+ * consisting of a line for each host with fields separated by '|'. The contents of
+ * the fields are a format-identifier which is set to 'g0', the hostname that the
+ * rest of the data applies to, the numeric port or host name, the expiration
+ * time in seconds since the epoch (0 for no expiration), and a base64
+ * encoding of the raw (DER) public key information (SPKI) of the peer.
+ *
+ * As of GnuTLS 3.6.6 this function also accepts raw public keys.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0.13
+ **/
+int
+gnutls_store_pubkey(const char *db_name,
+		    gnutls_tdb_t tdb,
+		    const char *host,
+		    const char *service,
+		    gnutls_certificate_type_t cert_type,
+		    const gnutls_datum_t * cert,
+		    time_t expiration, unsigned int flags)
+{
+	gnutls_datum_t pubkey = { NULL, 0 }; // Holds the pubkey in subjectPublicKeyInfo format (DER encoded)
+	int ret;
+	char local_file[MAX_FILENAME];
+	bool need_free;
+
+
+	if (db_name == NULL && tdb == NULL) {
+		ret =
+		    _gnutls_find_config_path(local_file,
+					     sizeof(local_file));
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		_gnutls_debug_log("Configuration path: %s\n", local_file);
+		mkdir(local_file, 0700);
+
+		ret = find_config_file(local_file, sizeof(local_file));
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		db_name = local_file;
+	}
+
+	if (tdb == NULL)
+		tdb = &default_tdb;
+
+	/* Import the public key depending on the provided certificate type */
+	switch (cert_type) {
+		case GNUTLS_CRT_X509:
+			/* Extract the pubkey from the cert. This function does a malloc
+			 * deep down the call chain. We are responsible for freeing. */
+			ret = _gnutls_x509_raw_crt_to_raw_pubkey(cert, &pubkey);
+
+			if (ret < 0) {
+				_gnutls_free_datum(&pubkey);
+				return gnutls_assert_val(ret);
+			}
+
+			need_free = true;
+			break;
+		case GNUTLS_CRT_RAWPK:
+			pubkey.data = cert->data;
+			pubkey.size = cert->size;
+			need_free = false;
+			break;
+		default:
+			return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE);
+	}
+
+	_gnutls_debug_log("Configuration file: %s\n", db_name);
+
+	ret = tdb->store(db_name, host, service, expiration, &pubkey);
+
+	if (need_free) {
+		_gnutls_free_datum(&pubkey);
+	}
+
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_DB_ERROR);
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_store_commitment:
+ * @db_name: A file specifying the stored keys (use NULL for the default)
+ * @tdb: A storage structure or NULL to use the default
+ * @host: The peer's name
+ * @service: non-NULL if this key is specific to a service (e.g. http)
+ * @hash_algo: The hash algorithm type
+ * @hash: The raw hash
+ * @expiration: The expiration time (use 0 to disable expiration)
+ * @flags: should be 0 or %GNUTLS_SCOMMIT_FLAG_ALLOW_BROKEN.
+ *
+ * This function will store the provided hash commitment to
+ * the list of stored public keys. The key with the given
+ * hash will be considered valid until the provided expiration time.
+ *
+ * The @tdb variable if non-null specifies a custom backend for
+ * the storage of entries. If it is NULL then the
+ * default file backend will be used.
+ *
+ * Note that this function is not thread safe with the default backend.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_store_commitment(const char *db_name,
+			gnutls_tdb_t tdb,
+			const char *host,
+			const char *service,
+			gnutls_digest_algorithm_t hash_algo,
+			const gnutls_datum_t * hash,
+			time_t expiration, unsigned int flags)
+{
+	int ret;
+	char local_file[MAX_FILENAME];
+	const mac_entry_st *me = hash_to_entry(hash_algo);
+
+	if (me == NULL)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+	if (!(flags & GNUTLS_SCOMMIT_FLAG_ALLOW_BROKEN) && _gnutls_digest_is_secure(me) == 0)
+		return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_SECURITY);
+
+	if (_gnutls_hash_get_algo_len(me) != hash->size)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (db_name == NULL && tdb == NULL) {
+		ret =
+		    _gnutls_find_config_path(local_file,
+					     sizeof(local_file));
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		_gnutls_debug_log("Configuration path: %s\n", local_file);
+		mkdir(local_file, 0700);
+
+		ret = find_config_file(local_file, sizeof(local_file));
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		db_name = local_file;
+	}
+
+	if (tdb == NULL)
+		tdb = &default_tdb;
+
+	_gnutls_debug_log("Configuration file: %s\n", db_name);
+
+	ret = tdb->cstore(db_name, host, service, expiration,
+			  (gnutls_digest_algorithm_t)me->id, hash);
+	if (ret < 0) {
+		return gnutls_assert_val(GNUTLS_E_DB_ERROR);
+	}
+
+	return 0;
+}
+
+#define CONFIG_FILE "known_hosts"
+
+static int find_config_file(char *file, size_t max_size)
+{
+	char path[MAX_FILENAME];
+	int ret;
+
+	ret = _gnutls_find_config_path(path, sizeof(path));
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (path[0] == 0)
+		snprintf(file, max_size, "%s", CONFIG_FILE);
+	else
+		snprintf(file, max_size, "%s/%s", path, CONFIG_FILE);
+
+	return 0;
+}
+
+/**
+ * gnutls_tdb_init:
+ * @tdb: A pointer to the type to be initialized
+ *
+ * This function will initialize a public key trust storage structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_tdb_init(gnutls_tdb_t * tdb)
+{
+	*tdb = gnutls_calloc(1, sizeof(struct gnutls_tdb_int));
+
+	if (!*tdb)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	return 0;
+}
+
+/**
+ * gnutls_set_store_func:
+ * @tdb: The trust storage
+ * @store: The storage function
+ *
+ * This function will associate a storage function with the
+ * trust storage structure. The function is of the following form.
+ *
+ * int gnutls_tdb_store_func(const char* db_name, const char* host,
+ *		       const char* service, time_t expiration,
+ *		       const gnutls_datum_t* pubkey);
+ *
+ * The @db_name should be used to pass any private data to this function.
+ *
+ **/
+void gnutls_tdb_set_store_func(gnutls_tdb_t tdb,
+			       gnutls_tdb_store_func store)
+{
+	tdb->store = store;
+}
+
+/**
+ * gnutls_set_store_commitment_func:
+ * @tdb: The trust storage
+ * @cstore: The commitment storage function
+ *
+ * This function will associate a commitment (hash) storage function with the
+ * trust storage structure. The function is of the following form.
+ *
+ * int gnutls_tdb_store_commitment_func(const char* db_name, const char* host,
+ *		       const char* service, time_t expiration,
+ *		       gnutls_digest_algorithm_t, const gnutls_datum_t* hash);
+ *
+ * The @db_name should be used to pass any private data to this function.
+ *
+ **/
+void gnutls_tdb_set_store_commitment_func(gnutls_tdb_t tdb,
+					  gnutls_tdb_store_commitment_func
+					  cstore)
+{
+	tdb->cstore = cstore;
+}
+
+/**
+ * gnutls_set_verify_func:
+ * @tdb: The trust storage
+ * @verify: The verification function
+ *
+ * This function will associate a retrieval function with the
+ * trust storage structure. The function is of the following form.
+ *
+ * int gnutls_tdb_verify_func(const char* db_name, const char* host,
+ *		      const char* service, const gnutls_datum_t* pubkey);
+ *
+ * The verify function should return zero on a match, %GNUTLS_E_CERTIFICATE_KEY_MISMATCH
+ * if there is a mismatch and any other negative error code otherwise.
+ *
+ * The @db_name should be used to pass any private data to this function.
+ *
+ **/
+void gnutls_tdb_set_verify_func(gnutls_tdb_t tdb,
+				gnutls_tdb_verify_func verify)
+{
+	tdb->verify = verify;
+}
+
+/**
+ * gnutls_tdb_deinit:
+ * @tdb: The structure to be deinitialized
+ *
+ * This function will deinitialize a public key trust storage structure.
+ **/
+void gnutls_tdb_deinit(gnutls_tdb_t tdb)
+{
+	gnutls_free(tdb);
+}
diff --git a/lib/vko.c b/lib/vko.c
new file mode 100644
index 0000000..e0d4f04
--- /dev/null
+++ b/lib/vko.c
@@ -0,0 +1,301 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Dmitry Eremin-Solenikov
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ */
+
+/*
+ * This is split from main TLS key exchange, because it might be useful in
+ * future for S/MIME support. For the definition of the algorithm see RFC 4357,
+ * section 5.2.
+ */
+#include "gnutls_int.h"
+#include "vko.h"
+#include "pk.h"
+#include "common.h"
+
+static int
+_gnutls_gost_vko_key(gnutls_pk_params_st *pub,
+		     gnutls_pk_params_st *priv,
+		     gnutls_datum_t *ukm,
+		     gnutls_digest_algorithm_t digalg,
+		     gnutls_datum_t *kek)
+{
+	gnutls_datum_t tmp_vko_key;
+	int ret;
+
+	ret = _gnutls_pk_derive_nonce(pub->algo, &tmp_vko_key,
+				      priv, pub, ukm);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	kek->size = gnutls_hash_get_len(digalg);
+	kek->data = gnutls_malloc(kek->size);
+	if (kek->data == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	ret = gnutls_hash_fast(digalg, tmp_vko_key.data, tmp_vko_key.size, kek->data);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_free_datum(kek);
+		goto cleanup;
+	}
+
+	ret = 0;
+
+cleanup:
+	_gnutls_free_temp_key_datum(&tmp_vko_key);
+
+	return ret;
+}
+
+static const gnutls_datum_t zero_data = { NULL, 0 };
+
+int
+_gnutls_gost_keytrans_encrypt(gnutls_pk_params_st *pub,
+			      gnutls_pk_params_st *priv,
+			      gnutls_datum_t *cek,
+			      gnutls_datum_t *ukm,
+			      gnutls_datum_t *out)
+{
+	int ret;
+	gnutls_datum_t kek;
+	gnutls_datum_t enc, imit;
+	gnutls_digest_algorithm_t digalg;
+	asn1_node kx;
+
+	if (pub->algo == GNUTLS_PK_GOST_01)
+		digalg = GNUTLS_DIG_GOSTR_94;
+	else
+		digalg = GNUTLS_DIG_STREEBOG_256;
+
+	ret = _gnutls_gost_vko_key(pub, priv, ukm, digalg, &kek);
+	if (ret < 0) {
+		gnutls_assert();
+
+		return ret;
+	}
+
+	ret = _gnutls_gost_key_wrap(pub->gost_params, &kek, ukm, cek,
+				    &enc, &imit);
+	_gnutls_free_key_datum(&kek);
+	if (ret < 0) {
+		gnutls_assert();
+
+		return ret;
+	}
+
+	ret = asn1_create_element(_gnutls_get_gnutls_asn(),
+				  "GNUTLS.GostR3410-KeyTransport",
+				  &kx);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		_gnutls_free_datum(&enc);
+		_gnutls_free_datum(&imit);
+
+		return ret;
+	}
+
+	ret = _gnutls_x509_write_value(kx, "transportParameters.ukm", ukm);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_encode_and_copy_PKI_params(kx,
+			"transportParameters.ephemeralPublicKey",
+			priv);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if ((ret = asn1_write_value(kx, "transportParameters.encryptionParamSet",
+				    gnutls_gost_paramset_get_oid(pub->gost_params),
+				    1)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_write_value(kx, "sessionEncryptedKey.encryptedKey", &enc);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_write_value(kx, "sessionEncryptedKey.maskKey", &zero_data);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	ret = _gnutls_x509_write_value(kx, "sessionEncryptedKey.macKey", &imit);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_der_encode(kx, "", out, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+cleanup:
+	asn1_delete_structure(&kx);
+	_gnutls_free_datum(&enc);
+	_gnutls_free_datum(&imit);
+
+	return ret;
+}
+
+int
+_gnutls_gost_keytrans_decrypt(gnutls_pk_params_st *priv,
+			      gnutls_datum_t *cek,
+			      gnutls_datum_t *ukm,
+			      gnutls_datum_t *out)
+{
+	int ret;
+	asn1_node kx;
+	gnutls_pk_params_st pub;
+	gnutls_datum_t kek;
+	gnutls_datum_t ukm2, enc, imit;
+	char oid[MAX_OID_SIZE];
+	int oid_size;
+	gnutls_digest_algorithm_t digalg;
+
+	if ((ret = asn1_create_element(_gnutls_get_gnutls_asn(),
+				       "GNUTLS.GostR3410-KeyTransport",
+				       &kx)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+
+		return ret;
+	}
+
+	ret = _asn1_strict_der_decode(&kx, cek->data, cek->size, NULL);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		asn1_delete_structure(&kx);
+
+		return ret;
+	}
+
+	ret = _gnutls_get_asn_mpis(kx,
+				   "transportParameters.ephemeralPublicKey",
+				   &pub);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (pub.algo != priv->algo ||
+	    pub.gost_params != priv->gost_params ||
+	    pub.curve != priv->curve) {
+		gnutls_assert();
+		ret = GNUTLS_E_ILLEGAL_PARAMETER;
+		goto cleanup;
+	}
+
+	oid_size = sizeof(oid);
+	ret = asn1_read_value(kx, "transportParameters.encryptionParamSet", oid, &oid_size);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	if (gnutls_oid_to_gost_paramset(oid) != priv->gost_params) {
+		gnutls_assert();
+		ret = GNUTLS_E_ASN1_DER_ERROR;
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_read_value(kx, "transportParameters.ukm", &ukm2);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Kind of strange design. For TLS UKM is calculated as a hash of
+	 * client and server random. At the same time UKM is transmitted as a
+	 * part of KeyTransport structure. At this point we have to compare
+	 * them to check that they are equal. This does not result in an oracle
+	 * of any kind as all values are transmitted in cleartext. Returning
+	 * that this point won't give any information to the attacker.
+	 */
+	if (ukm2.size != ukm->size || memcmp(ukm2.data, ukm->data, ukm->size) != 0) {
+		gnutls_assert();
+		_gnutls_free_datum(&ukm2);
+		ret = GNUTLS_E_DECRYPTION_FAILED;
+		goto cleanup;
+	}
+	_gnutls_free_datum(&ukm2);
+
+	ret = _gnutls_x509_read_value(kx, "sessionEncryptedKey.encryptedKey",
+				      &enc);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_read_value(kx, "sessionEncryptedKey.macKey",
+				      &imit);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_free_datum(&enc);
+		goto cleanup;
+	}
+
+	if (pub.algo == GNUTLS_PK_GOST_01)
+		digalg = GNUTLS_DIG_GOSTR_94;
+	else
+		digalg = GNUTLS_DIG_STREEBOG_256;
+
+	ret = _gnutls_gost_vko_key(&pub, priv, ukm, digalg, &kek);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup2;
+	}
+
+	ret = _gnutls_gost_key_unwrap(pub.gost_params, &kek, ukm,
+				      &enc, &imit, out);
+	_gnutls_free_key_datum(&kek);
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup2;
+	}
+
+	ret = 0;
+
+cleanup2:
+	_gnutls_free_datum(&imit);
+	_gnutls_free_datum(&enc);
+cleanup:
+	gnutls_pk_params_release(&pub);
+	asn1_delete_structure(&kx);
+
+	return ret;
+}
diff --git a/lib/vko.h b/lib/vko.h
new file mode 100644
index 0000000..d4ff389
--- /dev/null
+++ b/lib/vko.h
@@ -0,0 +1,38 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Dmitry Eremin-Solenikov
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_VKO_H
+#define GNUTLS_LIB_VKO_H
+
+int
+_gnutls_gost_keytrans_encrypt(gnutls_pk_params_st *pub,
+			      gnutls_pk_params_st *priv,
+			      gnutls_datum_t *cek,
+			      gnutls_datum_t *ukm,
+			      gnutls_datum_t *out);
+
+int
+_gnutls_gost_keytrans_decrypt(gnutls_pk_params_st *priv,
+			      gnutls_datum_t *cek,
+			      gnutls_datum_t *ukm,
+			      gnutls_datum_t *out);
+
+#endif /* GNUTLS_LIB_VKO_H */
diff --git a/lib/x509.h b/lib/x509.h
new file mode 100644
index 0000000..3ad21f5
--- /dev/null
+++ b/lib/x509.h
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_H
+#define GNUTLS_LIB_X509_H
+
+#include <libtasn1.h>
+
+
+int _gnutls_x509_cert_verify_peers(gnutls_session_t session,
+				   gnutls_typed_vdata_st * data,
+				   unsigned int elements,
+				   unsigned int *status);
+
+#define PEM_CERT_SEP2 "-----BEGIN X509 CERTIFICATE"
+#define PEM_CERT_SEP "-----BEGIN CERTIFICATE"
+#define PEM_OCSP_RESPONSE "-----BEGIN OCSP RESPONSE"
+#define BARE_PEM_OCSP_RESPONSE "OCSP RESPONSE"
+
+#define PEM_CRL_SEP "-----BEGIN X509 CRL"
+
+
+int _gnutls_x509_raw_privkey_to_gkey(gnutls_privkey_t * privkey,
+				     const gnutls_datum_t * raw_key,
+				     gnutls_x509_crt_fmt_t type);
+
+#endif /* GNUTLS_LIB_X509_H */
diff --git a/lib/x509/Makefile.am b/lib/x509/Makefile.am
new file mode 100644
index 0000000..5caf8f8
--- /dev/null
+++ b/lib/x509/Makefile.am
@@ -0,0 +1,91 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2003-2012 Free Software Foundation, Inc.
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+include $(top_srcdir)/lib/common.mk
+
+AM_CPPFLAGS = \
+	-I$(srcdir)/../../gl		\
+	-I$(builddir)/../../gl		\
+	-I$(srcdir)/../includes		\
+	-I$(builddir)/../includes	\
+	-I$(srcdir)/..	
+
+if ENABLE_MINITASN1
+AM_CPPFLAGS += -I$(srcdir)/../minitasn1
+endif
+
+EXTRA_DIST = supported_exts.gperf
+BUILT_SOURCES = supported_exts.h
+
+noinst_LTLIBRARIES = libgnutls_x509.la
+
+libgnutls_x509_la_SOURCES =	\
+	common.c key_encode.c	\
+	common.h key_decode.c	\
+	time.c			\
+	crl.c			\
+	crl_write.c		\
+	crq.c			\
+	dn.c			\
+	attributes.c		\
+	attributes.h		\
+	prov-seed.c		\
+	prov-seed.h		\
+	extensions.c		\
+	mpi.c			\
+	output.c		\
+	pkcs12.c		\
+	pkcs12_bag.c		\
+	pkcs12_encr.c		\
+	pkcs7.c			\
+	pkcs7-attrs.c		\
+	pkcs7-crypt.c pkcs7_int.h \
+	privkey.c		\
+	privkey_pkcs8.c		\
+	privkey_pkcs8_pbes1.c	\
+	privkey_openssl.c	\
+	hostname-verify.c	\
+	sign.c			\
+	verify.c		\
+	x509.c x509_dn.c	\
+	x509_int.h		\
+	x509_write.c		\
+	name_constraints.c	\
+	verify-high.c		\
+	verify-high2.c		\
+	verify-high.h		\
+	x509_ext.c		\
+	email-verify.c		\
+	pkcs7-output.c		\
+	virt-san.c		\
+	virt-san.h		\
+	spki.c			\
+	x509_ext_int.h		\
+	tls_features.c		\
+	krb5.c krb5.h		\
+	ip.c ip.h ip-in-cidr.h  \
+	supported_exts.h ocsp.h
+
+if ENABLE_OCSP
+libgnutls_x509_la_SOURCES += ocsp.c ocsp_output.c
+endif
+
+supported_exts.h: $(srcdir)/supported_exts.gperf
+	$(V_GPERF)$(GPERF) --global-table -t $^ > $@-tmp \
+	&& sed 's/^const struct supported_exts_st \*/static const struct supported_exts_st \*/' <$@-tmp >$@ \
+	&& rm -f $@-tmp
diff --git a/lib/x509/Makefile.in b/lib/x509/Makefile.in
new file mode 100644
index 0000000..84242e0
--- /dev/null
+++ b/lib/x509/Makefile.in
@@ -0,0 +1,2575 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2003-2012 Free Software Foundation, Inc.
+#
+# This file is part of GnuTLS.
+#
+# The GnuTLS is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of
+# the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@ENABLE_MINITASN1_TRUE@am__append_1 = -I$(srcdir)/../minitasn1
+@ENABLE_OCSP_TRUE@am__append_2 = ocsp.c ocsp_output.c
+subdir = lib/x509
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+LTLIBRARIES = $(noinst_LTLIBRARIES)
+libgnutls_x509_la_LIBADD =
+am__libgnutls_x509_la_SOURCES_DIST = common.c key_encode.c common.h \
+	key_decode.c time.c crl.c crl_write.c crq.c dn.c attributes.c \
+	attributes.h prov-seed.c prov-seed.h extensions.c mpi.c \
+	output.c pkcs12.c pkcs12_bag.c pkcs12_encr.c pkcs7.c \
+	pkcs7-attrs.c pkcs7-crypt.c pkcs7_int.h privkey.c \
+	privkey_pkcs8.c privkey_pkcs8_pbes1.c privkey_openssl.c \
+	hostname-verify.c sign.c verify.c x509.c x509_dn.c x509_int.h \
+	x509_write.c name_constraints.c verify-high.c verify-high2.c \
+	verify-high.h x509_ext.c email-verify.c pkcs7-output.c \
+	virt-san.c virt-san.h spki.c x509_ext_int.h tls_features.c \
+	krb5.c krb5.h ip.c ip.h ip-in-cidr.h supported_exts.h ocsp.h \
+	ocsp.c ocsp_output.c
+@ENABLE_OCSP_TRUE@am__objects_1 = ocsp.lo ocsp_output.lo
+am_libgnutls_x509_la_OBJECTS = common.lo key_encode.lo key_decode.lo \
+	time.lo crl.lo crl_write.lo crq.lo dn.lo attributes.lo \
+	prov-seed.lo extensions.lo mpi.lo output.lo pkcs12.lo \
+	pkcs12_bag.lo pkcs12_encr.lo pkcs7.lo pkcs7-attrs.lo \
+	pkcs7-crypt.lo privkey.lo privkey_pkcs8.lo \
+	privkey_pkcs8_pbes1.lo privkey_openssl.lo hostname-verify.lo \
+	sign.lo verify.lo x509.lo x509_dn.lo x509_write.lo \
+	name_constraints.lo verify-high.lo verify-high2.lo x509_ext.lo \
+	email-verify.lo pkcs7-output.lo virt-san.lo spki.lo \
+	tls_features.lo krb5.lo ip.lo $(am__objects_1)
+libgnutls_x509_la_OBJECTS = $(am_libgnutls_x509_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/attributes.Plo \
+	./$(DEPDIR)/common.Plo ./$(DEPDIR)/crl.Plo \
+	./$(DEPDIR)/crl_write.Plo ./$(DEPDIR)/crq.Plo \
+	./$(DEPDIR)/dn.Plo ./$(DEPDIR)/email-verify.Plo \
+	./$(DEPDIR)/extensions.Plo ./$(DEPDIR)/hostname-verify.Plo \
+	./$(DEPDIR)/ip.Plo ./$(DEPDIR)/key_decode.Plo \
+	./$(DEPDIR)/key_encode.Plo ./$(DEPDIR)/krb5.Plo \
+	./$(DEPDIR)/mpi.Plo ./$(DEPDIR)/name_constraints.Plo \
+	./$(DEPDIR)/ocsp.Plo ./$(DEPDIR)/ocsp_output.Plo \
+	./$(DEPDIR)/output.Plo ./$(DEPDIR)/pkcs12.Plo \
+	./$(DEPDIR)/pkcs12_bag.Plo ./$(DEPDIR)/pkcs12_encr.Plo \
+	./$(DEPDIR)/pkcs7-attrs.Plo ./$(DEPDIR)/pkcs7-crypt.Plo \
+	./$(DEPDIR)/pkcs7-output.Plo ./$(DEPDIR)/pkcs7.Plo \
+	./$(DEPDIR)/privkey.Plo ./$(DEPDIR)/privkey_openssl.Plo \
+	./$(DEPDIR)/privkey_pkcs8.Plo \
+	./$(DEPDIR)/privkey_pkcs8_pbes1.Plo ./$(DEPDIR)/prov-seed.Plo \
+	./$(DEPDIR)/sign.Plo ./$(DEPDIR)/spki.Plo ./$(DEPDIR)/time.Plo \
+	./$(DEPDIR)/tls_features.Plo ./$(DEPDIR)/verify-high.Plo \
+	./$(DEPDIR)/verify-high2.Plo ./$(DEPDIR)/verify.Plo \
+	./$(DEPDIR)/virt-san.Plo ./$(DEPDIR)/x509.Plo \
+	./$(DEPDIR)/x509_dn.Plo ./$(DEPDIR)/x509_ext.Plo \
+	./$(DEPDIR)/x509_write.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+SOURCES = $(libgnutls_x509_la_SOURCES)
+DIST_SOURCES = $(am__libgnutls_x509_la_SOURCES_DIST)
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in \
+	$(top_srcdir)/build-aux/depcomp $(top_srcdir)/lib/common.mk
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = @GPERF@
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+AM_CFLAGS = $(WERROR_CFLAGS) $(WSTACK_CFLAGS) $(WARN_CFLAGS) $(NETTLE_CFLAGS) \
+  $(LIBTASN1_CFLAGS) $(LIBIDN2_CFLAGS) $(P11_KIT_CFLAGS) $(LIBZSTD_CFLAGS) \
+  $(CODE_COVERAGE_CFLAGS)
+
+COMMON_LINK_FLAGS = $(CODE_COVERAGE_LDFLAGS)
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
+AM_CPPFLAGS = -I$(srcdir)/../../gl -I$(builddir)/../../gl \
+	-I$(srcdir)/../includes -I$(builddir)/../includes \
+	-I$(srcdir)/.. $(am__append_1)
+EXTRA_DIST = supported_exts.gperf
+BUILT_SOURCES = supported_exts.h
+noinst_LTLIBRARIES = libgnutls_x509.la
+libgnutls_x509_la_SOURCES = common.c key_encode.c common.h \
+	key_decode.c time.c crl.c crl_write.c crq.c dn.c attributes.c \
+	attributes.h prov-seed.c prov-seed.h extensions.c mpi.c \
+	output.c pkcs12.c pkcs12_bag.c pkcs12_encr.c pkcs7.c \
+	pkcs7-attrs.c pkcs7-crypt.c pkcs7_int.h privkey.c \
+	privkey_pkcs8.c privkey_pkcs8_pbes1.c privkey_openssl.c \
+	hostname-verify.c sign.c verify.c x509.c x509_dn.c x509_int.h \
+	x509_write.c name_constraints.c verify-high.c verify-high2.c \
+	verify-high.h x509_ext.c email-verify.c pkcs7-output.c \
+	virt-san.c virt-san.h spki.c x509_ext_int.h tls_features.c \
+	krb5.c krb5.h ip.c ip.h ip-in-cidr.h supported_exts.h ocsp.h \
+	$(am__append_2)
+all: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/lib/common.mk $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/x509/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign lib/x509/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+$(top_srcdir)/lib/common.mk $(am__empty):
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+	-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+	@list='$(noinst_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+
+libgnutls_x509.la: $(libgnutls_x509_la_OBJECTS) $(libgnutls_x509_la_DEPENDENCIES) $(EXTRA_libgnutls_x509_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(LINK)  $(libgnutls_x509_la_OBJECTS) $(libgnutls_x509_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/attributes.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/common.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crl.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crl_write.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crq.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dn.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/email-verify.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/extensions.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hostname-verify.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ip.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/key_decode.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/key_encode.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mpi.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/name_constraints.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ocsp.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ocsp_output.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/output.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs12.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs12_bag.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs12_encr.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs7-attrs.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs7-crypt.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs7-output.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkcs7.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/privkey.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/privkey_openssl.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/privkey_pkcs8.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/privkey_pkcs8_pbes1.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/prov-seed.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sign.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/spki.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/time.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls_features.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/verify-high.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/verify-high2.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/verify.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/virt-san.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/x509.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/x509_dn.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/x509_ext.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/x509_write.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+install: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) install-am
+install-exec: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+	-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	mostlyclean-am
+
+distclean: distclean-am
+		-rm -f ./$(DEPDIR)/attributes.Plo
+	-rm -f ./$(DEPDIR)/common.Plo
+	-rm -f ./$(DEPDIR)/crl.Plo
+	-rm -f ./$(DEPDIR)/crl_write.Plo
+	-rm -f ./$(DEPDIR)/crq.Plo
+	-rm -f ./$(DEPDIR)/dn.Plo
+	-rm -f ./$(DEPDIR)/email-verify.Plo
+	-rm -f ./$(DEPDIR)/extensions.Plo
+	-rm -f ./$(DEPDIR)/hostname-verify.Plo
+	-rm -f ./$(DEPDIR)/ip.Plo
+	-rm -f ./$(DEPDIR)/key_decode.Plo
+	-rm -f ./$(DEPDIR)/key_encode.Plo
+	-rm -f ./$(DEPDIR)/krb5.Plo
+	-rm -f ./$(DEPDIR)/mpi.Plo
+	-rm -f ./$(DEPDIR)/name_constraints.Plo
+	-rm -f ./$(DEPDIR)/ocsp.Plo
+	-rm -f ./$(DEPDIR)/ocsp_output.Plo
+	-rm -f ./$(DEPDIR)/output.Plo
+	-rm -f ./$(DEPDIR)/pkcs12.Plo
+	-rm -f ./$(DEPDIR)/pkcs12_bag.Plo
+	-rm -f ./$(DEPDIR)/pkcs12_encr.Plo
+	-rm -f ./$(DEPDIR)/pkcs7-attrs.Plo
+	-rm -f ./$(DEPDIR)/pkcs7-crypt.Plo
+	-rm -f ./$(DEPDIR)/pkcs7-output.Plo
+	-rm -f ./$(DEPDIR)/pkcs7.Plo
+	-rm -f ./$(DEPDIR)/privkey.Plo
+	-rm -f ./$(DEPDIR)/privkey_openssl.Plo
+	-rm -f ./$(DEPDIR)/privkey_pkcs8.Plo
+	-rm -f ./$(DEPDIR)/privkey_pkcs8_pbes1.Plo
+	-rm -f ./$(DEPDIR)/prov-seed.Plo
+	-rm -f ./$(DEPDIR)/sign.Plo
+	-rm -f ./$(DEPDIR)/spki.Plo
+	-rm -f ./$(DEPDIR)/time.Plo
+	-rm -f ./$(DEPDIR)/tls_features.Plo
+	-rm -f ./$(DEPDIR)/verify-high.Plo
+	-rm -f ./$(DEPDIR)/verify-high2.Plo
+	-rm -f ./$(DEPDIR)/verify.Plo
+	-rm -f ./$(DEPDIR)/virt-san.Plo
+	-rm -f ./$(DEPDIR)/x509.Plo
+	-rm -f ./$(DEPDIR)/x509_dn.Plo
+	-rm -f ./$(DEPDIR)/x509_ext.Plo
+	-rm -f ./$(DEPDIR)/x509_write.Plo
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+		-rm -f ./$(DEPDIR)/attributes.Plo
+	-rm -f ./$(DEPDIR)/common.Plo
+	-rm -f ./$(DEPDIR)/crl.Plo
+	-rm -f ./$(DEPDIR)/crl_write.Plo
+	-rm -f ./$(DEPDIR)/crq.Plo
+	-rm -f ./$(DEPDIR)/dn.Plo
+	-rm -f ./$(DEPDIR)/email-verify.Plo
+	-rm -f ./$(DEPDIR)/extensions.Plo
+	-rm -f ./$(DEPDIR)/hostname-verify.Plo
+	-rm -f ./$(DEPDIR)/ip.Plo
+	-rm -f ./$(DEPDIR)/key_decode.Plo
+	-rm -f ./$(DEPDIR)/key_encode.Plo
+	-rm -f ./$(DEPDIR)/krb5.Plo
+	-rm -f ./$(DEPDIR)/mpi.Plo
+	-rm -f ./$(DEPDIR)/name_constraints.Plo
+	-rm -f ./$(DEPDIR)/ocsp.Plo
+	-rm -f ./$(DEPDIR)/ocsp_output.Plo
+	-rm -f ./$(DEPDIR)/output.Plo
+	-rm -f ./$(DEPDIR)/pkcs12.Plo
+	-rm -f ./$(DEPDIR)/pkcs12_bag.Plo
+	-rm -f ./$(DEPDIR)/pkcs12_encr.Plo
+	-rm -f ./$(DEPDIR)/pkcs7-attrs.Plo
+	-rm -f ./$(DEPDIR)/pkcs7-crypt.Plo
+	-rm -f ./$(DEPDIR)/pkcs7-output.Plo
+	-rm -f ./$(DEPDIR)/pkcs7.Plo
+	-rm -f ./$(DEPDIR)/privkey.Plo
+	-rm -f ./$(DEPDIR)/privkey_openssl.Plo
+	-rm -f ./$(DEPDIR)/privkey_pkcs8.Plo
+	-rm -f ./$(DEPDIR)/privkey_pkcs8_pbes1.Plo
+	-rm -f ./$(DEPDIR)/prov-seed.Plo
+	-rm -f ./$(DEPDIR)/sign.Plo
+	-rm -f ./$(DEPDIR)/spki.Plo
+	-rm -f ./$(DEPDIR)/time.Plo
+	-rm -f ./$(DEPDIR)/tls_features.Plo
+	-rm -f ./$(DEPDIR)/verify-high.Plo
+	-rm -f ./$(DEPDIR)/verify-high2.Plo
+	-rm -f ./$(DEPDIR)/verify.Plo
+	-rm -f ./$(DEPDIR)/virt-san.Plo
+	-rm -f ./$(DEPDIR)/x509.Plo
+	-rm -f ./$(DEPDIR)/x509_dn.Plo
+	-rm -f ./$(DEPDIR)/x509_ext.Plo
+	-rm -f ./$(DEPDIR)/x509_write.Plo
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: all check install install-am install-exec install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
+	clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	cscopelist-am ctags ctags-am distclean distclean-compile \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man install-pdf \
+	install-pdf-am install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-am uninstall uninstall-am
+
+.PRECIOUS: Makefile
+
+
+supported_exts.h: $(srcdir)/supported_exts.gperf
+	$(V_GPERF)$(GPERF) --global-table -t $^ > $@-tmp \
+	&& sed 's/^const struct supported_exts_st \*/static const struct supported_exts_st \*/' <$@-tmp >$@ \
+	&& rm -f $@-tmp
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/lib/x509/attributes.c b/lib/x509/attributes.c
new file mode 100644
index 0000000..3aab65b
--- /dev/null
+++ b/lib/x509/attributes.c
@@ -0,0 +1,299 @@
+/*
+ * Copyright (C) 2003-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2012-2016 Nikos Mavrogiannopoulos
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+
+#include <datum.h>
+#include "errors.h"
+#include <common.h>
+#include <x509.h>
+#include "x509_int.h"
+#include "attributes.h"
+
+/* Functions to parse and set the PKIX1 Attributes structure.
+ */
+
+/* Overwrite the given attribute (using the index)
+ * index here starts from one.
+ */
+static int
+overwrite_attribute(asn1_node asn, const char *root, unsigned indx,
+		    const gnutls_datum_t * ext_data)
+{
+	char name[MAX_NAME_SIZE], name2[MAX_NAME_SIZE];
+	int result;
+
+	snprintf(name, sizeof(name), "%s.?%u", root, indx);
+
+	_gnutls_str_cpy(name2, sizeof(name2), name);
+	_gnutls_str_cat(name2, sizeof(name2), ".values.?LAST");
+
+	result = _gnutls_x509_write_value(asn, name2, ext_data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+
+	return 0;
+}
+
+/* Parses an Attribute list in the asn1_struct, and searches for the
+ * given OID. The index indicates the attribute value to be returned.
+ *
+ * If raw==0 only printable data are returned, or
+ * GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE.
+ *
+ * asn1_attr_name must be a string in the form
+ * "certificationRequestInfo.attributes"
+ *
+ */
+int
+_x509_parse_attribute(asn1_node asn1_struct,
+		const char *attr_name, const char *given_oid, unsigned indx,
+		int raw, gnutls_datum_t * out)
+{
+	int k1, result;
+	char tmpbuffer1[MAX_NAME_SIZE];
+	char tmpbuffer3[MAX_NAME_SIZE];
+	char value[200];
+	gnutls_datum_t td;
+	char oid[MAX_OID_SIZE];
+	int len;
+
+	k1 = 0;
+	do {
+
+		k1++;
+		/* create a string like "attribute.?1"
+		 */
+		if (attr_name[0] != 0)
+			snprintf(tmpbuffer1, sizeof(tmpbuffer1), "%s.?%d",
+				 attr_name, k1);
+		else
+			snprintf(tmpbuffer1, sizeof(tmpbuffer1), "?%d",
+				 k1);
+
+		len = sizeof(value) - 1;
+		result =
+		    asn1_read_value(asn1_struct, tmpbuffer1, value, &len);
+
+		if (result == ASN1_ELEMENT_NOT_FOUND) {
+			gnutls_assert();
+			break;
+		}
+
+		if (result != ASN1_VALUE_NOT_FOUND) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		/* Move to the attribute type and values
+		 */
+		/* Read the OID
+		 */
+		_gnutls_str_cpy(tmpbuffer3, sizeof(tmpbuffer3),
+				tmpbuffer1);
+		_gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3), ".type");
+
+		len = sizeof(oid) - 1;
+		result =
+		    asn1_read_value(asn1_struct, tmpbuffer3, oid, &len);
+
+		if (result == ASN1_ELEMENT_NOT_FOUND)
+			break;
+		else if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		if (strcmp(oid, given_oid) == 0) {	/* Found the OID */
+
+			/* Read the Value
+			 */
+			snprintf(tmpbuffer3, sizeof(tmpbuffer3),
+				 "%s.values.?%u", tmpbuffer1, indx + 1);
+
+			len = sizeof(value) - 1;
+			result =
+			    _gnutls_x509_read_value(asn1_struct,
+						    tmpbuffer3, &td);
+
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				result = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			if (raw == 0) {
+				result =
+				    _gnutls_x509_dn_to_string
+				    (oid, td.data, td.size, out);
+
+				_gnutls_free_datum(&td);
+
+				if (result < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+				return 0;
+			} else {	/* raw!=0 */
+				out->data = td.data;
+				out->size = td.size;
+
+				return 0;
+			}
+		}
+
+	}
+	while (1);
+
+	gnutls_assert();
+
+	result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+      cleanup:
+	return result;
+}
+
+/* This function will attempt to set the requested attribute in
+ * the given X509v3 certificate.
+ *
+ * Critical will be either 0 or 1.
+ */
+static int
+add_attribute(asn1_node asn, const char *root, const char *attribute_id,
+	      const gnutls_datum_t * ext_data)
+{
+	int result;
+	char name[MAX_NAME_SIZE];
+
+	snprintf(name, sizeof(name), "%s", root);
+
+	/* Add a new attribute in the list.
+	 */
+	result = asn1_write_value(asn, name, "NEW", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	snprintf(name, sizeof(name), "%s.?LAST.type", root);
+
+	result = asn1_write_value(asn, name, attribute_id, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	snprintf(name, sizeof(name), "%s.?LAST.values", root);
+
+	result = asn1_write_value(asn, name, "NEW", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	snprintf(name, sizeof(name), "%s.?LAST.values.?LAST", root);
+
+	result = _gnutls_x509_write_value(asn, name, ext_data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+
+int
+_x509_set_attribute(asn1_node asn, const char *root,
+	      const char *ext_id, const gnutls_datum_t * ext_data)
+{
+	int result;
+	int k, len;
+	char name[MAX_NAME_SIZE], name2[MAX_NAME_SIZE];
+	char extnID[MAX_OID_SIZE];
+
+	/* Find the index of the given attribute.
+	 */
+	k = 0;
+	do {
+		k++;
+
+		snprintf(name, sizeof(name), "%s.?%d", root, k);
+
+		len = sizeof(extnID) - 1;
+		result = asn1_read_value(asn, name, extnID, &len);
+
+		/* move to next
+		 */
+
+		if (result == ASN1_ELEMENT_NOT_FOUND) {
+			break;
+		}
+
+		do {
+
+			_gnutls_str_cpy(name2, sizeof(name2), name);
+			_gnutls_str_cat(name2, sizeof(name2), ".type");
+
+			len = sizeof(extnID) - 1;
+			result = asn1_read_value(asn, name2, extnID, &len);
+
+			if (result == ASN1_ELEMENT_NOT_FOUND) {
+				gnutls_assert();
+				break;
+			} else if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				return _gnutls_asn2err(result);
+			}
+
+			/* Handle Extension
+			 */
+			if (strcmp(extnID, ext_id) == 0) {
+				/* attribute was found
+				 */
+				return overwrite_attribute(asn, root, k,
+							   ext_data);
+			}
+
+
+		}
+		while (0);
+	}
+	while (1);
+
+	if (result == ASN1_ELEMENT_NOT_FOUND) {
+		return add_attribute(asn, root, ext_id, ext_data);
+	} else {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+
+	return 0;
+}
diff --git a/lib/x509/attributes.h b/lib/x509/attributes.h
new file mode 100644
index 0000000..4ebb7dd
--- /dev/null
+++ b/lib/x509/attributes.h
@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_ATTRIBUTES_H
+#define GNUTLS_LIB_X509_ATTRIBUTES_H
+
+int
+_x509_parse_attribute(asn1_node asn1_struct,
+		const char *attr_name, const char *given_oid, unsigned indx,
+		int raw, gnutls_datum_t * out);
+
+int
+_x509_set_attribute(asn1_node asn, const char *root,
+	      const char *ext_id, const gnutls_datum_t * ext_data);
+
+#endif /* GNUTLS_LIB_X509_ATTRIBUTES_H */
diff --git a/lib/x509/common.c b/lib/x509/common.c
new file mode 100644
index 0000000..ca0b71c
--- /dev/null
+++ b/lib/x509/common.c
@@ -0,0 +1,1948 @@
+/*
+ * Copyright (C) 2003-2014 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <libtasn1.h>
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <str.h>
+#include <x509.h>
+#include <num.h>
+#include <x509_b64.h>
+#include <c-strcase.h>
+#include "x509_int.h"
+#include "extras/hex.h"
+#include <common.h>
+
+static int
+data2hex(const void *data, size_t data_size,
+	 gnutls_datum_t *out);
+
+#define ENTRY(oid, ldap, asn, etype) {oid, sizeof(oid)-1, ldap, sizeof(ldap)-1, asn, etype}
+
+/* when there is no name description */
+#define ENTRY_ND(oid, asn, etype) {oid, sizeof(oid)-1, NULL, 0, asn, etype}
+
+/* This list contains all the OIDs that may be
+ * contained in a rdnSequence and are printable.
+ */
+static const struct oid_to_string _oid2str[] = {
+	/* PKIX
+	 */
+	ENTRY("1.3.6.1.5.5.7.9.2", "placeOfBirth", "PKIX1.DirectoryString",
+	 ASN1_ETYPE_INVALID),
+	ENTRY("1.3.6.1.5.5.7.9.3", "gender", NULL, ASN1_ETYPE_PRINTABLE_STRING),
+	ENTRY("1.3.6.1.5.5.7.9.4", "countryOfCitizenship", NULL,
+	 ASN1_ETYPE_PRINTABLE_STRING),
+	ENTRY("1.3.6.1.5.5.7.9.5", "countryOfResidence", NULL,
+	 ASN1_ETYPE_PRINTABLE_STRING),
+
+	ENTRY("2.5.4.6", "C", NULL, ASN1_ETYPE_PRINTABLE_STRING),
+	ENTRY("2.5.4.9", "street", "PKIX1.DirectoryString", ASN1_ETYPE_INVALID),
+	ENTRY("2.5.4.12", "title", "PKIX1.DirectoryString", ASN1_ETYPE_INVALID),
+	ENTRY("2.5.4.10", "O", "PKIX1.DirectoryString", ASN1_ETYPE_INVALID),
+	ENTRY("2.5.4.11", "OU", "PKIX1.DirectoryString", ASN1_ETYPE_INVALID),
+	ENTRY("2.5.4.3", "CN", "PKIX1.DirectoryString", ASN1_ETYPE_INVALID),
+	ENTRY("2.5.4.7", "L", "PKIX1.DirectoryString", ASN1_ETYPE_INVALID),
+	ENTRY("2.5.4.8", "ST", "PKIX1.DirectoryString", ASN1_ETYPE_INVALID),
+	ENTRY("2.5.4.13", "description", "PKIX1.DirectoryString",
+	 ASN1_ETYPE_INVALID),
+
+	ENTRY("2.5.4.5", "serialNumber", NULL, ASN1_ETYPE_PRINTABLE_STRING),
+	ENTRY("2.5.4.20", "telephoneNumber", NULL, ASN1_ETYPE_PRINTABLE_STRING),
+	ENTRY("2.5.4.4", "surName", "PKIX1.DirectoryString",
+	 ASN1_ETYPE_INVALID),
+	ENTRY("2.5.4.43", "initials", "PKIX1.DirectoryString",
+	 ASN1_ETYPE_INVALID),
+	ENTRY("2.5.4.44", "generationQualifier", "PKIX1.DirectoryString",
+	 ASN1_ETYPE_INVALID),
+	ENTRY("2.5.4.42", "givenName", "PKIX1.DirectoryString",
+	 ASN1_ETYPE_INVALID),
+	ENTRY("2.5.4.65", "pseudonym", "PKIX1.DirectoryString",
+	 ASN1_ETYPE_INVALID),
+	ENTRY("2.5.4.46", "dnQualifier", NULL, ASN1_ETYPE_PRINTABLE_STRING),
+	ENTRY("2.5.4.17", "postalCode", "PKIX1.DirectoryString",
+	 ASN1_ETYPE_INVALID),
+	ENTRY("2.5.4.41", "name", "PKIX1.DirectoryString", ASN1_ETYPE_INVALID),
+	ENTRY("2.5.4.15", "businessCategory", "PKIX1.DirectoryString",
+	 ASN1_ETYPE_INVALID),
+
+	ENTRY("0.9.2342.19200300.100.1.25", "DC", NULL, ASN1_ETYPE_IA5_STRING),
+	ENTRY("0.9.2342.19200300.100.1.1", "UID", "PKIX1.DirectoryString",
+	 ASN1_ETYPE_INVALID),
+	ENTRY("1.2.840.113556.1.4.656", "userPrincipalName", "PKIX1.DirectoryString",
+	 ASN1_ETYPE_INVALID),
+
+	/* Extended validation
+	 */
+	ENTRY("1.3.6.1.4.1.311.60.2.1.1",
+	 "jurisdictionOfIncorporationLocalityName",
+	 "PKIX1.DirectoryString", ASN1_ETYPE_INVALID),
+	ENTRY("1.3.6.1.4.1.311.60.2.1.2",
+	 "jurisdictionOfIncorporationStateOrProvinceName",
+	 "PKIX1.DirectoryString", ASN1_ETYPE_INVALID),
+	ENTRY("1.3.6.1.4.1.311.60.2.1.3",
+	 "jurisdictionOfIncorporationCountryName",
+	 NULL, ASN1_ETYPE_PRINTABLE_STRING),
+
+	/* PKCS #9
+	 */
+	ENTRY("1.2.840.113549.1.9.1", "EMAIL", NULL, ASN1_ETYPE_IA5_STRING),
+	ENTRY_ND("1.2.840.113549.1.9.7", "PKIX1.pkcs-9-challengePassword",
+	 ASN1_ETYPE_INVALID),
+
+	/* friendly name */
+	ENTRY_ND("1.2.840.113549.1.9.20", NULL, ASN1_ETYPE_BMP_STRING),
+	/* local key id */
+	ENTRY_ND("1.2.840.113549.1.9.21", NULL, ASN1_ETYPE_OCTET_STRING),
+	ENTRY_ND("1.2.840.113549.1.9.4", NULL, ASN1_ETYPE_OCTET_STRING),
+
+	/* rfc3920 section 5.1.1 */
+	ENTRY("1.3.6.1.5.5.7.8.5", "XmppAddr", NULL, ASN1_ETYPE_UTF8_STRING),
+
+	/* Russian things: https://cdnimg.rg.ru/pril/66/91/91/23041_pril.pdf */
+	/* Main state registration number */
+	ENTRY("1.2.643.100.1", "OGRN", NULL, ASN1_ETYPE_NUMERIC_STRING),
+	/* Individual insurance account number */
+	ENTRY("1.2.643.100.3", "SNILS", NULL, ASN1_ETYPE_NUMERIC_STRING),
+	/* Main state registration number for individual enterpreneurs */
+	ENTRY("1.2.643.100.5", "OGRNIP", NULL, ASN1_ETYPE_NUMERIC_STRING),
+	/* VAT identification number */
+	ENTRY("1.2.643.3.131.1.1", "INN", NULL, ASN1_ETYPE_NUMERIC_STRING),
+
+	{NULL, 0, NULL, 0, NULL, 0}
+};
+
+const struct oid_to_string *_gnutls_oid_get_entry(const struct oid_to_string *ots, const char *oid)
+{
+	unsigned int i = 0;
+	unsigned len = strlen(oid);
+
+	do {
+		if (len == ots[i].oid_size &&
+			strcmp(ots[i].oid, oid) == 0)
+			return &ots[i];
+		i++;
+	}
+	while (ots[i].oid != NULL);
+
+	return NULL;
+}
+
+const char *_gnutls_oid_get_asn_desc(const char *oid)
+{
+	const struct oid_to_string *entry = _gnutls_oid_get_entry(_oid2str, oid);
+	return entry ? entry->asn_desc : NULL;
+}
+
+const char *_gnutls_ldap_string_to_oid(const char *str, unsigned str_len)
+{
+	unsigned int i = 0;
+
+	do {
+		if ((_oid2str[i].name_desc != NULL) &&
+		    (str_len == _oid2str[i].name_desc_size) &&
+		    (c_strncasecmp(_oid2str[i].name_desc, str, str_len) ==
+		     0))
+			return _oid2str[i].oid;
+		i++;
+	}
+	while (_oid2str[i].oid != NULL);
+
+	return NULL;
+}
+
+/* Escapes a string following the rules from RFC4514.
+ */
+static int str_escape(const gnutls_datum_t * str, gnutls_datum_t * escaped)
+{
+	unsigned int j, i;
+	uint8_t *buffer = NULL;
+	int ret;
+
+	if (str == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	/* the string will be at most twice the original */
+	buffer = gnutls_malloc(str->size * 2 + 2);
+	if (buffer == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	for (i = j = 0; i < str->size; i++) {
+		if (str->data[i] == 0) {
+			/* this is handled earlier */
+			ret = gnutls_assert_val(GNUTLS_E_ASN1_DER_ERROR);
+			goto cleanup;
+		}
+
+		if (str->data[i] == ',' || str->data[i] == '+'
+		    || str->data[i] == '"' || str->data[i] == '\\'
+		    || str->data[i] == '<' || str->data[i] == '>'
+		    || str->data[i] == ';' || str->data[i] == 0)
+			buffer[j++] = '\\';
+		else if (i == 0 && str->data[i] == '#')
+			buffer[j++] = '\\';
+		else if (i == 0 && str->data[i] == ' ')
+			buffer[j++] = '\\';
+		else if (i == (str->size - 1) && str->data[i] == ' ')
+			buffer[j++] = '\\';
+
+		buffer[j++] = str->data[i];
+	}
+
+	/* null terminate the string */
+	buffer[j] = 0;
+	escaped->data = buffer;
+	escaped->size = j;
+
+	return 0;
+      cleanup:
+	gnutls_free(buffer);
+	return ret;
+}
+
+/**
+ * gnutls_x509_dn_oid_known:
+ * @oid: holds an Object Identifier in a null terminated string
+ *
+ * This function will inform about known DN OIDs. This is useful since
+ * functions like gnutls_x509_crt_set_dn_by_oid() use the information
+ * on known OIDs to properly encode their input. Object Identifiers
+ * that are not known are not encoded by these functions, and their
+ * input is stored directly into the ASN.1 structure. In that case of
+ * unknown OIDs, you have the responsibility of DER encoding your
+ * data.
+ *
+ * Returns: 1 on known OIDs and 0 otherwise.
+ **/
+int gnutls_x509_dn_oid_known(const char *oid)
+{
+	return _gnutls_oid_get_entry(_oid2str, oid) != NULL;
+}
+
+/**
+ * gnutls_x509_dn_oid_name:
+ * @oid: holds an Object Identifier in a null terminated string
+ * @flags: 0 or GNUTLS_X509_DN_OID_*
+ *
+ * This function will return the name of a known DN OID. If
+ * %GNUTLS_X509_DN_OID_RETURN_OID is specified this function
+ * will return the given OID if no descriptive name has been
+ * found.
+ *
+ * Returns: A null terminated string or NULL otherwise.
+ *
+ * Since: 3.0
+ **/
+const char *gnutls_x509_dn_oid_name(const char *oid, unsigned int flags)
+{
+	const struct oid_to_string *entry =_gnutls_oid_get_entry(_oid2str, oid);
+
+	if (entry && entry->name_desc)
+		return entry->name_desc;
+	if (flags & GNUTLS_X509_DN_OID_RETURN_OID)
+		return oid;
+	else
+		return NULL;
+}
+
+static int
+make_printable_string(unsigned etype, const gnutls_datum_t * input,
+		      gnutls_datum_t * out)
+{
+	int printable = 0;
+	int ret;
+
+	/* empty input strings result to a null string */
+	if (input->data == NULL || input->size == 0) {
+		out->data = gnutls_calloc(1, 1);
+		if (out->data == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		out->size = 0;
+		return 0;
+	}
+
+	if (etype == ASN1_ETYPE_BMP_STRING) {
+		ret = _gnutls_ucs2_to_utf8(input->data, input->size, out, 1);
+		if (ret < 0) {
+			/* could not convert. Handle it as non-printable */
+			printable = 0;
+		} else
+			printable = 1;
+	} else if (etype == ASN1_ETYPE_TELETEX_STRING) {
+		/* HACK: if the teletex string contains only ascii
+		 * characters then treat it as printable.
+		 */
+		if (_gnutls_str_is_print((char*)input->data, input->size)) {
+			out->data = gnutls_malloc(input->size + 1);
+			if (out->data == NULL)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_MEMORY_ERROR);
+
+			memcpy(out->data, input->data, input->size);
+			out->size = input->size;
+
+			out->data[out->size] = 0;
+
+			printable = 1;
+		}
+	} else if (etype != ASN1_ETYPE_UNIVERSAL_STRING)	/* supported but not printable */
+		return GNUTLS_E_INVALID_REQUEST;
+
+	if (printable == 0) {	/* need to allocate out */
+		ret = data2hex(input->data, input->size, out);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	return 0;
+}
+
+static int
+decode_complex_string(const struct oid_to_string *oentry, void *value,
+		      int value_size, gnutls_datum_t * out)
+{
+	char str[MAX_STRING_LEN], tmpname[128];
+	int len = -1, result;
+	asn1_node tmpasn = NULL;
+	char asn1_err[ASN1_MAX_ERROR_DESCRIPTION_SIZE] = "";
+	unsigned int etype;
+	gnutls_datum_t td = {NULL, 0};
+
+	if (oentry->asn_desc == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(), oentry->asn_desc,
+				 &tmpasn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if ((result =
+	     _asn1_strict_der_decode(&tmpasn, value, value_size,
+			       asn1_err)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		_gnutls_debug_log("_asn1_strict_der_decode: %s\n", asn1_err);
+		asn1_delete_structure(&tmpasn);
+		return _gnutls_asn2err(result);
+	}
+
+	/* Read the type of choice.
+	 */
+	len = sizeof(str) - 1;
+	if ((result = asn1_read_value(tmpasn, "", str, &len)) != ASN1_SUCCESS) {	/* CHOICE */
+		gnutls_assert();
+		asn1_delete_structure(&tmpasn);
+		return _gnutls_asn2err(result);
+	}
+
+	str[len] = 0;
+
+	/* We set the etype on the strings that may need
+	 * some conversion to UTF-8. The INVALID flag indicates
+	 * no conversion needed */
+	if (strcmp(str, "teletexString") == 0)
+		etype = ASN1_ETYPE_TELETEX_STRING;
+	else if (strcmp(str, "bmpString") == 0)
+		etype = ASN1_ETYPE_BMP_STRING;
+	else if (strcmp(str, "universalString") == 0)
+		etype = ASN1_ETYPE_UNIVERSAL_STRING;
+	else
+		etype = ASN1_ETYPE_INVALID;
+
+	_gnutls_str_cpy(tmpname, sizeof(tmpname), str);
+
+	result = _gnutls_x509_read_value(tmpasn, tmpname, &td);
+	asn1_delete_structure(&tmpasn);
+	if (result < 0)
+		return gnutls_assert_val(result);
+
+	if (etype != ASN1_ETYPE_INVALID) {
+		result = make_printable_string(etype, &td, out);
+
+		_gnutls_free_datum(&td);
+
+		if (result < 0)
+			return gnutls_assert_val(result);
+	} else {
+		out->data = td.data;
+		out->size = td.size;
+		/* _gnutls_x509_read_value always null terminates */
+	}
+
+	assert(out->data != NULL);
+
+	/* Refuse to deal with strings containing NULs. */
+	if (strlen((void *) out->data) != (size_t) out->size) {
+		_gnutls_free_datum(out);
+		return gnutls_assert_val(GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING);
+	}
+
+	return 0;
+}
+
+
+/* This function will convert an attribute value, specified by the OID,
+ * to a string. The result will be a null terminated string.
+ *
+ * res may be null. This will just return the res_size, needed to
+ * hold the string.
+ */
+int
+_gnutls_x509_dn_to_string(const char *oid, void *value,
+			  int value_size, gnutls_datum_t * str)
+{
+	const struct oid_to_string *oentry;
+	int ret;
+	gnutls_datum_t tmp = {NULL, 0};
+
+	if (value == NULL || value_size <= 0) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	oentry = _gnutls_oid_get_entry(_oid2str, oid);
+	if (oentry == NULL) {	/* unknown OID -> hex */
+ unknown_oid:
+		ret = data2hex(value, value_size, str);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+		return 0;
+	}
+
+	if (oentry->asn_desc != NULL) {	/* complex */
+		ret =
+		    decode_complex_string(oentry, value, value_size, &tmp);
+		if (ret < 0) {
+			/* we failed decoding -> handle it as unknown OID */
+			goto unknown_oid;
+		}
+	} else {
+		ret =
+		    _gnutls_x509_decode_string(oentry->etype, value,
+					       value_size, &tmp, 0);
+		if (ret < 0) {
+			/* we failed decoding -> handle it as unknown OID */
+			goto unknown_oid;
+		}
+	}
+
+	ret = str_escape(&tmp, str);
+	_gnutls_free_datum(&tmp);
+
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+/* Converts a data string to an LDAP rfc2253 hex string
+ * something like '#01020304'
+ */
+static int
+data2hex(const void *data, size_t data_size,
+	 gnutls_datum_t *out)
+{
+	gnutls_datum_t tmp, td;
+	int ret;
+	size_t size;
+
+	td.size = hex_str_size(data_size) + 1; /* +1 for '#' */
+	td.data = gnutls_malloc(td.size);
+	if (td.data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	tmp.data = (void*)data;
+	tmp.size = data_size;
+
+	td.data[0] = '#';
+	size = td.size-1; /* don't include '#' */
+	ret =
+	    gnutls_hex_encode(&tmp,
+			    (char*)&td.data[1], &size);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_free(td.data);
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	td.size--; /* don't include null */
+
+	out->data = td.data;
+	out->size = td.size;
+
+	return 0;
+}
+
+gnutls_x509_subject_alt_name_t _gnutls_x509_san_find_type(char *str_type)
+{
+	if (strcmp(str_type, "dNSName") == 0)
+		return GNUTLS_SAN_DNSNAME;
+	if (strcmp(str_type, "rfc822Name") == 0)
+		return GNUTLS_SAN_RFC822NAME;
+	if (strcmp(str_type, "uniformResourceIdentifier") == 0)
+		return GNUTLS_SAN_URI;
+	if (strcmp(str_type, "iPAddress") == 0)
+		return GNUTLS_SAN_IPADDRESS;
+	if (strcmp(str_type, "otherName") == 0)
+		return GNUTLS_SAN_OTHERNAME;
+	if (strcmp(str_type, "directoryName") == 0)
+		return GNUTLS_SAN_DN;
+	if (strcmp(str_type, "registeredID") == 0)
+		return GNUTLS_SAN_REGISTERED_ID;
+
+	return (gnutls_x509_subject_alt_name_t) - 1;
+}
+
+/* A generic export function. Will export the given ASN.1 encoded data
+ * to PEM or DER raw data.
+ */
+int
+_gnutls_x509_export_int_named(asn1_node asn1_data, const char *name,
+			      gnutls_x509_crt_fmt_t format,
+			      const char *pem_header,
+			      unsigned char *output_data,
+			      size_t * output_data_size)
+{
+	int ret;
+	gnutls_datum_t out = {NULL,0};
+	size_t size;
+
+	ret = _gnutls_x509_export_int_named2(asn1_data, name,
+					     format, pem_header, &out);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (format == GNUTLS_X509_FMT_PEM)
+		size = out.size + 1;
+	else
+		size = out.size;
+
+	if (*output_data_size < size) {
+		*output_data_size = size;
+		ret = gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+		goto cleanup;
+	}
+
+	*output_data_size = (size_t) out.size;
+	if (output_data) {
+		if (out.size > 0) {
+			memcpy(output_data, out.data, (size_t) out.size);
+		}
+		if (format == GNUTLS_X509_FMT_PEM)
+			output_data[out.size] = 0;
+	}
+
+	ret = 0;
+
+      cleanup:
+	gnutls_free(out.data);
+
+	return ret;
+}
+
+/* A generic export function. Will export the given ASN.1 encoded data
+ * to PEM or DER raw data.
+ */
+int
+_gnutls_x509_export_int_named2(asn1_node asn1_data, const char *name,
+			       gnutls_x509_crt_fmt_t format,
+			       const char *pem_header,
+			       gnutls_datum_t * out)
+{
+	int ret;
+
+	if (format == GNUTLS_X509_FMT_DER) {
+		ret = _gnutls_x509_der_encode(asn1_data, name, out, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	} else {		/* PEM */
+		gnutls_datum_t tmp;
+
+		ret = _gnutls_x509_der_encode(asn1_data, name, &tmp, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    _gnutls_fbase64_encode(pem_header, tmp.data, tmp.size,
+					   out);
+		_gnutls_free_datum(&tmp);
+
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+/* Decodes an octet string. The etype specifies the string type.
+ * The returned string is always null terminated (but null is not
+ * included in size).
+ */
+int
+_gnutls_x509_decode_string(unsigned int etype,
+			   const uint8_t * der, size_t der_size,
+			   gnutls_datum_t * output, unsigned allow_ber)
+{
+	int ret;
+	uint8_t *str;
+	unsigned int str_size, len;
+	gnutls_datum_t td;
+
+	output->data = NULL;
+	output->size = 0;
+
+	if (allow_ber)
+		ret =
+		    asn1_decode_simple_ber(etype, der, der_size, &str, &str_size, NULL);
+	else
+		ret =
+		    asn1_decode_simple_der(etype, der, der_size, (const uint8_t**)&str, &str_size);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		return ret;
+	}
+
+	td.size = str_size;
+	td.data = gnutls_malloc(str_size + 1);
+	if (td.data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+        if (str_size > 0)
+                memcpy(td.data, str, str_size);
+	td.data[str_size] = 0;
+
+	if (allow_ber)
+		free(str);
+
+	ret = make_printable_string(etype, &td, output);
+	if (ret == GNUTLS_E_INVALID_REQUEST) {	/* unsupported etype */
+		output->data = td.data;
+		output->size = td.size;
+		ret = 0;
+	} else if (ret <= 0) {
+		_gnutls_free_datum(&td);
+	}
+
+	/* Refuse to deal with strings containing NULs. */
+	if (etype != ASN1_ETYPE_OCTET_STRING) {
+		if (output->data)
+			len = strlen((void *) output->data);
+		else
+			len = 0;
+
+		if (len != (size_t) output->size) {
+			_gnutls_free_datum(output);
+			ret = gnutls_assert_val(GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING);
+		}
+	}
+
+	return ret;
+}
+
+
+/* Reads a value from an ASN1 tree, and puts the output
+ * in an allocated variable in the given datum.
+ *
+ * Note that this function always allocates one plus
+ * the required data size (and places a null byte).
+ */
+static int
+x509_read_value(asn1_node c, const char *root,
+		gnutls_datum_t * ret, unsigned allow_null)
+{
+	int len = 0, result;
+	uint8_t *tmp = NULL;
+	unsigned int etype;
+
+	result = asn1_read_value_type(c, root, NULL, &len, &etype);
+	if (result == 0 && allow_null == 0 && len == 0) {
+		/* don't allow null strings */
+		return gnutls_assert_val(GNUTLS_E_ASN1_DER_ERROR);
+	} else if (result == 0 && allow_null == 0 && etype == ASN1_ETYPE_OBJECT_ID && len == 1) {
+		return gnutls_assert_val(GNUTLS_E_ASN1_DER_ERROR);
+	}
+
+	if (result != ASN1_MEM_ERROR) {
+		if (result != ASN1_SUCCESS || allow_null == 0 || len != 0) {
+			result = _gnutls_asn2err(result);
+			return result;
+		}
+	}
+
+	if (etype == ASN1_ETYPE_BIT_STRING) {
+		len = (len + 7) / 8;
+	}
+
+	tmp = gnutls_malloc((size_t) len + 1);
+	if (tmp == NULL) {
+		gnutls_assert();
+		result = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	if (len > 0) {
+		result = asn1_read_value(c, root, tmp, &len);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		switch (etype) {
+		case ASN1_ETYPE_BIT_STRING:
+			ret->size = (len + 7) / 8;
+			break;
+		case ASN1_ETYPE_OBJECT_ID:
+			if (len > 0) {
+				ret->size = len - 1;
+			} else {
+				result = gnutls_assert_val(GNUTLS_E_ASN1_DER_ERROR);
+				goto cleanup;
+			}
+			break;
+		default:
+			ret->size = (unsigned) len;
+			break;
+		}
+	} else {
+		ret->size = 0;
+	}
+
+	tmp[ret->size] = 0;
+	ret->data = tmp;
+
+	return 0;
+
+      cleanup:
+	gnutls_free(tmp);
+	return result;
+}
+
+int
+_gnutls_x509_read_value(asn1_node c, const char *root,
+			gnutls_datum_t * ret)
+{
+	return x509_read_value(c, root, ret, 0);
+}
+
+int
+_gnutls_x509_read_null_value(asn1_node c, const char *root,
+			gnutls_datum_t * ret)
+{
+	return x509_read_value(c, root, ret, 1);
+}
+
+/* Reads a value from an ASN1 tree, then interprets it as the provided
+ * type of string and returns the output in an allocated variable.
+ *
+ * Note that this function always places a null character
+ * at the end of a readable string value (which is not accounted into size)
+ */
+int
+_gnutls_x509_read_string(asn1_node c, const char *root,
+			 gnutls_datum_t * ret, unsigned int etype, unsigned int allow_ber)
+{
+	int len = 0, result;
+	size_t slen;
+	uint8_t *tmp = NULL;
+	unsigned rtype;
+
+	result = asn1_read_value_type(c, root, NULL, &len, &rtype);
+	if (result != ASN1_MEM_ERROR) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		return result;
+	}
+
+	if (rtype == ASN1_ETYPE_BIT_STRING)
+		len /= 8;
+
+	tmp = gnutls_malloc((size_t) len + 1);
+	if (tmp == NULL) {
+		gnutls_assert();
+		result = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	result = asn1_read_value(c, root, tmp, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (rtype == ASN1_ETYPE_BIT_STRING)
+		len /= 8;
+
+	/* Extract the STRING.
+	 */
+	slen = (size_t) len;
+
+	result = _gnutls_x509_decode_string(etype, tmp, slen, ret, allow_ber);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	gnutls_free(tmp);
+
+	return 0;
+
+      cleanup:
+	gnutls_free(tmp);
+	return result;
+}
+
+/* The string type should be IA5String, UTF8String etc. Leave
+ * null for octet string */
+int _gnutls_x509_encode_string(unsigned int etype,
+			       const void *input_data, size_t input_size,
+			       gnutls_datum_t * output)
+{
+	uint8_t tl[ASN1_MAX_TL_SIZE];
+	unsigned int tl_size;
+	int ret;
+
+	tl_size = sizeof(tl);
+	ret =
+	    asn1_encode_simple_der(etype, input_data, input_size, tl,
+				   &tl_size);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		return ret;
+	}
+
+	output->data = gnutls_malloc(tl_size + input_size);
+	if (output->data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	memcpy(output->data, tl, tl_size);
+	memcpy(output->data + tl_size, input_data, input_size);
+
+	output->size = tl_size + input_size;
+
+	return 0;
+}
+
+/* DER Encodes the src asn1_node and stores it to
+ * the given datum. If str is non zero then the data are encoded as
+ * an OCTET STRING.
+ */
+int
+_gnutls_x509_der_encode(asn1_node src, const char *src_name,
+			gnutls_datum_t * res, int str)
+{
+	int size, result;
+	int asize;
+	uint8_t *data = NULL;
+	asn1_node c2 = NULL;
+
+	size = 0;
+	result = asn1_der_coding(src, src_name, NULL, &size, NULL);
+	/* this check explicitly covers the case where size == 0 && result == 0 */
+	if (result != ASN1_MEM_ERROR) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* allocate data for the der
+	 */
+
+	if (str)
+		size += 16;	/* for later to include the octet tags */
+	asize = size;
+
+	data = gnutls_malloc((size_t) size);
+	if (data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	result = asn1_der_coding(src, src_name, data, &size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (str) {
+		if ((result = asn1_create_element
+		     (_gnutls_get_pkix(), "PKIX1.pkcs-7-Data",
+		      &c2)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		result = asn1_write_value(c2, "", data, size);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		result = asn1_der_coding(c2, "", data, &asize, NULL);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		size = asize;
+
+		asn1_delete_structure(&c2);
+	}
+
+	res->data = data;
+	res->size = (unsigned) size;
+	return 0;
+
+      cleanup:
+	gnutls_free(data);
+	asn1_delete_structure(&c2);
+	return result;
+
+}
+
+/* DER Encodes the src asn1_node and stores it to
+ * dest in dest_name. Useful to encode something and store it
+ * as OCTET. If str is non null then the data are encoded as
+ * an OCTET STRING.
+ */
+int
+_gnutls_x509_der_encode_and_copy(asn1_node src, const char *src_name,
+				 asn1_node dest, const char *dest_name,
+				 int str)
+{
+	int result;
+	gnutls_datum_t encoded = {NULL, 0};
+
+	result = _gnutls_x509_der_encode(src, src_name, &encoded, str);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	/* Write the data.
+	 */
+	result =
+	    asn1_write_value(dest, dest_name, encoded.data,
+			     (int) encoded.size);
+
+	_gnutls_free_datum(&encoded);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/* Writes the value of the datum in the given asn1_node.
+ */
+int
+_gnutls_x509_write_value(asn1_node c, const char *root,
+			 const gnutls_datum_t * data)
+{
+	int ret;
+
+	/* Write the data.
+	 */
+	ret = asn1_write_value(c, root, data->data, data->size);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	return 0;
+}
+
+/* Writes the value of the datum in the given asn1_node as a string.
+ */
+int
+_gnutls_x509_write_string(asn1_node c, const char *root,
+			  const gnutls_datum_t * data, unsigned int etype)
+{
+	int ret;
+	gnutls_datum_t val = { NULL, 0 };
+
+	ret =
+	    _gnutls_x509_encode_string(etype, data->data, data->size,
+				       &val);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* Write the data.
+	 */
+	ret = asn1_write_value(c, root, val.data, val.size);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	_gnutls_free_datum(&val);
+	return ret;
+}
+
+void
+_asnstr_append_name(char *name, size_t name_size, const char *part1,
+		    const char *part2)
+{
+	if (part1[0] != 0) {
+		_gnutls_str_cpy(name, name_size, part1);
+		_gnutls_str_cat(name, name_size, part2);
+	} else
+		_gnutls_str_cpy(name, name_size,
+				part2 + 1 /* remove initial dot */ );
+}
+
+
+
+/* Encodes and copies the private key parameters into a
+ * subjectPublicKeyInfo structure.
+ *
+ */
+int
+_gnutls_x509_encode_and_copy_PKI_params(asn1_node dst,
+					const char *dst_name,
+					const gnutls_pk_params_st * params)
+{
+	const char *oid;
+	gnutls_datum_t der = { NULL, 0 };
+	int result;
+	char name[128];
+
+	oid = gnutls_pk_get_oid(params->algo);
+	if (oid == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
+	}
+
+	/* write the OID
+	 */
+	_asnstr_append_name(name, sizeof(name), dst_name,
+			    ".algorithm.algorithm");
+
+	result = asn1_write_value(dst, name, oid, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result =
+	    _gnutls_x509_write_pubkey_params(params, &der);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	_asnstr_append_name(name, sizeof(name), dst_name,
+			    ".algorithm.parameters");
+
+	result = asn1_write_value(dst, name, der.data, der.size);
+	_gnutls_free_datum(&der);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _gnutls_x509_write_pubkey(params, &der);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	/* Write the DER parameters. (in bits)
+	 */
+	_asnstr_append_name(name, sizeof(name), dst_name,
+			    ".subjectPublicKey");
+	result = asn1_write_value(dst, name, der.data, der.size * 8);
+	_gnutls_free_datum(&der);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/* Encodes and public key parameters into a
+ * subjectPublicKeyInfo structure and stores it in der.
+ */
+int
+_gnutls_x509_encode_PKI_params(gnutls_datum_t * der,
+			       const gnutls_pk_params_st * params)
+{
+	int ret;
+	asn1_node tmp;
+
+	ret = asn1_create_element(_gnutls_get_pkix(),
+				  "PKIX1.Certificate", &tmp);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	ret = _gnutls_x509_encode_and_copy_PKI_params(tmp,
+						      "tbsCertificate.subjectPublicKeyInfo",
+						      params);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_der_encode(tmp,
+				    "tbsCertificate.subjectPublicKeyInfo",
+				    der, 0);
+
+      cleanup:
+	asn1_delete_structure(&tmp);
+
+	return ret;
+}
+
+/* Reads and returns the PK algorithm of the given certificate-like
+ * ASN.1 structure. src_name should be something like "tbsCertificate.subjectPublicKeyInfo".
+ */
+int
+_gnutls_x509_get_pk_algorithm(asn1_node src, const char *src_name,
+			      gnutls_ecc_curve_t *curve,
+			      unsigned int *bits)
+{
+	int result;
+	int algo;
+	char oid[64];
+	int len;
+	gnutls_ecc_curve_t lcurve = GNUTLS_ECC_CURVE_INVALID;
+	char name[128];
+
+	_asnstr_append_name(name, sizeof(name), src_name,
+			    ".algorithm.algorithm");
+	len = sizeof(oid);
+	result = asn1_read_value(src, name, oid, &len);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	algo = _gnutls_oid_to_pk_and_curve(oid, &lcurve);
+	if (algo == GNUTLS_PK_UNKNOWN) {
+		_gnutls_debug_log
+		    ("%s: unknown public key algorithm: %s\n", __func__,
+		     oid);
+	}
+
+	if (curve)
+		*curve = lcurve;
+
+	if (bits == NULL) {
+		return algo;
+	}
+
+	/* Now read the parameters' bits
+	 */
+	if (lcurve != GNUTLS_ECC_CURVE_INVALID) { /* curve present */
+		bits[0] = gnutls_ecc_curve_get_size(lcurve)*8;
+	} else {
+		gnutls_pk_params_st params;
+		gnutls_pk_params_init(&params);
+
+		result = _gnutls_get_asn_mpis(src, src_name, &params);
+		if (result < 0)
+			return gnutls_assert_val(result);
+
+		bits[0] = pubkey_to_bits(&params);
+		gnutls_pk_params_release(&params);
+	}
+
+	return algo;
+}
+
+/* Reads the DER signed data from the certificate and allocates space and
+ * returns them into signed_data.
+ */
+int
+_gnutls_x509_get_signed_data(asn1_node src,  const gnutls_datum_t *der,
+			     const char *src_name,
+			     gnutls_datum_t * signed_data)
+{
+	int start, end, result;
+
+	if (der == NULL || der->size == 0) {
+		return _gnutls_x509_der_encode(src, src_name, signed_data, 0);
+	}
+
+	/* Get the signed data
+	 */
+	result = asn1_der_decoding_startEnd(src, der->data, der->size,
+					    src_name, &start, &end);
+	if (result != ASN1_SUCCESS) {
+		result = _gnutls_asn2err(result);
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result =
+	    _gnutls_set_datum(signed_data, &der->data[start],
+			      end - start + 1);
+
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+      cleanup:
+	return result;
+}
+
+/*-
+ * gnutls_x509_get_signature_algorithm:
+ * @src: should contain an asn1_node structure
+ * @src_name: the description of the signature field
+ *
+ * This function will return a value of the #gnutls_sign_algorithm_t
+ * enumeration that is the signature algorithm that has been used to
+ * sign this certificate.
+ *
+ * Returns: a #gnutls_sign_algorithm_t value, or a negative error code on
+ *   error.
+ -*/
+int
+_gnutls_x509_get_signature_algorithm(asn1_node src, const char *src_name)
+{
+	int result;
+	char name[128];
+	gnutls_datum_t sa = {NULL, 0};
+
+	_gnutls_str_cpy(name, sizeof(name), src_name);
+	_gnutls_str_cat(name, sizeof(name), ".algorithm");
+
+	/* Read the signature algorithm */
+	result = _gnutls_x509_read_value(src, name, &sa);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	/* Read the signature parameters. Unless the algorithm is
+	 * RSA-PSS, parameters are not read. They will be read from
+	 * the issuer's certificate if needed.
+	 */
+	if (sa.data && strcmp ((char *) sa.data, PK_PKIX1_RSA_PSS_OID) == 0) {
+		gnutls_datum_t der = {NULL, 0};
+		gnutls_x509_spki_st params;
+
+		_gnutls_str_cpy(name, sizeof(name), src_name);
+		_gnutls_str_cat(name, sizeof(name), ".parameters");
+
+		result = _gnutls_x509_read_value(src, name, &der);
+		if (result < 0) {
+			_gnutls_free_datum(&sa);
+			return gnutls_assert_val(result);
+		}
+
+		result = _gnutls_x509_read_rsa_pss_params(der.data, der.size,
+							  &params);
+		_gnutls_free_datum(&der);
+
+		if (result == 0)
+			result = gnutls_pk_to_sign(params.pk, params.rsa_pss_dig);
+	} else if (sa.data) {
+		result = gnutls_oid_to_sign((char *) sa.data);
+	} else {
+		result = GNUTLS_E_UNKNOWN_ALGORITHM;
+	}
+
+	_gnutls_free_datum(&sa);
+
+	if (result == GNUTLS_SIGN_UNKNOWN)
+		result = GNUTLS_E_UNKNOWN_ALGORITHM;
+
+	return result;
+}
+
+
+/* Reads the DER signature from the certificate and allocates space and
+ * returns them into signed_data.
+ */
+int
+_gnutls_x509_get_signature(asn1_node src, const char *src_name,
+			   gnutls_datum_t * signature)
+{
+	int result, len;
+	int bits;
+
+	signature->data = NULL;
+	signature->size = 0;
+
+	/* Read the signature
+	 */
+	len = 0;
+	result = asn1_read_value(src, src_name, NULL, &len);
+
+	if (result != ASN1_MEM_ERROR) {
+		result = _gnutls_asn2err(result);
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	bits = len;
+	if (bits % 8 != 0 || bits < 8) {
+		gnutls_assert();
+		result = GNUTLS_E_CERTIFICATE_ERROR;
+		goto cleanup;
+	}
+
+	len = bits / 8;
+
+	signature->data = gnutls_malloc(len);
+	if (signature->data == NULL) {
+		gnutls_assert();
+		result = GNUTLS_E_MEMORY_ERROR;
+		return result;
+	}
+
+	/* read the bit string of the signature
+	 */
+	bits = len;
+	result =
+	    asn1_read_value(src, src_name, signature->data, &bits);
+
+	if (result != ASN1_SUCCESS) {
+		result = _gnutls_asn2err(result);
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	signature->size = len;
+
+	return 0;
+
+ cleanup:
+	gnutls_free(signature->data);
+	return result;
+}
+
+/* ASN.1 PrintableString rules */
+static int is_printable(char p)
+{
+	if ((p >= 'a' && p <= 'z') || (p >= 'A' && p <= 'Z') ||
+	    (p >= '0' && p <= '9') || p == ' ' || p == '(' || p == ')' ||
+	    p == '+' || p == ',' || p == '-' || p == '.' || p == '/' ||
+	    p == ':' || p == '=' || p == '?')
+		return 1;
+
+	return 0;
+}
+
+static int write_complex_string(asn1_node asn_struct, const char *where,
+				const struct oid_to_string *oentry,
+				const uint8_t * data, size_t data_size)
+{
+	char tmp[128];
+	asn1_node c2;
+	int result;
+	const char *string_type;
+	unsigned int i;
+
+	result =
+	    asn1_create_element(_gnutls_get_pkix(), oentry->asn_desc, &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	tmp[0] = 0;
+
+	string_type = "printableString";
+
+	/* Check if the data is ASN.1 printable, and use
+	 * the UTF8 string type if not.
+	 */
+	for (i = 0; i < data_size; i++) {
+		if (!is_printable(data[i])) {
+			string_type = "utf8String";
+			break;
+		}
+	}
+
+	/* if the type is a CHOICE then write the
+	 * type we'll use.
+	 */
+	result = asn1_write_value(c2, "", string_type, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	_gnutls_str_cpy(tmp, sizeof(tmp), string_type);
+
+	result = asn1_write_value(c2, tmp, data, data_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result =
+	    _gnutls_x509_der_encode_and_copy(c2, "", asn_struct, where, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	result = 0;
+
+      error:
+	asn1_delete_structure(&c2);
+	return result;
+}
+
+
+/* This will encode and write the AttributeTypeAndValue field.
+ * 'multi' must be (0) if writing an AttributeTypeAndValue, and 1 if Attribute.
+ * In all cases only one value is written.
+ */
+int
+_gnutls_x509_encode_and_write_attribute(const char *given_oid,
+					asn1_node asn1_struct,
+					const char *where,
+					const void *_data,
+					int data_size, int multi)
+{
+	const uint8_t *data = _data;
+	char tmp[128];
+	int result;
+	const struct oid_to_string *oentry;
+
+	oentry = _gnutls_oid_get_entry(_oid2str, given_oid);
+	if (oentry == NULL) {
+		gnutls_assert();
+		_gnutls_debug_log("Cannot find OID: %s\n", given_oid);
+		return GNUTLS_E_X509_UNSUPPORTED_OID;
+	}
+
+	/* write the data (value)
+	 */
+
+	_gnutls_str_cpy(tmp, sizeof(tmp), where);
+	_gnutls_str_cat(tmp, sizeof(tmp), ".value");
+
+	if (multi != 0) {	/* if not writing an AttributeTypeAndValue, but an Attribute */
+		_gnutls_str_cat(tmp, sizeof(tmp), "s");	/* values */
+
+		result = asn1_write_value(asn1_struct, tmp, "NEW", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto error;
+		}
+
+		_gnutls_str_cat(tmp, sizeof(tmp), ".?LAST");
+	}
+
+	if (oentry->asn_desc != NULL) {	/* write a complex string API */
+		result =
+		    write_complex_string(asn1_struct, tmp, oentry, data,
+					 data_size);
+		if (result < 0)
+			return gnutls_assert_val(result);
+	} else {		/* write a simple string */
+
+		gnutls_datum_t td;
+
+		td.data = (void *) data;
+		td.size = data_size;
+		result =
+		    _gnutls_x509_write_string(asn1_struct, tmp, &td,
+					      oentry->etype);
+		if (result < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	}
+
+	/* write the type
+	 */
+	_gnutls_str_cpy(tmp, sizeof(tmp), where);
+	_gnutls_str_cat(tmp, sizeof(tmp), ".type");
+
+	result = asn1_write_value(asn1_struct, tmp, given_oid, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result = 0;
+
+      error:
+	return result;
+}
+
+/* copies a datum to a buffer. If it doesn't fit it returns
+ * GNUTLS_E_SHORT_MEMORY_BUFFER. It always deinitializes the datum
+ * after the copy.
+ *
+ * The buffer will always be null terminated.
+ */
+int _gnutls_strdatum_to_buf(gnutls_datum_t * d, void *buf,
+			    size_t * buf_size)
+{
+	int ret;
+	uint8_t *_buf = buf;
+
+	if (buf == NULL || *buf_size < d->size + 1) {
+		*buf_size = d->size + 1;
+		ret = gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+		goto cleanup;
+	}
+	memcpy(buf, d->data, d->size);
+	_buf[d->size] = 0;
+
+	*buf_size = d->size;
+	ret = 0;
+
+      cleanup:
+	_gnutls_free_datum(d);
+
+	return ret;
+}
+
+int
+_gnutls_x509_get_raw_field2(asn1_node c2, const gnutls_datum_t * raw,
+			 const char *whom, gnutls_datum_t * dn)
+{
+	int result, len1;
+	int start1, end1;
+	result =
+	    asn1_der_decoding_startEnd(c2, raw->data, raw->size,
+				       whom, &start1, &end1);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	len1 = end1 - start1 + 1;
+
+	dn->data = &raw->data[start1];
+	dn->size = len1;
+	result = 0;
+
+      cleanup:
+	return result;
+}
+
+int _gnutls_copy_string(const gnutls_datum_t* str, uint8_t *out, size_t *out_size)
+{
+unsigned size_to_check;
+
+	size_to_check = str->size + 1;
+
+	if ((unsigned) size_to_check > *out_size) {
+		gnutls_assert();
+		(*out_size) = size_to_check;
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	if (out != NULL && str->data != NULL) {
+		memcpy(out, str->data, str->size);
+		out[str->size] = 0;
+	} else if (out != NULL) {
+		out[0] = 0;
+	}
+	*out_size = str->size;
+
+	return 0;
+}
+
+int _gnutls_copy_data(const gnutls_datum_t* str, uint8_t *out, size_t *out_size)
+{
+	if ((unsigned) str->size > *out_size) {
+		gnutls_assert();
+		(*out_size) = str->size;
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	if (out != NULL && str->data != NULL) {
+		memcpy(out, str->data, str->size);
+	}
+	*out_size = str->size;
+
+	return 0;
+}
+
+/* Converts an X.509 certificate to subjectPublicKeyInfo */
+int x509_crt_to_raw_pubkey(gnutls_x509_crt_t crt,
+			   gnutls_datum_t * rpubkey)
+{
+	gnutls_pubkey_t pubkey = NULL;
+	int ret;
+
+	ret = gnutls_pubkey_init(&pubkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pubkey_import_x509(pubkey, crt, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    gnutls_pubkey_export2(pubkey, GNUTLS_X509_FMT_DER, rpubkey);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	gnutls_pubkey_deinit(pubkey);
+	return ret;
+}
+
+/* Converts an X.509 certificate to subjectPublicKeyInfo */
+int _gnutls_x509_raw_crt_to_raw_pubkey(const gnutls_datum_t * cert,
+			   gnutls_datum_t * rpubkey)
+{
+	gnutls_x509_crt_t crt = NULL;
+	int ret;
+
+	ret = gnutls_x509_crt_init(&crt);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_x509_crt_import(crt, cert, GNUTLS_X509_FMT_DER);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = x509_crt_to_raw_pubkey(crt, rpubkey);
+ cleanup:
+	gnutls_x509_crt_deinit(crt);
+
+	return ret;
+}
+
+unsigned
+_gnutls_check_valid_key_id(const gnutls_datum_t *key_id,
+			   gnutls_x509_crt_t cert, time_t now,
+			   unsigned *has_ski)
+{
+	uint8_t id[MAX_KEY_ID_SIZE];
+	size_t id_size;
+	unsigned result = 0;
+
+	if (has_ski)
+		*has_ski = 0;
+
+	if (now > gnutls_x509_crt_get_expiration_time(cert) ||
+	    now < gnutls_x509_crt_get_activation_time(cert)) {
+		/* don't bother, certificate is not yet activated or expired */
+		gnutls_assert();
+		goto out;
+	}
+
+	id_size = sizeof(id);
+	if (gnutls_x509_crt_get_subject_key_id(cert, id, &id_size, NULL) < 0) {
+		gnutls_assert();
+		goto out;
+	}
+
+	if (has_ski)
+		*has_ski = 1;
+
+	if (id_size == key_id->size && !memcmp(id, key_id->data, id_size))
+		result = 1;
+
+ out:
+	return result;
+}
+
+/* Sort a certificate list in place with subject, issuer order. @clist_size must
+ * be equal to or less than %DEFAULT_MAX_VERIFY_DEPTH.
+ *
+ * Returns the index in clist where the initial contiguous segment ends. If the
+ * chain contains multiple segments separated by gaps (e.g., missing issuers),
+ * the caller shall call this function multiple times.
+ *
+ * For example, suppose we want the following certificate chain as a result of
+ * sorting:
+ *
+ *   A -> (B) -> C -> D -> E -> (F) -> G -> H -> I
+ *
+ * from the input [A, C, E, D, G, I, H] (B and F are missing).
+ *
+ * On the first call of this function:
+ *
+ *   _gnutls_sort_clist(clist, clist_size)
+ *
+ * it returns 1, meaning that the first segment only contains A.  The content of
+ * @clist will remain the same [A, C, E, D, G, I, H].
+ *
+ * Then the caller will call this function again, starting from the second
+ * element:
+ *
+ *   _gnutls_sort_clist(&clist[1], clist_size - 1)
+ *
+ * This time it returns 3, meaning that the first segment contains [C, D, E].
+ * The content of @clist will be [A, C, D, E, G, I, H].
+ *
+ * Finally, after calling the function on the remaining elements:
+ *
+ *   _gnutls_sort_clist(&clist[1 + 3], clist_size - (1 + 3))
+ *
+ * It will return 3, meaning that the first segment contains [G, H, I].  At this
+ * point, sorting of @clist is complete.
+ */
+unsigned int _gnutls_sort_clist(gnutls_x509_crt_t *clist,
+				unsigned int clist_size)
+{
+	int prev;
+	unsigned int i, j, k;
+	int issuer[DEFAULT_MAX_VERIFY_DEPTH];	/* contain the index of the issuers */
+	bool insorted[DEFAULT_MAX_VERIFY_DEPTH]; /* non zero if clist[i] used in sorted list */
+	gnutls_x509_crt_t sorted[DEFAULT_MAX_VERIFY_DEPTH];
+
+	assert(clist_size <= DEFAULT_MAX_VERIFY_DEPTH);
+
+	for (i = 0; i < DEFAULT_MAX_VERIFY_DEPTH; i++) {
+		issuer[i] = -1;
+		insorted[i] = 0;
+	}
+
+	/* Find the issuer of each certificate and store it
+	 * in issuer array. O(n^2) so consider that before
+	 * increasing DEFAULT_MAX_VERIFY_DEPTH.
+	 */
+	for (i = 0; i < clist_size; i++) {
+		/* Self-signed certificate found in the chain; skip it
+		 * as it should only appear in the trusted set.
+		 */
+		if (gnutls_x509_crt_check_issuer(clist[i], clist[i])) {
+			_gnutls_cert_log("self-signed cert found", clist[i]);
+			continue;
+		}
+
+		for (j = 1; j < clist_size; j++) {
+			if (i == j)
+				continue;
+
+			if (gnutls_x509_crt_check_issuer(clist[i], clist[j])) {
+				issuer[i] = j;
+				break;
+			}
+		}
+	}
+
+	sorted[0] = clist[0];
+	insorted[0] = 1;
+
+	prev = 0;
+	for (i = 1; i < clist_size; i++) {
+		prev = issuer[prev];
+		if (prev < 0) {	/* no issuer */
+			break;
+		}
+
+		sorted[i] = clist[prev];
+		insorted[prev] = 1;
+	}
+
+	/* append the remaining certs */
+	for (j = 1, k = i; j < clist_size; j++) {
+		if (!insorted[j]) {
+			sorted[k++] = clist[j];
+		}
+	}
+
+	/* write out the sorted list */
+	assert(k == clist_size);
+	for (j = 0; j < clist_size; j++) {
+		clist[j] = sorted[j];
+	}
+
+	return i;
+}
+
+int _gnutls_check_if_sorted(gnutls_x509_crt_t * crt, int nr)
+{
+	int i, ret;
+
+	/* check if the X.509 list is ordered */
+	if (nr > 1) {
+		for (i = 0; i < nr; i++) {
+			if (i > 0) {
+				if (!_gnutls_x509_compare_raw_dn(&crt[i]->raw_dn,
+				                                 &crt[i-1]->raw_issuer_dn)) {
+					ret =
+					    gnutls_assert_val
+					    (GNUTLS_E_CERTIFICATE_LIST_UNSORTED);
+					goto cleanup;
+				}
+			}
+		}
+	}
+	ret = 0;
+
+cleanup:
+	return ret;
+}
+
+/**
+ * gnutls_gost_paramset_get_name:
+ * @param: is a GOST 28147 param set
+ *
+ * Convert a #gnutls_gost_paramset_t value to a string.
+ *
+ * Returns: a string that contains the name of the specified GOST param set,
+ *   or %NULL.
+ *
+ * Since: 3.6.3
+ **/
+const char *gnutls_gost_paramset_get_name(gnutls_gost_paramset_t param)
+{
+	switch(param) {
+	case GNUTLS_GOST_PARAMSET_TC26_Z:
+		return "TC26-Z";
+	case GNUTLS_GOST_PARAMSET_CP_A:
+		return "CryptoPro-A";
+	case GNUTLS_GOST_PARAMSET_CP_B:
+		return "CryptoPro-B";
+	case GNUTLS_GOST_PARAMSET_CP_C:
+		return "CryptoPro-C";
+	case GNUTLS_GOST_PARAMSET_CP_D:
+		return "CryptoPro-D";
+	default:
+		gnutls_assert();
+		return "Unknown";
+	}
+}
+
+/**
+ * gnutls_gost_paramset_get_oid:
+ * @param: is a GOST 28147 param set
+ *
+ * Convert a #gnutls_gost_paramset_t value to its object identifier.
+ *
+ * Returns: a string that contains the object identifier of the specified GOST
+ *   param set, or %NULL.
+ *
+ * Since: 3.6.3
+ **/
+const char *gnutls_gost_paramset_get_oid(gnutls_gost_paramset_t param)
+{
+	switch(param) {
+	case GNUTLS_GOST_PARAMSET_TC26_Z:
+		return GOST28147_89_TC26Z_OID;
+	case GNUTLS_GOST_PARAMSET_CP_A:
+		return GOST28147_89_CPA_OID;
+	case GNUTLS_GOST_PARAMSET_CP_B:
+		return GOST28147_89_CPB_OID;
+	case GNUTLS_GOST_PARAMSET_CP_C:
+		return GOST28147_89_CPC_OID;
+	case GNUTLS_GOST_PARAMSET_CP_D:
+		return GOST28147_89_CPD_OID;
+	default:
+		gnutls_assert();
+		return NULL;
+	}
+}
+
+/**
+ * gnutls_oid_to_gost_paramset:
+ * @oid: is an object identifier
+ *
+ * Converts a textual object identifier to a #gnutls_gost_paramset_t value.
+ *
+ * Returns: a #gnutls_gost_paramset_get_oid of the specified GOST 28147
+ *   param st, or %GNUTLS_GOST_PARAMSET_UNKNOWN on failure.
+ *
+ * Since: 3.6.3
+ **/
+gnutls_gost_paramset_t gnutls_oid_to_gost_paramset(const char *oid)
+{
+	if (!strcmp(oid, GOST28147_89_TC26Z_OID))
+		return GNUTLS_GOST_PARAMSET_TC26_Z;
+	else if (!strcmp(oid, GOST28147_89_CPA_OID))
+		return GNUTLS_GOST_PARAMSET_CP_A;
+	else if (!strcmp(oid, GOST28147_89_CPB_OID))
+		return GNUTLS_GOST_PARAMSET_CP_B;
+	else if (!strcmp(oid, GOST28147_89_CPC_OID))
+		return GNUTLS_GOST_PARAMSET_CP_C;
+	else if (!strcmp(oid, GOST28147_89_CPD_OID))
+		return GNUTLS_GOST_PARAMSET_CP_D;
+	else
+		return gnutls_assert_val(GNUTLS_GOST_PARAMSET_UNKNOWN);
+}
+
+int _gnutls_x509_get_version(asn1_node root, const char *name)
+{
+	uint8_t version[8];
+	int len, result;
+
+	len = sizeof(version);
+	result = asn1_read_value(root, name, version, &len);
+	if (result != ASN1_SUCCESS) {
+		if (result == ASN1_ELEMENT_NOT_FOUND)
+			return 1;	/* the DEFAULT version */
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (len != 1 || version[0] >= 0x80)
+		return gnutls_assert_val(GNUTLS_E_ASN1_DER_ERROR);
+
+	return (int) version[0] + 1;
+}
diff --git a/lib/x509/common.h b/lib/x509/common.h
new file mode 100644
index 0000000..457d4c4
--- /dev/null
+++ b/lib/x509/common.h
@@ -0,0 +1,308 @@
+/*
+ * Copyright (C) 2003-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_COMMON_H
+#define GNUTLS_LIB_X509_COMMON_H
+
+#include <algorithms.h>
+#include <abstract_int.h>
+#include <x509/x509_int.h>
+#include <fips.h>
+
+#define MAX_STRING_LEN 512
+
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+# define MAX_ITER_COUNT 10*1024
+#else
+/* Set a maximum iteration count over which we refuse to
+ * decode a file. That is to prevent DoS. */
+# define MAX_ITER_COUNT (10*1024*1024)
+#endif
+
+#define GNUTLS_XML_SHOW_ALL 1
+
+#define PEM_CRL "X509 CRL"
+#define PEM_X509_CERT "X509 CERTIFICATE"
+#define PEM_X509_CERT2 "CERTIFICATE"
+#define PEM_PKCS7 "PKCS7"
+#define PEM_PKCS12 "PKCS12"
+#define PEM_PK "PUBLIC KEY"
+
+/* public key algorithm's OIDs
+ */
+#define PK_PKIX1_RSA_OID "1.2.840.113549.1.1.1"
+#define PK_PKIX1_RSA_PSS_OID "1.2.840.113549.1.1.10"
+#define PK_X509_RSA_OID "2.5.8.1.1"
+#define PK_DSA_OID "1.2.840.10040.4.1"
+#define PK_GOST_R3410_94_OID "1.2.643.2.2.20"
+#define PK_GOST_R3410_2001_OID "1.2.643.2.2.19"
+#define PK_GOST_R3410_2012_256_OID "1.2.643.7.1.1.1.1"
+#define PK_GOST_R3410_2012_512_OID "1.2.643.7.1.1.1.2"
+
+/* signature OIDs
+ */
+#define SIG_DSA_SHA1_OID "1.2.840.10040.4.3"
+/* those two from draft-ietf-pkix-sha2-dsa-ecdsa-06 */
+#define SIG_DSA_SHA224_OID "2.16.840.1.101.3.4.3.1"
+#define SIG_DSA_SHA256_OID "2.16.840.1.101.3.4.3.2"
+#define SIG_DSA_SHA384_OID "2.16.840.1.101.3.4.3.3"
+#define SIG_DSA_SHA512_OID "2.16.840.1.101.3.4.3.4"
+
+#define SIG_RSA_MD5_OID "1.2.840.113549.1.1.4"
+#define SIG_RSA_MD2_OID "1.2.840.113549.1.1.2"
+#define SIG_RSA_SHA1_OID "1.2.840.113549.1.1.5"
+#define SIG_RSA_SHA224_OID "1.2.840.113549.1.1.14"
+#define SIG_RSA_SHA256_OID "1.2.840.113549.1.1.11"
+#define SIG_RSA_SHA384_OID "1.2.840.113549.1.1.12"
+#define SIG_RSA_SHA512_OID "1.2.840.113549.1.1.13"
+#define SIG_RSA_RMD160_OID "1.3.36.3.3.1.2"
+#define SIG_GOST_R3410_94_OID "1.2.643.2.2.4"
+#define SIG_GOST_R3410_2001_OID "1.2.643.2.2.3"
+#define SIG_GOST_R3410_2012_256_OID "1.2.643.7.1.1.3.2"
+#define SIG_GOST_R3410_2012_512_OID "1.2.643.7.1.1.3.3"
+#define ISO_SIG_RSA_SHA1_OID "1.3.14.3.2.29"
+
+#define SIG_DSA_SHA3_224_OID "2.16.840.1.101.3.4.3.5"
+#define SIG_DSA_SHA3_256_OID "2.16.840.1.101.3.4.3.6"
+#define SIG_DSA_SHA3_384_OID "2.16.840.1.101.3.4.3.7"
+#define SIG_DSA_SHA3_512_OID "2.16.840.1.101.3.4.3.8"
+
+#define SIG_ECDSA_SHA3_224_OID "2.16.840.1.101.3.4.3.9"
+#define SIG_ECDSA_SHA3_256_OID "2.16.840.1.101.3.4.3.10"
+#define SIG_ECDSA_SHA3_384_OID "2.16.840.1.101.3.4.3.11"
+#define SIG_ECDSA_SHA3_512_OID "2.16.840.1.101.3.4.3.12"
+
+#define SIG_RSA_SHA3_224_OID "2.16.840.1.101.3.4.3.13"
+#define SIG_RSA_SHA3_256_OID "2.16.840.1.101.3.4.3.14"
+#define SIG_RSA_SHA3_384_OID "2.16.840.1.101.3.4.3.15"
+#define SIG_RSA_SHA3_512_OID "2.16.840.1.101.3.4.3.16"
+
+#define ECDH_X25519_OID "1.3.101.110"
+#define ECDH_X448_OID "1.3.101.111"
+
+#define SIG_EDDSA_SHA512_OID "1.3.101.112"
+#define SIG_ED448_OID "1.3.101.113"
+
+#define XMPP_OID "1.3.6.1.5.5.7.8.5"
+#define KRB5_PRINCIPAL_OID "1.3.6.1.5.2.2"
+#define MSUSER_PRINCIPAL_NAME_OID "1.3.6.1.4.1.311.20.2.3"
+#define PKIX1_RSA_PSS_MGF1_OID "1.2.840.113549.1.1.8"
+
+#define GOST28147_89_OID "1.2.643.2.2.21"
+#define GOST28147_89_TC26Z_OID "1.2.643.7.1.2.5.1.1"
+#define GOST28147_89_CPA_OID "1.2.643.2.2.31.1"
+#define GOST28147_89_CPB_OID "1.2.643.2.2.31.2"
+#define GOST28147_89_CPC_OID "1.2.643.2.2.31.3"
+#define GOST28147_89_CPD_OID "1.2.643.2.2.31.4"
+
+#define ASN1_NULL "\x05\x00"
+#define ASN1_NULL_SIZE 2
+
+struct oid_to_string {
+	const char *oid;
+	unsigned oid_size;
+	const char *name_desc;
+	unsigned name_desc_size;
+	const char *asn_desc;	/* description in the pkix file if complex type */
+	unsigned int etype;	/* the libtasn1 ASN1_ETYPE or INVALID
+				 * if cannot be simply parsed */
+};
+
+const struct oid_to_string *_gnutls_oid_get_entry(const struct oid_to_string *ots, const char *oid);
+
+const char *_gnutls_oid_get_asn_desc(const char *oid);
+
+int _gnutls_x509_set_time(asn1_node c2, const char *where, time_t tim,
+			  int force_general);
+int
+_gnutls_x509_set_raw_time(asn1_node c2, const char *where, time_t tim);
+
+int _gnutls_x509_decode_string(unsigned int etype,
+			       const uint8_t * der, size_t der_size,
+			       gnutls_datum_t * output,
+			       unsigned allow_ber);
+
+int _gnutls_x509_encode_string(unsigned int etype,
+			       const void *input_data, size_t input_size,
+			       gnutls_datum_t * output);
+
+int _gnutls_x509_dn_to_string(const char *OID, void *value,
+			      int value_size, gnutls_datum_t * out);
+const char *_gnutls_ldap_string_to_oid(const char *str, unsigned str_len);
+
+time_t _gnutls_x509_get_time(asn1_node c2, const char *when, int general);
+
+gnutls_x509_subject_alt_name_t _gnutls_x509_san_find_type(char *str_type);
+
+int _gnutls_x509_der_encode_and_copy(asn1_node src, const char *src_name,
+				     asn1_node dest, const char *dest_name,
+				     int str);
+int _gnutls_x509_der_encode(asn1_node src, const char *src_name,
+			    gnutls_datum_t * res, int str);
+
+#define _gnutls_x509_export_int(asn1, format, header, out, out_size) \
+  _gnutls_x509_export_int_named(asn1, "", format, header, out, out_size)
+
+int _gnutls_x509_export_int_named(asn1_node asn1_data, const char *name,
+				  gnutls_x509_crt_fmt_t format,
+				  const char *pem_header,
+				  unsigned char *output_data,
+				  size_t * output_data_size);
+
+#define _gnutls_x509_export_int2(asn1, format, header, out) \
+  _gnutls_x509_export_int_named2(asn1, "", format, header, out)
+int _gnutls_x509_export_int_named2(asn1_node asn1_data, const char *name,
+				   gnutls_x509_crt_fmt_t format,
+				   const char *pem_header,
+				   gnutls_datum_t * out);
+
+int _gnutls_x509_read_value(asn1_node c, const char *root,
+			    gnutls_datum_t * ret);
+int _gnutls_x509_read_null_value(asn1_node c, const char *root,
+			    gnutls_datum_t * ret);
+int _gnutls_x509_read_string(asn1_node c, const char *root,
+			     gnutls_datum_t * ret, unsigned int etype,
+			     unsigned allow_ber);
+int _gnutls_x509_write_value(asn1_node c, const char *root,
+			     const gnutls_datum_t * data);
+
+int _gnutls_x509_write_string(asn1_node c, const char *root,
+			      const gnutls_datum_t * data,
+			      unsigned int etype);
+
+int _gnutls_x509_encode_and_write_attribute(const char *given_oid,
+					    asn1_node asn1_struct,
+					    const char *where,
+					    const void *data,
+					    int sizeof_data, int multi);
+int _gnutls_x509_decode_and_read_attribute(asn1_node asn1_struct,
+					   const char *where, char *oid,
+					   int oid_size,
+					   gnutls_datum_t * value,
+					   int multi, int octet);
+
+int _gnutls_x509_get_pk_algorithm(asn1_node src, const char *src_name,
+				  gnutls_ecc_curve_t *curve,
+				  unsigned int *bits);
+
+int
+_gnutls_x509_get_signature_algorithm(asn1_node src, const char *src_name);
+
+int _gnutls_x509_encode_and_copy_PKI_params(asn1_node dst,
+					    const char *dst_name,
+					    const gnutls_pk_params_st * params);
+int _gnutls_x509_encode_PKI_params(gnutls_datum_t * der,
+				   const gnutls_pk_params_st * params);
+int _gnutls_asn1_copy_node(asn1_node * dst, const char *dst_name,
+			   asn1_node src, const char *src_name);
+
+int _gnutls_x509_get_signed_data(asn1_node src, const gnutls_datum_t *der,
+				 const char *src_name,
+				 gnutls_datum_t * signed_data);
+int _gnutls_x509_get_signature(asn1_node src, const char *src_name,
+			       gnutls_datum_t * signature);
+
+
+int _gnutls_get_asn_mpis(asn1_node asn, const char *root,
+			 gnutls_pk_params_st * params);
+
+int _gnutls_get_key_id(gnutls_pk_params_st *,
+		       unsigned char *output_data,
+		       size_t * output_data_size, unsigned flags);
+
+void _asnstr_append_name(char *name, size_t name_size, const char *part1,
+			 const char *part2);
+
+/* Given a @c2 which it returns an allocated DER encoding of @whom in @out */
+inline static int
+_gnutls_x509_get_raw_field(asn1_node c2, const char *whom, gnutls_datum_t *out)
+{
+	return _gnutls_x509_der_encode(c2, whom, out, 0);
+}
+
+int
+_gnutls_x509_get_raw_field2(asn1_node c2, const gnutls_datum_t * raw,
+			 const char *whom, gnutls_datum_t * dn);
+
+unsigned
+_gnutls_check_if_same_key(gnutls_x509_crt_t cert1,
+			  gnutls_x509_crt_t cert2,
+			  unsigned is_ca);
+
+unsigned
+_gnutls_check_if_same_key2(gnutls_x509_crt_t cert1,
+			   gnutls_datum_t *cert2bin);
+
+unsigned
+_gnutls_check_valid_key_id(const gnutls_datum_t *key_id,
+			   gnutls_x509_crt_t cert, time_t now,
+			   unsigned *has_ski);
+
+unsigned _gnutls_check_key_purpose(gnutls_x509_crt_t cert, const char *purpose, unsigned no_any);
+
+time_t _gnutls_x509_generalTime2gtime(const char *ttime);
+
+int _gnutls_get_extension(asn1_node asn, const char *root,
+		  const char *extension_id, int indx,
+		  gnutls_datum_t * ret, unsigned int *_critical);
+
+int _gnutls_set_extension(asn1_node asn, const char *root,
+		  const char *ext_id,
+		  const gnutls_datum_t * ext_data, unsigned int critical);
+
+int _gnutls_strdatum_to_buf(gnutls_datum_t * d, void *buf,
+			    size_t * sizeof_buf);
+
+unsigned _gnutls_is_same_dn(gnutls_x509_crt_t cert1, gnutls_x509_crt_t cert2);
+
+int _gnutls_copy_string(const gnutls_datum_t* str, uint8_t *out, size_t *out_size);
+int _gnutls_copy_data(const gnutls_datum_t* str, uint8_t *out, size_t *out_size);
+
+int _gnutls_x509_decode_ext(const gnutls_datum_t *der, gnutls_x509_ext_st *out);
+int _gnutls_x509_raw_crt_to_raw_pubkey(const gnutls_datum_t * cert,
+			   gnutls_datum_t * rpubkey);
+
+int _gnutls_x509_get_version(asn1_node root, const char *name);
+
+int x509_crt_to_raw_pubkey(gnutls_x509_crt_t crt,
+			   gnutls_datum_t * rpubkey);
+
+typedef void (*gnutls_cert_vfunc)(gnutls_x509_crt_t);
+
+unsigned int _gnutls_sort_clist(gnutls_x509_crt_t *clist,
+				unsigned int clist_size);
+
+int _gnutls_check_if_sorted(gnutls_x509_crt_t * crt, int nr);
+
+inline static int _asn1_strict_der_decode (asn1_node * element, const void *ider,
+		       int len, char *errorDescription)
+{
+#if defined(STRICT_DER_TIME) || !defined(ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME)
+# define _ASN1_DER_FLAGS ASN1_DECODE_FLAG_STRICT_DER
+#else
+# define _ASN1_DER_FLAGS (ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME|ASN1_DECODE_FLAG_STRICT_DER)
+#endif
+	return asn1_der_decoding2(element, ider, &len, _ASN1_DER_FLAGS, errorDescription);
+}
+
+#endif /* GNUTLS_LIB_X509_COMMON_H */
diff --git a/lib/x509/crl.c b/lib/x509/crl.c
new file mode 100644
index 0000000..56103e1
--- /dev/null
+++ b/lib/x509/crl.c
@@ -0,0 +1,1425 @@
+/*
+ * Copyright (C) 2003-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <libtasn1.h>
+
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <x509_b64.h>
+#include <x509_int.h>
+#include <x509.h>
+
+static int crl_reinit(gnutls_x509_crl_t crl)
+{
+int result;
+
+	if (crl->crl)
+		asn1_delete_structure(&crl->crl);
+
+	result = asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.CertificateList",
+				 &crl->crl);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+	crl->rcache = NULL;
+	crl->rcache_idx = 0;
+	crl->raw_issuer_dn.size = 0;
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_init:
+ * @crl: A pointer to the type to be initialized
+ *
+ * This function will initialize a CRL structure. CRL stands for
+ * Certificate Revocation List. A revocation list usually contains
+ * lists of certificate serial numbers that have been revoked by an
+ * Authority. The revocation lists are always signed with the
+ * authority's private key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_x509_crl_init(gnutls_x509_crl_t * crl)
+{
+	FAIL_IF_LIB_ERROR;
+
+	*crl = gnutls_calloc(1, sizeof(gnutls_x509_crl_int));
+
+	if (*crl) {
+		int result = crl_reinit(*crl);
+		if (result < 0) {
+			gnutls_assert();
+			gnutls_free(*crl);
+			return result;
+		}
+		return 0;	/* success */
+	}
+	return GNUTLS_E_MEMORY_ERROR;
+}
+
+/**
+ * gnutls_x509_crl_deinit:
+ * @crl: The data to be deinitialized
+ *
+ * This function will deinitialize a CRL structure.
+ **/
+void gnutls_x509_crl_deinit(gnutls_x509_crl_t crl)
+{
+	if (!crl)
+		return;
+
+	if (crl->crl)
+		asn1_delete_structure(&crl->crl);
+	gnutls_free(crl->der.data);
+
+	gnutls_free(crl);
+}
+
+/**
+ * gnutls_x509_crl_import:
+ * @crl: The data to store the parsed CRL.
+ * @data: The DER or PEM encoded CRL.
+ * @format: One of DER or PEM
+ *
+ * This function will convert the given DER or PEM encoded CRL
+ * to the native #gnutls_x509_crl_t format. The output will be stored in 'crl'.
+ *
+ * If the CRL is PEM encoded it should have a header of "X509 CRL".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crl_import(gnutls_x509_crl_t crl,
+		       const gnutls_datum_t * data,
+		       gnutls_x509_crt_fmt_t format)
+{
+	int result = 0;
+
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	_gnutls_free_datum(&crl->der);
+
+	/* If the CRL is in PEM format then decode it
+	 */
+	if (format == GNUTLS_X509_FMT_PEM) {
+		result =
+		    _gnutls_fbase64_decode(PEM_CRL, data->data, data->size,
+					   &crl->der);
+
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+	} else {
+		result = _gnutls_set_datum(&crl->der, data->data, data->size);
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	if (crl->expanded) {
+		result = crl_reinit(crl);
+		if (result < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+	crl->expanded = 1;
+
+	result =
+	    _asn1_strict_der_decode(&crl->crl, crl->der.data, crl->der.size, NULL);
+	if (result != ASN1_SUCCESS) {
+		result = _gnutls_asn2err(result);
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_get_raw_field2(crl->crl, &crl->der,
+					  "tbsCertList.issuer.rdnSequence",
+					  &crl->raw_issuer_dn);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	return 0;
+
+      cleanup:
+	_gnutls_free_datum(&crl->der);
+	return result;
+}
+
+
+/**
+ * gnutls_x509_crl_get_issuer_dn:
+ * @crl: should contain a gnutls_x509_crl_t type
+ * @buf: a pointer to a structure to hold the peer's name (may be null)
+ * @sizeof_buf: initially holds the size of @buf
+ *
+ * This function will copy the name of the CRL issuer in the provided
+ * buffer. The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * If buf is %NULL then only the size will be filled.
+ *
+ * This function does not output a fully RFC4514 compliant string, if
+ * that is required see gnutls_x509_crl_get_issuer_dn3().
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is
+ * not long enough, and in that case the sizeof_buf will be updated
+ * with the required size, and 0 on success.
+ *
+ **/
+int
+gnutls_x509_crl_get_issuer_dn(gnutls_x509_crl_t crl, char *buf,
+			      size_t * sizeof_buf)
+{
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_parse_dn(crl->crl,
+				     "tbsCertList.issuer.rdnSequence",
+				     buf, sizeof_buf, GNUTLS_X509_DN_FLAG_COMPAT);
+}
+
+/**
+ * gnutls_x509_crl_get_issuer_dn_by_oid:
+ * @crl: should contain a gnutls_x509_crl_t type
+ * @oid: holds an Object Identified in null terminated string
+ * @indx: In case multiple same OIDs exist in the RDN, this specifies which to send. Use (0) to get the first one.
+ * @raw_flag: If non-zero returns the raw DER data of the DN part.
+ * @buf: a pointer to a structure to hold the peer's name (may be null)
+ * @sizeof_buf: initially holds the size of @buf
+ *
+ * This function will extract the part of the name of the CRL issuer
+ * specified by the given OID. The output will be encoded as described
+ * in RFC4514. The output string will be ASCII or UTF-8 encoded,
+ * depending on the certificate data.
+ *
+ * Some helper macros with popular OIDs can be found in gnutls/x509.h
+ * If raw flag is (0), this function will only return known OIDs as
+ * text. Other OIDs will be DER encoded, as described in RFC4514 -- in
+ * hex format with a '#' prefix.  You can check about known OIDs
+ * using gnutls_x509_dn_oid_known().
+ *
+ * If buf is null then only the size will be filled.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is
+ * not long enough, and in that case the sizeof_buf will be updated
+ * with the required size, and 0 on success.
+ **/
+int
+gnutls_x509_crl_get_issuer_dn_by_oid(gnutls_x509_crl_t crl,
+				     const char *oid, unsigned indx,
+				     unsigned int raw_flag, void *buf,
+				     size_t * sizeof_buf)
+{
+	gnutls_datum_t td;
+	int ret;
+
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_parse_dn_oid(crl->crl,
+					"tbsCertList.issuer.rdnSequence",
+					oid, indx, raw_flag, &td);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return _gnutls_strdatum_to_buf(&td, buf, sizeof_buf);
+}
+
+
+/**
+ * gnutls_x509_crl_get_dn_oid:
+ * @crl: should contain a gnutls_x509_crl_t type
+ * @indx: Specifies which DN OID to send. Use (0) to get the first one.
+ * @oid: a pointer to store the OID (may be null)
+ * @sizeof_oid: initially holds the size of 'oid'
+ *
+ * This function will extract the requested OID of the name of the CRL
+ * issuer, specified by the given index.
+ *
+ * If oid is null then only the size will be filled.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is
+ * not long enough, and in that case the sizeof_oid will be updated
+ * with the required size.  On success 0 is returned.
+ **/
+int
+gnutls_x509_crl_get_dn_oid(gnutls_x509_crl_t crl,
+			   unsigned indx, void *oid, size_t * sizeof_oid)
+{
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_dn_oid(crl->crl,
+				       "tbsCertList.issuer.rdnSequence",
+				       indx, oid, sizeof_oid);
+}
+
+/**
+ * gnutls_x509_crl_get_issuer_dn2:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ * @dn: a pointer to a structure to hold the name; must be freed using gnutls_free()
+ *
+ * This function will allocate buffer and copy the name of the CRL issuer.
+ * The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * This function does not output a fully RFC4514 compliant string, if
+ * that is required see gnutls_x509_crl_get_issuer_dn3().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.10
+ **/
+int
+gnutls_x509_crl_get_issuer_dn2(gnutls_x509_crl_t crl, gnutls_datum_t * dn)
+{
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_dn(crl->crl,
+				   "tbsCertList.issuer.rdnSequence",
+				   dn, GNUTLS_X509_DN_FLAG_COMPAT);
+}
+
+/**
+ * gnutls_x509_crl_get_issuer_dn3:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ * @dn: a pointer to a structure to hold the name; must be freed using gnutls_free()
+ * @flags: zero or %GNUTLS_X509_DN_FLAG_COMPAT
+ *
+ * This function will allocate buffer and copy the name of the CRL issuer.
+ * The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * When the flag %GNUTLS_X509_DN_FLAG_COMPAT is specified, the output
+ * format will match the format output by previous to 3.5.6 versions of GnuTLS
+ * which was not not fully RFC4514-compliant.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.7
+ **/
+int
+gnutls_x509_crl_get_issuer_dn3(gnutls_x509_crl_t crl, gnutls_datum_t * dn, unsigned flags)
+{
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_dn(crl->crl,
+				   "tbsCertList.issuer.rdnSequence",
+				   dn, flags);
+}
+
+/**
+ * gnutls_x509_crl_get_signature_algorithm:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ *
+ * This function will return a value of the #gnutls_sign_algorithm_t
+ * enumeration that is the signature algorithm.
+ *
+ * Since 3.6.0 this function never returns a negative error code.
+ * Error cases and unknown/unsupported signature algorithms are
+ * mapped to %GNUTLS_SIGN_UNKNOWN.
+ *
+ * Returns: a #gnutls_sign_algorithm_t value
+ **/
+int gnutls_x509_crl_get_signature_algorithm(gnutls_x509_crl_t crl)
+{
+	return map_errs_to_zero(_gnutls_x509_get_signature_algorithm(crl->crl,
+						    "signatureAlgorithm"));
+}
+
+/**
+ * gnutls_x509_crl_get_signature_oid:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ * @oid: a pointer to a buffer to hold the OID (may be null)
+ * @oid_size: initially holds the size of @oid
+ *
+ * This function will return the OID of the signature algorithm
+ * that has been used to sign this CRL. This is function
+ * is useful in the case gnutls_x509_crl_get_signature_algorithm()
+ * returned %GNUTLS_SIGN_UNKNOWN.
+ *
+ * Returns: zero or a negative error code on error.
+ *
+ * Since: 3.5.0
+ **/
+int gnutls_x509_crl_get_signature_oid(gnutls_x509_crl_t crl, char *oid, size_t *oid_size)
+{
+	char str[MAX_OID_SIZE];
+	int len, result, ret;
+	gnutls_datum_t out;
+
+	len = sizeof(str);
+	result = asn1_read_value(crl->crl, "signatureAlgorithm.algorithm", str, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	out.data = (void*)str;
+	out.size = len;
+
+	ret = _gnutls_copy_string(&out, (void*)oid, oid_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_get_signature:
+ * @crl: should contain a gnutls_x509_crl_t type
+ * @sig: a pointer where the signature part will be copied (may be null).
+ * @sizeof_sig: initially holds the size of @sig
+ *
+ * This function will extract the signature field of a CRL.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. 
+ **/
+int
+gnutls_x509_crl_get_signature(gnutls_x509_crl_t crl,
+			      char *sig, size_t * sizeof_sig)
+{
+	int result;
+	unsigned int bits;
+	int len;
+
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	len = 0;
+	result = asn1_read_value(crl->crl, "signature", NULL, &len);
+
+	if (result != ASN1_MEM_ERROR) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	bits = len;
+	if (bits % 8 != 0) {
+		gnutls_assert();
+		return GNUTLS_E_CERTIFICATE_ERROR;
+	}
+
+	len = bits / 8;
+
+	if (*sizeof_sig < (unsigned) len) {
+		*sizeof_sig = bits / 8;
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	result = asn1_read_value(crl->crl, "signature", sig, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_get_version:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ *
+ * This function will return the version of the specified CRL.
+ *
+ * Returns: The version number, or a negative error code on error.
+ **/
+int gnutls_x509_crl_get_version(gnutls_x509_crl_t crl)
+{
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_version(crl->crl, "tbsCertList.version");
+}
+
+/**
+ * gnutls_x509_crl_get_this_update:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ *
+ * This function will return the time this CRL was issued.
+ *
+ * Returns: when the CRL was issued, or (time_t)-1 on error.
+ **/
+time_t gnutls_x509_crl_get_this_update(gnutls_x509_crl_t crl)
+{
+	if (crl == NULL) {
+		gnutls_assert();
+		return (time_t) - 1;
+	}
+
+	return _gnutls_x509_get_time(crl->crl, "tbsCertList.thisUpdate",
+				     0);
+}
+
+/**
+ * gnutls_x509_crl_get_next_update:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ *
+ * This function will return the time the next CRL will be issued.
+ * This field is optional in a CRL so it might be normal to get an
+ * error instead.
+ *
+ * Returns: when the next CRL will be issued, or (time_t)-1 on error.
+ **/
+time_t gnutls_x509_crl_get_next_update(gnutls_x509_crl_t crl)
+{
+	if (crl == NULL) {
+		gnutls_assert();
+		return (time_t) - 1;
+	}
+
+	return _gnutls_x509_get_time(crl->crl, "tbsCertList.nextUpdate",
+				     0);
+}
+
+/**
+ * gnutls_x509_crl_get_crt_count:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ *
+ * This function will return the number of revoked certificates in the
+ * given CRL.
+ *
+ * Returns: number of certificates, a negative error code on failure.
+ **/
+int gnutls_x509_crl_get_crt_count(gnutls_x509_crl_t crl)
+{
+
+	int count, result;
+
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result =
+	    asn1_number_of_elements(crl->crl,
+				    "tbsCertList.revokedCertificates",
+				    &count);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return 0;	/* no certificates */
+	}
+
+	return count;
+}
+
+/**
+ * gnutls_x509_crl_get_crt_serial:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ * @indx: the index of the certificate to extract (starting from 0)
+ * @serial: where the serial number will be copied
+ * @serial_size: initially holds the size of serial
+ * @t: if non null, will hold the time this certificate was revoked
+ *
+ * This function will retrieve the serial number of the specified, by
+ * the index, revoked certificate.
+ *
+ * Note that this function will have performance issues in large sequences
+ * of revoked certificates. In that case use gnutls_x509_crl_iter_crt_serial().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crl_get_crt_serial(gnutls_x509_crl_t crl, unsigned indx,
+			       unsigned char *serial,
+			       size_t * serial_size, time_t * t)
+{
+
+	int result, _serial_size;
+	char serial_name[MAX_NAME_SIZE];
+	char date_name[MAX_NAME_SIZE];
+
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	snprintf(serial_name, sizeof(serial_name),
+		 "tbsCertList.revokedCertificates.?%u.userCertificate",
+		 indx + 1);
+	snprintf(date_name, sizeof(date_name),
+		 "tbsCertList.revokedCertificates.?%u.revocationDate",
+		 indx + 1);
+
+	_serial_size = *serial_size;
+	result =
+	    asn1_read_value(crl->crl, serial_name, serial, &_serial_size);
+
+	*serial_size = _serial_size;
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		if (result == ASN1_ELEMENT_NOT_FOUND)
+			return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		return _gnutls_asn2err(result);
+	}
+
+	if (t) {
+		*t = _gnutls_x509_get_time(crl->crl, date_name, 0);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_iter_deinit:
+ * @iter: The iterator to be deinitialized
+ *
+ * This function will deinitialize an iterator type.
+ **/
+void gnutls_x509_crl_iter_deinit(gnutls_x509_crl_iter_t iter)
+{
+	if (!iter)
+		return;
+
+	gnutls_free(iter);
+}
+
+/**
+ * gnutls_x509_crl_iter_crt_serial:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ * @iter: A pointer to an iterator (initially the iterator should be %NULL)
+ * @serial: where the serial number will be copied
+ * @serial_size: initially holds the size of serial
+ * @t: if non null, will hold the time this certificate was revoked
+ *
+ * This function performs the same as gnutls_x509_crl_get_crt_serial(),
+ * but reads sequentially and keeps state in the iterator 
+ * between calls. That allows it to provide better performance in sequences 
+ * with many elements (50000+).
+ *
+ * When past the last element is accessed %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * is returned and the iterator is reset.
+ *
+ * After use, the iterator must be deinitialized using gnutls_x509_crl_iter_deinit().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crl_iter_crt_serial(gnutls_x509_crl_t crl,
+				gnutls_x509_crl_iter_t *iter,
+				unsigned char *serial,
+				size_t * serial_size, time_t * t)
+{
+
+	int result, _serial_size;
+	char serial_name[MAX_NAME_SIZE];
+	char date_name[MAX_NAME_SIZE];
+
+	if (crl == NULL || iter == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (*iter == NULL) {
+		*iter = gnutls_calloc(1, sizeof(struct gnutls_x509_crl_iter));
+		if (*iter == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	if ((*iter)->rcache == NULL) {
+		(*iter)->rcache = asn1_find_node (crl->crl, "tbsCertList.revokedCertificates.?1");
+		(*iter)->rcache_idx = 1;
+	} else {
+		snprintf(serial_name, sizeof(serial_name),
+			 "?%u", (*iter)->rcache_idx);
+		(*iter)->rcache = asn1_find_node ((*iter)->rcache, serial_name);
+	}
+	if ((*iter)->rcache == NULL) {
+		/* reset */
+		(*iter)->rcache = NULL;
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+	}
+
+	snprintf(serial_name, sizeof(serial_name),
+		 "?%u.userCertificate", (*iter)->rcache_idx);
+
+	_serial_size = *serial_size;
+	result =
+	    asn1_read_value((*iter)->rcache, serial_name, serial, &_serial_size);
+
+	*serial_size = _serial_size;
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		if (result == ASN1_ELEMENT_NOT_FOUND) {
+			/* reset */
+			(*iter)->rcache = NULL;
+			return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		}
+		return _gnutls_asn2err(result);
+	}
+
+	if (t) {
+		snprintf(date_name, sizeof(date_name),
+			 "?%u.revocationDate", (*iter)->rcache_idx);
+		*t = _gnutls_x509_get_time((*iter)->rcache, date_name, 0);
+	}
+
+	(*iter)->rcache_idx++;
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_get_raw_issuer_dn:
+ * @crl: should contain a gnutls_x509_crl_t type
+ * @dn: will hold the starting point of the DN
+ *
+ * This function will return a pointer to the DER encoded DN structure
+ * and the length.
+ *
+ * Returns: a negative error code on error, and (0) on success.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_x509_crl_get_raw_issuer_dn(gnutls_x509_crl_t crl,
+				  gnutls_datum_t * dn)
+{
+	if (crl->raw_issuer_dn.size != 0) {
+		return _gnutls_set_datum(dn, crl->raw_issuer_dn.data,
+					 crl->raw_issuer_dn.size);
+	} else {
+		return _gnutls_x509_get_raw_field(crl->crl, "tbsCertList.issuer.rdnSequence", dn);
+	}
+}
+
+/**
+ * gnutls_x509_crl_export:
+ * @crl: Holds the revocation list
+ * @format: the format of output params. One of PEM or DER.
+ * @output_data: will contain a private key PEM or DER encoded
+ * @output_data_size: holds the size of output_data (and will
+ *   be replaced by the actual size of parameters)
+ *
+ * This function will export the revocation list to DER or PEM format.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * %GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN X509 CRL".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crl_export(gnutls_x509_crl_t crl,
+		       gnutls_x509_crt_fmt_t format, void *output_data,
+		       size_t * output_data_size)
+{
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_export_int(crl->crl, format, PEM_CRL,
+				       output_data, output_data_size);
+}
+
+/**
+ * gnutls_x509_crl_export2:
+ * @crl: Holds the revocation list
+ * @format: the format of output params. One of PEM or DER.
+ * @out: will contain a private key PEM or DER encoded
+ *
+ * This function will export the revocation list to DER or PEM format.
+ *
+ * The output buffer is allocated using gnutls_malloc().
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN X509 CRL".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since 3.1.3
+ **/
+int
+gnutls_x509_crl_export2(gnutls_x509_crl_t crl,
+			gnutls_x509_crt_fmt_t format, gnutls_datum_t * out)
+{
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_export_int2(crl->crl, format, PEM_CRL, out);
+}
+
+/*-
+ * _gnutls_x509_crl_cpy - This function copies a gnutls_x509_crl_t type
+ * @dest: The data where to copy
+ * @src: The data to be copied
+ *
+ * This function will copy an X.509 certificate structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ -*/
+int _gnutls_x509_crl_cpy(gnutls_x509_crl_t dest, gnutls_x509_crl_t src)
+{
+	int ret;
+	gnutls_datum_t tmp;
+
+	ret = gnutls_x509_crl_export2(src, GNUTLS_X509_FMT_DER, &tmp);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_x509_crl_import(dest, &tmp, GNUTLS_X509_FMT_DER);
+
+	gnutls_free(tmp.data);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+
+}
+
+static int
+_get_authority_key_id(gnutls_x509_crl_t cert, asn1_node * c2,
+		      unsigned int *critical)
+{
+	int ret;
+	gnutls_datum_t id;
+
+	*c2 = NULL;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((ret =
+	     _gnutls_x509_crl_get_extension(cert, "2.5.29.35", 0, &id,
+					    critical)) < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	if (id.size == 0 || id.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	ret = asn1_create_element
+	    (_gnutls_get_pkix(), "PKIX1.AuthorityKeyIdentifier", c2);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		_gnutls_free_datum(&id);
+		return _gnutls_asn2err(ret);
+	}
+
+	ret = _asn1_strict_der_decode(c2, id.data, id.size, NULL);
+	_gnutls_free_datum(&id);
+
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(c2);
+		return _gnutls_asn2err(ret);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_get_authority_key_gn_serial:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ * @seq: specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)
+ * @alt: is the place where the alternative name will be copied to
+ * @alt_size: holds the size of alt.
+ * @alt_type: holds the type of the alternative name (one of gnutls_x509_subject_alt_name_t).
+ * @serial: buffer to store the serial number (may be null)
+ * @serial_size: Holds the size of the serial field (may be null)
+ * @critical: will be non-zero if the extension is marked as critical (may be null)
+ *
+ * This function will return the X.509 authority key
+ * identifier when stored as a general name (authorityCertIssuer) 
+ * and serial number.
+ *
+ * Because more than one general names might be stored
+ * @seq can be used as a counter to request them all until 
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ *
+ * Returns: Returns 0 on success, or an error code.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_x509_crl_get_authority_key_gn_serial(gnutls_x509_crl_t crl,
+					    unsigned int seq,
+					    void *alt,
+					    size_t * alt_size,
+					    unsigned int *alt_type,
+					    void *serial,
+					    size_t * serial_size,
+					    unsigned int *critical)
+{
+	int ret, result, len;
+	asn1_node c2;
+
+	ret = _get_authority_key_id(crl, &c2, critical);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret =
+	    _gnutls_parse_general_name(c2, "authorityCertIssuer", seq, alt,
+				       alt_size, alt_type, 0);
+	if (ret < 0) {
+		ret = gnutls_assert_val(ret);
+		goto fail;
+	}
+
+	if (serial) {
+		len = *serial_size;
+		result =
+		    asn1_read_value(c2, "authorityCertSerialNumber",
+				    serial, &len);
+
+		*serial_size = len;
+
+		if (result < 0) {
+			ret = _gnutls_asn2err(result);
+			goto fail;
+		}
+
+	}
+
+	ret = 0;
+
+      fail:
+	asn1_delete_structure(&c2);
+
+	return ret;
+}
+
+
+/**
+ * gnutls_x509_crl_get_authority_key_id:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ * @id: The place where the identifier will be copied
+ * @id_size: Holds the size of the result field.
+ * @critical: will be non-zero if the extension is marked as critical
+ *   (may be null)
+ *
+ * This function will return the CRL authority's key identifier.  This
+ * is obtained by the X.509 Authority Key identifier extension field
+ * (2.5.29.35).  Note that this function 
+ * only returns the keyIdentifier field of the extension and
+ * %GNUTLS_E_X509_UNSUPPORTED_EXTENSION, if the extension contains
+ * the name and serial number of the certificate. In that case
+ * gnutls_x509_crl_get_authority_key_gn_serial() may be used.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code in case of an error.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crl_get_authority_key_id(gnutls_x509_crl_t crl, void *id,
+				     size_t * id_size,
+				     unsigned int *critical)
+{
+	int result, len, ret;
+	asn1_node c2;
+
+	ret = _get_authority_key_id(crl, &c2, critical);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	len = *id_size;
+	result = asn1_read_value(c2, "keyIdentifier", id, &len);
+
+	*id_size = len;
+	asn1_delete_structure(&c2);
+
+	if (result == ASN1_VALUE_NOT_FOUND
+	    || result == ASN1_ELEMENT_NOT_FOUND)
+		return
+		    gnutls_assert_val(GNUTLS_E_X509_UNSUPPORTED_EXTENSION);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_get_number:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ * @ret: The place where the number will be copied
+ * @ret_size: Holds the size of the result field.
+ * @critical: will be non-zero if the extension is marked as critical
+ *   (may be null)
+ *
+ * This function will return the CRL number extension.  This is
+ * obtained by the CRL Number extension field (2.5.29.20).
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code in case of an error.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crl_get_number(gnutls_x509_crl_t crl, void *ret,
+			   size_t * ret_size, unsigned int *critical)
+{
+	int result;
+	gnutls_datum_t id;
+
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (ret)
+		memset(ret, 0, *ret_size);
+	else
+		*ret_size = 0;
+
+	if ((result =
+	     _gnutls_x509_crl_get_extension(crl, "2.5.29.20", 0, &id,
+					    critical)) < 0) {
+		return result;
+	}
+
+	if (id.size == 0 || id.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	result =
+	    _gnutls_x509_ext_extract_number(ret, ret_size, id.data,
+					    id.size);
+
+	_gnutls_free_datum(&id);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_get_extension_oid:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ * @indx: Specifies which extension OID to send, use (0) to get the first one.
+ * @oid: a pointer to store the OID (may be null)
+ * @sizeof_oid: initially holds the size of @oid
+ *
+ * This function will return the requested extension OID in the CRL.
+ * The extension OID will be stored as a string in the provided
+ * buffer.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code in case of an error.  If your have reached the
+ *   last extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ *   will be returned.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crl_get_extension_oid(gnutls_x509_crl_t crl, unsigned indx,
+				  void *oid, size_t * sizeof_oid)
+{
+	int result;
+
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result =
+	    _gnutls_x509_crl_get_extension_oid(crl, indx, oid, sizeof_oid);
+	if (result < 0) {
+		return result;
+	}
+
+	return 0;
+
+}
+
+/**
+ * gnutls_x509_crl_get_extension_info:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ * @indx: Specifies which extension OID to send, use (0) to get the first one.
+ * @oid: a pointer to store the OID
+ * @sizeof_oid: initially holds the maximum size of @oid, on return
+ *   holds actual size of @oid.
+ * @critical: output variable with critical flag, may be NULL.
+ *
+ * This function will return the requested extension OID in the CRL,
+ * and the critical flag for it.  The extension OID will be stored as
+ * a string in the provided buffer.  Use
+ * gnutls_x509_crl_get_extension_data() to extract the data.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *@sizeof_oid is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER will be
+ * returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code in case of an error.  If your have reached the
+ *   last extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ *   will be returned.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crl_get_extension_info(gnutls_x509_crl_t crl, unsigned indx,
+				   void *oid, size_t * sizeof_oid,
+				   unsigned int *critical)
+{
+	int result;
+	char str_critical[10];
+	char name[MAX_NAME_SIZE];
+	int len;
+
+	if (!crl) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	snprintf(name, sizeof(name),
+		 "tbsCertList.crlExtensions.?%u.extnID", indx + 1);
+
+	len = *sizeof_oid;
+	result = asn1_read_value(crl->crl, name, oid, &len);
+	*sizeof_oid = len;
+
+	if (result == ASN1_ELEMENT_NOT_FOUND)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	else if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	snprintf(name, sizeof(name),
+		 "tbsCertList.crlExtensions.?%u.critical", indx + 1);
+	len = sizeof(str_critical);
+	result = asn1_read_value(crl->crl, name, str_critical, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (critical) {
+		if (str_critical[0] == 'T')
+			*critical = 1;
+		else
+			*critical = 0;
+	}
+
+	return 0;
+
+}
+
+/**
+ * gnutls_x509_crl_get_extension_data:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ * @indx: Specifies which extension OID to send. Use (0) to get the first one.
+ * @data: a pointer to a structure to hold the data (may be null)
+ * @sizeof_data: initially holds the size of @oid
+ *
+ * This function will return the requested extension data in the CRL.
+ * The extension data will be stored as a string in the provided
+ * buffer.
+ *
+ * Use gnutls_x509_crl_get_extension_info() to extract the OID and
+ * critical flag.  Use gnutls_x509_crl_get_extension_info() instead,
+ * if you want to get data indexed by the extension OID rather than
+ * sequence.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code in case of an error.  If your have reached the
+ *   last extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ *   will be returned.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crl_get_extension_data(gnutls_x509_crl_t crl, unsigned indx,
+				   void *data, size_t * sizeof_data)
+{
+	int result, len;
+	char name[MAX_NAME_SIZE];
+
+	if (!crl) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	snprintf(name, sizeof(name),
+		 "tbsCertList.crlExtensions.?%u.extnValue", indx + 1);
+
+	len = *sizeof_data;
+	result = asn1_read_value(crl->crl, name, data, &len);
+	*sizeof_data = len;
+
+	if (result == ASN1_ELEMENT_NOT_FOUND)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	else if (result < 0) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_list_import2:
+ * @crls: Will contain the parsed crl list.
+ * @size: It will contain the size of the list.
+ * @data: The PEM encoded CRL.
+ * @format: One of DER or PEM.
+ * @flags: must be (0) or an OR'd sequence of gnutls_certificate_import_flags.
+ *
+ * This function will convert the given PEM encoded CRL list
+ * to the native gnutls_x509_crl_t format. The output will be stored
+ * in @crls.  They will be automatically initialized.
+ *
+ * If the Certificate is PEM encoded it should have a header of "X509
+ * CRL".
+ *
+ * Returns: the number of certificates read or a negative error value.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_x509_crl_list_import2(gnutls_x509_crl_t ** crls,
+			     unsigned int *size,
+			     const gnutls_datum_t * data,
+			     gnutls_x509_crt_fmt_t format,
+			     unsigned int flags)
+{
+	unsigned int init = 1024;
+	int ret;
+
+	*crls = _gnutls_reallocarray(NULL, init, sizeof(gnutls_x509_crl_t));
+	if (*crls == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret =
+	    gnutls_x509_crl_list_import(*crls, &init, data, format,
+					flags | GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED);
+	if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
+		*crls = _gnutls_reallocarray_fast(*crls, init,
+						  sizeof(gnutls_x509_crl_t));
+		if (*crls == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+
+		ret =
+		    gnutls_x509_crl_list_import(*crls, &init, data, format,
+						flags);
+	}
+
+	if (ret < 0) {
+		gnutls_free(*crls);
+		*crls = NULL;
+		return ret;
+	}
+
+	*size = init;
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_list_import:
+ * @crls: Indicates where the parsed CRLs will be copied to. Must not be initialized.
+ * @crl_max: Initially must hold the maximum number of crls. It will be updated with the number of crls available.
+ * @data: The PEM encoded CRLs
+ * @format: One of DER or PEM.
+ * @flags: must be (0) or an OR'd sequence of gnutls_certificate_import_flags.
+ *
+ * This function will convert the given PEM encoded CRL list
+ * to the native gnutls_x509_crl_t format. The output will be stored
+ * in @crls.  They will be automatically initialized.
+ *
+ * If the Certificate is PEM encoded it should have a header of "X509 CRL".
+ *
+ * Returns: the number of certificates read or a negative error value.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_x509_crl_list_import(gnutls_x509_crl_t * crls,
+			    unsigned int *crl_max,
+			    const gnutls_datum_t * data,
+			    gnutls_x509_crt_fmt_t format,
+			    unsigned int flags)
+{
+	int size;
+	const char *ptr;
+	gnutls_datum_t tmp;
+	int ret, nocopy = 0;
+	unsigned int count = 0, j;
+
+	if (format == GNUTLS_X509_FMT_DER) {
+		if (*crl_max < 1) {
+			*crl_max = 1;
+			return GNUTLS_E_SHORT_MEMORY_BUFFER;
+		}
+
+		count = 1;	/* import only the first one */
+
+		ret = gnutls_x509_crl_init(&crls[0]);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		ret = gnutls_x509_crl_import(crls[0], data, format);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		*crl_max = 1;
+		return 1;
+	}
+
+	/* move to the certificate
+	 */
+	ptr = memmem(data->data, data->size,
+		     PEM_CRL_SEP, sizeof(PEM_CRL_SEP) - 1);
+	if (ptr == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_BASE64_DECODING_ERROR;
+	}
+
+	count = 0;
+
+	do {
+		if (count >= *crl_max) {
+			if (!
+			    (flags &
+			     GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED)) {
+				break;
+			} else if (nocopy == 0) {
+				for (j = 0; j < count; j++)
+					gnutls_x509_crl_deinit(crls[j]);
+				nocopy = 1;
+			}
+		}
+
+		if (!nocopy) {
+			ret = gnutls_x509_crl_init(&crls[count]);
+			if (ret < 0) {
+				gnutls_assert();
+				goto error;
+			}
+
+			tmp.data = (void *) ptr;
+			tmp.size =
+			    data->size - (ptr - (char *) data->data);
+			ret =
+			    gnutls_x509_crl_import(crls[count], &tmp,
+						   GNUTLS_X509_FMT_PEM);
+			if (ret < 0) {
+				gnutls_assert();
+				count++;
+				goto error;
+			}
+		}
+
+		/* now we move ptr after the pem header 
+		 */
+		ptr++;
+		/* find the next certificate (if any)
+		 */
+		size = data->size - (ptr - (char *) data->data);
+
+		if (size > 0) {
+			ptr =
+			    memmem(ptr, size, PEM_CRL_SEP,
+				   sizeof(PEM_CRL_SEP) - 1);
+		} else
+			ptr = NULL;
+
+		count++;
+	}
+	while (ptr != NULL);
+
+	*crl_max = count;
+
+	if (nocopy == 0)
+		return count;
+	else
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+
+      error:
+	for (j = 0; j < count; j++)
+		gnutls_x509_crl_deinit(crls[j]);
+	return ret;
+}
diff --git a/lib/x509/crl_write.c b/lib/x509/crl_write.c
new file mode 100644
index 0000000..36ca452
--- /dev/null
+++ b/lib/x509/crl_write.c
@@ -0,0 +1,521 @@
+/*
+ * Copyright (C) 2003-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains functions to handle CRL generation.
+ */
+
+#include "gnutls_int.h"
+
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <x509.h>
+#include <x509_b64.h>
+#include <x509_int.h>
+#include <libtasn1.h>
+
+static void disable_optional_stuff(gnutls_x509_crl_t crl);
+
+/**
+ * gnutls_x509_crl_set_version:
+ * @crl: should contain a gnutls_x509_crl_t type
+ * @version: holds the version number. For CRLv1 crls must be 1.
+ *
+ * This function will set the version of the CRL. This
+ * must be one for CRL version 1, and so on. The CRLs generated
+ * by gnutls should have a version number of 2.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crl_set_version(gnutls_x509_crl_t crl, unsigned int version)
+{
+	int result;
+	uint8_t null = version & 0xFF;
+
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (null > 0)
+		null -= 1;
+
+	result =
+	    asn1_write_value(crl->crl, "tbsCertList.version", &null, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_sign2:
+ * @crl: should contain a gnutls_x509_crl_t type
+ * @issuer: is the certificate of the certificate issuer
+ * @issuer_key: holds the issuer's private key
+ * @dig: The message digest to use. GNUTLS_DIG_SHA256 is the safe choice unless you know what you're doing.
+ * @flags: must be 0
+ *
+ * This function will sign the CRL with the issuer's private key, and
+ * will copy the issuer's information into the CRL.
+ *
+ * This must be the last step in a certificate CRL since all
+ * the previously set parameters are now signed.
+ *
+ * A known limitation of this function is, that a newly-signed CRL will not
+ * be fully functional (e.g., for signature verification), until it
+ * is exported an re-imported.
+ *
+ * After GnuTLS 3.6.1 the value of @dig may be %GNUTLS_DIG_UNKNOWN,
+ * and in that case, a suitable but reasonable for the key algorithm will be selected.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ **/
+int
+gnutls_x509_crl_sign2(gnutls_x509_crl_t crl, gnutls_x509_crt_t issuer,
+		      gnutls_x509_privkey_t issuer_key,
+		      gnutls_digest_algorithm_t dig, unsigned int flags)
+{
+	int result;
+	gnutls_privkey_t privkey;
+
+	if (crl == NULL || issuer == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result = gnutls_privkey_init(&privkey);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result = gnutls_privkey_import_x509(privkey, issuer_key, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	result =
+	    gnutls_x509_crl_privkey_sign(crl, issuer, privkey, dig, flags);
+	if (result < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	result = 0;
+
+      fail:
+	gnutls_privkey_deinit(privkey);
+
+	return result;
+}
+
+/**
+ * gnutls_x509_crl_sign:
+ * @crl: should contain a gnutls_x509_crl_t type
+ * @issuer: is the certificate of the certificate issuer
+ * @issuer_key: holds the issuer's private key
+ *
+ * This function is the same a gnutls_x509_crl_sign2() with no flags,
+ * and an appropriate hash algorithm. The hash algorithm used may
+ * vary between versions of GnuTLS, and it is tied to the security
+ * level of the issuer's public key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ */
+int
+gnutls_x509_crl_sign(gnutls_x509_crl_t crl, gnutls_x509_crt_t issuer,
+		     gnutls_x509_privkey_t issuer_key)
+{
+	return gnutls_x509_crl_sign2(crl, issuer, issuer_key,
+				     0, 0);
+}
+
+/**
+ * gnutls_x509_crl_set_this_update:
+ * @crl: should contain a gnutls_x509_crl_t type
+ * @act_time: The actual time
+ *
+ * This function will set the time this CRL was issued.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_x509_crl_set_this_update(gnutls_x509_crl_t crl, time_t act_time)
+{
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_set_time(crl->crl, "tbsCertList.thisUpdate",
+				     act_time, 0);
+}
+
+/**
+ * gnutls_x509_crl_set_next_update:
+ * @crl: should contain a gnutls_x509_crl_t type
+ * @exp_time: The actual time
+ *
+ * This function will set the time this CRL will be updated.
+ * This is an optional value to be set on a CRL and this call
+ * can be omitted when generating a CRL.
+ *
+ * Prior to GnuTLS 3.5.7, setting a nextUpdate field was required
+ * in order to generate a CRL.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_x509_crl_set_next_update(gnutls_x509_crl_t crl, time_t exp_time)
+{
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+	return _gnutls_x509_set_time(crl->crl, "tbsCertList.nextUpdate",
+				     exp_time, 0);
+}
+
+/**
+ * gnutls_x509_crl_set_crt_serial:
+ * @crl: should contain a gnutls_x509_crl_t type
+ * @serial: The revoked certificate's serial number
+ * @serial_size: Holds the size of the serial field.
+ * @revocation_time: The time this certificate was revoked
+ *
+ * This function will set a revoked certificate's serial number to the CRL.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crl_set_crt_serial(gnutls_x509_crl_t crl,
+			       const void *serial, size_t serial_size,
+			       time_t revocation_time)
+{
+	int ret;
+
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret =
+	    asn1_write_value(crl->crl, "tbsCertList.revokedCertificates",
+			     "NEW", 1);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	ret =
+	    asn1_write_value(crl->crl,
+			     "tbsCertList.revokedCertificates.?LAST.userCertificate",
+			     serial, serial_size);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	ret =
+	    _gnutls_x509_set_time(crl->crl,
+				  "tbsCertList.revokedCertificates.?LAST.revocationDate",
+				  revocation_time, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    asn1_write_value(crl->crl,
+			     "tbsCertList.revokedCertificates.?LAST.crlEntryExtensions",
+			     NULL, 0);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_set_crt:
+ * @crl: should contain a gnutls_x509_crl_t type
+ * @crt: a certificate of type #gnutls_x509_crt_t with the revoked certificate
+ * @revocation_time: The time this certificate was revoked
+ *
+ * This function will set a revoked certificate's serial number to the CRL.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crl_set_crt(gnutls_x509_crl_t crl, gnutls_x509_crt_t crt,
+			time_t revocation_time)
+{
+	int ret;
+	uint8_t serial[128];
+	size_t serial_size;
+
+	if (crl == NULL || crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	serial_size = sizeof(serial);
+	ret = gnutls_x509_crt_get_serial(crt, serial, &serial_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    gnutls_x509_crl_set_crt_serial(crl, serial, serial_size,
+					   revocation_time);
+	if (ret < 0) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	return 0;
+}
+
+
+/* If OPTIONAL fields have not been initialized then
+ * disable them.
+ */
+static void disable_optional_stuff(gnutls_x509_crl_t crl)
+{
+	time_t t;
+
+	t = _gnutls_x509_get_time(crl->crl, "tbsCertList.nextUpdate", 0);
+	if (t == (time_t)-1) {
+		(void)asn1_write_value(crl->crl, "tbsCertList.nextUpdate", NULL, 0);
+	}
+
+	if (crl->use_extensions == 0) {
+		(void)asn1_write_value(crl->crl, "tbsCertList.crlExtensions",
+				 NULL, 0);
+	}
+
+	return;
+}
+
+/**
+ * gnutls_x509_crl_set_authority_key_id:
+ * @crl: a CRL of type #gnutls_x509_crl_t
+ * @id: The key ID
+ * @id_size: Holds the size of the serial field.
+ *
+ * This function will set the CRL's authority key ID extension.  Only
+ * the keyIdentifier field can be set with this function. This may
+ * be used by an authority that holds multiple private keys, to distinguish
+ * the used key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crl_set_authority_key_id(gnutls_x509_crl_t crl,
+				     const void *id, size_t id_size)
+{
+	int result;
+	gnutls_datum_t old_id, der_data;
+	unsigned int critical;
+
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Check if the extension already exists.
+	 */
+	result =
+	    _gnutls_x509_crl_get_extension(crl, "2.5.29.35", 0, &old_id,
+					   &critical);
+
+	if (result >= 0) {
+		_gnutls_free_datum(&old_id);
+	} else if (result != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* generate the extension.
+	 */
+	result = _gnutls_x509_ext_gen_auth_key_id(id, id_size, &der_data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result =
+	    _gnutls_x509_crl_set_extension(crl, "2.5.29.35", &der_data, 0);
+
+	_gnutls_free_datum(&der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	crl->use_extensions = 1;
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_set_number:
+ * @crl: a CRL of type #gnutls_x509_crl_t
+ * @nr: The CRL number
+ * @nr_size: Holds the size of the nr field.
+ *
+ * This function will set the CRL's number extension. This
+ * is to be used as a unique and monotonic number assigned to
+ * the CRL by the authority.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crl_set_number(gnutls_x509_crl_t crl,
+			   const void *nr, size_t nr_size)
+{
+	int result;
+	gnutls_datum_t old_id, der_data;
+	unsigned int critical;
+
+	if (crl == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Check if the extension already exists.
+	 */
+	result =
+	    _gnutls_x509_crl_get_extension(crl, "2.5.29.20", 0, &old_id,
+					   &critical);
+
+	if (result >= 0) {
+		_gnutls_free_datum(&old_id);
+	} else if (result != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* generate the extension.
+	 */
+	result = _gnutls_x509_ext_gen_number(nr, nr_size, &der_data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result =
+	    _gnutls_x509_crl_set_extension(crl, "2.5.29.20", &der_data, 0);
+
+	_gnutls_free_datum(&der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	crl->use_extensions = 1;
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_privkey_sign:
+ * @crl: should contain a gnutls_x509_crl_t type
+ * @issuer: is the certificate of the certificate issuer
+ * @issuer_key: holds the issuer's private key
+ * @dig: The message digest to use. GNUTLS_DIG_SHA256 is the safe choice unless you know what you're doing.
+ * @flags: must be 0
+ *
+ * This function will sign the CRL with the issuer's private key, and
+ * will copy the issuer's information into the CRL.
+ *
+ * This must be the last step in a certificate CRL since all
+ * the previously set parameters are now signed.
+ *
+ * A known limitation of this function is, that a newly-signed CRL will not
+ * be fully functional (e.g., for signature verification), until it
+ * is exported an re-imported.
+ *
+ * After GnuTLS 3.6.1 the value of @dig may be %GNUTLS_DIG_UNKNOWN,
+ * and in that case, a suitable but reasonable for the key algorithm will be selected.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since 2.12.0
+ **/
+int
+gnutls_x509_crl_privkey_sign(gnutls_x509_crl_t crl,
+			     gnutls_x509_crt_t issuer,
+			     gnutls_privkey_t issuer_key,
+			     gnutls_digest_algorithm_t dig,
+			     unsigned int flags)
+{
+	int result;
+
+	if (crl == NULL || issuer == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (dig == 0) {
+		result = gnutls_x509_crt_get_preferred_hash_algorithm(issuer, &dig, NULL);
+		if (result < 0)
+			return gnutls_assert_val(result);
+	}
+
+	/* disable all the unneeded OPTIONAL fields.
+	 */
+	disable_optional_stuff(crl);
+
+	result = _gnutls_x509_pkix_sign(crl->crl, "tbsCertList",
+					dig, 0, issuer, issuer_key);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
diff --git a/lib/x509/crq.c b/lib/x509/crq.c
new file mode 100644
index 0000000..2603022
--- /dev/null
+++ b/lib/x509/crq.c
@@ -0,0 +1,3099 @@
+/*
+ * Copyright (C) 2003-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2012-2016 Nikos Mavrogiannopoulos
+ * Copyright (C) 2016-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains functions to handle PKCS #10 certificate
+   requests, see RFC 2986.
+ */
+
+#include "gnutls_int.h"
+
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <x509.h>
+#include <x509_b64.h>
+#include <gnutls/x509-ext.h>
+#include "x509_int.h"
+#include <libtasn1.h>
+#include <pk.h>
+#include "attributes.h"
+
+/**
+ * gnutls_x509_crq_init:
+ * @crq: A pointer to the type to be initialized
+ *
+ * This function will initialize a PKCS#10 certificate request
+ * structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_x509_crq_init(gnutls_x509_crq_t * crq)
+{
+	int result;
+	
+	FAIL_IF_LIB_ERROR;
+
+	*crq = gnutls_calloc(1, sizeof(gnutls_x509_crq_int));
+	if (!*crq)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	result = asn1_create_element(_gnutls_get_pkix(),
+				     "PKIX1.pkcs-10-CertificationRequest",
+				     &((*crq)->crq));
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(*crq);
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crq_deinit:
+ * @crq: the type to be deinitialized
+ *
+ * This function will deinitialize a PKCS#10 certificate request
+ * structure.
+ **/
+void gnutls_x509_crq_deinit(gnutls_x509_crq_t crq)
+{
+	if (!crq)
+		return;
+
+	if (crq->crq)
+		asn1_delete_structure(&crq->crq);
+
+	gnutls_free(crq);
+}
+
+#define PEM_CRQ "NEW CERTIFICATE REQUEST"
+#define PEM_CRQ2 "CERTIFICATE REQUEST"
+
+/**
+ * gnutls_x509_crq_import:
+ * @crq: The data to store the parsed certificate request.
+ * @data: The DER or PEM encoded certificate.
+ * @format: One of DER or PEM
+ *
+ * This function will convert the given DER or PEM encoded certificate
+ * request to a #gnutls_x509_crq_t type.  The output will be
+ * stored in @crq.
+ *
+ * If the Certificate is PEM encoded it should have a header of "NEW
+ * CERTIFICATE REQUEST".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crq_import(gnutls_x509_crq_t crq,
+		       const gnutls_datum_t * data,
+		       gnutls_x509_crt_fmt_t format)
+{
+	int result = 0, need_free = 0;
+	gnutls_datum_t _data;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	_data.data = data->data;
+	_data.size = data->size;
+
+	/* If the Certificate is in PEM format then decode it
+	 */
+	if (format == GNUTLS_X509_FMT_PEM) {
+		/* Try the first header */
+		result =
+		    _gnutls_fbase64_decode(PEM_CRQ, data->data, data->size,
+					   &_data);
+
+		if (result < 0)	/* Go for the second header */
+			result =
+			    _gnutls_fbase64_decode(PEM_CRQ2, data->data,
+						   data->size, &_data);
+
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+
+		need_free = 1;
+	}
+
+	result =
+	    _asn1_strict_der_decode(&crq->crq, _data.data, _data.size, NULL);
+	if (result != ASN1_SUCCESS) {
+		result = _gnutls_asn2err(result);
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+      cleanup:
+	if (need_free)
+		_gnutls_free_datum(&_data);
+	return result;
+}
+
+/**
+ * gnutls_x509_crq_get_signature_algorithm:
+ * @crq: should contain a #gnutls_x509_cr_t type
+ *
+ * This function will return a value of the #gnutls_sign_algorithm_t
+ * enumeration that is the signature algorithm that has been used to
+ * sign this certificate request.
+ *
+ * Since 3.6.0 this function never returns a negative error code.
+ * Error cases and unknown/unsupported signature algorithms are
+ * mapped to %GNUTLS_SIGN_UNKNOWN.
+ *
+ * Returns: a #gnutls_sign_algorithm_t value
+ *
+ * Since: 3.4.0
+ **/
+int gnutls_x509_crq_get_signature_algorithm(gnutls_x509_crq_t crq)
+{
+	return map_errs_to_zero(_gnutls_x509_get_signature_algorithm(crq->crq,
+						    "signatureAlgorithm"));
+}
+
+/**
+ * gnutls_x509_crq_get_private_key_usage_period:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @activation: The activation time
+ * @expiration: The expiration time
+ * @critical: the extension status
+ *
+ * This function will return the expiration and activation
+ * times of the private key of the certificate.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the extension is not present, otherwise a negative error value.
+ **/
+int
+gnutls_x509_crq_get_private_key_usage_period(gnutls_x509_crq_t crq,
+					     time_t * activation,
+					     time_t * expiration,
+					     unsigned int *critical)
+{
+	int result, ret;
+	asn1_node c2 = NULL;
+	uint8_t buf[128];
+	size_t buf_size = sizeof(buf);
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_x509_crq_get_extension_by_oid(crq, "2.5.29.16", 0,
+						   buf, &buf_size,
+						   critical);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	result = asn1_create_element
+	    (_gnutls_get_pkix(), "PKIX1.PrivateKeyUsagePeriod", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = _asn1_strict_der_decode(&c2, buf, buf_size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (activation)
+		*activation = _gnutls_x509_get_time(c2, "notBefore", 1);
+
+	if (expiration)
+		*expiration = _gnutls_x509_get_time(c2, "notAfter", 1);
+
+	ret = 0;
+
+      cleanup:
+	asn1_delete_structure(&c2);
+
+	return ret;
+}
+
+
+/**
+ * gnutls_x509_crq_get_dn:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @buf: a pointer to a structure to hold the name (may be %NULL)
+ * @buf_size: initially holds the size of @buf
+ *
+ * This function will copy the name of the Certificate request subject
+ * to the provided buffer.  The name will be in the form
+ * "C=xxxx,O=yyyy,CN=zzzz" as described in RFC 2253. The output string
+ * @buf will be ASCII or UTF-8 encoded, depending on the certificate
+ * data.
+ *
+ * This function does not output a fully RFC4514 compliant string, if
+ * that is required see gnutls_x509_crq_get_dn3().
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not
+ *   long enough, and in that case the *@buf_size will be updated with
+ *   the required size.  On success 0 is returned.
+ **/
+int
+gnutls_x509_crq_get_dn(gnutls_x509_crq_t crq, char *buf, size_t * buf_size)
+{
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_parse_dn(crq->crq,
+				     "certificationRequestInfo.subject.rdnSequence",
+				     buf, buf_size, GNUTLS_X509_DN_FLAG_COMPAT);
+}
+
+/**
+ * gnutls_x509_crq_get_dn2:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @dn: a pointer to a structure to hold the name; must be freed using gnutls_free()
+ *
+ * This function will allocate buffer and copy the name of the Certificate 
+ * request. The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * This function does not output a fully RFC4514 compliant string, if
+ * that is required see gnutls_x509_crq_get_dn3().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. and a negative error code on error.
+ *
+ * Since: 3.1.10
+ **/
+int gnutls_x509_crq_get_dn2(gnutls_x509_crq_t crq, gnutls_datum_t * dn)
+{
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_dn(crq->crq,
+				   "certificationRequestInfo.subject.rdnSequence",
+				   dn, GNUTLS_X509_DN_FLAG_COMPAT);
+}
+
+/**
+ * gnutls_x509_crq_get_dn3:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @dn: a pointer to a structure to hold the name; must be freed using gnutls_free()
+ * @flags: zero or %GNUTLS_X509_DN_FLAG_COMPAT
+ *
+ * This function will allocate buffer and copy the name of the Certificate 
+ * request. The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * When the flag %GNUTLS_X509_DN_FLAG_COMPAT is specified, the output
+ * format will match the format output by previous to 3.5.6 versions of GnuTLS
+ * which was not not fully RFC4514-compliant.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. and a negative error code on error.
+ *
+ * Since: 3.5.7
+ **/
+int gnutls_x509_crq_get_dn3(gnutls_x509_crq_t crq, gnutls_datum_t * dn, unsigned flags)
+{
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_dn(crq->crq,
+				   "certificationRequestInfo.subject.rdnSequence",
+				   dn, flags);
+}
+
+/**
+ * gnutls_x509_crq_get_dn_by_oid:
+ * @crq: should contain a gnutls_x509_crq_t type
+ * @oid: holds an Object Identifier in a null terminated string
+ * @indx: In case multiple same OIDs exist in the RDN, this specifies
+ *   which to get. Use (0) to get the first one.
+ * @raw_flag: If non-zero returns the raw DER data of the DN part.
+ * @buf: a pointer to a structure to hold the name (may be %NULL)
+ * @buf_size: initially holds the size of @buf
+ *
+ * This function will extract the part of the name of the Certificate
+ * request subject, specified by the given OID. The output will be
+ * encoded as described in RFC2253. The output string will be ASCII
+ * or UTF-8 encoded, depending on the certificate data.
+ *
+ * Some helper macros with popular OIDs can be found in gnutls/x509.h
+ * If raw flag is (0), this function will only return known OIDs as
+ * text. Other OIDs will be DER encoded, as described in RFC2253 --
+ * in hex format with a '\#' prefix.  You can check about known OIDs
+ * using gnutls_x509_dn_oid_known().
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is
+ *   not long enough, and in that case the *@buf_size will be
+ *   updated with the required size.  On success 0 is returned.
+ **/
+int
+gnutls_x509_crq_get_dn_by_oid(gnutls_x509_crq_t crq, const char *oid,
+			      unsigned indx, unsigned int raw_flag,
+			      void *buf, size_t * buf_size)
+{
+	gnutls_datum_t td;
+	int ret;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_parse_dn_oid
+	    (crq->crq,
+	     "certificationRequestInfo.subject.rdnSequence",
+	     oid, indx, raw_flag, &td);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return _gnutls_strdatum_to_buf(&td, buf, buf_size);
+}
+
+/**
+ * gnutls_x509_crq_get_dn_oid:
+ * @crq: should contain a gnutls_x509_crq_t type
+ * @indx: Specifies which DN OID to get. Use (0) to get the first one.
+ * @oid: a pointer to a structure to hold the name (may be %NULL)
+ * @sizeof_oid: initially holds the size of @oid
+ *
+ * This function will extract the requested OID of the name of the
+ * certificate request subject, specified by the given index.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is
+ *   not long enough, and in that case the *@sizeof_oid will be
+ *   updated with the required size.  On success 0 is returned.
+ **/
+int
+gnutls_x509_crq_get_dn_oid(gnutls_x509_crq_t crq,
+			   unsigned indx, void *oid, size_t * sizeof_oid)
+{
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_dn_oid(crq->crq,
+				       "certificationRequestInfo.subject.rdnSequence",
+				       indx, oid, sizeof_oid);
+}
+
+/**
+ * gnutls_x509_crq_get_challenge_password:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @pass: will hold a (0)-terminated password string
+ * @pass_size: Initially holds the size of @pass.
+ *
+ * This function will return the challenge password in the request.
+ * The challenge password is intended to be used for requesting a
+ * revocation of the certificate.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crq_get_challenge_password(gnutls_x509_crq_t crq,
+				       char *pass, size_t * pass_size)
+{
+	gnutls_datum_t td;
+	int ret;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret =
+	    _x509_parse_attribute(crq->crq,
+			    "certificationRequestInfo.attributes",
+			    "1.2.840.113549.1.9.7", 0, 0, &td);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return _gnutls_strdatum_to_buf(&td, pass, pass_size);
+}
+
+/**
+ * gnutls_x509_crq_set_attribute_by_oid:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @oid: holds an Object Identifier in a null-terminated string
+ * @buf: a pointer to a structure that holds the attribute data
+ * @buf_size: holds the size of @buf
+ *
+ * This function will set the attribute in the certificate request
+ * specified by the given Object ID. The provided attribute must be be DER
+ * encoded.
+ *
+ * Attributes in a certificate request is an optional set of data
+ * appended to the request. Their interpretation depends on the CA policy.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crq_set_attribute_by_oid(gnutls_x509_crq_t crq,
+				     const char *oid, void *buf,
+				     size_t buf_size)
+{
+	gnutls_datum_t data;
+
+	data.data = buf;
+	data.size = buf_size;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _x509_set_attribute(crq->crq,
+			     "certificationRequestInfo.attributes", oid,
+			     &data);
+}
+
+/**
+ * gnutls_x509_crq_get_attribute_by_oid:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @oid: holds an Object Identifier in null-terminated string
+ * @indx: In case multiple same OIDs exist in the attribute list, this
+ *   specifies which to get, use (0) to get the first one
+ * @buf: a pointer to a structure to hold the attribute data (may be %NULL)
+ * @buf_size: initially holds the size of @buf
+ *
+ * This function will return the attribute in the certificate request
+ * specified by the given Object ID.  The attribute will be DER
+ * encoded.
+ *
+ * Attributes in a certificate request is an optional set of data
+ * appended to the request. Their interpretation depends on the CA policy.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crq_get_attribute_by_oid(gnutls_x509_crq_t crq,
+				     const char *oid, unsigned indx, void *buf,
+				     size_t * buf_size)
+{
+	int ret;
+	gnutls_datum_t td;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret =
+	    _x509_parse_attribute(crq->crq,
+			    "certificationRequestInfo.attributes", oid,
+			    indx, 1, &td);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return _gnutls_strdatum_to_buf(&td, buf, buf_size);
+}
+
+/**
+ * gnutls_x509_crq_set_dn_by_oid:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @oid: holds an Object Identifier in a (0)-terminated string
+ * @raw_flag: must be 0, or 1 if the data are DER encoded
+ * @data: a pointer to the input data
+ * @sizeof_data: holds the size of @data
+ *
+ * This function will set the part of the name of the Certificate
+ * request subject, specified by the given OID.  The input string
+ * should be ASCII or UTF-8 encoded.
+ *
+ * Some helper macros with popular OIDs can be found in gnutls/x509.h
+ * With this function you can only set the known OIDs.  You can test
+ * for known OIDs using gnutls_x509_dn_oid_known().  For OIDs that are
+ * not known (by gnutls) you should properly DER encode your data, and
+ * call this function with raw_flag set.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crq_set_dn_by_oid(gnutls_x509_crq_t crq, const char *oid,
+			      unsigned int raw_flag, const void *data,
+			      unsigned int sizeof_data)
+{
+	if (sizeof_data == 0 || data == NULL || crq == NULL) {
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_set_dn_oid(crq->crq,
+				       "certificationRequestInfo.subject",
+				       oid, raw_flag, data, sizeof_data);
+}
+
+/**
+ * gnutls_x509_crq_set_version:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @version: holds the version number, for v1 Requests must be 1
+ *
+ * This function will set the version of the certificate request.  For
+ * version 1 requests this must be one.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crq_set_version(gnutls_x509_crq_t crq, unsigned int version)
+{
+	int result;
+	unsigned char null = version;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (null > 0)
+		null--;
+
+	result =
+	    asn1_write_value(crq->crq, "certificationRequestInfo.version",
+			     &null, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crq_get_version:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ *
+ * This function will return the version of the specified Certificate
+ * request.
+ *
+ * Returns: version of certificate request, or a negative error code on
+ *   error.
+ **/
+int gnutls_x509_crq_get_version(gnutls_x509_crq_t crq)
+{
+	uint8_t version[8];
+	int len, result;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	len = sizeof(version);
+	if ((result =
+	     asn1_read_value(crq->crq, "certificationRequestInfo.version",
+			     version, &len)) != ASN1_SUCCESS) {
+
+		if (result == ASN1_ELEMENT_NOT_FOUND)
+			return 1;	/* the DEFAULT version */
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return (int) version[0] + 1;
+}
+
+/**
+ * gnutls_x509_crq_set_key:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @key: holds a private key
+ *
+ * This function will set the public parameters from the given private
+ * key to the request.  
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crq_set_key(gnutls_x509_crq_t crq, gnutls_x509_privkey_t key)
+{
+	int result;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result = _gnutls_x509_encode_and_copy_PKI_params
+	    (crq->crq,
+	     "certificationRequestInfo.subjectPKInfo",
+	     &key->params);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crq_get_key_rsa_raw:
+ * @crq: Holds the certificate
+ * @m: will hold the modulus
+ * @e: will hold the public exponent
+ *
+ * This function will export the RSA public key's parameters found in
+ * the given structure.  The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_get_key_rsa_raw(gnutls_x509_crq_t crq,
+				gnutls_datum_t * m, gnutls_datum_t * e)
+{
+	int ret;
+	gnutls_pk_params_st params;
+
+	gnutls_pk_params_init(&params);
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_x509_crq_get_pk_algorithm(crq, NULL);
+	if (ret != GNUTLS_PK_RSA) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_crq_get_mpis(crq, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_mpi_dprint(params.params[0], m);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_mpi_dprint(params.params[1], e);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_free_datum(m);
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	gnutls_pk_params_release(&params);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crq_set_key_rsa_raw:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @m: holds the modulus
+ * @e: holds the public exponent
+ *
+ * This function will set the public parameters from the given private
+ * key to the request. Only RSA keys are currently supported.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.6.0
+ **/
+int
+gnutls_x509_crq_set_key_rsa_raw(gnutls_x509_crq_t crq,
+				const gnutls_datum_t * m,
+				const gnutls_datum_t * e)
+{
+	int result, ret;
+	size_t siz = 0;
+	gnutls_pk_params_st temp_params;
+
+	gnutls_pk_params_init(&temp_params);
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	memset(&temp_params, 0, sizeof(temp_params));
+
+	siz = m->size;
+	if (_gnutls_mpi_init_scan_nz(&temp_params.params[0], m->data, siz)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto error;
+	}
+
+	siz = e->size;
+	if (_gnutls_mpi_init_scan_nz(&temp_params.params[1], e->data, siz)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto error;
+	}
+
+	temp_params.params_nr = RSA_PUBLIC_PARAMS;
+	temp_params.algo = GNUTLS_PK_RSA;
+
+	result = _gnutls_x509_encode_and_copy_PKI_params
+	    (crq->crq,
+	     "certificationRequestInfo.subjectPKInfo",
+	     &temp_params);
+
+	if (result < 0) {
+		gnutls_assert();
+		ret = result;
+		goto error;
+	}
+
+	ret = 0;
+
+      error:
+	gnutls_pk_params_release(&temp_params);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crq_set_challenge_password:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @pass: holds a (0)-terminated password
+ *
+ * This function will set a challenge password to be used when
+ * revoking the request.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crq_set_challenge_password(gnutls_x509_crq_t crq,
+				       const char *pass)
+{
+	int result;
+	char *password = NULL;
+
+	if (crq == NULL || pass == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Add the attribute.
+	 */
+	result =
+	    asn1_write_value(crq->crq,
+			     "certificationRequestInfo.attributes", "NEW",
+			     1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (pass) {
+		gnutls_datum_t out;
+		result = _gnutls_utf8_password_normalize(pass, strlen(pass), &out, 0);
+		if (result < 0)
+			return gnutls_assert_val(result);
+
+		password = (char*)out.data;
+	}
+
+	assert(password != NULL);
+
+	result = _gnutls_x509_encode_and_write_attribute
+	    ("1.2.840.113549.1.9.7", crq->crq,
+	     "certificationRequestInfo.attributes.?LAST", password,
+	     strlen(password), 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+ cleanup:
+	gnutls_free(password);
+	return result;
+}
+
+/**
+ * gnutls_x509_crq_sign2:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @key: holds a private key
+ * @dig: The message digest to use, i.e., %GNUTLS_DIG_SHA256
+ * @flags: must be 0
+ *
+ * This function will sign the certificate request with a private key.
+ * This must be the same key as the one used in
+ * gnutls_x509_crt_set_key() since a certificate request is self
+ * signed.
+ *
+ * This must be the last step in a certificate request generation
+ * since all the previously set parameters are now signed.
+ *
+ * A known limitation of this function is, that a newly-signed request will not
+ * be fully functional (e.g., for signature verification), until it
+ * is exported an re-imported.
+ *
+ * After GnuTLS 3.6.1 the value of @dig may be %GNUTLS_DIG_UNKNOWN,
+ * and in that case, a suitable but reasonable for the key algorithm will be selected.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *   %GNUTLS_E_ASN1_VALUE_NOT_FOUND is returned if you didn't set all
+ *   information in the certificate request (e.g., the version using
+ *   gnutls_x509_crq_set_version()).
+ *
+ **/
+int
+gnutls_x509_crq_sign2(gnutls_x509_crq_t crq, gnutls_x509_privkey_t key,
+		      gnutls_digest_algorithm_t dig, unsigned int flags)
+{
+	int result;
+	gnutls_privkey_t privkey;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result = gnutls_privkey_init(&privkey);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result = gnutls_privkey_import_x509(privkey, key, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	result = gnutls_x509_crq_privkey_sign(crq, privkey, dig, flags);
+	if (result < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	result = 0;
+
+      fail:
+	gnutls_privkey_deinit(privkey);
+
+	return result;
+}
+
+/**
+ * gnutls_x509_crq_sign:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @key: holds a private key
+ *
+ * This function is the same a gnutls_x509_crq_sign2() with no flags,
+ * and an appropriate hash algorithm. The hash algorithm used may
+ * vary between versions of GnuTLS, and it is tied to the security
+ * level of the issuer's public key.
+ *
+ * A known limitation of this function is, that a newly-signed request will not
+ * be fully functional (e.g., for signature verification), until it
+ * is exported an re-imported.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ */
+int gnutls_x509_crq_sign(gnutls_x509_crq_t crq, gnutls_x509_privkey_t key)
+{
+	return gnutls_x509_crq_sign2(crq, key, 0, 0);
+}
+
+/**
+ * gnutls_x509_crq_export:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @format: the format of output params. One of PEM or DER.
+ * @output_data: will contain a certificate request PEM or DER encoded
+ * @output_data_size: holds the size of output_data (and will be
+ *   replaced by the actual size of parameters)
+ *
+ * This function will export the certificate request to a PEM or DER
+ * encoded PKCS10 structure.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * %GNUTLS_E_SHORT_MEMORY_BUFFER will be returned and
+ * *@output_data_size will be updated.
+ *
+ * If the structure is PEM encoded, it will have a header of "BEGIN
+ * NEW CERTIFICATE REQUEST".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crq_export(gnutls_x509_crq_t crq,
+		       gnutls_x509_crt_fmt_t format, void *output_data,
+		       size_t * output_data_size)
+{
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_export_int(crq->crq, format, PEM_CRQ,
+				       output_data, output_data_size);
+}
+
+/**
+ * gnutls_x509_crq_export2:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @format: the format of output params. One of PEM or DER.
+ * @out: will contain a certificate request PEM or DER encoded
+ *
+ * This function will export the certificate request to a PEM or DER
+ * encoded PKCS10 structure.
+ *
+ * The output buffer is allocated using gnutls_malloc().
+ *
+ * If the structure is PEM encoded, it will have a header of "BEGIN
+ * NEW CERTIFICATE REQUEST".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since 3.1.3
+ **/
+int
+gnutls_x509_crq_export2(gnutls_x509_crq_t crq,
+			gnutls_x509_crt_fmt_t format, gnutls_datum_t * out)
+{
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_export_int2(crq->crq, format, PEM_CRQ, out);
+}
+
+/**
+ * gnutls_x509_crq_get_pk_algorithm:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @bits: if bits is non-%NULL it will hold the size of the parameters' in bits
+ *
+ * This function will return the public key algorithm of a PKCS#10
+ * certificate request.
+ *
+ * If bits is non-%NULL, it should have enough size to hold the
+ * parameters size in bits.  For RSA the bits returned is the modulus.
+ * For DSA the bits returned are of the public exponent.
+ *
+ * Returns: a member of the #gnutls_pk_algorithm_t enumeration on
+ *   success, or a negative error code on error.
+ **/
+int
+gnutls_x509_crq_get_pk_algorithm(gnutls_x509_crq_t crq, unsigned int *bits)
+{
+	int result;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result = _gnutls_x509_get_pk_algorithm
+	    (crq->crq, "certificationRequestInfo.subjectPKInfo", NULL, bits);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return result;
+}
+
+/**
+ * gnutls_x509_crq_get_spki;
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @spki: a SubjectPublicKeyInfo structure of type #gnutls_x509_spki_t
+ * @flags: must be zero
+ *
+ * This function will return the public key information of a PKCS#10
+ * certificate request. The provided @spki must be initialized.
+ *
+ * Returns: Zero on success, or a negative error code on error.
+ **/
+int
+gnutls_x509_crq_get_spki(gnutls_x509_crq_t crq,
+			 gnutls_x509_spki_t spki,
+			 unsigned int flags)
+{
+	int result;
+	gnutls_x509_spki_st params;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	memset(&params, 0, sizeof(params));
+
+	spki->pk = gnutls_x509_crq_get_pk_algorithm(crq, NULL);
+
+	result = _gnutls_x509_crq_read_spki_params(crq, &params);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	if (params.pk == GNUTLS_PK_UNKNOWN)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	spki->rsa_pss_dig = params.rsa_pss_dig;
+	spki->salt_size = params.salt_size;
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crq_get_signature_oid:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @oid: a pointer to a buffer to hold the OID (may be null)
+ * @oid_size: initially holds the size of @oid
+ *
+ * This function will return the OID of the signature algorithm
+ * that has been used to sign this certificate request. This function
+ * is useful in the case gnutls_x509_crq_get_signature_algorithm()
+ * returned %GNUTLS_SIGN_UNKNOWN.
+ *
+ * Returns: zero or a negative error code on error.
+ *
+ * Since: 3.5.0
+ **/
+int gnutls_x509_crq_get_signature_oid(gnutls_x509_crq_t crq, char *oid, size_t *oid_size)
+{
+	char str[MAX_OID_SIZE];
+	int len, result, ret;
+	gnutls_datum_t out;
+
+	len = sizeof(str);
+	result = asn1_read_value(crq->crq, "signatureAlgorithm.algorithm", str, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	out.data = (void*)str;
+	out.size = len;
+
+	ret = _gnutls_copy_string(&out, (void*)oid, oid_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crq_get_pk_oid:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @oid: a pointer to a buffer to hold the OID (may be null)
+ * @oid_size: initially holds the size of @oid
+ *
+ * This function will return the OID of the public key algorithm
+ * on that certificate request. This function
+ * is useful in the case gnutls_x509_crq_get_pk_algorithm()
+ * returned %GNUTLS_PK_UNKNOWN.
+ *
+ * Returns: zero or a negative error code on error.
+ *
+ * Since: 3.5.0
+ **/
+int gnutls_x509_crq_get_pk_oid(gnutls_x509_crq_t crq, char *oid, size_t *oid_size)
+{
+	char str[MAX_OID_SIZE];
+	int len, result, ret;
+	gnutls_datum_t out;
+
+	len = sizeof(str);
+	result = asn1_read_value(crq->crq, "certificationRequestInfo.subjectPKInfo.algorithm.algorithm", str, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	out.data = (void*)str;
+	out.size = len;
+
+	ret = _gnutls_copy_string(&out, (void*)oid, oid_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crq_get_attribute_info:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @indx: Specifies which attribute number to get. Use (0) to get the first one.
+ * @oid: a pointer to a structure to hold the OID
+ * @sizeof_oid: initially holds the maximum size of @oid, on return
+ *   holds actual size of @oid.
+ *
+ * This function will return the requested attribute OID in the
+ * certificate, and the critical flag for it.  The attribute OID will
+ * be stored as a string in the provided buffer.  Use
+ * gnutls_x509_crq_get_attribute_data() to extract the data.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *@sizeof_oid is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER will be
+ * returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code in case of an error.  If your have reached the
+ *   last extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ *   will be returned.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_get_attribute_info(gnutls_x509_crq_t crq, unsigned indx,
+				   void *oid, size_t * sizeof_oid)
+{
+	int result;
+	char name[MAX_NAME_SIZE];
+	int len;
+
+	if (!crq) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	snprintf(name, sizeof(name),
+		 "certificationRequestInfo.attributes.?%u.type", indx + 1);
+
+	len = *sizeof_oid;
+	result = asn1_read_value(crq->crq, name, oid, &len);
+	*sizeof_oid = len;
+
+	if (result == ASN1_ELEMENT_NOT_FOUND)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	else if (result < 0) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+
+}
+
+/**
+ * gnutls_x509_crq_get_attribute_data:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @indx: Specifies which attribute number to get. Use (0) to get the first one.
+ * @data: a pointer to a structure to hold the data (may be null)
+ * @sizeof_data: initially holds the size of @oid
+ *
+ * This function will return the requested attribute data in the
+ * certificate request.  The attribute data will be stored as a string in the
+ * provided buffer.
+ *
+ * Use gnutls_x509_crq_get_attribute_info() to extract the OID.
+ * Use gnutls_x509_crq_get_attribute_by_oid() instead,
+ * if you want to get data indexed by the attribute OID rather than
+ * sequence.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code in case of an error.  If your have reached the
+ *   last extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ *   will be returned.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_get_attribute_data(gnutls_x509_crq_t crq, unsigned indx,
+				   void *data, size_t * sizeof_data)
+{
+	int result, len;
+	char name[MAX_NAME_SIZE];
+
+	if (!crq) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	snprintf(name, sizeof(name),
+		 "certificationRequestInfo.attributes.?%u.values.?1",
+		 indx + 1);
+
+	len = *sizeof_data;
+	result = asn1_read_value(crq->crq, name, data, &len);
+	*sizeof_data = len;
+
+	if (result == ASN1_ELEMENT_NOT_FOUND)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	else if (result < 0) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crq_get_extension_info:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @indx: Specifies which extension number to get. Use (0) to get the first one.
+ * @oid: a pointer to store the OID
+ * @sizeof_oid: initially holds the maximum size of @oid, on return
+ *   holds actual size of @oid.
+ * @critical: output variable with critical flag, may be NULL.
+ *
+ * This function will return the requested extension OID in the
+ * certificate, and the critical flag for it.  The extension OID will
+ * be stored as a string in the provided buffer.  Use
+ * gnutls_x509_crq_get_extension_data() to extract the data.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *@sizeof_oid is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER will be
+ * returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code in case of an error.  If your have reached the
+ *   last extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ *   will be returned.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_get_extension_info(gnutls_x509_crq_t crq, unsigned indx,
+				   void *oid, size_t * sizeof_oid,
+				   unsigned int *critical)
+{
+	int result;
+	char str_critical[10];
+	char name[MAX_NAME_SIZE];
+	char *extensions = NULL;
+	size_t extensions_size = 0;
+	asn1_node c2;
+	int len;
+
+	if (!crq) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* read extensionRequest */
+	result =
+	    gnutls_x509_crq_get_attribute_by_oid(crq,
+						 "1.2.840.113549.1.9.14",
+						 0, NULL,
+						 &extensions_size);
+	if (result == GNUTLS_E_SHORT_MEMORY_BUFFER) {
+		extensions = gnutls_malloc(extensions_size);
+		if (extensions == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+
+		result = gnutls_x509_crq_get_attribute_by_oid(crq,
+							      "1.2.840.113549.1.9.14",
+							      0,
+							      extensions,
+							      &extensions_size);
+	}
+	if (result < 0) {
+		gnutls_assert();
+		goto out;
+	}
+
+	result =
+	    asn1_create_element(_gnutls_get_pkix(), "PKIX1.Extensions",
+				&c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto out;
+	}
+
+	result = _asn1_strict_der_decode(&c2, extensions, extensions_size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&c2);
+		result = _gnutls_asn2err(result);
+		goto out;
+	}
+
+	snprintf(name, sizeof(name), "?%u.extnID", indx + 1);
+
+	len = *sizeof_oid;
+	result = asn1_read_value(c2, name, oid, &len);
+	*sizeof_oid = len;
+
+	if (result == ASN1_ELEMENT_NOT_FOUND) {
+		asn1_delete_structure(&c2);
+		result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		goto out;
+	} else if (result < 0) {
+		gnutls_assert();
+		asn1_delete_structure(&c2);
+		result = _gnutls_asn2err(result);
+		goto out;
+	}
+
+	snprintf(name, sizeof(name), "?%u.critical", indx + 1);
+	len = sizeof(str_critical);
+	result = asn1_read_value(c2, name, str_critical, &len);
+
+	asn1_delete_structure(&c2);
+
+	if (result < 0) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto out;
+	}
+
+	if (critical) {
+		if (str_critical[0] == 'T')
+			*critical = 1;
+		else
+			*critical = 0;
+	}
+
+	result = 0;
+
+      out:
+	gnutls_free(extensions);
+	return result;
+}
+
+/**
+ * gnutls_x509_crq_get_extension_data:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @indx: Specifies which extension number to get. Use (0) to get the first one.
+ * @data: a pointer to a structure to hold the data (may be null)
+ * @sizeof_data: initially holds the size of @oid
+ *
+ * This function will return the requested extension data in the
+ * certificate.  The extension data will be stored as a string in the
+ * provided buffer.
+ *
+ * Use gnutls_x509_crq_get_extension_info() to extract the OID and
+ * critical flag.  Use gnutls_x509_crq_get_extension_by_oid() instead,
+ * if you want to get data indexed by the extension OID rather than
+ * sequence.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code in case of an error.  If your have reached the
+ *   last extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ *   will be returned.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_get_extension_data(gnutls_x509_crq_t crq, unsigned indx,
+				   void *data, size_t * sizeof_data)
+{
+	int ret;
+	gnutls_datum_t raw;
+
+	ret = gnutls_x509_crq_get_extension_data2(crq, indx, &raw);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_copy_data(&raw, data, sizeof_data);
+	if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER && data == NULL)
+		ret = 0;
+	gnutls_free(raw.data);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crq_get_extension_data2:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @extension_id: An X.509 extension OID.
+ * @indx: Specifies which extension OID to read. Use (0) to get the first one.
+ * @data: will contain the extension DER-encoded data
+ *
+ * This function will return the requested extension data in the
+ * certificate request.  The extension data will be allocated using
+ * gnutls_malloc().
+ *
+ * Use gnutls_x509_crq_get_extension_info() to extract the OID.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.  If you have reached the
+ *   last extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ *   will be returned.
+ *
+ * Since: 3.3.0
+ **/
+int
+gnutls_x509_crq_get_extension_data2(gnutls_x509_crq_t crq,
+			       unsigned indx, gnutls_datum_t * data)
+{
+	int ret, result;
+	char name[MAX_NAME_SIZE];
+	unsigned char *extensions = NULL;
+	size_t extensions_size = 0;
+	asn1_node c2 = NULL;
+
+	if (!crq) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* read extensionRequest */
+	ret =
+	    gnutls_x509_crq_get_attribute_by_oid(crq,
+						 "1.2.840.113549.1.9.14",
+						 0, NULL,
+						 &extensions_size);
+	if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) {
+		gnutls_assert();
+		if (ret == 0)
+			return GNUTLS_E_INTERNAL_ERROR;
+		return ret;
+	}
+
+	extensions = gnutls_malloc(extensions_size);
+	if (extensions == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret =
+	    gnutls_x509_crq_get_attribute_by_oid(crq,
+						 "1.2.840.113549.1.9.14",
+						 0, extensions,
+						 &extensions_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result =
+	    asn1_create_element(_gnutls_get_pkix(), "PKIX1.Extensions",
+				&c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = _asn1_strict_der_decode(&c2, extensions, extensions_size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	snprintf(name, sizeof(name), "?%u.extnValue", indx + 1);
+
+	ret = _gnutls_x509_read_value(c2, name, data);
+	if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) {
+		ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		goto cleanup;
+	} else if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	asn1_delete_structure(&c2);
+	gnutls_free(extensions);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crq_get_key_usage:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @key_usage: where the key usage bits will be stored
+ * @critical: will be non-zero if the extension is marked as critical
+ *
+ * This function will return certificate's key usage, by reading the
+ * keyUsage X.509 extension (2.5.29.15).  The key usage value will
+ * ORed values of the: %GNUTLS_KEY_DIGITAL_SIGNATURE,
+ * %GNUTLS_KEY_NON_REPUDIATION, %GNUTLS_KEY_KEY_ENCIPHERMENT,
+ * %GNUTLS_KEY_DATA_ENCIPHERMENT, %GNUTLS_KEY_KEY_AGREEMENT,
+ * %GNUTLS_KEY_KEY_CERT_SIGN, %GNUTLS_KEY_CRL_SIGN,
+ * %GNUTLS_KEY_ENCIPHER_ONLY, %GNUTLS_KEY_DECIPHER_ONLY.
+ *
+ * Returns: the certificate key usage, or a negative error code in case of
+ *   parsing error.  If the certificate does not contain the keyUsage
+ *   extension %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be
+ *   returned.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_get_key_usage(gnutls_x509_crq_t crq,
+			      unsigned int *key_usage,
+			      unsigned int *critical)
+{
+	int result;
+	uint8_t buf[128];
+	size_t buf_size = sizeof(buf);
+	gnutls_datum_t bd;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result = gnutls_x509_crq_get_extension_by_oid(crq, "2.5.29.15", 0,
+						      buf, &buf_size,
+						      critical);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	bd.data = buf;
+	bd.size = buf_size;
+	result = gnutls_x509_ext_import_key_usage(&bd, key_usage);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crq_get_basic_constraints:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @critical: will be non-zero if the extension is marked as critical
+ * @ca: pointer to output integer indicating CA status, may be NULL,
+ *   value is 1 if the certificate CA flag is set, 0 otherwise.
+ * @pathlen: pointer to output integer indicating path length (may be
+ *   NULL), non-negative error codes indicate a present pathLenConstraint
+ *   field and the actual value, -1 indicate that the field is absent.
+ *
+ * This function will read the certificate's basic constraints, and
+ * return the certificates CA status.  It reads the basicConstraints
+ * X.509 extension (2.5.29.19).
+ *
+ * Returns: If the certificate is a CA a positive value will be
+ *   returned, or (0) if the certificate does not have CA flag set.
+ *   A negative error code may be returned in case of errors.  If the
+ *   certificate does not contain the basicConstraints extension
+ *   %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_get_basic_constraints(gnutls_x509_crq_t crq,
+				      unsigned int *critical,
+				      unsigned int *ca, int *pathlen)
+{
+	int result;
+	unsigned int tmp_ca;
+	uint8_t buf[256];
+	size_t buf_size = sizeof(buf);
+	gnutls_datum_t bd;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result = gnutls_x509_crq_get_extension_by_oid(crq, "2.5.29.19", 0,
+						      buf, &buf_size,
+						      critical);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	bd.data = buf;
+	bd.size = buf_size;
+	result = gnutls_x509_ext_import_basic_constraints(&bd, &tmp_ca, pathlen);
+	if (ca)
+		*ca = tmp_ca;
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return tmp_ca;
+}
+
+static int
+get_subject_alt_name(gnutls_x509_crq_t crq,
+		     unsigned int seq, void *ret,
+		     size_t * ret_size, unsigned int *ret_type,
+		     unsigned int *critical, int othername_oid)
+{
+	int result;
+	asn1_node c2 = NULL;
+	gnutls_x509_subject_alt_name_t type;
+	gnutls_datum_t dnsname = { NULL, 0 };
+	size_t dns_size = 0;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (ret)
+		memset(ret, 0, *ret_size);
+	else
+		*ret_size = 0;
+
+	/* Extract extension.
+	 */
+	result = gnutls_x509_crq_get_extension_by_oid(crq, "2.5.29.17", 0,
+						      NULL, &dns_size,
+						      critical);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	dnsname.size = dns_size;
+	dnsname.data = gnutls_malloc(dnsname.size);
+	if (dnsname.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	result = gnutls_x509_crq_get_extension_by_oid(crq, "2.5.29.17", 0,
+						      dnsname.data,
+						      &dns_size, critical);
+	if (result < 0) {
+		gnutls_assert();
+		gnutls_free(dnsname.data);
+		return result;
+	}
+
+	result = asn1_create_element
+	    (_gnutls_get_pkix(), "PKIX1.SubjectAltName", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(dnsname.data);
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&c2, dnsname.data, dnsname.size, NULL);
+	gnutls_free(dnsname.data);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&c2);
+		return _gnutls_asn2err(result);
+	}
+
+	result = _gnutls_parse_general_name(c2, "", seq, ret, ret_size,
+					    ret_type, othername_oid);
+	asn1_delete_structure(&c2);
+	if (result < 0) {
+		return result;
+	}
+
+	type = result;
+
+	return type;
+}
+
+/**
+ * gnutls_x509_crq_get_subject_alt_name:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @seq: specifies the sequence number of the alt name, 0 for the
+ *   first one, 1 for the second etc.
+ * @ret: is the place where the alternative name will be copied to
+ * @ret_size: holds the size of ret.
+ * @ret_type: holds the #gnutls_x509_subject_alt_name_t name type
+ * @critical: will be non-zero if the extension is marked as critical
+ *   (may be null)
+ *
+ * This function will return the alternative names, contained in the
+ * given certificate.  It is the same as
+ * gnutls_x509_crq_get_subject_alt_name() except for the fact that it
+ * will return the type of the alternative name in @ret_type even if
+ * the function fails for some reason (i.e.  the buffer provided is
+ * not enough).
+ *
+ * Returns: the alternative subject name type on success, one of the
+ *   enumerated #gnutls_x509_subject_alt_name_t.  It will return
+ *   %GNUTLS_E_SHORT_MEMORY_BUFFER if @ret_size is not large enough to
+ *   hold the value.  In that case @ret_size will be updated with the
+ *   required size.  If the certificate request does not have an
+ *   Alternative name with the specified sequence number then
+ *   %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_get_subject_alt_name(gnutls_x509_crq_t crq,
+				     unsigned int seq, void *ret,
+				     size_t * ret_size,
+				     unsigned int *ret_type,
+				     unsigned int *critical)
+{
+	return get_subject_alt_name(crq, seq, ret, ret_size, ret_type,
+				    critical, 0);
+}
+
+/**
+ * gnutls_x509_crq_get_subject_alt_othername_oid:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @seq: specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)
+ * @ret: is the place where the otherName OID will be copied to
+ * @ret_size: holds the size of ret.
+ *
+ * This function will extract the type OID of an otherName Subject
+ * Alternative Name, contained in the given certificate, and return
+ * the type as an enumerated element.
+ *
+ * This function is only useful if
+ * gnutls_x509_crq_get_subject_alt_name() returned
+ * %GNUTLS_SAN_OTHERNAME.
+ *
+ * Returns: the alternative subject name type on success, one of the
+ *   enumerated gnutls_x509_subject_alt_name_t.  For supported OIDs,
+ *   it will return one of the virtual (GNUTLS_SAN_OTHERNAME_*) types,
+ *   e.g. %GNUTLS_SAN_OTHERNAME_XMPP, and %GNUTLS_SAN_OTHERNAME for
+ *   unknown OIDs.  It will return %GNUTLS_E_SHORT_MEMORY_BUFFER if
+ *   @ret_size is not large enough to hold the value.  In that case
+ *   @ret_size will be updated with the required size.  If the
+ *   certificate does not have an Alternative name with the specified
+ *   sequence number and with the otherName type then
+ *   %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_get_subject_alt_othername_oid(gnutls_x509_crq_t crq,
+					      unsigned int seq,
+					      void *ret, size_t * ret_size)
+{
+	return get_subject_alt_name(crq, seq, ret, ret_size, NULL, NULL,
+				    1);
+}
+
+/**
+ * gnutls_x509_crq_get_extension_by_oid:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @oid: holds an Object Identifier in a null terminated string
+ * @indx: In case multiple same OIDs exist in the extensions, this
+ *   specifies which to get. Use (0) to get the first one.
+ * @buf: a pointer to a structure to hold the name (may be null)
+ * @buf_size: initially holds the size of @buf
+ * @critical: will be non-zero if the extension is marked as critical
+ *
+ * This function will return the extension specified by the OID in
+ * the certificate.  The extensions will be returned as binary data
+ * DER encoded, in the provided buffer.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code in case of an error.  If the certificate does not
+ *   contain the specified extension
+ *   %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_get_extension_by_oid(gnutls_x509_crq_t crq,
+				     const char *oid, unsigned indx,
+				     void *buf, size_t * buf_size,
+				     unsigned int *critical)
+{
+	int result;
+	unsigned int i;
+	char _oid[MAX_OID_SIZE];
+	size_t oid_size;
+
+	for (i = 0;; i++) {
+		oid_size = sizeof(_oid);
+		result =
+		    gnutls_x509_crq_get_extension_info(crq, i, _oid,
+						       &oid_size,
+						       critical);
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+
+		if (strcmp(oid, _oid) == 0) {	/* found */
+			if (indx == 0)
+				return
+				    gnutls_x509_crq_get_extension_data(crq,
+								       i,
+								       buf,
+								       buf_size);
+			else
+				indx--;
+		}
+	}
+
+
+	return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+}
+
+/**
+ * gnutls_x509_crq_get_extension_by_oid2:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @oid: holds an Object Identifier in a null terminated string
+ * @indx: In case multiple same OIDs exist in the extensions, this
+ *   specifies which to get. Use (0) to get the first one.
+ * @output: will hold the allocated extension data
+ * @critical: will be non-zero if the extension is marked as critical
+ *
+ * This function will return the extension specified by the OID in
+ * the certificate.  The extensions will be returned as binary data
+ * DER encoded, in the provided buffer.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code in case of an error.  If the certificate does not
+ *   contain the specified extension
+ *   %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ *
+ * Since: 3.3.8
+ **/
+int
+gnutls_x509_crq_get_extension_by_oid2(gnutls_x509_crq_t crq,
+				     const char *oid, unsigned indx,
+				     gnutls_datum_t *output,
+				     unsigned int *critical)
+{
+	int result;
+	unsigned int i;
+	char _oid[MAX_OID_SIZE];
+	size_t oid_size;
+
+	for (i = 0;; i++) {
+		oid_size = sizeof(_oid);
+		result =
+		    gnutls_x509_crq_get_extension_info(crq, i, _oid,
+						       &oid_size,
+						       critical);
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+
+		if (strcmp(oid, _oid) == 0) {	/* found */
+			if (indx == 0)
+				return
+				    gnutls_x509_crq_get_extension_data2(crq,
+								       i,
+								       output);
+			else
+				indx--;
+		}
+	}
+
+	return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+}
+
+/**
+ * gnutls_x509_crq_set_subject_alt_name:
+ * @crq: a certificate request of type #gnutls_x509_crq_t
+ * @nt: is one of the #gnutls_x509_subject_alt_name_t enumerations
+ * @data: The data to be set
+ * @data_size: The size of data to be set
+ * @flags: %GNUTLS_FSAN_SET to clear previous data or
+ *   %GNUTLS_FSAN_APPEND to append.
+ *
+ * This function will set the subject alternative name certificate
+ * extension.  It can set the following types:
+ *
+ * %GNUTLS_SAN_DNSNAME: as a text string
+ *
+ * %GNUTLS_SAN_RFC822NAME: as a text string
+ *
+ * %GNUTLS_SAN_URI: as a text string
+ *
+ * %GNUTLS_SAN_IPADDRESS: as a binary IP address (4 or 16 bytes)
+ *
+ * %GNUTLS_SAN_OTHERNAME_XMPP: as a UTF8 string
+ *
+ * Since version 3.5.7 the %GNUTLS_SAN_RFC822NAME, %GNUTLS_SAN_DNSNAME, and
+ * %GNUTLS_SAN_OTHERNAME_XMPP are converted to ACE format when necessary.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_set_subject_alt_name(gnutls_x509_crq_t crq,
+				     gnutls_x509_subject_alt_name_t nt,
+				     const void *data,
+				     unsigned int data_size,
+				     unsigned int flags)
+{
+	int result = 0;
+	gnutls_datum_t der_data = { NULL, 0 };
+	gnutls_datum_t prev_der_data = { NULL, 0 };
+	unsigned int critical = 0;
+	size_t prev_data_size = 0;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Check if the extension already exists.
+	 */
+	if (flags & GNUTLS_FSAN_APPEND) {
+		result =
+		    gnutls_x509_crq_get_extension_by_oid(crq, "2.5.29.17",
+							 0, NULL,
+							 &prev_data_size,
+							 &critical);
+		prev_der_data.size = prev_data_size;
+
+		switch (result) {
+		case GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE:
+			/* Replacing non-existing data means the same as set data. */
+			break;
+
+		case GNUTLS_E_SUCCESS:
+			prev_der_data.data =
+			    gnutls_malloc(prev_der_data.size);
+			if (prev_der_data.data == NULL) {
+				gnutls_assert();
+				return GNUTLS_E_MEMORY_ERROR;
+			}
+
+			result =
+			    gnutls_x509_crq_get_extension_by_oid(crq,
+								 "2.5.29.17",
+								 0,
+								 prev_der_data.
+								 data,
+								 &prev_data_size,
+								 &critical);
+			if (result < 0) {
+				gnutls_assert();
+				gnutls_free(prev_der_data.data);
+				return result;
+			}
+			break;
+
+		default:
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	/* generate the extension.
+	 */
+	result = _gnutls_x509_ext_gen_subject_alt_name(nt, NULL, data, data_size,
+						       &prev_der_data,
+						       &der_data);
+	gnutls_free(prev_der_data.data);
+	if (result < 0) {
+		gnutls_assert();
+		goto finish;
+	}
+
+	result =
+	    _gnutls_x509_crq_set_extension(crq, "2.5.29.17", &der_data,
+					   critical);
+
+	_gnutls_free_datum(&der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+
+      finish:
+	return result;
+}
+
+/**
+ * gnutls_x509_crq_set_subject_alt_othername:
+ * @crq: a certificate request of type #gnutls_x509_crq_t
+ * @oid: is the othername OID
+ * @data: The data to be set
+ * @data_size: The size of data to be set
+ * @flags: %GNUTLS_FSAN_SET to clear previous data or
+ *   %GNUTLS_FSAN_APPEND to append.
+ *
+ * This function will set the subject alternative name certificate
+ * extension.  It can set the following types:
+ *
+ * The values set must be binary values and must be properly DER encoded.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.0
+ **/
+int
+gnutls_x509_crq_set_subject_alt_othername(gnutls_x509_crq_t crq,
+				     const char *oid,
+				     const void *data,
+				     unsigned int data_size,
+				     unsigned int flags)
+{
+	int result = 0;
+	gnutls_datum_t der_data = { NULL, 0 };
+	gnutls_datum_t encoded_data = { NULL, 0 };
+	gnutls_datum_t prev_der_data = { NULL, 0 };
+	unsigned int critical = 0;
+	size_t prev_data_size = 0;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Check if the extension already exists.
+	 */
+	if (flags & GNUTLS_FSAN_APPEND) {
+		result =
+		    gnutls_x509_crq_get_extension_by_oid(crq, "2.5.29.17",
+							 0, NULL,
+							 &prev_data_size,
+							 &critical);
+		prev_der_data.size = prev_data_size;
+
+		switch (result) {
+		case GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE:
+			/* Replacing non-existing data means the same as set data. */
+			break;
+
+		case GNUTLS_E_SUCCESS:
+			prev_der_data.data =
+			    gnutls_malloc(prev_der_data.size);
+			if (prev_der_data.data == NULL) {
+				gnutls_assert();
+				return GNUTLS_E_MEMORY_ERROR;
+			}
+
+			result =
+			    gnutls_x509_crq_get_extension_by_oid(crq,
+								 "2.5.29.17",
+								 0,
+								 prev_der_data.
+								 data,
+								 &prev_data_size,
+								 &critical);
+			if (result < 0) {
+				gnutls_assert();
+				goto finish;
+			}
+			break;
+
+		default:
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	result = _gnutls_encode_othername_data(flags, data, data_size, &encoded_data);
+	if (result < 0) {
+		gnutls_assert();
+		goto finish;
+	}
+
+	/* generate the extension.
+	 */
+	result = _gnutls_x509_ext_gen_subject_alt_name(GNUTLS_SAN_OTHERNAME, oid,
+						       encoded_data.data, encoded_data.size,
+						       &prev_der_data,
+						       &der_data);
+	if (result < 0) {
+		gnutls_assert();
+		goto finish;
+	}
+
+	result =
+	    _gnutls_x509_crq_set_extension(crq, "2.5.29.17", &der_data,
+					   critical);
+
+	if (result < 0) {
+		gnutls_assert();
+		goto finish;
+	}
+
+	result = 0;
+
+      finish:
+	_gnutls_free_datum(&prev_der_data);
+	_gnutls_free_datum(&der_data);
+	_gnutls_free_datum(&encoded_data);
+	return result;
+}
+
+/**
+ * gnutls_x509_crq_set_basic_constraints:
+ * @crq: a certificate request of type #gnutls_x509_crq_t
+ * @ca: true(1) or false(0) depending on the Certificate authority status.
+ * @pathLenConstraint: non-negative error codes indicate maximum length of path,
+ *   and negative error codes indicate that the pathLenConstraints field should
+ *   not be present.
+ *
+ * This function will set the basicConstraints certificate extension.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_set_basic_constraints(gnutls_x509_crq_t crq,
+				      unsigned int ca,
+				      int pathLenConstraint)
+{
+	int result;
+	gnutls_datum_t der_data;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* generate the extension.
+	 */
+	result = gnutls_x509_ext_export_basic_constraints(ca, pathLenConstraint, &der_data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result =
+	    _gnutls_x509_crq_set_extension(crq, "2.5.29.19", &der_data, 1);
+
+	_gnutls_free_datum(&der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crq_set_key_usage:
+ * @crq: a certificate request of type #gnutls_x509_crq_t
+ * @usage: an ORed sequence of the GNUTLS_KEY_* elements.
+ *
+ * This function will set the keyUsage certificate extension.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_set_key_usage(gnutls_x509_crq_t crq, unsigned int usage)
+{
+	int result;
+	gnutls_datum_t der_data;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* generate the extension.
+	 */
+	result =
+	    gnutls_x509_ext_export_key_usage(usage, &der_data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result =
+	    _gnutls_x509_crq_set_extension(crq, "2.5.29.15", &der_data, 1);
+
+	_gnutls_free_datum(&der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crq_get_key_purpose_oid:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @indx: This specifies which OID to return, use (0) to get the first one
+ * @oid: a pointer to store the OID (may be %NULL)
+ * @sizeof_oid: initially holds the size of @oid
+ * @critical: output variable with critical flag, may be %NULL.
+ *
+ * This function will extract the key purpose OIDs of the Certificate
+ * specified by the given index.  These are stored in the Extended Key
+ * Usage extension (2.5.29.37).  See the GNUTLS_KP_* definitions for
+ * human readable names.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is
+ *   not long enough, and in that case the *@sizeof_oid will be
+ *   updated with the required size.  On success 0 is returned.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_get_key_purpose_oid(gnutls_x509_crq_t crq,
+				    unsigned indx, void *oid,
+				    size_t * sizeof_oid,
+				    unsigned int *critical)
+{
+	char tmpstr[MAX_NAME_SIZE];
+	int result, len;
+	gnutls_datum_t prev = { NULL, 0 };
+	asn1_node c2 = NULL;
+	size_t prev_size = 0;
+
+	if (oid)
+		memset(oid, 0, *sizeof_oid);
+	else
+		*sizeof_oid = 0;
+
+	/* Extract extension.
+	 */
+	result = gnutls_x509_crq_get_extension_by_oid(crq, "2.5.29.37", 0,
+						      NULL, &prev_size,
+						      critical);
+	prev.size = prev_size;
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	prev.data = gnutls_malloc(prev.size);
+	if (prev.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	result = gnutls_x509_crq_get_extension_by_oid(crq, "2.5.29.37", 0,
+						      prev.data,
+						      &prev_size,
+						      critical);
+	if (result < 0) {
+		gnutls_assert();
+		gnutls_free(prev.data);
+		return result;
+	}
+
+	result = asn1_create_element
+	    (_gnutls_get_pkix(), "PKIX1.ExtKeyUsageSyntax", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(prev.data);
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&c2, prev.data, prev.size, NULL);
+	gnutls_free(prev.data);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&c2);
+		return _gnutls_asn2err(result);
+	}
+
+	indx++;
+	/* create a string like "?1"
+	 */
+	snprintf(tmpstr, sizeof(tmpstr), "?%u", indx);
+
+	len = *sizeof_oid;
+	result = asn1_read_value(c2, tmpstr, oid, &len);
+
+	*sizeof_oid = len;
+	asn1_delete_structure(&c2);
+
+	if (result == ASN1_VALUE_NOT_FOUND
+	    || result == ASN1_ELEMENT_NOT_FOUND) {
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	if (result != ASN1_SUCCESS) {
+		if (result != ASN1_MEM_ERROR)
+			gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crq_set_key_purpose_oid:
+ * @crq: a certificate of type #gnutls_x509_crq_t
+ * @oid: a pointer to a null-terminated string that holds the OID
+ * @critical: Whether this extension will be critical or not
+ *
+ * This function will set the key purpose OIDs of the Certificate.
+ * These are stored in the Extended Key Usage extension (2.5.29.37)
+ * See the GNUTLS_KP_* definitions for human readable names.
+ *
+ * Subsequent calls to this function will append OIDs to the OID list.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_set_key_purpose_oid(gnutls_x509_crq_t crq,
+				    const void *oid, unsigned int critical)
+{
+	int result;
+	gnutls_datum_t prev = { NULL, 0 }, der_data;
+	asn1_node c2 = NULL;
+	size_t prev_size = 0;
+
+	/* Read existing extension, if there is one.
+	 */
+	result = gnutls_x509_crq_get_extension_by_oid(crq, "2.5.29.37", 0,
+						      NULL, &prev_size,
+						      &critical);
+	prev.size = prev_size;
+
+	switch (result) {
+	case GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE:
+		/* No existing extension, that's fine. */
+		break;
+
+	case GNUTLS_E_SUCCESS:
+		prev.data = gnutls_malloc(prev.size);
+		if (prev.data == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+
+		result =
+		    gnutls_x509_crq_get_extension_by_oid(crq, "2.5.29.37",
+							 0, prev.data,
+							 &prev_size,
+							 &critical);
+		if (result < 0) {
+			gnutls_assert();
+			gnutls_free(prev.data);
+			return result;
+		}
+		break;
+
+	default:
+		gnutls_assert();
+		return result;
+	}
+
+	result = asn1_create_element(_gnutls_get_pkix(),
+				     "PKIX1.ExtKeyUsageSyntax", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(prev.data);
+		return _gnutls_asn2err(result);
+	}
+
+	if (prev.data) {
+		/* decode it.
+		 */
+		result =
+		    _asn1_strict_der_decode(&c2, prev.data, prev.size, NULL);
+		gnutls_free(prev.data);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			asn1_delete_structure(&c2);
+			return _gnutls_asn2err(result);
+		}
+	}
+
+	/* generate the extension.
+	 */
+	/* 1. create a new element.
+	 */
+	result = asn1_write_value(c2, "", "NEW", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&c2);
+		return _gnutls_asn2err(result);
+	}
+
+	/* 2. Add the OID.
+	 */
+	result = asn1_write_value(c2, "?LAST", oid, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&c2);
+		return _gnutls_asn2err(result);
+	}
+
+	result = _gnutls_x509_der_encode(c2, "", &der_data, 0);
+	asn1_delete_structure(&c2);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _gnutls_x509_crq_set_extension(crq, "2.5.29.37",
+						&der_data, critical);
+	_gnutls_free_datum(&der_data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crq_get_key_id:
+ * @crq: a certificate of type #gnutls_x509_crq_t
+ * @flags: should be one of the flags from %gnutls_keyid_flags_t
+ * @output_data: will contain the key ID
+ * @output_data_size: holds the size of output_data (and will be
+ *   replaced by the actual size of parameters)
+ *
+ * This function will return a unique ID that depends on the public key
+ * parameters.  This ID can be used in checking whether a certificate
+ * corresponds to the given private key.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *@output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will
+ * be returned.  The output will normally be a SHA-1 hash output,
+ * which is 20 bytes.
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and 0 on success.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_get_key_id(gnutls_x509_crq_t crq, unsigned int flags,
+			   unsigned char *output_data,
+			   size_t * output_data_size)
+{
+	int ret = 0;
+	gnutls_pk_params_st params;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_crq_get_mpis(crq, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_get_key_id(&params, output_data, output_data_size, flags);
+
+	gnutls_pk_params_release(&params);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_crq_privkey_sign:
+ * @crq: should contain a #gnutls_x509_crq_t type
+ * @key: holds a private key
+ * @dig: The message digest to use, i.e., %GNUTLS_DIG_SHA1
+ * @flags: must be 0
+ *
+ * This function will sign the certificate request with a private key.
+ * This must be the same key as the one used in
+ * gnutls_x509_crt_set_key() since a certificate request is self
+ * signed.
+ *
+ * This must be the last step in a certificate request generation
+ * since all the previously set parameters are now signed.
+ *
+ * A known limitation of this function is, that a newly-signed request will not
+ * be fully functional (e.g., for signature verification), until it
+ * is exported an re-imported.
+ *
+ * After GnuTLS 3.6.1 the value of @dig may be %GNUTLS_DIG_UNKNOWN,
+ * and in that case, a suitable but reasonable for the key algorithm will be selected.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *   %GNUTLS_E_ASN1_VALUE_NOT_FOUND is returned if you didn't set all
+ *   information in the certificate request (e.g., the version using
+ *   gnutls_x509_crq_set_version()).
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_x509_crq_privkey_sign(gnutls_x509_crq_t crq, gnutls_privkey_t key,
+			     gnutls_digest_algorithm_t dig,
+			     unsigned int flags)
+{
+	int result;
+	gnutls_datum_t signature;
+	gnutls_datum_t tbs;
+	gnutls_pk_algorithm_t pk;
+	gnutls_x509_spki_st params;
+	const gnutls_sign_entry_st *se;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Make sure version field is set. */
+	if (gnutls_x509_crq_get_version(crq) ==
+	    GNUTLS_E_ASN1_VALUE_NOT_FOUND) {
+		result = gnutls_x509_crq_set_version(crq, 1);
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	if (dig == 0) {
+		/* attempt to find a reasonable choice */
+		gnutls_pubkey_t pubkey;
+		int ret;
+
+		ret = gnutls_pubkey_init(&pubkey);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = gnutls_pubkey_import_privkey(pubkey, key, 0, 0);
+		if (ret < 0) {
+			gnutls_pubkey_deinit(pubkey);
+			return gnutls_assert_val(ret);
+		}
+		ret = gnutls_pubkey_get_preferred_hash_algorithm(pubkey, &dig, NULL);
+		gnutls_pubkey_deinit(pubkey);
+
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	result = _gnutls_privkey_get_spki_params(key, &params);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	pk = gnutls_privkey_get_pk_algorithm(key, NULL);
+	result = _gnutls_privkey_update_spki_params(key, pk, dig, 0, &params);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	/* Step 1. Self sign the request.
+	 */
+	result =
+	    _gnutls_x509_get_tbs(crq->crq, "certificationRequestInfo",
+				 &tbs);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	se = _gnutls_pk_to_sign_entry(params.pk, dig);
+	if (se == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	FIX_SIGN_PARAMS(params, flags, dig);
+
+	result = privkey_sign_and_hash_data(key, se,
+					    &tbs, &signature, &params);
+	gnutls_free(tbs.data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	/* Step 2. write the signature (bits)
+	 */
+	result =
+	    asn1_write_value(crq->crq, "signature", signature.data,
+			     signature.size * 8);
+
+	_gnutls_free_datum(&signature);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* Step 3. Write the signatureAlgorithm field.
+	 */
+	result =
+	    _gnutls_x509_write_sign_params(crq->crq, "signatureAlgorithm",
+					   se, &params);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+
+/**
+ * gnutls_x509_crq_verify:
+ * @crq: is the crq to be verified
+ * @flags: Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.
+ *
+ * This function will verify self signature in the certificate
+ * request and return its status.
+ *
+ * Returns: In case of a verification failure %GNUTLS_E_PK_SIG_VERIFY_FAILED 
+ * is returned, and zero or positive code on success.
+ *
+ * Since 2.12.0
+ **/
+int gnutls_x509_crq_verify(gnutls_x509_crq_t crq, unsigned int flags)
+{
+	gnutls_datum_t data = { NULL, 0 };
+	gnutls_datum_t signature = { NULL, 0 };
+	gnutls_pk_params_st params;
+	gnutls_x509_spki_st sign_params;
+	const gnutls_sign_entry_st *se;
+	int ret;
+
+	gnutls_pk_params_init(&params);
+
+	ret =
+	    _gnutls_x509_get_signed_data(crq->crq, NULL,
+					 "certificationRequestInfo",
+					 &data);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_x509_get_signature_algorithm(crq->crq,
+						 "signatureAlgorithm");
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	se = _gnutls_sign_to_entry(ret);
+	if (se == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_get_signature(crq->crq, "signature", &signature);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_crq_get_mpis(crq, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_read_sign_params(crq->crq,
+					    "signatureAlgorithm",
+					    &sign_params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    pubkey_verify_data(se, hash_to_entry(se->hash), &data, &signature,
+			       &params, &sign_params, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	_gnutls_free_datum(&data);
+	_gnutls_free_datum(&signature);
+	gnutls_pk_params_release(&params);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_crq_set_private_key_usage_period:
+ * @crq: a certificate of type #gnutls_x509_crq_t
+ * @activation: The activation time
+ * @expiration: The expiration time
+ *
+ * This function will set the private key usage period extension (2.5.29.16).
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crq_set_private_key_usage_period(gnutls_x509_crq_t crq,
+					     time_t activation,
+					     time_t expiration)
+{
+	int result;
+	gnutls_datum_t der_data;
+	asn1_node c2 = NULL;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result =
+	    asn1_create_element(_gnutls_get_pkix(),
+				"PKIX1.PrivateKeyUsagePeriod", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _gnutls_x509_set_time(c2, "notBefore", activation, 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_set_time(c2, "notAfter", expiration, 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_der_encode(c2, "", &der_data, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_crq_set_extension(crq, "2.5.29.16",
+						&der_data, 0);
+
+	_gnutls_free_datum(&der_data);
+
+      cleanup:
+	asn1_delete_structure(&c2);
+
+	return result;
+}
+
+/**
+ * gnutls_x509_crq_get_tlsfeatures:
+ * @crq: An X.509 certificate request
+ * @features: If the function succeeds, the
+ *   features will be stored in this variable.
+ * @flags: zero or %GNUTLS_EXT_FLAG_APPEND
+ * @critical: the extension status
+ *
+ * This function will get the X.509 TLS features
+ * extension structure from the certificate request.
+ * The returned structure needs to be freed using
+ * gnutls_x509_tlsfeatures_deinit().
+ *
+ * When the @flags is set to %GNUTLS_EXT_FLAG_APPEND,
+ * then if the @features structure is empty this function will behave
+ * identically as if the flag was not set. Otherwise if there are elements 
+ * in the @features structure then they will be merged with.
+ *
+ * Note that @features must be initialized prior to calling this function.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error value.
+ *
+ * Since: 3.5.1
+ **/
+int gnutls_x509_crq_get_tlsfeatures(gnutls_x509_crq_t crq,
+				    gnutls_x509_tlsfeatures_t features,
+				    unsigned int flags,
+				    unsigned int *critical)
+{
+	int ret;
+	gnutls_datum_t der = {NULL, 0};
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((ret =
+		 gnutls_x509_crq_get_extension_by_oid2(crq, GNUTLS_X509EXT_OID_TLSFEATURES, 0,
+						&der, critical)) < 0)
+	{
+		return ret;
+	}
+
+	if (der.size == 0 || der.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	ret = gnutls_x509_ext_import_tlsfeatures(&der, features, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_free(der.data);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crq_set_tlsfeatures:
+ * @crq: An X.509 certificate request
+ * @features: If the function succeeds, the
+ *   features will be added to the certificate
+ *   request.
+ *
+ * This function will set the certificate request's
+ * X.509 TLS extension from the given structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error value.
+ *
+ * Since: 3.5.1
+ **/
+int gnutls_x509_crq_set_tlsfeatures(gnutls_x509_crq_t crq,
+				    gnutls_x509_tlsfeatures_t features)
+{
+	int ret;
+	gnutls_datum_t der;
+
+	if (crq == NULL || features == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_x509_ext_export_tlsfeatures(features, &der);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_x509_crq_set_extension(crq, GNUTLS_X509EXT_OID_TLSFEATURES, &der, 0);
+
+	_gnutls_free_datum(&der);
+
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_crq_set_extension_by_oid:
+ * @crq: a certificate of type #gnutls_x509_crq_t
+ * @oid: holds an Object Identifier in null terminated string
+ * @buf: a pointer to a DER encoded data
+ * @sizeof_buf: holds the size of @buf
+ * @critical: should be non-zero if the extension is to be marked as critical
+ *
+ * This function will set an the extension, by the specified OID, in
+ * the certificate request.  The extension data should be binary data DER
+ * encoded.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crq_set_extension_by_oid(gnutls_x509_crq_t crq,
+				     const char *oid, const void *buf,
+				     size_t sizeof_buf,
+				     unsigned int critical)
+{
+	int result;
+	gnutls_datum_t der_data;
+
+	der_data.data = (void *) buf;
+	der_data.size = sizeof_buf;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result =
+	    _gnutls_x509_crq_set_extension(crq, oid, &der_data, critical);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+
+}
+
+/**
+ * gnutls_x509_crq_set_spki:
+ * @crq: a certificate request of type #gnutls_x509_crq_t
+ * @spki: a SubjectPublicKeyInfo structure of type #gnutls_x509_spki_t
+ * @flags: must be zero
+ *
+ * This function will set the certificate request's subject public key
+ * information explicitly. This is intended to be used in the cases
+ * where a single public key (e.g., RSA) can be used for multiple
+ * signature algorithms (RSA PKCS1-1.5, and RSA-PSS).
+ *
+ * To export the public key (i.e., the SubjectPublicKeyInfo part), check
+ * gnutls_pubkey_import_x509().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_x509_crq_set_spki(gnutls_x509_crq_t crq,
+			 const gnutls_x509_spki_t spki,
+			 unsigned int flags)
+{
+	int ret;
+	gnutls_pk_algorithm_t crq_pk;
+	gnutls_x509_spki_st tpki;
+	gnutls_pk_params_st params;
+	unsigned bits;
+
+	if (crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_crq_get_mpis(crq, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	bits = pubkey_to_bits(&params);
+	crq_pk = params.algo;
+
+	if (!_gnutls_pk_are_compat(crq_pk, spki->pk)) {
+                ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+                goto cleanup;
+	}
+
+	if (spki->pk != GNUTLS_PK_RSA_PSS) {
+		if (crq_pk == spki->pk) {
+			ret = 0;
+			goto cleanup;
+		}
+
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	memset(&tpki, 0, sizeof(gnutls_x509_spki_st));
+
+	if (crq_pk == GNUTLS_PK_RSA) {
+		const mac_entry_st *me;
+
+		me = hash_to_entry(spki->rsa_pss_dig);
+		if (unlikely(me == NULL)) {
+			gnutls_assert();
+			ret = GNUTLS_E_INVALID_REQUEST;
+			goto cleanup;
+		}
+
+		tpki.pk = spki->pk;
+		tpki.rsa_pss_dig = spki->rsa_pss_dig;
+
+		/* If salt size is zero, find the optimal salt size. */
+		if (spki->salt_size == 0) {
+			ret =
+			    _gnutls_find_rsa_pss_salt_size(bits, me,
+							   spki->salt_size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			tpki.salt_size = ret;
+		} else
+			tpki.salt_size = spki->salt_size;
+	} else if (crq_pk == GNUTLS_PK_RSA_PSS) {
+		ret = _gnutls_x509_crq_read_spki_params(crq, &tpki);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		tpki.salt_size = spki->salt_size;
+		tpki.rsa_pss_dig = spki->rsa_pss_dig;
+	}
+
+	memcpy(&params.spki, &tpki, sizeof(tpki));
+	ret = _gnutls_x509_check_pubkey_params(&params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_write_spki_params(crq->crq,
+						"certificationRequestInfo."
+						"subjectPKInfo."
+						"algorithm",
+						&tpki);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_pk_params_release(&params);
+	return ret;
+}
diff --git a/lib/x509/dn.c b/lib/x509/dn.c
new file mode 100644
index 0000000..8d89f56
--- /dev/null
+++ b/lib/x509/dn.c
@@ -0,0 +1,1051 @@
+/*
+ * Copyright (C) 2003-2014 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <libtasn1.h>
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <str.h>
+#include <common.h>
+#include <num.h>
+
+/* This file includes all the required to parse an X.509 Distriguished
+ * Name (you need a parser just to read a name in the X.509 protocols!!!)
+ */
+
+static int append_elements(asn1_node asn1_struct, const char *asn1_rdn_name, gnutls_buffer_st *str, int k1, unsigned last)
+{
+	int k2, result, max_k2;
+	int len;
+	uint8_t value[MAX_STRING_LEN];
+	char tmpbuffer1[MAX_NAME_SIZE];
+	char tmpbuffer2[MAX_NAME_SIZE];
+	char tmpbuffer3[MAX_NAME_SIZE];
+	const char *ldap_desc;
+	char oid[MAX_OID_SIZE];
+	gnutls_datum_t td = { NULL, 0 };
+	gnutls_datum_t tvd = { NULL, 0 };
+
+	/* create a string like "tbsCertList.issuer.rdnSequence.?1"
+	 */
+	if (asn1_rdn_name[0] != 0)
+		snprintf(tmpbuffer1, sizeof(tmpbuffer1), "%s.?%d",
+			 asn1_rdn_name, k1);
+	else
+		snprintf(tmpbuffer1, sizeof(tmpbuffer1), "?%d",
+			 k1);
+
+	len = sizeof(value) - 1;
+	result =
+	    asn1_read_value(asn1_struct, tmpbuffer1, value, &len);
+
+	if (result != ASN1_VALUE_NOT_FOUND && result != ASN1_SUCCESS) { /* expected */
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	k2 = 0;
+
+	result = asn1_number_of_elements(asn1_struct, tmpbuffer1, &max_k2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	do {		/* Move to the attribute type and values
+				 */
+		k2++;
+
+		if (tmpbuffer1[0] != 0)
+			snprintf(tmpbuffer2, sizeof(tmpbuffer2),
+				 "%s.?%d", tmpbuffer1, k2);
+		else
+			snprintf(tmpbuffer2, sizeof(tmpbuffer2),
+				 "?%d", k2);
+
+		/* Try to read the RelativeDistinguishedName attributes.
+		 */
+
+		len = sizeof(value) - 1;
+		result =
+		    asn1_read_value(asn1_struct, tmpbuffer2, value,
+				    &len);
+
+		if (result == ASN1_ELEMENT_NOT_FOUND)
+			break;
+		if (result != ASN1_VALUE_NOT_FOUND && result != ASN1_SUCCESS) { /* expected */
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		/* Read the OID 
+		 */
+		_gnutls_str_cpy(tmpbuffer3, sizeof(tmpbuffer3),
+				tmpbuffer2);
+		_gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3),
+				".type");
+
+		len = sizeof(oid) - 1;
+		result =
+		    asn1_read_value(asn1_struct, tmpbuffer3, oid,
+				    &len);
+
+		if (result == ASN1_ELEMENT_NOT_FOUND)
+			break;
+		else if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		/* Read the Value 
+		 */
+		_gnutls_str_cpy(tmpbuffer3, sizeof(tmpbuffer3),
+				tmpbuffer2);
+		_gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3),
+				".value");
+
+		len = 0;
+
+		result =
+		    _gnutls_x509_read_value(asn1_struct,
+					    tmpbuffer3, &tvd);
+		if (result < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+#define STR_APPEND(y) if ((result=_gnutls_buffer_append_str( str, y)) < 0) { \
+	gnutls_assert(); \
+	goto cleanup; \
+}
+#define DATA_APPEND(x,y) if ((result=_gnutls_buffer_append_data( str, x,y)) < 0) { \
+	gnutls_assert(); \
+	goto cleanup; \
+}
+		/*   The encodings of adjoining RelativeDistinguishedNames are separated
+		 *   by a comma character (',' ASCII 44).
+		 */
+
+		ldap_desc =
+		    gnutls_x509_dn_oid_name(oid,
+					    GNUTLS_X509_DN_OID_RETURN_OID);
+
+		STR_APPEND(ldap_desc);
+		STR_APPEND("=");
+
+		/* DirectoryString by definition in RFC 5280 cannot be empty.
+		 * If asn_node.value_len = 0 the parser correctly rejects such DirectoryString.
+		 * However, if asn_node.value contains ASN.1 TLV triplet with length = 0,
+		 * such DirectoryString is not rejected by the parser as the node itself is not empty.
+		 * Explicitly reject DirectoryString in such case.
+		 */
+		const char *asn_desc = _gnutls_oid_get_asn_desc(oid);
+		if (asn_desc && !strcmp(asn_desc, "PKIX1.DirectoryString") && tvd.data[1] == 0) {
+			gnutls_assert();
+			result = GNUTLS_E_ASN1_VALUE_NOT_VALID;
+			_gnutls_debug_log("Empty DirectoryString\n");
+			goto cleanup;
+		}
+
+		result =
+		    _gnutls_x509_dn_to_string(oid, tvd.data,
+					      tvd.size, &td);
+		if (result < 0) {
+			gnutls_assert();
+			_gnutls_debug_log
+			    ("Cannot parse OID: '%s' with value '%s'\n",
+			     oid, _gnutls_bin2hex(tvd.data,
+						  tvd.size,
+						  tmpbuffer3,
+						  sizeof
+						  (tmpbuffer3),
+						  NULL));
+			goto cleanup;
+		}
+
+		DATA_APPEND(td.data, td.size);
+		_gnutls_free_datum(&td);
+		_gnutls_free_datum(&tvd);
+
+		/*   Where there is a multi-valued RDN, the outputs from adjoining
+		 *   AttributeTypeAndValues are separated by a plus ('+' ASCII 43)
+		 *   character.
+		 */
+		if (k2 < max_k2) {
+			STR_APPEND("+");
+		} else if (!last) {
+			STR_APPEND(",");
+		}
+	}
+	while (1);
+
+	result = 0;
+
+ cleanup:
+	_gnutls_free_datum(&td);
+	_gnutls_free_datum(&tvd);
+	return result;
+}
+
+int
+_gnutls_x509_get_dn(asn1_node asn1_struct,
+		    const char *asn1_rdn_name, gnutls_datum_t * dn,
+		    unsigned flags)
+{
+	gnutls_buffer_st out_str;
+	int i, k1, result;
+
+	_gnutls_buffer_init(&out_str);
+
+	result = asn1_number_of_elements(asn1_struct, asn1_rdn_name, &k1);
+	if (result != ASN1_SUCCESS) {
+		if (result == ASN1_ELEMENT_NOT_FOUND || result == ASN1_VALUE_NOT_FOUND) {
+			result = gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+		} else {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+		}
+		goto cleanup;
+	}
+
+	if (k1 == 0) {
+		gnutls_assert();
+		result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		goto cleanup;
+	}
+
+	if (flags & GNUTLS_X509_DN_FLAG_COMPAT) {
+		for (i=0;i<k1;i++) {
+			result = append_elements(asn1_struct, asn1_rdn_name, &out_str, i+1, (i==(k1-1))?1:0);
+			if (result < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+		}
+	} else {
+		while (k1 > 0) {
+			result = append_elements(asn1_struct, asn1_rdn_name, &out_str, k1, k1==1?1:0);
+			if (result < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			k1--;
+		}
+	}
+
+	return _gnutls_buffer_to_datum(&out_str, dn, 1);
+
+ cleanup:
+	_gnutls_buffer_clear(&out_str);
+	return result;
+
+}
+
+
+/* Parses an X509 DN in the asn1_struct, and puts the output into
+ * the string buf. The output is an LDAP encoded DN.
+ *
+ * asn1_rdn_name must be a string in the form "tbsCertificate.issuer.rdnSequence".
+ * That is to point in the rndSequence.
+ */
+int
+_gnutls_x509_parse_dn(asn1_node asn1_struct,
+		      const char *asn1_rdn_name, char *buf,
+		      size_t * buf_size, unsigned flags)
+{
+	int ret;
+	gnutls_datum_t dn = {NULL, 0};
+
+	if (buf_size == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (*buf_size > 0 && buf)
+		buf[0] = 0;
+	else
+		*buf_size = 0;
+
+	ret = _gnutls_x509_get_dn(asn1_struct, asn1_rdn_name, &dn, flags);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (dn.size >= (unsigned int) *buf_size) {
+		gnutls_assert();
+		*buf_size = dn.size + 1;
+		ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
+		goto cleanup;
+	}
+
+	assert(dn.data != NULL);
+
+	if (buf) {
+		memcpy(buf, dn.data, dn.size);
+		buf[dn.size] = 0;
+		*buf_size = dn.size;
+	} else
+		*buf_size = dn.size + 1;
+
+	ret = 0;
+      cleanup:
+	_gnutls_free_datum(&dn);
+	return ret;
+}
+
+/* Parses an X509 DN in the asn1_struct, and searches for the
+ * given OID in the DN.
+ *
+ * If raw_flag == 0, the output will be encoded in the LDAP way. (#hex for non printable)
+ * Otherwise the raw DER data are returned.
+ *
+ * asn1_rdn_name must be a string in the form "tbsCertificate.issuer.rdnSequence".
+ * That is to point in the rndSequence.
+ *
+ * indx specifies which OID to return. Ie 0 means return the first specified
+ * OID found, 1 the second etc.
+ */
+int
+_gnutls_x509_parse_dn_oid(asn1_node asn1_struct,
+			  const char *asn1_rdn_name,
+			  const char *given_oid, int indx,
+			  unsigned int raw_flag, gnutls_datum_t * out)
+{
+	int k2, k1, result;
+	char tmpbuffer1[MAX_NAME_SIZE];
+	char tmpbuffer2[MAX_NAME_SIZE];
+	char tmpbuffer3[MAX_NAME_SIZE];
+	gnutls_datum_t td;
+	uint8_t value[256];
+	char oid[MAX_OID_SIZE];
+	int len;
+	int i = 0;
+
+	k1 = 0;
+	do {
+
+		k1++;
+		/* create a string like "tbsCertList.issuer.rdnSequence.?1"
+		 */
+		if (asn1_rdn_name[0] != 0)
+			snprintf(tmpbuffer1, sizeof(tmpbuffer1), "%s.?%d",
+				 asn1_rdn_name, k1);
+		else
+			snprintf(tmpbuffer1, sizeof(tmpbuffer1), "?%d",
+				 k1);
+
+		len = sizeof(value) - 1;
+		result =
+		    asn1_read_value(asn1_struct, tmpbuffer1, value, &len);
+
+		if (result == ASN1_ELEMENT_NOT_FOUND) {
+			gnutls_assert();
+			break;
+		}
+
+		if (result != ASN1_VALUE_NOT_FOUND) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		k2 = 0;
+
+		do {		/* Move to the attribute type and values
+				 */
+			k2++;
+
+			if (tmpbuffer1[0] != 0)
+				snprintf(tmpbuffer2, sizeof(tmpbuffer2),
+					 "%s.?%d", tmpbuffer1, k2);
+			else
+				snprintf(tmpbuffer2, sizeof(tmpbuffer2),
+					 "?%d", k2);
+
+			/* Try to read the RelativeDistinguishedName attributes.
+			 */
+
+			len = sizeof(value) - 1;
+			result =
+			    asn1_read_value(asn1_struct, tmpbuffer2, value,
+					    &len);
+
+			if (result == ASN1_ELEMENT_NOT_FOUND) {
+				break;
+			}
+			if (result != ASN1_VALUE_NOT_FOUND) {
+				gnutls_assert();
+				result = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			/* Read the OID 
+			 */
+			_gnutls_str_cpy(tmpbuffer3, sizeof(tmpbuffer3),
+					tmpbuffer2);
+			_gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3),
+					".type");
+
+			len = sizeof(oid) - 1;
+			result =
+			    asn1_read_value(asn1_struct, tmpbuffer3, oid,
+					    &len);
+
+			if (result == ASN1_ELEMENT_NOT_FOUND)
+				break;
+			else if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				result = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			if (strcmp(oid, given_oid) == 0 && indx == i++) {	/* Found the OID */
+
+				/* Read the Value 
+				 */
+				_gnutls_str_cpy(tmpbuffer3,
+						sizeof(tmpbuffer3),
+						tmpbuffer2);
+				_gnutls_str_cat(tmpbuffer3,
+						sizeof(tmpbuffer3),
+						".value");
+
+				result =
+				    _gnutls_x509_read_value(asn1_struct,
+							    tmpbuffer3,
+							    &td);
+				if (result < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+
+				if (raw_flag != 0) {
+					out->data = td.data;
+					out->size = td.size;
+					return 0;
+
+				} else {	/* parse data. raw_flag == 0 */
+					result =
+					    _gnutls_x509_dn_to_string(oid,
+								      td.
+								      data,
+								      td.
+								      size,
+								      out);
+
+					_gnutls_free_datum(&td);
+					if (result < 0) {
+						gnutls_assert();
+						goto cleanup;
+					}
+
+					return 0;
+
+				}	/* raw_flag == 0 */
+			}
+		}
+		while (1);
+
+	}
+	while (1);
+
+	gnutls_assert();
+
+	result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+      cleanup:
+	return result;
+}
+
+
+/* Parses an X509 DN in the asn1_struct, and returns the requested
+ * DN OID.
+ *
+ * asn1_rdn_name must be a string in the form "tbsCertificate.issuer.rdnSequence".
+ * That is to point in the rndSequence.
+ *
+ * indx specifies which OID to return. Ie 0 means return the first specified
+ * OID found, 1 the second etc.
+ */
+int
+_gnutls_x509_get_dn_oid(asn1_node asn1_struct,
+			const char *asn1_rdn_name,
+			int indx, void *_oid, size_t * sizeof_oid)
+{
+	int k2, k1, result;
+	char tmpbuffer1[MAX_NAME_SIZE];
+	char tmpbuffer2[MAX_NAME_SIZE];
+	char tmpbuffer3[MAX_NAME_SIZE];
+	char value[256];
+	char oid[MAX_OID_SIZE];
+	int len;
+	int i = 0;
+
+	k1 = 0;
+	do {
+
+		k1++;
+		/* create a string like "tbsCertList.issuer.rdnSequence.?1"
+		 */
+		if (asn1_rdn_name[0] != 0)
+			snprintf(tmpbuffer1, sizeof(tmpbuffer1), "%s.?%d",
+				 asn1_rdn_name, k1);
+		else
+			snprintf(tmpbuffer1, sizeof(tmpbuffer1), "?%d",
+				 k1);
+
+		len = sizeof(value) - 1;
+		result =
+		    asn1_read_value(asn1_struct, tmpbuffer1, value, &len);
+
+		if (result == ASN1_ELEMENT_NOT_FOUND) {
+			gnutls_assert();
+			break;
+		}
+
+		if (result != ASN1_VALUE_NOT_FOUND) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		k2 = 0;
+
+		do {		/* Move to the attribute type and values
+				 */
+			k2++;
+
+			if (tmpbuffer1[0] != 0)
+				snprintf(tmpbuffer2, sizeof(tmpbuffer2),
+					 "%s.?%d", tmpbuffer1, k2);
+			else
+				snprintf(tmpbuffer2, sizeof(tmpbuffer2),
+					 "?%d", k2);
+
+			/* Try to read the RelativeDistinguishedName attributes.
+			 */
+
+			len = sizeof(value) - 1;
+			result =
+			    asn1_read_value(asn1_struct, tmpbuffer2, value,
+					    &len);
+
+			if (result == ASN1_ELEMENT_NOT_FOUND) {
+				break;
+			}
+			if (result != ASN1_VALUE_NOT_FOUND) {
+				gnutls_assert();
+				result = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			/* Read the OID 
+			 */
+			_gnutls_str_cpy(tmpbuffer3, sizeof(tmpbuffer3),
+					tmpbuffer2);
+			_gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3),
+					".type");
+
+			len = sizeof(oid) - 1;
+			result =
+			    asn1_read_value(asn1_struct, tmpbuffer3, oid,
+					    &len);
+
+			if (result == ASN1_ELEMENT_NOT_FOUND)
+				break;
+			else if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				result = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			if (indx == i++) {	/* Found the OID */
+
+				len = strlen(oid) + 1;
+
+				if (*sizeof_oid < (unsigned) len) {
+					*sizeof_oid = len;
+					gnutls_assert();
+					return
+					    GNUTLS_E_SHORT_MEMORY_BUFFER;
+				}
+
+				memcpy(_oid, oid, len);
+				*sizeof_oid = len - 1;
+
+				return 0;
+			}
+		}
+		while (1);
+
+	}
+	while (1);
+
+	gnutls_assert();
+
+	result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+      cleanup:
+	return result;
+}
+
+/* This will write the AttributeTypeAndValue field. The data must be already DER encoded.
+ * 'multi' must be (0) if writing an AttributeTypeAndValue, and 1 if Attribute.
+ * In all cases only one value is written.
+ */
+static int
+_gnutls_x509_write_attribute(const char *given_oid,
+			     asn1_node asn1_struct, const char *where,
+			     const void *_data, int sizeof_data)
+{
+	char tmp[128];
+	int result;
+
+	/* write the data (value)
+	 */
+
+	_gnutls_str_cpy(tmp, sizeof(tmp), where);
+	_gnutls_str_cat(tmp, sizeof(tmp), ".value");
+
+	result = asn1_write_value(asn1_struct, tmp, _data, sizeof_data);
+	if (result < 0) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* write the type
+	 */
+	_gnutls_str_cpy(tmp, sizeof(tmp), where);
+	_gnutls_str_cat(tmp, sizeof(tmp), ".type");
+
+	result = asn1_write_value(asn1_struct, tmp, given_oid, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+
+/* Decodes an X.509 Attribute (if multi==1) or an AttributeTypeAndValue
+ * otherwise.
+ *
+ * octet_string should be non-zero if we are to decode octet strings after
+ * decoding.
+ *
+ * The output is allocated and stored in value.
+ */
+int
+_gnutls_x509_decode_and_read_attribute(asn1_node asn1_struct,
+				       const char *where, char *oid,
+				       int oid_size,
+				       gnutls_datum_t * value, int multi,
+				       int octet_string)
+{
+	char tmpbuffer[128];
+	int len, result;
+
+	/* Read the OID 
+	 */
+	_gnutls_str_cpy(tmpbuffer, sizeof(tmpbuffer), where);
+	_gnutls_str_cat(tmpbuffer, sizeof(tmpbuffer), ".type");
+
+	len = oid_size - 1;
+	result = asn1_read_value(asn1_struct, tmpbuffer, oid, &len);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		return result;
+	}
+
+	/* Read the Value 
+	 */
+
+	_gnutls_str_cpy(tmpbuffer, sizeof(tmpbuffer), where);
+	_gnutls_str_cat(tmpbuffer, sizeof(tmpbuffer), ".value");
+
+	if (multi)
+		_gnutls_str_cat(tmpbuffer, sizeof(tmpbuffer), "s.?1");	/* .values.?1 */
+
+	if (octet_string)
+		result =
+		    _gnutls_x509_read_string(asn1_struct, tmpbuffer, value,
+					     ASN1_ETYPE_OCTET_STRING, 0);
+	else
+		result =
+		    _gnutls_x509_read_value(asn1_struct, tmpbuffer, value);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+
+}
+
+/* Sets an X509 DN in the asn1_struct, and puts the given OID in the DN.
+ * The input is assumed to be raw data.
+ *
+ * asn1_rdn_name must be a string in the form "tbsCertificate.issuer".
+ * That is to point before the rndSequence.
+ *
+ */
+int
+_gnutls_x509_set_dn_oid(asn1_node asn1_struct,
+			const char *asn1_name, const char *given_oid,
+			int raw_flag, const char *name, int sizeof_name)
+{
+	int result;
+	char tmp[MAX_NAME_SIZE], asn1_rdn_name[MAX_NAME_SIZE];
+
+	if (sizeof_name == 0 || name == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* create the rdnSequence
+	 */
+	result =
+	    asn1_write_value(asn1_struct, asn1_name, "rdnSequence", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (asn1_name[0] != 0) {
+		_gnutls_str_cpy(asn1_rdn_name, sizeof(asn1_rdn_name), asn1_name);
+		_gnutls_str_cat(asn1_rdn_name, sizeof(asn1_rdn_name),
+			".rdnSequence");
+	} else {
+		_gnutls_str_cpy(asn1_rdn_name, sizeof(asn1_rdn_name), "rdnSequence");
+	}
+
+	/* create a new element 
+	 */
+	result = asn1_write_value(asn1_struct, asn1_rdn_name, "NEW", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	_gnutls_str_cpy(tmp, sizeof(tmp), asn1_rdn_name);
+	_gnutls_str_cat(tmp, sizeof(tmp), ".?LAST");
+
+	/* create the set with only one element
+	 */
+	result = asn1_write_value(asn1_struct, tmp, "NEW", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+
+	/* Encode and write the data
+	 */
+	_gnutls_str_cpy(tmp, sizeof(tmp), asn1_rdn_name);
+	_gnutls_str_cat(tmp, sizeof(tmp), ".?LAST.?LAST");
+
+	if (!raw_flag) {
+		result =
+		    _gnutls_x509_encode_and_write_attribute(given_oid,
+							    asn1_struct,
+							    tmp, name,
+							    sizeof_name,
+							    0);
+	} else {
+		result =
+		    _gnutls_x509_write_attribute(given_oid, asn1_struct,
+						 tmp, name, sizeof_name);
+	}
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+
+/**
+ * gnutls_x509_rdn_get:
+ * @idn: should contain a DER encoded RDN sequence
+ * @buf: a pointer to a structure to hold the peer's name
+ * @buf_size: holds the size of @buf
+ *
+ * This function will return the name of the given RDN sequence.  The
+ * name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in
+ * RFC4514.
+ *
+ * This function does not output a fully RFC4514 compliant string, if
+ * that is required see gnutls_x509_rdn_get2().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or
+ * %GNUTLS_E_SHORT_MEMORY_BUFFER is returned and *@buf_size is
+ * updated if the provided buffer is not long enough, otherwise a
+ * negative error value.
+ **/
+int
+gnutls_x509_rdn_get(const gnutls_datum_t * idn,
+		    char *buf, size_t * buf_size)
+{
+	int ret;
+	gnutls_datum_t out;
+
+	ret = gnutls_x509_rdn_get2(idn, &out, GNUTLS_X509_DN_FLAG_COMPAT);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_copy_string(&out, (void*)buf, buf_size);
+	gnutls_free(out.data);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_rdn_get2:
+ * @idn: should contain a DER encoded RDN sequence
+ * @str: a datum that will hold the name
+ * @flags: zero of %GNUTLS_X509_DN_FLAG_COMPAT
+ *
+ * This function will return the name of the given RDN sequence.  The
+ * name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in
+ * RFC4514.
+ *
+ * When the flag %GNUTLS_X509_DN_FLAG_COMPAT is specified, the output
+ * format will match the format output by previous to 3.5.6 versions of GnuTLS
+ * which was not not fully RFC4514-compliant.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or
+ * %GNUTLS_E_SHORT_MEMORY_BUFFER is returned and *@buf_size is
+ * updated if the provided buffer is not long enough, otherwise a
+ * negative error value.
+ **/
+int
+gnutls_x509_rdn_get2(const gnutls_datum_t * idn,
+		     gnutls_datum_t *str, unsigned flags)
+{
+	int ret;
+	gnutls_x509_dn_t dn;
+
+	ret = gnutls_x509_dn_init(&dn);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_x509_dn_import(dn, idn);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_dn_get_str2(dn, str, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_x509_dn_deinit(dn);
+	return ret;
+}
+
+/**
+ * gnutls_x509_rdn_get_by_oid:
+ * @idn: should contain a DER encoded RDN sequence
+ * @oid: an Object Identifier
+ * @indx: In case multiple same OIDs exist in the RDN indicates which
+ *   to send. Use 0 for the first one.
+ * @raw_flag: If non-zero then the raw DER data are returned.
+ * @buf: a pointer to a structure to hold the peer's name
+ * @buf_size: holds the size of @buf
+ *
+ * This function will return the name of the given Object identifier,
+ * of the RDN sequence.  The name will be encoded using the rules
+ * from RFC4514.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or
+ * %GNUTLS_E_SHORT_MEMORY_BUFFER is returned and *@buf_size is
+ * updated if the provided buffer is not long enough, otherwise a
+ * negative error value.
+ **/
+int
+gnutls_x509_rdn_get_by_oid(const gnutls_datum_t * idn, const char *oid,
+			   unsigned indx, unsigned int raw_flag,
+			   void *buf, size_t * buf_size)
+{
+	int result;
+	asn1_node dn = NULL;
+	gnutls_datum_t td;
+
+	if (buf_size == 0) {
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.Name", &dn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&dn, idn->data, idn->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		/* couldn't decode DER */
+		gnutls_assert();
+		asn1_delete_structure(&dn);
+		return _gnutls_asn2err(result);
+	}
+
+	result =
+	    _gnutls_x509_parse_dn_oid(dn, "rdnSequence", oid, indx,
+				      raw_flag, &td);
+
+	asn1_delete_structure(&dn);
+	if (result < 0)
+		return gnutls_assert_val(result);
+
+	return _gnutls_strdatum_to_buf(&td, buf, buf_size);
+}
+
+/**
+ * gnutls_x509_rdn_get_oid:
+ * @idn: should contain a DER encoded RDN sequence
+ * @indx: Indicates which OID to return. Use 0 for the first one.
+ * @buf: a pointer to a structure to hold the peer's name OID
+ * @buf_size: holds the size of @buf
+ *
+ * This function will return the specified Object identifier, of the
+ * RDN sequence.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or
+ * %GNUTLS_E_SHORT_MEMORY_BUFFER is returned and *@buf_size is
+ * updated if the provided buffer is not long enough, otherwise a
+ * negative error value.
+ *
+ * Since: 2.4.0
+ **/
+int
+gnutls_x509_rdn_get_oid(const gnutls_datum_t * idn,
+			unsigned indx, void *buf, size_t * buf_size)
+{
+	int result;
+	asn1_node dn = NULL;
+
+	if (buf_size == 0) {
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.Name", &dn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&dn, idn->data, idn->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		/* couldn't decode DER */
+		gnutls_assert();
+		asn1_delete_structure(&dn);
+		return _gnutls_asn2err(result);
+	}
+
+	result =
+	    _gnutls_x509_get_dn_oid(dn, "rdnSequence", indx, buf,
+				    buf_size);
+
+	asn1_delete_structure(&dn);
+	return result;
+}
+
+/*
+ * Compares the DER encoded part of a DN.
+ *
+ * Returns 1 if the DN's match and (0) if they don't match. Otherwise
+ * a negative error code is returned to indicate error.
+ */
+int
+_gnutls_x509_compare_raw_dn(const gnutls_datum_t * dn1,
+			    const gnutls_datum_t * dn2)
+{
+	int ret;
+	gnutls_datum_t str1, str2;
+
+	/* Simple case of completely identical? */
+
+	if (dn1->size == dn2->size) {
+		if (memcmp(dn1->data, dn2->data, dn2->size) == 0) {
+			return 1;
+		}
+	}
+
+	/* RFC5280 (https://tools.ietf.org/html/rfc5280#section-7.1)
+	 * requires that the LDAP StringPrep profile and caseIgnoreMatch
+	 * must be used for this comparison. We do not use that but
+	 * instead we do a simpler comparison that ignores the tags used
+	 * such as `UTF8String` and `PrintableString`. */
+
+	if ((dn1->size == 0) || (dn2->size == 0)) {
+		gnutls_assert();
+		return 0;
+	}
+
+	ret = gnutls_x509_rdn_get2(dn1, &str1, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return 0;
+	}
+
+	ret = gnutls_x509_rdn_get2(dn2, &str2, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_free_datum(&str1);
+		return 0;
+	}
+
+	if (str1.size != str2.size) {
+		ret = 0;
+		goto cleanup;
+	}
+	if (memcmp(str1.data, str2.data, str2.size) != 0) {
+		gnutls_assert();
+		ret = 0;
+		goto cleanup;
+	}
+
+	ret = 1;		/* they match */
+
+cleanup:
+	_gnutls_free_datum(&str1);
+	_gnutls_free_datum(&str2);
+
+	return ret;
+}
diff --git a/lib/x509/email-verify.c b/lib/x509/email-verify.c
new file mode 100644
index 0000000..053e512
--- /dev/null
+++ b/lib/x509/email-verify.c
@@ -0,0 +1,153 @@
+/*
+ * Copyright (C) 2003-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2002 Andrew McDonald
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <str.h>
+#include <x509_int.h>
+#include <common.h>
+#include "errors.h"
+#include <system.h>
+
+/**
+ * gnutls_x509_crt_check_email:
+ * @cert: should contain an gnutls_x509_crt_t type
+ * @email: A null terminated string that contains an email address (RFC822)
+ * @flags: should be zero
+ *
+ * This function will check if the given certificate's subject matches
+ * the given email address.
+ *
+ * Returns: non-zero for a successful match, and zero on failure.
+ **/
+unsigned
+gnutls_x509_crt_check_email(gnutls_x509_crt_t cert,
+			    const char *email, unsigned int flags)
+{
+	char rfc822name[MAX_CN];
+	size_t rfc822namesize;
+	int found_rfc822name = 0;
+	int ret = 0;
+	int i = 0;
+	char *a_email;
+	gnutls_datum_t out;
+
+	/* convert the provided email to ACE-Labels domain. */
+	ret = _gnutls_idna_email_map(email, strlen(email), &out);
+	if (ret < 0) {
+		_gnutls_debug_log("unable to convert email %s to IDNA format\n", email);
+		a_email = (char*)email;
+	} else {
+		a_email = (char*)out.data;
+	}
+
+	/* try matching against:
+	 *  1) an address as an alternative name (subjectAltName) extension
+	 *     in the certificate
+	 *  2) the EMAIL field in the certificate
+	 *
+	 *  only try (2) if there is no subjectAltName extension of
+	 *  type RFC822Name, and there is a single EMAIL.
+	 */
+
+	/* Check through all included subjectAltName extensions, comparing
+	 * against all those of type RFC822Name.
+	 */
+	for (i = 0; !(ret < 0); i++) {
+
+		rfc822namesize = sizeof(rfc822name);
+		ret = gnutls_x509_crt_get_subject_alt_name(cert, i,
+							   rfc822name,
+							   &rfc822namesize,
+							   NULL);
+
+		if (ret == GNUTLS_SAN_RFC822NAME) {
+			found_rfc822name = 1;
+
+			if (_gnutls_has_embedded_null(rfc822name, rfc822namesize)) {
+				_gnutls_debug_log("certificate has %s with embedded null in rfc822name\n", rfc822name);
+				continue;
+			}
+
+			if (!_gnutls_str_is_print(rfc822name, rfc822namesize)) {
+				_gnutls_debug_log("invalid (non-ASCII) email in certificate %.*s\n", (int)rfc822namesize, rfc822name);
+				continue;
+			}
+
+			ret = _gnutls_hostname_compare(rfc822name, rfc822namesize, a_email, GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS);
+			if (ret != 0) {
+				ret = 1;
+				goto cleanup;
+			}
+		}
+	}
+
+	if (!found_rfc822name) {
+		/* did not get the necessary extension, use CN instead
+		 */
+
+		/* enforce the RFC6125 (§1.8) requirement that only
+		 * a single CN must be present */
+		rfc822namesize = sizeof(rfc822name);
+		ret = gnutls_x509_crt_get_dn_by_oid
+			(cert, GNUTLS_OID_PKCS9_EMAIL, 1, 0, rfc822name,
+			 &rfc822namesize);
+		if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			ret = 0;
+			goto cleanup;
+		}
+
+		rfc822namesize = sizeof(rfc822name);
+		ret = gnutls_x509_crt_get_dn_by_oid
+			(cert, GNUTLS_OID_PKCS9_EMAIL, 0, 0, rfc822name,
+			 &rfc822namesize);
+		if (ret < 0) {
+			ret = 0;
+			goto cleanup;
+		}
+
+		if (_gnutls_has_embedded_null(rfc822name, rfc822namesize)) {
+			_gnutls_debug_log("certificate has EMAIL %s with embedded null in name\n", rfc822name);
+			ret = 0;
+			goto cleanup;
+		}
+
+		if (!_gnutls_str_is_print(rfc822name, rfc822namesize)) {
+			_gnutls_debug_log("invalid (non-ASCII) email in certificate DN %.*s\n", (int)rfc822namesize, rfc822name);
+			ret = 0;
+			goto cleanup;
+		}
+
+		ret = _gnutls_hostname_compare(rfc822name, rfc822namesize, a_email, GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS);
+		if (ret != 0) {
+			ret = 1;
+			goto cleanup;
+		}
+	}
+
+	/* not found a matching name
+	 */
+	ret = 0;
+ cleanup:
+	if (a_email != email) {
+		gnutls_free(a_email);
+	}
+	return ret;
+}
diff --git a/lib/x509/extensions.c b/lib/x509/extensions.c
new file mode 100644
index 0000000..dc333f4
--- /dev/null
+++ b/lib/x509/extensions.c
@@ -0,0 +1,911 @@
+/*
+ * Copyright (C) 2003-2014 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that relate to the X.509 extension parsing.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <global.h>
+#include <libtasn1.h>
+#include <common.h>
+#include <gnutls/x509-ext.h>
+#include <gnutls/x509.h>
+#include <x509_int.h>
+#include <datum.h>
+
+int
+_gnutls_get_extension(asn1_node asn, const char *root,
+	      const char *extension_id, int indx,
+	      gnutls_datum_t * ret, unsigned int *_critical)
+{
+	int k, result, len;
+	char name[MAX_NAME_SIZE], name2[MAX_NAME_SIZE];
+	char str_critical[10];
+	int critical = 0;
+	char extnID[MAX_OID_SIZE];
+	gnutls_datum_t value;
+	int indx_counter = 0;
+
+	ret->data = NULL;
+	ret->size = 0;
+
+	k = 0;
+	do {
+		k++;
+
+		snprintf(name, sizeof(name), "%s.?%d", root, k);
+
+		_gnutls_str_cpy(name2, sizeof(name2), name);
+		_gnutls_str_cat(name2, sizeof(name2), ".extnID");
+
+		len = sizeof(extnID) - 1;
+		result = asn1_read_value(asn, name2, extnID, &len);
+
+		if (result == ASN1_ELEMENT_NOT_FOUND) {
+			break;
+		} else if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+		/* Handle Extension 
+		 */
+		if (strcmp(extnID, extension_id) == 0
+		    && indx == indx_counter++) {
+			/* extension was found 
+			 */
+
+			/* read the critical status.
+			 */
+			_gnutls_str_cpy(name2, sizeof(name2), name);
+			_gnutls_str_cat(name2, sizeof(name2), ".critical");
+
+			len = sizeof(str_critical);
+			result =
+			    asn1_read_value(asn, name2,
+					    str_critical, &len);
+
+			if (result == ASN1_ELEMENT_NOT_FOUND) {
+				gnutls_assert();
+				break;
+			} else if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				return _gnutls_asn2err(result);
+			}
+
+			if (str_critical[0] == 'T')
+				critical = 1;
+			else
+				critical = 0;
+
+			/* read the value.
+			 */
+			_gnutls_str_cpy(name2, sizeof(name2), name);
+			_gnutls_str_cat(name2, sizeof(name2),
+					".extnValue");
+
+			result =
+			    _gnutls_x509_read_value(asn, name2, &value);
+			if (result < 0) {
+				gnutls_assert();
+				return result;
+			}
+
+			ret->data = value.data;
+			ret->size = value.size;
+
+			if (_critical)
+				*_critical = critical;
+
+			return 0;
+		}
+	}
+	while (1);
+
+	if (result == ASN1_ELEMENT_NOT_FOUND) {
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	} else {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+}
+
+static int
+get_indx_extension(asn1_node asn, const char *root,
+	      int indx, gnutls_datum_t * out)
+{
+	char name[MAX_NAME_SIZE];
+	int ret;
+
+	out->data = NULL;
+	out->size = 0;
+
+	snprintf(name, sizeof(name), "%s.?%d.extnValue", root, indx+1);
+
+	ret = _gnutls_x509_read_value(asn, name, out);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+int
+_gnutls_x509_crt_get_extension(gnutls_x509_crt_t cert,
+			       const char *extension_id, int indx,
+			       gnutls_datum_t * data, unsigned int *critical)
+{
+	return _gnutls_get_extension(cert->cert, "tbsCertificate.extensions",
+			     extension_id, indx, data, critical);
+}
+
+/**
+ * gnutls_x509_crt_get_extension_data2:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @indx: Specifies which extension OID to read. Use (0) to get the first one.
+ * @data: will contain the extension DER-encoded data
+ *
+ * This function will return the requested by the index extension data in the
+ * certificate.  The extension data will be allocated using
+ * gnutls_malloc().
+ *
+ * Use gnutls_x509_crt_get_extension_info() to extract the OID.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.  If you have reached the
+ *   last extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ *   will be returned.
+ **/
+int
+gnutls_x509_crt_get_extension_data2(gnutls_x509_crt_t cert,
+			       unsigned indx,
+			       gnutls_datum_t * data)
+{
+	return get_indx_extension(cert->cert, "tbsCertificate.extensions",
+			     indx, data);
+}
+
+int
+_gnutls_x509_crl_get_extension(gnutls_x509_crl_t crl,
+			       const char *extension_id, int indx,
+			       gnutls_datum_t * data,
+			       unsigned int *critical)
+{
+	return _gnutls_get_extension(crl->crl, "tbsCertList.crlExtensions",
+			     extension_id, indx, data, critical);
+}
+
+/**
+ * gnutls_x509_crl_get_extension_data2:
+ * @crl: should contain a #gnutls_x509_crl_t type
+ * @indx: Specifies which extension OID to read. Use (0) to get the first one.
+ * @data: will contain the extension DER-encoded data
+ *
+ * This function will return the requested by the index extension data in the
+ * certificate revocation list.  The extension data will be allocated using
+ * gnutls_malloc().
+ *
+ * Use gnutls_x509_crt_get_extension_info() to extract the OID.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.  If you have reached the
+ *   last extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ *   will be returned.
+ **/
+int
+gnutls_x509_crl_get_extension_data2(gnutls_x509_crl_t crl,
+			       unsigned indx,
+			       gnutls_datum_t * data)
+{
+	return get_indx_extension(crl->crl, "tbsCertList.crlExtensions",
+			     indx, data);
+}
+
+/* This function will attempt to return the requested extension OID found in
+ * the given X509v3 certificate. 
+ *
+ * If you have passed the last extension, GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will
+ * be returned.
+ */
+static int get_extension_oid(asn1_node asn, const char *root,
+		  unsigned indx, void *oid, size_t * sizeof_oid)
+{
+	int k, result, len;
+	char name[MAX_NAME_SIZE], name2[MAX_NAME_SIZE];
+	char extnID[MAX_OID_SIZE];
+	unsigned indx_counter = 0;
+
+	k = 0;
+	do {
+		k++;
+
+		snprintf(name, sizeof(name), "%s.?%d", root, k);
+
+		_gnutls_str_cpy(name2, sizeof(name2), name);
+		_gnutls_str_cat(name2, sizeof(name2), ".extnID");
+
+		len = sizeof(extnID) - 1;
+		result = asn1_read_value(asn, name2, extnID, &len);
+
+		if (result == ASN1_ELEMENT_NOT_FOUND) {
+			gnutls_assert();
+			break;
+		} else if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+		/* Handle Extension 
+		 */
+		if (indx == indx_counter++) {
+			len = strlen(extnID) + 1;
+
+			if (*sizeof_oid < (unsigned) len) {
+				*sizeof_oid = len;
+				gnutls_assert();
+				return GNUTLS_E_SHORT_MEMORY_BUFFER;
+			}
+
+			memcpy(oid, extnID, len);
+			*sizeof_oid = len - 1;
+
+			return 0;
+		}
+
+
+	}
+	while (1);
+
+	if (result == ASN1_ELEMENT_NOT_FOUND) {
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	} else {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+}
+
+/* This function will attempt to return the requested extension OID found in
+ * the given X509v3 certificate. 
+ *
+ * If you have passed the last extension, GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will
+ * be returned.
+ */
+int
+_gnutls_x509_crt_get_extension_oid(gnutls_x509_crt_t cert,
+				   int indx, void *oid,
+				   size_t * sizeof_oid)
+{
+	return get_extension_oid(cert->cert, "tbsCertificate.extensions",
+				 indx, oid, sizeof_oid);
+}
+
+int
+_gnutls_x509_crl_get_extension_oid(gnutls_x509_crl_t crl,
+				   int indx, void *oid,
+				   size_t * sizeof_oid)
+{
+	return get_extension_oid(crl->crl, "tbsCertList.crlExtensions",
+				 indx, oid, sizeof_oid);
+}
+
+/* This function will attempt to set the requested extension in
+ * the given X509v3 certificate. 
+ *
+ * Critical will be either 0 or 1.
+ */
+static int
+add_extension(asn1_node asn, const char *root, const char *extension_id,
+	      const gnutls_datum_t * ext_data, unsigned int critical)
+{
+	int result;
+	const char *str;
+	char name[MAX_NAME_SIZE];
+
+	snprintf(name, sizeof(name), "%s", root);
+
+	/* Add a new extension in the list.
+	 */
+	result = asn1_write_value(asn, name, "NEW", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (root[0] != 0)
+		snprintf(name, sizeof(name), "%s.?LAST.extnID", root);
+	else
+		snprintf(name, sizeof(name), "?LAST.extnID");
+
+	result = asn1_write_value(asn, name, extension_id, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (critical == 0)
+		str = "FALSE";
+	else
+		str = "TRUE";
+
+	if (root[0] != 0)
+		snprintf(name, sizeof(name), "%s.?LAST.critical", root);
+	else
+		snprintf(name, sizeof(name), "?LAST.critical");
+
+	result = asn1_write_value(asn, name, str, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (root[0] != 0)
+		snprintf(name, sizeof(name), "%s.?LAST.extnValue", root);
+	else
+		snprintf(name, sizeof(name), "?LAST.extnValue");
+
+	result = _gnutls_x509_write_value(asn, name, ext_data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/* Overwrite the given extension (using the index)
+ * index here starts from one.
+ */
+static int
+overwrite_extension(asn1_node asn, const char *root, unsigned int indx,
+		    const gnutls_datum_t * ext_data, unsigned int critical)
+{
+	char name[MAX_NAME_SIZE], name2[MAX_NAME_SIZE];
+	const char *str;
+	int result;
+
+	if (root[0] != 0)
+		snprintf(name, sizeof(name), "%s.?%u", root, indx);
+	else
+		snprintf(name, sizeof(name), "?%u", indx);
+
+	if (critical == 0)
+		str = "FALSE";
+	else
+		str = "TRUE";
+
+	_gnutls_str_cpy(name2, sizeof(name2), name);
+	_gnutls_str_cat(name2, sizeof(name2), ".critical");
+
+	result = asn1_write_value(asn, name2, str, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	_gnutls_str_cpy(name2, sizeof(name2), name);
+	_gnutls_str_cat(name2, sizeof(name2), ".extnValue");
+
+	result = _gnutls_x509_write_value(asn, name2, ext_data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+int
+_gnutls_set_extension(asn1_node asn, const char *root,
+	      const char *ext_id,
+	      const gnutls_datum_t * ext_data, unsigned int critical)
+{
+	int result = 0;
+	int k, len;
+	char name[MAX_NAME_SIZE], name2[MAX_NAME_SIZE];
+	char extnID[MAX_OID_SIZE];
+
+	/* Find the index of the given extension.
+	 */
+	k = 0;
+	do {
+		k++;
+
+		if (root[0] != 0)
+			snprintf(name, sizeof(name), "%s.?%d", root, k);
+		else
+			snprintf(name, sizeof(name), "?%d", k);
+
+		len = sizeof(extnID) - 1;
+		result = asn1_read_value(asn, name, extnID, &len);
+
+		/* move to next
+		 */
+
+		if (result == ASN1_ELEMENT_NOT_FOUND) {
+			break;
+		}
+
+		do {
+
+			_gnutls_str_cpy(name2, sizeof(name2), name);
+			_gnutls_str_cat(name2, sizeof(name2), ".extnID");
+
+			len = sizeof(extnID) - 1;
+			result = asn1_read_value(asn, name2, extnID, &len);
+
+			if (result == ASN1_ELEMENT_NOT_FOUND) {
+				gnutls_assert();
+				break;
+			} else if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				return _gnutls_asn2err(result);
+			}
+
+			/* Handle Extension 
+			 */
+			if (strcmp(extnID, ext_id) == 0) {
+				/* extension was found 
+				 */
+				return overwrite_extension(asn, root, k,
+							   ext_data,
+							   critical);
+			}
+
+
+		}
+		while (0);
+	}
+	while (1);
+
+	if (result == ASN1_ELEMENT_NOT_FOUND) {
+		return add_extension(asn, root, ext_id, ext_data,
+				     critical);
+	} else {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+
+	return 0;
+}
+
+/* This function will attempt to overwrite the requested extension with
+ * the given one. 
+ *
+ * Critical will be either 0 or 1.
+ */
+int
+_gnutls_x509_crt_set_extension(gnutls_x509_crt_t cert,
+			       const char *ext_id,
+			       const gnutls_datum_t * ext_data,
+			       unsigned int critical)
+{
+	MODIFIED(cert);
+	cert->use_extensions = 1;
+
+	return _gnutls_set_extension(cert->cert, "tbsCertificate.extensions",
+			     ext_id, ext_data, critical);
+}
+
+int
+_gnutls_x509_crl_set_extension(gnutls_x509_crl_t crl,
+			       const char *ext_id,
+			       const gnutls_datum_t * ext_data,
+			       unsigned int critical)
+{
+	return _gnutls_set_extension(crl->crl, "tbsCertList.crlExtensions", ext_id,
+			     ext_data, critical);
+}
+
+int
+_gnutls_x509_crq_set_extension(gnutls_x509_crq_t crq,
+			       const char *ext_id,
+			       const gnutls_datum_t * ext_data,
+			       unsigned int critical)
+{
+	unsigned char *extensions = NULL;
+	size_t extensions_size = 0;
+	gnutls_datum_t der;
+	asn1_node c2;
+	int result;
+
+	result =
+	    gnutls_x509_crq_get_attribute_by_oid(crq,
+						 "1.2.840.113549.1.9.14",
+						 0, NULL,
+						 &extensions_size);
+	if (result == GNUTLS_E_SHORT_MEMORY_BUFFER) {
+		extensions = gnutls_malloc(extensions_size);
+		if (extensions == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+
+		result = gnutls_x509_crq_get_attribute_by_oid(crq,
+							      "1.2.840.113549.1.9.14",
+							      0,
+							      extensions,
+							      &extensions_size);
+	}
+	if (result < 0) {
+		if (result == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			extensions_size = 0;
+		} else {
+			gnutls_assert();
+			gnutls_free(extensions);
+			return result;
+		}
+	}
+
+	result =
+	    asn1_create_element(_gnutls_get_pkix(), "PKIX1.Extensions",
+				&c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(extensions);
+		return _gnutls_asn2err(result);
+	}
+
+	if (extensions_size > 0) {
+		result =
+		    _asn1_strict_der_decode(&c2, extensions, extensions_size,
+				      NULL);
+		gnutls_free(extensions);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			asn1_delete_structure(&c2);
+			return _gnutls_asn2err(result);
+		}
+	}
+
+	result = _gnutls_set_extension(c2, "", ext_id, ext_data, critical);
+	if (result < 0) {
+		gnutls_assert();
+		asn1_delete_structure(&c2);
+		return result;
+	}
+
+	result = _gnutls_x509_der_encode(c2, "", &der, 0);
+
+	asn1_delete_structure(&c2);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result =
+	    gnutls_x509_crq_set_attribute_by_oid(crq,
+						 "1.2.840.113549.1.9.14",
+						 der.data, der.size);
+	gnutls_free(der.data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+
+	return 0;
+}
+
+/* extract an INTEGER from the DER encoded extension
+ */
+int
+_gnutls_x509_ext_extract_number(uint8_t * number,
+				size_t * _nr_size,
+				uint8_t * extnValue, int extnValueLen)
+{
+	asn1_node ext = NULL;
+	int result;
+	int nr_size = *_nr_size;
+
+	/* here it doesn't matter so much that we use CertificateSerialNumber. It is equal
+	 * to using INTEGER.
+	 */
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.CertificateSerialNumber",
+	      &ext)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&ext, extnValue, extnValueLen, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&ext);
+		return _gnutls_asn2err(result);
+	}
+
+	/* the default value of cA is false.
+	 */
+	result = asn1_read_value(ext, "", number, &nr_size);
+	if (result != ASN1_SUCCESS)
+		result = _gnutls_asn2err(result);
+	else
+		result = 0;
+
+	*_nr_size = nr_size;
+
+	asn1_delete_structure(&ext);
+
+	return result;
+}
+
+/* generate an INTEGER in a DER encoded extension
+ */
+int
+_gnutls_x509_ext_gen_number(const uint8_t * number, size_t nr_size,
+			    gnutls_datum_t * der_ext)
+{
+	asn1_node ext = NULL;
+	int result;
+
+	result =
+	    asn1_create_element(_gnutls_get_pkix(),
+				"PKIX1.CertificateSerialNumber", &ext);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = asn1_write_value(ext, "", number, nr_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&ext);
+		return _gnutls_asn2err(result);
+	}
+
+	result = _gnutls_x509_der_encode(ext, "", der_ext, 0);
+
+	asn1_delete_structure(&ext);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+int
+_gnutls_write_general_name(asn1_node ext, const char *ext_name,
+		       gnutls_x509_subject_alt_name_t type,
+		       const void *data, unsigned int data_size)
+{
+	const char *str;
+	int result;
+	char name[128];
+
+	if (data == NULL) {
+		if (data_size == 0)
+			data = (void*)"";
+		else
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	switch (type) {
+	case GNUTLS_SAN_DNSNAME:
+		str = "dNSName";
+		break;
+	case GNUTLS_SAN_RFC822NAME:
+		str = "rfc822Name";
+		break;
+	case GNUTLS_SAN_URI:
+		str = "uniformResourceIdentifier";
+		break;
+	case GNUTLS_SAN_IPADDRESS:
+		str = "iPAddress";
+		break;
+	case GNUTLS_SAN_REGISTERED_ID:
+		str = "registeredID";
+		break;
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	result = asn1_write_value(ext, ext_name, str, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	snprintf(name, sizeof(name), "%s.%s", ext_name, str);
+
+	result = asn1_write_value(ext, name, data, data_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&ext);
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+int
+_gnutls_write_new_general_name(asn1_node ext, const char *ext_name,
+		       gnutls_x509_subject_alt_name_t type,
+		       const void *data, unsigned int data_size)
+{
+	int result;
+	char name[128];
+
+	result = asn1_write_value(ext, ext_name, "NEW", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (ext_name[0] == 0) {	/* no dot */
+		_gnutls_str_cpy(name, sizeof(name), "?LAST");
+	} else {
+		_gnutls_str_cpy(name, sizeof(name), ext_name);
+		_gnutls_str_cat(name, sizeof(name), ".?LAST");
+	}
+
+	result = _gnutls_write_general_name(ext, name, type,
+		data, data_size);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+int
+_gnutls_write_new_othername(asn1_node ext, const char *ext_name,
+		       const char *oid,
+		       const void *data, unsigned int data_size)
+{
+	int result;
+	char name[128];
+	char name2[128];
+
+	result = asn1_write_value(ext, ext_name, "NEW", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (ext_name[0] == 0) {	/* no dot */
+		_gnutls_str_cpy(name, sizeof(name), "?LAST");
+	} else {
+		_gnutls_str_cpy(name, sizeof(name), ext_name);
+		_gnutls_str_cat(name, sizeof(name), ".?LAST");
+	}
+
+	result = asn1_write_value(ext, name, "otherName", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	snprintf(name2, sizeof(name2), "%s.otherName.type-id", name);
+
+	result = asn1_write_value(ext, name2, oid, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&ext);
+		return _gnutls_asn2err(result);
+	}
+
+	snprintf(name2, sizeof(name2), "%s.otherName.value", name);
+
+	result = asn1_write_value(ext, name2, data, data_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&ext);
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/* Convert the given name to GeneralNames in a DER encoded extension.
+ * This is the same as subject alternative name.
+ */
+int
+_gnutls_x509_ext_gen_subject_alt_name(gnutls_x509_subject_alt_name_t
+				      type,
+				      const char *othername_oid,
+				      const void *data,
+				      unsigned int data_size,
+				      const gnutls_datum_t * prev_der_ext,
+				      gnutls_datum_t * der_ext)
+{
+	int ret;
+	gnutls_subject_alt_names_t sans = NULL;
+	gnutls_datum_t name;
+
+	ret = gnutls_subject_alt_names_init(&sans);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (prev_der_ext && prev_der_ext->data != NULL && 
+		prev_der_ext->size != 0) {
+
+		ret = gnutls_x509_ext_import_subject_alt_names(prev_der_ext, sans, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	name.data = (void*)data;
+	name.size = data_size;
+	ret = gnutls_subject_alt_names_set(sans, type, &name, othername_oid);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_ext_export_subject_alt_names(sans, der_ext);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+cleanup:
+	if (sans != NULL)
+		gnutls_subject_alt_names_deinit(sans);
+
+	return ret;
+}
+
+/* generate the AuthorityKeyID in a DER encoded extension
+ */
+int
+_gnutls_x509_ext_gen_auth_key_id(const void *id, size_t id_size,
+				 gnutls_datum_t * der_ext)
+{
+	gnutls_x509_aki_t aki;
+	int ret;
+	gnutls_datum_t l_id;
+
+	ret = gnutls_x509_aki_init(&aki);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	l_id.data = (void*)id;
+	l_id.size = id_size;
+	ret = gnutls_x509_aki_set_id(aki, &l_id);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_ext_export_authority_key_id(aki, der_ext);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+ cleanup:
+	gnutls_x509_aki_deinit(aki);
+	return ret;
+}
diff --git a/lib/x509/hostname-verify.c b/lib/x509/hostname-verify.c
new file mode 100644
index 0000000..6ef8ba0
--- /dev/null
+++ b/lib/x509/hostname-verify.c
@@ -0,0 +1,298 @@
+/*
+ * Copyright (C) 2003-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ * Copyright (C) 2002 Andrew McDonald
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <str.h>
+#include <x509_int.h>
+#include <common.h>
+#include "errors.h"
+#include <system.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+/**
+ * gnutls_x509_crt_check_hostname:
+ * @cert: should contain an gnutls_x509_crt_t type
+ * @hostname: A null terminated string that contains a DNS name
+ *
+ * This function will check if the given certificate's subject matches
+ * the given hostname.  This is a basic implementation of the matching
+ * described in RFC6125, and takes into account wildcards,
+ * and the DNSName/IPAddress subject alternative name PKIX extension.
+ *
+ * For details see also gnutls_x509_crt_check_hostname2().
+ *
+ * Returns: non-zero for a successful match, and zero on failure.
+ **/
+unsigned
+gnutls_x509_crt_check_hostname(gnutls_x509_crt_t cert,
+			       const char *hostname)
+{
+	return gnutls_x509_crt_check_hostname2(cert, hostname, 0);
+}
+
+static int
+check_ip(gnutls_x509_crt_t cert, const void *ip, unsigned ip_size)
+{
+	char temp[16];
+	size_t temp_size;
+	unsigned i;
+	int ret = 0;
+
+	/* try matching against:
+	 *  1) a IPaddress alternative name (subjectAltName) extension
+	 *     in the certificate
+	 */
+
+	/* Check through all included subjectAltName extensions, comparing
+	 * against all those of type IPAddress.
+	 */
+	for (i = 0; !(ret < 0); i++) {
+		temp_size = sizeof(temp);
+		ret = gnutls_x509_crt_get_subject_alt_name(cert, i,
+							   temp,
+							   &temp_size,
+							   NULL);
+
+		if (ret == GNUTLS_SAN_IPADDRESS) {
+			if (temp_size == ip_size && memcmp(temp, ip, ip_size) == 0)
+				return 1;
+		} else if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
+			ret = 0;
+		}
+	}
+
+	/* not found a matching IP
+	 */
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_check_ip:
+ * @cert: should contain an gnutls_x509_crt_t type
+ * @ip: A pointer to the raw IP address
+ * @ip_size: the number of bytes in ip (4 or 16)
+ * @flags: should be zero
+ *
+ * This function will check if the IP allowed IP addresses in 
+ * the certificate's subject alternative name match the provided
+ * IP address.
+ *
+ * Returns: non-zero for a successful match, and zero on failure.
+ **/
+unsigned
+gnutls_x509_crt_check_ip(gnutls_x509_crt_t cert,
+			 const unsigned char *ip, unsigned int ip_size,
+			 unsigned int flags)
+{
+	return check_ip(cert, ip, ip_size);
+}
+
+/* whether gnutls_x509_crt_check_hostname2() will consider these
+ * alternative name types. This is to satisfy RFC6125 requirement
+ * that we do not fallback to CN-ID if we encounter a supported name
+ * type.
+ */
+#define IS_SAN_SUPPORTED(san) (san==GNUTLS_SAN_DNSNAME||san==GNUTLS_SAN_IPADDRESS)
+
+/**
+ * gnutls_x509_crt_check_hostname2:
+ * @cert: should contain an gnutls_x509_crt_t type
+ * @hostname: A null terminated string that contains a DNS name
+ * @flags: gnutls_certificate_verify_flags
+ *
+ * This function will check if the given certificate's subject matches
+ * the given hostname.  This is a basic implementation of the matching
+ * described in RFC6125, and takes into account wildcards,
+ * and the DNSName/IPAddress subject alternative name PKIX extension.
+ *
+ * IPv4 addresses are accepted by this function in the dotted-decimal
+ * format (e.g, ddd.ddd.ddd.ddd), and IPv6 addresses in the hexadecimal
+ * x:x:x:x:x:x:x:x format. For them the IPAddress subject alternative
+ * name extension is consulted. Previous versions to 3.6.0 of GnuTLS
+ * in case of a non-match would consult (in a non-standard extension)
+ * the DNSname and CN fields. This is no longer the case.
+ *
+ * When the flag %GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS is specified no
+ * wildcards are considered. Otherwise they are only considered if the
+ * domain name consists of three components or more, and the wildcard
+ * starts at the leftmost position.
+
+ * When the flag %GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES is specified,
+ * the input will be treated as a DNS name, and matching of textual IP addresses
+ * against the IPAddress part of the alternative name will not be allowed.
+ *
+ * The function gnutls_x509_crt_check_ip() is available for matching
+ * IP addresses.
+ *
+ * Returns: non-zero for a successful match, and zero on failure.
+ *
+ * Since: 3.3.0
+ **/
+unsigned
+gnutls_x509_crt_check_hostname2(gnutls_x509_crt_t cert,
+				const char *hostname, unsigned int flags)
+{
+	char dnsname[MAX_CN];
+	size_t dnsnamesize;
+	int found_dnsname = 0;
+	int ret = 0;
+	int i = 0;
+	struct in_addr ipv4;
+	char *p = NULL;
+	char *a_hostname;
+	unsigned have_other_addresses = 0;
+	gnutls_datum_t out;
+
+	/* check whether @hostname is an ip address */
+	if (!(flags & GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES) &&
+	    ((p=strchr(hostname, ':')) != NULL || inet_pton(AF_INET, hostname, &ipv4) != 0)) {
+
+		if (p != NULL) {
+			struct in6_addr ipv6;
+
+			ret = inet_pton(AF_INET6, hostname, &ipv6);
+			if (ret == 0) {
+				gnutls_assert();
+				goto hostname_fallback;
+			}
+			ret = check_ip(cert, &ipv6, 16);
+		} else {
+			ret = check_ip(cert, &ipv4, 4);
+		}
+
+		/* Prior to 3.6.0 we were accepting misconfigured servers, that place their IP
+		 * in the DNS field of subjectAlternativeName. That is no longer the case. */
+		return ret;
+	}
+
+ hostname_fallback:
+	/* convert the provided hostname to ACE-Labels domain. */
+	ret = gnutls_idna_map (hostname, strlen(hostname), &out, 0);
+	if (ret < 0) {
+		_gnutls_debug_log("unable to convert hostname %s to IDNA format\n", hostname);
+		a_hostname = (char*)hostname;
+	} else {
+		a_hostname = (char*)out.data;
+	}
+
+	/* try matching against:
+	 *  1) a DNS name as an alternative name (subjectAltName) extension
+	 *     in the certificate
+	 *  2) the common name (CN) in the certificate, if the certificate is acceptable for TLS_WWW_SERVER purpose
+	 *
+	 *  either of these may be of the form: *.domain.tld
+	 *
+	 *  only try (2) if there is no subjectAltName extension of
+	 *  type dNSName, and there is a single CN.
+	 */
+
+	/* Check through all included subjectAltName extensions, comparing
+	 * against all those of type dNSName.
+	 */
+	for (i = 0; !(ret < 0); i++) {
+
+		dnsnamesize = sizeof(dnsname);
+		ret = gnutls_x509_crt_get_subject_alt_name(cert, i,
+							   dnsname,
+							   &dnsnamesize,
+							   NULL);
+
+		if (ret == GNUTLS_SAN_DNSNAME) {
+			found_dnsname = 1;
+
+			if (_gnutls_has_embedded_null(dnsname, dnsnamesize)) {
+				_gnutls_debug_log("certificate has %s with embedded null in name\n", dnsname);
+				continue;
+			}
+
+			if (!_gnutls_str_is_print(dnsname, dnsnamesize)) {
+				_gnutls_debug_log("invalid (non-ASCII) name in certificate %.*s\n", (int)dnsnamesize, dnsname);
+				continue;
+			}
+
+			ret = _gnutls_hostname_compare(dnsname, dnsnamesize, a_hostname, flags);
+			if (ret != 0) {
+				ret = 1;
+				goto cleanup;
+			}
+		} else {
+			if (IS_SAN_SUPPORTED(ret))
+				have_other_addresses = 1;
+		}
+	}
+
+	if (!have_other_addresses && !found_dnsname && _gnutls_check_key_purpose(cert, GNUTLS_KP_TLS_WWW_SERVER, 0) != 0) {
+		/* did not get the necessary extension, use CN instead, if the
+		 * certificate would have been acceptable for a TLS WWW server purpose.
+		 * That is because only for that purpose the CN is a valid field to
+		 * store the hostname.
+		 */
+
+		/* enforce the RFC6125 (§1.8) requirement that only
+		 * a single CN must be present */
+		dnsnamesize = sizeof(dnsname);
+		ret = gnutls_x509_crt_get_dn_by_oid
+			(cert, OID_X520_COMMON_NAME, 1, 0, dnsname,
+			 &dnsnamesize);
+		if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			ret = 0;
+			goto cleanup;
+		}
+
+		dnsnamesize = sizeof(dnsname);
+		ret = gnutls_x509_crt_get_dn_by_oid
+			(cert, OID_X520_COMMON_NAME, 0, 0, dnsname,
+			 &dnsnamesize);
+		if (ret < 0) {
+			ret = 0;
+			goto cleanup;
+		}
+
+		if (_gnutls_has_embedded_null(dnsname, dnsnamesize)) {
+			_gnutls_debug_log("certificate has CN %s with embedded null in name\n", dnsname);
+			ret = 0;
+			goto cleanup;
+		}
+
+		if (!_gnutls_str_is_print(dnsname, dnsnamesize)) {
+			_gnutls_debug_log("invalid (non-ASCII) name in certificate CN %.*s\n", (int)dnsnamesize, dnsname);
+			ret = 0;
+			goto cleanup;
+		}
+
+		ret = _gnutls_hostname_compare(dnsname, dnsnamesize, a_hostname, flags);
+		if (ret != 0) {
+			ret = 1;
+			goto cleanup;
+		}
+	}
+
+	/* not found a matching name
+	 */
+	ret = 0;
+ cleanup:
+	if (a_hostname != hostname) {
+		gnutls_free(a_hostname);
+	}
+	return ret;
+}
diff --git a/lib/x509/ip-in-cidr.h b/lib/x509/ip-in-cidr.h
new file mode 100644
index 0000000..d5e26eb
--- /dev/null
+++ b/lib/x509/ip-in-cidr.h
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 2014-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Authors: Nikos Mavrogiannopoulos, Daiki Ueno, Martin Ukrop
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_IP_IN_CIDR_H
+#define GNUTLS_LIB_X509_IP_IN_CIDR_H
+
+/*-
+ * ip_in_cidr:
+ * @ip: IP datum (IPv4 or IPv6)
+ * @cidr: CIDR datum (IPv4 or IPv6)
+ *
+ * Check if @ip lies in the given @cidr range.
+ * The @ip version must match the @cidr version (v4/v6),
+ * (this is not checked).
+ *
+ * Returns: 1 if @ip lies within @cidr, 0 otherwise
+ -*/
+static unsigned ip_in_cidr(const gnutls_datum_t *ip, const gnutls_datum_t *cidr)
+{
+	unsigned byte;
+#ifndef BUILD_IN_TESTS
+	char str_ip[48];
+	char str_cidr[97];
+
+	_gnutls_hard_log("matching %.*s with CIDR constraint %.*s\n",
+					 (int) sizeof(str_ip),
+					 _gnutls_ip_to_string(ip->data, ip->size, str_ip, sizeof(str_ip)),
+					 (int) sizeof(str_cidr),
+					 _gnutls_cidr_to_string(cidr->data, cidr->size, str_cidr, sizeof(str_cidr)));
+#endif
+	for (byte = 0; byte < ip->size; byte++)
+		if (((ip->data[byte] ^ cidr->data[byte]) & cidr->data[ip->size+byte]) != 0)
+			return 0;
+
+	return 1; /* match */
+}
+
+#endif /* GNUTLS_LIB_X509_IP_IN_CIDR_H */
diff --git a/lib/x509/ip.c b/lib/x509/ip.c
new file mode 100644
index 0000000..c4cb008
--- /dev/null
+++ b/lib/x509/ip.c
@@ -0,0 +1,268 @@
+/*
+ * Copyright (C) 2007-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Simon Josefsson, Nikos Mavrogiannopoulos, Martin Ukrop
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "ip.h"
+#include <gnutls/x509.h>
+#include <arpa/inet.h>
+
+/*-
+ * _gnutls_mask_to_prefix:
+ * @mask: CIDR mask
+ * @mask_size: number of bytes in @mask
+ *
+ * Check for mask validity (form of 1*0*) and return its prefix numerically.
+ *
+ * Returns: Length of 1-prefix (0 -- mask_size*8), -1 in case of invalid mask
+ -*/
+int _gnutls_mask_to_prefix(const unsigned char *mask, unsigned mask_size)
+{
+	unsigned i, prefix_length = 0;
+	for (i=0; i<mask_size; i++) {
+		if (mask[i] == 0xFF) {
+			prefix_length += 8;
+		} else {
+			switch(mask[i]) {
+				case 0xFE: prefix_length += 7; break;
+				case 0xFC: prefix_length += 6; break;
+				case 0xF8: prefix_length += 5; break;
+				case 0xF0: prefix_length += 4; break;
+				case 0xE0: prefix_length += 3; break;
+				case 0xC0: prefix_length += 2; break;
+				case 0x80: prefix_length += 1; break;
+				case 0x00: break;
+				default:
+					return -1;
+			}
+			break;
+		}
+	}
+	i++;
+	// mask is invalid, if there follows something else than 0x00
+	for ( ; i<mask_size; i++) {
+		if (mask[i] != 0)
+			return -1;
+	}
+	return prefix_length;
+}
+
+/*-
+ * _gnutls_ip_to_string:
+ * @_ip: IP address (RFC5280 format)
+ * @ip_size: Size of @_ip (4 or 16)
+ * @out: Resulting string
+ * @out_size: Size of @out
+ *
+ * Transform IP address into human-readable string.
+ * @string must be already allocated and
+ * at least 16/48 bytes for IPv4/v6 address respectively.
+ *
+ * Returns: Address of result string.
+ -*/
+const char *_gnutls_ip_to_string(const void *_ip, unsigned int ip_size, char *out, unsigned int out_size)
+{
+
+	if (ip_size != 4 && ip_size != 16) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	if (ip_size == 4 && out_size < 16) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	if (ip_size == 16 && out_size < 48) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	if (ip_size == 4)
+		return inet_ntop(AF_INET, _ip, out, out_size);
+	else
+		return inet_ntop(AF_INET6, _ip, out, out_size);
+}
+
+/*-
+ * _gnutls_cidr_to_string:
+ * @_ip: CIDR range (RFC5280 format)
+ * @ip_size: Size of @_ip (8 or 32)
+ * @out: Resulting string
+ * @out_size: Size of @out
+ *
+ * Transform CIDR IP address range into human-readable string.
+ * The input @_ip must be in RFC5280 format (IP address in network byte
+ * order, followed by its network mask which is 4 bytes in IPv4 and
+ * 16 bytes in IPv6). @string must be already allocated and
+ * at least 33/97 bytes for IPv4/v6 address respectively.
+ *
+ * Returns: Address of result string.
+ -*/
+const char *_gnutls_cidr_to_string(const void *_ip, unsigned int ip_size, char *out, unsigned int out_size)
+{
+	const unsigned char *ip = _ip;
+	char tmp[64];
+	const char *p;
+
+	if (ip_size != 8 && ip_size != 32) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	if (ip_size == 8) {
+		p = inet_ntop(AF_INET, ip, tmp, sizeof(tmp));
+
+		if (p)
+			snprintf(out, out_size, "%s/%d", tmp, _gnutls_mask_to_prefix(ip+4, 4));
+	} else {
+		p = inet_ntop(AF_INET6, ip, tmp, sizeof(tmp));
+
+		if (p)
+			snprintf(out, out_size, "%s/%d", tmp, _gnutls_mask_to_prefix(ip+16, 16));
+	}
+
+	if (p == NULL)
+		return NULL;
+
+	return out;
+}
+
+static void prefix_to_mask(unsigned prefix, unsigned char *mask, size_t mask_size)
+{
+	int i;
+	unsigned j;
+	memset(mask, 0, mask_size);
+
+	for (i = prefix, j = 0; i > 0 && j < mask_size; i -= 8, j++) {
+		if (i >= 8) {
+			mask[j] = 0xff;
+		} else {
+			mask[j] = (unsigned long)(0xffU << (8 - i));
+		}
+	}
+}
+
+/*-
+ * _gnutls_mask_ip:
+ * @ip: IP of @ipsize bytes
+ * @mask: netmask of @ipsize bytes
+ * @ipsize: IP length (4 or 16)
+ *
+ * Mask given IP in place according to the given mask.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ -*/
+int _gnutls_mask_ip(unsigned char *ip, const unsigned char *mask, unsigned ipsize)
+{
+	unsigned i;
+
+	if (ipsize != 4 && ipsize != 16)
+		return GNUTLS_E_MALFORMED_CIDR;
+	for (i = 0; i < ipsize; i++)
+		ip[i] &= mask[i];
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_x509_cidr_to_rfc5280:
+ * @cidr: CIDR in RFC4632 format (IP/prefix), null-terminated
+ * @cidr_rfc5280: CIDR range converted to RFC5280 format
+ *
+ * This function will convert text CIDR range with prefix (such as '10.0.0.0/8')
+ * to RFC5280 (IP address in network byte order followed by its network mask).
+ * Works for both IPv4 and IPv6.
+ *
+ * The resulting object is directly usable for IP name constraints usage,
+ * for example in functions %gnutls_x509_name_constraints_add_permitted
+ * or %gnutls_x509_name_constraints_add_excluded.
+ *
+ * The data in datum needs to be deallocated using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.5.4
+ */
+int gnutls_x509_cidr_to_rfc5280(const char *cidr, gnutls_datum_t *cidr_rfc5280)
+{
+	unsigned iplength, prefix;
+	int ret;
+	char *p;
+	char *p_end = NULL;
+	char *cidr_tmp;
+
+	p = strchr(cidr, '/');
+	if (p != NULL) {
+		prefix = strtol(p+1, &p_end, 10);
+		if (prefix == 0 && p_end == p+1) {
+			_gnutls_debug_log("Cannot parse prefix given in CIDR %s\n", cidr);
+			gnutls_assert();
+			return GNUTLS_E_MALFORMED_CIDR;
+		}
+		unsigned length = p-cidr+1;
+		cidr_tmp = gnutls_malloc(length);
+		if (cidr_tmp == NULL) {
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		}
+		memcpy(cidr_tmp, cidr, length);
+		cidr_tmp[length-1] = 0;
+	} else {
+		_gnutls_debug_log("No prefix given in CIDR %s\n", cidr);
+		gnutls_assert();
+		return GNUTLS_E_MALFORMED_CIDR;
+	}
+
+	if (strchr(cidr, ':') != 0) { /* IPv6 */
+		iplength = 16;
+	} else { /* IPv4 */
+		iplength = 4;
+	}
+	cidr_rfc5280->size = 2*iplength;
+
+	if (prefix > iplength*8) {
+		_gnutls_debug_log("Invalid prefix given in CIDR %s (%d)\n", cidr, prefix);
+		ret = gnutls_assert_val(GNUTLS_E_MALFORMED_CIDR);
+		goto cleanup;
+	}
+
+	cidr_rfc5280->data = gnutls_malloc(cidr_rfc5280->size);
+	if (cidr_rfc5280->data == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		goto cleanup;
+	}
+
+	ret = inet_pton(iplength == 4 ? AF_INET : AF_INET6, cidr_tmp, cidr_rfc5280->data);
+	if (ret == 0) {
+		_gnutls_debug_log("Cannot parse IP from CIDR %s\n", cidr_tmp);
+		ret = gnutls_assert_val(GNUTLS_E_MALFORMED_CIDR);
+		goto cleanup;
+	}
+
+	prefix_to_mask(prefix, &cidr_rfc5280->data[iplength], iplength);
+	_gnutls_mask_ip(cidr_rfc5280->data, &cidr_rfc5280->data[iplength], iplength);
+
+	ret = GNUTLS_E_SUCCESS;
+
+cleanup:
+	gnutls_free(cidr_tmp);
+	return ret;
+}
diff --git a/lib/x509/ip.h b/lib/x509/ip.h
new file mode 100644
index 0000000..2c8569b
--- /dev/null
+++ b/lib/x509/ip.h
@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) 2007-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Simon Josefsson, Nikos Mavrogiannopoulos, Martin Ukrop
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_IP_H
+#define GNUTLS_LIB_X509_IP_H
+
+// for documentation, see the definition
+int _gnutls_mask_to_prefix(const unsigned char *mask, unsigned mask_size);
+
+// for documentation, see the definition
+const char *_gnutls_ip_to_string(const void *_ip, unsigned int ip_size, char *out, unsigned int out_size);
+
+// for documentation, see the definition
+const char *_gnutls_cidr_to_string(const void *_ip, unsigned int ip_size, char *out, unsigned int out_size);
+
+// for documentation, see the definition
+int _gnutls_mask_ip(unsigned char *ip, const unsigned char *mask, unsigned ipsize);
+
+#endif /* GNUTLS_LIB_X509_IP_H */
diff --git a/lib/x509/key_decode.c b/lib/x509/key_decode.c
new file mode 100644
index 0000000..44e4297
--- /dev/null
+++ b/lib/x509/key_decode.c
@@ -0,0 +1,678 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2013-2017 Red Hat
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <global.h>
+#include <libtasn1.h>
+#include <datum.h>
+#include "common.h"
+#include "x509_int.h"
+#include "pk.h"
+#include <num.h>
+#include <ecc.h>
+
+static int _gnutls_x509_read_rsa_pubkey(uint8_t * der, int dersize,
+					gnutls_pk_params_st * params);
+static int _gnutls_x509_read_dsa_pubkey(uint8_t * der, int dersize,
+					gnutls_pk_params_st * params);
+static int _gnutls_x509_read_ecc_pubkey(uint8_t * der, int dersize,
+					gnutls_pk_params_st * params);
+static int _gnutls_x509_read_eddsa_pubkey(gnutls_ecc_curve_t curve,
+					  uint8_t * der, int dersize,
+					  gnutls_pk_params_st * params);
+static int _gnutls_x509_read_ecdh_pubkey(gnutls_ecc_curve_t curve,
+					 uint8_t * der, int dersize,
+					 gnutls_pk_params_st * params);
+static int _gnutls_x509_read_gost_pubkey(uint8_t * der, int dersize,
+					gnutls_pk_params_st * params);
+
+static int
+_gnutls_x509_read_dsa_params(uint8_t * der, int dersize,
+			     gnutls_pk_params_st * params);
+
+/*
+ * some x509 certificate parsing functions that relate to MPI parameter
+ * extraction. This reads the BIT STRING subjectPublicKey.
+ * Returns 2 parameters (m,e). It does not set params_nr.
+ */
+int
+_gnutls_x509_read_rsa_pubkey(uint8_t * der, int dersize,
+			     gnutls_pk_params_st * params)
+{
+	int result;
+	asn1_node spk = NULL;
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.RSAPublicKey", &spk))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = asn1_der_decoding(&spk, der, dersize, NULL);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&spk);
+		return _gnutls_asn2err(result);
+	}
+
+
+	if (_gnutls_x509_read_int(spk, "modulus",
+				  &params->params[0]) < 0) {
+		gnutls_assert();
+		asn1_delete_structure(&spk);
+		return GNUTLS_E_ASN1_GENERIC_ERROR;
+	}
+
+	if (_gnutls_x509_read_int(spk, "publicExponent",
+				  &params->params[1]) < 0) {
+		gnutls_assert();
+		_gnutls_mpi_release(&params->params[0]);
+		asn1_delete_structure(&spk);
+		return GNUTLS_E_ASN1_GENERIC_ERROR;
+	}
+
+	asn1_delete_structure(&spk);
+
+	return 0;
+
+}
+
+/*
+ * some x509 certificate parsing functions that relate to MPI parameter
+ * extraction. This reads the BIT STRING subjectPublicKey.
+ * Returns 2 parameters (m,e). It does not set params_nr.
+ */
+int
+_gnutls_x509_read_ecc_pubkey(uint8_t * der, int dersize,
+			     gnutls_pk_params_st * params)
+{
+	/* RFC5480 defines the public key to be an ECPoint (i.e. OCTET STRING),
+	 * Then it says that the OCTET STRING _value_ is converted to BIT STRING.
+	 * That means that the value we place there is the raw X9.62 one. */
+	return _gnutls_ecc_ansi_x962_import(der, dersize,
+					    &params->params[ECC_X],
+					    &params->params[ECC_Y]);
+}
+
+int _gnutls_x509_read_eddsa_pubkey(gnutls_ecc_curve_t curve,
+				   uint8_t * der, int dersize,
+				   gnutls_pk_params_st * params)
+{
+	int size = gnutls_ecc_curve_get_size(curve);
+	if (dersize != size)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+	return _gnutls_set_datum(&params->raw_pub, der, dersize);
+}
+
+int _gnutls_x509_read_ecdh_pubkey(gnutls_ecc_curve_t curve,
+				  uint8_t * der, int dersize,
+				  gnutls_pk_params_st * params)
+{
+	int size = gnutls_ecc_curve_get_size(curve);
+	if (dersize != size)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+	return _gnutls_set_datum(&params->raw_pub, der, dersize);
+}
+
+/* Pubkey is a concatenation of X (in little endian) and Y (also LE)
+ * encoded into OCTET STRING. */
+static int
+_gnutls_x509_read_gost_pubkey(uint8_t * der, int dersize,
+			     gnutls_pk_params_st * params)
+{
+	int ret;
+	int len;
+	bigint_t *x = &params->params[GOST_X];
+	bigint_t *y = &params->params[GOST_Y];
+
+	/* Quick and dirty parsing of OCTET STRING of 0x40 or 0x80 bytes */
+	if (dersize < 1 || der[0] != ASN1_TAG_OCTET_STRING) {
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+	}
+
+	der++;
+	dersize--;
+
+	ret = asn1_get_length_der(der, dersize, &len);
+	if (ret <= 0 || ret % 2 != 0 || dersize != len + ret) {
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+	}
+
+	der += len;
+	dersize -= len;
+
+	/* read data */
+	ret = _gnutls_mpi_init_scan_le(x, der, dersize / 2);
+	if (ret < 0)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	ret = _gnutls_mpi_init_scan_le(y, der + dersize / 2, dersize / 2);
+	if (ret < 0) {
+		_gnutls_mpi_release(y);
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	return 0;
+}
+
+/* reads p,q and g 
+ * from the certificate (subjectPublicKey BIT STRING).
+ * params[0-2]. It does NOT set params_nr.
+ */
+static int
+_gnutls_x509_read_dsa_params(uint8_t * der, int dersize,
+			     gnutls_pk_params_st * params)
+{
+	int result;
+	asn1_node spk = NULL;
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.Dss-Parms",
+	      &spk)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = asn1_der_decoding(&spk, der, dersize, NULL);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&spk);
+		return _gnutls_asn2err(result);
+	}
+
+	/* If the parameters are not included in the certificate
+	 * then the issuer's parameters should be used. This is not
+	 * implemented, and is not used in practice (along with DSA).
+	 */
+
+	/* Read p */
+
+	if (_gnutls_x509_read_int(spk, "p", &params->params[0]) < 0) {
+		gnutls_assert();
+		asn1_delete_structure(&spk);
+		return GNUTLS_E_ASN1_GENERIC_ERROR;
+	}
+
+	/* Read q */
+
+	if (_gnutls_x509_read_int(spk, "q", &params->params[1]) < 0) {
+		gnutls_assert();
+		asn1_delete_structure(&spk);
+		_gnutls_mpi_release(&params->params[0]);
+		return GNUTLS_E_ASN1_GENERIC_ERROR;
+	}
+
+	/* Read g */
+
+	if (_gnutls_x509_read_int(spk, "g", &params->params[2]) < 0) {
+		gnutls_assert();
+		asn1_delete_structure(&spk);
+		_gnutls_mpi_release(&params->params[0]);
+		_gnutls_mpi_release(&params->params[1]);
+		return GNUTLS_E_ASN1_GENERIC_ERROR;
+	}
+
+	asn1_delete_structure(&spk);
+
+	params->params_nr = 3; /* public key is missing */
+	params->algo = GNUTLS_PK_DSA;
+
+	return 0;
+
+}
+
+/* reads the curve from the certificate.
+ * params[0-4]. It does NOT set params_nr.
+ */
+int
+_gnutls_x509_read_ecc_params(uint8_t * der, int dersize,
+			     unsigned int * curve)
+{
+	int ret;
+	asn1_node spk = NULL;
+	char oid[MAX_OID_SIZE];
+	int oid_size;
+
+	if ((ret = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.ECParameters",
+	      &spk)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	ret = asn1_der_decoding(&spk, der, dersize, NULL);
+
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	/* read the curve */
+	oid_size = sizeof(oid);
+	ret = asn1_read_value(spk, "namedCurve", oid, &oid_size);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	*curve = gnutls_oid_to_ecc_curve(oid);
+	if (*curve == GNUTLS_ECC_CURVE_INVALID) {
+		_gnutls_debug_log("Curve %s is not supported\n", oid);
+		gnutls_assert();
+		ret = GNUTLS_E_ECC_UNSUPPORTED_CURVE;
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+
+	asn1_delete_structure(&spk);
+
+	return ret;
+
+}
+
+/* Reads RSA-PSS parameters.
+ */
+int
+_gnutls_x509_read_rsa_pss_params(uint8_t * der, int dersize,
+				 gnutls_x509_spki_st * params)
+{
+	int result;
+	asn1_node spk = NULL;
+	asn1_node c2 = NULL;
+	gnutls_digest_algorithm_t digest;
+	char oid[MAX_OID_SIZE] = "";
+	int size;
+	unsigned int trailer;
+	gnutls_datum_t value = { NULL, 0 };
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.RSAPSSParameters", &spk))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = _asn1_strict_der_decode(&spk, der, dersize, NULL);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	size = sizeof(oid);
+	result = asn1_read_value(spk, "hashAlgorithm.algorithm", oid, &size);
+	if (result == ASN1_SUCCESS)
+		digest = gnutls_oid_to_digest(oid);
+	else if (result == ASN1_ELEMENT_NOT_FOUND)
+		/* The default hash algorithm is SHA-1 */
+		digest = GNUTLS_DIG_SHA1;
+	else {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (digest == GNUTLS_DIG_UNKNOWN) {
+		gnutls_assert();
+		_gnutls_debug_log("Unknown RSA-PSS hash: %s\n", oid);
+		result = GNUTLS_E_UNKNOWN_HASH_ALGORITHM;
+		goto cleanup;
+	}
+
+	size = sizeof(oid);
+	result = asn1_read_value(spk, "maskGenAlgorithm.algorithm", oid, &size);
+	if (result == ASN1_SUCCESS) {
+		gnutls_digest_algorithm_t digest2;
+
+		/* Error out if algorithm other than mgf1 is specified */
+		if (strcmp(oid, PKIX1_RSA_PSS_MGF1_OID) != 0) {
+			gnutls_assert();
+			_gnutls_debug_log("Unknown mask algorithm: %s\n", oid);
+			result = GNUTLS_E_UNKNOWN_ALGORITHM;
+			goto cleanup;
+		}
+
+		/* Check if maskGenAlgorithm.parameters does exist and
+		 * is identical to hashAlgorithm */
+		result = _gnutls_x509_read_value(spk, "maskGenAlgorithm.parameters", &value);
+		if (result < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		if ((result = asn1_create_element
+		     (_gnutls_get_pkix(), "PKIX1.AlgorithmIdentifier", &c2))
+		    != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		result = _asn1_strict_der_decode(&c2, value.data, value.size, NULL);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		size = sizeof(oid);
+		result = asn1_read_value(c2, "algorithm", oid, &size);
+		if (result == ASN1_SUCCESS)
+			digest2 = gnutls_oid_to_digest(oid);
+		else if (result == ASN1_ELEMENT_NOT_FOUND)
+			/* The default hash algorithm for mgf1 is SHA-1 */
+			digest2 = GNUTLS_DIG_SHA1;
+		else {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		if (digest != digest2) {
+			gnutls_assert();
+			result = GNUTLS_E_CONSTRAINT_ERROR;
+			goto cleanup;
+		}
+	} else if (result != ASN1_ELEMENT_NOT_FOUND) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	memset(params, 0, sizeof(gnutls_x509_spki_st));
+	params->pk = GNUTLS_PK_RSA_PSS;
+	params->rsa_pss_dig = digest;
+
+	result = _gnutls_x509_read_uint(spk, "saltLength", &params->salt_size);
+	if (result == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND ||
+	    result == GNUTLS_E_ASN1_VALUE_NOT_FOUND)
+		params->salt_size = 20;
+	else if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_read_uint(spk, "trailerField", &trailer);
+	if (result == GNUTLS_E_ASN1_VALUE_NOT_FOUND ||
+	    result == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND)
+		trailer = 1;
+	else if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	if (trailer != 1) {
+		gnutls_assert();
+		result = GNUTLS_E_CERTIFICATE_ERROR;
+		goto cleanup;
+	}
+
+	result = 0;
+ cleanup:
+	_gnutls_free_datum(&value);
+	asn1_delete_structure(&c2);
+	asn1_delete_structure(&spk);
+	return result;
+}
+
+/* reads the curve from the certificate.
+ * It does NOT set params_nr.
+ */
+int
+_gnutls_x509_read_gost_params(uint8_t * der, int dersize,
+			      gnutls_pk_params_st * params,
+			      gnutls_pk_algorithm_t algo)
+{
+	int ret;
+	asn1_node spk = NULL;
+	char oid[MAX_OID_SIZE];
+	int oid_size;
+	gnutls_ecc_curve_t curve;
+	gnutls_gost_paramset_t param;
+
+	if ((ret = asn1_create_element(_gnutls_get_gnutls_asn(),
+				       algo == GNUTLS_PK_GOST_01 ?
+				       "GNUTLS.GOSTParametersOld" :
+				       "GNUTLS.GOSTParameters",
+				       &spk)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	ret = _asn1_strict_der_decode(&spk, der, dersize, NULL);
+
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	/* read the curve */
+	oid_size = sizeof(oid);
+	ret = asn1_read_value(spk, "publicKeyParamSet", oid, &oid_size);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	curve = gnutls_oid_to_ecc_curve(oid);
+	if (curve == GNUTLS_ECC_CURVE_INVALID) {
+		_gnutls_debug_log("Curve %s is not supported\n", oid);
+		gnutls_assert();
+		ret = GNUTLS_E_ECC_UNSUPPORTED_CURVE;
+		goto cleanup;
+	}
+
+	/* Read the digest */
+	oid_size = sizeof(oid);
+	ret = asn1_read_value(spk, "digestParamSet", oid, &oid_size);
+	if (ret != ASN1_SUCCESS &&
+	    ret != ASN1_ELEMENT_NOT_FOUND) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+	/* For now ignore the OID: we use pk OID instead */
+
+	oid_size = sizeof(oid);
+	ret = asn1_read_value(spk, "encryptionParamSet", oid, &oid_size);
+	if (ret != ASN1_SUCCESS &&
+	    ret != ASN1_ELEMENT_NOT_FOUND) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	if (ret != ASN1_ELEMENT_NOT_FOUND)
+		param = gnutls_oid_to_gost_paramset(oid);
+	else
+		param = _gnutls_gost_paramset_default(algo);
+
+	if (param == GNUTLS_GOST_PARAMSET_UNKNOWN) {
+		gnutls_assert();
+		ret = param;
+		goto cleanup;
+	}
+
+	params->curve = curve;
+	params->gost_params = param;
+	ret = 0;
+
+      cleanup:
+
+	asn1_delete_structure(&spk);
+
+	return ret;
+
+}
+
+/* This function must be called after _gnutls_x509_read_params()
+ */
+int _gnutls_x509_read_pubkey(gnutls_pk_algorithm_t algo, uint8_t * der,
+			     int dersize, gnutls_pk_params_st * params)
+{
+	int ret;
+
+	switch (algo) {
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_RSA_PSS:
+		ret = _gnutls_x509_read_rsa_pubkey(der, dersize, params);
+		if (ret >= 0) {
+			params->algo = algo;
+			params->params_nr = RSA_PUBLIC_PARAMS;
+		}
+		break;
+	case GNUTLS_PK_DSA:
+		if (params->params_nr != 3) /* _gnutls_x509_read_pubkey_params must have been called */
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		ret = _gnutls_x509_read_dsa_pubkey(der, dersize, params);
+		if (ret >= 0) {
+			params->algo = GNUTLS_PK_DSA;
+			params->params_nr = DSA_PUBLIC_PARAMS;
+		}
+		break;
+	case GNUTLS_PK_ECDSA:
+		ret = _gnutls_x509_read_ecc_pubkey(der, dersize, params);
+		if (ret >= 0) {
+			params->algo = GNUTLS_PK_ECDSA;
+			params->params_nr = ECC_PUBLIC_PARAMS;
+		}
+		break;
+	case GNUTLS_PK_EDDSA_ED25519:
+		ret = _gnutls_x509_read_eddsa_pubkey(GNUTLS_ECC_CURVE_ED25519, der, dersize, params);
+		break;
+	case GNUTLS_PK_EDDSA_ED448:
+		ret = _gnutls_x509_read_eddsa_pubkey(GNUTLS_ECC_CURVE_ED448, der, dersize, params);
+		break;
+	case GNUTLS_PK_ECDH_X25519:
+		ret = _gnutls_x509_read_ecdh_pubkey(GNUTLS_ECC_CURVE_X25519, der, dersize, params);
+		break;
+	case GNUTLS_PK_ECDH_X448:
+		ret = _gnutls_x509_read_ecdh_pubkey(GNUTLS_ECC_CURVE_X448, der, dersize, params);
+		break;
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		ret = _gnutls_x509_read_gost_pubkey(der, dersize, params);
+		if (ret >= 0) {
+			params->algo = algo;
+			params->params_nr = GOST_PUBLIC_PARAMS;
+		}
+		break;
+	default:
+		ret = gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+		break;
+	}
+	return ret;
+}
+
+/* This function must be called prior to _gnutls_x509_read_pubkey()
+ */
+int _gnutls_x509_read_pubkey_params(gnutls_pk_algorithm_t algo,
+				    uint8_t * der, int dersize,
+				    gnutls_pk_params_st * params)
+{
+	switch (algo) {
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+		return 0;
+	case GNUTLS_PK_RSA_PSS:
+		return _gnutls_x509_read_rsa_pss_params(der, dersize, &params->spki);
+	case GNUTLS_PK_DSA:
+		return _gnutls_x509_read_dsa_params(der, dersize, params);
+	case GNUTLS_PK_EC:
+		return _gnutls_x509_read_ecc_params(der, dersize, &params->curve);
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		return _gnutls_x509_read_gost_params(der, dersize, params, algo);
+	default:
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+	}
+}
+
+/* This function must be called after _gnutls_x509_read_pubkey()
+ */
+int _gnutls_x509_check_pubkey_params(gnutls_pk_params_st * params)
+{
+	switch (params->algo) {
+	case GNUTLS_PK_RSA_PSS: {
+		unsigned bits;
+		const mac_entry_st *me;
+		size_t hash_size;
+
+		if (params->spki.pk == GNUTLS_PK_UNKNOWN) /* no params present */
+			return 0;
+
+		bits = pubkey_to_bits(params);
+
+		me = hash_to_entry(params->spki.rsa_pss_dig);
+		if (unlikely(me == NULL))
+			return gnutls_assert_val(GNUTLS_E_PK_INVALID_PUBKEY_PARAMS);
+
+		hash_size = _gnutls_hash_get_algo_len(me);
+		if (hash_size + params->spki.salt_size + 2 > (bits + 7) / 8)
+			return gnutls_assert_val(GNUTLS_E_PK_INVALID_PUBKEY_PARAMS);
+		return 0;
+	}
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_DSA:
+	case GNUTLS_PK_ECDSA:
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_ECDH_X448:
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		return 0;
+	default:
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+	}
+}
+
+/* reads DSA's Y
+ * from the certificate 
+ * only sets params[3]
+ */
+int
+_gnutls_x509_read_dsa_pubkey(uint8_t * der, int dersize,
+			     gnutls_pk_params_st * params)
+{
+	return _gnutls_x509_read_der_int(der, dersize, &params->params[3]);
+}
diff --git a/lib/x509/key_encode.c b/lib/x509/key_encode.c
new file mode 100644
index 0000000..8428cd1
--- /dev/null
+++ b/lib/x509/key_encode.c
@@ -0,0 +1,1087 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2013-2017 Red Hat
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <global.h>
+#include <libtasn1.h>
+#include <datum.h>
+#include "common.h"
+#include "x509_int.h"
+#include <num.h>
+#include <pk.h>
+#include <mpi.h>
+#include <ecc.h>
+
+static int _gnutls_x509_write_rsa_pubkey(const gnutls_pk_params_st * params,
+					 gnutls_datum_t * der);
+static int _gnutls_x509_write_dsa_params(const gnutls_pk_params_st * params,
+					 gnutls_datum_t * der);
+static int _gnutls_x509_write_dsa_pubkey(const gnutls_pk_params_st * params,
+					 gnutls_datum_t * der);
+static int _gnutls_x509_write_gost_params(const gnutls_pk_params_st * params,
+					 gnutls_datum_t * der);
+static int _gnutls_x509_write_gost_pubkey(const gnutls_pk_params_st * params,
+					 gnutls_datum_t * der);
+
+/*
+ * some x509 certificate functions that relate to MPI parameter
+ * setting. This writes the BIT STRING subjectPublicKey.
+ * Needs 2 parameters (m,e).
+ *
+ * Allocates the space used to store the DER data.
+ */
+static int
+_gnutls_x509_write_rsa_pubkey(const gnutls_pk_params_st * params,
+			      gnutls_datum_t * der)
+{
+	int result;
+	asn1_node spk = NULL;
+
+	der->data = NULL;
+	der->size = 0;
+
+	if (params->params_nr < RSA_PUBLIC_PARAMS) {
+		gnutls_assert();
+		result = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.RSAPublicKey", &spk))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result =
+	    _gnutls_x509_write_int(spk, "modulus", params->params[0], 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result =
+	    _gnutls_x509_write_int(spk, "publicExponent",
+				   params->params[1], 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_der_encode(spk, "", der, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+      cleanup:
+	asn1_delete_structure(&spk);
+
+	return result;
+}
+
+/*
+ * some x509 certificate functions that relate to MPI parameter
+ * setting. This writes an ECPoint.
+ *
+ * Allocates the space used to store the DER data.
+ */
+int
+_gnutls_x509_write_ecc_pubkey(const gnutls_pk_params_st * params,
+			      gnutls_datum_t * der)
+{
+	int result;
+
+	der->data = NULL;
+	der->size = 0;
+
+	if (params->params_nr < ECC_PUBLIC_PARAMS)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	result =
+	    _gnutls_ecc_ansi_x962_export(params->curve,
+					 params->params[ECC_X],
+					 params->params[ECC_Y], /*&out */
+					 der);
+	if (result < 0)
+		return gnutls_assert_val(result);
+
+	return 0;
+}
+
+/*
+ * some x509 certificate functions that relate to MPI parameter
+ * setting. This writes a raw public key.
+ *
+ * Allocates the space used to store the data.
+ */
+int
+_gnutls_x509_write_eddsa_pubkey(const gnutls_pk_params_st * params,
+			      gnutls_datum_t * raw)
+{
+	int ret;
+
+	raw->data = NULL;
+	raw->size = 0;
+
+	if (params->raw_pub.size == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (params->curve != GNUTLS_ECC_CURVE_ED25519 &&
+	    params->curve != GNUTLS_ECC_CURVE_ED448)
+		return gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+
+	ret = _gnutls_set_datum(raw, params->raw_pub.data, params->raw_pub.size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+/*
+ * some x509 certificate functions that relate to MPI parameter
+ * setting. This writes a raw public key.
+ *
+ * Allocates the space used to store the data.
+ */
+static int
+_gnutls_x509_write_modern_ecdh_pubkey(const gnutls_pk_params_st * params,
+                                      gnutls_datum_t * raw)
+{
+	int ret;
+
+	raw->data = NULL;
+	raw->size = 0;
+
+	if (params->raw_pub.size == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (params->curve != GNUTLS_ECC_CURVE_X25519 &&
+	    params->curve != GNUTLS_ECC_CURVE_X448)
+		return gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+
+	ret = _gnutls_set_datum(raw, params->raw_pub.data, params->raw_pub.size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+int
+_gnutls_x509_write_gost_pubkey(const gnutls_pk_params_st * params,
+			      gnutls_datum_t * der)
+{
+	bigint_t x, y;
+	int numlen;
+	int byte_size, ret;
+	size_t size;
+	int pos;
+
+	der->data = NULL;
+	der->size = 0;
+
+	if (params->params_nr < GOST_PUBLIC_PARAMS)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	x = params->params[GOST_X];
+	y = params->params[GOST_Y];
+	numlen = gnutls_ecc_curve_get_size(params->curve);
+
+	if (numlen == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	der->size = 1 + ASN1_MAX_LENGTH_SIZE + 2 * numlen;
+
+	der->data = gnutls_malloc(der->size);
+	if (der->data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	memset(der->data, 0, der->size);
+
+	der->data[0] = ASN1_TAG_OCTET_STRING;
+	asn1_length_der(2 * numlen, &der->data[1], &pos);
+	pos += 1;
+
+	/* pad and store x */
+	byte_size = (_gnutls_mpi_get_nbits(x) + 7) / 8;
+	if (numlen < byte_size) {
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto cleanup;
+	}
+
+	size = numlen;
+	ret = _gnutls_mpi_print_le(x, &der->data[pos], &size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* pad and store y */
+	byte_size = (_gnutls_mpi_get_nbits(y) + 7) / 8;
+	if (numlen < byte_size) {
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto cleanup;
+	}
+
+	size = numlen;
+	ret = _gnutls_mpi_print_le(y, &der->data[pos + numlen], &size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	der->size = pos + 2 * numlen;
+
+	return 0;
+
+ cleanup:
+	_gnutls_free_datum(der);
+	return ret;
+}
+
+int
+_gnutls_x509_write_pubkey_params(const gnutls_pk_params_st * params,
+				 gnutls_datum_t * der)
+{
+	switch (params->algo) {
+	case GNUTLS_PK_DSA:
+		return _gnutls_x509_write_dsa_params(params, der);
+	case GNUTLS_PK_RSA:
+		der->data = gnutls_malloc(ASN1_NULL_SIZE);
+		if (der->data == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		memcpy(der->data, ASN1_NULL, ASN1_NULL_SIZE);
+		der->size = ASN1_NULL_SIZE;
+		return 0;
+	case GNUTLS_PK_RSA_PSS:
+		return _gnutls_x509_write_rsa_pss_params(&params->spki, der);
+	case GNUTLS_PK_ECDSA:
+		return _gnutls_x509_write_ecc_params(params->curve, der);
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_ECDH_X448:
+		der->data = NULL;
+		der->size = 0;
+
+		return 0;
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		return _gnutls_x509_write_gost_params(params, der);
+	default:
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+	}
+}
+
+int
+_gnutls_x509_write_pubkey(const gnutls_pk_params_st * params,
+			  gnutls_datum_t * der)
+{
+	switch (params->algo) {
+	case GNUTLS_PK_DSA:
+		return _gnutls_x509_write_dsa_pubkey(params, der);
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_RSA_PSS:
+		return _gnutls_x509_write_rsa_pubkey(params, der);
+	case GNUTLS_PK_ECDSA:
+		return _gnutls_x509_write_ecc_pubkey(params, der);
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+		return _gnutls_x509_write_eddsa_pubkey(params, der);
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_ECDH_X448:
+		return _gnutls_x509_write_modern_ecdh_pubkey(params, der);
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		return _gnutls_x509_write_gost_pubkey(params, der);
+	default:
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+	}
+}
+
+/*
+ * This function writes the parameters for DSS keys.
+ * Needs 3 parameters (p,q,g).
+ *
+ * Allocates the space used to store the DER data.
+ */
+static int
+_gnutls_x509_write_dsa_params(const gnutls_pk_params_st * params,
+			      gnutls_datum_t * der)
+{
+	int result;
+	asn1_node spk = NULL;
+
+	der->data = NULL;
+	der->size = 0;
+
+	if (params->params_nr < DSA_PUBLIC_PARAMS - 1) {
+		gnutls_assert();
+		result = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.DSAParameters", &spk))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _gnutls_x509_write_int(spk, "p", params->params[0], 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_write_int(spk, "q", params->params[1], 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_write_int(spk, "g", params->params[2], 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_der_encode(spk, "", der, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+      cleanup:
+	asn1_delete_structure(&spk);
+	return result;
+}
+
+/*
+ * This function writes the parameters for ECC keys.
+ * That is the ECParameters struct.
+ *
+ * Allocates the space used to store the DER data.
+ */
+int
+_gnutls_x509_write_ecc_params(const gnutls_ecc_curve_t curve,
+			      gnutls_datum_t * der)
+{
+	int result;
+	asn1_node spk = NULL;
+	const char *oid;
+
+	der->data = NULL;
+	der->size = 0;
+
+	oid = gnutls_ecc_curve_get_oid(curve);
+	if (oid == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.ECParameters", &spk))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if ((result =
+	     asn1_write_value(spk, "", "namedCurve", 1)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if ((result =
+	     asn1_write_value(spk, "namedCurve", oid,
+			      1)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_der_encode(spk, "", der, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+      cleanup:
+	asn1_delete_structure(&spk);
+	return result;
+}
+
+int
+_gnutls_x509_write_rsa_pss_params(const gnutls_x509_spki_st *params,
+				  gnutls_datum_t *der)
+{
+	int result;
+	asn1_node spk = NULL;
+	asn1_node c2 = NULL;
+	const char *oid;
+	gnutls_datum_t tmp = { NULL, 0 };
+
+	der->data = NULL;
+	der->size = 0;
+
+	if (params->pk != GNUTLS_PK_RSA_PSS)
+		return 0;
+
+	/* refuse to write parameters we cannot read */
+	if (gnutls_pk_to_sign(GNUTLS_PK_RSA_PSS, params->rsa_pss_dig) == GNUTLS_SIGN_UNKNOWN)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.RSAPSSParameters", &spk))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	oid = gnutls_digest_get_oid(params->rsa_pss_dig);
+
+	if ((result = asn1_write_value(spk, "hashAlgorithm.algorithm", oid, 1))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if ((result = asn1_write_value(spk, "hashAlgorithm.parameters", NULL, 0))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if ((result =
+	     asn1_write_value(spk, "maskGenAlgorithm.algorithm",
+			      PKIX1_RSA_PSS_MGF1_OID, 1))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.AlgorithmIdentifier", &c2))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if ((result = asn1_write_value(c2, "algorithm", oid, 1))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if ((result = asn1_write_value(c2, "parameters", NULL, 0))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_der_encode(c2, "", &tmp, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if ((result =
+	     asn1_write_value(spk, "maskGenAlgorithm.parameters",
+			      tmp.data, tmp.size))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_write_uint32(spk, "saltLength",
+					   params->salt_size);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_write_uint32(spk, "trailerField", 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_der_encode(spk, "", der, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+      cleanup:
+	_gnutls_free_datum(&tmp);
+	asn1_delete_structure(&c2);
+	asn1_delete_structure(&spk);
+	return result;
+}
+
+static int
+_gnutls_x509_write_gost_params(const gnutls_pk_params_st * params,
+			      gnutls_datum_t * der)
+{
+	int result;
+	asn1_node spk = NULL;
+	const char *oid;
+
+	der->data = NULL;
+	der->size = 0;
+
+	oid = gnutls_ecc_curve_get_oid(params->curve);
+	if (oid == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_gnutls_asn(),
+	      params->algo == GNUTLS_PK_GOST_01 ?
+	      "GNUTLS.GOSTParametersOld" :
+	      "GNUTLS.GOSTParameters", &spk))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if ((result =
+	     asn1_write_value(spk, "publicKeyParamSet", oid,
+			      1)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	/* For compatibility per R 1323565.1.023—2018 provide digest OID only
+	 * for GOST-2001 keys or GOST-2012 keys with CryptoPro curves. Do not
+	 * set this optional parameter for TC26 curves */
+	if (params->algo == GNUTLS_PK_GOST_01)
+		oid = HASH_OID_GOST_R_3411_94_CRYPTOPRO_PARAMS;
+	else if (params->algo == GNUTLS_PK_GOST_12_256 &&
+		 (params->curve == GNUTLS_ECC_CURVE_GOST256CPA ||
+		  params->curve == GNUTLS_ECC_CURVE_GOST256CPB ||
+		  params->curve == GNUTLS_ECC_CURVE_GOST256CPC ||
+		  params->curve == GNUTLS_ECC_CURVE_GOST256CPXA ||
+		  params->curve == GNUTLS_ECC_CURVE_GOST256CPXB))
+		oid = HASH_OID_STREEBOG_256;
+	else if (params->algo == GNUTLS_PK_GOST_12_512 &&
+		 (params->curve == GNUTLS_ECC_CURVE_GOST512A ||
+		  params->curve == GNUTLS_ECC_CURVE_GOST512B))
+		oid = HASH_OID_STREEBOG_512;
+	else
+		oid = NULL;
+
+	if ((result = asn1_write_value(spk, "digestParamSet", oid, oid ? 1 : 0)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	oid = gnutls_gost_paramset_get_oid(params->gost_params);
+	if (oid == NULL) {
+		gnutls_assert();
+		result = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	if (params->algo == GNUTLS_PK_GOST_01) {
+		if (params->gost_params == _gnutls_gost_paramset_default(params->algo))
+			oid = NULL;
+
+		if ((result =
+		     asn1_write_value(spk, "encryptionParamSet", oid,
+				      oid ? 1 : 0)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+	}
+
+	result = _gnutls_x509_der_encode(spk, "", der, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+      cleanup:
+	asn1_delete_structure(&spk);
+	return result;
+}
+
+/*
+ * This function writes the public parameters for DSS keys.
+ * Needs 1 parameter (y).
+ *
+ * Allocates the space used to store the DER data.
+ */
+static int
+_gnutls_x509_write_dsa_pubkey(const gnutls_pk_params_st * params,
+			      gnutls_datum_t * der)
+{
+	int result;
+	asn1_node spk = NULL;
+
+	der->data = NULL;
+	der->size = 0;
+
+	if (params->params_nr < DSA_PUBLIC_PARAMS) {
+		gnutls_assert();
+		result = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.DSAPublicKey", &spk))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _gnutls_x509_write_int(spk, "", params->params[3], 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_der_encode(spk, "", der, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+      cleanup:
+	asn1_delete_structure(&spk);
+	return result;
+}
+
+/* Encodes the RSA parameters into an ASN.1 RSA private key structure.
+ */
+static int
+_gnutls_asn1_encode_rsa(asn1_node * c2, gnutls_pk_params_st * params)
+{
+	int result, ret;
+	uint8_t null = '\0';
+	gnutls_pk_params_st pk_params;
+
+	/* we do copy the parameters into a new structure to run _gnutls_pk_fixup,
+	 * i.e., regenerate some parameters in case they were broken */
+	gnutls_pk_params_init(&pk_params);
+
+	ret = _gnutls_pk_params_copy(&pk_params, params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_pk_fixup(GNUTLS_PK_RSA, GNUTLS_EXPORT, &pk_params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Ok. Now we have the data. Create the asn1 structures
+	 */
+
+	/* first make sure that no previously allocated data are leaked */
+	if (*c2 != NULL) {
+		asn1_delete_structure(c2);
+		*c2 = NULL;
+	}
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.RSAPrivateKey", c2))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	/* Write PRIME
+	 */
+	ret =
+	    _gnutls_x509_write_int(*c2, "modulus",
+				   params->params[RSA_MODULUS], 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_write_int(*c2, "publicExponent",
+				   params->params[RSA_PUB], 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_write_key_int(*c2, "privateExponent",
+				   params->params[RSA_PRIV], 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_write_key_int(*c2, "prime1",
+				   params->params[RSA_PRIME1], 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_write_key_int(*c2, "prime2",
+				   params->params[RSA_PRIME2], 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_write_key_int(*c2, "coefficient",
+				   params->params[RSA_COEF], 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_write_key_int(*c2, "exponent1",
+				   params->params[RSA_E1], 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_write_key_int(*c2, "exponent2",
+				   params->params[RSA_E2], 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if ((result = asn1_write_value(*c2, "otherPrimeInfos",
+				       NULL, 0)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if ((result =
+	     asn1_write_value(*c2, "version", &null, 1)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	if (ret < 0)
+		asn1_delete_structure2(c2, ASN1_DELETE_FLAG_ZEROIZE);
+
+	gnutls_pk_params_clear(&pk_params);
+	gnutls_pk_params_release(&pk_params);
+	return ret;
+}
+
+/* Encodes the ECC parameters into an ASN.1 ECPrivateKey structure.
+ */
+static int
+_gnutls_asn1_encode_ecc(asn1_node * c2, gnutls_pk_params_st * params)
+{
+	int ret;
+	uint8_t one = '\x01';
+	gnutls_datum_t pubkey = { NULL, 0 };
+	const char *oid;
+
+	oid = gnutls_ecc_curve_get_oid(params->curve);
+	if (oid == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	/* first make sure that no previously allocated data are leaked */
+	if (*c2 != NULL) {
+		asn1_delete_structure(c2);
+		*c2 = NULL;
+	}
+
+	if ((ret = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.ECPrivateKey", c2))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	if ((ret =
+	     asn1_write_value(*c2, "Version", &one, 1)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	if (curve_is_eddsa(params->curve) ||
+            curve_is_modern_ecdh(params->curve)) {
+		if (params->raw_pub.size == 0 || params->raw_priv.size == 0)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		ret =
+		    asn1_write_value(*c2, "privateKey", params->raw_priv.data, params->raw_priv.size);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret =
+		    asn1_write_value(*c2, "publicKey", params->raw_pub.data, params->raw_pub.size*8);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+	} else {
+		if (params->params_nr != ECC_PRIVATE_PARAMS)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		ret =
+		    _gnutls_ecc_ansi_x962_export(params->curve,
+						 params->params[ECC_X],
+						 params->params[ECC_Y], &pubkey);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    _gnutls_x509_write_key_int(*c2, "privateKey",
+					   params->params[ECC_K], 1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		if ((ret =
+		     asn1_write_value(*c2, "publicKey", pubkey.data,
+				      pubkey.size * 8)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+	}
+
+	/* write our choice */
+	if ((ret =
+	     asn1_write_value(*c2, "parameters", "namedCurve",
+			      1)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	if ((ret =
+	     asn1_write_value(*c2, "parameters.namedCurve", oid,
+			      1)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	_gnutls_free_datum(&pubkey);
+	return 0;
+
+cleanup:
+	asn1_delete_structure2(c2, ASN1_DELETE_FLAG_ZEROIZE);
+	_gnutls_free_datum(&pubkey);
+
+	return ret;
+}
+
+static int
+_gnutls_asn1_encode_gost(asn1_node * c2, gnutls_pk_params_st * params)
+{
+	int ret;
+	const char *oid;
+
+	oid = gnutls_pk_get_oid(params->algo);
+
+	if (params->params_nr != GOST_PRIVATE_PARAMS || oid == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	/* first make sure that no previously allocated data are leaked */
+	if (*c2 != NULL) {
+		asn1_delete_structure(c2);
+		*c2 = NULL;
+	}
+
+	if ((ret = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.GOSTPrivateKey", c2))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_write_key_int_le(*c2, "", params->params[GOST_K]);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+
+	return 0;
+
+cleanup:
+	asn1_delete_structure2(c2, ASN1_DELETE_FLAG_ZEROIZE);
+
+	return ret;
+}
+
+/* Encodes the DSA parameters into an ASN.1 DSAPrivateKey structure.
+ */
+static int
+_gnutls_asn1_encode_dsa(asn1_node * c2, gnutls_pk_params_st * params)
+{
+	int result, ret;
+	const uint8_t null = '\0';
+
+	/* first make sure that no previously allocated data are leaked */
+	if (*c2 != NULL) {
+		asn1_delete_structure(c2);
+		*c2 = NULL;
+	}
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.DSAPrivateKey", c2))
+	    != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* Write PRIME
+	 */
+	ret =
+	    _gnutls_x509_write_int(*c2, "p",
+				   params->params[DSA_P], 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_write_int(*c2, "q",
+				   params->params[DSA_Q], 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_write_int(*c2, "g",
+				   params->params[DSA_G], 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_write_int(*c2, "Y",
+				   params->params[DSA_Y], 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_write_key_int(*c2, "priv",
+				   params->params[DSA_X], 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if ((result =
+	     asn1_write_value(*c2, "version", &null, 1)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	return 0;
+
+cleanup:
+	asn1_delete_structure2(c2, ASN1_DELETE_FLAG_ZEROIZE);
+
+	return ret;
+}
+
+int _gnutls_asn1_encode_privkey(asn1_node * c2,
+				gnutls_pk_params_st * params)
+{
+	switch (params->algo) {
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_RSA_PSS:
+		return _gnutls_asn1_encode_rsa(c2, params);
+	case GNUTLS_PK_DSA:
+		return _gnutls_asn1_encode_dsa(c2, params);
+	case GNUTLS_PK_ECDSA:
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_ECDH_X448:
+		return _gnutls_asn1_encode_ecc(c2, params);
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		return _gnutls_asn1_encode_gost(c2, params);
+	default:
+		return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+	}
+}
diff --git a/lib/x509/krb5.c b/lib/x509/krb5.c
new file mode 100644
index 0000000..b26d07d
--- /dev/null
+++ b/lib/x509/krb5.c
@@ -0,0 +1,338 @@
+/*
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include <config.h>
+#include <gnutls/gnutls.h>
+#include <libtasn1.h>
+#include <string.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <errors.h>
+#include "krb5.h"
+#include "common.h"
+
+#define _gnutls_asn2err(x) GNUTLS_E_ASN1_DER_ERROR
+
+#define MAX_COMPONENTS 6
+
+typedef struct krb5_principal_data {
+	char *realm;
+	char *data[MAX_COMPONENTS];
+	uint32_t length;
+	int8_t type;
+} krb5_principal_data;
+
+extern const asn1_static_node krb5_asn1_tab[];
+
+static void cleanup_principal(krb5_principal_data * princ)
+{
+	unsigned i;
+	if (princ) {
+		gnutls_free(princ->realm);
+		for (i = 0; i < princ->length; i++)
+			gnutls_free(princ->data[i]);
+		memset(princ, 0, sizeof(*princ));
+		gnutls_free(princ);
+	}
+}
+
+static krb5_principal_data *name_to_principal(const char *_name)
+{
+	krb5_principal_data *princ;
+	char *p, *p2, *sp;
+	unsigned pos = 0;
+	char *name = NULL;
+
+	princ = gnutls_calloc(1, sizeof(struct krb5_principal_data));
+	if (princ == NULL)
+		return NULL;
+
+	name = gnutls_strdup(_name);
+	if (name == NULL) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	p = strrchr(name, '@');
+	p2 = strchr(name, '@');
+	if (p == NULL) {
+		/* unknown name type */
+		gnutls_assert();
+		goto fail;
+	}
+
+	princ->realm = gnutls_strdup(p + 1);
+	if (princ->realm == NULL) {
+		gnutls_assert();
+		goto fail;
+	}
+	*p = 0;
+
+	if (p == p2) {
+		p = strtok_r(name, "/", &sp);
+		while (p) {
+			if (pos == MAX_COMPONENTS) {
+				_gnutls_debug_log
+				    ("%s: Cannot parse names with more than %d components\n",
+				     __func__, MAX_COMPONENTS);
+				goto fail;
+			}
+
+			princ->data[pos] = gnutls_strdup(p);
+			if (princ->data[pos] == NULL) {
+				gnutls_assert();
+				goto fail;
+			}
+
+			princ->length++;
+			pos++;
+
+			p = strtok_r(NULL, "/", &sp);
+		}
+
+		if ((princ->length == 2)
+		    && (strcmp(princ->data[0], "krbtgt") == 0)) {
+			princ->type = 2;	/* KRB_NT_SRV_INST */
+		} else {
+			princ->type = 1;	/* KRB_NT_PRINCIPAL */
+		}
+	} else {		/* enterprise */
+		princ->data[0] = gnutls_strdup(name);
+		if (princ->data[0] == NULL) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		princ->length++;
+		princ->type = 10;	/* KRB_NT_ENTERPRISE */
+	}
+
+	goto cleanup;
+ fail:
+	cleanup_principal(princ);
+	princ = NULL;
+
+ cleanup:
+	gnutls_free(name);
+	return princ;
+}
+
+int _gnutls_krb5_principal_to_der(const char *name, gnutls_datum_t * der)
+{
+	int ret, result;
+	asn1_node c2 = NULL;
+	krb5_principal_data *princ;
+	unsigned i;
+
+	princ = name_to_principal(name);
+	if (princ == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_PARSING_ERROR;
+		goto cleanup;
+	}
+
+	result =
+	    asn1_create_element(_gnutls_get_gnutls_asn(),
+				"GNUTLS.KRB5PrincipalName", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result =
+	    asn1_write_value(c2, "realm", princ->realm, strlen(princ->realm));
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result =
+	    asn1_write_value(c2, "principalName.name-type", &princ->type, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	for (i = 0; i < princ->length; i++) {
+		result =
+		    asn1_write_value(c2, "principalName.name-string", "NEW", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		result =
+		    asn1_write_value(c2,
+				     "principalName.name-string.?LAST",
+				     princ->data[i], strlen(princ->data[i]));
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+	}
+
+	ret = _gnutls_x509_der_encode(c2, "", der, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	cleanup_principal(princ);
+	asn1_delete_structure(&c2);
+	return ret;
+}
+
+static int principal_to_str(asn1_node c2, gnutls_buffer_st * str)
+{
+	gnutls_datum_t realm = { NULL, 0 };
+	gnutls_datum_t component = { NULL, 0 };
+	unsigned char name_type[2];
+	int ret, result, len;
+	unsigned i;
+	char val[128];
+
+	ret = _gnutls_x509_read_value(c2, "realm", &realm);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	len = sizeof(name_type);
+	result =
+	    asn1_read_value(c2, "principalName.name-type", name_type, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (len != 1
+	    || (name_type[0] != 1 && name_type[0] != 2 && name_type[0] != 10)) {
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	for (i = 0;; i++) {
+		snprintf(val, sizeof(val), "principalName.name-string.?%u",
+			 i + 1);
+		ret = _gnutls_x509_read_value(c2, val, &component);
+		if (ret == GNUTLS_E_ASN1_VALUE_NOT_FOUND
+		    || ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND)
+			break;
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		if (i > 0) {
+			ret = _gnutls_buffer_append_data(str, "/", 1);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+		}
+
+		ret =
+		    _gnutls_buffer_append_data(str, component.data,
+					       component.size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		_gnutls_free_datum(&component);
+	}
+
+	ret = _gnutls_buffer_append_data(str, "@", 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_buffer_append_data(str, realm.data, realm.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	_gnutls_free_datum(&component);
+	gnutls_free(realm.data);
+	return ret;
+}
+
+int _gnutls_krb5_der_to_principal(const gnutls_datum_t * der,
+				  gnutls_datum_t * name)
+{
+	int ret, result;
+	asn1_node c2 = NULL;
+	gnutls_buffer_st str;
+
+	_gnutls_buffer_init(&str);
+
+	result =
+	    asn1_create_element(_gnutls_get_gnutls_asn(),
+				"GNUTLS.KRB5PrincipalName", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = asn1_der_decoding(&c2, der->data, der->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	ret = principal_to_str(c2, &str);
+	if (ret < 0) {
+		/* for some reason we cannot convert to a human readable string
+		 * the principal. Then we use the #HEX format.
+		 */
+		_gnutls_buffer_reset(&str);
+		ret = _gnutls_buffer_append_data(&str, "#", 1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		_gnutls_buffer_hexprint(&str, der->data, der->size);
+	}
+
+	asn1_delete_structure(&c2);
+	return _gnutls_buffer_to_datum(&str, name, 1);
+
+ cleanup:
+	_gnutls_buffer_clear(&str);
+	asn1_delete_structure(&c2);
+	return ret;
+}
diff --git a/lib/x509/krb5.h b/lib/x509/krb5.h
new file mode 100644
index 0000000..815bb28
--- /dev/null
+++ b/lib/x509/krb5.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_KRB5_H
+#define GNUTLS_LIB_X509_KRB5_H
+
+int _gnutls_krb5_principal_to_der(const char *name, gnutls_datum_t * der);
+int _gnutls_krb5_der_to_principal(const gnutls_datum_t * der, gnutls_datum_t *name);
+
+#endif /* GNUTLS_LIB_X509_KRB5_H */
diff --git a/lib/x509/mpi.c b/lib/x509/mpi.c
new file mode 100644
index 0000000..c0751df
--- /dev/null
+++ b/lib/x509/mpi.c
@@ -0,0 +1,451 @@
+/*
+ * Copyright (C) 2003-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <global.h>
+#include <libtasn1.h>
+#include <datum.h>
+#include "common.h"
+#include "x509_int.h"
+#include <num.h>
+#include <limits.h>
+
+/* Reads an Integer from the DER encoded data
+ */
+
+int _gnutls_x509_read_der_int(uint8_t * der, int dersize, bigint_t * out)
+{
+	int result;
+	asn1_node spk = NULL;
+
+	/* == INTEGER */
+	if ((result = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.DSAPublicKey",
+	      &spk)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&spk, der, dersize, NULL);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&spk);
+		return _gnutls_asn2err(result);
+	}
+
+	/* Read Y */
+
+	if ((result = _gnutls_x509_read_int(spk, "", out)) < 0) {
+		gnutls_assert();
+		asn1_delete_structure(&spk);
+		return _gnutls_asn2err(result);
+	}
+
+	asn1_delete_structure(&spk);
+
+	return 0;
+
+}
+
+int _gnutls_x509_read_der_uint(uint8_t * der, int dersize, unsigned int *out)
+{
+	int result;
+	asn1_node spk = NULL;
+
+	/* == INTEGER */
+	if ((result = asn1_create_element
+	     (_gnutls_get_gnutls_asn(), "GNUTLS.DSAPublicKey",
+	      &spk)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&spk, der, dersize, NULL);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&spk);
+		return _gnutls_asn2err(result);
+	}
+
+	/* Read Y */
+
+	if ((result = _gnutls_x509_read_uint(spk, "", out)) < 0) {
+		gnutls_assert();
+		asn1_delete_structure(&spk);
+		return _gnutls_asn2err(result);
+	}
+
+	asn1_delete_structure(&spk);
+
+	return 0;
+
+}
+
+
+/* Extracts DSA and RSA parameters from a certificate.
+ */
+int
+_gnutls_get_asn_mpis(asn1_node asn, const char *root,
+		     gnutls_pk_params_st * params)
+{
+	int result;
+	char name[256];
+	gnutls_datum_t tmp = { NULL, 0 };
+	gnutls_pk_algorithm_t pk_algorithm;
+	gnutls_ecc_curve_t curve;
+
+	gnutls_pk_params_init(params);
+
+	result = _gnutls_x509_get_pk_algorithm(asn, root, &curve, NULL);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	pk_algorithm = result;
+	params->curve = curve;
+	params->algo = pk_algorithm;
+
+	/* Read the algorithm's parameters
+	 */
+	_asnstr_append_name(name, sizeof(name), root,
+			    ".algorithm.parameters");
+
+	if (pk_algorithm != GNUTLS_PK_RSA &&
+	    pk_algorithm != GNUTLS_PK_EDDSA_ED25519 && pk_algorithm != GNUTLS_PK_ECDH_X25519 &&
+	    pk_algorithm != GNUTLS_PK_EDDSA_ED448 && pk_algorithm != GNUTLS_PK_ECDH_X448) {
+		/* RSA and EdDSA do not use parameters */
+		result = _gnutls_x509_read_value(asn, name, &tmp);
+		if (pk_algorithm == GNUTLS_PK_RSA_PSS && 
+		    (result == GNUTLS_E_ASN1_VALUE_NOT_FOUND || result == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND)) {
+			goto skip_params;
+		}
+		if (result < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		result =
+		     _gnutls_x509_read_pubkey_params(pk_algorithm,
+						     tmp.data, tmp.size,
+						     params);
+		if (result < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		_gnutls_free_datum(&tmp);
+	}
+
+ skip_params:
+	/* Now read the public key */
+	_asnstr_append_name(name, sizeof(name), root, ".subjectPublicKey");
+
+	result = _gnutls_x509_read_value(asn, name, &tmp);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if ((result =
+	     _gnutls_x509_read_pubkey(pk_algorithm, tmp.data, tmp.size,
+				      params)) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	result = _gnutls_x509_check_pubkey_params(params);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	result = 0;
+
+ error:
+	if (result < 0)
+		gnutls_pk_params_release(params);
+	_gnutls_free_datum(&tmp);
+	return result;
+}
+
+/* Extracts DSA and RSA parameters from a certificate.
+ */
+int
+_gnutls_x509_crt_get_mpis(gnutls_x509_crt_t cert,
+			  gnutls_pk_params_st * params)
+{
+	/* Read the algorithm's OID
+	 */
+	return _gnutls_get_asn_mpis(cert->cert,
+				    "tbsCertificate.subjectPublicKeyInfo",
+				    params);
+}
+
+/* Extracts DSA and RSA parameters from a certificate.
+ */
+int
+_gnutls_x509_crq_get_mpis(gnutls_x509_crq_t cert,
+			  gnutls_pk_params_st * params)
+{
+	/* Read the algorithm's OID
+	 */
+	return _gnutls_get_asn_mpis(cert->crq,
+				    "certificationRequestInfo.subjectPKInfo",
+				    params);
+}
+
+/*
+ * This function reads and decodes the parameters for DSS or RSA keys.
+ * This is the "signatureAlgorithm" fields.
+ */
+int
+_gnutls_x509_read_pkalgo_params(asn1_node src, const char *src_name,
+			      gnutls_x509_spki_st *spki, unsigned is_sig)
+{
+	int result;
+	char name[128];
+	char oid[MAX_OID_SIZE];
+	int oid_size;
+
+	memset(spki, 0, sizeof(*spki));
+
+	_gnutls_str_cpy(name, sizeof(name), src_name);
+	_gnutls_str_cat(name, sizeof(name), ".algorithm");
+
+	oid_size = sizeof(oid);
+	result = asn1_read_value(src, name, oid, &oid_size);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (strcmp (oid, PK_PKIX1_RSA_PSS_OID) == 0) {
+		gnutls_datum_t tmp = { NULL, 0 };
+
+		_gnutls_str_cpy(name, sizeof(name), src_name);
+		_gnutls_str_cat(name, sizeof(name), ".parameters");
+
+		result = _gnutls_x509_read_value(src, name, &tmp);
+		if (result < 0) {
+			if (!is_sig) {
+				if (result == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND ||
+				    result != GNUTLS_E_ASN1_VALUE_NOT_FOUND) {
+					/* it is ok to not have parameters in SPKI, but
+					 * not in signatures */
+					return 0;
+				}
+			}
+
+			return gnutls_assert_val(result);
+		}
+
+		result = _gnutls_x509_read_rsa_pss_params(tmp.data, tmp.size,
+							  spki);
+		_gnutls_free_datum(&tmp);
+
+		if (result < 0)
+			gnutls_assert();
+
+		return result;
+	}
+
+	return 0;
+}
+
+static int write_oid_and_params(asn1_node dst, const char *dst_name, const char *oid, gnutls_x509_spki_st *params)
+{
+	int result;
+	char name[128];
+
+	if (params == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	_gnutls_str_cpy(name, sizeof(name), dst_name);
+	_gnutls_str_cat(name, sizeof(name), ".algorithm");
+
+	/* write the OID.
+	 */
+	result = asn1_write_value(dst, name, oid, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	_gnutls_str_cpy(name, sizeof(name), dst_name);
+	_gnutls_str_cat(name, sizeof(name), ".parameters");
+
+	if (params->pk == GNUTLS_PK_RSA)
+		result =
+		    asn1_write_value(dst, name, ASN1_NULL, ASN1_NULL_SIZE);
+	else if (params->pk == GNUTLS_PK_RSA_PSS) {
+		gnutls_datum_t tmp = { NULL, 0 };
+
+		result = _gnutls_x509_write_rsa_pss_params(params, &tmp);
+		if (result < 0)
+			return gnutls_assert_val(result);
+
+		result = asn1_write_value(dst, name, tmp.data, tmp.size);
+		_gnutls_free_datum(&tmp);
+	} else
+		result = asn1_write_value(dst, name, NULL, 0);
+
+	if (result != ASN1_SUCCESS && result != ASN1_ELEMENT_NOT_FOUND) {
+		/* Here we ignore the element not found error, since this
+		 * may have been disabled before.
+		 */
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+int
+_gnutls_x509_write_spki_params(asn1_node dst, const char *dst_name,
+			       gnutls_x509_spki_st *params)
+{
+	const char *oid;
+
+	if (params->legacy && params->pk == GNUTLS_PK_RSA)
+		oid = PK_PKIX1_RSA_OID;
+	else if (params->pk == GNUTLS_PK_RSA_PSS)
+		oid = PK_PKIX1_RSA_PSS_OID;
+	else
+		oid = gnutls_pk_get_oid(params->pk);
+
+	if (oid == NULL) {
+		gnutls_assert();
+		_gnutls_debug_log
+		    ("Cannot find OID for public key algorithm %s\n",
+		     gnutls_pk_get_name(params->pk));
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return write_oid_and_params(dst, dst_name, oid, params);
+}
+
+int
+_gnutls_x509_write_sign_params(asn1_node dst, const char *dst_name,
+			       const gnutls_sign_entry_st *se, gnutls_x509_spki_st *params)
+{
+	const char *oid;
+
+	if (params->legacy && params->pk == GNUTLS_PK_RSA)
+		oid = PK_PKIX1_RSA_OID;
+	else if (params->pk == GNUTLS_PK_RSA_PSS)
+		oid = PK_PKIX1_RSA_PSS_OID;
+	else
+		oid = se->oid;
+
+	if (oid == NULL) {
+		gnutls_assert();
+		_gnutls_debug_log
+		    ("Cannot find OID for sign algorithm %s\n",
+		     se->name);
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return write_oid_and_params(dst, dst_name, oid, params);
+}
+
+/* this function reads a (small) unsigned integer
+ * from asn1 structs. Combines the read and the conversion
+ * steps.
+ */
+int
+_gnutls_x509_read_uint(asn1_node node, const char *value,
+		       unsigned int *ret)
+{
+	int len, result;
+	uint8_t *tmpstr;
+
+	len = 0;
+	result = asn1_read_value(node, value, NULL, &len);
+	if (result != ASN1_MEM_ERROR) {
+		return _gnutls_asn2err(result);
+	}
+
+	tmpstr = gnutls_malloc(len);
+	if (tmpstr == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	result = asn1_read_value(node, value, tmpstr, &len);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(tmpstr);
+		return _gnutls_asn2err(result);
+	}
+
+	if (len == 1)
+		*ret = tmpstr[0];
+	else if (len == 2)
+		*ret = _gnutls_read_uint16(tmpstr);
+	else if (len == 3)
+		*ret = _gnutls_read_uint24(tmpstr);
+	else if (len == 4)
+		*ret = _gnutls_read_uint32(tmpstr);
+	else {
+		gnutls_assert();
+		gnutls_free(tmpstr);
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	gnutls_free(tmpstr);
+
+	return 0;
+}
+
+/* Writes the specified integer into the specified node.
+ */
+int
+_gnutls_x509_write_uint32(asn1_node node, const char *value, uint32_t num)
+{
+	uint8_t tmpstr[5];
+	int result;
+
+	tmpstr[0] = 0;
+	_gnutls_write_uint32(num, tmpstr+1);
+
+	if (tmpstr[1] > SCHAR_MAX) {
+		result = asn1_write_value(node, value, tmpstr, 5);
+	} else {
+		result = asn1_write_value(node, value, tmpstr+1, 4);
+	}
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
diff --git a/lib/x509/name_constraints.c b/lib/x509/name_constraints.c
new file mode 100644
index 0000000..ba37674
--- /dev/null
+++ b/lib/x509/name_constraints.c
@@ -0,0 +1,1404 @@
+/*
+ * Copyright (C) 2014-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Authors: Nikos Mavrogiannopoulos, Daiki Ueno, Martin Ukrop
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions on X.509 Certificate parsing
+ */
+
+#include "gnutls_int.h"
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <x509.h>
+#include <gnutls/x509-ext.h>
+#include <x509_b64.h>
+#include <x509_int.h>
+#include <libtasn1.h>
+
+#include "ip.h"
+#include "ip-in-cidr.h"
+
+// for documentation see the implementation
+static int name_constraints_intersect_nodes(name_constraints_node_st * nc1,
+					    name_constraints_node_st * nc2,
+					    name_constraints_node_st ** intersection);
+
+/*-
+ * is_nc_empty:
+ * @nc: name constraints structure
+ * @type: type (gnutls_x509_subject_alt_name_t)
+ *
+ * Test whether given name constraints structure has any constraints (permitted
+ * or excluded) of a given type. @nc must be allocated (not NULL) before the call.
+ *
+ * Returns: 0 if @nc contains constraints of type @type, 1 otherwise
+ -*/
+static unsigned is_nc_empty(struct gnutls_name_constraints_st* nc, unsigned type)
+{
+	name_constraints_node_st *t;
+
+	if (nc->permitted == NULL && nc->excluded == NULL)
+		return 1;
+
+	t = nc->permitted;
+	while (t != NULL) {
+		if (t->type == type)
+			return 0;
+		t = t->next;
+	}
+
+	t = nc->excluded;
+	while (t != NULL) {
+		if (t->type == type)
+			return 0;
+		t = t->next;
+	}
+
+	/* no constraint for that type exists */
+	return 1;
+}
+
+/*-
+ * validate_name_constraints_node:
+ * @type: type of name constraints
+ * @name: datum of name constraint
+ *
+ * Check the validity of given name constraints node (@type and @name).
+ * The supported types are GNUTLS_SAN_DNSNAME, GNUTLS_SAN_RFC822NAME,
+ * GNUTLS_SAN_DN, GNUTLS_SAN_URI and GNUTLS_SAN_IPADDRESS.
+ *
+ * CIDR ranges are checked for correct length (IPv4/IPv6) and correct mask format.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ -*/
+static int validate_name_constraints_node(gnutls_x509_subject_alt_name_t type,
+					  const gnutls_datum_t* name)
+{
+	if (type != GNUTLS_SAN_DNSNAME && type != GNUTLS_SAN_RFC822NAME &&
+		type != GNUTLS_SAN_DN && type != GNUTLS_SAN_URI &&
+		type != GNUTLS_SAN_IPADDRESS && 
+		type != GNUTLS_SAN_OTHERNAME_MSUSERPRINCIPAL) {
+		return gnutls_assert_val(GNUTLS_E_X509_UNKNOWN_SAN);
+	}
+
+	if (type == GNUTLS_SAN_IPADDRESS) {
+		if (name->size != 8 && name->size != 32)
+			return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+		int prefix = _gnutls_mask_to_prefix(name->data + name->size/2, name->size/2);
+		if (prefix < 0)
+			return gnutls_assert_val(GNUTLS_E_MALFORMED_CIDR);
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+int _gnutls_extract_name_constraints(asn1_node c2, const char *vstr,
+									 name_constraints_node_st ** _nc)
+{
+	int ret;
+	char tmpstr[128];
+	unsigned indx;
+	gnutls_datum_t tmp = { NULL, 0 };
+	unsigned int type;
+	struct name_constraints_node_st *nc, *prev;
+
+	prev = *_nc;
+	if (prev != NULL) {
+		while(prev->next != NULL)
+			prev = prev->next;
+	}
+
+	for (indx=1;;indx++) {
+		snprintf(tmpstr, sizeof(tmpstr), "%s.?%u.base", vstr, indx);
+
+		ret =
+		    _gnutls_parse_general_name2(c2, tmpstr, -1, &tmp, &type, 0);
+
+		if (ret < 0) {
+			gnutls_assert();
+			break;
+		}
+
+		if (type == GNUTLS_SAN_OTHERNAME) {
+			gnutls_datum_t oid = { NULL, 0 };
+                        gnutls_datum_t parsed_othername = { NULL, 0 };
+                        ret = _gnutls_parse_general_name2(c2, tmpstr, -1, &oid, &type, 1);
+                        if(ret < 0) {
+                                gnutls_assert();
+                                goto cleanup;
+                        }
+
+                        ret = gnutls_x509_othername_to_virtual((char*)oid.data, &tmp, &type,
+                                &parsed_othername);
+                        if(ret < 0) {
+                                gnutls_assert();
+                                goto cleanup;
+                        }
+
+			gnutls_free(oid.data);
+			gnutls_free(tmp.data);
+
+                        memcpy(&tmp, &parsed_othername, sizeof(gnutls_datum_t));
+		}
+
+		ret = validate_name_constraints_node(type, &tmp);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		nc = gnutls_malloc(sizeof(struct name_constraints_node_st));
+		if (nc == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto cleanup;
+		}
+
+		memcpy(&nc->name, &tmp, sizeof(gnutls_datum_t));
+		nc->type = type;
+		nc->next = NULL;
+
+		if (prev == NULL) {
+			*_nc = prev = nc;
+		} else {
+			prev->next = nc;
+			prev = nc;
+		}
+
+		tmp.data = NULL;
+	}
+
+	assert(ret < 0);
+	if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_free(tmp.data);
+	return ret;
+}
+
+/*-
+ * _gnutls_name_constraints_node_free:
+ * @node: name constraints node
+ *
+ * Deallocate a list of name constraints nodes starting at the given node.
+ -*/
+void _gnutls_name_constraints_node_free(name_constraints_node_st *node)
+{
+	name_constraints_node_st *next, *t;
+
+	t = node;
+	while (t != NULL) {
+		next = t->next;
+		gnutls_free(t->name.data);
+		gnutls_free(t);
+		t = next;
+	}
+}
+
+/*-
+ * name_constraints_node_new:
+ * @type: name constraints type to set (gnutls_x509_subject_alt_name_t)
+ * @data: name.data to set or NULL
+ * @size: name.size to set
+ *
+ * Allocate a new name constraints node and set its type, name size and name data.
+ * If @data is set to NULL, name data will be an array of \x00 (the length of @size).
+ * The .next pointer is set to NULL.
+ *
+ * Returns: Pointer to newly allocated node or NULL in case of memory error.
+ -*/
+static name_constraints_node_st* name_constraints_node_new(unsigned type,
+							   unsigned char *data,
+							   unsigned int size)
+{
+	name_constraints_node_st *tmp = gnutls_malloc(sizeof(struct name_constraints_node_st));
+	if (tmp == NULL)
+		return NULL;
+	tmp->type = type;
+	tmp->next = NULL;
+	tmp->name.size = size;
+	tmp->name.data = NULL;
+	if (tmp->name.size > 0) {
+
+		tmp->name.data = gnutls_malloc(tmp->name.size);
+		if (tmp->name.data == NULL) {
+			gnutls_free(tmp);
+			return NULL;
+		}
+		if (data != NULL) {
+			memcpy(tmp->name.data, data, size);
+		} else {
+			memset(tmp->name.data, 0, size);
+		}
+	}
+	return tmp;
+}
+
+/*-
+ * @brief _gnutls_name_constraints_intersect:
+ * @_nc: first name constraints list (permitted)
+ * @_nc2: name constraints list to merge with (permitted)
+ * @_nc_excluded: Corresponding excluded name constraints list
+ *
+ * This function finds the intersection of @_nc and @_nc2. The result is placed in @_nc,
+ * the original @_nc is deallocated. @_nc2 is not changed. If necessary, a universal
+ * excluded name constraint node of the right type is added to the list provided
+ * in @_nc_excluded.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ -*/
+static
+int _gnutls_name_constraints_intersect(name_constraints_node_st ** _nc,
+				       name_constraints_node_st * _nc2,
+				       name_constraints_node_st ** _nc_excluded)
+{
+	name_constraints_node_st *nc, *nc2, *t, *tmp, *dest = NULL, *prev = NULL;
+	int ret, type, used;
+
+	/* temporary array to see, if we need to add universal excluded constraints
+	 * (see phase 3 for details)
+	 * indexed directly by (gnutls_x509_subject_alt_name_t enum - 1) */
+	unsigned char types_with_empty_intersection[GNUTLS_SAN_MAX];
+	memset(types_with_empty_intersection, 0, sizeof(types_with_empty_intersection));
+
+	if (*_nc == NULL || _nc2 == NULL)
+		return 0;
+
+	/* Phase 1
+	 * For each name in _NC, if a _NC2 does not contain a name
+	 * with the same type, preserve the original name.
+	 * Do this also for node of unknown type (not DNS, email, IP */
+	t = nc = *_nc;
+	while (t != NULL) {
+		name_constraints_node_st *next = t->next;
+		nc2 = _nc2;
+		while (nc2 != NULL) {
+			if (t->type == nc2->type) {
+				// check bounds (we will use 't->type' as index)
+				if (t->type > GNUTLS_SAN_MAX || t->type == 0)
+					return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+				// note the possibility of empty intersection for this type
+				// if we add something to the intersection in phase 2,
+				// we will reset this flag back to 0 then
+				types_with_empty_intersection[t->type - 1] = 1;
+				break;
+			}
+			nc2 = nc2->next;
+		}
+		if (nc2 == NULL ||
+			(t->type != GNUTLS_SAN_DNSNAME &&
+			 t->type != GNUTLS_SAN_RFC822NAME &&
+			 t->type != GNUTLS_SAN_IPADDRESS)
+		   ) {
+			/* move node from NC to DEST */
+			if (prev != NULL)
+				prev->next = next;
+			else
+				prev = nc = next;
+			t->next = dest;
+			dest = t;
+		} else {
+			prev = t;
+		}
+		t = next;
+	}
+
+	/* Phase 2
+	 * iterate through all combinations from nc2 and nc1
+	 * and create intersections of nodes with same type */
+	nc2 = _nc2;
+	while (nc2 != NULL) {
+		// current nc2 node has not yet been used for any intersection
+		// (and is not in DEST either)
+		used = 0;
+		t = nc;
+		while (t != NULL) {
+			// save intersection of name constraints into tmp
+			ret = name_constraints_intersect_nodes(t, nc2, &tmp);
+			if (ret < 0) return gnutls_assert_val(ret);
+			used = 1;
+			// if intersection is not empty
+			if (tmp != NULL) { // intersection for this type is not empty
+				// check bounds
+				if (tmp->type > GNUTLS_SAN_MAX || tmp->type == 0) {
+					gnutls_free(tmp);
+					return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+				}
+				// we will not add universal excluded constraint for this type
+				types_with_empty_intersection[tmp->type - 1] = 0;
+				// add intersection node to DEST
+				tmp->next = dest;
+				dest = tmp;
+			}
+			t = t->next;
+		}
+		// if the node from nc2 was not used for intersection, copy it to DEST
+		// Beware: also copies nodes other than DNS, email, IP,
+		//	 since their counterpart may have been moved in phase 1.
+		if (!used) {
+			tmp = name_constraints_node_new(nc2->type, nc2->name.data, nc2->name.size);
+			if (tmp == NULL) {
+				_gnutls_name_constraints_node_free(dest);
+				return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+			}
+			tmp->next = dest;
+			dest = tmp;
+		}
+		nc2 = nc2->next;
+	}
+
+	/* replace the original with the new */
+	_gnutls_name_constraints_node_free(nc);
+	*_nc = dest;
+
+	/* Phase 3
+	 * For each type: If we have empty permitted name constraints now
+	 * and we didn't have at the beginning, we have to add a new
+	 * excluded constraint with universal wildcard
+	 * (since the intersection of permitted is now empty). */
+	for (type = 1; type <= GNUTLS_SAN_MAX; type++) {
+		if (types_with_empty_intersection[type-1] == 0)
+			continue;
+		_gnutls_hard_log("Adding universal excluded name constraint for type %d.\n", type);
+		switch (type) {
+			case GNUTLS_SAN_IPADDRESS:
+				// add universal restricted range for IPv4
+				tmp = name_constraints_node_new(GNUTLS_SAN_IPADDRESS, NULL, 8);
+				if (tmp == NULL) {
+					_gnutls_name_constraints_node_free(dest);
+					return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				}
+				tmp->next = *_nc_excluded;
+				*_nc_excluded = tmp;
+				// add universal restricted range for IPv6
+				tmp = name_constraints_node_new(GNUTLS_SAN_IPADDRESS, NULL, 32);
+				if (tmp == NULL) {
+					_gnutls_name_constraints_node_free(dest);
+					return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				}
+				tmp->next = *_nc_excluded;
+				*_nc_excluded = tmp;
+				break;
+			case GNUTLS_SAN_DNSNAME:
+			case GNUTLS_SAN_RFC822NAME:
+				tmp = name_constraints_node_new(type, NULL, 0);
+				if (tmp == NULL) {
+					_gnutls_name_constraints_node_free(dest);
+					return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				}
+				tmp->next = *_nc_excluded;
+				*_nc_excluded = tmp;
+				break;
+			default: // do nothing, at least one node was already moved in phase 1
+				break;
+		}
+	}
+	return GNUTLS_E_SUCCESS;
+}
+
+static int _gnutls_name_constraints_append(name_constraints_node_st **_nc,
+										   name_constraints_node_st *_nc2)
+{
+	name_constraints_node_st *nc, *nc2;
+	struct name_constraints_node_st *tmp;
+
+	if (_nc2 == NULL)
+		return 0;
+
+	nc2 = _nc2;
+	while (nc2) {
+		nc = *_nc;
+
+		tmp = name_constraints_node_new(nc2->type, nc2->name.data, nc2->name.size);
+		if (tmp == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		tmp->next = nc;
+		*_nc = tmp;
+
+		nc2 = nc2->next;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_get_name_constraints:
+ * @crt: should contain a #gnutls_x509_crt_t type
+ * @nc: The nameconstraints intermediate type
+ * @flags: zero or %GNUTLS_EXT_FLAG_APPEND
+ * @critical: the extension status
+ *
+ * This function will return an intermediate type containing
+ * the name constraints of the provided CA certificate. That
+ * structure can be used in combination with gnutls_x509_name_constraints_check()
+ * to verify whether a server's name is in accordance with the constraints.
+ *
+ * When the @flags is set to %GNUTLS_EXT_FLAG_APPEND,
+ * then if the @nc structure is empty this function will behave
+ * identically as if the flag was not set.
+ * Otherwise if there are elements in the @nc structure then the
+ * constraints will be merged with the existing constraints following
+ * RFC5280 p6.1.4 (excluded constraints will be appended, permitted
+ * will be intersected).
+ *
+ * Note that @nc must be initialized prior to calling this function.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the extension is not present, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_crt_get_name_constraints(gnutls_x509_crt_t crt,
+					 gnutls_x509_name_constraints_t nc,
+					 unsigned int flags,
+					 unsigned int *critical)
+{
+	int ret;
+	gnutls_datum_t der = { NULL, 0 };
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret =
+	    _gnutls_x509_crt_get_extension(crt, "2.5.29.30", 0, &der,
+					   critical);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (der.size == 0 || der.data == NULL)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	ret = gnutls_x509_ext_import_name_constraints(&der, nc, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+ cleanup:
+	_gnutls_free_datum(&der);
+
+	return ret;
+
+}
+
+/**
+ * gnutls_x509_name_constraints_deinit:
+ * @nc: The nameconstraints
+ *
+ * This function will deinitialize a name constraints type.
+ *
+ * Since: 3.3.0
+ **/
+void gnutls_x509_name_constraints_deinit(gnutls_x509_name_constraints_t nc)
+{
+	_gnutls_name_constraints_node_free(nc->permitted);
+	_gnutls_name_constraints_node_free(nc->excluded);
+
+	gnutls_free(nc);
+}
+
+/**
+ * gnutls_x509_name_constraints_init:
+ * @nc: The nameconstraints
+ *
+ * This function will initialize a name constraints type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_name_constraints_init(gnutls_x509_name_constraints_t *nc)
+{
+	*nc = gnutls_calloc(1, sizeof(struct gnutls_name_constraints_st));
+	if (*nc == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+static
+int name_constraints_add(gnutls_x509_name_constraints_t nc,
+			 gnutls_x509_subject_alt_name_t type,
+			 const gnutls_datum_t * name,
+			 unsigned permitted)
+{
+	struct name_constraints_node_st * tmp, *prev = NULL;
+	int ret;
+
+	ret = validate_name_constraints_node(type, name);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (permitted != 0)
+		prev = tmp = nc->permitted;
+	else
+		prev = tmp = nc->excluded;
+
+	while(tmp != NULL) {
+		tmp = tmp->next;
+		if (tmp != NULL)
+			prev = tmp;
+	}
+
+	tmp = name_constraints_node_new(type, name->data, name->size);
+	if (tmp == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	tmp->next = NULL;
+
+	if (prev == NULL) {
+		if (permitted != 0)
+			nc->permitted = tmp;
+		else
+			nc->excluded = tmp;
+	} else
+		prev->next = tmp;
+
+	return 0;
+}
+
+/*-
+ * _gnutls_x509_name_constraints_merge:
+ * @nc: The nameconstraints
+ * @nc2: The name constraints to be merged with
+ *
+ * This function will merge the provided name constraints structures
+ * as per RFC5280 p6.1.4. That is, the excluded constraints will be appended,
+ * and permitted will be intersected. The intersection assumes that @nc
+ * is the root CA constraints.
+ *
+ * The merged constraints will be placed in @nc.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.5.0
+ -*/
+int _gnutls_x509_name_constraints_merge(gnutls_x509_name_constraints_t nc,
+					gnutls_x509_name_constraints_t nc2)
+{
+	int ret;
+
+	ret =
+	    _gnutls_name_constraints_intersect(&nc->permitted,
+						   nc2->permitted, &nc->excluded);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_name_constraints_append(&nc->excluded,
+					    nc2->excluded);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_name_constraints_add_permitted:
+ * @nc: The nameconstraints
+ * @type: The type of the constraints
+ * @name: The data of the constraints
+ *
+ * This function will add a name constraint to the list of permitted
+ * constraints. The constraints @type can be any of the following types:
+ * %GNUTLS_SAN_DNSNAME, %GNUTLS_SAN_RFC822NAME, %GNUTLS_SAN_DN,
+ * %GNUTLS_SAN_URI, %GNUTLS_SAN_IPADDRESS. For the latter, an IP address
+ * in network byte order is expected, followed by its network mask.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_name_constraints_add_permitted(gnutls_x509_name_constraints_t nc,
+					       gnutls_x509_subject_alt_name_t type,
+					       const gnutls_datum_t * name)
+{
+	return name_constraints_add(nc, type, name, 1);
+}
+
+/**
+ * gnutls_x509_name_constraints_add_excluded:
+ * @nc: The nameconstraints
+ * @type: The type of the constraints
+ * @name: The data of the constraints
+ *
+ * This function will add a name constraint to the list of excluded
+ * constraints. The constraints @type can be any of the following types:
+ * %GNUTLS_SAN_DNSNAME, %GNUTLS_SAN_RFC822NAME, %GNUTLS_SAN_DN,
+ * %GNUTLS_SAN_URI, %GNUTLS_SAN_IPADDRESS. For the latter, an IP address
+ * in network byte order is expected, followed by its network mask (which is
+ * 4 bytes in IPv4 or 16-bytes in IPv6).
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_name_constraints_add_excluded(gnutls_x509_name_constraints_t nc,
+					      gnutls_x509_subject_alt_name_t type,
+					      const gnutls_datum_t * name)
+{
+	return name_constraints_add(nc, type, name, 0);
+}
+
+/**
+ * gnutls_x509_crt_set_name_constraints:
+ * @crt: The certificate
+ * @nc: The nameconstraints structure
+ * @critical: whether this extension will be critical
+ *
+ * This function will set the provided name constraints to
+ * the certificate extension list. This extension is always
+ * marked as critical.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_crt_set_name_constraints(gnutls_x509_crt_t crt, 
+					 gnutls_x509_name_constraints_t nc,
+					 unsigned int critical)
+{
+int ret;
+gnutls_datum_t der;
+
+	ret = gnutls_x509_ext_export_name_constraints(nc, &der);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret =
+	    _gnutls_x509_crt_set_extension(crt, "2.5.29.30", &der, critical);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+	crt->use_extensions = 1;
+
+cleanup:
+	_gnutls_free_datum(&der);
+	return ret;
+}
+
+static
+unsigned ends_with(const gnutls_datum_t * str, const gnutls_datum_t * suffix)
+{
+	unsigned char *tree;
+	unsigned int treelen;
+
+	if (suffix->size >= str->size)
+		return 0;
+
+	tree = suffix->data;
+	treelen = suffix->size;
+	if((treelen > 0) && (tree[0] == '.')) {
+		tree++;
+		treelen--;
+	}
+
+	if (memcmp(str->data + str->size - treelen, tree, treelen) == 0 &&
+		str->data[str->size - treelen -1] == '.')
+		return 1; /* match */
+
+	return 0;
+}
+
+static
+unsigned email_ends_with(const gnutls_datum_t * str, const gnutls_datum_t * suffix)
+{
+	if (suffix->size >= str->size)
+		return 0;
+
+	if (suffix->size > 1 && suffix->data[0] == '.') {
+		/* .domain.com */
+		if (memcmp(str->data + str->size - suffix->size, suffix->data, suffix->size) == 0)
+			return 1; /* match */
+	} else {
+		if (memcmp(str->data + str->size - suffix->size, suffix->data, suffix->size) == 0 &&
+			str->data[str->size - suffix->size -1] == '@')
+			return 1; /* match */
+	}
+
+	return 0;
+}
+
+static unsigned dnsname_matches(const gnutls_datum_t *name, const gnutls_datum_t *suffix)
+{
+	_gnutls_hard_log("matching %.*s with DNS constraint %.*s\n", name->size, name->data,
+		suffix->size, suffix->data);
+
+	if (suffix->size == name->size && memcmp(suffix->data, name->data, suffix->size) == 0)
+		return 1; /* match */
+
+	return ends_with(name, suffix);
+}
+
+static unsigned email_matches(const gnutls_datum_t *name, const gnutls_datum_t *suffix)
+{
+	_gnutls_hard_log("matching %.*s with e-mail constraint %.*s\n", name->size, name->data,
+		suffix->size, suffix->data);
+
+	if (suffix->size == name->size && memcmp(suffix->data, name->data, suffix->size) == 0)
+		return 1; /* match */
+
+	return email_ends_with(name, suffix);
+}
+
+/*-
+ * name_constraints_intersect_nodes:
+ * @nc1: name constraints node 1
+ * @nc2: name constraints node 2
+ * @_intersection: newly allocated node with intersected constraints,
+ *		 NULL if the intersection is empty
+ *
+ * Inspect 2 name constraints nodes (of possibly different types) and allocate
+ * a new node with intersection of given constraints.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ -*/
+static int
+name_constraints_intersect_nodes(name_constraints_node_st * nc1,
+				 name_constraints_node_st * nc2,
+				 name_constraints_node_st ** _intersection)
+{
+	// presume empty intersection
+	name_constraints_node_st *intersection = NULL;
+	name_constraints_node_st *to_copy = NULL;
+	unsigned iplength = 0;
+	unsigned byte;
+
+	*_intersection = NULL;
+
+	if (nc1->type != nc2->type) {
+		return GNUTLS_E_SUCCESS;
+	}
+	switch (nc1->type) {
+	case GNUTLS_SAN_DNSNAME:
+		if (!dnsname_matches(&nc2->name, &nc1->name))
+			return GNUTLS_E_SUCCESS;
+		to_copy = nc2;
+		break;
+	case GNUTLS_SAN_RFC822NAME:
+		if (!email_matches(&nc2->name, &nc1->name))
+			return GNUTLS_E_SUCCESS;
+		to_copy = nc2;
+		break;
+	case GNUTLS_SAN_IPADDRESS:
+		if (nc1->name.size != nc2->name.size)
+			return GNUTLS_E_SUCCESS;
+		iplength = nc1->name.size/2;
+		for (byte = 0; byte < iplength; byte++) {
+			if (((nc1->name.data[byte]^nc2->name.data[byte]) // XOR of addresses
+				 & nc1->name.data[byte+iplength]  // AND mask from nc1
+				 & nc2->name.data[byte+iplength]) // AND mask from nc2
+				 != 0) {
+				// CIDRS do not intersect
+				return GNUTLS_E_SUCCESS;
+			}
+		}
+		to_copy = nc2;
+		break;
+	default:
+		// for other types, we don't know how to do the intersection, assume empty
+		return GNUTLS_E_SUCCESS;
+	}
+
+	// copy existing node if applicable
+	if (to_copy != NULL) {
+		*_intersection = name_constraints_node_new(to_copy->type, to_copy->name.data, to_copy->name.size);
+		if (*_intersection == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		intersection = *_intersection;
+
+		assert(intersection->name.data != NULL);
+
+		if (intersection->type == GNUTLS_SAN_IPADDRESS) {
+			// make sure both IP addresses are correctly masked
+			_gnutls_mask_ip(intersection->name.data, intersection->name.data+iplength, iplength);
+			_gnutls_mask_ip(nc1->name.data, nc1->name.data+iplength, iplength);
+			// update intersection, if necessary (we already know one is subset of other)
+			for (byte = 0; byte < 2 * iplength; byte++) {
+				intersection->name.data[byte] |= nc1->name.data[byte];
+			}
+		}
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/*
+ * Returns: true if the certification is acceptable, and false otherwise.
+ */
+static
+unsigned check_unsupported_constraint(gnutls_x509_name_constraints_t nc,
+									  gnutls_x509_subject_alt_name_t type)
+{
+unsigned i;
+int ret;
+unsigned rtype;
+gnutls_datum_t rname;
+
+	/* check if there is a restrictions with that type, if
+	 * yes, then reject the name.
+	 */
+	i = 0;
+	do {
+		ret = gnutls_x509_name_constraints_get_excluded(nc, i++, &rtype, &rname);
+		if (ret >= 0) {
+			if (rtype != type)
+				continue;
+			else
+				return gnutls_assert_val(0);
+		}
+
+	} while(ret == 0);
+
+	return 1;
+}
+
+static
+unsigned check_dns_constraints(gnutls_x509_name_constraints_t nc,
+							   const gnutls_datum_t * name)
+{
+unsigned i;
+int ret;
+unsigned rtype;
+unsigned allowed_found = 0;
+gnutls_datum_t rname;
+
+	/* check restrictions */
+	i = 0;
+	do {
+		ret = gnutls_x509_name_constraints_get_excluded(nc, i++, &rtype, &rname);
+		if (ret >= 0) {
+			if (rtype != GNUTLS_SAN_DNSNAME)
+				continue;
+
+			/* a name of value 0 means that the CA shouldn't have issued
+			 * a certificate with a DNSNAME. */
+			if (rname.size == 0)
+				return gnutls_assert_val(0);
+
+			if (dnsname_matches(name, &rname) != 0)
+				return gnutls_assert_val(0); /* rejected */
+		}
+	} while(ret == 0);
+
+	/* check allowed */
+	i = 0;
+	do {
+		ret = gnutls_x509_name_constraints_get_permitted(nc, i++, &rtype, &rname);
+		if (ret >= 0) {
+			if (rtype != GNUTLS_SAN_DNSNAME)
+				continue;
+
+			if (rname.size == 0)
+				continue;
+
+			allowed_found = 1;
+
+			if (dnsname_matches(name, &rname) != 0)
+				return 1; /* accepted */
+		}
+	} while(ret == 0);
+
+	if (allowed_found != 0) /* there are allowed directives but this host wasn't found */
+		return gnutls_assert_val(0);
+
+	return 1;
+}
+
+static
+unsigned check_email_constraints(gnutls_x509_name_constraints_t nc,
+								 const gnutls_datum_t * name)
+{
+unsigned i;
+int ret;
+unsigned rtype;
+unsigned allowed_found = 0;
+gnutls_datum_t rname;
+
+	/* check restrictions */
+	i = 0;
+	do {
+		ret = gnutls_x509_name_constraints_get_excluded(nc, i++, &rtype, &rname);
+		if (ret >= 0) {
+			if (rtype != GNUTLS_SAN_RFC822NAME)
+				continue;
+
+			/* a name of value 0 means that the CA shouldn't have issued
+			 * a certificate with an e-mail. */
+			if (rname.size == 0)
+				return gnutls_assert_val(0);
+
+			if (email_matches(name, &rname) != 0)
+				return gnutls_assert_val(0); /* rejected */
+		}
+	} while(ret == 0);
+
+	/* check allowed */
+	i = 0;
+	do {
+		ret = gnutls_x509_name_constraints_get_permitted(nc, i++, &rtype, &rname);
+		if (ret >= 0) {
+			if (rtype != GNUTLS_SAN_RFC822NAME)
+				continue;
+
+			if (rname.size == 0)
+				continue;
+
+			allowed_found = 1;
+
+			if (email_matches(name, &rname) != 0)
+				return 1; /* accepted */
+		}
+	} while(ret == 0);
+
+	if (allowed_found != 0) /* there are allowed directives but this host wasn't found */
+		return gnutls_assert_val(0);
+
+	return 1;
+}
+
+static
+unsigned check_ip_constraints(gnutls_x509_name_constraints_t nc,
+							  const gnutls_datum_t * name)
+{
+	unsigned i;
+	int ret;
+	unsigned rtype;
+	unsigned allowed_found = 0;
+	gnutls_datum_t rname;
+
+	/* check restrictions */
+	i = 0;
+	do {
+		ret = gnutls_x509_name_constraints_get_excluded(nc, i++, &rtype, &rname);
+		if (ret >= 0) {
+			if (rtype != GNUTLS_SAN_IPADDRESS)
+				continue;
+
+			/* do not check IPv4 against IPv6 constraints and vice versa */
+			if (name->size != rname.size / 2)
+				continue;
+
+			if (ip_in_cidr(name, &rname) != 0)
+				return gnutls_assert_val(0); /* rejected */
+		}
+	} while(ret == 0);
+
+	/* check allowed */
+	i = 0;
+	do {
+		ret = gnutls_x509_name_constraints_get_permitted(nc, i++, &rtype, &rname);
+		if (ret >= 0) {
+			if (rtype != GNUTLS_SAN_IPADDRESS)
+				continue;
+
+			/* do not check IPv4 against IPv6 constraints and vice versa */
+			if (name->size != rname.size / 2)
+				continue;
+
+			allowed_found = 1;
+
+			if (ip_in_cidr(name, &rname) != 0)
+				return 1; /* accepted */
+		}
+	} while(ret == 0);
+
+	if (allowed_found != 0) /* there are allowed directives but this host wasn't found */
+		return gnutls_assert_val(0);
+
+	return 1;
+}
+
+/**
+ * gnutls_x509_name_constraints_check:
+ * @nc: the extracted name constraints
+ * @type: the type of the constraint to check (of type gnutls_x509_subject_alt_name_t)
+ * @name: the name to be checked
+ *
+ * This function will check the provided name against the constraints in
+ * @nc using the RFC5280 rules. Currently this function is limited to DNS
+ * names, emails and IP addresses (of type %GNUTLS_SAN_DNSNAME,
+ * %GNUTLS_SAN_RFC822NAME and %GNUTLS_SAN_IPADDRESS).
+ *
+ * Returns: zero if the provided name is not acceptable, and non-zero otherwise.
+ *
+ * Since: 3.3.0
+ **/
+unsigned gnutls_x509_name_constraints_check(gnutls_x509_name_constraints_t nc,
+					    gnutls_x509_subject_alt_name_t type,
+					    const gnutls_datum_t * name)
+{
+	if (type == GNUTLS_SAN_DNSNAME)
+		return check_dns_constraints(nc, name);
+
+	if (type == GNUTLS_SAN_RFC822NAME)
+		return check_email_constraints(nc, name);
+
+	if (type == GNUTLS_SAN_IPADDRESS)
+		return check_ip_constraints(nc, name);
+
+	return check_unsupported_constraint(nc, type);
+}
+
+/* This function checks for unsupported constraints, that we also
+ * know their structure. That is it will fail only if the constraint
+ * is present in the CA, _and_ the name in the end certificate contains
+ * the constrained element.
+ *
+ * Returns: true if the certification is acceptable, and false otherwise
+ */
+static unsigned check_unsupported_constraint2(gnutls_x509_crt_t cert, 
+					      gnutls_x509_name_constraints_t nc,
+					      gnutls_x509_subject_alt_name_t type)
+{
+	unsigned idx, found_one;
+	char name[MAX_CN];
+	size_t name_size;
+	unsigned san_type;
+	int ret;
+
+	found_one = 0;
+
+	for (idx=0;;idx++) {
+		name_size = sizeof(name);
+		ret = gnutls_x509_crt_get_subject_alt_name2(cert,
+			idx, name, &name_size, &san_type, NULL);
+		if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+			break;
+		else if (ret < 0)
+			return gnutls_assert_val(0);
+
+		if (san_type != GNUTLS_SAN_URI)
+			continue;
+
+		found_one = 1;
+		break;
+	}
+
+	if (found_one != 0)
+		return check_unsupported_constraint(nc, type);
+
+	/* no name was found in the certificate, so accept */
+	return 1;
+}
+
+/**
+ * gnutls_x509_name_constraints_check_crt:
+ * @nc: the extracted name constraints
+ * @type: the type of the constraint to check (of type gnutls_x509_subject_alt_name_t)
+ * @cert: the certificate to be checked
+ *
+ * This function will check the provided certificate names against the constraints in
+ * @nc using the RFC5280 rules. It will traverse all the certificate's names and
+ * alternative names.
+ *
+ * Currently this function is limited to DNS
+ * names and emails (of type %GNUTLS_SAN_DNSNAME and %GNUTLS_SAN_RFC822NAME).
+ *
+ * Returns: zero if the provided name is not acceptable, and non-zero otherwise.
+ *
+ * Since: 3.3.0
+ **/
+unsigned gnutls_x509_name_constraints_check_crt(gnutls_x509_name_constraints_t nc,
+						gnutls_x509_subject_alt_name_t type,
+						gnutls_x509_crt_t cert)
+{
+char name[MAX_CN];
+size_t name_size;
+int ret;
+unsigned idx, t, san_type;
+gnutls_datum_t n;
+unsigned found_one;
+
+	if (is_nc_empty(nc, type) != 0)
+		return 1; /* shortcut; no constraints to check */
+
+	if (type == GNUTLS_SAN_RFC822NAME) {
+		found_one = 0;
+		for (idx=0;;idx++) {
+			name_size = sizeof(name);
+			ret = gnutls_x509_crt_get_subject_alt_name2(cert,
+				idx, name, &name_size, &san_type, NULL);
+			if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+				break;
+			else if (ret < 0)
+				return gnutls_assert_val(0);
+
+			if (san_type != GNUTLS_SAN_RFC822NAME)
+				continue;
+
+			found_one = 1;
+			n.data = (void*)name;
+			n.size = name_size;
+			t = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_RFC822NAME,
+				&n);
+			if (t == 0)
+				return gnutls_assert_val(t);
+		}
+
+		/* there is at least a single e-mail. That means that the EMAIL field will
+		 * not be used for verifying the identity of the holder. */
+		if (found_one != 0)
+			return 1;
+
+		do {
+			/* ensure there is only a single EMAIL, similarly to CN handling (rfc6125) */
+			name_size = sizeof(name);
+			ret = gnutls_x509_crt_get_dn_by_oid(cert, GNUTLS_OID_PKCS9_EMAIL,
+							    1, 0, name, &name_size);
+			if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+				return gnutls_assert_val(0);
+
+			name_size = sizeof(name);
+			ret = gnutls_x509_crt_get_dn_by_oid(cert, GNUTLS_OID_PKCS9_EMAIL,
+							    0, 0, name, &name_size);
+			if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+				break;
+			else if (ret < 0)
+				return gnutls_assert_val(0);
+
+			found_one = 1;
+			n.data = (void*)name;
+			n.size = name_size;
+			t = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_RFC822NAME, &n);
+			if (t == 0)
+				return gnutls_assert_val(t);
+		} while(0);
+
+		/* passed */
+		if (found_one != 0)
+			return 1;
+		else {
+			/* no name was found. According to RFC5280: 
+			 * If no name of the type is in the certificate, the certificate is acceptable.
+			 */
+			return gnutls_assert_val(1);
+		}
+	} else if (type == GNUTLS_SAN_DNSNAME) {
+		found_one = 0;
+		for (idx=0;;idx++) {
+			name_size = sizeof(name);
+			ret = gnutls_x509_crt_get_subject_alt_name2(cert,
+				idx, name, &name_size, &san_type, NULL);
+			if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+				break;
+			else if (ret < 0)
+				return gnutls_assert_val(0);
+
+			if (san_type != GNUTLS_SAN_DNSNAME)
+				continue;
+
+			found_one = 1;
+			n.data = (void*)name;
+			n.size = name_size;
+			t = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_DNSNAME,
+				&n);
+			if (t == 0)
+				return gnutls_assert_val(t);
+		}
+
+		/* there is at least a single DNS name. That means that the CN will
+		 * not be used for verifying the identity of the holder. */
+		if (found_one != 0)
+			return 1;
+
+		/* verify the name constraints against the CN, if the certificate is
+		 * not a CA. We do this check only on certificates marked as WWW server,
+		 * because that's where the CN check is only performed. */
+		if (_gnutls_check_key_purpose(cert, GNUTLS_KP_TLS_WWW_SERVER, 0) != 0)
+		do {
+			/* ensure there is only a single CN, according to rfc6125 */
+			name_size = sizeof(name);
+			ret = gnutls_x509_crt_get_dn_by_oid(cert, GNUTLS_OID_X520_COMMON_NAME,
+							    1, 0, name, &name_size);
+			if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+				return gnutls_assert_val(0);
+
+			name_size = sizeof(name);
+			ret = gnutls_x509_crt_get_dn_by_oid(cert, GNUTLS_OID_X520_COMMON_NAME,
+							    0, 0, name, &name_size);
+			if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+				break;
+			else if (ret < 0)
+				return gnutls_assert_val(0);
+
+			found_one = 1;
+			n.data = (void*)name;
+			n.size = name_size;
+			t = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_DNSNAME,
+				&n);
+			if (t == 0)
+				return gnutls_assert_val(t);
+		} while(0);
+
+		/* passed */
+		if (found_one != 0)
+			return 1;
+		else {
+			/* no name was found. According to RFC5280: 
+			 * If no name of the type is in the certificate, the certificate is acceptable.
+			 */
+			return gnutls_assert_val(1);
+		}
+	} else if (type == GNUTLS_SAN_IPADDRESS) {
+			found_one = 0;
+			for (idx=0;;idx++) {
+				name_size = sizeof(name);
+				ret = gnutls_x509_crt_get_subject_alt_name2(cert,
+					idx, name, &name_size, &san_type, NULL);
+				if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+					break;
+				else if (ret < 0)
+					return gnutls_assert_val(0);
+
+				if (san_type != GNUTLS_SAN_IPADDRESS)
+					continue;
+
+				found_one = 1;
+				n.data = (void*)name;
+				n.size = name_size;
+				t = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, &n);
+				if (t == 0)
+					return gnutls_assert_val(t);
+			}
+
+			/* there is at least a single IP address. */
+
+			if (found_one != 0) {
+				return 1;
+			} else {
+				/* no name was found. According to RFC5280:
+				 * If no name of the type is in the certificate, the certificate is acceptable.
+				 */
+				return gnutls_assert_val(1);
+			}
+	} else if (type == GNUTLS_SAN_URI) {
+		return check_unsupported_constraint2(cert, nc, type);
+	} else
+		return check_unsupported_constraint(nc, type);
+}
+
+/**
+ * gnutls_x509_name_constraints_get_permitted:
+ * @nc: the extracted name constraints
+ * @idx: the index of the constraint
+ * @type: the type of the constraint (of type gnutls_x509_subject_alt_name_t)
+ * @name: the name in the constraint (of the specific type)
+ *
+ * This function will return an intermediate type containing
+ * the name constraints of the provided CA certificate. That
+ * structure can be used in combination with gnutls_x509_name_constraints_check()
+ * to verify whether a server's name is in accordance with the constraints.
+ *
+ * The name should be treated as constant and valid for the lifetime of @nc.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the extension is not present, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_name_constraints_get_permitted(gnutls_x509_name_constraints_t nc,
+					       unsigned idx,
+					       unsigned *type, gnutls_datum_t * name)
+{
+	unsigned int i;
+	struct name_constraints_node_st * tmp = nc->permitted;
+
+	for (i = 0; i < idx; i++) {
+		if (tmp == NULL)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+		tmp = tmp->next;
+	}
+
+	if (tmp == NULL)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	*type = tmp->type;
+	*name = tmp->name;
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_name_constraints_get_excluded:
+ * @nc: the extracted name constraints
+ * @idx: the index of the constraint
+ * @type: the type of the constraint (of type gnutls_x509_subject_alt_name_t)
+ * @name: the name in the constraint (of the specific type)
+ *
+ * This function will return an intermediate type containing
+ * the name constraints of the provided CA certificate. That
+ * structure can be used in combination with gnutls_x509_name_constraints_check()
+ * to verify whether a server's name is in accordance with the constraints.
+ *
+ * The name should be treated as constant and valid for the lifetime of @nc.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the extension is not present, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_name_constraints_get_excluded(gnutls_x509_name_constraints_t nc,
+					      unsigned idx,
+					      unsigned *type, gnutls_datum_t * name)
+{
+	unsigned int i;
+	struct name_constraints_node_st * tmp = nc->excluded;
+
+	for (i = 0; i < idx; i++) {
+		if (tmp == NULL)
+			return
+			    gnutls_assert_val
+			    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+		tmp = tmp->next;
+	}
+
+	if (tmp == NULL)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	*type = tmp->type;
+	*name = tmp->name;
+
+	return 0;
+}
diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c
new file mode 100644
index 0000000..81f3d7e
--- /dev/null
+++ b/lib/x509/ocsp.c
@@ -0,0 +1,2642 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2016-2017 Red Hat, Inc.
+ *
+ * Author: Simon Josefsson, Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Online Certificate Status Protocol - RFC 2560
+ */
+
+#include "gnutls_int.h"
+#include <global.h>
+#include "errors.h"
+#include <libtasn1.h>
+#include <pk.h>
+#include "common.h"
+#include "verify-high.h"
+#include "x509.h"
+#include "ocsp.h"
+
+#include <gnutls/ocsp.h>
+#include <auth/cert.h>
+
+#include <assert.h>
+#include "intprops.h"
+
+typedef struct gnutls_ocsp_req_int {
+	asn1_node req;
+	unsigned init;
+} gnutls_ocsp_req_int;
+
+typedef struct gnutls_ocsp_resp_int {
+	asn1_node resp;
+	gnutls_datum_t response_type_oid;
+	asn1_node basicresp;
+	gnutls_datum_t der;
+	unsigned init;
+} gnutls_ocsp_resp_int;
+
+#define MAX_TIME 64
+
+/**
+ * gnutls_ocsp_req_init:
+ * @req: A pointer to the type to be initialized
+ *
+ * This function will initialize an OCSP request structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_ocsp_req_init(gnutls_ocsp_req_t * req)
+{
+	gnutls_ocsp_req_t tmp =
+	    gnutls_calloc(1, sizeof(gnutls_ocsp_req_int));
+	int ret;
+
+	if (!tmp)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	ret = asn1_create_element(_gnutls_get_pkix(), "PKIX1.OCSPRequest",
+				  &tmp->req);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(tmp);
+		return _gnutls_asn2err(ret);
+	}
+
+	*req = tmp;
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_ocsp_req_deinit:
+ * @req: The data to be deinitialized
+ *
+ * This function will deinitialize a OCSP request structure.
+ **/
+void gnutls_ocsp_req_deinit(gnutls_ocsp_req_t req)
+{
+	if (!req)
+		return;
+
+	if (req->req)
+		asn1_delete_structure(&req->req);
+
+	req->req = NULL;
+	gnutls_free(req);
+}
+
+/**
+ * gnutls_ocsp_resp_init:
+ * @resp: A pointer to the type to be initialized
+ *
+ * This function will initialize an OCSP response structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_ocsp_resp_init(gnutls_ocsp_resp_t * resp)
+{
+	gnutls_ocsp_resp_t tmp =
+	    gnutls_calloc(1, sizeof(gnutls_ocsp_resp_int));
+	int ret;
+
+	if (!tmp)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	ret = asn1_create_element(_gnutls_get_pkix(),
+				  "PKIX1.OCSPResponse", &tmp->resp);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(tmp);
+		return _gnutls_asn2err(ret);
+	}
+
+	ret = asn1_create_element(_gnutls_get_pkix(),
+				  "PKIX1.BasicOCSPResponse",
+				  &tmp->basicresp);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&tmp->resp);
+		gnutls_free(tmp);
+		return _gnutls_asn2err(ret);
+	}
+
+	*resp = tmp;
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_ocsp_resp_deinit:
+ * @resp: The data to be deinitialized
+ *
+ * This function will deinitialize a OCSP response structure.
+ **/
+void gnutls_ocsp_resp_deinit(gnutls_ocsp_resp_t resp)
+{
+	if (!resp)
+		return;
+
+	if (resp->resp)
+		asn1_delete_structure(&resp->resp);
+	gnutls_free(resp->response_type_oid.data);
+	if (resp->basicresp)
+		asn1_delete_structure(&resp->basicresp);
+
+	resp->resp = NULL;
+	resp->basicresp = NULL;
+
+	gnutls_free(resp->der.data);
+	gnutls_free(resp);
+}
+
+/**
+ * gnutls_ocsp_req_import:
+ * @req: The data to store the parsed request.
+ * @data: DER encoded OCSP request.
+ *
+ * This function will convert the given DER encoded OCSP request to
+ * the native #gnutls_ocsp_req_t format. The output will be stored in
+ * @req.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_ocsp_req_import(gnutls_ocsp_req_t req, const gnutls_datum_t * data)
+{
+	int ret = 0;
+
+	if (req == NULL || data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (req->init) {
+		/* Any earlier _asn1_strict_der_decode will modify the ASN.1
+		   structure, so we need to replace it with a fresh
+		   structure. */
+		asn1_delete_structure(&req->req);
+
+		ret = asn1_create_element(_gnutls_get_pkix(),
+					  "PKIX1.OCSPRequest", &req->req);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(ret);
+		}
+	}
+	req->init = 1;
+
+	ret = _asn1_strict_der_decode(&req->req, data->data, data->size, NULL);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_ocsp_resp_import:
+ * @resp: The data to store the parsed response.
+ * @data: DER encoded OCSP response.
+ *
+ * This function will convert the given DER encoded OCSP response to
+ * the native #gnutls_ocsp_resp_t format.  It also decodes the Basic
+ * OCSP Response part, if any.  The output will be stored in @resp.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_ocsp_resp_import(gnutls_ocsp_resp_t resp,
+			const gnutls_datum_t * data)
+{
+	return gnutls_ocsp_resp_import2(resp, data, GNUTLS_X509_FMT_DER);
+}
+
+/**
+ * gnutls_ocsp_resp_import2:
+ * @resp: The data to store the parsed response.
+ * @data: DER or PEM encoded OCSP response.
+ * @fmt: DER or PEM
+ *
+ * This function will convert the given OCSP response to
+ * the native #gnutls_ocsp_resp_t format.  It also decodes the Basic
+ * OCSP Response part, if any.  The output will be stored in @resp.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_ocsp_resp_import2(gnutls_ocsp_resp_t resp,
+			 const gnutls_datum_t *data,
+			 gnutls_x509_crt_fmt_t fmt)
+{
+	int ret = 0;
+	gnutls_datum_t der;
+
+	if (resp == NULL || data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	der.data = data->data;
+	der.size = data->size;
+
+	if (fmt == GNUTLS_X509_FMT_PEM) {
+		ret = gnutls_pem_base64_decode2(BARE_PEM_OCSP_RESPONSE, data, &der);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+	}
+
+	if (resp->init != 0) {
+		/* Any earlier _asn1_strict_der_decode will modify the ASN.1
+		   structure, so we need to replace it with a fresh
+		   structure. */
+		asn1_delete_structure(&resp->resp);
+		if (resp->basicresp)
+			asn1_delete_structure(&resp->basicresp);
+
+		ret = asn1_create_element(_gnutls_get_pkix(),
+					  "PKIX1.OCSPResponse",
+					  &resp->resp);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret = asn1_create_element(_gnutls_get_pkix(),
+					  "PKIX1.BasicOCSPResponse",
+					  &resp->basicresp);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		gnutls_free(resp->der.data);
+	}
+
+	resp->init = 1;
+	ret = _asn1_strict_der_decode(&resp->resp, der.data, der.size, NULL);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	if (gnutls_ocsp_resp_get_status(resp) !=
+	    GNUTLS_OCSP_RESP_SUCCESSFUL) {
+		ret = GNUTLS_E_SUCCESS;
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_read_value(resp->resp,
+				    "responseBytes.responseType",
+				    &resp->response_type_oid);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+#define OCSP_BASIC "1.3.6.1.5.5.7.48.1.1"
+
+	if (resp->response_type_oid.size == sizeof(OCSP_BASIC) - 1
+	    && memcmp(resp->response_type_oid.data, OCSP_BASIC,
+		      resp->response_type_oid.size) == 0) {
+
+		ret =
+		    _gnutls_x509_read_value(resp->resp,
+					    "responseBytes.response", &resp->der);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret =
+		    _asn1_strict_der_decode(&resp->basicresp, resp->der.data, resp->der.size,
+				      NULL);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+	} else {
+		asn1_delete_structure(&resp->basicresp);
+		resp->basicresp = NULL;
+	}
+
+	ret = GNUTLS_E_SUCCESS;
+cleanup:
+	if (der.data != data->data)
+		gnutls_free(der.data);
+	return ret;
+}
+
+/**
+ * gnutls_ocsp_req_export:
+ * @req: Holds the OCSP request
+ * @data: newly allocate buffer holding DER encoded OCSP request
+ *
+ * This function will export the OCSP request to DER format.
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and 0 on success.
+ **/
+int gnutls_ocsp_req_export(gnutls_ocsp_req_const_t req, gnutls_datum_t * data)
+{
+	int ret;
+
+	if (req == NULL || data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* XXX remove when we support these fields */
+	(void)asn1_write_value(req->req, "tbsRequest.requestorName", NULL, 0);
+	(void)asn1_write_value(req->req, "optionalSignature", NULL, 0);
+
+	/* prune extension field if we don't have any extension */
+	ret = gnutls_ocsp_req_get_extension(req, 0, NULL, NULL, NULL);
+	if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+		(void)asn1_write_value(req->req, "tbsRequest.requestExtensions",
+				 NULL, 0);
+
+	return _gnutls_x509_get_raw_field(req->req, "", data);
+}
+
+/**
+ * gnutls_ocsp_resp_export:
+ * @resp: Holds the OCSP response
+ * @data: newly allocate buffer holding DER encoded OCSP response
+ *
+ * This function will export the OCSP response to DER format.
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and 0 on success.
+ **/
+int gnutls_ocsp_resp_export(gnutls_ocsp_resp_const_t resp, gnutls_datum_t * data)
+{
+	return gnutls_ocsp_resp_export2(resp, data, GNUTLS_X509_FMT_DER);
+}
+
+/**
+ * gnutls_ocsp_resp_export2:
+ * @resp: Holds the OCSP response
+ * @data: newly allocate buffer holding DER or PEM encoded OCSP response
+ * @fmt: DER or PEM
+ *
+ * This function will export the OCSP response to DER or PEM format.
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and 0 on success.
+ *
+ * Since: 3.6.3
+ **/
+int gnutls_ocsp_resp_export2(gnutls_ocsp_resp_const_t resp, gnutls_datum_t * data,
+			     gnutls_x509_crt_fmt_t fmt)
+{
+	int ret;
+	gnutls_datum_t der;
+
+	if (resp == NULL || data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_get_raw_field(resp->resp, "", &der);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (fmt == GNUTLS_X509_FMT_DER) {
+		data->data = der.data;
+		data->size = der.size;
+		return ret;
+	} else {
+		ret = gnutls_pem_base64_encode2("OCSP RESPONSE", &der, data);
+		gnutls_free(der.data);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		return 0;
+	}
+}
+
+/**
+ * gnutls_ocsp_req_get_version:
+ * @req: should contain a #gnutls_ocsp_req_t type
+ *
+ * This function will return the version of the OCSP request.
+ * Typically this is always 1 indicating version 1.
+ *
+ * Returns: version of OCSP request, or a negative error code on error.
+ **/
+int gnutls_ocsp_req_get_version(gnutls_ocsp_req_const_t req)
+{
+	if (req == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_version(req->req, "tbsRequest.version");
+}
+
+/**
+ * gnutls_ocsp_req_get_cert_id:
+ * @req: should contain a #gnutls_ocsp_req_t type
+ * @indx: Specifies which extension OID to get. Use (0) to get the first one.
+ * @digest: output variable with #gnutls_digest_algorithm_t hash algorithm
+ * @issuer_name_hash: output buffer with hash of issuer's DN
+ * @issuer_key_hash: output buffer with hash of issuer's public key
+ * @serial_number: output buffer with serial number of certificate to check
+ *
+ * This function will return the certificate information of the
+ * @indx'ed request in the OCSP request.  The information returned
+ * corresponds to the CertID structure:
+ *
+ * <informalexample><programlisting>
+ *    CertID	  ::=     SEQUENCE {
+ *	hashAlgorithm       AlgorithmIdentifier,
+ *	issuerNameHash      OCTET STRING, -- Hash of Issuer's DN
+ *	issuerKeyHash       OCTET STRING, -- Hash of Issuers public key
+ *	serialNumber	CertificateSerialNumber }
+ * </programlisting></informalexample>
+ *
+ * Each of the pointers to output variables may be NULL to indicate
+ * that the caller is not interested in that value.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned.  If you have reached the last
+ *   CertID available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be
+ *   returned.
+ **/
+int
+gnutls_ocsp_req_get_cert_id(gnutls_ocsp_req_const_t req,
+			    unsigned indx,
+			    gnutls_digest_algorithm_t * digest,
+			    gnutls_datum_t * issuer_name_hash,
+			    gnutls_datum_t * issuer_key_hash,
+			    gnutls_datum_t * serial_number)
+{
+	gnutls_datum_t sa;
+	char name[MAX_NAME_SIZE];
+	int ret;
+
+	if (req == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	snprintf(name, sizeof(name),
+		 "tbsRequest.requestList.?%u.reqCert.hashAlgorithm.algorithm",
+		 indx + 1);
+	ret = _gnutls_x509_read_value(req->req, name, &sa);
+	if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	else if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_oid_to_digest((char *) sa.data);
+	_gnutls_free_datum(&sa);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (digest)
+		*digest = ret;
+
+	if (issuer_name_hash) {
+		snprintf(name, sizeof(name),
+			 "tbsRequest.requestList.?%u.reqCert.issuerNameHash",
+			 indx + 1);
+		ret =
+		    _gnutls_x509_read_value(req->req, name,
+					    issuer_name_hash);
+		if (ret != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	if (issuer_key_hash) {
+		snprintf(name, sizeof(name),
+			 "tbsRequest.requestList.?%u.reqCert.issuerKeyHash",
+			 indx + 1);
+		ret =
+		    _gnutls_x509_read_value(req->req, name,
+					    issuer_key_hash);
+		if (ret != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			if (issuer_name_hash)
+				gnutls_free(issuer_name_hash->data);
+			return ret;
+		}
+	}
+
+	if (serial_number) {
+		snprintf(name, sizeof(name),
+			 "tbsRequest.requestList.?%u.reqCert.serialNumber",
+			 indx + 1);
+		ret =
+		    _gnutls_x509_read_value(req->req, name, serial_number);
+		if (ret != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			if (issuer_name_hash)
+				gnutls_free(issuer_name_hash->data);
+			if (issuer_key_hash)
+				gnutls_free(issuer_key_hash->data);
+			return ret;
+		}
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_ocsp_req_add_cert_id:
+ * @req: should contain a #gnutls_ocsp_req_t type
+ * @digest: hash algorithm, a #gnutls_digest_algorithm_t value
+ * @issuer_name_hash: hash of issuer's DN
+ * @issuer_key_hash: hash of issuer's public key
+ * @serial_number: serial number of certificate to check
+ *
+ * This function will add another request to the OCSP request for a
+ * particular certificate having the issuer name hash of
+ * @issuer_name_hash and issuer key hash of @issuer_key_hash (both
+ * hashed using @digest) and serial number @serial_number.
+ *
+ * The information needed corresponds to the CertID structure:
+ *
+ * <informalexample><programlisting>
+ *    CertID	  ::=     SEQUENCE {
+ *	hashAlgorithm       AlgorithmIdentifier,
+ *	issuerNameHash      OCTET STRING, -- Hash of Issuer's DN
+ *	issuerKeyHash       OCTET STRING, -- Hash of Issuers public key
+ *	serialNumber	CertificateSerialNumber }
+ * </programlisting></informalexample>
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned.
+ **/
+int
+gnutls_ocsp_req_add_cert_id(gnutls_ocsp_req_t req,
+			    gnutls_digest_algorithm_t digest,
+			    const gnutls_datum_t * issuer_name_hash,
+			    const gnutls_datum_t * issuer_key_hash,
+			    const gnutls_datum_t * serial_number)
+{
+	int result;
+	const char *oid;
+
+	if (req == NULL || issuer_name_hash == NULL
+	    || issuer_key_hash == NULL || serial_number == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	oid = _gnutls_x509_digest_to_oid(hash_to_entry(digest));
+	if (oid == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result =
+	    asn1_write_value(req->req, "tbsRequest.requestList", "NEW", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = asn1_write_value
+	    (req->req,
+	     "tbsRequest.requestList.?LAST.reqCert.hashAlgorithm.algorithm",
+	     oid, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* XXX we don't support any algorithm with parameters */
+	result = asn1_write_value
+	    (req->req,
+	     "tbsRequest.requestList.?LAST.reqCert.hashAlgorithm.parameters",
+	     ASN1_NULL, ASN1_NULL_SIZE);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = asn1_write_value
+	    (req->req,
+	     "tbsRequest.requestList.?LAST.reqCert.issuerNameHash",
+	     issuer_name_hash->data, issuer_name_hash->size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = asn1_write_value
+	    (req->req,
+	     "tbsRequest.requestList.?LAST.reqCert.issuerKeyHash",
+	     issuer_key_hash->data, issuer_key_hash->size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = asn1_write_value
+	    (req->req, "tbsRequest.requestList.?LAST.reqCert.serialNumber",
+	     serial_number->data, serial_number->size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* XXX add separate function that can add extensions too */
+	result = asn1_write_value
+	    (req->req,
+	     "tbsRequest.requestList.?LAST.singleRequestExtensions", NULL,
+	     0);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_ocsp_req_add_cert:
+ * @req: should contain a #gnutls_ocsp_req_t type
+ * @digest: hash algorithm, a #gnutls_digest_algorithm_t value
+ * @issuer: issuer of @subject certificate
+ * @cert: certificate to request status for
+ *
+ * This function will add another request to the OCSP request for a
+ * particular certificate.  The issuer name hash, issuer key hash, and
+ * serial number fields is populated as follows.  The issuer name and
+ * the serial number is taken from @cert.  The issuer key is taken
+ * from @issuer.  The hashed values will be hashed using the @digest
+ * algorithm, normally %GNUTLS_DIG_SHA1.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned.
+ **/
+int
+gnutls_ocsp_req_add_cert(gnutls_ocsp_req_t req,
+			 gnutls_digest_algorithm_t digest,
+			 gnutls_x509_crt_t issuer, gnutls_x509_crt_t cert)
+{
+	int ret;
+	gnutls_datum_t sn, tmp, inh, ikh;
+	uint8_t inh_buf[MAX_HASH_SIZE];
+	uint8_t ikh_buf[MAX_HASH_SIZE];
+	size_t inhlen = MAX_HASH_SIZE;
+	size_t ikhlen = MAX_HASH_SIZE;
+
+	if (req == NULL || issuer == NULL || cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_der_encode(cert->cert,
+				      "tbsCertificate.issuer.rdnSequence",
+				      &tmp, 0);
+	if (ret != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_fingerprint(digest, &tmp, inh_buf, &inhlen);
+	gnutls_free(tmp.data);
+	if (ret != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return ret;
+	}
+	inh.size = inhlen;
+	inh.data = inh_buf;
+
+	ret = _gnutls_x509_read_value
+	    (issuer->cert,
+	     "tbsCertificate.subjectPublicKeyInfo.subjectPublicKey", &tmp);
+	if (ret != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_fingerprint(digest, &tmp, ikh_buf, &ikhlen);
+	gnutls_free(tmp.data);
+	if (ret != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return ret;
+	}
+	ikh.size = ikhlen;
+	ikh.data = ikh_buf;
+
+	ret =
+	    _gnutls_x509_read_value(cert->cert,
+				    "tbsCertificate.serialNumber", &sn);
+	if (ret != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_ocsp_req_add_cert_id(req, digest, &inh, &ikh, &sn);
+	gnutls_free(sn.data);
+	if (ret != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_ocsp_req_get_extension:
+ * @req: should contain a #gnutls_ocsp_req_t type
+ * @indx: Specifies which extension OID to get. Use (0) to get the first one.
+ * @oid: will hold newly allocated buffer with OID of extension, may be NULL
+ * @critical: output variable with critical flag, may be NULL.
+ * @data: will hold newly allocated buffer with extension data, may be NULL
+ *
+ * This function will return all information about the requested
+ * extension in the OCSP request.  The information returned is the
+ * OID, the critical flag, and the data itself.  The extension OID
+ * will be stored as a string.  Any of @oid, @critical, and @data may
+ * be NULL which means that the caller is not interested in getting
+ * that information back.
+ *
+ * The caller needs to deallocate memory by calling gnutls_free() on
+ * @oid->data and @data->data.
+ *
+ * Since 3.7.0 @oid->size does not account for the terminating null byte.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned.  If you have reached the last
+ *   extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will
+ *   be returned.
+ **/
+int
+gnutls_ocsp_req_get_extension(gnutls_ocsp_req_const_t req,
+			      unsigned indx,
+			      gnutls_datum_t * oid,
+			      unsigned int *critical,
+			      gnutls_datum_t * data)
+{
+	int ret;
+	char str_critical[10];
+	char name[MAX_NAME_SIZE];
+	int len;
+
+	if (!req) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	snprintf(name, sizeof(name),
+		 "tbsRequest.requestExtensions.?%u.critical", indx + 1);
+	len = sizeof(str_critical);
+	ret = asn1_read_value(req->req, name, str_critical, &len);
+	if (ret == ASN1_ELEMENT_NOT_FOUND)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	else if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	if (critical) {
+		if (str_critical[0] == 'T')
+			*critical = 1;
+		else
+			*critical = 0;
+	}
+
+	if (oid) {
+		snprintf(name, sizeof(name),
+			 "tbsRequest.requestExtensions.?%u.extnID",
+			 indx + 1);
+		ret = _gnutls_x509_read_value(req->req, name, oid);
+		if (ret != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	if (data) {
+		snprintf(name, sizeof(name),
+			 "tbsRequest.requestExtensions.?%u.extnValue",
+			 indx + 1);
+		ret = _gnutls_x509_read_value(req->req, name, data);
+		if (ret != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			if (oid)
+				gnutls_free(oid->data);
+			return ret;
+		}
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_ocsp_req_set_extension:
+ * @req: should contain a #gnutls_ocsp_req_t type
+ * @oid: buffer with OID of extension as a string.
+ * @critical: critical flag, normally false.
+ * @data: the extension data
+ *
+ * This function will add an extension to the OCSP request.  Calling
+ * this function multiple times for the same OID will overwrite values
+ * from earlier calls.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned.
+ **/
+int
+gnutls_ocsp_req_set_extension(gnutls_ocsp_req_t req,
+			      const char *oid,
+			      unsigned int critical,
+			      const gnutls_datum_t * data)
+{
+	if (req == NULL || oid == NULL || data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_set_extension(req->req, "tbsRequest.requestExtensions", oid,
+			     data, critical);
+}
+
+/**
+ * gnutls_ocsp_req_get_nonce:
+ * @req: should contain a #gnutls_ocsp_req_t type
+ * @critical: whether nonce extension is marked critical, or NULL
+ * @nonce: will hold newly allocated buffer with nonce data
+ *
+ * This function will return the OCSP request nonce extension data.
+ *
+ * The caller needs to deallocate memory by calling gnutls_free() on
+ * @nonce->data.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned.
+ **/
+int
+gnutls_ocsp_req_get_nonce(gnutls_ocsp_req_const_t req,
+			  unsigned int *critical, gnutls_datum_t * nonce)
+{
+	int ret;
+	gnutls_datum_t tmp;
+
+	if (req == NULL || nonce == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_get_extension(req->req, "tbsRequest.requestExtensions",
+			    GNUTLS_OCSP_NONCE, 0, &tmp, critical);
+	if (ret != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_x509_decode_string(ASN1_ETYPE_OCTET_STRING, tmp.data,
+				       (size_t) tmp.size, nonce, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_free(tmp.data);
+		return ret;
+	}
+
+	gnutls_free(tmp.data);
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_ocsp_req_set_nonce:
+ * @req: should contain a #gnutls_ocsp_req_t type
+ * @critical: critical flag, normally false.
+ * @nonce: the nonce data
+ *
+ * This function will add an nonce extension to the OCSP request.
+ * Calling this function multiple times will overwrite values from
+ * earlier calls.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned.
+ **/
+int
+gnutls_ocsp_req_set_nonce(gnutls_ocsp_req_t req,
+			  unsigned int critical,
+			  const gnutls_datum_t * nonce)
+{
+	int ret;
+	gnutls_datum_t dernonce;
+	unsigned char temp[SIZEOF_UNSIGNED_LONG_INT + 1];
+	int len;
+
+	if (req == NULL || nonce == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	asn1_length_der(nonce->size, temp, &len);
+
+	dernonce.size = 1 + len + nonce->size;
+	dernonce.data = gnutls_malloc(dernonce.size);
+	if (dernonce.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	dernonce.data[0] = '\x04';
+	memcpy(dernonce.data + 1, temp, len);
+	memcpy(dernonce.data + 1 + len, nonce->data, nonce->size);
+
+	ret = _gnutls_set_extension(req->req, "tbsRequest.requestExtensions",
+			    GNUTLS_OCSP_NONCE, &dernonce, critical);
+	gnutls_free(dernonce.data);
+	if (ret != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_ocsp_req_randomize_nonce:
+ * @req: should contain a #gnutls_ocsp_req_t type
+ *
+ * This function will add or update an nonce extension to the OCSP
+ * request with a newly generated random value.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned.
+ **/
+int gnutls_ocsp_req_randomize_nonce(gnutls_ocsp_req_t req)
+{
+	int ret;
+	uint8_t rndbuf[23];
+	gnutls_datum_t nonce = { rndbuf, sizeof(rndbuf) };
+
+	if (req == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_rnd(GNUTLS_RND_NONCE, rndbuf, sizeof(rndbuf));
+	if (ret != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_ocsp_req_set_nonce(req, 0, &nonce);
+	if (ret != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_ocsp_resp_get_status:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ *
+ * This function will return the status of a OCSP response, an
+ * #gnutls_ocsp_resp_status_t enumeration.
+ *
+ * Returns: status of OCSP request as a #gnutls_ocsp_resp_status_t, or
+ *   a negative error code on error.
+ **/
+int gnutls_ocsp_resp_get_status(gnutls_ocsp_resp_const_t resp)
+{
+	uint8_t str[1];
+	int len, ret;
+
+	if (resp == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	len = sizeof(str);
+	ret = asn1_read_value(resp->resp, "responseStatus", str, &len);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	if (len != 1)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+
+	switch (str[0]) {
+	case GNUTLS_OCSP_RESP_SUCCESSFUL:
+	case GNUTLS_OCSP_RESP_MALFORMEDREQUEST:
+	case GNUTLS_OCSP_RESP_INTERNALERROR:
+	case GNUTLS_OCSP_RESP_TRYLATER:
+	case GNUTLS_OCSP_RESP_SIGREQUIRED:
+	case GNUTLS_OCSP_RESP_UNAUTHORIZED:
+		break;
+	default:
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+	}
+
+	return (int) str[0];
+}
+
+/**
+ * gnutls_ocsp_resp_get_response:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ * @response_type_oid: newly allocated output buffer with response type OID
+ * @response: newly allocated output buffer with DER encoded response
+ *
+ * This function will extract the response type OID in and the
+ * response data from an OCSP response.  Normally the
+ * @response_type_oid is always "1.3.6.1.5.5.7.48.1.1" which means the
+ * @response should be decoded as a Basic OCSP Response, but
+ * technically other response types could be used.
+ *
+ * This function is typically only useful when you want to extract the
+ * response type OID of an response for diagnostic purposes.
+ * Otherwise gnutls_ocsp_resp_import() will decode the basic OCSP
+ * response part and the caller need not worry about that aspect.
+ *
+ * Since 3.7.0 @response_type_oid->size does not account for the terminating
+ * null byte.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_ocsp_resp_get_response(gnutls_ocsp_resp_const_t resp,
+			      gnutls_datum_t * response_type_oid,
+			      gnutls_datum_t * response)
+{
+	int ret;
+
+	if (resp == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (response_type_oid != NULL) {
+		ret =
+		    _gnutls_x509_read_value(resp->resp,
+					    "responseBytes.responseType",
+					    response_type_oid);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	if (response != NULL) {
+		ret =
+		    _gnutls_x509_read_value(resp->resp,
+					    "responseBytes.response",
+					    response);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_ocsp_resp_get_version:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ *
+ * This function will return the version of the Basic OCSP Response.
+ * Typically this is always 1 indicating version 1.
+ *
+ * Returns: version of Basic OCSP response, or a negative error code
+ *   on error.
+ **/
+int gnutls_ocsp_resp_get_version(gnutls_ocsp_resp_const_t resp)
+{
+	if (resp == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_version(resp->resp, "tbsResponseData.version");
+}
+
+/**
+ * gnutls_ocsp_resp_get_responder:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ * @dn: newly allocated buffer with name
+ *
+ * This function will extract the name of the Basic OCSP Response in
+ * the provided buffer. The name will be in the form
+ * "C=xxxx,O=yyyy,CN=zzzz" as described in RFC2253. The output string
+ * will be ASCII or UTF-8 encoded, depending on the certificate data.
+ *
+ * If the responder ID is not a name but a hash, this function
+ * will return zero and the @dn elements will be set to %NULL.
+ *
+ * The caller needs to deallocate memory by calling gnutls_free() on
+ * @dn->data.
+ *
+ * This function does not output a fully RFC4514 compliant string, if
+ * that is required see gnutls_ocsp_resp_get_responder2().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned. When no data exist it will
+ *   return success and set @dn elements to zero.
+ **/
+int
+gnutls_ocsp_resp_get_responder(gnutls_ocsp_resp_const_t resp,
+			       gnutls_datum_t * dn)
+{
+	int ret;
+
+	ret = gnutls_ocsp_resp_get_responder2(resp, dn, GNUTLS_X509_DN_FLAG_COMPAT);
+	if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		dn->data = NULL;
+		dn->size = 0;
+		return 0; /* for backwards compatibility */
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_ocsp_resp_get_responder2:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ * @dn: newly allocated buffer with name
+ * @flags: zero or %GNUTLS_X509_DN_FLAG_COMPAT
+ *
+ * This function will extract the name of the Basic OCSP Response in
+ * the provided buffer. The name will be in the form
+ * "C=xxxx,O=yyyy,CN=zzzz" as described in RFC2253. The output string
+ * will be ASCII or UTF-8 encoded, depending on the certificate data.
+ *
+ * If the responder ID is not a name but a hash, this function
+ * will return zero and the @dn elements will be set to %NULL.
+ *
+ * The caller needs to deallocate memory by calling gnutls_free() on
+ * @dn->data.
+ *
+ * When the flag %GNUTLS_X509_DN_FLAG_COMPAT is specified, the output
+ * format will match the format output by previous to 3.5.6 versions of GnuTLS
+ * which was not not fully RFC4514-compliant.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned. When no data exist it will return
+ *   %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.
+ **/
+int
+gnutls_ocsp_resp_get_responder2(gnutls_ocsp_resp_const_t resp,
+			        gnutls_datum_t * dn, unsigned flags)
+{
+	if (resp == NULL || dn == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	dn->data = NULL;
+	dn->size = 0;
+
+	return _gnutls_x509_get_dn(resp->basicresp,
+				  "tbsResponseData.responderID.byName",
+				  dn, flags);
+}
+
+/**
+ * gnutls_ocsp_resp_get_responder_by_key:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ * @type: should be %GNUTLS_OCSP_RESP_ID_KEY or %GNUTLS_OCSP_RESP_ID_DN
+ * @raw: newly allocated buffer with the raw ID
+ *
+ * This function will extract the raw key (or DN) ID of the Basic OCSP Response in
+ * the provided buffer. If the responder ID is not a key ID then
+ * this function will return %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.
+ *
+ * The caller needs to deallocate memory by calling gnutls_free() on
+ * @dn->data.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned.
+ **/
+int
+gnutls_ocsp_resp_get_responder_raw_id(gnutls_ocsp_resp_const_t resp,
+				      unsigned type,
+				      gnutls_datum_t * raw)
+{
+	int ret;
+
+	if (resp == NULL || raw == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (type == GNUTLS_OCSP_RESP_ID_KEY)
+		ret = _gnutls_x509_read_value(resp->basicresp, "tbsResponseData.responderID.byKey", raw);
+	else {
+		gnutls_datum_t tmp;
+
+		/* simply reading a CHOICE of CHOICE value doesn't work in libtasn1 */
+		ret = _gnutls_x509_get_raw_field2(resp->basicresp, &resp->der,
+					  "tbsResponseData.responderID.byName",
+					  &tmp);
+		if (ret >= 0) {
+			int real;
+			/* skip the tag */
+			if (tmp.size < 2) {
+				gnutls_assert();
+				ret = GNUTLS_E_ASN1_GENERIC_ERROR;
+				goto fail;
+			}
+
+			tmp.data++;
+			tmp.size--;
+
+			ret = asn1_get_length_der(tmp.data, tmp.size, &real);
+			if (ret < 0) {
+				gnutls_assert();
+				ret = GNUTLS_E_ASN1_GENERIC_ERROR;
+				goto fail;
+			}
+
+			if (tmp.size < (unsigned)real) {
+				gnutls_assert();
+				ret = GNUTLS_E_ASN1_GENERIC_ERROR;
+				goto fail;
+			}
+
+			tmp.data+=real;
+			tmp.size-=real;
+
+			ret = _gnutls_set_datum(raw, tmp.data, tmp.size);
+		}
+	}
+
+	if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND || ret == GNUTLS_E_ASN1_VALUE_NOT_FOUND)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+ fail:
+	return ret;
+}
+
+/**
+ * gnutls_ocsp_resp_get_produced:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ *
+ * This function will return the time when the OCSP response was
+ * signed.
+ *
+ * Returns: signing time, or (time_t)-1 on error.
+ **/
+time_t gnutls_ocsp_resp_get_produced(gnutls_ocsp_resp_const_t resp)
+{
+	char ttime[MAX_TIME];
+	int len, ret;
+	time_t c_time;
+
+	if (resp == NULL || resp->basicresp == NULL) {
+		gnutls_assert();
+		return (time_t) (-1);
+	}
+
+	len = sizeof(ttime) - 1;
+	ret =
+	    asn1_read_value(resp->basicresp, "tbsResponseData.producedAt",
+			    ttime, &len);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return (time_t) (-1);
+	}
+
+	c_time = _gnutls_x509_generalTime2gtime(ttime);
+
+	return c_time;
+}
+
+/**
+ * gnutls_ocsp_resp_check_crt:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ * @indx: Specifies response number to get. Use (0) to get the first one.
+ * @crt: The certificate to check
+ *
+ * This function will check whether the OCSP response
+ * is about the provided certificate.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned.  
+ * 
+ * Since: 3.1.3
+ **/
+int
+gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_const_t resp,
+			   unsigned int indx, gnutls_x509_crt_t crt)
+{
+	int ret;
+	gnutls_digest_algorithm_t digest;
+	gnutls_datum_t rdn_hash = { NULL, 0 }, rserial = {
+	NULL, 0};
+	gnutls_datum_t cserial = { NULL, 0 };
+	gnutls_datum_t dn = { NULL, 0 };
+	uint8_t cdn_hash[MAX_HASH_SIZE];
+	size_t t, hash_len;
+	
+	if (resp == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret =
+	    gnutls_ocsp_resp_get_single(resp, indx, &digest, &rdn_hash,
+					NULL, &rserial, NULL, NULL, NULL,
+					NULL, NULL);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (rserial.size == 0 || digest == GNUTLS_DIG_UNKNOWN) {
+		ret = gnutls_assert_val(GNUTLS_E_OCSP_RESPONSE_ERROR);
+		goto cleanup;
+	}
+
+	hash_len = _gnutls_hash_get_algo_len(hash_to_entry(digest));
+	if (hash_len != rdn_hash.size) {
+		ret = gnutls_assert_val(GNUTLS_E_OCSP_RESPONSE_ERROR);
+		goto cleanup;
+	}
+
+	cserial.size = rserial.size;
+	cserial.data = gnutls_malloc(cserial.size);
+	if (cserial.data == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		goto cleanup;
+	}
+
+	t = cserial.size;
+	ret = gnutls_x509_crt_get_serial(crt, cserial.data, &t);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	cserial.size = t;
+
+	if (rserial.size != cserial.size
+	    || memcmp(cserial.data, rserial.data, rserial.size) != 0) {
+		ret = GNUTLS_E_OCSP_RESPONSE_ERROR;
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_crt_get_raw_issuer_dn(crt, &dn);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_hash_fast(digest, dn.data, dn.size, cdn_hash);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (memcmp(cdn_hash, rdn_hash.data, hash_len) != 0) {
+		ret = GNUTLS_E_OCSP_RESPONSE_ERROR;
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	gnutls_free(rdn_hash.data);
+	gnutls_free(rserial.data);
+	gnutls_free(cserial.data);
+	gnutls_free(dn.data);
+
+	return ret;
+}
+
+/**
+ * gnutls_ocsp_resp_get_single:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ * @indx: Specifies response number to get. Use (0) to get the first one.
+ * @digest: output variable with #gnutls_digest_algorithm_t hash algorithm
+ * @issuer_name_hash: output buffer with hash of issuer's DN
+ * @issuer_key_hash: output buffer with hash of issuer's public key
+ * @serial_number: output buffer with serial number of certificate to check
+ * @cert_status: a certificate status, a #gnutls_ocsp_cert_status_t enum.
+ * @this_update: time at which the status is known to be correct.
+ * @next_update: when newer information will be available, or (time_t)-1 if unspecified
+ * @revocation_time: when @cert_status is %GNUTLS_OCSP_CERT_REVOKED, holds time of revocation.
+ * @revocation_reason: revocation reason, a #gnutls_x509_crl_reason_t enum.
+ *
+ * This function will return the certificate information of the
+ * @indx'ed response in the Basic OCSP Response @resp.  The
+ * information returned corresponds to the OCSP SingleResponse structure
+ * except the final singleExtensions.
+ *
+ * Each of the pointers to output variables may be NULL to indicate
+ * that the caller is not interested in that value.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned.  If you have reached the last
+ *   CertID available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be
+ *   returned.
+ **/
+int
+gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_const_t resp,
+			    unsigned indx,
+			    gnutls_digest_algorithm_t * digest,
+			    gnutls_datum_t * issuer_name_hash,
+			    gnutls_datum_t * issuer_key_hash,
+			    gnutls_datum_t * serial_number,
+			    unsigned int *cert_status,
+			    time_t * this_update,
+			    time_t * next_update,
+			    time_t * revocation_time,
+			    unsigned int *revocation_reason)
+{
+	char name[MAX_NAME_SIZE];
+	int ret, result;
+	char oidtmp[MAX_OID_SIZE];
+	int len;
+	char ttime[MAX_TIME];
+
+	/* initialize any allocated values to NULL, to allow deallocation
+	 * on error. */
+	if (issuer_name_hash)
+		issuer_name_hash->data = NULL;
+	if (issuer_key_hash)
+		issuer_key_hash->data = NULL;
+	if (serial_number)
+		serial_number->data = NULL;
+
+	if (digest) {
+		snprintf(name, sizeof(name),
+			 "tbsResponseData.responses.?%u.certID.hashAlgorithm.algorithm",
+			 indx + 1);
+		len = sizeof(oidtmp);
+		result = asn1_read_value(resp->basicresp, name, oidtmp, &len);
+		if (result == ASN1_ELEMENT_NOT_FOUND) {
+			return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		} else if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+		ret = gnutls_oid_to_digest(oidtmp);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		*digest = ret;
+	}
+
+	if (issuer_name_hash) {
+		snprintf(name, sizeof(name),
+			 "tbsResponseData.responses.?%u.certID.issuerNameHash",
+			 indx + 1);
+		ret = _gnutls_x509_read_value(resp->basicresp, name,
+					      issuer_name_hash);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	if (issuer_key_hash) {
+		snprintf(name, sizeof(name),
+			 "tbsResponseData.responses.?%u.certID.issuerKeyHash",
+			 indx + 1);
+		ret = _gnutls_x509_read_value(resp->basicresp, name,
+					      issuer_key_hash);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+	}
+
+	if (serial_number) {
+		snprintf(name, sizeof(name),
+			 "tbsResponseData.responses.?%u.certID.serialNumber",
+			 indx + 1);
+		ret = _gnutls_x509_read_value(resp->basicresp, name,
+					      serial_number);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+	}
+
+	if (cert_status) {
+		snprintf(name, sizeof(name),
+			 "tbsResponseData.responses.?%u.certStatus",
+			 indx + 1);
+
+		len = sizeof(oidtmp);
+		result = asn1_read_value(resp->basicresp, name, oidtmp, &len);
+		if (result == ASN1_ELEMENT_NOT_FOUND) {
+			gnutls_assert();
+			ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+			goto fail;
+		} else if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			goto fail;
+		}
+
+		if (len == 5 && memcmp(oidtmp, "good", len) == 0)
+			*cert_status = GNUTLS_OCSP_CERT_GOOD;
+		else if (len == 8
+			 && memcmp(oidtmp, "revoked", len) == 0)
+			*cert_status = GNUTLS_OCSP_CERT_REVOKED;
+		else if (len == 8
+			 && memcmp(oidtmp, "unknown", len) == 0)
+			*cert_status = GNUTLS_OCSP_CERT_UNKNOWN;
+		else {
+			gnutls_assert();
+			ret = GNUTLS_E_ASN1_DER_ERROR;
+			goto fail;
+		}
+	}
+
+	if (this_update) {
+		snprintf(name, sizeof(name),
+			 "tbsResponseData.responses.?%u.thisUpdate",
+			 indx + 1);
+		len = sizeof(ttime) - 1;
+		result = asn1_read_value(resp->basicresp, name, ttime, &len);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = GNUTLS_E_ASN1_DER_ERROR;
+			goto fail;
+		} else {
+			*this_update =
+			    _gnutls_x509_generalTime2gtime(ttime);
+		}
+	}
+
+	if (next_update) {
+		snprintf(name, sizeof(name),
+			 "tbsResponseData.responses.?%u.nextUpdate",
+			 indx + 1);
+		len = sizeof(ttime) - 1;
+		result = asn1_read_value(resp->basicresp, name, ttime, &len);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			*next_update = (time_t) (-1);
+		} else
+			*next_update =
+			    _gnutls_x509_generalTime2gtime(ttime);
+	}
+
+	if (revocation_time) {
+		snprintf(name, sizeof(name),
+			 "tbsResponseData.responses.?%u.certStatus."
+			 "revoked.revocationTime", indx + 1);
+		len = sizeof(ttime) - 1;
+		result = asn1_read_value(resp->basicresp, name, ttime, &len);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			*revocation_time = (time_t) (-1);
+		} else
+			*revocation_time =
+			    _gnutls_x509_generalTime2gtime(ttime);
+	}
+
+	/* revocation_reason */
+	if (revocation_reason) {
+		snprintf(name, sizeof(name),
+			 "tbsResponseData.responses.?%u.certStatus."
+			 "revoked.revocationReason", indx + 1);
+
+		ret = _gnutls_x509_read_uint(resp->basicresp, name,
+					     revocation_reason);
+		if (ret < 0)
+			*revocation_reason =
+			    GNUTLS_X509_CRLREASON_UNSPECIFIED;
+	}
+
+	return GNUTLS_E_SUCCESS;
+ fail:
+	if (issuer_name_hash)
+		gnutls_free(issuer_name_hash->data);
+	if (issuer_key_hash)
+		gnutls_free(issuer_key_hash->data);
+	if (serial_number)
+		gnutls_free(serial_number->data);
+	return ret;
+}
+
+/**
+ * gnutls_ocsp_resp_get_extension:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ * @indx: Specifies which extension OID to get. Use (0) to get the first one.
+ * @oid: will hold newly allocated buffer with OID of extension, may be NULL
+ * @critical: output variable with critical flag, may be NULL.
+ * @data: will hold newly allocated buffer with extension data, may be NULL
+ *
+ * This function will return all information about the requested
+ * extension in the OCSP response.  The information returned is the
+ * OID, the critical flag, and the data itself.  The extension OID
+ * will be stored as a string.  Any of @oid, @critical, and @data may
+ * be NULL which means that the caller is not interested in getting
+ * that information back.
+ *
+ * The caller needs to deallocate memory by calling gnutls_free() on
+ * @oid->data and @data->data.
+ *
+ * Since 3.7.0 @oid->size does not account for the terminating null byte.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned.  If you have reached the last
+ *   extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will
+ *   be returned.
+ **/
+int
+gnutls_ocsp_resp_get_extension(gnutls_ocsp_resp_const_t resp,
+			       unsigned indx,
+			       gnutls_datum_t * oid,
+			       unsigned int *critical,
+			       gnutls_datum_t * data)
+{
+	int ret;
+	char str_critical[10];
+	char name[MAX_NAME_SIZE];
+	int len;
+
+	if (!resp) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	snprintf(name, sizeof(name),
+		 "tbsResponseData.responseExtensions.?%u.critical",
+		 indx + 1);
+	len = sizeof(str_critical);
+	ret = asn1_read_value(resp->basicresp, name, str_critical, &len);
+	if (ret == ASN1_ELEMENT_NOT_FOUND)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	else if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	if (critical) {
+		if (str_critical[0] == 'T')
+			*critical = 1;
+		else
+			*critical = 0;
+	}
+
+	if (oid) {
+		snprintf(name, sizeof(name),
+			 "tbsResponseData.responseExtensions.?%u.extnID",
+			 indx + 1);
+		ret = _gnutls_x509_read_value(resp->basicresp, name, oid);
+		if (ret != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	if (data) {
+		snprintf(name, sizeof(name),
+			 "tbsResponseData.responseExtensions.?%u.extnValue",
+			 indx + 1);
+		ret = _gnutls_x509_read_value(resp->basicresp, name, data);
+		if (ret != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			if (oid)
+				gnutls_free(oid->data);
+			return ret;
+		}
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_ocsp_resp_get_nonce:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ * @critical: whether nonce extension is marked critical
+ * @nonce: will hold newly allocated buffer with nonce data
+ *
+ * This function will return the Basic OCSP Response nonce extension
+ * data.
+ *
+ * The caller needs to deallocate memory by calling gnutls_free() on
+ * @nonce->data.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error code is returned.
+ **/
+int
+gnutls_ocsp_resp_get_nonce(gnutls_ocsp_resp_const_t resp,
+			   unsigned int *critical, gnutls_datum_t * nonce)
+{
+	int ret;
+	gnutls_datum_t tmp;
+
+	ret =
+	    _gnutls_get_extension(resp->basicresp,
+			  "tbsResponseData.responseExtensions",
+			  GNUTLS_OCSP_NONCE, 0, &tmp, critical);
+	if (ret != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_x509_decode_string(ASN1_ETYPE_OCTET_STRING, tmp.data,
+				       (size_t) tmp.size, nonce, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_free(tmp.data);
+		return ret;
+	}
+
+	gnutls_free(tmp.data);
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_ocsp_resp_get_signature_algorithm:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ *
+ * This function will return a value of the #gnutls_sign_algorithm_t
+ * enumeration that is the signature algorithm that has been used to
+ * sign the OCSP response.
+ *
+ * Returns: a #gnutls_sign_algorithm_t value, or a negative error code
+ *   on error.
+ **/
+int gnutls_ocsp_resp_get_signature_algorithm(gnutls_ocsp_resp_const_t resp)
+{
+	int ret;
+	gnutls_datum_t sa;
+
+	ret = _gnutls_x509_read_value(resp->basicresp,
+				      "signatureAlgorithm.algorithm", &sa);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_oid_to_sign((char *) sa.data);
+
+	_gnutls_free_datum(&sa);
+
+	return ret;
+}
+
+/**
+ * gnutls_ocsp_resp_get_signature:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ * @sig: newly allocated output buffer with signature data
+ *
+ * This function will extract the signature field of a OCSP response.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_ocsp_resp_get_signature(gnutls_ocsp_resp_const_t resp,
+			       gnutls_datum_t * sig)
+{
+	int ret;
+
+	if (resp == NULL || sig == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_read_value(resp->basicresp, "signature", sig);
+	if (ret != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_ocsp_resp_get_certs:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ * @certs: newly allocated array with #gnutls_x509_crt_t certificates
+ * @ncerts: output variable with number of allocated certs.
+ *
+ * This function will extract the X.509 certificates found in the
+ * Basic OCSP Response.  The @certs output variable will hold a newly
+ * allocated zero-terminated array with X.509 certificates.
+ *
+ * Every certificate in the array needs to be de-allocated with
+ * gnutls_x509_crt_deinit() and the array itself must be freed using
+ * gnutls_free().
+ *
+ * Both the @certs and @ncerts variables may be NULL.  Then the
+ * function will work as normal but will not return the NULL:d
+ * information.  This can be used to get the number of certificates
+ * only, or to just get the certificate array without its size.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_ocsp_resp_get_certs(gnutls_ocsp_resp_const_t resp,
+			   gnutls_x509_crt_t ** certs, size_t * ncerts)
+{
+	int ret;
+	size_t ctr = 0, i;
+	gnutls_x509_crt_t *tmpcerts = NULL, *tmpcerts2;
+	gnutls_datum_t c = { NULL, 0 };
+
+	if (resp == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	tmpcerts = gnutls_malloc(sizeof(*tmpcerts));
+	if (tmpcerts == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	for (;;) {
+		char name[MAX_NAME_SIZE];
+
+		snprintf(name, sizeof(name), "certs.?%u",
+			 (unsigned int) (ctr + 1));
+		ret =
+		    _gnutls_x509_der_encode(resp->basicresp, name, &c, 0);
+		if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND)
+			break;
+		if (ret != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			goto error;
+		}
+
+		if (unlikely(INT_ADD_OVERFLOW(ctr, 2))) {
+			ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+			goto error;
+		}
+
+		tmpcerts2 = _gnutls_reallocarray_fast(tmpcerts, ctr + 2,
+						      sizeof(*tmpcerts));
+		if (tmpcerts2 == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto error;
+		}
+		tmpcerts = tmpcerts2;
+
+		ret = gnutls_x509_crt_init(&tmpcerts[ctr]);
+		if (ret != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			goto error;
+		}
+		ctr++;
+
+		ret = gnutls_x509_crt_import(tmpcerts[ctr - 1], &c,
+					     GNUTLS_X509_FMT_DER);
+		if (ret != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			goto error;
+		}
+
+		gnutls_free(c.data);
+	}
+
+	tmpcerts[ctr] = NULL;
+
+	if (ncerts)
+		*ncerts = ctr;
+	if (certs)
+		*certs = tmpcerts;
+	else {
+		/* clean up memory */
+		ret = GNUTLS_E_SUCCESS;
+		goto error;
+	}
+
+	return GNUTLS_E_SUCCESS;
+
+      error:
+	gnutls_free(c.data);
+	for (i = 0; i < ctr; i++)
+		gnutls_x509_crt_deinit(tmpcerts[i]);
+	gnutls_free(tmpcerts);
+	return ret;
+}
+
+/* Search the OCSP response for a certificate matching the responderId
+   mentioned in the OCSP response. */
+static gnutls_x509_crt_t find_signercert(gnutls_ocsp_resp_const_t resp)
+{
+	int rc;
+	gnutls_x509_crt_t *certs = NULL;
+	size_t ncerts = 0, i;
+	gnutls_datum_t riddn = {NULL, 0};
+	gnutls_datum_t keyid = {NULL, 0};
+	gnutls_x509_crt_t signercert = NULL;
+
+	rc = gnutls_ocsp_resp_get_responder_raw_id(resp, GNUTLS_OCSP_RESP_ID_DN, &riddn);
+	if (rc == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		gnutls_assert();
+		rc = gnutls_ocsp_resp_get_responder_raw_id(resp, GNUTLS_OCSP_RESP_ID_KEY, &keyid);
+	}
+	if (rc != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	rc = gnutls_ocsp_resp_get_certs(resp, &certs, &ncerts);
+	if (rc != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		signercert = NULL;
+		goto quit;
+	}
+
+	for (i = 0; i < ncerts; i++) {
+		assert(certs[i] != NULL);
+		_gnutls_cert_log("checking whether signed against", certs[i]);
+		if (keyid.data != NULL) {
+			uint8_t digest[64]; /* to support longer key IDs */
+			gnutls_datum_t spki;
+			size_t digest_size = sizeof(digest);
+			int len;
+
+			_gnutls_debug_log("checking key ID against SPK identifier\n");
+
+			/* check subject key identifier as well, some certificates
+			 * match that, but not the hash */
+			rc = gnutls_x509_crt_get_subject_key_id(certs[i], digest, &digest_size, NULL);
+			if (rc >= 0 && digest_size == keyid.size &&
+			    memcmp(keyid.data, digest, digest_size) == 0) {
+				signercert = certs[i];
+				goto quit;
+			}
+
+			_gnutls_debug_log("checking key ID against SPKI hash\n");
+
+			/* continue with checking the hash */
+			rc = _gnutls_x509_get_raw_field2(certs[i]->cert, &certs[i]->der,
+					  "tbsCertificate.subjectPublicKeyInfo.subjectPublicKey",
+					  &spki);
+			if (rc < 0 || spki.size < 6) {
+				gnutls_assert();
+				signercert = NULL;
+				continue;
+			}
+
+			/* For some reason the protocol requires we skip the
+			 * tag, length and number of unused bits.
+			 */
+			if (spki.data[0] != 0x03) { /* bit string */
+				gnutls_assert();
+				signercert = NULL;
+				continue;
+			}
+
+			rc = asn1_get_length_der(spki.data+1, spki.size-1, &len);
+			if (rc <= 0) {
+				gnutls_assert();
+				signercert = NULL;
+				continue;
+			}
+			len += 1+1; /* skip unused bits as well */
+			if (len >= (int)spki.size) {
+				gnutls_assert();
+				signercert = NULL;
+				continue;
+			}
+
+			rc = gnutls_hash_fast(GNUTLS_DIG_SHA1, spki.data+len, spki.size-len, digest);
+			if (rc < 0) {
+				gnutls_assert();
+				signercert = NULL;
+				continue;
+			}
+
+			if ((20 == keyid.size) &&
+				memcmp(keyid.data, digest, 20) == 0) {
+				signercert = certs[i];
+				goto quit;
+			}
+			gnutls_assert();
+		} else {
+			_gnutls_debug_log("checking issuer DN\n");
+
+			assert(riddn.data != NULL);
+			if ((certs[i]->raw_dn.size == riddn.size)
+			    && memcmp(riddn.data, certs[i]->raw_dn.data, riddn.size) == 0) {
+				signercert = certs[i];
+				goto quit;
+			}
+			gnutls_assert();
+		}
+	}
+
+	gnutls_assert();
+	signercert = NULL;
+
+      quit:
+	gnutls_free(riddn.data);
+	gnutls_free(keyid.data);
+	for (i = 0; i < ncerts; i++)
+		if (certs[i] != signercert)
+			gnutls_x509_crt_deinit(certs[i]);
+	gnutls_free(certs);
+	return signercert;
+}
+
+static int
+_ocsp_resp_verify_direct(gnutls_ocsp_resp_const_t resp,
+			 gnutls_x509_crt_t signercert,
+			 unsigned int *verify, unsigned int flags)
+{
+	gnutls_datum_t sig = { NULL };
+	gnutls_datum_t data = { NULL };
+	gnutls_pubkey_t pubkey = NULL;
+	int sigalg;
+	int rc;
+
+	if (resp == NULL || signercert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	rc = gnutls_ocsp_resp_get_signature_algorithm(resp);
+	if (rc < 0) {
+		gnutls_assert();
+		goto done;
+	}
+	sigalg = rc;
+
+	rc = _gnutls_x509_get_raw_field2(resp->basicresp, &resp->der, "tbsResponseData", &data);
+	if (rc != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		goto done;
+	}
+
+	rc = gnutls_pubkey_init(&pubkey);
+	if (rc != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		goto done;
+	}
+
+	_gnutls_cert_log("ocsp signer", signercert);
+
+	rc = gnutls_pubkey_import_x509(pubkey, signercert, 0);
+	if (rc != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		goto done;
+	}
+
+	rc = gnutls_ocsp_resp_get_signature(resp, &sig);
+	if (rc != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		goto done;
+	}
+
+	rc = gnutls_pubkey_verify_data2(pubkey, sigalg, flags, &data, &sig);
+	if (rc == GNUTLS_E_PK_SIG_VERIFY_FAILED) {
+		gnutls_assert();
+		*verify = GNUTLS_OCSP_VERIFY_SIGNATURE_FAILURE;
+	} else if (rc < 0) {
+		gnutls_assert();
+		goto done;
+	} else
+		*verify = 0;
+
+	rc = GNUTLS_E_SUCCESS;
+
+      done:
+	gnutls_free(sig.data);
+	gnutls_pubkey_deinit(pubkey);
+
+	return rc;
+}
+
+static inline unsigned int vstatus_to_ocsp_status(unsigned int status)
+{
+	unsigned int ostatus;
+
+	if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
+		ostatus = GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM;
+	else if (status & GNUTLS_CERT_NOT_ACTIVATED)
+		ostatus = GNUTLS_OCSP_VERIFY_CERT_NOT_ACTIVATED;
+	else if (status & GNUTLS_CERT_EXPIRED)
+		ostatus = GNUTLS_OCSP_VERIFY_CERT_EXPIRED;
+	else
+		ostatus = GNUTLS_OCSP_VERIFY_UNTRUSTED_SIGNER;
+
+	return ostatus;
+}
+
+static int check_ocsp_purpose(gnutls_x509_crt_t signercert)
+{
+	char oidtmp[MAX_OID_SIZE];
+	size_t oidsize;
+	int indx, rc;
+
+	for (indx = 0;; indx++) {
+		oidsize = sizeof(oidtmp);
+		rc = gnutls_x509_crt_get_key_purpose_oid(signercert, indx,
+							 oidtmp, &oidsize,
+							 NULL);
+
+		if (rc == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			gnutls_assert();
+			return rc;
+		} else if (rc == GNUTLS_E_SHORT_MEMORY_BUFFER) {
+			gnutls_assert();
+			continue;
+		} else if (rc != GNUTLS_E_SUCCESS) {
+			return gnutls_assert_val(rc);
+		}
+
+		if (memcmp(oidtmp, GNUTLS_KP_OCSP_SIGNING, oidsize) != 0) {
+			gnutls_assert();
+			continue;
+		}
+		break;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_ocsp_resp_verify_direct:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ * @issuer: certificate believed to have signed the response
+ * @verify: output variable with verification status, an #gnutls_ocsp_verify_reason_t
+ * @flags: verification flags from #gnutls_certificate_verify_flags
+ *
+ * Verify signature of the Basic OCSP Response against the public key
+ * in the @issuer certificate.
+ *
+ * The output @verify variable will hold verification status codes
+ * (e.g., %GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND,
+ * %GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM) which are only valid if the
+ * function returned %GNUTLS_E_SUCCESS.
+ *
+ * Note that the function returns %GNUTLS_E_SUCCESS even when
+ * verification failed.  The caller must always inspect the @verify
+ * variable to find out the verification status.
+ *
+ * The @flags variable should be 0 for now.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_const_t resp,
+			       gnutls_x509_crt_t issuer,
+			       unsigned int *verify, unsigned int flags)
+{
+	gnutls_x509_crt_t signercert;
+	int rc;
+
+	if (resp == NULL || issuer == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	signercert = find_signercert(resp);
+	if (!signercert) {
+		signercert = issuer;
+	} else if (!gnutls_x509_crt_equals(signercert, issuer)) {
+
+		/* response contains a signer. Verify him */
+
+		unsigned int vtmp;
+
+		rc = gnutls_x509_crt_verify(signercert, &issuer, 1, flags,
+					    &vtmp);
+		if (rc != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			goto done;
+		}
+
+		if (vtmp != 0) {
+			_gnutls_reason_log("cert verification", vtmp);
+			*verify = vstatus_to_ocsp_status(vtmp);
+			gnutls_assert();
+			rc = GNUTLS_E_SUCCESS;
+			goto done;
+		}
+
+		rc = check_ocsp_purpose(signercert);
+		if (rc < 0) {
+			gnutls_assert();
+			*verify = GNUTLS_OCSP_VERIFY_SIGNER_KEYUSAGE_ERROR;
+			rc = GNUTLS_E_SUCCESS;
+			goto done;
+		}
+	}
+
+	rc = _ocsp_resp_verify_direct(resp, signercert, verify, flags);
+
+      done:
+	if (signercert != issuer)
+		gnutls_x509_crt_deinit(signercert);
+
+	return rc;
+}
+
+/**
+ * gnutls_ocsp_resp_verify:
+ * @resp: should contain a #gnutls_ocsp_resp_t type
+ * @trustlist: trust anchors as a #gnutls_x509_trust_list_t type
+ * @verify: output variable with verification status, an #gnutls_ocsp_verify_reason_t
+ * @flags: verification flags from #gnutls_certificate_verify_flags
+ *
+ * Verify signature of the Basic OCSP Response against the public key
+ * in the certificate of a trusted signer.  The @trustlist should be
+ * populated with trust anchors.  The function will extract the signer
+ * certificate from the Basic OCSP Response and will verify it against
+ * the @trustlist.  A trusted signer is a certificate that is either
+ * in @trustlist, or it is signed directly by a certificate in
+ * @trustlist and has the id-ad-ocspSigning Extended Key Usage bit
+ * set.
+ *
+ * The output @verify variable will hold verification status codes
+ * (e.g., %GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND,
+ * %GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM) which are only valid if the
+ * function returned %GNUTLS_E_SUCCESS.
+ *
+ * Note that the function returns %GNUTLS_E_SUCCESS even when
+ * verification failed.  The caller must always inspect the @verify
+ * variable to find out the verification status.
+ *
+ * The @flags variable should be 0 for now.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_ocsp_resp_verify(gnutls_ocsp_resp_const_t resp,
+			gnutls_x509_trust_list_t trustlist,
+			unsigned int *verify, unsigned int flags)
+{
+	gnutls_x509_crt_t signercert = NULL;
+	int rc;
+
+	/* Algorithm:
+	   1. Find signer cert.
+	   1a. Search in OCSP response Certificate field for responderID.
+	   1b. Verify that signer cert is trusted.
+	   2a. It is in trustlist?
+	   2b. It has OCSP key usage and directly signed by a CA in trustlist?
+	   3. Verify signature of Basic Response using public key from signer cert.
+	 */
+
+	signercert = find_signercert(resp);
+	if (!signercert) {
+		gnutls_datum_t dn;
+
+		rc = gnutls_ocsp_resp_get_responder_raw_id(resp, GNUTLS_OCSP_RESP_ID_DN, &dn);
+		if (rc < 0) {
+			gnutls_assert();
+			*verify = GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND;
+			rc = GNUTLS_E_SUCCESS;
+			goto done;
+		}
+
+		rc = gnutls_x509_trust_list_get_issuer_by_dn(trustlist, &dn, &signercert, 0);
+		gnutls_free(dn.data);
+
+		if (rc < 0) {
+			gnutls_assert();
+			*verify = GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND;
+			rc = GNUTLS_E_SUCCESS;
+			goto done;
+		}
+	} else {
+		/* Either the signer is directly trusted (i.e., in trustlist) or it
+		   is directly signed by something in trustlist and has proper OCSP
+		   extkeyusage. */
+		rc = _gnutls_trustlist_inlist(trustlist, signercert);
+		if (rc == 0) {
+			/* not in trustlist, need to verify signature and bits */
+			unsigned vtmp;
+			gnutls_typed_vdata_st vdata;
+
+			vdata.type = GNUTLS_DT_KEY_PURPOSE_OID;
+			vdata.data = (void*)GNUTLS_KP_OCSP_SIGNING;
+			vdata.size = 0;
+
+			gnutls_assert();
+
+			rc = gnutls_x509_trust_list_verify_crt2(trustlist,
+								&signercert, 1,
+								&vdata, 1,
+								flags, &vtmp, NULL);
+			if (rc != GNUTLS_E_SUCCESS) {
+				gnutls_assert();
+				goto done;
+			}
+
+			if (vtmp != 0) {
+				*verify = vstatus_to_ocsp_status(vtmp);
+				gnutls_assert();
+				rc = GNUTLS_E_SUCCESS;
+				goto done;
+			}
+
+			rc = check_ocsp_purpose(signercert);
+			if (rc < 0) {
+				gnutls_assert();
+				*verify = GNUTLS_OCSP_VERIFY_SIGNER_KEYUSAGE_ERROR;
+				rc = GNUTLS_E_SUCCESS;
+				goto done;
+			}
+		}
+	}
+
+	rc = _ocsp_resp_verify_direct(resp, signercert, verify, flags);
+
+      done:
+	gnutls_x509_crt_deinit(signercert);
+
+	return rc;
+}
+
+/**
+ * gnutls_x509_ocsp_resp_list_import2:
+ * @ocsps: Will hold the parsed OCSP response list.
+ * @size: It will contain the size of the list.
+ * @resp_data: The PEM encoded OCSP list.
+ * @format: One of %GNUTLS_X509_FMT_PEM or %GNUTLS_X509_FMT_DER
+ * @flags: must be (0) or an OR'd sequence of gnutls_certificate_import_flags.
+ *
+ * This function will convert the given PEM encoded OCSP response list
+ * to the native gnutls_ocsp_resp_t format. The output will be stored
+ * in @ocsps which will be allocated and initialized.
+ *
+ * The OCSP responses should have a header of "OCSP RESPONSE".
+ *
+ * To deinitialize responses, you need to deinitialize each %gnutls_ocsp_resp_t
+ * structure independently, and use gnutls_free() at @ocsps.
+ *
+ * In PEM files, when no OCSP responses are detected
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ *
+ * Returns: the number of responses read or a negative error value.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_ocsp_resp_list_import2(gnutls_ocsp_resp_t **ocsps,
+			     unsigned int *size,
+			     const gnutls_datum_t *resp_data,
+			     gnutls_x509_crt_fmt_t format,
+			     unsigned int flags)
+{
+	gnutls_ocsp_resp_t resp = NULL;
+	gnutls_ocsp_resp_t *new_ocsps;
+	int ret;
+	unsigned i;
+
+
+	if (format == GNUTLS_X509_FMT_PEM) {
+		/* load multiple responses */
+		gnutls_datum_t p = {resp_data->data, resp_data->size};
+
+		*size = 0;
+		*ocsps = NULL;
+
+		p.data = memmem(p.data, p.size, PEM_OCSP_RESPONSE,
+				sizeof(PEM_OCSP_RESPONSE)-1);
+		if (p.data == NULL) {
+			ret = gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+			goto cleanup;
+		}
+
+		p.size -= p.data - resp_data->data;
+		if (p.size <= 0) {
+			ret = gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+			goto cleanup;
+		}
+
+		do {
+			ret = gnutls_ocsp_resp_init(&resp);
+			if (ret < 0) {
+				gnutls_assert();
+				goto fail;
+			}
+
+			ret = gnutls_ocsp_resp_import2(resp, &p, GNUTLS_X509_FMT_PEM);
+			if (ret < 0) {
+				gnutls_assert();
+				goto fail;
+			}
+
+			if (unlikely(INT_ADD_OVERFLOW(*size, 1))) {
+				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				goto fail;
+			}
+
+			new_ocsps = _gnutls_reallocarray(*ocsps,
+							 *size + 1,
+							 sizeof(gnutls_ocsp_resp_t));
+			if (new_ocsps == NULL) {
+				resp = NULL;
+				gnutls_assert();
+				goto fail;
+			}
+
+			new_ocsps[*size] = resp;
+			resp = NULL;
+			(*size)++;
+			*ocsps = new_ocsps;
+
+			p.data++;
+			p.size--;
+
+			p.data = memmem(p.data, p.size, PEM_OCSP_RESPONSE,
+					sizeof(PEM_OCSP_RESPONSE)-1);
+			if (p.data == NULL)
+				break;
+			p.size = resp_data->size - (p.data - resp_data->data);
+		} while(p.size > 0);
+	} else {
+		/* DER: load a single response */
+		ret = gnutls_ocsp_resp_init(&resp);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+
+		ret = gnutls_ocsp_resp_import2(resp, resp_data, GNUTLS_X509_FMT_DER);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		*ocsps = gnutls_malloc(sizeof(gnutls_ocsp_resp_t));
+		if (*ocsps == NULL) {
+			gnutls_assert();
+			ret = GNUTLS_E_MEMORY_ERROR;
+			goto cleanup;
+		}
+
+		(*ocsps)[0] = resp;
+		resp = NULL;
+		*size = 1;
+	}
+
+	ret = 0;
+	goto cleanup;
+
+ fail:
+	for (i=0;i<*size;i++) {
+		gnutls_ocsp_resp_deinit((*ocsps)[i]);
+	}
+	gnutls_free(*ocsps);
+
+ cleanup:
+	if (resp)
+		gnutls_ocsp_resp_deinit(resp);
+	return ret;
+}
+
+/* This returns -1 if the OCSP response is invalid (revoked) or its
+ * data are too old. It returns -2 if it cannot determine the expiration
+ * time, and would otherwise treat it as too old.
+ * Otherwise it returns the time after which that data  is invalid.
+ */
+time_t _gnutls_ocsp_get_validity(gnutls_ocsp_resp_const_t resp)
+{
+	unsigned int cert_status;
+	time_t rtime, vtime, ntime, now;
+	int ret;
+
+	ret = gnutls_ocsp_resp_get_single(resp, 0, NULL, NULL, NULL, NULL,
+					  &cert_status, &vtime, &ntime,
+					  &rtime, NULL);
+	if (ret < 0) {
+		_gnutls_debug_log("There was an error parsing the OCSP response: %s\n",
+				  gnutls_strerror(ret));
+		return gnutls_assert_val(-1);
+	}
+
+	if (cert_status != GNUTLS_OCSP_CERT_GOOD &&
+	    cert_status != GNUTLS_OCSP_CERT_UNKNOWN) {
+		_gnutls_debug_log("The OCSP response status (%d) is invalid\n",
+				  cert_status);
+		return gnutls_assert_val(-1);
+	}
+
+	now = gnutls_time(0);
+
+	if (ntime == -1) {
+		/* This is a problematic case, and there is no consensus on how
+		 * to treat these responses. It doesn't contain the time after which
+		 * the response is invalid, thus it is an OCSP response effectively
+		 * valid forever defeating the purpose of OCSP. We set here the same
+		 * limit we apply when verifying responses. */
+		if (now - vtime > MAX_OCSP_VALIDITY_SECS) {
+			_gnutls_debug_log("The OCSP response is old\n");
+			return gnutls_assert_val(-2);
+		}
+
+		return now + MAX_OCSP_VALIDITY_SECS;
+	} else {
+		/* there is a newer OCSP answer, don't trust this one */
+		if (ntime < now) {
+			_gnutls_debug_log("There is a newer OCSP response\n");
+			return gnutls_assert_val(-1);
+		}
+
+		return ntime;
+	}
+}
+
+const char *_gnutls_ocsp_verify_status_to_str(gnutls_ocsp_verify_reason_t r, char out[MAX_OCSP_MSG_SIZE])
+{
+	gnutls_buffer_st str;
+	gnutls_datum_t buf;
+	int ret;
+
+	_gnutls_buffer_init(&str);
+
+	if (r == 0)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The OCSP response is trusted. "));
+
+	if (r & GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The OCSP response's signer could not be found. "));
+
+	if (r & GNUTLS_OCSP_VERIFY_SIGNER_KEYUSAGE_ERROR)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("Error in the signer's key usageflags. "));
+
+	if (r & GNUTLS_OCSP_VERIFY_UNTRUSTED_SIGNER)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The OCSP response's signer is not trusted. "));
+
+	if (r & GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The OCSP response depends on insecure algorithms. "));
+
+	if (r & GNUTLS_OCSP_VERIFY_SIGNATURE_FAILURE)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The OCSP response's signature cannot be validated. "));
+
+	if (r & GNUTLS_OCSP_VERIFY_CERT_NOT_ACTIVATED)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The OCSP response's signer's certificate is not activated. "));
+
+	if (r & GNUTLS_OCSP_VERIFY_CERT_EXPIRED)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("The OCSP response's signer's certificate is expired. "));
+
+	ret = _gnutls_buffer_to_datum(&str, &buf, 1);
+	if (ret < 0)
+		return _("Memory error");
+
+	snprintf(out, MAX_OCSP_MSG_SIZE, "%s", buf.data);
+	gnutls_free(buf.data);
+
+	return out;
+}
diff --git a/lib/x509/ocsp.h b/lib/x509/ocsp.h
new file mode 100644
index 0000000..b9c4757
--- /dev/null
+++ b/lib/x509/ocsp.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_OCSP_H
+#define GNUTLS_LIB_X509_OCSP_H
+
+/* Online Certificate Status Protocol - RFC 2560
+ */
+#include <gnutls/ocsp.h>
+
+/* fifteen days */
+#define MAX_OCSP_VALIDITY_SECS (15*60*60*24)
+
+time_t _gnutls_ocsp_get_validity(gnutls_ocsp_resp_const_t resp);
+#define MAX_OCSP_MSG_SIZE 128
+const char *_gnutls_ocsp_verify_status_to_str(gnutls_ocsp_verify_reason_t r, char out[MAX_OCSP_MSG_SIZE]);
+
+#endif /* GNUTLS_LIB_X509_OCSP_H */
diff --git a/lib/x509/ocsp_output.c b/lib/x509/ocsp_output.c
new file mode 100644
index 0000000..8ead90c
--- /dev/null
+++ b/lib/x509/ocsp_output.c
@@ -0,0 +1,658 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Author: Simon Josefsson
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Online Certificate Status Protocol - RFC 2560
+ */
+
+#include "gnutls_int.h"
+#include <global.h>
+#include "errors.h"
+#include <libtasn1.h>
+#include <pk.h>
+#include <str.h>
+#include "algorithms.h"
+
+#include <gnutls/ocsp.h>
+
+#define addf _gnutls_buffer_append_printf
+#define adds _gnutls_buffer_append_str
+
+static void print_req(gnutls_buffer_st * str, gnutls_ocsp_req_const_t req)
+{
+	int ret;
+	unsigned indx;
+
+	/* Version. */
+	{
+		int version = gnutls_ocsp_req_get_version(req);
+		if (version < 0)
+			addf(str, "error: get_version: %s\n",
+			     gnutls_strerror(version));
+		else
+			addf(str, _("\tVersion: %d\n"), version);
+	}
+
+	/* XXX requestorName */
+
+	/* requestList */
+	addf(str, "\tRequest List:\n");
+	for (indx = 0;; indx++) {
+		gnutls_digest_algorithm_t digest;
+		gnutls_datum_t in, ik, sn;
+
+		ret =
+		    gnutls_ocsp_req_get_cert_id(req, indx, &digest, &in,
+						&ik, &sn);
+		if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+			break;
+		addf(str, "\t\tCertificate ID:\n");
+		if (ret != GNUTLS_E_SUCCESS) {
+			addf(str, "error: get_cert_id: %s\n",
+			     gnutls_strerror(ret));
+			continue;
+		}
+		addf(str, "\t\t\tHash Algorithm: %s\n",
+		     _gnutls_digest_get_name(hash_to_entry(digest)));
+
+		adds(str, "\t\t\tIssuer Name Hash: ");
+		_gnutls_buffer_hexprint(str, in.data, in.size);
+		adds(str, "\n");
+
+		adds(str, "\t\t\tIssuer Key Hash: ");
+		_gnutls_buffer_hexprint(str, ik.data, ik.size);
+		adds(str, "\n");
+
+		adds(str, "\t\t\tSerial Number: ");
+		_gnutls_buffer_hexprint(str, sn.data, sn.size);
+		adds(str, "\n");
+
+		gnutls_free(in.data);
+		gnutls_free(ik.data);
+		gnutls_free(sn.data);
+
+		/* XXX singleRequestExtensions */
+	}
+
+	for (indx = 0;; indx++) {
+		gnutls_datum_t oid;
+		unsigned int critical;
+		gnutls_datum_t data;
+
+		ret =
+		    gnutls_ocsp_req_get_extension(req, indx, &oid,
+						  &critical, &data);
+		if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+			break;
+		else if (ret != GNUTLS_E_SUCCESS) {
+			addf(str, "error: get_extension: %s\n",
+			     gnutls_strerror(ret));
+			continue;
+		}
+		if (indx == 0)
+			adds(str, "\tExtensions:\n");
+
+		if (oid.size == sizeof(GNUTLS_OCSP_NONCE) - 1 &&
+		    memcmp(oid.data, GNUTLS_OCSP_NONCE, oid.size) == 0) {
+			gnutls_datum_t nonce;
+			unsigned int ncrit;
+
+			ret =
+			    gnutls_ocsp_req_get_nonce(req, &ncrit,
+						      &nonce);
+			if (ret != GNUTLS_E_SUCCESS) {
+				addf(str, "error: get_nonce: %s\n",
+				     gnutls_strerror(ret));
+			} else {
+				addf(str, "\t\tNonce%s: ",
+				     ncrit ? " (critical)" : "");
+				_gnutls_buffer_hexprint(str, nonce.data,
+							nonce.size);
+				adds(str, "\n");
+				gnutls_free(nonce.data);
+			}
+		} else {
+			addf(str, "\t\tUnknown extension %s (%s):\n",
+			     oid.data,
+			     critical ? "critical" : "not critical");
+
+			adds(str, _("\t\t\tASCII: "));
+			_gnutls_buffer_asciiprint(str, (char *) data.data,
+						  data.size);
+			addf(str, "\n");
+
+			adds(str, _("\t\t\tHexdump: "));
+			_gnutls_buffer_hexprint(str, (char *) data.data,
+						data.size);
+			adds(str, "\n");
+		}
+
+		gnutls_free(oid.data);
+		gnutls_free(data.data);
+	}
+
+	/* XXX Signature */
+}
+
+/**
+ * gnutls_ocsp_req_print:
+ * @req: The data to be printed
+ * @format: Indicate the format to use
+ * @out: Newly allocated datum with (0) terminated string.
+ *
+ * This function will pretty print a OCSP request, suitable for
+ * display to a human.
+ *
+ * If the format is %GNUTLS_OCSP_PRINT_FULL then all fields of the
+ * request will be output, on multiple lines.
+ *
+ * The output @out->data needs to be deallocate using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_ocsp_req_print(gnutls_ocsp_req_const_t req,
+		      gnutls_ocsp_print_formats_t format,
+		      gnutls_datum_t * out)
+{
+	gnutls_buffer_st str;
+	int rc;
+
+	if (format != GNUTLS_OCSP_PRINT_FULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	_gnutls_buffer_init(&str);
+
+	_gnutls_buffer_append_str(&str, _("OCSP Request Information:\n"));
+
+	print_req(&str, req);
+
+	rc = _gnutls_buffer_to_datum(&str, out, 1);
+	if (rc != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return rc;
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+static void
+print_resp(gnutls_buffer_st * str, gnutls_ocsp_resp_const_t resp,
+	   gnutls_ocsp_print_formats_t format)
+{
+	int ret;
+	unsigned indx;
+
+	ret = gnutls_ocsp_resp_get_status(resp);
+	if (ret < 0) {
+		addf(str, "error: ocsp_resp_get_status: %s\n",
+		     gnutls_strerror(ret));
+		return;
+	}
+
+	adds(str, "\tResponse Status: ");
+	switch (ret) {
+	case GNUTLS_OCSP_RESP_SUCCESSFUL:
+		adds(str, "Successful\n");
+		break;
+
+	case GNUTLS_OCSP_RESP_MALFORMEDREQUEST:
+		adds(str, "malformedRequest\n");
+		return;
+
+	case GNUTLS_OCSP_RESP_INTERNALERROR:
+		adds(str, "internalError\n");
+		return;
+
+	case GNUTLS_OCSP_RESP_TRYLATER:
+		adds(str, "tryLater\n");
+		return;
+
+	case GNUTLS_OCSP_RESP_SIGREQUIRED:
+		adds(str, "sigRequired\n");
+		return;
+
+	case GNUTLS_OCSP_RESP_UNAUTHORIZED:
+		adds(str, "unauthorized\n");
+		return;
+
+	default:
+		adds(str, "unknown\n");
+		return;
+	}
+
+	{
+		gnutls_datum_t oid;
+
+		ret = gnutls_ocsp_resp_get_response(resp, &oid, NULL);
+		if (ret < 0) {
+			addf(str, "error: get_response: %s\n",
+			     gnutls_strerror(ret));
+			return;
+		}
+
+		adds(str, "\tResponse Type: ");
+#define OCSP_BASIC "1.3.6.1.5.5.7.48.1.1"
+
+		if (oid.size == sizeof(OCSP_BASIC) - 1
+		    && memcmp(oid.data, OCSP_BASIC, oid.size) == 0) {
+			adds(str, "Basic OCSP Response\n");
+			gnutls_free(oid.data);
+		} else {
+			addf(str, "Unknown response type (%.*s)\n",
+			     oid.size, oid.data);
+			gnutls_free(oid.data);
+			return;
+		}
+	}
+
+	/* Version. */
+	{
+		int version = gnutls_ocsp_resp_get_version(resp);
+		if (version < 0)
+			addf(str, "error: get_version: %s\n",
+			     gnutls_strerror(version));
+		else
+			addf(str, _("\tVersion: %d\n"), version);
+	}
+
+	/* responderID */
+	{
+		gnutls_datum_t dn = {NULL, 0};
+
+		ret = gnutls_ocsp_resp_get_responder2(resp, &dn, 0);
+		if (ret < 0) {
+			if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+				ret = gnutls_ocsp_resp_get_responder_raw_id(resp, GNUTLS_OCSP_RESP_ID_KEY, &dn);
+
+				if (ret >= 0) {
+					addf(str, _("\tResponder Key ID: "));
+					_gnutls_buffer_hexprint(str, dn.data, dn.size);
+					adds(str, "\n");
+				}
+				gnutls_free(dn.data);
+			} else {
+				addf(str, "error: get_responder2: %s\n",
+				     gnutls_strerror(ret));
+			}
+		} else {
+			addf(str, _("\tResponder ID: %s\n"), dn.data);
+			gnutls_free(dn.data);
+		}
+	}
+
+	{
+		char s[42];
+		size_t max = sizeof(s);
+		struct tm t;
+		time_t tim = gnutls_ocsp_resp_get_produced(resp);
+
+		if (tim == (time_t) - 1)
+			addf(str, "error: ocsp_resp_get_produced\n");
+		else if (gmtime_r(&tim, &t) == NULL)
+			addf(str, "error: gmtime_r (%ld)\n",
+			     (unsigned long) tim);
+		else if (strftime(s, max, "%a %b %d %H:%M:%S UTC %Y", &t)
+			 == 0)
+			addf(str, "error: strftime (%ld)\n",
+			     (unsigned long) tim);
+		else
+			addf(str, _("\tProduced At: %s\n"), s);
+	}
+
+	addf(str, "\tResponses:\n");
+	for (indx = 0;; indx++) {
+		gnutls_digest_algorithm_t digest;
+		gnutls_datum_t in, ik, sn;
+		unsigned int cert_status;
+		time_t this_update;
+		time_t next_update;
+		time_t revocation_time;
+		unsigned int revocation_reason;
+
+		ret = gnutls_ocsp_resp_get_single(resp,
+						  indx,
+						  &digest, &in, &ik, &sn,
+						  &cert_status,
+						  &this_update,
+						  &next_update,
+						  &revocation_time,
+						  &revocation_reason);
+		if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+			break;
+		addf(str, "\t\tCertificate ID:\n");
+		if (ret != GNUTLS_E_SUCCESS) {
+			addf(str, "error: get_singleresponse: %s\n",
+			     gnutls_strerror(ret));
+			continue;
+		}
+		addf(str, "\t\t\tHash Algorithm: %s\n",
+		     _gnutls_digest_get_name(hash_to_entry(digest)));
+
+		adds(str, "\t\t\tIssuer Name Hash: ");
+		_gnutls_buffer_hexprint(str, in.data, in.size);
+		adds(str, "\n");
+
+		adds(str, "\t\t\tIssuer Key Hash: ");
+		_gnutls_buffer_hexprint(str, ik.data, ik.size);
+		adds(str, "\n");
+
+		adds(str, "\t\t\tSerial Number: ");
+		_gnutls_buffer_hexprint(str, sn.data, sn.size);
+		adds(str, "\n");
+
+		gnutls_free(in.data);
+		gnutls_free(ik.data);
+		gnutls_free(sn.data);
+
+		{
+			const char *p = NULL;
+
+			switch (cert_status) {
+			case GNUTLS_OCSP_CERT_GOOD:
+				p = "good";
+				break;
+
+			case GNUTLS_OCSP_CERT_REVOKED:
+				p = "revoked";
+				break;
+
+			case GNUTLS_OCSP_CERT_UNKNOWN:
+				p = "unknown";
+				break;
+
+			default:
+				addf(str,
+				     "\t\tCertificate Status: unexpected value %d\n",
+				     cert_status);
+				break;
+			}
+
+			if (p)
+				addf(str, "\t\tCertificate Status: %s\n",
+				     p);
+		}
+
+		/* XXX revocation reason */
+
+		if (cert_status == GNUTLS_OCSP_CERT_REVOKED) {
+			char s[42];
+			size_t max = sizeof(s);
+			struct tm t;
+
+			if (revocation_time == (time_t) - 1)
+				addf(str, "error: revocation_time\n");
+			else if (gmtime_r(&revocation_time, &t) == NULL)
+				addf(str, "error: gmtime_r (%ld)\n",
+				     (unsigned long) revocation_time);
+			else if (strftime
+				 (s, max, "%a %b %d %H:%M:%S UTC %Y",
+				  &t) == 0)
+				addf(str, "error: strftime (%ld)\n",
+				     (unsigned long) revocation_time);
+			else
+				addf(str, _("\t\tRevocation time: %s\n"),
+				     s);
+		}
+
+		{
+			char s[42];
+			size_t max = sizeof(s);
+			struct tm t;
+
+			if (this_update == (time_t) - 1)
+				addf(str, "error: this_update\n");
+			else if (gmtime_r(&this_update, &t) == NULL)
+				addf(str, "error: gmtime_r (%ld)\n",
+				     (unsigned long) this_update);
+			else if (strftime
+				 (s, max, "%a %b %d %H:%M:%S UTC %Y",
+				  &t) == 0)
+				addf(str, "error: strftime (%ld)\n",
+				     (unsigned long) this_update);
+			else
+				addf(str, _("\t\tThis Update: %s\n"), s);
+		}
+
+		{
+			char s[42];
+			size_t max = sizeof(s);
+			struct tm t;
+
+			if (next_update != (time_t) - 1) {
+				if (gmtime_r(&next_update, &t) == NULL)
+					addf(str, "error: gmtime_r (%ld)\n",
+					     (unsigned long) next_update);
+				else if (strftime
+					 (s, max, "%a %b %d %H:%M:%S UTC %Y",
+					  &t) == 0)
+					addf(str, "error: strftime (%ld)\n",
+					     (unsigned long) next_update);
+				else
+					addf(str, _("\t\tNext Update: %s\n"), s);
+			}
+		}
+
+		/* XXX singleRequestExtensions */
+	}
+
+	adds(str, "\tExtensions:\n");
+	for (indx = 0;; indx++) {
+		gnutls_datum_t oid;
+		unsigned int critical;
+		gnutls_datum_t data;
+
+		ret =
+		    gnutls_ocsp_resp_get_extension(resp, indx, &oid,
+						   &critical, &data);
+		if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+			break;
+		else if (ret != GNUTLS_E_SUCCESS) {
+			addf(str, "error: get_extension: %s\n",
+			     gnutls_strerror(ret));
+			continue;
+		}
+
+		if (oid.size == sizeof(GNUTLS_OCSP_NONCE) - 1 &&
+		    memcmp(oid.data, GNUTLS_OCSP_NONCE, oid.size) == 0) {
+			gnutls_datum_t nonce;
+			unsigned int ncrit;
+
+			ret =
+			    gnutls_ocsp_resp_get_nonce(resp, &ncrit,
+						       &nonce);
+			if (ret != GNUTLS_E_SUCCESS) {
+				addf(str, "error: get_nonce: %s\n",
+				     gnutls_strerror(ret));
+			} else {
+				addf(str, "\t\tNonce%s: ",
+				     ncrit ? " (critical)" : "");
+				_gnutls_buffer_hexprint(str, nonce.data,
+							nonce.size);
+				adds(str, "\n");
+				gnutls_free(nonce.data);
+			}
+		} else {
+			addf(str, "\t\tUnknown extension %s (%s):\n",
+			     oid.data,
+			     critical ? "critical" : "not critical");
+
+			adds(str, _("\t\t\tASCII: "));
+			_gnutls_buffer_asciiprint(str, (char *) data.data,
+						  data.size);
+			addf(str, "\n");
+
+			adds(str, _("\t\t\tHexdump: "));
+			_gnutls_buffer_hexprint(str, (char *) data.data,
+						data.size);
+			adds(str, "\n");
+		}
+
+		gnutls_free(oid.data);
+		gnutls_free(data.data);
+
+	}
+
+	ret = gnutls_ocsp_resp_get_signature_algorithm(resp);
+	if (ret < 0)
+		addf(str, "error: get_signature_algorithm: %s\n",
+		     gnutls_strerror(ret));
+	else {
+		const char *name =
+		    gnutls_sign_algorithm_get_name(ret);
+		if (name == NULL)
+			name = _("unknown");
+		addf(str, _("\tSignature Algorithm: %s\n"), name);
+	}
+	if (ret != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure(ret) == 0) {
+		adds(str,
+		     _("warning: signed using a broken signature "
+		       "algorithm that can be forged.\n"));
+	}
+
+	if (format == GNUTLS_OCSP_PRINT_FULL) {
+		gnutls_datum_t sig;
+		gnutls_x509_crt_t *certs;
+		size_t ncerts, i;
+		gnutls_datum_t out;
+
+		/* Signature. */
+		ret = gnutls_ocsp_resp_get_signature(resp, &sig);
+		if (ret < 0)
+			addf(str, "error: get_signature: %s\n",
+			     gnutls_strerror(ret));
+		else {
+			adds(str, _("\tSignature:\n"));
+			_gnutls_buffer_hexdump(str, sig.data, sig.size,
+					       "\t\t");
+
+			gnutls_free(sig.data);
+		}
+
+		/* certs */
+		ret = gnutls_ocsp_resp_get_certs(resp, &certs, &ncerts);
+		if (ret < 0)
+			addf(str, "error: get_certs: %s\n",
+			     gnutls_strerror(ret));
+		else {
+			if (ncerts > 0)
+				addf(str, "\tAdditional certificates:\n");
+
+			for (i = 0; i < ncerts; i++) {
+				size_t s = 0;
+
+				ret =
+				    gnutls_x509_crt_print(certs[i],
+							  GNUTLS_CRT_PRINT_FULL,
+							  &out);
+				if (ret < 0)
+					addf(str, "error: crt_print: %s\n",
+					     gnutls_strerror(ret));
+				else {
+					addf(str, "%.*s", out.size,
+					     out.data);
+					gnutls_free(out.data);
+				}
+
+				ret =
+				    gnutls_x509_crt_export(certs[i],
+							   GNUTLS_X509_FMT_PEM,
+							   NULL, &s);
+				if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
+					addf(str,
+					     "error: crt_export: %s\n",
+					     gnutls_strerror(ret));
+				else {
+					out.data = gnutls_malloc(s);
+					if (out.data == NULL)
+						addf(str,
+						     "error: malloc: %s\n",
+						     gnutls_strerror
+						     (GNUTLS_E_MEMORY_ERROR));
+					else {
+						ret =
+						    gnutls_x509_crt_export
+						    (certs[i],
+						     GNUTLS_X509_FMT_PEM,
+						     out.data, &s);
+						if (ret < 0)
+							addf(str,
+							     "error: crt_export: %s\n",
+							     gnutls_strerror
+							     (ret));
+						else {
+							out.size = s;
+							addf(str, "%.*s",
+							     out.size,
+							     out.data);
+						}
+						gnutls_free(out.data);
+					}
+				}
+
+				gnutls_x509_crt_deinit(certs[i]);
+			}
+			gnutls_free(certs);
+		}
+	}
+}
+
+/**
+ * gnutls_ocsp_resp_print:
+ * @resp: The data to be printed
+ * @format: Indicate the format to use
+ * @out: Newly allocated datum with (0) terminated string.
+ *
+ * This function will pretty print a OCSP response, suitable for
+ * display to a human.
+ *
+ * If the format is %GNUTLS_OCSP_PRINT_FULL then all fields of the
+ * response will be output, on multiple lines.
+ *
+ * The output @out->data needs to be deallocate using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_ocsp_resp_print(gnutls_ocsp_resp_const_t resp,
+		       gnutls_ocsp_print_formats_t format,
+		       gnutls_datum_t * out)
+{
+	gnutls_buffer_st str;
+	int rc;
+
+	_gnutls_buffer_init(&str);
+
+	_gnutls_buffer_append_str(&str, _("OCSP Response Information:\n"));
+
+	print_resp(&str, resp, format);
+
+	rc = _gnutls_buffer_to_datum(&str, out, 1);
+	if (rc != GNUTLS_E_SUCCESS) {
+		gnutls_assert();
+		return rc;
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
diff --git a/lib/x509/output.c b/lib/x509/output.c
new file mode 100644
index 0000000..2ec288c
--- /dev/null
+++ b/lib/x509/output.c
@@ -0,0 +1,3083 @@
+/*
+ * Copyright (C) 2007-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2017 Red Hat, Inc.
+ *
+ * Author: Simon Josefsson, Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions for printing X.509 Certificate structures
+ */
+
+#include "gnutls_int.h"
+#include <common.h>
+#include <x509.h>
+#include <x509_int.h>
+#include <num.h>
+#include "errors.h"
+#include "hello_ext.h"
+#include "ip.h"
+
+#define addf _gnutls_buffer_append_printf
+#define adds _gnutls_buffer_append_str
+
+#define NON_NULL(x) (((x)!=NULL)?((char*)(x)):"")
+#define ERROR_STR (char*) "(error)"
+
+static void print_idn_name(gnutls_buffer_st *str, const char *prefix, const char *type, gnutls_datum_t *name)
+{
+	unsigned printable = 1;
+	unsigned is_printed = 0;
+	gnutls_datum_t out = {NULL, 0};
+	int ret;
+
+	if (!_gnutls_str_is_print((char*)name->data, name->size))
+		printable = 0;
+
+	is_printed = 0;
+	if (!printable) {
+		addf(str,  _("%s%s: %.*s (contains illegal chars)\n"), prefix, type, name->size, NON_NULL(name->data));
+		is_printed = 1;
+	} else if (name->data != NULL) {
+		if (strstr((char*)name->data, "xn--") != NULL) {
+			ret = gnutls_idna_reverse_map((char*)name->data, name->size, &out, 0);
+			if (ret >= 0) {
+				addf(str,  _("%s%s: %.*s (%s)\n"), prefix, type, name->size, NON_NULL(name->data), out.data);
+				is_printed = 1;
+				gnutls_free(out.data);
+			}
+		}
+	}
+
+	if (is_printed == 0) {
+		addf(str,  _("%s%s: %.*s\n"), prefix, type, name->size, NON_NULL(name->data));
+	}
+}
+
+static void print_idn_email(gnutls_buffer_st *str, const char *prefix, const char *type, gnutls_datum_t *name)
+{
+	unsigned printable = 1;
+	unsigned is_printed = 0;
+	gnutls_datum_t out = {NULL, 0};
+	int ret;
+
+	if (!_gnutls_str_is_print((char*)name->data, name->size))
+		printable = 0;
+
+	is_printed = 0;
+	if (!printable) {
+		addf(str,  _("%s%s: %.*s (contains illegal chars)\n"), prefix, type, name->size, NON_NULL(name->data));
+		is_printed = 1;
+	} else if (name->data != NULL) {
+		if (strstr((char*)name->data, "xn--") != NULL) {
+			ret = _gnutls_idna_email_reverse_map((char*)name->data, name->size, &out);
+			if (ret >= 0) {
+				addf(str,  _("%s%s: %.*s (%s)\n"), prefix, type, name->size, NON_NULL(name->data), out.data);
+				is_printed = 1;
+				gnutls_free(out.data);
+			}
+		}
+	}
+
+	if (is_printed == 0) {
+		addf(str,  _("%s%s: %.*s\n"), prefix, type, name->size, NON_NULL(name->data));
+	}
+}
+
+static void
+print_name(gnutls_buffer_st *str, const char *prefix, unsigned type, gnutls_datum_t *name, unsigned ip_is_cidr)
+{
+	char *sname = (char*)name->data;
+	char str_ip[64];
+	const char *p;
+
+	if ((type == GNUTLS_SAN_DNSNAME || type == GNUTLS_SAN_OTHERNAME_XMPP
+	     || type == GNUTLS_SAN_OTHERNAME_KRB5PRINCIPAL
+	     || type == GNUTLS_SAN_OTHERNAME_MSUSERPRINCIPAL
+	     || type == GNUTLS_SAN_RFC822NAME
+	     || type == GNUTLS_SAN_URI) && sname != NULL && strlen(sname) != name->size) {
+		adds(str,
+		     _("warning: SAN contains an embedded NUL, "
+			      "replacing with '!'\n"));
+		while (strlen(sname) < name->size)
+			name->data[strlen(sname)] = '!';
+	}
+
+	switch (type) {
+	case GNUTLS_SAN_DNSNAME:
+		print_idn_name(str, prefix, "DNSname", name);
+		break;
+
+	case GNUTLS_SAN_RFC822NAME:
+		print_idn_email(str, prefix, "RFC822Name", name);
+		break;
+
+	case GNUTLS_SAN_URI:
+		addf(str,  _("%sURI: %.*s\n"), prefix, name->size, NON_NULL(name->data));
+		break;
+
+	case GNUTLS_SAN_IPADDRESS:
+		if (!ip_is_cidr)
+			p = _gnutls_ip_to_string(name->data, name->size, str_ip, sizeof(str_ip));
+		else
+			p = _gnutls_cidr_to_string(name->data, name->size, str_ip, sizeof(str_ip));
+		if (p == NULL)
+			p = ERROR_STR;
+		addf(str, "%sIPAddress: %s\n", prefix, p);
+		break;
+
+	case GNUTLS_SAN_DN:
+		addf(str,  _("%sdirectoryName: %.*s\n"), prefix, name->size, NON_NULL(name->data));
+		break;
+
+	case GNUTLS_SAN_REGISTERED_ID:
+			addf(str,  _("%sRegistered ID: %.*s\n"), prefix, name->size, NON_NULL(name->data));
+			break;
+
+	case GNUTLS_SAN_OTHERNAME_XMPP:
+		addf(str,  _("%sXMPP Address: %.*s\n"), prefix, name->size, NON_NULL(name->data));
+		break;
+
+	case GNUTLS_SAN_OTHERNAME_KRB5PRINCIPAL:
+		addf(str,  _("%sKRB5Principal: %.*s\n"), prefix, name->size, NON_NULL(name->data));
+		break;
+
+	case GNUTLS_SAN_OTHERNAME_MSUSERPRINCIPAL:
+		addf(str, _("%sUser Principal Name: %.*s\n"), prefix, name->size, NON_NULL(name->data));
+		break;
+
+	default:
+		addf(str,  _("%sUnknown name: "), prefix);
+		_gnutls_buffer_hexprint(str, name->data, name->size);
+		adds(str, "\n");
+		break;
+	}
+}
+
+static char *get_pk_name(gnutls_x509_crt_t cert, unsigned *bits)
+{
+	char oid[MAX_OID_SIZE];
+	size_t oid_size;
+	oid_size = sizeof(oid);
+	int ret;
+
+	ret = gnutls_x509_crt_get_pk_algorithm(cert, bits);
+	if (ret > 0) {
+		const char *name = gnutls_pk_algorithm_get_name(ret);
+
+		if (name != NULL)
+			return gnutls_strdup(name);
+	}
+
+	ret = gnutls_x509_crt_get_pk_oid(cert, oid, &oid_size);
+	if (ret < 0)
+		return NULL;
+
+	return gnutls_strdup(oid);
+}
+
+static char *crq_get_pk_name(gnutls_x509_crq_t crq)
+{
+	char oid[MAX_OID_SIZE];
+	size_t oid_size;
+	oid_size = sizeof(oid);
+	int ret;
+
+	ret = gnutls_x509_crq_get_pk_algorithm(crq, NULL);
+	if (ret > 0) {
+		const char *name = gnutls_pk_algorithm_get_name(ret);
+
+		if (name != NULL)
+			return gnutls_strdup(name);
+	}
+
+	ret = gnutls_x509_crq_get_pk_oid(crq, oid, &oid_size);
+	if (ret < 0)
+		return NULL;
+
+	return gnutls_strdup(oid);
+}
+
+static char *get_sign_name(gnutls_x509_crt_t cert, int *algo)
+{
+	char oid[MAX_OID_SIZE];
+	size_t oid_size;
+	oid_size = sizeof(oid);
+	int ret;
+
+	*algo = 0;
+
+	ret = gnutls_x509_crt_get_signature_algorithm(cert);
+	if (ret > 0) {
+		const char *name = gnutls_sign_get_name(ret);
+
+		*algo = ret;
+
+		if (name != NULL)
+			return gnutls_strdup(name);
+	}
+
+	ret = gnutls_x509_crt_get_signature_oid(cert, oid, &oid_size);
+	if (ret < 0)
+		return NULL;
+
+	return gnutls_strdup(oid);
+}
+
+static char *crq_get_sign_name(gnutls_x509_crq_t crq)
+{
+	char oid[MAX_OID_SIZE];
+	size_t oid_size;
+	oid_size = sizeof(oid);
+	int ret;
+
+	ret = gnutls_x509_crq_get_signature_algorithm(crq);
+	if (ret > 0) {
+		const char *name = gnutls_sign_get_name(ret);
+
+		if (name != NULL)
+			return gnutls_strdup(name);
+	}
+
+	ret = gnutls_x509_crq_get_signature_oid(crq, oid, &oid_size);
+	if (ret < 0)
+		return NULL;
+
+	return gnutls_strdup(oid);
+}
+
+static char *crl_get_sign_name(gnutls_x509_crl_t crl, int *algo)
+{
+	char oid[MAX_OID_SIZE];
+	size_t oid_size;
+	oid_size = sizeof(oid);
+	int ret;
+
+	*algo = 0;
+
+	ret = gnutls_x509_crl_get_signature_algorithm(crl);
+	if (ret > 0) {
+		const char *name = gnutls_sign_get_name(ret);
+
+		*algo = ret;
+
+		if (name != NULL)
+			return gnutls_strdup(name);
+	}
+
+	ret = gnutls_x509_crl_get_signature_oid(crl, oid, &oid_size);
+	if (ret < 0)
+		return NULL;
+
+	return gnutls_strdup(oid);
+}
+
+
+static void print_proxy(gnutls_buffer_st * str, gnutls_datum_t *der)
+{
+	int pathlen;
+	char *policyLanguage;
+	char *policy;
+	size_t npolicy;
+	int err;
+
+	err = gnutls_x509_ext_import_proxy(der, &pathlen, &policyLanguage,
+					&policy, &npolicy);
+	if (err < 0) {
+		addf(str, "error: get_proxy: %s\n", gnutls_strerror(err));
+		return;
+	}
+
+	if (pathlen >= 0)
+		addf(str, _("\t\t\tPath Length Constraint: %d\n"),
+		     pathlen);
+	addf(str, _("\t\t\tPolicy Language: %s"), policyLanguage);
+	if (strcmp(policyLanguage, "1.3.6.1.5.5.7.21.1") == 0)
+		adds(str, " (id-ppl-inheritALL)\n");
+	else if (strcmp(policyLanguage, "1.3.6.1.5.5.7.21.2") == 0)
+		adds(str, " (id-ppl-independent)\n");
+	else
+		adds(str, "\n");
+	if (npolicy) {
+		adds(str, _("\t\t\tPolicy:\n\t\t\t\tASCII: "));
+		_gnutls_buffer_asciiprint(str, policy, npolicy);
+		adds(str, _("\n\t\t\t\tHexdump: "));
+		_gnutls_buffer_hexprint(str, policy, npolicy);
+		adds(str, "\n");
+	}
+	gnutls_free(policy);
+	gnutls_free(policyLanguage);
+}
+
+
+static void print_nc(gnutls_buffer_st * str, const char* prefix, gnutls_datum_t *der)
+{
+	gnutls_x509_name_constraints_t nc;
+	int ret;
+	unsigned idx = 0;
+	gnutls_datum_t name;
+	unsigned type;
+	char new_prefix[16];
+
+	ret = gnutls_x509_name_constraints_init(&nc);
+	if (ret < 0)
+		return;
+
+	ret = gnutls_x509_ext_import_name_constraints(der, nc, 0);
+	if (ret < 0)
+		goto cleanup;
+
+	snprintf(new_prefix, sizeof(new_prefix), "%s\t\t\t\t", prefix);
+
+	do {
+		ret = gnutls_x509_name_constraints_get_permitted(nc, idx++, &type, &name);
+
+		if (ret >= 0) {
+			if (idx == 1)
+				addf(str,  _("%s\t\t\tPermitted:\n"), prefix);
+
+			print_name(str, new_prefix, type, &name, 1);
+		}
+	} while (ret == 0);
+
+	idx = 0;
+	do {
+		ret = gnutls_x509_name_constraints_get_excluded(nc, idx++, &type, &name);
+
+		if (ret >= 0) {
+			if (idx == 1)
+				addf(str,  _("%s\t\t\tExcluded:\n"), prefix);
+
+			print_name(str, new_prefix, type, &name, 1);
+		}
+	} while (ret == 0);
+
+cleanup:
+	gnutls_x509_name_constraints_deinit(nc);
+}
+
+static void print_aia(gnutls_buffer_st * str, const gnutls_datum_t *der)
+{
+	int err;
+	int seq;
+	gnutls_datum_t san = { NULL, 0 }, oid = {NULL, 0};
+	gnutls_x509_aia_t aia;
+	unsigned int san_type;
+
+	err = gnutls_x509_aia_init(&aia);
+	if (err < 0)
+		return;
+
+	err = gnutls_x509_ext_import_aia(der, aia, 0);
+	if (err < 0) {
+		addf(str, "error: get_aia: %s\n",
+		     gnutls_strerror(err));
+		goto cleanup;
+	}
+
+	for (seq=0;;seq++) {
+		err = gnutls_x509_aia_get(aia, seq, &oid, &san_type, &san);
+		if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+			goto cleanup;
+		if (err < 0) {
+			addf(str, "error: aia_get: %s\n",
+			     gnutls_strerror(err));
+			goto cleanup;
+		}
+
+		if (strcmp((char*)oid.data, GNUTLS_OID_AD_OCSP) == 0)
+			addf(str, _("\t\t\tAccess Method: %s (%s)\n"), GNUTLS_OID_AD_OCSP, "id-ad-ocsp");
+		else if (strcmp((char*)oid.data, GNUTLS_OID_AD_CAISSUERS) == 0)
+			addf(str, _("\t\t\tAccess Method: %s (%s)\n"), GNUTLS_OID_AD_CAISSUERS, "id-ad-caIssuers");
+		else {
+			addf(str, _("\t\t\tAccess Method: %s (%s)\n"), (char*)oid.data, "UNKNOWN");
+		}
+
+		adds(str, "\t\t\tAccess Location ");
+		print_name(str, "", san_type, &san, 0);
+	}
+
+cleanup:
+	gnutls_x509_aia_deinit(aia);
+}
+
+static void print_ski(gnutls_buffer_st * str, gnutls_datum_t *der)
+{
+	gnutls_datum_t id = {NULL, 0};
+	int err;
+
+	err = gnutls_x509_ext_import_subject_key_id(der, &id);
+	if (err < 0) {
+		addf(str, "error: get_subject_key_id: %s\n",
+		     gnutls_strerror(err));
+		return;
+	}
+
+	adds(str, "\t\t\t");
+	_gnutls_buffer_hexprint(str, id.data, id.size);
+	adds(str, "\n");
+
+	gnutls_free(id.data);
+}
+
+static void print_time(gnutls_buffer_st *str, time_t timestamp)
+{
+	char s[42];
+	size_t max = sizeof(s);
+	struct tm t;
+
+	if (gmtime_r(&timestamp, &t) == NULL) {
+		addf(str, "error: gmtime_r (%lu)\n", timestamp);
+		return;
+	}
+
+	if (strftime(s, max, "%a, %b %d %H:%M:%S UTC %Y", &t) == 0)
+		addf(str, "error: strftime (%lu)\n", timestamp);
+	else
+		addf(str, "%s\n", s);
+}
+
+static void print_scts(gnutls_buffer_st * str, const gnutls_datum_t *der,
+		       const char *prefix)
+{
+	int retval;
+	unsigned int version;
+	time_t timestamp;
+	gnutls_datum_t logid = { NULL, 0 }, sig = { NULL, 0 };
+	gnutls_sign_algorithm_t sigalg;
+	gnutls_x509_ct_scts_t scts;
+
+	retval = gnutls_x509_ext_ct_scts_init(&scts);
+	if (retval < 0) {
+		addf(str, "error: gnutls_x509_ext_ct_scts_init(): %s\n",
+		     gnutls_strerror(retval));
+		return;
+	}
+
+	retval = gnutls_x509_ext_ct_import_scts(der, scts, 0);
+	if (retval < 0) {
+		addf(str, "error: gnutls_x509_ext_ct_import_scts(): %s\n",
+		     gnutls_strerror(retval));
+		goto cleanup;
+	}
+
+	for (int i = 0;; i++) {
+		retval = gnutls_x509_ct_sct_get_version(scts, i, &version);
+		if (retval == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+			break;
+
+		addf(str, _("%s\t\t\tSigned Certificate Timestamp %d:\n"),
+		     prefix, (i+1));
+
+		if (version != 1) {
+			addf(str, _("%s\t\t\t\tVersion: %d (unknown SCT version)\n"),
+			     prefix, version);
+			continue;
+		}
+
+		retval = gnutls_x509_ct_sct_get(scts, i,
+						&timestamp,
+						&logid,
+						&sigalg, &sig);
+		if (retval < 0) {
+			addf(str, "error: could not get SCT info: %s\n",
+			     gnutls_strerror(retval));
+			break;
+		}
+
+		addf(str, _("%s\t\t\t\tVersion: %d\n"),
+		     prefix, version);
+		addf(str, _("%s\t\t\t\tLog ID: "), prefix);
+		_gnutls_buffer_hexprint(str, logid.data, logid.size);
+		addf(str, "\n");
+		addf(str, _("%s\t\t\t\tTime: "), prefix);
+		print_time(str, timestamp);
+		addf(str, _("%s\t\t\t\tExtensions: none\n"), /* there are no extensions defined for v1 */
+		     prefix);
+		addf(str, _("%s\t\t\t\tSignature algorithm: %s\n"),
+		     prefix, gnutls_sign_get_name(sigalg));
+		addf(str, _("%s\t\t\t\tSignature: "), prefix);
+		_gnutls_buffer_hexprint(str, sig.data, sig.size);
+		addf(str, "\n");
+
+		_gnutls_free_datum(&sig);
+		_gnutls_free_datum(&logid);
+		sig.data = NULL;
+		logid.data = NULL;
+	}
+
+cleanup:
+	_gnutls_free_datum(&sig);
+	_gnutls_free_datum(&logid);
+	gnutls_x509_ext_ct_scts_deinit(scts);
+}
+
+
+#define TYPE_CRT 2
+#define TYPE_CRQ 3
+
+typedef union {
+	gnutls_x509_crt_t crt;
+	gnutls_x509_crq_t crq;
+} cert_type_t;
+
+static void
+print_aki_gn_serial(gnutls_buffer_st * str, gnutls_x509_aki_t aki)
+{
+	gnutls_datum_t san, other_oid, serial;
+	unsigned int alt_type;
+	int err;
+
+	err =
+	    gnutls_x509_aki_get_cert_issuer(aki,
+					    0, &alt_type, &san, &other_oid, &serial);
+	if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		return;
+	} else if (err < 0) {
+		addf(str, "error: gnutls_x509_aki_get_cert_issuer: %s\n",
+		     gnutls_strerror(err));
+		return;
+	}
+
+	print_name(str, "\t\t\t", alt_type, &san, 0);
+
+	adds(str, "\t\t\tserial: ");
+	_gnutls_buffer_hexprint(str, serial.data, serial.size);
+	adds(str, "\n");
+}
+
+static void print_aki(gnutls_buffer_st * str, gnutls_datum_t *der)
+{
+	int err;
+	gnutls_x509_aki_t aki;
+	gnutls_datum_t id;
+
+	err = gnutls_x509_aki_init(&aki);
+	if (err < 0) {
+		addf(str, "error: gnutls_x509_aki_init: %s\n",
+		     gnutls_strerror(err));
+		return;
+	}
+
+	err = gnutls_x509_ext_import_authority_key_id(der, aki, 0);
+	if (err < 0) {
+		addf(str, "error: gnutls_x509_ext_import_authority_key_id: %s\n",
+		     gnutls_strerror(err));
+		goto cleanup;
+	}
+
+	/* Check if an alternative name is there */
+	print_aki_gn_serial(str, aki);
+
+	err = gnutls_x509_aki_get_id(aki, &id);
+	if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		goto cleanup;
+	} else if (err < 0) {
+		addf(str, "error: gnutls_x509_aki_get_id: %s\n",
+		     gnutls_strerror(err));
+		goto cleanup;
+	}
+
+	adds(str, "\t\t\t");
+	_gnutls_buffer_hexprint(str, id.data, id.size);
+	adds(str, "\n");
+
+ cleanup:
+	gnutls_x509_aki_deinit(aki);
+}
+
+static void
+print_key_usage2(gnutls_buffer_st * str, const char *prefix, unsigned int key_usage)
+{
+	if (key_usage & GNUTLS_KEY_DIGITAL_SIGNATURE)
+		addf(str, _("%sDigital signature.\n"), prefix);
+	if (key_usage & GNUTLS_KEY_NON_REPUDIATION)
+		addf(str, _("%sNon repudiation.\n"), prefix);
+	if (key_usage & GNUTLS_KEY_KEY_ENCIPHERMENT)
+		addf(str, _("%sKey encipherment.\n"), prefix);
+	if (key_usage & GNUTLS_KEY_DATA_ENCIPHERMENT)
+		addf(str, _("%sData encipherment.\n"), prefix);
+	if (key_usage & GNUTLS_KEY_KEY_AGREEMENT)
+		addf(str, _("%sKey agreement.\n"), prefix);
+	if (key_usage & GNUTLS_KEY_KEY_CERT_SIGN)
+		addf(str, _("%sCertificate signing.\n"), prefix);
+	if (key_usage & GNUTLS_KEY_CRL_SIGN)
+		addf(str, _("%sCRL signing.\n"), prefix);
+	if (key_usage & GNUTLS_KEY_ENCIPHER_ONLY)
+		addf(str, _("%sKey encipher only.\n"), prefix);
+	if (key_usage & GNUTLS_KEY_DECIPHER_ONLY)
+		addf(str, _("%sKey decipher only.\n"), prefix);
+}
+
+static void
+print_key_usage(gnutls_buffer_st * str, const char *prefix, gnutls_datum_t *der)
+{
+	unsigned int key_usage;
+	int err;
+
+	err = gnutls_x509_ext_import_key_usage(der, &key_usage);
+	if (err < 0) {
+		addf(str, "error: get_key_usage: %s\n",
+		     gnutls_strerror(err));
+		return;
+	}
+
+	print_key_usage2(str, prefix, key_usage);
+}
+
+static void
+print_private_key_usage_period(gnutls_buffer_st * str, const char *prefix, gnutls_datum_t *der)
+{
+	time_t activation, expiration;
+	int err;
+	char s[42];
+	struct tm t;
+	size_t max;
+
+	err = gnutls_x509_ext_import_private_key_usage_period(der, &activation, &expiration);
+	if (err < 0) {
+		addf(str, "error: get_private_key_usage_period: %s\n",
+		     gnutls_strerror(err));
+		return;
+	}
+
+	max = sizeof(s);
+
+	if (gmtime_r(&activation, &t) == NULL)
+		addf(str, "error: gmtime_r (%ld)\n",
+		     (unsigned long) activation);
+	else if (strftime(s, max, "%a %b %d %H:%M:%S UTC %Y", &t) == 0)
+		addf(str, "error: strftime (%ld)\n",
+		     (unsigned long) activation);
+	else
+		addf(str, _("\t\t\tNot Before: %s\n"), s);
+
+	if (gmtime_r(&expiration, &t) == NULL)
+		addf(str, "error: gmtime_r (%ld)\n",
+		     (unsigned long) expiration);
+	else if (strftime(s, max, "%a %b %d %H:%M:%S UTC %Y", &t) == 0)
+		addf(str, "error: strftime (%ld)\n",
+		     (unsigned long) expiration);
+	else
+		addf(str, _("\t\t\tNot After: %s\n"), s);
+
+}
+
+static void print_crldist(gnutls_buffer_st * str, gnutls_datum_t *der)
+{
+	int err;
+	int indx;
+	gnutls_x509_crl_dist_points_t dp;
+	unsigned int flags, type;
+	gnutls_datum_t dist;
+
+	err = gnutls_x509_crl_dist_points_init(&dp);
+	if (err < 0) {
+		addf(str, "error: gnutls_x509_crl_dist_points_init: %s\n",
+		     gnutls_strerror(err));
+		return;
+	}
+
+	err = gnutls_x509_ext_import_crl_dist_points(der, dp, 0);
+	if (err < 0) {
+		addf(str, "error: gnutls_x509_ext_import_crl_dist_points: %s\n",
+		     gnutls_strerror(err));
+		goto cleanup;
+	}
+
+	for (indx = 0;; indx++) {
+		err =
+		    gnutls_x509_crl_dist_points_get(dp, indx, &type, &dist, &flags);
+		if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+			goto cleanup;
+		else if (err < 0) {
+			addf(str, "error: get_crl_dist_points: %s\n",
+			     gnutls_strerror(err));
+			return;
+		}
+
+		print_name(str, "\t\t\t", type, &dist, 0);
+	}
+ cleanup:
+	gnutls_x509_crl_dist_points_deinit(dp);
+}
+
+static void
+print_key_purpose(gnutls_buffer_st * str, const char *prefix, gnutls_datum_t *der)
+{
+	int indx;
+	gnutls_datum_t oid;
+	char *p;
+	int err;
+	gnutls_x509_key_purposes_t purposes;
+
+	err = gnutls_x509_key_purpose_init(&purposes);
+	if (err < 0) {
+		addf(str, "error: gnutls_x509_key_purpose_init: %s\n",
+		     gnutls_strerror(err));
+		return;
+	}
+
+	err = gnutls_x509_ext_import_key_purposes(der, purposes, 0);
+	if (err < 0) {
+		addf(str, "error: gnutls_x509_ext_import_key_purposes: %s\n",
+		     gnutls_strerror(err));
+		goto cleanup;
+	}
+
+	for (indx = 0;; indx++) {
+		err = gnutls_x509_key_purpose_get(purposes, indx, &oid);
+		if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+			goto cleanup;
+		else if (err < 0) {
+			addf(str, "error: gnutls_x509_key_purpose_get: %s\n",
+			     gnutls_strerror(err));
+			goto cleanup;
+		}
+
+		p = (void*)oid.data;
+		if (strcmp(p, GNUTLS_KP_TLS_WWW_SERVER) == 0)
+			addf(str, _("%s\t\t\tTLS WWW Server.\n"), prefix);
+		else if (strcmp(p, GNUTLS_KP_TLS_WWW_CLIENT) == 0)
+			addf(str, _("%s\t\t\tTLS WWW Client.\n"), prefix);
+		else if (strcmp(p, GNUTLS_KP_CODE_SIGNING) == 0)
+			addf(str, _("%s\t\t\tCode signing.\n"), prefix);
+		else if (strcmp(p, GNUTLS_KP_EMAIL_PROTECTION) == 0)
+			addf(str, _("%s\t\t\tEmail protection.\n"),
+			     prefix);
+		else if (strcmp(p, GNUTLS_KP_TIME_STAMPING) == 0)
+			addf(str, _("%s\t\t\tTime stamping.\n"), prefix);
+		else if (strcmp(p, GNUTLS_KP_OCSP_SIGNING) == 0)
+			addf(str, _("%s\t\t\tOCSP signing.\n"), prefix);
+		else if (strcmp(p, GNUTLS_KP_IPSEC_IKE) == 0)
+			addf(str, _("%s\t\t\tIpsec IKE.\n"), prefix);
+		else if (strcmp(p, GNUTLS_KP_MS_SMART_CARD_LOGON) == 0)
+			addf(str, _("%s\t\t\tSmart Card Logon.\n"), prefix);
+		else if (strcmp(p, GNUTLS_KP_ANY) == 0)
+			addf(str, _("%s\t\t\tAny purpose.\n"), prefix);
+		else
+			addf(str, "%s\t\t\t%s\n", prefix, p);
+	}
+ cleanup:
+	gnutls_x509_key_purpose_deinit(purposes);
+}
+
+static void
+print_basic(gnutls_buffer_st * str, const char *prefix, gnutls_datum_t *der)
+{
+	int pathlen;
+	unsigned ca;
+	int err;
+
+	err = gnutls_x509_ext_import_basic_constraints(der, &ca, &pathlen);
+	if (err < 0) {
+		addf(str, "error: get_basic_constraints: %s\n",
+		     gnutls_strerror(err));
+		return;
+	}
+
+	if (ca == 0)
+		addf(str, _("%s\t\t\tCertificate Authority (CA): FALSE\n"),
+		     prefix);
+	else
+		addf(str, _("%s\t\t\tCertificate Authority (CA): TRUE\n"),
+		     prefix);
+
+	if (pathlen >= 0)
+		addf(str, _("%s\t\t\tPath Length Constraint: %d\n"),
+		     prefix, pathlen);
+}
+
+
+static void
+print_altname(gnutls_buffer_st * str, const char *prefix, gnutls_datum_t *der)
+{
+	unsigned int altname_idx;
+	gnutls_subject_alt_names_t names;
+	unsigned int type;
+	gnutls_datum_t san;
+	gnutls_datum_t othername;
+	char pfx[16];
+	int err;
+
+	err = gnutls_subject_alt_names_init(&names);
+	if (err < 0) {
+		addf(str, "error: gnutls_subject_alt_names_init: %s\n",
+		     gnutls_strerror(err));
+		return;
+	}
+
+	err = gnutls_x509_ext_import_subject_alt_names(der, names, 0);
+	if (err < 0) {
+		addf(str, "error: gnutls_x509_ext_import_subject_alt_names: %s\n",
+		     gnutls_strerror(err));
+		goto cleanup;
+	}
+
+	for (altname_idx = 0;; altname_idx++) {
+		err = gnutls_subject_alt_names_get(names, altname_idx,
+						   &type, &san, &othername);
+		if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+			break;
+		else if (err < 0) {
+			addf(str,
+			     "error: gnutls_subject_alt_names_get: %s\n",
+			     gnutls_strerror(err));
+			break;
+		}
+
+
+		if (type == GNUTLS_SAN_OTHERNAME) {
+			unsigned vtype;
+			gnutls_datum_t virt;
+
+			err = gnutls_x509_othername_to_virtual((char*)othername.data, &san, &vtype, &virt);
+			if (err >= 0) {
+				snprintf(pfx, sizeof(pfx), "%s\t\t\t", prefix);
+				print_name(str, pfx, vtype, &virt, 0);
+				gnutls_free(virt.data);
+				continue;
+			}
+
+			addf(str,
+			     _("%s\t\t\totherName OID: %.*s\n"),
+			     prefix, (int)othername.size, (char*)othername.data);
+			addf(str, _("%s\t\t\totherName DER: "),
+				     prefix);
+			_gnutls_buffer_hexprint(str, san.data, san.size);
+			addf(str, _("\n%s\t\t\totherName ASCII: "),
+				     prefix);
+			_gnutls_buffer_asciiprint(str, (char*)san.data, san.size);
+				addf(str, "\n");
+		} else {
+
+			snprintf(pfx, sizeof(pfx), "%s\t\t\t", prefix);
+			print_name(str, pfx, type, &san, 0);
+		}
+	}
+
+ cleanup:
+	gnutls_subject_alt_names_deinit(names);
+}
+
+static void
+guiddump(gnutls_buffer_st * str, const char *data, size_t len,
+	 const char *spc)
+{
+	size_t j;
+
+	if (spc)
+		adds(str, spc);
+	addf(str, "{");
+	addf(str, "%.2X", (unsigned char) data[3]);
+	addf(str, "%.2X", (unsigned char) data[2]);
+	addf(str, "%.2X", (unsigned char) data[1]);
+	addf(str, "%.2X", (unsigned char) data[0]);
+	addf(str, "-");
+	addf(str, "%.2X", (unsigned char) data[5]);
+	addf(str, "%.2X", (unsigned char) data[4]);
+	addf(str, "-");
+	addf(str, "%.2X", (unsigned char) data[7]);
+	addf(str, "%.2X", (unsigned char) data[6]);
+	addf(str, "-");
+	addf(str, "%.2X", (unsigned char) data[8]);
+	addf(str, "%.2X", (unsigned char) data[9]);
+	addf(str, "-");
+	for (j = 10; j < 16; j++) {
+		addf(str, "%.2X", (unsigned char) data[j]);
+	}
+	addf(str, "}\n");
+}
+
+static void
+print_unique_ids(gnutls_buffer_st * str, const gnutls_x509_crt_t cert)
+{
+	int result;
+	char buf[256];		/* if its longer, we won't bother to print it */
+	size_t buf_size = 256;
+
+	result =
+	    gnutls_x509_crt_get_issuer_unique_id(cert, buf, &buf_size);
+	if (result >= 0) {
+		addf(str, ("\tIssuer Unique ID:\n"));
+		_gnutls_buffer_hexdump(str, buf, buf_size, "\t\t\t");
+		if (buf_size == 16) {	/* this could be a GUID */
+			guiddump(str, buf, buf_size, "\t\t\t");
+		}
+	}
+
+	buf_size = 256;
+	result =
+	    gnutls_x509_crt_get_subject_unique_id(cert, buf, &buf_size);
+	if (result >= 0) {
+		addf(str, ("\tSubject Unique ID:\n"));
+		_gnutls_buffer_hexdump(str, buf, buf_size, "\t\t\t");
+		if (buf_size == 16) {	/* this could be a GUID */
+			guiddump(str, buf, buf_size, "\t\t\t");
+		}
+	}
+}
+
+static void print_tlsfeatures(gnutls_buffer_st * str, const char *prefix, const gnutls_datum_t *der)
+{
+	int err;
+	int seq;
+	gnutls_x509_tlsfeatures_t features;
+	const char *name;
+	unsigned int feature;
+
+	err = gnutls_x509_tlsfeatures_init(&features);
+	if (err < 0)
+		return;
+
+	err = gnutls_x509_ext_import_tlsfeatures(der, features, 0);
+	if (err < 0) {
+		addf(str, "error: get_tlsfeatures: %s\n",
+			 gnutls_strerror(err));
+		goto cleanup;
+	}
+
+	for (seq=0;;seq++) {
+		err = gnutls_x509_tlsfeatures_get(features, seq, &feature);
+		if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+			goto cleanup;
+		if (err < 0) {
+			addf(str, "error: get_tlsfeatures: %s\n",
+				 gnutls_strerror(err));
+			goto cleanup;
+		}
+
+		name = gnutls_ext_get_name(feature);
+		if (name == NULL)
+			addf(str, "%s\t\t\t%u\n", prefix, feature);
+		else
+			addf(str, "%s\t\t\t%s(%u)\n", prefix, name, feature);
+	}
+
+cleanup:
+	gnutls_x509_tlsfeatures_deinit(features);
+}
+
+static void print_subject_sign_tool(gnutls_buffer_st * str, const char *prefix, const gnutls_datum_t *der)
+{
+	int ret;
+	gnutls_datum_t tmp = {NULL, 0};
+
+	ret = _gnutls_x509_decode_string(ASN1_ETYPE_UTF8_STRING, der->data, der->size, &tmp, 0);
+	if (ret < 0) {
+		addf(str, _("%s\t\t\tASCII: "), prefix);
+		_gnutls_buffer_asciiprint(str, (char*)der->data, der->size);
+
+		addf(str, "\n");
+		addf(str, _("%s\t\t\tHexdump: "), prefix);
+		_gnutls_buffer_hexprint(str, (char*)der->data, der->size);
+		adds(str, "\n");
+
+		return;
+	}
+
+	addf(str, _("%s\t\t\t%.*s\n"), prefix, tmp.size, NON_NULL(tmp.data));
+	_gnutls_free_datum(&tmp);
+}
+
+static void print_issuer_sign_tool(gnutls_buffer_st * str, const char *prefix, const gnutls_datum_t *der)
+{
+	int ret;
+	asn1_node tmpasn = NULL;
+	char asn1_err[ASN1_MAX_ERROR_DESCRIPTION_SIZE] = "";
+	gnutls_datum_t tmp;
+
+	if (asn1_create_element(_gnutls_get_gnutls_asn(), "GNUTLS.IssuerSignTool",
+				&tmpasn) != ASN1_SUCCESS) {
+		gnutls_assert();
+		goto hexdump;
+	}
+
+	if (_asn1_strict_der_decode(&tmpasn, der->data, der->size, asn1_err) != ASN1_SUCCESS) {
+		gnutls_assert();
+		_gnutls_debug_log("_asn1_strict_der_decode: %s\n", asn1_err);
+		goto hexdump;
+	}
+
+	ret = _gnutls_x509_read_value(tmpasn, "signTool", &tmp);
+	if (ret < 0) {
+		gnutls_assert();
+		goto hexdump;
+	}
+	addf(str, _("%s\t\t\tSignTool: %.*s\n"), prefix, tmp.size, NON_NULL(tmp.data));
+	_gnutls_free_datum(&tmp);
+
+	ret = _gnutls_x509_read_value(tmpasn, "cATool", &tmp);
+	if (ret < 0) {
+		gnutls_assert();
+		goto hexdump;
+	}
+	addf(str, _("%s\t\t\tCATool: %.*s\n"), prefix, tmp.size, NON_NULL(tmp.data));
+	_gnutls_free_datum(&tmp);
+
+	ret = _gnutls_x509_read_value(tmpasn, "signToolCert", &tmp);
+	if (ret < 0) {
+		gnutls_assert();
+		goto hexdump;
+	}
+	addf(str, _("%s\t\t\tSignToolCert: %.*s\n"), prefix, tmp.size, NON_NULL(tmp.data));
+	_gnutls_free_datum(&tmp);
+
+	ret = _gnutls_x509_read_value(tmpasn, "cAToolCert", &tmp);
+	if (ret < 0) {
+		gnutls_assert();
+		goto hexdump;
+	}
+	addf(str, _("%s\t\t\tCAToolCert: %.*s\n"), prefix, tmp.size, NON_NULL(tmp.data));
+	_gnutls_free_datum(&tmp);
+
+	asn1_delete_structure(&tmpasn);
+
+	return;
+
+hexdump:
+	asn1_delete_structure(&tmpasn);
+
+	addf(str, _("%s\t\t\tASCII: "), prefix);
+	_gnutls_buffer_asciiprint(str, (char*)der->data, der->size);
+
+	addf(str, "\n");
+	addf(str, _("%s\t\t\tHexdump: "), prefix);
+	_gnutls_buffer_hexprint(str, (char*)der->data, der->size);
+	adds(str, "\n");
+}
+
+#define ENTRY(oid, name) {oid, sizeof(oid)-1, name, sizeof(name)-1, NULL, 0}
+
+static const struct oid_to_string cp_oid2str[] = {
+	ENTRY("2.5.29.32.0", "anyPolicy"),
+
+	ENTRY("2.23.140.1.2.1", "CA/B Domain Validated"),
+	ENTRY("2.23.140.1.2.2", "CA/B Organization Validated"),
+	ENTRY("2.23.140.1.2.3", "CA/B Individual Validated"),
+	ENTRY("2.23.140.1.1", "CA/B Extended Validation"),
+
+	/* draft-deremin-rfc4491-bis */
+	ENTRY("1.2.643.100.113.1", "Russian security class KC1"),
+	ENTRY("1.2.643.100.113.2", "Russian security class KC2"),
+	ENTRY("1.2.643.100.113.3", "Russian security class KC3"),
+	ENTRY("1.2.643.100.113.4", "Russian security class KB1"),
+	ENTRY("1.2.643.100.113.5", "Russian security class KB2"),
+	ENTRY("1.2.643.100.113.6", "Russian security class KA1"),
+
+	{NULL, 0, NULL, 0},
+};
+
+struct ext_indexes_st {
+	int san;
+	int ian;
+	int proxy;
+	int basic;
+	int keyusage;
+	int keypurpose;
+	int ski;
+	int aki, nc;
+	int crldist, pkey_usage_period;
+	int tlsfeatures;
+};
+
+static void print_extension(gnutls_buffer_st * str, const char *prefix,
+			    struct ext_indexes_st *idx, const char *oid,
+			    unsigned critical, gnutls_datum_t *der)
+{
+	int err;
+	unsigned j;
+	char pfx[16];
+
+	if (strcmp(oid, "2.5.29.19") == 0) {
+		if (idx->basic) {
+			addf(str,
+			     "warning: more than one basic constraint\n");
+		}
+
+		addf(str, _("%s\t\tBasic Constraints (%s):\n"),
+		     prefix,
+		     critical ? _("critical") : _("not critical"));
+
+		print_basic(str, prefix, der);
+		idx->basic++;
+
+	} else if (strcmp(oid, "2.5.29.14") == 0) {
+		if (idx->ski) {
+			addf(str,
+			     "warning: more than one SKI extension\n");
+		}
+
+		addf(str,
+		     _("%s\t\tSubject Key Identifier (%s):\n"),
+		     prefix,
+		     critical ? _("critical") : _("not critical"));
+
+		print_ski(str, der);
+
+		idx->ski++;
+	} else if (strcmp(oid, "2.5.29.32") == 0) {
+		struct gnutls_x509_policy_st policy;
+		gnutls_x509_policies_t policies;
+		const char *name;
+		const struct oid_to_string *entry;
+		int x;
+
+		err = gnutls_x509_policies_init(&policies);
+		if (err < 0) {
+			addf(str,
+			     "error: certificate policies: %s\n",
+			     gnutls_strerror(err));
+			return;
+		}
+
+		err = gnutls_x509_ext_import_policies(der, policies, 0);
+		if (err < 0) {
+			addf(str,
+			     "error: certificate policies import: %s\n",
+			     gnutls_strerror(err));
+			gnutls_x509_policies_deinit(policies);
+			return;
+		}
+
+		for (x = 0;; x++) {
+			err = gnutls_x509_policies_get(policies, x, &policy);
+			if (err ==
+			    GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+				break;
+
+			if (err < 0) {
+				addf(str,
+				     "error: certificate policy: %s\n",
+				     gnutls_strerror(err));
+				break;
+			}
+
+			if (x == 0)
+				addf(str,
+				     "%s\t\tCertificate Policies (%s):\n",
+				     prefix,
+				     critical ? _("critical") :
+				     _("not critical"));
+
+			entry = _gnutls_oid_get_entry(cp_oid2str, policy.oid);
+			if (entry != NULL && entry->name_desc != NULL)
+				addf(str, "%s\t\t\t%s (%s)\n", prefix, policy.oid, entry->name_desc);
+			else
+				addf(str, "%s\t\t\t%s\n", prefix, policy.oid);
+			for (j = 0; j < policy.qualifiers; j++) {
+				if (policy.qualifier[j].type ==
+				    GNUTLS_X509_QUALIFIER_URI)
+					name = "URI";
+				else if (policy.qualifier[j].
+					 type ==
+					 GNUTLS_X509_QUALIFIER_NOTICE)
+					name = "Note";
+				else
+					name = "Unknown qualifier";
+				addf(str, "%s\t\t\t\t%s: %s\n",
+				     prefix, name,
+				     policy.qualifier[j].data);
+			}
+		}
+		gnutls_x509_policies_deinit(policies);
+	} else if (strcmp(oid, "2.5.29.54") == 0) {
+		unsigned int skipcerts;
+
+		err = gnutls_x509_ext_import_inhibit_anypolicy(der, &skipcerts);
+		if (err < 0) {
+			addf(str,
+			     "error: certificate inhibit any policy import: %s\n",
+			     gnutls_strerror(err));
+			return;
+		}
+
+		addf(str,
+		     "%s\t\tInhibit anyPolicy skip certs: %u (%s)\n",
+			     prefix, skipcerts,
+			     critical ? _("critical") :
+			     _("not critical"));
+
+	} else if (strcmp(oid, "2.5.29.35") == 0) {
+
+		if (idx->aki) {
+			addf(str,
+			     "warning: more than one AKI extension\n");
+		}
+
+		addf(str,
+		     _("%s\t\tAuthority Key Identifier (%s):\n"),
+		     prefix,
+		     critical ? _("critical") : _("not critical"));
+
+		print_aki(str, der);
+
+		idx->aki++;
+	} else if (strcmp(oid, "2.5.29.15") == 0) {
+		if (idx->keyusage) {
+			addf(str,
+			     "warning: more than one key usage extension\n");
+		}
+
+		addf(str, _("%s\t\tKey Usage (%s):\n"), prefix,
+			     critical ? _("critical") : _("not critical"));
+
+		snprintf(pfx, sizeof(pfx), "%s\t\t\t", prefix);
+		print_key_usage(str, pfx, der);
+
+		idx->keyusage++;
+	} else if (strcmp(oid, "2.5.29.16") == 0) {
+		if (idx->pkey_usage_period) {
+			addf(str,
+			     "warning: more than one private key usage period extension\n");
+		}
+
+		addf(str,
+		     _("%s\t\tPrivate Key Usage Period (%s):\n"),
+		     prefix,
+		     critical ? _("critical") : _("not critical"));
+
+		print_private_key_usage_period(str, prefix, der);
+
+		idx->pkey_usage_period++;
+	} else if (strcmp(oid, "2.5.29.37") == 0) {
+		if (idx->keypurpose) {
+			addf(str,
+			     "warning: more than one key purpose extension\n");
+		}
+
+		addf(str, _("%s\t\tKey Purpose (%s):\n"), prefix,
+		     critical ? _("critical") : _("not critical"));
+
+		print_key_purpose(str, prefix, der);
+		idx->keypurpose++;
+	} else if (strcmp(oid, "2.5.29.17") == 0) {
+		if (idx->san) {
+			addf(str,
+			     "warning: more than one SKI extension\n");
+		}
+
+		addf(str,
+		     _("%s\t\tSubject Alternative Name (%s):\n"),
+		     prefix,
+		     critical ? _("critical") : _("not critical"));
+			print_altname(str, prefix, der);
+		idx->san++;
+	} else if (strcmp(oid, "2.5.29.18") == 0) {
+		if (idx->ian) {
+			addf(str,
+			     "warning: more than one Issuer AltName extension\n");
+		}
+
+		addf(str,
+		     _("%s\t\tIssuer Alternative Name (%s):\n"),
+		     prefix,
+		     critical ? _("critical") : _("not critical"));
+
+		print_altname(str, prefix, der);
+
+		idx->ian++;
+	} else if (strcmp(oid, "2.5.29.31") == 0) {
+		if (idx->crldist) {
+			addf(str,
+			     "warning: more than one CRL distribution point\n");
+		}
+
+		addf(str,
+		     _("%s\t\tCRL Distribution points (%s):\n"),
+		     prefix,
+		     critical ? _("critical") : _("not critical"));
+
+		print_crldist(str, der);
+		idx->crldist++;
+	} else if (strcmp(oid, "1.3.6.1.5.5.7.1.14") == 0) {
+		if (idx->proxy) {
+			addf(str,
+			     "warning: more than one proxy extension\n");
+		}
+
+		addf(str,
+			     _
+		     ("%s\t\tProxy Certificate Information (%s):\n"),
+		     prefix,
+		     critical ? _("critical") : _("not critical"));
+
+		print_proxy(str, der);
+
+		idx->proxy++;
+	} else if (strcmp(oid, "1.3.6.1.5.5.7.1.1") == 0) {
+		addf(str, _("%s\t\tAuthority Information "
+			    "Access (%s):\n"), prefix,
+		     critical ? _("critical") : _("not critical"));
+
+		print_aia(str, der);
+	} else if (strcmp(oid, GNUTLS_X509EXT_OID_CT_SCT_V1) == 0) {
+		addf(str, _("%s\t\tCT Precertificate SCTs (%s):\n"),
+		     prefix, critical ? _("critical") : _("not critical"));
+
+		print_scts(str, der, prefix);
+	} else if (strcmp(oid, "2.5.29.30") == 0) {
+		if (idx->nc) {
+			addf(str,
+			     "warning: more than one name constraints extension\n");
+		}
+		idx->nc++;
+
+		addf(str, _("%s\t\tName Constraints (%s):\n"), prefix,
+		     critical ? _("critical") : _("not critical"));
+
+		print_nc(str, prefix, der);
+	} else if (strcmp(oid, GNUTLS_X509EXT_OID_TLSFEATURES) == 0) {
+		if (idx->tlsfeatures) {
+			addf(str,
+				 "warning: more than one tlsfeatures extension\n");
+		}
+
+		addf(str, _("%s\t\tTLS Features (%s):\n"),
+			 prefix,
+			 critical ? _("critical") : _("not critical"));
+
+		print_tlsfeatures(str, prefix, der);
+
+		idx->tlsfeatures++;
+	} else if (strcmp(oid, "1.2.643.100.111") == 0) {
+		addf(str, _("%s\t\tSubject Signing Tool(%s):\n"),
+			 prefix,
+			 critical ? _("critical") : _("not critical"));
+
+		print_subject_sign_tool(str, prefix, der);
+	} else if (strcmp(oid, "1.2.643.100.112") == 0) {
+		addf(str, _("%s\t\tIssuer Signing Tool(%s):\n"),
+			 prefix,
+			 critical ? _("critical") : _("not critical"));
+
+		print_issuer_sign_tool(str, prefix, der);
+	} else if (strcmp(oid, "2.5.4.3") == 0) {
+		int ret;
+		gnutls_datum_t tmp = {NULL, 0};
+
+		addf(str, _("%s\t\tCommon Name (%s):\n"),
+				prefix,
+				critical ? _("critical") : _("not critical"));
+
+		ret = _gnutls_x509_decode_string(ASN1_ETYPE_PRINTABLE_STRING, der->data, der->size, &tmp, 0);
+		if (ret < 0) {
+			addf(str, "error: x509_decode_string: %s\n",
+					gnutls_strerror(ret));
+		} else {
+			addf(str, "%s\t\t\t%s\n", prefix, tmp.data);
+			gnutls_free(tmp.data);
+		}
+	} else {
+		addf(str, _("%s\t\tUnknown extension %s (%s):\n"),
+		     prefix, oid,
+		     critical ? _("critical") : _("not critical"));
+
+		addf(str, _("%s\t\t\tASCII: "), prefix);
+		_gnutls_buffer_asciiprint(str, (char*)der->data, der->size);
+
+		addf(str, "\n");
+		addf(str, _("%s\t\t\tHexdump: "), prefix);
+		_gnutls_buffer_hexprint(str, (char*)der->data, der->size);
+		adds(str, "\n");
+	}
+}
+
+static void
+print_extensions(gnutls_buffer_st * str, const char *prefix, int type,
+		 cert_type_t cert)
+{
+	unsigned i;
+	int err;
+	gnutls_datum_t der = {NULL, 0};
+	struct ext_indexes_st idx;
+
+	memset(&idx, 0, sizeof(idx));
+
+	for (i = 0;; i++) {
+		char oid[MAX_OID_SIZE] = "";
+		size_t sizeof_oid = sizeof(oid);
+		unsigned int critical;
+
+		if (type == TYPE_CRT)
+			err =
+			    gnutls_x509_crt_get_extension_info(cert.crt, i,
+							       oid,
+							       &sizeof_oid,
+							       &critical);
+
+		else if (type == TYPE_CRQ)
+			err =
+			    gnutls_x509_crq_get_extension_info(cert.crq, i,
+							       oid,
+							       &sizeof_oid,
+							       &critical);
+		else {
+			gnutls_assert();
+			return;
+		}
+
+		if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+			break;
+		if (err < 0) {
+			addf(str, "error: get_extension_info: %s\n",
+			     gnutls_strerror(err));
+			break;
+		}
+
+		if (i == 0)
+			addf(str, _("%s\tExtensions:\n"), prefix);
+
+		if (type == TYPE_CRT)
+			err = gnutls_x509_crt_get_extension_data2(cert.crt, i, &der);
+		else
+			err = gnutls_x509_crq_get_extension_data2(cert.crq, i, &der);
+
+		if (err < 0) {
+			der.data = NULL;
+			der.size = 0;
+		}
+
+		print_extension(str, prefix, &idx, oid, critical, &der);
+		gnutls_free(der.data);
+	}
+}
+
+static void reverse_datum(gnutls_datum_t *d)
+{
+	unsigned int i;
+	unsigned char c;
+
+	for (i = 0; i < d->size / 2; i++) {
+		c = d->data[i];
+		d->data[i] = d->data[d->size - i - 1];
+		d->data[d->size - i - 1] = c;
+	}
+}
+
+static void
+print_pubkey(gnutls_buffer_st * str, const char *key_name,
+	     gnutls_pubkey_t pubkey, gnutls_x509_spki_st *spki,
+	     gnutls_certificate_print_formats_t format)
+{
+	int err;
+	const char *name;
+	unsigned bits;
+	unsigned pk;
+
+	err = gnutls_pubkey_get_pk_algorithm(pubkey, &bits);
+	if (err < 0) {
+		addf(str, "error: get_pk_algorithm: %s\n",
+		     gnutls_strerror(err));
+		return;
+	}
+
+	pk = err;
+
+	name = gnutls_pk_algorithm_get_name(pk);
+	if (name == NULL)
+		name = _("unknown");
+
+	addf(str, _("\t%sPublic Key Algorithm: %s\n"), key_name, name);
+
+	addf(str, _("\tAlgorithm Security Level: %s (%d bits)\n"),
+	     gnutls_sec_param_get_name(gnutls_pk_bits_to_sec_param
+				       (err, bits)), bits);
+
+	if (spki && pk == GNUTLS_PK_RSA_PSS && spki->pk == pk) {
+		addf(str, _("\t\tParameters:\n"));
+		addf(str, "\t\t\tHash Algorithm: %s\n",
+		     gnutls_digest_get_name(spki->rsa_pss_dig));
+		addf(str, "\t\t\tSalt Length: %d\n", spki->salt_size);
+	}
+
+	switch (pk) {
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_RSA_PSS:
+		{
+			gnutls_datum_t m, e;
+
+			err = gnutls_pubkey_get_pk_rsa_raw(pubkey, &m, &e);
+			if (err < 0)
+				addf(str, "error: get_pk_rsa_raw: %s\n",
+				     gnutls_strerror(err));
+			else {
+				if (format ==
+				    GNUTLS_CRT_PRINT_FULL_NUMBERS) {
+					addf(str,
+					     _("\t\tModulus (bits %d): "),
+					     bits);
+					_gnutls_buffer_hexprint(str,
+								m.data,
+								m.size);
+					adds(str, "\n");
+					addf(str,
+					     _("\t\tExponent (bits %d): "),
+					     e.size * 8);
+					_gnutls_buffer_hexprint(str,
+								e.data,
+								e.size);
+					adds(str, "\n");
+				} else {
+					addf(str,
+					     _("\t\tModulus (bits %d):\n"),
+					     bits);
+					_gnutls_buffer_hexdump(str, m.data,
+							       m.size,
+							       "\t\t\t");
+					addf(str,
+					     _
+					     ("\t\tExponent (bits %d):\n"),
+					     e.size * 8);
+					_gnutls_buffer_hexdump(str, e.data,
+							       e.size,
+							       "\t\t\t");
+				}
+
+				gnutls_free(m.data);
+				gnutls_free(e.data);
+			}
+
+		}
+		break;
+
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_ECDH_X448:
+	case GNUTLS_PK_ECDSA:
+		{
+			gnutls_datum_t x, y;
+			gnutls_ecc_curve_t curve;
+
+			err =
+			    gnutls_pubkey_get_pk_ecc_raw(pubkey, &curve,
+							 &x, &y);
+			if (err < 0) {
+				addf(str, "error: get_pk_ecc_raw: %s\n",
+				     gnutls_strerror(err));
+			} else {
+				addf(str, _("\t\tCurve:\t%s\n"),
+				     gnutls_ecc_curve_get_name(curve));
+				if (format ==
+				    GNUTLS_CRT_PRINT_FULL_NUMBERS) {
+					adds(str, _("\t\tX: "));
+					_gnutls_buffer_hexprint(str,
+								x.data,
+								x.size);
+					adds(str, "\n");
+					if (y.size > 0) {
+						adds(str, _("\t\tY: "));
+						_gnutls_buffer_hexprint(str,
+									y.data,
+									y.size);
+						adds(str, "\n");
+					}
+				} else {
+					adds(str, _("\t\tX:\n"));
+					_gnutls_buffer_hexdump(str, x.data,
+							       x.size,
+							       "\t\t\t");
+					if (y.size > 0) {
+						adds(str, _("\t\tY:\n"));
+						_gnutls_buffer_hexdump(str, y.data,
+								       y.size,
+								       "\t\t\t");
+					}
+				}
+
+				gnutls_free(x.data);
+				gnutls_free(y.data);
+
+			}
+		}
+		break;
+	case GNUTLS_PK_DSA:
+		{
+			gnutls_datum_t p, q, g, y;
+
+			err =
+			    gnutls_pubkey_get_pk_dsa_raw(pubkey, &p, &q,
+							 &g, &y);
+			if (err < 0)
+				addf(str, "error: get_pk_dsa_raw: %s\n",
+				     gnutls_strerror(err));
+			else {
+				if (format ==
+				    GNUTLS_CRT_PRINT_FULL_NUMBERS) {
+					addf(str,
+					     _
+					     ("\t\tPublic key (bits %d): "),
+					     bits);
+					_gnutls_buffer_hexprint(str,
+								y.data,
+								y.size);
+					adds(str, "\n");
+					adds(str, _("\t\tP: "));
+					_gnutls_buffer_hexprint(str,
+								p.data,
+								p.size);
+					adds(str, "\n");
+					adds(str, _("\t\tQ: "));
+					_gnutls_buffer_hexprint(str,
+								q.data,
+								q.size);
+					adds(str, "\n");
+					adds(str, _("\t\tG: "));
+					_gnutls_buffer_hexprint(str,
+								g.data,
+								g.size);
+					adds(str, "\n");
+				} else {
+					addf(str,
+					     _
+					     ("\t\tPublic key (bits %d):\n"),
+					     bits);
+					_gnutls_buffer_hexdump(str, y.data,
+							       y.size,
+							       "\t\t\t");
+					adds(str, _("\t\tP:\n"));
+					_gnutls_buffer_hexdump(str, p.data,
+							       p.size,
+							       "\t\t\t");
+					adds(str, _("\t\tQ:\n"));
+					_gnutls_buffer_hexdump(str, q.data,
+							       q.size,
+							       "\t\t\t");
+					adds(str, _("\t\tG:\n"));
+					_gnutls_buffer_hexdump(str, g.data,
+							       g.size,
+							       "\t\t\t");
+				}
+
+				gnutls_free(p.data);
+				gnutls_free(q.data);
+				gnutls_free(g.data);
+				gnutls_free(y.data);
+
+			}
+		}
+		break;
+
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		{
+			gnutls_datum_t x, y;
+			gnutls_ecc_curve_t curve;
+			gnutls_digest_algorithm_t digest;
+			gnutls_gost_paramset_t param;
+
+			err =
+			    gnutls_pubkey_export_gost_raw2(pubkey, &curve,
+							   &digest,
+							   &param,
+							   &x, &y, 0);
+			if (err < 0)
+				addf(str, "error: get_pk_gost_raw: %s\n",
+				     gnutls_strerror(err));
+			else {
+				addf(str, _("\t\tCurve:\t%s\n"),
+				     gnutls_ecc_curve_get_name(curve));
+				addf(str, _("\t\tDigest:\t%s\n"),
+				     gnutls_digest_get_name(digest));
+				addf(str, _("\t\tParamSet: %s\n"),
+				     gnutls_gost_paramset_get_name(param));
+				reverse_datum(&x);
+				reverse_datum(&y);
+				if (format ==
+				    GNUTLS_CRT_PRINT_FULL_NUMBERS) {
+					adds(str, _("\t\tX: "));
+					_gnutls_buffer_hexprint(str,
+								x.data,
+								x.size);
+					adds(str, "\n");
+					adds(str, _("\t\tY: "));
+					_gnutls_buffer_hexprint(str,
+								y.data,
+								y.size);
+					adds(str, "\n");
+				} else {
+					adds(str, _("\t\tX:\n"));
+					_gnutls_buffer_hexdump(str, x.data,
+							       x.size,
+							       "\t\t\t");
+					adds(str, _("\t\tY:\n"));
+					_gnutls_buffer_hexdump(str, y.data,
+							       y.size,
+							       "\t\t\t");
+				}
+
+				gnutls_free(x.data);
+				gnutls_free(y.data);
+
+			}
+		}
+		break;
+
+	default:
+		break;
+	}
+}
+
+static int
+print_crt_sig_params(gnutls_buffer_st * str, gnutls_x509_crt_t crt,
+		     gnutls_certificate_print_formats_t format)
+{
+	int ret;
+	gnutls_pk_algorithm_t pk;
+	gnutls_x509_spki_st params;
+	gnutls_sign_algorithm_t sign;
+
+	sign = gnutls_x509_crt_get_signature_algorithm(crt);
+	pk = gnutls_sign_get_pk_algorithm(sign);
+	if (pk == GNUTLS_PK_RSA_PSS) {
+		ret = _gnutls_x509_read_sign_params(crt->cert,
+						    "signatureAlgorithm",
+						    &params);
+		if (ret < 0) {
+			addf(str, "error: read_pss_params: %s\n",
+			     gnutls_strerror(ret));
+		} else
+			addf(str, "\t\tSalt Length: %d\n", params.salt_size);
+	}
+
+	return 0;
+}
+
+static void print_pk_name(gnutls_buffer_st * str, gnutls_x509_crt_t crt)
+{
+	const char *p;
+	char *name = get_pk_name(crt, NULL);
+	if (name == NULL)
+		p = _("unknown");
+	else
+		p = name;
+
+	addf(str, "\tSubject Public Key Algorithm: %s\n", p);
+	gnutls_free(name);
+}
+
+static int
+print_crt_pubkey(gnutls_buffer_st * str, gnutls_x509_crt_t crt,
+		 gnutls_certificate_print_formats_t format)
+{
+	gnutls_pubkey_t pubkey = NULL;
+	gnutls_x509_spki_st params;
+	int ret, pk;
+
+	ret = _gnutls_x509_crt_read_spki_params(crt, &params);
+	if (ret < 0)
+		return ret;
+
+	pk = gnutls_x509_crt_get_pk_algorithm(crt, NULL);
+	if (pk < 0) {
+		gnutls_assert();
+		pk = GNUTLS_PK_UNKNOWN;
+	}
+
+	if (pk == GNUTLS_PK_UNKNOWN) {
+		print_pk_name(str, crt); /* print basic info only */
+		return 0;
+	}
+
+	ret = gnutls_pubkey_init(&pubkey);
+	if (ret < 0)
+		return ret;
+
+	ret = gnutls_pubkey_import_x509(pubkey, crt, 0);
+	if (ret < 0) {
+		if (ret != GNUTLS_E_UNIMPLEMENTED_FEATURE)
+			addf(str, "error importing public key: %s\n", gnutls_strerror(ret));
+		print_pk_name(str, crt); /* print basic info only */
+		ret = 0;
+		goto cleanup;
+	}
+
+	print_pubkey(str, _("Subject "), pubkey, &params, format);
+	ret = 0;
+
+ cleanup:
+	gnutls_pubkey_deinit(pubkey);
+
+	return ret;
+}
+
+static void
+print_cert(gnutls_buffer_st * str, gnutls_x509_crt_t cert,
+	   gnutls_certificate_print_formats_t format)
+{
+	/* Version. */
+	{
+		int version = gnutls_x509_crt_get_version(cert);
+		if (version < 0)
+			addf(str, "error: get_version: %s\n",
+			     gnutls_strerror(version));
+		else
+			addf(str, _("\tVersion: %d\n"), version);
+	}
+
+	/* Serial. */
+	{
+		char serial[128];
+		size_t serial_size = sizeof(serial);
+		int err;
+
+		err =
+		    gnutls_x509_crt_get_serial(cert, serial, &serial_size);
+		if (err < 0)
+			addf(str, "error: get_serial: %s\n",
+			     gnutls_strerror(err));
+		else {
+			adds(str, _("\tSerial Number (hex): "));
+			_gnutls_buffer_hexprint(str, serial, serial_size);
+			adds(str, "\n");
+		}
+	}
+
+	/* Issuer. */
+	if (format != GNUTLS_CRT_PRINT_UNSIGNED_FULL) {
+		gnutls_datum_t dn;
+		int err;
+
+		err = gnutls_x509_crt_get_issuer_dn3(cert, &dn, 0);
+		if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			addf(str, _("\tIssuer:\n"));
+		} else if (err < 0) {
+			addf(str, "error: get_issuer_dn: %s\n",
+			     gnutls_strerror(err));
+		} else {
+			addf(str, _("\tIssuer: %s\n"), dn.data);
+			gnutls_free(dn.data);
+		}
+	}
+
+	/* Validity. */
+	{
+		time_t tim;
+
+		adds(str, _("\tValidity:\n"));
+
+		tim = gnutls_x509_crt_get_activation_time(cert);
+		if (tim != -1) {
+			char s[42];
+			size_t max = sizeof(s);
+			struct tm t;
+
+			if (gmtime_r(&tim, &t) == NULL)
+				addf(str, "error: gmtime_r (%ld)\n",
+				     (unsigned long) tim);
+			else if (strftime
+				 (s, max, "%a %b %d %H:%M:%S UTC %Y",
+				  &t) == 0)
+				addf(str, "error: strftime (%ld)\n",
+				     (unsigned long) tim);
+			else
+				addf(str, _("\t\tNot Before: %s\n"), s);
+		} else {
+			addf(str, _("\t\tNot Before: %s\n"), _("unknown"));
+		}
+
+		tim = gnutls_x509_crt_get_expiration_time(cert);
+		if (tim != -1) {
+			char s[42];
+			size_t max = sizeof(s);
+			struct tm t;
+
+			if (gmtime_r(&tim, &t) == NULL)
+				addf(str, "error: gmtime_r (%ld)\n",
+				     (unsigned long) tim);
+			else if (strftime
+				 (s, max, "%a %b %d %H:%M:%S UTC %Y",
+				  &t) == 0)
+				addf(str, "error: strftime (%ld)\n",
+				     (unsigned long) tim);
+			else
+				addf(str, _("\t\tNot After: %s\n"), s);
+		} else {
+			addf(str, _("\t\tNot After: %s\n"), _("unknown"));
+		}
+	}
+
+	/* Subject. */
+	{
+		gnutls_datum_t dn;
+		int err;
+
+		err = gnutls_x509_crt_get_dn3(cert, &dn, 0);
+		if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			addf(str, _("\tSubject:\n"));
+		} else if (err < 0) {
+			addf(str, "error: get_dn: %s\n",
+			     gnutls_strerror(err));
+		} else {
+			addf(str, _("\tSubject: %s\n"), dn.data);
+			gnutls_free(dn.data);
+		}
+	}
+
+	/* SubjectPublicKeyInfo. */
+	print_crt_pubkey(str, cert, format);
+
+	print_unique_ids(str, cert);
+
+	/* Extensions. */
+	if (gnutls_x509_crt_get_version(cert) >= 3) {
+		cert_type_t ccert;
+
+		ccert.crt = cert;
+		print_extensions(str, "", TYPE_CRT, ccert);
+	}
+
+	/* Signature. */
+	if (format != GNUTLS_CRT_PRINT_UNSIGNED_FULL) {
+		int err;
+		size_t size = 0;
+		char *buffer = NULL;
+		char *name;
+		const char *p;
+
+		name = get_sign_name(cert, &err);
+		if (name == NULL)
+			p = _("unknown");
+		else
+			p = name;
+
+		addf(str, _("\tSignature Algorithm: %s\n"), p);
+		gnutls_free(name);
+
+		print_crt_sig_params(str, cert, format);
+
+		if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure2(err, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0) {
+			adds(str,
+			     _("warning: signed using a broken signature "
+			       "algorithm that can be forged.\n"));
+		}
+
+		err = gnutls_x509_crt_get_signature(cert, buffer, &size);
+		if (err != GNUTLS_E_SHORT_MEMORY_BUFFER) {
+			addf(str, "error: get_signature: %s\n",
+			     gnutls_strerror(err));
+			return;
+		}
+
+		buffer = gnutls_malloc(size);
+		if (!buffer) {
+			addf(str, "error: malloc: %s\n",
+			     gnutls_strerror(GNUTLS_E_MEMORY_ERROR));
+			return;
+		}
+
+		err = gnutls_x509_crt_get_signature(cert, buffer, &size);
+		if (err < 0) {
+			gnutls_free(buffer);
+			addf(str, "error: get_signature2: %s\n",
+			     gnutls_strerror(err));
+			return;
+		}
+
+		adds(str, _("\tSignature:\n"));
+		_gnutls_buffer_hexdump(str, buffer, size, "\t\t");
+
+		gnutls_free(buffer);
+	}
+}
+
+static void
+print_fingerprint(gnutls_buffer_st * str, gnutls_x509_crt_t cert)
+{
+	int err;
+	char buffer[MAX_HASH_SIZE];
+	size_t size = sizeof(buffer);
+
+	adds(str, _("\tFingerprint:\n"));
+
+	err = gnutls_x509_crt_get_fingerprint(cert, GNUTLS_DIG_SHA1, buffer, &size);
+	if (err < 0) {
+		addf(str, "error: get_fingerprint: %s\n",
+		     gnutls_strerror(err));
+		return;
+	}
+
+	adds(str, _("\t\tsha1:"));
+	_gnutls_buffer_hexprint(str, buffer, size);
+	adds(str, "\n");
+
+	size = sizeof(buffer);
+	err = gnutls_x509_crt_get_fingerprint(cert, GNUTLS_DIG_SHA256, buffer, &size);
+	if (err < 0) {
+		addf(str, "error: get_fingerprint: %s\n",
+		     gnutls_strerror(err));
+		return;
+	}
+	adds(str, _("\t\tsha256:"));
+	_gnutls_buffer_hexprint(str, buffer, size);
+	adds(str, "\n");
+}
+
+typedef int get_id_func(void *obj, unsigned, unsigned char*, size_t*);
+
+static void print_obj_id(gnutls_buffer_st *str, const char *prefix, void *obj, get_id_func *get_id)
+{
+	unsigned char sha1_buffer[MAX_HASH_SIZE];
+	unsigned char sha2_buffer[MAX_HASH_SIZE];
+	int err;
+	size_t sha1_size, sha2_size;
+
+	sha1_size = sizeof(sha1_buffer);
+	err = get_id(obj, GNUTLS_KEYID_USE_SHA1, sha1_buffer, &sha1_size);
+	if (err == GNUTLS_E_UNIMPLEMENTED_FEATURE) /* unsupported algo */
+		return;
+
+	if (err < 0) {
+		addf(str, "error: get_key_id(sha1): %s\n", gnutls_strerror(err));
+		return;
+	}
+
+	sha2_size = sizeof(sha2_buffer);
+	err = get_id(obj, GNUTLS_KEYID_USE_SHA256, sha2_buffer, &sha2_size);
+	if (err == GNUTLS_E_UNIMPLEMENTED_FEATURE) /* unsupported algo */
+		return;
+
+	if (err < 0) {
+		addf(str, "error: get_key_id(sha256): %s\n", gnutls_strerror(err));
+		return;
+	}
+
+	addf(str, _("%sPublic Key ID:\n%s\tsha1:"), prefix, prefix);
+	_gnutls_buffer_hexprint(str, sha1_buffer, sha1_size);
+	addf(str, "\n%s\tsha256:", prefix);
+	_gnutls_buffer_hexprint(str, sha2_buffer, sha2_size);
+	adds(str, "\n");
+
+	addf(str, _("%sPublic Key PIN:\n%s\tpin-sha256:"), prefix, prefix);
+	_gnutls_buffer_base64print(str, sha2_buffer, sha2_size);
+	adds(str, "\n");
+
+	return;
+}
+
+static void print_keyid(gnutls_buffer_st * str, gnutls_x509_crt_t cert)
+{
+	int err;
+	const char *name;
+	unsigned int bits;
+	unsigned char sha1_buffer[MAX_HASH_SIZE];
+	size_t sha1_size;
+
+	err = gnutls_x509_crt_get_pk_algorithm(cert, &bits);
+	if (err < 0)
+		return;
+
+	print_obj_id(str, "\t", cert, (get_id_func*)gnutls_x509_crt_get_key_id);
+
+	if (IS_EC(err)) {
+		gnutls_ecc_curve_t curve;
+
+		err = gnutls_x509_crt_get_pk_ecc_raw(cert, &curve, NULL, NULL);
+		if (err < 0)
+			return;
+
+		name = gnutls_ecc_curve_get_name(curve);
+		bits = 0;
+	} else if (IS_GOSTEC(err)) {
+		gnutls_ecc_curve_t curve;
+
+		err = gnutls_x509_crt_get_pk_gost_raw(cert, &curve, NULL, NULL, NULL, NULL);
+		if (err < 0)
+			return;
+
+		name = gnutls_ecc_curve_get_name(curve);
+		bits = 0;
+	} else {
+		name = gnutls_pk_get_name(err);
+	}
+
+	if (name == NULL)
+		return;
+
+	sha1_size = sizeof(sha1_buffer);
+	err = gnutls_x509_crt_get_key_id(cert, GNUTLS_KEYID_USE_SHA1, sha1_buffer, &sha1_size);
+	if (err == GNUTLS_E_UNIMPLEMENTED_FEATURE) /* unsupported algo */
+		return;
+}
+
+static void
+print_other(gnutls_buffer_st * str, gnutls_x509_crt_t cert,
+	    gnutls_certificate_print_formats_t format)
+{
+	if (format != GNUTLS_CRT_PRINT_UNSIGNED_FULL) {
+		print_fingerprint(str, cert);
+	}
+	print_keyid(str, cert);
+}
+
+static void print_oneline(gnutls_buffer_st * str, gnutls_x509_crt_t cert)
+{
+	int err;
+
+	/* Subject. */
+	{
+		gnutls_datum_t dn;
+
+		err = gnutls_x509_crt_get_dn3(cert, &dn, 0);
+		if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			addf(str, _("no subject,"));
+		} else if (err < 0) {
+			addf(str, "unknown subject (%s), ",
+			     gnutls_strerror(err));
+		} else {
+			addf(str, "subject `%s', ", dn.data);
+			gnutls_free(dn.data);
+		}
+	}
+
+	/* Issuer. */
+	{
+		gnutls_datum_t dn;
+
+		err = gnutls_x509_crt_get_issuer_dn3(cert, &dn, 0);
+		if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			addf(str, _("no issuer,"));
+		} else if (err < 0) {
+			addf(str, "unknown issuer (%s), ",
+			     gnutls_strerror(err));
+		} else {
+			addf(str, "issuer `%s', ", dn.data);
+			gnutls_free(dn.data);
+		}
+	}
+
+	{
+		char serial[128];
+		size_t serial_size = sizeof(serial);
+
+		err =
+		    gnutls_x509_crt_get_serial(cert, serial, &serial_size);
+		if (err >= 0) {
+			adds(str, "serial 0x");
+			_gnutls_buffer_hexprint(str, serial, serial_size);
+			adds(str, ", ");
+		}
+	}
+
+	/* Key algorithm and size. */
+	{
+		unsigned int bits;
+		const char *p;
+		char *name = get_pk_name(cert, &bits);
+		if (name == NULL)
+			p = _("unknown");
+		else
+			p = name;
+		addf(str, "%s key %d bits, ", p, bits);
+		gnutls_free(name);
+	}
+
+	/* Signature Algorithm. */
+	{
+		char *name = get_sign_name(cert, &err);
+		const char *p;
+
+		if (name == NULL)
+			p = _("unknown");
+		else
+			p = name;
+
+		if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure2(err, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0)
+			addf(str, _("signed using %s (broken!), "), p);
+		else
+			addf(str, _("signed using %s, "), p);
+		gnutls_free(name);
+	}
+
+	/* Validity. */
+	{
+		time_t tim;
+
+		tim = gnutls_x509_crt_get_activation_time(cert);
+		{
+			char s[42];
+			size_t max = sizeof(s);
+			struct tm t;
+
+			if (gmtime_r(&tim, &t) == NULL)
+				addf(str, "unknown activation (%ld), ",
+				     (unsigned long) tim);
+			else if (strftime
+				 (s, max, "%Y-%m-%d %H:%M:%S UTC",
+				  &t) == 0)
+				addf(str, "failed activation (%ld), ",
+				     (unsigned long) tim);
+			else
+				addf(str, "activated `%s', ", s);
+		}
+
+		tim = gnutls_x509_crt_get_expiration_time(cert);
+		{
+			char s[42];
+			size_t max = sizeof(s);
+			struct tm t;
+
+			if (gmtime_r(&tim, &t) == NULL)
+				addf(str, "unknown expiry (%ld), ",
+				     (unsigned long) tim);
+			else if (strftime
+				 (s, max, "%Y-%m-%d %H:%M:%S UTC",
+				  &t) == 0)
+				addf(str, "failed expiry (%ld), ",
+				     (unsigned long) tim);
+			else
+				addf(str, "expires `%s', ", s);
+		}
+	}
+
+	{
+		int pathlen;
+		char *policyLanguage;
+
+		err = gnutls_x509_crt_get_proxy(cert, NULL,
+						&pathlen, &policyLanguage,
+						NULL, NULL);
+		if (err == 0) {
+			addf(str, "proxy certificate (policy=");
+			if (strcmp(policyLanguage, "1.3.6.1.5.5.7.21.1") ==
+			    0)
+				addf(str, "id-ppl-inheritALL");
+			else if (strcmp
+				 (policyLanguage,
+				  "1.3.6.1.5.5.7.21.2") == 0)
+				addf(str, "id-ppl-independent");
+			else
+				addf(str, "%s", policyLanguage);
+			if (pathlen >= 0)
+				addf(str, ", pathlen=%d), ", pathlen);
+			else
+				addf(str, "), ");
+			gnutls_free(policyLanguage);
+		}
+	}
+
+	{
+		unsigned char buffer[MAX_HASH_SIZE];
+		size_t size = sizeof(buffer);
+
+		err = gnutls_x509_crt_get_key_id(cert, GNUTLS_KEYID_USE_SHA256,
+						 buffer, &size);
+		if (err >= 0) {
+			addf(str, "pin-sha256=\"");
+			_gnutls_buffer_base64print(str, buffer, size);
+			adds(str, "\"");
+		}
+	}
+
+}
+
+/**
+ * gnutls_x509_crt_print:
+ * @cert: The data to be printed
+ * @format: Indicate the format to use
+ * @out: Newly allocated datum with null terminated string.
+ *
+ * This function will pretty print a X.509 certificate, suitable for
+ * display to a human.
+ *
+ * If the format is %GNUTLS_CRT_PRINT_FULL then all fields of the
+ * certificate will be output, on multiple lines.  The
+ * %GNUTLS_CRT_PRINT_ONELINE format will generate one line with some
+ * selected fields, which is useful for logging purposes.
+ *
+ * The output @out needs to be deallocated using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_print(gnutls_x509_crt_t cert,
+		      gnutls_certificate_print_formats_t format,
+		      gnutls_datum_t * out)
+{
+	gnutls_buffer_st str;
+	int ret;
+
+	if (format == GNUTLS_CRT_PRINT_COMPACT) {
+		_gnutls_buffer_init(&str);
+
+		print_oneline(&str, cert);
+
+		ret = _gnutls_buffer_append_data(&str, "\n", 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		print_keyid(&str, cert);
+
+		return _gnutls_buffer_to_datum(&str, out, 1);
+	} else if (format == GNUTLS_CRT_PRINT_ONELINE) {
+		_gnutls_buffer_init(&str);
+
+		print_oneline(&str, cert);
+
+		return _gnutls_buffer_to_datum(&str, out, 1);
+	} else {
+		_gnutls_buffer_init(&str);
+
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("X.509 Certificate Information:\n"));
+
+		print_cert(&str, cert, format);
+
+		_gnutls_buffer_append_str(&str, _("Other Information:\n"));
+
+		print_other(&str, cert, format);
+
+		return _gnutls_buffer_to_datum(&str, out, 1);
+	}
+}
+
+static void
+print_crl(gnutls_buffer_st * str, gnutls_x509_crl_t crl, int notsigned)
+{
+	/* Version. */
+	{
+		int version = gnutls_x509_crl_get_version(crl);
+		if (version < 0)
+			addf(str, "error: get_version: %s\n",
+			     gnutls_strerror(version));
+		else
+			addf(str, _("\tVersion: %d\n"), version);
+	}
+
+	/* Issuer. */
+	if (!notsigned) {
+		gnutls_datum_t dn;
+		int err;
+
+		err = gnutls_x509_crl_get_issuer_dn3(crl, &dn, 0);
+		if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			addf(str, _("\tIssuer:\n"));
+		} else if (err < 0) {
+			addf(str, "error: get_issuer_dn: %s\n",
+			     gnutls_strerror(err));
+		} else {
+			addf(str, _("\tIssuer: %s\n"), dn.data);
+			gnutls_free(dn.data);
+		}
+	}
+
+	/* Validity. */
+	{
+		time_t tim;
+
+		adds(str, _("\tUpdate dates:\n"));
+
+		tim = gnutls_x509_crl_get_this_update(crl);
+		{
+			char s[42];
+			size_t max = sizeof(s);
+			struct tm t;
+
+			if (gmtime_r(&tim, &t) == NULL)
+				addf(str, "error: gmtime_r (%ld)\n",
+				     (unsigned long) tim);
+			else if (strftime
+				 (s, max, "%a %b %d %H:%M:%S UTC %Y",
+				  &t) == 0)
+				addf(str, "error: strftime (%ld)\n",
+				     (unsigned long) tim);
+			else
+				addf(str, _("\t\tIssued: %s\n"), s);
+		}
+
+		tim = gnutls_x509_crl_get_next_update(crl);
+		{
+			char s[42];
+			size_t max = sizeof(s);
+			struct tm t;
+
+			if (tim == -1)
+				addf(str, "\t\tNo next update time.\n");
+			else if (gmtime_r(&tim, &t) == NULL)
+				addf(str, "error: gmtime_r (%ld)\n",
+				     (unsigned long) tim);
+			else if (strftime
+				 (s, max, "%a %b %d %H:%M:%S UTC %Y",
+				  &t) == 0)
+				addf(str, "error: strftime (%ld)\n",
+				     (unsigned long) tim);
+			else
+				addf(str, _("\t\tNext at: %s\n"), s);
+		}
+	}
+
+	/* Extensions. */
+	if (gnutls_x509_crl_get_version(crl) >= 2) {
+		size_t i;
+		int err = 0;
+		int aki_idx = 0;
+		int crl_nr = 0;
+
+		for (i = 0;; i++) {
+			char oid[MAX_OID_SIZE] = "";
+			size_t sizeof_oid = sizeof(oid);
+			unsigned int critical;
+
+			err = gnutls_x509_crl_get_extension_info(crl, i,
+								 oid,
+								 &sizeof_oid,
+								 &critical);
+			if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+				break;
+			if (err < 0) {
+				addf(str,
+				     "error: get_extension_info: %s\n",
+				     gnutls_strerror(err));
+				break;
+			}
+
+			if (i == 0)
+				adds(str, _("\tExtensions:\n"));
+
+			if (strcmp(oid, "2.5.29.20") == 0) {
+				char nr[128];
+				size_t nr_size = sizeof(nr);
+
+				if (crl_nr) {
+					addf(str,
+					     "warning: more than one CRL number\n");
+				}
+
+				err =
+				    gnutls_x509_crl_get_number(crl, nr,
+							       &nr_size,
+							       &critical);
+
+				addf(str, _("\t\tCRL Number (%s): "),
+				     critical ? _("critical") :
+				     _("not critical"));
+
+				if (err < 0)
+					addf(str,
+					     "error: get_number: %s\n",
+					     gnutls_strerror(err));
+				else {
+					_gnutls_buffer_hexprint(str, nr,
+								nr_size);
+					addf(str, "\n");
+				}
+
+				crl_nr++;
+			} else if (strcmp(oid, "2.5.29.35") == 0) {
+				gnutls_datum_t der;
+
+				if (aki_idx) {
+					addf(str,
+					     "warning: more than one AKI extension\n");
+				}
+
+				addf(str,
+				     _
+				     ("\t\tAuthority Key Identifier (%s):\n"),
+				     critical ? _("critical") :
+				     _("not critical"));
+
+				err = gnutls_x509_crl_get_extension_data2(crl, i, &der);
+				if (err < 0) {
+					addf(str,
+					     "error: get_extension_data2: %s\n",
+					     gnutls_strerror(err));
+					continue;
+				}
+				print_aki(str, &der);
+				gnutls_free(der.data);
+
+				aki_idx++;
+			} else {
+				gnutls_datum_t der;
+
+				addf(str,
+				     _("\t\tUnknown extension %s (%s):\n"),
+				     oid,
+				     critical ? _("critical") :
+				     _("not critical"));
+
+				err =
+				    gnutls_x509_crl_get_extension_data2(crl,
+								       i,
+								       &der);
+				if (err < 0) {
+					addf(str,
+					     "error: get_extension_data2: %s\n",
+					     gnutls_strerror(err));
+					continue;
+				}
+
+				adds(str, _("\t\t\tASCII: "));
+				_gnutls_buffer_asciiprint(str, (char*)der.data, der.size);
+				adds(str, "\n");
+
+				adds(str, _("\t\t\tHexdump: "));
+				_gnutls_buffer_hexprint(str, der.data, der.size);
+				adds(str, "\n");
+
+				gnutls_free(der.data);
+			}
+		}
+	}
+
+
+	/* Revoked certificates. */
+	{
+		int num = gnutls_x509_crl_get_crt_count(crl);
+		gnutls_x509_crl_iter_t iter = NULL;
+		int j;
+
+		if (num)
+			addf(str, _("\tRevoked certificates (%d):\n"),
+			     num);
+		else
+			adds(str, _("\tNo revoked certificates.\n"));
+
+		for (j = 0; j < num; j++) {
+			unsigned char serial[128];
+			size_t serial_size = sizeof(serial);
+			int err;
+			time_t tim;
+
+			err =
+			    gnutls_x509_crl_iter_crt_serial(crl, &iter, serial,
+							   &serial_size,
+							   &tim);
+			if (err < 0) {
+				addf(str, "error: iter_crt_serial: %s\n",
+				     gnutls_strerror(err));
+				break;
+			} else {
+				char s[42];
+				size_t max = sizeof(s);
+				struct tm t;
+
+				adds(str, _("\t\tSerial Number (hex): "));
+				_gnutls_buffer_hexprint(str, serial,
+							serial_size);
+				adds(str, "\n");
+
+				if (gmtime_r(&tim, &t) == NULL)
+					addf(str,
+					     "error: gmtime_r (%ld)\n",
+					     (unsigned long) tim);
+				else if (strftime
+					 (s, max,
+					  "%a %b %d %H:%M:%S UTC %Y",
+					  &t) == 0)
+					addf(str,
+					     "error: strftime (%ld)\n",
+					     (unsigned long) tim);
+				else
+					addf(str,
+					     _("\t\tRevoked at: %s\n"), s);
+			}
+		}
+		gnutls_x509_crl_iter_deinit(iter);
+	}
+
+	/* Signature. */
+	if (!notsigned) {
+		int err;
+		size_t size = 0;
+		char *buffer = NULL;
+		char *name;
+		const char *p;
+
+		name = crl_get_sign_name(crl, &err);
+		if (name == NULL)
+			p = _("unknown");
+		else
+			p = name;
+
+		addf(str, _("\tSignature Algorithm: %s\n"), p);
+		gnutls_free(name);
+
+		if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure2(err, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0) {
+			adds(str,
+			     _("warning: signed using a broken signature "
+			       "algorithm that can be forged.\n"));
+		}
+
+		err = gnutls_x509_crl_get_signature(crl, buffer, &size);
+		if (err != GNUTLS_E_SHORT_MEMORY_BUFFER) {
+			addf(str, "error: get_signature: %s\n",
+			     gnutls_strerror(err));
+			return;
+		}
+
+		buffer = gnutls_malloc(size);
+		if (!buffer) {
+			addf(str, "error: malloc: %s\n",
+			     gnutls_strerror(GNUTLS_E_MEMORY_ERROR));
+			return;
+		}
+
+		err = gnutls_x509_crl_get_signature(crl, buffer, &size);
+		if (err < 0) {
+			gnutls_free(buffer);
+			addf(str, "error: get_signature2: %s\n",
+			     gnutls_strerror(err));
+			return;
+		}
+
+		adds(str, _("\tSignature:\n"));
+		_gnutls_buffer_hexdump(str, buffer, size, "\t\t");
+
+		gnutls_free(buffer);
+	}
+}
+
+/**
+ * gnutls_x509_crl_print:
+ * @crl: The data to be printed
+ * @format: Indicate the format to use
+ * @out: Newly allocated datum with null terminated string.
+ *
+ * This function will pretty print a X.509 certificate revocation
+ * list, suitable for display to a human.
+ *
+ * The output @out needs to be deallocated using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crl_print(gnutls_x509_crl_t crl,
+		      gnutls_certificate_print_formats_t format,
+		      gnutls_datum_t * out)
+{
+	gnutls_buffer_st str;
+
+	_gnutls_buffer_init(&str);
+
+	_gnutls_buffer_append_str
+	    (&str, _("X.509 Certificate Revocation List Information:\n"));
+
+	print_crl(&str, crl, format == GNUTLS_CRT_PRINT_UNSIGNED_FULL);
+
+	return _gnutls_buffer_to_datum(&str, out, 1);
+}
+
+static int
+print_crq_sig_params(gnutls_buffer_st * str, gnutls_x509_crq_t crt,
+		     gnutls_certificate_print_formats_t format)
+{
+	int ret;
+	gnutls_pk_algorithm_t pk;
+	gnutls_x509_spki_st params;
+	gnutls_sign_algorithm_t sign;
+
+	sign = gnutls_x509_crq_get_signature_algorithm(crt);
+	pk = gnutls_sign_get_pk_algorithm(sign);
+	if (pk == GNUTLS_PK_RSA_PSS) {
+		ret = _gnutls_x509_read_sign_params(crt->crq,
+						    "signatureAlgorithm",
+						    &params);
+		if (ret < 0) {
+			addf(str, "error: read_pss_params: %s\n",
+			     gnutls_strerror(ret));
+		} else
+			addf(str, "\t\tSalt Length: %d\n", params.salt_size);
+	}
+
+	return 0;
+}
+
+static int
+print_crq_pubkey(gnutls_buffer_st * str, gnutls_x509_crq_t crq,
+		 gnutls_certificate_print_formats_t format)
+{
+	gnutls_pubkey_t pubkey;
+	gnutls_x509_spki_st params;
+	int ret;
+
+	ret = _gnutls_x509_crq_read_spki_params(crq, &params);
+	if (ret < 0)
+		return ret;
+
+	ret = gnutls_pubkey_init(&pubkey);
+	if (ret < 0)
+		return ret;
+
+	ret = gnutls_pubkey_import_x509_crq(pubkey, crq, 0);
+	if (ret < 0)
+		goto cleanup;
+
+	print_pubkey(str, _("Subject "), pubkey, &params, format);
+	ret = 0;
+
+      cleanup:
+	gnutls_pubkey_deinit(pubkey);
+
+	if (ret < 0) { /* print only name */
+		const char *p;
+		char *name = crq_get_pk_name(crq);
+		if (name == NULL)
+			p = _("unknown");
+		else
+			p = name;
+
+		addf(str, "\tSubject Public Key Algorithm: %s\n", p);
+		gnutls_free(name);
+		ret = 0;
+	}
+
+	return ret;
+}
+
+static void
+print_crq(gnutls_buffer_st * str, gnutls_x509_crq_t cert,
+	  gnutls_certificate_print_formats_t format)
+{
+	/* Version. */
+	{
+		int version = gnutls_x509_crq_get_version(cert);
+		if (version < 0)
+			addf(str, "error: get_version: %s\n",
+			     gnutls_strerror(version));
+		else
+			addf(str, _("\tVersion: %d\n"), version);
+	}
+
+	/* Subject */
+	{
+		gnutls_datum_t dn;
+		int err;
+
+		err = gnutls_x509_crq_get_dn3(cert, &dn, 0);
+		if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			addf(str, _("\tSubject:\n"));
+		} else if (err < 0) {
+			addf(str, "error: get_dn: %s\n",
+				     gnutls_strerror(err));
+		} else {
+			addf(str, _("\tSubject: %s\n"), dn.data);
+			gnutls_free(dn.data);
+		}
+	}
+
+	{
+		char *name;
+		const char *p;
+
+		print_crq_pubkey(str, cert, format);
+
+		name = crq_get_sign_name(cert);
+		if (name == NULL)
+			p = _("unknown");
+		else
+			p = name;
+
+		addf(str, _("\tSignature Algorithm: %s\n"), p);
+
+		gnutls_free(name);
+
+		print_crq_sig_params(str, cert, format);
+	}
+
+	/* parse attributes */
+	{
+		size_t i;
+		int err = 0;
+		int extensions = 0;
+		int challenge = 0;
+
+		for (i = 0;; i++) {
+			char oid[MAX_OID_SIZE] = "";
+			size_t sizeof_oid = sizeof(oid);
+
+			err =
+			    gnutls_x509_crq_get_attribute_info(cert, i,
+							       oid,
+							       &sizeof_oid);
+			if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+				break;
+			if (err < 0) {
+				addf(str,
+				     "error: get_extension_info: %s\n",
+				     gnutls_strerror(err));
+				break;
+			}
+
+			if (i == 0)
+				adds(str, _("\tAttributes:\n"));
+
+			if (strcmp(oid, "1.2.840.113549.1.9.14") == 0) {
+				cert_type_t ccert;
+
+				if (extensions) {
+					addf(str,
+					     "warning: more than one extensionsRequest\n");
+				}
+
+				ccert.crq = cert;
+				print_extensions(str, "\t", TYPE_CRQ,
+						 ccert);
+
+				extensions++;
+			} else if (strcmp(oid, "1.2.840.113549.1.9.7") ==
+				   0) {
+				char *pass;
+				size_t size;
+
+				if (challenge) {
+					adds(str,
+					     "warning: more than one Challenge password attribute\n");
+				}
+
+				err =
+				    gnutls_x509_crq_get_challenge_password
+				    (cert, NULL, &size);
+				if (err < 0
+				    && err !=
+				    GNUTLS_E_SHORT_MEMORY_BUFFER) {
+					addf(str,
+					     "error: get_challenge_password: %s\n",
+					     gnutls_strerror(err));
+					continue;
+				}
+
+				size++;
+
+				pass = gnutls_malloc(size);
+				if (!pass) {
+					addf(str, "error: malloc: %s\n",
+					     gnutls_strerror
+					     (GNUTLS_E_MEMORY_ERROR));
+					continue;
+				}
+
+				err =
+				    gnutls_x509_crq_get_challenge_password
+				    (cert, pass, &size);
+				if (err < 0)
+					addf(str,
+					     "error: get_challenge_password: %s\n",
+					     gnutls_strerror(err));
+				else
+					addf(str,
+					     _
+					     ("\t\tChallenge password: %s\n"),
+					     pass);
+
+				gnutls_free(pass);
+
+				challenge++;
+			} else {
+				char *buffer;
+				size_t extlen = 0;
+
+				addf(str, _("\t\tUnknown attribute %s:\n"),
+				     oid);
+
+				err =
+				    gnutls_x509_crq_get_attribute_data
+				    (cert, i, NULL, &extlen);
+				if (err < 0) {
+					addf(str,
+					     "error: get_attribute_data: %s\n",
+					     gnutls_strerror(err));
+					continue;
+				}
+
+				buffer = gnutls_malloc(extlen);
+				if (!buffer) {
+					addf(str, "error: malloc: %s\n",
+					     gnutls_strerror
+					     (GNUTLS_E_MEMORY_ERROR));
+					continue;
+				}
+
+				err =
+				    gnutls_x509_crq_get_attribute_data
+				    (cert, i, buffer, &extlen);
+				if (err < 0) {
+					gnutls_free(buffer);
+					addf(str,
+					     "error: get_attribute_data2: %s\n",
+					     gnutls_strerror(err));
+					continue;
+				}
+
+				adds(str, _("\t\t\tASCII: "));
+				_gnutls_buffer_asciiprint(str, buffer,
+							  extlen);
+				adds(str, "\n");
+
+				adds(str, _("\t\t\tHexdump: "));
+				_gnutls_buffer_hexprint(str, buffer,
+							extlen);
+				adds(str, "\n");
+
+				gnutls_free(buffer);
+			}
+		}
+	}
+}
+
+static void print_crq_other(gnutls_buffer_st * str, gnutls_x509_crq_t crq)
+{
+	int ret;
+
+	/* on unknown public key algorithms don't print the key ID */
+	ret = gnutls_x509_crq_get_pk_algorithm(crq, NULL);
+	if (ret < 0)
+		return;
+
+	print_obj_id(str, "\t", crq, (get_id_func*)gnutls_x509_crq_get_key_id);
+}
+
+/**
+ * gnutls_x509_crq_print:
+ * @crq: The data to be printed
+ * @format: Indicate the format to use
+ * @out: Newly allocated datum with null terminated string.
+ *
+ * This function will pretty print a certificate request, suitable for
+ * display to a human.
+ *
+ * The output @out needs to be deallocated using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crq_print(gnutls_x509_crq_t crq,
+		      gnutls_certificate_print_formats_t format,
+		      gnutls_datum_t * out)
+{
+	gnutls_buffer_st str;
+
+	_gnutls_buffer_init(&str);
+
+	_gnutls_buffer_append_str
+	    (&str, _("PKCS #10 Certificate Request Information:\n"));
+
+	print_crq(&str, crq, format);
+
+	_gnutls_buffer_append_str(&str, _("Other Information:\n"));
+
+	print_crq_other(&str, crq);
+
+	return _gnutls_buffer_to_datum(&str, out, 1);
+}
+
+static void
+print_pubkey_other(gnutls_buffer_st * str, gnutls_pubkey_t pubkey,
+		   gnutls_certificate_print_formats_t format)
+{
+	int ret;
+	unsigned int usage;
+
+	ret = gnutls_pubkey_get_key_usage(pubkey, &usage);
+	if (ret < 0) {
+		addf(str, "error: get_key_usage: %s\n",
+		     gnutls_strerror(ret));
+		return;
+	}
+
+	adds(str, "\n");
+	if (pubkey->key_usage) {
+		adds(str, _("Public Key Usage:\n"));
+		print_key_usage2(str, "\t", pubkey->key_usage);
+	}
+
+	/* on unknown public key algorithms don't print the key ID */
+	ret = gnutls_pubkey_get_pk_algorithm(pubkey, NULL);
+	if (ret < 0)
+		return;
+
+	print_obj_id(str, "", pubkey, (get_id_func*)gnutls_pubkey_get_key_id);
+}
+
+/**
+ * gnutls_pubkey_print:
+ * @pubkey: The data to be printed
+ * @format: Indicate the format to use
+ * @out: Newly allocated datum with null terminated string.
+ *
+ * This function will pretty print public key information, suitable for
+ * display to a human.
+ *
+ * Only %GNUTLS_CRT_PRINT_FULL and %GNUTLS_CRT_PRINT_FULL_NUMBERS
+ * are implemented.
+ *
+ * The output @out needs to be deallocated using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.5
+ **/
+int
+gnutls_pubkey_print(gnutls_pubkey_t pubkey,
+		    gnutls_certificate_print_formats_t format,
+		    gnutls_datum_t * out)
+{
+	gnutls_buffer_st str;
+
+	_gnutls_buffer_init(&str);
+
+	_gnutls_buffer_append_str(&str, _("Public Key Information:\n"));
+
+	print_pubkey(&str, "", pubkey, NULL, format);
+	print_pubkey_other(&str, pubkey, format);
+
+	return _gnutls_buffer_to_datum(&str, out, 1);
+}
+
+/**
+ * gnutls_x509_ext_print:
+ * @exts: The data to be printed
+ * @exts_size: the number of available structures
+ * @format: Indicate the format to use
+ * @out: Newly allocated datum with null terminated string.
+ *
+ * This function will pretty print X.509 certificate extensions,
+ * suitable for display to a human.
+ *
+ * The output @out needs to be deallocated using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_ext_print(gnutls_x509_ext_st *exts, unsigned int exts_size,
+		      gnutls_certificate_print_formats_t format,
+		      gnutls_datum_t * out)
+{
+	gnutls_buffer_st str;
+	struct ext_indexes_st idx;
+	unsigned i;
+
+	memset(&idx, 0, sizeof(idx));
+	_gnutls_buffer_init(&str);
+
+	for (i=0;i<exts_size;i++)
+		print_extension(&str, "", &idx, (char*)exts[i].oid, exts[i].critical, &exts[i].data);
+
+	return _gnutls_buffer_to_datum(&str, out, 1);
+}
diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c
new file mode 100644
index 0000000..11b9da3
--- /dev/null
+++ b/lib/x509/pkcs12.c
@@ -0,0 +1,2063 @@
+/*
+ * Copyright (C) 2003-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2012 Nikos Mavrogiannopoulos
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that relate on PKCS12 packet parsing.
+ */
+
+#include "gnutls_int.h"
+#include <libtasn1.h>
+
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <num.h>
+#include <common.h>
+#include <x509_b64.h>
+#include "x509_int.h"
+#include "pkcs7_int.h"
+#include <random.h>
+#include "intprops.h"
+
+
+/* Decodes the PKCS #12 auth_safe, and returns the allocated raw data,
+ * which holds them. Returns an asn1_node of authenticatedSafe.
+ */
+static int
+_decode_pkcs12_auth_safe(asn1_node pkcs12, asn1_node * authen_safe,
+			 gnutls_datum_t * raw)
+{
+	char oid[MAX_OID_SIZE];
+	asn1_node c2 = NULL;
+	gnutls_datum_t auth_safe = { NULL, 0 };
+	int len, result;
+	char error_str[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
+
+	len = sizeof(oid) - 1;
+	result =
+	    asn1_read_value(pkcs12, "authSafe.contentType", oid, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (strcmp(oid, DATA_OID) != 0) {
+		gnutls_assert();
+		_gnutls_debug_log("Unknown PKCS12 Content OID '%s'\n",
+				  oid);
+		return GNUTLS_E_UNKNOWN_PKCS_CONTENT_TYPE;
+	}
+
+	/* Step 1. Read the content data
+	 */
+
+	result =
+	    _gnutls_x509_read_string(pkcs12, "authSafe.content",
+				     &auth_safe, ASN1_ETYPE_OCTET_STRING, 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Step 2. Extract the authenticatedSafe.
+	 */
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.pkcs-12-AuthenticatedSafe",
+	      &c2)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result =
+	    asn1_der_decoding(&c2, auth_safe.data, auth_safe.size,
+			      error_str);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		_gnutls_debug_log("DER error: %s\n", error_str);
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (raw == NULL) {
+		_gnutls_free_datum(&auth_safe);
+	} else {
+		raw->data = auth_safe.data;
+		raw->size = auth_safe.size;
+	}
+
+	if (authen_safe)
+		*authen_safe = c2;
+	else
+		asn1_delete_structure(&c2);
+
+	return 0;
+
+      cleanup:
+	if (c2)
+		asn1_delete_structure(&c2);
+	_gnutls_free_datum(&auth_safe);
+	return result;
+}
+
+static int pkcs12_reinit(gnutls_pkcs12_t pkcs12)
+{
+int result;
+
+	if (pkcs12->pkcs12)
+		asn1_delete_structure(&pkcs12->pkcs12);
+
+	result = asn1_create_element(_gnutls_get_pkix(),
+					 "PKIX1.pkcs-12-PFX",
+					 &pkcs12->pkcs12);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs12_init:
+ * @pkcs12: A pointer to the type to be initialized
+ *
+ * This function will initialize a PKCS12 type. PKCS12 structures
+ * usually contain lists of X.509 Certificates and X.509 Certificate
+ * revocation lists.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs12_init(gnutls_pkcs12_t * pkcs12)
+{
+	*pkcs12 = gnutls_calloc(1, sizeof(gnutls_pkcs12_int));
+
+	if (*pkcs12) {
+		int result = pkcs12_reinit(*pkcs12);
+		if (result < 0) {
+			gnutls_assert();
+			gnutls_free(*pkcs12);
+			return result;
+		}
+		return 0;	/* success */
+	}
+	return GNUTLS_E_MEMORY_ERROR;
+}
+
+/**
+ * gnutls_pkcs12_deinit:
+ * @pkcs12: The type to be initialized
+ *
+ * This function will deinitialize a PKCS12 type.
+ **/
+void gnutls_pkcs12_deinit(gnutls_pkcs12_t pkcs12)
+{
+	if (!pkcs12)
+		return;
+
+	if (pkcs12->pkcs12)
+		asn1_delete_structure(&pkcs12->pkcs12);
+
+	gnutls_free(pkcs12);
+}
+
+/**
+ * gnutls_pkcs12_import:
+ * @pkcs12: The data to store the parsed PKCS12.
+ * @data: The DER or PEM encoded PKCS12.
+ * @format: One of DER or PEM
+ * @flags: an ORed sequence of gnutls_privkey_pkcs8_flags
+ *
+ * This function will convert the given DER or PEM encoded PKCS12
+ * to the native gnutls_pkcs12_t format. The output will be stored in 'pkcs12'.
+ *
+ * If the PKCS12 is PEM encoded it should have a header of "PKCS12".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_pkcs12_import(gnutls_pkcs12_t pkcs12,
+		     const gnutls_datum_t * data,
+		     gnutls_x509_crt_fmt_t format, unsigned int flags)
+{
+	int result = 0, need_free = 0;
+	gnutls_datum_t _data;
+	char error_str[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
+
+	_data.data = data->data;
+	_data.size = data->size;
+
+	if (pkcs12 == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* If the PKCS12 is in PEM format then decode it
+	 */
+	if (format == GNUTLS_X509_FMT_PEM) {
+		result =
+		    _gnutls_fbase64_decode(PEM_PKCS12, data->data,
+					   data->size, &_data);
+
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+
+		need_free = 1;
+	}
+
+	if (pkcs12->expanded) {
+		result = pkcs12_reinit(pkcs12);
+		if (result < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+	pkcs12->expanded = 1;
+
+	result =
+	    asn1_der_decoding(&pkcs12->pkcs12, _data.data, _data.size,
+			      error_str);
+	if (result != ASN1_SUCCESS) {
+		result = _gnutls_asn2err(result);
+		_gnutls_debug_log("DER error: %s\n", error_str);
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (need_free)
+		_gnutls_free_datum(&_data);
+
+	return 0;
+
+      cleanup:
+	if (need_free)
+		_gnutls_free_datum(&_data);
+	return result;
+}
+
+
+/**
+ * gnutls_pkcs12_export:
+ * @pkcs12: A pkcs12 type
+ * @format: the format of output params. One of PEM or DER.
+ * @output_data: will contain a structure PEM or DER encoded
+ * @output_data_size: holds the size of output_data (and will be
+ *   replaced by the actual size of parameters)
+ *
+ * This function will export the pkcs12 structure to DER or PEM format.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *output_data_size will be updated and GNUTLS_E_SHORT_MEMORY_BUFFER
+ * will be returned.
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN PKCS12".
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and 0 on success.
+ **/
+int
+gnutls_pkcs12_export(gnutls_pkcs12_t pkcs12,
+		     gnutls_x509_crt_fmt_t format, void *output_data,
+		     size_t * output_data_size)
+{
+	int ret;
+
+	if (pkcs12 == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_export_int(pkcs12->pkcs12, format, PEM_PKCS12,
+				      output_data, output_data_size);
+
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else {
+		/* PKCS#12 export is always non-approved, because the MAC
+		 * calculation involves non-approved KDF (PKCS#12 KDF) and
+		 * without MAC the protection is insufficient.
+		 */
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	}
+	return ret;
+}
+
+/**
+ * gnutls_pkcs12_export2:
+ * @pkcs12: A pkcs12 type
+ * @format: the format of output params. One of PEM or DER.
+ * @out: will contain a structure PEM or DER encoded
+ *
+ * This function will export the pkcs12 structure to DER or PEM format.
+ *
+ * The output buffer is allocated using gnutls_malloc().
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN PKCS12".
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and 0 on success.
+ *
+ * Since: 3.1.3
+ **/
+int
+gnutls_pkcs12_export2(gnutls_pkcs12_t pkcs12,
+		      gnutls_x509_crt_fmt_t format, gnutls_datum_t * out)
+{
+	int ret;
+
+	if (pkcs12 == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_export_int2(pkcs12->pkcs12, format, PEM_PKCS12,
+				       out);
+	if (ret < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	} else {
+		/* PKCS#12 export is always non-approved, because the MAC
+		 * calculation involves non-approved KDF (PKCS#12 KDF) and
+		 * without MAC the protection is insufficient.
+		 */
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	}
+	return ret;
+}
+
+static int oid2bag(const char *oid)
+{
+	if (strcmp(oid, BAG_PKCS8_KEY) == 0)
+		return GNUTLS_BAG_PKCS8_KEY;
+	if (strcmp(oid, BAG_PKCS8_ENCRYPTED_KEY) == 0)
+		return GNUTLS_BAG_PKCS8_ENCRYPTED_KEY;
+	if (strcmp(oid, BAG_CERTIFICATE) == 0)
+		return GNUTLS_BAG_CERTIFICATE;
+	if (strcmp(oid, BAG_CRL) == 0)
+		return GNUTLS_BAG_CRL;
+	if (strcmp(oid, BAG_SECRET) == 0)
+		return GNUTLS_BAG_SECRET;
+
+	return GNUTLS_BAG_UNKNOWN;
+}
+
+static const char *bag_to_oid(int bag)
+{
+	switch (bag) {
+	case GNUTLS_BAG_PKCS8_KEY:
+		return BAG_PKCS8_KEY;
+	case GNUTLS_BAG_PKCS8_ENCRYPTED_KEY:
+		return BAG_PKCS8_ENCRYPTED_KEY;
+	case GNUTLS_BAG_CERTIFICATE:
+		return BAG_CERTIFICATE;
+	case GNUTLS_BAG_CRL:
+		return BAG_CRL;
+	case GNUTLS_BAG_SECRET:
+		return BAG_SECRET;
+	}
+	return NULL;
+}
+
+/* Decodes the SafeContents, and puts the output in
+ * the given bag. 
+ */
+int
+_pkcs12_decode_safe_contents(const gnutls_datum_t * content,
+			     gnutls_pkcs12_bag_t bag)
+{
+	char oid[MAX_OID_SIZE], root[MAX_NAME_SIZE];
+	asn1_node c2 = NULL;
+	int len, result;
+	int bag_type;
+	gnutls_datum_t attr_val;
+	gnutls_datum_t t;
+	int count = 0, attributes, j;
+	unsigned i;
+
+	/* Step 1. Extract the SEQUENCE.
+	 */
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.pkcs-12-SafeContents",
+	      &c2)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result =
+	    asn1_der_decoding(&c2, content->data, content->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	/* Count the number of bags
+	 */
+	result = asn1_number_of_elements(c2, "", &count);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	bag->bag_elements = MIN(MAX_BAG_ELEMENTS, count);
+
+	for (i = 0; i < bag->bag_elements; i++) {
+
+		snprintf(root, sizeof(root), "?%u.bagId", i + 1);
+
+		len = sizeof(oid);
+		result = asn1_read_value(c2, root, oid, &len);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		/* Read the Bag type
+		 */
+		bag_type = oid2bag(oid);
+
+		if (bag_type < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		/* Read the Bag Value
+		 */
+
+		snprintf(root, sizeof(root), "?%u.bagValue", i + 1);
+
+		result =
+		    _gnutls_x509_read_value(c2, root,
+					    &bag->element[i].data);
+		if (result < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		if (bag_type == GNUTLS_BAG_CERTIFICATE
+		    || bag_type == GNUTLS_BAG_CRL
+		    || bag_type == GNUTLS_BAG_SECRET) {
+			gnutls_datum_t tmp = bag->element[i].data;
+			bag->element[i].data.data = NULL;
+			bag->element[i].data.size = 0;
+
+			result =
+			    _pkcs12_decode_crt_bag(bag_type, &tmp,
+						   &bag->element[i].data);
+			_gnutls_free_datum(&tmp);
+			if (result < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+		}
+
+		/* read the bag attributes
+		 */
+		snprintf(root, sizeof(root), "?%u.bagAttributes", i + 1);
+
+		result = asn1_number_of_elements(c2, root, &attributes);
+		if (result != ASN1_SUCCESS
+		    && result != ASN1_ELEMENT_NOT_FOUND) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		if (attributes < 0)
+			attributes = 1;
+
+		if (result != ASN1_ELEMENT_NOT_FOUND)
+			for (j = 0; j < attributes; j++) {
+
+				snprintf(root, sizeof(root),
+					 "?%u.bagAttributes.?%d", i + 1,
+					 j + 1);
+
+				result =
+				    _gnutls_x509_decode_and_read_attribute
+				    (c2, root, oid, sizeof(oid), &attr_val,
+				     1, 0);
+
+				if (result < 0) {
+					gnutls_assert();
+					continue;	/* continue in case we find some known attributes */
+				}
+
+				if (strcmp(oid, KEY_ID_OID) == 0) {
+					result =
+					    _gnutls_x509_decode_string
+					    (ASN1_ETYPE_OCTET_STRING,
+					     attr_val.data, attr_val.size,
+					     &t, 1);
+
+					_gnutls_free_datum(&attr_val);
+					if (result < 0) {
+						gnutls_assert();
+						_gnutls_debug_log
+						    ("Error decoding PKCS12 Bag Attribute OID '%s'\n",
+						     oid);
+						continue;
+					}
+
+					_gnutls_free_datum(&bag->element[i].local_key_id);
+					bag->element[i].local_key_id.data = t.data;
+					bag->element[i].local_key_id.size = t.size;
+				} else if (strcmp(oid, FRIENDLY_NAME_OID) == 0 && bag->element[i].friendly_name == NULL) {
+					result =
+					    _gnutls_x509_decode_string
+					    (ASN1_ETYPE_BMP_STRING,
+					     attr_val.data, attr_val.size,
+					     &t, 1);
+
+					_gnutls_free_datum(&attr_val);
+					if (result < 0) {
+						gnutls_assert();
+						_gnutls_debug_log
+						    ("Error decoding PKCS12 Bag Attribute OID '%s'\n",
+						     oid);
+						continue;
+					}
+
+					gnutls_free(bag->element[i].friendly_name);
+					bag->element[i].friendly_name = (char *) t.data;
+				} else {
+					_gnutls_free_datum(&attr_val);
+					_gnutls_debug_log
+					    ("Unknown PKCS12 Bag Attribute OID '%s'\n",
+					     oid);
+				}
+			}
+
+
+		bag->element[i].type = bag_type;
+
+	}
+
+	result = 0;
+
+      cleanup:
+	if (c2)
+		asn1_delete_structure(&c2);
+	return result;
+
+}
+
+
+static int
+_parse_safe_contents(asn1_node sc, const char *sc_name,
+		     gnutls_pkcs12_bag_t bag)
+{
+	gnutls_datum_t content = { NULL, 0 };
+	int result;
+
+	/* Step 1. Extract the content.
+	 */
+
+	result =
+	    _gnutls_x509_read_string(sc, sc_name, &content,
+				     ASN1_ETYPE_OCTET_STRING, 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _pkcs12_decode_safe_contents(&content, bag);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	_gnutls_free_datum(&content);
+
+	return 0;
+
+      cleanup:
+	_gnutls_free_datum(&content);
+	return result;
+}
+
+
+/**
+ * gnutls_pkcs12_get_bag:
+ * @pkcs12: A pkcs12 type
+ * @indx: contains the index of the bag to extract
+ * @bag: An initialized bag, where the contents of the bag will be copied
+ *
+ * This function will return a Bag from the PKCS12 structure.
+ *
+ * After the last Bag has been read
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_pkcs12_get_bag(gnutls_pkcs12_t pkcs12,
+		      int indx, gnutls_pkcs12_bag_t bag)
+{
+	asn1_node c2 = NULL;
+	int result, len;
+	char root2[MAX_NAME_SIZE];
+	char oid[MAX_OID_SIZE];
+
+	if (pkcs12 == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Step 1. decode the data.
+	 */
+	result = _decode_pkcs12_auth_safe(pkcs12->pkcs12, &c2, NULL);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	/* Step 2. Parse the AuthenticatedSafe
+	 */
+
+	snprintf(root2, sizeof(root2), "?%d.contentType", indx + 1);
+
+	len = sizeof(oid) - 1;
+	result = asn1_read_value(c2, root2, oid, &len);
+
+	if (result == ASN1_ELEMENT_NOT_FOUND) {
+		result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		goto cleanup;
+	}
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	/* Not encrypted Bag
+	 */
+
+	snprintf(root2, sizeof(root2), "?%d.content", indx + 1);
+
+	if (strcmp(oid, DATA_OID) == 0) {
+		result = _parse_safe_contents(c2, root2, bag);
+		goto cleanup;
+	}
+
+	/* ENC_DATA_OID needs decryption */
+
+	result = _gnutls_x509_read_value(c2, root2, &bag->element[0].data);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	bag->element[0].type = GNUTLS_BAG_ENCRYPTED;
+	bag->bag_elements = 1;
+
+	result = 0;
+
+      cleanup:
+	if (c2)
+		asn1_delete_structure(&c2);
+	return result;
+}
+
+/* Creates an empty PFX structure for the PKCS12 structure.
+ */
+static int create_empty_pfx(asn1_node pkcs12)
+{
+	uint8_t three = 3;
+	int result;
+	asn1_node c2 = NULL;
+
+	/* Use version 3
+	 */
+	result = asn1_write_value(pkcs12, "version", &three, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	/* Write the content type of the data
+	 */
+	result =
+	    asn1_write_value(pkcs12, "authSafe.contentType", DATA_OID, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	/* Check if the authenticatedSafe content is empty, and encode a
+	 * null one in that case.
+	 */
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.pkcs-12-AuthenticatedSafe",
+	      &c2)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result =
+	    _gnutls_x509_der_encode_and_copy(c2, "", pkcs12,
+					     "authSafe.content", 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	asn1_delete_structure(&c2);
+
+	return 0;
+
+      cleanup:
+	asn1_delete_structure(&c2);
+	return result;
+
+}
+
+/**
+ * gnutls_pkcs12_set_bag:
+ * @pkcs12: should contain a gnutls_pkcs12_t type
+ * @bag: An initialized bag
+ *
+ * This function will insert a Bag into the PKCS12 structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs12_set_bag(gnutls_pkcs12_t pkcs12, gnutls_pkcs12_bag_t bag)
+{
+	asn1_node c2 = NULL;
+	asn1_node safe_cont = NULL;
+	int result;
+	int enc = 0, dum = 1;
+	char null;
+
+	if (pkcs12 == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Step 1. Check if the pkcs12 structure is empty. In that
+	 * case generate an empty PFX.
+	 */
+	result =
+	    asn1_read_value(pkcs12->pkcs12, "authSafe.content", &null,
+			    &dum);
+	if (result == ASN1_VALUE_NOT_FOUND) {
+		result = create_empty_pfx(pkcs12->pkcs12);
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	/* Step 2. decode the authenticatedSafe.
+	 */
+	result = _decode_pkcs12_auth_safe(pkcs12->pkcs12, &c2, NULL);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	/* Step 3. Encode the bag elements into a SafeContents 
+	 * structure.
+	 */
+	result = _pkcs12_encode_safe_contents(bag, &safe_cont, &enc);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	/* Step 4. Insert the encoded SafeContents into the AuthenticatedSafe
+	 * structure.
+	 */
+	result = asn1_write_value(c2, "", "NEW", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (enc)
+		result =
+		    asn1_write_value(c2, "?LAST.contentType", ENC_DATA_OID,
+				     1);
+	else
+		result =
+		    asn1_write_value(c2, "?LAST.contentType", DATA_OID, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (enc) {
+		/* Encrypted packets are written directly.
+		 */
+		result =
+		    asn1_write_value(c2, "?LAST.content",
+				     bag->element[0].data.data,
+				     bag->element[0].data.size);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+	} else {
+		result =
+		    _gnutls_x509_der_encode_and_copy(safe_cont, "", c2,
+						     "?LAST.content", 1);
+		if (result < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	asn1_delete_structure(&safe_cont);
+
+
+	/* Step 5. Re-encode and copy the AuthenticatedSafe into the pkcs12
+	 * structure.
+	 */
+	result =
+	    _gnutls_x509_der_encode_and_copy(c2, "", pkcs12->pkcs12,
+					     "authSafe.content", 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	asn1_delete_structure(&c2);
+
+	return 0;
+
+      cleanup:
+	asn1_delete_structure(&c2);
+	asn1_delete_structure(&safe_cont);
+	return result;
+}
+
+#if ENABLE_GOST
+/*
+ * Russian differs from PKCS#12 here. It described proprietary way
+ * to obtain MAC key instead of using standard mechanism.
+ *
+ * See https://wwwold.tc26.ru/standard/rs/%D0%A0%2050.1.112-2016.pdf
+ * section 5.
+ */
+static int
+_gnutls_pkcs12_gost_string_to_key(gnutls_mac_algorithm_t algo,
+				  const uint8_t * salt,
+				  unsigned int salt_size, unsigned int iter,
+				  const char *pass, unsigned int req_keylen,
+				  uint8_t * keybuf)
+{
+	uint8_t temp[96];
+	size_t temp_len = sizeof(temp);
+	gnutls_datum_t key;
+	gnutls_datum_t _salt;
+	int ret;
+
+	if (iter == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	key.data = (void *)pass;
+	key.size = pass ? strlen(pass) : 0;
+
+	_salt.data = (void *)salt;
+	_salt.size = salt_size;
+
+	ret = gnutls_pbkdf2(algo, &key, &_salt, iter, temp, temp_len);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	memcpy(keybuf, temp + temp_len - req_keylen, req_keylen);
+
+	return 0;
+}
+#endif
+
+/**
+ * gnutls_pkcs12_generate_mac2:
+ * @pkcs12: A pkcs12 type
+ * @mac: the MAC algorithm to use
+ * @pass: The password for the MAC
+ *
+ * This function will generate a MAC for the PKCS12 structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs12_generate_mac2(gnutls_pkcs12_t pkcs12, gnutls_mac_algorithm_t mac, const char *pass)
+{
+	uint8_t salt[8], key[MAX_HASH_SIZE];
+	int result;
+	const int iter = PKCS12_ITER_COUNT;
+	mac_hd_st td1;
+	gnutls_datum_t tmp = { NULL, 0 };
+	unsigned mac_size, key_len;
+	uint8_t mac_out[MAX_HASH_SIZE];
+	const mac_entry_st *me = mac_to_entry(mac);
+
+	if (pkcs12 == NULL || me == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (me->oid == NULL)
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+
+	mac_size = _gnutls_mac_get_algo_len(me);
+	key_len = mac_size;
+
+	/* Generate the salt.
+	 */
+	result = gnutls_rnd(GNUTLS_RND_NONCE, salt, sizeof(salt));
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	/* Write the salt into the structure.
+	 */
+	result =
+	    asn1_write_value(pkcs12->pkcs12, "macData.macSalt", salt,
+			     sizeof(salt));
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	/* write the iterations
+	 */
+
+	if (iter > 1) {
+		result =
+		    _gnutls_x509_write_uint32(pkcs12->pkcs12,
+					      "macData.iterations", iter);
+		if (result < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	/* Generate the key.
+	 */
+#if ENABLE_GOST
+	if (me->id == GNUTLS_MAC_GOSTR_94 ||
+	    me->id == GNUTLS_MAC_STREEBOG_256 ||
+	    me->id == GNUTLS_MAC_STREEBOG_512) {
+		key_len = 32;
+		result = _gnutls_pkcs12_gost_string_to_key(me->id,
+							   salt,
+							   sizeof(salt),
+							   iter,
+							   pass,
+							   key_len,
+							   key);
+	} else
+#endif
+		result = _gnutls_pkcs12_string_to_key(me, 3 /*MAC*/,
+						      salt, sizeof(salt),
+						      iter, pass,
+						      mac_size, key);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Get the data to be MACed
+	 */
+	result = _decode_pkcs12_auth_safe(pkcs12->pkcs12, NULL, &tmp);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* MAC the data
+	 */
+	result = _gnutls_mac_init(&td1, me,
+				  key, key_len);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	_gnutls_mac(&td1, tmp.data, tmp.size);
+	_gnutls_free_datum(&tmp);
+
+	_gnutls_mac_deinit(&td1, mac_out);
+
+
+	result =
+	    asn1_write_value(pkcs12->pkcs12, "macData.mac.digest", mac_out,
+			     mac_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result =
+	    asn1_write_value(pkcs12->pkcs12,
+			     "macData.mac.digestAlgorithm.parameters",
+			     NULL, 0);
+	if (result != ASN1_SUCCESS && result != ASN1_ELEMENT_NOT_FOUND) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result =
+	    asn1_write_value(pkcs12->pkcs12,
+			     "macData.mac.digestAlgorithm.algorithm",
+			     me->oid, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	/* _gnutls_pkcs12_string_to_key is not a FIPS approved operation */
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	return 0;
+
+      cleanup:
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	_gnutls_free_datum(&tmp);
+	return result;
+}
+
+/**
+ * gnutls_pkcs12_generate_mac:
+ * @pkcs12: A pkcs12 type
+ * @pass: The password for the MAC
+ *
+ * This function will generate a MAC for the PKCS12 structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs12_generate_mac(gnutls_pkcs12_t pkcs12, const char *pass)
+{
+	return gnutls_pkcs12_generate_mac2(pkcs12, GNUTLS_MAC_SHA256, pass);
+}
+
+/**
+ * gnutls_pkcs12_verify_mac:
+ * @pkcs12: should contain a gnutls_pkcs12_t type
+ * @pass: The password for the MAC
+ *
+ * This function will verify the MAC for the PKCS12 structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs12_verify_mac(gnutls_pkcs12_t pkcs12, const char *pass)
+{
+	uint8_t key[MAX_HASH_SIZE];
+	char oid[MAX_OID_SIZE];
+	int result;
+	unsigned int iter;
+	int len;
+	mac_hd_st td1;
+	gnutls_datum_t tmp = { NULL, 0 }, salt = {
+	NULL, 0};
+	uint8_t mac_output[MAX_HASH_SIZE];
+	uint8_t mac_output_orig[MAX_HASH_SIZE];
+	gnutls_mac_algorithm_t algo;
+	unsigned mac_len, key_len;
+	const mac_entry_st *entry;
+#if ENABLE_GOST
+	int gost_retry = 0;
+#endif
+
+	if (pkcs12 == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* read the iterations
+	 */
+	result =
+	    _gnutls_x509_read_uint(pkcs12->pkcs12, "macData.iterations",
+				   &iter);
+	if (result < 0) {
+		iter = 1;	/* the default */
+	}
+
+	len = sizeof(oid);
+	result =
+	    asn1_read_value(pkcs12->pkcs12, "macData.mac.digestAlgorithm.algorithm",
+			    oid, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	algo = DIG_TO_MAC(gnutls_oid_to_digest(oid));
+	if (algo == GNUTLS_MAC_UNKNOWN) {
+ unknown_mac:
+		gnutls_assert();
+		return GNUTLS_E_UNKNOWN_HASH_ALGORITHM;
+	}
+
+	entry = mac_to_entry(algo);
+	if (entry == NULL)
+		goto unknown_mac;
+
+	mac_len = _gnutls_mac_get_algo_len(entry);
+	key_len = mac_len;
+
+	/* Read the salt from the structure.
+	 */
+	result =
+	    _gnutls_x509_read_null_value(pkcs12->pkcs12, "macData.macSalt",
+				    &salt);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Generate the key.
+	 */
+	result = _gnutls_pkcs12_string_to_key(entry, 3 /*MAC*/,
+					      salt.data, salt.size,
+					      iter, pass,
+					      key_len, key);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Get the data to be MACed
+	 */
+	result = _decode_pkcs12_auth_safe(pkcs12->pkcs12, NULL, &tmp);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+#if ENABLE_GOST
+	/* GOST PKCS#12 files use either PKCS#12 scheme or proprietary
+	 * HMAC-based scheme to generate MAC key. */
+pkcs12_try_gost:
+#endif
+
+	/* MAC the data
+	 */
+	result = _gnutls_mac_init(&td1, entry, key, key_len);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	_gnutls_mac(&td1, tmp.data, tmp.size);
+
+	_gnutls_mac_deinit(&td1, mac_output);
+
+	len = sizeof(mac_output_orig);
+	result =
+	    asn1_read_value(pkcs12->pkcs12, "macData.mac.digest",
+			    mac_output_orig, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if ((unsigned)len != mac_len ||
+	    memcmp(mac_output_orig, mac_output, len) != 0) {
+
+#if ENABLE_GOST
+		/* It is possible that GOST files use proprietary
+		 * key generation scheme */
+		if (!gost_retry &&
+		    (algo == GNUTLS_MAC_GOSTR_94 ||
+		     algo == GNUTLS_MAC_STREEBOG_256 ||
+		     algo == GNUTLS_MAC_STREEBOG_512)) {
+			gost_retry = 1;
+			key_len = 32;
+			result = _gnutls_pkcs12_gost_string_to_key(algo,
+								   salt.data,
+								   salt.size,
+								   iter,
+								   pass,
+								   key_len,
+								   key);
+			if (result < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			goto pkcs12_try_gost;
+		}
+#endif
+
+		gnutls_assert();
+		result = GNUTLS_E_MAC_VERIFY_FAILED;
+		goto cleanup;
+	}
+
+	/* _gnutls_pkcs12_string_to_key is not a FIPS approved operation */
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+	result = 0;
+ cleanup:
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+	_gnutls_free_datum(&tmp);
+	_gnutls_free_datum(&salt);
+	return result;
+}
+
+
+static int
+write_attributes(gnutls_pkcs12_bag_t bag, int elem,
+		 asn1_node c2, const char *where)
+{
+	int result;
+	char root[128];
+
+	/* If the bag attributes are empty, then write
+	 * nothing to the attribute field.
+	 */
+	if (bag->element[elem].friendly_name == NULL &&
+	    bag->element[elem].local_key_id.data == NULL) {
+		/* no attributes
+		 */
+		result = asn1_write_value(c2, where, NULL, 0);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+		return 0;
+	}
+
+	if (bag->element[elem].local_key_id.data != NULL) {
+
+		/* Add a new Attribute
+		 */
+		result = asn1_write_value(c2, where, "NEW", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+		_gnutls_str_cpy(root, sizeof(root), where);
+		_gnutls_str_cat(root, sizeof(root), ".?LAST");
+
+		result =
+		    _gnutls_x509_encode_and_write_attribute(KEY_ID_OID, c2,
+							    root,
+							    bag->element
+							    [elem].
+							    local_key_id.data,
+							    bag->element
+							    [elem].
+							    local_key_id.size,
+							    1);
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	if (bag->element[elem].friendly_name != NULL) {
+		uint8_t *name;
+		int size, i;
+		const char *p;
+
+		/* Add a new Attribute
+		 */
+		result = asn1_write_value(c2, where, "NEW", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+		/* convert name to BMPString
+		 */
+		size = strlen(bag->element[elem].friendly_name) * 2;
+		name = gnutls_malloc(size);
+
+		if (name == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+
+		p = bag->element[elem].friendly_name;
+		for (i = 0; i < size; i += 2) {
+			name[i] = 0;
+			name[i + 1] = *p;
+			p++;
+		}
+
+		_gnutls_str_cpy(root, sizeof(root), where);
+		_gnutls_str_cat(root, sizeof(root), ".?LAST");
+
+		result =
+		    _gnutls_x509_encode_and_write_attribute
+		    (FRIENDLY_NAME_OID, c2, root, name, size, 1);
+
+		gnutls_free(name);
+
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	return 0;
+}
+
+
+/* Encodes the bag into a SafeContents structure, and puts the output in
+ * the given datum. Enc is set to non-zero if the data are encrypted;
+ */
+int
+_pkcs12_encode_safe_contents(gnutls_pkcs12_bag_t bag, asn1_node * contents,
+			     int *enc)
+{
+	asn1_node c2 = NULL;
+	int result;
+	unsigned i;
+	const char *oid;
+
+	if (bag->element[0].type == GNUTLS_BAG_ENCRYPTED && enc) {
+		*enc = 1;
+		return 0;	/* ENCRYPTED BAG, do nothing. */
+	} else if (enc)
+		*enc = 0;
+
+	/* Step 1. Create the SEQUENCE.
+	 */
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.pkcs-12-SafeContents",
+	      &c2)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	for (i = 0; i < bag->bag_elements; i++) {
+
+		oid = bag_to_oid(bag->element[i].type);
+		if (oid == NULL) {
+			gnutls_assert();
+			continue;
+		}
+
+		result = asn1_write_value(c2, "", "NEW", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		/* Copy the bag type.
+		 */
+		result = asn1_write_value(c2, "?LAST.bagId", oid, 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		/* Set empty attributes
+		 */
+		result =
+		    write_attributes(bag, i, c2, "?LAST.bagAttributes");
+		if (result < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+
+		/* Copy the Bag Value
+		 */
+
+		if (bag->element[i].type == GNUTLS_BAG_CERTIFICATE ||
+		    bag->element[i].type == GNUTLS_BAG_SECRET ||
+		    bag->element[i].type == GNUTLS_BAG_CRL) {
+			gnutls_datum_t tmp;
+
+			/* in that case encode it to a CertBag or
+			 * a CrlBag.
+			 */
+
+			result =
+			    _pkcs12_encode_crt_bag(bag->element[i].type,
+						   &bag->element[i].data,
+						   &tmp);
+
+			if (result < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			result =
+			    _gnutls_x509_write_value(c2, "?LAST.bagValue",
+						     &tmp);
+
+			_gnutls_free_datum(&tmp);
+
+		} else {
+
+			result =
+			    _gnutls_x509_write_value(c2, "?LAST.bagValue",
+						     &bag->element[i].
+						     data);
+		}
+
+		if (result < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+	}
+
+	/* Encode the data and copy them into the datum
+	 */
+	*contents = c2;
+
+	return 0;
+
+      cleanup:
+	if (c2)
+		asn1_delete_structure(&c2);
+	return result;
+
+}
+
+/* Checks if the extra_certs contain certificates that may form a chain
+ * with the first certificate in chain (it is expected that chain_len==1)
+ * and appends those in the chain.
+ */
+static int make_chain(gnutls_x509_crt_t ** chain, unsigned int *chain_len,
+		      gnutls_x509_crt_t ** extra_certs,
+		      unsigned int *extra_certs_len, unsigned int flags)
+{
+	unsigned int i;
+
+	if (*chain_len != 1)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	i = 0;
+	while (i < *extra_certs_len) {
+		/* if it is an issuer but not a self-signed one */
+		if (gnutls_x509_crt_check_issuer
+		    ((*chain)[*chain_len - 1], (*extra_certs)[i]) != 0) {
+			if (!(flags & GNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED)
+			    &&
+			    gnutls_x509_crt_check_issuer((*extra_certs)[i],
+							 (*extra_certs)[i])
+			    != 0)
+				goto skip;
+
+			if (unlikely(INT_ADD_OVERFLOW(*chain_len, 1))) {
+				return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+			}
+
+			*chain = _gnutls_reallocarray_fast(*chain,
+							   ++(*chain_len),
+							   sizeof((*chain)[0]));
+			if (*chain == NULL) {
+				gnutls_assert();
+				return GNUTLS_E_MEMORY_ERROR;
+			}
+			(*chain)[*chain_len - 1] = (*extra_certs)[i];
+
+			(*extra_certs)[i] =
+			    (*extra_certs)[*extra_certs_len - 1];
+			(*extra_certs_len)--;
+
+			i = 0;
+			continue;
+		}
+
+	      skip:
+		i++;
+	}
+	return 0;
+}
+
+/**
+ * gnutls_pkcs12_simple_parse:
+ * @p12: A pkcs12 type
+ * @password: optional password used to decrypt the structure, bags and keys.
+ * @key: a structure to store the parsed private key.
+ * @chain: the corresponding to key certificate chain (may be %NULL)
+ * @chain_len: will be updated with the number of additional (may be %NULL)
+ * @extra_certs: optional pointer to receive an array of additional
+ *	       certificates found in the PKCS12 structure (may be %NULL).
+ * @extra_certs_len: will be updated with the number of additional
+ *		   certs (may be %NULL).
+ * @crl: an optional structure to store the parsed CRL (may be %NULL).
+ * @flags: should be zero or one of GNUTLS_PKCS12_SP_*
+ *
+ * This function parses a PKCS12 structure in @pkcs12 and extracts the
+ * private key, the corresponding certificate chain, any additional
+ * certificates and a CRL. The structures in @key, @chain @crl, and @extra_certs
+ * must not be initialized.
+ *
+ * The @extra_certs and @extra_certs_len parameters are optional
+ * and both may be set to %NULL. If either is non-%NULL, then both must
+ * be set. The value for @extra_certs is allocated
+ * using gnutls_malloc().
+ * 
+ * Encrypted PKCS12 bags and PKCS8 private keys are supported, but
+ * only with password based security and the same password for all
+ * operations.
+ *
+ * Note that a PKCS12 structure may contain many keys and/or certificates,
+ * and there is no way to identify which key/certificate pair you want.
+ * For this reason this function is useful for PKCS12 files that contain 
+ * only one key/certificate pair and/or one CRL.
+ *
+ * If the provided structure has encrypted fields but no password
+ * is provided then this function returns %GNUTLS_E_DECRYPTION_FAILED.
+ *
+ * Note that normally the chain constructed does not include self signed
+ * certificates, to comply with TLS' requirements. If, however, the flag 
+ * %GNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED is specified then
+ * self signed certificates will be included in the chain.
+ *
+ * Prior to using this function the PKCS #12 structure integrity must
+ * be verified using gnutls_pkcs12_verify_mac().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.0
+ **/
+int
+gnutls_pkcs12_simple_parse(gnutls_pkcs12_t p12,
+			   const char *password,
+			   gnutls_x509_privkey_t * key,
+			   gnutls_x509_crt_t ** chain,
+			   unsigned int *chain_len,
+			   gnutls_x509_crt_t ** extra_certs,
+			   unsigned int *extra_certs_len,
+			   gnutls_x509_crl_t * crl, unsigned int flags)
+{
+	gnutls_pkcs12_bag_t bag = NULL;
+	gnutls_x509_crt_t *_extra_certs = NULL;
+	unsigned int _extra_certs_len = 0;
+	gnutls_x509_crt_t *_chain = NULL;
+	unsigned int _chain_len = 0;
+	int idx = 0;
+	int ret;
+	size_t cert_id_size = 0;
+	size_t key_id_size = 0;
+	uint8_t cert_id[20];
+	uint8_t key_id[20];
+	int privkey_ok = 0;
+	unsigned int i;
+	int elements_in_bag;
+
+	*key = NULL;
+
+	if (crl)
+		*crl = NULL;
+
+	/* find the first private key */
+	for (;;) {
+
+		ret = gnutls_pkcs12_bag_init(&bag);
+		if (ret < 0) {
+			bag = NULL;
+			gnutls_assert();
+			goto done;
+		}
+
+		ret = gnutls_pkcs12_get_bag(p12, idx, bag);
+		if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			gnutls_pkcs12_bag_deinit(bag);
+			bag = NULL;
+			break;
+		}
+		if (ret < 0) {
+			gnutls_assert();
+			goto done;
+		}
+
+		ret = gnutls_pkcs12_bag_get_type(bag, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto done;
+		}
+
+		if (ret == GNUTLS_BAG_ENCRYPTED) {
+			if (password == NULL) {
+				ret =
+				    gnutls_assert_val
+				    (GNUTLS_E_DECRYPTION_FAILED);
+				goto done;
+			}
+
+			ret = gnutls_pkcs12_bag_decrypt(bag, password);
+			if (ret < 0) {
+				gnutls_assert();
+				goto done;
+			}
+		}
+
+		elements_in_bag = gnutls_pkcs12_bag_get_count(bag);
+		if (elements_in_bag < 0) {
+			gnutls_assert();
+			goto done;
+		}
+
+		for (i = 0; i < (unsigned)elements_in_bag; i++) {
+			int type;
+			gnutls_datum_t data;
+
+			type = gnutls_pkcs12_bag_get_type(bag, i);
+			if (type < 0) {
+				gnutls_assert();
+				goto done;
+			}
+
+			ret = gnutls_pkcs12_bag_get_data(bag, i, &data);
+			if (ret < 0) {
+				gnutls_assert();
+				goto done;
+			}
+
+			switch (type) {
+			case GNUTLS_BAG_PKCS8_ENCRYPTED_KEY:
+				if (password == NULL) {
+					ret =
+					    gnutls_assert_val
+					    (GNUTLS_E_DECRYPTION_FAILED);
+					goto done;
+				}
+
+				FALLTHROUGH;
+			case GNUTLS_BAG_PKCS8_KEY:
+				if (*key != NULL) {	/* too simple to continue */
+					gnutls_assert();
+					break;
+				}
+
+				ret = gnutls_x509_privkey_init(key);
+				if (ret < 0) {
+					gnutls_assert();
+					goto done;
+				}
+
+				ret = gnutls_x509_privkey_import_pkcs8
+				    (*key, &data, GNUTLS_X509_FMT_DER,
+				     password,
+				     type ==
+				     GNUTLS_BAG_PKCS8_KEY ?
+				     GNUTLS_PKCS_PLAIN : 0);
+				if (ret < 0) {
+					gnutls_assert();
+					goto done;
+				}
+
+				key_id_size = sizeof(key_id);
+				ret =
+				    gnutls_x509_privkey_get_key_id(*key, 0,
+								   key_id,
+								   &key_id_size);
+				if (ret < 0) {
+					gnutls_assert();
+					goto done;
+				}
+
+				privkey_ok = 1;	/* break */
+				break;
+			default:
+				break;
+			}
+		}
+
+		idx++;
+		gnutls_pkcs12_bag_deinit(bag);
+		bag = NULL;
+
+		if (privkey_ok != 0)	/* private key was found */
+			break;
+	}
+
+	if (privkey_ok == 0) {	/* no private key */
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	/* now find the corresponding certificate 
+	 */
+	idx = 0;
+	bag = NULL;
+	for (;;) {
+		ret = gnutls_pkcs12_bag_init(&bag);
+		if (ret < 0) {
+			bag = NULL;
+			gnutls_assert();
+			goto done;
+		}
+
+		ret = gnutls_pkcs12_get_bag(p12, idx, bag);
+		if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			gnutls_pkcs12_bag_deinit(bag);
+			bag = NULL;
+			break;
+		}
+		if (ret < 0) {
+			gnutls_assert();
+			goto done;
+		}
+
+		ret = gnutls_pkcs12_bag_get_type(bag, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto done;
+		}
+
+		if (ret == GNUTLS_BAG_ENCRYPTED) {
+			ret = gnutls_pkcs12_bag_decrypt(bag, password);
+			if (ret < 0) {
+				gnutls_assert();
+				goto done;
+			}
+		}
+
+		elements_in_bag = gnutls_pkcs12_bag_get_count(bag);
+		if (elements_in_bag < 0) {
+			gnutls_assert();
+			goto done;
+		}
+
+		for (i = 0; i < (unsigned)elements_in_bag; i++) {
+			int type;
+			gnutls_datum_t data;
+			gnutls_x509_crt_t this_cert;
+
+			type = gnutls_pkcs12_bag_get_type(bag, i);
+			if (type < 0) {
+				gnutls_assert();
+				goto done;
+			}
+
+			ret = gnutls_pkcs12_bag_get_data(bag, i, &data);
+			if (ret < 0) {
+				gnutls_assert();
+				goto done;
+			}
+
+			switch (type) {
+			case GNUTLS_BAG_CERTIFICATE:
+				ret = gnutls_x509_crt_init(&this_cert);
+				if (ret < 0) {
+					gnutls_assert();
+					goto done;
+				}
+
+				ret =
+				    gnutls_x509_crt_import(this_cert,
+							   &data,
+							   GNUTLS_X509_FMT_DER);
+				if (ret < 0) {
+					gnutls_assert();
+					gnutls_x509_crt_deinit(this_cert);
+					this_cert = NULL;
+					goto done;
+				}
+
+				/* check if the key id match */
+				cert_id_size = sizeof(cert_id);
+				ret =
+				    gnutls_x509_crt_get_key_id(this_cert,
+							       0, cert_id,
+							       &cert_id_size);
+				if (ret < 0) {
+					gnutls_assert();
+					gnutls_x509_crt_deinit(this_cert);
+					this_cert = NULL;
+					goto done;
+				}
+
+				if (memcmp(cert_id, key_id, cert_id_size) != 0) {	/* they don't match - skip the certificate */
+					if (unlikely(INT_ADD_OVERFLOW(_extra_certs_len, 1))) {
+						ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+						goto done;
+					}
+
+					_extra_certs =
+						_gnutls_reallocarray_fast(_extra_certs,
+									  ++_extra_certs_len,
+									  sizeof(_extra_certs[0]));
+					if (!_extra_certs) {
+						gnutls_assert();
+						ret =
+							GNUTLS_E_MEMORY_ERROR;
+						goto done;
+					}
+					_extra_certs
+						[_extra_certs_len -
+						 1] = this_cert;
+					this_cert = NULL;
+				} else {
+					if (chain && _chain_len == 0) {
+						_chain =
+						    gnutls_malloc(sizeof
+								  (_chain
+								   [0]) *
+								  (++_chain_len));
+						if (!_chain) {
+							gnutls_assert();
+							ret =
+							    GNUTLS_E_MEMORY_ERROR;
+							goto done;
+						}
+						_chain[_chain_len - 1] =
+						    this_cert;
+						this_cert = NULL;
+					} else {
+						gnutls_x509_crt_deinit
+						    (this_cert);
+						this_cert = NULL;
+					}
+				}
+				break;
+
+			case GNUTLS_BAG_CRL:
+				if (crl == NULL || *crl != NULL) {
+					gnutls_assert();
+					break;
+				}
+
+				ret = gnutls_x509_crl_init(crl);
+				if (ret < 0) {
+					gnutls_assert();
+					goto done;
+				}
+
+				ret =
+				    gnutls_x509_crl_import(*crl, &data,
+							   GNUTLS_X509_FMT_DER);
+				if (ret < 0) {
+					gnutls_assert();
+					gnutls_x509_crl_deinit(*crl);
+					*crl = NULL;
+					goto done;
+				}
+				break;
+
+			case GNUTLS_BAG_ENCRYPTED:
+				/* XXX Bother to recurse one level down?  Unlikely to
+				   use the same password anyway. */
+			case GNUTLS_BAG_EMPTY:
+			default:
+				break;
+			}
+		}
+
+		idx++;
+		gnutls_pkcs12_bag_deinit(bag);
+		bag = NULL;
+	}
+
+	if (chain != NULL) {
+		if (_chain_len != 1) {
+			ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+			goto done;
+		}
+
+		ret =
+		    make_chain(&_chain, &_chain_len, &_extra_certs,
+			       &_extra_certs_len, flags);
+		if (ret < 0) {
+			gnutls_assert();
+			goto done;
+		}
+	}
+
+	ret = 0;
+
+      done:
+	if (bag)
+		gnutls_pkcs12_bag_deinit(bag);
+
+	if (ret < 0) {
+		if (*key) {
+			gnutls_x509_privkey_deinit(*key);
+			*key = NULL;
+		}
+		if (crl != NULL && *crl != NULL) {
+			gnutls_x509_crl_deinit(*crl);
+			*crl = NULL;
+		}
+		if (_extra_certs_len && _extra_certs != NULL) {
+			for (i = 0; i < _extra_certs_len; i++)
+				gnutls_x509_crt_deinit(_extra_certs[i]);
+			gnutls_free(_extra_certs);
+		}
+		if (_chain_len && _chain != NULL) {
+			for (i = 0; i < _chain_len; i++)
+				gnutls_x509_crt_deinit(_chain[i]);
+			gnutls_free(_chain);
+		}
+
+		return ret;
+	}
+
+	if (extra_certs && _extra_certs_len > 0) {
+		*extra_certs = _extra_certs;
+		*extra_certs_len = _extra_certs_len;
+	} else {
+		if (extra_certs) {
+			*extra_certs = NULL;
+			*extra_certs_len = 0;
+		}
+		for (i = 0; i < _extra_certs_len; i++)
+			gnutls_x509_crt_deinit(_extra_certs[i]);
+		gnutls_free(_extra_certs);
+	}
+
+	if (chain != NULL) {
+		*chain = _chain;
+		*chain_len = _chain_len;
+	}
+
+	return ret;
+}
+
+
+/**
+ * gnutls_pkcs12_mac_info:
+ * @pkcs12: A pkcs12 type
+ * @mac: the MAC algorithm used as %gnutls_mac_algorithm_t
+ * @salt: the salt used for string to key (if non-NULL then @salt_size initially holds its size)
+ * @salt_size: string to key salt size
+ * @iter_count: string to key iteration count
+ * @oid: if non-NULL it will contain an allocated null-terminated variable with the OID
+ *
+ * This function will provide information on the MAC algorithm used
+ * in a PKCS #12 structure. If the structure algorithms
+ * are unknown the code %GNUTLS_E_UNKNOWN_HASH_ALGORITHM will be returned,
+ * and only @oid, will be set. That is, @oid will be set on structures
+ * with a MAC whether supported or not. It must be deinitialized using gnutls_free().
+ * The other variables are only set on supported structures.
+ *
+ * Returns: %GNUTLS_E_INVALID_REQUEST if the provided structure doesn't contain a MAC,
+ *  %GNUTLS_E_UNKNOWN_HASH_ALGORITHM if the structure's MAC isn't supported, or
+ *  another negative error code in case of a failure. Zero on success.
+ **/
+int
+gnutls_pkcs12_mac_info(gnutls_pkcs12_t pkcs12, unsigned int *mac,
+	void *salt, unsigned int *salt_size, unsigned int *iter_count, char **oid)
+{
+	int ret;
+	gnutls_datum_t tmp = { NULL, 0 }, dsalt = {
+	NULL, 0};
+	gnutls_mac_algorithm_t algo;
+
+	if (oid)
+		*oid = NULL;
+
+	if (pkcs12 == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret =
+	    _gnutls_x509_read_value(pkcs12->pkcs12, "macData.mac.digestAlgorithm.algorithm",
+				    &tmp);
+	if (ret < 0) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (oid) {
+		*oid = (char*)tmp.data;
+	}
+
+	algo = DIG_TO_MAC(gnutls_oid_to_digest((char*)tmp.data));
+	if (algo == GNUTLS_MAC_UNKNOWN || mac_to_entry(algo) == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_UNKNOWN_HASH_ALGORITHM;
+	}
+
+	if (oid) {
+		tmp.data = NULL;
+	}
+
+	if (mac) {
+		*mac = algo;
+	}
+
+	if (iter_count) {
+		ret =
+		    _gnutls_x509_read_uint(pkcs12->pkcs12, "macData.iterations",
+				   iter_count);
+		if (ret < 0) {
+			*iter_count = 1;	/* the default */
+		}
+	}
+
+	if (salt) {
+		/* Read the salt from the structure.
+		 */
+		ret =
+		    _gnutls_x509_read_null_value(pkcs12->pkcs12, "macData.macSalt",
+					    &dsalt);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		if (*salt_size >= (unsigned)dsalt.size) {
+			*salt_size = dsalt.size;
+			if (dsalt.size > 0)
+				memcpy(salt, dsalt.data, dsalt.size);
+		} else {
+			*salt_size = dsalt.size;
+			ret = gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+			goto cleanup;
+		}
+	}
+
+	ret = 0;
+ cleanup:
+	_gnutls_free_datum(&tmp);
+	_gnutls_free_datum(&dsalt);
+	return ret;
+
+}
+
diff --git a/lib/x509/pkcs12_bag.c b/lib/x509/pkcs12_bag.c
new file mode 100644
index 0000000..51a506e
--- /dev/null
+++ b/lib/x509/pkcs12_bag.c
@@ -0,0 +1,906 @@
+/*
+ * Copyright (C) 2003-2014 Free Software Foundation, Inc.
+ * Copyright (C) 2014 Red Hat
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that relate on PKCS12 Bag packet parsing.
+ */
+
+#include "gnutls_int.h"
+
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include "x509_int.h"
+#include "pkcs7_int.h"
+
+/**
+ * gnutls_pkcs12_bag_init:
+ * @bag: A pointer to the type to be initialized
+ *
+ * This function will initialize a PKCS12 bag structure. PKCS12 Bags
+ * usually contain private keys, lists of X.509 Certificates and X.509
+ * Certificate revocation lists.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs12_bag_init(gnutls_pkcs12_bag_t * bag)
+{
+	*bag = gnutls_calloc(1, sizeof(gnutls_pkcs12_bag_int));
+
+	if (*bag) {
+		return 0;	/* success */
+	}
+	return GNUTLS_E_MEMORY_ERROR;
+}
+
+static inline void _pkcs12_bag_free_data(gnutls_pkcs12_bag_t bag)
+{
+	unsigned i;
+
+	for (i = 0; i < bag->bag_elements; i++) {
+		_gnutls_free_datum(&bag->element[i].data);
+		_gnutls_free_datum(&bag->element[i].local_key_id);
+		gnutls_free(bag->element[i].friendly_name);
+		bag->element[i].type = 0;
+	}
+
+}
+
+
+/**
+ * gnutls_pkcs12_bag_deinit:
+ * @bag: A pointer to the type to be initialized
+ *
+ * This function will deinitialize a PKCS12 Bag structure.
+ **/
+void gnutls_pkcs12_bag_deinit(gnutls_pkcs12_bag_t bag)
+{
+	if (!bag)
+		return;
+
+	_pkcs12_bag_free_data(bag);
+
+	gnutls_free(bag);
+}
+
+/**
+ * gnutls_pkcs12_bag_get_type:
+ * @bag: The bag
+ * @indx: The element of the bag to get the type
+ *
+ * This function will return the bag's type.
+ *
+ * Returns: On error a negative error value or one of the #gnutls_pkcs12_bag_type_t enumerations.
+ **/
+int
+gnutls_pkcs12_bag_get_type(gnutls_pkcs12_bag_t bag, unsigned indx)
+{
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (indx >= bag->bag_elements)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	return bag->element[indx].type;
+}
+
+/**
+ * gnutls_pkcs12_bag_get_count:
+ * @bag: The bag
+ *
+ * This function will return the number of the elements within the bag.
+ *
+ * Returns: Number of elements in bag, or an negative error code on
+ *   error.
+ **/
+int gnutls_pkcs12_bag_get_count(gnutls_pkcs12_bag_t bag)
+{
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return bag->bag_elements;
+}
+
+/**
+ * gnutls_pkcs12_bag_get_data:
+ * @bag: The bag
+ * @indx: The element of the bag to get the data from
+ * @data: where the bag's data will be. Should be treated as constant.
+ *
+ * This function will return the bag's data. The data is a constant
+ * that is stored into the bag.  Should not be accessed after the bag
+ * is deleted.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_pkcs12_bag_get_data(gnutls_pkcs12_bag_t bag, unsigned indx,
+			   gnutls_datum_t * data)
+{
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (indx >= bag->bag_elements)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+	data->data = bag->element[indx].data.data;
+	data->size = bag->element[indx].data.size;
+
+	return 0;
+}
+
+#define X509_CERT_OID "1.2.840.113549.1.9.22.1"
+#define X509_CRL_OID  "1.2.840.113549.1.9.23.1"
+#define RANDOM_NONCE_OID "1.2.840.113549.1.9.25.3"
+
+int
+_pkcs12_decode_crt_bag(gnutls_pkcs12_bag_type_t type,
+		       const gnutls_datum_t * in, gnutls_datum_t * out)
+{
+	int ret;
+	asn1_node c2 = NULL;
+
+	switch (type) {
+	case GNUTLS_BAG_CERTIFICATE:
+		if ((ret = asn1_create_element(_gnutls_get_pkix(),
+					       "PKIX1.pkcs-12-CertBag",
+					       &c2)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret = asn1_der_decoding(&c2, in->data, in->size, NULL);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret =
+		    _gnutls_x509_read_string(c2, "certValue", out,
+					     ASN1_ETYPE_OCTET_STRING, 1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		break;
+
+	case GNUTLS_BAG_CRL:
+		if ((ret = asn1_create_element(_gnutls_get_pkix(),
+					       "PKIX1.pkcs-12-CRLBag",
+					       &c2)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret = asn1_der_decoding(&c2, in->data, in->size, NULL);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret =
+		    _gnutls_x509_read_string(c2, "crlValue", out,
+					     ASN1_ETYPE_OCTET_STRING, 1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		break;
+
+	case GNUTLS_BAG_SECRET:
+		if ((ret = asn1_create_element(_gnutls_get_pkix(),
+					       "PKIX1.pkcs-12-SecretBag",
+					       &c2)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret = asn1_der_decoding(&c2, in->data, in->size, NULL);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret =
+		    _gnutls_x509_read_string(c2, "secretValue", out,
+					     ASN1_ETYPE_OCTET_STRING, 1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		break;
+
+	default:
+		gnutls_assert();
+		asn1_delete_structure(&c2);
+		return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+	}
+
+	asn1_delete_structure(&c2);
+
+	return 0;
+
+
+      cleanup:
+
+	asn1_delete_structure(&c2);
+	return ret;
+}
+
+
+int
+_pkcs12_encode_crt_bag(gnutls_pkcs12_bag_type_t type,
+		       const gnutls_datum_t * raw, gnutls_datum_t * out)
+{
+	int ret;
+	asn1_node c2 = NULL;
+
+	switch (type) {
+	case GNUTLS_BAG_CERTIFICATE:
+		if ((ret = asn1_create_element(_gnutls_get_pkix(),
+					       "PKIX1.pkcs-12-CertBag",
+					       &c2)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret = asn1_write_value(c2, "certId", X509_CERT_OID, 1);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret =
+		    _gnutls_x509_write_string(c2, "certValue", raw,
+					      ASN1_ETYPE_OCTET_STRING);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		break;
+
+	case GNUTLS_BAG_CRL:
+		if ((ret = asn1_create_element(_gnutls_get_pkix(),
+					       "PKIX1.pkcs-12-CRLBag",
+					       &c2)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret = asn1_write_value(c2, "crlId", X509_CRL_OID, 1);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret =
+		    _gnutls_x509_write_string(c2, "crlValue", raw,
+					      ASN1_ETYPE_OCTET_STRING);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		break;
+
+	case GNUTLS_BAG_SECRET:
+		if ((ret = asn1_create_element(_gnutls_get_pkix(),
+					       "PKIX1.pkcs-12-SecretBag",
+					       &c2)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret =
+		    asn1_write_value(c2, "secretTypeId", RANDOM_NONCE_OID,
+				     1);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret =
+		    _gnutls_x509_write_string(c2, "secretValue", raw,
+					      ASN1_ETYPE_OCTET_STRING);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		break;
+
+	default:
+		gnutls_assert();
+		asn1_delete_structure(&c2);
+		return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+	}
+
+	ret = _gnutls_x509_der_encode(c2, "", out, 0);
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	asn1_delete_structure(&c2);
+
+	return 0;
+
+
+      cleanup:
+
+	asn1_delete_structure(&c2);
+	return ret;
+}
+
+
+/**
+ * gnutls_pkcs12_bag_set_data:
+ * @bag: The bag
+ * @type: The data's type
+ * @data: the data to be copied.
+ *
+ * This function will insert the given data of the given type into
+ * the bag.
+ *
+ * Returns: the index of the added bag on success, or a negative
+ * value on error.
+ **/
+int
+gnutls_pkcs12_bag_set_data(gnutls_pkcs12_bag_t bag,
+			   gnutls_pkcs12_bag_type_t type,
+			   const gnutls_datum_t * data)
+{
+	int ret;
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (bag->bag_elements == MAX_BAG_ELEMENTS - 1) {
+		gnutls_assert();
+		/* bag is full */
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	if (bag->bag_elements == 1) {
+		/* A bag with a key or an encrypted bag, must have
+		 * only one element.
+		 */
+
+		if (bag->element[0].type == GNUTLS_BAG_PKCS8_KEY ||
+		    bag->element[0].type == GNUTLS_BAG_PKCS8_ENCRYPTED_KEY
+		    || bag->element[0].type == GNUTLS_BAG_ENCRYPTED) {
+			gnutls_assert();
+			return GNUTLS_E_INVALID_REQUEST;
+		}
+	}
+
+	ret =
+	    _gnutls_set_datum(&bag->element[bag->bag_elements].data,
+			      data->data, data->size);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	bag->element[bag->bag_elements].type = type;
+
+	bag->bag_elements++;
+
+	return bag->bag_elements - 1;
+}
+
+/**
+ * gnutls_pkcs12_bag_set_crt:
+ * @bag: The bag
+ * @crt: the certificate to be copied.
+ *
+ * This function will insert the given certificate into the
+ * bag. This is just a wrapper over gnutls_pkcs12_bag_set_data().
+ *
+ * Returns: the index of the added bag on success, or a negative
+ * value on failure.
+ **/
+int
+gnutls_pkcs12_bag_set_crt(gnutls_pkcs12_bag_t bag, gnutls_x509_crt_t crt)
+{
+	int ret;
+	gnutls_datum_t data;
+
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_der_encode(crt->cert, "", &data, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    gnutls_pkcs12_bag_set_data(bag, GNUTLS_BAG_CERTIFICATE, &data);
+
+	_gnutls_free_datum(&data);
+
+	return ret;
+}
+
+/**
+ * gnutls_pkcs12_bag_set_crl:
+ * @bag: The bag
+ * @crl: the CRL to be copied.
+ *
+ * This function will insert the given CRL into the
+ * bag. This is just a wrapper over gnutls_pkcs12_bag_set_data().
+ *
+ * Returns: the index of the added bag on success, or a negative error code
+ * on failure.
+ **/
+int
+gnutls_pkcs12_bag_set_crl(gnutls_pkcs12_bag_t bag, gnutls_x509_crl_t crl)
+{
+	int ret;
+	gnutls_datum_t data;
+
+
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_der_encode(crl->crl, "", &data, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_pkcs12_bag_set_data(bag, GNUTLS_BAG_CRL, &data);
+
+	_gnutls_free_datum(&data);
+
+	return ret;
+}
+
+/**
+ * gnutls_pkcs12_bag_set_key_id:
+ * @bag: The bag
+ * @indx: The bag's element to add the id
+ * @id: the ID
+ *
+ * This function will add the given key ID, to the specified, by the
+ * index, bag element. The key ID will be encoded as a 'Local key
+ * identifier' bag attribute, which is usually used to distinguish
+ * the local private key and the certificate pair.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. or a negative error code on error.
+ **/
+int
+gnutls_pkcs12_bag_set_key_id(gnutls_pkcs12_bag_t bag, unsigned indx,
+			     const gnutls_datum_t * id)
+{
+	int ret;
+
+
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (indx > bag->bag_elements - 1) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_set_datum(&bag->element[indx].local_key_id,
+				id->data, id->size);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs12_bag_get_key_id:
+ * @bag: The bag
+ * @indx: The bag's element to add the id
+ * @id: where the ID will be copied (to be treated as const)
+ *
+ * This function will return the key ID, of the specified bag element.
+ * The key ID is usually used to distinguish the local private key and
+ * the certificate pair.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. or a negative error code on error.
+ **/
+int
+gnutls_pkcs12_bag_get_key_id(gnutls_pkcs12_bag_t bag, unsigned indx,
+			     gnutls_datum_t * id)
+{
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (indx > bag->bag_elements - 1) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	id->data = bag->element[indx].local_key_id.data;
+	id->size = bag->element[indx].local_key_id.size;
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs12_bag_get_friendly_name:
+ * @bag: The bag
+ * @indx: The bag's element to add the id
+ * @name: will hold a pointer to the name (to be treated as const)
+ *
+ * This function will return the friendly name, of the specified bag
+ * element.  The key ID is usually used to distinguish the local
+ * private key and the certificate pair.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. or a negative error code on error.
+ **/
+int
+gnutls_pkcs12_bag_get_friendly_name(gnutls_pkcs12_bag_t bag, unsigned indx,
+				    char **name)
+{
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (indx > bag->bag_elements - 1) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	*name = bag->element[indx].friendly_name;
+
+	return 0;
+}
+
+
+/**
+ * gnutls_pkcs12_bag_set_friendly_name:
+ * @bag: The bag
+ * @indx: The bag's element to add the id
+ * @name: the name
+ *
+ * This function will add the given key friendly name, to the
+ * specified, by the index, bag element. The name will be encoded as
+ * a 'Friendly name' bag attribute, which is usually used to set a
+ * user name to the local private key and the certificate pair.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. or a negative error code on error.
+ **/
+int
+gnutls_pkcs12_bag_set_friendly_name(gnutls_pkcs12_bag_t bag, unsigned indx,
+				    const char *name)
+{
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (indx > bag->bag_elements - 1) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	bag->element[indx].friendly_name = gnutls_strdup(name);
+
+	if (name == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+
+/**
+ * gnutls_pkcs12_bag_decrypt:
+ * @bag: The bag
+ * @pass: The password used for encryption, must be ASCII.
+ *
+ * This function will decrypt the given encrypted bag and return 0 on
+ * success.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int gnutls_pkcs12_bag_decrypt(gnutls_pkcs12_bag_t bag, const char *pass)
+{
+	int ret;
+	gnutls_datum_t dec;
+
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (bag->element[0].type != GNUTLS_BAG_ENCRYPTED) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret =
+	    _gnutls_pkcs7_decrypt_data(&bag->element[0].data, pass, &dec);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* decryption succeeded. Now decode the SafeContents
+	 * stuff, and parse it.
+	 */
+
+	_gnutls_free_datum(&bag->element[0].data);
+
+	ret = _pkcs12_decode_safe_contents(&dec, bag);
+
+	_gnutls_free_datum(&dec);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs12_bag_encrypt:
+ * @bag: The bag
+ * @pass: The password used for encryption, must be ASCII
+ * @flags: should be one of #gnutls_pkcs_encrypt_flags_t elements bitwise or'd
+ *
+ * This function will encrypt the given bag.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int
+gnutls_pkcs12_bag_encrypt(gnutls_pkcs12_bag_t bag, const char *pass,
+			  unsigned int flags)
+{
+	int ret;
+	asn1_node safe_cont = NULL;
+	gnutls_datum_t der = { NULL, 0 };
+	gnutls_datum_t enc = { NULL, 0 };
+	schema_id id;
+
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (bag->element[0].type == GNUTLS_BAG_ENCRYPTED) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Encode the whole bag to a safe contents
+	 * structure.
+	 */
+	ret = _pkcs12_encode_safe_contents(bag, &safe_cont, NULL);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* DER encode the SafeContents.
+	 */
+	ret = _gnutls_x509_der_encode(safe_cont, "", &der, 0);
+
+	asn1_delete_structure(&safe_cont);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (flags & GNUTLS_PKCS_PLAIN) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	id = _gnutls_pkcs_flags_to_schema(flags);
+
+	/* Now encrypt them.
+	 */
+	ret = _gnutls_pkcs7_encrypt_data(id, &der, pass, &enc);
+
+	_gnutls_free_datum(&der);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* encryption succeeded. 
+	 */
+
+	_pkcs12_bag_free_data(bag);
+
+	bag->element[0].type = GNUTLS_BAG_ENCRYPTED;
+	bag->element[0].data = enc;
+
+	bag->bag_elements = 1;
+
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs12_bag_enc_info:
+ * @bag: The bag
+ * @schema: indicate the schema as one of %gnutls_pkcs_encrypt_flags_t
+ * @cipher: the cipher used as %gnutls_cipher_algorithm_t
+ * @salt: PBKDF2 salt (if non-NULL then @salt_size initially holds its size)
+ * @salt_size: PBKDF2 salt size
+ * @iter_count: PBKDF2 iteration count
+ * @oid: if non-NULL it will contain an allocated null-terminated variable with the OID
+ *
+ * This function will provide information on the encryption algorithms used
+ * in an encrypted bag. If the structure algorithms
+ * are unknown the code %GNUTLS_E_UNKNOWN_CIPHER_TYPE will be returned,
+ * and only @oid, will be set. That is, @oid will be set on encrypted bags
+ * whether supported or not. It must be deinitialized using gnutls_free().
+ * The other variables are only set on supported structures.
+ *
+ * Returns: %GNUTLS_E_INVALID_REQUEST if the provided bag isn't encrypted,
+ *  %GNUTLS_E_UNKNOWN_CIPHER_TYPE if the structure's encryption isn't supported, or
+ *  another negative error code in case of a failure. Zero on success.
+ **/
+int
+gnutls_pkcs12_bag_enc_info(gnutls_pkcs12_bag_t bag, unsigned int *schema, unsigned int *cipher,
+	void *salt, unsigned int *salt_size, unsigned int *iter_count, char **oid)
+{
+	int ret;
+	struct pbkdf2_params kdf;
+	const struct pkcs_cipher_schema_st *p;
+
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (bag->element[0].type != GNUTLS_BAG_ENCRYPTED) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret =
+	    _gnutls_pkcs7_data_enc_info(&bag->element[0].data, &p, &kdf, oid);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (schema)
+		*schema = p->flag;
+
+	if (cipher)
+		*cipher = p->cipher;
+
+	if (iter_count)
+		 *iter_count = kdf.iter_count;
+
+	if (salt) {
+		if (*salt_size >= (unsigned)kdf.salt_size) {
+			memcpy(salt, kdf.salt, kdf.salt_size);
+		} else {
+			*salt_size = kdf.salt_size;
+			return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+		}
+	}
+
+	if (salt_size)
+		*salt_size = kdf.salt_size;
+
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs12_bag_set_privkey:
+ * @bag: The bag
+ * @privkey: the private key to be copied.
+ * @password: the password to protect the key with (may be %NULL)
+ * @flags: should be one of #gnutls_pkcs_encrypt_flags_t elements bitwise or'd
+ *
+ * This function will insert the given private key into the
+ * bag. This is just a wrapper over gnutls_pkcs12_bag_set_data().
+ *
+ * Returns: the index of the added bag on success, or a negative
+ * value on failure.
+ **/
+int
+gnutls_pkcs12_bag_set_privkey(gnutls_pkcs12_bag_t bag, gnutls_x509_privkey_t privkey,
+			      const char *password, unsigned flags)
+{
+	int ret;
+	gnutls_datum_t data = {NULL, 0};
+
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_x509_privkey_export2_pkcs8(privkey, GNUTLS_X509_FMT_DER,
+						password, flags, &data);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (password == NULL) {
+		ret = gnutls_pkcs12_bag_set_data(bag, GNUTLS_BAG_PKCS8_KEY, &data);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	} else {
+		ret = gnutls_pkcs12_bag_set_data(bag, GNUTLS_BAG_PKCS8_ENCRYPTED_KEY, &data);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+ cleanup:
+	_gnutls_free_datum(&data);
+
+	return ret;
+}
diff --git a/lib/x509/pkcs12_encr.c b/lib/x509/pkcs12_encr.c
new file mode 100644
index 0000000..55c46e4
--- /dev/null
+++ b/lib/x509/pkcs12_encr.c
@@ -0,0 +1,227 @@
+/* minip12.c - A mini pkcs-12 implementation (modified for gnutls)
+ *
+ * Copyright (C) 2002-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+
+#include <mpi.h>
+#include "errors.h"
+#include <x509_int.h>
+#include <algorithms.h>
+
+#define MAX_PASS_LEN 8192
+#define MAX_V_SIZE 128
+/* ID should be:
+ * 3 for MAC
+ * 2 for IV
+ * 1 for encryption key
+ *
+ * Note that this function produces different key for the
+ * NULL password, and for the password with zero length.
+ */
+int
+_gnutls_pkcs12_string_to_key(const mac_entry_st * me,
+			     unsigned int id, const uint8_t * salt,
+			     unsigned int salt_size, unsigned int iter,
+			     const char *pw, unsigned int req_keylen,
+			     uint8_t * keybuf)
+{
+	int rc;
+	unsigned int i, j;
+	digest_hd_st md;
+	bigint_t num_b1 = NULL, num_ij = NULL;
+	bigint_t v_mpi = NULL;
+	unsigned int pwlen;
+	uint8_t hash[MAX_HASH_SIZE], buf_b[MAX_V_SIZE], buf_i[MAX_PASS_LEN + MAX_V_SIZE], *p;
+	uint8_t d[MAX_V_SIZE];
+	size_t cur_keylen;
+	size_t n, m, plen, i_size;
+	size_t slen;
+	gnutls_datum_t ucs2 = {NULL, 0};
+	unsigned mac_len;
+	uint8_t v_val[MAX_V_SIZE+1];
+	unsigned v_size = 0;
+
+	switch (me->id) {
+		case GNUTLS_DIG_GOSTR_94:
+			v_size = 32;
+			break;
+		case GNUTLS_DIG_SHA1:
+		case GNUTLS_DIG_SHA224:
+		case GNUTLS_DIG_SHA256:
+		case GNUTLS_DIG_STREEBOG_256:
+		case GNUTLS_DIG_STREEBOG_512:
+			v_size = 64;
+			break;
+		case GNUTLS_DIG_SHA384:
+		case GNUTLS_DIG_SHA512:
+			v_size = 128;
+			break;
+		default:
+			break;
+	}
+
+	if (v_size == 0 || v_size > MAX_V_SIZE)
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+
+	memset(v_val, 0, sizeof(v_val));
+	v_val[0] = 0x01; /* make it be 2^64 or 2^128 */
+
+	cur_keylen = 0;
+
+	if (pw) {
+		pwlen = strlen(pw);
+
+		if (pwlen == 0) {
+			ucs2.data = gnutls_calloc(1, 2);
+			if (ucs2.data == NULL)
+				return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+			ucs2.size = 2;
+		} else {
+			rc = _gnutls_utf8_to_ucs2(pw, pwlen, &ucs2, 1);
+			if (rc < 0)
+				return gnutls_assert_val(rc);
+
+			/* include terminating zero */
+			ucs2.size+=2;
+		}
+		pwlen = ucs2.size;
+		pw = (char*)ucs2.data;
+	} else {
+		pwlen = 0;
+	}
+
+	if (pwlen > MAX_PASS_LEN) {
+		rc = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto cleanup;
+	}
+
+	rc = _gnutls_mpi_init_scan(&v_mpi, v_val, v_size+1);
+	if (rc < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Store salt and password in BUF_I */
+	slen = ((salt_size+v_size-1)/v_size) * v_size;
+	plen = ((pwlen+v_size-1)/v_size) * v_size;
+	i_size = slen + plen;
+
+	if (i_size > sizeof(buf_i)) {
+		rc = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto cleanup;
+	}
+
+	p = buf_i;
+	for (i = 0; i < slen; i++)
+		*p++ = salt[i % salt_size];
+
+	if (pw) {
+		for (i = j = 0; i < plen; i += 2) {
+			*p++ = pw[j];
+			*p++ = pw[j+1];
+			j+=2;
+			if (j >= pwlen)
+				j = 0;
+		}
+	} else {
+		memset(p, 0, plen);
+	}
+
+	mac_len = _gnutls_mac_get_algo_len(me);
+	assert(mac_len != 0);
+
+	for (;;) {
+		rc = _gnutls_hash_init(&md, me);
+		if (rc < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+		memset(d, id & 0xff, v_size);
+		_gnutls_hash(&md, d, v_size);
+		_gnutls_hash(&md, buf_i, i_size);
+		_gnutls_hash_deinit(&md, hash);
+		for (i = 1; i < iter; i++) {
+			rc = _gnutls_hash_fast((gnutls_digest_algorithm_t)me->id,
+					       hash, mac_len, hash);
+			if (rc < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+		}
+		for (i = 0; i < mac_len && cur_keylen < req_keylen; i++)
+			keybuf[cur_keylen++] = hash[i];
+		if (cur_keylen == req_keylen) {
+			rc = 0;	/* ready */
+			goto cleanup;
+		}
+
+		/* need more bytes. */
+		for (i = 0; i < v_size; i++)
+			buf_b[i] = hash[i % mac_len];
+		n = v_size;
+		rc = _gnutls_mpi_init_scan(&num_b1, buf_b, n);
+		if (rc < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		rc = _gnutls_mpi_add_ui(num_b1, num_b1, 1);
+		if (rc < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		for (i = 0; i < i_size; i += v_size) {
+			n = v_size;
+			rc = _gnutls_mpi_init_scan(&num_ij, buf_i + i, n);
+			if (rc < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			rc = _gnutls_mpi_addm(num_ij, num_ij, num_b1, v_mpi);
+			if (rc < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			n = v_size;
+			m = (_gnutls_mpi_get_nbits(num_ij) + 7) / 8;
+
+			memset(buf_i + i, 0, n - m);
+			rc = _gnutls_mpi_print(num_ij, buf_i + i + n - m,
+					       &n);
+			if (rc < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			_gnutls_mpi_release(&num_ij);
+		}
+	}
+      cleanup:
+	_gnutls_mpi_release(&num_ij);
+	_gnutls_mpi_release(&num_b1);
+	_gnutls_mpi_release(&v_mpi);
+	gnutls_free(ucs2.data);
+
+	return rc;
+}
diff --git a/lib/x509/pkcs7-attrs.c b/lib/x509/pkcs7-attrs.c
new file mode 100644
index 0000000..25f9472
--- /dev/null
+++ b/lib/x509/pkcs7-attrs.c
@@ -0,0 +1,162 @@
+/*
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that relate on PKCS7 attribute setting.
+ */
+
+#include "gnutls_int.h"
+
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <x509_b64.h>
+#include <gnutls/abstract.h>
+#include <gnutls/pkcs7.h>
+
+/**
+ * gnutls_pkcs7_add_attr:
+ * @list: A list of existing attributes or pointer to %NULL for the first one
+ * @oid: the OID of the attribute to be set
+ * @data: the raw (DER-encoded) data of the attribute to be set
+ * @flags: zero or %GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING
+ *
+ * This function will set a PKCS #7 attribute in the provided list.
+ * If this function fails, the previous list would be deallocated.
+ *
+ * Note that any attributes set with this function must either be
+ * DER or BER encoded, unless a special flag is present.
+ *
+ * Returns: On success, the new list head, otherwise %NULL.
+ *
+ * Since: 3.4.2
+ **/
+int
+gnutls_pkcs7_add_attr(gnutls_pkcs7_attrs_t * list, const char *oid,
+		      gnutls_datum_t * data, unsigned flags)
+{
+	int ret;
+	gnutls_pkcs7_attrs_st *r;
+
+	r = gnutls_calloc(1, sizeof(gnutls_pkcs7_attrs_st));
+	if (r == NULL)
+		goto fail;
+
+	if (flags & GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING) {
+		ret = _gnutls_x509_encode_string(ASN1_ETYPE_OCTET_STRING,
+						 data->data, data->size,
+						 &r->data);
+	} else {
+		ret = _gnutls_set_datum(&r->data, data->data, data->size);
+	}
+	if (ret < 0)
+		goto fail;
+
+	r->oid = gnutls_strdup(oid);
+	if (r->oid == NULL)
+		goto fail;
+
+	r->next = *list;
+	*list = r;
+
+	return 0;
+ fail:
+	if (r) {
+		gnutls_free(r->data.data);
+		gnutls_free(r);
+	}
+	gnutls_pkcs7_attrs_deinit(*list);
+	return GNUTLS_E_MEMORY_ERROR;
+
+}
+
+/**
+ * gnutls_pkcs7_get_attr:
+ * @list: A list of existing attributes or %NULL for the first one
+ * @idx: the index of the attribute to get
+ * @oid: the OID of the attribute (read-only)
+ * @data: the raw data of the attribute
+ * @flags: zero or %GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING
+ *
+ * This function will get a PKCS #7 attribute from the provided list.
+ * The OID is a constant string, but data will be allocated and must be
+ * deinitialized by the caller.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned
+ *   if there are no data in the current index.
+ *
+ * Since: 3.4.2
+ **/
+int
+gnutls_pkcs7_get_attr(gnutls_pkcs7_attrs_t list, unsigned idx, char **oid,
+		      gnutls_datum_t * data, unsigned flags)
+{
+	unsigned i;
+	gnutls_pkcs7_attrs_st *p = list;
+	int ret;
+
+	for (i = 0; i < idx; i++) {
+		p = p->next;
+		if (p == NULL)
+			break;
+	}
+
+	if (p == NULL)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	*oid = p->oid;
+
+	if (flags & GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING) {
+		ret = _gnutls_x509_decode_string(ASN1_ETYPE_OCTET_STRING,
+						 p->data.data, p->data.size,
+						 data, 1);
+	} else {
+		ret = _gnutls_set_datum(data, p->data.data, p->data.size);
+	}
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs7_attrs_deinit:
+ * @list: A list of existing attributes
+ *
+ * This function will clear a PKCS #7 attribute list.
+ *
+ * Since: 3.4.2
+ **/
+void gnutls_pkcs7_attrs_deinit(gnutls_pkcs7_attrs_t list)
+{
+	gnutls_pkcs7_attrs_st *r = list, *next;
+
+	while (r) {
+		next = r->next;
+
+		gnutls_free(r->data.data);
+		gnutls_free(r->oid);
+		gnutls_free(r);
+		r = next;
+	}
+}
diff --git a/lib/x509/pkcs7-crypt.c b/lib/x509/pkcs7-crypt.c
new file mode 100644
index 0000000..59eddcd
--- /dev/null
+++ b/lib/x509/pkcs7-crypt.c
@@ -0,0 +1,1793 @@
+/*
+ * Copyright (C) 2003-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2014-2016 Red Hat
+ * Copyright (C) 2014-2016 Nikos Mavrogiannopoulos
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <x509.h>
+#include <x509_b64.h>
+#include "x509_int.h"
+#include "pkcs7_int.h"
+#include <algorithms.h>
+#include <num.h>
+#include <random.h>
+#include <pk.h>
+
+#define PBES1_DES_MD5_OID "1.2.840.113549.1.5.3"
+
+#define PBES2_OID "1.2.840.113549.1.5.13"
+#define PBKDF2_OID "1.2.840.113549.1.5.12"
+#define DES_EDE3_CBC_OID "1.2.840.113549.3.7"
+#define AES_128_CBC_OID "2.16.840.1.101.3.4.1.2"
+#define AES_192_CBC_OID "2.16.840.1.101.3.4.1.22"
+#define AES_256_CBC_OID "2.16.840.1.101.3.4.1.42"
+#define DES_CBC_OID "1.3.14.3.2.7"
+
+/* oid_pbeWithSHAAnd3_KeyTripleDES_CBC */
+#define PKCS12_PBE_3DES_SHA1_OID "1.2.840.113549.1.12.1.3"
+#define PKCS12_PBE_ARCFOUR_SHA1_OID "1.2.840.113549.1.12.1.1"
+#define PKCS12_PBE_RC2_40_SHA1_OID "1.2.840.113549.1.12.1.6"
+
+static const struct pkcs_cipher_schema_st avail_pkcs_cipher_schemas[] = {
+	{
+	 .schema = PBES1_DES_MD5,
+	 .name = "PBES1-DES-CBC-MD5",
+	 .flag = GNUTLS_PKCS_PBES1_DES_MD5,
+	 .cipher = GNUTLS_CIPHER_DES_CBC,
+	 .pbes2 = 0,
+	 .cipher_oid = PBES1_DES_MD5_OID,
+	 .write_oid = PBES1_DES_MD5_OID,
+	 .desc = NULL,
+	 .iv_name = NULL,
+	 .decrypt_only = 1},
+	{
+	 .schema = PBES2_3DES,
+	 .name = "PBES2-3DES-CBC",
+	 .flag = GNUTLS_PKCS_PBES2_3DES,
+	 .cipher = GNUTLS_CIPHER_3DES_CBC,
+	 .pbes2 = 1,
+	 .cipher_oid = DES_EDE3_CBC_OID,
+	 .write_oid = PBES2_OID,
+	 .desc = "PKIX1.pkcs-5-des-EDE3-CBC-params",
+	 .iv_name = "",
+	 .decrypt_only = 0},
+	{
+	 .schema = PBES2_DES,
+	 .name = "PBES2-DES-CBC",
+	 .flag = GNUTLS_PKCS_PBES2_DES,
+	 .cipher = GNUTLS_CIPHER_DES_CBC,
+	 .pbes2 = 1,
+	 .cipher_oid = DES_CBC_OID,
+	 .write_oid = PBES2_OID,
+	 .desc = "PKIX1.pkcs-5-des-CBC-params",
+	 .iv_name = "",
+	 .decrypt_only = 0},
+	{
+	 .schema = PBES2_AES_128,
+	 .name = "PBES2-AES128-CBC",
+	 .flag = GNUTLS_PKCS_PBES2_AES_128,
+	 .cipher = GNUTLS_CIPHER_AES_128_CBC,
+	 .pbes2 = 1,
+	 .cipher_oid = AES_128_CBC_OID,
+	 .write_oid = PBES2_OID,
+	 .desc = "PKIX1.pkcs-5-aes128-CBC-params",
+	 .iv_name = "",
+	 .decrypt_only = 0},
+	{
+	 .schema = PBES2_AES_192,
+	 .name = "PBES2-AES192-CBC",
+	 .flag = GNUTLS_PKCS_PBES2_AES_192,
+	 .cipher = GNUTLS_CIPHER_AES_192_CBC,
+	 .pbes2 = 1,
+	 .cipher_oid = AES_192_CBC_OID,
+	 .write_oid = PBES2_OID,
+	 .desc = "PKIX1.pkcs-5-aes192-CBC-params",
+	 .iv_name = "",
+	 .decrypt_only = 0},
+	{
+	 .schema = PBES2_AES_256,
+	 .name = "PBES2-AES256-CBC",
+	 .flag = GNUTLS_PKCS_PBES2_AES_256,
+	 .cipher = GNUTLS_CIPHER_AES_256_CBC,
+	 .pbes2 = 1,
+	 .cipher_oid = AES_256_CBC_OID,
+	 .write_oid = PBES2_OID,
+	 .desc = "PKIX1.pkcs-5-aes256-CBC-params",
+	 .iv_name = "",
+	 .decrypt_only = 0},
+	{
+	 .schema = PBES2_GOST28147_89_TC26Z,
+	 .name = "PBES2-GOST28147-89-TC26Z",
+	 .flag = GNUTLS_PKCS_PBES2_GOST_TC26Z,
+	 .cipher = GNUTLS_CIPHER_GOST28147_TC26Z_CFB,
+	 .pbes2 = 1,
+	 .cipher_oid = GOST28147_89_TC26Z_OID,
+	 .write_oid = PBES2_OID,
+	 .desc = "PKIX1.Gost28147-89-Parameters",
+	 .iv_name = "iv",
+	 .decrypt_only = 0},
+	{
+	 .schema = PBES2_GOST28147_89_CPA,
+	 .name = "PBES2-GOST28147-89-CPA",
+	 .flag = GNUTLS_PKCS_PBES2_GOST_CPA,
+	 .cipher = GNUTLS_CIPHER_GOST28147_CPA_CFB,
+	 .pbes2 = 1,
+	 .cipher_oid = GOST28147_89_CPA_OID,
+	 .write_oid = PBES2_OID,
+	 .desc = "PKIX1.Gost28147-89-Parameters",
+	 .iv_name = "iv",
+	 .decrypt_only = 0},
+	{
+	 .schema = PBES2_GOST28147_89_CPB,
+	 .name = "PBES2-GOST28147-89-CPB",
+	 .flag = GNUTLS_PKCS_PBES2_GOST_CPB,
+	 .cipher = GNUTLS_CIPHER_GOST28147_CPB_CFB,
+	 .pbes2 = 1,
+	 .cipher_oid = GOST28147_89_CPB_OID,
+	 .write_oid = PBES2_OID,
+	 .desc = "PKIX1.Gost28147-89-Parameters",
+	 .iv_name = "iv",
+	 .decrypt_only = 0},
+	{
+	 .schema = PBES2_GOST28147_89_CPC,
+	 .name = "PBES2-GOST28147-89-CPC",
+	 .flag = GNUTLS_PKCS_PBES2_GOST_CPC,
+	 .cipher = GNUTLS_CIPHER_GOST28147_CPC_CFB,
+	 .pbes2 = 1,
+	 .cipher_oid = GOST28147_89_CPC_OID,
+	 .write_oid = PBES2_OID,
+	 .desc = "PKIX1.Gost28147-89-Parameters",
+	 .iv_name = "iv",
+	 .decrypt_only = 0},
+	{
+	 .schema = PBES2_GOST28147_89_CPD,
+	 .name = "PBES2-GOST28147-89-CPD",
+	 .flag = GNUTLS_PKCS_PBES2_GOST_CPD,
+	 .cipher = GNUTLS_CIPHER_GOST28147_CPD_CFB,
+	 .pbes2 = 1,
+	 .cipher_oid = GOST28147_89_CPD_OID,
+	 .write_oid = PBES2_OID,
+	 .desc = "PKIX1.Gost28147-89-Parameters",
+	 .iv_name = "iv",
+	 .decrypt_only = 0},
+	{
+	 .schema = PKCS12_ARCFOUR_SHA1,
+	 .name = "PKCS12-ARCFOUR-SHA1",
+	 .flag = GNUTLS_PKCS_PKCS12_ARCFOUR,
+	 .cipher = GNUTLS_CIPHER_ARCFOUR,
+	 .pbes2 = 0,
+	 .cipher_oid = PKCS12_PBE_ARCFOUR_SHA1_OID,
+	 .write_oid = PKCS12_PBE_ARCFOUR_SHA1_OID,
+	 .desc = NULL,
+	 .iv_name = NULL,
+	 .decrypt_only = 0},
+	{
+	 .schema = PKCS12_RC2_40_SHA1,
+	 .name = "PKCS12-RC2-40-SHA1",
+	 .flag = GNUTLS_PKCS_PKCS12_RC2_40,
+	 .cipher = GNUTLS_CIPHER_RC2_40_CBC,
+	 .pbes2 = 0,
+	 .cipher_oid = PKCS12_PBE_RC2_40_SHA1_OID,
+	 .write_oid = PKCS12_PBE_RC2_40_SHA1_OID,
+	 .desc = NULL,
+	 .iv_name = NULL,
+	 .decrypt_only = 0},
+	{
+	 .schema = PKCS12_3DES_SHA1,
+	 .name = "PKCS12-3DES-SHA1",
+	 .flag = GNUTLS_PKCS_PKCS12_3DES,
+	 .cipher = GNUTLS_CIPHER_3DES_CBC,
+	 .pbes2 = 0,
+	 .cipher_oid = PKCS12_PBE_3DES_SHA1_OID,
+	 .write_oid = PKCS12_PBE_3DES_SHA1_OID,
+	 .desc = NULL,
+	 .iv_name = NULL,
+	 .decrypt_only = 0},
+	{0, 0, 0, 0, 0}
+};
+
+#define PBES2_SCHEMA_LOOP(b) { \
+	const struct pkcs_cipher_schema_st * _p; \
+		for (_p=avail_pkcs_cipher_schemas;_p->schema != 0;_p++) { b; } \
+	}
+
+#define PBES2_SCHEMA_FIND_FROM_FLAGS(fl, what) \
+	PBES2_SCHEMA_LOOP( if (_p->flag == GNUTLS_PKCS_CIPHER_MASK(fl)) { what; } )
+
+int _gnutls_pkcs_flags_to_schema(unsigned int flags)
+{
+	PBES2_SCHEMA_FIND_FROM_FLAGS(flags, return _p->schema;
+	    );
+
+	gnutls_assert();
+	_gnutls_debug_log
+	    ("Selecting default encryption PBES2_AES_256 (flags: %u).\n",
+	     flags);
+	return PBES2_AES_256;
+}
+
+/**
+ * gnutls_pkcs_schema_get_name:
+ * @schema: Holds the PKCS #12 or PBES2 schema (%gnutls_pkcs_encrypt_flags_t)
+ *
+ * This function will return a human readable description of the
+ * PKCS12 or PBES2 schema.
+ *
+ * Returns: a constraint string or %NULL on error.
+ *
+ * Since: 3.4.0
+ */
+const char *gnutls_pkcs_schema_get_name(unsigned int schema)
+{
+	PBES2_SCHEMA_FIND_FROM_FLAGS(schema, return _p->name;
+	    );
+	return NULL;
+}
+
+/**
+ * gnutls_pkcs_schema_get_oid:
+ * @schema: Holds the PKCS #12 or PBES2 schema (%gnutls_pkcs_encrypt_flags_t)
+ *
+ * This function will return the object identifier of the
+ * PKCS12 or PBES2 schema.
+ *
+ * Returns: a constraint string or %NULL on error.
+ *
+ * Since: 3.4.0
+ */
+const char *gnutls_pkcs_schema_get_oid(unsigned int schema)
+{
+	PBES2_SCHEMA_FIND_FROM_FLAGS(schema, return _p->cipher_oid;
+	    );
+	return NULL;
+}
+
+static const struct pkcs_cipher_schema_st *algo_to_pbes2_cipher_schema(unsigned
+								       cipher)
+{
+	PBES2_SCHEMA_LOOP(if (_p->cipher == cipher && _p->pbes2 != 0) {
+			  return _p;}
+	) ;
+
+	gnutls_assert();
+	return NULL;
+}
+
+/* Converts a PKCS#7 encryption schema OID to an internal
+ * schema_id or returns a negative value */
+int _gnutls_check_pkcs_cipher_schema(const char *oid)
+{
+	if (strcmp(oid, PBES2_OID) == 0)
+		return PBES2_GENERIC;	/* PBES2 ciphers are under an umbrella OID */
+
+	PBES2_SCHEMA_LOOP(if (_p->pbes2 == 0 && strcmp(oid, _p->write_oid) == 0) {
+			  return _p->schema;}
+	) ;
+	_gnutls_debug_log
+	    ("PKCS #12 encryption schema OID '%s' is unsupported.\n", oid);
+
+	return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
+}
+
+const struct pkcs_cipher_schema_st *_gnutls_pkcs_schema_get(schema_id schema)
+{
+	PBES2_SCHEMA_LOOP(if (schema == _p->schema) return _p;) ;
+
+	gnutls_assert();
+	return NULL;
+}
+
+/* Converts an OID to a gnutls cipher type.
+ */
+static int
+pbes2_cipher_oid_to_algo(const char *oid, gnutls_cipher_algorithm_t * algo)
+{
+
+	*algo = 0;
+	PBES2_SCHEMA_LOOP(if
+			  (_p->pbes2 != 0 && strcmp(_p->cipher_oid, oid) == 0) {
+			  *algo = _p->cipher; return 0;}
+	) ;
+
+	_gnutls_debug_log("PKCS #8 encryption OID '%s' is unsupported.\n", oid);
+	return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
+}
+
+/* Decrypts a PKCS #7 encryptedData. The output is allocated
+ * and stored in dec.
+ */
+int
+_gnutls_pkcs7_decrypt_data(const gnutls_datum_t * data,
+			   const char *password, gnutls_datum_t * dec)
+{
+	int result, len;
+	char enc_oid[MAX_OID_SIZE];
+	gnutls_datum_t tmp;
+	asn1_node pasn = NULL, pkcs7_asn = NULL;
+	int params_start, params_end, params_len;
+	struct pbkdf2_params kdf_params;
+	struct pbe_enc_params enc_params;
+	schema_id schema;
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.pkcs-7-EncryptedData",
+				 &pkcs7_asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result = asn1_der_decoding(&pkcs7_asn, data->data, data->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* Check the encryption schema OID
+	 */
+	len = sizeof(enc_oid);
+	result =
+	    asn1_read_value(pkcs7_asn,
+			    "encryptedContentInfo.contentEncryptionAlgorithm.algorithm",
+			    enc_oid, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	if ((result = _gnutls_check_pkcs_cipher_schema(enc_oid)) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	schema = result;
+
+	/* Get the DER encoding of the parameters.
+	 */
+	result =
+	    asn1_der_decoding_startEnd(pkcs7_asn, data->data, data->size,
+				       "encryptedContentInfo.contentEncryptionAlgorithm.parameters",
+				       &params_start, &params_end);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+	params_len = params_end - params_start + 1;
+
+	result =
+	    _gnutls_read_pkcs_schema_params(&schema, password,
+					    &data->data[params_start],
+					    params_len, &kdf_params,
+					    &enc_params);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	/* Parameters have been decoded. Now
+	 * decrypt the EncryptedData.
+	 */
+
+	result =
+	    _gnutls_pkcs_raw_decrypt_data(schema, pkcs7_asn,
+					  "encryptedContentInfo.encryptedContent",
+					  password, &kdf_params, &enc_params,
+					  &tmp);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	asn1_delete_structure2(&pkcs7_asn, ASN1_DELETE_FLAG_ZEROIZE);
+
+	*dec = tmp;
+
+	return 0;
+
+ error:
+	asn1_delete_structure(&pasn);
+	asn1_delete_structure2(&pkcs7_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	return result;
+}
+
+int
+_gnutls_pkcs7_data_enc_info(const gnutls_datum_t * data,
+			    const struct pkcs_cipher_schema_st **p,
+			    struct pbkdf2_params *kdf_params, char **oid)
+{
+	int result, len;
+	char enc_oid[MAX_OID_SIZE];
+	asn1_node pasn = NULL, pkcs7_asn = NULL;
+	int params_start, params_end, params_len;
+	struct pbe_enc_params enc_params;
+	schema_id schema;
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.pkcs-7-EncryptedData",
+				 &pkcs7_asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result = asn1_der_decoding(&pkcs7_asn, data->data, data->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* Check the encryption schema OID
+	 */
+	len = sizeof(enc_oid);
+	result =
+	    asn1_read_value(pkcs7_asn,
+			    "encryptedContentInfo.contentEncryptionAlgorithm.algorithm",
+			    enc_oid, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	if (oid) {
+		*oid = gnutls_strdup(enc_oid);
+	}
+
+	if ((result = _gnutls_check_pkcs_cipher_schema(enc_oid)) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	schema = result;
+
+	/* Get the DER encoding of the parameters.
+	 */
+	result =
+	    asn1_der_decoding_startEnd(pkcs7_asn, data->data, data->size,
+				       "encryptedContentInfo.contentEncryptionAlgorithm.parameters",
+				       &params_start, &params_end);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+	params_len = params_end - params_start + 1;
+
+	result =
+	    _gnutls_read_pkcs_schema_params(&schema, NULL,
+					    &data->data[params_start],
+					    params_len, kdf_params,
+					    &enc_params);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	*p = _gnutls_pkcs_schema_get(schema);
+	if (*p == NULL) {
+		gnutls_assert();
+		result = GNUTLS_E_UNKNOWN_CIPHER_TYPE;
+		goto error;
+	}
+
+	asn1_delete_structure2(&pkcs7_asn, ASN1_DELETE_FLAG_ZEROIZE);
+
+	return 0;
+
+ error:
+	asn1_delete_structure(&pasn);
+	asn1_delete_structure2(&pkcs7_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	return result;
+}
+
+/* Encrypts to a PKCS #7 encryptedData. The output is allocated
+ * and stored in enc.
+ */
+int
+_gnutls_pkcs7_encrypt_data(schema_id schema,
+			   const gnutls_datum_t * data,
+			   const char *password, gnutls_datum_t * enc)
+{
+	int result;
+	gnutls_datum_t key = { NULL, 0 };
+	gnutls_datum_t tmp = { NULL, 0 };
+	asn1_node pkcs7_asn = NULL;
+	struct pbkdf2_params kdf_params;
+	struct pbe_enc_params enc_params;
+	const struct pkcs_cipher_schema_st *s;
+
+	s = _gnutls_pkcs_schema_get(schema);
+	if (s == NULL || s->decrypt_only) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.pkcs-7-EncryptedData",
+				 &pkcs7_asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result =
+	    asn1_write_value(pkcs7_asn,
+			     "encryptedContentInfo.contentEncryptionAlgorithm.algorithm",
+			     s->write_oid, 1);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* Generate a symmetric key.
+	 */
+
+	result =
+	    _gnutls_pkcs_generate_key(schema, password, &kdf_params,
+				      &enc_params, &key);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	result = _gnutls_pkcs_write_schema_params(schema, pkcs7_asn,
+						  "encryptedContentInfo.contentEncryptionAlgorithm.parameters",
+						  &kdf_params, &enc_params);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	/* Parameters have been encoded. Now
+	 * encrypt the Data.
+	 */
+	result = _gnutls_pkcs_raw_encrypt_data(data, &enc_params, &key, &tmp);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	/* write the encrypted data.
+	 */
+	result =
+	    asn1_write_value(pkcs7_asn,
+			     "encryptedContentInfo.encryptedContent",
+			     tmp.data, tmp.size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	_gnutls_free_datum(&tmp);
+	_gnutls_free_key_datum(&key);
+
+	/* Now write the rest of the pkcs-7 stuff.
+	 */
+
+	result = _gnutls_x509_write_uint32(pkcs7_asn, "version", 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	result =
+	    asn1_write_value(pkcs7_asn, "encryptedContentInfo.contentType",
+			     DATA_OID, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result = asn1_write_value(pkcs7_asn, "unprotectedAttrs", NULL, 0);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* Now encode and copy the DER stuff.
+	 */
+	result = _gnutls_x509_der_encode(pkcs7_asn, "", enc, 0);
+
+	asn1_delete_structure2(&pkcs7_asn, ASN1_DELETE_FLAG_ZEROIZE);
+
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+ error:
+	_gnutls_free_key_datum(&key);
+	_gnutls_free_datum(&tmp);
+	asn1_delete_structure2(&pkcs7_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	return result;
+}
+
+/* Reads the PBKDF2 parameters.
+ */
+static int
+read_pbkdf2_params(asn1_node pasn,
+		   const gnutls_datum_t * der, struct pbkdf2_params *params)
+{
+	int params_start, params_end;
+	int params_len, len, result;
+	asn1_node pbkdf2_asn = NULL;
+	char oid[MAX_OID_SIZE];
+
+	memset(params, 0, sizeof(*params));
+
+	params->mac = GNUTLS_MAC_SHA1;
+
+	/* Check the key derivation algorithm
+	 */
+	len = sizeof(oid);
+	result =
+	    asn1_read_value(pasn, "keyDerivationFunc.algorithm", oid, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+	_gnutls_hard_log("keyDerivationFunc.algorithm: %s\n", oid);
+
+	if (strcmp(oid, PBKDF2_OID) != 0) {
+		gnutls_assert();
+		_gnutls_debug_log
+		    ("PKCS #8 key derivation OID '%s' is unsupported.\n", oid);
+		return _gnutls_asn2err(result);
+	}
+
+	result =
+	    asn1_der_decoding_startEnd(pasn, der->data, der->size,
+				       "keyDerivationFunc.parameters",
+				       &params_start, &params_end);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+	params_len = params_end - params_start + 1;
+
+	/* Now check the key derivation and the encryption
+	 * functions.
+	 */
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.pkcs-5-PBKDF2-params",
+				 &pbkdf2_asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result =
+	    _asn1_strict_der_decode(&pbkdf2_asn, &der->data[params_start],
+				    params_len, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* read the salt */
+	params->salt_size = sizeof(params->salt);
+	result =
+	    asn1_read_value(pbkdf2_asn, "salt.specified", params->salt,
+			    &params->salt_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+	_gnutls_hard_log("salt.specified.size: %d\n", params->salt_size);
+
+	if (params->salt_size < 0) {
+		result = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+		goto error;
+	}
+
+	/* read the iteration count 
+	 */
+	result =
+	    _gnutls_x509_read_uint(pbkdf2_asn, "iterationCount",
+				   &params->iter_count);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if (params->iter_count >= MAX_ITER_COUNT || params->iter_count == 0) {
+		result = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+		goto error;
+	}
+
+	_gnutls_hard_log("iterationCount: %d\n", params->iter_count);
+
+	/* read the keylength, if it is set.
+	 */
+	result =
+	    _gnutls_x509_read_uint(pbkdf2_asn, "keyLength", &params->key_size);
+	if (result < 0) {
+		params->key_size = 0;
+	}
+
+	if (params->key_size > MAX_CIPHER_KEY_SIZE) {
+		result = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+		goto error;
+	}
+
+	_gnutls_hard_log("keyLength: %d\n", params->key_size);
+
+	len = sizeof(oid);
+	result = asn1_read_value(pbkdf2_asn, "prf.algorithm", oid, &len);
+	if (result != ASN1_SUCCESS) {
+		/* use the default MAC */
+		result = 0;
+		goto error;
+	}
+
+	params->mac = gnutls_oid_to_mac(oid);
+	if (params->mac == GNUTLS_MAC_UNKNOWN) {
+		gnutls_assert();
+		_gnutls_debug_log("Unsupported hash algorithm: %s\n", oid);
+		result = GNUTLS_E_UNKNOWN_HASH_ALGORITHM;
+		goto error;
+	}
+
+	result = 0;
+
+ error:
+	asn1_delete_structure(&pbkdf2_asn);
+	return result;
+
+}
+
+/* Reads the PBE parameters from PKCS-12 schemas (*&#%*&#% RSA).
+ */
+static int read_pkcs12_kdf_params(asn1_node pasn, struct pbkdf2_params *params)
+{
+	int result;
+
+	memset(params, 0, sizeof(*params));
+
+	/* read the salt */
+	params->salt_size = sizeof(params->salt);
+	result =
+	    asn1_read_value(pasn, "salt", params->salt, &params->salt_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (params->salt_size < 0)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+	_gnutls_hard_log("salt.size: %d\n", params->salt_size);
+
+	/* read the iteration count 
+	 */
+	result =
+	    _gnutls_x509_read_uint(pasn, "iterations", &params->iter_count);
+	if (result < 0)
+		return gnutls_assert_val(result);
+
+	if (params->iter_count >= MAX_ITER_COUNT || params->iter_count == 0)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+	_gnutls_hard_log("iterationCount: %d\n", params->iter_count);
+
+	params->key_size = 0;
+
+	return 0;
+}
+
+/* Writes the PBE parameters for PKCS-12 schemas.
+ */
+static int
+write_pkcs12_kdf_params(asn1_node pasn, const struct pbkdf2_params *kdf_params)
+{
+	int result;
+
+	/* write the salt 
+	 */
+	result =
+	    asn1_write_value(pasn, "salt",
+			     kdf_params->salt, kdf_params->salt_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+	_gnutls_hard_log("salt.size: %d\n", kdf_params->salt_size);
+
+	/* write the iteration count 
+	 */
+	result =
+	    _gnutls_x509_write_uint32(pasn, "iterations",
+				      kdf_params->iter_count);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	_gnutls_hard_log("iterationCount: %d\n", kdf_params->iter_count);
+
+	return 0;
+
+ error:
+	return result;
+
+}
+
+static int
+read_pbes2_gost_oid(uint8_t *der, size_t len, char *oid, int oid_size)
+{
+	int result;
+	asn1_node pbe_asn = NULL;
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.Gost28147-89-Parameters", &pbe_asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result =
+	    _asn1_strict_der_decode(&pbe_asn, der, len, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result = asn1_read_value(pbe_asn, "encryptionParamSet",
+				 oid, &oid_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result = 0;
+
+ error:
+	asn1_delete_structure(&pbe_asn);
+	return result;
+}
+
+static int
+read_pbes2_enc_params(asn1_node pasn,
+		      const gnutls_datum_t * der, struct pbe_enc_params *params)
+{
+	int params_start, params_end;
+	int params_len, len, result;
+	asn1_node pbe_asn = NULL;
+	const struct pkcs_cipher_schema_st *p;
+
+	memset(params, 0, sizeof(*params));
+
+	/* Check the encryption algorithm
+	 */
+	len = sizeof(params->pbes2_oid);
+	result = asn1_read_value(pasn, "encryptionScheme.algorithm", params->pbes2_oid, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+	_gnutls_hard_log("encryptionScheme.algorithm: %s\n", params->pbes2_oid);
+
+	result =
+	    asn1_der_decoding_startEnd(pasn, der->data, der->size,
+				       "encryptionScheme.parameters",
+				       &params_start, &params_end);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+	params_len = params_end - params_start + 1;
+
+	/* For GOST we have to read params to determine actual cipher */
+	if (!strcmp(params->pbes2_oid, GOST28147_89_OID)) {
+		len = sizeof(params->pbes2_oid);
+		result = read_pbes2_gost_oid(&der->data[params_start],
+					     params_len, params->pbes2_oid, len);
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	if ((result = pbes2_cipher_oid_to_algo(params->pbes2_oid, &params->cipher)) < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	/* Now check the encryption parameters.
+	 */
+	p = algo_to_pbes2_cipher_schema(params->cipher);
+	if (p == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 p->desc, &pbe_asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result =
+	    _asn1_strict_der_decode(&pbe_asn, &der->data[params_start],
+				    params_len, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* read the IV */
+	params->iv_size = sizeof(params->iv);
+	result = asn1_read_value(pbe_asn,
+			p->iv_name,
+			params->iv, &params->iv_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+	_gnutls_hard_log("IV.size: %d\n", params->iv_size);
+
+	result = 0;
+
+ error:
+	asn1_delete_structure(&pbe_asn);
+	return result;
+}
+
+/* Read the parameters cipher, IV, salt etc using the given
+ * schema ID. Initially the schema ID should have PBES2_GENERIC, for
+ * PBES2 schemas, and will be updated by this function for details.
+ */
+int
+_gnutls_read_pkcs_schema_params(schema_id * schema, const char *password,
+				const uint8_t * data, int data_size,
+				struct pbkdf2_params *kdf_params,
+				struct pbe_enc_params *enc_params)
+{
+	asn1_node pasn = NULL;
+	int result;
+	gnutls_datum_t tmp;
+	const struct pkcs_cipher_schema_st *p;
+
+	if (*schema == PBES2_GENERIC) {
+		/* Now check the key derivation and the encryption
+		 * functions.
+		 */
+		if ((result =
+		     asn1_create_element(_gnutls_get_pkix(),
+					 "PKIX1.pkcs-5-PBES2-params",
+					 &pasn)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto error;
+		}
+
+		/* Decode the parameters.
+		 */
+		result = _asn1_strict_der_decode(&pasn, data, data_size, NULL);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto error;
+		}
+
+		tmp.data = (uint8_t *) data;
+		tmp.size = data_size;
+
+		result = read_pbkdf2_params(pasn, &tmp, kdf_params);
+		if (result < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		result = read_pbes2_enc_params(pasn, &tmp, enc_params);
+		if (result < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		asn1_delete_structure2(&pasn, ASN1_DELETE_FLAG_ZEROIZE);
+
+		p = algo_to_pbes2_cipher_schema(enc_params->cipher);
+		if (p == NULL) {
+			result = GNUTLS_E_INVALID_REQUEST;
+			gnutls_assert();
+			goto error;
+		}
+
+		*schema = p->schema;
+		return 0;
+	} else if (*schema == PBES1_DES_MD5) {
+		return _gnutls_read_pbkdf1_params(data, data_size, kdf_params,
+						  enc_params);
+	} else {		/* PKCS #12 schema */
+		memset(enc_params, 0, sizeof(*enc_params));
+
+		p = _gnutls_pkcs_schema_get(*schema);
+		if (p == NULL) {
+			gnutls_assert();
+			result = GNUTLS_E_UNKNOWN_CIPHER_TYPE;
+			goto error;
+		}
+		enc_params->cipher = p->cipher;
+		enc_params->iv_size = gnutls_cipher_get_iv_size(p->cipher);
+
+		if ((result =
+		     asn1_create_element(_gnutls_get_pkix(),
+					 "PKIX1.pkcs-12-PbeParams",
+					 &pasn)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto error;
+		}
+
+		/* Decode the parameters.
+		 */
+		result = _asn1_strict_der_decode(&pasn, data, data_size, NULL);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto error;
+		}
+
+		result = read_pkcs12_kdf_params(pasn, kdf_params);
+		if (result < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		if (enc_params->iv_size) {
+			result =
+			    _gnutls_pkcs12_string_to_key(mac_to_entry
+							 (GNUTLS_MAC_SHA1),
+							 2 /*IV*/,
+							 kdf_params->salt,
+							 kdf_params->salt_size,
+							 kdf_params->iter_count,
+							 password,
+							 enc_params->iv_size,
+							 enc_params->iv);
+			if (result < 0) {
+				gnutls_assert();
+				goto error;
+			}
+
+		}
+
+		asn1_delete_structure(&pasn);
+
+		return 0;
+	}			/* switch */
+
+ error:
+	asn1_delete_structure(&pasn);
+	return result;
+}
+
+static int
+_gnutls_pbes2_string_to_key(unsigned int pass_len, const char *password,
+			    const struct pbkdf2_params *kdf_params,
+			    int key_size, uint8_t *key)
+{
+	gnutls_datum_t _key;
+	gnutls_datum_t salt;
+
+	_key.data = (void *)password;
+	_key.size = pass_len;
+	salt.data = (void *)kdf_params->salt;
+	salt.size = kdf_params->salt_size;
+
+	return gnutls_pbkdf2(kdf_params->mac, &_key, &salt,
+			     kdf_params->iter_count, key, key_size);
+}
+
+int
+_gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
+			      const char *root, const char *_password,
+			      const struct pbkdf2_params *kdf_params,
+			      const struct pbe_enc_params *enc_params,
+			      gnutls_datum_t * decrypted_data)
+{
+	gnutls_datum_t enc = { NULL, 0 };
+	uint8_t *key = NULL;
+	gnutls_datum_t dkey, d_iv;
+	gnutls_cipher_hd_t ch = NULL;
+	int key_size, ret;
+	unsigned int pass_len = 0;
+	const struct pkcs_cipher_schema_st *p;
+	unsigned block_size;
+	const cipher_entry_st *ce;
+	char *password;
+
+	if (_password) {
+		gnutls_datum_t pout;
+		ret = _gnutls_utf8_password_normalize(_password, strlen(_password), &pout, 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		password = (char*)pout.data;
+		pass_len = pout.size;
+	} else {
+		password = NULL;
+		pass_len = 0;
+	}
+
+	ret = _gnutls_x509_read_value(pkcs8_asn, root, &enc);
+	if (ret < 0) {
+		gnutls_assert();
+		enc.data = NULL;
+		goto cleanup;
+	}
+
+	if (schema == PBES1_DES_MD5) {
+		ret = _gnutls_decrypt_pbes1_des_md5_data(password, pass_len,
+							  kdf_params,
+							  enc_params, &enc,
+							  decrypted_data);
+		if (ret < 0)
+			goto error;
+		goto cleanup;
+	}
+
+	if (kdf_params->key_size == 0) {
+		key_size = gnutls_cipher_get_key_size(enc_params->cipher);
+	} else
+		key_size = kdf_params->key_size;
+
+	key = gnutls_malloc(key_size);
+	if (key == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto error;
+	}
+
+	/* generate the key
+	 */
+	p = _gnutls_pkcs_schema_get(schema);
+	if (p != NULL && p->pbes2 != 0) {	/* PBES2 */
+		ret = _gnutls_pbes2_string_to_key(pass_len, password,
+						     kdf_params,
+						     key_size, key);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	} else if (p != NULL) {	/* PKCS 12 schema */
+		ret =
+		    _gnutls_pkcs12_string_to_key(mac_to_entry(GNUTLS_MAC_SHA1),
+						 1 /*KEY*/,
+						 kdf_params->salt,
+						 kdf_params->salt_size,
+						 kdf_params->iter_count,
+						 password, key_size, key);
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	} else {
+		gnutls_assert();
+		ret = GNUTLS_E_UNKNOWN_CIPHER_TYPE;
+		goto error;
+	}
+
+	ce = cipher_to_entry(enc_params->cipher);
+	block_size = _gnutls_cipher_get_block_size(ce);
+
+	if (ce->type == CIPHER_BLOCK) {
+		if (enc.size % block_size != 0 || (unsigned)enc_params->iv_size != block_size) {
+			gnutls_assert();
+			ret = GNUTLS_E_DECRYPTION_FAILED;
+			goto error;
+		}
+	} else {
+		unsigned iv_size = _gnutls_cipher_get_iv_size(ce);
+		if (iv_size > (unsigned)enc_params->iv_size) {
+			gnutls_assert();
+			ret = GNUTLS_E_DECRYPTION_FAILED;
+			goto error;
+		}
+	}
+
+	/* do the decryption.
+	 */
+	dkey.data = key;
+	dkey.size = key_size;
+
+	d_iv.data = (uint8_t *) enc_params->iv;
+	d_iv.size = enc_params->iv_size;
+
+	ret = gnutls_cipher_init(&ch, ce->id, &dkey, &d_iv);
+
+	zeroize_temp_key(key, key_size);
+	gnutls_free(key);
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = gnutls_cipher_decrypt(ch, enc.data, enc.size);
+	if (ret < 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_DECRYPTION_FAILED;
+		goto error;
+	}
+
+	decrypted_data->data = enc.data;
+
+	if (ce->type == CIPHER_BLOCK && block_size != 1) {
+		unsigned pslen = (uint8_t)enc.data[enc.size - 1];
+		unsigned i;
+
+		if (pslen > block_size || pslen >= enc.size  || pslen == 0) {
+			gnutls_assert();
+			ret = GNUTLS_E_DECRYPTION_FAILED;
+			goto error;
+		}
+
+		/* verify padding according to rfc2898 */
+		decrypted_data->size = enc.size - pslen;
+		for (i=0;i<pslen;i++) {
+			if (enc.data[enc.size-1-i] != pslen) {
+				gnutls_assert();
+				ret = GNUTLS_E_DECRYPTION_FAILED;
+				goto error;
+			}
+		}
+	} else {
+		decrypted_data->size = enc.size;
+	}
+
+	gnutls_cipher_deinit(ch);
+
+	ret = 0;
+
+ cleanup:
+	if (password) {
+		zeroize_temp_key(password, pass_len);
+		gnutls_free(password);
+	}
+
+	return ret;
+
+ error:
+	if (password) {
+		zeroize_temp_key(password, pass_len);
+		gnutls_free(password);
+	}
+	if (enc.data) {
+		zeroize_temp_key(enc.data, enc.size);
+		gnutls_free(enc.data);
+	}
+	if (key) {
+		zeroize_temp_key(key, key_size);
+		gnutls_free(key);
+	}
+	if (ch) {
+		gnutls_cipher_deinit(ch);
+	}
+	return ret;
+}
+
+/* Writes the PBKDF2 parameters.
+ */
+static int
+write_pbkdf2_params(asn1_node pasn, const struct pbkdf2_params *kdf_params)
+{
+	int result;
+	asn1_node pbkdf2_asn = NULL;
+	uint8_t tmp[MAX_OID_SIZE];
+	const mac_entry_st *me;
+
+	/* Write the key derivation algorithm
+	 */
+	result =
+	    asn1_write_value(pasn, "keyDerivationFunc.algorithm",
+			     PBKDF2_OID, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* Now write the key derivation and the encryption
+	 * functions.
+	 */
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.pkcs-5-PBKDF2-params",
+				 &pbkdf2_asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = asn1_write_value(pbkdf2_asn, "salt", "specified", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* write the salt 
+	 */
+	result =
+	    asn1_write_value(pbkdf2_asn, "salt.specified",
+			     kdf_params->salt, kdf_params->salt_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+	_gnutls_hard_log("salt.specified.size: %d\n", kdf_params->salt_size);
+
+	/* write the iteration count 
+	 */
+	_gnutls_write_uint32(kdf_params->iter_count, tmp);
+
+	result = asn1_write_value(pbkdf2_asn, "iterationCount", tmp, 4);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+	_gnutls_hard_log("iterationCount: %d\n", kdf_params->iter_count);
+
+	/* write the keylength, if it is set.
+	 */
+	result = asn1_write_value(pbkdf2_asn, "keyLength", NULL, 0);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	me = _gnutls_mac_to_entry(kdf_params->mac);
+	if (!me || !me->mac_oid) {
+		gnutls_assert();
+		result = GNUTLS_E_INTERNAL_ERROR;
+		goto error;
+	}
+
+	result = asn1_write_value(pbkdf2_asn, "prf.algorithm",
+				  me->mac_oid, strlen(me->mac_oid));
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result = asn1_write_value(pbkdf2_asn, "prf.parameters", NULL, 0);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* now encode them an put the DER output
+	 * in the keyDerivationFunc.parameters
+	 */
+	result = _gnutls_x509_der_encode_and_copy(pbkdf2_asn, "",
+						  pasn,
+						  "keyDerivationFunc.parameters",
+						  0);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	result = 0;
+
+ error:
+	asn1_delete_structure(&pbkdf2_asn);
+	return result;
+
+}
+
+static int
+write_pbes2_enc_params(asn1_node pasn, const struct pbe_enc_params *params)
+{
+	int result;
+	asn1_node pbe_asn = NULL;
+	const struct pkcs_cipher_schema_st *p;
+	const char *cipher_oid;
+
+	/* Write the encryption algorithm
+	 */
+	p = algo_to_pbes2_cipher_schema(params->cipher);
+	if (p == NULL || p->pbes2 == 0) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Now check the encryption parameters.
+	 */
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 p->desc, &pbe_asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (p->schema == PBES2_GOST28147_89_TC26Z ||
+	    p->schema == PBES2_GOST28147_89_CPA ||
+	    p->schema == PBES2_GOST28147_89_CPB ||
+	    p->schema == PBES2_GOST28147_89_CPC ||
+	    p->schema == PBES2_GOST28147_89_CPD) {
+		cipher_oid = GOST28147_89_OID;
+		result = asn1_write_value(pbe_asn, "encryptionParamSet",
+					  p->cipher_oid, 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto error;
+		}
+	} else {
+		cipher_oid = p->cipher_oid;
+	}
+
+	result =
+	    asn1_write_value(pasn, "encryptionScheme.algorithm",
+			     cipher_oid,
+			     1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		goto error;
+	}
+	_gnutls_hard_log("encryptionScheme.algorithm: %s\n", cipher_oid);
+
+	/* read the salt */
+	result = asn1_write_value(pbe_asn, p->iv_name,
+				  params->iv, params->iv_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+	_gnutls_hard_log("IV.size: %d\n", params->iv_size);
+
+	/* now encode them an put the DER output
+	 * in the encryptionScheme.parameters
+	 */
+	result = _gnutls_x509_der_encode_and_copy(pbe_asn, "",
+						  pasn,
+						  "encryptionScheme.parameters",
+						  0);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	result = 0;
+
+ error:
+	asn1_delete_structure(&pbe_asn);
+	return result;
+
+}
+
+/* Generates a key and also stores the key parameters.
+ */
+int
+_gnutls_pkcs_generate_key(schema_id schema,
+			  const char *_password,
+			  struct pbkdf2_params *kdf_params,
+			  struct pbe_enc_params *enc_params,
+			  gnutls_datum_t * key)
+{
+	unsigned char rnd[2];
+	unsigned int pass_len = 0;
+	int ret;
+	const struct pkcs_cipher_schema_st *p;
+	char *password = NULL;
+
+	if (_password) {
+		gnutls_datum_t pout;
+		ret = _gnutls_utf8_password_normalize(_password, strlen(_password), &pout, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		password = (char*)pout.data;
+		pass_len = pout.size;
+	} else {
+		password = NULL;
+		pass_len = 0;
+	}
+
+	ret = gnutls_rnd(GNUTLS_RND_RANDOM, rnd, 2);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* generate salt */
+	kdf_params->salt_size =
+	    MIN(sizeof(kdf_params->salt), (unsigned)(12 + (rnd[1] % 10)));
+
+	p = _gnutls_pkcs_schema_get(schema);
+	if (p != NULL && p->pbes2 != 0) {	/* PBES2 */
+		enc_params->cipher = p->cipher;
+	} else if (p != NULL) {
+		/* non PBES2 algorithms */
+		enc_params->cipher = p->cipher;
+		kdf_params->salt_size = 8;
+	} else {
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	ret = gnutls_rnd(GNUTLS_RND_RANDOM, kdf_params->salt,
+			  kdf_params->salt_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	kdf_params->iter_count = PKCS12_ITER_COUNT;
+	key->size = kdf_params->key_size =
+	    gnutls_cipher_get_key_size(enc_params->cipher);
+
+	enc_params->iv_size = gnutls_cipher_get_iv_size(enc_params->cipher);
+	key->data = gnutls_malloc(key->size);
+	if (key->data == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	/* now generate the key. 
+	 */
+
+	if (p->pbes2 != 0) {
+		if (p->schema == PBES2_GOST28147_89_TC26Z)
+			kdf_params->mac = GNUTLS_MAC_STREEBOG_512;
+		else if (p->schema == PBES2_GOST28147_89_CPA ||
+			 p->schema == PBES2_GOST28147_89_CPB ||
+			 p->schema == PBES2_GOST28147_89_CPC ||
+			 p->schema == PBES2_GOST28147_89_CPD)
+			kdf_params->mac = GNUTLS_MAC_GOSTR_94;
+		else
+			kdf_params->mac = GNUTLS_MAC_SHA256;
+		ret = _gnutls_pbes2_string_to_key(pass_len, password,
+						  kdf_params,
+						  kdf_params->key_size,
+						  key->data);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		if (enc_params->iv_size) {
+			ret = gnutls_rnd(GNUTLS_RND_NONCE,
+					  enc_params->iv, enc_params->iv_size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+		}
+	} else {		/* PKCS 12 schema */
+		ret =
+		    _gnutls_pkcs12_string_to_key(mac_to_entry(GNUTLS_MAC_SHA1),
+						 1 /*KEY*/,
+						 kdf_params->salt,
+						 kdf_params->salt_size,
+						 kdf_params->iter_count,
+						 password,
+						 kdf_params->key_size,
+						 key->data);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		/* Now generate the IV
+		 */
+		if (enc_params->iv_size) {
+			ret =
+			    _gnutls_pkcs12_string_to_key(mac_to_entry
+							 (GNUTLS_MAC_SHA1),
+							 2 /*IV*/,
+							 kdf_params->salt,
+							 kdf_params->salt_size,
+							 kdf_params->iter_count,
+							 password,
+							 enc_params->iv_size,
+							 enc_params->iv);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+		}
+	}
+
+	ret = 0;
+
+ cleanup:
+	gnutls_free(password);
+	return ret;
+}
+
+/* Encodes the parameters to be written in the encryptionAlgorithm.parameters
+ * part.
+ */
+int
+_gnutls_pkcs_write_schema_params(schema_id schema, asn1_node pkcs8_asn,
+				 const char *where,
+				 const struct pbkdf2_params *kdf_params,
+				 const struct pbe_enc_params *enc_params)
+{
+	int result;
+	asn1_node pasn = NULL;
+	const struct pkcs_cipher_schema_st *p;
+
+	p = _gnutls_pkcs_schema_get(schema);
+
+	if (p != NULL && p->pbes2 != 0) {	/* PBES2 */
+		if ((result =
+		     asn1_create_element(_gnutls_get_pkix(),
+					 "PKIX1.pkcs-5-PBES2-params",
+					 &pasn)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+		result = write_pbkdf2_params(pasn, kdf_params);
+		if (result < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		result = write_pbes2_enc_params(pasn, enc_params);
+		if (result < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		result = _gnutls_x509_der_encode_and_copy(pasn, "",
+							  pkcs8_asn, where, 0);
+		if (result < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		asn1_delete_structure(&pasn);
+
+	} else if (p != NULL) {	/* PKCS #12 */
+
+		if ((result =
+		     asn1_create_element(_gnutls_get_pkix(),
+					 "PKIX1.pkcs-12-PbeParams",
+					 &pasn)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto error;
+		}
+
+		result = write_pkcs12_kdf_params(pasn, kdf_params);
+		if (result < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		result = _gnutls_x509_der_encode_and_copy(pasn, "",
+							  pkcs8_asn, where, 0);
+		if (result < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		asn1_delete_structure(&pasn);
+	}
+
+	return 0;
+
+ error:
+	asn1_delete_structure(&pasn);
+	return result;
+
+}
+
+int
+_gnutls_pkcs_raw_encrypt_data(const gnutls_datum_t * plain,
+			      const struct pbe_enc_params *enc_params,
+			      const gnutls_datum_t * key, gnutls_datum_t * encrypted)
+{
+	int result;
+	int data_size;
+	uint8_t *data = NULL;
+	gnutls_datum_t d_iv;
+	gnutls_cipher_hd_t ch = NULL;
+	uint8_t pad, pad_size;
+	const cipher_entry_st *ce;
+
+	ce = cipher_to_entry(enc_params->cipher);
+	pad_size = _gnutls_cipher_get_block_size(ce);
+
+	if (pad_size == 1 || ce->type == CIPHER_STREAM)	/* stream */
+		pad_size = 0;
+
+	data = gnutls_malloc(plain->size + pad_size);
+	if (data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	memcpy(data, plain->data, plain->size);
+
+	if (pad_size > 0) {
+		pad = pad_size - (plain->size % pad_size);
+		if (pad == 0)
+			pad = pad_size;
+		memset(&data[plain->size], pad, pad);
+	} else
+		pad = 0;
+
+	data_size = plain->size + pad;
+
+	d_iv.data = (uint8_t *) enc_params->iv;
+	d_iv.size = enc_params->iv_size;
+	result = gnutls_cipher_init(&ch, enc_params->cipher, key, &d_iv);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	result = gnutls_cipher_encrypt(ch, data, data_size);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	encrypted->data = data;
+	encrypted->size = data_size;
+
+	gnutls_cipher_deinit(ch);
+
+	return 0;
+
+ error:
+	gnutls_free(data);
+	if (ch) {
+		gnutls_cipher_deinit(ch);
+	}
+	return result;
+}
diff --git a/lib/x509/pkcs7-output.c b/lib/x509/pkcs7-output.c
new file mode 100644
index 0000000..3d686df
--- /dev/null
+++ b/lib/x509/pkcs7-output.c
@@ -0,0 +1,333 @@
+/*
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <common.h>
+#include <x509.h>
+#include <x509_int.h>
+#include <num.h>
+#include "errors.h"
+#include <extras/randomart.h>
+#include <pkcs7_int.h>
+
+#define addf _gnutls_buffer_append_printf
+#define adds _gnutls_buffer_append_str
+
+static void print_dn(gnutls_buffer_st * str, const char *prefix,
+		     const gnutls_datum_t * raw)
+{
+	gnutls_x509_dn_t dn = NULL;
+	gnutls_datum_t output = { NULL, 0 };
+	int ret;
+
+	ret = gnutls_x509_dn_init(&dn);
+	if (ret < 0) {
+		addf(str, "%s: [error]\n", prefix);
+		return;
+	}
+
+	ret = gnutls_x509_dn_import(dn, raw);
+	if (ret < 0) {
+		addf(str, "%s: [error]\n", prefix);
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_dn_get_str2(dn, &output, 0);
+	if (ret < 0) {
+		addf(str, "%s: [error]\n", prefix);
+		goto cleanup;
+	}
+
+	addf(str, "%s: %s\n", prefix, output.data);
+
+ cleanup:
+	gnutls_x509_dn_deinit(dn);
+	gnutls_free(output.data);
+}
+
+/* Do not encode ASN1 and type for now */
+#define ENTRY(oid, name, type) {oid, sizeof(oid)-1, name, sizeof(name)-1, NULL, type}
+#define ENTRY2(oid, name) {oid, sizeof(oid)-1, name, sizeof(name)-1, NULL, ASN1_ETYPE_INVALID}
+
+static const struct oid_to_string pkcs7_attrs[] = {
+	ENTRY ("1.2.840.113549.1.9.3", "contentType", ASN1_ETYPE_OBJECT_ID),
+	ENTRY ("1.2.840.113549.1.9.4", "messageDigest", ASN1_ETYPE_OCTET_STRING),
+	ENTRY ("1.2.840.113549.1.9.5", "signingTime", ASN1_ETYPE_INVALID),
+	ENTRY2("1.2.840.113549.1.9.6", "countersignature"),
+	ENTRY2("1.2.840.113549.1.9.15", "smimeCapabilities"),
+
+	ENTRY2("1.2.840.113549.1.9.16.2.1", "aa-receiptRequest"),
+	ENTRY2("1.2.840.113549.1.9.16.2.2", "aa-securityLabel"),
+	ENTRY2("1.2.840.113549.1.9.16.2.3", "aa-mlExpandHistory"),
+	ENTRY2("1.2.840.113549.1.9.16.2.4", "aa-contentHint"),
+	ENTRY2("1.2.840.113549.1.9.16.2.9", "aa-equivalentLabels"),
+	ENTRY2("1.2.840.113549.1.9.16.2.10", "aa-contentReference"),
+	ENTRY2("1.2.840.113549.1.9.16.2.11", "aa-encrypKeyPref"),
+	ENTRY2("1.2.840.113549.1.9.16.2.12", "aa-signingCertificate"),
+	ENTRY2("1.2.840.113549.1.9.16.2.19", "aa-ets-otherSigCert"),
+	ENTRY2("1.2.840.113549.1.9.16.2.47", "aa-signingCertificateV2"),
+
+	{NULL, 0, NULL, 0, NULL, 0}
+};
+
+static void print_raw(gnutls_buffer_st * str, const char *prefix,
+		      const gnutls_datum_t * raw)
+{
+	gnutls_datum_t result;
+	int ret;
+
+	if (raw->data == NULL || raw->size == 0)
+		return;
+
+	ret = gnutls_hex_encode2(raw, &result);
+	if (ret < 0) {
+		addf(str, "%s: [error]\n", prefix);
+		return;
+	}
+
+	addf(str, "%s: %s\n", prefix, result.data);
+	gnutls_free(result.data);
+}
+
+static void print_pkcs7_info(gnutls_pkcs7_signature_info_st * info,
+			     gnutls_buffer_st * str,
+			     gnutls_certificate_print_formats_t format)
+{
+	unsigned i;
+	char *oid;
+	gnutls_datum_t data;
+	char prefix[128];
+	char s[42];
+	size_t max;
+	int ret;
+	const struct oid_to_string * entry;
+
+	if (info->issuer_dn.size > 0)
+		print_dn(str, "\tSigner's issuer DN", &info->issuer_dn);
+	print_raw(str, "\tSigner's serial", &info->signer_serial);
+	print_raw(str, "\tSigner's issuer key ID", &info->issuer_keyid);
+	if (info->signing_time != -1) {
+		struct tm t;
+		if (gmtime_r(&info->signing_time, &t) == NULL) {
+			addf(str, "error: gmtime_r (%ld)\n",
+			     (unsigned long)info->signing_time);
+		} else {
+			max = sizeof(s);
+			if (strftime(s, max, "%a %b %d %H:%M:%S UTC %Y", &t) ==
+			    0) {
+				addf(str, "error: strftime (%ld)\n",
+				     (unsigned long)info->signing_time);
+			} else {
+				addf(str, "\tSigning time: %s\n", s);
+			}
+		}
+	}
+
+	addf(str, "\tSignature Algorithm: %s\n",
+	     gnutls_sign_get_name(info->algo));
+
+	if (format == GNUTLS_CRT_PRINT_FULL) {
+		if (info->signed_attrs) {
+			for (i = 0;; i++) {
+				ret =
+				    gnutls_pkcs7_get_attr(info->signed_attrs, i,
+							  &oid, &data, 0);
+				if (ret < 0)
+					break;
+				if (i == 0)
+					addf(str, "\tSigned Attributes:\n");
+
+				entry = _gnutls_oid_get_entry(pkcs7_attrs, oid);
+				snprintf(prefix, sizeof(prefix), "\t\t%s",
+						(entry && entry->name_desc) ? entry->name_desc : oid);
+				print_raw(str, prefix, &data);
+				gnutls_free(data.data);
+			}
+		}
+		if (info->unsigned_attrs) {
+			for (i = 0;; i++) {
+				ret =
+				    gnutls_pkcs7_get_attr(info->unsigned_attrs,
+							  i, &oid, &data, 0);
+				if (ret < 0)
+					break;
+				if (i == 0)
+					addf(str, "\tUnsigned Attributes:\n");
+
+				entry = _gnutls_oid_get_entry(pkcs7_attrs, oid);
+				snprintf(prefix, sizeof(prefix), "\t\t%s",
+						(entry && entry->name_desc) ? entry->name_desc : oid);
+				print_raw(str, prefix, &data);
+				gnutls_free(data.data);
+			}
+		}
+	}
+	adds(str, "\n");
+}
+
+/**
+ * gnutls_pkcs7_print_signature_info:
+ * @info: The PKCS7 signature info struct to be printed
+ * @format: Indicate the format to use
+ * @out: Newly allocated datum with null terminated string.
+ *
+ * This function will pretty print a PKCS #7 signature info structure, suitable
+ * for display to a human.
+ *
+ * Currently the supported formats are %GNUTLS_CRT_PRINT_FULL and
+ * %GNUTLS_CRT_PRINT_COMPACT.
+ *
+ * The output @out needs to be deallocated using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.14
+ **/
+int gnutls_pkcs7_print_signature_info(gnutls_pkcs7_signature_info_st * info,
+				      gnutls_certificate_print_formats_t format,
+				      gnutls_datum_t * out)
+{
+	gnutls_buffer_st str;
+
+	_gnutls_buffer_init(&str);
+	print_pkcs7_info(info, &str, format);
+
+	return _gnutls_buffer_to_datum(&str, out, 1);
+}
+
+/**
+ * gnutls_pkcs7_crt_print:
+ * @pkcs7: The PKCS7 struct to be printed
+ * @format: Indicate the format to use
+ * @out: Newly allocated datum with null terminated string.
+ *
+ * This function will pretty print a signed PKCS #7 structure, suitable for
+ * display to a human.
+ *
+ * Currently the supported formats are %GNUTLS_CRT_PRINT_FULL and
+ * %GNUTLS_CRT_PRINT_COMPACT.
+ *
+ * The output @out needs to be deallocated using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs7_print(gnutls_pkcs7_t pkcs7,
+		       gnutls_certificate_print_formats_t format,
+		       gnutls_datum_t * out)
+{
+	int count, ret, i;
+	gnutls_pkcs7_signature_info_st info;
+	gnutls_buffer_st str;
+	const char *oid;
+
+	_gnutls_buffer_init(&str);
+
+	/* For backwards compatibility with structures using the default OID,
+	 * we don't print the eContent Type explicitly */
+	oid = gnutls_pkcs7_get_embedded_data_oid(pkcs7);
+	if (oid) {
+		if (strcmp(oid, DATA_OID) != 0
+		    && strcmp(oid, DIGESTED_DATA_OID) != 0) {
+			addf(&str, "eContent Type: %s\n", oid);
+		}
+	}
+
+	for (i = 0;; i++) {
+		if (i == 0)
+			addf(&str, "Signers:\n");
+
+		ret = gnutls_pkcs7_get_signature_info(pkcs7, i, &info);
+		if (ret < 0)
+			break;
+
+		print_pkcs7_info(&info, &str, format);
+		gnutls_pkcs7_signature_info_deinit(&info);
+	}
+
+	if (format == GNUTLS_CRT_PRINT_FULL) {
+		gnutls_datum_t data, b64;
+
+		count = gnutls_pkcs7_get_crt_count(pkcs7);
+
+		if (count > 0) {
+			addf(&str, "Number of certificates: %u\n\n",
+			     count);
+
+			for (i = 0; i < count; i++) {
+				ret =
+				    gnutls_pkcs7_get_crt_raw2(pkcs7, i, &data);
+				if (ret < 0) {
+					addf(&str,
+					     "Error: cannot print certificate %d\n",
+					     i);
+					continue;
+				}
+
+				ret =
+				    gnutls_pem_base64_encode_alloc
+				    ("CERTIFICATE", &data, &b64);
+				if (ret < 0) {
+					gnutls_free(data.data);
+					continue;
+				}
+
+				adds(&str, (char*)b64.data);
+				adds(&str, "\n");
+				gnutls_free(b64.data);
+				gnutls_free(data.data);
+			}
+		}
+
+		count = gnutls_pkcs7_get_crl_count(pkcs7);
+		if (count > 0) {
+			addf(&str, "Number of CRLs: %u\n\n", count);
+
+			for (i = 0; i < count; i++) {
+				ret =
+				    gnutls_pkcs7_get_crl_raw2(pkcs7, i, &data);
+				if (ret < 0) {
+					addf(&str,
+					     "Error: cannot print certificate %d\n",
+					     i);
+					continue;
+				}
+
+				ret =
+				    gnutls_pem_base64_encode_alloc("X509 CRL",
+								   &data, &b64);
+				if (ret < 0) {
+					gnutls_free(data.data);
+					continue;
+				}
+
+				adds(&str, (char*)b64.data);
+				adds(&str, "\n");
+				gnutls_free(b64.data);
+				gnutls_free(data.data);
+			}
+		}
+	}
+
+	return _gnutls_buffer_to_datum(&str, out, 1);
+}
diff --git a/lib/x509/pkcs7.c b/lib/x509/pkcs7.c
new file mode 100644
index 0000000..ff8cab0
--- /dev/null
+++ b/lib/x509/pkcs7.c
@@ -0,0 +1,2564 @@
+/*
+ * Copyright (C) 2003-2015 Free Software Foundation, Inc.
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that relate on PKCS7 certificate lists parsing.
+ */
+
+#include "gnutls_int.h"
+#include <libtasn1.h>
+
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <x509_b64.h>
+#include <pkcs7_int.h>
+#include <gnutls/abstract.h>
+#include <gnutls/pkcs7.h>
+
+#define ATTR_MESSAGE_DIGEST "1.2.840.113549.1.9.4"
+#define ATTR_SIGNING_TIME "1.2.840.113549.1.9.5"
+#define ATTR_CONTENT_TYPE "1.2.840.113549.1.9.3"
+
+static const uint8_t one = 1;
+
+/* Decodes the PKCS #7 signed data, and returns an asn1_node,
+ * which holds them. If raw is non null then the raw decoded
+ * data are copied (they are locally allocated) there.
+ */
+static int _decode_pkcs7_signed_data(gnutls_pkcs7_t pkcs7)
+{
+	asn1_node c2;
+	int len, result;
+	gnutls_datum_t tmp = {NULL, 0};
+
+	len = MAX_OID_SIZE - 1;
+	result = asn1_read_value(pkcs7->pkcs7, "contentType", pkcs7->encap_data_oid, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (strcmp(pkcs7->encap_data_oid, SIGNED_DATA_OID) != 0) {
+		gnutls_assert();
+		_gnutls_debug_log("Unknown PKCS7 Content OID '%s'\n", pkcs7->encap_data_oid);
+		return GNUTLS_E_UNKNOWN_PKCS_CONTENT_TYPE;
+	}
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.pkcs-7-SignedData",
+	      &c2)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* the Signed-data has been created, so
+	 * decode them.
+	 */
+	result = _gnutls_x509_read_value(pkcs7->pkcs7, "content", &tmp);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Step 1. In case of a signed structure extract certificate set.
+	 */
+
+	result = asn1_der_decoding(&c2, tmp.data, tmp.size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	/* read the encapsulated content */
+	len = MAX_OID_SIZE - 1;
+	result =
+	    asn1_read_value(c2, "encapContentInfo.eContentType", pkcs7->encap_data_oid, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (strcmp(pkcs7->encap_data_oid, DATA_OID) != 0
+	    && strcmp(pkcs7->encap_data_oid, DIGESTED_DATA_OID) != 0) {
+		_gnutls_debug_log
+		    ("Unknown PKCS#7 Encapsulated Content OID '%s'; treating as raw data\n",
+		     pkcs7->encap_data_oid);
+
+	}
+
+	/* Try reading as octet string according to rfc5652. If that fails, attempt
+	 * a raw read according to rfc2315 */
+	result = _gnutls_x509_read_string(c2, "encapContentInfo.eContent", &pkcs7->der_signed_data, ASN1_ETYPE_OCTET_STRING, 1);
+	if (result < 0) {
+		result = _gnutls_x509_read_value(c2, "encapContentInfo.eContent", &pkcs7->der_signed_data);
+		if (result < 0) {
+			pkcs7->der_signed_data.data = NULL;
+			pkcs7->der_signed_data.size = 0;
+		} else {
+			int tag_len, len_len;
+			unsigned char cls;
+			unsigned long tag;
+
+			/* we skip the embedded element's tag and length - uncharted territorry - used by MICROSOFT_CERT_TRUST_LIST */
+			result = asn1_get_tag_der(pkcs7->der_signed_data.data, pkcs7->der_signed_data.size, &cls, &tag_len, &tag);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				result = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			result = asn1_get_length_ber(pkcs7->der_signed_data.data+tag_len, pkcs7->der_signed_data.size-tag_len, &len_len);
+			if (result < 0) {
+				gnutls_assert();
+				result = GNUTLS_E_ASN1_DER_ERROR;
+				goto cleanup;
+			}
+
+			tag_len += len_len;
+			memmove(pkcs7->der_signed_data.data, &pkcs7->der_signed_data.data[tag_len], pkcs7->der_signed_data.size-tag_len);
+			pkcs7->der_signed_data.size-=tag_len;
+		}
+	}
+
+	if (pkcs7->signed_data)
+		asn1_delete_structure(&pkcs7->signed_data);
+	pkcs7->signed_data = c2;
+	gnutls_free(tmp.data);
+
+	return 0;
+
+ cleanup:
+	gnutls_free(tmp.data);
+	if (c2)
+		asn1_delete_structure(&c2);
+	return result;
+}
+
+static int pkcs7_reinit(gnutls_pkcs7_t pkcs7)
+{
+	int result;
+
+	asn1_delete_structure(&pkcs7->pkcs7);
+
+	result = asn1_create_element(_gnutls_get_pkix(),
+				     "PKIX1.pkcs-7-ContentInfo", &pkcs7->pkcs7);
+	if (result != ASN1_SUCCESS) {
+		result = _gnutls_asn2err(result);
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs7_init:
+ * @pkcs7: A pointer to the type to be initialized
+ *
+ * This function will initialize a PKCS7 structure. PKCS7 structures
+ * usually contain lists of X.509 Certificates and X.509 Certificate
+ * revocation lists.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs7_init(gnutls_pkcs7_t * pkcs7)
+{
+	*pkcs7 = gnutls_calloc(1, sizeof(gnutls_pkcs7_int));
+
+	if (*pkcs7) {
+		int result = pkcs7_reinit(*pkcs7);
+		if (result < 0) {
+			gnutls_assert();
+			gnutls_free(*pkcs7);
+			return result;
+		}
+		return 0;	/* success */
+	}
+	return GNUTLS_E_MEMORY_ERROR;
+}
+
+/**
+ * gnutls_pkcs7_deinit:
+ * @pkcs7: the type to be deinitialized
+ *
+ * This function will deinitialize a PKCS7 type.
+ **/
+void gnutls_pkcs7_deinit(gnutls_pkcs7_t pkcs7)
+{
+	if (!pkcs7)
+		return;
+
+	if (pkcs7->pkcs7)
+		asn1_delete_structure(&pkcs7->pkcs7);
+
+	if (pkcs7->signed_data)
+		asn1_delete_structure(&pkcs7->signed_data);
+
+	_gnutls_free_datum(&pkcs7->der_signed_data);
+
+	gnutls_free(pkcs7);
+}
+
+/**
+ * gnutls_pkcs7_import:
+ * @pkcs7: The data to store the parsed PKCS7.
+ * @data: The DER or PEM encoded PKCS7.
+ * @format: One of DER or PEM
+ *
+ * This function will convert the given DER or PEM encoded PKCS7 to
+ * the native #gnutls_pkcs7_t format.  The output will be stored in
+ * @pkcs7. Any signed data that may be present inside the @pkcs7
+ * structure, like certificates set by gnutls_pkcs7_set_crt(), will
+ * be freed and overwritten by this function.
+ *
+ * If the PKCS7 is PEM encoded it should have a header of "PKCS7".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_pkcs7_import(gnutls_pkcs7_t pkcs7, const gnutls_datum_t * data,
+		    gnutls_x509_crt_fmt_t format)
+{
+	int result = 0, need_free = 0;
+	gnutls_datum_t _data;
+
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	_data.data = data->data;
+	_data.size = data->size;
+
+	/* If the PKCS7 is in PEM format then decode it
+	 */
+	if (format == GNUTLS_X509_FMT_PEM) {
+		result =
+		    _gnutls_fbase64_decode(PEM_PKCS7, data->data,
+					   data->size, &_data);
+
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+
+		need_free = 1;
+	}
+
+	if (pkcs7->expanded) {
+		result = pkcs7_reinit(pkcs7);
+		if (result < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+	pkcs7->expanded = 1;
+
+	result = asn1_der_decoding(&pkcs7->pkcs7, _data.data, _data.size, NULL);
+	if (result != ASN1_SUCCESS) {
+		result = _gnutls_asn2err(result);
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Decode the signed data.
+	 */
+	result = _decode_pkcs7_signed_data(pkcs7);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+ cleanup:
+	if (need_free)
+		_gnutls_free_datum(&_data);
+	return result;
+}
+
+/**
+ * gnutls_pkcs7_get_crt_raw2:
+ * @pkcs7: should contain a gnutls_pkcs7_t type
+ * @indx: contains the index of the certificate to extract
+ * @cert: will hold the contents of the certificate; must be deallocated with gnutls_free()
+ *
+ * This function will return a certificate of the PKCS7 or RFC2630
+ * certificate set.
+ *
+ * After the last certificate has been read
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.  If the provided buffer is not long enough,
+ *   then @certificate_size is updated and
+ *   %GNUTLS_E_SHORT_MEMORY_BUFFER is returned.
+ *
+ * Since: 3.4.2
+ **/
+int
+gnutls_pkcs7_get_crt_raw2(gnutls_pkcs7_t pkcs7,
+			  unsigned indx, gnutls_datum_t * cert)
+{
+	int result, len;
+	char root2[MAX_NAME_SIZE];
+	char oid[MAX_OID_SIZE];
+	gnutls_datum_t tmp = { NULL, 0 };
+
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	/* Step 2. Parse the CertificateSet
+	 */
+	snprintf(root2, sizeof(root2), "certificates.?%u", indx + 1);
+
+	len = sizeof(oid) - 1;
+
+	result = asn1_read_value(pkcs7->signed_data, root2, oid, &len);
+
+	if (result == ASN1_VALUE_NOT_FOUND) {
+		result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		goto cleanup;
+	}
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	/* if 'Certificate' is the choice found:
+	 */
+	if (strcmp(oid, "certificate") == 0) {
+		int start, end;
+
+		result = _gnutls_x509_read_value(pkcs7->pkcs7, "content", &tmp);
+		if (result < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		result =
+		    asn1_der_decoding_startEnd(pkcs7->signed_data, tmp.data,
+					       tmp.size, root2, &start, &end);
+
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		end = end - start + 1;
+
+		result = _gnutls_set_datum(cert, &tmp.data[start], end);
+	} else {
+		result = GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
+	}
+
+ cleanup:
+	_gnutls_free_datum(&tmp);
+	return result;
+}
+
+/**
+ * gnutls_pkcs7_get_crt_raw:
+ * @pkcs7: should contain a gnutls_pkcs7_t type
+ * @indx: contains the index of the certificate to extract
+ * @certificate: the contents of the certificate will be copied
+ *   there (may be null)
+ * @certificate_size: should hold the size of the certificate
+ *
+ * This function will return a certificate of the PKCS7 or RFC2630
+ * certificate set.
+ *
+ * After the last certificate has been read
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.  If the provided buffer is not long enough,
+ *   then @certificate_size is updated and
+ *   %GNUTLS_E_SHORT_MEMORY_BUFFER is returned.
+ **/
+int
+gnutls_pkcs7_get_crt_raw(gnutls_pkcs7_t pkcs7,
+			 unsigned indx, void *certificate,
+			 size_t * certificate_size)
+{
+	int ret;
+	gnutls_datum_t tmp = { NULL, 0 };
+
+	ret = gnutls_pkcs7_get_crt_raw2(pkcs7, indx, &tmp);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if ((unsigned)tmp.size > *certificate_size) {
+		*certificate_size = tmp.size;
+		ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
+		goto cleanup;
+	}
+
+	*certificate_size = tmp.size;
+	if (certificate)
+		memcpy(certificate, tmp.data, tmp.size);
+
+ cleanup:
+	_gnutls_free_datum(&tmp);
+	return ret;
+}
+
+/**
+ * gnutls_pkcs7_get_crt_count:
+ * @pkcs7: should contain a #gnutls_pkcs7_t type
+ *
+ * This function will return the number of certificates in the PKCS7
+ * or RFC2630 certificate set.
+ *
+ * Returns: On success, a positive number is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs7_get_crt_count(gnutls_pkcs7_t pkcs7)
+{
+	int result, count;
+
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	/* Step 2. Count the CertificateSet */
+
+	result =
+	    asn1_number_of_elements(pkcs7->signed_data, "certificates", &count);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return 0;	/* no certificates */
+	}
+
+	return count;
+}
+
+/**
+ * gnutls_pkcs7_signature_info_deinit:
+ * @info: should point to a #gnutls_pkcs7_signature_info_st structure
+ *
+ * This function will deinitialize any allocated value in the
+ * provided #gnutls_pkcs7_signature_info_st.
+ *
+ * Since: 3.4.2
+ **/
+void gnutls_pkcs7_signature_info_deinit(gnutls_pkcs7_signature_info_st * info)
+{
+	gnutls_free(info->sig.data);
+	gnutls_free(info->issuer_dn.data);
+	gnutls_free(info->signer_serial.data);
+	gnutls_free(info->issuer_keyid.data);
+	gnutls_pkcs7_attrs_deinit(info->signed_attrs);
+	gnutls_pkcs7_attrs_deinit(info->unsigned_attrs);
+	memset(info, 0, sizeof(*info));
+}
+
+static time_t parse_time(gnutls_pkcs7_t pkcs7, const char *root)
+{
+	char tval[128];
+	asn1_node c2 = NULL;
+	time_t ret;
+	int result, len;
+
+	result = asn1_create_element(_gnutls_get_pkix(), "PKIX1.Time", &c2);
+	if (result != ASN1_SUCCESS) {
+		ret = -1;
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	len = sizeof(tval);
+	result = asn1_read_value(pkcs7->signed_data, root, tval, &len);
+	if (result != ASN1_SUCCESS) {
+		ret = -1;
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _asn1_strict_der_decode(&c2, tval, len, NULL);
+	if (result != ASN1_SUCCESS) {
+		ret = -1;
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_get_time(c2, "", 0);
+
+ cleanup:
+	asn1_delete_structure(&c2);
+	return ret;
+}
+
+/**
+ * gnutls_pkcs7_get_signature_count:
+ * @pkcs7: should contain a #gnutls_pkcs7_t type
+ *
+ * This function will return the number of signatures in the PKCS7
+ * structure.
+ *
+ * Returns: On success, a positive number is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.3
+ **/
+int gnutls_pkcs7_get_signature_count(gnutls_pkcs7_t pkcs7)
+{
+	int ret, count;
+
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	ret =
+	    asn1_number_of_elements(pkcs7->signed_data, "signerInfos", &count);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return 0;
+	}
+
+	return count;
+}
+
+/**
+ * gnutls_pkcs7_get_signature_info:
+ * @pkcs7: should contain a #gnutls_pkcs7_t type
+ * @idx: the index of the signature info to check
+ * @info: will contain the output signature
+ *
+ * This function will return information about the signature identified
+ * by idx in the provided PKCS #7 structure. The information should be
+ * deinitialized using gnutls_pkcs7_signature_info_deinit().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.2
+ **/
+int gnutls_pkcs7_get_signature_info(gnutls_pkcs7_t pkcs7, unsigned idx,
+				    gnutls_pkcs7_signature_info_st * info)
+{
+	int ret, count, len;
+	char root[256];
+	char oid[MAX_OID_SIZE];
+	gnutls_pk_algorithm_t pk;
+	gnutls_sign_algorithm_t sig;
+	gnutls_datum_t tmp = { NULL, 0 };
+	unsigned i;
+
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	memset(info, 0, sizeof(*info));
+	info->signing_time = -1;
+
+	ret =
+	    asn1_number_of_elements(pkcs7->signed_data, "signerInfos", &count);
+	if (ret != ASN1_SUCCESS || idx + 1 > (unsigned)count) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+	snprintf(root, sizeof(root),
+		 "signerInfos.?%u.signatureAlgorithm.algorithm", idx + 1);
+
+	len = sizeof(oid) - 1;
+	ret = asn1_read_value(pkcs7->signed_data, root, oid, &len);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		goto unsupp_algo;
+	}
+
+	sig = gnutls_oid_to_sign(oid);
+	if (sig == GNUTLS_SIGN_UNKNOWN) {
+		/* great PKCS #7 allows to only specify a public key algo */
+		pk = gnutls_oid_to_pk(oid);
+		if (pk == GNUTLS_PK_UNKNOWN) {
+			gnutls_assert();
+			goto unsupp_algo;
+		}
+
+		/* use the digests algorithm */
+		snprintf(root, sizeof(root),
+			 "signerInfos.?%u.digestAlgorithm.algorithm", idx + 1);
+
+		len = sizeof(oid) - 1;
+		ret = asn1_read_value(pkcs7->signed_data, root, oid, &len);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			goto unsupp_algo;
+		}
+
+		ret = gnutls_oid_to_digest(oid);
+		if (ret == GNUTLS_DIG_UNKNOWN) {
+			gnutls_assert();
+			goto unsupp_algo;
+		}
+
+		sig = gnutls_pk_to_sign(pk, ret);
+		if (sig == GNUTLS_SIGN_UNKNOWN) {
+			gnutls_assert();
+			goto unsupp_algo;
+		}
+	}
+
+	info->algo = sig;
+
+	snprintf(root, sizeof(root), "signerInfos.?%u.signature", idx + 1);
+	/* read the signature */
+	ret = _gnutls_x509_read_value(pkcs7->signed_data, root, &info->sig);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	/* read the issuer info */
+	snprintf(root, sizeof(root),
+		 "signerInfos.?%u.sid.issuerAndSerialNumber.issuer.rdnSequence",
+		 idx + 1);
+	/* read the signature */
+	ret =
+	    _gnutls_x509_get_raw_field(pkcs7->signed_data, root,
+				       &info->issuer_dn);
+	if (ret >= 0) {
+		snprintf(root, sizeof(root),
+			 "signerInfos.?%u.sid.issuerAndSerialNumber.serialNumber",
+			 idx + 1);
+		/* read the signature */
+		ret =
+		    _gnutls_x509_read_value(pkcs7->signed_data, root,
+					    &info->signer_serial);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+	} else {		/* keyid */
+		snprintf(root, sizeof(root),
+			 "signerInfos.?%u.sid.subjectKeyIdentifier", idx + 1);
+		/* read the signature */
+		ret =
+		    _gnutls_x509_read_value(pkcs7->signed_data, root,
+					    &info->issuer_keyid);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+	}
+
+	if (info->issuer_keyid.data == NULL && info->issuer_dn.data == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+		goto fail;
+	}
+
+	/* read the signing time */
+	for (i = 0;; i++) {
+		snprintf(root, sizeof(root),
+			 "signerInfos.?%u.signedAttrs.?%u.type", idx + 1,
+			 i + 1);
+		len = sizeof(oid) - 1;
+		ret = asn1_read_value(pkcs7->signed_data, root, oid, &len);
+		if (ret != ASN1_SUCCESS) {
+			break;
+		}
+
+		snprintf(root, sizeof(root),
+			 "signerInfos.?%u.signedAttrs.?%u.values.?1", idx + 1,
+			 i + 1);
+		ret = _gnutls_x509_read_value(pkcs7->signed_data, root, &tmp);
+		if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) {
+			tmp.data = NULL;
+			tmp.size = 0;
+		} else if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		ret = gnutls_pkcs7_add_attr(&info->signed_attrs, oid, &tmp, 0);
+		gnutls_free(tmp.data);
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		if (strcmp(oid, ATTR_SIGNING_TIME) == 0) {
+			info->signing_time = parse_time(pkcs7, root);
+		}
+	}
+
+	/* read the unsigned attrs */
+	for (i = 0;; i++) {
+		snprintf(root, sizeof(root),
+			 "signerInfos.?%u.unsignedAttrs.?%u.type", idx + 1,
+			 i + 1);
+		len = sizeof(oid) - 1;
+		ret = asn1_read_value(pkcs7->signed_data, root, oid, &len);
+		if (ret != ASN1_SUCCESS) {
+			break;
+		}
+
+		snprintf(root, sizeof(root),
+			 "signerInfos.?%u.unsignedAttrs.?%u.values.?1", idx + 1,
+			 i + 1);
+		ret = _gnutls_x509_read_value(pkcs7->signed_data, root, &tmp);
+		if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) {
+			tmp.data = NULL;
+			tmp.size = 0;
+		} else if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		ret =
+		    gnutls_pkcs7_add_attr(&info->unsigned_attrs, oid, &tmp, 0);
+		gnutls_free(tmp.data);
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+	}
+
+	return 0;
+ fail:
+	gnutls_free(tmp.data);
+	gnutls_pkcs7_signature_info_deinit(info);
+	return ret;
+ unsupp_algo:
+	return GNUTLS_E_UNKNOWN_ALGORITHM;
+}
+
+/* Verifies that the hash attribute ATTR_MESSAGE_DIGEST is present
+ * and matches our calculated hash */
+static int verify_hash_attr(gnutls_pkcs7_t pkcs7, const char *root,
+			    gnutls_sign_algorithm_t algo,
+			    const gnutls_datum_t *data)
+{
+	unsigned hash;
+	gnutls_datum_t tmp = { NULL, 0 };
+	gnutls_datum_t tmp2 = { NULL, 0 };
+	uint8_t hash_output[MAX_HASH_SIZE];
+	unsigned hash_size, i;
+	char oid[MAX_OID_SIZE];
+	char name[256];
+	unsigned msg_digest_ok = 0;
+	unsigned num_cont_types = 0;
+	int ret;
+
+	hash = gnutls_sign_get_hash_algorithm(algo);
+
+	/* hash the data */
+	if (hash == GNUTLS_DIG_UNKNOWN)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	hash_size = gnutls_hash_get_len(hash);
+
+	if (data == NULL || data->data == NULL) {
+		data = &pkcs7->der_signed_data;
+	}
+
+	if (data->size == 0) {
+		return gnutls_assert_val(GNUTLS_E_NO_EMBEDDED_DATA);
+	}
+
+	ret = gnutls_hash_fast(hash, data->data, data->size, hash_output);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* now verify that hash matches */
+	for (i = 0;; i++) {
+		snprintf(name, sizeof(name), "%s.signedAttrs.?%u", root, i + 1);
+
+		ret = _gnutls_x509_decode_and_read_attribute(pkcs7->signed_data,
+							     name, oid,
+							     sizeof(oid), &tmp,
+							     1, 0);
+		if (ret < 0) {
+			if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND)
+				break;
+			return gnutls_assert_val(ret);
+		}
+
+		if (strcmp(oid, ATTR_MESSAGE_DIGEST) == 0) {
+			ret =
+			    _gnutls_x509_decode_string(ASN1_ETYPE_OCTET_STRING,
+						       tmp.data, tmp.size,
+						       &tmp2, 0);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			if (tmp2.size == hash_size
+			    && memcmp(hash_output, tmp2.data, tmp2.size) == 0) {
+				msg_digest_ok = 1;
+			} else {
+				gnutls_assert();
+			}
+		} else if (strcmp(oid, ATTR_CONTENT_TYPE) == 0) {
+			if (num_cont_types > 0) {
+				gnutls_assert();
+				ret = GNUTLS_E_PARSING_ERROR;
+				goto cleanup;
+			}
+
+			num_cont_types++;
+
+			/* check if it matches */
+			ret =
+			    _gnutls_x509_get_raw_field(pkcs7->signed_data,
+						       "encapContentInfo.eContentType",
+						       &tmp2);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			if (tmp2.size != tmp.size
+			    || memcmp(tmp.data, tmp2.data, tmp2.size) != 0) {
+				gnutls_assert();
+				ret = GNUTLS_E_PARSING_ERROR;
+				goto cleanup;
+			}
+		}
+
+		gnutls_free(tmp.data);
+		gnutls_free(tmp2.data);
+	}
+
+	if (msg_digest_ok)
+		ret = 0;
+	else
+		ret = gnutls_assert_val(GNUTLS_E_PK_SIG_VERIFY_FAILED);
+
+ cleanup:
+	gnutls_free(tmp.data);
+	gnutls_free(tmp2.data);
+	return ret;
+}
+
+/* Returns the data to be used for signature verification. PKCS #7
+ * decided that this should not be an easy task.
+ */
+static int figure_pkcs7_sigdata(gnutls_pkcs7_t pkcs7, const char *root,
+				const gnutls_datum_t * data,
+				gnutls_sign_algorithm_t algo,
+				gnutls_datum_t * sigdata)
+{
+	int ret;
+	char name[256];
+
+	snprintf(name, sizeof(name), "%s.signedAttrs", root);
+	/* read the signature */
+	ret = _gnutls_x509_get_raw_field(pkcs7->signed_data, name, sigdata);
+	if (ret == 0) {
+		/* verify that hash matches */
+		ret = verify_hash_attr(pkcs7, root, algo, data);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		if (sigdata->size > 0)
+			sigdata->data[0] = 0x31;
+
+		return 0;
+	}
+
+	/* We have no signedAttrs. Use the provided data, or the encapsulated */
+	if (data == NULL || data->data == NULL) {
+		return _gnutls_set_datum(sigdata, pkcs7->der_signed_data.data, pkcs7->der_signed_data.size);
+	}
+
+	return _gnutls_set_datum(sigdata, data->data, data->size);
+}
+
+/**
+ * gnutls_pkcs7_get_embedded_data:
+ * @pkcs7: should contain a gnutls_pkcs7_t type
+ * @flags: must be zero or %GNUTLS_PKCS7_EDATA_GET_RAW
+ * @data: will hold the embedded data in the provided structure
+ *
+ * This function will return the data embedded in the signature of
+ * the PKCS7 structure. If no data are available then
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ *
+ * The returned data must be de-allocated using gnutls_free().
+ *
+ * Note, that this function returns the exact same data that are
+ * authenticated. If the %GNUTLS_PKCS7_EDATA_GET_RAW flag is provided,
+ * the returned data will be including the wrapping tag/value as
+ * they are encoded in the structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.8
+ **/
+int
+gnutls_pkcs7_get_embedded_data(gnutls_pkcs7_t pkcs7, unsigned flags,
+			       gnutls_datum_t *data)
+{
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	if (pkcs7->der_signed_data.size == 0)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (flags & GNUTLS_PKCS7_EDATA_GET_RAW) {
+		if (pkcs7->signed_data == NULL)
+			return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+		return _gnutls_x509_read_value(pkcs7->signed_data, "encapContentInfo.eContent", data);
+	} else {
+		return _gnutls_set_datum(data, pkcs7->der_signed_data.data, pkcs7->der_signed_data.size);
+	}
+}
+
+/**
+ * gnutls_pkcs7_get_embedded_data_oid:
+ * @pkcs7: should contain a gnutls_pkcs7_t type
+ *
+ * This function will return the OID of the data embedded in the signature of
+ * the PKCS7 structure. If no data are available then %NULL will be
+ * returned. The returned value will be valid during the lifetime
+ * of the @pkcs7 structure.
+ *
+ * Returns: On success, a pointer to an OID string, %NULL on error.
+ *
+ * Since: 3.5.5
+ **/
+const char *
+gnutls_pkcs7_get_embedded_data_oid(gnutls_pkcs7_t pkcs7)
+{
+	if (pkcs7 == NULL || pkcs7->encap_data_oid[0] == 0)
+		return NULL;
+
+	return pkcs7->encap_data_oid;
+}
+
+/**
+ * gnutls_pkcs7_verify_direct:
+ * @pkcs7: should contain a #gnutls_pkcs7_t type
+ * @signer: the certificate believed to have signed the structure
+ * @idx: the index of the signature info to check
+ * @data: The data to be verified or %NULL
+ * @flags: Zero or an OR list of #gnutls_certificate_verify_flags
+ *
+ * This function will verify the provided data against the signature
+ * present in the SignedData of the PKCS #7 structure. If the data
+ * provided are NULL then the data in the encapsulatedContent field
+ * will be used instead.
+ *
+ * Note that, unlike gnutls_pkcs7_verify() this function does not
+ * verify the key purpose of the signer. It is expected for the caller
+ * to verify the intended purpose of the %signer -e.g., via gnutls_x509_crt_get_key_purpose_oid(),
+ * or gnutls_x509_crt_check_key_purpose().
+ *
+ * Note also, that since GnuTLS 3.5.6 this function introduces checks in the
+ * end certificate (@signer), including time checks and key usage checks.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. A verification error results to a
+ *   %GNUTLS_E_PK_SIG_VERIFY_FAILED and the lack of encapsulated data
+ *   to verify to a %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.
+ *
+ * Since: 3.4.2
+ **/
+int gnutls_pkcs7_verify_direct(gnutls_pkcs7_t pkcs7,
+			       gnutls_x509_crt_t signer,
+			       unsigned idx,
+			       const gnutls_datum_t *data, unsigned flags)
+{
+	int count, ret;
+	gnutls_datum_t tmpdata = { NULL, 0 };
+	gnutls_pkcs7_signature_info_st info;
+	gnutls_datum_t sigdata = { NULL, 0 };
+	char root[128];
+
+	memset(&info, 0, sizeof(info));
+
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	ret =
+	    asn1_number_of_elements(pkcs7->signed_data, "signerInfos", &count);
+	if (ret != ASN1_SUCCESS || idx + 1 > (unsigned)count) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	ret = gnutls_pkcs7_get_signature_info(pkcs7, idx, &info);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	snprintf(root, sizeof(root), "signerInfos.?%u", idx + 1);
+	ret = figure_pkcs7_sigdata(pkcs7, root, data, info.algo, &sigdata);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    gnutls_x509_crt_verify_data2(signer, info.algo, flags, &sigdata,
+					 &info.sig);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+ cleanup:
+	gnutls_free(tmpdata.data);
+	gnutls_free(sigdata.data);
+	gnutls_pkcs7_signature_info_deinit(&info);
+
+	return ret;
+}
+
+/* Finds the issuer of the given certificate (@cert) in the
+ * included in PKCS#7 list of certificates */
+static gnutls_x509_crt_t find_verified_issuer_of(gnutls_pkcs7_t pkcs7,
+					gnutls_x509_crt_t cert,
+					const char *purpose,
+					unsigned vflags)
+{
+	gnutls_x509_crt_t issuer = NULL;
+	int ret, count;
+	gnutls_datum_t tmp = { NULL, 0 };
+	unsigned i, vtmp;
+
+	count = gnutls_pkcs7_get_crt_count(pkcs7);
+	if (count < 0) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	for (i = 0; i < (unsigned)count; i++) {
+		/* Try to find the signer in the appended list. */
+		ret = gnutls_pkcs7_get_crt_raw2(pkcs7, i, &tmp);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		ret = gnutls_x509_crt_init(&issuer);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		ret = gnutls_x509_crt_import(issuer, &tmp, GNUTLS_X509_FMT_DER);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		if (!gnutls_x509_crt_check_issuer(cert, issuer)) {
+			gnutls_assert();
+			goto skip;
+		}
+
+		ret = gnutls_x509_crt_verify(cert, &issuer, 1, vflags|GNUTLS_VERIFY_DO_NOT_ALLOW_SAME, &vtmp);
+		if (ret < 0 || vtmp != 0 ||
+		    (purpose != NULL && !_gnutls_check_key_purpose(issuer, purpose, 0))) {
+			gnutls_assert();	/* maybe next one is trusted */
+			_gnutls_cert_log("failed verification with", issuer);
+ skip:
+			gnutls_x509_crt_deinit(issuer);
+			issuer = NULL;
+			gnutls_free(tmp.data);
+			continue;
+		}
+
+		_gnutls_cert_log("issued by", issuer);
+
+		/* we found a signer we trust. let's return it */
+		break;
+	}
+
+	if (issuer == NULL) {
+		gnutls_assert();
+		return NULL;
+	}
+	goto cleanup;
+
+ fail:
+	if (issuer) {
+		gnutls_x509_crt_deinit(issuer);
+		issuer = NULL;
+	}
+
+ cleanup:
+	gnutls_free(tmp.data);
+
+	return issuer;
+}
+
+/* Finds a certificate that is issued by @issuer -if given-, and matches
+ * either the serial number or the key ID (both in @info) .
+ */
+static gnutls_x509_crt_t find_child_of_with_serial(gnutls_pkcs7_t pkcs7,
+						   gnutls_x509_crt_t issuer,
+						   const char *purpose,
+						   gnutls_pkcs7_signature_info_st *info)
+{
+	gnutls_x509_crt_t crt = NULL;
+	int ret, count;
+	uint8_t tmp[128];
+	size_t tmp_size;
+	gnutls_datum_t tmpdata = { NULL, 0 };
+	unsigned i;
+
+	count = gnutls_pkcs7_get_crt_count(pkcs7);
+	if (count < 0) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	for (i = 0; i < (unsigned)count; i++) {
+		/* Try to find the crt in the appended list. */
+		ret = gnutls_pkcs7_get_crt_raw2(pkcs7, i, &tmpdata);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		ret = gnutls_x509_crt_init(&crt);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		ret = gnutls_x509_crt_import(crt, &tmpdata, GNUTLS_X509_FMT_DER);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		if (issuer != NULL) {
+			if (!gnutls_x509_crt_check_issuer(crt, issuer)) {
+				gnutls_assert();
+				goto skip;
+			}
+		}
+
+		if (purpose) {
+			ret =
+			    _gnutls_check_key_purpose(crt, purpose, 0);
+			if (ret == 0) {
+				_gnutls_cert_log("key purpose unacceptable", crt);
+				goto skip;
+			}
+		}
+
+		if (info->signer_serial.size > 0) {
+			tmp_size = sizeof(tmp);
+			ret = gnutls_x509_crt_get_serial(crt, tmp, &tmp_size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto skip;
+			}
+
+			if (tmp_size != info->signer_serial.size
+			    || memcmp(info->signer_serial.data, tmp,
+				      tmp_size) != 0) {
+				_gnutls_cert_log("doesn't match serial", crt);
+				gnutls_assert();
+				goto skip;
+			}
+		} else if (info->issuer_keyid.size > 0) {
+			tmp_size = sizeof(tmp);
+			ret = gnutls_x509_crt_get_subject_key_id(crt, tmp, &tmp_size, NULL);
+			if (ret < 0) {
+				gnutls_assert();
+				goto skip;
+			}
+
+			if (tmp_size != info->issuer_keyid.size
+			    || memcmp(info->issuer_keyid.data, tmp,
+				      tmp_size) != 0) {
+				_gnutls_cert_log("doesn't match key ID", crt);
+				gnutls_assert();
+ skip:
+				gnutls_x509_crt_deinit(crt);
+				crt = NULL;
+				gnutls_free(tmpdata.data);
+				continue;
+			}
+		} else {
+			gnutls_assert();
+			crt = NULL;
+			goto fail;
+		}
+
+		_gnutls_cert_log("signer is", crt);
+
+		/* we found the child with the given serial or key ID */
+		break;
+	}
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	goto cleanup;
+ fail:
+	if (crt) {
+		gnutls_x509_crt_deinit(crt);
+		crt = NULL;
+	}
+
+ cleanup:
+	gnutls_free(tmpdata.data);
+
+	return crt;
+}
+
+static
+gnutls_x509_crt_t find_signer(gnutls_pkcs7_t pkcs7, gnutls_x509_trust_list_t tl,
+			      gnutls_typed_vdata_st * vdata,
+			      unsigned vdata_size,
+			      unsigned vflags,
+			      gnutls_pkcs7_signature_info_st * info)
+{
+	gnutls_x509_crt_t issuer = NULL;
+	gnutls_x509_crt_t signer = NULL;
+	int ret;
+	gnutls_datum_t tmp = { NULL, 0 };
+	unsigned i, vtmp;
+	const char *purpose = NULL;
+
+	if (info->issuer_keyid.data) {
+		ret =
+		    gnutls_x509_trust_list_get_issuer_by_subject_key_id(tl,
+									NULL,
+									&info->
+									issuer_keyid,
+									&signer,
+									0);
+		if (ret < 0) {
+			gnutls_assert();
+			signer = NULL;
+		}
+	}
+
+	/* get key purpose */
+	for (i = 0; i < vdata_size; i++) {
+		if (vdata[i].type == GNUTLS_DT_KEY_PURPOSE_OID) {
+			purpose = (char *)vdata[i].data;
+			break;
+		}
+	}
+
+	/* this will give us the issuer of the signer (wtf) */
+	if (info->issuer_dn.data && signer == NULL) {
+		ret =
+		    gnutls_x509_trust_list_get_issuer_by_dn(tl,
+							    &info->issuer_dn,
+							    &issuer, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			signer = NULL;
+		}
+
+		if (issuer) {
+			/* try to find the actual signer in the list of
+			 * certificates */
+			signer = find_child_of_with_serial(pkcs7, issuer, purpose, info);
+			if (signer == NULL) {
+				gnutls_assert();
+				goto fail;
+			}
+
+			gnutls_x509_crt_deinit(issuer);
+			issuer = NULL;
+		}
+	}
+
+	if (signer == NULL) {
+		/* get the signer from the pkcs7 list; the one that matches serial
+		 * or key ID */
+		signer = find_child_of_with_serial(pkcs7, NULL, purpose, info);
+		if (signer == NULL) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		/* if the signer cannot be verified from our trust list, make a chain of certificates
+		 * starting from the identified signer, to a root we know. */
+		ret = gnutls_x509_trust_list_verify_crt2(tl, &signer, 1, vdata, vdata_size, vflags, &vtmp, NULL);
+		if (ret < 0 || vtmp != 0) {
+			gnutls_x509_crt_t prev = NULL;
+
+			issuer = signer;
+			/* construct a chain */
+			do {
+				if (prev && prev != signer) {
+					gnutls_x509_crt_deinit(prev);
+				}
+				prev = issuer;
+
+				issuer = find_verified_issuer_of(pkcs7, issuer, purpose, vflags);
+
+				if (issuer != NULL && gnutls_x509_crt_check_issuer(issuer, issuer)) {
+					if (prev && prev != signer)
+						gnutls_x509_crt_deinit(prev);
+					prev = issuer;
+					break;
+				}
+			} while(issuer != NULL);
+
+			issuer = prev; /* the last we have seen */
+
+			if (issuer == NULL) {
+				gnutls_assert();
+				goto fail;
+			}
+
+			ret = gnutls_x509_trust_list_verify_crt2(tl, &issuer, 1, vdata, vdata_size, vflags, &vtmp, NULL);
+			if (ret < 0 || vtmp != 0) {
+				/* could not construct a valid chain */
+				_gnutls_reason_log("signer's chain failed trust list verification", vtmp);
+				gnutls_assert();
+				goto fail;
+			}
+		}
+	} else {
+		/* verify that the signer we got is trusted */
+		ret = gnutls_x509_trust_list_verify_crt2(tl, &signer, 1, vdata, vdata_size, vflags, &vtmp, NULL);
+		if (ret < 0 || vtmp != 0) {
+			/* could not construct a valid chain */
+			_gnutls_reason_log("signer failed trust list verification", vtmp);
+			gnutls_assert();
+			goto fail;
+		}
+	}
+
+	if (signer == NULL) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	goto cleanup;
+
+ fail:
+	if (signer != NULL) {
+		if (issuer == signer)
+			issuer = NULL;
+		gnutls_x509_crt_deinit(signer);
+		signer = NULL;
+	}
+
+ cleanup:
+	if (issuer != NULL) {
+		gnutls_x509_crt_deinit(issuer);
+		issuer = NULL;
+	}
+	gnutls_free(tmp.data);
+
+	return signer;
+}
+
+/**
+ * gnutls_pkcs7_verify:
+ * @pkcs7: should contain a #gnutls_pkcs7_t type
+ * @tl: A list of trusted certificates
+ * @vdata: an array of typed data
+ * @vdata_size: the number of data elements
+ * @idx: the index of the signature info to check
+ * @data: The data to be verified or %NULL
+ * @flags: Zero or an OR list of #gnutls_certificate_verify_flags
+ *
+ * This function will verify the provided data against the signature
+ * present in the SignedData of the PKCS #7 structure. If the data
+ * provided are NULL then the data in the encapsulatedContent field
+ * will be used instead.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. A verification error results to a
+ *   %GNUTLS_E_PK_SIG_VERIFY_FAILED and the lack of encapsulated data
+ *   to verify to a %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.
+ *
+ * Since: 3.4.2
+ **/
+int gnutls_pkcs7_verify(gnutls_pkcs7_t pkcs7,
+			gnutls_x509_trust_list_t tl,
+			gnutls_typed_vdata_st *vdata,
+			unsigned int vdata_size,
+			unsigned idx,
+			const gnutls_datum_t *data, unsigned flags)
+{
+	int count, ret;
+	gnutls_datum_t tmpdata = { NULL, 0 };
+	gnutls_pkcs7_signature_info_st info;
+	gnutls_x509_crt_t signer;
+	gnutls_datum_t sigdata = { NULL, 0 };
+	char root[128];
+
+	memset(&info, 0, sizeof(info));
+
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	ret =
+	    asn1_number_of_elements(pkcs7->signed_data, "signerInfos", &count);
+	if (ret != ASN1_SUCCESS || idx + 1 > (unsigned)count) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	/* read data */
+	ret = gnutls_pkcs7_get_signature_info(pkcs7, idx, &info);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	snprintf(root, sizeof(root), "signerInfos.?%u", idx + 1);
+	ret = figure_pkcs7_sigdata(pkcs7, root, data, info.algo, &sigdata);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	signer = find_signer(pkcs7, tl, vdata, vdata_size, flags, &info);
+	if (signer) {
+		ret =
+		    gnutls_x509_crt_verify_data3(signer, info.algo, vdata, vdata_size,
+						 &sigdata, &info.sig, flags);
+		if (ret < 0) {
+			_gnutls_cert_log("failed struct verification with", signer);
+			gnutls_assert();
+		}
+		gnutls_x509_crt_deinit(signer);
+	} else {
+		gnutls_assert();
+		ret = GNUTLS_E_PK_SIG_VERIFY_FAILED;
+	}
+
+ cleanup:
+	gnutls_free(tmpdata.data);
+	gnutls_free(sigdata.data);
+	gnutls_pkcs7_signature_info_deinit(&info);
+
+	return ret;
+}
+
+static void disable_opt_fields(gnutls_pkcs7_t pkcs7)
+{
+	int result;
+	int count;
+
+	/* disable the optional fields */
+	result = asn1_number_of_elements(pkcs7->signed_data, "crls", &count);
+	if (result != ASN1_SUCCESS || count == 0) {
+		(void)asn1_write_value(pkcs7->signed_data, "crls", NULL, 0);
+	}
+
+	result =
+	    asn1_number_of_elements(pkcs7->signed_data, "certificates", &count);
+	if (result != ASN1_SUCCESS || count == 0) {
+		(void)asn1_write_value(pkcs7->signed_data, "certificates", NULL, 0);
+	}
+
+	return;
+}
+
+static int reencode(gnutls_pkcs7_t pkcs7)
+{
+	int result;
+
+	if (pkcs7->signed_data != NULL) {
+		disable_opt_fields(pkcs7);
+
+		/* Replace the old content with the new
+		 */
+		result =
+		    _gnutls_x509_der_encode_and_copy(pkcs7->signed_data, "",
+						     pkcs7->pkcs7, "content",
+						     0);
+		if (result < 0) {
+			return gnutls_assert_val(result);
+		}
+
+		/* Write the content type of the signed data
+		 */
+		result =
+		    asn1_write_value(pkcs7->pkcs7, "contentType",
+				     SIGNED_DATA_OID, 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+	}
+	return 0;
+}
+
+/**
+ * gnutls_pkcs7_export:
+ * @pkcs7: The pkcs7 type
+ * @format: the format of output params. One of PEM or DER.
+ * @output_data: will contain a structure PEM or DER encoded
+ * @output_data_size: holds the size of output_data (and will be
+ *   replaced by the actual size of parameters)
+ *
+ * This function will export the pkcs7 structure to DER or PEM format.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *@output_data_size is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER
+ * will be returned.
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN PKCS7".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_pkcs7_export(gnutls_pkcs7_t pkcs7,
+		    gnutls_x509_crt_fmt_t format, void *output_data,
+		    size_t * output_data_size)
+{
+	int ret;
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	if ((ret = reencode(pkcs7)) < 0)
+		return gnutls_assert_val(ret);
+
+	return _gnutls_x509_export_int(pkcs7->pkcs7, format, PEM_PKCS7,
+				       output_data, output_data_size);
+}
+
+/**
+ * gnutls_pkcs7_export2:
+ * @pkcs7: The pkcs7 type
+ * @format: the format of output params. One of PEM or DER.
+ * @out: will contain a structure PEM or DER encoded
+ *
+ * This function will export the pkcs7 structure to DER or PEM format.
+ *
+ * The output buffer is allocated using gnutls_malloc().
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN PKCS7".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.3
+ **/
+int
+gnutls_pkcs7_export2(gnutls_pkcs7_t pkcs7,
+		     gnutls_x509_crt_fmt_t format, gnutls_datum_t * out)
+{
+	int ret;
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	if ((ret = reencode(pkcs7)) < 0)
+		return gnutls_assert_val(ret);
+
+	return _gnutls_x509_export_int2(pkcs7->pkcs7, format, PEM_PKCS7, out);
+}
+
+/* Creates an empty signed data structure in the pkcs7
+ * structure and returns a handle to the signed data.
+ */
+static int create_empty_signed_data(asn1_node pkcs7, asn1_node * sdata)
+{
+	int result;
+
+	*sdata = NULL;
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.pkcs-7-SignedData",
+	      sdata)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	/* Use version 1
+	 */
+	result = asn1_write_value(*sdata, "version", &one, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	/* Use no digest algorithms
+	 */
+
+	/* id-data */
+	result =
+	    asn1_write_value(*sdata, "encapContentInfo.eContentType",
+			     DIGESTED_DATA_OID, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = asn1_write_value(*sdata, "encapContentInfo.eContent", NULL, 0);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	/* Add no certificates.
+	 */
+
+	/* Add no crls.
+	 */
+
+	/* Add no signerInfos.
+	 */
+
+	return 0;
+
+ cleanup:
+	asn1_delete_structure(sdata);
+	return result;
+
+}
+
+/**
+ * gnutls_pkcs7_set_crt_raw:
+ * @pkcs7: The pkcs7 type
+ * @crt: the DER encoded certificate to be added
+ *
+ * This function will add a certificate to the PKCS7 or RFC2630
+ * certificate set.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs7_set_crt_raw(gnutls_pkcs7_t pkcs7, const gnutls_datum_t * crt)
+{
+	int result;
+
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	/* If the signed data are uninitialized
+	 * then create them.
+	 */
+	if (pkcs7->signed_data == NULL) {
+		/* The pkcs7 structure is new, so create the
+		 * signedData.
+		 */
+		result =
+		    create_empty_signed_data(pkcs7->pkcs7, &pkcs7->signed_data);
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	/* Step 2. Append the new certificate.
+	 */
+
+	result = asn1_write_value(pkcs7->signed_data, "certificates", "NEW", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result =
+	    asn1_write_value(pkcs7->signed_data, "certificates.?LAST",
+			     "certificate", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result =
+	    asn1_write_value(pkcs7->signed_data,
+			     "certificates.?LAST.certificate", crt->data,
+			     crt->size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = 0;
+
+ cleanup:
+	return result;
+}
+
+/**
+ * gnutls_pkcs7_set_crt:
+ * @pkcs7: The pkcs7 type
+ * @crt: the certificate to be copied.
+ *
+ * This function will add a parsed certificate to the PKCS7 or
+ * RFC2630 certificate set.  This is a wrapper function over
+ * gnutls_pkcs7_set_crt_raw() .
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs7_set_crt(gnutls_pkcs7_t pkcs7, gnutls_x509_crt_t crt)
+{
+	int ret;
+	gnutls_datum_t data;
+
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	ret = _gnutls_x509_der_encode(crt->cert, "", &data, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_pkcs7_set_crt_raw(pkcs7, &data);
+
+	_gnutls_free_datum(&data);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs7_delete_crt:
+ * @pkcs7: The pkcs7 type
+ * @indx: the index of the certificate to delete
+ *
+ * This function will delete a certificate from a PKCS7 or RFC2630
+ * certificate set.  Index starts from 0. Returns 0 on success.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs7_delete_crt(gnutls_pkcs7_t pkcs7, int indx)
+{
+	int result;
+	char root2[MAX_NAME_SIZE];
+
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	/* Step 2. Delete the certificate.
+	 */
+
+	snprintf(root2, sizeof(root2), "certificates.?%d", indx + 1);
+
+	result = asn1_write_value(pkcs7->signed_data, root2, NULL, 0);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	return 0;
+
+ cleanup:
+	return result;
+}
+
+/* Read and write CRLs
+ */
+
+/**
+ * gnutls_pkcs7_get_crl_raw2:
+ * @pkcs7: The pkcs7 type
+ * @indx: contains the index of the crl to extract
+ * @crl: will contain the contents of the CRL in an allocated buffer
+ *
+ * This function will return a DER encoded CRL of the PKCS7 or RFC2630 crl set.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.  After the last crl has been read
+ *   %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ *
+ * Since: 3.4.2
+ **/
+int
+gnutls_pkcs7_get_crl_raw2(gnutls_pkcs7_t pkcs7,
+			  unsigned indx, gnutls_datum_t * crl)
+{
+	int result;
+	char root2[MAX_NAME_SIZE];
+	gnutls_datum_t tmp = { NULL, 0 };
+	int start, end;
+
+	if (pkcs7 == NULL || crl == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	result = _gnutls_x509_read_value(pkcs7->pkcs7, "content", &tmp);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Step 2. Parse the CertificateSet
+	 */
+
+	snprintf(root2, sizeof(root2), "crls.?%u", indx + 1);
+
+	/* Get the raw CRL
+	 */
+	result =
+	    asn1_der_decoding_startEnd(pkcs7->signed_data, tmp.data, tmp.size,
+				       root2, &start, &end);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	end = end - start + 1;
+
+	result = _gnutls_set_datum(crl, &tmp.data[start], end);
+
+ cleanup:
+	_gnutls_free_datum(&tmp);
+	return result;
+}
+
+/**
+ * gnutls_pkcs7_get_crl_raw:
+ * @pkcs7: The pkcs7 type
+ * @indx: contains the index of the crl to extract
+ * @crl: the contents of the crl will be copied there (may be null)
+ * @crl_size: should hold the size of the crl
+ *
+ * This function will return a crl of the PKCS7 or RFC2630 crl set.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.  If the provided buffer is not long enough,
+ *   then @crl_size is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER is
+ *   returned.  After the last crl has been read
+ *   %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ **/
+int
+gnutls_pkcs7_get_crl_raw(gnutls_pkcs7_t pkcs7,
+			 unsigned indx, void *crl, size_t * crl_size)
+{
+	int ret;
+	gnutls_datum_t tmp = { NULL, 0 };
+
+	ret = gnutls_pkcs7_get_crl_raw2(pkcs7, indx, &tmp);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if ((unsigned)tmp.size > *crl_size) {
+		*crl_size = tmp.size;
+		ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
+		goto cleanup;
+	}
+
+	assert(tmp.data != NULL);
+
+	*crl_size = tmp.size;
+	if (crl)
+		memcpy(crl, tmp.data, tmp.size);
+
+ cleanup:
+	_gnutls_free_datum(&tmp);
+	return ret;
+}
+
+/**
+ * gnutls_pkcs7_get_crl_count:
+ * @pkcs7: The pkcs7 type
+ *
+ * This function will return the number of certificates in the PKCS7
+ * or RFC2630 crl set.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs7_get_crl_count(gnutls_pkcs7_t pkcs7)
+{
+	int result, count;
+
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	/* Step 2. Count the CertificateSet */
+
+	result = asn1_number_of_elements(pkcs7->signed_data, "crls", &count);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return 0;	/* no crls */
+	}
+
+	return count;
+
+}
+
+/**
+ * gnutls_pkcs7_set_crl_raw:
+ * @pkcs7: The pkcs7 type
+ * @crl: the DER encoded crl to be added
+ *
+ * This function will add a crl to the PKCS7 or RFC2630 crl set.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs7_set_crl_raw(gnutls_pkcs7_t pkcs7, const gnutls_datum_t * crl)
+{
+	int result;
+
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	/* If the signed data are uninitialized
+	 * then create them.
+	 */
+	if (pkcs7->signed_data == NULL) {
+		/* The pkcs7 structure is new, so create the
+		 * signedData.
+		 */
+		result =
+		    create_empty_signed_data(pkcs7->pkcs7, &pkcs7->signed_data);
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	/* Step 2. Append the new crl.
+	 */
+
+	result = asn1_write_value(pkcs7->signed_data, "crls", "NEW", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result =
+	    asn1_write_value(pkcs7->signed_data, "crls.?LAST", crl->data,
+			     crl->size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = 0;
+
+ cleanup:
+	return result;
+}
+
+/**
+ * gnutls_pkcs7_set_crl:
+ * @pkcs7: The pkcs7 type
+ * @crl: the DER encoded crl to be added
+ *
+ * This function will add a parsed CRL to the PKCS7 or RFC2630 crl
+ * set.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs7_set_crl(gnutls_pkcs7_t pkcs7, gnutls_x509_crl_t crl)
+{
+	int ret;
+	gnutls_datum_t data;
+
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	ret = _gnutls_x509_der_encode(crl->crl, "", &data, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_pkcs7_set_crl_raw(pkcs7, &data);
+
+	_gnutls_free_datum(&data);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs7_delete_crl:
+ * @pkcs7: The pkcs7 type
+ * @indx: the index of the crl to delete
+ *
+ * This function will delete a crl from a PKCS7 or RFC2630 crl set.
+ * Index starts from 0. Returns 0 on success.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_pkcs7_delete_crl(gnutls_pkcs7_t pkcs7, int indx)
+{
+	int result;
+	char root2[MAX_NAME_SIZE];
+
+	if (pkcs7 == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	/* Delete the crl.
+	 */
+
+	snprintf(root2, sizeof(root2), "crls.?%d", indx + 1);
+
+	result = asn1_write_value(pkcs7->signed_data, root2, NULL, 0);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	return 0;
+
+ cleanup:
+	return result;
+}
+
+static int write_signer_id(asn1_node c2, const char *root,
+			   gnutls_x509_crt_t signer, unsigned flags)
+{
+	int result;
+	size_t serial_size;
+	uint8_t serial[128];
+	char name[256];
+
+	if (flags & GNUTLS_PKCS7_WRITE_SPKI) {
+		const uint8_t ver = 3;
+
+		snprintf(name, sizeof(name), "%s.version", root);
+		result = asn1_write_value(c2, name, &ver, 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+		snprintf(name, sizeof(name), "%s.sid", root);
+		result = asn1_write_value(c2, name, "subjectKeyIdentifier", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+		serial_size = sizeof(serial);
+		result =
+		    gnutls_x509_crt_get_subject_key_id(signer, serial,
+						       &serial_size, NULL);
+		if (result < 0)
+			return gnutls_assert_val(result);
+
+		snprintf(name, sizeof(name), "%s.subjectKeyIdentifier", root);
+		result = asn1_write_value(c2, name, serial, serial_size);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+	} else {
+		serial_size = sizeof(serial);
+		result =
+		    gnutls_x509_crt_get_serial(signer, serial, &serial_size);
+		if (result < 0)
+			return gnutls_assert_val(result);
+
+		snprintf(name, sizeof(name), "%s.sid", root);
+		result = asn1_write_value(c2, name, "issuerAndSerialNumber", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+		snprintf(name, sizeof(name),
+			 "%s.sid.issuerAndSerialNumber.serialNumber", root);
+		result = asn1_write_value(c2, name, serial, serial_size);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+		snprintf(name, sizeof(name),
+			 "%s.sid.issuerAndSerialNumber.issuer", root);
+		result =
+		    asn1_copy_node(c2, name, signer->cert,
+				   "tbsCertificate.issuer");
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+	}
+
+	return 0;
+}
+
+static int add_attrs(asn1_node c2, const char *root, gnutls_pkcs7_attrs_t attrs,
+		     unsigned already_set)
+{
+	char name[256];
+	gnutls_pkcs7_attrs_st *p = attrs;
+	int result;
+
+	if (attrs == NULL) {
+		/* if there are no other attributes delete that field */
+		if (already_set == 0)
+			(void)asn1_write_value(c2, root, NULL, 0);
+	} else {
+		while (p != NULL) {
+			result = asn1_write_value(c2, root, "NEW", 1);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				return _gnutls_asn2err(result);
+			}
+
+			snprintf(name, sizeof(name), "%s.?LAST.type", root);
+			result = asn1_write_value(c2, name, p->oid, 1);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				return _gnutls_asn2err(result);
+			}
+
+			snprintf(name, sizeof(name), "%s.?LAST.values", root);
+			result = asn1_write_value(c2, name, "NEW", 1);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				return _gnutls_asn2err(result);
+			}
+
+			snprintf(name, sizeof(name), "%s.?LAST.values.?1",
+				 root);
+			result =
+			    asn1_write_value(c2, name, p->data.data,
+					     p->data.size);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				return _gnutls_asn2err(result);
+			}
+
+			p = p->next;
+		}
+	}
+
+	return 0;
+}
+
+static int write_attributes(asn1_node c2, const char *root,
+			    const gnutls_datum_t * data,
+			    const mac_entry_st * me,
+			    gnutls_pkcs7_attrs_t other_attrs, unsigned flags)
+{
+	char name[256];
+	int result, ret;
+	uint8_t digest[MAX_HASH_SIZE];
+	gnutls_datum_t tmp = { NULL, 0 };
+	unsigned digest_size;
+	unsigned already_set = 0;
+
+	if (flags & GNUTLS_PKCS7_INCLUDE_TIME) {
+		if (data == NULL || data->data == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_INVALID_REQUEST;
+		}
+
+		/* Add time */
+		result = asn1_write_value(c2, root, "NEW", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			return ret;
+		}
+
+		snprintf(name, sizeof(name), "%s.?LAST.type", root);
+		result = asn1_write_value(c2, name, ATTR_SIGNING_TIME, 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			return ret;
+		}
+
+		snprintf(name, sizeof(name), "%s.?LAST.values", root);
+		result = asn1_write_value(c2, name, "NEW", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			return ret;
+		}
+
+		snprintf(name, sizeof(name), "%s.?LAST.values.?1", root);
+		ret = _gnutls_x509_set_raw_time(c2, name, gnutls_time(0));
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		already_set = 1;
+	}
+
+	ret = add_attrs(c2, root, other_attrs, already_set);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (already_set != 0 || other_attrs != NULL) {
+		/* Add content type */
+		result = asn1_write_value(c2, root, "NEW", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			return ret;
+		}
+
+		snprintf(name, sizeof(name), "%s.?LAST.type", root);
+		result = asn1_write_value(c2, name, ATTR_CONTENT_TYPE, 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			return ret;
+		}
+
+		snprintf(name, sizeof(name), "%s.?LAST.values", root);
+		result = asn1_write_value(c2, name, "NEW", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			return ret;
+		}
+
+		ret =
+		    _gnutls_x509_get_raw_field(c2,
+					       "encapContentInfo.eContentType",
+					       &tmp);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		snprintf(name, sizeof(name), "%s.?LAST.values.?1", root);
+		result = asn1_write_value(c2, name, tmp.data, tmp.size);
+		gnutls_free(tmp.data);
+
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			return ret;
+		}
+
+		/* If we add any attribute we should add them all */
+		/* Add hash */
+		digest_size = _gnutls_hash_get_algo_len(me);
+		ret = gnutls_hash_fast(MAC_TO_DIG(me->id), data->data, data->size, digest);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		result = asn1_write_value(c2, root, "NEW", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			return ret;
+		}
+
+		snprintf(name, sizeof(name), "%s.?LAST", root);
+		ret =
+		    _gnutls_x509_encode_and_write_attribute(ATTR_MESSAGE_DIGEST,
+							    c2, name, digest,
+							    digest_size, 1);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pkcs7_sign:
+ * @pkcs7: should contain a #gnutls_pkcs7_t type
+ * @signer: the certificate to sign the structure
+ * @signer_key: the key to sign the structure
+ * @data: The data to be signed or %NULL if the data are already embedded
+ * @signed_attrs: Any additional attributes to be included in the signed ones (or %NULL)
+ * @unsigned_attrs: Any additional attributes to be included in the unsigned ones (or %NULL)
+ * @dig: The digest algorithm to use for signing
+ * @flags: Should be zero or one of %GNUTLS_PKCS7 flags
+ *
+ * This function will add a signature in the provided PKCS #7 structure
+ * for the provided data. Multiple signatures can be made with different
+ * signers.
+ *
+ * The available flags are:
+ *  %GNUTLS_PKCS7_EMBED_DATA, %GNUTLS_PKCS7_INCLUDE_TIME, %GNUTLS_PKCS7_INCLUDE_CERT,
+ *  and %GNUTLS_PKCS7_WRITE_SPKI. They are explained in the #gnutls_pkcs7_sign_flags
+ *  definition.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.2
+ **/
+int gnutls_pkcs7_sign(gnutls_pkcs7_t pkcs7,
+		      gnutls_x509_crt_t signer,
+		      gnutls_privkey_t signer_key,
+		      const gnutls_datum_t *data,
+		      gnutls_pkcs7_attrs_t signed_attrs,
+		      gnutls_pkcs7_attrs_t unsigned_attrs,
+		      gnutls_digest_algorithm_t dig, unsigned flags)
+{
+	int ret, result;
+	gnutls_datum_t sigdata = { NULL, 0 };
+	gnutls_datum_t signature = { NULL, 0 };
+	const mac_entry_st *me = hash_to_entry(dig);
+	unsigned pk, sigalgo;
+	gnutls_x509_spki_st key_params, params;
+	const gnutls_sign_entry_st *se;
+
+	if (pkcs7 == NULL || me == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	if (pkcs7->signed_data == NULL) {
+		result =
+		    asn1_create_element(_gnutls_get_pkix(),
+					"PKIX1.pkcs-7-SignedData",
+					&pkcs7->signed_data);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		if (!(flags & GNUTLS_PKCS7_EMBED_DATA)) {
+			(void)asn1_write_value(pkcs7->signed_data,
+					 "encapContentInfo.eContent", NULL, 0);
+		}
+	}
+
+	result = asn1_write_value(pkcs7->signed_data, "version", &one, 1);
+	if (result != ASN1_SUCCESS) {
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result =
+	    asn1_write_value(pkcs7->signed_data,
+			     "encapContentInfo.eContentType", DATA_OID,
+			     0);
+	if (result != ASN1_SUCCESS) {
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if ((flags & GNUTLS_PKCS7_EMBED_DATA) && data->data) {	/* embed data */
+		ret =
+		    _gnutls_x509_write_string(pkcs7->signed_data,
+				     "encapContentInfo.eContent", data,
+				     ASN1_ETYPE_OCTET_STRING);
+		if (ret < 0) {
+			goto cleanup;
+		}
+	}
+
+	if (flags & GNUTLS_PKCS7_INCLUDE_CERT) {
+		ret = gnutls_pkcs7_set_crt(pkcs7, signer);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	/* append digest info algorithm */
+	result =
+	    asn1_write_value(pkcs7->signed_data, "digestAlgorithms", "NEW", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result =
+	    asn1_write_value(pkcs7->signed_data,
+			     "digestAlgorithms.?LAST.algorithm",
+			     _gnutls_x509_digest_to_oid(me), 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	(void)asn1_write_value(pkcs7->signed_data,
+			 "digestAlgorithms.?LAST.parameters", NULL, 0);
+
+	/* append signer's info */
+	result = asn1_write_value(pkcs7->signed_data, "signerInfos", "NEW", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result =
+	    asn1_write_value(pkcs7->signed_data, "signerInfos.?LAST.version",
+			     &one, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result =
+	    asn1_write_value(pkcs7->signed_data,
+			     "signerInfos.?LAST.digestAlgorithm.algorithm",
+			     _gnutls_x509_digest_to_oid(me), 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	(void)asn1_write_value(pkcs7->signed_data,
+			 "signerInfos.?LAST.digestAlgorithm.parameters", NULL,
+			 0);
+
+	ret =
+	    write_signer_id(pkcs7->signed_data, "signerInfos.?LAST", signer,
+			    flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    add_attrs(pkcs7->signed_data, "signerInfos.?LAST.unsignedAttrs",
+		      unsigned_attrs, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    write_attributes(pkcs7->signed_data,
+			     "signerInfos.?LAST.signedAttrs", data, me,
+			     signed_attrs, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	disable_opt_fields(pkcs7);
+
+	/* write the signature algorithm */
+	pk = gnutls_x509_crt_get_pk_algorithm(signer, NULL);
+
+	ret = _gnutls_privkey_get_spki_params(signer_key, &key_params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_crt_get_spki_params(signer, &key_params, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_privkey_update_spki_params(signer_key, pk, dig, 0,
+						  &params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	se = _gnutls_pk_to_sign_entry(params.pk, dig);
+	if (se == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM);
+		goto cleanup;
+	}
+
+	/* RFC5652 is silent on what the values would be and initially I assumed that
+	 * typical signature algorithms should be set. However RFC2315 (PKCS#7) mentions
+	 * that a generic RSA OID should be used. We switch to this "unexpected" value
+	 * because some implementations cannot cope with the "expected" signature values.
+	 */
+	params.legacy = 1;
+	ret =
+	    _gnutls_x509_write_sign_params(pkcs7->signed_data,
+					   "signerInfos.?LAST.signatureAlgorithm",
+					   se, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	sigalgo = se->id;
+
+	/* sign the data */
+	ret =
+	    figure_pkcs7_sigdata(pkcs7, "signerInfos.?LAST", data, sigalgo,
+				 &sigdata);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	FIX_SIGN_PARAMS(params, flags, dig);
+
+	ret = privkey_sign_and_hash_data(signer_key, se,
+					 &sigdata, &signature, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result =
+	    asn1_write_value(pkcs7->signed_data, "signerInfos.?LAST.signature",
+			     signature.data, signature.size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	ret = 0;
+
+ cleanup:
+	gnutls_free(sigdata.data);
+	gnutls_free(signature.data);
+	return ret;
+}
diff --git a/lib/x509/pkcs7_int.h b/lib/x509/pkcs7_int.h
new file mode 100644
index 0000000..3d57124
--- /dev/null
+++ b/lib/x509/pkcs7_int.h
@@ -0,0 +1,134 @@
+/*
+ * Copyright (C) 2003-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_PKCS7_INT_H
+#define GNUTLS_LIB_X509_PKCS7_INT_H
+
+#include <gnutls/x509.h>
+
+/* PKCS #7
+ */
+#define DATA_OID "1.2.840.113549.1.7.1"
+#define ENC_DATA_OID "1.2.840.113549.1.7.6"
+
+#define SIGNED_DATA_OID "1.2.840.113549.1.7.2"
+#define DIGESTED_DATA_OID "1.2.840.113549.1.7.5"
+
+
+typedef enum schema_id {
+	PBES2_GENERIC=1,	/* when the algorithm is unknown, temporal use when reading only */
+	PBES2_DES,		/* the stuff in PKCS #5 */
+	PBES2_3DES,
+	PBES2_AES_128,
+	PBES2_AES_192,
+	PBES2_AES_256,
+	PBES2_GOST28147_89_TC26Z,
+	PBES2_GOST28147_89_CPA,
+	PBES2_GOST28147_89_CPB,
+	PBES2_GOST28147_89_CPC,
+	PBES2_GOST28147_89_CPD,
+	PKCS12_3DES_SHA1,	/* the stuff in PKCS #12 */
+	PKCS12_ARCFOUR_SHA1,
+	PKCS12_RC2_40_SHA1,
+	PBES1_DES_MD5		/* openssl before 1.1.0 uses that by default */
+} schema_id;
+
+struct pkcs_cipher_schema_st {
+	unsigned int schema;
+	const char *name;
+	unsigned int flag;
+	unsigned int cipher;
+	unsigned pbes2;
+	const char *cipher_oid;
+	const char *write_oid;
+	const char *desc;
+	const char *iv_name;
+	unsigned decrypt_only;
+};
+
+const struct pkcs_cipher_schema_st *_gnutls_pkcs_schema_get(schema_id schema);
+
+struct pbe_enc_params {
+	gnutls_cipher_algorithm_t cipher;
+	uint8_t iv[MAX_CIPHER_BLOCK_SIZE];
+	int iv_size;
+	char pbes2_oid[MAX_OID_SIZE]; /* when reading params, the OID is stored for info purposes */
+};
+
+int
+_gnutls_decrypt_pbes1_des_md5_data(const char *password,
+			   unsigned password_len,
+			   const struct pbkdf2_params *kdf_params,
+			   const struct pbe_enc_params *enc_params,
+			   const gnutls_datum_t *encrypted_data,
+			   gnutls_datum_t *decrypted_data);
+
+int _gnutls_check_pkcs_cipher_schema(const char *oid);
+
+int
+_gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn,
+	     const char *root, const char *password,
+	     const struct pbkdf2_params *kdf_params,
+	     const struct pbe_enc_params *enc_params,
+	     gnutls_datum_t *decrypted_data);
+
+int
+_gnutls_pkcs_raw_encrypt_data(const gnutls_datum_t * plain,
+	     const struct pbe_enc_params *enc_params,
+	     const gnutls_datum_t * key, gnutls_datum_t * encrypted);
+
+int _gnutls_pkcs7_decrypt_data(const gnutls_datum_t * data,
+			       const char *password, gnutls_datum_t * dec);
+
+int _gnutls_read_pbkdf1_params(const uint8_t * data, int data_size,
+		       struct pbkdf2_params *kdf_params,
+		       struct pbe_enc_params *enc_params);
+
+int
+_gnutls_read_pkcs_schema_params(schema_id * schema, const char *password,
+			const uint8_t * data, int data_size,
+			struct pbkdf2_params *kdf_params,
+			struct pbe_enc_params *enc_params);
+
+int
+_gnutls_pkcs_write_schema_params(schema_id schema, asn1_node pkcs8_asn,
+		    const char *where,
+		    const struct pbkdf2_params *kdf_params,
+		    const struct pbe_enc_params *enc_params);
+
+int
+_gnutls_pkcs_generate_key(schema_id schema,
+	     const char *password,
+	     struct pbkdf2_params *kdf_params,
+	     struct pbe_enc_params *enc_params, gnutls_datum_t * key);
+
+int _gnutls_pkcs_flags_to_schema(unsigned int flags);
+int _gnutls_pkcs7_encrypt_data(schema_id schema,
+			       const gnutls_datum_t * data,
+			       const char *password, gnutls_datum_t * enc);
+
+int
+_gnutls_pkcs7_data_enc_info(const gnutls_datum_t * data, const struct pkcs_cipher_schema_st **p,
+	struct pbkdf2_params *kdf_params, char **oid);
+
+#endif /* GNUTLS_LIB_X509_PKCS7_INT_H */
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
new file mode 100644
index 0000000..792a413
--- /dev/null
+++ b/lib/x509/privkey.c
@@ -0,0 +1,2388 @@
+/*
+ * Copyright (C) 2003-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2012-2016 Nikos Mavrogiannopoulos
+ * Copyright (C) 2015-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <tls-sig.h>
+#include <common.h>
+#include <x509.h>
+#include <x509_b64.h>
+#include <x509_int.h>
+#include <pk.h>
+#include <mpi.h>
+#include <ecc.h>
+#include <pin.h>
+
+/**
+ * gnutls_x509_privkey_init:
+ * @key: A pointer to the type to be initialized
+ *
+ * This function will initialize a private key type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_x509_privkey_init(gnutls_x509_privkey_t * key)
+{
+	FAIL_IF_LIB_ERROR;
+
+	*key = gnutls_calloc(1, sizeof(gnutls_x509_privkey_int));
+
+	if (*key) {
+		(*key)->key = NULL;
+		return 0;	/* success */
+	}
+
+	return GNUTLS_E_MEMORY_ERROR;
+}
+
+void _gnutls_x509_privkey_reinit(gnutls_x509_privkey_t key)
+{
+	gnutls_pk_params_clear(&key->params);
+	gnutls_pk_params_release(&key->params);
+	/* avoid re-use of fields which may have had some sensible value */
+	zeroize_key(&key->params, sizeof(key->params));
+
+	if (key->key)
+		asn1_delete_structure2(&key->key, ASN1_DELETE_FLAG_ZEROIZE);
+	key->key = NULL;
+}
+
+/**
+ * gnutls_x509_privkey_deinit:
+ * @key: The key to be deinitialized
+ *
+ * This function will deinitialize a private key structure.
+ **/
+void gnutls_x509_privkey_deinit(gnutls_x509_privkey_t key)
+{
+	if (!key)
+		return;
+
+	_gnutls_x509_privkey_reinit(key);
+	gnutls_free(key);
+}
+
+/**
+ * gnutls_x509_privkey_cpy:
+ * @dst: The destination key, which should be initialized.
+ * @src: The source key
+ *
+ * This function will copy a private key from source to destination
+ * key. Destination has to be initialized.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_cpy(gnutls_x509_privkey_t dst,
+			gnutls_x509_privkey_t src)
+{
+	int ret;
+
+	if (!src || !dst)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	ret = _gnutls_pk_params_copy(&dst->params, &src->params);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	ret =
+	    _gnutls_asn1_encode_privkey(&dst->key,
+					&dst->params);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_pk_params_release(&dst->params);
+		return ret;
+	}
+
+	return 0;
+}
+
+/* Converts an RSA PKCS#1 key to
+ * an internal structure (gnutls_private_key)
+ */
+asn1_node
+_gnutls_privkey_decode_pkcs1_rsa_key(const gnutls_datum_t * raw_key,
+				     gnutls_x509_privkey_t pkey)
+{
+	int result;
+	asn1_node pkey_asn;
+
+	gnutls_pk_params_init(&pkey->params);
+
+	if (asn1_create_element(_gnutls_get_gnutls_asn(),
+				"GNUTLS.RSAPrivateKey",
+				&pkey_asn) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	result =
+	    _asn1_strict_der_decode(&pkey_asn, raw_key->data, raw_key->size,
+			      NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if (_gnutls_x509_read_int(pkey_asn, "modulus",
+				  &pkey->params.params[0]) < 0)
+	{
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+
+	if (_gnutls_x509_read_int(pkey_asn, "publicExponent",
+				  &pkey->params.params[1]) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+
+	if (_gnutls_x509_read_key_int(pkey_asn, "privateExponent",
+				      &pkey->params.params[2]) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+
+	if (_gnutls_x509_read_key_int(pkey_asn, "prime1",
+				      &pkey->params.params[3]) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+
+	if (_gnutls_x509_read_key_int(pkey_asn, "prime2",
+				      &pkey->params.params[4]) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+
+	if (_gnutls_x509_read_key_int(pkey_asn, "coefficient",
+				      &pkey->params.params[5]) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+
+	if (_gnutls_x509_read_key_int(pkey_asn, "exponent1",
+				      &pkey->params.params[6]) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+
+	if (_gnutls_x509_read_key_int(pkey_asn, "exponent2",
+				      &pkey->params.params[7]) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+
+	pkey->params.params_nr = RSA_PRIVATE_PARAMS;
+	pkey->params.algo = GNUTLS_PK_RSA;
+
+	return pkey_asn;
+
+      error:
+	asn1_delete_structure2(&pkey_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	gnutls_pk_params_clear(&pkey->params);
+	gnutls_pk_params_release(&pkey->params);
+	return NULL;
+}
+
+/* Converts an ECC key to
+ * an internal structure (gnutls_private_key)
+ */
+int
+_gnutls_privkey_decode_ecc_key(asn1_node* pkey_asn, const gnutls_datum_t * raw_key,
+			       gnutls_x509_privkey_t pkey, gnutls_ecc_curve_t curve)
+{
+	int ret;
+	unsigned int version;
+	char oid[MAX_OID_SIZE];
+	int oid_size;
+	gnutls_datum_t out;
+
+	if (curve_is_eddsa(curve)) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	gnutls_pk_params_init(&pkey->params);
+
+	if ((ret =
+	     asn1_create_element(_gnutls_get_gnutls_asn(),
+				 "GNUTLS.ECPrivateKey",
+				 pkey_asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	ret =
+	    _asn1_strict_der_decode(pkey_asn, raw_key->data, raw_key->size,
+			      NULL);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto error;
+	}
+
+	ret = _gnutls_x509_read_uint(*pkey_asn, "Version", &version);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if (version != 1) {
+		_gnutls_debug_log
+		    ("ECC private key version %u is not supported\n",
+		     version);
+		gnutls_assert();
+		ret = GNUTLS_E_ECC_UNSUPPORTED_CURVE;
+		goto error;
+	}
+
+	/* read the curve */
+	if (curve == GNUTLS_ECC_CURVE_INVALID) {
+		oid_size = sizeof(oid);
+		ret =
+		    asn1_read_value(*pkey_asn, "parameters.namedCurve", oid,
+			    &oid_size);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto error;
+		}
+
+		pkey->params.curve = gnutls_oid_to_ecc_curve(oid);
+
+		if (pkey->params.curve == GNUTLS_ECC_CURVE_INVALID) {
+			_gnutls_debug_log("Curve %s is not supported\n", oid);
+			gnutls_assert();
+			ret = GNUTLS_E_ECC_UNSUPPORTED_CURVE;
+			goto error;
+		}
+	} else {
+		pkey->params.curve = curve;
+	}
+
+
+	/* read the public key */
+	ret = _gnutls_x509_read_value(*pkey_asn, "publicKey", &out);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret =
+	    _gnutls_ecc_ansi_x962_import(out.data, out.size,
+					 &pkey->params.params[ECC_X],
+					 &pkey->params.params[ECC_Y]);
+
+	_gnutls_free_datum(&out);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr += 2;
+
+	/* read the private key */
+	ret =
+	    _gnutls_x509_read_key_int(*pkey_asn, "privateKey",
+				  &pkey->params.params[ECC_K]);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+	pkey->params.algo = GNUTLS_PK_EC;
+
+	return 0;
+
+      error:
+	asn1_delete_structure2(pkey_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	gnutls_pk_params_clear(&pkey->params);
+	gnutls_pk_params_release(&pkey->params);
+	return ret;
+
+}
+
+
+static asn1_node
+decode_dsa_key(const gnutls_datum_t * raw_key, gnutls_x509_privkey_t pkey)
+{
+	int result;
+	asn1_node dsa_asn;
+	gnutls_datum_t seed = {NULL,0};
+	char oid[MAX_OID_SIZE];
+	int oid_size;
+
+	if (asn1_create_element(_gnutls_get_gnutls_asn(),
+				"GNUTLS.DSAPrivateKey",
+				&dsa_asn) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	gnutls_pk_params_init(&pkey->params);
+
+
+	result =
+	    _asn1_strict_der_decode(&dsa_asn, raw_key->data, raw_key->size,
+			      NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if (_gnutls_x509_read_int(dsa_asn, "p",
+				  &pkey->params.params[0]) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+
+	if (_gnutls_x509_read_int(dsa_asn, "q",
+				  &pkey->params.params[1]) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+
+	if (_gnutls_x509_read_int(dsa_asn, "g",
+				  &pkey->params.params[2]) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+
+	if (_gnutls_x509_read_int(dsa_asn, "Y",
+				  &pkey->params.params[3]) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+
+	if (_gnutls_x509_read_key_int(dsa_asn, "priv",
+				      &pkey->params.params[4]) < 0)
+	{
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+	pkey->params.algo = GNUTLS_PK_DSA;
+
+	oid_size = sizeof(oid);
+	result = asn1_read_value(dsa_asn, "seed.algorithm", oid, &oid_size);
+	if (result == ASN1_SUCCESS) {
+		pkey->params.palgo = gnutls_oid_to_digest(oid);
+
+		result = _gnutls_x509_read_value(dsa_asn, "seed.seed", &seed);
+		if (result == ASN1_SUCCESS) {
+			if (seed.size <= sizeof(pkey->params.seed)) {
+				memcpy(pkey->params.seed, seed.data, seed.size);
+				pkey->params.seed_size = seed.size;
+			}
+			gnutls_free(seed.data);
+		}
+	}
+
+	return dsa_asn;
+
+      error:
+	asn1_delete_structure2(&dsa_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	gnutls_pk_params_clear(&pkey->params);
+	gnutls_pk_params_release(&pkey->params);
+	return NULL;
+
+}
+
+
+#define PEM_KEY_DSA "DSA PRIVATE KEY"
+#define PEM_KEY_RSA "RSA PRIVATE KEY"
+#define PEM_KEY_ECC "EC PRIVATE KEY"
+#define PEM_KEY_PKCS8 "PRIVATE KEY"
+
+#define MAX_PEM_HEADER_SIZE 25
+
+#define IF_CHECK_FOR(pemstr, _algo, cptr, bptr, size, key) \
+		if (left > sizeof(pemstr) && memcmp(cptr, pemstr, sizeof(pemstr)-1) == 0) { \
+			result = _gnutls_fbase64_decode(pemstr, bptr, size, &_data); \
+			if (result >= 0) \
+				key->params.algo = _algo; \
+		}
+
+/**
+ * gnutls_x509_privkey_import:
+ * @key: The data to store the parsed key
+ * @data: The DER or PEM encoded certificate.
+ * @format: One of DER or PEM
+ *
+ * This function will convert the given DER or PEM encoded key to the
+ * native #gnutls_x509_privkey_t format. The output will be stored in
+ * @key .
+ *
+ * If the key is PEM encoded it should have a header that contains "PRIVATE
+ * KEY". Note that this function falls back to PKCS #8 decoding without
+ * password, if the default format fails to import.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_import(gnutls_x509_privkey_t key,
+			   const gnutls_datum_t * data,
+			   gnutls_x509_crt_fmt_t format)
+{
+	int result = 0, need_free = 0;
+	gnutls_datum_t _data;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	_data.data = data->data;
+	_data.size = data->size;
+
+	key->params.algo = GNUTLS_PK_UNKNOWN;
+
+	/* If the Certificate is in PEM format then decode it
+	 */
+	if (format == GNUTLS_X509_FMT_PEM) {
+		unsigned left;
+		char *ptr;
+		uint8_t *begin_ptr;
+
+		ptr = memmem(data->data, data->size, "PRIVATE KEY-----", sizeof("PRIVATE KEY-----")-1);
+
+		result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+		if (ptr != NULL) {
+			left = data->size - ((ptrdiff_t)ptr - (ptrdiff_t)data->data);
+
+			if (data->size - left > MAX_PEM_HEADER_SIZE) {
+				ptr -= MAX_PEM_HEADER_SIZE;
+				left += MAX_PEM_HEADER_SIZE;
+			} else {
+				ptr = (char*)data->data;
+				left = data->size;
+			}
+
+			ptr = memmem(ptr, left, "-----BEGIN ", sizeof("-----BEGIN ")-1);
+			if (ptr != NULL) {
+				begin_ptr = (uint8_t*)ptr;
+				left = data->size - ((ptrdiff_t)begin_ptr - (ptrdiff_t)data->data);
+
+				ptr += sizeof("-----BEGIN ")-1;
+
+				IF_CHECK_FOR(PEM_KEY_RSA, GNUTLS_PK_RSA, ptr, begin_ptr, left, key)
+				else IF_CHECK_FOR(PEM_KEY_ECC, GNUTLS_PK_EC, ptr, begin_ptr, left, key)
+				else IF_CHECK_FOR(PEM_KEY_DSA, GNUTLS_PK_DSA, ptr, begin_ptr, left, key)
+
+				if (key->params.algo == GNUTLS_PK_UNKNOWN && left >= sizeof(PEM_KEY_PKCS8)) {
+					if (memcmp(ptr, PEM_KEY_PKCS8, sizeof(PEM_KEY_PKCS8)-1) == 0) {
+						result =
+							_gnutls_fbase64_decode(PEM_KEY_PKCS8,
+								begin_ptr, left, &_data);
+						if (result >= 0) {
+							/* signal for PKCS #8 keys */
+							key->params.algo = -1;
+						}
+					}
+				}
+			}
+
+		}
+
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+
+		need_free = 1;
+	}
+
+	if (key->expanded) {
+		_gnutls_x509_privkey_reinit(key);
+	}
+	key->expanded = 1;
+
+	if (key->params.algo == (gnutls_pk_algorithm_t)-1) {
+		result =
+		    gnutls_x509_privkey_import_pkcs8(key, data, format,
+						     NULL,
+						     GNUTLS_PKCS_PLAIN);
+		if (result < 0) {
+			gnutls_assert();
+			key->key = NULL;
+			goto cleanup;
+		} else {
+			/* some keys under PKCS#8 don't set key->key */
+			goto finish;
+		}
+	} else if (key->params.algo == GNUTLS_PK_RSA) {
+		key->key =
+		    _gnutls_privkey_decode_pkcs1_rsa_key(&_data, key);
+		if (key->key == NULL)
+			gnutls_assert();
+	} else if (key->params.algo == GNUTLS_PK_DSA) {
+		key->key = decode_dsa_key(&_data, key);
+		if (key->key == NULL)
+			gnutls_assert();
+	} else if (key->params.algo == GNUTLS_PK_EC) {
+		result = _gnutls_privkey_decode_ecc_key(&key->key, &_data, key, 0);
+		if (result < 0) {
+			gnutls_assert();
+			key->key = NULL;
+		}
+	} else {
+		/* Try decoding each of the keys, and accept the one that
+		 * succeeds.
+		 */
+		key->params.algo = GNUTLS_PK_RSA;
+		key->key =
+		    _gnutls_privkey_decode_pkcs1_rsa_key(&_data, key);
+
+		if (key->key == NULL) {
+			key->params.algo = GNUTLS_PK_DSA;
+			key->key = decode_dsa_key(&_data, key);
+			if (key->key == NULL) {
+				key->params.algo = GNUTLS_PK_EC;
+				result =
+				    _gnutls_privkey_decode_ecc_key(&key->key, &_data, key, 0);
+				if (result < 0) {
+					result =
+					    gnutls_x509_privkey_import_pkcs8(key, data, format,
+									     NULL,
+									     GNUTLS_PKCS_PLAIN);
+					if (result >= 0) {
+						/* there are keys (ed25519) which leave key->key NULL */
+						goto finish;
+					}
+
+					/* result < 0 */
+					gnutls_assert();
+					key->key = NULL;
+
+					if (result == GNUTLS_E_PK_INVALID_PRIVKEY)
+						goto cleanup;
+				}
+			}
+		}
+	}
+
+	if (key->key == NULL) {
+		gnutls_assert();
+		result = GNUTLS_E_ASN1_DER_ERROR;
+		goto cleanup;
+	}
+
+ finish:
+	result =
+	    _gnutls_pk_fixup(key->params.algo, GNUTLS_IMPORT, &key->params);
+	if (result < 0) {
+		gnutls_assert();
+	}
+
+ cleanup:
+	if (need_free) {
+		zeroize_temp_key(_data.data, _data.size);
+		_gnutls_free_datum(&_data);
+	}
+
+	/* The key has now been decoded.
+	 */
+
+	return result;
+}
+
+static int import_pkcs12_privkey(gnutls_x509_privkey_t key,
+				 const gnutls_datum_t * data,
+				 gnutls_x509_crt_fmt_t format,
+				 const char *password, unsigned int flags)
+{
+	int ret;
+	gnutls_pkcs12_t p12;
+	gnutls_x509_privkey_t newkey;
+
+	ret = gnutls_pkcs12_init(&p12);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pkcs12_import(p12, data, format, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	ret =
+	    gnutls_pkcs12_simple_parse(p12, password, &newkey, NULL, NULL,
+				       NULL, NULL, NULL, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	ret = gnutls_x509_privkey_cpy(key, newkey);
+	gnutls_x509_privkey_deinit(newkey);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	ret = 0;
+      fail:
+
+	gnutls_pkcs12_deinit(p12);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_privkey_import2:
+ * @key: The data to store the parsed key
+ * @data: The DER or PEM encoded key.
+ * @format: One of DER or PEM
+ * @password: A password (optional)
+ * @flags: an ORed sequence of gnutls_pkcs_encrypt_flags_t
+ *
+ * This function will import the given DER or PEM encoded key, to 
+ * the native #gnutls_x509_privkey_t format, irrespective of the
+ * input format. The input format is auto-detected.
+ *
+ * The supported formats are basic unencrypted key, PKCS8, PKCS12,
+ * and the openssl format.
+ *
+ * If the provided key is encrypted but no password was given, then
+ * %GNUTLS_E_DECRYPTION_FAILED is returned. Since GnuTLS 3.4.0 this
+ * function will utilize the PIN callbacks if any.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_import2(gnutls_x509_privkey_t key,
+			    const gnutls_datum_t * data,
+			    gnutls_x509_crt_fmt_t format,
+			    const char *password, unsigned int flags)
+{
+	int ret = 0;
+	int saved_ret = GNUTLS_E_PARSING_ERROR;
+	char pin[GNUTLS_PKCS11_MAX_PIN_LEN];
+	unsigned head_enc = 1;
+
+	if (format == GNUTLS_X509_FMT_PEM) {
+		size_t left;
+		char *ptr;
+
+		ptr = memmem(data->data, data->size, "PRIVATE KEY-----", sizeof("PRIVATE KEY-----")-1);
+
+		if (ptr != NULL) {
+			left = data->size - ((ptrdiff_t)ptr - (ptrdiff_t)data->data);
+
+			if (data->size - left > 15) {
+				ptr -= 15;
+				left += 15;
+			} else {
+				ptr = (char*)data->data;
+				left = data->size;
+			}
+
+			ptr = memmem(ptr, left, "-----BEGIN ", sizeof("-----BEGIN ")-1);
+			if (ptr != NULL) {
+				ptr += sizeof("-----BEGIN ")-1;
+				left = data->size - ((ptrdiff_t)ptr - (ptrdiff_t)data->data);
+			}
+
+			if (ptr != NULL && left > sizeof(PEM_KEY_RSA)) {
+				if (memcmp(ptr, PEM_KEY_RSA, sizeof(PEM_KEY_RSA)-1) == 0 ||
+				    memcmp(ptr, PEM_KEY_ECC, sizeof(PEM_KEY_ECC)-1) == 0 ||
+				    memcmp(ptr, PEM_KEY_DSA, sizeof(PEM_KEY_DSA)-1) == 0) {
+					head_enc = 0;
+				}
+			}
+		}
+	}
+
+	if (head_enc == 0 || (password == NULL && !(flags & GNUTLS_PKCS_NULL_PASSWORD))) {
+		ret = gnutls_x509_privkey_import(key, data, format);
+		if (ret >= 0)
+			return ret;
+
+		gnutls_assert();
+		saved_ret = ret;
+		/* fall through to PKCS #8 decoding */
+	}
+
+	if ((password != NULL || (flags & GNUTLS_PKCS_NULL_PASSWORD))
+	    || ret < 0) {
+
+		ret =
+		    gnutls_x509_privkey_import_pkcs8(key, data, format,
+						     password, flags);
+
+		if (ret == GNUTLS_E_DECRYPTION_FAILED &&
+		    password == NULL && (!(flags & GNUTLS_PKCS_PLAIN))) {
+		    /* use the callback if any */
+			ret = _gnutls_retrieve_pin(&key->pin, "key:", "", 0, pin, sizeof(pin));
+			if (ret == 0) {
+				password = pin;
+			}
+
+			ret =
+			    gnutls_x509_privkey_import_pkcs8(key, data, format,
+						     password, flags);
+		}
+
+		if (saved_ret == GNUTLS_E_PARSING_ERROR)
+			saved_ret = ret;
+
+		if (ret < 0) {
+			if (ret == GNUTLS_E_DECRYPTION_FAILED)
+				goto cleanup;
+			ret =
+			    import_pkcs12_privkey(key, data, format,
+						  password, flags);
+			if (ret < 0 && format == GNUTLS_X509_FMT_PEM) {
+				if (ret == GNUTLS_E_DECRYPTION_FAILED)
+					goto cleanup;
+
+				ret =
+				    gnutls_x509_privkey_import_openssl(key,
+								       data,
+								       password);
+
+				if (ret == GNUTLS_E_DECRYPTION_FAILED && password == NULL &&
+						(key->pin.cb || _gnutls_pin_func)) {
+					/* use the callback if any */
+					memset(pin, 0, GNUTLS_PKCS11_MAX_PIN_LEN);
+					ret = _gnutls_retrieve_pin(&key->pin, "key:", "", 0, pin, sizeof(pin));
+					if (ret == 0) {
+						ret = gnutls_x509_privkey_import_openssl(key, data, pin);
+					}
+				}
+
+				if (ret < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+			} else {
+				gnutls_assert();
+				goto cleanup;
+			}
+		}
+	}
+
+	ret = 0;
+
+      cleanup:
+	if (ret == GNUTLS_E_PARSING_ERROR)
+		ret = saved_ret;
+
+	return ret;
+}
+
+
+/**
+ * gnutls_x509_privkey_import_rsa_raw:
+ * @key: The data to store the parsed key
+ * @m: holds the modulus
+ * @e: holds the public exponent
+ * @d: holds the private exponent
+ * @p: holds the first prime (p)
+ * @q: holds the second prime (q)
+ * @u: holds the coefficient
+ *
+ * This function will convert the given RSA raw parameters to the
+ * native #gnutls_x509_privkey_t format.  The output will be stored in
+ * @key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_import_rsa_raw(gnutls_x509_privkey_t key,
+				   const gnutls_datum_t * m,
+				   const gnutls_datum_t * e,
+				   const gnutls_datum_t * d,
+				   const gnutls_datum_t * p,
+				   const gnutls_datum_t * q,
+				   const gnutls_datum_t * u)
+{
+	return gnutls_x509_privkey_import_rsa_raw2(key, m, e, d, p, q, u,
+						   NULL, NULL);
+}
+
+/**
+ * gnutls_x509_privkey_import_rsa_raw2:
+ * @key: The data to store the parsed key
+ * @m: holds the modulus
+ * @e: holds the public exponent
+ * @d: holds the private exponent
+ * @p: holds the first prime (p)
+ * @q: holds the second prime (q)
+ * @u: holds the coefficient (optional)
+ * @e1: holds e1 = d mod (p-1) (optional)
+ * @e2: holds e2 = d mod (q-1) (optional)
+ *
+ * This function will convert the given RSA raw parameters to the
+ * native #gnutls_x509_privkey_t format.  The output will be stored in
+ * @key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_import_rsa_raw2(gnutls_x509_privkey_t key,
+				    const gnutls_datum_t * m,
+				    const gnutls_datum_t * e,
+				    const gnutls_datum_t * d,
+				    const gnutls_datum_t * p,
+				    const gnutls_datum_t * q,
+				    const gnutls_datum_t * u,
+				    const gnutls_datum_t * e1,
+				    const gnutls_datum_t * e2)
+{
+	int ret;
+	size_t siz = 0;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	gnutls_pk_params_init(&key->params);
+
+	siz = m->size;
+	if (_gnutls_mpi_init_scan_nz(&key->params.params[RSA_MODULUS], m->data, siz)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+	key->params.params_nr++;
+
+	siz = e->size;
+	if (_gnutls_mpi_init_scan_nz(&key->params.params[RSA_PUB], e->data, siz)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+	key->params.params_nr++;
+
+	if (d) {
+		siz = d->size;
+		if (_gnutls_mpi_init_scan_nz(&key->params.params[RSA_PRIV], d->data, siz)) {
+			gnutls_assert();
+			ret = GNUTLS_E_MPI_SCAN_FAILED;
+			goto cleanup;
+		}
+		key->params.params_nr++;
+	}
+
+	siz = p->size;
+	if (_gnutls_mpi_init_scan_nz(&key->params.params[RSA_PRIME1], p->data, siz)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+	key->params.params_nr++;
+
+	siz = q->size;
+	if (_gnutls_mpi_init_scan_nz(&key->params.params[RSA_PRIME2], q->data, siz)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+	key->params.params_nr++;
+
+	if (u) {
+		siz = u->size;
+		if (_gnutls_mpi_init_scan_nz(&key->params.params[RSA_COEF], u->data, siz)) {
+			gnutls_assert();
+			ret = GNUTLS_E_MPI_SCAN_FAILED;
+			goto cleanup;
+		}
+		key->params.params_nr++;
+	}
+
+	if (e1 && e2) {
+		siz = e1->size;
+		if (_gnutls_mpi_init_scan_nz
+		    (&key->params.params[RSA_E1], e1->data, siz)) {
+			gnutls_assert();
+			ret = GNUTLS_E_MPI_SCAN_FAILED;
+			goto cleanup;
+		}
+		key->params.params_nr++;
+
+		siz = e2->size;
+		if (_gnutls_mpi_init_scan_nz
+		    (&key->params.params[RSA_E2], e2->data, siz)) {
+			gnutls_assert();
+			ret = GNUTLS_E_MPI_SCAN_FAILED;
+			goto cleanup;
+		}
+		key->params.params_nr++;
+	}
+
+	key->params.algo = GNUTLS_PK_RSA;
+
+	ret = _gnutls_pk_fixup(GNUTLS_PK_RSA, GNUTLS_IMPORT, &key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	key->params.params_nr = RSA_PRIVATE_PARAMS;
+	key->params.algo = GNUTLS_PK_RSA;
+
+	ret =
+	    _gnutls_asn1_encode_privkey(&key->key,
+					&key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	return 0;
+
+      cleanup:
+	gnutls_pk_params_clear(&key->params);
+	gnutls_pk_params_release(&key->params);
+	return ret;
+
+}
+
+/**
+ * gnutls_x509_privkey_import_dsa_raw:
+ * @key: The data to store the parsed key
+ * @p: holds the p
+ * @q: holds the q
+ * @g: holds the g
+ * @y: holds the y (optional)
+ * @x: holds the x
+ *
+ * This function will convert the given DSA raw parameters to the
+ * native #gnutls_x509_privkey_t format.  The output will be stored
+ * in @key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_import_dsa_raw(gnutls_x509_privkey_t key,
+				   const gnutls_datum_t * p,
+				   const gnutls_datum_t * q,
+				   const gnutls_datum_t * g,
+				   const gnutls_datum_t * y,
+				   const gnutls_datum_t * x)
+{
+	int ret;
+	size_t siz = 0;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	gnutls_pk_params_init(&key->params);
+
+	siz = p->size;
+	if (_gnutls_mpi_init_scan_nz(&key->params.params[0], p->data, siz)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+
+	siz = q->size;
+	if (_gnutls_mpi_init_scan_nz(&key->params.params[1], q->data, siz)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+
+	siz = g->size;
+	if (_gnutls_mpi_init_scan_nz(&key->params.params[2], g->data, siz)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+
+	if (y) {
+		siz = y->size;
+		if (_gnutls_mpi_init_scan_nz(&key->params.params[3], y->data, siz)) {
+			gnutls_assert();
+			ret = GNUTLS_E_MPI_SCAN_FAILED;
+			goto cleanup;
+		}
+	}
+
+	siz = x->size;
+	if (_gnutls_mpi_init_scan_nz(&key->params.params[4], x->data, siz)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_pk_fixup(GNUTLS_PK_DSA, GNUTLS_IMPORT, &key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	key->params.algo = GNUTLS_PK_DSA;
+	key->params.params_nr = DSA_PRIVATE_PARAMS;
+
+	ret =
+	    _gnutls_asn1_encode_privkey(&key->key,
+					&key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	return 0;
+
+      cleanup:
+	gnutls_pk_params_clear(&key->params);
+	gnutls_pk_params_release(&key->params);
+	return ret;
+
+}
+
+/**
+ * gnutls_x509_privkey_import_ecc_raw:
+ * @key: The data to store the parsed key
+ * @curve: holds the curve
+ * @x: holds the x-coordinate
+ * @y: holds the y-coordinate
+ * @k: holds the k
+ *
+ * This function will convert the given elliptic curve parameters to the
+ * native #gnutls_x509_privkey_t format.  The output will be stored
+ * in @key. For EdDSA keys, the @x and @k values must be in the
+ * native to curve format.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_x509_privkey_import_ecc_raw(gnutls_x509_privkey_t key,
+				   gnutls_ecc_curve_t curve,
+				   const gnutls_datum_t * x,
+				   const gnutls_datum_t * y,
+				   const gnutls_datum_t * k)
+{
+	int ret;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	gnutls_pk_params_init(&key->params);
+
+	key->params.curve = curve;
+
+	if (curve_is_eddsa(curve)) {
+		unsigned size;
+		switch (curve) {
+		case GNUTLS_ECC_CURVE_ED25519:
+			key->params.algo = GNUTLS_PK_EDDSA_ED25519;
+			break;
+		case GNUTLS_ECC_CURVE_ED448:
+			key->params.algo = GNUTLS_PK_EDDSA_ED448;
+			break;
+		default:
+			ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+			goto cleanup;
+		}
+
+		size = gnutls_ecc_curve_get_size(curve);
+		if (x->size != size || k->size != size) {
+			ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+			goto cleanup;
+		}
+
+		ret = _gnutls_set_datum(&key->params.raw_pub, x->data, x->size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gnutls_set_datum(&key->params.raw_priv, k->data, k->size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		return 0;
+	}
+
+	if (_gnutls_mpi_init_scan_nz
+	    (&key->params.params[ECC_X], x->data, x->size)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+	key->params.params_nr++;
+
+	if (_gnutls_mpi_init_scan_nz
+	    (&key->params.params[ECC_Y], y->data, y->size)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+	key->params.params_nr++;
+
+	if (_gnutls_mpi_init_scan_nz
+	    (&key->params.params[ECC_K], k->data, k->size)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+	key->params.params_nr++;
+
+	key->params.algo = GNUTLS_PK_EC;
+
+	ret =
+	    _gnutls_pk_fixup(GNUTLS_PK_EC, GNUTLS_IMPORT, &key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_asn1_encode_privkey(&key->key,
+					&key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	return 0;
+
+      cleanup:
+	gnutls_pk_params_clear(&key->params);
+	gnutls_pk_params_release(&key->params);
+	return ret;
+
+}
+
+/**
+ * gnutls_x509_privkey_import_gost_raw:
+ * @key: The data to store the parsed key
+ * @curve: holds the curve
+ * @digest: will hold the digest
+ * @paramset: will hold the GOST parameter set ID
+ * @x: holds the x-coordinate
+ * @y: holds the y-coordinate
+ * @k: holds the k (private key)
+ *
+ * This function will convert the given GOST private key's parameters to the
+ * native #gnutls_x509_privkey_t format.  The output will be stored
+ * in @key.  @digest should be one of GNUTLS_DIG_GOSR_94,
+ * GNUTLS_DIG_STREEBOG_256 or GNUTLS_DIG_STREEBOG_512.  If @paramset is set to
+ * GNUTLS_GOST_PARAMSET_UNKNOWN default one will be selected depending on
+ * @digest.
+ *
+ * Note: parameters should be stored with least significant byte first. On
+ * version 3.6.3 big-endian format was used incorrectly.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_x509_privkey_import_gost_raw(gnutls_x509_privkey_t key,
+				    gnutls_ecc_curve_t curve,
+				    gnutls_digest_algorithm_t digest,
+				    gnutls_gost_paramset_t paramset,
+				    const gnutls_datum_t * x,
+				    const gnutls_datum_t * y,
+				    const gnutls_datum_t * k)
+{
+	int ret;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	key->params.curve = curve;
+	key->params.algo = _gnutls_digest_gost(digest);
+
+	if (paramset == GNUTLS_GOST_PARAMSET_UNKNOWN)
+		paramset = _gnutls_gost_paramset_default(key->params.algo);
+
+	key->params.gost_params = paramset;
+
+	if (_gnutls_mpi_init_scan_le
+	    (&key->params.params[GOST_X], x->data, x->size)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+	key->params.params_nr++;
+
+	if (_gnutls_mpi_init_scan_le
+	    (&key->params.params[GOST_Y], y->data, y->size)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+	key->params.params_nr++;
+
+	if (_gnutls_mpi_init_scan_le
+	    (&key->params.params[GOST_K], k->data, k->size)) {
+		gnutls_assert();
+		ret = GNUTLS_E_MPI_SCAN_FAILED;
+		goto cleanup;
+	}
+	key->params.params_nr++;
+
+	ret =
+	    _gnutls_pk_fixup(key->params.algo, GNUTLS_IMPORT, &key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	return 0;
+
+      cleanup:
+	gnutls_pk_params_clear(&key->params);
+	gnutls_pk_params_release(&key->params);
+	return ret;
+
+}
+
+
+/**
+ * gnutls_x509_privkey_get_pk_algorithm:
+ * @key: should contain a #gnutls_x509_privkey_t type
+ *
+ * This function will return the public key algorithm of a private
+ * key.
+ *
+ * Returns: a member of the #gnutls_pk_algorithm_t enumeration on
+ *   success, or a negative error code on error.
+ **/
+int gnutls_x509_privkey_get_pk_algorithm(gnutls_x509_privkey_t key)
+{
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return key->params.algo;
+}
+
+/**
+ * gnutls_x509_privkey_get_pk_algorithm2:
+ * @key: should contain a #gnutls_x509_privkey_t type
+ * @bits: The number of bits in the public key algorithm
+ *
+ * This function will return the public key algorithm of a private
+ * key.
+ *
+ * Returns: a member of the #gnutls_pk_algorithm_t enumeration on
+ *   success, or a negative error code on error.
+ **/
+int
+gnutls_x509_privkey_get_pk_algorithm2(gnutls_x509_privkey_t key,
+				      unsigned int *bits)
+{
+	int ret;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (bits) {
+		ret = pubkey_to_bits(&key->params);
+		if (ret < 0)
+			ret = 0;
+		*bits = ret;
+	}
+
+	return key->params.algo;
+}
+
+void
+_gnutls_x509_privkey_get_spki_params(gnutls_x509_privkey_t key,
+				     gnutls_x509_spki_st *params)
+{
+	memcpy(params, &key->params.spki, sizeof(gnutls_x509_spki_st));
+}
+
+/**
+ * gnutls_x509_privkey_get_spki:
+ * @key: should contain a #gnutls_x509_privkey_t type
+ * @spki: a SubjectPublicKeyInfo structure of type #gnutls_x509_spki_t
+ * @flags: must be zero
+ *
+ * This function will return the public key information of a private
+ * key. The provided @spki must be initialized.
+ *
+ * Returns: Zero on success, or a negative error code on error.
+ **/
+int
+gnutls_x509_privkey_get_spki(gnutls_x509_privkey_t key, gnutls_x509_spki_t spki, unsigned int flags)
+{
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (key->params.spki.pk == GNUTLS_PK_UNKNOWN)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	_gnutls_x509_privkey_get_spki_params(key, spki);
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_privkey_set_spki:
+ * @key: should contain a #gnutls_x509_privkey_t type
+ * @spki: a SubjectPublicKeyInfo structure of type #gnutls_x509_spki_t
+ * @flags: must be zero
+ *
+ * This function will return the public key information of a private
+ * key. The provided @spki must be initialized.
+ *
+ * Returns: Zero on success, or a negative error code on error.
+ **/
+int
+gnutls_x509_privkey_set_spki(gnutls_x509_privkey_t key, const gnutls_x509_spki_t spki, unsigned int flags)
+{
+	gnutls_pk_params_st tparams;
+	int ret;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (!_gnutls_pk_are_compat(key->params.algo, spki->pk))
+                return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	memcpy(&tparams, &key->params, sizeof(gnutls_pk_params_st));
+	memcpy(&tparams.spki, spki, sizeof (gnutls_x509_spki_st));
+	ret = _gnutls_x509_check_pubkey_params(&tparams);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	memcpy(&key->params.spki, spki, sizeof (gnutls_x509_spki_st));
+
+	key->params.algo = spki->pk;
+
+	return 0;
+}
+
+static const char *set_msg(gnutls_x509_privkey_t key)
+{
+	if (GNUTLS_PK_IS_RSA(key->params.algo)) {
+		return PEM_KEY_RSA;
+	} else if (key->params.algo == GNUTLS_PK_DSA) {
+		return PEM_KEY_DSA;
+	} else if (key->params.algo == GNUTLS_PK_EC)
+		return PEM_KEY_ECC;
+	else
+		return "UNKNOWN";
+}
+
+/**
+ * gnutls_x509_privkey_export:
+ * @key: Holds the key
+ * @format: the format of output params. One of PEM or DER.
+ * @output_data: will contain a private key PEM or DER encoded
+ * @output_data_size: holds the size of output_data (and will be
+ *   replaced by the actual size of parameters)
+ *
+ * This function will export the private key to a PKCS#1 structure for
+ * RSA or RSA-PSS keys, and integer sequence for DSA keys. Other keys types
+ * will be exported in PKCS#8 form.
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN RSA PRIVATE KEY".
+ *
+ * It is recommended to use gnutls_x509_privkey_export_pkcs8() instead
+ * of this function, when a consistent output format is required.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_export(gnutls_x509_privkey_t key,
+			   gnutls_x509_crt_fmt_t format, void *output_data,
+			   size_t * output_data_size)
+{
+	gnutls_datum_t out;
+	int ret;
+
+	ret = gnutls_x509_privkey_export2(key, format, &out);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (format == GNUTLS_X509_FMT_PEM)
+		ret = _gnutls_copy_string(&out, output_data, output_data_size);
+	else
+		ret = _gnutls_copy_data(&out, output_data, output_data_size);
+	gnutls_free(out.data);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_privkey_export2:
+ * @key: Holds the key
+ * @format: the format of output params. One of PEM or DER.
+ * @out: will contain a private key PEM or DER encoded
+ *
+ * This function will export the private key to a PKCS#1 structure for
+ * RSA or RSA-PSS keys, and integer sequence for DSA keys. Other keys types
+ * will be exported in PKCS#8 form.
+ *
+ * The output buffer is allocated using gnutls_malloc().
+ *
+ * It is recommended to use gnutls_x509_privkey_export2_pkcs8() instead
+ * of this function, when a consistent output format is required.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since 3.1.3
+ **/
+int
+gnutls_x509_privkey_export2(gnutls_x509_privkey_t key,
+			    gnutls_x509_crt_fmt_t format,
+			    gnutls_datum_t * out)
+{
+	const char *msg;
+	int ret;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (key->key == NULL) { /* can only export in PKCS#8 form */
+		return gnutls_x509_privkey_export2_pkcs8(key, format, NULL, 0, out);
+	}
+
+	msg = set_msg(key);
+
+	if (key->flags & GNUTLS_PRIVKEY_FLAG_EXPORT_COMPAT) {
+		ret = gnutls_x509_privkey_fix(key);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	return _gnutls_x509_export_int2(key->key, format, msg, out);
+}
+
+/**
+ * gnutls_x509_privkey_sec_param:
+ * @key: a key
+ *
+ * This function will return the security parameter appropriate with
+ * this private key.
+ *
+ * Returns: On success, a valid security parameter is returned otherwise
+ * %GNUTLS_SEC_PARAM_UNKNOWN is returned.
+ *
+ * Since: 2.12.0
+ **/
+gnutls_sec_param_t gnutls_x509_privkey_sec_param(gnutls_x509_privkey_t key)
+{
+	int bits;
+
+	bits = pubkey_to_bits(&key->params);
+	if (bits <= 0)
+		return GNUTLS_SEC_PARAM_UNKNOWN;
+
+	return gnutls_pk_bits_to_sec_param(key->params.algo, bits);
+}
+
+/**
+ * gnutls_x509_privkey_export_ecc_raw:
+ * @key: a key
+ * @curve: will hold the curve
+ * @x: will hold the x-coordinate
+ * @y: will hold the y-coordinate
+ * @k: will hold the private key
+ *
+ * This function will export the ECC private key's parameters found
+ * in the given structure. The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * In EdDSA curves the @y parameter will be %NULL and the other parameters
+ * will be in the native format for the curve.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int gnutls_x509_privkey_export_ecc_raw(gnutls_x509_privkey_t key,
+				       gnutls_ecc_curve_t *curve,
+				       gnutls_datum_t *x,
+				       gnutls_datum_t *y,
+				       gnutls_datum_t *k)
+{
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_params_get_ecc_raw(&key->params, curve, x, y, k, 0);
+}
+
+/**
+ * gnutls_x509_privkey_export_gost_raw:
+ * @key: a key
+ * @curve: will hold the curve
+ * @digest: will hold the digest
+ * @paramset: will hold the GOST parameter set ID
+ * @x: will hold the x-coordinate
+ * @y: will hold the y-coordinate
+ * @k: will hold the private key
+ *
+ * This function will export the GOST private key's parameters found
+ * in the given structure. The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Note: parameters will be stored with least significant byte first. On
+ * version 3.6.3 this was incorrectly returned in big-endian format.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.3
+ **/
+int gnutls_x509_privkey_export_gost_raw(gnutls_x509_privkey_t key,
+					gnutls_ecc_curve_t * curve,
+					gnutls_digest_algorithm_t * digest,
+					gnutls_gost_paramset_t * paramset,
+					gnutls_datum_t * x,
+					gnutls_datum_t * y,
+					gnutls_datum_t * k)
+{
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_params_get_gost_raw(&key->params, curve, digest, paramset,
+					   x, y, k, 0);
+}
+
+/**
+ * gnutls_x509_privkey_export_rsa_raw:
+ * @key: a key
+ * @m: will hold the modulus
+ * @e: will hold the public exponent
+ * @d: will hold the private exponent
+ * @p: will hold the first prime (p)
+ * @q: will hold the second prime (q)
+ * @u: will hold the coefficient
+ *
+ * This function will export the RSA private key's parameters found
+ * in the given structure. The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_export_rsa_raw(gnutls_x509_privkey_t key,
+				   gnutls_datum_t * m, gnutls_datum_t * e,
+				   gnutls_datum_t * d, gnutls_datum_t * p,
+				   gnutls_datum_t * q, gnutls_datum_t * u)
+{
+	return _gnutls_params_get_rsa_raw(&key->params, m, e, d, p, q, u, NULL, NULL, 0);
+}
+
+/**
+ * gnutls_x509_privkey_export_rsa_raw2:
+ * @key: a key
+ * @m: will hold the modulus
+ * @e: will hold the public exponent
+ * @d: will hold the private exponent
+ * @p: will hold the first prime (p)
+ * @q: will hold the second prime (q)
+ * @u: will hold the coefficient
+ * @e1: will hold e1 = d mod (p-1)
+ * @e2: will hold e2 = d mod (q-1)
+ *
+ * This function will export the RSA private key's parameters found
+ * in the given structure. The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_x509_privkey_export_rsa_raw2(gnutls_x509_privkey_t key,
+				    gnutls_datum_t * m, gnutls_datum_t * e,
+				    gnutls_datum_t * d, gnutls_datum_t * p,
+				    gnutls_datum_t * q, gnutls_datum_t * u,
+				    gnutls_datum_t * e1,
+				    gnutls_datum_t * e2)
+{
+	return _gnutls_params_get_rsa_raw(&key->params, m, e, d, p, q, u, e1, e2, 0);
+}
+
+/**
+ * gnutls_x509_privkey_export_dsa_raw:
+ * @key: a key
+ * @p: will hold the p
+ * @q: will hold the q
+ * @g: will hold the g
+ * @y: will hold the y
+ * @x: will hold the x
+ *
+ * This function will export the DSA private key's parameters found
+ * in the given structure. The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_export_dsa_raw(gnutls_x509_privkey_t key,
+				   gnutls_datum_t * p, gnutls_datum_t * q,
+				   gnutls_datum_t * g, gnutls_datum_t * y,
+				   gnutls_datum_t * x)
+{
+	return _gnutls_params_get_dsa_raw(&key->params, p, q, g, y, x, 0);
+}
+
+/**
+ * gnutls_x509_privkey_generate:
+ * @key: an initialized key
+ * @algo: is one of the algorithms in #gnutls_pk_algorithm_t.
+ * @bits: the size of the parameters to generate
+ * @flags: Must be zero or flags from #gnutls_privkey_flags_t.
+ *
+ * This function will generate a random private key. Note that this
+ * function must be called on an initialized private key.
+ *
+ * The flag %GNUTLS_PRIVKEY_FLAG_PROVABLE
+ * instructs the key generation process to use algorithms like Shawe-Taylor
+ * (from FIPS PUB186-4) which generate provable parameters out of a seed
+ * for RSA and DSA keys. See gnutls_x509_privkey_generate2() for more
+ * information.
+ *
+ * Note that when generating an elliptic curve key, the curve
+ * can be substituted in the place of the bits parameter using the
+ * GNUTLS_CURVE_TO_BITS() macro. The input to the macro is any curve from
+ * %gnutls_ecc_curve_t.
+ *
+ * For DSA keys, if the subgroup size needs to be specified check
+ * the GNUTLS_SUBGROUP_TO_BITS() macro.
+ *
+ * It is recommended to do not set the number of @bits directly, use gnutls_sec_param_to_pk_bits() instead .
+ *
+ * See also gnutls_privkey_generate(), gnutls_x509_privkey_generate2().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_generate(gnutls_x509_privkey_t key,
+			     gnutls_pk_algorithm_t algo, unsigned int bits,
+			     unsigned int flags)
+{
+	return gnutls_x509_privkey_generate2(key, algo, bits, flags, NULL, 0);   
+}
+
+/**
+ * gnutls_x509_privkey_generate2:
+ * @key: a key
+ * @algo: is one of the algorithms in #gnutls_pk_algorithm_t.
+ * @bits: the size of the modulus
+ * @flags: Must be zero or flags from #gnutls_privkey_flags_t.
+ * @data: Allow specifying %gnutls_keygen_data_st types such as the seed to be used.
+ * @data_size: The number of @data available.
+ *
+ * This function will generate a random private key. Note that this
+ * function must be called on an initialized private key.
+ *
+ * The flag %GNUTLS_PRIVKEY_FLAG_PROVABLE
+ * instructs the key generation process to use algorithms like Shawe-Taylor
+ * (from FIPS PUB186-4) which generate provable parameters out of a seed
+ * for RSA and DSA keys. On DSA keys the PQG parameters are generated using the
+ * seed, while on RSA the two primes. To specify an explicit seed
+ * (by default a random seed is used), use the @data with a %GNUTLS_KEYGEN_SEED
+ * type.
+ *
+ * Note that when generating an elliptic curve key, the curve
+ * can be substituted in the place of the bits parameter using the
+ * GNUTLS_CURVE_TO_BITS() macro.
+ *
+ * To export the generated keys in memory or in files it is recommended to use the
+ * PKCS#8 form as it can handle all key types, and can store additional parameters
+ * such as the seed, in case of provable RSA or DSA keys.
+ * Generated keys can be exported in memory using gnutls_privkey_export_x509(),
+ * and then with gnutls_x509_privkey_export2_pkcs8().
+ *
+ * If key generation is part of your application, avoid setting the number
+ * of bits directly, and instead use gnutls_sec_param_to_pk_bits().
+ * That way the generated keys will adapt to the security levels
+ * of the underlying GnuTLS library.
+ *
+ * See also gnutls_privkey_generate2().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_generate2(gnutls_x509_privkey_t key,
+			      gnutls_pk_algorithm_t algo, unsigned int bits,
+			      unsigned int flags, const gnutls_keygen_data_st *data, unsigned data_size)
+{
+	int ret;
+	unsigned i;
+	gnutls_x509_spki_t tpki = NULL;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	gnutls_pk_params_init(&key->params);
+
+	for (i=0;i<data_size;i++) {
+		if (data[i].type == GNUTLS_KEYGEN_SEED && data[i].size < sizeof(key->params.seed)) {
+			key->params.seed_size = data[i].size;
+			memcpy(key->params.seed, data[i].data, data[i].size);
+		} else if (data[i].type == GNUTLS_KEYGEN_DIGEST) {
+			key->params.palgo = data[i].size;
+		} else if (data[i].type == GNUTLS_KEYGEN_SPKI) {
+			tpki = (void*)data[i].data;
+		}
+	}
+
+	if (IS_EC(algo)) {
+		if (GNUTLS_BITS_ARE_CURVE(bits))
+			bits = GNUTLS_BITS_TO_CURVE(bits);
+		else
+			bits = _gnutls_ecc_bits_to_curve(algo, bits);
+
+		if (gnutls_ecc_curve_get_pk(bits) != algo) {
+			_gnutls_debug_log("curve is incompatible with public key algorithm\n");
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		}
+	}
+
+	if (IS_GOSTEC(algo)) {
+		int size;
+
+		if (GNUTLS_BITS_ARE_CURVE(bits))
+			bits = GNUTLS_BITS_TO_CURVE(bits);
+		else
+			bits = _gnutls_ecc_bits_to_curve(algo, bits);
+
+		size = gnutls_ecc_curve_get_size(bits);
+
+		if ((algo == GNUTLS_PK_GOST_01 && size != 32) ||
+		    (algo == GNUTLS_PK_GOST_12_256 && size != 32) ||
+		    (algo == GNUTLS_PK_GOST_12_512 && size != 64)) {
+			_gnutls_debug_log("curve is incompatible with public key algorithm\n");
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		}
+
+		key->params.gost_params = _gnutls_gost_paramset_default(algo);
+	}
+
+	if (flags & GNUTLS_PRIVKEY_FLAG_PROVABLE) {
+		key->params.pkflags |= GNUTLS_PK_FLAG_PROVABLE;
+	}
+
+	key->params.algo = algo;
+
+	ret = _gnutls_pk_generate_params(algo, bits, &key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (algo == GNUTLS_PK_RSA_PSS && (flags & GNUTLS_PRIVKEY_FLAG_CA) &&
+	    !key->params.spki.pk) {
+		const mac_entry_st *me;
+		key->params.spki.pk = GNUTLS_PK_RSA_PSS;
+
+		key->params.spki.rsa_pss_dig = _gnutls_pk_bits_to_sha_hash(bits);
+
+		me = hash_to_entry(key->params.spki.rsa_pss_dig);
+		if (unlikely(me == NULL)) {
+			gnutls_assert();
+			ret = GNUTLS_E_INVALID_REQUEST;
+			goto cleanup;
+		}
+
+		ret = _gnutls_find_rsa_pss_salt_size(bits, me, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		key->params.spki.salt_size = ret;
+	}
+
+	ret = _gnutls_pk_generate_keys(algo, bits, &key->params, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_pk_verify_priv_params(algo, &key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (tpki) {
+		ret = gnutls_x509_privkey_set_spki(key, tpki, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret = _gnutls_asn1_encode_privkey(&key->key, &key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	return 0;
+
+      cleanup:
+	key->params.algo = GNUTLS_PK_UNKNOWN;
+	gnutls_pk_params_clear(&key->params);
+	gnutls_pk_params_release(&key->params);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_privkey_get_seed:
+ * @key: should contain a #gnutls_x509_privkey_t type
+ * @digest: if non-NULL it will contain the digest algorithm used for key generation (if applicable)
+ * @seed: where seed will be copied to
+ * @seed_size: originally holds the size of @seed, will be updated with actual size
+ *
+ * This function will return the seed that was used to generate the
+ * given private key. That function will succeed only if the key was generated
+ * as a provable key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.0
+ **/
+int gnutls_x509_privkey_get_seed(gnutls_x509_privkey_t key, gnutls_digest_algorithm_t *digest, void *seed, size_t *seed_size)
+{
+	if (key->params.seed_size == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (seed_size == NULL || seed == NULL) {
+		if (key->params.seed_size)
+			return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+		else
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if (*seed_size < key->params.seed_size) {
+		*seed_size = key->params.seed_size;
+		return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+	}
+
+	if (digest)
+		*digest = key->params.palgo;
+
+	memcpy(seed, key->params.seed, key->params.seed_size);
+	*seed_size = key->params.seed_size; 
+	return 0;
+}
+
+static
+int cmp_rsa_key(gnutls_x509_privkey_t key1, gnutls_x509_privkey_t key2)
+{
+	gnutls_datum_t m1 = {NULL, 0}, e1 = {NULL, 0}, d1 = {NULL, 0}, p1 = {NULL, 0}, q1 = {NULL, 0};
+	gnutls_datum_t m2 = {NULL, 0}, e2 = {NULL, 0}, d2 = {NULL, 0}, p2 = {NULL, 0}, q2 = {NULL, 0};
+	int ret;
+
+	ret = gnutls_x509_privkey_export_rsa_raw(key1, &m1, &e1, &d1, &p1, &q1, NULL);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_x509_privkey_export_rsa_raw(key2, &m2, &e2, &d2, &p2, &q2, NULL);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (m1.size != m2.size || memcmp(m1.data, m2.data, m1.size) != 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_PRIVKEY_VERIFICATION_ERROR;
+		goto cleanup;
+	}
+
+	if (d1.size != d2.size || memcmp(d1.data, d2.data, d1.size) != 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_PRIVKEY_VERIFICATION_ERROR;
+		goto cleanup;
+	}
+
+	if (e1.size != e2.size || memcmp(e1.data, e2.data, e1.size) != 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_PRIVKEY_VERIFICATION_ERROR;
+		goto cleanup;
+	}
+
+	if (p1.size != p2.size || memcmp(p1.data, p2.data, p1.size) != 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_PRIVKEY_VERIFICATION_ERROR;
+		goto cleanup;
+	}
+
+	if (q1.size != q2.size || memcmp(q1.data, q2.data, q1.size) != 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_PRIVKEY_VERIFICATION_ERROR;
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_free(m1.data);
+	gnutls_free(e1.data);
+	gnutls_free(d1.data);
+	gnutls_free(p1.data);
+	gnutls_free(q1.data);
+	gnutls_free(m2.data);
+	gnutls_free(e2.data);
+	gnutls_free(d2.data);
+	gnutls_free(p2.data);
+	gnutls_free(q2.data);
+	return ret;
+}
+
+static
+int cmp_dsa_key(gnutls_x509_privkey_t key1, gnutls_x509_privkey_t key2)
+{
+	gnutls_datum_t p1 = {NULL, 0}, q1 = {NULL, 0}, g1 = {NULL, 0};
+	gnutls_datum_t p2 = {NULL, 0}, q2 = {NULL, 0}, g2 = {NULL, 0};
+	int ret;
+
+	ret = gnutls_x509_privkey_export_dsa_raw(key1, &p1, &q1, &g1, NULL, NULL);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = gnutls_x509_privkey_export_dsa_raw(key2, &p2, &q2, &g2, NULL, NULL);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (g1.size != g2.size || memcmp(g1.data, g2.data, g1.size) != 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_PRIVKEY_VERIFICATION_ERROR;
+		goto cleanup;
+	}
+
+	if (p1.size != p2.size || memcmp(p1.data, p2.data, p1.size) != 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_PRIVKEY_VERIFICATION_ERROR;
+		goto cleanup;
+	}
+
+	if (q1.size != q2.size || memcmp(q1.data, q2.data, q1.size) != 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_PRIVKEY_VERIFICATION_ERROR;
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_free(g1.data);
+	gnutls_free(p1.data);
+	gnutls_free(q1.data);
+	gnutls_free(g2.data);
+	gnutls_free(p2.data);
+	gnutls_free(q2.data);
+	return ret;
+}
+
+/**
+ * gnutls_x509_privkey_verify_seed:
+ * @key: should contain a #gnutls_x509_privkey_t type
+ * @digest: it contains the digest algorithm used for key generation (if applicable)
+ * @seed: the seed of the key to be checked with
+ * @seed_size: holds the size of @seed
+ *
+ * This function will verify that the given private key was generated from
+ * the provided seed. If @seed is %NULL then the seed stored in the @key's structure
+ * will be used for verification.
+ *
+ * Returns: In case of a verification failure %GNUTLS_E_PRIVKEY_VERIFICATION_ERROR
+ * is returned, and zero or positive code on success.
+ *
+ * Since: 3.5.0
+ **/
+int gnutls_x509_privkey_verify_seed(gnutls_x509_privkey_t key, gnutls_digest_algorithm_t digest, const void *seed, size_t seed_size)
+{
+	int ret;
+	gnutls_x509_privkey_t okey;
+	unsigned bits;
+	gnutls_keygen_data_st data;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (key->params.algo != GNUTLS_PK_RSA && key->params.algo != GNUTLS_PK_DSA)
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+
+	ret = gnutls_x509_privkey_get_pk_algorithm2(key, &bits);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_x509_privkey_init(&okey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (seed == NULL) {
+		seed = key->params.seed;
+		seed_size = key->params.seed_size;
+	}
+
+	if (seed == NULL || seed_size == 0)
+		return gnutls_assert_val(GNUTLS_E_PK_NO_VALIDATION_PARAMS);
+
+	data.type = GNUTLS_KEYGEN_SEED;
+	data.data = (void*)seed;
+	data.size = seed_size;
+
+	ret = gnutls_x509_privkey_generate2(okey, key->params.algo, bits,
+					    GNUTLS_PRIVKEY_FLAG_PROVABLE, &data, 1);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (key->params.algo == GNUTLS_PK_RSA)
+		ret = cmp_rsa_key(key, okey);
+	else
+		ret = cmp_dsa_key(key, okey);
+
+      cleanup:
+	gnutls_x509_privkey_deinit(okey);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_privkey_verify_params:
+ * @key: a key
+ *
+ * This function will verify the private key parameters.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_x509_privkey_verify_params(gnutls_x509_privkey_t key)
+{
+	int ret;
+
+	ret = _gnutls_pk_verify_priv_params(key->params.algo, &key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_privkey_get_key_id:
+ * @key: a key
+ * @flags: should be one of the flags from %gnutls_keyid_flags_t
+ * @output_data: will contain the key ID
+ * @output_data_size: holds the size of output_data (and will be
+ *   replaced by the actual size of parameters)
+ *
+ * This function will return a unique ID that depends on the public key
+ * parameters. This ID can be used in checking whether a certificate
+ * corresponds to the given key.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *@output_data_size is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER will
+ * be returned.  The output will normally be a SHA-1 hash output,
+ * which is 20 bytes.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_get_key_id(gnutls_x509_privkey_t key,
+			       unsigned int flags,
+			       unsigned char *output_data,
+			       size_t * output_data_size)
+{
+	int ret;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret =
+	    _gnutls_get_key_id(&key->params,
+			       output_data, output_data_size, flags);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+	return ret;
+}
+
+
+/**
+ * gnutls_x509_privkey_sign_hash:
+ * @key: a key
+ * @hash: holds the data to be signed
+ * @signature: will contain newly allocated signature
+ *
+ * This function will sign the given hash using the private key. Do not
+ * use this function directly unless you know what it is. Typical signing
+ * requires the data to be hashed and stored in special formats 
+ * (e.g. BER Digest-Info for RSA).
+ *
+ * This API is provided only for backwards compatibility, and thus
+ * restricted to RSA, DSA and ECDSA key types. For other key types please
+ * use gnutls_privkey_sign_hash() and gnutls_privkey_sign_data().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Deprecated in: 2.12.0
+ */
+int
+gnutls_x509_privkey_sign_hash(gnutls_x509_privkey_t key,
+			      const gnutls_datum_t * hash,
+			      gnutls_datum_t * signature)
+{
+	int result;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (key->params.algo != GNUTLS_PK_RSA && key->params.algo != GNUTLS_PK_ECDSA &&
+	    key->params.algo != GNUTLS_PK_DSA) {
+		/* too primitive API - use only with legacy types */
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result =
+	    _gnutls_pk_sign(key->params.algo, signature, hash,
+			    &key->params, &key->params.spki);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_privkey_sign_data:
+ * @key: a key
+ * @digest: should be a digest algorithm
+ * @flags: should be 0 for now
+ * @data: holds the data to be signed
+ * @signature: will contain the signature
+ * @signature_size: holds the size of signature (and will be replaced
+ *   by the new size)
+ *
+ * This function will sign the given data using a signature algorithm
+ * supported by the private key. Signature algorithms are always used
+ * together with a hash functions.  Different hash functions may be
+ * used for the RSA algorithm, but only SHA-1 for the DSA keys.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *@signature_size is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER will
+ * be returned.
+ *
+ * Use gnutls_x509_crt_get_preferred_hash_algorithm() to determine
+ * the hash algorithm.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ */
+int
+gnutls_x509_privkey_sign_data(gnutls_x509_privkey_t key,
+			      gnutls_digest_algorithm_t digest,
+			      unsigned int flags,
+			      const gnutls_datum_t * data,
+			      void *signature, size_t * signature_size)
+{
+	gnutls_privkey_t privkey;
+	gnutls_datum_t sig = {NULL, 0};
+	int ret;
+
+	ret = gnutls_privkey_init(&privkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_privkey_import_x509(privkey, key, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_privkey_sign_data(privkey, digest, flags, data, &sig);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (*signature_size < sig.size) {
+		*signature_size = sig.size;
+		ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
+		goto cleanup;
+	}
+
+	*signature_size = sig.size;
+	memcpy(signature, sig.data, sig.size);
+
+cleanup:
+	_gnutls_free_datum(&sig);
+	gnutls_privkey_deinit(privkey);
+	return ret;
+}
+
+/**
+ * gnutls_x509_privkey_fix:
+ * @key: a key
+ *
+ * This function will recalculate the secondary parameters in a key.
+ * In RSA keys, this can be the coefficient and exponent1,2.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_x509_privkey_fix(gnutls_x509_privkey_t key)
+{
+	int ret;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (key->key) {
+		asn1_delete_structure2(&key->key, ASN1_DELETE_FLAG_ZEROIZE);
+
+		ret =
+		    _gnutls_asn1_encode_privkey(&key->key,
+						&key->params);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_privkey_set_pin_function:
+ * @privkey: The certificate structure
+ * @fn: the callback
+ * @userdata: data associated with the callback
+ *
+ * This function will set a callback function to be used when
+ * it is required to access a protected object. This function overrides 
+ * the global function set using gnutls_pkcs11_set_pin_function().
+ *
+ * Note that this callback is used when decrypting a key.
+ *
+ * Since: 3.4.0
+ *
+ **/
+void gnutls_x509_privkey_set_pin_function(gnutls_x509_privkey_t privkey,
+				      gnutls_pin_callback_t fn,
+				      void *userdata)
+{
+	privkey->pin.cb = fn;
+	privkey->pin.data = userdata;
+}
+
+/**
+ * gnutls_x509_privkey_set_flags:
+ * @key: A key of type #gnutls_x509_privkey_t
+ * @flags: flags from the %gnutls_privkey_flags
+ *
+ * This function will set flags for the specified private key, after
+ * it is generated. Currently this is useful for the %GNUTLS_PRIVKEY_FLAG_EXPORT_COMPAT
+ * to allow exporting a "provable" private key in backwards compatible way.
+ *
+ * Since: 3.5.0
+ *
+ **/
+void gnutls_x509_privkey_set_flags(gnutls_x509_privkey_t key,
+				   unsigned int flags)
+{
+	key->flags |= flags;
+}
+
diff --git a/lib/x509/privkey_openssl.c b/lib/x509/privkey_openssl.c
new file mode 100644
index 0000000..9fc70e0
--- /dev/null
+++ b/lib/x509/privkey_openssl.c
@@ -0,0 +1,347 @@
+/*
+ * Copyright (C) 2012 Free Software Foundation, Inc.
+ *
+ * Author: David Woodhouse
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <x509.h>
+#include <x509_b64.h>
+#include "x509_int.h"
+#include <algorithms.h>
+#include <num.h>
+#include <random.h>
+
+static int
+openssl_hash_password(const char *_password, gnutls_datum_t * key,
+		      gnutls_datum_t * salt)
+{
+	unsigned char md5[16];
+	digest_hd_st hd;
+	unsigned int count = 0;
+	int ret;
+	char *password = NULL;
+
+	if (_password != NULL) {
+		gnutls_datum_t pout;
+		ret = _gnutls_utf8_password_normalize(_password, strlen(_password), &pout, 1);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		password = (char*)pout.data;
+	}
+
+	while (count < key->size) {
+		ret = _gnutls_hash_init(&hd, mac_to_entry(GNUTLS_MAC_MD5));
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		if (count) {
+			ret = _gnutls_hash(&hd, md5, sizeof(md5));
+			if (ret < 0) {
+			      hash_err:
+				_gnutls_hash_deinit(&hd, NULL);
+				gnutls_assert();
+				goto cleanup;
+			}
+		}
+
+		if (password) {
+			ret = _gnutls_hash(&hd, password, strlen(password));
+			if (ret < 0) {
+				gnutls_assert();
+				goto hash_err;
+			}
+		}
+		ret = _gnutls_hash(&hd, salt->data, 8);
+		if (ret < 0) {
+			gnutls_assert();
+			goto hash_err;
+		}
+
+		_gnutls_hash_deinit(&hd, md5);
+
+		if (key->size - count <= sizeof(md5)) {
+			memcpy(&key->data[count], md5, key->size - count);
+			break;
+		}
+
+		memcpy(&key->data[count], md5, sizeof(md5));
+		count += sizeof(md5);
+	}
+	ret = 0;
+
+ cleanup:
+	gnutls_free(password);
+	return ret;
+}
+
+struct pem_cipher {
+	const char *name;
+	gnutls_cipher_algorithm_t cipher;
+};
+
+static const struct pem_cipher pem_ciphers[] = {
+	{"DES-CBC", GNUTLS_CIPHER_DES_CBC}, 
+	{"DES-EDE3-CBC", GNUTLS_CIPHER_3DES_CBC}, 
+	{"AES-128-CBC", GNUTLS_CIPHER_AES_128_CBC}, 
+	{"AES-192-CBC", GNUTLS_CIPHER_AES_192_CBC}, 
+	{"AES-256-CBC", GNUTLS_CIPHER_AES_256_CBC}, 
+	{"CAMELLIA-128-CBC", GNUTLS_CIPHER_CAMELLIA_128_CBC}, 
+	{"CAMELLIA-192-CBC", GNUTLS_CIPHER_CAMELLIA_192_CBC}, 
+	{"CAMELLIA-256-CBC", GNUTLS_CIPHER_CAMELLIA_256_CBC},
+};
+
+/**
+ * gnutls_x509_privkey_import_openssl:
+ * @key: The data to store the parsed key
+ * @data: The DER or PEM encoded key.
+ * @password: the password to decrypt the key (if it is encrypted).
+ *
+ * This function will convert the given PEM encrypted to 
+ * the native gnutls_x509_privkey_t format. The
+ * output will be stored in @key.  
+ *
+ * The @password should be in ASCII. If the password is not provided
+ * or wrong then %GNUTLS_E_DECRYPTION_FAILED will be returned.
+ *
+ * If the Certificate is PEM encoded it should have a header of
+ * "PRIVATE KEY" and the "DEK-Info" header. 
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_import_openssl(gnutls_x509_privkey_t key,
+				   const gnutls_datum_t * data,
+				   const char *password)
+{
+	gnutls_cipher_hd_t handle;
+	gnutls_cipher_algorithm_t cipher = GNUTLS_CIPHER_UNKNOWN;
+	gnutls_datum_t b64_data;
+	gnutls_datum_t salt, enc_key;
+	unsigned char *key_data;
+	size_t key_data_size;
+	const char *pem_header = (void *) data->data;
+	const char *pem_header_start = (void *) data->data;
+	ssize_t pem_header_size;
+	int ret;
+	unsigned int i, iv_size, l;
+
+	pem_header_size = data->size;
+
+	pem_header =
+	    memmem(pem_header, pem_header_size, "PRIVATE KEY---", 14);
+	if (pem_header == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_PARSING_ERROR;
+	}
+
+	pem_header_size -= (ptrdiff_t) (pem_header - pem_header_start);
+
+	pem_header = memmem(pem_header, pem_header_size, "DEK-Info: ", 10);
+	if (pem_header == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_PARSING_ERROR;
+	}
+
+	pem_header_size =
+	    data->size - (ptrdiff_t) (pem_header - pem_header_start) - 10;
+	pem_header += 10;
+
+	for (i = 0; i < sizeof(pem_ciphers) / sizeof(pem_ciphers[0]); i++) {
+		l = strlen(pem_ciphers[i].name);
+		if (!strncmp(pem_header, pem_ciphers[i].name, l) &&
+		    pem_header[l] == ',') {
+			pem_header += l + 1;
+			cipher = pem_ciphers[i].cipher;
+			break;
+		}
+	}
+
+	if (cipher == GNUTLS_CIPHER_UNKNOWN) {
+		_gnutls_debug_log
+		    ("Unsupported PEM encryption type: %.10s\n",
+		     pem_header);
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	iv_size = gnutls_cipher_get_iv_size(cipher);
+	salt.size = iv_size;
+	salt.data = gnutls_malloc(salt.size);
+	if (!salt.data)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	for (i = 0; i < salt.size * 2; i++) {
+		unsigned char x;
+		const char *c = &pem_header[i];
+
+		if (*c >= '0' && *c <= '9')
+			x = (*c) - '0';
+		else if (*c >= 'A' && *c <= 'F')
+			x = (*c) - 'A' + 10;
+		else {
+			gnutls_assert();
+			/* Invalid salt in encrypted PEM file */
+			ret = GNUTLS_E_INVALID_REQUEST;
+			goto out_salt;
+		}
+		if (i & 1)
+			salt.data[i / 2] |= x;
+		else
+			salt.data[i / 2] = x << 4;
+	}
+
+	pem_header += salt.size * 2;
+	if (*pem_header != '\r' && *pem_header != '\n') {
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto out_salt;
+	}
+	while (*pem_header == '\n' || *pem_header == '\r')
+		pem_header++;
+
+	ret =
+	    _gnutls_base64_decode((const void *) pem_header,
+				  pem_header_size, &b64_data);
+	if (ret < 0) {
+		gnutls_assert();
+		goto out_salt;
+	}
+
+	if (b64_data.size < 16) {
+		/* Just to be sure our parsing is OK */
+		gnutls_assert();
+		ret = GNUTLS_E_PARSING_ERROR;
+		goto out_b64;
+	}
+
+	enc_key.size = gnutls_cipher_get_key_size(cipher);
+	enc_key.data = gnutls_malloc(enc_key.size);
+	if (!enc_key.data) {
+		ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		goto out_b64;
+	}
+
+	key_data_size = b64_data.size;
+	key_data = gnutls_malloc(key_data_size);
+	if (!key_data) {
+		ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		goto out_enc_key;
+	}
+
+	while (1) {
+		memcpy(key_data, b64_data.data, key_data_size);
+
+		ret = openssl_hash_password(password, &enc_key, &salt);
+		if (ret < 0) {
+			gnutls_assert();
+			goto out;
+		}
+
+		ret = gnutls_cipher_init(&handle, cipher, &enc_key, &salt);
+		if (ret < 0) {
+			gnutls_assert();
+			gnutls_cipher_deinit(handle);
+			goto out;
+		}
+
+		ret =
+		    gnutls_cipher_decrypt(handle, key_data, key_data_size);
+		gnutls_cipher_deinit(handle);
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto out;
+		}
+
+		/* We have to strip any padding to accept it.
+		   So a bit more ASN.1 parsing for us. */
+		if (key_data[0] == 0x30) {
+			gnutls_datum_t key_datum;
+			unsigned int blocksize =
+			    gnutls_cipher_get_block_size(cipher);
+			unsigned int keylen = key_data[1];
+			unsigned int ofs = 2;
+
+			if (keylen & 0x80) {
+				int lenlen = keylen & 0x7f;
+				keylen = 0;
+
+				if (lenlen > 3) {
+					gnutls_assert();
+					goto fail;
+				}
+
+				while (lenlen) {
+					keylen <<= 8;
+					keylen |= key_data[ofs++];
+					lenlen--;
+				}
+			}
+			keylen += ofs;
+
+			/* If there appears to be more or less padding than required, fail */
+			if (key_data_size - keylen > blocksize || key_data_size < keylen+1) {
+				gnutls_assert();
+				goto fail;
+			}
+
+			/* If the padding bytes aren't all equal to the amount of padding, fail */
+			ofs = keylen;
+			while (ofs < key_data_size) {
+				if (key_data[ofs] !=
+				    key_data_size - keylen) {
+					gnutls_assert();
+					goto fail;
+				}
+				ofs++;
+			}
+
+			key_datum.data = key_data;
+			key_datum.size = keylen;
+			ret =
+			    gnutls_x509_privkey_import(key, &key_datum,
+						       GNUTLS_X509_FMT_DER);
+			if (ret == 0)
+				goto out;
+		}
+	      fail:
+		ret = GNUTLS_E_DECRYPTION_FAILED;
+		goto out;
+	}
+      out:
+	zeroize_key(key_data, key_data_size);
+	gnutls_free(key_data);
+      out_enc_key:
+	_gnutls_free_key_datum(&enc_key);
+      out_b64:
+	gnutls_free(b64_data.data);
+      out_salt:
+	gnutls_free(salt.data);
+	return ret;
+}
diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c
new file mode 100644
index 0000000..c22ece9
--- /dev/null
+++ b/lib/x509/privkey_pkcs8.c
@@ -0,0 +1,1675 @@
+/*
+ * Copyright (C) 2003-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2014-2017 Red Hat
+ * Copyright (C) 2014-2016 Nikos Mavrogiannopoulos
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <x509.h>
+#include <x509_b64.h>
+#include "x509_int.h"
+#include "pkcs7_int.h"
+#include <algorithms.h>
+#include <num.h>
+#include <random.h>
+#include <pk.h>
+#include "attributes.h"
+#include "prov-seed.h"
+
+static int _decode_pkcs8_ecc_key(asn1_node pkcs8_asn,
+				 gnutls_x509_privkey_t pkey);
+static
+int pkcs8_key_info(const gnutls_datum_t * raw_key,
+		   const struct pkcs_cipher_schema_st **p,
+		   struct pbkdf2_params *kdf_params,
+		   char **oid);
+
+static int decode_private_key_info(const gnutls_datum_t * der,
+				   gnutls_x509_privkey_t pkey);
+
+#define PEM_PKCS8 "ENCRYPTED PRIVATE KEY"
+#define PEM_UNENCRYPTED_PKCS8 "PRIVATE KEY"
+
+/* Returns a negative error code if the encryption schema in
+ * the OID is not supported. The schema ID is returned.
+ */
+/* Encodes a private key to the raw format PKCS #8 needs.
+ * For RSA it is a PKCS #1 DER private key and for DSA it is
+ * an ASN.1 INTEGER of the x value.
+ */
+inline static int
+_encode_privkey(gnutls_x509_privkey_t pkey, gnutls_datum_t * raw)
+{
+	int ret;
+	asn1_node spk = NULL;
+
+	switch (pkey->params.algo) {
+	case GNUTLS_PK_EDDSA_ED25519:
+	case GNUTLS_PK_EDDSA_ED448:
+	case GNUTLS_PK_ECDH_X25519:
+	case GNUTLS_PK_ECDH_X448:
+		/* we encode as octet string (which is going to be stored inside
+		 * another octet string). No comments. */
+		ret = _gnutls_x509_encode_string(ASN1_ETYPE_OCTET_STRING,
+						 pkey->params.raw_priv.data, pkey->params.raw_priv.size,
+						 raw);
+		if (ret < 0)
+			gnutls_assert();
+		return ret;
+
+	case GNUTLS_PK_GOST_01:
+	case GNUTLS_PK_GOST_12_256:
+	case GNUTLS_PK_GOST_12_512:
+		if ((ret = asn1_create_element
+					(_gnutls_get_gnutls_asn(), "GNUTLS.GOSTPrivateKey", &spk))
+				!= ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto error;
+		}
+
+		ret = _gnutls_x509_write_key_int_le(spk, "", pkey->params.params[GOST_K]);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		ret = _gnutls_x509_der_encode(spk, "", raw, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		asn1_delete_structure2(&spk, ASN1_DELETE_FLAG_ZEROIZE);
+		break;
+
+	case GNUTLS_PK_RSA:
+	case GNUTLS_PK_RSA_PSS:
+	case GNUTLS_PK_ECDSA:
+		ret =
+		    _gnutls_x509_export_int2(pkey->key, GNUTLS_X509_FMT_DER,
+					     "", raw);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		break;
+	case GNUTLS_PK_DSA:
+		/* DSAPublicKey == INTEGER */
+		if ((ret = asn1_create_element
+		     (_gnutls_get_gnutls_asn(), "GNUTLS.DSAPublicKey",
+		      &spk))
+		    != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(ret);
+		}
+
+		ret =
+		    _gnutls_x509_write_int(spk, "", pkey->params.params[4],
+					   1);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+		ret = _gnutls_x509_der_encode(spk, "", raw, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		asn1_delete_structure2(&spk, ASN1_DELETE_FLAG_ZEROIZE);
+		break;
+
+	default:
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return 0;
+
+      error:
+	asn1_delete_structure2(&spk, ASN1_DELETE_FLAG_ZEROIZE);
+	asn1_delete_structure(&spk);
+	return ret;
+
+}
+
+/* 
+ * Encodes a PKCS #1 private key to a PKCS #8 private key
+ * info. The output will be allocated and stored into der. Also
+ * the asn1_node of private key info will be returned.
+ */
+static int
+encode_to_private_key_info(gnutls_x509_privkey_t pkey,
+			   gnutls_datum_t * der, asn1_node * pkey_info)
+{
+	int result, len;
+	uint8_t null = 0;
+	const char *oid;
+	gnutls_datum_t algo_params = { NULL, 0 };
+	gnutls_datum_t algo_privkey = { NULL, 0 };
+
+	oid = gnutls_pk_get_oid(pkey->params.algo);
+	if (oid == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+	}
+
+	result =
+	    _gnutls_x509_write_pubkey_params(&pkey->params, &algo_params);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.pkcs-8-PrivateKeyInfo",
+				 pkey_info)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* Write the version.
+	 */
+	result = asn1_write_value(*pkey_info, "version", &null, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* write the privateKeyAlgorithm
+	 * fields. (OID+NULL data)
+	 */
+	result =
+	    asn1_write_value(*pkey_info, "privateKeyAlgorithm.algorithm",
+			     oid, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result =
+	    asn1_write_value(*pkey_info, "privateKeyAlgorithm.parameters",
+			     algo_params.data, algo_params.size);
+	_gnutls_free_key_datum(&algo_params);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+
+	/* Write the raw private key
+	 */
+	result = _encode_privkey(pkey, &algo_privkey);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	result =
+	    asn1_write_value(*pkey_info, "privateKey", algo_privkey.data,
+			     algo_privkey.size);
+	_gnutls_free_key_datum(&algo_privkey);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	if ((pkey->params.pkflags & GNUTLS_PK_FLAG_PROVABLE) && pkey->params.seed_size > 0) {
+		gnutls_datum_t seed_info;
+		/* rfc8479 attribute encoding */
+
+		result = _x509_encode_provable_seed(pkey, &seed_info);
+		if (result < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		result = _x509_set_attribute(*pkey_info, "attributes", OID_ATTR_PROV_SEED, &seed_info);
+		gnutls_free(seed_info.data);
+		if (result < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	} else {
+		/* Append an empty Attributes field.
+		 */
+		result = asn1_write_value(*pkey_info, "attributes", NULL, 0);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto error;
+		}
+	}
+
+	/* DER Encode the generated private key info.
+	 */
+	len = 0;
+	result = asn1_der_coding(*pkey_info, "", NULL, &len, NULL);
+	if (result != ASN1_MEM_ERROR) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* allocate data for the der
+	 */
+	der->size = len;
+	der->data = gnutls_malloc(len);
+	if (der->data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	result = asn1_der_coding(*pkey_info, "", der->data, &len, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	return 0;
+
+      error:
+	asn1_delete_structure2(pkey_info, ASN1_DELETE_FLAG_ZEROIZE);
+	_gnutls_free_datum(&algo_params);
+	_gnutls_free_key_datum(&algo_privkey);
+	return result;
+
+}
+
+/* Converts a PKCS #8 private key info to
+ * a PKCS #8 EncryptedPrivateKeyInfo.
+ */
+static int
+encode_to_pkcs8_key(schema_id schema, const gnutls_datum_t * der_key,
+		    const char *password, asn1_node * out)
+{
+	int result;
+	gnutls_datum_t key = { NULL, 0 };
+	gnutls_datum_t tmp = { NULL, 0 };
+	asn1_node pkcs8_asn = NULL;
+	struct pbkdf2_params kdf_params;
+	struct pbe_enc_params enc_params;
+	const struct pkcs_cipher_schema_st *s;
+
+	s = _gnutls_pkcs_schema_get(schema);
+	if (s == NULL || s->decrypt_only) {
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.pkcs-8-EncryptedPrivateKeyInfo",
+				 &pkcs8_asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* Write the encryption schema OID
+	 */
+	result =
+	    asn1_write_value(pkcs8_asn, "encryptionAlgorithm.algorithm",
+			     s->write_oid, 1);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* Generate a symmetric key.
+	 */
+
+	result =
+	    _gnutls_pkcs_generate_key(schema, password, &kdf_params, &enc_params, &key);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	result =
+	    _gnutls_pkcs_write_schema_params(schema, pkcs8_asn,
+				"encryptionAlgorithm.parameters",
+				&kdf_params, &enc_params);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	/* Parameters have been encoded. Now
+	 * encrypt the Data.
+	 */
+	result = _gnutls_pkcs_raw_encrypt_data(der_key, &enc_params, &key, &tmp);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	/* write the encrypted data.
+	 */
+	result =
+	    asn1_write_value(pkcs8_asn, "encryptedData", tmp.data,
+			     tmp.size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	_gnutls_free_datum(&tmp);
+	_gnutls_free_key_datum(&key);
+
+	*out = pkcs8_asn;
+
+	return 0;
+
+      error:
+	_gnutls_free_key_datum(&key);
+	_gnutls_free_datum(&tmp);
+	asn1_delete_structure2(&pkcs8_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	return result;
+}
+
+
+/**
+ * gnutls_x509_privkey_export_pkcs8:
+ * @key: Holds the key
+ * @format: the format of output params. One of PEM or DER.
+ * @password: the password that will be used to encrypt the key.
+ * @flags: an ORed sequence of gnutls_pkcs_encrypt_flags_t
+ * @output_data: will contain a private key PEM or DER encoded
+ * @output_data_size: holds the size of output_data (and will be
+ *   replaced by the actual size of parameters)
+ *
+ * This function will export the private key to a PKCS8 structure.
+ * Both RSA and DSA keys can be exported. For DSA keys we use
+ * PKCS #11 definitions. If the flags do not specify the encryption
+ * cipher, then the default 3DES (PBES2) will be used.
+ *
+ * The @password can be either ASCII or UTF-8 in the default PBES2
+ * encryption schemas, or ASCII for the PKCS12 schemas.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will
+ * be returned.
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN ENCRYPTED PRIVATE KEY" or "BEGIN PRIVATE KEY" if
+ * encryption is not used.
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and 0 on success.
+ **/
+int
+gnutls_x509_privkey_export_pkcs8(gnutls_x509_privkey_t key,
+				 gnutls_x509_crt_fmt_t format,
+				 const char *password,
+				 unsigned int flags,
+				 void *output_data,
+				 size_t * output_data_size)
+{
+	asn1_node pkcs8_asn = NULL, pkey_info;
+	int ret;
+	gnutls_datum_t tmp = {NULL, 0};
+	schema_id schema;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Get the private key info
+	 * tmp holds the DER encoding.
+	 */
+	ret = encode_to_private_key_info(key, &tmp, &pkey_info);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	schema = _gnutls_pkcs_flags_to_schema(flags);
+
+	if (((flags & GNUTLS_PKCS_PLAIN) || password == NULL)
+	    && !(flags & GNUTLS_PKCS_NULL_PASSWORD)) {
+		_gnutls_free_datum(&tmp);
+
+		ret =
+		    _gnutls_x509_export_int(pkey_info, format,
+					    PEM_UNENCRYPTED_PKCS8,
+					    output_data, output_data_size);
+
+		asn1_delete_structure2(&pkey_info, ASN1_DELETE_FLAG_ZEROIZE);
+	} else {
+		asn1_delete_structure2(&pkey_info, ASN1_DELETE_FLAG_ZEROIZE);	/* we don't need it */
+
+		ret =
+		    encode_to_pkcs8_key(schema, &tmp, password,
+					&pkcs8_asn);
+		_gnutls_free_key_datum(&tmp);
+
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		ret =
+		    _gnutls_x509_export_int(pkcs8_asn, format, PEM_PKCS8,
+					    output_data, output_data_size);
+
+		asn1_delete_structure2(&pkcs8_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_pkcs8_info:
+ * @data: Holds the PKCS #8 data
+ * @format: the format of the PKCS #8 data
+ * @schema: indicate the schema as one of %gnutls_pkcs_encrypt_flags_t
+ * @cipher: the cipher used as %gnutls_cipher_algorithm_t
+ * @salt: PBKDF2 salt (if non-NULL then @salt_size initially holds its size)
+ * @salt_size: PBKDF2 salt size
+ * @iter_count: PBKDF2 iteration count
+ * @oid: if non-NULL it will contain an allocated null-terminated variable with the OID
+ *
+ * This function will provide information on the algorithms used
+ * in a particular PKCS #8 structure. If the structure algorithms
+ * are unknown the code %GNUTLS_E_UNKNOWN_CIPHER_TYPE will be returned,
+ * and only @oid, will be set. That is, @oid will be set on encrypted PKCS #8
+ * structures whether supported or not. It must be deinitialized using gnutls_free().
+ * The other variables are only set on supported structures.
+ *
+ * Returns: %GNUTLS_E_INVALID_REQUEST if the provided structure isn't an encrypted key,
+ *  %GNUTLS_E_UNKNOWN_CIPHER_TYPE if the structure's encryption isn't supported, or
+ *  another negative error code in case of a failure. Zero on success.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_pkcs8_info(const gnutls_datum_t * data, gnutls_x509_crt_fmt_t format,
+		  unsigned int *schema, unsigned int *cipher,
+		  void *salt, unsigned int *salt_size,
+		  unsigned int *iter_count,
+		  char **oid)
+{
+	int ret = 0, need_free = 0;
+	gnutls_datum_t _data;
+	const struct pkcs_cipher_schema_st *p = NULL;
+	struct pbkdf2_params kdf;
+
+	memset(&kdf, 0, sizeof(kdf));
+
+	if (oid)
+		*oid = NULL;
+
+	_data.data = data->data;
+	_data.size = data->size;
+
+	/* If the Certificate is in PEM format then decode it
+	 */
+	if (format == GNUTLS_X509_FMT_PEM) {
+		/* Try the first header 
+		 */
+		ret =
+		    _gnutls_fbase64_decode(PEM_UNENCRYPTED_PKCS8,
+					   data->data, data->size, &_data);
+
+		if (ret < 0) {	/* Try the encrypted header 
+					 */
+			ret =
+			    _gnutls_fbase64_decode(PEM_PKCS8, data->data,
+						   data->size, &_data);
+
+			if (ret < 0) {
+				gnutls_assert();
+				return ret;
+			}
+		}
+
+		need_free = 1;
+	}
+
+	ret = pkcs8_key_info(&_data, &p, &kdf, oid);
+	if (ret == GNUTLS_E_DECRYPTION_FAILED)
+		ret = GNUTLS_E_INVALID_REQUEST;
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	assert(p != NULL);
+
+	if (need_free)
+		_gnutls_free_datum(&_data);
+
+	if (schema)
+		*schema = p->flag;
+
+	if (cipher)
+		*cipher = p->cipher;
+
+	if (iter_count)
+		*iter_count = kdf.iter_count;
+
+	if (salt) {
+		if (*salt_size >= (unsigned)kdf.salt_size) {
+			memcpy(salt, kdf.salt, kdf.salt_size);
+		} else {
+			*salt_size = kdf.salt_size;
+			ret = gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+			goto cleanup;
+		}
+	}
+
+	if (salt_size)
+		*salt_size = kdf.salt_size;
+
+	return 0;
+
+ cleanup:
+	if (ret != GNUTLS_E_UNKNOWN_CIPHER_TYPE && oid) {
+		gnutls_free(*oid);
+	}
+	if (need_free)
+		_gnutls_free_datum(&_data);
+	return ret;
+}
+
+/**
+ * gnutls_x509_privkey_export2_pkcs8:
+ * @key: Holds the key
+ * @format: the format of output params. One of PEM or DER.
+ * @password: the password that will be used to encrypt the key.
+ * @flags: an ORed sequence of gnutls_pkcs_encrypt_flags_t
+ * @out: will contain a private key PEM or DER encoded
+ *
+ * This function will export the private key to a PKCS8 structure.
+ * Both RSA and DSA keys can be exported. For DSA keys we use
+ * PKCS #11 definitions. If the flags do not specify the encryption
+ * cipher, then the default 3DES (PBES2) will be used.
+ *
+ * The @password can be either ASCII or UTF-8 in the default PBES2
+ * encryption schemas, or ASCII for the PKCS12 schemas.
+ *
+ * The output buffer is allocated using gnutls_malloc().
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN ENCRYPTED PRIVATE KEY" or "BEGIN PRIVATE KEY" if
+ * encryption is not used.
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and 0 on success.
+ *
+ * Since 3.1.3
+ **/
+int
+gnutls_x509_privkey_export2_pkcs8(gnutls_x509_privkey_t key,
+				  gnutls_x509_crt_fmt_t format,
+				  const char *password,
+				  unsigned int flags, gnutls_datum_t * out)
+{
+	asn1_node pkcs8_asn = NULL, pkey_info;
+	int ret;
+	gnutls_datum_t tmp = {NULL, 0};
+	schema_id schema;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Get the private key info
+	 * tmp holds the DER encoding.
+	 */
+	ret = encode_to_private_key_info(key, &tmp, &pkey_info);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	schema = _gnutls_pkcs_flags_to_schema(flags);
+
+	if (((flags & GNUTLS_PKCS_PLAIN) || password == NULL)
+	    && !(flags & GNUTLS_PKCS_NULL_PASSWORD)) {
+		_gnutls_free_key_datum(&tmp);
+
+		ret =
+		    _gnutls_x509_export_int2(pkey_info, format,
+					     PEM_UNENCRYPTED_PKCS8, out);
+
+		asn1_delete_structure2(&pkey_info, ASN1_DELETE_FLAG_ZEROIZE);
+	} else {
+		asn1_delete_structure2(&pkey_info, ASN1_DELETE_FLAG_ZEROIZE);	/* we don't need it */
+
+		ret =
+		    encode_to_pkcs8_key(schema, &tmp, password,
+					&pkcs8_asn);
+		_gnutls_free_key_datum(&tmp);
+
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		ret =
+		    _gnutls_x509_export_int2(pkcs8_asn, format, PEM_PKCS8,
+					     out);
+
+		asn1_delete_structure2(&pkcs8_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	}
+
+	return ret;
+}
+
+
+
+	/* We've gotten this far. In the real world it's almost certain
+	 * that we're dealing with a good file, but wrong password.
+	 * Sadly like 90% of random data is somehow valid DER for the
+	 * a first small number of bytes, so no easy way to guarantee. */
+#define CHECK_ERR_FOR_ENCRYPTED(result) \
+		if (result == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND || \
+		    result == GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND || \
+		    result == GNUTLS_E_ASN1_DER_ERROR || \
+		    result == GNUTLS_E_ASN1_VALUE_NOT_FOUND || \
+		    result == GNUTLS_E_ASN1_GENERIC_ERROR || \
+		    result == GNUTLS_E_ASN1_VALUE_NOT_VALID || \
+		    result == GNUTLS_E_ASN1_TAG_ERROR || \
+		    result == GNUTLS_E_ASN1_TAG_IMPLICIT || \
+		    result == GNUTLS_E_ASN1_TYPE_ANY_ERROR || \
+		    result == GNUTLS_E_ASN1_SYNTAX_ERROR || \
+		    result == GNUTLS_E_ASN1_DER_OVERFLOW) { \
+			result = GNUTLS_E_DECRYPTION_FAILED; \
+		}
+
+static int pkcs8_key_decrypt(const gnutls_datum_t * raw_key,
+			     asn1_node pkcs8_asn, const char *password,
+			     gnutls_x509_privkey_t pkey)
+{
+	int result, len;
+	char enc_oid[MAX_OID_SIZE];
+	gnutls_datum_t tmp = {NULL, 0};
+	int params_start, params_end, params_len;
+	struct pbkdf2_params kdf_params;
+	struct pbe_enc_params enc_params;
+	schema_id schema;
+
+	/* Check the encryption schema OID
+	 */
+	len = sizeof(enc_oid);
+	result =
+	    asn1_read_value(pkcs8_asn, "encryptionAlgorithm.algorithm",
+			    enc_oid, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if ((result = _gnutls_check_pkcs_cipher_schema(enc_oid)) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	schema = result;
+
+	/* Get the DER encoding of the parameters.
+	 */
+	result =
+	    asn1_der_decoding_startEnd(pkcs8_asn, raw_key->data,
+				       raw_key->size,
+				       "encryptionAlgorithm.parameters",
+				       &params_start, &params_end);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+	params_len = params_end - params_start + 1;
+
+	result =
+	    _gnutls_read_pkcs_schema_params(&schema, password,
+				    &raw_key->data[params_start],
+				    params_len, &kdf_params, &enc_params);
+
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	/* Parameters have been decoded. Now
+	 * decrypt the EncryptedData.
+	 */
+	result =
+	    _gnutls_pkcs_raw_decrypt_data(schema, pkcs8_asn, "encryptedData", password,
+			 &kdf_params, &enc_params, &tmp);
+	if (result < 0) {
+		gnutls_assert();
+		result = GNUTLS_E_DECRYPTION_FAILED;
+		goto error;
+	}
+
+	result = decode_private_key_info(&tmp, pkey);
+	_gnutls_free_key_datum(&tmp);
+
+	CHECK_ERR_FOR_ENCRYPTED(result);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	return 0;
+
+      error:
+	return result;
+}
+
+static int check_for_decrypted(const gnutls_datum_t *der)
+{
+	int result;
+	asn1_node pkcs8_asn = NULL;
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.pkcs-8-PrivateKeyInfo",
+				 &pkcs8_asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&pkcs8_asn, der->data, der->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result = 0;
+ error:
+	asn1_delete_structure2(&pkcs8_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	return result;
+
+}
+
+static
+int pkcs8_key_info(const gnutls_datum_t * raw_key,
+		   const struct pkcs_cipher_schema_st **p,
+		   struct pbkdf2_params *kdf_params,
+		   char **oid)
+{
+	int result, len;
+	char enc_oid[MAX_OID_SIZE*2];
+	int params_start, params_end, params_len;
+	struct pbe_enc_params enc_params;
+	schema_id schema;
+	asn1_node pkcs8_asn = NULL;
+
+	memset(&enc_params, 0, sizeof(enc_params));
+
+	result = check_for_decrypted(raw_key);
+	if (result == 0)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.pkcs-8-EncryptedPrivateKeyInfo",
+				 &pkcs8_asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result =
+	    _asn1_strict_der_decode(&pkcs8_asn, raw_key->data, raw_key->size,
+			      NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* Check the encryption schema OID
+	 */
+	len = sizeof(enc_oid);
+	result =
+	    asn1_read_value(pkcs8_asn, "encryptionAlgorithm.algorithm",
+			    enc_oid, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if (oid) {
+		*oid = gnutls_strdup(enc_oid);
+	}
+
+	if ((result = _gnutls_check_pkcs_cipher_schema(enc_oid)) < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	schema = result;
+
+	/* Get the DER encoding of the parameters.
+	 */
+	result =
+	    asn1_der_decoding_startEnd(pkcs8_asn, raw_key->data,
+				       raw_key->size,
+				       "encryptionAlgorithm.parameters",
+				       &params_start, &params_end);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+	params_len = params_end - params_start + 1;
+
+	result =
+	    _gnutls_read_pkcs_schema_params(&schema, NULL,
+				    &raw_key->data[params_start],
+				    params_len, kdf_params, &enc_params);
+
+	if (result < 0) {
+		gnutls_assert();
+		if (oid && enc_params.pbes2_oid[0] != 0) {
+			snprintf(enc_oid, sizeof(enc_oid), "%s/%s", *oid, enc_params.pbes2_oid);
+			gnutls_free(*oid);
+			*oid = gnutls_strdup(enc_oid);
+		}
+		goto error;
+	}
+
+	*p = _gnutls_pkcs_schema_get(schema);
+	if (*p == NULL) {
+		gnutls_assert();
+		result = GNUTLS_E_UNKNOWN_CIPHER_TYPE;
+		goto error;
+	}
+
+	result = 0;
+
+      error:
+	asn1_delete_structure2(&pkcs8_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	return result;
+}
+
+/* Converts a PKCS #8 key to
+ * an internal structure (gnutls_private_key)
+ * (normally a PKCS #1 encoded RSA key)
+ */
+static int
+pkcs8_key_decode(const gnutls_datum_t * raw_key,
+		 const char *password, gnutls_x509_privkey_t pkey,
+		 unsigned int decrypt)
+{
+	int result;
+	asn1_node pkcs8_asn = NULL;
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.pkcs-8-EncryptedPrivateKeyInfo",
+				 &pkcs8_asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result =
+	    _asn1_strict_der_decode(&pkcs8_asn, raw_key->data, raw_key->size,
+			      NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	if (decrypt)
+		result =
+		    pkcs8_key_decrypt(raw_key, pkcs8_asn, password, pkey);
+	else
+		result = 0;
+
+      error:
+	asn1_delete_structure2(&pkcs8_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	return result;
+
+}
+
+/* Decodes an RSA privateKey from a PKCS8 structure.
+ */
+static int
+_decode_pkcs8_rsa_key(asn1_node pkcs8_asn, gnutls_x509_privkey_t pkey)
+{
+	int ret;
+	gnutls_datum_t tmp = {NULL, 0};
+
+	ret = _gnutls_x509_read_value(pkcs8_asn, "privateKey", &tmp);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	pkey->key = _gnutls_privkey_decode_pkcs1_rsa_key(&tmp, pkey);
+	_gnutls_free_key_datum(&tmp);
+
+	if (pkey->key == NULL) {
+		ret = GNUTLS_E_PK_INVALID_PRIVKEY;
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = 0;
+
+      error:
+	return ret;
+}
+
+/* Decodes an RSA-PSS privateKey from a PKCS8 structure.
+ */
+static int
+_decode_pkcs8_rsa_pss_key(asn1_node pkcs8_asn, gnutls_x509_privkey_t pkey)
+{
+	int ret;
+	gnutls_datum_t tmp = {NULL, 0};
+	gnutls_x509_spki_st params;
+
+	memset(&params, 0, sizeof(params));
+
+	ret = _gnutls_x509_read_value(pkcs8_asn,
+				      "privateKeyAlgorithm.parameters", &tmp);
+	if (ret < 0) {
+		if (ret == GNUTLS_E_ASN1_VALUE_NOT_FOUND || ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND)
+			goto skip_params;
+
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = _gnutls_x509_read_rsa_pss_params(tmp.data, tmp.size, &params);
+	_gnutls_free_key_datum(&tmp);
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+ skip_params:
+	ret = _decode_pkcs8_rsa_key(pkcs8_asn, pkey);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	pkey->params.algo = GNUTLS_PK_RSA_PSS;
+	memcpy(&pkey->params.spki, &params, sizeof(gnutls_x509_spki_st));
+
+	ret = 0;
+
+      error:
+	return ret;
+}
+
+/* Decodes an ECC privateKey from a PKCS8 structure.
+ */
+static int
+_decode_pkcs8_ecc_key(asn1_node pkcs8_asn, gnutls_x509_privkey_t pkey)
+{
+	int ret;
+	gnutls_datum_t tmp = {NULL, 0};
+	unsigned char oid[MAX_OID_SIZE];
+	unsigned curve = GNUTLS_ECC_CURVE_INVALID;
+	int len, result;
+
+	/* openssl PKCS #8 files with ECC keys place the curve in
+	 * privateKeyAlgorithm.parameters instead of the ECPrivateKey.parameters.
+	 */
+	len = sizeof(oid);
+	result =
+	    asn1_read_value(pkcs8_asn, "privateKeyAlgorithm.parameters",
+			    oid, &len);
+	if (result == ASN1_SUCCESS) {
+		ret = _gnutls_x509_read_ecc_params(oid, len, &curve);
+		if (ret < 0) {
+			_gnutls_debug_log("PKCS#8: unknown curve OID %s\n", oid);
+			curve = GNUTLS_ECC_CURVE_INVALID;
+		}
+	}
+
+	ret = _gnutls_x509_read_value(pkcs8_asn, "privateKey", &tmp);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = _gnutls_privkey_decode_ecc_key(&pkey->key, &tmp, pkey, curve);
+	_gnutls_free_key_datum(&tmp);
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = 0;
+
+      error:
+	return ret;
+}
+
+static int
+_decode_pkcs8_eddsa_key(asn1_node pkcs8_asn, gnutls_x509_privkey_t pkey, const char *oid)
+{
+	int ret;
+	gnutls_datum_t tmp;
+	gnutls_ecc_curve_t curve = GNUTLS_ECC_CURVE_INVALID;
+	const gnutls_ecc_curve_entry_st *ce;
+
+	gnutls_pk_params_init(&pkey->params);
+
+	curve = gnutls_oid_to_ecc_curve(oid);
+	if (curve == GNUTLS_ECC_CURVE_INVALID) {
+		_gnutls_debug_log("PKCS#8: unknown curve OID %s\n", oid);
+		return gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+	}
+
+	ce = _gnutls_ecc_curve_get_params(curve);
+	if (_curve_is_eddsa(ce)) {
+		ret = _gnutls_x509_read_string(pkcs8_asn, "privateKey", &tmp, ASN1_ETYPE_OCTET_STRING, 1);
+		if (ret < 0) {
+			gnutls_assert();
+			return gnutls_assert_val(ret);
+		}
+
+		if (tmp.size != ce->size) {
+			gnutls_free(tmp.data);
+			return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+		}
+		gnutls_free(pkey->params.raw_priv.data);
+		switch (curve) {
+		case GNUTLS_ECC_CURVE_ED25519:
+			pkey->params.algo = GNUTLS_PK_EDDSA_ED25519;
+			break;
+		case GNUTLS_ECC_CURVE_ED448:
+			pkey->params.algo = GNUTLS_PK_EDDSA_ED448;
+			break;
+		default:
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		}
+		pkey->params.raw_priv.data = tmp.data;
+		pkey->params.raw_priv.size = tmp.size;
+		pkey->params.curve = curve;
+
+		tmp.data = NULL;
+		return 0;
+	} else {
+		return gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+	}
+}
+
+static int
+_decode_pkcs8_modern_ecdh_key(asn1_node pkcs8_asn, gnutls_x509_privkey_t pkey, const char *oid)
+{
+	int ret;
+	gnutls_datum_t tmp;
+	gnutls_ecc_curve_t curve = GNUTLS_ECC_CURVE_INVALID;
+	const gnutls_ecc_curve_entry_st *ce;
+
+	gnutls_pk_params_init(&pkey->params);
+
+	curve = gnutls_oid_to_ecc_curve(oid);
+	if (curve == GNUTLS_ECC_CURVE_INVALID) {
+		_gnutls_debug_log("PKCS#8: unknown curve OID %s\n", oid);
+		return gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+	}
+
+	ce = _gnutls_ecc_curve_get_params(curve);
+	if (_curve_is_modern_ecdh(ce)) {
+		ret = _gnutls_x509_read_string(pkcs8_asn, "privateKey", &tmp, ASN1_ETYPE_OCTET_STRING, 1);
+		if (ret < 0) {
+			gnutls_assert();
+			return gnutls_assert_val(ret);
+		}
+
+		if (tmp.size != ce->size) {
+			gnutls_free(tmp.data);
+			return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+		}
+		gnutls_free(pkey->params.raw_priv.data);
+		switch (curve) {
+		case GNUTLS_ECC_CURVE_X25519:
+			pkey->params.algo = GNUTLS_PK_ECDH_X25519;
+			break;
+		case GNUTLS_ECC_CURVE_X448:
+			pkey->params.algo = GNUTLS_PK_ECDH_X448;
+			break;
+		default:
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+		}
+		pkey->params.raw_priv.data = tmp.data;
+		pkey->params.raw_priv.size = tmp.size;
+		pkey->params.curve = curve;
+
+		tmp.data = NULL;
+		return 0;
+	} else {
+		return gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
+	}
+}
+
+/* Converts a GOST key to
+ * an internal structure (gnutls_private_key)
+ */
+static int
+_privkey_decode_gost_key(const gnutls_datum_t * raw_key,
+			 gnutls_x509_privkey_t pkey)
+{
+	int ret;
+	int ecc_size = gnutls_ecc_curve_get_size(pkey->params.curve);
+
+	/* Just to be sure here */
+	if (ecc_size <= 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_ECC_UNSUPPORTED_CURVE;
+		goto error;
+	}
+
+	/* Private key form described in R 50.1.112-2016.
+	 * Private key can come up as masked value concatenated with several masks.
+	 * each part is of ecc_size bytes. Key will be unmasked in pk_fixup */
+	if (raw_key->size % ecc_size == 0) {
+		ret = _gnutls_mpi_init_scan_le(&pkey->params.params[GOST_K],
+				raw_key->data, raw_key->size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	} else if (raw_key->data[0] == ASN1_TAG_INTEGER) {
+		asn1_node pkey_asn;
+
+		/* Very old format: INTEGER packed in OCTET STRING */
+		if ((ret = asn1_create_element(_gnutls_get_gnutls_asn(),
+					       "GNUTLS.GOSTPrivateKeyOld",
+					       &pkey_asn)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto error;
+		}
+
+		ret = _asn1_strict_der_decode(&pkey_asn,
+				raw_key->data, raw_key->size,
+				NULL);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			asn1_delete_structure2(&pkey_asn, ASN1_DELETE_FLAG_ZEROIZE);
+			goto error;
+		}
+
+		ret = _gnutls_x509_read_key_int(pkey_asn, "",
+						&pkey->params.params[GOST_K]);
+		if (ret < 0) {
+			gnutls_assert();
+			asn1_delete_structure2(&pkey_asn, ASN1_DELETE_FLAG_ZEROIZE);
+			goto error;
+		}
+		asn1_delete_structure2(&pkey_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	} else if (raw_key->data[0] == ASN1_TAG_OCTET_STRING) {
+		asn1_node pkey_asn;
+
+		/* format: OCTET STRING packed in OCTET STRING */
+		if ((ret = asn1_create_element(_gnutls_get_gnutls_asn(),
+					       "GNUTLS.GOSTPrivateKey",
+					       &pkey_asn)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto error;
+		}
+
+		ret = _asn1_strict_der_decode(&pkey_asn,
+				raw_key->data, raw_key->size,
+				NULL);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			asn1_delete_structure2(&pkey_asn, ASN1_DELETE_FLAG_ZEROIZE);
+			goto error;
+		}
+
+		ret = _gnutls_x509_read_key_int_le(pkey_asn, "",
+						   &pkey->params.params[GOST_K]);
+		if (ret < 0) {
+			gnutls_assert();
+			asn1_delete_structure2(&pkey_asn, ASN1_DELETE_FLAG_ZEROIZE);
+			goto error;
+		}
+		asn1_delete_structure2(&pkey_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	} else {
+		gnutls_assert();
+		ret = GNUTLS_E_PARSING_ERROR;
+		goto error;
+	}
+
+	pkey->params.params_nr++;
+
+	return 0;
+
+      error:
+	return ret;
+
+}
+
+/* Decodes a GOST privateKey from a PKCS8 structure.
+ */
+static int
+_decode_pkcs8_gost_key(asn1_node pkcs8_asn, gnutls_x509_privkey_t pkey,
+		       gnutls_pk_algorithm_t algo)
+{
+	int ret;
+	gnutls_datum_t tmp;
+	unsigned char oid[3 * MAX_OID_SIZE]; /* GOST parameters can have 3 OIDs at most */
+	int len, result;
+
+	gnutls_pk_params_init(&pkey->params);
+
+	len = sizeof(oid);
+	result = asn1_read_value(pkcs8_asn, "privateKeyAlgorithm.parameters",
+				 oid, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = GNUTLS_E_PARSING_ERROR;
+		goto error;
+	} else {
+		ret = _gnutls_x509_read_gost_params(oid, len, &pkey->params, algo);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+	}
+
+	/* Will be fixed later by pk_fixup */
+	ret = _gnutls_mpi_init(&pkey->params.params[GOST_X]);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+
+	ret = _gnutls_mpi_init(&pkey->params.params[GOST_Y]);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+	pkey->params.params_nr++;
+
+	_gnutls_mpi_set_ui(pkey->params.params[GOST_X], 0);
+	_gnutls_mpi_set_ui(pkey->params.params[GOST_Y], 0);
+
+	ret = _gnutls_x509_read_value(pkcs8_asn, "privateKey", &tmp);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = _privkey_decode_gost_key(&tmp, pkey);
+	_gnutls_free_key_datum(&tmp);
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	pkey->params.algo = algo;
+
+	return 0;
+
+error:
+	gnutls_pk_params_clear(&pkey->params);
+	gnutls_pk_params_release(&pkey->params);
+
+	return ret;
+}
+
+/* Decodes an DSA privateKey and params from a PKCS8 structure.
+ */
+static int
+_decode_pkcs8_dsa_key(asn1_node pkcs8_asn, gnutls_x509_privkey_t pkey)
+{
+	int ret;
+	gnutls_datum_t tmp = {NULL, 0};
+
+	gnutls_pk_params_init(&pkey->params);
+
+	ret = _gnutls_x509_read_value(pkcs8_asn, "privateKey", &tmp);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret =
+	    _gnutls_x509_read_der_int(tmp.data, tmp.size,
+				      &pkey->params.params[4]);
+	_gnutls_free_key_datum(&tmp);
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret =
+	    _gnutls_x509_read_value(pkcs8_asn,
+				    "privateKeyAlgorithm.parameters",
+				    &tmp);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret =
+	    _gnutls_x509_read_pubkey_params(GNUTLS_PK_DSA, tmp.data,
+					    tmp.size, &pkey->params);
+	_gnutls_free_datum(&tmp);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if (_gnutls_mpi_cmp_ui(pkey->params.params[0], 0) == 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_ILLEGAL_PARAMETER;
+		goto error;
+	}
+
+	/* the public key can be generated as g^x mod p */
+	ret = _gnutls_mpi_init(&pkey->params.params[3]);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	ret = _gnutls_mpi_powm(pkey->params.params[3], pkey->params.params[2],
+			 pkey->params.params[4], pkey->params.params[0]);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	pkey->params.algo = GNUTLS_PK_DSA;
+	pkey->params.params_nr = DSA_PRIVATE_PARAMS;
+
+	ret =
+	    _gnutls_asn1_encode_privkey(&pkey->key,
+					&pkey->params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	return 0;
+
+ error:
+	if (pkey->params.params_nr != DSA_PRIVATE_PARAMS)
+		_gnutls_mpi_release(&pkey->params.params[4]);
+	return ret;
+}
+
+
+static int
+decode_private_key_info(const gnutls_datum_t * der,
+			gnutls_x509_privkey_t pkey)
+{
+	int result, len;
+	char oid[MAX_OID_SIZE];
+	asn1_node pkcs8_asn = NULL;
+	gnutls_datum_t sder;
+	int ret;
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.pkcs-8-PrivateKeyInfo",
+				 &pkcs8_asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result = _asn1_strict_der_decode(&pkcs8_asn, der->data, der->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* Check the private key algorithm OID
+	 */
+	len = sizeof(oid);
+	result =
+	    asn1_read_value(pkcs8_asn, "privateKeyAlgorithm.algorithm",
+			    oid, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	pkey->params.algo = gnutls_oid_to_pk(oid);
+	if (pkey->params.algo == GNUTLS_PK_UNKNOWN) {
+		gnutls_assert();
+		_gnutls_debug_log
+		    ("PKCS #8 private key OID '%s' is unsupported.\n",
+		     oid);
+		result = GNUTLS_E_UNKNOWN_PK_ALGORITHM;
+		goto error;
+	}
+
+	/* Get the DER encoding of the actual private key.
+	 */
+
+	switch(pkey->params.algo) {
+		case GNUTLS_PK_RSA:
+			result = _decode_pkcs8_rsa_key(pkcs8_asn, pkey);
+			break;
+		case GNUTLS_PK_RSA_PSS:
+			result = _decode_pkcs8_rsa_pss_key(pkcs8_asn, pkey);
+			break;
+		case GNUTLS_PK_DSA:
+			result = _decode_pkcs8_dsa_key(pkcs8_asn, pkey);
+			break;
+		case GNUTLS_PK_ECDSA:
+			result = _decode_pkcs8_ecc_key(pkcs8_asn, pkey);
+			break;
+		case GNUTLS_PK_EDDSA_ED25519:
+		case GNUTLS_PK_EDDSA_ED448:
+			result = _decode_pkcs8_eddsa_key(pkcs8_asn, pkey, oid);
+			break;
+		case GNUTLS_PK_ECDH_X25519:
+		case GNUTLS_PK_ECDH_X448:
+			result = _decode_pkcs8_modern_ecdh_key(pkcs8_asn, pkey, oid);
+			break;
+		case GNUTLS_PK_GOST_01:
+		case GNUTLS_PK_GOST_12_256:
+		case GNUTLS_PK_GOST_12_512:
+			result = _decode_pkcs8_gost_key(pkcs8_asn,
+							pkey, pkey->params.algo);
+			break;
+		default:
+			result = gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+			goto error;
+	}
+
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	/* check for provable parameters attribute */
+	ret = _x509_parse_attribute(pkcs8_asn, "attributes", OID_ATTR_PROV_SEED, 0, 1, &sder);
+	if (ret >= 0) { /* ignore it when not being present */
+		ret = _x509_decode_provable_seed(pkey, &sder);
+		gnutls_free(sder.data);
+		if (ret < 0) {
+			gnutls_assert();
+		}
+	}
+
+	result = 0;
+
+error:
+	asn1_delete_structure2(&pkcs8_asn, ASN1_DELETE_FLAG_ZEROIZE);
+	return result;
+
+}
+
+/**
+ * gnutls_x509_privkey_import_pkcs8:
+ * @key: The data to store the parsed key
+ * @data: The DER or PEM encoded key.
+ * @format: One of DER or PEM
+ * @password: the password to decrypt the key (if it is encrypted).
+ * @flags: 0 if encrypted or GNUTLS_PKCS_PLAIN if not encrypted.
+ *
+ * This function will convert the given DER or PEM encoded PKCS8 2.0
+ * encrypted key to the native gnutls_x509_privkey_t format. The
+ * output will be stored in @key.  Both RSA and DSA keys can be
+ * imported, and flags can only be used to indicate an unencrypted
+ * key.
+ *
+ * The @password can be either ASCII or UTF-8 in the default PBES2
+ * encryption schemas, or ASCII for the PKCS12 schemas.
+ *
+ * If the Certificate is PEM encoded it should have a header of
+ * "ENCRYPTED PRIVATE KEY", or "PRIVATE KEY". You only need to
+ * specify the flags if the key is DER encoded, since in that case
+ * the encryption status cannot be auto-detected.
+ *
+ * If the %GNUTLS_PKCS_PLAIN flag is specified and the supplied data
+ * are encrypted then %GNUTLS_E_DECRYPTION_FAILED is returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_import_pkcs8(gnutls_x509_privkey_t key,
+				 const gnutls_datum_t * data,
+				 gnutls_x509_crt_fmt_t format,
+				 const char *password, unsigned int flags)
+{
+	int result = 0, need_free = 0;
+	gnutls_datum_t _data;
+
+	if (key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	_data.data = data->data;
+	_data.size = data->size;
+
+	key->params.algo = GNUTLS_PK_UNKNOWN;
+
+	/* If the Certificate is in PEM format then decode it
+	 */
+	if (format == GNUTLS_X509_FMT_PEM) {
+		/* Try the first header 
+		 */
+		result =
+		    _gnutls_fbase64_decode(PEM_UNENCRYPTED_PKCS8,
+					   data->data, data->size, &_data);
+
+		if (result < 0) {	/* Try the encrypted header 
+					 */
+			result =
+			    _gnutls_fbase64_decode(PEM_PKCS8, data->data,
+						   data->size, &_data);
+
+			if (result < 0) {
+				gnutls_assert();
+				return result;
+			}
+		} else if (flags == 0)
+			flags |= GNUTLS_PKCS_PLAIN;
+
+		need_free = 1;
+	}
+
+	if (key->expanded) {
+		_gnutls_x509_privkey_reinit(key);
+	}
+	key->expanded = 1;
+
+	/* Here we don't check for password == NULL to maintain a backwards
+	 * compatibility behavior, with old versions that were encrypting using
+	 * a NULL password.
+	 */
+	if (flags & GNUTLS_PKCS_PLAIN) {
+		result = decode_private_key_info(&_data, key);
+		if (result < 0) {	/* check if it is encrypted */
+			if (pkcs8_key_decode(&_data, "", key, 0) == 0)
+				result = GNUTLS_E_DECRYPTION_FAILED;
+		}
+	} else {		/* encrypted. */
+		result = pkcs8_key_decode(&_data, password, key, 1);
+	}
+
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* This part is necessary to get the public key on certain algorithms.
+	 * In the import above we only get the private key. */
+	result =
+	    _gnutls_pk_fixup(key->params.algo, GNUTLS_IMPORT, &key->params);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (need_free)
+		_gnutls_free_datum(&_data);
+
+	/* The key has now been decoded.
+	 */
+	return 0;
+
+ cleanup:
+	asn1_delete_structure2(&key->key, ASN1_DELETE_FLAG_ZEROIZE);
+	key->params.algo = GNUTLS_PK_UNKNOWN;
+	if (need_free) {
+		zeroize_temp_key(_data.data, _data.size);
+		_gnutls_free_datum(&_data);
+	}
+	return result;
+}
+
diff --git a/lib/x509/privkey_pkcs8_pbes1.c b/lib/x509/privkey_pkcs8_pbes1.c
new file mode 100644
index 0000000..983530e
--- /dev/null
+++ b/lib/x509/privkey_pkcs8_pbes1.c
@@ -0,0 +1,189 @@
+/*
+ * Copyright (C) 2016 Red Hat
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <x509.h>
+#include <x509_b64.h>
+#include "x509_int.h"
+#include "pkcs7_int.h"
+#include <algorithms.h>
+#include <nettle/md5.h>
+
+/* This file includes support for PKCS#8 PBES1 with DES and MD5.
+ * We only support decryption for compatibility with other software.
+ */
+
+int _gnutls_read_pbkdf1_params(const uint8_t * data, int data_size,
+		       struct pbkdf2_params *kdf_params,
+		       struct pbe_enc_params *enc_params)
+{
+	asn1_node pasn = NULL;
+	int len;
+	int ret, result;
+
+	memset(kdf_params, 0, sizeof(*kdf_params));
+	memset(enc_params, 0, sizeof(*enc_params));
+
+	if ((result =
+		     asn1_create_element(_gnutls_get_pkix(),
+					 "PKIX1.pkcs-5-PBE-params",
+					 &pasn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* Decode the parameters.
+	 */
+	result =
+	    _asn1_strict_der_decode(&pasn, data, data_size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	ret =
+	    _gnutls_x509_read_uint(pasn, "iterationCount",
+			   &kdf_params->iter_count);
+	if (ret < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if (kdf_params->iter_count >= MAX_ITER_COUNT || kdf_params->iter_count == 0) {
+		ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+		goto error;
+	}
+
+	len = sizeof(kdf_params->salt);
+	result =
+	    asn1_read_value(pasn, "salt",
+		    kdf_params->salt, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	if (len != 8) {
+		gnutls_assert();
+		ret = GNUTLS_E_ILLEGAL_PARAMETER;
+		goto error;
+	}
+
+	enc_params->cipher = GNUTLS_CIPHER_DES_CBC;
+
+	ret = 0;
+ error:
+	asn1_delete_structure2(&pasn, ASN1_DELETE_FLAG_ZEROIZE);
+	return ret;
+
+}
+
+static void pbkdf1_md5(const char *password, unsigned password_len,
+	const uint8_t salt[8], unsigned iter_count, unsigned key_size, uint8_t *key)
+{
+	struct md5_ctx ctx;
+	uint8_t tmp[16];
+	unsigned i;
+
+	if (key_size > sizeof(tmp))
+		abort();
+
+	for (i=0;i<iter_count;i++) {
+		md5_init(&ctx);
+		if (i==0) {
+			md5_update(&ctx, password_len, (uint8_t*)password);
+			md5_update(&ctx, 8, salt);
+			md5_digest(&ctx, 16, tmp);
+		} else {
+			md5_update(&ctx, 16, tmp);
+			md5_digest(&ctx, 16, tmp);
+		}
+	}
+
+	memcpy(key, tmp, key_size);
+	return;
+}
+
+int
+_gnutls_decrypt_pbes1_des_md5_data(const char *password,
+			   unsigned password_len,
+			   const struct pbkdf2_params *kdf_params,
+			   const struct pbe_enc_params *enc_params,
+			   const gnutls_datum_t *encrypted_data,
+			   gnutls_datum_t *decrypted_data)
+{
+	int result;
+	gnutls_datum_t dkey, d_iv;
+	gnutls_cipher_hd_t ch;
+	uint8_t key[16];
+	const unsigned block_size = 8;
+
+	if (enc_params->cipher != GNUTLS_CIPHER_DES_CBC)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	if (encrypted_data->size % block_size != 0)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
+	/* generate the key
+	 */
+	pbkdf1_md5(password, password_len, kdf_params->salt, kdf_params->iter_count, sizeof(key), key);
+
+	dkey.data = key;
+	dkey.size = 8;
+	d_iv.data = &key[8];
+	d_iv.size = 8;
+	result = gnutls_cipher_init(&ch, GNUTLS_CIPHER_DES_CBC, &dkey, &d_iv);
+	if (result < 0) {
+		_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_ERROR);
+		return gnutls_assert_val(result);
+	}
+	_gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+
+	result = gnutls_cipher_decrypt(ch, encrypted_data->data, encrypted_data->size);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	if ((int)encrypted_data->size - encrypted_data->data[encrypted_data->size - 1] < 0) {
+		gnutls_assert();
+		result = GNUTLS_E_ILLEGAL_PARAMETER;
+		goto error;
+	}
+
+	decrypted_data->data = encrypted_data->data;
+	decrypted_data->size = encrypted_data->size - encrypted_data->data[encrypted_data->size - 1];
+
+	result = 0;
+ error:
+	gnutls_cipher_deinit(ch);
+
+	return result;
+}
+
diff --git a/lib/x509/prov-seed.c b/lib/x509/prov-seed.c
new file mode 100644
index 0000000..d0119b4
--- /dev/null
+++ b/lib/x509/prov-seed.c
@@ -0,0 +1,141 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <x509.h>
+#include <x509_int.h>
+#include <mpi.h>
+#include "prov-seed.h"
+
+/* This function encodes a seed value and a hash algorithm OID to the format
+ * described in RFC8479. The output is the DER encoded form.
+ */
+int _x509_encode_provable_seed(gnutls_x509_privkey_t pkey, gnutls_datum_t *der)
+{
+
+	asn1_node c2;
+	int ret, result;
+	const char *oid;
+
+	oid = gnutls_digest_get_oid(pkey->params.palgo);
+	if (oid == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_gnutls_asn(),
+				 "GNUTLS.ProvableSeed",
+				 &c2)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = asn1_write_value(c2, "seed", pkey->params.seed, pkey->params.seed_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = asn1_write_value(c2, "algorithm", oid, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_der_encode(c2, "", der, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+ cleanup:
+	asn1_delete_structure2(&c2, ASN1_DELETE_FLAG_ZEROIZE);
+	return ret;
+}
+
+/* This function decodes a DER encoded form of seed and a hash algorithm, as in
+ * RFC8479.
+ */
+int _x509_decode_provable_seed(gnutls_x509_privkey_t pkey, const gnutls_datum_t *der)
+{
+
+	asn1_node c2;
+	int ret, result;
+	char oid[MAX_OID_SIZE];
+	int oid_size;
+	gnutls_datum_t seed = {NULL, 0};
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_gnutls_asn(),
+				 "GNUTLS.ProvableSeed",
+				 &c2)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&c2, der->data, der->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_read_value(c2, "seed", &seed);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (seed.size <= sizeof(pkey->params.seed)) {
+		memcpy(pkey->params.seed, seed.data, seed.size);
+		pkey->params.seed_size = seed.size;
+	} else {
+		ret = 0; /* ignore struct */
+		_gnutls_debug_log("%s: ignoring ProvableSeed due to very long params\n", __func__);
+		goto cleanup;
+	}
+
+	oid_size = sizeof(oid);
+	result = asn1_read_value(c2, "algorithm", oid, &oid_size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	pkey->params.palgo = gnutls_oid_to_digest(oid);
+	pkey->params.pkflags |= GNUTLS_PK_FLAG_PROVABLE;
+
+	ret = 0;
+
+ cleanup:
+	gnutls_free(seed.data);
+	asn1_delete_structure2(&c2, ASN1_DELETE_FLAG_ZEROIZE);
+	return ret;
+}
diff --git a/lib/x509/prov-seed.h b/lib/x509/prov-seed.h
new file mode 100644
index 0000000..a7753cc
--- /dev/null
+++ b/lib/x509/prov-seed.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_PROV_SEED_H
+#define GNUTLS_LIB_X509_PROV_SEED_H
+
+int _x509_encode_provable_seed(gnutls_x509_privkey_t pkey, gnutls_datum_t *der);
+int _x509_decode_provable_seed(gnutls_x509_privkey_t pkey, const gnutls_datum_t *der);
+
+#endif /* GNUTLS_LIB_X509_PROV_SEED_H */
diff --git a/lib/x509/sign.c b/lib/x509/sign.c
new file mode 100644
index 0000000..303e9f2
--- /dev/null
+++ b/lib/x509/sign.c
@@ -0,0 +1,218 @@
+/*
+ * Copyright (C) 2003-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* All functions which relate to X.509 certificate signing stuff are
+ * included here
+ */
+
+#include "gnutls_int.h"
+
+#include "errors.h"
+#include <libtasn1.h>
+#include <global.h>
+#include <num.h>		/* MAX */
+#include <tls-sig.h>
+#include <str.h>
+#include <datum.h>
+#include <x509_int.h>
+#include <common.h>
+#include <gnutls/abstract.h>
+#include <pk.h>
+
+/* This is the same as the _gnutls_x509_sign, but this one will decode
+ * the asn1_node given, and sign the DER data. Actually used to get the DER
+ * of the TBS and sign it on the fly.
+ */
+int
+_gnutls_x509_get_tbs(asn1_node cert, const char *tbs_name,
+		     gnutls_datum_t * tbs)
+{
+	return _gnutls_x509_der_encode(cert, tbs_name, tbs, 0);
+}
+
+int
+_gnutls_x509_crt_get_spki_params(gnutls_x509_crt_t crt,
+				 const gnutls_x509_spki_st *key_params,
+				 gnutls_x509_spki_st *params)
+{
+	int result;
+	gnutls_x509_spki_st crt_params;
+
+	result = _gnutls_x509_crt_read_spki_params(crt, &crt_params);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	if (crt_params.pk == GNUTLS_PK_RSA_PSS) {
+		if (key_params->pk == GNUTLS_PK_RSA_PSS) {
+			if (crt_params.rsa_pss_dig != key_params->rsa_pss_dig) {
+				gnutls_assert();
+				return GNUTLS_E_CERTIFICATE_ERROR;
+			}
+
+			if (crt_params.salt_size < key_params->salt_size) {
+				gnutls_assert();
+				return GNUTLS_E_CERTIFICATE_ERROR;
+			}
+		} else if (key_params->pk != GNUTLS_PK_RSA && key_params->pk != GNUTLS_PK_UNKNOWN) {
+			gnutls_assert();
+			return GNUTLS_E_CERTIFICATE_ERROR;
+		}
+		memcpy(params, &crt_params, sizeof(gnutls_x509_spki_st));
+	} else {
+		memcpy(params, key_params, sizeof(gnutls_x509_spki_st));
+	}
+
+	return 0;
+}
+
+/*-
+ * _gnutls_x509_pkix_sign - This function will sign a CRL or a certificate with a key
+ * @src: should contain an asn1_node
+ * @issuer: is the certificate of the certificate issuer
+ * @issuer_key: holds the issuer's private key
+ *
+ * This function will sign a CRL or a certificate with the issuer's private key, and
+ * will copy the issuer's information into the CRL or certificate.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ -*/
+int
+_gnutls_x509_pkix_sign(asn1_node src, const char *src_name,
+		       gnutls_digest_algorithm_t dig,
+		       unsigned int flags,
+		       gnutls_x509_crt_t issuer,
+		       gnutls_privkey_t issuer_key)
+{
+	int result;
+	gnutls_datum_t signature;
+	gnutls_datum_t tbs;
+	char name[128];
+	gnutls_pk_algorithm_t pk;
+	gnutls_x509_spki_st key_params, params;
+	const gnutls_sign_entry_st *se;
+
+	pk = gnutls_x509_crt_get_pk_algorithm(issuer, NULL);
+	if (pk == GNUTLS_PK_UNKNOWN)
+		pk = gnutls_privkey_get_pk_algorithm(issuer_key, NULL);
+
+	result = _gnutls_privkey_get_spki_params(issuer_key, &key_params);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result = _gnutls_x509_crt_get_spki_params(issuer, &key_params, &params);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result = _gnutls_privkey_update_spki_params(issuer_key, pk, dig, flags,
+						  &params);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	/* Step 1. Copy the issuer's name into the certificate.
+	 */
+	_gnutls_str_cpy(name, sizeof(name), src_name);
+	_gnutls_str_cat(name, sizeof(name), ".issuer");
+
+	result =
+	    asn1_copy_node(src, name, issuer->cert,
+			   "tbsCertificate.subject");
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* Step 1.5. Write the signature stuff in the tbsCertificate.
+	 */
+	_gnutls_str_cpy(name, sizeof(name), src_name);
+	_gnutls_str_cat(name, sizeof(name), ".signature");
+
+	se = _gnutls_pk_to_sign_entry(params.pk, dig);
+	if (se == NULL)
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM);
+
+	_gnutls_debug_log("signing structure using %s\n", se->name);
+
+	result = _gnutls_x509_write_sign_params(src, name, se, &params);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	/* Step 2. Sign the certificate.
+	 */
+	result = _gnutls_x509_get_tbs(src, src_name, &tbs);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	FIX_SIGN_PARAMS(params, flags, dig);
+
+	if (_gnutls_pk_is_not_prehashed(params.pk)) {
+		result = privkey_sign_raw_data(issuer_key, se, &tbs, &signature, &params);
+	} else {
+		result = privkey_sign_and_hash_data(issuer_key, se,
+						    &tbs, &signature, &params);
+	}
+	gnutls_free(tbs.data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	/* write the signature (bits)
+	 */
+	result =
+	    asn1_write_value(src, "signature", signature.data,
+			     signature.size * 8);
+
+	_gnutls_free_datum(&signature);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* Step 3. Move up and write the AlgorithmIdentifier, which is also
+	 * the same. 
+	 */
+
+	result = _gnutls_x509_write_sign_params(src, "signatureAlgorithm",
+						se, &params);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
diff --git a/lib/x509/spki.c b/lib/x509/spki.c
new file mode 100644
index 0000000..c87ff1b
--- /dev/null
+++ b/lib/x509/spki.c
@@ -0,0 +1,130 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Authors: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <common.h>
+#include <x509.h>
+#include <x509_int.h>
+
+/**
+ * gnutls_x509_spki_init:
+ * @spki: A pointer to the type to be initialized
+ *
+ * This function will initialize a SubjectPublicKeyInfo structure used
+ * in PKIX. The structure is used to set additional parameters
+ * in the public key information field of a certificate.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.0
+ *
+ **/
+int
+gnutls_x509_spki_init(gnutls_x509_spki_t *spki)
+{
+	gnutls_x509_spki_t tmp;
+
+	FAIL_IF_LIB_ERROR;
+
+	tmp =
+	    gnutls_calloc(1, sizeof(gnutls_x509_spki_st));
+
+	if (!tmp)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	*spki = tmp;
+
+	return 0;		/* success */
+}
+
+/**
+ * gnutls_x509_spki_deinit:
+ * @spki: the SubjectPublicKeyInfo structure
+ *
+ * This function will deinitialize a SubjectPublicKeyInfo structure.
+ *
+ * Since: 3.6.0
+ *
+ **/
+void
+gnutls_x509_spki_deinit(gnutls_x509_spki_t spki)
+{
+	gnutls_free(spki);
+}
+
+/**
+ * gnutls_x509_spki_set_rsa_pss_params:
+ * @spki: the SubjectPublicKeyInfo structure
+ * @dig: a digest algorithm of type #gnutls_digest_algorithm_t
+ * @salt_size: the size of salt string
+ *
+ * This function will set the public key parameters for
+ * an RSA-PSS algorithm, in the SubjectPublicKeyInfo structure.
+ *
+ * Since: 3.6.0
+ *
+ **/
+void
+gnutls_x509_spki_set_rsa_pss_params(gnutls_x509_spki_t spki,
+				    gnutls_digest_algorithm_t dig,
+				    unsigned int salt_size)
+{
+	spki->pk = GNUTLS_PK_RSA_PSS;
+	spki->rsa_pss_dig = dig;
+	spki->salt_size = salt_size;
+}
+
+/**
+ * gnutls_x509_spki_get_rsa_pss_params:
+ * @spki: the SubjectPublicKeyInfo structure
+ * @dig: if non-NULL, it will hold the digest algorithm
+ * @salt_size: if non-NULL, it will hold the salt size
+ *
+ * This function will get the public key algorithm parameters
+ * of RSA-PSS type.
+ *
+ * Returns: zero if the parameters are present or a negative
+ *     value on error.
+ *
+ * Since: 3.6.0
+ *
+ **/
+int
+gnutls_x509_spki_get_rsa_pss_params(gnutls_x509_spki_t spki,
+				    gnutls_digest_algorithm_t *dig,
+				    unsigned int *salt_size)
+{
+	if (spki->pk == 0)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (spki->pk != GNUTLS_PK_RSA_PSS)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (dig)
+		*dig = spki->rsa_pss_dig;
+	if (salt_size)
+		*salt_size = spki->salt_size;
+
+	return 0;
+}
diff --git a/lib/x509/supported_exts.gperf b/lib/x509/supported_exts.gperf
new file mode 100644
index 0000000..aa5a6c1
--- /dev/null
+++ b/lib/x509/supported_exts.gperf
@@ -0,0 +1,40 @@
+%{
+%}
+%language=ANSI-C
+%readonly-tables
+%define lookup-function-name is_ext_oid_supported
+%define hash-function-name x509_ext_hash
+
+struct supported_exts_st { const char *name; };
+%%
+#GNUTLS_X509EXT_OID_SUBJECT_KEY_ID
+2.5.29.14
+#GNUTLS_X509EXT_OID_KEY_USAGE
+2.5.29.15
+#GNUTLS_X509EXT_OID_PRIVATE_KEY_USAGE_PERIOD - not supported
+#GNUTLS_X509EXT_OID_SAN
+2.5.29.17
+#GNUTLS_X509EXT_OID_IAN
+2.5.29.18
+#GNUTLS_X509EXT_OID_BASIC_CONSTRAINTS
+2.5.29.19
+#GNUTLS_X509EXT_OID_NAME_CONSTRAINTS
+2.5.29.30
+#GNUTLS_X509EXT_OID_CRL_DIST_POINTS
+2.5.29.31
+#GNUTLS_X509EXT_OID_AUTHORITY_KEY_ID
+2.5.29.35
+#GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE
+2.5.29.37
+#GNUTLS_X509EXT_OID_AUTHORITY_INFO_ACCESS
+1.3.6.1.5.5.7.1.1
+#GNUTLS_X509EXT_OID_PROXY_CRT_INFO
+1.3.6.1.5.5.7.1.14
+#GNUTLS_X509EXT_OID_TLSFEATURES
+1.3.6.1.5.5.7.1.24
+# We do not support verification with specific policies,
+# as such all the policies and restrictions are acceptable.
+#GNUTLS_X509EXT_OID_CRT_POLICY
+2.5.29.32
+#GNUTLS_X509EXT_OID_INHIBIT_ANYPOLICY
+2.5.29.54
diff --git a/lib/x509/supported_exts.h b/lib/x509/supported_exts.h
new file mode 100644
index 0000000..c7bb97b
--- /dev/null
+++ b/lib/x509/supported_exts.h
@@ -0,0 +1,161 @@
+/* ANSI-C code produced by gperf version 3.1 */
+/* Command-line: gperf --global-table -t supported_exts.gperf  */
+/* Computed positions: -k'8-9,17' */
+
+#if !((' ' == 32) && ('!' == 33) && ('"' == 34) && ('#' == 35) \
+      && ('%' == 37) && ('&' == 38) && ('\'' == 39) && ('(' == 40) \
+      && (')' == 41) && ('*' == 42) && ('+' == 43) && (',' == 44) \
+      && ('-' == 45) && ('.' == 46) && ('/' == 47) && ('0' == 48) \
+      && ('1' == 49) && ('2' == 50) && ('3' == 51) && ('4' == 52) \
+      && ('5' == 53) && ('6' == 54) && ('7' == 55) && ('8' == 56) \
+      && ('9' == 57) && (':' == 58) && (';' == 59) && ('<' == 60) \
+      && ('=' == 61) && ('>' == 62) && ('?' == 63) && ('A' == 65) \
+      && ('B' == 66) && ('C' == 67) && ('D' == 68) && ('E' == 69) \
+      && ('F' == 70) && ('G' == 71) && ('H' == 72) && ('I' == 73) \
+      && ('J' == 74) && ('K' == 75) && ('L' == 76) && ('M' == 77) \
+      && ('N' == 78) && ('O' == 79) && ('P' == 80) && ('Q' == 81) \
+      && ('R' == 82) && ('S' == 83) && ('T' == 84) && ('U' == 85) \
+      && ('V' == 86) && ('W' == 87) && ('X' == 88) && ('Y' == 89) \
+      && ('Z' == 90) && ('[' == 91) && ('\\' == 92) && (']' == 93) \
+      && ('^' == 94) && ('_' == 95) && ('a' == 97) && ('b' == 98) \
+      && ('c' == 99) && ('d' == 100) && ('e' == 101) && ('f' == 102) \
+      && ('g' == 103) && ('h' == 104) && ('i' == 105) && ('j' == 106) \
+      && ('k' == 107) && ('l' == 108) && ('m' == 109) && ('n' == 110) \
+      && ('o' == 111) && ('p' == 112) && ('q' == 113) && ('r' == 114) \
+      && ('s' == 115) && ('t' == 116) && ('u' == 117) && ('v' == 118) \
+      && ('w' == 119) && ('x' == 120) && ('y' == 121) && ('z' == 122) \
+      && ('{' == 123) && ('|' == 124) && ('}' == 125) && ('~' == 126))
+/* The character set is not based on ISO-646.  */
+#error "gperf generated tables don't work with this execution character set. Please report a bug to <bug-gperf@gnu.org>."
+#endif
+
+#line 1 "supported_exts.gperf"
+
+#line 8 "supported_exts.gperf"
+struct supported_exts_st { const char *name; };
+
+#define TOTAL_KEYWORDS 14
+#define MIN_WORD_LENGTH 9
+#define MAX_WORD_LENGTH 18
+#define MIN_HASH_VALUE 13
+#define MAX_HASH_VALUE 34
+/* maximum key range = 22, duplicates = 0 */
+
+#ifdef __GNUC__
+__inline
+#else
+#ifdef __cplusplus
+inline
+#endif
+#endif
+static unsigned int
+x509_ext_hash (register const char *str, register size_t len)
+{
+  static const unsigned char asso_values[] =
+    {
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35,  0, 35,  3, 10,
+       4,  5,  4,  0, 35, 15, 13, 14, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35, 35, 35, 35, 35,
+      35, 35, 35, 35, 35, 35
+    };
+  register unsigned int hval = len;
+
+  switch (hval)
+    {
+      default:
+        hval += asso_values[(unsigned char)str[16]];
+      /*FALLTHROUGH*/
+      case 16:
+      case 15:
+      case 14:
+      case 13:
+      case 12:
+      case 11:
+      case 10:
+      case 9:
+        hval += asso_values[(unsigned char)str[8]];
+      /*FALLTHROUGH*/
+      case 8:
+        hval += asso_values[(unsigned char)str[7]];
+        break;
+    }
+  return hval;
+}
+
+static const struct supported_exts_st wordlist[] =
+  {
+    {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""}, {""},
+    {""}, {""}, {""}, {""},
+#line 40 "supported_exts.gperf"
+    {"2.5.29.54"},
+#line 26 "supported_exts.gperf"
+    {"2.5.29.35"},
+    {""}, {""},
+#line 22 "supported_exts.gperf"
+    {"2.5.29.30"},
+#line 38 "supported_exts.gperf"
+    {"2.5.29.32"},
+#line 13 "supported_exts.gperf"
+    {"2.5.29.15"},
+    {""}, {""},
+#line 34 "supported_exts.gperf"
+    {"1.3.6.1.5.5.7.1.24"},
+#line 11 "supported_exts.gperf"
+    {"2.5.29.14"},
+#line 24 "supported_exts.gperf"
+    {"2.5.29.31"},
+    {""}, {""},
+#line 30 "supported_exts.gperf"
+    {"1.3.6.1.5.5.7.1.1"},
+#line 32 "supported_exts.gperf"
+    {"1.3.6.1.5.5.7.1.14"},
+#line 28 "supported_exts.gperf"
+    {"2.5.29.37"},
+    {""}, {""},
+#line 18 "supported_exts.gperf"
+    {"2.5.29.18"},
+#line 20 "supported_exts.gperf"
+    {"2.5.29.19"},
+#line 16 "supported_exts.gperf"
+    {"2.5.29.17"}
+  };
+
+static const struct supported_exts_st *
+is_ext_oid_supported (register const char *str, register size_t len)
+{
+  if (len <= MAX_WORD_LENGTH && len >= MIN_WORD_LENGTH)
+    {
+      register unsigned int key = x509_ext_hash (str, len);
+
+      if (key <= MAX_HASH_VALUE)
+        {
+          register const char *s = wordlist[key].name;
+
+          if (*str == *s && !strcmp (str + 1, s + 1))
+            return &wordlist[key];
+        }
+    }
+  return 0;
+}
diff --git a/lib/x509/time.c b/lib/x509/time.c
new file mode 100644
index 0000000..2726600
--- /dev/null
+++ b/lib/x509/time.c
@@ -0,0 +1,468 @@
+/*
+ * Copyright (C) 2003-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <libtasn1.h>
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <str.h>
+#include <x509.h>
+#include <num.h>
+#include <x509_b64.h>
+#include "x509_int.h"
+#include "extras/hex.h"
+#include <common.h>
+#include <c-ctype.h>
+
+time_t _gnutls_utcTime2gtime(const char *ttime);
+
+/* TIME functions
+ * Conversions between generalized or UTC time to time_t
+ *
+ */
+
+/* This is an emulation of the struct tm.
+ * Since we do not use libc's functions, we don't need to
+ * depend on the libc structure.
+ */
+typedef struct fake_tm {
+	int tm_mon;
+	int tm_year;		/* FULL year - ie 1971 */
+	int tm_mday;
+	int tm_hour;
+	int tm_min;
+	int tm_sec;
+} fake_tm;
+
+/* The mktime_utc function is due to Russ Allbery (rra@stanford.edu),
+ * who placed it under public domain:
+ */
+
+/* The number of days in each month.
+ */
+static const int MONTHDAYS[] = {
+	31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
+};
+
+    /* Whether a given year is a leap year. */
+#define ISLEAP(year) \
+	(((year) % 4) == 0 && (((year) % 100) != 0 || ((year) % 400) == 0))
+
+/*
+ **  Given a struct tm representing a calendar time in UTC, convert it to
+ **  seconds since epoch.  Returns (time_t) -1 if the time is not
+ **  convertible.  Note that this function does not canonicalize the provided
+ **  struct tm, nor does it allow out of range values or years before 1970.
+ */
+static time_t mktime_utc(const struct fake_tm *tm)
+{
+	time_t result = 0;
+	int i;
+
+/* We do allow some ill-formed dates, but we don't do anything special
+ * with them and our callers really shouldn't pass them to us.  Do
+ * explicitly disallow the ones that would cause invalid array accesses
+ * or other algorithm problems.
+ */
+	if (tm->tm_mon < 0 || tm->tm_mon > 11 || tm->tm_year < 1970)
+		return (time_t) - 1;
+
+	/* Check for "obvious" mistakes in dates */
+	if (tm->tm_sec > 60 || tm->tm_min > 59 || tm->tm_mday > 31 || tm->tm_mday < 1 || tm->tm_hour > 23)
+		return (time_t) - 1;
+
+/* Convert to a time_t.
+ */
+	for (i = 1970; i < tm->tm_year; i++)
+		result += 365 + ISLEAP(i);
+	for (i = 0; i < tm->tm_mon; i++)
+		result += MONTHDAYS[i];
+	if (tm->tm_mon > 1 && ISLEAP(tm->tm_year))
+		result++;
+	result = 24 * (result + tm->tm_mday - 1) + tm->tm_hour;
+	result = 60 * result + tm->tm_min;
+	result = 60 * result + tm->tm_sec;
+	return result;
+}
+
+
+/* this one will parse dates of the form:
+ * month|day|hour|minute|sec* (2 chars each)
+ * and year is given. Returns a time_t date.
+ */
+static time_t time2gtime(const char *ttime, int year)
+{
+	char xx[4];
+	struct fake_tm etime;
+
+	if (strlen(ttime) < 8) {
+		gnutls_assert();
+		return (time_t) - 1;
+	}
+
+	etime.tm_year = year;
+
+	/* In order to work with 32 bit
+	 * time_t.
+	 */
+	if (sizeof(time_t) <= 4 && etime.tm_year >= 2038)
+		return (time_t) 2145914603;	/* 2037-12-31 23:23:23 */
+
+	if (etime.tm_year < 1970)
+		return (time_t) 0;
+
+	xx[2] = 0;
+
+/* get the month
+ */
+	memcpy(xx, ttime, 2);	/* month */
+	etime.tm_mon = atoi(xx) - 1;
+	ttime += 2;
+
+/* get the day
+ */
+	memcpy(xx, ttime, 2);	/* day */
+	etime.tm_mday = atoi(xx);
+	ttime += 2;
+
+/* get the hour
+ */
+	memcpy(xx, ttime, 2);	/* hour */
+	etime.tm_hour = atoi(xx);
+	ttime += 2;
+
+/* get the minutes
+ */
+	memcpy(xx, ttime, 2);	/* minutes */
+	etime.tm_min = atoi(xx);
+	ttime += 2;
+
+	if (strlen(ttime) >= 2) {
+		memcpy(xx, ttime, 2);
+		etime.tm_sec = atoi(xx);
+	} else
+		etime.tm_sec = 0;
+
+	return mktime_utc(&etime);
+}
+
+
+/* returns a time_t value that contains the given time.
+ * The given time is expressed as:
+ * YEAR(2)|MONTH(2)|DAY(2)|HOUR(2)|MIN(2)|SEC(2)*
+ *
+ * (seconds are optional)
+ */
+time_t _gnutls_utcTime2gtime(const char *ttime)
+{
+	char xx[3];
+	int year, i;
+	int len = strlen(ttime);
+
+	if (len < 10) {
+		gnutls_assert();
+		return (time_t) - 1;
+	}
+
+#ifdef STRICT_DER_TIME
+	/* Make sure everything else is digits. */
+	for (i = 0; i < len - 1; i++) {
+		if (c_isdigit(ttime[i]))
+			continue;
+		return gnutls_assert_val((time_t)-1);
+	}
+#endif
+	xx[2] = 0;
+
+/* get the year
+ */
+	memcpy(xx, ttime, 2);	/* year */
+	year = atoi(xx);
+	ttime += 2;
+
+	if (year > 49)
+		year += 1900;
+	else
+		year += 2000;
+
+	return time2gtime(ttime, year);
+}
+
+/* returns a time_t value that contains the given time.
+ * The given time is expressed as:
+ * YEAR(4)|MONTH(2)|DAY(2)|HOUR(2)|MIN(2)|SEC(2)*
+ */
+time_t _gnutls_x509_generalTime2gtime(const char *ttime)
+{
+	char xx[5];
+	int year;
+
+	if (strlen(ttime) < 12) {
+		gnutls_assert();
+		return (time_t) - 1;
+	}
+
+	if (strchr(ttime, 'Z') == 0) {
+		gnutls_assert();
+		/* required to be in GMT */
+		return (time_t) - 1;
+	}
+
+	if (strchr(ttime, '.') != 0) {
+		gnutls_assert();
+		/* no fractional seconds allowed */
+		return (time_t) - 1;
+	}
+	xx[4] = 0;
+
+/* get the year
+ */
+	memcpy(xx, ttime, 4);	/* year */
+	year = atoi(xx);
+	ttime += 4;
+
+	return time2gtime(ttime, year);
+}
+
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wformat-y2k"
+/* tag will contain ASN1_TAG_UTCTime or ASN1_TAG_GENERALIZEDTime */
+static int
+gtime_to_suitable_time(time_t gtime, char *str_time, size_t str_time_size, unsigned *tag)
+{
+	size_t ret;
+	struct tm _tm;
+
+	if (gtime == (time_t)-1
+#if SIZEOF_LONG == 8
+		|| gtime >= 253402210800
+#endif
+	 ) {
+		if (tag)
+			*tag = ASN1_TAG_GENERALIZEDTime;
+		snprintf(str_time, str_time_size, "99991231235959Z");
+		return 0;
+	}
+
+	if (!gmtime_r(&gtime, &_tm)) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	if (_tm.tm_year >= 150) {
+		if (tag)
+			*tag = ASN1_TAG_GENERALIZEDTime;
+		ret = strftime(str_time, str_time_size, "%Y%m%d%H%M%SZ", &_tm);
+	} else {
+		if (tag)
+			*tag = ASN1_TAG_UTCTime;
+		ret = strftime(str_time, str_time_size, "%y%m%d%H%M%SZ", &_tm);
+	}
+
+	if (!ret) {
+		gnutls_assert();
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	return 0;
+}
+#pragma GCC diagnostic pop
+
+static int
+gtime_to_generalTime(time_t gtime, char *str_time, size_t str_time_size)
+{
+	size_t ret;
+	struct tm _tm;
+
+	if (gtime == (time_t)-1
+#if SIZEOF_LONG == 8
+		|| gtime >= 253402210800
+#endif
+	 ) {
+		snprintf(str_time, str_time_size, "99991231235959Z");
+		return 0;
+	}
+
+	if (!gmtime_r(&gtime, &_tm)) {
+		gnutls_assert();
+		return GNUTLS_E_INTERNAL_ERROR;
+	}
+
+	ret = strftime(str_time, str_time_size, "%Y%m%d%H%M%SZ", &_tm);
+	if (!ret) {
+		gnutls_assert();
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	return 0;
+}
+
+
+/* Extracts the time in time_t from the asn1_node given. When should
+ * be something like "tbsCertList.thisUpdate".
+ */
+#define MAX_TIME 64
+time_t _gnutls_x509_get_time(asn1_node c2, const char *where, int force_general)
+{
+	char ttime[MAX_TIME];
+	char name[128];
+	time_t c_time = (time_t) - 1;
+	int len, result;
+
+	len = sizeof(ttime) - 1;
+	result = asn1_read_value(c2, where, ttime, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return (time_t) (-1);
+	}
+
+	if (force_general != 0) {
+		c_time = _gnutls_x509_generalTime2gtime(ttime);
+	} else {
+		_gnutls_str_cpy(name, sizeof(name), where);
+
+		/* choice */
+		if (strcmp(ttime, "generalTime") == 0) {
+			if (name[0] == 0)
+				_gnutls_str_cpy(name, sizeof(name),
+						"generalTime");
+			else
+				_gnutls_str_cat(name, sizeof(name),
+						".generalTime");
+			len = sizeof(ttime) - 1;
+			result = asn1_read_value(c2, name, ttime, &len);
+			if (result == ASN1_SUCCESS)
+				c_time =
+				    _gnutls_x509_generalTime2gtime(ttime);
+		} else {	/* UTCTIME */
+			if (name[0] == 0)
+				_gnutls_str_cpy(name, sizeof(name), "utcTime");
+			else
+				_gnutls_str_cat(name, sizeof(name), ".utcTime");
+			len = sizeof(ttime) - 1;
+			result = asn1_read_value(c2, name, ttime, &len);
+			if (result == ASN1_SUCCESS)
+				c_time = _gnutls_utcTime2gtime(ttime);
+		}
+
+		/* We cannot handle dates after 2031 in 32 bit machines.
+		 * a time_t of 64bits has to be used.
+		 */
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return (time_t) (-1);
+		}
+	}
+
+	return c_time;
+}
+
+/* Sets the time in time_t in the asn1_node given. Where should
+ * be something like "tbsCertList.thisUpdate".
+ */
+int
+_gnutls_x509_set_time(asn1_node c2, const char *where, time_t tim,
+		      int force_general)
+{
+	char str_time[MAX_TIME];
+	char name[128];
+	int result, len;
+	unsigned tag;
+
+	if (force_general != 0) {
+		result =
+		    gtime_to_generalTime(tim, str_time, sizeof(str_time));
+		if (result < 0)
+			return gnutls_assert_val(result);
+		len = strlen(str_time);
+		result = asn1_write_value(c2, where, str_time, len);
+		if (result != ASN1_SUCCESS)
+			return gnutls_assert_val(_gnutls_asn2err(result));
+
+		return 0;
+	}
+
+	result = gtime_to_suitable_time(tim, str_time, sizeof(str_time), &tag);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	_gnutls_str_cpy(name, sizeof(name), where);
+	if (tag == ASN1_TAG_UTCTime) {
+		if ((result = asn1_write_value(c2, where, "utcTime", 1)) < 0) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+		_gnutls_str_cat(name, sizeof(name), ".utcTime");
+	} else {
+		if ((result = asn1_write_value(c2, where, "generalTime", 1)) < 0) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+		_gnutls_str_cat(name, sizeof(name), ".generalTime");
+	}
+
+	len = strlen(str_time);
+	result = asn1_write_value(c2, name, str_time, len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/* This will set a DER encoded Time element. To be used in fields
+ * which are of the ANY.
+ */
+int
+_gnutls_x509_set_raw_time(asn1_node c2, const char *where, time_t tim)
+{
+	char str_time[MAX_TIME];
+	uint8_t buf[128];
+	int result, len, der_len;
+	unsigned tag;
+
+	result =
+	    gtime_to_suitable_time(tim, str_time, sizeof(str_time), &tag);
+	if (result < 0)
+		return gnutls_assert_val(result);
+	len = strlen(str_time);
+
+	buf[0] = tag;
+	asn1_length_der(len, buf+1, &der_len);
+
+	if ((unsigned)len > sizeof(buf)-der_len-1) {
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+
+	memcpy(buf+1+der_len, str_time, len);
+
+	result = asn1_write_value(c2, where, buf, len+1+der_len);
+	if (result != ASN1_SUCCESS)
+		return gnutls_assert_val(_gnutls_asn2err(result));
+	return 0;
+}
+
diff --git a/lib/x509/tls_features.c b/lib/x509/tls_features.c
new file mode 100644
index 0000000..bbb9896
--- /dev/null
+++ b/lib/x509/tls_features.c
@@ -0,0 +1,265 @@
+/*
+ * Copyright (C) 2003-2016 Free Software Foundation, Inc.
+ *
+ * Authors: Nikos Mavrogiannopoulos, Simon Josefsson, Howard Chu
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <gnutls/x509-ext.h>
+#include <x509.h>
+#include <x509_b64.h>
+#include <x509_int.h>
+#include <libtasn1.h>
+#include <pk.h>
+#include <pkcs11_int.h>
+#include "urls.h"
+
+/**
+ * gnutls_x509_tlsfeatures_init:
+ * @f: The TLS features
+ *
+ * This function will initialize a X.509 TLS features extension structure
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error value.
+ *
+ * Since: 3.5.1
+ **/
+int gnutls_x509_tlsfeatures_init(gnutls_x509_tlsfeatures_t *f)
+{
+	*f = gnutls_calloc(1, sizeof(struct gnutls_x509_tlsfeatures_st));
+	if (*f == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_tlsfeatures_deinit:
+ * @f: The TLS features
+ *
+ * This function will deinitialize a X.509 TLS features extension structure
+ *
+ * Since: 3.5.1
+ **/
+void gnutls_x509_tlsfeatures_deinit(gnutls_x509_tlsfeatures_t f)
+{
+	gnutls_free(f);
+}
+
+/**
+ * gnutls_x509_tlsfeatures_get:
+ * @f: The TLS features
+ * @idx: The index of the feature to get
+ * @feature: If the function succeeds, the feature will be stored in this variable
+ *
+ * This function will get a feature from the X.509 TLS features
+ * extension structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error value.
+ *
+ * Since: 3.5.1
+ **/
+int gnutls_x509_tlsfeatures_get(gnutls_x509_tlsfeatures_t f, unsigned idx, unsigned int *feature)
+{
+	if (f == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (idx >= f->size) {
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+	}
+
+	*feature = f->feature[idx];
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_get_tlsfeatures:
+ * @crt: A X.509 certificate
+ * @features: If the function succeeds, the
+ *   features will be stored in this variable.
+ * @flags: zero or %GNUTLS_EXT_FLAG_APPEND
+ * @critical: the extension status
+ *
+ * This function will get the X.509 TLS features
+ * extension structure from the certificate. The
+ * returned structure needs to be freed using
+ * gnutls_x509_tlsfeatures_deinit().
+ *
+ * When the @flags is set to %GNUTLS_EXT_FLAG_APPEND,
+ * then if the @features structure is empty this function will behave
+ * identically as if the flag was not set. Otherwise if there are elements 
+ * in the @features structure then they will be merged with.
+ *
+ * Note that @features must be initialized prior to calling this function.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error value.
+ *
+ * Since: 3.5.1
+ **/
+int gnutls_x509_crt_get_tlsfeatures(gnutls_x509_crt_t crt,
+				    gnutls_x509_tlsfeatures_t features,
+				    unsigned int flags,
+				    unsigned int *critical)
+{
+	int ret;
+	gnutls_datum_t der;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((ret =
+		 _gnutls_x509_crt_get_extension(crt, GNUTLS_X509EXT_OID_TLSFEATURES, 0,
+						&der, critical)) < 0)
+	{
+		return ret;
+	}
+
+	if (der.size == 0 || der.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	ret = gnutls_x509_ext_import_tlsfeatures(&der, features, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_free(der.data);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_set_tlsfeatures:
+ * @crt: A X.509 certificate
+ * @features: If the function succeeds, the
+ *   features will be added to the certificate.
+ *
+ * This function will set the certificates
+ * X.509 TLS extension from the given structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error value.
+ *
+ * Since: 3.5.1
+ **/
+int gnutls_x509_crt_set_tlsfeatures(gnutls_x509_crt_t crt,
+				    gnutls_x509_tlsfeatures_t features)
+{
+	int ret;
+	gnutls_datum_t der;
+
+	if (crt == NULL || features == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_x509_ext_export_tlsfeatures(features, &der);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_x509_crt_set_extension(crt, GNUTLS_X509EXT_OID_TLSFEATURES, &der, 0);
+
+	_gnutls_free_datum(&der);
+
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_tls_features_check_crt:
+ * @feat: a set of TLSFeatures
+ * @cert: the certificate to be checked
+ *
+ * This function will check the provided certificate against the TLSFeatures
+ * set in @feat using the RFC7633 p.4.2.2 rules. It will check whether the certificate
+ * contains the features in @feat or a superset.
+ *
+ * Returns: non-zero if the provided certificate complies, and zero otherwise.
+ *
+ * Since: 3.5.1
+ **/
+unsigned gnutls_x509_tlsfeatures_check_crt(gnutls_x509_tlsfeatures_t feat,
+					   gnutls_x509_crt_t cert)
+{
+	int ret;
+	gnutls_x509_tlsfeatures_t cfeat;
+	unsigned i, j, uret, found;
+
+	if (feat->size == 0)
+		return 1; /* shortcut; no constraints to check */
+
+	ret = gnutls_x509_tlsfeatures_init(&cfeat);
+	if (ret < 0)
+		return gnutls_assert_val(0);
+
+	ret = gnutls_x509_crt_get_tlsfeatures(cert, cfeat, 0, NULL);
+	if (ret < 0) {
+		gnutls_assert();
+		uret = 0;
+		goto cleanup;
+	}
+
+	/* if cert's features cannot be a superset */
+	if (feat->size > cfeat->size) {
+		_gnutls_debug_log("certificate has %u, while issuer has %u tlsfeatures\n", cfeat->size, feat->size);
+		gnutls_assert();
+		uret = 0;
+		goto cleanup;
+	}
+
+	for (i=0;i<feat->size;i++) {
+		found = 0;
+		for (j=0;j<cfeat->size;j++) {
+			if (feat->feature[i] == cfeat->feature[j]) {
+				found = 1;
+				break;
+			}
+		}
+
+		if (found == 0) {
+			_gnutls_debug_log("feature %d was not found in cert\n", (int)feat->feature[i]);
+			uret = 0;
+			goto cleanup;
+		}
+	}
+
+	uret = 1;
+ cleanup:
+	gnutls_x509_tlsfeatures_deinit(cfeat);
+	return uret;
+}
diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c
new file mode 100644
index 0000000..5698d4f
--- /dev/null
+++ b/lib/x509/verify-high.c
@@ -0,0 +1,1834 @@
+/*
+ * Copyright (C) 2011-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <libtasn1.h>
+#include <global.h>
+#include <num.h>		/* MAX */
+#include <tls-sig.h>
+#include <str.h>
+#include <datum.h>
+#include <hash-pjw-bare.h>
+#include "x509_int.h"
+#include <common.h>
+#include <gnutls/x509-ext.h>
+#include "verify-high.h"
+#include "intprops.h"
+
+struct named_cert_st {
+	gnutls_x509_crt_t cert;
+	uint8_t name[MAX_SERVER_NAME_SIZE];
+	unsigned int name_size;
+};
+
+struct node_st {
+	/* The trusted certificates */
+	gnutls_x509_crt_t *trusted_cas;
+	unsigned int trusted_ca_size;
+
+	struct named_cert_st *named_certs;
+	unsigned int named_cert_size;
+
+	/* The trusted CRLs */
+	gnutls_x509_crl_t *crls;
+	unsigned int crl_size;
+};
+
+struct gnutls_x509_trust_list_iter {
+	unsigned int node_index;
+	unsigned int ca_index;
+
+#ifdef ENABLE_PKCS11
+	gnutls_pkcs11_obj_t* pkcs11_list;
+	unsigned int pkcs11_index;
+	unsigned int pkcs11_size;
+#endif
+};
+
+#define DEFAULT_SIZE 127
+
+struct cert_set_node_st {
+	gnutls_x509_crt_t *certs;
+	unsigned int size;
+};
+
+struct cert_set_st {
+	struct cert_set_node_st *node;
+	unsigned int size;
+};
+
+static int
+cert_set_init(struct cert_set_st *set, unsigned int size)
+{
+	memset(set, 0, sizeof(*set));
+
+	set->size = size;
+	set->node = gnutls_calloc(size, sizeof(*set->node));
+	if (!set->node) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	return 0;
+}
+
+static void
+cert_set_deinit(struct cert_set_st *set)
+{
+	size_t i;
+
+	for (i = 0; i < set->size; i++) {
+		gnutls_free(set->node[i].certs);
+	}
+
+	gnutls_free(set->node);
+}
+
+static bool
+cert_set_contains(struct cert_set_st *set, const gnutls_x509_crt_t cert)
+{
+	size_t hash, i;
+
+	hash = hash_pjw_bare(cert->raw_dn.data, cert->raw_dn.size);
+	hash %= set->size;
+
+	for (i = 0; i < set->node[hash].size; i++) {
+		if (unlikely(gnutls_x509_crt_equals(set->node[hash].certs[i], cert))) {
+			return true;
+		}
+	}
+
+	return false;
+}
+
+static int
+cert_set_add(struct cert_set_st *set, const gnutls_x509_crt_t cert)
+{
+	size_t hash;
+
+	hash = hash_pjw_bare(cert->raw_dn.data, cert->raw_dn.size);
+	hash %= set->size;
+
+	if (unlikely(INT_ADD_OVERFLOW(set->node[hash].size, 1))) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	set->node[hash].certs =
+		_gnutls_reallocarray_fast(set->node[hash].certs,
+					  set->node[hash].size + 1,
+					  sizeof(*set->node[hash].certs));
+	if (!set->node[hash].certs) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+	set->node[hash].certs[set->node[hash].size] = cert;
+	set->node[hash].size++;
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_trust_list_init:
+ * @list: A pointer to the type to be initialized
+ * @size: The size of the internal hash table. Use (0) for default size.
+ *
+ * This function will initialize an X.509 trust list structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0.0
+ **/
+int
+gnutls_x509_trust_list_init(gnutls_x509_trust_list_t * list,
+			    unsigned int size)
+{
+	gnutls_x509_trust_list_t tmp;
+
+	FAIL_IF_LIB_ERROR;
+
+	tmp =
+	    gnutls_calloc(1, sizeof(struct gnutls_x509_trust_list_st));
+
+	if (!tmp)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	if (size == 0)
+		size = DEFAULT_SIZE;
+	tmp->size = size;
+
+	tmp->node = gnutls_calloc(1, tmp->size * sizeof(tmp->node[0]));
+	if (tmp->node == NULL) {
+		gnutls_assert();
+		gnutls_free(tmp);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	*list = tmp;
+
+	return 0;		/* success */
+}
+
+/**
+ * gnutls_x509_trust_list_deinit:
+ * @list: The list to be deinitialized
+ * @all: if non-zero it will deinitialize all the certificates and CRLs contained in the structure.
+ *
+ * This function will deinitialize a trust list. Note that the
+ * @all flag should be typically non-zero unless you have specified
+ * your certificates using gnutls_x509_trust_list_add_cas() and you
+ * want to prevent them from being deinitialized by this function.
+ *
+ * Since: 3.0.0
+ **/
+void
+gnutls_x509_trust_list_deinit(gnutls_x509_trust_list_t list,
+			      unsigned int all)
+{
+	unsigned int i, j;
+
+	if (!list)
+		return;
+
+	for (j = 0; j < list->blacklisted_size; j++) {
+		gnutls_x509_crt_deinit(list->blacklisted[j]);
+	}
+	gnutls_free(list->blacklisted);
+
+	for (j = 0; j < list->keep_certs_size; j++) {
+		gnutls_x509_crt_deinit(list->keep_certs[j]);
+	}
+	gnutls_free(list->keep_certs);
+
+	for (i = 0; i < list->size; i++) {
+		if (all) {
+			for (j = 0; j < list->node[i].trusted_ca_size; j++) {
+				gnutls_x509_crt_deinit(list->node[i].
+						       trusted_cas[j]);
+			}
+		}
+		gnutls_free(list->node[i].trusted_cas);
+
+
+		if (all) {
+			for (j = 0; j < list->node[i].crl_size; j++) {
+				gnutls_x509_crl_deinit(list->node[i].
+						       crls[j]);
+			}
+		}
+		gnutls_free(list->node[i].crls);
+
+		if (all) {
+			for (j = 0; j < list->node[i].named_cert_size; j++) {
+				gnutls_x509_crt_deinit(list->node[i].
+						       named_certs[j].
+						       cert);
+			}
+		}
+		gnutls_free(list->node[i].named_certs);
+	}
+
+	gnutls_free(list->x509_rdn_sequence.data);
+	gnutls_free(list->node);
+	gnutls_free(list->pkcs11_token);
+	gnutls_free(list);
+}
+
+static int
+add_new_ca_to_rdn_seq(gnutls_x509_trust_list_t list,
+		       gnutls_x509_crt_t ca)
+{
+	gnutls_datum_t tmp;
+	size_t newsize;
+	unsigned char *newdata, *p;
+
+	/* Add DN of the last added CAs to the RDN sequence
+	 * This will be sent to clients when a certificate
+	 * request message is sent.
+	 */
+	tmp.data = ca->raw_dn.data;
+	tmp.size = ca->raw_dn.size;
+
+	newsize = list->x509_rdn_sequence.size + 2 + tmp.size;
+	if (newsize < list->x509_rdn_sequence.size) {
+		gnutls_assert();
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	newdata =
+	    gnutls_realloc_fast(list->x509_rdn_sequence.data,
+				newsize);
+	if (newdata == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	p = newdata + list->x509_rdn_sequence.size;
+	_gnutls_write_uint16(tmp.size, p);
+	if (tmp.data != NULL)
+		memcpy(p + 2, tmp.data, tmp.size);
+
+	list->x509_rdn_sequence.size = newsize;
+	list->x509_rdn_sequence.data = newdata;
+
+	return 0;
+}
+
+#ifdef ENABLE_PKCS11
+/* Keeps the provided certificate in a structure that will be
+ * deallocated on deinit. This is to handle get_issuer() with
+ * pkcs11 trust modules when the GNUTLS_TL_GET_COPY flag isn't
+ * given. It is not thread safe. */
+static int
+trust_list_add_compat(gnutls_x509_trust_list_t list,
+			       gnutls_x509_crt_t cert)
+{
+	if (unlikely(INT_ADD_OVERFLOW(list->keep_certs_size, 1))) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	list->keep_certs =
+		_gnutls_reallocarray_fast(list->keep_certs,
+					  list->keep_certs_size + 1,
+					  sizeof(list->keep_certs[0]));
+	if (list->keep_certs == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	list->keep_certs[list->keep_certs_size] = cert;
+	list->keep_certs_size++;
+
+	return 0;
+}
+#endif
+
+/**
+ * gnutls_x509_trust_list_add_cas:
+ * @list: The list
+ * @clist: A list of CAs
+ * @clist_size: The length of the CA list
+ * @flags: flags from %gnutls_trust_list_flags_t
+ *
+ * This function will add the given certificate authorities
+ * to the trusted list. The CAs in @clist must not be deinitialized
+ * during the lifetime of @list.
+ *
+ * If the flag %GNUTLS_TL_NO_DUPLICATES is specified, then
+ * this function will ensure that no duplicates will be
+ * present in the final trust list.
+ *
+ * If the flag %GNUTLS_TL_NO_DUPLICATE_KEY is specified, then
+ * this function will ensure that no certificates with the
+ * same key are present in the final trust list.
+ *
+ * If either %GNUTLS_TL_NO_DUPLICATE_KEY or %GNUTLS_TL_NO_DUPLICATES
+ * are given, gnutls_x509_trust_list_deinit() must be called with parameter
+ * @all being 1.
+ *
+ * Returns: The number of added elements is returned; that includes
+ *          duplicate entries.
+ *
+ * Since: 3.0.0
+ **/
+int
+gnutls_x509_trust_list_add_cas(gnutls_x509_trust_list_t list,
+			       const gnutls_x509_crt_t * clist,
+			       unsigned clist_size, unsigned int flags)
+{
+	unsigned i, j;
+	size_t hash;
+	int ret;
+	unsigned exists;
+
+	for (i = 0; i < clist_size; i++) {
+		exists = 0;
+		hash =
+		    hash_pjw_bare(clist[i]->raw_dn.data,
+				  clist[i]->raw_dn.size);
+		hash %= list->size;
+
+		/* avoid duplicates */
+		if (flags & GNUTLS_TL_NO_DUPLICATES || flags & GNUTLS_TL_NO_DUPLICATE_KEY) {
+			for (j=0;j<list->node[hash].trusted_ca_size;j++) {
+				if (flags & GNUTLS_TL_NO_DUPLICATES)
+					ret = gnutls_x509_crt_equals(list->node[hash].trusted_cas[j], clist[i]);
+				else
+					ret = _gnutls_check_if_same_key(list->node[hash].trusted_cas[j], clist[i], 1);
+				if (ret != 0) {
+					exists = 1;
+					break;
+				}
+			}
+
+			if (exists != 0) {
+				gnutls_x509_crt_deinit(list->node[hash].trusted_cas[j]);
+				list->node[hash].trusted_cas[j] = clist[i];
+				continue;
+			}
+		}
+
+		if (unlikely(INT_ADD_OVERFLOW(list->node[hash].trusted_ca_size, 1))) {
+			gnutls_assert();
+			return i;
+		}
+
+		list->node[hash].trusted_cas =
+			_gnutls_reallocarray_fast(list->node[hash].trusted_cas,
+						  list->node[hash].trusted_ca_size + 1,
+						  sizeof(list->node[hash].trusted_cas[0]));
+		if (list->node[hash].trusted_cas == NULL) {
+			gnutls_assert();
+			return i;
+		}
+
+		if (gnutls_x509_crt_get_version(clist[i]) >= 3 &&
+		    gnutls_x509_crt_get_ca_status(clist[i], NULL) <= 0) {
+			gnutls_datum_t dn;
+			gnutls_assert();
+			if (gnutls_x509_crt_get_dn2(clist[i], &dn) >= 0) {
+				_gnutls_audit_log(NULL,
+					  "There was a non-CA certificate in the trusted list: %s.\n",
+					  dn.data);
+				gnutls_free(dn.data);
+			}
+		}
+
+		list->node[hash].trusted_cas[list->node[hash].
+					     trusted_ca_size] = clist[i];
+		list->node[hash].trusted_ca_size++;
+
+		if (flags & GNUTLS_TL_USE_IN_TLS) {
+			ret = add_new_ca_to_rdn_seq(list, clist[i]);
+			if (ret < 0) {
+				gnutls_assert();
+				return i+1;
+			}
+		}
+	}
+
+	return i;
+}
+
+static int
+advance_iter(gnutls_x509_trust_list_t list,
+	     gnutls_x509_trust_list_iter_t iter)
+{
+	if (iter->node_index < list->size) {
+		++iter->ca_index;
+
+		/* skip entries */
+		while (iter->node_index < list->size &&
+		       iter->ca_index >= list->node[iter->node_index].trusted_ca_size) {
+			++iter->node_index;
+			iter->ca_index = 0;
+		}
+
+		if (iter->node_index < list->size)
+			return 0;
+	}
+
+#ifdef ENABLE_PKCS11
+	if (list->pkcs11_token != NULL) {
+		if (iter->pkcs11_list == NULL) {
+			int ret = gnutls_pkcs11_obj_list_import_url2(&iter->pkcs11_list, &iter->pkcs11_size,
+			    list->pkcs11_token, (GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE|GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_MARK_CA|GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED), 0);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+
+			if (iter->pkcs11_size > 0)
+				return 0;
+		} else if (iter->pkcs11_index < iter->pkcs11_size) {
+			++iter->pkcs11_index;
+			if (iter->pkcs11_index < iter->pkcs11_size)
+				return 0;
+		}
+	}
+#endif
+
+	return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+}
+
+/**
+ * gnutls_x509_trust_list_iter_get_ca:
+ * @list: The list
+ * @iter: A pointer to an iterator (initially the iterator should be %NULL)
+ * @crt: where the certificate will be copied
+ *
+ * This function obtains a certificate in the trust list and advances the
+ * iterator to the next certificate. The certificate returned in @crt must be
+ * deallocated with gnutls_x509_crt_deinit().
+ *
+ * When past the last element is accessed %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * is returned and the iterator is reset.
+ *
+ * The iterator is deinitialized and reset to %NULL automatically by this
+ * function after iterating through all elements until
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned. If the iteration is
+ * aborted early, it must be manually deinitialized using
+ * gnutls_x509_trust_list_iter_deinit().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_x509_trust_list_iter_get_ca(gnutls_x509_trust_list_t list,
+				   gnutls_x509_trust_list_iter_t *iter,
+				   gnutls_x509_crt_t *crt)
+{
+	int ret;
+
+	/* initialize iterator */
+	if (*iter == NULL) {
+		*iter = gnutls_malloc(sizeof (struct gnutls_x509_trust_list_iter));
+		if (*iter == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		(*iter)->node_index = 0;
+		(*iter)->ca_index = 0;
+
+#ifdef ENABLE_PKCS11
+		(*iter)->pkcs11_list = NULL;
+		(*iter)->pkcs11_size = 0;
+		(*iter)->pkcs11_index = 0;
+#endif
+
+		/* Advance iterator to the first valid entry */
+		if (list->node[0].trusted_ca_size == 0) {
+			ret = advance_iter(list, *iter);
+			if (ret != 0) {
+				gnutls_x509_trust_list_iter_deinit(*iter);
+				*iter = NULL;
+
+				*crt = NULL;
+				return gnutls_assert_val(ret);
+			}
+		}
+	}
+
+	/* obtain the certificate at the current iterator position */
+	if ((*iter)->node_index < list->size) {
+		ret = gnutls_x509_crt_init(crt);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = _gnutls_x509_crt_cpy(*crt, list->node[(*iter)->node_index].trusted_cas[(*iter)->ca_index]);
+		if (ret < 0) {
+			gnutls_x509_crt_deinit(*crt);
+			return gnutls_assert_val(ret);
+		}
+	}
+#ifdef ENABLE_PKCS11
+	else if ( (*iter)->pkcs11_index < (*iter)->pkcs11_size) {
+		ret = gnutls_x509_crt_init(crt);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret = gnutls_x509_crt_import_pkcs11(*crt, (*iter)->pkcs11_list[(*iter)->pkcs11_index]);
+		if (ret < 0) {
+			gnutls_x509_crt_deinit(*crt);
+			return gnutls_assert_val(ret);
+		}
+	}
+#endif
+
+	else {
+		/* iterator is at end */
+		gnutls_x509_trust_list_iter_deinit(*iter);
+		*iter = NULL;
+
+		*crt = NULL;
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+	}
+
+	/* Move iterator to the next position.
+	 * GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned if the iterator
+	 * has been moved to the end position. That is okay, we return the
+	 * certificate that we read and when this function is called again we
+	 * report GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE to our caller. */
+	ret = advance_iter(list, *iter);
+	if (ret	< 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		gnutls_x509_crt_deinit(*crt);
+		*crt = NULL;
+
+		return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_trust_list_iter_deinit:
+ * @iter: The iterator structure to be deinitialized
+ *
+ * This function will deinitialize an iterator structure.
+ *
+ * Since: 3.4.0
+ **/
+void gnutls_x509_trust_list_iter_deinit(gnutls_x509_trust_list_iter_t iter)
+{
+	if (!iter)
+		return;
+
+#ifdef ENABLE_PKCS11
+	if (iter->pkcs11_size > 0) {
+		unsigned i;
+		for (i = 0; i < iter->pkcs11_size; ++i)
+			gnutls_pkcs11_obj_deinit(iter->pkcs11_list[i]);
+		gnutls_free(iter->pkcs11_list);
+	}
+#endif
+
+	gnutls_free(iter);
+}
+
+static gnutls_x509_crt_t crt_cpy(gnutls_x509_crt_t src)
+{
+gnutls_x509_crt_t dst;
+int ret;
+
+	ret = gnutls_x509_crt_init(&dst);
+	if (ret < 0) {
+		gnutls_assert();
+		return NULL;
+	}
+
+	ret = _gnutls_x509_crt_cpy(dst, src);
+	if (ret < 0) {
+		gnutls_x509_crt_deinit(dst);
+		gnutls_assert();
+		return NULL;
+	}
+
+	return dst;
+}
+
+/**
+ * gnutls_x509_trust_list_remove_cas:
+ * @list: The list
+ * @clist: A list of CAs
+ * @clist_size: The length of the CA list
+ *
+ * This function will remove the given certificate authorities
+ * from the trusted list.
+ *
+ * Note that this function can accept certificates and authorities
+ * not yet known. In that case they will be kept in a separate
+ * black list that will be used during certificate verification.
+ * Unlike gnutls_x509_trust_list_add_cas() there is no deinitialization
+ * restriction for  certificate list provided in this function.
+ *
+ * Returns: The number of removed elements is returned.
+ *
+ * Since: 3.1.10
+ **/
+int
+gnutls_x509_trust_list_remove_cas(gnutls_x509_trust_list_t list,
+				  const gnutls_x509_crt_t * clist,
+				  unsigned clist_size)
+{
+	int r = 0;
+	unsigned j, i;
+	size_t hash;
+
+	for (i = 0; i < clist_size; i++) {
+		hash =
+		    hash_pjw_bare(clist[i]->raw_dn.data,
+				  clist[i]->raw_dn.size);
+		hash %= list->size;
+
+		for (j = 0; j < list->node[hash].trusted_ca_size; j++) {
+			if (gnutls_x509_crt_equals
+			    (clist[i],
+			     list->node[hash].trusted_cas[j]) != 0) {
+
+				gnutls_x509_crt_deinit(list->node[hash].
+						       trusted_cas[j]);
+				list->node[hash].trusted_cas[j] =
+				    list->node[hash].trusted_cas[list->
+								 node
+								 [hash].
+								 trusted_ca_size
+								 - 1];
+				list->node[hash].trusted_ca_size--;
+				r++;
+				break;
+			}
+		}
+
+		if (unlikely(INT_ADD_OVERFLOW(list->blacklisted_size, 1))) {
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		}
+
+		/* Add the CA (or plain) certificate to the black list as well.
+		 * This will prevent a subordinate CA from being valid, and
+		 * ensure that a server certificate will also get rejected.
+		 */
+		list->blacklisted =
+			_gnutls_reallocarray_fast(list->blacklisted,
+						  list->blacklisted_size + 1,
+						  sizeof(list->blacklisted[0]));
+		if (list->blacklisted == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		list->blacklisted[list->blacklisted_size] = crt_cpy(clist[i]);
+		if (list->blacklisted[list->blacklisted_size] != NULL)
+			list->blacklisted_size++;
+	}
+
+	return r;
+}
+
+/**
+ * gnutls_x509_trust_list_add_named_crt:
+ * @list: The list
+ * @cert: A certificate
+ * @name: An identifier for the certificate
+ * @name_size: The size of the identifier
+ * @flags: should be 0.
+ *
+ * This function will add the given certificate to the trusted
+ * list and associate it with a name. The certificate will not be
+ * be used for verification with gnutls_x509_trust_list_verify_crt()
+ * but with gnutls_x509_trust_list_verify_named_crt() or
+ * gnutls_x509_trust_list_verify_crt2() - the latter only since
+ * GnuTLS 3.4.0 and if a hostname is provided.
+ *
+ * In principle this function can be used to set individual "server"
+ * certificates that are trusted by the user for that specific server
+ * but for no other purposes.
+ *
+ * The certificate @cert must not be deinitialized during the lifetime
+ * of the @list.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0.0
+ **/
+int
+gnutls_x509_trust_list_add_named_crt(gnutls_x509_trust_list_t list,
+				     gnutls_x509_crt_t cert,
+				     const void *name, size_t name_size,
+				     unsigned int flags)
+{
+	size_t hash;
+
+	if (name_size >= MAX_SERVER_NAME_SIZE)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	hash =
+	    hash_pjw_bare(cert->raw_issuer_dn.data,
+			  cert->raw_issuer_dn.size);
+	hash %= list->size;
+
+	if (unlikely(INT_ADD_OVERFLOW(list->node[hash].named_cert_size, 1))) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	list->node[hash].named_certs =
+		_gnutls_reallocarray_fast(list->node[hash].named_certs,
+					  list->node[hash].named_cert_size + 1,
+					  sizeof(list->node[hash].named_certs[0]));
+	if (list->node[hash].named_certs == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	list->node[hash].named_certs[list->node[hash].named_cert_size].
+	    cert = cert;
+	memcpy(list->node[hash].
+	       named_certs[list->node[hash].named_cert_size].name, name,
+	       name_size);
+	list->node[hash].named_certs[list->node[hash].
+				     named_cert_size].name_size =
+	    name_size;
+
+	list->node[hash].named_cert_size++;
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_trust_list_add_crls:
+ * @list: The list
+ * @crl_list: A list of CRLs
+ * @crl_size: The length of the CRL list
+ * @flags: flags from %gnutls_trust_list_flags_t
+ * @verification_flags: gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL
+ *
+ * This function will add the given certificate revocation lists
+ * to the trusted list. The CRLs in @crl_list must not be deinitialized
+ * during the lifetime of @list.
+ *
+ * This function must be called after gnutls_x509_trust_list_add_cas()
+ * to allow verifying the CRLs for validity. If the flag %GNUTLS_TL_NO_DUPLICATES
+ * is given, then the final CRL list will not contain duplicate entries.
+ *
+ * If the flag %GNUTLS_TL_NO_DUPLICATES is given, gnutls_x509_trust_list_deinit() must be
+ * called with parameter @all being 1.
+ *
+ * If flag %GNUTLS_TL_VERIFY_CRL is given the CRLs will be verified before being added,
+ * and if verification fails, they will be skipped.
+ *
+ * Returns: The number of added elements is returned; that includes
+ *          duplicate entries.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list,
+				const gnutls_x509_crl_t * crl_list,
+				unsigned crl_size, unsigned int flags,
+				unsigned int verification_flags)
+{
+	int ret;
+	unsigned x, i, j = 0;
+	unsigned int vret = 0;
+	size_t hash;
+	gnutls_x509_crl_t *tmp;
+
+	/* Probably we can optimize things such as removing duplicates
+	 * etc.
+	 */
+	if (crl_size == 0 || crl_list == NULL)
+		return 0;
+
+	for (i = 0; i < crl_size; i++) {
+		hash =
+		    hash_pjw_bare(crl_list[i]->raw_issuer_dn.data,
+				  crl_list[i]->raw_issuer_dn.size);
+		hash %= list->size;
+
+		if (flags & GNUTLS_TL_VERIFY_CRL) {
+
+			ret =
+			    gnutls_x509_crl_verify(crl_list[i],
+						   list->node[hash].
+						   trusted_cas,
+						   list->node[hash].
+						   trusted_ca_size,
+						   verification_flags,
+						   &vret);
+			if (ret < 0 || vret != 0) {
+				_gnutls_debug_log("CRL verification failed, not adding it\n");
+				if (flags & GNUTLS_TL_NO_DUPLICATES)
+					gnutls_x509_crl_deinit(crl_list[i]);
+				if (flags & GNUTLS_TL_FAIL_ON_INVALID_CRL)
+					return gnutls_assert_val(GNUTLS_E_CRL_VERIFICATION_ERROR);
+				continue;
+			}
+		}
+
+		/* If the CRL added overrides a previous one, then overwrite
+		 * the old one */
+		if (flags & GNUTLS_TL_NO_DUPLICATES) {
+			for (x=0;x<list->node[hash].crl_size;x++) {
+				if (crl_list[i]->raw_issuer_dn.size == list->node[hash].crls[x]->raw_issuer_dn.size &&
+				    memcmp(crl_list[i]->raw_issuer_dn.data, list->node[hash].crls[x]->raw_issuer_dn.data, crl_list[i]->raw_issuer_dn.size) == 0) {
+					if (gnutls_x509_crl_get_this_update(crl_list[i]) >=
+					    gnutls_x509_crl_get_this_update(list->node[hash].crls[x])) {
+
+						gnutls_x509_crl_deinit(list->node[hash].crls[x]);
+						list->node[hash].crls[x] = crl_list[i];
+						goto next;
+					} else {
+						/* The new is older, discard it */
+						gnutls_x509_crl_deinit(crl_list[i]);
+						goto next;
+					}
+				}
+			}
+		}
+
+		if (unlikely(INT_ADD_OVERFLOW(list->node[hash].crl_size, 1))) {
+			gnutls_assert();
+			goto error;
+		}
+
+		tmp = _gnutls_reallocarray(list->node[hash].crls,
+					   list->node[hash].crl_size + 1,
+					   sizeof(list->node[hash].crls[0]));
+		if (tmp == NULL) {
+			gnutls_assert();
+			goto error;
+		}
+		list->node[hash].crls = tmp;
+
+
+		list->node[hash].crls[list->node[hash].crl_size] =
+		    crl_list[i];
+		list->node[hash].crl_size++;
+
+ next:
+		j++;
+	}
+
+	return j;
+
+ error:
+	ret = i;
+	if (flags & GNUTLS_TL_NO_DUPLICATES)
+		while (i < crl_size)
+			gnutls_x509_crl_deinit(crl_list[i++]);
+	return ret;
+}
+
+/* Takes a certificate list and shortens it if there are
+ * intermedia certificates already trusted by us.
+ *
+ * Returns the new size of the list or a negative number on error.
+ */
+static int shorten_clist(gnutls_x509_trust_list_t list,
+			 gnutls_x509_crt_t * certificate_list,
+			 unsigned int clist_size)
+{
+	unsigned int j, i;
+	size_t hash;
+
+	if (clist_size > 1) {
+		/* Check if the last certificate in the path is self signed.
+		 * In that case ignore it (a certificate is trusted only if it
+		 * leads to a trusted party by us, not the server's).
+		 *
+		 * This prevents from verifying self signed certificates against
+		 * themselves. This (although not bad) caused verification
+		 * failures on some root self signed certificates that use the
+		 * MD2 algorithm.
+		 */
+		if (gnutls_x509_crt_check_issuer
+		    (certificate_list[clist_size - 1],
+		     certificate_list[clist_size - 1]) != 0) {
+			clist_size--;
+		}
+	}
+
+	/* We want to shorten the chain by removing the cert that matches
+	 * one of the certs we trust and all the certs after that i.e. if
+	 * cert chain is A signed-by B signed-by C signed-by D (signed-by
+	 * self-signed E but already removed above), and we trust B, remove
+	 * B, C and D. */
+	for (i = 1; i < clist_size; i++) {
+		hash =
+		    hash_pjw_bare(certificate_list[i]->raw_issuer_dn.data,
+				  certificate_list[i]->raw_issuer_dn.size);
+		hash %= list->size;
+
+		for (j = 0; j < list->node[hash].trusted_ca_size; j++) {
+			if (gnutls_x509_crt_equals
+			    (certificate_list[i],
+			     list->node[hash].trusted_cas[j]) != 0) {
+				/* cut the list at the point of first the trusted certificate */
+				clist_size = i + 1;
+				break;
+			}
+		}
+		/* clist_size may have been changed which gets out of loop */
+	}
+
+	return clist_size;
+}
+
+/* Takes a subject certificate, retrieves a chain from its issuers in
+ * @certificate_list, using the issuer callback set for @list.
+ *
+ * Returns the new size of the list or a negative number on error.
+ */
+static int
+retrieve_issuers(gnutls_x509_trust_list_t list,
+		 gnutls_x509_crt_t subject,
+		 gnutls_x509_crt_t *certificate_list,
+		 unsigned int clist_size_max)
+{
+	gnutls_x509_crt_t *issuers;
+	unsigned int issuers_size;
+	unsigned int i;
+	int ret;
+
+	if (!list->issuer_callback) {
+		return 0;
+	}
+
+	_gnutls_cert_log("calling issuer callback on", subject);
+
+	ret = list->issuer_callback(list, subject, &issuers, &issuers_size);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	/* Ignore empty list */
+	if (!issuers_size) {
+		ret = 0;
+		goto cleanup;
+	}
+
+	if (issuers_size > clist_size_max) {
+		_gnutls_debug_log("too many issuers returned; skipping\n");
+		ret = 0;
+		goto cleanup;
+	}
+
+	for (i = 0; i < issuers_size; i++) {
+		if (!gnutls_x509_crt_check_issuer(subject, issuers[i])) {
+			_gnutls_cert_log("unrelated certificate; skipping",
+					 issuers[i]);
+			break;
+		}
+		subject = issuers[i];
+	}
+
+	ret = i;
+
+	memcpy(certificate_list, issuers, ret * sizeof(gnutls_x509_crt_t));
+
+ cleanup:
+	for (i = ret; i < issuers_size; i++) {
+		gnutls_x509_crt_deinit(issuers[i]);
+	}
+	gnutls_free(issuers);
+
+	return ret;
+}
+
+int _gnutls_trust_list_get_issuer(gnutls_x509_trust_list_t list,
+				  gnutls_x509_crt_t cert,
+				  gnutls_x509_crt_t * issuer,
+				  unsigned int flags)
+{
+	int ret;
+	unsigned int i;
+	size_t hash;
+
+	hash =
+	    hash_pjw_bare(cert->raw_issuer_dn.data,
+			  cert->raw_issuer_dn.size);
+	hash %= list->size;
+
+	for (i = 0; i < list->node[hash].trusted_ca_size; i++) {
+		ret =
+		    gnutls_x509_crt_check_issuer(cert,
+						 list->node[hash].
+						 trusted_cas[i]);
+		if (ret != 0) {
+			if (flags & GNUTLS_TL_GET_COPY) {
+				*issuer = crt_cpy(list->node[hash].trusted_cas[i]);
+			} else {
+				*issuer = list->node[hash].trusted_cas[i];
+			}
+			return 0;
+		}
+	}
+
+	return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+}
+
+static
+int trust_list_get_issuer_by_dn(gnutls_x509_trust_list_t list,
+				      const gnutls_datum_t *dn,
+				      const gnutls_datum_t *spki,
+				      gnutls_x509_crt_t * issuer,
+				      unsigned int flags)
+{
+	int ret;
+	unsigned int i, j;
+	size_t hash;
+	uint8_t tmp[256];
+	size_t tmp_size;
+
+	if (dn) {
+		hash =
+		    hash_pjw_bare(dn->data,
+				  dn->size);
+		hash %= list->size;
+
+		for (i = 0; i < list->node[hash].trusted_ca_size; i++) {
+			ret = _gnutls_x509_compare_raw_dn(dn, &list->node[hash].trusted_cas[i]->raw_dn);
+			if (ret != 0) {
+				if (spki && spki->size > 0) {
+					tmp_size = sizeof(tmp);
+
+					ret = gnutls_x509_crt_get_subject_key_id(list->node[hash].trusted_cas[i], tmp, &tmp_size, NULL);
+					if (ret < 0)
+						continue;
+					if (spki->size != tmp_size || memcmp(spki->data, tmp, spki->size) != 0)
+						continue;
+				}
+				*issuer = crt_cpy(list->node[hash].trusted_cas[i]);
+				return 0;
+			}
+		}
+	} else if (spki) {
+		/* search everything! */
+		for (i = 0; i < list->size; i++) {
+			for (j = 0; j < list->node[i].trusted_ca_size; j++) {
+				tmp_size = sizeof(tmp);
+
+				ret = gnutls_x509_crt_get_subject_key_id(list->node[i].trusted_cas[j], tmp, &tmp_size, NULL);
+				if (ret < 0)
+					continue;
+
+				if (spki->size != tmp_size || memcmp(spki->data, tmp, spki->size) != 0)
+					continue;
+
+				*issuer = crt_cpy(list->node[i].trusted_cas[j]);
+				return 0;
+			}
+		}
+	}
+
+	return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+}
+
+/**
+ * gnutls_x509_trust_list_get_issuer:
+ * @list: The list
+ * @cert: is the certificate to find issuer for
+ * @issuer: Will hold the issuer if any. Should be treated as constant
+ *   unless %GNUTLS_TL_GET_COPY is set in @flags.
+ * @flags: flags from %gnutls_trust_list_flags_t (%GNUTLS_TL_GET_COPY is applicable)
+ *
+ * This function will find the issuer of the given certificate.
+ * If the flag %GNUTLS_TL_GET_COPY is specified a copy of the issuer
+ * will be returned which must be freed using gnutls_x509_crt_deinit().
+ * In that case the provided @issuer must not be initialized.
+ *
+ * Note that the flag %GNUTLS_TL_GET_COPY is required for this function
+ * to work with PKCS#11 trust lists in a thread-safe way.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int gnutls_x509_trust_list_get_issuer(gnutls_x509_trust_list_t list,
+				      gnutls_x509_crt_t cert,
+				      gnutls_x509_crt_t * issuer,
+				      unsigned int flags)
+{
+	int ret;
+
+	ret = _gnutls_trust_list_get_issuer(list, cert, issuer, flags);
+	if (ret == 0) {
+		return 0;
+	}
+
+#ifdef ENABLE_PKCS11
+	if (ret < 0 && list->pkcs11_token) {
+		gnutls_x509_crt_t crt;
+		gnutls_datum_t der = {NULL, 0};
+		/* use the token for verification */
+		ret = gnutls_pkcs11_get_raw_issuer(list->pkcs11_token, cert, &der,
+			GNUTLS_X509_FMT_DER, GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		ret = gnutls_x509_crt_init(&crt);
+		if (ret < 0) {
+			gnutls_free(der.data);
+			return gnutls_assert_val(ret);
+		}
+
+		ret = gnutls_x509_crt_import(crt, &der, GNUTLS_X509_FMT_DER);
+		gnutls_free(der.data);
+		if (ret < 0) {
+			gnutls_x509_crt_deinit(crt);
+			return gnutls_assert_val(ret);
+		}
+
+		if (flags & GNUTLS_TL_GET_COPY) {
+			*issuer = crt;
+			return 0;
+		} else {
+			/* we add this CA to the keep_cert list in order to make it
+			 * persistent. It will be deallocated when the trust list is.
+			 */
+			ret = trust_list_add_compat(list, crt);
+			if (ret < 0) {
+				gnutls_x509_crt_deinit(crt);
+				return gnutls_assert_val(ret);
+			}
+			*issuer = crt;
+			return ret;
+		}
+	}
+#endif
+	return ret;
+}
+
+/**
+ * gnutls_x509_trust_list_get_issuer_by_dn:
+ * @list: The list
+ * @dn: is the issuer's DN
+ * @issuer: Will hold the issuer if any. Should be deallocated after use.
+ * @flags: Use zero
+ *
+ * This function will find the issuer with the given name, and
+ * return a copy of the issuer, which must be freed using gnutls_x509_crt_deinit().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int gnutls_x509_trust_list_get_issuer_by_dn(gnutls_x509_trust_list_t list,
+				      const gnutls_datum_t *dn,
+				      gnutls_x509_crt_t *issuer,
+				      unsigned int flags)
+{
+	int ret;
+
+	ret = trust_list_get_issuer_by_dn(list, dn, NULL, issuer, flags);
+	if (ret == 0) {
+		return 0;
+	}
+
+#ifdef ENABLE_PKCS11
+	if (ret < 0 && list->pkcs11_token) {
+		gnutls_x509_crt_t crt;
+		gnutls_datum_t der = {NULL, 0};
+		/* use the token for verification */
+		ret = gnutls_pkcs11_get_raw_issuer_by_dn(list->pkcs11_token, dn, &der,
+			GNUTLS_X509_FMT_DER, GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		ret = gnutls_x509_crt_init(&crt);
+		if (ret < 0) {
+			gnutls_free(der.data);
+			return gnutls_assert_val(ret);
+		}
+
+		ret = gnutls_x509_crt_import(crt, &der, GNUTLS_X509_FMT_DER);
+		gnutls_free(der.data);
+		if (ret < 0) {
+			gnutls_x509_crt_deinit(crt);
+			return gnutls_assert_val(ret);
+		}
+
+		*issuer = crt;
+		return 0;
+	}
+#endif
+	return ret;
+}
+
+/**
+ * gnutls_x509_trust_list_get_issuer_by_subject_key_id:
+ * @list: The list
+ * @dn: is the issuer's DN (may be %NULL)
+ * @spki: is the subject key ID
+ * @issuer: Will hold the issuer if any. Should be deallocated after use.
+ * @flags: Use zero
+ *
+ * This function will find the issuer with the given name and subject key ID, and
+ * return a copy of the issuer, which must be freed using gnutls_x509_crt_deinit().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.2
+ **/
+int gnutls_x509_trust_list_get_issuer_by_subject_key_id(gnutls_x509_trust_list_t list,
+				      const gnutls_datum_t *dn,
+				      const gnutls_datum_t *spki,
+				      gnutls_x509_crt_t *issuer,
+				      unsigned int flags)
+{
+	int ret;
+
+	ret = trust_list_get_issuer_by_dn(list, dn, spki, issuer, flags);
+	if (ret == 0) {
+		return 0;
+	}
+
+#ifdef ENABLE_PKCS11
+	if (ret < 0 && list->pkcs11_token) {
+		gnutls_x509_crt_t crt;
+		gnutls_datum_t der = {NULL, 0};
+		/* use the token for verification */
+		ret = gnutls_pkcs11_get_raw_issuer_by_subject_key_id(list->pkcs11_token, dn, spki, &der,
+			GNUTLS_X509_FMT_DER, GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		ret = gnutls_x509_crt_init(&crt);
+		if (ret < 0) {
+			gnutls_free(der.data);
+			return gnutls_assert_val(ret);
+		}
+
+		ret = gnutls_x509_crt_import(crt, &der, GNUTLS_X509_FMT_DER);
+		gnutls_free(der.data);
+		if (ret < 0) {
+			gnutls_x509_crt_deinit(crt);
+			return gnutls_assert_val(ret);
+		}
+
+		*issuer = crt;
+		return 0;
+	}
+#endif
+	return ret;
+}
+
+static
+int check_if_in_blacklist(gnutls_x509_crt_t * cert_list, unsigned int cert_list_size,
+	gnutls_x509_crt_t * blacklist, unsigned int blacklist_size)
+{
+unsigned i, j;
+
+	if (blacklist_size == 0)
+		return 0;
+
+	for (i=0;i<cert_list_size;i++) {
+		for (j=0;j<blacklist_size;j++) {
+			if (gnutls_x509_crt_equals(cert_list[i], blacklist[j]) != 0) {
+				return 1;
+			}
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_trust_list_verify_crt:
+ * @list: The list
+ * @cert_list: is the certificate list to be verified
+ * @cert_list_size: is the certificate list size
+ * @flags: Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.
+ * @voutput: will hold the certificate verification output.
+ * @func: If non-null will be called on each chain element verification with the output.
+ *
+ * This function will try to verify the given certificate and return
+ * its status. The @voutput parameter will hold an OR'ed sequence of
+ * %gnutls_certificate_status_t flags.
+ *
+ * The details of the verification are the same as in gnutls_x509_trust_list_verify_crt2().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_x509_trust_list_verify_crt(gnutls_x509_trust_list_t list,
+				  gnutls_x509_crt_t * cert_list,
+				  unsigned int cert_list_size,
+				  unsigned int flags,
+				  unsigned int *voutput,
+				  gnutls_verify_output_function func)
+{
+	return gnutls_x509_trust_list_verify_crt2(list, cert_list, cert_list_size,
+						  NULL, 0, flags, voutput, func);
+}
+
+#define LAST_DN cert_list[cert_list_size-1]->raw_dn
+#define LAST_IDN cert_list[cert_list_size-1]->raw_issuer_dn
+/* This macro is introduced to detect a verification output which
+ * indicates an unknown signer, a signer which uses an insecure
+ * algorithm (e.g., sha1), a signer has expired, or something that
+ * indicates a superseded signer */
+#define SIGNER_OLD_OR_UNKNOWN(output) ((output & GNUTLS_CERT_SIGNER_NOT_FOUND) || \
+				       (output & GNUTLS_CERT_EXPIRED) || \
+				       (output & GNUTLS_CERT_INSECURE_ALGORITHM))
+#define SIGNER_WAS_KNOWN(output) (!(output & GNUTLS_CERT_SIGNER_NOT_FOUND))
+
+/**
+ * gnutls_x509_trust_list_verify_crt2:
+ * @list: The list
+ * @cert_list: is the certificate list to be verified
+ * @cert_list_size: is the certificate list size
+ * @data: an array of typed data
+ * @elements: the number of data elements
+ * @flags: Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.
+ * @voutput: will hold the certificate verification output.
+ * @func: If non-null will be called on each chain element verification with the output.
+ *
+ * This function will attempt to verify the given certificate chain and return
+ * its status. The @voutput parameter will hold an OR'ed sequence of
+ * %gnutls_certificate_status_t flags.
+ *
+ * When a certificate chain of @cert_list_size with more than one certificates is
+ * provided, the verification status will apply to the first certificate in the chain
+ * that failed verification. The verification process starts from the end of the chain
+ * (from CA to end certificate). The first certificate in the chain must be the end-certificate
+ * while the rest of the members may be sorted or not.
+ *
+ * Additionally a certificate verification profile can be specified
+ * from the ones in %gnutls_certificate_verification_profiles_t by
+ * ORing the result of GNUTLS_PROFILE_TO_VFLAGS() to the verification
+ * flags.
+ *
+ * Additional verification parameters are possible via the @data types; the
+ * acceptable types are %GNUTLS_DT_DNS_HOSTNAME, %GNUTLS_DT_IP_ADDRESS and %GNUTLS_DT_KEY_PURPOSE_OID.
+ * The former accepts as data a null-terminated hostname, and the latter a null-terminated
+ * object identifier (e.g., %GNUTLS_KP_TLS_WWW_SERVER).
+ * If a DNS hostname is provided then this function will compare
+ * the hostname in the end certificate against the given. If names do not match the
+ * %GNUTLS_CERT_UNEXPECTED_OWNER status flag will be set. In addition it
+ * will consider certificates provided with gnutls_x509_trust_list_add_named_crt().
+ *
+ * If a key purpose OID is provided and the end-certificate contains the extended key
+ * usage PKIX extension, it will be required to match the provided OID
+ * or be marked for any purpose, otherwise verification will fail with 
+ * %GNUTLS_CERT_PURPOSE_MISMATCH status.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. Note that verification failure will not result to an
+ *   error code, only @voutput will be updated.
+ *
+ * Since: 3.3.8
+ **/
+int
+gnutls_x509_trust_list_verify_crt2(gnutls_x509_trust_list_t list,
+				   gnutls_x509_crt_t * cert_list,
+				   unsigned int cert_list_size,
+				   gnutls_typed_vdata_st *data,
+				   unsigned int elements,
+				   unsigned int flags,
+				   unsigned int *voutput,
+				   gnutls_verify_output_function func)
+{
+	int ret = 0;
+	unsigned int i;
+	size_t hash;
+	gnutls_x509_crt_t sorted[DEFAULT_MAX_VERIFY_DEPTH];
+	gnutls_x509_crt_t retrieved[DEFAULT_MAX_VERIFY_DEPTH];
+	unsigned int retrieved_size = 0;
+	const char *hostname = NULL, *purpose = NULL, *email = NULL;
+	unsigned hostname_size = 0;
+	unsigned have_set_name = 0;
+	unsigned saved_output;
+	gnutls_datum_t ip = {NULL, 0};
+	struct cert_set_st cert_set = { NULL, 0 };
+
+	if (cert_list == NULL || cert_list_size < 1)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	for (i=0;i<elements;i++) {
+		if (data[i].type == GNUTLS_DT_DNS_HOSTNAME) {
+			hostname = (void*)data[i].data;
+			if (data[i].size > 0) {
+				hostname_size = data[i].size;
+			}
+
+			if (have_set_name != 0) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+			have_set_name = 1;
+		} else if (data[i].type == GNUTLS_DT_IP_ADDRESS) {
+			if (data[i].size > 0) {
+				ip.data = data[i].data;
+				ip.size = data[i].size;
+			}
+
+			if (have_set_name != 0) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+			have_set_name = 1;
+		} else if (data[i].type == GNUTLS_DT_RFC822NAME) {
+			email = (void*)data[i].data;
+
+			if (have_set_name != 0) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+			have_set_name = 1;
+		} else if (data[i].type == GNUTLS_DT_KEY_PURPOSE_OID) {
+			purpose = (void*)data[i].data;
+		}
+	}
+
+	if (hostname) { /* shortcut using the named certs - if any */
+		unsigned vtmp = 0;
+		if (hostname_size == 0)
+			hostname_size = strlen(hostname);
+
+		ret = gnutls_x509_trust_list_verify_named_crt(list,
+					cert_list[0], hostname, hostname_size,
+					flags, &vtmp, func);
+		if (ret == 0 && vtmp == 0) {
+			*voutput = vtmp;
+			return 0;
+		}
+	}
+
+	memcpy(sorted, cert_list, cert_list_size * sizeof(gnutls_x509_crt_t));
+	cert_list = sorted;
+
+	ret = cert_set_init(&cert_set, DEFAULT_MAX_VERIFY_DEPTH);
+	if (ret < 0) {
+		return ret;
+	}
+
+	for (i = 0; i < cert_list_size &&
+		     cert_list_size <= DEFAULT_MAX_VERIFY_DEPTH; ) {
+		unsigned int sorted_size = 1;
+		unsigned int j;
+		gnutls_x509_crt_t issuer;
+
+		if (!(flags & GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN)) {
+			sorted_size = _gnutls_sort_clist(&cert_list[i],
+							 cert_list_size - i);
+		}
+
+		/* Remove duplicates. Start with index 1, as the first element
+		 * may be re-checked after issuer retrieval. */
+		for (j = 1; j < sorted_size; j++) {
+			if (cert_set_contains(&cert_set, cert_list[i + j])) {
+				if (i + j < cert_list_size - 1) {
+					memmove(&cert_list[i + j],
+						&cert_list[i + j + 1],
+						sizeof(cert_list[i]));
+				}
+				cert_list_size--;
+				break;
+			}
+		}
+		/* Found a duplicate, try again with the same index. */
+		if (j < sorted_size) {
+			continue;
+		}
+
+		/* Record the certificates seen. */
+		for (j = 0; j < sorted_size; j++, i++) {
+			ret = cert_set_add(&cert_set, cert_list[i]);
+			if (ret < 0) {
+				goto cleanup;
+			}
+		}
+
+		/* If the issuer of the certificate is known, no need
+		 * for further processing. */
+		if (gnutls_x509_trust_list_get_issuer(list,
+						      cert_list[i - 1],
+						      &issuer,
+						      GNUTLS_TL_GET_COPY) == 0) {
+			gnutls_x509_crt_deinit(issuer);
+			cert_list_size = i;
+			break;
+		}
+
+		/* If there is no gap between this and the next certificate,
+		 * proceed with the next certificate. */
+		if (i < cert_list_size &&
+		    gnutls_x509_crt_check_issuer(cert_list[i - 1],
+						 cert_list[i])) {
+			continue;
+		}
+
+		ret = retrieve_issuers(list,
+				       cert_list[i - 1],
+				       &retrieved[retrieved_size],
+				       DEFAULT_MAX_VERIFY_DEPTH -
+				       MAX(retrieved_size,
+					   cert_list_size));
+		if (ret < 0) {
+			break;
+		} else if (ret > 0) {
+			assert((unsigned int)ret <=
+			       DEFAULT_MAX_VERIFY_DEPTH - cert_list_size);
+			memmove(&cert_list[i + ret],
+				&cert_list[i],
+				(cert_list_size - i) *
+				sizeof(gnutls_x509_crt_t));
+			memcpy(&cert_list[i],
+			       &retrieved[retrieved_size],
+			       ret * sizeof(gnutls_x509_crt_t));
+			retrieved_size += ret;
+			cert_list_size += ret;
+
+			/* Start again from the end of the previous segment. */
+			i--;
+		}
+	}
+
+	cert_list_size = shorten_clist(list, cert_list, cert_list_size);
+	if (cert_list_size <= 0)
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	hash =
+	    hash_pjw_bare(cert_list[cert_list_size - 1]->raw_issuer_dn.
+			  data,
+			  cert_list[cert_list_size -
+				    1]->raw_issuer_dn.size);
+	hash %= list->size;
+
+	ret = check_if_in_blacklist(cert_list, cert_list_size,
+		list->blacklisted, list->blacklisted_size);
+	if (ret != 0) {
+		*voutput = 0;
+		*voutput |= GNUTLS_CERT_REVOKED;
+		*voutput |= GNUTLS_CERT_INVALID;
+		ret = 0;
+		goto cleanup;
+	}
+
+	*voutput =
+	    _gnutls_verify_crt_status(list, cert_list, cert_list_size,
+				      list->node[hash].trusted_cas,
+				      list->node[hash].trusted_ca_size,
+				      flags, purpose, func);
+	saved_output = *voutput;
+
+	if (SIGNER_OLD_OR_UNKNOWN(*voutput) &&
+		(LAST_DN.size != LAST_IDN.size ||
+		 memcmp(LAST_DN.data, LAST_IDN.data, LAST_IDN.size) != 0)) {
+
+		/* if we couldn't find the issuer, try to see if the last
+		 * certificate is in the trusted list and try to verify against
+		 * (if it is not self signed) */
+		hash =
+		    hash_pjw_bare(cert_list[cert_list_size - 1]->raw_dn.
+			  data, cert_list[cert_list_size - 1]->raw_dn.size);
+		hash %= list->size;
+
+		 _gnutls_debug_log("issuer in verification was not found or insecure; trying against trust list\n");
+
+		*voutput =
+		    _gnutls_verify_crt_status(list, cert_list, cert_list_size,
+					      list->node[hash].trusted_cas,
+					      list->node[hash].trusted_ca_size,
+					      flags, purpose, func);
+		if (*voutput != 0) {
+			if (SIGNER_WAS_KNOWN(saved_output))
+				*voutput = saved_output;
+			gnutls_assert();
+		}
+	}
+
+	saved_output = *voutput;
+
+#ifdef ENABLE_PKCS11
+	if (SIGNER_OLD_OR_UNKNOWN(*voutput) && list->pkcs11_token) {
+		/* use the token for verification */
+
+		*voutput = _gnutls_pkcs11_verify_crt_status(list, list->pkcs11_token,
+							    cert_list, cert_list_size,
+							    purpose,
+							    flags, func);
+		if (*voutput != 0) {
+			if (SIGNER_WAS_KNOWN(saved_output))
+				*voutput = saved_output;
+			gnutls_assert();
+		}
+	}
+#endif
+
+	/* End-certificate, key purpose and hostname checks. */
+	if (purpose) {
+		ret = _gnutls_check_key_purpose(cert_list[0], purpose, 0);
+		if (ret != 1) {
+			gnutls_assert();
+			*voutput |= GNUTLS_CERT_PURPOSE_MISMATCH|GNUTLS_CERT_INVALID;
+		}
+	}
+
+	if (hostname) {
+		ret =
+		    gnutls_x509_crt_check_hostname2(cert_list[0], hostname, flags);
+		if (ret == 0) {
+			gnutls_assert();
+			*voutput |= GNUTLS_CERT_UNEXPECTED_OWNER|GNUTLS_CERT_INVALID;
+		}
+	}
+
+	if (ip.data) {
+		ret =
+		    gnutls_x509_crt_check_ip(cert_list[0], ip.data, ip.size, flags);
+		if (ret == 0) {
+			gnutls_assert();
+			*voutput |= GNUTLS_CERT_UNEXPECTED_OWNER|GNUTLS_CERT_INVALID;
+		}
+	}
+
+	if (email) {
+		ret =
+		    gnutls_x509_crt_check_email(cert_list[0], email, 0);
+		if (ret == 0) {
+			gnutls_assert();
+			*voutput |= GNUTLS_CERT_UNEXPECTED_OWNER|GNUTLS_CERT_INVALID;
+		}
+	}
+
+	/* CRL checks follow */
+
+	if (*voutput != 0 || (flags & GNUTLS_VERIFY_DISABLE_CRL_CHECKS)) {
+		ret = 0;
+		goto cleanup;
+	}
+
+	/* Check revocation of individual certificates.
+	 * start with the last one that we already have its hash
+	 */
+	ret =
+	    _gnutls_x509_crt_check_revocation(cert_list
+					      [cert_list_size - 1],
+					      list->node[hash].crls,
+					      list->node[hash].crl_size,
+					      func);
+	if (ret == 1) {		/* revoked */
+		*voutput |= GNUTLS_CERT_REVOKED;
+		*voutput |= GNUTLS_CERT_INVALID;
+		ret = 0;
+		goto cleanup;
+	}
+
+	for (i = 0; i < cert_list_size - 1; i++) {
+		hash =
+		    hash_pjw_bare(cert_list[i]->raw_issuer_dn.data,
+				  cert_list[i]->raw_issuer_dn.size);
+		hash %= list->size;
+
+		ret = _gnutls_x509_crt_check_revocation(cert_list[i],
+							list->node[hash].
+							crls,
+							list->node[hash].
+							crl_size, func);
+		if (ret < 0) {
+			gnutls_assert();
+		} else if (ret == 1) {	/* revoked */
+			*voutput |= GNUTLS_CERT_REVOKED;
+			*voutput |= GNUTLS_CERT_INVALID;
+			ret = 0;
+			goto cleanup;
+		}
+	}
+
+ cleanup:
+	for (i = 0; i < retrieved_size; i++) {
+		gnutls_x509_crt_deinit(retrieved[i]);
+	}
+	cert_set_deinit(&cert_set);
+	return ret;
+}
+
+/**
+ * gnutls_x509_trust_list_verify_named_crt:
+ * @list: The list
+ * @cert: is the certificate to be verified
+ * @name: is the certificate's name
+ * @name_size: is the certificate's name size
+ * @flags: Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.
+ * @voutput: will hold the certificate verification output.
+ * @func: If non-null will be called on each chain element verification with the output.
+ *
+ * This function will try to find a certificate that is associated with the provided
+ * name --see gnutls_x509_trust_list_add_named_crt(). If a match is found the
+ * certificate is considered valid. In addition to that this function will also 
+ * check CRLs. The @voutput parameter will hold an OR'ed sequence of 
+ * %gnutls_certificate_status_t flags.
+ *
+ * Additionally a certificate verification profile can be specified
+ * from the ones in %gnutls_certificate_verification_profiles_t by
+ * ORing the result of GNUTLS_PROFILE_TO_VFLAGS() to the verification
+ * flags.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0.0
+ **/
+int
+gnutls_x509_trust_list_verify_named_crt(gnutls_x509_trust_list_t list,
+					gnutls_x509_crt_t cert,
+					const void *name,
+					size_t name_size,
+					unsigned int flags,
+					unsigned int *voutput,
+					gnutls_verify_output_function func)
+{
+	int ret;
+	unsigned int i;
+	size_t hash;
+
+
+	hash =
+	    hash_pjw_bare(cert->raw_issuer_dn.data,
+			  cert->raw_issuer_dn.size);
+	hash %= list->size;
+
+	ret = check_if_in_blacklist(&cert, 1,
+		list->blacklisted, list->blacklisted_size);
+	if (ret != 0) {
+		*voutput = 0;
+		*voutput |= GNUTLS_CERT_REVOKED;
+		*voutput |= GNUTLS_CERT_INVALID;
+		return 0;
+	}
+
+	*voutput = GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_NOT_FOUND;
+
+	for (i = 0; i < list->node[hash].named_cert_size; i++) {
+		if (gnutls_x509_crt_equals(cert, list->node[hash].named_certs[i].cert) != 0) {	/* check if name matches */
+			if (list->node[hash].named_certs[i].name_size ==
+			    name_size
+			    && memcmp(list->node[hash].named_certs[i].name,
+				      name, name_size) == 0) {
+				*voutput = 0;
+				break;
+			}
+		}
+	}
+
+	if (*voutput != 0 || (flags & GNUTLS_VERIFY_DISABLE_CRL_CHECKS))
+		return 0;
+
+	/* Check revocation of individual certificates.
+	 * start with the last one that we already have its hash
+	 */
+	ret = _gnutls_x509_crt_check_revocation(cert,
+						list->node[hash].crls,
+						list->node[hash].crl_size,
+						func);
+	if (ret == 1) {		/* revoked */
+		*voutput |= GNUTLS_CERT_REVOKED;
+		*voutput |= GNUTLS_CERT_INVALID;
+		return 0;
+	}
+
+	return 0;
+}
+
+/* return 1 if @cert is in @list, 0 if not */
+int
+_gnutls_trustlist_inlist(gnutls_x509_trust_list_t list,
+			 gnutls_x509_crt_t cert)
+{
+	int ret;
+	unsigned int i;
+	size_t hash;
+
+	hash = hash_pjw_bare(cert->raw_dn.data, cert->raw_dn.size);
+	hash %= list->size;
+
+	for (i = 0; i < list->node[hash].trusted_ca_size; i++) {
+		ret =
+		    gnutls_x509_crt_equals(cert,
+					       list->node[hash].
+					       trusted_cas[i]);
+		if (ret != 0)
+			return 1;
+	}
+
+	return 0;
+}
diff --git a/lib/x509/verify-high.h b/lib/x509/verify-high.h
new file mode 100644
index 0000000..4cbb29a
--- /dev/null
+++ b/lib/x509/verify-high.h
@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Simon Josefsson
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_VERIFY_HIGH_H
+#define GNUTLS_LIB_X509_VERIFY_HIGH_H
+
+struct gnutls_x509_trust_list_st {
+	unsigned int size;
+	struct node_st *node;
+
+	/* holds a sequence of the RDNs of the CAs above.
+	 * This is used when using the trust list in TLS.
+	 */
+	gnutls_datum_t x509_rdn_sequence;
+
+	gnutls_x509_crt_t *blacklisted;
+	unsigned int blacklisted_size;
+
+	/* certificates that will be deallocated when this struct
+	 * will be deinitialized */
+	gnutls_x509_crt_t *keep_certs;
+	unsigned int keep_certs_size;
+
+	char* pkcs11_token;
+
+	/* set this callback if the issuer in the certificate
+	 * chain is missing. */
+	gnutls_x509_trust_list_getissuer_function *issuer_callback;
+	/* set user pointer. */
+	void *usr_ptr;
+};
+
+int _gnutls_trustlist_inlist(gnutls_x509_trust_list_t list,
+			     gnutls_x509_crt_t cert);
+
+#endif /* GNUTLS_LIB_X509_VERIFY_HIGH_H */
diff --git a/lib/x509/verify-high2.c b/lib/x509/verify-high2.c
new file mode 100644
index 0000000..16d757c
--- /dev/null
+++ b/lib/x509/verify-high2.c
@@ -0,0 +1,568 @@
+/*
+ * Copyright (C) 2012-2014 Free Software Foundation, Inc.
+ * Copyright (C) 2014 Nikos Mavrogiannopoulos
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <libtasn1.h>
+#include <global.h>
+#include <num.h>
+#include <tls-sig.h>
+#include <str.h>
+#include <c-strcase.h>
+#include <datum.h>
+#include "x509_int.h"
+#include <common.h>
+#include "verify-high.h"
+#include "read-file.h"
+#include <pkcs11_int.h>
+#include "urls.h"
+
+#include <dirent.h>
+
+#if !defined(_DIRENT_HAVE_D_TYPE) && !defined(__native_client__)
+# ifdef DT_UNKNOWN
+#  define _DIRENT_HAVE_D_TYPE
+# endif
+#endif
+
+#ifdef _WIN32
+# include <tchar.h>
+#endif
+
+/* Convenience functions for verify-high functionality 
+ */
+
+/**
+ * gnutls_x509_trust_list_add_trust_mem:
+ * @list: The list
+ * @cas: A buffer containing a list of CAs (optional)
+ * @crls: A buffer containing a list of CRLs (optional)
+ * @type: The format of the certificates
+ * @tl_flags: flags from %gnutls_trust_list_flags_t
+ * @tl_vflags: gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL
+ *
+ * This function will add the given certificate authorities
+ * to the trusted list. 
+ *
+ * If this function is used gnutls_x509_trust_list_deinit() must be called
+ * with parameter @all being 1.
+ *
+ * Returns: The number of added elements is returned.
+ *
+ * Since: 3.1
+ **/
+int
+gnutls_x509_trust_list_add_trust_mem(gnutls_x509_trust_list_t list,
+				     const gnutls_datum_t * cas,
+				     const gnutls_datum_t * crls,
+				     gnutls_x509_crt_fmt_t type,
+				     unsigned int tl_flags,
+				     unsigned int tl_vflags)
+{
+	int ret;
+	gnutls_x509_crt_t *x509_ca_list = NULL;
+	gnutls_x509_crl_t *x509_crl_list = NULL;
+	unsigned int x509_ncas, x509_ncrls;
+	unsigned int r = 0;
+
+	/* When adding CAs or CRLs, we use the GNUTLS_TL_NO_DUPLICATES flag to ensure
+	 * that unaccounted certificates/CRLs are deinitialized. */
+
+	if (cas != NULL && cas->data != NULL) {
+		ret =
+		    gnutls_x509_crt_list_import2(&x509_ca_list, &x509_ncas,
+						 cas, type, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    gnutls_x509_trust_list_add_cas(list, x509_ca_list,
+						   x509_ncas, tl_flags|GNUTLS_TL_NO_DUPLICATES);
+		gnutls_free(x509_ca_list);
+
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		else
+			r += ret;
+	}
+
+	if (crls != NULL && crls->data != NULL) {
+		ret =
+		    gnutls_x509_crl_list_import2(&x509_crl_list,
+						 &x509_ncrls, crls, type,
+						 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    gnutls_x509_trust_list_add_crls(list, x509_crl_list,
+						    x509_ncrls, tl_flags|GNUTLS_TL_NO_DUPLICATES,
+						    tl_vflags);
+		gnutls_free(x509_crl_list);
+
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		else
+			r += ret;
+	}
+
+	return r;
+}
+
+/**
+ * gnutls_x509_trust_list_remove_trust_mem:
+ * @list: The list
+ * @cas: A buffer containing a list of CAs (optional)
+ * @type: The format of the certificates
+ *
+ * This function will remove the provided certificate authorities
+ * from the trusted list, and add them into a black list when needed. 
+ *
+ * See also gnutls_x509_trust_list_remove_cas().
+ *
+ * Returns: The number of removed elements is returned.
+ *
+ * Since: 3.1.10
+ **/
+int
+gnutls_x509_trust_list_remove_trust_mem(gnutls_x509_trust_list_t list,
+					const gnutls_datum_t * cas,
+					gnutls_x509_crt_fmt_t type)
+{
+	int ret;
+	gnutls_x509_crt_t *x509_ca_list = NULL;
+	unsigned int x509_ncas;
+	unsigned int r = 0, i;
+
+	if (cas != NULL && cas->data != NULL) {
+		ret =
+		    gnutls_x509_crt_list_import2(&x509_ca_list, &x509_ncas,
+						 cas, type, 0);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+
+		ret =
+		    gnutls_x509_trust_list_remove_cas(list, x509_ca_list,
+						      x509_ncas);
+
+		for (i = 0; i < x509_ncas; i++)
+			gnutls_x509_crt_deinit(x509_ca_list[i]);
+		gnutls_free(x509_ca_list);
+
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		else
+			r += ret;
+	}
+
+	return r;
+}
+
+#ifdef ENABLE_PKCS11
+static
+int remove_pkcs11_url(gnutls_x509_trust_list_t list, const char *ca_file)
+{
+	if (strcmp(ca_file, list->pkcs11_token) == 0) {
+		gnutls_free(list->pkcs11_token);
+	}
+	return 0;
+}
+
+/* This function does add a PKCS #11 object URL into trust list. The
+ * CA certificates are imported directly, rather than using it as a
+ * trusted PKCS#11 token.
+ */
+static
+int add_trust_list_pkcs11_object_url(gnutls_x509_trust_list_t list, const char *url, unsigned flags)
+{
+	gnutls_x509_crt_t *xcrt_list = NULL;
+	gnutls_pkcs11_obj_t *pcrt_list = NULL;
+	unsigned int pcrt_list_size = 0, i;
+	int ret;
+
+	/* here we don't use the flag GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE,
+	 * as we want to explicitly load from any module available in the system.
+	 */
+	ret =
+	    gnutls_pkcs11_obj_list_import_url2(&pcrt_list, &pcrt_list_size,
+					       url,
+					       GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED,
+					       0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (pcrt_list_size == 0) {
+		ret = 0;
+		goto cleanup;
+	}
+
+	xcrt_list = _gnutls_reallocarray(NULL, pcrt_list_size,
+					 sizeof(gnutls_x509_crt_t));
+	if (xcrt_list == NULL) {
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	ret =
+	    gnutls_x509_crt_list_import_pkcs11(xcrt_list, pcrt_list_size,
+					       pcrt_list, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    gnutls_x509_trust_list_add_cas(list, xcrt_list, pcrt_list_size,
+					   flags);
+
+ cleanup:
+	for (i = 0; i < pcrt_list_size; i++)
+		gnutls_pkcs11_obj_deinit(pcrt_list[i]);
+	gnutls_free(pcrt_list);
+	gnutls_free(xcrt_list);
+
+	return ret;
+}
+
+static
+int remove_pkcs11_object_url(gnutls_x509_trust_list_t list, const char *url)
+{
+	gnutls_x509_crt_t *xcrt_list = NULL;
+	gnutls_pkcs11_obj_t *pcrt_list = NULL;
+	unsigned int pcrt_list_size = 0, i;
+	int ret;
+
+	ret =
+	    gnutls_pkcs11_obj_list_import_url2(&pcrt_list, &pcrt_list_size,
+					       url,
+					       GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED,
+					       0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (pcrt_list_size == 0) {
+		ret = 0;
+		goto cleanup;
+	}
+
+	xcrt_list = _gnutls_reallocarray(NULL, pcrt_list_size,
+					 sizeof(gnutls_x509_crt_t));
+	if (xcrt_list == NULL) {
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	ret =
+	    gnutls_x509_crt_list_import_pkcs11(xcrt_list, pcrt_list_size,
+					       pcrt_list, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    gnutls_x509_trust_list_remove_cas(list, xcrt_list, pcrt_list_size);
+
+ cleanup:
+	for (i = 0; i < pcrt_list_size; i++) {
+		gnutls_pkcs11_obj_deinit(pcrt_list[i]);
+		if (xcrt_list)
+			gnutls_x509_crt_deinit(xcrt_list[i]);
+	}
+	gnutls_free(pcrt_list);
+	gnutls_free(xcrt_list);
+
+	return ret;
+}
+#endif
+
+
+/**
+ * gnutls_x509_trust_list_add_trust_file:
+ * @list: The list
+ * @ca_file: A file containing a list of CAs (optional)
+ * @crl_file: A file containing a list of CRLs (optional)
+ * @type: The format of the certificates
+ * @tl_flags: flags from %gnutls_trust_list_flags_t
+ * @tl_vflags: gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL
+ *
+ * This function will add the given certificate authorities
+ * to the trusted list. PKCS #11 URLs are also accepted, instead
+ * of files, by this function. A PKCS #11 URL implies a trust
+ * database (a specially marked module in p11-kit); the URL "pkcs11:"
+ * implies all trust databases in the system. Only a single URL specifying
+ * trust databases can be set; they cannot be stacked with multiple calls.
+ *
+ * Returns: The number of added elements is returned.
+ *
+ * Since: 3.1
+ **/
+int
+gnutls_x509_trust_list_add_trust_file(gnutls_x509_trust_list_t list,
+				      const char *ca_file,
+				      const char *crl_file,
+				      gnutls_x509_crt_fmt_t type,
+				      unsigned int tl_flags,
+				      unsigned int tl_vflags)
+{
+	gnutls_datum_t cas = { NULL, 0 };
+	gnutls_datum_t crls = { NULL, 0 };
+	size_t size;
+	int ret;
+
+	if (ca_file != NULL) {
+#ifdef ENABLE_PKCS11
+		if (c_strncasecmp(ca_file, PKCS11_URL, PKCS11_URL_SIZE) == 0) {
+			unsigned pcrt_list_size = 0;
+
+			/* in case of a token URL import it as a PKCS #11 token,
+			 * otherwise import the individual certificates.
+			 */
+			if (is_pkcs11_url_object(ca_file) != 0) {
+				return add_trust_list_pkcs11_object_url(list, ca_file, tl_flags);
+			} else { /* trusted token */
+				if (list->pkcs11_token != NULL)
+					return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+				list->pkcs11_token = gnutls_strdup(ca_file);
+
+				/* enumerate the certificates */
+				ret = gnutls_pkcs11_obj_list_import_url(NULL, &pcrt_list_size,
+					ca_file, 
+					(GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE|GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_MARK_CA|GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED),
+					0);
+				if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
+					return gnutls_assert_val(ret);
+
+				return pcrt_list_size;
+			}
+		} else
+#endif
+		{
+			cas.data = (void *) read_file(ca_file, RF_BINARY, &size);
+			if (cas.data == NULL) {
+				gnutls_assert();
+				return GNUTLS_E_FILE_ERROR;
+			}
+			cas.size = size;
+		}
+	}
+
+	if (crl_file) {
+		crls.data = (void *) read_file(crl_file, RF_BINARY, &size);
+		if (crls.data == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_FILE_ERROR;
+		}
+		crls.size = size;
+	}
+
+	ret =
+	    gnutls_x509_trust_list_add_trust_mem(list, &cas, &crls, type,
+						 tl_flags, tl_vflags);
+	free(crls.data);
+	free(cas.data);
+
+	return ret;
+}
+
+static
+int load_dir_certs(const char *dirname,
+			  gnutls_x509_trust_list_t list,
+			  unsigned int tl_flags, unsigned int tl_vflags,
+			  unsigned type, unsigned crl)
+{
+	int ret;
+	int r = 0;
+	char path[GNUTLS_PATH_MAX];
+
+#if !defined(_WIN32) || !defined(_UNICODE)
+	DIR *dirp;
+	struct dirent *d;
+
+	dirp = opendir(dirname);
+	if (dirp != NULL) {
+		while ((d = readdir(dirp)) != NULL) {
+#ifdef _DIRENT_HAVE_D_TYPE
+				if (d->d_type == DT_REG || d->d_type == DT_LNK || d->d_type == DT_UNKNOWN)
+#endif
+			{
+				snprintf(path, sizeof(path), "%s/%s",
+					 dirname, d->d_name);
+
+				if (crl != 0) {
+					ret =
+					    gnutls_x509_trust_list_add_trust_file
+					    (list, NULL, path, type, tl_flags,
+					     tl_vflags);
+				} else {
+					ret =
+					    gnutls_x509_trust_list_add_trust_file
+					    (list, path, NULL, type, tl_flags,
+					     tl_vflags);
+				}
+				if (ret >= 0)
+					r += ret;
+			}
+		}
+		closedir(dirp);
+	}
+#else /* _WIN32 */
+
+	_TDIR *dirp;
+	struct _tdirent *d;
+	gnutls_datum_t utf16 = {NULL, 0};
+
+#ifdef WORDS_BIGENDIAN
+	r = _gnutls_utf8_to_ucs2(dirname, strlen(dirname), &utf16, 1);
+#else
+	r = _gnutls_utf8_to_ucs2(dirname, strlen(dirname), &utf16, 0);
+#endif
+	if (r < 0)
+		return gnutls_assert_val(r);
+	dirp = _topendir((_TCHAR*)utf16.data);
+	gnutls_free(utf16.data);
+	if (dirp != NULL) {
+		while ((d = _treaddir(dirp)) != NULL) {
+#ifdef _DIRENT_HAVE_D_TYPE
+			if (d->d_type == DT_REG || d->d_type == DT_LNK || d->d_type == DT_UNKNOWN)
+#endif
+			{
+				snprintf(path, sizeof(path), "%s/%ls",
+					dirname, d->d_name);
+
+				if (crl != 0) {
+					ret =
+					    gnutls_x509_trust_list_add_trust_file
+					    (list, NULL, path, type, tl_flags,
+					     tl_vflags);
+				} else {
+					ret =
+					    gnutls_x509_trust_list_add_trust_file
+					    (list, path, NULL, type, tl_flags,
+					     tl_vflags);
+				}
+				if (ret >= 0)
+					r += ret;
+			}
+		}
+		_tclosedir(dirp);
+	}
+#endif /* _WIN32 */
+	return r;
+}
+
+/**
+ * gnutls_x509_trust_list_add_trust_dir:
+ * @list: The list
+ * @ca_dir: A directory containing the CAs (optional)
+ * @crl_dir: A directory containing a list of CRLs (optional)
+ * @type: The format of the certificates
+ * @tl_flags: flags from %gnutls_trust_list_flags_t
+ * @tl_vflags: gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL
+ *
+ * This function will add the given certificate authorities
+ * to the trusted list. Only directories are accepted by
+ * this function.
+ *
+ * Returns: The number of added elements is returned.
+ *
+ * Since: 3.3.6
+ **/
+int
+gnutls_x509_trust_list_add_trust_dir(gnutls_x509_trust_list_t list,
+				      const char *ca_dir,
+				      const char *crl_dir,
+				      gnutls_x509_crt_fmt_t type,
+				      unsigned int tl_flags,
+				      unsigned int tl_vflags)
+{
+	int ret = 0;
+
+	if (ca_dir != NULL) {
+		int r = 0;
+		r = load_dir_certs(ca_dir, list, tl_flags, tl_vflags, type, 0);
+
+		if (r >= 0)
+			ret += r;
+	}
+
+	if (crl_dir) {
+		int r = 0;
+		r = load_dir_certs(crl_dir, list, tl_flags, tl_vflags, type, 1);
+
+		if (r >= 0)
+			ret += r;
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_trust_list_remove_trust_file:
+ * @list: The list
+ * @ca_file: A file containing a list of CAs
+ * @type: The format of the certificates
+ *
+ * This function will remove the given certificate authorities
+ * from the trusted list, and add them into a black list when needed. 
+ * PKCS 11 URLs are also accepted, instead
+ * of files, by this function.
+ *
+ * See also gnutls_x509_trust_list_remove_cas().
+ *
+ * Returns: The number of added elements is returned.
+ *
+ * Since: 3.1.10
+ **/
+int
+gnutls_x509_trust_list_remove_trust_file(gnutls_x509_trust_list_t list,
+					 const char *ca_file,
+					 gnutls_x509_crt_fmt_t type)
+{
+	gnutls_datum_t cas = { NULL, 0 };
+	size_t size;
+	int ret;
+
+#ifdef ENABLE_PKCS11
+	if (c_strncasecmp(ca_file, PKCS11_URL, PKCS11_URL_SIZE) == 0) {
+		if (is_pkcs11_url_object(ca_file) != 0) {
+			return remove_pkcs11_object_url(list, ca_file);
+		} else { /* token */
+			return remove_pkcs11_url(list, ca_file);
+		}
+	} else
+#endif
+	{
+		cas.data = (void *) read_file(ca_file, RF_BINARY, &size);
+		if (cas.data == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_FILE_ERROR;
+		}
+		cas.size = size;
+	}
+
+	ret = gnutls_x509_trust_list_remove_trust_mem(list, &cas, type);
+	free(cas.data);
+
+	return ret;
+}
diff --git a/lib/x509/verify.c b/lib/x509/verify.c
new file mode 100644
index 0000000..c7e35f7
--- /dev/null
+++ b/lib/x509/verify.c
@@ -0,0 +1,1752 @@
+/*
+ * Copyright (C) 2003-2014 Free Software Foundation, Inc.
+ * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ * Copyright (C) 2014 Red Hat
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* All functions which relate to X.509 certificate verification stuff are
+ * included here
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <libtasn1.h>
+#include <global.h>
+#include <num.h>		/* MAX */
+#include <tls-sig.h>
+#include <str.h>
+#include <datum.h>
+#include <pkcs11_int.h>
+#include <x509_int.h>
+#include <common.h>
+#include <pk.h>
+#include <x509/verify-high.h>
+#include "supported_exts.h"
+#include "profiles.h"
+
+/* Checks if two certs have the same name and the same key.  Return 1 on match. 
+ * If @is_ca is zero then this function is identical to gnutls_x509_crt_equals()
+ */
+unsigned
+_gnutls_check_if_same_key(gnutls_x509_crt_t cert1,
+			  gnutls_x509_crt_t cert2,
+			  unsigned is_ca)
+{
+	int ret;
+	unsigned result;
+
+	if (is_ca == 0)
+		return gnutls_x509_crt_equals(cert1, cert2);
+
+	ret = _gnutls_is_same_dn(cert1, cert2);
+	if (ret == 0)
+		return 0;
+
+	if (cert1->raw_spki.size > 0 && (cert1->raw_spki.size == cert2->raw_spki.size) &&
+	    (memcmp(cert1->raw_spki.data, cert2->raw_spki.data, cert1->raw_spki.size) == 0))
+		result = 1;
+	else
+		result = 0;
+
+	return result;
+}
+
+unsigned
+_gnutls_check_if_same_key2(gnutls_x509_crt_t cert1,
+			   gnutls_datum_t * cert2bin)
+{
+	int ret;
+	gnutls_x509_crt_t cert2;
+
+	ret = gnutls_x509_crt_init(&cert2);
+	if (ret < 0)
+		return gnutls_assert_val(0);
+
+	ret = gnutls_x509_crt_import(cert2, cert2bin, GNUTLS_X509_FMT_DER);
+	if (ret < 0) {
+		gnutls_x509_crt_deinit(cert2);
+		return gnutls_assert_val(0);
+	}
+
+	ret = _gnutls_check_if_same_key(cert1, cert2, 1);
+
+	gnutls_x509_crt_deinit(cert2);
+	return ret;
+}
+
+/* checks whether there are present unknown/unsupported critical extensions.
+ *
+ * Returns true if they are present.
+ */
+static unsigned check_for_unknown_exts(gnutls_x509_crt_t cert)
+{
+	unsigned i;
+	char oid[MAX_OID_SIZE];
+	size_t oid_size;
+	unsigned critical;
+	int ret;
+
+	for (i=0;;i++) {
+		oid_size = sizeof(oid);
+		oid[0] = 0;
+		critical = 0;
+
+		ret = gnutls_x509_crt_get_extension_info(cert, i, oid, &oid_size, &critical);
+		if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			return 0;
+		} else if (ret < 0) {
+			gnutls_assert();
+			/* could not decode? */
+			_gnutls_debug_log("Could not decode extension %d\n", i);
+			return 1;
+		}
+
+		if (critical == 0)
+			continue;
+
+		if (is_ext_oid_supported(oid, oid_size) == NULL) {
+			gnutls_assert();
+			_gnutls_debug_log("Unsupported critical extension: %s\n", oid);
+			return 1;
+		}
+	}
+
+	return 0;
+}
+
+/* Checks if the issuer of a certificate is a
+ * Certificate Authority, or if the certificate is the same
+ * as the issuer (and therefore it doesn't need to be a CA).
+ *
+ * Returns true or false, if the issuer is a CA,
+ * or not.
+ */
+static unsigned
+check_if_ca(gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
+	    unsigned int *max_path, unsigned int flags)
+{
+	gnutls_datum_t cert_signed_data = { NULL, 0 };
+	gnutls_datum_t issuer_signed_data = { NULL, 0 };
+	gnutls_datum_t cert_signature = { NULL, 0 };
+	gnutls_datum_t issuer_signature = { NULL, 0 };
+	int pathlen = -1, ret;
+	unsigned result;
+	unsigned int ca_status = 0;
+
+	/* Check if the issuer is the same with the
+	 * certificate. This is added in order for trusted
+	 * certificates to be able to verify themselves.
+	 */
+
+	ret =
+	    _gnutls_x509_get_signed_data(issuer->cert, &issuer->der, "tbsCertificate",
+					 &issuer_signed_data);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	ret =
+	    _gnutls_x509_get_signed_data(cert->cert, &cert->der, "tbsCertificate",
+					 &cert_signed_data);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	ret =
+	    _gnutls_x509_get_signature(issuer->cert, "signature",
+				       &issuer_signature);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	ret =
+	    _gnutls_x509_get_signature(cert->cert, "signature",
+				       &cert_signature);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	/* If the subject certificate is the same as the issuer
+	 * return true.
+	 */
+	if (!(flags & GNUTLS_VERIFY_DO_NOT_ALLOW_SAME))
+		if (cert_signed_data.size == issuer_signed_data.size) {
+			if ((memcmp
+			     (cert_signed_data.data,
+			      issuer_signed_data.data,
+			      cert_signed_data.size) == 0)
+			    && (cert_signature.size ==
+				issuer_signature.size)
+			    &&
+			    (memcmp
+			     (cert_signature.data, issuer_signature.data,
+			      cert_signature.size) == 0)) {
+				result = 1;
+				goto cleanup;
+			}
+		}
+
+	ret =
+	    gnutls_x509_crt_get_basic_constraints(issuer, NULL, &ca_status,
+						  &pathlen);
+	if (ret < 0) {
+		ca_status = 0;
+		pathlen = -1;
+	}
+
+	if (ca_status != 0 && pathlen != -1) {
+		if ((unsigned) pathlen < *max_path)
+			*max_path = pathlen;
+	}
+
+	if (ca_status != 0) {
+		result = 1;
+		goto cleanup;
+	}
+	/* Handle V1 CAs that do not have a basicConstraint, but accept
+	   these certs only if the appropriate flags are set. */
+	else if ((ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) &&
+		 ((flags & GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT) ||
+		  (!(flags & GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT) &&
+		   (gnutls_x509_crt_check_issuer(issuer, issuer) != 0)))) {
+		gnutls_assert();
+		result = 1;
+		goto cleanup;
+	} else {
+		gnutls_assert();
+	}
+
+ fail:
+	result = 0;
+
+ cleanup:
+	_gnutls_free_datum(&cert_signed_data);
+	_gnutls_free_datum(&issuer_signed_data);
+	_gnutls_free_datum(&cert_signature);
+	_gnutls_free_datum(&issuer_signature);
+	return result;
+}
+
+
+/* This function checks if cert's issuer is issuer.
+ * This does a straight (DER) compare of the issuer/subject DN fields in
+ * the given certificates, as well as check the authority key ID.
+ *
+ * Returns 1 if they match and (0) if they don't match. 
+ */
+static unsigned is_issuer(gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer)
+{
+	uint8_t id1[MAX_KEY_ID_SIZE];
+	uint8_t id2[MAX_KEY_ID_SIZE];
+	size_t id1_size;
+	size_t id2_size;
+	int ret;
+	unsigned result;
+
+	if (_gnutls_x509_compare_raw_dn
+	    (&cert->raw_issuer_dn, &issuer->raw_dn) != 0)
+		result = 1;
+	else
+		result = 0;
+
+	if (result != 0) {
+		/* check if the authority key identifier matches the subject key identifier
+		 * of the issuer */
+		id1_size = sizeof(id1);
+
+		ret =
+		    gnutls_x509_crt_get_authority_key_id(cert, id1,
+							 &id1_size, NULL);
+		if (ret < 0) {
+			/* If there is no authority key identifier in the
+			 * certificate, assume they match */
+			result = 1;
+			goto cleanup;
+		}
+
+		id2_size = sizeof(id2);
+		ret =
+		    gnutls_x509_crt_get_subject_key_id(issuer, id2,
+						       &id2_size, NULL);
+		if (ret < 0) {
+			/* If there is no subject key identifier in the
+			 * issuer certificate, assume they match */
+			result = 1;
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		if (id1_size == id2_size
+		    && memcmp(id1, id2, id1_size) == 0)
+			result = 1;
+		else
+			result = 0;
+	}
+
+      cleanup:
+	return result;
+}
+
+/* Check if the given certificate is the issuer of the CRL.
+ * Returns 1 on success and 0 otherwise.
+ */
+static unsigned is_crl_issuer(gnutls_x509_crl_t crl, gnutls_x509_crt_t issuer)
+{
+	if (_gnutls_x509_compare_raw_dn
+	    (&crl->raw_issuer_dn, &issuer->raw_dn) != 0)
+		return 1;
+	else
+		return 0;
+}
+
+/* Checks if the DN of two certificates is the same.
+ * Returns 1 if they match and (0) if they don't match. Otherwise
+ * a negative error code is returned to indicate error.
+ */
+unsigned _gnutls_is_same_dn(gnutls_x509_crt_t cert1, gnutls_x509_crt_t cert2)
+{
+	if (_gnutls_x509_compare_raw_dn(&cert1->raw_dn, &cert2->raw_dn) !=
+	    0)
+		return 1;
+	else
+		return 0;
+}
+
+/* Finds an issuer of the certificate. If multiple issuers
+ * are present, returns one that is activated and not expired.
+ */
+static inline gnutls_x509_crt_t
+find_issuer(gnutls_x509_crt_t cert,
+	    const gnutls_x509_crt_t * trusted_cas, int tcas_size)
+{
+	int i;
+	gnutls_x509_crt_t issuer = NULL;
+
+	/* this is serial search. 
+	 */
+	for (i = 0; i < tcas_size; i++) {
+		if (is_issuer(cert, trusted_cas[i]) != 0) {
+			if (issuer == NULL) {
+				issuer = trusted_cas[i];
+			} else {
+				time_t now = gnutls_time(0);
+
+				if (now <
+				    gnutls_x509_crt_get_expiration_time
+				    (trusted_cas[i])
+				    && now >=
+				    gnutls_x509_crt_get_activation_time
+				    (trusted_cas[i])) {
+					issuer = trusted_cas[i];
+				}
+			}
+		}
+	}
+
+	return issuer;
+}
+
+static unsigned int check_time_status(gnutls_x509_crt_t crt, time_t now)
+{
+	int status = 0;
+	time_t t;
+
+	t = gnutls_x509_crt_get_activation_time(crt);
+	if (t == (time_t) - 1 || now < t) {
+		status |= GNUTLS_CERT_NOT_ACTIVATED;
+		status |= GNUTLS_CERT_INVALID;
+		return status;
+	}
+
+	t = gnutls_x509_crt_get_expiration_time(crt);
+	if (t == (time_t) - 1 || now > t) {
+		status |= GNUTLS_CERT_EXPIRED;
+		status |= GNUTLS_CERT_INVALID;
+		return status;
+	}
+
+	return 0;
+}
+
+unsigned _gnutls_is_broken_sig_allowed(const gnutls_sign_entry_st *se, unsigned int flags)
+{
+	gnutls_digest_algorithm_t hash;
+
+	/* we have a catch all */
+	if ((flags & GNUTLS_VERIFY_ALLOW_BROKEN) == GNUTLS_VERIFY_ALLOW_BROKEN)
+		return 1;
+
+	/* the first two are for backwards compatibility */
+	if ((se->id == GNUTLS_SIGN_RSA_MD2)
+	    && (flags & GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2))
+		return 1;
+	if ((se->id == GNUTLS_SIGN_RSA_MD5)
+	    && (flags & GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5))
+		return 1;
+
+	hash = se->hash;
+	if (hash == GNUTLS_DIG_SHA1 && (flags & GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1))
+		return 1;
+
+	return 0;
+}
+
+#define CASE_SEC_PARAM(profile, level) \
+	case profile: \
+		sym_bits = gnutls_sec_param_to_symmetric_bits(level); \
+		se = _gnutls_sign_to_entry(sigalg); \
+		if (unlikely(se == NULL)) { \
+			_gnutls_cert_log("cert", crt); \
+			_gnutls_debug_log(#level": certificate's signature algorithm is unknown\n"); \
+			return gnutls_assert_val(0); \
+		} \
+		if (unlikely(se->hash == GNUTLS_DIG_UNKNOWN)) {	\
+			_gnutls_cert_log("cert", crt); \
+			_gnutls_debug_log(#level": certificate's signature hash is unknown\n"); \
+			return gnutls_assert_val(0); \
+		} \
+		if (!trusted && \
+		    _gnutls_sign_get_hash_strength(sigalg) < sym_bits) { \
+			_gnutls_cert_log("cert", crt); \
+			_gnutls_debug_log(#level": certificate's signature hash strength is unacceptable (is %u bits, needed %u)\n", _gnutls_sign_get_hash_strength(sigalg), sym_bits); \
+			return gnutls_assert_val(0); \
+		} \
+		sp = gnutls_pk_bits_to_sec_param(pkalg, bits); \
+		if (sp < level) { \
+			_gnutls_cert_log("cert", crt); \
+			_gnutls_debug_log(#level": certificate's security level is unacceptable\n"); \
+			return gnutls_assert_val(0); \
+		} \
+		if (issuer) { \
+			sp = gnutls_pk_bits_to_sec_param(issuer_pkalg, issuer_bits); \
+			if (sp < level) { \
+				_gnutls_cert_log("issuer", issuer); \
+				_gnutls_debug_log(#level": certificate's issuer security level is unacceptable\n"); \
+				return gnutls_assert_val(0); \
+			} \
+		} \
+		break;
+
+/* Checks whether the provided certificates are acceptable
+ * according to verification profile specified.
+ *
+ * @crt: a certificate
+ * @issuer: the certificates issuer (allowed to be NULL)
+ * @sigalg: the signature algorithm used
+ * @trusted: whether @crt is treated as trusted (e.g., present in the system
+ *           trust list); if it is true, the check on signature algorithm will
+ *           be skipped
+ * @flags: the specified verification flags
+ */
+static unsigned is_level_acceptable(
+	gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer,
+	gnutls_sign_algorithm_t sigalg, bool trusted,
+	unsigned flags)
+{
+	gnutls_certificate_verification_profiles_t profile = GNUTLS_VFLAGS_TO_PROFILE(flags);
+	int issuer_pkalg = 0, pkalg, ret;
+	unsigned bits = 0, issuer_bits = 0, sym_bits = 0;
+	gnutls_pk_params_st params;
+	gnutls_sec_param_t sp;
+	const gnutls_sign_entry_st *se;
+	gnutls_certificate_verification_profiles_t min_profile;
+
+	min_profile = _gnutls_get_system_wide_verification_profile();
+
+	if (min_profile) {
+		if (profile < min_profile) {
+			gnutls_assert();
+			profile = min_profile;
+		}
+	}
+
+	if (profile == GNUTLS_PROFILE_UNKNOWN) {
+		return 1;
+	}
+
+	pkalg = gnutls_x509_crt_get_pk_algorithm(crt, &bits);
+	if (pkalg < 0)
+		return gnutls_assert_val(0);
+
+	if (issuer) {
+		issuer_pkalg = gnutls_x509_crt_get_pk_algorithm(issuer, &issuer_bits);
+		if (issuer_pkalg < 0)
+			return gnutls_assert_val(0);
+	}
+
+	switch (profile) {
+		CASE_SEC_PARAM(GNUTLS_PROFILE_VERY_WEAK, GNUTLS_SEC_PARAM_VERY_WEAK);
+		CASE_SEC_PARAM(GNUTLS_PROFILE_LOW, GNUTLS_SEC_PARAM_LOW);
+		CASE_SEC_PARAM(GNUTLS_PROFILE_LEGACY, GNUTLS_SEC_PARAM_LEGACY);
+		CASE_SEC_PARAM(GNUTLS_PROFILE_MEDIUM, GNUTLS_SEC_PARAM_MEDIUM);
+		CASE_SEC_PARAM(GNUTLS_PROFILE_HIGH, GNUTLS_SEC_PARAM_HIGH);
+		CASE_SEC_PARAM(GNUTLS_PROFILE_ULTRA, GNUTLS_SEC_PARAM_ULTRA);
+		CASE_SEC_PARAM(GNUTLS_PROFILE_FUTURE, GNUTLS_SEC_PARAM_FUTURE);
+		case GNUTLS_PROFILE_SUITEB128:
+		case GNUTLS_PROFILE_SUITEB192: {
+			unsigned curve, issuer_curve;
+
+			/* check suiteB params validity: rfc5759 */
+
+			if (gnutls_x509_crt_get_version(crt) != 3) {
+				_gnutls_debug_log("SUITEB: certificate uses an unacceptable version number\n");
+				return gnutls_assert_val(0);
+			}
+
+			if (sigalg != GNUTLS_SIGN_ECDSA_SHA256 && sigalg != GNUTLS_SIGN_ECDSA_SHA384) {
+				_gnutls_debug_log("SUITEB: certificate is not signed using ECDSA-SHA256 or ECDSA-SHA384\n");
+				return gnutls_assert_val(0);
+			}
+
+			if (pkalg != GNUTLS_PK_EC) {
+				_gnutls_debug_log("SUITEB: certificate does not contain ECC parameters\n");
+				return gnutls_assert_val(0);
+			}
+
+			if (issuer_pkalg != GNUTLS_PK_EC) {
+				_gnutls_debug_log("SUITEB: certificate's issuer does not have ECC parameters\n");
+				return gnutls_assert_val(0);
+			}
+
+			ret = _gnutls_x509_crt_get_mpis(crt, &params);
+			if (ret < 0) {
+				_gnutls_debug_log("SUITEB: cannot read certificate params\n");
+				return gnutls_assert_val(0);
+			}
+
+			curve = params.curve;
+			gnutls_pk_params_release(&params);
+
+			if (curve != GNUTLS_ECC_CURVE_SECP256R1 &&
+				curve != GNUTLS_ECC_CURVE_SECP384R1) {
+				_gnutls_debug_log("SUITEB: certificate's ECC params do not contain SECP256R1 or SECP384R1\n");
+				return gnutls_assert_val(0);
+			}
+
+			if (profile == GNUTLS_PROFILE_SUITEB192) {
+				if (curve != GNUTLS_ECC_CURVE_SECP384R1) {
+					_gnutls_debug_log("SUITEB192: certificate does not use SECP384R1\n");
+					return gnutls_assert_val(0);
+				}
+			}
+
+			if (issuer != NULL) {
+				if (gnutls_x509_crt_get_version(issuer) != 3) {
+					_gnutls_debug_log("SUITEB: certificate's issuer uses an unacceptable version number\n");
+					return gnutls_assert_val(0);
+				}
+
+				ret = _gnutls_x509_crt_get_mpis(issuer, &params);
+				if (ret < 0) {
+					_gnutls_debug_log("SUITEB: cannot read certificate params\n");
+					return gnutls_assert_val(0);
+				}
+
+				issuer_curve = params.curve;
+				gnutls_pk_params_release(&params);
+
+				if (issuer_curve != GNUTLS_ECC_CURVE_SECP256R1 &&
+					issuer_curve != GNUTLS_ECC_CURVE_SECP384R1) {
+					_gnutls_debug_log("SUITEB: certificate's issuer ECC params do not contain SECP256R1 or SECP384R1\n");
+					return gnutls_assert_val(0);
+				}
+
+				if (issuer_curve < curve) {
+					_gnutls_debug_log("SUITEB: certificate's issuer ECC params are weaker than the certificate's\n");
+					return gnutls_assert_val(0);
+				}
+
+				if (sigalg == GNUTLS_SIGN_ECDSA_SHA256 && 
+					issuer_curve == GNUTLS_ECC_CURVE_SECP384R1) {
+					_gnutls_debug_log("SUITEB: certificate is signed with ECDSA-SHA256 when using SECP384R1\n");
+					return gnutls_assert_val(0);
+				}
+			}
+
+			break;
+		case GNUTLS_PROFILE_UNKNOWN: /* already checked; avoid compiler warnings */
+			_gnutls_debug_log("An unknown profile (%d) was encountered\n", (int)profile);
+		}
+	}
+
+	return 1;
+}
+
+typedef struct verify_state_st {
+	time_t now;
+	unsigned int max_path;
+	gnutls_x509_name_constraints_t nc;
+	gnutls_x509_tlsfeatures_t tls_feat;
+	gnutls_verify_output_function *func;
+} verify_state_st;
+
+#define MARK_INVALID(x) { gnutls_assert(); \
+	out |= (x|GNUTLS_CERT_INVALID); \
+	result = 0; }
+
+static int _gnutls_x509_verify_data(gnutls_sign_algorithm_t sign,
+				    const gnutls_datum_t * data,
+				    const gnutls_datum_t * signature,
+				    gnutls_x509_crt_t cert,
+				    gnutls_x509_crt_t issuer,
+				    unsigned vflags);
+
+/*
+ * Verifies the given certificate against a certificate list of
+ * trusted CAs.
+ *
+ * Returns only 0 or 1. If 1 it means that the certificate
+ * was successfully verified.
+ *
+ * 'flags': an OR of the gnutls_certificate_verify_flags enumeration.
+ *
+ * Output will hold some extra information about the verification
+ * procedure.
+ */
+static unsigned verify_crt(gnutls_x509_trust_list_t tlist,
+			   gnutls_x509_crt_t cert,
+			   const gnutls_x509_crt_t * trusted_cas,
+			   int tcas_size, unsigned int flags,
+			   unsigned int *output,
+			   verify_state_st *vparams,
+			   unsigned end_cert)
+{
+	gnutls_datum_t cert_signed_data = { NULL, 0 };
+	gnutls_datum_t cert_signature = { NULL, 0 };
+	gnutls_x509_crt_t issuer = NULL;
+	int issuer_version;
+	unsigned result = 1;
+	unsigned int out = 0, usage;
+	int sigalg, ret;
+	const gnutls_sign_entry_st *se;
+
+	if (output)
+		*output = 0;
+
+	if (vparams->max_path == 0) {
+		MARK_INVALID(GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE);
+		/* bail immediately, to avoid inconistency  */
+		goto cleanup;
+	}
+	vparams->max_path--;
+
+	if (tcas_size >= 1)
+		issuer = find_issuer(cert, trusted_cas, tcas_size);
+
+	ret =
+	    _gnutls_x509_get_signed_data(cert->cert, &cert->der, "tbsCertificate",
+					 &cert_signed_data);
+	if (ret < 0) {
+		MARK_INVALID(0);
+		cert_signed_data.data = NULL;
+	}
+
+	ret =
+	    _gnutls_x509_get_signature(cert->cert, "signature",
+				       &cert_signature);
+	if (ret < 0) {
+		MARK_INVALID(0);
+		cert_signature.data = NULL;
+	}
+
+	ret =
+	    _gnutls_x509_get_signature_algorithm(cert->cert,
+						 "signatureAlgorithm");
+	if (ret < 0) {
+		MARK_INVALID(0);
+	}
+	sigalg = ret;
+
+	se = _gnutls_sign_to_entry(sigalg);
+
+	/* issuer is not in trusted certificate
+	 * authorities.
+	 */
+	if (issuer == NULL) {
+		MARK_INVALID(GNUTLS_CERT_SIGNER_NOT_FOUND);
+	} else {
+		if (vparams->nc != NULL) {
+			/* append the issuer's constraints */
+			ret = gnutls_x509_crt_get_name_constraints(issuer, vparams->nc,
+				GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND, NULL);
+			if (ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+				MARK_INVALID(GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE);
+				goto nc_done;
+			}
+
+			/* only check name constraints in server certificates, not CAs */
+			if (end_cert != 0) {
+				ret = gnutls_x509_name_constraints_check_crt(vparams->nc, GNUTLS_SAN_DNSNAME, cert);
+				if (ret == 0) {
+					MARK_INVALID(GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE);
+					goto nc_done;
+				}
+
+				ret = gnutls_x509_name_constraints_check_crt(vparams->nc, GNUTLS_SAN_RFC822NAME, cert);
+				if (ret == 0) {
+					MARK_INVALID(GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE);
+					goto nc_done;
+				}
+
+				ret = gnutls_x509_name_constraints_check_crt(vparams->nc, GNUTLS_SAN_DN, cert);
+				if (ret == 0) {
+					MARK_INVALID(GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE);
+					goto nc_done;
+				}
+
+				ret = gnutls_x509_name_constraints_check_crt(vparams->nc, GNUTLS_SAN_URI, cert);
+				if (ret == 0) {
+					MARK_INVALID(GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE);
+					goto nc_done;
+				}
+
+				ret = gnutls_x509_name_constraints_check_crt(vparams->nc, GNUTLS_SAN_IPADDRESS, cert);
+				if (ret == 0) {
+					MARK_INVALID(GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE);
+					goto nc_done;
+				}
+			}
+		}
+
+ nc_done:
+		if (vparams->tls_feat != NULL) {
+			/* append the issuer's constraints */
+			ret = gnutls_x509_crt_get_tlsfeatures(issuer, vparams->tls_feat, GNUTLS_EXT_FLAG_APPEND, NULL);
+			if (ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+				MARK_INVALID(GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE);
+				goto feat_done;
+			}
+
+			ret = gnutls_x509_tlsfeatures_check_crt(vparams->tls_feat, cert);
+			if (ret == 0) {
+				MARK_INVALID(GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE);
+				goto feat_done;
+			}
+		}
+
+ feat_done:
+		issuer_version = gnutls_x509_crt_get_version(issuer);
+
+		if (issuer_version < 0) {
+			MARK_INVALID(0);
+		} else if (!(flags & GNUTLS_VERIFY_DISABLE_CA_SIGN) &&
+			   ((flags & GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT)
+			    || issuer_version != 1)) {
+			if (check_if_ca(cert, issuer, &vparams->max_path, flags) != 1) {
+				MARK_INVALID(GNUTLS_CERT_SIGNER_NOT_CA);
+			}
+
+			ret =
+			    gnutls_x509_crt_get_key_usage(issuer, &usage, NULL);
+			if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+				if (ret < 0) {
+					MARK_INVALID(0);
+				} else if (!(usage & GNUTLS_KEY_KEY_CERT_SIGN)) {
+					MARK_INVALID(GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE);
+				}
+			}
+		}
+
+		if (sigalg < 0) {
+			MARK_INVALID(0);
+		} else if (cert_signed_data.data != NULL &&
+		    cert_signature.data != NULL) {
+			ret =
+			    _gnutls_x509_verify_data(sigalg,
+						     &cert_signed_data,
+						     &cert_signature,
+						     cert,
+						     issuer, flags);
+
+			if (ret == GNUTLS_E_PK_SIG_VERIFY_FAILED) {
+				MARK_INVALID(GNUTLS_CERT_SIGNATURE_FAILURE);
+			} else if (ret == GNUTLS_E_CONSTRAINT_ERROR) {
+				MARK_INVALID(GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE);
+			} else if (ret < 0) {
+				MARK_INVALID(0);
+			}
+		}
+	}
+
+	/* we always check the issuer for unsupported critical extensions */
+	if (issuer && check_for_unknown_exts(issuer) != 0) {
+		if (!(flags & GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS)) {
+			MARK_INVALID(GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS);
+		}
+	}
+
+	/* we only check the end-certificate for critical extensions; that
+	 * way do not perform this check twice on the certificates when
+	 * verifying a large list */
+	if (end_cert && check_for_unknown_exts(cert) != 0) {
+		if (!(flags & GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS)) {
+			MARK_INVALID(GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS);
+		}
+	}
+
+	if (sigalg >= 0 && se) {
+		if (is_level_acceptable(cert, issuer, sigalg, false, flags) == 0) {
+			MARK_INVALID(GNUTLS_CERT_INSECURE_ALGORITHM);
+		}
+
+		/* If the certificate is not self signed check if the algorithms
+		 * used are secure. If the certificate is self signed it doesn't
+		 * really matter.
+		 */
+		if (_gnutls_sign_is_secure2(se, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0 &&
+		    _gnutls_is_broken_sig_allowed(se, flags) == 0 &&
+		    is_issuer(cert, cert) == 0) {
+			MARK_INVALID(GNUTLS_CERT_INSECURE_ALGORITHM);
+		}
+	}
+
+	/* Check activation/expiration times
+	 */
+	if (!(flags & GNUTLS_VERIFY_DISABLE_TIME_CHECKS)) {
+		/* check the time of the issuer first */
+		if (issuer != NULL &&
+		    !(flags & GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS)) {
+			out |= check_time_status(issuer, vparams->now);
+			if (out != 0) {
+				gnutls_assert();
+				result = 0;
+			}
+		}
+
+		out |= check_time_status(cert, vparams->now);
+		if (out != 0) {
+			gnutls_assert();
+			result = 0;
+		}
+	}
+
+      cleanup:
+	if (output)
+		*output |= out;
+
+	if (vparams->func) {
+		if (result == 0) {
+			out |= GNUTLS_CERT_INVALID;
+		}
+		vparams->func(cert, issuer, NULL, out);
+	}
+	_gnutls_free_datum(&cert_signed_data);
+	_gnutls_free_datum(&cert_signature);
+
+	return result;
+}
+
+/**
+ * gnutls_x509_crt_check_issuer:
+ * @cert: is the certificate to be checked
+ * @issuer: is the certificate of a possible issuer
+ *
+ * This function will check if the given certificate was issued by the
+ * given issuer. It checks the DN fields and the authority
+ * key identifier and subject key identifier fields match.
+ *
+ * If the same certificate is provided at the @cert and @issuer fields,
+ * it will check whether the certificate is self-signed.
+ *
+ * Returns: It will return true (1) if the given certificate is issued
+ *   by the given issuer, and false (0) if not.  
+ **/
+unsigned
+gnutls_x509_crt_check_issuer(gnutls_x509_crt_t cert,
+			     gnutls_x509_crt_t issuer)
+{
+	return is_issuer(cert, issuer);
+}
+
+static
+unsigned check_ca_sanity(const gnutls_x509_crt_t issuer,
+			 time_t now, unsigned int flags)
+{
+	unsigned int status = 0;
+	unsigned sigalg;
+	int ret;
+
+	/* explicit time check for trusted CA that we remove from
+	 * list. GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS
+	 */
+	if (!(flags & GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS) &&
+	    !(flags & GNUTLS_VERIFY_DISABLE_TIME_CHECKS)) {
+		status |= check_time_status(issuer, now);
+	}
+
+	ret =
+	    _gnutls_x509_get_signature_algorithm(issuer->cert, "signatureAlgorithm");
+	sigalg = ret;
+
+	/* we explicitly allow CAs which we do not support their self-algorithms
+	 * to pass. */
+	if (ret >= 0 && !is_level_acceptable(issuer, NULL, sigalg, true, flags)) {
+		status |= GNUTLS_CERT_INSECURE_ALGORITHM|GNUTLS_CERT_INVALID;
+	}
+
+	return status;
+
+}
+
+/* Verify X.509 certificate chain.
+ *
+ * Note that the return value is an OR of GNUTLS_CERT_* elements.
+ *
+ * This function verifies a X.509 certificate list. The certificate
+ * list should lead to a trusted certificate in order to be trusted.
+ */
+unsigned int
+_gnutls_verify_crt_status(gnutls_x509_trust_list_t tlist,
+			  const gnutls_x509_crt_t * certificate_list,
+			  int clist_size,
+			  const gnutls_x509_crt_t * trusted_cas,
+			  int tcas_size,
+			  unsigned int flags,
+			  const char *purpose,
+			  gnutls_verify_output_function func)
+{
+	int i = 0, ret;
+	unsigned int status = 0, output;
+	time_t now = gnutls_time(0);
+	verify_state_st vparams;
+
+	if (clist_size > 1) {
+		/* Check if the last certificate in the path is self signed.
+		 * In that case ignore it (a certificate is trusted only if it
+		 * leads to a trusted party by us, not the server's).
+		 *
+		 * This prevents from verifying self signed certificates against
+		 * themselves. This (although not bad) caused verification
+		 * failures on some root self signed certificates that use the
+		 * MD2 algorithm.
+		 */
+		if (gnutls_x509_crt_check_issuer
+		    (certificate_list[clist_size - 1],
+		     certificate_list[clist_size - 1]) != 0) {
+			clist_size--;
+		}
+	}
+
+	/* We want to shorten the chain by removing the cert that matches
+	 * one of the certs we trust and all the certs after that i.e. if
+	 * cert chain is A signed-by B signed-by C signed-by D (signed-by
+	 * self-signed E but already removed above), and we trust B, remove
+	 * B, C and D. */
+	if (!(flags & GNUTLS_VERIFY_DO_NOT_ALLOW_SAME))
+		i = 0;		/* also replace the first one */
+	else
+		i = 1;		/* do not replace the first one */
+
+	for (; i < clist_size; i++) {
+		int j;
+
+		for (j = 0; j < tcas_size; j++) {
+			/* we check for a certificate that may not be identical with the one
+			 * sent by the client, but will have the same name and key. That is
+			 * because it can happen that a CA certificate is upgraded from intermediate
+			 * CA to self-signed CA at some point. */
+			if (_gnutls_check_if_same_key
+			    (certificate_list[i], trusted_cas[j], i) != 0) {
+
+				status |= check_ca_sanity(trusted_cas[j], now, flags);
+
+				if (func)
+					func(certificate_list[i],
+					     trusted_cas[j], NULL, status);
+
+				if (status != 0) {
+					return gnutls_assert_val(status);
+				}
+
+				clist_size = i;
+				break;
+			}
+		}
+		/* clist_size may have been changed which gets out of loop */
+	}
+
+	if (clist_size == 0) {
+		/* The certificate is already present in the trusted certificate list.
+		 * Nothing to verify. */
+		return status;
+	}
+
+	memset(&vparams, 0, sizeof(vparams));
+	vparams.now = now;
+	vparams.max_path = MAX_VERIFY_DEPTH;
+	vparams.func = func;
+
+	ret = gnutls_x509_name_constraints_init(&vparams.nc);
+	if (ret < 0) {
+		gnutls_assert();
+		status |= GNUTLS_CERT_INVALID;
+		return status;
+	}
+
+	ret = gnutls_x509_tlsfeatures_init(&vparams.tls_feat);
+	if (ret < 0) {
+		gnutls_assert();
+		status |= GNUTLS_CERT_INVALID;
+		goto cleanup;
+	}
+
+	/* Verify the last certificate in the certificate path
+	 * against the trusted CA certificate list.
+	 *
+	 * If no CAs are present returns CERT_INVALID. Thus works
+	 * in self signed etc certificates.
+	 */
+	output = 0;
+
+	ret = verify_crt(tlist,
+                         certificate_list[clist_size - 1],
+			 trusted_cas, tcas_size, flags,
+			 &output,
+			 &vparams,
+			 clist_size==1?1:0);
+	if (ret != 1) {
+		/* if the last certificate in the certificate
+		 * list is invalid, then the certificate is not
+		 * trusted.
+		 */
+		gnutls_assert();
+		status |= output;
+		status |= GNUTLS_CERT_INVALID;
+		goto cleanup;
+	}
+
+	/* Verify the certificate path (chain)
+	 */
+	for (i = clist_size - 1; i > 0; i--) {
+		output = 0;
+
+		if (purpose != NULL) {
+			ret = _gnutls_check_key_purpose(certificate_list[i], purpose, 1);
+			if (ret != 1) {
+				gnutls_assert();
+				status |= GNUTLS_CERT_INVALID;
+				status |= GNUTLS_CERT_PURPOSE_MISMATCH;
+
+				if (func)
+					func(certificate_list[i-1],
+					     certificate_list[i], NULL, status);
+				goto cleanup;
+			}
+		}
+
+		/* note that here we disable this V1 CA flag. So that no version 1
+		 * certificates can exist in a supplied chain.
+		 */
+		if (!(flags & GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT)) {
+			flags |= GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT;
+		}
+
+		if (!verify_crt(tlist,
+				certificate_list[i - 1],
+				&certificate_list[i], 1,
+				flags, &output,
+				&vparams,
+				i==1?1:0)) {
+			gnutls_assert();
+			status |= output;
+			status |= GNUTLS_CERT_INVALID;
+			goto cleanup;
+		}
+	}
+
+cleanup:
+	gnutls_x509_name_constraints_deinit(vparams.nc);
+	gnutls_x509_tlsfeatures_deinit(vparams.tls_feat);
+	return status;
+}
+
+
+#define PURPOSE_NSSGC "2.16.840.1.113730.4.1"
+#define PURPOSE_VSGC "2.16.840.1.113733.1.8.1"
+
+/* Returns true if the provided purpose is in accordance with the certificate.
+ */
+unsigned _gnutls_check_key_purpose(gnutls_x509_crt_t cert, const char *purpose, unsigned no_any)
+{
+	char oid[MAX_OID_SIZE];
+	size_t oid_size;
+	int ret;
+	unsigned critical = 0;
+	unsigned check_obsolete_oids = 0;
+	unsigned i;
+
+	/* The check_obsolete_oids hack is because of certain very old CA certificates
+	 * around which instead of having the GNUTLS_KP_TLS_WWW_SERVER have some old
+	 * OIDs for that purpose. Assume these OIDs equal GNUTLS_KP_TLS_WWW_SERVER in
+	 * CA certs */
+	if (strcmp(purpose, GNUTLS_KP_TLS_WWW_SERVER) == 0) {
+		unsigned ca_status;
+		ret =
+		    gnutls_x509_crt_get_basic_constraints(cert, NULL, &ca_status,
+							  NULL);
+		if (ret < 0)
+			ca_status = 0;
+
+		if (ca_status)
+			check_obsolete_oids = 1;
+	}
+
+	for (i=0;;i++) {
+		oid_size = sizeof(oid);
+		ret = gnutls_x509_crt_get_key_purpose_oid(cert, i, oid, &oid_size, &critical);
+		if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			if (i==0) {
+				/* no key purpose in certificate, assume ANY */
+				return 1;
+			} else {
+				gnutls_assert();
+				break;
+			}
+		} else if (ret < 0) {
+			gnutls_assert();
+			break;
+		}
+
+		if (check_obsolete_oids) {
+			if (strcmp(oid, PURPOSE_NSSGC) == 0) {
+				return 1;
+			} else if (strcmp(oid, PURPOSE_VSGC) == 0) {
+				return 1;
+			}
+		}
+
+		if (strcmp(oid, purpose) == 0 || (no_any == 0 && strcmp(oid, GNUTLS_KP_ANY) == 0)) {
+			return 1;
+		}
+		_gnutls_debug_log("looking for key purpose '%s', but have '%s'\n", purpose, oid);
+	}
+	return 0;
+}
+
+#ifdef ENABLE_PKCS11
+/* Verify X.509 certificate chain using a PKCS #11 token.
+ *
+ * Note that the return value is an OR of GNUTLS_CERT_* elements.
+ *
+ * Unlike the non-PKCS#11 version, this function accepts a key purpose
+ * (from GNUTLS_KP_...). That is because in the p11-kit trust modules
+ * anchors are mixed and get assigned a purpose.
+ *
+ * This function verifies a X.509 certificate list. The certificate
+ * list should lead to a trusted certificate in order to be trusted.
+ */
+unsigned int
+_gnutls_pkcs11_verify_crt_status(gnutls_x509_trust_list_t tlist,
+				 const char* url,
+				 const gnutls_x509_crt_t * certificate_list,
+				 unsigned clist_size,
+				 const char *purpose,
+				 unsigned int flags,
+				 gnutls_verify_output_function func)
+{
+	int ret;
+	unsigned int status = 0, i;
+	gnutls_x509_crt_t issuer = NULL;
+	gnutls_datum_t raw_issuer = {NULL, 0};
+	time_t now = gnutls_time(0);
+
+	if (clist_size > 1) {
+		/* Check if the last certificate in the path is self signed.
+		 * In that case ignore it (a certificate is trusted only if it
+		 * leads to a trusted party by us, not the server's).
+		 *
+		 * This prevents from verifying self signed certificates against
+		 * themselves. This (although not bad) caused verification
+		 * failures on some root self signed certificates that use the
+		 * MD2 algorithm.
+		 */
+		if (gnutls_x509_crt_check_issuer
+		    (certificate_list[clist_size - 1],
+		     certificate_list[clist_size - 1]) != 0) {
+			clist_size--;
+		}
+	}
+
+	/* We want to shorten the chain by removing the cert that matches
+	 * one of the certs we trust and all the certs after that i.e. if
+	 * cert chain is A signed-by B signed-by C signed-by D (signed-by
+	 * self-signed E but already removed above), and we trust B, remove
+	 * B, C and D. */
+	if (!(flags & GNUTLS_VERIFY_DO_NOT_ALLOW_SAME))
+		i = 0;		/* also replace the first one */
+	else
+		i = 1;		/* do not replace the first one */
+
+	for (; i < clist_size; i++) {
+		unsigned vflags;
+		gnutls_x509_crt_t trusted_cert;
+
+		if (i == 0) /* in the end certificate do full comparison */
+			vflags = GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE|
+				GNUTLS_PKCS11_OBJ_FLAG_COMPARE|GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED;
+		else
+			vflags = GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE|
+				GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY|GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED;
+
+		if (_gnutls_pkcs11_crt_is_known (url, certificate_list[i], vflags, &trusted_cert) != 0) {
+
+			status |= check_ca_sanity(trusted_cert, now, flags);
+
+			if (func)
+				func(trusted_cert,
+				     certificate_list[i], NULL, status);
+
+			gnutls_x509_crt_deinit(trusted_cert);
+
+			if (status != 0) {
+				return gnutls_assert_val(status);
+			}
+
+			clist_size = i;
+			break;
+		}
+		/* clist_size may have been changed which gets out of loop */
+	}
+
+	if (clist_size == 0) {
+		/* The certificate is already present in the trusted certificate list.
+		 * Nothing to verify. */
+		return status;
+	}
+
+	/* check for blacklists */
+	for (i = 0; i < clist_size; i++) {
+		if (gnutls_pkcs11_crt_is_known (url, certificate_list[i], 
+			GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE|
+			GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED) != 0) {
+			status |= GNUTLS_CERT_INVALID;
+			status |= GNUTLS_CERT_REVOKED;
+			if (func)
+				func(certificate_list[i], certificate_list[i], NULL, status);
+			goto cleanup;
+		}
+	}
+
+	/* check against issuer */
+	ret = gnutls_pkcs11_get_raw_issuer(url, certificate_list[clist_size - 1],
+					   &raw_issuer, GNUTLS_X509_FMT_DER,
+					   GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT|GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE);
+	if (ret < 0) {
+		gnutls_assert();
+		if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE && clist_size > 2) {
+
+			/* check if the last certificate in the chain is present
+			 * in our trusted list, and if yes, verify against it. */
+			ret = gnutls_pkcs11_crt_is_known(url, certificate_list[clist_size - 1],
+				GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED|GNUTLS_PKCS11_OBJ_FLAG_COMPARE);
+			if (ret != 0) {
+				return _gnutls_verify_crt_status(tlist,
+						certificate_list, clist_size,
+						&certificate_list[clist_size - 1],
+						1, flags, purpose, func);
+			}
+		}
+
+		status |= GNUTLS_CERT_INVALID;
+		status |= GNUTLS_CERT_SIGNER_NOT_FOUND;
+		/* verify the certificate list against 0 trusted CAs in order
+		 * to get, any additional flags from the certificate list (e.g.,
+		 * insecure algorithms or expired */
+		status |= _gnutls_verify_crt_status(tlist, certificate_list, clist_size,
+						    NULL, 0, flags, purpose, func);
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_crt_init(&issuer);
+	if (ret < 0) {
+		gnutls_assert();
+		status |= GNUTLS_CERT_INVALID;
+		status |= GNUTLS_CERT_SIGNER_NOT_FOUND;
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_crt_import(issuer, &raw_issuer, GNUTLS_X509_FMT_DER);
+	if (ret < 0) {
+		gnutls_assert();
+		status |= GNUTLS_CERT_INVALID;
+		status |= GNUTLS_CERT_SIGNER_NOT_FOUND;
+		goto cleanup;
+	}
+
+	/* check if the raw issuer is blacklisted (it can happen if
+	 * the issuer is both in the trusted list and the blacklisted)
+	 */
+	if (gnutls_pkcs11_crt_is_known (url, issuer,
+		GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE|
+		GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED) != 0) {
+		status |= GNUTLS_CERT_INVALID;
+		status |= GNUTLS_CERT_SIGNER_NOT_FOUND; /* if the signer is revoked - it is as if it doesn't exist */
+		goto cleanup;
+	}
+
+	/* security modules that provide trust, bundle all certificates (of all purposes)
+	 * together. In software that doesn't specify any purpose assume the default to
+	 * be www-server. */
+	ret = _gnutls_check_key_purpose(issuer, purpose==NULL?GNUTLS_KP_TLS_WWW_SERVER:purpose, 0);
+	if (ret != 1) {
+		gnutls_assert();
+		status |= GNUTLS_CERT_INVALID;
+		status |= GNUTLS_CERT_SIGNER_NOT_FOUND;
+		goto cleanup;
+	}
+
+	status = _gnutls_verify_crt_status(tlist, certificate_list, clist_size,
+					   &issuer, 1, flags, purpose, func);
+
+cleanup:
+	gnutls_free(raw_issuer.data);
+	if (issuer != NULL)
+		gnutls_x509_crt_deinit(issuer);
+
+	return status;
+}
+#endif
+
+static int
+_gnutls_x509_validate_sign_params(gnutls_pk_algorithm_t pk_algorithm,
+				  asn1_node cert,
+				  const char *name,
+				  gnutls_x509_spki_st *sig_params)
+{
+	/* The signature parameter validation is only needed for RSA-PSS */
+	if (pk_algorithm == GNUTLS_PK_RSA_PSS) {
+		int result;
+		gnutls_x509_spki_st params;
+
+		result = _gnutls_x509_read_sign_params(cert, name, &params);
+		if (result < 0) {
+			/* If parameters field is absent, no parameter
+			 * validation is needed */
+			if (result != GNUTLS_E_ASN1_ELEMENT_NOT_FOUND &&
+			    result != GNUTLS_E_ASN1_VALUE_NOT_FOUND) {
+				gnutls_assert();
+				return result;
+			}
+		} else {
+			/* Check if the underlying hash algorithms are same.  */
+			if (sig_params->rsa_pss_dig != params.rsa_pss_dig) {
+				gnutls_assert();
+				return GNUTLS_E_CONSTRAINT_ERROR;
+			}
+
+			/* The salt length used to generate the
+			 * signature must be equal to or larger than
+			 * the one in the key parameter. */
+			if (sig_params->salt_size < params.salt_size) {
+				gnutls_assert();
+				return GNUTLS_E_CONSTRAINT_ERROR;
+			}
+		}
+	}
+	return 0;
+}
+
+/* verifies if the certificate is properly signed.
+ * returns GNUTLS_E_PK_VERIFY_SIG_FAILED on failure and 1 on success.
+ * 
+ * 'data' is the signed data
+ * 'signature' is the signature!
+ */
+static int
+_gnutls_x509_verify_data(gnutls_sign_algorithm_t sign,
+			 const gnutls_datum_t * data,
+			 const gnutls_datum_t * signature,
+			 gnutls_x509_crt_t cert,
+			 gnutls_x509_crt_t issuer,
+			 unsigned vflags)
+{
+	gnutls_pk_params_st params;
+	gnutls_pk_algorithm_t issuer_pk;
+	int ret;
+	gnutls_x509_spki_st sign_params;
+	const gnutls_sign_entry_st *se;
+
+	/* Read the MPI parameters from the issuer's certificate.
+	 */
+	ret = _gnutls_x509_crt_get_mpis(issuer, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	issuer_pk = gnutls_x509_crt_get_pk_algorithm(issuer, NULL);
+
+	se = _gnutls_sign_to_entry(sign);
+	if (se == NULL)
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM);
+
+	if (cert != NULL) {
+		ret = _gnutls_x509_read_sign_params(cert->cert,
+						    "signatureAlgorithm",
+						    &sign_params);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gnutls_x509_validate_sign_params(issuer_pk,
+							issuer->cert,
+							"tbsCertificate."
+							"subjectPublicKeyInfo."
+							"algorithm",
+							&sign_params);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	} else {
+		memcpy(&sign_params, &params.spki,
+		       sizeof(gnutls_x509_spki_st));
+
+		sign_params.pk = se->pk;
+		if (sign_params.pk == GNUTLS_PK_RSA_PSS)
+			sign_params.rsa_pss_dig = se->hash;
+	}
+
+	ret = pubkey_verify_data(se, hash_to_entry(se->hash), data, signature, &params,
+				 &sign_params, vflags);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+ cleanup:
+	/* release all allocated MPIs
+	 */
+	gnutls_pk_params_release(&params);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_list_verify:
+ * @cert_list: is the certificate list to be verified
+ * @cert_list_length: holds the number of certificate in cert_list
+ * @CA_list: is the CA list which will be used in verification
+ * @CA_list_length: holds the number of CA certificate in CA_list
+ * @CRL_list: holds a list of CRLs.
+ * @CRL_list_length: the length of CRL list.
+ * @flags: Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.
+ * @verify: will hold the certificate verification output.
+ *
+ *
+ * This function will try to verify the given certificate list and
+ * return its status. The details of the verification are the same
+ * as in gnutls_x509_trust_list_verify_crt2().
+ *
+ * You must check the peer's name in order to check if the verified
+ * certificate belongs to the actual peer.
+ *
+ * The certificate verification output will be put in @verify and will
+ * be one or more of the gnutls_certificate_status_t enumerated
+ * elements bitwise or'd.  For a more detailed verification status use
+ * gnutls_x509_crt_verify() per list element.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_list_verify(const gnutls_x509_crt_t * cert_list,
+			    unsigned cert_list_length,
+			    const gnutls_x509_crt_t * CA_list,
+			    unsigned CA_list_length,
+			    const gnutls_x509_crl_t * CRL_list,
+			    unsigned CRL_list_length, unsigned int flags,
+			    unsigned int *verify)
+{
+	unsigned i;
+	int ret;
+        gnutls_x509_trust_list_t tlist;
+
+	if (cert_list == NULL || cert_list_length == 0)
+		return GNUTLS_E_NO_CERTIFICATE_FOUND;
+
+        gnutls_x509_trust_list_init(&tlist, 0);
+
+	/* Verify certificate
+	 */
+	*verify = _gnutls_verify_crt_status(tlist, cert_list, cert_list_length,
+					    CA_list, CA_list_length,
+					    flags, NULL, NULL);
+
+	/* Check for revoked certificates in the chain.
+	 */
+	for (i = 0; i < cert_list_length; i++) {
+		ret = gnutls_x509_crt_check_revocation(cert_list[i],
+						       CRL_list,
+						       CRL_list_length);
+		if (ret == 1) {	/* revoked */
+			*verify |= GNUTLS_CERT_REVOKED;
+			*verify |= GNUTLS_CERT_INVALID;
+		}
+	}
+
+        gnutls_x509_trust_list_deinit(tlist, 0);
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_verify:
+ * @cert: is the certificate to be verified
+ * @CA_list: is one certificate that is considered to be trusted one
+ * @CA_list_length: holds the number of CA certificate in CA_list
+ * @flags: Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.
+ * @verify: will hold the certificate verification output.
+ *
+ * This function will try to verify the given certificate and return
+ * its status. Note that a verification error does not imply a negative
+ * return status. In that case the @verify status is set.
+ *
+ * The details of the verification are the same
+ * as in gnutls_x509_trust_list_verify_crt2().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_verify(gnutls_x509_crt_t cert,
+		       const gnutls_x509_crt_t * CA_list,
+		       unsigned CA_list_length, unsigned int flags,
+		       unsigned int *verify)
+{
+	gnutls_x509_trust_list_t tlist;
+
+	gnutls_x509_trust_list_init(&tlist, 0);
+
+	/* Verify certificate
+	 */
+	*verify = _gnutls_verify_crt_status(tlist, &cert, 1,
+					    CA_list, CA_list_length,
+					    flags, NULL, NULL);
+
+	gnutls_x509_trust_list_deinit(tlist, 0);
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_check_issuer:
+ * @crl: is the CRL to be checked
+ * @issuer: is the certificate of a possible issuer
+ *
+ * This function will check if the given CRL was issued by the given
+ * issuer certificate.
+ *
+ * Returns: true (1) if the given CRL was issued by the given issuer,
+ * and false (0) if not.
+ **/
+unsigned
+gnutls_x509_crl_check_issuer(gnutls_x509_crl_t crl,
+			     gnutls_x509_crt_t issuer)
+{
+	return is_crl_issuer(crl, issuer);
+}
+
+static inline gnutls_x509_crt_t
+find_crl_issuer(gnutls_x509_crl_t crl,
+		const gnutls_x509_crt_t * trusted_cas, int tcas_size)
+{
+	int i;
+
+	/* this is serial search. 
+	 */
+
+	for (i = 0; i < tcas_size; i++) {
+		if (is_crl_issuer(crl, trusted_cas[i]) != 0)
+			return trusted_cas[i];
+	}
+
+	gnutls_assert();
+	return NULL;
+}
+
+/**
+ * gnutls_x509_crl_verify:
+ * @crl: is the crl to be verified
+ * @trusted_cas: is a certificate list that is considered to be trusted one
+ * @tcas_size: holds the number of CA certificates in CA_list
+ * @flags: Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.
+ * @verify: will hold the crl verification output.
+ *
+ * This function will try to verify the given crl and return its verification status.
+ * See gnutls_x509_crt_list_verify() for a detailed description of
+ * return values. Note that since GnuTLS 3.1.4 this function includes
+ * the time checks.
+ *
+ * Note that value in @verify is set only when the return value of this 
+ * function is success (i.e, failure to trust a CRL a certificate does not imply 
+ * a negative return value).
+ *
+ * Before GnuTLS 3.5.7 this function would return zero or a positive
+ * number on success.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0), otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crl_verify(gnutls_x509_crl_t crl,
+		       const gnutls_x509_crt_t * trusted_cas,
+		       unsigned tcas_size, unsigned int flags,
+		       unsigned int *verify)
+{
+/* CRL is ignored for now */
+	gnutls_datum_t crl_signed_data = { NULL, 0 };
+	gnutls_datum_t crl_signature = { NULL, 0 };
+	gnutls_x509_crt_t issuer = NULL;
+	int result, sigalg;
+	time_t now = gnutls_time(0);
+	time_t nextu;
+	unsigned int usage;
+
+	if (verify)
+		*verify = 0;
+
+	if (tcas_size >= 1)
+		issuer = find_crl_issuer(crl, trusted_cas, tcas_size);
+
+	result =
+	    _gnutls_x509_get_signed_data(crl->crl, &crl->der, "tbsCertList",
+					 &crl_signed_data);
+	if (result < 0) {
+		gnutls_assert();
+		if (verify)
+			*verify |= GNUTLS_CERT_INVALID;
+		goto cleanup;
+	}
+
+	result =
+	    _gnutls_x509_get_signature(crl->crl, "signature",
+				       &crl_signature);
+	if (result < 0) {
+		gnutls_assert();
+		if (verify)
+			*verify |= GNUTLS_CERT_INVALID;
+		goto cleanup;
+	}
+
+	sigalg =
+	    _gnutls_x509_get_signature_algorithm(crl->crl,
+						 "signatureAlgorithm");
+	if (sigalg < 0) {
+		gnutls_assert();
+		if (verify)
+			*verify |= GNUTLS_CERT_INVALID;
+		goto cleanup;
+	}
+
+	/* issuer is not in trusted certificate
+	 * authorities.
+	 */
+	if (issuer == NULL) {
+		gnutls_assert();
+		if (verify)
+			*verify |=
+			    GNUTLS_CERT_SIGNER_NOT_FOUND |
+			    GNUTLS_CERT_INVALID;
+	} else {
+		if (!(flags & GNUTLS_VERIFY_DISABLE_CA_SIGN)) {
+			if (gnutls_x509_crt_get_ca_status(issuer, NULL) != 1) {
+				gnutls_assert();
+				if (verify)
+					*verify |=
+					    GNUTLS_CERT_SIGNER_NOT_CA |
+					    GNUTLS_CERT_INVALID;
+			}
+
+			result =
+			    gnutls_x509_crt_get_key_usage(issuer, &usage, NULL);
+			if (result != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+				if (result < 0) {
+					gnutls_assert();
+					if (verify)
+						*verify |= GNUTLS_CERT_INVALID;
+				} else if (!(usage & GNUTLS_KEY_CRL_SIGN)) {
+					gnutls_assert();
+					if (verify)
+						*verify |=
+						    GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE
+						    | GNUTLS_CERT_INVALID;
+				}
+			}
+		}
+
+		result =
+		    _gnutls_x509_verify_data(sigalg,
+					     &crl_signed_data, &crl_signature,
+					     NULL,
+					     issuer, flags);
+		if (result == GNUTLS_E_PK_SIG_VERIFY_FAILED) {
+			gnutls_assert();
+			/* error. ignore it */
+			if (verify)
+				*verify |= GNUTLS_CERT_SIGNATURE_FAILURE;
+			result = 0;
+		} else if (result == GNUTLS_E_CONSTRAINT_ERROR) {
+			if (verify)
+				*verify |= GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE;
+			result = 0;
+		} else if (result < 0) {
+			gnutls_assert();
+			if (verify)
+				*verify |= GNUTLS_CERT_INVALID;
+			goto cleanup;
+		} else {
+			result = 0; /* everything ok */
+		}
+	}
+
+	{
+		sigalg = gnutls_x509_crl_get_signature_algorithm(crl);
+
+		if (((sigalg == GNUTLS_SIGN_RSA_MD2) &&
+		     !(flags & GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2)) ||
+		    ((sigalg == GNUTLS_SIGN_RSA_MD5) &&
+		     !(flags & GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5))) {
+			if (verify)
+				*verify |= GNUTLS_CERT_INSECURE_ALGORITHM;
+			result = 0;
+		}
+	}
+
+	if (gnutls_x509_crl_get_this_update(crl) > now && verify)
+		*verify |= GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE;
+
+	nextu = gnutls_x509_crl_get_next_update(crl);
+	if (nextu != -1 && nextu < now && verify)
+		*verify |= GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED;
+
+
+      cleanup:
+	if (verify && *verify != 0)
+		*verify |= GNUTLS_CERT_INVALID;
+
+	_gnutls_free_datum(&crl_signed_data);
+	_gnutls_free_datum(&crl_signature);
+
+	return result;
+}
diff --git a/lib/x509/virt-san.c b/lib/x509/virt-san.c
new file mode 100644
index 0000000..e62bd4a
--- /dev/null
+++ b/lib/x509/virt-san.c
@@ -0,0 +1,191 @@
+/*
+ * Copyright (C) 2015-2016 Nikos Mavrogiannopoulos
+ * Copyright (C) 2015-2016 Red Hat, Inc.
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains functions to handle the virtual subject alternative names,
+ * based on othernames, such as GNUTLS_SAN_OTHERNAME_XMPP.
+ */
+
+#include "gnutls_int.h"
+#include "x509_int.h"
+#include "x509_ext_int.h"
+#include "common.h"
+#include "krb5.h"
+#include "virt-san.h"
+
+static
+int san_othername_to_virtual(const char *oid, size_t size)
+{
+	if (oid) {
+		if ((unsigned) size == (sizeof(XMPP_OID)-1)
+		    && memcmp(oid, XMPP_OID, sizeof(XMPP_OID)-1) == 0)
+			return GNUTLS_SAN_OTHERNAME_XMPP;
+		else if ((unsigned) size == (sizeof(KRB5_PRINCIPAL_OID)-1)
+		    && memcmp(oid, KRB5_PRINCIPAL_OID, sizeof(KRB5_PRINCIPAL_OID)-1) == 0)
+			return GNUTLS_SAN_OTHERNAME_KRB5PRINCIPAL;
+		else if ((unsigned) size == (sizeof(MSUSER_PRINCIPAL_NAME_OID)-1)
+		    && memcmp(oid, MSUSER_PRINCIPAL_NAME_OID, sizeof(MSUSER_PRINCIPAL_NAME_OID)-1) == 0)
+			return GNUTLS_SAN_OTHERNAME_MSUSERPRINCIPAL;
+	}
+
+	return GNUTLS_SAN_OTHERNAME;
+}
+
+static
+const char * virtual_to_othername_oid(unsigned type)
+{
+	switch(type) {
+		case GNUTLS_SAN_OTHERNAME_XMPP:
+			return XMPP_OID;
+		case GNUTLS_SAN_OTHERNAME_KRB5PRINCIPAL:
+			return KRB5_PRINCIPAL_OID;
+		case GNUTLS_SAN_OTHERNAME_MSUSERPRINCIPAL:
+			return MSUSER_PRINCIPAL_NAME_OID;
+		default:
+			return NULL;
+	}
+}
+
+int _gnutls_alt_name_assign_virt_type(struct name_st *name, unsigned type, gnutls_datum_t *san, const char *othername_oid, unsigned raw)
+{
+	gnutls_datum_t encoded = {NULL, 0};
+	gnutls_datum_t xmpp = {NULL,0};
+	int ret;
+
+	if (type < 1000) {
+		name->type = type;
+		ret = _gnutls_alt_name_process(&name->san, type, san, raw);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		gnutls_free(san->data);
+
+		if (othername_oid) {
+			name->othername_oid.data = (uint8_t *) othername_oid;
+			name->othername_oid.size = strlen(othername_oid);
+		} else {
+			name->othername_oid.data = NULL;
+			name->othername_oid.size = 0;
+		}
+	} else { /* virtual types */
+		const char *oid = virtual_to_othername_oid(type);
+
+		if (oid == NULL)
+			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+		switch(type) {
+			case GNUTLS_SAN_OTHERNAME_XMPP:
+
+				ret = gnutls_idna_map((char*)san->data, san->size, &xmpp, 0);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+
+				ret = _gnutls_x509_encode_string(ASN1_ETYPE_UTF8_STRING,
+					xmpp.data, xmpp.size, &encoded);
+
+				gnutls_free(xmpp.data);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+
+				name->type = GNUTLS_SAN_OTHERNAME;
+				name->san.data = encoded.data;
+				name->san.size = encoded.size;
+				name->othername_oid.data = (void*)gnutls_strdup(oid);
+				name->othername_oid.size = strlen(oid);
+				break;
+
+			case GNUTLS_SAN_OTHERNAME_KRB5PRINCIPAL:
+				ret = _gnutls_krb5_principal_to_der((char*)san->data, &name->san);
+				if (ret < 0)
+					return gnutls_assert_val(ret);
+
+				name->othername_oid.data = (void*)gnutls_strdup(oid);
+				name->othername_oid.size = strlen(oid);
+				name->type = GNUTLS_SAN_OTHERNAME;
+				break;
+
+			default:
+				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		}
+
+		gnutls_free(san->data);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_othername_to_virtual:
+ * @oid: The othername object identifier
+ * @othername: The othername data
+ * @virt_type: GNUTLS_SAN_OTHERNAME_XXX
+ * @virt: allocated printable data
+ *
+ * This function will parse and convert the othername data to a virtual
+ * type supported by gnutls.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.8
+ **/
+int gnutls_x509_othername_to_virtual(const char *oid, 
+				     const gnutls_datum_t *othername,
+				     unsigned int *virt_type,
+				     gnutls_datum_t *virt)
+{
+	int ret;
+	unsigned type;
+
+	type = san_othername_to_virtual(oid, strlen(oid));
+	if (type == GNUTLS_SAN_OTHERNAME)
+		return gnutls_assert_val(GNUTLS_E_X509_UNKNOWN_SAN);
+
+	if (virt_type)
+		*virt_type = type;
+
+	switch(type) {
+		case GNUTLS_SAN_OTHERNAME_XMPP:
+			ret = _gnutls_x509_decode_string
+				    (ASN1_ETYPE_UTF8_STRING, othername->data,
+				     othername->size, virt, 0);
+			if (ret < 0) {
+				gnutls_assert();
+				return ret;
+			}
+			return 0;
+		case GNUTLS_SAN_OTHERNAME_KRB5PRINCIPAL:
+			ret = _gnutls_krb5_der_to_principal(othername, virt);
+			if (ret < 0) {
+				gnutls_assert();
+				return ret;
+			}
+			return 0;
+		case GNUTLS_SAN_OTHERNAME_MSUSERPRINCIPAL:
+			ret = _gnutls_x509_decode_string
+				    (ASN1_ETYPE_UTF8_STRING, othername->data,
+				     othername->size, virt, 0);
+			if (ret < 0) {
+				gnutls_assert();
+				return ret;
+			}
+			return 0;
+		default:
+			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+	}
+}
diff --git a/lib/x509/virt-san.h b/lib/x509/virt-san.h
new file mode 100644
index 0000000..44b6fe6
--- /dev/null
+++ b/lib/x509/virt-san.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2015 Nikos Mavrogiannopoulos
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_VIRT_SAN_H
+#define GNUTLS_LIB_X509_VIRT_SAN_H
+
+#include "x509_ext_int.h"
+
+int _gnutls_alt_name_assign_virt_type(struct name_st *name, unsigned type, gnutls_datum_t *san, const char *othername_oid, unsigned raw);
+
+#endif /* GNUTLS_LIB_X509_VIRT_SAN_H */
diff --git a/lib/x509/x509.c b/lib/x509/x509.c
new file mode 100644
index 0000000..50dcc8e
--- /dev/null
+++ b/lib/x509/x509.c
@@ -0,0 +1,4689 @@
+/*
+ * Copyright (C) 2003-2018 Free Software Foundation, Inc.
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Authors: Nikos Mavrogiannopoulos, Simon Josefsson, Howard Chu
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions on X.509 Certificate parsing
+ */
+
+#include "gnutls_int.h"
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <gnutls/x509-ext.h>
+#include <x509.h>
+#include <x509_b64.h>
+#include <x509_int.h>
+#include <libtasn1.h>
+#include <pk.h>
+#include <pkcs11_int.h>
+#include "urls.h"
+#include "system-keys.h"
+#include "hash.h"
+#include "hash-pjw-bare.h"
+
+static int crt_reinit(gnutls_x509_crt_t crt)
+{
+	int result;
+
+	_gnutls_free_datum(&crt->der);
+	crt->raw_dn.size = 0;
+	crt->raw_issuer_dn.size = 0;
+	crt->raw_spki.size = 0;
+
+	asn1_delete_structure(&crt->cert);
+
+	result = asn1_create_element(_gnutls_get_pkix(),
+				     "PKIX1.Certificate",
+				     &crt->cert);
+	if (result != ASN1_SUCCESS) {
+		result = _gnutls_asn2err(result);
+		gnutls_assert();
+		return result;
+	}
+
+	gnutls_subject_alt_names_deinit(crt->san);
+	result = gnutls_subject_alt_names_init(&crt->san);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	gnutls_subject_alt_names_deinit(crt->ian);
+	result = gnutls_subject_alt_names_init(&crt->ian);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_equals - This function compares two gnutls_x509_crt_t certificates
+ * @cert1: The first certificate
+ * @cert2: The second certificate
+ *
+ * This function will compare two X.509 certificate structures.
+ *
+ * Returns: On equality non-zero is returned, otherwise zero.
+ *
+ * Since: 3.5.0
+ **/
+unsigned gnutls_x509_crt_equals(gnutls_x509_crt_t cert1,
+				gnutls_x509_crt_t cert2)
+{
+	int ret;
+	bool result;
+
+	if (cert1->modified == 0 && cert2->modified == 0 &&
+	    cert1->raw_dn.size > 0 && cert2->raw_dn.size > 0) {
+		ret = _gnutls_is_same_dn(cert1, cert2);
+		if (ret == 0)
+			return 0;
+	}
+
+	if (cert1->der.size == 0 || cert2->der.size == 0 ||
+	    cert1->modified != 0 || cert2->modified != 0) {
+		gnutls_datum_t tmp1, tmp2;
+
+		/* on uninitialized or modified certificates, we have to re-encode */
+		ret =
+		    gnutls_x509_crt_export2(cert1, GNUTLS_X509_FMT_DER, &tmp1);
+		if (ret < 0)
+			return gnutls_assert_val(0);
+
+		ret =
+		    gnutls_x509_crt_export2(cert2, GNUTLS_X509_FMT_DER, &tmp2);
+		if (ret < 0) {
+			gnutls_free(tmp1.data);
+			return gnutls_assert_val(0);
+		}
+
+		if ((tmp1.size == tmp2.size) &&
+		    (memcmp(tmp1.data, tmp2.data, tmp1.size) == 0))
+			result = 1;
+		else
+			result = 0;
+
+		gnutls_free(tmp1.data);
+		gnutls_free(tmp2.data);
+	} else {
+		if ((cert1->der.size == cert2->der.size) &&
+		    (memcmp(cert1->der.data, cert2->der.data, cert1->der.size) == 0))
+			result = 1;
+		else
+			result = 0;
+	}
+
+	return result;
+}
+
+/**
+ * gnutls_x509_crt_equals2 - This function compares a gnutls_x509_crt_t cert with DER data
+ * @cert1: The first certificate
+ * @der: A DER encoded certificate
+ *
+ * This function will compare an X.509 certificate structures, with DER
+ * encoded certificate data.
+ *
+ * Returns: On equality non-zero is returned, otherwise zero.
+ *
+ * Since: 3.5.0
+ **/
+unsigned
+gnutls_x509_crt_equals2(gnutls_x509_crt_t cert1,
+			const gnutls_datum_t * der)
+{
+	bool result;
+
+	if (cert1 == NULL || der == NULL)
+		return 0;
+
+	if (cert1->der.size == 0 || cert1->modified) {
+		gnutls_datum_t tmp1;
+		int ret;
+
+		/* on uninitialized or modified certificates, we have to re-encode */
+		ret =
+		    gnutls_x509_crt_export2(cert1, GNUTLS_X509_FMT_DER, &tmp1);
+		if (ret < 0)
+			return gnutls_assert_val(0);
+
+		if ((tmp1.size == der->size) &&
+		    (memcmp(tmp1.data, der->data, tmp1.size) == 0))
+			result = 1;
+		else
+			result = 0;
+
+		gnutls_free(tmp1.data);
+	} else {
+		if ((cert1->der.size == der->size) &&
+		    (memcmp(cert1->der.data, der->data, cert1->der.size) == 0))
+			result = 1;
+		else
+			result = 0;
+	}
+
+	return result;
+}
+
+/**
+ * gnutls_x509_crt_init:
+ * @cert: A pointer to the type to be initialized
+ *
+ * This function will initialize an X.509 certificate structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_x509_crt_init(gnutls_x509_crt_t * cert)
+{
+	gnutls_x509_crt_t tmp;
+	int result;
+
+	FAIL_IF_LIB_ERROR;
+
+	tmp =
+	    gnutls_calloc(1, sizeof(gnutls_x509_crt_int));
+
+	if (!tmp)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	result = asn1_create_element(_gnutls_get_pkix(),
+				     "PKIX1.Certificate", &tmp->cert);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(tmp);
+		return _gnutls_asn2err(result);
+	}
+
+	result = gnutls_subject_alt_names_init(&tmp->san);
+	if (result < 0) {
+		gnutls_assert();
+		asn1_delete_structure(&tmp->cert);
+		gnutls_free(tmp);
+		return result;
+	}
+
+	result = gnutls_subject_alt_names_init(&tmp->ian);
+	if (result < 0) {
+		gnutls_assert();
+		asn1_delete_structure(&tmp->cert);
+		gnutls_subject_alt_names_deinit(tmp->san);
+		gnutls_free(tmp);
+		return result;
+	}
+
+	/* If you add anything here, be sure to check if it has to be added
+	   to gnutls_x509_crt_import as well. */
+
+	*cert = tmp;
+
+	return 0;		/* success */
+}
+
+/*-
+ * _gnutls_x509_crt_cpy - This function copies a gnutls_x509_crt_t type
+ * @dest: The data where to copy
+ * @src: The data to be copied
+ * @flags: zero or CRT_CPY_FAST
+ *
+ * This function will copy an X.509 certificate structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ -*/
+int _gnutls_x509_crt_cpy(gnutls_x509_crt_t dest, gnutls_x509_crt_t src)
+{
+	int ret;
+	gnutls_datum_t tmp;
+	unsigned dealloc = 0;
+
+	if (src->der.size == 0 || src->modified) {
+		ret =
+		    gnutls_x509_crt_export2(src, GNUTLS_X509_FMT_DER, &tmp);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+		dealloc = 1;
+	} else {
+		tmp.data = src->der.data;
+		tmp.size = src->der.size;
+	}
+
+	ret = gnutls_x509_crt_import(dest, &tmp, GNUTLS_X509_FMT_DER);
+
+	if (dealloc) {
+		gnutls_free(tmp.data);
+	}
+
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_deinit:
+ * @cert: The data to be deinitialized
+ *
+ * This function will deinitialize a certificate structure.
+ **/
+void gnutls_x509_crt_deinit(gnutls_x509_crt_t cert)
+{
+	if (!cert)
+		return;
+
+	if (cert->cert)
+		asn1_delete_structure(&cert->cert);
+	gnutls_free(cert->der.data);
+	gnutls_subject_alt_names_deinit(cert->san);
+	gnutls_subject_alt_names_deinit(cert->ian);
+	gnutls_free(cert);
+}
+
+static int compare_sig_algorithm(gnutls_x509_crt_t cert)
+{
+	int ret, len1, len2, result;
+	char oid1[MAX_OID_SIZE];
+	char oid2[MAX_OID_SIZE];
+	gnutls_datum_t sp1 = {NULL, 0};
+	gnutls_datum_t sp2 = {NULL, 0};
+	unsigned empty1 = 0, empty2 = 0;
+
+	len1 = sizeof(oid1);
+	result = asn1_read_value(cert->cert, "signatureAlgorithm.algorithm", oid1, &len1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	len2 = sizeof(oid2);
+	result = asn1_read_value(cert->cert, "tbsCertificate.signature.algorithm", oid2, &len2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (len1 != len2 || memcmp(oid1, oid2, len1) != 0) {
+		_gnutls_debug_log("signatureAlgorithm.algorithm differs from tbsCertificate.signature.algorithm: %s, %s\n",
+			oid1, oid2);
+		gnutls_assert();
+		return GNUTLS_E_CERTIFICATE_ERROR;
+	}
+
+	/* compare the parameters */
+	ret = _gnutls_x509_read_value(cert->cert, "signatureAlgorithm.parameters", &sp1);
+	if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) {
+		empty1 = 1;
+	} else if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_x509_read_value(cert->cert, "tbsCertificate.signature.parameters", &sp2);
+	if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) {
+		empty2 = 1;
+	} else if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	/* handle equally empty parameters with missing parameters */
+	if (sp1.size == 2 && memcmp(sp1.data, "\x05\x00", 2) == 0) {
+		empty1 = 1;
+		_gnutls_free_datum(&sp1);
+	}
+
+	if (sp2.size == 2 && memcmp(sp2.data, "\x05\x00", 2) == 0) {
+		empty2 = 1;
+		_gnutls_free_datum(&sp2);
+	}
+
+	if (empty1 != empty2 ||
+	    sp1.size != sp2.size ||
+	    (sp1.size > 0 && memcmp(sp1.data, sp2.data, sp1.size) != 0)) {
+		gnutls_assert();
+		ret = GNUTLS_E_CERTIFICATE_ERROR;
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	_gnutls_free_datum(&sp1);
+	_gnutls_free_datum(&sp2);
+	return ret;
+}
+
+static int cache_alt_names(gnutls_x509_crt_t cert)
+{
+	gnutls_datum_t tmpder = {NULL, 0};
+	int ret;
+
+	/* pre-parse subject alt name */
+	ret = _gnutls_x509_crt_get_extension(cert, "2.5.29.17", 0, &tmpder, NULL);
+	if (ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		gnutls_free(tmpder.data);
+		return gnutls_assert_val(ret);
+	}
+
+	if (ret >= 0) {
+		ret = gnutls_x509_ext_import_subject_alt_names(&tmpder, cert->san, 0);
+		gnutls_free(tmpder.data);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	ret = _gnutls_x509_crt_get_extension(cert, "2.5.29.18", 0, &tmpder, NULL);
+	if (ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+		return gnutls_assert_val(ret);
+
+	if (ret >= 0) {
+		ret = gnutls_x509_ext_import_subject_alt_names(&tmpder, cert->ian, 0);
+		gnutls_free(tmpder.data);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+static bool hcomparator(const void *v1, const void *v2)
+{
+	return (strcmp(v1, v2)==0);
+}
+
+static size_t hhasher(const void *entry, size_t n)
+{
+	const char *e = entry;
+	if (e == NULL || e[0] == 0)
+		return 0;
+
+	return hash_pjw_bare(e, strlen(e)) % n;
+}
+
+#ifdef STRICT_X509
+
+/* Check whether certificates serial number is RFC5280 compliant */
+static bool has_valid_serial(gnutls_x509_crt_t cert)
+{
+	int err, is_zero;
+	unsigned i;
+	unsigned char serial[128];
+	size_t serial_size = sizeof(serial);
+
+	err = gnutls_x509_crt_get_serial(cert, serial, &serial_size);
+	if (err < 0) {
+		_gnutls_debug_log("error: could not read serial number\n");
+		return false;
+	}
+
+	if (serial_size > 20) {
+		_gnutls_debug_log("error: serial number value is longer than 20 octets\n");
+		return false;
+	}
+
+	if (serial[0] & 0x80) {
+		_gnutls_debug_log("error: serial number is negative\n");
+		return false;
+	}
+
+	is_zero = 1;
+	for (i = 0; i < serial_size; ++i) {
+		if (serial[i]) {
+			is_zero = 0;
+			break;
+		}
+	}
+
+	if (is_zero) {
+		_gnutls_debug_log("error: serial number is zero\n");
+		return false;
+	}
+
+	return true;
+}
+
+/* Check if extension can be successfully parsed */
+static bool is_valid_extension(const char *oid, gnutls_datum_t *der)
+{
+	int err = 0, i;
+	unsigned u;
+	size_t sz;
+	time_t t1, t2;
+	char *s1 = NULL, *s2 = NULL;
+	gnutls_datum_t datum = {NULL, 0};
+
+	if (!strcmp(oid, GNUTLS_X509EXT_OID_BASIC_CONSTRAINTS)) {
+		err = gnutls_x509_ext_import_basic_constraints(der, &u, &i);
+	} else if (!strcmp(oid, GNUTLS_X509EXT_OID_SUBJECT_KEY_ID)) {
+		err = gnutls_x509_ext_import_subject_key_id(der, &datum);
+	} else if (!strcmp(oid, GNUTLS_X509EXT_OID_CRT_POLICY)) {
+		gnutls_x509_policies_t policies;
+		if (gnutls_x509_policies_init(&policies) < 0)
+			return false;
+		err = gnutls_x509_ext_import_policies(der, policies, 0);
+		gnutls_x509_policies_deinit(policies);
+	} else if (!strcmp(oid, GNUTLS_X509_OID_POLICY_ANY)) {
+		err = gnutls_x509_ext_import_inhibit_anypolicy(der, &u);
+	} else if (!strcmp(oid, GNUTLS_X509EXT_OID_AUTHORITY_KEY_ID)) {
+		gnutls_x509_aki_t aki;
+		if (gnutls_x509_aki_init(&aki) < 0)
+			return false;
+		err = gnutls_x509_ext_import_authority_key_id(der, aki, 0);
+		gnutls_x509_aki_deinit(aki);
+	} else if (!strcmp(oid, GNUTLS_X509EXT_OID_KEY_USAGE)) {
+		err = gnutls_x509_ext_import_key_usage(der, &u);
+	} else if (!strcmp(oid, GNUTLS_X509EXT_OID_PRIVATE_KEY_USAGE_PERIOD)) {
+		err = gnutls_x509_ext_import_private_key_usage_period(der, &t1, &t2);
+	} else if (!strcmp(oid, GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE)) {
+		gnutls_x509_key_purposes_t purposes;
+		if (gnutls_x509_key_purpose_init(&purposes) < 0)
+			return false;
+		err = gnutls_x509_ext_import_key_purposes(der, purposes, 0);
+		gnutls_x509_key_purpose_deinit(purposes);
+	} else if (!strcmp(oid, GNUTLS_X509EXT_OID_SAN) ||
+		   !strcmp(oid, GNUTLS_X509EXT_OID_IAN)) {
+		gnutls_subject_alt_names_t names;
+		if (gnutls_subject_alt_names_init(&names) < 0)
+			return false;
+		err = gnutls_x509_ext_import_subject_alt_names(der, names, 0);
+		gnutls_subject_alt_names_deinit(names);
+	} else if (!strcmp(oid, GNUTLS_X509EXT_OID_CRL_DIST_POINTS)) {
+		gnutls_x509_crl_dist_points_t dp;
+		if (gnutls_x509_crl_dist_points_init(&dp) < 0)
+			return false;
+		err = gnutls_x509_ext_import_crl_dist_points(der, dp, 0);
+		gnutls_x509_crl_dist_points_deinit(dp);
+	} else if (!strcmp(oid, GNUTLS_X509EXT_OID_PROXY_CRT_INFO)) {
+		err = gnutls_x509_ext_import_proxy(der, &i, &s1, &s2, &sz);
+	} else if (!strcmp(oid, GNUTLS_X509EXT_OID_AUTHORITY_INFO_ACCESS)) {
+		gnutls_x509_aia_t aia;
+		if (gnutls_x509_aia_init(&aia) < 0)
+			return false;
+		err = gnutls_x509_ext_import_aia(der, aia, 0);
+		gnutls_x509_aia_deinit(aia);
+	} else if (!strcmp(oid, GNUTLS_X509EXT_OID_CT_SCT_V1)) {
+		gnutls_x509_ct_scts_t scts;
+		if (gnutls_x509_ext_ct_scts_init(&scts) < 0)
+			return false;
+		err = gnutls_x509_ext_ct_import_scts(der, scts, 0);
+		gnutls_x509_ext_ct_scts_deinit(scts);
+	} else if (!strcmp(oid, GNUTLS_X509EXT_OID_NAME_CONSTRAINTS)) {
+		gnutls_x509_name_constraints_t nc;
+		if (gnutls_x509_name_constraints_init(&nc) < 0)
+			return false;
+		err = gnutls_x509_ext_import_name_constraints(der, nc, 0);
+		gnutls_x509_name_constraints_deinit(nc);
+	} else if (!strcmp(oid, GNUTLS_X509EXT_OID_TLSFEATURES)) {
+		gnutls_x509_tlsfeatures_t features;
+		if (gnutls_x509_tlsfeatures_init(&features) < 0)
+			return false;
+		err = gnutls_x509_ext_import_tlsfeatures(der, features, 0);
+		gnutls_x509_tlsfeatures_deinit(features);
+	} else {
+		return true;
+	}
+
+	gnutls_free(s1);
+	gnutls_free(s2);
+	_gnutls_free_datum(&datum);
+
+	return err == 0;
+}
+
+#endif /* STRICT_X509 */
+
+int _gnutls_check_cert_sanity(gnutls_x509_crt_t cert)
+{
+	int ret = 0, version;
+	gnutls_datum_t exts;
+	Hash_table *htable = NULL;
+
+	if (cert->flags & GNUTLS_X509_CRT_FLAG_IGNORE_SANITY)
+		return 0;
+
+	/* enforce the rule that only version 3 certificates carry extensions */
+	ret = gnutls_x509_crt_get_version(cert);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	version = ret;
+
+#ifdef STRICT_X509
+	/* enforce upper bound on certificate version (RFC5280 compliant) */
+	if (version > 3) {
+		_gnutls_debug_log("error: invalid certificate version %d\n", version);
+		return gnutls_assert_val(GNUTLS_E_X509_CERTIFICATE_ERROR);
+	}
+#endif
+
+	if (version < 3) {
+		if (!cert->modified) {
+			ret = _gnutls_x509_get_raw_field2(cert->cert, &cert->der,
+				"tbsCertificate.extensions", &exts);
+			if (ret >= 0 && exts.size > 0) {
+				_gnutls_debug_log("error: extensions present in certificate with version %d\n", version);
+				return gnutls_assert_val(GNUTLS_E_X509_CERTIFICATE_ERROR);
+			}
+		} else {
+			if (cert->use_extensions) {
+				_gnutls_debug_log("error: extensions set in certificate with version %d\n", version);
+				return gnutls_assert_val(GNUTLS_E_X509_CERTIFICATE_ERROR);
+			}
+		}
+	} else {
+		/* Version is 3; ensure no duplicate extensions are present. */
+		unsigned i, critical;
+		char oid[MAX_OID_SIZE];
+		size_t oid_size;
+		char *o;
+
+		htable = hash_initialize(16, NULL, hhasher, hcomparator, gnutls_free);
+		if (htable == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+		for (i=0;;i++) {
+			oid_size = sizeof(oid);
+			ret = gnutls_x509_crt_get_extension_info(cert, i, oid, &oid_size, &critical);
+			if (ret < 0) {
+				if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+					break;
+				gnutls_assert();
+				goto cleanup;
+			}
+			o = gnutls_strdup(oid);
+			if (o == NULL) {
+				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				goto cleanup;
+			}
+
+			ret = hash_insert_if_absent(htable, o, NULL);
+			if (ret == -1) {
+				gnutls_free(o);
+				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+				goto cleanup;
+			} else if (ret == 0) {
+				/* duplicate */
+				gnutls_free(o);
+				_gnutls_debug_log("error: duplicate extension (%s) detected\n", oid);
+				ret = gnutls_assert_val(GNUTLS_E_X509_DUPLICATE_EXTENSION);
+				goto cleanup;
+			}
+
+#ifdef STRICT_X509
+			gnutls_datum_t der = { NULL, 0 };
+			ret = gnutls_x509_crt_get_extension_data2(cert, i, &der);
+			if (ret < 0)
+				continue;
+			if (critical && !is_valid_extension(oid, &der)) {
+				_gnutls_free_datum(&der);
+				_gnutls_debug_log("error: could not parse extension (%s)\n");
+				return gnutls_assert_val(GNUTLS_E_X509_CERTIFICATE_ERROR);
+			}
+			_gnutls_free_datum(&der);
+#endif
+		}
+
+		hash_free(htable);
+		htable = NULL;
+	}
+
+	if (version < 2) {
+		char id[128];
+		size_t id_size;
+
+		id_size = sizeof(id);
+		ret = gnutls_x509_crt_get_subject_unique_id(cert, id, &id_size);
+		if (ret >= 0 || ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
+			_gnutls_debug_log("error: subjectUniqueID present in certificate with version %d\n", version);
+			ret = gnutls_assert_val(GNUTLS_E_X509_CERTIFICATE_ERROR);
+			goto cleanup;
+		}
+
+		id_size = sizeof(id);
+		ret = gnutls_x509_crt_get_issuer_unique_id(cert, id, &id_size);
+		if (ret >= 0 || ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
+			_gnutls_debug_log("error: subjectUniqueID present in certificate with version %d\n", version);
+			ret = gnutls_assert_val(GNUTLS_E_X509_CERTIFICATE_ERROR);
+			goto cleanup;
+		}
+	}
+
+#ifdef STRICT_X509
+	if (!has_valid_serial(cert)) {
+		ret = gnutls_assert_val(GNUTLS_E_X509_CERTIFICATE_ERROR);
+		goto cleanup;
+	}
+#endif
+
+	if (gnutls_x509_crt_get_expiration_time(cert) == -1 ||
+	    gnutls_x509_crt_get_activation_time(cert) == -1) {
+		_gnutls_debug_log("error: invalid expiration or activation time in certificate\n");
+		ret = gnutls_assert_val(GNUTLS_E_CERTIFICATE_TIME_ERROR);
+		goto cleanup;
+	}
+
+	ret = 0;
+
+ cleanup:
+	if (htable)
+		hash_free(htable);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_import:
+ * @cert: The data to store the parsed certificate.
+ * @data: The DER or PEM encoded certificate.
+ * @format: One of DER or PEM
+ *
+ * This function will convert the given DER or PEM encoded Certificate
+ * to the native gnutls_x509_crt_t format. The output will be stored
+ * in @cert.
+ *
+ * If the Certificate is PEM encoded it should have a header of "X509
+ * CERTIFICATE", or "CERTIFICATE".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_import(gnutls_x509_crt_t cert,
+		       const gnutls_datum_t * data,
+		       gnutls_x509_crt_fmt_t format)
+{
+	int result;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (cert->expanded) {
+		/* Any earlier _asn1_strict_der_decode will modify the ASN.1
+		   structure, so we need to replace it with a fresh
+		   structure. */
+		result = crt_reinit(cert);
+		if (result < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	/* If the Certificate is in PEM format then decode it
+	 */
+	if (format == GNUTLS_X509_FMT_PEM) {
+		/* Try the first header */
+		result =
+		    _gnutls_fbase64_decode(PEM_X509_CERT2, data->data,
+					   data->size, &cert->der);
+
+		if (result < 0) {
+			/* try for the second header */
+			result =
+			    _gnutls_fbase64_decode(PEM_X509_CERT,
+						   data->data, data->size,
+						   &cert->der);
+
+			if (result < 0) {
+				gnutls_assert();
+				return result;
+			}
+		}
+	} else {
+		result = _gnutls_set_datum(&cert->der, data->data, data->size);
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	cert->expanded = 1;
+	cert->modified = 0;
+
+	result =
+	    _asn1_strict_der_decode(&cert->cert, cert->der.data, cert->der.size, NULL);
+	if (result != ASN1_SUCCESS) {
+		result = _gnutls_asn2err(result);
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = compare_sig_algorithm(cert);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* The following do not allocate but rather point to DER data */
+	result = _gnutls_x509_get_raw_field2(cert->cert, &cert->der,
+					  "tbsCertificate.issuer.rdnSequence",
+					  &cert->raw_issuer_dn);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_get_raw_field2(cert->cert, &cert->der,
+					  "tbsCertificate.subject.rdnSequence",
+					  &cert->raw_dn);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_get_raw_field2(cert->cert, &cert->der,
+					  "tbsCertificate.subjectPublicKeyInfo",
+					  &cert->raw_spki);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = cache_alt_names(cert);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_check_cert_sanity(cert);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Since we do not want to disable any extension
+	 */
+	cert->use_extensions = 1;
+
+	return 0;
+
+      cleanup:
+	_gnutls_free_datum(&cert->der);
+	return result;
+}
+
+
+/**
+ * gnutls_x509_crt_get_issuer_dn:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @buf: a pointer to a structure to hold the name (may be null)
+ * @buf_size: initially holds the size of @buf
+ *
+ * This function will copy the name of the Certificate issuer in the
+ * provided buffer. The name will be in the form
+ * "C=xxxx,O=yyyy,CN=zzzz" as described in RFC4514. The output string
+ * will be ASCII or UTF-8 encoded, depending on the certificate data.
+ *
+ * If @buf is null then only the size will be filled.
+ *
+ * This function does not output a fully RFC4514 compliant string, if
+ * that is required see gnutls_x509_crt_get_issuer_dn3().
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not
+ *   long enough, and in that case the @buf_size will be updated
+ *   with the required size. %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if
+ *   the DN does not exist, or another error value on error. On success 0 is returned.
+ **/
+int
+gnutls_x509_crt_get_issuer_dn(gnutls_x509_crt_t cert, char *buf,
+			      size_t * buf_size)
+{
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_parse_dn(cert->cert,
+				     "tbsCertificate.issuer.rdnSequence",
+				     buf, buf_size, GNUTLS_X509_DN_FLAG_COMPAT);
+}
+
+/**
+ * gnutls_x509_crt_get_issuer_dn2:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @dn: a pointer to a structure to hold the name; must be freed using gnutls_free()
+ *
+ * This function will allocate buffer and copy the name of issuer of the Certificate.
+ * The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * This function does not output a fully RFC4514 compliant string, if
+ * that is required see gnutls_x509_crt_get_issuer_dn3().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.10
+ **/
+int
+gnutls_x509_crt_get_issuer_dn2(gnutls_x509_crt_t cert, gnutls_datum_t * dn)
+{
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_dn(cert->cert,
+				   "tbsCertificate.issuer.rdnSequence",
+				   dn, GNUTLS_X509_DN_FLAG_COMPAT);
+}
+
+/**
+ * gnutls_x509_crt_get_issuer_dn3:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @dn: a pointer to a structure to hold the name; must be freed using gnutls_free()
+ * @flags: zero or %GNUTLS_X509_DN_FLAG_COMPAT
+ *
+ * This function will allocate buffer and copy the name of issuer of the Certificate.
+ * The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * When the flag %GNUTLS_X509_DN_FLAG_COMPAT is specified, the output
+ * format will match the format output by previous to 3.5.6 versions of GnuTLS
+ * which was not not fully RFC4514-compliant.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.7
+ **/
+int
+gnutls_x509_crt_get_issuer_dn3(gnutls_x509_crt_t cert, gnutls_datum_t *dn, unsigned flags)
+{
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_dn(cert->cert,
+				   "tbsCertificate.issuer.rdnSequence",
+				   dn, flags);
+}
+
+/**
+ * gnutls_x509_crt_get_issuer_dn_by_oid:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @oid: holds an Object Identified in null terminated string
+ * @indx: In case multiple same OIDs exist in the RDN, this specifies which to send. Use (0) to get the first one.
+ * @raw_flag: If non-zero returns the raw DER data of the DN part.
+ * @buf: a pointer to a structure to hold the name (may be null)
+ * @buf_size: initially holds the size of @buf
+ *
+ * This function will extract the part of the name of the Certificate
+ * issuer specified by the given OID. The output, if the raw flag is not
+ * used, will be encoded as described in RFC4514. Thus a string that is
+ * ASCII or UTF-8 encoded, depending on the certificate data.
+ *
+ * Some helper macros with popular OIDs can be found in gnutls/x509.h
+ * If raw flag is (0), this function will only return known OIDs as
+ * text. Other OIDs will be DER encoded, as described in RFC4514 --
+ * in hex format with a '#' prefix.  You can check about known OIDs
+ * using gnutls_x509_dn_oid_known().
+ *
+ * If @buf is null then only the size will be filled. If the @raw_flag
+ * is not specified the output is always null terminated, although the
+ * @buf_size will not include the null character.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not
+ *   long enough, and in that case the @buf_size will be updated with
+ *   the required size. %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if there
+ *   are no data in the current index. On success 0 is returned.
+ **/
+int
+gnutls_x509_crt_get_issuer_dn_by_oid(gnutls_x509_crt_t cert,
+				     const char *oid, unsigned indx,
+				     unsigned int raw_flag, void *buf,
+				     size_t * buf_size)
+{
+	gnutls_datum_t td;
+	int ret;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_parse_dn_oid(cert->cert,
+					"tbsCertificate.issuer.rdnSequence",
+					oid, indx, raw_flag, &td);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return _gnutls_strdatum_to_buf(&td, buf, buf_size);
+}
+
+/**
+ * gnutls_x509_crt_get_issuer_dn_oid:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @indx: This specifies which OID to return. Use (0) to get the first one.
+ * @oid: a pointer to a buffer to hold the OID (may be null)
+ * @oid_size: initially holds the size of @oid
+ *
+ * This function will extract the OIDs of the name of the Certificate
+ * issuer specified by the given index.
+ *
+ * If @oid is null then only the size will be filled. The @oid
+ * returned will be null terminated, although @oid_size will not
+ * account for the trailing null.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not
+ *   long enough, and in that case the @buf_size will be updated with
+ *   the required size. %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if there
+ *   are no data in the current index. On success 0 is returned.
+ **/
+int
+gnutls_x509_crt_get_issuer_dn_oid(gnutls_x509_crt_t cert,
+				  unsigned indx, void *oid, size_t * oid_size)
+{
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_dn_oid(cert->cert,
+				       "tbsCertificate.issuer.rdnSequence",
+				       indx, oid, oid_size);
+}
+
+/**
+ * gnutls_x509_crt_get_dn:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @buf: a pointer to a structure to hold the name (may be null)
+ * @buf_size: initially holds the size of @buf
+ *
+ * This function will copy the name of the Certificate in the provided
+ * buffer. The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * The @buf returned will be null terminated and the @buf_size will account
+ * for the trailing null. If @buf is null then only the size will be filled.
+ *
+ * This function does not output a fully RFC4514 compliant string, if
+ * that is required see gnutls_x509_crt_get_dn3().
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not
+ *   long enough, and in that case the @buf_size will be updated
+ *   with the required size. %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if
+ *   the DN does not exist, or another error value on error. On success 0 is returned.
+ **/
+int
+gnutls_x509_crt_get_dn(gnutls_x509_crt_t cert, char *buf,
+		       size_t * buf_size)
+{
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_parse_dn(cert->cert,
+				     "tbsCertificate.subject.rdnSequence",
+				     buf, buf_size, GNUTLS_X509_DN_FLAG_COMPAT);
+}
+
+/**
+ * gnutls_x509_crt_get_dn2:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @dn: a pointer to a structure to hold the name; must be freed using gnutls_free()
+ *
+ * This function will allocate buffer and copy the name of the Certificate.
+ * The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * This function does not output a fully RFC4514 compliant string, if
+ * that is required see gnutls_x509_crt_get_dn3().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.10
+ **/
+int gnutls_x509_crt_get_dn2(gnutls_x509_crt_t cert, gnutls_datum_t * dn)
+{
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_dn(cert->cert,
+				   "tbsCertificate.subject.rdnSequence",
+				   dn, GNUTLS_X509_DN_FLAG_COMPAT);
+}
+
+/**
+ * gnutls_x509_crt_get_dn3:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @dn: a pointer to a structure to hold the name; must be freed using gnutls_free()
+ * @flags: zero or %GNUTLS_X509_DN_FLAG_COMPAT
+ *
+ * This function will allocate buffer and copy the name of the Certificate.
+ * The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * When the flag %GNUTLS_X509_DN_FLAG_COMPAT is specified, the output
+ * format will match the format output by previous to 3.5.6 versions of GnuTLS
+ * which was not not fully RFC4514-compliant.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.7
+ **/
+int gnutls_x509_crt_get_dn3(gnutls_x509_crt_t cert, gnutls_datum_t *dn, unsigned flags)
+{
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_dn(cert->cert,
+				   "tbsCertificate.subject.rdnSequence",
+				   dn, flags);
+}
+
+/**
+ * gnutls_x509_crt_get_dn_by_oid:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @oid: holds an Object Identified in null terminated string
+ * @indx: In case multiple same OIDs exist in the RDN, this specifies which to send. Use (0) to get the first one.
+ * @raw_flag: If non-zero returns the raw DER data of the DN part.
+ * @buf: a pointer where the DN part will be copied (may be null).
+ * @buf_size: initially holds the size of @buf
+ *
+ * This function will extract the part of the name of the Certificate
+ * subject specified by the given OID. The output, if the raw flag is
+ * not used, will be encoded as described in RFC4514. Thus a string
+ * that is ASCII or UTF-8 encoded, depending on the certificate data.
+ *
+ * Some helper macros with popular OIDs can be found in gnutls/x509.h
+ * If raw flag is (0), this function will only return known OIDs as
+ * text. Other OIDs will be DER encoded, as described in RFC4514 --
+ * in hex format with a '#' prefix.  You can check about known OIDs
+ * using gnutls_x509_dn_oid_known().
+ *
+ * If @buf is null then only the size will be filled. If the @raw_flag
+ * is not specified the output is always null terminated, although the
+ * @buf_size will not include the null character.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not
+ *   long enough, and in that case the @buf_size will be updated with
+ *   the required size. %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if there
+ *   are no data in the current index. On success 0 is returned.
+ **/
+int
+gnutls_x509_crt_get_dn_by_oid(gnutls_x509_crt_t cert, const char *oid,
+			      unsigned indx, unsigned int raw_flag,
+			      void *buf, size_t * buf_size)
+{
+	gnutls_datum_t td;
+	int ret;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_parse_dn_oid(cert->cert,
+					"tbsCertificate.subject.rdnSequence",
+					oid, indx, raw_flag, &td);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return _gnutls_strdatum_to_buf(&td, buf, buf_size);
+}
+
+/**
+ * gnutls_x509_crt_get_dn_oid:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @indx: This specifies which OID to return. Use (0) to get the first one.
+ * @oid: a pointer to a buffer to hold the OID (may be null)
+ * @oid_size: initially holds the size of @oid
+ *
+ * This function will extract the OIDs of the name of the Certificate
+ * subject specified by the given index.
+ *
+ * If @oid is null then only the size will be filled. The @oid
+ * returned will be null terminated, although @oid_size will not
+ * account for the trailing null.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not
+ *   long enough, and in that case the @buf_size will be updated with
+ *   the required size. %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if there
+ *   are no data in the current index. On success 0 is returned.
+ **/
+int
+gnutls_x509_crt_get_dn_oid(gnutls_x509_crt_t cert,
+			   unsigned indx, void *oid, size_t * oid_size)
+{
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_dn_oid(cert->cert,
+				       "tbsCertificate.subject.rdnSequence",
+				       indx, oid, oid_size);
+}
+
+/**
+ * gnutls_x509_crt_get_signature_algorithm:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ *
+ * This function will return a value of the #gnutls_sign_algorithm_t
+ * enumeration that is the signature algorithm that has been used to
+ * sign this certificate.
+ *
+ * Since 3.6.0 this function never returns a negative error code.
+ * Error cases and unknown/unsupported signature algorithms are
+ * mapped to %GNUTLS_SIGN_UNKNOWN.
+ *
+ * Returns: a #gnutls_sign_algorithm_t value
+ **/
+int gnutls_x509_crt_get_signature_algorithm(gnutls_x509_crt_t cert)
+{
+	return map_errs_to_zero(_gnutls_x509_get_signature_algorithm(cert->cert,
+						    "signatureAlgorithm"));
+}
+
+/**
+ * gnutls_x509_crt_get_signature_oid:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @oid: a pointer to a buffer to hold the OID (may be null)
+ * @oid_size: initially holds the size of @oid
+ *
+ * This function will return the OID of the signature algorithm
+ * that has been used to sign this certificate. This is function
+ * is useful in the case gnutls_x509_crt_get_signature_algorithm()
+ * returned %GNUTLS_SIGN_UNKNOWN.
+ *
+ * Returns: zero or a negative error code on error.
+ *
+ * Since: 3.5.0
+ **/
+int gnutls_x509_crt_get_signature_oid(gnutls_x509_crt_t cert, char *oid, size_t *oid_size)
+{
+	char str[MAX_OID_SIZE];
+	int len, result, ret;
+	gnutls_datum_t out;
+
+	len = sizeof(str);
+	result = asn1_read_value(cert->cert, "signatureAlgorithm.algorithm", str, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	out.data = (void*)str;
+	out.size = len;
+
+	ret = _gnutls_copy_string(&out, (void*)oid, oid_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_get_pk_oid:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @oid: a pointer to a buffer to hold the OID (may be null)
+ * @oid_size: initially holds the size of @oid
+ *
+ * This function will return the OID of the public key algorithm
+ * on that certificate. This is function
+ * is useful in the case gnutls_x509_crt_get_pk_algorithm()
+ * returned %GNUTLS_PK_UNKNOWN.
+ *
+ * Returns: zero or a negative error code on error.
+ *
+ * Since: 3.5.0
+ **/
+int gnutls_x509_crt_get_pk_oid(gnutls_x509_crt_t cert, char *oid, size_t *oid_size)
+{
+	char str[MAX_OID_SIZE];
+	int len, result, ret;
+	gnutls_datum_t out;
+
+	len = sizeof(str);
+	result = asn1_read_value(cert->cert, "tbsCertificate.subjectPublicKeyInfo.algorithm.algorithm", str, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	out.data = (void*)str;
+	out.size = len;
+
+	ret = _gnutls_copy_string(&out, (void*)oid, oid_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_get_signature:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @sig: a pointer where the signature part will be copied (may be null).
+ * @sig_size: initially holds the size of @sig
+ *
+ * This function will extract the signature field of a certificate.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_get_signature(gnutls_x509_crt_t cert,
+			      char *sig, size_t * sig_size)
+{
+	gnutls_datum_t dsig = {NULL, 0};
+	int ret;
+
+	if (cert == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = _gnutls_x509_get_signature(cert->cert, "signature", &dsig);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_copy_data(&dsig, (uint8_t*)sig, sig_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_free(dsig.data);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_get_version:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ *
+ * This function will return the version of the specified Certificate.
+ *
+ * Returns: version of certificate, or a negative error code on error.
+ **/
+int gnutls_x509_crt_get_version(gnutls_x509_crt_t cert)
+{
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_version(cert->cert, "tbsCertificate.version");
+}
+
+/**
+ * gnutls_x509_crt_get_activation_time:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ *
+ * This function will return the time this Certificate was or will be
+ * activated.
+ *
+ * Returns: activation time, or (time_t)-1 on error.
+ **/
+time_t gnutls_x509_crt_get_activation_time(gnutls_x509_crt_t cert)
+{
+	if (cert == NULL) {
+		gnutls_assert();
+		return (time_t) - 1;
+	}
+
+	return _gnutls_x509_get_time(cert->cert,
+				     "tbsCertificate.validity.notBefore",
+				     0);
+}
+
+/**
+ * gnutls_x509_crt_get_expiration_time:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ *
+ * This function will return the time this certificate was or will be
+ * expired.
+ *
+ * Returns: expiration time, or (time_t)-1 on error.
+ **/
+time_t gnutls_x509_crt_get_expiration_time(gnutls_x509_crt_t cert)
+{
+	if (cert == NULL) {
+		gnutls_assert();
+		return (time_t) - 1;
+	}
+
+	return _gnutls_x509_get_time(cert->cert,
+				     "tbsCertificate.validity.notAfter",
+				     0);
+}
+
+/**
+ * gnutls_x509_crt_get_private_key_usage_period:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @activation: The activation time
+ * @expiration: The expiration time
+ * @critical: the extension status
+ *
+ * This function will return the expiration and activation
+ * times of the private key of the certificate. It relies on
+ * the PKIX extension 2.5.29.16 being present.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the extension is not present, otherwise a negative error value.
+ **/
+int
+gnutls_x509_crt_get_private_key_usage_period(gnutls_x509_crt_t cert,
+					     time_t * activation,
+					     time_t * expiration,
+					     unsigned int *critical)
+{
+	int ret;
+	gnutls_datum_t der = { NULL, 0 };
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret =
+	    _gnutls_x509_crt_get_extension(cert, "2.5.29.16", 0, &der,
+					   critical);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (der.size == 0 || der.data == NULL)
+		return
+		    gnutls_assert_val
+		    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	ret = gnutls_x509_ext_import_private_key_usage_period(&der, activation, expiration);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+      cleanup:
+	_gnutls_free_datum(&der);
+
+	return ret;
+}
+
+
+/**
+ * gnutls_x509_crt_get_serial:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @result: The place where the serial number will be copied
+ * @result_size: Holds the size of the result field.
+ *
+ * This function will return the X.509 certificate's serial number.
+ * This is obtained by the X509 Certificate serialNumber field. Serial
+ * is not always a 32 or 64bit number. Some CAs use large serial
+ * numbers, thus it may be wise to handle it as something uint8_t.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_get_serial(gnutls_x509_crt_t cert, void *result,
+			   size_t * result_size)
+{
+	int ret, len;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	len = *result_size;
+	ret =
+	    asn1_read_value(cert->cert, "tbsCertificate.serialNumber",
+			    result, &len);
+	*result_size = len;
+
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_get_subject_key_id:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @ret: The place where the identifier will be copied
+ * @ret_size: Holds the size of the result field.
+ * @critical: will be non-zero if the extension is marked as critical (may be null)
+ *
+ * This function will return the X.509v3 certificate's subject key
+ * identifier.  This is obtained by the X.509 Subject Key identifier
+ * extension field (2.5.29.14).
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the extension is not present, otherwise a negative error value.
+ **/
+int
+gnutls_x509_crt_get_subject_key_id(gnutls_x509_crt_t cert, void *ret,
+				   size_t * ret_size,
+				   unsigned int *critical)
+{
+	int result;
+	gnutls_datum_t id = {NULL,0};
+	gnutls_datum_t der = {NULL, 0};
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (ret == NULL)
+		*ret_size = 0;
+
+	if ((result =
+	     _gnutls_x509_crt_get_extension(cert, "2.5.29.14", 0, &der,
+					    critical)) < 0) {
+		return result;
+	}
+
+	result = gnutls_x509_ext_import_subject_key_id(&der, &id);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_copy_data(&id, ret, ret_size);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+ cleanup:
+	gnutls_free(der.data);
+	gnutls_free(id.data);
+	return result;
+}
+
+inline static int is_type_printable(int type)
+{
+	if (type == GNUTLS_SAN_DNSNAME || type == GNUTLS_SAN_RFC822NAME ||
+	    type == GNUTLS_SAN_URI || type == GNUTLS_SAN_OTHERNAME_XMPP ||
+	    type == GNUTLS_SAN_OTHERNAME || type == GNUTLS_SAN_REGISTERED_ID)
+		return 1;
+	else
+		return 0;
+}
+
+/**
+ * gnutls_x509_crt_get_authority_key_gn_serial:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @seq: specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)
+ * @alt: is the place where the alternative name will be copied to
+ * @alt_size: holds the size of alt.
+ * @alt_type: holds the type of the alternative name (one of gnutls_x509_subject_alt_name_t).
+ * @serial: buffer to store the serial number (may be null)
+ * @serial_size: Holds the size of the serial field (may be null)
+ * @critical: will be non-zero if the extension is marked as critical (may be null)
+ *
+ * This function will return the X.509 authority key
+ * identifier when stored as a general name (authorityCertIssuer)
+ * and serial number.
+ *
+ * Because more than one general names might be stored
+ * @seq can be used as a counter to request them all until
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the extension is not present, otherwise a negative error value.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_x509_crt_get_authority_key_gn_serial(gnutls_x509_crt_t cert,
+					    unsigned int seq, void *alt,
+					    size_t * alt_size,
+					    unsigned int *alt_type,
+					    void *serial,
+					    size_t * serial_size,
+					    unsigned int *critical)
+{
+	int ret;
+	gnutls_datum_t der, san, iserial;
+	gnutls_x509_aki_t aki = NULL;
+	unsigned san_type;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((ret =
+	     _gnutls_x509_crt_get_extension(cert, "2.5.29.35", 0, &der,
+					    critical)) < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	if (der.size == 0 || der.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	ret = gnutls_x509_aki_init(&aki);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_ext_import_authority_key_id(&der, aki, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_aki_get_cert_issuer(aki, seq, &san_type, &san, NULL, &iserial);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (is_type_printable(san_type))
+		ret = _gnutls_copy_string(&san, alt, alt_size);
+	else
+		ret = _gnutls_copy_data(&san, alt, alt_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (alt_type)
+		*alt_type = san_type;
+
+	ret = _gnutls_copy_data(&iserial, serial, serial_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	if (aki != NULL)
+		gnutls_x509_aki_deinit(aki);
+	gnutls_free(der.data);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_get_authority_key_id:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @id: The place where the identifier will be copied
+ * @id_size: Holds the size of the id field.
+ * @critical: will be non-zero if the extension is marked as critical (may be null)
+ *
+ * This function will return the X.509v3 certificate authority's key
+ * identifier.  This is obtained by the X.509 Authority Key
+ * identifier extension field (2.5.29.35). Note that this function
+ * only returns the keyIdentifier field of the extension and
+ * %GNUTLS_E_X509_UNSUPPORTED_EXTENSION, if the extension contains
+ * the name and serial number of the certificate. In that case
+ * gnutls_x509_crt_get_authority_key_gn_serial() may be used.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the extension is not present, otherwise a negative error value.
+ **/
+int
+gnutls_x509_crt_get_authority_key_id(gnutls_x509_crt_t cert, void *id,
+				     size_t * id_size,
+				     unsigned int *critical)
+{
+	int ret;
+	gnutls_datum_t der, l_id;
+	gnutls_x509_aki_t aki = NULL;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((ret =
+	     _gnutls_x509_crt_get_extension(cert, "2.5.29.35", 0, &der,
+					    critical)) < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	if (der.size == 0 || der.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	ret = gnutls_x509_aki_init(&aki);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_ext_import_authority_key_id(&der, aki, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_aki_get_id(aki, &l_id);
+
+	if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		gnutls_datum_t serial;
+		ret = gnutls_x509_aki_get_cert_issuer(aki, 0, NULL, NULL, NULL, &serial);
+		if (ret >= 0) {
+			ret = gnutls_assert_val(GNUTLS_E_X509_UNSUPPORTED_EXTENSION);
+		} else {
+			ret = gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+		}
+	}
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_copy_data(&l_id, id, id_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	if (aki != NULL)
+		gnutls_x509_aki_deinit(aki);
+	gnutls_free(der.data);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_get_pk_algorithm:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @bits: if bits is non null it will hold the size of the parameters' in bits
+ *
+ * This function will return the public key algorithm of an X.509
+ * certificate.
+ *
+ * If bits is non null, it should have enough size to hold the parameters
+ * size in bits. For RSA the bits returned is the modulus.
+ * For DSA the bits returned are of the public
+ * exponent.
+ *
+ * Unknown/unsupported algorithms are mapped to %GNUTLS_PK_UNKNOWN.
+ *
+ * Returns: a member of the #gnutls_pk_algorithm_t enumeration on
+ * success, or a negative error code on error.
+ **/
+int
+gnutls_x509_crt_get_pk_algorithm(gnutls_x509_crt_t cert,
+				 unsigned int *bits)
+{
+	int result;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (bits)
+		*bits = 0;
+
+	result =
+	    _gnutls_x509_get_pk_algorithm(cert->cert,
+					  "tbsCertificate.subjectPublicKeyInfo",
+					  NULL,
+					  bits);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return result;
+}
+
+/**
+ * gnutls_x509_crt_get_spki:
+ * @cert: a certificate of type #gnutls_x509_crt_t
+ * @spki: a SubjectPublicKeyInfo structure of type #gnutls_x509_spki_t
+ * @flags: must be zero
+ *
+ * This function will return the public key information of an X.509
+ * certificate. The provided @spki must be initialized.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_x509_crt_get_spki(gnutls_x509_crt_t cert, gnutls_x509_spki_t spki, unsigned int flags)
+{
+	int result;
+	gnutls_x509_spki_st params;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+
+	spki->pk = gnutls_x509_crt_get_pk_algorithm(cert, NULL);
+
+	memset(&params, 0, sizeof(params));
+
+	result = _gnutls_x509_crt_read_spki_params(cert, &params);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	if (params.pk == GNUTLS_PK_UNKNOWN)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	spki->rsa_pss_dig = params.rsa_pss_dig;
+	spki->salt_size = params.salt_size;
+
+	return 0;
+}
+
+/* returns the type and the name on success.
+ * Type is also returned as a parameter in case of an error.
+ *
+ * @seq: in case of GeneralNames it will return the corresponding name.
+ *       in case of GeneralName, it must be -1
+ * @dname: the name returned
+ * @ret_type: The type of the name
+ * @othername_oid: if the name is otherName return the OID
+ *
+ */
+int
+_gnutls_parse_general_name2(asn1_node src, const char *src_name,
+			   int seq, gnutls_datum_t *dname,
+			   unsigned int *ret_type, int othername_oid)
+{
+	int len, ret;
+	char nptr[MAX_NAME_SIZE];
+	int result;
+	gnutls_datum_t tmp = {NULL, 0};
+	char choice_type[128];
+	gnutls_x509_subject_alt_name_t type;
+
+	if (seq != -1) {
+		seq++;	/* 0->1, 1->2 etc */
+
+		if (src_name[0] != 0)
+			snprintf(nptr, sizeof(nptr), "%s.?%d", src_name, seq);
+		else
+			snprintf(nptr, sizeof(nptr), "?%d", seq);
+	} else {
+		snprintf(nptr, sizeof(nptr), "%s", src_name);
+	}
+
+	len = sizeof(choice_type);
+	result = asn1_read_value(src, nptr, choice_type, &len);
+	if (result == ASN1_VALUE_NOT_FOUND
+	    || result == ASN1_ELEMENT_NOT_FOUND) {
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	type = _gnutls_x509_san_find_type(choice_type);
+	if (type == (gnutls_x509_subject_alt_name_t) - 1) {
+		gnutls_assert();
+		return GNUTLS_E_X509_UNKNOWN_SAN;
+	}
+
+	if (ret_type)
+		*ret_type = type;
+
+	if (type == GNUTLS_SAN_OTHERNAME) {
+		if (othername_oid)
+			_gnutls_str_cat(nptr, sizeof(nptr),
+					".otherName.type-id");
+		else
+			_gnutls_str_cat(nptr, sizeof(nptr),
+					".otherName.value");
+
+		ret = _gnutls_x509_read_value(src, nptr, &tmp);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		if (othername_oid) {
+			dname->size = tmp.size;
+			dname->data = tmp.data;
+		} else {
+			char oid[MAX_OID_SIZE];
+
+			if (src_name[0] != 0 && seq != -1)
+				snprintf(nptr, sizeof(nptr),
+					 "%s.?%d.otherName.type-id",
+					 src_name, seq);
+			else if (src_name[0] != 0)
+				snprintf(nptr, sizeof(nptr),
+					 "%s.otherName.type-id",
+					 src_name);
+			else
+				snprintf(nptr, sizeof(nptr),
+					 "?%d.otherName.type-id", seq);
+
+			len = sizeof(oid);
+
+			result = asn1_read_value(src, nptr, oid, &len);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				ret = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+			if (len > 0) len--;
+
+			dname->size = tmp.size;
+			dname->data = tmp.data;
+		}
+	} else if (type == GNUTLS_SAN_DN) {
+		_gnutls_str_cat(nptr, sizeof(nptr), ".directoryName");
+		ret = _gnutls_x509_get_dn(src, nptr, dname, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	} else if (othername_oid) {
+		gnutls_assert();
+		ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		goto cleanup;
+	} else {
+		_gnutls_str_cat(nptr, sizeof(nptr), ".");
+		_gnutls_str_cat(nptr, sizeof(nptr), choice_type);
+
+		ret = _gnutls_x509_read_null_value(src, nptr, &tmp);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		/* _gnutls_x509_read_value() null terminates */
+		dname->size = tmp.size;
+		dname->data = tmp.data;
+	}
+
+	return type;
+
+ cleanup:
+	gnutls_free(tmp.data);
+	return ret;
+}
+
+/* returns the type and the name on success.
+ * Type is also returned as a parameter in case of an error.
+ */
+int
+_gnutls_parse_general_name(asn1_node src, const char *src_name,
+			   int seq, void *name, size_t * name_size,
+			   unsigned int *ret_type, int othername_oid)
+{
+	int ret;
+	gnutls_datum_t res = {NULL,0};
+	unsigned type;
+
+	ret = _gnutls_parse_general_name2(src, src_name, seq, &res, ret_type, othername_oid);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	type = ret;
+
+	if (is_type_printable(type)) {
+		ret = _gnutls_copy_string(&res, name, name_size);
+	} else {
+		ret = _gnutls_copy_data(&res, name, name_size);
+	}
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = type;
+cleanup:
+	gnutls_free(res.data);
+	return ret;
+}
+
+static int
+get_alt_name(gnutls_subject_alt_names_t san,
+	     unsigned int seq, uint8_t *alt,
+	     size_t * alt_size, unsigned int *alt_type,
+	     unsigned int *critical, int othername_oid)
+{
+	int ret;
+	gnutls_datum_t ooid = {NULL, 0};
+	gnutls_datum_t oname;
+	gnutls_datum_t virt = {NULL, 0};
+	unsigned int type;
+
+	if (san == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	if (alt == NULL)
+		*alt_size = 0;
+
+	ret = gnutls_subject_alt_names_get(san, seq, &type, &oname, &ooid);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (type == GNUTLS_SAN_OTHERNAME && ooid.data) {
+		unsigned vtype;
+		ret = gnutls_x509_othername_to_virtual((char*)ooid.data, &oname, &vtype, &virt);
+		if (ret >= 0) {
+			type = vtype;
+			oname.data = virt.data;
+			oname.size = virt.size;
+		}
+	}
+
+	if (alt_type)
+		*alt_type = type;
+
+	if (othername_oid) {
+		ret = _gnutls_copy_string(&ooid, alt, alt_size);
+	} else {
+		if (is_type_printable(type)) {
+			ret = _gnutls_copy_string(&oname, alt, alt_size);
+		} else {
+			ret = _gnutls_copy_data(&oname, alt, alt_size);
+		}
+	}
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = type;
+cleanup:
+	gnutls_free(virt.data);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_get_subject_alt_name:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @seq: specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)
+ * @san: is the place where the alternative name will be copied to
+ * @san_size: holds the size of san.
+ * @critical: will be non-zero if the extension is marked as critical (may be null)
+ *
+ * This function retrieves the Alternative Name (2.5.29.17), contained
+ * in the given certificate in the X509v3 Certificate Extensions.
+ *
+ * When the SAN type is otherName, it will extract the data in the
+ * otherName's value field, and %GNUTLS_SAN_OTHERNAME is returned.
+ * You may use gnutls_x509_crt_get_subject_alt_othername_oid() to get
+ * the corresponding OID and the "virtual" SAN types (e.g.,
+ * %GNUTLS_SAN_OTHERNAME_XMPP).
+ *
+ * If an otherName OID is known, the data will be decoded.  Otherwise
+ * the returned data will be DER encoded, and you will have to decode
+ * it yourself.  Currently, only the RFC 3920 id-on-xmppAddr SAN is
+ * recognized.
+ *
+ * Returns: the alternative subject name type on success, one of the
+ *   enumerated #gnutls_x509_subject_alt_name_t.  It will return
+ *   %GNUTLS_E_SHORT_MEMORY_BUFFER if @san_size is not large enough to
+ *   hold the value.  In that case @san_size will be updated with the
+ *   required size.  If the certificate does not have an Alternative
+ *   name with the specified sequence number then
+ *   %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ **/
+int
+gnutls_x509_crt_get_subject_alt_name(gnutls_x509_crt_t cert,
+				     unsigned int seq, void *san,
+				     size_t * san_size,
+				     unsigned int *critical)
+{
+	return get_alt_name(cert->san, seq, san, san_size, NULL,
+			    critical, 0);
+}
+
+/**
+ * gnutls_x509_crt_get_issuer_alt_name:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @seq: specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)
+ * @ian: is the place where the alternative name will be copied to
+ * @ian_size: holds the size of ian.
+ * @critical: will be non-zero if the extension is marked as critical (may be null)
+ *
+ * This function retrieves the Issuer Alternative Name (2.5.29.18),
+ * contained in the given certificate in the X509v3 Certificate
+ * Extensions.
+ *
+ * When the SAN type is otherName, it will extract the data in the
+ * otherName's value field, and %GNUTLS_SAN_OTHERNAME is returned.
+ * You may use gnutls_x509_crt_get_subject_alt_othername_oid() to get
+ * the corresponding OID and the "virtual" SAN types (e.g.,
+ * %GNUTLS_SAN_OTHERNAME_XMPP).
+ *
+ * If an otherName OID is known, the data will be decoded.  Otherwise
+ * the returned data will be DER encoded, and you will have to decode
+ * it yourself.  Currently, only the RFC 3920 id-on-xmppAddr Issuer
+ * AltName is recognized.
+ *
+ * Returns: the alternative issuer name type on success, one of the
+ *   enumerated #gnutls_x509_subject_alt_name_t.  It will return
+ *   %GNUTLS_E_SHORT_MEMORY_BUFFER if @ian_size is not large enough
+ *   to hold the value.  In that case @ian_size will be updated with
+ *   the required size.  If the certificate does not have an
+ *   Alternative name with the specified sequence number then
+ *   %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ *
+ * Since: 2.10.0
+ **/
+int
+gnutls_x509_crt_get_issuer_alt_name(gnutls_x509_crt_t cert,
+				    unsigned int seq, void *ian,
+				    size_t * ian_size,
+				    unsigned int *critical)
+{
+	return get_alt_name(cert->ian, seq, ian, ian_size, NULL,
+			    critical, 0);
+}
+
+/**
+ * gnutls_x509_crt_get_subject_alt_name2:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @seq: specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)
+ * @san: is the place where the alternative name will be copied to
+ * @san_size: holds the size of ret.
+ * @san_type: holds the type of the alternative name (one of gnutls_x509_subject_alt_name_t).
+ * @critical: will be non-zero if the extension is marked as critical (may be null)
+ *
+ * This function will return the alternative names, contained in the
+ * given certificate. It is the same as
+ * gnutls_x509_crt_get_subject_alt_name() except for the fact that it
+ * will return the type of the alternative name in @san_type even if
+ * the function fails for some reason (i.e.  the buffer provided is
+ * not enough).
+ *
+ * Returns: the alternative subject name type on success, one of the
+ *   enumerated #gnutls_x509_subject_alt_name_t.  It will return
+ *   %GNUTLS_E_SHORT_MEMORY_BUFFER if @san_size is not large enough
+ *   to hold the value.  In that case @san_size will be updated with
+ *   the required size.  If the certificate does not have an
+ *   Alternative name with the specified sequence number then
+ *   %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ **/
+int
+gnutls_x509_crt_get_subject_alt_name2(gnutls_x509_crt_t cert,
+				      unsigned int seq, void *san,
+				      size_t * san_size,
+				      unsigned int *san_type,
+				      unsigned int *critical)
+{
+	return get_alt_name(cert->san, seq, san, san_size,
+			    san_type, critical, 0);
+}
+
+/**
+ * gnutls_x509_crt_get_issuer_alt_name2:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @seq: specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)
+ * @ian: is the place where the alternative name will be copied to
+ * @ian_size: holds the size of ret.
+ * @ian_type: holds the type of the alternative name (one of gnutls_x509_subject_alt_name_t).
+ * @critical: will be non-zero if the extension is marked as critical (may be null)
+ *
+ * This function will return the alternative names, contained in the
+ * given certificate. It is the same as
+ * gnutls_x509_crt_get_issuer_alt_name() except for the fact that it
+ * will return the type of the alternative name in @ian_type even if
+ * the function fails for some reason (i.e.  the buffer provided is
+ * not enough).
+ *
+ * Returns: the alternative issuer name type on success, one of the
+ *   enumerated #gnutls_x509_subject_alt_name_t.  It will return
+ *   %GNUTLS_E_SHORT_MEMORY_BUFFER if @ian_size is not large enough
+ *   to hold the value.  In that case @ian_size will be updated with
+ *   the required size.  If the certificate does not have an
+ *   Alternative name with the specified sequence number then
+ *   %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ *
+ * Since: 2.10.0
+ *
+ **/
+int
+gnutls_x509_crt_get_issuer_alt_name2(gnutls_x509_crt_t cert,
+				     unsigned int seq, void *ian,
+				     size_t * ian_size,
+				     unsigned int *ian_type,
+				     unsigned int *critical)
+{
+	return get_alt_name(cert->ian, seq, ian, ian_size,
+			    ian_type, critical, 0);
+}
+
+/**
+ * gnutls_x509_crt_get_subject_alt_othername_oid:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @seq: specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)
+ * @oid: is the place where the otherName OID will be copied to
+ * @oid_size: holds the size of ret.
+ *
+ * This function will extract the type OID of an otherName Subject
+ * Alternative Name, contained in the given certificate, and return
+ * the type as an enumerated element.
+ *
+ * This function is only useful if
+ * gnutls_x509_crt_get_subject_alt_name() returned
+ * %GNUTLS_SAN_OTHERNAME.
+ *
+ * If @oid is null then only the size will be filled. The @oid
+ * returned will be null terminated, although @oid_size will not
+ * account for the trailing null.
+ *
+ * Returns: the alternative subject name type on success, one of the
+ * enumerated gnutls_x509_subject_alt_name_t.  For supported OIDs, it
+ * will return one of the virtual (GNUTLS_SAN_OTHERNAME_*) types,
+ * e.g. %GNUTLS_SAN_OTHERNAME_XMPP, and %GNUTLS_SAN_OTHERNAME for
+ * unknown OIDs.  It will return %GNUTLS_E_SHORT_MEMORY_BUFFER if
+ * @ian_size is not large enough to hold the value.  In that case
+ * @ian_size will be updated with the required size.  If the
+ * certificate does not have an Alternative name with the specified
+ * sequence number and with the otherName type then
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ **/
+int
+gnutls_x509_crt_get_subject_alt_othername_oid(gnutls_x509_crt_t cert,
+					      unsigned int seq,
+					      void *oid, size_t * oid_size)
+{
+	return get_alt_name(cert->san, seq, oid, oid_size, NULL,
+			    NULL, 1);
+}
+
+/**
+ * gnutls_x509_crt_get_issuer_alt_othername_oid:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @seq: specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)
+ * @ret: is the place where the otherName OID will be copied to
+ * @ret_size: holds the size of ret.
+ *
+ * This function will extract the type OID of an otherName Subject
+ * Alternative Name, contained in the given certificate, and return
+ * the type as an enumerated element.
+ *
+ * If @oid is null then only the size will be filled. The @oid
+ * returned will be null terminated, although @oid_size will not
+ * account for the trailing null.
+ *
+ * This function is only useful if
+ * gnutls_x509_crt_get_issuer_alt_name() returned
+ * %GNUTLS_SAN_OTHERNAME.
+ *
+ * Returns: the alternative issuer name type on success, one of the
+ * enumerated gnutls_x509_subject_alt_name_t.  For supported OIDs, it
+ * will return one of the virtual (GNUTLS_SAN_OTHERNAME_*) types,
+ * e.g. %GNUTLS_SAN_OTHERNAME_XMPP, and %GNUTLS_SAN_OTHERNAME for
+ * unknown OIDs.  It will return %GNUTLS_E_SHORT_MEMORY_BUFFER if
+ * @ret_size is not large enough to hold the value.  In that case
+ * @ret_size will be updated with the required size.  If the
+ * certificate does not have an Alternative name with the specified
+ * sequence number and with the otherName type then
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ *
+ * Since: 2.10.0
+ **/
+int
+gnutls_x509_crt_get_issuer_alt_othername_oid(gnutls_x509_crt_t cert,
+					     unsigned int seq,
+					     void *ret, size_t * ret_size)
+{
+	return get_alt_name(cert->ian, seq, ret, ret_size, NULL,
+			    NULL, 1);
+}
+
+/**
+ * gnutls_x509_crt_get_basic_constraints:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @critical: will be non-zero if the extension is marked as critical
+ * @ca: pointer to output integer indicating CA status, may be NULL,
+ *   value is 1 if the certificate CA flag is set, 0 otherwise.
+ * @pathlen: pointer to output integer indicating path length (may be
+ *   NULL), non-negative error codes indicate a present pathLenConstraint
+ *   field and the actual value, -1 indicate that the field is absent.
+ *
+ * This function will read the certificate's basic constraints, and
+ * return the certificates CA status.  It reads the basicConstraints
+ * X.509 extension (2.5.29.19).
+ *
+ * Returns: If the certificate is a CA a positive value will be
+ * returned, or (0) if the certificate does not have CA flag set.  A
+ * negative error code may be returned in case of errors.  If the
+ * certificate does not contain the basicConstraints extension
+ * GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ **/
+int
+gnutls_x509_crt_get_basic_constraints(gnutls_x509_crt_t cert,
+				      unsigned int *critical,
+				      unsigned int *ca, int *pathlen)
+{
+	int result;
+	gnutls_datum_t basicConstraints;
+	unsigned int tmp_ca;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((result =
+	     _gnutls_x509_crt_get_extension(cert, "2.5.29.19", 0,
+					    &basicConstraints,
+					    critical)) < 0) {
+		return result;
+	}
+
+	if (basicConstraints.size == 0 || basicConstraints.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	result = gnutls_x509_ext_import_basic_constraints(&basicConstraints, &tmp_ca, pathlen);
+	if (ca)
+		*ca = tmp_ca;
+
+	_gnutls_free_datum(&basicConstraints);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return tmp_ca;
+}
+
+/**
+ * gnutls_x509_crt_get_ca_status:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @critical: will be non-zero if the extension is marked as critical
+ *
+ * This function will return certificates CA status, by reading the
+ * basicConstraints X.509 extension (2.5.29.19). If the certificate is
+ * a CA a positive value will be returned, or (0) if the certificate
+ * does not have CA flag set.
+ *
+ * Use gnutls_x509_crt_get_basic_constraints() if you want to read the
+ * pathLenConstraint field too.
+ *
+ * Returns: If the certificate is a CA a positive value will be
+ * returned, or (0) if the certificate does not have CA flag set.  A
+ * negative error code may be returned in case of errors.  If the
+ * certificate does not contain the basicConstraints extension
+ * GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ **/
+int
+gnutls_x509_crt_get_ca_status(gnutls_x509_crt_t cert,
+			      unsigned int *critical)
+{
+	int pathlen;
+	unsigned int ca;
+	return gnutls_x509_crt_get_basic_constraints(cert, critical, &ca,
+						     &pathlen);
+}
+
+/**
+ * gnutls_x509_crt_get_key_usage:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @key_usage: where the key usage bits will be stored
+ * @critical: will be non-zero if the extension is marked as critical
+ *
+ * This function will return certificate's key usage, by reading the
+ * keyUsage X.509 extension (2.5.29.15). The key usage value will ORed
+ * values of the: %GNUTLS_KEY_DIGITAL_SIGNATURE,
+ * %GNUTLS_KEY_NON_REPUDIATION, %GNUTLS_KEY_KEY_ENCIPHERMENT,
+ * %GNUTLS_KEY_DATA_ENCIPHERMENT, %GNUTLS_KEY_KEY_AGREEMENT,
+ * %GNUTLS_KEY_KEY_CERT_SIGN, %GNUTLS_KEY_CRL_SIGN,
+ * %GNUTLS_KEY_ENCIPHER_ONLY, %GNUTLS_KEY_DECIPHER_ONLY.
+ *
+ * Returns: zero on success, or a negative error code in case of
+ *   parsing error.  If the certificate does not contain the keyUsage
+ *   extension %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be
+ *   returned.
+ **/
+int
+gnutls_x509_crt_get_key_usage(gnutls_x509_crt_t cert,
+			      unsigned int *key_usage,
+			      unsigned int *critical)
+{
+	int result;
+	gnutls_datum_t keyUsage;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((result =
+	     _gnutls_x509_crt_get_extension(cert, "2.5.29.15", 0,
+					    &keyUsage, critical)) < 0) {
+		return result;
+	}
+
+	if (keyUsage.size == 0 || keyUsage.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	result = gnutls_x509_ext_import_key_usage(&keyUsage, key_usage);
+	_gnutls_free_datum(&keyUsage);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_get_inhibit_anypolicy:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @skipcerts: will hold the number of certificates after which anypolicy is no longer acceptable.
+ * @critical: will be non-zero if the extension is marked as critical
+ *
+ * This function will return certificate's value of the SkipCerts, i.e.,
+ * the Inhibit anyPolicy X.509 extension (2.5.29.54).
+ *
+ * The returned value is the number of additional certificates that
+ * may appear in the path before the anyPolicy is no longer acceptable.
+
+ * Returns: zero on success, or a negative error code in case of
+ *   parsing error.  If the certificate does not contain the Inhibit anyPolicy
+ *   extension %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be
+ *   returned.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_x509_crt_get_inhibit_anypolicy(gnutls_x509_crt_t cert,
+			      unsigned int *skipcerts,
+			      unsigned int *critical)
+{
+	int ret;
+	gnutls_datum_t ext;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((ret =
+	     _gnutls_x509_crt_get_extension(cert, "2.5.29.54", 0,
+					    &ext, critical)) < 0) {
+		return ret;
+	}
+
+	if (ext.size == 0 || ext.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	ret = gnutls_x509_ext_import_key_usage(&ext, skipcerts);
+	_gnutls_free_datum(&ext);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_get_proxy:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @critical: will be non-zero if the extension is marked as critical
+ * @pathlen: pointer to output integer indicating path length (may be
+ *   NULL), non-negative error codes indicate a present pCPathLenConstraint
+ *   field and the actual value, -1 indicate that the field is absent.
+ * @policyLanguage: output variable with OID of policy language
+ * @policy: output variable with policy data
+ * @sizeof_policy: output variable size of policy data
+ *
+ * This function will get information from a proxy certificate.  It
+ * reads the ProxyCertInfo X.509 extension (1.3.6.1.5.5.7.1.14).
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int
+gnutls_x509_crt_get_proxy(gnutls_x509_crt_t cert,
+			  unsigned int *critical,
+			  int *pathlen,
+			  char **policyLanguage,
+			  char **policy, size_t * sizeof_policy)
+{
+	int result;
+	gnutls_datum_t proxyCertInfo;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((result =
+	     _gnutls_x509_crt_get_extension(cert, "1.3.6.1.5.5.7.1.14", 0,
+					    &proxyCertInfo, critical)) < 0)
+	{
+		return result;
+	}
+
+	if (proxyCertInfo.size == 0 || proxyCertInfo.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	result = gnutls_x509_ext_import_proxy(&proxyCertInfo, pathlen,
+							policyLanguage,
+							policy,
+							sizeof_policy);
+	_gnutls_free_datum(&proxyCertInfo);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+
+/**
+ * gnutls_x509_policy_release:
+ * @policy: a certificate policy
+ *
+ * This function will deinitialize all memory associated with the provided
+ * @policy. The policy is allocated using gnutls_x509_crt_get_policy().
+ *
+ * Since: 3.1.5
+ **/
+void gnutls_x509_policy_release(struct gnutls_x509_policy_st *policy)
+{
+	unsigned i;
+
+	gnutls_free(policy->oid);
+	for (i = 0; i < policy->qualifiers; i++)
+		gnutls_free(policy->qualifier[i].data);
+}
+
+
+/**
+ * gnutls_x509_crt_get_policy:
+ * @crt: should contain a #gnutls_x509_crt_t type
+ * @indx: This specifies which policy to return. Use (0) to get the first one.
+ * @policy: A pointer to a policy structure.
+ * @critical: will be non-zero if the extension is marked as critical
+ *
+ * This function will extract the certificate policy (extension 2.5.29.32)
+ * specified by the given index.
+ *
+ * The policy returned by this function must be deinitialized by using
+ * gnutls_x509_policy_release().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the extension is not present, otherwise a negative error value.
+ *
+ * Since: 3.1.5
+ **/
+int
+gnutls_x509_crt_get_policy(gnutls_x509_crt_t crt, unsigned indx,
+			   struct gnutls_x509_policy_st *policy,
+			   unsigned int *critical)
+{
+	gnutls_datum_t tmpd = { NULL, 0 };
+	int ret;
+	gnutls_x509_policies_t policies = NULL;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	memset(policy, 0, sizeof(*policy));
+
+	ret = gnutls_x509_policies_init(&policies);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if ((ret =
+	     _gnutls_x509_crt_get_extension(crt, "2.5.29.32", 0, &tmpd,
+					    critical)) < 0) {
+		goto cleanup;
+	}
+
+	if (tmpd.size == 0 || tmpd.data == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_ext_import_policies(&tmpd, policies, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_policies_get(policies, indx, policy);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	_gnutls_x509_policies_erase(policies, indx);
+
+	ret = 0;
+
+ cleanup:
+	if (policies != NULL)
+		gnutls_x509_policies_deinit(policies);
+	_gnutls_free_datum(&tmpd);
+
+	return ret;
+}
+
+
+/**
+ * gnutls_x509_crt_get_extension_by_oid:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @oid: holds an Object Identified in null terminated string
+ * @indx: In case multiple same OIDs exist in the extensions, this specifies which to send. Use (0) to get the first one.
+ * @buf: a pointer to a structure to hold the name (may be null)
+ * @buf_size: initially holds the size of @buf
+ * @critical: will be non-zero if the extension is marked as critical
+ *
+ * This function will return the extension specified by the OID in the
+ * certificate.  The extensions will be returned as binary data DER
+ * encoded, in the provided buffer.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned. If the certificate does not
+ *   contain the specified extension
+ *   GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ **/
+int
+gnutls_x509_crt_get_extension_by_oid(gnutls_x509_crt_t cert,
+				     const char *oid, unsigned indx,
+				     void *buf, size_t * buf_size,
+				     unsigned int *critical)
+{
+	int result;
+	gnutls_datum_t output;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((result =
+	     _gnutls_x509_crt_get_extension(cert, oid, indx, &output,
+					    critical)) < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	if (output.size == 0 || output.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	if (output.size > (unsigned int) *buf_size) {
+		*buf_size = output.size;
+		_gnutls_free_datum(&output);
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	*buf_size = output.size;
+
+	if (buf)
+		memcpy(buf, output.data, output.size);
+
+	_gnutls_free_datum(&output);
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_get_extension_by_oid2:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @oid: holds an Object Identified in null terminated string
+ * @indx: In case multiple same OIDs exist in the extensions, this specifies which to send. Use (0) to get the first one.
+ * @output: will hold the allocated extension data
+ * @critical: will be non-zero if the extension is marked as critical
+ *
+ * This function will return the extension specified by the OID in the
+ * certificate.  The extensions will be returned as binary data DER
+ * encoded, in the provided buffer.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned. If the certificate does not
+ *   contain the specified extension
+ *   GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
+ *
+ * Since: 3.3.8
+ **/
+int
+gnutls_x509_crt_get_extension_by_oid2(gnutls_x509_crt_t cert,
+				     const char *oid, unsigned indx,
+				     gnutls_datum_t *output,
+				     unsigned int *critical)
+{
+	int ret;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((ret =
+	     _gnutls_x509_crt_get_extension(cert, oid, indx, output,
+					    critical)) < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	if (output->size == 0 || output->data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_get_extension_oid:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @indx: Specifies which extension OID to send. Use (0) to get the first one.
+ * @oid: a pointer to a structure to hold the OID (may be null)
+ * @oid_size: initially holds the size of @oid
+ *
+ * This function will return the requested extension OID in the certificate.
+ * The extension OID will be stored as a string in the provided buffer.
+ *
+ * The @oid returned will be null terminated, although @oid_size will not
+ * account for the trailing null.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.  If you have reached the
+ *   last extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ *   will be returned.
+ **/
+int
+gnutls_x509_crt_get_extension_oid(gnutls_x509_crt_t cert, unsigned indx,
+				  void *oid, size_t * oid_size)
+{
+	int result;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result =
+	    _gnutls_x509_crt_get_extension_oid(cert, indx, oid, oid_size);
+	if (result < 0) {
+		return result;
+	}
+
+	return 0;
+
+}
+
+/**
+ * gnutls_x509_crt_get_extension_info:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @indx: Specifies which extension OID to send. Use (0) to get the first one.
+ * @oid: a pointer to a structure to hold the OID
+ * @oid_size: initially holds the maximum size of @oid, on return
+ *   holds actual size of @oid.
+ * @critical: output variable with critical flag, may be NULL.
+ *
+ * This function will return the requested extension OID in the
+ * certificate, and the critical flag for it.  The extension OID will
+ * be stored as a string in the provided buffer.  Use
+ * gnutls_x509_crt_get_extension() to extract the data.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * @oid_size is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER will be
+ * returned. The @oid returned will be null terminated, although
+ * @oid_size will not account for the trailing null (the latter is not
+ * true for GnuTLS prior to 3.6.0).
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.  If you have reached the
+ *   last extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ *   will be returned.
+ **/
+int
+gnutls_x509_crt_get_extension_info(gnutls_x509_crt_t cert, unsigned indx,
+				   void *oid, size_t * oid_size,
+				   unsigned int *critical)
+{
+	int result;
+	char str_critical[10];
+	char name[MAX_NAME_SIZE];
+	int len;
+
+	if (!cert) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	snprintf(name, sizeof(name),
+		 "tbsCertificate.extensions.?%u.extnID", indx + 1);
+
+	len = *oid_size;
+	result = asn1_read_value(cert->cert, name, oid, &len);
+	*oid_size = len;
+
+	if (result == ASN1_ELEMENT_NOT_FOUND)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	else if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* remove any trailing null */
+	if (oid && len > 0 && ((uint8_t*)oid)[len-1] == 0)
+		(*oid_size)--;
+
+	if (critical) {
+		snprintf(name, sizeof(name),
+			 "tbsCertificate.extensions.?%u.critical", indx + 1);
+		len = sizeof(str_critical);
+		result = asn1_read_value(cert->cert, name, str_critical, &len);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+		if (str_critical[0] == 'T')
+			*critical = 1;
+		else
+			*critical = 0;
+	}
+
+	return 0;
+
+}
+
+/**
+ * gnutls_x509_crt_get_extension_data:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @indx: Specifies which extension OID to send. Use (0) to get the first one.
+ * @data: a pointer to a structure to hold the data (may be null)
+ * @sizeof_data: initially holds the size of @data
+ *
+ * This function will return the requested extension data in the
+ * certificate.  The extension data will be stored in the
+ * provided buffer.
+ *
+ * Use gnutls_x509_crt_get_extension_info() to extract the OID and
+ * critical flag.  Use gnutls_x509_crt_get_extension_by_oid() instead,
+ * if you want to get data indexed by the extension OID rather than
+ * sequence.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.  If you have reached the
+ *   last extension available %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ *   will be returned.
+ **/
+int
+gnutls_x509_crt_get_extension_data(gnutls_x509_crt_t cert, unsigned indx,
+				   void *data, size_t * sizeof_data)
+{
+	int result, len;
+	char name[MAX_NAME_SIZE];
+
+	if (!cert) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	snprintf(name, sizeof(name),
+		 "tbsCertificate.extensions.?%u.extnValue", indx + 1);
+
+	len = *sizeof_data;
+	result = asn1_read_value(cert->cert, name, data, &len);
+	*sizeof_data = len;
+
+	if (result == ASN1_ELEMENT_NOT_FOUND) {
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	} else if (result == ASN1_MEM_ERROR && data == NULL) {
+		/* normally we should return GNUTLS_E_SHORT_MEMORY_BUFFER,
+		 * but we haven't done that for long time, so use
+		 * backwards compatible behavior */
+		return 0;
+	} else if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_get_raw_issuer_dn:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @dn: will hold the starting point of the DN
+ *
+ * This function will return a pointer to the DER encoded DN structure
+ * and the length. This points to allocated data that must be free'd using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.or a negative error code on error.
+ *
+ **/
+int
+gnutls_x509_crt_get_raw_issuer_dn(gnutls_x509_crt_t cert,
+				  gnutls_datum_t * dn)
+{
+	if (cert->raw_issuer_dn.size > 0 && cert->modified == 0) {
+		return _gnutls_set_datum(dn, cert->raw_issuer_dn.data,
+					 cert->raw_issuer_dn.size);
+	} else {
+		return _gnutls_x509_get_raw_field(cert->cert, "tbsCertificate.issuer.rdnSequence", dn);
+	}
+}
+
+/**
+ * gnutls_x509_crt_get_raw_dn:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @dn: will hold the starting point of the DN
+ *
+ * This function will return a pointer to the DER encoded DN structure and
+ * the length. This points to allocated data that must be free'd using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value. or a negative error code on error.
+ *
+ **/
+int gnutls_x509_crt_get_raw_dn(gnutls_x509_crt_t cert, gnutls_datum_t * dn)
+{
+	if (cert->raw_dn.size > 0 && cert->modified == 0) {
+		return _gnutls_set_datum(dn, cert->raw_dn.data, cert->raw_dn.size);
+	} else {
+		return _gnutls_x509_get_raw_field(cert->cert, "tbsCertificate.subject.rdnSequence", dn);
+	}
+}
+
+static int
+get_dn(gnutls_x509_crt_t cert, const char *whom, gnutls_x509_dn_t * dn, unsigned subject)
+{
+	gnutls_x509_dn_st *store;
+
+	if (subject)
+		store = &cert->dn;
+	else
+		store = &cert->idn;
+
+	store->asn = asn1_find_node(cert->cert, whom);
+	if (!store->asn)
+		return GNUTLS_E_ASN1_ELEMENT_NOT_FOUND;
+
+	*dn = store;
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_get_subject:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @dn: output variable with pointer to uint8_t DN.
+ *
+ * Return the Certificate's Subject DN as a %gnutls_x509_dn_t data type,
+ * that can be decoded using gnutls_x509_dn_get_rdn_ava().
+ *
+ * Note that @dn should be treated as constant. Because it points
+ * into the @cert object, you should not use @dn after @cert is
+ * deallocated.
+ *
+ * Returns: Returns 0 on success, or an error code.
+ **/
+int
+gnutls_x509_crt_get_subject(gnutls_x509_crt_t cert, gnutls_x509_dn_t * dn)
+{
+	return get_dn(cert, "tbsCertificate.subject.rdnSequence", dn, 1);
+}
+
+/**
+ * gnutls_x509_crt_get_issuer:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @dn: output variable with pointer to uint8_t DN
+ *
+ * Return the Certificate's Issuer DN as a %gnutls_x509_dn_t data type,
+ * that can be decoded using gnutls_x509_dn_get_rdn_ava().
+ *
+ * Note that @dn should be treated as constant. Because it points
+ * into the @cert object, you should not use @dn after @cert is
+ * deallocated.
+ *
+ * Returns: Returns 0 on success, or an error code.
+ **/
+int
+gnutls_x509_crt_get_issuer(gnutls_x509_crt_t cert, gnutls_x509_dn_t * dn)
+{
+	return get_dn(cert, "tbsCertificate.issuer.rdnSequence", dn, 0);
+}
+
+/**
+ * gnutls_x509_crt_get_fingerprint:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @algo: is a digest algorithm
+ * @buf: a pointer to a structure to hold the fingerprint (may be null)
+ * @buf_size: initially holds the size of @buf
+ *
+ * This function will calculate and copy the certificate's fingerprint
+ * in the provided buffer. The fingerprint is a hash of the DER-encoded
+ * data of the certificate.
+ *
+ * If the buffer is null then only the size will be filled.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is
+ *   not long enough, and in that case the *buf_size will be updated
+ *   with the required size.  On success 0 is returned.
+ **/
+int
+gnutls_x509_crt_get_fingerprint(gnutls_x509_crt_t cert,
+				gnutls_digest_algorithm_t algo,
+				void *buf, size_t * buf_size)
+{
+	uint8_t *cert_buf;
+	int cert_buf_size;
+	int result;
+	gnutls_datum_t tmp;
+
+	if (buf_size == 0 || cert == NULL) {
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	cert_buf_size = 0;
+	result = asn1_der_coding(cert->cert, "", NULL, &cert_buf_size, NULL);
+	if (result != ASN1_MEM_ERROR) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	cert_buf = gnutls_malloc(cert_buf_size);
+	if (cert_buf == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	result =
+	    asn1_der_coding(cert->cert, "", cert_buf, &cert_buf_size,
+			    NULL);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(cert_buf);
+		return _gnutls_asn2err(result);
+	}
+
+	tmp.data = cert_buf;
+	tmp.size = cert_buf_size;
+
+	result = gnutls_fingerprint(algo, &tmp, buf, buf_size);
+	gnutls_free(cert_buf);
+
+	return result;
+}
+
+/**
+ * gnutls_x509_crt_export:
+ * @cert: Holds the certificate
+ * @format: the format of output params. One of PEM or DER.
+ * @output_data: will contain a certificate PEM or DER encoded
+ * @output_data_size: holds the size of output_data (and will be
+ *   replaced by the actual size of parameters)
+ *
+ * This function will export the certificate to DER or PEM format.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will
+ * be returned.
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN CERTIFICATE".
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and 0 on success.
+ **/
+int
+gnutls_x509_crt_export(gnutls_x509_crt_t cert,
+		       gnutls_x509_crt_fmt_t format, void *output_data,
+		       size_t * output_data_size)
+{
+	gnutls_datum_t out;
+	int ret;
+
+	ret = gnutls_x509_crt_export2(cert, format, &out);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (format == GNUTLS_X509_FMT_PEM)
+		ret = _gnutls_copy_string(&out, (uint8_t*)output_data, output_data_size);
+	else
+		ret = _gnutls_copy_data(&out, (uint8_t*)output_data, output_data_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_free(out.data);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_export2:
+ * @cert: Holds the certificate
+ * @format: the format of output params. One of PEM or DER.
+ * @out: will contain a certificate PEM or DER encoded
+ *
+ * This function will export the certificate to DER or PEM format.
+ * The output buffer is allocated using gnutls_malloc().
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN CERTIFICATE".
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and 0 on success.
+ *
+ * Since: 3.1.3
+ **/
+int
+gnutls_x509_crt_export2(gnutls_x509_crt_t cert,
+			gnutls_x509_crt_fmt_t format, gnutls_datum_t * out)
+{
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (!cert->modified && cert->der.size) {
+		if (format == GNUTLS_X509_FMT_DER)
+			return _gnutls_set_datum(out, cert->der.data, cert->der.size);
+		else {
+			int ret = _gnutls_fbase64_encode(PEM_X509_CERT2,
+							 cert->der.data,
+							 cert->der.size,
+							 out);
+			if (ret < 0)
+				return ret;
+			return 0;
+		}
+	}
+
+	return _gnutls_x509_export_int2(cert->cert, format, PEM_X509_CERT2,
+					out);
+}
+
+int
+_gnutls_get_key_id(gnutls_pk_params_st * params,
+		   unsigned char *output_data, size_t * output_data_size,
+		   unsigned flags)
+{
+	int ret = 0;
+	gnutls_datum_t der = { NULL, 0 };
+	gnutls_digest_algorithm_t hash = GNUTLS_DIG_SHA1;
+	unsigned int digest_len;
+
+	if ((flags & GNUTLS_KEYID_USE_SHA512) || (flags & GNUTLS_KEYID_USE_BEST_KNOWN))
+		hash = GNUTLS_DIG_SHA512;
+	else if (flags & GNUTLS_KEYID_USE_SHA256)
+		hash = GNUTLS_DIG_SHA256;
+
+	digest_len =
+	    _gnutls_hash_get_algo_len(hash_to_entry(hash));
+
+	if (output_data == NULL || *output_data_size < digest_len) {
+		gnutls_assert();
+		*output_data_size = digest_len;
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+	ret = _gnutls_x509_encode_PKI_params(&der, params);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = _gnutls_hash_fast(hash, der.data, der.size, output_data);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	*output_data_size = digest_len;
+
+	ret = 0;
+
+      cleanup:
+
+	_gnutls_free_datum(&der);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_get_key_id:
+ * @crt: Holds the certificate
+ * @flags: should be one of the flags from %gnutls_keyid_flags_t
+ * @output_data: will contain the key ID
+ * @output_data_size: holds the size of output_data (and will be
+ *   replaced by the actual size of parameters)
+ *
+ * This function will return a unique ID that depends on the public
+ * key parameters. This ID can be used in checking whether a
+ * certificate corresponds to the given private key.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will
+ * be returned.  The output will normally be a SHA-1 hash output,
+ * which is 20 bytes.
+ *
+ * Returns: In case of failure a negative error code will be
+ *   returned, and 0 on success.
+ **/
+int
+gnutls_x509_crt_get_key_id(gnutls_x509_crt_t crt, unsigned int flags,
+			   unsigned char *output_data,
+			   size_t * output_data_size)
+{
+	int ret = 0;
+	gnutls_pk_params_st params;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* initializes params */
+	ret = _gnutls_x509_crt_get_mpis(crt, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_get_key_id(&params, output_data, output_data_size, flags);
+
+	gnutls_pk_params_release(&params);
+
+	return ret;
+}
+
+static int
+crl_issuer_matches(gnutls_x509_crl_t crl, gnutls_x509_crt_t cert)
+{
+	if (_gnutls_x509_compare_raw_dn
+	    (&crl->raw_issuer_dn, &cert->raw_issuer_dn) != 0)
+		return 1;
+	else
+		return 0;
+}
+
+/* This is exactly as gnutls_x509_crt_check_revocation() except that
+ * it calls func.
+ */
+int
+_gnutls_x509_crt_check_revocation(gnutls_x509_crt_t cert,
+				  const gnutls_x509_crl_t * crl_list,
+				  int crl_list_length,
+				  gnutls_verify_output_function func)
+{
+	uint8_t serial[128];
+	uint8_t cert_serial[128];
+	size_t serial_size, cert_serial_size;
+	int ret, j;
+	gnutls_x509_crl_iter_t iter = NULL;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	for (j = 0; j < crl_list_length; j++) {	/* do for all the crls */
+
+		/* Step 1. check if issuer's DN match
+		 */
+		ret = crl_issuer_matches(crl_list[j], cert);
+		if (ret == 0) {
+			/* issuers do not match so don't even
+			 * bother checking.
+			 */
+			gnutls_assert();
+			continue;
+		}
+
+		/* Step 2. Read the certificate's serial number
+		 */
+		cert_serial_size = sizeof(cert_serial);
+		ret =
+		    gnutls_x509_crt_get_serial(cert, cert_serial,
+					       &cert_serial_size);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+
+		/* Step 3. cycle through the CRL serials and compare with
+		 *   certificate serial we have.
+		 */
+
+		iter = NULL;
+		do {
+			serial_size = sizeof(serial);
+			ret =
+			    gnutls_x509_crl_iter_crt_serial(crl_list[j],
+							    &iter,
+							    serial,
+							    &serial_size,
+							    NULL);
+			if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+				break;
+			} else if (ret < 0) {
+				gnutls_assert();
+				goto fail;
+			}
+
+			if (serial_size == cert_serial_size) {
+				if (memcmp
+				    (serial, cert_serial,
+				     serial_size) == 0) {
+					/* serials match */
+					if (func)
+						func(cert, NULL,
+						     crl_list[j],
+						     GNUTLS_CERT_REVOKED |
+						     GNUTLS_CERT_INVALID);
+					ret = 1;	/* revoked! */
+					goto fail;
+				}
+			}
+		} while(1);
+
+		gnutls_x509_crl_iter_deinit(iter);
+		iter = NULL;
+
+		if (func)
+			func(cert, NULL, crl_list[j], 0);
+
+	}
+	return 0;		/* not revoked. */
+
+ fail:
+	gnutls_x509_crl_iter_deinit(iter);
+	return ret;
+}
+
+
+/**
+ * gnutls_x509_crt_check_revocation:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @crl_list: should contain a list of gnutls_x509_crl_t types
+ * @crl_list_length: the length of the crl_list
+ *
+ * This function will check if the given certificate is
+ * revoked.  It is assumed that the CRLs have been verified before.
+ *
+ * Returns: 0 if the certificate is NOT revoked, and 1 if it is.  A
+ * negative error code is returned on error.
+ **/
+int
+gnutls_x509_crt_check_revocation(gnutls_x509_crt_t cert,
+				 const gnutls_x509_crl_t * crl_list,
+				 unsigned crl_list_length)
+{
+	return _gnutls_x509_crt_check_revocation(cert, crl_list,
+						 crl_list_length, NULL);
+}
+
+/**
+ * gnutls_x509_crt_check_key_purpose:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @purpose: a key purpose OID (e.g., %GNUTLS_KP_CODE_SIGNING)
+ * @flags: zero or %GNUTLS_KP_FLAG_DISALLOW_ANY
+ *
+ * This function will check whether the given certificate matches
+ * the provided key purpose. If @flags contains %GNUTLS_KP_FLAG_ALLOW_ANY then
+ * it a certificate marked for any purpose will not match.
+ *
+ * Returns: zero if the key purpose doesn't match, and non-zero otherwise.
+ *
+ * Since: 3.5.6
+ **/
+unsigned
+gnutls_x509_crt_check_key_purpose(gnutls_x509_crt_t cert,
+				 const char *purpose,
+				 unsigned flags)
+{
+	return _gnutls_check_key_purpose(cert, purpose, (flags&GNUTLS_KP_FLAG_DISALLOW_ANY)?1:0);
+}
+
+/**
+ * gnutls_x509_crt_get_preferred_hash_algorithm:
+ * @crt: Holds the certificate
+ * @hash: The result of the call with the hash algorithm used for signature
+ * @mand: If non-zero it means that the algorithm MUST use this hash. May be %NULL.
+ *
+ * This function will read the certificate and return the appropriate digest
+ * algorithm to use for signing with this certificate. Some certificates (i.e.
+ * DSA might not be able to sign without the preferred algorithm).
+ *
+ * Deprecated: Please use gnutls_pubkey_get_preferred_hash_algorithm().
+ *
+ * Returns: the 0 if the hash algorithm is found. A negative error code is
+ * returned on error.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_x509_crt_get_preferred_hash_algorithm(gnutls_x509_crt_t crt,
+					     gnutls_digest_algorithm_t *
+					     hash, unsigned int *mand)
+{
+	int ret;
+	gnutls_pubkey_t pubkey;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_pubkey_init(&pubkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pubkey_import_x509(pubkey, crt, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_get_preferred_hash_algorithm(pubkey, hash, mand);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+ cleanup:
+	gnutls_pubkey_deinit(pubkey);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_get_crl_dist_points:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @seq: specifies the sequence number of the distribution point (0 for the first one, 1 for the second etc.)
+ * @san: is the place where the distribution point will be copied to
+ * @san_size: holds the size of ret.
+ * @reason_flags: Revocation reasons. An ORed sequence of flags from %gnutls_x509_crl_reason_flags_t.
+ * @critical: will be non-zero if the extension is marked as critical (may be null)
+ *
+ * This function retrieves the CRL distribution points (2.5.29.31),
+ * contained in the given certificate in the X509v3 Certificate
+ * Extensions.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER and updates @ret_size if
+ *   @ret_size is not enough to hold the distribution point, or the
+ *   type of the distribution point if everything was ok. The type is
+ *   one of the enumerated %gnutls_x509_subject_alt_name_t.  If the
+ *   certificate does not have an Alternative name with the specified
+ *   sequence number then %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is
+ *   returned.
+ **/
+int
+gnutls_x509_crt_get_crl_dist_points(gnutls_x509_crt_t cert,
+				    unsigned int seq, void *san,
+				    size_t * san_size,
+				    unsigned int *reason_flags,
+				    unsigned int *critical)
+{
+	int ret;
+	gnutls_datum_t dist_points = { NULL, 0 };
+	unsigned type;
+	gnutls_x509_crl_dist_points_t cdp = NULL;
+	gnutls_datum_t t_san;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_x509_crl_dist_points_init(&cdp);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (reason_flags)
+		*reason_flags = 0;
+
+	ret =
+	    _gnutls_x509_crt_get_extension(cert, "2.5.29.31", 0,
+					   &dist_points, critical);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (dist_points.size == 0 || dist_points.data == NULL) {
+		gnutls_assert();
+		ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_ext_import_crl_dist_points(&dist_points, cdp, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_crl_dist_points_get(cdp, seq, &type, &t_san, reason_flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_copy_string(&t_san, san, san_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = type;
+
+ cleanup:
+	_gnutls_free_datum(&dist_points);
+	if (cdp != NULL)
+		gnutls_x509_crl_dist_points_deinit(cdp);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_get_key_purpose_oid:
+ * @cert: should contain a #gnutls_x509_crt_t type
+ * @indx: This specifies which OID to return. Use (0) to get the first one.
+ * @oid: a pointer to a buffer to hold the OID (may be null)
+ * @oid_size: initially holds the size of @oid
+ * @critical: output flag to indicate criticality of extension
+ *
+ * This function will extract the key purpose OIDs of the Certificate
+ * specified by the given index.  These are stored in the Extended Key
+ * Usage extension (2.5.29.37) See the GNUTLS_KP_* definitions for
+ * human readable names.
+ *
+ * If @oid is null then only the size will be filled. The @oid
+ * returned will be null terminated, although @oid_size will not
+ * account for the trailing null.
+ *
+ * Returns: %GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is
+ *   not long enough, and in that case the *oid_size will be updated
+ *   with the required size.  On success 0 is returned.
+ **/
+int
+gnutls_x509_crt_get_key_purpose_oid(gnutls_x509_crt_t cert,
+				    unsigned indx, void *oid, size_t * oid_size,
+				    unsigned int *critical)
+{
+	int ret;
+	gnutls_datum_t ext;
+	gnutls_x509_key_purposes_t p = NULL;
+	gnutls_datum_t out;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (oid)
+		memset(oid, 0, *oid_size);
+	else
+		*oid_size = 0;
+
+	if ((ret =
+	     _gnutls_x509_crt_get_extension(cert, "2.5.29.37", 0, &ext,
+					    critical)) < 0) {
+		return ret;
+	}
+
+	if (ext.size == 0 || ext.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	ret = gnutls_x509_key_purpose_init(&p);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_ext_import_key_purposes(&ext, p, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_key_purpose_get(p, indx, &out);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_copy_string(&out, oid, oid_size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+ cleanup:
+	gnutls_free(ext.data);
+	if (p!=NULL)
+		gnutls_x509_key_purpose_deinit(p);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_get_pk_rsa_raw:
+ * @crt: Holds the certificate
+ * @m: will hold the modulus
+ * @e: will hold the public exponent
+ *
+ * This function will export the RSA public key's parameters found in
+ * the given structure.  The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ **/
+int
+gnutls_x509_crt_get_pk_rsa_raw(gnutls_x509_crt_t crt,
+			       gnutls_datum_t * m, gnutls_datum_t * e)
+{
+	int ret;
+	gnutls_pubkey_t pubkey;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_pubkey_init(&pubkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pubkey_import_x509(pubkey, crt, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_export_rsa_raw(pubkey, m, e);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+ cleanup:
+	gnutls_pubkey_deinit(pubkey);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_get_pk_ecc_raw:
+ * @crt: Holds the certificate
+ * @curve: will hold the curve
+ * @x: will hold the x-coordinate
+ * @y: will hold the y-coordinate
+ *
+ * This function will export the ECC public key's parameters found in
+ * the given certificate.  The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * In EdDSA curves the @y parameter will be %NULL and the other parameters
+ * will be in the native format for the curve.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.4.1
+ **/
+int
+gnutls_x509_crt_get_pk_ecc_raw(gnutls_x509_crt_t crt,
+			       gnutls_ecc_curve_t *curve,
+			       gnutls_datum_t *x, gnutls_datum_t *y)
+{
+	int ret;
+	gnutls_pubkey_t pubkey;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_pubkey_init(&pubkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pubkey_import_x509(pubkey, crt, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_export_ecc_raw(pubkey, curve, x, y);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+ cleanup:
+	gnutls_pubkey_deinit(pubkey);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_get_pk_gost_raw:
+ * @crt: Holds the certificate
+ * @curve: will hold the curve
+ * @digest: will hold the digest
+ * @paramset: will hold the GOST parameter set ID
+ * @x: will hold the x-coordinate
+ * @y: will hold the y-coordinate
+ *
+ * This function will export the GOST public key's parameters found in
+ * the given certificate.  The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_x509_crt_get_pk_gost_raw(gnutls_x509_crt_t crt,
+				gnutls_ecc_curve_t *curve,
+				gnutls_digest_algorithm_t *digest,
+				gnutls_gost_paramset_t *paramset,
+				gnutls_datum_t *x, gnutls_datum_t *y)
+{
+	int ret;
+	gnutls_pubkey_t pubkey;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_pubkey_init(&pubkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pubkey_import_x509(pubkey, crt, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_export_gost_raw2(pubkey, curve, digest,
+					     paramset, x, y, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+ cleanup:
+	gnutls_pubkey_deinit(pubkey);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_get_pk_dsa_raw:
+ * @crt: Holds the certificate
+ * @p: will hold the p
+ * @q: will hold the q
+ * @g: will hold the g
+ * @y: will hold the y
+ *
+ * This function will export the DSA public key's parameters found in
+ * the given certificate.  The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ **/
+int
+gnutls_x509_crt_get_pk_dsa_raw(gnutls_x509_crt_t crt,
+			       gnutls_datum_t * p, gnutls_datum_t * q,
+			       gnutls_datum_t * g, gnutls_datum_t * y)
+{
+	int ret;
+	gnutls_pubkey_t pubkey;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_pubkey_init(&pubkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pubkey_import_x509(pubkey, crt, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_export_dsa_raw(pubkey, p, q, g, y);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+ cleanup:
+	gnutls_pubkey_deinit(pubkey);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_list_import2:
+ * @certs: Will hold the parsed certificate list.
+ * @size: It will contain the size of the list.
+ * @data: The PEM encoded certificate.
+ * @format: One of DER or PEM.
+ * @flags: must be (0) or an OR'd sequence of gnutls_certificate_import_flags.
+ *
+ * This function will convert the given PEM encoded certificate list
+ * to the native gnutls_x509_crt_t format. The output will be stored
+ * in @certs which will be allocated and initialized.
+ *
+ * If the Certificate is PEM encoded it should have a header of "X509
+ * CERTIFICATE", or "CERTIFICATE".
+ *
+ * To deinitialize @certs, you need to deinitialize each crt structure
+ * independently, and use gnutls_free() at @certs.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_x509_crt_list_import2(gnutls_x509_crt_t ** certs,
+			     unsigned int *size,
+			     const gnutls_datum_t * data,
+			     gnutls_x509_crt_fmt_t format,
+			     unsigned int flags)
+{
+	unsigned int init = 1024;
+	int ret;
+
+	*certs = _gnutls_reallocarray(NULL, init, sizeof(gnutls_x509_crt_t));
+	if (*certs == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	ret =
+	    gnutls_x509_crt_list_import(*certs, &init, data, format,
+					flags | GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED);
+	if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
+		*certs = _gnutls_reallocarray_fast(*certs, init,
+						   sizeof(gnutls_x509_crt_t));
+		if (*certs == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+
+		ret =
+		    gnutls_x509_crt_list_import(*certs, &init, data,
+						format, flags);
+	}
+
+	if (ret < 0) {
+		gnutls_free(*certs);
+		return ret;
+	}
+
+	*size = init;
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_list_import:
+ * @certs: Indicates where the parsed list will be copied to. Must not be initialized.
+ * @cert_max: Initially must hold the maximum number of certs. It will be updated with the number of certs available.
+ * @data: The PEM encoded certificate.
+ * @format: One of DER or PEM.
+ * @flags: must be (0) or an OR'd sequence of gnutls_certificate_import_flags.
+ *
+ * This function will convert the given PEM encoded certificate list
+ * to the native gnutls_x509_crt_t format. The output will be stored
+ * in @certs.  They will be automatically initialized.
+ *
+ * The flag %GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED will cause
+ * import to fail if the certificates in the provided buffer are more
+ * than the available structures. The %GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED
+ * flag will cause the function to fail if the provided list is not
+ * sorted from subject to issuer.
+ *
+ * If the Certificate is PEM encoded it should have a header of "X509
+ * CERTIFICATE", or "CERTIFICATE".
+ *
+ * Returns: the number of certificates read or a negative error value.
+ **/
+int
+gnutls_x509_crt_list_import(gnutls_x509_crt_t * certs,
+			    unsigned int *cert_max,
+			    const gnutls_datum_t * data,
+			    gnutls_x509_crt_fmt_t format,
+			    unsigned int flags)
+{
+	int size;
+	const char *ptr;
+	gnutls_datum_t tmp;
+	int ret, nocopy = 0;
+	unsigned int count = 0, j, copied = 0;
+
+	if (format == GNUTLS_X509_FMT_DER) {
+		if (*cert_max < 1) {
+			*cert_max = 1;
+			return GNUTLS_E_SHORT_MEMORY_BUFFER;
+		}
+
+		count = 1;	/* import only the first one */
+
+		ret = gnutls_x509_crt_init(&certs[0]);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		ret = gnutls_x509_crt_import(certs[0], data, format);
+		if (ret < 0) {
+			gnutls_assert();
+			goto error;
+		}
+
+		*cert_max = 1;
+		return 1;
+	}
+
+	/* move to the certificate
+	 */
+	ptr = memmem(data->data, data->size,
+		     PEM_CERT_SEP, sizeof(PEM_CERT_SEP) - 1);
+	if (ptr == NULL)
+		ptr = memmem(data->data, data->size,
+			     PEM_CERT_SEP2, sizeof(PEM_CERT_SEP2) - 1);
+
+	if (ptr == NULL)
+		return gnutls_assert_val(GNUTLS_E_NO_CERTIFICATE_FOUND);
+
+	count = 0;
+
+	do {
+		if (count >= *cert_max) {
+			if (!
+			    (flags &
+			     GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED))
+				break;
+			else
+				nocopy = 1;
+		}
+
+		if (!nocopy) {
+			ret = gnutls_x509_crt_init(&certs[count]);
+			if (ret < 0) {
+				gnutls_assert();
+				goto error;
+			}
+
+			tmp.data = (void *) ptr;
+			tmp.size =
+			    data->size - (ptr - (char *) data->data);
+
+			ret =
+			    gnutls_x509_crt_import(certs[count], &tmp,
+						   GNUTLS_X509_FMT_PEM);
+			if (ret < 0) {
+				count++;
+				gnutls_assert();
+				goto error;
+			}
+
+			copied++;
+		}
+
+		/* now we move ptr after the pem header
+		 */
+		ptr++;
+		/* find the next certificate (if any)
+		 */
+		size = data->size - (ptr - (char *) data->data);
+
+		if (size > 0) {
+			char *ptr2;
+
+			ptr2 =
+			    memmem(ptr, size, PEM_CERT_SEP,
+				   sizeof(PEM_CERT_SEP) - 1);
+			if (ptr2 == NULL)
+				ptr2 = memmem(ptr, size, PEM_CERT_SEP2,
+					      sizeof(PEM_CERT_SEP2) - 1);
+
+			ptr = ptr2;
+		} else
+			ptr = NULL;
+
+		count++;
+	}
+	while (ptr != NULL);
+
+	*cert_max = count;
+
+	if (nocopy == 0) {
+		if (flags & GNUTLS_X509_CRT_LIST_SORT && *cert_max > 1) {
+			if (*cert_max > DEFAULT_MAX_VERIFY_DEPTH) {
+				ret = GNUTLS_E_UNIMPLEMENTED_FEATURE;
+				goto error;
+			}
+			count = _gnutls_sort_clist(certs, *cert_max);
+			if (count < *cert_max) {
+				for (j = count; j < *cert_max; j++) {
+					gnutls_x509_crt_deinit(certs[j]);
+				}
+			}
+			*cert_max = count;
+		}
+
+		if (flags & GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED) {
+			ret = _gnutls_check_if_sorted(certs, *cert_max);
+			if (ret < 0) {
+				gnutls_assert();
+				goto error;
+			}
+		}
+
+		return count;
+	} else {
+		count = copied;
+		ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
+	}
+
+      error:
+	for (j = 0; j < count; j++)
+		gnutls_x509_crt_deinit(certs[j]);
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_get_subject_unique_id:
+ * @crt: Holds the certificate
+ * @buf: user allocated memory buffer, will hold the unique id
+ * @buf_size: size of user allocated memory buffer (on input), will hold
+ * actual size of the unique ID on return.
+ *
+ * This function will extract the subjectUniqueID value (if present) for
+ * the given certificate.
+ *
+ * If the user allocated memory buffer is not large enough to hold the
+ * full subjectUniqueID, then a GNUTLS_E_SHORT_MEMORY_BUFFER error will be
+ * returned, and buf_size will be set to the actual length.
+ *
+ * This function had a bug prior to 3.4.8 that prevented the setting
+ * of %NULL @buf to discover the @buf_size. To use this function safely
+ * with the older versions the @buf must be a valid buffer that can hold
+ * at least a single byte if @buf_size is zero.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ **/
+int
+gnutls_x509_crt_get_subject_unique_id(gnutls_x509_crt_t crt, char *buf,
+				      size_t * buf_size)
+{
+	int result;
+	gnutls_datum_t datum = { NULL, 0 };
+
+	result =
+	    _gnutls_x509_read_value(crt->cert,
+				    "tbsCertificate.subjectUniqueID",
+				    &datum);
+	if (result < 0)
+		return gnutls_assert_val(result);
+
+	if (datum.size > *buf_size) {	/* then we're not going to fit */
+		*buf_size = datum.size;
+		result = GNUTLS_E_SHORT_MEMORY_BUFFER;
+	} else {
+		*buf_size = datum.size;
+		memcpy(buf, datum.data, datum.size);
+	}
+
+	_gnutls_free_datum(&datum);
+
+	return result;
+}
+
+/**
+ * gnutls_x509_crt_get_issuer_unique_id:
+ * @crt: Holds the certificate
+ * @buf: user allocated memory buffer, will hold the unique id
+ * @buf_size: size of user allocated memory buffer (on input), will hold
+ * actual size of the unique ID on return.
+ *
+ * This function will extract the issuerUniqueID value (if present) for
+ * the given certificate.
+ *
+ * If the user allocated memory buffer is not large enough to hold the
+ * full subjectUniqueID, then a GNUTLS_E_SHORT_MEMORY_BUFFER error will be
+ * returned, and buf_size will be set to the actual length.
+ *
+ * This function had a bug prior to 3.4.8 that prevented the setting
+ * of %NULL @buf to discover the @buf_size. To use this function safely
+ * with the older versions the @buf must be a valid buffer that can hold
+ * at least a single byte if @buf_size is zero.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
+ *
+ * Since: 2.12.0
+ **/
+int
+gnutls_x509_crt_get_issuer_unique_id(gnutls_x509_crt_t crt, char *buf,
+				     size_t * buf_size)
+{
+	int result;
+	gnutls_datum_t datum = { NULL, 0 };
+
+	result =
+	    _gnutls_x509_read_value(crt->cert,
+				    "tbsCertificate.issuerUniqueID",
+				    &datum);
+	if (result < 0)
+		return gnutls_assert_val(result);
+
+	if (datum.size > *buf_size) {	/* then we're not going to fit */
+		*buf_size = datum.size;
+		result = GNUTLS_E_SHORT_MEMORY_BUFFER;
+	} else {
+		*buf_size = datum.size;
+		memcpy(buf, datum.data, datum.size);
+	}
+
+	_gnutls_free_datum(&datum);
+
+	return result;
+}
+
+static int
+legacy_parse_aia(asn1_node src,
+		  unsigned int seq, int what, gnutls_datum_t * data)
+{
+	int len;
+	char nptr[MAX_NAME_SIZE];
+	int result;
+	gnutls_datum_t d;
+	const char *oid = NULL;
+
+	seq++;			/* 0->1, 1->2 etc */
+	switch (what) {
+	case GNUTLS_IA_ACCESSMETHOD_OID:
+		snprintf(nptr, sizeof(nptr), "?%u.accessMethod", seq);
+		break;
+
+	case GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE:
+		snprintf(nptr, sizeof(nptr), "?%u.accessLocation", seq);
+		break;
+
+	case GNUTLS_IA_CAISSUERS_URI:
+		oid = GNUTLS_OID_AD_CAISSUERS;
+		FALLTHROUGH;
+
+	case GNUTLS_IA_OCSP_URI:
+		if (oid == NULL)
+			oid = GNUTLS_OID_AD_OCSP;
+		{
+			char tmpoid[MAX_OID_SIZE];
+			snprintf(nptr, sizeof(nptr), "?%u.accessMethod",
+				 seq);
+			len = sizeof(tmpoid);
+			result = asn1_read_value(src, nptr, tmpoid, &len);
+
+			if (result == ASN1_VALUE_NOT_FOUND
+			    || result == ASN1_ELEMENT_NOT_FOUND)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				return _gnutls_asn2err(result);
+			}
+			if ((unsigned) len != strlen(oid) + 1
+			    || memcmp(tmpoid, oid, len) != 0)
+				return
+				    gnutls_assert_val
+				    (GNUTLS_E_UNKNOWN_ALGORITHM);
+		}
+		FALLTHROUGH;
+
+	case GNUTLS_IA_URI:
+		snprintf(nptr, sizeof(nptr),
+			 "?%u.accessLocation.uniformResourceIdentifier",
+			 seq);
+		break;
+
+	default:
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+	len = 0;
+	result = asn1_read_value(src, nptr, NULL, &len);
+	if (result == ASN1_VALUE_NOT_FOUND
+	    || result == ASN1_ELEMENT_NOT_FOUND)
+		return
+		    gnutls_assert_val
+		    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (result != ASN1_MEM_ERROR) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	d.size = len;
+
+	d.data = gnutls_malloc(d.size);
+	if (d.data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	result = asn1_read_value(src, nptr, d.data, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(d.data);
+		return _gnutls_asn2err(result);
+	}
+
+	if (data) {
+		data->data = d.data;
+		data->size = d.size;
+	} else
+		gnutls_free(d.data);
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_get_authority_info_access:
+ * @crt: Holds the certificate
+ * @seq: specifies the sequence number of the access descriptor (0 for the first one, 1 for the second etc.)
+ * @what: what data to get, a #gnutls_info_access_what_t type.
+ * @data: output data to be freed with gnutls_free().
+ * @critical: pointer to output integer that is set to non-zero if the extension is marked as critical (may be %NULL)
+ *
+ * Note that a simpler API to access the authority info data is provided
+ * by gnutls_x509_aia_get() and gnutls_x509_ext_import_aia().
+ *
+ * This function extracts the Authority Information Access (AIA)
+ * extension, see RFC 5280 section 4.2.2.1 for more information.  The
+ * AIA extension holds a sequence of AccessDescription (AD) data.
+ *
+ * The @seq input parameter is used to indicate which member of the
+ * sequence the caller is interested in.  The first member is 0, the
+ * second member 1 and so on.  When the @seq value is out of bounds,
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ *
+ * The type of data returned in @data is specified via @what which
+ * should be #gnutls_info_access_what_t values.
+ *
+ * If @what is %GNUTLS_IA_ACCESSMETHOD_OID then @data will hold the
+ * accessMethod OID (e.g., "1.3.6.1.5.5.7.48.1").
+ *
+ * If @what is %GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE, @data will
+ * hold the accessLocation GeneralName type (e.g.,
+ * "uniformResourceIdentifier").
+ *
+ * If @what is %GNUTLS_IA_URI, @data will hold the accessLocation URI
+ * data.  Requesting this @what value leads to an error if the
+ * accessLocation is not of the "uniformResourceIdentifier" type.
+ *
+ * If @what is %GNUTLS_IA_OCSP_URI, @data will hold the OCSP URI.
+ * Requesting this @what value leads to an error if the accessMethod
+ * is not 1.3.6.1.5.5.7.48.1 aka OCSP, or if accessLocation is not of
+ * the "uniformResourceIdentifier" type. In that case %GNUTLS_E_UNKNOWN_ALGORITHM
+ * will be returned, and @seq should be increased and this function
+ * called again.
+ *
+ * If @what is %GNUTLS_IA_CAISSUERS_URI, @data will hold the caIssuers
+ * URI.  Requesting this @what value leads to an error if the
+ * accessMethod is not 1.3.6.1.5.5.7.48.2 aka caIssuers, or if
+ * accessLocation is not of the "uniformResourceIdentifier" type.
+ * In that case handle as in %GNUTLS_IA_OCSP_URI.
+ *
+ * More @what values may be allocated in the future as needed.
+ *
+ * If @data is NULL, the function does the same without storing the
+ * output data, that is, it will set @critical and do error checking
+ * as usual.
+ *
+ * The value of the critical flag is returned in *@critical.  Supply a
+ * NULL @critical if you want the function to make sure the extension
+ * is non-critical, as required by RFC 5280.
+ *
+ * Returns: %GNUTLS_E_SUCCESS on success, %GNUTLS_E_INVALID_REQUEST on
+ * invalid @crt, %GNUTLS_E_CONSTRAINT_ERROR if the extension is
+ * incorrectly marked as critical (use a non-NULL @critical to
+ * override), %GNUTLS_E_UNKNOWN_ALGORITHM if the requested OID does
+ * not match (e.g., when using %GNUTLS_IA_OCSP_URI), otherwise a
+ * negative error code.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_x509_crt_get_authority_info_access(gnutls_x509_crt_t crt,
+					  unsigned int seq,
+					  int what,
+					  gnutls_datum_t * data,
+					  unsigned int *critical)
+{
+	int ret;
+	gnutls_datum_t aia;
+	asn1_node c2 = NULL;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if ((ret =
+	     _gnutls_x509_crt_get_extension(crt, GNUTLS_OID_AIA, 0, &aia,
+					    critical)) < 0)
+		return ret;
+
+	if (aia.size == 0 || aia.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	if (critical && *critical)
+		return GNUTLS_E_CONSTRAINT_ERROR;
+
+	ret = asn1_create_element(_gnutls_get_pkix(),
+				  "PKIX1.AuthorityInfoAccessSyntax", &c2);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		_gnutls_free_datum(&aia);
+		return _gnutls_asn2err(ret);
+	}
+
+	ret = _asn1_strict_der_decode(&c2, aia.data, aia.size, NULL);
+	/* asn1_print_structure (stdout, c2, "", ASN1_PRINT_ALL); */
+	_gnutls_free_datum(&aia);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&c2);
+		return _gnutls_asn2err(ret);
+	}
+
+	ret = legacy_parse_aia(c2, seq, what, data);
+
+	asn1_delete_structure(&c2);
+	if (ret < 0)
+		gnutls_assert();
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_set_pin_function:
+ * @crt: The certificate structure
+ * @fn: the callback
+ * @userdata: data associated with the callback
+ *
+ * This function will set a callback function to be used when
+ * it is required to access a protected object. This function overrides
+ * the global function set using gnutls_pkcs11_set_pin_function().
+ *
+ * Note that this callback is currently used only during the import
+ * of a PKCS #11 certificate with gnutls_x509_crt_import_url().
+ *
+ * Since: 3.1.0
+ *
+ **/
+void gnutls_x509_crt_set_pin_function(gnutls_x509_crt_t crt,
+				      gnutls_pin_callback_t fn,
+				      void *userdata)
+{
+	if (crt) {
+		crt->pin.cb = fn;
+		crt->pin.data = userdata;
+	}
+}
+
+/**
+ * gnutls_x509_crt_import_url:
+ * @crt: A certificate of type #gnutls_x509_crt_t
+ * @url: A PKCS 11 url
+ * @flags: One of GNUTLS_PKCS11_OBJ_* flags for PKCS#11 URLs or zero otherwise
+ *
+ * This function will import a certificate present in a PKCS#11 token
+ * or any type of back-end that supports URLs.
+ *
+ * In previous versions of gnutls this function was named
+ * gnutls_x509_crt_import_pkcs11_url, and the old name is
+ * an alias to this one.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_x509_crt_import_url(gnutls_x509_crt_t crt,
+			   const char *url, unsigned int flags)
+{
+	int ret;
+	unsigned i;
+
+	for (i=0;i<_gnutls_custom_urls_size;i++) {
+		if (strncmp(url, _gnutls_custom_urls[i].name, _gnutls_custom_urls[i].name_size) == 0) {
+			if (_gnutls_custom_urls[i].import_crt) {
+				ret = _gnutls_custom_urls[i].import_crt(crt, url, flags);
+				goto cleanup;
+			}
+			break;
+		}
+	}
+
+	if (strncmp(url, SYSTEM_URL, SYSTEM_URL_SIZE) == 0) {
+		ret = _gnutls_x509_crt_import_system_url(crt, url);
+#ifdef ENABLE_PKCS11
+	} else if (strncmp(url, PKCS11_URL, PKCS11_URL_SIZE) == 0) {
+			ret = _gnutls_x509_crt_import_pkcs11_url(crt, url, flags);
+#endif
+	} else {
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	}
+
+ cleanup:
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_list_import_url:
+ * @certs: Will hold the allocated certificate list.
+ * @size: It will contain the size of the list.
+ * @url: A PKCS 11 url
+ * @pin_fn: a PIN callback if not globally set
+ * @pin_fn_userdata: parameter for the PIN callback
+ * @flags: One of GNUTLS_PKCS11_OBJ_* flags for PKCS#11 URLs or zero otherwise
+ *
+ * This function will import a certificate chain present in a PKCS#11 token
+ * or any type of back-end that supports URLs. The certificates
+ * must be deinitialized afterwards using gnutls_x509_crt_deinit()
+ * and the returned pointer must be freed using gnutls_free().
+ *
+ * The URI provided must be the first certificate in the chain; subsequent
+ * certificates will be retrieved using gnutls_pkcs11_get_raw_issuer() or
+ * equivalent functionality for the supported URI.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.3
+ **/
+int
+gnutls_x509_crt_list_import_url(gnutls_x509_crt_t **certs,
+				unsigned int *size,
+				const char *url,
+				gnutls_pin_callback_t pin_fn,
+				void *pin_fn_userdata,
+				unsigned int flags)
+{
+	int ret;
+	unsigned i;
+	gnutls_x509_crt_t crts[DEFAULT_MAX_VERIFY_DEPTH];
+	gnutls_datum_t issuer = {NULL, 0};
+	unsigned total = 0;
+
+	memset(crts, 0, sizeof(crts));
+
+	ret = gnutls_x509_crt_init(&crts[0]);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	gnutls_x509_crt_set_pin_function(crts[0], pin_fn, pin_fn_userdata);
+
+	total = 1;
+
+	ret = gnutls_x509_crt_import_url(crts[0], url, flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	for (i=1;i<DEFAULT_MAX_VERIFY_DEPTH;i++) {
+		ret = _gnutls_get_raw_issuer(url, crts[i-1], &issuer, flags|GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY);
+		if (ret < 0) {
+			issuer.data = NULL;
+			break;
+		}
+
+		if (gnutls_x509_crt_equals2(crts[i-1], &issuer)) {
+			gnutls_free(issuer.data);
+			break;
+		}
+
+		ret = gnutls_x509_crt_init(&crts[i]);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		total++;
+
+		gnutls_x509_crt_set_pin_function(crts[i], pin_fn, pin_fn_userdata);
+
+		ret = gnutls_x509_crt_import(crts[i], &issuer, GNUTLS_X509_FMT_DER);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		gnutls_free(issuer.data);
+	}
+
+	*certs = _gnutls_reallocarray(NULL, total, sizeof(gnutls_x509_crt_t));
+	if (*certs == NULL) {
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto cleanup;
+	}
+
+	memcpy(*certs, crts, total*sizeof(gnutls_x509_crt_t));
+	*size = total;
+
+	return 0;
+ cleanup:
+	gnutls_free(issuer.data);
+	for (i=0;i<total;i++)
+		gnutls_x509_crt_deinit(crts[i]);
+
+	return ret;
+}
+
+/*-
+ * gnutls_x509_crt_verify_data3:
+ * @crt: Holds the certificate to verify with
+ * @algo: The signature algorithm used
+ * @flags: Zero or an OR list of #gnutls_certificate_verify_flags
+ * @data: holds the signed data
+ * @signature: contains the signature
+ *
+ * This function will verify the given signed data, using the
+ * parameters from the certificate.
+ *
+ * Returns: In case of a verification failure %GNUTLS_E_PK_SIG_VERIFY_FAILED
+ * is returned, %GNUTLS_E_EXPIRED or %GNUTLS_E_NOT_YET_ACTIVATED on expired
+ * or not yet activated certificate and zero or positive code on success.
+ *
+ * Since: 3.5.6
+ -*/
+int
+gnutls_x509_crt_verify_data3(gnutls_x509_crt_t crt,
+			     gnutls_sign_algorithm_t algo,
+			     gnutls_typed_vdata_st *vdata,
+			     unsigned int vdata_size,
+			     const gnutls_datum_t *data,
+			     const gnutls_datum_t *signature,
+			     unsigned int flags)
+{
+	int ret;
+	gnutls_pubkey_t pubkey;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+
+	ret = gnutls_pubkey_init(&pubkey);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pubkey_import_x509(pubkey, crt, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = gnutls_pubkey_verify_data2(pubkey, algo, flags, data, signature);
+	gnutls_pubkey_deinit(pubkey);
+
+	if (ret >= 0) {
+		time_t now = gnutls_time(0);
+		int res;
+		unsigned usage, i;
+
+		if (!(flags & GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS) ||
+		    !(flags & GNUTLS_VERIFY_DISABLE_TIME_CHECKS)) {
+			if (now > gnutls_x509_crt_get_expiration_time(crt)) {
+				return gnutls_assert_val(GNUTLS_E_EXPIRED);
+			}
+
+			if (now < gnutls_x509_crt_get_activation_time(crt)) {
+				return gnutls_assert_val(GNUTLS_E_NOT_YET_ACTIVATED);
+			}
+		}
+
+		res = gnutls_x509_crt_get_key_usage(crt, &usage, NULL);
+		if (res >= 0) {
+			if (!(usage & GNUTLS_KEY_DIGITAL_SIGNATURE)) {
+				return gnutls_assert_val(GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE);
+			}
+		}
+
+		for (i=0;i<vdata_size;i++) {
+			if (vdata[i].type == GNUTLS_DT_KEY_PURPOSE_OID) {
+				res = _gnutls_check_key_purpose(crt, (char *)vdata[i].data, 0);
+				if (res == 0)
+					return gnutls_assert_val(GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE);
+				break;
+			}
+		}
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_verify_data2:
+ * @crt: Holds the certificate to verify with
+ * @algo: The signature algorithm used
+ * @flags: Zero or an OR list of #gnutls_certificate_verify_flags
+ * @data: holds the signed data
+ * @signature: contains the signature
+ *
+ * This function will verify the given signed data, using the
+ * parameters from the certificate.
+ *
+ * Returns: In case of a verification failure %GNUTLS_E_PK_SIG_VERIFY_FAILED
+ * is returned, %GNUTLS_E_EXPIRED or %GNUTLS_E_NOT_YET_ACTIVATED on expired
+ * or not yet activated certificate and zero or positive code on success.
+ *
+ * Note that since GnuTLS 3.5.6 this function introduces checks in the
+ * end certificate (@crt), including time checks and key usage checks.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_x509_crt_verify_data2(gnutls_x509_crt_t crt,
+			   gnutls_sign_algorithm_t algo,
+			   unsigned int flags,
+			   const gnutls_datum_t *data,
+			   const gnutls_datum_t *signature)
+{
+	return gnutls_x509_crt_verify_data3(crt, algo, NULL, 0,
+				data, signature, flags);
+}
+
+/**
+ * gnutls_x509_crt_set_flags:
+ * @cert: A type #gnutls_x509_crt_t
+ * @flags: flags from the %gnutls_x509_crt_flags
+ *
+ * This function will set flags for the specified certificate.
+ * Currently this is useful for the %GNUTLS_X509_CRT_FLAG_IGNORE_SANITY
+ * which allows importing certificates even if they have known issues.
+ *
+ * Since: 3.6.0
+ *
+ **/
+void gnutls_x509_crt_set_flags(gnutls_x509_crt_t cert,
+				   unsigned int flags)
+{
+	cert->flags = flags;
+}
+
diff --git a/lib/x509/x509_dn.c b/lib/x509/x509_dn.c
new file mode 100644
index 0000000..1dde410
--- /dev/null
+++ b/lib/x509/x509_dn.c
@@ -0,0 +1,702 @@
+/*
+ * Copyright (C) 2013-2016 Nikos Mavrogiannopoulos
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains functions to handle X.509 certificate generation.
+ */
+
+#include "gnutls_int.h"
+
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <x509.h>
+#include <x509_b64.h>
+#include <c-ctype.h>
+
+typedef int (*set_dn_func) (void *, const char *oid, unsigned int raw_flag,
+			    const void *name, unsigned int name_size);
+
+static
+int dn_attr_crt_set(set_dn_func f, void *crt, const gnutls_datum_t * name,
+		    const gnutls_datum_t * val, unsigned is_raw)
+{
+	char _oid[MAX_OID_SIZE];
+	gnutls_datum_t tmp;
+	const char *oid;
+	int ret;
+	unsigned i,j;
+
+	if (name->size == 0 || val->size == 0)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	if (c_isdigit(name->data[0]) != 0) {
+		if (name->size >= sizeof(_oid))
+			return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+		memcpy(_oid, name->data, name->size);
+		_oid[name->size] = 0;
+
+		oid = _oid;
+
+		if (gnutls_x509_dn_oid_known(oid) == 0 && !is_raw) {
+			_gnutls_debug_log("Unknown OID: '%s'\n", oid);
+			return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+		}
+	} else {
+		oid =
+		    _gnutls_ldap_string_to_oid((char *) name->data,
+					       name->size);
+	}
+
+	if (oid == NULL) {
+		_gnutls_debug_log("Unknown DN attribute: '%.*s'\n",
+				  (int) name->size, name->data);
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+	}
+
+	if (is_raw) {
+		gnutls_datum_t hex = {val->data+1, val->size-1};
+
+		ret = gnutls_hex_decode2(&hex, &tmp);
+		if (ret < 0)
+			return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+	} else {
+		tmp.size = val->size;
+		tmp.data = gnutls_malloc(tmp.size+1);
+		if (tmp.data == NULL) {
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		}
+
+		/* unescape */
+		for (j=i=0;i<tmp.size;i++) {
+			if (1+j!=val->size && val->data[j] == '\\') {
+				if (val->data[j+1] == ',' || val->data[j+1] == '#' ||
+				    val->data[j+1] == ' ' || val->data[j+1] == '+' ||
+				    val->data[j+1] == '"' || val->data[j+1] == '<' ||
+				    val->data[j+1] == '>' || val->data[j+1] == ';' ||
+				    val->data[j+1] == '\\' || val->data[j+1] == '=') {
+					tmp.data[i] = val->data[j+1];
+					j+=2;
+					tmp.size--;
+				} else {
+					ret = gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+					goto fail;
+				}
+			} else {
+				tmp.data[i] = val->data[j++];
+			}
+		}
+		tmp.data[tmp.size] = 0;
+	}
+
+	ret = f(crt, oid, is_raw, tmp.data, tmp.size);
+	if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	ret = 0;
+ fail:
+	gnutls_free(tmp.data);
+	return ret;
+}
+
+static int read_attr_and_val(const char **ptr,
+			     gnutls_datum_t *name, gnutls_datum_t *val,
+			     unsigned *is_raw)
+{
+	const unsigned char *p = (void *) *ptr;
+
+	*is_raw = 0;
+
+	/* skip any space */
+	while (c_isspace(*p))
+		p++;
+
+	/* Read the name */
+	name->data = (void *) p;
+	while (*p != '=' && *p != 0 && !c_isspace(*p))
+		p++;
+
+	name->size = p - name->data;
+
+	/* skip any space */
+	while (c_isspace(*p))
+		p++;
+
+	if (*p != '=')
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+	p++;
+
+	while (c_isspace(*p))
+		p++;
+
+	if (*p == '#') {
+		*is_raw = 1;
+	}
+
+	/* Read value */
+	val->data = (void *) p;
+	while (*p != 0 && (*p != ',' || (*p == ',' && *(p - 1) == '\\'))
+	       && *p != '\n') {
+		p++;
+	}
+	val->size = p - (val->data);
+	*ptr = (void*)p;
+
+	p = val->data;
+	/* check for unescaped '+' - we do not support them */
+	while (*p != 0) {
+		if (*p == '+' && (*(p - 1) != '\\'))
+			return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+		p++;
+	}
+
+	/* remove spaces from the end */
+	while(val->size > 0 && c_isspace(val->data[val->size-1])) {
+		if (val->size > 2 && val->data[val->size-2] == '\\')
+			break;
+		val->size--;
+	}
+
+	if (val->size == 0 || name->size == 0)
+		return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+
+	return 0;
+}
+
+typedef struct elem_list_st {
+	gnutls_datum_t name;
+	gnutls_datum_t val;
+	const char *pos;
+	unsigned is_raw;
+	struct elem_list_st *next;
+} elem_list_st;
+
+static int add_new_elem(elem_list_st **head, const gnutls_datum_t *name, const gnutls_datum_t *val, const char *pos, unsigned is_raw)
+{
+	elem_list_st *elem = gnutls_malloc(sizeof(*elem));
+	if (elem == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	memcpy(&elem->name, name, sizeof(*name));
+	memcpy(&elem->val, val, sizeof(*val));
+	elem->pos = pos;
+	elem->is_raw = is_raw;
+	elem->next = *head;
+	*head = elem;
+
+	return 0;
+}
+
+static int
+crt_set_dn(set_dn_func f, void *crt, const char *dn, const char **err)
+{
+	const char *p = dn;
+	int ret;
+	gnutls_datum_t name, val;
+	unsigned is_raw;
+	elem_list_st *list = NULL, *plist, *next;
+
+	if (crt == NULL || dn == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	/* We parse the string and set all elements to a linked list in
+	 * reverse order. That way we can encode in reverse order,
+	 * the way RFC4514 requires. */
+
+	/* For each element */
+	while (*p != 0 && *p != '\n') {
+		if (err)
+			*err = p;
+
+		is_raw = 0;
+		ret = read_attr_and_val(&p, &name, &val, &is_raw);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		/* skip spaces and look for comma */
+		while (c_isspace(*p))
+			p++;
+
+		ret = add_new_elem(&list, &name, &val, p, is_raw);
+		if (ret < 0) {
+			gnutls_assert();
+			goto fail;
+		}
+
+		if (*p != ',' && *p != 0 && *p != '\n') {
+			ret = gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
+			goto fail;
+		}
+		if (*p == ',')
+			p++;
+	}
+
+	plist = list;
+	while(plist) {
+		if (err)
+			*err = plist->pos;
+		ret = dn_attr_crt_set(f, crt, &plist->name, &plist->val, plist->is_raw);
+		if (ret < 0)
+			goto fail;
+
+		plist = plist->next;
+	}
+
+	ret = 0;
+fail:
+	plist = list;
+	while(plist) {
+		next = plist->next;
+		gnutls_free(plist);
+		plist = next;
+	}
+	return ret;
+}
+
+
+/**
+ * gnutls_x509_crt_set_dn:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @dn: a comma separated DN string (RFC4514)
+ * @err: indicates the error position (if any)
+ *
+ * This function will set the DN on the provided certificate.
+ * The input string should be plain ASCII or UTF-8 encoded. On
+ * DN parsing error %GNUTLS_E_PARSING_ERROR is returned.
+ *
+ * Note that DNs are not expected to hold DNS information, and thus
+ * no automatic IDNA conversions are attempted when using this function.
+ * If that is required (e.g., store a domain in CN), process the corresponding
+ * input with gnutls_idna_map().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_dn(gnutls_x509_crt_t crt, const char *dn,
+		       const char **err)
+{
+	return crt_set_dn((set_dn_func) gnutls_x509_crt_set_dn_by_oid, crt,
+			  dn, err);
+}
+
+/**
+ * gnutls_x509_crt_set_issuer_dn:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @dn: a comma separated DN string (RFC4514)
+ * @err: indicates the error position (if any)
+ *
+ * This function will set the DN on the provided certificate.
+ * The input string should be plain ASCII or UTF-8 encoded. On
+ * DN parsing error %GNUTLS_E_PARSING_ERROR is returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_issuer_dn(gnutls_x509_crt_t crt, const char *dn,
+			      const char **err)
+{
+	return crt_set_dn((set_dn_func)
+			  gnutls_x509_crt_set_issuer_dn_by_oid, crt, dn,
+			  err);
+}
+
+/**
+ * gnutls_x509_crq_set_dn:
+ * @crq: a certificate of type #gnutls_x509_crq_t
+ * @dn: a comma separated DN string (RFC4514)
+ * @err: indicates the error position (if any)
+ *
+ * This function will set the DN on the provided certificate.
+ * The input string should be plain ASCII or UTF-8 encoded. On
+ * DN parsing error %GNUTLS_E_PARSING_ERROR is returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crq_set_dn(gnutls_x509_crq_t crq, const char *dn,
+		       const char **err)
+{
+	return crt_set_dn((set_dn_func) gnutls_x509_crq_set_dn_by_oid, crq,
+			  dn, err);
+}
+
+static
+int set_dn_by_oid(gnutls_x509_dn_t dn, const char *oid, unsigned int raw_flag, const void *name, unsigned name_size)
+{
+	return _gnutls_x509_set_dn_oid(dn->asn, "", oid, raw_flag, name, name_size);
+}
+
+/**
+ * gnutls_x509_dn_set_str:
+ * @dn: a pointer to DN
+ * @str: a comma separated DN string (RFC4514)
+ * @err: indicates the error position (if any)
+ *
+ * This function will set the DN on the provided DN structure.
+ * The input string should be plain ASCII or UTF-8 encoded. On
+ * DN parsing error %GNUTLS_E_PARSING_ERROR is returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.3
+ **/
+int
+gnutls_x509_dn_set_str(gnutls_x509_dn_t dn, const char *str, const char **err)
+{
+	if (dn == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return crt_set_dn((set_dn_func) set_dn_by_oid, dn,
+			  str, err);
+}
+
+/**
+ * gnutls_x509_dn_init:
+ * @dn: the object to be initialized
+ *
+ * This function initializes a #gnutls_x509_dn_t type.
+ *
+ * The object returned must be deallocated using
+ * gnutls_x509_dn_deinit().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.4.0
+ **/
+int gnutls_x509_dn_init(gnutls_x509_dn_t * dn)
+{
+	int result;
+
+	*dn = gnutls_calloc(1, sizeof(gnutls_x509_dn_st));
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.Name", &(*dn)->asn)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_free(*dn);
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_dn_import:
+ * @dn: the structure that will hold the imported DN
+ * @data: should contain a DER encoded RDN sequence
+ *
+ * This function parses an RDN sequence and stores the result to a
+ * #gnutls_x509_dn_t type. The data must have been initialized
+ * with gnutls_x509_dn_init(). You may use gnutls_x509_dn_get_rdn_ava() to
+ * decode the DN.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.4.0
+ **/
+int gnutls_x509_dn_import(gnutls_x509_dn_t dn, const gnutls_datum_t * data)
+{
+	int result;
+	char err[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
+
+	if (data->data == NULL || data->size == 0)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	result = _asn1_strict_der_decode(&dn->asn,
+				   data->data, data->size, err);
+	if (result != ASN1_SUCCESS) {
+		/* couldn't decode DER */
+		_gnutls_debug_log("ASN.1 Decoding error: %s\n", err);
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_dn_deinit:
+ * @dn: a DN uint8_t object pointer.
+ *
+ * This function deallocates the DN object as returned by
+ * gnutls_x509_dn_import().
+ *
+ * Since: 2.4.0
+ **/
+void gnutls_x509_dn_deinit(gnutls_x509_dn_t dn)
+{
+	asn1_delete_structure(&dn->asn);
+	gnutls_free(dn);
+}
+
+/**
+ * gnutls_x509_dn_export:
+ * @dn: Holds the uint8_t DN object
+ * @format: the format of output params. One of PEM or DER.
+ * @output_data: will contain a DN PEM or DER encoded
+ * @output_data_size: holds the size of output_data (and will be
+ *   replaced by the actual size of parameters)
+ *
+ * This function will export the DN to DER or PEM format.
+ *
+ * If the buffer provided is not long enough to hold the output, then
+ * *@output_data_size is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER
+ * will be returned.
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN NAME".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_dn_export(gnutls_x509_dn_t dn,
+		      gnutls_x509_crt_fmt_t format, void *output_data,
+		      size_t * output_data_size)
+{
+	if (dn == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_export_int_named(dn->asn, "rdnSequence",
+					     format, "NAME",
+					     output_data,
+					     output_data_size);
+}
+
+/**
+ * gnutls_x509_dn_export2:
+ * @dn: Holds the uint8_t DN object
+ * @format: the format of output params. One of PEM or DER.
+ * @out: will contain a DN PEM or DER encoded
+ *
+ * This function will export the DN to DER or PEM format.
+ *
+ * The output buffer is allocated using gnutls_malloc().
+ *
+ * If the structure is PEM encoded, it will have a header
+ * of "BEGIN NAME".
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.3
+ **/
+int
+gnutls_x509_dn_export2(gnutls_x509_dn_t dn,
+		       gnutls_x509_crt_fmt_t format, gnutls_datum_t * out)
+{
+	if (dn == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_export_int_named2(dn->asn, "rdnSequence",
+					      format, "NAME", out);
+}
+
+/**
+ * gnutls_x509_dn_get_rdn_ava:
+ * @dn: a pointer to DN
+ * @irdn: index of RDN
+ * @iava: index of AVA.
+ * @ava: Pointer to structure which will hold output information.
+ *
+ * Get pointers to data within the DN. The format of the @ava structure
+ * is shown below.
+ *
+ *  struct gnutls_x509_ava_st {
+ *    gnutls_datum_t oid;
+ *    gnutls_datum_t value;
+ *    unsigned long value_tag;
+ *  };
+ *
+ * The X.509 distinguished name is a sequence of sequences of strings
+ * and this is what the @irdn and @iava indexes model.
+ *
+ * Note that @ava will contain pointers into the @dn structure which
+ * in turns points to the original certificate. Thus you should not
+ * modify any data or deallocate any of those.
+ *
+ * This is a low-level function that requires the caller to do the
+ * value conversions when necessary (e.g. from UCS-2).
+ *
+ * Returns: Returns 0 on success, or an error code.
+ **/
+int
+gnutls_x509_dn_get_rdn_ava(gnutls_x509_dn_t dn,
+			   int irdn, int iava, gnutls_x509_ava_st * ava)
+{
+	asn1_node rdn, elem;
+	asn1_data_node_st vnode;
+	long len;
+	int lenlen, remlen, ret;
+	char rbuf[MAX_NAME_SIZE];
+	unsigned char cls;
+	const unsigned char *ptr;
+
+	iava++;
+	irdn++;			/* 0->1, 1->2 etc */
+
+	snprintf(rbuf, sizeof(rbuf), "rdnSequence.?%d.?%d", irdn, iava);
+	rdn = asn1_find_node(dn->asn, rbuf);
+	if (!rdn) {
+		gnutls_assert();
+		return GNUTLS_E_ASN1_ELEMENT_NOT_FOUND;
+	}
+
+	snprintf(rbuf, sizeof(rbuf), "?%d.type", iava);
+	elem = asn1_find_node(rdn, rbuf);
+	if (!elem) {
+		gnutls_assert();
+		return GNUTLS_E_ASN1_ELEMENT_NOT_FOUND;
+	}
+
+	ret = asn1_read_node_value(elem, &vnode);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return GNUTLS_E_ASN1_ELEMENT_NOT_FOUND;
+	}
+
+	ava->oid.data = (void *) vnode.value;
+	ava->oid.size = vnode.value_len;
+
+	snprintf(rbuf, sizeof(rbuf), "?%d.value", iava);
+	elem = asn1_find_node(rdn, rbuf);
+	if (!elem) {
+		gnutls_assert();
+		return GNUTLS_E_ASN1_ELEMENT_NOT_FOUND;
+	}
+
+	ret = asn1_read_node_value(elem, &vnode);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return GNUTLS_E_ASN1_ELEMENT_NOT_FOUND;
+	}
+	/* The value still has the previous tag's length bytes, plus the
+	 * current value's tag and length bytes. Decode them.
+	 */
+
+	ptr = vnode.value;
+	remlen = vnode.value_len;
+	len = asn1_get_length_der(ptr, remlen, &lenlen);
+	if (len < 0) {
+		gnutls_assert();
+		return GNUTLS_E_ASN1_DER_ERROR;
+	}
+
+	ptr += lenlen;
+	remlen -= lenlen;
+	ret =
+	    asn1_get_tag_der(ptr, remlen, &cls, &lenlen, &ava->value_tag);
+	if (ret) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	ptr += lenlen;
+	remlen -= lenlen;
+
+	{
+		signed long tmp;
+
+		tmp = asn1_get_length_der(ptr, remlen, &lenlen);
+		if (tmp < 0) {
+			gnutls_assert();
+			return GNUTLS_E_ASN1_DER_ERROR;
+		}
+		ava->value.size = tmp;
+	}
+	ava->value.data = (void *) (ptr + lenlen);
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_dn_get_str:
+ * @dn: a pointer to DN
+ * @str: a datum that will hold the name
+ *
+ * This function will allocate buffer and copy the name in the provided DN.
+ * The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.2
+ **/
+int
+gnutls_x509_dn_get_str(gnutls_x509_dn_t dn, gnutls_datum_t *str)
+{
+	if (dn == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_dn(dn->asn, "rdnSequence", str, GNUTLS_X509_DN_FLAG_COMPAT);
+}
+
+/**
+ * gnutls_x509_dn_get_str:
+ * @dn: a pointer to DN
+ * @str: a datum that will hold the name
+ * @flags: zero or %GNUTLS_X509_DN_FLAG_COMPAT
+ *
+ * This function will allocate buffer and copy the name in the provided DN.
+ * The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as
+ * described in RFC4514. The output string will be ASCII or UTF-8
+ * encoded, depending on the certificate data.
+ *
+ * When the flag %GNUTLS_X509_DN_FLAG_COMPAT is specified, the output
+ * format will match the format output by previous to 3.5.6 versions of GnuTLS
+ * which was not not fully RFC4514-compliant.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.7
+ **/
+int
+gnutls_x509_dn_get_str2(gnutls_x509_dn_t dn, gnutls_datum_t *str, unsigned flags)
+{
+	if (dn == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return _gnutls_x509_get_dn(dn->asn, "rdnSequence", str, flags);
+}
diff --git a/lib/x509/x509_ext.c b/lib/x509/x509_ext.c
new file mode 100644
index 0000000..0b4c6a0
--- /dev/null
+++ b/lib/x509/x509_ext.c
@@ -0,0 +1,4050 @@
+/*
+ * Copyright (C) 2014-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains functions to handle X.509 certificate extensions (the x509-ext API)
+ */
+
+#include "gnutls_int.h"
+#include <datum.h>
+#include "errors.h"
+#include <common.h>
+#include <x509.h>
+#include <x509_b64.h>
+#include "x509_ext_int.h"
+#include "virt-san.h"
+#include <gnutls/x509-ext.h>
+#include "intprops.h"
+
+#define MAX_ENTRIES 64
+struct gnutls_subject_alt_names_st {
+	struct name_st *names;
+	unsigned int size;
+};
+
+/**
+ * gnutls_subject_alt_names_init:
+ * @sans: The alternative names
+ *
+ * This function will initialize an alternative names structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_subject_alt_names_init(gnutls_subject_alt_names_t * sans)
+{
+	*sans = gnutls_calloc(1, sizeof(struct gnutls_subject_alt_names_st));
+	if (*sans == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+static void subject_alt_names_deinit(gnutls_subject_alt_names_t sans)
+{
+	unsigned int i;
+
+	for (i = 0; i < sans->size; i++) {
+		gnutls_free(sans->names[i].san.data);
+		gnutls_free(sans->names[i].othername_oid.data);
+	}
+	gnutls_free(sans->names);
+}
+
+/**
+ * gnutls_subject_alt_names_deinit:
+ * @sans: The alternative names
+ *
+ * This function will deinitialize an alternative names structure.
+ *
+ * Since: 3.3.0
+ **/
+void gnutls_subject_alt_names_deinit(gnutls_subject_alt_names_t sans)
+{
+	subject_alt_names_deinit(sans);
+	gnutls_free(sans);
+}
+
+/**
+ * gnutls_subject_alt_names_get:
+ * @sans: The alternative names
+ * @seq: The index of the name to get
+ * @san_type: Will hold the type of the name (of %gnutls_subject_alt_names_t)
+ * @san: The alternative name data (should be treated as constant)
+ * @othername_oid: The object identifier if @san_type is %GNUTLS_SAN_OTHERNAME (should be treated as constant)
+ *
+ * This function will return a specific alternative name as stored in
+ * the @sans type. The returned values should be treated as constant
+ * and valid for the lifetime of @sans.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the index is out of bounds, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_subject_alt_names_get(gnutls_subject_alt_names_t sans,
+				 unsigned int seq, unsigned int *san_type,
+				 gnutls_datum_t * san,
+				 gnutls_datum_t * othername_oid)
+{
+	if (seq >= sans->size)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (san) {
+		memcpy(san, &sans->names[seq].san, sizeof(gnutls_datum_t));
+	}
+
+	if (san_type)
+		*san_type = sans->names[seq].type;
+
+	if (othername_oid != NULL && sans->names[seq].type == GNUTLS_SAN_OTHERNAME) {
+		othername_oid->data = sans->names[seq].othername_oid.data;
+		othername_oid->size = sans->names[seq].othername_oid.size;
+	}
+
+	return 0;
+}
+
+/* This is the same as gnutls_subject_alt_names_set() but will not
+ * copy the strings. It expects all the provided input to be already
+ * allocated by gnutls. */
+static
+int subject_alt_names_set(struct name_st **names,
+			  unsigned int *size,
+			  unsigned int san_type,
+			  gnutls_datum_t * san, char *othername_oid,
+			  unsigned raw)
+{
+	void *tmp;
+	int ret;
+
+	if (unlikely(INT_ADD_OVERFLOW(*size, 1))) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	tmp = _gnutls_reallocarray(*names, *size + 1, sizeof((*names)[0]));
+	if (tmp == NULL) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+	*names = tmp;
+
+	ret = _gnutls_alt_name_assign_virt_type(&(*names)[*size], san_type, san, othername_oid, raw);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	(*size)++;
+	return 0;
+}
+
+/**
+ * gnutls_subject_alt_names_set:
+ * @sans: The alternative names
+ * @san_type: The type of the name (of %gnutls_subject_alt_names_t)
+ * @san: The alternative name data
+ * @othername_oid: The object identifier if @san_type is %GNUTLS_SAN_OTHERNAME
+ *
+ * This function will store the specified alternative name in
+ * the @sans.
+ *
+ * Since version 3.5.7 the %GNUTLS_SAN_RFC822NAME, %GNUTLS_SAN_DNSNAME, and
+ * %GNUTLS_SAN_OTHERNAME_XMPP are converted to ACE format when necessary.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0), otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_subject_alt_names_set(gnutls_subject_alt_names_t sans,
+				 unsigned int san_type,
+				 const gnutls_datum_t * san,
+				 const char *othername_oid)
+{
+	int ret;
+	gnutls_datum_t copy;
+	char *ooc;
+
+	ret = _gnutls_set_strdatum(&copy, san->data, san->size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (othername_oid != NULL)
+		ooc = gnutls_strdup(othername_oid);
+	else
+		ooc = NULL;
+	ret = subject_alt_names_set(&sans->names, &sans->size,
+				    san_type, &copy, ooc, 0);
+	if (ret < 0) {
+		gnutls_free(copy.data);
+		return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_ext_import_subject_alt_names:
+ * @ext: The DER-encoded extension data
+ * @sans: The alternative names
+ * @flags: should be zero
+ *
+ * This function will export the alternative names in the provided DER-encoded
+ * SubjectAltName PKIX extension, to a %gnutls_subject_alt_names_t type. @sans
+ * must be initialized.
+ *
+ * This function will succeed even if there no subject alternative names
+ * in the structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_import_subject_alt_names(const gnutls_datum_t * ext,
+					  gnutls_subject_alt_names_t sans,
+					  unsigned int flags)
+{
+	asn1_node c2 = NULL;
+	int result, ret;
+	unsigned int i;
+	gnutls_datum_t san, othername_oid;
+	unsigned type;
+
+	result =
+	    asn1_create_element(_gnutls_get_pkix(), "PKIX1.GeneralNames", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&c2, ext->data, ext->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	for (i=0;;i++) {
+		san.data = NULL;
+		san.size = 0;
+		othername_oid.data = NULL;
+
+		ret = _gnutls_parse_general_name2(c2, "", i, &san, &type, 0);
+		if (ret < 0)
+			break;
+
+		if (type == GNUTLS_SAN_OTHERNAME) {
+			ret =
+			    _gnutls_parse_general_name2(c2, "", i,
+							&othername_oid,
+							NULL, 1);
+			if (ret < 0)
+				break;
+
+		} else if (san.size == 0 || san.data == NULL) {
+			ret = gnutls_assert_val(GNUTLS_E_X509_UNKNOWN_SAN);
+			break;
+		}
+
+		ret = subject_alt_names_set(&sans->names, &sans->size,
+					    type, &san,
+					    (char *)othername_oid.data, 1);
+		if (ret < 0)
+			break;
+	}
+
+	sans->size = i;
+	if (ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		gnutls_free(san.data);
+		gnutls_free(othername_oid.data);
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	asn1_delete_structure(&c2);
+	return ret;
+}
+
+/**
+ * gnutls_x509_ext_export_subject_alt_names:
+ * @sans: The alternative names
+ * @ext: The DER-encoded extension data; must be freed using gnutls_free().
+ *
+ * This function will convert the provided alternative names structure to a
+ * DER-encoded SubjectAltName PKIX extension. The output data in @ext will be allocated using
+ * gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_export_subject_alt_names(gnutls_subject_alt_names_t sans,
+					  gnutls_datum_t * ext)
+{
+	asn1_node c2 = NULL;
+	int result, ret;
+	unsigned i;
+
+	result =
+	    asn1_create_element(_gnutls_get_pkix(), "PKIX1.GeneralNames", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	for (i = 0; i < sans->size; i++) {
+		if (sans->names[i].type == GNUTLS_SAN_OTHERNAME) {
+			ret = _gnutls_write_new_othername(c2, "", (char*)sans->names[i].othername_oid.data,
+					      sans->names[i].san.data, sans->names[i].san.size);
+		} else {
+			ret =
+			    _gnutls_write_new_general_name(c2, "", sans->names[i].type,
+							   sans->names[i].san.data,
+							   sans->names[i].san.size);
+		}
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret = _gnutls_x509_der_encode(c2, "", ext, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+ cleanup:
+	asn1_delete_structure(&c2);
+	return ret;
+}
+
+/**
+ * gnutls_x509_ext_import_name_constraints:
+ * @ext: a DER encoded extension
+ * @nc: The nameconstraints
+ * @flags: zero or %GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND
+ *
+ * This function will return an intermediate type containing
+ * the name constraints of the provided NameConstraints extension. That
+ * can be used in combination with gnutls_x509_name_constraints_check()
+ * to verify whether a server's name is in accordance with the constraints.
+ *
+ * When the @flags is set to %GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND, then if 
+ * the @nc type is empty this function will behave identically as if the flag was not set.
+ * Otherwise if there are elements in the @nc structure then the
+ * constraints will be merged with the existing constraints following
+ * RFC5280 p6.1.4 (excluded constraints will be appended, permitted
+ * will be intersected).
+ *
+ * Note that @nc must be initialized prior to calling this function.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the extension is not present, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_import_name_constraints(const gnutls_datum_t * ext,
+					 gnutls_x509_name_constraints_t nc,
+					 unsigned int flags)
+{
+	int result, ret;
+	asn1_node c2 = NULL;
+	gnutls_x509_name_constraints_t nc2 = NULL;
+
+	result = asn1_create_element
+	    (_gnutls_get_pkix(), "PKIX1.NameConstraints", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&c2, ext->data, ext->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (flags & GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND &&
+	    (nc->permitted != NULL || nc->excluded != NULL)) {
+		ret = gnutls_x509_name_constraints_init (&nc2);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret =
+		    _gnutls_extract_name_constraints(c2, "permittedSubtrees",
+						     &nc2->permitted);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret =
+		    _gnutls_extract_name_constraints(c2, "excludedSubtrees",
+						     &nc2->excluded);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret = _gnutls_x509_name_constraints_merge(nc, nc2);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	} else {
+		_gnutls_name_constraints_node_free(nc->permitted);
+		_gnutls_name_constraints_node_free(nc->excluded);
+
+		ret =
+		    _gnutls_extract_name_constraints(c2, "permittedSubtrees",
+						     &nc->permitted);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		ret =
+		    _gnutls_extract_name_constraints(c2, "excludedSubtrees",
+						     &nc->excluded);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret = 0;
+
+ cleanup:
+	asn1_delete_structure(&c2);
+	if (nc2)
+		gnutls_x509_name_constraints_deinit (nc2);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_ext_export_name_constraints:
+ * @nc: The nameconstraints
+ * @ext: The DER-encoded extension data; must be freed using gnutls_free().
+ *
+ * This function will convert the provided name constraints type to a
+ * DER-encoded PKIX NameConstraints (2.5.29.30) extension. The output data in 
+ * @ext will be allocated using gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_export_name_constraints(gnutls_x509_name_constraints_t nc,
+					 gnutls_datum_t * ext)
+{
+	int ret, result;
+	uint8_t null = 0;
+	asn1_node c2 = NULL;
+	struct name_constraints_node_st *tmp;
+
+	if (nc->permitted == NULL && nc->excluded == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	result = asn1_create_element
+	    (_gnutls_get_pkix(), "PKIX1.NameConstraints", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (nc->permitted == NULL) {
+		(void)asn1_write_value(c2, "permittedSubtrees", NULL, 0);
+	} else {
+		tmp = nc->permitted;
+		do {
+			result =
+			    asn1_write_value(c2, "permittedSubtrees", "NEW", 1);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				ret = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			result =
+			    asn1_write_value(c2,
+					     "permittedSubtrees.?LAST.maximum",
+					     NULL, 0);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				ret = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			result =
+			    asn1_write_value(c2,
+					     "permittedSubtrees.?LAST.minimum",
+					     &null, 1);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				ret = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			ret =
+			    _gnutls_write_general_name(c2,
+						       "permittedSubtrees.?LAST.base",
+						       tmp->type,
+						       tmp->name.data,
+						       tmp->name.size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			tmp = tmp->next;
+		} while (tmp != NULL);
+	}
+
+	if (nc->excluded == NULL) {
+		(void)asn1_write_value(c2, "excludedSubtrees", NULL, 0);
+	} else {
+		tmp = nc->excluded;
+		do {
+			result =
+			    asn1_write_value(c2, "excludedSubtrees", "NEW", 1);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				ret = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			result =
+			    asn1_write_value(c2,
+					     "excludedSubtrees.?LAST.maximum",
+					     NULL, 0);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				ret = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			result =
+			    asn1_write_value(c2,
+					     "excludedSubtrees.?LAST.minimum",
+					     &null, 1);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				ret = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			ret =
+			    _gnutls_write_general_name(c2,
+						       "excludedSubtrees.?LAST.base",
+						       tmp->type,
+						       tmp->name.data,
+						       tmp->name.size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			tmp = tmp->next;
+		} while (tmp != NULL);
+
+	}
+
+	ret = _gnutls_x509_der_encode(c2, "", ext, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+ cleanup:
+	asn1_delete_structure(&c2);
+	return ret;
+}
+
+/**
+ * gnutls_x509_ext_import_subject_key_id:
+ * @ext: a DER encoded extension
+ * @id: will contain the subject key ID
+ *
+ * This function will return the subject key ID stored in the provided
+ * SubjectKeyIdentifier extension. The ID will be allocated using
+ * gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the extension is not present, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_import_subject_key_id(const gnutls_datum_t * ext,
+				       gnutls_datum_t * id)
+{
+	int result, ret;
+	asn1_node c2 = NULL;
+
+	if (ext->size == 0 || ext->data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	result = asn1_create_element
+	    (_gnutls_get_pkix(), "PKIX1.SubjectKeyIdentifier", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&c2, ext->data, ext->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_read_value(c2, "", id);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	asn1_delete_structure(&c2);
+
+	return ret;
+
+}
+
+/**
+ * gnutls_x509_ext_export_subject_key_id:
+ * @id: The key identifier
+ * @ext: The DER-encoded extension data; must be freed using gnutls_free().
+ *
+ * This function will convert the provided key identifier to a
+ * DER-encoded PKIX SubjectKeyIdentifier extension. 
+ * The output data in @ext will be allocated using
+ * gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_export_subject_key_id(const gnutls_datum_t * id,
+				       gnutls_datum_t * ext)
+{
+	asn1_node c2 = NULL;
+	int ret, result;
+
+	result =
+	    asn1_create_element(_gnutls_get_pkix(),
+				"PKIX1.SubjectKeyIdentifier", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = asn1_write_value(c2, "", id->data, id->size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_der_encode(c2, "", ext, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	asn1_delete_structure(&c2);
+	return ret;
+}
+
+struct gnutls_x509_aki_st {
+	gnutls_datum_t id;
+	struct gnutls_subject_alt_names_st cert_issuer;
+	gnutls_datum_t serial;
+};
+
+/**
+ * gnutls_x509_aki_init:
+ * @aki: The authority key ID type
+ *
+ * This function will initialize an authority key ID.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_aki_init(gnutls_x509_aki_t * aki)
+{
+	*aki = gnutls_calloc(1, sizeof(struct gnutls_x509_aki_st));
+	if (*aki == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_aki_deinit:
+ * @aki: The authority key identifier type
+ *
+ * This function will deinitialize an authority key identifier.
+ *
+ * Since: 3.3.0
+ **/
+void gnutls_x509_aki_deinit(gnutls_x509_aki_t aki)
+{
+	gnutls_free(aki->serial.data);
+	gnutls_free(aki->id.data);
+	subject_alt_names_deinit(&aki->cert_issuer);
+	gnutls_free(aki);
+}
+
+/**
+ * gnutls_x509_aki_get_id:
+ * @aki: The authority key ID
+ * @id: Will hold the identifier
+ *
+ * This function will return the key identifier as stored in
+ * the @aki type. The identifier should be treated as constant.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the index is out of bounds, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_aki_get_id(gnutls_x509_aki_t aki, gnutls_datum_t * id)
+{
+	if (aki->id.size == 0)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	memcpy(id, &aki->id, sizeof(gnutls_datum_t));
+	return 0;
+}
+
+/**
+ * gnutls_x509_aki_set_id:
+ * @aki: The authority key ID
+ * @id: the key identifier
+ *
+ * This function will set the keyIdentifier to be stored in the @aki
+ * type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_aki_set_id(gnutls_x509_aki_t aki, const gnutls_datum_t * id)
+{
+	return _gnutls_set_datum(&aki->id, id->data, id->size);
+}
+
+/**
+ * gnutls_x509_aki_set_cert_issuer:
+ * @aki: The authority key ID
+ * @san_type: the type of the name (of %gnutls_subject_alt_names_t), may be null
+ * @san: The alternative name data
+ * @othername_oid: The object identifier if @san_type is %GNUTLS_SAN_OTHERNAME
+ * @serial: The authorityCertSerialNumber number (may be null)
+ *
+ * This function will set the authorityCertIssuer name and the authorityCertSerialNumber 
+ * to be stored in the @aki type. When storing multiple names, the serial
+ * should be set on the first call, and subsequent calls should use a %NULL serial.
+ *
+ * Since version 3.5.7 the %GNUTLS_SAN_RFC822NAME, %GNUTLS_SAN_DNSNAME, and
+ * %GNUTLS_SAN_OTHERNAME_XMPP are converted to ACE format when necessary.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_aki_set_cert_issuer(gnutls_x509_aki_t aki,
+				    unsigned int san_type,
+				    const gnutls_datum_t *san,
+				    const char *othername_oid,
+				    const gnutls_datum_t *serial)
+{
+	int ret;
+	gnutls_datum_t t_san, t_othername_oid = { NULL, 0 };
+
+	ret = _gnutls_set_datum(&aki->serial, serial->data, serial->size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	aki->cert_issuer.names[aki->cert_issuer.size].type = san_type;
+
+	ret = _gnutls_set_strdatum(&t_san, san->data, san->size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (othername_oid) {
+		t_othername_oid.data = (uint8_t *) gnutls_strdup(othername_oid);
+		if (t_othername_oid.data == NULL) {
+			gnutls_free(t_san.data);
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		}
+		t_othername_oid.size = strlen(othername_oid);
+	}
+
+	ret =
+	    subject_alt_names_set(&aki->cert_issuer.names,
+				  &aki->cert_issuer.size, san_type, &t_san,
+				  (char *)t_othername_oid.data, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_aki_get_cert_issuer:
+ * @aki: The authority key ID
+ * @seq: The index of the name to get
+ * @san_type: Will hold the type of the name (of %gnutls_subject_alt_names_t)
+ * @san: The alternative name data
+ * @othername_oid: The object identifier if @san_type is %GNUTLS_SAN_OTHERNAME
+ * @serial: The authorityCertSerialNumber number
+ *
+ * This function will return a specific authorityCertIssuer name as stored in
+ * the @aki type, as well as the authorityCertSerialNumber. All the returned
+ * values should be treated as constant, and may be set to %NULL when are not required.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the index is out of bounds, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_aki_get_cert_issuer(gnutls_x509_aki_t aki, unsigned int seq,
+				    unsigned int *san_type,
+				    gnutls_datum_t *san,
+				    gnutls_datum_t *othername_oid,
+				    gnutls_datum_t *serial)
+{
+	if (seq >= aki->cert_issuer.size)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (aki->serial.size == 0)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (serial)
+		memcpy(serial, &aki->serial, sizeof(gnutls_datum_t));
+
+	if (san) {
+		memcpy(san, &aki->cert_issuer.names[seq].san,
+		       sizeof(gnutls_datum_t));
+	}
+
+	if (othername_oid != NULL
+	    && aki->cert_issuer.names[seq].type == GNUTLS_SAN_OTHERNAME) {
+		othername_oid->data =
+		    aki->cert_issuer.names[seq].othername_oid.data;
+		othername_oid->size =
+		    aki->cert_issuer.names[seq].othername_oid.size;
+	}
+
+	if (san_type)
+		*san_type = aki->cert_issuer.names[seq].type;
+
+	return 0;
+
+}
+
+/**
+ * gnutls_x509_ext_import_authority_key_id:
+ * @ext: a DER encoded extension
+ * @aki: An initialized authority key identifier type
+ * @flags: should be zero
+ *
+ * This function will return the subject key ID stored in the provided
+ * AuthorityKeyIdentifier extension.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the extension is not present, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_import_authority_key_id(const gnutls_datum_t * ext,
+					 gnutls_x509_aki_t aki,
+					 unsigned int flags)
+{
+	int ret;
+	unsigned i;
+	asn1_node c2 = NULL;
+	gnutls_datum_t san, othername_oid;
+	unsigned type;
+
+	ret = asn1_create_element
+	    (_gnutls_get_pkix(), "PKIX1.AuthorityKeyIdentifier", &c2);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	ret = _asn1_strict_der_decode(&c2, ext->data, ext->size, NULL);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	/* Read authorityCertIssuer */
+	for (i=0;;i++) {
+		san.data = NULL;
+		san.size = 0;
+		othername_oid.data = NULL;
+
+		ret = _gnutls_parse_general_name2(c2, "authorityCertIssuer", i,
+						  &san, &type, 0);
+		if (ret < 0)
+			break;
+
+		if (type == GNUTLS_SAN_OTHERNAME) {
+			ret =
+			    _gnutls_parse_general_name2(c2,
+							"authorityCertIssuer",
+							i,
+							&othername_oid,
+							NULL, 1);
+			if (ret < 0)
+				break;
+		}
+
+		ret = subject_alt_names_set(&aki->cert_issuer.names,
+					    &aki->cert_issuer.size,
+					    type, &san,
+					    (char *)othername_oid.data, 1);
+		if (ret < 0)
+			break;
+	}
+
+	assert(ret < 0);
+	aki->cert_issuer.size = i;
+	if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+	    && ret != GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) {
+		gnutls_assert();
+		gnutls_free(san.data);
+		gnutls_free(othername_oid.data);
+		goto cleanup;
+	}
+
+	/* Read the serial number */
+	ret =
+	    _gnutls_x509_read_value(c2, "authorityCertSerialNumber",
+				    &aki->serial);
+	if (ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+	    && ret != GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Read the key identifier */
+	ret = _gnutls_x509_read_value(c2, "keyIdentifier", &aki->id);
+	if (ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+	    && ret != GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+ cleanup:
+	asn1_delete_structure(&c2);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_ext_export_authority_key_id:
+ * @aki: An initialized authority key identifier
+ * @ext: The DER-encoded extension data; must be freed using gnutls_free().
+ *
+ * This function will convert the provided key identifier to a
+ * DER-encoded PKIX AuthorityKeyIdentifier extension. 
+ * The output data in @ext will be allocated using
+ * gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_export_authority_key_id(gnutls_x509_aki_t aki,
+					 gnutls_datum_t * ext)
+{
+	asn1_node c2 = NULL;
+	unsigned i;
+	int result, ret;
+
+	result =
+	    asn1_create_element(_gnutls_get_pkix(),
+				"PKIX1.AuthorityKeyIdentifier", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (aki->id.data != NULL) {
+		result =
+		    asn1_write_value(c2, "keyIdentifier", aki->id.data,
+				     aki->id.size);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+	} else {
+		(void)asn1_write_value(c2, "keyIdentifier", NULL, 0);
+	}
+
+	if (aki->serial.data != NULL) {
+		result =
+		    asn1_write_value(c2, "authorityCertSerialNumber",
+				     aki->serial.data, aki->serial.size);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+	} else {
+		(void)asn1_write_value(c2, "authorityCertSerialNumber", NULL, 0);
+	}
+
+	if (aki->cert_issuer.size == 0) {
+		(void)asn1_write_value(c2, "authorityCertIssuer", NULL, 0);
+	} else {
+		for (i = 0; i < aki->cert_issuer.size; i++) {
+			ret =
+			    _gnutls_write_new_general_name(c2,
+							   "authorityCertIssuer",
+							   aki->cert_issuer.
+							   names[i].type,
+							   aki->
+							   cert_issuer.names[i].
+							   san.data,
+							   aki->cert_issuer.
+							   names[i].san.size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+		}
+	}
+
+	ret = _gnutls_x509_der_encode(c2, "", ext, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	asn1_delete_structure(&c2);
+	return ret;
+
+}
+
+/**
+ * gnutls_x509_ext_import_key_usage:
+ * @ext: the DER encoded extension data
+ * @key_usage: where the key usage bits will be stored
+ *
+ * This function will return certificate's key usage, by reading the DER
+ * data of the keyUsage X.509 extension (2.5.29.15). The key usage value will ORed
+ * values of the: %GNUTLS_KEY_DIGITAL_SIGNATURE,
+ * %GNUTLS_KEY_NON_REPUDIATION, %GNUTLS_KEY_KEY_ENCIPHERMENT,
+ * %GNUTLS_KEY_DATA_ENCIPHERMENT, %GNUTLS_KEY_KEY_AGREEMENT,
+ * %GNUTLS_KEY_KEY_CERT_SIGN, %GNUTLS_KEY_CRL_SIGN,
+ * %GNUTLS_KEY_ENCIPHER_ONLY, %GNUTLS_KEY_DECIPHER_ONLY.
+ *
+ * Returns: the certificate key usage, or a negative error code in case of
+ *   parsing error.  If the certificate does not contain the keyUsage
+ *   extension %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be
+ *   returned.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_import_key_usage(const gnutls_datum_t * ext,
+				  unsigned int *key_usage)
+{
+	asn1_node c2 = NULL;
+	int len, result;
+	uint8_t str[2];
+
+	str[0] = str[1] = 0;
+	*key_usage = 0;
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.KeyUsage", &c2)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&c2, ext->data, ext->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&c2);
+		return _gnutls_asn2err(result);
+	}
+
+	len = sizeof(str);
+	result = asn1_read_value(c2, "", str, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&c2);
+		return _gnutls_asn2err(result);
+	}
+
+	*key_usage = str[0] | (str[1] << 8);
+
+	asn1_delete_structure(&c2);
+
+	return 0;
+}
+
+static int _last_key_usage_set_bit(int usage)
+{
+/* the byte ordering is a bit strange here, see how GNUTLS_KEY_* is laid out, and how 
+ * asn1_write_value() writes out BIT STRING objects.
+ */
+        if (usage & GNUTLS_KEY_DECIPHER_ONLY)
+                return 9;
+        else if (usage & GNUTLS_KEY_ENCIPHER_ONLY)
+                return 8;
+        else if (usage & GNUTLS_KEY_CRL_SIGN)
+                return 7;
+        else if (usage & GNUTLS_KEY_KEY_CERT_SIGN)
+                return 6;
+        else if (usage & GNUTLS_KEY_KEY_AGREEMENT)
+                return 5;
+        else if (usage & GNUTLS_KEY_DATA_ENCIPHERMENT)
+                return 4;
+        else if (usage & GNUTLS_KEY_KEY_ENCIPHERMENT)
+                return 3;
+        else if (usage & GNUTLS_KEY_NON_REPUDIATION)
+                return 2;
+        else if (usage & GNUTLS_KEY_DIGITAL_SIGNATURE)
+                return 1;
+        else
+                return 0;
+}
+
+/**
+ * gnutls_x509_ext_export_key_usage:
+ * @usage: an ORed sequence of the GNUTLS_KEY_* elements.
+ * @ext: The DER-encoded extension data; must be freed using gnutls_free().
+ *
+ * This function will convert the keyUsage bit string to a DER
+ * encoded PKIX extension. The @ext data will be allocated using
+ * gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_export_key_usage(unsigned int usage, gnutls_datum_t * ext)
+{
+	asn1_node c2 = NULL;
+	int result;
+	uint8_t str[2];
+
+	result = asn1_create_element(_gnutls_get_pkix(), "PKIX1.KeyUsage", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	str[0] = usage & 0xff;
+	str[1] = usage >> 8;
+
+	/* Since KeyUsage is a BIT STRING, the input to asn1_write_value
+	 * is the number of bits to be written/read. */
+	result = asn1_write_value(c2, "", str, _last_key_usage_set_bit(usage));
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		asn1_delete_structure(&c2);
+		return _gnutls_asn2err(result);
+	}
+
+	result = _gnutls_x509_der_encode(c2, "", ext, 0);
+
+	asn1_delete_structure(&c2);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_ext_import_inhibit_anypolicy:
+ * @ext: the DER encoded extension data
+ * @skipcerts: will hold the number of certificates after which anypolicy is no longer acceptable.
+ *
+ * This function will return certificate's value of SkipCerts,
+ * by reading the DER data of the Inhibit anyPolicy X.509 extension (2.5.29.54).
+ *
+ * The @skipcerts value is the number of additional certificates that
+ * may appear in the path before the anyPolicy (%GNUTLS_X509_OID_POLICY_ANY)
+ * is no longer acceptable.
+ *
+ * Returns: zero, or a negative error code in case of
+ *   parsing error.  If the certificate does not contain the Inhibit anyPolicy
+ *   extension %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be
+ *   returned.
+ *
+ * Since: 3.6.0
+ **/
+int gnutls_x509_ext_import_inhibit_anypolicy(const gnutls_datum_t * ext,
+				  unsigned int *skipcerts)
+{
+	int ret;
+
+	ret = _gnutls_x509_read_der_uint(ext->data, ext->size, skipcerts);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_ext_export_inhibit_anypolicy:
+ * @skipcerts: number of certificates after which anypolicy is no longer acceptable.
+ * @ext: The DER-encoded extension data; must be freed using gnutls_free().
+ *
+ * This function will convert the @skipcerts value to a DER
+ * encoded Inhibit AnyPolicy PKIX extension. The @ext data will be allocated using
+ * gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.0
+ **/
+int gnutls_x509_ext_export_inhibit_anypolicy(unsigned int skipcerts, gnutls_datum_t * ext)
+{
+	asn1_node c2 = NULL;
+	int result, ret;
+
+	result = asn1_create_element(_gnutls_get_gnutls_asn(), "GNUTLS.DSAPublicKey", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	ret = _gnutls_x509_write_uint32(c2, "", skipcerts);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_der_encode(c2, "", ext, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+ cleanup:
+	asn1_delete_structure(&c2);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_ext_import_private_key_usage_period:
+ * @ext: the DER encoded extension data
+ * @activation: Will hold the activation time
+ * @expiration: Will hold the expiration time
+ *
+ * This function will return the expiration and activation
+ * times of the private key as written in the
+ * PKIX extension 2.5.29.16.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_import_private_key_usage_period(const gnutls_datum_t * ext,
+						 time_t * activation,
+						 time_t * expiration)
+{
+	int result, ret;
+	asn1_node c2 = NULL;
+
+	result = asn1_create_element
+	    (_gnutls_get_pkix(), "PKIX1.PrivateKeyUsagePeriod", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = _asn1_strict_der_decode(&c2, ext->data, ext->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (activation)
+		*activation = _gnutls_x509_get_time(c2, "notBefore", 1);
+
+	if (expiration)
+		*expiration = _gnutls_x509_get_time(c2, "notAfter", 1);
+
+	ret = 0;
+
+ cleanup:
+	asn1_delete_structure(&c2);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_ext_export_private_key_usage_period:
+ * @activation: The activation time
+ * @expiration: The expiration time
+ * @ext: The DER-encoded extension data; must be freed using gnutls_free().
+ *
+ * This function will convert the periods provided to a private key
+ * usage DER encoded extension (2.5.29.16).
+ (
+ * The @ext data will be allocated using
+ * gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_export_private_key_usage_period(time_t activation,
+						 time_t expiration,
+						 gnutls_datum_t * ext)
+{
+	int result;
+	asn1_node c2 = NULL;
+
+	result =
+	    asn1_create_element(_gnutls_get_pkix(),
+				"PKIX1.PrivateKeyUsagePeriod", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _gnutls_x509_set_time(c2, "notBefore", activation, 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_set_time(c2, "notAfter", expiration, 1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_der_encode(c2, "", ext, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+ cleanup:
+	asn1_delete_structure(&c2);
+
+	return result;
+
+}
+
+/**
+ * gnutls_x509_ext_import_basic_constraints:
+ * @ext: the DER encoded extension data
+ * @ca: will be non zero if the CA status is true
+ * @pathlen: the path length constraint; will be set to -1 for no limit
+ *
+ * This function will return the CA status and path length constraint
+ * as written in the PKIX extension 2.5.29.19.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_import_basic_constraints(const gnutls_datum_t * ext,
+					  unsigned int *ca, int *pathlen)
+{
+	asn1_node c2 = NULL;
+	char str[128]="";
+	int len, result;
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.BasicConstraints",
+	      &c2)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&c2, ext->data, ext->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (pathlen) {
+		result = _gnutls_x509_read_uint(c2, "pathLenConstraint",
+						(unsigned int *)
+						pathlen);
+		if (result == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND)
+			*pathlen = -1;
+		else if (result != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+	}
+
+	/* the default value of cA is false.
+	 */
+	len = sizeof(str) - 1;
+	result = asn1_read_value(c2, "cA", str, &len);
+	if (result == ASN1_SUCCESS && strcmp(str, "TRUE") == 0)
+		*ca = 1;
+	else
+		*ca = 0;
+
+	result = 0;
+ cleanup:
+	asn1_delete_structure(&c2);
+
+	return result;
+
+}
+
+/**
+ * gnutls_x509_ext_export_basic_constraints:
+ * @ca: non-zero for a CA
+ * @pathlen: The path length constraint (set to -1 for no constraint)
+ * @ext: The DER-encoded extension data; must be freed using gnutls_free().
+ *
+ * This function will convert the parameters provided to a basic constraints
+ * DER encoded extension (2.5.29.19).
+ (
+ * The @ext data will be allocated using
+ * gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_export_basic_constraints(unsigned int ca, int pathlen,
+					  gnutls_datum_t * ext)
+{
+	asn1_node c2 = NULL;
+	const char *str;
+	int result;
+
+	if (ca == 0)
+		str = "FALSE";
+	else
+		str = "TRUE";
+
+	result =
+	    asn1_create_element(_gnutls_get_pkix(),
+				"PKIX1.BasicConstraints", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = asn1_write_value(c2, "cA", str, 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (pathlen < 0) {
+		result = asn1_write_value(c2, "pathLenConstraint", NULL, 0);
+		if (result < 0)
+			result = _gnutls_asn2err(result);
+	} else
+		result =
+		    _gnutls_x509_write_uint32(c2, "pathLenConstraint", pathlen);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_der_encode(c2, "", ext, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+ cleanup:
+	asn1_delete_structure(&c2);
+	return result;
+
+}
+
+/**
+ * gnutls_x509_ext_import_proxy:
+ * @ext: the DER encoded extension data
+ * @pathlen: pointer to output integer indicating path length (may be
+ *   NULL), non-negative error codes indicate a present pCPathLenConstraint
+ *   field and the actual value, -1 indicate that the field is absent.
+ * @policyLanguage: output variable with OID of policy language
+ * @policy: output variable with policy data
+ * @sizeof_policy: output variable with size of policy data
+ *
+ * This function will return the information from a proxy certificate
+ * extension. It reads the ProxyCertInfo X.509 extension (1.3.6.1.5.5.7.1.14).
+ * The @policyLanguage and @policy values must be deinitialized using gnutls_free() after use.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_import_proxy(const gnutls_datum_t *ext, int *pathlen,
+			         char **policyLanguage, char **policy,
+			         size_t *sizeof_policy)
+{
+	asn1_node c2 = NULL;
+	int result;
+	gnutls_datum_t value1 = { NULL, 0 };
+	gnutls_datum_t value2 = { NULL, 0 };
+
+	if ((result = asn1_create_element
+	     (_gnutls_get_pkix(), "PKIX1.ProxyCertInfo",
+	      &c2)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&c2, ext->data, ext->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (pathlen) {
+		result = _gnutls_x509_read_uint(c2, "pCPathLenConstraint",
+						(unsigned int *)
+						pathlen);
+		if (result == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND)
+			*pathlen = -1;
+		else if (result != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+	}
+
+	result = _gnutls_x509_read_value(c2, "proxyPolicy.policyLanguage",
+					 &value1);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_read_value(c2, "proxyPolicy.policy", &value2);
+	if (result == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) {
+		if (policy)
+			*policy = NULL;
+		if (sizeof_policy)
+			*sizeof_policy = 0;
+	} else if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	} else {
+		if (policy) {
+			*policy = (char *)value2.data;
+			value2.data = NULL;
+		}
+		if (sizeof_policy)
+			*sizeof_policy = value2.size;
+	}
+
+	if (policyLanguage) {
+		*policyLanguage = (char *)value1.data;
+		value1.data = NULL;
+	}
+
+	result = 0;
+ cleanup:
+	gnutls_free(value1.data);
+	gnutls_free(value2.data);
+	asn1_delete_structure(&c2);
+
+	return result;
+}
+
+/**
+ * gnutls_x509_ext_export_proxy:
+ * @pathLenConstraint: A negative value will remove the path length constraint,
+ *   while non-negative values will be set as the length of the pathLenConstraints field.
+ * @policyLanguage: OID describing the language of @policy.
+ * @policy: uint8_t byte array with policy language, can be %NULL
+ * @sizeof_policy: size of @policy.
+ * @ext: The DER-encoded extension data; must be freed using gnutls_free().
+ *
+ * This function will convert the parameters provided to a proxyCertInfo extension.
+ *
+ * The @ext data will be allocated using gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_export_proxy(int pathLenConstraint, const char *policyLanguage,
+			      const char *policy, size_t sizeof_policy,
+			      gnutls_datum_t * ext)
+{
+	asn1_node c2 = NULL;
+	int result;
+
+	result = asn1_create_element(_gnutls_get_pkix(),
+				     "PKIX1.ProxyCertInfo", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (pathLenConstraint < 0) {
+		result = asn1_write_value(c2, "pCPathLenConstraint", NULL, 0);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+	} else {
+		result =
+		    _gnutls_x509_write_uint32(c2, "pCPathLenConstraint",
+					      pathLenConstraint);
+
+		if (result < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	result = asn1_write_value(c2, "proxyPolicy.policyLanguage",
+				  policyLanguage, 1);
+	if (result < 0) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = asn1_write_value(c2, "proxyPolicy.policy",
+				  policy, sizeof_policy);
+	if (result < 0) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_der_encode(c2, "", ext, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+ cleanup:
+	asn1_delete_structure(&c2);
+	return result;
+
+}
+
+static int decode_user_notice(const void *data, size_t size,
+			      gnutls_datum_t * txt)
+{
+	asn1_node c2 = NULL;
+	int ret, len;
+	char choice_type[64];
+	char name[128];
+	gnutls_datum_t td = {NULL,0}, utd;
+
+	ret = asn1_create_element(_gnutls_get_pkix(), "PKIX1.UserNotice", &c2);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = GNUTLS_E_PARSING_ERROR;
+		goto cleanup;
+	}
+
+	ret = _asn1_strict_der_decode(&c2, data, size, NULL);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = GNUTLS_E_PARSING_ERROR;
+		goto cleanup;
+	}
+
+	len = sizeof(choice_type);
+	ret = asn1_read_value(c2, "explicitText", choice_type, &len);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = GNUTLS_E_PARSING_ERROR;
+		goto cleanup;
+	}
+
+	if (strcmp(choice_type, "utf8String") != 0
+	    && strcmp(choice_type, "ia5String") != 0
+	    && strcmp(choice_type, "bmpString") != 0
+	    && strcmp(choice_type, "visibleString") != 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_PARSING_ERROR;
+		goto cleanup;
+	}
+
+	snprintf(name, sizeof(name), "explicitText.%s", choice_type);
+
+	ret = _gnutls_x509_read_value(c2, name, &td);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	if (strcmp(choice_type, "bmpString") == 0) {	/* convert to UTF-8 */
+		ret = _gnutls_ucs2_to_utf8(td.data, td.size, &utd, 1);
+		_gnutls_free_datum(&td);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		td.data = utd.data;
+		td.size = utd.size;
+	} else {
+		/* _gnutls_x509_read_value allows that */
+		td.data[td.size] = 0;
+	}
+
+	txt->data = (void *)td.data;
+	txt->size = td.size;
+	ret = 0;
+
+ cleanup:
+	asn1_delete_structure(&c2);
+	return ret;
+
+}
+
+struct gnutls_x509_policies_st {
+	struct gnutls_x509_policy_st policy[MAX_ENTRIES];
+	unsigned int size;
+};
+
+/**
+ * gnutls_x509_policies_init:
+ * @policies: The authority key ID
+ *
+ * This function will initialize an authority key ID type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_policies_init(gnutls_x509_policies_t * policies)
+{
+	*policies = gnutls_calloc(1, sizeof(struct gnutls_x509_policies_st));
+	if (*policies == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_policies_deinit:
+ * @policies: The authority key identifier
+ *
+ * This function will deinitialize an authority key identifier type.
+ *
+ * Since: 3.3.0
+ **/
+void gnutls_x509_policies_deinit(gnutls_x509_policies_t policies)
+{
+	unsigned i;
+
+	for (i = 0; i < policies->size; i++) {
+		gnutls_x509_policy_release(&policies->policy[i]);
+	}
+	gnutls_free(policies);
+}
+
+/**
+ * gnutls_x509_policies_get:
+ * @policies: The policies
+ * @seq: The index of the name to get
+ * @policy: Will hold the policy
+ *
+ * This function will return a specific policy as stored in
+ * the @policies type. The returned values should be treated as constant
+ * and valid for the lifetime of @policies.
+ *
+ * The any policy OID is available as the %GNUTLS_X509_OID_POLICY_ANY macro.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the index is out of bounds, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_policies_get(gnutls_x509_policies_t policies,
+			     unsigned int seq,
+			     struct gnutls_x509_policy_st *policy)
+{
+	if (seq >= policies->size)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (policy) {
+		memcpy(policy, &policies->policy[seq],
+		       sizeof(struct gnutls_x509_policy_st));
+	}
+
+	return 0;
+}
+
+void _gnutls_x509_policies_erase(gnutls_x509_policies_t policies,
+				 unsigned int seq)
+{
+	if (seq >= policies->size)
+		return;
+
+	memset(&policies->policy[seq], 0, sizeof(struct gnutls_x509_policy_st));
+}
+
+/**
+ * gnutls_x509_policies_set:
+ * @policies: An initialized policies
+ * @seq: The index of the name to get
+ * @policy: Contains the policy to set
+ *
+ * This function will store the specified policy in
+ * the provided @policies.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0), otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_policies_set(gnutls_x509_policies_t policies,
+			     const struct gnutls_x509_policy_st *policy)
+{
+	unsigned i;
+
+	if (policies->size + 1 > MAX_ENTRIES)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	policies->policy[policies->size].oid = gnutls_strdup(policy->oid);
+	if (policies->policy[policies->size].oid == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	for (i = 0; i < policy->qualifiers; i++) {
+		policies->policy[policies->size].qualifier[i].type =
+		    policy->qualifier[i].type;
+		policies->policy[policies->size].qualifier[i].size =
+		    policy->qualifier[i].size;
+		policies->policy[policies->size].qualifier[i].data =
+		    gnutls_malloc(policy->qualifier[i].size + 1);
+		if (policies->policy[policies->size].qualifier[i].data == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		memcpy(policies->policy[policies->size].qualifier[i].data,
+		       policy->qualifier[i].data, policy->qualifier[i].size);
+		policies->policy[policies->size].qualifier[i].data[policy->
+								   qualifier[i].
+								   size] = 0;
+	}
+
+	policies->policy[policies->size].qualifiers = policy->qualifiers;
+	policies->size++;
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_ext_import_policies:
+ * @ext: the DER encoded extension data
+ * @policies: A pointer to an initialized policies.
+ * @flags: should be zero
+ *
+ * This function will extract the certificate policy extension (2.5.29.32) 
+ * and store it the provided policies.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_import_policies(const gnutls_datum_t * ext,
+				 gnutls_x509_policies_t policies,
+				 unsigned int flags)
+{
+	asn1_node c2 = NULL;
+	char tmpstr[128];
+	char tmpoid[MAX_OID_SIZE];
+	gnutls_datum_t tmpd = { NULL, 0 };
+	int ret, len;
+	unsigned i, j, current = 0;
+
+	ret = asn1_create_element
+	    (_gnutls_get_pkix(), "PKIX1.certificatePolicies", &c2);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	ret = _asn1_strict_der_decode(&c2, ext->data, ext->size, NULL);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	for (j = 0;; j++) {
+		if (j >= MAX_ENTRIES)
+			break;
+
+		memset(&policies->policy[j], 0,
+		       sizeof(struct gnutls_x509_policy_st));
+
+		/* create a string like "?1"
+		 */
+		snprintf(tmpstr, sizeof(tmpstr), "?%u.policyIdentifier", j + 1);
+		current = j+1;
+
+		ret = _gnutls_x509_read_value(c2, tmpstr, &tmpd);
+		if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND)
+			break;
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto full_cleanup;
+		}
+
+		policies->policy[j].oid = (void *)tmpd.data;
+		tmpd.data = NULL;
+
+		for (i = 0; i < GNUTLS_MAX_QUALIFIERS; i++) {
+			gnutls_datum_t td;
+
+			snprintf(tmpstr, sizeof(tmpstr),
+				 "?%u.policyQualifiers.?%u.policyQualifierId",
+				 j + 1, i + 1);
+
+			len = sizeof(tmpoid);
+			ret = asn1_read_value(c2, tmpstr, tmpoid, &len);
+
+			if (ret == ASN1_ELEMENT_NOT_FOUND)
+				break;	/* finished */
+
+			if (ret != ASN1_SUCCESS) {
+				gnutls_assert();
+				ret = _gnutls_asn2err(ret);
+				goto full_cleanup;
+			}
+
+			if (strcmp(tmpoid, "1.3.6.1.5.5.7.2.1") == 0) {
+				snprintf(tmpstr, sizeof(tmpstr),
+					 "?%u.policyQualifiers.?%u.qualifier",
+					 j + 1, i + 1);
+
+				ret =
+				    _gnutls_x509_read_string(c2, tmpstr, &td,
+							     ASN1_ETYPE_IA5_STRING, 0);
+				if (ret < 0) {
+					gnutls_assert();
+					goto full_cleanup;
+				}
+
+				policies->policy[j].qualifier[i].data =
+				    (void *)td.data;
+				policies->policy[j].qualifier[i].size = td.size;
+				td.data = NULL;
+				policies->policy[j].qualifier[i].type =
+				    GNUTLS_X509_QUALIFIER_URI;
+			} else if (strcmp(tmpoid, "1.3.6.1.5.5.7.2.2") == 0) {
+				gnutls_datum_t txt = {NULL, 0};
+
+				snprintf(tmpstr, sizeof(tmpstr),
+					 "?%u.policyQualifiers.?%u.qualifier",
+					 j + 1, i + 1);
+
+				ret = _gnutls_x509_read_value(c2, tmpstr, &td);
+				if (ret < 0) {
+					gnutls_assert();
+					goto full_cleanup;
+				}
+
+				ret =
+				    decode_user_notice(td.data, td.size, &txt);
+				gnutls_free(td.data);
+
+				if (ret < 0) {
+					gnutls_assert();
+					goto full_cleanup;
+				}
+
+				policies->policy[j].qualifier[i].data =
+				    (void *)txt.data;
+				policies->policy[j].qualifier[i].size =
+				    txt.size;
+				policies->policy[j].qualifier[i].type =
+				    GNUTLS_X509_QUALIFIER_NOTICE;
+			} else
+				policies->policy[j].qualifier[i].type =
+				    GNUTLS_X509_QUALIFIER_UNKNOWN;
+
+			policies->policy[j].qualifiers++;
+		}
+
+	}
+
+	policies->size = j;
+
+	ret = 0;
+	goto cleanup;
+
+ full_cleanup:
+	for (j = 0; j < current; j++)
+		gnutls_x509_policy_release(&policies->policy[j]);
+
+ cleanup:
+	_gnutls_free_datum(&tmpd);
+	asn1_delete_structure(&c2);
+	return ret;
+
+}
+
+static int encode_user_notice(const gnutls_datum_t * txt,
+			      gnutls_datum_t * der_data)
+{
+	int result;
+	asn1_node c2 = NULL;
+
+	if ((result =
+	     asn1_create_element(_gnutls_get_pkix(),
+				 "PKIX1.UserNotice", &c2)) != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	/* delete noticeRef */
+	result = asn1_write_value(c2, "noticeRef", NULL, 0);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result = asn1_write_value(c2, "explicitText", "utf8String", 1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result =
+	    asn1_write_value(c2, "explicitText.utf8String", txt->data,
+			     txt->size);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto error;
+	}
+
+	result = _gnutls_x509_der_encode(c2, "", der_data, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto error;
+	}
+
+	result = 0;
+
+ error:
+	asn1_delete_structure(&c2);
+	return result;
+
+}
+
+/**
+ * gnutls_x509_ext_export_policies:
+ * @policies: A pointer to an initialized policies.
+ * @ext: The DER-encoded extension data; must be freed using gnutls_free().
+ *
+ * This function will convert the provided policies, to a certificate policy
+ * DER encoded extension (2.5.29.32).
+ *
+ * The @ext data will be allocated using gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_export_policies(gnutls_x509_policies_t policies,
+				 gnutls_datum_t * ext)
+{
+	int result;
+	unsigned i, j;
+	gnutls_datum_t der_data = {NULL, 0}, tmpd;
+	asn1_node c2 = NULL;
+	const char *oid;
+
+	result =
+	    asn1_create_element(_gnutls_get_pkix(),
+				"PKIX1.certificatePolicies", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	for (j = 0; j < policies->size; j++) {
+		/* 1. write a new policy */
+		result = asn1_write_value(c2, "", "NEW", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		/* 2. Add the OID.
+		 */
+		result =
+		    asn1_write_value(c2, "?LAST.policyIdentifier",
+				     policies->policy[j].oid, 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			result = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+                if (policies->policy[j].qualifiers == 0) {
+                        /* remove the optional policyQualifiers if none are present. */
+                        result = asn1_write_value(c2, "?LAST.policyQualifiers", NULL, 0); 
+                        if (result != ASN1_SUCCESS) {
+                                gnutls_assert();
+                                result = _gnutls_asn2err(result);
+                                goto cleanup;
+                        }
+                }
+
+		for (i = 0;
+		     i < MIN(policies->policy[j].qualifiers,
+			     GNUTLS_MAX_QUALIFIERS); i++) {
+			result =
+			    asn1_write_value(c2, "?LAST.policyQualifiers",
+					     "NEW", 1);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				result = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			if (policies->policy[j].qualifier[i].type ==
+			    GNUTLS_X509_QUALIFIER_URI)
+				oid = "1.3.6.1.5.5.7.2.1";
+			else if (policies->policy[j].qualifier[i].type ==
+				 GNUTLS_X509_QUALIFIER_NOTICE)
+				oid = "1.3.6.1.5.5.7.2.2";
+			else {
+				result =
+				    gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+				goto cleanup;
+			}
+
+			result =
+			    asn1_write_value(c2,
+					     "?LAST.policyQualifiers.?LAST.policyQualifierId",
+					     oid, 1);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				result = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			if (policies->policy[j].qualifier[i].type ==
+			    GNUTLS_X509_QUALIFIER_URI) {
+				tmpd.data =
+				    (void *)policies->policy[j].qualifier[i].
+				    data;
+				tmpd.size =
+				    policies->policy[j].qualifier[i].size;
+				result =
+				    _gnutls_x509_write_string(c2,
+							      "?LAST.policyQualifiers.?LAST.qualifier",
+							      &tmpd,
+							      ASN1_ETYPE_IA5_STRING);
+				if (result < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+			} else if (policies->policy[j].qualifier[i].type ==
+				   GNUTLS_X509_QUALIFIER_NOTICE) {
+				tmpd.data =
+				    (void *)policies->policy[j].qualifier[i].
+				    data;
+				tmpd.size =
+				    policies->policy[j].qualifier[i].size;
+
+				if (tmpd.size > 200) {
+					gnutls_assert();
+					result = GNUTLS_E_INVALID_REQUEST;
+					goto cleanup;
+				}
+
+				result = encode_user_notice(&tmpd, &der_data);
+				if (result < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+
+				result =
+				    _gnutls_x509_write_value(c2,
+							     "?LAST.policyQualifiers.?LAST.qualifier",
+							     &der_data);
+				_gnutls_free_datum(&der_data);
+				if (result < 0) {
+					gnutls_assert();
+					goto cleanup;
+				}
+			}
+		}
+	}
+
+	result = _gnutls_x509_der_encode(c2, "", ext, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+ cleanup:
+	asn1_delete_structure(&c2);
+
+	return result;
+}
+
+struct crl_dist_point_st {
+	unsigned int type;
+	gnutls_datum_t san;
+	unsigned int reasons;
+};
+
+struct gnutls_x509_crl_dist_points_st {
+	struct crl_dist_point_st *points;
+	unsigned int size;
+};
+
+/**
+ * gnutls_x509_crl_dist_points_init:
+ * @cdp: The CRL distribution points
+ *
+ * This function will initialize a CRL distribution points type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_crl_dist_points_init(gnutls_x509_crl_dist_points_t * cdp)
+{
+	*cdp = gnutls_calloc(1, sizeof(struct gnutls_x509_crl_dist_points_st));
+	if (*cdp == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crl_dist_points_deinit:
+ * @cdp: The CRL distribution points
+ *
+ * This function will deinitialize a CRL distribution points type.
+ *
+ * Since: 3.3.0
+ **/
+void gnutls_x509_crl_dist_points_deinit(gnutls_x509_crl_dist_points_t cdp)
+{
+	unsigned i;
+
+	for (i = 0; i < cdp->size; i++) {
+		gnutls_free(cdp->points[i].san.data);
+	}
+	gnutls_free(cdp->points);
+	gnutls_free(cdp);
+}
+
+/**
+ * gnutls_x509_crl_dist_points_get:
+ * @cdp: The CRL distribution points
+ * @seq: specifies the sequence number of the distribution point (0 for the first one, 1 for the second etc.)
+ * @type: The name type of the corresponding name (gnutls_x509_subject_alt_name_t)
+ * @san: The distribution point names (to be treated as constant)
+ * @reasons: Revocation reasons. An ORed sequence of flags from %gnutls_x509_crl_reason_flags_t.
+ *
+ * This function retrieves the individual CRL distribution points (2.5.29.31),
+ * contained in provided type. 
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the index is out of bounds, otherwise a negative error value.
+ **/
+
+int gnutls_x509_crl_dist_points_get(gnutls_x509_crl_dist_points_t cdp,
+				    unsigned int seq, unsigned int *type,
+				    gnutls_datum_t * san, unsigned int *reasons)
+{
+	if (seq >= cdp->size)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (reasons)
+		*reasons = cdp->points[seq].reasons;
+
+	if (type)
+		*type = cdp->points[seq].type;
+
+	if (san) {
+		san->data = cdp->points[seq].san.data;
+		san->size = cdp->points[seq].san.size;
+	}
+
+	return 0;
+}
+
+static
+int crl_dist_points_set(gnutls_x509_crl_dist_points_t cdp,
+			gnutls_x509_subject_alt_name_t type,
+			const gnutls_datum_t * san, unsigned int reasons)
+{
+	void *tmp;
+
+	if (unlikely(INT_ADD_OVERFLOW(cdp->size, 1))) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	/* new dist point */
+	tmp = _gnutls_reallocarray(cdp->points, cdp->size + 1,
+				   sizeof(cdp->points[0]));
+	if (tmp == NULL) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+	cdp->points = tmp;
+
+	cdp->points[cdp->size].type = type;
+	cdp->points[cdp->size].san.data = san->data;
+	cdp->points[cdp->size].san.size = san->size;
+	cdp->points[cdp->size].reasons = reasons;
+
+	cdp->size++;
+	return 0;
+
+}
+
+/**
+ * gnutls_x509_crl_dist_points_set:
+ * @cdp: The CRL distribution points
+ * @type: The type of the name (of %gnutls_subject_alt_names_t)
+ * @san: The point name data
+ * @reasons: Revocation reasons. An ORed sequence of flags from %gnutls_x509_crl_reason_flags_t.
+ *
+ * This function will store the specified CRL distribution point value
+ * the @cdp type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0), otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_crl_dist_points_set(gnutls_x509_crl_dist_points_t cdp,
+				    gnutls_x509_subject_alt_name_t type,
+				    const gnutls_datum_t * san,
+				    unsigned int reasons)
+{
+	int ret;
+	gnutls_datum_t t_san;
+
+	ret = _gnutls_set_datum(&t_san, san->data, san->size);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	ret = crl_dist_points_set(cdp, type, &t_san, reasons);
+	if (ret < 0) {
+		gnutls_free(t_san.data);
+		return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_ext_import_crl_dist_points:
+ * @ext: the DER encoded extension data
+ * @cdp: A pointer to an initialized CRL distribution points.
+ * @flags: should be zero
+ *
+ * This function will extract the CRL distribution points extension (2.5.29.31) 
+ * and store it into the provided type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_import_crl_dist_points(const gnutls_datum_t * ext,
+					gnutls_x509_crl_dist_points_t cdp,
+					unsigned int flags)
+{
+	int result;
+	asn1_node c2 = NULL;
+	char name[MAX_NAME_SIZE];
+	int len, ret;
+	uint8_t reasons[2];
+	unsigned i, type, rflags, j;
+	gnutls_datum_t san = {NULL, 0};
+
+	result = asn1_create_element
+	    (_gnutls_get_pkix(), "PKIX1.CRLDistributionPoints", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&c2, ext->data, ext->size, NULL);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	/* Return the different names from the first CRLDistr. point.
+	 * The whole thing is a mess.
+	 */
+
+	i = 0;
+	do {
+		snprintf(name, sizeof(name), "?%u.reasons", (unsigned)i + 1);
+
+		len = sizeof(reasons);
+		result = asn1_read_value(c2, name, reasons, &len);
+
+		if (result != ASN1_VALUE_NOT_FOUND &&
+		    result != ASN1_ELEMENT_NOT_FOUND &&
+		    result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			break;
+		}
+
+		if (result == ASN1_VALUE_NOT_FOUND
+		    || result == ASN1_ELEMENT_NOT_FOUND)
+			rflags = 0;
+		else
+			rflags = reasons[0] | (reasons[1] << 8);
+
+		snprintf(name, sizeof(name),
+			 "?%u.distributionPoint.fullName", (unsigned)i + 1);
+
+		for (j=0;;j++) {
+			san.data = NULL;
+			san.size = 0;
+
+			ret =
+			    _gnutls_parse_general_name2(c2, name, j, &san,
+							&type, 0);
+			if (j > 0
+			    && ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+				ret = 0;
+				break;
+			}
+			if (ret < 0)
+				break;
+
+			ret = crl_dist_points_set(cdp, type, &san, rflags);
+			if (ret < 0)
+				break;
+			san.data = NULL; /* it is now in cdp */
+		}
+
+		i++;
+	} while (ret >= 0);
+
+	if (ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		gnutls_assert();
+		gnutls_free(san.data);
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	asn1_delete_structure(&c2);
+	return ret;
+}
+
+/**
+ * gnutls_x509_ext_export_crl_dist_points:
+ * @cdp: A pointer to an initialized CRL distribution points.
+ * @ext: The DER-encoded extension data; must be freed using gnutls_free().
+ *
+ * This function will convert the provided policies, to a certificate policy
+ * DER encoded extension (2.5.29.31).
+ *
+ * The @ext data will be allocated using gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_export_crl_dist_points(gnutls_x509_crl_dist_points_t cdp,
+					gnutls_datum_t * ext)
+{
+	asn1_node c2 = NULL;
+	int result;
+	uint8_t reasons[2];
+	unsigned i;
+
+	result =
+	    asn1_create_element(_gnutls_get_pkix(),
+				"PKIX1.CRLDistributionPoints", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		result = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	for (i = 0; i < cdp->size; i++) {
+
+		if (i == 0
+		    || cdp->points[i].reasons != cdp->points[i - 1].reasons) {
+			result = asn1_write_value(c2, "", "NEW", 1);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				result = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			if (cdp->points[i].reasons) {
+				reasons[0] = cdp->points[i].reasons & 0xff;
+				reasons[1] = cdp->points[i].reasons >> 8;
+
+				result =
+				    asn1_write_value(c2, "?LAST.reasons",
+						     reasons, 2);
+			} else {
+				result =
+				    asn1_write_value(c2, "?LAST.reasons", NULL,
+						     0);
+			}
+
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				result = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+
+			result =
+			    asn1_write_value(c2, "?LAST.cRLIssuer", NULL, 0);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				result = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+			/* When used as type CHOICE.
+			 */
+			result =
+			    asn1_write_value(c2, "?LAST.distributionPoint",
+					     "fullName", 1);
+			if (result != ASN1_SUCCESS) {
+				gnutls_assert();
+				result = _gnutls_asn2err(result);
+				goto cleanup;
+			}
+		}
+
+		result =
+		    _gnutls_write_new_general_name(c2,
+						   "?LAST.distributionPoint.fullName",
+						   cdp->points[i].type,
+						   cdp->points[i].san.data,
+						   cdp->points[i].san.size);
+		if (result < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	result = _gnutls_x509_der_encode(c2, "", ext, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = 0;
+
+ cleanup:
+	asn1_delete_structure(&c2);
+
+	return result;
+
+}
+
+struct gnutls_x509_aia_st {
+	struct {
+		gnutls_datum_t oid;
+		unsigned int san_type;
+		gnutls_datum_t san;
+	} *aia;
+	unsigned int size;
+};
+
+/**
+ * gnutls_x509_aia_init:
+ * @aia: The authority info access
+ *
+ * This function will initialize an authority info access type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_aia_init(gnutls_x509_aia_t * aia)
+{
+	*aia = gnutls_calloc(1, sizeof(struct gnutls_x509_aia_st));
+	if (*aia == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_aia_deinit:
+ * @aia: The authority info access
+ *
+ * This function will deinitialize an authority info access type.
+ *
+ * Since: 3.3.0
+ **/
+void gnutls_x509_aia_deinit(gnutls_x509_aia_t aia)
+{
+	unsigned i;
+
+	for (i = 0; i < aia->size; i++) {
+		gnutls_free(aia->aia[i].san.data);
+		gnutls_free(aia->aia[i].oid.data);
+	}
+	gnutls_free(aia->aia);
+	gnutls_free(aia);
+}
+
+/**
+ * gnutls_x509_aia_get:
+ * @aia: The authority info access
+ * @seq: specifies the sequence number of the access descriptor (0 for the first one, 1 for the second etc.)
+ * @oid: the type of available data; to be treated as constant.
+ * @san_type: Will hold the type of the name of %gnutls_subject_alt_names_t (may be null).
+ * @san: the access location name; to be treated as constant (may be null).
+ *
+ * This function reads from the Authority Information Access type.
+ *
+ * The @seq input parameter is used to indicate which member of the
+ * sequence the caller is interested in.  The first member is 0, the
+ * second member 1 and so on.  When the @seq value is out of bounds,
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ *
+ * Typically @oid is %GNUTLS_OID_AD_CAISSUERS or %GNUTLS_OID_AD_OCSP.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_aia_get(gnutls_x509_aia_t aia, unsigned int seq,
+			gnutls_datum_t *oid,
+			unsigned *san_type,
+			gnutls_datum_t *san)
+{
+	if (seq >= aia->size)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (san_type)
+		*san_type = aia->aia[seq].san_type;
+	if (san) {
+		san->data = aia->aia[seq].san.data;
+		san->size = aia->aia[seq].san.size;
+	}
+
+	if (oid) {
+		oid->data = aia->aia[seq].oid.data;
+		oid->size = aia->aia[seq].oid.size;
+	}
+
+	return 0;
+}
+
+int _gnutls_alt_name_process(gnutls_datum_t *out, unsigned type, const gnutls_datum_t *san, unsigned raw)
+{
+	int ret;
+	if (type == GNUTLS_SAN_DNSNAME && !raw) {
+		ret = gnutls_idna_map((char*)san->data, san->size, out, 0);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+	} else if (type == GNUTLS_SAN_RFC822NAME && !raw) {
+		ret = _gnutls_idna_email_map((char*)san->data, san->size, out);
+		if (ret < 0) {
+			return gnutls_assert_val(ret);
+		}
+	} else if (type == GNUTLS_SAN_URI && !raw) {
+		if (!_gnutls_str_is_print((char*)san->data, san->size)) {
+			_gnutls_debug_log("non-ASCII URIs are not supported\n");
+			return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+		} else {
+			ret = _gnutls_set_strdatum(out, san->data, san->size);
+			if (ret < 0)
+				return gnutls_assert_val(ret);
+		}
+	} else {
+		ret = _gnutls_set_strdatum(out, san->data, san->size);
+		if (ret < 0)
+			return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_aia_set:
+ * @aia: The authority info access
+ * @oid: the type of data.
+ * @san_type: The type of the name (of %gnutls_subject_alt_names_t)
+ * @san: The alternative name data
+ * @othername_oid: The object identifier if @san_type is %GNUTLS_SAN_OTHERNAME
+ *
+ * This function will store the specified alternative name in
+ * the @aia type. 
+ *
+ * Typically the value for @oid should be %GNUTLS_OID_AD_OCSP, or
+ * %GNUTLS_OID_AD_CAISSUERS.
+ *
+ * Since version 3.5.7 the %GNUTLS_SAN_RFC822NAME, and %GNUTLS_SAN_DNSNAME,
+ * are converted to ACE format when necessary.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0), otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_aia_set(gnutls_x509_aia_t aia,
+			const char *oid,
+			unsigned san_type,
+			const gnutls_datum_t * san)
+{
+	int ret;
+	void *tmp;
+	unsigned indx;
+
+	if (unlikely(INT_ADD_OVERFLOW(aia->size, 1))) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+
+	tmp = _gnutls_reallocarray(aia->aia, aia->size + 1, sizeof(aia->aia[0]));
+	if (tmp == NULL) {
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	}
+	aia->aia = tmp;
+	indx = aia->size;
+	
+	aia->aia[indx].san_type = san_type;
+	if (oid) {
+		aia->aia[indx].oid.data = (void*)gnutls_strdup(oid);
+		aia->aia[indx].oid.size = strlen(oid);
+	} else {
+		aia->aia[indx].oid.data = NULL;
+		aia->aia[indx].oid.size = 0;
+	}
+
+	ret = _gnutls_alt_name_process(&aia->aia[indx].san, san_type, san, 0);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	aia->size++;
+
+	return 0;	
+}
+
+
+static int parse_aia(asn1_node c2, gnutls_x509_aia_t aia)
+{
+	int len;
+	char nptr[MAX_NAME_SIZE];
+	int ret, result;
+	char tmpoid[MAX_OID_SIZE];
+	void * tmp;
+	unsigned i, indx;
+
+	for (i = 1;; i++) {
+		snprintf(nptr, sizeof(nptr), "?%u.accessMethod", i);
+
+		len = sizeof(tmpoid);
+		result = asn1_read_value(c2, nptr, tmpoid, &len);
+		if (result == ASN1_VALUE_NOT_FOUND
+		    || result == ASN1_ELEMENT_NOT_FOUND) {
+			ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+			break;
+		}
+
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+		indx = aia->size;
+		if (unlikely(INT_ADD_OVERFLOW(aia->size, 1))) {
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		}
+		tmp = _gnutls_reallocarray(aia->aia, aia->size + 1,
+					   sizeof(aia->aia[0]));
+		if (tmp == NULL) {
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		}
+		aia->aia = tmp;
+
+		snprintf(nptr, sizeof(nptr), "?%u.accessLocation", i);
+
+
+		ret = _gnutls_parse_general_name2(c2, nptr, -1, &aia->aia[indx].san, 
+			&aia->aia[indx].san_type, 0);
+		if (ret < 0)
+			break;
+
+		/* we do the strdup after parsing to avoid a memory leak */
+		aia->aia[indx].oid.data = (void*)gnutls_strdup(tmpoid);
+		aia->aia[indx].oid.size = strlen(tmpoid);
+
+		aia->size++;
+
+		if (aia->aia[indx].oid.data == NULL) {
+			gnutls_assert();
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		}
+	}
+
+	assert(ret < 0);
+	if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_ext_import_aia:
+ * @ext: The DER-encoded extension data
+ * @aia: The authority info access
+ * @flags: should be zero
+ *
+ * This function extracts the Authority Information Access (AIA)
+ * extension from the provided DER-encoded data; see RFC 5280 section 4.2.2.1 
+ * for more information on the extension.  The
+ * AIA extension holds a sequence of AccessDescription (AD) data.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_import_aia(const gnutls_datum_t * ext,
+					      gnutls_x509_aia_t aia,
+					      unsigned int flags)
+{
+	int ret;
+	asn1_node c2 = NULL;
+
+	if (ext->size == 0 || ext->data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	ret = asn1_create_element(_gnutls_get_pkix(),
+				  "PKIX1.AuthorityInfoAccessSyntax", &c2);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	ret = _asn1_strict_der_decode(&c2, ext->data, ext->size, NULL);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	ret = parse_aia(c2, aia);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+ cleanup:
+	asn1_delete_structure(&c2);
+
+	return ret;
+
+}
+
+/**
+ * gnutls_x509_ext_export_aia:
+ * @aia: The authority info access
+ * @ext: The DER-encoded extension data; must be freed using gnutls_free().
+ *
+ * This function will DER encode the Authority Information Access (AIA)
+ * extension; see RFC 5280 section 4.2.2.1 for more information on the
+ * extension.  
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_export_aia(gnutls_x509_aia_t aia,
+					      gnutls_datum_t * ext)
+{
+	int ret, result;
+	asn1_node c2 = NULL;
+	unsigned int i;
+
+	ret = asn1_create_element(_gnutls_get_pkix(),
+				  "PKIX1.AuthorityInfoAccessSyntax", &c2);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	/* 1. create a new element.
+	 */
+	for (i=0;i<aia->size;i++) {
+		result = asn1_write_value(c2, "", "NEW", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		/* 2. Add the OID.
+		 */
+		result = asn1_write_value(c2, "?LAST.accessMethod", aia->aia[i].oid.data, 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		ret =
+		    _gnutls_write_general_name(c2,
+						   "?LAST.accessLocation",
+						   aia->aia[i].san_type,
+						   aia->aia[i].san.data,
+						   aia->aia[i].san.size);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret = _gnutls_x509_der_encode(c2, "", ext, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+ cleanup:
+	asn1_delete_structure(&c2);
+
+	return ret;
+}
+
+
+struct gnutls_x509_key_purposes_st {
+	gnutls_datum_t oid[MAX_ENTRIES];
+	unsigned int size;
+};
+
+/**
+ * gnutls_subject_alt_names_init:
+ * @p: The key purposes
+ *
+ * This function will initialize an alternative names type.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_key_purpose_init(gnutls_x509_key_purposes_t * p)
+{
+	*p = gnutls_calloc(1, sizeof(struct gnutls_x509_key_purposes_st));
+	if (*p == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	return 0;
+}
+
+static void key_purposes_deinit(gnutls_x509_key_purposes_t p)
+{
+	unsigned int i;
+
+	for (i = 0; i < p->size; i++) {
+		gnutls_free(p->oid[i].data);
+	}
+}
+
+/**
+ * gnutls_x509_key_purpose_deinit:
+ * @p: The key purposes
+ *
+ * This function will deinitialize a key purposes type.
+ *
+ * Since: 3.3.0
+ **/
+void gnutls_x509_key_purpose_deinit(gnutls_x509_key_purposes_t p)
+{
+	key_purposes_deinit(p);
+	gnutls_free(p);
+}
+
+/**
+ * gnutls_x509_key_purpose_set:
+ * @p: The key purposes
+ * @oid: The object identifier of the key purpose
+ *
+ * This function will store the specified key purpose in the
+ * purposes.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0), otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_key_purpose_set(gnutls_x509_key_purposes_t p, const char *oid)
+{
+	if (p->size + 1 > MAX_ENTRIES)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	p->oid[p->size].data = (void*)gnutls_strdup(oid);
+	if (p->oid[p->size].data == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	p->oid[p->size].size = strlen(oid);
+	p->size++;
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_key_purpose_get:
+ * @p: The key purposes
+ * @idx: The index of the key purpose to retrieve
+ * @oid: Will hold the object identifier of the key purpose (to be treated as constant)
+ *
+ * This function will retrieve the specified by the index key purpose in the
+ * purposes type. The object identifier will be a null terminated string.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
+ * if the index is out of bounds, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_key_purpose_get(gnutls_x509_key_purposes_t p, unsigned idx, gnutls_datum_t *oid)
+{
+	if (idx >= p->size)
+		return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	oid->data = p->oid[idx].data;
+	oid->size = p->oid[idx].size;
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_ext_import_key_purposes:
+ * @ext: The DER-encoded extension data
+ * @p: The key purposes
+ * @flags: should be zero
+ *
+ * This function will extract the key purposes in the provided DER-encoded
+ * ExtKeyUsageSyntax PKIX extension, to a %gnutls_x509_key_purposes_t type. 
+ * The data must be initialized.
+ * 
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_import_key_purposes(const gnutls_datum_t * ext,
+				     gnutls_x509_key_purposes_t p,
+				     unsigned int flags)
+{
+	char tmpstr[MAX_NAME_SIZE];
+	int result, ret;
+	asn1_node c2 = NULL;
+	gnutls_datum_t oid = {NULL, 0};
+	unsigned i;
+
+	result = asn1_create_element
+	    (_gnutls_get_pkix(), "PKIX1.ExtKeyUsageSyntax", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&c2, ext->data, ext->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	key_purposes_deinit(p);
+	i = 0;
+	p->size = 0;
+
+	for (;i<MAX_ENTRIES;i++) {
+		/* create a string like "?1"
+		 */
+		snprintf(tmpstr, sizeof(tmpstr), "?%u", i+1);
+
+		ret = _gnutls_x509_read_value(c2, tmpstr, &oid);
+		if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) {
+			break;
+		}
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		p->oid[i].data = oid.data;
+		p->oid[i].size = oid.size;
+
+		oid.data = NULL;
+		oid.size = 0;
+		p->size++;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_free(oid.data);
+	asn1_delete_structure(&c2);
+
+	return ret;
+
+}
+
+/**
+ * gnutls_x509_ext_export_key_purposes:
+ * @p: The key purposes
+ * @ext: The DER-encoded extension data; must be freed using gnutls_free().
+ *
+ * This function will convert the key purposes type to a
+ * DER-encoded PKIX ExtKeyUsageSyntax (2.5.29.37) extension. The output data in 
+ * @ext will be allocated using gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int gnutls_x509_ext_export_key_purposes(gnutls_x509_key_purposes_t p,
+				     gnutls_datum_t * ext)
+{
+	int result, ret;
+	asn1_node c2 = NULL;
+	unsigned i;
+
+	result = asn1_create_element
+	    (_gnutls_get_pkix(), "PKIX1.ExtKeyUsageSyntax", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* generate the extension.
+	 */
+	for (i=0;i<p->size;i++) {
+		/* 1. create a new element.
+		 */
+		result = asn1_write_value(c2, "", "NEW", 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+
+		/* 2. Add the OID.
+		 */
+		result = asn1_write_value(c2, "?LAST", p->oid[i].data, 1);
+		if (result != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(result);
+			goto cleanup;
+		}
+	}
+
+	ret = _gnutls_x509_der_encode(c2, "", ext, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+ cleanup:
+	asn1_delete_structure(&c2);
+	return ret;
+}
+
+/**
+ * gnutls_ext_deinit:
+ * @ext: The extensions structure
+ *
+ * This function will deinitialize an extensions structure.
+ *
+ * Since: 3.3.8
+ **/
+void gnutls_x509_ext_deinit(gnutls_x509_ext_st *ext)
+{
+	gnutls_free(ext->oid);
+	gnutls_free(ext->data.data);
+}
+
+int _gnutls_x509_decode_ext(const gnutls_datum_t *der, gnutls_x509_ext_st *out)
+{
+	asn1_node c2 = NULL;
+	char str_critical[10];
+	char oid[MAX_OID_SIZE];
+	int result, len, ret;
+
+	memset(out, 0, sizeof(*out));
+
+	/* decode der */
+	result = asn1_create_element(_gnutls_get_pkix(), "PKIX1.Extension", &c2);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result = _asn1_strict_der_decode(&c2, der->data, der->size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	len = sizeof(oid)-1;
+	result = asn1_read_value(c2, "extnID", oid, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	len = sizeof(str_critical)-1;
+	result = asn1_read_value(c2, "critical", str_critical, &len);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(result);
+		goto cleanup;
+	}
+
+	if (str_critical[0] == 'T')
+		out->critical = 1;
+	else
+		out->critical = 0;
+
+	ret = _gnutls_x509_read_value(c2, "extnValue", &out->data);
+	if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE || ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) {
+		out->data.data = NULL;
+		out->data.size = 0;
+	} else if (ret < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	out->oid = gnutls_strdup(oid);
+	if (out->oid == NULL) {
+		ret = GNUTLS_E_MEMORY_ERROR;
+		goto fail;
+	}
+
+	ret = 0;
+	goto cleanup;
+ fail:
+	memset(out, 0, sizeof(*out));
+ cleanup:
+	asn1_delete_structure(&c2);
+	return ret;
+	
+}
+
+/* flags can be zero or GNUTLS_EXT_FLAG_APPEND
+ */
+static int parse_tlsfeatures(asn1_node c2, gnutls_x509_tlsfeatures_t f, unsigned flags)
+{
+	char nptr[MAX_NAME_SIZE];
+	int result;
+	unsigned i, indx, j;
+	unsigned int feature;
+
+	if (!(flags & GNUTLS_EXT_FLAG_APPEND))
+		f->size = 0;
+
+	for (i = 1;; i++) {
+		unsigned skip = 0;
+		snprintf(nptr, sizeof(nptr), "?%u", i);
+
+		result = _gnutls_x509_read_uint(c2, nptr, &feature);
+
+		if (result == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND || result == GNUTLS_E_ASN1_VALUE_NOT_FOUND) {
+			break;
+		}
+		else if (result != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+		if (feature > UINT16_MAX) {
+			gnutls_assert();
+			return GNUTLS_E_CERTIFICATE_ERROR;
+		}
+
+		/* skip duplicates */
+		for (j=0;j<f->size;j++) {
+			if (f->feature[j] == feature) {
+				skip = 1;
+				break;
+			}
+		}
+
+		if (!skip) {
+			if (f->size >= sizeof(f->feature)/sizeof(f->feature[0])) {
+				gnutls_assert();
+				return GNUTLS_E_INTERNAL_ERROR;
+			}
+
+			indx = f->size;
+			f->feature[indx] = feature;
+			f->size++;
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_ext_import_tlsfeatures:
+ * @ext: The DER-encoded extension data
+ * @f: The features structure
+ * @flags: zero or %GNUTLS_EXT_FLAG_APPEND
+ *
+ * This function will export the features in the provided DER-encoded
+ * TLS Features PKIX extension, to a %gnutls_x509_tlsfeatures_t type. @f
+ * must be initialized.
+ *
+ * When the @flags is set to %GNUTLS_EXT_FLAG_APPEND,
+ * then if the @features structure is empty this function will behave
+ * identically as if the flag was not set. Otherwise if there are elements 
+ * in the @features structure then they will be merged with.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.5.1
+ **/
+int gnutls_x509_ext_import_tlsfeatures(const gnutls_datum_t * ext,
+				       gnutls_x509_tlsfeatures_t f,
+				       unsigned int flags)
+{
+	int ret;
+	asn1_node c2 = NULL;
+
+	if (ext->size == 0 || ext->data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	ret = asn1_create_element(_gnutls_get_pkix(),
+				  "PKIX1.TlsFeatures", &c2);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	ret = _asn1_strict_der_decode(&c2, ext->data, ext->size, NULL);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		ret = _gnutls_asn2err(ret);
+		goto cleanup;
+	}
+
+	ret = parse_tlsfeatures(c2, f, flags);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+
+ cleanup:
+	asn1_delete_structure(&c2);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_ext_export_tlsfeatures:
+ * @f: The features structure
+ * @ext: The DER-encoded extension data; must be freed using gnutls_free().
+ *
+ * This function will convert the provided TLS features structure structure to a
+ * DER-encoded TLS features PKIX extension. The output data in @ext will be allocated using
+ * gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.5.1
+ **/
+int gnutls_x509_ext_export_tlsfeatures(gnutls_x509_tlsfeatures_t f,
+					  gnutls_datum_t * ext)
+{
+	if (f == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	asn1_node c2 = NULL;
+	int ret;
+	unsigned i;
+
+	ret = asn1_create_element(_gnutls_get_pkix(), "PKIX1.TlsFeatures", &c2);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	for (i = 0; i < f->size; ++i) {
+
+		ret = asn1_write_value(c2, "", "NEW", 1);
+		if (ret != ASN1_SUCCESS) {
+			gnutls_assert();
+			ret = _gnutls_asn2err(ret);
+			goto cleanup;
+		}
+
+		ret = _gnutls_x509_write_uint32(c2, "?LAST", f->feature[i]);
+		if (ret != GNUTLS_E_SUCCESS) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret = _gnutls_x509_der_encode(c2, "", ext, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+
+ cleanup:
+	asn1_delete_structure(&c2);
+	return ret;
+}
+
+/**
+ * gnutls_x509_tlsfeatures_add:
+ * @f: The TLS features
+ * @feature: The feature to add
+ *
+ * This function will append a feature to the X.509 TLS features
+ * extension structure.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error value.
+ *
+ * Since: 3.5.1
+ **/
+int gnutls_x509_tlsfeatures_add(gnutls_x509_tlsfeatures_t f, unsigned int feature)
+{
+	if (f == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (feature > UINT16_MAX)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	if (f->size >= sizeof(f->feature)/sizeof(f->feature[0]))
+		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
+	f->feature[f->size++] = feature;
+
+	return 0;
+}
+
+#define SCT_V1_LOGID_SIZE 32
+struct ct_sct_st {
+	int version;
+	uint8_t logid[SCT_V1_LOGID_SIZE];
+	uint64_t timestamp;
+	gnutls_sign_algorithm_t sigalg;
+	gnutls_datum_t signature;
+};
+
+struct gnutls_x509_ct_scts_st {
+	struct ct_sct_st *scts;
+	size_t size;
+};
+
+static void _gnutls_free_scts(struct gnutls_x509_ct_scts_st *scts)
+{
+	for (size_t i = 0; i < scts->size; i++)
+		_gnutls_free_datum(&scts->scts[i].signature);
+	gnutls_free(scts->scts);
+	scts->size = 0;
+}
+
+/**
+ * gnutls_x509_ext_ct_scts_init:
+ * @scts: The SCT list
+ *
+ * This function will initialize a Certificate Transparency SCT list.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success, otherwise a negative error value.
+ **/
+int gnutls_x509_ext_ct_scts_init(gnutls_x509_ct_scts_t * scts)
+{
+	*scts = gnutls_calloc(1, sizeof(struct gnutls_x509_ct_scts_st));
+	if (*scts == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+	return 0;
+}
+
+/**
+ * gnutls_x509_ext_ct_scts_deinit:
+ * @scts: The SCT list
+ *
+ * This function will deinitialize a Certificate Transparency SCT list.
+ **/
+void gnutls_x509_ext_ct_scts_deinit(gnutls_x509_ct_scts_t scts)
+{
+	_gnutls_free_scts(scts);
+	gnutls_free(scts);
+}
+
+struct sct_sign_algorithm_st {
+	uint8_t codepoint[2];
+	gnutls_sign_algorithm_t sign_algo;
+};
+
+static const struct sct_sign_algorithm_st algos[] = {
+	{
+		.codepoint = { 0x01, 0x01 },
+		.sign_algo = GNUTLS_SIGN_RSA_MD5
+	},
+	{
+		.codepoint = { 0x02, 0x01 },
+		.sign_algo = GNUTLS_SIGN_RSA_SHA1
+	},
+	{
+		.codepoint = { 0x03, 0x01 },
+		.sign_algo = GNUTLS_SIGN_RSA_SHA224
+	},
+	{
+		.codepoint = { 0x04, 0x01 },
+		.sign_algo = GNUTLS_SIGN_RSA_SHA256
+	},
+	{
+		.codepoint = { 0x05, 0x01 },
+		.sign_algo = GNUTLS_SIGN_RSA_SHA384
+	},
+	{
+		.codepoint = { 0x06, 0x01 },
+		.sign_algo = GNUTLS_SIGN_RSA_SHA512,
+	},
+	{
+		.codepoint = { 0x02, 0x02 },
+		.sign_algo = GNUTLS_SIGN_DSA_SHA1
+	},
+	{
+		.codepoint = { 0x03, 0x02 },
+		.sign_algo = GNUTLS_SIGN_DSA_SHA224
+	},
+	{
+		.codepoint = { 0x04, 0x02 },
+		.sign_algo = GNUTLS_SIGN_DSA_SHA256
+	},
+	{
+		.codepoint = { 0x05, 0x02 },
+		.sign_algo = GNUTLS_SIGN_DSA_SHA384
+	},
+	{
+		.codepoint = { 0x06, 0x02 },
+		.sign_algo = GNUTLS_SIGN_DSA_SHA512,
+	},
+	{
+		.codepoint = { 0x02, 0x03 },
+		.sign_algo = GNUTLS_SIGN_ECDSA_SHA1
+	},
+	{
+		.codepoint = { 0x03, 0x03 },
+		.sign_algo = GNUTLS_SIGN_ECDSA_SHA224
+	},
+	{
+		.codepoint = { 0x04, 0x03 },
+		.sign_algo = GNUTLS_SIGN_ECDSA_SHA256
+	},
+	{
+		.codepoint = { 0x05, 0x03 },
+		.sign_algo = GNUTLS_SIGN_ECDSA_SHA384
+	},
+	{
+		.codepoint = { 0x06, 0x03 },
+		.sign_algo = GNUTLS_SIGN_ECDSA_SHA512,
+	}
+};
+
+static gnutls_sign_algorithm_t get_sigalg(uint8_t hash_algo, uint8_t sig_algo)
+{
+	const struct sct_sign_algorithm_st *algo;
+	size_t i, num_algos = sizeof(algos) / sizeof(algos[0]);
+
+	if (hash_algo == 0 || sig_algo == 0)
+		return GNUTLS_SIGN_UNKNOWN;
+
+	for (i = 0; i < num_algos; i++) {
+		algo = &algos[i];
+		if (algo->codepoint[0] == hash_algo && algo->codepoint[1] == sig_algo)
+			break;
+	}
+
+	if (i == num_algos)
+		return GNUTLS_SIGN_UNKNOWN;
+
+	return algo->sign_algo;
+}
+
+static int write_sigalg(gnutls_sign_algorithm_t sigalg, uint8_t out[])
+{
+	const struct sct_sign_algorithm_st *algo;
+	size_t i, num_algos = sizeof(algos) / sizeof(algos[0]);
+
+	for (i = 0; i < num_algos; i++) {
+		algo = &algos[i];
+		if (algo->sign_algo == sigalg)
+			break;
+	}
+
+	if (i == num_algos)
+		return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
+
+	out[0] = algo->codepoint[0];
+	out[1] = algo->codepoint[1];
+	return 0;
+}
+
+static int _gnutls_parse_ct_sct(uint8_t *ptr, uint16_t length,
+				struct ct_sct_st *sct)
+{
+	uint16_t sig_length;
+	uint8_t hash_algo, sig_algo;
+
+	sct->signature.size = 0;
+	sct->signature.data = NULL;
+
+	DECR_LENGTH_RET(length, 1, GNUTLS_E_PREMATURE_TERMINATION);
+	sct->version = (int) *ptr;
+	ptr++;
+
+	/* LogID
+	 * In version 1, it has a fixed length of 32 bytes.
+	 */
+	DECR_LENGTH_RET(length, SCT_V1_LOGID_SIZE, GNUTLS_E_PREMATURE_TERMINATION);
+	memcpy(sct->logid, ptr, SCT_V1_LOGID_SIZE);
+	ptr += SCT_V1_LOGID_SIZE;
+
+	/* Timestamp */
+	DECR_LENGTH_RET(length, sizeof(uint64_t), GNUTLS_E_PREMATURE_TERMINATION);
+	sct->timestamp = (uint64_t) _gnutls_read_uint64(ptr);
+	ptr += sizeof(uint64_t);
+
+	/*
+	 * There are no extensions defined in SCT v1.
+	 * Check that there are actually no extensions - the following two bytes should be zero.
+	 */
+	DECR_LENGTH_RET(length, 2, GNUTLS_E_PREMATURE_TERMINATION);
+	if (*ptr != 0 || *(ptr+1) != 0)
+		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH);
+	ptr += 2;
+
+	/*
+	 * Hash and signature algorithms, modeled after
+	 * SignatureAndHashAlgorithm structure, as defined in
+	 * RFC 5246, section 7.4.1.4.1.
+	 * We take both values separately (hash and signature),
+	 * and return them as a gnutls_sign_algorithm_t enum value.
+	 */
+	DECR_LENGTH_RET(length, 2, GNUTLS_E_PREMATURE_TERMINATION);
+	hash_algo = *ptr++;
+	sig_algo = *ptr++;
+
+	sct->sigalg = get_sigalg(hash_algo, sig_algo);
+	if (sct->sigalg == GNUTLS_SIGN_UNKNOWN)
+		return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM);
+
+	/* Signature, length and content */
+	DECR_LENGTH_RET(length, sizeof(uint16_t), GNUTLS_E_PREMATURE_TERMINATION);
+	sig_length = _gnutls_read_uint16(ptr);
+	ptr += sizeof(uint16_t);
+	if (sig_length == 0)
+		return gnutls_assert_val(GNUTLS_E_PREMATURE_TERMINATION);
+
+	/* Remaining length should be sig_length at this point.
+	 * If not, that means there is more data than what the length field said it was,
+	 * and hence we must treat this as an error. */
+	if (length != sig_length)
+		return gnutls_assert_val(GNUTLS_E_ASN1_DER_OVERFLOW);
+
+	if (_gnutls_set_datum(&sct->signature, ptr, sig_length) < 0)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	return 0;
+}
+
+static int _gnutls_ct_sct_add(struct ct_sct_st *sct,
+			      struct ct_sct_st **scts, size_t *size)
+{
+	struct ct_sct_st *new_scts;
+
+	new_scts = _gnutls_reallocarray(*scts, *size + 1, sizeof(struct ct_sct_st));
+	if (new_scts == NULL)
+		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+	memcpy(&new_scts[*size], sct, sizeof(struct ct_sct_st));
+	(*size)++;
+	*scts = new_scts;
+
+	return 0;
+}
+
+static int _gnutls_export_ct_v1_sct(gnutls_buffer_st *buf,
+				    const struct ct_sct_st *sct)
+{
+	int ret;
+	uint8_t tstamp_out[8], sigalg[2];
+	/* There are no extensions defined for v1 */
+	const uint8_t extensions[2] = { 0x00, 0x00 };
+	size_t length_offset;
+
+	/* Length field; filled later */
+	length_offset = buf->length;
+	if ((ret = _gnutls_buffer_append_prefix(buf, 16, 0)) < 0)
+		return gnutls_assert_val(ret);
+
+	/* Version */
+	if ((ret = _gnutls_buffer_append_data(buf,
+					      &sct->version, sizeof(uint8_t))) < 0)
+		return gnutls_assert_val(ret);
+
+	/* Log ID - has a fixed 32-byte size in version 1 */
+	if ((ret = _gnutls_buffer_append_data(buf,
+					      sct->logid, SCT_V1_LOGID_SIZE)) < 0)
+		return gnutls_assert_val(ret);
+
+	/* Timestamp */
+	_gnutls_write_uint64(sct->timestamp, tstamp_out);
+	if ((ret = _gnutls_buffer_append_data(buf,
+					      tstamp_out, sizeof(tstamp_out))) < 0)
+		return gnutls_assert_val(ret);
+
+	/* Extensions */
+	if ((ret = _gnutls_buffer_append_data(buf,
+					      extensions, sizeof(extensions))) < 0)
+		return gnutls_assert_val(ret);
+
+	/* Hash and signature algorithms */
+	if ((ret = write_sigalg(sct->sigalg, sigalg)) < 0)
+		return gnutls_assert_val(ret);
+
+	if ((ret = _gnutls_buffer_append_data(buf,
+					      sigalg, sizeof(sigalg))) < 0)
+		return gnutls_assert_val(ret);
+
+	/* Signature */
+	if ((ret = _gnutls_buffer_append_data_prefix(buf, 16,
+						     sct->signature.data, sct->signature.size)) < 0)
+		return gnutls_assert_val(ret);
+
+	/* Fill the length */
+	_gnutls_write_uint16(buf->length - length_offset - 2,
+			     buf->data + length_offset);
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_ext_ct_import_scts:
+ * @ext: a DER-encoded extension
+ * @scts: The SCT list
+ * @flags: should be zero
+ *
+ * This function will read a SignedCertificateTimestampList structure
+ * from the DER data of the X.509 Certificate Transparency SCT extension
+ * (OID 1.3.6.1.4.1.11129.2.4.2).
+ *
+ * The list of SCTs (Signed Certificate Timestamps) is placed on @scts,
+ * which must be previously initialized with gnutls_x509_ext_ct_scts_init().
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error value.
+ **/
+int gnutls_x509_ext_ct_import_scts(const gnutls_datum_t *ext, gnutls_x509_ct_scts_t scts,
+				   unsigned int flags)
+{
+	int retval;
+	uint8_t *ptr;
+	uint16_t length, sct_length;
+	struct ct_sct_st sct;
+	gnutls_datum_t scts_content;
+
+	if (flags != 0)
+		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+
+	retval =
+		_gnutls_x509_decode_string(ASN1_ETYPE_OCTET_STRING,
+					   ext->data, ext->size, &scts_content,
+					   0);
+	if (retval < 0)
+		return gnutls_assert_val(retval);
+
+	if (scts_content.size < 2) {
+		gnutls_free(scts_content.data);
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	length = _gnutls_read_uint16(scts_content.data);
+	if (length < 4) {
+		gnutls_free(scts_content.data);
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	ptr = &scts_content.data[2];
+	while (length > 0) {
+		if (length < 2)
+			break;
+
+		sct_length = _gnutls_read_uint16(ptr);
+		if (sct_length == 0 || sct_length > length)
+			break;
+
+		ptr += sizeof(uint16_t);
+		length -= sizeof(uint16_t);
+
+		/*
+		 * _gnutls_parse_ct_sct() will try to read exactly sct_length bytes,
+		 * returning an error if it can't
+		 */
+		if (_gnutls_parse_ct_sct(ptr, sct_length, &sct) < 0)
+			break;
+		if (_gnutls_ct_sct_add(&sct, &scts->scts, &scts->size) < 0)
+			break;
+
+		ptr += sct_length;
+		length -= sct_length;
+	}
+
+	_gnutls_free_datum(&scts_content);
+
+	if (length > 0) {
+		gnutls_assert();
+		_gnutls_free_scts(scts);
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+	}
+
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_x509_ext_ct_export_scts:
+ * @scts: An initialized SCT list
+ * @ext: The DER-encoded extension data; must be freed with gnutls_free()
+ *
+ * This function will convert the provided list of SCTs to a DER-encoded
+ * SignedCertificateTimestampList extension (1.3.6.1.4.1.11129.2.4.2).
+ * The output data in @ext will be allocated using gnutls_malloc().
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error value.
+ **/
+int gnutls_x509_ext_ct_export_scts(const gnutls_x509_ct_scts_t scts, gnutls_datum_t *ext)
+{
+	int ret;
+	gnutls_buffer_st buf;
+
+	_gnutls_buffer_init(&buf);
+
+	/* Start with the length of the whole string; the actual
+	 * length is filled later */
+	_gnutls_buffer_append_prefix(&buf, 16, 0);
+
+	for (size_t i = 0; i < scts->size; i++) {
+		if ((ret = _gnutls_export_ct_v1_sct(&buf,
+						    &scts->scts[i])) < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	/* Fill the length */
+	_gnutls_write_uint16(buf.length - 2, buf.data);
+
+	/* DER-encode the whole thing as an opaque OCTET STRING, as the spec mandates */
+	ret = _gnutls_x509_encode_string(
+		ASN1_ETYPE_OCTET_STRING,
+		buf.data, buf.length,
+		ext);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = GNUTLS_E_SUCCESS;
+
+cleanup:
+	_gnutls_buffer_clear(&buf);
+	return ret;
+}
+
+/**
+ * gnutls_x509_ct_sct_get_version:
+ * @scts: A list of SCTs
+ * @idx: The index of the target SCT in the list
+ * @version_out: The version of the target SCT.
+ *
+ * This function obtains the version of the SCT at the given position
+ * in the SCT list.
+ *
+ * The version of that SCT will be placed on @version_out.
+ *
+ * Return : %GNUTLS_E_SUCCESS (0) is returned on success,
+ *   %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if @idx exceeds the number of SCTs in the list
+ *   and %GNUTLS_E_INVALID_REQUEST if the SCT's version is different than 1, as that's currently
+ *   the only defined version.
+ **/
+int gnutls_x509_ct_sct_get_version(gnutls_x509_ct_scts_t scts, unsigned idx,
+				   unsigned int *version_out)
+{
+	int version;
+
+	if (idx >= scts->size)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+	/*
+	 * Currently, only version 1 SCTs are defined (RFC 6962).
+	 * A version 1 SCT has actually the value 0 in the 'version' field.
+	 */
+	version = scts->scts[idx].version;
+	if (version != 0 || version_out == NULL)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	*version_out = 1;
+	return GNUTLS_E_SUCCESS;
+}
+
+/**
+ * gnutls_x509_ct_sct_get:
+ * @scts: A list of SCTs
+ * @idx: The index of the target SCT in the list
+ * @timestamp: The timestamp of the SCT
+ * @logid: The LogID field of the SCT; must be freed with gnutls_free()
+ * @sigalg: The signature algorithm
+ * @signature: The signature of the SCT; must be freed with gnutls_free()
+ *
+ * This function will return a specific SCT (Signed Certificate Timestamp)
+ * stored in the SCT list @scts.
+ *
+ * The datums holding the SCT's LogId and signature will be allocated
+ * using gnutls_malloc().
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) will be returned on success,
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if @idx exceeds the number of SCTs in the list
+ * or a negative error value.
+ **/
+int gnutls_x509_ct_sct_get(const gnutls_x509_ct_scts_t scts, unsigned idx,
+			   time_t *timestamp,
+			   gnutls_datum_t *logid,
+			   gnutls_sign_algorithm_t *sigalg,
+			   gnutls_datum_t *signature)
+{
+	int retval = 0;
+	struct ct_sct_st *sct;
+
+	if (idx >= scts->size)
+		return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+
+	sct = &scts->scts[idx];
+	if (sct->version != 0)
+		return GNUTLS_E_INVALID_REQUEST;
+
+	if (signature) {
+		retval = _gnutls_set_datum(signature,
+					   sct->signature.data,
+					   sct->signature.size);
+		if (retval < 0)
+			return retval;
+	}
+
+	if (logid) {
+		retval = _gnutls_set_datum(logid,
+					   sct->logid,
+					   SCT_V1_LOGID_SIZE);
+		if (retval < 0) {
+			_gnutls_free_datum(signature);
+			return retval;
+		}
+	}
+
+	if (timestamp)
+		*timestamp = sct->timestamp / 1000;
+
+	if (sigalg)
+		*sigalg = sct->sigalg;
+
+	return GNUTLS_E_SUCCESS;
+}
diff --git a/lib/x509/x509_ext_int.h b/lib/x509/x509_ext_int.h
new file mode 100644
index 0000000..2e3f162
--- /dev/null
+++ b/lib/x509/x509_ext_int.h
@@ -0,0 +1,34 @@
+/*
+ * Copyright (C) 2014-2016 Free Software Foundation
+ * Copyright (C) 2014-2016 Red Hat, Inc.
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_X509_EXT_INT_H
+#define GNUTLS_LIB_X509_X509_EXT_INT_H
+
+#include "gnutls_int.h"
+struct name_st {
+	unsigned int type;
+	gnutls_datum_t san;
+	gnutls_datum_t othername_oid;
+};
+
+int _gnutls_alt_name_process(gnutls_datum_t *out, unsigned type, const gnutls_datum_t *san, unsigned raw);
+
+#endif /* GNUTLS_LIB_X509_X509_EXT_INT_H */
diff --git a/lib/x509/x509_int.h b/lib/x509/x509_int.h
new file mode 100644
index 0000000..acbc185
--- /dev/null
+++ b/lib/x509/x509_int.h
@@ -0,0 +1,558 @@
+/*
+ * Copyright (C) 2003-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_X509_INT_H
+#define GNUTLS_LIB_X509_X509_INT_H
+
+#include <gnutls/x509.h>
+#include <gnutls/x509-ext.h>
+#include <gnutls/abstract.h>
+
+#include <libtasn1.h>
+
+#define MAX_CRQ_EXTENSIONS_SIZE 8*1024
+#define MAX_OID_SIZE 128
+#define MAX_KEY_ID_SIZE 128
+#define MAX_SALT_SIZE 256
+#define MAX_NAME_SIZE (3*ASN1_MAX_NAME_SIZE)
+
+#define HASH_OID_SHA1 "1.3.14.3.2.26"
+#define HASH_OID_MD5 "1.2.840.113549.2.5"
+#define HASH_OID_MD2 "1.2.840.113549.2.2"
+#define HASH_OID_RMD160 "1.3.36.3.2.1"
+#define HASH_OID_SHA224 "2.16.840.1.101.3.4.2.4"
+#define HASH_OID_SHA256 "2.16.840.1.101.3.4.2.1"
+#define HASH_OID_SHA384 "2.16.840.1.101.3.4.2.2"
+#define HASH_OID_SHA512 "2.16.840.1.101.3.4.2.3"
+#define HASH_OID_SHA3_224 "2.16.840.1.101.3.4.2.7"
+#define HASH_OID_SHA3_256 "2.16.840.1.101.3.4.2.8"
+#define HASH_OID_SHA3_384 "2.16.840.1.101.3.4.2.9"
+#define HASH_OID_SHA3_512 "2.16.840.1.101.3.4.2.10"
+#define HASH_OID_SHAKE_128 "2.16.840.1.101.3.4.2.11"
+#define HASH_OID_SHAKE_256 "2.16.840.1.101.3.4.2.12"
+#define HASH_OID_GOST_R_3411_94 "1.2.643.2.2.9"
+#define HASH_OID_STREEBOG_256 "1.2.643.7.1.1.2.2"
+#define HASH_OID_STREEBOG_512 "1.2.643.7.1.1.2.3"
+
+#define HASH_OID_GOST_R_3411_94_CRYPTOPRO_PARAMS "1.2.643.2.2.30.1"
+
+/* from rfc8479 */
+#define OID_ATTR_PROV_SEED "1.3.6.1.4.1.2312.18.8.1"
+
+struct gnutls_x509_crl_iter {
+	/* This is used to optimize reads by gnutls_x509_crl_iter_crt_serial() */
+	asn1_node rcache;
+	unsigned rcache_idx;
+};
+
+typedef struct gnutls_x509_crl_int {
+	asn1_node crl;
+
+	unsigned expanded;
+	/* This is used to optimize reads by gnutls_x509_crl_get_crt_serial2() */
+	asn1_node rcache;
+	unsigned rcache_idx;
+	int use_extensions;
+
+	gnutls_datum_t der;
+	gnutls_datum_t raw_issuer_dn;
+} gnutls_x509_crl_int;
+
+typedef struct gnutls_x509_dn_st {
+	asn1_node asn;
+} gnutls_x509_dn_st;
+
+typedef struct gnutls_x509_crt_int {
+	asn1_node cert;
+	int use_extensions;
+	unsigned expanded; /* a certificate has been expanded */
+	unsigned modified; /* the cached values below may no longer be valid */
+	unsigned flags;
+
+	struct pin_info_st pin;
+
+	/* These two cached values allow fast calls to
+	 * get_raw_*_dn(). */
+	gnutls_datum_t raw_dn;
+	gnutls_datum_t raw_issuer_dn;
+	gnutls_datum_t raw_spki;
+
+	gnutls_datum_t der;
+
+	/* this cached value allows fast access to alt names */
+	gnutls_subject_alt_names_t san;
+	gnutls_subject_alt_names_t ian;
+
+	/* backwards compatibility for gnutls_x509_crt_get_subject()
+	 * and gnutls_x509_crt_get_issuer() */
+	gnutls_x509_dn_st dn;
+	gnutls_x509_dn_st idn;
+} gnutls_x509_crt_int;
+
+#define MODIFIED(crt) crt->modified=1
+
+typedef struct gnutls_x509_crq_int {
+	asn1_node crq;
+} gnutls_x509_crq_int;
+
+typedef struct gnutls_pkcs7_attrs_st {
+	char *oid;
+	gnutls_datum_t data;
+	struct gnutls_pkcs7_attrs_st *next;
+} gnutls_pkcs7_attrs_st;
+
+typedef struct gnutls_pkcs7_int {
+	asn1_node pkcs7;
+
+	char encap_data_oid[MAX_OID_SIZE];
+
+	gnutls_datum_t der_signed_data;
+	asn1_node signed_data;
+	unsigned expanded;
+} gnutls_pkcs7_int;
+
+struct pbkdf2_params {
+	uint8_t salt[MAX_SALT_SIZE];
+	int salt_size;
+	unsigned iter_count;
+	unsigned key_size;
+	gnutls_mac_algorithm_t mac;
+};
+
+typedef struct gnutls_x509_privkey_int {
+	/* the size of params depends on the public
+	 * key algorithm
+	 */
+	gnutls_pk_params_st params;
+
+	unsigned expanded;
+	unsigned flags;
+
+	asn1_node key;
+	struct pin_info_st pin;
+} gnutls_x509_privkey_int;
+
+int _gnutls_x509_crt_cpy(gnutls_x509_crt_t dest, gnutls_x509_crt_t src);
+
+int _gnutls_x509_compare_raw_dn(const gnutls_datum_t * dn1,
+				const gnutls_datum_t * dn2);
+
+int _gnutls_x509_crl_cpy(gnutls_x509_crl_t dest, gnutls_x509_crl_t src);
+int _gnutls_x509_crl_get_raw_issuer_dn(gnutls_x509_crl_t crl,
+				       gnutls_datum_t * dn);
+
+/* sign.c */
+int _gnutls_x509_get_tbs(asn1_node cert, const char *tbs_name,
+			 gnutls_datum_t * tbs);
+int _gnutls_x509_pkix_sign(asn1_node src, const char *src_name,
+			   gnutls_digest_algorithm_t,
+			   unsigned int flags,
+			   gnutls_x509_crt_t issuer,
+			   gnutls_privkey_t issuer_key);
+int _gnutls_x509_crt_get_spki_params(gnutls_x509_crt_t issuer,
+				     const gnutls_x509_spki_st *key_params,
+				     gnutls_x509_spki_st *params);
+
+#define map_errs_to_zero(x) ((x)<0?0:(x))
+
+/* dn.c */
+#define OID_X520_COUNTRY_NAME		"2.5.4.6"
+#define OID_X520_ORGANIZATION_NAME	"2.5.4.10"
+#define OID_X520_ORGANIZATIONAL_UNIT_NAME "2.5.4.11"
+#define OID_X520_COMMON_NAME		"2.5.4.3"
+#define OID_X520_LOCALITY_NAME		"2.5.4.7"
+#define OID_X520_STATE_OR_PROVINCE_NAME	"2.5.4.8"
+#define OID_LDAP_DC			"0.9.2342.19200300.100.1.25"
+#define OID_LDAP_UID			"0.9.2342.19200300.100.1.1"
+#define OID_PKCS9_EMAIL			"1.2.840.113549.1.9.1"
+
+int _gnutls_x509_parse_dn(asn1_node asn1_struct,
+			  const char *asn1_rdn_name, char *buf,
+			  size_t * sizeof_buf,
+			  unsigned flags);
+
+int
+_gnutls_x509_get_dn(asn1_node asn1_struct,
+		    const char *asn1_rdn_name, gnutls_datum_t * dn,
+		    unsigned flags);
+
+int
+_gnutls_x509_parse_dn_oid(asn1_node asn1_struct,
+			  const char *asn1_rdn_name,
+			  const char *given_oid, int indx,
+			  unsigned int raw_flag, gnutls_datum_t * out);
+
+int _gnutls_x509_set_dn_oid(asn1_node asn1_struct,
+			    const char *asn1_rdn_name, const char *oid,
+			    int raw_flag, const char *name,
+			    int sizeof_name);
+
+int _gnutls_x509_get_dn_oid(asn1_node asn1_struct,
+			    const char *asn1_rdn_name,
+			    int indx, void *_oid, size_t * sizeof_oid);
+
+int _gnutls_encode_othername_data(unsigned flags, const void *data, unsigned data_size, gnutls_datum_t *output);
+
+int _gnutls_parse_general_name(asn1_node src, const char *src_name,
+			       int seq, void *name, size_t * name_size,
+			       unsigned int *ret_type, int othername_oid);
+
+int
+_gnutls_parse_general_name2(asn1_node src, const char *src_name,
+			   int seq, gnutls_datum_t *dname, 
+			   unsigned int *ret_type, int othername_oid);
+
+int
+_gnutls_write_new_general_name(asn1_node ext, const char *ext_name,
+		       gnutls_x509_subject_alt_name_t type,
+		       const void *data, unsigned int data_size);
+
+int
+_gnutls_write_new_othername(asn1_node ext, const char *ext_name,
+		       const char *oid,
+		       const void *data, unsigned int data_size);
+
+/* dsa.c */
+
+
+/* verify.c */
+int gnutls_x509_crt_is_issuer(gnutls_x509_crt_t cert,
+			      gnutls_x509_crt_t issuer);
+
+int
+_gnutls_x509_verify_algorithm(gnutls_digest_algorithm_t * hash,
+			      const gnutls_datum_t * signature,
+			      gnutls_pk_algorithm_t pk,
+			      gnutls_pk_params_st * issuer_params);
+
+/* privkey.h */
+void _gnutls_x509_privkey_reinit(gnutls_x509_privkey_t key);
+
+asn1_node _gnutls_privkey_decode_pkcs1_rsa_key(const gnutls_datum_t *
+					       raw_key,
+					       gnutls_x509_privkey_t pkey);
+int _gnutls_privkey_decode_ecc_key(asn1_node* pkey_asn, const gnutls_datum_t *
+					 raw_key,
+					 gnutls_x509_privkey_t pkey,
+					 gnutls_ecc_curve_t curve);
+
+int _gnutls_privkey_decode_eddsa_key(asn1_node* pkey_asn,
+		const gnutls_datum_t *raw_key,
+		gnutls_x509_privkey_t pkey,
+		gnutls_ecc_curve_t curve);
+
+int
+_gnutls_x509_read_ecc_params(uint8_t * der, int dersize,
+			     unsigned int *curve);
+
+int
+_gnutls_x509_read_gost_params(uint8_t * der, int dersize,
+			      gnutls_pk_params_st * params,
+			      gnutls_pk_algorithm_t algo);
+
+int _gnutls_asn1_encode_privkey(asn1_node * c2,
+				gnutls_pk_params_st * params);
+
+void _gnutls_x509_privkey_get_spki_params(gnutls_x509_privkey_t key,
+					  gnutls_x509_spki_st * params);
+
+int _gnutls_x509_read_rsa_pss_params(uint8_t * der, int dersize,
+				     gnutls_x509_spki_st * params);
+int _gnutls_x509_write_rsa_pss_params(const gnutls_x509_spki_st * params,
+				      gnutls_datum_t * der);
+
+/* extensions.c */
+int _gnutls_x509_crl_get_extension_oid(gnutls_x509_crl_t crl,
+				       int indx, void *oid,
+				       size_t * sizeof_oid);
+
+int _gnutls_x509_crl_set_extension(gnutls_x509_crl_t crl,
+				   const char *ext_id,
+				   const gnutls_datum_t * ext_data,
+				   unsigned int critical);
+
+int
+_gnutls_x509_crl_get_extension(gnutls_x509_crl_t crl,
+			       const char *extension_id, int indx,
+			       gnutls_datum_t * data,
+			       unsigned int *critical);
+
+int
+_gnutls_x509_crt_get_extension(gnutls_x509_crt_t cert,
+			       const char *extension_id, int indx,
+			       gnutls_datum_t * data, unsigned int *critical);
+
+int _gnutls_x509_crt_get_extension_oid(gnutls_x509_crt_t cert,
+				       int indx, void *ret,
+				       size_t * ret_size);
+int _gnutls_x509_crt_set_extension(gnutls_x509_crt_t cert,
+				   const char *extension_id,
+				   const gnutls_datum_t * ext_data,
+				   unsigned int critical);
+
+int
+_gnutls_x509_ext_extract_number(uint8_t * number,
+				size_t * nr_size,
+				uint8_t * extnValue, int extnValueLen);
+int
+_gnutls_x509_ext_gen_number(const uint8_t * number, size_t nr_size,
+			    gnutls_datum_t * der_ext);
+
+
+int
+_gnutls_write_general_name(asn1_node ext, const char *ext_name,
+		       gnutls_x509_subject_alt_name_t type,
+		       const void *data, unsigned int data_size);
+
+int _gnutls_x509_ext_gen_subject_alt_name(gnutls_x509_subject_alt_name_t
+					  type,
+					  const char *othername_oid,
+					  const void *data,
+					  unsigned int data_size,
+					  const gnutls_datum_t * prev_der_ext,
+					  gnutls_datum_t * der_ext);
+int _gnutls_x509_ext_gen_auth_key_id(const void *id, size_t id_size,
+				     gnutls_datum_t * der_data);
+
+/* mpi.c */
+int _gnutls_x509_crq_get_mpis(gnutls_x509_crq_t cert,
+			      gnutls_pk_params_st *);
+
+int _gnutls_x509_crt_get_mpis(gnutls_x509_crt_t cert,
+			      gnutls_pk_params_st * params);
+
+int _gnutls_x509_read_pubkey_params(gnutls_pk_algorithm_t, uint8_t * der,
+				    int dersize,
+				    gnutls_pk_params_st * params);
+int _gnutls_x509_check_pubkey_params(gnutls_pk_params_st * params);
+
+int _gnutls_x509_read_pubkey(gnutls_pk_algorithm_t, uint8_t * der,
+			     int dersize, gnutls_pk_params_st * params);
+
+int _gnutls_x509_read_pubkey_signature_params(gnutls_pk_algorithm_t algo,
+					      uint8_t * der, int dersize,
+					      gnutls_pk_params_st * params);
+
+int _gnutls_x509_write_ecc_params(const gnutls_ecc_curve_t curve,
+				  gnutls_datum_t * der);
+int _gnutls_x509_write_ecc_pubkey(const gnutls_pk_params_st * params,
+				  gnutls_datum_t * der);
+
+int _gnutls_x509_write_eddsa_pubkey(const gnutls_pk_params_st * params,
+				    gnutls_datum_t * der);
+
+int
+_gnutls_x509_write_pubkey_params(const gnutls_pk_params_st * params,
+				 gnutls_datum_t * der);
+int _gnutls_x509_write_pubkey(const gnutls_pk_params_st * params,
+			      gnutls_datum_t * der);
+
+int _gnutls_x509_read_uint(asn1_node node, const char *value,
+			   unsigned int *ret);
+
+int _gnutls_x509_read_der_int(uint8_t * der, int dersize, bigint_t * out);
+int _gnutls_x509_read_der_uint(uint8_t * der, int dersize, unsigned int *out);
+
+int _gnutls_x509_read_int(asn1_node node, const char *value,
+			  bigint_t * ret_mpi);
+int _gnutls_x509_write_int(asn1_node node, const char *value, bigint_t mpi,
+			   int lz);
+
+int _gnutls_x509_write_uint32(asn1_node node, const char *value,
+			      uint32_t num);
+
+
+int _gnutls_x509_read_key_int(asn1_node node, const char *value,
+			  bigint_t * ret_mpi);
+int _gnutls_x509_write_key_int(asn1_node node, const char *value, bigint_t mpi,
+			   int lz);
+
+int _gnutls_x509_read_key_int_le(asn1_node node, const char *value,
+				 bigint_t * ret_mpi);
+int _gnutls_x509_write_key_int_le(asn1_node node, const char *value,
+				  bigint_t mpi);
+
+int _gnutls_x509_read_pkalgo_params(asn1_node src, const char *src_name,
+				  gnutls_x509_spki_st *params, unsigned is_sig);
+int _gnutls_x509_write_sign_params(asn1_node dst, const char *dst_name,
+				   const gnutls_sign_entry_st *se, gnutls_x509_spki_st *params);
+
+#define _gnutls_x509_read_sign_params(src,name,params) _gnutls_x509_read_pkalgo_params(src,name,params,1)
+#define _gnutls_x509_read_spki_params(src,name,params) _gnutls_x509_read_pkalgo_params(src,name,params,0)
+int _gnutls_x509_write_spki_params(asn1_node dst, const char *dst_name,
+				   gnutls_x509_spki_st *params);
+
+inline static int
+_gnutls_x509_crt_read_spki_params(gnutls_x509_crt_t crt,
+				  gnutls_x509_spki_st *params)
+{
+	return _gnutls_x509_read_spki_params(crt->cert,
+					     "tbsCertificate."
+					     "subjectPublicKeyInfo."
+					     "algorithm",
+					     params);
+}
+
+inline static int
+_gnutls_x509_crq_read_spki_params(gnutls_x509_crq_t crt,
+				  gnutls_x509_spki_st *params)
+{
+	return _gnutls_x509_read_spki_params(crt->crq,
+					     "certificationRequestInfo."
+					     "subjectPKInfo."
+					     "algorithm",
+					     params);
+}
+
+
+/* pkcs12.h */
+#include <gnutls/pkcs12.h>
+
+typedef struct gnutls_pkcs12_int {
+	asn1_node pkcs12;
+	unsigned expanded;
+} gnutls_pkcs12_int;
+
+#define MAX_BAG_ELEMENTS 32
+
+struct bag_element {
+	gnutls_datum_t data;
+	gnutls_pkcs12_bag_type_t type;
+	gnutls_datum_t local_key_id;
+	char *friendly_name;
+};
+
+typedef struct gnutls_pkcs12_bag_int {
+	struct bag_element element[MAX_BAG_ELEMENTS];
+	unsigned bag_elements;
+} gnutls_pkcs12_bag_int;
+
+#define BAG_PKCS8_KEY "1.2.840.113549.1.12.10.1.1"
+#define BAG_PKCS8_ENCRYPTED_KEY "1.2.840.113549.1.12.10.1.2"
+#define BAG_CERTIFICATE "1.2.840.113549.1.12.10.1.3"
+#define BAG_CRL "1.2.840.113549.1.12.10.1.4"
+#define BAG_SECRET "1.2.840.113549.1.12.10.1.5"
+
+/* Bag attributes
+ */
+#define FRIENDLY_NAME_OID "1.2.840.113549.1.9.20"
+#define KEY_ID_OID "1.2.840.113549.1.9.21"
+
+int
+_gnutls_pkcs12_string_to_key(const mac_entry_st * me,
+			     unsigned int id, const uint8_t * salt,
+			     unsigned int salt_size, unsigned int iter,
+			     const char *pw, unsigned int req_keylen,
+			     uint8_t * keybuf);
+
+
+int _pkcs12_decode_safe_contents(const gnutls_datum_t * content,
+				 gnutls_pkcs12_bag_t bag);
+
+int
+_pkcs12_encode_safe_contents(gnutls_pkcs12_bag_t bag, asn1_node * content,
+			     int *enc);
+
+int _pkcs12_decode_crt_bag(gnutls_pkcs12_bag_type_t type,
+			   const gnutls_datum_t * in,
+			   gnutls_datum_t * out);
+int _pkcs12_encode_crt_bag(gnutls_pkcs12_bag_type_t type,
+			   const gnutls_datum_t * raw,
+			   gnutls_datum_t * out);
+
+/* crq */
+int _gnutls_x509_crq_set_extension(gnutls_x509_crq_t crq,
+				   const char *ext_id,
+				   const gnutls_datum_t * ext_data,
+				   unsigned int critical);
+
+int
+gnutls_x509_crt_verify_data3(gnutls_x509_crt_t crt,
+			     gnutls_sign_algorithm_t algo,
+			     gnutls_typed_vdata_st *vdata,
+			     unsigned int vdata_size,
+			     const gnutls_datum_t *data,
+			     const gnutls_datum_t *signature,
+			     unsigned int flags);
+
+int _gnutls_trust_list_get_issuer(gnutls_x509_trust_list_t list,
+				  gnutls_x509_crt_t cert,
+				  gnutls_x509_crt_t * issuer,
+				  unsigned int flags);
+
+unsigned int
+_gnutls_verify_crt_status(gnutls_x509_trust_list_t tlist,
+			  const gnutls_x509_crt_t * certificate_list,
+			  int clist_size,
+			  const gnutls_x509_crt_t * trusted_cas,
+			  int tcas_size,
+			  unsigned int flags,
+			  const char *purpose,
+			  gnutls_verify_output_function func);
+
+#ifdef ENABLE_PKCS11
+unsigned int
+_gnutls_pkcs11_verify_crt_status(gnutls_x509_trust_list_t tlist,
+				 const char* url,
+				 const gnutls_x509_crt_t * certificate_list,
+				 unsigned clist_size,
+				 const char *purpose,
+				 unsigned int flags,
+				 gnutls_verify_output_function func);
+#endif
+
+int _gnutls_check_cert_sanity(gnutls_x509_crt_t cert);
+
+int
+_gnutls_x509_crt_check_revocation(gnutls_x509_crt_t cert,
+				  const gnutls_x509_crl_t * crl_list,
+				  int crl_list_length,
+				  gnutls_verify_output_function func);
+
+typedef struct gnutls_name_constraints_st {
+	struct name_constraints_node_st * permitted;
+	struct name_constraints_node_st * excluded;
+} gnutls_name_constraints_st;
+
+typedef struct name_constraints_node_st {
+	unsigned type;
+	gnutls_datum_t name;
+	struct name_constraints_node_st *next;
+} name_constraints_node_st;
+
+int _gnutls_extract_name_constraints(asn1_node c2, const char *vstr,
+				    name_constraints_node_st ** _nc);
+void _gnutls_name_constraints_node_free (name_constraints_node_st *node);
+int _gnutls_x509_name_constraints_merge(gnutls_x509_name_constraints_t nc,
+					gnutls_x509_name_constraints_t nc2);
+
+void _gnutls_x509_policies_erase(gnutls_x509_policies_t policies, unsigned int seq);
+
+struct gnutls_x509_tlsfeatures_st {
+	uint16_t feature[MAX_EXT_TYPES];
+	unsigned int size;
+};
+
+unsigned _gnutls_is_broken_sig_allowed(const gnutls_sign_entry_st *se, unsigned int flags);
+
+#endif /* GNUTLS_LIB_X509_X509_INT_H */
diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c
new file mode 100644
index 0000000..e9a7087
--- /dev/null
+++ b/lib/x509/x509_write.c
@@ -0,0 +1,2125 @@
+/*
+ * Copyright (C) 2003-2016 Free Software Foundation, Inc.
+ * Copyright (C) 2016-2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains functions to handle X.509 certificate generation.
+ */
+
+#include "gnutls_int.h"
+
+#include <datum.h>
+#include <global.h>
+#include "errors.h"
+#include <common.h>
+#include <x509.h>
+#include <gnutls/x509-ext.h>
+#include <x509_b64.h>
+#include "x509_int.h"
+#include <libtasn1.h>
+#include <pk.h>
+
+static void disable_optional_stuff(gnutls_x509_crt_t cert);
+
+/**
+ * gnutls_x509_crt_set_dn_by_oid:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @oid: holds an Object Identifier in a null terminated string
+ * @raw_flag: must be 0, or 1 if the data are DER encoded
+ * @name: a pointer to the name
+ * @sizeof_name: holds the size of @name
+ *
+ * This function will set the part of the name of the Certificate
+ * subject, specified by the given OID. The input string should be
+ * ASCII or UTF-8 encoded.
+ *
+ * Some helper macros with popular OIDs can be found in gnutls/x509.h
+ * With this function you can only set the known OIDs. You can test
+ * for known OIDs using gnutls_x509_dn_oid_known(). For OIDs that are
+ * not known (by gnutls) you should properly DER encode your data,
+ * and call this function with @raw_flag set.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_dn_by_oid(gnutls_x509_crt_t crt, const char *oid,
+			      unsigned int raw_flag, const void *name,
+			      unsigned int sizeof_name)
+{
+	if (sizeof_name == 0 || name == NULL || crt == NULL) {
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	MODIFIED(crt);
+
+	return _gnutls_x509_set_dn_oid(crt->cert, "tbsCertificate.subject",
+				       oid, raw_flag, name, sizeof_name);
+}
+
+/**
+ * gnutls_x509_crt_set_issuer_dn_by_oid:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @oid: holds an Object Identifier in a null terminated string
+ * @raw_flag: must be 0, or 1 if the data are DER encoded
+ * @name: a pointer to the name
+ * @sizeof_name: holds the size of @name
+ *
+ * This function will set the part of the name of the Certificate
+ * issuer, specified by the given OID.  The input string should be
+ * ASCII or UTF-8 encoded.
+ *
+ * Some helper macros with popular OIDs can be found in gnutls/x509.h
+ * With this function you can only set the known OIDs. You can test
+ * for known OIDs using gnutls_x509_dn_oid_known(). For OIDs that are
+ * not known (by gnutls) you should properly DER encode your data,
+ * and call this function with @raw_flag set.
+ *
+ * Normally you do not need to call this function, since the signing
+ * operation will copy the signer's name as the issuer of the
+ * certificate.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_issuer_dn_by_oid(gnutls_x509_crt_t crt,
+				     const char *oid,
+				     unsigned int raw_flag,
+				     const void *name,
+				     unsigned int sizeof_name)
+{
+	if (sizeof_name == 0 || name == NULL || crt == NULL) {
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	MODIFIED(crt);
+
+	return _gnutls_x509_set_dn_oid(crt->cert, "tbsCertificate.issuer",
+				       oid, raw_flag, name, sizeof_name);
+}
+
+/**
+ * gnutls_x509_crt_set_proxy_dn:
+ * @crt: a gnutls_x509_crt_t type with the new proxy cert
+ * @eecrt: the end entity certificate that will be issuing the proxy
+ * @raw_flag: must be 0, or 1 if the CN is DER encoded
+ * @name: a pointer to the CN name, may be NULL (but MUST then be added later)
+ * @sizeof_name: holds the size of @name
+ *
+ * This function will set the subject in @crt to the end entity's
+ * @eecrt subject name, and add a single Common Name component @name
+ * of size @sizeof_name.  This corresponds to the required proxy
+ * certificate naming style.  Note that if @name is %NULL, you MUST
+ * set it later by using gnutls_x509_crt_set_dn_by_oid() or similar.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_proxy_dn(gnutls_x509_crt_t crt,
+			     gnutls_x509_crt_t eecrt,
+			     unsigned int raw_flag, const void *name,
+			     unsigned int sizeof_name)
+{
+	int result;
+
+	if (crt == NULL || eecrt == NULL) {
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	MODIFIED(crt);
+
+	result = asn1_copy_node(crt->cert, "tbsCertificate.subject",
+				eecrt->cert, "tbsCertificate.subject");
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	if (name && sizeof_name) {
+		return _gnutls_x509_set_dn_oid(crt->cert,
+					       "tbsCertificate.subject",
+					       GNUTLS_OID_X520_COMMON_NAME,
+					       raw_flag, name,
+					       sizeof_name);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_set_version:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @version: holds the version number. For X.509v1 certificates must be 1.
+ *
+ * This function will set the version of the certificate.  This must
+ * be one for X.509 version 1, and so on.  Plain certificates without
+ * extensions must have version set to one.
+ *
+ * To create well-formed certificates, you must specify version 3 if
+ * you use any certificate extensions.  Extensions are created by
+ * functions such as gnutls_x509_crt_set_subject_alt_name()
+ * or gnutls_x509_crt_set_key_usage().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_version(gnutls_x509_crt_t crt, unsigned int version)
+{
+	int result;
+	unsigned char null = version;
+
+	if (crt == NULL || version == 0 || version >= 0x80) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	MODIFIED(crt);
+
+	if (null > 0)
+		null--;
+
+	result =
+	    asn1_write_value(crt->cert, "tbsCertificate.version", &null,
+			     1);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_set_key:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @key: holds a private key
+ *
+ * This function will set the public parameters from the given
+ * private key to the certificate.
+ *
+ * To export the public key (i.e., the SubjectPublicKeyInfo part), check
+ * gnutls_pubkey_import_x509().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ **/
+int
+gnutls_x509_crt_set_key(gnutls_x509_crt_t crt, gnutls_x509_privkey_t key)
+{
+	int result;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	MODIFIED(crt);
+
+	result = _gnutls_x509_encode_and_copy_PKI_params(crt->cert,
+							 "tbsCertificate.subjectPublicKeyInfo",
+							 &key->params);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_set_crq:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @crq: holds a certificate request
+ *
+ * This function will set the name and public parameters as well as
+ * the extensions from the given certificate request to the certificate. 
+ * Only RSA keys are currently supported.
+ *
+ * Note that this function will only set the @crq if it is self
+ * signed and the signature is correct. See gnutls_x509_crq_sign2().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_x509_crt_set_crq(gnutls_x509_crt_t crt, gnutls_x509_crq_t crq)
+{
+	int result;
+
+	if (crt == NULL || crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	MODIFIED(crt);
+
+	result = gnutls_x509_crq_verify(crq, 0);
+	if (result < 0)
+		return gnutls_assert_val(result);
+
+	result = asn1_copy_node(crt->cert, "tbsCertificate.subject",
+				crq->crq,
+				"certificationRequestInfo.subject");
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	result =
+	    asn1_copy_node(crt->cert,
+			   "tbsCertificate.subjectPublicKeyInfo", crq->crq,
+			   "certificationRequestInfo.subjectPKInfo");
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_set_crq_extensions:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @crq: holds a certificate request
+ *
+ * This function will set the extensions from the given request to the
+ * certificate.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.8.0
+ **/
+int
+gnutls_x509_crt_set_crq_extensions(gnutls_x509_crt_t crt,
+				   gnutls_x509_crq_t crq)
+{
+	return gnutls_x509_crt_set_crq_extension_by_oid(crt, crq, NULL, 0);
+}
+
+/**
+ * gnutls_x509_crt_set_crq_extension_by_oid:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @crq: holds a certificate request
+ * @oid: the object identifier of the OID to copy
+ * @flags: should be zero
+ *
+ * This function will set the extension specify by @oid from the given request to the
+ * certificate.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.1
+ **/
+int
+gnutls_x509_crt_set_crq_extension_by_oid(gnutls_x509_crt_t crt,
+					 gnutls_x509_crq_t crq, const char *oid,
+					 unsigned flags)
+{
+	size_t i;
+
+	if (crt == NULL || crq == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	MODIFIED(crt);
+
+	for (i = 0;; i++) {
+		int result;
+		char local_oid[MAX_OID_SIZE];
+		size_t local_oid_size;
+		uint8_t *extensions;
+		size_t extensions_size;
+		unsigned int critical;
+		gnutls_datum_t ext;
+
+		local_oid_size = sizeof(local_oid);
+		result = gnutls_x509_crq_get_extension_info(crq, i, local_oid,
+							    &local_oid_size,
+							    &critical);
+		if (result < 0) {
+			if (result ==
+			    GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+				break;
+
+			gnutls_assert();
+			return result;
+		}
+
+		if (oid && strcmp(local_oid, oid) != 0)
+			continue;
+
+		extensions_size = 0;
+		result = gnutls_x509_crq_get_extension_data(crq, i, NULL,
+							    &extensions_size);
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+
+		extensions = gnutls_malloc(extensions_size);
+		if (extensions == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+
+		result =
+		    gnutls_x509_crq_get_extension_data(crq, i, extensions,
+						       &extensions_size);
+		if (result < 0) {
+			gnutls_assert();
+			gnutls_free(extensions);
+			return result;
+		}
+
+		ext.data = extensions;
+		ext.size = extensions_size;
+
+		result =
+		    _gnutls_x509_crt_set_extension(crt, local_oid, &ext,
+						   critical);
+		gnutls_free(extensions);
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_set_extension_by_oid:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @oid: holds an Object Identifier in null terminated string
+ * @buf: a pointer to a DER encoded data
+ * @sizeof_buf: holds the size of @buf
+ * @critical: should be non-zero if the extension is to be marked as critical
+ *
+ * This function will set an the extension, by the specified OID, in
+ * the certificate.  The extension data should be binary data DER
+ * encoded.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_extension_by_oid(gnutls_x509_crt_t crt,
+				     const char *oid, const void *buf,
+				     size_t sizeof_buf,
+				     unsigned int critical)
+{
+	int result;
+	gnutls_datum_t der_data;
+
+	der_data.data = (void *) buf;
+	der_data.size = sizeof_buf;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result =
+	    _gnutls_x509_crt_set_extension(crt, oid, &der_data, critical);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+
+}
+
+/**
+ * gnutls_x509_crt_set_basic_constraints:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @ca: true(1) or false(0). Depending on the Certificate authority status.
+ * @pathLenConstraint: non-negative error codes indicate maximum length of path,
+ *   and negative error codes indicate that the pathLenConstraints field should
+ *   not be present.
+ *
+ * This function will set the basicConstraints certificate extension.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_basic_constraints(gnutls_x509_crt_t crt,
+				      unsigned int ca,
+				      int pathLenConstraint)
+{
+	int result;
+	gnutls_datum_t der_data;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* generate the extension.
+	 */
+	result = gnutls_x509_ext_export_basic_constraints(ca, pathLenConstraint, &der_data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result =
+	    _gnutls_x509_crt_set_extension(crt, "2.5.29.19", &der_data, 1);
+
+	_gnutls_free_datum(&der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_set_ca_status:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @ca: true(1) or false(0). Depending on the Certificate authority status.
+ *
+ * This function will set the basicConstraints certificate extension.
+ * Use gnutls_x509_crt_set_basic_constraints() if you want to control
+ * the pathLenConstraint field too.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_x509_crt_set_ca_status(gnutls_x509_crt_t crt, unsigned int ca)
+{
+	return gnutls_x509_crt_set_basic_constraints(crt, ca, -1);
+}
+
+/**
+ * gnutls_x509_crt_set_key_usage:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @usage: an ORed sequence of the GNUTLS_KEY_* elements.
+ *
+ * This function will set the keyUsage certificate extension.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_key_usage(gnutls_x509_crt_t crt, unsigned int usage)
+{
+	int result;
+	gnutls_datum_t der_data;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* generate the extension.
+	 */
+	result =
+	    gnutls_x509_ext_export_key_usage(usage, &der_data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result =
+	    _gnutls_x509_crt_set_extension(crt, "2.5.29.15", &der_data, 1);
+
+	_gnutls_free_datum(&der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_set_inhibit_anypolicy:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @skipcerts: number of certificates after which anypolicy is no longer acceptable.
+ *
+ * This function will set the Inhibit anyPolicy certificate extension.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_inhibit_anypolicy(gnutls_x509_crt_t crt, unsigned int skipcerts)
+{
+	int ret;
+	gnutls_datum_t der_data;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* generate the extension.
+	 */
+	ret =
+	    gnutls_x509_ext_export_inhibit_anypolicy(skipcerts, &der_data);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret =
+	    _gnutls_x509_crt_set_extension(crt, "2.5.29.54", &der_data, 1);
+	_gnutls_free_datum(&der_data);
+
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_set_subject_alternative_name:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @type: is one of the gnutls_x509_subject_alt_name_t enumerations
+ * @data_string: The data to be set, a (0) terminated string
+ *
+ * This function will set the subject alternative name certificate
+ * extension. This function assumes that data can be expressed as a null
+ * terminated string.
+ *
+ * The name of the function is unfortunate since it is inconsistent with
+ * gnutls_x509_crt_get_subject_alt_name().
+ *
+ * See gnutls_x509_crt_set_subject_alt_name() for more information.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_subject_alternative_name(gnutls_x509_crt_t crt,
+					     gnutls_x509_subject_alt_name_t
+					     type, const char *data_string)
+{
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* only handle text extensions */
+	if (type != GNUTLS_SAN_DNSNAME && type != GNUTLS_SAN_RFC822NAME &&
+	    type != GNUTLS_SAN_URI) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	return gnutls_x509_crt_set_subject_alt_name(crt, type, data_string,
+						    strlen(data_string),
+						    GNUTLS_FSAN_SET);
+}
+
+/**
+ * gnutls_x509_crt_set_subject_alt_name:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @type: is one of the gnutls_x509_subject_alt_name_t enumerations
+ * @data: The data to be set
+ * @data_size: The size of data to be set
+ * @flags: GNUTLS_FSAN_SET to clear previous data or GNUTLS_FSAN_APPEND to append. 
+ *
+ * This function will set the subject alternative name certificate
+ * extension. It can set the following types: %GNUTLS_SAN_DNSNAME as a text string,
+ * %GNUTLS_SAN_RFC822NAME as a text string, %GNUTLS_SAN_URI as a text string,
+ * %GNUTLS_SAN_IPADDRESS as a binary IP address (4 or 16 bytes),
+ * %GNUTLS_SAN_OTHERNAME_XMPP as a UTF8 string (since 3.5.0).
+ *
+ * Since version 3.5.7 the %GNUTLS_SAN_RFC822NAME, %GNUTLS_SAN_DNSNAME, and
+ * %GNUTLS_SAN_OTHERNAME_XMPP are converted to ACE format when necessary.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.6.0
+ **/
+int
+gnutls_x509_crt_set_subject_alt_name(gnutls_x509_crt_t crt,
+				     gnutls_x509_subject_alt_name_t type,
+				     const void *data,
+				     unsigned int data_size,
+				     unsigned int flags)
+{
+	int result;
+	gnutls_datum_t der_data = { NULL, 0 };
+	gnutls_datum_t prev_der_data = { NULL, 0 };
+	unsigned int critical = 0;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Check if the extension already exists.
+	 */
+
+	if (flags & GNUTLS_FSAN_APPEND) {
+		result =
+		    _gnutls_x509_crt_get_extension(crt, "2.5.29.17", 0,
+						   &prev_der_data,
+						   &critical);
+		if (result < 0
+		    && result != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	/* generate the extension.
+	 */
+	result =
+	    _gnutls_x509_ext_gen_subject_alt_name(type, NULL, data, data_size,
+						  &prev_der_data,
+						  &der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		goto finish;
+	}
+
+	result =
+	    _gnutls_x509_crt_set_extension(crt, "2.5.29.17", &der_data,
+					   critical);
+
+	_gnutls_free_datum(&der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result = 0;
+
+      finish:
+	_gnutls_free_datum(&prev_der_data);
+	return result;
+}
+
+/**
+ * gnutls_x509_crt_set_issuer_alt_name:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @type: is one of the gnutls_x509_subject_alt_name_t enumerations
+ * @data: The data to be set
+ * @data_size: The size of data to be set
+ * @flags: GNUTLS_FSAN_SET to clear previous data or GNUTLS_FSAN_APPEND to append. 
+ *
+ * This function will set the issuer alternative name certificate
+ * extension. It can set the same types as gnutls_x509_crt_set_subject_alt_name().
+ *
+ * Since version 3.5.7 the %GNUTLS_SAN_RFC822NAME, %GNUTLS_SAN_DNSNAME, and
+ * %GNUTLS_SAN_OTHERNAME_XMPP are converted to ACE format when necessary.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.3.0
+ **/
+int
+gnutls_x509_crt_set_issuer_alt_name(gnutls_x509_crt_t crt,
+				     gnutls_x509_subject_alt_name_t type,
+				     const void *data,
+				     unsigned int data_size,
+				     unsigned int flags)
+{
+	int result;
+	gnutls_datum_t der_data = { NULL, 0 };
+	gnutls_datum_t prev_der_data = { NULL, 0 };
+	unsigned int critical = 0;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Check if the extension already exists.
+	 */
+
+	if (flags & GNUTLS_FSAN_APPEND) {
+		result =
+		    _gnutls_x509_crt_get_extension(crt, "2.5.29.18", 0,
+						   &prev_der_data,
+						   &critical);
+		if (result < 0
+		    && result != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	/* generate the extension.
+	 */
+	result =
+	    _gnutls_x509_ext_gen_subject_alt_name(type, NULL, data, data_size,
+						  &prev_der_data,
+						  &der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		goto finish;
+	}
+
+	result =
+	    _gnutls_x509_crt_set_extension(crt, "2.5.29.18", &der_data,
+					   critical);
+
+	_gnutls_free_datum(&der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result = 0;
+
+      finish:
+	_gnutls_free_datum(&prev_der_data);
+	return result;
+}
+
+int _gnutls_encode_othername_data(unsigned flags, const void *data, unsigned data_size, gnutls_datum_t *output)
+{
+	int ret;
+	if (flags & GNUTLS_FSAN_ENCODE_OCTET_STRING) {
+		ret = _gnutls_x509_encode_string(ASN1_ETYPE_OCTET_STRING,
+			data, data_size, output);
+	} else if (flags & GNUTLS_FSAN_ENCODE_UTF8_STRING) {
+		ret = _gnutls_x509_encode_string(ASN1_ETYPE_UTF8_STRING,
+			data, data_size, output);
+	} else {
+		ret = _gnutls_set_datum(output, data, data_size);
+	}
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_set_subject_alt_othername:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @oid: The other name OID
+ * @data: The data to be set
+ * @data_size: The size of data to be set
+ * @flags: GNUTLS_FSAN_SET to clear previous data or GNUTLS_FSAN_APPEND to append. 
+ *
+ * This function will set an "othername" to the subject alternative name certificate
+ * extension.
+ *
+ * The values set are set as binary values and are expected to have the proper DER encoding.
+ * For convenience the flags %GNUTLS_FSAN_ENCODE_OCTET_STRING and %GNUTLS_FSAN_ENCODE_UTF8_STRING
+ * can be used to encode the provided data.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.0
+ **/
+int
+gnutls_x509_crt_set_subject_alt_othername(gnutls_x509_crt_t crt,
+				     const char *oid,
+				     const void *data,
+				     unsigned int data_size,
+				     unsigned int flags)
+{
+	int result;
+	gnutls_datum_t der_data = { NULL, 0 };
+	gnutls_datum_t prev_der_data = { NULL, 0 };
+	gnutls_datum_t encoded_data = { NULL, 0 };
+	unsigned int critical = 0;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Check if the extension already exists.
+	 */
+
+	if (flags & GNUTLS_FSAN_APPEND) {
+		result =
+		    _gnutls_x509_crt_get_extension(crt, "2.5.29.17", 0,
+						   &prev_der_data,
+						   &critical);
+		if (result < 0
+		    && result != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	result = _gnutls_encode_othername_data(flags, data, data_size, &encoded_data);
+	if (result < 0) {
+		gnutls_assert();
+		goto finish;
+	}
+
+	/* generate the extension.
+	 */
+	result =
+		_gnutls_x509_ext_gen_subject_alt_name(GNUTLS_SAN_OTHERNAME, oid,
+						      encoded_data.data, encoded_data.size,
+						      &prev_der_data, &der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		goto finish;
+	}
+
+	result =
+	    _gnutls_x509_crt_set_extension(crt, "2.5.29.17", &der_data,
+					   critical);
+
+
+	if (result < 0) {
+		gnutls_assert();
+		goto finish;
+	}
+
+	result = 0;
+
+      finish:
+	_gnutls_free_datum(&der_data);
+	_gnutls_free_datum(&prev_der_data);
+	_gnutls_free_datum(&encoded_data);
+	return result;
+}
+
+/**
+ * gnutls_x509_crt_set_issuer_alt_othername:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @oid: The other name OID
+ * @data: The data to be set
+ * @data_size: The size of data to be set
+ * @flags: GNUTLS_FSAN_SET to clear previous data or GNUTLS_FSAN_APPEND to append. 
+ *
+ * This function will set an "othername" to the issuer alternative name certificate
+ * extension.
+ *
+ * The values set are set as binary values and are expected to have the proper DER encoding.
+ * For convenience the flags %GNUTLS_FSAN_ENCODE_OCTET_STRING and %GNUTLS_FSAN_ENCODE_UTF8_STRING
+ * can be used to encode the provided data.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.5.0
+ **/
+int
+gnutls_x509_crt_set_issuer_alt_othername(gnutls_x509_crt_t crt,
+				     const char *oid,
+				     const void *data,
+				     unsigned int data_size,
+				     unsigned int flags)
+{
+	int result;
+	gnutls_datum_t der_data = { NULL, 0 };
+	gnutls_datum_t prev_der_data = { NULL, 0 };
+	gnutls_datum_t encoded_data = {NULL, 0};
+	unsigned int critical = 0;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Check if the extension already exists.
+	 */
+
+	if (flags & GNUTLS_FSAN_APPEND) {
+		result =
+		    _gnutls_x509_crt_get_extension(crt, "2.5.29.18", 0,
+						   &prev_der_data,
+						   &critical);
+		if (result < 0
+		    && result != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			gnutls_assert();
+			return result;
+		}
+	}
+
+	result = _gnutls_encode_othername_data(flags, data, data_size, &encoded_data);
+	if (result < 0) {
+		gnutls_assert();
+		goto finish;
+	}
+
+	/* generate the extension.
+	 */
+	result =
+		_gnutls_x509_ext_gen_subject_alt_name(GNUTLS_SAN_OTHERNAME, oid,
+						      encoded_data.data, encoded_data.size,
+						      &prev_der_data, &der_data);
+	if (result < 0) {
+		gnutls_assert();
+		goto finish;
+	}
+
+	result =
+	    _gnutls_x509_crt_set_extension(crt, "2.5.29.18", &der_data,
+					   critical);
+
+	if (result < 0) {
+		gnutls_assert();
+		goto finish;
+	}
+
+	result = 0;
+
+      finish:
+	_gnutls_free_datum(&der_data);
+	_gnutls_free_datum(&prev_der_data);
+	_gnutls_free_datum(&encoded_data);
+	return result;
+}
+
+/**
+ * gnutls_x509_crt_set_proxy:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @pathLenConstraint: non-negative error codes indicate maximum length of path,
+ *   and negative error codes indicate that the pathLenConstraints field should
+ *   not be present.
+ * @policyLanguage: OID describing the language of @policy.
+ * @policy: uint8_t byte array with policy language, can be %NULL
+ * @sizeof_policy: size of @policy.
+ *
+ * This function will set the proxyCertInfo extension.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_proxy(gnutls_x509_crt_t crt,
+			  int pathLenConstraint,
+			  const char *policyLanguage,
+			  const char *policy, size_t sizeof_policy)
+{
+	int result;
+	gnutls_datum_t der_data;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* generate the extension.
+	 */
+	result = gnutls_x509_ext_export_proxy(pathLenConstraint,
+					    policyLanguage,
+					    policy, sizeof_policy,
+					    &der_data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result = _gnutls_x509_crt_set_extension(crt, "1.3.6.1.5.5.7.1.14",
+						&der_data, 1);
+
+	_gnutls_free_datum(&der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_set_private_key_usage_period:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @activation: The activation time
+ * @expiration: The expiration time
+ *
+ * This function will set the private key usage period extension (2.5.29.16).
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_private_key_usage_period(gnutls_x509_crt_t crt,
+					     time_t activation,
+					     time_t expiration)
+{
+	int result;
+	gnutls_datum_t der_data;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	result = gnutls_x509_ext_export_private_key_usage_period(activation,
+		expiration, &der_data);
+	if (result < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	result = _gnutls_x509_crt_set_extension(crt, "2.5.29.16",
+						&der_data, 0);
+
+	_gnutls_free_datum(&der_data);
+
+ cleanup:
+	return result;
+}
+
+/**
+ * gnutls_x509_crt_sign2:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @issuer: is the certificate of the certificate issuer
+ * @issuer_key: holds the issuer's private key
+ * @dig: The message digest to use, %GNUTLS_DIG_SHA256 is a safe choice
+ * @flags: must be 0
+ *
+ * This function will sign the certificate with the issuer's private key, and
+ * will copy the issuer's information into the certificate.
+ *
+ * This must be the last step in a certificate generation since all
+ * the previously set parameters are now signed.
+ *
+ * A known limitation of this function is, that a newly-signed certificate will not
+ * be fully functional (e.g., for signature verification), until it
+ * is exported an re-imported.
+ *
+ * After GnuTLS 3.6.1 the value of @dig may be %GNUTLS_DIG_UNKNOWN,
+ * and in that case, a suitable but reasonable for the key algorithm will be selected.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_sign2(gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer,
+		      gnutls_x509_privkey_t issuer_key,
+		      gnutls_digest_algorithm_t dig, unsigned int flags)
+{
+	int result;
+	gnutls_privkey_t privkey;
+
+	if (crt == NULL || issuer == NULL || issuer_key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	MODIFIED(crt);
+
+	result = gnutls_privkey_init(&privkey);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result = gnutls_privkey_import_x509(privkey, issuer_key, 0);
+	if (result < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	result =
+	    gnutls_x509_crt_privkey_sign(crt, issuer, privkey, dig, flags);
+	if (result < 0) {
+		gnutls_assert();
+		goto fail;
+	}
+
+	result = 0;
+
+      fail:
+	gnutls_privkey_deinit(privkey);
+
+	return result;
+}
+
+/**
+ * gnutls_x509_crt_sign:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @issuer: is the certificate of the certificate issuer
+ * @issuer_key: holds the issuer's private key
+ *
+ * This function is the same a gnutls_x509_crt_sign2() with no flags,
+ * and an appropriate hash algorithm. The hash algorithm used may
+ * vary between versions of GnuTLS, and it is tied to the security
+ * level of the issuer's public key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_sign(gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer,
+		     gnutls_x509_privkey_t issuer_key)
+{
+	return gnutls_x509_crt_sign2(crt, issuer, issuer_key,
+				     0, 0);
+}
+
+/**
+ * gnutls_x509_crt_set_activation_time:
+ * @cert: a certificate of type #gnutls_x509_crt_t
+ * @act_time: The actual time
+ *
+ * This function will set the time this certificate was or will be
+ * activated.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_activation_time(gnutls_x509_crt_t cert,
+				    time_t act_time)
+{
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	MODIFIED(cert);
+
+	return _gnutls_x509_set_time(cert->cert,
+				     "tbsCertificate.validity.notBefore",
+				     act_time, 0);
+}
+
+/**
+ * gnutls_x509_crt_set_expiration_time:
+ * @cert: a certificate of type #gnutls_x509_crt_t
+ * @exp_time: The actual time
+ *
+ * This function will set the time this Certificate will expire.
+ * Setting an expiration time to (time_t)-1 will set
+ * to the no well-defined expiration date value.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_expiration_time(gnutls_x509_crt_t cert,
+				    time_t exp_time)
+{
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	MODIFIED(cert);
+
+	return _gnutls_x509_set_time(cert->cert,
+				     "tbsCertificate.validity.notAfter",
+				     exp_time, 0);
+}
+
+/**
+ * gnutls_x509_crt_set_serial:
+ * @cert: a certificate of type #gnutls_x509_crt_t
+ * @serial: The serial number
+ * @serial_size: Holds the size of the serial field.
+ *
+ * This function will set the X.509 certificate's serial number.
+ * While the serial number is an integer, it is often handled
+ * as an opaque field by several CAs. For this reason this function
+ * accepts any kind of data as a serial number. To be consistent
+ * with the X.509/PKIX specifications the provided @serial should be 
+ * a big-endian positive number (i.e. its leftmost bit should be zero).
+ *
+ * The size of the serial is restricted to 20 bytes maximum by RFC5280.
+ * This function allows writing more than 20 bytes but the generated
+ * certificates in that case may be rejected by other implementations.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_serial(gnutls_x509_crt_t cert, const void *serial,
+			   size_t serial_size)
+{
+	int ret;
+	unsigned all_zero, i;
+	const unsigned char *pserial = serial;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* check for non-zero serial */
+	all_zero = 1;
+	for (i=0;i<serial_size;i++) {
+		if (pserial[i] != 0) {
+			all_zero = 0;
+			break;
+		}
+	}
+
+	if (all_zero) {
+		_gnutls_debug_log("error: certificate serial is zero\n");
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	MODIFIED(cert);
+
+	ret =
+	    asn1_write_value(cert->cert, "tbsCertificate.serialNumber",
+			     serial, serial_size);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	return 0;
+
+}
+
+/**
+ * gnutls_x509_crt_set_issuer_unique_id:
+ * @cert: a certificate of type #gnutls_x509_crt_t
+ * @id: The unique ID
+ * @id_size: Holds the size of the unique ID.
+ *
+ * This function will set the X.509 certificate's issuer unique ID field.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.7
+ **/
+int
+gnutls_x509_crt_set_issuer_unique_id(gnutls_x509_crt_t cert, const void *id,
+			   size_t id_size)
+{
+	int ret;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	MODIFIED(cert);
+
+	ret =
+	    asn1_write_value(cert->cert, "tbsCertificate.issuerUniqueID",
+			     id, id_size*8);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_set_subject_unique_id:
+ * @cert: a certificate of type #gnutls_x509_crt_t
+ * @id: The unique ID
+ * @id_size: Holds the size of the unique ID.
+ *
+ * This function will set the X.509 certificate's subject unique ID field.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.4.7
+ **/
+int
+gnutls_x509_crt_set_subject_unique_id(gnutls_x509_crt_t cert, const void *id,
+			   size_t id_size)
+{
+	int ret;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	MODIFIED(cert);
+
+	ret =
+	    asn1_write_value(cert->cert, "tbsCertificate.subjectUniqueID",
+			     id, id_size*8);
+	if (ret != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(ret);
+	}
+
+	return 0;
+}
+
+/* If OPTIONAL fields have not been initialized then
+ * disable them.
+ */
+static void disable_optional_stuff(gnutls_x509_crt_t cert)
+{
+	asn1_data_node_st n;
+	asn1_node node;
+	unsigned remove_subject_unique_id = 1;
+	unsigned remove_issuer_unique_id = 1;
+
+	node = asn1_find_node(cert->cert, "tbsCertificate.issuerUniqueID");
+	if (node) {
+		if (asn1_read_node_value(node, &n) == ASN1_SUCCESS && n.value_len != 0)
+			remove_issuer_unique_id = 0;
+	}
+
+	node = asn1_find_node(cert->cert, "tbsCertificate.subjectUniqueID");
+	if (node) {
+		if (asn1_read_node_value(node, &n) == ASN1_SUCCESS && n.value_len != 0)
+			remove_subject_unique_id = 0;
+	}
+
+	if (remove_issuer_unique_id)
+		(void)asn1_write_value(cert->cert, "tbsCertificate.issuerUniqueID", NULL,
+				 0);
+
+	if (remove_subject_unique_id)
+		(void)asn1_write_value(cert->cert, "tbsCertificate.subjectUniqueID",
+				 NULL, 0);
+
+	if (cert->use_extensions == 0) {
+		_gnutls_debug_log("Disabling X.509 extensions.\n");
+		(void)asn1_write_value(cert->cert, "tbsCertificate.extensions",
+				 NULL, 0);
+	}
+
+	return;
+}
+
+/**
+ * gnutls_x509_crt_set_crl_dist_points:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @type: is one of the gnutls_x509_subject_alt_name_t enumerations
+ * @data_string: The data to be set
+ * @reason_flags: revocation reasons
+ *
+ * This function will set the CRL distribution points certificate extension.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_crl_dist_points(gnutls_x509_crt_t crt,
+				    gnutls_x509_subject_alt_name_t type,
+				    const void *data_string,
+				    unsigned int reason_flags)
+{
+	return gnutls_x509_crt_set_crl_dist_points2(crt, type, data_string,
+						    strlen(data_string),
+						    reason_flags);
+}
+
+/**
+ * gnutls_x509_crt_set_crl_dist_points2:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @type: is one of the gnutls_x509_subject_alt_name_t enumerations
+ * @data: The data to be set
+ * @data_size: The data size
+ * @reason_flags: revocation reasons
+ *
+ * This function will set the CRL distribution points certificate extension.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 2.6.0
+ **/
+int
+gnutls_x509_crt_set_crl_dist_points2(gnutls_x509_crt_t crt,
+				     gnutls_x509_subject_alt_name_t type,
+				     const void *data,
+				     unsigned int data_size,
+				     unsigned int reason_flags)
+{
+	int ret;
+	gnutls_datum_t der_data = { NULL, 0 };
+	gnutls_datum_t old_der = { NULL, 0 };
+	unsigned int critical;
+	gnutls_x509_crl_dist_points_t cdp = NULL;
+	gnutls_datum_t san;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_x509_crl_dist_points_init(&cdp);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* Check if the extension already exists.
+	 */
+	ret =
+	    _gnutls_x509_crt_get_extension(crt, "2.5.29.31", 0, &old_der,
+					   &critical);
+
+	if (ret >= 0 && old_der.data != NULL) {
+		ret = gnutls_x509_ext_import_crl_dist_points(&old_der, cdp, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	san.data = (void*)data;
+	san.size = data_size;
+	ret = gnutls_x509_crl_dist_points_set(cdp, type, &san, reason_flags);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* generate the extension.
+	 */
+	ret =
+	    gnutls_x509_ext_export_crl_dist_points(cdp, &der_data);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret =
+	    _gnutls_x509_crt_set_extension(crt, "2.5.29.31", &der_data, 0);
+
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	_gnutls_free_datum(&der_data);
+	_gnutls_free_datum(&old_der);
+	if (cdp != NULL)
+		gnutls_x509_crl_dist_points_deinit(cdp);
+
+	return ret;
+
+}
+
+/**
+ * gnutls_x509_crt_cpy_crl_dist_points:
+ * @dst: a certificate of type #gnutls_x509_crt_t
+ * @src: the certificate where the dist points will be copied from
+ *
+ * This function will copy the CRL distribution points certificate
+ * extension, from the source to the destination certificate.
+ * This may be useful to copy from a CA certificate to issued ones.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_cpy_crl_dist_points(gnutls_x509_crt_t dst,
+				    gnutls_x509_crt_t src)
+{
+	int result;
+	gnutls_datum_t der_data;
+	unsigned int critical;
+
+	if (dst == NULL || src == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Check if the extension already exists.
+	 */
+	result =
+	    _gnutls_x509_crt_get_extension(src, "2.5.29.31", 0, &der_data,
+					   &critical);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result =
+	    _gnutls_x509_crt_set_extension(dst, "2.5.29.31", &der_data,
+					   critical);
+	_gnutls_free_datum(&der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_set_subject_key_id:
+ * @cert: a certificate of type #gnutls_x509_crt_t
+ * @id: The key ID
+ * @id_size: Holds the size of the subject key ID field.
+ *
+ * This function will set the X.509 certificate's subject key ID
+ * extension.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_subject_key_id(gnutls_x509_crt_t cert,
+				   const void *id, size_t id_size)
+{
+	int result;
+	gnutls_datum_t old_id, der_data;
+	gnutls_datum_t d_id;
+	unsigned int critical;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Check if the extension already exists.
+	 */
+	result =
+	    _gnutls_x509_crt_get_extension(cert, "2.5.29.14", 0, &old_id,
+					   &critical);
+
+	if (result >= 0)
+		_gnutls_free_datum(&old_id);
+	if (result != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* generate the extension.
+	 */
+	d_id.data = (void*)id;
+	d_id.size = id_size;
+
+	result = gnutls_x509_ext_export_subject_key_id(&d_id, &der_data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result =
+	    _gnutls_x509_crt_set_extension(cert, "2.5.29.14", &der_data,
+					   0);
+
+	_gnutls_free_datum(&der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_set_authority_key_id:
+ * @cert: a certificate of type #gnutls_x509_crt_t
+ * @id: The key ID
+ * @id_size: Holds the size of the key ID field.
+ *
+ * This function will set the X.509 certificate's authority key ID extension.
+ * Only the keyIdentifier field can be set with this function.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_set_authority_key_id(gnutls_x509_crt_t cert,
+				     const void *id, size_t id_size)
+{
+	int result;
+	gnutls_datum_t old_id, der_data;
+	unsigned int critical;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* Check if the extension already exists.
+	 */
+	result =
+	    _gnutls_x509_crt_get_extension(cert, "2.5.29.35", 0, &old_id,
+					   &critical);
+
+	if (result >= 0)
+		_gnutls_free_datum(&old_id);
+	if (result != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	/* generate the extension.
+	 */
+	result = _gnutls_x509_ext_gen_auth_key_id(id, id_size, &der_data);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result =
+	    _gnutls_x509_crt_set_extension(cert, "2.5.29.35", &der_data,
+					   0);
+
+	_gnutls_free_datum(&der_data);
+
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_set_key_purpose_oid:
+ * @cert: a certificate of type #gnutls_x509_crt_t
+ * @oid: a pointer to a null terminated string that holds the OID
+ * @critical: Whether this extension will be critical or not
+ *
+ * This function will set the key purpose OIDs of the Certificate.
+ * These are stored in the Extended Key Usage extension (2.5.29.37)
+ * See the GNUTLS_KP_* definitions for human readable names.
+ *
+ * Subsequent calls to this function will append OIDs to the OID list.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ *   otherwise a negative error code is returned.
+ **/
+int
+gnutls_x509_crt_set_key_purpose_oid(gnutls_x509_crt_t cert,
+				    const void *oid, unsigned int critical)
+{
+	int ret;
+	gnutls_datum_t old_id = {NULL,0};
+	gnutls_datum_t der = {NULL,0};
+	gnutls_x509_key_purposes_t p = NULL;
+
+	if (cert == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_x509_key_purpose_init(&p);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	/* Check if the extension already exists.
+	 */
+	ret =
+	    _gnutls_x509_crt_get_extension(cert, "2.5.29.37", 0, &old_id,
+					   NULL);
+
+	if (ret >= 0) {
+		ret = gnutls_x509_ext_import_key_purposes(&old_id, p, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret = gnutls_x509_key_purpose_set(p, oid);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_ext_export_key_purposes(p, &der);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_crt_set_extension(cert, "2.5.29.37",
+						&der, critical);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	_gnutls_free_datum(&der);
+	_gnutls_free_datum(&old_id);
+	if (p != NULL)
+		gnutls_x509_key_purpose_deinit(p);
+
+	return ret;
+
+}
+
+/**
+ * gnutls_x509_crt_privkey_sign:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @issuer: is the certificate of the certificate issuer
+ * @issuer_key: holds the issuer's private key
+ * @dig: The message digest to use, %GNUTLS_DIG_SHA256 is a safe choice
+ * @flags: must be 0
+ *
+ * This function will sign the certificate with the issuer's private key, and
+ * will copy the issuer's information into the certificate.
+ *
+ * This must be the last step in a certificate generation since all
+ * the previously set parameters are now signed.
+ *
+ * A known limitation of this function is, that a newly-signed certificate will not
+ * be fully functional (e.g., for signature verification), until it
+ * is exported an re-imported.
+ *
+ * After GnuTLS 3.6.1 the value of @dig may be %GNUTLS_DIG_UNKNOWN,
+ * and in that case, a suitable but reasonable for the key algorithm will be selected.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_crt_privkey_sign(gnutls_x509_crt_t crt,
+			     gnutls_x509_crt_t issuer,
+			     gnutls_privkey_t issuer_key,
+			     gnutls_digest_algorithm_t dig,
+			     unsigned int flags)
+{
+	int result;
+
+	if (crt == NULL || issuer == NULL || issuer_key == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	if (dig == 0) {
+		result = gnutls_x509_crt_get_preferred_hash_algorithm(issuer, &dig, NULL);
+		if (result < 0)
+			return gnutls_assert_val(result);
+	}
+
+	MODIFIED(crt);
+
+	/* disable all the unneeded OPTIONAL fields.
+	 */
+	disable_optional_stuff(crt);
+
+	result = _gnutls_check_cert_sanity(crt);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	result = _gnutls_x509_pkix_sign(crt->cert, "tbsCertificate",
+					dig, flags, issuer, issuer_key);
+	if (result < 0) {
+		gnutls_assert();
+		return result;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_x509_crt_set_authority_info_access:
+ * @crt: Holds the certificate
+ * @what: what data to get, a #gnutls_info_access_what_t type.
+ * @data: output data to be freed with gnutls_free().
+ *
+ * This function sets the Authority Information Access (AIA)
+ * extension, see RFC 5280 section 4.2.2.1 for more information.  
+ *
+ * The type of data stored in @data is specified via @what which
+ * should be #gnutls_info_access_what_t values.
+ *
+ * If @what is %GNUTLS_IA_OCSP_URI, @data will hold the OCSP URI.
+ * If @what is %GNUTLS_IA_CAISSUERS_URI, @data will hold the caIssuers
+ * URI.  
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.0
+ **/
+int
+gnutls_x509_crt_set_authority_info_access(gnutls_x509_crt_t crt,
+					  int what, gnutls_datum_t * data)
+{
+	int ret;
+	gnutls_datum_t der = { NULL, 0 };
+	gnutls_datum_t new_der = { NULL, 0 };
+	gnutls_x509_aia_t aia_ctx = NULL;
+	const char *oid;
+	unsigned int c;
+
+	if (crt == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = gnutls_x509_aia_init(&aia_ctx);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_x509_crt_get_extension(crt, GNUTLS_OID_AIA, 0, &der,
+					     &c);
+	if (ret >= 0) {		/* decode it */
+		ret = gnutls_x509_ext_import_aia(&der, aia_ctx, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	if (what == GNUTLS_IA_OCSP_URI)
+		oid = GNUTLS_OID_AD_OCSP;
+	else if (what == GNUTLS_IA_CAISSUERS_URI)
+		oid = GNUTLS_OID_AD_CAISSUERS;
+	else
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+	ret = gnutls_x509_aia_set(aia_ctx, oid, GNUTLS_SAN_URI, data);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_ext_export_aia(aia_ctx, &new_der);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_crt_set_extension(crt, GNUTLS_OID_AIA,
+					     &new_der, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+ cleanup:
+	if (aia_ctx != NULL)
+		gnutls_x509_aia_deinit(aia_ctx);
+	_gnutls_free_datum(&new_der);
+	_gnutls_free_datum(&der);
+
+	return ret;
+}
+
+
+/**
+ * gnutls_x509_crt_set_policy:
+ * @crt: should contain a #gnutls_x509_crt_t type
+ * @policy: A pointer to a policy
+ * @critical: use non-zero if the extension is marked as critical
+ *
+ * This function will set the certificate policy extension (2.5.29.32).
+ * Multiple calls to this function append a new policy.
+ *
+ * Note the maximum text size for the qualifier %GNUTLS_X509_QUALIFIER_NOTICE
+ * is 200 characters. This function will fail with %GNUTLS_E_INVALID_REQUEST
+ * if this is exceeded.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.1.5
+ **/
+int
+gnutls_x509_crt_set_policy(gnutls_x509_crt_t crt,
+			   const struct gnutls_x509_policy_st *policy,
+			   unsigned int critical)
+{
+	int ret;
+	gnutls_datum_t der_data = {NULL, 0}, prev_der_data = { NULL, 0 };
+	gnutls_x509_policies_t policies = NULL;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_x509_policies_init(&policies);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_x509_crt_get_extension(crt, "2.5.29.32", 0,
+						&prev_der_data, NULL);
+	if (ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+
+	if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+		ret = gnutls_x509_ext_import_policies(&prev_der_data,
+			policies, 0);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+	ret = gnutls_x509_policies_set(policies, policy);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_ext_export_policies(policies, &der_data);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_x509_crt_set_extension(crt, "2.5.29.32",
+						&der_data, 0);
+
+ cleanup:
+	if (policies != NULL)
+		gnutls_x509_policies_deinit(policies);
+	_gnutls_free_datum(&prev_der_data);
+	_gnutls_free_datum(&der_data);
+
+	return ret;
+}
+
+/**
+ * gnutls_x509_crt_set_spki:
+ * @crt: a certificate of type #gnutls_x509_crt_t
+ * @spki: a SubjectPublicKeyInfo structure of type #gnutls_x509_spki_t
+ * @flags: must be zero
+ *
+ * This function will set the certificate's subject public key
+ * information explicitly. This is intended to be used in the cases
+ * where a single public key (e.g., RSA) can be used for multiple
+ * signature algorithms (RSA PKCS1-1.5, and RSA-PSS).
+ *
+ * To export the public key (i.e., the SubjectPublicKeyInfo part), check
+ * gnutls_pubkey_import_x509().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_x509_crt_set_spki(gnutls_x509_crt_t crt,
+			 const gnutls_x509_spki_t spki,
+			 unsigned int flags)
+{
+	int ret;
+	gnutls_pk_algorithm_t crt_pk;
+	gnutls_x509_spki_st tpki;
+	gnutls_pk_params_st params;
+	unsigned bits;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_crt_get_mpis(crt, &params);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	bits = pubkey_to_bits(&params);
+	crt_pk = params.algo;
+
+	if (!_gnutls_pk_are_compat(crt_pk, spki->pk)) {
+		ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+		goto cleanup;
+	}
+
+	if (spki->pk != GNUTLS_PK_RSA_PSS) {
+		if (crt_pk == spki->pk) {
+			ret = 0;
+			goto cleanup;
+		}
+
+		gnutls_assert();
+		ret = GNUTLS_E_INVALID_REQUEST;
+		goto cleanup;
+	}
+
+	memset(&tpki, 0, sizeof(gnutls_x509_spki_st));
+
+	if (crt_pk == GNUTLS_PK_RSA) {
+		const mac_entry_st *me;
+
+		me = hash_to_entry(spki->rsa_pss_dig);
+		if (unlikely(me == NULL)) {
+			gnutls_assert();
+			ret = GNUTLS_E_INVALID_REQUEST;
+			goto cleanup;
+		}
+
+		tpki.pk = spki->pk;
+		tpki.rsa_pss_dig = spki->rsa_pss_dig;
+
+		/* If salt size is zero, find the optimal salt size. */
+		if (spki->salt_size == 0) {
+			ret = _gnutls_find_rsa_pss_salt_size(bits, me,
+							   spki->salt_size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			tpki.salt_size = ret;
+		} else
+			tpki.salt_size = spki->salt_size;
+	} else if (crt_pk == GNUTLS_PK_RSA_PSS) {
+		ret = _gnutls_x509_crt_read_spki_params(crt, &tpki);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		tpki.salt_size = spki->salt_size;
+		tpki.rsa_pss_dig = spki->rsa_pss_dig;
+	}
+
+	memcpy(&params.spki, &tpki, sizeof(tpki));
+	ret = _gnutls_x509_check_pubkey_params(&params);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	MODIFIED(crt);
+
+	ret = _gnutls_x509_write_spki_params(crt->cert,
+						"tbsCertificate."
+						"subjectPublicKeyInfo.algorithm",
+						&tpki);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = 0;
+ cleanup:
+	gnutls_pk_params_release(&params);
+	return ret;
+}
diff --git a/lib/x509_b64.c b/lib/x509_b64.c
new file mode 100644
index 0000000..668760a
--- /dev/null
+++ b/lib/x509_b64.c
@@ -0,0 +1,536 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Functions that relate to base64 encoding and decoding.
+ */
+
+#include "gnutls_int.h"
+#include "errors.h"
+#include <datum.h>
+#include <x509_b64.h>
+#include <nettle/base64.h>
+
+#define INCR(what, size, max_len) \
+	do { \
+	what+=size; \
+	if (what > max_len) { \
+		gnutls_assert(); \
+		gnutls_free( result->data); result->data = NULL; \
+		return GNUTLS_E_INTERNAL_ERROR; \
+	} \
+	} while(0)
+
+/* encodes data and puts the result into result (locally allocated)
+ * The result_size (including the null terminator) is the return value.
+ */
+int
+_gnutls_fbase64_encode(const char *msg, const uint8_t * data,
+		       size_t data_size, gnutls_datum_t * result)
+{
+	int tmp;
+	unsigned int i;
+	uint8_t tmpres[66];
+	uint8_t *ptr;
+	char top[80];
+	char bottom[80];
+	size_t size, max, bytes;
+	int pos, top_len = 0, bottom_len = 0;
+	unsigned raw_encoding = 0;
+
+	if (msg == NULL || msg[0] == 0)
+		raw_encoding = 1;
+
+	if (!raw_encoding) {
+		if (strlen(msg) > 50) {
+			gnutls_assert();
+			return GNUTLS_E_BASE64_ENCODING_ERROR;
+		}
+
+		_gnutls_str_cpy(top, sizeof(top), "-----BEGIN ");
+		_gnutls_str_cat(top, sizeof(top), msg);
+		_gnutls_str_cat(top, sizeof(top), "-----\n");
+
+		_gnutls_str_cpy(bottom, sizeof(bottom), "-----END ");
+		_gnutls_str_cat(bottom, sizeof(bottom), msg);
+		_gnutls_str_cat(bottom, sizeof(bottom), "-----\n");
+
+		top_len = strlen(top);
+		bottom_len = strlen(bottom);
+	}
+
+	max = B64FSIZE(top_len + bottom_len, data_size);
+
+	result->data = gnutls_malloc(max + 1);
+	if (result->data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	bytes = 0;
+	INCR(bytes, top_len, max);
+	pos = top_len;
+
+	memcpy(result->data, top, top_len);
+
+	for (i = 0; i < data_size; i += 48) {
+		if (data_size - i < 48)
+			tmp = data_size - i;
+		else
+			tmp = 48;
+
+		size = BASE64_ENCODE_RAW_LENGTH(tmp);
+		if (sizeof(tmpres) < size)
+			return gnutls_assert_val(GNUTLS_E_BASE64_ENCODING_ERROR);
+
+		base64_encode_raw((void*)tmpres, tmp, &data[i]);
+
+		INCR(bytes, size + 1, max);
+		ptr = &result->data[pos];
+
+		memcpy(ptr, tmpres, size);
+		ptr += size;
+		pos += size;
+		if (!raw_encoding) {
+			*ptr++ = '\n';
+			pos++;
+		} else {
+			bytes--;
+		}
+	}
+
+	INCR(bytes, bottom_len, max);
+
+	memcpy(&result->data[bytes - bottom_len], bottom, bottom_len);
+	result->data[bytes] = 0;
+	result->size = bytes;
+
+	return max + 1;
+}
+
+/**
+ * gnutls_pem_base64_encode:
+ * @msg: is a message to be put in the header (may be %NULL)
+ * @data: contain the raw data
+ * @result: the place where base64 data will be copied
+ * @result_size: holds the size of the result
+ *
+ * This function will convert the given data to printable data, using
+ * the base64 encoding. This is the encoding used in PEM messages.
+ *
+ * The output string will be null terminated, although the output size will
+ * not include the terminating null.
+ *
+ * Returns: On success %GNUTLS_E_SUCCESS (0) is returned,
+ *   %GNUTLS_E_SHORT_MEMORY_BUFFER is returned if the buffer given is
+ *   not long enough, or 0 on success.
+ **/
+int
+gnutls_pem_base64_encode(const char *msg, const gnutls_datum_t * data,
+			 char *result, size_t * result_size)
+{
+	gnutls_datum_t res;
+	int ret;
+
+	ret = _gnutls_fbase64_encode(msg, data->data, data->size, &res);
+	if (ret < 0)
+		return ret;
+
+	if (result == NULL || *result_size < (unsigned) res.size) {
+		gnutls_free(res.data);
+		*result_size = res.size + 1;
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	} else {
+		memcpy(result, res.data, res.size);
+		gnutls_free(res.data);
+		*result_size = res.size;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pem_base64_encode2:
+ * @header: is a message to be put in the encoded header (may be %NULL)
+ * @data: contains the raw data
+ * @result: will hold the newly allocated encoded data
+ *
+ * This function will convert the given data to printable data, using
+ * the base64 encoding.  This is the encoding used in PEM messages.
+ * This function will allocate the required memory to hold the encoded
+ * data.
+ *
+ * You should use gnutls_free() to free the returned data.
+ *
+ * Note, that prior to GnuTLS 3.4.0 this function was available
+ * under the name gnutls_pem_base64_encode_alloc(). There is
+ * compatibility macro pointing to this function.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_pem_base64_encode2(const char *header,
+			       const gnutls_datum_t * data,
+			       gnutls_datum_t * result)
+{
+	int ret;
+
+	if (result == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = _gnutls_fbase64_encode(header, data->data, data->size, result);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+/* copies data to result but removes newlines and <CR>
+ * returns the size of the data copied.
+ *
+ * It will fail with GNUTLS_E_BASE64_DECODING_ERROR if the
+ * end-result is the empty string.
+ */
+inline static int
+cpydata(const uint8_t * data, int data_size, gnutls_datum_t * result)
+{
+	int i, j;
+
+	result->data = gnutls_malloc(data_size + 1);
+	if (result->data == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	for (j = i = 0; i < data_size; i++) {
+		if (data[i] == '\n' || data[i] == '\r' || data[i] == ' '
+		    || data[i] == '\t')
+			continue;
+		else if (data[i] == '-')
+			break;
+		result->data[j] = data[i];
+		j++;
+	}
+
+	result->size = j;
+	result->data[j] = 0;
+
+	if (j==0) {
+		gnutls_free(result->data);
+		return gnutls_assert_val(GNUTLS_E_BASE64_DECODING_ERROR);
+	}
+
+	return j;
+}
+
+/* decodes data and puts the result into result (locally allocated).
+ * Note that encodings of zero-length strings are being rejected
+ * with GNUTLS_E_BASE64_DECODING_ERROR.
+ *
+ * The result_size is the return value.
+ */
+int
+_gnutls_base64_decode(const uint8_t * data, size_t data_size,
+		      gnutls_datum_t * result)
+{
+	int ret;
+	size_t size;
+	gnutls_datum_t pdata;
+	struct base64_decode_ctx ctx;
+
+	if (data_size == 0) {
+		result->data = (unsigned char*)gnutls_strdup("");
+		if (result->data == NULL)
+			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		result->size = 0;
+		return 0;
+	}
+
+	ret = cpydata(data, data_size, &pdata);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	base64_decode_init(&ctx);
+
+	size = BASE64_DECODE_LENGTH(pdata.size);
+	if (size == 0) {
+		ret = gnutls_assert_val(GNUTLS_E_BASE64_DECODING_ERROR);
+		goto cleanup;
+	}
+
+	result->data = gnutls_malloc(size);
+	if (result->data == NULL) {
+		ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+		goto cleanup;
+	}
+
+	ret = base64_decode_update(&ctx, &size, result->data,
+				   pdata.size, (void*)pdata.data);
+	if (ret == 0 || size == 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_BASE64_DECODING_ERROR;
+		goto fail;
+	}
+
+	ret = base64_decode_final(&ctx);
+	if (ret != 1) {
+		ret = gnutls_assert_val(GNUTLS_E_BASE64_DECODING_ERROR);
+		goto fail;
+	}
+
+	result->size = size;
+
+	ret = size;
+	goto cleanup;
+
+ fail:
+	gnutls_free(result->data);
+
+ cleanup:
+	gnutls_free(pdata.data);
+	return ret;
+}
+
+
+/* Searches the given string for ONE PEM encoded certificate, and
+ * stores it in the result.
+ *
+ * The result_size (always non-zero) is the return value,
+ * or a negative error code.
+ */
+#define ENDSTR "-----"
+int
+_gnutls_fbase64_decode(const char *header, const uint8_t * data,
+		       size_t data_size, gnutls_datum_t * result)
+{
+	int ret;
+	static const char top[] = "-----BEGIN ";
+	static const char bottom[] = "-----END ";
+	uint8_t *rdata, *kdata;
+	int rdata_size;
+	char pem_header[128];
+
+	_gnutls_str_cpy(pem_header, sizeof(pem_header), top);
+	if (header != NULL)
+		_gnutls_str_cat(pem_header, sizeof(pem_header), header);
+
+	rdata = memmem(data, data_size, pem_header, strlen(pem_header));
+	if (rdata == NULL) {
+		gnutls_assert();
+		_gnutls_hard_log("Could not find '%s'\n", pem_header);
+		return GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR;
+	}
+
+	data_size -= MEMSUB(rdata, data);
+
+	if (data_size < 4 + strlen(bottom)) {
+		gnutls_assert();
+		return GNUTLS_E_BASE64_DECODING_ERROR;
+	}
+
+	kdata =
+	    memmem(rdata + 1, data_size - 1, ENDSTR, sizeof(ENDSTR) - 1);
+	/* allow CR as well.
+	 */
+	if (kdata == NULL) {
+		gnutls_assert();
+		_gnutls_hard_log("Could not find '%s'\n", ENDSTR);
+		return GNUTLS_E_BASE64_DECODING_ERROR;
+	}
+	data_size -= strlen(ENDSTR);
+	data_size -= MEMSUB(kdata, rdata);
+
+	rdata = kdata + strlen(ENDSTR);
+
+	/* position is now after the ---BEGIN--- headers */
+
+	kdata = memmem(rdata, data_size, bottom, strlen(bottom));
+	if (kdata == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_BASE64_DECODING_ERROR;
+	}
+
+	/* position of kdata is before the ----END--- footer 
+	 */
+	rdata_size = MEMSUB(kdata, rdata);
+
+	if (rdata_size < 4) {
+		gnutls_assert();
+		return GNUTLS_E_BASE64_DECODING_ERROR;
+	}
+
+	if ((ret = _gnutls_base64_decode(rdata, rdata_size, result)) < 0) {
+		gnutls_assert();
+		return GNUTLS_E_BASE64_DECODING_ERROR;
+	}
+
+	return ret;
+}
+
+/**
+ * gnutls_pem_base64_decode:
+ * @header: A null terminated string with the PEM header (eg. CERTIFICATE)
+ * @b64_data: contain the encoded data
+ * @result: the place where decoded data will be copied
+ * @result_size: holds the size of the result
+ *
+ * This function will decode the given encoded data.  If the header
+ * given is non %NULL this function will search for "-----BEGIN header"
+ * and decode only this part.  Otherwise it will decode the first PEM
+ * packet found.
+ *
+ * Returns: On success %GNUTLS_E_SUCCESS (0) is returned,
+ *   %GNUTLS_E_SHORT_MEMORY_BUFFER is returned if the buffer given is
+ *   not long enough, or 0 on success.
+ **/
+int
+gnutls_pem_base64_decode(const char *header,
+			 const gnutls_datum_t * b64_data,
+			 unsigned char *result, size_t * result_size)
+{
+	gnutls_datum_t res;
+	int ret;
+
+	ret =
+	    _gnutls_fbase64_decode(header, b64_data->data, b64_data->size,
+				   &res);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (result == NULL || *result_size < (unsigned) res.size) {
+		gnutls_free(res.data);
+		*result_size = res.size;
+		return GNUTLS_E_SHORT_MEMORY_BUFFER;
+	} else {
+		memcpy(result, res.data, res.size);
+		gnutls_free(res.data);
+		*result_size = res.size;
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_pem_base64_decode2:
+ * @header: The PEM header (eg. CERTIFICATE)
+ * @b64_data: contains the encoded data
+ * @result: the location of decoded data
+ *
+ * This function will decode the given encoded data. The decoded data
+ * will be allocated, and stored into result.  If the header given is
+ * non null this function will search for "-----BEGIN header" and
+ * decode only this part. Otherwise it will decode the first PEM
+ * packet found.
+ *
+ * You should use gnutls_free() to free the returned data.
+ *
+ * Note, that prior to GnuTLS 3.4.0 this function was available
+ * under the name gnutls_pem_base64_decode_alloc(). There is
+ * compatibility macro pointing to this function.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since: 3.4.0
+ **/
+int
+gnutls_pem_base64_decode2(const char *header,
+			       const gnutls_datum_t * b64_data,
+			       gnutls_datum_t * result)
+{
+	int ret;
+
+	if (result == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret =
+	    _gnutls_fbase64_decode(header, b64_data->data, b64_data->size,
+				   result);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
+
+/**
+ * gnutls_base64_decode2:
+ * @base64: contains the encoded data
+ * @result: the location of decoded data
+ *
+ * This function will decode the given base64 encoded data. The decoded data
+ * will be allocated, and stored into result.
+ *
+ * You should use gnutls_free() to free the returned data.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_base64_decode2(const gnutls_datum_t *base64,
+		      gnutls_datum_t *result)
+{
+	int ret;
+
+	ret = _gnutls_base64_decode(base64->data, base64->size, result);
+	if (ret < 0) {
+		return gnutls_assert_val(ret);
+	}
+
+	return 0;
+}
+
+/**
+ * gnutls_base64_encode2:
+ * @data: contains the raw data
+ * @result: will hold the newly allocated encoded data
+ *
+ * This function will convert the given data to printable data, using
+ * the base64 encoding. This function will allocate the required
+ * memory to hold the encoded data.
+ *
+ * You should use gnutls_free() to free the returned data.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ *   an error code is returned.
+ *
+ * Since: 3.6.0
+ **/
+int
+gnutls_base64_encode2(const gnutls_datum_t *data,
+		      gnutls_datum_t *result)
+{
+	int ret;
+
+	if (result == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+	ret = _gnutls_fbase64_encode(NULL, data->data, data->size, result);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	return 0;
+}
diff --git a/lib/x509_b64.h b/lib/x509_b64.h
new file mode 100644
index 0000000..271850a
--- /dev/null
+++ b/lib/x509_b64.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_LIB_X509_B64_H
+#define GNUTLS_LIB_X509_B64_H
+
+int _gnutls_fbase64_encode(const char *msg, const uint8_t * data,
+			   size_t data_size, gnutls_datum_t * result);
+int _gnutls_fbase64_decode(const char *header, const uint8_t * data,
+			   size_t data_size, gnutls_datum_t * result);
+
+int
+_gnutls_base64_decode(const uint8_t * data, size_t data_size,
+		      gnutls_datum_t * result);
+
+#define B64SIZE( data_size) ((data_size%3==0)?((data_size*4)/3):(4+((data_size/3)*4)))
+
+/* The size for B64 encoding + newlines plus header
+ */
+
+#define B64FSIZE( hsize, dsize) \
+	(B64SIZE(dsize) + (hsize) + /*newlines*/ \
+	B64SIZE(dsize)/64 + (((B64SIZE(dsize) % 64) > 0) ? 1 : 0))
+
+#endif /* GNUTLS_LIB_X509_B64_H */
diff --git a/libdane/Makefile.am b/libdane/Makefile.am
new file mode 100644
index 0000000..257271d
--- /dev/null
+++ b/libdane/Makefile.am
@@ -0,0 +1,68 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2012 KU Leuven
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of libdane.
+#
+# libdane is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+#
+# GnuTLS-extra is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+ACLOCAL_AMFLAGS = -I ../m4 -I ../gl/m4
+
+include $(top_srcdir)/lib/common.mk
+
+AM_CPPFLAGS = \
+	-I$(srcdir)/../gl		\
+	-I$(builddir)/../gl		\
+	-I$(builddir)/../lib/includes	\
+	-I$(srcdir)/../lib/includes	\
+	-I$(srcdir)/includes		\
+	-I$(builddir)/includes		\
+	-I$(srcdir)/../lib/minitasn1	\
+	-I$(srcdir)/../lib
+
+SUBDIRS = includes
+
+libgnutls_dane_la_LDFLAGS = -no-undefined $(COMMON_LINK_FLAGS)
+
+lib_LTLIBRARIES = libgnutls-dane.la
+
+libgnutls_dane_la_SOURCES = dane.c dane-params.c errors.c libdane.map
+
+libgnutls_dane_la_LIBADD = ../gl/libgnu.la \
+	../lib/libgnutls.la
+
+libgnutls_dane_la_LDFLAGS += -version-info $(LT_DANE_CURRENT):$(LT_DANE_REVISION):$(LT_DANE_AGE)
+
+libgnutls_dane_la_LIBADD += $(LIBSOCKET) $(UNBOUND_LIBS)
+
+if HAVE_LD_VERSION_SCRIPT
+libgnutls_dane_la_LDFLAGS += -Wl,--version-script=$(srcdir)/libdane.map
+else
+libgnutls_dane_la_LDFLAGS += -export-symbols-regex '^(dane).*'
+endif
+
+pkgconfigdir = $(libdir)/pkgconfig
+pkgconfig_DATA = gnutls-dane.pc
+DISTCLEANFILES = $(pkgconfig_DATA)
+
+if HAVE_LD_OUTPUT_DEF
+libgnutls_dane_la_LDFLAGS += \
+	-Wl,--output-def,libgnutls-dane-$(DLL_VERSION).def
+libgnutls-dane-$(DLL_VERSION).def: libgnutls-dane.la
+
+defexecdir = $(bindir)
+defexec_DATA = libgnutls-dane-$(DLL_VERSION).def
+DISTCLEANFILES += $(defexec_DATA)
+endif
diff --git a/libdane/Makefile.in b/libdane/Makefile.in
new file mode 100644
index 0000000..9b2241f
--- /dev/null
+++ b/libdane/Makefile.in
@@ -0,0 +1,2648 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2012 KU Leuven
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of libdane.
+#
+# libdane is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+#
+# GnuTLS-extra is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@HAVE_LD_VERSION_SCRIPT_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/libdane.map
+@HAVE_LD_VERSION_SCRIPT_FALSE@am__append_2 = -export-symbols-regex '^(dane).*'
+@HAVE_LD_OUTPUT_DEF_TRUE@am__append_3 = \
+@HAVE_LD_OUTPUT_DEF_TRUE@	-Wl,--output-def,libgnutls-dane-$(DLL_VERSION).def
+
+@HAVE_LD_OUTPUT_DEF_TRUE@am__append_4 = $(defexec_DATA)
+subdir = libdane
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES = gnutls-dane.pc
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+    $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+    *) f=$$p;; \
+  esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+  srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+  for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+  for p in $$list; do echo "$$p $$p"; done | \
+  sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+  $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+    if (++n[$$2] == $(am__install_max)) \
+      { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+    END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+  sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+  sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
+am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(defexecdir)" \
+	"$(DESTDIR)$(pkgconfigdir)"
+LTLIBRARIES = $(lib_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+libgnutls_dane_la_DEPENDENCIES = ../gl/libgnu.la ../lib/libgnutls.la \
+	$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
+am_libgnutls_dane_la_OBJECTS = dane.lo dane-params.lo errors.lo
+libgnutls_dane_la_OBJECTS = $(am_libgnutls_dane_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+libgnutls_dane_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+	$(AM_CFLAGS) $(CFLAGS) $(libgnutls_dane_la_LDFLAGS) $(LDFLAGS) \
+	-o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/dane-params.Plo ./$(DEPDIR)/dane.Plo \
+	./$(DEPDIR)/errors.Plo
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+SOURCES = $(libgnutls_dane_la_SOURCES)
+DIST_SOURCES = $(libgnutls_dane_la_SOURCES)
+RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \
+	ctags-recursive dvi-recursive html-recursive info-recursive \
+	install-data-recursive install-dvi-recursive \
+	install-exec-recursive install-html-recursive \
+	install-info-recursive install-pdf-recursive \
+	install-ps-recursive install-recursive installcheck-recursive \
+	installdirs-recursive pdf-recursive ps-recursive \
+	tags-recursive uninstall-recursive
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+DATA = $(defexec_DATA) $(pkgconfig_DATA)
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive	\
+  distclean-recursive maintainer-clean-recursive
+am__recursive_targets = \
+  $(RECURSIVE_TARGETS) \
+  $(RECURSIVE_CLEAN_TARGETS) \
+  $(am__extra_recursive_targets)
+AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
+	distdir distdir-am
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+DIST_SUBDIRS = $(SUBDIRS)
+am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/gnutls-dane.pc.in \
+	$(top_srcdir)/build-aux/depcomp $(top_srcdir)/lib/common.mk
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+am__relativize = \
+  dir0=`pwd`; \
+  sed_first='s,^\([^/]*\)/.*$$,\1,'; \
+  sed_rest='s,^[^/]*/*,,'; \
+  sed_last='s,^.*/\([^/]*\)$$,\1,'; \
+  sed_butlast='s,/*[^/]*$$,,'; \
+  while test -n "$$dir1"; do \
+    first=`echo "$$dir1" | sed -e "$$sed_first"`; \
+    if test "$$first" != "."; then \
+      if test "$$first" = ".."; then \
+        dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \
+        dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \
+      else \
+        first2=`echo "$$dir2" | sed -e "$$sed_first"`; \
+        if test "$$first2" = "$$first"; then \
+          dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \
+        else \
+          dir2="../$$dir2"; \
+        fi; \
+        dir0="$$dir0"/"$$first"; \
+      fi; \
+    fi; \
+    dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \
+  done; \
+  reldir="$$dir2"
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = @GPERF@
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+ACLOCAL_AMFLAGS = -I ../m4 -I ../gl/m4
+AM_CFLAGS = $(WERROR_CFLAGS) $(WSTACK_CFLAGS) $(WARN_CFLAGS) $(NETTLE_CFLAGS) \
+  $(LIBTASN1_CFLAGS) $(LIBIDN2_CFLAGS) $(P11_KIT_CFLAGS) $(LIBZSTD_CFLAGS) \
+  $(CODE_COVERAGE_CFLAGS)
+
+COMMON_LINK_FLAGS = $(CODE_COVERAGE_LDFLAGS)
+V_GPERF = $(V_GPERF_@AM_V@)
+V_GPERF_ = $(V_GPERF_@AM_DEFAULT_V@)
+V_GPERF_0 = @echo "  GPERF   " $@;
+AM_CPPFLAGS = \
+	-I$(srcdir)/../gl		\
+	-I$(builddir)/../gl		\
+	-I$(builddir)/../lib/includes	\
+	-I$(srcdir)/../lib/includes	\
+	-I$(srcdir)/includes		\
+	-I$(builddir)/includes		\
+	-I$(srcdir)/../lib/minitasn1	\
+	-I$(srcdir)/../lib
+
+SUBDIRS = includes
+libgnutls_dane_la_LDFLAGS = -no-undefined $(COMMON_LINK_FLAGS) \
+	-version-info \
+	$(LT_DANE_CURRENT):$(LT_DANE_REVISION):$(LT_DANE_AGE) \
+	$(am__append_1) $(am__append_2) $(am__append_3)
+lib_LTLIBRARIES = libgnutls-dane.la
+libgnutls_dane_la_SOURCES = dane.c dane-params.c errors.c libdane.map
+libgnutls_dane_la_LIBADD = ../gl/libgnu.la ../lib/libgnutls.la \
+	$(LIBSOCKET) $(UNBOUND_LIBS)
+pkgconfigdir = $(libdir)/pkgconfig
+pkgconfig_DATA = gnutls-dane.pc
+DISTCLEANFILES = $(pkgconfig_DATA) $(am__append_4)
+@HAVE_LD_OUTPUT_DEF_TRUE@defexecdir = $(bindir)
+@HAVE_LD_OUTPUT_DEF_TRUE@defexec_DATA = libgnutls-dane-$(DLL_VERSION).def
+all: all-recursive
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/lib/common.mk $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign libdane/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign libdane/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+$(top_srcdir)/lib/common.mk $(am__empty):
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+gnutls-dane.pc: $(top_builddir)/config.status $(srcdir)/gnutls-dane.pc.in
+	cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+	@$(NORMAL_INSTALL)
+	@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+	list2=; for p in $$list; do \
+	  if test -f $$p; then \
+	    list2="$$list2 $$p"; \
+	  else :; fi; \
+	done; \
+	test -z "$$list2" || { \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
+	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
+	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
+	}
+
+uninstall-libLTLIBRARIES:
+	@$(NORMAL_UNINSTALL)
+	@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+	for p in $$list; do \
+	  $(am__strip_dir) \
+	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \
+	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \
+	done
+
+clean-libLTLIBRARIES:
+	-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+	@list='$(lib_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+
+libgnutls-dane.la: $(libgnutls_dane_la_OBJECTS) $(libgnutls_dane_la_DEPENDENCIES) $(EXTRA_libgnutls_dane_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(libgnutls_dane_la_LINK) -rpath $(libdir) $(libgnutls_dane_la_OBJECTS) $(libgnutls_dane_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dane-params.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dane.Plo@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/errors.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+	@$(MKDIR_P) $(@D)
+	@echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+install-defexecDATA: $(defexec_DATA)
+	@$(NORMAL_INSTALL)
+	@list='$(defexec_DATA)'; test -n "$(defexecdir)" || list=; \
+	if test -n "$$list"; then \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(defexecdir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(defexecdir)" || exit 1; \
+	fi; \
+	for p in $$list; do \
+	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+	  echo "$$d$$p"; \
+	done | $(am__base_list) | \
+	while read files; do \
+	  echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(defexecdir)'"; \
+	  $(INSTALL_DATA) $$files "$(DESTDIR)$(defexecdir)" || exit $$?; \
+	done
+
+uninstall-defexecDATA:
+	@$(NORMAL_UNINSTALL)
+	@list='$(defexec_DATA)'; test -n "$(defexecdir)" || list=; \
+	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+	dir='$(DESTDIR)$(defexecdir)'; $(am__uninstall_files_from_dir)
+install-pkgconfigDATA: $(pkgconfig_DATA)
+	@$(NORMAL_INSTALL)
+	@list='$(pkgconfig_DATA)'; test -n "$(pkgconfigdir)" || list=; \
+	if test -n "$$list"; then \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(pkgconfigdir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(pkgconfigdir)" || exit 1; \
+	fi; \
+	for p in $$list; do \
+	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+	  echo "$$d$$p"; \
+	done | $(am__base_list) | \
+	while read files; do \
+	  echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(pkgconfigdir)'"; \
+	  $(INSTALL_DATA) $$files "$(DESTDIR)$(pkgconfigdir)" || exit $$?; \
+	done
+
+uninstall-pkgconfigDATA:
+	@$(NORMAL_UNINSTALL)
+	@list='$(pkgconfig_DATA)'; test -n "$(pkgconfigdir)" || list=; \
+	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+	dir='$(DESTDIR)$(pkgconfigdir)'; $(am__uninstall_files_from_dir)
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run 'make' without going through this Makefile.
+# To change the values of 'make' variables: instead of editing Makefiles,
+# (1) if the variable is set in 'config.status', edit 'config.status'
+#     (which will cause the Makefiles to be regenerated when you run 'make');
+# (2) otherwise, pass the desired values on the 'make' command line.
+$(am__recursive_targets):
+	@fail=; \
+	if $(am__make_keepgoing); then \
+	  failcom='fail=yes'; \
+	else \
+	  failcom='exit 1'; \
+	fi; \
+	dot_seen=no; \
+	target=`echo $@ | sed s/-recursive//`; \
+	case "$@" in \
+	  distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+	  *) list='$(SUBDIRS)' ;; \
+	esac; \
+	for subdir in $$list; do \
+	  echo "Making $$target in $$subdir"; \
+	  if test "$$subdir" = "."; then \
+	    dot_seen=yes; \
+	    local_target="$$target-am"; \
+	  else \
+	    local_target="$$target"; \
+	  fi; \
+	  ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+	  || eval $$failcom; \
+	done; \
+	if test "$$dot_seen" = "no"; then \
+	  $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+	fi; test -z "$$fail"
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-recursive
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+	  include_option=--etags-include; \
+	  empty_fix=.; \
+	else \
+	  include_option=--include; \
+	  empty_fix=; \
+	fi; \
+	list='$(SUBDIRS)'; for subdir in $$list; do \
+	  if test "$$subdir" = .; then :; else \
+	    test ! -f $$subdir/TAGS || \
+	      set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \
+	  fi; \
+	done; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-recursive
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-recursive
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+	@list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+	  if test "$$subdir" = .; then :; else \
+	    $(am__make_dryrun) \
+	      || test -d "$(distdir)/$$subdir" \
+	      || $(MKDIR_P) "$(distdir)/$$subdir" \
+	      || exit 1; \
+	    dir1=$$subdir; dir2="$(distdir)/$$subdir"; \
+	    $(am__relativize); \
+	    new_distdir=$$reldir; \
+	    dir1=$$subdir; dir2="$(top_distdir)"; \
+	    $(am__relativize); \
+	    new_top_distdir=$$reldir; \
+	    echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \
+	    echo "     am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \
+	    ($(am__cd) $$subdir && \
+	      $(MAKE) $(AM_MAKEFLAGS) \
+	        top_distdir="$$new_top_distdir" \
+	        distdir="$$new_distdir" \
+		am__remove_distdir=: \
+		am__skip_length_check=: \
+		am__skip_mode_fix=: \
+	        distdir) \
+	      || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-recursive
+all-am: Makefile $(LTLIBRARIES) $(DATA)
+installdirs: installdirs-recursive
+installdirs-am:
+	for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(defexecdir)" "$(DESTDIR)$(pkgconfigdir)"; do \
+	  test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+	done
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+	-test -z "$(DISTCLEANFILES)" || rm -f $(DISTCLEANFILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-recursive
+
+clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
+	mostlyclean-am
+
+distclean: distclean-recursive
+		-rm -f ./$(DEPDIR)/dane-params.Plo
+	-rm -f ./$(DEPDIR)/dane.Plo
+	-rm -f ./$(DEPDIR)/errors.Plo
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+html-am:
+
+info: info-recursive
+
+info-am:
+
+install-data-am: install-pkgconfigDATA
+
+install-dvi: install-dvi-recursive
+
+install-dvi-am:
+
+install-exec-am: install-defexecDATA install-libLTLIBRARIES
+
+install-html: install-html-recursive
+
+install-html-am:
+
+install-info: install-info-recursive
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-recursive
+
+install-pdf-am:
+
+install-ps: install-ps-recursive
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+		-rm -f ./$(DEPDIR)/dane-params.Plo
+	-rm -f ./$(DEPDIR)/dane.Plo
+	-rm -f ./$(DEPDIR)/errors.Plo
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am: uninstall-defexecDATA uninstall-libLTLIBRARIES \
+	uninstall-pkgconfigDATA
+
+.MAKE: $(am__recursive_targets) install-am install-strip
+
+.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \
+	am--depfiles check check-am clean clean-generic \
+	clean-libLTLIBRARIES clean-libtool cscopelist-am ctags \
+	ctags-am distclean distclean-compile distclean-generic \
+	distclean-libtool distclean-tags distdir dvi dvi-am html \
+	html-am info info-am install install-am install-data \
+	install-data-am install-defexecDATA install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-libLTLIBRARIES \
+	install-man install-pdf install-pdf-am install-pkgconfigDATA \
+	install-ps install-ps-am install-strip installcheck \
+	installcheck-am installdirs installdirs-am maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-am uninstall uninstall-am uninstall-defexecDATA \
+	uninstall-libLTLIBRARIES uninstall-pkgconfigDATA
+
+.PRECIOUS: Makefile
+
+@HAVE_LD_OUTPUT_DEF_TRUE@libgnutls-dane-$(DLL_VERSION).def: libgnutls-dane.la
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/libdane/dane-params.c b/libdane/dane-params.c
new file mode 100644
index 0000000..e04e54d
--- /dev/null
+++ b/libdane/dane-params.c
@@ -0,0 +1,138 @@
+/*
+ * Copyright (C) 2012 KU Leuven
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of libdane.
+ *
+ * The libdane library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include <config.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <arpa/inet.h>
+#include <unbound.h>
+#include <gnutls/dane.h>
+#include <gnutls/x509.h>
+#include <gnutls/abstract.h>
+
+typedef struct cert_type_entry {
+	const char *name;
+	dane_cert_type_t type;
+} cert_type_entry;
+
+static const cert_type_entry dane_cert_types[] = {
+	{"X.509", DANE_CERT_X509},
+	{"SubjectPublicKeyInfo", DANE_CERT_PK},
+	{NULL, 0}
+};
+
+typedef struct match_type_entry {
+	const char *name;
+	dane_match_type_t type;
+} match_type_entry;
+
+static const match_type_entry dane_match_types[] = {
+	{"Exact match", DANE_MATCH_EXACT},
+	{"SHA2-256 hash", DANE_MATCH_SHA2_256},
+	{"SHA2-512 hash", DANE_MATCH_SHA2_512},
+	{NULL, 0}
+};
+
+typedef struct cert_usage_entry {
+	const char *name;
+	dane_cert_usage_t usage;
+} cert_usage_entry;
+
+static const cert_usage_entry dane_cert_usages[] = {
+	{"CA", DANE_CERT_USAGE_CA},
+	{"End-entity", DANE_CERT_USAGE_EE},
+	{"Local CA", DANE_CERT_USAGE_LOCAL_CA},
+	{"Local end-entity", DANE_CERT_USAGE_LOCAL_EE},
+	{NULL, 0}
+};
+
+
+
+/**
+ * dane_cert_type_name:
+ * @type: is a DANE match type
+ *
+ * Convert a #dane_cert_type_t value to a string.
+ *
+ * Returns: a string that contains the name of the specified
+ *   type, or %NULL.
+ **/
+const char *dane_cert_type_name(dane_cert_type_t type)
+{
+	const cert_type_entry *e = dane_cert_types;
+
+	while (e->name != NULL) {
+		if (e->type == type)
+			return e->name;
+		e++;
+	}
+
+	return NULL;
+}
+
+/**
+ * dane_match_type_name:
+ * @type: is a DANE match type
+ *
+ * Convert a #dane_match_type_t value to a string.
+ *
+ * Returns: a string that contains the name of the specified
+ *   type, or %NULL.
+ **/
+const char *dane_match_type_name(dane_match_type_t type)
+{
+	const match_type_entry *e = dane_match_types;
+
+	while (e->name != NULL) {
+		if (e->type == type)
+			return e->name;
+		e++;
+	}
+
+	return NULL;
+}
+
+/**
+ * dane_cert_usage_name:
+ * @usage: is a DANE certificate usage
+ *
+ * Convert a #dane_cert_usage_t value to a string.
+ *
+ * Returns: a string that contains the name of the specified
+ *   type, or %NULL.
+ **/
+const char *dane_cert_usage_name(dane_cert_usage_t usage)
+{
+	const cert_usage_entry *e = dane_cert_usages;
+
+	while (e->name != NULL) {
+		if (e->usage == usage)
+			return e->name;
+		e++;
+	}
+
+	return NULL;
+
+}
diff --git a/libdane/dane.c b/libdane/dane.c
new file mode 100644
index 0000000..c9cbe84
--- /dev/null
+++ b/libdane/dane.c
@@ -0,0 +1,1066 @@
+/*
+ * Copyright (C) 2012 KU Leuven
+ * Copyright (C) 2013 Christian Grothoff
+ * Copyright (C) 2013 Nikos Mavrogiannopoulos
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of libdane.
+ *
+ * The libdane library is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include <config.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <arpa/inet.h>
+#include <unbound.h>
+#include <gnutls/dane.h>
+#include <gnutls/x509.h>
+#include <gnutls/abstract.h>
+#include <gnutls/crypto.h>
+#include "../lib/gnutls_int.h"
+
+#define MAX_DATA_ENTRIES 100
+
+#undef gnutls_assert
+#undef gnutls_assert_val
+
+#ifdef DEBUG
+#define gnutls_assert() fprintf(stderr, "ASSERT: %s: %d\n", __FILE__, __LINE__);
+#define gnutls_assert_val(x) gnutls_assert_val_int(x, __FILE__, __LINE__)
+static int gnutls_assert_val_int(int val, const char *file, int line)
+{
+	fprintf(stderr, "ASSERT: %s: %d\n", file, line);
+	return val;
+}
+#else
+#define gnutls_assert()
+#define gnutls_assert_val(x) (x)
+#endif
+
+struct dane_state_st {
+	struct ub_ctx *ctx;
+	unsigned int flags;
+};
+
+struct dane_query_st {
+	struct ub_result *result;
+	unsigned int data_entries;
+	dane_cert_usage_t usage[MAX_DATA_ENTRIES];
+	dane_cert_type_t type[MAX_DATA_ENTRIES];
+	dane_match_type_t match[MAX_DATA_ENTRIES];
+	gnutls_datum_t data[MAX_DATA_ENTRIES];
+	unsigned int flags;
+	dane_query_status_t status;
+};
+
+/**
+ * dane_query_status:
+ * @q: The query result structure
+ *
+ * This function will return the status of the query response.
+ * See %dane_query_status_t for the possible types.
+ *
+ * Returns: The status type.
+ **/
+dane_query_status_t dane_query_status(dane_query_t q)
+{
+	return q->status;
+}
+
+/**
+ * dane_query_entries:
+ * @q: The query result structure
+ *
+ * This function will return the number of entries in a query.
+ *
+ * Returns: The number of entries.
+ **/
+unsigned int dane_query_entries(dane_query_t q)
+{
+	return q->data_entries;
+}
+
+/**
+ * dane_query_data:
+ * @q: The query result structure
+ * @idx: The index of the query response.
+ * @usage: The certificate usage (see %dane_cert_usage_t)
+ * @type: The certificate type (see %dane_cert_type_t)
+ * @match: The DANE matching type (see %dane_match_type_t)
+ * @data: The DANE data.
+ *
+ * This function will provide the DANE data from the query
+ * response.
+ *
+ * Returns: On success, %DANE_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+dane_query_data(dane_query_t q, unsigned int idx,
+		unsigned int *usage, unsigned int *type,
+		unsigned int *match, gnutls_datum_t * data)
+{
+	if (idx >= q->data_entries)
+		return
+		    gnutls_assert_val(DANE_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+	if (usage)
+		*usage = q->usage[idx];
+	if (type)
+		*type = q->type[idx];
+	if (match)
+		*match = q->match[idx];
+	if (data) {
+		data->data = q->data[idx].data;
+		data->size = q->data[idx].size;
+	}
+
+	return DANE_E_SUCCESS;
+}
+
+/**
+ * dane_query_to_raw_tlsa:
+ * @q: The query result structure
+ * @data_entries: Pointer set to the number of entries in the query
+ * @dane_data: Pointer to contain an array of DNS rdata items, terminated with a NULL pointer;
+ *             caller must guarantee that the referenced data remains
+ *             valid until dane_query_deinit() is called.
+ * @dane_data_len: Pointer to contain the length n bytes of the dane_data items
+ * @secure: Pointer set true if the result is validated securely, false if
+ *               validation failed or the domain queried has no security info
+ * @bogus: Pointer set true if the result was not secure due to a security failure
+ *
+ * This function will provide the DANE data from the query
+ * response.
+ *
+ * The pointers dane_data and dane_data_len are allocated with gnutls_malloc()
+ * to contain the data from the query result structure (individual
+ * @dane_data items simply point to the original data and are not allocated separately).
+ * The returned @dane_data are only valid during the lifetime of @q.
+ *
+ * Returns: On success, %DANE_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ */
+int
+dane_query_to_raw_tlsa(dane_query_t q, unsigned int *data_entries,
+		char ***dane_data, int **dane_data_len, int *secure, int *bogus)
+{
+	size_t data_sz;
+	char *data_buf;
+	unsigned int idx;
+
+	*data_entries = 0;
+	*dane_data = NULL;
+	*dane_data_len = NULL;
+
+	if (secure) {
+		if (q->status & DANE_QUERY_DNSSEC_VERIFIED)
+			*secure = 1;
+		else
+			*secure = 0;
+	}
+
+	if (bogus) {
+		if (q->status & DANE_QUERY_BOGUS)
+			*bogus = 1;
+		else
+			*bogus = 0;
+	}
+
+	/* pack dane_data pointer list followed by dane_data contents */
+	data_sz = sizeof (**dane_data) * (q->data_entries + 1);
+	for (idx = 0; idx < q->data_entries; idx++)
+		data_sz += 3 + q->data[idx].size;
+
+	*dane_data = gnutls_calloc (1, data_sz);
+	if (*dane_data == NULL)
+		return DANE_E_MEMORY_ERROR;
+	data_buf = (char *)*dane_data;
+	data_buf += sizeof (**dane_data) * (q->data_entries + 1);
+
+	*dane_data_len = gnutls_calloc (q->data_entries + 1, sizeof (**dane_data_len));
+	if (*dane_data_len == NULL) {
+		free(*dane_data);
+		*dane_data = NULL;
+		return DANE_E_MEMORY_ERROR;
+	}
+
+	for (idx = 0; idx < q->data_entries; idx++) {
+		(*dane_data)[idx] = data_buf;
+		(*dane_data)[idx][0] = q->usage[idx];
+		(*dane_data)[idx][1] = q->type[idx];
+		(*dane_data)[idx][2] = q->match[idx];
+		memcpy(&(*dane_data)[idx][3], q->data[idx].data, q->data[idx].size);
+		(*dane_data_len)[idx] = 3 + q->data[idx].size;
+		data_buf += 3 + q->data[idx].size;
+	}
+	(*dane_data)[idx] = NULL;
+	(*dane_data_len)[idx] = 0;
+	*data_entries = q->data_entries;
+
+	return DANE_E_SUCCESS;
+}
+
+/**
+ * dane_state_init:
+ * @s: The structure to be initialized
+ * @flags: flags from the %dane_state_flags enumeration
+ *
+ * This function will initialize the backend resolver. It is
+ * intended to be used in scenarios where multiple resolvings
+ * occur, to optimize against multiple re-initializations.
+ *
+ * Returns: On success, %DANE_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int dane_state_init(dane_state_t * s, unsigned int flags)
+{
+	struct ub_ctx *ctx;
+	int ret;
+
+	*s = calloc(1, sizeof(struct dane_state_st));
+	if (*s == NULL)
+		return gnutls_assert_val(DANE_E_MEMORY_ERROR);
+
+	ctx = ub_ctx_create();
+	if (!ctx) {
+		gnutls_assert();
+		ret = DANE_E_INITIALIZATION_ERROR;
+		goto cleanup;
+	}
+	ub_ctx_debugout(ctx, stderr);
+
+	if (!(flags & DANE_F_IGNORE_LOCAL_RESOLVER)) {
+		if (ub_ctx_resolvconf(ctx, NULL) != 0) {
+			gnutls_assert();
+			ret = DANE_E_INITIALIZATION_ERROR;
+			goto cleanup;
+		}
+
+		if (ub_ctx_hosts(ctx, NULL) != 0) {
+			gnutls_assert();
+			ret = DANE_E_INITIALIZATION_ERROR;
+			goto cleanup;
+		}
+	}
+
+	/* read public keys for DNSSEC verification */
+	if (!(flags & DANE_F_IGNORE_DNSSEC)) {
+		if (ub_ctx_add_ta_file(ctx,
+				       (char *) UNBOUND_ROOT_KEY_FILE) !=
+		    0) {
+			gnutls_assert();
+			ret = DANE_E_INITIALIZATION_ERROR;
+			goto cleanup;
+		}
+	}
+
+	(*s)->ctx = ctx;
+	(*s)->flags = flags;
+
+	return DANE_E_SUCCESS;
+      cleanup:
+
+	if (ctx)
+		ub_ctx_delete(ctx);
+	free(*s);
+
+	return ret;
+}
+
+/**
+ * dane_state_deinit:
+ * @s: The structure to be deinitialized
+ *
+ * This function will deinitialize a DANE query structure.
+ *
+ **/
+void dane_state_deinit(dane_state_t s)
+{
+	ub_ctx_delete(s->ctx);
+	free(s);
+}
+
+/**
+ * dane_state_set_dlv_file:
+ * @s: The structure to be deinitialized
+ * @file: The file holding the DLV keys.
+ *
+ * This function will set a file with trusted keys
+ * for DLV (DNSSEC Lookaside Validation).
+ *
+ **/
+int dane_state_set_dlv_file(dane_state_t s, const char *file)
+{
+	int ret;
+
+	ret =
+	    ub_ctx_set_option(s->ctx, (char *) "dlv-anchor-file:",
+			      (void *) file);
+	if (ret != 0)
+		return gnutls_assert_val(DANE_E_FILE_ERROR);
+
+	return 0;
+}
+
+/**
+ * dane_query_deinit:
+ * @q: The structure to be deinitialized
+ *
+ * This function will deinitialize a DANE query result structure.
+ *
+ **/
+void dane_query_deinit(dane_query_t q)
+{
+	if (q->result)
+		ub_resolve_free(q->result);
+	free(q);
+}
+
+
+/**
+ * dane_raw_tlsa:
+ * @s: The DANE state structure
+ * @r: A structure to place the result
+ * @dane_data: array of DNS rdata items, terminated with a NULL pointer;
+ *             caller must guarantee that the referenced data remains
+ *             valid until dane_query_deinit() is called.
+ * @dane_data_len: the length n bytes of the dane_data items
+ * @secure: true if the result is validated securely, false if
+ *               validation failed or the domain queried has no security info
+ * @bogus: if the result was not secure (secure = 0) due to a security failure,
+ *              and the result is due to a security failure, bogus is true.
+ *
+ * This function will fill in the TLSA (DANE) structure from
+ * the given raw DNS record data. The @dane_data must be valid
+ * during the lifetime of the query.
+ *
+ * Returns: On success, %DANE_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+dane_raw_tlsa(dane_state_t s, dane_query_t * r, char *const *dane_data,
+	      const int *dane_data_len, int secure, int bogus)
+{
+	int ret = DANE_E_SUCCESS;
+	unsigned int i;
+
+	*r = calloc(1, sizeof(struct dane_query_st));
+	if (*r == NULL)
+		return gnutls_assert_val(DANE_E_MEMORY_ERROR);
+
+	(*r)->data_entries = 0;
+
+	for (i = 0; i < MAX_DATA_ENTRIES; i++) {
+		if (dane_data[i] == NULL)
+			break;
+
+		if (dane_data_len[i] <= 3)
+			return
+			    gnutls_assert_val
+			    (DANE_E_RECEIVED_CORRUPT_DATA);
+
+		(*r)->usage[i] = dane_data[i][0];
+		(*r)->type[i] = dane_data[i][1];
+		(*r)->match[i] = dane_data[i][2];
+		(*r)->data[i].data = (void *) &dane_data[i][3];
+		(*r)->data[i].size = dane_data_len[i] - 3;
+		(*r)->data_entries++;
+	}
+
+	if (!(s->flags & DANE_F_INSECURE) && !secure) {
+		if (bogus)
+			ret = gnutls_assert_val(DANE_E_INVALID_DNSSEC_SIG);
+		else
+			ret = gnutls_assert_val(DANE_E_NO_DNSSEC_SIG);
+	}
+
+	/* show security status */
+	if (secure) {
+		(*r)->status = DANE_QUERY_DNSSEC_VERIFIED;
+	} else if (bogus) {
+		gnutls_assert();
+		(*r)->status = DANE_QUERY_BOGUS;
+	} else {
+		gnutls_assert();
+		(*r)->status = DANE_QUERY_NO_DNSSEC;
+	}
+
+	return ret;
+}
+
+
+/**
+ * dane_query_tlsa:
+ * @s: The DANE state structure
+ * @r: A structure to place the result
+ * @host: The host name to resolve.
+ * @proto: The protocol type (tcp, udp, etc.)
+ * @port: The service port number (eg. 443).
+ *
+ * This function will query the DNS server for the TLSA (DANE)
+ * data for the given host.
+ *
+ * Returns: On success, %DANE_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+dane_query_tlsa(dane_state_t s, dane_query_t * r, const char *host,
+		const char *proto, unsigned int port)
+{
+	char ns[1024];
+	int ret;
+	struct ub_result *result;
+
+	snprintf(ns, sizeof(ns), "_%u._%s.%s", port, proto, host);
+
+	/* query for webserver */
+	ret = ub_resolve(s->ctx, ns, 52, 1, &result);
+	if (ret != 0) {
+		return gnutls_assert_val(DANE_E_RESOLVING_ERROR);
+	}
+
+/* show first result */
+	if (!result->havedata) {
+		ub_resolve_free(result);
+		return gnutls_assert_val(DANE_E_NO_DANE_DATA);
+	}
+
+	ret =
+	    dane_raw_tlsa(s, r, result->data, result->len, result->secure,
+			  result->bogus);
+	if (*r == NULL) {
+		ub_resolve_free(result);
+		return ret;
+	}
+	(*r)->result = result;
+	return ret;
+}
+
+
+static unsigned int
+matches(const gnutls_datum_t * raw1, const gnutls_datum_t * raw2,
+	dane_match_type_t match)
+{
+	uint8_t digest[64];
+	int ret;
+
+	if (match == DANE_MATCH_EXACT) {
+		if (raw1->size != raw2->size)
+			return gnutls_assert_val(0);
+
+		if (memcmp(raw1->data, raw2->data, raw1->size) != 0)
+			return gnutls_assert_val(0);
+
+		return 1;
+	} else if (match == DANE_MATCH_SHA2_256) {
+
+		if (raw2->size != 32)
+			return gnutls_assert_val(0);
+
+		ret =
+		    gnutls_hash_fast(GNUTLS_DIG_SHA256, raw1->data,
+				     raw1->size, digest);
+		if (ret < 0)
+			return gnutls_assert_val(0);
+
+		if (memcmp(digest, raw2->data, 32) != 0)
+			return gnutls_assert_val(0);
+
+		return 1;
+	} else if (match == DANE_MATCH_SHA2_512) {
+		if (raw2->size != 64)
+			return gnutls_assert_val(0);
+
+		ret =
+		    gnutls_hash_fast(GNUTLS_DIG_SHA512, raw1->data,
+				     raw1->size, digest);
+		if (ret < 0)
+			return gnutls_assert_val(0);
+
+		if (memcmp(digest, raw2->data, 64) != 0)
+			return gnutls_assert_val(0);
+
+		return 1;
+	}
+
+	return gnutls_assert_val(0);
+}
+
+static int
+crt_to_pubkey(const gnutls_datum_t * raw_crt, gnutls_datum_t * out)
+{
+	gnutls_pubkey_t pub = NULL;
+	gnutls_x509_crt_t crt = NULL;
+	int ret;
+
+	out->data = NULL;
+
+	ret = gnutls_x509_crt_init(&crt);
+	if (ret < 0)
+		return gnutls_assert_val(DANE_E_PUBKEY_ERROR);
+
+	ret = gnutls_pubkey_init(&pub);
+	if (ret < 0) {
+		gnutls_assert();
+		ret = DANE_E_PUBKEY_ERROR;
+		goto cleanup;
+	}
+
+	ret = gnutls_x509_crt_import(crt, raw_crt, GNUTLS_X509_FMT_DER);
+	if (ret < 0) {
+		gnutls_assert();
+		ret = DANE_E_PUBKEY_ERROR;
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_import_x509(pub, crt, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		ret = DANE_E_PUBKEY_ERROR;
+		goto cleanup;
+	}
+
+	ret = gnutls_pubkey_export2(pub, GNUTLS_X509_FMT_DER, out);
+	if (ret < 0) {
+		gnutls_assert();
+		ret = DANE_E_PUBKEY_ERROR;
+		goto cleanup;
+	}
+
+	ret = 0;
+	goto clean_certs;
+
+      cleanup:
+	free(out->data);
+	out->data = NULL;
+      clean_certs:
+	if (pub)
+		gnutls_pubkey_deinit(pub);
+	if (crt)
+		gnutls_x509_crt_deinit(crt);
+
+	return ret;
+}
+
+static int
+verify_ca(const gnutls_datum_t * raw_crt, unsigned raw_crt_size,
+	  gnutls_certificate_type_t crt_type,
+	  dane_cert_type_t ctype,
+	  dane_match_type_t match, gnutls_datum_t * data,
+	  unsigned int *verify)
+{
+	gnutls_datum_t pubkey = { NULL, 0 };
+	int ret, i;
+	unsigned int vstatus = 0;
+	gnutls_x509_crt_t crt = NULL, ca = NULL;
+	unsigned is_ok = 0;
+
+	if (raw_crt_size < 2) /* we cannot verify the CA */
+		return gnutls_assert_val(DANE_E_UNKNOWN_DANE_DATA);
+
+	if (ctype == DANE_CERT_X509 && crt_type == GNUTLS_CRT_X509) {
+		is_ok = 0;
+		for (i=raw_crt_size-1;i>=1;i--) {
+			if (matches(&raw_crt[i], data, match)) {
+				is_ok = 1;
+				break;
+			}
+		}
+
+		if (is_ok == 0) {
+			gnutls_assert();
+			*verify |= DANE_VERIFY_CA_CONSTRAINTS_VIOLATED;
+		}
+
+	} else if (ctype == DANE_CERT_PK && crt_type == GNUTLS_CRT_X509) {
+		is_ok = 0;
+
+		for (i=raw_crt_size-1;i>=1;i--) {
+			ret = crt_to_pubkey(&raw_crt[i], &pubkey);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+
+			if (matches(&pubkey, data, match)) {
+				is_ok = 1;
+				break;
+			}
+
+			free(pubkey.data);
+			pubkey.data = NULL;
+		}
+
+		if (is_ok == 0) {
+			gnutls_assert();
+			*verify |= DANE_VERIFY_CA_CONSTRAINTS_VIOLATED;
+		}
+	} else {
+		ret = gnutls_assert_val(DANE_E_UNKNOWN_DANE_DATA);
+		goto cleanup;
+	}
+
+	/* check if the certificate chain is actually a chain */
+	ret = gnutls_x509_crt_init(&crt);
+	if (ret < 0) {
+		ret = gnutls_assert_val(DANE_E_CERT_ERROR);
+		goto cleanup;
+	}
+
+	ret =
+	    gnutls_x509_crt_import(crt, &raw_crt[0], GNUTLS_X509_FMT_DER);
+	if (ret < 0) {
+		ret = gnutls_assert_val(DANE_E_CERT_ERROR);
+		goto cleanup;
+	}
+
+	for (i=raw_crt_size-1;i>=1;i--) {
+		ret = gnutls_x509_crt_init(&ca);
+		if (ret < 0) {
+			ret = gnutls_assert_val(DANE_E_CERT_ERROR);
+			goto cleanup;
+		}
+
+		ret = gnutls_x509_crt_import(ca, &raw_crt[i], GNUTLS_X509_FMT_DER);
+		if (ret < 0) {
+			ret = gnutls_assert_val(DANE_E_CERT_ERROR);
+			goto cleanup;
+		}
+
+		ret = gnutls_x509_crt_check_issuer(crt, ca);
+		if (ret != 0)
+			break;
+
+		gnutls_x509_crt_deinit(ca);
+		ca = NULL;
+	}
+
+	if (ca == NULL) {
+		gnutls_assert();
+		*verify |= DANE_VERIFY_CA_CONSTRAINTS_VIOLATED;
+	} else {
+		ret = gnutls_x509_crt_verify(crt, &ca, 1, 0, &vstatus);
+		if (ret < 0) {
+			ret = gnutls_assert_val(DANE_E_CERT_ERROR);
+			goto cleanup;
+		}
+
+		if (vstatus != 0)
+			*verify |= DANE_VERIFY_CA_CONSTRAINTS_VIOLATED;
+	}
+
+	ret = 0;
+      cleanup:
+	free(pubkey.data);
+	if (crt != NULL)
+		gnutls_x509_crt_deinit(crt);
+	if (ca != NULL)
+		gnutls_x509_crt_deinit(ca);
+	return ret;
+}
+
+static int
+verify_ee(const gnutls_datum_t * raw_crt,
+	  gnutls_certificate_type_t crt_type, dane_cert_type_t ctype,
+	  dane_match_type_t match, gnutls_datum_t * data,
+	  unsigned int *verify)
+{
+	gnutls_datum_t pubkey = { NULL, 0 };
+	int ret;
+
+	if (ctype == DANE_CERT_X509 && crt_type == GNUTLS_CRT_X509) {
+
+		if (!matches(raw_crt, data, match)) {
+			gnutls_assert();
+			*verify |= DANE_VERIFY_CERT_DIFFERS;
+		}
+
+	} else if (ctype == DANE_CERT_PK && crt_type == GNUTLS_CRT_X509) {
+
+		ret = crt_to_pubkey(raw_crt, &pubkey);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		if (!matches(&pubkey, data, match)) {
+			gnutls_assert();
+			*verify |= DANE_VERIFY_CERT_DIFFERS;
+		}
+	} else {
+		ret = gnutls_assert_val(DANE_E_UNKNOWN_DANE_DATA);
+		goto cleanup;
+	}
+
+	ret = 0;
+      cleanup:
+	free(pubkey.data);
+	return ret;
+}
+
+#define CHECK_VRET(ret, checked, record_status, status) \
+			if (ret == DANE_E_UNKNOWN_DANE_DATA) { \
+				/* skip that entry */ \
+				continue; \
+			} else if (ret < 0) { \
+				gnutls_assert(); \
+				goto cleanup; \
+			} \
+			checked = 1; \
+			if (record_status == 0) { \
+				status = 0; \
+				break; \
+			} else { \
+				status |= record_status; \
+			}
+
+/**
+ * dane_verify_crt_raw:
+ * @s: A DANE state structure (may be NULL)
+ * @chain: A certificate chain
+ * @chain_size: The size of the chain
+ * @chain_type: The type of the certificate chain
+ * @r: DANE data to check against
+ * @sflags: Flags for the initialization of @s (if NULL)
+ * @vflags: Verification flags; an OR'ed list of %dane_verify_flags_t.
+ * @verify: An OR'ed list of %dane_verify_status_t.
+ *
+ * This is the low-level function of dane_verify_crt(). See the
+ * high level function for documentation.
+ *
+ * This function does not perform any resolving, it utilizes
+ * cached entries from @r.
+ *
+ * Returns: a negative error code on error and %DANE_E_SUCCESS (0)
+ * when the DANE entries were successfully parsed, irrespective of
+ * whether they were verified (see @verify for that information). If
+ * no usable entries were encountered %DANE_E_REQUESTED_DATA_NOT_AVAILABLE
+ * will be returned.
+ *
+ **/
+int
+dane_verify_crt_raw(dane_state_t s,
+		    const gnutls_datum_t * chain, unsigned chain_size,
+		    gnutls_certificate_type_t chain_type,
+		    dane_query_t r,
+		    unsigned int sflags, unsigned int vflags,
+		    unsigned int *verify)
+{
+	int ret;
+	unsigned checked = 0;
+	unsigned int usage, type, match, idx;
+	gnutls_datum_t data;
+
+	if (chain_type != GNUTLS_CRT_X509)
+		return gnutls_assert_val(DANE_E_INVALID_REQUEST);
+
+	if (chain_size == 0)
+		return gnutls_assert_val(DANE_E_NO_CERT);
+
+	*verify = 0;
+	idx = 0;
+	do {
+		unsigned int record_verify = 0;
+
+		ret =
+		    dane_query_data(r, idx++, &usage, &type, &match,
+				    &data);
+		if (ret == DANE_E_REQUESTED_DATA_NOT_AVAILABLE)
+			break;
+
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+
+		if (!(vflags & DANE_VFLAG_ONLY_CHECK_EE_USAGE)
+		    && (usage == DANE_CERT_USAGE_LOCAL_CA
+			|| usage == DANE_CERT_USAGE_CA)) {
+			ret =
+			    verify_ca(chain, chain_size, chain_type, type,
+				      match, &data, &record_verify);
+			CHECK_VRET(ret, checked, record_verify, *verify);
+
+		} else if (!(vflags & DANE_VFLAG_ONLY_CHECK_CA_USAGE)
+			   && (usage == DANE_CERT_USAGE_LOCAL_EE
+			       || usage == DANE_CERT_USAGE_EE)) {
+			ret =
+			    verify_ee(&chain[0], chain_type, type, match,
+				      &data, &record_verify);
+			CHECK_VRET(ret, checked, record_verify, *verify);
+		}
+	}
+	while (1);
+
+	if ((vflags & DANE_VFLAG_FAIL_IF_NOT_CHECKED) && checked == 0) {
+		ret =
+		    gnutls_assert_val(DANE_E_REQUESTED_DATA_NOT_AVAILABLE);
+	} else if (checked == 0) {
+		*verify |= DANE_VERIFY_UNKNOWN_DANE_INFO;
+	} else {
+		ret = 0;
+	}
+
+      cleanup:
+	return ret;
+}
+
+
+/**
+ * dane_verify_crt:
+ * @s: A DANE state structure (may be NULL)
+ * @chain: A certificate chain
+ * @chain_size: The size of the chain
+ * @chain_type: The type of the certificate chain
+ * @hostname: The hostname associated with the chain
+ * @proto: The protocol of the service connecting (e.g. tcp)
+ * @port: The port of the service connecting (e.g. 443)
+ * @sflags: Flags for the initialization of @s (if NULL)
+ * @vflags: Verification flags; an OR'ed list of %dane_verify_flags_t.
+ * @verify: An OR'ed list of %dane_verify_status_t.
+ *
+ * This function will verify the given certificate chain against the
+ * CA constrains and/or the certificate available via DANE.
+ * If no information via DANE can be obtained the flag %DANE_VERIFY_NO_DANE_INFO
+ * is set. If a DNSSEC signature is not available for the DANE
+ * record then the verify flag %DANE_VERIFY_NO_DNSSEC_DATA is set.
+ *
+ * Due to the many possible options of DANE, there is no single threat
+ * model countered. When notifying the user about DANE verification results
+ * it may be better to mention: DANE verification did not reject the certificate,
+ * rather than mentioning a successful DANE verication.
+ *
+ * Note that this function is designed to be run in addition to
+ * PKIX - certificate chain - verification. To be run independently
+ * the %DANE_VFLAG_ONLY_CHECK_EE_USAGE flag should be specified;
+ * then the function will check whether the key of the peer matches the
+ * key advertized in the DANE entry.
+ *
+ * Returns: a negative error code on error and %DANE_E_SUCCESS (0)
+ * when the DANE entries were successfully parsed, irrespective of
+ * whether they were verified (see @verify for that information). If
+ * no usable entries were encountered %DANE_E_REQUESTED_DATA_NOT_AVAILABLE
+ * will be returned.
+ *
+ **/
+int
+dane_verify_crt(dane_state_t s,
+		const gnutls_datum_t * chain, unsigned chain_size,
+		gnutls_certificate_type_t chain_type,
+		const char *hostname, const char *proto, unsigned int port,
+		unsigned int sflags, unsigned int vflags,
+		unsigned int *verify)
+{
+	dane_state_t state = NULL;
+	dane_query_t r = NULL;
+	int ret;
+
+	*verify = 0;
+	if (s == NULL) {
+		ret = dane_state_init(&state, sflags);
+		if (ret < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	} else
+		state = s;
+
+	ret = dane_query_tlsa(state, &r, hostname, proto, port);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+	ret = dane_verify_crt_raw(state, chain, chain_size, chain_type,
+				  r, sflags, vflags, verify);
+      cleanup:
+	if (state != s)
+		dane_state_deinit(state);
+	if (r != NULL)
+		dane_query_deinit(r);
+	return ret;
+}
+
+/**
+ * dane_verify_session_crt:
+ * @s: A DANE state structure (may be NULL)
+ * @session: A gnutls session
+ * @hostname: The hostname associated with the chain
+ * @proto: The protocol of the service connecting (e.g. tcp)
+ * @port: The port of the service connecting (e.g. 443)
+ * @sflags: Flags for the initialization of @s (if NULL)
+ * @vflags: Verification flags; an OR'ed list of %dane_verify_flags_t.
+ * @verify: An OR'ed list of %dane_verify_status_t.
+ *
+ * This function will verify session's certificate chain against the
+ * CA constrains and/or the certificate available via DANE.
+ * See dane_verify_crt() for more information.
+ *
+ * This will not verify the chain for validity; unless the DANE
+ * verification is restricted to end certificates, this must be
+ * be performed separately using gnutls_certificate_verify_peers3().
+ *
+ * Returns: a negative error code on error and %DANE_E_SUCCESS (0)
+ * when the DANE entries were successfully parsed, irrespective of
+ * whether they were verified (see @verify for that information). If
+ * no usable entries were encountered %DANE_E_REQUESTED_DATA_NOT_AVAILABLE
+ * will be returned.
+ *
+ **/
+int
+dane_verify_session_crt(dane_state_t s,
+			gnutls_session_t session,
+			const char *hostname, const char *proto,
+			unsigned int port, unsigned int sflags,
+			unsigned int vflags, unsigned int *verify)
+{
+	const gnutls_datum_t *cert_list;
+	unsigned int cert_list_size = 0;
+	unsigned int type;
+	gnutls_x509_crt_t crt, ca;
+	gnutls_certificate_credentials_t sc;
+	int ret;
+
+	cert_list = gnutls_certificate_get_peers(session, &cert_list_size);
+	if (cert_list_size == 0) {
+		return gnutls_assert_val(DANE_E_NO_CERT);
+	}
+
+	type = gnutls_certificate_type_get(session);
+
+	/* this list may be incomplete, try to get the self-signed CA if any */
+	ret = gnutls_x509_crt_init(&crt);
+	if (ret < 0) {
+		gnutls_assert();
+		goto failsafe;
+	}
+
+	ret = gnutls_x509_crt_import(crt, &cert_list[cert_list_size-1], GNUTLS_X509_FMT_DER);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_x509_crt_deinit(crt);
+		goto failsafe;
+	}
+
+	/* if it is already self signed continue normally */
+	ret = gnutls_x509_crt_check_issuer(crt, crt);
+	if (ret != 0) {
+		gnutls_assert();
+		gnutls_x509_crt_deinit(crt);
+		goto failsafe;
+	}
+
+	/* chain does not finish in a self signed cert, try to obtain the issuer */
+	ret = gnutls_credentials_get(session, GNUTLS_CRD_CERTIFICATE, (void**)&sc);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_x509_crt_deinit(crt);
+		goto failsafe;
+	}
+
+	ret = gnutls_certificate_get_issuer(sc, crt, &ca, 0);
+	if (ret < 0) {
+		gnutls_assert();
+		gnutls_x509_crt_deinit(crt);
+		goto failsafe;
+	}
+
+	/* make the new list */
+	gnutls_datum_t *new_cert_list;
+
+	new_cert_list = gnutls_malloc((cert_list_size + 1) * sizeof(gnutls_datum_t));
+	if (new_cert_list == NULL) {
+		gnutls_assert();
+		gnutls_x509_crt_deinit(crt);
+		goto failsafe;
+	}
+
+	memcpy(new_cert_list, cert_list, cert_list_size*sizeof(gnutls_datum_t));
+
+	ret = gnutls_x509_crt_export2(ca, GNUTLS_X509_FMT_DER, &new_cert_list[cert_list_size]);
+	if (ret < 0) {
+		gnutls_assert();
+		free(new_cert_list);
+		gnutls_x509_crt_deinit(crt);
+		goto failsafe;
+	}
+
+	ret = dane_verify_crt(s, new_cert_list, cert_list_size+1, type,
+			      hostname, proto, port, sflags, vflags,
+			      verify);
+	if (ret < 0) {
+		gnutls_assert();
+	}
+	gnutls_free(new_cert_list[cert_list_size].data);
+	free(new_cert_list);
+	return ret;
+
+ failsafe:
+	return dane_verify_crt(s, cert_list, cert_list_size, type,
+			       hostname, proto, port, sflags, vflags,
+			       verify);
+}
+
+/**
+ * dane_verification_status_print:
+ * @status: The status flags to be printed
+ * @type: The certificate type
+ * @out: Newly allocated datum with (0) terminated string.
+ * @flags: should be zero
+ *
+ * This function will pretty print the status of a verification
+ * process -- eg. the one obtained by dane_verify_crt().
+ *
+ * The output @out needs to be deallocated using gnutls_free().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
+ *   negative error value.
+ **/
+int
+dane_verification_status_print(unsigned int status,
+			       gnutls_datum_t * out, unsigned int flags)
+{
+	gnutls_buffer_st str;
+
+	_gnutls_buffer_init(&str);
+
+	if (status == 0)
+		_gnutls_buffer_append_str(&str,
+					  _("Certificate matches. "));
+	else
+		_gnutls_buffer_append_str(&str,
+					  _("Verification failed. "));
+
+	if (status & DANE_VERIFY_CA_CONSTRAINTS_VIOLATED)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("CA constrains were violated. "));
+
+	if (status & DANE_VERIFY_CERT_DIFFERS)
+		_gnutls_buffer_append_str(&str,
+					  _("The certificate differs. "));
+
+	if (status & DANE_VERIFY_NO_DANE_INFO)
+		_gnutls_buffer_append_str(&str,
+					  _
+					  ("There were no DANE information. "));
+
+	return _gnutls_buffer_to_datum(&str, out, 1);
+}
diff --git a/libdane/errors.c b/libdane/errors.c
new file mode 100644
index 0000000..35ae971
--- /dev/null
+++ b/libdane/errors.c
@@ -0,0 +1,103 @@
+/*
+ * Copyright (C) 2012 Free Software Foundation
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of libdane.
+ *
+ * libdane is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include <config.h>
+#include <gnutls/dane.h>
+
+/* I18n of error codes. */
+#include "gettext.h"
+#define _(String) dgettext (PACKAGE, String)
+#define N_(String) gettext_noop (String)
+
+#define ERROR_ENTRY(desc, name) \
+	{ desc, #name, name}
+
+struct error_entry {
+	const char *desc;
+	const char *_name;
+	int number;
+};
+typedef struct error_entry error_entry;
+
+static const error_entry error_algorithms[] = {
+	ERROR_ENTRY(N_("Success."), DANE_E_SUCCESS),
+	ERROR_ENTRY(N_("There was error initializing the DNS query."),
+		    DANE_E_INITIALIZATION_ERROR),
+	ERROR_ENTRY(N_("There was an error while resolving."),
+		    DANE_E_RESOLVING_ERROR),
+	ERROR_ENTRY(N_("No DANE data were found."),
+		    DANE_E_NO_DANE_DATA),
+	ERROR_ENTRY(N_("Unknown DANE data were found."),
+		    DANE_E_UNKNOWN_DANE_DATA),
+	ERROR_ENTRY(N_("No DNSSEC signature was found."),
+		    DANE_E_NO_DNSSEC_SIG),
+	ERROR_ENTRY(N_("Received corrupt data."),
+		    DANE_E_RECEIVED_CORRUPT_DATA),
+	ERROR_ENTRY(N_("The DNSSEC signature is invalid."),
+		    DANE_E_INVALID_DNSSEC_SIG),
+	ERROR_ENTRY(N_("There was a memory error."),
+		    DANE_E_MEMORY_ERROR),
+	ERROR_ENTRY(N_("The requested data are not available."),
+		    DANE_E_REQUESTED_DATA_NOT_AVAILABLE),
+	ERROR_ENTRY(N_("The request is invalid."),
+		    DANE_E_INVALID_REQUEST),
+	ERROR_ENTRY(N_("There was an error in the certificate."),
+		    DANE_E_CERT_ERROR),
+	ERROR_ENTRY(N_("There was an error in the public key."),
+		    DANE_E_PUBKEY_ERROR),
+	ERROR_ENTRY(N_("No certificate was found."),
+		    DANE_E_NO_CERT),
+	ERROR_ENTRY(N_("Error in file."),
+		    DANE_E_FILE_ERROR),
+	{NULL, NULL, 0}
+};
+
+/**
+ * dane_strerror:
+ * @error: is a DANE error code, a negative error code
+ *
+ * This function is similar to strerror.  The difference is that it
+ * accepts an error number returned by a gnutls function; In case of
+ * an unknown error a descriptive string is sent instead of %NULL.
+ *
+ * Error codes are always a negative error code.
+ *
+ * Returns: A string explaining the DANE error message.
+ **/
+const char *dane_strerror(int error)
+{
+	const char *ret = NULL;
+	const error_entry *p;
+
+	for (p = error_algorithms; p->desc != NULL; p++) {
+		if (p->number == error) {
+			ret = p->desc;
+			break;
+		}
+	}
+
+	/* avoid prefix */
+	if (ret == NULL)
+		return _("(unknown error code)");
+
+	return _(ret);
+}
diff --git a/libdane/gnutls-dane.pc.in b/libdane/gnutls-dane.pc.in
new file mode 100644
index 0000000..8496e61
--- /dev/null
+++ b/libdane/gnutls-dane.pc.in
@@ -0,0 +1,24 @@
+# Process this file with autoconf to produce a pkg-config metadata file.
+
+# Copyright (C) 2004-2012 Free Software Foundation, Inc.
+
+# Copying and distribution of this file, with or without modification,
+# are permitted in any medium without royalty provided the copyright
+# notice and this notice are preserved.  This file is offered as-is,
+# without any warranty.
+
+# Author: Nikos Mavrogiannopoulos
+
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: GnuTLS-DANE
+Description: DANE security library for the GNU system
+URL: https://www.gnu.org/software/gnutls/
+Version: @VERSION@
+Libs: -L${libdir} -lgnutls-dane
+Libs.private: @UNBOUND_LIBS@
+Requires.private: gnutls
+Cflags: -I${includedir}
diff --git a/libdane/includes/Makefile.am b/libdane/includes/Makefile.am
new file mode 100644
index 0000000..3d4d366
--- /dev/null
+++ b/libdane/includes/Makefile.am
@@ -0,0 +1,21 @@
+## Process this file with automake to produce Makefile.in
+# Copyright (C) 2012 KU Leuven
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of libdane.
+#
+# libdane is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+#
+# GnuTLS-extra is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+nobase_include_HEADERS = gnutls/dane.h
diff --git a/libdane/includes/Makefile.in b/libdane/includes/Makefile.in
new file mode 100644
index 0000000..79f5ac0
--- /dev/null
+++ b/libdane/includes/Makefile.in
@@ -0,0 +1,2340 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# Copyright (C) 2012 KU Leuven
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of libdane.
+#
+# libdane is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+#
+# GnuTLS-extra is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = libdane/includes
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \
+	$(top_srcdir)/lib/unistring/m4/inline.m4 \
+	$(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \
+	$(top_srcdir)/src/gl/m4/atoll.m4 \
+	$(top_srcdir)/src/gl/m4/bison.m4 \
+	$(top_srcdir)/src/gl/m4/calloc.m4 \
+	$(top_srcdir)/src/gl/m4/clock_time.m4 \
+	$(top_srcdir)/src/gl/m4/codeset.m4 \
+	$(top_srcdir)/src/gl/m4/ctype_h.m4 \
+	$(top_srcdir)/src/gl/m4/environ.m4 \
+	$(top_srcdir)/src/gl/m4/error.m4 \
+	$(top_srcdir)/src/gl/m4/fdopen.m4 \
+	$(top_srcdir)/src/gl/m4/flexmember.m4 \
+	$(top_srcdir)/src/gl/m4/fpending.m4 \
+	$(top_srcdir)/src/gl/m4/fpieee.m4 \
+	$(top_srcdir)/src/gl/m4/fseek.m4 \
+	$(top_srcdir)/src/gl/m4/ftruncate.m4 \
+	$(top_srcdir)/src/gl/m4/getaddrinfo.m4 \
+	$(top_srcdir)/src/gl/m4/getcwd.m4 \
+	$(top_srcdir)/src/gl/m4/getpagesize.m4 \
+	$(top_srcdir)/src/gl/m4/getpass.m4 \
+	$(top_srcdir)/src/gl/m4/getprogname.m4 \
+	$(top_srcdir)/src/gl/m4/gettime.m4 \
+	$(top_srcdir)/src/gl/m4/gnulib-comp.m4 \
+	$(top_srcdir)/src/gl/m4/hostent.m4 \
+	$(top_srcdir)/src/gl/m4/intl-thread-locale.m4 \
+	$(top_srcdir)/src/gl/m4/inttostr.m4 \
+	$(top_srcdir)/src/gl/m4/ioctl.m4 \
+	$(top_srcdir)/src/gl/m4/isblank.m4 \
+	$(top_srcdir)/src/gl/m4/langinfo_h.m4 \
+	$(top_srcdir)/src/gl/m4/lcmessage.m4 \
+	$(top_srcdir)/src/gl/m4/locale-fr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-ja.m4 \
+	$(top_srcdir)/src/gl/m4/locale-tr.m4 \
+	$(top_srcdir)/src/gl/m4/locale-zh.m4 \
+	$(top_srcdir)/src/gl/m4/locale_h.m4 \
+	$(top_srcdir)/src/gl/m4/localename.m4 \
+	$(top_srcdir)/src/gl/m4/lstat.m4 \
+	$(top_srcdir)/src/gl/m4/mktime.m4 \
+	$(top_srcdir)/src/gl/m4/nanosleep.m4 \
+	$(top_srcdir)/src/gl/m4/nstrftime.m4 \
+	$(top_srcdir)/src/gl/m4/parse-datetime.m4 \
+	$(top_srcdir)/src/gl/m4/perror.m4 \
+	$(top_srcdir)/src/gl/m4/pipe.m4 \
+	$(top_srcdir)/src/gl/m4/pthread-thread.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_h.m4 \
+	$(top_srcdir)/src/gl/m4/pthread_sigmask.m4 \
+	$(top_srcdir)/src/gl/m4/putenv.m4 \
+	$(top_srcdir)/src/gl/m4/raise.m4 \
+	$(top_srcdir)/src/gl/m4/reallocarray.m4 \
+	$(top_srcdir)/src/gl/m4/sched_h.m4 \
+	$(top_srcdir)/src/gl/m4/sched_yield.m4 \
+	$(top_srcdir)/src/gl/m4/select.m4 \
+	$(top_srcdir)/src/gl/m4/semaphore.m4 \
+	$(top_srcdir)/src/gl/m4/servent.m4 \
+	$(top_srcdir)/src/gl/m4/setenv.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale.m4 \
+	$(top_srcdir)/src/gl/m4/setlocale_null.m4 \
+	$(top_srcdir)/src/gl/m4/sigaction.m4 \
+	$(top_srcdir)/src/gl/m4/signal_h.m4 \
+	$(top_srcdir)/src/gl/m4/signalblocking.m4 \
+	$(top_srcdir)/src/gl/m4/sleep.m4 \
+	$(top_srcdir)/src/gl/m4/sockets.m4 \
+	$(top_srcdir)/src/gl/m4/strerror.m4 \
+	$(top_srcdir)/src/gl/m4/strerror_r.m4 \
+	$(top_srcdir)/src/gl/m4/strtoll.m4 \
+	$(top_srcdir)/src/gl/m4/symlink.m4 \
+	$(top_srcdir)/src/gl/m4/sys_ioctl_h.m4 \
+	$(top_srcdir)/src/gl/m4/sys_select_h.m4 \
+	$(top_srcdir)/src/gl/m4/thread.m4 \
+	$(top_srcdir)/src/gl/m4/time_rz.m4 \
+	$(top_srcdir)/src/gl/m4/timegm.m4 \
+	$(top_srcdir)/src/gl/m4/timespec.m4 \
+	$(top_srcdir)/src/gl/m4/tm_gmtoff.m4 \
+	$(top_srcdir)/src/gl/m4/tzset.m4 \
+	$(top_srcdir)/src/gl/m4/usleep.m4 \
+	$(top_srcdir)/src/gl/m4/visibility.m4 \
+	$(top_srcdir)/src/gl/m4/xalloc.m4 \
+	$(top_srcdir)/src/gl/m4/yield.m4 $(top_srcdir)/m4/00gnulib.m4 \
+	$(top_srcdir)/m4/__inline.m4 \
+	$(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \
+	$(top_srcdir)/m4/arpa_inet_h.m4 \
+	$(top_srcdir)/m4/ax_ac_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_ac_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_add_am_macro_static.m4 \
+	$(top_srcdir)/m4/ax_am_macros_static.m4 \
+	$(top_srcdir)/m4/ax_check_gnu_make.m4 \
+	$(top_srcdir)/m4/ax_code_coverage.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/builtin-expect.m4 \
+	$(top_srcdir)/m4/byteswap.m4 $(top_srcdir)/m4/close.m4 \
+	$(top_srcdir)/m4/double-slash-root.m4 $(top_srcdir)/m4/dup2.m4 \
+	$(top_srcdir)/m4/eealloc.m4 $(top_srcdir)/m4/errno_h.m4 \
+	$(top_srcdir)/m4/explicit_bzero.m4 \
+	$(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \
+	$(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \
+	$(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \
+	$(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \
+	$(top_srcdir)/m4/free.m4 $(top_srcdir)/m4/fseeko.m4 \
+	$(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \
+	$(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/func.m4 \
+	$(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \
+	$(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/gettimeofday.m4 \
+	$(top_srcdir)/m4/gnulib-common.m4 \
+	$(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \
+	$(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \
+	$(top_srcdir)/m4/host-cpu-c-abi.m4 $(top_srcdir)/m4/iconv.m4 \
+	$(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \
+	$(top_srcdir)/m4/inet_pton.m4 $(top_srcdir)/m4/intlmacosx.m4 \
+	$(top_srcdir)/m4/intmax_t.m4 $(top_srcdir)/m4/inttypes.m4 \
+	$(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/largefile.m4 \
+	$(top_srcdir)/m4/ld-output-def.m4 \
+	$(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \
+	$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
+	$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/lock.m4 \
+	$(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \
+	$(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \
+	$(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \
+	$(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \
+	$(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \
+	$(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \
+	$(top_srcdir)/m4/netdb_h.m4 $(top_srcdir)/m4/netinet_in_h.m4 \
+	$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/off_t.m4 \
+	$(top_srcdir)/m4/open-cloexec.m4 \
+	$(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \
+	$(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/pkg.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \
+	$(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \
+	$(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \
+	$(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/size_max.m4 \
+	$(top_srcdir)/m4/snprintf.m4 $(top_srcdir)/m4/socketlib.m4 \
+	$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sockpfaf.m4 \
+	$(top_srcdir)/m4/ssize_t.m4 $(top_srcdir)/m4/stat-time.m4 \
+	$(top_srcdir)/m4/stat.m4 $(top_srcdir)/m4/stdalign.m4 \
+	$(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \
+	$(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \
+	$(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \
+	$(top_srcdir)/m4/stpcpy.m4 $(top_srcdir)/m4/strcase.m4 \
+	$(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/string_h.m4 \
+	$(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \
+	$(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \
+	$(top_srcdir)/m4/strverscmp.m4 \
+	$(top_srcdir)/m4/sys_socket_h.m4 \
+	$(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \
+	$(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \
+	$(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \
+	$(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \
+	$(top_srcdir)/m4/unistd_h.m4 \
+	$(top_srcdir)/m4/valgrind-tests.m4 \
+	$(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \
+	$(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \
+	$(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \
+	$(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \
+	$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/m4/zzgnulib.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(nobase_include_HEADERS) \
+	$(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+SOURCES =
+DIST_SOURCES =
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+    $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+    *) f=$$p;; \
+  esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+  srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+  for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+  for p in $$list; do echo "$$p $$p"; done | \
+  sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+  $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+    if (++n[$$2] == $(am__install_max)) \
+      { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+    END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+  sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+  sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
+am__installdirs = "$(DESTDIR)$(includedir)"
+HEADERS = $(nobase_include_HEADERS)
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+am__DIST_COMMON = $(srcdir)/Makefile.in
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+AARCH64_CCASFLAGS = @AARCH64_CCASFLAGS@
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+ALLOCA_H = @ALLOCA_H@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_VALGRINDFLAGS = @AM_VALGRINDFLAGS@
+APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@
+AR = @AR@
+ARFLAGS = @ARFLAGS@
+ASN1PARSER = @ASN1PARSER@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@
+BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@
+BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@
+BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@
+BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@
+BYTESWAP_H = @BYTESWAP_H@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@
+CODE_COVERAGE_CPPFLAGS = @CODE_COVERAGE_CPPFLAGS@
+CODE_COVERAGE_CXXFLAGS = @CODE_COVERAGE_CXXFLAGS@
+CODE_COVERAGE_ENABLED = @CODE_COVERAGE_ENABLED@
+CODE_COVERAGE_LIBS = @CODE_COVERAGE_LIBS@
+CONFIG_INCLUDE = @CONFIG_INCLUDE@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYWRAP_PATCHLEVEL = @CRYWRAP_PATCHLEVEL@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CXX_LT_AGE = @CXX_LT_AGE@
+CXX_LT_CURRENT = @CXX_LT_CURRENT@
+CXX_LT_REVISION = @CXX_LT_REVISION@
+CYGPATH_W = @CYGPATH_W@
+DEFAULT_VALGRINDFLAGS = @DEFAULT_VALGRINDFLAGS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DLL_SSL_VERSION = @DLL_SSL_VERSION@
+DLL_VERSION = @DLL_VERSION@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@
+EMULTIHOP_VALUE = @EMULTIHOP_VALUE@
+ENABLE_PADLOCK = @ENABLE_PADLOCK@
+ENOLINK_HIDDEN = @ENOLINK_HIDDEN@
+ENOLINK_VALUE = @ENOLINK_VALUE@
+EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@
+EOVERFLOW_VALUE = @EOVERFLOW_VALUE@
+ERRNO_H = @ERRNO_H@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+FILECMD = @FILECMD@
+FIPS140_LIBS = @FIPS140_LIBS@
+FLOAT_H = @FLOAT_H@
+GCOV = @GCOV@
+GENHTML = @GENHTML@
+GETADDRINFO_LIB = @GETADDRINFO_LIB@
+GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
+GL_GGL_GNULIB_ACCEPT = @GL_GGL_GNULIB_ACCEPT@
+GL_GGL_GNULIB_ACCEPT4 = @GL_GGL_GNULIB_ACCEPT4@
+GL_GGL_GNULIB_ACCESS = @GL_GGL_GNULIB_ACCESS@
+GL_GGL_GNULIB_ALIGNED_ALLOC = @GL_GGL_GNULIB_ALIGNED_ALLOC@
+GL_GGL_GNULIB_ATOLL = @GL_GGL_GNULIB_ATOLL@
+GL_GGL_GNULIB_BIND = @GL_GGL_GNULIB_BIND@
+GL_GGL_GNULIB_BTOWC = @GL_GGL_GNULIB_BTOWC@
+GL_GGL_GNULIB_CALLOC_POSIX = @GL_GGL_GNULIB_CALLOC_POSIX@
+GL_GGL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GGL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GGL_GNULIB_CHDIR = @GL_GGL_GNULIB_CHDIR@
+GL_GGL_GNULIB_CHOWN = @GL_GGL_GNULIB_CHOWN@
+GL_GGL_GNULIB_CLOSE = @GL_GGL_GNULIB_CLOSE@
+GL_GGL_GNULIB_CONNECT = @GL_GGL_GNULIB_CONNECT@
+GL_GGL_GNULIB_COPY_FILE_RANGE = @GL_GGL_GNULIB_COPY_FILE_RANGE@
+GL_GGL_GNULIB_CREAT = @GL_GGL_GNULIB_CREAT@
+GL_GGL_GNULIB_CTIME = @GL_GGL_GNULIB_CTIME@
+GL_GGL_GNULIB_DPRINTF = @GL_GGL_GNULIB_DPRINTF@
+GL_GGL_GNULIB_DUP = @GL_GGL_GNULIB_DUP@
+GL_GGL_GNULIB_DUP2 = @GL_GGL_GNULIB_DUP2@
+GL_GGL_GNULIB_DUP3 = @GL_GGL_GNULIB_DUP3@
+GL_GGL_GNULIB_DUPLOCALE = @GL_GGL_GNULIB_DUPLOCALE@
+GL_GGL_GNULIB_ENVIRON = @GL_GGL_GNULIB_ENVIRON@
+GL_GGL_GNULIB_EUIDACCESS = @GL_GGL_GNULIB_EUIDACCESS@
+GL_GGL_GNULIB_EXECL = @GL_GGL_GNULIB_EXECL@
+GL_GGL_GNULIB_EXECLE = @GL_GGL_GNULIB_EXECLE@
+GL_GGL_GNULIB_EXECLP = @GL_GGL_GNULIB_EXECLP@
+GL_GGL_GNULIB_EXECV = @GL_GGL_GNULIB_EXECV@
+GL_GGL_GNULIB_EXECVE = @GL_GGL_GNULIB_EXECVE@
+GL_GGL_GNULIB_EXECVP = @GL_GGL_GNULIB_EXECVP@
+GL_GGL_GNULIB_EXECVPE = @GL_GGL_GNULIB_EXECVPE@
+GL_GGL_GNULIB_EXPLICIT_BZERO = @GL_GGL_GNULIB_EXPLICIT_BZERO@
+GL_GGL_GNULIB_FACCESSAT = @GL_GGL_GNULIB_FACCESSAT@
+GL_GGL_GNULIB_FCHDIR = @GL_GGL_GNULIB_FCHDIR@
+GL_GGL_GNULIB_FCHMODAT = @GL_GGL_GNULIB_FCHMODAT@
+GL_GGL_GNULIB_FCHOWNAT = @GL_GGL_GNULIB_FCHOWNAT@
+GL_GGL_GNULIB_FCLOSE = @GL_GGL_GNULIB_FCLOSE@
+GL_GGL_GNULIB_FCNTL = @GL_GGL_GNULIB_FCNTL@
+GL_GGL_GNULIB_FDATASYNC = @GL_GGL_GNULIB_FDATASYNC@
+GL_GGL_GNULIB_FDOPEN = @GL_GGL_GNULIB_FDOPEN@
+GL_GGL_GNULIB_FFLUSH = @GL_GGL_GNULIB_FFLUSH@
+GL_GGL_GNULIB_FFS = @GL_GGL_GNULIB_FFS@
+GL_GGL_GNULIB_FFSL = @GL_GGL_GNULIB_FFSL@
+GL_GGL_GNULIB_FFSLL = @GL_GGL_GNULIB_FFSLL@
+GL_GGL_GNULIB_FGETC = @GL_GGL_GNULIB_FGETC@
+GL_GGL_GNULIB_FGETS = @GL_GGL_GNULIB_FGETS@
+GL_GGL_GNULIB_FOPEN = @GL_GGL_GNULIB_FOPEN@
+GL_GGL_GNULIB_FPRINTF = @GL_GGL_GNULIB_FPRINTF@
+GL_GGL_GNULIB_FPRINTF_POSIX = @GL_GGL_GNULIB_FPRINTF_POSIX@
+GL_GGL_GNULIB_FPURGE = @GL_GGL_GNULIB_FPURGE@
+GL_GGL_GNULIB_FPUTC = @GL_GGL_GNULIB_FPUTC@
+GL_GGL_GNULIB_FPUTS = @GL_GGL_GNULIB_FPUTS@
+GL_GGL_GNULIB_FREAD = @GL_GGL_GNULIB_FREAD@
+GL_GGL_GNULIB_FREE_POSIX = @GL_GGL_GNULIB_FREE_POSIX@
+GL_GGL_GNULIB_FREOPEN = @GL_GGL_GNULIB_FREOPEN@
+GL_GGL_GNULIB_FSCANF = @GL_GGL_GNULIB_FSCANF@
+GL_GGL_GNULIB_FSEEK = @GL_GGL_GNULIB_FSEEK@
+GL_GGL_GNULIB_FSEEKO = @GL_GGL_GNULIB_FSEEKO@
+GL_GGL_GNULIB_FSTAT = @GL_GGL_GNULIB_FSTAT@
+GL_GGL_GNULIB_FSTATAT = @GL_GGL_GNULIB_FSTATAT@
+GL_GGL_GNULIB_FSYNC = @GL_GGL_GNULIB_FSYNC@
+GL_GGL_GNULIB_FTELL = @GL_GGL_GNULIB_FTELL@
+GL_GGL_GNULIB_FTELLO = @GL_GGL_GNULIB_FTELLO@
+GL_GGL_GNULIB_FTRUNCATE = @GL_GGL_GNULIB_FTRUNCATE@
+GL_GGL_GNULIB_FUTIMENS = @GL_GGL_GNULIB_FUTIMENS@
+GL_GGL_GNULIB_FWRITE = @GL_GGL_GNULIB_FWRITE@
+GL_GGL_GNULIB_GETADDRINFO = @GL_GGL_GNULIB_GETADDRINFO@
+GL_GGL_GNULIB_GETC = @GL_GGL_GNULIB_GETC@
+GL_GGL_GNULIB_GETCHAR = @GL_GGL_GNULIB_GETCHAR@
+GL_GGL_GNULIB_GETCWD = @GL_GGL_GNULIB_GETCWD@
+GL_GGL_GNULIB_GETDELIM = @GL_GGL_GNULIB_GETDELIM@
+GL_GGL_GNULIB_GETDOMAINNAME = @GL_GGL_GNULIB_GETDOMAINNAME@
+GL_GGL_GNULIB_GETDTABLESIZE = @GL_GGL_GNULIB_GETDTABLESIZE@
+GL_GGL_GNULIB_GETENTROPY = @GL_GGL_GNULIB_GETENTROPY@
+GL_GGL_GNULIB_GETGROUPS = @GL_GGL_GNULIB_GETGROUPS@
+GL_GGL_GNULIB_GETHOSTNAME = @GL_GGL_GNULIB_GETHOSTNAME@
+GL_GGL_GNULIB_GETLINE = @GL_GGL_GNULIB_GETLINE@
+GL_GGL_GNULIB_GETLOADAVG = @GL_GGL_GNULIB_GETLOADAVG@
+GL_GGL_GNULIB_GETLOGIN = @GL_GGL_GNULIB_GETLOGIN@
+GL_GGL_GNULIB_GETLOGIN_R = @GL_GGL_GNULIB_GETLOGIN_R@
+GL_GGL_GNULIB_GETOPT_POSIX = @GL_GGL_GNULIB_GETOPT_POSIX@
+GL_GGL_GNULIB_GETPAGESIZE = @GL_GGL_GNULIB_GETPAGESIZE@
+GL_GGL_GNULIB_GETPASS = @GL_GGL_GNULIB_GETPASS@
+GL_GGL_GNULIB_GETPEERNAME = @GL_GGL_GNULIB_GETPEERNAME@
+GL_GGL_GNULIB_GETSOCKNAME = @GL_GGL_GNULIB_GETSOCKNAME@
+GL_GGL_GNULIB_GETSOCKOPT = @GL_GGL_GNULIB_GETSOCKOPT@
+GL_GGL_GNULIB_GETSUBOPT = @GL_GGL_GNULIB_GETSUBOPT@
+GL_GGL_GNULIB_GETTIMEOFDAY = @GL_GGL_GNULIB_GETTIMEOFDAY@
+GL_GGL_GNULIB_GETUMASK = @GL_GGL_GNULIB_GETUMASK@
+GL_GGL_GNULIB_GETUSERSHELL = @GL_GGL_GNULIB_GETUSERSHELL@
+GL_GGL_GNULIB_GRANTPT = @GL_GGL_GNULIB_GRANTPT@
+GL_GGL_GNULIB_GROUP_MEMBER = @GL_GGL_GNULIB_GROUP_MEMBER@
+GL_GGL_GNULIB_IMAXABS = @GL_GGL_GNULIB_IMAXABS@
+GL_GGL_GNULIB_IMAXDIV = @GL_GGL_GNULIB_IMAXDIV@
+GL_GGL_GNULIB_INET_NTOP = @GL_GGL_GNULIB_INET_NTOP@
+GL_GGL_GNULIB_INET_PTON = @GL_GGL_GNULIB_INET_PTON@
+GL_GGL_GNULIB_IOCTL = @GL_GGL_GNULIB_IOCTL@
+GL_GGL_GNULIB_ISATTY = @GL_GGL_GNULIB_ISATTY@
+GL_GGL_GNULIB_ISBLANK = @GL_GGL_GNULIB_ISBLANK@
+GL_GGL_GNULIB_LCHMOD = @GL_GGL_GNULIB_LCHMOD@
+GL_GGL_GNULIB_LCHOWN = @GL_GGL_GNULIB_LCHOWN@
+GL_GGL_GNULIB_LINK = @GL_GGL_GNULIB_LINK@
+GL_GGL_GNULIB_LINKAT = @GL_GGL_GNULIB_LINKAT@
+GL_GGL_GNULIB_LISTEN = @GL_GGL_GNULIB_LISTEN@
+GL_GGL_GNULIB_LOCALECONV = @GL_GGL_GNULIB_LOCALECONV@
+GL_GGL_GNULIB_LOCALENAME = @GL_GGL_GNULIB_LOCALENAME@
+GL_GGL_GNULIB_LOCALTIME = @GL_GGL_GNULIB_LOCALTIME@
+GL_GGL_GNULIB_LSEEK = @GL_GGL_GNULIB_LSEEK@
+GL_GGL_GNULIB_LSTAT = @GL_GGL_GNULIB_LSTAT@
+GL_GGL_GNULIB_MALLOC_POSIX = @GL_GGL_GNULIB_MALLOC_POSIX@
+GL_GGL_GNULIB_MBRLEN = @GL_GGL_GNULIB_MBRLEN@
+GL_GGL_GNULIB_MBRTOWC = @GL_GGL_GNULIB_MBRTOWC@
+GL_GGL_GNULIB_MBSCASECMP = @GL_GGL_GNULIB_MBSCASECMP@
+GL_GGL_GNULIB_MBSCASESTR = @GL_GGL_GNULIB_MBSCASESTR@
+GL_GGL_GNULIB_MBSCHR = @GL_GGL_GNULIB_MBSCHR@
+GL_GGL_GNULIB_MBSCSPN = @GL_GGL_GNULIB_MBSCSPN@
+GL_GGL_GNULIB_MBSINIT = @GL_GGL_GNULIB_MBSINIT@
+GL_GGL_GNULIB_MBSLEN = @GL_GGL_GNULIB_MBSLEN@
+GL_GGL_GNULIB_MBSNCASECMP = @GL_GGL_GNULIB_MBSNCASECMP@
+GL_GGL_GNULIB_MBSNLEN = @GL_GGL_GNULIB_MBSNLEN@
+GL_GGL_GNULIB_MBSNRTOWCS = @GL_GGL_GNULIB_MBSNRTOWCS@
+GL_GGL_GNULIB_MBSPBRK = @GL_GGL_GNULIB_MBSPBRK@
+GL_GGL_GNULIB_MBSPCASECMP = @GL_GGL_GNULIB_MBSPCASECMP@
+GL_GGL_GNULIB_MBSRCHR = @GL_GGL_GNULIB_MBSRCHR@
+GL_GGL_GNULIB_MBSRTOWCS = @GL_GGL_GNULIB_MBSRTOWCS@
+GL_GGL_GNULIB_MBSSEP = @GL_GGL_GNULIB_MBSSEP@
+GL_GGL_GNULIB_MBSSPN = @GL_GGL_GNULIB_MBSSPN@
+GL_GGL_GNULIB_MBSSTR = @GL_GGL_GNULIB_MBSSTR@
+GL_GGL_GNULIB_MBSTOK_R = @GL_GGL_GNULIB_MBSTOK_R@
+GL_GGL_GNULIB_MBTOWC = @GL_GGL_GNULIB_MBTOWC@
+GL_GGL_GNULIB_MDA_ACCESS = @GL_GGL_GNULIB_MDA_ACCESS@
+GL_GGL_GNULIB_MDA_CHDIR = @GL_GGL_GNULIB_MDA_CHDIR@
+GL_GGL_GNULIB_MDA_CHMOD = @GL_GGL_GNULIB_MDA_CHMOD@
+GL_GGL_GNULIB_MDA_CLOSE = @GL_GGL_GNULIB_MDA_CLOSE@
+GL_GGL_GNULIB_MDA_CREAT = @GL_GGL_GNULIB_MDA_CREAT@
+GL_GGL_GNULIB_MDA_DUP = @GL_GGL_GNULIB_MDA_DUP@
+GL_GGL_GNULIB_MDA_DUP2 = @GL_GGL_GNULIB_MDA_DUP2@
+GL_GGL_GNULIB_MDA_ECVT = @GL_GGL_GNULIB_MDA_ECVT@
+GL_GGL_GNULIB_MDA_EXECL = @GL_GGL_GNULIB_MDA_EXECL@
+GL_GGL_GNULIB_MDA_EXECLE = @GL_GGL_GNULIB_MDA_EXECLE@
+GL_GGL_GNULIB_MDA_EXECLP = @GL_GGL_GNULIB_MDA_EXECLP@
+GL_GGL_GNULIB_MDA_EXECV = @GL_GGL_GNULIB_MDA_EXECV@
+GL_GGL_GNULIB_MDA_EXECVE = @GL_GGL_GNULIB_MDA_EXECVE@
+GL_GGL_GNULIB_MDA_EXECVP = @GL_GGL_GNULIB_MDA_EXECVP@
+GL_GGL_GNULIB_MDA_EXECVPE = @GL_GGL_GNULIB_MDA_EXECVPE@
+GL_GGL_GNULIB_MDA_FCLOSEALL = @GL_GGL_GNULIB_MDA_FCLOSEALL@
+GL_GGL_GNULIB_MDA_FCVT = @GL_GGL_GNULIB_MDA_FCVT@
+GL_GGL_GNULIB_MDA_FDOPEN = @GL_GGL_GNULIB_MDA_FDOPEN@
+GL_GGL_GNULIB_MDA_FILENO = @GL_GGL_GNULIB_MDA_FILENO@
+GL_GGL_GNULIB_MDA_GCVT = @GL_GGL_GNULIB_MDA_GCVT@
+GL_GGL_GNULIB_MDA_GETCWD = @GL_GGL_GNULIB_MDA_GETCWD@
+GL_GGL_GNULIB_MDA_GETPID = @GL_GGL_GNULIB_MDA_GETPID@
+GL_GGL_GNULIB_MDA_GETW = @GL_GGL_GNULIB_MDA_GETW@
+GL_GGL_GNULIB_MDA_ISATTY = @GL_GGL_GNULIB_MDA_ISATTY@
+GL_GGL_GNULIB_MDA_LSEEK = @GL_GGL_GNULIB_MDA_LSEEK@
+GL_GGL_GNULIB_MDA_MEMCCPY = @GL_GGL_GNULIB_MDA_MEMCCPY@
+GL_GGL_GNULIB_MDA_MKDIR = @GL_GGL_GNULIB_MDA_MKDIR@
+GL_GGL_GNULIB_MDA_MKTEMP = @GL_GGL_GNULIB_MDA_MKTEMP@
+GL_GGL_GNULIB_MDA_OPEN = @GL_GGL_GNULIB_MDA_OPEN@
+GL_GGL_GNULIB_MDA_PUTENV = @GL_GGL_GNULIB_MDA_PUTENV@
+GL_GGL_GNULIB_MDA_PUTW = @GL_GGL_GNULIB_MDA_PUTW@
+GL_GGL_GNULIB_MDA_READ = @GL_GGL_GNULIB_MDA_READ@
+GL_GGL_GNULIB_MDA_RMDIR = @GL_GGL_GNULIB_MDA_RMDIR@
+GL_GGL_GNULIB_MDA_STRDUP = @GL_GGL_GNULIB_MDA_STRDUP@
+GL_GGL_GNULIB_MDA_SWAB = @GL_GGL_GNULIB_MDA_SWAB@
+GL_GGL_GNULIB_MDA_TEMPNAM = @GL_GGL_GNULIB_MDA_TEMPNAM@
+GL_GGL_GNULIB_MDA_TZSET = @GL_GGL_GNULIB_MDA_TZSET@
+GL_GGL_GNULIB_MDA_UMASK = @GL_GGL_GNULIB_MDA_UMASK@
+GL_GGL_GNULIB_MDA_UNLINK = @GL_GGL_GNULIB_MDA_UNLINK@
+GL_GGL_GNULIB_MDA_WCSDUP = @GL_GGL_GNULIB_MDA_WCSDUP@
+GL_GGL_GNULIB_MDA_WRITE = @GL_GGL_GNULIB_MDA_WRITE@
+GL_GGL_GNULIB_MEMCHR = @GL_GGL_GNULIB_MEMCHR@
+GL_GGL_GNULIB_MEMMEM = @GL_GGL_GNULIB_MEMMEM@
+GL_GGL_GNULIB_MEMPCPY = @GL_GGL_GNULIB_MEMPCPY@
+GL_GGL_GNULIB_MEMRCHR = @GL_GGL_GNULIB_MEMRCHR@
+GL_GGL_GNULIB_MKDIR = @GL_GGL_GNULIB_MKDIR@
+GL_GGL_GNULIB_MKDIRAT = @GL_GGL_GNULIB_MKDIRAT@
+GL_GGL_GNULIB_MKDTEMP = @GL_GGL_GNULIB_MKDTEMP@
+GL_GGL_GNULIB_MKFIFO = @GL_GGL_GNULIB_MKFIFO@
+GL_GGL_GNULIB_MKFIFOAT = @GL_GGL_GNULIB_MKFIFOAT@
+GL_GGL_GNULIB_MKNOD = @GL_GGL_GNULIB_MKNOD@
+GL_GGL_GNULIB_MKNODAT = @GL_GGL_GNULIB_MKNODAT@
+GL_GGL_GNULIB_MKOSTEMP = @GL_GGL_GNULIB_MKOSTEMP@
+GL_GGL_GNULIB_MKOSTEMPS = @GL_GGL_GNULIB_MKOSTEMPS@
+GL_GGL_GNULIB_MKSTEMP = @GL_GGL_GNULIB_MKSTEMP@
+GL_GGL_GNULIB_MKSTEMPS = @GL_GGL_GNULIB_MKSTEMPS@
+GL_GGL_GNULIB_MKTIME = @GL_GGL_GNULIB_MKTIME@
+GL_GGL_GNULIB_NANOSLEEP = @GL_GGL_GNULIB_NANOSLEEP@
+GL_GGL_GNULIB_NL_LANGINFO = @GL_GGL_GNULIB_NL_LANGINFO@
+GL_GGL_GNULIB_NONBLOCKING = @GL_GGL_GNULIB_NONBLOCKING@
+GL_GGL_GNULIB_OBSTACK_PRINTF = @GL_GGL_GNULIB_OBSTACK_PRINTF@
+GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GGL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GGL_GNULIB_OPEN = @GL_GGL_GNULIB_OPEN@
+GL_GGL_GNULIB_OPENAT = @GL_GGL_GNULIB_OPENAT@
+GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GGL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GGL_GNULIB_PCLOSE = @GL_GGL_GNULIB_PCLOSE@
+GL_GGL_GNULIB_PERROR = @GL_GGL_GNULIB_PERROR@
+GL_GGL_GNULIB_PIPE = @GL_GGL_GNULIB_PIPE@
+GL_GGL_GNULIB_PIPE2 = @GL_GGL_GNULIB_PIPE2@
+GL_GGL_GNULIB_POPEN = @GL_GGL_GNULIB_POPEN@
+GL_GGL_GNULIB_POSIX_MEMALIGN = @GL_GGL_GNULIB_POSIX_MEMALIGN@
+GL_GGL_GNULIB_POSIX_OPENPT = @GL_GGL_GNULIB_POSIX_OPENPT@
+GL_GGL_GNULIB_PREAD = @GL_GGL_GNULIB_PREAD@
+GL_GGL_GNULIB_PRINTF = @GL_GGL_GNULIB_PRINTF@
+GL_GGL_GNULIB_PRINTF_POSIX = @GL_GGL_GNULIB_PRINTF_POSIX@
+GL_GGL_GNULIB_PSELECT = @GL_GGL_GNULIB_PSELECT@
+GL_GGL_GNULIB_PTHREAD_COND = @GL_GGL_GNULIB_PTHREAD_COND@
+GL_GGL_GNULIB_PTHREAD_MUTEX = @GL_GGL_GNULIB_PTHREAD_MUTEX@
+GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GL_GGL_GNULIB_PTHREAD_MUTEX_TIMEDLOCK@
+GL_GGL_GNULIB_PTHREAD_ONCE = @GL_GGL_GNULIB_PTHREAD_ONCE@
+GL_GGL_GNULIB_PTHREAD_RWLOCK = @GL_GGL_GNULIB_PTHREAD_RWLOCK@
+GL_GGL_GNULIB_PTHREAD_SIGMASK = @GL_GGL_GNULIB_PTHREAD_SIGMASK@
+GL_GGL_GNULIB_PTHREAD_SPIN = @GL_GGL_GNULIB_PTHREAD_SPIN@
+GL_GGL_GNULIB_PTHREAD_THREAD = @GL_GGL_GNULIB_PTHREAD_THREAD@
+GL_GGL_GNULIB_PTHREAD_TSS = @GL_GGL_GNULIB_PTHREAD_TSS@
+GL_GGL_GNULIB_PTSNAME = @GL_GGL_GNULIB_PTSNAME@
+GL_GGL_GNULIB_PTSNAME_R = @GL_GGL_GNULIB_PTSNAME_R@
+GL_GGL_GNULIB_PUTC = @GL_GGL_GNULIB_PUTC@
+GL_GGL_GNULIB_PUTCHAR = @GL_GGL_GNULIB_PUTCHAR@
+GL_GGL_GNULIB_PUTENV = @GL_GGL_GNULIB_PUTENV@
+GL_GGL_GNULIB_PUTS = @GL_GGL_GNULIB_PUTS@
+GL_GGL_GNULIB_PWRITE = @GL_GGL_GNULIB_PWRITE@
+GL_GGL_GNULIB_QSORT_R = @GL_GGL_GNULIB_QSORT_R@
+GL_GGL_GNULIB_RAISE = @GL_GGL_GNULIB_RAISE@
+GL_GGL_GNULIB_RANDOM = @GL_GGL_GNULIB_RANDOM@
+GL_GGL_GNULIB_RANDOM_R = @GL_GGL_GNULIB_RANDOM_R@
+GL_GGL_GNULIB_RAWMEMCHR = @GL_GGL_GNULIB_RAWMEMCHR@
+GL_GGL_GNULIB_READ = @GL_GGL_GNULIB_READ@
+GL_GGL_GNULIB_READLINK = @GL_GGL_GNULIB_READLINK@
+GL_GGL_GNULIB_READLINKAT = @GL_GGL_GNULIB_READLINKAT@
+GL_GGL_GNULIB_REALLOCARRAY = @GL_GGL_GNULIB_REALLOCARRAY@
+GL_GGL_GNULIB_REALLOC_POSIX = @GL_GGL_GNULIB_REALLOC_POSIX@
+GL_GGL_GNULIB_REALPATH = @GL_GGL_GNULIB_REALPATH@
+GL_GGL_GNULIB_RECV = @GL_GGL_GNULIB_RECV@
+GL_GGL_GNULIB_RECVFROM = @GL_GGL_GNULIB_RECVFROM@
+GL_GGL_GNULIB_REMOVE = @GL_GGL_GNULIB_REMOVE@
+GL_GGL_GNULIB_RENAME = @GL_GGL_GNULIB_RENAME@
+GL_GGL_GNULIB_RENAMEAT = @GL_GGL_GNULIB_RENAMEAT@
+GL_GGL_GNULIB_RMDIR = @GL_GGL_GNULIB_RMDIR@
+GL_GGL_GNULIB_RPMATCH = @GL_GGL_GNULIB_RPMATCH@
+GL_GGL_GNULIB_SCANF = @GL_GGL_GNULIB_SCANF@
+GL_GGL_GNULIB_SCHED_YIELD = @GL_GGL_GNULIB_SCHED_YIELD@
+GL_GGL_GNULIB_SECURE_GETENV = @GL_GGL_GNULIB_SECURE_GETENV@
+GL_GGL_GNULIB_SELECT = @GL_GGL_GNULIB_SELECT@
+GL_GGL_GNULIB_SEND = @GL_GGL_GNULIB_SEND@
+GL_GGL_GNULIB_SENDTO = @GL_GGL_GNULIB_SENDTO@
+GL_GGL_GNULIB_SETENV = @GL_GGL_GNULIB_SETENV@
+GL_GGL_GNULIB_SETHOSTNAME = @GL_GGL_GNULIB_SETHOSTNAME@
+GL_GGL_GNULIB_SETLOCALE = @GL_GGL_GNULIB_SETLOCALE@
+GL_GGL_GNULIB_SETLOCALE_NULL = @GL_GGL_GNULIB_SETLOCALE_NULL@
+GL_GGL_GNULIB_SETSOCKOPT = @GL_GGL_GNULIB_SETSOCKOPT@
+GL_GGL_GNULIB_SHUTDOWN = @GL_GGL_GNULIB_SHUTDOWN@
+GL_GGL_GNULIB_SIGABBREV_NP = @GL_GGL_GNULIB_SIGABBREV_NP@
+GL_GGL_GNULIB_SIGACTION = @GL_GGL_GNULIB_SIGACTION@
+GL_GGL_GNULIB_SIGDESCR_NP = @GL_GGL_GNULIB_SIGDESCR_NP@
+GL_GGL_GNULIB_SIGNAL_H_SIGPIPE = @GL_GGL_GNULIB_SIGNAL_H_SIGPIPE@
+GL_GGL_GNULIB_SIGPROCMASK = @GL_GGL_GNULIB_SIGPROCMASK@
+GL_GGL_GNULIB_SLEEP = @GL_GGL_GNULIB_SLEEP@
+GL_GGL_GNULIB_SNPRINTF = @GL_GGL_GNULIB_SNPRINTF@
+GL_GGL_GNULIB_SOCKET = @GL_GGL_GNULIB_SOCKET@
+GL_GGL_GNULIB_SPRINTF_POSIX = @GL_GGL_GNULIB_SPRINTF_POSIX@
+GL_GGL_GNULIB_STAT = @GL_GGL_GNULIB_STAT@
+GL_GGL_GNULIB_STDIO_H_NONBLOCKING = @GL_GGL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GGL_GNULIB_STDIO_H_SIGPIPE = @GL_GGL_GNULIB_STDIO_H_SIGPIPE@
+GL_GGL_GNULIB_STPCPY = @GL_GGL_GNULIB_STPCPY@
+GL_GGL_GNULIB_STPNCPY = @GL_GGL_GNULIB_STPNCPY@
+GL_GGL_GNULIB_STRCASESTR = @GL_GGL_GNULIB_STRCASESTR@
+GL_GGL_GNULIB_STRCHRNUL = @GL_GGL_GNULIB_STRCHRNUL@
+GL_GGL_GNULIB_STRDUP = @GL_GGL_GNULIB_STRDUP@
+GL_GGL_GNULIB_STRERROR = @GL_GGL_GNULIB_STRERROR@
+GL_GGL_GNULIB_STRERRORNAME_NP = @GL_GGL_GNULIB_STRERRORNAME_NP@
+GL_GGL_GNULIB_STRERROR_R = @GL_GGL_GNULIB_STRERROR_R@
+GL_GGL_GNULIB_STRFTIME = @GL_GGL_GNULIB_STRFTIME@
+GL_GGL_GNULIB_STRNCAT = @GL_GGL_GNULIB_STRNCAT@
+GL_GGL_GNULIB_STRNDUP = @GL_GGL_GNULIB_STRNDUP@
+GL_GGL_GNULIB_STRNLEN = @GL_GGL_GNULIB_STRNLEN@
+GL_GGL_GNULIB_STRPBRK = @GL_GGL_GNULIB_STRPBRK@
+GL_GGL_GNULIB_STRPTIME = @GL_GGL_GNULIB_STRPTIME@
+GL_GGL_GNULIB_STRSEP = @GL_GGL_GNULIB_STRSEP@
+GL_GGL_GNULIB_STRSIGNAL = @GL_GGL_GNULIB_STRSIGNAL@
+GL_GGL_GNULIB_STRSTR = @GL_GGL_GNULIB_STRSTR@
+GL_GGL_GNULIB_STRTOD = @GL_GGL_GNULIB_STRTOD@
+GL_GGL_GNULIB_STRTOIMAX = @GL_GGL_GNULIB_STRTOIMAX@
+GL_GGL_GNULIB_STRTOK_R = @GL_GGL_GNULIB_STRTOK_R@
+GL_GGL_GNULIB_STRTOL = @GL_GGL_GNULIB_STRTOL@
+GL_GGL_GNULIB_STRTOLD = @GL_GGL_GNULIB_STRTOLD@
+GL_GGL_GNULIB_STRTOLL = @GL_GGL_GNULIB_STRTOLL@
+GL_GGL_GNULIB_STRTOUL = @GL_GGL_GNULIB_STRTOUL@
+GL_GGL_GNULIB_STRTOULL = @GL_GGL_GNULIB_STRTOULL@
+GL_GGL_GNULIB_STRTOUMAX = @GL_GGL_GNULIB_STRTOUMAX@
+GL_GGL_GNULIB_STRVERSCMP = @GL_GGL_GNULIB_STRVERSCMP@
+GL_GGL_GNULIB_SYMLINK = @GL_GGL_GNULIB_SYMLINK@
+GL_GGL_GNULIB_SYMLINKAT = @GL_GGL_GNULIB_SYMLINKAT@
+GL_GGL_GNULIB_SYSTEM_POSIX = @GL_GGL_GNULIB_SYSTEM_POSIX@
+GL_GGL_GNULIB_TIMEGM = @GL_GGL_GNULIB_TIMEGM@
+GL_GGL_GNULIB_TIMESPEC_GET = @GL_GGL_GNULIB_TIMESPEC_GET@
+GL_GGL_GNULIB_TIME_R = @GL_GGL_GNULIB_TIME_R@
+GL_GGL_GNULIB_TIME_RZ = @GL_GGL_GNULIB_TIME_RZ@
+GL_GGL_GNULIB_TMPFILE = @GL_GGL_GNULIB_TMPFILE@
+GL_GGL_GNULIB_TRUNCATE = @GL_GGL_GNULIB_TRUNCATE@
+GL_GGL_GNULIB_TTYNAME_R = @GL_GGL_GNULIB_TTYNAME_R@
+GL_GGL_GNULIB_TZSET = @GL_GGL_GNULIB_TZSET@
+GL_GGL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GGL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GGL_GNULIB_UNISTD_H_SIGPIPE = @GL_GGL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GGL_GNULIB_UNLINK = @GL_GGL_GNULIB_UNLINK@
+GL_GGL_GNULIB_UNLINKAT = @GL_GGL_GNULIB_UNLINKAT@
+GL_GGL_GNULIB_UNLOCKPT = @GL_GGL_GNULIB_UNLOCKPT@
+GL_GGL_GNULIB_UNSETENV = @GL_GGL_GNULIB_UNSETENV@
+GL_GGL_GNULIB_USLEEP = @GL_GGL_GNULIB_USLEEP@
+GL_GGL_GNULIB_UTIMENSAT = @GL_GGL_GNULIB_UTIMENSAT@
+GL_GGL_GNULIB_VASPRINTF = @GL_GGL_GNULIB_VASPRINTF@
+GL_GGL_GNULIB_VDPRINTF = @GL_GGL_GNULIB_VDPRINTF@
+GL_GGL_GNULIB_VFPRINTF = @GL_GGL_GNULIB_VFPRINTF@
+GL_GGL_GNULIB_VFPRINTF_POSIX = @GL_GGL_GNULIB_VFPRINTF_POSIX@
+GL_GGL_GNULIB_VFSCANF = @GL_GGL_GNULIB_VFSCANF@
+GL_GGL_GNULIB_VPRINTF = @GL_GGL_GNULIB_VPRINTF@
+GL_GGL_GNULIB_VPRINTF_POSIX = @GL_GGL_GNULIB_VPRINTF_POSIX@
+GL_GGL_GNULIB_VSCANF = @GL_GGL_GNULIB_VSCANF@
+GL_GGL_GNULIB_VSNPRINTF = @GL_GGL_GNULIB_VSNPRINTF@
+GL_GGL_GNULIB_VSPRINTF_POSIX = @GL_GGL_GNULIB_VSPRINTF_POSIX@
+GL_GGL_GNULIB_WCPCPY = @GL_GGL_GNULIB_WCPCPY@
+GL_GGL_GNULIB_WCPNCPY = @GL_GGL_GNULIB_WCPNCPY@
+GL_GGL_GNULIB_WCRTOMB = @GL_GGL_GNULIB_WCRTOMB@
+GL_GGL_GNULIB_WCSCASECMP = @GL_GGL_GNULIB_WCSCASECMP@
+GL_GGL_GNULIB_WCSCAT = @GL_GGL_GNULIB_WCSCAT@
+GL_GGL_GNULIB_WCSCHR = @GL_GGL_GNULIB_WCSCHR@
+GL_GGL_GNULIB_WCSCMP = @GL_GGL_GNULIB_WCSCMP@
+GL_GGL_GNULIB_WCSCOLL = @GL_GGL_GNULIB_WCSCOLL@
+GL_GGL_GNULIB_WCSCPY = @GL_GGL_GNULIB_WCSCPY@
+GL_GGL_GNULIB_WCSCSPN = @GL_GGL_GNULIB_WCSCSPN@
+GL_GGL_GNULIB_WCSDUP = @GL_GGL_GNULIB_WCSDUP@
+GL_GGL_GNULIB_WCSFTIME = @GL_GGL_GNULIB_WCSFTIME@
+GL_GGL_GNULIB_WCSLEN = @GL_GGL_GNULIB_WCSLEN@
+GL_GGL_GNULIB_WCSNCASECMP = @GL_GGL_GNULIB_WCSNCASECMP@
+GL_GGL_GNULIB_WCSNCAT = @GL_GGL_GNULIB_WCSNCAT@
+GL_GGL_GNULIB_WCSNCMP = @GL_GGL_GNULIB_WCSNCMP@
+GL_GGL_GNULIB_WCSNCPY = @GL_GGL_GNULIB_WCSNCPY@
+GL_GGL_GNULIB_WCSNLEN = @GL_GGL_GNULIB_WCSNLEN@
+GL_GGL_GNULIB_WCSNRTOMBS = @GL_GGL_GNULIB_WCSNRTOMBS@
+GL_GGL_GNULIB_WCSPBRK = @GL_GGL_GNULIB_WCSPBRK@
+GL_GGL_GNULIB_WCSRCHR = @GL_GGL_GNULIB_WCSRCHR@
+GL_GGL_GNULIB_WCSRTOMBS = @GL_GGL_GNULIB_WCSRTOMBS@
+GL_GGL_GNULIB_WCSSPN = @GL_GGL_GNULIB_WCSSPN@
+GL_GGL_GNULIB_WCSSTR = @GL_GGL_GNULIB_WCSSTR@
+GL_GGL_GNULIB_WCSTOK = @GL_GGL_GNULIB_WCSTOK@
+GL_GGL_GNULIB_WCSWIDTH = @GL_GGL_GNULIB_WCSWIDTH@
+GL_GGL_GNULIB_WCSXFRM = @GL_GGL_GNULIB_WCSXFRM@
+GL_GGL_GNULIB_WCTOB = @GL_GGL_GNULIB_WCTOB@
+GL_GGL_GNULIB_WCTOMB = @GL_GGL_GNULIB_WCTOMB@
+GL_GGL_GNULIB_WCWIDTH = @GL_GGL_GNULIB_WCWIDTH@
+GL_GGL_GNULIB_WMEMCHR = @GL_GGL_GNULIB_WMEMCHR@
+GL_GGL_GNULIB_WMEMCMP = @GL_GGL_GNULIB_WMEMCMP@
+GL_GGL_GNULIB_WMEMCPY = @GL_GGL_GNULIB_WMEMCPY@
+GL_GGL_GNULIB_WMEMMOVE = @GL_GGL_GNULIB_WMEMMOVE@
+GL_GGL_GNULIB_WMEMPCPY = @GL_GGL_GNULIB_WMEMPCPY@
+GL_GGL_GNULIB_WMEMSET = @GL_GGL_GNULIB_WMEMSET@
+GL_GGL_GNULIB_WRITE = @GL_GGL_GNULIB_WRITE@
+GL_GGL_GNULIB__EXIT = @GL_GGL_GNULIB__EXIT@
+GL_GNULIB_ACCEPT = @GL_GNULIB_ACCEPT@
+GL_GNULIB_ACCEPT4 = @GL_GNULIB_ACCEPT4@
+GL_GNULIB_ACCESS = @GL_GNULIB_ACCESS@
+GL_GNULIB_ALIGNED_ALLOC = @GL_GNULIB_ALIGNED_ALLOC@
+GL_GNULIB_ATOLL = @GL_GNULIB_ATOLL@
+GL_GNULIB_BIND = @GL_GNULIB_BIND@
+GL_GNULIB_BTOWC = @GL_GNULIB_BTOWC@
+GL_GNULIB_CALLOC_POSIX = @GL_GNULIB_CALLOC_POSIX@
+GL_GNULIB_CANONICALIZE_FILE_NAME = @GL_GNULIB_CANONICALIZE_FILE_NAME@
+GL_GNULIB_CHDIR = @GL_GNULIB_CHDIR@
+GL_GNULIB_CHOWN = @GL_GNULIB_CHOWN@
+GL_GNULIB_CLOSE = @GL_GNULIB_CLOSE@
+GL_GNULIB_CONNECT = @GL_GNULIB_CONNECT@
+GL_GNULIB_COPY_FILE_RANGE = @GL_GNULIB_COPY_FILE_RANGE@
+GL_GNULIB_CREAT = @GL_GNULIB_CREAT@
+GL_GNULIB_CTIME = @GL_GNULIB_CTIME@
+GL_GNULIB_DPRINTF = @GL_GNULIB_DPRINTF@
+GL_GNULIB_DUP = @GL_GNULIB_DUP@
+GL_GNULIB_DUP2 = @GL_GNULIB_DUP2@
+GL_GNULIB_DUP3 = @GL_GNULIB_DUP3@
+GL_GNULIB_ENVIRON = @GL_GNULIB_ENVIRON@
+GL_GNULIB_EUIDACCESS = @GL_GNULIB_EUIDACCESS@
+GL_GNULIB_EXECL = @GL_GNULIB_EXECL@
+GL_GNULIB_EXECLE = @GL_GNULIB_EXECLE@
+GL_GNULIB_EXECLP = @GL_GNULIB_EXECLP@
+GL_GNULIB_EXECV = @GL_GNULIB_EXECV@
+GL_GNULIB_EXECVE = @GL_GNULIB_EXECVE@
+GL_GNULIB_EXECVP = @GL_GNULIB_EXECVP@
+GL_GNULIB_EXECVPE = @GL_GNULIB_EXECVPE@
+GL_GNULIB_EXPLICIT_BZERO = @GL_GNULIB_EXPLICIT_BZERO@
+GL_GNULIB_FACCESSAT = @GL_GNULIB_FACCESSAT@
+GL_GNULIB_FCHDIR = @GL_GNULIB_FCHDIR@
+GL_GNULIB_FCHMODAT = @GL_GNULIB_FCHMODAT@
+GL_GNULIB_FCHOWNAT = @GL_GNULIB_FCHOWNAT@
+GL_GNULIB_FCLOSE = @GL_GNULIB_FCLOSE@
+GL_GNULIB_FCNTL = @GL_GNULIB_FCNTL@
+GL_GNULIB_FDATASYNC = @GL_GNULIB_FDATASYNC@
+GL_GNULIB_FDOPEN = @GL_GNULIB_FDOPEN@
+GL_GNULIB_FFLUSH = @GL_GNULIB_FFLUSH@
+GL_GNULIB_FFS = @GL_GNULIB_FFS@
+GL_GNULIB_FFSL = @GL_GNULIB_FFSL@
+GL_GNULIB_FFSLL = @GL_GNULIB_FFSLL@
+GL_GNULIB_FGETC = @GL_GNULIB_FGETC@
+GL_GNULIB_FGETS = @GL_GNULIB_FGETS@
+GL_GNULIB_FOPEN = @GL_GNULIB_FOPEN@
+GL_GNULIB_FPRINTF = @GL_GNULIB_FPRINTF@
+GL_GNULIB_FPRINTF_POSIX = @GL_GNULIB_FPRINTF_POSIX@
+GL_GNULIB_FPURGE = @GL_GNULIB_FPURGE@
+GL_GNULIB_FPUTC = @GL_GNULIB_FPUTC@
+GL_GNULIB_FPUTS = @GL_GNULIB_FPUTS@
+GL_GNULIB_FREAD = @GL_GNULIB_FREAD@
+GL_GNULIB_FREE_POSIX = @GL_GNULIB_FREE_POSIX@
+GL_GNULIB_FREOPEN = @GL_GNULIB_FREOPEN@
+GL_GNULIB_FSCANF = @GL_GNULIB_FSCANF@
+GL_GNULIB_FSEEK = @GL_GNULIB_FSEEK@
+GL_GNULIB_FSEEKO = @GL_GNULIB_FSEEKO@
+GL_GNULIB_FSTAT = @GL_GNULIB_FSTAT@
+GL_GNULIB_FSTATAT = @GL_GNULIB_FSTATAT@
+GL_GNULIB_FSYNC = @GL_GNULIB_FSYNC@
+GL_GNULIB_FTELL = @GL_GNULIB_FTELL@
+GL_GNULIB_FTELLO = @GL_GNULIB_FTELLO@
+GL_GNULIB_FTRUNCATE = @GL_GNULIB_FTRUNCATE@
+GL_GNULIB_FUTIMENS = @GL_GNULIB_FUTIMENS@
+GL_GNULIB_FWRITE = @GL_GNULIB_FWRITE@
+GL_GNULIB_GETADDRINFO = @GL_GNULIB_GETADDRINFO@
+GL_GNULIB_GETC = @GL_GNULIB_GETC@
+GL_GNULIB_GETCHAR = @GL_GNULIB_GETCHAR@
+GL_GNULIB_GETCWD = @GL_GNULIB_GETCWD@
+GL_GNULIB_GETDELIM = @GL_GNULIB_GETDELIM@
+GL_GNULIB_GETDOMAINNAME = @GL_GNULIB_GETDOMAINNAME@
+GL_GNULIB_GETDTABLESIZE = @GL_GNULIB_GETDTABLESIZE@
+GL_GNULIB_GETENTROPY = @GL_GNULIB_GETENTROPY@
+GL_GNULIB_GETGROUPS = @GL_GNULIB_GETGROUPS@
+GL_GNULIB_GETHOSTNAME = @GL_GNULIB_GETHOSTNAME@
+GL_GNULIB_GETLINE = @GL_GNULIB_GETLINE@
+GL_GNULIB_GETLOADAVG = @GL_GNULIB_GETLOADAVG@
+GL_GNULIB_GETLOGIN = @GL_GNULIB_GETLOGIN@
+GL_GNULIB_GETLOGIN_R = @GL_GNULIB_GETLOGIN_R@
+GL_GNULIB_GETOPT_POSIX = @GL_GNULIB_GETOPT_POSIX@
+GL_GNULIB_GETPAGESIZE = @GL_GNULIB_GETPAGESIZE@
+GL_GNULIB_GETPASS = @GL_GNULIB_GETPASS@
+GL_GNULIB_GETPEERNAME = @GL_GNULIB_GETPEERNAME@
+GL_GNULIB_GETSOCKNAME = @GL_GNULIB_GETSOCKNAME@
+GL_GNULIB_GETSOCKOPT = @GL_GNULIB_GETSOCKOPT@
+GL_GNULIB_GETSUBOPT = @GL_GNULIB_GETSUBOPT@
+GL_GNULIB_GETTIMEOFDAY = @GL_GNULIB_GETTIMEOFDAY@
+GL_GNULIB_GETUMASK = @GL_GNULIB_GETUMASK@
+GL_GNULIB_GETUSERSHELL = @GL_GNULIB_GETUSERSHELL@
+GL_GNULIB_GRANTPT = @GL_GNULIB_GRANTPT@
+GL_GNULIB_GROUP_MEMBER = @GL_GNULIB_GROUP_MEMBER@
+GL_GNULIB_IMAXABS = @GL_GNULIB_IMAXABS@
+GL_GNULIB_IMAXDIV = @GL_GNULIB_IMAXDIV@
+GL_GNULIB_INET_NTOP = @GL_GNULIB_INET_NTOP@
+GL_GNULIB_INET_PTON = @GL_GNULIB_INET_PTON@
+GL_GNULIB_ISATTY = @GL_GNULIB_ISATTY@
+GL_GNULIB_LCHMOD = @GL_GNULIB_LCHMOD@
+GL_GNULIB_LCHOWN = @GL_GNULIB_LCHOWN@
+GL_GNULIB_LINK = @GL_GNULIB_LINK@
+GL_GNULIB_LINKAT = @GL_GNULIB_LINKAT@
+GL_GNULIB_LISTEN = @GL_GNULIB_LISTEN@
+GL_GNULIB_LOCALTIME = @GL_GNULIB_LOCALTIME@
+GL_GNULIB_LSEEK = @GL_GNULIB_LSEEK@
+GL_GNULIB_LSTAT = @GL_GNULIB_LSTAT@
+GL_GNULIB_MALLOC_POSIX = @GL_GNULIB_MALLOC_POSIX@
+GL_GNULIB_MBRLEN = @GL_GNULIB_MBRLEN@
+GL_GNULIB_MBRTOWC = @GL_GNULIB_MBRTOWC@
+GL_GNULIB_MBSCASECMP = @GL_GNULIB_MBSCASECMP@
+GL_GNULIB_MBSCASESTR = @GL_GNULIB_MBSCASESTR@
+GL_GNULIB_MBSCHR = @GL_GNULIB_MBSCHR@
+GL_GNULIB_MBSCSPN = @GL_GNULIB_MBSCSPN@
+GL_GNULIB_MBSINIT = @GL_GNULIB_MBSINIT@
+GL_GNULIB_MBSLEN = @GL_GNULIB_MBSLEN@
+GL_GNULIB_MBSNCASECMP = @GL_GNULIB_MBSNCASECMP@
+GL_GNULIB_MBSNLEN = @GL_GNULIB_MBSNLEN@
+GL_GNULIB_MBSNRTOWCS = @GL_GNULIB_MBSNRTOWCS@
+GL_GNULIB_MBSPBRK = @GL_GNULIB_MBSPBRK@
+GL_GNULIB_MBSPCASECMP = @GL_GNULIB_MBSPCASECMP@
+GL_GNULIB_MBSRCHR = @GL_GNULIB_MBSRCHR@
+GL_GNULIB_MBSRTOWCS = @GL_GNULIB_MBSRTOWCS@
+GL_GNULIB_MBSSEP = @GL_GNULIB_MBSSEP@
+GL_GNULIB_MBSSPN = @GL_GNULIB_MBSSPN@
+GL_GNULIB_MBSSTR = @GL_GNULIB_MBSSTR@
+GL_GNULIB_MBSTOK_R = @GL_GNULIB_MBSTOK_R@
+GL_GNULIB_MBTOWC = @GL_GNULIB_MBTOWC@
+GL_GNULIB_MDA_ACCESS = @GL_GNULIB_MDA_ACCESS@
+GL_GNULIB_MDA_CHDIR = @GL_GNULIB_MDA_CHDIR@
+GL_GNULIB_MDA_CHMOD = @GL_GNULIB_MDA_CHMOD@
+GL_GNULIB_MDA_CLOSE = @GL_GNULIB_MDA_CLOSE@
+GL_GNULIB_MDA_CREAT = @GL_GNULIB_MDA_CREAT@
+GL_GNULIB_MDA_DUP = @GL_GNULIB_MDA_DUP@
+GL_GNULIB_MDA_DUP2 = @GL_GNULIB_MDA_DUP2@
+GL_GNULIB_MDA_ECVT = @GL_GNULIB_MDA_ECVT@
+GL_GNULIB_MDA_EXECL = @GL_GNULIB_MDA_EXECL@
+GL_GNULIB_MDA_EXECLE = @GL_GNULIB_MDA_EXECLE@
+GL_GNULIB_MDA_EXECLP = @GL_GNULIB_MDA_EXECLP@
+GL_GNULIB_MDA_EXECV = @GL_GNULIB_MDA_EXECV@
+GL_GNULIB_MDA_EXECVE = @GL_GNULIB_MDA_EXECVE@
+GL_GNULIB_MDA_EXECVP = @GL_GNULIB_MDA_EXECVP@
+GL_GNULIB_MDA_EXECVPE = @GL_GNULIB_MDA_EXECVPE@
+GL_GNULIB_MDA_FCLOSEALL = @GL_GNULIB_MDA_FCLOSEALL@
+GL_GNULIB_MDA_FCVT = @GL_GNULIB_MDA_FCVT@
+GL_GNULIB_MDA_FDOPEN = @GL_GNULIB_MDA_FDOPEN@
+GL_GNULIB_MDA_FILENO = @GL_GNULIB_MDA_FILENO@
+GL_GNULIB_MDA_GCVT = @GL_GNULIB_MDA_GCVT@
+GL_GNULIB_MDA_GETCWD = @GL_GNULIB_MDA_GETCWD@
+GL_GNULIB_MDA_GETPID = @GL_GNULIB_MDA_GETPID@
+GL_GNULIB_MDA_GETW = @GL_GNULIB_MDA_GETW@
+GL_GNULIB_MDA_ISATTY = @GL_GNULIB_MDA_ISATTY@
+GL_GNULIB_MDA_LSEEK = @GL_GNULIB_MDA_LSEEK@
+GL_GNULIB_MDA_MEMCCPY = @GL_GNULIB_MDA_MEMCCPY@
+GL_GNULIB_MDA_MKDIR = @GL_GNULIB_MDA_MKDIR@
+GL_GNULIB_MDA_MKTEMP = @GL_GNULIB_MDA_MKTEMP@
+GL_GNULIB_MDA_OPEN = @GL_GNULIB_MDA_OPEN@
+GL_GNULIB_MDA_PUTENV = @GL_GNULIB_MDA_PUTENV@
+GL_GNULIB_MDA_PUTW = @GL_GNULIB_MDA_PUTW@
+GL_GNULIB_MDA_READ = @GL_GNULIB_MDA_READ@
+GL_GNULIB_MDA_RMDIR = @GL_GNULIB_MDA_RMDIR@
+GL_GNULIB_MDA_STRDUP = @GL_GNULIB_MDA_STRDUP@
+GL_GNULIB_MDA_SWAB = @GL_GNULIB_MDA_SWAB@
+GL_GNULIB_MDA_TEMPNAM = @GL_GNULIB_MDA_TEMPNAM@
+GL_GNULIB_MDA_TZSET = @GL_GNULIB_MDA_TZSET@
+GL_GNULIB_MDA_UMASK = @GL_GNULIB_MDA_UMASK@
+GL_GNULIB_MDA_UNLINK = @GL_GNULIB_MDA_UNLINK@
+GL_GNULIB_MDA_WCSDUP = @GL_GNULIB_MDA_WCSDUP@
+GL_GNULIB_MDA_WRITE = @GL_GNULIB_MDA_WRITE@
+GL_GNULIB_MEMCHR = @GL_GNULIB_MEMCHR@
+GL_GNULIB_MEMMEM = @GL_GNULIB_MEMMEM@
+GL_GNULIB_MEMPCPY = @GL_GNULIB_MEMPCPY@
+GL_GNULIB_MEMRCHR = @GL_GNULIB_MEMRCHR@
+GL_GNULIB_MKDIR = @GL_GNULIB_MKDIR@
+GL_GNULIB_MKDIRAT = @GL_GNULIB_MKDIRAT@
+GL_GNULIB_MKDTEMP = @GL_GNULIB_MKDTEMP@
+GL_GNULIB_MKFIFO = @GL_GNULIB_MKFIFO@
+GL_GNULIB_MKFIFOAT = @GL_GNULIB_MKFIFOAT@
+GL_GNULIB_MKNOD = @GL_GNULIB_MKNOD@
+GL_GNULIB_MKNODAT = @GL_GNULIB_MKNODAT@
+GL_GNULIB_MKOSTEMP = @GL_GNULIB_MKOSTEMP@
+GL_GNULIB_MKOSTEMPS = @GL_GNULIB_MKOSTEMPS@
+GL_GNULIB_MKSTEMP = @GL_GNULIB_MKSTEMP@
+GL_GNULIB_MKSTEMPS = @GL_GNULIB_MKSTEMPS@
+GL_GNULIB_MKTIME = @GL_GNULIB_MKTIME@
+GL_GNULIB_NANOSLEEP = @GL_GNULIB_NANOSLEEP@
+GL_GNULIB_NONBLOCKING = @GL_GNULIB_NONBLOCKING@
+GL_GNULIB_OBSTACK_PRINTF = @GL_GNULIB_OBSTACK_PRINTF@
+GL_GNULIB_OBSTACK_PRINTF_POSIX = @GL_GNULIB_OBSTACK_PRINTF_POSIX@
+GL_GNULIB_OPEN = @GL_GNULIB_OPEN@
+GL_GNULIB_OPENAT = @GL_GNULIB_OPENAT@
+GL_GNULIB_OVERRIDES_STRUCT_STAT = @GL_GNULIB_OVERRIDES_STRUCT_STAT@
+GL_GNULIB_PCLOSE = @GL_GNULIB_PCLOSE@
+GL_GNULIB_PERROR = @GL_GNULIB_PERROR@
+GL_GNULIB_PIPE = @GL_GNULIB_PIPE@
+GL_GNULIB_PIPE2 = @GL_GNULIB_PIPE2@
+GL_GNULIB_POPEN = @GL_GNULIB_POPEN@
+GL_GNULIB_POSIX_MEMALIGN = @GL_GNULIB_POSIX_MEMALIGN@
+GL_GNULIB_POSIX_OPENPT = @GL_GNULIB_POSIX_OPENPT@
+GL_GNULIB_PREAD = @GL_GNULIB_PREAD@
+GL_GNULIB_PRINTF = @GL_GNULIB_PRINTF@
+GL_GNULIB_PRINTF_POSIX = @GL_GNULIB_PRINTF_POSIX@
+GL_GNULIB_PTSNAME = @GL_GNULIB_PTSNAME@
+GL_GNULIB_PTSNAME_R = @GL_GNULIB_PTSNAME_R@
+GL_GNULIB_PUTC = @GL_GNULIB_PUTC@
+GL_GNULIB_PUTCHAR = @GL_GNULIB_PUTCHAR@
+GL_GNULIB_PUTENV = @GL_GNULIB_PUTENV@
+GL_GNULIB_PUTS = @GL_GNULIB_PUTS@
+GL_GNULIB_PWRITE = @GL_GNULIB_PWRITE@
+GL_GNULIB_QSORT_R = @GL_GNULIB_QSORT_R@
+GL_GNULIB_RANDOM = @GL_GNULIB_RANDOM@
+GL_GNULIB_RANDOM_R = @GL_GNULIB_RANDOM_R@
+GL_GNULIB_RAWMEMCHR = @GL_GNULIB_RAWMEMCHR@
+GL_GNULIB_READ = @GL_GNULIB_READ@
+GL_GNULIB_READLINK = @GL_GNULIB_READLINK@
+GL_GNULIB_READLINKAT = @GL_GNULIB_READLINKAT@
+GL_GNULIB_REALLOCARRAY = @GL_GNULIB_REALLOCARRAY@
+GL_GNULIB_REALLOC_POSIX = @GL_GNULIB_REALLOC_POSIX@
+GL_GNULIB_REALPATH = @GL_GNULIB_REALPATH@
+GL_GNULIB_RECV = @GL_GNULIB_RECV@
+GL_GNULIB_RECVFROM = @GL_GNULIB_RECVFROM@
+GL_GNULIB_REMOVE = @GL_GNULIB_REMOVE@
+GL_GNULIB_RENAME = @GL_GNULIB_RENAME@
+GL_GNULIB_RENAMEAT = @GL_GNULIB_RENAMEAT@
+GL_GNULIB_RMDIR = @GL_GNULIB_RMDIR@
+GL_GNULIB_RPMATCH = @GL_GNULIB_RPMATCH@
+GL_GNULIB_SCANF = @GL_GNULIB_SCANF@
+GL_GNULIB_SECURE_GETENV = @GL_GNULIB_SECURE_GETENV@
+GL_GNULIB_SEND = @GL_GNULIB_SEND@
+GL_GNULIB_SENDTO = @GL_GNULIB_SENDTO@
+GL_GNULIB_SETENV = @GL_GNULIB_SETENV@
+GL_GNULIB_SETHOSTNAME = @GL_GNULIB_SETHOSTNAME@
+GL_GNULIB_SETSOCKOPT = @GL_GNULIB_SETSOCKOPT@
+GL_GNULIB_SHUTDOWN = @GL_GNULIB_SHUTDOWN@
+GL_GNULIB_SIGABBREV_NP = @GL_GNULIB_SIGABBREV_NP@
+GL_GNULIB_SIGDESCR_NP = @GL_GNULIB_SIGDESCR_NP@
+GL_GNULIB_SLEEP = @GL_GNULIB_SLEEP@
+GL_GNULIB_SNPRINTF = @GL_GNULIB_SNPRINTF@
+GL_GNULIB_SOCKET = @GL_GNULIB_SOCKET@
+GL_GNULIB_SPRINTF_POSIX = @GL_GNULIB_SPRINTF_POSIX@
+GL_GNULIB_STAT = @GL_GNULIB_STAT@
+GL_GNULIB_STDIO_H_NONBLOCKING = @GL_GNULIB_STDIO_H_NONBLOCKING@
+GL_GNULIB_STDIO_H_SIGPIPE = @GL_GNULIB_STDIO_H_SIGPIPE@
+GL_GNULIB_STPCPY = @GL_GNULIB_STPCPY@
+GL_GNULIB_STPNCPY = @GL_GNULIB_STPNCPY@
+GL_GNULIB_STRCASESTR = @GL_GNULIB_STRCASESTR@
+GL_GNULIB_STRCHRNUL = @GL_GNULIB_STRCHRNUL@
+GL_GNULIB_STRDUP = @GL_GNULIB_STRDUP@
+GL_GNULIB_STRERROR = @GL_GNULIB_STRERROR@
+GL_GNULIB_STRERRORNAME_NP = @GL_GNULIB_STRERRORNAME_NP@
+GL_GNULIB_STRERROR_R = @GL_GNULIB_STRERROR_R@
+GL_GNULIB_STRFTIME = @GL_GNULIB_STRFTIME@
+GL_GNULIB_STRNCAT = @GL_GNULIB_STRNCAT@
+GL_GNULIB_STRNDUP = @GL_GNULIB_STRNDUP@
+GL_GNULIB_STRNLEN = @GL_GNULIB_STRNLEN@
+GL_GNULIB_STRPBRK = @GL_GNULIB_STRPBRK@
+GL_GNULIB_STRPTIME = @GL_GNULIB_STRPTIME@
+GL_GNULIB_STRSEP = @GL_GNULIB_STRSEP@
+GL_GNULIB_STRSIGNAL = @GL_GNULIB_STRSIGNAL@
+GL_GNULIB_STRSTR = @GL_GNULIB_STRSTR@
+GL_GNULIB_STRTOD = @GL_GNULIB_STRTOD@
+GL_GNULIB_STRTOIMAX = @GL_GNULIB_STRTOIMAX@
+GL_GNULIB_STRTOK_R = @GL_GNULIB_STRTOK_R@
+GL_GNULIB_STRTOL = @GL_GNULIB_STRTOL@
+GL_GNULIB_STRTOLD = @GL_GNULIB_STRTOLD@
+GL_GNULIB_STRTOLL = @GL_GNULIB_STRTOLL@
+GL_GNULIB_STRTOUL = @GL_GNULIB_STRTOUL@
+GL_GNULIB_STRTOULL = @GL_GNULIB_STRTOULL@
+GL_GNULIB_STRTOUMAX = @GL_GNULIB_STRTOUMAX@
+GL_GNULIB_STRVERSCMP = @GL_GNULIB_STRVERSCMP@
+GL_GNULIB_SYMLINK = @GL_GNULIB_SYMLINK@
+GL_GNULIB_SYMLINKAT = @GL_GNULIB_SYMLINKAT@
+GL_GNULIB_SYSTEM_POSIX = @GL_GNULIB_SYSTEM_POSIX@
+GL_GNULIB_TIMEGM = @GL_GNULIB_TIMEGM@
+GL_GNULIB_TIMESPEC_GET = @GL_GNULIB_TIMESPEC_GET@
+GL_GNULIB_TIME_R = @GL_GNULIB_TIME_R@
+GL_GNULIB_TIME_RZ = @GL_GNULIB_TIME_RZ@
+GL_GNULIB_TMPFILE = @GL_GNULIB_TMPFILE@
+GL_GNULIB_TRUNCATE = @GL_GNULIB_TRUNCATE@
+GL_GNULIB_TTYNAME_R = @GL_GNULIB_TTYNAME_R@
+GL_GNULIB_TZSET = @GL_GNULIB_TZSET@
+GL_GNULIB_UNISTD_H_NONBLOCKING = @GL_GNULIB_UNISTD_H_NONBLOCKING@
+GL_GNULIB_UNISTD_H_SIGPIPE = @GL_GNULIB_UNISTD_H_SIGPIPE@
+GL_GNULIB_UNLINK = @GL_GNULIB_UNLINK@
+GL_GNULIB_UNLINKAT = @GL_GNULIB_UNLINKAT@
+GL_GNULIB_UNLOCKPT = @GL_GNULIB_UNLOCKPT@
+GL_GNULIB_UNSETENV = @GL_GNULIB_UNSETENV@
+GL_GNULIB_USLEEP = @GL_GNULIB_USLEEP@
+GL_GNULIB_UTIMENSAT = @GL_GNULIB_UTIMENSAT@
+GL_GNULIB_VASPRINTF = @GL_GNULIB_VASPRINTF@
+GL_GNULIB_VDPRINTF = @GL_GNULIB_VDPRINTF@
+GL_GNULIB_VFPRINTF = @GL_GNULIB_VFPRINTF@
+GL_GNULIB_VFPRINTF_POSIX = @GL_GNULIB_VFPRINTF_POSIX@
+GL_GNULIB_VFSCANF = @GL_GNULIB_VFSCANF@
+GL_GNULIB_VPRINTF = @GL_GNULIB_VPRINTF@
+GL_GNULIB_VPRINTF_POSIX = @GL_GNULIB_VPRINTF_POSIX@
+GL_GNULIB_VSCANF = @GL_GNULIB_VSCANF@
+GL_GNULIB_VSNPRINTF = @GL_GNULIB_VSNPRINTF@
+GL_GNULIB_VSPRINTF_POSIX = @GL_GNULIB_VSPRINTF_POSIX@
+GL_GNULIB_WCPCPY = @GL_GNULIB_WCPCPY@
+GL_GNULIB_WCPNCPY = @GL_GNULIB_WCPNCPY@
+GL_GNULIB_WCRTOMB = @GL_GNULIB_WCRTOMB@
+GL_GNULIB_WCSCASECMP = @GL_GNULIB_WCSCASECMP@
+GL_GNULIB_WCSCAT = @GL_GNULIB_WCSCAT@
+GL_GNULIB_WCSCHR = @GL_GNULIB_WCSCHR@
+GL_GNULIB_WCSCMP = @GL_GNULIB_WCSCMP@
+GL_GNULIB_WCSCOLL = @GL_GNULIB_WCSCOLL@
+GL_GNULIB_WCSCPY = @GL_GNULIB_WCSCPY@
+GL_GNULIB_WCSCSPN = @GL_GNULIB_WCSCSPN@
+GL_GNULIB_WCSDUP = @GL_GNULIB_WCSDUP@
+GL_GNULIB_WCSFTIME = @GL_GNULIB_WCSFTIME@
+GL_GNULIB_WCSLEN = @GL_GNULIB_WCSLEN@
+GL_GNULIB_WCSNCASECMP = @GL_GNULIB_WCSNCASECMP@
+GL_GNULIB_WCSNCAT = @GL_GNULIB_WCSNCAT@
+GL_GNULIB_WCSNCMP = @GL_GNULIB_WCSNCMP@
+GL_GNULIB_WCSNCPY = @GL_GNULIB_WCSNCPY@
+GL_GNULIB_WCSNLEN = @GL_GNULIB_WCSNLEN@
+GL_GNULIB_WCSNRTOMBS = @GL_GNULIB_WCSNRTOMBS@
+GL_GNULIB_WCSPBRK = @GL_GNULIB_WCSPBRK@
+GL_GNULIB_WCSRCHR = @GL_GNULIB_WCSRCHR@
+GL_GNULIB_WCSRTOMBS = @GL_GNULIB_WCSRTOMBS@
+GL_GNULIB_WCSSPN = @GL_GNULIB_WCSSPN@
+GL_GNULIB_WCSSTR = @GL_GNULIB_WCSSTR@
+GL_GNULIB_WCSTOK = @GL_GNULIB_WCSTOK@
+GL_GNULIB_WCSWIDTH = @GL_GNULIB_WCSWIDTH@
+GL_GNULIB_WCSXFRM = @GL_GNULIB_WCSXFRM@
+GL_GNULIB_WCTOB = @GL_GNULIB_WCTOB@
+GL_GNULIB_WCTOMB = @GL_GNULIB_WCTOMB@
+GL_GNULIB_WCWIDTH = @GL_GNULIB_WCWIDTH@
+GL_GNULIB_WMEMCHR = @GL_GNULIB_WMEMCHR@
+GL_GNULIB_WMEMCMP = @GL_GNULIB_WMEMCMP@
+GL_GNULIB_WMEMCPY = @GL_GNULIB_WMEMCPY@
+GL_GNULIB_WMEMMOVE = @GL_GNULIB_WMEMMOVE@
+GL_GNULIB_WMEMPCPY = @GL_GNULIB_WMEMPCPY@
+GL_GNULIB_WMEMSET = @GL_GNULIB_WMEMSET@
+GL_GNULIB_WRITE = @GL_GNULIB_WRITE@
+GL_GNULIB__EXIT = @GL_GNULIB__EXIT@
+GMP_CFLAGS = @GMP_CFLAGS@
+GMP_LIBS = @GMP_LIBS@
+GMSGFMT = @GMSGFMT@
+GMSGFMT_015 = @GMSGFMT_015@
+GNULIBHEADERS_OVERRIDE_WINT_T = @GNULIBHEADERS_OVERRIDE_WINT_T@
+GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
+GNUTLS_LIBS_PRIVATE = @GNUTLS_LIBS_PRIVATE@
+GNUTLS_REQUIRES_PRIVATE = @GNUTLS_REQUIRES_PRIVATE@
+GPERF = @GPERF@
+GREP = @GREP@
+GTKDOC_CHECK = @GTKDOC_CHECK@
+GTKDOC_CHECK_PATH = @GTKDOC_CHECK_PATH@
+GTKDOC_DEPS_CFLAGS = @GTKDOC_DEPS_CFLAGS@
+GTKDOC_DEPS_LIBS = @GTKDOC_DEPS_LIBS@
+GTKDOC_MKPDF = @GTKDOC_MKPDF@
+GTKDOC_REBASE = @GTKDOC_REBASE@
+GUILD = @GUILD@
+GUILE = @GUILE@
+GUILE_CFLAGS = @GUILE_CFLAGS@
+GUILE_CONFIG = @GUILE_CONFIG@
+GUILE_EFFECTIVE_VERSION = @GUILE_EFFECTIVE_VERSION@
+GUILE_EXTENSION = @GUILE_EXTENSION@
+GUILE_LDFLAGS = @GUILE_LDFLAGS@
+GUILE_LIBS = @GUILE_LIBS@
+GUILE_LTLIBS = @GUILE_LTLIBS@
+GUILE_SITE = @GUILE_SITE@
+GUILE_SITE_CCACHE = @GUILE_SITE_CCACHE@
+GUILE_TOOLS = @GUILE_TOOLS@
+HAVE_ACCEPT4 = @HAVE_ACCEPT4@
+HAVE_ALIGNED_ALLOC = @HAVE_ALIGNED_ALLOC@
+HAVE_ALLOCA_H = @HAVE_ALLOCA_H@
+HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@
+HAVE_ATOLL = @HAVE_ATOLL@
+HAVE_BTOWC = @HAVE_BTOWC@
+HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@
+HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@
+HAVE_CHOWN = @HAVE_CHOWN@
+HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@
+HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@
+HAVE_DECL_ECVT = @HAVE_DECL_ECVT@
+HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@
+HAVE_DECL_EXECVPE = @HAVE_DECL_EXECVPE@
+HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@
+HAVE_DECL_FCLOSEALL = @HAVE_DECL_FCLOSEALL@
+HAVE_DECL_FCVT = @HAVE_DECL_FCVT@
+HAVE_DECL_FDATASYNC = @HAVE_DECL_FDATASYNC@
+HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@
+HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@
+HAVE_DECL_FSEEKO = @HAVE_DECL_FSEEKO@
+HAVE_DECL_FTELLO = @HAVE_DECL_FTELLO@
+HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@
+HAVE_DECL_GCVT = @HAVE_DECL_GCVT@
+HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@
+HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@
+HAVE_DECL_GETDOMAINNAME = @HAVE_DECL_GETDOMAINNAME@
+HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@
+HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@
+HAVE_DECL_GETLOGIN = @HAVE_DECL_GETLOGIN@
+HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@
+HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@
+HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@
+HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@
+HAVE_DECL_IMAXABS = @HAVE_DECL_IMAXABS@
+HAVE_DECL_IMAXDIV = @HAVE_DECL_IMAXDIV@
+HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@
+HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@
+HAVE_DECL_INITSTATE = @HAVE_DECL_INITSTATE@
+HAVE_DECL_LOCALTIME_R = @HAVE_DECL_LOCALTIME_R@
+HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@
+HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@
+HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@
+HAVE_DECL_SETENV = @HAVE_DECL_SETENV@
+HAVE_DECL_SETHOSTNAME = @HAVE_DECL_SETHOSTNAME@
+HAVE_DECL_SETSTATE = @HAVE_DECL_SETSTATE@
+HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@
+HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@
+HAVE_DECL_STRERROR_R = @HAVE_DECL_STRERROR_R@
+HAVE_DECL_STRNCASECMP = @HAVE_DECL_STRNCASECMP@
+HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@
+HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@
+HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@
+HAVE_DECL_STRTOIMAX = @HAVE_DECL_STRTOIMAX@
+HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@
+HAVE_DECL_STRTOUMAX = @HAVE_DECL_STRTOUMAX@
+HAVE_DECL_TRUNCATE = @HAVE_DECL_TRUNCATE@
+HAVE_DECL_TTYNAME_R = @HAVE_DECL_TTYNAME_R@
+HAVE_DECL_UNSETENV = @HAVE_DECL_UNSETENV@
+HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@
+HAVE_DECL_WCSDUP = @HAVE_DECL_WCSDUP@
+HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@
+HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@
+HAVE_DPRINTF = @HAVE_DPRINTF@
+HAVE_DUP3 = @HAVE_DUP3@
+HAVE_DUPLOCALE = @HAVE_DUPLOCALE@
+HAVE_EUIDACCESS = @HAVE_EUIDACCESS@
+HAVE_EXECVPE = @HAVE_EXECVPE@
+HAVE_EXPLICIT_BZERO = @HAVE_EXPLICIT_BZERO@
+HAVE_FACCESSAT = @HAVE_FACCESSAT@
+HAVE_FCHDIR = @HAVE_FCHDIR@
+HAVE_FCHMODAT = @HAVE_FCHMODAT@
+HAVE_FCHOWNAT = @HAVE_FCHOWNAT@
+HAVE_FCNTL = @HAVE_FCNTL@
+HAVE_FDATASYNC = @HAVE_FDATASYNC@
+HAVE_FEATURES_H = @HAVE_FEATURES_H@
+HAVE_FFS = @HAVE_FFS@
+HAVE_FFSL = @HAVE_FFSL@
+HAVE_FFSLL = @HAVE_FFSLL@
+HAVE_FREELOCALE = @HAVE_FREELOCALE@
+HAVE_FSEEKO = @HAVE_FSEEKO@
+HAVE_FSTATAT = @HAVE_FSTATAT@
+HAVE_FSYNC = @HAVE_FSYNC@
+HAVE_FTELLO = @HAVE_FTELLO@
+HAVE_FTRUNCATE = @HAVE_FTRUNCATE@
+HAVE_FUTIMENS = @HAVE_FUTIMENS@
+HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@
+HAVE_GETENTROPY = @HAVE_GETENTROPY@
+HAVE_GETGROUPS = @HAVE_GETGROUPS@
+HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@
+HAVE_GETLOGIN = @HAVE_GETLOGIN@
+HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@
+HAVE_GETPASS = @HAVE_GETPASS@
+HAVE_GETSUBOPT = @HAVE_GETSUBOPT@
+HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@
+HAVE_GETUMASK = @HAVE_GETUMASK@
+HAVE_GRANTPT = @HAVE_GRANTPT@
+HAVE_GROUP_MEMBER = @HAVE_GROUP_MEMBER@
+HAVE_IMAXDIV_T = @HAVE_IMAXDIV_T@
+HAVE_INITSTATE = @HAVE_INITSTATE@
+HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
+HAVE_ISBLANK = @HAVE_ISBLANK@
+HAVE_LANGINFO_ALTMON = @HAVE_LANGINFO_ALTMON@
+HAVE_LANGINFO_CODESET = @HAVE_LANGINFO_CODESET@
+HAVE_LANGINFO_ERA = @HAVE_LANGINFO_ERA@
+HAVE_LANGINFO_H = @HAVE_LANGINFO_H@
+HAVE_LANGINFO_T_FMT_AMPM = @HAVE_LANGINFO_T_FMT_AMPM@
+HAVE_LANGINFO_YESEXPR = @HAVE_LANGINFO_YESEXPR@
+HAVE_LCHMOD = @HAVE_LCHMOD@
+HAVE_LCHOWN = @HAVE_LCHOWN@
+HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@
+HAVE_LIBDL = @HAVE_LIBDL@
+HAVE_LIBEV = @HAVE_LIBEV@
+HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@
+HAVE_LIBRT = @HAVE_LIBRT@
+HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@
+HAVE_LIBZ = @HAVE_LIBZ@
+HAVE_LINK = @HAVE_LINK@
+HAVE_LINKAT = @HAVE_LINKAT@
+HAVE_LSTAT = @HAVE_LSTAT@
+HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@
+HAVE_MBRLEN = @HAVE_MBRLEN@
+HAVE_MBRTOWC = @HAVE_MBRTOWC@
+HAVE_MBSINIT = @HAVE_MBSINIT@
+HAVE_MBSLEN = @HAVE_MBSLEN@
+HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@
+HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@
+HAVE_MBTOWC = @HAVE_MBTOWC@
+HAVE_MEMPCPY = @HAVE_MEMPCPY@
+HAVE_MKDIRAT = @HAVE_MKDIRAT@
+HAVE_MKDTEMP = @HAVE_MKDTEMP@
+HAVE_MKFIFO = @HAVE_MKFIFO@
+HAVE_MKFIFOAT = @HAVE_MKFIFOAT@
+HAVE_MKNOD = @HAVE_MKNOD@
+HAVE_MKNODAT = @HAVE_MKNODAT@
+HAVE_MKOSTEMP = @HAVE_MKOSTEMP@
+HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@
+HAVE_MKSTEMP = @HAVE_MKSTEMP@
+HAVE_MKSTEMPS = @HAVE_MKSTEMPS@
+HAVE_MSVC_INVALID_PARAMETER_HANDLER = @HAVE_MSVC_INVALID_PARAMETER_HANDLER@
+HAVE_NANOSLEEP = @HAVE_NANOSLEEP@
+HAVE_NETDB_H = @HAVE_NETDB_H@
+HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@
+HAVE_NEWLOCALE = @HAVE_NEWLOCALE@
+HAVE_NL_LANGINFO = @HAVE_NL_LANGINFO@
+HAVE_OPENAT = @HAVE_OPENAT@
+HAVE_OS_H = @HAVE_OS_H@
+HAVE_PCLOSE = @HAVE_PCLOSE@
+HAVE_PIPE = @HAVE_PIPE@
+HAVE_PIPE2 = @HAVE_PIPE2@
+HAVE_POPEN = @HAVE_POPEN@
+HAVE_POSIX_MEMALIGN = @HAVE_POSIX_MEMALIGN@
+HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@
+HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@
+HAVE_PREAD = @HAVE_PREAD@
+HAVE_PSELECT = @HAVE_PSELECT@
+HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@
+HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@
+HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@
+HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@
+HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@
+HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@
+HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@
+HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@
+HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@
+HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@
+HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@
+HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@
+HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@
+HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@
+HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@
+HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@
+HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@
+HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@
+HAVE_PTHREAD_H = @HAVE_PTHREAD_H@
+HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@
+HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@
+HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@
+HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@
+HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@
+HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@
+HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@
+HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@
+HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@
+HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@
+HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@
+HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@
+HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@
+HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@
+HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@
+HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@
+HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@
+HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@
+HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@
+HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@
+HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@
+HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@
+HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@
+HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@
+HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@
+HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@
+HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@
+HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@
+HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@
+HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@
+HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@
+HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@
+HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@
+HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@
+HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@
+HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@
+HAVE_PTHREAD_T = @HAVE_PTHREAD_T@
+HAVE_PTSNAME = @HAVE_PTSNAME@
+HAVE_PTSNAME_R = @HAVE_PTSNAME_R@
+HAVE_PWRITE = @HAVE_PWRITE@
+HAVE_QSORT_R = @HAVE_QSORT_R@
+HAVE_RAISE = @HAVE_RAISE@
+HAVE_RANDOM = @HAVE_RANDOM@
+HAVE_RANDOM_H = @HAVE_RANDOM_H@
+HAVE_RANDOM_R = @HAVE_RANDOM_R@
+HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@
+HAVE_READLINK = @HAVE_READLINK@
+HAVE_READLINKAT = @HAVE_READLINKAT@
+HAVE_REALLOCARRAY = @HAVE_REALLOCARRAY@
+HAVE_REALPATH = @HAVE_REALPATH@
+HAVE_RENAMEAT = @HAVE_RENAMEAT@
+HAVE_RPMATCH = @HAVE_RPMATCH@
+HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@
+HAVE_SCHED_H = @HAVE_SCHED_H@
+HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@
+HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@
+HAVE_SETENV = @HAVE_SETENV@
+HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@
+HAVE_SETSTATE = @HAVE_SETSTATE@
+HAVE_SIGABBREV_NP = @HAVE_SIGABBREV_NP@
+HAVE_SIGACTION = @HAVE_SIGACTION@
+HAVE_SIGDESCR_NP = @HAVE_SIGDESCR_NP@
+HAVE_SIGHANDLER_T = @HAVE_SIGHANDLER_T@
+HAVE_SIGINFO_T = @HAVE_SIGINFO_T@
+HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@
+HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@
+HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@
+HAVE_SIGSET_T = @HAVE_SIGSET_T@
+HAVE_SLEEP = @HAVE_SLEEP@
+HAVE_STDINT_H = @HAVE_STDINT_H@
+HAVE_STPCPY = @HAVE_STPCPY@
+HAVE_STPNCPY = @HAVE_STPNCPY@
+HAVE_STRCASECMP = @HAVE_STRCASECMP@
+HAVE_STRCASESTR = @HAVE_STRCASESTR@
+HAVE_STRCHRNUL = @HAVE_STRCHRNUL@
+HAVE_STRERRORNAME_NP = @HAVE_STRERRORNAME_NP@
+HAVE_STRINGS_H = @HAVE_STRINGS_H@
+HAVE_STRPBRK = @HAVE_STRPBRK@
+HAVE_STRPTIME = @HAVE_STRPTIME@
+HAVE_STRSEP = @HAVE_STRSEP@
+HAVE_STRTOD = @HAVE_STRTOD@
+HAVE_STRTOL = @HAVE_STRTOL@
+HAVE_STRTOLD = @HAVE_STRTOLD@
+HAVE_STRTOLL = @HAVE_STRTOLL@
+HAVE_STRTOUL = @HAVE_STRTOUL@
+HAVE_STRTOULL = @HAVE_STRTOULL@
+HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@
+HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@
+HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@
+HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@
+HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@
+HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@
+HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@
+HAVE_STRVERSCMP = @HAVE_STRVERSCMP@
+HAVE_SYMLINK = @HAVE_SYMLINK@
+HAVE_SYMLINKAT = @HAVE_SYMLINKAT@
+HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@
+HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@
+HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@
+HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@
+HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@
+HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@
+HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@
+HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@
+HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@
+HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@
+HAVE_SYS_UIO_H = @HAVE_SYS_UIO_H@
+HAVE_TIMEGM = @HAVE_TIMEGM@
+HAVE_TIMESPEC_GET = @HAVE_TIMESPEC_GET@
+HAVE_TIMEZONE_T = @HAVE_TIMEZONE_T@
+HAVE_TYPE_VOLATILE_SIG_ATOMIC_T = @HAVE_TYPE_VOLATILE_SIG_ATOMIC_T@
+HAVE_UNISTD_H = @HAVE_UNISTD_H@
+HAVE_UNLINKAT = @HAVE_UNLINKAT@
+HAVE_UNLOCKPT = @HAVE_UNLOCKPT@
+HAVE_USLEEP = @HAVE_USLEEP@
+HAVE_UTIMENSAT = @HAVE_UTIMENSAT@
+HAVE_VASPRINTF = @HAVE_VASPRINTF@
+HAVE_VDPRINTF = @HAVE_VDPRINTF@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HAVE_WCHAR_H = @HAVE_WCHAR_H@
+HAVE_WCHAR_T = @HAVE_WCHAR_T@
+HAVE_WCPCPY = @HAVE_WCPCPY@
+HAVE_WCPNCPY = @HAVE_WCPNCPY@
+HAVE_WCRTOMB = @HAVE_WCRTOMB@
+HAVE_WCSCASECMP = @HAVE_WCSCASECMP@
+HAVE_WCSCAT = @HAVE_WCSCAT@
+HAVE_WCSCHR = @HAVE_WCSCHR@
+HAVE_WCSCMP = @HAVE_WCSCMP@
+HAVE_WCSCOLL = @HAVE_WCSCOLL@
+HAVE_WCSCPY = @HAVE_WCSCPY@
+HAVE_WCSCSPN = @HAVE_WCSCSPN@
+HAVE_WCSDUP = @HAVE_WCSDUP@
+HAVE_WCSFTIME = @HAVE_WCSFTIME@
+HAVE_WCSLEN = @HAVE_WCSLEN@
+HAVE_WCSNCASECMP = @HAVE_WCSNCASECMP@
+HAVE_WCSNCAT = @HAVE_WCSNCAT@
+HAVE_WCSNCMP = @HAVE_WCSNCMP@
+HAVE_WCSNCPY = @HAVE_WCSNCPY@
+HAVE_WCSNLEN = @HAVE_WCSNLEN@
+HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@
+HAVE_WCSPBRK = @HAVE_WCSPBRK@
+HAVE_WCSRCHR = @HAVE_WCSRCHR@
+HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@
+HAVE_WCSSPN = @HAVE_WCSSPN@
+HAVE_WCSSTR = @HAVE_WCSSTR@
+HAVE_WCSTOK = @HAVE_WCSTOK@
+HAVE_WCSWIDTH = @HAVE_WCSWIDTH@
+HAVE_WCSXFRM = @HAVE_WCSXFRM@
+HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@
+HAVE_WINT_T = @HAVE_WINT_T@
+HAVE_WMEMCHR = @HAVE_WMEMCHR@
+HAVE_WMEMCMP = @HAVE_WMEMCMP@
+HAVE_WMEMCPY = @HAVE_WMEMCPY@
+HAVE_WMEMMOVE = @HAVE_WMEMMOVE@
+HAVE_WMEMPCPY = @HAVE_WMEMPCPY@
+HAVE_WMEMSET = @HAVE_WMEMSET@
+HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@
+HAVE_XLOCALE_H = @HAVE_XLOCALE_H@
+HAVE__BOOL = @HAVE__BOOL@
+HAVE__EXIT = @HAVE__EXIT@
+HOGWEED_CFLAGS = @HOGWEED_CFLAGS@
+HOGWEED_LIBS = @HOGWEED_LIBS@
+HOSTENT_LIB = @HOSTENT_LIB@
+HTML_DIR = @HTML_DIR@
+INCLUDE_NEXT = @INCLUDE_NEXT@
+INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@
+INET_NTOP_LIB = @INET_NTOP_LIB@
+INET_PTON_LIB = @INET_PTON_LIB@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INT32_MAX_LT_INTMAX_MAX = @INT32_MAX_LT_INTMAX_MAX@
+INT64_MAX_EQ_LONG_MAX = @INT64_MAX_EQ_LONG_MAX@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+LCOV = @LCOV@
+LD = @LD@
+LDDPOSTPROC = @LDDPOSTPROC@
+LDDPROG = @LDDPROG@
+LDFLAGS = @LDFLAGS@
+LIBATOMIC_LIBS = @LIBATOMIC_LIBS@
+LIBBROTLIDEC_CFLAGS = @LIBBROTLIDEC_CFLAGS@
+LIBBROTLIDEC_LIBS = @LIBBROTLIDEC_LIBS@
+LIBBROTLIENC_CFLAGS = @LIBBROTLIENC_CFLAGS@
+LIBBROTLIENC_LIBS = @LIBBROTLIENC_LIBS@
+LIBCRYPTO = @LIBCRYPTO@
+LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@
+LIBDL = @LIBDL@
+LIBDL_PREFIX = @LIBDL_PREFIX@
+LIBEV = @LIBEV@
+LIBEV_LIBS = @LIBEV_LIBS@
+LIBEV_PREFIX = @LIBEV_PREFIX@
+LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@
+LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@
+LIBICONV = @LIBICONV@
+LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@
+LIBIDN2_LIBS = @LIBIDN2_LIBS@
+LIBINTL = @LIBINTL@
+LIBKCAPI_CFLAGS = @LIBKCAPI_CFLAGS@
+LIBKCAPI_LIBS = @LIBKCAPI_LIBS@
+LIBMULTITHREAD = @LIBMULTITHREAD@
+LIBOBJS = @LIBOBJS@
+LIBPMULTITHREAD = @LIBPMULTITHREAD@
+LIBPTHREAD = @LIBPTHREAD@
+LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@
+LIBRT = @LIBRT@
+LIBRT_PREFIX = @LIBRT_PREFIX@
+LIBS = @LIBS@
+LIBSECCOMP = @LIBSECCOMP@
+LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@
+LIBSOCKET = @LIBSOCKET@
+LIBSTDTHREAD = @LIBSTDTHREAD@
+LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@
+LIBTASN1_LIBS = @LIBTASN1_LIBS@
+LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@
+LIBTHREAD = @LIBTHREAD@
+LIBTOOL = @LIBTOOL@
+LIBUNISTRING = @LIBUNISTRING@
+LIBUNISTRING_UNICTYPE_H = @LIBUNISTRING_UNICTYPE_H@
+LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@
+LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@
+LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@
+LIBZ = @LIBZ@
+LIBZSTD_CFLAGS = @LIBZSTD_CFLAGS@
+LIBZSTD_LIBS = @LIBZSTD_LIBS@
+LIBZ_PC = @LIBZ_PC@
+LIBZ_PREFIX = @LIBZ_PREFIX@
+LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@
+LIB_NANOSLEEP = @LIB_NANOSLEEP@
+LIB_PTHREAD = @LIB_PTHREAD@
+LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@
+LIB_SCHED_YIELD = @LIB_SCHED_YIELD@
+LIB_SELECT = @LIB_SELECT@
+LIB_SEMAPHORE = @LIB_SEMAPHORE@
+LIB_SETLOCALE = @LIB_SETLOCALE@
+LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@
+LIMITS_H = @LIMITS_H@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LOCALENAME_ENHANCE_LOCALE_FUNCS = @LOCALENAME_ENHANCE_LOCALE_FUNCS@
+LOCALE_FR = @LOCALE_FR@
+LOCALE_FR_UTF8 = @LOCALE_FR_UTF8@
+LOCALE_JA = @LOCALE_JA@
+LOCALE_TR_UTF8 = @LOCALE_TR_UTF8@
+LOCALE_ZH_CN = @LOCALE_ZH_CN@
+LOG_VALGRIND = @LOG_VALGRIND@
+LTALLOCA = @LTALLOCA@
+LTLIBCRYPTO = @LTLIBCRYPTO@
+LTLIBDL = @LTLIBDL@
+LTLIBEV = @LTLIBEV@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBMULTITHREAD = @LTLIBMULTITHREAD@
+LTLIBOBJS = @LTLIBOBJS@
+LTLIBPTHREAD = @LTLIBPTHREAD@
+LTLIBRT = @LTLIBRT@
+LTLIBSECCOMP = @LTLIBSECCOMP@
+LTLIBTHREAD = @LTLIBTHREAD@
+LTLIBZ = @LTLIBZ@
+LT_AGE = @LT_AGE@
+LT_CURRENT = @LT_CURRENT@
+LT_DANE_AGE = @LT_DANE_AGE@
+LT_DANE_CURRENT = @LT_DANE_CURRENT@
+LT_DANE_REVISION = @LT_DANE_REVISION@
+LT_REVISION = @LT_REVISION@
+LT_SSL_AGE = @LT_SSL_AGE@
+LT_SSL_CURRENT = @LT_SSL_CURRENT@
+LT_SSL_REVISION = @LT_SSL_REVISION@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+LT_XSSL_AGE = @LT_XSSL_AGE@
+LT_XSSL_CURRENT = @LT_XSSL_CURRENT@
+LT_XSSL_REVISION = @LT_XSSL_REVISION@
+MAINT = @MAINT@
+MAJOR_VERSION = @MAJOR_VERSION@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MINOR_VERSION = @MINOR_VERSION@
+MKDIR_P = @MKDIR_P@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+MSGMERGE_FOR_MSGFMT_OPTION = @MSGMERGE_FOR_MSGFMT_OPTION@
+NETINET_IN_H = @NETINET_IN_H@
+NETTLE_CFLAGS = @NETTLE_CFLAGS@
+NETTLE_LIBS = @NETTLE_LIBS@
+NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@
+NEXT_AS_FIRST_DIRECTIVE_CTYPE_H = @NEXT_AS_FIRST_DIRECTIVE_CTYPE_H@
+NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@
+NEXT_AS_FIRST_DIRECTIVE_FCNTL_H = @NEXT_AS_FIRST_DIRECTIVE_FCNTL_H@
+NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@
+NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H = @NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H = @NEXT_AS_FIRST_DIRECTIVE_LANGINFO_H@
+NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@
+NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@
+NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@
+NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@
+NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@
+NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@
+NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@
+NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@
+NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@
+NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@
+NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@
+NEXT_AS_FIRST_DIRECTIVE_STRINGS_H = @NEXT_AS_FIRST_DIRECTIVE_STRINGS_H@
+NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H@
+NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H@
+NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@
+NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@
+NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@
+NEXT_CTYPE_H = @NEXT_CTYPE_H@
+NEXT_ERRNO_H = @NEXT_ERRNO_H@
+NEXT_FCNTL_H = @NEXT_FCNTL_H@
+NEXT_FLOAT_H = @NEXT_FLOAT_H@
+NEXT_INTTYPES_H = @NEXT_INTTYPES_H@
+NEXT_LANGINFO_H = @NEXT_LANGINFO_H@
+NEXT_LIMITS_H = @NEXT_LIMITS_H@
+NEXT_LOCALE_H = @NEXT_LOCALE_H@
+NEXT_NETDB_H = @NEXT_NETDB_H@
+NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@
+NEXT_PTHREAD_H = @NEXT_PTHREAD_H@
+NEXT_SCHED_H = @NEXT_SCHED_H@
+NEXT_SIGNAL_H = @NEXT_SIGNAL_H@
+NEXT_STDDEF_H = @NEXT_STDDEF_H@
+NEXT_STDINT_H = @NEXT_STDINT_H@
+NEXT_STDIO_H = @NEXT_STDIO_H@
+NEXT_STDLIB_H = @NEXT_STDLIB_H@
+NEXT_STRINGS_H = @NEXT_STRINGS_H@
+NEXT_STRING_H = @NEXT_STRING_H@
+NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@
+NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@
+NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@
+NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@
+NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@
+NEXT_SYS_TYPES_H = @NEXT_SYS_TYPES_H@
+NEXT_SYS_UIO_H = @NEXT_SYS_UIO_H@
+NEXT_TIME_H = @NEXT_TIME_H@
+NEXT_UNISTD_H = @NEXT_UNISTD_H@
+NEXT_WCHAR_H = @NEXT_WCHAR_H@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NUMBER_VERSION = @NUMBER_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@
+PATCH_VERSION = @PATCH_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKCS12_ITER_COUNT = @PKCS12_ITER_COUNT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PMCCABE = @PMCCABE@
+POSUB = @POSUB@
+PRAGMA_COLUMNS = @PRAGMA_COLUMNS@
+PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@
+PRIPTR_PREFIX = @PRIPTR_PREFIX@
+PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@
+PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+REPLACE_ACCESS = @REPLACE_ACCESS@
+REPLACE_ALIGNED_ALLOC = @REPLACE_ALIGNED_ALLOC@
+REPLACE_BTOWC = @REPLACE_BTOWC@
+REPLACE_CALLOC = @REPLACE_CALLOC@
+REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@
+REPLACE_CHOWN = @REPLACE_CHOWN@
+REPLACE_CLOSE = @REPLACE_CLOSE@
+REPLACE_CREAT = @REPLACE_CREAT@
+REPLACE_CTIME = @REPLACE_CTIME@
+REPLACE_DPRINTF = @REPLACE_DPRINTF@
+REPLACE_DUP = @REPLACE_DUP@
+REPLACE_DUP2 = @REPLACE_DUP2@
+REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@
+REPLACE_EXECL = @REPLACE_EXECL@
+REPLACE_EXECLE = @REPLACE_EXECLE@
+REPLACE_EXECLP = @REPLACE_EXECLP@
+REPLACE_EXECV = @REPLACE_EXECV@
+REPLACE_EXECVE = @REPLACE_EXECVE@
+REPLACE_EXECVP = @REPLACE_EXECVP@
+REPLACE_EXECVPE = @REPLACE_EXECVPE@
+REPLACE_FACCESSAT = @REPLACE_FACCESSAT@
+REPLACE_FCHMODAT = @REPLACE_FCHMODAT@
+REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@
+REPLACE_FCLOSE = @REPLACE_FCLOSE@
+REPLACE_FCNTL = @REPLACE_FCNTL@
+REPLACE_FDOPEN = @REPLACE_FDOPEN@
+REPLACE_FFLUSH = @REPLACE_FFLUSH@
+REPLACE_FFSLL = @REPLACE_FFSLL@
+REPLACE_FOPEN = @REPLACE_FOPEN@
+REPLACE_FPRINTF = @REPLACE_FPRINTF@
+REPLACE_FPURGE = @REPLACE_FPURGE@
+REPLACE_FREE = @REPLACE_FREE@
+REPLACE_FREELOCALE = @REPLACE_FREELOCALE@
+REPLACE_FREOPEN = @REPLACE_FREOPEN@
+REPLACE_FSEEK = @REPLACE_FSEEK@
+REPLACE_FSEEKO = @REPLACE_FSEEKO@
+REPLACE_FSTAT = @REPLACE_FSTAT@
+REPLACE_FSTATAT = @REPLACE_FSTATAT@
+REPLACE_FTELL = @REPLACE_FTELL@
+REPLACE_FTELLO = @REPLACE_FTELLO@
+REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@
+REPLACE_FUTIMENS = @REPLACE_FUTIMENS@
+REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@
+REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@
+REPLACE_GETCWD = @REPLACE_GETCWD@
+REPLACE_GETDELIM = @REPLACE_GETDELIM@
+REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@
+REPLACE_GETDTABLESIZE = @REPLACE_GETDTABLESIZE@
+REPLACE_GETGROUPS = @REPLACE_GETGROUPS@
+REPLACE_GETLINE = @REPLACE_GETLINE@
+REPLACE_GETLOGIN_R = @REPLACE_GETLOGIN_R@
+REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@
+REPLACE_GETPASS = @REPLACE_GETPASS@
+REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@
+REPLACE_GMTIME = @REPLACE_GMTIME@
+REPLACE_INET_NTOP = @REPLACE_INET_NTOP@
+REPLACE_INET_PTON = @REPLACE_INET_PTON@
+REPLACE_INITSTATE = @REPLACE_INITSTATE@
+REPLACE_IOCTL = @REPLACE_IOCTL@
+REPLACE_ISATTY = @REPLACE_ISATTY@
+REPLACE_ITOLD = @REPLACE_ITOLD@
+REPLACE_LCHOWN = @REPLACE_LCHOWN@
+REPLACE_LINK = @REPLACE_LINK@
+REPLACE_LINKAT = @REPLACE_LINKAT@
+REPLACE_LOCALECONV = @REPLACE_LOCALECONV@
+REPLACE_LOCALTIME = @REPLACE_LOCALTIME@
+REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@
+REPLACE_LSEEK = @REPLACE_LSEEK@
+REPLACE_LSTAT = @REPLACE_LSTAT@
+REPLACE_MALLOC = @REPLACE_MALLOC@
+REPLACE_MBRLEN = @REPLACE_MBRLEN@
+REPLACE_MBRTOWC = @REPLACE_MBRTOWC@
+REPLACE_MBSINIT = @REPLACE_MBSINIT@
+REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@
+REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@
+REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@
+REPLACE_MBTOWC = @REPLACE_MBTOWC@
+REPLACE_MEMCHR = @REPLACE_MEMCHR@
+REPLACE_MEMMEM = @REPLACE_MEMMEM@
+REPLACE_MKDIR = @REPLACE_MKDIR@
+REPLACE_MKFIFO = @REPLACE_MKFIFO@
+REPLACE_MKFIFOAT = @REPLACE_MKFIFOAT@
+REPLACE_MKNOD = @REPLACE_MKNOD@
+REPLACE_MKNODAT = @REPLACE_MKNODAT@
+REPLACE_MKSTEMP = @REPLACE_MKSTEMP@
+REPLACE_MKTIME = @REPLACE_MKTIME@
+REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@
+REPLACE_NEWLOCALE = @REPLACE_NEWLOCALE@
+REPLACE_NL_LANGINFO = @REPLACE_NL_LANGINFO@
+REPLACE_NULL = @REPLACE_NULL@
+REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@
+REPLACE_OPEN = @REPLACE_OPEN@
+REPLACE_OPENAT = @REPLACE_OPENAT@
+REPLACE_PERROR = @REPLACE_PERROR@
+REPLACE_POPEN = @REPLACE_POPEN@
+REPLACE_POSIX_MEMALIGN = @REPLACE_POSIX_MEMALIGN@
+REPLACE_PREAD = @REPLACE_PREAD@
+REPLACE_PRINTF = @REPLACE_PRINTF@
+REPLACE_PSELECT = @REPLACE_PSELECT@
+REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@
+REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@
+REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@
+REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@
+REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@
+REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@
+REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@
+REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@
+REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@
+REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@
+REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@
+REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@
+REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@
+REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@
+REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@
+REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@
+REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@
+REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@
+REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@
+REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@
+REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@
+REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@
+REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@
+REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@
+REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@
+REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@
+REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@
+REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@
+REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@
+REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@
+REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@
+REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@
+REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@
+REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@
+REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@
+REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@
+REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@
+REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@
+REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@
+REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@
+REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@
+REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@
+REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@
+REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@
+REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@
+REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@
+REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@
+REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@
+REPLACE_PTSNAME = @REPLACE_PTSNAME@
+REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@
+REPLACE_PUTENV = @REPLACE_PUTENV@
+REPLACE_PWRITE = @REPLACE_PWRITE@
+REPLACE_QSORT_R = @REPLACE_QSORT_R@
+REPLACE_RAISE = @REPLACE_RAISE@
+REPLACE_RANDOM = @REPLACE_RANDOM@
+REPLACE_RANDOM_R = @REPLACE_RANDOM_R@
+REPLACE_READ = @REPLACE_READ@
+REPLACE_READLINK = @REPLACE_READLINK@
+REPLACE_READLINKAT = @REPLACE_READLINKAT@
+REPLACE_REALLOC = @REPLACE_REALLOC@
+REPLACE_REALLOCARRAY = @REPLACE_REALLOCARRAY@
+REPLACE_REALPATH = @REPLACE_REALPATH@
+REPLACE_REMOVE = @REPLACE_REMOVE@
+REPLACE_RENAME = @REPLACE_RENAME@
+REPLACE_RENAMEAT = @REPLACE_RENAMEAT@
+REPLACE_RMDIR = @REPLACE_RMDIR@
+REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@
+REPLACE_SELECT = @REPLACE_SELECT@
+REPLACE_SETENV = @REPLACE_SETENV@
+REPLACE_SETLOCALE = @REPLACE_SETLOCALE@
+REPLACE_SETSTATE = @REPLACE_SETSTATE@
+REPLACE_SLEEP = @REPLACE_SLEEP@
+REPLACE_SNPRINTF = @REPLACE_SNPRINTF@
+REPLACE_SPRINTF = @REPLACE_SPRINTF@
+REPLACE_STAT = @REPLACE_STAT@
+REPLACE_STDIO_READ_FUNCS = @REPLACE_STDIO_READ_FUNCS@
+REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@
+REPLACE_STPNCPY = @REPLACE_STPNCPY@
+REPLACE_STRCASESTR = @REPLACE_STRCASESTR@
+REPLACE_STRCHRNUL = @REPLACE_STRCHRNUL@
+REPLACE_STRDUP = @REPLACE_STRDUP@
+REPLACE_STRERROR = @REPLACE_STRERROR@
+REPLACE_STRERRORNAME_NP = @REPLACE_STRERRORNAME_NP@
+REPLACE_STRERROR_R = @REPLACE_STRERROR_R@
+REPLACE_STRFTIME = @REPLACE_STRFTIME@
+REPLACE_STRNCAT = @REPLACE_STRNCAT@
+REPLACE_STRNDUP = @REPLACE_STRNDUP@
+REPLACE_STRNLEN = @REPLACE_STRNLEN@
+REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@
+REPLACE_STRSTR = @REPLACE_STRSTR@
+REPLACE_STRTOD = @REPLACE_STRTOD@
+REPLACE_STRTOIMAX = @REPLACE_STRTOIMAX@
+REPLACE_STRTOK_R = @REPLACE_STRTOK_R@
+REPLACE_STRTOL = @REPLACE_STRTOL@
+REPLACE_STRTOLD = @REPLACE_STRTOLD@
+REPLACE_STRTOLL = @REPLACE_STRTOLL@
+REPLACE_STRTOUL = @REPLACE_STRTOUL@
+REPLACE_STRTOULL = @REPLACE_STRTOULL@
+REPLACE_STRTOUMAX = @REPLACE_STRTOUMAX@
+REPLACE_STRUCT_LCONV = @REPLACE_STRUCT_LCONV@
+REPLACE_STRUCT_TIMEVAL = @REPLACE_STRUCT_TIMEVAL@
+REPLACE_SYMLINK = @REPLACE_SYMLINK@
+REPLACE_SYMLINKAT = @REPLACE_SYMLINKAT@
+REPLACE_TIMEGM = @REPLACE_TIMEGM@
+REPLACE_TMPFILE = @REPLACE_TMPFILE@
+REPLACE_TRUNCATE = @REPLACE_TRUNCATE@
+REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@
+REPLACE_TZSET = @REPLACE_TZSET@
+REPLACE_UNLINK = @REPLACE_UNLINK@
+REPLACE_UNLINKAT = @REPLACE_UNLINKAT@
+REPLACE_UNSETENV = @REPLACE_UNSETENV@
+REPLACE_USLEEP = @REPLACE_USLEEP@
+REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@
+REPLACE_VASPRINTF = @REPLACE_VASPRINTF@
+REPLACE_VDPRINTF = @REPLACE_VDPRINTF@
+REPLACE_VFPRINTF = @REPLACE_VFPRINTF@
+REPLACE_VPRINTF = @REPLACE_VPRINTF@
+REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@
+REPLACE_VSPRINTF = @REPLACE_VSPRINTF@
+REPLACE_WCRTOMB = @REPLACE_WCRTOMB@
+REPLACE_WCSFTIME = @REPLACE_WCSFTIME@
+REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@
+REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@
+REPLACE_WCSTOK = @REPLACE_WCSTOK@
+REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@
+REPLACE_WCTOB = @REPLACE_WCTOB@
+REPLACE_WCTOMB = @REPLACE_WCTOMB@
+REPLACE_WCWIDTH = @REPLACE_WCWIDTH@
+REPLACE_WRITE = @REPLACE_WRITE@
+SED = @SED@
+SERVENT_LIB = @SERVENT_LIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
+SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
+STDALIGN_H = @STDALIGN_H@
+STDBOOL_H = @STDBOOL_H@
+STDDEF_H = @STDDEF_H@
+STDINT_H = @STDINT_H@
+STRIP = @STRIP@
+SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@
+SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@
+TIME_H_DEFINES_TIME_UTC = @TIME_H_DEFINES_TIME_UTC@
+TROUSERS_LIB = @TROUSERS_LIB@
+TSS2_CFLAGS = @TSS2_CFLAGS@
+TSS2_LIBS = @TSS2_LIBS@
+TSS_CFLAGS = @TSS_CFLAGS@
+TSS_LIBS = @TSS_LIBS@
+UINT32_MAX_LT_UINTMAX_MAX = @UINT32_MAX_LT_UINTMAX_MAX@
+UINT64_MAX_EQ_ULONG_MAX = @UINT64_MAX_EQ_ULONG_MAX@
+UNBOUND_CFLAGS = @UNBOUND_CFLAGS@
+UNBOUND_LIBS = @UNBOUND_LIBS@
+UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@
+UNISTD_H_DEFINES_STRUCT_TIMESPEC = @UNISTD_H_DEFINES_STRUCT_TIMESPEC@
+UNISTD_H_HAVE_SYS_RANDOM_H = @UNISTD_H_HAVE_SYS_RANDOM_H@
+UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@
+UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@
+USE_NLS = @USE_NLS@
+VALGRIND = @VALGRIND@
+VALGRINDFLAGS = @VALGRINDFLAGS@
+VALGRIND_PROGRAM = @VALGRIND_PROGRAM@
+VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
+WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@
+WERROR_CFLAGS = @WERROR_CFLAGS@
+WINDOWS_64_BIT_OFF_T = @WINDOWS_64_BIT_OFF_T@
+WINDOWS_64_BIT_ST_SIZE = @WINDOWS_64_BIT_ST_SIZE@
+WINDOWS_STAT_INODES = @WINDOWS_STAT_INODES@
+WINDOWS_STAT_TIMESPEC = @WINDOWS_STAT_TIMESPEC@
+WINT_T_SUFFIX = @WINT_T_SUFFIX@
+WSTACK_CFLAGS = @WSTACK_CFLAGS@
+XGETTEXT = @XGETTEXT@
+XGETTEXT_015 = @XGETTEXT_015@
+XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+YIELD_LIB = @YIELD_LIB@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+ac_cv_sizeof_time_t = @ac_cv_sizeof_time_t@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+ggl_LIBOBJS = @ggl_LIBOBJS@
+ggl_LTLIBOBJS = @ggl_LTLIBOBJS@
+ggltests_LIBOBJS = @ggltests_LIBOBJS@
+ggltests_LTLIBOBJS = @ggltests_LTLIBOBJS@
+ggltests_WITNESS = @ggltests_WITNESS@
+gl_LIBOBJS = @gl_LIBOBJS@
+gl_LTLIBOBJS = @gl_LTLIBOBJS@
+gltests_LIBOBJS = @gltests_LIBOBJS@
+gltests_LTLIBOBJS = @gltests_LTLIBOBJS@
+gltests_WITNESS = @gltests_WITNESS@
+gnutls_so = @gnutls_so@
+guile_snarf = @guile_snarf@
+guileextensiondir = @guileextensiondir@
+guilesiteccachedir = @guilesiteccachedir@
+guilesitedir = @guilesitedir@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+ifGNUmake = @ifGNUmake@
+ifnGNUmake = @ifnGNUmake@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+maybe_guileextensiondir = @maybe_guileextensiondir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+unistring_LIBOBJS = @unistring_LIBOBJS@
+unistring_LTLIBOBJS = @unistring_LTLIBOBJS@
+unistringtests_LIBOBJS = @unistringtests_LIBOBJS@
+unistringtests_LTLIBOBJS = @unistringtests_LTLIBOBJS@
+unistringtests_WITNESS = @unistringtests_WITNESS@
+nobase_include_HEADERS = gnutls/dane.h
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am  $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign libdane/includes/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign libdane/includes/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+install-nobase_includeHEADERS: $(nobase_include_HEADERS)
+	@$(NORMAL_INSTALL)
+	@list='$(nobase_include_HEADERS)'; test -n "$(includedir)" || list=; \
+	if test -n "$$list"; then \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(includedir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(includedir)" || exit 1; \
+	fi; \
+	$(am__nobase_list) | while read dir files; do \
+	  xfiles=; for file in $$files; do \
+	    if test -f "$$file"; then xfiles="$$xfiles $$file"; \
+	    else xfiles="$$xfiles $(srcdir)/$$file"; fi; done; \
+	  test -z "$$xfiles" || { \
+	    test "x$$dir" = x. || { \
+	      echo " $(MKDIR_P) '$(DESTDIR)$(includedir)/$$dir'"; \
+	      $(MKDIR_P) "$(DESTDIR)$(includedir)/$$dir"; }; \
+	    echo " $(INSTALL_HEADER) $$xfiles '$(DESTDIR)$(includedir)/$$dir'"; \
+	    $(INSTALL_HEADER) $$xfiles "$(DESTDIR)$(includedir)/$$dir" || exit $$?; }; \
+	done
+
+uninstall-nobase_includeHEADERS:
+	@$(NORMAL_UNINSTALL)
+	@list='$(nobase_include_HEADERS)'; test -n "$(includedir)" || list=; \
+	$(am__nobase_strip_setup); files=`$(am__nobase_strip)`; \
+	dir='$(DESTDIR)$(includedir)'; $(am__uninstall_files_from_dir)
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-am
+all-am: Makefile $(HEADERS)
+installdirs:
+	for dir in "$(DESTDIR)$(includedir)"; do \
+	  test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+	done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+	-rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-nobase_includeHEADERS
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-nobase_includeHEADERS
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+	clean-libtool cscopelist-am ctags ctags-am distclean \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man \
+	install-nobase_includeHEADERS install-pdf install-pdf-am \
+	install-ps install-ps-am install-strip installcheck \
+	installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-generic \
+	mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
+	uninstall-am uninstall-nobase_includeHEADERS
+
+.PRECIOUS: Makefile
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/libdane/includes/gnutls/dane.h b/libdane/includes/gnutls/dane.h
new file mode 100644
index 0000000..92d1da9
--- /dev/null
+++ b/libdane/includes/gnutls/dane.h
@@ -0,0 +1,204 @@
+/* -*- c -*-
+ * Copyright (C) 2012 KU Leuven
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of libdane.
+ *
+ * libdane is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_DANE_H
+#define GNUTLS_DANE_H
+
+#include <gnutls/gnutls.h>	/* for gnutls_datum_t */
+
+/**
+ * dane_cert_usage_t:
+ * @DANE_CERT_USAGE_CA: CA constraint. The certificate/key
+ *   presented must have signed the verified key.
+ * @DANE_CERT_USAGE_EE: The key or the certificate of the end
+ *   entity.
+ * @DANE_CERT_USAGE_LOCAL_CA: The remote CA is local and possibly
+ *   untrusted by the verifier.
+ * @DANE_CERT_USAGE_LOCAL_EE: The remote end-entity key is local
+ *   and possibly untrusted by the verifier (not signed by a CA).
+ *
+ * Enumeration of different certificate usage types.
+ */
+typedef enum dane_cert_usage_t {
+	DANE_CERT_USAGE_CA = 0,
+	DANE_CERT_USAGE_EE = 1,
+	DANE_CERT_USAGE_LOCAL_CA = 2,
+	DANE_CERT_USAGE_LOCAL_EE = 3
+} dane_cert_usage_t;
+
+/**
+ * dane_cert_type_t:
+ * @DANE_CERT_X509: An X.509 certificate.
+ * @DANE_CERT_PK: A public key.
+ *
+ * Enumeration of different certificate types.
+ */
+typedef enum dane_cert_type_t {
+	DANE_CERT_X509 = 0,
+	DANE_CERT_PK = 1
+} dane_cert_type_t;
+
+/**
+ * dane_match_type_t:
+ * @DANE_MATCH_EXACT: The full content.
+ * @DANE_MATCH_SHA2_256: A SHA-256 hash of the content.
+ * @DANE_MATCH_SHA2_512: A SHA-512 hash of the content.
+ *
+ * Enumeration of different content matching types.
+ */
+typedef enum dane_match_type_t {
+	DANE_MATCH_EXACT = 0,
+	DANE_MATCH_SHA2_256 = 1,
+	DANE_MATCH_SHA2_512 = 2
+} dane_match_type_t;
+
+/**
+ * dane_query_status_t:
+ * @DANE_QUERY_UNKNOWN: There was no query.
+ * @DANE_QUERY_DNSSEC_VERIFIED: The query was verified using DNSSEC.
+ * @DANE_QUERY_BOGUS: The query has wrong DNSSEC signature.
+ * @DANE_QUERY_NO_DNSSEC: The query has no DNSSEC data.
+ *
+ * Enumeration of different certificate types.
+ */
+typedef enum dane_query_status_t {
+	DANE_QUERY_UNKNOWN = 0,
+	DANE_QUERY_DNSSEC_VERIFIED,
+	DANE_QUERY_BOGUS,
+	DANE_QUERY_NO_DNSSEC
+} dane_query_status_t;
+
+typedef struct dane_state_st *dane_state_t;
+typedef struct dane_query_st *dane_query_t;
+
+/**
+ * dane_state_flags_t:
+ * @DANE_F_IGNORE_LOCAL_RESOLVER: Many systems are not DNSSEC-ready. In that case the local resolver is ignored, and a direct recursive resolve occurs.
+ * @DANE_F_INSECURE: Ignore any DNSSEC signature verification errors.
+ * @DANE_F_IGNORE_DNSSEC: Do not try to initialize DNSSEC as we will not use it (will then not try to load the DNSSEC root certificate).  Useful if the TLSA data does not come from DNS.
+ *
+ * Enumeration of different verification flags.
+ */
+typedef enum dane_state_flags_t {
+	DANE_F_IGNORE_LOCAL_RESOLVER = 1,
+	DANE_F_INSECURE = 2,
+	DANE_F_IGNORE_DNSSEC = 4
+} dane_state_flags_t;
+
+int dane_state_init(dane_state_t * s, unsigned int flags);
+int dane_state_set_dlv_file(dane_state_t s, const char *file);
+void dane_state_deinit(dane_state_t s);
+
+
+int dane_raw_tlsa(dane_state_t s, dane_query_t * r, char *const *dane_data,
+		  const int *dane_data_len, int secure, int bogus);
+
+int dane_query_tlsa(dane_state_t s, dane_query_t * r, const char *host,
+		    const char *proto, unsigned int port);
+
+dane_query_status_t dane_query_status(dane_query_t q);
+unsigned int dane_query_entries(dane_query_t q);
+int dane_query_data(dane_query_t q, unsigned int idx,
+		    unsigned int *usage, unsigned int *type,
+		    unsigned int *match, gnutls_datum_t * data);
+int dane_query_to_raw_tlsa(dane_query_t q, unsigned int *data_entries,
+		    char ***dane_data, int **dane_data_len, int *secure, int *bogus);
+void dane_query_deinit(dane_query_t q);
+
+const char *dane_cert_type_name(dane_cert_type_t type);
+const char *dane_match_type_name(dane_match_type_t type);
+const char *dane_cert_usage_name(dane_cert_usage_t usage);
+
+/**
+ * dane_verify_flags_t:
+ * @DANE_VFLAG_FAIL_IF_NOT_CHECKED: If irrelevant to this certificate DANE entries are received fail instead of succeeding.
+ * @DANE_VFLAG_ONLY_CHECK_EE_USAGE: The provided certificates will be verified only against any EE field. Combine with %DANE_VFLAG_FAIL_IF_NOT_CHECKED to fail if EE entries are not present.
+ * @DANE_VFLAG_ONLY_CHECK_CA_USAGE: The provided certificates will be verified only against any CA field. Combine with %DANE_VFLAG_FAIL_IF_NOT_CHECKED to fail if CA entries are not present.
+ *
+ * Enumeration of different verification status flags.
+ */
+typedef enum dane_verify_flags_t {
+	DANE_VFLAG_FAIL_IF_NOT_CHECKED = 1,
+	DANE_VFLAG_ONLY_CHECK_EE_USAGE = 1 << 1,
+	DANE_VFLAG_ONLY_CHECK_CA_USAGE = 1 << 2,
+} dane_verify_flags_t;
+
+/**
+ * dane_verify_status_t:
+ * @DANE_VERIFY_CA_CONSTRAINTS_VIOLATED: The CA constraints were violated.
+ * @DANE_VERIFY_CERT_DIFFERS: The certificate obtained via DNS differs.
+ * @DANE_VERIFY_UNKNOWN_DANE_INFO: No known DANE data was found in the DNS record.
+ *
+ * Enumeration of different verification status flags.
+ */
+typedef enum dane_verify_status_t {
+	DANE_VERIFY_CA_CONSTRAINTS_VIOLATED = 1,
+	DANE_VERIFY_CERT_DIFFERS = 1 << 1,
+	DANE_VERIFY_UNKNOWN_DANE_INFO = 1 << 2,
+} dane_verify_status_t;
+
+#define DANE_VERIFY_CA_CONSTRAINS_VIOLATED DANE_VERIFY_CA_CONSTRAINTS_VIOLATED
+#define DANE_VERIFY_NO_DANE_INFO DANE_VERIFY_UNKNOWN_DANE_INFO
+
+int
+dane_verification_status_print(unsigned int status,
+			       gnutls_datum_t * out, unsigned int flags);
+
+int dane_verify_crt_raw(dane_state_t s,
+			const gnutls_datum_t * chain, unsigned chain_size,
+			gnutls_certificate_type_t chain_type,
+			dane_query_t r,
+			unsigned int sflags, unsigned int vflags,
+			unsigned int *verify);
+
+int dane_verify_crt(dane_state_t s,
+		    const gnutls_datum_t * chain, unsigned chain_size,
+		    gnutls_certificate_type_t chain_type,
+		    const char *hostname, const char *proto,
+		    unsigned int port, unsigned int sflags,
+		    unsigned int vflags, unsigned int *verify);
+
+int dane_verify_session_crt(dane_state_t s,
+			    gnutls_session_t session,
+			    const char *hostname, const char *proto,
+			    unsigned int port, unsigned int sflags,
+			    unsigned int vflags, unsigned int *verify);
+
+const char *dane_strerror(int error);
+
+#define DANE_E_SUCCESS 0
+#define DANE_E_INITIALIZATION_ERROR -1
+#define DANE_E_RESOLVING_ERROR -2
+#define DANE_E_NO_DANE_DATA -3
+#define DANE_E_RECEIVED_CORRUPT_DATA -4
+#define DANE_E_INVALID_DNSSEC_SIG -5
+#define DANE_E_NO_DNSSEC_SIG -6
+#define DANE_E_MEMORY_ERROR -7
+#define DANE_E_REQUESTED_DATA_NOT_AVAILABLE -8
+#define DANE_E_INVALID_REQUEST -9
+#define DANE_E_PUBKEY_ERROR -10
+#define DANE_E_NO_CERT -11
+#define DANE_E_FILE_ERROR -12
+#define DANE_E_CERT_ERROR -13
+#define DANE_E_UNKNOWN_DANE_DATA -14
+
+#endif /* GNUTLS_DANE_H */
diff --git a/libdane/libdane.map b/libdane/libdane.map
new file mode 100644
index 0000000..fa82654
--- /dev/null
+++ b/libdane/libdane.map
@@ -0,0 +1,27 @@
+# libgnutls.map -- libgnutls linker version script.           -*- ld-script -*-
+
+DANE_0_0
+{
+  global:
+	dane_strerror;
+	dane_state_init;
+	dane_state_deinit;
+	dane_query_tlsa;
+	dane_query_status;
+	dane_query_entries;
+	dane_query_data;
+	dane_query_to_raw_tlsa;
+	dane_query_deinit;
+	dane_verify_session_crt;
+	dane_verify_crt;
+        dane_cert_type_name;
+	dane_match_type_name;
+	dane_cert_usage_name;
+	dane_verification_status_print;
+	dane_state_set_dlv_file;
+	dane_verify_crt_raw;
+	dane_raw_tlsa;
+  local:
+    *;
+};
+